diff --git a/3rdparty/libjpeg-turbo_2_1_0/.gitattributes b/3rdparty/libjpeg-turbo_2_1_0/.gitattributes
deleted file mode 100644
index 6c9660a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/.gitattributes
+++ /dev/null
@@ -1,4 +0,0 @@
-/appveyor.yml export-ignore
-/.gitattributes export-ignore
-/.github export-ignore
-*.ppm binary
diff --git a/3rdparty/libjpeg-turbo_2_1_0/BUILDING.md b/3rdparty/libjpeg-turbo_2_1_0/BUILDING.md
deleted file mode 100644
index f91abcd..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/BUILDING.md
+++ /dev/null
@@ -1,716 +0,0 @@
-Building libjpeg-turbo
-======================
-
-
-Build Requirements
-------------------
-
-
-### All Systems
-
-- [CMake](http://www.cmake.org) v2.8.12 or later
-
-- [NASM](http://www.nasm.us) or [YASM](http://yasm.tortall.net)
-  (if building x86 or x86-64 SIMD extensions)
-  * If using NASM, 2.13 or later is required.
-  * If using YASM, 1.2.0 or later is required.
-  * If building on macOS, NASM or YASM can be obtained from
-    [MacPorts](http://www.macports.org/) or [Homebrew](http://brew.sh/).
-     - NOTE: Currently, if it is desirable to hide the SIMD function symbols in
-       Mac executables or shared libraries that statically link with
-       libjpeg-turbo, then NASM 2.14 or later or YASM must be used when
-       building libjpeg-turbo.
-  * If building on Windows, **nasm.exe**/**yasm.exe** should be in your `PATH`.
-  * NASM and YASM are located in the CRB (Code Ready Builder) repository on
-    Red Hat Enterprise Linux 8 and in the PowerTools repository on CentOS 8,
-    which is not enabled by default.
-
-  The binary RPMs released by the NASM project do not work on older Linux
-  systems, such as Red Hat Enterprise Linux 5.  On such systems, you can easily
-  build and install NASM from a source RPM by downloading one of the SRPMs from
-
-  <http://www.nasm.us/pub/nasm/releasebuilds>
-
-  and executing the following as root:
-
-        ARCH=`uname -m`
-        rpmbuild --rebuild nasm-{version}.src.rpm
-        rpm -Uvh /usr/src/redhat/RPMS/$ARCH/nasm-{version}.$ARCH.rpm
-
-  NOTE: the NASM build will fail if texinfo is not installed.
-
-
-### Un*x Platforms (including Linux, Mac, FreeBSD, Solaris, and Cygwin)
-
-- GCC v4.1 (or later) or Clang recommended for best performance
-
-- If building the TurboJPEG Java wrapper, JDK or OpenJDK 1.5 or later is
-  required.  Most modern Linux distributions, as well as Solaris 10 and later,
-  include JDK or OpenJDK.  For other systems, you can obtain the Oracle Java
-  Development Kit from
-  <http://www.oracle.com/technetwork/java/javase/downloads>.
-
-  * If using JDK 11 or later, CMake 3.10.x or later must also be used.
-
-### Windows
-
-- Microsoft Visual C++ 2005 or later
-
-  If you don't already have Visual C++, then the easiest way to get it is by
-  installing
-  [Visual Studio Community Edition](https://visualstudio.microsoft.com),
-  which includes everything necessary to build libjpeg-turbo.
-
-  * You can also download and install the standalone Windows SDK (for Windows 7
-    or later), which includes command-line versions of the 32-bit and 64-bit
-    Visual C++ compilers.
-  * If you intend to build libjpeg-turbo from the command line, then add the
-    appropriate compiler and SDK directories to the `INCLUDE`, `LIB`, and
-    `PATH` environment variables.  This is generally accomplished by
-    executing `vcvars32.bat` or `vcvars64.bat`, which are located in the same
-    directory as the compiler.
-  * If built with Visual C++ 2015 or later, the libjpeg-turbo static libraries
-    cannot be used with earlier versions of Visual C++, and vice versa.
-  * The libjpeg API DLL (**jpeg{version}.dll**) will depend on the C run-time
-    DLLs corresponding to the version of Visual C++ that was used to build it.
-
-   ... OR ...
-
-- MinGW
-
-  [MSYS2](http://msys2.github.io/) or [tdm-gcc](http://tdm-gcc.tdragon.net/)
-  recommended if building on a Windows machine.  Both distributions install a
-  Start Menu link that can be used to launch a command prompt with the
-  appropriate compiler paths automatically set.
-
-- If building the TurboJPEG Java wrapper, JDK 1.5 or later is required.  This
-  can be downloaded from
-  <http://www.oracle.com/technetwork/java/javase/downloads>.
-
-  * If using JDK 11 or later, CMake 3.10.x or later must also be used.
-
-
-Out-of-Tree Builds
-------------------
-
-Binary objects, libraries, and executables are generated in the directory from
-which CMake is executed (the "binary directory"), and this directory need not
-necessarily be the same as the libjpeg-turbo source directory.  You can create
-multiple independent binary directories, in which different versions of
-libjpeg-turbo can be built from the same source tree using different compilers
-or settings.  In the sections below, *{build_directory}* refers to the binary
-directory, whereas *{source_directory}* refers to the libjpeg-turbo source
-directory.  For in-tree builds, these directories are the same.
-
-
-Ninja
------
-
-In all of the procedures and recipes below, replace `make` with `ninja` and
-`Unix Makefiles` with `Ninja` if using Ninja.
-
-
-Build Procedure
----------------
-
-NOTE: The build procedures below assume that CMake is invoked from the command
-line, but all of these procedures can be adapted to the CMake GUI as
-well.
-
-
-### Un*x
-
-The following procedure will build libjpeg-turbo on Unix and Unix-like systems.
-(On Solaris, this generates a 32-bit build.  See "Build Recipes" below for
-64-bit build instructions.)
-
-    cd {build_directory}
-    cmake -G"Unix Makefiles" [additional CMake flags] {source_directory}
-    make
-
-This will generate the following files under *{build_directory}*:
-
-**libjpeg.a**<br>
-Static link library for the libjpeg API
-
-**libjpeg.so.{version}** (Linux, Unix)<br>
-**libjpeg.{version}.dylib** (Mac)<br>
-**cygjpeg-{version}.dll** (Cygwin)<br>
-Shared library for the libjpeg API
-
-By default, *{version}* is 62.2.0, 7.2.0, or 8.1.2, depending on whether
-libjpeg v6b (default), v7, or v8 emulation is enabled.  If using Cygwin,
-*{version}* is 62, 7, or 8.
-
-**libjpeg.so** (Linux, Unix)<br>
-**libjpeg.dylib** (Mac)<br>
-Development symlink for the libjpeg API
-
-**libjpeg.dll.a** (Cygwin)<br>
-Import library for the libjpeg API
-
-**libturbojpeg.a**<br>
-Static link library for the TurboJPEG API
-
-**libturbojpeg.so.0.2.0** (Linux, Unix)<br>
-**libturbojpeg.0.2.0.dylib** (Mac)<br>
-**cygturbojpeg-0.dll** (Cygwin)<br>
-Shared library for the TurboJPEG API
-
-**libturbojpeg.so** (Linux, Unix)<br>
-**libturbojpeg.dylib** (Mac)<br>
-Development symlink for the TurboJPEG API
-
-**libturbojpeg.dll.a** (Cygwin)<br>
-Import library for the TurboJPEG API
-
-
-### Visual C++ (Command Line)
-
-    cd {build_directory}
-    cmake -G"NMake Makefiles" -DCMAKE_BUILD_TYPE=Release [additional CMake flags] {source_directory}
-    nmake
-
-This will build either a 32-bit or a 64-bit version of libjpeg-turbo, depending
-on which version of **cl.exe** is in the `PATH`.
-
-The following files will be generated under *{build_directory}*:
-
-**jpeg-static.lib**<br>
-Static link library for the libjpeg API
-
-**jpeg{version}.dll**<br>
-DLL for the libjpeg API
-
-**jpeg.lib**<br>
-Import library for the libjpeg API
-
-**turbojpeg-static.lib**<br>
-Static link library for the TurboJPEG API
-
-**turbojpeg.dll**<br>
-DLL for the TurboJPEG API
-
-**turbojpeg.lib**<br>
-Import library for the TurboJPEG API
-
-*{version}* is 62, 7, or 8, depending on whether libjpeg v6b (default), v7, or
-v8 emulation is enabled.
-
-
-### Visual C++ (IDE)
-
-Choose the appropriate CMake generator option for your version of Visual Studio
-(run `cmake` with no arguments for a list of available generators.)  For
-instance:
-
-    cd {build_directory}
-    cmake -G"Visual Studio 10" [additional CMake flags] {source_directory}
-
-NOTE: Add "Win64" to the generator name (for example, "Visual Studio 10 Win64")
-to build a 64-bit version of libjpeg-turbo.  A separate build directory must be
-used for 32-bit and 64-bit builds.
-
-You can then open **ALL_BUILD.vcproj** in Visual Studio and build one of the
-configurations in that project ("Debug", "Release", etc.) to generate a full
-build of libjpeg-turbo.
-
-This will generate the following files under *{build_directory}*:
-
-**{configuration}/jpeg-static.lib**<br>
-Static link library for the libjpeg API
-
-**{configuration}/jpeg{version}.dll**<br>
-DLL for the libjpeg API
-
-**{configuration}/jpeg.lib**<br>
-Import library for the libjpeg API
-
-**{configuration}/turbojpeg-static.lib**<br>
-Static link library for the TurboJPEG API
-
-**{configuration}/turbojpeg.dll**<br>
-DLL for the TurboJPEG API
-
-**{configuration}/turbojpeg.lib**<br>
-Import library for the TurboJPEG API
-
-*{configuration}* is Debug, Release, RelWithDebInfo, or MinSizeRel, depending
-on the configuration you built in the IDE, and *{version}* is 62, 7, or 8,
-depending on whether libjpeg v6b (default), v7, or v8 emulation is enabled.
-
-
-### MinGW
-
-NOTE: This assumes that you are building on a Windows machine using the MSYS
-environment.  If you are cross-compiling on a Un*x platform (including Mac and
-Cygwin), then see "Build Recipes" below.
-
-    cd {build_directory}
-    cmake -G"MSYS Makefiles" [additional CMake flags] {source_directory}
-    make
-
-This will generate the following files under *{build_directory}*:
-
-**libjpeg.a**<br>
-Static link library for the libjpeg API
-
-**libjpeg-{version}.dll**<br>
-DLL for the libjpeg API
-
-**libjpeg.dll.a**<br>
-Import library for the libjpeg API
-
-**libturbojpeg.a**<br>
-Static link library for the TurboJPEG API
-
-**libturbojpeg.dll**<br>
-DLL for the TurboJPEG API
-
-**libturbojpeg.dll.a**<br>
-Import library for the TurboJPEG API
-
-*{version}* is 62, 7, or 8, depending on whether libjpeg v6b (default), v7, or
-v8 emulation is enabled.
-
-
-### Debug Build
-
-Add `-DCMAKE_BUILD_TYPE=Debug` to the CMake command line.  Or, if building
-with NMake, remove `-DCMAKE_BUILD_TYPE=Release` (Debug builds are the default
-with NMake.)
-
-
-### libjpeg v7 or v8 API/ABI Emulation
-
-Add `-DWITH_JPEG7=1` to the CMake command line to build a version of
-libjpeg-turbo that is API/ABI-compatible with libjpeg v7.  Add `-DWITH_JPEG8=1`
-to the CMake command line to build a version of libjpeg-turbo that is
-API/ABI-compatible with libjpeg v8.  See [README.md](README.md) for more
-information about libjpeg v7 and v8 emulation.
-
-
-### In-Memory Source/Destination Managers
-
-When using libjpeg v6b or v7 API/ABI emulation, add `-DWITH_MEM_SRCDST=0` to
-the CMake command line to build a version of libjpeg-turbo that lacks the
-`jpeg_mem_src()` and `jpeg_mem_dest()` functions.  These functions were not
-part of the original libjpeg v6b and v7 APIs, so removing them ensures strict
-conformance with those APIs.  See [README.md](README.md) for more information.
-
-
-### Arithmetic Coding Support
-
-Since the patent on arithmetic coding has expired, this functionality has been
-included in this release of libjpeg-turbo.  libjpeg-turbo's implementation is
-based on the implementation in libjpeg v8, but it works when emulating libjpeg
-v7 or v6b as well.  The default is to enable both arithmetic encoding and
-decoding, but those who have philosophical objections to arithmetic coding can
-add `-DWITH_ARITH_ENC=0` or `-DWITH_ARITH_DEC=0` to the CMake command line to
-disable encoding or decoding (respectively.)
-
-
-### TurboJPEG Java Wrapper
-
-Add `-DWITH_JAVA=1` to the CMake command line to incorporate an optional Java
-Native Interface (JNI) wrapper into the TurboJPEG shared library and build the
-Java front-end classes to support it.  This allows the TurboJPEG shared library
-to be used directly from Java applications.  See [java/README](java/README) for
-more details.
-
-If Java is not in your `PATH`, or if you wish to use an alternate JDK to
-build/test libjpeg-turbo, then (prior to running CMake) set the `JAVA_HOME`
-environment variable to the location of the JDK that you wish to use.  The
-`Java_JAVAC_EXECUTABLE`, `Java_JAVA_EXECUTABLE`, and `Java_JAR_EXECUTABLE`
-CMake variables can also be used to specify alternate commands or locations for
-javac, jar, and java (respectively.)  You can also set the
-`CMAKE_JAVA_COMPILE_FLAGS` CMake variable or the `JAVAFLAGS` environment
-variable to specify arguments that should be passed to the Java compiler when
-building the TurboJPEG classes, and the `JAVAARGS` CMake variable to specify
-arguments that should be passed to the JRE when running the TurboJPEG Java unit
-tests.
-
-
-Build Recipes
--------------
-
-
-### 32-bit Build on 64-bit Linux/Unix
-
-Use export/setenv to set the following environment variables before running
-CMake:
-
-    CFLAGS=-m32
-    LDFLAGS=-m32
-
-
-### 64-bit Build on Solaris
-
-Use export/setenv to set the following environment variables before running
-CMake:
-
-    CFLAGS=-m64
-    LDFLAGS=-m64
-
-
-### Other Compilers
-
-On Un*x systems, prior to running CMake, you can set the `CC` environment
-variable to the command used to invoke the C compiler.
-
-
-### 32-bit MinGW Build on Un*x (including Mac and Cygwin)
-
-Create a file called **toolchain.cmake** under *{build_directory}*, with the
-following contents:
-
-    set(CMAKE_SYSTEM_NAME Windows)
-    set(CMAKE_SYSTEM_PROCESSOR X86)
-    set(CMAKE_C_COMPILER {mingw_binary_path}/i686-w64-mingw32-gcc)
-    set(CMAKE_RC_COMPILER {mingw_binary_path}/i686-w64-mingw32-windres)
-
-*{mingw\_binary\_path}* is the directory under which the MinGW binaries are
-located (usually **/usr/bin**.)  Next, execute the following commands:
-
-    cd {build_directory}
-    cmake -G"Unix Makefiles" -DCMAKE_TOOLCHAIN_FILE=toolchain.cmake \
-      [additional CMake flags] {source_directory}
-    make
-
-
-### 64-bit MinGW Build on Un*x (including Mac and Cygwin)
-
-Create a file called **toolchain.cmake** under *{build_directory}*, with the
-following contents:
-
-    set(CMAKE_SYSTEM_NAME Windows)
-    set(CMAKE_SYSTEM_PROCESSOR AMD64)
-    set(CMAKE_C_COMPILER {mingw_binary_path}/x86_64-w64-mingw32-gcc)
-    set(CMAKE_RC_COMPILER {mingw_binary_path}/x86_64-w64-mingw32-windres)
-
-*{mingw\_binary\_path}* is the directory under which the MinGW binaries are
-located (usually **/usr/bin**.)  Next, execute the following commands:
-
-    cd {build_directory}
-    cmake -G"Unix Makefiles" -DCMAKE_TOOLCHAIN_FILE=toolchain.cmake \
-      [additional CMake flags] {source_directory}
-    make
-
-
-Building libjpeg-turbo for iOS
-------------------------------
-
-iOS platforms, such as the iPhone and iPad, use Arm processors, and all
-currently supported models include Neon instructions.  Thus, they can take
-advantage of libjpeg-turbo's SIMD extensions to significantly accelerate JPEG
-compression/decompression.  This section describes how to build libjpeg-turbo
-for these platforms.
-
-
-### Armv8 (64-bit)
-
-**Xcode 5 or later required, Xcode 6.3.x or later recommended**
-
-The following script demonstrates how to build libjpeg-turbo to run on the
-iPhone 5S/iPad Mini 2/iPad Air and newer.
-
-    IOS_PLATFORMDIR=/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform
-    IOS_SYSROOT=($IOS_PLATFORMDIR/Developer/SDKs/iPhoneOS*.sdk)
-    export CFLAGS="-Wall -arch arm64 -miphoneos-version-min=8.0 -funwind-tables"
-
-    cd {build_directory}
-
-    cat <<EOF >toolchain.cmake
-    set(CMAKE_SYSTEM_NAME Darwin)
-    set(CMAKE_SYSTEM_PROCESSOR aarch64)
-    set(CMAKE_C_COMPILER /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/clang)
-    EOF
-
-    cmake -G"Unix Makefiles" -DCMAKE_TOOLCHAIN_FILE=toolchain.cmake \
-      -DCMAKE_OSX_SYSROOT=${IOS_SYSROOT[0]} \
-      [additional CMake flags] {source_directory}
-    make
-
-
-Building libjpeg-turbo for Android
-----------------------------------
-
-Building libjpeg-turbo for Android platforms requires v13b or later of the
-[Android NDK](https://developer.android.com/tools/sdk/ndk).
-
-
-### Armv7 (32-bit)
-
-**NDK r19 or later with Clang recommended**
-
-The following is a general recipe script that can be modified for your specific
-needs.
-
-    # Set these variables to suit your needs
-    NDK_PATH={full path to the NDK directory-- for example,
-      /opt/android/android-ndk-r16b}
-    TOOLCHAIN={"gcc" or "clang"-- "gcc" must be used with NDK r16b and earlier,
-      and "clang" must be used with NDK r17c and later}
-    ANDROID_VERSION={the minimum version of Android to support-- for example,
-      "16", "19", etc.}
-
-    cd {build_directory}
-    cmake -G"Unix Makefiles" \
-      -DANDROID_ABI=armeabi-v7a \
-      -DANDROID_ARM_MODE=arm \
-      -DANDROID_PLATFORM=android-${ANDROID_VERSION} \
-      -DANDROID_TOOLCHAIN=${TOOLCHAIN} \
-      -DCMAKE_ASM_FLAGS="--target=arm-linux-androideabi${ANDROID_VERSION}" \
-      -DCMAKE_TOOLCHAIN_FILE=${NDK_PATH}/build/cmake/android.toolchain.cmake \
-      [additional CMake flags] {source_directory}
-    make
-
-
-### Armv8 (64-bit)
-
-**Clang recommended**
-
-The following is a general recipe script that can be modified for your specific
-needs.
-
-    # Set these variables to suit your needs
-    NDK_PATH={full path to the NDK directory-- for example,
-      /opt/android/android-ndk-r16b}
-    TOOLCHAIN={"gcc" or "clang"-- "gcc" must be used with NDK r14b and earlier,
-      and "clang" must be used with NDK r17c and later}
-    ANDROID_VERSION={the minimum version of Android to support.  "21" or later
-      is required for a 64-bit build.}
-
-    cd {build_directory}
-    cmake -G"Unix Makefiles" \
-      -DANDROID_ABI=arm64-v8a \
-      -DANDROID_ARM_MODE=arm \
-      -DANDROID_PLATFORM=android-${ANDROID_VERSION} \
-      -DANDROID_TOOLCHAIN=${TOOLCHAIN} \
-      -DCMAKE_ASM_FLAGS="--target=aarch64-linux-android${ANDROID_VERSION}" \
-      -DCMAKE_TOOLCHAIN_FILE=${NDK_PATH}/build/cmake/android.toolchain.cmake \
-      [additional CMake flags] {source_directory}
-    make
-
-
-### x86 (32-bit)
-
-The following is a general recipe script that can be modified for your specific
-needs.
-
-    # Set these variables to suit your needs
-    NDK_PATH={full path to the NDK directory-- for example,
-      /opt/android/android-ndk-r16b}
-    TOOLCHAIN={"gcc" or "clang"-- "gcc" must be used with NDK r14b and earlier,
-      and "clang" must be used with NDK r17c and later}
-    ANDROID_VERSION={The minimum version of Android to support-- for example,
-      "16", "19", etc.}
-
-    cd {build_directory}
-    cmake -G"Unix Makefiles" \
-      -DANDROID_ABI=x86 \
-      -DANDROID_PLATFORM=android-${ANDROID_VERSION} \
-      -DANDROID_TOOLCHAIN=${TOOLCHAIN} \
-      -DCMAKE_TOOLCHAIN_FILE=${NDK_PATH}/build/cmake/android.toolchain.cmake \
-      [additional CMake flags] {source_directory}
-    make
-
-
-### x86-64 (64-bit)
-
-The following is a general recipe script that can be modified for your specific
-needs.
-
-    # Set these variables to suit your needs
-    NDK_PATH={full path to the NDK directory-- for example,
-      /opt/android/android-ndk-r16b}
-    TOOLCHAIN={"gcc" or "clang"-- "gcc" must be used with NDK r14b and earlier,
-      and "clang" must be used with NDK r17c and later}
-    ANDROID_VERSION={the minimum version of Android to support.  "21" or later
-      is required for a 64-bit build.}
-
-    cd {build_directory}
-    cmake -G"Unix Makefiles" \
-      -DANDROID_ABI=x86_64 \
-      -DANDROID_PLATFORM=android-${ANDROID_VERSION} \
-      -DANDROID_TOOLCHAIN=${TOOLCHAIN} \
-      -DCMAKE_TOOLCHAIN_FILE=${NDK_PATH}/build/cmake/android.toolchain.cmake \
-      [additional CMake flags] {source_directory}
-    make
-
-
-Advanced CMake Options
-----------------------
-
-To list and configure other CMake options not specifically mentioned in this
-guide, run
-
-    ccmake {source_directory}
-
-or
-
-    cmake-gui {source_directory}
-
-from the build directory after initially configuring the build.  CCMake is a
-text-based interactive version of CMake, and CMake-GUI is a GUI version.  Both
-will display all variables that are relevant to the libjpeg-turbo build, their
-current values, and a help string describing what they do.
-
-
-Installing libjpeg-turbo
-========================
-
-You can use the build system to install libjpeg-turbo (as opposed to creating
-an installer package.)  To do this, run `make install` or `nmake install`
-(or build the "install" target in the Visual Studio IDE.)  Running
-`make uninstall` or `nmake uninstall` (or building the "uninstall" target in
-the Visual Studio IDE) will uninstall libjpeg-turbo.
-
-The `CMAKE_INSTALL_PREFIX` CMake variable can be modified in order to install
-libjpeg-turbo into a directory of your choosing.  If you don't specify
-`CMAKE_INSTALL_PREFIX`, then the default is:
-
-**c:\libjpeg-turbo**<br>
-Visual Studio 32-bit build
-
-**c:\libjpeg-turbo64**<br>
-Visual Studio 64-bit build
-
-**c:\libjpeg-turbo-gcc**<br>
-MinGW 32-bit build
-
-**c:\libjpeg-turbo-gcc64**<br>
-MinGW 64-bit build
-
-**/opt/libjpeg-turbo**<br>
-Un*x
-
-The default value of `CMAKE_INSTALL_PREFIX` causes the libjpeg-turbo files to
-be installed with a directory structure resembling that of the official
-libjpeg-turbo binary packages.  Changing the value of `CMAKE_INSTALL_PREFIX`
-(for instance, to **/usr/local**) causes the libjpeg-turbo files to be
-installed with a directory structure that conforms to GNU standards.
-
-The `CMAKE_INSTALL_BINDIR`, `CMAKE_INSTALL_DATAROOTDIR`,
-`CMAKE_INSTALL_DOCDIR`, `CMAKE_INSTALL_INCLUDEDIR`, `CMAKE_INSTALL_JAVADIR`,
-`CMAKE_INSTALL_LIBDIR`, and `CMAKE_INSTALL_MANDIR` CMake variables allow a
-finer degree of control over where specific files in the libjpeg-turbo
-distribution should be installed.  These directory variables can either be
-specified as absolute paths or as paths relative to `CMAKE_INSTALL_PREFIX` (for
-instance, setting `CMAKE_INSTALL_DOCDIR` to **doc** would cause the
-documentation to be installed in **${CMAKE\_INSTALL\_PREFIX}/doc**.)  If a
-directory variable contains the name of another directory variable in angle
-brackets, then its final value will depend on the final value of that other
-variable.  For instance, the default value of `CMAKE_INSTALL_MANDIR` is
-**\<CMAKE\_INSTALL\_DATAROOTDIR\>/man**.
-
-NOTE: If setting one of these directory variables to a relative path using the
-CMake command line, you must specify that the variable is of type `PATH`.
-For example:
-
-    cmake -G"{generator type}" -DCMAKE_INSTALL_LIBDIR:PATH=lib {source_directory}
-
-Otherwise, CMake will assume that the path is relative to the build directory
-rather than the install directory.
-
-
-Creating Distribution Packages
-==============================
-
-The following commands can be used to create various types of distribution
-packages:
-
-
-Linux
------
-
-    make rpm
-
-Create Red Hat-style binary RPM package.  Requires RPM v4 or later.
-
-    make srpm
-
-This runs `make dist` to create a pristine source tarball, then creates a
-Red Hat-style source RPM package from the tarball.  Requires RPM v4 or later.
-
-    make deb
-
-Create Debian-style binary package.  Requires dpkg.
-
-
-Mac
----
-
-    make dmg
-
-Create Mac package/disk image.  This requires pkgbuild and productbuild, which
-are installed by default on OS X/macOS 10.7 and later.
-
-In order to create a Mac package/disk image that contains universal
-x86-64/Arm binaries, set the following CMake variable:
-
-* `ARMV8_BUILD`: Directory containing an Armv8 (64-bit) iOS or macOS build of
-  libjpeg-turbo to include in the universal binaries
-
-You should first use CMake to configure an Armv8 sub-build of libjpeg-turbo
-(see "Building libjpeg-turbo for iOS" above, if applicable) in a build
-directory that matches the one specified in the aforementioned CMake variable.
-Next, configure the primary (x86-64) build of libjpeg-turbo as an out-of-tree
-build, specifying the aforementioned CMake variable, and build it.  Once the
-primary build has been built, run `make dmg` from the build directory.  The
-packaging system will build the sub-build, use lipo to combine it with the
-primary build into a single set of universal binaries, then package the
-universal binaries.
-
-
-Windows
--------
-
-If using NMake:
-
-    cd {build_directory}
-    nmake installer
-
-If using MinGW:
-
-    cd {build_directory}
-    make installer
-
-If using the Visual Studio IDE, build the "installer" target.
-
-The installer package (libjpeg-turbo-*{version}*[-gcc|-vc][64].exe) will be
-located under *{build_directory}*.  If building using the Visual Studio IDE,
-then the installer package will be located in a subdirectory with the same name
-as the configuration you built (such as *{build_directory}*\Debug\ or
-*{build_directory}*\Release\).
-
-Building a Windows installer requires the
-[Nullsoft Install System](http://nsis.sourceforge.net/).  makensis.exe should
-be in your `PATH`.
-
-
-Regression testing
-==================
-
-The most common way to test libjpeg-turbo is by invoking `make test` (Un*x) or
-`nmake test` (Windows command line) or by building the "RUN_TESTS" target
-(Visual Studio IDE), once the build has completed.  This runs a series of tests
-to ensure that mathematical compatibility has been maintained between
-libjpeg-turbo and libjpeg v6b.  This also invokes the TurboJPEG unit tests,
-which ensure that the colorspace extensions, YUV encoding, decompression
-scaling, and other features of the TurboJPEG C and Java APIs are working
-properly (and, by extension, that the equivalent features of the underlying
-libjpeg API are also working.)
-
-Invoking `make testclean` (Un*x) or `nmake testclean` (Windows command line) or
-building the "testclean" target (Visual Studio IDE) will clean up the output
-images generated by the tests.
-
-On Un*x platforms, more extensive tests of the TurboJPEG C and Java wrappers
-can be run by invoking `make tjtest`.  These extended TurboJPEG tests
-essentially iterate through all of the available features of the TurboJPEG APIs
-that are not covered by the TurboJPEG unit tests (including the lossless
-transform options) and compare the images generated by each feature to images
-generated using the equivalent feature in the libjpeg API.  The extended
-TurboJPEG tests are meant to test for regressions in the TurboJPEG wrappers,
-not in the underlying libjpeg API library.
diff --git a/3rdparty/libjpeg-turbo_2_1_0/CMakeLists.txt b/3rdparty/libjpeg-turbo_2_1_0/CMakeLists.txt
deleted file mode 100644
index 10a198f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/CMakeLists.txt
+++ /dev/null
@@ -1,1524 +0,0 @@
-cmake_minimum_required(VERSION 2.8.12)
-
-if(CMAKE_EXECUTABLE_SUFFIX)
-  set(CMAKE_EXECUTABLE_SUFFIX_TMP ${CMAKE_EXECUTABLE_SUFFIX})
-endif()
-
-project(libjpeg-turbo C)
-set(VERSION 2.1.0)
-string(REPLACE "." ";" VERSION_TRIPLET ${VERSION})
-list(GET VERSION_TRIPLET 0 VERSION_MAJOR)
-list(GET VERSION_TRIPLET 1 VERSION_MINOR)
-list(GET VERSION_TRIPLET 2 VERSION_REVISION)
-function(pad_number NUMBER OUTPUT_LEN)
-  string(LENGTH "${${NUMBER}}" INPUT_LEN)
-  if(INPUT_LEN LESS OUTPUT_LEN)
-    math(EXPR ZEROES "${OUTPUT_LEN} - ${INPUT_LEN} - 1")
-    set(NUM ${${NUMBER}})
-    foreach(C RANGE ${ZEROES})
-      set(NUM "0${NUM}")
-    endforeach()
-    set(${NUMBER} ${NUM} PARENT_SCOPE)
-  endif()
-endfunction()
-pad_number(VERSION_MINOR 3)
-pad_number(VERSION_REVISION 3)
-set(LIBJPEG_TURBO_VERSION_NUMBER ${VERSION_MAJOR}${VERSION_MINOR}${VERSION_REVISION})
-
-string(TIMESTAMP DEFAULT_BUILD "%Y%m%d")
-set(BUILD ${DEFAULT_BUILD} CACHE STRING "Build string (default: ${DEFAULT_BUILD})")
-
-# NOTE: On Windows, this does nothing except when using MinGW or Cygwin.
-# CMAKE_BUILD_TYPE has no meaning in Visual Studio, and it always defaults to
-# Debug when using NMake.
-if(NOT CMAKE_BUILD_TYPE)
-  set(CMAKE_BUILD_TYPE Release)
-endif()
-message(STATUS "CMAKE_BUILD_TYPE = ${CMAKE_BUILD_TYPE}")
-
-message(STATUS "VERSION = ${VERSION}, BUILD = ${BUILD}")
-
-# Detect CPU type and whether we're building 64-bit or 32-bit code
-math(EXPR BITS "${CMAKE_SIZEOF_VOID_P} * 8")
-string(TOLOWER ${CMAKE_SYSTEM_PROCESSOR} CMAKE_SYSTEM_PROCESSOR_LC)
-set(COUNT 1)
-foreach(ARCH ${CMAKE_OSX_ARCHITECTURES})
-  if(COUNT GREATER 1)
-    message(FATAL_ERROR "The libjpeg-turbo build system does not support multiple values in CMAKE_OSX_ARCHITECTURES.")
-  endif()
-  math(EXPR COUNT "${COUNT}+1")
-endforeach()
-if(CMAKE_SYSTEM_PROCESSOR_LC MATCHES "x86_64" OR
-  CMAKE_SYSTEM_PROCESSOR_LC MATCHES "amd64" OR
-  CMAKE_SYSTEM_PROCESSOR_LC MATCHES "i[0-9]86" OR
-  CMAKE_SYSTEM_PROCESSOR_LC MATCHES "x86" OR
-  CMAKE_SYSTEM_PROCESSOR_LC MATCHES "ia32")
-  if(BITS EQUAL 64 OR CMAKE_C_COMPILER_ABI MATCHES "ELF X32")
-    set(CPU_TYPE x86_64)
-  else()
-    set(CPU_TYPE i386)
-  endif()
-  if(NOT CMAKE_SYSTEM_PROCESSOR STREQUAL ${CPU_TYPE})
-    set(CMAKE_SYSTEM_PROCESSOR ${CPU_TYPE})
-  endif()
-elseif(CMAKE_SYSTEM_PROCESSOR_LC STREQUAL "aarch64" OR
-  CMAKE_SYSTEM_PROCESSOR_LC MATCHES "^arm")
-  if(BITS EQUAL 64)
-    set(CPU_TYPE arm64)
-  else()
-    set(CPU_TYPE arm)
-  endif()
-elseif(CMAKE_SYSTEM_PROCESSOR_LC MATCHES "^ppc" OR
-  CMAKE_SYSTEM_PROCESSOR_LC MATCHES "^powerpc")
-  set(CPU_TYPE powerpc)
-else()
-  set(CPU_TYPE ${CMAKE_SYSTEM_PROCESSOR_LC})
-endif()
-if(CMAKE_OSX_ARCHITECTURES MATCHES "x86_64" OR
-  CMAKE_OSX_ARCHITECTURES MATCHES "arm64" OR
-  CMAKE_OSX_ARCHITECTURES MATCHES "i386")
-  set(CPU_TYPE ${CMAKE_OSX_ARCHITECTURES})
-endif()
-if(CMAKE_OSX_ARCHITECTURES MATCHES "ppc")
-  set(CPU_TYPE powerpc)
-endif()
-if(MSVC_IDE AND CMAKE_GENERATOR_PLATFORM MATCHES "arm64")
-  set(CPU_TYPE arm64)
-endif()
-
-message(STATUS "${BITS}-bit build (${CPU_TYPE})")
-
-
-###############################################################################
-# INSTALL DIRECTORIES
-###############################################################################
-
-if(WIN32)
-  if(MSVC)
-    set(CMAKE_INSTALL_DEFAULT_PREFIX "c:/${CMAKE_PROJECT_NAME}")
-  else()
-    set(CMAKE_INSTALL_DEFAULT_PREFIX "c:/${CMAKE_PROJECT_NAME}-gcc")
-  endif()
-  if(BITS EQUAL 64)
-    set(CMAKE_INSTALL_DEFAULT_PREFIX "${CMAKE_INSTALL_DEFAULT_PREFIX}64")
-  endif()
-else()
-  if(NOT CMAKE_INSTALL_DEFAULT_PREFIX)
-    set(CMAKE_INSTALL_DEFAULT_PREFIX /opt/${CMAKE_PROJECT_NAME})
-  endif()
-endif()
-if(CMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT)
-  set(CMAKE_INSTALL_PREFIX "${CMAKE_INSTALL_DEFAULT_PREFIX}" CACHE PATH
-    "Directory into which to install ${CMAKE_PROJECT_NAME} (default: ${CMAKE_INSTALL_DEFAULT_PREFIX})"
-    FORCE)
-endif()
-message(STATUS "CMAKE_INSTALL_PREFIX = ${CMAKE_INSTALL_PREFIX}")
-
-# When the prefix is /opt/${CMAKE_PROJECT_NAME}, we assume that an "official"
-# build is being created, and thus we install things into specific locations.
-
-if(CMAKE_INSTALL_PREFIX STREQUAL "${CMAKE_INSTALL_DEFAULT_PREFIX}")
-  set(CMAKE_INSTALL_DEFAULT_DATAROOTDIR "")
-  set(CMAKE_INSTALL_DEFAULT_DOCDIR "<CMAKE_INSTALL_DATAROOTDIR>/doc")
-  set(CMAKE_INSTALL_DEFAULT_JAVADIR "<CMAKE_INSTALL_DATAROOTDIR>/classes")
-  if(UNIX AND NOT APPLE)
-    if(BITS EQUAL 64)
-      set(CMAKE_INSTALL_DEFAULT_LIBDIR "lib64")
-    elseif(CMAKE_C_COMPILER_ABI MATCHES "ELF X32")
-      set(CMAKE_INSTALL_DEFAULT_LIBDIR "libx32")
-    else()
-      set(CMAKE_INSTALL_DEFAULT_LIBDIR "lib32")
-    endif()
-  endif()
-endif()
-
-include(cmakescripts/GNUInstallDirs.cmake)
-
-macro(report_directory var)
-  if(CMAKE_INSTALL_${var} STREQUAL CMAKE_INSTALL_FULL_${var})
-    message(STATUS "CMAKE_INSTALL_${var} = ${CMAKE_INSTALL_${var}}")
-  else()
-    message(STATUS "CMAKE_INSTALL_${var} = ${CMAKE_INSTALL_${var}} (${CMAKE_INSTALL_FULL_${var}})")
-  endif()
-  mark_as_advanced(CLEAR CMAKE_INSTALL_${var})
-endmacro()
-
-set(DIRLIST "BINDIR;DATAROOTDIR;DOCDIR;INCLUDEDIR;LIBDIR")
-if(UNIX)
-  list(APPEND DIRLIST "MANDIR")
-endif()
-foreach(dir ${DIRLIST})
-  report_directory(${dir})
-endforeach()
-
-
-###############################################################################
-# CONFIGURATION OPTIONS
-###############################################################################
-
-macro(boolean_number var)
-  if(${var})
-    set(${var} 1 ${ARGN})
-  else()
-    set(${var} 0 ${ARGN})
-  endif()
-endmacro()
-
-option(ENABLE_SHARED "Build shared libraries" TRUE)
-boolean_number(ENABLE_SHARED)
-option(ENABLE_STATIC "Build static libraries" TRUE)
-boolean_number(ENABLE_STATIC)
-option(REQUIRE_SIMD "Generate a fatal error if SIMD extensions are not available for this platform (default is to fall back to a non-SIMD build)" FALSE)
-boolean_number(REQUIRE_SIMD)
-option(WITH_12BIT "Encode/decode JPEG images with 12-bit samples (implies WITH_ARITH_DEC=0 WITH_ARITH_ENC=0 WITH_JAVA=0 WITH_SIMD=0 WITH_TURBOJPEG=0 )" FALSE)
-boolean_number(WITH_12BIT)
-option(WITH_ARITH_DEC "Include arithmetic decoding support when emulating the libjpeg v6b API/ABI" TRUE)
-boolean_number(WITH_ARITH_DEC)
-option(WITH_ARITH_ENC "Include arithmetic encoding support when emulating the libjpeg v6b API/ABI" TRUE)
-boolean_number(WITH_ARITH_ENC)
-if(CMAKE_C_COMPILER_ABI MATCHES "ELF X32")
-  set(WITH_JAVA 0)
-else()
-  option(WITH_JAVA "Build Java wrapper for the TurboJPEG API library (implies ENABLE_SHARED=1)" FALSE)
-  boolean_number(WITH_JAVA)
-endif()
-option(WITH_JPEG7 "Emulate libjpeg v7 API/ABI (this makes ${CMAKE_PROJECT_NAME} backward-incompatible with libjpeg v6b)" FALSE)
-boolean_number(WITH_JPEG7)
-option(WITH_JPEG8 "Emulate libjpeg v8 API/ABI (this makes ${CMAKE_PROJECT_NAME} backward-incompatible with libjpeg v6b)" FALSE)
-boolean_number(WITH_JPEG8)
-option(WITH_MEM_SRCDST "Include in-memory source/destination manager functions when emulating the libjpeg v6b or v7 API/ABI" TRUE)
-boolean_number(WITH_MEM_SRCDST)
-option(WITH_SIMD "Include SIMD extensions, if available for this platform" TRUE)
-boolean_number(WITH_SIMD)
-option(WITH_TURBOJPEG "Include the TurboJPEG API library and associated test programs" TRUE)
-boolean_number(WITH_TURBOJPEG)
-option(WITH_FUZZ "Build fuzz targets" FALSE)
-
-macro(report_option var desc)
-  if(${var})
-    message(STATUS "${desc} enabled (${var} = ${${var}})")
-  else()
-    message(STATUS "${desc} disabled (${var} = ${${var}})")
-  endif()
-endmacro()
-
-if(WITH_JAVA)
-  set(ENABLE_SHARED 1)
-endif()
-
-# Explicitly setting CMAKE_POSITION_INDEPENDENT_CODE=FALSE disables PIC for all
-# targets, which will cause the shared library builds to fail.  Thus, if shared
-# libraries are enabled and CMAKE_POSITION_INDEPENDENT_CODE is explicitly set
-# to FALSE, we need to unset it, thus restoring the default behavior
-# (automatically using PIC for shared library targets.)
-if(DEFINED CMAKE_POSITION_INDEPENDENT_CODE AND
-  NOT CMAKE_POSITION_INDEPENDENT_CODE AND ENABLE_SHARED)
-  unset(CMAKE_POSITION_INDEPENDENT_CODE CACHE)
-endif()
-
-report_option(ENABLE_SHARED "Shared libraries")
-report_option(ENABLE_STATIC "Static libraries")
-
-if(ENABLE_SHARED)
-  set(CMAKE_INSTALL_RPATH ${CMAKE_INSTALL_FULL_LIBDIR})
-endif()
-
-if(WITH_JPEG8 OR WITH_JPEG7)
-  set(WITH_ARITH_ENC 1)
-  set(WITH_ARITH_DEC 1)
-endif()
-if(WITH_JPEG8)
-  set(WITH_MEM_SRCDST 0)
-endif()
-
-if(WITH_12BIT)
-  set(WITH_ARITH_DEC 0)
-  set(WITH_ARITH_ENC 0)
-  set(WITH_JAVA 0)
-  set(WITH_SIMD 0)
-  set(WITH_TURBOJPEG 0)
-  set(BITS_IN_JSAMPLE 12)
-else()
-  set(BITS_IN_JSAMPLE 8)
-endif()
-report_option(WITH_12BIT "12-bit JPEG support")
-
-if(WITH_ARITH_DEC)
-  set(D_ARITH_CODING_SUPPORTED 1)
-endif()
-if(NOT WITH_12BIT)
-  report_option(WITH_ARITH_DEC "Arithmetic decoding support")
-endif()
-
-if(WITH_ARITH_ENC)
-  set(C_ARITH_CODING_SUPPORTED 1)
-endif()
-if(NOT WITH_12BIT)
-  report_option(WITH_ARITH_ENC "Arithmetic encoding support")
-endif()
-
-if(NOT WITH_12BIT)
-  report_option(WITH_TURBOJPEG "TurboJPEG API library")
-  report_option(WITH_JAVA "TurboJPEG Java wrapper")
-endif()
-
-if(WITH_MEM_SRCDST)
-  set(MEM_SRCDST_SUPPORTED 1)
-  set(MEM_SRCDST_FUNCTIONS "global:  jpeg_mem_dest;  jpeg_mem_src;")
-endif()
-if(NOT WITH_JPEG8)
-  report_option(WITH_MEM_SRCDST "In-memory source/destination managers")
-endif()
-
-set(SO_AGE 2)
-if(WITH_MEM_SRCDST)
-  set(SO_AGE 3)
-endif()
-
-if(WITH_JPEG8)
-  set(JPEG_LIB_VERSION 80)
-elseif(WITH_JPEG7)
-  set(JPEG_LIB_VERSION 70)
-else()
-  set(JPEG_LIB_VERSION 62)
-endif()
-
-math(EXPR JPEG_LIB_VERSION_DIV10 "${JPEG_LIB_VERSION} / 10")
-math(EXPR JPEG_LIB_VERSION_MOD10 "${JPEG_LIB_VERSION} % 10")
-if(JPEG_LIB_VERSION STREQUAL "62")
-  set(DEFAULT_SO_MAJOR_VERSION ${JPEG_LIB_VERSION})
-else()
-  set(DEFAULT_SO_MAJOR_VERSION ${JPEG_LIB_VERSION_DIV10})
-endif()
-if(JPEG_LIB_VERSION STREQUAL "80")
-  set(DEFAULT_SO_MINOR_VERSION 2)
-else()
-  set(DEFAULT_SO_MINOR_VERSION 0)
-endif()
-
-# This causes SO_MAJOR_VERSION/SO_MINOR_VERSION to reset to defaults if
-# WITH_JPEG7 or WITH_JPEG8 has changed.
-if((DEFINED WITH_JPEG7_INT AND NOT WITH_JPEG7 EQUAL WITH_JPEG7_INT) OR
-  (DEFINED WITH_JPEG8_INT AND NOT WITH_JPEG8 EQUAL WITH_JPEG8_INT))
-  set(FORCE_SO_VERSION "FORCE")
-endif()
-set(WITH_JPEG7_INT ${WITH_JPEG7} CACHE INTERNAL "")
-set(WITH_JPEG8_INT ${WITH_JPEG8} CACHE INTERNAL "")
-
-set(SO_MAJOR_VERSION ${DEFAULT_SO_MAJOR_VERSION} CACHE STRING
-  "Major version of the libjpeg API shared library (default: ${DEFAULT_SO_MAJOR_VERSION})"
-  ${FORCE_SO_VERSION})
-set(SO_MINOR_VERSION ${DEFAULT_SO_MINOR_VERSION} CACHE STRING
-  "Minor version of the libjpeg API shared library (default: ${DEFAULT_SO_MINOR_VERSION})"
-  ${FORCE_SO_VERSION})
-
-set(JPEG_LIB_VERSION_DECIMAL "${JPEG_LIB_VERSION_DIV10}.${JPEG_LIB_VERSION_MOD10}")
-message(STATUS "Emulating libjpeg API/ABI v${JPEG_LIB_VERSION_DECIMAL} (WITH_JPEG7 = ${WITH_JPEG7}, WITH_JPEG8 = ${WITH_JPEG8})")
-message(STATUS "libjpeg API shared library version = ${SO_MAJOR_VERSION}.${SO_AGE}.${SO_MINOR_VERSION}")
-
-# Because the TurboJPEG API library uses versioned symbols and changes the
-# names of functions whenever they are modified in a backward-incompatible
-# manner, it is always backward-ABI-compatible with itself, so the major and
-# minor SO versions don't change.  However, we increase the middle number (the
-# SO "age") whenever functions are added to the API.
-set(TURBOJPEG_SO_MAJOR_VERSION 0)
-set(TURBOJPEG_SO_VERSION 0.2.0)
-
-
-###############################################################################
-# COMPILER SETTINGS
-###############################################################################
-
-if(MSVC)
-  option(WITH_CRT_DLL
-    "Link all ${CMAKE_PROJECT_NAME} libraries and executables with the C run-time DLL (msvcr*.dll) instead of the static C run-time library (libcmt*.lib.)  The default is to use the C run-time DLL only with the libraries and executables that need it."
-    FALSE)
-  if(NOT WITH_CRT_DLL)
-    # Use the static C library for all build types
-    foreach(var CMAKE_C_FLAGS CMAKE_C_FLAGS_DEBUG CMAKE_C_FLAGS_RELEASE
-      CMAKE_C_FLAGS_MINSIZEREL CMAKE_C_FLAGS_RELWITHDEBINFO)
-      if(${var} MATCHES "/MD")
-        string(REGEX REPLACE "/MD" "/MT" ${var} "${${var}}")
-      endif()
-    endforeach()
-  endif()
-  set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3 /wd4996")
-endif()
-
-if(CMAKE_COMPILER_IS_GNUCC OR CMAKE_C_COMPILER_ID STREQUAL "Clang")
-  # Use the maximum optimization level for release builds
-  foreach(var CMAKE_C_FLAGS_RELEASE CMAKE_C_FLAGS_RELWITHDEBINFO)
-    if(${var} MATCHES "-O2")
-      string(REGEX REPLACE "-O2" "-O3" ${var} "${${var}}")
-    endif()
-  endforeach()
-endif()
-
-if(CMAKE_SYSTEM_NAME STREQUAL "SunOS")
-  if(CMAKE_C_COMPILER_ID MATCHES "SunPro")
-    # Use the maximum optimization level for release builds
-    foreach(var CMAKE_C_FLAGS_RELEASE CMAKE_C_FLAGS_RELWITHDEBINFO)
-      if(${var} MATCHES "-xO3")
-        string(REGEX REPLACE "-xO3" "-xO5" ${var} "${${var}}")
-      endif()
-      if(${var} MATCHES "-xO2")
-        string(REGEX REPLACE "-xO2" "-xO5" ${var} "${${var}}")
-      endif()
-    endforeach()
-  endif()
-endif()
-
-string(TOUPPER ${CMAKE_BUILD_TYPE} CMAKE_BUILD_TYPE_UC)
-
-set(EFFECTIVE_C_FLAGS "${CMAKE_C_FLAGS} ${CMAKE_C_FLAGS_${CMAKE_BUILD_TYPE_UC}}")
-message(STATUS "Compiler flags = ${EFFECTIVE_C_FLAGS}")
-
-set(EFFECTIVE_LD_FLAGS "${CMAKE_EXE_LINKER_FLAGS} ${CMAKE_EXE_LINKER_FLAGS_${CMAKE_BUILD_TYPE_UC}}")
-message(STATUS "Linker flags = ${EFFECTIVE_LD_FLAGS}")
-
-include(CheckCSourceCompiles)
-include(CheckIncludeFiles)
-include(CheckTypeSize)
-
-check_type_size("size_t" SIZE_T)
-check_type_size("unsigned long" UNSIGNED_LONG)
-
-if(SIZE_T EQUAL UNSIGNED_LONG)
-  check_c_source_compiles("int main(int argc, char **argv) { unsigned long a = argc;  return __builtin_ctzl(a); }"
-    HAVE_BUILTIN_CTZL)
-endif()
-if(MSVC)
-  check_include_files("intrin.h" HAVE_INTRIN_H)
-endif()
-
-if(UNIX)
-  # Check for headers
-  check_include_files(locale.h HAVE_LOCALE_H)
-  check_include_files(stddef.h HAVE_STDDEF_H)
-  check_include_files(stdlib.h HAVE_STDLIB_H)
-  check_include_files(sys/types.h NEED_SYS_TYPES_H)
-
-  # Check for functions
-  include(CheckSymbolExists)
-  check_symbol_exists(memset string.h HAVE_MEMSET)
-  check_symbol_exists(memcpy string.h HAVE_MEMCPY)
-  if(NOT HAVE_MEMSET AND NOT HAVE_MEMCPY)
-    set(NEED_BSD_STRINGS 1)
-  endif()
-
-  # Check for types
-  check_type_size("unsigned char" UNSIGNED_CHAR)
-  check_type_size("unsigned short" UNSIGNED_SHORT)
-
-  # Check for compiler features
-  check_c_source_compiles("int main(void) { typedef struct undefined_structure *undef_struct_ptr;  undef_struct_ptr ptr = 0;  return ptr != 0; }"
-    INCOMPLETE_TYPES)
-  if(INCOMPLETE_TYPES)
-    message(STATUS "Compiler supports pointers to undefined structures.")
-  else()
-    set(INCOMPLETE_TYPES_BROKEN 1)
-    message(STATUS "Compiler does not support pointers to undefined structures.")
-  endif()
-
-  if(CMAKE_CROSSCOMPILING)
-    set(RIGHT_SHIFT_IS_UNSIGNED 0)
-  else()
-    include(CheckCSourceRuns)
-    check_c_source_runs("
-      #include <stdio.h>
-      #include <stdlib.h>
-      int is_shifting_signed (long arg) {
-        long res = arg >> 4;
-        if (res == -0x7F7E80CL)
-          return 1; /* right shift is signed */
-        /* see if unsigned-shift hack will fix it. */
-        /* we can't just test exact value since it depends on width of long... */
-        res |= (~0L) << (32-4);
-        if (res == -0x7F7E80CL)
-          return 0; /* right shift is unsigned */
-        printf(\"Right shift isn't acting as I expect it to.\\\\n\");
-        printf(\"I fear the JPEG software will not work at all.\\\\n\\\\n\");
-        return 0; /* try it with unsigned anyway */
-      }
-      int main (void) {
-        exit(is_shifting_signed(-0x7F7E80B1L));
-      }" RIGHT_SHIFT_IS_UNSIGNED)
-  endif()
-endif()
-
-if(MSVC)
-  set(INLINE_OPTIONS "__inline;inline")
-else()
-  set(INLINE_OPTIONS "__inline__;inline")
-endif()
-option(FORCE_INLINE "Force function inlining" TRUE)
-boolean_number(FORCE_INLINE)
-if(FORCE_INLINE)
-  if(MSVC)
-    list(INSERT INLINE_OPTIONS 0 "__forceinline")
-  else()
-    list(INSERT INLINE_OPTIONS 0 "inline __attribute__((always_inline))")
-    list(INSERT INLINE_OPTIONS 0 "__inline__ __attribute__((always_inline))")
-  endif()
-endif()
-foreach(inline ${INLINE_OPTIONS})
-  check_c_source_compiles("${inline} static int foo(void) { return 0; } int main(void) { return foo(); }"
-    INLINE_WORKS)
-  if(INLINE_WORKS)
-    set(INLINE ${inline})
-    break()
-  endif()
-endforeach()
-if(NOT INLINE_WORKS)
-  message(FATAL_ERROR "Could not determine how to inline functions.")
-endif()
-message(STATUS "INLINE = ${INLINE} (FORCE_INLINE = ${FORCE_INLINE})")
-
-if(WITH_TURBOJPEG)
-  if(MSVC)
-    set(THREAD_LOCAL "__declspec(thread)")
-  else()
-    set(THREAD_LOCAL "__thread")
-  endif()
-  check_c_source_compiles("${THREAD_LOCAL} int i;  int main(void) { i = 0;  return i; }" HAVE_THREAD_LOCAL)
-  if(HAVE_THREAD_LOCAL)
-    message(STATUS "THREAD_LOCAL = ${THREAD_LOCAL}")
-  else()
-    message(WARNING "Thread-local storage is not available.  The TurboJPEG API library's global error handler will not be thread-safe.")
-    unset(THREAD_LOCAL)
-  endif()
-endif()
-
-if(UNIX AND NOT APPLE)
-  file(WRITE ${CMAKE_CURRENT_BINARY_DIR}/conftest.map "VERS_1 { global: *; };")
-  set(CMAKE_REQUIRED_FLAGS
-    "-Wl,--version-script,${CMAKE_CURRENT_BINARY_DIR}/conftest.map")
-  check_c_source_compiles("int main(void) { return 0; }" HAVE_VERSION_SCRIPT)
-  set(CMAKE_REQUIRED_FLAGS)
-  file(REMOVE ${CMAKE_CURRENT_BINARY_DIR}/conftest.map)
-  if(HAVE_VERSION_SCRIPT)
-    message(STATUS "Linker supports GNU-style version scripts")
-    set(MAPFLAG "-Wl,--version-script,")
-    set(TJMAPFLAG "-Wl,--version-script,")
-  else()
-    message(STATUS "Linker does not support GNU-style version scripts")
-    if(CMAKE_SYSTEM_NAME STREQUAL "SunOS")
-      # The Solaris linker doesn't like our version script for the libjpeg API
-      # library, but the version script for the TurboJPEG API library should
-      # still work.
-      file(WRITE ${CMAKE_CURRENT_BINARY_DIR}/conftest.map
-        "VERS_1 { global: foo;  local: *; }; VERS_2 { global: foo2; } VERS_1;")
-      set(CMAKE_REQUIRED_FLAGS "-Wl,-M,${CMAKE_CURRENT_BINARY_DIR}/conftest.map -shared")
-      check_c_source_compiles("int foo() { return 0; } int foo2() { return 2; }"
-        HAVE_MAPFILE)
-      set(CMAKE_REQUIRED_FLAGS)
-      file(REMOVE ${CMAKE_CURRENT_BINARY_DIR}/conftest.map)
-      if(HAVE_MAPFILE)
-        message(STATUS "Linker supports mapfiles")
-        set(TJMAPFLAG "-Wl,-M,")
-      else()
-        message(STATUS "Linker does not support mapfiles")
-      endif()
-    endif()
-  endif()
-endif()
-
-# Generate files
-if(WIN32)
-  configure_file(win/jconfig.h.in jconfig.h)
-else()
-  configure_file(jconfig.h.in jconfig.h)
-endif()
-configure_file(jconfigint.h.in jconfigint.h)
-if(UNIX)
-  configure_file(libjpeg.map.in libjpeg.map)
-endif()
-
-# Include directories and compiler definitions
-include_directories(${CMAKE_CURRENT_BINARY_DIR} ${CMAKE_CURRENT_SOURCE_DIR})
-
-
-###############################################################################
-# TARGETS
-###############################################################################
-
-if(CMAKE_EXECUTABLE_SUFFIX_TMP)
-  set(CMAKE_EXECUTABLE_SUFFIX ${CMAKE_EXECUTABLE_SUFFIX_TMP})
-endif()
-message(STATUS "CMAKE_EXECUTABLE_SUFFIX = ${CMAKE_EXECUTABLE_SUFFIX}")
-
-set(JPEG_SOURCES jcapimin.c jcapistd.c jccoefct.c jccolor.c jcdctmgr.c jchuff.c
-  jcicc.c jcinit.c jcmainct.c jcmarker.c jcmaster.c jcomapi.c jcparam.c
-  jcphuff.c jcprepct.c jcsample.c jctrans.c jdapimin.c jdapistd.c jdatadst.c
-  jdatasrc.c jdcoefct.c jdcolor.c jddctmgr.c jdhuff.c jdicc.c jdinput.c
-  jdmainct.c jdmarker.c jdmaster.c jdmerge.c jdphuff.c jdpostct.c jdsample.c
-  jdtrans.c jerror.c jfdctflt.c jfdctfst.c jfdctint.c jidctflt.c jidctfst.c
-  jidctint.c jidctred.c jquant1.c jquant2.c jutils.c jmemmgr.c jmemnobs.c)
-
-if(WITH_ARITH_ENC OR WITH_ARITH_DEC)
-  set(JPEG_SOURCES ${JPEG_SOURCES} jaricom.c)
-endif()
-
-if(WITH_ARITH_ENC)
-  set(JPEG_SOURCES ${JPEG_SOURCES} jcarith.c)
-endif()
-
-if(WITH_ARITH_DEC)
-  set(JPEG_SOURCES ${JPEG_SOURCES} jdarith.c)
-endif()
-
-if(WITH_SIMD)
-  add_subdirectory(simd)
-  if(NEON_INTRINSICS)
-    add_definitions(-DNEON_INTRINSICS)
-  endif()
-elseif(NOT WITH_12BIT)
-  message(STATUS "SIMD extensions: None (WITH_SIMD = ${WITH_SIMD})")
-endif()
-if(WITH_SIMD)
-  message(STATUS "SIMD extensions: ${CPU_TYPE} (WITH_SIMD = ${WITH_SIMD})")
-  if(MSVC_IDE OR XCODE)
-    set_source_files_properties(${SIMD_OBJS} PROPERTIES GENERATED 1)
-  endif()
-else()
-  add_library(simd OBJECT jsimd_none.c)
-endif()
-
-if(WITH_JAVA)
-  add_subdirectory(java)
-endif()
-
-if(ENABLE_SHARED)
-  add_subdirectory(sharedlib)
-endif()
-
-if(ENABLE_STATIC)
-  add_library(jpeg-static STATIC ${JPEG_SOURCES} $<TARGET_OBJECTS:simd>
-    ${SIMD_OBJS})
-  if(NOT MSVC)
-    set_target_properties(jpeg-static PROPERTIES OUTPUT_NAME jpeg)
-  endif()
-endif()
-
-if(WITH_TURBOJPEG)
-  if(ENABLE_SHARED)
-    set(TURBOJPEG_SOURCES ${JPEG_SOURCES} $<TARGET_OBJECTS:simd> ${SIMD_OBJS}
-      turbojpeg.c transupp.c jdatadst-tj.c jdatasrc-tj.c rdbmp.c rdppm.c
-      wrbmp.c wrppm.c)
-    set(TJMAPFILE ${CMAKE_CURRENT_SOURCE_DIR}/turbojpeg-mapfile)
-    if(WITH_JAVA)
-      set(TURBOJPEG_SOURCES ${TURBOJPEG_SOURCES} turbojpeg-jni.c)
-      include_directories(${JAVA_INCLUDE_PATH} ${JAVA_INCLUDE_PATH2})
-      set(TJMAPFILE ${CMAKE_CURRENT_SOURCE_DIR}/turbojpeg-mapfile.jni)
-    endif()
-    add_library(turbojpeg SHARED ${TURBOJPEG_SOURCES})
-    set_property(TARGET turbojpeg PROPERTY COMPILE_FLAGS
-      "-DBMP_SUPPORTED -DPPM_SUPPORTED")
-    if(WIN32)
-      set_target_properties(turbojpeg PROPERTIES DEFINE_SYMBOL DLLDEFINE)
-    endif()
-    if(MINGW)
-      set_target_properties(turbojpeg PROPERTIES LINK_FLAGS -Wl,--kill-at)
-    endif()
-    if(APPLE AND (NOT CMAKE_OSX_DEPLOYMENT_TARGET OR
-                  CMAKE_OSX_DEPLOYMENT_TARGET VERSION_GREATER 10.4))
-      if(NOT CMAKE_SHARED_LIBRARY_RUNTIME_C_FLAG)
-        set(CMAKE_SHARED_LIBRARY_RUNTIME_C_FLAG "-Wl,-rpath,")
-      endif()
-      set_target_properties(turbojpeg PROPERTIES MACOSX_RPATH 1)
-    endif()
-    set_target_properties(turbojpeg PROPERTIES
-      SOVERSION ${TURBOJPEG_SO_MAJOR_VERSION} VERSION ${TURBOJPEG_SO_VERSION})
-    if(TJMAPFLAG)
-      set_target_properties(turbojpeg PROPERTIES
-        LINK_FLAGS "${TJMAPFLAG}${TJMAPFILE}")
-    endif()
-
-    add_executable(tjunittest tjunittest.c tjutil.c md5/md5.c md5/md5hl.c)
-    target_link_libraries(tjunittest turbojpeg)
-
-    add_executable(tjbench tjbench.c tjutil.c)
-    target_link_libraries(tjbench turbojpeg)
-    if(UNIX)
-      target_link_libraries(tjbench m)
-    endif()
-
-    add_executable(tjexample tjexample.c)
-    target_link_libraries(tjexample turbojpeg)
-  endif()
-
-  if(ENABLE_STATIC)
-    add_library(turbojpeg-static STATIC ${JPEG_SOURCES} $<TARGET_OBJECTS:simd>
-      ${SIMD_OBJS} turbojpeg.c transupp.c jdatadst-tj.c jdatasrc-tj.c rdbmp.c
-      rdppm.c wrbmp.c wrppm.c)
-    set_property(TARGET turbojpeg-static PROPERTY COMPILE_FLAGS
-      "-DBMP_SUPPORTED -DPPM_SUPPORTED")
-    if(NOT MSVC)
-      set_target_properties(turbojpeg-static PROPERTIES OUTPUT_NAME turbojpeg)
-    endif()
-
-    add_executable(tjunittest-static tjunittest.c tjutil.c md5/md5.c
-      md5/md5hl.c)
-    target_link_libraries(tjunittest-static turbojpeg-static)
-
-    add_executable(tjbench-static tjbench.c tjutil.c)
-    target_link_libraries(tjbench-static turbojpeg-static)
-    if(UNIX)
-      target_link_libraries(tjbench-static m)
-    endif()
-  endif()
-endif()
-
-if(WIN32)
-  set(USE_SETMODE "-DUSE_SETMODE")
-endif()
-if(WITH_12BIT)
-  set(COMPILE_FLAGS "-DGIF_SUPPORTED -DPPM_SUPPORTED ${USE_SETMODE}")
-else()
-  set(COMPILE_FLAGS "-DBMP_SUPPORTED -DGIF_SUPPORTED -DPPM_SUPPORTED -DTARGA_SUPPORTED ${USE_SETMODE}")
-  set(CJPEG_BMP_SOURCES rdbmp.c rdtarga.c)
-  set(DJPEG_BMP_SOURCES wrbmp.c wrtarga.c)
-endif()
-
-if(ENABLE_STATIC)
-  add_executable(cjpeg-static cjpeg.c cdjpeg.c rdgif.c rdppm.c rdswitch.c
-    ${CJPEG_BMP_SOURCES})
-  set_property(TARGET cjpeg-static PROPERTY COMPILE_FLAGS ${COMPILE_FLAGS})
-  target_link_libraries(cjpeg-static jpeg-static)
-
-  add_executable(djpeg-static djpeg.c cdjpeg.c rdcolmap.c rdswitch.c wrgif.c
-    wrppm.c ${DJPEG_BMP_SOURCES})
-  set_property(TARGET djpeg-static PROPERTY COMPILE_FLAGS ${COMPILE_FLAGS})
-  target_link_libraries(djpeg-static jpeg-static)
-
-  add_executable(jpegtran-static jpegtran.c cdjpeg.c rdswitch.c transupp.c)
-  target_link_libraries(jpegtran-static jpeg-static)
-  set_property(TARGET jpegtran-static PROPERTY COMPILE_FLAGS "${USE_SETMODE}")
-endif()
-
-add_executable(rdjpgcom rdjpgcom.c)
-
-add_executable(wrjpgcom wrjpgcom.c)
-
-
-###############################################################################
-# TESTS
-###############################################################################
-
-if(WITH_FUZZ)
-  add_subdirectory(fuzz)
-endif()
-
-add_subdirectory(md5)
-
-if(MSVC_IDE OR XCODE)
-  set(OBJDIR "\${CTEST_CONFIGURATION_TYPE}/")
-else()
-  set(OBJDIR "")
-endif()
-
-enable_testing()
-
-if(WITH_12BIT)
-  set(TESTORIG testorig12.jpg)
-  set(MD5_JPEG_RGB_ISLOW 9d7369207c520d37f2c1cbfcb82b2964)
-  set(MD5_JPEG_RGB_ISLOW2 a00bd20d8ae49684640ef7177d2e0b64)
-  set(MD5_PPM_RGB_ISLOW f3301d2219783b8b3d942b7239fa50c0)
-  set(MD5_JPEG_422_IFAST_OPT 7322e3bd2f127f7de4b40d4480ce60e4)
-  set(MD5_PPM_422_IFAST 79807fa552899e66a04708f533e16950)
-  set(MD5_JPEG_440_ISLOW e25c1912e38367be505a89c410c1c2d2)
-  set(MD5_PPM_440_ISLOW e7d2e26288870cfcb30f3114ad01e380)
-  set(MD5_PPM_422M_IFAST 07737bfe8a7c1c87aaa393a0098d16b0)
-  set(MD5_JPEG_420_IFAST_Q100_PROG 9447cef4803d9b0f74bcf333cc710a29)
-  set(MD5_PPM_420_Q100_IFAST 1b3730122709f53d007255e8dfd3305e)
-  set(MD5_PPM_420M_Q100_IFAST 980a1a3c5bf9510022869d30b7d26566)
-  set(MD5_JPEG_GRAY_ISLOW 235c90707b16e2e069f37c888b2636d9)
-  set(MD5_PPM_GRAY_ISLOW 7213c10af507ad467da5578ca5ee1fca)
-  set(MD5_PPM_GRAY_ISLOW_RGB e96ee81c30a6ed422d466338bd3de65d)
-  set(MD5_JPEG_420S_IFAST_OPT 7af8e60be4d9c227ec63ac9b6630855e)
-
-  set(MD5_JPEG_3x2_FLOAT_PROG_SSE a8c17daf77b457725ec929e215b603f8)
-  set(MD5_PPM_3x2_FLOAT_SSE 42876ab9e5c2f76a87d08db5fbd57956)
-  set(MD5_JPEG_3x2_FLOAT_PROG_NO_FP_CONTRACT a8c17daf77b457725ec929e215b603f8)
-  set(MD5_PPM_3x2_FLOAT_NO_FP_CONTRACT ${MD5_PPM_3x2_FLOAT_SSE})
-  set(MD5_JPEG_3x2_FLOAT_PROG_FP_CONTRACT
-    ${MD5_JPEG_3x2_FLOAT_PROG_NO_FP_CONTRACT})
-  set(MD5_PPM_3x2_FLOAT_FP_CONTRACT ${MD5_PPM_3x2_FLOAT_SSE})
-  set(MD5_JPEG_3x2_FLOAT_PROG_387 bc6dbbefac2872f6b9d6c4a0ae60c3c0)
-  set(MD5_PPM_3x2_FLOAT_387 bcc5723c61560463ac60f772e742d092)
-  set(MD5_JPEG_3x2_FLOAT_PROG_MSVC e27840755870fa849872e58aa0cd1400)
-  set(MD5_PPM_3x2_FLOAT_MSVC 6c2880b83bb1aa41dfe330e7a9768690)
-
-  set(MD5_JPEG_3x2_IFAST_PROG 1396cc2b7185cfe943d408c9d305339e)
-  set(MD5_PPM_3x2_IFAST 3975985ef6eeb0a2cdc58daa651ccc00)
-  set(MD5_PPM_420M_ISLOW_2_1 4ca6be2a6f326ff9eaab63e70a8259c0)
-  set(MD5_PPM_420M_ISLOW_15_8 12aa9f9534c1b3d7ba047322226365eb)
-  set(MD5_PPM_420M_ISLOW_13_8 f7e22817c7b25e1393e4ec101e9d4e96)
-  set(MD5_PPM_420M_ISLOW_11_8 800a16f9f4dc9b293197bfe11be10a82)
-  set(MD5_PPM_420M_ISLOW_9_8 06b7a92a9bc69f4dc36ec40f1937d55c)
-  set(MD5_PPM_420M_ISLOW_7_8 3ec444a14a4ab4eab88ffc49c48eca43)
-  set(MD5_PPM_420M_ISLOW_3_4 3e726b7ea872445b19437d1c1d4f0d93)
-  set(MD5_PPM_420M_ISLOW_5_8 a8a771abdc94301d20ffac119b2caccd)
-  set(MD5_PPM_420M_ISLOW_1_2 b419124dd5568b085787234866102866)
-  set(MD5_PPM_420M_ISLOW_3_8 343d19015531b7bbe746124127244fa8)
-  set(MD5_PPM_420M_ISLOW_1_4 35fd59d866e44659edfa3c18db2a3edb)
-  set(MD5_PPM_420M_ISLOW_1_8 ccaed48ac0aedefda5d4abe4013f4ad7)
-  set(MD5_PPM_420_ISLOW_SKIP15_31 86664cd9dc956536409e44e244d20a97)
-  set(MD5_PPM_420_ISLOW_PROG_CROP62x62_71_71 452a21656115a163029cfba5c04fa76a)
-  set(MD5_PPM_444_ISLOW_SKIP1_6 ef63901f71ef7a75cd78253fc0914f84)
-  set(MD5_PPM_444_ISLOW_PROG_CROP98x98_13_13 15b173fb5872d9575572fbcc1b05956f)
-  set(MD5_JPEG_CROP cdb35ff4b4519392690ea040c56ea99c)
-else()
-  set(TESTORIG testorig.jpg)
-  set(MD5_JPEG_RGB_ISLOW 1d44a406f61da743b5fd31c0a9abdca3)
-  set(MD5_JPEG_RGB_ISLOW2 31d121e57b6c2934c890a7fc7763bcd4)
-  set(MD5_PPM_RGB_ISLOW 00a257f5393fef8821f2b88ac7421291)
-  set(MD5_BMP_RGB_ISLOW_565 f07d2e75073e4bb10f6c6f4d36e2e3be)
-  set(MD5_BMP_RGB_ISLOW_565D 4cfa0928ef3e6bb626d7728c924cfda4)
-  set(MD5_JPEG_422_IFAST_OPT 2540287b79d913f91665e660303ab2c8)
-  set(MD5_PPM_422_IFAST 35bd6b3f833bad23de82acea847129fa)
-  set(MD5_JPEG_440_ISLOW 538bc02bd4b4658fd85de6ece6cbeda6)
-  set(MD5_PPM_440_ISLOW 11e7eab7ef7ef3276934bb7e7b6bb377)
-  set(MD5_PPM_422M_IFAST 8dbc65323d62cca7c91ba02dd1cfa81d)
-  set(MD5_BMP_422M_IFAST_565 3294bd4d9a1f2b3d08ea6020d0db7065)
-  set(MD5_BMP_422M_IFAST_565D da98c9c7b6039511be4a79a878a9abc1)
-  set(MD5_JPEG_420_IFAST_Q100_PROG 0ba15f9dab81a703505f835f9dbbac6d)
-  set(MD5_PPM_420_Q100_IFAST 5a732542015c278ff43635e473a8a294)
-  set(MD5_PPM_420M_Q100_IFAST ff692ee9323a3b424894862557c092f1)
-  set(MD5_JPEG_GRAY_ISLOW 72b51f894b8f4a10b3ee3066770aa38d)
-  set(MD5_PPM_GRAY_ISLOW 8d3596c56eace32f205deccc229aa5ed)
-  set(MD5_PPM_GRAY_ISLOW_RGB 116424ac07b79e5e801f00508eab48ec)
-  set(MD5_BMP_GRAY_ISLOW_565 12f78118e56a2f48b966f792fedf23cc)
-  set(MD5_BMP_GRAY_ISLOW_565D bdbbd616441a24354c98553df5dc82db)
-  set(MD5_JPEG_420S_IFAST_OPT 388708217ac46273ca33086b22827ed8)
-
-  set(MD5_JPEG_3x2_FLOAT_PROG_SSE 343e3f8caf8af5986ebaf0bdc13b5c71)
-  set(MD5_PPM_3x2_FLOAT_SSE 1a75f36e5904d6fc3a85a43da9ad89bb)
-  set(MD5_JPEG_3x2_FLOAT_PROG_NO_FP_CONTRACT 9bca803d2042bd1eb03819e2bf92b3e5)
-  set(MD5_PPM_3x2_FLOAT_NO_FP_CONTRACT f6bfab038438ed8f5522fbd33595dcdc)
-  set(MD5_JPEG_3x2_FLOAT_PROG_FP_CONTRACT
-    ${MD5_JPEG_3x2_FLOAT_PROG_NO_FP_CONTRACT})
-  set(MD5_PPM_3x2_FLOAT_FP_CONTRACT 0e917a34193ef976b679a6b069b1be26)
-  set(MD5_JPEG_3x2_FLOAT_PROG_387 1657664a410e0822c924b54f6f65e6e9)
-  set(MD5_PPM_3x2_FLOAT_387 cb0a1f027f3d2917c902b5640214e025)
-  set(MD5_JPEG_3x2_FLOAT_PROG_MSVC 7999ce9cd0ee9b6c7043b7351ab7639d)
-  set(MD5_PPM_3x2_FLOAT_MSVC 28cdc448a6b75e97892f0e0f8d4b21f3)
-
-  set(MD5_JPEG_3x2_IFAST_PROG 1ee5d2c1a77f2da495f993c8c7cceca5)
-  set(MD5_PPM_3x2_IFAST fd283664b3b49127984af0a7f118fccd)
-  set(MD5_JPEG_420_ISLOW_ARI e986fb0a637a8d833d96e8a6d6d84ea1)
-  set(MD5_JPEG_444_ISLOW_PROGARI 0a8f1c8f66e113c3cf635df0a475a617)
-  set(MD5_PPM_420M_IFAST_ARI 57251da28a35b46eecb7177d82d10e0e)
-  set(MD5_JPEG_420_ISLOW 9a68f56bc76e466aa7e52f415d0f4a5f)
-  set(MD5_PPM_420M_ISLOW_2_1 9f9de8c0612f8d06869b960b05abf9c9)
-  set(MD5_PPM_420M_ISLOW_15_8 b6875bc070720b899566cc06459b63b7)
-  set(MD5_PPM_420M_ISLOW_13_8 bc3452573c8152f6ae552939ee19f82f)
-  set(MD5_PPM_420M_ISLOW_11_8 d8cc73c0aaacd4556569b59437ba00a5)
-  set(MD5_PPM_420M_ISLOW_9_8 d25e61bc7eac0002f5b393aa223747b6)
-  set(MD5_PPM_420M_ISLOW_7_8 ddb564b7c74a09494016d6cd7502a946)
-  set(MD5_PPM_420M_ISLOW_3_4 8ed8e68808c3fbc4ea764fc9d2968646)
-  set(MD5_PPM_420M_ISLOW_5_8 a3363274999da2366a024efae6d16c9b)
-  set(MD5_PPM_420M_ISLOW_1_2 e692a315cea26b988c8e8b29a5dbcd81)
-  set(MD5_PPM_420M_ISLOW_3_8 79eca9175652ced755155c90e785a996)
-  set(MD5_PPM_420M_ISLOW_1_4 79cd778f8bf1a117690052cacdd54eca)
-  set(MD5_PPM_420M_ISLOW_1_8 391b3d4aca640c8567d6f8745eb2142f)
-  set(MD5_BMP_420_ISLOW_256 4980185e3776e89bd931736e1cddeee6)
-  set(MD5_BMP_420_ISLOW_565 bf9d13e16c4923b92e1faa604d7922cb)
-  set(MD5_BMP_420_ISLOW_565D 6bde71526acc44bcff76f696df8638d2)
-  set(MD5_BMP_420M_ISLOW_565 8dc0185245353cfa32ad97027342216f)
-  set(MD5_BMP_420M_ISLOW_565D ce034037d212bc403330df6f915c161b)
-  set(MD5_PPM_420_ISLOW_SKIP15_31 c4c65c1e43d7275cd50328a61e6534f0)
-  set(MD5_PPM_420_ISLOW_ARI_SKIP16_139 087c6b123db16ac00cb88c5b590bb74a)
-  set(MD5_PPM_420_ISLOW_PROG_CROP62x62_71_71 26eb36ccc7d1f0cb80cdabb0ac8b5d99)
-  set(MD5_PPM_420_ISLOW_ARI_CROP53x53_4_4 886c6775af22370257122f8b16207e6d)
-  set(MD5_PPM_444_ISLOW_SKIP1_6 5606f86874cf26b8fcee1117a0a436a6)
-  set(MD5_PPM_444_ISLOW_PROG_CROP98x98_13_13 db87dc7ce26bcdc7a6b56239ce2b9d6c)
-  set(MD5_PPM_444_ISLOW_ARI_CROP37x37_0_0 cb57b32bd6d03e35432362f7bf184b6d)
-  set(MD5_JPEG_CROP b4197f377e621c4e9b1d20471432610d)
-endif()
-
-if(WITH_JAVA)
-  add_test(TJUnitTest
-    ${Java_JAVA_EXECUTABLE} ${JAVAARGS} -cp java/turbojpeg.jar
-      -Djava.library.path=${CMAKE_CURRENT_BINARY_DIR}/${OBJDIR}
-      TJUnitTest)
-  add_test(TJUnitTest-yuv
-    ${Java_JAVA_EXECUTABLE} ${JAVAARGS} -cp java/turbojpeg.jar
-      -Djava.library.path=${CMAKE_CURRENT_BINARY_DIR}/${OBJDIR}
-      TJUnitTest -yuv)
-  add_test(TJUnitTest-yuv-nopad
-    ${Java_JAVA_EXECUTABLE} ${JAVAARGS} -cp java/turbojpeg.jar
-      -Djava.library.path=${CMAKE_CURRENT_BINARY_DIR}/${OBJDIR}
-      TJUnitTest -yuv -noyuvpad)
-  add_test(TJUnitTest-bi
-    ${Java_JAVA_EXECUTABLE} ${JAVAARGS} -cp java/turbojpeg.jar
-      -Djava.library.path=${CMAKE_CURRENT_BINARY_DIR}/${OBJDIR}
-      TJUnitTest -bi)
-  add_test(TJUnitTest-bi-yuv
-    ${Java_JAVA_EXECUTABLE} ${JAVAARGS} -cp java/turbojpeg.jar
-      -Djava.library.path=${CMAKE_CURRENT_BINARY_DIR}/${OBJDIR}
-      TJUnitTest -bi -yuv)
-  add_test(TJUnitTest-bi-yuv-nopad
-    ${Java_JAVA_EXECUTABLE} ${JAVAARGS} -cp java/turbojpeg.jar
-      -Djava.library.path=${CMAKE_CURRENT_BINARY_DIR}/${OBJDIR}
-      TJUnitTest -bi -yuv -noyuvpad)
-endif()
-
-set(TEST_LIBTYPES "")
-if(ENABLE_SHARED)
-  set(TEST_LIBTYPES ${TEST_LIBTYPES} shared)
-endif()
-if(ENABLE_STATIC)
-  set(TEST_LIBTYPES ${TEST_LIBTYPES} static)
-endif()
-
-set(TESTIMAGES ${CMAKE_CURRENT_SOURCE_DIR}/testimages)
-set(MD5CMP ${CMAKE_CURRENT_BINARY_DIR}/md5/md5cmp)
-if(CMAKE_CROSSCOMPILING)
-  file(RELATIVE_PATH TESTIMAGES ${CMAKE_CURRENT_BINARY_DIR} ${TESTIMAGES})
-  file(RELATIVE_PATH MD5CMP ${CMAKE_CURRENT_BINARY_DIR} ${MD5CMP})
-endif()
-
-# The output of the floating point DCT/IDCT algorithms differs depending on the
-# type of floating point math used, so the FLOATTEST CMake variable must be
-# set in order to tell the testing system which floating point results it
-# should expect:
-#
-# sse = validate against the expected results from the libjpeg-turbo SSE SIMD
-#       extensions
-# no-fp-contract = validate against the expected results from the C code when
-#                  floating point expression contraction is disabled (the
-#                  default with Clang, with GCC when building for platforms
-#                  that lack fused multiply-add [FMA] instructions, or when
-#                  passing -ffp-contract=off to the compiler)
-# fp-contract = validate against the expected results from the C code when
-#               floating point expression contraction is enabled (the default
-#               with GCC when building for platforms that have fused multiply-
-#               add [FMA] instructions or when passing -ffp-contract=fast to
-#               the compiler)
-# 387 = validate against the expected results from the C code when the 387 FPU
-#       is being used for floating point math (which is generally the default
-#       with x86 compilers)
-# msvc = validate against the expected results from the C code when compiled
-#        with a 32-bit version of Visual C++
-
-if(CPU_TYPE STREQUAL "x86_64" OR CPU_TYPE STREQUAL "i386")
-  if(WITH_SIMD)
-    set(DEFAULT_FLOATTEST sse)
-  elseif(CPU_TYPE STREQUAL "x86_64")
-    set(DEFAULT_FLOATTEST no-fp-contract)
-  elseif(CPU_TYPE STREQUAL "i386" AND MSVC)
-    set(DEFAULT_FLOATTEST msvc)
-  # else we can't really set an intelligent default for i386.  The appropriate
-  # value could be 387, no-fp-contract, or fp-contract, depending on the
-  # compiler and compiler options.  We leave it to the user to set FLOATTEST
-  # manually.
-  endif()
-else()
-  if((CPU_TYPE STREQUAL "powerpc" OR CPU_TYPE STREQUAL "arm64") AND
-    NOT CMAKE_C_COMPILER_ID STREQUAL "Clang" AND NOT MSVC)
-    set(DEFAULT_FLOATTEST fp-contract)
-  else()
-    set(DEFAULT_FLOATTEST no-fp-contract)
-  endif()
-endif()
-
-# This causes FLOATTEST to reset to the default value if WITH_SIMD has
-# changed.
-if(DEFINED WITH_SIMD_INT AND NOT WITH_SIMD EQUAL WITH_SIMD_INT)
-  set(FORCE_FLOATTEST "FORCE")
-endif()
-set(WITH_SIMD_INT ${WITH_SIMD} CACHE INTERNAL "")
-set(FLOATTEST ${DEFAULT_FLOATTEST} CACHE STRING
-  "The type of floating point math used by the floating point DCT/IDCT algorithms.  This tells the testing system which numerical results it should expect from those tests.  [sse = libjpeg-turbo x86/x86-64 SIMD extensions, no-fp-contract = generic FPU with floating point expression contraction disabled, fp-contract = generic FPU with floating point expression contraction enabled, 387 = 387 FPU, msvc = 32-bit Visual Studio] (default = ${DEFAULT_FLOATTEST})"
-  ${FORCE_FLOATTEST})
-message(STATUS "FLOATTEST = ${FLOATTEST}")
-
-if(FLOATTEST)
-  string(TOUPPER ${FLOATTEST} FLOATTEST_UC)
-  string(REGEX REPLACE "-" "_" FLOATTEST_UC ${FLOATTEST_UC})
-  string(TOLOWER ${FLOATTEST} FLOATTEST)
-  if(NOT FLOATTEST STREQUAL "sse" AND
-    NOT FLOATTEST STREQUAL "no-fp-contract" AND
-    NOT FLOATTEST STREQUAL "fp-contract" AND NOT FLOATTEST STREQUAL "387" AND
-    NOT FLOATTEST STREQUAL "msvc")
-    message(FATAL_ERROR "\"${FLOATTEST}\" is not a valid value for FLOATTEST.")
-  endif()
-endif()
-
-foreach(libtype ${TEST_LIBTYPES})
-  if(libtype STREQUAL "static")
-    set(suffix -static)
-  endif()
-  if(WITH_TURBOJPEG)
-    add_test(tjunittest-${libtype}
-      ${CMAKE_CROSSCOMPILING_EMULATOR} tjunittest${suffix})
-    add_test(tjunittest-${libtype}-alloc
-      ${CMAKE_CROSSCOMPILING_EMULATOR} tjunittest${suffix} -alloc)
-    add_test(tjunittest-${libtype}-yuv
-      ${CMAKE_CROSSCOMPILING_EMULATOR} tjunittest${suffix} -yuv)
-    add_test(tjunittest-${libtype}-yuv-alloc
-      ${CMAKE_CROSSCOMPILING_EMULATOR} tjunittest${suffix} -yuv -alloc)
-    add_test(tjunittest-${libtype}-yuv-nopad
-      ${CMAKE_CROSSCOMPILING_EMULATOR} tjunittest${suffix} -yuv -noyuvpad)
-    add_test(tjunittest-${libtype}-bmp
-      ${CMAKE_CROSSCOMPILING_EMULATOR} tjunittest${suffix} -bmp)
-
-    set(MD5_PPM_GRAY_TILE 89d3ca21213d9d864b50b4e4e7de4ca6)
-    set(MD5_PPM_420_8x8_TILE 847fceab15c5b7b911cb986cf0f71de3)
-    set(MD5_PPM_420_16x16_TILE ca45552a93687e078f7137cc4126a7b0)
-    set(MD5_PPM_420_32x32_TILE d8676f1d6b68df358353bba9844f4a00)
-    set(MD5_PPM_420_64x64_TILE 4e4c1a3d7ea4bace4f868bcbe83b7050)
-    set(MD5_PPM_420_128x128_TILE f24c3429c52265832beab9df72a0ceae)
-    set(MD5_PPM_420M_8x8_TILE bc25320e1f4c31ce2e610e43e9fd173c)
-    set(MD5_PPM_420M_TILE 75ffdf14602258c5c189522af57fa605)
-    set(MD5_PPM_422_8x8_TILE d83dacd9fc73b0a6f10c09acad64eb1e)
-    set(MD5_PPM_422_16x16_TILE 35077fb610d72dd743b1eb0cbcfe10fb)
-    set(MD5_PPM_422_32x32_TILE e6902ed8a449ecc0f0d6f2bf945f65f7)
-    set(MD5_PPM_422_64x64_TILE 2b4502a8f316cedbde1da7bce3d2231e)
-    set(MD5_PPM_422_128x128_TILE f0b5617d578f5e13c8eee215d64d4877)
-    set(MD5_PPM_422M_8x8_TILE 828941d7f41cd6283abd6beffb7fd51d)
-    set(MD5_PPM_422M_TILE e877ae1324c4a280b95376f7f018172f)
-    set(MD5_PPM_444_TILE 7964e41e67cfb8d0a587c0aa4798f9c3)
-
-    # Test compressing from/decompressing to an arbitrary subregion of a larger
-    # image buffer
-    add_test(tjbench-${libtype}-tile-cp
-      ${CMAKE_COMMAND} -E copy_if_different ${TESTIMAGES}/testorig.ppm
-        testout_tile.ppm)
-    add_test(tjbench-${libtype}-tile
-      ${CMAKE_CROSSCOMPILING_EMULATOR} tjbench${suffix} testout_tile.ppm 95
-        -rgb -quiet -tile -benchtime 0.01 -warmup 0)
-    set_tests_properties(tjbench-${libtype}-tile
-      PROPERTIES DEPENDS tjbench-${libtype}-tile-cp)
-
-    foreach(tile 8 16 32 64 128)
-      add_test(tjbench-${libtype}-tile-gray-${tile}x${tile}-cmp
-        ${CMAKE_CROSSCOMPILING_EMULATOR} ${MD5CMP} ${MD5_PPM_GRAY_TILE}
-          testout_tile_GRAY_Q95_${tile}x${tile}.ppm)
-      foreach(subsamp 420 422)
-        add_test(tjbench-${libtype}-tile-${subsamp}-${tile}x${tile}-cmp
-          ${CMAKE_CROSSCOMPILING_EMULATOR} ${MD5CMP}
-            ${MD5_PPM_${subsamp}_${tile}x${tile}_TILE}
-            testout_tile_${subsamp}_Q95_${tile}x${tile}.ppm)
-      endforeach()
-      add_test(tjbench-${libtype}-tile-444-${tile}x${tile}-cmp
-        ${CMAKE_CROSSCOMPILING_EMULATOR} ${MD5CMP} ${MD5_PPM_444_TILE}
-          testout_tile_444_Q95_${tile}x${tile}.ppm)
-      foreach(subsamp gray 420 422 444)
-        set_tests_properties(tjbench-${libtype}-tile-${subsamp}-${tile}x${tile}-cmp
-          PROPERTIES DEPENDS tjbench-${libtype}-tile)
-      endforeach()
-    endforeach()
-
-    add_test(tjbench-${libtype}-tilem-cp
-      ${CMAKE_COMMAND} -E copy_if_different ${TESTIMAGES}/testorig.ppm
-        testout_tilem.ppm)
-    add_test(tjbench-${libtype}-tilem
-      ${CMAKE_CROSSCOMPILING_EMULATOR} tjbench${suffix} testout_tilem.ppm 95
-        -rgb -fastupsample -quiet -tile -benchtime 0.01 -warmup 0)
-    set_tests_properties(tjbench-${libtype}-tilem
-      PROPERTIES DEPENDS tjbench-${libtype}-tilem-cp)
-
-    add_test(tjbench-${libtype}-tile-420m-8x8-cmp
-      ${CMAKE_CROSSCOMPILING_EMULATOR} ${MD5CMP} ${MD5_PPM_420M_8x8_TILE}
-        testout_tilem_420_Q95_8x8.ppm)
-    add_test(tjbench-${libtype}-tile-422m-8x8-cmp
-      ${CMAKE_CROSSCOMPILING_EMULATOR} ${MD5CMP} ${MD5_PPM_422M_8x8_TILE}
-        testout_tilem_422_Q95_8x8.ppm)
-    foreach(tile 16 32 64 128)
-      foreach(subsamp 420 422)
-        add_test(tjbench-${libtype}-tile-${subsamp}m-${tile}x${tile}-cmp
-          ${CMAKE_CROSSCOMPILING_EMULATOR} ${MD5CMP}
-            ${MD5_PPM_${subsamp}M_TILE}
-            testout_tilem_${subsamp}_Q95_${tile}x${tile}.ppm)
-      endforeach()
-    endforeach()
-    foreach(tile 8 16 32 64 128)
-      foreach(subsamp 420 422)
-        set_tests_properties(tjbench-${libtype}-tile-${subsamp}m-${tile}x${tile}-cmp
-          PROPERTIES DEPENDS tjbench-${libtype}-tilem)
-      endforeach()
-    endforeach()
-  endif()
-
-  # These tests are carefully crafted to provide full coverage of as many of
-  # the underlying algorithms as possible (including all of the
-  # SIMD-accelerated ones.)
-
-  macro(add_bittest PROG NAME ARGS OUTFILE INFILE MD5SUM)
-    add_test(${PROG}-${libtype}-${NAME}
-      ${CMAKE_CROSSCOMPILING_EMULATOR} ${PROG}${suffix} ${ARGS}
-        -outfile ${OUTFILE} ${INFILE})
-    add_test(${PROG}-${libtype}-${NAME}-cmp
-      ${CMAKE_CROSSCOMPILING_EMULATOR} ${MD5CMP} ${MD5SUM} ${OUTFILE})
-    set_tests_properties(${PROG}-${libtype}-${NAME}-cmp PROPERTIES
-      DEPENDS ${PROG}-${libtype}-${NAME})
-    if(${ARGC} GREATER 6)
-      set(DEPENDS ${ARGN})
-      set_tests_properties(${PROG}-${libtype}-${NAME} PROPERTIES
-        DEPENDS ${DEPENDS})
-    endif()
-  endmacro()
-
-  # CC: null  SAMP: fullsize  FDCT: islow  ENT: huff
-  add_bittest(cjpeg rgb-islow "-rgb;-dct;int;-icc;${TESTIMAGES}/test1.icc"
-    testout_rgb_islow.jpg ${TESTIMAGES}/testorig.ppm
-    ${MD5_JPEG_RGB_ISLOW})
-
-  # CC: null  SAMP: fullsize  IDCT: islow  ENT: huff
-  add_bittest(djpeg rgb-islow "-dct;int;-ppm;-icc;testout_rgb_islow.icc"
-    testout_rgb_islow.ppm testout_rgb_islow.jpg
-    ${MD5_PPM_RGB_ISLOW} cjpeg-${libtype}-rgb-islow)
-
-  add_test(djpeg-${libtype}-rgb-islow-icc-cmp
-    ${CMAKE_CROSSCOMPILING_EMULATOR} ${MD5CMP}
-      b06a39d730129122e85c1363ed1bbc9e testout_rgb_islow.icc)
-  set_tests_properties(djpeg-${libtype}-rgb-islow-icc-cmp PROPERTIES
-    DEPENDS djpeg-${libtype}-rgb-islow)
-
-  add_bittest(jpegtran icc "-copy;all;-icc;${TESTIMAGES}/test2.icc"
-    testout_rgb_islow2.jpg testout_rgb_islow.jpg
-    ${MD5_JPEG_RGB_ISLOW2} cjpeg-${libtype}-rgb-islow)
-
-  if(NOT WITH_12BIT)
-    # CC: RGB->RGB565  SAMP: fullsize  IDCT: islow  ENT: huff
-    add_bittest(djpeg rgb-islow-565 "-dct;int;-rgb565;-dither;none;-bmp"
-      testout_rgb_islow_565.bmp testout_rgb_islow.jpg
-      ${MD5_BMP_RGB_ISLOW_565} cjpeg-${libtype}-rgb-islow)
-
-    # CC: RGB->RGB565 (dithered)  SAMP: fullsize  IDCT: islow  ENT: huff
-    add_bittest(djpeg rgb-islow-565D "-dct;int;-rgb565;-bmp"
-      testout_rgb_islow_565D.bmp testout_rgb_islow.jpg
-      ${MD5_BMP_RGB_ISLOW_565D} cjpeg-${libtype}-rgb-islow)
-  endif()
-
-  # CC: RGB->YCC  SAMP: fullsize/h2v1  FDCT: ifast  ENT: 2-pass huff
-  add_bittest(cjpeg 422-ifast-opt "-sample;2x1;-dct;fast;-opt"
-    testout_422_ifast_opt.jpg ${TESTIMAGES}/testorig.ppm
-    ${MD5_JPEG_422_IFAST_OPT})
-
-  # CC: YCC->RGB  SAMP: fullsize/h2v1 fancy  IDCT: ifast  ENT: huff
-  add_bittest(djpeg 422-ifast "-dct;fast"
-    testout_422_ifast.ppm testout_422_ifast_opt.jpg
-    ${MD5_PPM_422_IFAST} cjpeg-${libtype}-422-ifast-opt)
-
-  # CC: RGB->YCC  SAMP: fullsize/h1v2  FDCT: islow  ENT: huff
-  add_bittest(cjpeg 440-islow "-sample;1x2;-dct;int"
-    testout_440_islow.jpg ${TESTIMAGES}/testorig.ppm
-    ${MD5_JPEG_440_ISLOW})
-
-  # CC: YCC->RGB  SAMP: fullsize/h1v2 fancy  IDCT: islow  ENT: huff
-  add_bittest(djpeg 440-islow "-dct;int"
-    testout_440_islow.ppm testout_440_islow.jpg
-    ${MD5_PPM_440_ISLOW} cjpeg-${libtype}-440-islow)
-
-  # CC: YCC->RGB  SAMP: h2v1 merged  IDCT: ifast  ENT: huff
-  add_bittest(djpeg 422m-ifast "-dct;fast;-nosmooth"
-    testout_422m_ifast.ppm testout_422_ifast_opt.jpg
-    ${MD5_PPM_422M_IFAST} cjpeg-${libtype}-422-ifast-opt)
-
-  if(NOT WITH_12BIT)
-    # CC: YCC->RGB565  SAMP: h2v1 merged  IDCT: ifast  ENT: huff
-    add_bittest(djpeg 422m-ifast-565
-      "-dct;int;-nosmooth;-rgb565;-dither;none;-bmp"
-      testout_422m_ifast_565.bmp testout_422_ifast_opt.jpg
-      ${MD5_BMP_422M_IFAST_565} cjpeg-${libtype}-422-ifast-opt)
-
-    # CC: YCC->RGB565 (dithered)  SAMP: h2v1 merged  IDCT: ifast  ENT: huff
-    add_bittest(djpeg 422m-ifast-565D "-dct;int;-nosmooth;-rgb565;-bmp"
-      testout_422m_ifast_565D.bmp testout_422_ifast_opt.jpg
-      ${MD5_BMP_422M_IFAST_565D} cjpeg-${libtype}-422-ifast-opt)
-  endif()
-
-  # CC: RGB->YCC  SAMP: fullsize/h2v2  FDCT: ifast  ENT: prog huff
-  add_bittest(cjpeg 420-q100-ifast-prog
-    "-sample;2x2;-quality;100;-dct;fast;-scans;${TESTIMAGES}/test.scan"
-    testout_420_q100_ifast_prog.jpg ${TESTIMAGES}/testorig.ppm
-    ${MD5_JPEG_420_IFAST_Q100_PROG})
-
-  # CC: YCC->RGB  SAMP: fullsize/h2v2 fancy  IDCT: ifast  ENT: prog huff
-  add_bittest(djpeg 420-q100-ifast-prog "-dct;fast"
-    testout_420_q100_ifast.ppm testout_420_q100_ifast_prog.jpg
-    ${MD5_PPM_420_Q100_IFAST} cjpeg-${libtype}-420-q100-ifast-prog)
-
-  # CC: YCC->RGB  SAMP: h2v2 merged  IDCT: ifast  ENT: prog huff
-  add_bittest(djpeg 420m-q100-ifast-prog "-dct;fast;-nosmooth"
-    testout_420m_q100_ifast.ppm testout_420_q100_ifast_prog.jpg
-    ${MD5_PPM_420M_Q100_IFAST} cjpeg-${libtype}-420-q100-ifast-prog)
-
-  # CC: RGB->Gray  SAMP: fullsize  FDCT: islow  ENT: huff
-  add_bittest(cjpeg gray-islow "-gray;-dct;int"
-    testout_gray_islow.jpg ${TESTIMAGES}/testorig.ppm
-    ${MD5_JPEG_GRAY_ISLOW})
-
-  # CC: Gray->Gray  SAMP: fullsize  IDCT: islow  ENT: huff
-  add_bittest(djpeg gray-islow "-dct;int"
-    testout_gray_islow.ppm testout_gray_islow.jpg
-    ${MD5_PPM_GRAY_ISLOW} cjpeg-${libtype}-gray-islow)
-
-  # CC: Gray->RGB  SAMP: fullsize  IDCT: islow  ENT: huff
-  add_bittest(djpeg gray-islow-rgb "-dct;int;-rgb"
-    testout_gray_islow_rgb.ppm testout_gray_islow.jpg
-    ${MD5_PPM_GRAY_ISLOW_RGB} cjpeg-${libtype}-gray-islow)
-
-  if(NOT WITH_12BIT)
-    # CC: Gray->RGB565  SAMP: fullsize  IDCT: islow  ENT: huff
-    add_bittest(djpeg gray-islow-565 "-dct;int;-rgb565;-dither;none;-bmp"
-      testout_gray_islow_565.bmp testout_gray_islow.jpg
-      ${MD5_BMP_GRAY_ISLOW_565} cjpeg-${libtype}-gray-islow)
-
-    # CC: Gray->RGB565 (dithered)  SAMP: fullsize  IDCT: islow  ENT: huff
-    add_bittest(djpeg gray-islow-565D "-dct;int;-rgb565;-bmp"
-      testout_gray_islow_565D.bmp testout_gray_islow.jpg
-      ${MD5_BMP_GRAY_ISLOW_565D} cjpeg-${libtype}-gray-islow)
-  endif()
-
-  # CC: RGB->YCC  SAMP: fullsize smooth/h2v2 smooth  FDCT: islow
-  # ENT: 2-pass huff
-  add_bittest(cjpeg 420s-ifast-opt "-sample;2x2;-smooth;1;-dct;int;-opt"
-    testout_420s_ifast_opt.jpg ${TESTIMAGES}/testorig.ppm
-    ${MD5_JPEG_420S_IFAST_OPT})
-
-  if(FLOATTEST)
-    # CC: RGB->YCC  SAMP: fullsize/int  FDCT: float  ENT: prog huff
-    add_bittest(cjpeg 3x2-float-prog "-sample;3x2;-dct;float;-prog"
-      testout_3x2_float_prog.jpg ${TESTIMAGES}/testorig.ppm
-      ${MD5_JPEG_3x2_FLOAT_PROG_${FLOATTEST_UC}})
-
-    # CC: YCC->RGB  SAMP: fullsize/int  IDCT: float  ENT: prog huff
-    add_bittest(djpeg 3x2-float-prog "-dct;float"
-      testout_3x2_float.ppm testout_3x2_float_prog.jpg
-      ${MD5_PPM_3x2_FLOAT_${FLOATTEST_UC}} cjpeg-${libtype}-3x2-float-prog)
-  endif()
-
-    # CC: RGB->YCC  SAMP: fullsize/int  FDCT: ifast  ENT: prog huff
-  add_bittest(cjpeg 3x2-ifast-prog "-sample;3x2;-dct;fast;-prog"
-    testout_3x2_ifast_prog.jpg ${TESTIMAGES}/testorig.ppm
-    ${MD5_JPEG_3x2_IFAST_PROG})
-
-  # CC: YCC->RGB  SAMP: fullsize/int  IDCT: ifast  ENT: prog huff
-  add_bittest(djpeg 3x2-ifast-prog "-dct;fast"
-    testout_3x2_ifast.ppm testout_3x2_ifast_prog.jpg
-    ${MD5_PPM_3x2_IFAST} cjpeg-${libtype}-3x2-ifast-prog)
-
-  if(WITH_ARITH_ENC)
-    # CC: YCC->RGB  SAMP: fullsize/h2v2  FDCT: islow  ENT: arith
-    add_bittest(cjpeg 420-islow-ari "-dct;int;-arithmetic"
-      testout_420_islow_ari.jpg ${TESTIMAGES}/testorig.ppm
-      ${MD5_JPEG_420_ISLOW_ARI})
-
-    add_bittest(jpegtran 420-islow-ari "-arithmetic"
-      testout_420_islow_ari2.jpg ${TESTIMAGES}/testimgint.jpg
-      ${MD5_JPEG_420_ISLOW_ARI})
-
-    # CC: YCC->RGB  SAMP: fullsize  FDCT: islow  ENT: prog arith
-    add_bittest(cjpeg 444-islow-progari
-      "-sample;1x1;-dct;int;-prog;-arithmetic"
-      testout_444_islow_progari.jpg ${TESTIMAGES}/testorig.ppm
-      ${MD5_JPEG_444_ISLOW_PROGARI})
-  endif()
-
-  if(WITH_ARITH_DEC)
-    # CC: RGB->YCC  SAMP: h2v2 merged  IDCT: ifast  ENT: arith
-    add_bittest(djpeg 420m-ifast-ari "-fast;-skip;1,20;-ppm"
-      testout_420m_ifast_ari.ppm ${TESTIMAGES}/testimgari.jpg
-      ${MD5_PPM_420M_IFAST_ARI})
-
-    add_bittest(jpegtran 420-islow ""
-      testout_420_islow.jpg ${TESTIMAGES}/testimgari.jpg
-      ${MD5_JPEG_420_ISLOW})
-  endif()
-
-  # 2/1--   CC: YCC->RGB  SAMP: h2v2 merged  IDCT: 16x16 islow  ENT: huff
-  # 15/8--  CC: YCC->RGB  SAMP: h2v2 merged  IDCT: 15x15 islow  ENT: huff
-  # 13/8--  CC: YCC->RGB  SAMP: h2v2 merged  IDCT: 13x13 islow  ENT: huff
-  # 11/8--  CC: YCC->RGB  SAMP: h2v2 merged  IDCT: 11x11 islow  ENT: huff
-  # 9/8--   CC: YCC->RGB  SAMP: h2v2 merged  IDCT: 9x9 islow  ENT: huff
-  # 7/8--   CC: YCC->RGB  SAMP: h2v2 merged  IDCT: 7x7 islow/14x14 islow
-  #         ENT: huff
-  # 3/4--   CC: YCC->RGB  SAMP: h2v2 merged  IDCT: 6x6 islow/12x12 islow
-  #         ENT: huff
-  # 5/8--   CC: YCC->RGB  SAMP: h2v2 merged  IDCT: 5x5 islow/10x10 islow
-  #         ENT: huff
-  # 1/2--   CC: YCC->RGB  SAMP: h2v2 merged  IDCT: 4x4 islow/8x8 islow
-  #         ENT: huff
-  # 3/8--   CC: YCC->RGB  SAMP: h2v2 merged  IDCT: 3x3 islow/6x6 islow
-  #         ENT: huff
-  # 1/4--   CC: YCC->RGB  SAMP: h2v2 merged  IDCT: 2x2 islow/4x4 islow
-  #         ENT: huff
-  # 1/8--   CC: YCC->RGB  SAMP: h2v2 merged  IDCT: 1x1 islow/2x2 islow
-  #         ENT: huff
-  foreach(scale 2_1 15_8 13_8 11_8 9_8 7_8 3_4 5_8 1_2 3_8 1_4 1_8)
-    string(REGEX REPLACE "_" "/" scalearg ${scale})
-    add_bittest(djpeg 420m-islow-${scale}
-      "-dct;int;-scale;${scalearg};-nosmooth;-ppm"
-      testout_420m_islow_${scale}.ppm ${TESTIMAGES}/${TESTORIG}
-      ${MD5_PPM_420M_ISLOW_${scale}})
-  endforeach()
-
-  if(NOT WITH_12BIT)
-    # CC: YCC->RGB (dithered)  SAMP: h2v2 fancy  IDCT: islow  ENT: huff
-    add_bittest(djpeg 420-islow-256 "-dct;int;-colors;256;-bmp"
-      testout_420_islow_256.bmp ${TESTIMAGES}/${TESTORIG}
-      ${MD5_BMP_420_ISLOW_256})
-
-    # CC: YCC->RGB565  SAMP: h2v2 fancy  IDCT: islow  ENT: huff
-    add_bittest(djpeg 420-islow-565 "-dct;int;-rgb565;-dither;none;-bmp"
-      testout_420_islow_565.bmp ${TESTIMAGES}/${TESTORIG}
-      ${MD5_BMP_420_ISLOW_565})
-
-    # CC: YCC->RGB565 (dithered)  SAMP: h2v2 fancy  IDCT: islow  ENT: huff
-    add_bittest(djpeg 420-islow-565D "-dct;int;-rgb565;-bmp"
-      testout_420_islow_565D.bmp ${TESTIMAGES}/${TESTORIG}
-      ${MD5_BMP_420_ISLOW_565D})
-
-    # CC: YCC->RGB565  SAMP: h2v2 merged  IDCT: islow  ENT: huff
-    add_bittest(djpeg 420m-islow-565
-      "-dct;int;-nosmooth;-rgb565;-dither;none;-bmp"
-      testout_420m_islow_565.bmp ${TESTIMAGES}/${TESTORIG}
-      ${MD5_BMP_420M_ISLOW_565})
-
-    # CC: YCC->RGB565 (dithered)  SAMP: h2v2 merged  IDCT: islow  ENT: huff
-    add_bittest(djpeg 420m-islow-565D "-dct;int;-nosmooth;-rgb565;-bmp"
-      testout_420m_islow_565D.bmp ${TESTIMAGES}/${TESTORIG}
-      ${MD5_BMP_420M_ISLOW_565D})
-  endif()
-
-  # Partial decode tests.  These tests are designed to cover all of the
-  # possible code paths in jpeg_skip_scanlines().
-
-  # Context rows: Yes  Intra-iMCU row: Yes  iMCU row prefetch: No   ENT: huff
-  add_bittest(djpeg 420-islow-skip15_31 "-dct;int;-skip;15,31;-ppm"
-    testout_420_islow_skip15,31.ppm ${TESTIMAGES}/${TESTORIG}
-    ${MD5_PPM_420_ISLOW_SKIP15_31})
-
-  # Context rows: Yes  Intra-iMCU row: No   iMCU row prefetch: Yes  ENT: arith
-  if(WITH_ARITH_DEC)
-    add_bittest(djpeg 420-islow-ari-skip16_139 "-dct;int;-skip;16,139;-ppm"
-      testout_420_islow_ari_skip16,139.ppm ${TESTIMAGES}/testimgari.jpg
-      ${MD5_PPM_420_ISLOW_ARI_SKIP16_139})
-  endif()
-
-  # Context rows: Yes  Intra-iMCU row: No   iMCU row prefetch: No   ENT: prog huff
-  add_test(cjpeg-${libtype}-420-islow-prog
-    ${CMAKE_CROSSCOMPILING_EMULATOR} cjpeg${suffix} -dct int -prog
-      -outfile testout_420_islow_prog.jpg ${TESTIMAGES}/testorig.ppm)
-  add_bittest(djpeg 420-islow-prog-crop62x62_71_71
-    "-dct;int;-crop;62x62+71+71;-ppm"
-    testout_420_islow_prog_crop62x62,71,71.ppm testout_420_islow_prog.jpg
-    ${MD5_PPM_420_ISLOW_PROG_CROP62x62_71_71} cjpeg-${libtype}-420-islow-prog)
-
-  # Context rows: Yes  Intra-iMCU row: No   iMCU row prefetch: No   ENT: arith
-  if(WITH_ARITH_DEC)
-    add_bittest(djpeg 420-islow-ari-crop53x53_4_4
-      "-dct;int;-crop;53x53+4+4;-ppm"
-      testout_420_islow_ari_crop53x53,4,4.ppm ${TESTIMAGES}/testimgari.jpg
-      ${MD5_PPM_420_ISLOW_ARI_CROP53x53_4_4})
-  endif()
-
-  # Context rows: No   Intra-iMCU row: Yes  ENT: huff
-  add_test(cjpeg-${libtype}-444-islow
-    ${CMAKE_CROSSCOMPILING_EMULATOR} cjpeg${suffix} -dct int -sample 1x1
-      -outfile testout_444_islow.jpg ${TESTIMAGES}/testorig.ppm)
-  add_bittest(djpeg 444-islow-skip1_6 "-dct;int;-skip;1,6;-ppm"
-    testout_444_islow_skip1,6.ppm testout_444_islow.jpg
-    ${MD5_PPM_444_ISLOW_SKIP1_6} cjpeg-${libtype}-444-islow)
-
-  # Context rows: No   Intra-iMCU row: No   ENT: prog huff
-  add_test(cjpeg-${libtype}-444-islow-prog
-    ${CMAKE_CROSSCOMPILING_EMULATOR} cjpeg${suffix} -dct int -prog -sample 1x1
-      -outfile testout_444_islow_prog.jpg ${TESTIMAGES}/testorig.ppm)
-  add_bittest(djpeg 444-islow-prog-crop98x98_13_13
-    "-dct;int;-crop;98x98+13+13;-ppm"
-    testout_444_islow_prog_crop98x98,13,13.ppm testout_444_islow_prog.jpg
-    ${MD5_PPM_444_ISLOW_PROG_CROP98x98_13_13} cjpeg-${libtype}-444-islow-prog)
-
-  # Context rows: No   Intra-iMCU row: No   ENT: arith
-  if(WITH_ARITH_ENC)
-    add_test(cjpeg-${libtype}-444-islow-ari
-      ${CMAKE_CROSSCOMPILING_EMULATOR} cjpeg${suffix} -dct int -arithmetic
-        -sample 1x1 -outfile testout_444_islow_ari.jpg
-        ${TESTIMAGES}/testorig.ppm)
-    if(WITH_ARITH_DEC)
-      add_bittest(djpeg 444-islow-ari-crop37x37_0_0
-        "-dct;int;-crop;37x37+0+0;-ppm"
-        testout_444_islow_ari_crop37x37,0,0.ppm testout_444_islow_ari.jpg
-        ${MD5_PPM_444_ISLOW_ARI_CROP37x37_0_0} cjpeg-${libtype}-444-islow-ari)
-    endif()
-  endif()
-
-  add_bittest(jpegtran crop "-crop;120x90+20+50;-transpose;-perfect"
-    testout_crop.jpg ${TESTIMAGES}/${TESTORIG}
-    ${MD5_JPEG_CROP})
-
-endforeach()
-
-add_custom_target(testclean COMMAND ${CMAKE_COMMAND} -P
-  ${CMAKE_CURRENT_SOURCE_DIR}/cmakescripts/testclean.cmake)
-
-configure_file(croptest.in croptest @ONLY)
-add_custom_target(croptest
-  COMMAND echo croptest
-  COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/croptest)
-
-if(WITH_TURBOJPEG)
-  configure_file(tjbenchtest.in tjbenchtest @ONLY)
-  configure_file(tjexampletest.in tjexampletest @ONLY)
-  if(WIN32)
-    set(BASH bash)
-  endif()
-  if(WITH_JAVA)
-    configure_file(tjbenchtest.java.in tjbenchtest.java @ONLY)
-    configure_file(tjexampletest.java.in tjexampletest.java @ONLY)
-    add_custom_target(tjtest
-      COMMAND echo tjbenchtest
-      COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/tjbenchtest
-      COMMAND echo tjbenchtest -alloc
-      COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/tjbenchtest -alloc
-      COMMAND echo tjbenchtest -yuv
-      COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/tjbenchtest -yuv
-      COMMAND echo tjbenchtest -yuv -alloc
-      COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/tjbenchtest -yuv -alloc
-      COMMAND echo tjbenchtest -progressive
-      COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/tjbenchtest -progressive
-      COMMAND echo tjbenchtest -progressive -yuv
-      COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/tjbenchtest -progressive -yuv
-      COMMAND echo tjexampletest
-      COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/tjexampletest
-      COMMAND echo tjbenchtest.java
-      COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/tjbenchtest.java
-      COMMAND echo tjbenchtest.java -yuv
-      COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/tjbenchtest.java -yuv
-      COMMAND echo tjbenchtest.java -progressive
-      COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/tjbenchtest.java -progressive
-      COMMAND echo tjexampletest.java -progressive -yuv
-      COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/tjbenchtest.java
-        -progressive -yuv
-      COMMAND echo tjexampletest.java
-      COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/tjexampletest.java
-      DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/tjbenchtest
-        ${CMAKE_CURRENT_BINARY_DIR}/tjbenchtest.java
-        ${CMAKE_CURRENT_BINARY_DIR}/tjexampletest)
-  else()
-    add_custom_target(tjtest
-      COMMAND echo tjbenchtest
-      COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/tjbenchtest
-      COMMAND echo tjbenchtest -alloc
-      COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/tjbenchtest -alloc
-      COMMAND echo tjbenchtest -yuv
-      COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/tjbenchtest -yuv
-      COMMAND echo tjbenchtest -yuv -alloc
-      COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/tjbenchtest -yuv -alloc
-      COMMAND echo tjbenchtest -progressive
-      COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/tjbenchtest -progressive
-      COMMAND echo tjbenchtest -progressive -yuv
-      COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/tjbenchtest -progressive -yuv
-      COMMAND echo tjexampletest
-      COMMAND ${BASH} ${CMAKE_CURRENT_BINARY_DIR}/tjexampletest
-      DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/tjbenchtest)
-  endif()
-endif()
-
-
-###############################################################################
-# INSTALLATION
-###############################################################################
-
-set(EXE ${CMAKE_EXECUTABLE_SUFFIX})
-
-if(WITH_TURBOJPEG)
-  if(ENABLE_SHARED)
-    install(TARGETS turbojpeg EXPORT ${CMAKE_PROJECT_NAME}Targets
-      INCLUDES DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}
-      ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR}
-      LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR}
-      RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
-    install(TARGETS tjbench
-      RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
-    if(NOT CMAKE_VERSION VERSION_LESS "3.1" AND MSVC AND
-      CMAKE_C_LINKER_SUPPORTS_PDB)
-      install(FILES "$<TARGET_PDB_FILE:turbojpeg>"
-        DESTINATION ${CMAKE_INSTALL_BINDIR} OPTIONAL)
-    endif()
-  endif()
-  if(ENABLE_STATIC)
-    install(TARGETS turbojpeg-static EXPORT ${CMAKE_PROJECT_NAME}Targets
-      INCLUDES DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}
-      ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR})
-    if(NOT ENABLE_SHARED)
-      if(MSVC_IDE OR XCODE)
-        set(DIR "${CMAKE_CURRENT_BINARY_DIR}/\${CMAKE_INSTALL_CONFIG_NAME}")
-      else()
-        set(DIR ${CMAKE_CURRENT_BINARY_DIR})
-      endif()
-      install(PROGRAMS ${DIR}/tjbench-static${EXE}
-        DESTINATION ${CMAKE_INSTALL_BINDIR} RENAME tjbench${EXE})
-    endif()
-  endif()
-  install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/turbojpeg.h
-    DESTINATION ${CMAKE_INSTALL_INCLUDEDIR})
-endif()
-
-if(ENABLE_STATIC)
-  install(TARGETS jpeg-static EXPORT ${CMAKE_PROJECT_NAME}Targets
-    INCLUDES DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}
-    ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR})
-  if(NOT ENABLE_SHARED)
-    if(MSVC_IDE OR XCODE)
-      set(DIR "${CMAKE_CURRENT_BINARY_DIR}/\${CMAKE_INSTALL_CONFIG_NAME}")
-    else()
-      set(DIR ${CMAKE_CURRENT_BINARY_DIR})
-    endif()
-    install(PROGRAMS ${DIR}/cjpeg-static${EXE}
-      DESTINATION ${CMAKE_INSTALL_BINDIR} RENAME cjpeg${EXE})
-    install(PROGRAMS ${DIR}/djpeg-static${EXE}
-      DESTINATION ${CMAKE_INSTALL_BINDIR} RENAME djpeg${EXE})
-    install(PROGRAMS ${DIR}/jpegtran-static${EXE}
-      DESTINATION ${CMAKE_INSTALL_BINDIR} RENAME jpegtran${EXE})
-  endif()
-endif()
-
-install(TARGETS rdjpgcom wrjpgcom RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
-
-install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/README.ijg
-  ${CMAKE_CURRENT_SOURCE_DIR}/README.md ${CMAKE_CURRENT_SOURCE_DIR}/example.txt
-  ${CMAKE_CURRENT_SOURCE_DIR}/tjexample.c
-  ${CMAKE_CURRENT_SOURCE_DIR}/libjpeg.txt
-  ${CMAKE_CURRENT_SOURCE_DIR}/structure.txt
-  ${CMAKE_CURRENT_SOURCE_DIR}/usage.txt ${CMAKE_CURRENT_SOURCE_DIR}/wizard.txt
-  ${CMAKE_CURRENT_SOURCE_DIR}/LICENSE.md DESTINATION ${CMAKE_INSTALL_DOCDIR})
-if(WITH_JAVA)
-  install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/java/TJExample.java
-    DESTINATION ${CMAKE_INSTALL_DOCDIR})
-endif()
-
-if(UNIX OR MINGW)
-  install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/cjpeg.1
-    ${CMAKE_CURRENT_SOURCE_DIR}/djpeg.1 ${CMAKE_CURRENT_SOURCE_DIR}/jpegtran.1
-    ${CMAKE_CURRENT_SOURCE_DIR}/rdjpgcom.1
-    ${CMAKE_CURRENT_SOURCE_DIR}/wrjpgcom.1
-    DESTINATION ${CMAKE_INSTALL_MANDIR}/man1)
-endif()
-install(FILES ${CMAKE_CURRENT_BINARY_DIR}/pkgscripts/libjpeg.pc
-  ${CMAKE_CURRENT_BINARY_DIR}/pkgscripts/libturbojpeg.pc
-  DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig)
-install(FILES
-  ${CMAKE_CURRENT_BINARY_DIR}/pkgscripts/${CMAKE_PROJECT_NAME}Config.cmake
-  ${CMAKE_CURRENT_BINARY_DIR}/pkgscripts/${CMAKE_PROJECT_NAME}ConfigVersion.cmake
-  DESTINATION ${CMAKE_INSTALL_LIBDIR}/cmake/${CMAKE_PROJECT_NAME})
-install(EXPORT ${CMAKE_PROJECT_NAME}Targets
-  NAMESPACE ${CMAKE_PROJECT_NAME}::
-  DESTINATION ${CMAKE_INSTALL_LIBDIR}/cmake/${CMAKE_PROJECT_NAME})
-
-install(FILES ${CMAKE_CURRENT_BINARY_DIR}/jconfig.h
-  ${CMAKE_CURRENT_SOURCE_DIR}/jerror.h ${CMAKE_CURRENT_SOURCE_DIR}/jmorecfg.h
-  ${CMAKE_CURRENT_SOURCE_DIR}/jpeglib.h
-  DESTINATION ${CMAKE_INSTALL_INCLUDEDIR})
-
-include(cmakescripts/BuildPackages.cmake)
-
-configure_file("${CMAKE_CURRENT_SOURCE_DIR}/cmakescripts/cmake_uninstall.cmake.in"
-  "cmake_uninstall.cmake" IMMEDIATE @ONLY)
-
-add_custom_target(uninstall COMMAND ${CMAKE_COMMAND} -P cmake_uninstall.cmake)
diff --git a/3rdparty/libjpeg-turbo_2_1_0/ChangeLog.md b/3rdparty/libjpeg-turbo_2_1_0/ChangeLog.md
deleted file mode 100644
index 498b8f2..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/ChangeLog.md
+++ /dev/null
@@ -1,1754 +0,0 @@
-2.1.0
-=====
-
-### Significant changes relative to 2.1 beta1
-
-1. Fixed a regression introduced by 2.1 beta1[6(b)] whereby attempting to
-decompress certain progressive JPEG images with one or more component planes of
-width 8 or less caused a buffer overrun.
-
-2. Fixed a regression introduced by 2.1 beta1[6(b)] whereby attempting to
-decompress a specially-crafted malformed progressive JPEG image caused the
-block smoothing algorithm to read from uninitialized memory.
-
-3. Fixed an issue in the Arm Neon SIMD Huffman encoders that caused the
-encoders to generate incorrect results when using the Clang compiler with
-Visual Studio.
-
-4. Fixed a floating point exception (CVE-2021-20205) that occurred when
-attempting to compress a specially-crafted malformed GIF image with a specified
-image width of 0 using cjpeg.
-
-5. Fixed a regression introduced by 2.0 beta1[15] whereby attempting to
-generate a progressive JPEG image on an SSE2-capable CPU using a scan script
-containing one or more scans with lengths divisible by 32 and non-zero
-successive approximation low bit positions would, under certain circumstances,
-result in an error ("Missing Huffman code table entry") and an invalid JPEG
-image.
-
-6. Introduced a new flag (`TJFLAG_LIMITSCANS` in the TurboJPEG C API and
-`TJ.FLAG_LIMIT_SCANS` in the TurboJPEG Java API) and a corresponding TJBench
-command-line argument (`-limitscans`) that causes the TurboJPEG decompression
-and transform functions/operations to return/throw an error if a progressive
-JPEG image contains an unreasonably large number of scans.  This allows
-applications that use the TurboJPEG API to guard against an exploit of the
-progressive JPEG format described in the report
-["Two Issues with the JPEG Standard"](https://libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf).
-
-7. The PPM reader now throws an error, rather than segfaulting (due to a buffer
-overrun) or generating incorrect pixels, if an application attempts to use the
-`tjLoadImage()` function to load a 16-bit binary PPM file (a binary PPM file
-with a maximum value greater than 255) into a grayscale image buffer or to load
-a 16-bit binary PGM file into an RGB image buffer.
-
-8. Fixed an issue in the PPM reader that caused incorrect pixels to be
-generated when using the `tjLoadImage()` function to load a 16-bit binary PPM
-file into an extended RGB image buffer.
-
-9. Fixed an issue whereby, if a JPEG buffer was automatically re-allocated by
-one of the TurboJPEG compression or transform functions and an error
-subsequently occurred during compression or transformation, the JPEG buffer
-pointer passed by the application was not updated when the function returned.
-
-
-2.0.90 (2.1 beta1)
-==================
-
-### Significant changes relative to 2.0.6:
-
-1. The build system, x86-64 SIMD extensions, and accelerated Huffman codec now
-support the x32 ABI on Linux, which allows for using x86-64 instructions with
-32-bit pointers.  The x32 ABI is generally enabled by adding `-mx32` to the
-compiler flags.
-
-     Caveats:
-     - CMake 3.9.0 or later is required in order for the build system to
-automatically detect an x32 build.
-     - Java does not support the x32 ABI, and thus the TurboJPEG Java API will
-automatically be disabled with x32 builds.
-
-2. Added Loongson MMI SIMD implementations of the RGB-to-grayscale, 4:2:2 fancy
-chroma upsampling, 4:2:2 and 4:2:0 merged chroma upsampling/color conversion,
-and fast integer DCT/IDCT algorithms.  Relative to libjpeg-turbo 2.0.x, this
-speeds up:
-
-     - the compression of RGB source images into grayscale JPEG images by
-approximately 20%
-     - the decompression of 4:2:2 JPEG images by approximately 40-60% when
-using fancy upsampling
-     - the decompression of 4:2:2 and 4:2:0 JPEG images by approximately
-15-20% when using merged upsampling
-     - the compression of RGB source images by approximately 30-45% when using
-the fast integer DCT
-     - the decompression of JPEG images into RGB destination images by
-approximately 2x when using the fast integer IDCT
-
-    The overall decompression speedup for RGB images is now approximately
-2.3-3.7x (compared to 2-3.5x with libjpeg-turbo 2.0.x.)
-
-3. 32-bit (Armv7 or Armv7s) iOS builds of libjpeg-turbo are no longer
-supported, and the libjpeg-turbo build system can no longer be used to package
-such builds.  32-bit iOS apps cannot run in iOS 11 and later, and the App Store
-no longer allows them.
-
-4. 32-bit (i386) OS X/macOS builds of libjpeg-turbo are no longer supported,
-and the libjpeg-turbo build system can no longer be used to package such
-builds.  32-bit Mac applications cannot run in macOS 10.15 "Catalina" and
-later, and the App Store no longer allows them.
-
-5. The SSE2 (x86 SIMD) and C Huffman encoding algorithms have been
-significantly optimized, resulting in a measured average overall compression
-speedup of 12-28% for 64-bit code and 22-52% for 32-bit code on various Intel
-and AMD CPUs, as well as a measured average overall compression speedup of
-0-23% on platforms that do not have a SIMD-accelerated Huffman encoding
-implementation.
-
-6. The block smoothing algorithm that is applied by default when decompressing
-progressive Huffman-encoded JPEG images has been improved in the following
-ways:
-
-     - The algorithm is now more fault-tolerant.  Previously, if a particular
-scan was incomplete, then the smoothing parameters for the incomplete scan
-would be applied to the entire output image, including the parts of the image
-that were generated by the prior (complete) scan.  Visually, this had the
-effect of removing block smoothing from lower-frequency scans if they were
-followed by an incomplete higher-frequency scan.  libjpeg-turbo now applies
-block smoothing parameters to each iMCU row based on which scan generated the
-pixels in that row, rather than always using the block smoothing parameters for
-the most recent scan.
-     - When applying block smoothing to DC scans, a Gaussian-like kernel with a
-5x5 window is used to reduce the "blocky" appearance.
-
-7. Added SIMD acceleration for progressive Huffman encoding on Arm platforms.
-This speeds up the compression of full-color progressive JPEGs by about 30-40%
-on average (relative to libjpeg-turbo 2.0.x) when using modern Arm CPUs.
-
-8. Added configure-time and run-time auto-detection of Loongson MMI SIMD
-instructions, so that the Loongson MMI SIMD extensions can be included in any
-MIPS64 libjpeg-turbo build.
-
-9. Added fault tolerance features to djpeg and jpegtran, mainly to demonstrate
-methods by which applications can guard against the exploits of the JPEG format
-described in the report
-["Two Issues with the JPEG Standard"](https://libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf).
-
-     - Both programs now accept a `-maxscans` argument, which can be used to
-limit the number of allowable scans in the input file.
-     - Both programs now accept a `-strict` argument, which can be used to
-treat all warnings as fatal.
-
-10. CMake package config files are now included for both the libjpeg and
-TurboJPEG API libraries.  This facilitates using libjpeg-turbo with CMake's
-`find_package()` function.  For example:
-
-        find_package(libjpeg-turbo CONFIG REQUIRED)
-
-        add_executable(libjpeg_program libjpeg_program.c)
-        target_link_libraries(libjpeg_program PUBLIC libjpeg-turbo::jpeg)
-
-        add_executable(libjpeg_program_static libjpeg_program.c)
-        target_link_libraries(libjpeg_program_static PUBLIC
-          libjpeg-turbo::jpeg-static)
-
-        add_executable(turbojpeg_program turbojpeg_program.c)
-        target_link_libraries(turbojpeg_program PUBLIC
-          libjpeg-turbo::turbojpeg)
-
-        add_executable(turbojpeg_program_static turbojpeg_program.c)
-        target_link_libraries(turbojpeg_program_static PUBLIC
-          libjpeg-turbo::turbojpeg-static)
-
-11. Since the Unisys LZW patent has long expired, cjpeg and djpeg can now
-read/write both LZW-compressed and uncompressed GIF files (feature ported from
-jpeg-6a and jpeg-9d.)
-
-12. jpegtran now includes the `-wipe` and `-drop` options from jpeg-9a and
-jpeg-9d, as well as the ability to expand the image size using the `-crop`
-option.  Refer to jpegtran.1 or usage.txt for more details.
-
-13. Added a complete intrinsics implementation of the Arm Neon SIMD extensions,
-thus providing SIMD acceleration on Arm platforms for all of the algorithms
-that are SIMD-accelerated on x86 platforms.  This new implementation is
-significantly faster in some cases than the old GAS implementation--
-depending on the algorithms used, the type of CPU core, and the compiler.  GCC,
-as of this writing, does not provide a full or optimal set of Neon intrinsics,
-so for performance reasons, the default when building libjpeg-turbo with GCC is
-to continue using the GAS implementation of the following algorithms:
-
-     - 32-bit RGB-to-YCbCr color conversion
-     - 32-bit fast and accurate inverse DCT
-     - 64-bit RGB-to-YCbCr and YCbCr-to-RGB color conversion
-     - 64-bit accurate forward and inverse DCT
-     - 64-bit Huffman encoding
-
-    A new CMake variable (`NEON_INTRINSICS`) can be used to override this
-default.
-
-    Since the new intrinsics implementation includes SIMD acceleration
-for merged upsampling/color conversion, 1.5.1[5] is no longer necessary and has
-been reverted.
-
-14. The Arm Neon SIMD extensions can now be built using Visual Studio.
-
-15. The build system can now be used to generate a universal x86-64 + Armv8
-libjpeg-turbo SDK package for both iOS and macOS.
-
-
-2.0.6
-=====
-
-### Significant changes relative to 2.0.5:
-
-1. Fixed "using JNI after critical get" errors that occurred on Android
-platforms when using any of the YUV encoding/compression/decompression/decoding
-methods in the TurboJPEG Java API.
-
-2. Fixed or worked around multiple issues with `jpeg_skip_scanlines()`:
-
-     - Fixed segfaults or "Corrupt JPEG data: premature end of data segment"
-errors in `jpeg_skip_scanlines()` that occurred when decompressing 4:2:2 or
-4:2:0 JPEG images using merged (non-fancy) upsampling/color conversion (that
-is, when setting `cinfo.do_fancy_upsampling` to `FALSE`.)  2.0.0[6] was a
-similar fix, but it did not cover all cases.
-     - `jpeg_skip_scanlines()` now throws an error if two-pass color
-quantization is enabled.  Two-pass color quantization never worked properly
-with `jpeg_skip_scanlines()`, and the issues could not readily be fixed.
-     - Fixed an issue whereby `jpeg_skip_scanlines()` always returned 0 when
-skipping past the end of an image.
-
-3. The Arm 64-bit (Armv8) Neon SIMD extensions can now be built using MinGW
-toolchains targetting Arm64 (AArch64) Windows binaries.
-
-4. Fixed unexpected visual artifacts that occurred when using
-`jpeg_crop_scanline()` and interblock smoothing while decompressing only the DC
-scan of a progressive JPEG image.
-
-5. Fixed an issue whereby libjpeg-turbo would not build if 12-bit-per-component
-JPEG support (`WITH_12BIT`) was enabled along with libjpeg v7 or libjpeg v8
-API/ABI emulation (`WITH_JPEG7` or `WITH_JPEG8`.)
-
-
-2.0.5
-=====
-
-### Significant changes relative to 2.0.4:
-
-1. Worked around issues in the MIPS DSPr2 SIMD extensions that caused failures
-in the libjpeg-turbo regression tests.  Specifically, the
-`jsimd_h2v1_downsample_dspr2()` and `jsimd_h2v2_downsample_dspr2()` functions
-in the MIPS DSPr2 SIMD extensions are now disabled until/unless they can be
-fixed, and other functions that are incompatible with big endian MIPS CPUs are
-disabled when building libjpeg-turbo for such CPUs.
-
-2. Fixed an oversight in the `TJCompressor.compress(int)` method in the
-TurboJPEG Java API that caused an error ("java.lang.IllegalStateException: No
-source image is associated with this instance") when attempting to use that
-method to compress a YUV image.
-
-3. Fixed an issue (CVE-2020-13790) in the PPM reader that caused a buffer
-overrun in cjpeg, TJBench, or the `tjLoadImage()` function if one of the values
-in a binary PPM/PGM input file exceeded the maximum value defined in the file's
-header and that maximum value was less than 255.  libjpeg-turbo 1.5.0 already
-included a similar fix for binary PPM/PGM files with maximum values greater
-than 255.
-
-4. The TurboJPEG API library's global error handler, which is used in functions
-such as `tjBufSize()` and `tjLoadImage()` that do not require a TurboJPEG
-instance handle, is now thread-safe on platforms that support thread-local
-storage.
-
-
-2.0.4
-=====
-
-### Significant changes relative to 2.0.3:
-
-1. Fixed a regression in the Windows packaging system (introduced by
-2.0 beta1[2]) whereby, if both the 64-bit libjpeg-turbo SDK for GCC and the
-64-bit libjpeg-turbo SDK for Visual C++ were installed on the same system, only
-one of them could be uninstalled.
-
-2. Fixed a signed integer overflow and subsequent segfault that occurred when
-attempting to decompress images with more than 715827882 pixels using the
-64-bit C version of TJBench.
-
-3. Fixed out-of-bounds write in `tjDecompressToYUV2()` and
-`tjDecompressToYUVPlanes()` (sometimes manifesting as a double free) that
-occurred when attempting to decompress grayscale JPEG images that were
-compressed with a sampling factor other than 1 (for instance, with
-`cjpeg -grayscale -sample 2x2`).
-
-4. Fixed a regression introduced by 2.0.2[5] that caused the TurboJPEG API to
-incorrectly identify some JPEG images with unusual sampling factors as 4:4:4
-JPEG images.  This was known to cause a buffer overflow when attempting to
-decompress some such images using `tjDecompressToYUV2()` or
-`tjDecompressToYUVPlanes()`.
-
-5. Fixed an issue, detected by ASan, whereby attempting to losslessly transform
-a specially-crafted malformed JPEG image containing an extremely-high-frequency
-coefficient block (junk image data that could never be generated by a
-legitimate JPEG compressor) could cause the Huffman encoder's local buffer to
-be overrun. (Refer to 1.4.0[9] and 1.4beta1[15].)  Given that the buffer
-overrun was fully contained within the stack and did not cause a segfault or
-other user-visible errant behavior, and given that the lossless transformer
-(unlike the decompressor) is not generally exposed to arbitrary data exploits,
-this issue did not likely pose a security risk.
-
-6. The Arm 64-bit (Armv8) Neon SIMD assembly code now stores constants in a
-separate read-only data section rather than in the text section, to support
-execute-only memory layouts.
-
-
-2.0.3
-=====
-
-### Significant changes relative to 2.0.2:
-
-1. Fixed "using JNI after critical get" errors that occurred on Android
-platforms when passing invalid arguments to certain methods in the TurboJPEG
-Java API.
-
-2. Fixed a regression in the SIMD feature detection code, introduced by
-the AVX2 SIMD extensions (2.0 beta1[1]), that was known to cause an illegal
-instruction exception, in rare cases, on CPUs that lack support for CPUID leaf
-07H (or on which the maximum CPUID leaf has been limited by way of a BIOS
-setting.)
-
-3. The 4:4:0 (h1v2) fancy (smooth) chroma upsampling algorithm in the
-decompressor now uses a similar bias pattern to that of the 4:2:2 (h2v1) fancy
-chroma upsampling algorithm, rounding up or down the upsampled result for
-alternate pixels rather than always rounding down.  This ensures that,
-regardless of whether a 4:2:2 JPEG image is rotated or transposed prior to
-decompression (in the frequency domain) or after decompression (in the spatial
-domain), the final image will be similar.
-
-4. Fixed an integer overflow and subsequent segfault that occurred when
-attempting to compress or decompress images with more than 1 billion pixels
-using the TurboJPEG API.
-
-5. Fixed a regression introduced by 2.0 beta1[15] whereby attempting to
-generate a progressive JPEG image on an SSE2-capable CPU using a scan script
-containing one or more scans with lengths divisible by 16 would result in an
-error ("Missing Huffman code table entry") and an invalid JPEG image.
-
-6. Fixed an issue whereby `tjDecodeYUV()` and `tjDecodeYUVPlanes()` would throw
-an error ("Invalid progressive parameters") or a warning ("Inconsistent
-progression sequence") if passed a TurboJPEG instance that was previously used
-to decompress a progressive JPEG image.
-
-
-2.0.2
-=====
-
-### Significant changes relative to 2.0.1:
-
-1. Fixed a regression introduced by 2.0.1[5] that prevented a runtime search
-path (rpath) from being embedded in the libjpeg-turbo shared libraries and
-executables for macOS and iOS.  This caused a fatal error of the form
-"dyld: Library not loaded" when attempting to use one of the executables,
-unless `DYLD_LIBRARY_PATH` was explicitly set to the location of the
-libjpeg-turbo shared libraries.
-
-2. Fixed an integer overflow and subsequent segfault (CVE-2018-20330) that
-occurred when attempting to load a BMP file with more than 1 billion pixels
-using the `tjLoadImage()` function.
-
-3. Fixed a buffer overrun (CVE-2018-19664) that occurred when attempting to
-decompress a specially-crafted malformed JPEG image to a 256-color BMP using
-djpeg.
-
-4. Fixed a floating point exception that occurred when attempting to
-decompress a specially-crafted malformed JPEG image with a specified image
-width or height of 0 using the C version of TJBench.
-
-5. The TurboJPEG API will now decompress 4:4:4 JPEG images with 2x1, 1x2, 3x1,
-or 1x3 luminance and chrominance sampling factors.  This is a non-standard way
-of specifying 1x subsampling (normally 4:4:4 JPEGs have 1x1 luminance and
-chrominance sampling factors), but the JPEG format and the libjpeg API both
-allow it.
-
-6. Fixed a regression introduced by 2.0 beta1[7] that caused djpeg to generate
-incorrect PPM images when used with the `-colors` option.
-
-7. Fixed an issue whereby a static build of libjpeg-turbo (a build in which
-`ENABLE_SHARED` is `0`) could not be installed using the Visual Studio IDE.
-
-8. Fixed a severe performance issue in the Loongson MMI SIMD extensions that
-occurred when compressing RGB images whose image rows were not 64-bit-aligned.
-
-
-2.0.1
-=====
-
-### Significant changes relative to 2.0.0:
-
-1. Fixed a regression introduced with the new CMake-based Un*x build system,
-whereby jconfig.h could cause compiler warnings of the form
-`"HAVE_*_H" redefined` if it was included by downstream Autotools-based
-projects that used `AC_CHECK_HEADERS()` to check for the existence of locale.h,
-stddef.h, or stdlib.h.
-
-2. The `jsimd_quantize_float_dspr2()` and `jsimd_convsamp_float_dspr2()`
-functions in the MIPS DSPr2 SIMD extensions are now disabled at compile time
-if the soft float ABI is enabled.  Those functions use instructions that are
-incompatible with the soft float ABI.
-
-3. Fixed a regression in the SIMD feature detection code, introduced by
-the AVX2 SIMD extensions (2.0 beta1[1]), that caused libjpeg-turbo to crash on
-Windows 7 if Service Pack 1 was not installed.
-
-4. Fixed out-of-bounds read in cjpeg that occurred when attempting to compress
-a specially-crafted malformed color-index (8-bit-per-sample) Targa file in
-which some of the samples (color indices) exceeded the bounds of the Targa
-file's color table.
-
-5. Fixed an issue whereby installing a fully static build of libjpeg-turbo
-(a build in which `CFLAGS` contains `-static` and `ENABLE_SHARED` is `0`) would
-fail with "No valid ELF RPATH or RUNPATH entry exists in the file."
-
-
-2.0.0
-=====
-
-### Significant changes relative to 2.0 beta1:
-
-1. The TurboJPEG API can now decompress CMYK JPEG images that have subsampled M
-and Y components (not to be confused with YCCK JPEG images, in which the C/M/Y
-components have been transformed into luma and chroma.)   Previously, an error
-was generated ("Could not determine subsampling type for JPEG image") when such
-an image was passed to `tjDecompressHeader3()`, `tjTransform()`,
-`tjDecompressToYUVPlanes()`, `tjDecompressToYUV2()`, or the equivalent Java
-methods.
-
-2. Fixed an issue (CVE-2018-11813) whereby a specially-crafted malformed input
-file (specifically, a file with a valid Targa header but incomplete pixel data)
-would cause cjpeg to generate a JPEG file that was potentially thousands of
-times larger than the input file.  The Targa reader in cjpeg was not properly
-detecting that the end of the input file had been reached prematurely, so after
-all valid pixels had been read from the input, the reader injected dummy pixels
-with values of 255 into the JPEG compressor until the number of pixels
-specified in the Targa header had been compressed.  The Targa reader in cjpeg
-now behaves like the PPM reader and aborts compression if the end of the input
-file is reached prematurely.  Because this issue only affected cjpeg and not
-the underlying library, and because it did not involve any out-of-bounds reads
-or other exploitable behaviors, it was not believed to represent a security
-threat.
-
-3. Fixed an issue whereby the `tjLoadImage()` and `tjSaveImage()` functions
-would produce a "Bogus message code" error message if the underlying bitmap and
-PPM readers/writers threw an error that was specific to the readers/writers
-(as opposed to a general libjpeg API error.)
-
-4. Fixed an issue (CVE-2018-1152) whereby a specially-crafted malformed BMP
-file, one in which the header specified an image width of 1073741824 pixels,
-would trigger a floating point exception (division by zero) in the
-`tjLoadImage()` function when attempting to load the BMP file into a
-4-component image buffer.
-
-5. Fixed an issue whereby certain combinations of calls to
-`jpeg_skip_scanlines()` and `jpeg_read_scanlines()` could trigger an infinite
-loop when decompressing progressive JPEG images that use vertical chroma
-subsampling (for instance, 4:2:0 or 4:4:0.)
-
-6. Fixed a segfault in `jpeg_skip_scanlines()` that occurred when decompressing
-a 4:2:2 or 4:2:0 JPEG image using the merged (non-fancy) upsampling algorithms
-(that is, when setting `cinfo.do_fancy_upsampling` to `FALSE`.)
-
-7. The new CMake-based build system will now disable the MIPS DSPr2 SIMD
-extensions if it detects that the compiler does not support DSPr2 instructions.
-
-8. Fixed out-of-bounds read in cjpeg (CVE-2018-14498) that occurred when
-attempting to compress a specially-crafted malformed color-index
-(8-bit-per-sample) BMP file in which some of the samples (color indices)
-exceeded the bounds of the BMP file's color table.
-
-9. Fixed a signed integer overflow in the progressive Huffman decoder, detected
-by the Clang and GCC undefined behavior sanitizers, that could be triggered by
-attempting to decompress a specially-crafted malformed JPEG image.  This issue
-did not pose a security threat, but removing the warning made it easier to
-detect actual security issues, should they arise in the future.
-
-
-1.5.90 (2.0 beta1)
-==================
-
-### Significant changes relative to 1.5.3:
-
-1. Added AVX2 SIMD implementations of the colorspace conversion, chroma
-downsampling and upsampling, integer quantization and sample conversion, and
-accurate integer DCT/IDCT algorithms.  When using the accurate integer DCT/IDCT
-algorithms on AVX2-equipped CPUs, the compression of RGB images is
-approximately 13-36% (avg. 22%) faster (relative to libjpeg-turbo 1.5.x) with
-64-bit code and 11-21% (avg. 17%) faster with 32-bit code, and the
-decompression of RGB images is approximately 9-35% (avg. 17%) faster with
-64-bit code and 7-17% (avg. 12%) faster with 32-bit code.  (As tested on a
-3 GHz Intel Core i7.  Actual mileage may vary.)
-
-2. Overhauled the build system to use CMake on all platforms, and removed the
-autotools-based build system.  This decision resulted from extensive
-discussions within the libjpeg-turbo community.  libjpeg-turbo traditionally
-used CMake only for Windows builds, but there was an increasing amount of
-demand to extend CMake support to other platforms.  However, because of the
-unique nature of our code base (the need to support different assemblers on
-each platform, the need for Java support, etc.), providing dual build systems
-as other OSS imaging libraries do (including libpng and libtiff) would have
-created a maintenance burden.  The use of CMake greatly simplifies some aspects
-of our build system, owing to CMake's built-in support for various assemblers,
-Java, and unit testing, as well as generally fewer quirks that have to be
-worked around in order to implement our packaging system.  Eliminating
-autotools puts our project slightly at odds with the traditional practices of
-the OSS community, since most "system libraries" tend to be built with
-autotools, but it is believed that the benefits of this move outweigh the
-risks.  In addition to providing a unified build environment, switching to
-CMake allows for the use of various build tools and IDEs that aren't supported
-under autotools, including XCode, Ninja, and Eclipse.  It also eliminates the
-need to install autotools via MacPorts/Homebrew on OS X and allows
-libjpeg-turbo to be configured without the use of a terminal/command prompt.
-Extensive testing was conducted to ensure that all features provided by the
-autotools-based build system are provided by the new build system.
-
-3. The libjpeg API in this version of libjpeg-turbo now includes two additional
-functions, `jpeg_read_icc_profile()` and `jpeg_write_icc_profile()`, that can
-be used to extract ICC profile data from a JPEG file while decompressing or to
-embed ICC profile data in a JPEG file while compressing or transforming.  This
-eliminates the need for downstream projects, such as color management libraries
-and browsers, to include their own glueware for accomplishing this.
-
-4. Improved error handling in the TurboJPEG API library:
-
-     - Introduced a new function (`tjGetErrorStr2()`) in the TurboJPEG C API
-that allows compression/decompression/transform error messages to be retrieved
-in a thread-safe manner.  Retrieving error messages from global functions, such
-as `tjInitCompress()` or `tjBufSize()`, is still thread-unsafe, but since those
-functions will only throw errors if passed an invalid argument or if a memory
-allocation failure occurs, thread safety is not as much of a concern.
-     - Introduced a new function (`tjGetErrorCode()`) in the TurboJPEG C API
-and a new method (`TJException.getErrorCode()`) in the TurboJPEG Java API that
-can be used to determine the severity of the last
-compression/decompression/transform error.  This allows applications to
-choose whether to ignore warnings (non-fatal errors) from the underlying
-libjpeg API or to treat them as fatal.
-     - Introduced a new flag (`TJFLAG_STOPONWARNING` in the TurboJPEG C API and
-`TJ.FLAG_STOPONWARNING` in the TurboJPEG Java API) that causes the library to
-immediately halt a compression/decompression/transform operation if it
-encounters a warning from the underlying libjpeg API (the default behavior is
-to allow the operation to complete unless a fatal error is encountered.)
-
-5. Introduced a new flag in the TurboJPEG C and Java APIs (`TJFLAG_PROGRESSIVE`
-and `TJ.FLAG_PROGRESSIVE`, respectively) that causes the library to use
-progressive entropy coding in JPEG images generated by compression and
-transform operations.  Additionally, a new transform option
-(`TJXOPT_PROGRESSIVE` in the C API and `TJTransform.OPT_PROGRESSIVE` in the
-Java API) has been introduced, allowing progressive entropy coding to be
-enabled for selected transforms in a multi-transform operation.
-
-6. Introduced a new transform option in the TurboJPEG API (`TJXOPT_COPYNONE` in
-the C API and `TJTransform.OPT_COPYNONE` in the Java API) that allows the
-copying of markers (including EXIF and ICC profile data) to be disabled for a
-particular transform.
-
-7. Added two functions to the TurboJPEG C API (`tjLoadImage()` and
-`tjSaveImage()`) that can be used to load/save a BMP or PPM/PGM image to/from a
-memory buffer with a specified pixel format and layout.  These functions
-replace the project-private (and slow) bmp API, which was previously used by
-TJBench, and they also provide a convenient way for first-time users of
-libjpeg-turbo to quickly develop a complete JPEG compression/decompression
-program.
-
-8. The TurboJPEG C API now includes a new convenience array (`tjAlphaOffset[]`)
-that contains the alpha component index for each pixel format (or -1 if the
-pixel format lacks an alpha component.)  The TurboJPEG Java API now includes a
-new method (`TJ.getAlphaOffset()`) that returns the same value.  In addition,
-the `tjRedOffset[]`, `tjGreenOffset[]`, and `tjBlueOffset[]` arrays-- and the
-corresponding `TJ.getRedOffset()`, `TJ.getGreenOffset()`, and
-`TJ.getBlueOffset()` methods-- now return -1 for `TJPF_GRAY`/`TJ.PF_GRAY`
-rather than 0.  This allows programs to easily determine whether a pixel format
-has red, green, blue, and alpha components.
-
-9. Added a new example (tjexample.c) that demonstrates the basic usage of the
-TurboJPEG C API.  This example mirrors the functionality of TJExample.java.
-Both files are now included in the libjpeg-turbo documentation.
-
-10. Fixed two signed integer overflows in the arithmetic decoder, detected by
-the Clang undefined behavior sanitizer, that could be triggered by attempting
-to decompress a specially-crafted malformed JPEG image.  These issues did not
-pose a security threat, but removing the warnings makes it easier to detect
-actual security issues, should they arise in the future.
-
-11. Fixed a bug in the merged 4:2:0 upsampling/dithered RGB565 color conversion
-algorithm that caused incorrect dithering in the output image.  This algorithm
-now produces bitwise-identical results to the unmerged algorithms.
-
-12. The SIMD function symbols for x86[-64]/ELF, MIPS/ELF, macOS/x86[-64] (if
-libjpeg-turbo is built with YASM), and iOS/Arm[64] builds are now private.
-This prevents those symbols from being exposed in applications or shared
-libraries that link statically with libjpeg-turbo.
-
-13. Added Loongson MMI SIMD implementations of the RGB-to-YCbCr and
-YCbCr-to-RGB colorspace conversion, 4:2:0 chroma downsampling, 4:2:0 fancy
-chroma upsampling, integer quantization, and accurate integer DCT/IDCT
-algorithms.  When using the accurate integer DCT/IDCT, this speeds up the
-compression of RGB images by approximately 70-100% and the decompression of RGB
-images by approximately 2-3.5x.
-
-14. Fixed a build error when building with older MinGW releases (regression
-caused by 1.5.1[7].)
-
-15. Added SIMD acceleration for progressive Huffman encoding on SSE2-capable
-x86 and x86-64 platforms.  This speeds up the compression of full-color
-progressive JPEGs by about 85-90% on average (relative to libjpeg-turbo 1.5.x)
-when using modern Intel and AMD CPUs.
-
-
-1.5.3
-=====
-
-### Significant changes relative to 1.5.2:
-
-1. Fixed a NullPointerException in the TurboJPEG Java wrapper that occurred
-when using the YUVImage constructor that creates an instance backed by separate
-image planes and allocates memory for the image planes.
-
-2. Fixed an issue whereby the Java version of TJUnitTest would fail when
-testing BufferedImage encoding/decoding on big endian systems.
-
-3. Fixed a segfault in djpeg that would occur if an output format other than
-PPM/PGM was selected along with the `-crop` option.  The `-crop` option now
-works with the GIF and Targa formats as well (unfortunately, it cannot be made
-to work with the BMP and RLE formats due to the fact that those output engines
-write scanlines in bottom-up order.)  djpeg will now exit gracefully if an
-output format other than PPM/PGM, GIF, or Targa is selected along with the
-`-crop` option.
-
-4. Fixed an issue (CVE-2017-15232) whereby `jpeg_skip_scanlines()` would
-segfault if color quantization was enabled.
-
-5. TJBench (both C and Java versions) will now display usage information if any
-command-line argument is unrecognized.  This prevents the program from silently
-ignoring typos.
-
-6. Fixed an access violation in tjbench.exe (Windows) that occurred when the
-program was used to decompress an existing JPEG image.
-
-7. Fixed an ArrayIndexOutOfBoundsException in the TJExample Java program that
-occurred when attempting to decompress a JPEG image that had been compressed
-with 4:1:1 chrominance subsampling.
-
-8. Fixed an issue whereby, when using `jpeg_skip_scanlines()` to skip to the
-end of a single-scan (non-progressive) image, subsequent calls to
-`jpeg_consume_input()` would return `JPEG_SUSPENDED` rather than
-`JPEG_REACHED_EOI`.
-
-9. `jpeg_crop_scanline()` now works correctly when decompressing grayscale JPEG
-images that were compressed with a sampling factor other than 1 (for instance,
-with `cjpeg -grayscale -sample 2x2`).
-
-
-1.5.2
-=====
-
-### Significant changes relative to 1.5.1:
-
-1. Fixed a regression introduced by 1.5.1[7] that prevented libjpeg-turbo from
-building with Android NDK platforms prior to android-21 (5.0).
-
-2. Fixed a regression introduced by 1.5.1[1] that prevented the MIPS DSPR2 SIMD
-code in libjpeg-turbo from building.
-
-3. Fixed a regression introduced by 1.5 beta1[11] that prevented the Java
-version of TJBench from outputting any reference images (the `-nowrite` switch
-was accidentally enabled by default.)
-
-4. libjpeg-turbo should now build and run with full AltiVec SIMD acceleration
-on PowerPC-based AmigaOS 4 and OpenBSD systems.
-
-5. Fixed build and runtime errors on Windows that occurred when building
-libjpeg-turbo with libjpeg v7 API/ABI emulation and the in-memory
-source/destination managers.  Due to an oversight, the `jpeg_skip_scanlines()`
-and `jpeg_crop_scanline()` functions were not being included in jpeg7.dll when
-libjpeg-turbo was built with `-DWITH_JPEG7=1` and `-DWITH_MEMSRCDST=1`.
-
-6. Fixed "Bogus virtual array access" error that occurred when using the
-lossless crop feature in jpegtran or the TurboJPEG API, if libjpeg-turbo was
-built with libjpeg v7 API/ABI emulation.  This was apparently a long-standing
-bug that has existed since the introduction of libjpeg v7/v8 API/ABI emulation
-in libjpeg-turbo v1.1.
-
-7. The lossless transform features in jpegtran and the TurboJPEG API will now
-always attempt to adjust the EXIF image width and height tags if the image size
-changed as a result of the transform.  This behavior has always existed when
-using libjpeg v8 API/ABI emulation.  It was supposed to be available with
-libjpeg v7 API/ABI emulation as well but did not work properly due to a bug.
-Furthermore, there was never any good reason not to enable it with libjpeg v6b
-API/ABI emulation, since the behavior is entirely internal.  Note that
-`-copy all` must be passed to jpegtran in order to transfer the EXIF tags from
-the source image to the destination image.
-
-8. Fixed several memory leaks in the TurboJPEG API library that could occur
-if the library was built with certain compilers and optimization levels
-(known to occur with GCC 4.x and clang with `-O1` and higher but not with
-GCC 5.x or 6.x) and one of the underlying libjpeg API functions threw an error
-after a TurboJPEG API function allocated a local buffer.
-
-9. The libjpeg-turbo memory manager will now honor the `max_memory_to_use`
-structure member in jpeg\_memory\_mgr, which can be set to the maximum amount
-of memory (in bytes) that libjpeg-turbo should use during decompression or
-multi-pass (including progressive) compression.  This limit can also be set
-using the `JPEGMEM` environment variable or using the `-maxmemory` switch in
-cjpeg/djpeg/jpegtran (refer to the respective man pages for more details.)
-This has been a documented feature of libjpeg since v5, but the
-`malloc()`/`free()` implementation of the memory manager (jmemnobs.c) never
-implemented the feature.  Restricting libjpeg-turbo's memory usage is useful
-for two reasons:  it allows testers to more easily work around the 2 GB limit
-in libFuzzer, and it allows developers of security-sensitive applications to
-more easily defend against one of the progressive JPEG exploits (LJT-01-004)
-identified in
-[this report](http://www.libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf).
-
-10. TJBench will now run each benchmark for 1 second prior to starting the
-timer, in order to improve the consistency of the results.  Furthermore, the
-`-warmup` option is now used to specify the amount of warmup time rather than
-the number of warmup iterations.
-
-11. Fixed an error (`short jump is out of range`) that occurred when assembling
-the 32-bit x86 SIMD extensions with NASM versions prior to 2.04.  This was a
-regression introduced by 1.5 beta1[12].
-
-
-1.5.1
-=====
-
-### Significant changes relative to 1.5.0:
-
-1. Previously, the undocumented `JSIMD_FORCE*` environment variables could be
-used to force-enable a particular SIMD instruction set if multiple instruction
-sets were available on a particular platform.  On x86 platforms, where CPU
-feature detection is bulletproof and multiple SIMD instruction sets are
-available, it makes sense for those environment variables to allow forcing the
-use of an instruction set only if that instruction set is available.  However,
-since the ARM implementations of libjpeg-turbo can only use one SIMD
-instruction set, and since their feature detection code is less bulletproof
-(parsing /proc/cpuinfo), it makes sense for the `JSIMD_FORCENEON` environment
-variable to bypass the feature detection code and really force the use of NEON
-instructions.  A new environment variable (`JSIMD_FORCEDSPR2`) was introduced
-in the MIPS implementation for the same reasons, and the existing
-`JSIMD_FORCENONE` environment variable was extended to that implementation.
-These environment variables provide a workaround for those attempting to test
-ARM and MIPS builds of libjpeg-turbo in QEMU, which passes through
-/proc/cpuinfo from the host system.
-
-2. libjpeg-turbo previously assumed that AltiVec instructions were always
-available on PowerPC platforms, which led to "illegal instruction" errors when
-running on PowerPC chips that lack AltiVec support (such as the older 7xx/G3
-and newer e5500 series.)  libjpeg-turbo now examines /proc/cpuinfo on
-Linux/Android systems and enables AltiVec instructions only if the CPU supports
-them.  It also now provides two environment variables, `JSIMD_FORCEALTIVEC` and
-`JSIMD_FORCENONE`, to force-enable and force-disable AltiVec instructions in
-environments where /proc/cpuinfo is an unreliable means of CPU feature
-detection (such as when running in QEMU.)  On OS X, libjpeg-turbo continues to
-assume that AltiVec support is always available, which means that libjpeg-turbo
-cannot be used with G3 Macs unless you set the environment variable
-`JSIMD_FORCENONE` to `1`.
-
-3. Fixed an issue whereby 64-bit ARM (AArch64) builds of libjpeg-turbo would
-crash when built with recent releases of the Clang/LLVM compiler.  This was
-caused by an ABI conformance issue in some of libjpeg-turbo's 64-bit NEON SIMD
-routines.  Those routines were incorrectly using 64-bit instructions to
-transfer a 32-bit JDIMENSION argument, whereas the ABI allows the upper
-(unused) 32 bits of a 32-bit argument's register to be undefined.  The new
-Clang/LLVM optimizer uses load combining to transfer multiple adjacent 32-bit
-structure members into a single 64-bit register, and this exposed the ABI
-conformance issue.
-
-4. Fancy upsampling is now supported when decompressing JPEG images that use
-4:4:0 (h1v2) chroma subsampling.  These images are generated when losslessly
-rotating or transposing JPEG images that use 4:2:2 (h2v1) chroma subsampling.
-The h1v2 fancy upsampling algorithm is not currently SIMD-accelerated.
-
-5. If merged upsampling isn't SIMD-accelerated but YCbCr-to-RGB conversion is,
-then libjpeg-turbo will now disable merged upsampling when decompressing YCbCr
-JPEG images into RGB or extended RGB output images.  This significantly speeds
-up the decompression of 4:2:0 and 4:2:2 JPEGs on ARM platforms if fancy
-upsampling is not used (for example, if the `-nosmooth` option to djpeg is
-specified.)
-
-6. The TurboJPEG API will now decompress 4:2:2 and 4:4:0 JPEG images with
-2x2 luminance sampling factors and 2x1 or 1x2 chrominance sampling factors.
-This is a non-standard way of specifying 2x subsampling (normally 4:2:2 JPEGs
-have 2x1 luminance and 1x1 chrominance sampling factors, and 4:4:0 JPEGs have
-1x2 luminance and 1x1 chrominance sampling factors), but the JPEG format and
-the libjpeg API both allow it.
-
-7. Fixed an unsigned integer overflow in the libjpeg memory manager, detected
-by the Clang undefined behavior sanitizer, that could be triggered by
-attempting to decompress a specially-crafted malformed JPEG image.  This issue
-affected only 32-bit code and did not pose a security threat, but removing the
-warning makes it easier to detect actual security issues, should they arise in
-the future.
-
-8. Fixed additional negative left shifts and other issues reported by the GCC
-and Clang undefined behavior sanitizers when attempting to decompress
-specially-crafted malformed JPEG images.  None of these issues posed a security
-threat, but removing the warnings makes it easier to detect actual security
-issues, should they arise in the future.
-
-9. Fixed an out-of-bounds array reference, introduced by 1.4.90[2] (partial
-image decompression) and detected by the Clang undefined behavior sanitizer,
-that could be triggered by a specially-crafted malformed JPEG image with more
-than four components.  Because the out-of-bounds reference was still within the
-same structure, it was not known to pose a security threat, but removing the
-warning makes it easier to detect actual security issues, should they arise in
-the future.
-
-10. Fixed another ABI conformance issue in the 64-bit ARM (AArch64) NEON SIMD
-code.  Some of the routines were incorrectly reading and storing data below the
-stack pointer, which caused segfaults in certain applications under specific
-circumstances.
-
-
-1.5.0
-=====
-
-### Significant changes relative to 1.5 beta1:
-
-1. Fixed an issue whereby a malformed motion-JPEG frame could cause the "fast
-path" of libjpeg-turbo's Huffman decoder to read from uninitialized memory.
-
-2. Added libjpeg-turbo version and build information to the global string table
-of the libjpeg and TurboJPEG API libraries.  This is a common practice in other
-infrastructure libraries, such as OpenSSL and libpng, because it makes it easy
-to examine an application binary and determine which version of the library the
-application was linked against.
-
-3. Fixed a couple of issues in the PPM reader that would cause buffer overruns
-in cjpeg if one of the values in a binary PPM/PGM input file exceeded the
-maximum value defined in the file's header and that maximum value was greater
-than 255.  libjpeg-turbo 1.4.2 already included a similar fix for ASCII PPM/PGM
-files.  Note that these issues were not security bugs, since they were confined
-to the cjpeg program and did not affect any of the libjpeg-turbo libraries.
-
-4. Fixed an issue whereby attempting to decompress a JPEG file with a corrupt
-header using the `tjDecompressToYUV2()` function would cause the function to
-abort without returning an error and, under certain circumstances, corrupt the
-stack.  This only occurred if `tjDecompressToYUV2()` was called prior to
-calling `tjDecompressHeader3()`, or if the return value from
-`tjDecompressHeader3()` was ignored (both cases represent incorrect usage of
-the TurboJPEG API.)
-
-5. Fixed an issue in the ARM 32-bit SIMD-accelerated Huffman encoder that
-prevented the code from assembling properly with clang.
-
-6. The `jpeg_stdio_src()`, `jpeg_mem_src()`, `jpeg_stdio_dest()`, and
-`jpeg_mem_dest()` functions in the libjpeg API will now throw an error if a
-source/destination manager has already been assigned to the compress or
-decompress object by a different function or by the calling program.  This
-prevents these functions from attempting to reuse a source/destination manager
-structure that was allocated elsewhere, because there is no way to ensure that
-it would be big enough to accommodate the new source/destination manager.
-
-
-1.4.90 (1.5 beta1)
-==================
-
-### Significant changes relative to 1.4.2:
-
-1. Added full SIMD acceleration for PowerPC platforms using AltiVec VMX
-(128-bit SIMD) instructions.  Although the performance of libjpeg-turbo on
-PowerPC was already good, due to the increased number of registers available
-to the compiler vs. x86, it was still possible to speed up compression by about
-3-4x and decompression by about 2-2.5x (relative to libjpeg v6b) through the
-use of AltiVec instructions.
-
-2. Added two new libjpeg API functions (`jpeg_skip_scanlines()` and
-`jpeg_crop_scanline()`) that can be used to partially decode a JPEG image.  See
-[libjpeg.txt](libjpeg.txt) for more details.
-
-3. The TJCompressor and TJDecompressor classes in the TurboJPEG Java API now
-implement the Closeable interface, so those classes can be used with a
-try-with-resources statement.
-
-4. The TurboJPEG Java classes now throw unchecked idiomatic exceptions
-(IllegalArgumentException, IllegalStateException) for unrecoverable errors
-caused by incorrect API usage, and those classes throw a new checked exception
-type (TJException) for errors that are passed through from the C library.
-
-5. Source buffers for the TurboJPEG C API functions, as well as the
-`jpeg_mem_src()` function in the libjpeg API, are now declared as const
-pointers.  This facilitates passing read-only buffers to those functions and
-ensures the caller that the source buffer will not be modified.  This should
-not create any backward API or ABI incompatibilities with prior libjpeg-turbo
-releases.
-
-6. The MIPS DSPr2 SIMD code can now be compiled to support either FR=0 or FR=1
-FPUs.
-
-7. Fixed additional negative left shifts and other issues reported by the GCC
-and Clang undefined behavior sanitizers.  Most of these issues affected only
-32-bit code, and none of them was known to pose a security threat, but removing
-the warnings makes it easier to detect actual security issues, should they
-arise in the future.
-
-8. Removed the unnecessary `.arch` directive from the ARM64 NEON SIMD code.
-This directive was preventing the code from assembling using the clang
-integrated assembler.
-
-9. Fixed a regression caused by 1.4.1[6] that prevented 32-bit and 64-bit
-libjpeg-turbo RPMs from being installed simultaneously on recent Red Hat/Fedora
-distributions.  This was due to the addition of a macro in jconfig.h that
-allows the Huffman codec to determine the word size at compile time.  Since
-that macro differs between 32-bit and 64-bit builds, this caused a conflict
-between the i386 and x86_64 RPMs (any differing files, other than executables,
-are not allowed when 32-bit and 64-bit RPMs are installed simultaneously.)
-Since the macro is used only internally, it has been moved into jconfigint.h.
-
-10. The x86-64 SIMD code can now be disabled at run time by setting the
-`JSIMD_FORCENONE` environment variable to `1` (the other SIMD implementations
-already had this capability.)
-
-11. Added a new command-line argument to TJBench (`-nowrite`) that prevents the
-benchmark from outputting any images.  This removes any potential operating
-system overhead that might be caused by lazy writes to disk and thus improves
-the consistency of the performance measurements.
-
-12. Added SIMD acceleration for Huffman encoding on SSE2-capable x86 and x86-64
-platforms.  This speeds up the compression of full-color JPEGs by about 10-15%
-on average (relative to libjpeg-turbo 1.4.x) when using modern Intel and AMD
-CPUs.  Additionally, this works around an issue in the clang optimizer that
-prevents it (as of this writing) from achieving the same performance as GCC
-when compiling the C version of the Huffman encoder
-(<https://llvm.org/bugs/show_bug.cgi?id=16035>).  For the purposes of
-benchmarking or regression testing, SIMD-accelerated Huffman encoding can be
-disabled by setting the `JSIMD_NOHUFFENC` environment variable to `1`.
-
-13. Added ARM 64-bit (ARMv8) NEON SIMD implementations of the commonly-used
-compression algorithms (including the accurate integer forward DCT and h2v2 &
-h2v1 downsampling algorithms, which are not accelerated in the 32-bit NEON
-implementation.)  This speeds up the compression of full-color JPEGs by about
-75% on average on a Cavium ThunderX processor and by about 2-2.5x on average on
-Cortex-A53 and Cortex-A57 cores.
-
-14. Added SIMD acceleration for Huffman encoding on NEON-capable ARM 32-bit
-and 64-bit platforms.
-
-    For 32-bit code, this speeds up the compression of full-color JPEGs by
-about 30% on average on a typical iOS device (iPhone 4S, Cortex-A9) and by
-about 6-7% on average on a typical Android device (Nexus 5X, Cortex-A53 and
-Cortex-A57), relative to libjpeg-turbo 1.4.x.  Note that the larger speedup
-under iOS is due to the fact that iOS builds use LLVM, which does not optimize
-the C Huffman encoder as well as GCC does.
-
-    For 64-bit code, NEON-accelerated Huffman encoding speeds up the
-compression of full-color JPEGs by about 40% on average on a typical iOS device
-(iPhone 5S, Apple A7) and by about 7-8% on average on a typical Android device
-(Nexus 5X, Cortex-A53 and Cortex-A57), in addition to the speedup described in
-[13] above.
-
-    For the purposes of benchmarking or regression testing, SIMD-accelerated
-Huffman encoding can be disabled by setting the `JSIMD_NOHUFFENC` environment
-variable to `1`.
-
-15. pkg-config (.pc) scripts are now included for both the libjpeg and
-TurboJPEG API libraries on Un*x systems.  Note that if a project's build system
-relies on these scripts, then it will not be possible to build that project
-with libjpeg or with a prior version of libjpeg-turbo.
-
-16. Optimized the ARM 64-bit (ARMv8) NEON SIMD decompression routines to
-improve performance on CPUs with in-order pipelines.  This speeds up the
-decompression of full-color JPEGs by nearly 2x on average on a Cavium ThunderX
-processor and by about 15% on average on a Cortex-A53 core.
-
-17. Fixed an issue in the accelerated Huffman decoder that could have caused
-the decoder to read past the end of the input buffer when a malformed,
-specially-crafted JPEG image was being decompressed.  In prior versions of
-libjpeg-turbo, the accelerated Huffman decoder was invoked (in most cases) only
-if there were > 128 bytes of data in the input buffer.  However, it is possible
-to construct a JPEG image in which a single Huffman block is over 430 bytes
-long, so this version of libjpeg-turbo activates the accelerated Huffman
-decoder only if there are > 512 bytes of data in the input buffer.
-
-18. Fixed a memory leak in tjunittest encountered when running the program
-with the `-yuv` option.
-
-
-1.4.2
-=====
-
-### Significant changes relative to 1.4.1:
-
-1. Fixed an issue whereby cjpeg would segfault if a Windows bitmap with a
-negative width or height was used as an input image (Windows bitmaps can have
-a negative height if they are stored in top-down order, but such files are
-rare and not supported by libjpeg-turbo.)
-
-2. Fixed an issue whereby, under certain circumstances, libjpeg-turbo would
-incorrectly encode certain JPEG images when quality=100 and the fast integer
-forward DCT were used.  This was known to cause `make test` to fail when the
-library was built with `-march=haswell` on x86 systems.
-
-3. Fixed an issue whereby libjpeg-turbo would crash when built with the latest
-& greatest development version of the Clang/LLVM compiler.  This was caused by
-an x86-64 ABI conformance issue in some of libjpeg-turbo's 64-bit SSE2 SIMD
-routines.  Those routines were incorrectly using a 64-bit `mov` instruction to
-transfer a 32-bit JDIMENSION argument, whereas the x86-64 ABI allows the upper
-(unused) 32 bits of a 32-bit argument's register to be undefined.  The new
-Clang/LLVM optimizer uses load combining to transfer multiple adjacent 32-bit
-structure members into a single 64-bit register, and this exposed the ABI
-conformance issue.
-
-4. Fixed a bug in the MIPS DSPr2 4:2:0 "plain" (non-fancy and non-merged)
-upsampling routine that caused a buffer overflow (and subsequent segfault) when
-decompressing a 4:2:0 JPEG image whose scaled output width was less than 16
-pixels.  The "plain" upsampling routines are normally only used when
-decompressing a non-YCbCr JPEG image, but they are also used when decompressing
-a JPEG image whose scaled output height is 1.
-
-5. Fixed various negative left shifts and other issues reported by the GCC and
-Clang undefined behavior sanitizers.  None of these was known to pose a
-security threat, but removing the warnings makes it easier to detect actual
-security issues, should they arise in the future.
-
-
-1.4.1
-=====
-
-### Significant changes relative to 1.4.0:
-
-1. tjbench now properly handles CMYK/YCCK JPEG files.  Passing an argument of
-`-cmyk` (instead of, for instance, `-rgb`) will cause tjbench to internally
-convert the source bitmap to CMYK prior to compression, to generate YCCK JPEG
-files, and to internally convert the decompressed CMYK pixels back to RGB after
-decompression (the latter is done automatically if a CMYK or YCCK JPEG is
-passed to tjbench as a source image.)  The CMYK<->RGB conversion operation is
-not benchmarked.  NOTE: The quick & dirty CMYK<->RGB conversions that tjbench
-uses are suitable for testing only.  Proper conversion between CMYK and RGB
-requires a color management system.
-
-2. `make test` now performs additional bitwise regression tests using tjbench,
-mainly for the purpose of testing compression from/decompression to a subregion
-of a larger image buffer.
-
-3. `make test` no longer tests the regression of the floating point DCT/IDCT
-by default, since the results of those tests can vary if the algorithms in
-question are not implemented using SIMD instructions on a particular platform.
-See the comments in [Makefile.am](Makefile.am) for information on how to
-re-enable the tests and to specify an expected result for them based on the
-particulars of your platform.
-
-4. The NULL color conversion routines have been significantly optimized,
-which speeds up the compression of RGB and CMYK JPEGs by 5-20% when using
-64-bit code and 0-3% when using 32-bit code, and the decompression of those
-images by 10-30% when using 64-bit code and 3-12% when using 32-bit code.
-
-5. Fixed an "illegal instruction" error that occurred when djpeg from a
-SIMD-enabled libjpeg-turbo MIPS build was executed with the `-nosmooth` option
-on a MIPS machine that lacked DSPr2 support.  The MIPS SIMD routines for h2v1
-and h2v2 merged upsampling were not properly checking for the existence of
-DSPr2.
-
-6. Performance has been improved significantly on 64-bit non-Linux and
-non-Windows platforms (generally 10-20% faster compression and 5-10% faster
-decompression.)  Due to an oversight, the 64-bit version of the accelerated
-Huffman codec was not being compiled in when libjpeg-turbo was built on
-platforms other than Windows or Linux.  Oops.
-
-7. Fixed an extremely rare bug in the Huffman encoder that caused 64-bit
-builds of libjpeg-turbo to incorrectly encode a few specific test images when
-quality=98, an optimized Huffman table, and the accurate integer forward DCT
-were used.
-
-8. The Windows (CMake) build system now supports building only static or only
-shared libraries.  This is accomplished by adding either `-DENABLE_STATIC=0` or
-`-DENABLE_SHARED=0` to the CMake command line.
-
-9. TurboJPEG API functions will now return an error code if a warning is
-triggered in the underlying libjpeg API.  For instance, if a JPEG file is
-corrupt, the TurboJPEG decompression functions will attempt to decompress
-as much of the image as possible, but those functions will now return -1 to
-indicate that the decompression was not entirely successful.
-
-10. Fixed a bug in the MIPS DSPr2 4:2:2 fancy upsampling routine that caused a
-buffer overflow (and subsequent segfault) when decompressing a 4:2:2 JPEG image
-in which the right-most MCU was 5 or 6 pixels wide.
-
-
-1.4.0
-=====
-
-### Significant changes relative to 1.4 beta1:
-
-1. Fixed a build issue on OS X PowerPC platforms (md5cmp failed to build
-because OS X does not provide the `le32toh()` and `htole32()` functions.)
-
-2. The non-SIMD RGB565 color conversion code did not work correctly on big
-endian machines.  This has been fixed.
-
-3. Fixed an issue in `tjPlaneSizeYUV()` whereby it would erroneously return 1
-instead of -1 if `componentID` was > 0 and `subsamp` was `TJSAMP_GRAY`.
-
-3. Fixed an issue in `tjBufSizeYUV2()` whereby it would erroneously return 0
-instead of -1 if `width` was < 1.
-
-5. The Huffman encoder now uses `clz` and `bsr` instructions for bit counting
-on ARM64 platforms (see 1.4 beta1[5].)
-
-6. The `close()` method in the TJCompressor and TJDecompressor Java classes is
-now idempotent.  Previously, that method would call the native `tjDestroy()`
-function even if the TurboJPEG instance had already been destroyed.  This
-caused an exception to be thrown during finalization, if the `close()` method
-had already been called.  The exception was caught, but it was still an
-expensive operation.
-
-7. The TurboJPEG API previously generated an error (`Could not determine
-subsampling type for JPEG image`) when attempting to decompress grayscale JPEG
-images that were compressed with a sampling factor other than 1 (for instance,
-with `cjpeg -grayscale -sample 2x2`).  Subsampling technically has no meaning
-with grayscale JPEGs, and thus the horizontal and vertical sampling factors
-for such images are ignored by the decompressor.  However, the TurboJPEG API
-was being too rigid and was expecting the sampling factors to be equal to 1
-before it treated the image as a grayscale JPEG.
-
-8. cjpeg, djpeg, and jpegtran now accept an argument of `-version`, which will
-print the library version and exit.
-
-9. Referring to 1.4 beta1[15], another extremely rare circumstance was
-discovered under which the Huffman encoder's local buffer can be overrun
-when a buffered destination manager is being used and an
-extremely-high-frequency block (basically junk image data) is being encoded.
-Even though the Huffman local buffer was increased from 128 bytes to 136 bytes
-to address the previous issue, the new issue caused even the larger buffer to
-be overrun.  Further analysis reveals that, in the absolute worst case (such as
-setting alternating AC coefficients to 32767 and -32768 in the JPEG scanning
-order), the Huffman encoder can produce encoded blocks that approach double the
-size of the unencoded blocks.  Thus, the Huffman local buffer was increased to
-256 bytes, which should prevent any such issue from re-occurring in the future.
-
-10. The new `tjPlaneSizeYUV()`, `tjPlaneWidth()`, and `tjPlaneHeight()`
-functions were not actually usable on any platform except OS X and Windows,
-because those functions were not included in the libturbojpeg mapfile.  This
-has been fixed.
-
-11. Restored the `JPP()`, `JMETHOD()`, and `FAR` macros in the libjpeg-turbo
-header files.  The `JPP()` and `JMETHOD()` macros were originally implemented
-in libjpeg as a way of supporting non-ANSI compilers that lacked support for
-prototype parameters.  libjpeg-turbo has never supported such compilers, but
-some software packages still use the macros to define their own prototypes.
-Similarly, libjpeg-turbo has never supported MS-DOS and other platforms that
-have far symbols, but some software packages still use the `FAR` macro.  A
-pretty good argument can be made that this is a bad practice on the part of the
-software in question, but since this affects more than one package, it's just
-easier to fix it here.
-
-12. Fixed issues that were preventing the ARM 64-bit SIMD code from compiling
-for iOS, and included an ARMv8 architecture in all of the binaries installed by
-the "official" libjpeg-turbo SDK for OS X.
-
-
-1.3.90 (1.4 beta1)
-==================
-
-### Significant changes relative to 1.3.1:
-
-1. New features in the TurboJPEG API:
-
-     - YUV planar images can now be generated with an arbitrary line padding
-(previously only 4-byte padding, which was compatible with X Video, was
-supported.)
-     - The decompress-to-YUV function has been extended to support image
-scaling.
-     - JPEG images can now be compressed from YUV planar source images.
-     - YUV planar images can now be decoded into RGB or grayscale images.
-     - 4:1:1 subsampling is now supported.  This is mainly included for
-compatibility, since 4:1:1 is not fully accelerated in libjpeg-turbo and has no
-significant advantages relative to 4:2:0.
-     - CMYK images are now supported.  This feature allows CMYK source images
-to be compressed to YCCK JPEGs and YCCK or CMYK JPEGs to be decompressed to
-CMYK destination images.  Conversion between CMYK/YCCK and RGB or YUV images is
-not supported.  Such conversion requires a color management system and is thus
-out of scope for a codec library.
-     - The handling of YUV images in the Java API has been significantly
-refactored and should now be much more intuitive.
-     - The Java API now supports encoding a YUV image from an arbitrary
-position in a large image buffer.
-     - All of the YUV functions now have a corresponding function that operates
-on separate image planes instead of a unified image buffer.  This allows for
-compressing/decoding from or decompressing/encoding to a subregion of a larger
-YUV image.  It also allows for handling YUV formats that swap the order of the
-U and V planes.
-
-2. Added SIMD acceleration for DSPr2-capable MIPS platforms.  This speeds up
-the compression of full-color JPEGs by 70-80% on such platforms and
-decompression by 25-35%.
-
-3. If an application attempts to decompress a Huffman-coded JPEG image whose
-header does not contain Huffman tables, libjpeg-turbo will now insert the
-default Huffman tables.  In order to save space, many motion JPEG video frames
-are encoded without the default Huffman tables, so these frames can now be
-successfully decompressed by libjpeg-turbo without additional work on the part
-of the application.  An application can still override the Huffman tables, for
-instance to re-use tables from a previous frame of the same video.
-
-4. The Mac packaging system now uses pkgbuild and productbuild rather than
-PackageMaker (which is obsolete and no longer supported.)  This means that
-OS X 10.6 "Snow Leopard" or later must be used when packaging libjpeg-turbo,
-although the packages produced can be installed on OS X 10.5 "Leopard" or
-later.  OS X 10.4 "Tiger" is no longer supported.
-
-5. The Huffman encoder now uses `clz` and `bsr` instructions for bit counting
-on ARM platforms rather than a lookup table.  This reduces the memory footprint
-by 64k, which may be important for some mobile applications.  Out of four
-Android devices that were tested, two demonstrated a small overall performance
-loss (~3-4% on average) with ARMv6 code and a small gain (also ~3-4%) with
-ARMv7 code when enabling this new feature, but the other two devices
-demonstrated a significant overall performance gain with both ARMv6 and ARMv7
-code (~10-20%) when enabling the feature.  Actual mileage may vary.
-
-6. Worked around an issue with Visual C++ 2010 and later that caused incorrect
-pixels to be generated when decompressing a JPEG image to a 256-color bitmap,
-if compiler optimization was enabled when libjpeg-turbo was built.  This caused
-the regression tests to fail when doing a release build under Visual C++ 2010
-and later.
-
-7. Improved the accuracy and performance of the non-SIMD implementation of the
-floating point inverse DCT (using code borrowed from libjpeg v8a and later.)
-The accuracy of this implementation now matches the accuracy of the SSE/SSE2
-implementation.  Note, however, that the floating point DCT/IDCT algorithms are
-mainly a legacy feature.  They generally do not produce significantly better
-accuracy than the accurate integer DCT/IDCT algorithms, and they are quite a
-bit slower.
-
-8. Added a new output colorspace (`JCS_RGB565`) to the libjpeg API that allows
-for decompressing JPEG images into RGB565 (16-bit) pixels.  If dithering is not
-used, then this code path is SIMD-accelerated on ARM platforms.
-
-9. Numerous obsolete features, such as support for non-ANSI compilers and
-support for the MS-DOS memory model, were removed from the libjpeg code,
-greatly improving its readability and making it easier to maintain and extend.
-
-10. Fixed a segfault that occurred when calling `output_message()` with
-`msg_code` set to `JMSG_COPYRIGHT`.
-
-11. Fixed an issue whereby wrjpgcom was allowing comments longer than 65k
-characters to be passed on the command line, which was causing it to generate
-incorrect JPEG files.
-
-12. Fixed a bug in the build system that was causing the Windows version of
-wrjpgcom to be built using the rdjpgcom source code.
-
-13. Restored 12-bit-per-component JPEG support.  A 12-bit version of
-libjpeg-turbo can now be built by passing an argument of `--with-12bit` to
-configure (Unix) or `-DWITH_12BIT=1` to cmake (Windows.)  12-bit JPEG support
-is included only for convenience.  Enabling this feature disables all of the
-performance features in libjpeg-turbo, as well as arithmetic coding and the
-TurboJPEG API.  The resulting library still contains the other libjpeg-turbo
-features (such as the colorspace extensions), but in general, it performs no
-faster than libjpeg v6b.
-
-14. Added ARM 64-bit SIMD acceleration for the YCC-to-RGB color conversion
-and IDCT algorithms (both are used during JPEG decompression.)  For unknown
-reasons (probably related to clang), this code cannot currently be compiled for
-iOS.
-
-15. Fixed an extremely rare bug (CVE-2014-9092) that could cause the Huffman
-encoder's local buffer to overrun when a very high-frequency MCU is compressed
-using quality 100 and no subsampling, and when the JPEG output buffer is being
-dynamically resized by the destination manager.  This issue was so rare that,
-even with a test program specifically designed to make the bug occur (by
-injecting random high-frequency YUV data into the compressor), it was
-reproducible only once in about every 25 million iterations.
-
-16. Fixed an oversight in the TurboJPEG C wrapper:  if any of the JPEG
-compression functions was called repeatedly with the same
-automatically-allocated destination buffer, then TurboJPEG would erroneously
-assume that the `jpegSize` parameter was equal to the size of the buffer, when
-in fact that parameter was probably equal to the size of the most recently
-compressed JPEG image.  If the size of the previous JPEG image was not as large
-as the current JPEG image, then TurboJPEG would unnecessarily reallocate the
-destination buffer.
-
-
-1.3.1
-=====
-
-### Significant changes relative to 1.3.0:
-
-1. On Un*x systems, `make install` now installs the libjpeg-turbo libraries
-into /opt/libjpeg-turbo/lib32 by default on any 32-bit system, not just x86,
-and into /opt/libjpeg-turbo/lib64 by default on any 64-bit system, not just
-x86-64.  You can override this by overriding either the `prefix` or `libdir`
-configure variables.
-
-2. The Windows installer now places a copy of the TurboJPEG DLLs in the same
-directory as the rest of the libjpeg-turbo binaries.  This was mainly done
-to support TurboVNC 1.3, which bundles the DLLs in its Windows installation.
-When using a 32-bit version of CMake on 64-bit Windows, it is impossible to
-access the c:\WINDOWS\system32 directory, which made it impossible for the
-TurboVNC build scripts to bundle the 64-bit TurboJPEG DLL.
-
-3. Fixed a bug whereby attempting to encode a progressive JPEG with arithmetic
-entropy coding (by passing arguments of `-progressive -arithmetic` to cjpeg or
-jpegtran, for instance) would result in an error, `Requested feature was
-omitted at compile time`.
-
-4. Fixed a couple of issues (CVE-2013-6629 and CVE-2013-6630) whereby malformed
-JPEG images would cause libjpeg-turbo to use uninitialized memory during
-decompression.
-
-5. Fixed an error (`Buffer passed to JPEG library is too small`) that occurred
-when calling the TurboJPEG YUV encoding function with a very small (< 5x5)
-source image, and added a unit test to check for this error.
-
-6. The Java classes should now build properly under Visual Studio 2010 and
-later.
-
-7. Fixed an issue that prevented SRPMs generated using the in-tree packaging
-tools from being rebuilt on certain newer Linux distributions.
-
-8. Numerous minor fixes to eliminate compilation and build/packaging system
-warnings, fix cosmetic issues, improve documentation clarity, and other general
-source cleanup.
-
-
-1.3.0
-=====
-
-### Significant changes relative to 1.3 beta1:
-
-1. `make test` now works properly on FreeBSD, and it no longer requires the
-md5sum executable to be present on other Un*x platforms.
-
-2. Overhauled the packaging system:
-
-     - To avoid conflict with vendor-supplied libjpeg-turbo packages, the
-official RPMs and DEBs for libjpeg-turbo have been renamed to
-"libjpeg-turbo-official".
-     - The TurboJPEG libraries are now located under /opt/libjpeg-turbo in the
-official Linux and Mac packages, to avoid conflict with vendor-supplied
-packages and also to streamline the packaging system.
-     - Release packages are now created with the directory structure defined
-by the configure variables `prefix`, `bindir`, `libdir`, etc. (Un\*x) or by the
-`CMAKE_INSTALL_PREFIX` variable (Windows.)  The exception is that the docs are
-always located under the system default documentation directory on Un\*x and
-Mac systems, and on Windows, the TurboJPEG DLL is always located in the Windows
-system directory.
-     - To avoid confusion, official libjpeg-turbo packages on Linux/Unix
-platforms (except for Mac) will always install the 32-bit libraries in
-/opt/libjpeg-turbo/lib32 and the 64-bit libraries in /opt/libjpeg-turbo/lib64.
-     - Fixed an issue whereby, in some cases, the libjpeg-turbo executables on
-Un*x systems were not properly linking with the shared libraries installed by
-the same package.
-     - Fixed an issue whereby building the "installer" target on Windows when
-`WITH_JAVA=1` would fail if the TurboJPEG JAR had not been previously built.
-     - Building the "install" target on Windows now installs files into the
-same places that the installer does.
-
-3. Fixed a Huffman encoder bug that prevented I/O suspension from working
-properly.
-
-
-1.2.90 (1.3 beta1)
-==================
-
-### Significant changes relative to 1.2.1:
-
-1. Added support for additional scaling factors (3/8, 5/8, 3/4, 7/8, 9/8, 5/4,
-11/8, 3/2, 13/8, 7/4, 15/8, and 2) when decompressing.  Note that the IDCT will
-not be SIMD-accelerated when using any of these new scaling factors.
-
-2. The TurboJPEG dynamic library is now versioned.  It was not strictly
-necessary to do so, because TurboJPEG uses versioned symbols, and if a function
-changes in an ABI-incompatible way, that function is renamed and a legacy
-function is provided to maintain backward compatibility.  However, certain
-Linux distro maintainers have a policy against accepting any library that isn't
-versioned.
-
-3. Extended the TurboJPEG Java API so that it can be used to compress a JPEG
-image from and decompress a JPEG image to an arbitrary position in a large
-image buffer.
-
-4. The `tjDecompressToYUV()` function now supports the `TJFLAG_FASTDCT` flag.
-
-5. The 32-bit supplementary package for amd64 Debian systems now provides
-symlinks in /usr/lib/i386-linux-gnu for the TurboJPEG libraries in /usr/lib32.
-This allows those libraries to be used on MultiArch-compatible systems (such as
-Ubuntu 11 and later) without setting the linker path.
-
-6. The TurboJPEG Java wrapper should now find the JNI library on Mac systems
-without having to pass `-Djava.library.path=/usr/lib` to java.
-
-7. TJBench has been ported to Java to provide a convenient way of validating
-the performance of the TurboJPEG Java API.  It can be run with
-`java -cp turbojpeg.jar TJBench`.
-
-8. cjpeg can now be used to generate JPEG files with the RGB colorspace
-(feature ported from jpeg-8d.)
-
-9. The width and height in the `-crop` argument passed to jpegtran can now be
-suffixed with `f` to indicate that, when the upper left corner of the cropping
-region is automatically moved to the nearest iMCU boundary, the bottom right
-corner should be moved by the same amount.  In other words, this feature causes
-jpegtran to strictly honor the specified width/height rather than the specified
-bottom right corner (feature ported from jpeg-8d.)
-
-10. JPEG files using the RGB colorspace can now be decompressed into grayscale
-images (feature ported from jpeg-8d.)
-
-11. Fixed a regression caused by 1.2.1[7] whereby the build would fail with
-multiple "Mismatch in operand sizes" errors when attempting to build the x86
-SIMD code with NASM 0.98.
-
-12. The in-memory source/destination managers (`jpeg_mem_src()` and
-`jpeg_mem_dest()`) are now included by default when building libjpeg-turbo with
-libjpeg v6b or v7 emulation, so that programs can take advantage of these
-functions without requiring the use of the backward-incompatible libjpeg v8
-ABI.  The "age number" of the libjpeg-turbo library on Un*x systems has been
-incremented by 1 to reflect this.  You can disable this feature with a
-configure/CMake switch in order to retain strict API/ABI compatibility with the
-libjpeg v6b or v7 API/ABI (or with previous versions of libjpeg-turbo.)  See
-[README.md](README.md) for more details.
-
-13. Added ARMv7s architecture to libjpeg.a and libturbojpeg.a in the official
-libjpeg-turbo binary package for OS X, so that those libraries can be used to
-build applications that leverage the faster CPUs in the iPhone 5 and iPad 4.
-
-
-1.2.1
-=====
-
-### Significant changes relative to 1.2.0:
-
-1. Creating or decoding a JPEG file that uses the RGB colorspace should now
-properly work when the input or output colorspace is one of the libjpeg-turbo
-colorspace extensions.
-
-2. When libjpeg-turbo was built without SIMD support and merged (non-fancy)
-upsampling was used along with an alpha-enabled colorspace during
-decompression, the unused byte of the decompressed pixels was not being set to
-0xFF.  This has been fixed.  TJUnitTest has also been extended to test for the
-correct behavior of the colorspace extensions when merged upsampling is used.
-
-3. Fixed a bug whereby the libjpeg-turbo SSE2 SIMD code would not preserve the
-upper 64 bits of xmm6 and xmm7 on Win64 platforms, which violated the Win64
-calling conventions.
-
-4. Fixed a regression (CVE-2012-2806) caused by 1.2.0[6] whereby decompressing
-corrupt JPEG images (specifically, images in which the component count was
-erroneously set to a large value) would cause libjpeg-turbo to segfault.
-
-5. Worked around a severe performance issue with "Bobcat" (AMD Embedded APU)
-processors.  The `MASKMOVDQU` instruction, which was used by the libjpeg-turbo
-SSE2 SIMD code, is apparently implemented in microcode on AMD processors, and
-it is painfully slow on Bobcat processors in particular.  Eliminating the use
-of this instruction improved performance by an order of magnitude on Bobcat
-processors and by a small amount (typically 5%) on AMD desktop processors.
-
-6. Added SIMD acceleration for performing 4:2:2 upsampling on NEON-capable ARM
-platforms.  This speeds up the decompression of 4:2:2 JPEGs by 20-25% on such
-platforms.
-
-7. Fixed a regression caused by 1.2.0[2] whereby, on Linux/x86 platforms
-running the 32-bit SSE2 SIMD code in libjpeg-turbo, decompressing a 4:2:0 or
-4:2:2 JPEG image into a 32-bit (RGBX, BGRX, etc.) buffer without using fancy
-upsampling would produce several incorrect columns of pixels at the right-hand
-side of the output image if each row in the output image was not evenly
-divisible by 16 bytes.
-
-8. Fixed an issue whereby attempting to build the SIMD extensions with Xcode
-4.3 on OS X platforms would cause NASM to return numerous errors of the form
-"'%define' expects a macro identifier".
-
-9. Added flags to the TurboJPEG API that allow the caller to force the use of
-either the fast or the accurate DCT/IDCT algorithms in the underlying codec.
-
-
-1.2.0
-=====
-
-### Significant changes relative to 1.2 beta1:
-
-1. Fixed build issue with YASM on Unix systems (the libjpeg-turbo build system
-was not adding the current directory to the assembler include path, so YASM
-was not able to find jsimdcfg.inc.)
-
-2. Fixed out-of-bounds read in SSE2 SIMD code that occurred when decompressing
-a JPEG image to a bitmap buffer whose size was not a multiple of 16 bytes.
-This was more of an annoyance than an actual bug, since it did not cause any
-actual run-time problems, but the issue showed up when running libjpeg-turbo in
-valgrind.  See <http://crbug.com/72399> for more information.
-
-3. Added a compile-time macro (`LIBJPEG_TURBO_VERSION`) that can be used to
-check the version of libjpeg-turbo against which an application was compiled.
-
-4. Added new RGBA/BGRA/ABGR/ARGB colorspace extension constants (libjpeg API)
-and pixel formats (TurboJPEG API), which allow applications to specify that,
-when decompressing to a 4-component RGB buffer, the unused byte should be set
-to 0xFF so that it can be interpreted as an opaque alpha channel.
-
-5. Fixed regression issue whereby DevIL failed to build against libjpeg-turbo
-because libjpeg-turbo's distributed version of jconfig.h contained an `INLINE`
-macro, which conflicted with a similar macro in DevIL.  This macro is used only
-internally when building libjpeg-turbo, so it was moved into config.h.
-
-6. libjpeg-turbo will now correctly decompress erroneous CMYK/YCCK JPEGs whose
-K component is assigned a component ID of 1 instead of 4.  Although these files
-are in violation of the spec, other JPEG implementations handle them
-correctly.
-
-7. Added ARMv6 and ARMv7 architectures to libjpeg.a and libturbojpeg.a in
-the official libjpeg-turbo binary package for OS X, so that those libraries can
-be used to build both OS X and iOS applications.
-
-
-1.1.90 (1.2 beta1)
-==================
-
-### Significant changes relative to 1.1.1:
-
-1. Added a Java wrapper for the TurboJPEG API.  See [java/README](java/README)
-for more details.
-
-2. The TurboJPEG API can now be used to scale down images during
-decompression.
-
-3. Added SIMD routines for RGB-to-grayscale color conversion, which
-significantly improves the performance of grayscale JPEG compression from an
-RGB source image.
-
-4. Improved the performance of the C color conversion routines, which are used
-on platforms for which SIMD acceleration is not available.
-
-5. Added a function to the TurboJPEG API that performs lossless transforms.
-This function is implemented using the same back end as jpegtran, but it
-performs transcoding entirely in memory and allows multiple transforms and/or
-crop operations to be batched together, so the source coefficients only need to
-be read once.  This is useful when generating image tiles from a single source
-JPEG.
-
-6. Added tests for the new TurboJPEG scaled decompression and lossless
-transform features to tjbench (the TurboJPEG benchmark, formerly called
-"jpgtest".)
-
-7. Added support for 4:4:0 (transposed 4:2:2) subsampling in TurboJPEG, which
-was necessary in order for it to read 4:2:2 JPEG files that had been losslessly
-transposed or rotated 90 degrees.
-
-8. All legacy VirtualGL code has been re-factored, and this has allowed
-libjpeg-turbo, in its entirety, to be re-licensed under a BSD-style license.
-
-9. libjpeg-turbo can now be built with YASM.
-
-10. Added SIMD acceleration for ARM Linux and iOS platforms that support
-NEON instructions.
-
-11. Refactored the TurboJPEG C API and documented it using Doxygen.  The
-TurboJPEG 1.2 API uses pixel formats to define the size and component order of
-the uncompressed source/destination images, and it includes a more efficient
-version of `TJBUFSIZE()` that computes a worst-case JPEG size based on the
-level of chrominance subsampling.  The refactored implementation of the
-TurboJPEG API now uses the libjpeg memory source and destination managers,
-which allows the TurboJPEG compressor to grow the JPEG buffer as necessary.
-
-12. Eliminated errors in the output of jpegtran on Windows that occurred when
-the application was invoked using I/O redirection
-(`jpegtran <input.jpg >output.jpg`.)
-
-13. The inclusion of libjpeg v7 and v8 emulation as well as arithmetic coding
-support in libjpeg-turbo v1.1.0 introduced several new error constants in
-jerror.h, and these were mistakenly enabled for all emulation modes, causing
-the error enum in libjpeg-turbo to sometimes have different values than the
-same enum in libjpeg.  This represents an ABI incompatibility, and it caused
-problems with rare applications that took specific action based on a particular
-error value.  The fix was to include the new error constants conditionally
-based on whether libjpeg v7 or v8 emulation was enabled.
-
-14. Fixed an issue whereby Windows applications that used libjpeg-turbo would
-fail to compile if the Windows system headers were included before jpeglib.h.
-This issue was caused by a conflict in the definition of the INT32 type.
-
-15. Fixed 32-bit supplementary package for amd64 Debian systems, which was
-broken by enhancements to the packaging system in 1.1.
-
-16. When decompressing a JPEG image using an output colorspace of
-`JCS_EXT_RGBX`, `JCS_EXT_BGRX`, `JCS_EXT_XBGR`, or `JCS_EXT_XRGB`,
-libjpeg-turbo will now set the unused byte to 0xFF, which allows applications
-to interpret that byte as an alpha channel (0xFF = opaque).
-
-
-1.1.1
-=====
-
-### Significant changes relative to 1.1.0:
-
-1. Fixed a 1-pixel error in row 0, column 21 of the luminance plane generated
-by `tjEncodeYUV()`.
-
-2. libjpeg-turbo's accelerated Huffman decoder previously ignored unexpected
-markers found in the middle of the JPEG data stream during decompression.  It
-will now hand off decoding of a particular block to the unaccelerated Huffman
-decoder if an unexpected marker is found, so that the unaccelerated Huffman
-decoder can generate an appropriate warning.
-
-3. Older versions of MinGW64 prefixed symbol names with underscores by
-default, which differed from the behavior of 64-bit Visual C++.  MinGW64 1.0
-has adopted the behavior of 64-bit Visual C++ as the default, so to accommodate
-this, the libjpeg-turbo SIMD function names are no longer prefixed with an
-underscore when building with MinGW64.  This means that, when building
-libjpeg-turbo with older versions of MinGW64, you will now have to add
-`-fno-leading-underscore` to the `CFLAGS`.
-
-4. Fixed a regression bug in the NSIS script that caused the Windows installer
-build to fail when using the Visual Studio IDE.
-
-5. Fixed a bug in `jpeg_read_coefficients()` whereby it would not initialize
-`cinfo->image_width` and `cinfo->image_height` if libjpeg v7 or v8 emulation
-was enabled.  This specifically caused the jpegoptim program to fail if it was
-linked against a version of libjpeg-turbo that was built with libjpeg v7 or v8
-emulation.
-
-6. Eliminated excessive I/O overhead that occurred when reading BMP files in
-cjpeg.
-
-7. Eliminated errors in the output of cjpeg on Windows that occurred when the
-application was invoked using I/O redirection (`cjpeg <inputfile >output.jpg`.)
-
-
-1.1.0
-=====
-
-### Significant changes relative to 1.1 beta1:
-
-1. The algorithm used by the SIMD quantization function cannot produce correct
-results when the JPEG quality is >= 98 and the fast integer forward DCT is
-used.  Thus, the non-SIMD quantization function is now used for those cases,
-and libjpeg-turbo should now produce identical output to libjpeg v6b in all
-cases.
-
-2. Despite the above, the fast integer forward DCT still degrades somewhat for
-JPEG qualities greater than 95, so the TurboJPEG wrapper will now automatically
-use the accurate integer forward DCT when generating JPEG images of quality 96
-or greater.  This reduces compression performance by as much as 15% for these
-high-quality images but is necessary to ensure that the images are perceptually
-lossless.  It also ensures that the library can avoid the performance pitfall
-created by [1].
-
-3. Ported jpgtest.cxx to pure C to avoid the need for a C++ compiler.
-
-4. Fixed visual artifacts in grayscale JPEG compression caused by a typo in
-the RGB-to-luminance lookup tables.
-
-5. The Windows distribution packages now include the libjpeg run-time programs
-(cjpeg, etc.)
-
-6. All packages now include jpgtest.
-
-7. The TurboJPEG dynamic library now uses versioned symbols.
-
-8. Added two new TurboJPEG API functions, `tjEncodeYUV()` and
-`tjDecompressToYUV()`, to replace the somewhat hackish `TJ_YUV` flag.
-
-
-1.0.90 (1.1 beta1)
-==================
-
-### Significant changes relative to 1.0.1:
-
-1. Added emulation of the libjpeg v7 and v8 APIs and ABIs.  See
-[README.md](README.md) for more details.  This feature was sponsored by
-CamTrace SAS.
-
-2. Created a new CMake-based build system for the Visual C++ and MinGW builds.
-
-3. Grayscale bitmaps can now be compressed from/decompressed to using the
-TurboJPEG API.
-
-4. jpgtest can now be used to test decompression performance with existing
-JPEG images.
-
-5. If the default install prefix (/opt/libjpeg-turbo) is used, then
-`make install` now creates /opt/libjpeg-turbo/lib32 and
-/opt/libjpeg-turbo/lib64 sym links to duplicate the behavior of the binary
-packages.
-
-6. All symbols in the libjpeg-turbo dynamic library are now versioned, even
-when the library is built with libjpeg v6b emulation.
-
-7. Added arithmetic encoding and decoding support (can be disabled with
-configure or CMake options)
-
-8. Added a `TJ_YUV` flag to the TurboJPEG API, which causes both the compressor
-and decompressor to output planar YUV images.
-
-9. Added an extended version of `tjDecompressHeader()` to the TurboJPEG API,
-which allows the caller to determine the type of subsampling used in a JPEG
-image.
-
-10. Added further protections against invalid Huffman codes.
-
-
-1.0.1
-=====
-
-### Significant changes relative to 1.0.0:
-
-1. The Huffman decoder will now handle erroneous Huffman codes (for instance,
-from a corrupt JPEG image.)  Previously, these would cause libjpeg-turbo to
-crash under certain circumstances.
-
-2. Fixed typo in SIMD dispatch routines that was causing 4:2:2 upsampling to
-be used instead of 4:2:0 when decompressing JPEG images using SSE2 code.
-
-3. The configure script will now automatically determine whether the
-`INCOMPLETE_TYPES_BROKEN` macro should be defined.
-
-
-1.0.0
-=====
-
-### Significant changes relative to 0.0.93:
-
-1. 2983700: Further FreeBSD build tweaks (no longer necessary to specify
-`--host` when configuring on a 64-bit system)
-
-2. Created symlinks in the Unix/Linux packages so that the TurboJPEG
-include file can always be found in /opt/libjpeg-turbo/include, the 32-bit
-static libraries can always be found in /opt/libjpeg-turbo/lib32, and the
-64-bit static libraries can always be found in /opt/libjpeg-turbo/lib64.
-
-3. The Unix/Linux distribution packages now include the libjpeg run-time
-programs (cjpeg, etc.) and man pages.
-
-4. Created a 32-bit supplementary package for amd64 Debian systems, which
-contains just the 32-bit libjpeg-turbo libraries.
-
-5. Moved the libraries from */lib32 to */lib in the i386 Debian package.
-
-6. Include distribution package for Cygwin
-
-7. No longer necessary to specify `--without-simd` on non-x86 architectures,
-and unit tests now work on those architectures.
-
-
-0.0.93
-======
-
-### Significant changes since 0.0.91:
-
-1. 2982659: Fixed x86-64 build on FreeBSD systems
-
-2. 2988188: Added support for Windows 64-bit systems
-
-
-0.0.91
-======
-
-### Significant changes relative to 0.0.90:
-
-1. Added documentation to .deb packages
-
-2. 2968313: Fixed data corruption issues when decompressing large JPEG images
-and/or using buffered I/O with the libjpeg-turbo decompressor
-
-
-0.0.90
-======
-
-Initial release
diff --git a/3rdparty/libjpeg-turbo_2_1_0/LICENSE.md b/3rdparty/libjpeg-turbo_2_1_0/LICENSE.md
deleted file mode 100644
index a1cdad5..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/LICENSE.md
+++ /dev/null
@@ -1,132 +0,0 @@
-libjpeg-turbo Licenses
-======================
-
-libjpeg-turbo is covered by three compatible BSD-style open source licenses:
-
-- The IJG (Independent JPEG Group) License, which is listed in
-  [README.ijg](README.ijg)
-
-  This license applies to the libjpeg API library and associated programs
-  (any code inherited from libjpeg, and any modifications to that code.)
-
-- The Modified (3-clause) BSD License, which is listed below
-
-  This license covers the TurboJPEG API library and associated programs, as
-  well as the build system.
-
-- The [zlib License](https://opensource.org/licenses/Zlib)
-
-  This license is a subset of the other two, and it covers the libjpeg-turbo
-  SIMD extensions.
-
-
-Complying with the libjpeg-turbo Licenses
-=========================================
-
-This section provides a roll-up of the libjpeg-turbo licensing terms, to the
-best of our understanding.
-
-1.  If you are distributing a modified version of the libjpeg-turbo source,
-    then:
-
-    1.  You cannot alter or remove any existing copyright or license notices
-        from the source.
-
-        **Origin**
-        - Clause 1 of the IJG License
-        - Clause 1 of the Modified BSD License
-        - Clauses 1 and 3 of the zlib License
-
-    2.  You must add your own copyright notice to the header of each source
-        file you modified, so others can tell that you modified that file (if
-        there is not an existing copyright header in that file, then you can
-        simply add a notice stating that you modified the file.)
-
-        **Origin**
-        - Clause 1 of the IJG License
-        - Clause 2 of the zlib License
-
-    3.  You must include the IJG README file, and you must not alter any of the
-        copyright or license text in that file.
-
-        **Origin**
-        - Clause 1 of the IJG License
-
-2.  If you are distributing only libjpeg-turbo binaries without the source, or
-    if you are distributing an application that statically links with
-    libjpeg-turbo, then:
-
-    1.  Your product documentation must include a message stating:
-
-        This software is based in part on the work of the Independent JPEG
-        Group.
-
-        **Origin**
-        - Clause 2 of the IJG license
-
-    2.  If your binary distribution includes or uses the TurboJPEG API, then
-        your product documentation must include the text of the Modified BSD
-        License (see below.)
-
-        **Origin**
-        - Clause 2 of the Modified BSD License
-
-3.  You cannot use the name of the IJG or The libjpeg-turbo Project or the
-    contributors thereof in advertising, publicity, etc.
-
-    **Origin**
-    - IJG License
-    - Clause 3 of the Modified BSD License
-
-4.  The IJG and The libjpeg-turbo Project do not warrant libjpeg-turbo to be
-    free of defects, nor do we accept any liability for undesirable
-    consequences resulting from your use of the software.
-
-    **Origin**
-    - IJG License
-    - Modified BSD License
-    - zlib License
-
-
-The Modified (3-clause) BSD License
-===================================
-
-Copyright (C)2009-2021 D. R. Commander.  All Rights Reserved.<br>
-Copyright (C)2015 Viktor Szathmáry.  All Rights Reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-
-- Redistributions of source code must retain the above copyright notice,
-  this list of conditions and the following disclaimer.
-- Redistributions in binary form must reproduce the above copyright notice,
-  this list of conditions and the following disclaimer in the documentation
-  and/or other materials provided with the distribution.
-- Neither the name of the libjpeg-turbo Project nor the names of its
-  contributors may be used to endorse or promote products derived from this
-  software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
-AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
-LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGE.
-
-
-Why Three Licenses?
-===================
-
-The zlib License could have been used instead of the Modified (3-clause) BSD
-License, and since the IJG License effectively subsumes the distribution
-conditions of the zlib License, this would have effectively placed
-libjpeg-turbo binary distributions under the IJG License.  However, the IJG
-License specifically refers to the Independent JPEG Group and does not extend
-attribution and endorsement protections to other entities.  Thus, it was
-desirable to choose a license that granted us the same protections for new code
-that were granted to the IJG for code derived from their software.
diff --git a/3rdparty/libjpeg-turbo_2_1_0/README.ijg b/3rdparty/libjpeg-turbo_2_1_0/README.ijg
deleted file mode 100644
index 9453c19..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/README.ijg
+++ /dev/null
@@ -1,258 +0,0 @@
-libjpeg-turbo note:  This file has been modified by The libjpeg-turbo Project
-to include only information relevant to libjpeg-turbo, to wordsmith certain
-sections, and to remove impolitic language that existed in the libjpeg v8
-README.  It is included only for reference.  Please see README.md for
-information specific to libjpeg-turbo.
-
-
-The Independent JPEG Group's JPEG software
-==========================================
-
-This distribution contains a release of the Independent JPEG Group's free JPEG
-software.  You are welcome to redistribute this software and to use it for any
-purpose, subject to the conditions under LEGAL ISSUES, below.
-
-This software is the work of Tom Lane, Guido Vollbeding, Philip Gladstone,
-Bill Allombert, Jim Boucher, Lee Crocker, Bob Friesenhahn, Ben Jackson,
-Julian Minguillon, Luis Ortiz, George Phillips, Davide Rossi, Ge' Weijers,
-and other members of the Independent JPEG Group.
-
-IJG is not affiliated with the ISO/IEC JTC1/SC29/WG1 standards committee
-(also known as JPEG, together with ITU-T SG16).
-
-
-DOCUMENTATION ROADMAP
-=====================
-
-This file contains the following sections:
-
-OVERVIEW            General description of JPEG and the IJG software.
-LEGAL ISSUES        Copyright, lack of warranty, terms of distribution.
-REFERENCES          Where to learn more about JPEG.
-ARCHIVE LOCATIONS   Where to find newer versions of this software.
-FILE FORMAT WARS    Software *not* to get.
-TO DO               Plans for future IJG releases.
-
-Other documentation files in the distribution are:
-
-User documentation:
-  usage.txt         Usage instructions for cjpeg, djpeg, jpegtran,
-                    rdjpgcom, and wrjpgcom.
-  *.1               Unix-style man pages for programs (same info as usage.txt).
-  wizard.txt        Advanced usage instructions for JPEG wizards only.
-  change.log        Version-to-version change highlights.
-Programmer and internal documentation:
-  libjpeg.txt       How to use the JPEG library in your own programs.
-  example.txt       Sample code for calling the JPEG library.
-  structure.txt     Overview of the JPEG library's internal structure.
-  coderules.txt     Coding style rules --- please read if you contribute code.
-
-Please read at least usage.txt.  Some information can also be found in the JPEG
-FAQ (Frequently Asked Questions) article.  See ARCHIVE LOCATIONS below to find
-out where to obtain the FAQ article.
-
-If you want to understand how the JPEG code works, we suggest reading one or
-more of the REFERENCES, then looking at the documentation files (in roughly
-the order listed) before diving into the code.
-
-
-OVERVIEW
-========
-
-This package contains C software to implement JPEG image encoding, decoding,
-and transcoding.  JPEG (pronounced "jay-peg") is a standardized compression
-method for full-color and grayscale images.  JPEG's strong suit is compressing
-photographic images or other types of images that have smooth color and
-brightness transitions between neighboring pixels.  Images with sharp lines or
-other abrupt features may not compress well with JPEG, and a higher JPEG
-quality may have to be used to avoid visible compression artifacts with such
-images.
-
-JPEG is lossy, meaning that the output pixels are not necessarily identical to
-the input pixels.  However, on photographic content and other "smooth" images,
-very good compression ratios can be obtained with no visible compression
-artifacts, and extremely high compression ratios are possible if you are
-willing to sacrifice image quality (by reducing the "quality" setting in the
-compressor.)
-
-This software implements JPEG baseline, extended-sequential, and progressive
-compression processes.  Provision is made for supporting all variants of these
-processes, although some uncommon parameter settings aren't implemented yet.
-We have made no provision for supporting the hierarchical or lossless
-processes defined in the standard.
-
-We provide a set of library routines for reading and writing JPEG image files,
-plus two sample applications "cjpeg" and "djpeg", which use the library to
-perform conversion between JPEG and some other popular image file formats.
-The library is intended to be reused in other applications.
-
-In order to support file conversion and viewing software, we have included
-considerable functionality beyond the bare JPEG coding/decoding capability;
-for example, the color quantization modules are not strictly part of JPEG
-decoding, but they are essential for output to colormapped file formats or
-colormapped displays.  These extra functions can be compiled out of the
-library if not required for a particular application.
-
-We have also included "jpegtran", a utility for lossless transcoding between
-different JPEG processes, and "rdjpgcom" and "wrjpgcom", two simple
-applications for inserting and extracting textual comments in JFIF files.
-
-The emphasis in designing this software has been on achieving portability and
-flexibility, while also making it fast enough to be useful.  In particular,
-the software is not intended to be read as a tutorial on JPEG.  (See the
-REFERENCES section for introductory material.)  Rather, it is intended to
-be reliable, portable, industrial-strength code.  We do not claim to have
-achieved that goal in every aspect of the software, but we strive for it.
-
-We welcome the use of this software as a component of commercial products.
-No royalty is required, but we do ask for an acknowledgement in product
-documentation, as described under LEGAL ISSUES.
-
-
-LEGAL ISSUES
-============
-
-In plain English:
-
-1. We don't promise that this software works.  (But if you find any bugs,
-   please let us know!)
-2. You can use this software for whatever you want.  You don't have to pay us.
-3. You may not pretend that you wrote this software.  If you use it in a
-   program, you must acknowledge somewhere in your documentation that
-   you've used the IJG code.
-
-In legalese:
-
-The authors make NO WARRANTY or representation, either express or implied,
-with respect to this software, its quality, accuracy, merchantability, or
-fitness for a particular purpose.  This software is provided "AS IS", and you,
-its user, assume the entire risk as to its quality and accuracy.
-
-This software is copyright (C) 1991-2020, Thomas G. Lane, Guido Vollbeding.
-All Rights Reserved except as specified below.
-
-Permission is hereby granted to use, copy, modify, and distribute this
-software (or portions thereof) for any purpose, without fee, subject to these
-conditions:
-(1) If any part of the source code for this software is distributed, then this
-README file must be included, with this copyright and no-warranty notice
-unaltered; and any additions, deletions, or changes to the original files
-must be clearly indicated in accompanying documentation.
-(2) If only executable code is distributed, then the accompanying
-documentation must state that "this software is based in part on the work of
-the Independent JPEG Group".
-(3) Permission for use of this software is granted only if the user accepts
-full responsibility for any undesirable consequences; the authors accept
-NO LIABILITY for damages of any kind.
-
-These conditions apply to any software derived from or based on the IJG code,
-not just to the unmodified library.  If you use our work, you ought to
-acknowledge us.
-
-Permission is NOT granted for the use of any IJG author's name or company name
-in advertising or publicity relating to this software or products derived from
-it.  This software may be referred to only as "the Independent JPEG Group's
-software".
-
-We specifically permit and encourage the use of this software as the basis of
-commercial products, provided that all warranty or liability claims are
-assumed by the product vendor.
-
-
-REFERENCES
-==========
-
-We recommend reading one or more of these references before trying to
-understand the innards of the JPEG software.
-
-The best short technical introduction to the JPEG compression algorithm is
-        Wallace, Gregory K.  "The JPEG Still Picture Compression Standard",
-        Communications of the ACM, April 1991 (vol. 34 no. 4), pp. 30-44.
-(Adjacent articles in that issue discuss MPEG motion picture compression,
-applications of JPEG, and related topics.)  If you don't have the CACM issue
-handy, a PDF file containing a revised version of Wallace's article is
-available at http://www.ijg.org/files/Wallace.JPEG.pdf.  The file (actually
-a preprint for an article that appeared in IEEE Trans. Consumer Electronics)
-omits the sample images that appeared in CACM, but it includes corrections
-and some added material.  Note: the Wallace article is copyright ACM and IEEE,
-and it may not be used for commercial purposes.
-
-A somewhat less technical, more leisurely introduction to JPEG can be found in
-"The Data Compression Book" by Mark Nelson and Jean-loup Gailly, published by
-M&T Books (New York), 2nd ed. 1996, ISBN 1-55851-434-1.  This book provides
-good explanations and example C code for a multitude of compression methods
-including JPEG.  It is an excellent source if you are comfortable reading C
-code but don't know much about data compression in general.  The book's JPEG
-sample code is far from industrial-strength, but when you are ready to look
-at a full implementation, you've got one here...
-
-The best currently available description of JPEG is the textbook "JPEG Still
-Image Data Compression Standard" by William B. Pennebaker and Joan L.
-Mitchell, published by Van Nostrand Reinhold, 1993, ISBN 0-442-01272-1.
-Price US$59.95, 638 pp.  The book includes the complete text of the ISO JPEG
-standards (DIS 10918-1 and draft DIS 10918-2).
-
-The original JPEG standard is divided into two parts, Part 1 being the actual
-specification, while Part 2 covers compliance testing methods.  Part 1 is
-titled "Digital Compression and Coding of Continuous-tone Still Images,
-Part 1: Requirements and guidelines" and has document numbers ISO/IEC IS
-10918-1, ITU-T T.81.  Part 2 is titled "Digital Compression and Coding of
-Continuous-tone Still Images, Part 2: Compliance testing" and has document
-numbers ISO/IEC IS 10918-2, ITU-T T.83.
-
-The JPEG standard does not specify all details of an interchangeable file
-format.  For the omitted details, we follow the "JFIF" conventions, revision
-1.02.  JFIF version 1 has been adopted as ISO/IEC 10918-5 (05/2013) and
-Recommendation ITU-T T.871 (05/2011): Information technology - Digital
-compression and coding of continuous-tone still images: JPEG File Interchange
-Format (JFIF).  It is available as a free download in PDF file format from
-https://www.iso.org/standard/54989.html and http://www.itu.int/rec/T-REC-T.871.
-A PDF file of the older JFIF 1.02 specification is available at
-http://www.w3.org/Graphics/JPEG/jfif3.pdf.
-
-The TIFF 6.0 file format specification can be obtained from
-http://mirrors.ctan.org/graphics/tiff/TIFF6.ps.gz.  The JPEG incorporation
-scheme found in the TIFF 6.0 spec of 3-June-92 has a number of serious
-problems.  IJG does not recommend use of the TIFF 6.0 design (TIFF Compression
-tag 6).  Instead, we recommend the JPEG design proposed by TIFF Technical Note
-#2 (Compression tag 7).  Copies of this Note can be obtained from
-http://www.ijg.org/files/.  It is expected that the next revision
-of the TIFF spec will replace the 6.0 JPEG design with the Note's design.
-Although IJG's own code does not support TIFF/JPEG, the free libtiff library
-uses our library to implement TIFF/JPEG per the Note.
-
-
-ARCHIVE LOCATIONS
-=================
-
-The "official" archive site for this software is www.ijg.org.
-The most recent released version can always be found there in
-directory "files".
-
-The JPEG FAQ (Frequently Asked Questions) article is a source of some
-general information about JPEG.  It is available at
-http://www.faqs.org/faqs/jpeg-faq.
-
-
-FILE FORMAT COMPATIBILITY
-=========================
-
-This software implements ITU T.81 | ISO/IEC 10918 with some extensions from
-ITU T.871 | ISO/IEC 10918-5 (JPEG File Interchange Format-- see REFERENCES).
-Informally, the term "JPEG image" or "JPEG file" most often refers to JFIF or
-a subset thereof, but there are other formats containing the name "JPEG" that
-are incompatible with the DCT-based JPEG standard or with JFIF (for instance,
-JPEG 2000 and JPEG XR).  This software therefore does not support these
-formats.  Indeed, one of the original reasons for developing this free software
-was to help force convergence on a common, interoperable format standard for
-JPEG files.
-
-JFIF is a minimal or "low end" representation.  TIFF/JPEG (TIFF revision 6.0 as
-modified by TIFF Technical Note #2) can be used for "high end" applications
-that need to record a lot of additional data about an image.
-
-
-TO DO
-=====
-
-Please send bug reports, offers of help, etc. to jpeg-info@jpegclub.org.
diff --git a/3rdparty/libjpeg-turbo_2_1_0/README.md b/3rdparty/libjpeg-turbo_2_1_0/README.md
deleted file mode 100644
index 01e391e..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/README.md
+++ /dev/null
@@ -1,357 +0,0 @@
-Background
-==========
-
-libjpeg-turbo is a JPEG image codec that uses SIMD instructions to accelerate
-baseline JPEG compression and decompression on x86, x86-64, Arm, PowerPC, and
-MIPS systems, as well as progressive JPEG compression on x86, x86-64, and Arm
-systems.  On such systems, libjpeg-turbo is generally 2-6x as fast as libjpeg,
-all else being equal.  On other types of systems, libjpeg-turbo can still
-outperform libjpeg by a significant amount, by virtue of its highly-optimized
-Huffman coding routines.  In many cases, the performance of libjpeg-turbo
-rivals that of proprietary high-speed JPEG codecs.
-
-libjpeg-turbo implements both the traditional libjpeg API as well as the less
-powerful but more straightforward TurboJPEG API.  libjpeg-turbo also features
-colorspace extensions that allow it to compress from/decompress to 32-bit and
-big-endian pixel buffers (RGBX, XBGR, etc.), as well as a full-featured Java
-interface.
-
-libjpeg-turbo was originally based on libjpeg/SIMD, an MMX-accelerated
-derivative of libjpeg v6b developed by Miyasaka Masaru.  The TigerVNC and
-VirtualGL projects made numerous enhancements to the codec in 2009, and in
-early 2010, libjpeg-turbo spun off into an independent project, with the goal
-of making high-speed JPEG compression/decompression technology available to a
-broader range of users and developers.
-
-
-License
-=======
-
-libjpeg-turbo is covered by three compatible BSD-style open source licenses.
-Refer to [LICENSE.md](LICENSE.md) for a roll-up of license terms.
-
-
-Building libjpeg-turbo
-======================
-
-Refer to [BUILDING.md](BUILDING.md) for complete instructions.
-
-
-Using libjpeg-turbo
-===================
-
-libjpeg-turbo includes two APIs that can be used to compress and decompress
-JPEG images:
-
-- **TurboJPEG API**<br>
-  This API provides an easy-to-use interface for compressing and decompressing
-  JPEG images in memory.  It also provides some functionality that would not be
-  straightforward to achieve using the underlying libjpeg API, such as
-  generating planar YUV images and performing multiple simultaneous lossless
-  transforms on an image.  The Java interface for libjpeg-turbo is written on
-  top of the TurboJPEG API.  The TurboJPEG API is recommended for first-time
-  users of libjpeg-turbo.  Refer to [tjexample.c](tjexample.c) and
-  [TJExample.java](java/TJExample.java) for examples of its usage and to
-  <http://libjpeg-turbo.org/Documentation/Documentation> for API documentation.
-
-- **libjpeg API**<br>
-  This is the de facto industry-standard API for compressing and decompressing
-  JPEG images.  It is more difficult to use than the TurboJPEG API but also
-  more powerful.  The libjpeg API implementation in libjpeg-turbo is both
-  API/ABI-compatible and mathematically compatible with libjpeg v6b.  It can
-  also optionally be configured to be API/ABI-compatible with libjpeg v7 and v8
-  (see below.)  Refer to [cjpeg.c](cjpeg.c) and [djpeg.c](djpeg.c) for examples
-  of its usage and to [libjpeg.txt](libjpeg.txt) for API documentation.
-
-There is no significant performance advantage to either API when both are used
-to perform similar operations.
-
-Colorspace Extensions
----------------------
-
-libjpeg-turbo includes extensions that allow JPEG images to be compressed
-directly from (and decompressed directly to) buffers that use BGR, BGRX,
-RGBX, XBGR, and XRGB pixel ordering.  This is implemented with ten new
-colorspace constants:
-
-    JCS_EXT_RGB   /* red/green/blue */
-    JCS_EXT_RGBX  /* red/green/blue/x */
-    JCS_EXT_BGR   /* blue/green/red */
-    JCS_EXT_BGRX  /* blue/green/red/x */
-    JCS_EXT_XBGR  /* x/blue/green/red */
-    JCS_EXT_XRGB  /* x/red/green/blue */
-    JCS_EXT_RGBA  /* red/green/blue/alpha */
-    JCS_EXT_BGRA  /* blue/green/red/alpha */
-    JCS_EXT_ABGR  /* alpha/blue/green/red */
-    JCS_EXT_ARGB  /* alpha/red/green/blue */
-
-Setting `cinfo.in_color_space` (compression) or `cinfo.out_color_space`
-(decompression) to one of these values will cause libjpeg-turbo to read the
-red, green, and blue values from (or write them to) the appropriate position in
-the pixel when compressing from/decompressing to an RGB buffer.
-
-Your application can check for the existence of these extensions at compile
-time with:
-
-    #ifdef JCS_EXTENSIONS
-
-At run time, attempting to use these extensions with a libjpeg implementation
-that does not support them will result in a "Bogus input colorspace" error.
-Applications can trap this error in order to test whether run-time support is
-available for the colorspace extensions.
-
-When using the RGBX, BGRX, XBGR, and XRGB colorspaces during decompression, the
-X byte is undefined, and in order to ensure the best performance, libjpeg-turbo
-can set that byte to whatever value it wishes.  If an application expects the X
-byte to be used as an alpha channel, then it should specify `JCS_EXT_RGBA`,
-`JCS_EXT_BGRA`, `JCS_EXT_ABGR`, or `JCS_EXT_ARGB`.  When these colorspace
-constants are used, the X byte is guaranteed to be 0xFF, which is interpreted
-as opaque.
-
-Your application can check for the existence of the alpha channel colorspace
-extensions at compile time with:
-
-    #ifdef JCS_ALPHA_EXTENSIONS
-
-[jcstest.c](jcstest.c), located in the libjpeg-turbo source tree, demonstrates
-how to check for the existence of the colorspace extensions at compile time and
-run time.
-
-libjpeg v7 and v8 API/ABI Emulation
------------------------------------
-
-With libjpeg v7 and v8, new features were added that necessitated extending the
-compression and decompression structures.  Unfortunately, due to the exposed
-nature of those structures, extending them also necessitated breaking backward
-ABI compatibility with previous libjpeg releases.  Thus, programs that were
-built to use libjpeg v7 or v8 did not work with libjpeg-turbo, since it is
-based on the libjpeg v6b code base.  Although libjpeg v7 and v8 are not
-as widely used as v6b, enough programs (including a few Linux distros) made
-the switch that there was a demand to emulate the libjpeg v7 and v8 ABIs
-in libjpeg-turbo.  It should be noted, however, that this feature was added
-primarily so that applications that had already been compiled to use libjpeg
-v7+ could take advantage of accelerated baseline JPEG encoding/decoding
-without recompiling.  libjpeg-turbo does not claim to support all of the
-libjpeg v7+ features, nor to produce identical output to libjpeg v7+ in all
-cases (see below.)
-
-By passing an argument of `-DWITH_JPEG7=1` or `-DWITH_JPEG8=1` to `cmake`, you
-can build a version of libjpeg-turbo that emulates the libjpeg v7 or v8 ABI, so
-that programs that are built against libjpeg v7 or v8 can be run with
-libjpeg-turbo.  The following section describes which libjpeg v7+ features are
-supported and which aren't.
-
-### Support for libjpeg v7 and v8 Features
-
-#### Fully supported
-
-- **libjpeg API: IDCT scaling extensions in decompressor**<br>
-  libjpeg-turbo supports IDCT scaling with scaling factors of 1/8, 1/4, 3/8,
-  1/2, 5/8, 3/4, 7/8, 9/8, 5/4, 11/8, 3/2, 13/8, 7/4, 15/8, and 2/1 (only 1/4
-  and 1/2 are SIMD-accelerated.)
-
-- **libjpeg API: Arithmetic coding**
-
-- **libjpeg API: In-memory source and destination managers**<br>
-  See notes below.
-
-- **cjpeg: Separate quality settings for luminance and chrominance**<br>
-  Note that the libpjeg v7+ API was extended to accommodate this feature only
-  for convenience purposes.  It has always been possible to implement this
-  feature with libjpeg v6b (see rdswitch.c for an example.)
-
-- **cjpeg: 32-bit BMP support**
-
-- **cjpeg: `-rgb` option**
-
-- **jpegtran: Lossless cropping**
-
-- **jpegtran: `-perfect` option**
-
-- **jpegtran: Forcing width/height when performing lossless crop**
-
-- **rdjpgcom: `-raw` option**
-
-- **rdjpgcom: Locale awareness**
-
-
-#### Not supported
-
-NOTE:  As of this writing, extensive research has been conducted into the
-usefulness of DCT scaling as a means of data reduction and SmartScale as a
-means of quality improvement.  Readers are invited to peruse the research at
-<http://www.libjpeg-turbo.org/About/SmartScale> and draw their own conclusions,
-but it is the general belief of our project that these features have not
-demonstrated sufficient usefulness to justify inclusion in libjpeg-turbo.
-
-- **libjpeg API: DCT scaling in compressor**<br>
-  `cinfo.scale_num` and `cinfo.scale_denom` are silently ignored.
-  There is no technical reason why DCT scaling could not be supported when
-  emulating the libjpeg v7+ API/ABI, but without the SmartScale extension (see
-  below), only scaling factors of 1/2, 8/15, 4/7, 8/13, 2/3, 8/11, 4/5, and
-  8/9 would be available, which is of limited usefulness.
-
-- **libjpeg API: SmartScale**<br>
-  `cinfo.block_size` is silently ignored.
-  SmartScale is an extension to the JPEG format that allows for DCT block
-  sizes other than 8x8.  Providing support for this new format would be
-  feasible (particularly without full acceleration.)  However, until/unless
-  the format becomes either an official industry standard or, at minimum, an
-  accepted solution in the community, we are hesitant to implement it, as
-  there is no sense of whether or how it might change in the future.  It is
-  our belief that SmartScale has not demonstrated sufficient usefulness as a
-  lossless format nor as a means of quality enhancement, and thus our primary
-  interest in providing this feature would be as a means of supporting
-  additional DCT scaling factors.
-
-- **libjpeg API: Fancy downsampling in compressor**<br>
-  `cinfo.do_fancy_downsampling` is silently ignored.
-  This requires the DCT scaling feature, which is not supported.
-
-- **jpegtran: Scaling**<br>
-  This requires both the DCT scaling and SmartScale features, which are not
-  supported.
-
-- **Lossless RGB JPEG files**<br>
-  This requires the SmartScale feature, which is not supported.
-
-### What About libjpeg v9?
-
-libjpeg v9 introduced yet another field to the JPEG compression structure
-(`color_transform`), thus making the ABI backward incompatible with that of
-libjpeg v8.  This new field was introduced solely for the purpose of supporting
-lossless SmartScale encoding.  Furthermore, there was actually no reason to
-extend the API in this manner, as the color transform could have just as easily
-been activated by way of a new JPEG colorspace constant, thus preserving
-backward ABI compatibility.
-
-Our research (see link above) has shown that lossless SmartScale does not
-generally accomplish anything that can't already be accomplished better with
-existing, standard lossless formats.  Therefore, at this time it is our belief
-that there is not sufficient technical justification for software projects to
-upgrade from libjpeg v8 to libjpeg v9, and thus there is not sufficient
-technical justification for us to emulate the libjpeg v9 ABI.
-
-In-Memory Source/Destination Managers
--------------------------------------
-
-By default, libjpeg-turbo 1.3 and later includes the `jpeg_mem_src()` and
-`jpeg_mem_dest()` functions, even when not emulating the libjpeg v8 API/ABI.
-Previously, it was necessary to build libjpeg-turbo from source with libjpeg v8
-API/ABI emulation in order to use the in-memory source/destination managers,
-but several projects requested that those functions be included when emulating
-the libjpeg v6b API/ABI as well.  This allows the use of those functions by
-programs that need them, without breaking ABI compatibility for programs that
-don't, and it allows those functions to be provided in the "official"
-libjpeg-turbo binaries.
-
-Those who are concerned about maintaining strict conformance with the libjpeg
-v6b or v7 API can pass an argument of `-DWITH_MEM_SRCDST=0` to `cmake` prior to
-building libjpeg-turbo.  This will restore the pre-1.3 behavior, in which
-`jpeg_mem_src()` and `jpeg_mem_dest()` are only included when emulating the
-libjpeg v8 API/ABI.
-
-On Un*x systems, including the in-memory source/destination managers changes
-the dynamic library version from 62.2.0 to 62.3.0 if using libjpeg v6b API/ABI
-emulation and from 7.2.0 to 7.3.0 if using libjpeg v7 API/ABI emulation.
-
-Note that, on most Un*x systems, the dynamic linker will not look for a
-function in a library until that function is actually used.  Thus, if a program
-is built against libjpeg-turbo 1.3+ and uses `jpeg_mem_src()` or
-`jpeg_mem_dest()`, that program will not fail if run against an older version
-of libjpeg-turbo or against libjpeg v7- until the program actually tries to
-call `jpeg_mem_src()` or `jpeg_mem_dest()`.  Such is not the case on Windows.
-If a program is built against the libjpeg-turbo 1.3+ DLL and uses
-`jpeg_mem_src()` or `jpeg_mem_dest()`, then it must use the libjpeg-turbo 1.3+
-DLL at run time.
-
-Both cjpeg and djpeg have been extended to allow testing the in-memory
-source/destination manager functions.  See their respective man pages for more
-details.
-
-
-Mathematical Compatibility
-==========================
-
-For the most part, libjpeg-turbo should produce identical output to libjpeg
-v6b.  The one exception to this is when using the floating point DCT/IDCT, in
-which case the outputs of libjpeg v6b and libjpeg-turbo can differ for the
-following reasons:
-
-- The SSE/SSE2 floating point DCT implementation in libjpeg-turbo is ever so
-  slightly more accurate than the implementation in libjpeg v6b, but not by
-  any amount perceptible to human vision (generally in the range of 0.01 to
-  0.08 dB gain in PNSR.)
-
-- When not using the SIMD extensions, libjpeg-turbo uses the more accurate
-  (and slightly faster) floating point IDCT algorithm introduced in libjpeg
-  v8a as opposed to the algorithm used in libjpeg v6b.  It should be noted,
-  however, that this algorithm basically brings the accuracy of the floating
-  point IDCT in line with the accuracy of the accurate integer IDCT.  The
-  floating point DCT/IDCT algorithms are mainly a legacy feature, and they do
-  not produce significantly more accuracy than the accurate integer algorithms
-  (to put numbers on this, the typical difference in PNSR between the two
-  algorithms is less than 0.10 dB, whereas changing the quality level by 1 in
-  the upper range of the quality scale is typically more like a 1.0 dB
-  difference.)
-
-- If the floating point algorithms in libjpeg-turbo are not implemented using
-  SIMD instructions on a particular platform, then the accuracy of the
-  floating point DCT/IDCT can depend on the compiler settings.
-
-While libjpeg-turbo does emulate the libjpeg v8 API/ABI, under the hood it is
-still using the same algorithms as libjpeg v6b, so there are several specific
-cases in which libjpeg-turbo cannot be expected to produce the same output as
-libjpeg v8:
-
-- When decompressing using scaling factors of 1/2 and 1/4, because libjpeg v8
-  implements those scaling algorithms differently than libjpeg v6b does, and
-  libjpeg-turbo's SIMD extensions are based on the libjpeg v6b behavior.
-
-- When using chrominance subsampling, because libjpeg v8 implements this
-  with its DCT/IDCT scaling algorithms rather than with a separate
-  downsampling/upsampling algorithm.  In our testing, the subsampled/upsampled
-  output of libjpeg v8 is less accurate than that of libjpeg v6b for this
-  reason.
-
-- When decompressing using a scaling factor > 1 and merged (AKA "non-fancy" or
-  "non-smooth") chrominance upsampling, because libjpeg v8 does not support
-  merged upsampling with scaling factors > 1.
-
-
-Performance Pitfalls
-====================
-
-Restart Markers
----------------
-
-The optimized Huffman decoder in libjpeg-turbo does not handle restart markers
-in a way that makes the rest of the libjpeg infrastructure happy, so it is
-necessary to use the slow Huffman decoder when decompressing a JPEG image that
-has restart markers.  This can cause the decompression performance to drop by
-as much as 20%, but the performance will still be much greater than that of
-libjpeg.  Many consumer packages, such as Photoshop, use restart markers when
-generating JPEG images, so images generated by those programs will experience
-this issue.
-
-Fast Integer Forward DCT at High Quality Levels
------------------------------------------------
-
-The algorithm used by the SIMD-accelerated quantization function cannot produce
-correct results whenever the fast integer forward DCT is used along with a JPEG
-quality of 98-100.  Thus, libjpeg-turbo must use the non-SIMD quantization
-function in those cases.  This causes performance to drop by as much as 40%.
-It is therefore strongly advised that you use the accurate integer forward DCT
-whenever encoding images with a JPEG quality of 98 or higher.
-
-
-Memory Debugger Pitfalls
-========================
-
-Valgrind and Memory Sanitizer (MSan) can generate false positives
-(specifically, incorrect reports of uninitialized memory accesses) when used
-with libjpeg-turbo's SIMD extensions.  It is generally recommended that the
-SIMD extensions be disabled, either by passing an argument of `-DWITH_SIMD=0`
-to `cmake` when configuring the build or by setting the environment variable
-`JSIMD_FORCENONE` to `1` at run time, when testing libjpeg-turbo with Valgrind,
-MSan, or other memory debuggers.
diff --git a/3rdparty/libjpeg-turbo_2_1_0/appveyor.yml b/3rdparty/libjpeg-turbo_2_1_0/appveyor.yml
deleted file mode 100644
index 1e5f557..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/appveyor.yml
+++ /dev/null
@@ -1,71 +0,0 @@
-install:
-  - cmd: >-
-      if not exist c:\installers mkdir c:\installers
-
-      mkdir c:\temp
-
-      if not exist c:\installers\nasm-2.10.01-win32.zip curl -fSL -o c:\installers\nasm-2.10.01-win32.zip http://www.nasm.us/pub/nasm/releasebuilds/2.10.01/win32/nasm-2.10.01-win32.zip
-
-      7z x c:\installers\nasm-2.10.01-win32.zip -oc:\ > c:\installers\nasm.install.log
-
-      if not exist c:\installers\i686-6.4.0-release-posix-dwarf-rt_v5-rev0.7z curl -fSL -o c:\installers\i686-6.4.0-release-posix-dwarf-rt_v5-rev0.7z "https://sourceforge.net/projects/mingw-w64/files/Toolchains targetting Win32/Personal Builds/mingw-builds/6.4.0/threads-posix/dwarf/i686-6.4.0-release-posix-dwarf-rt_v5-rev0.7z"
-
-      md "c:\Program Files (x86)\mingw-w64\i686-6.4.0-posix-dwarf-rt_v5-rev0"
-
-      7z x c:\installers\i686-6.4.0-release-posix-dwarf-rt_v5-rev0.7z -o"c:\Program Files (x86)\mingw-w64\i686-6.4.0-posix-dwarf-rt_v5-rev0" > c:\installers\mingw32.install.log
-
-      if not exist c:\installers\x86_64-6.4.0-release-posix-seh-rt_v5-rev0.7z curl -fSL -o c:\installers\x86_64-6.4.0-release-posix-seh-rt_v5-rev0.7z "https://sourceforge.net/projects/mingw-w64/files/Toolchains targetting Win64/Personal Builds/mingw-builds/6.4.0/threads-posix/seh/x86_64-6.4.0-release-posix-seh-rt_v5-rev0.7z"
-
-      md "c:\Program Files\mingw-w64\x86_64-6.4.0-posix-seh-rt_v5-rev0"
-
-      7z x c:\installers\x86_64-6.4.0-release-posix-seh-rt_v5-rev0.7z -o"c:\Program Files\mingw-w64\x86_64-6.4.0-posix-seh-rt_v5-rev0" > c:\installers\mingw64.install.log
-
-      set PATH=c:\nasm-2.10.01;c:\Program Files (x86)\NSIS;c:\msys64\usr\bin;%PATH%
-
-      "c:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\bin\amd64\vcvars64.bat"
-
-      set INCLUDE
-
-      set LIB
-
-      set PATH
-
-      set MSYSTEM=MINGW32
-
-      mklink /d "%ProgramData%\Oracle\Java32" "c:\Program Files (x86)\Java\jdk1.6.0"
-
-      git clone --depth=1 https://github.com/libjpeg-turbo/buildscripts.git -b %APPVEYOR_REPO_BRANCH% c:/buildscripts
-
-cache:
-  - c:\installers\nasm-2.10.01-win32.zip -> appveyor.yml
-  - c:\installers\i686-6.4.0-release-posix-dwarf-rt_v5-rev0.7z -> appveyor.yml
-  - c:\installers\x86_64-6.4.0-release-posix-seh-rt_v5-rev0.7z -> appveyor.yml
-
-build_script:
-  - cmd: >-
-      for /f %%i in ('"cygpath %CD%"') do set MINGWPATH=%%i
-
-      bash c:/buildscripts/buildljt -d %MINGWPATH% -b /c/ljt.nightly -v
-
-      move c:\ljt.nightly\files\*.tar.gz .
-
-      move c:\ljt.nightly\files\*.exe .
-
-      move c:\ljt.nightly\log-windows.txt .
-
-artifacts:
-  - path: '*.tar.gz'
-    name: Source tarball
-
-  - path: '*-gcc*.exe'
-    name: SDK for MinGW
-
-  - path: '*-vc*.exe'
-    name: SDK for Visual C++
-
-  - path: 'log-windows.txt'
-    name: Build log
-
-test: off
-
-deploy: off
diff --git a/3rdparty/libjpeg-turbo_2_1_0/cderror.h b/3rdparty/libjpeg-turbo_2_1_0/cderror.h
deleted file mode 100644
index 2844346..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/cderror.h
+++ /dev/null
@@ -1,123 +0,0 @@
-/*
- * cderror.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1997, Thomas G. Lane.
- * Modified 2009-2017 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2021, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file defines the error and message codes for the cjpeg/djpeg
- * applications.  These strings are not needed as part of the JPEG library
- * proper.
- * Edit this file to add new codes, or to translate the message strings to
- * some other language.
- */
-
-/*
- * To define the enum list of message codes, include this file without
- * defining macro JMESSAGE.  To create a message string table, include it
- * again with a suitable JMESSAGE definition (see jerror.c for an example).
- */
-#ifndef JMESSAGE
-#ifndef CDERROR_H
-#define CDERROR_H
-/* First time through, define the enum list */
-#define JMAKE_ENUM_LIST
-#else
-/* Repeated inclusions of this file are no-ops unless JMESSAGE is defined */
-#define JMESSAGE(code, string)
-#endif /* CDERROR_H */
-#endif /* JMESSAGE */
-
-#ifdef JMAKE_ENUM_LIST
-
-typedef enum {
-
-#define JMESSAGE(code, string)  code,
-
-#endif /* JMAKE_ENUM_LIST */
-
-JMESSAGE(JMSG_FIRSTADDONCODE = 1000, NULL) /* Must be first entry! */
-
-#ifdef BMP_SUPPORTED
-JMESSAGE(JERR_BMP_BADCMAP, "Unsupported BMP colormap format")
-JMESSAGE(JERR_BMP_BADDEPTH, "Only 8-, 24-, and 32-bit BMP files are supported")
-JMESSAGE(JERR_BMP_BADHEADER, "Invalid BMP file: bad header length")
-JMESSAGE(JERR_BMP_BADPLANES, "Invalid BMP file: biPlanes not equal to 1")
-JMESSAGE(JERR_BMP_COLORSPACE, "BMP output must be grayscale or RGB")
-JMESSAGE(JERR_BMP_COMPRESSED, "Sorry, compressed BMPs not yet supported")
-JMESSAGE(JERR_BMP_EMPTY, "Empty BMP image")
-JMESSAGE(JERR_BMP_NOT, "Not a BMP file - does not start with BM")
-JMESSAGE(JERR_BMP_OUTOFRANGE, "Numeric value out of range in BMP file")
-JMESSAGE(JTRC_BMP, "%ux%u %d-bit BMP image")
-JMESSAGE(JTRC_BMP_MAPPED, "%ux%u 8-bit colormapped BMP image")
-JMESSAGE(JTRC_BMP_OS2, "%ux%u %d-bit OS2 BMP image")
-JMESSAGE(JTRC_BMP_OS2_MAPPED, "%ux%u 8-bit colormapped OS2 BMP image")
-#endif /* BMP_SUPPORTED */
-
-#ifdef GIF_SUPPORTED
-JMESSAGE(JERR_GIF_BUG, "GIF output got confused")
-JMESSAGE(JERR_GIF_CODESIZE, "Bogus GIF codesize %d")
-JMESSAGE(JERR_GIF_COLORSPACE, "GIF output must be grayscale or RGB")
-JMESSAGE(JERR_GIF_EMPTY, "Empty GIF image")
-JMESSAGE(JERR_GIF_IMAGENOTFOUND, "Too few images in GIF file")
-JMESSAGE(JERR_GIF_NOT, "Not a GIF file")
-JMESSAGE(JTRC_GIF, "%ux%ux%d GIF image")
-JMESSAGE(JTRC_GIF_BADVERSION,
-         "Warning: unexpected GIF version number '%c%c%c'")
-JMESSAGE(JTRC_GIF_EXTENSION, "Ignoring GIF extension block of type 0x%02x")
-JMESSAGE(JTRC_GIF_NONSQUARE, "Caution: nonsquare pixels in input")
-JMESSAGE(JWRN_GIF_BADDATA, "Corrupt data in GIF file")
-JMESSAGE(JWRN_GIF_CHAR, "Bogus char 0x%02x in GIF file, ignoring")
-JMESSAGE(JWRN_GIF_ENDCODE, "Premature end of GIF image")
-JMESSAGE(JWRN_GIF_NOMOREDATA, "Ran out of GIF bits")
-#endif /* GIF_SUPPORTED */
-
-#ifdef PPM_SUPPORTED
-JMESSAGE(JERR_PPM_COLORSPACE, "PPM output must be grayscale or RGB")
-JMESSAGE(JERR_PPM_NONNUMERIC, "Nonnumeric data in PPM file")
-JMESSAGE(JERR_PPM_NOT, "Not a PPM/PGM file")
-JMESSAGE(JERR_PPM_OUTOFRANGE, "Numeric value out of range in PPM file")
-JMESSAGE(JTRC_PGM, "%ux%u PGM image")
-JMESSAGE(JTRC_PGM_TEXT, "%ux%u text PGM image")
-JMESSAGE(JTRC_PPM, "%ux%u PPM image")
-JMESSAGE(JTRC_PPM_TEXT, "%ux%u text PPM image")
-#endif /* PPM_SUPPORTED */
-
-#ifdef TARGA_SUPPORTED
-JMESSAGE(JERR_TGA_BADCMAP, "Unsupported Targa colormap format")
-JMESSAGE(JERR_TGA_BADPARMS, "Invalid or unsupported Targa file")
-JMESSAGE(JERR_TGA_COLORSPACE, "Targa output must be grayscale or RGB")
-JMESSAGE(JTRC_TGA, "%ux%u RGB Targa image")
-JMESSAGE(JTRC_TGA_GRAY, "%ux%u grayscale Targa image")
-JMESSAGE(JTRC_TGA_MAPPED, "%ux%u colormapped Targa image")
-#else
-JMESSAGE(JERR_TGA_NOTCOMP, "Targa support was not compiled")
-#endif /* TARGA_SUPPORTED */
-
-JMESSAGE(JERR_BAD_CMAP_FILE,
-         "Color map file is invalid or of unsupported format")
-JMESSAGE(JERR_TOO_MANY_COLORS,
-         "Output file format cannot handle %d colormap entries")
-JMESSAGE(JERR_UNGETC_FAILED, "ungetc failed")
-#ifdef TARGA_SUPPORTED
-JMESSAGE(JERR_UNKNOWN_FORMAT,
-         "Unrecognized input file format --- perhaps you need -targa")
-#else
-JMESSAGE(JERR_UNKNOWN_FORMAT, "Unrecognized input file format")
-#endif
-JMESSAGE(JERR_UNSUPPORTED_FORMAT, "Unsupported output file format")
-
-#ifdef JMAKE_ENUM_LIST
-
-  JMSG_LASTADDONCODE
-} ADDON_MESSAGE_CODE;
-
-#undef JMAKE_ENUM_LIST
-#endif /* JMAKE_ENUM_LIST */
-
-/* Zap JMESSAGE macro so that future re-inclusions do nothing by default */
-#undef JMESSAGE
diff --git a/3rdparty/libjpeg-turbo_2_1_0/cdjpeg.c b/3rdparty/libjpeg-turbo_2_1_0/cdjpeg.c
deleted file mode 100644
index 5278c1d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/cdjpeg.c
+++ /dev/null
@@ -1,156 +0,0 @@
-/*
- * cdjpeg.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1997, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2019, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains common support routines used by the IJG application
- * programs (cjpeg, djpeg, jpegtran).
- */
-
-#include "cdjpeg.h"             /* Common decls for cjpeg/djpeg applications */
-#include <ctype.h>              /* to declare isupper(), tolower() */
-#ifdef USE_SETMODE
-#include <fcntl.h>              /* to declare setmode()'s parameter macros */
-/* If you have setmode() but not <io.h>, just delete this line: */
-#include <io.h>                 /* to declare setmode() */
-#endif
-
-
-/*
- * Optional progress monitor: display a percent-done figure on stderr.
- */
-
-METHODDEF(void)
-progress_monitor(j_common_ptr cinfo)
-{
-  cd_progress_ptr prog = (cd_progress_ptr)cinfo->progress;
-
-  if (prog->max_scans != 0 && cinfo->is_decompressor) {
-    int scan_no = ((j_decompress_ptr)cinfo)->input_scan_number;
-
-    if (scan_no > (int)prog->max_scans) {
-      fprintf(stderr, "Scan number %d exceeds maximum scans (%d)\n", scan_no,
-              prog->max_scans);
-      exit(EXIT_FAILURE);
-    }
-  }
-
-  if (prog->report) {
-    int total_passes = prog->pub.total_passes + prog->total_extra_passes;
-    int percent_done =
-      (int)(prog->pub.pass_counter * 100L / prog->pub.pass_limit);
-
-    if (percent_done != prog->percent_done) {
-      prog->percent_done = percent_done;
-      if (total_passes > 1) {
-        fprintf(stderr, "\rPass %d/%d: %3d%% ",
-                prog->pub.completed_passes + prog->completed_extra_passes + 1,
-                total_passes, percent_done);
-      } else {
-        fprintf(stderr, "\r %3d%% ", percent_done);
-      }
-      fflush(stderr);
-    }
-  }
-}
-
-
-GLOBAL(void)
-start_progress_monitor(j_common_ptr cinfo, cd_progress_ptr progress)
-{
-  /* Enable progress display, unless trace output is on */
-  if (cinfo->err->trace_level == 0) {
-    progress->pub.progress_monitor = progress_monitor;
-    progress->completed_extra_passes = 0;
-    progress->total_extra_passes = 0;
-    progress->max_scans = 0;
-    progress->report = FALSE;
-    progress->percent_done = -1;
-    cinfo->progress = &progress->pub;
-  }
-}
-
-
-GLOBAL(void)
-end_progress_monitor(j_common_ptr cinfo)
-{
-  /* Clear away progress display */
-  if (cinfo->err->trace_level == 0) {
-    fprintf(stderr, "\r                \r");
-    fflush(stderr);
-  }
-}
-
-
-/*
- * Case-insensitive matching of possibly-abbreviated keyword switches.
- * keyword is the constant keyword (must be lower case already),
- * minchars is length of minimum legal abbreviation.
- */
-
-GLOBAL(boolean)
-keymatch(char *arg, const char *keyword, int minchars)
-{
-  register int ca, ck;
-  register int nmatched = 0;
-
-  while ((ca = *arg++) != '\0') {
-    if ((ck = *keyword++) == '\0')
-      return FALSE;             /* arg longer than keyword, no good */
-    if (isupper(ca))            /* force arg to lcase (assume ck is already) */
-      ca = tolower(ca);
-    if (ca != ck)
-      return FALSE;             /* no good */
-    nmatched++;                 /* count matched characters */
-  }
-  /* reached end of argument; fail if it's too short for unique abbrev */
-  if (nmatched < minchars)
-    return FALSE;
-  return TRUE;                  /* A-OK */
-}
-
-
-/*
- * Routines to establish binary I/O mode for stdin and stdout.
- * Non-Unix systems often require some hacking to get out of text mode.
- */
-
-GLOBAL(FILE *)
-read_stdin(void)
-{
-  FILE *input_file = stdin;
-
-#ifdef USE_SETMODE              /* need to hack file mode? */
-  setmode(fileno(stdin), O_BINARY);
-#endif
-#ifdef USE_FDOPEN               /* need to re-open in binary mode? */
-  if ((input_file = fdopen(fileno(stdin), READ_BINARY)) == NULL) {
-    fprintf(stderr, "Cannot reopen stdin\n");
-    exit(EXIT_FAILURE);
-  }
-#endif
-  return input_file;
-}
-
-
-GLOBAL(FILE *)
-write_stdout(void)
-{
-  FILE *output_file = stdout;
-
-#ifdef USE_SETMODE              /* need to hack file mode? */
-  setmode(fileno(stdout), O_BINARY);
-#endif
-#ifdef USE_FDOPEN               /* need to re-open in binary mode? */
-  if ((output_file = fdopen(fileno(stdout), WRITE_BINARY)) == NULL) {
-    fprintf(stderr, "Cannot reopen stdout\n");
-    exit(EXIT_FAILURE);
-  }
-#endif
-  return output_file;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/cdjpeg.h b/3rdparty/libjpeg-turbo_2_1_0/cdjpeg.h
deleted file mode 100644
index 082687c..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/cdjpeg.h
+++ /dev/null
@@ -1,161 +0,0 @@
-/*
- * cdjpeg.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1997, Thomas G. Lane.
- * Modified 2019 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2017, 2019, 2021, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains common declarations for the sample applications
- * cjpeg and djpeg.  It is NOT used by the core JPEG library.
- */
-
-#define JPEG_CJPEG_DJPEG        /* define proper options in jconfig.h */
-#define JPEG_INTERNAL_OPTIONS   /* cjpeg.c,djpeg.c need to see xxx_SUPPORTED */
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jerror.h"             /* get library error codes too */
-#include "cderror.h"            /* get application-specific error codes */
-
-
-/*
- * Object interface for cjpeg's source file decoding modules
- */
-
-typedef struct cjpeg_source_struct *cjpeg_source_ptr;
-
-struct cjpeg_source_struct {
-  void (*start_input) (j_compress_ptr cinfo, cjpeg_source_ptr sinfo);
-  JDIMENSION (*get_pixel_rows) (j_compress_ptr cinfo, cjpeg_source_ptr sinfo);
-  void (*finish_input) (j_compress_ptr cinfo, cjpeg_source_ptr sinfo);
-
-  FILE *input_file;
-
-  JSAMPARRAY buffer;
-  JDIMENSION buffer_height;
-#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
-  JDIMENSION max_pixels;
-#endif
-};
-
-
-/*
- * Object interface for djpeg's output file encoding modules
- */
-
-typedef struct djpeg_dest_struct *djpeg_dest_ptr;
-
-struct djpeg_dest_struct {
-  /* start_output is called after jpeg_start_decompress finishes.
-   * The color map will be ready at this time, if one is needed.
-   */
-  void (*start_output) (j_decompress_ptr cinfo, djpeg_dest_ptr dinfo);
-  /* Emit the specified number of pixel rows from the buffer. */
-  void (*put_pixel_rows) (j_decompress_ptr cinfo, djpeg_dest_ptr dinfo,
-                          JDIMENSION rows_supplied);
-  /* Finish up at the end of the image. */
-  void (*finish_output) (j_decompress_ptr cinfo, djpeg_dest_ptr dinfo);
-  /* Re-calculate buffer dimensions based on output dimensions (for use with
-     partial image decompression.)  If this is NULL, then the output format
-     does not support partial image decompression (BMP, in particular, cannot
-     support partial decompression because it uses an inversion buffer to write
-     the image in bottom-up order.) */
-  void (*calc_buffer_dimensions) (j_decompress_ptr cinfo,
-                                  djpeg_dest_ptr dinfo);
-
-
-  /* Target file spec; filled in by djpeg.c after object is created. */
-  FILE *output_file;
-
-  /* Output pixel-row buffer.  Created by module init or start_output.
-   * Width is cinfo->output_width * cinfo->output_components;
-   * height is buffer_height.
-   */
-  JSAMPARRAY buffer;
-  JDIMENSION buffer_height;
-};
-
-
-/*
- * cjpeg/djpeg may need to perform extra passes to convert to or from
- * the source/destination file format.  The JPEG library does not know
- * about these passes, but we'd like them to be counted by the progress
- * monitor.  We use an expanded progress monitor object to hold the
- * additional pass count.
- */
-
-struct cdjpeg_progress_mgr {
-  struct jpeg_progress_mgr pub; /* fields known to JPEG library */
-  int completed_extra_passes;   /* extra passes completed */
-  int total_extra_passes;       /* total extra */
-  JDIMENSION max_scans;         /* abort if the number of scans exceeds this
-                                   value and the value is non-zero */
-  boolean report;               /* whether or not to report progress */
-  /* last printed percentage stored here to avoid multiple printouts */
-  int percent_done;
-};
-
-typedef struct cdjpeg_progress_mgr *cd_progress_ptr;
-
-
-/* Module selection routines for I/O modules. */
-
-EXTERN(cjpeg_source_ptr) jinit_read_bmp(j_compress_ptr cinfo,
-                                        boolean use_inversion_array);
-EXTERN(djpeg_dest_ptr) jinit_write_bmp(j_decompress_ptr cinfo, boolean is_os2,
-                                       boolean use_inversion_array);
-EXTERN(cjpeg_source_ptr) jinit_read_gif(j_compress_ptr cinfo);
-EXTERN(djpeg_dest_ptr) jinit_write_gif(j_decompress_ptr cinfo, boolean is_lzw);
-EXTERN(cjpeg_source_ptr) jinit_read_ppm(j_compress_ptr cinfo);
-EXTERN(djpeg_dest_ptr) jinit_write_ppm(j_decompress_ptr cinfo);
-EXTERN(cjpeg_source_ptr) jinit_read_targa(j_compress_ptr cinfo);
-EXTERN(djpeg_dest_ptr) jinit_write_targa(j_decompress_ptr cinfo);
-
-/* cjpeg support routines (in rdswitch.c) */
-
-EXTERN(boolean) read_quant_tables(j_compress_ptr cinfo, char *filename,
-                                  boolean force_baseline);
-EXTERN(boolean) read_scan_script(j_compress_ptr cinfo, char *filename);
-EXTERN(boolean) set_quality_ratings(j_compress_ptr cinfo, char *arg,
-                                    boolean force_baseline);
-EXTERN(boolean) set_quant_slots(j_compress_ptr cinfo, char *arg);
-EXTERN(boolean) set_sample_factors(j_compress_ptr cinfo, char *arg);
-
-/* djpeg support routines (in rdcolmap.c) */
-
-EXTERN(void) read_color_map(j_decompress_ptr cinfo, FILE *infile);
-
-/* common support routines (in cdjpeg.c) */
-
-EXTERN(void) start_progress_monitor(j_common_ptr cinfo,
-                                    cd_progress_ptr progress);
-EXTERN(void) end_progress_monitor(j_common_ptr cinfo);
-EXTERN(boolean) keymatch(char *arg, const char *keyword, int minchars);
-EXTERN(FILE *) read_stdin(void);
-EXTERN(FILE *) write_stdout(void);
-
-/* miscellaneous useful macros */
-
-#ifdef DONT_USE_B_MODE          /* define mode parameters for fopen() */
-#define READ_BINARY     "r"
-#define WRITE_BINARY    "w"
-#else
-#define READ_BINARY     "rb"
-#define WRITE_BINARY    "wb"
-#endif
-
-#ifndef EXIT_FAILURE            /* define exit() codes if not provided */
-#define EXIT_FAILURE  1
-#endif
-#ifndef EXIT_SUCCESS
-#define EXIT_SUCCESS  0
-#endif
-#ifndef EXIT_WARNING
-#define EXIT_WARNING  2
-#endif
-
-#define IsExtRGB(cs) \
-  (cs == JCS_RGB || (cs >= JCS_EXT_RGB && cs <= JCS_EXT_ARGB))
diff --git a/3rdparty/libjpeg-turbo_2_1_0/change.log b/3rdparty/libjpeg-turbo_2_1_0/change.log
deleted file mode 100644
index e4d0ddc..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/change.log
+++ /dev/null
@@ -1,336 +0,0 @@
-libjpeg-turbo note:  This file has been modified by The libjpeg-turbo Project
-to include only information relevant to libjpeg-turbo.  It is included only for
-reference.  Please see ChangeLog.md for information specific to libjpeg-turbo.
-
-
-CHANGE LOG for Independent JPEG Group's JPEG software
-
-
-Version 9d  12-Jan-2020
------------------------
-
-Restore GIF read and write support from libjpeg version 6a.
-Thank to Wolfgang Werner (W.W.) Heinz for suggestion.
-
-Add jpegtran -drop option; add options to the crop extension and wipe
-to fill the extra area with content from the source image region,
-instead of gray out.
-
-
-Version 9c  14-Jan-2018
------------------------
-
-jpegtran: add an option to the -wipe switch to fill the region
-with the average of adjacent blocks, instead of gray out.
-Thank to Caitlyn Feddock and Maddie Ziegler for inspiration.
-
-
-Version 9b  17-Jan-2016
------------------------
-
-Document 'f' specifier for jpegtran -crop specification.
-Thank to Michele Martone for suggestion.
-
-
-Version 9a  19-Jan-2014
------------------------
-
-Add jpegtran -wipe option and extension for -crop.
-Thank to Andrew Senior, David Clunie, and Josef Schmid for suggestion.
-
-
-Version 9  13-Jan-2013
-----------------------
-
-Add remark for jpeg_mem_dest() in jdatadst.c.
-Thank to Elie-Gregoire Khoury for the hint.
-
-Correct argument type in format string, avoid compiler warnings.
-Thank to Vincent Torri for hint.
-
-
-Version 8d  15-Jan-2012
------------------------
-
-Add cjpeg -rgb option to create RGB JPEG files.
-Using this switch suppresses the conversion from RGB
-colorspace input to the default YCbCr JPEG colorspace.
-Thank to Michael Koch for the initial suggestion.
-
-Add option to disable the region adjustment in the transupp crop code.
-Thank to Jeffrey Friedl for the suggestion.
-
-
-Version 8b  16-May-2010
------------------------
-
-Repair problem in new memory source manager with corrupt JPEG data.
-Thank to Ted Campbell and Samuel Chun for the report.
-
-
-Version 8a  28-Feb-2010
------------------------
-
-Writing tables-only datastreams via jpeg_write_tables works again.
-
-Support 32-bit BMPs (RGB image with Alpha channel) for read in cjpeg.
-Thank to Brett Blackham for the suggestion.
-
-
-Version 8  10-Jan-2010
-----------------------
-
-Add sanity check in BMP reader module to avoid cjpeg crash for empty input
-image (thank to Isaev Ildar of ISP RAS, Moscow, RU for reporting this error).
-
-Add data source and destination managers for read from and write to
-memory buffers.  New API functions jpeg_mem_src and jpeg_mem_dest.
-Thank to Roberto Boni from Italy for the suggestion.
-
-
-Version 7  27-Jun-2009
-----------------------
-
-New scaled DCTs implemented.
-djpeg now supports scalings N/8 with all N from 1 to 16.
-
-cjpeg -quality option has been extended for support of separate quality
-settings for luminance and chrominance (or in general, for every provided
-quantization table slot).
-New API function jpeg_default_qtables() and q_scale_factor array in library.
-
-Support arithmetic entropy encoding and decoding.
-Added files jaricom.c, jcarith.c, jdarith.c.
-
-jpegtran has a new "lossless" cropping feature.
-
-Implement -perfect option in jpegtran, new API function
-jtransform_perfect_transform() in transupp. (DP 204_perfect.dpatch)
-
-Better error messages for jpegtran fopen failure.
-(DP 203_jpegtran_errmsg.dpatch)
-
-Fix byte order issue with 16bit PPM/PGM files in rdppm.c/wrppm.c:
-according to Netpbm, the de facto standard implementation of the PNM formats,
-the most significant byte is first. (DP 203_rdppm.dpatch)
-
-Add -raw option to rdjpgcom not to mangle the output.
-(DP 205_rdjpgcom_raw.dpatch)
-
-Make rdjpgcom locale aware. (DP 201_rdjpgcom_locale.dpatch)
-
-Add extern "C" to jpeglib.h.
-This avoids the need to put extern "C" { ... } around #include "jpeglib.h"
-in your C++ application.  Defining the symbol DONT_USE_EXTERN_C in the
-configuration prevents this. (DP 202_jpeglib.h_c++.dpatch)
-
-
-Version 6b  27-Mar-1998
------------------------
-
-jpegtran has new features for lossless image transformations (rotation
-and flipping) as well as "lossless" reduction to grayscale.
-
-jpegtran now copies comments by default; it has a -copy switch to enable
-copying all APPn blocks as well, or to suppress comments.  (Formerly it
-always suppressed comments and APPn blocks.)  jpegtran now also preserves
-JFIF version and resolution information.
-
-New decompressor library feature: COM and APPn markers found in the input
-file can be saved in memory for later use by the application.  (Before,
-you had to code this up yourself with a custom marker processor.)
-
-There is an unused field "void * client_data" now in compress and decompress
-parameter structs; this may be useful in some applications.
-
-JFIF version number information is now saved by the decoder and accepted by
-the encoder.  jpegtran uses this to copy the source file's version number,
-to ensure "jpegtran -copy all" won't create bogus files that contain JFXX
-extensions but claim to be version 1.01.  Applications that generate their
-own JFXX extension markers also (finally) have a supported way to cause the
-encoder to emit JFIF version number 1.02.
-
-djpeg's trace mode reports JFIF 1.02 thumbnail images as such, rather
-than as unknown APP0 markers.
-
-In -verbose mode, djpeg and rdjpgcom will try to print the contents of
-APP12 markers as text.  Some digital cameras store useful text information
-in APP12 markers.
-
-Handling of truncated data streams is more robust: blocks beyond the one in
-which the error occurs will be output as uniform gray, or left unchanged
-if decoding a progressive JPEG.  The appearance no longer depends on the
-Huffman tables being used.
-
-Huffman tables are checked for validity much more carefully than before.
-
-The configure script now supports building libjpeg as a shared library
-on many flavors of Unix (all the ones that GNU libtool knows how to
-build shared libraries for).  Use "./configure --enable-shared" to
-try this out.
-
-New jconfig file and makefiles for Microsoft Visual C++ and Developer Studio.
-Also, a jconfig file and a build script for Metrowerks CodeWarrior
-on Apple Macintosh.  makefile.dj has been updated for DJGPP v2, and there
-are miscellaneous other minor improvements in the makefiles.
-
-jmemmac.c now knows how to create temporary files following Mac System 7
-conventions.
-
-djpeg's -map switch is now able to read raw-format PPM files reliably.
-
-cjpeg -progressive -restart no longer generates any unnecessary DRI markers.
-
-Multiple calls to jpeg_simple_progression for a single JPEG object
-no longer leak memory.
-
-
-Version 6a  7-Feb-96
---------------------
-
-Library initialization sequence modified to detect version mismatches
-and struct field packing mismatches between library and calling application.
-This change requires applications to be recompiled, but does not require
-any application source code change.
-
-All routine declarations changed to the style "GLOBAL(type) name ...",
-that is, GLOBAL, LOCAL, METHODDEF, EXTERN are now macros taking the
-routine's return type as an argument.  This makes it possible to add
-Microsoft-style linkage keywords to all the routines by changing just
-these macros.  Note that any application code that was using these macros
-will have to be changed.
-
-DCT coefficient quantization tables are now stored in normal array order
-rather than zigzag order.  Application code that calls jpeg_add_quant_table,
-or otherwise manipulates quantization tables directly, will need to be
-changed.  If you need to make such code work with either older or newer
-versions of the library, a test like "#if JPEG_LIB_VERSION >= 61" is
-recommended.
-
-djpeg's trace capability now dumps DQT tables in natural order, not zigzag
-order.  This allows the trace output to be made into a "-qtables" file
-more easily.
-
-New system-dependent memory manager module for use on Apple Macintosh.
-
-Fix bug in cjpeg's -smooth option: last one or two scanlines would be
-duplicates of the prior line unless the image height mod 16 was 1 or 2.
-
-Repair minor problems in VMS, BCC, MC6 makefiles.
-
-New configure script based on latest GNU Autoconf.
-
-Correct the list of include files needed by MetroWerks C for ccommand().
-
-Numerous small documentation updates.
-
-
-Version 6  2-Aug-95
--------------------
-
-Progressive JPEG support: library can read and write full progressive JPEG
-files.  A "buffered image" mode supports incremental decoding for on-the-fly
-display of progressive images.  Simply recompiling an existing IJG-v5-based
-decoder with v6 should allow it to read progressive files, though of course
-without any special progressive display.
-
-New "jpegtran" application performs lossless transcoding between different
-JPEG formats; primarily, it can be used to convert baseline to progressive
-JPEG and vice versa.  In support of jpegtran, the library now allows lossless
-reading and writing of JPEG files as DCT coefficient arrays.  This ability
-may be of use in other applications.
-
-Notes for programmers:
-* We changed jpeg_start_decompress() to be able to suspend; this makes all
-decoding modes available to suspending-input applications.  However,
-existing applications that use suspending input will need to be changed
-to check the return value from jpeg_start_decompress().  You don't need to
-do anything if you don't use a suspending data source.
-* We changed the interface to the virtual array routines: access_virt_array
-routines now take a count of the number of rows to access this time.  The
-last parameter to request_virt_array routines is now interpreted as the
-maximum number of rows that may be accessed at once, but not necessarily
-the height of every access.
-
-
-Version 5b  15-Mar-95
----------------------
-
-Correct bugs with grayscale images having v_samp_factor > 1.
-
-jpeg_write_raw_data() now supports output suspension.
-
-Correct bugs in "configure" script for case of compiling in
-a directory other than the one containing the source files.
-
-Repair bug in jquant1.c: sometimes didn't use as many colors as it could.
-
-Borland C makefile and jconfig file work under either MS-DOS or OS/2.
-
-Miscellaneous improvements to documentation.
-
-
-Version 5a  7-Dec-94
---------------------
-
-Changed color conversion roundoff behavior so that grayscale values are
-represented exactly.  (This causes test image files to change.)
-
-Make ordered dither use 16x16 instead of 4x4 pattern for a small quality
-improvement.
-
-New configure script based on latest GNU Autoconf.
-Fix configure script to handle CFLAGS correctly.
-Rename *.auto files to *.cfg, so that configure script still works if
-file names have been truncated for DOS.
-
-Fix bug in rdbmp.c: didn't allow for extra data between header and image.
-
-Modify rdppm.c/wrppm.c to handle 2-byte raw PPM/PGM formats for 12-bit data.
-
-Fix several bugs in rdrle.c.
-
-NEED_SHORT_EXTERNAL_NAMES option was broken.
-
-Revise jerror.h/jerror.c for more flexibility in message table.
-
-Repair oversight in jmemname.c NO_MKTEMP case: file could be there
-but unreadable.
-
-
-Version 5  24-Sep-94
---------------------
-
-Version 5 represents a nearly complete redesign and rewrite of the IJG
-software.  Major user-visible changes include:
-  * Automatic configuration simplifies installation for most Unix systems.
-  * A range of speed vs. image quality tradeoffs are supported.
-    This includes resizing of an image during decompression: scaling down
-    by a factor of 1/2, 1/4, or 1/8 is handled very efficiently.
-  * New programs rdjpgcom and wrjpgcom allow insertion and extraction
-    of text comments in a JPEG file.
-
-The application programmer's interface to the library has changed completely.
-Notable improvements include:
-  * We have eliminated the use of callback routines for handling the
-    uncompressed image data.  The application now sees the library as a
-    set of routines that it calls to read or write image data on a
-    scanline-by-scanline basis.
-  * The application image data is represented in a conventional interleaved-
-    pixel format, rather than as a separate array for each color channel.
-    This can save a copying step in many programs.
-  * The handling of compressed data has been cleaned up: the application can
-    supply routines to source or sink the compressed data.  It is possible to
-    suspend processing on source/sink buffer overrun, although this is not
-    supported in all operating modes.
-  * All static state has been eliminated from the library, so that multiple
-    instances of compression or decompression can be active concurrently.
-  * JPEG abbreviated datastream formats are supported, ie, quantization and
-    Huffman tables can be stored separately from the image data.
-  * And not only that, but the documentation of the library has improved
-    considerably!
-
-
-The last widely used release before the version 5 rewrite was version 4A of
-18-Feb-93.  Change logs before that point have been discarded, since they
-are not of much interest after the rewrite.
diff --git a/3rdparty/libjpeg-turbo_2_1_0/cjpeg.1 b/3rdparty/libjpeg-turbo_2_1_0/cjpeg.1
deleted file mode 100644
index 569dc3f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/cjpeg.1
+++ /dev/null
@@ -1,360 +0,0 @@
-.TH CJPEG 1 "4 November 2020"
-.SH NAME
-cjpeg \- compress an image file to a JPEG file
-.SH SYNOPSIS
-.B cjpeg
-[
-.I options
-]
-[
-.I filename
-]
-.LP
-.SH DESCRIPTION
-.LP
-.B cjpeg
-compresses the named image file, or the standard input if no file is
-named, and produces a JPEG/JFIF file on the standard output.
-The currently supported input file formats are: PPM (PBMPLUS color
-format), PGM (PBMPLUS grayscale format), BMP, GIF, and Targa.
-.SH OPTIONS
-All switch names may be abbreviated; for example,
-.B \-grayscale
-may be written
-.B \-gray
-or
-.BR \-gr .
-Most of the "basic" switches can be abbreviated to as little as one letter.
-Upper and lower case are equivalent (thus
-.B \-BMP
-is the same as
-.BR \-bmp ).
-British spellings are also accepted (e.g.,
-.BR \-greyscale ),
-though for brevity these are not mentioned below.
-.PP
-The basic switches are:
-.TP
-.BI \-quality " N[,...]"
-Scale quantization tables to adjust image quality.  Quality is 0 (worst) to
-100 (best); default is 75.  (See below for more info.)
-.TP
-.B \-grayscale
-Create monochrome JPEG file from color input.  Be sure to use this switch when
-compressing a grayscale BMP or GIF file, because
-.B cjpeg
-isn't bright enough to notice whether a BMP or GIF file uses only shades of
-gray.  By saying
-.BR \-grayscale,
-you'll get a smaller JPEG file that takes less time to process.
-.TP
-.B \-rgb
-Create RGB JPEG file.
-Using this switch suppresses the conversion from RGB
-colorspace input to the default YCbCr JPEG colorspace.
-.TP
-.B \-optimize
-Perform optimization of entropy encoding parameters.  Without this, default
-encoding parameters are used.
-.B \-optimize
-usually makes the JPEG file a little smaller, but
-.B cjpeg
-runs somewhat slower and needs much more memory.  Image quality and speed of
-decompression are unaffected by
-.BR \-optimize .
-.TP
-.B \-progressive
-Create progressive JPEG file (see below).
-.TP
-.B \-targa
-Input file is Targa format.  Targa files that contain an "identification"
-field will not be automatically recognized by
-.BR cjpeg ;
-for such files you must specify
-.B \-targa
-to make
-.B cjpeg
-treat the input as Targa format.
-For most Targa files, you won't need this switch.
-.PP
-The
-.B \-quality
-switch lets you trade off compressed file size against quality of the
-reconstructed image: the higher the quality setting, the larger the JPEG file,
-and the closer the output image will be to the original input.  Normally you
-want to use the lowest quality setting (smallest file) that decompresses into
-something visually indistinguishable from the original image.  For this
-purpose the quality setting should generally be between 50 and 95 (the default
-is 75) for photographic images.  If you see defects at
-.B \-quality
-75, then go up 5 or 10 counts at a time until you are happy with the output
-image.  (The optimal setting will vary from one image to another.)
-.PP
-.B \-quality
-100 will generate a quantization table of all 1's, minimizing loss in the
-quantization step (but there is still information loss in subsampling, as well
-as roundoff error.)  For most images, specifying a quality value above
-about 95 will increase the size of the compressed file dramatically, and while
-the quality gain from these higher quality values is measurable (using metrics
-such as PSNR or SSIM), it is rarely perceivable by human vision.
-.PP
-In the other direction, quality values below 50 will produce very small files
-of low image quality.  Settings around 5 to 10 might be useful in preparing an
-index of a large image library, for example.  Try
-.B \-quality
-2 (or so) for some amusing Cubist effects.  (Note: quality
-values below about 25 generate 2-byte quantization tables, which are
-considered optional in the JPEG standard.
-.B cjpeg
-emits a warning message when you give such a quality value, because some
-other JPEG programs may be unable to decode the resulting file.  Use
-.B \-baseline
-if you need to ensure compatibility at low quality values.)
-.PP
-The \fB-quality\fR option has been extended in this version of \fBcjpeg\fR to
-support separate quality settings for luminance and chrominance (or, in
-general, separate settings for every quantization table slot.)  The principle
-is the same as chrominance subsampling:  since the human eye is more sensitive
-to spatial changes in brightness than spatial changes in color, the chrominance
-components can be quantized more than the luminance components without
-incurring any visible image quality loss.  However, unlike subsampling, this
-feature reduces data in the frequency domain instead of the spatial domain,
-which allows for more fine-grained control.  This option is useful in
-quality-sensitive applications, for which the artifacts generated by
-subsampling may be unacceptable.
-.PP
-The \fB-quality\fR option accepts a comma-separated list of parameters, which
-respectively refer to the quality levels that should be assigned to the
-quantization table slots.  If there are more q-table slots than parameters,
-then the last parameter is replicated.  Thus, if only one quality parameter is
-given, this is used for both luminance and chrominance (slots 0 and 1,
-respectively), preserving the legacy behavior of cjpeg v6b and prior.
-More (or customized) quantization tables can be set with the \fB-qtables\fR
-option and assigned to components with the \fB-qslots\fR option (see the
-"wizard" switches below.)
-.PP
-JPEG files generated with separate luminance and chrominance quality are fully
-compliant with standard JPEG decoders.
-.PP
-.BR CAUTION:
-For this setting to be useful, be sure to pass an argument of \fB-sample 1x1\fR
-to \fBcjpeg\fR to disable chrominance subsampling.  Otherwise, the default
-subsampling level (2x2, AKA "4:2:0") will be used.
-.PP
-The
-.B \-progressive
-switch creates a "progressive JPEG" file.  In this type of JPEG file, the data
-is stored in multiple scans of increasing quality.  If the file is being
-transmitted over a slow communications link, the decoder can use the first
-scan to display a low-quality image very quickly, and can then improve the
-display with each subsequent scan.  The final image is exactly equivalent to a
-standard JPEG file of the same quality setting, and the total file size is
-about the same --- often a little smaller.
-.PP
-Switches for advanced users:
-.TP
-.B \-arithmetic
-Use arithmetic coding.
-.B Caution:
-arithmetic coded JPEG is not yet widely implemented, so many decoders will be
-unable to view an arithmetic coded JPEG file at all.
-.TP
-.B \-dct int
-Use accurate integer DCT method (default).
-.TP
-.B \-dct fast
-Use less accurate integer DCT method [legacy feature].
-When the Independent JPEG Group's software was first released in 1991, the
-compression time for a 1-megapixel JPEG image on a mainstream PC was measured
-in minutes.  Thus, the \fBfast\fR integer DCT algorithm provided noticeable
-performance benefits.  On modern CPUs running libjpeg-turbo, however, the
-compression time for a 1-megapixel JPEG image is measured in milliseconds, and
-thus the performance benefits of the \fBfast\fR algorithm are much less
-noticeable.  On modern x86/x86-64 CPUs that support AVX2 instructions, the
-\fBfast\fR and \fBint\fR methods have similar performance.  On other types of
-CPUs, the \fBfast\fR method is generally about 5-15% faster than the \fBint\fR
-method.
-
-For quality levels of 90 and below, there should be little or no perceptible
-quality difference between the two algorithms.  For quality levels above 90,
-however, the difference between the \fBfast\fR and \fBint\fR methods becomes
-more pronounced.  With quality=97, for instance, the \fBfast\fR method incurs
-generally about a 1-3 dB loss in PSNR relative to the \fBint\fR method, but
-this can be larger for some images.  Do not use the \fBfast\fR method with
-quality levels above 97.  The algorithm often degenerates at quality=98 and
-above and can actually produce a more lossy image than if lower quality levels
-had been used.  Also, in libjpeg-turbo, the \fBfast\fR method is not fully
-accelerated for quality levels above 97, so it will be slower than the
-\fBint\fR method.
-.TP
-.B \-dct float
-Use floating-point DCT method [legacy feature].
-The \fBfloat\fR method does not produce significantly more accurate results
-than the \fBint\fR method, and it is much slower.  The \fBfloat\fR method may
-also give different results on different machines due to varying roundoff
-behavior, whereas the integer methods should give the same results on all
-machines.
-.TP
-.BI \-icc " file"
-Embed ICC color management profile contained in the specified file.
-.TP
-.BI \-restart " N"
-Emit a JPEG restart marker every N MCU rows, or every N MCU blocks if "B" is
-attached to the number.
-.B \-restart 0
-(the default) means no restart markers.
-.TP
-.BI \-smooth " N"
-Smooth the input image to eliminate dithering noise.  N, ranging from 1 to
-100, indicates the strength of smoothing.  0 (the default) means no smoothing.
-.TP
-.BI \-maxmemory " N"
-Set limit for amount of memory to use in processing large images.  Value is
-in thousands of bytes, or millions of bytes if "M" is attached to the
-number.  For example,
-.B \-max 4m
-selects 4000000 bytes.  If more space is needed, an error will occur.
-.TP
-.BI \-outfile " name"
-Send output image to the named file, not to standard output.
-.TP
-.BI \-memdst
-Compress to memory instead of a file.  This feature was implemented mainly as a
-way of testing the in-memory destination manager (jpeg_mem_dest()), but it is
-also useful for benchmarking, since it reduces the I/O overhead.
-.TP
-.BI \-report
-Report compression progress.
-.TP
-.B \-verbose
-Enable debug printout.  More
-.BR \-v 's
-give more output.  Also, version information is printed at startup.
-.TP
-.B \-debug
-Same as
-.BR \-verbose .
-.TP
-.B \-version
-Print version information and exit.
-.PP
-The
-.B \-restart
-option inserts extra markers that allow a JPEG decoder to resynchronize after
-a transmission error.  Without restart markers, any damage to a compressed
-file will usually ruin the image from the point of the error to the end of the
-image; with restart markers, the damage is usually confined to the portion of
-the image up to the next restart marker.  Of course, the restart markers
-occupy extra space.  We recommend
-.B \-restart 1
-for images that will be transmitted across unreliable networks such as Usenet.
-.PP
-The
-.B \-smooth
-option filters the input to eliminate fine-scale noise.  This is often useful
-when converting dithered images to JPEG: a moderate smoothing factor of 10 to
-50 gets rid of dithering patterns in the input file, resulting in a smaller
-JPEG file and a better-looking image.  Too large a smoothing factor will
-visibly blur the image, however.
-.PP
-Switches for wizards:
-.TP
-.B \-baseline
-Force baseline-compatible quantization tables to be generated.  This clamps
-quantization values to 8 bits even at low quality settings.  (This switch is
-poorly named, since it does not ensure that the output is actually baseline
-JPEG.  For example, you can use
-.B \-baseline
-and
-.B \-progressive
-together.)
-.TP
-.BI \-qtables " file"
-Use the quantization tables given in the specified text file.
-.TP
-.BI \-qslots " N[,...]"
-Select which quantization table to use for each color component.
-.TP
-.BI \-sample " HxV[,...]"
-Set JPEG sampling factors for each color component.
-.TP
-.BI \-scans " file"
-Use the scan script given in the specified text file.
-.PP
-The "wizard" switches are intended for experimentation with JPEG.  If you
-don't know what you are doing, \fBdon't use them\fR.  These switches are
-documented further in the file wizard.txt.
-.SH EXAMPLES
-.LP
-This example compresses the PPM file foo.ppm with a quality factor of
-60 and saves the output as foo.jpg:
-.IP
-.B cjpeg \-quality
-.I 60 foo.ppm
-.B >
-.I foo.jpg
-.SH HINTS
-Color GIF files are not the ideal input for JPEG; JPEG is really intended for
-compressing full-color (24-bit) images.  In particular, don't try to convert
-cartoons, line drawings, and other images that have only a few distinct
-colors.  GIF works great on these, JPEG does not.  If you want to convert a
-GIF to JPEG, you should experiment with
-.BR cjpeg 's
-.B \-quality
-and
-.B \-smooth
-options to get a satisfactory conversion.
-.B \-smooth 10
-or so is often helpful.
-.PP
-Avoid running an image through a series of JPEG compression/decompression
-cycles.  Image quality loss will accumulate; after ten or so cycles the image
-may be noticeably worse than it was after one cycle.  It's best to use a
-lossless format while manipulating an image, then convert to JPEG format when
-you are ready to file the image away.
-.PP
-The
-.B \-optimize
-option to
-.B cjpeg
-is worth using when you are making a "final" version for posting or archiving.
-It's also a win when you are using low quality settings to make very small
-JPEG files; the percentage improvement is often a lot more than it is on
-larger files.  (At present,
-.B \-optimize
-mode is always selected when generating progressive JPEG files.)
-.SH ENVIRONMENT
-.TP
-.B JPEGMEM
-If this environment variable is set, its value is the default memory limit.
-The value is specified as described for the
-.B \-maxmemory
-switch.
-.B JPEGMEM
-overrides the default value specified when the program was compiled, and
-itself is overridden by an explicit
-.BR \-maxmemory .
-.SH SEE ALSO
-.BR djpeg (1),
-.BR jpegtran (1),
-.BR rdjpgcom (1),
-.BR wrjpgcom (1)
-.br
-.BR ppm (5),
-.BR pgm (5)
-.br
-Wallace, Gregory K.  "The JPEG Still Picture Compression Standard",
-Communications of the ACM, April 1991 (vol. 34, no. 4), pp. 30-44.
-.SH AUTHOR
-Independent JPEG Group
-.PP
-This file was modified by The libjpeg-turbo Project to include only information
-relevant to libjpeg-turbo, to wordsmith certain sections, and to describe
-features not present in libjpeg.
-.SH ISSUES
-Not all variants of BMP and Targa file formats are supported.
-.PP
-The
-.B \-targa
-switch is not a bug, it's a feature.  (It would be a bug if the Targa format
-designers had not been clueless.)
diff --git a/3rdparty/libjpeg-turbo_2_1_0/cjpeg.c b/3rdparty/libjpeg-turbo_2_1_0/cjpeg.c
deleted file mode 100644
index c99a133..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/cjpeg.c
+++ /dev/null
@@ -1,756 +0,0 @@
-/*
- * cjpeg.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1998, Thomas G. Lane.
- * Modified 2003-2011 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2010, 2013-2014, 2017, 2019-2021, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains a command-line user interface for the JPEG compressor.
- * It should work on any system with Unix- or MS-DOS-style command lines.
- *
- * Two different command line styles are permitted, depending on the
- * compile-time switch TWO_FILE_COMMANDLINE:
- *      cjpeg [options]  inputfile outputfile
- *      cjpeg [options]  [inputfile]
- * In the second style, output is always to standard output, which you'd
- * normally redirect to a file or pipe to some other program.  Input is
- * either from a named file or from standard input (typically redirected).
- * The second style is convenient on Unix but is unhelpful on systems that
- * don't support pipes.  Also, you MUST use the first style if your system
- * doesn't do binary I/O to stdin/stdout.
- * To simplify script writing, the "-outfile" switch is provided.  The syntax
- *      cjpeg [options]  -outfile outputfile  inputfile
- * works regardless of which command line style is used.
- */
-
-#ifdef CJPEG_FUZZER
-#define JPEG_INTERNALS
-#endif
-#include "cdjpeg.h"             /* Common decls for cjpeg/djpeg applications */
-#include "jversion.h"           /* for version message */
-#include "jconfigint.h"
-
-#ifndef HAVE_STDLIB_H           /* <stdlib.h> should declare malloc(),free() */
-extern void *malloc(size_t size);
-extern void free(void *ptr);
-#endif
-
-#ifdef USE_CCOMMAND             /* command-line reader for Macintosh */
-#ifdef __MWERKS__
-#include <SIOUX.h>              /* Metrowerks needs this */
-#include <console.h>            /* ... and this */
-#endif
-#ifdef THINK_C
-#include <console.h>            /* Think declares it here */
-#endif
-#endif
-
-
-/* Create the add-on message string table. */
-
-#define JMESSAGE(code, string)  string,
-
-static const char * const cdjpeg_message_table[] = {
-#include "cderror.h"
-  NULL
-};
-
-
-/*
- * This routine determines what format the input file is,
- * and selects the appropriate input-reading module.
- *
- * To determine which family of input formats the file belongs to,
- * we may look only at the first byte of the file, since C does not
- * guarantee that more than one character can be pushed back with ungetc.
- * Looking at additional bytes would require one of these approaches:
- *     1) assume we can fseek() the input file (fails for piped input);
- *     2) assume we can push back more than one character (works in
- *        some C implementations, but unportable);
- *     3) provide our own buffering (breaks input readers that want to use
- *        stdio directly);
- * or  4) don't put back the data, and modify the input_init methods to assume
- *        they start reading after the start of file.
- * #1 is attractive for MS-DOS but is untenable on Unix.
- *
- * The most portable solution for file types that can't be identified by their
- * first byte is to make the user tell us what they are.  This is also the
- * only approach for "raw" file types that contain only arbitrary values.
- * We presently apply this method for Targa files.  Most of the time Targa
- * files start with 0x00, so we recognize that case.  Potentially, however,
- * a Targa file could start with any byte value (byte 0 is the length of the
- * seldom-used ID field), so we provide a switch to force Targa input mode.
- */
-
-static boolean is_targa;        /* records user -targa switch */
-
-
-LOCAL(cjpeg_source_ptr)
-select_file_type(j_compress_ptr cinfo, FILE *infile)
-{
-  int c;
-
-  if (is_targa) {
-#ifdef TARGA_SUPPORTED
-    return jinit_read_targa(cinfo);
-#else
-    ERREXIT(cinfo, JERR_TGA_NOTCOMP);
-#endif
-  }
-
-  if ((c = getc(infile)) == EOF)
-    ERREXIT(cinfo, JERR_INPUT_EMPTY);
-  if (ungetc(c, infile) == EOF)
-    ERREXIT(cinfo, JERR_UNGETC_FAILED);
-
-  switch (c) {
-#ifdef BMP_SUPPORTED
-  case 'B':
-    return jinit_read_bmp(cinfo, TRUE);
-#endif
-#ifdef GIF_SUPPORTED
-  case 'G':
-    return jinit_read_gif(cinfo);
-#endif
-#ifdef PPM_SUPPORTED
-  case 'P':
-    return jinit_read_ppm(cinfo);
-#endif
-#ifdef TARGA_SUPPORTED
-  case 0x00:
-    return jinit_read_targa(cinfo);
-#endif
-  default:
-    ERREXIT(cinfo, JERR_UNKNOWN_FORMAT);
-    break;
-  }
-
-  return NULL;                  /* suppress compiler warnings */
-}
-
-
-/*
- * Argument-parsing code.
- * The switch parser is designed to be useful with DOS-style command line
- * syntax, ie, intermixed switches and file names, where only the switches
- * to the left of a given file name affect processing of that file.
- * The main program in this file doesn't actually use this capability...
- */
-
-
-static const char *progname;    /* program name for error messages */
-static char *icc_filename;      /* for -icc switch */
-static char *outfilename;       /* for -outfile switch */
-boolean memdst;                 /* for -memdst switch */
-boolean report;                 /* for -report switch */
-
-
-#ifdef CJPEG_FUZZER
-
-#include <setjmp.h>
-
-struct my_error_mgr {
-  struct jpeg_error_mgr pub;
-  jmp_buf setjmp_buffer;
-};
-
-void my_error_exit(j_common_ptr cinfo)
-{
-  struct my_error_mgr *myerr = (struct my_error_mgr *)cinfo->err;
-
-  longjmp(myerr->setjmp_buffer, 1);
-}
-
-static void my_emit_message(j_common_ptr cinfo, int msg_level)
-{
-  if (msg_level < 0)
-    cinfo->err->num_warnings++;
-}
-
-#define HANDLE_ERROR() { \
-  if (cinfo.global_state > CSTATE_START) { \
-    if (memdst && outbuffer) \
-      (*cinfo.dest->term_destination) (&cinfo); \
-    jpeg_abort_compress(&cinfo); \
-  } \
-  jpeg_destroy_compress(&cinfo); \
-  if (input_file != stdin && input_file != NULL) \
-    fclose(input_file); \
-  if (memdst) \
-    free(outbuffer); \
-  return EXIT_FAILURE; \
-}
-
-#endif
-
-
-LOCAL(void)
-usage(void)
-/* complain about bad command line */
-{
-  fprintf(stderr, "usage: %s [switches] ", progname);
-#ifdef TWO_FILE_COMMANDLINE
-  fprintf(stderr, "inputfile outputfile\n");
-#else
-  fprintf(stderr, "[inputfile]\n");
-#endif
-
-  fprintf(stderr, "Switches (names may be abbreviated):\n");
-  fprintf(stderr, "  -quality N[,...]   Compression quality (0..100; 5-95 is most useful range,\n");
-  fprintf(stderr, "                     default is 75)\n");
-  fprintf(stderr, "  -grayscale     Create monochrome JPEG file\n");
-  fprintf(stderr, "  -rgb           Create RGB JPEG file\n");
-#ifdef ENTROPY_OPT_SUPPORTED
-  fprintf(stderr, "  -optimize      Optimize Huffman table (smaller file, but slow compression)\n");
-#endif
-#ifdef C_PROGRESSIVE_SUPPORTED
-  fprintf(stderr, "  -progressive   Create progressive JPEG file\n");
-#endif
-#ifdef TARGA_SUPPORTED
-  fprintf(stderr, "  -targa         Input file is Targa format (usually not needed)\n");
-#endif
-  fprintf(stderr, "Switches for advanced users:\n");
-#ifdef C_ARITH_CODING_SUPPORTED
-  fprintf(stderr, "  -arithmetic    Use arithmetic coding\n");
-#endif
-#ifdef DCT_ISLOW_SUPPORTED
-  fprintf(stderr, "  -dct int       Use accurate integer DCT method%s\n",
-          (JDCT_DEFAULT == JDCT_ISLOW ? " (default)" : ""));
-#endif
-#ifdef DCT_IFAST_SUPPORTED
-  fprintf(stderr, "  -dct fast      Use less accurate integer DCT method [legacy feature]%s\n",
-          (JDCT_DEFAULT == JDCT_IFAST ? " (default)" : ""));
-#endif
-#ifdef DCT_FLOAT_SUPPORTED
-  fprintf(stderr, "  -dct float     Use floating-point DCT method [legacy feature]%s\n",
-          (JDCT_DEFAULT == JDCT_FLOAT ? " (default)" : ""));
-#endif
-  fprintf(stderr, "  -icc FILE      Embed ICC profile contained in FILE\n");
-  fprintf(stderr, "  -restart N     Set restart interval in rows, or in blocks with B\n");
-#ifdef INPUT_SMOOTHING_SUPPORTED
-  fprintf(stderr, "  -smooth N      Smooth dithered input (N=1..100 is strength)\n");
-#endif
-  fprintf(stderr, "  -maxmemory N   Maximum memory to use (in kbytes)\n");
-  fprintf(stderr, "  -outfile name  Specify name for output file\n");
-#if JPEG_LIB_VERSION >= 80 || defined(MEM_SRCDST_SUPPORTED)
-  fprintf(stderr, "  -memdst        Compress to memory instead of file (useful for benchmarking)\n");
-#endif
-  fprintf(stderr, "  -report        Report compression progress\n");
-  fprintf(stderr, "  -verbose  or  -debug   Emit debug output\n");
-  fprintf(stderr, "  -version       Print version information and exit\n");
-  fprintf(stderr, "Switches for wizards:\n");
-  fprintf(stderr, "  -baseline      Force baseline quantization tables\n");
-  fprintf(stderr, "  -qtables FILE  Use quantization tables given in FILE\n");
-  fprintf(stderr, "  -qslots N[,...]    Set component quantization tables\n");
-  fprintf(stderr, "  -sample HxV[,...]  Set component sampling factors\n");
-#ifdef C_MULTISCAN_FILES_SUPPORTED
-  fprintf(stderr, "  -scans FILE    Create multi-scan JPEG per script FILE\n");
-#endif
-  exit(EXIT_FAILURE);
-}
-
-
-LOCAL(int)
-parse_switches(j_compress_ptr cinfo, int argc, char **argv,
-               int last_file_arg_seen, boolean for_real)
-/* Parse optional switches.
- * Returns argv[] index of first file-name argument (== argc if none).
- * Any file names with indexes <= last_file_arg_seen are ignored;
- * they have presumably been processed in a previous iteration.
- * (Pass 0 for last_file_arg_seen on the first or only iteration.)
- * for_real is FALSE on the first (dummy) pass; we may skip any expensive
- * processing.
- */
-{
-  int argn;
-  char *arg;
-  boolean force_baseline;
-  boolean simple_progressive;
-  char *qualityarg = NULL;      /* saves -quality parm if any */
-  char *qtablefile = NULL;      /* saves -qtables filename if any */
-  char *qslotsarg = NULL;       /* saves -qslots parm if any */
-  char *samplearg = NULL;       /* saves -sample parm if any */
-  char *scansarg = NULL;        /* saves -scans parm if any */
-
-  /* Set up default JPEG parameters. */
-
-  force_baseline = FALSE;       /* by default, allow 16-bit quantizers */
-  simple_progressive = FALSE;
-  is_targa = FALSE;
-  icc_filename = NULL;
-  outfilename = NULL;
-  memdst = FALSE;
-  report = FALSE;
-  cinfo->err->trace_level = 0;
-
-  /* Scan command line options, adjust parameters */
-
-  for (argn = 1; argn < argc; argn++) {
-    arg = argv[argn];
-    if (*arg != '-') {
-      /* Not a switch, must be a file name argument */
-      if (argn <= last_file_arg_seen) {
-        outfilename = NULL;     /* -outfile applies to just one input file */
-        continue;               /* ignore this name if previously processed */
-      }
-      break;                    /* else done parsing switches */
-    }
-    arg++;                      /* advance past switch marker character */
-
-    if (keymatch(arg, "arithmetic", 1)) {
-      /* Use arithmetic coding. */
-#ifdef C_ARITH_CODING_SUPPORTED
-      cinfo->arith_code = TRUE;
-#else
-      fprintf(stderr, "%s: sorry, arithmetic coding not supported\n",
-              progname);
-      exit(EXIT_FAILURE);
-#endif
-
-    } else if (keymatch(arg, "baseline", 1)) {
-      /* Force baseline-compatible output (8-bit quantizer values). */
-      force_baseline = TRUE;
-
-    } else if (keymatch(arg, "dct", 2)) {
-      /* Select DCT algorithm. */
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      if (keymatch(argv[argn], "int", 1)) {
-        cinfo->dct_method = JDCT_ISLOW;
-      } else if (keymatch(argv[argn], "fast", 2)) {
-        cinfo->dct_method = JDCT_IFAST;
-      } else if (keymatch(argv[argn], "float", 2)) {
-        cinfo->dct_method = JDCT_FLOAT;
-      } else
-        usage();
-
-    } else if (keymatch(arg, "debug", 1) || keymatch(arg, "verbose", 1)) {
-      /* Enable debug printouts. */
-      /* On first -d, print version identification */
-      static boolean printed_version = FALSE;
-
-      if (!printed_version) {
-        fprintf(stderr, "%s version %s (build %s)\n",
-                PACKAGE_NAME, VERSION, BUILD);
-        fprintf(stderr, "%s\n\n", JCOPYRIGHT);
-        fprintf(stderr, "Emulating The Independent JPEG Group's software, version %s\n\n",
-                JVERSION);
-        printed_version = TRUE;
-      }
-      cinfo->err->trace_level++;
-
-    } else if (keymatch(arg, "version", 4)) {
-      fprintf(stderr, "%s version %s (build %s)\n",
-              PACKAGE_NAME, VERSION, BUILD);
-      exit(EXIT_SUCCESS);
-
-    } else if (keymatch(arg, "grayscale", 2) ||
-               keymatch(arg, "greyscale", 2)) {
-      /* Force a monochrome JPEG file to be generated. */
-      jpeg_set_colorspace(cinfo, JCS_GRAYSCALE);
-
-    } else if (keymatch(arg, "rgb", 3)) {
-      /* Force an RGB JPEG file to be generated. */
-      jpeg_set_colorspace(cinfo, JCS_RGB);
-
-    } else if (keymatch(arg, "icc", 1)) {
-      /* Set ICC filename. */
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      icc_filename = argv[argn];
-
-    } else if (keymatch(arg, "maxmemory", 3)) {
-      /* Maximum memory in Kb (or Mb with 'm'). */
-      long lval;
-      char ch = 'x';
-
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      if (sscanf(argv[argn], "%ld%c", &lval, &ch) < 1)
-        usage();
-      if (ch == 'm' || ch == 'M')
-        lval *= 1000L;
-      cinfo->mem->max_memory_to_use = lval * 1000L;
-
-    } else if (keymatch(arg, "optimize", 1) || keymatch(arg, "optimise", 1)) {
-      /* Enable entropy parm optimization. */
-#ifdef ENTROPY_OPT_SUPPORTED
-      cinfo->optimize_coding = TRUE;
-#else
-      fprintf(stderr, "%s: sorry, entropy optimization was not compiled in\n",
-              progname);
-      exit(EXIT_FAILURE);
-#endif
-
-    } else if (keymatch(arg, "outfile", 4)) {
-      /* Set output file name. */
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      outfilename = argv[argn]; /* save it away for later use */
-
-    } else if (keymatch(arg, "progressive", 1)) {
-      /* Select simple progressive mode. */
-#ifdef C_PROGRESSIVE_SUPPORTED
-      simple_progressive = TRUE;
-      /* We must postpone execution until num_components is known. */
-#else
-      fprintf(stderr, "%s: sorry, progressive output was not compiled in\n",
-              progname);
-      exit(EXIT_FAILURE);
-#endif
-
-    } else if (keymatch(arg, "memdst", 2)) {
-      /* Use in-memory destination manager */
-#if JPEG_LIB_VERSION >= 80 || defined(MEM_SRCDST_SUPPORTED)
-      memdst = TRUE;
-#else
-      fprintf(stderr, "%s: sorry, in-memory destination manager was not compiled in\n",
-              progname);
-      exit(EXIT_FAILURE);
-#endif
-
-    } else if (keymatch(arg, "quality", 1)) {
-      /* Quality ratings (quantization table scaling factors). */
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      qualityarg = argv[argn];
-
-    } else if (keymatch(arg, "qslots", 2)) {
-      /* Quantization table slot numbers. */
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      qslotsarg = argv[argn];
-      /* Must delay setting qslots until after we have processed any
-       * colorspace-determining switches, since jpeg_set_colorspace sets
-       * default quant table numbers.
-       */
-
-    } else if (keymatch(arg, "qtables", 2)) {
-      /* Quantization tables fetched from file. */
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      qtablefile = argv[argn];
-      /* We postpone actually reading the file in case -quality comes later. */
-
-    } else if (keymatch(arg, "report", 3)) {
-      report = TRUE;
-
-    } else if (keymatch(arg, "restart", 1)) {
-      /* Restart interval in MCU rows (or in MCUs with 'b'). */
-      long lval;
-      char ch = 'x';
-
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      if (sscanf(argv[argn], "%ld%c", &lval, &ch) < 1)
-        usage();
-      if (lval < 0 || lval > 65535L)
-        usage();
-      if (ch == 'b' || ch == 'B') {
-        cinfo->restart_interval = (unsigned int)lval;
-        cinfo->restart_in_rows = 0; /* else prior '-restart n' overrides me */
-      } else {
-        cinfo->restart_in_rows = (int)lval;
-        /* restart_interval will be computed during startup */
-      }
-
-    } else if (keymatch(arg, "sample", 2)) {
-      /* Set sampling factors. */
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      samplearg = argv[argn];
-      /* Must delay setting sample factors until after we have processed any
-       * colorspace-determining switches, since jpeg_set_colorspace sets
-       * default sampling factors.
-       */
-
-    } else if (keymatch(arg, "scans", 4)) {
-      /* Set scan script. */
-#ifdef C_MULTISCAN_FILES_SUPPORTED
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      scansarg = argv[argn];
-      /* We must postpone reading the file in case -progressive appears. */
-#else
-      fprintf(stderr, "%s: sorry, multi-scan output was not compiled in\n",
-              progname);
-      exit(EXIT_FAILURE);
-#endif
-
-    } else if (keymatch(arg, "smooth", 2)) {
-      /* Set input smoothing factor. */
-      int val;
-
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      if (sscanf(argv[argn], "%d", &val) != 1)
-        usage();
-      if (val < 0 || val > 100)
-        usage();
-      cinfo->smoothing_factor = val;
-
-    } else if (keymatch(arg, "targa", 1)) {
-      /* Input file is Targa format. */
-      is_targa = TRUE;
-
-    } else {
-      usage();                  /* bogus switch */
-    }
-  }
-
-  /* Post-switch-scanning cleanup */
-
-  if (for_real) {
-
-    /* Set quantization tables for selected quality. */
-    /* Some or all may be overridden if -qtables is present. */
-    if (qualityarg != NULL)     /* process -quality if it was present */
-      if (!set_quality_ratings(cinfo, qualityarg, force_baseline))
-        usage();
-
-    if (qtablefile != NULL)     /* process -qtables if it was present */
-      if (!read_quant_tables(cinfo, qtablefile, force_baseline))
-        usage();
-
-    if (qslotsarg != NULL)      /* process -qslots if it was present */
-      if (!set_quant_slots(cinfo, qslotsarg))
-        usage();
-
-    if (samplearg != NULL)      /* process -sample if it was present */
-      if (!set_sample_factors(cinfo, samplearg))
-        usage();
-
-#ifdef C_PROGRESSIVE_SUPPORTED
-    if (simple_progressive)     /* process -progressive; -scans can override */
-      jpeg_simple_progression(cinfo);
-#endif
-
-#ifdef C_MULTISCAN_FILES_SUPPORTED
-    if (scansarg != NULL)       /* process -scans if it was present */
-      if (!read_scan_script(cinfo, scansarg))
-        usage();
-#endif
-  }
-
-  return argn;                  /* return index of next arg (file name) */
-}
-
-
-/*
- * The main program.
- */
-
-int
-main(int argc, char **argv)
-{
-  struct jpeg_compress_struct cinfo;
-#ifdef CJPEG_FUZZER
-  struct my_error_mgr myerr;
-  struct jpeg_error_mgr &jerr = myerr.pub;
-#else
-  struct jpeg_error_mgr jerr;
-#endif
-  struct cdjpeg_progress_mgr progress;
-  int file_index;
-  cjpeg_source_ptr src_mgr;
-  FILE *input_file = NULL;
-  FILE *icc_file;
-  JOCTET *icc_profile = NULL;
-  long icc_len = 0;
-  FILE *output_file = NULL;
-  unsigned char *outbuffer = NULL;
-  unsigned long outsize = 0;
-  JDIMENSION num_scanlines;
-
-  /* On Mac, fetch a command line. */
-#ifdef USE_CCOMMAND
-  argc = ccommand(&argv);
-#endif
-
-  progname = argv[0];
-  if (progname == NULL || progname[0] == 0)
-    progname = "cjpeg";         /* in case C library doesn't provide it */
-
-  /* Initialize the JPEG compression object with default error handling. */
-  cinfo.err = jpeg_std_error(&jerr);
-  jpeg_create_compress(&cinfo);
-  /* Add some application-specific error messages (from cderror.h) */
-  jerr.addon_message_table = cdjpeg_message_table;
-  jerr.first_addon_message = JMSG_FIRSTADDONCODE;
-  jerr.last_addon_message = JMSG_LASTADDONCODE;
-
-  /* Initialize JPEG parameters.
-   * Much of this may be overridden later.
-   * In particular, we don't yet know the input file's color space,
-   * but we need to provide some value for jpeg_set_defaults() to work.
-   */
-
-  cinfo.in_color_space = JCS_RGB; /* arbitrary guess */
-  jpeg_set_defaults(&cinfo);
-
-  /* Scan command line to find file names.
-   * It is convenient to use just one switch-parsing routine, but the switch
-   * values read here are ignored; we will rescan the switches after opening
-   * the input file.
-   */
-
-  file_index = parse_switches(&cinfo, argc, argv, 0, FALSE);
-
-#ifdef TWO_FILE_COMMANDLINE
-  if (!memdst) {
-    /* Must have either -outfile switch or explicit output file name */
-    if (outfilename == NULL) {
-      if (file_index != argc - 2) {
-        fprintf(stderr, "%s: must name one input and one output file\n",
-                progname);
-        usage();
-      }
-      outfilename = argv[file_index + 1];
-    } else {
-      if (file_index != argc - 1) {
-        fprintf(stderr, "%s: must name one input and one output file\n",
-                progname);
-        usage();
-      }
-    }
-  }
-#else
-  /* Unix style: expect zero or one file name */
-  if (file_index < argc - 1) {
-    fprintf(stderr, "%s: only one input file\n", progname);
-    usage();
-  }
-#endif /* TWO_FILE_COMMANDLINE */
-
-  /* Open the input file. */
-  if (file_index < argc) {
-    if ((input_file = fopen(argv[file_index], READ_BINARY)) == NULL) {
-      fprintf(stderr, "%s: can't open %s\n", progname, argv[file_index]);
-      exit(EXIT_FAILURE);
-    }
-  } else {
-    /* default input file is stdin */
-    input_file = read_stdin();
-  }
-
-  /* Open the output file. */
-  if (outfilename != NULL) {
-    if ((output_file = fopen(outfilename, WRITE_BINARY)) == NULL) {
-      fprintf(stderr, "%s: can't open %s\n", progname, outfilename);
-      exit(EXIT_FAILURE);
-    }
-  } else if (!memdst) {
-    /* default output file is stdout */
-    output_file = write_stdout();
-  }
-
-  if (icc_filename != NULL) {
-    if ((icc_file = fopen(icc_filename, READ_BINARY)) == NULL) {
-      fprintf(stderr, "%s: can't open %s\n", progname, icc_filename);
-      exit(EXIT_FAILURE);
-    }
-    if (fseek(icc_file, 0, SEEK_END) < 0 ||
-        (icc_len = ftell(icc_file)) < 1 ||
-        fseek(icc_file, 0, SEEK_SET) < 0) {
-      fprintf(stderr, "%s: can't determine size of %s\n", progname,
-              icc_filename);
-      exit(EXIT_FAILURE);
-    }
-    if ((icc_profile = (JOCTET *)malloc(icc_len)) == NULL) {
-      fprintf(stderr, "%s: can't allocate memory for ICC profile\n", progname);
-      fclose(icc_file);
-      exit(EXIT_FAILURE);
-    }
-    if (fread(icc_profile, icc_len, 1, icc_file) < 1) {
-      fprintf(stderr, "%s: can't read ICC profile from %s\n", progname,
-              icc_filename);
-      free(icc_profile);
-      fclose(icc_file);
-      exit(EXIT_FAILURE);
-    }
-    fclose(icc_file);
-  }
-
-#ifdef CJPEG_FUZZER
-  jerr.error_exit = my_error_exit;
-  jerr.emit_message = my_emit_message;
-  if (setjmp(myerr.setjmp_buffer))
-    HANDLE_ERROR()
-#endif
-
-  if (report) {
-    start_progress_monitor((j_common_ptr)&cinfo, &progress);
-    progress.report = report;
-  }
-
-  /* Figure out the input file format, and set up to read it. */
-  src_mgr = select_file_type(&cinfo, input_file);
-  src_mgr->input_file = input_file;
-#ifdef CJPEG_FUZZER
-  src_mgr->max_pixels = 1048576;
-#endif
-
-  /* Read the input file header to obtain file size & colorspace. */
-  (*src_mgr->start_input) (&cinfo, src_mgr);
-
-  /* Now that we know input colorspace, fix colorspace-dependent defaults */
-  jpeg_default_colorspace(&cinfo);
-
-  /* Adjust default compression parameters by re-parsing the options */
-  file_index = parse_switches(&cinfo, argc, argv, 0, TRUE);
-
-  /* Specify data destination for compression */
-#if JPEG_LIB_VERSION >= 80 || defined(MEM_SRCDST_SUPPORTED)
-  if (memdst)
-    jpeg_mem_dest(&cinfo, &outbuffer, &outsize);
-  else
-#endif
-    jpeg_stdio_dest(&cinfo, output_file);
-
-#ifdef CJPEG_FUZZER
-  if (setjmp(myerr.setjmp_buffer))
-    HANDLE_ERROR()
-#endif
-
-  /* Start compressor */
-  jpeg_start_compress(&cinfo, TRUE);
-
-  if (icc_profile != NULL)
-    jpeg_write_icc_profile(&cinfo, icc_profile, (unsigned int)icc_len);
-
-  /* Process data */
-  while (cinfo.next_scanline < cinfo.image_height) {
-    num_scanlines = (*src_mgr->get_pixel_rows) (&cinfo, src_mgr);
-    (void)jpeg_write_scanlines(&cinfo, src_mgr->buffer, num_scanlines);
-  }
-
-  /* Finish compression and release memory */
-  (*src_mgr->finish_input) (&cinfo, src_mgr);
-  jpeg_finish_compress(&cinfo);
-  jpeg_destroy_compress(&cinfo);
-
-  /* Close files, if we opened them */
-  if (input_file != stdin)
-    fclose(input_file);
-  if (output_file != stdout && output_file != NULL)
-    fclose(output_file);
-
-  if (report)
-    end_progress_monitor((j_common_ptr)&cinfo);
-
-  if (memdst) {
-#ifndef CJPEG_FUZZER
-    fprintf(stderr, "Compressed size:  %lu bytes\n", outsize);
-#endif
-    free(outbuffer);
-  }
-
-  free(icc_profile);
-
-  /* All done. */
-  return (jerr.num_warnings ? EXIT_WARNING : EXIT_SUCCESS);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/cmakescripts/BuildPackages.cmake b/3rdparty/libjpeg-turbo_2_1_0/cmakescripts/BuildPackages.cmake
deleted file mode 100644
index 3d35886..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/cmakescripts/BuildPackages.cmake
+++ /dev/null
@@ -1,183 +0,0 @@
-# This file is included from the top-level CMakeLists.txt.  We just store it
-# here to avoid cluttering up that file.
-
-set(PKGNAME ${CMAKE_PROJECT_NAME} CACHE STRING
-  "Distribution package name (default: ${CMAKE_PROJECT_NAME})")
-set(PKGVENDOR "The ${CMAKE_PROJECT_NAME} Project" CACHE STRING
-  "Vendor name to be included in distribution package descriptions (default: The ${CMAKE_PROJECT_NAME} Project)")
-set(PKGURL "http://www.${CMAKE_PROJECT_NAME}.org" CACHE STRING
-  "URL of project web site to be included in distribution package descriptions (default: http://www.${CMAKE_PROJECT_NAME}.org)")
-set(PKGEMAIL "information@${CMAKE_PROJECT_NAME}.org" CACHE STRING
-  "E-mail of project maintainer to be included in distribution package descriptions (default: information@${CMAKE_PROJECT_NAME}.org")
-set(PKGID "com.${CMAKE_PROJECT_NAME}.${PKGNAME}" CACHE STRING
-  "Globally unique package identifier (reverse DNS notation) (default: com.${CMAKE_PROJECT_NAME}.${PKGNAME})")
-
-
-###############################################################################
-# Linux RPM and DEB
-###############################################################################
-
-if(CMAKE_SYSTEM_NAME STREQUAL "Linux")
-
-set(RPMARCH ${CMAKE_SYSTEM_PROCESSOR})
-if(CPU_TYPE STREQUAL "x86_64")
-  set(DEBARCH amd64)
-elseif(CPU_TYPE STREQUAL "arm64")
-  set(DEBARCH ${CPU_TYPE})
-elseif(CPU_TYPE STREQUAL "arm")
-  check_c_source_compiles("
-    #if __ARM_PCS_VFP != 1
-    #error \"float ABI = softfp\"
-    #endif
-    int main(void) { return 0; }" HAVE_HARD_FLOAT)
-  if(HAVE_HARD_FLOAT)
-    set(RPMARCH armv7hl)
-    set(DEBARCH armhf)
-  else()
-    set(RPMARCH armel)
-    set(DEBARCH armel)
-  endif()
-elseif(CMAKE_SYSTEM_PROCESSOR_LC STREQUAL "ppc64le")
-  set(DEBARCH ppc64el)
-elseif(CPU_TYPE STREQUAL "powerpc" AND BITS EQUAL 32)
-  set(RPMARCH ppc)
-  set(DEBARCH ppc)
-else()
-  set(DEBARCH ${CMAKE_SYSTEM_PROCESSOR})
-endif()
-message(STATUS "RPM architecture = ${RPMARCH}, DEB architecture = ${DEBARCH}")
-
-# Re-set CMAKE_POSITION_INDEPENDENT_CODE so that the RPM spec file works
-# properly
-boolean_number(CMAKE_POSITION_INDEPENDENT_CODE)
-
-configure_file(release/makerpm.in pkgscripts/makerpm)
-configure_file(release/rpm.spec.in pkgscripts/rpm.spec @ONLY)
-
-add_custom_target(rpm pkgscripts/makerpm
-  SOURCES pkgscripts/makerpm)
-
-configure_file(release/makesrpm.in pkgscripts/makesrpm)
-
-add_custom_target(srpm pkgscripts/makesrpm
-  SOURCES pkgscripts/makesrpm
-  DEPENDS dist)
-
-configure_file(release/makedpkg.in pkgscripts/makedpkg)
-configure_file(release/deb-control.in pkgscripts/deb-control)
-
-add_custom_target(deb pkgscripts/makedpkg
-  SOURCES pkgscripts/makedpkg)
-
-endif() # Linux
-
-
-###############################################################################
-# Windows installer (NullSoft Installer)
-###############################################################################
-
-if(WIN32)
-
-if(MSVC)
-  set(INST_PLATFORM "Visual C++")
-  set(INST_ID vc)
-  set(INST_NAME ${CMAKE_PROJECT_NAME}-${VERSION}-${INST_ID})
-  set(INST_REG_NAME ${CMAKE_PROJECT_NAME})
-elseif(MINGW)
-  set(INST_PLATFORM GCC)
-  set(INST_ID gcc)
-  set(INST_NAME ${CMAKE_PROJECT_NAME}-${VERSION}-${INST_ID})
-  set(INST_REG_NAME ${CMAKE_PROJECT_NAME}-${INST_ID})
-  set(INST_DEFS -DGCC)
-endif()
-
-if(BITS EQUAL 64)
-  set(INST_PLATFORM "${INST_PLATFORM} 64-bit")
-  set(INST_NAME ${INST_NAME}64)
-  set(INST_REG_NAME ${INST_REG_NAME}64)
-  set(INST_DEFS ${INST_DEFS} -DWIN64)
-endif()
-
-if(WITH_JAVA)
-  set(INST_DEFS ${INST_DEFS} -DJAVA)
-endif()
-
-if(MSVC_IDE)
-  set(INST_DEFS ${INST_DEFS} "-DBUILDDIR=${CMAKE_CFG_INTDIR}\\")
-else()
-  set(INST_DEFS ${INST_DEFS} "-DBUILDDIR=")
-endif()
-
-string(REGEX REPLACE "/" "\\\\" INST_DIR ${CMAKE_INSTALL_PREFIX})
-
-configure_file(release/installer.nsi.in installer.nsi @ONLY)
-# TODO: It would be nice to eventually switch to CPack and eliminate this mess,
-# but not today.
-configure_file(win/projectTargets.cmake.in
-  win/${CMAKE_PROJECT_NAME}Targets.cmake @ONLY)
-configure_file(win/${INST_ID}/projectTargets-release.cmake.in
-  win/${CMAKE_PROJECT_NAME}Targets-release.cmake @ONLY)
-
-if(WITH_JAVA)
-  set(JAVA_DEPEND turbojpeg-java)
-endif()
-add_custom_target(installer
-  makensis -nocd ${INST_DEFS} installer.nsi
-  DEPENDS jpeg jpeg-static turbojpeg turbojpeg-static rdjpgcom wrjpgcom
-    cjpeg djpeg jpegtran tjbench ${JAVA_DEPEND}
-  SOURCES installer.nsi)
-
-endif() # WIN32
-
-
-###############################################################################
-# Mac DMG
-###############################################################################
-
-if(APPLE)
-
-set(ARMV8_BUILD "" CACHE PATH
-  "Directory containing Armv8 iOS or macOS build to include in universal binaries")
-
-set(MACOS_APP_CERT_NAME "" CACHE STRING
-  "Name of the Developer ID Application certificate (in the macOS keychain) that should be used to sign the libjpeg-turbo DMG.  Leave this blank to generate an unsigned DMG.")
-set(MACOS_INST_CERT_NAME "" CACHE STRING
-  "Name of the Developer ID Installer certificate (in the macOS keychain) that should be used to sign the libjpeg-turbo installer package.  Leave this blank to generate an unsigned package.")
-
-configure_file(release/makemacpkg.in pkgscripts/makemacpkg)
-configure_file(release/Distribution.xml.in pkgscripts/Distribution.xml)
-configure_file(release/Welcome.rtf.in pkgscripts/Welcome.rtf)
-configure_file(release/uninstall.in pkgscripts/uninstall)
-
-add_custom_target(dmg pkgscripts/makemacpkg
-  SOURCES pkgscripts/makemacpkg)
-
-endif() # APPLE
-
-
-###############################################################################
-# Generic
-###############################################################################
-
-add_custom_target(dist
-  COMMAND git archive --prefix=${CMAKE_PROJECT_NAME}-${VERSION}/ HEAD |
-    gzip > ${CMAKE_CURRENT_BINARY_DIR}/${CMAKE_PROJECT_NAME}-${VERSION}.tar.gz
-    WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR})
-
-configure_file(release/maketarball.in pkgscripts/maketarball)
-
-add_custom_target(tarball pkgscripts/maketarball
-  SOURCES pkgscripts/maketarball)
-
-configure_file(release/libjpeg.pc.in pkgscripts/libjpeg.pc @ONLY)
-
-configure_file(release/libturbojpeg.pc.in pkgscripts/libturbojpeg.pc @ONLY)
-
-include(CMakePackageConfigHelpers)
-write_basic_package_version_file(
-  pkgscripts/${CMAKE_PROJECT_NAME}ConfigVersion.cmake
-  VERSION ${VERSION} COMPATIBILITY AnyNewerVersion)
-
-configure_package_config_file(release/Config.cmake.in
-  pkgscripts/${CMAKE_PROJECT_NAME}Config.cmake
-  INSTALL_DESTINATION ${CMAKE_INSTALL_LIBDIR}/cmake/${CMAKE_PROJECT_NAME})
diff --git a/3rdparty/libjpeg-turbo_2_1_0/cmakescripts/GNUInstallDirs.cmake b/3rdparty/libjpeg-turbo_2_1_0/cmakescripts/GNUInstallDirs.cmake
deleted file mode 100644
index 6408fca..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/cmakescripts/GNUInstallDirs.cmake
+++ /dev/null
@@ -1,419 +0,0 @@
-#.rst:
-# GNUInstallDirs
-# --------------
-#
-# Define GNU standard installation directories
-#
-# Provides install directory variables as defined by the
-# `GNU Coding Standards`_.
-#
-# .. _`GNU Coding Standards`: https://www.gnu.org/prep/standards/html_node/Directory-Variables.html
-#
-# Result Variables
-# ^^^^^^^^^^^^^^^^
-#
-# Inclusion of this module defines the following variables:
-#
-# ``CMAKE_INSTALL_<dir>``
-#
-#   Destination for files of a given type.  This value may be passed to
-#   the ``DESTINATION`` options of :command:`install` commands for the
-#   corresponding file type.
-#
-# ``CMAKE_INSTALL_FULL_<dir>``
-#
-#   The absolute path generated from the corresponding ``CMAKE_INSTALL_<dir>``
-#   value.  If the value is not already an absolute path, an absolute path
-#   is constructed typically by prepending the value of the
-#   :variable:`CMAKE_INSTALL_PREFIX` variable.  However, there are some
-#   `special cases`_ as documented below.
-#
-# where ``<dir>`` is one of:
-#
-# ``BINDIR``
-#   user executables (``bin``)
-# ``SBINDIR``
-#   system admin executables (``sbin``)
-# ``LIBEXECDIR``
-#   program executables (``libexec``)
-# ``SYSCONFDIR``
-#   read-only single-machine data (``etc``)
-# ``SHAREDSTATEDIR``
-#   modifiable architecture-independent data (``com``)
-# ``LOCALSTATEDIR``
-#   modifiable single-machine data (``var``)
-# ``LIBDIR``
-#   object code libraries (``lib`` or ``lib64``
-#   or ``lib/<multiarch-tuple>`` on Debian)
-# ``INCLUDEDIR``
-#   C header files (``include``)
-# ``OLDINCLUDEDIR``
-#   C header files for non-gcc (``/usr/include``)
-# ``DATAROOTDIR``
-#   read-only architecture-independent data root (``share``)
-# ``DATADIR``
-#   read-only architecture-independent data (``DATAROOTDIR``)
-# ``INFODIR``
-#   info documentation (``DATAROOTDIR/info``)
-# ``LOCALEDIR``
-#   locale-dependent data (``DATAROOTDIR/locale``)
-# ``MANDIR``
-#   man documentation (``DATAROOTDIR/man``)
-# ``DOCDIR``
-#   documentation root (``DATAROOTDIR/doc/PROJECT_NAME``)
-#
-# If the includer does not define a value the above-shown default will be
-# used and the value will appear in the cache for editing by the user.
-#
-# Special Cases
-# ^^^^^^^^^^^^^
-#
-# The following values of :variable:`CMAKE_INSTALL_PREFIX` are special:
-#
-# ``/``
-#
-#   For ``<dir>`` other than the ``SYSCONFDIR`` and ``LOCALSTATEDIR``,
-#   the value of ``CMAKE_INSTALL_<dir>`` is prefixed with ``usr/`` if
-#   it is not user-specified as an absolute path.  For example, the
-#   ``INCLUDEDIR`` value ``include`` becomes ``usr/include``.
-#   This is required by the `GNU Coding Standards`_, which state:
-#
-#     When building the complete GNU system, the prefix will be empty
-#     and ``/usr`` will be a symbolic link to ``/``.
-#
-# ``/usr``
-#
-#   For ``<dir>`` equal to ``SYSCONFDIR`` or ``LOCALSTATEDIR``, the
-#   ``CMAKE_INSTALL_FULL_<dir>`` is computed by prepending just ``/``
-#   to the value of ``CMAKE_INSTALL_<dir>`` if it is not user-specified
-#   as an absolute path.  For example, the ``SYSCONFDIR`` value ``etc``
-#   becomes ``/etc``.  This is required by the `GNU Coding Standards`_.
-#
-# ``/opt/...``
-#
-#   For ``<dir>`` equal to ``SYSCONFDIR`` or ``LOCALSTATEDIR``, the
-#   ``CMAKE_INSTALL_FULL_<dir>`` is computed by *appending* the prefix
-#   to the value of ``CMAKE_INSTALL_<dir>`` if it is not user-specified
-#   as an absolute path.  For example, the ``SYSCONFDIR`` value ``etc``
-#   becomes ``/etc/opt/...``.  This is defined by the
-#   `Filesystem Hierarchy Standard`_.
-#
-# .. _`Filesystem Hierarchy Standard`: https://refspecs.linuxfoundation.org/FHS_3.0/fhs/index.html
-#
-# Macros
-# ^^^^^^
-#
-# .. command:: GNUInstallDirs_get_absolute_install_dir
-#
-#   ::
-#
-#     GNUInstallDirs_get_absolute_install_dir(absvar var)
-#
-#   Set the given variable ``absvar`` to the absolute path contained
-#   within the variable ``var``.  This is to allow the computation of an
-#   absolute path, accounting for all the special cases documented
-#   above.  While this macro is used to compute the various
-#   ``CMAKE_INSTALL_FULL_<dir>`` variables, it is exposed publicly to
-#   allow users who create additional path variables to also compute
-#   absolute paths where necessary, using the same logic.
-
-#=============================================================================
-# Copyright 2018 Matthias Räncker
-# Copyright 2016, 2019 D. R. Commander
-# Copyright 2016 Dmitry Marakasov
-# Copyright 2016 Roger Leigh
-# Copyright 2015 Alex Turbov
-# Copyright 2014 Rolf Eike Beer
-# Copyright 2014 Daniele E. Domenichelli
-# Copyright 2013 Dimitri John Ledkov
-# Copyright 2011 Alex Neundorf
-# Copyright 2011 Eric NOULARD
-# Copyright 2011, 2013-2015 Kitware, Inc.
-# Copyright 2011 Nikita Krupen'ko
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# * Redistributions of source code must retain the above copyright
-#   notice, this list of conditions and the following disclaimer.
-#
-# * Redistributions in binary form must reproduce the above copyright
-#   notice, this list of conditions and the following disclaimer in the
-#   documentation and/or other materials provided with the distribution.
-#
-# * Neither the names of Kitware, Inc., the Insight Software Consortium,
-#   nor the names of their contributors may be used to endorse or promote
-#   products derived from this software without specific prior written
-#   permission.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-# HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-#=============================================================================
-
-# Installation directories
-#
-
-macro(GNUInstallDirs_set_install_dir var docstring)
-  # If CMAKE_INSTALL_PREFIX changes and CMAKE_INSTALL_*DIR is still set to the
-  # default value, then modify it accordingly.  This presumes that the default
-  # value may change based on the prefix.
-
-  set(_GNUInstallDirs_CMAKE_INSTALL_FORCE_${var} "")
-  if(NOT DEFINED CMAKE_INSTALL_${var})
-    set(_GNUInstallDirs_CMAKE_INSTALL_DEFAULT_${var} 1 CACHE INTERNAL
-      "CMAKE_INSTALL_${var} has default value")
-  elseif(DEFINED _GNUInstallDirs_CMAKE_INSTALL_LAST_DEFAULT_${var} AND
-    NOT "${_GNUInstallDirs_CMAKE_INSTALL_LAST_DEFAULT_${var}}" STREQUAL
-      "${CMAKE_INSTALL_DEFAULT_${var}}" AND
-    _GNUInstallDirs_CMAKE_INSTALL_DEFAULT_${var} AND
-    "${_GNUInstallDirs_CMAKE_INSTALL_LAST_${var}}" STREQUAL
-      "${CMAKE_INSTALL_${var}}")
-    set(_GNUInstallDirs_CMAKE_INSTALL_FORCE_${var} "FORCE")
-  endif()
-
-  set(CMAKE_INSTALL_${var} "${CMAKE_INSTALL_DEFAULT_${var}}" CACHE PATH
-    "${docstring} (Default: ${CMAKE_INSTALL_DEFAULT_${var}})"
-    ${_GNUInstallDirs_CMAKE_INSTALL_FORCE_${var}})
-
-  if(NOT CMAKE_INSTALL_${var} STREQUAL CMAKE_INSTALL_DEFAULT_${var})
-    unset(_GNUInstallDirs_CMAKE_INSTALL_DEFAULT_${var} CACHE)
-  endif()
-
-  # Save for next run
-  set(_GNUInstallDirs_CMAKE_INSTALL_LAST_${var} "${CMAKE_INSTALL_${var}}"
-    CACHE INTERNAL "CMAKE_INSTALL_${var} during last run")
-  set(_GNUInstallDirs_CMAKE_INSTALL_LAST_DEFAULT_${var}
-    "${CMAKE_INSTALL_DEFAULT_${var}}" CACHE INTERNAL
-    "CMAKE_INSTALL_DEFAULT_${var} during last run")
-endmacro()
-
-if(NOT DEFINED CMAKE_INSTALL_DEFAULT_BINDIR)
-  set(CMAKE_INSTALL_DEFAULT_BINDIR "bin")
-endif()
-GNUInstallDirs_set_install_dir(BINDIR
-  "Directory into which user executables should be installed")
-
-if(NOT DEFINED CMAKE_INSTALL_DEFAULT_SBINDIR)
-  set(CMAKE_INSTALL_DEFAULT_SBINDIR "sbin")
-endif()
-GNUInstallDirs_set_install_dir(SBINDIR
-  "Directory into which system admin executables should be installed")
-
-if(NOT DEFINED CMAKE_INSTALL_DEFAULT_LIBEXECDIR)
-  set(CMAKE_INSTALL_DEFAULT_LIBEXECDIR "libexec")
-endif()
-GNUInstallDirs_set_install_dir(LIBEXECDIR
-  "Directory under which executables run by other programs should be installed")
-
-if(NOT DEFINED CMAKE_INSTALL_DEFAULT_SYSCONFDIR)
-  set(CMAKE_INSTALL_DEFAULT_SYSCONFDIR "etc")
-endif()
-GNUInstallDirs_set_install_dir(SYSCONFDIR
-  "Directory into which machine-specific read-only ASCII data and configuration files should be installed")
-
-if(NOT DEFINED CMAKE_INSTALL_DEFAULT_SHAREDSTATEDIR)
-  set(CMAKE_INSTALL_DEFAULT_SHAREDSTATEDIR "com")
-endif()
-GNUInstallDirs_set_install_dir(SHAREDSTATEDIR
-  "Directory into which architecture-independent run-time-modifiable data files should be installed")
-
-if(NOT DEFINED CMAKE_INSTALL_DEFAULT_LOCALSTATEDIR)
-  set(CMAKE_INSTALL_DEFAULT_LOCALSTATEDIR "var")
-endif()
-GNUInstallDirs_set_install_dir(LOCALSTATEDIR
-  "Directory into which machine-specific run-time-modifiable data files should be installed")
-
-if(NOT DEFINED CMAKE_INSTALL_DEFAULT_LIBDIR)
-  set(CMAKE_INSTALL_DEFAULT_LIBDIR "lib")
-  # Override this default 'lib' with 'lib64' iff:
-  #  - we are on Linux system but NOT cross-compiling
-  #  - we are NOT on debian
-  #  - we are on a 64 bits system
-  # reason is: amd64 ABI: http://www.x86-64.org/documentation/abi.pdf
-  # For Debian with multiarch, use 'lib/${CMAKE_LIBRARY_ARCHITECTURE}' if
-  # CMAKE_LIBRARY_ARCHITECTURE is set (which contains e.g. "i386-linux-gnu"
-  # and CMAKE_INSTALL_PREFIX is "/usr"
-  # See http://wiki.debian.org/Multiarch
-  if(CMAKE_SYSTEM_NAME MATCHES "^(Linux|kFreeBSD|GNU)$"
-      AND NOT CMAKE_CROSSCOMPILING)
-    if (EXISTS "/etc/debian_version") # is this a debian system ?
-      if(CMAKE_LIBRARY_ARCHITECTURE)
-        if("${CMAKE_INSTALL_PREFIX}" MATCHES "^/usr/?$")
-          set(CMAKE_INSTALL_DEFAULT_LIBDIR "lib/${CMAKE_LIBRARY_ARCHITECTURE}")
-        endif()
-      endif()
-    else() # not debian, rely on CMAKE_SIZEOF_VOID_P:
-      if(NOT DEFINED CMAKE_SIZEOF_VOID_P)
-        message(AUTHOR_WARNING
-          "Unable to determine default CMAKE_INSTALL_LIBDIR directory because no target architecture is known. "
-          "Please enable at least one language before including GNUInstallDirs.")
-      else()
-        if("${CMAKE_SIZEOF_VOID_P}" EQUAL "8")
-          set(CMAKE_INSTALL_DEFAULT_LIBDIR "lib64")
-        elseif(CMAKE_C_COMPILER_ABI MATCHES "ELF X32")
-          set(CMAKE_INSTALL_DEFAULT_LIBDIR "libx32")
-        endif()
-      endif()
-    endif()
-  endif()
-endif()
-GNUInstallDirs_set_install_dir(LIBDIR
-  "Directory into which object files and object code libraries should be installed")
-
-if(NOT DEFINED CMAKE_INSTALL_DEFAULT_INCLUDEDIR)
-  set(CMAKE_INSTALL_DEFAULT_INCLUDEDIR "include")
-endif()
-GNUInstallDirs_set_install_dir(INCLUDEDIR
-  "Directory into which C header files should be installed")
-
-if(NOT DEFINED CMAKE_INSTALL_DEFAULT_OLDINCLUDEDIR)
-  set(CMAKE_INSTALL_DEFAULT_OLDINCLUDEDIR "/usr/include")
-endif()
-GNUInstallDirs_set_install_dir(OLDINCLUDEDIR
-  PATH "Directory into which C header files for non-GCC compilers should be installed")
-
-if(NOT DEFINED CMAKE_INSTALL_DEFAULT_DATAROOTDIR)
-  set(CMAKE_INSTALL_DEFAULT_DATAROOTDIR "share")
-endif()
-GNUInstallDirs_set_install_dir(DATAROOTDIR
-  "The root of the directory tree for read-only architecture-independent data files")
-
-#-----------------------------------------------------------------------------
-# Values whose defaults are relative to DATAROOTDIR.  Store empty values in
-# the cache and store the defaults in local variables if the cache values are
-# not set explicitly.  This auto-updates the defaults as DATAROOTDIR changes.
-
-if(NOT DEFINED CMAKE_INSTALL_DEFAULT_DATADIR)
-  set(CMAKE_INSTALL_DEFAULT_DATADIR "<CMAKE_INSTALL_DATAROOTDIR>")
-endif()
-GNUInstallDirs_set_install_dir(DATADIR
-  "The directory under which read-only architecture-independent data files should be installed")
-
-if(NOT DEFINED CMAKE_INSTALL_DEFAULT_INFODIR)
-  if(CMAKE_SYSTEM_NAME MATCHES "^(.*BSD|DragonFly)$")
-    set(CMAKE_INSTALL_DEFAULT_INFODIR "info")
-  else()
-    set(CMAKE_INSTALL_DEFAULT_INFODIR "<CMAKE_INSTALL_DATAROOTDIR>/info")
-  endif()
-endif()
-GNUInstallDirs_set_install_dir(INFODIR
-  "The directory into which info documentation files should be installed")
-
-if(NOT DEFINED CMAKE_INSTALL_DEFAULT_MANDIR)
-  if(CMAKE_SYSTEM_NAME MATCHES "^(.*BSD|DragonFly)$")
-    set(CMAKE_INSTALL_DEFAULT_MANDIR "man")
-  else()
-    set(CMAKE_INSTALL_DEFAULT_MANDIR "<CMAKE_INSTALL_DATAROOTDIR>/man")
-  endif()
-endif()
-GNUInstallDirs_set_install_dir(MANDIR
-  "The directory under which man pages should be installed")
-
-if(NOT DEFINED CMAKE_INSTALL_DEFAULT_LOCALEDIR)
-  set(CMAKE_INSTALL_DEFAULT_LOCALEDIR "<CMAKE_INSTALL_DATAROOTDIR>/locale")
-endif()
-GNUInstallDirs_set_install_dir(LOCALEDIR
-  "The directory under which locale-specific message catalogs should be installed")
-
-if(NOT DEFINED CMAKE_INSTALL_DEFAULT_DOCDIR)
-  set(CMAKE_INSTALL_DEFAULT_DOCDIR "<CMAKE_INSTALL_DATAROOTDIR>/doc/${PROJECT_NAME}")
-endif()
-GNUInstallDirs_set_install_dir(DOCDIR
-  "The directory into which documentation files (other than info files) should be installed")
-
-#-----------------------------------------------------------------------------
-
-mark_as_advanced(
-  CMAKE_INSTALL_BINDIR
-  CMAKE_INSTALL_SBINDIR
-  CMAKE_INSTALL_LIBEXECDIR
-  CMAKE_INSTALL_SYSCONFDIR
-  CMAKE_INSTALL_SHAREDSTATEDIR
-  CMAKE_INSTALL_LOCALSTATEDIR
-  CMAKE_INSTALL_LIBDIR
-  CMAKE_INSTALL_INCLUDEDIR
-  CMAKE_INSTALL_OLDINCLUDEDIR
-  CMAKE_INSTALL_DATAROOTDIR
-  CMAKE_INSTALL_DATADIR
-  CMAKE_INSTALL_INFODIR
-  CMAKE_INSTALL_LOCALEDIR
-  CMAKE_INSTALL_MANDIR
-  CMAKE_INSTALL_DOCDIR
-  )
-
-macro(GNUInstallDirs_get_absolute_install_dir absvar var)
-  string(REGEX REPLACE "[<>]" "@" ${var} "${${var}}")
-  # Handle the specific case of an empty CMAKE_INSTALL_DATAROOTDIR
-  if(NOT CMAKE_INSTALL_DATAROOTDIR AND
-    ${var} MATCHES "\@CMAKE_INSTALL_DATAROOTDIR\@/")
-    string(CONFIGURE "${${var}}" ${var} @ONLY)
-    string(REGEX REPLACE "^/" "" ${var} "${${var}}")
-  else()
-    string(CONFIGURE "${${var}}" ${var} @ONLY)
-  endif()
-  if(NOT IS_ABSOLUTE "${${var}}")
-    # Handle special cases:
-    # - CMAKE_INSTALL_PREFIX == /
-    # - CMAKE_INSTALL_PREFIX == /usr
-    # - CMAKE_INSTALL_PREFIX == /opt/...
-    if("${CMAKE_INSTALL_PREFIX}" STREQUAL "/")
-      if("${dir}" STREQUAL "SYSCONFDIR" OR "${dir}" STREQUAL "LOCALSTATEDIR")
-        set(${absvar} "/${${var}}")
-      else()
-        if (NOT "${${var}}" MATCHES "^usr/")
-          set(${var} "usr/${${var}}")
-        endif()
-        set(${absvar} "/${${var}}")
-      endif()
-    elseif("${CMAKE_INSTALL_PREFIX}" MATCHES "^/usr/?$")
-      if("${dir}" STREQUAL "SYSCONFDIR" OR "${dir}" STREQUAL "LOCALSTATEDIR")
-        set(${absvar} "/${${var}}")
-      else()
-        set(${absvar} "${CMAKE_INSTALL_PREFIX}/${${var}}")
-      endif()
-    elseif("${CMAKE_INSTALL_PREFIX}" MATCHES "^/opt/.*")
-      if("${dir}" STREQUAL "SYSCONFDIR" OR "${dir}" STREQUAL "LOCALSTATEDIR")
-        set(${absvar} "/${${var}}${CMAKE_INSTALL_PREFIX}")
-      else()
-        set(${absvar} "${CMAKE_INSTALL_PREFIX}/${${var}}")
-      endif()
-    else()
-      set(${absvar} "${CMAKE_INSTALL_PREFIX}/${${var}}")
-    endif()
-  else()
-    set(${absvar} "${${var}}")
-  endif()
-  string(REGEX REPLACE "/$" "" ${absvar} "${${absvar}}")
-endmacro()
-
-# Result directories
-#
-foreach(dir
-    BINDIR
-    SBINDIR
-    LIBEXECDIR
-    SYSCONFDIR
-    SHAREDSTATEDIR
-    LOCALSTATEDIR
-    LIBDIR
-    INCLUDEDIR
-    OLDINCLUDEDIR
-    DATAROOTDIR
-    DATADIR
-    INFODIR
-    LOCALEDIR
-    MANDIR
-    DOCDIR
-    )
-  GNUInstallDirs_get_absolute_install_dir(CMAKE_INSTALL_FULL_${dir} CMAKE_INSTALL_${dir})
-endforeach()
diff --git a/3rdparty/libjpeg-turbo_2_1_0/cmakescripts/cmake_uninstall.cmake.in b/3rdparty/libjpeg-turbo_2_1_0/cmakescripts/cmake_uninstall.cmake.in
deleted file mode 100644
index 6726a0d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/cmakescripts/cmake_uninstall.cmake.in
+++ /dev/null
@@ -1,24 +0,0 @@
-# This code is from the CMake FAQ
-
-if (NOT EXISTS "@CMAKE_BINARY_DIR@/install_manifest.txt")
-  message(FATAL_ERROR "Cannot find install manifest: \"@CMAKE_BINARY_DIR@/install_manifest.txt\"")
-endif(NOT EXISTS "@CMAKE_BINARY_DIR@/install_manifest.txt")
-
-file(READ "@CMAKE_BINARY_DIR@/install_manifest.txt" files)
-string(REGEX REPLACE "\n" ";" files "${files}")
-list(REVERSE files)
-foreach (file ${files})
-  message(STATUS "Uninstalling \"$ENV{DESTDIR}${file}\"")
-    if (EXISTS "$ENV{DESTDIR}${file}")
-      execute_process(
-        COMMAND "@CMAKE_COMMAND@" -E remove "$ENV{DESTDIR}${file}"
-        OUTPUT_VARIABLE rm_out
-        RESULT_VARIABLE rm_retval
-      )
-    if(NOT ${rm_retval} EQUAL 0)
-      message(FATAL_ERROR "Problem when removing \"$ENV{DESTDIR}${file}\"")
-    endif (NOT ${rm_retval} EQUAL 0)
-  else (EXISTS "$ENV{DESTDIR}${file}")
-    message(STATUS "File \"$ENV{DESTDIR}${file}\" does not exist.")
-  endif (EXISTS "$ENV{DESTDIR}${file}")
-endforeach(file)
diff --git a/3rdparty/libjpeg-turbo_2_1_0/cmakescripts/testclean.cmake b/3rdparty/libjpeg-turbo_2_1_0/cmakescripts/testclean.cmake
deleted file mode 100644
index fc3fc25..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/cmakescripts/testclean.cmake
+++ /dev/null
@@ -1,41 +0,0 @@
-file(GLOB FILES
-  testout*
-  *_GRAY_*.bmp
-  *_GRAY_*.png
-  *_GRAY_*.ppm
-  *_GRAY_*.jpg
-  *_GRAY.yuv
-  *_420_*.bmp
-  *_420_*.png
-  *_420_*.ppm
-  *_420_*.jpg
-  *_420.yuv
-  *_422_*.bmp
-  *_422_*.png
-  *_422_*.ppm
-  *_422_*.jpg
-  *_422.yuv
-  *_444_*.bmp
-  *_444_*.png
-  *_444_*.ppm
-  *_444_*.jpg
-  *_444.yuv
-  *_440_*.bmp
-  *_440_*.png
-  *_440_*.ppm
-  *_440_*.jpg
-  *_440.yuv
-  *_411_*.bmp
-  *_411_*.png
-  *_411_*.ppm
-  *_411_*.jpg
-  *_411.yuv
-  tjbenchtest*.log
-  tjexampletest*.log)
-
-if(NOT FILES STREQUAL "")
-  message(STATUS "Removing test files")
-  file(REMOVE ${FILES})
-else()
-  message(STATUS "No files to remove")
-endif()
diff --git a/3rdparty/libjpeg-turbo_2_1_0/cmyk.h b/3rdparty/libjpeg-turbo_2_1_0/cmyk.h
deleted file mode 100644
index 48187a8..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/cmyk.h
+++ /dev/null
@@ -1,61 +0,0 @@
-/*
- * cmyk.h
- *
- * Copyright (C) 2017-2018, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains convenience functions for performing quick & dirty
- * CMYK<->RGB conversion.  This algorithm is suitable for testing purposes
- * only.  Properly converting between CMYK and RGB requires a color management
- * system.
- */
-
-#ifndef CMYK_H
-#define CMYK_H
-
-#include <jinclude.h>
-#define JPEG_INTERNALS
-#include <jpeglib.h>
-#include "jconfigint.h"
-
-
-/* Fully reversible */
-
-INLINE
-LOCAL(void)
-rgb_to_cmyk(JSAMPLE r, JSAMPLE g, JSAMPLE b, JSAMPLE *c, JSAMPLE *m,
-            JSAMPLE *y, JSAMPLE *k)
-{
-  double ctmp = 1.0 - ((double)r / 255.0);
-  double mtmp = 1.0 - ((double)g / 255.0);
-  double ytmp = 1.0 - ((double)b / 255.0);
-  double ktmp = MIN(MIN(ctmp, mtmp), ytmp);
-
-  if (ktmp == 1.0) ctmp = mtmp = ytmp = 0.0;
-  else {
-    ctmp = (ctmp - ktmp) / (1.0 - ktmp);
-    mtmp = (mtmp - ktmp) / (1.0 - ktmp);
-    ytmp = (ytmp - ktmp) / (1.0 - ktmp);
-  }
-  *c = (JSAMPLE)(255.0 - ctmp * 255.0 + 0.5);
-  *m = (JSAMPLE)(255.0 - mtmp * 255.0 + 0.5);
-  *y = (JSAMPLE)(255.0 - ytmp * 255.0 + 0.5);
-  *k = (JSAMPLE)(255.0 - ktmp * 255.0 + 0.5);
-}
-
-
-/* Fully reversible only for C/M/Y/K values generated with rgb_to_cmyk() */
-
-INLINE
-LOCAL(void)
-cmyk_to_rgb(JSAMPLE c, JSAMPLE m, JSAMPLE y, JSAMPLE k, JSAMPLE *r, JSAMPLE *g,
-            JSAMPLE *b)
-{
-  *r = (JSAMPLE)((double)c * (double)k / 255.0 + 0.5);
-  *g = (JSAMPLE)((double)m * (double)k / 255.0 + 0.5);
-  *b = (JSAMPLE)((double)y * (double)k / 255.0 + 0.5);
-}
-
-
-#endif /* CMYK_H */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/coderules.txt b/3rdparty/libjpeg-turbo_2_1_0/coderules.txt
deleted file mode 100644
index a2f593a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/coderules.txt
+++ /dev/null
@@ -1,78 +0,0 @@
-IJG JPEG LIBRARY:  CODING RULES
-
-This file was part of the Independent JPEG Group's software:
-Copyright (C) 1991-1996, Thomas G. Lane.
-It was modified by The libjpeg-turbo Project to include only information
-relevant to libjpeg-turbo.
-For conditions of distribution and use, see the accompanying README.ijg file.
-
-
-Since numerous people will be contributing code and bug fixes, it's important
-to establish a common coding style.  The goal of using similar coding styles
-is much more important than the details of just what that style is.
-
-In general we follow the recommendations of "Recommended C Style and Coding
-Standards" revision 6.1 (Cannon et al. as modified by Spencer, Keppel and
-Brader).  This document is available in the IJG FTP archive (see
-jpeg/doc/cstyle.ms.tbl.Z, or cstyle.txt.Z for those without nroff/tbl).
-
-Block comments should be laid out thusly:
-
-/*
- *  Block comments in this style.
- */
-
-We indent statements in K&R style, e.g.,
-        if (test) {
-          then-part;
-        } else {
-          else-part;
-        }
-with two spaces per indentation level.  (This indentation convention is
-handled automatically by GNU Emacs and many other text editors.)
-
-Multi-word names should be written in lower case with underscores, e.g.,
-multi_word_name (not multiWordName).  Preprocessor symbols and enum constants
-are similar but upper case (MULTI_WORD_NAME).  Names should be unique within
-the first fifteen characters.
-
-Note that each function definition must begin with GLOBAL(type), LOCAL(type),
-or METHODDEF(type).  These macros expand to "static type" or just "type" as
-appropriate.  They provide a readable indication of the routine's usage and
-can readily be changed for special needs.  (For instance, special linkage
-keywords can be inserted for use in Windows DLLs.)
-
-A similar solution is used for external function declarations (see the EXTERN
-macro.)
-
-
-The JPEG library is intended to be used within larger programs.  Furthermore,
-we want it to be reentrant so that it can be used by applications that process
-multiple images concurrently.  The following rules support these requirements:
-
-1. Avoid direct use of file I/O, "malloc", error report printouts, etc;
-pass these through the common routines provided.
-
-2. Minimize global namespace pollution.  Functions should be declared static
-wherever possible.  (Note that our method-based calling conventions help this
-a lot: in many modules only the initialization function will ever need to be
-called directly, so only that function need be externally visible.)  All
-global function names should begin with "jpeg_".
-
-3. Don't use global variables; anything that must be used in another module
-should be in the common data structures.
-
-4. Don't use static variables except for read-only constant tables.  Variables
-that should be private to a module can be placed into private structures (see
-the system architecture document, structure.txt).
-
-5. Source file names should begin with "j" for files that are part of the
-library proper; source files that are not part of the library, such as cjpeg.c
-and djpeg.c, do not begin with "j".  Keep compression and decompression code in
-separate source files --- some applications may want only one half of the
-library.
-
-Note: these rules (particularly #4) are not followed religiously in the
-modules that are used in cjpeg/djpeg but are not part of the JPEG library
-proper.  Those modules are not really intended to be used in other
-applications.
diff --git a/3rdparty/libjpeg-turbo_2_1_0/croptest.in b/3rdparty/libjpeg-turbo_2_1_0/croptest.in
deleted file mode 100644
index 7e3c293..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/croptest.in
+++ /dev/null
@@ -1,95 +0,0 @@
-#!/bin/bash
-
-set -u
-set -e
-trap onexit INT
-trap onexit TERM
-trap onexit EXIT
-
-onexit()
-{
-	if [ -d $OUTDIR ]; then
-		rm -rf $OUTDIR
-	fi
-}
-
-runme()
-{
-	echo \*\*\* $*
-	$*
-}
-
-IMAGE=vgl_6548_0026a.bmp
-WIDTH=128
-HEIGHT=95
-IMGDIR=@CMAKE_CURRENT_SOURCE_DIR@/testimages
-OUTDIR=`mktemp -d /tmp/__croptest_output.XXXXXX`
-EXEDIR=@CMAKE_CURRENT_BINARY_DIR@
-
-if [ -d $OUTDIR ]; then
-	rm -rf $OUTDIR
-fi
-mkdir -p $OUTDIR
-
-exec >$EXEDIR/croptest.log
-
-echo "============================================================"
-echo "$IMAGE ($WIDTH x $HEIGHT)"
-echo "============================================================"
-echo
-
-for PROGARG in "" -progressive; do
-
-	cp $IMGDIR/$IMAGE $OUTDIR
-	basename=`basename $IMAGE .bmp`
-	echo "------------------------------------------------------------"
-	echo "Generating test images"
-	echo "------------------------------------------------------------"
-	echo
-	runme $EXEDIR/cjpeg $PROGARG -grayscale -outfile $OUTDIR/${basename}_GRAY.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg $PROGARG -sample 2x2 -outfile $OUTDIR/${basename}_420.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg $PROGARG -sample 2x1 -outfile $OUTDIR/${basename}_422.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg $PROGARG -sample 1x2 -outfile $OUTDIR/${basename}_440.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg $PROGARG -sample 1x1 -outfile $OUTDIR/${basename}_444.jpg $IMGDIR/${basename}.bmp
-	echo
-
-	for NSARG in "" -nosmooth; do
-
-		for COLORSARG in "" "-colors 256 -dither none -onepass"; do
-
-			for Y in {0..16}; do
-
-				for H in {1..16}; do
-
-					X=$(( (Y*16)%128 ))
-					W=$(( WIDTH-X-7 ))
-					if [ $Y -le 15 ]; then
-						CROPSPEC="${W}x${H}+${X}+${Y}"
-					else
-						Y2=$(( HEIGHT-H ));
-						CROPSPEC="${W}x${H}+${X}+${Y2}"
-					fi
-
-					echo "------------------------------------------------------------"
-					echo $PROGARG $NSARG $COLORSARG -crop $CROPSPEC
-					echo "------------------------------------------------------------"
-					echo
-					for samp in GRAY 420 422 440 444; do
-						$EXEDIR/djpeg $NSARG $COLORSARG -rgb -outfile $OUTDIR/${basename}_${samp}_full.ppm $OUTDIR/${basename}_${samp}.jpg
-						convert -crop $CROPSPEC $OUTDIR/${basename}_${samp}_full.ppm $OUTDIR/${basename}_${samp}_ref.ppm
-						runme $EXEDIR/djpeg $NSARG $COLORSARG -crop $CROPSPEC -rgb -outfile $OUTDIR/${basename}_${samp}.ppm $OUTDIR/${basename}_${samp}.jpg
-						runme cmp $OUTDIR/${basename}_${samp}.ppm $OUTDIR/${basename}_${samp}_ref.ppm
-					done
-					echo
-
-				done
-
-			done
-
-		done
-
-	done
-
-done
-
-echo SUCCESS!
diff --git a/3rdparty/libjpeg-turbo_2_1_0/djpeg.1 b/3rdparty/libjpeg-turbo_2_1_0/djpeg.1
deleted file mode 100644
index 31431b9..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/djpeg.1
+++ /dev/null
@@ -1,320 +0,0 @@
-.TH DJPEG 1 "4 November 2020"
-.SH NAME
-djpeg \- decompress a JPEG file to an image file
-.SH SYNOPSIS
-.B djpeg
-[
-.I options
-]
-[
-.I filename
-]
-.LP
-.SH DESCRIPTION
-.LP
-.B djpeg
-decompresses the named JPEG file, or the standard input if no file is named,
-and produces an image file on the standard output.  PBMPLUS (PPM/PGM), BMP,
-GIF, or Targa output format can be selected.
-.SH OPTIONS
-All switch names may be abbreviated; for example,
-.B \-grayscale
-may be written
-.B \-gray
-or
-.BR \-gr .
-Most of the "basic" switches can be abbreviated to as little as one letter.
-Upper and lower case are equivalent (thus
-.B \-BMP
-is the same as
-.BR \-bmp ).
-British spellings are also accepted (e.g.,
-.BR \-greyscale ),
-though for brevity these are not mentioned below.
-.PP
-The basic switches are:
-.TP
-.BI \-colors " N"
-Reduce image to at most N colors.  This reduces the number of colors used in
-the output image, so that it can be displayed on a colormapped display or
-stored in a colormapped file format.  For example, if you have an 8-bit
-display, you'd need to reduce to 256 or fewer colors.
-.TP
-.BI \-quantize " N"
-Same as
-.BR \-colors .
-.B \-colors
-is the recommended name,
-.B \-quantize
-is provided only for backwards compatibility.
-.TP
-.B \-fast
-Select recommended processing options for fast, low quality output.  (The
-default options are chosen for highest quality output.)  Currently, this is
-equivalent to \fB\-dct fast \-nosmooth \-onepass \-dither ordered\fR.
-.TP
-.B \-grayscale
-Force grayscale output even if JPEG file is color.  Useful for viewing on
-monochrome displays; also,
-.B djpeg
-runs noticeably faster in this mode.
-.TP
-.B \-rgb
-Force RGB output even if JPEG file is grayscale.
-.TP
-.BI \-scale " M/N"
-Scale the output image by a factor M/N.  Currently the scale factor must be
-M/8, where M is an integer between 1 and 16 inclusive, or any reduced fraction
-thereof (such as 1/2, 3/4, etc.)  Scaling is handy if the image is larger than
-your screen; also,
-.B djpeg
-runs much faster when scaling down the output.
-.TP
-.B \-bmp
-Select BMP output format (Windows flavor).  8-bit colormapped format is
-emitted if
-.B \-colors
-or
-.B \-grayscale
-is specified, or if the JPEG file is grayscale; otherwise, 24-bit full-color
-format is emitted.
-.TP
-.B \-gif
-Select GIF output format (LZW-compressed).  Since GIF does not support more
-than 256 colors,
-.B \-colors 256
-is assumed (unless you specify a smaller number of colors).  If you specify
-.BR \-fast,
-the default number of colors is 216.
-.TP
-.B \-gif0
-Select GIF output format (uncompressed).  Since GIF does not support more than
-256 colors,
-.B \-colors 256
-is assumed (unless you specify a smaller number of colors).  If you specify
-.BR \-fast,
-the default number of colors is 216.
-.TP
-.B \-os2
-Select BMP output format (OS/2 1.x flavor).  8-bit colormapped format is
-emitted if
-.B \-colors
-or
-.B \-grayscale
-is specified, or if the JPEG file is grayscale; otherwise, 24-bit full-color
-format is emitted.
-.TP
-.B \-pnm
-Select PBMPLUS (PPM/PGM) output format (this is the default format).
-PGM is emitted if the JPEG file is grayscale or if
-.B \-grayscale
-is specified; otherwise PPM is emitted.
-.TP
-.B \-targa
-Select Targa output format.  Grayscale format is emitted if the JPEG file is
-grayscale or if
-.B \-grayscale
-is specified; otherwise, colormapped format is emitted if
-.B \-colors
-is specified; otherwise, 24-bit full-color format is emitted.
-.PP
-Switches for advanced users:
-.TP
-.B \-dct int
-Use accurate integer DCT method (default).
-.TP
-.B \-dct fast
-Use less accurate integer DCT method [legacy feature].
-When the Independent JPEG Group's software was first released in 1991, the
-decompression time for a 1-megapixel JPEG image on a mainstream PC was measured
-in minutes.  Thus, the \fBfast\fR integer DCT algorithm provided noticeable
-performance benefits.  On modern CPUs running libjpeg-turbo, however, the
-decompression time for a 1-megapixel JPEG image is measured in milliseconds,
-and thus the performance benefits of the \fBfast\fR algorithm are much less
-noticeable.  On modern x86/x86-64 CPUs that support AVX2 instructions, the
-\fBfast\fR and \fBint\fR methods have similar performance.  On other types of
-CPUs, the \fBfast\fR method is generally about 5-15% faster than the \fBint\fR
-method.
-
-If the JPEG image was compressed using a quality level of 85 or below, then
-there should be little or no perceptible quality difference between the two
-algorithms.  When decompressing images that were compressed using quality
-levels above 85, however, the difference between the \fBfast\fR and \fBint\fR
-methods becomes more pronounced.  With images compressed using quality=97, for
-instance, the \fBfast\fR method incurs generally about a 4-6 dB loss in PSNR
-relative to the \fBint\fR method, but this can be larger for some images.  If
-you can avoid it, do not use the \fBfast\fR method when decompressing images
-that were compressed using quality levels above 97.  The algorithm often
-degenerates for such images and can actually produce a more lossy output image
-than if the JPEG image had been compressed using lower quality levels.
-.TP
-.B \-dct float
-Use floating-point DCT method [legacy feature].
-The \fBfloat\fR method does not produce significantly more accurate results
-than the \fBint\fR method, and it is much slower.  The \fBfloat\fR method may
-also give different results on different machines due to varying roundoff
-behavior, whereas the integer methods should give the same results on all
-machines.
-.TP
-.B \-dither fs
-Use Floyd-Steinberg dithering in color quantization.
-.TP
-.B \-dither ordered
-Use ordered dithering in color quantization.
-.TP
-.B \-dither none
-Do not use dithering in color quantization.
-By default, Floyd-Steinberg dithering is applied when quantizing colors; this
-is slow but usually produces the best results.  Ordered dither is a compromise
-between speed and quality; no dithering is fast but usually looks awful.  Note
-that these switches have no effect unless color quantization is being done.
-Ordered dither is only available in
-.B \-onepass
-mode.
-.TP
-.BI \-icc " file"
-Extract ICC color management profile to the specified file.
-.TP
-.BI \-map " file"
-Quantize to the colors used in the specified image file.  This is useful for
-producing multiple files with identical color maps, or for forcing a
-predefined set of colors to be used.  The
-.I file
-must be a GIF or PPM file. This option overrides
-.B \-colors
-and
-.BR \-onepass .
-.TP
-.B \-nosmooth
-Use a faster, lower-quality upsampling routine.
-.TP
-.B \-onepass
-Use one-pass instead of two-pass color quantization.  The one-pass method is
-faster and needs less memory, but it produces a lower-quality image.
-.B \-onepass
-is ignored unless you also say
-.B \-colors
-.IR N .
-Also, the one-pass method is always used for grayscale output (the two-pass
-method is no improvement then).
-.TP
-.BI \-maxmemory " N"
-Set limit for amount of memory to use in processing large images.  Value is
-in thousands of bytes, or millions of bytes if "M" is attached to the
-number.  For example,
-.B \-max 4m
-selects 4000000 bytes.  If more space is needed, an error will occur.
-.TP
-.BI \-maxscans " N"
-Abort if the JPEG image contains more than
-.I N
-scans.  This feature demonstrates a method by which applications can guard
-against denial-of-service attacks instigated by specially-crafted malformed
-JPEG images containing numerous scans with missing image data or image data
-consisting only of "EOB runs" (a feature of progressive JPEG images that allows
-potentially hundreds of thousands of adjoining zero-value pixels to be
-represented using only a few bytes.)  Attempting to decompress such malformed
-JPEG images can cause excessive CPU activity, since the decompressor must fully
-process each scan (even if the scan is corrupt) before it can proceed to the
-next scan.
-.TP
-.BI \-outfile " name"
-Send output image to the named file, not to standard output.
-.TP
-.BI \-memsrc
-Load input file into memory before decompressing.  This feature was implemented
-mainly as a way of testing the in-memory source manager (jpeg_mem_src().)
-.TP
-.BI \-report
-Report decompression progress.
-.TP
-.BI \-skip " Y0,Y1"
-Decompress all rows of the JPEG image except those between Y0 and Y1
-(inclusive.)  Note that if decompression scaling is being used, then Y0 and Y1
-are relative to the scaled image dimensions.
-.TP
-.BI \-crop " WxH+X+Y"
-Decompress only a rectangular subregion of the image, starting at point X,Y
-with width W and height H.  If necessary, X will be shifted left to the nearest
-iMCU boundary, and the width will be increased accordingly.  Note that if
-decompression scaling is being used, then X, Y, W, and H are relative to the
-scaled image dimensions.  Currently this option only works with the
-PBMPLUS (PPM/PGM), GIF, and Targa output formats.
-.TP
-.BI \-strict
-Treat all warnings as fatal.  This feature also demonstrates a method by which
-applications can guard against attacks instigated by specially-crafted
-malformed JPEG images.  Enabling this option will cause the decompressor to
-abort if the JPEG image contains incomplete or corrupt image data.
-.TP
-.B \-verbose
-Enable debug printout.  More
-.BR \-v 's
-give more output.  Also, version information is printed at startup.
-.TP
-.B \-debug
-Same as
-.BR \-verbose .
-.TP
-.B \-version
-Print version information and exit.
-.SH EXAMPLES
-.LP
-This example decompresses the JPEG file foo.jpg, quantizes it to
-256 colors, and saves the output in 8-bit BMP format in foo.bmp:
-.IP
-.B djpeg \-colors 256 \-bmp
-.I foo.jpg
-.B >
-.I foo.bmp
-.SH HINTS
-To get a quick preview of an image, use the
-.B \-grayscale
-and/or
-.B \-scale
-switches.
-.B \-grayscale \-scale 1/8
-is the fastest case.
-.PP
-Several options are available that trade off image quality to gain speed.
-.B \-fast
-turns on the recommended settings.
-.PP
-.B \-dct fast
-and/or
-.B \-nosmooth
-gain speed at a small sacrifice in quality.
-When producing a color-quantized image,
-.B \-onepass \-dither ordered
-is fast but much lower quality than the default behavior.
-.B \-dither none
-may give acceptable results in two-pass mode, but is seldom tolerable in
-one-pass mode.
-.SH ENVIRONMENT
-.TP
-.B JPEGMEM
-If this environment variable is set, its value is the default memory limit.
-The value is specified as described for the
-.B \-maxmemory
-switch.
-.B JPEGMEM
-overrides the default value specified when the program was compiled, and
-itself is overridden by an explicit
-.BR \-maxmemory .
-.SH SEE ALSO
-.BR cjpeg (1),
-.BR jpegtran (1),
-.BR rdjpgcom (1),
-.BR wrjpgcom (1)
-.br
-.BR ppm (5),
-.BR pgm (5)
-.br
-Wallace, Gregory K.  "The JPEG Still Picture Compression Standard",
-Communications of the ACM, April 1991 (vol. 34, no. 4), pp. 30-44.
-.SH AUTHOR
-Independent JPEG Group
-.PP
-This file was modified by The libjpeg-turbo Project to include only information
-relevant to libjpeg-turbo, to wordsmith certain sections, and to describe
-features not present in libjpeg.
diff --git a/3rdparty/libjpeg-turbo_2_1_0/djpeg.c b/3rdparty/libjpeg-turbo_2_1_0/djpeg.c
deleted file mode 100644
index d47984e..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/djpeg.c
+++ /dev/null
@@ -1,868 +0,0 @@
-/*
- * djpeg.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1997, Thomas G. Lane.
- * Modified 2013-2019 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2010-2011, 2013-2017, 2019-2020, D. R. Commander.
- * Copyright (C) 2015, Google, Inc.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains a command-line user interface for the JPEG decompressor.
- * It should work on any system with Unix- or MS-DOS-style command lines.
- *
- * Two different command line styles are permitted, depending on the
- * compile-time switch TWO_FILE_COMMANDLINE:
- *      djpeg [options]  inputfile outputfile
- *      djpeg [options]  [inputfile]
- * In the second style, output is always to standard output, which you'd
- * normally redirect to a file or pipe to some other program.  Input is
- * either from a named file or from standard input (typically redirected).
- * The second style is convenient on Unix but is unhelpful on systems that
- * don't support pipes.  Also, you MUST use the first style if your system
- * doesn't do binary I/O to stdin/stdout.
- * To simplify script writing, the "-outfile" switch is provided.  The syntax
- *      djpeg [options]  -outfile outputfile  inputfile
- * works regardless of which command line style is used.
- */
-
-#include "cdjpeg.h"             /* Common decls for cjpeg/djpeg applications */
-#include "jversion.h"           /* for version message */
-#include "jconfigint.h"
-
-#ifndef HAVE_STDLIB_H           /* <stdlib.h> should declare free() */
-extern void free(void *ptr);
-#endif
-
-#include <ctype.h>              /* to declare isprint() */
-
-#ifdef USE_CCOMMAND             /* command-line reader for Macintosh */
-#ifdef __MWERKS__
-#include <SIOUX.h>              /* Metrowerks needs this */
-#include <console.h>            /* ... and this */
-#endif
-#ifdef THINK_C
-#include <console.h>            /* Think declares it here */
-#endif
-#endif
-
-
-/* Create the add-on message string table. */
-
-#define JMESSAGE(code, string)  string,
-
-static const char * const cdjpeg_message_table[] = {
-#include "cderror.h"
-  NULL
-};
-
-
-/*
- * This list defines the known output image formats
- * (not all of which need be supported by a given version).
- * You can change the default output format by defining DEFAULT_FMT;
- * indeed, you had better do so if you undefine PPM_SUPPORTED.
- */
-
-typedef enum {
-  FMT_BMP,                      /* BMP format (Windows flavor) */
-  FMT_GIF,                      /* GIF format (LZW-compressed) */
-  FMT_GIF0,                     /* GIF format (uncompressed) */
-  FMT_OS2,                      /* BMP format (OS/2 flavor) */
-  FMT_PPM,                      /* PPM/PGM (PBMPLUS formats) */
-  FMT_TARGA,                    /* Targa format */
-  FMT_TIFF                      /* TIFF format */
-} IMAGE_FORMATS;
-
-#ifndef DEFAULT_FMT             /* so can override from CFLAGS in Makefile */
-#define DEFAULT_FMT     FMT_PPM
-#endif
-
-static IMAGE_FORMATS requested_fmt;
-
-
-/*
- * Argument-parsing code.
- * The switch parser is designed to be useful with DOS-style command line
- * syntax, ie, intermixed switches and file names, where only the switches
- * to the left of a given file name affect processing of that file.
- * The main program in this file doesn't actually use this capability...
- */
-
-
-static const char *progname;    /* program name for error messages */
-static char *icc_filename;      /* for -icc switch */
-JDIMENSION max_scans;           /* for -maxscans switch */
-static char *outfilename;       /* for -outfile switch */
-boolean memsrc;                 /* for -memsrc switch */
-boolean report;                 /* for -report switch */
-boolean skip, crop;
-JDIMENSION skip_start, skip_end;
-JDIMENSION crop_x, crop_y, crop_width, crop_height;
-boolean strict;                 /* for -strict switch */
-#define INPUT_BUF_SIZE  4096
-
-
-LOCAL(void)
-usage(void)
-/* complain about bad command line */
-{
-  fprintf(stderr, "usage: %s [switches] ", progname);
-#ifdef TWO_FILE_COMMANDLINE
-  fprintf(stderr, "inputfile outputfile\n");
-#else
-  fprintf(stderr, "[inputfile]\n");
-#endif
-
-  fprintf(stderr, "Switches (names may be abbreviated):\n");
-  fprintf(stderr, "  -colors N      Reduce image to no more than N colors\n");
-  fprintf(stderr, "  -fast          Fast, low-quality processing\n");
-  fprintf(stderr, "  -grayscale     Force grayscale output\n");
-  fprintf(stderr, "  -rgb           Force RGB output\n");
-  fprintf(stderr, "  -rgb565        Force RGB565 output\n");
-#ifdef IDCT_SCALING_SUPPORTED
-  fprintf(stderr, "  -scale M/N     Scale output image by fraction M/N, eg, 1/8\n");
-#endif
-#ifdef BMP_SUPPORTED
-  fprintf(stderr, "  -bmp           Select BMP output format (Windows style)%s\n",
-          (DEFAULT_FMT == FMT_BMP ? " (default)" : ""));
-#endif
-#ifdef GIF_SUPPORTED
-  fprintf(stderr, "  -gif           Select GIF output format (LZW-compressed)%s\n",
-          (DEFAULT_FMT == FMT_GIF ? " (default)" : ""));
-  fprintf(stderr, "  -gif0          Select GIF output format (uncompressed)%s\n",
-          (DEFAULT_FMT == FMT_GIF0 ? " (default)" : ""));
-#endif
-#ifdef BMP_SUPPORTED
-  fprintf(stderr, "  -os2           Select BMP output format (OS/2 style)%s\n",
-          (DEFAULT_FMT == FMT_OS2 ? " (default)" : ""));
-#endif
-#ifdef PPM_SUPPORTED
-  fprintf(stderr, "  -pnm           Select PBMPLUS (PPM/PGM) output format%s\n",
-          (DEFAULT_FMT == FMT_PPM ? " (default)" : ""));
-#endif
-#ifdef TARGA_SUPPORTED
-  fprintf(stderr, "  -targa         Select Targa output format%s\n",
-          (DEFAULT_FMT == FMT_TARGA ? " (default)" : ""));
-#endif
-  fprintf(stderr, "Switches for advanced users:\n");
-#ifdef DCT_ISLOW_SUPPORTED
-  fprintf(stderr, "  -dct int       Use accurate integer DCT method%s\n",
-          (JDCT_DEFAULT == JDCT_ISLOW ? " (default)" : ""));
-#endif
-#ifdef DCT_IFAST_SUPPORTED
-  fprintf(stderr, "  -dct fast      Use less accurate integer DCT method [legacy feature]%s\n",
-          (JDCT_DEFAULT == JDCT_IFAST ? " (default)" : ""));
-#endif
-#ifdef DCT_FLOAT_SUPPORTED
-  fprintf(stderr, "  -dct float     Use floating-point DCT method [legacy feature]%s\n",
-          (JDCT_DEFAULT == JDCT_FLOAT ? " (default)" : ""));
-#endif
-  fprintf(stderr, "  -dither fs     Use F-S dithering (default)\n");
-  fprintf(stderr, "  -dither none   Don't use dithering in quantization\n");
-  fprintf(stderr, "  -dither ordered  Use ordered dither (medium speed, quality)\n");
-  fprintf(stderr, "  -icc FILE      Extract ICC profile to FILE\n");
-#ifdef QUANT_2PASS_SUPPORTED
-  fprintf(stderr, "  -map FILE      Map to colors used in named image file\n");
-#endif
-  fprintf(stderr, "  -nosmooth      Don't use high-quality upsampling\n");
-#ifdef QUANT_1PASS_SUPPORTED
-  fprintf(stderr, "  -onepass       Use 1-pass quantization (fast, low quality)\n");
-#endif
-  fprintf(stderr, "  -maxmemory N   Maximum memory to use (in kbytes)\n");
-  fprintf(stderr, "  -maxscans N    Maximum number of scans to allow in input file\n");
-  fprintf(stderr, "  -outfile name  Specify name for output file\n");
-#if JPEG_LIB_VERSION >= 80 || defined(MEM_SRCDST_SUPPORTED)
-  fprintf(stderr, "  -memsrc        Load input file into memory before decompressing\n");
-#endif
-  fprintf(stderr, "  -report        Report decompression progress\n");
-  fprintf(stderr, "  -skip Y0,Y1    Decompress all rows except those between Y0 and Y1 (inclusive)\n");
-  fprintf(stderr, "  -crop WxH+X+Y  Decompress only a rectangular subregion of the image\n");
-  fprintf(stderr, "                 [requires PBMPLUS (PPM/PGM), GIF, or Targa output format]\n");
-  fprintf(stderr, "  -strict        Treat all warnings as fatal\n");
-  fprintf(stderr, "  -verbose  or  -debug   Emit debug output\n");
-  fprintf(stderr, "  -version       Print version information and exit\n");
-  exit(EXIT_FAILURE);
-}
-
-
-LOCAL(int)
-parse_switches(j_decompress_ptr cinfo, int argc, char **argv,
-               int last_file_arg_seen, boolean for_real)
-/* Parse optional switches.
- * Returns argv[] index of first file-name argument (== argc if none).
- * Any file names with indexes <= last_file_arg_seen are ignored;
- * they have presumably been processed in a previous iteration.
- * (Pass 0 for last_file_arg_seen on the first or only iteration.)
- * for_real is FALSE on the first (dummy) pass; we may skip any expensive
- * processing.
- */
-{
-  int argn;
-  char *arg;
-
-  /* Set up default JPEG parameters. */
-  requested_fmt = DEFAULT_FMT;  /* set default output file format */
-  icc_filename = NULL;
-  max_scans = 0;
-  outfilename = NULL;
-  memsrc = FALSE;
-  report = FALSE;
-  skip = FALSE;
-  crop = FALSE;
-  strict = FALSE;
-  cinfo->err->trace_level = 0;
-
-  /* Scan command line options, adjust parameters */
-
-  for (argn = 1; argn < argc; argn++) {
-    arg = argv[argn];
-    if (*arg != '-') {
-      /* Not a switch, must be a file name argument */
-      if (argn <= last_file_arg_seen) {
-        outfilename = NULL;     /* -outfile applies to just one input file */
-        continue;               /* ignore this name if previously processed */
-      }
-      break;                    /* else done parsing switches */
-    }
-    arg++;                      /* advance past switch marker character */
-
-    if (keymatch(arg, "bmp", 1)) {
-      /* BMP output format (Windows flavor). */
-      requested_fmt = FMT_BMP;
-
-    } else if (keymatch(arg, "colors", 1) || keymatch(arg, "colours", 1) ||
-               keymatch(arg, "quantize", 1) || keymatch(arg, "quantise", 1)) {
-      /* Do color quantization. */
-      int val;
-
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      if (sscanf(argv[argn], "%d", &val) != 1)
-        usage();
-      cinfo->desired_number_of_colors = val;
-      cinfo->quantize_colors = TRUE;
-
-    } else if (keymatch(arg, "dct", 2)) {
-      /* Select IDCT algorithm. */
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      if (keymatch(argv[argn], "int", 1)) {
-        cinfo->dct_method = JDCT_ISLOW;
-      } else if (keymatch(argv[argn], "fast", 2)) {
-        cinfo->dct_method = JDCT_IFAST;
-      } else if (keymatch(argv[argn], "float", 2)) {
-        cinfo->dct_method = JDCT_FLOAT;
-      } else
-        usage();
-
-    } else if (keymatch(arg, "dither", 2)) {
-      /* Select dithering algorithm. */
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      if (keymatch(argv[argn], "fs", 2)) {
-        cinfo->dither_mode = JDITHER_FS;
-      } else if (keymatch(argv[argn], "none", 2)) {
-        cinfo->dither_mode = JDITHER_NONE;
-      } else if (keymatch(argv[argn], "ordered", 2)) {
-        cinfo->dither_mode = JDITHER_ORDERED;
-      } else
-        usage();
-
-    } else if (keymatch(arg, "debug", 1) || keymatch(arg, "verbose", 1)) {
-      /* Enable debug printouts. */
-      /* On first -d, print version identification */
-      static boolean printed_version = FALSE;
-
-      if (!printed_version) {
-        fprintf(stderr, "%s version %s (build %s)\n",
-                PACKAGE_NAME, VERSION, BUILD);
-        fprintf(stderr, "%s\n\n", JCOPYRIGHT);
-        fprintf(stderr, "Emulating The Independent JPEG Group's software, version %s\n\n",
-                JVERSION);
-        printed_version = TRUE;
-      }
-      cinfo->err->trace_level++;
-
-    } else if (keymatch(arg, "version", 4)) {
-      fprintf(stderr, "%s version %s (build %s)\n",
-              PACKAGE_NAME, VERSION, BUILD);
-      exit(EXIT_SUCCESS);
-
-    } else if (keymatch(arg, "fast", 1)) {
-      /* Select recommended processing options for quick-and-dirty output. */
-      cinfo->two_pass_quantize = FALSE;
-      cinfo->dither_mode = JDITHER_ORDERED;
-      if (!cinfo->quantize_colors) /* don't override an earlier -colors */
-        cinfo->desired_number_of_colors = 216;
-      cinfo->dct_method = JDCT_FASTEST;
-      cinfo->do_fancy_upsampling = FALSE;
-
-    } else if (keymatch(arg, "gif", 1)) {
-      /* GIF output format (LZW-compressed). */
-      requested_fmt = FMT_GIF;
-
-    } else if (keymatch(arg, "gif0", 4)) {
-      /* GIF output format (uncompressed). */
-      requested_fmt = FMT_GIF0;
-
-    } else if (keymatch(arg, "grayscale", 2) ||
-               keymatch(arg, "greyscale", 2)) {
-      /* Force monochrome output. */
-      cinfo->out_color_space = JCS_GRAYSCALE;
-
-    } else if (keymatch(arg, "rgb", 2)) {
-      /* Force RGB output. */
-      cinfo->out_color_space = JCS_RGB;
-
-    } else if (keymatch(arg, "rgb565", 2)) {
-      /* Force RGB565 output. */
-      cinfo->out_color_space = JCS_RGB565;
-
-    } else if (keymatch(arg, "icc", 1)) {
-      /* Set ICC filename. */
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      icc_filename = argv[argn];
-      jpeg_save_markers(cinfo, JPEG_APP0 + 2, 0xFFFF);
-
-    } else if (keymatch(arg, "map", 3)) {
-      /* Quantize to a color map taken from an input file. */
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      if (for_real) {           /* too expensive to do twice! */
-#ifdef QUANT_2PASS_SUPPORTED    /* otherwise can't quantize to supplied map */
-        FILE *mapfile;
-
-        if ((mapfile = fopen(argv[argn], READ_BINARY)) == NULL) {
-          fprintf(stderr, "%s: can't open %s\n", progname, argv[argn]);
-          exit(EXIT_FAILURE);
-        }
-        read_color_map(cinfo, mapfile);
-        fclose(mapfile);
-        cinfo->quantize_colors = TRUE;
-#else
-        ERREXIT(cinfo, JERR_NOT_COMPILED);
-#endif
-      }
-
-    } else if (keymatch(arg, "maxmemory", 3)) {
-      /* Maximum memory in Kb (or Mb with 'm'). */
-      long lval;
-      char ch = 'x';
-
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      if (sscanf(argv[argn], "%ld%c", &lval, &ch) < 1)
-        usage();
-      if (ch == 'm' || ch == 'M')
-        lval *= 1000L;
-      cinfo->mem->max_memory_to_use = lval * 1000L;
-
-    } else if (keymatch(arg, "maxscans", 4)) {
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      if (sscanf(argv[argn], "%u", &max_scans) != 1)
-        usage();
-
-    } else if (keymatch(arg, "nosmooth", 3)) {
-      /* Suppress fancy upsampling */
-      cinfo->do_fancy_upsampling = FALSE;
-
-    } else if (keymatch(arg, "onepass", 3)) {
-      /* Use fast one-pass quantization. */
-      cinfo->two_pass_quantize = FALSE;
-
-    } else if (keymatch(arg, "os2", 3)) {
-      /* BMP output format (OS/2 flavor). */
-      requested_fmt = FMT_OS2;
-
-    } else if (keymatch(arg, "outfile", 4)) {
-      /* Set output file name. */
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      outfilename = argv[argn]; /* save it away for later use */
-
-    } else if (keymatch(arg, "memsrc", 2)) {
-      /* Use in-memory source manager */
-#if JPEG_LIB_VERSION >= 80 || defined(MEM_SRCDST_SUPPORTED)
-      memsrc = TRUE;
-#else
-      fprintf(stderr, "%s: sorry, in-memory source manager was not compiled in\n",
-              progname);
-      exit(EXIT_FAILURE);
-#endif
-
-    } else if (keymatch(arg, "pnm", 1) || keymatch(arg, "ppm", 1)) {
-      /* PPM/PGM output format. */
-      requested_fmt = FMT_PPM;
-
-    } else if (keymatch(arg, "report", 2)) {
-      report = TRUE;
-
-    } else if (keymatch(arg, "scale", 2)) {
-      /* Scale the output image by a fraction M/N. */
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      if (sscanf(argv[argn], "%u/%u",
-                 &cinfo->scale_num, &cinfo->scale_denom) != 2)
-        usage();
-
-    } else if (keymatch(arg, "skip", 2)) {
-      if (++argn >= argc)
-        usage();
-      if (sscanf(argv[argn], "%u,%u", &skip_start, &skip_end) != 2 ||
-          skip_start > skip_end)
-        usage();
-      skip = TRUE;
-
-    } else if (keymatch(arg, "crop", 2)) {
-      char c;
-      if (++argn >= argc)
-        usage();
-      if (sscanf(argv[argn], "%u%c%u+%u+%u", &crop_width, &c, &crop_height,
-                 &crop_x, &crop_y) != 5 ||
-          (c != 'X' && c != 'x') || crop_width < 1 || crop_height < 1)
-        usage();
-      crop = TRUE;
-
-    } else if (keymatch(arg, "strict", 2)) {
-      strict = TRUE;
-
-    } else if (keymatch(arg, "targa", 1)) {
-      /* Targa output format. */
-      requested_fmt = FMT_TARGA;
-
-    } else {
-      usage();                  /* bogus switch */
-    }
-  }
-
-  return argn;                  /* return index of next arg (file name) */
-}
-
-
-/*
- * Marker processor for COM and interesting APPn markers.
- * This replaces the library's built-in processor, which just skips the marker.
- * We want to print out the marker as text, to the extent possible.
- * Note this code relies on a non-suspending data source.
- */
-
-LOCAL(unsigned int)
-jpeg_getc(j_decompress_ptr cinfo)
-/* Read next byte */
-{
-  struct jpeg_source_mgr *datasrc = cinfo->src;
-
-  if (datasrc->bytes_in_buffer == 0) {
-    if (!(*datasrc->fill_input_buffer) (cinfo))
-      ERREXIT(cinfo, JERR_CANT_SUSPEND);
-  }
-  datasrc->bytes_in_buffer--;
-  return *datasrc->next_input_byte++;
-}
-
-
-METHODDEF(boolean)
-print_text_marker(j_decompress_ptr cinfo)
-{
-  boolean traceit = (cinfo->err->trace_level >= 1);
-  long length;
-  unsigned int ch;
-  unsigned int lastch = 0;
-
-  length = jpeg_getc(cinfo) << 8;
-  length += jpeg_getc(cinfo);
-  length -= 2;                  /* discount the length word itself */
-
-  if (traceit) {
-    if (cinfo->unread_marker == JPEG_COM)
-      fprintf(stderr, "Comment, length %ld:\n", (long)length);
-    else                        /* assume it is an APPn otherwise */
-      fprintf(stderr, "APP%d, length %ld:\n",
-              cinfo->unread_marker - JPEG_APP0, (long)length);
-  }
-
-  while (--length >= 0) {
-    ch = jpeg_getc(cinfo);
-    if (traceit) {
-      /* Emit the character in a readable form.
-       * Nonprintables are converted to \nnn form,
-       * while \ is converted to \\.
-       * Newlines in CR, CR/LF, or LF form will be printed as one newline.
-       */
-      if (ch == '\r') {
-        fprintf(stderr, "\n");
-      } else if (ch == '\n') {
-        if (lastch != '\r')
-          fprintf(stderr, "\n");
-      } else if (ch == '\\') {
-        fprintf(stderr, "\\\\");
-      } else if (isprint(ch)) {
-        putc(ch, stderr);
-      } else {
-        fprintf(stderr, "\\%03o", ch);
-      }
-      lastch = ch;
-    }
-  }
-
-  if (traceit)
-    fprintf(stderr, "\n");
-
-  return TRUE;
-}
-
-
-METHODDEF(void)
-my_emit_message(j_common_ptr cinfo, int msg_level)
-{
-  if (msg_level < 0) {
-    /* Treat warning as fatal */
-    cinfo->err->error_exit(cinfo);
-  } else {
-    if (cinfo->err->trace_level >= msg_level)
-      cinfo->err->output_message(cinfo);
-  }
-}
-
-
-/*
- * The main program.
- */
-
-int
-main(int argc, char **argv)
-{
-  struct jpeg_decompress_struct cinfo;
-  struct jpeg_error_mgr jerr;
-  struct cdjpeg_progress_mgr progress;
-  int file_index;
-  djpeg_dest_ptr dest_mgr = NULL;
-  FILE *input_file;
-  FILE *output_file;
-  unsigned char *inbuffer = NULL;
-#if JPEG_LIB_VERSION >= 80 || defined(MEM_SRCDST_SUPPORTED)
-  unsigned long insize = 0;
-#endif
-  JDIMENSION num_scanlines;
-
-  /* On Mac, fetch a command line. */
-#ifdef USE_CCOMMAND
-  argc = ccommand(&argv);
-#endif
-
-  progname = argv[0];
-  if (progname == NULL || progname[0] == 0)
-    progname = "djpeg";         /* in case C library doesn't provide it */
-
-  /* Initialize the JPEG decompression object with default error handling. */
-  cinfo.err = jpeg_std_error(&jerr);
-  jpeg_create_decompress(&cinfo);
-  /* Add some application-specific error messages (from cderror.h) */
-  jerr.addon_message_table = cdjpeg_message_table;
-  jerr.first_addon_message = JMSG_FIRSTADDONCODE;
-  jerr.last_addon_message = JMSG_LASTADDONCODE;
-
-  /* Insert custom marker processor for COM and APP12.
-   * APP12 is used by some digital camera makers for textual info,
-   * so we provide the ability to display it as text.
-   * If you like, additional APPn marker types can be selected for display,
-   * but don't try to override APP0 or APP14 this way (see libjpeg.txt).
-   */
-  jpeg_set_marker_processor(&cinfo, JPEG_COM, print_text_marker);
-  jpeg_set_marker_processor(&cinfo, JPEG_APP0 + 12, print_text_marker);
-
-  /* Scan command line to find file names. */
-  /* It is convenient to use just one switch-parsing routine, but the switch
-   * values read here are ignored; we will rescan the switches after opening
-   * the input file.
-   * (Exception: tracing level set here controls verbosity for COM markers
-   * found during jpeg_read_header...)
-   */
-
-  file_index = parse_switches(&cinfo, argc, argv, 0, FALSE);
-
-  if (strict)
-    jerr.emit_message = my_emit_message;
-
-#ifdef TWO_FILE_COMMANDLINE
-  /* Must have either -outfile switch or explicit output file name */
-  if (outfilename == NULL) {
-    if (file_index != argc - 2) {
-      fprintf(stderr, "%s: must name one input and one output file\n",
-              progname);
-      usage();
-    }
-    outfilename = argv[file_index + 1];
-  } else {
-    if (file_index != argc - 1) {
-      fprintf(stderr, "%s: must name one input and one output file\n",
-              progname);
-      usage();
-    }
-  }
-#else
-  /* Unix style: expect zero or one file name */
-  if (file_index < argc - 1) {
-    fprintf(stderr, "%s: only one input file\n", progname);
-    usage();
-  }
-#endif /* TWO_FILE_COMMANDLINE */
-
-  /* Open the input file. */
-  if (file_index < argc) {
-    if ((input_file = fopen(argv[file_index], READ_BINARY)) == NULL) {
-      fprintf(stderr, "%s: can't open %s\n", progname, argv[file_index]);
-      exit(EXIT_FAILURE);
-    }
-  } else {
-    /* default input file is stdin */
-    input_file = read_stdin();
-  }
-
-  /* Open the output file. */
-  if (outfilename != NULL) {
-    if ((output_file = fopen(outfilename, WRITE_BINARY)) == NULL) {
-      fprintf(stderr, "%s: can't open %s\n", progname, outfilename);
-      exit(EXIT_FAILURE);
-    }
-  } else {
-    /* default output file is stdout */
-    output_file = write_stdout();
-  }
-
-  if (report || max_scans != 0) {
-    start_progress_monitor((j_common_ptr)&cinfo, &progress);
-    progress.report = report;
-    progress.max_scans = max_scans;
-  }
-
-  /* Specify data source for decompression */
-#if JPEG_LIB_VERSION >= 80 || defined(MEM_SRCDST_SUPPORTED)
-  if (memsrc) {
-    size_t nbytes;
-    do {
-      inbuffer = (unsigned char *)realloc(inbuffer, insize + INPUT_BUF_SIZE);
-      if (inbuffer == NULL) {
-        fprintf(stderr, "%s: memory allocation failure\n", progname);
-        exit(EXIT_FAILURE);
-      }
-      nbytes = JFREAD(input_file, &inbuffer[insize], INPUT_BUF_SIZE);
-      if (nbytes < INPUT_BUF_SIZE && ferror(input_file)) {
-        if (file_index < argc)
-          fprintf(stderr, "%s: can't read from %s\n", progname,
-                  argv[file_index]);
-        else
-          fprintf(stderr, "%s: can't read from stdin\n", progname);
-      }
-      insize += (unsigned long)nbytes;
-    } while (nbytes == INPUT_BUF_SIZE);
-    fprintf(stderr, "Compressed size:  %lu bytes\n", insize);
-    jpeg_mem_src(&cinfo, inbuffer, insize);
-  } else
-#endif
-    jpeg_stdio_src(&cinfo, input_file);
-
-  /* Read file header, set default decompression parameters */
-  (void)jpeg_read_header(&cinfo, TRUE);
-
-  /* Adjust default decompression parameters by re-parsing the options */
-  file_index = parse_switches(&cinfo, argc, argv, 0, TRUE);
-
-  /* Initialize the output module now to let it override any crucial
-   * option settings (for instance, GIF wants to force color quantization).
-   */
-  switch (requested_fmt) {
-#ifdef BMP_SUPPORTED
-  case FMT_BMP:
-    dest_mgr = jinit_write_bmp(&cinfo, FALSE, TRUE);
-    break;
-  case FMT_OS2:
-    dest_mgr = jinit_write_bmp(&cinfo, TRUE, TRUE);
-    break;
-#endif
-#ifdef GIF_SUPPORTED
-  case FMT_GIF:
-    dest_mgr = jinit_write_gif(&cinfo, TRUE);
-    break;
-  case FMT_GIF0:
-    dest_mgr = jinit_write_gif(&cinfo, FALSE);
-    break;
-#endif
-#ifdef PPM_SUPPORTED
-  case FMT_PPM:
-    dest_mgr = jinit_write_ppm(&cinfo);
-    break;
-#endif
-#ifdef TARGA_SUPPORTED
-  case FMT_TARGA:
-    dest_mgr = jinit_write_targa(&cinfo);
-    break;
-#endif
-  default:
-    ERREXIT(&cinfo, JERR_UNSUPPORTED_FORMAT);
-    break;
-  }
-  dest_mgr->output_file = output_file;
-
-  /* Start decompressor */
-  (void)jpeg_start_decompress(&cinfo);
-
-  /* Skip rows */
-  if (skip) {
-    JDIMENSION tmp;
-
-    /* Check for valid skip_end.  We cannot check this value until after
-     * jpeg_start_decompress() is called.  Note that we have already verified
-     * that skip_start <= skip_end.
-     */
-    if (skip_end > cinfo.output_height - 1) {
-      fprintf(stderr, "%s: skip region exceeds image height %d\n", progname,
-              cinfo.output_height);
-      exit(EXIT_FAILURE);
-    }
-
-    /* Write output file header.  This is a hack to ensure that the destination
-     * manager creates an output image of the proper size.
-     */
-    tmp = cinfo.output_height;
-    cinfo.output_height -= (skip_end - skip_start + 1);
-    (*dest_mgr->start_output) (&cinfo, dest_mgr);
-    cinfo.output_height = tmp;
-
-    /* Process data */
-    while (cinfo.output_scanline < skip_start) {
-      num_scanlines = jpeg_read_scanlines(&cinfo, dest_mgr->buffer,
-                                          dest_mgr->buffer_height);
-      (*dest_mgr->put_pixel_rows) (&cinfo, dest_mgr, num_scanlines);
-    }
-    if ((tmp = jpeg_skip_scanlines(&cinfo, skip_end - skip_start + 1)) !=
-        skip_end - skip_start + 1) {
-      fprintf(stderr, "%s: jpeg_skip_scanlines() returned %d rather than %d\n",
-              progname, tmp, skip_end - skip_start + 1);
-      exit(EXIT_FAILURE);
-    }
-    while (cinfo.output_scanline < cinfo.output_height) {
-      num_scanlines = jpeg_read_scanlines(&cinfo, dest_mgr->buffer,
-                                          dest_mgr->buffer_height);
-      (*dest_mgr->put_pixel_rows) (&cinfo, dest_mgr, num_scanlines);
-    }
-
-  /* Decompress a subregion */
-  } else if (crop) {
-    JDIMENSION tmp;
-
-    /* Check for valid crop dimensions.  We cannot check these values until
-     * after jpeg_start_decompress() is called.
-     */
-    if (crop_x + crop_width > cinfo.output_width ||
-        crop_y + crop_height > cinfo.output_height) {
-      fprintf(stderr, "%s: crop dimensions exceed image dimensions %d x %d\n",
-              progname, cinfo.output_width, cinfo.output_height);
-      exit(EXIT_FAILURE);
-    }
-
-    jpeg_crop_scanline(&cinfo, &crop_x, &crop_width);
-    if (dest_mgr->calc_buffer_dimensions)
-      (*dest_mgr->calc_buffer_dimensions) (&cinfo, dest_mgr);
-    else
-      ERREXIT(&cinfo, JERR_UNSUPPORTED_FORMAT);
-
-    /* Write output file header.  This is a hack to ensure that the destination
-     * manager creates an output image of the proper size.
-     */
-    tmp = cinfo.output_height;
-    cinfo.output_height = crop_height;
-    (*dest_mgr->start_output) (&cinfo, dest_mgr);
-    cinfo.output_height = tmp;
-
-    /* Process data */
-    if ((tmp = jpeg_skip_scanlines(&cinfo, crop_y)) != crop_y) {
-      fprintf(stderr, "%s: jpeg_skip_scanlines() returned %d rather than %d\n",
-              progname, tmp, crop_y);
-      exit(EXIT_FAILURE);
-    }
-    while (cinfo.output_scanline < crop_y + crop_height) {
-      num_scanlines = jpeg_read_scanlines(&cinfo, dest_mgr->buffer,
-                                          dest_mgr->buffer_height);
-      (*dest_mgr->put_pixel_rows) (&cinfo, dest_mgr, num_scanlines);
-    }
-    if ((tmp =
-         jpeg_skip_scanlines(&cinfo,
-                             cinfo.output_height - crop_y - crop_height)) !=
-        cinfo.output_height - crop_y - crop_height) {
-      fprintf(stderr, "%s: jpeg_skip_scanlines() returned %d rather than %d\n",
-              progname, tmp, cinfo.output_height - crop_y - crop_height);
-      exit(EXIT_FAILURE);
-    }
-
-  /* Normal full-image decompress */
-  } else {
-    /* Write output file header */
-    (*dest_mgr->start_output) (&cinfo, dest_mgr);
-
-    /* Process data */
-    while (cinfo.output_scanline < cinfo.output_height) {
-      num_scanlines = jpeg_read_scanlines(&cinfo, dest_mgr->buffer,
-                                          dest_mgr->buffer_height);
-      (*dest_mgr->put_pixel_rows) (&cinfo, dest_mgr, num_scanlines);
-    }
-  }
-
-  /* Hack: count final pass as done in case finish_output does an extra pass.
-   * The library won't have updated completed_passes.
-   */
-  if (report || max_scans != 0)
-    progress.pub.completed_passes = progress.pub.total_passes;
-
-  if (icc_filename != NULL) {
-    FILE *icc_file;
-    JOCTET *icc_profile;
-    unsigned int icc_len;
-
-    if ((icc_file = fopen(icc_filename, WRITE_BINARY)) == NULL) {
-      fprintf(stderr, "%s: can't open %s\n", progname, icc_filename);
-      exit(EXIT_FAILURE);
-    }
-    if (jpeg_read_icc_profile(&cinfo, &icc_profile, &icc_len)) {
-      if (fwrite(icc_profile, icc_len, 1, icc_file) < 1) {
-        fprintf(stderr, "%s: can't read ICC profile from %s\n", progname,
-                icc_filename);
-        free(icc_profile);
-        fclose(icc_file);
-        exit(EXIT_FAILURE);
-      }
-      free(icc_profile);
-      fclose(icc_file);
-    } else if (cinfo.err->msg_code != JWRN_BOGUS_ICC)
-      fprintf(stderr, "%s: no ICC profile data in JPEG file\n", progname);
-  }
-
-  /* Finish decompression and release memory.
-   * I must do it in this order because output module has allocated memory
-   * of lifespan JPOOL_IMAGE; it needs to finish before releasing memory.
-   */
-  (*dest_mgr->finish_output) (&cinfo, dest_mgr);
-  (void)jpeg_finish_decompress(&cinfo);
-  jpeg_destroy_decompress(&cinfo);
-
-  /* Close files, if we opened them */
-  if (input_file != stdin)
-    fclose(input_file);
-  if (output_file != stdout)
-    fclose(output_file);
-
-  if (report || max_scans != 0)
-    end_progress_monitor((j_common_ptr)&cinfo);
-
-  if (memsrc)
-    free(inbuffer);
-
-  /* All done. */
-  exit(jerr.num_warnings ? EXIT_WARNING : EXIT_SUCCESS);
-  return 0;                     /* suppress no-return-value warnings */
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/annotated.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/annotated.html
deleted file mode 100644
index b7773dd..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/annotated.html
+++ /dev/null
@@ -1,83 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta http-equiv="X-UA-Compatible" content="IE=9"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<meta name="viewport" content="width=device-width, initial-scale=1"/>
-<title>TurboJPEG: Data Structures</title>
-<link href="tabs.css" rel="stylesheet" type="text/css"/>
-<script type="text/javascript" src="jquery.js"></script>
-<script type="text/javascript" src="dynsections.js"></script>
-<link href="search/search.css" rel="stylesheet" type="text/css"/>
-<script type="text/javascript" src="search/searchdata.js"></script>
-<script type="text/javascript" src="search/search.js"></script>
-<link href="doxygen.css" rel="stylesheet" type="text/css" />
-<link href="doxygen-extra.css" rel="stylesheet" type="text/css"/>
-</head>
-<body>
-<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
-<div id="titlearea">
-<table cellspacing="0" cellpadding="0">
- <tbody>
- <tr style="height: 56px;">
-  <td id="projectalign" style="padding-left: 0.5em;">
-   <div id="projectname">TurboJPEG
-   &#160;<span id="projectnumber">2.1</span>
-   </div>
-  </td>
- </tr>
- </tbody>
-</table>
-</div>
-<!-- end header part -->
-<!-- Generated by Doxygen 1.8.20 -->
-<script type="text/javascript">
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-var searchBox = new SearchBox("searchBox", "search",false,'Search');
-/* @license-end */
-</script>
-<script type="text/javascript" src="menudata.js"></script>
-<script type="text/javascript" src="menu.js"></script>
-<script type="text/javascript">
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-$(function() {
-  initMenu('',true,false,'search.php','Search');
-  $(document).ready(function() { init_search(); });
-});
-/* @license-end */</script>
-<div id="main-nav"></div>
-</div><!-- top -->
-<!-- window showing the filter options -->
-<div id="MSearchSelectWindow"
-     onmouseover="return searchBox.OnSearchSelectShow()"
-     onmouseout="return searchBox.OnSearchSelectHide()"
-     onkeydown="return searchBox.OnSearchSelectKey(event)">
-</div>
-
-<!-- iframe showing the search results (closed by default) -->
-<div id="MSearchResultsWindow">
-<iframe src="javascript:void(0)" frameborder="0" 
-        name="MSearchResults" id="MSearchResults">
-</iframe>
-</div>
-
-<div class="header">
-  <div class="headertitle">
-<div class="title">Data Structures</div>  </div>
-</div><!--header-->
-<div class="contents">
-<div class="textblock">Here are the data structures with brief descriptions:</div><div class="directory">
-<table class="directory">
-<tr id="row_0_" class="even"><td class="entry"><span style="width:16px;display:inline-block;">&#160;</span><span class="icona"><span class="icon">C</span></span><a class="el" href="structtjregion.html" target="_self">tjregion</a></td><td class="desc">Cropping region </td></tr>
-<tr id="row_1_"><td class="entry"><span style="width:16px;display:inline-block;">&#160;</span><span class="icona"><span class="icon">C</span></span><a class="el" href="structtjscalingfactor.html" target="_self">tjscalingfactor</a></td><td class="desc">Scaling factor </td></tr>
-<tr id="row_2_" class="even"><td class="entry"><span style="width:16px;display:inline-block;">&#160;</span><span class="icona"><span class="icon">C</span></span><a class="el" href="structtjtransform.html" target="_self">tjtransform</a></td><td class="desc">Lossless transform </td></tr>
-</table>
-</div><!-- directory -->
-</div><!-- contents -->
-<!-- start footer part -->
-<hr class="footer"/><address class="footer"><small>
-Generated by&#160;<a href="http://www.doxygen.org/index.html"><img class="footer" src="doxygen.svg" width="104" height="31" alt="doxygen"/></a> 1.8.20
-</small></address>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/bc_s.png b/3rdparty/libjpeg-turbo_2_1_0/doc/html/bc_s.png
deleted file mode 100644
index 224b29a..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/doc/html/bc_s.png and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/bdwn.png b/3rdparty/libjpeg-turbo_2_1_0/doc/html/bdwn.png
deleted file mode 100644
index 940a0b9..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/doc/html/bdwn.png and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/classes.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/classes.html
deleted file mode 100644
index bfcf32a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/classes.html
+++ /dev/null
@@ -1,89 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta http-equiv="X-UA-Compatible" content="IE=9"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<meta name="viewport" content="width=device-width, initial-scale=1"/>
-<title>TurboJPEG: Data Structure Index</title>
-<link href="tabs.css" rel="stylesheet" type="text/css"/>
-<script type="text/javascript" src="jquery.js"></script>
-<script type="text/javascript" src="dynsections.js"></script>
-<link href="search/search.css" rel="stylesheet" type="text/css"/>
-<script type="text/javascript" src="search/searchdata.js"></script>
-<script type="text/javascript" src="search/search.js"></script>
-<link href="doxygen.css" rel="stylesheet" type="text/css" />
-<link href="doxygen-extra.css" rel="stylesheet" type="text/css"/>
-</head>
-<body>
-<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
-<div id="titlearea">
-<table cellspacing="0" cellpadding="0">
- <tbody>
- <tr style="height: 56px;">
-  <td id="projectalign" style="padding-left: 0.5em;">
-   <div id="projectname">TurboJPEG
-   &#160;<span id="projectnumber">2.1</span>
-   </div>
-  </td>
- </tr>
- </tbody>
-</table>
-</div>
-<!-- end header part -->
-<!-- Generated by Doxygen 1.8.20 -->
-<script type="text/javascript">
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-var searchBox = new SearchBox("searchBox", "search",false,'Search');
-/* @license-end */
-</script>
-<script type="text/javascript" src="menudata.js"></script>
-<script type="text/javascript" src="menu.js"></script>
-<script type="text/javascript">
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-$(function() {
-  initMenu('',true,false,'search.php','Search');
-  $(document).ready(function() { init_search(); });
-});
-/* @license-end */</script>
-<div id="main-nav"></div>
-</div><!-- top -->
-<!-- window showing the filter options -->
-<div id="MSearchSelectWindow"
-     onmouseover="return searchBox.OnSearchSelectShow()"
-     onmouseout="return searchBox.OnSearchSelectHide()"
-     onkeydown="return searchBox.OnSearchSelectKey(event)">
-</div>
-
-<!-- iframe showing the search results (closed by default) -->
-<div id="MSearchResultsWindow">
-<iframe src="javascript:void(0)" frameborder="0" 
-        name="MSearchResults" id="MSearchResults">
-</iframe>
-</div>
-
-<div class="header">
-  <div class="headertitle">
-<div class="title">Data Structure Index</div>  </div>
-</div><!--header-->
-<div class="contents">
-<div class="qindex"><a class="qindex" href="#letter_t">t</a></div>
-<table class="classindex">
-<tr><td rowspan="2" valign="bottom"><a name="letter_t"></a><table border="0" cellspacing="0" cellpadding="0"><tr><td><div class="ah">&#160;&#160;t&#160;&#160;</div></td></tr></table>
-</td>
-<td valign="top"><a class="el" href="structtjscalingfactor.html">tjscalingfactor</a>&#160;&#160;&#160;</td>
-<td valign="top"><a class="el" href="structtjtransform.html">tjtransform</a>&#160;&#160;&#160;</td>
-<td></td></tr>
-<tr><td></td><td></td><td></td></tr>
-<tr><td valign="top"><a class="el" href="structtjregion.html">tjregion</a>&#160;&#160;&#160;</td>
-<td></td><td></td><td></td></tr>
-<tr><td></td><td></td><td></td><td></td></tr>
-</table>
-<div class="qindex"><a class="qindex" href="#letter_t">t</a></div>
-</div><!-- contents -->
-<!-- start footer part -->
-<hr class="footer"/><address class="footer"><small>
-Generated by&#160;<a href="http://www.doxygen.org/index.html"><img class="footer" src="doxygen.svg" width="104" height="31" alt="doxygen"/></a> 1.8.20
-</small></address>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/closed.png b/3rdparty/libjpeg-turbo_2_1_0/doc/html/closed.png
deleted file mode 100644
index 98cc2c9..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/doc/html/closed.png and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/doc.png b/3rdparty/libjpeg-turbo_2_1_0/doc/html/doc.png
deleted file mode 100644
index 17edabf..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/doc/html/doc.png and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/doxygen-extra.css b/3rdparty/libjpeg-turbo_2_1_0/doc/html/doxygen-extra.css
deleted file mode 100644
index f1bd4c2..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/doxygen-extra.css
+++ /dev/null
@@ -1,3 +0,0 @@
-code {
-	color: #4665A2;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/doxygen.css b/3rdparty/libjpeg-turbo_2_1_0/doc/html/doxygen.css
deleted file mode 100644
index f640966..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/doxygen.css
+++ /dev/null
@@ -1,1732 +0,0 @@
-/* The standard CSS for doxygen 1.8.20 */
-
-body, table, div, p, dl {
-	font: 400 14px/22px Roboto,sans-serif;
-}
-
-p.reference, p.definition {
-	font: 400 14px/22px Roboto,sans-serif;
-}
-
-/* @group Heading Levels */
-
-h1.groupheader {
-	font-size: 150%;
-}
-
-.title {
-	font: 400 14px/28px Roboto,sans-serif;
-	font-size: 150%;
-	font-weight: bold;
-	margin: 10px 2px;
-}
-
-h2.groupheader {
-	border-bottom: 1px solid #879ECB;
-	color: #354C7B;
-	font-size: 150%;
-	font-weight: normal;
-	margin-top: 1.75em;
-	padding-top: 8px;
-	padding-bottom: 4px;
-	width: 100%;
-}
-
-h3.groupheader {
-	font-size: 100%;
-}
-
-h1, h2, h3, h4, h5, h6 {
-	-webkit-transition: text-shadow 0.5s linear;
-	-moz-transition: text-shadow 0.5s linear;
-	-ms-transition: text-shadow 0.5s linear;
-	-o-transition: text-shadow 0.5s linear;
-	transition: text-shadow 0.5s linear;
-	margin-right: 15px;
-}
-
-h1.glow, h2.glow, h3.glow, h4.glow, h5.glow, h6.glow {
-	text-shadow: 0 0 15px cyan;
-}
-
-dt {
-	font-weight: bold;
-}
-
-ul.multicol {
-	-moz-column-gap: 1em;
-	-webkit-column-gap: 1em;
-	column-gap: 1em;
-	-moz-column-count: 3;
-	-webkit-column-count: 3;
-	column-count: 3;
-}
-
-p.startli, p.startdd {
-	margin-top: 2px;
-}
-
-th p.starttd, th p.intertd, th p.endtd {
-        font-size: 100%;
-        font-weight: 700;
-}
-
-p.starttd {
-	margin-top: 0px;
-}
-
-p.endli {
-	margin-bottom: 0px;
-}
-
-p.enddd {
-	margin-bottom: 4px;
-}
-
-p.endtd {
-	margin-bottom: 2px;
-}
-
-p.interli {
-}
-
-p.interdd {
-}
-
-p.intertd {
-}
-
-/* @end */
-
-caption {
-	font-weight: bold;
-}
-
-span.legend {
-        font-size: 70%;
-        text-align: center;
-}
-
-h3.version {
-        font-size: 90%;
-        text-align: center;
-}
-
-div.qindex, div.navtab{
-	background-color: #EBEFF6;
-	border: 1px solid #A3B4D7;
-	text-align: center;
-}
-
-div.qindex, div.navpath {
-	width: 100%;
-	line-height: 140%;
-}
-
-div.navtab {
-	margin-right: 15px;
-}
-
-/* @group Link Styling */
-
-a {
-	color: #3D578C;
-	font-weight: normal;
-	text-decoration: none;
-}
-
-.contents a:visited {
-	color: #4665A2;
-}
-
-a:hover {
-	text-decoration: underline;
-}
-
-a.qindex {
-	font-weight: bold;
-}
-
-a.qindexHL {
-	font-weight: bold;
-	background-color: #9CAFD4;
-	color: #FFFFFF;
-	border: 1px double #869DCA;
-}
-
-.contents a.qindexHL:visited {
-        color: #FFFFFF;
-}
-
-a.el {
-	font-weight: bold;
-}
-
-a.elRef {
-}
-
-a.code, a.code:visited, a.line, a.line:visited {
-	color: #4665A2; 
-}
-
-a.codeRef, a.codeRef:visited, a.lineRef, a.lineRef:visited {
-	color: #4665A2; 
-}
-
-/* @end */
-
-dl.el {
-	margin-left: -1cm;
-}
-
-ul {
-  overflow: hidden; /*Fixed: list item bullets overlap floating elements*/
-}
-
-#side-nav ul {
-  overflow: visible; /* reset ul rule for scroll bar in GENERATE_TREEVIEW window */
-}
-
-#main-nav ul {
-  overflow: visible; /* reset ul rule for the navigation bar drop down lists */
-}
-
-.fragment {
-  text-align: left;
-  direction: ltr;
-  overflow-x: auto; /*Fixed: fragment lines overlap floating elements*/
-  overflow-y: hidden;
-}
-
-pre.fragment {
-        border: 1px solid #C4CFE5;
-        background-color: #FBFCFD;
-        padding: 4px 6px;
-        margin: 4px 8px 4px 2px;
-        overflow: auto;
-        word-wrap: break-word;
-        font-size:  9pt;
-        line-height: 125%;
-        font-family: monospace, fixed;
-        font-size: 105%;
-}
-
-div.fragment {
-  padding: 0 0 1px 0; /*Fixed: last line underline overlap border*/
-  margin: 4px 8px 4px 2px;
-	background-color: #FBFCFD;
-	border: 1px solid #C4CFE5;
-}
-
-div.line {
-	font-family: monospace, fixed;
-        font-size: 13px;
-	min-height: 13px;
-	line-height: 1.0;
-	text-wrap: unrestricted;
-	white-space: -moz-pre-wrap; /* Moz */
-	white-space: -pre-wrap;     /* Opera 4-6 */
-	white-space: -o-pre-wrap;   /* Opera 7 */
-	white-space: pre-wrap;      /* CSS3  */
-	word-wrap: break-word;      /* IE 5.5+ */
-	text-indent: -53px;
-	padding-left: 53px;
-	padding-bottom: 0px;
-	margin: 0px;
-	-webkit-transition-property: background-color, box-shadow;
-	-webkit-transition-duration: 0.5s;
-	-moz-transition-property: background-color, box-shadow;
-	-moz-transition-duration: 0.5s;
-	-ms-transition-property: background-color, box-shadow;
-	-ms-transition-duration: 0.5s;
-	-o-transition-property: background-color, box-shadow;
-	-o-transition-duration: 0.5s;
-	transition-property: background-color, box-shadow;
-	transition-duration: 0.5s;
-}
-
-div.line:after {
-    content:"\000A";
-    white-space: pre;
-}
-
-div.line.glow {
-	background-color: cyan;
-	box-shadow: 0 0 10px cyan;
-}
-
-
-span.lineno {
-	padding-right: 4px;
-	text-align: right;
-	border-right: 2px solid #0F0;
-	background-color: #E8E8E8;
-        white-space: pre;
-}
-span.lineno a {
-	background-color: #D8D8D8;
-}
-
-span.lineno a:hover {
-	background-color: #C8C8C8;
-}
-
-.lineno {
-	-webkit-touch-callout: none;
-	-webkit-user-select: none;
-	-khtml-user-select: none;
-	-moz-user-select: none;
-	-ms-user-select: none;
-	user-select: none;
-}
-
-div.ah, span.ah {
-	background-color: black;
-	font-weight: bold;
-	color: #FFFFFF;
-	margin-bottom: 3px;
-	margin-top: 3px;
-	padding: 0.2em;
-	border: solid thin #333;
-	border-radius: 0.5em;
-	-webkit-border-radius: .5em;
-	-moz-border-radius: .5em;
-	box-shadow: 2px 2px 3px #999;
-	-webkit-box-shadow: 2px 2px 3px #999;
-	-moz-box-shadow: rgba(0, 0, 0, 0.15) 2px 2px 2px;
-	background-image: -webkit-gradient(linear, left top, left bottom, from(#eee), to(#000),color-stop(0.3, #444));
-	background-image: -moz-linear-gradient(center top, #eee 0%, #444 40%, #000 110%);
-}
-
-div.classindex ul {
-        list-style: none;
-        padding-left: 0;
-}
-
-div.classindex span.ai {
-        display: inline-block;
-}
-
-div.groupHeader {
-	margin-left: 16px;
-	margin-top: 12px;
-	font-weight: bold;
-}
-
-div.groupText {
-	margin-left: 16px;
-	font-style: italic;
-}
-
-body {
-	background-color: white;
-	color: black;
-        margin: 0;
-}
-
-div.contents {
-	margin-top: 10px;
-	margin-left: 12px;
-	margin-right: 8px;
-}
-
-td.indexkey {
-	background-color: #EBEFF6;
-	font-weight: bold;
-	border: 1px solid #C4CFE5;
-	margin: 2px 0px 2px 0;
-	padding: 2px 10px;
-        white-space: nowrap;
-        vertical-align: top;
-}
-
-td.indexvalue {
-	background-color: #EBEFF6;
-	border: 1px solid #C4CFE5;
-	padding: 2px 10px;
-	margin: 2px 0px;
-}
-
-tr.memlist {
-	background-color: #EEF1F7;
-}
-
-p.formulaDsp {
-	text-align: center;
-}
-
-img.formulaDsp {
-	
-}
-
-img.formulaInl, img.inline {
-	vertical-align: middle;
-}
-
-div.center {
-	text-align: center;
-        margin-top: 0px;
-        margin-bottom: 0px;
-        padding: 0px;
-}
-
-div.center img {
-	border: 0px;
-}
-
-address.footer {
-	text-align: right;
-	padding-right: 12px;
-}
-
-img.footer {
-	border: 0px;
-	vertical-align: middle;
-}
-
-/* @group Code Colorization */
-
-span.keyword {
-	color: #008000
-}
-
-span.keywordtype {
-	color: #604020
-}
-
-span.keywordflow {
-	color: #e08000
-}
-
-span.comment {
-	color: #800000
-}
-
-span.preprocessor {
-	color: #806020
-}
-
-span.stringliteral {
-	color: #002080
-}
-
-span.charliteral {
-	color: #008080
-}
-
-span.vhdldigit { 
-	color: #ff00ff 
-}
-
-span.vhdlchar { 
-	color: #000000 
-}
-
-span.vhdlkeyword { 
-	color: #700070 
-}
-
-span.vhdllogic { 
-	color: #ff0000 
-}
-
-blockquote {
-        background-color: #F7F8FB;
-        border-left: 2px solid #9CAFD4;
-        margin: 0 24px 0 4px;
-        padding: 0 12px 0 16px;
-}
-
-blockquote.DocNodeRTL {
-   border-left: 0;
-   border-right: 2px solid #9CAFD4;
-   margin: 0 4px 0 24px;
-   padding: 0 16px 0 12px;
-}
-
-/* @end */
-
-/*
-.search {
-	color: #003399;
-	font-weight: bold;
-}
-
-form.search {
-	margin-bottom: 0px;
-	margin-top: 0px;
-}
-
-input.search {
-	font-size: 75%;
-	color: #000080;
-	font-weight: normal;
-	background-color: #e8eef2;
-}
-*/
-
-td.tiny {
-	font-size: 75%;
-}
-
-.dirtab {
-	padding: 4px;
-	border-collapse: collapse;
-	border: 1px solid #A3B4D7;
-}
-
-th.dirtab {
-	background: #EBEFF6;
-	font-weight: bold;
-}
-
-hr {
-	height: 0px;
-	border: none;
-	border-top: 1px solid #4A6AAA;
-}
-
-hr.footer {
-	height: 1px;
-}
-
-/* @group Member Descriptions */
-
-table.memberdecls {
-	border-spacing: 0px;
-	padding: 0px;
-}
-
-.memberdecls td, .fieldtable tr {
-	-webkit-transition-property: background-color, box-shadow;
-	-webkit-transition-duration: 0.5s;
-	-moz-transition-property: background-color, box-shadow;
-	-moz-transition-duration: 0.5s;
-	-ms-transition-property: background-color, box-shadow;
-	-ms-transition-duration: 0.5s;
-	-o-transition-property: background-color, box-shadow;
-	-o-transition-duration: 0.5s;
-	transition-property: background-color, box-shadow;
-	transition-duration: 0.5s;
-}
-
-.memberdecls td.glow, .fieldtable tr.glow {
-	background-color: cyan;
-	box-shadow: 0 0 15px cyan;
-}
-
-.mdescLeft, .mdescRight,
-.memItemLeft, .memItemRight,
-.memTemplItemLeft, .memTemplItemRight, .memTemplParams {
-	background-color: #F9FAFC;
-	border: none;
-	margin: 4px;
-	padding: 1px 0 0 8px;
-}
-
-.mdescLeft, .mdescRight {
-	padding: 0px 8px 4px 8px;
-	color: #555;
-}
-
-.memSeparator {
-        border-bottom: 1px solid #DEE4F0;
-        line-height: 1px;
-        margin: 0px;
-        padding: 0px;
-}
-
-.memItemLeft, .memTemplItemLeft {
-        white-space: nowrap;
-}
-
-.memItemRight, .memTemplItemRight {
-	width: 100%;
-}
-
-.memTemplParams {
-	color: #4665A2;
-        white-space: nowrap;
-	font-size: 80%;
-}
-
-/* @end */
-
-/* @group Member Details */
-
-/* Styles for detailed member documentation */
-
-.memtitle {
-	padding: 8px;
-	border-top: 1px solid #A8B8D9;
-	border-left: 1px solid #A8B8D9;
-	border-right: 1px solid #A8B8D9;
-	border-top-right-radius: 4px;
-	border-top-left-radius: 4px;
-	margin-bottom: -1px;
-	background-image: url('nav_f.png');
-	background-repeat: repeat-x;
-	background-color: #E2E8F2;
-	line-height: 1.25;
-	font-weight: 300;
-	float:left;
-}
-
-.permalink
-{
-        font-size: 65%;
-        display: inline-block;
-        vertical-align: middle;
-}
-
-.memtemplate {
-	font-size: 80%;
-	color: #4665A2;
-	font-weight: normal;
-	margin-left: 9px;
-}
-
-.memnav {
-	background-color: #EBEFF6;
-	border: 1px solid #A3B4D7;
-	text-align: center;
-	margin: 2px;
-	margin-right: 15px;
-	padding: 2px;
-}
-
-.mempage {
-	width: 100%;
-}
-
-.memitem {
-	padding: 0;
-	margin-bottom: 10px;
-	margin-right: 5px;
-        -webkit-transition: box-shadow 0.5s linear;
-        -moz-transition: box-shadow 0.5s linear;
-        -ms-transition: box-shadow 0.5s linear;
-        -o-transition: box-shadow 0.5s linear;
-        transition: box-shadow 0.5s linear;
-        display: table !important;
-        width: 100%;
-}
-
-.memitem.glow {
-         box-shadow: 0 0 15px cyan;
-}
-
-.memname {
-        font-weight: 400;
-        margin-left: 6px;
-}
-
-.memname td {
-	vertical-align: bottom;
-}
-
-.memproto, dl.reflist dt {
-        border-top: 1px solid #A8B8D9;
-        border-left: 1px solid #A8B8D9;
-        border-right: 1px solid #A8B8D9;
-        padding: 6px 0px 6px 0px;
-        color: #253555;
-        font-weight: bold;
-        text-shadow: 0px 1px 1px rgba(255, 255, 255, 0.9);
-        background-color: #DFE5F1;
-        /* opera specific markup */
-        box-shadow: 5px 5px 5px rgba(0, 0, 0, 0.15);
-        border-top-right-radius: 4px;
-        /* firefox specific markup */
-        -moz-box-shadow: rgba(0, 0, 0, 0.15) 5px 5px 5px;
-        -moz-border-radius-topright: 4px;
-        /* webkit specific markup */
-        -webkit-box-shadow: 5px 5px 5px rgba(0, 0, 0, 0.15);
-        -webkit-border-top-right-radius: 4px;
-
-}
-
-.overload {
-        font-family: "courier new",courier,monospace;
-	font-size: 65%;
-}
-
-.memdoc, dl.reflist dd {
-        border-bottom: 1px solid #A8B8D9;      
-        border-left: 1px solid #A8B8D9;      
-        border-right: 1px solid #A8B8D9; 
-        padding: 6px 10px 2px 10px;
-        background-color: #FBFCFD;
-        border-top-width: 0;
-        background-image:url('nav_g.png');
-        background-repeat:repeat-x;
-        background-color: #FFFFFF;
-        /* opera specific markup */
-        border-bottom-left-radius: 4px;
-        border-bottom-right-radius: 4px;
-        box-shadow: 5px 5px 5px rgba(0, 0, 0, 0.15);
-        /* firefox specific markup */
-        -moz-border-radius-bottomleft: 4px;
-        -moz-border-radius-bottomright: 4px;
-        -moz-box-shadow: rgba(0, 0, 0, 0.15) 5px 5px 5px;
-        /* webkit specific markup */
-        -webkit-border-bottom-left-radius: 4px;
-        -webkit-border-bottom-right-radius: 4px;
-        -webkit-box-shadow: 5px 5px 5px rgba(0, 0, 0, 0.15);
-}
-
-dl.reflist dt {
-        padding: 5px;
-}
-
-dl.reflist dd {
-        margin: 0px 0px 10px 0px;
-        padding: 5px;
-}
-
-.paramkey {
-	text-align: right;
-}
-
-.paramtype {
-	white-space: nowrap;
-}
-
-.paramname {
-	color: #602020;
-	white-space: nowrap;
-}
-.paramname em {
-	font-style: normal;
-}
-.paramname code {
-        line-height: 14px;
-}
-
-.params, .retval, .exception, .tparams {
-        margin-left: 0px;
-        padding-left: 0px;
-}       
-
-.params .paramname, .retval .paramname, .tparams .paramname, .exception .paramname {
-        font-weight: bold;
-        vertical-align: top;
-}
-        
-.params .paramtype, .tparams .paramtype {
-        font-style: italic;
-        vertical-align: top;
-}       
-        
-.params .paramdir, .tparams .paramdir {
-        font-family: "courier new",courier,monospace;
-        vertical-align: top;
-}
-
-table.mlabels {
-	border-spacing: 0px;
-}
-
-td.mlabels-left {
-	width: 100%;
-	padding: 0px;
-}
-
-td.mlabels-right {
-	vertical-align: bottom;
-	padding: 0px;
-	white-space: nowrap;
-}
-
-span.mlabels {
-        margin-left: 8px;
-}
-
-span.mlabel {
-        background-color: #728DC1;
-        border-top:1px solid #5373B4;
-        border-left:1px solid #5373B4;
-        border-right:1px solid #C4CFE5;
-        border-bottom:1px solid #C4CFE5;
-	text-shadow: none;
-	color: white;
-	margin-right: 4px;
-	padding: 2px 3px;
-	border-radius: 3px;
-	font-size: 7pt;
-	white-space: nowrap;
-	vertical-align: middle;
-}
-
-
-
-/* @end */
-
-/* these are for tree view inside a (index) page */
-
-div.directory {
-        margin: 10px 0px;
-        border-top: 1px solid #9CAFD4;
-        border-bottom: 1px solid #9CAFD4;
-        width: 100%;
-}
-
-.directory table {
-        border-collapse:collapse;
-}
-
-.directory td {
-        margin: 0px;
-        padding: 0px;
-	vertical-align: top;
-}
-
-.directory td.entry {
-        white-space: nowrap;
-        padding-right: 6px;
-	padding-top: 3px;
-}
-
-.directory td.entry a {
-        outline:none;
-}
-
-.directory td.entry a img {
-        border: none;
-}
-
-.directory td.desc {
-        width: 100%;
-        padding-left: 6px;
-	padding-right: 6px;
-	padding-top: 3px;
-	border-left: 1px solid rgba(0,0,0,0.05);
-}
-
-.directory tr.even {
-	padding-left: 6px;
-	background-color: #F7F8FB;
-}
-
-.directory img {
-	vertical-align: -30%;
-}
-
-.directory .levels {
-        white-space: nowrap;
-        width: 100%;
-        text-align: right;
-        font-size: 9pt;
-}
-
-.directory .levels span {
-        cursor: pointer;
-        padding-left: 2px;
-        padding-right: 2px;
-	color: #3D578C;
-}
-
-.arrow {
-    color: #9CAFD4;
-    -webkit-user-select: none;
-    -khtml-user-select: none;
-    -moz-user-select: none;
-    -ms-user-select: none;
-    user-select: none;
-    cursor: pointer;
-    font-size: 80%;
-    display: inline-block;
-    width: 16px;
-    height: 22px;
-}
-
-.icon {
-    font-family: Arial, Helvetica;
-    font-weight: bold;
-    font-size: 12px;
-    height: 14px;
-    width: 16px;
-    display: inline-block;
-    background-color: #728DC1;
-    color: white;
-    text-align: center;
-    border-radius: 4px;
-    margin-left: 2px;
-    margin-right: 2px;
-}
-
-.icona {
-    width: 24px;
-    height: 22px;
-    display: inline-block;
-}
-
-.iconfopen {
-    width: 24px;
-    height: 18px;
-    margin-bottom: 4px;
-    background-image:url('folderopen.png');
-    background-position: 0px -4px;
-    background-repeat: repeat-y;
-    vertical-align:top;
-    display: inline-block;
-}
-
-.iconfclosed {
-    width: 24px;
-    height: 18px;
-    margin-bottom: 4px;
-    background-image:url('folderclosed.png');
-    background-position: 0px -4px;
-    background-repeat: repeat-y;
-    vertical-align:top;
-    display: inline-block;
-}
-
-.icondoc {
-    width: 24px;
-    height: 18px;
-    margin-bottom: 4px;
-    background-image:url('doc.png');
-    background-position: 0px -4px;
-    background-repeat: repeat-y;
-    vertical-align:top;
-    display: inline-block;
-}
-
-table.directory {
-    font: 400 14px Roboto,sans-serif;
-}
-
-/* @end */
-
-div.dynheader {
-        margin-top: 8px;
-	-webkit-touch-callout: none;
-	-webkit-user-select: none;
-	-khtml-user-select: none;
-	-moz-user-select: none;
-	-ms-user-select: none;
-	user-select: none;
-}
-
-address {
-	font-style: normal;
-	color: #2A3D61;
-}
-
-table.doxtable caption {
-	caption-side: top;
-}
-
-table.doxtable {
-	border-collapse:collapse;
-        margin-top: 4px;
-        margin-bottom: 4px;
-}
-
-table.doxtable td, table.doxtable th {
-	border: 1px solid #2D4068;
-	padding: 3px 7px 2px;
-}
-
-table.doxtable th {
-	background-color: #374F7F;
-	color: #FFFFFF;
-	font-size: 110%;
-	padding-bottom: 4px;
-	padding-top: 5px;
-}
-
-table.fieldtable {
-        /*width: 100%;*/
-        margin-bottom: 10px;
-        border: 1px solid #A8B8D9;
-        border-spacing: 0px;
-        -moz-border-radius: 4px;
-        -webkit-border-radius: 4px;
-        border-radius: 4px;
-        -moz-box-shadow: rgba(0, 0, 0, 0.15) 2px 2px 2px;
-        -webkit-box-shadow: 2px 2px 2px rgba(0, 0, 0, 0.15);
-        box-shadow: 2px 2px 2px rgba(0, 0, 0, 0.15);
-}
-
-.fieldtable td, .fieldtable th {
-        padding: 3px 7px 2px;
-}
-
-.fieldtable td.fieldtype, .fieldtable td.fieldname {
-        white-space: nowrap;
-        border-right: 1px solid #A8B8D9;
-        border-bottom: 1px solid #A8B8D9;
-        vertical-align: top;
-}
-
-.fieldtable td.fieldname {
-        padding-top: 3px;
-}
-
-.fieldtable td.fielddoc {
-        border-bottom: 1px solid #A8B8D9;
-        /*width: 100%;*/
-}
-
-.fieldtable td.fielddoc p:first-child {
-        margin-top: 0px;
-}       
-        
-.fieldtable td.fielddoc p:last-child {
-        margin-bottom: 2px;
-}
-
-.fieldtable tr:last-child td {
-        border-bottom: none;
-}
-
-.fieldtable th {
-        background-image:url('nav_f.png');
-        background-repeat:repeat-x;
-        background-color: #E2E8F2;
-        font-size: 90%;
-        color: #253555;
-        padding-bottom: 4px;
-        padding-top: 5px;
-        text-align:left;
-        font-weight: 400;
-        -moz-border-radius-topleft: 4px;
-        -moz-border-radius-topright: 4px;
-        -webkit-border-top-left-radius: 4px;
-        -webkit-border-top-right-radius: 4px;
-        border-top-left-radius: 4px;
-        border-top-right-radius: 4px;
-        border-bottom: 1px solid #A8B8D9;
-}
-
-
-.tabsearch {
-	top: 0px;
-	left: 10px;
-	height: 36px;
-	background-image: url('tab_b.png');
-	z-index: 101;
-	overflow: hidden;
-	font-size: 13px;
-}
-
-.navpath ul
-{
-	font-size: 11px;
-	background-image:url('tab_b.png');
-	background-repeat:repeat-x;
-	background-position: 0 -5px;
-	height:30px;
-	line-height:30px;
-	color:#8AA0CC;
-	border:solid 1px #C2CDE4;
-	overflow:hidden;
-	margin:0px;
-	padding:0px;
-}
-
-.navpath li
-{
-	list-style-type:none;
-	float:left;
-	padding-left:10px;
-	padding-right:15px;
-	background-image:url('bc_s.png');
-	background-repeat:no-repeat;
-	background-position:right;
-	color:#364D7C;
-}
-
-.navpath li.navelem a
-{
-	height:32px;
-	display:block;
-	text-decoration: none;
-	outline: none;
-	color: #283A5D;
-	font-family: 'Lucida Grande',Geneva,Helvetica,Arial,sans-serif;
-	text-shadow: 0px 1px 1px rgba(255, 255, 255, 0.9);
-	text-decoration: none;        
-}
-
-.navpath li.navelem a:hover
-{
-	color:#6884BD;
-}
-
-.navpath li.footer
-{
-        list-style-type:none;
-        float:right;
-        padding-left:10px;
-        padding-right:15px;
-        background-image:none;
-        background-repeat:no-repeat;
-        background-position:right;
-        color:#364D7C;
-        font-size: 8pt;
-}
-
-
-div.summary
-{
-	float: right;
-	font-size: 8pt;
-	padding-right: 5px;
-	width: 50%;
-	text-align: right;
-}       
-
-div.summary a
-{
-	white-space: nowrap;
-}
-
-table.classindex
-{
-        margin: 10px;
-        white-space: nowrap;
-        margin-left: 3%;
-        margin-right: 3%;
-        width: 94%;
-        border: 0;
-        border-spacing: 0; 
-        padding: 0;
-}
-
-div.ingroups
-{
-	font-size: 8pt;
-	width: 50%;
-	text-align: left;
-}
-
-div.ingroups a
-{
-	white-space: nowrap;
-}
-
-div.header
-{
-        background-image:url('nav_h.png');
-        background-repeat:repeat-x;
-	background-color: #F9FAFC;
-	margin:  0px;
-	border-bottom: 1px solid #C4CFE5;
-}
-
-div.headertitle
-{
-	padding: 5px 5px 5px 10px;
-}
-
-.PageDocRTL-title div.headertitle {
-  text-align: right;
-  direction: rtl;
-}
-
-dl {
-        padding: 0 0 0 0;
-}
-
-/* dl.note, dl.warning, dl.attention, dl.pre, dl.post, dl.invariant, dl.deprecated, dl.todo, dl.test, dl.bug, dl.examples */
-dl.section {
-	margin-left: 0px;
-	padding-left: 0px;
-}
-
-dl.section.DocNodeRTL {
-  margin-right: 0px;
-  padding-right: 0px;
-}
-
-dl.note {
-  margin-left: -7px;
-  padding-left: 3px;
-  border-left: 4px solid;
-  border-color: #D0C000;
-}
-
-dl.note.DocNodeRTL {
-  margin-left: 0;
-  padding-left: 0;
-  border-left: 0;
-  margin-right: -7px;
-  padding-right: 3px;
-  border-right: 4px solid;
-  border-color: #D0C000;
-}
-
-dl.warning, dl.attention {
-  margin-left: -7px;
-  padding-left: 3px;
-  border-left: 4px solid;
-  border-color: #FF0000;
-}
-
-dl.warning.DocNodeRTL, dl.attention.DocNodeRTL {
-  margin-left: 0;
-  padding-left: 0;
-  border-left: 0;
-  margin-right: -7px;
-  padding-right: 3px;
-  border-right: 4px solid;
-  border-color: #FF0000;
-}
-
-dl.pre, dl.post, dl.invariant {
-  margin-left: -7px;
-  padding-left: 3px;
-  border-left: 4px solid;
-  border-color: #00D000;
-}
-
-dl.pre.DocNodeRTL, dl.post.DocNodeRTL, dl.invariant.DocNodeRTL {
-  margin-left: 0;
-  padding-left: 0;
-  border-left: 0;
-  margin-right: -7px;
-  padding-right: 3px;
-  border-right: 4px solid;
-  border-color: #00D000;
-}
-
-dl.deprecated {
-  margin-left: -7px;
-  padding-left: 3px;
-  border-left: 4px solid;
-  border-color: #505050;
-}
-
-dl.deprecated.DocNodeRTL {
-  margin-left: 0;
-  padding-left: 0;
-  border-left: 0;
-  margin-right: -7px;
-  padding-right: 3px;
-  border-right: 4px solid;
-  border-color: #505050;
-}
-
-dl.todo {
-  margin-left: -7px;
-  padding-left: 3px;
-  border-left: 4px solid;
-  border-color: #00C0E0;
-}
-
-dl.todo.DocNodeRTL {
-  margin-left: 0;
-  padding-left: 0;
-  border-left: 0;
-  margin-right: -7px;
-  padding-right: 3px;
-  border-right: 4px solid;
-  border-color: #00C0E0;
-}
-
-dl.test {
-  margin-left: -7px;
-  padding-left: 3px;
-  border-left: 4px solid;
-  border-color: #3030E0;
-}
-
-dl.test.DocNodeRTL {
-  margin-left: 0;
-  padding-left: 0;
-  border-left: 0;
-  margin-right: -7px;
-  padding-right: 3px;
-  border-right: 4px solid;
-  border-color: #3030E0;
-}
-
-dl.bug {
-  margin-left: -7px;
-  padding-left: 3px;
-  border-left: 4px solid;
-  border-color: #C08050;
-}
-
-dl.bug.DocNodeRTL {
-  margin-left: 0;
-  padding-left: 0;
-  border-left: 0;
-  margin-right: -7px;
-  padding-right: 3px;
-  border-right: 4px solid;
-  border-color: #C08050;
-}
-
-dl.section dd {
-	margin-bottom: 6px;
-}
-
-
-#projectlogo
-{
-	text-align: center;
-	vertical-align: bottom;
-	border-collapse: separate;
-}
- 
-#projectlogo img
-{ 
-	border: 0px none;
-}
- 
-#projectalign
-{
-        vertical-align: middle;
-}
-
-#projectname
-{
-	font: 300% Tahoma, Arial,sans-serif;
-	margin: 0px;
-	padding: 2px 0px;
-}
-    
-#projectbrief
-{
-	font: 120% Tahoma, Arial,sans-serif;
-	margin: 0px;
-	padding: 0px;
-}
-
-#projectnumber
-{
-	font: 50% Tahoma, Arial,sans-serif;
-	margin: 0px;
-	padding: 0px;
-}
-
-#titlearea
-{
-	padding: 0px;
-	margin: 0px;
-	width: 100%;
-	border-bottom: 1px solid #5373B4;
-}
-
-.image
-{
-        text-align: center;
-}
-
-.dotgraph
-{
-        text-align: center;
-}
-
-.mscgraph
-{
-        text-align: center;
-}
-
-.plantumlgraph
-{
-        text-align: center;
-}
-
-.diagraph
-{
-        text-align: center;
-}
-
-.caption
-{
-	font-weight: bold;
-}
-
-div.zoom
-{
-	border: 1px solid #90A5CE;
-}
-
-dl.citelist {
-        margin-bottom:50px;
-}
-
-dl.citelist dt {
-        color:#334975;
-        float:left;
-        font-weight:bold;
-        margin-right:10px;
-        padding:5px;
-        text-align:right;
-        width:52px;
-}
-
-dl.citelist dd {
-        margin:2px 0 2px 72px;
-        padding:5px 0;
-}
-
-div.toc {
-        padding: 14px 25px;
-        background-color: #F4F6FA;
-        border: 1px solid #D8DFEE;
-        border-radius: 7px 7px 7px 7px;
-        float: right;
-        height: auto;
-        margin: 0 8px 10px 10px;
-        width: 200px;
-}
-
-.PageDocRTL-title div.toc {
-  float: left !important;
-  text-align: right;
-}
-
-div.toc li {
-        background: url("bdwn.png") no-repeat scroll 0 5px transparent;
-        font: 10px/1.2 Verdana,DejaVu Sans,Geneva,sans-serif;
-        margin-top: 5px;
-        padding-left: 10px;
-        padding-top: 2px;
-}
-
-.PageDocRTL-title div.toc li {
-  background-position-x: right !important;
-  padding-left: 0 !important;
-  padding-right: 10px;
-}
-
-div.toc h3 {
-        font: bold 12px/1.2 Arial,FreeSans,sans-serif;
-	color: #4665A2;
-        border-bottom: 0 none;
-        margin: 0;
-}
-
-div.toc ul {
-        list-style: none outside none;
-        border: medium none;
-        padding: 0px;
-}       
-
-div.toc li.level1 {
-        margin-left: 0px;
-}
-
-div.toc li.level2 {
-        margin-left: 15px;
-}
-
-div.toc li.level3 {
-        margin-left: 30px;
-}
-
-div.toc li.level4 {
-        margin-left: 45px;
-}
-
-.PageDocRTL-title div.toc li.level1 {
-  margin-left: 0 !important;
-  margin-right: 0;
-}
-
-.PageDocRTL-title div.toc li.level2 {
-  margin-left: 0 !important;
-  margin-right: 15px;
-}
-
-.PageDocRTL-title div.toc li.level3 {
-  margin-left: 0 !important;
-  margin-right: 30px;
-}
-
-.PageDocRTL-title div.toc li.level4 {
-  margin-left: 0 !important;
-  margin-right: 45px;
-}
-
-.inherit_header {
-        font-weight: bold;
-        color: gray;
-        cursor: pointer;
-	-webkit-touch-callout: none;
-	-webkit-user-select: none;
-	-khtml-user-select: none;
-	-moz-user-select: none;
-	-ms-user-select: none;
-	user-select: none;
-}
-
-.inherit_header td {
-        padding: 6px 0px 2px 5px;
-}
-
-.inherit {
-        display: none;
-}
-
-tr.heading h2 {
-        margin-top: 12px;
-        margin-bottom: 4px;
-}
-
-/* tooltip related style info */
-
-.ttc {
-        position: absolute;
-        display: none;
-}
-
-#powerTip {
-	cursor: default;
-	white-space: nowrap;
-	background-color: white;
-	border: 1px solid gray;
-	border-radius: 4px 4px 4px 4px;
-	box-shadow: 1px 1px 7px gray;
-	display: none;
-	font-size: smaller;
-	max-width: 80%;
-	opacity: 0.9;
-	padding: 1ex 1em 1em;
-	position: absolute;
-	z-index: 2147483647;
-}
-
-#powerTip div.ttdoc {
-        color: grey;
-	font-style: italic;
-}
-
-#powerTip div.ttname a {
-        font-weight: bold;
-}
-
-#powerTip div.ttname {
-        font-weight: bold;
-}
-
-#powerTip div.ttdeci {
-        color: #006318;
-}
-
-#powerTip div {
-        margin: 0px;
-        padding: 0px;
-        font: 12px/16px Roboto,sans-serif;
-}
-
-#powerTip:before, #powerTip:after {
-	content: "";
-	position: absolute;
-	margin: 0px;
-}
-
-#powerTip.n:after,  #powerTip.n:before,
-#powerTip.s:after,  #powerTip.s:before,
-#powerTip.w:after,  #powerTip.w:before,
-#powerTip.e:after,  #powerTip.e:before,
-#powerTip.ne:after, #powerTip.ne:before,
-#powerTip.se:after, #powerTip.se:before,
-#powerTip.nw:after, #powerTip.nw:before,
-#powerTip.sw:after, #powerTip.sw:before {
-	border: solid transparent;
-	content: " ";
-	height: 0;
-	width: 0;
-	position: absolute;
-}
-
-#powerTip.n:after,  #powerTip.s:after,
-#powerTip.w:after,  #powerTip.e:after,
-#powerTip.nw:after, #powerTip.ne:after,
-#powerTip.sw:after, #powerTip.se:after {
-	border-color: rgba(255, 255, 255, 0);
-}
-
-#powerTip.n:before,  #powerTip.s:before,
-#powerTip.w:before,  #powerTip.e:before,
-#powerTip.nw:before, #powerTip.ne:before,
-#powerTip.sw:before, #powerTip.se:before {
-	border-color: rgba(128, 128, 128, 0);
-}
-
-#powerTip.n:after,  #powerTip.n:before,
-#powerTip.ne:after, #powerTip.ne:before,
-#powerTip.nw:after, #powerTip.nw:before {
-	top: 100%;
-}
-
-#powerTip.n:after, #powerTip.ne:after, #powerTip.nw:after {
-	border-top-color: #FFFFFF;
-	border-width: 10px;
-	margin: 0px -10px;
-}
-#powerTip.n:before {
-	border-top-color: #808080;
-	border-width: 11px;
-	margin: 0px -11px;
-}
-#powerTip.n:after, #powerTip.n:before {
-	left: 50%;
-}
-
-#powerTip.nw:after, #powerTip.nw:before {
-	right: 14px;
-}
-
-#powerTip.ne:after, #powerTip.ne:before {
-	left: 14px;
-}
-
-#powerTip.s:after,  #powerTip.s:before,
-#powerTip.se:after, #powerTip.se:before,
-#powerTip.sw:after, #powerTip.sw:before {
-	bottom: 100%;
-}
-
-#powerTip.s:after, #powerTip.se:after, #powerTip.sw:after {
-	border-bottom-color: #FFFFFF;
-	border-width: 10px;
-	margin: 0px -10px;
-}
-
-#powerTip.s:before, #powerTip.se:before, #powerTip.sw:before {
-	border-bottom-color: #808080;
-	border-width: 11px;
-	margin: 0px -11px;
-}
-
-#powerTip.s:after, #powerTip.s:before {
-	left: 50%;
-}
-
-#powerTip.sw:after, #powerTip.sw:before {
-	right: 14px;
-}
-
-#powerTip.se:after, #powerTip.se:before {
-	left: 14px;
-}
-
-#powerTip.e:after, #powerTip.e:before {
-	left: 100%;
-}
-#powerTip.e:after {
-	border-left-color: #FFFFFF;
-	border-width: 10px;
-	top: 50%;
-	margin-top: -10px;
-}
-#powerTip.e:before {
-	border-left-color: #808080;
-	border-width: 11px;
-	top: 50%;
-	margin-top: -11px;
-}
-
-#powerTip.w:after, #powerTip.w:before {
-	right: 100%;
-}
-#powerTip.w:after {
-	border-right-color: #FFFFFF;
-	border-width: 10px;
-	top: 50%;
-	margin-top: -10px;
-}
-#powerTip.w:before {
-	border-right-color: #808080;
-	border-width: 11px;
-	top: 50%;
-	margin-top: -11px;
-}
-
-@media print
-{
-  #top { display: none; }
-  #side-nav { display: none; }
-  #nav-path { display: none; }
-  body { overflow:visible; }
-  h1, h2, h3, h4, h5, h6 { page-break-after: avoid; }
-  .summary { display: none; }
-  .memitem { page-break-inside: avoid; }
-  #doc-content
-  {
-    margin-left:0 !important;
-    height:auto !important;
-    width:auto !important;
-    overflow:inherit;
-    display:inline;
-  }
-}
-
-/* @group Markdown */
-
-table.markdownTable {
-	border-collapse:collapse;
-        margin-top: 4px;
-        margin-bottom: 4px;
-}
-
-table.markdownTable td, table.markdownTable th {
-	border: 1px solid #2D4068;
-	padding: 3px 7px 2px;
-}
-
-table.markdownTable tr {
-}
-
-th.markdownTableHeadLeft, th.markdownTableHeadRight, th.markdownTableHeadCenter, th.markdownTableHeadNone {
-	background-color: #374F7F;
-	color: #FFFFFF;
-	font-size: 110%;
-	padding-bottom: 4px;
-	padding-top: 5px;
-}
-
-th.markdownTableHeadLeft, td.markdownTableBodyLeft {
-	text-align: left
-}
-
-th.markdownTableHeadRight, td.markdownTableBodyRight {
-	text-align: right
-}
-
-th.markdownTableHeadCenter, td.markdownTableBodyCenter {
-	text-align: center
-}
-
-.DocNodeRTL {
-  text-align: right;
-  direction: rtl;
-}
-
-.DocNodeLTR {
-  text-align: left;
-  direction: ltr;
-}
-
-table.DocNodeRTL {
-   width: auto;
-   margin-right: 0;
-   margin-left: auto;
-}
-
-table.DocNodeLTR {
-   width: auto;
-   margin-right: auto;
-   margin-left: 0;
-}
-
-tt, code, kbd, samp
-{
-  display: inline-block;
-  direction:ltr; 
-}
-/* @end */
-
-u {
-	text-decoration: underline;
-}
-
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/doxygen.svg b/3rdparty/libjpeg-turbo_2_1_0/doc/html/doxygen.svg
deleted file mode 100644
index d42dad5..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/doxygen.svg
+++ /dev/null
@@ -1,26 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<svg version="1.1" viewBox="0 0 104 31" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
- <defs>
-  <linearGradient id="a">
-   <stop stop-color="#5373B4" offset="0"/>
-   <stop stop-color="#7C95C6" offset="1"/>
-  </linearGradient>
-  <linearGradient id="d" x1="31.474" x2="31.474" y1="24.821" y2="26.773" gradientUnits="userSpaceOnUse" xlink:href="#a"/>
-  <linearGradient id="c" x1="31.474" x2="31.474" y1="24.821" y2="26.773" gradientTransform="matrix(.6816 0 0 1.0248 72.391 -.91809)" gradientUnits="userSpaceOnUse" xlink:href="#a"/>
-  <linearGradient id="b" x1="56.295" x2="56.295" y1="24.622" y2="26.574" gradientUnits="userSpaceOnUse" xlink:href="#a"/>
-  <linearGradient id="e" x1="49.067" x2="48.956" y1="19.719" y2="9.5227" gradientTransform="matrix(.97968 0 0 1.0207 -.25579 -.25579)" gradientUnits="userSpaceOnUse">
-   <stop stop-color="#C0CCE3" offset="0"/>
-   <stop stop-color="#EEF1F7" offset="1"/>
-  </linearGradient>
-  <filter id="f" x="-.010676" y="-.045304" width="1.0214" height="1.0906" color-interpolation-filters="sRGB">
-   <feGaussianBlur stdDeviation="0.45293203"/>
-  </filter>
- </defs>
- <g>
-  <path transform="translate(-2.5759 -27.848)" d="m13.609 32.203v6.8633h-0.05078c-0.40533-0.66867-0.96254-1.1715-1.6719-1.5059-0.69244-0.35193-1.4282-0.52734-2.2051-0.52734-0.96267 0-1.807 0.2027-2.5332 0.60742-0.72622 0.38713-1.3344 0.90556-1.8242 1.5566-0.47289 0.65108-0.83456 1.4092-1.0879 2.2715-0.23644 0.84464-0.35547 1.7236-0.35547 2.6387 0 0.95022 0.11902 1.8643 0.35547 2.7441 0.25333 0.87983 0.615 1.6633 1.0879 2.3496 0.48978 0.66867 1.1065 1.2066 1.8496 1.6113 0.74311 0.38713 1.6044 0.58008 2.584 0.58008 0.86133 0 1.6311-0.15787 2.3066-0.47461 0.69244-0.33434 1.2497-0.87227 1.6719-1.6113h0.05078v1.7422h3.4199v-18.846zm12.875 4.8301c-1.0302 0-1.9596 0.17541-2.7871 0.52734-0.82756 0.33434-1.5358 0.81965-2.127 1.4531-0.59111 0.61588-1.0483 1.3721-1.3691 2.2695-0.32089 0.87983-0.48047 1.866-0.48047 2.957s0.15958 2.0752 0.48047 2.9551c0.32089 0.87983 0.77803 1.6361 1.3691 2.2695 0.59111 0.61588 1.2994 1.0914 2.127 1.4258 0.82756 0.33434 1.7569 0.50195 2.7871 0.50195 1.0302 0 1.9596-0.16762 2.7871-0.50195 0.84444-0.33434 1.5612-0.8099 2.1523-1.4258 0.59111-0.63348 1.0483-1.3897 1.3691-2.2695 0.32089-0.87983 0.48047-1.8641 0.48047-2.9551s-0.15958-2.0772-0.48047-2.957c-0.32089-0.89743-0.77803-1.6536-1.3691-2.2695-0.59111-0.63348-1.3079-1.1188-2.1523-1.4531-0.82756-0.35193-1.7569-0.52734-2.7871-0.52734zm41.715 0c-0.912 0-1.7223 0.18516-2.4316 0.55469-0.69244 0.36953-1.2752 0.87043-1.748 1.5039-0.47289 0.61588-0.83651 1.337-1.0898 2.1641-0.23645 0.80944-0.35352 1.6553-0.35352 2.5352 0 0.93262 0.10007 1.8214 0.30273 2.666 0.21956 0.82704 0.55767 1.556 1.0137 2.1895 0.456 0.61588 1.0387 1.109 1.748 1.4785 0.70933 0.35193 1.5536 0.5293 2.5332 0.5293 0.79378 0 1.5446-0.16762 2.2539-0.50195 0.72622-0.35193 1.2834-0.88986 1.6719-1.6113h0.05078v1.7949c0.01689 0.96782-0.21071 1.7689-0.68359 2.4023-0.456 0.63348-1.1898 0.95117-2.2031 0.95117-0.64178 0-1.2075-0.14228-1.6973-0.42383-0.48978-0.26395-0.81939-0.74731-0.98828-1.4512h-3.5723c0.05067 0.77425 0.25276 1.435 0.60742 1.9805 0.37156 0.56309 0.8287 1.0192 1.3691 1.3711 0.55733 0.35193 1.1656 0.60726 1.8242 0.76562 0.67556 0.17597 1.3328 0.26562 1.9746 0.26562 1.5031 0 2.7025-0.21245 3.5977-0.63477 0.89511-0.42232 1.5798-0.94076 2.0527-1.5566 0.47289-0.59829 0.777-1.2493 0.91211-1.9531 0.152-0.70386 0.22656-1.3295 0.22656-1.875v-12.775h-3.4199v1.8223h-0.05078c-0.43911-0.79185-0.98782-1.3551-1.6465-1.6895-0.64178-0.33434-1.3926-0.50195-2.2539-0.50195zm16.523 0c-0.99644 0-1.9088 0.18516-2.7363 0.55469-0.81067 0.36953-1.5124 0.88018-2.1035 1.5312-0.59111 0.63348-1.0463 1.3897-1.3672 2.2695s-0.48047 1.831-0.48047 2.8516c0 1.0558 0.15108 2.0225 0.45508 2.9023 0.32089 0.87983 0.76758 1.6361 1.3418 2.2695 0.57422 0.63348 1.276 1.1266 2.1035 1.4785 0.82756 0.33434 1.7569 0.50195 2.7871 0.50195 1.4862 0 2.7517-0.35277 3.7988-1.0566 1.0471-0.70387 1.8254-1.8733 2.332-3.5098h-3.168c-0.11822 0.42232-0.43934 0.82772-0.96289 1.2148-0.52355 0.36953-1.1468 0.55274-1.873 0.55273-1.0133 0-1.7916-0.27286-2.332-0.81836-0.54044-0.5455-0.83605-1.4245-0.88672-2.6387h9.4492c0.06756-1.0558-0.01551-2.0673-0.25195-3.0352-0.23644-0.96782-0.62557-1.8293-1.166-2.5859-0.52356-0.75666-1.1998-1.355-2.0273-1.7949-0.82756-0.45751-1.7974-0.6875-2.9121-0.6875zm16.189 0c-0.76 0-1.5023 0.18516-2.2285 0.55469-0.72622 0.35193-1.3174 0.92299-1.7734 1.7148h-0.07617v-1.9004h-3.4199v13.646h3.5977v-7.1523c0-1.3901 0.21909-2.3841 0.6582-2.9824 0.43911-0.61588 1.1494-0.92383 2.1289-0.92383 0.86133 0 1.4611 0.28066 1.7988 0.84375 0.33777 0.5455 0.50586 1.3816 0.50586 2.5078v7.707h3.5976v-8.3926c0-0.84464-0.0765-1.6106-0.22851-2.2969-0.13511-0.70387-0.37971-1.2925-0.73438-1.7676-0.35466-0.49271-0.84386-0.87277-1.4688-1.1367-0.608-0.28155-1.3948-0.42188-2.3574-0.42188zm-66.063 0.36914 4.3066 6.4668-4.7129 7.1797h4.0293l2.7363-4.3027 2.7344 4.3027h4.1055l-4.8398-7.2578 4.3066-6.3887h-3.9766l-2.2793 3.5645-2.3066-3.5645zm13.275 0 4.584 12.803c0.10133 0.26395 0.15234 0.54461 0.15234 0.84375 0 0.40472-0.11707 0.77504-0.35352 1.1094-0.21956 0.33434-0.56617 0.52729-1.0391 0.58008-0.35467 0.0176-0.70979 0.0098-1.0645-0.02539-0.35467-0.03519-0.70128-0.07028-1.0391-0.10547v3.0879c0.37156 0.03519 0.73518 0.06051 1.0898 0.07813 0.37156 0.03519 0.74368 0.05273 1.1152 0.05273 1.2329 0 2.1943-0.23778 2.8867-0.71289 0.69244-0.47511 1.2326-1.2664 1.6211-2.375l5.4727-15.336h-3.7246l-2.8613 9.3438h-0.05078l-2.9648-9.3438zm-37.48 2.4551c0.59111 0 1.0823 0.12279 1.4707 0.36914 0.38844 0.24635 0.6991 0.57184 0.93555 0.97656 0.25333 0.38713 0.43187 0.84515 0.5332 1.373 0.10133 0.5103 0.15234 1.0482 0.15234 1.6113 0 0.56309-0.05101 1.1069-0.15234 1.6348-0.10133 0.5279-0.27137 1.0035-0.50781 1.4258-0.23644 0.40472-0.5556 0.73021-0.96094 0.97656-0.38844 0.24635-0.87959 0.36914-1.4707 0.36914-0.55733 0-1.038-0.12279-1.4434-0.36914-0.38844-0.26395-0.71806-0.59723-0.98828-1.002-0.25333-0.42232-0.43842-0.89788-0.55664-1.4258s-0.17773-1.0561-0.17773-1.584c-1e-7 -0.56309 0.05101-1.0991 0.15234-1.6094 0.11822-0.5279 0.29481-0.99567 0.53125-1.4004 0.25333-0.40472 0.58295-0.73021 0.98828-0.97656 0.40533-0.24635 0.90303-0.36914 1.4941-0.36914zm15.84 0c0.608 0 1.1142 0.13253 1.5195 0.39648 0.42222 0.24635 0.75184 0.57184 0.98828 0.97656 0.25333 0.40472 0.42992 0.87054 0.53125 1.3984 0.10133 0.5279 0.15234 1.0658 0.15234 1.6113 0 0.5455-0.05101 1.0815-0.15234 1.6094-0.10134 0.5103-0.27792 0.97612-0.53125 1.3984-0.23644 0.40472-0.56606 0.73021-0.98828 0.97656-0.40533 0.24635-0.91153 0.36914-1.5195 0.36914-0.608 0-1.1142-0.12279-1.5195-0.36914s-0.73495-0.57184-0.98828-0.97656c-0.23644-0.42232-0.40648-0.88814-0.50781-1.3984-0.10133-0.5279-0.15234-1.0639-0.15234-1.6094 0-0.5455 0.05101-1.0834 0.15234-1.6113 0.10133-0.5279 0.27137-0.99371 0.50781-1.3984 0.25333-0.40472 0.58295-0.73021 0.98828-0.97656 0.40533-0.26395 0.91153-0.39648 1.5195-0.39648zm42.602 0c0.59111 0 1.0803 0.11499 1.4688 0.34375 0.38844 0.22876 0.70105 0.5367 0.9375 0.92383 0.23644 0.38713 0.40648 0.8354 0.50781 1.3457 0.10133 0.49271 0.15039 1.0209 0.15039 1.584 0 0.4927-0.06606 0.96827-0.20117 1.4258-0.11822 0.43992-0.30526 0.83557-0.55859 1.1875-0.25333 0.35193-0.57445 0.63259-0.96289 0.84375-0.38844 0.21116-0.83513 0.31836-1.3418 0.31836-0.55733 0-1.021-0.12474-1.3926-0.37109-0.37156-0.24635-0.67566-0.56209-0.91211-0.94922-0.21956-0.38713-0.38109-0.81786-0.48242-1.293-0.08444-0.49271-0.12695-0.98581-0.12695-1.4785 0-0.5103 0.05101-0.99366 0.15234-1.4512 0.11822-0.47511 0.29676-0.89025 0.5332-1.2422 0.25333-0.36953 0.55744-0.65993 0.91211-0.87109 0.37156-0.21116 0.80974-0.31641 1.3164-0.31641zm15.535 0c0.87822 0 1.529 0.24753 1.9512 0.74023 0.43911 0.49271 0.74322 1.2138 0.91211 2.1641h-5.8535c0.01689-0.26395 0.0679-0.5641 0.15234-0.89844 0.10133-0.33434 0.26287-0.65008 0.48242-0.94922 0.23644-0.29914 0.54055-0.54667 0.91211-0.74023 0.38845-0.21116 0.86914-0.31641 1.4434-0.31641z" filter="url(#f)" opacity=".3" stroke="#969696" xlink:href="#path141"/>
-  <path d="m0.97202 24.161 43.605-0.0019 0.0508 3.3061-43.6 0.04174z" fill="url(#d)" stroke="#000" stroke-width=".5"/>
-  <path d="m10.283 3.5547v6.8633h-0.05078c-0.40533-0.66867-0.96254-1.1715-1.6719-1.5059-0.69244-0.35193-1.4282-0.52734-2.2051-0.52734-0.96267 0-1.807 0.2027-2.5332 0.60742-0.72622 0.38713-1.3344 0.90556-1.8242 1.5566-0.47289 0.65108-0.83456 1.4092-1.0879 2.2715-0.23644 0.84464-0.35547 1.7236-0.35547 2.6387 0 0.95022 0.11902 1.8643 0.35547 2.7441 0.25333 0.87983 0.615 1.6633 1.0879 2.3496 0.48978 0.66867 1.1065 1.2066 1.8496 1.6113 0.74311 0.38713 1.6044 0.58008 2.584 0.58008 0.86133 0 1.6311-0.15787 2.3066-0.47461 0.69244-0.33434 1.2497-0.87227 1.6719-1.6113h0.05078v1.7422h3.4199v-18.846zm12.875 4.8301c-1.0302 0-1.9596 0.17541-2.7871 0.52734-0.82756 0.33434-1.5358 0.81965-2.127 1.4531-0.59111 0.61588-1.0483 1.3721-1.3691 2.2695-0.32089 0.87983-0.48047 1.866-0.48047 2.957s0.15958 2.0752 0.48047 2.9551c0.32089 0.87983 0.77803 1.6361 1.3691 2.2695 0.59111 0.61588 1.2994 1.0914 2.127 1.4258 0.82756 0.33434 1.7569 0.50195 2.7871 0.50195 1.0302 0 1.9596-0.16762 2.7871-0.50195 0.84444-0.33434 1.5612-0.8099 2.1523-1.4258 0.59111-0.63348 1.0483-1.3897 1.3691-2.2695 0.32089-0.87983 0.48047-1.8641 0.48047-2.9551s-0.15958-2.0772-0.48047-2.957c-0.32089-0.89743-0.77803-1.6536-1.3691-2.2695-0.59111-0.63348-1.3079-1.1188-2.1523-1.4531-0.82756-0.35193-1.7569-0.52734-2.7871-0.52734zm41.715 0c-0.912 0-1.7223 0.18516-2.4316 0.55469-0.69244 0.36953-1.2752 0.87043-1.748 1.5039-0.47289 0.61588-0.83651 1.337-1.0898 2.1641-0.23644 0.80944-0.35352 1.6553-0.35352 2.5352 0 0.93262 0.10007 1.8214 0.30273 2.666 0.21956 0.82704 0.55767 1.556 1.0137 2.1895 0.456 0.61588 1.0387 1.109 1.748 1.4785 0.70933 0.35193 1.5536 0.5293 2.5332 0.5293 0.79378 0 1.5446-0.16762 2.2539-0.50195 0.72622-0.35193 1.2834-0.88986 1.6719-1.6113h0.05078v1.7949c0.01689 0.96782-0.21071 1.7689-0.68359 2.4023-0.456 0.63348-1.1898 0.95117-2.2031 0.95117-0.64178 0-1.2075-0.14228-1.6973-0.42383-0.48978-0.26395-0.81939-0.74731-0.98828-1.4512h-3.5723c0.05067 0.77425 0.25276 1.435 0.60742 1.9805 0.37156 0.56309 0.8287 1.0192 1.3691 1.3711 0.55733 0.35193 1.1656 0.60726 1.8242 0.76562 0.67556 0.17597 1.3328 0.26562 1.9746 0.26562 1.5031 0 2.7025-0.21245 3.5977-0.63477 0.89511-0.42232 1.5798-0.94076 2.0527-1.5566 0.47289-0.59829 0.777-1.2493 0.91211-1.9531 0.152-0.70386 0.22656-1.3295 0.22656-1.875v-12.775h-3.4199v1.8223h-0.05078c-0.43911-0.79185-0.98782-1.3551-1.6465-1.6895-0.64178-0.33434-1.3926-0.50195-2.2539-0.50195zm16.523 0c-0.99644 0-1.9088 0.18516-2.7363 0.55469-0.81067 0.36953-1.5124 0.88017-2.1035 1.5312-0.59111 0.63348-1.0463 1.3897-1.3672 2.2695s-0.48047 1.831-0.48047 2.8516c0 1.0558 0.15108 2.0225 0.45508 2.9023 0.32089 0.87983 0.76758 1.6361 1.3418 2.2695 0.57422 0.63348 1.276 1.1266 2.1035 1.4785 0.82756 0.33434 1.7569 0.50195 2.7871 0.50195 1.4862 0 2.7517-0.35278 3.7988-1.0566 1.0471-0.70386 1.8254-1.8733 2.332-3.5098h-3.168c-0.11822 0.42232-0.43934 0.82772-0.96289 1.2148-0.52355 0.36953-1.1468 0.55274-1.873 0.55273-1.0133 0-1.7916-0.27286-2.332-0.81836-0.54044-0.5455-0.83605-1.4245-0.88672-2.6387h9.4492c0.06756-1.0558-0.01551-2.0673-0.25195-3.0352-0.23644-0.96782-0.62557-1.8293-1.166-2.5859-0.52356-0.75666-1.1998-1.355-2.0273-1.7949-0.82756-0.45751-1.7974-0.6875-2.9121-0.6875zm16.189 0c-0.76 0-1.5023 0.18516-2.2285 0.55469-0.72622 0.35193-1.3174 0.923-1.7734 1.7148h-0.07617v-1.9004h-3.4199v13.646h3.5977v-7.1523c0-1.3901 0.21909-2.3841 0.6582-2.9824 0.43911-0.61588 1.1494-0.92383 2.1289-0.92383 0.86133 0 1.461 0.28066 1.7988 0.84375 0.33778 0.5455 0.50586 1.3816 0.50586 2.5078v7.707h3.5977v-8.3926c0-0.84464-0.0765-1.6106-0.22852-2.2969-0.13511-0.70387-0.3797-1.2925-0.73437-1.7676-0.35466-0.49271-0.84386-0.87277-1.4688-1.1367-0.608-0.28155-1.3948-0.42188-2.3574-0.42188zm-66.062 0.36914 4.3066 6.4668-4.7129 7.1797h4.0293l2.7363-4.3027 2.7344 4.3027h4.1055l-4.8398-7.2578 4.3066-6.3887h-3.9766l-2.2793 3.5645-2.3066-3.5645zm13.275 0 4.584 12.803c0.10133 0.26395 0.15234 0.54461 0.15234 0.84375 0 0.40472-0.11707 0.77504-0.35352 1.1094-0.21956 0.33434-0.56617 0.52729-1.0391 0.58008-0.35467 0.0176-0.70979 0.0098-1.0645-0.02539-0.35467-0.03519-0.70128-0.07027-1.0391-0.10547v3.0879c0.37156 0.03519 0.73518 0.06052 1.0898 0.07813 0.37156 0.03519 0.74368 0.05273 1.1152 0.05273 1.2329 0 2.1943-0.23778 2.8867-0.71289 0.69244-0.47511 1.2326-1.2664 1.6211-2.375l5.4727-15.336h-3.7246l-2.8613 9.3437h-0.05078l-2.9648-9.3437zm-37.48 2.4551c0.59111 0 1.0823 0.12279 1.4707 0.36914s0.6991 0.57184 0.93555 0.97656c0.25333 0.38713 0.43187 0.84515 0.5332 1.373 0.10133 0.5103 0.15234 1.0482 0.15234 1.6113 0 0.56309-0.05101 1.1069-0.15234 1.6348-0.10133 0.5279-0.27137 1.0035-0.50781 1.4258-0.23644 0.40472-0.5556 0.73021-0.96094 0.97656-0.38844 0.24635-0.87959 0.36914-1.4707 0.36914-0.55733 0-1.038-0.12279-1.4434-0.36914-0.38844-0.26395-0.71806-0.59723-0.98828-1.002-0.25333-0.42232-0.43842-0.89788-0.55664-1.4258s-0.17773-1.0561-0.17773-1.584c-1e-7 -0.56309 0.05101-1.0991 0.15234-1.6094 0.11822-0.5279 0.29481-0.99567 0.53125-1.4004 0.25333-0.40472 0.58295-0.73021 0.98828-0.97656 0.40533-0.24635 0.90303-0.36914 1.4941-0.36914zm15.84 0c0.608 0 1.1142 0.13254 1.5195 0.39648 0.42222 0.24635 0.75184 0.57184 0.98828 0.97656 0.25333 0.40472 0.42992 0.87054 0.53125 1.3984 0.10133 0.5279 0.15234 1.0658 0.15234 1.6113 0 0.5455-0.05101 1.0815-0.15234 1.6094-0.10133 0.5103-0.27792 0.97612-0.53125 1.3984-0.23644 0.40472-0.56606 0.73021-0.98828 0.97656-0.40533 0.24635-0.91153 0.36914-1.5195 0.36914-0.608 0-1.1142-0.12279-1.5195-0.36914s-0.73495-0.57184-0.98828-0.97656c-0.23644-0.42232-0.40648-0.88813-0.50781-1.3984-0.10133-0.5279-0.15234-1.0639-0.15234-1.6094 0-0.5455 0.05101-1.0834 0.15234-1.6113 0.10133-0.5279 0.27137-0.99371 0.50781-1.3984 0.25333-0.40472 0.58295-0.73021 0.98828-0.97656 0.40533-0.26395 0.91153-0.39648 1.5195-0.39648zm42.602 0c0.59111 0 1.0803 0.11499 1.4688 0.34375 0.38844 0.22876 0.70106 0.5367 0.9375 0.92383 0.23644 0.38713 0.40648 0.8354 0.50781 1.3457 0.10133 0.49271 0.15039 1.0209 0.15039 1.584 0 0.49271-0.06606 0.96827-0.20117 1.4258-0.11822 0.43992-0.30526 0.83557-0.55859 1.1875-0.25333 0.35193-0.57445 0.63259-0.96289 0.84375-0.38844 0.21116-0.83513 0.31836-1.3418 0.31836-0.55733 0-1.021-0.12474-1.3926-0.37109-0.37156-0.24635-0.67566-0.56209-0.91211-0.94922-0.21956-0.38713-0.38109-0.81786-0.48242-1.293-0.08444-0.49271-0.12695-0.98581-0.12695-1.4785 0-0.5103 0.05101-0.99366 0.15234-1.4512 0.11822-0.47511 0.29676-0.89026 0.5332-1.2422 0.25333-0.36953 0.55744-0.65993 0.91211-0.87109 0.37156-0.21116 0.80974-0.31641 1.3164-0.31641zm15.535 0c0.87822 0 1.529 0.24753 1.9512 0.74024 0.43911 0.49271 0.74322 1.2138 0.91211 2.1641h-5.8535c0.01689-0.26395 0.0679-0.5641 0.15234-0.89844 0.10133-0.33434 0.26287-0.65008 0.48242-0.94922 0.23644-0.29914 0.54055-0.54667 0.91211-0.74023 0.38845-0.21116 0.86914-0.31641 1.4434-0.31641z" fill="url(#e)" stroke="#4665A2" stroke-width=".7"/>
-  <path d="m52.988 27.291c0.99602-1.0359 1.3944-1.8725 1.7928-3.1076l3.8247-0.03984c0.3113 1.6096 0.82413 2.5137 1.6335 3.1474z" fill="url(#b)" stroke="#000" stroke-width=".5"/>
-  <path d="m73.89 24.04 28.885-0.2011-0.12476 3.3879-31.033 0.16229c1.2621-1.0234 1.9665-2.2859 2.2724-3.3491z" fill="url(#c)" stroke="#000" stroke-width=".41788"/>
- </g>
-</svg>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/dynsections.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/dynsections.js
deleted file mode 100644
index 3174bd7..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/dynsections.js
+++ /dev/null
@@ -1,121 +0,0 @@
-/*
- @licstart  The following is the entire license notice for the JavaScript code in this file.
-
- The MIT License (MIT)
-
- Copyright (C) 1997-2020 by Dimitri van Heesch
-
- Permission is hereby granted, free of charge, to any person obtaining a copy of this software
- and associated documentation files (the "Software"), to deal in the Software without restriction,
- including without limitation the rights to use, copy, modify, merge, publish, distribute,
- sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is
- furnished to do so, subject to the following conditions:
-
- The above copyright notice and this permission notice shall be included in all copies or
- substantial portions of the Software.
-
- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING
- BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
- DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
- @licend  The above is the entire license notice for the JavaScript code in this file
- */
-function toggleVisibility(linkObj)
-{
- var base = $(linkObj).attr('id');
- var summary = $('#'+base+'-summary');
- var content = $('#'+base+'-content');
- var trigger = $('#'+base+'-trigger');
- var src=$(trigger).attr('src');
- if (content.is(':visible')===true) {
-   content.hide();
-   summary.show();
-   $(linkObj).addClass('closed').removeClass('opened');
-   $(trigger).attr('src',src.substring(0,src.length-8)+'closed.png');
- } else {
-   content.show();
-   summary.hide();
-   $(linkObj).removeClass('closed').addClass('opened');
-   $(trigger).attr('src',src.substring(0,src.length-10)+'open.png');
- }
- return false;
-}
-
-function updateStripes()
-{
-  $('table.directory tr').
-       removeClass('even').filter(':visible:even').addClass('even');
-}
-
-function toggleLevel(level)
-{
-  $('table.directory tr').each(function() {
-    var l = this.id.split('_').length-1;
-    var i = $('#img'+this.id.substring(3));
-    var a = $('#arr'+this.id.substring(3));
-    if (l<level+1) {
-      i.removeClass('iconfopen iconfclosed').addClass('iconfopen');
-      a.html('&#9660;');
-      $(this).show();
-    } else if (l==level+1) {
-      i.removeClass('iconfclosed iconfopen').addClass('iconfclosed');
-      a.html('&#9658;');
-      $(this).show();
-    } else {
-      $(this).hide();
-    }
-  });
-  updateStripes();
-}
-
-function toggleFolder(id)
-{
-  // the clicked row
-  var currentRow = $('#row_'+id);
-
-  // all rows after the clicked row
-  var rows = currentRow.nextAll("tr");
-
-  var re = new RegExp('^row_'+id+'\\d+_$', "i"); //only one sub
-
-  // only match elements AFTER this one (can't hide elements before)
-  var childRows = rows.filter(function() { return this.id.match(re); });
-
-  // first row is visible we are HIDING
-  if (childRows.filter(':first').is(':visible')===true) {
-    // replace down arrow by right arrow for current row
-    var currentRowSpans = currentRow.find("span");
-    currentRowSpans.filter(".iconfopen").removeClass("iconfopen").addClass("iconfclosed");
-    currentRowSpans.filter(".arrow").html('&#9658;');
-    rows.filter("[id^=row_"+id+"]").hide(); // hide all children
-  } else { // we are SHOWING
-    // replace right arrow by down arrow for current row
-    var currentRowSpans = currentRow.find("span");
-    currentRowSpans.filter(".iconfclosed").removeClass("iconfclosed").addClass("iconfopen");
-    currentRowSpans.filter(".arrow").html('&#9660;');
-    // replace down arrows by right arrows for child rows
-    var childRowsSpans = childRows.find("span");
-    childRowsSpans.filter(".iconfopen").removeClass("iconfopen").addClass("iconfclosed");
-    childRowsSpans.filter(".arrow").html('&#9658;');
-    childRows.show(); //show all children
-  }
-  updateStripes();
-}
-
-
-function toggleInherit(id)
-{
-  var rows = $('tr.inherit.'+id);
-  var img = $('tr.inherit_header.'+id+' img');
-  var src = $(img).attr('src');
-  if (rows.filter(':first').is(':visible')===true) {
-    rows.css('display','none');
-    $(img).attr('src',src.substring(0,src.length-8)+'closed.png');
-  } else {
-    rows.css('display','table-row'); // using show() causes jump in firefox
-    $(img).attr('src',src.substring(0,src.length-10)+'open.png');
-  }
-}
-/* @license-end */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/folderclosed.png b/3rdparty/libjpeg-turbo_2_1_0/doc/html/folderclosed.png
deleted file mode 100644
index bb8ab35..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/doc/html/folderclosed.png and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/folderopen.png b/3rdparty/libjpeg-turbo_2_1_0/doc/html/folderopen.png
deleted file mode 100644
index d6c7f67..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/doc/html/folderopen.png and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/functions.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/functions.html
deleted file mode 100644
index 055b876..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/functions.html
+++ /dev/null
@@ -1,107 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta http-equiv="X-UA-Compatible" content="IE=9"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<meta name="viewport" content="width=device-width, initial-scale=1"/>
-<title>TurboJPEG: Data Fields</title>
-<link href="tabs.css" rel="stylesheet" type="text/css"/>
-<script type="text/javascript" src="jquery.js"></script>
-<script type="text/javascript" src="dynsections.js"></script>
-<link href="search/search.css" rel="stylesheet" type="text/css"/>
-<script type="text/javascript" src="search/searchdata.js"></script>
-<script type="text/javascript" src="search/search.js"></script>
-<link href="doxygen.css" rel="stylesheet" type="text/css" />
-<link href="doxygen-extra.css" rel="stylesheet" type="text/css"/>
-</head>
-<body>
-<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
-<div id="titlearea">
-<table cellspacing="0" cellpadding="0">
- <tbody>
- <tr style="height: 56px;">
-  <td id="projectalign" style="padding-left: 0.5em;">
-   <div id="projectname">TurboJPEG
-   &#160;<span id="projectnumber">2.1</span>
-   </div>
-  </td>
- </tr>
- </tbody>
-</table>
-</div>
-<!-- end header part -->
-<!-- Generated by Doxygen 1.8.20 -->
-<script type="text/javascript">
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-var searchBox = new SearchBox("searchBox", "search",false,'Search');
-/* @license-end */
-</script>
-<script type="text/javascript" src="menudata.js"></script>
-<script type="text/javascript" src="menu.js"></script>
-<script type="text/javascript">
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-$(function() {
-  initMenu('',true,false,'search.php','Search');
-  $(document).ready(function() { init_search(); });
-});
-/* @license-end */</script>
-<div id="main-nav"></div>
-</div><!-- top -->
-<!-- window showing the filter options -->
-<div id="MSearchSelectWindow"
-     onmouseover="return searchBox.OnSearchSelectShow()"
-     onmouseout="return searchBox.OnSearchSelectHide()"
-     onkeydown="return searchBox.OnSearchSelectKey(event)">
-</div>
-
-<!-- iframe showing the search results (closed by default) -->
-<div id="MSearchResultsWindow">
-<iframe src="javascript:void(0)" frameborder="0" 
-        name="MSearchResults" id="MSearchResults">
-</iframe>
-</div>
-
-<div class="contents">
-<div class="textblock">Here is a list of all documented struct and union fields with links to the struct/union documentation for each field:</div><ul>
-<li>customFilter
-: <a class="el" href="structtjtransform.html#afd7fc262df33f741e120ef4183202ef5">tjtransform</a>
-</li>
-<li>data
-: <a class="el" href="structtjtransform.html#a688fe8f1a8ecc12a538d9e561cf338e3">tjtransform</a>
-</li>
-<li>denom
-: <a class="el" href="structtjscalingfactor.html#aefbcdf3e9e62274b2d312c695f133ce3">tjscalingfactor</a>
-</li>
-<li>h
-: <a class="el" href="structtjregion.html#aecefc45a26f4d8b60dd4d825c1710115">tjregion</a>
-</li>
-<li>num
-: <a class="el" href="structtjscalingfactor.html#a9b011e57f981ee23083e2c1aa5e640ec">tjscalingfactor</a>
-</li>
-<li>op
-: <a class="el" href="structtjtransform.html#a2525aab4ba6978a1c273f74fef50e498">tjtransform</a>
-</li>
-<li>options
-: <a class="el" href="structtjtransform.html#ac0e74655baa4402209a21e1ae481c8f6">tjtransform</a>
-</li>
-<li>r
-: <a class="el" href="structtjtransform.html#ac324e5e442abec8a961e5bf219db12cf">tjtransform</a>
-</li>
-<li>w
-: <a class="el" href="structtjregion.html#ab6eb73ceef584fc23c8c8097926dce42">tjregion</a>
-</li>
-<li>x
-: <a class="el" href="structtjregion.html#a4b6a37a93997091b26a75831fa291ad9">tjregion</a>
-</li>
-<li>y
-: <a class="el" href="structtjregion.html#a7b3e0c24cfe87acc80e334cafdcf22c2">tjregion</a>
-</li>
-</ul>
-</div><!-- contents -->
-<!-- start footer part -->
-<hr class="footer"/><address class="footer"><small>
-Generated by&#160;<a href="http://www.doxygen.org/index.html"><img class="footer" src="doxygen.svg" width="104" height="31" alt="doxygen"/></a> 1.8.20
-</small></address>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/functions_vars.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/functions_vars.html
deleted file mode 100644
index 540b3e4..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/functions_vars.html
+++ /dev/null
@@ -1,107 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta http-equiv="X-UA-Compatible" content="IE=9"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<meta name="viewport" content="width=device-width, initial-scale=1"/>
-<title>TurboJPEG: Data Fields - Variables</title>
-<link href="tabs.css" rel="stylesheet" type="text/css"/>
-<script type="text/javascript" src="jquery.js"></script>
-<script type="text/javascript" src="dynsections.js"></script>
-<link href="search/search.css" rel="stylesheet" type="text/css"/>
-<script type="text/javascript" src="search/searchdata.js"></script>
-<script type="text/javascript" src="search/search.js"></script>
-<link href="doxygen.css" rel="stylesheet" type="text/css" />
-<link href="doxygen-extra.css" rel="stylesheet" type="text/css"/>
-</head>
-<body>
-<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
-<div id="titlearea">
-<table cellspacing="0" cellpadding="0">
- <tbody>
- <tr style="height: 56px;">
-  <td id="projectalign" style="padding-left: 0.5em;">
-   <div id="projectname">TurboJPEG
-   &#160;<span id="projectnumber">2.1</span>
-   </div>
-  </td>
- </tr>
- </tbody>
-</table>
-</div>
-<!-- end header part -->
-<!-- Generated by Doxygen 1.8.20 -->
-<script type="text/javascript">
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-var searchBox = new SearchBox("searchBox", "search",false,'Search');
-/* @license-end */
-</script>
-<script type="text/javascript" src="menudata.js"></script>
-<script type="text/javascript" src="menu.js"></script>
-<script type="text/javascript">
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-$(function() {
-  initMenu('',true,false,'search.php','Search');
-  $(document).ready(function() { init_search(); });
-});
-/* @license-end */</script>
-<div id="main-nav"></div>
-</div><!-- top -->
-<!-- window showing the filter options -->
-<div id="MSearchSelectWindow"
-     onmouseover="return searchBox.OnSearchSelectShow()"
-     onmouseout="return searchBox.OnSearchSelectHide()"
-     onkeydown="return searchBox.OnSearchSelectKey(event)">
-</div>
-
-<!-- iframe showing the search results (closed by default) -->
-<div id="MSearchResultsWindow">
-<iframe src="javascript:void(0)" frameborder="0" 
-        name="MSearchResults" id="MSearchResults">
-</iframe>
-</div>
-
-<div class="contents">
-&#160;<ul>
-<li>customFilter
-: <a class="el" href="structtjtransform.html#afd7fc262df33f741e120ef4183202ef5">tjtransform</a>
-</li>
-<li>data
-: <a class="el" href="structtjtransform.html#a688fe8f1a8ecc12a538d9e561cf338e3">tjtransform</a>
-</li>
-<li>denom
-: <a class="el" href="structtjscalingfactor.html#aefbcdf3e9e62274b2d312c695f133ce3">tjscalingfactor</a>
-</li>
-<li>h
-: <a class="el" href="structtjregion.html#aecefc45a26f4d8b60dd4d825c1710115">tjregion</a>
-</li>
-<li>num
-: <a class="el" href="structtjscalingfactor.html#a9b011e57f981ee23083e2c1aa5e640ec">tjscalingfactor</a>
-</li>
-<li>op
-: <a class="el" href="structtjtransform.html#a2525aab4ba6978a1c273f74fef50e498">tjtransform</a>
-</li>
-<li>options
-: <a class="el" href="structtjtransform.html#ac0e74655baa4402209a21e1ae481c8f6">tjtransform</a>
-</li>
-<li>r
-: <a class="el" href="structtjtransform.html#ac324e5e442abec8a961e5bf219db12cf">tjtransform</a>
-</li>
-<li>w
-: <a class="el" href="structtjregion.html#ab6eb73ceef584fc23c8c8097926dce42">tjregion</a>
-</li>
-<li>x
-: <a class="el" href="structtjregion.html#a4b6a37a93997091b26a75831fa291ad9">tjregion</a>
-</li>
-<li>y
-: <a class="el" href="structtjregion.html#a7b3e0c24cfe87acc80e334cafdcf22c2">tjregion</a>
-</li>
-</ul>
-</div><!-- contents -->
-<!-- start footer part -->
-<hr class="footer"/><address class="footer"><small>
-Generated by&#160;<a href="http://www.doxygen.org/index.html"><img class="footer" src="doxygen.svg" width="104" height="31" alt="doxygen"/></a> 1.8.20
-</small></address>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/group___turbo_j_p_e_g.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/group___turbo_j_p_e_g.html
deleted file mode 100644
index bf10073..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/group___turbo_j_p_e_g.html
+++ /dev/null
@@ -1,2872 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta http-equiv="X-UA-Compatible" content="IE=9"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<meta name="viewport" content="width=device-width, initial-scale=1"/>
-<title>TurboJPEG: TurboJPEG</title>
-<link href="tabs.css" rel="stylesheet" type="text/css"/>
-<script type="text/javascript" src="jquery.js"></script>
-<script type="text/javascript" src="dynsections.js"></script>
-<link href="search/search.css" rel="stylesheet" type="text/css"/>
-<script type="text/javascript" src="search/searchdata.js"></script>
-<script type="text/javascript" src="search/search.js"></script>
-<link href="doxygen.css" rel="stylesheet" type="text/css" />
-<link href="doxygen-extra.css" rel="stylesheet" type="text/css"/>
-</head>
-<body>
-<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
-<div id="titlearea">
-<table cellspacing="0" cellpadding="0">
- <tbody>
- <tr style="height: 56px;">
-  <td id="projectalign" style="padding-left: 0.5em;">
-   <div id="projectname">TurboJPEG
-   &#160;<span id="projectnumber">2.1</span>
-   </div>
-  </td>
- </tr>
- </tbody>
-</table>
-</div>
-<!-- end header part -->
-<!-- Generated by Doxygen 1.8.20 -->
-<script type="text/javascript">
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-var searchBox = new SearchBox("searchBox", "search",false,'Search');
-/* @license-end */
-</script>
-<script type="text/javascript" src="menudata.js"></script>
-<script type="text/javascript" src="menu.js"></script>
-<script type="text/javascript">
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-$(function() {
-  initMenu('',true,false,'search.php','Search');
-  $(document).ready(function() { init_search(); });
-});
-/* @license-end */</script>
-<div id="main-nav"></div>
-</div><!-- top -->
-<!-- window showing the filter options -->
-<div id="MSearchSelectWindow"
-     onmouseover="return searchBox.OnSearchSelectShow()"
-     onmouseout="return searchBox.OnSearchSelectHide()"
-     onkeydown="return searchBox.OnSearchSelectKey(event)">
-</div>
-
-<!-- iframe showing the search results (closed by default) -->
-<div id="MSearchResultsWindow">
-<iframe src="javascript:void(0)" frameborder="0" 
-        name="MSearchResults" id="MSearchResults">
-</iframe>
-</div>
-
-<div class="header">
-  <div class="summary">
-<a href="#nested-classes">Data Structures</a> &#124;
-<a href="#define-members">Macros</a> &#124;
-<a href="#typedef-members">Typedefs</a> &#124;
-<a href="#enum-members">Enumerations</a> &#124;
-<a href="#func-members">Functions</a> &#124;
-<a href="#var-members">Variables</a>  </div>
-  <div class="headertitle">
-<div class="title">TurboJPEG</div>  </div>
-</div><!--header-->
-<div class="contents">
-
-<p>TurboJPEG API.  
-<a href="#details">More...</a></p>
-<table class="memberdecls">
-<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="nested-classes"></a>
-Data Structures</h2></td></tr>
-<tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct &#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="structtjscalingfactor.html">tjscalingfactor</a></td></tr>
-<tr class="memdesc:"><td class="mdescLeft">&#160;</td><td class="mdescRight">Scaling factor.  <a href="structtjscalingfactor.html#details">More...</a><br /></td></tr>
-<tr class="separator:"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct &#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="structtjregion.html">tjregion</a></td></tr>
-<tr class="memdesc:"><td class="mdescLeft">&#160;</td><td class="mdescRight">Cropping region.  <a href="structtjregion.html#details">More...</a><br /></td></tr>
-<tr class="separator:"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct &#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="structtjtransform.html">tjtransform</a></td></tr>
-<tr class="memdesc:"><td class="mdescLeft">&#160;</td><td class="mdescRight">Lossless transform.  <a href="structtjtransform.html#details">More...</a><br /></td></tr>
-<tr class="separator:"><td class="memSeparator" colspan="2">&#160;</td></tr>
-</table><table class="memberdecls">
-<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="define-members"></a>
-Macros</h2></td></tr>
-<tr class="memitem:ga5ef3d169162ce77ce348e292a0b7477c"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga5ef3d169162ce77ce348e292a0b7477c">TJ_NUMSAMP</a></td></tr>
-<tr class="memdesc:ga5ef3d169162ce77ce348e292a0b7477c"><td class="mdescLeft">&#160;</td><td class="mdescRight">The number of chrominance subsampling options.  <a href="group___turbo_j_p_e_g.html#ga5ef3d169162ce77ce348e292a0b7477c">More...</a><br /></td></tr>
-<tr class="separator:ga5ef3d169162ce77ce348e292a0b7477c"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga7010a4402f54a45ba822ad8675a4655e"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga7010a4402f54a45ba822ad8675a4655e">TJ_NUMPF</a></td></tr>
-<tr class="memdesc:ga7010a4402f54a45ba822ad8675a4655e"><td class="mdescLeft">&#160;</td><td class="mdescRight">The number of pixel formats.  <a href="group___turbo_j_p_e_g.html#ga7010a4402f54a45ba822ad8675a4655e">More...</a><br /></td></tr>
-<tr class="separator:ga7010a4402f54a45ba822ad8675a4655e"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga39f57a6fb02d9cf32e7b6890099b5a71"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga39f57a6fb02d9cf32e7b6890099b5a71">TJ_NUMCS</a></td></tr>
-<tr class="memdesc:ga39f57a6fb02d9cf32e7b6890099b5a71"><td class="mdescLeft">&#160;</td><td class="mdescRight">The number of JPEG colorspaces.  <a href="group___turbo_j_p_e_g.html#ga39f57a6fb02d9cf32e7b6890099b5a71">More...</a><br /></td></tr>
-<tr class="separator:ga39f57a6fb02d9cf32e7b6890099b5a71"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga72ecf4ebe6eb702d3c6f5ca27455e1ec"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga72ecf4ebe6eb702d3c6f5ca27455e1ec">TJFLAG_BOTTOMUP</a></td></tr>
-<tr class="memdesc:ga72ecf4ebe6eb702d3c6f5ca27455e1ec"><td class="mdescLeft">&#160;</td><td class="mdescRight">The uncompressed source/destination image is stored in bottom-up (Windows, OpenGL) order, not top-down (X11) order.  <a href="group___turbo_j_p_e_g.html#ga72ecf4ebe6eb702d3c6f5ca27455e1ec">More...</a><br /></td></tr>
-<tr class="separator:ga72ecf4ebe6eb702d3c6f5ca27455e1ec"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga4ee4506c81177a06f77e2504a22efd2d"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga4ee4506c81177a06f77e2504a22efd2d">TJFLAG_FASTUPSAMPLE</a></td></tr>
-<tr class="memdesc:ga4ee4506c81177a06f77e2504a22efd2d"><td class="mdescLeft">&#160;</td><td class="mdescRight">When decompressing an image that was compressed using chrominance subsampling, use the fastest chrominance upsampling algorithm available in the underlying codec.  <a href="group___turbo_j_p_e_g.html#ga4ee4506c81177a06f77e2504a22efd2d">More...</a><br /></td></tr>
-<tr class="separator:ga4ee4506c81177a06f77e2504a22efd2d"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga8808d403c68b62aaa58a4c1e58e98963"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga8808d403c68b62aaa58a4c1e58e98963">TJFLAG_NOREALLOC</a></td></tr>
-<tr class="memdesc:ga8808d403c68b62aaa58a4c1e58e98963"><td class="mdescLeft">&#160;</td><td class="mdescRight">Disable buffer (re)allocation.  <a href="group___turbo_j_p_e_g.html#ga8808d403c68b62aaa58a4c1e58e98963">More...</a><br /></td></tr>
-<tr class="separator:ga8808d403c68b62aaa58a4c1e58e98963"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:gaabce235db80d3f698b27f36cbd453da2"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#gaabce235db80d3f698b27f36cbd453da2">TJFLAG_FASTDCT</a></td></tr>
-<tr class="memdesc:gaabce235db80d3f698b27f36cbd453da2"><td class="mdescLeft">&#160;</td><td class="mdescRight">Use the fastest DCT/IDCT algorithm available in the underlying codec.  <a href="group___turbo_j_p_e_g.html#gaabce235db80d3f698b27f36cbd453da2">More...</a><br /></td></tr>
-<tr class="separator:gaabce235db80d3f698b27f36cbd453da2"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:gacb233cfd722d66d1ccbf48a7de81f0e0"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#gacb233cfd722d66d1ccbf48a7de81f0e0">TJFLAG_ACCURATEDCT</a></td></tr>
-<tr class="memdesc:gacb233cfd722d66d1ccbf48a7de81f0e0"><td class="mdescLeft">&#160;</td><td class="mdescRight">Use the most accurate DCT/IDCT algorithm available in the underlying codec.  <a href="group___turbo_j_p_e_g.html#gacb233cfd722d66d1ccbf48a7de81f0e0">More...</a><br /></td></tr>
-<tr class="separator:gacb233cfd722d66d1ccbf48a7de81f0e0"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga519cfa4ef6c18d9e5b455fdf59306a3a"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga519cfa4ef6c18d9e5b455fdf59306a3a">TJFLAG_STOPONWARNING</a></td></tr>
-<tr class="memdesc:ga519cfa4ef6c18d9e5b455fdf59306a3a"><td class="mdescLeft">&#160;</td><td class="mdescRight">Immediately discontinue the current compression/decompression/transform operation if the underlying codec throws a warning (non-fatal error).  <a href="group___turbo_j_p_e_g.html#ga519cfa4ef6c18d9e5b455fdf59306a3a">More...</a><br /></td></tr>
-<tr class="separator:ga519cfa4ef6c18d9e5b455fdf59306a3a"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga43b426750b46190a25d34a67ef76df1b"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga43b426750b46190a25d34a67ef76df1b">TJFLAG_PROGRESSIVE</a></td></tr>
-<tr class="memdesc:ga43b426750b46190a25d34a67ef76df1b"><td class="mdescLeft">&#160;</td><td class="mdescRight">Use progressive entropy coding in JPEG images generated by the compression and transform functions.  <a href="group___turbo_j_p_e_g.html#ga43b426750b46190a25d34a67ef76df1b">More...</a><br /></td></tr>
-<tr class="separator:ga43b426750b46190a25d34a67ef76df1b"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga163e6482dc5096831feef9c79ff3f805"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga163e6482dc5096831feef9c79ff3f805">TJFLAG_LIMITSCANS</a></td></tr>
-<tr class="memdesc:ga163e6482dc5096831feef9c79ff3f805"><td class="mdescLeft">&#160;</td><td class="mdescRight">Limit the number of progressive JPEG scans that the decompression and transform functions will process.  <a href="group___turbo_j_p_e_g.html#ga163e6482dc5096831feef9c79ff3f805">More...</a><br /></td></tr>
-<tr class="separator:ga163e6482dc5096831feef9c79ff3f805"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga79bde1b4a3e2351e00887e47781b966e"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga79bde1b4a3e2351e00887e47781b966e">TJ_NUMERR</a></td></tr>
-<tr class="memdesc:ga79bde1b4a3e2351e00887e47781b966e"><td class="mdescLeft">&#160;</td><td class="mdescRight">The number of error codes.  <a href="group___turbo_j_p_e_g.html#ga79bde1b4a3e2351e00887e47781b966e">More...</a><br /></td></tr>
-<tr class="separator:ga79bde1b4a3e2351e00887e47781b966e"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga0f6dbd18adf38b7d46ac547f0f4d562c"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga0f6dbd18adf38b7d46ac547f0f4d562c">TJ_NUMXOP</a></td></tr>
-<tr class="memdesc:ga0f6dbd18adf38b7d46ac547f0f4d562c"><td class="mdescLeft">&#160;</td><td class="mdescRight">The number of transform operations.  <a href="group___turbo_j_p_e_g.html#ga0f6dbd18adf38b7d46ac547f0f4d562c">More...</a><br /></td></tr>
-<tr class="separator:ga0f6dbd18adf38b7d46ac547f0f4d562c"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga50e03cb5ed115330e212417429600b00"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga50e03cb5ed115330e212417429600b00">TJXOPT_PERFECT</a></td></tr>
-<tr class="memdesc:ga50e03cb5ed115330e212417429600b00"><td class="mdescLeft">&#160;</td><td class="mdescRight">This option will cause <a class="el" href="group___turbo_j_p_e_g.html#ga9cb8abf4cc91881e04a0329b2270be25" title="Losslessly transform a JPEG image into another JPEG image.">tjTransform()</a> to return an error if the transform is not perfect.  <a href="group___turbo_j_p_e_g.html#ga50e03cb5ed115330e212417429600b00">More...</a><br /></td></tr>
-<tr class="separator:ga50e03cb5ed115330e212417429600b00"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga319826b7eb1583c0595bbe7b95428709"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga319826b7eb1583c0595bbe7b95428709">TJXOPT_TRIM</a></td></tr>
-<tr class="memdesc:ga319826b7eb1583c0595bbe7b95428709"><td class="mdescLeft">&#160;</td><td class="mdescRight">This option will cause <a class="el" href="group___turbo_j_p_e_g.html#ga9cb8abf4cc91881e04a0329b2270be25" title="Losslessly transform a JPEG image into another JPEG image.">tjTransform()</a> to discard any partial MCU blocks that cannot be transformed.  <a href="group___turbo_j_p_e_g.html#ga319826b7eb1583c0595bbe7b95428709">More...</a><br /></td></tr>
-<tr class="separator:ga319826b7eb1583c0595bbe7b95428709"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga9c771a757fc1294add611906b89ab2d2"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga9c771a757fc1294add611906b89ab2d2">TJXOPT_CROP</a></td></tr>
-<tr class="memdesc:ga9c771a757fc1294add611906b89ab2d2"><td class="mdescLeft">&#160;</td><td class="mdescRight">This option will enable lossless cropping.  <a href="group___turbo_j_p_e_g.html#ga9c771a757fc1294add611906b89ab2d2">More...</a><br /></td></tr>
-<tr class="separator:ga9c771a757fc1294add611906b89ab2d2"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga3acee7b48ade1b99e5588736007c2589"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga3acee7b48ade1b99e5588736007c2589">TJXOPT_GRAY</a></td></tr>
-<tr class="memdesc:ga3acee7b48ade1b99e5588736007c2589"><td class="mdescLeft">&#160;</td><td class="mdescRight">This option will discard the color data in the input image and produce a grayscale output image.  <a href="group___turbo_j_p_e_g.html#ga3acee7b48ade1b99e5588736007c2589">More...</a><br /></td></tr>
-<tr class="separator:ga3acee7b48ade1b99e5588736007c2589"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:gafbf992bbf6e006705886333703ffab31"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#gafbf992bbf6e006705886333703ffab31">TJXOPT_NOOUTPUT</a></td></tr>
-<tr class="memdesc:gafbf992bbf6e006705886333703ffab31"><td class="mdescLeft">&#160;</td><td class="mdescRight">This option will prevent <a class="el" href="group___turbo_j_p_e_g.html#ga9cb8abf4cc91881e04a0329b2270be25" title="Losslessly transform a JPEG image into another JPEG image.">tjTransform()</a> from outputting a JPEG image for this particular transform (this can be used in conjunction with a custom filter to capture the transformed DCT coefficients without transcoding them.)  <a href="group___turbo_j_p_e_g.html#gafbf992bbf6e006705886333703ffab31">More...</a><br /></td></tr>
-<tr class="separator:gafbf992bbf6e006705886333703ffab31"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:gad2371c80674584ecc1a7d75e564cf026"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#gad2371c80674584ecc1a7d75e564cf026">TJXOPT_PROGRESSIVE</a></td></tr>
-<tr class="memdesc:gad2371c80674584ecc1a7d75e564cf026"><td class="mdescLeft">&#160;</td><td class="mdescRight">This option will enable progressive entropy coding in the output image generated by this particular transform.  <a href="group___turbo_j_p_e_g.html#gad2371c80674584ecc1a7d75e564cf026">More...</a><br /></td></tr>
-<tr class="separator:gad2371c80674584ecc1a7d75e564cf026"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga153b468cfb905d0de61706c838986fe8"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga153b468cfb905d0de61706c838986fe8">TJXOPT_COPYNONE</a></td></tr>
-<tr class="memdesc:ga153b468cfb905d0de61706c838986fe8"><td class="mdescLeft">&#160;</td><td class="mdescRight">This option will prevent <a class="el" href="group___turbo_j_p_e_g.html#ga9cb8abf4cc91881e04a0329b2270be25" title="Losslessly transform a JPEG image into another JPEG image.">tjTransform()</a> from copying any extra markers (including EXIF and ICC profile data) from the source image to the output image.  <a href="group___turbo_j_p_e_g.html#ga153b468cfb905d0de61706c838986fe8">More...</a><br /></td></tr>
-<tr class="separator:ga153b468cfb905d0de61706c838986fe8"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga0aba955473315e405295d978f0c16511"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga0aba955473315e405295d978f0c16511">TJPAD</a>(width)</td></tr>
-<tr class="memdesc:ga0aba955473315e405295d978f0c16511"><td class="mdescLeft">&#160;</td><td class="mdescRight">Pad the given width to the nearest 32-bit boundary.  <a href="group___turbo_j_p_e_g.html#ga0aba955473315e405295d978f0c16511">More...</a><br /></td></tr>
-<tr class="separator:ga0aba955473315e405295d978f0c16511"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga84878bb65404204743aa18cac02781df"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga84878bb65404204743aa18cac02781df">TJSCALED</a>(dimension,  scalingFactor)</td></tr>
-<tr class="memdesc:ga84878bb65404204743aa18cac02781df"><td class="mdescLeft">&#160;</td><td class="mdescRight">Compute the scaled value of <code>dimension</code> using the given scaling factor.  <a href="group___turbo_j_p_e_g.html#ga84878bb65404204743aa18cac02781df">More...</a><br /></td></tr>
-<tr class="separator:ga84878bb65404204743aa18cac02781df"><td class="memSeparator" colspan="2">&#160;</td></tr>
-</table><table class="memberdecls">
-<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="typedef-members"></a>
-Typedefs</h2></td></tr>
-<tr class="memitem:ga504805ec0161f1b505397ca0118bf8fd"><td class="memItemLeft" align="right" valign="top">typedef struct <a class="el" href="structtjtransform.html">tjtransform</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga504805ec0161f1b505397ca0118bf8fd">tjtransform</a></td></tr>
-<tr class="memdesc:ga504805ec0161f1b505397ca0118bf8fd"><td class="mdescLeft">&#160;</td><td class="mdescRight">Lossless transform.  <a href="group___turbo_j_p_e_g.html#ga504805ec0161f1b505397ca0118bf8fd">More...</a><br /></td></tr>
-<tr class="separator:ga504805ec0161f1b505397ca0118bf8fd"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga758d2634ecb4949de7815cba621f5763"><td class="memItemLeft" align="right" valign="top">typedef void *&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a></td></tr>
-<tr class="memdesc:ga758d2634ecb4949de7815cba621f5763"><td class="mdescLeft">&#160;</td><td class="mdescRight">TurboJPEG instance handle.  <a href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">More...</a><br /></td></tr>
-<tr class="separator:ga758d2634ecb4949de7815cba621f5763"><td class="memSeparator" colspan="2">&#160;</td></tr>
-</table><table class="memberdecls">
-<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="enum-members"></a>
-Enumerations</h2></td></tr>
-<tr class="memitem:ga1d047060ea80bb9820d540bb928e9074"><td class="memItemLeft" align="right" valign="top">enum &#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga1d047060ea80bb9820d540bb928e9074">TJSAMP</a> { <br />
-&#160;&#160;<a class="el" href="group___turbo_j_p_e_g.html#gga1d047060ea80bb9820d540bb928e9074afb8da4f44197837bdec0a4f593dacae3">TJSAMP_444</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#gga1d047060ea80bb9820d540bb928e9074a136130902cc578f11f32429b59368404">TJSAMP_422</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#gga1d047060ea80bb9820d540bb928e9074a63085dbf683cfe39e513cdb6343e3737">TJSAMP_420</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#gga1d047060ea80bb9820d540bb928e9074a3f1c9504842ddc7a48d0f690754b6248">TJSAMP_GRAY</a>, 
-<br />
-&#160;&#160;<a class="el" href="group___turbo_j_p_e_g.html#gga1d047060ea80bb9820d540bb928e9074accf740e6f3aa6ba20ba922cad13cb974">TJSAMP_440</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#gga1d047060ea80bb9820d540bb928e9074a28ec62575e5ea295c3fde3001dc628e2">TJSAMP_411</a>
-<br />
- }</td></tr>
-<tr class="memdesc:ga1d047060ea80bb9820d540bb928e9074"><td class="mdescLeft">&#160;</td><td class="mdescRight">Chrominance subsampling options.  <a href="group___turbo_j_p_e_g.html#ga1d047060ea80bb9820d540bb928e9074">More...</a><br /></td></tr>
-<tr class="separator:ga1d047060ea80bb9820d540bb928e9074"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:gac916144e26c3817ac514e64ae5d12e2a"><td class="memItemLeft" align="right" valign="top">enum &#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#gac916144e26c3817ac514e64ae5d12e2a">TJPF</a> { <br />
-&#160;&#160;<a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa7ce93230bff449518ce387c17e6ed37c">TJPF_RGB</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aab10624437fb8ef495a0b153e65749839">TJPF_BGR</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa83973bebb7e2dc6fa8bae89ff3f42e01">TJPF_RGBX</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa2a1fbf569ca79897eae886e3376ca4c8">TJPF_BGRX</a>, 
-<br />
-&#160;&#160;<a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aaf6603b27147de47e212e75dac027b2af">TJPF_XBGR</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aadae996905efcfa3b42a0bb3bea7f9d84">TJPF_XRGB</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa5431b54b015337705f13118073711a1a">TJPF_GRAY</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa88d2e88fab67f6503cf972e14851cc12">TJPF_RGBA</a>, 
-<br />
-&#160;&#160;<a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aac037ff1845cf9b74bb81a3659c2b9fb4">TJPF_BGRA</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa1ba1a7f1631dbeaa49a0a85fc4a40081">TJPF_ABGR</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aae8f846ed9d9de99b6e1dfe448848765c">TJPF_ARGB</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa7f5100ec44c91994e243f1cf55553f8b">TJPF_CMYK</a>, 
-<br />
-&#160;&#160;<a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa84c1a6cead7952998e2fb895844a21ed">TJPF_UNKNOWN</a>
-<br />
- }</td></tr>
-<tr class="memdesc:gac916144e26c3817ac514e64ae5d12e2a"><td class="mdescLeft">&#160;</td><td class="mdescRight">Pixel formats.  <a href="group___turbo_j_p_e_g.html#gac916144e26c3817ac514e64ae5d12e2a">More...</a><br /></td></tr>
-<tr class="separator:gac916144e26c3817ac514e64ae5d12e2a"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga4f83ad3368e0e29d1957be0efa7c3720"><td class="memItemLeft" align="right" valign="top">enum &#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga4f83ad3368e0e29d1957be0efa7c3720">TJCS</a> { <br />
-&#160;&#160;<a class="el" href="group___turbo_j_p_e_g.html#gga4f83ad3368e0e29d1957be0efa7c3720a677cb7ccb85c4038ac41964a2e09e555">TJCS_RGB</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#gga4f83ad3368e0e29d1957be0efa7c3720a7389b8f65bb387ffedce3efd0d78ec75">TJCS_YCbCr</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#gga4f83ad3368e0e29d1957be0efa7c3720ab3e7d6a87f695e45b81c1b5262b5a50a">TJCS_GRAY</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#gga4f83ad3368e0e29d1957be0efa7c3720a6c8b636152ac8195b869587db315ee53">TJCS_CMYK</a>, 
-<br />
-&#160;&#160;<a class="el" href="group___turbo_j_p_e_g.html#gga4f83ad3368e0e29d1957be0efa7c3720a53839e0fe867b76b58d16b0a1a7c598e">TJCS_YCCK</a>
-<br />
- }</td></tr>
-<tr class="memdesc:ga4f83ad3368e0e29d1957be0efa7c3720"><td class="mdescLeft">&#160;</td><td class="mdescRight">JPEG colorspaces.  <a href="group___turbo_j_p_e_g.html#ga4f83ad3368e0e29d1957be0efa7c3720">More...</a><br /></td></tr>
-<tr class="separator:ga4f83ad3368e0e29d1957be0efa7c3720"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:gafbc17cfa57d0d5d11fea35ac025950fe"><td class="memItemLeft" align="right" valign="top">enum &#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#gafbc17cfa57d0d5d11fea35ac025950fe">TJERR</a> { <a class="el" href="group___turbo_j_p_e_g.html#ggafbc17cfa57d0d5d11fea35ac025950fea342dd6e2aedb47bb257b4e7568329b59">TJERR_WARNING</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#ggafbc17cfa57d0d5d11fea35ac025950feafc9cceeada13122b09e4851e3788039a">TJERR_FATAL</a>
- }</td></tr>
-<tr class="memdesc:gafbc17cfa57d0d5d11fea35ac025950fe"><td class="mdescLeft">&#160;</td><td class="mdescRight">Error codes.  <a href="group___turbo_j_p_e_g.html#gafbc17cfa57d0d5d11fea35ac025950fe">More...</a><br /></td></tr>
-<tr class="separator:gafbc17cfa57d0d5d11fea35ac025950fe"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga2de531af4e7e6c4f124908376b354866"><td class="memItemLeft" align="right" valign="top">enum &#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga2de531af4e7e6c4f124908376b354866">TJXOP</a> { <br />
-&#160;&#160;<a class="el" href="group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866aad88c0366cd3f7d0eac9d7a3fa1c2c27">TJXOP_NONE</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866aa0df69776caa30f0fa28e26332d311ce">TJXOP_HFLIP</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866a324eddfbec53b7e691f61e56929d0d5d">TJXOP_VFLIP</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866a31060aed199f886afdd417f80499c32d">TJXOP_TRANSPOSE</a>, 
-<br />
-&#160;&#160;<a class="el" href="group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866af3b14d488aea6ece9e5b3df73a74d6a4">TJXOP_TRANSVERSE</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866a43b2bbb23bc4bd548422d43fbe9af128">TJXOP_ROT90</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866a140952eb8dd0300accfcc22726d69692">TJXOP_ROT180</a>, 
-<a class="el" href="group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866a3064ee5dfb7f032df332818587567a08">TJXOP_ROT270</a>
-<br />
- }</td></tr>
-<tr class="memdesc:ga2de531af4e7e6c4f124908376b354866"><td class="mdescLeft">&#160;</td><td class="mdescRight">Transform operations for <a class="el" href="group___turbo_j_p_e_g.html#ga9cb8abf4cc91881e04a0329b2270be25" title="Losslessly transform a JPEG image into another JPEG image.">tjTransform()</a>  <a href="group___turbo_j_p_e_g.html#ga2de531af4e7e6c4f124908376b354866">More...</a><br /></td></tr>
-<tr class="separator:ga2de531af4e7e6c4f124908376b354866"><td class="memSeparator" colspan="2">&#160;</td></tr>
-</table><table class="memberdecls">
-<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="func-members"></a>
-Functions</h2></td></tr>
-<tr class="memitem:ga9d63a05fc6d813f4aae06107041a37e8"><td class="memItemLeft" align="right" valign="top">DLLEXPORT <a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga9d63a05fc6d813f4aae06107041a37e8">tjInitCompress</a> (void)</td></tr>
-<tr class="memdesc:ga9d63a05fc6d813f4aae06107041a37e8"><td class="mdescLeft">&#160;</td><td class="mdescRight">Create a TurboJPEG compressor instance.  <a href="group___turbo_j_p_e_g.html#ga9d63a05fc6d813f4aae06107041a37e8">More...</a><br /></td></tr>
-<tr class="separator:ga9d63a05fc6d813f4aae06107041a37e8"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:gafbdce0112fd78fd38efae841443a9bcf"><td class="memItemLeft" align="right" valign="top">DLLEXPORT int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#gafbdce0112fd78fd38efae841443a9bcf">tjCompress2</a> (<a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a> handle, const unsigned char *srcBuf, int width, int pitch, int height, int pixelFormat, unsigned char **jpegBuf, unsigned long *jpegSize, int jpegSubsamp, int jpegQual, int flags)</td></tr>
-<tr class="memdesc:gafbdce0112fd78fd38efae841443a9bcf"><td class="mdescLeft">&#160;</td><td class="mdescRight">Compress an RGB, grayscale, or CMYK image into a JPEG image.  <a href="group___turbo_j_p_e_g.html#gafbdce0112fd78fd38efae841443a9bcf">More...</a><br /></td></tr>
-<tr class="separator:gafbdce0112fd78fd38efae841443a9bcf"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga7622a459b79aa1007e005b58783f875b"><td class="memItemLeft" align="right" valign="top">DLLEXPORT int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga7622a459b79aa1007e005b58783f875b">tjCompressFromYUV</a> (<a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a> handle, const unsigned char *srcBuf, int width, int pad, int height, int subsamp, unsigned char **jpegBuf, unsigned long *jpegSize, int jpegQual, int flags)</td></tr>
-<tr class="memdesc:ga7622a459b79aa1007e005b58783f875b"><td class="mdescLeft">&#160;</td><td class="mdescRight">Compress a YUV planar image into a JPEG image.  <a href="group___turbo_j_p_e_g.html#ga7622a459b79aa1007e005b58783f875b">More...</a><br /></td></tr>
-<tr class="separator:ga7622a459b79aa1007e005b58783f875b"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga29ec5dfbd2d84b8724e951d6fa0d5d9e"><td class="memItemLeft" align="right" valign="top">DLLEXPORT int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga29ec5dfbd2d84b8724e951d6fa0d5d9e">tjCompressFromYUVPlanes</a> (<a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a> handle, const unsigned char **srcPlanes, int width, const int *strides, int height, int subsamp, unsigned char **jpegBuf, unsigned long *jpegSize, int jpegQual, int flags)</td></tr>
-<tr class="memdesc:ga29ec5dfbd2d84b8724e951d6fa0d5d9e"><td class="mdescLeft">&#160;</td><td class="mdescRight">Compress a set of Y, U (Cb), and V (Cr) image planes into a JPEG image.  <a href="group___turbo_j_p_e_g.html#ga29ec5dfbd2d84b8724e951d6fa0d5d9e">More...</a><br /></td></tr>
-<tr class="separator:ga29ec5dfbd2d84b8724e951d6fa0d5d9e"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga67ac12fee79073242cb216e07c9f1f90"><td class="memItemLeft" align="right" valign="top">DLLEXPORT unsigned long&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga67ac12fee79073242cb216e07c9f1f90">tjBufSize</a> (int width, int height, int jpegSubsamp)</td></tr>
-<tr class="memdesc:ga67ac12fee79073242cb216e07c9f1f90"><td class="mdescLeft">&#160;</td><td class="mdescRight">The maximum size of the buffer (in bytes) required to hold a JPEG image with the given parameters.  <a href="group___turbo_j_p_e_g.html#ga67ac12fee79073242cb216e07c9f1f90">More...</a><br /></td></tr>
-<tr class="separator:ga67ac12fee79073242cb216e07c9f1f90"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga2be2b9969d4df9ecce9b05deed273194"><td class="memItemLeft" align="right" valign="top">DLLEXPORT unsigned long&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga2be2b9969d4df9ecce9b05deed273194">tjBufSizeYUV2</a> (int width, int pad, int height, int subsamp)</td></tr>
-<tr class="memdesc:ga2be2b9969d4df9ecce9b05deed273194"><td class="mdescLeft">&#160;</td><td class="mdescRight">The size of the buffer (in bytes) required to hold a YUV planar image with the given parameters.  <a href="group___turbo_j_p_e_g.html#ga2be2b9969d4df9ecce9b05deed273194">More...</a><br /></td></tr>
-<tr class="separator:ga2be2b9969d4df9ecce9b05deed273194"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:gab4ab7b24f6e797d79abaaa670373961d"><td class="memItemLeft" align="right" valign="top">DLLEXPORT unsigned long&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#gab4ab7b24f6e797d79abaaa670373961d">tjPlaneSizeYUV</a> (int componentID, int width, int stride, int height, int subsamp)</td></tr>
-<tr class="memdesc:gab4ab7b24f6e797d79abaaa670373961d"><td class="mdescLeft">&#160;</td><td class="mdescRight">The size of the buffer (in bytes) required to hold a YUV image plane with the given parameters.  <a href="group___turbo_j_p_e_g.html#gab4ab7b24f6e797d79abaaa670373961d">More...</a><br /></td></tr>
-<tr class="separator:gab4ab7b24f6e797d79abaaa670373961d"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga63fb66bb1e36c74008c4634360becbb1"><td class="memItemLeft" align="right" valign="top">DLLEXPORT int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga63fb66bb1e36c74008c4634360becbb1">tjPlaneWidth</a> (int componentID, int width, int subsamp)</td></tr>
-<tr class="memdesc:ga63fb66bb1e36c74008c4634360becbb1"><td class="mdescLeft">&#160;</td><td class="mdescRight">The plane width of a YUV image plane with the given parameters.  <a href="group___turbo_j_p_e_g.html#ga63fb66bb1e36c74008c4634360becbb1">More...</a><br /></td></tr>
-<tr class="separator:ga63fb66bb1e36c74008c4634360becbb1"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga1a209696c6a80748f20e134b3c64789f"><td class="memItemLeft" align="right" valign="top">DLLEXPORT int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga1a209696c6a80748f20e134b3c64789f">tjPlaneHeight</a> (int componentID, int height, int subsamp)</td></tr>
-<tr class="memdesc:ga1a209696c6a80748f20e134b3c64789f"><td class="mdescLeft">&#160;</td><td class="mdescRight">The plane height of a YUV image plane with the given parameters.  <a href="group___turbo_j_p_e_g.html#ga1a209696c6a80748f20e134b3c64789f">More...</a><br /></td></tr>
-<tr class="separator:ga1a209696c6a80748f20e134b3c64789f"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:gac519b922cdf446e97d0cdcba513636bf"><td class="memItemLeft" align="right" valign="top">DLLEXPORT int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#gac519b922cdf446e97d0cdcba513636bf">tjEncodeYUV3</a> (<a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a> handle, const unsigned char *srcBuf, int width, int pitch, int height, int pixelFormat, unsigned char *dstBuf, int pad, int subsamp, int flags)</td></tr>
-<tr class="memdesc:gac519b922cdf446e97d0cdcba513636bf"><td class="mdescLeft">&#160;</td><td class="mdescRight">Encode an RGB or grayscale image into a YUV planar image.  <a href="group___turbo_j_p_e_g.html#gac519b922cdf446e97d0cdcba513636bf">More...</a><br /></td></tr>
-<tr class="separator:gac519b922cdf446e97d0cdcba513636bf"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:gae2d04c72457fe7f4d60cf78ab1b1feb1"><td class="memItemLeft" align="right" valign="top">DLLEXPORT int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#gae2d04c72457fe7f4d60cf78ab1b1feb1">tjEncodeYUVPlanes</a> (<a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a> handle, const unsigned char *srcBuf, int width, int pitch, int height, int pixelFormat, unsigned char **dstPlanes, int *strides, int subsamp, int flags)</td></tr>
-<tr class="memdesc:gae2d04c72457fe7f4d60cf78ab1b1feb1"><td class="mdescLeft">&#160;</td><td class="mdescRight">Encode an RGB or grayscale image into separate Y, U (Cb), and V (Cr) image planes.  <a href="group___turbo_j_p_e_g.html#gae2d04c72457fe7f4d60cf78ab1b1feb1">More...</a><br /></td></tr>
-<tr class="separator:gae2d04c72457fe7f4d60cf78ab1b1feb1"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga52300eac3f3d9ef4bab303bc244f62d3"><td class="memItemLeft" align="right" valign="top">DLLEXPORT <a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga52300eac3f3d9ef4bab303bc244f62d3">tjInitDecompress</a> (void)</td></tr>
-<tr class="memdesc:ga52300eac3f3d9ef4bab303bc244f62d3"><td class="mdescLeft">&#160;</td><td class="mdescRight">Create a TurboJPEG decompressor instance.  <a href="group___turbo_j_p_e_g.html#ga52300eac3f3d9ef4bab303bc244f62d3">More...</a><br /></td></tr>
-<tr class="separator:ga52300eac3f3d9ef4bab303bc244f62d3"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga0595681096bba7199cc6f3533cb25f77"><td class="memItemLeft" align="right" valign="top">DLLEXPORT int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga0595681096bba7199cc6f3533cb25f77">tjDecompressHeader3</a> (<a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a> handle, const unsigned char *jpegBuf, unsigned long jpegSize, int *width, int *height, int *jpegSubsamp, int *jpegColorspace)</td></tr>
-<tr class="memdesc:ga0595681096bba7199cc6f3533cb25f77"><td class="mdescLeft">&#160;</td><td class="mdescRight">Retrieve information about a JPEG image without decompressing it.  <a href="group___turbo_j_p_e_g.html#ga0595681096bba7199cc6f3533cb25f77">More...</a><br /></td></tr>
-<tr class="separator:ga0595681096bba7199cc6f3533cb25f77"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:gac3854476006b10787bd128f7ede48057"><td class="memItemLeft" align="right" valign="top">DLLEXPORT <a class="el" href="structtjscalingfactor.html">tjscalingfactor</a> *&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#gac3854476006b10787bd128f7ede48057">tjGetScalingFactors</a> (int *numscalingfactors)</td></tr>
-<tr class="memdesc:gac3854476006b10787bd128f7ede48057"><td class="mdescLeft">&#160;</td><td class="mdescRight">Returns a list of fractional scaling factors that the JPEG decompressor in this implementation of TurboJPEG supports.  <a href="group___turbo_j_p_e_g.html#gac3854476006b10787bd128f7ede48057">More...</a><br /></td></tr>
-<tr class="separator:gac3854476006b10787bd128f7ede48057"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:gae9eccef8b682a48f43a9117c231ed013"><td class="memItemLeft" align="right" valign="top">DLLEXPORT int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#gae9eccef8b682a48f43a9117c231ed013">tjDecompress2</a> (<a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a> handle, const unsigned char *jpegBuf, unsigned long jpegSize, unsigned char *dstBuf, int width, int pitch, int height, int pixelFormat, int flags)</td></tr>
-<tr class="memdesc:gae9eccef8b682a48f43a9117c231ed013"><td class="mdescLeft">&#160;</td><td class="mdescRight">Decompress a JPEG image to an RGB, grayscale, or CMYK image.  <a href="group___turbo_j_p_e_g.html#gae9eccef8b682a48f43a9117c231ed013">More...</a><br /></td></tr>
-<tr class="separator:gae9eccef8b682a48f43a9117c231ed013"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga04d1e839ff9a0860dd1475cff78d3364"><td class="memItemLeft" align="right" valign="top">DLLEXPORT int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga04d1e839ff9a0860dd1475cff78d3364">tjDecompressToYUV2</a> (<a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a> handle, const unsigned char *jpegBuf, unsigned long jpegSize, unsigned char *dstBuf, int width, int pad, int height, int flags)</td></tr>
-<tr class="memdesc:ga04d1e839ff9a0860dd1475cff78d3364"><td class="mdescLeft">&#160;</td><td class="mdescRight">Decompress a JPEG image to a YUV planar image.  <a href="group___turbo_j_p_e_g.html#ga04d1e839ff9a0860dd1475cff78d3364">More...</a><br /></td></tr>
-<tr class="separator:ga04d1e839ff9a0860dd1475cff78d3364"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:gaa59f901a5258ada5bd0185ad59368540"><td class="memItemLeft" align="right" valign="top">DLLEXPORT int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#gaa59f901a5258ada5bd0185ad59368540">tjDecompressToYUVPlanes</a> (<a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a> handle, const unsigned char *jpegBuf, unsigned long jpegSize, unsigned char **dstPlanes, int width, int *strides, int height, int flags)</td></tr>
-<tr class="memdesc:gaa59f901a5258ada5bd0185ad59368540"><td class="mdescLeft">&#160;</td><td class="mdescRight">Decompress a JPEG image into separate Y, U (Cb), and V (Cr) image planes.  <a href="group___turbo_j_p_e_g.html#gaa59f901a5258ada5bd0185ad59368540">More...</a><br /></td></tr>
-<tr class="separator:gaa59f901a5258ada5bd0185ad59368540"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga70abbf38f77a26fd6da8813bef96f695"><td class="memItemLeft" align="right" valign="top">DLLEXPORT int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga70abbf38f77a26fd6da8813bef96f695">tjDecodeYUV</a> (<a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a> handle, const unsigned char *srcBuf, int pad, int subsamp, unsigned char *dstBuf, int width, int pitch, int height, int pixelFormat, int flags)</td></tr>
-<tr class="memdesc:ga70abbf38f77a26fd6da8813bef96f695"><td class="mdescLeft">&#160;</td><td class="mdescRight">Decode a YUV planar image into an RGB or grayscale image.  <a href="group___turbo_j_p_e_g.html#ga70abbf38f77a26fd6da8813bef96f695">More...</a><br /></td></tr>
-<tr class="separator:ga70abbf38f77a26fd6da8813bef96f695"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga10e837c07fa9d25770565b237d3898d9"><td class="memItemLeft" align="right" valign="top">DLLEXPORT int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga10e837c07fa9d25770565b237d3898d9">tjDecodeYUVPlanes</a> (<a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a> handle, const unsigned char **srcPlanes, const int *strides, int subsamp, unsigned char *dstBuf, int width, int pitch, int height, int pixelFormat, int flags)</td></tr>
-<tr class="memdesc:ga10e837c07fa9d25770565b237d3898d9"><td class="mdescLeft">&#160;</td><td class="mdescRight">Decode a set of Y, U (Cb), and V (Cr) image planes into an RGB or grayscale image.  <a href="group___turbo_j_p_e_g.html#ga10e837c07fa9d25770565b237d3898d9">More...</a><br /></td></tr>
-<tr class="separator:ga10e837c07fa9d25770565b237d3898d9"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga928beff6ac248ceadf01089fc6b41957"><td class="memItemLeft" align="right" valign="top">DLLEXPORT <a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga928beff6ac248ceadf01089fc6b41957">tjInitTransform</a> (void)</td></tr>
-<tr class="memdesc:ga928beff6ac248ceadf01089fc6b41957"><td class="mdescLeft">&#160;</td><td class="mdescRight">Create a new TurboJPEG transformer instance.  <a href="group___turbo_j_p_e_g.html#ga928beff6ac248ceadf01089fc6b41957">More...</a><br /></td></tr>
-<tr class="separator:ga928beff6ac248ceadf01089fc6b41957"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga9cb8abf4cc91881e04a0329b2270be25"><td class="memItemLeft" align="right" valign="top">DLLEXPORT int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga9cb8abf4cc91881e04a0329b2270be25">tjTransform</a> (<a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a> handle, const unsigned char *jpegBuf, unsigned long jpegSize, int n, unsigned char **dstBufs, unsigned long *dstSizes, <a class="el" href="structtjtransform.html">tjtransform</a> *transforms, int flags)</td></tr>
-<tr class="memdesc:ga9cb8abf4cc91881e04a0329b2270be25"><td class="mdescLeft">&#160;</td><td class="mdescRight">Losslessly transform a JPEG image into another JPEG image.  <a href="group___turbo_j_p_e_g.html#ga9cb8abf4cc91881e04a0329b2270be25">More...</a><br /></td></tr>
-<tr class="separator:ga9cb8abf4cc91881e04a0329b2270be25"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga75f355fa27225ba1a4ee392c852394d2"><td class="memItemLeft" align="right" valign="top">DLLEXPORT int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga75f355fa27225ba1a4ee392c852394d2">tjDestroy</a> (<a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a> handle)</td></tr>
-<tr class="memdesc:ga75f355fa27225ba1a4ee392c852394d2"><td class="mdescLeft">&#160;</td><td class="mdescRight">Destroy a TurboJPEG compressor, decompressor, or transformer instance.  <a href="group___turbo_j_p_e_g.html#ga75f355fa27225ba1a4ee392c852394d2">More...</a><br /></td></tr>
-<tr class="separator:ga75f355fa27225ba1a4ee392c852394d2"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:gaec627dd4c5f30b7a775a7aea3bec5d83"><td class="memItemLeft" align="right" valign="top">DLLEXPORT unsigned char *&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#gaec627dd4c5f30b7a775a7aea3bec5d83">tjAlloc</a> (int bytes)</td></tr>
-<tr class="memdesc:gaec627dd4c5f30b7a775a7aea3bec5d83"><td class="mdescLeft">&#160;</td><td class="mdescRight">Allocate an image buffer for use with TurboJPEG.  <a href="group___turbo_j_p_e_g.html#gaec627dd4c5f30b7a775a7aea3bec5d83">More...</a><br /></td></tr>
-<tr class="separator:gaec627dd4c5f30b7a775a7aea3bec5d83"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:gaffbd83c375e79f5db4b5c5d8ad4466e7"><td class="memItemLeft" align="right" valign="top">DLLEXPORT unsigned char *&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#gaffbd83c375e79f5db4b5c5d8ad4466e7">tjLoadImage</a> (const char *filename, int *width, int align, int *height, int *pixelFormat, int flags)</td></tr>
-<tr class="memdesc:gaffbd83c375e79f5db4b5c5d8ad4466e7"><td class="mdescLeft">&#160;</td><td class="mdescRight">Load an uncompressed image from disk into memory.  <a href="group___turbo_j_p_e_g.html#gaffbd83c375e79f5db4b5c5d8ad4466e7">More...</a><br /></td></tr>
-<tr class="separator:gaffbd83c375e79f5db4b5c5d8ad4466e7"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga6f445b22d8933ae4815b3370a538d879"><td class="memItemLeft" align="right" valign="top">DLLEXPORT int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga6f445b22d8933ae4815b3370a538d879">tjSaveImage</a> (const char *filename, unsigned char *buffer, int width, int pitch, int height, int pixelFormat, int flags)</td></tr>
-<tr class="memdesc:ga6f445b22d8933ae4815b3370a538d879"><td class="mdescLeft">&#160;</td><td class="mdescRight">Save an uncompressed image from memory to disk.  <a href="group___turbo_j_p_e_g.html#ga6f445b22d8933ae4815b3370a538d879">More...</a><br /></td></tr>
-<tr class="separator:ga6f445b22d8933ae4815b3370a538d879"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:gaea863d2da0cdb609563aabdf9196514b"><td class="memItemLeft" align="right" valign="top">DLLEXPORT void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#gaea863d2da0cdb609563aabdf9196514b">tjFree</a> (unsigned char *buffer)</td></tr>
-<tr class="memdesc:gaea863d2da0cdb609563aabdf9196514b"><td class="mdescLeft">&#160;</td><td class="mdescRight">Free an image buffer previously allocated by TurboJPEG.  <a href="group___turbo_j_p_e_g.html#gaea863d2da0cdb609563aabdf9196514b">More...</a><br /></td></tr>
-<tr class="separator:gaea863d2da0cdb609563aabdf9196514b"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga1ead8574f9f39fbafc6b497124e7aafa"><td class="memItemLeft" align="right" valign="top">DLLEXPORT char *&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa">tjGetErrorStr2</a> (<a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a> handle)</td></tr>
-<tr class="memdesc:ga1ead8574f9f39fbafc6b497124e7aafa"><td class="mdescLeft">&#160;</td><td class="mdescRight">Returns a descriptive error message explaining why the last command failed.  <a href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa">More...</a><br /></td></tr>
-<tr class="separator:ga1ead8574f9f39fbafc6b497124e7aafa"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga414feeffbf860ebd31c745df203de410"><td class="memItemLeft" align="right" valign="top">DLLEXPORT int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga414feeffbf860ebd31c745df203de410">tjGetErrorCode</a> (<a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a> handle)</td></tr>
-<tr class="memdesc:ga414feeffbf860ebd31c745df203de410"><td class="mdescLeft">&#160;</td><td class="mdescRight">Returns a code indicating the severity of the last error.  <a href="group___turbo_j_p_e_g.html#ga414feeffbf860ebd31c745df203de410">More...</a><br /></td></tr>
-<tr class="separator:ga414feeffbf860ebd31c745df203de410"><td class="memSeparator" colspan="2">&#160;</td></tr>
-</table><table class="memberdecls">
-<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="var-members"></a>
-Variables</h2></td></tr>
-<tr class="memitem:ga9e61e7cd47a15a173283ba94e781308c"><td class="memItemLeft" align="right" valign="top">static const int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga9e61e7cd47a15a173283ba94e781308c">tjMCUWidth</a> [<a class="el" href="group___turbo_j_p_e_g.html#ga5ef3d169162ce77ce348e292a0b7477c">TJ_NUMSAMP</a>]</td></tr>
-<tr class="memdesc:ga9e61e7cd47a15a173283ba94e781308c"><td class="mdescLeft">&#160;</td><td class="mdescRight">MCU block width (in pixels) for a given level of chrominance subsampling.  <a href="group___turbo_j_p_e_g.html#ga9e61e7cd47a15a173283ba94e781308c">More...</a><br /></td></tr>
-<tr class="separator:ga9e61e7cd47a15a173283ba94e781308c"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:gabd247bb9fecb393eca57366feb8327bf"><td class="memItemLeft" align="right" valign="top">static const int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#gabd247bb9fecb393eca57366feb8327bf">tjMCUHeight</a> [<a class="el" href="group___turbo_j_p_e_g.html#ga5ef3d169162ce77ce348e292a0b7477c">TJ_NUMSAMP</a>]</td></tr>
-<tr class="memdesc:gabd247bb9fecb393eca57366feb8327bf"><td class="mdescLeft">&#160;</td><td class="mdescRight">MCU block height (in pixels) for a given level of chrominance subsampling.  <a href="group___turbo_j_p_e_g.html#gabd247bb9fecb393eca57366feb8327bf">More...</a><br /></td></tr>
-<tr class="separator:gabd247bb9fecb393eca57366feb8327bf"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:gadd9b446742ac8a3923f7992c7988fea8"><td class="memItemLeft" align="right" valign="top">static const int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#gadd9b446742ac8a3923f7992c7988fea8">tjRedOffset</a> [<a class="el" href="group___turbo_j_p_e_g.html#ga7010a4402f54a45ba822ad8675a4655e">TJ_NUMPF</a>]</td></tr>
-<tr class="memdesc:gadd9b446742ac8a3923f7992c7988fea8"><td class="mdescLeft">&#160;</td><td class="mdescRight">Red offset (in bytes) for a given pixel format.  <a href="group___turbo_j_p_e_g.html#gadd9b446742ac8a3923f7992c7988fea8">More...</a><br /></td></tr>
-<tr class="separator:gadd9b446742ac8a3923f7992c7988fea8"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga82d6e35da441112a411da41923c0ba2f"><td class="memItemLeft" align="right" valign="top">static const int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga82d6e35da441112a411da41923c0ba2f">tjGreenOffset</a> [<a class="el" href="group___turbo_j_p_e_g.html#ga7010a4402f54a45ba822ad8675a4655e">TJ_NUMPF</a>]</td></tr>
-<tr class="memdesc:ga82d6e35da441112a411da41923c0ba2f"><td class="mdescLeft">&#160;</td><td class="mdescRight">Green offset (in bytes) for a given pixel format.  <a href="group___turbo_j_p_e_g.html#ga82d6e35da441112a411da41923c0ba2f">More...</a><br /></td></tr>
-<tr class="separator:ga82d6e35da441112a411da41923c0ba2f"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga84e2e35d3f08025f976ec1ec53693dea"><td class="memItemLeft" align="right" valign="top">static const int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga84e2e35d3f08025f976ec1ec53693dea">tjBlueOffset</a> [<a class="el" href="group___turbo_j_p_e_g.html#ga7010a4402f54a45ba822ad8675a4655e">TJ_NUMPF</a>]</td></tr>
-<tr class="memdesc:ga84e2e35d3f08025f976ec1ec53693dea"><td class="mdescLeft">&#160;</td><td class="mdescRight">Blue offset (in bytes) for a given pixel format.  <a href="group___turbo_j_p_e_g.html#ga84e2e35d3f08025f976ec1ec53693dea">More...</a><br /></td></tr>
-<tr class="separator:ga84e2e35d3f08025f976ec1ec53693dea"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ga5af0ab065feefd526debf1e20c43e837"><td class="memItemLeft" align="right" valign="top">static const int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#ga5af0ab065feefd526debf1e20c43e837">tjAlphaOffset</a> [<a class="el" href="group___turbo_j_p_e_g.html#ga7010a4402f54a45ba822ad8675a4655e">TJ_NUMPF</a>]</td></tr>
-<tr class="memdesc:ga5af0ab065feefd526debf1e20c43e837"><td class="mdescLeft">&#160;</td><td class="mdescRight">Alpha offset (in bytes) for a given pixel format.  <a href="group___turbo_j_p_e_g.html#ga5af0ab065feefd526debf1e20c43e837">More...</a><br /></td></tr>
-<tr class="separator:ga5af0ab065feefd526debf1e20c43e837"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:gad77cf8fe5b2bfd3cb3f53098146abb4c"><td class="memItemLeft" align="right" valign="top">static const int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c">tjPixelSize</a> [<a class="el" href="group___turbo_j_p_e_g.html#ga7010a4402f54a45ba822ad8675a4655e">TJ_NUMPF</a>]</td></tr>
-<tr class="memdesc:gad77cf8fe5b2bfd3cb3f53098146abb4c"><td class="mdescLeft">&#160;</td><td class="mdescRight">Pixel size (in bytes) for a given pixel format.  <a href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c">More...</a><br /></td></tr>
-<tr class="separator:gad77cf8fe5b2bfd3cb3f53098146abb4c"><td class="memSeparator" colspan="2">&#160;</td></tr>
-</table>
-<a name="details" id="details"></a><h2 class="groupheader">Detailed Description</h2>
-<p>TurboJPEG API. </p>
-<p>This API provides an interface for generating, decoding, and transforming planar YUV and JPEG images in memory.</p>
-<p><a class="anchor" id="YUVnotes"></a></p>
-<h2><a class="anchor" id="autotoc_md0"></a>
-YUV Image Format Notes</h2>
-<p>Technically, the JPEG format uses the YCbCr colorspace (which is technically not a colorspace but a color transform), but per the convention of the digital video community, the TurboJPEG API uses "YUV" to refer to an image format consisting of Y, Cb, and Cr image planes.</p>
-<p>Each plane is simply a 2D array of bytes, each byte representing the value of one of the components (Y, Cb, or Cr) at a particular location in the image. The width and height of each plane are determined by the image width, height, and level of chrominance subsampling. The luminance plane width is the image width padded to the nearest multiple of the horizontal subsampling factor (2 in the case of 4:2:0 and 4:2:2, 4 in the case of 4:1:1, 1 in the case of 4:4:4 or grayscale.) Similarly, the luminance plane height is the image height padded to the nearest multiple of the vertical subsampling factor (2 in the case of 4:2:0 or 4:4:0, 1 in the case of 4:4:4 or grayscale.) This is irrespective of any additional padding that may be specified as an argument to the various YUV functions. The chrominance plane width is equal to the luminance plane width divided by the horizontal subsampling factor, and the chrominance plane height is equal to the luminance plane height divided by the vertical subsampling factor.</p>
-<p>For example, if the source image is 35 x 35 pixels and 4:2:2 subsampling is used, then the luminance plane would be 36 x 35 bytes, and each of the chrominance planes would be 18 x 35 bytes. If you specify a line padding of 4 bytes on top of this, then the luminance plane would be 36 x 35 bytes, and each of the chrominance planes would be 20 x 35 bytes. </p>
-<h2 class="groupheader">Macro Definition Documentation</h2>
-<a id="ga39f57a6fb02d9cf32e7b6890099b5a71"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga39f57a6fb02d9cf32e7b6890099b5a71">&#9670;&nbsp;</a></span>TJ_NUMCS</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJ_NUMCS</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>The number of JPEG colorspaces. </p>
-
-</div>
-</div>
-<a id="ga79bde1b4a3e2351e00887e47781b966e"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga79bde1b4a3e2351e00887e47781b966e">&#9670;&nbsp;</a></span>TJ_NUMERR</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJ_NUMERR</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>The number of error codes. </p>
-
-</div>
-</div>
-<a id="ga7010a4402f54a45ba822ad8675a4655e"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga7010a4402f54a45ba822ad8675a4655e">&#9670;&nbsp;</a></span>TJ_NUMPF</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJ_NUMPF</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>The number of pixel formats. </p>
-
-</div>
-</div>
-<a id="ga5ef3d169162ce77ce348e292a0b7477c"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga5ef3d169162ce77ce348e292a0b7477c">&#9670;&nbsp;</a></span>TJ_NUMSAMP</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJ_NUMSAMP</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>The number of chrominance subsampling options. </p>
-
-</div>
-</div>
-<a id="ga0f6dbd18adf38b7d46ac547f0f4d562c"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga0f6dbd18adf38b7d46ac547f0f4d562c">&#9670;&nbsp;</a></span>TJ_NUMXOP</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJ_NUMXOP</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>The number of transform operations. </p>
-
-</div>
-</div>
-<a id="gacb233cfd722d66d1ccbf48a7de81f0e0"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#gacb233cfd722d66d1ccbf48a7de81f0e0">&#9670;&nbsp;</a></span>TJFLAG_ACCURATEDCT</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJFLAG_ACCURATEDCT</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Use the most accurate DCT/IDCT algorithm available in the underlying codec. </p>
-<p>The default if this flag is not specified is implementation-specific. For example, the implementation of TurboJPEG for libjpeg[-turbo] uses the fast algorithm by default when compressing, because this has been shown to have only a very slight effect on accuracy, but it uses the accurate algorithm when decompressing, because this has been shown to have a larger effect. </p>
-
-</div>
-</div>
-<a id="ga72ecf4ebe6eb702d3c6f5ca27455e1ec"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga72ecf4ebe6eb702d3c6f5ca27455e1ec">&#9670;&nbsp;</a></span>TJFLAG_BOTTOMUP</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJFLAG_BOTTOMUP</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>The uncompressed source/destination image is stored in bottom-up (Windows, OpenGL) order, not top-down (X11) order. </p>
-
-</div>
-</div>
-<a id="gaabce235db80d3f698b27f36cbd453da2"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#gaabce235db80d3f698b27f36cbd453da2">&#9670;&nbsp;</a></span>TJFLAG_FASTDCT</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJFLAG_FASTDCT</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Use the fastest DCT/IDCT algorithm available in the underlying codec. </p>
-<p>The default if this flag is not specified is implementation-specific. For example, the implementation of TurboJPEG for libjpeg[-turbo] uses the fast algorithm by default when compressing, because this has been shown to have only a very slight effect on accuracy, but it uses the accurate algorithm when decompressing, because this has been shown to have a larger effect. </p>
-
-</div>
-</div>
-<a id="ga4ee4506c81177a06f77e2504a22efd2d"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga4ee4506c81177a06f77e2504a22efd2d">&#9670;&nbsp;</a></span>TJFLAG_FASTUPSAMPLE</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJFLAG_FASTUPSAMPLE</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>When decompressing an image that was compressed using chrominance subsampling, use the fastest chrominance upsampling algorithm available in the underlying codec. </p>
-<p>The default is to use smooth upsampling, which creates a smooth transition between neighboring chrominance components in order to reduce upsampling artifacts in the decompressed image. </p>
-
-</div>
-</div>
-<a id="ga163e6482dc5096831feef9c79ff3f805"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga163e6482dc5096831feef9c79ff3f805">&#9670;&nbsp;</a></span>TJFLAG_LIMITSCANS</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJFLAG_LIMITSCANS</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Limit the number of progressive JPEG scans that the decompression and transform functions will process. </p>
-<p>If a progressive JPEG image contains an unreasonably large number of scans, then this flag will cause the decompression and transform functions to return an error. The primary purpose of this is to allow security-critical applications to guard against an exploit of the progressive JPEG format described in <a href="https://libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf" target="_blank">this report</a>. </p>
-
-</div>
-</div>
-<a id="ga8808d403c68b62aaa58a4c1e58e98963"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga8808d403c68b62aaa58a4c1e58e98963">&#9670;&nbsp;</a></span>TJFLAG_NOREALLOC</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJFLAG_NOREALLOC</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Disable buffer (re)allocation. </p>
-<p>If passed to one of the JPEG compression or transform functions, this flag will cause those functions to generate an error if the JPEG image buffer is invalid or too small rather than attempting to allocate or reallocate that buffer. This reproduces the behavior of earlier versions of TurboJPEG. </p>
-
-</div>
-</div>
-<a id="ga43b426750b46190a25d34a67ef76df1b"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga43b426750b46190a25d34a67ef76df1b">&#9670;&nbsp;</a></span>TJFLAG_PROGRESSIVE</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJFLAG_PROGRESSIVE</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Use progressive entropy coding in JPEG images generated by the compression and transform functions. </p>
-<p>Progressive entropy coding will generally improve compression relative to baseline entropy coding (the default), but it will reduce compression and decompression performance considerably. </p>
-
-</div>
-</div>
-<a id="ga519cfa4ef6c18d9e5b455fdf59306a3a"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga519cfa4ef6c18d9e5b455fdf59306a3a">&#9670;&nbsp;</a></span>TJFLAG_STOPONWARNING</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJFLAG_STOPONWARNING</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Immediately discontinue the current compression/decompression/transform operation if the underlying codec throws a warning (non-fatal error). </p>
-<p>The default behavior is to allow the operation to complete unless a fatal error is encountered. </p>
-
-</div>
-</div>
-<a id="ga0aba955473315e405295d978f0c16511"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga0aba955473315e405295d978f0c16511">&#9670;&nbsp;</a></span>TJPAD</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJPAD</td>
-          <td>(</td>
-          <td class="paramtype">&#160;</td>
-          <td class="paramname">width</td><td>)</td>
-          <td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Pad the given width to the nearest 32-bit boundary. </p>
-
-</div>
-</div>
-<a id="ga84878bb65404204743aa18cac02781df"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga84878bb65404204743aa18cac02781df">&#9670;&nbsp;</a></span>TJSCALED</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJSCALED</td>
-          <td>(</td>
-          <td class="paramtype">&#160;</td>
-          <td class="paramname">dimension, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">&#160;</td>
-          <td class="paramname">scalingFactor&#160;</td>
-        </tr>
-        <tr>
-          <td></td>
-          <td>)</td>
-          <td></td><td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Compute the scaled value of <code>dimension</code> using the given scaling factor. </p>
-<p>This macro performs the integer equivalent of <code>ceil(dimension * scalingFactor)</code>. </p>
-
-</div>
-</div>
-<a id="ga153b468cfb905d0de61706c838986fe8"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga153b468cfb905d0de61706c838986fe8">&#9670;&nbsp;</a></span>TJXOPT_COPYNONE</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJXOPT_COPYNONE</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>This option will prevent <a class="el" href="group___turbo_j_p_e_g.html#ga9cb8abf4cc91881e04a0329b2270be25" title="Losslessly transform a JPEG image into another JPEG image.">tjTransform()</a> from copying any extra markers (including EXIF and ICC profile data) from the source image to the output image. </p>
-
-</div>
-</div>
-<a id="ga9c771a757fc1294add611906b89ab2d2"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga9c771a757fc1294add611906b89ab2d2">&#9670;&nbsp;</a></span>TJXOPT_CROP</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJXOPT_CROP</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>This option will enable lossless cropping. </p>
-<p>See <a class="el" href="group___turbo_j_p_e_g.html#ga9cb8abf4cc91881e04a0329b2270be25" title="Losslessly transform a JPEG image into another JPEG image.">tjTransform()</a> for more information. </p>
-
-</div>
-</div>
-<a id="ga3acee7b48ade1b99e5588736007c2589"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga3acee7b48ade1b99e5588736007c2589">&#9670;&nbsp;</a></span>TJXOPT_GRAY</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJXOPT_GRAY</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>This option will discard the color data in the input image and produce a grayscale output image. </p>
-
-</div>
-</div>
-<a id="gafbf992bbf6e006705886333703ffab31"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#gafbf992bbf6e006705886333703ffab31">&#9670;&nbsp;</a></span>TJXOPT_NOOUTPUT</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJXOPT_NOOUTPUT</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>This option will prevent <a class="el" href="group___turbo_j_p_e_g.html#ga9cb8abf4cc91881e04a0329b2270be25" title="Losslessly transform a JPEG image into another JPEG image.">tjTransform()</a> from outputting a JPEG image for this particular transform (this can be used in conjunction with a custom filter to capture the transformed DCT coefficients without transcoding them.) </p>
-
-</div>
-</div>
-<a id="ga50e03cb5ed115330e212417429600b00"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga50e03cb5ed115330e212417429600b00">&#9670;&nbsp;</a></span>TJXOPT_PERFECT</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJXOPT_PERFECT</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>This option will cause <a class="el" href="group___turbo_j_p_e_g.html#ga9cb8abf4cc91881e04a0329b2270be25" title="Losslessly transform a JPEG image into another JPEG image.">tjTransform()</a> to return an error if the transform is not perfect. </p>
-<p>Lossless transforms operate on MCU blocks, whose size depends on the level of chrominance subsampling used (see <a class="el" href="group___turbo_j_p_e_g.html#ga9e61e7cd47a15a173283ba94e781308c" title="MCU block width (in pixels) for a given level of chrominance subsampling.">tjMCUWidth</a> and <a class="el" href="group___turbo_j_p_e_g.html#gabd247bb9fecb393eca57366feb8327bf" title="MCU block height (in pixels) for a given level of chrominance subsampling.">tjMCUHeight</a>.) If the image's width or height is not evenly divisible by the MCU block size, then there will be partial MCU blocks on the right and/or bottom edges. It is not possible to move these partial MCU blocks to the top or left of the image, so any transform that would require that is "imperfect." If this option is not specified, then any partial MCU blocks that cannot be transformed will be left in place, which will create odd-looking strips on the right or bottom edge of the image. </p>
-
-</div>
-</div>
-<a id="gad2371c80674584ecc1a7d75e564cf026"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#gad2371c80674584ecc1a7d75e564cf026">&#9670;&nbsp;</a></span>TJXOPT_PROGRESSIVE</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJXOPT_PROGRESSIVE</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>This option will enable progressive entropy coding in the output image generated by this particular transform. </p>
-<p>Progressive entropy coding will generally improve compression relative to baseline entropy coding (the default), but it will reduce compression and decompression performance considerably. </p>
-
-</div>
-</div>
-<a id="ga319826b7eb1583c0595bbe7b95428709"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga319826b7eb1583c0595bbe7b95428709">&#9670;&nbsp;</a></span>TJXOPT_TRIM</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">#define TJXOPT_TRIM</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>This option will cause <a class="el" href="group___turbo_j_p_e_g.html#ga9cb8abf4cc91881e04a0329b2270be25" title="Losslessly transform a JPEG image into another JPEG image.">tjTransform()</a> to discard any partial MCU blocks that cannot be transformed. </p>
-
-</div>
-</div>
-<h2 class="groupheader">Typedef Documentation</h2>
-<a id="ga758d2634ecb4949de7815cba621f5763"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga758d2634ecb4949de7815cba621f5763">&#9670;&nbsp;</a></span>tjhandle</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">typedef void* <a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>TurboJPEG instance handle. </p>
-
-</div>
-</div>
-<a id="ga504805ec0161f1b505397ca0118bf8fd"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga504805ec0161f1b505397ca0118bf8fd">&#9670;&nbsp;</a></span>tjtransform</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">typedef struct <a class="el" href="structtjtransform.html">tjtransform</a> <a class="el" href="structtjtransform.html">tjtransform</a></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Lossless transform. </p>
-
-</div>
-</div>
-<h2 class="groupheader">Enumeration Type Documentation</h2>
-<a id="ga4f83ad3368e0e29d1957be0efa7c3720"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga4f83ad3368e0e29d1957be0efa7c3720">&#9670;&nbsp;</a></span>TJCS</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">enum <a class="el" href="group___turbo_j_p_e_g.html#ga4f83ad3368e0e29d1957be0efa7c3720">TJCS</a></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>JPEG colorspaces. </p>
-<table class="fieldtable">
-<tr><th colspan="2">Enumerator</th></tr><tr><td class="fieldname"><a id="gga4f83ad3368e0e29d1957be0efa7c3720a677cb7ccb85c4038ac41964a2e09e555"></a>TJCS_RGB&#160;</td><td class="fielddoc"><p>RGB colorspace. </p>
-<p>When compressing the JPEG image, the R, G, and B components in the source image are reordered into image planes, but no colorspace conversion or subsampling is performed. RGB JPEG images can be decompressed to any of the extended RGB pixel formats or grayscale, but they cannot be decompressed to YUV images. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="gga4f83ad3368e0e29d1957be0efa7c3720a7389b8f65bb387ffedce3efd0d78ec75"></a>TJCS_YCbCr&#160;</td><td class="fielddoc"><p>YCbCr colorspace. </p>
-<p>YCbCr is not an absolute colorspace but rather a mathematical transformation of RGB designed solely for storage and transmission. YCbCr images must be converted to RGB before they can actually be displayed. In the YCbCr colorspace, the Y (luminance) component represents the black &amp; white portion of the original image, and the Cb and Cr (chrominance) components represent the color portion of the original image. Originally, the analog equivalent of this transformation allowed the same signal to drive both black &amp; white and color televisions, but JPEG images use YCbCr primarily because it allows the color data to be optionally subsampled for the purposes of reducing bandwidth or disk space. YCbCr is the most common JPEG colorspace, and YCbCr JPEG images can be compressed from and decompressed to any of the extended RGB pixel formats or grayscale, or they can be decompressed to YUV planar images. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="gga4f83ad3368e0e29d1957be0efa7c3720ab3e7d6a87f695e45b81c1b5262b5a50a"></a>TJCS_GRAY&#160;</td><td class="fielddoc"><p>Grayscale colorspace. </p>
-<p>The JPEG image retains only the luminance data (Y component), and any color data from the source image is discarded. Grayscale JPEG images can be compressed from and decompressed to any of the extended RGB pixel formats or grayscale, or they can be decompressed to YUV planar images. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="gga4f83ad3368e0e29d1957be0efa7c3720a6c8b636152ac8195b869587db315ee53"></a>TJCS_CMYK&#160;</td><td class="fielddoc"><p>CMYK colorspace. </p>
-<p>When compressing the JPEG image, the C, M, Y, and K components in the source image are reordered into image planes, but no colorspace conversion or subsampling is performed. CMYK JPEG images can only be decompressed to CMYK pixels. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="gga4f83ad3368e0e29d1957be0efa7c3720a53839e0fe867b76b58d16b0a1a7c598e"></a>TJCS_YCCK&#160;</td><td class="fielddoc"><p>YCCK colorspace. </p>
-<p>YCCK (AKA "YCbCrK") is not an absolute colorspace but rather a mathematical transformation of CMYK designed solely for storage and transmission. It is to CMYK as YCbCr is to RGB. CMYK pixels can be reversibly transformed into YCCK, and as with YCbCr, the chrominance components in the YCCK pixels can be subsampled without incurring major perceptual loss. YCCK JPEG images can only be compressed from and decompressed to CMYK pixels. </p>
-</td></tr>
-</table>
-
-</div>
-</div>
-<a id="gafbc17cfa57d0d5d11fea35ac025950fe"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#gafbc17cfa57d0d5d11fea35ac025950fe">&#9670;&nbsp;</a></span>TJERR</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">enum <a class="el" href="group___turbo_j_p_e_g.html#gafbc17cfa57d0d5d11fea35ac025950fe">TJERR</a></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Error codes. </p>
-<table class="fieldtable">
-<tr><th colspan="2">Enumerator</th></tr><tr><td class="fieldname"><a id="ggafbc17cfa57d0d5d11fea35ac025950fea342dd6e2aedb47bb257b4e7568329b59"></a>TJERR_WARNING&#160;</td><td class="fielddoc"><p>The error was non-fatal and recoverable, but the image may still be corrupt. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="ggafbc17cfa57d0d5d11fea35ac025950feafc9cceeada13122b09e4851e3788039a"></a>TJERR_FATAL&#160;</td><td class="fielddoc"><p>The error was fatal and non-recoverable. </p>
-</td></tr>
-</table>
-
-</div>
-</div>
-<a id="gac916144e26c3817ac514e64ae5d12e2a"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#gac916144e26c3817ac514e64ae5d12e2a">&#9670;&nbsp;</a></span>TJPF</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">enum <a class="el" href="group___turbo_j_p_e_g.html#gac916144e26c3817ac514e64ae5d12e2a">TJPF</a></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Pixel formats. </p>
-<table class="fieldtable">
-<tr><th colspan="2">Enumerator</th></tr><tr><td class="fieldname"><a id="ggac916144e26c3817ac514e64ae5d12e2aa7ce93230bff449518ce387c17e6ed37c"></a>TJPF_RGB&#160;</td><td class="fielddoc"><p>RGB pixel format. </p>
-<p>The red, green, and blue components in the image are stored in 3-byte pixels in the order R, G, B from lowest to highest byte address within each pixel. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="ggac916144e26c3817ac514e64ae5d12e2aab10624437fb8ef495a0b153e65749839"></a>TJPF_BGR&#160;</td><td class="fielddoc"><p>BGR pixel format. </p>
-<p>The red, green, and blue components in the image are stored in 3-byte pixels in the order B, G, R from lowest to highest byte address within each pixel. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="ggac916144e26c3817ac514e64ae5d12e2aa83973bebb7e2dc6fa8bae89ff3f42e01"></a>TJPF_RGBX&#160;</td><td class="fielddoc"><p>RGBX pixel format. </p>
-<p>The red, green, and blue components in the image are stored in 4-byte pixels in the order R, G, B from lowest to highest byte address within each pixel. The X component is ignored when compressing and undefined when decompressing. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="ggac916144e26c3817ac514e64ae5d12e2aa2a1fbf569ca79897eae886e3376ca4c8"></a>TJPF_BGRX&#160;</td><td class="fielddoc"><p>BGRX pixel format. </p>
-<p>The red, green, and blue components in the image are stored in 4-byte pixels in the order B, G, R from lowest to highest byte address within each pixel. The X component is ignored when compressing and undefined when decompressing. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="ggac916144e26c3817ac514e64ae5d12e2aaf6603b27147de47e212e75dac027b2af"></a>TJPF_XBGR&#160;</td><td class="fielddoc"><p>XBGR pixel format. </p>
-<p>The red, green, and blue components in the image are stored in 4-byte pixels in the order R, G, B from highest to lowest byte address within each pixel. The X component is ignored when compressing and undefined when decompressing. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="ggac916144e26c3817ac514e64ae5d12e2aadae996905efcfa3b42a0bb3bea7f9d84"></a>TJPF_XRGB&#160;</td><td class="fielddoc"><p>XRGB pixel format. </p>
-<p>The red, green, and blue components in the image are stored in 4-byte pixels in the order B, G, R from highest to lowest byte address within each pixel. The X component is ignored when compressing and undefined when decompressing. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="ggac916144e26c3817ac514e64ae5d12e2aa5431b54b015337705f13118073711a1a"></a>TJPF_GRAY&#160;</td><td class="fielddoc"><p>Grayscale pixel format. </p>
-<p>Each 1-byte pixel represents a luminance (brightness) level from 0 to 255. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="ggac916144e26c3817ac514e64ae5d12e2aa88d2e88fab67f6503cf972e14851cc12"></a>TJPF_RGBA&#160;</td><td class="fielddoc"><p>RGBA pixel format. </p>
-<p>This is the same as <a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa83973bebb7e2dc6fa8bae89ff3f42e01">TJPF_RGBX</a>, except that when decompressing, the X component is guaranteed to be 0xFF, which can be interpreted as an opaque alpha channel. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="ggac916144e26c3817ac514e64ae5d12e2aac037ff1845cf9b74bb81a3659c2b9fb4"></a>TJPF_BGRA&#160;</td><td class="fielddoc"><p>BGRA pixel format. </p>
-<p>This is the same as <a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa2a1fbf569ca79897eae886e3376ca4c8">TJPF_BGRX</a>, except that when decompressing, the X component is guaranteed to be 0xFF, which can be interpreted as an opaque alpha channel. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="ggac916144e26c3817ac514e64ae5d12e2aa1ba1a7f1631dbeaa49a0a85fc4a40081"></a>TJPF_ABGR&#160;</td><td class="fielddoc"><p>ABGR pixel format. </p>
-<p>This is the same as <a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aaf6603b27147de47e212e75dac027b2af">TJPF_XBGR</a>, except that when decompressing, the X component is guaranteed to be 0xFF, which can be interpreted as an opaque alpha channel. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="ggac916144e26c3817ac514e64ae5d12e2aae8f846ed9d9de99b6e1dfe448848765c"></a>TJPF_ARGB&#160;</td><td class="fielddoc"><p>ARGB pixel format. </p>
-<p>This is the same as <a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aadae996905efcfa3b42a0bb3bea7f9d84">TJPF_XRGB</a>, except that when decompressing, the X component is guaranteed to be 0xFF, which can be interpreted as an opaque alpha channel. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="ggac916144e26c3817ac514e64ae5d12e2aa7f5100ec44c91994e243f1cf55553f8b"></a>TJPF_CMYK&#160;</td><td class="fielddoc"><p>CMYK pixel format. </p>
-<p>Unlike RGB, which is an additive color model used primarily for display, CMYK (Cyan/Magenta/Yellow/Key) is a subtractive color model used primarily for printing. In the CMYK color model, the value of each color component typically corresponds to an amount of cyan, magenta, yellow, or black ink that is applied to a white background. In order to convert between CMYK and RGB, it is necessary to use a color management system (CMS.) A CMS will attempt to map colors within the printer's gamut to perceptually similar colors in the display's gamut and vice versa, but the mapping is typically not 1:1 or reversible, nor can it be defined with a simple formula. Thus, such a conversion is out of scope for a codec library. However, the TurboJPEG API allows for compressing CMYK pixels into a YCCK JPEG image (see <a class="el" href="group___turbo_j_p_e_g.html#gga4f83ad3368e0e29d1957be0efa7c3720a53839e0fe867b76b58d16b0a1a7c598e" title="YCCK colorspace.">TJCS_YCCK</a>) and decompressing YCCK JPEG images into CMYK pixels. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="ggac916144e26c3817ac514e64ae5d12e2aa84c1a6cead7952998e2fb895844a21ed"></a>TJPF_UNKNOWN&#160;</td><td class="fielddoc"><p>Unknown pixel format. </p>
-<p>Currently this is only used by <a class="el" href="group___turbo_j_p_e_g.html#gaffbd83c375e79f5db4b5c5d8ad4466e7" title="Load an uncompressed image from disk into memory.">tjLoadImage()</a>. </p>
-</td></tr>
-</table>
-
-</div>
-</div>
-<a id="ga1d047060ea80bb9820d540bb928e9074"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga1d047060ea80bb9820d540bb928e9074">&#9670;&nbsp;</a></span>TJSAMP</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">enum <a class="el" href="group___turbo_j_p_e_g.html#ga1d047060ea80bb9820d540bb928e9074">TJSAMP</a></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Chrominance subsampling options. </p>
-<p>When pixels are converted from RGB to YCbCr (see <a class="el" href="group___turbo_j_p_e_g.html#gga4f83ad3368e0e29d1957be0efa7c3720a7389b8f65bb387ffedce3efd0d78ec75" title="YCbCr colorspace.">TJCS_YCbCr</a>) or from CMYK to YCCK (see <a class="el" href="group___turbo_j_p_e_g.html#gga4f83ad3368e0e29d1957be0efa7c3720a53839e0fe867b76b58d16b0a1a7c598e" title="YCCK colorspace.">TJCS_YCCK</a>) as part of the JPEG compression process, some of the Cb and Cr (chrominance) components can be discarded or averaged together to produce a smaller image with little perceptible loss of image clarity (the human eye is more sensitive to small changes in brightness than to small changes in color.) This is called "chrominance subsampling". </p>
-<table class="fieldtable">
-<tr><th colspan="2">Enumerator</th></tr><tr><td class="fieldname"><a id="gga1d047060ea80bb9820d540bb928e9074afb8da4f44197837bdec0a4f593dacae3"></a>TJSAMP_444&#160;</td><td class="fielddoc"><p>4:4:4 chrominance subsampling (no chrominance subsampling). </p>
-<p>The JPEG or YUV image will contain one chrominance component for every pixel in the source image. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="gga1d047060ea80bb9820d540bb928e9074a136130902cc578f11f32429b59368404"></a>TJSAMP_422&#160;</td><td class="fielddoc"><p>4:2:2 chrominance subsampling. </p>
-<p>The JPEG or YUV image will contain one chrominance component for every 2x1 block of pixels in the source image. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="gga1d047060ea80bb9820d540bb928e9074a63085dbf683cfe39e513cdb6343e3737"></a>TJSAMP_420&#160;</td><td class="fielddoc"><p>4:2:0 chrominance subsampling. </p>
-<p>The JPEG or YUV image will contain one chrominance component for every 2x2 block of pixels in the source image. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="gga1d047060ea80bb9820d540bb928e9074a3f1c9504842ddc7a48d0f690754b6248"></a>TJSAMP_GRAY&#160;</td><td class="fielddoc"><p>Grayscale. </p>
-<p>The JPEG or YUV image will contain no chrominance components. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="gga1d047060ea80bb9820d540bb928e9074accf740e6f3aa6ba20ba922cad13cb974"></a>TJSAMP_440&#160;</td><td class="fielddoc"><p>4:4:0 chrominance subsampling. </p>
-<p>The JPEG or YUV image will contain one chrominance component for every 1x2 block of pixels in the source image.</p>
-<dl class="section note"><dt>Note</dt><dd>4:4:0 subsampling is not fully accelerated in libjpeg-turbo. </dd></dl>
-</td></tr>
-<tr><td class="fieldname"><a id="gga1d047060ea80bb9820d540bb928e9074a28ec62575e5ea295c3fde3001dc628e2"></a>TJSAMP_411&#160;</td><td class="fielddoc"><p>4:1:1 chrominance subsampling. </p>
-<p>The JPEG or YUV image will contain one chrominance component for every 4x1 block of pixels in the source image. JPEG images compressed with 4:1:1 subsampling will be almost exactly the same size as those compressed with 4:2:0 subsampling, and in the aggregate, both subsampling methods produce approximately the same perceptual quality. However, 4:1:1 is better able to reproduce sharp horizontal features.</p>
-<dl class="section note"><dt>Note</dt><dd>4:1:1 subsampling is not fully accelerated in libjpeg-turbo. </dd></dl>
-</td></tr>
-</table>
-
-</div>
-</div>
-<a id="ga2de531af4e7e6c4f124908376b354866"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga2de531af4e7e6c4f124908376b354866">&#9670;&nbsp;</a></span>TJXOP</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">enum <a class="el" href="group___turbo_j_p_e_g.html#ga2de531af4e7e6c4f124908376b354866">TJXOP</a></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Transform operations for <a class="el" href="group___turbo_j_p_e_g.html#ga9cb8abf4cc91881e04a0329b2270be25" title="Losslessly transform a JPEG image into another JPEG image.">tjTransform()</a> </p>
-<table class="fieldtable">
-<tr><th colspan="2">Enumerator</th></tr><tr><td class="fieldname"><a id="gga2de531af4e7e6c4f124908376b354866aad88c0366cd3f7d0eac9d7a3fa1c2c27"></a>TJXOP_NONE&#160;</td><td class="fielddoc"><p>Do not transform the position of the image pixels. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="gga2de531af4e7e6c4f124908376b354866aa0df69776caa30f0fa28e26332d311ce"></a>TJXOP_HFLIP&#160;</td><td class="fielddoc"><p>Flip (mirror) image horizontally. </p>
-<p>This transform is imperfect if there are any partial MCU blocks on the right edge (see <a class="el" href="group___turbo_j_p_e_g.html#ga50e03cb5ed115330e212417429600b00" title="This option will cause tjTransform() to return an error if the transform is not perfect.">TJXOPT_PERFECT</a>.) </p>
-</td></tr>
-<tr><td class="fieldname"><a id="gga2de531af4e7e6c4f124908376b354866a324eddfbec53b7e691f61e56929d0d5d"></a>TJXOP_VFLIP&#160;</td><td class="fielddoc"><p>Flip (mirror) image vertically. </p>
-<p>This transform is imperfect if there are any partial MCU blocks on the bottom edge (see <a class="el" href="group___turbo_j_p_e_g.html#ga50e03cb5ed115330e212417429600b00" title="This option will cause tjTransform() to return an error if the transform is not perfect.">TJXOPT_PERFECT</a>.) </p>
-</td></tr>
-<tr><td class="fieldname"><a id="gga2de531af4e7e6c4f124908376b354866a31060aed199f886afdd417f80499c32d"></a>TJXOP_TRANSPOSE&#160;</td><td class="fielddoc"><p>Transpose image (flip/mirror along upper left to lower right axis.) This transform is always perfect. </p>
-</td></tr>
-<tr><td class="fieldname"><a id="gga2de531af4e7e6c4f124908376b354866af3b14d488aea6ece9e5b3df73a74d6a4"></a>TJXOP_TRANSVERSE&#160;</td><td class="fielddoc"><p>Transverse transpose image (flip/mirror along upper right to lower left axis.) This transform is imperfect if there are any partial MCU blocks in the image (see <a class="el" href="group___turbo_j_p_e_g.html#ga50e03cb5ed115330e212417429600b00" title="This option will cause tjTransform() to return an error if the transform is not perfect.">TJXOPT_PERFECT</a>.) </p>
-</td></tr>
-<tr><td class="fieldname"><a id="gga2de531af4e7e6c4f124908376b354866a43b2bbb23bc4bd548422d43fbe9af128"></a>TJXOP_ROT90&#160;</td><td class="fielddoc"><p>Rotate image clockwise by 90 degrees. </p>
-<p>This transform is imperfect if there are any partial MCU blocks on the bottom edge (see <a class="el" href="group___turbo_j_p_e_g.html#ga50e03cb5ed115330e212417429600b00" title="This option will cause tjTransform() to return an error if the transform is not perfect.">TJXOPT_PERFECT</a>.) </p>
-</td></tr>
-<tr><td class="fieldname"><a id="gga2de531af4e7e6c4f124908376b354866a140952eb8dd0300accfcc22726d69692"></a>TJXOP_ROT180&#160;</td><td class="fielddoc"><p>Rotate image 180 degrees. </p>
-<p>This transform is imperfect if there are any partial MCU blocks in the image (see <a class="el" href="group___turbo_j_p_e_g.html#ga50e03cb5ed115330e212417429600b00" title="This option will cause tjTransform() to return an error if the transform is not perfect.">TJXOPT_PERFECT</a>.) </p>
-</td></tr>
-<tr><td class="fieldname"><a id="gga2de531af4e7e6c4f124908376b354866a3064ee5dfb7f032df332818587567a08"></a>TJXOP_ROT270&#160;</td><td class="fielddoc"><p>Rotate image counter-clockwise by 90 degrees. </p>
-<p>This transform is imperfect if there are any partial MCU blocks on the right edge (see <a class="el" href="group___turbo_j_p_e_g.html#ga50e03cb5ed115330e212417429600b00" title="This option will cause tjTransform() to return an error if the transform is not perfect.">TJXOPT_PERFECT</a>.) </p>
-</td></tr>
-</table>
-
-</div>
-</div>
-<h2 class="groupheader">Function Documentation</h2>
-<a id="gaec627dd4c5f30b7a775a7aea3bec5d83"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#gaec627dd4c5f30b7a775a7aea3bec5d83">&#9670;&nbsp;</a></span>tjAlloc()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT unsigned char* tjAlloc </td>
-          <td>(</td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>bytes</em></td><td>)</td>
-          <td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Allocate an image buffer for use with TurboJPEG. </p>
-<p>You should always use this function to allocate the JPEG destination buffer(s) for the compression and transform functions unless you are disabling automatic buffer (re)allocation (by setting <a class="el" href="group___turbo_j_p_e_g.html#ga8808d403c68b62aaa58a4c1e58e98963" title="Disable buffer (re)allocation.">TJFLAG_NOREALLOC</a>.)</p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">bytes</td><td>the number of bytes to allocate</td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>a pointer to a newly-allocated buffer with the specified number of bytes.</dd></dl>
-<dl class="section see"><dt>See also</dt><dd><a class="el" href="group___turbo_j_p_e_g.html#gaea863d2da0cdb609563aabdf9196514b" title="Free an image buffer previously allocated by TurboJPEG.">tjFree()</a> </dd></dl>
-
-</div>
-</div>
-<a id="ga67ac12fee79073242cb216e07c9f1f90"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga67ac12fee79073242cb216e07c9f1f90">&#9670;&nbsp;</a></span>tjBufSize()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT unsigned long tjBufSize </td>
-          <td>(</td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>width</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>height</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>jpegSubsamp</em>&#160;</td>
-        </tr>
-        <tr>
-          <td></td>
-          <td>)</td>
-          <td></td><td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>The maximum size of the buffer (in bytes) required to hold a JPEG image with the given parameters. </p>
-<p>The number of bytes returned by this function is larger than the size of the uncompressed source image. The reason for this is that the JPEG format uses 16-bit coefficients, and it is thus possible for a very high-quality JPEG image with very high-frequency content to expand rather than compress when converted to the JPEG format. Such images represent a very rare corner case, but since there is no way to predict the size of a JPEG image prior to compression, the corner case has to be handled.</p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">width</td><td>width (in pixels) of the image</td></tr>
-    <tr><td class="paramname">height</td><td>height (in pixels) of the image</td></tr>
-    <tr><td class="paramname">jpegSubsamp</td><td>the level of chrominance subsampling to be used when generating the JPEG image (see <a class="el" href="group___turbo_j_p_e_g.html#ga1d047060ea80bb9820d540bb928e9074">Chrominance subsampling options</a>.)</td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>the maximum size of the buffer (in bytes) required to hold the image, or -1 if the arguments are out of bounds. </dd></dl>
-
-</div>
-</div>
-<a id="ga2be2b9969d4df9ecce9b05deed273194"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga2be2b9969d4df9ecce9b05deed273194">&#9670;&nbsp;</a></span>tjBufSizeYUV2()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT unsigned long tjBufSizeYUV2 </td>
-          <td>(</td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>width</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>pad</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>height</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>subsamp</em>&#160;</td>
-        </tr>
-        <tr>
-          <td></td>
-          <td>)</td>
-          <td></td><td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>The size of the buffer (in bytes) required to hold a YUV planar image with the given parameters. </p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">width</td><td>width (in pixels) of the image</td></tr>
-    <tr><td class="paramname">pad</td><td>the width of each line in each plane of the image is padded to the nearest multiple of this number of bytes (must be a power of 2.)</td></tr>
-    <tr><td class="paramname">height</td><td>height (in pixels) of the image</td></tr>
-    <tr><td class="paramname">subsamp</td><td>level of chrominance subsampling in the image (see <a class="el" href="group___turbo_j_p_e_g.html#ga1d047060ea80bb9820d540bb928e9074">Chrominance subsampling options</a>.)</td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>the size of the buffer (in bytes) required to hold the image, or -1 if the arguments are out of bounds. </dd></dl>
-
-</div>
-</div>
-<a id="gafbdce0112fd78fd38efae841443a9bcf"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#gafbdce0112fd78fd38efae841443a9bcf">&#9670;&nbsp;</a></span>tjCompress2()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT int tjCompress2 </td>
-          <td>(</td>
-          <td class="paramtype"><a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a>&#160;</td>
-          <td class="paramname"><em>handle</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">const unsigned char *&#160;</td>
-          <td class="paramname"><em>srcBuf</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>width</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>pitch</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>height</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>pixelFormat</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned char **&#160;</td>
-          <td class="paramname"><em>jpegBuf</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned long *&#160;</td>
-          <td class="paramname"><em>jpegSize</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>jpegSubsamp</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>jpegQual</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>flags</em>&#160;</td>
-        </tr>
-        <tr>
-          <td></td>
-          <td>)</td>
-          <td></td><td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Compress an RGB, grayscale, or CMYK image into a JPEG image. </p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">handle</td><td>a handle to a TurboJPEG compressor or transformer instance</td></tr>
-    <tr><td class="paramname">srcBuf</td><td>pointer to an image buffer containing RGB, grayscale, or CMYK pixels to be compressed</td></tr>
-    <tr><td class="paramname">width</td><td>width (in pixels) of the source image</td></tr>
-    <tr><td class="paramname">pitch</td><td>bytes per line in the source image. Normally, this should be <code>width * <a class="el" href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c" title="Pixel size (in bytes) for a given pixel format.">tjPixelSize</a>[pixelFormat]</code> if the image is unpadded, or <code><a class="el" href="group___turbo_j_p_e_g.html#ga0aba955473315e405295d978f0c16511" title="Pad the given width to the nearest 32-bit boundary.">TJPAD</a>(width * <a class="el" href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c" title="Pixel size (in bytes) for a given pixel format.">tjPixelSize</a>[pixelFormat])</code> if each line of the image is padded to the nearest 32-bit boundary, as is the case for Windows bitmaps. You can also be clever and use this parameter to skip lines, etc. Setting this parameter to 0 is the equivalent of setting it to <code>width * <a class="el" href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c" title="Pixel size (in bytes) for a given pixel format.">tjPixelSize</a>[pixelFormat]</code>.</td></tr>
-    <tr><td class="paramname">height</td><td>height (in pixels) of the source image</td></tr>
-    <tr><td class="paramname">pixelFormat</td><td>pixel format of the source image (see <a class="el" href="group___turbo_j_p_e_g.html#gac916144e26c3817ac514e64ae5d12e2a">Pixel formats</a>.)</td></tr>
-    <tr><td class="paramname">jpegBuf</td><td>address of a pointer to an image buffer that will receive the JPEG image. TurboJPEG has the ability to reallocate the JPEG buffer to accommodate the size of the JPEG image. Thus, you can choose to:<ol type="1">
-<li>pre-allocate the JPEG buffer with an arbitrary size using <a class="el" href="group___turbo_j_p_e_g.html#gaec627dd4c5f30b7a775a7aea3bec5d83" title="Allocate an image buffer for use with TurboJPEG.">tjAlloc()</a> and let TurboJPEG grow the buffer as needed,</li>
-<li>set <code>*jpegBuf</code> to NULL to tell TurboJPEG to allocate the buffer for you, or</li>
-<li>pre-allocate the buffer to a "worst case" size determined by calling <a class="el" href="group___turbo_j_p_e_g.html#ga67ac12fee79073242cb216e07c9f1f90" title="The maximum size of the buffer (in bytes) required to hold a JPEG image with the given parameters.">tjBufSize()</a>. This should ensure that the buffer never has to be re-allocated (setting <a class="el" href="group___turbo_j_p_e_g.html#ga8808d403c68b62aaa58a4c1e58e98963" title="Disable buffer (re)allocation.">TJFLAG_NOREALLOC</a> guarantees that it won't be.)</li>
-</ol>
-If you choose option 1, <code>*jpegSize</code> should be set to the size of your pre-allocated buffer. In any case, unless you have set <a class="el" href="group___turbo_j_p_e_g.html#ga8808d403c68b62aaa58a4c1e58e98963" title="Disable buffer (re)allocation.">TJFLAG_NOREALLOC</a>, you should always check <code>*jpegBuf</code> upon return from this function, as it may have changed.</td></tr>
-    <tr><td class="paramname">jpegSize</td><td>pointer to an unsigned long variable that holds the size of the JPEG image buffer. If <code>*jpegBuf</code> points to a pre-allocated buffer, then <code>*jpegSize</code> should be set to the size of the buffer. Upon return, <code>*jpegSize</code> will contain the size of the JPEG image (in bytes.) If <code>*jpegBuf</code> points to a JPEG image buffer that is being reused from a previous call to one of the JPEG compression functions, then <code>*jpegSize</code> is ignored.</td></tr>
-    <tr><td class="paramname">jpegSubsamp</td><td>the level of chrominance subsampling to be used when generating the JPEG image (see <a class="el" href="group___turbo_j_p_e_g.html#ga1d047060ea80bb9820d540bb928e9074">Chrominance subsampling options</a>.)</td></tr>
-    <tr><td class="paramname">jpegQual</td><td>the image quality of the generated JPEG image (1 = worst, 100 = best)</td></tr>
-    <tr><td class="paramname">flags</td><td>the bitwise OR of one or more of the <a class="el" href="group___turbo_j_p_e_g.html#gacb233cfd722d66d1ccbf48a7de81f0e0">flags</a></td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>0 if successful, or -1 if an error occurred (see <a class="el" href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa" title="Returns a descriptive error message explaining why the last command failed.">tjGetErrorStr2()</a> and <a class="el" href="group___turbo_j_p_e_g.html#ga414feeffbf860ebd31c745df203de410" title="Returns a code indicating the severity of the last error.">tjGetErrorCode()</a>.) </dd></dl>
-
-</div>
-</div>
-<a id="ga7622a459b79aa1007e005b58783f875b"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga7622a459b79aa1007e005b58783f875b">&#9670;&nbsp;</a></span>tjCompressFromYUV()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT int tjCompressFromYUV </td>
-          <td>(</td>
-          <td class="paramtype"><a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a>&#160;</td>
-          <td class="paramname"><em>handle</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">const unsigned char *&#160;</td>
-          <td class="paramname"><em>srcBuf</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>width</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>pad</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>height</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>subsamp</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned char **&#160;</td>
-          <td class="paramname"><em>jpegBuf</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned long *&#160;</td>
-          <td class="paramname"><em>jpegSize</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>jpegQual</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>flags</em>&#160;</td>
-        </tr>
-        <tr>
-          <td></td>
-          <td>)</td>
-          <td></td><td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Compress a YUV planar image into a JPEG image. </p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">handle</td><td>a handle to a TurboJPEG compressor or transformer instance</td></tr>
-    <tr><td class="paramname">srcBuf</td><td>pointer to an image buffer containing a YUV planar image to be compressed. The size of this buffer should match the value returned by <a class="el" href="group___turbo_j_p_e_g.html#ga2be2b9969d4df9ecce9b05deed273194" title="The size of the buffer (in bytes) required to hold a YUV planar image with the given parameters.">tjBufSizeYUV2()</a> for the given image width, height, padding, and level of chrominance subsampling. The Y, U (Cb), and V (Cr) image planes should be stored sequentially in the source buffer (refer to <a class="el" href="group___turbo_j_p_e_g.html#YUVnotes">YUV Image Format Notes</a>.)</td></tr>
-    <tr><td class="paramname">width</td><td>width (in pixels) of the source image. If the width is not an even multiple of the MCU block width (see <a class="el" href="group___turbo_j_p_e_g.html#ga9e61e7cd47a15a173283ba94e781308c" title="MCU block width (in pixels) for a given level of chrominance subsampling.">tjMCUWidth</a>), then an intermediate buffer copy will be performed within TurboJPEG.</td></tr>
-    <tr><td class="paramname">pad</td><td>the line padding used in the source image. For instance, if each line in each plane of the YUV image is padded to the nearest multiple of 4 bytes, then <code>pad</code> should be set to 4.</td></tr>
-    <tr><td class="paramname">height</td><td>height (in pixels) of the source image. If the height is not an even multiple of the MCU block height (see <a class="el" href="group___turbo_j_p_e_g.html#gabd247bb9fecb393eca57366feb8327bf" title="MCU block height (in pixels) for a given level of chrominance subsampling.">tjMCUHeight</a>), then an intermediate buffer copy will be performed within TurboJPEG.</td></tr>
-    <tr><td class="paramname">subsamp</td><td>the level of chrominance subsampling used in the source image (see <a class="el" href="group___turbo_j_p_e_g.html#ga1d047060ea80bb9820d540bb928e9074">Chrominance subsampling options</a>.)</td></tr>
-    <tr><td class="paramname">jpegBuf</td><td>address of a pointer to an image buffer that will receive the JPEG image. TurboJPEG has the ability to reallocate the JPEG buffer to accommodate the size of the JPEG image. Thus, you can choose to:<ol type="1">
-<li>pre-allocate the JPEG buffer with an arbitrary size using <a class="el" href="group___turbo_j_p_e_g.html#gaec627dd4c5f30b7a775a7aea3bec5d83" title="Allocate an image buffer for use with TurboJPEG.">tjAlloc()</a> and let TurboJPEG grow the buffer as needed,</li>
-<li>set <code>*jpegBuf</code> to NULL to tell TurboJPEG to allocate the buffer for you, or</li>
-<li>pre-allocate the buffer to a "worst case" size determined by calling <a class="el" href="group___turbo_j_p_e_g.html#ga67ac12fee79073242cb216e07c9f1f90" title="The maximum size of the buffer (in bytes) required to hold a JPEG image with the given parameters.">tjBufSize()</a>. This should ensure that the buffer never has to be re-allocated (setting <a class="el" href="group___turbo_j_p_e_g.html#ga8808d403c68b62aaa58a4c1e58e98963" title="Disable buffer (re)allocation.">TJFLAG_NOREALLOC</a> guarantees that it won't be.)</li>
-</ol>
-If you choose option 1, <code>*jpegSize</code> should be set to the size of your pre-allocated buffer. In any case, unless you have set <a class="el" href="group___turbo_j_p_e_g.html#ga8808d403c68b62aaa58a4c1e58e98963" title="Disable buffer (re)allocation.">TJFLAG_NOREALLOC</a>, you should always check <code>*jpegBuf</code> upon return from this function, as it may have changed.</td></tr>
-    <tr><td class="paramname">jpegSize</td><td>pointer to an unsigned long variable that holds the size of the JPEG image buffer. If <code>*jpegBuf</code> points to a pre-allocated buffer, then <code>*jpegSize</code> should be set to the size of the buffer. Upon return, <code>*jpegSize</code> will contain the size of the JPEG image (in bytes.) If <code>*jpegBuf</code> points to a JPEG image buffer that is being reused from a previous call to one of the JPEG compression functions, then <code>*jpegSize</code> is ignored.</td></tr>
-    <tr><td class="paramname">jpegQual</td><td>the image quality of the generated JPEG image (1 = worst, 100 = best)</td></tr>
-    <tr><td class="paramname">flags</td><td>the bitwise OR of one or more of the <a class="el" href="group___turbo_j_p_e_g.html#gacb233cfd722d66d1ccbf48a7de81f0e0">flags</a></td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>0 if successful, or -1 if an error occurred (see <a class="el" href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa" title="Returns a descriptive error message explaining why the last command failed.">tjGetErrorStr2()</a> and <a class="el" href="group___turbo_j_p_e_g.html#ga414feeffbf860ebd31c745df203de410" title="Returns a code indicating the severity of the last error.">tjGetErrorCode()</a>.) </dd></dl>
-
-</div>
-</div>
-<a id="ga29ec5dfbd2d84b8724e951d6fa0d5d9e"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga29ec5dfbd2d84b8724e951d6fa0d5d9e">&#9670;&nbsp;</a></span>tjCompressFromYUVPlanes()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT int tjCompressFromYUVPlanes </td>
-          <td>(</td>
-          <td class="paramtype"><a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a>&#160;</td>
-          <td class="paramname"><em>handle</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">const unsigned char **&#160;</td>
-          <td class="paramname"><em>srcPlanes</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>width</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">const int *&#160;</td>
-          <td class="paramname"><em>strides</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>height</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>subsamp</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned char **&#160;</td>
-          <td class="paramname"><em>jpegBuf</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned long *&#160;</td>
-          <td class="paramname"><em>jpegSize</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>jpegQual</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>flags</em>&#160;</td>
-        </tr>
-        <tr>
-          <td></td>
-          <td>)</td>
-          <td></td><td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Compress a set of Y, U (Cb), and V (Cr) image planes into a JPEG image. </p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">handle</td><td>a handle to a TurboJPEG compressor or transformer instance</td></tr>
-    <tr><td class="paramname">srcPlanes</td><td>an array of pointers to Y, U (Cb), and V (Cr) image planes (or just a Y plane, if compressing a grayscale image) that contain a YUV image to be compressed. These planes can be contiguous or non-contiguous in memory. The size of each plane should match the value returned by <a class="el" href="group___turbo_j_p_e_g.html#gab4ab7b24f6e797d79abaaa670373961d" title="The size of the buffer (in bytes) required to hold a YUV image plane with the given parameters.">tjPlaneSizeYUV()</a> for the given image width, height, strides, and level of chrominance subsampling. Refer to <a class="el" href="group___turbo_j_p_e_g.html#YUVnotes">YUV Image Format Notes</a> for more details.</td></tr>
-    <tr><td class="paramname">width</td><td>width (in pixels) of the source image. If the width is not an even multiple of the MCU block width (see <a class="el" href="group___turbo_j_p_e_g.html#ga9e61e7cd47a15a173283ba94e781308c" title="MCU block width (in pixels) for a given level of chrominance subsampling.">tjMCUWidth</a>), then an intermediate buffer copy will be performed within TurboJPEG.</td></tr>
-    <tr><td class="paramname">strides</td><td>an array of integers, each specifying the number of bytes per line in the corresponding plane of the YUV source image. Setting the stride for any plane to 0 is the same as setting it to the plane width (see <a class="el" href="group___turbo_j_p_e_g.html#YUVnotes">YUV Image Format Notes</a>.) If <code>strides</code> is NULL, then the strides for all planes will be set to their respective plane widths. You can adjust the strides in order to specify an arbitrary amount of line padding in each plane or to create a JPEG image from a subregion of a larger YUV planar image.</td></tr>
-    <tr><td class="paramname">height</td><td>height (in pixels) of the source image. If the height is not an even multiple of the MCU block height (see <a class="el" href="group___turbo_j_p_e_g.html#gabd247bb9fecb393eca57366feb8327bf" title="MCU block height (in pixels) for a given level of chrominance subsampling.">tjMCUHeight</a>), then an intermediate buffer copy will be performed within TurboJPEG.</td></tr>
-    <tr><td class="paramname">subsamp</td><td>the level of chrominance subsampling used in the source image (see <a class="el" href="group___turbo_j_p_e_g.html#ga1d047060ea80bb9820d540bb928e9074">Chrominance subsampling options</a>.)</td></tr>
-    <tr><td class="paramname">jpegBuf</td><td>address of a pointer to an image buffer that will receive the JPEG image. TurboJPEG has the ability to reallocate the JPEG buffer to accommodate the size of the JPEG image. Thus, you can choose to:<ol type="1">
-<li>pre-allocate the JPEG buffer with an arbitrary size using <a class="el" href="group___turbo_j_p_e_g.html#gaec627dd4c5f30b7a775a7aea3bec5d83" title="Allocate an image buffer for use with TurboJPEG.">tjAlloc()</a> and let TurboJPEG grow the buffer as needed,</li>
-<li>set <code>*jpegBuf</code> to NULL to tell TurboJPEG to allocate the buffer for you, or</li>
-<li>pre-allocate the buffer to a "worst case" size determined by calling <a class="el" href="group___turbo_j_p_e_g.html#ga67ac12fee79073242cb216e07c9f1f90" title="The maximum size of the buffer (in bytes) required to hold a JPEG image with the given parameters.">tjBufSize()</a>. This should ensure that the buffer never has to be re-allocated (setting <a class="el" href="group___turbo_j_p_e_g.html#ga8808d403c68b62aaa58a4c1e58e98963" title="Disable buffer (re)allocation.">TJFLAG_NOREALLOC</a> guarantees that it won't be.)</li>
-</ol>
-If you choose option 1, <code>*jpegSize</code> should be set to the size of your pre-allocated buffer. In any case, unless you have set <a class="el" href="group___turbo_j_p_e_g.html#ga8808d403c68b62aaa58a4c1e58e98963" title="Disable buffer (re)allocation.">TJFLAG_NOREALLOC</a>, you should always check <code>*jpegBuf</code> upon return from this function, as it may have changed.</td></tr>
-    <tr><td class="paramname">jpegSize</td><td>pointer to an unsigned long variable that holds the size of the JPEG image buffer. If <code>*jpegBuf</code> points to a pre-allocated buffer, then <code>*jpegSize</code> should be set to the size of the buffer. Upon return, <code>*jpegSize</code> will contain the size of the JPEG image (in bytes.) If <code>*jpegBuf</code> points to a JPEG image buffer that is being reused from a previous call to one of the JPEG compression functions, then <code>*jpegSize</code> is ignored.</td></tr>
-    <tr><td class="paramname">jpegQual</td><td>the image quality of the generated JPEG image (1 = worst, 100 = best)</td></tr>
-    <tr><td class="paramname">flags</td><td>the bitwise OR of one or more of the <a class="el" href="group___turbo_j_p_e_g.html#gacb233cfd722d66d1ccbf48a7de81f0e0">flags</a></td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>0 if successful, or -1 if an error occurred (see <a class="el" href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa" title="Returns a descriptive error message explaining why the last command failed.">tjGetErrorStr2()</a> and <a class="el" href="group___turbo_j_p_e_g.html#ga414feeffbf860ebd31c745df203de410" title="Returns a code indicating the severity of the last error.">tjGetErrorCode()</a>.) </dd></dl>
-
-</div>
-</div>
-<a id="ga70abbf38f77a26fd6da8813bef96f695"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga70abbf38f77a26fd6da8813bef96f695">&#9670;&nbsp;</a></span>tjDecodeYUV()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT int tjDecodeYUV </td>
-          <td>(</td>
-          <td class="paramtype"><a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a>&#160;</td>
-          <td class="paramname"><em>handle</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">const unsigned char *&#160;</td>
-          <td class="paramname"><em>srcBuf</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>pad</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>subsamp</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned char *&#160;</td>
-          <td class="paramname"><em>dstBuf</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>width</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>pitch</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>height</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>pixelFormat</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>flags</em>&#160;</td>
-        </tr>
-        <tr>
-          <td></td>
-          <td>)</td>
-          <td></td><td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Decode a YUV planar image into an RGB or grayscale image. </p>
-<p>This function uses the accelerated color conversion routines in the underlying codec but does not execute any of the other steps in the JPEG decompression process.</p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">handle</td><td>a handle to a TurboJPEG decompressor or transformer instance</td></tr>
-    <tr><td class="paramname">srcBuf</td><td>pointer to an image buffer containing a YUV planar image to be decoded. The size of this buffer should match the value returned by <a class="el" href="group___turbo_j_p_e_g.html#ga2be2b9969d4df9ecce9b05deed273194" title="The size of the buffer (in bytes) required to hold a YUV planar image with the given parameters.">tjBufSizeYUV2()</a> for the given image width, height, padding, and level of chrominance subsampling. The Y, U (Cb), and V (Cr) image planes should be stored sequentially in the source buffer (refer to <a class="el" href="group___turbo_j_p_e_g.html#YUVnotes">YUV Image Format Notes</a>.)</td></tr>
-    <tr><td class="paramname">pad</td><td>Use this parameter to specify that the width of each line in each plane of the YUV source image is padded to the nearest multiple of this number of bytes (must be a power of 2.)</td></tr>
-    <tr><td class="paramname">subsamp</td><td>the level of chrominance subsampling used in the YUV source image (see <a class="el" href="group___turbo_j_p_e_g.html#ga1d047060ea80bb9820d540bb928e9074">Chrominance subsampling options</a>.)</td></tr>
-    <tr><td class="paramname">dstBuf</td><td>pointer to an image buffer that will receive the decoded image. This buffer should normally be <code>pitch * height</code> bytes in size, but the <code>dstBuf</code> pointer can also be used to decode into a specific region of a larger buffer.</td></tr>
-    <tr><td class="paramname">width</td><td>width (in pixels) of the source and destination images</td></tr>
-    <tr><td class="paramname">pitch</td><td>bytes per line in the destination image. Normally, this should be <code>width * <a class="el" href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c" title="Pixel size (in bytes) for a given pixel format.">tjPixelSize</a>[pixelFormat]</code> if the destination image is unpadded, or <code><a class="el" href="group___turbo_j_p_e_g.html#ga0aba955473315e405295d978f0c16511" title="Pad the given width to the nearest 32-bit boundary.">TJPAD</a>(width * <a class="el" href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c" title="Pixel size (in bytes) for a given pixel format.">tjPixelSize</a>[pixelFormat])</code> if each line of the destination image should be padded to the nearest 32-bit boundary, as is the case for Windows bitmaps. You can also be clever and use the pitch parameter to skip lines, etc. Setting this parameter to 0 is the equivalent of setting it to <code>width * <a class="el" href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c" title="Pixel size (in bytes) for a given pixel format.">tjPixelSize</a>[pixelFormat]</code>.</td></tr>
-    <tr><td class="paramname">height</td><td>height (in pixels) of the source and destination images</td></tr>
-    <tr><td class="paramname">pixelFormat</td><td>pixel format of the destination image (see <a class="el" href="group___turbo_j_p_e_g.html#gac916144e26c3817ac514e64ae5d12e2a">Pixel formats</a>.)</td></tr>
-    <tr><td class="paramname">flags</td><td>the bitwise OR of one or more of the <a class="el" href="group___turbo_j_p_e_g.html#gacb233cfd722d66d1ccbf48a7de81f0e0">flags</a></td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>0 if successful, or -1 if an error occurred (see <a class="el" href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa" title="Returns a descriptive error message explaining why the last command failed.">tjGetErrorStr2()</a> and <a class="el" href="group___turbo_j_p_e_g.html#ga414feeffbf860ebd31c745df203de410" title="Returns a code indicating the severity of the last error.">tjGetErrorCode()</a>.) </dd></dl>
-
-</div>
-</div>
-<a id="ga10e837c07fa9d25770565b237d3898d9"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga10e837c07fa9d25770565b237d3898d9">&#9670;&nbsp;</a></span>tjDecodeYUVPlanes()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT int tjDecodeYUVPlanes </td>
-          <td>(</td>
-          <td class="paramtype"><a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a>&#160;</td>
-          <td class="paramname"><em>handle</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">const unsigned char **&#160;</td>
-          <td class="paramname"><em>srcPlanes</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">const int *&#160;</td>
-          <td class="paramname"><em>strides</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>subsamp</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned char *&#160;</td>
-          <td class="paramname"><em>dstBuf</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>width</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>pitch</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>height</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>pixelFormat</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>flags</em>&#160;</td>
-        </tr>
-        <tr>
-          <td></td>
-          <td>)</td>
-          <td></td><td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Decode a set of Y, U (Cb), and V (Cr) image planes into an RGB or grayscale image. </p>
-<p>This function uses the accelerated color conversion routines in the underlying codec but does not execute any of the other steps in the JPEG decompression process.</p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">handle</td><td>a handle to a TurboJPEG decompressor or transformer instance</td></tr>
-    <tr><td class="paramname">srcPlanes</td><td>an array of pointers to Y, U (Cb), and V (Cr) image planes (or just a Y plane, if decoding a grayscale image) that contain a YUV image to be decoded. These planes can be contiguous or non-contiguous in memory. The size of each plane should match the value returned by <a class="el" href="group___turbo_j_p_e_g.html#gab4ab7b24f6e797d79abaaa670373961d" title="The size of the buffer (in bytes) required to hold a YUV image plane with the given parameters.">tjPlaneSizeYUV()</a> for the given image width, height, strides, and level of chrominance subsampling. Refer to <a class="el" href="group___turbo_j_p_e_g.html#YUVnotes">YUV Image Format Notes</a> for more details.</td></tr>
-    <tr><td class="paramname">strides</td><td>an array of integers, each specifying the number of bytes per line in the corresponding plane of the YUV source image. Setting the stride for any plane to 0 is the same as setting it to the plane width (see <a class="el" href="group___turbo_j_p_e_g.html#YUVnotes">YUV Image Format Notes</a>.) If <code>strides</code> is NULL, then the strides for all planes will be set to their respective plane widths. You can adjust the strides in order to specify an arbitrary amount of line padding in each plane or to decode a subregion of a larger YUV planar image.</td></tr>
-    <tr><td class="paramname">subsamp</td><td>the level of chrominance subsampling used in the YUV source image (see <a class="el" href="group___turbo_j_p_e_g.html#ga1d047060ea80bb9820d540bb928e9074">Chrominance subsampling options</a>.)</td></tr>
-    <tr><td class="paramname">dstBuf</td><td>pointer to an image buffer that will receive the decoded image. This buffer should normally be <code>pitch * height</code> bytes in size, but the <code>dstBuf</code> pointer can also be used to decode into a specific region of a larger buffer.</td></tr>
-    <tr><td class="paramname">width</td><td>width (in pixels) of the source and destination images</td></tr>
-    <tr><td class="paramname">pitch</td><td>bytes per line in the destination image. Normally, this should be <code>width * <a class="el" href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c" title="Pixel size (in bytes) for a given pixel format.">tjPixelSize</a>[pixelFormat]</code> if the destination image is unpadded, or <code><a class="el" href="group___turbo_j_p_e_g.html#ga0aba955473315e405295d978f0c16511" title="Pad the given width to the nearest 32-bit boundary.">TJPAD</a>(width * <a class="el" href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c" title="Pixel size (in bytes) for a given pixel format.">tjPixelSize</a>[pixelFormat])</code> if each line of the destination image should be padded to the nearest 32-bit boundary, as is the case for Windows bitmaps. You can also be clever and use the pitch parameter to skip lines, etc. Setting this parameter to 0 is the equivalent of setting it to <code>width * <a class="el" href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c" title="Pixel size (in bytes) for a given pixel format.">tjPixelSize</a>[pixelFormat]</code>.</td></tr>
-    <tr><td class="paramname">height</td><td>height (in pixels) of the source and destination images</td></tr>
-    <tr><td class="paramname">pixelFormat</td><td>pixel format of the destination image (see <a class="el" href="group___turbo_j_p_e_g.html#gac916144e26c3817ac514e64ae5d12e2a">Pixel formats</a>.)</td></tr>
-    <tr><td class="paramname">flags</td><td>the bitwise OR of one or more of the <a class="el" href="group___turbo_j_p_e_g.html#gacb233cfd722d66d1ccbf48a7de81f0e0">flags</a></td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>0 if successful, or -1 if an error occurred (see <a class="el" href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa" title="Returns a descriptive error message explaining why the last command failed.">tjGetErrorStr2()</a> and <a class="el" href="group___turbo_j_p_e_g.html#ga414feeffbf860ebd31c745df203de410" title="Returns a code indicating the severity of the last error.">tjGetErrorCode()</a>.) </dd></dl>
-
-</div>
-</div>
-<a id="gae9eccef8b682a48f43a9117c231ed013"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#gae9eccef8b682a48f43a9117c231ed013">&#9670;&nbsp;</a></span>tjDecompress2()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT int tjDecompress2 </td>
-          <td>(</td>
-          <td class="paramtype"><a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a>&#160;</td>
-          <td class="paramname"><em>handle</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">const unsigned char *&#160;</td>
-          <td class="paramname"><em>jpegBuf</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned long&#160;</td>
-          <td class="paramname"><em>jpegSize</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned char *&#160;</td>
-          <td class="paramname"><em>dstBuf</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>width</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>pitch</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>height</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>pixelFormat</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>flags</em>&#160;</td>
-        </tr>
-        <tr>
-          <td></td>
-          <td>)</td>
-          <td></td><td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Decompress a JPEG image to an RGB, grayscale, or CMYK image. </p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">handle</td><td>a handle to a TurboJPEG decompressor or transformer instance</td></tr>
-    <tr><td class="paramname">jpegBuf</td><td>pointer to a buffer containing the JPEG image to decompress</td></tr>
-    <tr><td class="paramname">jpegSize</td><td>size of the JPEG image (in bytes)</td></tr>
-    <tr><td class="paramname">dstBuf</td><td>pointer to an image buffer that will receive the decompressed image. This buffer should normally be <code>pitch * scaledHeight</code> bytes in size, where <code>scaledHeight</code> can be determined by calling <a class="el" href="group___turbo_j_p_e_g.html#ga84878bb65404204743aa18cac02781df" title="Compute the scaled value of dimension using the given scaling factor.">TJSCALED()</a> with the JPEG image height and one of the scaling factors returned by <a class="el" href="group___turbo_j_p_e_g.html#gac3854476006b10787bd128f7ede48057" title="Returns a list of fractional scaling factors that the JPEG decompressor in this implementation of Tur...">tjGetScalingFactors()</a>. The <code>dstBuf</code> pointer may also be used to decompress into a specific region of a larger buffer.</td></tr>
-    <tr><td class="paramname">width</td><td>desired width (in pixels) of the destination image. If this is different than the width of the JPEG image being decompressed, then TurboJPEG will use scaling in the JPEG decompressor to generate the largest possible image that will fit within the desired width. If <code>width</code> is set to 0, then only the height will be considered when determining the scaled image size.</td></tr>
-    <tr><td class="paramname">pitch</td><td>bytes per line in the destination image. Normally, this is <code>scaledWidth * <a class="el" href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c" title="Pixel size (in bytes) for a given pixel format.">tjPixelSize</a>[pixelFormat]</code> if the decompressed image is unpadded, else <code><a class="el" href="group___turbo_j_p_e_g.html#ga0aba955473315e405295d978f0c16511" title="Pad the given width to the nearest 32-bit boundary.">TJPAD</a>(scaledWidth * <a class="el" href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c" title="Pixel size (in bytes) for a given pixel format.">tjPixelSize</a>[pixelFormat])</code> if each line of the decompressed image is padded to the nearest 32-bit boundary, as is the case for Windows bitmaps. (NOTE: <code>scaledWidth</code> can be determined by calling <a class="el" href="group___turbo_j_p_e_g.html#ga84878bb65404204743aa18cac02781df" title="Compute the scaled value of dimension using the given scaling factor.">TJSCALED()</a> with the JPEG image width and one of the scaling factors returned by <a class="el" href="group___turbo_j_p_e_g.html#gac3854476006b10787bd128f7ede48057" title="Returns a list of fractional scaling factors that the JPEG decompressor in this implementation of Tur...">tjGetScalingFactors()</a>.) You can also be clever and use the pitch parameter to skip lines, etc. Setting this parameter to 0 is the equivalent of setting it to <code>scaledWidth * <a class="el" href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c" title="Pixel size (in bytes) for a given pixel format.">tjPixelSize</a>[pixelFormat]</code>.</td></tr>
-    <tr><td class="paramname">height</td><td>desired height (in pixels) of the destination image. If this is different than the height of the JPEG image being decompressed, then TurboJPEG will use scaling in the JPEG decompressor to generate the largest possible image that will fit within the desired height. If <code>height</code> is set to 0, then only the width will be considered when determining the scaled image size.</td></tr>
-    <tr><td class="paramname">pixelFormat</td><td>pixel format of the destination image (see <a class="el" href="group___turbo_j_p_e_g.html#gac916144e26c3817ac514e64ae5d12e2a">Pixel formats</a>.)</td></tr>
-    <tr><td class="paramname">flags</td><td>the bitwise OR of one or more of the <a class="el" href="group___turbo_j_p_e_g.html#gacb233cfd722d66d1ccbf48a7de81f0e0">flags</a></td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>0 if successful, or -1 if an error occurred (see <a class="el" href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa" title="Returns a descriptive error message explaining why the last command failed.">tjGetErrorStr2()</a> and <a class="el" href="group___turbo_j_p_e_g.html#ga414feeffbf860ebd31c745df203de410" title="Returns a code indicating the severity of the last error.">tjGetErrorCode()</a>.) </dd></dl>
-
-</div>
-</div>
-<a id="ga0595681096bba7199cc6f3533cb25f77"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga0595681096bba7199cc6f3533cb25f77">&#9670;&nbsp;</a></span>tjDecompressHeader3()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT int tjDecompressHeader3 </td>
-          <td>(</td>
-          <td class="paramtype"><a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a>&#160;</td>
-          <td class="paramname"><em>handle</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">const unsigned char *&#160;</td>
-          <td class="paramname"><em>jpegBuf</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned long&#160;</td>
-          <td class="paramname"><em>jpegSize</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int *&#160;</td>
-          <td class="paramname"><em>width</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int *&#160;</td>
-          <td class="paramname"><em>height</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int *&#160;</td>
-          <td class="paramname"><em>jpegSubsamp</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int *&#160;</td>
-          <td class="paramname"><em>jpegColorspace</em>&#160;</td>
-        </tr>
-        <tr>
-          <td></td>
-          <td>)</td>
-          <td></td><td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Retrieve information about a JPEG image without decompressing it. </p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">handle</td><td>a handle to a TurboJPEG decompressor or transformer instance</td></tr>
-    <tr><td class="paramname">jpegBuf</td><td>pointer to a buffer containing a JPEG image</td></tr>
-    <tr><td class="paramname">jpegSize</td><td>size of the JPEG image (in bytes)</td></tr>
-    <tr><td class="paramname">width</td><td>pointer to an integer variable that will receive the width (in pixels) of the JPEG image</td></tr>
-    <tr><td class="paramname">height</td><td>pointer to an integer variable that will receive the height (in pixels) of the JPEG image</td></tr>
-    <tr><td class="paramname">jpegSubsamp</td><td>pointer to an integer variable that will receive the level of chrominance subsampling used when the JPEG image was compressed (see <a class="el" href="group___turbo_j_p_e_g.html#ga1d047060ea80bb9820d540bb928e9074">Chrominance subsampling options</a>.)</td></tr>
-    <tr><td class="paramname">jpegColorspace</td><td>pointer to an integer variable that will receive one of the JPEG colorspace constants, indicating the colorspace of the JPEG image (see <a class="el" href="group___turbo_j_p_e_g.html#ga4f83ad3368e0e29d1957be0efa7c3720">JPEG colorspaces</a>.)</td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>0 if successful, or -1 if an error occurred (see <a class="el" href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa" title="Returns a descriptive error message explaining why the last command failed.">tjGetErrorStr2()</a> and <a class="el" href="group___turbo_j_p_e_g.html#ga414feeffbf860ebd31c745df203de410" title="Returns a code indicating the severity of the last error.">tjGetErrorCode()</a>.) </dd></dl>
-
-</div>
-</div>
-<a id="ga04d1e839ff9a0860dd1475cff78d3364"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga04d1e839ff9a0860dd1475cff78d3364">&#9670;&nbsp;</a></span>tjDecompressToYUV2()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT int tjDecompressToYUV2 </td>
-          <td>(</td>
-          <td class="paramtype"><a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a>&#160;</td>
-          <td class="paramname"><em>handle</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">const unsigned char *&#160;</td>
-          <td class="paramname"><em>jpegBuf</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned long&#160;</td>
-          <td class="paramname"><em>jpegSize</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned char *&#160;</td>
-          <td class="paramname"><em>dstBuf</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>width</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>pad</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>height</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>flags</em>&#160;</td>
-        </tr>
-        <tr>
-          <td></td>
-          <td>)</td>
-          <td></td><td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Decompress a JPEG image to a YUV planar image. </p>
-<p>This function performs JPEG decompression but leaves out the color conversion step, so a planar YUV image is generated instead of an RGB image.</p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">handle</td><td>a handle to a TurboJPEG decompressor or transformer instance</td></tr>
-    <tr><td class="paramname">jpegBuf</td><td>pointer to a buffer containing the JPEG image to decompress</td></tr>
-    <tr><td class="paramname">jpegSize</td><td>size of the JPEG image (in bytes)</td></tr>
-    <tr><td class="paramname">dstBuf</td><td>pointer to an image buffer that will receive the YUV image. Use <a class="el" href="group___turbo_j_p_e_g.html#ga2be2b9969d4df9ecce9b05deed273194" title="The size of the buffer (in bytes) required to hold a YUV planar image with the given parameters.">tjBufSizeYUV2()</a> to determine the appropriate size for this buffer based on the image width, height, padding, and level of subsampling. The Y, U (Cb), and V (Cr) image planes will be stored sequentially in the buffer (refer to <a class="el" href="group___turbo_j_p_e_g.html#YUVnotes">YUV Image Format Notes</a>.)</td></tr>
-    <tr><td class="paramname">width</td><td>desired width (in pixels) of the YUV image. If this is different than the width of the JPEG image being decompressed, then TurboJPEG will use scaling in the JPEG decompressor to generate the largest possible image that will fit within the desired width. If <code>width</code> is set to 0, then only the height will be considered when determining the scaled image size. If the scaled width is not an even multiple of the MCU block width (see <a class="el" href="group___turbo_j_p_e_g.html#ga9e61e7cd47a15a173283ba94e781308c" title="MCU block width (in pixels) for a given level of chrominance subsampling.">tjMCUWidth</a>), then an intermediate buffer copy will be performed within TurboJPEG.</td></tr>
-    <tr><td class="paramname">pad</td><td>the width of each line in each plane of the YUV image will be padded to the nearest multiple of this number of bytes (must be a power of 2.) To generate images suitable for X Video, <code>pad</code> should be set to 4.</td></tr>
-    <tr><td class="paramname">height</td><td>desired height (in pixels) of the YUV image. If this is different than the height of the JPEG image being decompressed, then TurboJPEG will use scaling in the JPEG decompressor to generate the largest possible image that will fit within the desired height. If <code>height</code> is set to 0, then only the width will be considered when determining the scaled image size. If the scaled height is not an even multiple of the MCU block height (see <a class="el" href="group___turbo_j_p_e_g.html#gabd247bb9fecb393eca57366feb8327bf" title="MCU block height (in pixels) for a given level of chrominance subsampling.">tjMCUHeight</a>), then an intermediate buffer copy will be performed within TurboJPEG.</td></tr>
-    <tr><td class="paramname">flags</td><td>the bitwise OR of one or more of the <a class="el" href="group___turbo_j_p_e_g.html#gacb233cfd722d66d1ccbf48a7de81f0e0">flags</a></td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>0 if successful, or -1 if an error occurred (see <a class="el" href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa" title="Returns a descriptive error message explaining why the last command failed.">tjGetErrorStr2()</a> and <a class="el" href="group___turbo_j_p_e_g.html#ga414feeffbf860ebd31c745df203de410" title="Returns a code indicating the severity of the last error.">tjGetErrorCode()</a>.) </dd></dl>
-
-</div>
-</div>
-<a id="gaa59f901a5258ada5bd0185ad59368540"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#gaa59f901a5258ada5bd0185ad59368540">&#9670;&nbsp;</a></span>tjDecompressToYUVPlanes()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT int tjDecompressToYUVPlanes </td>
-          <td>(</td>
-          <td class="paramtype"><a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a>&#160;</td>
-          <td class="paramname"><em>handle</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">const unsigned char *&#160;</td>
-          <td class="paramname"><em>jpegBuf</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned long&#160;</td>
-          <td class="paramname"><em>jpegSize</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned char **&#160;</td>
-          <td class="paramname"><em>dstPlanes</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>width</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int *&#160;</td>
-          <td class="paramname"><em>strides</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>height</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>flags</em>&#160;</td>
-        </tr>
-        <tr>
-          <td></td>
-          <td>)</td>
-          <td></td><td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Decompress a JPEG image into separate Y, U (Cb), and V (Cr) image planes. </p>
-<p>This function performs JPEG decompression but leaves out the color conversion step, so a planar YUV image is generated instead of an RGB image.</p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">handle</td><td>a handle to a TurboJPEG decompressor or transformer instance</td></tr>
-    <tr><td class="paramname">jpegBuf</td><td>pointer to a buffer containing the JPEG image to decompress</td></tr>
-    <tr><td class="paramname">jpegSize</td><td>size of the JPEG image (in bytes)</td></tr>
-    <tr><td class="paramname">dstPlanes</td><td>an array of pointers to Y, U (Cb), and V (Cr) image planes (or just a Y plane, if decompressing a grayscale image) that will receive the YUV image. These planes can be contiguous or non-contiguous in memory. Use <a class="el" href="group___turbo_j_p_e_g.html#gab4ab7b24f6e797d79abaaa670373961d" title="The size of the buffer (in bytes) required to hold a YUV image plane with the given parameters.">tjPlaneSizeYUV()</a> to determine the appropriate size for each plane based on the scaled image width, scaled image height, strides, and level of chrominance subsampling. Refer to <a class="el" href="group___turbo_j_p_e_g.html#YUVnotes">YUV Image Format Notes</a> for more details.</td></tr>
-    <tr><td class="paramname">width</td><td>desired width (in pixels) of the YUV image. If this is different than the width of the JPEG image being decompressed, then TurboJPEG will use scaling in the JPEG decompressor to generate the largest possible image that will fit within the desired width. If <code>width</code> is set to 0, then only the height will be considered when determining the scaled image size. If the scaled width is not an even multiple of the MCU block width (see <a class="el" href="group___turbo_j_p_e_g.html#ga9e61e7cd47a15a173283ba94e781308c" title="MCU block width (in pixels) for a given level of chrominance subsampling.">tjMCUWidth</a>), then an intermediate buffer copy will be performed within TurboJPEG.</td></tr>
-    <tr><td class="paramname">strides</td><td>an array of integers, each specifying the number of bytes per line in the corresponding plane of the output image. Setting the stride for any plane to 0 is the same as setting it to the scaled plane width (see <a class="el" href="group___turbo_j_p_e_g.html#YUVnotes">YUV Image Format Notes</a>.) If <code>strides</code> is NULL, then the strides for all planes will be set to their respective scaled plane widths. You can adjust the strides in order to add an arbitrary amount of line padding to each plane or to decompress the JPEG image into a subregion of a larger YUV planar image.</td></tr>
-    <tr><td class="paramname">height</td><td>desired height (in pixels) of the YUV image. If this is different than the height of the JPEG image being decompressed, then TurboJPEG will use scaling in the JPEG decompressor to generate the largest possible image that will fit within the desired height. If <code>height</code> is set to 0, then only the width will be considered when determining the scaled image size. If the scaled height is not an even multiple of the MCU block height (see <a class="el" href="group___turbo_j_p_e_g.html#gabd247bb9fecb393eca57366feb8327bf" title="MCU block height (in pixels) for a given level of chrominance subsampling.">tjMCUHeight</a>), then an intermediate buffer copy will be performed within TurboJPEG.</td></tr>
-    <tr><td class="paramname">flags</td><td>the bitwise OR of one or more of the <a class="el" href="group___turbo_j_p_e_g.html#gacb233cfd722d66d1ccbf48a7de81f0e0">flags</a></td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>0 if successful, or -1 if an error occurred (see <a class="el" href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa" title="Returns a descriptive error message explaining why the last command failed.">tjGetErrorStr2()</a> and <a class="el" href="group___turbo_j_p_e_g.html#ga414feeffbf860ebd31c745df203de410" title="Returns a code indicating the severity of the last error.">tjGetErrorCode()</a>.) </dd></dl>
-
-</div>
-</div>
-<a id="ga75f355fa27225ba1a4ee392c852394d2"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga75f355fa27225ba1a4ee392c852394d2">&#9670;&nbsp;</a></span>tjDestroy()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT int tjDestroy </td>
-          <td>(</td>
-          <td class="paramtype"><a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a>&#160;</td>
-          <td class="paramname"><em>handle</em></td><td>)</td>
-          <td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Destroy a TurboJPEG compressor, decompressor, or transformer instance. </p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">handle</td><td>a handle to a TurboJPEG compressor, decompressor or transformer instance</td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>0 if successful, or -1 if an error occurred (see <a class="el" href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa" title="Returns a descriptive error message explaining why the last command failed.">tjGetErrorStr2()</a>.) </dd></dl>
-
-</div>
-</div>
-<a id="gac519b922cdf446e97d0cdcba513636bf"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#gac519b922cdf446e97d0cdcba513636bf">&#9670;&nbsp;</a></span>tjEncodeYUV3()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT int tjEncodeYUV3 </td>
-          <td>(</td>
-          <td class="paramtype"><a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a>&#160;</td>
-          <td class="paramname"><em>handle</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">const unsigned char *&#160;</td>
-          <td class="paramname"><em>srcBuf</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>width</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>pitch</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>height</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>pixelFormat</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned char *&#160;</td>
-          <td class="paramname"><em>dstBuf</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>pad</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>subsamp</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>flags</em>&#160;</td>
-        </tr>
-        <tr>
-          <td></td>
-          <td>)</td>
-          <td></td><td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Encode an RGB or grayscale image into a YUV planar image. </p>
-<p>This function uses the accelerated color conversion routines in the underlying codec but does not execute any of the other steps in the JPEG compression process.</p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">handle</td><td>a handle to a TurboJPEG compressor or transformer instance</td></tr>
-    <tr><td class="paramname">srcBuf</td><td>pointer to an image buffer containing RGB or grayscale pixels to be encoded</td></tr>
-    <tr><td class="paramname">width</td><td>width (in pixels) of the source image</td></tr>
-    <tr><td class="paramname">pitch</td><td>bytes per line in the source image. Normally, this should be <code>width * <a class="el" href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c" title="Pixel size (in bytes) for a given pixel format.">tjPixelSize</a>[pixelFormat]</code> if the image is unpadded, or <code><a class="el" href="group___turbo_j_p_e_g.html#ga0aba955473315e405295d978f0c16511" title="Pad the given width to the nearest 32-bit boundary.">TJPAD</a>(width * <a class="el" href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c" title="Pixel size (in bytes) for a given pixel format.">tjPixelSize</a>[pixelFormat])</code> if each line of the image is padded to the nearest 32-bit boundary, as is the case for Windows bitmaps. You can also be clever and use this parameter to skip lines, etc. Setting this parameter to 0 is the equivalent of setting it to <code>width * <a class="el" href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c" title="Pixel size (in bytes) for a given pixel format.">tjPixelSize</a>[pixelFormat]</code>.</td></tr>
-    <tr><td class="paramname">height</td><td>height (in pixels) of the source image</td></tr>
-    <tr><td class="paramname">pixelFormat</td><td>pixel format of the source image (see <a class="el" href="group___turbo_j_p_e_g.html#gac916144e26c3817ac514e64ae5d12e2a">Pixel formats</a>.)</td></tr>
-    <tr><td class="paramname">dstBuf</td><td>pointer to an image buffer that will receive the YUV image. Use <a class="el" href="group___turbo_j_p_e_g.html#ga2be2b9969d4df9ecce9b05deed273194" title="The size of the buffer (in bytes) required to hold a YUV planar image with the given parameters.">tjBufSizeYUV2()</a> to determine the appropriate size for this buffer based on the image width, height, padding, and level of chrominance subsampling. The Y, U (Cb), and V (Cr) image planes will be stored sequentially in the buffer (refer to <a class="el" href="group___turbo_j_p_e_g.html#YUVnotes">YUV Image Format Notes</a>.)</td></tr>
-    <tr><td class="paramname">pad</td><td>the width of each line in each plane of the YUV image will be padded to the nearest multiple of this number of bytes (must be a power of 2.) To generate images suitable for X Video, <code>pad</code> should be set to 4.</td></tr>
-    <tr><td class="paramname">subsamp</td><td>the level of chrominance subsampling to be used when generating the YUV image (see <a class="el" href="group___turbo_j_p_e_g.html#ga1d047060ea80bb9820d540bb928e9074">Chrominance subsampling options</a>.) To generate images suitable for X Video, <code>subsamp</code> should be set to <a class="el" href="group___turbo_j_p_e_g.html#gga1d047060ea80bb9820d540bb928e9074a63085dbf683cfe39e513cdb6343e3737">TJSAMP_420</a>. This produces an image compatible with the I420 (AKA "YUV420P") format.</td></tr>
-    <tr><td class="paramname">flags</td><td>the bitwise OR of one or more of the <a class="el" href="group___turbo_j_p_e_g.html#gacb233cfd722d66d1ccbf48a7de81f0e0">flags</a></td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>0 if successful, or -1 if an error occurred (see <a class="el" href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa" title="Returns a descriptive error message explaining why the last command failed.">tjGetErrorStr2()</a> and <a class="el" href="group___turbo_j_p_e_g.html#ga414feeffbf860ebd31c745df203de410" title="Returns a code indicating the severity of the last error.">tjGetErrorCode()</a>.) </dd></dl>
-
-</div>
-</div>
-<a id="gae2d04c72457fe7f4d60cf78ab1b1feb1"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#gae2d04c72457fe7f4d60cf78ab1b1feb1">&#9670;&nbsp;</a></span>tjEncodeYUVPlanes()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT int tjEncodeYUVPlanes </td>
-          <td>(</td>
-          <td class="paramtype"><a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a>&#160;</td>
-          <td class="paramname"><em>handle</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">const unsigned char *&#160;</td>
-          <td class="paramname"><em>srcBuf</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>width</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>pitch</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>height</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>pixelFormat</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned char **&#160;</td>
-          <td class="paramname"><em>dstPlanes</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int *&#160;</td>
-          <td class="paramname"><em>strides</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>subsamp</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>flags</em>&#160;</td>
-        </tr>
-        <tr>
-          <td></td>
-          <td>)</td>
-          <td></td><td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Encode an RGB or grayscale image into separate Y, U (Cb), and V (Cr) image planes. </p>
-<p>This function uses the accelerated color conversion routines in the underlying codec but does not execute any of the other steps in the JPEG compression process.</p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">handle</td><td>a handle to a TurboJPEG compressor or transformer instance</td></tr>
-    <tr><td class="paramname">srcBuf</td><td>pointer to an image buffer containing RGB or grayscale pixels to be encoded</td></tr>
-    <tr><td class="paramname">width</td><td>width (in pixels) of the source image</td></tr>
-    <tr><td class="paramname">pitch</td><td>bytes per line in the source image. Normally, this should be <code>width * <a class="el" href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c" title="Pixel size (in bytes) for a given pixel format.">tjPixelSize</a>[pixelFormat]</code> if the image is unpadded, or <code><a class="el" href="group___turbo_j_p_e_g.html#ga0aba955473315e405295d978f0c16511" title="Pad the given width to the nearest 32-bit boundary.">TJPAD</a>(width * <a class="el" href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c" title="Pixel size (in bytes) for a given pixel format.">tjPixelSize</a>[pixelFormat])</code> if each line of the image is padded to the nearest 32-bit boundary, as is the case for Windows bitmaps. You can also be clever and use this parameter to skip lines, etc. Setting this parameter to 0 is the equivalent of setting it to <code>width * <a class="el" href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c" title="Pixel size (in bytes) for a given pixel format.">tjPixelSize</a>[pixelFormat]</code>.</td></tr>
-    <tr><td class="paramname">height</td><td>height (in pixels) of the source image</td></tr>
-    <tr><td class="paramname">pixelFormat</td><td>pixel format of the source image (see <a class="el" href="group___turbo_j_p_e_g.html#gac916144e26c3817ac514e64ae5d12e2a">Pixel formats</a>.)</td></tr>
-    <tr><td class="paramname">dstPlanes</td><td>an array of pointers to Y, U (Cb), and V (Cr) image planes (or just a Y plane, if generating a grayscale image) that will receive the encoded image. These planes can be contiguous or non-contiguous in memory. Use <a class="el" href="group___turbo_j_p_e_g.html#gab4ab7b24f6e797d79abaaa670373961d" title="The size of the buffer (in bytes) required to hold a YUV image plane with the given parameters.">tjPlaneSizeYUV()</a> to determine the appropriate size for each plane based on the image width, height, strides, and level of chrominance subsampling. Refer to <a class="el" href="group___turbo_j_p_e_g.html#YUVnotes">YUV Image Format Notes</a> for more details.</td></tr>
-    <tr><td class="paramname">strides</td><td>an array of integers, each specifying the number of bytes per line in the corresponding plane of the output image. Setting the stride for any plane to 0 is the same as setting it to the plane width (see <a class="el" href="group___turbo_j_p_e_g.html#YUVnotes">YUV Image Format Notes</a>.) If <code>strides</code> is NULL, then the strides for all planes will be set to their respective plane widths. You can adjust the strides in order to add an arbitrary amount of line padding to each plane or to encode an RGB or grayscale image into a subregion of a larger YUV planar image.</td></tr>
-    <tr><td class="paramname">subsamp</td><td>the level of chrominance subsampling to be used when generating the YUV image (see <a class="el" href="group___turbo_j_p_e_g.html#ga1d047060ea80bb9820d540bb928e9074">Chrominance subsampling options</a>.) To generate images suitable for X Video, <code>subsamp</code> should be set to <a class="el" href="group___turbo_j_p_e_g.html#gga1d047060ea80bb9820d540bb928e9074a63085dbf683cfe39e513cdb6343e3737">TJSAMP_420</a>. This produces an image compatible with the I420 (AKA "YUV420P") format.</td></tr>
-    <tr><td class="paramname">flags</td><td>the bitwise OR of one or more of the <a class="el" href="group___turbo_j_p_e_g.html#gacb233cfd722d66d1ccbf48a7de81f0e0">flags</a></td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>0 if successful, or -1 if an error occurred (see <a class="el" href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa" title="Returns a descriptive error message explaining why the last command failed.">tjGetErrorStr2()</a> and <a class="el" href="group___turbo_j_p_e_g.html#ga414feeffbf860ebd31c745df203de410" title="Returns a code indicating the severity of the last error.">tjGetErrorCode()</a>.) </dd></dl>
-
-</div>
-</div>
-<a id="gaea863d2da0cdb609563aabdf9196514b"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#gaea863d2da0cdb609563aabdf9196514b">&#9670;&nbsp;</a></span>tjFree()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT void tjFree </td>
-          <td>(</td>
-          <td class="paramtype">unsigned char *&#160;</td>
-          <td class="paramname"><em>buffer</em></td><td>)</td>
-          <td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Free an image buffer previously allocated by TurboJPEG. </p>
-<p>You should always use this function to free JPEG destination buffer(s) that were automatically (re)allocated by the compression and transform functions or that were manually allocated using <a class="el" href="group___turbo_j_p_e_g.html#gaec627dd4c5f30b7a775a7aea3bec5d83" title="Allocate an image buffer for use with TurboJPEG.">tjAlloc()</a>.</p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">buffer</td><td>address of the buffer to free. If the address is NULL, then this function has no effect.</td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section see"><dt>See also</dt><dd><a class="el" href="group___turbo_j_p_e_g.html#gaec627dd4c5f30b7a775a7aea3bec5d83" title="Allocate an image buffer for use with TurboJPEG.">tjAlloc()</a> </dd></dl>
-
-</div>
-</div>
-<a id="ga414feeffbf860ebd31c745df203de410"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga414feeffbf860ebd31c745df203de410">&#9670;&nbsp;</a></span>tjGetErrorCode()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT int tjGetErrorCode </td>
-          <td>(</td>
-          <td class="paramtype"><a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a>&#160;</td>
-          <td class="paramname"><em>handle</em></td><td>)</td>
-          <td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Returns a code indicating the severity of the last error. </p>
-<p>See <a class="el" href="group___turbo_j_p_e_g.html#gafbc17cfa57d0d5d11fea35ac025950fe">Error codes</a>.</p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">handle</td><td>a handle to a TurboJPEG compressor, decompressor or transformer instance</td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>a code indicating the severity of the last error. See <a class="el" href="group___turbo_j_p_e_g.html#gafbc17cfa57d0d5d11fea35ac025950fe">Error codes</a>. </dd></dl>
-
-</div>
-</div>
-<a id="ga1ead8574f9f39fbafc6b497124e7aafa"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga1ead8574f9f39fbafc6b497124e7aafa">&#9670;&nbsp;</a></span>tjGetErrorStr2()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT char* tjGetErrorStr2 </td>
-          <td>(</td>
-          <td class="paramtype"><a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a>&#160;</td>
-          <td class="paramname"><em>handle</em></td><td>)</td>
-          <td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Returns a descriptive error message explaining why the last command failed. </p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">handle</td><td>a handle to a TurboJPEG compressor, decompressor, or transformer instance, or NULL if the error was generated by a global function (but note that retrieving the error message for a global function is thread-safe only on platforms that support thread-local storage.)</td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>a descriptive error message explaining why the last command failed. </dd></dl>
-
-</div>
-</div>
-<a id="gac3854476006b10787bd128f7ede48057"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#gac3854476006b10787bd128f7ede48057">&#9670;&nbsp;</a></span>tjGetScalingFactors()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT <a class="el" href="structtjscalingfactor.html">tjscalingfactor</a>* tjGetScalingFactors </td>
-          <td>(</td>
-          <td class="paramtype">int *&#160;</td>
-          <td class="paramname"><em>numscalingfactors</em></td><td>)</td>
-          <td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Returns a list of fractional scaling factors that the JPEG decompressor in this implementation of TurboJPEG supports. </p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">numscalingfactors</td><td>pointer to an integer variable that will receive the number of elements in the list</td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>a pointer to a list of fractional scaling factors, or NULL if an error is encountered (see <a class="el" href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa" title="Returns a descriptive error message explaining why the last command failed.">tjGetErrorStr2()</a>.) </dd></dl>
-
-</div>
-</div>
-<a id="ga9d63a05fc6d813f4aae06107041a37e8"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga9d63a05fc6d813f4aae06107041a37e8">&#9670;&nbsp;</a></span>tjInitCompress()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT <a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a> tjInitCompress </td>
-          <td>(</td>
-          <td class="paramtype">void&#160;</td>
-          <td class="paramname"></td><td>)</td>
-          <td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Create a TurboJPEG compressor instance. </p>
-<dl class="section return"><dt>Returns</dt><dd>a handle to the newly-created instance, or NULL if an error occurred (see <a class="el" href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa" title="Returns a descriptive error message explaining why the last command failed.">tjGetErrorStr2()</a>.) </dd></dl>
-
-</div>
-</div>
-<a id="ga52300eac3f3d9ef4bab303bc244f62d3"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga52300eac3f3d9ef4bab303bc244f62d3">&#9670;&nbsp;</a></span>tjInitDecompress()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT <a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a> tjInitDecompress </td>
-          <td>(</td>
-          <td class="paramtype">void&#160;</td>
-          <td class="paramname"></td><td>)</td>
-          <td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Create a TurboJPEG decompressor instance. </p>
-<dl class="section return"><dt>Returns</dt><dd>a handle to the newly-created instance, or NULL if an error occurred (see <a class="el" href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa" title="Returns a descriptive error message explaining why the last command failed.">tjGetErrorStr2()</a>.) </dd></dl>
-
-</div>
-</div>
-<a id="ga928beff6ac248ceadf01089fc6b41957"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga928beff6ac248ceadf01089fc6b41957">&#9670;&nbsp;</a></span>tjInitTransform()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT <a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a> tjInitTransform </td>
-          <td>(</td>
-          <td class="paramtype">void&#160;</td>
-          <td class="paramname"></td><td>)</td>
-          <td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Create a new TurboJPEG transformer instance. </p>
-<dl class="section return"><dt>Returns</dt><dd>a handle to the newly-created instance, or NULL if an error occurred (see <a class="el" href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa" title="Returns a descriptive error message explaining why the last command failed.">tjGetErrorStr2()</a>.) </dd></dl>
-
-</div>
-</div>
-<a id="gaffbd83c375e79f5db4b5c5d8ad4466e7"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#gaffbd83c375e79f5db4b5c5d8ad4466e7">&#9670;&nbsp;</a></span>tjLoadImage()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT unsigned char* tjLoadImage </td>
-          <td>(</td>
-          <td class="paramtype">const char *&#160;</td>
-          <td class="paramname"><em>filename</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int *&#160;</td>
-          <td class="paramname"><em>width</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>align</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int *&#160;</td>
-          <td class="paramname"><em>height</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int *&#160;</td>
-          <td class="paramname"><em>pixelFormat</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>flags</em>&#160;</td>
-        </tr>
-        <tr>
-          <td></td>
-          <td>)</td>
-          <td></td><td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Load an uncompressed image from disk into memory. </p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">filename</td><td>name of a file containing an uncompressed image in Windows BMP or PBMPLUS (PPM/PGM) format</td></tr>
-    <tr><td class="paramname">width</td><td>pointer to an integer variable that will receive the width (in pixels) of the uncompressed image</td></tr>
-    <tr><td class="paramname">align</td><td>row alignment of the image buffer to be returned (must be a power of 2.) For instance, setting this parameter to 4 will cause all rows in the image buffer to be padded to the nearest 32-bit boundary, and setting this parameter to 1 will cause all rows in the image buffer to be unpadded.</td></tr>
-    <tr><td class="paramname">height</td><td>pointer to an integer variable that will receive the height (in pixels) of the uncompressed image</td></tr>
-    <tr><td class="paramname">pixelFormat</td><td>pointer to an integer variable that specifies or will receive the pixel format of the uncompressed image buffer. The behavior of <a class="el" href="group___turbo_j_p_e_g.html#gaffbd83c375e79f5db4b5c5d8ad4466e7" title="Load an uncompressed image from disk into memory.">tjLoadImage()</a> will vary depending on the value of <code>*pixelFormat</code> passed to the function:<ul>
-<li><a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa84c1a6cead7952998e2fb895844a21ed">TJPF_UNKNOWN</a> : The uncompressed image buffer returned by the function will use the most optimal pixel format for the file type, and <code>*pixelFormat</code> will contain the ID of this pixel format upon successful return from the function.</li>
-<li><a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa5431b54b015337705f13118073711a1a">TJPF_GRAY</a> : Only PGM files and 8-bit BMP files with a grayscale colormap can be loaded.</li>
-<li><a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa7f5100ec44c91994e243f1cf55553f8b">TJPF_CMYK</a> : The RGB or grayscale pixels stored in the file will be converted using a quick &amp; dirty algorithm that is suitable only for testing purposes (proper conversion between CMYK and other formats requires a color management system.)</li>
-<li>Other <a class="el" href="group___turbo_j_p_e_g.html#gac916144e26c3817ac514e64ae5d12e2a">pixel formats</a> : The uncompressed image buffer will use the specified pixel format, and pixel format conversion will be performed if necessary.</li>
-</ul>
-</td></tr>
-    <tr><td class="paramname">flags</td><td>the bitwise OR of one or more of the <a class="el" href="group___turbo_j_p_e_g.html#ga72ecf4ebe6eb702d3c6f5ca27455e1ec">flags</a>.</td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>a pointer to a newly-allocated buffer containing the uncompressed image, converted to the chosen pixel format and with the chosen row alignment, or NULL if an error occurred (see <a class="el" href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa" title="Returns a descriptive error message explaining why the last command failed.">tjGetErrorStr2()</a>.) This buffer should be freed using <a class="el" href="group___turbo_j_p_e_g.html#gaea863d2da0cdb609563aabdf9196514b" title="Free an image buffer previously allocated by TurboJPEG.">tjFree()</a>. </dd></dl>
-
-</div>
-</div>
-<a id="ga1a209696c6a80748f20e134b3c64789f"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga1a209696c6a80748f20e134b3c64789f">&#9670;&nbsp;</a></span>tjPlaneHeight()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT int tjPlaneHeight </td>
-          <td>(</td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>componentID</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>height</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>subsamp</em>&#160;</td>
-        </tr>
-        <tr>
-          <td></td>
-          <td>)</td>
-          <td></td><td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>The plane height of a YUV image plane with the given parameters. </p>
-<p>Refer to <a class="el" href="group___turbo_j_p_e_g.html#YUVnotes">YUV Image Format Notes</a> for a description of plane height.</p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">componentID</td><td>ID number of the image plane (0 = Y, 1 = U/Cb, 2 = V/Cr)</td></tr>
-    <tr><td class="paramname">height</td><td>height (in pixels) of the YUV image</td></tr>
-    <tr><td class="paramname">subsamp</td><td>level of chrominance subsampling in the image (see <a class="el" href="group___turbo_j_p_e_g.html#ga1d047060ea80bb9820d540bb928e9074">Chrominance subsampling options</a>.)</td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>the plane height of a YUV image plane with the given parameters, or -1 if the arguments are out of bounds. </dd></dl>
-
-</div>
-</div>
-<a id="gab4ab7b24f6e797d79abaaa670373961d"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#gab4ab7b24f6e797d79abaaa670373961d">&#9670;&nbsp;</a></span>tjPlaneSizeYUV()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT unsigned long tjPlaneSizeYUV </td>
-          <td>(</td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>componentID</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>width</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>stride</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>height</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>subsamp</em>&#160;</td>
-        </tr>
-        <tr>
-          <td></td>
-          <td>)</td>
-          <td></td><td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>The size of the buffer (in bytes) required to hold a YUV image plane with the given parameters. </p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">componentID</td><td>ID number of the image plane (0 = Y, 1 = U/Cb, 2 = V/Cr)</td></tr>
-    <tr><td class="paramname">width</td><td>width (in pixels) of the YUV image. NOTE: this is the width of the whole image, not the plane width.</td></tr>
-    <tr><td class="paramname">stride</td><td>bytes per line in the image plane. Setting this to 0 is the equivalent of setting it to the plane width.</td></tr>
-    <tr><td class="paramname">height</td><td>height (in pixels) of the YUV image. NOTE: this is the height of the whole image, not the plane height.</td></tr>
-    <tr><td class="paramname">subsamp</td><td>level of chrominance subsampling in the image (see <a class="el" href="group___turbo_j_p_e_g.html#ga1d047060ea80bb9820d540bb928e9074">Chrominance subsampling options</a>.)</td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>the size of the buffer (in bytes) required to hold the YUV image plane, or -1 if the arguments are out of bounds. </dd></dl>
-
-</div>
-</div>
-<a id="ga63fb66bb1e36c74008c4634360becbb1"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga63fb66bb1e36c74008c4634360becbb1">&#9670;&nbsp;</a></span>tjPlaneWidth()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT int tjPlaneWidth </td>
-          <td>(</td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>componentID</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>width</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>subsamp</em>&#160;</td>
-        </tr>
-        <tr>
-          <td></td>
-          <td>)</td>
-          <td></td><td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>The plane width of a YUV image plane with the given parameters. </p>
-<p>Refer to <a class="el" href="group___turbo_j_p_e_g.html#YUVnotes">YUV Image Format Notes</a> for a description of plane width.</p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">componentID</td><td>ID number of the image plane (0 = Y, 1 = U/Cb, 2 = V/Cr)</td></tr>
-    <tr><td class="paramname">width</td><td>width (in pixels) of the YUV image</td></tr>
-    <tr><td class="paramname">subsamp</td><td>level of chrominance subsampling in the image (see <a class="el" href="group___turbo_j_p_e_g.html#ga1d047060ea80bb9820d540bb928e9074">Chrominance subsampling options</a>.)</td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>the plane width of a YUV image plane with the given parameters, or -1 if the arguments are out of bounds. </dd></dl>
-
-</div>
-</div>
-<a id="ga6f445b22d8933ae4815b3370a538d879"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga6f445b22d8933ae4815b3370a538d879">&#9670;&nbsp;</a></span>tjSaveImage()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT int tjSaveImage </td>
-          <td>(</td>
-          <td class="paramtype">const char *&#160;</td>
-          <td class="paramname"><em>filename</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned char *&#160;</td>
-          <td class="paramname"><em>buffer</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>width</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>pitch</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>height</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>pixelFormat</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>flags</em>&#160;</td>
-        </tr>
-        <tr>
-          <td></td>
-          <td>)</td>
-          <td></td><td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Save an uncompressed image from memory to disk. </p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">filename</td><td>name of a file to which to save the uncompressed image. The image will be stored in Windows BMP or PBMPLUS (PPM/PGM) format, depending on the file extension.</td></tr>
-    <tr><td class="paramname">buffer</td><td>pointer to an image buffer containing RGB, grayscale, or CMYK pixels to be saved</td></tr>
-    <tr><td class="paramname">width</td><td>width (in pixels) of the uncompressed image</td></tr>
-    <tr><td class="paramname">pitch</td><td>bytes per line in the image buffer. Setting this parameter to 0 is the equivalent of setting it to <code>width * <a class="el" href="group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c" title="Pixel size (in bytes) for a given pixel format.">tjPixelSize</a>[pixelFormat]</code>.</td></tr>
-    <tr><td class="paramname">height</td><td>height (in pixels) of the uncompressed image</td></tr>
-    <tr><td class="paramname">pixelFormat</td><td>pixel format of the image buffer (see <a class="el" href="group___turbo_j_p_e_g.html#gac916144e26c3817ac514e64ae5d12e2a">Pixel formats</a>.) If this parameter is set to <a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa5431b54b015337705f13118073711a1a">TJPF_GRAY</a>, then the image will be stored in PGM or 8-bit (indexed color) BMP format. Otherwise, the image will be stored in PPM or 24-bit BMP format. If this parameter is set to <a class="el" href="group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa7f5100ec44c91994e243f1cf55553f8b">TJPF_CMYK</a>, then the CMYK pixels will be converted to RGB using a quick &amp; dirty algorithm that is suitable only for testing (proper conversion between CMYK and other formats requires a color management system.)</td></tr>
-    <tr><td class="paramname">flags</td><td>the bitwise OR of one or more of the <a class="el" href="group___turbo_j_p_e_g.html#ga72ecf4ebe6eb702d3c6f5ca27455e1ec">flags</a>.</td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>0 if successful, or -1 if an error occurred (see <a class="el" href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa" title="Returns a descriptive error message explaining why the last command failed.">tjGetErrorStr2()</a>.) </dd></dl>
-
-</div>
-</div>
-<a id="ga9cb8abf4cc91881e04a0329b2270be25"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga9cb8abf4cc91881e04a0329b2270be25">&#9670;&nbsp;</a></span>tjTransform()</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">DLLEXPORT int tjTransform </td>
-          <td>(</td>
-          <td class="paramtype"><a class="el" href="group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763">tjhandle</a>&#160;</td>
-          <td class="paramname"><em>handle</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">const unsigned char *&#160;</td>
-          <td class="paramname"><em>jpegBuf</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned long&#160;</td>
-          <td class="paramname"><em>jpegSize</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>n</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned char **&#160;</td>
-          <td class="paramname"><em>dstBufs</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">unsigned long *&#160;</td>
-          <td class="paramname"><em>dstSizes</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype"><a class="el" href="structtjtransform.html">tjtransform</a> *&#160;</td>
-          <td class="paramname"><em>transforms</em>, </td>
-        </tr>
-        <tr>
-          <td class="paramkey"></td>
-          <td></td>
-          <td class="paramtype">int&#160;</td>
-          <td class="paramname"><em>flags</em>&#160;</td>
-        </tr>
-        <tr>
-          <td></td>
-          <td>)</td>
-          <td></td><td></td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Losslessly transform a JPEG image into another JPEG image. </p>
-<p>Lossless transforms work by moving the raw DCT coefficients from one JPEG image structure to another without altering the values of the coefficients. While this is typically faster than decompressing the image, transforming it, and re-compressing it, lossless transforms are not free. Each lossless transform requires reading and performing Huffman decoding on all of the coefficients in the source image, regardless of the size of the destination image. Thus, this function provides a means of generating multiple transformed images from the same source or applying multiple transformations simultaneously, in order to eliminate the need to read the source coefficients multiple times.</p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">handle</td><td>a handle to a TurboJPEG transformer instance</td></tr>
-    <tr><td class="paramname">jpegBuf</td><td>pointer to a buffer containing the JPEG source image to transform</td></tr>
-    <tr><td class="paramname">jpegSize</td><td>size of the JPEG source image (in bytes)</td></tr>
-    <tr><td class="paramname">n</td><td>the number of transformed JPEG images to generate</td></tr>
-    <tr><td class="paramname">dstBufs</td><td>pointer to an array of n image buffers. <code>dstBufs[i]</code> will receive a JPEG image that has been transformed using the parameters in <code>transforms[i]</code>. TurboJPEG has the ability to reallocate the JPEG buffer to accommodate the size of the JPEG image. Thus, you can choose to:<ol type="1">
-<li>pre-allocate the JPEG buffer with an arbitrary size using <a class="el" href="group___turbo_j_p_e_g.html#gaec627dd4c5f30b7a775a7aea3bec5d83" title="Allocate an image buffer for use with TurboJPEG.">tjAlloc()</a> and let TurboJPEG grow the buffer as needed,</li>
-<li>set <code>dstBufs[i]</code> to NULL to tell TurboJPEG to allocate the buffer for you, or</li>
-<li>pre-allocate the buffer to a "worst case" size determined by calling <a class="el" href="group___turbo_j_p_e_g.html#ga67ac12fee79073242cb216e07c9f1f90" title="The maximum size of the buffer (in bytes) required to hold a JPEG image with the given parameters.">tjBufSize()</a> with the transformed or cropped width and height. Under normal circumstances, this should ensure that the buffer never has to be re-allocated (setting <a class="el" href="group___turbo_j_p_e_g.html#ga8808d403c68b62aaa58a4c1e58e98963" title="Disable buffer (re)allocation.">TJFLAG_NOREALLOC</a> guarantees that it won't be.) Note, however, that there are some rare cases (such as transforming images with a large amount of embedded EXIF or ICC profile data) in which the output image will be larger than the worst-case size, and <a class="el" href="group___turbo_j_p_e_g.html#ga8808d403c68b62aaa58a4c1e58e98963" title="Disable buffer (re)allocation.">TJFLAG_NOREALLOC</a> cannot be used in those cases.</li>
-</ol>
-If you choose option 1, <code>dstSizes[i]</code> should be set to the size of your pre-allocated buffer. In any case, unless you have set <a class="el" href="group___turbo_j_p_e_g.html#ga8808d403c68b62aaa58a4c1e58e98963" title="Disable buffer (re)allocation.">TJFLAG_NOREALLOC</a>, you should always check <code>dstBufs[i]</code> upon return from this function, as it may have changed.</td></tr>
-    <tr><td class="paramname">dstSizes</td><td>pointer to an array of n unsigned long variables that will receive the actual sizes (in bytes) of each transformed JPEG image. If <code>dstBufs[i]</code> points to a pre-allocated buffer, then <code>dstSizes[i]</code> should be set to the size of the buffer. Upon return, <code>dstSizes[i]</code> will contain the size of the JPEG image (in bytes.)</td></tr>
-    <tr><td class="paramname">transforms</td><td>pointer to an array of n <a class="el" href="structtjtransform.html" title="Lossless transform.">tjtransform</a> structures, each of which specifies the transform parameters and/or cropping region for the corresponding transformed output image.</td></tr>
-    <tr><td class="paramname">flags</td><td>the bitwise OR of one or more of the <a class="el" href="group___turbo_j_p_e_g.html#gacb233cfd722d66d1ccbf48a7de81f0e0">flags</a></td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>0 if successful, or -1 if an error occurred (see <a class="el" href="group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa" title="Returns a descriptive error message explaining why the last command failed.">tjGetErrorStr2()</a> and <a class="el" href="group___turbo_j_p_e_g.html#ga414feeffbf860ebd31c745df203de410" title="Returns a code indicating the severity of the last error.">tjGetErrorCode()</a>.) </dd></dl>
-
-</div>
-</div>
-<h2 class="groupheader">Variable Documentation</h2>
-<a id="ga5af0ab065feefd526debf1e20c43e837"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga5af0ab065feefd526debf1e20c43e837">&#9670;&nbsp;</a></span>tjAlphaOffset</h2>
-
-<div class="memitem">
-<div class="memproto">
-<table class="mlabels">
-  <tr>
-  <td class="mlabels-left">
-      <table class="memname">
-        <tr>
-          <td class="memname">const int tjAlphaOffset[<a class="el" href="group___turbo_j_p_e_g.html#ga7010a4402f54a45ba822ad8675a4655e">TJ_NUMPF</a>]</td>
-        </tr>
-      </table>
-  </td>
-  <td class="mlabels-right">
-<span class="mlabels"><span class="mlabel">static</span></span>  </td>
-  </tr>
-</table>
-</div><div class="memdoc">
-
-<p>Alpha offset (in bytes) for a given pixel format. </p>
-<p>This specifies the number of bytes that the Alpha component is offset from the start of the pixel. For instance, if a pixel of format TJ_BGRA is stored in <code>char pixel[]</code>, then the alpha component will be <code>pixel[tjAlphaOffset[TJ_BGRA]]</code>. This will be -1 if the pixel format does not have an alpha component. </p>
-
-</div>
-</div>
-<a id="ga84e2e35d3f08025f976ec1ec53693dea"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga84e2e35d3f08025f976ec1ec53693dea">&#9670;&nbsp;</a></span>tjBlueOffset</h2>
-
-<div class="memitem">
-<div class="memproto">
-<table class="mlabels">
-  <tr>
-  <td class="mlabels-left">
-      <table class="memname">
-        <tr>
-          <td class="memname">const int tjBlueOffset[<a class="el" href="group___turbo_j_p_e_g.html#ga7010a4402f54a45ba822ad8675a4655e">TJ_NUMPF</a>]</td>
-        </tr>
-      </table>
-  </td>
-  <td class="mlabels-right">
-<span class="mlabels"><span class="mlabel">static</span></span>  </td>
-  </tr>
-</table>
-</div><div class="memdoc">
-
-<p>Blue offset (in bytes) for a given pixel format. </p>
-<p>This specifies the number of bytes that the Blue component is offset from the start of the pixel. For instance, if a pixel of format TJ_BGRX is stored in <code>char pixel[]</code>, then the blue component will be <code>pixel[tjBlueOffset[TJ_BGRX]]</code>. This will be -1 if the pixel format does not have a blue component. </p>
-
-</div>
-</div>
-<a id="ga82d6e35da441112a411da41923c0ba2f"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga82d6e35da441112a411da41923c0ba2f">&#9670;&nbsp;</a></span>tjGreenOffset</h2>
-
-<div class="memitem">
-<div class="memproto">
-<table class="mlabels">
-  <tr>
-  <td class="mlabels-left">
-      <table class="memname">
-        <tr>
-          <td class="memname">const int tjGreenOffset[<a class="el" href="group___turbo_j_p_e_g.html#ga7010a4402f54a45ba822ad8675a4655e">TJ_NUMPF</a>]</td>
-        </tr>
-      </table>
-  </td>
-  <td class="mlabels-right">
-<span class="mlabels"><span class="mlabel">static</span></span>  </td>
-  </tr>
-</table>
-</div><div class="memdoc">
-
-<p>Green offset (in bytes) for a given pixel format. </p>
-<p>This specifies the number of bytes that the green component is offset from the start of the pixel. For instance, if a pixel of format TJ_BGRX is stored in <code>char pixel[]</code>, then the green component will be <code>pixel[tjGreenOffset[TJ_BGRX]]</code>. This will be -1 if the pixel format does not have a green component. </p>
-
-</div>
-</div>
-<a id="gabd247bb9fecb393eca57366feb8327bf"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#gabd247bb9fecb393eca57366feb8327bf">&#9670;&nbsp;</a></span>tjMCUHeight</h2>
-
-<div class="memitem">
-<div class="memproto">
-<table class="mlabels">
-  <tr>
-  <td class="mlabels-left">
-      <table class="memname">
-        <tr>
-          <td class="memname">const int tjMCUHeight[<a class="el" href="group___turbo_j_p_e_g.html#ga5ef3d169162ce77ce348e292a0b7477c">TJ_NUMSAMP</a>]</td>
-        </tr>
-      </table>
-  </td>
-  <td class="mlabels-right">
-<span class="mlabels"><span class="mlabel">static</span></span>  </td>
-  </tr>
-</table>
-</div><div class="memdoc">
-
-<p>MCU block height (in pixels) for a given level of chrominance subsampling. </p>
-<p>MCU block sizes:</p><ul>
-<li>8x8 for no subsampling or grayscale</li>
-<li>16x8 for 4:2:2</li>
-<li>8x16 for 4:4:0</li>
-<li>16x16 for 4:2:0</li>
-<li>32x8 for 4:1:1 </li>
-</ul>
-
-</div>
-</div>
-<a id="ga9e61e7cd47a15a173283ba94e781308c"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ga9e61e7cd47a15a173283ba94e781308c">&#9670;&nbsp;</a></span>tjMCUWidth</h2>
-
-<div class="memitem">
-<div class="memproto">
-<table class="mlabels">
-  <tr>
-  <td class="mlabels-left">
-      <table class="memname">
-        <tr>
-          <td class="memname">const int tjMCUWidth[<a class="el" href="group___turbo_j_p_e_g.html#ga5ef3d169162ce77ce348e292a0b7477c">TJ_NUMSAMP</a>]</td>
-        </tr>
-      </table>
-  </td>
-  <td class="mlabels-right">
-<span class="mlabels"><span class="mlabel">static</span></span>  </td>
-  </tr>
-</table>
-</div><div class="memdoc">
-
-<p>MCU block width (in pixels) for a given level of chrominance subsampling. </p>
-<p>MCU block sizes:</p><ul>
-<li>8x8 for no subsampling or grayscale</li>
-<li>16x8 for 4:2:2</li>
-<li>8x16 for 4:4:0</li>
-<li>16x16 for 4:2:0</li>
-<li>32x8 for 4:1:1 </li>
-</ul>
-
-</div>
-</div>
-<a id="gad77cf8fe5b2bfd3cb3f53098146abb4c"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#gad77cf8fe5b2bfd3cb3f53098146abb4c">&#9670;&nbsp;</a></span>tjPixelSize</h2>
-
-<div class="memitem">
-<div class="memproto">
-<table class="mlabels">
-  <tr>
-  <td class="mlabels-left">
-      <table class="memname">
-        <tr>
-          <td class="memname">const int tjPixelSize[<a class="el" href="group___turbo_j_p_e_g.html#ga7010a4402f54a45ba822ad8675a4655e">TJ_NUMPF</a>]</td>
-        </tr>
-      </table>
-  </td>
-  <td class="mlabels-right">
-<span class="mlabels"><span class="mlabel">static</span></span>  </td>
-  </tr>
-</table>
-</div><div class="memdoc">
-
-<p>Pixel size (in bytes) for a given pixel format. </p>
-
-</div>
-</div>
-<a id="gadd9b446742ac8a3923f7992c7988fea8"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#gadd9b446742ac8a3923f7992c7988fea8">&#9670;&nbsp;</a></span>tjRedOffset</h2>
-
-<div class="memitem">
-<div class="memproto">
-<table class="mlabels">
-  <tr>
-  <td class="mlabels-left">
-      <table class="memname">
-        <tr>
-          <td class="memname">const int tjRedOffset[<a class="el" href="group___turbo_j_p_e_g.html#ga7010a4402f54a45ba822ad8675a4655e">TJ_NUMPF</a>]</td>
-        </tr>
-      </table>
-  </td>
-  <td class="mlabels-right">
-<span class="mlabels"><span class="mlabel">static</span></span>  </td>
-  </tr>
-</table>
-</div><div class="memdoc">
-
-<p>Red offset (in bytes) for a given pixel format. </p>
-<p>This specifies the number of bytes that the red component is offset from the start of the pixel. For instance, if a pixel of format TJ_BGRX is stored in <code>char pixel[]</code>, then the red component will be <code>pixel[tjRedOffset[TJ_BGRX]]</code>. This will be -1 if the pixel format does not have a red component. </p>
-
-</div>
-</div>
-</div><!-- contents -->
-<!-- start footer part -->
-<hr class="footer"/><address class="footer"><small>
-Generated by&#160;<a href="http://www.doxygen.org/index.html"><img class="footer" src="doxygen.svg" width="104" height="31" alt="doxygen"/></a> 1.8.20
-</small></address>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/index.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/index.html
deleted file mode 100644
index 165a589..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/index.html
+++ /dev/null
@@ -1,76 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta http-equiv="X-UA-Compatible" content="IE=9"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<meta name="viewport" content="width=device-width, initial-scale=1"/>
-<title>TurboJPEG: Main Page</title>
-<link href="tabs.css" rel="stylesheet" type="text/css"/>
-<script type="text/javascript" src="jquery.js"></script>
-<script type="text/javascript" src="dynsections.js"></script>
-<link href="search/search.css" rel="stylesheet" type="text/css"/>
-<script type="text/javascript" src="search/searchdata.js"></script>
-<script type="text/javascript" src="search/search.js"></script>
-<link href="doxygen.css" rel="stylesheet" type="text/css" />
-<link href="doxygen-extra.css" rel="stylesheet" type="text/css"/>
-</head>
-<body>
-<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
-<div id="titlearea">
-<table cellspacing="0" cellpadding="0">
- <tbody>
- <tr style="height: 56px;">
-  <td id="projectalign" style="padding-left: 0.5em;">
-   <div id="projectname">TurboJPEG
-   &#160;<span id="projectnumber">2.1</span>
-   </div>
-  </td>
- </tr>
- </tbody>
-</table>
-</div>
-<!-- end header part -->
-<!-- Generated by Doxygen 1.8.20 -->
-<script type="text/javascript">
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-var searchBox = new SearchBox("searchBox", "search",false,'Search');
-/* @license-end */
-</script>
-<script type="text/javascript" src="menudata.js"></script>
-<script type="text/javascript" src="menu.js"></script>
-<script type="text/javascript">
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-$(function() {
-  initMenu('',true,false,'search.php','Search');
-  $(document).ready(function() { init_search(); });
-});
-/* @license-end */</script>
-<div id="main-nav"></div>
-</div><!-- top -->
-<!-- window showing the filter options -->
-<div id="MSearchSelectWindow"
-     onmouseover="return searchBox.OnSearchSelectShow()"
-     onmouseout="return searchBox.OnSearchSelectHide()"
-     onkeydown="return searchBox.OnSearchSelectKey(event)">
-</div>
-
-<!-- iframe showing the search results (closed by default) -->
-<div id="MSearchResultsWindow">
-<iframe src="javascript:void(0)" frameborder="0" 
-        name="MSearchResults" id="MSearchResults">
-</iframe>
-</div>
-
-<div class="header">
-  <div class="headertitle">
-<div class="title">TurboJPEG Documentation</div>  </div>
-</div><!--header-->
-<div class="contents">
-</div><!-- contents -->
-<!-- start footer part -->
-<hr class="footer"/><address class="footer"><small>
-Generated by&#160;<a href="http://www.doxygen.org/index.html"><img class="footer" src="doxygen.svg" width="104" height="31" alt="doxygen"/></a> 1.8.20
-</small></address>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/jquery.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/jquery.js
deleted file mode 100644
index 103c32d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/jquery.js
+++ /dev/null
@@ -1,35 +0,0 @@
-/*! jQuery v3.4.1 | (c) JS Foundation and other contributors | jquery.org/license */
-!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],E=C.document,r=Object.getPrototypeOf,s=t.slice,g=t.concat,u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"object"==typeof e||"function"==typeof e?n[o.call(e)]||"object":typeof e}var f="3.4.1",k=function(e,t){return new k.fn.init(e,t)},p=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g;function d(e){var t=!!e&&"length"in e&&e.length,n=w(e);return!m(e)&&!x(e)&&("array"===n||0===t||"number"==typeof t&&0<t&&t-1 in e)}k.fn=k.prototype={jquery:f,constructor:k,length:0,toArray:function(){return s.call(this)},get:function(e){return null==e?s.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=k.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return k.each(this,e)},map:function(n){return this.pushStack(k.map(this,function(e,t){return n.call(e,t,e)}))},slice:function(){return this.pushStack(s.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(e){var t=this.length,n=+e+(e<0?t:0);return this.pushStack(0<=n&&n<t?[this[n]]:[])},end:function(){return this.prevObject||this.constructor()},push:u,sort:t.sort,splice:t.splice},k.extend=k.fn.extend=function(){var e,t,n,r,i,o,a=arguments[0]||{},s=1,u=arguments.length,l=!1;for("boolean"==typeof a&&(l=a,a=arguments[s]||{},s++),"object"==typeof a||m(a)||(a={}),s===u&&(a=this,s--);s<u;s++)if(null!=(e=arguments[s]))for(t in e)r=e[t],"__proto__"!==t&&a!==r&&(l&&r&&(k.isPlainObject(r)||(i=Array.isArray(r)))?(n=a[t],o=i&&!Array.isArray(n)?[]:i||k.isPlainObject(n)?n:{},i=!1,a[t]=k.extend(l,o,r)):void 0!==r&&(a[t]=r));return a},k.extend({expando:"jQuery"+(f+Math.random()).replace(/\D/g,""),isReady:!0,error:function(e){throw new Error(e)},noop:function(){},isPlainObject:function(e){var t,n;return!(!e||"[object Object]"!==o.call(e))&&(!(t=r(e))||"function"==typeof(n=v.call(t,"constructor")&&t.constructor)&&a.call(n)===l)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t){b(e,{nonce:t&&t.nonce})},each:function(e,t){var n,r=0;if(d(e)){for(n=e.length;r<n;r++)if(!1===t.call(e[r],r,e[r]))break}else for(r in e)if(!1===t.call(e[r],r,e[r]))break;return e},trim:function(e){return null==e?"":(e+"").replace(p,"")},makeArray:function(e,t){var n=t||[];return null!=e&&(d(Object(e))?k.merge(n,"string"==typeof e?[e]:e):u.call(n,e)),n},inArray:function(e,t,n){return null==t?-1:i.call(t,e,n)},merge:function(e,t){for(var n=+t.length,r=0,i=e.length;r<n;r++)e[i++]=t[r];return e.length=i,e},grep:function(e,t,n){for(var r=[],i=0,o=e.length,a=!n;i<o;i++)!t(e[i],i)!==a&&r.push(e[i]);return r},map:function(e,t,n){var r,i,o=0,a=[];if(d(e))for(r=e.length;o<r;o++)null!=(i=t(e[o],o,n))&&a.push(i);else for(o in e)null!=(i=t(e[o],o,n))&&a.push(i);return g.apply([],a)},guid:1,support:y}),"function"==typeof Symbol&&(k.fn[Symbol.iterator]=t[Symbol.iterator]),k.each("Boolean Number String Function Array Date RegExp Object Error Symbol".split(" "),function(e,t){n["[object "+t+"]"]=t.toLowerCase()});var h=function(n){var e,d,b,o,i,h,f,g,w,u,l,T,C,a,E,v,s,c,y,k="sizzle"+1*new Date,m=n.document,S=0,r=0,p=ue(),x=ue(),N=ue(),A=ue(),D=function(e,t){return e===t&&(l=!0),0},j={}.hasOwnProperty,t=[],q=t.pop,L=t.push,H=t.push,O=t.slice,P=function(e,t){for(var n=0,r=e.length;n<r;n++)if(e[n]===t)return n;return-1},R="checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",M="[\\x20\\t\\r\\n\\f]",I="(?:\\\\.|[\\w-]|[^\0-\\xa0])+",W="\\["+M+"*("+I+")(?:"+M+"*([*^$|!~]?=)"+M+"*(?:'((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\"|("+I+"))|)"+M+"*\\]",$=":("+I+")(?:\\((('((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\")|((?:\\\\.|[^\\\\()[\\]]|"+W+")*)|.*)\\)|)",F=new RegExp(M+"+","g"),B=new RegExp("^"+M+"+|((?:^|[^\\\\])(?:\\\\.)*)"+M+"+$","g"),_=new RegExp("^"+M+"*,"+M+"*"),z=new RegExp("^"+M+"*([>+~]|"+M+")"+M+"*"),U=new RegExp(M+"|>"),X=new RegExp($),V=new RegExp("^"+I+"$"),G={ID:new RegExp("^#("+I+")"),CLASS:new RegExp("^\\.("+I+")"),TAG:new RegExp("^("+I+"|[*])"),ATTR:new RegExp("^"+W),PSEUDO:new RegExp("^"+$),CHILD:new RegExp("^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\("+M+"*(even|odd|(([+-]|)(\\d*)n|)"+M+"*(?:([+-]|)"+M+"*(\\d+)|))"+M+"*\\)|)","i"),bool:new RegExp("^(?:"+R+")$","i"),needsContext:new RegExp("^"+M+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\("+M+"*((?:-\\d)?\\d*)"+M+"*\\)|)(?=[^-]|$)","i")},Y=/HTML$/i,Q=/^(?:input|select|textarea|button)$/i,J=/^h\d$/i,K=/^[^{]+\{\s*\[native \w/,Z=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,ee=/[+~]/,te=new RegExp("\\\\([\\da-f]{1,6}"+M+"?|("+M+")|.)","ig"),ne=function(e,t,n){var r="0x"+t-65536;return r!=r||n?t:r<0?String.fromCharCode(r+65536):String.fromCharCode(r>>10|55296,1023&r|56320)},re=/([\0-\x1f\x7f]|^-?\d)|^-$|[^\0-\x1f\x7f-\uFFFF\w-]/g,ie=function(e,t){return t?"\0"===e?"\ufffd":e.slice(0,-1)+"\\"+e.charCodeAt(e.length-1).toString(16)+" ":"\\"+e},oe=function(){T()},ae=be(function(e){return!0===e.disabled&&"fieldset"===e.nodeName.toLowerCase()},{dir:"parentNode",next:"legend"});try{H.apply(t=O.call(m.childNodes),m.childNodes),t[m.childNodes.length].nodeType}catch(e){H={apply:t.length?function(e,t){L.apply(e,O.call(t))}:function(e,t){var n=e.length,r=0;while(e[n++]=t[r++]);e.length=n-1}}}function se(t,e,n,r){var i,o,a,s,u,l,c,f=e&&e.ownerDocument,p=e?e.nodeType:9;if(n=n||[],"string"!=typeof t||!t||1!==p&&9!==p&&11!==p)return n;if(!r&&((e?e.ownerDocument||e:m)!==C&&T(e),e=e||C,E)){if(11!==p&&(u=Z.exec(t)))if(i=u[1]){if(9===p){if(!(a=e.getElementById(i)))return n;if(a.id===i)return n.push(a),n}else if(f&&(a=f.getElementById(i))&&y(e,a)&&a.id===i)return n.push(a),n}else{if(u[2])return H.apply(n,e.getElementsByTagName(t)),n;if((i=u[3])&&d.getElementsByClassName&&e.getElementsByClassName)return H.apply(n,e.getElementsByClassName(i)),n}if(d.qsa&&!A[t+" "]&&(!v||!v.test(t))&&(1!==p||"object"!==e.nodeName.toLowerCase())){if(c=t,f=e,1===p&&U.test(t)){(s=e.getAttribute("id"))?s=s.replace(re,ie):e.setAttribute("id",s=k),o=(l=h(t)).length;while(o--)l[o]="#"+s+" "+xe(l[o]);c=l.join(","),f=ee.test(t)&&ye(e.parentNode)||e}try{return H.apply(n,f.querySelectorAll(c)),n}catch(e){A(t,!0)}finally{s===k&&e.removeAttribute("id")}}}return g(t.replace(B,"$1"),e,n,r)}function ue(){var r=[];return function e(t,n){return r.push(t+" ")>b.cacheLength&&delete e[r.shift()],e[t+" "]=n}}function le(e){return e[k]=!0,e}function ce(e){var t=C.createElement("fieldset");try{return!!e(t)}catch(e){return!1}finally{t.parentNode&&t.parentNode.removeChild(t),t=null}}function fe(e,t){var n=e.split("|"),r=n.length;while(r--)b.attrHandle[n[r]]=t}function pe(e,t){var n=t&&e,r=n&&1===e.nodeType&&1===t.nodeType&&e.sourceIndex-t.sourceIndex;if(r)return r;if(n)while(n=n.nextSibling)if(n===t)return-1;return e?1:-1}function de(t){return function(e){return"input"===e.nodeName.toLowerCase()&&e.type===t}}function he(n){return function(e){var t=e.nodeName.toLowerCase();return("input"===t||"button"===t)&&e.type===n}}function ge(t){return function(e){return"form"in e?e.parentNode&&!1===e.disabled?"label"in e?"label"in e.parentNode?e.parentNode.disabled===t:e.disabled===t:e.isDisabled===t||e.isDisabled!==!t&&ae(e)===t:e.disabled===t:"label"in e&&e.disabled===t}}function ve(a){return le(function(o){return o=+o,le(function(e,t){var n,r=a([],e.length,o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function ye(e){return e&&"undefined"!=typeof e.getElementsByTagName&&e}for(e in d=se.support={},i=se.isXML=function(e){var t=e.namespaceURI,n=(e.ownerDocument||e).documentElement;return!Y.test(t||n&&n.nodeName||"HTML")},T=se.setDocument=function(e){var t,n,r=e?e.ownerDocument||e:m;return r!==C&&9===r.nodeType&&r.documentElement&&(a=(C=r).documentElement,E=!i(C),m!==C&&(n=C.defaultView)&&n.top!==n&&(n.addEventListener?n.addEventListener("unload",oe,!1):n.attachEvent&&n.attachEvent("onunload",oe)),d.attributes=ce(function(e){return e.className="i",!e.getAttribute("className")}),d.getElementsByTagName=ce(function(e){return e.appendChild(C.createComment("")),!e.getElementsByTagName("*").length}),d.getElementsByClassName=K.test(C.getElementsByClassName),d.getById=ce(function(e){return a.appendChild(e).id=k,!C.getElementsByName||!C.getElementsByName(k).length}),d.getById?(b.filter.ID=function(e){var t=e.replace(te,ne);return function(e){return e.getAttribute("id")===t}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n=t.getElementById(e);return n?[n]:[]}}):(b.filter.ID=function(e){var n=e.replace(te,ne);return function(e){var t="undefined"!=typeof e.getAttributeNode&&e.getAttributeNode("id");return t&&t.value===n}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n,r,i,o=t.getElementById(e);if(o){if((n=o.getAttributeNode("id"))&&n.value===e)return[o];i=t.getElementsByName(e),r=0;while(o=i[r++])if((n=o.getAttributeNode("id"))&&n.value===e)return[o]}return[]}}),b.find.TAG=d.getElementsByTagName?function(e,t){return"undefined"!=typeof t.getElementsByTagName?t.getElementsByTagName(e):d.qsa?t.querySelectorAll(e):void 0}:function(e,t){var n,r=[],i=0,o=t.getElementsByTagName(e);if("*"===e){while(n=o[i++])1===n.nodeType&&r.push(n);return r}return o},b.find.CLASS=d.getElementsByClassName&&function(e,t){if("undefined"!=typeof t.getElementsByClassName&&E)return t.getElementsByClassName(e)},s=[],v=[],(d.qsa=K.test(C.querySelectorAll))&&(ce(function(e){a.appendChild(e).innerHTML="<a id='"+k+"'></a><select id='"+k+"-\r\\' msallowcapture=''><option selected=''></option></select>",e.querySelectorAll("[msallowcapture^='']").length&&v.push("[*^$]="+M+"*(?:''|\"\")"),e.querySelectorAll("[selected]").length||v.push("\\["+M+"*(?:value|"+R+")"),e.querySelectorAll("[id~="+k+"-]").length||v.push("~="),e.querySelectorAll(":checked").length||v.push(":checked"),e.querySelectorAll("a#"+k+"+*").length||v.push(".#.+[+~]")}),ce(function(e){e.innerHTML="<a href='' disabled='disabled'></a><select disabled='disabled'><option/></select>";var t=C.createElement("input");t.setAttribute("type","hidden"),e.appendChild(t).setAttribute("name","D"),e.querySelectorAll("[name=d]").length&&v.push("name"+M+"*[*^$|!~]?="),2!==e.querySelectorAll(":enabled").length&&v.push(":enabled",":disabled"),a.appendChild(e).disabled=!0,2!==e.querySelectorAll(":disabled").length&&v.push(":enabled",":disabled"),e.querySelectorAll("*,:x"),v.push(",.*:")})),(d.matchesSelector=K.test(c=a.matches||a.webkitMatchesSelector||a.mozMatchesSelector||a.oMatchesSelector||a.msMatchesSelector))&&ce(function(e){d.disconnectedMatch=c.call(e,"*"),c.call(e,"[s!='']:x"),s.push("!=",$)}),v=v.length&&new RegExp(v.join("|")),s=s.length&&new RegExp(s.join("|")),t=K.test(a.compareDocumentPosition),y=t||K.test(a.contains)?function(e,t){var n=9===e.nodeType?e.documentElement:e,r=t&&t.parentNode;return e===r||!(!r||1!==r.nodeType||!(n.contains?n.contains(r):e.compareDocumentPosition&&16&e.compareDocumentPosition(r)))}:function(e,t){if(t)while(t=t.parentNode)if(t===e)return!0;return!1},D=t?function(e,t){if(e===t)return l=!0,0;var n=!e.compareDocumentPosition-!t.compareDocumentPosition;return n||(1&(n=(e.ownerDocument||e)===(t.ownerDocument||t)?e.compareDocumentPosition(t):1)||!d.sortDetached&&t.compareDocumentPosition(e)===n?e===C||e.ownerDocument===m&&y(m,e)?-1:t===C||t.ownerDocument===m&&y(m,t)?1:u?P(u,e)-P(u,t):0:4&n?-1:1)}:function(e,t){if(e===t)return l=!0,0;var n,r=0,i=e.parentNode,o=t.parentNode,a=[e],s=[t];if(!i||!o)return e===C?-1:t===C?1:i?-1:o?1:u?P(u,e)-P(u,t):0;if(i===o)return pe(e,t);n=e;while(n=n.parentNode)a.unshift(n);n=t;while(n=n.parentNode)s.unshift(n);while(a[r]===s[r])r++;return r?pe(a[r],s[r]):a[r]===m?-1:s[r]===m?1:0}),C},se.matches=function(e,t){return se(e,null,null,t)},se.matchesSelector=function(e,t){if((e.ownerDocument||e)!==C&&T(e),d.matchesSelector&&E&&!A[t+" "]&&(!s||!s.test(t))&&(!v||!v.test(t)))try{var n=c.call(e,t);if(n||d.disconnectedMatch||e.document&&11!==e.document.nodeType)return n}catch(e){A(t,!0)}return 0<se(t,C,null,[e]).length},se.contains=function(e,t){return(e.ownerDocument||e)!==C&&T(e),y(e,t)},se.attr=function(e,t){(e.ownerDocument||e)!==C&&T(e);var n=b.attrHandle[t.toLowerCase()],r=n&&j.call(b.attrHandle,t.toLowerCase())?n(e,t,!E):void 0;return void 0!==r?r:d.attributes||!E?e.getAttribute(t):(r=e.getAttributeNode(t))&&r.specified?r.value:null},se.escape=function(e){return(e+"").replace(re,ie)},se.error=function(e){throw new Error("Syntax error, unrecognized expression: "+e)},se.uniqueSort=function(e){var t,n=[],r=0,i=0;if(l=!d.detectDuplicates,u=!d.sortStable&&e.slice(0),e.sort(D),l){while(t=e[i++])t===e[i]&&(r=n.push(i));while(r--)e.splice(n[r],1)}return u=null,e},o=se.getText=function(e){var t,n="",r=0,i=e.nodeType;if(i){if(1===i||9===i||11===i){if("string"==typeof e.textContent)return e.textContent;for(e=e.firstChild;e;e=e.nextSibling)n+=o(e)}else if(3===i||4===i)return e.nodeValue}else while(t=e[r++])n+=o(t);return n},(b=se.selectors={cacheLength:50,createPseudo:le,match:G,attrHandle:{},find:{},relative:{">":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(e){return e[1]=e[1].replace(te,ne),e[3]=(e[3]||e[4]||e[5]||"").replace(te,ne),"~="===e[2]&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),"nth"===e[1].slice(0,3)?(e[3]||se.error(e[0]),e[4]=+(e[4]?e[5]+(e[6]||1):2*("even"===e[3]||"odd"===e[3])),e[5]=+(e[7]+e[8]||"odd"===e[3])):e[3]&&se.error(e[0]),e},PSEUDO:function(e){var t,n=!e[6]&&e[2];return G.CHILD.test(e[0])?null:(e[3]?e[2]=e[4]||e[5]||"":n&&X.test(n)&&(t=h(n,!0))&&(t=n.indexOf(")",n.length-t)-n.length)&&(e[0]=e[0].slice(0,t),e[2]=n.slice(0,t)),e.slice(0,3))}},filter:{TAG:function(e){var t=e.replace(te,ne).toLowerCase();return"*"===e?function(){return!0}:function(e){return e.nodeName&&e.nodeName.toLowerCase()===t}},CLASS:function(e){var t=p[e+" "];return t||(t=new RegExp("(^|"+M+")"+e+"("+M+"|$)"))&&p(e,function(e){return t.test("string"==typeof e.className&&e.className||"undefined"!=typeof e.getAttribute&&e.getAttribute("class")||"")})},ATTR:function(n,r,i){return function(e){var t=se.attr(e,n);return null==t?"!="===r:!r||(t+="","="===r?t===i:"!="===r?t!==i:"^="===r?i&&0===t.indexOf(i):"*="===r?i&&-1<t.indexOf(i):"$="===r?i&&t.slice(-i.length)===i:"~="===r?-1<(" "+t.replace(F," ")+" ").indexOf(i):"|="===r&&(t===i||t.slice(0,i.length+1)===i+"-"))}},CHILD:function(h,e,t,g,v){var y="nth"!==h.slice(0,3),m="last"!==h.slice(-4),x="of-type"===e;return 1===g&&0===v?function(e){return!!e.parentNode}:function(e,t,n){var r,i,o,a,s,u,l=y!==m?"nextSibling":"previousSibling",c=e.parentNode,f=x&&e.nodeName.toLowerCase(),p=!n&&!x,d=!1;if(c){if(y){while(l){a=e;while(a=a[l])if(x?a.nodeName.toLowerCase()===f:1===a.nodeType)return!1;u=l="only"===h&&!u&&"nextSibling"}return!0}if(u=[m?c.firstChild:c.lastChild],m&&p){d=(s=(r=(i=(o=(a=c)[k]||(a[k]={}))[a.uniqueID]||(o[a.uniqueID]={}))[h]||[])[0]===S&&r[1])&&r[2],a=s&&c.childNodes[s];while(a=++s&&a&&a[l]||(d=s=0)||u.pop())if(1===a.nodeType&&++d&&a===e){i[h]=[S,s,d];break}}else if(p&&(d=s=(r=(i=(o=(a=e)[k]||(a[k]={}))[a.uniqueID]||(o[a.uniqueID]={}))[h]||[])[0]===S&&r[1]),!1===d)while(a=++s&&a&&a[l]||(d=s=0)||u.pop())if((x?a.nodeName.toLowerCase()===f:1===a.nodeType)&&++d&&(p&&((i=(o=a[k]||(a[k]={}))[a.uniqueID]||(o[a.uniqueID]={}))[h]=[S,d]),a===e))break;return(d-=v)===g||d%g==0&&0<=d/g}}},PSEUDO:function(e,o){var t,a=b.pseudos[e]||b.setFilters[e.toLowerCase()]||se.error("unsupported pseudo: "+e);return a[k]?a(o):1<a.length?(t=[e,e,"",o],b.setFilters.hasOwnProperty(e.toLowerCase())?le(function(e,t){var n,r=a(e,o),i=r.length;while(i--)e[n=P(e,r[i])]=!(t[n]=r[i])}):function(e){return a(e,0,t)}):a}},pseudos:{not:le(function(e){var r=[],i=[],s=f(e.replace(B,"$1"));return s[k]?le(function(e,t,n,r){var i,o=s(e,null,r,[]),a=e.length;while(a--)(i=o[a])&&(e[a]=!(t[a]=i))}):function(e,t,n){return r[0]=e,s(r,null,n,i),r[0]=null,!i.pop()}}),has:le(function(t){return function(e){return 0<se(t,e).length}}),contains:le(function(t){return t=t.replace(te,ne),function(e){return-1<(e.textContent||o(e)).indexOf(t)}}),lang:le(function(n){return V.test(n||"")||se.error("unsupported lang: "+n),n=n.replace(te,ne).toLowerCase(),function(e){var t;do{if(t=E?e.lang:e.getAttribute("xml:lang")||e.getAttribute("lang"))return(t=t.toLowerCase())===n||0===t.indexOf(n+"-")}while((e=e.parentNode)&&1===e.nodeType);return!1}}),target:function(e){var t=n.location&&n.location.hash;return t&&t.slice(1)===e.id},root:function(e){return e===a},focus:function(e){return e===C.activeElement&&(!C.hasFocus||C.hasFocus())&&!!(e.type||e.href||~e.tabIndex)},enabled:ge(!1),disabled:ge(!0),checked:function(e){var t=e.nodeName.toLowerCase();return"input"===t&&!!e.checked||"option"===t&&!!e.selected},selected:function(e){return e.parentNode&&e.parentNode.selectedIndex,!0===e.selected},empty:function(e){for(e=e.firstChild;e;e=e.nextSibling)if(e.nodeType<6)return!1;return!0},parent:function(e){return!b.pseudos.empty(e)},header:function(e){return J.test(e.nodeName)},input:function(e){return Q.test(e.nodeName)},button:function(e){var t=e.nodeName.toLowerCase();return"input"===t&&"button"===e.type||"button"===t},text:function(e){var t;return"input"===e.nodeName.toLowerCase()&&"text"===e.type&&(null==(t=e.getAttribute("type"))||"text"===t.toLowerCase())},first:ve(function(){return[0]}),last:ve(function(e,t){return[t-1]}),eq:ve(function(e,t,n){return[n<0?n+t:n]}),even:ve(function(e,t){for(var n=0;n<t;n+=2)e.push(n);return e}),odd:ve(function(e,t){for(var n=1;n<t;n+=2)e.push(n);return e}),lt:ve(function(e,t,n){for(var r=n<0?n+t:t<n?t:n;0<=--r;)e.push(r);return e}),gt:ve(function(e,t,n){for(var r=n<0?n+t:n;++r<t;)e.push(r);return e})}}).pseudos.nth=b.pseudos.eq,{radio:!0,checkbox:!0,file:!0,password:!0,image:!0})b.pseudos[e]=de(e);for(e in{submit:!0,reset:!0})b.pseudos[e]=he(e);function me(){}function xe(e){for(var t=0,n=e.length,r="";t<n;t++)r+=e[t].value;return r}function be(s,e,t){var u=e.dir,l=e.next,c=l||u,f=t&&"parentNode"===c,p=r++;return e.first?function(e,t,n){while(e=e[u])if(1===e.nodeType||f)return s(e,t,n);return!1}:function(e,t,n){var r,i,o,a=[S,p];if(n){while(e=e[u])if((1===e.nodeType||f)&&s(e,t,n))return!0}else while(e=e[u])if(1===e.nodeType||f)if(i=(o=e[k]||(e[k]={}))[e.uniqueID]||(o[e.uniqueID]={}),l&&l===e.nodeName.toLowerCase())e=e[u]||e;else{if((r=i[c])&&r[0]===S&&r[1]===p)return a[2]=r[2];if((i[c]=a)[2]=s(e,t,n))return!0}return!1}}function we(i){return 1<i.length?function(e,t,n){var r=i.length;while(r--)if(!i[r](e,t,n))return!1;return!0}:i[0]}function Te(e,t,n,r,i){for(var o,a=[],s=0,u=e.length,l=null!=t;s<u;s++)(o=e[s])&&(n&&!n(o,r,i)||(a.push(o),l&&t.push(s)));return a}function Ce(d,h,g,v,y,e){return v&&!v[k]&&(v=Ce(v)),y&&!y[k]&&(y=Ce(y,e)),le(function(e,t,n,r){var i,o,a,s=[],u=[],l=t.length,c=e||function(e,t,n){for(var r=0,i=t.length;r<i;r++)se(e,t[r],n);return n}(h||"*",n.nodeType?[n]:n,[]),f=!d||!e&&h?c:Te(c,s,d,n,r),p=g?y||(e?d:l||v)?[]:t:f;if(g&&g(f,p,n,r),v){i=Te(p,u),v(i,[],n,r),o=i.length;while(o--)(a=i[o])&&(p[u[o]]=!(f[u[o]]=a))}if(e){if(y||d){if(y){i=[],o=p.length;while(o--)(a=p[o])&&i.push(f[o]=a);y(null,p=[],i,r)}o=p.length;while(o--)(a=p[o])&&-1<(i=y?P(e,a):s[o])&&(e[i]=!(t[i]=a))}}else p=Te(p===t?p.splice(l,p.length):p),y?y(null,t,p,r):H.apply(t,p)})}function Ee(e){for(var i,t,n,r=e.length,o=b.relative[e[0].type],a=o||b.relative[" "],s=o?1:0,u=be(function(e){return e===i},a,!0),l=be(function(e){return-1<P(i,e)},a,!0),c=[function(e,t,n){var r=!o&&(n||t!==w)||((i=t).nodeType?u(e,t,n):l(e,t,n));return i=null,r}];s<r;s++)if(t=b.relative[e[s].type])c=[be(we(c),t)];else{if((t=b.filter[e[s].type].apply(null,e[s].matches))[k]){for(n=++s;n<r;n++)if(b.relative[e[n].type])break;return Ce(1<s&&we(c),1<s&&xe(e.slice(0,s-1).concat({value:" "===e[s-2].type?"*":""})).replace(B,"$1"),t,s<n&&Ee(e.slice(s,n)),n<r&&Ee(e=e.slice(n)),n<r&&xe(e))}c.push(t)}return we(c)}return me.prototype=b.filters=b.pseudos,b.setFilters=new me,h=se.tokenize=function(e,t){var n,r,i,o,a,s,u,l=x[e+" "];if(l)return t?0:l.slice(0);a=e,s=[],u=b.preFilter;while(a){for(o in n&&!(r=_.exec(a))||(r&&(a=a.slice(r[0].length)||a),s.push(i=[])),n=!1,(r=z.exec(a))&&(n=r.shift(),i.push({value:n,type:r[0].replace(B," ")}),a=a.slice(n.length)),b.filter)!(r=G[o].exec(a))||u[o]&&!(r=u[o](r))||(n=r.shift(),i.push({value:n,type:o,matches:r}),a=a.slice(n.length));if(!n)break}return t?a.length:a?se.error(e):x(e,s).slice(0)},f=se.compile=function(e,t){var n,v,y,m,x,r,i=[],o=[],a=N[e+" "];if(!a){t||(t=h(e)),n=t.length;while(n--)(a=Ee(t[n]))[k]?i.push(a):o.push(a);(a=N(e,(v=o,m=0<(y=i).length,x=0<v.length,r=function(e,t,n,r,i){var o,a,s,u=0,l="0",c=e&&[],f=[],p=w,d=e||x&&b.find.TAG("*",i),h=S+=null==p?1:Math.random()||.1,g=d.length;for(i&&(w=t===C||t||i);l!==g&&null!=(o=d[l]);l++){if(x&&o){a=0,t||o.ownerDocument===C||(T(o),n=!E);while(s=v[a++])if(s(o,t||C,n)){r.push(o);break}i&&(S=h)}m&&((o=!s&&o)&&u--,e&&c.push(o))}if(u+=l,m&&l!==u){a=0;while(s=y[a++])s(c,f,t,n);if(e){if(0<u)while(l--)c[l]||f[l]||(f[l]=q.call(r));f=Te(f)}H.apply(r,f),i&&!e&&0<f.length&&1<u+y.length&&se.uniqueSort(r)}return i&&(S=h,w=p),c},m?le(r):r))).selector=e}return a},g=se.select=function(e,t,n,r){var i,o,a,s,u,l="function"==typeof e&&e,c=!r&&h(e=l.selector||e);if(n=n||[],1===c.length){if(2<(o=c[0]=c[0].slice(0)).length&&"ID"===(a=o[0]).type&&9===t.nodeType&&E&&b.relative[o[1].type]){if(!(t=(b.find.ID(a.matches[0].replace(te,ne),t)||[])[0]))return n;l&&(t=t.parentNode),e=e.slice(o.shift().value.length)}i=G.needsContext.test(e)?0:o.length;while(i--){if(a=o[i],b.relative[s=a.type])break;if((u=b.find[s])&&(r=u(a.matches[0].replace(te,ne),ee.test(o[0].type)&&ye(t.parentNode)||t))){if(o.splice(i,1),!(e=r.length&&xe(o)))return H.apply(n,r),n;break}}}return(l||f(e,c))(r,t,!E,n,!t||ee.test(e)&&ye(t.parentNode)||t),n},d.sortStable=k.split("").sort(D).join("")===k,d.detectDuplicates=!!l,T(),d.sortDetached=ce(function(e){return 1&e.compareDocumentPosition(C.createElement("fieldset"))}),ce(function(e){return e.innerHTML="<a href='#'></a>","#"===e.firstChild.getAttribute("href")})||fe("type|href|height|width",function(e,t,n){if(!n)return e.getAttribute(t,"type"===t.toLowerCase()?1:2)}),d.attributes&&ce(function(e){return e.innerHTML="<input/>",e.firstChild.setAttribute("value",""),""===e.firstChild.getAttribute("value")})||fe("value",function(e,t,n){if(!n&&"input"===e.nodeName.toLowerCase())return e.defaultValue}),ce(function(e){return null==e.getAttribute("disabled")})||fe(R,function(e,t,n){var r;if(!n)return!0===e[t]?t.toLowerCase():(r=e.getAttributeNode(t))&&r.specified?r.value:null}),se}(C);k.find=h,k.expr=h.selectors,k.expr[":"]=k.expr.pseudos,k.uniqueSort=k.unique=h.uniqueSort,k.text=h.getText,k.isXMLDoc=h.isXML,k.contains=h.contains,k.escapeSelector=h.escape;var T=function(e,t,n){var r=[],i=void 0!==n;while((e=e[t])&&9!==e.nodeType)if(1===e.nodeType){if(i&&k(e).is(n))break;r.push(e)}return r},S=function(e,t){for(var n=[];e;e=e.nextSibling)1===e.nodeType&&e!==t&&n.push(e);return n},N=k.expr.match.needsContext;function A(e,t){return e.nodeName&&e.nodeName.toLowerCase()===t.toLowerCase()}var D=/^<([a-z][^\/\0>:\x20\t\r\n\f]*)[\x20\t\r\n\f]*\/?>(?:<\/\1>|)$/i;function j(e,n,r){return m(n)?k.grep(e,function(e,t){return!!n.call(e,t,e)!==r}):n.nodeType?k.grep(e,function(e){return e===n!==r}):"string"!=typeof n?k.grep(e,function(e){return-1<i.call(n,e)!==r}):k.filter(n,e,r)}k.filter=function(e,t,n){var r=t[0];return n&&(e=":not("+e+")"),1===t.length&&1===r.nodeType?k.find.matchesSelector(r,e)?[r]:[]:k.find.matches(e,k.grep(t,function(e){return 1===e.nodeType}))},k.fn.extend({find:function(e){var t,n,r=this.length,i=this;if("string"!=typeof e)return this.pushStack(k(e).filter(function(){for(t=0;t<r;t++)if(k.contains(i[t],this))return!0}));for(n=this.pushStack([]),t=0;t<r;t++)k.find(e,i[t],n);return 1<r?k.uniqueSort(n):n},filter:function(e){return this.pushStack(j(this,e||[],!1))},not:function(e){return this.pushStack(j(this,e||[],!0))},is:function(e){return!!j(this,"string"==typeof e&&N.test(e)?k(e):e||[],!1).length}});var q,L=/^(?:\s*(<[\w\W]+>)[^>]*|#([\w-]+))$/;(k.fn.init=function(e,t,n){var r,i;if(!e)return this;if(n=n||q,"string"==typeof e){if(!(r="<"===e[0]&&">"===e[e.length-1]&&3<=e.length?[null,e,null]:L.exec(e))||!r[1]&&t)return!t||t.jquery?(t||n).find(e):this.constructor(t).find(e);if(r[1]){if(t=t instanceof k?t[0]:t,k.merge(this,k.parseHTML(r[1],t&&t.nodeType?t.ownerDocument||t:E,!0)),D.test(r[1])&&k.isPlainObject(t))for(r in t)m(this[r])?this[r](t[r]):this.attr(r,t[r]);return this}return(i=E.getElementById(r[2]))&&(this[0]=i,this.length=1),this}return e.nodeType?(this[0]=e,this.length=1,this):m(e)?void 0!==n.ready?n.ready(e):e(k):k.makeArray(e,this)}).prototype=k.fn,q=k(E);var H=/^(?:parents|prev(?:Until|All))/,O={children:!0,contents:!0,next:!0,prev:!0};function P(e,t){while((e=e[t])&&1!==e.nodeType);return e}k.fn.extend({has:function(e){var t=k(e,this),n=t.length;return this.filter(function(){for(var e=0;e<n;e++)if(k.contains(this,t[e]))return!0})},closest:function(e,t){var n,r=0,i=this.length,o=[],a="string"!=typeof e&&k(e);if(!N.test(e))for(;r<i;r++)for(n=this[r];n&&n!==t;n=n.parentNode)if(n.nodeType<11&&(a?-1<a.index(n):1===n.nodeType&&k.find.matchesSelector(n,e))){o.push(n);break}return this.pushStack(1<o.length?k.uniqueSort(o):o)},index:function(e){return e?"string"==typeof e?i.call(k(e),this[0]):i.call(this,e.jquery?e[0]:e):this[0]&&this[0].parentNode?this.first().prevAll().length:-1},add:function(e,t){return this.pushStack(k.uniqueSort(k.merge(this.get(),k(e,t))))},addBack:function(e){return this.add(null==e?this.prevObject:this.prevObject.filter(e))}}),k.each({parent:function(e){var t=e.parentNode;return t&&11!==t.nodeType?t:null},parents:function(e){return T(e,"parentNode")},parentsUntil:function(e,t,n){return T(e,"parentNode",n)},next:function(e){return P(e,"nextSibling")},prev:function(e){return P(e,"previousSibling")},nextAll:function(e){return T(e,"nextSibling")},prevAll:function(e){return T(e,"previousSibling")},nextUntil:function(e,t,n){return T(e,"nextSibling",n)},prevUntil:function(e,t,n){return T(e,"previousSibling",n)},siblings:function(e){return S((e.parentNode||{}).firstChild,e)},children:function(e){return S(e.firstChild)},contents:function(e){return"undefined"!=typeof e.contentDocument?e.contentDocument:(A(e,"template")&&(e=e.content||e),k.merge([],e.childNodes))}},function(r,i){k.fn[r]=function(e,t){var n=k.map(this,i,e);return"Until"!==r.slice(-5)&&(t=e),t&&"string"==typeof t&&(n=k.filter(t,n)),1<this.length&&(O[r]||k.uniqueSort(n),H.test(r)&&n.reverse()),this.pushStack(n)}});var R=/[^\x20\t\r\n\f]+/g;function M(e){return e}function I(e){throw e}function W(e,t,n,r){var i;try{e&&m(i=e.promise)?i.call(e).done(t).fail(n):e&&m(i=e.then)?i.call(e,t,n):t.apply(void 0,[e].slice(r))}catch(e){n.apply(void 0,[e])}}k.Callbacks=function(r){var e,n;r="string"==typeof r?(e=r,n={},k.each(e.match(R)||[],function(e,t){n[t]=!0}),n):k.extend({},r);var i,t,o,a,s=[],u=[],l=-1,c=function(){for(a=a||r.once,o=i=!0;u.length;l=-1){t=u.shift();while(++l<s.length)!1===s[l].apply(t[0],t[1])&&r.stopOnFalse&&(l=s.length,t=!1)}r.memory||(t=!1),i=!1,a&&(s=t?[]:"")},f={add:function(){return s&&(t&&!i&&(l=s.length-1,u.push(t)),function n(e){k.each(e,function(e,t){m(t)?r.unique&&f.has(t)||s.push(t):t&&t.length&&"string"!==w(t)&&n(t)})}(arguments),t&&!i&&c()),this},remove:function(){return k.each(arguments,function(e,t){var n;while(-1<(n=k.inArray(t,s,n)))s.splice(n,1),n<=l&&l--}),this},has:function(e){return e?-1<k.inArray(e,s):0<s.length},empty:function(){return s&&(s=[]),this},disable:function(){return a=u=[],s=t="",this},disabled:function(){return!s},lock:function(){return a=u=[],t||i||(s=t=""),this},locked:function(){return!!a},fireWith:function(e,t){return a||(t=[e,(t=t||[]).slice?t.slice():t],u.push(t),i||c()),this},fire:function(){return f.fireWith(this,arguments),this},fired:function(){return!!o}};return f},k.extend({Deferred:function(e){var o=[["notify","progress",k.Callbacks("memory"),k.Callbacks("memory"),2],["resolve","done",k.Callbacks("once memory"),k.Callbacks("once memory"),0,"resolved"],["reject","fail",k.Callbacks("once memory"),k.Callbacks("once memory"),1,"rejected"]],i="pending",a={state:function(){return i},always:function(){return s.done(arguments).fail(arguments),this},"catch":function(e){return a.then(null,e)},pipe:function(){var i=arguments;return k.Deferred(function(r){k.each(o,function(e,t){var n=m(i[t[4]])&&i[t[4]];s[t[1]](function(){var e=n&&n.apply(this,arguments);e&&m(e.promise)?e.promise().progress(r.notify).done(r.resolve).fail(r.reject):r[t[0]+"With"](this,n?[e]:arguments)})}),i=null}).promise()},then:function(t,n,r){var u=0;function l(i,o,a,s){return function(){var n=this,r=arguments,e=function(){var e,t;if(!(i<u)){if((e=a.apply(n,r))===o.promise())throw new TypeError("Thenable self-resolution");t=e&&("object"==typeof e||"function"==typeof e)&&e.then,m(t)?s?t.call(e,l(u,o,M,s),l(u,o,I,s)):(u++,t.call(e,l(u,o,M,s),l(u,o,I,s),l(u,o,M,o.notifyWith))):(a!==M&&(n=void 0,r=[e]),(s||o.resolveWith)(n,r))}},t=s?e:function(){try{e()}catch(e){k.Deferred.exceptionHook&&k.Deferred.exceptionHook(e,t.stackTrace),u<=i+1&&(a!==I&&(n=void 0,r=[e]),o.rejectWith(n,r))}};i?t():(k.Deferred.getStackHook&&(t.stackTrace=k.Deferred.getStackHook()),C.setTimeout(t))}}return k.Deferred(function(e){o[0][3].add(l(0,e,m(r)?r:M,e.notifyWith)),o[1][3].add(l(0,e,m(t)?t:M)),o[2][3].add(l(0,e,m(n)?n:I))}).promise()},promise:function(e){return null!=e?k.extend(e,a):a}},s={};return k.each(o,function(e,t){var n=t[2],r=t[5];a[t[1]]=n.add,r&&n.add(function(){i=r},o[3-e][2].disable,o[3-e][3].disable,o[0][2].lock,o[0][3].lock),n.add(t[3].fire),s[t[0]]=function(){return s[t[0]+"With"](this===s?void 0:this,arguments),this},s[t[0]+"With"]=n.fireWith}),a.promise(s),e&&e.call(s,s),s},when:function(e){var n=arguments.length,t=n,r=Array(t),i=s.call(arguments),o=k.Deferred(),a=function(t){return function(e){r[t]=this,i[t]=1<arguments.length?s.call(arguments):e,--n||o.resolveWith(r,i)}};if(n<=1&&(W(e,o.done(a(t)).resolve,o.reject,!n),"pending"===o.state()||m(i[t]&&i[t].then)))return o.then();while(t--)W(i[t],a(t),o.reject);return o.promise()}});var $=/^(Eval|Internal|Range|Reference|Syntax|Type|URI)Error$/;k.Deferred.exceptionHook=function(e,t){C.console&&C.console.warn&&e&&$.test(e.name)&&C.console.warn("jQuery.Deferred exception: "+e.message,e.stack,t)},k.readyException=function(e){C.setTimeout(function(){throw e})};var F=k.Deferred();function B(){E.removeEventListener("DOMContentLoaded",B),C.removeEventListener("load",B),k.ready()}k.fn.ready=function(e){return F.then(e)["catch"](function(e){k.readyException(e)}),this},k.extend({isReady:!1,readyWait:1,ready:function(e){(!0===e?--k.readyWait:k.isReady)||(k.isReady=!0)!==e&&0<--k.readyWait||F.resolveWith(E,[k])}}),k.ready.then=F.then,"complete"===E.readyState||"loading"!==E.readyState&&!E.documentElement.doScroll?C.setTimeout(k.ready):(E.addEventListener("DOMContentLoaded",B),C.addEventListener("load",B));var _=function(e,t,n,r,i,o,a){var s=0,u=e.length,l=null==n;if("object"===w(n))for(s in i=!0,n)_(e,t,s,n[s],!0,o,a);else if(void 0!==r&&(i=!0,m(r)||(a=!0),l&&(a?(t.call(e,r),t=null):(l=t,t=function(e,t,n){return l.call(k(e),n)})),t))for(;s<u;s++)t(e[s],n,a?r:r.call(e[s],s,t(e[s],n)));return i?e:l?t.call(e):u?t(e[0],n):o},z=/^-ms-/,U=/-([a-z])/g;function X(e,t){return t.toUpperCase()}function V(e){return e.replace(z,"ms-").replace(U,X)}var G=function(e){return 1===e.nodeType||9===e.nodeType||!+e.nodeType};function Y(){this.expando=k.expando+Y.uid++}Y.uid=1,Y.prototype={cache:function(e){var t=e[this.expando];return t||(t={},G(e)&&(e.nodeType?e[this.expando]=t:Object.defineProperty(e,this.expando,{value:t,configurable:!0}))),t},set:function(e,t,n){var r,i=this.cache(e);if("string"==typeof t)i[V(t)]=n;else for(r in t)i[V(r)]=t[r];return i},get:function(e,t){return void 0===t?this.cache(e):e[this.expando]&&e[this.expando][V(t)]},access:function(e,t,n){return void 0===t||t&&"string"==typeof t&&void 0===n?this.get(e,t):(this.set(e,t,n),void 0!==n?n:t)},remove:function(e,t){var n,r=e[this.expando];if(void 0!==r){if(void 0!==t){n=(t=Array.isArray(t)?t.map(V):(t=V(t))in r?[t]:t.match(R)||[]).length;while(n--)delete r[t[n]]}(void 0===t||k.isEmptyObject(r))&&(e.nodeType?e[this.expando]=void 0:delete e[this.expando])}},hasData:function(e){var t=e[this.expando];return void 0!==t&&!k.isEmptyObject(t)}};var Q=new Y,J=new Y,K=/^(?:\{[\w\W]*\}|\[[\w\W]*\])$/,Z=/[A-Z]/g;function ee(e,t,n){var r,i;if(void 0===n&&1===e.nodeType)if(r="data-"+t.replace(Z,"-$&").toLowerCase(),"string"==typeof(n=e.getAttribute(r))){try{n="true"===(i=n)||"false"!==i&&("null"===i?null:i===+i+""?+i:K.test(i)?JSON.parse(i):i)}catch(e){}J.set(e,t,n)}else n=void 0;return n}k.extend({hasData:function(e){return J.hasData(e)||Q.hasData(e)},data:function(e,t,n){return J.access(e,t,n)},removeData:function(e,t){J.remove(e,t)},_data:function(e,t,n){return Q.access(e,t,n)},_removeData:function(e,t){Q.remove(e,t)}}),k.fn.extend({data:function(n,e){var t,r,i,o=this[0],a=o&&o.attributes;if(void 0===n){if(this.length&&(i=J.get(o),1===o.nodeType&&!Q.get(o,"hasDataAttrs"))){t=a.length;while(t--)a[t]&&0===(r=a[t].name).indexOf("data-")&&(r=V(r.slice(5)),ee(o,r,i[r]));Q.set(o,"hasDataAttrs",!0)}return i}return"object"==typeof n?this.each(function(){J.set(this,n)}):_(this,function(e){var t;if(o&&void 0===e)return void 0!==(t=J.get(o,n))?t:void 0!==(t=ee(o,n))?t:void 0;this.each(function(){J.set(this,n,e)})},null,e,1<arguments.length,null,!0)},removeData:function(e){return this.each(function(){J.remove(this,e)})}}),k.extend({queue:function(e,t,n){var r;if(e)return t=(t||"fx")+"queue",r=Q.get(e,t),n&&(!r||Array.isArray(n)?r=Q.access(e,t,k.makeArray(n)):r.push(n)),r||[]},dequeue:function(e,t){t=t||"fx";var n=k.queue(e,t),r=n.length,i=n.shift(),o=k._queueHooks(e,t);"inprogress"===i&&(i=n.shift(),r--),i&&("fx"===t&&n.unshift("inprogress"),delete o.stop,i.call(e,function(){k.dequeue(e,t)},o)),!r&&o&&o.empty.fire()},_queueHooks:function(e,t){var n=t+"queueHooks";return Q.get(e,n)||Q.access(e,n,{empty:k.Callbacks("once memory").add(function(){Q.remove(e,[t+"queue",n])})})}}),k.fn.extend({queue:function(t,n){var e=2;return"string"!=typeof t&&(n=t,t="fx",e--),arguments.length<e?k.queue(this[0],t):void 0===n?this:this.each(function(){var e=k.queue(this,t,n);k._queueHooks(this,t),"fx"===t&&"inprogress"!==e[0]&&k.dequeue(this,t)})},dequeue:function(e){return this.each(function(){k.dequeue(this,e)})},clearQueue:function(e){return this.queue(e||"fx",[])},promise:function(e,t){var n,r=1,i=k.Deferred(),o=this,a=this.length,s=function(){--r||i.resolveWith(o,[o])};"string"!=typeof e&&(t=e,e=void 0),e=e||"fx";while(a--)(n=Q.get(o[a],e+"queueHooks"))&&n.empty&&(r++,n.empty.add(s));return s(),i.promise(t)}});var te=/[+-]?(?:\d*\.|)\d+(?:[eE][+-]?\d+|)/.source,ne=new RegExp("^(?:([+-])=|)("+te+")([a-z%]*)$","i"),re=["Top","Right","Bottom","Left"],ie=E.documentElement,oe=function(e){return k.contains(e.ownerDocument,e)},ae={composed:!0};ie.getRootNode&&(oe=function(e){return k.contains(e.ownerDocument,e)||e.getRootNode(ae)===e.ownerDocument});var se=function(e,t){return"none"===(e=t||e).style.display||""===e.style.display&&oe(e)&&"none"===k.css(e,"display")},ue=function(e,t,n,r){var i,o,a={};for(o in t)a[o]=e.style[o],e.style[o]=t[o];for(o in i=n.apply(e,r||[]),t)e.style[o]=a[o];return i};function le(e,t,n,r){var i,o,a=20,s=r?function(){return r.cur()}:function(){return k.css(e,t,"")},u=s(),l=n&&n[3]||(k.cssNumber[t]?"":"px"),c=e.nodeType&&(k.cssNumber[t]||"px"!==l&&+u)&&ne.exec(k.css(e,t));if(c&&c[3]!==l){u/=2,l=l||c[3],c=+u||1;while(a--)k.style(e,t,c+l),(1-o)*(1-(o=s()/u||.5))<=0&&(a=0),c/=o;c*=2,k.style(e,t,c+l),n=n||[]}return n&&(c=+c||+u||0,i=n[1]?c+(n[1]+1)*n[2]:+n[2],r&&(r.unit=l,r.start=c,r.end=i)),i}var ce={};function fe(e,t){for(var n,r,i,o,a,s,u,l=[],c=0,f=e.length;c<f;c++)(r=e[c]).style&&(n=r.style.display,t?("none"===n&&(l[c]=Q.get(r,"display")||null,l[c]||(r.style.display="")),""===r.style.display&&se(r)&&(l[c]=(u=a=o=void 0,a=(i=r).ownerDocument,s=i.nodeName,(u=ce[s])||(o=a.body.appendChild(a.createElement(s)),u=k.css(o,"display"),o.parentNode.removeChild(o),"none"===u&&(u="block"),ce[s]=u)))):"none"!==n&&(l[c]="none",Q.set(r,"display",n)));for(c=0;c<f;c++)null!=l[c]&&(e[c].style.display=l[c]);return e}k.fn.extend({show:function(){return fe(this,!0)},hide:function(){return fe(this)},toggle:function(e){return"boolean"==typeof e?e?this.show():this.hide():this.each(function(){se(this)?k(this).show():k(this).hide()})}});var pe=/^(?:checkbox|radio)$/i,de=/<([a-z][^\/\0>\x20\t\r\n\f]*)/i,he=/^$|^module$|\/(?:java|ecma)script/i,ge={option:[1,"<select multiple='multiple'>","</select>"],thead:[1,"<table>","</table>"],col:[2,"<table><colgroup>","</colgroup></table>"],tr:[2,"<table><tbody>","</tbody></table>"],td:[3,"<table><tbody><tr>","</tr></tbody></table>"],_default:[0,"",""]};function ve(e,t){var n;return n="undefined"!=typeof e.getElementsByTagName?e.getElementsByTagName(t||"*"):"undefined"!=typeof e.querySelectorAll?e.querySelectorAll(t||"*"):[],void 0===t||t&&A(e,t)?k.merge([e],n):n}function ye(e,t){for(var n=0,r=e.length;n<r;n++)Q.set(e[n],"globalEval",!t||Q.get(t[n],"globalEval"))}ge.optgroup=ge.option,ge.tbody=ge.tfoot=ge.colgroup=ge.caption=ge.thead,ge.th=ge.td;var me,xe,be=/<|&#?\w+;/;function we(e,t,n,r,i){for(var o,a,s,u,l,c,f=t.createDocumentFragment(),p=[],d=0,h=e.length;d<h;d++)if((o=e[d])||0===o)if("object"===w(o))k.merge(p,o.nodeType?[o]:o);else if(be.test(o)){a=a||f.appendChild(t.createElement("div")),s=(de.exec(o)||["",""])[1].toLowerCase(),u=ge[s]||ge._default,a.innerHTML=u[1]+k.htmlPrefilter(o)+u[2],c=u[0];while(c--)a=a.lastChild;k.merge(p,a.childNodes),(a=f.firstChild).textContent=""}else p.push(t.createTextNode(o));f.textContent="",d=0;while(o=p[d++])if(r&&-1<k.inArray(o,r))i&&i.push(o);else if(l=oe(o),a=ve(f.appendChild(o),"script"),l&&ye(a),n){c=0;while(o=a[c++])he.test(o.type||"")&&n.push(o)}return f}me=E.createDocumentFragment().appendChild(E.createElement("div")),(xe=E.createElement("input")).setAttribute("type","radio"),xe.setAttribute("checked","checked"),xe.setAttribute("name","t"),me.appendChild(xe),y.checkClone=me.cloneNode(!0).cloneNode(!0).lastChild.checked,me.innerHTML="<textarea>x</textarea>",y.noCloneChecked=!!me.cloneNode(!0).lastChild.defaultValue;var Te=/^key/,Ce=/^(?:mouse|pointer|contextmenu|drag|drop)|click/,Ee=/^([^.]*)(?:\.(.+)|)/;function ke(){return!0}function Se(){return!1}function Ne(e,t){return e===function(){try{return E.activeElement}catch(e){}}()==("focus"===t)}function Ae(e,t,n,r,i,o){var a,s;if("object"==typeof t){for(s in"string"!=typeof n&&(r=r||n,n=void 0),t)Ae(e,s,n,r,t[s],o);return e}if(null==r&&null==i?(i=n,r=n=void 0):null==i&&("string"==typeof n?(i=r,r=void 0):(i=r,r=n,n=void 0)),!1===i)i=Se;else if(!i)return e;return 1===o&&(a=i,(i=function(e){return k().off(e),a.apply(this,arguments)}).guid=a.guid||(a.guid=k.guid++)),e.each(function(){k.event.add(this,t,i,r,n)})}function De(e,i,o){o?(Q.set(e,i,!1),k.event.add(e,i,{namespace:!1,handler:function(e){var t,n,r=Q.get(this,i);if(1&e.isTrigger&&this[i]){if(r.length)(k.event.special[i]||{}).delegateType&&e.stopPropagation();else if(r=s.call(arguments),Q.set(this,i,r),t=o(this,i),this[i](),r!==(n=Q.get(this,i))||t?Q.set(this,i,!1):n={},r!==n)return e.stopImmediatePropagation(),e.preventDefault(),n.value}else r.length&&(Q.set(this,i,{value:k.event.trigger(k.extend(r[0],k.Event.prototype),r.slice(1),this)}),e.stopImmediatePropagation())}})):void 0===Q.get(e,i)&&k.event.add(e,i,ke)}k.event={global:{},add:function(t,e,n,r,i){var o,a,s,u,l,c,f,p,d,h,g,v=Q.get(t);if(v){n.handler&&(n=(o=n).handler,i=o.selector),i&&k.find.matchesSelector(ie,i),n.guid||(n.guid=k.guid++),(u=v.events)||(u=v.events={}),(a=v.handle)||(a=v.handle=function(e){return"undefined"!=typeof k&&k.event.triggered!==e.type?k.event.dispatch.apply(t,arguments):void 0}),l=(e=(e||"").match(R)||[""]).length;while(l--)d=g=(s=Ee.exec(e[l])||[])[1],h=(s[2]||"").split(".").sort(),d&&(f=k.event.special[d]||{},d=(i?f.delegateType:f.bindType)||d,f=k.event.special[d]||{},c=k.extend({type:d,origType:g,data:r,handler:n,guid:n.guid,selector:i,needsContext:i&&k.expr.match.needsContext.test(i),namespace:h.join(".")},o),(p=u[d])||((p=u[d]=[]).delegateCount=0,f.setup&&!1!==f.setup.call(t,r,h,a)||t.addEventListener&&t.addEventListener(d,a)),f.add&&(f.add.call(t,c),c.handler.guid||(c.handler.guid=n.guid)),i?p.splice(p.delegateCount++,0,c):p.push(c),k.event.global[d]=!0)}},remove:function(e,t,n,r,i){var o,a,s,u,l,c,f,p,d,h,g,v=Q.hasData(e)&&Q.get(e);if(v&&(u=v.events)){l=(t=(t||"").match(R)||[""]).length;while(l--)if(d=g=(s=Ee.exec(t[l])||[])[1],h=(s[2]||"").split(".").sort(),d){f=k.event.special[d]||{},p=u[d=(r?f.delegateType:f.bindType)||d]||[],s=s[2]&&new RegExp("(^|\\.)"+h.join("\\.(?:.*\\.|)")+"(\\.|$)"),a=o=p.length;while(o--)c=p[o],!i&&g!==c.origType||n&&n.guid!==c.guid||s&&!s.test(c.namespace)||r&&r!==c.selector&&("**"!==r||!c.selector)||(p.splice(o,1),c.selector&&p.delegateCount--,f.remove&&f.remove.call(e,c));a&&!p.length&&(f.teardown&&!1!==f.teardown.call(e,h,v.handle)||k.removeEvent(e,d,v.handle),delete u[d])}else for(d in u)k.event.remove(e,d+t[l],n,r,!0);k.isEmptyObject(u)&&Q.remove(e,"handle events")}},dispatch:function(e){var t,n,r,i,o,a,s=k.event.fix(e),u=new Array(arguments.length),l=(Q.get(this,"events")||{})[s.type]||[],c=k.event.special[s.type]||{};for(u[0]=s,t=1;t<arguments.length;t++)u[t]=arguments[t];if(s.delegateTarget=this,!c.preDispatch||!1!==c.preDispatch.call(this,s)){a=k.event.handlers.call(this,s,l),t=0;while((i=a[t++])&&!s.isPropagationStopped()){s.currentTarget=i.elem,n=0;while((o=i.handlers[n++])&&!s.isImmediatePropagationStopped())s.rnamespace&&!1!==o.namespace&&!s.rnamespace.test(o.namespace)||(s.handleObj=o,s.data=o.data,void 0!==(r=((k.event.special[o.origType]||{}).handle||o.handler).apply(i.elem,u))&&!1===(s.result=r)&&(s.preventDefault(),s.stopPropagation()))}return c.postDispatch&&c.postDispatch.call(this,s),s.result}},handlers:function(e,t){var n,r,i,o,a,s=[],u=t.delegateCount,l=e.target;if(u&&l.nodeType&&!("click"===e.type&&1<=e.button))for(;l!==this;l=l.parentNode||this)if(1===l.nodeType&&("click"!==e.type||!0!==l.disabled)){for(o=[],a={},n=0;n<u;n++)void 0===a[i=(r=t[n]).selector+" "]&&(a[i]=r.needsContext?-1<k(i,this).index(l):k.find(i,this,null,[l]).length),a[i]&&o.push(r);o.length&&s.push({elem:l,handlers:o})}return l=this,u<t.length&&s.push({elem:l,handlers:t.slice(u)}),s},addProp:function(t,e){Object.defineProperty(k.Event.prototype,t,{enumerable:!0,configurable:!0,get:m(e)?function(){if(this.originalEvent)return e(this.originalEvent)}:function(){if(this.originalEvent)return this.originalEvent[t]},set:function(e){Object.defineProperty(this,t,{enumerable:!0,configurable:!0,writable:!0,value:e})}})},fix:function(e){return e[k.expando]?e:new k.Event(e)},special:{load:{noBubble:!0},click:{setup:function(e){var t=this||e;return pe.test(t.type)&&t.click&&A(t,"input")&&De(t,"click",ke),!1},trigger:function(e){var t=this||e;return pe.test(t.type)&&t.click&&A(t,"input")&&De(t,"click"),!0},_default:function(e){var t=e.target;return pe.test(t.type)&&t.click&&A(t,"input")&&Q.get(t,"click")||A(t,"a")}},beforeunload:{postDispatch:function(e){void 0!==e.result&&e.originalEvent&&(e.originalEvent.returnValue=e.result)}}}},k.removeEvent=function(e,t,n){e.removeEventListener&&e.removeEventListener(t,n)},k.Event=function(e,t){if(!(this instanceof k.Event))return new k.Event(e,t);e&&e.type?(this.originalEvent=e,this.type=e.type,this.isDefaultPrevented=e.defaultPrevented||void 0===e.defaultPrevented&&!1===e.returnValue?ke:Se,this.target=e.target&&3===e.target.nodeType?e.target.parentNode:e.target,this.currentTarget=e.currentTarget,this.relatedTarget=e.relatedTarget):this.type=e,t&&k.extend(this,t),this.timeStamp=e&&e.timeStamp||Date.now(),this[k.expando]=!0},k.Event.prototype={constructor:k.Event,isDefaultPrevented:Se,isPropagationStopped:Se,isImmediatePropagationStopped:Se,isSimulated:!1,preventDefault:function(){var e=this.originalEvent;this.isDefaultPrevented=ke,e&&!this.isSimulated&&e.preventDefault()},stopPropagation:function(){var e=this.originalEvent;this.isPropagationStopped=ke,e&&!this.isSimulated&&e.stopPropagation()},stopImmediatePropagation:function(){var e=this.originalEvent;this.isImmediatePropagationStopped=ke,e&&!this.isSimulated&&e.stopImmediatePropagation(),this.stopPropagation()}},k.each({altKey:!0,bubbles:!0,cancelable:!0,changedTouches:!0,ctrlKey:!0,detail:!0,eventPhase:!0,metaKey:!0,pageX:!0,pageY:!0,shiftKey:!0,view:!0,"char":!0,code:!0,charCode:!0,key:!0,keyCode:!0,button:!0,buttons:!0,clientX:!0,clientY:!0,offsetX:!0,offsetY:!0,pointerId:!0,pointerType:!0,screenX:!0,screenY:!0,targetTouches:!0,toElement:!0,touches:!0,which:function(e){var t=e.button;return null==e.which&&Te.test(e.type)?null!=e.charCode?e.charCode:e.keyCode:!e.which&&void 0!==t&&Ce.test(e.type)?1&t?1:2&t?3:4&t?2:0:e.which}},k.event.addProp),k.each({focus:"focusin",blur:"focusout"},function(e,t){k.event.special[e]={setup:function(){return De(this,e,Ne),!1},trigger:function(){return De(this,e),!0},delegateType:t}}),k.each({mouseenter:"mouseover",mouseleave:"mouseout",pointerenter:"pointerover",pointerleave:"pointerout"},function(e,i){k.event.special[e]={delegateType:i,bindType:i,handle:function(e){var t,n=e.relatedTarget,r=e.handleObj;return n&&(n===this||k.contains(this,n))||(e.type=r.origType,t=r.handler.apply(this,arguments),e.type=i),t}}}),k.fn.extend({on:function(e,t,n,r){return Ae(this,e,t,n,r)},one:function(e,t,n,r){return Ae(this,e,t,n,r,1)},off:function(e,t,n){var r,i;if(e&&e.preventDefault&&e.handleObj)return r=e.handleObj,k(e.delegateTarget).off(r.namespace?r.origType+"."+r.namespace:r.origType,r.selector,r.handler),this;if("object"==typeof e){for(i in e)this.off(i,t,e[i]);return this}return!1!==t&&"function"!=typeof t||(n=t,t=void 0),!1===n&&(n=Se),this.each(function(){k.event.remove(this,e,n,t)})}});var je=/<(?!area|br|col|embed|hr|img|input|link|meta|param)(([a-z][^\/\0>\x20\t\r\n\f]*)[^>]*)\/>/gi,qe=/<script|<style|<link/i,Le=/checked\s*(?:[^=]|=\s*.checked.)/i,He=/^\s*<!(?:\[CDATA\[|--)|(?:\]\]|--)>\s*$/g;function Oe(e,t){return A(e,"table")&&A(11!==t.nodeType?t:t.firstChild,"tr")&&k(e).children("tbody")[0]||e}function Pe(e){return e.type=(null!==e.getAttribute("type"))+"/"+e.type,e}function Re(e){return"true/"===(e.type||"").slice(0,5)?e.type=e.type.slice(5):e.removeAttribute("type"),e}function Me(e,t){var n,r,i,o,a,s,u,l;if(1===t.nodeType){if(Q.hasData(e)&&(o=Q.access(e),a=Q.set(t,o),l=o.events))for(i in delete a.handle,a.events={},l)for(n=0,r=l[i].length;n<r;n++)k.event.add(t,i,l[i][n]);J.hasData(e)&&(s=J.access(e),u=k.extend({},s),J.set(t,u))}}function Ie(n,r,i,o){r=g.apply([],r);var e,t,a,s,u,l,c=0,f=n.length,p=f-1,d=r[0],h=m(d);if(h||1<f&&"string"==typeof d&&!y.checkClone&&Le.test(d))return n.each(function(e){var t=n.eq(e);h&&(r[0]=d.call(this,e,t.html())),Ie(t,r,i,o)});if(f&&(t=(e=we(r,n[0].ownerDocument,!1,n,o)).firstChild,1===e.childNodes.length&&(e=t),t||o)){for(s=(a=k.map(ve(e,"script"),Pe)).length;c<f;c++)u=e,c!==p&&(u=k.clone(u,!0,!0),s&&k.merge(a,ve(u,"script"))),i.call(n[c],u,c);if(s)for(l=a[a.length-1].ownerDocument,k.map(a,Re),c=0;c<s;c++)u=a[c],he.test(u.type||"")&&!Q.access(u,"globalEval")&&k.contains(l,u)&&(u.src&&"module"!==(u.type||"").toLowerCase()?k._evalUrl&&!u.noModule&&k._evalUrl(u.src,{nonce:u.nonce||u.getAttribute("nonce")}):b(u.textContent.replace(He,""),u,l))}return n}function We(e,t,n){for(var r,i=t?k.filter(t,e):e,o=0;null!=(r=i[o]);o++)n||1!==r.nodeType||k.cleanData(ve(r)),r.parentNode&&(n&&oe(r)&&ye(ve(r,"script")),r.parentNode.removeChild(r));return e}k.extend({htmlPrefilter:function(e){return e.replace(je,"<$1></$2>")},clone:function(e,t,n){var r,i,o,a,s,u,l,c=e.cloneNode(!0),f=oe(e);if(!(y.noCloneChecked||1!==e.nodeType&&11!==e.nodeType||k.isXMLDoc(e)))for(a=ve(c),r=0,i=(o=ve(e)).length;r<i;r++)s=o[r],u=a[r],void 0,"input"===(l=u.nodeName.toLowerCase())&&pe.test(s.type)?u.checked=s.checked:"input"!==l&&"textarea"!==l||(u.defaultValue=s.defaultValue);if(t)if(n)for(o=o||ve(e),a=a||ve(c),r=0,i=o.length;r<i;r++)Me(o[r],a[r]);else Me(e,c);return 0<(a=ve(c,"script")).length&&ye(a,!f&&ve(e,"script")),c},cleanData:function(e){for(var t,n,r,i=k.event.special,o=0;void 0!==(n=e[o]);o++)if(G(n)){if(t=n[Q.expando]){if(t.events)for(r in t.events)i[r]?k.event.remove(n,r):k.removeEvent(n,r,t.handle);n[Q.expando]=void 0}n[J.expando]&&(n[J.expando]=void 0)}}}),k.fn.extend({detach:function(e){return We(this,e,!0)},remove:function(e){return We(this,e)},text:function(e){return _(this,function(e){return void 0===e?k.text(this):this.empty().each(function(){1!==this.nodeType&&11!==this.nodeType&&9!==this.nodeType||(this.textContent=e)})},null,e,arguments.length)},append:function(){return Ie(this,arguments,function(e){1!==this.nodeType&&11!==this.nodeType&&9!==this.nodeType||Oe(this,e).appendChild(e)})},prepend:function(){return Ie(this,arguments,function(e){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var t=Oe(this,e);t.insertBefore(e,t.firstChild)}})},before:function(){return Ie(this,arguments,function(e){this.parentNode&&this.parentNode.insertBefore(e,this)})},after:function(){return Ie(this,arguments,function(e){this.parentNode&&this.parentNode.insertBefore(e,this.nextSibling)})},empty:function(){for(var e,t=0;null!=(e=this[t]);t++)1===e.nodeType&&(k.cleanData(ve(e,!1)),e.textContent="");return this},clone:function(e,t){return e=null!=e&&e,t=null==t?e:t,this.map(function(){return k.clone(this,e,t)})},html:function(e){return _(this,function(e){var t=this[0]||{},n=0,r=this.length;if(void 0===e&&1===t.nodeType)return t.innerHTML;if("string"==typeof e&&!qe.test(e)&&!ge[(de.exec(e)||["",""])[1].toLowerCase()]){e=k.htmlPrefilter(e);try{for(;n<r;n++)1===(t=this[n]||{}).nodeType&&(k.cleanData(ve(t,!1)),t.innerHTML=e);t=0}catch(e){}}t&&this.empty().append(e)},null,e,arguments.length)},replaceWith:function(){var n=[];return Ie(this,arguments,function(e){var t=this.parentNode;k.inArray(this,n)<0&&(k.cleanData(ve(this)),t&&t.replaceChild(e,this))},n)}}),k.each({appendTo:"append",prependTo:"prepend",insertBefore:"before",insertAfter:"after",replaceAll:"replaceWith"},function(e,a){k.fn[e]=function(e){for(var t,n=[],r=k(e),i=r.length-1,o=0;o<=i;o++)t=o===i?this:this.clone(!0),k(r[o])[a](t),u.apply(n,t.get());return this.pushStack(n)}});var $e=new RegExp("^("+te+")(?!px)[a-z%]+$","i"),Fe=function(e){var t=e.ownerDocument.defaultView;return t&&t.opener||(t=C),t.getComputedStyle(e)},Be=new RegExp(re.join("|"),"i");function _e(e,t,n){var r,i,o,a,s=e.style;return(n=n||Fe(e))&&(""!==(a=n.getPropertyValue(t)||n[t])||oe(e)||(a=k.style(e,t)),!y.pixelBoxStyles()&&$e.test(a)&&Be.test(t)&&(r=s.width,i=s.minWidth,o=s.maxWidth,s.minWidth=s.maxWidth=s.width=a,a=n.width,s.width=r,s.minWidth=i,s.maxWidth=o)),void 0!==a?a+"":a}function ze(e,t){return{get:function(){if(!e())return(this.get=t).apply(this,arguments);delete this.get}}}!function(){function e(){if(u){s.style.cssText="position:absolute;left:-11111px;width:60px;margin-top:1px;padding:0;border:0",u.style.cssText="position:relative;display:block;box-sizing:border-box;overflow:scroll;margin:auto;border:1px;padding:1px;width:60%;top:1%",ie.appendChild(s).appendChild(u);var e=C.getComputedStyle(u);n="1%"!==e.top,a=12===t(e.marginLeft),u.style.right="60%",o=36===t(e.right),r=36===t(e.width),u.style.position="absolute",i=12===t(u.offsetWidth/3),ie.removeChild(s),u=null}}function t(e){return Math.round(parseFloat(e))}var n,r,i,o,a,s=E.createElement("div"),u=E.createElement("div");u.style&&(u.style.backgroundClip="content-box",u.cloneNode(!0).style.backgroundClip="",y.clearCloneStyle="content-box"===u.style.backgroundClip,k.extend(y,{boxSizingReliable:function(){return e(),r},pixelBoxStyles:function(){return e(),o},pixelPosition:function(){return e(),n},reliableMarginLeft:function(){return e(),a},scrollboxSize:function(){return e(),i}}))}();var Ue=["Webkit","Moz","ms"],Xe=E.createElement("div").style,Ve={};function Ge(e){var t=k.cssProps[e]||Ve[e];return t||(e in Xe?e:Ve[e]=function(e){var t=e[0].toUpperCase()+e.slice(1),n=Ue.length;while(n--)if((e=Ue[n]+t)in Xe)return e}(e)||e)}var Ye=/^(none|table(?!-c[ea]).+)/,Qe=/^--/,Je={position:"absolute",visibility:"hidden",display:"block"},Ke={letterSpacing:"0",fontWeight:"400"};function Ze(e,t,n){var r=ne.exec(t);return r?Math.max(0,r[2]-(n||0))+(r[3]||"px"):t}function et(e,t,n,r,i,o){var a="width"===t?1:0,s=0,u=0;if(n===(r?"border":"content"))return 0;for(;a<4;a+=2)"margin"===n&&(u+=k.css(e,n+re[a],!0,i)),r?("content"===n&&(u-=k.css(e,"padding"+re[a],!0,i)),"margin"!==n&&(u-=k.css(e,"border"+re[a]+"Width",!0,i))):(u+=k.css(e,"padding"+re[a],!0,i),"padding"!==n?u+=k.css(e,"border"+re[a]+"Width",!0,i):s+=k.css(e,"border"+re[a]+"Width",!0,i));return!r&&0<=o&&(u+=Math.max(0,Math.ceil(e["offset"+t[0].toUpperCase()+t.slice(1)]-o-u-s-.5))||0),u}function tt(e,t,n){var r=Fe(e),i=(!y.boxSizingReliable()||n)&&"border-box"===k.css(e,"boxSizing",!1,r),o=i,a=_e(e,t,r),s="offset"+t[0].toUpperCase()+t.slice(1);if($e.test(a)){if(!n)return a;a="auto"}return(!y.boxSizingReliable()&&i||"auto"===a||!parseFloat(a)&&"inline"===k.css(e,"display",!1,r))&&e.getClientRects().length&&(i="border-box"===k.css(e,"boxSizing",!1,r),(o=s in e)&&(a=e[s])),(a=parseFloat(a)||0)+et(e,t,n||(i?"border":"content"),o,r,a)+"px"}function nt(e,t,n,r,i){return new nt.prototype.init(e,t,n,r,i)}k.extend({cssHooks:{opacity:{get:function(e,t){if(t){var n=_e(e,"opacity");return""===n?"1":n}}}},cssNumber:{animationIterationCount:!0,columnCount:!0,fillOpacity:!0,flexGrow:!0,flexShrink:!0,fontWeight:!0,gridArea:!0,gridColumn:!0,gridColumnEnd:!0,gridColumnStart:!0,gridRow:!0,gridRowEnd:!0,gridRowStart:!0,lineHeight:!0,opacity:!0,order:!0,orphans:!0,widows:!0,zIndex:!0,zoom:!0},cssProps:{},style:function(e,t,n,r){if(e&&3!==e.nodeType&&8!==e.nodeType&&e.style){var i,o,a,s=V(t),u=Qe.test(t),l=e.style;if(u||(t=Ge(s)),a=k.cssHooks[t]||k.cssHooks[s],void 0===n)return a&&"get"in a&&void 0!==(i=a.get(e,!1,r))?i:l[t];"string"===(o=typeof n)&&(i=ne.exec(n))&&i[1]&&(n=le(e,t,i),o="number"),null!=n&&n==n&&("number"!==o||u||(n+=i&&i[3]||(k.cssNumber[s]?"":"px")),y.clearCloneStyle||""!==n||0!==t.indexOf("background")||(l[t]="inherit"),a&&"set"in a&&void 0===(n=a.set(e,n,r))||(u?l.setProperty(t,n):l[t]=n))}},css:function(e,t,n,r){var i,o,a,s=V(t);return Qe.test(t)||(t=Ge(s)),(a=k.cssHooks[t]||k.cssHooks[s])&&"get"in a&&(i=a.get(e,!0,n)),void 0===i&&(i=_e(e,t,r)),"normal"===i&&t in Ke&&(i=Ke[t]),""===n||n?(o=parseFloat(i),!0===n||isFinite(o)?o||0:i):i}}),k.each(["height","width"],function(e,u){k.cssHooks[u]={get:function(e,t,n){if(t)return!Ye.test(k.css(e,"display"))||e.getClientRects().length&&e.getBoundingClientRect().width?tt(e,u,n):ue(e,Je,function(){return tt(e,u,n)})},set:function(e,t,n){var r,i=Fe(e),o=!y.scrollboxSize()&&"absolute"===i.position,a=(o||n)&&"border-box"===k.css(e,"boxSizing",!1,i),s=n?et(e,u,n,a,i):0;return a&&o&&(s-=Math.ceil(e["offset"+u[0].toUpperCase()+u.slice(1)]-parseFloat(i[u])-et(e,u,"border",!1,i)-.5)),s&&(r=ne.exec(t))&&"px"!==(r[3]||"px")&&(e.style[u]=t,t=k.css(e,u)),Ze(0,t,s)}}}),k.cssHooks.marginLeft=ze(y.reliableMarginLeft,function(e,t){if(t)return(parseFloat(_e(e,"marginLeft"))||e.getBoundingClientRect().left-ue(e,{marginLeft:0},function(){return e.getBoundingClientRect().left}))+"px"}),k.each({margin:"",padding:"",border:"Width"},function(i,o){k.cssHooks[i+o]={expand:function(e){for(var t=0,n={},r="string"==typeof e?e.split(" "):[e];t<4;t++)n[i+re[t]+o]=r[t]||r[t-2]||r[0];return n}},"margin"!==i&&(k.cssHooks[i+o].set=Ze)}),k.fn.extend({css:function(e,t){return _(this,function(e,t,n){var r,i,o={},a=0;if(Array.isArray(t)){for(r=Fe(e),i=t.length;a<i;a++)o[t[a]]=k.css(e,t[a],!1,r);return o}return void 0!==n?k.style(e,t,n):k.css(e,t)},e,t,1<arguments.length)}}),((k.Tween=nt).prototype={constructor:nt,init:function(e,t,n,r,i,o){this.elem=e,this.prop=n,this.easing=i||k.easing._default,this.options=t,this.start=this.now=this.cur(),this.end=r,this.unit=o||(k.cssNumber[n]?"":"px")},cur:function(){var e=nt.propHooks[this.prop];return e&&e.get?e.get(this):nt.propHooks._default.get(this)},run:function(e){var t,n=nt.propHooks[this.prop];return this.options.duration?this.pos=t=k.easing[this.easing](e,this.options.duration*e,0,1,this.options.duration):this.pos=t=e,this.now=(this.end-this.start)*t+this.start,this.options.step&&this.options.step.call(this.elem,this.now,this),n&&n.set?n.set(this):nt.propHooks._default.set(this),this}}).init.prototype=nt.prototype,(nt.propHooks={_default:{get:function(e){var t;return 1!==e.elem.nodeType||null!=e.elem[e.prop]&&null==e.elem.style[e.prop]?e.elem[e.prop]:(t=k.css(e.elem,e.prop,""))&&"auto"!==t?t:0},set:function(e){k.fx.step[e.prop]?k.fx.step[e.prop](e):1!==e.elem.nodeType||!k.cssHooks[e.prop]&&null==e.elem.style[Ge(e.prop)]?e.elem[e.prop]=e.now:k.style(e.elem,e.prop,e.now+e.unit)}}}).scrollTop=nt.propHooks.scrollLeft={set:function(e){e.elem.nodeType&&e.elem.parentNode&&(e.elem[e.prop]=e.now)}},k.easing={linear:function(e){return e},swing:function(e){return.5-Math.cos(e*Math.PI)/2},_default:"swing"},k.fx=nt.prototype.init,k.fx.step={};var rt,it,ot,at,st=/^(?:toggle|show|hide)$/,ut=/queueHooks$/;function lt(){it&&(!1===E.hidden&&C.requestAnimationFrame?C.requestAnimationFrame(lt):C.setTimeout(lt,k.fx.interval),k.fx.tick())}function ct(){return C.setTimeout(function(){rt=void 0}),rt=Date.now()}function ft(e,t){var n,r=0,i={height:e};for(t=t?1:0;r<4;r+=2-t)i["margin"+(n=re[r])]=i["padding"+n]=e;return t&&(i.opacity=i.width=e),i}function pt(e,t,n){for(var r,i=(dt.tweeners[t]||[]).concat(dt.tweeners["*"]),o=0,a=i.length;o<a;o++)if(r=i[o].call(n,t,e))return r}function dt(o,e,t){var n,a,r=0,i=dt.prefilters.length,s=k.Deferred().always(function(){delete u.elem}),u=function(){if(a)return!1;for(var e=rt||ct(),t=Math.max(0,l.startTime+l.duration-e),n=1-(t/l.duration||0),r=0,i=l.tweens.length;r<i;r++)l.tweens[r].run(n);return s.notifyWith(o,[l,n,t]),n<1&&i?t:(i||s.notifyWith(o,[l,1,0]),s.resolveWith(o,[l]),!1)},l=s.promise({elem:o,props:k.extend({},e),opts:k.extend(!0,{specialEasing:{},easing:k.easing._default},t),originalProperties:e,originalOptions:t,startTime:rt||ct(),duration:t.duration,tweens:[],createTween:function(e,t){var n=k.Tween(o,l.opts,e,t,l.opts.specialEasing[e]||l.opts.easing);return l.tweens.push(n),n},stop:function(e){var t=0,n=e?l.tweens.length:0;if(a)return this;for(a=!0;t<n;t++)l.tweens[t].run(1);return e?(s.notifyWith(o,[l,1,0]),s.resolveWith(o,[l,e])):s.rejectWith(o,[l,e]),this}}),c=l.props;for(!function(e,t){var n,r,i,o,a;for(n in e)if(i=t[r=V(n)],o=e[n],Array.isArray(o)&&(i=o[1],o=e[n]=o[0]),n!==r&&(e[r]=o,delete e[n]),(a=k.cssHooks[r])&&"expand"in a)for(n in o=a.expand(o),delete e[r],o)n in e||(e[n]=o[n],t[n]=i);else t[r]=i}(c,l.opts.specialEasing);r<i;r++)if(n=dt.prefilters[r].call(l,o,c,l.opts))return m(n.stop)&&(k._queueHooks(l.elem,l.opts.queue).stop=n.stop.bind(n)),n;return k.map(c,pt,l),m(l.opts.start)&&l.opts.start.call(o,l),l.progress(l.opts.progress).done(l.opts.done,l.opts.complete).fail(l.opts.fail).always(l.opts.always),k.fx.timer(k.extend(u,{elem:o,anim:l,queue:l.opts.queue})),l}k.Animation=k.extend(dt,{tweeners:{"*":[function(e,t){var n=this.createTween(e,t);return le(n.elem,e,ne.exec(t),n),n}]},tweener:function(e,t){m(e)?(t=e,e=["*"]):e=e.match(R);for(var n,r=0,i=e.length;r<i;r++)n=e[r],dt.tweeners[n]=dt.tweeners[n]||[],dt.tweeners[n].unshift(t)},prefilters:[function(e,t,n){var r,i,o,a,s,u,l,c,f="width"in t||"height"in t,p=this,d={},h=e.style,g=e.nodeType&&se(e),v=Q.get(e,"fxshow");for(r in n.queue||(null==(a=k._queueHooks(e,"fx")).unqueued&&(a.unqueued=0,s=a.empty.fire,a.empty.fire=function(){a.unqueued||s()}),a.unqueued++,p.always(function(){p.always(function(){a.unqueued--,k.queue(e,"fx").length||a.empty.fire()})})),t)if(i=t[r],st.test(i)){if(delete t[r],o=o||"toggle"===i,i===(g?"hide":"show")){if("show"!==i||!v||void 0===v[r])continue;g=!0}d[r]=v&&v[r]||k.style(e,r)}if((u=!k.isEmptyObject(t))||!k.isEmptyObject(d))for(r in f&&1===e.nodeType&&(n.overflow=[h.overflow,h.overflowX,h.overflowY],null==(l=v&&v.display)&&(l=Q.get(e,"display")),"none"===(c=k.css(e,"display"))&&(l?c=l:(fe([e],!0),l=e.style.display||l,c=k.css(e,"display"),fe([e]))),("inline"===c||"inline-block"===c&&null!=l)&&"none"===k.css(e,"float")&&(u||(p.done(function(){h.display=l}),null==l&&(c=h.display,l="none"===c?"":c)),h.display="inline-block")),n.overflow&&(h.overflow="hidden",p.always(function(){h.overflow=n.overflow[0],h.overflowX=n.overflow[1],h.overflowY=n.overflow[2]})),u=!1,d)u||(v?"hidden"in v&&(g=v.hidden):v=Q.access(e,"fxshow",{display:l}),o&&(v.hidden=!g),g&&fe([e],!0),p.done(function(){for(r in g||fe([e]),Q.remove(e,"fxshow"),d)k.style(e,r,d[r])})),u=pt(g?v[r]:0,r,p),r in v||(v[r]=u.start,g&&(u.end=u.start,u.start=0))}],prefilter:function(e,t){t?dt.prefilters.unshift(e):dt.prefilters.push(e)}}),k.speed=function(e,t,n){var r=e&&"object"==typeof e?k.extend({},e):{complete:n||!n&&t||m(e)&&e,duration:e,easing:n&&t||t&&!m(t)&&t};return k.fx.off?r.duration=0:"number"!=typeof r.duration&&(r.duration in k.fx.speeds?r.duration=k.fx.speeds[r.duration]:r.duration=k.fx.speeds._default),null!=r.queue&&!0!==r.queue||(r.queue="fx"),r.old=r.complete,r.complete=function(){m(r.old)&&r.old.call(this),r.queue&&k.dequeue(this,r.queue)},r},k.fn.extend({fadeTo:function(e,t,n,r){return this.filter(se).css("opacity",0).show().end().animate({opacity:t},e,n,r)},animate:function(t,e,n,r){var i=k.isEmptyObject(t),o=k.speed(e,n,r),a=function(){var e=dt(this,k.extend({},t),o);(i||Q.get(this,"finish"))&&e.stop(!0)};return a.finish=a,i||!1===o.queue?this.each(a):this.queue(o.queue,a)},stop:function(i,e,o){var a=function(e){var t=e.stop;delete e.stop,t(o)};return"string"!=typeof i&&(o=e,e=i,i=void 0),e&&!1!==i&&this.queue(i||"fx",[]),this.each(function(){var e=!0,t=null!=i&&i+"queueHooks",n=k.timers,r=Q.get(this);if(t)r[t]&&r[t].stop&&a(r[t]);else for(t in r)r[t]&&r[t].stop&&ut.test(t)&&a(r[t]);for(t=n.length;t--;)n[t].elem!==this||null!=i&&n[t].queue!==i||(n[t].anim.stop(o),e=!1,n.splice(t,1));!e&&o||k.dequeue(this,i)})},finish:function(a){return!1!==a&&(a=a||"fx"),this.each(function(){var e,t=Q.get(this),n=t[a+"queue"],r=t[a+"queueHooks"],i=k.timers,o=n?n.length:0;for(t.finish=!0,k.queue(this,a,[]),r&&r.stop&&r.stop.call(this,!0),e=i.length;e--;)i[e].elem===this&&i[e].queue===a&&(i[e].anim.stop(!0),i.splice(e,1));for(e=0;e<o;e++)n[e]&&n[e].finish&&n[e].finish.call(this);delete t.finish})}}),k.each(["toggle","show","hide"],function(e,r){var i=k.fn[r];k.fn[r]=function(e,t,n){return null==e||"boolean"==typeof e?i.apply(this,arguments):this.animate(ft(r,!0),e,t,n)}}),k.each({slideDown:ft("show"),slideUp:ft("hide"),slideToggle:ft("toggle"),fadeIn:{opacity:"show"},fadeOut:{opacity:"hide"},fadeToggle:{opacity:"toggle"}},function(e,r){k.fn[e]=function(e,t,n){return this.animate(r,e,t,n)}}),k.timers=[],k.fx.tick=function(){var e,t=0,n=k.timers;for(rt=Date.now();t<n.length;t++)(e=n[t])()||n[t]!==e||n.splice(t--,1);n.length||k.fx.stop(),rt=void 0},k.fx.timer=function(e){k.timers.push(e),k.fx.start()},k.fx.interval=13,k.fx.start=function(){it||(it=!0,lt())},k.fx.stop=function(){it=null},k.fx.speeds={slow:600,fast:200,_default:400},k.fn.delay=function(r,e){return r=k.fx&&k.fx.speeds[r]||r,e=e||"fx",this.queue(e,function(e,t){var n=C.setTimeout(e,r);t.stop=function(){C.clearTimeout(n)}})},ot=E.createElement("input"),at=E.createElement("select").appendChild(E.createElement("option")),ot.type="checkbox",y.checkOn=""!==ot.value,y.optSelected=at.selected,(ot=E.createElement("input")).value="t",ot.type="radio",y.radioValue="t"===ot.value;var ht,gt=k.expr.attrHandle;k.fn.extend({attr:function(e,t){return _(this,k.attr,e,t,1<arguments.length)},removeAttr:function(e){return this.each(function(){k.removeAttr(this,e)})}}),k.extend({attr:function(e,t,n){var r,i,o=e.nodeType;if(3!==o&&8!==o&&2!==o)return"undefined"==typeof e.getAttribute?k.prop(e,t,n):(1===o&&k.isXMLDoc(e)||(i=k.attrHooks[t.toLowerCase()]||(k.expr.match.bool.test(t)?ht:void 0)),void 0!==n?null===n?void k.removeAttr(e,t):i&&"set"in i&&void 0!==(r=i.set(e,n,t))?r:(e.setAttribute(t,n+""),n):i&&"get"in i&&null!==(r=i.get(e,t))?r:null==(r=k.find.attr(e,t))?void 0:r)},attrHooks:{type:{set:function(e,t){if(!y.radioValue&&"radio"===t&&A(e,"input")){var n=e.value;return e.setAttribute("type",t),n&&(e.value=n),t}}}},removeAttr:function(e,t){var n,r=0,i=t&&t.match(R);if(i&&1===e.nodeType)while(n=i[r++])e.removeAttribute(n)}}),ht={set:function(e,t,n){return!1===t?k.removeAttr(e,n):e.setAttribute(n,n),n}},k.each(k.expr.match.bool.source.match(/\w+/g),function(e,t){var a=gt[t]||k.find.attr;gt[t]=function(e,t,n){var r,i,o=t.toLowerCase();return n||(i=gt[o],gt[o]=r,r=null!=a(e,t,n)?o:null,gt[o]=i),r}});var vt=/^(?:input|select|textarea|button)$/i,yt=/^(?:a|area)$/i;function mt(e){return(e.match(R)||[]).join(" ")}function xt(e){return e.getAttribute&&e.getAttribute("class")||""}function bt(e){return Array.isArray(e)?e:"string"==typeof e&&e.match(R)||[]}k.fn.extend({prop:function(e,t){return _(this,k.prop,e,t,1<arguments.length)},removeProp:function(e){return this.each(function(){delete this[k.propFix[e]||e]})}}),k.extend({prop:function(e,t,n){var r,i,o=e.nodeType;if(3!==o&&8!==o&&2!==o)return 1===o&&k.isXMLDoc(e)||(t=k.propFix[t]||t,i=k.propHooks[t]),void 0!==n?i&&"set"in i&&void 0!==(r=i.set(e,n,t))?r:e[t]=n:i&&"get"in i&&null!==(r=i.get(e,t))?r:e[t]},propHooks:{tabIndex:{get:function(e){var t=k.find.attr(e,"tabindex");return t?parseInt(t,10):vt.test(e.nodeName)||yt.test(e.nodeName)&&e.href?0:-1}}},propFix:{"for":"htmlFor","class":"className"}}),y.optSelected||(k.propHooks.selected={get:function(e){var t=e.parentNode;return t&&t.parentNode&&t.parentNode.selectedIndex,null},set:function(e){var t=e.parentNode;t&&(t.selectedIndex,t.parentNode&&t.parentNode.selectedIndex)}}),k.each(["tabIndex","readOnly","maxLength","cellSpacing","cellPadding","rowSpan","colSpan","useMap","frameBorder","contentEditable"],function(){k.propFix[this.toLowerCase()]=this}),k.fn.extend({addClass:function(t){var e,n,r,i,o,a,s,u=0;if(m(t))return this.each(function(e){k(this).addClass(t.call(this,e,xt(this)))});if((e=bt(t)).length)while(n=this[u++])if(i=xt(n),r=1===n.nodeType&&" "+mt(i)+" "){a=0;while(o=e[a++])r.indexOf(" "+o+" ")<0&&(r+=o+" ");i!==(s=mt(r))&&n.setAttribute("class",s)}return this},removeClass:function(t){var e,n,r,i,o,a,s,u=0;if(m(t))return this.each(function(e){k(this).removeClass(t.call(this,e,xt(this)))});if(!arguments.length)return this.attr("class","");if((e=bt(t)).length)while(n=this[u++])if(i=xt(n),r=1===n.nodeType&&" "+mt(i)+" "){a=0;while(o=e[a++])while(-1<r.indexOf(" "+o+" "))r=r.replace(" "+o+" "," ");i!==(s=mt(r))&&n.setAttribute("class",s)}return this},toggleClass:function(i,t){var o=typeof i,a="string"===o||Array.isArray(i);return"boolean"==typeof t&&a?t?this.addClass(i):this.removeClass(i):m(i)?this.each(function(e){k(this).toggleClass(i.call(this,e,xt(this),t),t)}):this.each(function(){var e,t,n,r;if(a){t=0,n=k(this),r=bt(i);while(e=r[t++])n.hasClass(e)?n.removeClass(e):n.addClass(e)}else void 0!==i&&"boolean"!==o||((e=xt(this))&&Q.set(this,"__className__",e),this.setAttribute&&this.setAttribute("class",e||!1===i?"":Q.get(this,"__className__")||""))})},hasClass:function(e){var t,n,r=0;t=" "+e+" ";while(n=this[r++])if(1===n.nodeType&&-1<(" "+mt(xt(n))+" ").indexOf(t))return!0;return!1}});var wt=/\r/g;k.fn.extend({val:function(n){var r,e,i,t=this[0];return arguments.length?(i=m(n),this.each(function(e){var t;1===this.nodeType&&(null==(t=i?n.call(this,e,k(this).val()):n)?t="":"number"==typeof t?t+="":Array.isArray(t)&&(t=k.map(t,function(e){return null==e?"":e+""})),(r=k.valHooks[this.type]||k.valHooks[this.nodeName.toLowerCase()])&&"set"in r&&void 0!==r.set(this,t,"value")||(this.value=t))})):t?(r=k.valHooks[t.type]||k.valHooks[t.nodeName.toLowerCase()])&&"get"in r&&void 0!==(e=r.get(t,"value"))?e:"string"==typeof(e=t.value)?e.replace(wt,""):null==e?"":e:void 0}}),k.extend({valHooks:{option:{get:function(e){var t=k.find.attr(e,"value");return null!=t?t:mt(k.text(e))}},select:{get:function(e){var t,n,r,i=e.options,o=e.selectedIndex,a="select-one"===e.type,s=a?null:[],u=a?o+1:i.length;for(r=o<0?u:a?o:0;r<u;r++)if(((n=i[r]).selected||r===o)&&!n.disabled&&(!n.parentNode.disabled||!A(n.parentNode,"optgroup"))){if(t=k(n).val(),a)return t;s.push(t)}return s},set:function(e,t){var n,r,i=e.options,o=k.makeArray(t),a=i.length;while(a--)((r=i[a]).selected=-1<k.inArray(k.valHooks.option.get(r),o))&&(n=!0);return n||(e.selectedIndex=-1),o}}}}),k.each(["radio","checkbox"],function(){k.valHooks[this]={set:function(e,t){if(Array.isArray(t))return e.checked=-1<k.inArray(k(e).val(),t)}},y.checkOn||(k.valHooks[this].get=function(e){return null===e.getAttribute("value")?"on":e.value})}),y.focusin="onfocusin"in C;var Tt=/^(?:focusinfocus|focusoutblur)$/,Ct=function(e){e.stopPropagation()};k.extend(k.event,{trigger:function(e,t,n,r){var i,o,a,s,u,l,c,f,p=[n||E],d=v.call(e,"type")?e.type:e,h=v.call(e,"namespace")?e.namespace.split("."):[];if(o=f=a=n=n||E,3!==n.nodeType&&8!==n.nodeType&&!Tt.test(d+k.event.triggered)&&(-1<d.indexOf(".")&&(d=(h=d.split(".")).shift(),h.sort()),u=d.indexOf(":")<0&&"on"+d,(e=e[k.expando]?e:new k.Event(d,"object"==typeof e&&e)).isTrigger=r?2:3,e.namespace=h.join("."),e.rnamespace=e.namespace?new RegExp("(^|\\.)"+h.join("\\.(?:.*\\.|)")+"(\\.|$)"):null,e.result=void 0,e.target||(e.target=n),t=null==t?[e]:k.makeArray(t,[e]),c=k.event.special[d]||{},r||!c.trigger||!1!==c.trigger.apply(n,t))){if(!r&&!c.noBubble&&!x(n)){for(s=c.delegateType||d,Tt.test(s+d)||(o=o.parentNode);o;o=o.parentNode)p.push(o),a=o;a===(n.ownerDocument||E)&&p.push(a.defaultView||a.parentWindow||C)}i=0;while((o=p[i++])&&!e.isPropagationStopped())f=o,e.type=1<i?s:c.bindType||d,(l=(Q.get(o,"events")||{})[e.type]&&Q.get(o,"handle"))&&l.apply(o,t),(l=u&&o[u])&&l.apply&&G(o)&&(e.result=l.apply(o,t),!1===e.result&&e.preventDefault());return e.type=d,r||e.isDefaultPrevented()||c._default&&!1!==c._default.apply(p.pop(),t)||!G(n)||u&&m(n[d])&&!x(n)&&((a=n[u])&&(n[u]=null),k.event.triggered=d,e.isPropagationStopped()&&f.addEventListener(d,Ct),n[d](),e.isPropagationStopped()&&f.removeEventListener(d,Ct),k.event.triggered=void 0,a&&(n[u]=a)),e.result}},simulate:function(e,t,n){var r=k.extend(new k.Event,n,{type:e,isSimulated:!0});k.event.trigger(r,null,t)}}),k.fn.extend({trigger:function(e,t){return this.each(function(){k.event.trigger(e,t,this)})},triggerHandler:function(e,t){var n=this[0];if(n)return k.event.trigger(e,t,n,!0)}}),y.focusin||k.each({focus:"focusin",blur:"focusout"},function(n,r){var i=function(e){k.event.simulate(r,e.target,k.event.fix(e))};k.event.special[r]={setup:function(){var e=this.ownerDocument||this,t=Q.access(e,r);t||e.addEventListener(n,i,!0),Q.access(e,r,(t||0)+1)},teardown:function(){var e=this.ownerDocument||this,t=Q.access(e,r)-1;t?Q.access(e,r,t):(e.removeEventListener(n,i,!0),Q.remove(e,r))}}});var Et=C.location,kt=Date.now(),St=/\?/;k.parseXML=function(e){var t;if(!e||"string"!=typeof e)return null;try{t=(new C.DOMParser).parseFromString(e,"text/xml")}catch(e){t=void 0}return t&&!t.getElementsByTagName("parsererror").length||k.error("Invalid XML: "+e),t};var Nt=/\[\]$/,At=/\r?\n/g,Dt=/^(?:submit|button|image|reset|file)$/i,jt=/^(?:input|select|textarea|keygen)/i;function qt(n,e,r,i){var t;if(Array.isArray(e))k.each(e,function(e,t){r||Nt.test(n)?i(n,t):qt(n+"["+("object"==typeof t&&null!=t?e:"")+"]",t,r,i)});else if(r||"object"!==w(e))i(n,e);else for(t in e)qt(n+"["+t+"]",e[t],r,i)}k.param=function(e,t){var n,r=[],i=function(e,t){var n=m(t)?t():t;r[r.length]=encodeURIComponent(e)+"="+encodeURIComponent(null==n?"":n)};if(null==e)return"";if(Array.isArray(e)||e.jquery&&!k.isPlainObject(e))k.each(e,function(){i(this.name,this.value)});else for(n in e)qt(n,e[n],t,i);return r.join("&")},k.fn.extend({serialize:function(){return k.param(this.serializeArray())},serializeArray:function(){return this.map(function(){var e=k.prop(this,"elements");return e?k.makeArray(e):this}).filter(function(){var e=this.type;return this.name&&!k(this).is(":disabled")&&jt.test(this.nodeName)&&!Dt.test(e)&&(this.checked||!pe.test(e))}).map(function(e,t){var n=k(this).val();return null==n?null:Array.isArray(n)?k.map(n,function(e){return{name:t.name,value:e.replace(At,"\r\n")}}):{name:t.name,value:n.replace(At,"\r\n")}}).get()}});var Lt=/%20/g,Ht=/#.*$/,Ot=/([?&])_=[^&]*/,Pt=/^(.*?):[ \t]*([^\r\n]*)$/gm,Rt=/^(?:GET|HEAD)$/,Mt=/^\/\//,It={},Wt={},$t="*/".concat("*"),Ft=E.createElement("a");function Bt(o){return function(e,t){"string"!=typeof e&&(t=e,e="*");var n,r=0,i=e.toLowerCase().match(R)||[];if(m(t))while(n=i[r++])"+"===n[0]?(n=n.slice(1)||"*",(o[n]=o[n]||[]).unshift(t)):(o[n]=o[n]||[]).push(t)}}function _t(t,i,o,a){var s={},u=t===Wt;function l(e){var r;return s[e]=!0,k.each(t[e]||[],function(e,t){var n=t(i,o,a);return"string"!=typeof n||u||s[n]?u?!(r=n):void 0:(i.dataTypes.unshift(n),l(n),!1)}),r}return l(i.dataTypes[0])||!s["*"]&&l("*")}function zt(e,t){var n,r,i=k.ajaxSettings.flatOptions||{};for(n in t)void 0!==t[n]&&((i[n]?e:r||(r={}))[n]=t[n]);return r&&k.extend(!0,e,r),e}Ft.href=Et.href,k.extend({active:0,lastModified:{},etag:{},ajaxSettings:{url:Et.href,type:"GET",isLocal:/^(?:about|app|app-storage|.+-extension|file|res|widget):$/.test(Et.protocol),global:!0,processData:!0,async:!0,contentType:"application/x-www-form-urlencoded; charset=UTF-8",accepts:{"*":$t,text:"text/plain",html:"text/html",xml:"application/xml, text/xml",json:"application/json, text/javascript"},contents:{xml:/\bxml\b/,html:/\bhtml/,json:/\bjson\b/},responseFields:{xml:"responseXML",text:"responseText",json:"responseJSON"},converters:{"* text":String,"text html":!0,"text json":JSON.parse,"text xml":k.parseXML},flatOptions:{url:!0,context:!0}},ajaxSetup:function(e,t){return t?zt(zt(e,k.ajaxSettings),t):zt(k.ajaxSettings,e)},ajaxPrefilter:Bt(It),ajaxTransport:Bt(Wt),ajax:function(e,t){"object"==typeof e&&(t=e,e=void 0),t=t||{};var c,f,p,n,d,r,h,g,i,o,v=k.ajaxSetup({},t),y=v.context||v,m=v.context&&(y.nodeType||y.jquery)?k(y):k.event,x=k.Deferred(),b=k.Callbacks("once memory"),w=v.statusCode||{},a={},s={},u="canceled",T={readyState:0,getResponseHeader:function(e){var t;if(h){if(!n){n={};while(t=Pt.exec(p))n[t[1].toLowerCase()+" "]=(n[t[1].toLowerCase()+" "]||[]).concat(t[2])}t=n[e.toLowerCase()+" "]}return null==t?null:t.join(", ")},getAllResponseHeaders:function(){return h?p:null},setRequestHeader:function(e,t){return null==h&&(e=s[e.toLowerCase()]=s[e.toLowerCase()]||e,a[e]=t),this},overrideMimeType:function(e){return null==h&&(v.mimeType=e),this},statusCode:function(e){var t;if(e)if(h)T.always(e[T.status]);else for(t in e)w[t]=[w[t],e[t]];return this},abort:function(e){var t=e||u;return c&&c.abort(t),l(0,t),this}};if(x.promise(T),v.url=((e||v.url||Et.href)+"").replace(Mt,Et.protocol+"//"),v.type=t.method||t.type||v.method||v.type,v.dataTypes=(v.dataType||"*").toLowerCase().match(R)||[""],null==v.crossDomain){r=E.createElement("a");try{r.href=v.url,r.href=r.href,v.crossDomain=Ft.protocol+"//"+Ft.host!=r.protocol+"//"+r.host}catch(e){v.crossDomain=!0}}if(v.data&&v.processData&&"string"!=typeof v.data&&(v.data=k.param(v.data,v.traditional)),_t(It,v,t,T),h)return T;for(i in(g=k.event&&v.global)&&0==k.active++&&k.event.trigger("ajaxStart"),v.type=v.type.toUpperCase(),v.hasContent=!Rt.test(v.type),f=v.url.replace(Ht,""),v.hasContent?v.data&&v.processData&&0===(v.contentType||"").indexOf("application/x-www-form-urlencoded")&&(v.data=v.data.replace(Lt,"+")):(o=v.url.slice(f.length),v.data&&(v.processData||"string"==typeof v.data)&&(f+=(St.test(f)?"&":"?")+v.data,delete v.data),!1===v.cache&&(f=f.replace(Ot,"$1"),o=(St.test(f)?"&":"?")+"_="+kt+++o),v.url=f+o),v.ifModified&&(k.lastModified[f]&&T.setRequestHeader("If-Modified-Since",k.lastModified[f]),k.etag[f]&&T.setRequestHeader("If-None-Match",k.etag[f])),(v.data&&v.hasContent&&!1!==v.contentType||t.contentType)&&T.setRequestHeader("Content-Type",v.contentType),T.setRequestHeader("Accept",v.dataTypes[0]&&v.accepts[v.dataTypes[0]]?v.accepts[v.dataTypes[0]]+("*"!==v.dataTypes[0]?", "+$t+"; q=0.01":""):v.accepts["*"]),v.headers)T.setRequestHeader(i,v.headers[i]);if(v.beforeSend&&(!1===v.beforeSend.call(y,T,v)||h))return T.abort();if(u="abort",b.add(v.complete),T.done(v.success),T.fail(v.error),c=_t(Wt,v,t,T)){if(T.readyState=1,g&&m.trigger("ajaxSend",[T,v]),h)return T;v.async&&0<v.timeout&&(d=C.setTimeout(function(){T.abort("timeout")},v.timeout));try{h=!1,c.send(a,l)}catch(e){if(h)throw e;l(-1,e)}}else l(-1,"No Transport");function l(e,t,n,r){var i,o,a,s,u,l=t;h||(h=!0,d&&C.clearTimeout(d),c=void 0,p=r||"",T.readyState=0<e?4:0,i=200<=e&&e<300||304===e,n&&(s=function(e,t,n){var r,i,o,a,s=e.contents,u=e.dataTypes;while("*"===u[0])u.shift(),void 0===r&&(r=e.mimeType||t.getResponseHeader("Content-Type"));if(r)for(i in s)if(s[i]&&s[i].test(r)){u.unshift(i);break}if(u[0]in n)o=u[0];else{for(i in n){if(!u[0]||e.converters[i+" "+u[0]]){o=i;break}a||(a=i)}o=o||a}if(o)return o!==u[0]&&u.unshift(o),n[o]}(v,T,n)),s=function(e,t,n,r){var i,o,a,s,u,l={},c=e.dataTypes.slice();if(c[1])for(a in e.converters)l[a.toLowerCase()]=e.converters[a];o=c.shift();while(o)if(e.responseFields[o]&&(n[e.responseFields[o]]=t),!u&&r&&e.dataFilter&&(t=e.dataFilter(t,e.dataType)),u=o,o=c.shift())if("*"===o)o=u;else if("*"!==u&&u!==o){if(!(a=l[u+" "+o]||l["* "+o]))for(i in l)if((s=i.split(" "))[1]===o&&(a=l[u+" "+s[0]]||l["* "+s[0]])){!0===a?a=l[i]:!0!==l[i]&&(o=s[0],c.unshift(s[1]));break}if(!0!==a)if(a&&e["throws"])t=a(t);else try{t=a(t)}catch(e){return{state:"parsererror",error:a?e:"No conversion from "+u+" to "+o}}}return{state:"success",data:t}}(v,s,T,i),i?(v.ifModified&&((u=T.getResponseHeader("Last-Modified"))&&(k.lastModified[f]=u),(u=T.getResponseHeader("etag"))&&(k.etag[f]=u)),204===e||"HEAD"===v.type?l="nocontent":304===e?l="notmodified":(l=s.state,o=s.data,i=!(a=s.error))):(a=l,!e&&l||(l="error",e<0&&(e=0))),T.status=e,T.statusText=(t||l)+"",i?x.resolveWith(y,[o,l,T]):x.rejectWith(y,[T,l,a]),T.statusCode(w),w=void 0,g&&m.trigger(i?"ajaxSuccess":"ajaxError",[T,v,i?o:a]),b.fireWith(y,[T,l]),g&&(m.trigger("ajaxComplete",[T,v]),--k.active||k.event.trigger("ajaxStop")))}return T},getJSON:function(e,t,n){return k.get(e,t,n,"json")},getScript:function(e,t){return k.get(e,void 0,t,"script")}}),k.each(["get","post"],function(e,i){k[i]=function(e,t,n,r){return m(t)&&(r=r||n,n=t,t=void 0),k.ajax(k.extend({url:e,type:i,dataType:r,data:t,success:n},k.isPlainObject(e)&&e))}}),k._evalUrl=function(e,t){return k.ajax({url:e,type:"GET",dataType:"script",cache:!0,async:!1,global:!1,converters:{"text script":function(){}},dataFilter:function(e){k.globalEval(e,t)}})},k.fn.extend({wrapAll:function(e){var t;return this[0]&&(m(e)&&(e=e.call(this[0])),t=k(e,this[0].ownerDocument).eq(0).clone(!0),this[0].parentNode&&t.insertBefore(this[0]),t.map(function(){var e=this;while(e.firstElementChild)e=e.firstElementChild;return e}).append(this)),this},wrapInner:function(n){return m(n)?this.each(function(e){k(this).wrapInner(n.call(this,e))}):this.each(function(){var e=k(this),t=e.contents();t.length?t.wrapAll(n):e.append(n)})},wrap:function(t){var n=m(t);return this.each(function(e){k(this).wrapAll(n?t.call(this,e):t)})},unwrap:function(e){return this.parent(e).not("body").each(function(){k(this).replaceWith(this.childNodes)}),this}}),k.expr.pseudos.hidden=function(e){return!k.expr.pseudos.visible(e)},k.expr.pseudos.visible=function(e){return!!(e.offsetWidth||e.offsetHeight||e.getClientRects().length)},k.ajaxSettings.xhr=function(){try{return new C.XMLHttpRequest}catch(e){}};var Ut={0:200,1223:204},Xt=k.ajaxSettings.xhr();y.cors=!!Xt&&"withCredentials"in Xt,y.ajax=Xt=!!Xt,k.ajaxTransport(function(i){var o,a;if(y.cors||Xt&&!i.crossDomain)return{send:function(e,t){var n,r=i.xhr();if(r.open(i.type,i.url,i.async,i.username,i.password),i.xhrFields)for(n in i.xhrFields)r[n]=i.xhrFields[n];for(n in i.mimeType&&r.overrideMimeType&&r.overrideMimeType(i.mimeType),i.crossDomain||e["X-Requested-With"]||(e["X-Requested-With"]="XMLHttpRequest"),e)r.setRequestHeader(n,e[n]);o=function(e){return function(){o&&(o=a=r.onload=r.onerror=r.onabort=r.ontimeout=r.onreadystatechange=null,"abort"===e?r.abort():"error"===e?"number"!=typeof r.status?t(0,"error"):t(r.status,r.statusText):t(Ut[r.status]||r.status,r.statusText,"text"!==(r.responseType||"text")||"string"!=typeof r.responseText?{binary:r.response}:{text:r.responseText},r.getAllResponseHeaders()))}},r.onload=o(),a=r.onerror=r.ontimeout=o("error"),void 0!==r.onabort?r.onabort=a:r.onreadystatechange=function(){4===r.readyState&&C.setTimeout(function(){o&&a()})},o=o("abort");try{r.send(i.hasContent&&i.data||null)}catch(e){if(o)throw e}},abort:function(){o&&o()}}}),k.ajaxPrefilter(function(e){e.crossDomain&&(e.contents.script=!1)}),k.ajaxSetup({accepts:{script:"text/javascript, application/javascript, application/ecmascript, application/x-ecmascript"},contents:{script:/\b(?:java|ecma)script\b/},converters:{"text script":function(e){return k.globalEval(e),e}}}),k.ajaxPrefilter("script",function(e){void 0===e.cache&&(e.cache=!1),e.crossDomain&&(e.type="GET")}),k.ajaxTransport("script",function(n){var r,i;if(n.crossDomain||n.scriptAttrs)return{send:function(e,t){r=k("<script>").attr(n.scriptAttrs||{}).prop({charset:n.scriptCharset,src:n.url}).on("load error",i=function(e){r.remove(),i=null,e&&t("error"===e.type?404:200,e.type)}),E.head.appendChild(r[0])},abort:function(){i&&i()}}});var Vt,Gt=[],Yt=/(=)\?(?=&|$)|\?\?/;k.ajaxSetup({jsonp:"callback",jsonpCallback:function(){var e=Gt.pop()||k.expando+"_"+kt++;return this[e]=!0,e}}),k.ajaxPrefilter("json jsonp",function(e,t,n){var r,i,o,a=!1!==e.jsonp&&(Yt.test(e.url)?"url":"string"==typeof e.data&&0===(e.contentType||"").indexOf("application/x-www-form-urlencoded")&&Yt.test(e.data)&&"data");if(a||"jsonp"===e.dataTypes[0])return r=e.jsonpCallback=m(e.jsonpCallback)?e.jsonpCallback():e.jsonpCallback,a?e[a]=e[a].replace(Yt,"$1"+r):!1!==e.jsonp&&(e.url+=(St.test(e.url)?"&":"?")+e.jsonp+"="+r),e.converters["script json"]=function(){return o||k.error(r+" was not called"),o[0]},e.dataTypes[0]="json",i=C[r],C[r]=function(){o=arguments},n.always(function(){void 0===i?k(C).removeProp(r):C[r]=i,e[r]&&(e.jsonpCallback=t.jsonpCallback,Gt.push(r)),o&&m(i)&&i(o[0]),o=i=void 0}),"script"}),y.createHTMLDocument=((Vt=E.implementation.createHTMLDocument("").body).innerHTML="<form></form><form></form>",2===Vt.childNodes.length),k.parseHTML=function(e,t,n){return"string"!=typeof e?[]:("boolean"==typeof t&&(n=t,t=!1),t||(y.createHTMLDocument?((r=(t=E.implementation.createHTMLDocument("")).createElement("base")).href=E.location.href,t.head.appendChild(r)):t=E),o=!n&&[],(i=D.exec(e))?[t.createElement(i[1])]:(i=we([e],t,o),o&&o.length&&k(o).remove(),k.merge([],i.childNodes)));var r,i,o},k.fn.load=function(e,t,n){var r,i,o,a=this,s=e.indexOf(" ");return-1<s&&(r=mt(e.slice(s)),e=e.slice(0,s)),m(t)?(n=t,t=void 0):t&&"object"==typeof t&&(i="POST"),0<a.length&&k.ajax({url:e,type:i||"GET",dataType:"html",data:t}).done(function(e){o=arguments,a.html(r?k("<div>").append(k.parseHTML(e)).find(r):e)}).always(n&&function(e,t){a.each(function(){n.apply(this,o||[e.responseText,t,e])})}),this},k.each(["ajaxStart","ajaxStop","ajaxComplete","ajaxError","ajaxSuccess","ajaxSend"],function(e,t){k.fn[t]=function(e){return this.on(t,e)}}),k.expr.pseudos.animated=function(t){return k.grep(k.timers,function(e){return t===e.elem}).length},k.offset={setOffset:function(e,t,n){var r,i,o,a,s,u,l=k.css(e,"position"),c=k(e),f={};"static"===l&&(e.style.position="relative"),s=c.offset(),o=k.css(e,"top"),u=k.css(e,"left"),("absolute"===l||"fixed"===l)&&-1<(o+u).indexOf("auto")?(a=(r=c.position()).top,i=r.left):(a=parseFloat(o)||0,i=parseFloat(u)||0),m(t)&&(t=t.call(e,n,k.extend({},s))),null!=t.top&&(f.top=t.top-s.top+a),null!=t.left&&(f.left=t.left-s.left+i),"using"in t?t.using.call(e,f):c.css(f)}},k.fn.extend({offset:function(t){if(arguments.length)return void 0===t?this:this.each(function(e){k.offset.setOffset(this,t,e)});var e,n,r=this[0];return r?r.getClientRects().length?(e=r.getBoundingClientRect(),n=r.ownerDocument.defaultView,{top:e.top+n.pageYOffset,left:e.left+n.pageXOffset}):{top:0,left:0}:void 0},position:function(){if(this[0]){var e,t,n,r=this[0],i={top:0,left:0};if("fixed"===k.css(r,"position"))t=r.getBoundingClientRect();else{t=this.offset(),n=r.ownerDocument,e=r.offsetParent||n.documentElement;while(e&&(e===n.body||e===n.documentElement)&&"static"===k.css(e,"position"))e=e.parentNode;e&&e!==r&&1===e.nodeType&&((i=k(e).offset()).top+=k.css(e,"borderTopWidth",!0),i.left+=k.css(e,"borderLeftWidth",!0))}return{top:t.top-i.top-k.css(r,"marginTop",!0),left:t.left-i.left-k.css(r,"marginLeft",!0)}}},offsetParent:function(){return this.map(function(){var e=this.offsetParent;while(e&&"static"===k.css(e,"position"))e=e.offsetParent;return e||ie})}}),k.each({scrollLeft:"pageXOffset",scrollTop:"pageYOffset"},function(t,i){var o="pageYOffset"===i;k.fn[t]=function(e){return _(this,function(e,t,n){var r;if(x(e)?r=e:9===e.nodeType&&(r=e.defaultView),void 0===n)return r?r[i]:e[t];r?r.scrollTo(o?r.pageXOffset:n,o?n:r.pageYOffset):e[t]=n},t,e,arguments.length)}}),k.each(["top","left"],function(e,n){k.cssHooks[n]=ze(y.pixelPosition,function(e,t){if(t)return t=_e(e,n),$e.test(t)?k(e).position()[n]+"px":t})}),k.each({Height:"height",Width:"width"},function(a,s){k.each({padding:"inner"+a,content:s,"":"outer"+a},function(r,o){k.fn[o]=function(e,t){var n=arguments.length&&(r||"boolean"!=typeof e),i=r||(!0===e||!0===t?"margin":"border");return _(this,function(e,t,n){var r;return x(e)?0===o.indexOf("outer")?e["inner"+a]:e.document.documentElement["client"+a]:9===e.nodeType?(r=e.documentElement,Math.max(e.body["scroll"+a],r["scroll"+a],e.body["offset"+a],r["offset"+a],r["client"+a])):void 0===n?k.css(e,t,i):k.style(e,t,n,i)},s,n?e:void 0,n)}})}),k.each("blur focus focusin focusout resize scroll click dblclick mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave change select submit keydown keypress keyup contextmenu".split(" "),function(e,n){k.fn[n]=function(e,t){return 0<arguments.length?this.on(n,null,e,t):this.trigger(n)}}),k.fn.extend({hover:function(e,t){return this.mouseenter(e).mouseleave(t||e)}}),k.fn.extend({bind:function(e,t,n){return this.on(e,null,t,n)},unbind:function(e,t){return this.off(e,null,t)},delegate:function(e,t,n,r){return this.on(t,e,n,r)},undelegate:function(e,t,n){return 1===arguments.length?this.off(e,"**"):this.off(t,e||"**",n)}}),k.proxy=function(e,t){var n,r,i;if("string"==typeof t&&(n=e[t],t=e,e=n),m(e))return r=s.call(arguments,2),(i=function(){return e.apply(t||this,r.concat(s.call(arguments)))}).guid=e.guid=e.guid||k.guid++,i},k.holdReady=function(e){e?k.readyWait++:k.ready(!0)},k.isArray=Array.isArray,k.parseJSON=JSON.parse,k.nodeName=A,k.isFunction=m,k.isWindow=x,k.camelCase=V,k.type=w,k.now=Date.now,k.isNumeric=function(e){var t=k.type(e);return("number"===t||"string"===t)&&!isNaN(e-parseFloat(e))},"function"==typeof define&&define.amd&&define("jquery",[],function(){return k});var Qt=C.jQuery,Jt=C.$;return k.noConflict=function(e){return C.$===k&&(C.$=Jt),e&&C.jQuery===k&&(C.jQuery=Qt),k},e||(C.jQuery=C.$=k),k});
-/*! jQuery UI - v1.12.1 - 2019-01-27
-* http://jqueryui.com
-* Includes: widget.js, position.js, data.js, disable-selection.js, focusable.js, form-reset-mixin.js, jquery-1-7.js, keycode.js, labels.js, scroll-parent.js, tabbable.js, unique-id.js, widgets/resizable.js, widgets/mouse.js
-* Copyright jQuery Foundation and other contributors; Licensed MIT */
-
-(function(t){"function"==typeof define&&define.amd?define(["jquery"],t):t(jQuery)})(function(t){function e(t){for(var e=t.css("visibility");"inherit"===e;)t=t.parent(),e=t.css("visibility");return"hidden"!==e}t.ui=t.ui||{},t.ui.version="1.12.1";var i=0,s=Array.prototype.slice;t.cleanData=function(e){return function(i){var s,n,o;for(o=0;null!=(n=i[o]);o++)try{s=t._data(n,"events"),s&&s.remove&&t(n).triggerHandler("remove")}catch(a){}e(i)}}(t.cleanData),t.widget=function(e,i,s){var n,o,a,r={},h=e.split(".")[0];e=e.split(".")[1];var l=h+"-"+e;return s||(s=i,i=t.Widget),t.isArray(s)&&(s=t.extend.apply(null,[{}].concat(s))),t.expr[":"][l.toLowerCase()]=function(e){return!!t.data(e,l)},t[h]=t[h]||{},n=t[h][e],o=t[h][e]=function(t,e){return this._createWidget?(arguments.length&&this._createWidget(t,e),void 0):new o(t,e)},t.extend(o,n,{version:s.version,_proto:t.extend({},s),_childConstructors:[]}),a=new i,a.options=t.widget.extend({},a.options),t.each(s,function(e,s){return t.isFunction(s)?(r[e]=function(){function t(){return i.prototype[e].apply(this,arguments)}function n(t){return i.prototype[e].apply(this,t)}return function(){var e,i=this._super,o=this._superApply;return this._super=t,this._superApply=n,e=s.apply(this,arguments),this._super=i,this._superApply=o,e}}(),void 0):(r[e]=s,void 0)}),o.prototype=t.widget.extend(a,{widgetEventPrefix:n?a.widgetEventPrefix||e:e},r,{constructor:o,namespace:h,widgetName:e,widgetFullName:l}),n?(t.each(n._childConstructors,function(e,i){var s=i.prototype;t.widget(s.namespace+"."+s.widgetName,o,i._proto)}),delete n._childConstructors):i._childConstructors.push(o),t.widget.bridge(e,o),o},t.widget.extend=function(e){for(var i,n,o=s.call(arguments,1),a=0,r=o.length;r>a;a++)for(i in o[a])n=o[a][i],o[a].hasOwnProperty(i)&&void 0!==n&&(e[i]=t.isPlainObject(n)?t.isPlainObject(e[i])?t.widget.extend({},e[i],n):t.widget.extend({},n):n);return e},t.widget.bridge=function(e,i){var n=i.prototype.widgetFullName||e;t.fn[e]=function(o){var a="string"==typeof o,r=s.call(arguments,1),h=this;return a?this.length||"instance"!==o?this.each(function(){var i,s=t.data(this,n);return"instance"===o?(h=s,!1):s?t.isFunction(s[o])&&"_"!==o.charAt(0)?(i=s[o].apply(s,r),i!==s&&void 0!==i?(h=i&&i.jquery?h.pushStack(i.get()):i,!1):void 0):t.error("no such method '"+o+"' for "+e+" widget instance"):t.error("cannot call methods on "+e+" prior to initialization; "+"attempted to call method '"+o+"'")}):h=void 0:(r.length&&(o=t.widget.extend.apply(null,[o].concat(r))),this.each(function(){var e=t.data(this,n);e?(e.option(o||{}),e._init&&e._init()):t.data(this,n,new i(o,this))})),h}},t.Widget=function(){},t.Widget._childConstructors=[],t.Widget.prototype={widgetName:"widget",widgetEventPrefix:"",defaultElement:"<div>",options:{classes:{},disabled:!1,create:null},_createWidget:function(e,s){s=t(s||this.defaultElement||this)[0],this.element=t(s),this.uuid=i++,this.eventNamespace="."+this.widgetName+this.uuid,this.bindings=t(),this.hoverable=t(),this.focusable=t(),this.classesElementLookup={},s!==this&&(t.data(s,this.widgetFullName,this),this._on(!0,this.element,{remove:function(t){t.target===s&&this.destroy()}}),this.document=t(s.style?s.ownerDocument:s.document||s),this.window=t(this.document[0].defaultView||this.document[0].parentWindow)),this.options=t.widget.extend({},this.options,this._getCreateOptions(),e),this._create(),this.options.disabled&&this._setOptionDisabled(this.options.disabled),this._trigger("create",null,this._getCreateEventData()),this._init()},_getCreateOptions:function(){return{}},_getCreateEventData:t.noop,_create:t.noop,_init:t.noop,destroy:function(){var e=this;this._destroy(),t.each(this.classesElementLookup,function(t,i){e._removeClass(i,t)}),this.element.off(this.eventNamespace).removeData(this.widgetFullName),this.widget().off(this.eventNamespace).removeAttr("aria-disabled"),this.bindings.off(this.eventNamespace)},_destroy:t.noop,widget:function(){return this.element},option:function(e,i){var s,n,o,a=e;if(0===arguments.length)return t.widget.extend({},this.options);if("string"==typeof e)if(a={},s=e.split("."),e=s.shift(),s.length){for(n=a[e]=t.widget.extend({},this.options[e]),o=0;s.length-1>o;o++)n[s[o]]=n[s[o]]||{},n=n[s[o]];if(e=s.pop(),1===arguments.length)return void 0===n[e]?null:n[e];n[e]=i}else{if(1===arguments.length)return void 0===this.options[e]?null:this.options[e];a[e]=i}return this._setOptions(a),this},_setOptions:function(t){var e;for(e in t)this._setOption(e,t[e]);return this},_setOption:function(t,e){return"classes"===t&&this._setOptionClasses(e),this.options[t]=e,"disabled"===t&&this._setOptionDisabled(e),this},_setOptionClasses:function(e){var i,s,n;for(i in e)n=this.classesElementLookup[i],e[i]!==this.options.classes[i]&&n&&n.length&&(s=t(n.get()),this._removeClass(n,i),s.addClass(this._classes({element:s,keys:i,classes:e,add:!0})))},_setOptionDisabled:function(t){this._toggleClass(this.widget(),this.widgetFullName+"-disabled",null,!!t),t&&(this._removeClass(this.hoverable,null,"ui-state-hover"),this._removeClass(this.focusable,null,"ui-state-focus"))},enable:function(){return this._setOptions({disabled:!1})},disable:function(){return this._setOptions({disabled:!0})},_classes:function(e){function i(i,o){var a,r;for(r=0;i.length>r;r++)a=n.classesElementLookup[i[r]]||t(),a=e.add?t(t.unique(a.get().concat(e.element.get()))):t(a.not(e.element).get()),n.classesElementLookup[i[r]]=a,s.push(i[r]),o&&e.classes[i[r]]&&s.push(e.classes[i[r]])}var s=[],n=this;return e=t.extend({element:this.element,classes:this.options.classes||{}},e),this._on(e.element,{remove:"_untrackClassesElement"}),e.keys&&i(e.keys.match(/\S+/g)||[],!0),e.extra&&i(e.extra.match(/\S+/g)||[]),s.join(" ")},_untrackClassesElement:function(e){var i=this;t.each(i.classesElementLookup,function(s,n){-1!==t.inArray(e.target,n)&&(i.classesElementLookup[s]=t(n.not(e.target).get()))})},_removeClass:function(t,e,i){return this._toggleClass(t,e,i,!1)},_addClass:function(t,e,i){return this._toggleClass(t,e,i,!0)},_toggleClass:function(t,e,i,s){s="boolean"==typeof s?s:i;var n="string"==typeof t||null===t,o={extra:n?e:i,keys:n?t:e,element:n?this.element:t,add:s};return o.element.toggleClass(this._classes(o),s),this},_on:function(e,i,s){var n,o=this;"boolean"!=typeof e&&(s=i,i=e,e=!1),s?(i=n=t(i),this.bindings=this.bindings.add(i)):(s=i,i=this.element,n=this.widget()),t.each(s,function(s,a){function r(){return e||o.options.disabled!==!0&&!t(this).hasClass("ui-state-disabled")?("string"==typeof a?o[a]:a).apply(o,arguments):void 0}"string"!=typeof a&&(r.guid=a.guid=a.guid||r.guid||t.guid++);var h=s.match(/^([\w:-]*)\s*(.*)$/),l=h[1]+o.eventNamespace,c=h[2];c?n.on(l,c,r):i.on(l,r)})},_off:function(e,i){i=(i||"").split(" ").join(this.eventNamespace+" ")+this.eventNamespace,e.off(i).off(i),this.bindings=t(this.bindings.not(e).get()),this.focusable=t(this.focusable.not(e).get()),this.hoverable=t(this.hoverable.not(e).get())},_delay:function(t,e){function i(){return("string"==typeof t?s[t]:t).apply(s,arguments)}var s=this;return setTimeout(i,e||0)},_hoverable:function(e){this.hoverable=this.hoverable.add(e),this._on(e,{mouseenter:function(e){this._addClass(t(e.currentTarget),null,"ui-state-hover")},mouseleave:function(e){this._removeClass(t(e.currentTarget),null,"ui-state-hover")}})},_focusable:function(e){this.focusable=this.focusable.add(e),this._on(e,{focusin:function(e){this._addClass(t(e.currentTarget),null,"ui-state-focus")},focusout:function(e){this._removeClass(t(e.currentTarget),null,"ui-state-focus")}})},_trigger:function(e,i,s){var n,o,a=this.options[e];if(s=s||{},i=t.Event(i),i.type=(e===this.widgetEventPrefix?e:this.widgetEventPrefix+e).toLowerCase(),i.target=this.element[0],o=i.originalEvent)for(n in o)n in i||(i[n]=o[n]);return this.element.trigger(i,s),!(t.isFunction(a)&&a.apply(this.element[0],[i].concat(s))===!1||i.isDefaultPrevented())}},t.each({show:"fadeIn",hide:"fadeOut"},function(e,i){t.Widget.prototype["_"+e]=function(s,n,o){"string"==typeof n&&(n={effect:n});var a,r=n?n===!0||"number"==typeof n?i:n.effect||i:e;n=n||{},"number"==typeof n&&(n={duration:n}),a=!t.isEmptyObject(n),n.complete=o,n.delay&&s.delay(n.delay),a&&t.effects&&t.effects.effect[r]?s[e](n):r!==e&&s[r]?s[r](n.duration,n.easing,o):s.queue(function(i){t(this)[e](),o&&o.call(s[0]),i()})}}),t.widget,function(){function e(t,e,i){return[parseFloat(t[0])*(u.test(t[0])?e/100:1),parseFloat(t[1])*(u.test(t[1])?i/100:1)]}function i(e,i){return parseInt(t.css(e,i),10)||0}function s(e){var i=e[0];return 9===i.nodeType?{width:e.width(),height:e.height(),offset:{top:0,left:0}}:t.isWindow(i)?{width:e.width(),height:e.height(),offset:{top:e.scrollTop(),left:e.scrollLeft()}}:i.preventDefault?{width:0,height:0,offset:{top:i.pageY,left:i.pageX}}:{width:e.outerWidth(),height:e.outerHeight(),offset:e.offset()}}var n,o=Math.max,a=Math.abs,r=/left|center|right/,h=/top|center|bottom/,l=/[\+\-]\d+(\.[\d]+)?%?/,c=/^\w+/,u=/%$/,d=t.fn.position;t.position={scrollbarWidth:function(){if(void 0!==n)return n;var e,i,s=t("<div style='display:block;position:absolute;width:50px;height:50px;overflow:hidden;'><div style='height:100px;width:auto;'></div></div>"),o=s.children()[0];return t("body").append(s),e=o.offsetWidth,s.css("overflow","scroll"),i=o.offsetWidth,e===i&&(i=s[0].clientWidth),s.remove(),n=e-i},getScrollInfo:function(e){var i=e.isWindow||e.isDocument?"":e.element.css("overflow-x"),s=e.isWindow||e.isDocument?"":e.element.css("overflow-y"),n="scroll"===i||"auto"===i&&e.width<e.element[0].scrollWidth,o="scroll"===s||"auto"===s&&e.height<e.element[0].scrollHeight;return{width:o?t.position.scrollbarWidth():0,height:n?t.position.scrollbarWidth():0}},getWithinInfo:function(e){var i=t(e||window),s=t.isWindow(i[0]),n=!!i[0]&&9===i[0].nodeType,o=!s&&!n;return{element:i,isWindow:s,isDocument:n,offset:o?t(e).offset():{left:0,top:0},scrollLeft:i.scrollLeft(),scrollTop:i.scrollTop(),width:i.outerWidth(),height:i.outerHeight()}}},t.fn.position=function(n){if(!n||!n.of)return d.apply(this,arguments);n=t.extend({},n);var u,p,f,m,g,_,v=t(n.of),b=t.position.getWithinInfo(n.within),y=t.position.getScrollInfo(b),w=(n.collision||"flip").split(" "),x={};return _=s(v),v[0].preventDefault&&(n.at="left top"),p=_.width,f=_.height,m=_.offset,g=t.extend({},m),t.each(["my","at"],function(){var t,e,i=(n[this]||"").split(" ");1===i.length&&(i=r.test(i[0])?i.concat(["center"]):h.test(i[0])?["center"].concat(i):["center","center"]),i[0]=r.test(i[0])?i[0]:"center",i[1]=h.test(i[1])?i[1]:"center",t=l.exec(i[0]),e=l.exec(i[1]),x[this]=[t?t[0]:0,e?e[0]:0],n[this]=[c.exec(i[0])[0],c.exec(i[1])[0]]}),1===w.length&&(w[1]=w[0]),"right"===n.at[0]?g.left+=p:"center"===n.at[0]&&(g.left+=p/2),"bottom"===n.at[1]?g.top+=f:"center"===n.at[1]&&(g.top+=f/2),u=e(x.at,p,f),g.left+=u[0],g.top+=u[1],this.each(function(){var s,r,h=t(this),l=h.outerWidth(),c=h.outerHeight(),d=i(this,"marginLeft"),_=i(this,"marginTop"),k=l+d+i(this,"marginRight")+y.width,C=c+_+i(this,"marginBottom")+y.height,D=t.extend({},g),T=e(x.my,h.outerWidth(),h.outerHeight());"right"===n.my[0]?D.left-=l:"center"===n.my[0]&&(D.left-=l/2),"bottom"===n.my[1]?D.top-=c:"center"===n.my[1]&&(D.top-=c/2),D.left+=T[0],D.top+=T[1],s={marginLeft:d,marginTop:_},t.each(["left","top"],function(e,i){t.ui.position[w[e]]&&t.ui.position[w[e]][i](D,{targetWidth:p,targetHeight:f,elemWidth:l,elemHeight:c,collisionPosition:s,collisionWidth:k,collisionHeight:C,offset:[u[0]+T[0],u[1]+T[1]],my:n.my,at:n.at,within:b,elem:h})}),n.using&&(r=function(t){var e=m.left-D.left,i=e+p-l,s=m.top-D.top,r=s+f-c,u={target:{element:v,left:m.left,top:m.top,width:p,height:f},element:{element:h,left:D.left,top:D.top,width:l,height:c},horizontal:0>i?"left":e>0?"right":"center",vertical:0>r?"top":s>0?"bottom":"middle"};l>p&&p>a(e+i)&&(u.horizontal="center"),c>f&&f>a(s+r)&&(u.vertical="middle"),u.important=o(a(e),a(i))>o(a(s),a(r))?"horizontal":"vertical",n.using.call(this,t,u)}),h.offset(t.extend(D,{using:r}))})},t.ui.position={fit:{left:function(t,e){var i,s=e.within,n=s.isWindow?s.scrollLeft:s.offset.left,a=s.width,r=t.left-e.collisionPosition.marginLeft,h=n-r,l=r+e.collisionWidth-a-n;e.collisionWidth>a?h>0&&0>=l?(i=t.left+h+e.collisionWidth-a-n,t.left+=h-i):t.left=l>0&&0>=h?n:h>l?n+a-e.collisionWidth:n:h>0?t.left+=h:l>0?t.left-=l:t.left=o(t.left-r,t.left)},top:function(t,e){var i,s=e.within,n=s.isWindow?s.scrollTop:s.offset.top,a=e.within.height,r=t.top-e.collisionPosition.marginTop,h=n-r,l=r+e.collisionHeight-a-n;e.collisionHeight>a?h>0&&0>=l?(i=t.top+h+e.collisionHeight-a-n,t.top+=h-i):t.top=l>0&&0>=h?n:h>l?n+a-e.collisionHeight:n:h>0?t.top+=h:l>0?t.top-=l:t.top=o(t.top-r,t.top)}},flip:{left:function(t,e){var i,s,n=e.within,o=n.offset.left+n.scrollLeft,r=n.width,h=n.isWindow?n.scrollLeft:n.offset.left,l=t.left-e.collisionPosition.marginLeft,c=l-h,u=l+e.collisionWidth-r-h,d="left"===e.my[0]?-e.elemWidth:"right"===e.my[0]?e.elemWidth:0,p="left"===e.at[0]?e.targetWidth:"right"===e.at[0]?-e.targetWidth:0,f=-2*e.offset[0];0>c?(i=t.left+d+p+f+e.collisionWidth-r-o,(0>i||a(c)>i)&&(t.left+=d+p+f)):u>0&&(s=t.left-e.collisionPosition.marginLeft+d+p+f-h,(s>0||u>a(s))&&(t.left+=d+p+f))},top:function(t,e){var i,s,n=e.within,o=n.offset.top+n.scrollTop,r=n.height,h=n.isWindow?n.scrollTop:n.offset.top,l=t.top-e.collisionPosition.marginTop,c=l-h,u=l+e.collisionHeight-r-h,d="top"===e.my[1],p=d?-e.elemHeight:"bottom"===e.my[1]?e.elemHeight:0,f="top"===e.at[1]?e.targetHeight:"bottom"===e.at[1]?-e.targetHeight:0,m=-2*e.offset[1];0>c?(s=t.top+p+f+m+e.collisionHeight-r-o,(0>s||a(c)>s)&&(t.top+=p+f+m)):u>0&&(i=t.top-e.collisionPosition.marginTop+p+f+m-h,(i>0||u>a(i))&&(t.top+=p+f+m))}},flipfit:{left:function(){t.ui.position.flip.left.apply(this,arguments),t.ui.position.fit.left.apply(this,arguments)},top:function(){t.ui.position.flip.top.apply(this,arguments),t.ui.position.fit.top.apply(this,arguments)}}}}(),t.ui.position,t.extend(t.expr[":"],{data:t.expr.createPseudo?t.expr.createPseudo(function(e){return function(i){return!!t.data(i,e)}}):function(e,i,s){return!!t.data(e,s[3])}}),t.fn.extend({disableSelection:function(){var t="onselectstart"in document.createElement("div")?"selectstart":"mousedown";return function(){return this.on(t+".ui-disableSelection",function(t){t.preventDefault()})}}(),enableSelection:function(){return this.off(".ui-disableSelection")}}),t.ui.focusable=function(i,s){var n,o,a,r,h,l=i.nodeName.toLowerCase();return"area"===l?(n=i.parentNode,o=n.name,i.href&&o&&"map"===n.nodeName.toLowerCase()?(a=t("img[usemap='#"+o+"']"),a.length>0&&a.is(":visible")):!1):(/^(input|select|textarea|button|object)$/.test(l)?(r=!i.disabled,r&&(h=t(i).closest("fieldset")[0],h&&(r=!h.disabled))):r="a"===l?i.href||s:s,r&&t(i).is(":visible")&&e(t(i)))},t.extend(t.expr[":"],{focusable:function(e){return t.ui.focusable(e,null!=t.attr(e,"tabindex"))}}),t.ui.focusable,t.fn.form=function(){return"string"==typeof this[0].form?this.closest("form"):t(this[0].form)},t.ui.formResetMixin={_formResetHandler:function(){var e=t(this);setTimeout(function(){var i=e.data("ui-form-reset-instances");t.each(i,function(){this.refresh()})})},_bindFormResetHandler:function(){if(this.form=this.element.form(),this.form.length){var t=this.form.data("ui-form-reset-instances")||[];t.length||this.form.on("reset.ui-form-reset",this._formResetHandler),t.push(this),this.form.data("ui-form-reset-instances",t)}},_unbindFormResetHandler:function(){if(this.form.length){var e=this.form.data("ui-form-reset-instances");e.splice(t.inArray(this,e),1),e.length?this.form.data("ui-form-reset-instances",e):this.form.removeData("ui-form-reset-instances").off("reset.ui-form-reset")}}},"1.7"===t.fn.jquery.substring(0,3)&&(t.each(["Width","Height"],function(e,i){function s(e,i,s,o){return t.each(n,function(){i-=parseFloat(t.css(e,"padding"+this))||0,s&&(i-=parseFloat(t.css(e,"border"+this+"Width"))||0),o&&(i-=parseFloat(t.css(e,"margin"+this))||0)}),i}var n="Width"===i?["Left","Right"]:["Top","Bottom"],o=i.toLowerCase(),a={innerWidth:t.fn.innerWidth,innerHeight:t.fn.innerHeight,outerWidth:t.fn.outerWidth,outerHeight:t.fn.outerHeight};t.fn["inner"+i]=function(e){return void 0===e?a["inner"+i].call(this):this.each(function(){t(this).css(o,s(this,e)+"px")})},t.fn["outer"+i]=function(e,n){return"number"!=typeof e?a["outer"+i].call(this,e):this.each(function(){t(this).css(o,s(this,e,!0,n)+"px")})}}),t.fn.addBack=function(t){return this.add(null==t?this.prevObject:this.prevObject.filter(t))}),t.ui.keyCode={BACKSPACE:8,COMMA:188,DELETE:46,DOWN:40,END:35,ENTER:13,ESCAPE:27,HOME:36,LEFT:37,PAGE_DOWN:34,PAGE_UP:33,PERIOD:190,RIGHT:39,SPACE:32,TAB:9,UP:38},t.ui.escapeSelector=function(){var t=/([!"#$%&'()*+,./:;<=>?@[\]^`{|}~])/g;return function(e){return e.replace(t,"\\$1")}}(),t.fn.labels=function(){var e,i,s,n,o;return this[0].labels&&this[0].labels.length?this.pushStack(this[0].labels):(n=this.eq(0).parents("label"),s=this.attr("id"),s&&(e=this.eq(0).parents().last(),o=e.add(e.length?e.siblings():this.siblings()),i="label[for='"+t.ui.escapeSelector(s)+"']",n=n.add(o.find(i).addBack(i))),this.pushStack(n))},t.fn.scrollParent=function(e){var i=this.css("position"),s="absolute"===i,n=e?/(auto|scroll|hidden)/:/(auto|scroll)/,o=this.parents().filter(function(){var e=t(this);return s&&"static"===e.css("position")?!1:n.test(e.css("overflow")+e.css("overflow-y")+e.css("overflow-x"))}).eq(0);return"fixed"!==i&&o.length?o:t(this[0].ownerDocument||document)},t.extend(t.expr[":"],{tabbable:function(e){var i=t.attr(e,"tabindex"),s=null!=i;return(!s||i>=0)&&t.ui.focusable(e,s)}}),t.fn.extend({uniqueId:function(){var t=0;return function(){return this.each(function(){this.id||(this.id="ui-id-"+ ++t)})}}(),removeUniqueId:function(){return this.each(function(){/^ui-id-\d+$/.test(this.id)&&t(this).removeAttr("id")})}}),t.ui.ie=!!/msie [\w.]+/.exec(navigator.userAgent.toLowerCase());var n=!1;t(document).on("mouseup",function(){n=!1}),t.widget("ui.mouse",{version:"1.12.1",options:{cancel:"input, textarea, button, select, option",distance:1,delay:0},_mouseInit:function(){var e=this;this.element.on("mousedown."+this.widgetName,function(t){return e._mouseDown(t)}).on("click."+this.widgetName,function(i){return!0===t.data(i.target,e.widgetName+".preventClickEvent")?(t.removeData(i.target,e.widgetName+".preventClickEvent"),i.stopImmediatePropagation(),!1):void 0}),this.started=!1},_mouseDestroy:function(){this.element.off("."+this.widgetName),this._mouseMoveDelegate&&this.document.off("mousemove."+this.widgetName,this._mouseMoveDelegate).off("mouseup."+this.widgetName,this._mouseUpDelegate)},_mouseDown:function(e){if(!n){this._mouseMoved=!1,this._mouseStarted&&this._mouseUp(e),this._mouseDownEvent=e;var i=this,s=1===e.which,o="string"==typeof this.options.cancel&&e.target.nodeName?t(e.target).closest(this.options.cancel).length:!1;return s&&!o&&this._mouseCapture(e)?(this.mouseDelayMet=!this.options.delay,this.mouseDelayMet||(this._mouseDelayTimer=setTimeout(function(){i.mouseDelayMet=!0},this.options.delay)),this._mouseDistanceMet(e)&&this._mouseDelayMet(e)&&(this._mouseStarted=this._mouseStart(e)!==!1,!this._mouseStarted)?(e.preventDefault(),!0):(!0===t.data(e.target,this.widgetName+".preventClickEvent")&&t.removeData(e.target,this.widgetName+".preventClickEvent"),this._mouseMoveDelegate=function(t){return i._mouseMove(t)},this._mouseUpDelegate=function(t){return i._mouseUp(t)},this.document.on("mousemove."+this.widgetName,this._mouseMoveDelegate).on("mouseup."+this.widgetName,this._mouseUpDelegate),e.preventDefault(),n=!0,!0)):!0}},_mouseMove:function(e){if(this._mouseMoved){if(t.ui.ie&&(!document.documentMode||9>document.documentMode)&&!e.button)return this._mouseUp(e);if(!e.which)if(e.originalEvent.altKey||e.originalEvent.ctrlKey||e.originalEvent.metaKey||e.originalEvent.shiftKey)this.ignoreMissingWhich=!0;else if(!this.ignoreMissingWhich)return this._mouseUp(e)}return(e.which||e.button)&&(this._mouseMoved=!0),this._mouseStarted?(this._mouseDrag(e),e.preventDefault()):(this._mouseDistanceMet(e)&&this._mouseDelayMet(e)&&(this._mouseStarted=this._mouseStart(this._mouseDownEvent,e)!==!1,this._mouseStarted?this._mouseDrag(e):this._mouseUp(e)),!this._mouseStarted)},_mouseUp:function(e){this.document.off("mousemove."+this.widgetName,this._mouseMoveDelegate).off("mouseup."+this.widgetName,this._mouseUpDelegate),this._mouseStarted&&(this._mouseStarted=!1,e.target===this._mouseDownEvent.target&&t.data(e.target,this.widgetName+".preventClickEvent",!0),this._mouseStop(e)),this._mouseDelayTimer&&(clearTimeout(this._mouseDelayTimer),delete this._mouseDelayTimer),this.ignoreMissingWhich=!1,n=!1,e.preventDefault()},_mouseDistanceMet:function(t){return Math.max(Math.abs(this._mouseDownEvent.pageX-t.pageX),Math.abs(this._mouseDownEvent.pageY-t.pageY))>=this.options.distance},_mouseDelayMet:function(){return this.mouseDelayMet},_mouseStart:function(){},_mouseDrag:function(){},_mouseStop:function(){},_mouseCapture:function(){return!0}}),t.ui.plugin={add:function(e,i,s){var n,o=t.ui[e].prototype;for(n in s)o.plugins[n]=o.plugins[n]||[],o.plugins[n].push([i,s[n]])},call:function(t,e,i,s){var n,o=t.plugins[e];if(o&&(s||t.element[0].parentNode&&11!==t.element[0].parentNode.nodeType))for(n=0;o.length>n;n++)t.options[o[n][0]]&&o[n][1].apply(t.element,i)}},t.widget("ui.resizable",t.ui.mouse,{version:"1.12.1",widgetEventPrefix:"resize",options:{alsoResize:!1,animate:!1,animateDuration:"slow",animateEasing:"swing",aspectRatio:!1,autoHide:!1,classes:{"ui-resizable-se":"ui-icon ui-icon-gripsmall-diagonal-se"},containment:!1,ghost:!1,grid:!1,handles:"e,s,se",helper:!1,maxHeight:null,maxWidth:null,minHeight:10,minWidth:10,zIndex:90,resize:null,start:null,stop:null},_num:function(t){return parseFloat(t)||0},_isNumber:function(t){return!isNaN(parseFloat(t))},_hasScroll:function(e,i){if("hidden"===t(e).css("overflow"))return!1;var s=i&&"left"===i?"scrollLeft":"scrollTop",n=!1;return e[s]>0?!0:(e[s]=1,n=e[s]>0,e[s]=0,n)},_create:function(){var e,i=this.options,s=this;this._addClass("ui-resizable"),t.extend(this,{_aspectRatio:!!i.aspectRatio,aspectRatio:i.aspectRatio,originalElement:this.element,_proportionallyResizeElements:[],_helper:i.helper||i.ghost||i.animate?i.helper||"ui-resizable-helper":null}),this.element[0].nodeName.match(/^(canvas|textarea|input|select|button|img)$/i)&&(this.element.wrap(t("<div class='ui-wrapper' style='overflow: hidden;'></div>").css({position:this.element.css("position"),width:this.element.outerWidth(),height:this.element.outerHeight(),top:this.element.css("top"),left:this.element.css("left")})),this.element=this.element.parent().data("ui-resizable",this.element.resizable("instance")),this.elementIsWrapper=!0,e={marginTop:this.originalElement.css("marginTop"),marginRight:this.originalElement.css("marginRight"),marginBottom:this.originalElement.css("marginBottom"),marginLeft:this.originalElement.css("marginLeft")},this.element.css(e),this.originalElement.css("margin",0),this.originalResizeStyle=this.originalElement.css("resize"),this.originalElement.css("resize","none"),this._proportionallyResizeElements.push(this.originalElement.css({position:"static",zoom:1,display:"block"})),this.originalElement.css(e),this._proportionallyResize()),this._setupHandles(),i.autoHide&&t(this.element).on("mouseenter",function(){i.disabled||(s._removeClass("ui-resizable-autohide"),s._handles.show())}).on("mouseleave",function(){i.disabled||s.resizing||(s._addClass("ui-resizable-autohide"),s._handles.hide())}),this._mouseInit()},_destroy:function(){this._mouseDestroy();var e,i=function(e){t(e).removeData("resizable").removeData("ui-resizable").off(".resizable").find(".ui-resizable-handle").remove()};return this.elementIsWrapper&&(i(this.element),e=this.element,this.originalElement.css({position:e.css("position"),width:e.outerWidth(),height:e.outerHeight(),top:e.css("top"),left:e.css("left")}).insertAfter(e),e.remove()),this.originalElement.css("resize",this.originalResizeStyle),i(this.originalElement),this},_setOption:function(t,e){switch(this._super(t,e),t){case"handles":this._removeHandles(),this._setupHandles();break;default:}},_setupHandles:function(){var e,i,s,n,o,a=this.options,r=this;if(this.handles=a.handles||(t(".ui-resizable-handle",this.element).length?{n:".ui-resizable-n",e:".ui-resizable-e",s:".ui-resizable-s",w:".ui-resizable-w",se:".ui-resizable-se",sw:".ui-resizable-sw",ne:".ui-resizable-ne",nw:".ui-resizable-nw"}:"e,s,se"),this._handles=t(),this.handles.constructor===String)for("all"===this.handles&&(this.handles="n,e,s,w,se,sw,ne,nw"),s=this.handles.split(","),this.handles={},i=0;s.length>i;i++)e=t.trim(s[i]),n="ui-resizable-"+e,o=t("<div>"),this._addClass(o,"ui-resizable-handle "+n),o.css({zIndex:a.zIndex}),this.handles[e]=".ui-resizable-"+e,this.element.append(o);this._renderAxis=function(e){var i,s,n,o;e=e||this.element;for(i in this.handles)this.handles[i].constructor===String?this.handles[i]=this.element.children(this.handles[i]).first().show():(this.handles[i].jquery||this.handles[i].nodeType)&&(this.handles[i]=t(this.handles[i]),this._on(this.handles[i],{mousedown:r._mouseDown})),this.elementIsWrapper&&this.originalElement[0].nodeName.match(/^(textarea|input|select|button)$/i)&&(s=t(this.handles[i],this.element),o=/sw|ne|nw|se|n|s/.test(i)?s.outerHeight():s.outerWidth(),n=["padding",/ne|nw|n/.test(i)?"Top":/se|sw|s/.test(i)?"Bottom":/^e$/.test(i)?"Right":"Left"].join(""),e.css(n,o),this._proportionallyResize()),this._handles=this._handles.add(this.handles[i])},this._renderAxis(this.element),this._handles=this._handles.add(this.element.find(".ui-resizable-handle")),this._handles.disableSelection(),this._handles.on("mouseover",function(){r.resizing||(this.className&&(o=this.className.match(/ui-resizable-(se|sw|ne|nw|n|e|s|w)/i)),r.axis=o&&o[1]?o[1]:"se")}),a.autoHide&&(this._handles.hide(),this._addClass("ui-resizable-autohide"))},_removeHandles:function(){this._handles.remove()},_mouseCapture:function(e){var i,s,n=!1;for(i in this.handles)s=t(this.handles[i])[0],(s===e.target||t.contains(s,e.target))&&(n=!0);return!this.options.disabled&&n},_mouseStart:function(e){var i,s,n,o=this.options,a=this.element;return this.resizing=!0,this._renderProxy(),i=this._num(this.helper.css("left")),s=this._num(this.helper.css("top")),o.containment&&(i+=t(o.containment).scrollLeft()||0,s+=t(o.containment).scrollTop()||0),this.offset=this.helper.offset(),this.position={left:i,top:s},this.size=this._helper?{width:this.helper.width(),height:this.helper.height()}:{width:a.width(),height:a.height()},this.originalSize=this._helper?{width:a.outerWidth(),height:a.outerHeight()}:{width:a.width(),height:a.height()},this.sizeDiff={width:a.outerWidth()-a.width(),height:a.outerHeight()-a.height()},this.originalPosition={left:i,top:s},this.originalMousePosition={left:e.pageX,top:e.pageY},this.aspectRatio="number"==typeof o.aspectRatio?o.aspectRatio:this.originalSize.width/this.originalSize.height||1,n=t(".ui-resizable-"+this.axis).css("cursor"),t("body").css("cursor","auto"===n?this.axis+"-resize":n),this._addClass("ui-resizable-resizing"),this._propagate("start",e),!0},_mouseDrag:function(e){var i,s,n=this.originalMousePosition,o=this.axis,a=e.pageX-n.left||0,r=e.pageY-n.top||0,h=this._change[o];return this._updatePrevProperties(),h?(i=h.apply(this,[e,a,r]),this._updateVirtualBoundaries(e.shiftKey),(this._aspectRatio||e.shiftKey)&&(i=this._updateRatio(i,e)),i=this._respectSize(i,e),this._updateCache(i),this._propagate("resize",e),s=this._applyChanges(),!this._helper&&this._proportionallyResizeElements.length&&this._proportionallyResize(),t.isEmptyObject(s)||(this._updatePrevProperties(),this._trigger("resize",e,this.ui()),this._applyChanges()),!1):!1},_mouseStop:function(e){this.resizing=!1;var i,s,n,o,a,r,h,l=this.options,c=this;return this._helper&&(i=this._proportionallyResizeElements,s=i.length&&/textarea/i.test(i[0].nodeName),n=s&&this._hasScroll(i[0],"left")?0:c.sizeDiff.height,o=s?0:c.sizeDiff.width,a={width:c.helper.width()-o,height:c.helper.height()-n},r=parseFloat(c.element.css("left"))+(c.position.left-c.originalPosition.left)||null,h=parseFloat(c.element.css("top"))+(c.position.top-c.originalPosition.top)||null,l.animate||this.element.css(t.extend(a,{top:h,left:r})),c.helper.height(c.size.height),c.helper.width(c.size.width),this._helper&&!l.animate&&this._proportionallyResize()),t("body").css("cursor","auto"),this._removeClass("ui-resizable-resizing"),this._propagate("stop",e),this._helper&&this.helper.remove(),!1},_updatePrevProperties:function(){this.prevPosition={top:this.position.top,left:this.position.left},this.prevSize={width:this.size.width,height:this.size.height}},_applyChanges:function(){var t={};return this.position.top!==this.prevPosition.top&&(t.top=this.position.top+"px"),this.position.left!==this.prevPosition.left&&(t.left=this.position.left+"px"),this.size.width!==this.prevSize.width&&(t.width=this.size.width+"px"),this.size.height!==this.prevSize.height&&(t.height=this.size.height+"px"),this.helper.css(t),t},_updateVirtualBoundaries:function(t){var e,i,s,n,o,a=this.options;o={minWidth:this._isNumber(a.minWidth)?a.minWidth:0,maxWidth:this._isNumber(a.maxWidth)?a.maxWidth:1/0,minHeight:this._isNumber(a.minHeight)?a.minHeight:0,maxHeight:this._isNumber(a.maxHeight)?a.maxHeight:1/0},(this._aspectRatio||t)&&(e=o.minHeight*this.aspectRatio,s=o.minWidth/this.aspectRatio,i=o.maxHeight*this.aspectRatio,n=o.maxWidth/this.aspectRatio,e>o.minWidth&&(o.minWidth=e),s>o.minHeight&&(o.minHeight=s),o.maxWidth>i&&(o.maxWidth=i),o.maxHeight>n&&(o.maxHeight=n)),this._vBoundaries=o},_updateCache:function(t){this.offset=this.helper.offset(),this._isNumber(t.left)&&(this.position.left=t.left),this._isNumber(t.top)&&(this.position.top=t.top),this._isNumber(t.height)&&(this.size.height=t.height),this._isNumber(t.width)&&(this.size.width=t.width)},_updateRatio:function(t){var e=this.position,i=this.size,s=this.axis;return this._isNumber(t.height)?t.width=t.height*this.aspectRatio:this._isNumber(t.width)&&(t.height=t.width/this.aspectRatio),"sw"===s&&(t.left=e.left+(i.width-t.width),t.top=null),"nw"===s&&(t.top=e.top+(i.height-t.height),t.left=e.left+(i.width-t.width)),t},_respectSize:function(t){var e=this._vBoundaries,i=this.axis,s=this._isNumber(t.width)&&e.maxWidth&&e.maxWidth<t.width,n=this._isNumber(t.height)&&e.maxHeight&&e.maxHeight<t.height,o=this._isNumber(t.width)&&e.minWidth&&e.minWidth>t.width,a=this._isNumber(t.height)&&e.minHeight&&e.minHeight>t.height,r=this.originalPosition.left+this.originalSize.width,h=this.originalPosition.top+this.originalSize.height,l=/sw|nw|w/.test(i),c=/nw|ne|n/.test(i);return o&&(t.width=e.minWidth),a&&(t.height=e.minHeight),s&&(t.width=e.maxWidth),n&&(t.height=e.maxHeight),o&&l&&(t.left=r-e.minWidth),s&&l&&(t.left=r-e.maxWidth),a&&c&&(t.top=h-e.minHeight),n&&c&&(t.top=h-e.maxHeight),t.width||t.height||t.left||!t.top?t.width||t.height||t.top||!t.left||(t.left=null):t.top=null,t},_getPaddingPlusBorderDimensions:function(t){for(var e=0,i=[],s=[t.css("borderTopWidth"),t.css("borderRightWidth"),t.css("borderBottomWidth"),t.css("borderLeftWidth")],n=[t.css("paddingTop"),t.css("paddingRight"),t.css("paddingBottom"),t.css("paddingLeft")];4>e;e++)i[e]=parseFloat(s[e])||0,i[e]+=parseFloat(n[e])||0;return{height:i[0]+i[2],width:i[1]+i[3]}},_proportionallyResize:function(){if(this._proportionallyResizeElements.length)for(var t,e=0,i=this.helper||this.element;this._proportionallyResizeElements.length>e;e++)t=this._proportionallyResizeElements[e],this.outerDimensions||(this.outerDimensions=this._getPaddingPlusBorderDimensions(t)),t.css({height:i.height()-this.outerDimensions.height||0,width:i.width()-this.outerDimensions.width||0})},_renderProxy:function(){var e=this.element,i=this.options;this.elementOffset=e.offset(),this._helper?(this.helper=this.helper||t("<div style='overflow:hidden;'></div>"),this._addClass(this.helper,this._helper),this.helper.css({width:this.element.outerWidth(),height:this.element.outerHeight(),position:"absolute",left:this.elementOffset.left+"px",top:this.elementOffset.top+"px",zIndex:++i.zIndex}),this.helper.appendTo("body").disableSelection()):this.helper=this.element
-},_change:{e:function(t,e){return{width:this.originalSize.width+e}},w:function(t,e){var i=this.originalSize,s=this.originalPosition;return{left:s.left+e,width:i.width-e}},n:function(t,e,i){var s=this.originalSize,n=this.originalPosition;return{top:n.top+i,height:s.height-i}},s:function(t,e,i){return{height:this.originalSize.height+i}},se:function(e,i,s){return t.extend(this._change.s.apply(this,arguments),this._change.e.apply(this,[e,i,s]))},sw:function(e,i,s){return t.extend(this._change.s.apply(this,arguments),this._change.w.apply(this,[e,i,s]))},ne:function(e,i,s){return t.extend(this._change.n.apply(this,arguments),this._change.e.apply(this,[e,i,s]))},nw:function(e,i,s){return t.extend(this._change.n.apply(this,arguments),this._change.w.apply(this,[e,i,s]))}},_propagate:function(e,i){t.ui.plugin.call(this,e,[i,this.ui()]),"resize"!==e&&this._trigger(e,i,this.ui())},plugins:{},ui:function(){return{originalElement:this.originalElement,element:this.element,helper:this.helper,position:this.position,size:this.size,originalSize:this.originalSize,originalPosition:this.originalPosition}}}),t.ui.plugin.add("resizable","animate",{stop:function(e){var i=t(this).resizable("instance"),s=i.options,n=i._proportionallyResizeElements,o=n.length&&/textarea/i.test(n[0].nodeName),a=o&&i._hasScroll(n[0],"left")?0:i.sizeDiff.height,r=o?0:i.sizeDiff.width,h={width:i.size.width-r,height:i.size.height-a},l=parseFloat(i.element.css("left"))+(i.position.left-i.originalPosition.left)||null,c=parseFloat(i.element.css("top"))+(i.position.top-i.originalPosition.top)||null;i.element.animate(t.extend(h,c&&l?{top:c,left:l}:{}),{duration:s.animateDuration,easing:s.animateEasing,step:function(){var s={width:parseFloat(i.element.css("width")),height:parseFloat(i.element.css("height")),top:parseFloat(i.element.css("top")),left:parseFloat(i.element.css("left"))};n&&n.length&&t(n[0]).css({width:s.width,height:s.height}),i._updateCache(s),i._propagate("resize",e)}})}}),t.ui.plugin.add("resizable","containment",{start:function(){var e,i,s,n,o,a,r,h=t(this).resizable("instance"),l=h.options,c=h.element,u=l.containment,d=u instanceof t?u.get(0):/parent/.test(u)?c.parent().get(0):u;d&&(h.containerElement=t(d),/document/.test(u)||u===document?(h.containerOffset={left:0,top:0},h.containerPosition={left:0,top:0},h.parentData={element:t(document),left:0,top:0,width:t(document).width(),height:t(document).height()||document.body.parentNode.scrollHeight}):(e=t(d),i=[],t(["Top","Right","Left","Bottom"]).each(function(t,s){i[t]=h._num(e.css("padding"+s))}),h.containerOffset=e.offset(),h.containerPosition=e.position(),h.containerSize={height:e.innerHeight()-i[3],width:e.innerWidth()-i[1]},s=h.containerOffset,n=h.containerSize.height,o=h.containerSize.width,a=h._hasScroll(d,"left")?d.scrollWidth:o,r=h._hasScroll(d)?d.scrollHeight:n,h.parentData={element:d,left:s.left,top:s.top,width:a,height:r}))},resize:function(e){var i,s,n,o,a=t(this).resizable("instance"),r=a.options,h=a.containerOffset,l=a.position,c=a._aspectRatio||e.shiftKey,u={top:0,left:0},d=a.containerElement,p=!0;d[0]!==document&&/static/.test(d.css("position"))&&(u=h),l.left<(a._helper?h.left:0)&&(a.size.width=a.size.width+(a._helper?a.position.left-h.left:a.position.left-u.left),c&&(a.size.height=a.size.width/a.aspectRatio,p=!1),a.position.left=r.helper?h.left:0),l.top<(a._helper?h.top:0)&&(a.size.height=a.size.height+(a._helper?a.position.top-h.top:a.position.top),c&&(a.size.width=a.size.height*a.aspectRatio,p=!1),a.position.top=a._helper?h.top:0),n=a.containerElement.get(0)===a.element.parent().get(0),o=/relative|absolute/.test(a.containerElement.css("position")),n&&o?(a.offset.left=a.parentData.left+a.position.left,a.offset.top=a.parentData.top+a.position.top):(a.offset.left=a.element.offset().left,a.offset.top=a.element.offset().top),i=Math.abs(a.sizeDiff.width+(a._helper?a.offset.left-u.left:a.offset.left-h.left)),s=Math.abs(a.sizeDiff.height+(a._helper?a.offset.top-u.top:a.offset.top-h.top)),i+a.size.width>=a.parentData.width&&(a.size.width=a.parentData.width-i,c&&(a.size.height=a.size.width/a.aspectRatio,p=!1)),s+a.size.height>=a.parentData.height&&(a.size.height=a.parentData.height-s,c&&(a.size.width=a.size.height*a.aspectRatio,p=!1)),p||(a.position.left=a.prevPosition.left,a.position.top=a.prevPosition.top,a.size.width=a.prevSize.width,a.size.height=a.prevSize.height)},stop:function(){var e=t(this).resizable("instance"),i=e.options,s=e.containerOffset,n=e.containerPosition,o=e.containerElement,a=t(e.helper),r=a.offset(),h=a.outerWidth()-e.sizeDiff.width,l=a.outerHeight()-e.sizeDiff.height;e._helper&&!i.animate&&/relative/.test(o.css("position"))&&t(this).css({left:r.left-n.left-s.left,width:h,height:l}),e._helper&&!i.animate&&/static/.test(o.css("position"))&&t(this).css({left:r.left-n.left-s.left,width:h,height:l})}}),t.ui.plugin.add("resizable","alsoResize",{start:function(){var e=t(this).resizable("instance"),i=e.options;t(i.alsoResize).each(function(){var e=t(this);e.data("ui-resizable-alsoresize",{width:parseFloat(e.width()),height:parseFloat(e.height()),left:parseFloat(e.css("left")),top:parseFloat(e.css("top"))})})},resize:function(e,i){var s=t(this).resizable("instance"),n=s.options,o=s.originalSize,a=s.originalPosition,r={height:s.size.height-o.height||0,width:s.size.width-o.width||0,top:s.position.top-a.top||0,left:s.position.left-a.left||0};t(n.alsoResize).each(function(){var e=t(this),s=t(this).data("ui-resizable-alsoresize"),n={},o=e.parents(i.originalElement[0]).length?["width","height"]:["width","height","top","left"];t.each(o,function(t,e){var i=(s[e]||0)+(r[e]||0);i&&i>=0&&(n[e]=i||null)}),e.css(n)})},stop:function(){t(this).removeData("ui-resizable-alsoresize")}}),t.ui.plugin.add("resizable","ghost",{start:function(){var e=t(this).resizable("instance"),i=e.size;e.ghost=e.originalElement.clone(),e.ghost.css({opacity:.25,display:"block",position:"relative",height:i.height,width:i.width,margin:0,left:0,top:0}),e._addClass(e.ghost,"ui-resizable-ghost"),t.uiBackCompat!==!1&&"string"==typeof e.options.ghost&&e.ghost.addClass(this.options.ghost),e.ghost.appendTo(e.helper)},resize:function(){var e=t(this).resizable("instance");e.ghost&&e.ghost.css({position:"relative",height:e.size.height,width:e.size.width})},stop:function(){var e=t(this).resizable("instance");e.ghost&&e.helper&&e.helper.get(0).removeChild(e.ghost.get(0))}}),t.ui.plugin.add("resizable","grid",{resize:function(){var e,i=t(this).resizable("instance"),s=i.options,n=i.size,o=i.originalSize,a=i.originalPosition,r=i.axis,h="number"==typeof s.grid?[s.grid,s.grid]:s.grid,l=h[0]||1,c=h[1]||1,u=Math.round((n.width-o.width)/l)*l,d=Math.round((n.height-o.height)/c)*c,p=o.width+u,f=o.height+d,m=s.maxWidth&&p>s.maxWidth,g=s.maxHeight&&f>s.maxHeight,_=s.minWidth&&s.minWidth>p,v=s.minHeight&&s.minHeight>f;s.grid=h,_&&(p+=l),v&&(f+=c),m&&(p-=l),g&&(f-=c),/^(se|s|e)$/.test(r)?(i.size.width=p,i.size.height=f):/^(ne)$/.test(r)?(i.size.width=p,i.size.height=f,i.position.top=a.top-d):/^(sw)$/.test(r)?(i.size.width=p,i.size.height=f,i.position.left=a.left-u):((0>=f-c||0>=p-l)&&(e=i._getPaddingPlusBorderDimensions(this)),f-c>0?(i.size.height=f,i.position.top=a.top-d):(f=c-e.height,i.size.height=f,i.position.top=a.top+o.height-f),p-l>0?(i.size.width=p,i.position.left=a.left-u):(p=l-e.width,i.size.width=p,i.position.left=a.left+o.width-p))}}),t.ui.resizable});/**
- * Copyright (c) 2007 Ariel Flesler - aflesler ○ gmail • com | https://github.com/flesler
- * Licensed under MIT
- * @author Ariel Flesler
- * @version 2.1.2
- */
-;(function(f){"use strict";"function"===typeof define&&define.amd?define(["jquery"],f):"undefined"!==typeof module&&module.exports?module.exports=f(require("jquery")):f(jQuery)})(function($){"use strict";function n(a){return!a.nodeName||-1!==$.inArray(a.nodeName.toLowerCase(),["iframe","#document","html","body"])}function h(a){return $.isFunction(a)||$.isPlainObject(a)?a:{top:a,left:a}}var p=$.scrollTo=function(a,d,b){return $(window).scrollTo(a,d,b)};p.defaults={axis:"xy",duration:0,limit:!0};$.fn.scrollTo=function(a,d,b){"object"=== typeof d&&(b=d,d=0);"function"===typeof b&&(b={onAfter:b});"max"===a&&(a=9E9);b=$.extend({},p.defaults,b);d=d||b.duration;var u=b.queue&&1<b.axis.length;u&&(d/=2);b.offset=h(b.offset);b.over=h(b.over);return this.each(function(){function k(a){var k=$.extend({},b,{queue:!0,duration:d,complete:a&&function(){a.call(q,e,b)}});r.animate(f,k)}if(null!==a){var l=n(this),q=l?this.contentWindow||window:this,r=$(q),e=a,f={},t;switch(typeof e){case "number":case "string":if(/^([+-]=?)?\d+(\.\d+)?(px|%)?$/.test(e)){e= h(e);break}e=l?$(e):$(e,q);case "object":if(e.length===0)return;if(e.is||e.style)t=(e=$(e)).offset()}var v=$.isFunction(b.offset)&&b.offset(q,e)||b.offset;$.each(b.axis.split(""),function(a,c){var d="x"===c?"Left":"Top",m=d.toLowerCase(),g="scroll"+d,h=r[g](),n=p.max(q,c);t?(f[g]=t[m]+(l?0:h-r.offset()[m]),b.margin&&(f[g]-=parseInt(e.css("margin"+d),10)||0,f[g]-=parseInt(e.css("border"+d+"Width"),10)||0),f[g]+=v[m]||0,b.over[m]&&(f[g]+=e["x"===c?"width":"height"]()*b.over[m])):(d=e[m],f[g]=d.slice&& "%"===d.slice(-1)?parseFloat(d)/100*n:d);b.limit&&/^\d+$/.test(f[g])&&(f[g]=0>=f[g]?0:Math.min(f[g],n));!a&&1<b.axis.length&&(h===f[g]?f={}:u&&(k(b.onAfterFirst),f={}))});k(b.onAfter)}})};p.max=function(a,d){var b="x"===d?"Width":"Height",h="scroll"+b;if(!n(a))return a[h]-$(a)[b.toLowerCase()]();var b="client"+b,k=a.ownerDocument||a.document,l=k.documentElement,k=k.body;return Math.max(l[h],k[h])-Math.min(l[b],k[b])};$.Tween.propHooks.scrollLeft=$.Tween.propHooks.scrollTop={get:function(a){return $(a.elem)[a.prop]()}, set:function(a){var d=this.get(a);if(a.options.interrupt&&a._last&&a._last!==d)return $(a.elem).stop();var b=Math.round(a.now);d!==b&&($(a.elem)[a.prop](b),a._last=this.get(a))}};return p});
-/*!
- PowerTip v1.3.1 (2018-04-15)
- https://stevenbenner.github.io/jquery-powertip/
- Copyright (c) 2018 Steven Benner (http://stevenbenner.com/).
- Released under MIT license.
- https://raw.github.com/stevenbenner/jquery-powertip/master/LICENSE.txt
-*/
-(function(root,factory){if(typeof define==="function"&&define.amd){define(["jquery"],factory)}else if(typeof module==="object"&&module.exports){module.exports=factory(require("jquery"))}else{factory(root.jQuery)}})(this,function($){var $document=$(document),$window=$(window),$body=$("body");var DATA_DISPLAYCONTROLLER="displayController",DATA_HASACTIVEHOVER="hasActiveHover",DATA_FORCEDOPEN="forcedOpen",DATA_HASMOUSEMOVE="hasMouseMove",DATA_MOUSEONTOTIP="mouseOnToPopup",DATA_ORIGINALTITLE="originalTitle",DATA_POWERTIP="powertip",DATA_POWERTIPJQ="powertipjq",DATA_POWERTIPTARGET="powertiptarget",EVENT_NAMESPACE=".powertip",RAD2DEG=180/Math.PI,MOUSE_EVENTS=["click","dblclick","mousedown","mouseup","mousemove","mouseover","mouseout","mouseenter","mouseleave","contextmenu"];var session={tooltips:null,isTipOpen:false,isFixedTipOpen:false,isClosing:false,tipOpenImminent:false,activeHover:null,currentX:0,currentY:0,previousX:0,previousY:0,desyncTimeout:null,closeDelayTimeout:null,mouseTrackingActive:false,delayInProgress:false,windowWidth:0,windowHeight:0,scrollTop:0,scrollLeft:0};var Collision={none:0,top:1,bottom:2,left:4,right:8};$.fn.powerTip=function(opts,arg){var targetElements=this,options,tipController;if(!targetElements.length){return targetElements}if($.type(opts)==="string"&&$.powerTip[opts]){return $.powerTip[opts].call(targetElements,targetElements,arg)}options=$.extend({},$.fn.powerTip.defaults,opts);tipController=new TooltipController(options);initTracking();targetElements.each(function elementSetup(){var $this=$(this),dataPowertip=$this.data(DATA_POWERTIP),dataElem=$this.data(DATA_POWERTIPJQ),dataTarget=$this.data(DATA_POWERTIPTARGET),title=$this.attr("title");if(!dataPowertip&&!dataTarget&&!dataElem&&title){$this.data(DATA_POWERTIP,title);$this.data(DATA_ORIGINALTITLE,title);$this.removeAttr("title")}$this.data(DATA_DISPLAYCONTROLLER,new DisplayController($this,options,tipController))});if(!options.manual){$.each(options.openEvents,function(idx,evt){if($.inArray(evt,options.closeEvents)>-1){targetElements.on(evt+EVENT_NAMESPACE,function elementToggle(event){$.powerTip.toggle(this,event)})}else{targetElements.on(evt+EVENT_NAMESPACE,function elementOpen(event){$.powerTip.show(this,event)})}});$.each(options.closeEvents,function(idx,evt){if($.inArray(evt,options.openEvents)<0){targetElements.on(evt+EVENT_NAMESPACE,function elementClose(event){$.powerTip.hide(this,!isMouseEvent(event))})}});targetElements.on("keydown"+EVENT_NAMESPACE,function elementKeyDown(event){if(event.keyCode===27){$.powerTip.hide(this,true)}})}return targetElements};$.fn.powerTip.defaults={fadeInTime:200,fadeOutTime:100,followMouse:false,popupId:"powerTip",popupClass:null,intentSensitivity:7,intentPollInterval:100,closeDelay:100,placement:"n",smartPlacement:false,offset:10,mouseOnToPopup:false,manual:false,openEvents:["mouseenter","focus"],closeEvents:["mouseleave","blur"]};$.fn.powerTip.smartPlacementLists={n:["n","ne","nw","s"],e:["e","ne","se","w","nw","sw","n","s","e"],s:["s","se","sw","n"],w:["w","nw","sw","e","ne","se","n","s","w"],nw:["nw","w","sw","n","s","se","nw"],ne:["ne","e","se","n","s","sw","ne"],sw:["sw","w","nw","s","n","ne","sw"],se:["se","e","ne","s","n","nw","se"],"nw-alt":["nw-alt","n","ne-alt","sw-alt","s","se-alt","w","e"],"ne-alt":["ne-alt","n","nw-alt","se-alt","s","sw-alt","e","w"],"sw-alt":["sw-alt","s","se-alt","nw-alt","n","ne-alt","w","e"],"se-alt":["se-alt","s","sw-alt","ne-alt","n","nw-alt","e","w"]};$.powerTip={show:function apiShowTip(element,event){if(isMouseEvent(event)){trackMouse(event);session.previousX=event.pageX;session.previousY=event.pageY;$(element).data(DATA_DISPLAYCONTROLLER).show()}else{$(element).first().data(DATA_DISPLAYCONTROLLER).show(true,true)}return element},reposition:function apiResetPosition(element){$(element).first().data(DATA_DISPLAYCONTROLLER).resetPosition();return element},hide:function apiCloseTip(element,immediate){var displayController;immediate=element?immediate:true;if(element){displayController=$(element).first().data(DATA_DISPLAYCONTROLLER)}else if(session.activeHover){displayController=session.activeHover.data(DATA_DISPLAYCONTROLLER)}if(displayController){displayController.hide(immediate)}return element},toggle:function apiToggle(element,event){if(session.activeHover&&session.activeHover.is(element)){$.powerTip.hide(element,!isMouseEvent(event))}else{$.powerTip.show(element,event)}return element}};$.powerTip.showTip=$.powerTip.show;$.powerTip.closeTip=$.powerTip.hide;function CSSCoordinates(){var me=this;me.top="auto";me.left="auto";me.right="auto";me.bottom="auto";me.set=function(property,value){if($.isNumeric(value)){me[property]=Math.round(value)}}}function DisplayController(element,options,tipController){var hoverTimer=null,myCloseDelay=null;function openTooltip(immediate,forceOpen){cancelTimer();if(!element.data(DATA_HASACTIVEHOVER)){if(!immediate){session.tipOpenImminent=true;hoverTimer=setTimeout(function intentDelay(){hoverTimer=null;checkForIntent()},options.intentPollInterval)}else{if(forceOpen){element.data(DATA_FORCEDOPEN,true)}closeAnyDelayed();tipController.showTip(element)}}else{cancelClose()}}function closeTooltip(disableDelay){if(myCloseDelay){myCloseDelay=session.closeDelayTimeout=clearTimeout(myCloseDelay);session.delayInProgress=false}cancelTimer();session.tipOpenImminent=false;if(element.data(DATA_HASACTIVEHOVER)){element.data(DATA_FORCEDOPEN,false);if(!disableDelay){session.delayInProgress=true;session.closeDelayTimeout=setTimeout(function closeDelay(){session.closeDelayTimeout=null;tipController.hideTip(element);session.delayInProgress=false;myCloseDelay=null},options.closeDelay);myCloseDelay=session.closeDelayTimeout}else{tipController.hideTip(element)}}}function checkForIntent(){var xDifference=Math.abs(session.previousX-session.currentX),yDifference=Math.abs(session.previousY-session.currentY),totalDifference=xDifference+yDifference;if(totalDifference<options.intentSensitivity){cancelClose();closeAnyDelayed();tipController.showTip(element)}else{session.previousX=session.currentX;session.previousY=session.currentY;openTooltip()}}function cancelTimer(stopClose){hoverTimer=clearTimeout(hoverTimer);if(session.closeDelayTimeout&&myCloseDelay===session.closeDelayTimeout||stopClose){cancelClose()}}function cancelClose(){session.closeDelayTimeout=clearTimeout(session.closeDelayTimeout);session.delayInProgress=false}function closeAnyDelayed(){if(session.delayInProgress&&session.activeHover&&!session.activeHover.is(element)){session.activeHover.data(DATA_DISPLAYCONTROLLER).hide(true)}}function repositionTooltip(){tipController.resetPosition(element)}this.show=openTooltip;this.hide=closeTooltip;this.cancel=cancelTimer;this.resetPosition=repositionTooltip}function PlacementCalculator(){function computePlacementCoords(element,placement,tipWidth,tipHeight,offset){var placementBase=placement.split("-")[0],coords=new CSSCoordinates,position;if(isSvgElement(element)){position=getSvgPlacement(element,placementBase)}else{position=getHtmlPlacement(element,placementBase)}switch(placement){case"n":coords.set("left",position.left-tipWidth/2);coords.set("bottom",session.windowHeight-position.top+offset);break;case"e":coords.set("left",position.left+offset);coords.set("top",position.top-tipHeight/2);break;case"s":coords.set("left",position.left-tipWidth/2);coords.set("top",position.top+offset);break;case"w":coords.set("top",position.top-tipHeight/2);coords.set("right",session.windowWidth-position.left+offset);break;case"nw":coords.set("bottom",session.windowHeight-position.top+offset);coords.set("right",session.windowWidth-position.left-20);break;case"nw-alt":coords.set("left",position.left);coords.set("bottom",session.windowHeight-position.top+offset);break;case"ne":coords.set("left",position.left-20);coords.set("bottom",session.windowHeight-position.top+offset);break;case"ne-alt":coords.set("bottom",session.windowHeight-position.top+offset);coords.set("right",session.windowWidth-position.left);break;case"sw":coords.set("top",position.top+offset);coords.set("right",session.windowWidth-position.left-20);break;case"sw-alt":coords.set("left",position.left);coords.set("top",position.top+offset);break;case"se":coords.set("left",position.left-20);coords.set("top",position.top+offset);break;case"se-alt":coords.set("top",position.top+offset);coords.set("right",session.windowWidth-position.left);break}return coords}function getHtmlPlacement(element,placement){var objectOffset=element.offset(),objectWidth=element.outerWidth(),objectHeight=element.outerHeight(),left,top;switch(placement){case"n":left=objectOffset.left+objectWidth/2;top=objectOffset.top;break;case"e":left=objectOffset.left+objectWidth;top=objectOffset.top+objectHeight/2;break;case"s":left=objectOffset.left+objectWidth/2;top=objectOffset.top+objectHeight;break;case"w":left=objectOffset.left;top=objectOffset.top+objectHeight/2;break;case"nw":left=objectOffset.left;top=objectOffset.top;break;case"ne":left=objectOffset.left+objectWidth;top=objectOffset.top;break;case"sw":left=objectOffset.left;top=objectOffset.top+objectHeight;break;case"se":left=objectOffset.left+objectWidth;top=objectOffset.top+objectHeight;break}return{top:top,left:left}}function getSvgPlacement(element,placement){var svgElement=element.closest("svg")[0],domElement=element[0],point=svgElement.createSVGPoint(),boundingBox=domElement.getBBox(),matrix=domElement.getScreenCTM(),halfWidth=boundingBox.width/2,halfHeight=boundingBox.height/2,placements=[],placementKeys=["nw","n","ne","e","se","s","sw","w"],coords,rotation,steps,x;function pushPlacement(){placements.push(point.matrixTransform(matrix))}point.x=boundingBox.x;point.y=boundingBox.y;pushPlacement();point.x+=halfWidth;pushPlacement();point.x+=halfWidth;pushPlacement();point.y+=halfHeight;pushPlacement();point.y+=halfHeight;pushPlacement();point.x-=halfWidth;pushPlacement();point.x-=halfWidth;pushPlacement();point.y-=halfHeight;pushPlacement();if(placements[0].y!==placements[1].y||placements[0].x!==placements[7].x){rotation=Math.atan2(matrix.b,matrix.a)*RAD2DEG;steps=Math.ceil((rotation%360-22.5)/45);if(steps<1){steps+=8}while(steps--){placementKeys.push(placementKeys.shift())}}for(x=0;x<placements.length;x++){if(placementKeys[x]===placement){coords=placements[x];break}}return{top:coords.y+session.scrollTop,left:coords.x+session.scrollLeft}}this.compute=computePlacementCoords}function TooltipController(options){var placementCalculator=new PlacementCalculator,tipElement=$("#"+options.popupId);if(tipElement.length===0){tipElement=$("<div/>",{id:options.popupId});if($body.length===0){$body=$("body")}$body.append(tipElement);session.tooltips=session.tooltips?session.tooltips.add(tipElement):tipElement}if(options.followMouse){if(!tipElement.data(DATA_HASMOUSEMOVE)){$document.on("mousemove"+EVENT_NAMESPACE,positionTipOnCursor);$window.on("scroll"+EVENT_NAMESPACE,positionTipOnCursor);tipElement.data(DATA_HASMOUSEMOVE,true)}}function beginShowTip(element){element.data(DATA_HASACTIVEHOVER,true);tipElement.queue(function queueTipInit(next){showTip(element);next()})}function showTip(element){var tipContent;if(!element.data(DATA_HASACTIVEHOVER)){return}if(session.isTipOpen){if(!session.isClosing){hideTip(session.activeHover)}tipElement.delay(100).queue(function queueTipAgain(next){showTip(element);next()});return}element.trigger("powerTipPreRender");tipContent=getTooltipContent(element);if(tipContent){tipElement.empty().append(tipContent)}else{return}element.trigger("powerTipRender");session.activeHover=element;session.isTipOpen=true;tipElement.data(DATA_MOUSEONTOTIP,options.mouseOnToPopup);tipElement.addClass(options.popupClass);if(!options.followMouse||element.data(DATA_FORCEDOPEN)){positionTipOnElement(element);session.isFixedTipOpen=true}else{positionTipOnCursor()}if(!element.data(DATA_FORCEDOPEN)&&!options.followMouse){$document.on("click"+EVENT_NAMESPACE,function documentClick(event){var target=event.target;if(target!==element[0]){if(options.mouseOnToPopup){if(target!==tipElement[0]&&!$.contains(tipElement[0],target)){$.powerTip.hide()}}else{$.powerTip.hide()}}})}if(options.mouseOnToPopup&&!options.manual){tipElement.on("mouseenter"+EVENT_NAMESPACE,function tipMouseEnter(){if(session.activeHover){session.activeHover.data(DATA_DISPLAYCONTROLLER).cancel()}});tipElement.on("mouseleave"+EVENT_NAMESPACE,function tipMouseLeave(){if(session.activeHover){session.activeHover.data(DATA_DISPLAYCONTROLLER).hide()}})}tipElement.fadeIn(options.fadeInTime,function fadeInCallback(){if(!session.desyncTimeout){session.desyncTimeout=setInterval(closeDesyncedTip,500)}element.trigger("powerTipOpen")})}function hideTip(element){session.isClosing=true;session.isTipOpen=false;session.desyncTimeout=clearInterval(session.desyncTimeout);element.data(DATA_HASACTIVEHOVER,false);element.data(DATA_FORCEDOPEN,false);$document.off("click"+EVENT_NAMESPACE);tipElement.off(EVENT_NAMESPACE);tipElement.fadeOut(options.fadeOutTime,function fadeOutCallback(){var coords=new CSSCoordinates;session.activeHover=null;session.isClosing=false;session.isFixedTipOpen=false;tipElement.removeClass();coords.set("top",session.currentY+options.offset);coords.set("left",session.currentX+options.offset);tipElement.css(coords);element.trigger("powerTipClose")})}function positionTipOnCursor(){var tipWidth,tipHeight,coords,collisions,collisionCount;if(!session.isFixedTipOpen&&(session.isTipOpen||session.tipOpenImminent&&tipElement.data(DATA_HASMOUSEMOVE))){tipWidth=tipElement.outerWidth();tipHeight=tipElement.outerHeight();coords=new CSSCoordinates;coords.set("top",session.currentY+options.offset);coords.set("left",session.currentX+options.offset);collisions=getViewportCollisions(coords,tipWidth,tipHeight);if(collisions!==Collision.none){collisionCount=countFlags(collisions);if(collisionCount===1){if(collisions===Collision.right){coords.set("left",session.scrollLeft+session.windowWidth-tipWidth)}else if(collisions===Collision.bottom){coords.set("top",session.scrollTop+session.windowHeight-tipHeight)}}else{coords.set("left",session.currentX-tipWidth-options.offset);coords.set("top",session.currentY-tipHeight-options.offset)}}tipElement.css(coords)}}function positionTipOnElement(element){var priorityList,finalPlacement;if(options.smartPlacement||options.followMouse&&element.data(DATA_FORCEDOPEN)){priorityList=$.fn.powerTip.smartPlacementLists[options.placement];$.each(priorityList,function(idx,pos){var collisions=getViewportCollisions(placeTooltip(element,pos),tipElement.outerWidth(),tipElement.outerHeight());finalPlacement=pos;return collisions!==Collision.none})}else{placeTooltip(element,options.placement);finalPlacement=options.placement}tipElement.removeClass("w nw sw e ne se n s w se-alt sw-alt ne-alt nw-alt");tipElement.addClass(finalPlacement)}function placeTooltip(element,placement){var iterationCount=0,tipWidth,tipHeight,coords=new CSSCoordinates;coords.set("top",0);coords.set("left",0);tipElement.css(coords);do{tipWidth=tipElement.outerWidth();tipHeight=tipElement.outerHeight();coords=placementCalculator.compute(element,placement,tipWidth,tipHeight,options.offset);tipElement.css(coords)}while(++iterationCount<=5&&(tipWidth!==tipElement.outerWidth()||tipHeight!==tipElement.outerHeight()));return coords}function closeDesyncedTip(){var isDesynced=false,hasDesyncableCloseEvent=$.grep(["mouseleave","mouseout","blur","focusout"],function(eventType){return $.inArray(eventType,options.closeEvents)!==-1}).length>0;if(session.isTipOpen&&!session.isClosing&&!session.delayInProgress&&hasDesyncableCloseEvent){if(session.activeHover.data(DATA_HASACTIVEHOVER)===false||session.activeHover.is(":disabled")){isDesynced=true}else if(!isMouseOver(session.activeHover)&&!session.activeHover.is(":focus")&&!session.activeHover.data(DATA_FORCEDOPEN)){if(tipElement.data(DATA_MOUSEONTOTIP)){if(!isMouseOver(tipElement)){isDesynced=true}}else{isDesynced=true}}if(isDesynced){hideTip(session.activeHover)}}}this.showTip=beginShowTip;this.hideTip=hideTip;this.resetPosition=positionTipOnElement}function isSvgElement(element){return Boolean(window.SVGElement&&element[0]instanceof SVGElement)}function isMouseEvent(event){return Boolean(event&&$.inArray(event.type,MOUSE_EVENTS)>-1&&typeof event.pageX==="number")}function initTracking(){if(!session.mouseTrackingActive){session.mouseTrackingActive=true;getViewportDimensions();$(getViewportDimensions);$document.on("mousemove"+EVENT_NAMESPACE,trackMouse);$window.on("resize"+EVENT_NAMESPACE,trackResize);$window.on("scroll"+EVENT_NAMESPACE,trackScroll)}}function getViewportDimensions(){session.scrollLeft=$window.scrollLeft();session.scrollTop=$window.scrollTop();session.windowWidth=$window.width();session.windowHeight=$window.height()}function trackResize(){session.windowWidth=$window.width();session.windowHeight=$window.height()}function trackScroll(){var x=$window.scrollLeft(),y=$window.scrollTop();if(x!==session.scrollLeft){session.currentX+=x-session.scrollLeft;session.scrollLeft=x}if(y!==session.scrollTop){session.currentY+=y-session.scrollTop;session.scrollTop=y}}function trackMouse(event){session.currentX=event.pageX;session.currentY=event.pageY}function isMouseOver(element){var elementPosition=element.offset(),elementBox=element[0].getBoundingClientRect(),elementWidth=elementBox.right-elementBox.left,elementHeight=elementBox.bottom-elementBox.top;return session.currentX>=elementPosition.left&&session.currentX<=elementPosition.left+elementWidth&&session.currentY>=elementPosition.top&&session.currentY<=elementPosition.top+elementHeight}function getTooltipContent(element){var tipText=element.data(DATA_POWERTIP),tipObject=element.data(DATA_POWERTIPJQ),tipTarget=element.data(DATA_POWERTIPTARGET),targetElement,content;if(tipText){if($.isFunction(tipText)){tipText=tipText.call(element[0])}content=tipText}else if(tipObject){if($.isFunction(tipObject)){tipObject=tipObject.call(element[0])}if(tipObject.length>0){content=tipObject.clone(true,true)}}else if(tipTarget){targetElement=$("#"+tipTarget);if(targetElement.length>0){content=targetElement.html()}}return content}function getViewportCollisions(coords,elementWidth,elementHeight){var viewportTop=session.scrollTop,viewportLeft=session.scrollLeft,viewportBottom=viewportTop+session.windowHeight,viewportRight=viewportLeft+session.windowWidth,collisions=Collision.none;if(coords.top<viewportTop||Math.abs(coords.bottom-session.windowHeight)-elementHeight<viewportTop){collisions|=Collision.top}if(coords.top+elementHeight>viewportBottom||Math.abs(coords.bottom-session.windowHeight)>viewportBottom){collisions|=Collision.bottom}if(coords.left<viewportLeft||coords.right+elementWidth>viewportRight){collisions|=Collision.left}if(coords.left+elementWidth>viewportRight||coords.right<viewportLeft){collisions|=Collision.right}return collisions}function countFlags(value){var count=0;while(value){value&=value-1;count++}return count}return $.powerTip});/*!
- * jQuery UI Touch Punch 0.2.3
- *
- * Copyright 2011–2014, Dave Furfero
- * Dual licensed under the MIT or GPL Version 2 licenses.
- *
- * Depends:
- *  jquery.ui.widget.js
- *  jquery.ui.mouse.js
- */
-!function(a){function f(a,b){if(!(a.originalEvent.touches.length>1)){a.preventDefault();var c=a.originalEvent.changedTouches[0],d=document.createEvent("MouseEvents");d.initMouseEvent(b,!0,!0,window,1,c.screenX,c.screenY,c.clientX,c.clientY,!1,!1,!1,!1,0,null),a.target.dispatchEvent(d)}}if(a.support.touch="ontouchend"in document,a.support.touch){var e,b=a.ui.mouse.prototype,c=b._mouseInit,d=b._mouseDestroy;b._touchStart=function(a){var b=this;!e&&b._mouseCapture(a.originalEvent.changedTouches[0])&&(e=!0,b._touchMoved=!1,f(a,"mouseover"),f(a,"mousemove"),f(a,"mousedown"))},b._touchMove=function(a){e&&(this._touchMoved=!0,f(a,"mousemove"))},b._touchEnd=function(a){e&&(f(a,"mouseup"),f(a,"mouseout"),this._touchMoved||f(a,"click"),e=!1)},b._mouseInit=function(){var b=this;b.element.bind({touchstart:a.proxy(b,"_touchStart"),touchmove:a.proxy(b,"_touchMove"),touchend:a.proxy(b,"_touchEnd")}),c.call(b)},b._mouseDestroy=function(){var b=this;b.element.unbind({touchstart:a.proxy(b,"_touchStart"),touchmove:a.proxy(b,"_touchMove"),touchend:a.proxy(b,"_touchEnd")}),d.call(b)}}}(jQuery);/*! SmartMenus jQuery Plugin - v1.1.0 - September 17, 2017
- * http://www.smartmenus.org/
- * Copyright Vasil Dinkov, Vadikom Web Ltd. http://vadikom.com; Licensed MIT */(function(t){"function"==typeof define&&define.amd?define(["jquery"],t):"object"==typeof module&&"object"==typeof module.exports?module.exports=t(require("jquery")):t(jQuery)})(function($){function initMouseDetection(t){var e=".smartmenus_mouse";if(mouseDetectionEnabled||t)mouseDetectionEnabled&&t&&($(document).off(e),mouseDetectionEnabled=!1);else{var i=!0,s=null,o={mousemove:function(t){var e={x:t.pageX,y:t.pageY,timeStamp:(new Date).getTime()};if(s){var o=Math.abs(s.x-e.x),a=Math.abs(s.y-e.y);if((o>0||a>0)&&2>=o&&2>=a&&300>=e.timeStamp-s.timeStamp&&(mouse=!0,i)){var n=$(t.target).closest("a");n.is("a")&&$.each(menuTrees,function(){return $.contains(this.$root[0],n[0])?(this.itemEnter({currentTarget:n[0]}),!1):void 0}),i=!1}}s=e}};o[touchEvents?"touchstart":"pointerover pointermove pointerout MSPointerOver MSPointerMove MSPointerOut"]=function(t){isTouchEvent(t.originalEvent)&&(mouse=!1)},$(document).on(getEventsNS(o,e)),mouseDetectionEnabled=!0}}function isTouchEvent(t){return!/^(4|mouse)$/.test(t.pointerType)}function getEventsNS(t,e){e||(e="");var i={};for(var s in t)i[s.split(" ").join(e+" ")+e]=t[s];return i}var menuTrees=[],mouse=!1,touchEvents="ontouchstart"in window,mouseDetectionEnabled=!1,requestAnimationFrame=window.requestAnimationFrame||function(t){return setTimeout(t,1e3/60)},cancelAnimationFrame=window.cancelAnimationFrame||function(t){clearTimeout(t)},canAnimate=!!$.fn.animate;return $.SmartMenus=function(t,e){this.$root=$(t),this.opts=e,this.rootId="",this.accessIdPrefix="",this.$subArrow=null,this.activatedItems=[],this.visibleSubMenus=[],this.showTimeout=0,this.hideTimeout=0,this.scrollTimeout=0,this.clickActivated=!1,this.focusActivated=!1,this.zIndexInc=0,this.idInc=0,this.$firstLink=null,this.$firstSub=null,this.disabled=!1,this.$disableOverlay=null,this.$touchScrollingSub=null,this.cssTransforms3d="perspective"in t.style||"webkitPerspective"in t.style,this.wasCollapsible=!1,this.init()},$.extend($.SmartMenus,{hideAll:function(){$.each(menuTrees,function(){this.menuHideAll()})},destroy:function(){for(;menuTrees.length;)menuTrees[0].destroy();initMouseDetection(!0)},prototype:{init:function(t){var e=this;if(!t){menuTrees.push(this),this.rootId=((new Date).getTime()+Math.random()+"").replace(/\D/g,""),this.accessIdPrefix="sm-"+this.rootId+"-",this.$root.hasClass("sm-rtl")&&(this.opts.rightToLeftSubMenus=!0);var i=".smartmenus";this.$root.data("smartmenus",this).attr("data-smartmenus-id",this.rootId).dataSM("level",1).on(getEventsNS({"mouseover focusin":$.proxy(this.rootOver,this),"mouseout focusout":$.proxy(this.rootOut,this),keydown:$.proxy(this.rootKeyDown,this)},i)).on(getEventsNS({mouseenter:$.proxy(this.itemEnter,this),mouseleave:$.proxy(this.itemLeave,this),mousedown:$.proxy(this.itemDown,this),focus:$.proxy(this.itemFocus,this),blur:$.proxy(this.itemBlur,this),click:$.proxy(this.itemClick,this)},i),"a"),i+=this.rootId,this.opts.hideOnClick&&$(document).on(getEventsNS({touchstart:$.proxy(this.docTouchStart,this),touchmove:$.proxy(this.docTouchMove,this),touchend:$.proxy(this.docTouchEnd,this),click:$.proxy(this.docClick,this)},i)),$(window).on(getEventsNS({"resize orientationchange":$.proxy(this.winResize,this)},i)),this.opts.subIndicators&&(this.$subArrow=$("<span/>").addClass("sub-arrow"),this.opts.subIndicatorsText&&this.$subArrow.html(this.opts.subIndicatorsText)),initMouseDetection()}if(this.$firstSub=this.$root.find("ul").each(function(){e.menuInit($(this))}).eq(0),this.$firstLink=this.$root.find("a").eq(0),this.opts.markCurrentItem){var s=/(index|default)\.[^#\?\/]*/i,o=/#.*/,a=window.location.href.replace(s,""),n=a.replace(o,"");this.$root.find("a").each(function(){var t=this.href.replace(s,""),i=$(this);(t==a||t==n)&&(i.addClass("current"),e.opts.markCurrentTree&&i.parentsUntil("[data-smartmenus-id]","ul").each(function(){$(this).dataSM("parent-a").addClass("current")}))})}this.wasCollapsible=this.isCollapsible()},destroy:function(t){if(!t){var e=".smartmenus";this.$root.removeData("smartmenus").removeAttr("data-smartmenus-id").removeDataSM("level").off(e),e+=this.rootId,$(document).off(e),$(window).off(e),this.opts.subIndicators&&(this.$subArrow=null)}this.menuHideAll();var i=this;this.$root.find("ul").each(function(){var t=$(this);t.dataSM("scroll-arrows")&&t.dataSM("scroll-arrows").remove(),t.dataSM("shown-before")&&((i.opts.subMenusMinWidth||i.opts.subMenusMaxWidth)&&t.css({width:"",minWidth:"",maxWidth:""}).removeClass("sm-nowrap"),t.dataSM("scroll-arrows")&&t.dataSM("scroll-arrows").remove(),t.css({zIndex:"",top:"",left:"",marginLeft:"",marginTop:"",display:""})),0==(t.attr("id")||"").indexOf(i.accessIdPrefix)&&t.removeAttr("id")}).removeDataSM("in-mega").removeDataSM("shown-before").removeDataSM("scroll-arrows").removeDataSM("parent-a").removeDataSM("level").removeDataSM("beforefirstshowfired").removeAttr("role").removeAttr("aria-hidden").removeAttr("aria-labelledby").removeAttr("aria-expanded"),this.$root.find("a.has-submenu").each(function(){var t=$(this);0==t.attr("id").indexOf(i.accessIdPrefix)&&t.removeAttr("id")}).removeClass("has-submenu").removeDataSM("sub").removeAttr("aria-haspopup").removeAttr("aria-controls").removeAttr("aria-expanded").closest("li").removeDataSM("sub"),this.opts.subIndicators&&this.$root.find("span.sub-arrow").remove(),this.opts.markCurrentItem&&this.$root.find("a.current").removeClass("current"),t||(this.$root=null,this.$firstLink=null,this.$firstSub=null,this.$disableOverlay&&(this.$disableOverlay.remove(),this.$disableOverlay=null),menuTrees.splice($.inArray(this,menuTrees),1))},disable:function(t){if(!this.disabled){if(this.menuHideAll(),!t&&!this.opts.isPopup&&this.$root.is(":visible")){var e=this.$root.offset();this.$disableOverlay=$('<div class="sm-jquery-disable-overlay"/>').css({position:"absolute",top:e.top,left:e.left,width:this.$root.outerWidth(),height:this.$root.outerHeight(),zIndex:this.getStartZIndex(!0),opacity:0}).appendTo(document.body)}this.disabled=!0}},docClick:function(t){return this.$touchScrollingSub?(this.$touchScrollingSub=null,void 0):((this.visibleSubMenus.length&&!$.contains(this.$root[0],t.target)||$(t.target).closest("a").length)&&this.menuHideAll(),void 0)},docTouchEnd:function(){if(this.lastTouch){if(!(!this.visibleSubMenus.length||void 0!==this.lastTouch.x2&&this.lastTouch.x1!=this.lastTouch.x2||void 0!==this.lastTouch.y2&&this.lastTouch.y1!=this.lastTouch.y2||this.lastTouch.target&&$.contains(this.$root[0],this.lastTouch.target))){this.hideTimeout&&(clearTimeout(this.hideTimeout),this.hideTimeout=0);var t=this;this.hideTimeout=setTimeout(function(){t.menuHideAll()},350)}this.lastTouch=null}},docTouchMove:function(t){if(this.lastTouch){var e=t.originalEvent.touches[0];this.lastTouch.x2=e.pageX,this.lastTouch.y2=e.pageY}},docTouchStart:function(t){var e=t.originalEvent.touches[0];this.lastTouch={x1:e.pageX,y1:e.pageY,target:e.target}},enable:function(){this.disabled&&(this.$disableOverlay&&(this.$disableOverlay.remove(),this.$disableOverlay=null),this.disabled=!1)},getClosestMenu:function(t){for(var e=$(t).closest("ul");e.dataSM("in-mega");)e=e.parent().closest("ul");return e[0]||null},getHeight:function(t){return this.getOffset(t,!0)},getOffset:function(t,e){var i;"none"==t.css("display")&&(i={position:t[0].style.position,visibility:t[0].style.visibility},t.css({position:"absolute",visibility:"hidden"}).show());var s=t[0].getBoundingClientRect&&t[0].getBoundingClientRect(),o=s&&(e?s.height||s.bottom-s.top:s.width||s.right-s.left);return o||0===o||(o=e?t[0].offsetHeight:t[0].offsetWidth),i&&t.hide().css(i),o},getStartZIndex:function(t){var e=parseInt(this[t?"$root":"$firstSub"].css("z-index"));return!t&&isNaN(e)&&(e=parseInt(this.$root.css("z-index"))),isNaN(e)?1:e},getTouchPoint:function(t){return t.touches&&t.touches[0]||t.changedTouches&&t.changedTouches[0]||t},getViewport:function(t){var e=t?"Height":"Width",i=document.documentElement["client"+e],s=window["inner"+e];return s&&(i=Math.min(i,s)),i},getViewportHeight:function(){return this.getViewport(!0)},getViewportWidth:function(){return this.getViewport()},getWidth:function(t){return this.getOffset(t)},handleEvents:function(){return!this.disabled&&this.isCSSOn()},handleItemEvents:function(t){return this.handleEvents()&&!this.isLinkInMegaMenu(t)},isCollapsible:function(){return"static"==this.$firstSub.css("position")},isCSSOn:function(){return"inline"!=this.$firstLink.css("display")},isFixed:function(){var t="fixed"==this.$root.css("position");return t||this.$root.parentsUntil("body").each(function(){return"fixed"==$(this).css("position")?(t=!0,!1):void 0}),t},isLinkInMegaMenu:function(t){return $(this.getClosestMenu(t[0])).hasClass("mega-menu")},isTouchMode:function(){return!mouse||this.opts.noMouseOver||this.isCollapsible()},itemActivate:function(t,e){var i=t.closest("ul"),s=i.dataSM("level");if(s>1&&(!this.activatedItems[s-2]||this.activatedItems[s-2][0]!=i.dataSM("parent-a")[0])){var o=this;$(i.parentsUntil("[data-smartmenus-id]","ul").get().reverse()).add(i).each(function(){o.itemActivate($(this).dataSM("parent-a"))})}if((!this.isCollapsible()||e)&&this.menuHideSubMenus(this.activatedItems[s-1]&&this.activatedItems[s-1][0]==t[0]?s:s-1),this.activatedItems[s-1]=t,this.$root.triggerHandler("activate.smapi",t[0])!==!1){var a=t.dataSM("sub");a&&(this.isTouchMode()||!this.opts.showOnClick||this.clickActivated)&&this.menuShow(a)}},itemBlur:function(t){var e=$(t.currentTarget);this.handleItemEvents(e)&&this.$root.triggerHandler("blur.smapi",e[0])},itemClick:function(t){var e=$(t.currentTarget);if(this.handleItemEvents(e)){if(this.$touchScrollingSub&&this.$touchScrollingSub[0]==e.closest("ul")[0])return this.$touchScrollingSub=null,t.stopPropagation(),!1;if(this.$root.triggerHandler("click.smapi",e[0])===!1)return!1;var i=$(t.target).is(".sub-arrow"),s=e.dataSM("sub"),o=s?2==s.dataSM("level"):!1,a=this.isCollapsible(),n=/toggle$/.test(this.opts.collapsibleBehavior),r=/link$/.test(this.opts.collapsibleBehavior),h=/^accordion/.test(this.opts.collapsibleBehavior);if(s&&!s.is(":visible")){if((!r||!a||i)&&(this.opts.showOnClick&&o&&(this.clickActivated=!0),this.itemActivate(e,h),s.is(":visible")))return this.focusActivated=!0,!1}else if(a&&(n||i))return this.itemActivate(e,h),this.menuHide(s),n&&(this.focusActivated=!1),!1;return this.opts.showOnClick&&o||e.hasClass("disabled")||this.$root.triggerHandler("select.smapi",e[0])===!1?!1:void 0}},itemDown:function(t){var e=$(t.currentTarget);this.handleItemEvents(e)&&e.dataSM("mousedown",!0)},itemEnter:function(t){var e=$(t.currentTarget);if(this.handleItemEvents(e)){if(!this.isTouchMode()){this.showTimeout&&(clearTimeout(this.showTimeout),this.showTimeout=0);var i=this;this.showTimeout=setTimeout(function(){i.itemActivate(e)},this.opts.showOnClick&&1==e.closest("ul").dataSM("level")?1:this.opts.showTimeout)}this.$root.triggerHandler("mouseenter.smapi",e[0])}},itemFocus:function(t){var e=$(t.currentTarget);this.handleItemEvents(e)&&(!this.focusActivated||this.isTouchMode()&&e.dataSM("mousedown")||this.activatedItems.length&&this.activatedItems[this.activatedItems.length-1][0]==e[0]||this.itemActivate(e,!0),this.$root.triggerHandler("focus.smapi",e[0]))},itemLeave:function(t){var e=$(t.currentTarget);this.handleItemEvents(e)&&(this.isTouchMode()||(e[0].blur(),this.showTimeout&&(clearTimeout(this.showTimeout),this.showTimeout=0)),e.removeDataSM("mousedown"),this.$root.triggerHandler("mouseleave.smapi",e[0]))},menuHide:function(t){if(this.$root.triggerHandler("beforehide.smapi",t[0])!==!1&&(canAnimate&&t.stop(!0,!0),"none"!=t.css("display"))){var e=function(){t.css("z-index","")};this.isCollapsible()?canAnimate&&this.opts.collapsibleHideFunction?this.opts.collapsibleHideFunction.call(this,t,e):t.hide(this.opts.collapsibleHideDuration,e):canAnimate&&this.opts.hideFunction?this.opts.hideFunction.call(this,t,e):t.hide(this.opts.hideDuration,e),t.dataSM("scroll")&&(this.menuScrollStop(t),t.css({"touch-action":"","-ms-touch-action":"","-webkit-transform":"",transform:""}).off(".smartmenus_scroll").removeDataSM("scroll").dataSM("scroll-arrows").hide()),t.dataSM("parent-a").removeClass("highlighted").attr("aria-expanded","false"),t.attr({"aria-expanded":"false","aria-hidden":"true"});var i=t.dataSM("level");this.activatedItems.splice(i-1,1),this.visibleSubMenus.splice($.inArray(t,this.visibleSubMenus),1),this.$root.triggerHandler("hide.smapi",t[0])}},menuHideAll:function(){this.showTimeout&&(clearTimeout(this.showTimeout),this.showTimeout=0);for(var t=this.opts.isPopup?1:0,e=this.visibleSubMenus.length-1;e>=t;e--)this.menuHide(this.visibleSubMenus[e]);this.opts.isPopup&&(canAnimate&&this.$root.stop(!0,!0),this.$root.is(":visible")&&(canAnimate&&this.opts.hideFunction?this.opts.hideFunction.call(this,this.$root):this.$root.hide(this.opts.hideDuration))),this.activatedItems=[],this.visibleSubMenus=[],this.clickActivated=!1,this.focusActivated=!1,this.zIndexInc=0,this.$root.triggerHandler("hideAll.smapi")},menuHideSubMenus:function(t){for(var e=this.activatedItems.length-1;e>=t;e--){var i=this.activatedItems[e].dataSM("sub");i&&this.menuHide(i)}},menuInit:function(t){if(!t.dataSM("in-mega")){t.hasClass("mega-menu")&&t.find("ul").dataSM("in-mega",!0);for(var e=2,i=t[0];(i=i.parentNode.parentNode)!=this.$root[0];)e++;var s=t.prevAll("a").eq(-1);s.length||(s=t.prevAll().find("a").eq(-1)),s.addClass("has-submenu").dataSM("sub",t),t.dataSM("parent-a",s).dataSM("level",e).parent().dataSM("sub",t);var o=s.attr("id")||this.accessIdPrefix+ ++this.idInc,a=t.attr("id")||this.accessIdPrefix+ ++this.idInc;s.attr({id:o,"aria-haspopup":"true","aria-controls":a,"aria-expanded":"false"}),t.attr({id:a,role:"group","aria-hidden":"true","aria-labelledby":o,"aria-expanded":"false"}),this.opts.subIndicators&&s[this.opts.subIndicatorsPos](this.$subArrow.clone())}},menuPosition:function(t){var e,i,s=t.dataSM("parent-a"),o=s.closest("li"),a=o.parent(),n=t.dataSM("level"),r=this.getWidth(t),h=this.getHeight(t),u=s.offset(),l=u.left,c=u.top,d=this.getWidth(s),m=this.getHeight(s),p=$(window),f=p.scrollLeft(),v=p.scrollTop(),b=this.getViewportWidth(),S=this.getViewportHeight(),g=a.parent().is("[data-sm-horizontal-sub]")||2==n&&!a.hasClass("sm-vertical"),M=this.opts.rightToLeftSubMenus&&!o.is("[data-sm-reverse]")||!this.opts.rightToLeftSubMenus&&o.is("[data-sm-reverse]"),w=2==n?this.opts.mainMenuSubOffsetX:this.opts.subMenusSubOffsetX,T=2==n?this.opts.mainMenuSubOffsetY:this.opts.subMenusSubOffsetY;if(g?(e=M?d-r-w:w,i=this.opts.bottomToTopSubMenus?-h-T:m+T):(e=M?w-r:d-w,i=this.opts.bottomToTopSubMenus?m-T-h:T),this.opts.keepInViewport){var y=l+e,I=c+i;if(M&&f>y?e=g?f-y+e:d-w:!M&&y+r>f+b&&(e=g?f+b-r-y+e:w-r),g||(S>h&&I+h>v+S?i+=v+S-h-I:(h>=S||v>I)&&(i+=v-I)),g&&(I+h>v+S+.49||v>I)||!g&&h>S+.49){var x=this;t.dataSM("scroll-arrows")||t.dataSM("scroll-arrows",$([$('<span class="scroll-up"><span class="scroll-up-arrow"></span></span>')[0],$('<span class="scroll-down"><span class="scroll-down-arrow"></span></span>')[0]]).on({mouseenter:function(){t.dataSM("scroll").up=$(this).hasClass("scroll-up"),x.menuScroll(t)},mouseleave:function(e){x.menuScrollStop(t),x.menuScrollOut(t,e)},"mousewheel DOMMouseScroll":function(t){t.preventDefault()}}).insertAfter(t));var A=".smartmenus_scroll";if(t.dataSM("scroll",{y:this.cssTransforms3d?0:i-m,step:1,itemH:m,subH:h,arrowDownH:this.getHeight(t.dataSM("scroll-arrows").eq(1))}).on(getEventsNS({mouseover:function(e){x.menuScrollOver(t,e)},mouseout:function(e){x.menuScrollOut(t,e)},"mousewheel DOMMouseScroll":function(e){x.menuScrollMousewheel(t,e)}},A)).dataSM("scroll-arrows").css({top:"auto",left:"0",marginLeft:e+(parseInt(t.css("border-left-width"))||0),width:r-(parseInt(t.css("border-left-width"))||0)-(parseInt(t.css("border-right-width"))||0),zIndex:t.css("z-index")}).eq(g&&this.opts.bottomToTopSubMenus?0:1).show(),this.isFixed()){var C={};C[touchEvents?"touchstart touchmove touchend":"pointerdown pointermove pointerup MSPointerDown MSPointerMove MSPointerUp"]=function(e){x.menuScrollTouch(t,e)},t.css({"touch-action":"none","-ms-touch-action":"none"}).on(getEventsNS(C,A))}}}t.css({top:"auto",left:"0",marginLeft:e,marginTop:i-m})},menuScroll:function(t,e,i){var s,o=t.dataSM("scroll"),a=t.dataSM("scroll-arrows"),n=o.up?o.upEnd:o.downEnd;if(!e&&o.momentum){if(o.momentum*=.92,s=o.momentum,.5>s)return this.menuScrollStop(t),void 0}else s=i||(e||!this.opts.scrollAccelerate?this.opts.scrollStep:Math.floor(o.step));var r=t.dataSM("level");if(this.activatedItems[r-1]&&this.activatedItems[r-1].dataSM("sub")&&this.activatedItems[r-1].dataSM("sub").is(":visible")&&this.menuHideSubMenus(r-1),o.y=o.up&&o.y>=n||!o.up&&n>=o.y?o.y:Math.abs(n-o.y)>s?o.y+(o.up?s:-s):n,t.css(this.cssTransforms3d?{"-webkit-transform":"translate3d(0, "+o.y+"px, 0)",transform:"translate3d(0, "+o.y+"px, 0)"}:{marginTop:o.y}),mouse&&(o.up&&o.y>o.downEnd||!o.up&&o.y<o.upEnd)&&a.eq(o.up?1:0).show(),o.y==n)mouse&&a.eq(o.up?0:1).hide(),this.menuScrollStop(t);else if(!e){this.opts.scrollAccelerate&&o.step<this.opts.scrollStep&&(o.step+=.2);var h=this;this.scrollTimeout=requestAnimationFrame(function(){h.menuScroll(t)})}},menuScrollMousewheel:function(t,e){if(this.getClosestMenu(e.target)==t[0]){e=e.originalEvent;var i=(e.wheelDelta||-e.detail)>0;t.dataSM("scroll-arrows").eq(i?0:1).is(":visible")&&(t.dataSM("scroll").up=i,this.menuScroll(t,!0))}e.preventDefault()},menuScrollOut:function(t,e){mouse&&(/^scroll-(up|down)/.test((e.relatedTarget||"").className)||(t[0]==e.relatedTarget||$.contains(t[0],e.relatedTarget))&&this.getClosestMenu(e.relatedTarget)==t[0]||t.dataSM("scroll-arrows").css("visibility","hidden"))},menuScrollOver:function(t,e){if(mouse&&!/^scroll-(up|down)/.test(e.target.className)&&this.getClosestMenu(e.target)==t[0]){this.menuScrollRefreshData(t);var i=t.dataSM("scroll"),s=$(window).scrollTop()-t.dataSM("parent-a").offset().top-i.itemH;t.dataSM("scroll-arrows").eq(0).css("margin-top",s).end().eq(1).css("margin-top",s+this.getViewportHeight()-i.arrowDownH).end().css("visibility","visible")}},menuScrollRefreshData:function(t){var e=t.dataSM("scroll"),i=$(window).scrollTop()-t.dataSM("parent-a").offset().top-e.itemH;this.cssTransforms3d&&(i=-(parseFloat(t.css("margin-top"))-i)),$.extend(e,{upEnd:i,downEnd:i+this.getViewportHeight()-e.subH})},menuScrollStop:function(t){return this.scrollTimeout?(cancelAnimationFrame(this.scrollTimeout),this.scrollTimeout=0,t.dataSM("scroll").step=1,!0):void 0},menuScrollTouch:function(t,e){if(e=e.originalEvent,isTouchEvent(e)){var i=this.getTouchPoint(e);if(this.getClosestMenu(i.target)==t[0]){var s=t.dataSM("scroll");if(/(start|down)$/i.test(e.type))this.menuScrollStop(t)?(e.preventDefault(),this.$touchScrollingSub=t):this.$touchScrollingSub=null,this.menuScrollRefreshData(t),$.extend(s,{touchStartY:i.pageY,touchStartTime:e.timeStamp});else if(/move$/i.test(e.type)){var o=void 0!==s.touchY?s.touchY:s.touchStartY;if(void 0!==o&&o!=i.pageY){this.$touchScrollingSub=t;var a=i.pageY>o;void 0!==s.up&&s.up!=a&&$.extend(s,{touchStartY:i.pageY,touchStartTime:e.timeStamp}),$.extend(s,{up:a,touchY:i.pageY}),this.menuScroll(t,!0,Math.abs(i.pageY-o))}e.preventDefault()}else void 0!==s.touchY&&((s.momentum=15*Math.pow(Math.abs(i.pageY-s.touchStartY)/(e.timeStamp-s.touchStartTime),2))&&(this.menuScrollStop(t),this.menuScroll(t),e.preventDefault()),delete s.touchY)}}},menuShow:function(t){if((t.dataSM("beforefirstshowfired")||(t.dataSM("beforefirstshowfired",!0),this.$root.triggerHandler("beforefirstshow.smapi",t[0])!==!1))&&this.$root.triggerHandler("beforeshow.smapi",t[0])!==!1&&(t.dataSM("shown-before",!0),canAnimate&&t.stop(!0,!0),!t.is(":visible"))){var e=t.dataSM("parent-a"),i=this.isCollapsible();if((this.opts.keepHighlighted||i)&&e.addClass("highlighted"),i)t.removeClass("sm-nowrap").css({zIndex:"",width:"auto",minWidth:"",maxWidth:"",top:"",left:"",marginLeft:"",marginTop:""});else{if(t.css("z-index",this.zIndexInc=(this.zIndexInc||this.getStartZIndex())+1),(this.opts.subMenusMinWidth||this.opts.subMenusMaxWidth)&&(t.css({width:"auto",minWidth:"",maxWidth:""}).addClass("sm-nowrap"),this.opts.subMenusMinWidth&&t.css("min-width",this.opts.subMenusMinWidth),this.opts.subMenusMaxWidth)){var s=this.getWidth(t);t.css("max-width",this.opts.subMenusMaxWidth),s>this.getWidth(t)&&t.removeClass("sm-nowrap").css("width",this.opts.subMenusMaxWidth)}this.menuPosition(t)}var o=function(){t.css("overflow","")};i?canAnimate&&this.opts.collapsibleShowFunction?this.opts.collapsibleShowFunction.call(this,t,o):t.show(this.opts.collapsibleShowDuration,o):canAnimate&&this.opts.showFunction?this.opts.showFunction.call(this,t,o):t.show(this.opts.showDuration,o),e.attr("aria-expanded","true"),t.attr({"aria-expanded":"true","aria-hidden":"false"}),this.visibleSubMenus.push(t),this.$root.triggerHandler("show.smapi",t[0])}},popupHide:function(t){this.hideTimeout&&(clearTimeout(this.hideTimeout),this.hideTimeout=0);var e=this;this.hideTimeout=setTimeout(function(){e.menuHideAll()},t?1:this.opts.hideTimeout)},popupShow:function(t,e){if(!this.opts.isPopup)return alert('SmartMenus jQuery Error:\n\nIf you want to show this menu via the "popupShow" method, set the isPopup:true option.'),void 0;if(this.hideTimeout&&(clearTimeout(this.hideTimeout),this.hideTimeout=0),this.$root.dataSM("shown-before",!0),canAnimate&&this.$root.stop(!0,!0),!this.$root.is(":visible")){this.$root.css({left:t,top:e});var i=this,s=function(){i.$root.css("overflow","")};canAnimate&&this.opts.showFunction?this.opts.showFunction.call(this,this.$root,s):this.$root.show(this.opts.showDuration,s),this.visibleSubMenus[0]=this.$root}},refresh:function(){this.destroy(!0),this.init(!0)},rootKeyDown:function(t){if(this.handleEvents())switch(t.keyCode){case 27:var e=this.activatedItems[0];if(e){this.menuHideAll(),e[0].focus();var i=e.dataSM("sub");i&&this.menuHide(i)}break;case 32:var s=$(t.target);if(s.is("a")&&this.handleItemEvents(s)){var i=s.dataSM("sub");i&&!i.is(":visible")&&(this.itemClick({currentTarget:t.target}),t.preventDefault())}}},rootOut:function(t){if(this.handleEvents()&&!this.isTouchMode()&&t.target!=this.$root[0]&&(this.hideTimeout&&(clearTimeout(this.hideTimeout),this.hideTimeout=0),!this.opts.showOnClick||!this.opts.hideOnClick)){var e=this;this.hideTimeout=setTimeout(function(){e.menuHideAll()},this.opts.hideTimeout)}},rootOver:function(t){this.handleEvents()&&!this.isTouchMode()&&t.target!=this.$root[0]&&this.hideTimeout&&(clearTimeout(this.hideTimeout),this.hideTimeout=0)},winResize:function(t){if(this.handleEvents()){if(!("onorientationchange"in window)||"orientationchange"==t.type){var e=this.isCollapsible();this.wasCollapsible&&e||(this.activatedItems.length&&this.activatedItems[this.activatedItems.length-1][0].blur(),this.menuHideAll()),this.wasCollapsible=e}}else if(this.$disableOverlay){var i=this.$root.offset();this.$disableOverlay.css({top:i.top,left:i.left,width:this.$root.outerWidth(),height:this.$root.outerHeight()})}}}}),$.fn.dataSM=function(t,e){return e?this.data(t+"_smartmenus",e):this.data(t+"_smartmenus")},$.fn.removeDataSM=function(t){return this.removeData(t+"_smartmenus")},$.fn.smartmenus=function(options){if("string"==typeof options){var args=arguments,method=options;return Array.prototype.shift.call(args),this.each(function(){var t=$(this).data("smartmenus");t&&t[method]&&t[method].apply(t,args)})}return this.each(function(){var dataOpts=$(this).data("sm-options")||null;if(dataOpts)try{dataOpts=eval("("+dataOpts+")")}catch(e){dataOpts=null,alert('ERROR\n\nSmartMenus jQuery init:\nInvalid "data-sm-options" attribute value syntax.')}new $.SmartMenus(this,$.extend({},$.fn.smartmenus.defaults,options,dataOpts))})},$.fn.smartmenus.defaults={isPopup:!1,mainMenuSubOffsetX:0,mainMenuSubOffsetY:0,subMenusSubOffsetX:0,subMenusSubOffsetY:0,subMenusMinWidth:"10em",subMenusMaxWidth:"20em",subIndicators:!0,subIndicatorsPos:"append",subIndicatorsText:"",scrollStep:30,scrollAccelerate:!0,showTimeout:250,hideTimeout:500,showDuration:0,showFunction:null,hideDuration:0,hideFunction:function(t,e){t.fadeOut(200,e)},collapsibleShowDuration:0,collapsibleShowFunction:function(t,e){t.slideDown(200,e)},collapsibleHideDuration:0,collapsibleHideFunction:function(t,e){t.slideUp(200,e)},showOnClick:!1,hideOnClick:!0,noMouseOver:!1,keepInViewport:!0,keepHighlighted:!0,markCurrentItem:!1,markCurrentTree:!0,rightToLeftSubMenus:!1,bottomToTopSubMenus:!1,collapsibleBehavior:"default"},$});
\ No newline at end of file
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/menu.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/menu.js
deleted file mode 100644
index 2fe2214..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/menu.js
+++ /dev/null
@@ -1,51 +0,0 @@
-/*
- @licstart  The following is the entire license notice for the JavaScript code in this file.
-
- The MIT License (MIT)
-
- Copyright (C) 1997-2020 by Dimitri van Heesch
-
- Permission is hereby granted, free of charge, to any person obtaining a copy of this software
- and associated documentation files (the "Software"), to deal in the Software without restriction,
- including without limitation the rights to use, copy, modify, merge, publish, distribute,
- sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is
- furnished to do so, subject to the following conditions:
-
- The above copyright notice and this permission notice shall be included in all copies or
- substantial portions of the Software.
-
- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING
- BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
- DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
- @licend  The above is the entire license notice for the JavaScript code in this file
- */
-function initMenu(relPath,searchEnabled,serverSide,searchPage,search) {
-  function makeTree(data,relPath) {
-    var result='';
-    if ('children' in data) {
-      result+='<ul>';
-      for (var i in data.children) {
-        result+='<li><a href="'+relPath+data.children[i].url+'">'+
-                                data.children[i].text+'</a>'+
-                                makeTree(data.children[i],relPath)+'</li>';
-      }
-      result+='</ul>';
-    }
-    return result;
-  }
-
-  $('#main-nav').append(makeTree(menudata,relPath));
-  $('#main-nav').children(':first').addClass('sm sm-dox').attr('id','main-menu');
-  if (searchEnabled) {
-    if (serverSide) {
-      $('#main-menu').append('<li style="float:right"><div id="MSearchBox" class="MSearchBoxInactive"><div class="left"><form id="FSearchBox" action="'+relPath+searchPage+'" method="get"><img id="MSearchSelect" src="'+relPath+'search/mag.svg" alt=""/><input type="text" id="MSearchField" name="query" value="'+search+'" size="20" accesskey="S" onfocus="searchBox.OnSearchFieldFocus(true)" onblur="searchBox.OnSearchFieldFocus(false)"></form></div><div class="right"></div></div></li>');
-    } else {
-      $('#main-menu').append('<li style="float:right"><div id="MSearchBox" class="MSearchBoxInactive"><span class="left"><img id="MSearchSelect" src="'+relPath+'search/mag_sel.svg" onmouseover="return searchBox.OnSearchSelectShow()" onmouseout="return searchBox.OnSearchSelectHide()" alt=""/><input type="text" id="MSearchField" value="'+search+'" accesskey="S" onfocus="searchBox.OnSearchFieldFocus(true)" onblur="searchBox.OnSearchFieldFocus(false)" onkeyup="searchBox.OnSearchFieldChange(event)"/></span><span class="right"><a id="MSearchClose" href="javascript:searchBox.CloseResultsWindow()"><img id="MSearchCloseImg" border="0" src="'+relPath+'search/close.svg" alt=""/></a></span></div></li>');
-    }
-  }
-  $('#main-menu').smartmenus();
-}
-/* @license-end */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/menudata.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/menudata.js
deleted file mode 100644
index fa25d42..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/menudata.js
+++ /dev/null
@@ -1,33 +0,0 @@
-/*
- @licstart  The following is the entire license notice for the JavaScript code in this file.
-
- The MIT License (MIT)
-
- Copyright (C) 1997-2020 by Dimitri van Heesch
-
- Permission is hereby granted, free of charge, to any person obtaining a copy of this software
- and associated documentation files (the "Software"), to deal in the Software without restriction,
- including without limitation the rights to use, copy, modify, merge, publish, distribute,
- sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is
- furnished to do so, subject to the following conditions:
-
- The above copyright notice and this permission notice shall be included in all copies or
- substantial portions of the Software.
-
- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING
- BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
- DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
- @licend  The above is the entire license notice for the JavaScript code in this file
-*/
-var menudata={children:[
-{text:"Main Page",url:"index.html"},
-{text:"Modules",url:"modules.html"},
-{text:"Data Structures",url:"annotated.html",children:[
-{text:"Data Structures",url:"annotated.html"},
-{text:"Data Structure Index",url:"classes.html"},
-{text:"Data Fields",url:"functions.html",children:[
-{text:"All",url:"functions.html"},
-{text:"Variables",url:"functions_vars.html"}]}]}]}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/modules.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/modules.html
deleted file mode 100644
index b3fa1c0..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/modules.html
+++ /dev/null
@@ -1,81 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta http-equiv="X-UA-Compatible" content="IE=9"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<meta name="viewport" content="width=device-width, initial-scale=1"/>
-<title>TurboJPEG: Modules</title>
-<link href="tabs.css" rel="stylesheet" type="text/css"/>
-<script type="text/javascript" src="jquery.js"></script>
-<script type="text/javascript" src="dynsections.js"></script>
-<link href="search/search.css" rel="stylesheet" type="text/css"/>
-<script type="text/javascript" src="search/searchdata.js"></script>
-<script type="text/javascript" src="search/search.js"></script>
-<link href="doxygen.css" rel="stylesheet" type="text/css" />
-<link href="doxygen-extra.css" rel="stylesheet" type="text/css"/>
-</head>
-<body>
-<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
-<div id="titlearea">
-<table cellspacing="0" cellpadding="0">
- <tbody>
- <tr style="height: 56px;">
-  <td id="projectalign" style="padding-left: 0.5em;">
-   <div id="projectname">TurboJPEG
-   &#160;<span id="projectnumber">2.1</span>
-   </div>
-  </td>
- </tr>
- </tbody>
-</table>
-</div>
-<!-- end header part -->
-<!-- Generated by Doxygen 1.8.20 -->
-<script type="text/javascript">
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-var searchBox = new SearchBox("searchBox", "search",false,'Search');
-/* @license-end */
-</script>
-<script type="text/javascript" src="menudata.js"></script>
-<script type="text/javascript" src="menu.js"></script>
-<script type="text/javascript">
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-$(function() {
-  initMenu('',true,false,'search.php','Search');
-  $(document).ready(function() { init_search(); });
-});
-/* @license-end */</script>
-<div id="main-nav"></div>
-</div><!-- top -->
-<!-- window showing the filter options -->
-<div id="MSearchSelectWindow"
-     onmouseover="return searchBox.OnSearchSelectShow()"
-     onmouseout="return searchBox.OnSearchSelectHide()"
-     onkeydown="return searchBox.OnSearchSelectKey(event)">
-</div>
-
-<!-- iframe showing the search results (closed by default) -->
-<div id="MSearchResultsWindow">
-<iframe src="javascript:void(0)" frameborder="0" 
-        name="MSearchResults" id="MSearchResults">
-</iframe>
-</div>
-
-<div class="header">
-  <div class="headertitle">
-<div class="title">Modules</div>  </div>
-</div><!--header-->
-<div class="contents">
-<div class="textblock">Here is a list of all modules:</div><div class="directory">
-<table class="directory">
-<tr id="row_0_" class="even"><td class="entry"><span style="width:16px;display:inline-block;">&#160;</span><a class="el" href="group___turbo_j_p_e_g.html" target="_self">TurboJPEG</a></td><td class="desc">TurboJPEG API </td></tr>
-</table>
-</div><!-- directory -->
-</div><!-- contents -->
-<!-- start footer part -->
-<hr class="footer"/><address class="footer"><small>
-Generated by&#160;<a href="http://www.doxygen.org/index.html"><img class="footer" src="doxygen.svg" width="104" height="31" alt="doxygen"/></a> 1.8.20
-</small></address>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/nav_f.png b/3rdparty/libjpeg-turbo_2_1_0/doc/html/nav_f.png
deleted file mode 100644
index 72a58a5..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/doc/html/nav_f.png and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/nav_g.png b/3rdparty/libjpeg-turbo_2_1_0/doc/html/nav_g.png
deleted file mode 100644
index 2093a23..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/doc/html/nav_g.png and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/nav_h.png b/3rdparty/libjpeg-turbo_2_1_0/doc/html/nav_h.png
deleted file mode 100644
index 33389b1..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/doc/html/nav_h.png and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/open.png b/3rdparty/libjpeg-turbo_2_1_0/doc/html/open.png
deleted file mode 100644
index 30f75c7..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/doc/html/open.png and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_0.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_0.html
deleted file mode 100644
index a34319f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_0.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="all_0.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_0.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_0.js
deleted file mode 100644
index 54c7356..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_0.js
+++ /dev/null
@@ -1,4 +0,0 @@
-var searchData=
-[
-  ['customfilter_0',['customFilter',['../structtjtransform.html#afd7fc262df33f741e120ef4183202ef5',1,'tjtransform']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_1.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_1.html
deleted file mode 100644
index 51aff6f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_1.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="all_1.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_1.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_1.js
deleted file mode 100644
index 73ec5f5..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_1.js
+++ /dev/null
@@ -1,5 +0,0 @@
-var searchData=
-[
-  ['data_1',['data',['../structtjtransform.html#a688fe8f1a8ecc12a538d9e561cf338e3',1,'tjtransform']]],
-  ['denom_2',['denom',['../structtjscalingfactor.html#aefbcdf3e9e62274b2d312c695f133ce3',1,'tjscalingfactor']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_2.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_2.html
deleted file mode 100644
index 1f81f66..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_2.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="all_2.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_2.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_2.js
deleted file mode 100644
index 1c5615e..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_2.js
+++ /dev/null
@@ -1,4 +0,0 @@
-var searchData=
-[
-  ['h_3',['h',['../structtjregion.html#aecefc45a26f4d8b60dd4d825c1710115',1,'tjregion']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_3.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_3.html
deleted file mode 100644
index 2e31ab9..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_3.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="all_3.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_3.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_3.js
deleted file mode 100644
index 77d139a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_3.js
+++ /dev/null
@@ -1,4 +0,0 @@
-var searchData=
-[
-  ['num_4',['num',['../structtjscalingfactor.html#a9b011e57f981ee23083e2c1aa5e640ec',1,'tjscalingfactor']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_4.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_4.html
deleted file mode 100644
index 0540c16..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_4.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="all_4.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_4.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_4.js
deleted file mode 100644
index f976db4..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_4.js
+++ /dev/null
@@ -1,5 +0,0 @@
-var searchData=
-[
-  ['op_5',['op',['../structtjtransform.html#a2525aab4ba6978a1c273f74fef50e498',1,'tjtransform']]],
-  ['options_6',['options',['../structtjtransform.html#ac0e74655baa4402209a21e1ae481c8f6',1,'tjtransform']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_5.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_5.html
deleted file mode 100644
index ebec30b..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_5.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="all_5.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_5.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_5.js
deleted file mode 100644
index 193b900..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_5.js
+++ /dev/null
@@ -1,4 +0,0 @@
-var searchData=
-[
-  ['r_7',['r',['../structtjtransform.html#ac324e5e442abec8a961e5bf219db12cf',1,'tjtransform']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_6.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_6.html
deleted file mode 100644
index 31cbd05..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_6.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="all_6.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_6.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_6.js
deleted file mode 100644
index aa31107..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_6.js
+++ /dev/null
@@ -1,103 +0,0 @@
-var searchData=
-[
-  ['tj_5fnumcs_8',['TJ_NUMCS',['../group___turbo_j_p_e_g.html#ga39f57a6fb02d9cf32e7b6890099b5a71',1,'turbojpeg.h']]],
-  ['tj_5fnumerr_9',['TJ_NUMERR',['../group___turbo_j_p_e_g.html#ga79bde1b4a3e2351e00887e47781b966e',1,'turbojpeg.h']]],
-  ['tj_5fnumpf_10',['TJ_NUMPF',['../group___turbo_j_p_e_g.html#ga7010a4402f54a45ba822ad8675a4655e',1,'turbojpeg.h']]],
-  ['tj_5fnumsamp_11',['TJ_NUMSAMP',['../group___turbo_j_p_e_g.html#ga5ef3d169162ce77ce348e292a0b7477c',1,'turbojpeg.h']]],
-  ['tj_5fnumxop_12',['TJ_NUMXOP',['../group___turbo_j_p_e_g.html#ga0f6dbd18adf38b7d46ac547f0f4d562c',1,'turbojpeg.h']]],
-  ['tjalloc_13',['tjAlloc',['../group___turbo_j_p_e_g.html#gaec627dd4c5f30b7a775a7aea3bec5d83',1,'turbojpeg.h']]],
-  ['tjalphaoffset_14',['tjAlphaOffset',['../group___turbo_j_p_e_g.html#ga5af0ab065feefd526debf1e20c43e837',1,'turbojpeg.h']]],
-  ['tjblueoffset_15',['tjBlueOffset',['../group___turbo_j_p_e_g.html#ga84e2e35d3f08025f976ec1ec53693dea',1,'turbojpeg.h']]],
-  ['tjbufsize_16',['tjBufSize',['../group___turbo_j_p_e_g.html#ga67ac12fee79073242cb216e07c9f1f90',1,'turbojpeg.h']]],
-  ['tjbufsizeyuv2_17',['tjBufSizeYUV2',['../group___turbo_j_p_e_g.html#ga2be2b9969d4df9ecce9b05deed273194',1,'turbojpeg.h']]],
-  ['tjcompress2_18',['tjCompress2',['../group___turbo_j_p_e_g.html#gafbdce0112fd78fd38efae841443a9bcf',1,'turbojpeg.h']]],
-  ['tjcompressfromyuv_19',['tjCompressFromYUV',['../group___turbo_j_p_e_g.html#ga7622a459b79aa1007e005b58783f875b',1,'turbojpeg.h']]],
-  ['tjcompressfromyuvplanes_20',['tjCompressFromYUVPlanes',['../group___turbo_j_p_e_g.html#ga29ec5dfbd2d84b8724e951d6fa0d5d9e',1,'turbojpeg.h']]],
-  ['tjcs_21',['TJCS',['../group___turbo_j_p_e_g.html#ga4f83ad3368e0e29d1957be0efa7c3720',1,'turbojpeg.h']]],
-  ['tjcs_5fcmyk_22',['TJCS_CMYK',['../group___turbo_j_p_e_g.html#gga4f83ad3368e0e29d1957be0efa7c3720a6c8b636152ac8195b869587db315ee53',1,'turbojpeg.h']]],
-  ['tjcs_5fgray_23',['TJCS_GRAY',['../group___turbo_j_p_e_g.html#gga4f83ad3368e0e29d1957be0efa7c3720ab3e7d6a87f695e45b81c1b5262b5a50a',1,'turbojpeg.h']]],
-  ['tjcs_5frgb_24',['TJCS_RGB',['../group___turbo_j_p_e_g.html#gga4f83ad3368e0e29d1957be0efa7c3720a677cb7ccb85c4038ac41964a2e09e555',1,'turbojpeg.h']]],
-  ['tjcs_5fycbcr_25',['TJCS_YCbCr',['../group___turbo_j_p_e_g.html#gga4f83ad3368e0e29d1957be0efa7c3720a7389b8f65bb387ffedce3efd0d78ec75',1,'turbojpeg.h']]],
-  ['tjcs_5fycck_26',['TJCS_YCCK',['../group___turbo_j_p_e_g.html#gga4f83ad3368e0e29d1957be0efa7c3720a53839e0fe867b76b58d16b0a1a7c598e',1,'turbojpeg.h']]],
-  ['tjdecodeyuv_27',['tjDecodeYUV',['../group___turbo_j_p_e_g.html#ga70abbf38f77a26fd6da8813bef96f695',1,'turbojpeg.h']]],
-  ['tjdecodeyuvplanes_28',['tjDecodeYUVPlanes',['../group___turbo_j_p_e_g.html#ga10e837c07fa9d25770565b237d3898d9',1,'turbojpeg.h']]],
-  ['tjdecompress2_29',['tjDecompress2',['../group___turbo_j_p_e_g.html#gae9eccef8b682a48f43a9117c231ed013',1,'turbojpeg.h']]],
-  ['tjdecompressheader3_30',['tjDecompressHeader3',['../group___turbo_j_p_e_g.html#ga0595681096bba7199cc6f3533cb25f77',1,'turbojpeg.h']]],
-  ['tjdecompresstoyuv2_31',['tjDecompressToYUV2',['../group___turbo_j_p_e_g.html#ga04d1e839ff9a0860dd1475cff78d3364',1,'turbojpeg.h']]],
-  ['tjdecompresstoyuvplanes_32',['tjDecompressToYUVPlanes',['../group___turbo_j_p_e_g.html#gaa59f901a5258ada5bd0185ad59368540',1,'turbojpeg.h']]],
-  ['tjdestroy_33',['tjDestroy',['../group___turbo_j_p_e_g.html#ga75f355fa27225ba1a4ee392c852394d2',1,'turbojpeg.h']]],
-  ['tjencodeyuv3_34',['tjEncodeYUV3',['../group___turbo_j_p_e_g.html#gac519b922cdf446e97d0cdcba513636bf',1,'turbojpeg.h']]],
-  ['tjencodeyuvplanes_35',['tjEncodeYUVPlanes',['../group___turbo_j_p_e_g.html#gae2d04c72457fe7f4d60cf78ab1b1feb1',1,'turbojpeg.h']]],
-  ['tjerr_36',['TJERR',['../group___turbo_j_p_e_g.html#gafbc17cfa57d0d5d11fea35ac025950fe',1,'turbojpeg.h']]],
-  ['tjerr_5ffatal_37',['TJERR_FATAL',['../group___turbo_j_p_e_g.html#ggafbc17cfa57d0d5d11fea35ac025950feafc9cceeada13122b09e4851e3788039a',1,'turbojpeg.h']]],
-  ['tjerr_5fwarning_38',['TJERR_WARNING',['../group___turbo_j_p_e_g.html#ggafbc17cfa57d0d5d11fea35ac025950fea342dd6e2aedb47bb257b4e7568329b59',1,'turbojpeg.h']]],
-  ['tjflag_5faccuratedct_39',['TJFLAG_ACCURATEDCT',['../group___turbo_j_p_e_g.html#gacb233cfd722d66d1ccbf48a7de81f0e0',1,'turbojpeg.h']]],
-  ['tjflag_5fbottomup_40',['TJFLAG_BOTTOMUP',['../group___turbo_j_p_e_g.html#ga72ecf4ebe6eb702d3c6f5ca27455e1ec',1,'turbojpeg.h']]],
-  ['tjflag_5ffastdct_41',['TJFLAG_FASTDCT',['../group___turbo_j_p_e_g.html#gaabce235db80d3f698b27f36cbd453da2',1,'turbojpeg.h']]],
-  ['tjflag_5ffastupsample_42',['TJFLAG_FASTUPSAMPLE',['../group___turbo_j_p_e_g.html#ga4ee4506c81177a06f77e2504a22efd2d',1,'turbojpeg.h']]],
-  ['tjflag_5flimitscans_43',['TJFLAG_LIMITSCANS',['../group___turbo_j_p_e_g.html#ga163e6482dc5096831feef9c79ff3f805',1,'turbojpeg.h']]],
-  ['tjflag_5fnorealloc_44',['TJFLAG_NOREALLOC',['../group___turbo_j_p_e_g.html#ga8808d403c68b62aaa58a4c1e58e98963',1,'turbojpeg.h']]],
-  ['tjflag_5fprogressive_45',['TJFLAG_PROGRESSIVE',['../group___turbo_j_p_e_g.html#ga43b426750b46190a25d34a67ef76df1b',1,'turbojpeg.h']]],
-  ['tjflag_5fstoponwarning_46',['TJFLAG_STOPONWARNING',['../group___turbo_j_p_e_g.html#ga519cfa4ef6c18d9e5b455fdf59306a3a',1,'turbojpeg.h']]],
-  ['tjfree_47',['tjFree',['../group___turbo_j_p_e_g.html#gaea863d2da0cdb609563aabdf9196514b',1,'turbojpeg.h']]],
-  ['tjgeterrorcode_48',['tjGetErrorCode',['../group___turbo_j_p_e_g.html#ga414feeffbf860ebd31c745df203de410',1,'turbojpeg.h']]],
-  ['tjgeterrorstr2_49',['tjGetErrorStr2',['../group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa',1,'turbojpeg.h']]],
-  ['tjgetscalingfactors_50',['tjGetScalingFactors',['../group___turbo_j_p_e_g.html#gac3854476006b10787bd128f7ede48057',1,'turbojpeg.h']]],
-  ['tjgreenoffset_51',['tjGreenOffset',['../group___turbo_j_p_e_g.html#ga82d6e35da441112a411da41923c0ba2f',1,'turbojpeg.h']]],
-  ['tjhandle_52',['tjhandle',['../group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763',1,'turbojpeg.h']]],
-  ['tjinitcompress_53',['tjInitCompress',['../group___turbo_j_p_e_g.html#ga9d63a05fc6d813f4aae06107041a37e8',1,'turbojpeg.h']]],
-  ['tjinitdecompress_54',['tjInitDecompress',['../group___turbo_j_p_e_g.html#ga52300eac3f3d9ef4bab303bc244f62d3',1,'turbojpeg.h']]],
-  ['tjinittransform_55',['tjInitTransform',['../group___turbo_j_p_e_g.html#ga928beff6ac248ceadf01089fc6b41957',1,'turbojpeg.h']]],
-  ['tjloadimage_56',['tjLoadImage',['../group___turbo_j_p_e_g.html#gaffbd83c375e79f5db4b5c5d8ad4466e7',1,'turbojpeg.h']]],
-  ['tjmcuheight_57',['tjMCUHeight',['../group___turbo_j_p_e_g.html#gabd247bb9fecb393eca57366feb8327bf',1,'turbojpeg.h']]],
-  ['tjmcuwidth_58',['tjMCUWidth',['../group___turbo_j_p_e_g.html#ga9e61e7cd47a15a173283ba94e781308c',1,'turbojpeg.h']]],
-  ['tjpad_59',['TJPAD',['../group___turbo_j_p_e_g.html#ga0aba955473315e405295d978f0c16511',1,'turbojpeg.h']]],
-  ['tjpf_60',['TJPF',['../group___turbo_j_p_e_g.html#gac916144e26c3817ac514e64ae5d12e2a',1,'turbojpeg.h']]],
-  ['tjpf_5fabgr_61',['TJPF_ABGR',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa1ba1a7f1631dbeaa49a0a85fc4a40081',1,'turbojpeg.h']]],
-  ['tjpf_5fargb_62',['TJPF_ARGB',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aae8f846ed9d9de99b6e1dfe448848765c',1,'turbojpeg.h']]],
-  ['tjpf_5fbgr_63',['TJPF_BGR',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aab10624437fb8ef495a0b153e65749839',1,'turbojpeg.h']]],
-  ['tjpf_5fbgra_64',['TJPF_BGRA',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aac037ff1845cf9b74bb81a3659c2b9fb4',1,'turbojpeg.h']]],
-  ['tjpf_5fbgrx_65',['TJPF_BGRX',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa2a1fbf569ca79897eae886e3376ca4c8',1,'turbojpeg.h']]],
-  ['tjpf_5fcmyk_66',['TJPF_CMYK',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa7f5100ec44c91994e243f1cf55553f8b',1,'turbojpeg.h']]],
-  ['tjpf_5fgray_67',['TJPF_GRAY',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa5431b54b015337705f13118073711a1a',1,'turbojpeg.h']]],
-  ['tjpf_5frgb_68',['TJPF_RGB',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa7ce93230bff449518ce387c17e6ed37c',1,'turbojpeg.h']]],
-  ['tjpf_5frgba_69',['TJPF_RGBA',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa88d2e88fab67f6503cf972e14851cc12',1,'turbojpeg.h']]],
-  ['tjpf_5frgbx_70',['TJPF_RGBX',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa83973bebb7e2dc6fa8bae89ff3f42e01',1,'turbojpeg.h']]],
-  ['tjpf_5funknown_71',['TJPF_UNKNOWN',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa84c1a6cead7952998e2fb895844a21ed',1,'turbojpeg.h']]],
-  ['tjpf_5fxbgr_72',['TJPF_XBGR',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aaf6603b27147de47e212e75dac027b2af',1,'turbojpeg.h']]],
-  ['tjpf_5fxrgb_73',['TJPF_XRGB',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aadae996905efcfa3b42a0bb3bea7f9d84',1,'turbojpeg.h']]],
-  ['tjpixelsize_74',['tjPixelSize',['../group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c',1,'turbojpeg.h']]],
-  ['tjplaneheight_75',['tjPlaneHeight',['../group___turbo_j_p_e_g.html#ga1a209696c6a80748f20e134b3c64789f',1,'turbojpeg.h']]],
-  ['tjplanesizeyuv_76',['tjPlaneSizeYUV',['../group___turbo_j_p_e_g.html#gab4ab7b24f6e797d79abaaa670373961d',1,'turbojpeg.h']]],
-  ['tjplanewidth_77',['tjPlaneWidth',['../group___turbo_j_p_e_g.html#ga63fb66bb1e36c74008c4634360becbb1',1,'turbojpeg.h']]],
-  ['tjredoffset_78',['tjRedOffset',['../group___turbo_j_p_e_g.html#gadd9b446742ac8a3923f7992c7988fea8',1,'turbojpeg.h']]],
-  ['tjregion_79',['tjregion',['../structtjregion.html',1,'']]],
-  ['tjsamp_80',['TJSAMP',['../group___turbo_j_p_e_g.html#ga1d047060ea80bb9820d540bb928e9074',1,'turbojpeg.h']]],
-  ['tjsamp_5f411_81',['TJSAMP_411',['../group___turbo_j_p_e_g.html#gga1d047060ea80bb9820d540bb928e9074a28ec62575e5ea295c3fde3001dc628e2',1,'turbojpeg.h']]],
-  ['tjsamp_5f420_82',['TJSAMP_420',['../group___turbo_j_p_e_g.html#gga1d047060ea80bb9820d540bb928e9074a63085dbf683cfe39e513cdb6343e3737',1,'turbojpeg.h']]],
-  ['tjsamp_5f422_83',['TJSAMP_422',['../group___turbo_j_p_e_g.html#gga1d047060ea80bb9820d540bb928e9074a136130902cc578f11f32429b59368404',1,'turbojpeg.h']]],
-  ['tjsamp_5f440_84',['TJSAMP_440',['../group___turbo_j_p_e_g.html#gga1d047060ea80bb9820d540bb928e9074accf740e6f3aa6ba20ba922cad13cb974',1,'turbojpeg.h']]],
-  ['tjsamp_5f444_85',['TJSAMP_444',['../group___turbo_j_p_e_g.html#gga1d047060ea80bb9820d540bb928e9074afb8da4f44197837bdec0a4f593dacae3',1,'turbojpeg.h']]],
-  ['tjsamp_5fgray_86',['TJSAMP_GRAY',['../group___turbo_j_p_e_g.html#gga1d047060ea80bb9820d540bb928e9074a3f1c9504842ddc7a48d0f690754b6248',1,'turbojpeg.h']]],
-  ['tjsaveimage_87',['tjSaveImage',['../group___turbo_j_p_e_g.html#ga6f445b22d8933ae4815b3370a538d879',1,'turbojpeg.h']]],
-  ['tjscaled_88',['TJSCALED',['../group___turbo_j_p_e_g.html#ga84878bb65404204743aa18cac02781df',1,'turbojpeg.h']]],
-  ['tjscalingfactor_89',['tjscalingfactor',['../structtjscalingfactor.html',1,'']]],
-  ['tjtransform_90',['tjtransform',['../structtjtransform.html',1,'tjtransform'],['../group___turbo_j_p_e_g.html#ga504805ec0161f1b505397ca0118bf8fd',1,'tjtransform():&#160;turbojpeg.h'],['../group___turbo_j_p_e_g.html#ga9cb8abf4cc91881e04a0329b2270be25',1,'tjTransform(tjhandle handle, const unsigned char *jpegBuf, unsigned long jpegSize, int n, unsigned char **dstBufs, unsigned long *dstSizes, tjtransform *transforms, int flags):&#160;turbojpeg.h']]],
-  ['tjxop_91',['TJXOP',['../group___turbo_j_p_e_g.html#ga2de531af4e7e6c4f124908376b354866',1,'turbojpeg.h']]],
-  ['tjxop_5fhflip_92',['TJXOP_HFLIP',['../group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866aa0df69776caa30f0fa28e26332d311ce',1,'turbojpeg.h']]],
-  ['tjxop_5fnone_93',['TJXOP_NONE',['../group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866aad88c0366cd3f7d0eac9d7a3fa1c2c27',1,'turbojpeg.h']]],
-  ['tjxop_5frot180_94',['TJXOP_ROT180',['../group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866a140952eb8dd0300accfcc22726d69692',1,'turbojpeg.h']]],
-  ['tjxop_5frot270_95',['TJXOP_ROT270',['../group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866a3064ee5dfb7f032df332818587567a08',1,'turbojpeg.h']]],
-  ['tjxop_5frot90_96',['TJXOP_ROT90',['../group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866a43b2bbb23bc4bd548422d43fbe9af128',1,'turbojpeg.h']]],
-  ['tjxop_5ftranspose_97',['TJXOP_TRANSPOSE',['../group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866a31060aed199f886afdd417f80499c32d',1,'turbojpeg.h']]],
-  ['tjxop_5ftransverse_98',['TJXOP_TRANSVERSE',['../group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866af3b14d488aea6ece9e5b3df73a74d6a4',1,'turbojpeg.h']]],
-  ['tjxop_5fvflip_99',['TJXOP_VFLIP',['../group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866a324eddfbec53b7e691f61e56929d0d5d',1,'turbojpeg.h']]],
-  ['tjxopt_5fcopynone_100',['TJXOPT_COPYNONE',['../group___turbo_j_p_e_g.html#ga153b468cfb905d0de61706c838986fe8',1,'turbojpeg.h']]],
-  ['tjxopt_5fcrop_101',['TJXOPT_CROP',['../group___turbo_j_p_e_g.html#ga9c771a757fc1294add611906b89ab2d2',1,'turbojpeg.h']]],
-  ['tjxopt_5fgray_102',['TJXOPT_GRAY',['../group___turbo_j_p_e_g.html#ga3acee7b48ade1b99e5588736007c2589',1,'turbojpeg.h']]],
-  ['tjxopt_5fnooutput_103',['TJXOPT_NOOUTPUT',['../group___turbo_j_p_e_g.html#gafbf992bbf6e006705886333703ffab31',1,'turbojpeg.h']]],
-  ['tjxopt_5fperfect_104',['TJXOPT_PERFECT',['../group___turbo_j_p_e_g.html#ga50e03cb5ed115330e212417429600b00',1,'turbojpeg.h']]],
-  ['tjxopt_5fprogressive_105',['TJXOPT_PROGRESSIVE',['../group___turbo_j_p_e_g.html#gad2371c80674584ecc1a7d75e564cf026',1,'turbojpeg.h']]],
-  ['tjxopt_5ftrim_106',['TJXOPT_TRIM',['../group___turbo_j_p_e_g.html#ga319826b7eb1583c0595bbe7b95428709',1,'turbojpeg.h']]],
-  ['turbojpeg_107',['TurboJPEG',['../group___turbo_j_p_e_g.html',1,'']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_7.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_7.html
deleted file mode 100644
index 18c555d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_7.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="all_7.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_7.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_7.js
deleted file mode 100644
index 46e4994..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_7.js
+++ /dev/null
@@ -1,4 +0,0 @@
-var searchData=
-[
-  ['w_108',['w',['../structtjregion.html#ab6eb73ceef584fc23c8c8097926dce42',1,'tjregion']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_8.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_8.html
deleted file mode 100644
index 0f9eb41..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_8.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="all_8.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_8.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_8.js
deleted file mode 100644
index 157ee98..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_8.js
+++ /dev/null
@@ -1,4 +0,0 @@
-var searchData=
-[
-  ['x_109',['x',['../structtjregion.html#a4b6a37a93997091b26a75831fa291ad9',1,'tjregion']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_9.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_9.html
deleted file mode 100644
index d27c0f7..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_9.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="all_9.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_9.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_9.js
deleted file mode 100644
index 80ac522..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/all_9.js
+++ /dev/null
@@ -1,4 +0,0 @@
-var searchData=
-[
-  ['y_110',['y',['../structtjregion.html#a7b3e0c24cfe87acc80e334cafdcf22c2',1,'tjregion']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/classes_0.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/classes_0.html
deleted file mode 100644
index 7e0afc8..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/classes_0.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="classes_0.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/classes_0.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/classes_0.js
deleted file mode 100644
index ed057f2..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/classes_0.js
+++ /dev/null
@@ -1,6 +0,0 @@
-var searchData=
-[
-  ['tjregion_111',['tjregion',['../structtjregion.html',1,'']]],
-  ['tjscalingfactor_112',['tjscalingfactor',['../structtjscalingfactor.html',1,'']]],
-  ['tjtransform_113',['tjtransform',['../structtjtransform.html',1,'']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/close.svg b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/close.svg
deleted file mode 100644
index a933eea..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/close.svg
+++ /dev/null
@@ -1,31 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<svg
-   xmlns:dc="http://purl.org/dc/elements/1.1/"
-   xmlns:cc="http://creativecommons.org/ns#"
-   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
-   xmlns:svg="http://www.w3.org/2000/svg"
-   xmlns="http://www.w3.org/2000/svg"
-   viewBox="0 0 11 11"
-   height="11"
-   width="11"
-   id="svg2"
-   version="1.1">
-  <metadata
-     id="metadata8">
-    <rdf:RDF>
-      <cc:Work
-         rdf:about="">
-        <dc:format>image/svg+xml</dc:format>
-        <dc:type
-           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
-        <dc:title></dc:title>
-      </cc:Work>
-    </rdf:RDF>
-  </metadata>
-  <defs
-     id="defs6" />
-  <path
-     id="path12"
-     d="M 5.5 0.5 A 5 5 0 0 0 0.5 5.5 A 5 5 0 0 0 5.5 10.5 A 5 5 0 0 0 10.5 5.5 A 5 5 0 0 0 5.5 0.5 z M 3.5820312 3 A 0.58291923 0.58291923 0 0 1 4 3.1757812 L 5.5 4.6757812 L 7 3.1757812 A 0.58291923 0.58291923 0 0 1 7.4003906 3 A 0.58291923 0.58291923 0 0 1 7.8242188 4 L 6.3242188 5.5 L 7.8242188 7 A 0.58291923 0.58291923 0 1 1 7 7.8242188 L 5.5 6.3242188 L 4 7.8242188 A 0.58291923 0.58291923 0 1 1 3.1757812 7 L 4.6757812 5.5 L 3.1757812 4 A 0.58291923 0.58291923 0 0 1 3.5820312 3 z "
-     style="stroke-width:1.09870648;fill:#bababa;fill-opacity:1" />
-</svg>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/enums_0.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/enums_0.html
deleted file mode 100644
index 9035e6a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/enums_0.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="enums_0.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/enums_0.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/enums_0.js
deleted file mode 100644
index 0e15c9a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/enums_0.js
+++ /dev/null
@@ -1,8 +0,0 @@
-var searchData=
-[
-  ['tjcs_162',['TJCS',['../group___turbo_j_p_e_g.html#ga4f83ad3368e0e29d1957be0efa7c3720',1,'turbojpeg.h']]],
-  ['tjerr_163',['TJERR',['../group___turbo_j_p_e_g.html#gafbc17cfa57d0d5d11fea35ac025950fe',1,'turbojpeg.h']]],
-  ['tjpf_164',['TJPF',['../group___turbo_j_p_e_g.html#gac916144e26c3817ac514e64ae5d12e2a',1,'turbojpeg.h']]],
-  ['tjsamp_165',['TJSAMP',['../group___turbo_j_p_e_g.html#ga1d047060ea80bb9820d540bb928e9074',1,'turbojpeg.h']]],
-  ['tjxop_166',['TJXOP',['../group___turbo_j_p_e_g.html#ga2de531af4e7e6c4f124908376b354866',1,'turbojpeg.h']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/enumvalues_0.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/enumvalues_0.html
deleted file mode 100644
index c2cd472..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/enumvalues_0.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="enumvalues_0.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/enumvalues_0.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/enumvalues_0.js
deleted file mode 100644
index 67c78fe..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/enumvalues_0.js
+++ /dev/null
@@ -1,37 +0,0 @@
-var searchData=
-[
-  ['tjcs_5fcmyk_167',['TJCS_CMYK',['../group___turbo_j_p_e_g.html#gga4f83ad3368e0e29d1957be0efa7c3720a6c8b636152ac8195b869587db315ee53',1,'turbojpeg.h']]],
-  ['tjcs_5fgray_168',['TJCS_GRAY',['../group___turbo_j_p_e_g.html#gga4f83ad3368e0e29d1957be0efa7c3720ab3e7d6a87f695e45b81c1b5262b5a50a',1,'turbojpeg.h']]],
-  ['tjcs_5frgb_169',['TJCS_RGB',['../group___turbo_j_p_e_g.html#gga4f83ad3368e0e29d1957be0efa7c3720a677cb7ccb85c4038ac41964a2e09e555',1,'turbojpeg.h']]],
-  ['tjcs_5fycbcr_170',['TJCS_YCbCr',['../group___turbo_j_p_e_g.html#gga4f83ad3368e0e29d1957be0efa7c3720a7389b8f65bb387ffedce3efd0d78ec75',1,'turbojpeg.h']]],
-  ['tjcs_5fycck_171',['TJCS_YCCK',['../group___turbo_j_p_e_g.html#gga4f83ad3368e0e29d1957be0efa7c3720a53839e0fe867b76b58d16b0a1a7c598e',1,'turbojpeg.h']]],
-  ['tjerr_5ffatal_172',['TJERR_FATAL',['../group___turbo_j_p_e_g.html#ggafbc17cfa57d0d5d11fea35ac025950feafc9cceeada13122b09e4851e3788039a',1,'turbojpeg.h']]],
-  ['tjerr_5fwarning_173',['TJERR_WARNING',['../group___turbo_j_p_e_g.html#ggafbc17cfa57d0d5d11fea35ac025950fea342dd6e2aedb47bb257b4e7568329b59',1,'turbojpeg.h']]],
-  ['tjpf_5fabgr_174',['TJPF_ABGR',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa1ba1a7f1631dbeaa49a0a85fc4a40081',1,'turbojpeg.h']]],
-  ['tjpf_5fargb_175',['TJPF_ARGB',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aae8f846ed9d9de99b6e1dfe448848765c',1,'turbojpeg.h']]],
-  ['tjpf_5fbgr_176',['TJPF_BGR',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aab10624437fb8ef495a0b153e65749839',1,'turbojpeg.h']]],
-  ['tjpf_5fbgra_177',['TJPF_BGRA',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aac037ff1845cf9b74bb81a3659c2b9fb4',1,'turbojpeg.h']]],
-  ['tjpf_5fbgrx_178',['TJPF_BGRX',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa2a1fbf569ca79897eae886e3376ca4c8',1,'turbojpeg.h']]],
-  ['tjpf_5fcmyk_179',['TJPF_CMYK',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa7f5100ec44c91994e243f1cf55553f8b',1,'turbojpeg.h']]],
-  ['tjpf_5fgray_180',['TJPF_GRAY',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa5431b54b015337705f13118073711a1a',1,'turbojpeg.h']]],
-  ['tjpf_5frgb_181',['TJPF_RGB',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa7ce93230bff449518ce387c17e6ed37c',1,'turbojpeg.h']]],
-  ['tjpf_5frgba_182',['TJPF_RGBA',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa88d2e88fab67f6503cf972e14851cc12',1,'turbojpeg.h']]],
-  ['tjpf_5frgbx_183',['TJPF_RGBX',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa83973bebb7e2dc6fa8bae89ff3f42e01',1,'turbojpeg.h']]],
-  ['tjpf_5funknown_184',['TJPF_UNKNOWN',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aa84c1a6cead7952998e2fb895844a21ed',1,'turbojpeg.h']]],
-  ['tjpf_5fxbgr_185',['TJPF_XBGR',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aaf6603b27147de47e212e75dac027b2af',1,'turbojpeg.h']]],
-  ['tjpf_5fxrgb_186',['TJPF_XRGB',['../group___turbo_j_p_e_g.html#ggac916144e26c3817ac514e64ae5d12e2aadae996905efcfa3b42a0bb3bea7f9d84',1,'turbojpeg.h']]],
-  ['tjsamp_5f411_187',['TJSAMP_411',['../group___turbo_j_p_e_g.html#gga1d047060ea80bb9820d540bb928e9074a28ec62575e5ea295c3fde3001dc628e2',1,'turbojpeg.h']]],
-  ['tjsamp_5f420_188',['TJSAMP_420',['../group___turbo_j_p_e_g.html#gga1d047060ea80bb9820d540bb928e9074a63085dbf683cfe39e513cdb6343e3737',1,'turbojpeg.h']]],
-  ['tjsamp_5f422_189',['TJSAMP_422',['../group___turbo_j_p_e_g.html#gga1d047060ea80bb9820d540bb928e9074a136130902cc578f11f32429b59368404',1,'turbojpeg.h']]],
-  ['tjsamp_5f440_190',['TJSAMP_440',['../group___turbo_j_p_e_g.html#gga1d047060ea80bb9820d540bb928e9074accf740e6f3aa6ba20ba922cad13cb974',1,'turbojpeg.h']]],
-  ['tjsamp_5f444_191',['TJSAMP_444',['../group___turbo_j_p_e_g.html#gga1d047060ea80bb9820d540bb928e9074afb8da4f44197837bdec0a4f593dacae3',1,'turbojpeg.h']]],
-  ['tjsamp_5fgray_192',['TJSAMP_GRAY',['../group___turbo_j_p_e_g.html#gga1d047060ea80bb9820d540bb928e9074a3f1c9504842ddc7a48d0f690754b6248',1,'turbojpeg.h']]],
-  ['tjxop_5fhflip_193',['TJXOP_HFLIP',['../group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866aa0df69776caa30f0fa28e26332d311ce',1,'turbojpeg.h']]],
-  ['tjxop_5fnone_194',['TJXOP_NONE',['../group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866aad88c0366cd3f7d0eac9d7a3fa1c2c27',1,'turbojpeg.h']]],
-  ['tjxop_5frot180_195',['TJXOP_ROT180',['../group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866a140952eb8dd0300accfcc22726d69692',1,'turbojpeg.h']]],
-  ['tjxop_5frot270_196',['TJXOP_ROT270',['../group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866a3064ee5dfb7f032df332818587567a08',1,'turbojpeg.h']]],
-  ['tjxop_5frot90_197',['TJXOP_ROT90',['../group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866a43b2bbb23bc4bd548422d43fbe9af128',1,'turbojpeg.h']]],
-  ['tjxop_5ftranspose_198',['TJXOP_TRANSPOSE',['../group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866a31060aed199f886afdd417f80499c32d',1,'turbojpeg.h']]],
-  ['tjxop_5ftransverse_199',['TJXOP_TRANSVERSE',['../group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866af3b14d488aea6ece9e5b3df73a74d6a4',1,'turbojpeg.h']]],
-  ['tjxop_5fvflip_200',['TJXOP_VFLIP',['../group___turbo_j_p_e_g.html#gga2de531af4e7e6c4f124908376b354866a324eddfbec53b7e691f61e56929d0d5d',1,'turbojpeg.h']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/functions_0.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/functions_0.html
deleted file mode 100644
index f04535a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/functions_0.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="functions_0.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/functions_0.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/functions_0.js
deleted file mode 100644
index 4a9ea5b..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/functions_0.js
+++ /dev/null
@@ -1,31 +0,0 @@
-var searchData=
-[
-  ['tjalloc_114',['tjAlloc',['../group___turbo_j_p_e_g.html#gaec627dd4c5f30b7a775a7aea3bec5d83',1,'turbojpeg.h']]],
-  ['tjbufsize_115',['tjBufSize',['../group___turbo_j_p_e_g.html#ga67ac12fee79073242cb216e07c9f1f90',1,'turbojpeg.h']]],
-  ['tjbufsizeyuv2_116',['tjBufSizeYUV2',['../group___turbo_j_p_e_g.html#ga2be2b9969d4df9ecce9b05deed273194',1,'turbojpeg.h']]],
-  ['tjcompress2_117',['tjCompress2',['../group___turbo_j_p_e_g.html#gafbdce0112fd78fd38efae841443a9bcf',1,'turbojpeg.h']]],
-  ['tjcompressfromyuv_118',['tjCompressFromYUV',['../group___turbo_j_p_e_g.html#ga7622a459b79aa1007e005b58783f875b',1,'turbojpeg.h']]],
-  ['tjcompressfromyuvplanes_119',['tjCompressFromYUVPlanes',['../group___turbo_j_p_e_g.html#ga29ec5dfbd2d84b8724e951d6fa0d5d9e',1,'turbojpeg.h']]],
-  ['tjdecodeyuv_120',['tjDecodeYUV',['../group___turbo_j_p_e_g.html#ga70abbf38f77a26fd6da8813bef96f695',1,'turbojpeg.h']]],
-  ['tjdecodeyuvplanes_121',['tjDecodeYUVPlanes',['../group___turbo_j_p_e_g.html#ga10e837c07fa9d25770565b237d3898d9',1,'turbojpeg.h']]],
-  ['tjdecompress2_122',['tjDecompress2',['../group___turbo_j_p_e_g.html#gae9eccef8b682a48f43a9117c231ed013',1,'turbojpeg.h']]],
-  ['tjdecompressheader3_123',['tjDecompressHeader3',['../group___turbo_j_p_e_g.html#ga0595681096bba7199cc6f3533cb25f77',1,'turbojpeg.h']]],
-  ['tjdecompresstoyuv2_124',['tjDecompressToYUV2',['../group___turbo_j_p_e_g.html#ga04d1e839ff9a0860dd1475cff78d3364',1,'turbojpeg.h']]],
-  ['tjdecompresstoyuvplanes_125',['tjDecompressToYUVPlanes',['../group___turbo_j_p_e_g.html#gaa59f901a5258ada5bd0185ad59368540',1,'turbojpeg.h']]],
-  ['tjdestroy_126',['tjDestroy',['../group___turbo_j_p_e_g.html#ga75f355fa27225ba1a4ee392c852394d2',1,'turbojpeg.h']]],
-  ['tjencodeyuv3_127',['tjEncodeYUV3',['../group___turbo_j_p_e_g.html#gac519b922cdf446e97d0cdcba513636bf',1,'turbojpeg.h']]],
-  ['tjencodeyuvplanes_128',['tjEncodeYUVPlanes',['../group___turbo_j_p_e_g.html#gae2d04c72457fe7f4d60cf78ab1b1feb1',1,'turbojpeg.h']]],
-  ['tjfree_129',['tjFree',['../group___turbo_j_p_e_g.html#gaea863d2da0cdb609563aabdf9196514b',1,'turbojpeg.h']]],
-  ['tjgeterrorcode_130',['tjGetErrorCode',['../group___turbo_j_p_e_g.html#ga414feeffbf860ebd31c745df203de410',1,'turbojpeg.h']]],
-  ['tjgeterrorstr2_131',['tjGetErrorStr2',['../group___turbo_j_p_e_g.html#ga1ead8574f9f39fbafc6b497124e7aafa',1,'turbojpeg.h']]],
-  ['tjgetscalingfactors_132',['tjGetScalingFactors',['../group___turbo_j_p_e_g.html#gac3854476006b10787bd128f7ede48057',1,'turbojpeg.h']]],
-  ['tjinitcompress_133',['tjInitCompress',['../group___turbo_j_p_e_g.html#ga9d63a05fc6d813f4aae06107041a37e8',1,'turbojpeg.h']]],
-  ['tjinitdecompress_134',['tjInitDecompress',['../group___turbo_j_p_e_g.html#ga52300eac3f3d9ef4bab303bc244f62d3',1,'turbojpeg.h']]],
-  ['tjinittransform_135',['tjInitTransform',['../group___turbo_j_p_e_g.html#ga928beff6ac248ceadf01089fc6b41957',1,'turbojpeg.h']]],
-  ['tjloadimage_136',['tjLoadImage',['../group___turbo_j_p_e_g.html#gaffbd83c375e79f5db4b5c5d8ad4466e7',1,'turbojpeg.h']]],
-  ['tjplaneheight_137',['tjPlaneHeight',['../group___turbo_j_p_e_g.html#ga1a209696c6a80748f20e134b3c64789f',1,'turbojpeg.h']]],
-  ['tjplanesizeyuv_138',['tjPlaneSizeYUV',['../group___turbo_j_p_e_g.html#gab4ab7b24f6e797d79abaaa670373961d',1,'turbojpeg.h']]],
-  ['tjplanewidth_139',['tjPlaneWidth',['../group___turbo_j_p_e_g.html#ga63fb66bb1e36c74008c4634360becbb1',1,'turbojpeg.h']]],
-  ['tjsaveimage_140',['tjSaveImage',['../group___turbo_j_p_e_g.html#ga6f445b22d8933ae4815b3370a538d879',1,'turbojpeg.h']]],
-  ['tjtransform_141',['tjTransform',['../group___turbo_j_p_e_g.html#ga9cb8abf4cc91881e04a0329b2270be25',1,'turbojpeg.h']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/groups_0.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/groups_0.html
deleted file mode 100644
index 5c10318..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/groups_0.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="groups_0.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/groups_0.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/groups_0.js
deleted file mode 100644
index b4e000d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/groups_0.js
+++ /dev/null
@@ -1,4 +0,0 @@
-var searchData=
-[
-  ['turbojpeg_201',['TurboJPEG',['../group___turbo_j_p_e_g.html',1,'']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/mag_sel.svg b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/mag_sel.svg
deleted file mode 100644
index 03626f6..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/mag_sel.svg
+++ /dev/null
@@ -1,74 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!-- Created with Inkscape (http://www.inkscape.org/) -->
-
-<svg
-   xmlns:dc="http://purl.org/dc/elements/1.1/"
-   xmlns:cc="http://creativecommons.org/ns#"
-   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
-   xmlns:svg="http://www.w3.org/2000/svg"
-   xmlns="http://www.w3.org/2000/svg"
-   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
-   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
-   version="1.1"
-   id="svg2"
-   width="20"
-   height="19"
-   viewBox="0 0 20 19"
-   sodipodi:docname="mag_sel.svg"
-   inkscape:version="0.92.5 (2060ec1f9f, 2020-04-08)">
-  <metadata
-     id="metadata8">
-    <rdf:RDF>
-      <cc:Work
-         rdf:about="">
-        <dc:format>image/svg+xml</dc:format>
-        <dc:type
-           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
-        <dc:title></dc:title>
-      </cc:Work>
-    </rdf:RDF>
-  </metadata>
-  <defs
-     id="defs6" />
-  <sodipodi:namedview
-     pagecolor="#ffffff"
-     bordercolor="#666666"
-     borderopacity="1"
-     objecttolerance="10"
-     gridtolerance="10"
-     guidetolerance="10"
-     inkscape:pageopacity="0"
-     inkscape:pageshadow="2"
-     inkscape:window-width="1920"
-     inkscape:window-height="2096"
-     id="namedview4"
-     showgrid="false"
-     fit-margin-top="0"
-     fit-margin-left="0"
-     fit-margin-right="0"
-     fit-margin-bottom="0"
-     inkscape:zoom="32"
-     inkscape:cx="5.9792688"
-     inkscape:cy="1.1436277"
-     inkscape:window-x="1920"
-     inkscape:window-y="27"
-     inkscape:window-maximized="0"
-     inkscape:current-layer="svg2" />
-  <circle
-     style="fill:#000000;fill-opacity:0;stroke:#656565;stroke-width:1.4;stroke-opacity:1;stroke-miterlimit:4;stroke-dasharray:none"
-     id="path4611"
-     cx="5.5"
-     cy="8.5"
-     r="3.5" />
-  <path
-     style="fill:#656565;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
-     d="M 11,7 13.5,10 16,7 Z"
-     id="path4609"
-     inkscape:connector-curvature="0"
-     sodipodi:nodetypes="cccc" />
-  <path
-     style="fill:none;stroke:#656565;stroke-width:1.4;stroke-linecap:round;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-     d="m 8.1085854,11.109059 2.7823556,2.782356"
-     id="path4630"
-     inkscape:connector-curvature="0" />
-</svg>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/nomatches.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/nomatches.html
deleted file mode 100644
index 4377320..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/nomatches.html
+++ /dev/null
@@ -1,12 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="NoMatches">No Matches</div>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/search.css b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/search.css
deleted file mode 100644
index 933cf08..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/search.css
+++ /dev/null
@@ -1,255 +0,0 @@
-/*---------------- Search Box */
-
-#MSearchBox {
-    white-space : nowrap;
-    background: white;
-    border-radius: 0.65em;
-    box-shadow: inset 0.5px 0.5px 3px 0px #555;
-    z-index: 102;
-}
-
-#MSearchBox .left {
-    display: inline-block;
-    vertical-align: middle;
-    height: 1.4em;
-}
-
-#MSearchSelect {
-    display: inline-block;
-    vertical-align: middle;
-    height: 1.4em;
-    padding: 0 0 0 0.3em;
-    margin: 0;
-}
-
-#MSearchField {
-    display: inline-block;
-    vertical-align: middle;
-    width: 7.5em;
-    height: 1.1em;
-    margin: 0 0.15em;
-    padding: 0;
-    line-height: 1em;
-    border:none;
-    color: #909090;
-    outline: none;
-    font-family: Arial, Verdana, sans-serif;
-    -webkit-border-radius: 0px;
-    border-radius: 0px;
-    background: none;
-}
-
-
-#MSearchBox .right {
-    display: inline-block;
-    vertical-align: middle;
-    width: 1.4em;
-    height: 1.4em;
-}
-
-#MSearchClose {
-    display: none;
-    font-size: inherit;
-    background : none;
-    border: none;
-    margin: 0;
-    padding: 0;
-    outline: none;
-
-}
-
-#MSearchCloseImg {
-    height: 1.4em;
-    padding: 0.3em;
-    margin: 0;
-}
-
-.MSearchBoxActive #MSearchField {
-    color: #000000;
-}
-
-#main-menu > li:last-child {
-    /* This <li> object is the parent of the search bar */
-    display: flex;
-    justify-content: center;
-    align-items: center;
-    height: 36px;
-    margin-right: 1em;
-}
-
-/*---------------- Search filter selection */
-
-#MSearchSelectWindow {
-    display: none;
-    position: absolute;
-    left: 0; top: 0;
-    border: 1px solid #90A5CE;
-    background-color: #F9FAFC;
-    z-index: 10001;
-    padding-top: 4px;
-    padding-bottom: 4px;
-    -moz-border-radius: 4px;
-    -webkit-border-top-left-radius: 4px;
-    -webkit-border-top-right-radius: 4px;
-    -webkit-border-bottom-left-radius: 4px;
-    -webkit-border-bottom-right-radius: 4px;
-    -webkit-box-shadow: 5px 5px 5px rgba(0, 0, 0, 0.15);
-}
-
-.SelectItem {
-    font: 8pt Arial, Verdana, sans-serif;
-    padding-left:  2px;
-    padding-right: 12px;
-    border: 0px;
-}
-
-span.SelectionMark {
-    margin-right: 4px;
-    font-family: monospace;
-    outline-style: none;
-    text-decoration: none;
-}
-
-a.SelectItem {
-    display: block;
-    outline-style: none;
-    color: #000000; 
-    text-decoration: none;
-    padding-left:   6px;
-    padding-right: 12px;
-}
-
-a.SelectItem:focus,
-a.SelectItem:active {
-    color: #000000; 
-    outline-style: none;
-    text-decoration: none;
-}
-
-a.SelectItem:hover {
-    color: #FFFFFF;
-    background-color: #3D578C;
-    outline-style: none;
-    text-decoration: none;
-    cursor: pointer;
-    display: block;
-}
-
-/*---------------- Search results window */
-
-iframe#MSearchResults {
-    width: 60ex;
-    height: 15em;
-}
-
-#MSearchResultsWindow {
-    display: none;
-    position: absolute;
-    left: 0; top: 0;
-    border: 1px solid #000;
-    background-color: #EEF1F7;
-    z-index:10000;
-}
-
-/* ----------------------------------- */
-
-
-#SRIndex {
-    clear:both; 
-    padding-bottom: 15px;
-}
-
-.SREntry {
-    font-size: 10pt;
-    padding-left: 1ex;
-}
-
-.SRPage .SREntry {
-    font-size: 8pt;
-    padding: 1px 5px;
-}
-
-body.SRPage {
-    margin: 5px 2px;
-}
-
-.SRChildren {
-    padding-left: 3ex; padding-bottom: .5em 
-}
-
-.SRPage .SRChildren {
-    display: none;
-}
-
-.SRSymbol {
-    font-weight: bold; 
-    color: #425E97;
-    font-family: Arial, Verdana, sans-serif;
-    text-decoration: none;
-    outline: none;
-}
-
-a.SRScope {
-    display: block;
-    color: #425E97; 
-    font-family: Arial, Verdana, sans-serif;
-    text-decoration: none;
-    outline: none;
-}
-
-a.SRSymbol:focus, a.SRSymbol:active,
-a.SRScope:focus, a.SRScope:active {
-    text-decoration: underline;
-}
-
-span.SRScope {
-    padding-left: 4px;
-}
-
-.SRPage .SRStatus {
-    padding: 2px 5px;
-    font-size: 8pt;
-    font-style: italic;
-}
-
-.SRResult {
-    display: none;
-}
-
-DIV.searchresults {
-    margin-left: 10px;
-    margin-right: 10px;
-}
-
-/*---------------- External search page results */
-
-.searchresult {
-    background-color: #F0F3F8;
-}
-
-.pages b {
-   color: white;
-   padding: 5px 5px 3px 5px;
-   background-image: url("../tab_a.png");
-   background-repeat: repeat-x;
-   text-shadow: 0 1px 1px #000000;
-}
-
-.pages {
-    line-height: 17px;
-    margin-left: 4px;
-    text-decoration: none;
-}
-
-.hl {
-    font-weight: bold;
-}
-
-#searchresults {
-    margin-bottom: 20px;
-}
-
-.searchpages {
-    margin-top: 10px;
-}
-
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/search.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/search.js
deleted file mode 100644
index 92b6094..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/search.js
+++ /dev/null
@@ -1,814 +0,0 @@
-/*
- @licstart  The following is the entire license notice for the JavaScript code in this file.
-
- The MIT License (MIT)
-
- Copyright (C) 1997-2020 by Dimitri van Heesch
-
- Permission is hereby granted, free of charge, to any person obtaining a copy of this software
- and associated documentation files (the "Software"), to deal in the Software without restriction,
- including without limitation the rights to use, copy, modify, merge, publish, distribute,
- sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is
- furnished to do so, subject to the following conditions:
-
- The above copyright notice and this permission notice shall be included in all copies or
- substantial portions of the Software.
-
- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING
- BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
- DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
- @licend  The above is the entire license notice for the JavaScript code in this file
- */
-function convertToId(search)
-{
-  var result = '';
-  for (i=0;i<search.length;i++)
-  {
-    var c = search.charAt(i);
-    var cn = c.charCodeAt(0);
-    if (c.match(/[a-z0-9\u0080-\uFFFF]/))
-    {
-      result+=c;
-    }
-    else if (cn<16)
-    {
-      result+="_0"+cn.toString(16);
-    }
-    else
-    {
-      result+="_"+cn.toString(16);
-    }
-  }
-  return result;
-}
-
-function getXPos(item)
-{
-  var x = 0;
-  if (item.offsetWidth)
-  {
-    while (item && item!=document.body)
-    {
-      x   += item.offsetLeft;
-      item = item.offsetParent;
-    }
-  }
-  return x;
-}
-
-function getYPos(item)
-{
-  var y = 0;
-  if (item.offsetWidth)
-  {
-     while (item && item!=document.body)
-     {
-       y   += item.offsetTop;
-       item = item.offsetParent;
-     }
-  }
-  return y;
-}
-
-/* A class handling everything associated with the search panel.
-
-   Parameters:
-   name - The name of the global variable that will be
-          storing this instance.  Is needed to be able to set timeouts.
-   resultPath - path to use for external files
-*/
-function SearchBox(name, resultsPath, inFrame, label)
-{
-  if (!name || !resultsPath) {  alert("Missing parameters to SearchBox."); }
-
-  // ---------- Instance variables
-  this.name                  = name;
-  this.resultsPath           = resultsPath;
-  this.keyTimeout            = 0;
-  this.keyTimeoutLength      = 500;
-  this.closeSelectionTimeout = 300;
-  this.lastSearchValue       = "";
-  this.lastResultsPage       = "";
-  this.hideTimeout           = 0;
-  this.searchIndex           = 0;
-  this.searchActive          = false;
-  this.insideFrame           = inFrame;
-  this.searchLabel           = label;
-
-  // ----------- DOM Elements
-
-  this.DOMSearchField = function()
-  {  return document.getElementById("MSearchField");  }
-
-  this.DOMSearchSelect = function()
-  {  return document.getElementById("MSearchSelect");  }
-
-  this.DOMSearchSelectWindow = function()
-  {  return document.getElementById("MSearchSelectWindow");  }
-
-  this.DOMPopupSearchResults = function()
-  {  return document.getElementById("MSearchResults");  }
-
-  this.DOMPopupSearchResultsWindow = function()
-  {  return document.getElementById("MSearchResultsWindow");  }
-
-  this.DOMSearchClose = function()
-  {  return document.getElementById("MSearchClose"); }
-
-  this.DOMSearchBox = function()
-  {  return document.getElementById("MSearchBox");  }
-
-  // ------------ Event Handlers
-
-  // Called when focus is added or removed from the search field.
-  this.OnSearchFieldFocus = function(isActive)
-  {
-    this.Activate(isActive);
-  }
-
-  this.OnSearchSelectShow = function()
-  {
-    var searchSelectWindow = this.DOMSearchSelectWindow();
-    var searchField        = this.DOMSearchSelect();
-
-    if (this.insideFrame)
-    {
-      var left = getXPos(searchField);
-      var top  = getYPos(searchField);
-      left += searchField.offsetWidth + 6;
-      top += searchField.offsetHeight;
-
-      // show search selection popup
-      searchSelectWindow.style.display='block';
-      left -= searchSelectWindow.offsetWidth;
-      searchSelectWindow.style.left =  left + 'px';
-      searchSelectWindow.style.top  =  top  + 'px';
-    }
-    else
-    {
-      var left = getXPos(searchField);
-      var top  = getYPos(searchField);
-      top += searchField.offsetHeight;
-
-      // show search selection popup
-      searchSelectWindow.style.display='block';
-      searchSelectWindow.style.left =  left + 'px';
-      searchSelectWindow.style.top  =  top  + 'px';
-    }
-
-    // stop selection hide timer
-    if (this.hideTimeout)
-    {
-      clearTimeout(this.hideTimeout);
-      this.hideTimeout=0;
-    }
-    return false; // to avoid "image drag" default event
-  }
-
-  this.OnSearchSelectHide = function()
-  {
-    this.hideTimeout = setTimeout(this.name +".CloseSelectionWindow()",
-                                  this.closeSelectionTimeout);
-  }
-
-  // Called when the content of the search field is changed.
-  this.OnSearchFieldChange = function(evt)
-  {
-    if (this.keyTimeout) // kill running timer
-    {
-      clearTimeout(this.keyTimeout);
-      this.keyTimeout = 0;
-    }
-
-    var e  = (evt) ? evt : window.event; // for IE
-    if (e.keyCode==40 || e.keyCode==13)
-    {
-      if (e.shiftKey==1)
-      {
-        this.OnSearchSelectShow();
-        var win=this.DOMSearchSelectWindow();
-        for (i=0;i<win.childNodes.length;i++)
-        {
-          var child = win.childNodes[i]; // get span within a
-          if (child.className=='SelectItem')
-          {
-            child.focus();
-            return;
-          }
-        }
-        return;
-      }
-      else
-      {
-        window.frames.MSearchResults.postMessage("take_focus", "*");
-      }
-    }
-    else if (e.keyCode==27) // Escape out of the search field
-    {
-      this.DOMSearchField().blur();
-      this.DOMPopupSearchResultsWindow().style.display = 'none';
-      this.DOMSearchClose().style.display = 'none';
-      this.lastSearchValue = '';
-      this.Activate(false);
-      return;
-    }
-
-    // strip whitespaces
-    var searchValue = this.DOMSearchField().value.replace(/ +/g, "");
-
-    if (searchValue != this.lastSearchValue) // search value has changed
-    {
-      if (searchValue != "") // non-empty search
-      {
-        // set timer for search update
-        this.keyTimeout = setTimeout(this.name + '.Search()',
-                                     this.keyTimeoutLength);
-      }
-      else // empty search field
-      {
-        this.DOMPopupSearchResultsWindow().style.display = 'none';
-        this.DOMSearchClose().style.display = 'none';
-        this.lastSearchValue = '';
-      }
-    }
-  }
-
-  this.SelectItemCount = function(id)
-  {
-    var count=0;
-    var win=this.DOMSearchSelectWindow();
-    for (i=0;i<win.childNodes.length;i++)
-    {
-      var child = win.childNodes[i]; // get span within a
-      if (child.className=='SelectItem')
-      {
-        count++;
-      }
-    }
-    return count;
-  }
-
-  this.SelectItemSet = function(id)
-  {
-    var i,j=0;
-    var win=this.DOMSearchSelectWindow();
-    for (i=0;i<win.childNodes.length;i++)
-    {
-      var child = win.childNodes[i]; // get span within a
-      if (child.className=='SelectItem')
-      {
-        var node = child.firstChild;
-        if (j==id)
-        {
-          node.innerHTML='&#8226;';
-        }
-        else
-        {
-          node.innerHTML='&#160;';
-        }
-        j++;
-      }
-    }
-  }
-
-  // Called when an search filter selection is made.
-  // set item with index id as the active item
-  this.OnSelectItem = function(id)
-  {
-    this.searchIndex = id;
-    this.SelectItemSet(id);
-    var searchValue = this.DOMSearchField().value.replace(/ +/g, "");
-    if (searchValue!="" && this.searchActive) // something was found -> do a search
-    {
-      this.Search();
-    }
-  }
-
-  this.OnSearchSelectKey = function(evt)
-  {
-    var e = (evt) ? evt : window.event; // for IE
-    if (e.keyCode==40 && this.searchIndex<this.SelectItemCount()) // Down
-    {
-      this.searchIndex++;
-      this.OnSelectItem(this.searchIndex);
-    }
-    else if (e.keyCode==38 && this.searchIndex>0) // Up
-    {
-      this.searchIndex--;
-      this.OnSelectItem(this.searchIndex);
-    }
-    else if (e.keyCode==13 || e.keyCode==27)
-    {
-      this.OnSelectItem(this.searchIndex);
-      this.CloseSelectionWindow();
-      this.DOMSearchField().focus();
-    }
-    return false;
-  }
-
-  // --------- Actions
-
-  // Closes the results window.
-  this.CloseResultsWindow = function()
-  {
-    this.DOMPopupSearchResultsWindow().style.display = 'none';
-    this.DOMSearchClose().style.display = 'none';
-    this.Activate(false);
-  }
-
-  this.CloseSelectionWindow = function()
-  {
-    this.DOMSearchSelectWindow().style.display = 'none';
-  }
-
-  // Performs a search.
-  this.Search = function()
-  {
-    this.keyTimeout = 0;
-
-    // strip leading whitespace
-    var searchValue = this.DOMSearchField().value.replace(/^ +/, "");
-
-    var code = searchValue.toLowerCase().charCodeAt(0);
-    var idxChar = searchValue.substr(0, 1).toLowerCase();
-    if ( 0xD800 <= code && code <= 0xDBFF && searchValue > 1) // surrogate pair
-    {
-      idxChar = searchValue.substr(0, 2);
-    }
-
-    var resultsPage;
-    var resultsPageWithSearch;
-    var hasResultsPage;
-
-    var idx = indexSectionsWithContent[this.searchIndex].indexOf(idxChar);
-    if (idx!=-1)
-    {
-       var hexCode=idx.toString(16);
-       resultsPage = this.resultsPath + '/' + indexSectionNames[this.searchIndex] + '_' + hexCode + '.html';
-       resultsPageWithSearch = resultsPage+'?'+escape(searchValue);
-       hasResultsPage = true;
-    }
-    else // nothing available for this search term
-    {
-       resultsPage = this.resultsPath + '/nomatches.html';
-       resultsPageWithSearch = resultsPage;
-       hasResultsPage = false;
-    }
-
-    window.frames.MSearchResults.location = resultsPageWithSearch;
-    var domPopupSearchResultsWindow = this.DOMPopupSearchResultsWindow();
-
-    if (domPopupSearchResultsWindow.style.display!='block')
-    {
-       var domSearchBox = this.DOMSearchBox();
-       this.DOMSearchClose().style.display = 'inline-block';
-       if (this.insideFrame)
-       {
-         var domPopupSearchResults = this.DOMPopupSearchResults();
-         domPopupSearchResultsWindow.style.position = 'relative';
-         domPopupSearchResultsWindow.style.display  = 'block';
-         var width = document.body.clientWidth - 8; // the -8 is for IE :-(
-         domPopupSearchResultsWindow.style.width    = width + 'px';
-         domPopupSearchResults.style.width          = width + 'px';
-       }
-       else
-       {
-         var domPopupSearchResults = this.DOMPopupSearchResults();
-         var left = getXPos(domSearchBox) + 150; // domSearchBox.offsetWidth;
-         var top  = getYPos(domSearchBox) + 20;  // domSearchBox.offsetHeight + 1;
-         domPopupSearchResultsWindow.style.display = 'block';
-         left -= domPopupSearchResults.offsetWidth;
-         domPopupSearchResultsWindow.style.top     = top  + 'px';
-         domPopupSearchResultsWindow.style.left    = left + 'px';
-       }
-    }
-
-    this.lastSearchValue = searchValue;
-    this.lastResultsPage = resultsPage;
-  }
-
-  // -------- Activation Functions
-
-  // Activates or deactivates the search panel, resetting things to
-  // their default values if necessary.
-  this.Activate = function(isActive)
-  {
-    if (isActive || // open it
-        this.DOMPopupSearchResultsWindow().style.display == 'block'
-       )
-    {
-      this.DOMSearchBox().className = 'MSearchBoxActive';
-
-      var searchField = this.DOMSearchField();
-
-      if (searchField.value == this.searchLabel) // clear "Search" term upon entry
-      {
-        searchField.value = '';
-        this.searchActive = true;
-      }
-    }
-    else if (!isActive) // directly remove the panel
-    {
-      this.DOMSearchBox().className = 'MSearchBoxInactive';
-      this.DOMSearchField().value   = this.searchLabel;
-      this.searchActive             = false;
-      this.lastSearchValue          = ''
-      this.lastResultsPage          = '';
-    }
-  }
-}
-
-// -----------------------------------------------------------------------
-
-// The class that handles everything on the search results page.
-function SearchResults(name)
-{
-    // The number of matches from the last run of <Search()>.
-    this.lastMatchCount = 0;
-    this.lastKey = 0;
-    this.repeatOn = false;
-
-    // Toggles the visibility of the passed element ID.
-    this.FindChildElement = function(id)
-    {
-      var parentElement = document.getElementById(id);
-      var element = parentElement.firstChild;
-
-      while (element && element!=parentElement)
-      {
-        if (element.nodeName == 'DIV' && element.className == 'SRChildren')
-        {
-          return element;
-        }
-
-        if (element.nodeName == 'DIV' && element.hasChildNodes())
-        {
-           element = element.firstChild;
-        }
-        else if (element.nextSibling)
-        {
-           element = element.nextSibling;
-        }
-        else
-        {
-          do
-          {
-            element = element.parentNode;
-          }
-          while (element && element!=parentElement && !element.nextSibling);
-
-          if (element && element!=parentElement)
-          {
-            element = element.nextSibling;
-          }
-        }
-      }
-    }
-
-    this.Toggle = function(id)
-    {
-      var element = this.FindChildElement(id);
-      if (element)
-      {
-        if (element.style.display == 'block')
-        {
-          element.style.display = 'none';
-        }
-        else
-        {
-          element.style.display = 'block';
-        }
-      }
-    }
-
-    // Searches for the passed string.  If there is no parameter,
-    // it takes it from the URL query.
-    //
-    // Always returns true, since other documents may try to call it
-    // and that may or may not be possible.
-    this.Search = function(search)
-    {
-      if (!search) // get search word from URL
-      {
-        search = window.location.search;
-        search = search.substring(1);  // Remove the leading '?'
-        search = unescape(search);
-      }
-
-      search = search.replace(/^ +/, ""); // strip leading spaces
-      search = search.replace(/ +$/, ""); // strip trailing spaces
-      search = search.toLowerCase();
-      search = convertToId(search);
-
-      var resultRows = document.getElementsByTagName("div");
-      var matches = 0;
-
-      var i = 0;
-      while (i < resultRows.length)
-      {
-        var row = resultRows.item(i);
-        if (row.className == "SRResult")
-        {
-          var rowMatchName = row.id.toLowerCase();
-          rowMatchName = rowMatchName.replace(/^sr\d*_/, ''); // strip 'sr123_'
-
-          if (search.length<=rowMatchName.length &&
-             rowMatchName.substr(0, search.length)==search)
-          {
-            row.style.display = 'block';
-            matches++;
-          }
-          else
-          {
-            row.style.display = 'none';
-          }
-        }
-        i++;
-      }
-      document.getElementById("Searching").style.display='none';
-      if (matches == 0) // no results
-      {
-        document.getElementById("NoMatches").style.display='block';
-      }
-      else // at least one result
-      {
-        document.getElementById("NoMatches").style.display='none';
-      }
-      this.lastMatchCount = matches;
-      return true;
-    }
-
-    // return the first item with index index or higher that is visible
-    this.NavNext = function(index)
-    {
-      var focusItem;
-      while (1)
-      {
-        var focusName = 'Item'+index;
-        focusItem = document.getElementById(focusName);
-        if (focusItem && focusItem.parentNode.parentNode.style.display=='block')
-        {
-          break;
-        }
-        else if (!focusItem) // last element
-        {
-          break;
-        }
-        focusItem=null;
-        index++;
-      }
-      return focusItem;
-    }
-
-    this.NavPrev = function(index)
-    {
-      var focusItem;
-      while (1)
-      {
-        var focusName = 'Item'+index;
-        focusItem = document.getElementById(focusName);
-        if (focusItem && focusItem.parentNode.parentNode.style.display=='block')
-        {
-          break;
-        }
-        else if (!focusItem) // last element
-        {
-          break;
-        }
-        focusItem=null;
-        index--;
-      }
-      return focusItem;
-    }
-
-    this.ProcessKeys = function(e)
-    {
-      if (e.type == "keydown")
-      {
-        this.repeatOn = false;
-        this.lastKey = e.keyCode;
-      }
-      else if (e.type == "keypress")
-      {
-        if (!this.repeatOn)
-        {
-          if (this.lastKey) this.repeatOn = true;
-          return false; // ignore first keypress after keydown
-        }
-      }
-      else if (e.type == "keyup")
-      {
-        this.lastKey = 0;
-        this.repeatOn = false;
-      }
-      return this.lastKey!=0;
-    }
-
-    this.Nav = function(evt,itemIndex)
-    {
-      var e  = (evt) ? evt : window.event; // for IE
-      if (e.keyCode==13) return true;
-      if (!this.ProcessKeys(e)) return false;
-
-      if (this.lastKey==38) // Up
-      {
-        var newIndex = itemIndex-1;
-        var focusItem = this.NavPrev(newIndex);
-        if (focusItem)
-        {
-          var child = this.FindChildElement(focusItem.parentNode.parentNode.id);
-          if (child && child.style.display == 'block') // children visible
-          {
-            var n=0;
-            var tmpElem;
-            while (1) // search for last child
-            {
-              tmpElem = document.getElementById('Item'+newIndex+'_c'+n);
-              if (tmpElem)
-              {
-                focusItem = tmpElem;
-              }
-              else // found it!
-              {
-                break;
-              }
-              n++;
-            }
-          }
-        }
-        if (focusItem)
-        {
-          focusItem.focus();
-        }
-        else // return focus to search field
-        {
-           parent.document.getElementById("MSearchField").focus();
-        }
-      }
-      else if (this.lastKey==40) // Down
-      {
-        var newIndex = itemIndex+1;
-        var focusItem;
-        var item = document.getElementById('Item'+itemIndex);
-        var elem = this.FindChildElement(item.parentNode.parentNode.id);
-        if (elem && elem.style.display == 'block') // children visible
-        {
-          focusItem = document.getElementById('Item'+itemIndex+'_c0');
-        }
-        if (!focusItem) focusItem = this.NavNext(newIndex);
-        if (focusItem)  focusItem.focus();
-      }
-      else if (this.lastKey==39) // Right
-      {
-        var item = document.getElementById('Item'+itemIndex);
-        var elem = this.FindChildElement(item.parentNode.parentNode.id);
-        if (elem) elem.style.display = 'block';
-      }
-      else if (this.lastKey==37) // Left
-      {
-        var item = document.getElementById('Item'+itemIndex);
-        var elem = this.FindChildElement(item.parentNode.parentNode.id);
-        if (elem) elem.style.display = 'none';
-      }
-      else if (this.lastKey==27) // Escape
-      {
-        parent.searchBox.CloseResultsWindow();
-        parent.document.getElementById("MSearchField").focus();
-      }
-      else if (this.lastKey==13) // Enter
-      {
-        return true;
-      }
-      return false;
-    }
-
-    this.NavChild = function(evt,itemIndex,childIndex)
-    {
-      var e  = (evt) ? evt : window.event; // for IE
-      if (e.keyCode==13) return true;
-      if (!this.ProcessKeys(e)) return false;
-
-      if (this.lastKey==38) // Up
-      {
-        if (childIndex>0)
-        {
-          var newIndex = childIndex-1;
-          document.getElementById('Item'+itemIndex+'_c'+newIndex).focus();
-        }
-        else // already at first child, jump to parent
-        {
-          document.getElementById('Item'+itemIndex).focus();
-        }
-      }
-      else if (this.lastKey==40) // Down
-      {
-        var newIndex = childIndex+1;
-        var elem = document.getElementById('Item'+itemIndex+'_c'+newIndex);
-        if (!elem) // last child, jump to parent next parent
-        {
-          elem = this.NavNext(itemIndex+1);
-        }
-        if (elem)
-        {
-          elem.focus();
-        }
-      }
-      else if (this.lastKey==27) // Escape
-      {
-        parent.searchBox.CloseResultsWindow();
-        parent.document.getElementById("MSearchField").focus();
-      }
-      else if (this.lastKey==13) // Enter
-      {
-        return true;
-      }
-      return false;
-    }
-}
-
-function setKeyActions(elem,action)
-{
-  elem.setAttribute('onkeydown',action);
-  elem.setAttribute('onkeypress',action);
-  elem.setAttribute('onkeyup',action);
-}
-
-function setClassAttr(elem,attr)
-{
-  elem.setAttribute('class',attr);
-  elem.setAttribute('className',attr);
-}
-
-function createResults()
-{
-  var results = document.getElementById("SRResults");
-  for (var e=0; e<searchData.length; e++)
-  {
-    var id = searchData[e][0];
-    var srResult = document.createElement('div');
-    srResult.setAttribute('id','SR_'+id);
-    setClassAttr(srResult,'SRResult');
-    var srEntry = document.createElement('div');
-    setClassAttr(srEntry,'SREntry');
-    var srLink = document.createElement('a');
-    srLink.setAttribute('id','Item'+e);
-    setKeyActions(srLink,'return searchResults.Nav(event,'+e+')');
-    setClassAttr(srLink,'SRSymbol');
-    srLink.innerHTML = searchData[e][1][0];
-    srEntry.appendChild(srLink);
-    if (searchData[e][1].length==2) // single result
-    {
-      srLink.setAttribute('href',searchData[e][1][1][0]);
-      if (searchData[e][1][1][1])
-      {
-       srLink.setAttribute('target','_parent');
-      }
-      var srScope = document.createElement('span');
-      setClassAttr(srScope,'SRScope');
-      srScope.innerHTML = searchData[e][1][1][2];
-      srEntry.appendChild(srScope);
-    }
-    else // multiple results
-    {
-      srLink.setAttribute('href','javascript:searchResults.Toggle("SR_'+id+'")');
-      var srChildren = document.createElement('div');
-      setClassAttr(srChildren,'SRChildren');
-      for (var c=0; c<searchData[e][1].length-1; c++)
-      {
-        var srChild = document.createElement('a');
-        srChild.setAttribute('id','Item'+e+'_c'+c);
-        setKeyActions(srChild,'return searchResults.NavChild(event,'+e+','+c+')');
-        setClassAttr(srChild,'SRScope');
-        srChild.setAttribute('href',searchData[e][1][c+1][0]);
-        if (searchData[e][1][c+1][1])
-        {
-         srChild.setAttribute('target','_parent');
-        }
-        srChild.innerHTML = searchData[e][1][c+1][2];
-        srChildren.appendChild(srChild);
-      }
-      srEntry.appendChild(srChildren);
-    }
-    srResult.appendChild(srEntry);
-    results.appendChild(srResult);
-  }
-}
-
-function init_search()
-{
-  var results = document.getElementById("MSearchSelectWindow");
-  for (var key in indexSectionLabels)
-  {
-    var link = document.createElement('a');
-    link.setAttribute('class','SelectItem');
-    link.setAttribute('onclick','searchBox.OnSelectItem('+key+')');
-    link.href='javascript:void(0)';
-    link.innerHTML='<span class="SelectionMark">&#160;</span>'+indexSectionLabels[key];
-    results.appendChild(link);
-  }
-  searchBox.OnSelectItem(0);
-}
-/* @license-end */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/search_l.png b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/search_l.png
deleted file mode 100644
index fd5f7da..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/search_l.png and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/search_m.png b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/search_m.png
deleted file mode 100644
index b429a16..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/search_m.png and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/search_r.png b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/search_r.png
deleted file mode 100644
index 1af5d21..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/search_r.png and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/searchdata.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/searchdata.js
deleted file mode 100644
index 332a8aa..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/searchdata.js
+++ /dev/null
@@ -1,36 +0,0 @@
-var indexSectionsWithContent =
-{
-  0: "cdhnortwxy",
-  1: "t",
-  2: "t",
-  3: "cdhnortwxy",
-  4: "t",
-  5: "t",
-  6: "t",
-  7: "t"
-};
-
-var indexSectionNames =
-{
-  0: "all",
-  1: "classes",
-  2: "functions",
-  3: "variables",
-  4: "typedefs",
-  5: "enums",
-  6: "enumvalues",
-  7: "groups"
-};
-
-var indexSectionLabels =
-{
-  0: "All",
-  1: "Data Structures",
-  2: "Functions",
-  3: "Variables",
-  4: "Typedefs",
-  5: "Enumerations",
-  6: "Enumerator",
-  7: "Modules"
-};
-
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/typedefs_0.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/typedefs_0.html
deleted file mode 100644
index b66f0a7..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/typedefs_0.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="typedefs_0.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/typedefs_0.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/typedefs_0.js
deleted file mode 100644
index bad1a20..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/typedefs_0.js
+++ /dev/null
@@ -1,5 +0,0 @@
-var searchData=
-[
-  ['tjhandle_160',['tjhandle',['../group___turbo_j_p_e_g.html#ga758d2634ecb4949de7815cba621f5763',1,'turbojpeg.h']]],
-  ['tjtransform_161',['tjtransform',['../group___turbo_j_p_e_g.html#ga504805ec0161f1b505397ca0118bf8fd',1,'turbojpeg.h']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_0.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_0.html
deleted file mode 100644
index 2edd111..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_0.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="variables_0.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_0.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_0.js
deleted file mode 100644
index 9ed036c..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_0.js
+++ /dev/null
@@ -1,4 +0,0 @@
-var searchData=
-[
-  ['customfilter_142',['customFilter',['../structtjtransform.html#afd7fc262df33f741e120ef4183202ef5',1,'tjtransform']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_1.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_1.html
deleted file mode 100644
index 98b95a9..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_1.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="variables_1.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_1.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_1.js
deleted file mode 100644
index 3dc2108..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_1.js
+++ /dev/null
@@ -1,5 +0,0 @@
-var searchData=
-[
-  ['data_143',['data',['../structtjtransform.html#a688fe8f1a8ecc12a538d9e561cf338e3',1,'tjtransform']]],
-  ['denom_144',['denom',['../structtjscalingfactor.html#aefbcdf3e9e62274b2d312c695f133ce3',1,'tjscalingfactor']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_2.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_2.html
deleted file mode 100644
index 3e0c591..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_2.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="variables_2.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_2.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_2.js
deleted file mode 100644
index f0d8327..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_2.js
+++ /dev/null
@@ -1,4 +0,0 @@
-var searchData=
-[
-  ['h_145',['h',['../structtjregion.html#aecefc45a26f4d8b60dd4d825c1710115',1,'tjregion']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_3.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_3.html
deleted file mode 100644
index 7867da3..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_3.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="variables_3.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_3.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_3.js
deleted file mode 100644
index e719258..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_3.js
+++ /dev/null
@@ -1,4 +0,0 @@
-var searchData=
-[
-  ['num_146',['num',['../structtjscalingfactor.html#a9b011e57f981ee23083e2c1aa5e640ec',1,'tjscalingfactor']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_4.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_4.html
deleted file mode 100644
index 732dee2..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_4.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="variables_4.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_4.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_4.js
deleted file mode 100644
index 2650623..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_4.js
+++ /dev/null
@@ -1,5 +0,0 @@
-var searchData=
-[
-  ['op_147',['op',['../structtjtransform.html#a2525aab4ba6978a1c273f74fef50e498',1,'tjtransform']]],
-  ['options_148',['options',['../structtjtransform.html#ac0e74655baa4402209a21e1ae481c8f6',1,'tjtransform']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_5.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_5.html
deleted file mode 100644
index ad9b545..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_5.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="variables_5.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_5.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_5.js
deleted file mode 100644
index 2639dfd..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_5.js
+++ /dev/null
@@ -1,4 +0,0 @@
-var searchData=
-[
-  ['r_149',['r',['../structtjtransform.html#ac324e5e442abec8a961e5bf219db12cf',1,'tjtransform']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_6.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_6.html
deleted file mode 100644
index 1cf2da1..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_6.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="variables_6.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_6.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_6.js
deleted file mode 100644
index 50b3fd7..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_6.js
+++ /dev/null
@@ -1,10 +0,0 @@
-var searchData=
-[
-  ['tjalphaoffset_150',['tjAlphaOffset',['../group___turbo_j_p_e_g.html#ga5af0ab065feefd526debf1e20c43e837',1,'turbojpeg.h']]],
-  ['tjblueoffset_151',['tjBlueOffset',['../group___turbo_j_p_e_g.html#ga84e2e35d3f08025f976ec1ec53693dea',1,'turbojpeg.h']]],
-  ['tjgreenoffset_152',['tjGreenOffset',['../group___turbo_j_p_e_g.html#ga82d6e35da441112a411da41923c0ba2f',1,'turbojpeg.h']]],
-  ['tjmcuheight_153',['tjMCUHeight',['../group___turbo_j_p_e_g.html#gabd247bb9fecb393eca57366feb8327bf',1,'turbojpeg.h']]],
-  ['tjmcuwidth_154',['tjMCUWidth',['../group___turbo_j_p_e_g.html#ga9e61e7cd47a15a173283ba94e781308c',1,'turbojpeg.h']]],
-  ['tjpixelsize_155',['tjPixelSize',['../group___turbo_j_p_e_g.html#gad77cf8fe5b2bfd3cb3f53098146abb4c',1,'turbojpeg.h']]],
-  ['tjredoffset_156',['tjRedOffset',['../group___turbo_j_p_e_g.html#gadd9b446742ac8a3923f7992c7988fea8',1,'turbojpeg.h']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_7.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_7.html
deleted file mode 100644
index ab2db0b..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_7.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="variables_7.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_7.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_7.js
deleted file mode 100644
index cd4a680..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_7.js
+++ /dev/null
@@ -1,4 +0,0 @@
-var searchData=
-[
-  ['w_157',['w',['../structtjregion.html#ab6eb73ceef584fc23c8c8097926dce42',1,'tjregion']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_8.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_8.html
deleted file mode 100644
index baec040..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_8.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="variables_8.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_8.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_8.js
deleted file mode 100644
index 61434f0..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_8.js
+++ /dev/null
@@ -1,4 +0,0 @@
-var searchData=
-[
-  ['x_158',['x',['../structtjregion.html#a4b6a37a93997091b26a75831fa291ad9',1,'tjregion']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_9.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_9.html
deleted file mode 100644
index df2fea0..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_9.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html><head><title></title>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<link rel="stylesheet" type="text/css" href="search.css"/>
-<script type="text/javascript" src="variables_9.js"></script>
-<script type="text/javascript" src="search.js"></script>
-</head>
-<body class="SRPage">
-<div id="SRIndex">
-<div class="SRStatus" id="Loading">Loading...</div>
-<div id="SRResults"></div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-createResults();
-/* @license-end */
---></script>
-<div class="SRStatus" id="Searching">Searching...</div>
-<div class="SRStatus" id="NoMatches">No Matches</div>
-<script type="text/javascript"><!--
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults");
-searchResults.Search();
-window.addEventListener("message", function(event) {
-  if (event.data == "take_focus") {
-    var elem = searchResults.NavNext(0);
-    if (elem) elem.focus();
-  }
-});
-/* @license-end */
---></script>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_9.js b/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_9.js
deleted file mode 100644
index 32719d4..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/search/variables_9.js
+++ /dev/null
@@ -1,4 +0,0 @@
-var searchData=
-[
-  ['y_159',['y',['../structtjregion.html#a7b3e0c24cfe87acc80e334cafdcf22c2',1,'tjregion']]]
-];
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/splitbar.png b/3rdparty/libjpeg-turbo_2_1_0/doc/html/splitbar.png
deleted file mode 100644
index fe895f2..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/doc/html/splitbar.png and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/structtjregion.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/structtjregion.html
deleted file mode 100644
index daa206a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/structtjregion.html
+++ /dev/null
@@ -1,173 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta http-equiv="X-UA-Compatible" content="IE=9"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<meta name="viewport" content="width=device-width, initial-scale=1"/>
-<title>TurboJPEG: tjregion Struct Reference</title>
-<link href="tabs.css" rel="stylesheet" type="text/css"/>
-<script type="text/javascript" src="jquery.js"></script>
-<script type="text/javascript" src="dynsections.js"></script>
-<link href="search/search.css" rel="stylesheet" type="text/css"/>
-<script type="text/javascript" src="search/searchdata.js"></script>
-<script type="text/javascript" src="search/search.js"></script>
-<link href="doxygen.css" rel="stylesheet" type="text/css" />
-<link href="doxygen-extra.css" rel="stylesheet" type="text/css"/>
-</head>
-<body>
-<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
-<div id="titlearea">
-<table cellspacing="0" cellpadding="0">
- <tbody>
- <tr style="height: 56px;">
-  <td id="projectalign" style="padding-left: 0.5em;">
-   <div id="projectname">TurboJPEG
-   &#160;<span id="projectnumber">2.1</span>
-   </div>
-  </td>
- </tr>
- </tbody>
-</table>
-</div>
-<!-- end header part -->
-<!-- Generated by Doxygen 1.8.20 -->
-<script type="text/javascript">
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-var searchBox = new SearchBox("searchBox", "search",false,'Search');
-/* @license-end */
-</script>
-<script type="text/javascript" src="menudata.js"></script>
-<script type="text/javascript" src="menu.js"></script>
-<script type="text/javascript">
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-$(function() {
-  initMenu('',true,false,'search.php','Search');
-  $(document).ready(function() { init_search(); });
-});
-/* @license-end */</script>
-<div id="main-nav"></div>
-<!-- window showing the filter options -->
-<div id="MSearchSelectWindow"
-     onmouseover="return searchBox.OnSearchSelectShow()"
-     onmouseout="return searchBox.OnSearchSelectHide()"
-     onkeydown="return searchBox.OnSearchSelectKey(event)">
-</div>
-
-<!-- iframe showing the search results (closed by default) -->
-<div id="MSearchResultsWindow">
-<iframe src="javascript:void(0)" frameborder="0" 
-        name="MSearchResults" id="MSearchResults">
-</iframe>
-</div>
-
-</div><!-- top -->
-<div class="header">
-  <div class="summary">
-<a href="#pub-attribs">Data Fields</a>  </div>
-  <div class="headertitle">
-<div class="title">tjregion Struct Reference<div class="ingroups"><a class="el" href="group___turbo_j_p_e_g.html">TurboJPEG</a></div></div>  </div>
-</div><!--header-->
-<div class="contents">
-
-<p>Cropping region.  
- <a href="structtjregion.html#details">More...</a></p>
-
-<p><code>#include &lt;turbojpeg.h&gt;</code></p>
-<table class="memberdecls">
-<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="pub-attribs"></a>
-Data Fields</h2></td></tr>
-<tr class="memitem:a4b6a37a93997091b26a75831fa291ad9"><td class="memItemLeft" align="right" valign="top">int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="structtjregion.html#a4b6a37a93997091b26a75831fa291ad9">x</a></td></tr>
-<tr class="memdesc:a4b6a37a93997091b26a75831fa291ad9"><td class="mdescLeft">&#160;</td><td class="mdescRight">The left boundary of the cropping region.  <a href="structtjregion.html#a4b6a37a93997091b26a75831fa291ad9">More...</a><br /></td></tr>
-<tr class="separator:a4b6a37a93997091b26a75831fa291ad9"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:a7b3e0c24cfe87acc80e334cafdcf22c2"><td class="memItemLeft" align="right" valign="top">int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="structtjregion.html#a7b3e0c24cfe87acc80e334cafdcf22c2">y</a></td></tr>
-<tr class="memdesc:a7b3e0c24cfe87acc80e334cafdcf22c2"><td class="mdescLeft">&#160;</td><td class="mdescRight">The upper boundary of the cropping region.  <a href="structtjregion.html#a7b3e0c24cfe87acc80e334cafdcf22c2">More...</a><br /></td></tr>
-<tr class="separator:a7b3e0c24cfe87acc80e334cafdcf22c2"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ab6eb73ceef584fc23c8c8097926dce42"><td class="memItemLeft" align="right" valign="top">int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="structtjregion.html#ab6eb73ceef584fc23c8c8097926dce42">w</a></td></tr>
-<tr class="memdesc:ab6eb73ceef584fc23c8c8097926dce42"><td class="mdescLeft">&#160;</td><td class="mdescRight">The width of the cropping region.  <a href="structtjregion.html#ab6eb73ceef584fc23c8c8097926dce42">More...</a><br /></td></tr>
-<tr class="separator:ab6eb73ceef584fc23c8c8097926dce42"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:aecefc45a26f4d8b60dd4d825c1710115"><td class="memItemLeft" align="right" valign="top">int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="structtjregion.html#aecefc45a26f4d8b60dd4d825c1710115">h</a></td></tr>
-<tr class="memdesc:aecefc45a26f4d8b60dd4d825c1710115"><td class="mdescLeft">&#160;</td><td class="mdescRight">The height of the cropping region.  <a href="structtjregion.html#aecefc45a26f4d8b60dd4d825c1710115">More...</a><br /></td></tr>
-<tr class="separator:aecefc45a26f4d8b60dd4d825c1710115"><td class="memSeparator" colspan="2">&#160;</td></tr>
-</table>
-<a name="details" id="details"></a><h2 class="groupheader">Detailed Description</h2>
-<div class="textblock"><p>Cropping region. </p>
-</div><h2 class="groupheader">Field Documentation</h2>
-<a id="aecefc45a26f4d8b60dd4d825c1710115"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#aecefc45a26f4d8b60dd4d825c1710115">&#9670;&nbsp;</a></span>h</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">int tjregion::h</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>The height of the cropping region. </p>
-<p>Setting this to 0 is the equivalent of setting it to the height of the source JPEG image - y. </p>
-
-</div>
-</div>
-<a id="ab6eb73ceef584fc23c8c8097926dce42"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ab6eb73ceef584fc23c8c8097926dce42">&#9670;&nbsp;</a></span>w</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">int tjregion::w</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>The width of the cropping region. </p>
-<p>Setting this to 0 is the equivalent of setting it to the width of the source JPEG image - x. </p>
-
-</div>
-</div>
-<a id="a4b6a37a93997091b26a75831fa291ad9"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#a4b6a37a93997091b26a75831fa291ad9">&#9670;&nbsp;</a></span>x</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">int tjregion::x</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>The left boundary of the cropping region. </p>
-<p>This must be evenly divisible by the MCU block width (see <a class="el" href="group___turbo_j_p_e_g.html#ga9e61e7cd47a15a173283ba94e781308c" title="MCU block width (in pixels) for a given level of chrominance subsampling.">tjMCUWidth</a>.) </p>
-
-</div>
-</div>
-<a id="a7b3e0c24cfe87acc80e334cafdcf22c2"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#a7b3e0c24cfe87acc80e334cafdcf22c2">&#9670;&nbsp;</a></span>y</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">int tjregion::y</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>The upper boundary of the cropping region. </p>
-<p>This must be evenly divisible by the MCU block height (see <a class="el" href="group___turbo_j_p_e_g.html#gabd247bb9fecb393eca57366feb8327bf" title="MCU block height (in pixels) for a given level of chrominance subsampling.">tjMCUHeight</a>.) </p>
-
-</div>
-</div>
-<hr/>The documentation for this struct was generated from the following file:<ul>
-<li>turbojpeg.h</li>
-</ul>
-</div><!-- contents -->
-<!-- start footer part -->
-<hr class="footer"/><address class="footer"><small>
-Generated by&#160;<a href="http://www.doxygen.org/index.html"><img class="footer" src="doxygen.svg" width="104" height="31" alt="doxygen"/></a> 1.8.20
-</small></address>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/structtjscalingfactor.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/structtjscalingfactor.html
deleted file mode 100644
index 021a36f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/structtjscalingfactor.html
+++ /dev/null
@@ -1,131 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta http-equiv="X-UA-Compatible" content="IE=9"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<meta name="viewport" content="width=device-width, initial-scale=1"/>
-<title>TurboJPEG: tjscalingfactor Struct Reference</title>
-<link href="tabs.css" rel="stylesheet" type="text/css"/>
-<script type="text/javascript" src="jquery.js"></script>
-<script type="text/javascript" src="dynsections.js"></script>
-<link href="search/search.css" rel="stylesheet" type="text/css"/>
-<script type="text/javascript" src="search/searchdata.js"></script>
-<script type="text/javascript" src="search/search.js"></script>
-<link href="doxygen.css" rel="stylesheet" type="text/css" />
-<link href="doxygen-extra.css" rel="stylesheet" type="text/css"/>
-</head>
-<body>
-<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
-<div id="titlearea">
-<table cellspacing="0" cellpadding="0">
- <tbody>
- <tr style="height: 56px;">
-  <td id="projectalign" style="padding-left: 0.5em;">
-   <div id="projectname">TurboJPEG
-   &#160;<span id="projectnumber">2.1</span>
-   </div>
-  </td>
- </tr>
- </tbody>
-</table>
-</div>
-<!-- end header part -->
-<!-- Generated by Doxygen 1.8.20 -->
-<script type="text/javascript">
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-var searchBox = new SearchBox("searchBox", "search",false,'Search');
-/* @license-end */
-</script>
-<script type="text/javascript" src="menudata.js"></script>
-<script type="text/javascript" src="menu.js"></script>
-<script type="text/javascript">
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-$(function() {
-  initMenu('',true,false,'search.php','Search');
-  $(document).ready(function() { init_search(); });
-});
-/* @license-end */</script>
-<div id="main-nav"></div>
-<!-- window showing the filter options -->
-<div id="MSearchSelectWindow"
-     onmouseover="return searchBox.OnSearchSelectShow()"
-     onmouseout="return searchBox.OnSearchSelectHide()"
-     onkeydown="return searchBox.OnSearchSelectKey(event)">
-</div>
-
-<!-- iframe showing the search results (closed by default) -->
-<div id="MSearchResultsWindow">
-<iframe src="javascript:void(0)" frameborder="0" 
-        name="MSearchResults" id="MSearchResults">
-</iframe>
-</div>
-
-</div><!-- top -->
-<div class="header">
-  <div class="summary">
-<a href="#pub-attribs">Data Fields</a>  </div>
-  <div class="headertitle">
-<div class="title">tjscalingfactor Struct Reference<div class="ingroups"><a class="el" href="group___turbo_j_p_e_g.html">TurboJPEG</a></div></div>  </div>
-</div><!--header-->
-<div class="contents">
-
-<p>Scaling factor.  
- <a href="structtjscalingfactor.html#details">More...</a></p>
-
-<p><code>#include &lt;turbojpeg.h&gt;</code></p>
-<table class="memberdecls">
-<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="pub-attribs"></a>
-Data Fields</h2></td></tr>
-<tr class="memitem:a9b011e57f981ee23083e2c1aa5e640ec"><td class="memItemLeft" align="right" valign="top">int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="structtjscalingfactor.html#a9b011e57f981ee23083e2c1aa5e640ec">num</a></td></tr>
-<tr class="memdesc:a9b011e57f981ee23083e2c1aa5e640ec"><td class="mdescLeft">&#160;</td><td class="mdescRight">Numerator.  <a href="structtjscalingfactor.html#a9b011e57f981ee23083e2c1aa5e640ec">More...</a><br /></td></tr>
-<tr class="separator:a9b011e57f981ee23083e2c1aa5e640ec"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:aefbcdf3e9e62274b2d312c695f133ce3"><td class="memItemLeft" align="right" valign="top">int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="structtjscalingfactor.html#aefbcdf3e9e62274b2d312c695f133ce3">denom</a></td></tr>
-<tr class="memdesc:aefbcdf3e9e62274b2d312c695f133ce3"><td class="mdescLeft">&#160;</td><td class="mdescRight">Denominator.  <a href="structtjscalingfactor.html#aefbcdf3e9e62274b2d312c695f133ce3">More...</a><br /></td></tr>
-<tr class="separator:aefbcdf3e9e62274b2d312c695f133ce3"><td class="memSeparator" colspan="2">&#160;</td></tr>
-</table>
-<a name="details" id="details"></a><h2 class="groupheader">Detailed Description</h2>
-<div class="textblock"><p>Scaling factor. </p>
-</div><h2 class="groupheader">Field Documentation</h2>
-<a id="aefbcdf3e9e62274b2d312c695f133ce3"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#aefbcdf3e9e62274b2d312c695f133ce3">&#9670;&nbsp;</a></span>denom</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">int tjscalingfactor::denom</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Denominator. </p>
-
-</div>
-</div>
-<a id="a9b011e57f981ee23083e2c1aa5e640ec"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#a9b011e57f981ee23083e2c1aa5e640ec">&#9670;&nbsp;</a></span>num</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">int tjscalingfactor::num</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Numerator. </p>
-
-</div>
-</div>
-<hr/>The documentation for this struct was generated from the following file:<ul>
-<li>turbojpeg.h</li>
-</ul>
-</div><!-- contents -->
-<!-- start footer part -->
-<hr class="footer"/><address class="footer"><small>
-Generated by&#160;<a href="http://www.doxygen.org/index.html"><img class="footer" src="doxygen.svg" width="104" height="31" alt="doxygen"/></a> 1.8.20
-</small></address>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/structtjtransform.html b/3rdparty/libjpeg-turbo_2_1_0/doc/html/structtjtransform.html
deleted file mode 100644
index 92aa3fa..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/structtjtransform.html
+++ /dev/null
@@ -1,201 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
-<meta http-equiv="X-UA-Compatible" content="IE=9"/>
-<meta name="generator" content="Doxygen 1.8.20"/>
-<meta name="viewport" content="width=device-width, initial-scale=1"/>
-<title>TurboJPEG: tjtransform Struct Reference</title>
-<link href="tabs.css" rel="stylesheet" type="text/css"/>
-<script type="text/javascript" src="jquery.js"></script>
-<script type="text/javascript" src="dynsections.js"></script>
-<link href="search/search.css" rel="stylesheet" type="text/css"/>
-<script type="text/javascript" src="search/searchdata.js"></script>
-<script type="text/javascript" src="search/search.js"></script>
-<link href="doxygen.css" rel="stylesheet" type="text/css" />
-<link href="doxygen-extra.css" rel="stylesheet" type="text/css"/>
-</head>
-<body>
-<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
-<div id="titlearea">
-<table cellspacing="0" cellpadding="0">
- <tbody>
- <tr style="height: 56px;">
-  <td id="projectalign" style="padding-left: 0.5em;">
-   <div id="projectname">TurboJPEG
-   &#160;<span id="projectnumber">2.1</span>
-   </div>
-  </td>
- </tr>
- </tbody>
-</table>
-</div>
-<!-- end header part -->
-<!-- Generated by Doxygen 1.8.20 -->
-<script type="text/javascript">
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-var searchBox = new SearchBox("searchBox", "search",false,'Search');
-/* @license-end */
-</script>
-<script type="text/javascript" src="menudata.js"></script>
-<script type="text/javascript" src="menu.js"></script>
-<script type="text/javascript">
-/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
-$(function() {
-  initMenu('',true,false,'search.php','Search');
-  $(document).ready(function() { init_search(); });
-});
-/* @license-end */</script>
-<div id="main-nav"></div>
-<!-- window showing the filter options -->
-<div id="MSearchSelectWindow"
-     onmouseover="return searchBox.OnSearchSelectShow()"
-     onmouseout="return searchBox.OnSearchSelectHide()"
-     onkeydown="return searchBox.OnSearchSelectKey(event)">
-</div>
-
-<!-- iframe showing the search results (closed by default) -->
-<div id="MSearchResultsWindow">
-<iframe src="javascript:void(0)" frameborder="0" 
-        name="MSearchResults" id="MSearchResults">
-</iframe>
-</div>
-
-</div><!-- top -->
-<div class="header">
-  <div class="summary">
-<a href="#pub-attribs">Data Fields</a>  </div>
-  <div class="headertitle">
-<div class="title">tjtransform Struct Reference<div class="ingroups"><a class="el" href="group___turbo_j_p_e_g.html">TurboJPEG</a></div></div>  </div>
-</div><!--header-->
-<div class="contents">
-
-<p>Lossless transform.  
- <a href="structtjtransform.html#details">More...</a></p>
-
-<p><code>#include &lt;turbojpeg.h&gt;</code></p>
-<table class="memberdecls">
-<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="pub-attribs"></a>
-Data Fields</h2></td></tr>
-<tr class="memitem:ac324e5e442abec8a961e5bf219db12cf"><td class="memItemLeft" align="right" valign="top"><a class="el" href="structtjregion.html">tjregion</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="structtjtransform.html#ac324e5e442abec8a961e5bf219db12cf">r</a></td></tr>
-<tr class="memdesc:ac324e5e442abec8a961e5bf219db12cf"><td class="mdescLeft">&#160;</td><td class="mdescRight">Cropping region.  <a href="structtjtransform.html#ac324e5e442abec8a961e5bf219db12cf">More...</a><br /></td></tr>
-<tr class="separator:ac324e5e442abec8a961e5bf219db12cf"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:a2525aab4ba6978a1c273f74fef50e498"><td class="memItemLeft" align="right" valign="top">int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="structtjtransform.html#a2525aab4ba6978a1c273f74fef50e498">op</a></td></tr>
-<tr class="memdesc:a2525aab4ba6978a1c273f74fef50e498"><td class="mdescLeft">&#160;</td><td class="mdescRight">One of the <a class="el" href="group___turbo_j_p_e_g.html#ga2de531af4e7e6c4f124908376b354866">transform operations</a>.  <a href="structtjtransform.html#a2525aab4ba6978a1c273f74fef50e498">More...</a><br /></td></tr>
-<tr class="separator:a2525aab4ba6978a1c273f74fef50e498"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:ac0e74655baa4402209a21e1ae481c8f6"><td class="memItemLeft" align="right" valign="top">int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="structtjtransform.html#ac0e74655baa4402209a21e1ae481c8f6">options</a></td></tr>
-<tr class="memdesc:ac0e74655baa4402209a21e1ae481c8f6"><td class="mdescLeft">&#160;</td><td class="mdescRight">The bitwise OR of one of more of the <a class="el" href="group___turbo_j_p_e_g.html#ga9c771a757fc1294add611906b89ab2d2">transform options</a>.  <a href="structtjtransform.html#ac0e74655baa4402209a21e1ae481c8f6">More...</a><br /></td></tr>
-<tr class="separator:ac0e74655baa4402209a21e1ae481c8f6"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:a688fe8f1a8ecc12a538d9e561cf338e3"><td class="memItemLeft" align="right" valign="top">void *&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="structtjtransform.html#a688fe8f1a8ecc12a538d9e561cf338e3">data</a></td></tr>
-<tr class="memdesc:a688fe8f1a8ecc12a538d9e561cf338e3"><td class="mdescLeft">&#160;</td><td class="mdescRight">Arbitrary data that can be accessed within the body of the callback function.  <a href="structtjtransform.html#a688fe8f1a8ecc12a538d9e561cf338e3">More...</a><br /></td></tr>
-<tr class="separator:a688fe8f1a8ecc12a538d9e561cf338e3"><td class="memSeparator" colspan="2">&#160;</td></tr>
-<tr class="memitem:afd7fc262df33f741e120ef4183202ef5"><td class="memItemLeft" align="right" valign="top">int(*&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="structtjtransform.html#afd7fc262df33f741e120ef4183202ef5">customFilter</a> )(short *coeffs, <a class="el" href="structtjregion.html">tjregion</a> arrayRegion, <a class="el" href="structtjregion.html">tjregion</a> planeRegion, int componentIndex, int transformIndex, struct <a class="el" href="structtjtransform.html">tjtransform</a> *transform)</td></tr>
-<tr class="memdesc:afd7fc262df33f741e120ef4183202ef5"><td class="mdescLeft">&#160;</td><td class="mdescRight">A callback function that can be used to modify the DCT coefficients after they are losslessly transformed but before they are transcoded to a new JPEG image.  <a href="structtjtransform.html#afd7fc262df33f741e120ef4183202ef5">More...</a><br /></td></tr>
-<tr class="separator:afd7fc262df33f741e120ef4183202ef5"><td class="memSeparator" colspan="2">&#160;</td></tr>
-</table>
-<a name="details" id="details"></a><h2 class="groupheader">Detailed Description</h2>
-<div class="textblock"><p>Lossless transform. </p>
-</div><h2 class="groupheader">Field Documentation</h2>
-<a id="afd7fc262df33f741e120ef4183202ef5"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#afd7fc262df33f741e120ef4183202ef5">&#9670;&nbsp;</a></span>customFilter</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">int(* tjtransform::customFilter) (short *coeffs, <a class="el" href="structtjregion.html">tjregion</a> arrayRegion, <a class="el" href="structtjregion.html">tjregion</a> planeRegion, int componentIndex, int transformIndex, struct <a class="el" href="structtjtransform.html">tjtransform</a> *transform)</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>A callback function that can be used to modify the DCT coefficients after they are losslessly transformed but before they are transcoded to a new JPEG image. </p>
-<p>This allows for custom filters or other transformations to be applied in the frequency domain.</p>
-<dl class="params"><dt>Parameters</dt><dd>
-  <table class="params">
-    <tr><td class="paramname">coeffs</td><td>pointer to an array of transformed DCT coefficients. (NOTE: this pointer is not guaranteed to be valid once the callback returns, so applications wishing to hand off the DCT coefficients to another function or library should make a copy of them within the body of the callback.)</td></tr>
-    <tr><td class="paramname">arrayRegion</td><td><a class="el" href="structtjregion.html" title="Cropping region.">tjregion</a> structure containing the width and height of the array pointed to by <code>coeffs</code> as well as its offset relative to the component plane. TurboJPEG implementations may choose to split each component plane into multiple DCT coefficient arrays and call the callback function once for each array.</td></tr>
-    <tr><td class="paramname">planeRegion</td><td><a class="el" href="structtjregion.html" title="Cropping region.">tjregion</a> structure containing the width and height of the component plane to which <code>coeffs</code> belongs</td></tr>
-    <tr><td class="paramname">componentID</td><td>ID number of the component plane to which <code>coeffs</code> belongs (Y, Cb, and Cr have, respectively, ID's of 0, 1, and 2 in typical JPEG images.)</td></tr>
-    <tr><td class="paramname">transformID</td><td>ID number of the transformed image to which <code>coeffs</code> belongs. This is the same as the index of the transform in the <code>transforms</code> array that was passed to <a class="el" href="group___turbo_j_p_e_g.html#ga9cb8abf4cc91881e04a0329b2270be25" title="Losslessly transform a JPEG image into another JPEG image.">tjTransform()</a>.</td></tr>
-    <tr><td class="paramname">transform</td><td>a pointer to a <a class="el" href="structtjtransform.html" title="Lossless transform.">tjtransform</a> structure that specifies the parameters and/or cropping region for this transform</td></tr>
-  </table>
-  </dd>
-</dl>
-<dl class="section return"><dt>Returns</dt><dd>0 if the callback was successful, or -1 if an error occurred. </dd></dl>
-
-</div>
-</div>
-<a id="a688fe8f1a8ecc12a538d9e561cf338e3"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#a688fe8f1a8ecc12a538d9e561cf338e3">&#9670;&nbsp;</a></span>data</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">void* tjtransform::data</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Arbitrary data that can be accessed within the body of the callback function. </p>
-
-</div>
-</div>
-<a id="a2525aab4ba6978a1c273f74fef50e498"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#a2525aab4ba6978a1c273f74fef50e498">&#9670;&nbsp;</a></span>op</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">int tjtransform::op</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>One of the <a class="el" href="group___turbo_j_p_e_g.html#ga2de531af4e7e6c4f124908376b354866">transform operations</a>. </p>
-
-</div>
-</div>
-<a id="ac0e74655baa4402209a21e1ae481c8f6"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ac0e74655baa4402209a21e1ae481c8f6">&#9670;&nbsp;</a></span>options</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname">int tjtransform::options</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>The bitwise OR of one of more of the <a class="el" href="group___turbo_j_p_e_g.html#ga9c771a757fc1294add611906b89ab2d2">transform options</a>. </p>
-
-</div>
-</div>
-<a id="ac324e5e442abec8a961e5bf219db12cf"></a>
-<h2 class="memtitle"><span class="permalink"><a href="#ac324e5e442abec8a961e5bf219db12cf">&#9670;&nbsp;</a></span>r</h2>
-
-<div class="memitem">
-<div class="memproto">
-      <table class="memname">
-        <tr>
-          <td class="memname"><a class="el" href="structtjregion.html">tjregion</a> tjtransform::r</td>
-        </tr>
-      </table>
-</div><div class="memdoc">
-
-<p>Cropping region. </p>
-
-</div>
-</div>
-<hr/>The documentation for this struct was generated from the following file:<ul>
-<li>turbojpeg.h</li>
-</ul>
-</div><!-- contents -->
-<!-- start footer part -->
-<hr class="footer"/><address class="footer"><small>
-Generated by&#160;<a href="http://www.doxygen.org/index.html"><img class="footer" src="doxygen.svg" width="104" height="31" alt="doxygen"/></a> 1.8.20
-</small></address>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/sync_off.png b/3rdparty/libjpeg-turbo_2_1_0/doc/html/sync_off.png
deleted file mode 100644
index 3b443fc..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/doc/html/sync_off.png and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/sync_on.png b/3rdparty/libjpeg-turbo_2_1_0/doc/html/sync_on.png
deleted file mode 100644
index e08320f..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/doc/html/sync_on.png and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/tab_a.png b/3rdparty/libjpeg-turbo_2_1_0/doc/html/tab_a.png
deleted file mode 100644
index 3b725c4..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/doc/html/tab_a.png and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/tab_b.png b/3rdparty/libjpeg-turbo_2_1_0/doc/html/tab_b.png
deleted file mode 100644
index e2b4a86..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/doc/html/tab_b.png and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/tab_h.png b/3rdparty/libjpeg-turbo_2_1_0/doc/html/tab_h.png
deleted file mode 100644
index fd5cb70..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/doc/html/tab_h.png and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/tab_s.png b/3rdparty/libjpeg-turbo_2_1_0/doc/html/tab_s.png
deleted file mode 100644
index ab478c9..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/doc/html/tab_s.png and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doc/html/tabs.css b/3rdparty/libjpeg-turbo_2_1_0/doc/html/tabs.css
deleted file mode 100644
index 85a0cd5..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doc/html/tabs.css
+++ /dev/null
@@ -1 +0,0 @@
-.sm{position:relative;z-index:9999}.sm,.sm ul,.sm li{display:block;list-style:none;margin:0;padding:0;line-height:normal;direction:ltr;text-align:left;-webkit-tap-highlight-color:rgba(0,0,0,0)}.sm-rtl,.sm-rtl ul,.sm-rtl li{direction:rtl;text-align:right}.sm>li>h1,.sm>li>h2,.sm>li>h3,.sm>li>h4,.sm>li>h5,.sm>li>h6{margin:0;padding:0}.sm ul{display:none}.sm li,.sm a{position:relative}.sm a{display:block}.sm a.disabled{cursor:not-allowed}.sm:after{content:"\00a0";display:block;height:0;font:0/0 serif;clear:both;visibility:hidden;overflow:hidden}.sm,.sm *,.sm *:before,.sm *:after{-moz-box-sizing:border-box;-webkit-box-sizing:border-box;box-sizing:border-box}.sm-dox{background-image:url("tab_b.png")}.sm-dox a,.sm-dox a:focus,.sm-dox a:hover,.sm-dox a:active{padding:0 12px;padding-right:43px;font-family:"Lucida Grande","Geneva","Helvetica",Arial,sans-serif;font-size:13px;font-weight:bold;line-height:36px;text-decoration:none;text-shadow:0 1px 1px rgba(255,255,255,0.9);color:#283a5d;outline:0}.sm-dox a:hover{background-image:url("tab_a.png");background-repeat:repeat-x;color:white;text-shadow:0 1px 1px black}.sm-dox a.current{color:#d23600}.sm-dox a.disabled{color:#bbb}.sm-dox a span.sub-arrow{position:absolute;top:50%;margin-top:-14px;left:auto;right:3px;width:28px;height:28px;overflow:hidden;font:bold 12px/28px monospace!important;text-align:center;text-shadow:none;background:rgba(255,255,255,0.5);-moz-border-radius:5px;-webkit-border-radius:5px;border-radius:5px}.sm-dox a.highlighted span.sub-arrow:before{display:block;content:'-'}.sm-dox>li:first-child>a,.sm-dox>li:first-child>:not(ul) a{-moz-border-radius:5px 5px 0 0;-webkit-border-radius:5px;border-radius:5px 5px 0 0}.sm-dox>li:last-child>a,.sm-dox>li:last-child>*:not(ul) a,.sm-dox>li:last-child>ul,.sm-dox>li:last-child>ul>li:last-child>a,.sm-dox>li:last-child>ul>li:last-child>*:not(ul) a,.sm-dox>li:last-child>ul>li:last-child>ul,.sm-dox>li:last-child>ul>li:last-child>ul>li:last-child>a,.sm-dox>li:last-child>ul>li:last-child>ul>li:last-child>*:not(ul) a,.sm-dox>li:last-child>ul>li:last-child>ul>li:last-child>ul,.sm-dox>li:last-child>ul>li:last-child>ul>li:last-child>ul>li:last-child>a,.sm-dox>li:last-child>ul>li:last-child>ul>li:last-child>ul>li:last-child>*:not(ul) a,.sm-dox>li:last-child>ul>li:last-child>ul>li:last-child>ul>li:last-child>ul,.sm-dox>li:last-child>ul>li:last-child>ul>li:last-child>ul>li:last-child>ul>li:last-child>a,.sm-dox>li:last-child>ul>li:last-child>ul>li:last-child>ul>li:last-child>ul>li:last-child>*:not(ul) a,.sm-dox>li:last-child>ul>li:last-child>ul>li:last-child>ul>li:last-child>ul>li:last-child>ul{-moz-border-radius:0 0 5px 5px;-webkit-border-radius:0;border-radius:0 0 5px 5px}.sm-dox>li:last-child>a.highlighted,.sm-dox>li:last-child>*:not(ul) a.highlighted,.sm-dox>li:last-child>ul>li:last-child>a.highlighted,.sm-dox>li:last-child>ul>li:last-child>*:not(ul) a.highlighted,.sm-dox>li:last-child>ul>li:last-child>ul>li:last-child>a.highlighted,.sm-dox>li:last-child>ul>li:last-child>ul>li:last-child>*:not(ul) a.highlighted,.sm-dox>li:last-child>ul>li:last-child>ul>li:last-child>ul>li:last-child>a.highlighted,.sm-dox>li:last-child>ul>li:last-child>ul>li:last-child>ul>li:last-child>*:not(ul) a.highlighted,.sm-dox>li:last-child>ul>li:last-child>ul>li:last-child>ul>li:last-child>ul>li:last-child>a.highlighted,.sm-dox>li:last-child>ul>li:last-child>ul>li:last-child>ul>li:last-child>ul>li:last-child>*:not(ul) a.highlighted{-moz-border-radius:0;-webkit-border-radius:0;border-radius:0}.sm-dox ul{background:rgba(162,162,162,0.1)}.sm-dox ul a,.sm-dox ul a:focus,.sm-dox ul a:hover,.sm-dox ul a:active{font-size:12px;border-left:8px solid transparent;line-height:36px;text-shadow:none;background-color:white;background-image:none}.sm-dox ul a:hover{background-image:url("tab_a.png");background-repeat:repeat-x;color:white;text-shadow:0 1px 1px black}.sm-dox ul ul a,.sm-dox ul ul a:hover,.sm-dox ul ul a:focus,.sm-dox ul ul a:active{border-left:16px solid transparent}.sm-dox ul ul ul a,.sm-dox ul ul ul a:hover,.sm-dox ul ul ul a:focus,.sm-dox ul ul ul a:active{border-left:24px solid transparent}.sm-dox ul ul ul ul a,.sm-dox ul ul ul ul a:hover,.sm-dox ul ul ul ul a:focus,.sm-dox ul ul ul ul a:active{border-left:32px solid transparent}.sm-dox ul ul ul ul ul a,.sm-dox ul ul ul ul ul a:hover,.sm-dox ul ul ul ul ul a:focus,.sm-dox ul ul ul ul ul a:active{border-left:40px solid transparent}@media(min-width:768px){.sm-dox ul{position:absolute;width:12em}.sm-dox li{float:left}.sm-dox.sm-rtl li{float:right}.sm-dox ul li,.sm-dox.sm-rtl ul li,.sm-dox.sm-vertical li{float:none}.sm-dox a{white-space:nowrap}.sm-dox ul a,.sm-dox.sm-vertical a{white-space:normal}.sm-dox .sm-nowrap>li>a,.sm-dox .sm-nowrap>li>:not(ul) a{white-space:nowrap}.sm-dox{padding:0 10px;background-image:url("tab_b.png");line-height:36px}.sm-dox a span.sub-arrow{top:50%;margin-top:-2px;right:12px;width:0;height:0;border-width:4px;border-style:solid dashed dashed dashed;border-color:#283a5d transparent transparent transparent;background:transparent;-moz-border-radius:0;-webkit-border-radius:0;border-radius:0}.sm-dox a,.sm-dox a:focus,.sm-dox a:active,.sm-dox a:hover,.sm-dox a.highlighted{padding:0 12px;background-image:url("tab_s.png");background-repeat:no-repeat;background-position:right;-moz-border-radius:0!important;-webkit-border-radius:0;border-radius:0!important}.sm-dox a:hover{background-image:url("tab_a.png");background-repeat:repeat-x;color:white;text-shadow:0 1px 1px black}.sm-dox a:hover span.sub-arrow{border-color:white transparent transparent transparent}.sm-dox a.has-submenu{padding-right:24px}.sm-dox li{border-top:0}.sm-dox>li>ul:before,.sm-dox>li>ul:after{content:'';position:absolute;top:-18px;left:30px;width:0;height:0;overflow:hidden;border-width:9px;border-style:dashed dashed solid dashed;border-color:transparent transparent #bbb transparent}.sm-dox>li>ul:after{top:-16px;left:31px;border-width:8px;border-color:transparent transparent #fff transparent}.sm-dox ul{border:1px solid #bbb;padding:5px 0;background:#fff;-moz-border-radius:5px!important;-webkit-border-radius:5px;border-radius:5px!important;-moz-box-shadow:0 5px 9px rgba(0,0,0,0.2);-webkit-box-shadow:0 5px 9px rgba(0,0,0,0.2);box-shadow:0 5px 9px rgba(0,0,0,0.2)}.sm-dox ul a span.sub-arrow{right:8px;top:50%;margin-top:-5px;border-width:5px;border-color:transparent transparent transparent #555;border-style:dashed dashed dashed solid}.sm-dox ul a,.sm-dox ul a:hover,.sm-dox ul a:focus,.sm-dox ul a:active,.sm-dox ul a.highlighted{color:#555;background-image:none;border:0!important;color:#555;background-image:none}.sm-dox ul a:hover{background-image:url("tab_a.png");background-repeat:repeat-x;color:white;text-shadow:0 1px 1px black}.sm-dox ul a:hover span.sub-arrow{border-color:transparent transparent transparent white}.sm-dox span.scroll-up,.sm-dox span.scroll-down{position:absolute;display:none;visibility:hidden;overflow:hidden;background:#fff;height:36px}.sm-dox span.scroll-up:hover,.sm-dox span.scroll-down:hover{background:#eee}.sm-dox span.scroll-up:hover span.scroll-up-arrow,.sm-dox span.scroll-up:hover span.scroll-down-arrow{border-color:transparent transparent #d23600 transparent}.sm-dox span.scroll-down:hover span.scroll-down-arrow{border-color:#d23600 transparent transparent transparent}.sm-dox span.scroll-up-arrow,.sm-dox span.scroll-down-arrow{position:absolute;top:0;left:50%;margin-left:-6px;width:0;height:0;overflow:hidden;border-width:6px;border-style:dashed dashed solid dashed;border-color:transparent transparent #555 transparent}.sm-dox span.scroll-down-arrow{top:8px;border-style:solid dashed dashed dashed;border-color:#555 transparent transparent transparent}.sm-dox.sm-rtl a.has-submenu{padding-right:12px;padding-left:24px}.sm-dox.sm-rtl a span.sub-arrow{right:auto;left:12px}.sm-dox.sm-rtl.sm-vertical a.has-submenu{padding:10px 20px}.sm-dox.sm-rtl.sm-vertical a span.sub-arrow{right:auto;left:8px;border-style:dashed solid dashed dashed;border-color:transparent #555 transparent transparent}.sm-dox.sm-rtl>li>ul:before{left:auto;right:30px}.sm-dox.sm-rtl>li>ul:after{left:auto;right:31px}.sm-dox.sm-rtl ul a.has-submenu{padding:10px 20px!important}.sm-dox.sm-rtl ul a span.sub-arrow{right:auto;left:8px;border-style:dashed solid dashed dashed;border-color:transparent #555 transparent transparent}.sm-dox.sm-vertical{padding:10px 0;-moz-border-radius:5px;-webkit-border-radius:5px;border-radius:5px}.sm-dox.sm-vertical a{padding:10px 20px}.sm-dox.sm-vertical a:hover,.sm-dox.sm-vertical a:focus,.sm-dox.sm-vertical a:active,.sm-dox.sm-vertical a.highlighted{background:#fff}.sm-dox.sm-vertical a.disabled{background-image:url("tab_b.png")}.sm-dox.sm-vertical a span.sub-arrow{right:8px;top:50%;margin-top:-5px;border-width:5px;border-style:dashed dashed dashed solid;border-color:transparent transparent transparent #555}.sm-dox.sm-vertical>li>ul:before,.sm-dox.sm-vertical>li>ul:after{display:none}.sm-dox.sm-vertical ul a{padding:10px 20px}.sm-dox.sm-vertical ul a:hover,.sm-dox.sm-vertical ul a:focus,.sm-dox.sm-vertical ul a:active,.sm-dox.sm-vertical ul a.highlighted{background:#eee}.sm-dox.sm-vertical ul a.disabled{background:#fff}}
\ No newline at end of file
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doxygen-extra.css b/3rdparty/libjpeg-turbo_2_1_0/doxygen-extra.css
deleted file mode 100644
index f1bd4c2..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doxygen-extra.css
+++ /dev/null
@@ -1,3 +0,0 @@
-code {
-	color: #4665A2;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/doxygen.config b/3rdparty/libjpeg-turbo_2_1_0/doxygen.config
deleted file mode 100644
index 6deb064..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/doxygen.config
+++ /dev/null
@@ -1,16 +0,0 @@
-PROJECT_NAME = TurboJPEG
-PROJECT_NUMBER = 2.1
-OUTPUT_DIRECTORY = doc/
-USE_WINDOWS_ENCODING = NO
-OPTIMIZE_OUTPUT_FOR_C = YES
-WARN_NO_PARAMDOC = YES
-GENERATE_LATEX = NO
-FILE_PATTERNS = turbojpeg.h
-HIDE_UNDOC_MEMBERS = YES
-VERBATIM_HEADERS = NO
-EXTRACT_STATIC = YES
-JAVADOC_AUTOBRIEF = YES
-MAX_INITIALIZER_LINES = 0
-ALWAYS_DETAILED_SEC = YES
-HTML_TIMESTAMP = NO
-HTML_EXTRA_STYLESHEET = doxygen-extra.css
diff --git a/3rdparty/libjpeg-turbo_2_1_0/example.txt b/3rdparty/libjpeg-turbo_2_1_0/example.txt
deleted file mode 100644
index bc0ba49..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/example.txt
+++ /dev/null
@@ -1,464 +0,0 @@
-/*
- * example.txt
- *
- * This file illustrates how to use the IJG code as a subroutine library
- * to read or write JPEG image files.  You should look at this code in
- * conjunction with the documentation file libjpeg.txt.
- *
- * This code will not do anything useful as-is, but it may be helpful as a
- * skeleton for constructing routines that call the JPEG library.
- *
- * We present these routines in the same coding style used in the JPEG code
- * (ANSI function definitions, etc); but you are of course free to code your
- * routines in a different style if you prefer.
- */
-
-/* This example was part of the original libjpeg documentation and has been
- * unchanged since 1994.  It is, as described in libjpeg.txt, "heavily
- * commented skeleton code for calling the JPEG library."  It is not meant to
- * be compiled as a standalone program, since it has no main() function and
- * does not compress from/decompress to a real image buffer (corollary:
- * put_scanline_someplace() is not a real function.)  First-time users of
- * libjpeg-turbo would be better served by looking at tjexample.c, which uses
- * the more straightforward TurboJPEG API, or at cjpeg.c and djpeg.c, which are
- * examples of libjpeg API usage that can be (and are) compiled into standalone
- * programs.  Note that this example, as well as the examples in cjpeg.c and
- * djpeg.c, interleave disk I/O with JPEG compression/decompression, so none of
- * these examples is suitable for benchmarking purposes.
- */
-
-#include <stdio.h>
-
-/*
- * Include file for users of JPEG library.
- * You will need to have included system headers that define at least
- * the typedefs FILE and size_t before you can include jpeglib.h.
- * (stdio.h is sufficient on ANSI-conforming systems.)
- * You may also wish to include "jerror.h".
- */
-
-#include "jpeglib.h"
-
-/*
- * <setjmp.h> is used for the optional error recovery mechanism shown in
- * the second part of the example.
- */
-
-#include <setjmp.h>
-
-
-
-/******************** JPEG COMPRESSION SAMPLE INTERFACE *******************/
-
-/* This half of the example shows how to feed data into the JPEG compressor.
- * We present a minimal version that does not worry about refinements such
- * as error recovery (the JPEG code will just exit() if it gets an error).
- */
-
-
-/*
- * IMAGE DATA FORMATS:
- *
- * The standard input image format is a rectangular array of pixels, with
- * each pixel having the same number of "component" values (color channels).
- * Each pixel row is an array of JSAMPLEs (which typically are unsigned chars).
- * If you are working with color data, then the color values for each pixel
- * must be adjacent in the row; for example, R,G,B,R,G,B,R,G,B,... for 24-bit
- * RGB color.
- *
- * For this example, we'll assume that this data structure matches the way
- * our application has stored the image in memory, so we can just pass a
- * pointer to our image buffer.  In particular, let's say that the image is
- * RGB color and is described by:
- */
-
-extern JSAMPLE *image_buffer;   /* Points to large array of R,G,B-order data */
-extern int image_height;        /* Number of rows in image */
-extern int image_width;         /* Number of columns in image */
-
-
-/*
- * Sample routine for JPEG compression.  We assume that the target file name
- * and a compression quality factor are passed in.
- */
-
-GLOBAL(void)
-write_JPEG_file(char *filename, int quality)
-{
-  /* This struct contains the JPEG compression parameters and pointers to
-   * working space (which is allocated as needed by the JPEG library).
-   * It is possible to have several such structures, representing multiple
-   * compression/decompression processes, in existence at once.  We refer
-   * to any one struct (and its associated working data) as a "JPEG object".
-   */
-  struct jpeg_compress_struct cinfo;
-  /* This struct represents a JPEG error handler.  It is declared separately
-   * because applications often want to supply a specialized error handler
-   * (see the second half of this file for an example).  But here we just
-   * take the easy way out and use the standard error handler, which will
-   * print a message on stderr and call exit() if compression fails.
-   * Note that this struct must live as long as the main JPEG parameter
-   * struct, to avoid dangling-pointer problems.
-   */
-  struct jpeg_error_mgr jerr;
-  /* More stuff */
-  FILE *outfile;                /* target file */
-  JSAMPROW row_pointer[1];      /* pointer to JSAMPLE row[s] */
-  int row_stride;               /* physical row width in image buffer */
-
-  /* Step 1: allocate and initialize JPEG compression object */
-
-  /* We have to set up the error handler first, in case the initialization
-   * step fails.  (Unlikely, but it could happen if you are out of memory.)
-   * This routine fills in the contents of struct jerr, and returns jerr's
-   * address which we place into the link field in cinfo.
-   */
-  cinfo.err = jpeg_std_error(&jerr);
-  /* Now we can initialize the JPEG compression object. */
-  jpeg_create_compress(&cinfo);
-
-  /* Step 2: specify data destination (eg, a file) */
-  /* Note: steps 2 and 3 can be done in either order. */
-
-  /* Here we use the library-supplied code to send compressed data to a
-   * stdio stream.  You can also write your own code to do something else.
-   * VERY IMPORTANT: use "b" option to fopen() if you are on a machine that
-   * requires it in order to write binary files.
-   */
-  if ((outfile = fopen(filename, "wb")) == NULL) {
-    fprintf(stderr, "can't open %s\n", filename);
-    exit(1);
-  }
-  jpeg_stdio_dest(&cinfo, outfile);
-
-  /* Step 3: set parameters for compression */
-
-  /* First we supply a description of the input image.
-   * Four fields of the cinfo struct must be filled in:
-   */
-  cinfo.image_width = image_width;      /* image width and height, in pixels */
-  cinfo.image_height = image_height;
-  cinfo.input_components = 3;           /* # of color components per pixel */
-  cinfo.in_color_space = JCS_RGB;       /* colorspace of input image */
-  /* Now use the library's routine to set default compression parameters.
-   * (You must set at least cinfo.in_color_space before calling this,
-   * since the defaults depend on the source color space.)
-   */
-  jpeg_set_defaults(&cinfo);
-  /* Now you can set any non-default parameters you wish to.
-   * Here we just illustrate the use of quality (quantization table) scaling:
-   */
-  jpeg_set_quality(&cinfo, quality, TRUE /* limit to baseline-JPEG values */);
-
-  /* Step 4: Start compressor */
-
-  /* TRUE ensures that we will write a complete interchange-JPEG file.
-   * Pass TRUE unless you are very sure of what you're doing.
-   */
-  jpeg_start_compress(&cinfo, TRUE);
-
-  /* Step 5: while (scan lines remain to be written) */
-  /*           jpeg_write_scanlines(...); */
-
-  /* Here we use the library's state variable cinfo.next_scanline as the
-   * loop counter, so that we don't have to keep track ourselves.
-   * To keep things simple, we pass one scanline per call; you can pass
-   * more if you wish, though.
-   */
-  row_stride = image_width * 3; /* JSAMPLEs per row in image_buffer */
-
-  while (cinfo.next_scanline < cinfo.image_height) {
-    /* jpeg_write_scanlines expects an array of pointers to scanlines.
-     * Here the array is only one element long, but you could pass
-     * more than one scanline at a time if that's more convenient.
-     */
-    row_pointer[0] = &image_buffer[cinfo.next_scanline * row_stride];
-    (void)jpeg_write_scanlines(&cinfo, row_pointer, 1);
-  }
-
-  /* Step 6: Finish compression */
-
-  jpeg_finish_compress(&cinfo);
-  /* After finish_compress, we can close the output file. */
-  fclose(outfile);
-
-  /* Step 7: release JPEG compression object */
-
-  /* This is an important step since it will release a good deal of memory. */
-  jpeg_destroy_compress(&cinfo);
-
-  /* And we're done! */
-}
-
-
-/*
- * SOME FINE POINTS:
- *
- * In the above loop, we ignored the return value of jpeg_write_scanlines,
- * which is the number of scanlines actually written.  We could get away
- * with this because we were only relying on the value of cinfo.next_scanline,
- * which will be incremented correctly.  If you maintain additional loop
- * variables then you should be careful to increment them properly.
- * Actually, for output to a stdio stream you needn't worry, because
- * then jpeg_write_scanlines will write all the lines passed (or else exit
- * with a fatal error).  Partial writes can only occur if you use a data
- * destination module that can demand suspension of the compressor.
- * (If you don't know what that's for, you don't need it.)
- *
- * If the compressor requires full-image buffers (for entropy-coding
- * optimization or a multi-scan JPEG file), it will create temporary
- * files for anything that doesn't fit within the maximum-memory setting.
- * (Note that temp files are NOT needed if you use the default parameters.)
- * On some systems you may need to set up a signal handler to ensure that
- * temporary files are deleted if the program is interrupted.  See libjpeg.txt.
- *
- * Scanlines MUST be supplied in top-to-bottom order if you want your JPEG
- * files to be compatible with everyone else's.  If you cannot readily read
- * your data in that order, you'll need an intermediate array to hold the
- * image.  See rdtarga.c or rdbmp.c for examples of handling bottom-to-top
- * source data using the JPEG code's internal virtual-array mechanisms.
- */
-
-
-
-/******************** JPEG DECOMPRESSION SAMPLE INTERFACE *******************/
-
-/* This half of the example shows how to read data from the JPEG decompressor.
- * It's a bit more refined than the above, in that we show:
- *   (a) how to modify the JPEG library's standard error-reporting behavior;
- *   (b) how to allocate workspace using the library's memory manager.
- *
- * Just to make this example a little different from the first one, we'll
- * assume that we do not intend to put the whole image into an in-memory
- * buffer, but to send it line-by-line someplace else.  We need a one-
- * scanline-high JSAMPLE array as a work buffer, and we will let the JPEG
- * memory manager allocate it for us.  This approach is actually quite useful
- * because we don't need to remember to deallocate the buffer separately: it
- * will go away automatically when the JPEG object is cleaned up.
- */
-
-
-/*
- * ERROR HANDLING:
- *
- * The JPEG library's standard error handler (jerror.c) is divided into
- * several "methods" which you can override individually.  This lets you
- * adjust the behavior without duplicating a lot of code, which you might
- * have to update with each future release.
- *
- * Our example here shows how to override the "error_exit" method so that
- * control is returned to the library's caller when a fatal error occurs,
- * rather than calling exit() as the standard error_exit method does.
- *
- * We use C's setjmp/longjmp facility to return control.  This means that the
- * routine which calls the JPEG library must first execute a setjmp() call to
- * establish the return point.  We want the replacement error_exit to do a
- * longjmp().  But we need to make the setjmp buffer accessible to the
- * error_exit routine.  To do this, we make a private extension of the
- * standard JPEG error handler object.  (If we were using C++, we'd say we
- * were making a subclass of the regular error handler.)
- *
- * Here's the extended error handler struct:
- */
-
-struct my_error_mgr {
-  struct jpeg_error_mgr pub;    /* "public" fields */
-
-  jmp_buf setjmp_buffer;        /* for return to caller */
-};
-
-typedef struct my_error_mgr *my_error_ptr;
-
-/*
- * Here's the routine that will replace the standard error_exit method:
- */
-
-METHODDEF(void)
-my_error_exit(j_common_ptr cinfo)
-{
-  /* cinfo->err really points to a my_error_mgr struct, so coerce pointer */
-  my_error_ptr myerr = (my_error_ptr)cinfo->err;
-
-  /* Always display the message. */
-  /* We could postpone this until after returning, if we chose. */
-  (*cinfo->err->output_message) (cinfo);
-
-  /* Return control to the setjmp point */
-  longjmp(myerr->setjmp_buffer, 1);
-}
-
-
-METHODDEF(int) do_read_JPEG_file(struct jpeg_decompress_struct *cinfo,
-                                 char *filename);
-
-/*
- * Sample routine for JPEG decompression.  We assume that the source file name
- * is passed in.  We want to return 1 on success, 0 on error.
- */
-
-GLOBAL(int)
-read_JPEG_file(char *filename)
-{
-  /* This struct contains the JPEG decompression parameters and pointers to
-   * working space (which is allocated as needed by the JPEG library).
-   */
-  struct jpeg_decompress_struct cinfo;
-
-  return do_read_JPEG_file(&cinfo, filename);
-}
-
-/*
- * We call the libjpeg API from within a separate function, because modifying
- * the local non-volatile jpeg_decompress_struct instance below the setjmp()
- * return point and then accessing the instance after setjmp() returns would
- * return in undefined behavior that may potentially overwrite all or part of
- * the structure.
- */
-
-METHODDEF(int)
-do_read_JPEG_file(struct jpeg_decompress_struct *cinfo, char *filename)
-{
-  /* We use our private extension JPEG error handler.
-   * Note that this struct must live as long as the main JPEG parameter
-   * struct, to avoid dangling-pointer problems.
-   */
-  struct my_error_mgr jerr;
-  /* More stuff */
-  FILE *infile;                 /* source file */
-  JSAMPARRAY buffer;            /* Output row buffer */
-  int row_stride;               /* physical row width in output buffer */
-
-  /* In this example we want to open the input file before doing anything else,
-   * so that the setjmp() error recovery below can assume the file is open.
-   * VERY IMPORTANT: use "b" option to fopen() if you are on a machine that
-   * requires it in order to read binary files.
-   */
-
-  if ((infile = fopen(filename, "rb")) == NULL) {
-    fprintf(stderr, "can't open %s\n", filename);
-    return 0;
-  }
-
-  /* Step 1: allocate and initialize JPEG decompression object */
-
-  /* We set up the normal JPEG error routines, then override error_exit. */
-  cinfo->err = jpeg_std_error(&jerr.pub);
-  jerr.pub.error_exit = my_error_exit;
-  /* Establish the setjmp return context for my_error_exit to use. */
-  if (setjmp(jerr.setjmp_buffer)) {
-    /* If we get here, the JPEG code has signaled an error.
-     * We need to clean up the JPEG object, close the input file, and return.
-     */
-    jpeg_destroy_decompress(cinfo);
-    fclose(infile);
-    return 0;
-  }
-  /* Now we can initialize the JPEG decompression object. */
-  jpeg_create_decompress(cinfo);
-
-  /* Step 2: specify data source (eg, a file) */
-
-  jpeg_stdio_src(cinfo, infile);
-
-  /* Step 3: read file parameters with jpeg_read_header() */
-
-  (void)jpeg_read_header(cinfo, TRUE);
-  /* We can ignore the return value from jpeg_read_header since
-   *   (a) suspension is not possible with the stdio data source, and
-   *   (b) we passed TRUE to reject a tables-only JPEG file as an error.
-   * See libjpeg.txt for more info.
-   */
-
-  /* Step 4: set parameters for decompression */
-
-  /* In this example, we don't need to change any of the defaults set by
-   * jpeg_read_header(), so we do nothing here.
-   */
-
-  /* Step 5: Start decompressor */
-
-  (void)jpeg_start_decompress(cinfo);
-  /* We can ignore the return value since suspension is not possible
-   * with the stdio data source.
-   */
-
-  /* We may need to do some setup of our own at this point before reading
-   * the data.  After jpeg_start_decompress() we have the correct scaled
-   * output image dimensions available, as well as the output colormap
-   * if we asked for color quantization.
-   * In this example, we need to make an output work buffer of the right size.
-   */
-  /* JSAMPLEs per row in output buffer */
-  row_stride = cinfo->output_width * cinfo->output_components;
-  /* Make a one-row-high sample array that will go away when done with image */
-  buffer = (*cinfo->mem->alloc_sarray)
-                ((j_common_ptr)cinfo, JPOOL_IMAGE, row_stride, 1);
-
-  /* Step 6: while (scan lines remain to be read) */
-  /*           jpeg_read_scanlines(...); */
-
-  /* Here we use the library's state variable cinfo->output_scanline as the
-   * loop counter, so that we don't have to keep track ourselves.
-   */
-  while (cinfo->output_scanline < cinfo->output_height) {
-    /* jpeg_read_scanlines expects an array of pointers to scanlines.
-     * Here the array is only one element long, but you could ask for
-     * more than one scanline at a time if that's more convenient.
-     */
-    (void)jpeg_read_scanlines(cinfo, buffer, 1);
-    /* Assume put_scanline_someplace wants a pointer and sample count. */
-    put_scanline_someplace(buffer[0], row_stride);
-  }
-
-  /* Step 7: Finish decompression */
-
-  (void)jpeg_finish_decompress(cinfo);
-  /* We can ignore the return value since suspension is not possible
-   * with the stdio data source.
-   */
-
-  /* Step 8: Release JPEG decompression object */
-
-  /* This is an important step since it will release a good deal of memory. */
-  jpeg_destroy_decompress(cinfo);
-
-  /* After finish_decompress, we can close the input file.
-   * Here we postpone it until after no more JPEG errors are possible,
-   * so as to simplify the setjmp error logic above.  (Actually, I don't
-   * think that jpeg_destroy can do an error exit, but why assume anything...)
-   */
-  fclose(infile);
-
-  /* At this point you may want to check to see whether any corrupt-data
-   * warnings occurred (test whether jerr.pub.num_warnings is nonzero).
-   */
-
-  /* And we're done! */
-  return 1;
-}
-
-
-/*
- * SOME FINE POINTS:
- *
- * In the above code, we ignored the return value of jpeg_read_scanlines,
- * which is the number of scanlines actually read.  We could get away with
- * this because we asked for only one line at a time and we weren't using
- * a suspending data source.  See libjpeg.txt for more info.
- *
- * We cheated a bit by calling alloc_sarray() after jpeg_start_decompress();
- * we should have done it beforehand to ensure that the space would be
- * counted against the JPEG max_memory setting.  In some systems the above
- * code would risk an out-of-memory error.  However, in general we don't
- * know the output image dimensions before jpeg_start_decompress(), unless we
- * call jpeg_calc_output_dimensions().  See libjpeg.txt for more about this.
- *
- * Scanlines are returned in the same order as they appear in the JPEG file,
- * which is standardly top-to-bottom.  If you must emit data bottom-to-top,
- * you can use one of the virtual arrays provided by the JPEG memory manager
- * to invert the data.  See wrbmp.c for an example.
- *
- * As with compression, some operating modes may require temporary files.
- * On some systems you may need to set up a signal handler to ensure that
- * temporary files are deleted if the program is interrupted.  See libjpeg.txt.
- */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/fuzz/CMakeLists.txt b/3rdparty/libjpeg-turbo_2_1_0/fuzz/CMakeLists.txt
deleted file mode 100644
index dcd19c3..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/fuzz/CMakeLists.txt
+++ /dev/null
@@ -1,51 +0,0 @@
-if(NOT ENABLE_STATIC)
-  message(FATAL_ERROR "Fuzz targets require static libraries.")
-endif()
-if(NOT WITH_TURBOJPEG)
-  message(FATAL_ERROR "Fuzz targets require the TurboJPEG API library.")
-endif()
-
-set(FUZZ_BINDIR "" CACHE PATH
-  "Directory into which fuzz targets should be installed")
-if(NOT FUZZ_BINDIR)
-  message(FATAL_ERROR "FUZZ_BINDIR must be specified.")
-endif()
-message(STATUS "FUZZ_BINDIR = ${FUZZ_BINDIR}")
-
-set(FUZZ_LIBRARY "" CACHE STRING
-  "Path to fuzzer library or flags necessary to link with it")
-if(NOT FUZZ_LIBRARY)
-  message(FATAL_ERROR "FUZZ_LIBRARY must be specified.")
-endif()
-message(STATUS "FUZZ_LIBRARY = ${FUZZ_LIBRARY}")
-
-enable_language(CXX)
-
-set(EFFECTIVE_CXX_FLAGS
-  "${CMAKE_CXX_FLAGS} ${CMAKE_CXX_FLAGS_${CMAKE_BUILD_TYPE_UC}}")
-message(STATUS "C++ Compiler flags = ${EFFECTIVE_CXX_FLAGS}")
-
-add_executable(cjpeg_fuzzer cjpeg.cc ../cdjpeg.c ../rdbmp.c ../rdgif.c
-  ../rdppm.c ../rdswitch.c ../rdtarga.c)
-set_property(TARGET cjpeg_fuzzer PROPERTY COMPILE_FLAGS ${COMPILE_FLAGS})
-target_link_libraries(cjpeg_fuzzer ${FUZZ_LIBRARY} jpeg-static)
-install(TARGETS cjpeg_fuzzer RUNTIME DESTINATION ${FUZZ_BINDIR})
-
-macro(add_fuzz_target target source_file)
-  add_executable(${target}_fuzzer ${source_file})
-  target_link_libraries(${target}_fuzzer ${FUZZ_LIBRARY} turbojpeg-static)
-  install(TARGETS ${target}_fuzzer RUNTIME DESTINATION ${FUZZ_BINDIR})
-endmacro()
-
-add_fuzz_target(compress compress.cc)
-
-add_fuzz_target(compress_yuv compress_yuv.cc)
-
-# NOTE: This target is named libjpeg_turbo_fuzzer instead of decompress_fuzzer
-# in order to preserve the corpora from Google's OSS-Fuzz target for
-# libjpeg-turbo, which this target replaces.
-add_fuzz_target(libjpeg_turbo decompress.cc)
-
-add_fuzz_target(decompress_yuv decompress_yuv.cc)
-
-add_fuzz_target(transform transform.cc)
diff --git a/3rdparty/libjpeg-turbo_2_1_0/fuzz/build.sh b/3rdparty/libjpeg-turbo_2_1_0/fuzz/build.sh
deleted file mode 100644
index 882ce7d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/fuzz/build.sh
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/bash
-
-set -u
-set -e
-
-cmake . -DCMAKE_BUILD_TYPE=RelWithDebInfo -DENABLE_STATIC=1 -DENABLE_SHARED=0 \
-	-DCMAKE_C_FLAGS_RELWITHDEBINFO="-g -DNDEBUG" \
-	-DCMAKE_CXX_FLAGS_RELWITHDEBINFO="-g -DNDEBUG" -DCMAKE_INSTALL_PREFIX=$WORK \
-	-DWITH_FUZZ=1 -DFUZZ_BINDIR=$OUT -DFUZZ_LIBRARY=$LIB_FUZZING_ENGINE
-make "-j$(nproc)" "--load-average=$(nproc)"
-make install
-
-cp $SRC/compress_fuzzer_seed_corpus.zip $OUT/cjpeg_fuzzer_seed_corpus.zip
-cp $SRC/compress_fuzzer_seed_corpus.zip $OUT/compress_fuzzer_seed_corpus.zip
-cp $SRC/compress_fuzzer_seed_corpus.zip $OUT/compress_yuv_fuzzer_seed_corpus.zip
-cp $SRC/decompress_fuzzer_seed_corpus.zip $OUT/libjpeg_turbo_fuzzer_seed_corpus.zip
-cp $SRC/decompress_fuzzer_seed_corpus.zip $OUT/decompress_yuv_fuzzer_seed_corpus.zip
-cp $SRC/decompress_fuzzer_seed_corpus.zip $OUT/transform_fuzzer_seed_corpus.zip
diff --git a/3rdparty/libjpeg-turbo_2_1_0/fuzz/cjpeg.cc b/3rdparty/libjpeg-turbo_2_1_0/fuzz/cjpeg.cc
deleted file mode 100644
index ee7b7ab..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/fuzz/cjpeg.cc
+++ /dev/null
@@ -1,89 +0,0 @@
-/*
- * Copyright (C)2021 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-/* This fuzz target wraps cjpeg in order to test esoteric compression options
-   as well as the GIF and Targa readers. */
-
-#define main  cjpeg_main
-#define CJPEG_FUZZER
-extern "C" {
-#include "../cjpeg.c"
-}
-#undef main
-#undef CJPEG_FUZZER
-
-#include <stdint.h>
-#include <unistd.h>
-
-
-extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
-{
-  char filename[FILENAME_MAX] = { 0 };
-  char *argv1[] = {
-    (char *)"cjpeg", (char *)"-dct", (char *)"float", (char *)"-memdst",
-    (char *)"-optimize", (char *)"-quality", (char *)"100,99,98",
-    (char *)"-restart", (char *)"2", (char *)"-sample", (char *)"4x1,2x2,1x2",
-    (char *)"-targa", NULL
-  };
-  char *argv2[] = {
-    (char *)"cjpeg", (char *)"-arithmetic", (char *)"-dct", (char *)"float",
-    (char *)"-memdst", (char *)"-quality", (char *)"90,80,70", (char *)"-rgb",
-    (char *)"-sample", (char *)"2x2", (char *)"-smooth", (char *)"50",
-    (char *)"-targa", NULL
-  };
-  int fd = -1;
-#if defined(__has_feature) && __has_feature(memory_sanitizer)
-  char env[18] = "JSIMD_FORCENONE=1";
-
-  /* The libjpeg-turbo SIMD extensions produce false positives with
-     MemorySanitizer. */
-  putenv(env);
-#endif
-
-  snprintf(filename, FILENAME_MAX, "/tmp/libjpeg-turbo_cjpeg_fuzz.XXXXXX");
-  if ((fd = mkstemp(filename)) < 0 || write(fd, data, size) < 0)
-    goto bailout;
-
-  argv1[12] = argv2[13] = filename;
-
-  cjpeg_main(13, argv1);
-  cjpeg_main(14, argv2);
-
-  argv1[12] = argv2[13] = NULL;
-  argv1[11] = argv2[12] = filename;
-
-  cjpeg_main(12, argv1);
-  cjpeg_main(13, argv2);
-
-bailout:
-  if (fd >= 0) {
-    close(fd);
-    if (strlen(filename) > 0) unlink(filename);
-  }
-  return 0;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/fuzz/compress.cc b/3rdparty/libjpeg-turbo_2_1_0/fuzz/compress.cc
deleted file mode 100644
index 539932f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/fuzz/compress.cc
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * Copyright (C)2021 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <turbojpeg.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <stdint.h>
-#include <string.h>
-#include <unistd.h>
-
-
-#define NUMTESTS  7
-/* Private flag that triggers different TurboJPEG API behavior when fuzzing */
-#define TJFLAG_FUZZING  (1 << 30)
-
-
-struct test {
-  enum TJPF pf;
-  enum TJSAMP subsamp;
-  int quality;
-};
-
-
-extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
-{
-  tjhandle handle = NULL;
-  unsigned char *srcBuf = NULL, *dstBuf = NULL;
-  int width = 0, height = 0, fd = -1, i, ti;
-  char filename[FILENAME_MAX] = { 0 };
-  struct test tests[NUMTESTS] = {
-    { TJPF_RGB, TJSAMP_444, 100 },
-    { TJPF_BGR, TJSAMP_422, 90 },
-    { TJPF_RGBX, TJSAMP_420, 80 },
-    { TJPF_BGRA, TJSAMP_411, 70 },
-    { TJPF_XRGB, TJSAMP_GRAY, 60 },
-    { TJPF_GRAY, TJSAMP_GRAY, 50 },
-    { TJPF_CMYK, TJSAMP_440, 40 }
-  };
-#if defined(__has_feature) && __has_feature(memory_sanitizer)
-  char env[18] = "JSIMD_FORCENONE=1";
-
-  /* The libjpeg-turbo SIMD extensions produce false positives with
-     MemorySanitizer. */
-  putenv(env);
-#endif
-
-  snprintf(filename, FILENAME_MAX, "/tmp/libjpeg-turbo_compress_fuzz.XXXXXX");
-  if ((fd = mkstemp(filename)) < 0 || write(fd, data, size) < 0)
-    goto bailout;
-
-  if ((handle = tjInitCompress()) == NULL)
-    goto bailout;
-
-  for (ti = 0; ti < NUMTESTS; ti++) {
-    int flags = TJFLAG_FUZZING, sum = 0, pf = tests[ti].pf;
-    unsigned long dstSize = 0, maxBufSize;
-
-    /* Test non-default compression options on specific iterations. */
-    if (ti == 0)
-      flags |= TJFLAG_BOTTOMUP | TJFLAG_ACCURATEDCT;
-    else if (ti == 1)
-      flags |= TJFLAG_PROGRESSIVE;
-    if (ti != 2)
-      flags |= TJFLAG_NOREALLOC;
-
-    /* tjLoadImage() refuses to load images larger than 1 Megapixel when
-       FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION is defined (yes, that's a dirty
-       hack), so we don't need to check the width and height here. */
-    if ((srcBuf = tjLoadImage(filename, &width, 1, &height, &pf,
-                              flags)) == NULL)
-      continue;
-
-    maxBufSize = tjBufSize(width, height, tests[ti].subsamp);
-    if (flags & TJFLAG_NOREALLOC) {
-      if ((dstBuf = (unsigned char *)malloc(maxBufSize)) == NULL)
-        goto bailout;
-    } else
-      dstBuf = NULL;
-
-    if (tjCompress2(handle, srcBuf, width, 0, height, pf, &dstBuf, &dstSize,
-                    tests[ti].subsamp, tests[ti].quality, flags) == 0) {
-      /* Touch all of the output pixels in order to catch uninitialized reads
-         when using MemorySanitizer. */
-      for (i = 0; i < dstSize; i++)
-        sum += dstBuf[i];
-    }
-
-    free(dstBuf);
-    dstBuf = NULL;
-    tjFree(srcBuf);
-    srcBuf = NULL;
-
-    /* Prevent the code above from being optimized out.  This test should never
-       be true, but the compiler doesn't know that. */
-    if (sum > 255 * maxBufSize)
-      goto bailout;
-  }
-
-bailout:
-  free(dstBuf);
-  tjFree(srcBuf);
-  if (fd >= 0) {
-    close(fd);
-    if (strlen(filename) > 0) unlink(filename);
-  }
-  if (handle) tjDestroy(handle);
-  return 0;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/fuzz/compress_yuv.cc b/3rdparty/libjpeg-turbo_2_1_0/fuzz/compress_yuv.cc
deleted file mode 100644
index 021d661..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/fuzz/compress_yuv.cc
+++ /dev/null
@@ -1,148 +0,0 @@
-/*
- * Copyright (C)2021 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <turbojpeg.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <stdint.h>
-#include <string.h>
-#include <unistd.h>
-
-
-#define NUMTESTS  6
-/* Private flag that triggers different TurboJPEG API behavior when fuzzing */
-#define TJFLAG_FUZZING  (1 << 30)
-
-
-struct test {
-  enum TJPF pf;
-  enum TJSAMP subsamp;
-  int quality;
-};
-
-
-extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
-{
-  tjhandle handle = NULL;
-  unsigned char *srcBuf = NULL, *dstBuf = NULL, *yuvBuf = NULL;
-  int width = 0, height = 0, fd = -1, i, ti;
-  char filename[FILENAME_MAX] = { 0 };
-  struct test tests[NUMTESTS] = {
-    { TJPF_XBGR, TJSAMP_444, 100 },
-    { TJPF_XRGB, TJSAMP_422, 90 },
-    { TJPF_BGR, TJSAMP_420, 80 },
-    { TJPF_RGB, TJSAMP_411, 70 },
-    { TJPF_BGR, TJSAMP_GRAY, 60 },
-    { TJPF_GRAY, TJSAMP_GRAY, 50 }
-  };
-  char arithEnv[16] = "TJ_ARITHMETIC=0";
-  char restartEnv[13] = "TJ_RESTART=0";
-#if defined(__has_feature) && __has_feature(memory_sanitizer)
-  char simdEnv[18] = "JSIMD_FORCENONE=1";
-
-  /* The libjpeg-turbo SIMD extensions produce false positives with
-     MemorySanitizer. */
-  putenv(simdEnv);
-#endif
-  putenv(arithEnv);
-  putenv(restartEnv);
-
-  snprintf(filename, FILENAME_MAX, "/tmp/libjpeg-turbo_compress_yuv_fuzz.XXXXXX");
-  if ((fd = mkstemp(filename)) < 0 || write(fd, data, size) < 0)
-    goto bailout;
-
-  if ((handle = tjInitCompress()) == NULL)
-    goto bailout;
-
-  for (ti = 0; ti < NUMTESTS; ti++) {
-    int flags = TJFLAG_FUZZING | TJFLAG_NOREALLOC, sum = 0, pf = tests[ti].pf;
-    unsigned long dstSize = 0, maxBufSize;
-
-    /* Test non-default compression options on specific iterations. */
-    if (ti == 0)
-      flags |= TJFLAG_BOTTOMUP | TJFLAG_ACCURATEDCT;
-    else if (ti == 1 || ti == 3)
-      flags |= TJFLAG_PROGRESSIVE;
-    if (ti == 2 || ti == 3)
-      arithEnv[14] = '1';
-    else
-      arithEnv[14] = '0';
-    if (ti == 1 || ti == 2)
-      restartEnv[11] = '2';
-    else
-      restartEnv[11] = '0';
-
-    /* tjLoadImage() refuses to load images larger than 1 Megapixel when
-       FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION is defined (yes, that's a dirty
-       hack), so we don't need to check the width and height here. */
-    if ((srcBuf = tjLoadImage(filename, &width, 1, &height, &pf,
-                              flags)) == NULL)
-      continue;
-
-    maxBufSize = tjBufSize(width, height, tests[ti].subsamp);
-    if ((dstBuf = (unsigned char *)malloc(maxBufSize)) == NULL)
-      goto bailout;
-    if ((yuvBuf =
-         (unsigned char *)malloc(tjBufSizeYUV2(width, 1, height,
-                                               tests[ti].subsamp))) == NULL)
-      goto bailout;
-
-    if (tjEncodeYUV3(handle, srcBuf, width, 0, height, pf, yuvBuf, 1,
-                     tests[ti].subsamp, flags) == 0 &&
-        tjCompressFromYUV(handle, yuvBuf, width, 1, height, tests[ti].subsamp,
-                          &dstBuf, &dstSize, tests[ti].quality, flags) == 0) {
-      /* Touch all of the output pixels in order to catch uninitialized reads
-         when using MemorySanitizer. */
-      for (i = 0; i < dstSize; i++)
-        sum += dstBuf[i];
-    }
-
-    free(dstBuf);
-    dstBuf = NULL;
-    free(yuvBuf);
-    yuvBuf = NULL;
-    tjFree(srcBuf);
-    srcBuf = NULL;
-
-    /* Prevent the code above from being optimized out.  This test should never
-       be true, but the compiler doesn't know that. */
-    if (sum > 255 * maxBufSize)
-      goto bailout;
-  }
-
-bailout:
-  free(dstBuf);
-  free(yuvBuf);
-  tjFree(srcBuf);
-  if (fd >= 0) {
-    close(fd);
-    if (strlen(filename) > 0) unlink(filename);
-  }
-  if (handle) tjDestroy(handle);
-  return 0;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/fuzz/decompress.cc b/3rdparty/libjpeg-turbo_2_1_0/fuzz/decompress.cc
deleted file mode 100644
index c7fcb50..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/fuzz/decompress.cc
+++ /dev/null
@@ -1,106 +0,0 @@
-/*
- * Copyright (C)2021 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <turbojpeg.h>
-#include <stdlib.h>
-#include <stdint.h>
-
-
-#define NUMPF  4
-
-
-extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
-{
-  tjhandle handle = NULL;
-  unsigned char *dstBuf = NULL;
-  int width = 0, height = 0, jpegSubsamp, jpegColorspace, pfi;
-  /* TJPF_RGB-TJPF_BGR share the same code paths, as do TJPF_RGBX-TJPF_XRGB and
-     TJPF_RGBA-TJPF_ARGB.  Thus, the pixel formats below should be the minimum
-     necessary to achieve full coverage. */
-  enum TJPF pixelFormats[NUMPF] =
-    { TJPF_RGB, TJPF_BGRX, TJPF_GRAY, TJPF_CMYK };
-#if defined(__has_feature) && __has_feature(memory_sanitizer)
-  char env[18] = "JSIMD_FORCENONE=1";
-
-  /* The libjpeg-turbo SIMD extensions produce false positives with
-     MemorySanitizer. */
-  putenv(env);
-#endif
-
-  if ((handle = tjInitDecompress()) == NULL)
-    goto bailout;
-
-  /* We ignore the return value of tjDecompressHeader3(), because some JPEG
-     images may have unusual subsampling configurations that the TurboJPEG API
-     cannot identify but can still decompress. */
-  tjDecompressHeader3(handle, data, size, &width, &height, &jpegSubsamp,
-                      &jpegColorspace);
-
-  /* Ignore 0-pixel images and images larger than 1 Megapixel, as Google's
-     OSS-Fuzz target for libjpeg-turbo did.  Casting width to (uint64_t)
-     prevents integer overflow if width * height > INT_MAX. */
-  if (width < 1 || height < 1 || (uint64_t)width * height > 1048576)
-    goto bailout;
-
-  for (pfi = 0; pfi < NUMPF; pfi++) {
-    int pf = pixelFormats[pfi], flags = TJFLAG_LIMITSCANS, i, sum = 0;
-    int w = width, h = height;
-
-    /* Test non-default decompression options on the first iteration. */
-    if (pfi == 0)
-      flags |= TJFLAG_BOTTOMUP | TJFLAG_FASTUPSAMPLE | TJFLAG_FASTDCT;
-    /* Test IDCT scaling on the second iteration. */
-    else if (pfi == 1) {
-      w = (width + 1) / 2;
-      h = (height + 1) / 2;
-    }
-
-    if ((dstBuf = (unsigned char *)malloc(w * h * tjPixelSize[pf])) == NULL)
-      goto bailout;
-
-    if (tjDecompress2(handle, data, size, dstBuf, w, 0, h, pf, flags) == 0) {
-      /* Touch all of the output pixels in order to catch uninitialized reads
-         when using MemorySanitizer. */
-      for (i = 0; i < w * h * tjPixelSize[pf]; i++)
-        sum += dstBuf[i];
-    }
-
-    free(dstBuf);
-    dstBuf = NULL;
-
-    /* Prevent the code above from being optimized out.  This test should never
-       be true, but the compiler doesn't know that. */
-    if (sum > 255 * 1048576 * tjPixelSize[pf])
-      goto bailout;
-  }
-
-bailout:
-  free(dstBuf);
-  if (handle) tjDestroy(handle);
-  return 0;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/fuzz/decompress_yuv.cc b/3rdparty/libjpeg-turbo_2_1_0/fuzz/decompress_yuv.cc
deleted file mode 100644
index d603fd8..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/fuzz/decompress_yuv.cc
+++ /dev/null
@@ -1,111 +0,0 @@
-/*
- * Copyright (C)2021 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <turbojpeg.h>
-#include <stdlib.h>
-#include <stdint.h>
-
-
-#define NUMPF  3
-
-
-extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
-{
-  tjhandle handle = NULL;
-  unsigned char *dstBuf = NULL, *yuvBuf = NULL;
-  int width = 0, height = 0, jpegSubsamp, jpegColorspace, pfi;
-  /* TJPF_RGB-TJPF_BGR share the same code paths, as do TJPF_RGBX-TJPF_XRGB and
-     TJPF_RGBA-TJPF_ARGB.  Thus, the pixel formats below should be the minimum
-     necessary to achieve full coverage. */
-  enum TJPF pixelFormats[NUMPF] =
-    { TJPF_BGR, TJPF_XRGB, TJPF_GRAY };
-#if defined(__has_feature) && __has_feature(memory_sanitizer)
-  char env[18] = "JSIMD_FORCENONE=1";
-
-  /* The libjpeg-turbo SIMD extensions produce false positives with
-     MemorySanitizer. */
-  putenv(env);
-#endif
-
-  if ((handle = tjInitDecompress()) == NULL)
-    goto bailout;
-
-  if (tjDecompressHeader3(handle, data, size, &width, &height, &jpegSubsamp,
-                          &jpegColorspace) < 0)
-    goto bailout;
-
-  /* Ignore 0-pixel images and images larger than 1 Megapixel.  Casting width
-     to (uint64_t) prevents integer overflow if width * height > INT_MAX. */
-  if (width < 1 || height < 1 || (uint64_t)width * height > 1048576)
-    goto bailout;
-
-  for (pfi = 0; pfi < NUMPF; pfi++) {
-    int pf = pixelFormats[pfi], flags = TJFLAG_LIMITSCANS, i, sum = 0;
-    int w = width, h = height;
-
-    /* Test non-default decompression options on the first iteration. */
-    if (pfi == 0)
-      flags |= TJFLAG_BOTTOMUP | TJFLAG_FASTUPSAMPLE | TJFLAG_FASTDCT;
-    /* Test IDCT scaling on the second iteration. */
-    else if (pfi == 1) {
-      w = (width + 3) / 4;
-      h = (height + 3) / 4;
-    }
-
-    if ((dstBuf = (unsigned char *)malloc(w * h * tjPixelSize[pf])) == NULL)
-      goto bailout;
-    if ((yuvBuf =
-         (unsigned char *)malloc(tjBufSizeYUV2(w, 1, h, jpegSubsamp))) == NULL)
-      goto bailout;
-
-    if (tjDecompressToYUV2(handle, data, size, yuvBuf, w, 1, h, flags) == 0 &&
-        tjDecodeYUV(handle, yuvBuf, 1, jpegSubsamp, dstBuf, w, 0, h, pf,
-                    flags) == 0) {
-      /* Touch all of the output pixels in order to catch uninitialized reads
-         when using MemorySanitizer. */
-      for (i = 0; i < w * h * tjPixelSize[pf]; i++)
-        sum += dstBuf[i];
-    }
-
-    free(dstBuf);
-    dstBuf = NULL;
-    free(yuvBuf);
-    yuvBuf = NULL;
-
-    /* Prevent the code above from being optimized out.  This test should never
-       be true, but the compiler doesn't know that. */
-    if (sum > 255 * 1048576 * tjPixelSize[pf])
-      goto bailout;
-  }
-
-bailout:
-  free(dstBuf);
-  free(yuvBuf);
-  if (handle) tjDestroy(handle);
-  return 0;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/fuzz/transform.cc b/3rdparty/libjpeg-turbo_2_1_0/fuzz/transform.cc
deleted file mode 100644
index b8a7516..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/fuzz/transform.cc
+++ /dev/null
@@ -1,135 +0,0 @@
-/*
- * Copyright (C)2021 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <turbojpeg.h>
-#include <stdlib.h>
-#include <stdint.h>
-#include <string.h>
-
-
-#define NUMXFORMS  3
-
-
-extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
-{
-  tjhandle handle = NULL;
-  unsigned char *dstBufs[NUMXFORMS] = { NULL, NULL, NULL };
-  unsigned long dstSizes[NUMXFORMS] = { 0, 0, 0 }, maxBufSize;
-  int width = 0, height = 0, jpegSubsamp, jpegColorspace, i, t;
-  tjtransform transforms[NUMXFORMS];
-#if defined(__has_feature) && __has_feature(memory_sanitizer)
-  char env[18] = "JSIMD_FORCENONE=1";
-
-  /* The libjpeg-turbo SIMD extensions produce false positives with
-     MemorySanitizer. */
-  putenv(env);
-#endif
-
-  if ((handle = tjInitTransform()) == NULL)
-    goto bailout;
-
-  /* We ignore the return value of tjDecompressHeader3(), because some JPEG
-     images may have unusual subsampling configurations that the TurboJPEG API
-     cannot identify but can still transform. */
-  tjDecompressHeader3(handle, data, size, &width, &height, &jpegSubsamp,
-                      &jpegColorspace);
-
-  /* Ignore 0-pixel images and images larger than 1 Megapixel.  Casting width
-     to (uint64_t) prevents integer overflow if width * height > INT_MAX. */
-  if (width < 1 || height < 1 || (uint64_t)width * height > 1048576)
-    goto bailout;
-
-  if (jpegSubsamp < 0 || jpegSubsamp >= TJ_NUMSAMP)
-    jpegSubsamp = TJSAMP_444;
-
-  for (t = 0; t < NUMXFORMS; t++)
-    memset(&transforms[t], 0, sizeof(tjtransform));
-
-  transforms[0].op = TJXOP_NONE;
-  transforms[0].options = TJXOPT_PROGRESSIVE | TJXOPT_COPYNONE;
-  dstBufs[0] = (unsigned char *)malloc(tjBufSize(width, height, jpegSubsamp));
-  if (!dstBufs[0])
-    goto bailout;
-
-  transforms[1].r.w = (width + 1) / 2;
-  transforms[1].r.h = (height + 1) / 2;
-  transforms[1].op = TJXOP_TRANSPOSE;
-  transforms[1].options = TJXOPT_GRAY | TJXOPT_CROP | TJXOPT_COPYNONE;
-  dstBufs[1] =
-    (unsigned char *)malloc(tjBufSize((width + 1) / 2, (height + 1) / 2,
-                                      TJSAMP_GRAY));
-  if (!dstBufs[1])
-    goto bailout;
-
-  transforms[2].op = TJXOP_ROT90;
-  transforms[2].options = TJXOPT_TRIM | TJXOPT_COPYNONE;
-  dstBufs[2] = (unsigned char *)malloc(tjBufSize(height, width, jpegSubsamp));
-  if (!dstBufs[2])
-    goto bailout;
-
-  maxBufSize = tjBufSize(width, height, jpegSubsamp);
-
-  if (tjTransform(handle, data, size, NUMXFORMS, dstBufs, dstSizes, transforms,
-                  TJFLAG_LIMITSCANS | TJFLAG_NOREALLOC) == 0) {
-    /* Touch all of the output pixels in order to catch uninitialized reads
-       when using MemorySanitizer. */
-    for (t = 0; t < NUMXFORMS; t++) {
-      int sum = 0;
-
-      for (i = 0; i < dstSizes[t]; i++)
-        sum += dstBufs[t][i];
-
-      /* Prevent the code above from being optimized out.  This test should
-         never be true, but the compiler doesn't know that. */
-      if (sum > 255 * maxBufSize)
-        goto bailout;
-    }
-  }
-
-  transforms[0].options &= ~TJXOPT_COPYNONE;
-  free(dstBufs[0]);
-  dstBufs[0] = NULL;
-  dstSizes[0] = 0;
-
-  if (tjTransform(handle, data, size, 1, dstBufs, dstSizes, transforms,
-                  TJFLAG_LIMITSCANS) == 0) {
-    int sum = 0;
-
-    for (i = 0; i < dstSizes[0]; i++)
-      sum += dstBufs[0][i];
-
-    if (sum > 255 * maxBufSize)
-      goto bailout;
-  }
-
-bailout:
-  for (t = 0; t < NUMXFORMS; t++)
-    free(dstBufs[t]);
-  if (handle) tjDestroy(handle);
-  return 0;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jaricom.c b/3rdparty/libjpeg-turbo_2_1_0/jaricom.c
deleted file mode 100644
index 215640c..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jaricom.c
+++ /dev/null
@@ -1,157 +0,0 @@
-/*
- * jaricom.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Developed 1997-2009 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2015, 2018, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains probability estimation tables for common use in
- * arithmetic entropy encoding and decoding routines.
- *
- * This data represents Table D.2 in
- * Recommendation ITU-T T.81 (1992) | ISO/IEC 10918-1:1994 and Table 24 in
- * Recommendation ITU-T T.82 (1993) | ISO/IEC 11544:1993.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-
-/* The following #define specifies the packing of the four components
- * into the compact JLONG representation.
- * Note that this formula must match the actual arithmetic encoder
- * and decoder implementation.  The implementation has to be changed
- * if this formula is changed.
- * The current organization is leaned on Markus Kuhn's JBIG
- * implementation (jbig_tab.c).
- */
-
-#define V(i, a, b, c, d) \
-  (((JLONG)a << 16) | ((JLONG)c << 8) | ((JLONG)d << 7) | b)
-
-const JLONG jpeg_aritab[113 + 1] = {
-/*
- * Index, Qe_Value, Next_Index_LPS, Next_Index_MPS, Switch_MPS
- */
-  V(   0, 0x5a1d,   1,   1, 1 ),
-  V(   1, 0x2586,  14,   2, 0 ),
-  V(   2, 0x1114,  16,   3, 0 ),
-  V(   3, 0x080b,  18,   4, 0 ),
-  V(   4, 0x03d8,  20,   5, 0 ),
-  V(   5, 0x01da,  23,   6, 0 ),
-  V(   6, 0x00e5,  25,   7, 0 ),
-  V(   7, 0x006f,  28,   8, 0 ),
-  V(   8, 0x0036,  30,   9, 0 ),
-  V(   9, 0x001a,  33,  10, 0 ),
-  V(  10, 0x000d,  35,  11, 0 ),
-  V(  11, 0x0006,   9,  12, 0 ),
-  V(  12, 0x0003,  10,  13, 0 ),
-  V(  13, 0x0001,  12,  13, 0 ),
-  V(  14, 0x5a7f,  15,  15, 1 ),
-  V(  15, 0x3f25,  36,  16, 0 ),
-  V(  16, 0x2cf2,  38,  17, 0 ),
-  V(  17, 0x207c,  39,  18, 0 ),
-  V(  18, 0x17b9,  40,  19, 0 ),
-  V(  19, 0x1182,  42,  20, 0 ),
-  V(  20, 0x0cef,  43,  21, 0 ),
-  V(  21, 0x09a1,  45,  22, 0 ),
-  V(  22, 0x072f,  46,  23, 0 ),
-  V(  23, 0x055c,  48,  24, 0 ),
-  V(  24, 0x0406,  49,  25, 0 ),
-  V(  25, 0x0303,  51,  26, 0 ),
-  V(  26, 0x0240,  52,  27, 0 ),
-  V(  27, 0x01b1,  54,  28, 0 ),
-  V(  28, 0x0144,  56,  29, 0 ),
-  V(  29, 0x00f5,  57,  30, 0 ),
-  V(  30, 0x00b7,  59,  31, 0 ),
-  V(  31, 0x008a,  60,  32, 0 ),
-  V(  32, 0x0068,  62,  33, 0 ),
-  V(  33, 0x004e,  63,  34, 0 ),
-  V(  34, 0x003b,  32,  35, 0 ),
-  V(  35, 0x002c,  33,   9, 0 ),
-  V(  36, 0x5ae1,  37,  37, 1 ),
-  V(  37, 0x484c,  64,  38, 0 ),
-  V(  38, 0x3a0d,  65,  39, 0 ),
-  V(  39, 0x2ef1,  67,  40, 0 ),
-  V(  40, 0x261f,  68,  41, 0 ),
-  V(  41, 0x1f33,  69,  42, 0 ),
-  V(  42, 0x19a8,  70,  43, 0 ),
-  V(  43, 0x1518,  72,  44, 0 ),
-  V(  44, 0x1177,  73,  45, 0 ),
-  V(  45, 0x0e74,  74,  46, 0 ),
-  V(  46, 0x0bfb,  75,  47, 0 ),
-  V(  47, 0x09f8,  77,  48, 0 ),
-  V(  48, 0x0861,  78,  49, 0 ),
-  V(  49, 0x0706,  79,  50, 0 ),
-  V(  50, 0x05cd,  48,  51, 0 ),
-  V(  51, 0x04de,  50,  52, 0 ),
-  V(  52, 0x040f,  50,  53, 0 ),
-  V(  53, 0x0363,  51,  54, 0 ),
-  V(  54, 0x02d4,  52,  55, 0 ),
-  V(  55, 0x025c,  53,  56, 0 ),
-  V(  56, 0x01f8,  54,  57, 0 ),
-  V(  57, 0x01a4,  55,  58, 0 ),
-  V(  58, 0x0160,  56,  59, 0 ),
-  V(  59, 0x0125,  57,  60, 0 ),
-  V(  60, 0x00f6,  58,  61, 0 ),
-  V(  61, 0x00cb,  59,  62, 0 ),
-  V(  62, 0x00ab,  61,  63, 0 ),
-  V(  63, 0x008f,  61,  32, 0 ),
-  V(  64, 0x5b12,  65,  65, 1 ),
-  V(  65, 0x4d04,  80,  66, 0 ),
-  V(  66, 0x412c,  81,  67, 0 ),
-  V(  67, 0x37d8,  82,  68, 0 ),
-  V(  68, 0x2fe8,  83,  69, 0 ),
-  V(  69, 0x293c,  84,  70, 0 ),
-  V(  70, 0x2379,  86,  71, 0 ),
-  V(  71, 0x1edf,  87,  72, 0 ),
-  V(  72, 0x1aa9,  87,  73, 0 ),
-  V(  73, 0x174e,  72,  74, 0 ),
-  V(  74, 0x1424,  72,  75, 0 ),
-  V(  75, 0x119c,  74,  76, 0 ),
-  V(  76, 0x0f6b,  74,  77, 0 ),
-  V(  77, 0x0d51,  75,  78, 0 ),
-  V(  78, 0x0bb6,  77,  79, 0 ),
-  V(  79, 0x0a40,  77,  48, 0 ),
-  V(  80, 0x5832,  80,  81, 1 ),
-  V(  81, 0x4d1c,  88,  82, 0 ),
-  V(  82, 0x438e,  89,  83, 0 ),
-  V(  83, 0x3bdd,  90,  84, 0 ),
-  V(  84, 0x34ee,  91,  85, 0 ),
-  V(  85, 0x2eae,  92,  86, 0 ),
-  V(  86, 0x299a,  93,  87, 0 ),
-  V(  87, 0x2516,  86,  71, 0 ),
-  V(  88, 0x5570,  88,  89, 1 ),
-  V(  89, 0x4ca9,  95,  90, 0 ),
-  V(  90, 0x44d9,  96,  91, 0 ),
-  V(  91, 0x3e22,  97,  92, 0 ),
-  V(  92, 0x3824,  99,  93, 0 ),
-  V(  93, 0x32b4,  99,  94, 0 ),
-  V(  94, 0x2e17,  93,  86, 0 ),
-  V(  95, 0x56a8,  95,  96, 1 ),
-  V(  96, 0x4f46, 101,  97, 0 ),
-  V(  97, 0x47e5, 102,  98, 0 ),
-  V(  98, 0x41cf, 103,  99, 0 ),
-  V(  99, 0x3c3d, 104, 100, 0 ),
-  V( 100, 0x375e,  99,  93, 0 ),
-  V( 101, 0x5231, 105, 102, 0 ),
-  V( 102, 0x4c0f, 106, 103, 0 ),
-  V( 103, 0x4639, 107, 104, 0 ),
-  V( 104, 0x415e, 103,  99, 0 ),
-  V( 105, 0x5627, 105, 106, 1 ),
-  V( 106, 0x50e7, 108, 107, 0 ),
-  V( 107, 0x4b85, 109, 103, 0 ),
-  V( 108, 0x5597, 110, 109, 0 ),
-  V( 109, 0x504f, 111, 107, 0 ),
-  V( 110, 0x5a10, 110, 111, 1 ),
-  V( 111, 0x5522, 112, 109, 0 ),
-  V( 112, 0x59eb, 112, 111, 1 ),
-/*
- * This last entry is used for fixed probability estimate of 0.5
- * as recommended in Section 10.3 Table 5 of ITU-T Rec. T.851.
- */
-  V( 113, 0x5a1d, 113, 113, 0 )
-};
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/CMakeLists.txt b/3rdparty/libjpeg-turbo_2_1_0/java/CMakeLists.txt
deleted file mode 100644
index 3d863bd..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/CMakeLists.txt
+++ /dev/null
@@ -1,88 +0,0 @@
-find_package(Java REQUIRED)
-find_package(JNI REQUIRED)
-
-# Allow the Java compiler flags to be set using an environment variable
-if(NOT DEFINED CMAKE_JAVA_COMPILE_FLAGS AND DEFINED ENV{JAVAFLAGS})
-  set(CMAKE_JAVA_COMPILE_FLAGS $ENV{JAVAFLAGS})
-endif()
-
-include(UseJava)
-
-set(CMAKE_JAVA_COMPILE_FLAGS "${CMAKE_JAVA_COMPILE_FLAGS} -J-Dfile.encoding=UTF8")
-message(STATUS "CMAKE_JAVA_COMPILE_FLAGS = ${CMAKE_JAVA_COMPILE_FLAGS}")
-string(REGEX REPLACE " " ";" CMAKE_JAVA_COMPILE_FLAGS "${CMAKE_JAVA_COMPILE_FLAGS}")
-
-set(JAVAARGS "" CACHE STRING "Additional arguments to pass to java when running unit tests (example: -d32)")
-message(STATUS "JAVAARGS = ${JAVAARGS}")
-
-set(JAVA_SOURCES org/libjpegturbo/turbojpeg/TJ.java
-  org/libjpegturbo/turbojpeg/TJCompressor.java
-  org/libjpegturbo/turbojpeg/TJCustomFilter.java
-  org/libjpegturbo/turbojpeg/TJDecompressor.java
-  org/libjpegturbo/turbojpeg/TJException.java
-  org/libjpegturbo/turbojpeg/TJScalingFactor.java
-  org/libjpegturbo/turbojpeg/TJTransform.java
-  org/libjpegturbo/turbojpeg/TJTransformer.java
-  org/libjpegturbo/turbojpeg/YUVImage.java
-  TJUnitTest.java
-  TJExample.java
-  TJBench.java)
-
-set(TURBOJPEG_DLL_NAME "turbojpeg")
-if(MINGW)
-  set(TURBOJPEG_DLL_NAME "libturbojpeg")
-endif()
-if(WIN32)
-  configure_file(org/libjpegturbo/turbojpeg/TJLoader-win.java.in
-    ${CMAKE_CURRENT_BINARY_DIR}/org/libjpegturbo/turbojpeg/TJLoader.java)
-else()
-  configure_file(org/libjpegturbo/turbojpeg/TJLoader-unix.java.in
-    ${CMAKE_CURRENT_BINARY_DIR}/org/libjpegturbo/turbojpeg/TJLoader.java)
-endif()
-set(JAVA_SOURCES ${JAVA_SOURCES}
-  ${CMAKE_CURRENT_BINARY_DIR}/org/libjpegturbo/turbojpeg/TJLoader.java)
-
-if(MSYS)
-  # UGLY HACK ALERT: If we don't do this, then UseJava.cmake will separate
-  # class path members with a semicolon, which is interpreted as a command
-  # separator by the MSYS shell.
-  set(CMAKE_HOST_SYSTEM_NAME_BAK ${CMAKE_HOST_SYSTEM_NAME})
-  set(CMAKE_HOST_SYSTEM_NAME "MSYS")
-endif()
-add_jar(turbojpeg-java ${JAVA_SOURCES} OUTPUT_NAME turbojpeg
-  ENTRY_POINT TJExample)
-if(MSYS)
-  set(CMAKE_HOST_SYSTEM_NAME ${CMAKE_HOST_SYSTEM_NAME_BAK})
-endif()
-
-add_custom_target(javadoc COMMAND
-  javadoc -notimestamp -d ${CMAKE_CURRENT_SOURCE_DIR}/doc -sourcepath ${CMAKE_CURRENT_SOURCE_DIR} org.libjpegturbo.turbojpeg)
-set(JAVACLASSPATH ${CMAKE_CURRENT_BINARY_DIR}/${CMAKE_FILES_DIRECTORY}/turbojpeg-java.dir)
-if(Java_VERSION_MAJOR GREATER 9)
-  add_custom_target(javah
-    COMMAND javac -h ${CMAKE_CURRENT_SOURCE_DIR} -classpath ${JAVACLASSPATH}
-      -d ${CMAKE_CURRENT_BINARY_DIR}/__unused
-      ${CMAKE_CURRENT_SOURCE_DIR}/org/libjpegturbo/turbojpeg/TJ.java
-      ${CMAKE_CURRENT_SOURCE_DIR}/org/libjpegturbo/turbojpeg/TJCompressor.java
-      ${CMAKE_CURRENT_SOURCE_DIR}/org/libjpegturbo/turbojpeg/TJDecompressor.java
-      ${CMAKE_CURRENT_SOURCE_DIR}/org/libjpegturbo/turbojpeg/TJTransformer.java)
-else()
-  add_custom_target(javah
-    COMMAND javah -d ${CMAKE_CURRENT_SOURCE_DIR} -classpath ${JAVACLASSPATH} org.libjpegturbo.turbojpeg.TJ
-    COMMAND javah -d ${CMAKE_CURRENT_SOURCE_DIR} -classpath ${JAVACLASSPATH} org.libjpegturbo.turbojpeg.TJCompressor
-    COMMAND javah -d ${CMAKE_CURRENT_SOURCE_DIR} -classpath ${JAVACLASSPATH} org.libjpegturbo.turbojpeg.TJDecompressor
-    COMMAND javah -d ${CMAKE_CURRENT_SOURCE_DIR} -classpath ${JAVACLASSPATH} org.libjpegturbo.turbojpeg.TJTransformer)
-endif()
-
-if(NOT DEFINED CMAKE_INSTALL_DEFAULT_JAVADIR)
-  set(CMAKE_INSTALL_DEFAULT_JAVADIR "<CMAKE_INSTALL_DATAROOTDIR>/java")
-endif()
-GNUInstallDirs_set_install_dir(JAVADIR
-  "The directory into which Java classes should be installed")
-GNUInstallDirs_get_absolute_install_dir(CMAKE_INSTALL_FULL_JAVADIR
-  CMAKE_INSTALL_JAVADIR)
-set(CMAKE_INSTALL_JAVADIR ${CMAKE_INSTALL_JAVADIR} PARENT_SCOPE)
-set(CMAKE_INSTALL_FULL_JAVADIR ${CMAKE_INSTALL_FULL_JAVADIR} PARENT_SCOPE)
-report_directory(JAVADIR)
-install_jar(turbojpeg-java ${CMAKE_INSTALL_JAVADIR})
-mark_as_advanced(CLEAR CMAKE_INSTALL_JAVADIR)
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/MANIFEST.MF b/3rdparty/libjpeg-turbo_2_1_0/java/MANIFEST.MF
deleted file mode 100644
index 723bc51..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/MANIFEST.MF
+++ /dev/null
@@ -1,2 +0,0 @@
-Manifest-Version: 1.0
-Main-Class: TJExample
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/README b/3rdparty/libjpeg-turbo_2_1_0/java/README
deleted file mode 100644
index 5af1e31..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/README
+++ /dev/null
@@ -1,52 +0,0 @@
-TurboJPEG Java Wrapper
-======================
-
-The TurboJPEG shared library can optionally be built with a Java Native
-Interface wrapper, which allows the library to be loaded and used directly from
-Java applications.  The Java front end for this is defined in several classes
-located under org/libjpegturbo/turbojpeg.  The source code for these Java
-classes is licensed under a BSD-style license, so the files can be incorporated
-directly into both open source and proprietary projects without restriction.  A
-Java archive (JAR) file containing these classes is also shipped with the
-"official" distribution packages of libjpeg-turbo.
-
-TJExample.java, which should also be located in the same directory as this
-README file, demonstrates how to use the TurboJPEG Java API to compress and
-decompress JPEG images in memory.
-
-
-Performance Pitfalls
---------------------
-
-The TurboJPEG Java API defines several convenience methods that can allocate
-image buffers or instantiate classes to hold the result of compress,
-decompress, or transform operations.  However, if you use these methods, then
-be mindful of the amount of new data you are creating on the heap.  It may be
-necessary to manually invoke the garbage collector to prevent heap exhaustion
-or to prevent performance degradation.  Background garbage collection can kill
-performance, particularly in a multi-threaded environment (Java pauses all
-threads when the GC runs.)
-
-The TurboJPEG Java API always gives you the option of pre-allocating your own
-source and destination buffers, which allows you to re-use those buffers for
-compressing/decompressing multiple images.  If the image sequence you are
-compressing or decompressing consists of images of the same size, then
-pre-allocating the buffers is recommended.
-
-
-Installation Directory
-----------------------
-
-The TurboJPEG Java Wrapper will look for the TurboJPEG JNI library
-(libturbojpeg.so, libturbojpeg.dylib, or turbojpeg.dll) in the system library
-paths or in any paths specified in LD_LIBRARY_PATH (Un*x), DYLD_LIBRARY_PATH
-(Mac), or PATH (Windows.)  Failing this, on Un*x and Mac systems, the wrapper
-will look for the JNI library under the library directory configured when
-libjpeg-turbo was built.  If that library directory is
-/opt/libjpeg-turbo/lib32, then /opt/libjpeg-turbo/lib64 is also searched, and
-vice versa.
-
-If you installed the JNI library into another directory, then you will need
-to pass an argument of -Djava.library.path={path_to_JNI_library} to java, or
-manipulate LD_LIBRARY_PATH, DYLD_LIBRARY_PATH, or PATH to include the directory
-containing the JNI library.
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/TJBench.java b/3rdparty/libjpeg-turbo_2_1_0/java/TJBench.java
deleted file mode 100644
index 0fadab1..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/TJBench.java
+++ /dev/null
@@ -1,1026 +0,0 @@
-/*
- * Copyright (C)2009-2014, 2016-2019, 2021 D. R. Commander.
- *                                         All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-import java.io.*;
-import java.awt.image.*;
-import javax.imageio.*;
-import java.util.*;
-import org.libjpegturbo.turbojpeg.*;
-
-final class TJBench {
-
-  private TJBench() {}
-
-  private static int flags = 0, quiet = 0, pf = TJ.PF_BGR, yuvPad = 1;
-  private static boolean compOnly, decompOnly, doTile, doYUV, write = true;
-
-  static final String[] PIXFORMATSTR = {
-    "RGB", "BGR", "RGBX", "BGRX", "XBGR", "XRGB", "GRAY"
-  };
-
-  static final String[] SUBNAME_LONG = {
-    "4:4:4", "4:2:2", "4:2:0", "GRAY", "4:4:0", "4:1:1"
-  };
-
-  static final String[] SUBNAME = {
-    "444", "422", "420", "GRAY", "440", "411"
-  };
-
-  static final String[] CSNAME = {
-    "RGB", "YCbCr", "GRAY", "CMYK", "YCCK"
-  };
-
-  private static TJScalingFactor sf;
-  private static int xformOp = TJTransform.OP_NONE, xformOpt = 0;
-  private static double benchTime = 5.0, warmup = 1.0;
-
-
-  static double getTime() {
-    return (double)System.nanoTime() / 1.0e9;
-  }
-
-
-  private static String tjErrorMsg;
-  private static int tjErrorCode = -1;
-
-  static void handleTJException(TJException e) throws TJException {
-    String errorMsg = e.getMessage();
-    int errorCode = e.getErrorCode();
-
-    if ((flags & TJ.FLAG_STOPONWARNING) == 0 &&
-        errorCode == TJ.ERR_WARNING) {
-      if (tjErrorMsg == null || !tjErrorMsg.equals(errorMsg) ||
-          tjErrorCode != errorCode) {
-        tjErrorMsg = errorMsg;
-        tjErrorCode = errorCode;
-        System.out.println("WARNING: " + errorMsg);
-      }
-    } else
-      throw e;
-  }
-
-
-  static String formatName(int subsamp, int cs) {
-    if (cs == TJ.CS_YCbCr)
-      return SUBNAME_LONG[subsamp];
-    else if (cs == TJ.CS_YCCK)
-      return CSNAME[cs] + " " + SUBNAME_LONG[subsamp];
-    else
-      return CSNAME[cs];
-  }
-
-
-  static String sigFig(double val, int figs) {
-    String format;
-    int digitsAfterDecimal = figs - (int)Math.ceil(Math.log10(Math.abs(val)));
-
-    if (digitsAfterDecimal < 1)
-      format = new String("%.0f");
-    else
-      format = new String("%." + digitsAfterDecimal + "f");
-    return String.format(format, val);
-  }
-
-
-  static byte[] loadImage(String fileName, int[] w, int[] h, int pixelFormat)
-                          throws Exception {
-    BufferedImage img = ImageIO.read(new File(fileName));
-
-    if (img == null)
-      throw new Exception("Could not read " + fileName);
-    w[0] = img.getWidth();
-    h[0] = img.getHeight();
-
-    int[] rgb = img.getRGB(0, 0, w[0], h[0], null, 0, w[0]);
-    int ps = TJ.getPixelSize(pixelFormat);
-    int rindex = TJ.getRedOffset(pixelFormat);
-    int gindex = TJ.getGreenOffset(pixelFormat);
-    int bindex = TJ.getBlueOffset(pixelFormat);
-    if ((long)w[0] * (long)h[0] * (long)ps > (long)Integer.MAX_VALUE)
-      throw new Exception("Image is too large");
-    byte[] dstBuf = new byte[w[0] * h[0] * ps];
-    int pixels = w[0] * h[0], dstPtr = 0, rgbPtr = 0;
-
-    while (pixels-- > 0) {
-      dstBuf[dstPtr + rindex] = (byte)((rgb[rgbPtr] >> 16) & 0xff);
-      dstBuf[dstPtr + gindex] = (byte)((rgb[rgbPtr] >> 8) & 0xff);
-      dstBuf[dstPtr + bindex] = (byte)(rgb[rgbPtr] & 0xff);
-      dstPtr += ps;
-      rgbPtr++;
-    }
-    return dstBuf;
-  }
-
-
-  static void saveImage(String fileName, byte[] srcBuf, int w, int h,
-                        int pixelFormat) throws Exception {
-    BufferedImage img = new BufferedImage(w, h, BufferedImage.TYPE_INT_RGB);
-    int pixels = w * h, srcPtr = 0;
-    int ps = TJ.getPixelSize(pixelFormat);
-    int rindex = TJ.getRedOffset(pixelFormat);
-    int gindex = TJ.getGreenOffset(pixelFormat);
-    int bindex = TJ.getBlueOffset(pixelFormat);
-
-    for (int y = 0; y < h; y++) {
-      for (int x = 0; x < w; x++, srcPtr += ps) {
-        int pixel = (srcBuf[srcPtr + rindex] & 0xff) << 16 |
-                    (srcBuf[srcPtr + gindex] & 0xff) << 8 |
-                    (srcBuf[srcPtr + bindex] & 0xff);
-
-        img.setRGB(x, y, pixel);
-      }
-    }
-    ImageIO.write(img, "bmp", new File(fileName));
-  }
-
-
-  /* Decompression test */
-  static void decomp(byte[] srcBuf, byte[][] jpegBuf, int[] jpegSize,
-                     byte[] dstBuf, int w, int h, int subsamp, int jpegQual,
-                     String fileName, int tilew, int tileh) throws Exception {
-    String qualStr = new String(""), sizeStr, tempStr;
-    TJDecompressor tjd;
-    double elapsed, elapsedDecode;
-    int ps = TJ.getPixelSize(pf), i, iter = 0;
-    int scaledw = sf.getScaled(w);
-    int scaledh = sf.getScaled(h);
-    int pitch = scaledw * ps;
-    YUVImage yuvImage = null;
-
-    if (jpegQual > 0)
-      qualStr = new String("_Q" + jpegQual);
-
-    tjd = new TJDecompressor();
-
-    if (dstBuf == null) {
-      if ((long)pitch * (long)scaledh > (long)Integer.MAX_VALUE)
-        throw new Exception("Image is too large");
-      dstBuf = new byte[pitch * scaledh];
-    }
-
-    /* Set the destination buffer to gray so we know whether the decompressor
-       attempted to write to it */
-    Arrays.fill(dstBuf, (byte)127);
-
-    if (doYUV) {
-      int width = doTile ? tilew : scaledw;
-      int height = doTile ? tileh : scaledh;
-
-      yuvImage = new YUVImage(width, yuvPad, height, subsamp);
-      Arrays.fill(yuvImage.getBuf(), (byte)127);
-    }
-
-    /* Benchmark */
-    iter = -1;
-    elapsed = elapsedDecode = 0.0;
-    while (true) {
-      int tile = 0;
-      double start = getTime();
-
-      for (int y = 0; y < h; y += tileh) {
-        for (int x = 0; x < w; x += tilew, tile++) {
-          int width = doTile ? Math.min(tilew, w - x) : scaledw;
-          int height = doTile ? Math.min(tileh, h - y) : scaledh;
-
-          try {
-            tjd.setSourceImage(jpegBuf[tile], jpegSize[tile]);
-          } catch (TJException e) { handleTJException(e); }
-          if (doYUV) {
-            yuvImage.setBuf(yuvImage.getBuf(), width, yuvPad, height, subsamp);
-            try {
-              tjd.decompressToYUV(yuvImage, flags);
-            } catch (TJException e) { handleTJException(e); }
-            double startDecode = getTime();
-            tjd.setSourceImage(yuvImage);
-            try {
-              tjd.decompress(dstBuf, x, y, width, pitch, height, pf, flags);
-            } catch (TJException e) { handleTJException(e); }
-            if (iter >= 0)
-              elapsedDecode += getTime() - startDecode;
-          } else {
-            try {
-              tjd.decompress(dstBuf, x, y, width, pitch, height, pf, flags);
-            } catch (TJException e) { handleTJException(e); }
-          }
-        }
-      }
-      elapsed += getTime() - start;
-      if (iter >= 0) {
-        iter++;
-        if (elapsed >= benchTime)
-          break;
-      } else if (elapsed >= warmup) {
-        iter = 0;
-        elapsed = elapsedDecode = 0.0;
-      }
-    }
-    if (doYUV)
-      elapsed -= elapsedDecode;
-
-    tjd = null;
-    for (i = 0; i < jpegBuf.length; i++)
-      jpegBuf[i] = null;
-    jpegBuf = null;  jpegSize = null;
-    System.gc();
-
-    if (quiet != 0) {
-      System.out.format("%-6s%s",
-                        sigFig((double)(w * h) / 1000000. *
-                               (double)iter / elapsed, 4),
-                        quiet == 2 ? "\n" : "  ");
-      if (doYUV)
-        System.out.format("%s\n",
-                          sigFig((double)(w * h) / 1000000. *
-                                 (double)iter / elapsedDecode, 4));
-      else if (quiet != 2)
-        System.out.print("\n");
-    } else {
-      System.out.format("%s --> Frame rate:         %f fps\n",
-                        (doYUV ? "Decomp to YUV" : "Decompress   "),
-                        (double)iter / elapsed);
-      System.out.format("                  Throughput:         %f Megapixels/sec\n",
-                        (double)(w * h) / 1000000. * (double)iter / elapsed);
-      if (doYUV) {
-        System.out.format("YUV Decode    --> Frame rate:         %f fps\n",
-                          (double)iter / elapsedDecode);
-        System.out.format("                  Throughput:         %f Megapixels/sec\n",
-                          (double)(w * h) / 1000000. *
-                          (double)iter / elapsedDecode);
-      }
-    }
-
-    if (!write) return;
-
-    if (sf.getNum() != 1 || sf.getDenom() != 1)
-      sizeStr = new String(sf.getNum() + "_" + sf.getDenom());
-    else if (tilew != w || tileh != h)
-      sizeStr = new String(tilew + "x" + tileh);
-    else
-      sizeStr = new String("full");
-    if (decompOnly)
-      tempStr = new String(fileName + "_" + sizeStr + ".bmp");
-    else
-      tempStr = new String(fileName + "_" + SUBNAME[subsamp] + qualStr +
-                           "_" + sizeStr + ".bmp");
-
-    saveImage(tempStr, dstBuf, scaledw, scaledh, pf);
-    int ndx = tempStr.lastIndexOf('.');
-    tempStr = new String(tempStr.substring(0, ndx) + "-err.bmp");
-    if (srcBuf != null && sf.getNum() == 1 && sf.getDenom() == 1) {
-      if (quiet == 0)
-        System.out.println("Compression error written to " + tempStr + ".");
-      if (subsamp == TJ.SAMP_GRAY) {
-        for (int y = 0, index = 0; y < h; y++, index += pitch) {
-          for (int x = 0, index2 = index; x < w; x++, index2 += ps) {
-            int rindex = index2 + TJ.getRedOffset(pf);
-            int gindex = index2 + TJ.getGreenOffset(pf);
-            int bindex = index2 + TJ.getBlueOffset(pf);
-            int lum = (int)((double)(srcBuf[rindex] & 0xff) * 0.299 +
-                            (double)(srcBuf[gindex] & 0xff) * 0.587 +
-                            (double)(srcBuf[bindex] & 0xff) * 0.114 + 0.5);
-
-            if (lum > 255) lum = 255;
-            if (lum < 0) lum = 0;
-            dstBuf[rindex] = (byte)Math.abs((dstBuf[rindex] & 0xff) - lum);
-            dstBuf[gindex] = (byte)Math.abs((dstBuf[gindex] & 0xff) - lum);
-            dstBuf[bindex] = (byte)Math.abs((dstBuf[bindex] & 0xff) - lum);
-          }
-        }
-      } else {
-        for (int y = 0; y < h; y++)
-          for (int x = 0; x < w * ps; x++)
-            dstBuf[pitch * y + x] =
-              (byte)Math.abs((dstBuf[pitch * y + x] & 0xff) -
-                             (srcBuf[pitch * y + x] & 0xff));
-      }
-      saveImage(tempStr, dstBuf, w, h, pf);
-    }
-  }
-
-
-  static void fullTest(byte[] srcBuf, int w, int h, int subsamp, int jpegQual,
-                       String fileName) throws Exception {
-    TJCompressor tjc;
-    byte[] tmpBuf;
-    byte[][] jpegBuf;
-    int[] jpegSize;
-    double start, elapsed, elapsedEncode;
-    int totalJpegSize = 0, tilew, tileh, i, iter;
-    int ps = TJ.getPixelSize(pf);
-    int ntilesw = 1, ntilesh = 1, pitch = w * ps;
-    String pfStr = PIXFORMATSTR[pf];
-    YUVImage yuvImage = null;
-
-    if ((long)pitch * (long)h > (long)Integer.MAX_VALUE)
-      throw new Exception("Image is too large");
-    tmpBuf = new byte[pitch * h];
-
-    if (quiet == 0)
-      System.out.format(">>>>>  %s (%s) <--> JPEG %s Q%d  <<<<<\n", pfStr,
-                        (flags & TJ.FLAG_BOTTOMUP) != 0 ?
-                        "Bottom-up" : "Top-down",
-                        SUBNAME_LONG[subsamp], jpegQual);
-
-    tjc = new TJCompressor();
-
-    for (tilew = doTile ? 8 : w, tileh = doTile ? 8 : h; ;
-         tilew *= 2, tileh *= 2) {
-      if (tilew > w)
-        tilew = w;
-      if (tileh > h)
-        tileh = h;
-      ntilesw = (w + tilew - 1) / tilew;
-      ntilesh = (h + tileh - 1) / tileh;
-
-      jpegBuf = new byte[ntilesw * ntilesh][TJ.bufSize(tilew, tileh, subsamp)];
-      jpegSize = new int[ntilesw * ntilesh];
-
-      /* Compression test */
-      if (quiet == 1)
-        System.out.format("%-4s (%s)  %-5s    %-3d   ", pfStr,
-                          (flags & TJ.FLAG_BOTTOMUP) != 0 ? "BU" : "TD",
-                          SUBNAME_LONG[subsamp], jpegQual);
-      for (i = 0; i < h; i++)
-        System.arraycopy(srcBuf, w * ps * i, tmpBuf, pitch * i, w * ps);
-      tjc.setJPEGQuality(jpegQual);
-      tjc.setSubsamp(subsamp);
-
-      if (doYUV) {
-        yuvImage = new YUVImage(tilew, yuvPad, tileh, subsamp);
-        Arrays.fill(yuvImage.getBuf(), (byte)127);
-      }
-
-      /* Benchmark */
-      iter = -1;
-      elapsed = elapsedEncode = 0.0;
-      while (true) {
-        int tile = 0;
-
-        totalJpegSize = 0;
-        start = getTime();
-        for (int y = 0; y < h; y += tileh) {
-          for (int x = 0; x < w; x += tilew, tile++) {
-            int width = Math.min(tilew, w - x);
-            int height = Math.min(tileh, h - y);
-
-            tjc.setSourceImage(srcBuf, x, y, width, pitch, height, pf);
-            if (doYUV) {
-              double startEncode = getTime();
-
-              yuvImage.setBuf(yuvImage.getBuf(), width, yuvPad, height,
-                              subsamp);
-              tjc.encodeYUV(yuvImage, flags);
-              if (iter >= 0)
-                elapsedEncode += getTime() - startEncode;
-              tjc.setSourceImage(yuvImage);
-            }
-            tjc.compress(jpegBuf[tile], flags);
-            jpegSize[tile] = tjc.getCompressedSize();
-            totalJpegSize += jpegSize[tile];
-          }
-        }
-        elapsed += getTime() - start;
-        if (iter >= 0) {
-          iter++;
-          if (elapsed >= benchTime)
-            break;
-        } else if (elapsed >= warmup) {
-          iter = 0;
-          elapsed = elapsedEncode = 0.0;
-        }
-      }
-      if (doYUV)
-        elapsed -= elapsedEncode;
-
-      if (quiet == 1)
-        System.out.format("%-5d  %-5d   ", tilew, tileh);
-      if (quiet != 0) {
-        if (doYUV)
-          System.out.format("%-6s%s",
-                            sigFig((double)(w * h) / 1000000. *
-                                   (double)iter / elapsedEncode, 4),
-                            quiet == 2 ? "\n" : "  ");
-        System.out.format("%-6s%s",
-                          sigFig((double)(w * h) / 1000000. *
-                                 (double)iter / elapsed, 4),
-                          quiet == 2 ? "\n" : "  ");
-        System.out.format("%-6s%s",
-                          sigFig((double)(w * h * ps) / (double)totalJpegSize,
-                                 4),
-                          quiet == 2 ? "\n" : "  ");
-      } else {
-        System.out.format("\n%s size: %d x %d\n", doTile ? "Tile" : "Image",
-                          tilew, tileh);
-        if (doYUV) {
-          System.out.format("Encode YUV    --> Frame rate:         %f fps\n",
-                            (double)iter / elapsedEncode);
-          System.out.format("                  Output image size:  %d bytes\n",
-                            yuvImage.getSize());
-          System.out.format("                  Compression ratio:  %f:1\n",
-                            (double)(w * h * ps) / (double)yuvImage.getSize());
-          System.out.format("                  Throughput:         %f Megapixels/sec\n",
-                            (double)(w * h) / 1000000. *
-                            (double)iter / elapsedEncode);
-          System.out.format("                  Output bit stream:  %f Megabits/sec\n",
-                            (double)yuvImage.getSize() * 8. / 1000000. *
-                            (double)iter / elapsedEncode);
-        }
-        System.out.format("%s --> Frame rate:         %f fps\n",
-                          doYUV ? "Comp from YUV" : "Compress     ",
-                          (double)iter / elapsed);
-        System.out.format("                  Output image size:  %d bytes\n",
-                          totalJpegSize);
-        System.out.format("                  Compression ratio:  %f:1\n",
-                          (double)(w * h * ps) / (double)totalJpegSize);
-        System.out.format("                  Throughput:         %f Megapixels/sec\n",
-                          (double)(w * h) / 1000000. * (double)iter / elapsed);
-        System.out.format("                  Output bit stream:  %f Megabits/sec\n",
-                          (double)totalJpegSize * 8. / 1000000. *
-                          (double)iter / elapsed);
-      }
-      if (tilew == w && tileh == h && write) {
-        String tempStr = fileName + "_" + SUBNAME[subsamp] + "_" + "Q" +
-                         jpegQual + ".jpg";
-        FileOutputStream fos = new FileOutputStream(tempStr);
-
-        fos.write(jpegBuf[0], 0, jpegSize[0]);
-        fos.close();
-        if (quiet == 0)
-          System.out.println("Reference image written to " + tempStr);
-      }
-
-      /* Decompression test */
-      if (!compOnly)
-        decomp(srcBuf, jpegBuf, jpegSize, tmpBuf, w, h, subsamp, jpegQual,
-               fileName, tilew, tileh);
-      else if (quiet == 1)
-        System.out.println("N/A");
-
-      if (tilew == w && tileh == h) break;
-    }
-  }
-
-
-  static void decompTest(String fileName) throws Exception {
-    TJTransformer tjt;
-    byte[][] jpegBuf = null;
-    byte[] srcBuf;
-    int[] jpegSize = null;
-    int totalJpegSize;
-    double start, elapsed;
-    int ps = TJ.getPixelSize(pf), tile, x, y, iter;
-    // Original image
-    int w = 0, h = 0, ntilesw = 1, ntilesh = 1, subsamp = -1, cs = -1;
-    // Transformed image
-    int tw, th, ttilew, ttileh, tntilesw, tntilesh, tsubsamp;
-
-    FileInputStream fis = new FileInputStream(fileName);
-    if (fis.getChannel().size() > (long)Integer.MAX_VALUE)
-      throw new Exception("Image is too large");
-    int srcSize = (int)fis.getChannel().size();
-    srcBuf = new byte[srcSize];
-    fis.read(srcBuf, 0, srcSize);
-    fis.close();
-
-    int index = fileName.lastIndexOf('.');
-    if (index >= 0)
-      fileName = new String(fileName.substring(0, index));
-
-    tjt = new TJTransformer();
-
-    try {
-      tjt.setSourceImage(srcBuf, srcSize);
-    } catch (TJException e) { handleTJException(e); }
-    w = tjt.getWidth();
-    h = tjt.getHeight();
-    subsamp = tjt.getSubsamp();
-    cs = tjt.getColorspace();
-
-    if (quiet == 1) {
-      System.out.println("All performance values in Mpixels/sec\n");
-      System.out.format("Bitmap     JPEG   JPEG     %s  %s   Xform   Comp    Decomp  ",
-                        (doTile ? "Tile " : "Image"),
-                        (doTile ? "Tile " : "Image"));
-      if (doYUV)
-        System.out.print("Decode");
-      System.out.print("\n");
-      System.out.print("Format     CS     Subsamp  Width  Height  Perf    Ratio   Perf    ");
-      if (doYUV)
-        System.out.print("Perf");
-      System.out.println("\n");
-    } else if (quiet == 0)
-      System.out.format(">>>>>  JPEG %s --> %s (%s)  <<<<<\n",
-                        formatName(subsamp, cs), PIXFORMATSTR[pf],
-                        (flags & TJ.FLAG_BOTTOMUP) != 0 ?
-                        "Bottom-up" : "Top-down");
-
-    for (int tilew = doTile ? 16 : w, tileh = doTile ? 16 : h; ;
-         tilew *= 2, tileh *= 2) {
-      if (tilew > w)
-        tilew = w;
-      if (tileh > h)
-        tileh = h;
-      ntilesw = (w + tilew - 1) / tilew;
-      ntilesh = (h + tileh - 1) / tileh;
-
-      tw = w;  th = h;  ttilew = tilew;  ttileh = tileh;
-      if (quiet == 0) {
-        System.out.format("\n%s size: %d x %d", (doTile ? "Tile" : "Image"),
-                          ttilew, ttileh);
-        if (sf.getNum() != 1 || sf.getDenom() != 1)
-          System.out.format(" --> %d x %d", sf.getScaled(tw),
-                            sf.getScaled(th));
-        System.out.println("");
-      } else if (quiet == 1) {
-        System.out.format("%-4s (%s)  %-5s  %-5s    ", PIXFORMATSTR[pf],
-                          (flags & TJ.FLAG_BOTTOMUP) != 0 ? "BU" : "TD",
-                          CSNAME[cs], SUBNAME_LONG[subsamp]);
-        System.out.format("%-5d  %-5d   ", tilew, tileh);
-      }
-
-      tsubsamp = subsamp;
-      if (doTile || xformOp != TJTransform.OP_NONE || xformOpt != 0) {
-        if (xformOp == TJTransform.OP_TRANSPOSE ||
-            xformOp == TJTransform.OP_TRANSVERSE ||
-            xformOp == TJTransform.OP_ROT90 ||
-            xformOp == TJTransform.OP_ROT270) {
-          tw = h;  th = w;  ttilew = tileh;  ttileh = tilew;
-        }
-
-        if ((xformOpt & TJTransform.OPT_GRAY) != 0)
-          tsubsamp = TJ.SAMP_GRAY;
-        if (xformOp == TJTransform.OP_HFLIP ||
-            xformOp == TJTransform.OP_ROT180)
-          tw = tw - (tw % TJ.getMCUWidth(tsubsamp));
-        if (xformOp == TJTransform.OP_VFLIP ||
-            xformOp == TJTransform.OP_ROT180)
-          th = th - (th % TJ.getMCUHeight(tsubsamp));
-        if (xformOp == TJTransform.OP_TRANSVERSE ||
-            xformOp == TJTransform.OP_ROT90)
-          tw = tw - (tw % TJ.getMCUHeight(tsubsamp));
-        if (xformOp == TJTransform.OP_TRANSVERSE ||
-            xformOp == TJTransform.OP_ROT270)
-          th = th - (th % TJ.getMCUWidth(tsubsamp));
-        tntilesw = (tw + ttilew - 1) / ttilew;
-        tntilesh = (th + ttileh - 1) / ttileh;
-
-        if (xformOp == TJTransform.OP_TRANSPOSE ||
-            xformOp == TJTransform.OP_TRANSVERSE ||
-            xformOp == TJTransform.OP_ROT90 ||
-            xformOp == TJTransform.OP_ROT270) {
-          if (tsubsamp == TJ.SAMP_422)
-            tsubsamp = TJ.SAMP_440;
-          else if (tsubsamp == TJ.SAMP_440)
-            tsubsamp = TJ.SAMP_422;
-        }
-
-        TJTransform[] t = new TJTransform[tntilesw * tntilesh];
-        jpegBuf =
-          new byte[tntilesw * tntilesh][TJ.bufSize(ttilew, ttileh, subsamp)];
-
-        for (y = 0, tile = 0; y < th; y += ttileh) {
-          for (x = 0; x < tw; x += ttilew, tile++) {
-            t[tile] = new TJTransform();
-            t[tile].width = Math.min(ttilew, tw - x);
-            t[tile].height = Math.min(ttileh, th - y);
-            t[tile].x = x;
-            t[tile].y = y;
-            t[tile].op = xformOp;
-            t[tile].options = xformOpt | TJTransform.OPT_TRIM;
-            if ((t[tile].options & TJTransform.OPT_NOOUTPUT) != 0 &&
-                jpegBuf[tile] != null)
-              jpegBuf[tile] = null;
-          }
-        }
-
-        iter = -1;
-        elapsed = 0.;
-        while (true) {
-          start = getTime();
-          try {
-            tjt.transform(jpegBuf, t, flags);
-          } catch (TJException e) { handleTJException(e); }
-          jpegSize = tjt.getTransformedSizes();
-          elapsed += getTime() - start;
-          if (iter >= 0) {
-            iter++;
-            if (elapsed >= benchTime)
-              break;
-          } else if (elapsed >= warmup) {
-            iter = 0;
-            elapsed = 0.0;
-          }
-        }
-        t = null;
-
-        for (tile = 0, totalJpegSize = 0; tile < tntilesw * tntilesh; tile++)
-          totalJpegSize += jpegSize[tile];
-
-        if (quiet != 0) {
-          System.out.format("%-6s%s%-6s%s",
-                            sigFig((double)(w * h) / 1000000. / elapsed, 4),
-                            quiet == 2 ? "\n" : "  ",
-                            sigFig((double)(w * h * ps) /
-                                   (double)totalJpegSize, 4),
-                            quiet == 2 ? "\n" : "  ");
-        } else if (quiet == 0) {
-          System.out.format("Transform     --> Frame rate:         %f fps\n",
-                            1.0 / elapsed);
-          System.out.format("                  Output image size:  %d bytes\n",
-                            totalJpegSize);
-          System.out.format("                  Compression ratio:  %f:1\n",
-                            (double)(w * h * ps) / (double)totalJpegSize);
-          System.out.format("                  Throughput:         %f Megapixels/sec\n",
-                            (double)(w * h) / 1000000. / elapsed);
-          System.out.format("                  Output bit stream:  %f Megabits/sec\n",
-                            (double)totalJpegSize * 8. / 1000000. / elapsed);
-        }
-      } else {
-        if (quiet == 1)
-          System.out.print("N/A     N/A     ");
-        jpegBuf = new byte[1][TJ.bufSize(ttilew, ttileh, subsamp)];
-        jpegSize = new int[1];
-        jpegBuf[0] = srcBuf;
-        jpegSize[0] = srcSize;
-      }
-
-      if (w == tilew)
-        ttilew = tw;
-      if (h == tileh)
-        ttileh = th;
-      if ((xformOpt & TJTransform.OPT_NOOUTPUT) == 0)
-        decomp(null, jpegBuf, jpegSize, null, tw, th, tsubsamp, 0,
-               fileName, ttilew, ttileh);
-      else if (quiet == 1)
-        System.out.println("N/A");
-
-      jpegBuf = null;
-      jpegSize = null;
-
-      if (tilew == w && tileh == h) break;
-    }
-  }
-
-
-  static void usage() throws Exception {
-    int i;
-    TJScalingFactor[] scalingFactors = TJ.getScalingFactors();
-    int nsf = scalingFactors.length;
-    String className = new TJBench().getClass().getName();
-
-    System.out.println("\nUSAGE: java " + className);
-    System.out.println("       <Inputfile (BMP)> <Quality> [options]\n");
-    System.out.println("       java " + className);
-    System.out.println("       <Inputfile (JPG)> [options]\n");
-    System.out.println("Options:\n");
-    System.out.println("-alloc = Dynamically allocate JPEG image buffers");
-    System.out.println("-bottomup = Test bottom-up compression/decompression");
-    System.out.println("-tile = Test performance of the codec when the image is encoded as separate");
-    System.out.println("     tiles of varying sizes.");
-    System.out.println("-rgb, -bgr, -rgbx, -bgrx, -xbgr, -xrgb =");
-    System.out.println("     Test the specified color conversion path in the codec (default = BGR)");
-    System.out.println("-fastupsample = Use the fastest chrominance upsampling algorithm available in");
-    System.out.println("     the underlying codec");
-    System.out.println("-fastdct = Use the fastest DCT/IDCT algorithms available in the underlying");
-    System.out.println("     codec");
-    System.out.println("-accuratedct = Use the most accurate DCT/IDCT algorithms available in the");
-    System.out.println("     underlying codec");
-    System.out.println("-progressive = Use progressive entropy coding in JPEG images generated by");
-    System.out.println("     compression and transform operations.");
-    System.out.println("-subsamp <s> = When testing JPEG compression, this option specifies the level");
-    System.out.println("     of chrominance subsampling to use (<s> = 444, 422, 440, 420, 411, or");
-    System.out.println("     GRAY).  The default is to test Grayscale, 4:2:0, 4:2:2, and 4:4:4 in");
-    System.out.println("     sequence.");
-    System.out.println("-quiet = Output results in tabular rather than verbose format");
-    System.out.println("-yuv = Test YUV encoding/decoding functions");
-    System.out.println("-yuvpad <p> = If testing YUV encoding/decoding, this specifies the number of");
-    System.out.println("     bytes to which each row of each plane in the intermediate YUV image is");
-    System.out.println("     padded (default = 1)");
-    System.out.println("-scale M/N = Scale down the width/height of the decompressed JPEG image by a");
-    System.out.print("     factor of M/N (M/N = ");
-    for (i = 0; i < nsf; i++) {
-      System.out.format("%d/%d", scalingFactors[i].getNum(),
-                        scalingFactors[i].getDenom());
-      if (nsf == 2 && i != nsf - 1)
-        System.out.print(" or ");
-      else if (nsf > 2) {
-        if (i != nsf - 1)
-          System.out.print(", ");
-        if (i == nsf - 2)
-          System.out.print("or ");
-      }
-      if (i % 8 == 0 && i != 0)
-        System.out.print("\n     ");
-    }
-    System.out.println(")");
-    System.out.println("-hflip, -vflip, -transpose, -transverse, -rot90, -rot180, -rot270 =");
-    System.out.println("     Perform the corresponding lossless transform prior to");
-    System.out.println("     decompression (these options are mutually exclusive)");
-    System.out.println("-grayscale = Perform lossless grayscale conversion prior to decompression");
-    System.out.println("     test (can be combined with the other transforms above)");
-    System.out.println("-copynone = Do not copy any extra markers (including EXIF and ICC profile data)");
-    System.out.println("     when transforming the image.");
-    System.out.println("-benchtime <t> = Run each benchmark for at least <t> seconds (default = 5.0)");
-    System.out.println("-warmup <t> = Run each benchmark for <t> seconds (default = 1.0) prior to");
-    System.out.println("     starting the timer, in order to prime the caches and thus improve the");
-    System.out.println("     consistency of the results.");
-    System.out.println("-componly = Stop after running compression tests.  Do not test decompression.");
-    System.out.println("-nowrite = Do not write reference or output images (improves consistency");
-    System.out.println("     of performance measurements.)");
-    System.out.println("-limitscans = Refuse to decompress or transform progressive JPEG images that");
-    System.out.println("     have an unreasonably large number of scans");
-    System.out.println("-stoponwarning = Immediately discontinue the current");
-    System.out.println("     compression/decompression/transform operation if the underlying codec");
-    System.out.println("     throws a warning (non-fatal error)\n");
-    System.out.println("NOTE:  If the quality is specified as a range (e.g. 90-100), a separate");
-    System.out.println("test will be performed for all quality values in the range.\n");
-    System.exit(1);
-  }
-
-
-  public static void main(String[] argv) {
-    byte[] srcBuf = null;
-    int w = 0, h = 0, minQual = -1, maxQual = -1;
-    int minArg = 1, retval = 0;
-    int subsamp = -1;
-
-    try {
-
-      if (argv.length < minArg)
-        usage();
-
-      String tempStr = argv[0].toLowerCase();
-      if (tempStr.endsWith(".jpg") || tempStr.endsWith(".jpeg"))
-        decompOnly = true;
-
-      System.out.println("");
-
-      if (!decompOnly) {
-        minArg = 2;
-        if (argv.length < minArg)
-          usage();
-        try {
-          minQual = Integer.parseInt(argv[1]);
-        } catch (NumberFormatException e) {}
-        if (minQual < 1 || minQual > 100)
-          throw new Exception("Quality must be between 1 and 100.");
-        int dashIndex = argv[1].indexOf('-');
-        if (dashIndex > 0 && argv[1].length() > dashIndex + 1) {
-          try {
-            maxQual = Integer.parseInt(argv[1].substring(dashIndex + 1));
-          } catch (NumberFormatException e) {}
-        }
-        if (maxQual < 1 || maxQual > 100)
-          maxQual = minQual;
-      }
-
-      if (argv.length > minArg) {
-        for (int i = minArg; i < argv.length; i++) {
-          if (argv[i].equalsIgnoreCase("-tile")) {
-            doTile = true;  xformOpt |= TJTransform.OPT_CROP;
-          } else if (argv[i].equalsIgnoreCase("-fastupsample")) {
-            System.out.println("Using fast upsampling code\n");
-            flags |= TJ.FLAG_FASTUPSAMPLE;
-          } else if (argv[i].equalsIgnoreCase("-fastdct")) {
-            System.out.println("Using fastest DCT/IDCT algorithm\n");
-            flags |= TJ.FLAG_FASTDCT;
-          } else if (argv[i].equalsIgnoreCase("-accuratedct")) {
-            System.out.println("Using most accurate DCT/IDCT algorithm\n");
-            flags |= TJ.FLAG_ACCURATEDCT;
-          } else if (argv[i].equalsIgnoreCase("-progressive")) {
-            System.out.println("Using progressive entropy coding\n");
-            flags |= TJ.FLAG_PROGRESSIVE;
-          } else if (argv[i].equalsIgnoreCase("-rgb"))
-            pf = TJ.PF_RGB;
-          else if (argv[i].equalsIgnoreCase("-rgbx"))
-            pf = TJ.PF_RGBX;
-          else if (argv[i].equalsIgnoreCase("-bgr"))
-            pf = TJ.PF_BGR;
-          else if (argv[i].equalsIgnoreCase("-bgrx"))
-            pf = TJ.PF_BGRX;
-          else if (argv[i].equalsIgnoreCase("-xbgr"))
-            pf = TJ.PF_XBGR;
-          else if (argv[i].equalsIgnoreCase("-xrgb"))
-            pf = TJ.PF_XRGB;
-          else if (argv[i].equalsIgnoreCase("-bottomup"))
-            flags |= TJ.FLAG_BOTTOMUP;
-          else if (argv[i].equalsIgnoreCase("-quiet"))
-            quiet = 1;
-          else if (argv[i].equalsIgnoreCase("-qq"))
-            quiet = 2;
-          else if (argv[i].equalsIgnoreCase("-scale") && i < argv.length - 1) {
-            int temp1 = 0, temp2 = 0;
-            boolean match = false, scanned = true;
-            Scanner scanner = new Scanner(argv[++i]).useDelimiter("/");
-
-            try {
-              temp1 = scanner.nextInt();
-              temp2 = scanner.nextInt();
-            } catch (Exception e) {}
-            if (temp2 <= 0) temp2 = 1;
-            if (temp1 > 0) {
-              TJScalingFactor[] scalingFactors = TJ.getScalingFactors();
-
-              for (int j = 0; j < scalingFactors.length; j++) {
-                if ((double)temp1 / (double)temp2 ==
-                    (double)scalingFactors[j].getNum() /
-                    (double)scalingFactors[j].getDenom()) {
-                  sf = scalingFactors[j];
-                  match = true;  break;
-                }
-              }
-              if (!match) usage();
-            } else
-              usage();
-          } else if (argv[i].equalsIgnoreCase("-hflip"))
-            xformOp = TJTransform.OP_HFLIP;
-          else if (argv[i].equalsIgnoreCase("-vflip"))
-            xformOp = TJTransform.OP_VFLIP;
-          else if (argv[i].equalsIgnoreCase("-transpose"))
-            xformOp = TJTransform.OP_TRANSPOSE;
-          else if (argv[i].equalsIgnoreCase("-transverse"))
-            xformOp = TJTransform.OP_TRANSVERSE;
-          else if (argv[i].equalsIgnoreCase("-rot90"))
-            xformOp = TJTransform.OP_ROT90;
-          else if (argv[i].equalsIgnoreCase("-rot180"))
-            xformOp = TJTransform.OP_ROT180;
-          else if (argv[i].equalsIgnoreCase("-rot270"))
-            xformOp = TJTransform.OP_ROT270;
-          else if (argv[i].equalsIgnoreCase("-grayscale"))
-            xformOpt |= TJTransform.OPT_GRAY;
-          else if (argv[i].equalsIgnoreCase("-nooutput"))
-            xformOpt |= TJTransform.OPT_NOOUTPUT;
-          else if (argv[i].equalsIgnoreCase("-copynone"))
-            xformOpt |= TJTransform.OPT_COPYNONE;
-          else if (argv[i].equalsIgnoreCase("-benchtime") &&
-                   i < argv.length - 1) {
-            double temp = -1;
-
-            try {
-              temp = Double.parseDouble(argv[++i]);
-            } catch (NumberFormatException e) {}
-            if (temp > 0.0)
-              benchTime = temp;
-            else
-              usage();
-          } else if (argv[i].equalsIgnoreCase("-warmup") &&
-                     i < argv.length - 1) {
-            double temp = -1;
-
-            try {
-              temp = Double.parseDouble(argv[++i]);
-            } catch (NumberFormatException e) {}
-            if (temp >= 0.0) {
-              warmup = temp;
-              System.out.format("Warmup time = %.1f seconds\n\n", warmup);
-            } else
-              usage();
-          } else if (argv[i].equalsIgnoreCase("-yuv")) {
-            System.out.println("Testing YUV planar encoding/decoding\n");
-            doYUV = true;
-          } else if (argv[i].equalsIgnoreCase("-yuvpad") &&
-                     i < argv.length - 1) {
-            int temp = 0;
-
-            try {
-              temp = Integer.parseInt(argv[++i]);
-            } catch (NumberFormatException e) {}
-            if (temp >= 1)
-              yuvPad = temp;
-          } else if (argv[i].equalsIgnoreCase("-subsamp") &&
-                     i < argv.length - 1) {
-            i++;
-            if (argv[i].toUpperCase().startsWith("G"))
-              subsamp = TJ.SAMP_GRAY;
-            else if (argv[i].equals("444"))
-              subsamp = TJ.SAMP_444;
-            else if (argv[i].equals("422"))
-              subsamp = TJ.SAMP_422;
-            else if (argv[i].equals("440"))
-              subsamp = TJ.SAMP_440;
-            else if (argv[i].equals("420"))
-              subsamp = TJ.SAMP_420;
-            else if (argv[i].equals("411"))
-              subsamp = TJ.SAMP_411;
-          } else if (argv[i].equalsIgnoreCase("-componly"))
-            compOnly = true;
-          else if (argv[i].equalsIgnoreCase("-nowrite"))
-            write = false;
-          else if (argv[i].equalsIgnoreCase("-limitscans"))
-            flags |= TJ.FLAG_LIMITSCANS;
-          else if (argv[i].equalsIgnoreCase("-stoponwarning"))
-            flags |= TJ.FLAG_STOPONWARNING;
-          else usage();
-        }
-      }
-
-      if (sf == null)
-        sf = new TJScalingFactor(1, 1);
-
-      if ((sf.getNum() != 1 || sf.getDenom() != 1) && doTile) {
-        System.out.println("Disabling tiled compression/decompression tests, because those tests do not");
-        System.out.println("work when scaled decompression is enabled.");
-        doTile = false;
-      }
-
-      if (!decompOnly) {
-        int[] width = new int[1], height = new int[1];
-
-        srcBuf = loadImage(argv[0], width, height, pf);
-        w = width[0];  h = height[0];
-        int index = -1;
-        if ((index = argv[0].lastIndexOf('.')) >= 0)
-          argv[0] = argv[0].substring(0, index);
-      }
-
-      if (quiet == 1 && !decompOnly) {
-        System.out.println("All performance values in Mpixels/sec\n");
-        System.out.format("Bitmap     JPEG     JPEG  %s  %s   ",
-                          (doTile ? "Tile " : "Image"),
-                          (doTile ? "Tile " : "Image"));
-        if (doYUV)
-          System.out.print("Encode  ");
-        System.out.print("Comp    Comp    Decomp  ");
-        if (doYUV)
-          System.out.print("Decode");
-        System.out.print("\n");
-        System.out.print("Format     Subsamp  Qual  Width  Height  ");
-        if (doYUV)
-          System.out.print("Perf    ");
-        System.out.print("Perf    Ratio   Perf    ");
-        if (doYUV)
-          System.out.print("Perf");
-        System.out.println("\n");
-      }
-
-      if (decompOnly) {
-        decompTest(argv[0]);
-        System.out.println("");
-        System.exit(retval);
-      }
-
-      System.gc();
-      if (subsamp >= 0 && subsamp < TJ.NUMSAMP) {
-        for (int i = maxQual; i >= minQual; i--)
-          fullTest(srcBuf, w, h, subsamp, i, argv[0]);
-        System.out.println("");
-      } else {
-        for (int i = maxQual; i >= minQual; i--)
-          fullTest(srcBuf, w, h, TJ.SAMP_GRAY, i, argv[0]);
-        System.out.println("");
-        System.gc();
-        for (int i = maxQual; i >= minQual; i--)
-          fullTest(srcBuf, w, h, TJ.SAMP_420, i, argv[0]);
-        System.out.println("");
-        System.gc();
-        for (int i = maxQual; i >= minQual; i--)
-          fullTest(srcBuf, w, h, TJ.SAMP_422, i, argv[0]);
-        System.out.println("");
-        System.gc();
-        for (int i = maxQual; i >= minQual; i--)
-          fullTest(srcBuf, w, h, TJ.SAMP_444, i, argv[0]);
-        System.out.println("");
-      }
-
-    } catch (Exception e) {
-      if (e instanceof TJException) {
-        TJException tje = (TJException)e;
-
-        System.out.println((tje.getErrorCode() == TJ.ERR_WARNING ?
-                            "WARNING: " : "ERROR: ") + tje.getMessage());
-      } else
-        System.out.println("ERROR: " + e.getMessage());
-      e.printStackTrace();
-      retval = -1;
-    }
-
-    System.exit(retval);
-  }
-
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/TJExample.java b/3rdparty/libjpeg-turbo_2_1_0/java/TJExample.java
deleted file mode 100644
index 7859886..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/TJExample.java
+++ /dev/null
@@ -1,405 +0,0 @@
-/*
- * Copyright (C)2011-2012, 2014-2015, 2017-2018 D. R. Commander.
- *                                              All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-/*
- * This program demonstrates how to compress, decompress, and transform JPEG
- * images using the TurboJPEG Java API
- */
-
-import java.io.*;
-import java.awt.*;
-import java.awt.image.*;
-import java.nio.*;
-import javax.imageio.*;
-import javax.swing.*;
-import org.libjpegturbo.turbojpeg.*;
-
-
-@SuppressWarnings("checkstyle:JavadocType")
-class TJExample implements TJCustomFilter {
-
-  static final String CLASS_NAME =
-    new TJExample().getClass().getName();
-
-  static final int DEFAULT_SUBSAMP = TJ.SAMP_444;
-  static final int DEFAULT_QUALITY = 95;
-
-
-  static final String[] SUBSAMP_NAME = {
-    "4:4:4", "4:2:2", "4:2:0", "Grayscale", "4:4:0", "4:1:1"
-  };
-
-  static final String[] COLORSPACE_NAME = {
-    "RGB", "YCbCr", "GRAY", "CMYK", "YCCK"
-  };
-
-
-  /* DCT filter example.  This produces a negative of the image. */
-
-  @SuppressWarnings("checkstyle:JavadocMethod")
-  public void customFilter(ShortBuffer coeffBuffer, Rectangle bufferRegion,
-                           Rectangle planeRegion, int componentIndex,
-                           int transformIndex, TJTransform transform)
-                           throws TJException {
-    for (int i = 0; i < bufferRegion.width * bufferRegion.height; i++) {
-      coeffBuffer.put(i, (short)(-coeffBuffer.get(i)));
-    }
-  }
-
-
-  static void usage() throws Exception {
-    System.out.println("\nUSAGE: java [Java options] " + CLASS_NAME +
-                       " <Input image> <Output image> [options]\n");
-
-    System.out.println("Input and output images can be in any image format that the Java Image I/O");
-    System.out.println("extensions understand.  If either filename ends in a .jpg extension, then");
-    System.out.println("the TurboJPEG API will be used to compress or decompress the image.\n");
-
-    System.out.println("Compression Options (used if the output image is a JPEG image)");
-    System.out.println("--------------------------------------------------------------\n");
-
-    System.out.println("-subsamp <444|422|420|gray> = Apply this level of chrominance subsampling when");
-    System.out.println("     compressing the output image.  The default is to use the same level of");
-    System.out.println("     subsampling as in the input image, if the input image is also a JPEG");
-    System.out.println("     image, or to use grayscale if the input image is a grayscale non-JPEG");
-    System.out.println("     image, or to use " +
-                       SUBSAMP_NAME[DEFAULT_SUBSAMP] +
-                       " subsampling otherwise.\n");
-
-    System.out.println("-q <1-100> = Compress the output image with this JPEG quality level");
-    System.out.println("     (default = " + DEFAULT_QUALITY + ").\n");
-
-    System.out.println("Decompression Options (used if the input image is a JPEG image)");
-    System.out.println("---------------------------------------------------------------\n");
-
-    System.out.println("-scale M/N = Scale the input image by a factor of M/N when decompressing it.");
-    System.out.print("(M/N = ");
-    for (int i = 0; i < SCALING_FACTORS.length; i++) {
-      System.out.print(SCALING_FACTORS[i].getNum() + "/" +
-                       SCALING_FACTORS[i].getDenom());
-      if (SCALING_FACTORS.length == 2 && i != SCALING_FACTORS.length - 1)
-        System.out.print(" or ");
-      else if (SCALING_FACTORS.length > 2) {
-        if (i != SCALING_FACTORS.length - 1)
-          System.out.print(", ");
-        if (i == SCALING_FACTORS.length - 2)
-          System.out.print("or ");
-      }
-    }
-    System.out.println(")\n");
-
-    System.out.println("-hflip, -vflip, -transpose, -transverse, -rot90, -rot180, -rot270 =");
-    System.out.println("     Perform one of these lossless transform operations on the input image");
-    System.out.println("     prior to decompressing it (these options are mutually exclusive.)\n");
-
-    System.out.println("-grayscale = Perform lossless grayscale conversion on the input image prior");
-    System.out.println("     to decompressing it (can be combined with the other transform operations");
-    System.out.println("     above.)\n");
-
-    System.out.println("-crop WxH+X+Y = Perform lossless cropping on the input image prior to");
-    System.out.println("     decompressing it.  X and Y specify the upper left corner of the cropping");
-    System.out.println("     region, and W and H specify the width and height of the cropping region.");
-    System.out.println("     X and Y must be evenly divible by the MCU block size (8x8 if the input");
-    System.out.println("     image was compressed using no subsampling or grayscale, 16x8 if it was");
-    System.out.println("     compressed using 4:2:2 subsampling, or 16x16 if it was compressed using");
-    System.out.println("     4:2:0 subsampling.)\n");
-
-    System.out.println("General Options");
-    System.out.println("---------------\n");
-
-    System.out.println("-display = Display output image (Output filename need not be specified in this");
-    System.out.println("     case.)\n");
-
-    System.out.println("-fastupsample = Use the fastest chrominance upsampling algorithm available in");
-    System.out.println("     the underlying codec.\n");
-
-    System.out.println("-fastdct = Use the fastest DCT/IDCT algorithms available in the underlying");
-    System.out.println("     codec.\n");
-
-    System.out.println("-accuratedct = Use the most accurate DCT/IDCT algorithms available in the");
-    System.out.println("     underlying codec.\n");
-
-    System.exit(1);
-  }
-
-
-  public static void main(String[] argv) {
-
-    try {
-
-      TJScalingFactor scalingFactor = new TJScalingFactor(1, 1);
-      int outSubsamp = -1, outQual = -1;
-      TJTransform xform = new TJTransform();
-      boolean display = false;
-      int flags = 0;
-      int width, height;
-      String inFormat = "jpg", outFormat = "jpg";
-      BufferedImage img = null;
-      byte[] imgBuf = null;
-
-      if (argv.length < 2)
-        usage();
-
-      if (argv[1].substring(0, 2).equalsIgnoreCase("-d"))
-        display = true;
-
-      /* Parse arguments. */
-      for (int i = 2; i < argv.length; i++) {
-        if (argv[i].length() < 2)
-          continue;
-        else if (argv[i].length() > 2 &&
-                 argv[i].substring(0, 3).equalsIgnoreCase("-sc") &&
-                 i < argv.length - 1) {
-          int match = 0;
-          String[] scaleArg = argv[++i].split("/");
-          if (scaleArg.length == 2) {
-            TJScalingFactor tempsf =
-              new TJScalingFactor(Integer.parseInt(scaleArg[0]),
-                                  Integer.parseInt(scaleArg[1]));
-            for (int j = 0; j < SCALING_FACTORS.length; j++) {
-              if (tempsf.equals(SCALING_FACTORS[j])) {
-                scalingFactor = SCALING_FACTORS[j];
-                match = 1;
-                break;
-              }
-            }
-          }
-          if (match != 1)
-            usage();
-        } else if (argv[i].length() > 2 &&
-                   argv[i].substring(0, 3).equalsIgnoreCase("-su") &&
-                   i < argv.length - 1) {
-          i++;
-          if (argv[i].substring(0, 1).equalsIgnoreCase("g"))
-            outSubsamp = TJ.SAMP_GRAY;
-          else if (argv[i].equals("444"))
-            outSubsamp = TJ.SAMP_444;
-          else if (argv[i].equals("422"))
-            outSubsamp = TJ.SAMP_422;
-          else if (argv[i].equals("420"))
-            outSubsamp = TJ.SAMP_420;
-          else
-            usage();
-        } else if (argv[i].substring(0, 2).equalsIgnoreCase("-q") &&
-                   i < argv.length - 1) {
-          outQual = Integer.parseInt(argv[++i]);
-          if (outQual < 1 || outQual > 100)
-            usage();
-        } else if (argv[i].substring(0, 2).equalsIgnoreCase("-g"))
-          xform.options |= TJTransform.OPT_GRAY;
-        else if (argv[i].equalsIgnoreCase("-hflip"))
-          xform.op = TJTransform.OP_HFLIP;
-        else if (argv[i].equalsIgnoreCase("-vflip"))
-          xform.op = TJTransform.OP_VFLIP;
-        else if (argv[i].equalsIgnoreCase("-transpose"))
-          xform.op = TJTransform.OP_TRANSPOSE;
-        else if (argv[i].equalsIgnoreCase("-transverse"))
-          xform.op = TJTransform.OP_TRANSVERSE;
-        else if (argv[i].equalsIgnoreCase("-rot90"))
-          xform.op = TJTransform.OP_ROT90;
-        else if (argv[i].equalsIgnoreCase("-rot180"))
-          xform.op = TJTransform.OP_ROT180;
-        else if (argv[i].equalsIgnoreCase("-rot270"))
-          xform.op = TJTransform.OP_ROT270;
-        else if (argv[i].equalsIgnoreCase("-custom"))
-          xform.cf = new TJExample();
-        else if (argv[i].length() > 2 &&
-                 argv[i].substring(0, 2).equalsIgnoreCase("-c") &&
-                 i < argv.length - 1) {
-          String[] cropArg = argv[++i].split("[x\\+]");
-          if (cropArg.length != 4)
-            usage();
-          xform.width = Integer.parseInt(cropArg[0]);
-          xform.height = Integer.parseInt(cropArg[1]);
-          xform.x = Integer.parseInt(cropArg[2]);
-          xform.y = Integer.parseInt(cropArg[3]);
-          if (xform.x < 0 || xform.y < 0 || xform.width < 1 ||
-              xform.height < 1)
-            usage();
-          xform.options |= TJTransform.OPT_CROP;
-        } else if (argv[i].substring(0, 2).equalsIgnoreCase("-d"))
-          display = true;
-        else if (argv[i].equalsIgnoreCase("-fastupsample")) {
-          System.out.println("Using fast upsampling code");
-          flags |= TJ.FLAG_FASTUPSAMPLE;
-        } else if (argv[i].equalsIgnoreCase("-fastdct")) {
-          System.out.println("Using fastest DCT/IDCT algorithm");
-          flags |= TJ.FLAG_FASTDCT;
-        } else if (argv[i].equalsIgnoreCase("-accuratedct")) {
-          System.out.println("Using most accurate DCT/IDCT algorithm");
-          flags |= TJ.FLAG_ACCURATEDCT;
-        } else usage();
-      }
-
-      /* Determine input and output image formats based on file extensions. */
-      String[] inFileTokens = argv[0].split("\\.");
-      if (inFileTokens.length > 1)
-        inFormat = inFileTokens[inFileTokens.length - 1];
-      String[] outFileTokens;
-      if (display)
-        outFormat = "bmp";
-      else {
-        outFileTokens = argv[1].split("\\.");
-        if (outFileTokens.length > 1)
-          outFormat = outFileTokens[outFileTokens.length - 1];
-      }
-
-      if (inFormat.equalsIgnoreCase("jpg")) {
-        /* Input image is a JPEG image.  Decompress and/or transform it. */
-        boolean doTransform = (xform.op != TJTransform.OP_NONE ||
-                               xform.options != 0 || xform.cf != null);
-
-        /* Read the JPEG file into memory. */
-        File jpegFile = new File(argv[0]);
-        FileInputStream fis = new FileInputStream(jpegFile);
-        int jpegSize = fis.available();
-        if (jpegSize < 1) {
-          System.out.println("Input file contains no data");
-          System.exit(1);
-        }
-        byte[] jpegBuf = new byte[jpegSize];
-        fis.read(jpegBuf);
-        fis.close();
-
-        TJDecompressor tjd;
-        if (doTransform) {
-          /* Transform it. */
-          TJTransformer tjt = new TJTransformer(jpegBuf);
-          TJTransform[] xforms = new TJTransform[1];
-          xforms[0] = xform;
-          xforms[0].options |= TJTransform.OPT_TRIM;
-          TJDecompressor[] tjds = tjt.transform(xforms, 0);
-          tjd = tjds[0];
-          tjt.close();
-        } else
-          tjd = new TJDecompressor(jpegBuf);
-
-        width = tjd.getWidth();
-        height = tjd.getHeight();
-        int inSubsamp = tjd.getSubsamp();
-        int inColorspace = tjd.getColorspace();
-
-        System.out.println((doTransform ? "Transformed" : "Input") +
-                           " Image (jpg):  " + width + " x " + height +
-                           " pixels, " + SUBSAMP_NAME[inSubsamp] +
-                           " subsampling, " + COLORSPACE_NAME[inColorspace]);
-
-        if (outFormat.equalsIgnoreCase("jpg") && doTransform &&
-            scalingFactor.isOne() && outSubsamp < 0 && outQual < 0) {
-          /* Input image has been transformed, and no re-compression options
-             have been selected.  Write the transformed image to disk and
-             exit. */
-          File outFile = new File(argv[1]);
-          FileOutputStream fos = new FileOutputStream(outFile);
-          fos.write(tjd.getJPEGBuf(), 0, tjd.getJPEGSize());
-          fos.close();
-          System.exit(0);
-        }
-
-        /* Scaling and/or a non-JPEG output image format and/or compression
-           options have been selected, so we need to decompress the
-           input/transformed image. */
-        width = scalingFactor.getScaled(width);
-        height = scalingFactor.getScaled(height);
-        if (outSubsamp < 0)
-          outSubsamp = inSubsamp;
-
-        if (!outFormat.equalsIgnoreCase("jpg"))
-          img = tjd.decompress(width, height, BufferedImage.TYPE_INT_RGB,
-                               flags);
-        else
-          imgBuf = tjd.decompress(width, 0, height, TJ.PF_BGRX, flags);
-        tjd.close();
-      } else {
-        /* Input image is not a JPEG image.  Load it into memory. */
-        img = ImageIO.read(new File(argv[0]));
-        if (img == null)
-          throw new Exception("Input image type not supported.");
-        width = img.getWidth();
-        height = img.getHeight();
-        if (outSubsamp < 0) {
-          if (img.getType() == BufferedImage.TYPE_BYTE_GRAY)
-            outSubsamp = TJ.SAMP_GRAY;
-          else
-            outSubsamp = DEFAULT_SUBSAMP;
-        }
-        System.out.println("Input Image:  " + width + " x " + height +
-                           " pixels");
-      }
-      System.gc();
-      if (!display)
-        System.out.print("Output Image (" + outFormat + "):  " + width +
-                         " x " + height + " pixels");
-
-      if (display) {
-        /* Display the uncompressed image */
-        ImageIcon icon = new ImageIcon(img);
-        JLabel label = new JLabel(icon, JLabel.CENTER);
-        JOptionPane.showMessageDialog(null, label, "Output Image",
-                                      JOptionPane.PLAIN_MESSAGE);
-      } else if (outFormat.equalsIgnoreCase("jpg")) {
-        /* Output image format is JPEG.  Compress the uncompressed image. */
-        if (outQual < 0)
-          outQual = DEFAULT_QUALITY;
-        System.out.println(", " + SUBSAMP_NAME[outSubsamp] +
-                           " subsampling, quality = " + outQual);
-
-        TJCompressor tjc = new TJCompressor();
-        tjc.setSubsamp(outSubsamp);
-        tjc.setJPEGQuality(outQual);
-        if (img != null)
-          tjc.setSourceImage(img, 0, 0, 0, 0);
-        else
-          tjc.setSourceImage(imgBuf, 0, 0, width, 0, height, TJ.PF_BGRX);
-        byte[] jpegBuf = tjc.compress(flags);
-        int jpegSize = tjc.getCompressedSize();
-        tjc.close();
-
-        /* Write the JPEG image to disk. */
-        File outFile = new File(argv[1]);
-        FileOutputStream fos = new FileOutputStream(outFile);
-        fos.write(jpegBuf, 0, jpegSize);
-        fos.close();
-      } else {
-        /* Output image format is not JPEG.  Save the uncompressed image
-           directly to disk. */
-        System.out.print("\n");
-        File outFile = new File(argv[1]);
-        ImageIO.write(img, outFormat, outFile);
-      }
-
-    } catch (Exception e) {
-      e.printStackTrace();
-      System.exit(-1);
-    }
-  }
-
-  static final TJScalingFactor[] SCALING_FACTORS =
-    TJ.getScalingFactors();
-};
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/TJUnitTest.java b/3rdparty/libjpeg-turbo_2_1_0/java/TJUnitTest.java
deleted file mode 100644
index 91ad5fd..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/TJUnitTest.java
+++ /dev/null
@@ -1,960 +0,0 @@
-/*
- * Copyright (C)2011-2018 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-/*
- * This program tests the various code paths in the TurboJPEG JNI Wrapper
- */
-
-import java.io.*;
-import java.util.*;
-import java.awt.image.*;
-import javax.imageio.*;
-import java.nio.*;
-import org.libjpegturbo.turbojpeg.*;
-
-@SuppressWarnings("checkstyle:JavadocType")
-final class TJUnitTest {
-
-  private TJUnitTest() {}
-
-  static final String CLASS_NAME =
-    new TJUnitTest().getClass().getName();
-
-  static void usage() {
-    System.out.println("\nUSAGE: java " + CLASS_NAME + " [options]\n");
-    System.out.println("Options:");
-    System.out.println("-yuv = test YUV encoding/decoding support");
-    System.out.println("-noyuvpad = do not pad each line of each Y, U, and V plane to the nearest");
-    System.out.println("            4-byte boundary");
-    System.out.println("-bi = test BufferedImage support\n");
-    System.exit(1);
-  }
-
-  static final String[] SUBNAME_LONG = {
-    "4:4:4", "4:2:2", "4:2:0", "GRAY", "4:4:0", "4:1:1"
-  };
-  static final String[] SUBNAME = {
-    "444", "422", "420", "GRAY", "440", "411"
-  };
-
-  static final String[] PIXFORMATSTR = {
-    "RGB", "BGR", "RGBX", "BGRX", "XBGR", "XRGB", "Grayscale",
-    "RGBA", "BGRA", "ABGR", "ARGB", "CMYK"
-  };
-
-  static final int[] FORMATS_3BYTE = {
-    TJ.PF_RGB, TJ.PF_BGR
-  };
-  static final int[] FORMATS_3BYTEBI = {
-    BufferedImage.TYPE_3BYTE_BGR
-  };
-  static final int[] FORMATS_4BYTE = {
-    TJ.PF_RGBX, TJ.PF_BGRX, TJ.PF_XBGR, TJ.PF_XRGB, TJ.PF_CMYK
-  };
-  static final int[] FORMATS_4BYTEBI = {
-    BufferedImage.TYPE_INT_BGR, BufferedImage.TYPE_INT_RGB,
-    BufferedImage.TYPE_4BYTE_ABGR, BufferedImage.TYPE_4BYTE_ABGR_PRE,
-    BufferedImage.TYPE_INT_ARGB, BufferedImage.TYPE_INT_ARGB_PRE
-  };
-  static final int[] FORMATS_GRAY = {
-    TJ.PF_GRAY
-  };
-  static final int[] FORMATS_GRAYBI = {
-    BufferedImage.TYPE_BYTE_GRAY
-  };
-  static final int[] FORMATS_RGB = {
-    TJ.PF_RGB
-  };
-
-  private static boolean doYUV = false;
-  private static int pad = 4;
-  private static boolean bi = false;
-
-  private static int exitStatus = 0;
-
-  static int biTypePF(int biType) {
-    ByteOrder byteOrder = ByteOrder.nativeOrder();
-    switch (biType) {
-    case BufferedImage.TYPE_3BYTE_BGR:
-      return TJ.PF_BGR;
-    case BufferedImage.TYPE_4BYTE_ABGR:
-    case BufferedImage.TYPE_4BYTE_ABGR_PRE:
-      return TJ.PF_ABGR;
-    case BufferedImage.TYPE_BYTE_GRAY:
-      return TJ.PF_GRAY;
-    case BufferedImage.TYPE_INT_BGR:
-      return TJ.PF_RGBX;
-    case BufferedImage.TYPE_INT_RGB:
-      return TJ.PF_BGRX;
-    case BufferedImage.TYPE_INT_ARGB:
-    case BufferedImage.TYPE_INT_ARGB_PRE:
-      return TJ.PF_BGRA;
-    default:
-      return 0;
-    }
-  }
-
-  static String biTypeStr(int biType) {
-    switch (biType) {
-    case BufferedImage.TYPE_3BYTE_BGR:
-      return "3BYTE_BGR";
-    case BufferedImage.TYPE_4BYTE_ABGR:
-      return "4BYTE_ABGR";
-    case BufferedImage.TYPE_4BYTE_ABGR_PRE:
-      return "4BYTE_ABGR_PRE";
-    case BufferedImage.TYPE_BYTE_GRAY:
-      return "BYTE_GRAY";
-    case BufferedImage.TYPE_INT_BGR:
-      return "INT_BGR";
-    case BufferedImage.TYPE_INT_RGB:
-      return "INT_RGB";
-    case BufferedImage.TYPE_INT_ARGB:
-      return "INT_ARGB";
-    case BufferedImage.TYPE_INT_ARGB_PRE:
-      return "INT_ARGB_PRE";
-    default:
-      return "Unknown";
-    }
-  }
-
-  static void initBuf(byte[] buf, int w, int pitch, int h, int pf, int flags)
-                      throws Exception {
-    int roffset = TJ.getRedOffset(pf);
-    int goffset = TJ.getGreenOffset(pf);
-    int boffset = TJ.getBlueOffset(pf);
-    int aoffset = TJ.getAlphaOffset(pf);
-    int ps = TJ.getPixelSize(pf);
-    int index, row, col, halfway = 16;
-
-    if (pf == TJ.PF_GRAY) {
-      Arrays.fill(buf, (byte)0);
-      for (row = 0; row < h; row++) {
-        for (col = 0; col < w; col++) {
-          if ((flags & TJ.FLAG_BOTTOMUP) != 0)
-            index = pitch * (h - row - 1) + col;
-          else
-            index = pitch * row + col;
-          if (((row / 8) + (col / 8)) % 2 == 0)
-            buf[index] = (row < halfway) ? (byte)255 : 0;
-          else
-            buf[index] = (row < halfway) ? 76 : (byte)226;
-        }
-      }
-      return;
-    }
-    if (pf == TJ.PF_CMYK) {
-      Arrays.fill(buf, (byte)255);
-      for (row = 0; row < h; row++) {
-        for (col = 0; col < w; col++) {
-          if ((flags & TJ.FLAG_BOTTOMUP) != 0)
-            index = (h - row - 1) * w + col;
-          else
-            index = row * w + col;
-          if (((row / 8) + (col / 8)) % 2 == 0) {
-            if (row >= halfway) buf[index * ps + 3] = 0;
-          } else {
-            buf[index * ps + 2] = 0;
-            if (row < halfway)
-              buf[index * ps + 1] = 0;
-          }
-        }
-      }
-      return;
-    }
-
-    Arrays.fill(buf, (byte)0);
-    for (row = 0; row < h; row++) {
-      for (col = 0; col < w; col++) {
-        if ((flags & TJ.FLAG_BOTTOMUP) != 0)
-          index = pitch * (h - row - 1) + col * ps;
-        else
-          index = pitch * row + col * ps;
-        if (((row / 8) + (col / 8)) % 2 == 0) {
-          if (row < halfway) {
-            buf[index + roffset] = (byte)255;
-            buf[index + goffset] = (byte)255;
-            buf[index + boffset] = (byte)255;
-          }
-        } else {
-          buf[index + roffset] = (byte)255;
-          if (row >= halfway)
-            buf[index + goffset] = (byte)255;
-        }
-        if (aoffset >= 0)
-          buf[index + aoffset] = (byte)255;
-      }
-    }
-  }
-
-  static void initIntBuf(int[] buf, int w, int pitch, int h, int pf, int flags)
-                         throws Exception {
-    int rshift = TJ.getRedOffset(pf) * 8;
-    int gshift = TJ.getGreenOffset(pf) * 8;
-    int bshift = TJ.getBlueOffset(pf) * 8;
-    int ashift = TJ.getAlphaOffset(pf) * 8;
-    int index, row, col, halfway = 16;
-
-    Arrays.fill(buf, 0);
-    for (row = 0; row < h; row++) {
-      for (col = 0; col < w; col++) {
-        if ((flags & TJ.FLAG_BOTTOMUP) != 0)
-          index = pitch * (h - row - 1) + col;
-        else
-          index = pitch * row + col;
-        if (((row / 8) + (col / 8)) % 2 == 0) {
-          if (row < halfway) {
-            buf[index] |= (255 << rshift);
-            buf[index] |= (255 << gshift);
-            buf[index] |= (255 << bshift);
-          }
-        } else {
-          buf[index] |= (255 << rshift);
-          if (row >= halfway)
-            buf[index] |= (255 << gshift);
-        }
-        if (ashift >= 0)
-          buf[index] |= (255 << ashift);
-      }
-    }
-  }
-
-  static void initImg(BufferedImage img, int pf, int flags) throws Exception {
-    WritableRaster wr = img.getRaster();
-    int imgType = img.getType();
-
-    if (imgType == BufferedImage.TYPE_INT_RGB ||
-        imgType == BufferedImage.TYPE_INT_BGR ||
-        imgType == BufferedImage.TYPE_INT_ARGB ||
-        imgType == BufferedImage.TYPE_INT_ARGB_PRE) {
-      SinglePixelPackedSampleModel sm =
-        (SinglePixelPackedSampleModel)img.getSampleModel();
-      int pitch = sm.getScanlineStride();
-      DataBufferInt db = (DataBufferInt)wr.getDataBuffer();
-      int[] buf = db.getData();
-      initIntBuf(buf, img.getWidth(), pitch, img.getHeight(), pf, flags);
-    } else {
-      ComponentSampleModel sm = (ComponentSampleModel)img.getSampleModel();
-      int pitch = sm.getScanlineStride();
-      DataBufferByte db = (DataBufferByte)wr.getDataBuffer();
-      byte[] buf = db.getData();
-      initBuf(buf, img.getWidth(), pitch, img.getHeight(), pf, flags);
-    }
-  }
-
-  static void checkVal(int row, int col, int v, String vname, int cv)
-                       throws Exception {
-    v = (v < 0) ? v + 256 : v;
-    if (v < cv - 1 || v > cv + 1) {
-      throw new Exception("Comp. " + vname + " at " + row + "," + col +
-                          " should be " + cv + ", not " + v);
-    }
-  }
-
-  static void checkVal0(int row, int col, int v, String vname)
-                        throws Exception {
-    v = (v < 0) ? v + 256 : v;
-    if (v > 1) {
-      throw new Exception("Comp. " + vname + " at " + row + "," + col +
-                          " should be 0, not " + v);
-    }
-  }
-
-  static void checkVal255(int row, int col, int v, String vname)
-                          throws Exception {
-    v = (v < 0) ? v + 256 : v;
-    if (v < 254) {
-      throw new Exception("Comp. " + vname + " at " + row + "," + col +
-                          " should be 255, not " + v);
-    }
-  }
-
-  static int checkBuf(byte[] buf, int w, int pitch, int h, int pf, int subsamp,
-                      TJScalingFactor sf, int flags) throws Exception {
-    int roffset = TJ.getRedOffset(pf);
-    int goffset = TJ.getGreenOffset(pf);
-    int boffset = TJ.getBlueOffset(pf);
-    int aoffset = TJ.getAlphaOffset(pf);
-    int ps = TJ.getPixelSize(pf);
-    int index, row, col, retval = 1;
-    int halfway = 16 * sf.getNum() / sf.getDenom();
-    int blockSize = 8 * sf.getNum() / sf.getDenom();
-
-    try {
-
-      if (pf == TJ.PF_GRAY)
-        roffset = goffset = boffset = 0;
-
-      if (pf == TJ.PF_CMYK) {
-        for (row = 0; row < h; row++) {
-          for (col = 0; col < w; col++) {
-            if ((flags & TJ.FLAG_BOTTOMUP) != 0)
-              index = (h - row - 1) * w + col;
-            else
-              index = row * w + col;
-            byte c = buf[index * ps];
-            byte m = buf[index * ps + 1];
-            byte y = buf[index * ps + 2];
-            byte k = buf[index * ps + 3];
-            checkVal255(row, col, c, "C");
-            if (((row / blockSize) + (col / blockSize)) % 2 == 0) {
-              checkVal255(row, col, m, "M");
-              checkVal255(row, col, y, "Y");
-              if (row < halfway)
-                checkVal255(row, col, k, "K");
-              else
-                checkVal0(row, col, k, "K");
-            } else {
-              checkVal0(row, col, y, "Y");
-              checkVal255(row, col, k, "K");
-              if (row < halfway)
-                checkVal0(row, col, m, "M");
-              else
-                checkVal255(row, col, m, "M");
-            }
-          }
-        }
-        return 1;
-      }
-
-      for (row = 0; row < halfway; row++) {
-        for (col = 0; col < w; col++) {
-          if ((flags & TJ.FLAG_BOTTOMUP) != 0)
-            index = pitch * (h - row - 1) + col * ps;
-          else
-            index = pitch * row + col * ps;
-          byte r = buf[index + roffset];
-          byte g = buf[index + goffset];
-          byte b = buf[index + boffset];
-          byte a = aoffset >= 0 ? buf[index + aoffset] : (byte)255;
-          if (((row / blockSize) + (col / blockSize)) % 2 == 0) {
-            if (row < halfway) {
-              checkVal255(row, col, r, "R");
-              checkVal255(row, col, g, "G");
-              checkVal255(row, col, b, "B");
-            } else {
-              checkVal0(row, col, r, "R");
-              checkVal0(row, col, g, "G");
-              checkVal0(row, col, b, "B");
-            }
-          } else {
-            if (subsamp == TJ.SAMP_GRAY) {
-              if (row < halfway) {
-                checkVal(row, col, r, "R", 76);
-                checkVal(row, col, g, "G", 76);
-                checkVal(row, col, b, "B", 76);
-              } else {
-                checkVal(row, col, r, "R", 226);
-                checkVal(row, col, g, "G", 226);
-                checkVal(row, col, b, "B", 226);
-              }
-            } else {
-              checkVal255(row, col, r, "R");
-              if (row < halfway) {
-                checkVal0(row, col, g, "G");
-              } else {
-                checkVal255(row, col, g, "G");
-              }
-              checkVal0(row, col, b, "B");
-            }
-          }
-          checkVal255(row, col, a, "A");
-        }
-      }
-    } catch (Exception e) {
-      System.out.println("\n" + e.getMessage());
-      retval = 0;
-    }
-
-    if (retval == 0) {
-      for (row = 0; row < h; row++) {
-        for (col = 0; col < w; col++) {
-          if (pf == TJ.PF_CMYK) {
-            int c = buf[pitch * row + col * ps];
-            int m = buf[pitch * row + col * ps + 1];
-            int y = buf[pitch * row + col * ps + 2];
-            int k = buf[pitch * row + col * ps + 3];
-            if (c < 0) c += 256;
-            if (m < 0) m += 256;
-            if (y < 0) y += 256;
-            if (k < 0) k += 256;
-            System.out.format("%3d/%3d/%3d/%3d ", c, m, y, k);
-          } else {
-            int r = buf[pitch * row + col * ps + roffset];
-            int g = buf[pitch * row + col * ps + goffset];
-            int b = buf[pitch * row + col * ps + boffset];
-            if (r < 0) r += 256;
-            if (g < 0) g += 256;
-            if (b < 0) b += 256;
-            System.out.format("%3d/%3d/%3d ", r, g, b);
-          }
-        }
-        System.out.print("\n");
-      }
-    }
-    return retval;
-  }
-
-  static int checkIntBuf(int[] buf, int w, int pitch, int h, int pf,
-                         int subsamp, TJScalingFactor sf, int flags)
-                         throws Exception {
-    int rshift = TJ.getRedOffset(pf) * 8;
-    int gshift = TJ.getGreenOffset(pf) * 8;
-    int bshift = TJ.getBlueOffset(pf) * 8;
-    int ashift = TJ.getAlphaOffset(pf) * 8;
-    int index, row, col, retval = 1;
-    int halfway = 16 * sf.getNum() / sf.getDenom();
-    int blockSize = 8 * sf.getNum() / sf.getDenom();
-
-    try {
-      for (row = 0; row < halfway; row++) {
-        for (col = 0; col < w; col++) {
-          if ((flags & TJ.FLAG_BOTTOMUP) != 0)
-            index = pitch * (h - row - 1) + col;
-          else
-            index = pitch * row + col;
-          int r = (buf[index] >> rshift) & 0xFF;
-          int g = (buf[index] >> gshift) & 0xFF;
-          int b = (buf[index] >> bshift) & 0xFF;
-          int a = ashift >= 0 ? (buf[index] >> ashift) & 0xFF : 255;
-          if (((row / blockSize) + (col / blockSize)) % 2 == 0) {
-            if (row < halfway) {
-              checkVal255(row, col, r, "R");
-              checkVal255(row, col, g, "G");
-              checkVal255(row, col, b, "B");
-            } else {
-              checkVal0(row, col, r, "R");
-              checkVal0(row, col, g, "G");
-              checkVal0(row, col, b, "B");
-            }
-          } else {
-            if (subsamp == TJ.SAMP_GRAY) {
-              if (row < halfway) {
-                checkVal(row, col, r, "R", 76);
-                checkVal(row, col, g, "G", 76);
-                checkVal(row, col, b, "B", 76);
-              } else {
-                checkVal(row, col, r, "R", 226);
-                checkVal(row, col, g, "G", 226);
-                checkVal(row, col, b, "B", 226);
-              }
-            } else {
-              checkVal255(row, col, r, "R");
-              if (row < halfway) {
-                checkVal0(row, col, g, "G");
-              } else {
-                checkVal255(row, col, g, "G");
-              }
-              checkVal0(row, col, b, "B");
-            }
-          }
-          checkVal255(row, col, a, "A");
-        }
-      }
-    } catch (Exception e) {
-      System.out.println("\n" + e.getMessage());
-      retval = 0;
-    }
-
-    if (retval == 0) {
-      for (row = 0; row < h; row++) {
-        for (col = 0; col < w; col++) {
-          int r = (buf[pitch * row + col] >> rshift) & 0xFF;
-          int g = (buf[pitch * row + col] >> gshift) & 0xFF;
-          int b = (buf[pitch * row + col] >> bshift) & 0xFF;
-          if (r < 0) r += 256;
-          if (g < 0) g += 256;
-          if (b < 0) b += 256;
-          System.out.format("%3d/%3d/%3d ", r, g, b);
-        }
-        System.out.print("\n");
-      }
-    }
-    return retval;
-  }
-
-  static int checkImg(BufferedImage img, int pf, int subsamp,
-                      TJScalingFactor sf, int flags) throws Exception {
-    WritableRaster wr = img.getRaster();
-    int imgType = img.getType();
-    if (imgType == BufferedImage.TYPE_INT_RGB ||
-        imgType == BufferedImage.TYPE_INT_BGR ||
-        imgType == BufferedImage.TYPE_INT_ARGB ||
-        imgType == BufferedImage.TYPE_INT_ARGB_PRE) {
-      SinglePixelPackedSampleModel sm =
-        (SinglePixelPackedSampleModel)img.getSampleModel();
-      int pitch = sm.getScanlineStride();
-      DataBufferInt db = (DataBufferInt)wr.getDataBuffer();
-      int[] buf = db.getData();
-      return checkIntBuf(buf, img.getWidth(), pitch, img.getHeight(), pf,
-                         subsamp, sf, flags);
-    } else {
-      ComponentSampleModel sm = (ComponentSampleModel)img.getSampleModel();
-      int pitch = sm.getScanlineStride();
-      DataBufferByte db = (DataBufferByte)wr.getDataBuffer();
-      byte[] buf = db.getData();
-      return checkBuf(buf, img.getWidth(), pitch, img.getHeight(), pf, subsamp,
-                      sf, flags);
-    }
-  }
-
-  static int pad(int v, int p) {
-    return ((v + (p) - 1) & (~((p) - 1)));
-  }
-
-  static int checkBufYUV(byte[] buf, int size, int w, int h, int subsamp,
-                         TJScalingFactor sf) throws Exception {
-    int row, col;
-    int hsf = TJ.getMCUWidth(subsamp) / 8, vsf = TJ.getMCUHeight(subsamp) / 8;
-    int pw = pad(w, hsf), ph = pad(h, vsf);
-    int cw = pw / hsf, ch = ph / vsf;
-    int ypitch = pad(pw, pad), uvpitch = pad(cw, pad);
-    int retval = 1;
-    int correctsize = ypitch * ph +
-                      (subsamp == TJ.SAMP_GRAY ? 0 : uvpitch * ch * 2);
-    int halfway = 16 * sf.getNum() / sf.getDenom();
-    int blockSize = 8 * sf.getNum() / sf.getDenom();
-
-    try {
-      if (size != correctsize)
-        throw new Exception("Incorrect size " + size + ".  Should be " +
-                            correctsize);
-
-      for (row = 0; row < ph; row++) {
-        for (col = 0; col < pw; col++) {
-          byte y = buf[ypitch * row + col];
-          if (((row / blockSize) + (col / blockSize)) % 2 == 0) {
-            if (row < halfway)
-              checkVal255(row, col, y, "Y");
-            else
-              checkVal0(row, col, y, "Y");
-          } else {
-            if (row < halfway)
-              checkVal(row, col, y, "Y", 76);
-            else
-              checkVal(row, col, y, "Y", 226);
-          }
-        }
-      }
-      if (subsamp != TJ.SAMP_GRAY) {
-        halfway = 16 / vsf * sf.getNum() / sf.getDenom();
-        for (row = 0; row < ch; row++) {
-          for (col = 0; col < cw; col++) {
-            byte u = buf[ypitch * ph + (uvpitch * row + col)],
-                 v = buf[ypitch * ph + uvpitch * ch + (uvpitch * row + col)];
-            if (((row * vsf / blockSize) + (col * hsf / blockSize)) % 2 == 0) {
-              checkVal(row, col, u, "U", 128);
-              checkVal(row, col, v, "V", 128);
-            } else {
-              if (row < halfway) {
-                checkVal(row, col, u, "U", 85);
-                checkVal255(row, col, v, "V");
-              } else {
-                checkVal0(row, col, u, "U");
-                checkVal(row, col, v, "V", 149);
-              }
-            }
-          }
-        }
-      }
-    } catch (Exception e) {
-      System.out.println("\n" + e.getMessage());
-      retval = 0;
-    }
-
-    if (retval == 0) {
-      for (row = 0; row < ph; row++) {
-        for (col = 0; col < pw; col++) {
-          int y = buf[ypitch * row + col];
-          if (y < 0) y += 256;
-          System.out.format("%3d ", y);
-        }
-        System.out.print("\n");
-      }
-      System.out.print("\n");
-      for (row = 0; row < ch; row++) {
-        for (col = 0; col < cw; col++) {
-          int u = buf[ypitch * ph + (uvpitch * row + col)];
-          if (u < 0) u += 256;
-          System.out.format("%3d ", u);
-        }
-        System.out.print("\n");
-      }
-      System.out.print("\n");
-      for (row = 0; row < ch; row++) {
-        for (col = 0; col < cw; col++) {
-          int v = buf[ypitch * ph + uvpitch * ch + (uvpitch * row + col)];
-          if (v < 0) v += 256;
-          System.out.format("%3d ", v);
-        }
-        System.out.print("\n");
-      }
-    }
-
-    return retval;
-  }
-
-  static void writeJPEG(byte[] jpegBuf, int jpegBufSize, String filename)
-                        throws Exception {
-    File file = new File(filename);
-    FileOutputStream fos = new FileOutputStream(file);
-    fos.write(jpegBuf, 0, jpegBufSize);
-    fos.close();
-  }
-
-  static int compTest(TJCompressor tjc, byte[] dstBuf, int w, int h, int pf,
-                      String baseName, int subsamp, int jpegQual, int flags)
-                      throws Exception {
-    String tempStr;
-    byte[] srcBuf = null;
-    BufferedImage img = null;
-    String pfStr, pfStrLong;
-    String buStr = (flags & TJ.FLAG_BOTTOMUP) != 0 ? "BU" : "TD";
-    String buStrLong = (flags & TJ.FLAG_BOTTOMUP) != 0 ?
-                       "Bottom-Up" : "Top-Down ";
-    int size = 0, ps, imgType = pf;
-
-    if (bi) {
-      pf = biTypePF(imgType);
-      pfStr = biTypeStr(imgType);
-      pfStrLong = pfStr + " (" + PIXFORMATSTR[pf] + ")";
-    } else {
-      pfStr = PIXFORMATSTR[pf];
-      pfStrLong = pfStr;
-    }
-    ps =  TJ.getPixelSize(pf);
-
-    if (bi) {
-      img = new BufferedImage(w, h, imgType);
-      initImg(img, pf, flags);
-      tempStr = baseName + "_enc_" + pfStr + "_" + buStr + "_" +
-                SUBNAME[subsamp] + "_Q" + jpegQual + ".png";
-      File file = new File(tempStr);
-      ImageIO.write(img, "png", file);
-      tjc.setSourceImage(img, 0, 0, 0, 0);
-    } else {
-      srcBuf = new byte[w * h * ps + 1];
-      initBuf(srcBuf, w, w * ps, h, pf, flags);
-      tjc.setSourceImage(srcBuf, 0, 0, w, 0, h, pf);
-    }
-    Arrays.fill(dstBuf, (byte)0);
-
-    tjc.setSubsamp(subsamp);
-    tjc.setJPEGQuality(jpegQual);
-    if (doYUV) {
-      System.out.format("%s %s -> YUV %s ... ", pfStrLong, buStrLong,
-                        SUBNAME_LONG[subsamp]);
-      YUVImage yuvImage = tjc.encodeYUV(pad, flags);
-      if (checkBufYUV(yuvImage.getBuf(), yuvImage.getSize(), w, h, subsamp,
-                      new TJScalingFactor(1, 1)) == 1)
-        System.out.print("Passed.\n");
-      else {
-        System.out.print("FAILED!\n");
-        exitStatus = -1;
-      }
-
-      System.out.format("YUV %s %s -> JPEG Q%d ... ", SUBNAME_LONG[subsamp],
-                        buStrLong, jpegQual);
-      tjc.setSourceImage(yuvImage);
-    } else {
-      System.out.format("%s %s -> %s Q%d ... ", pfStrLong, buStrLong,
-                        SUBNAME_LONG[subsamp], jpegQual);
-    }
-    tjc.compress(dstBuf, flags);
-    size = tjc.getCompressedSize();
-
-    tempStr = baseName + "_enc_" + pfStr + "_" + buStr + "_" +
-              SUBNAME[subsamp] + "_Q" + jpegQual + ".jpg";
-    writeJPEG(dstBuf, size, tempStr);
-    System.out.println("Done.\n  Result in " + tempStr);
-
-    return size;
-  }
-
-  static void decompTest(TJDecompressor tjd, byte[] jpegBuf, int jpegSize,
-                         int w, int h, int pf, String baseName, int subsamp,
-                         int flags, TJScalingFactor sf) throws Exception {
-    String pfStr, pfStrLong, tempStr;
-    String buStrLong = (flags & TJ.FLAG_BOTTOMUP) != 0 ?
-                       "Bottom-Up" : "Top-Down ";
-    int scaledWidth = sf.getScaled(w);
-    int scaledHeight = sf.getScaled(h);
-    int temp1, temp2, imgType = pf;
-    BufferedImage img = null;
-    byte[] dstBuf = null;
-
-    if (bi) {
-      pf = biTypePF(imgType);
-      pfStr = biTypeStr(imgType);
-      pfStrLong = pfStr + " (" + PIXFORMATSTR[pf] + ")";
-    } else {
-      pfStr = PIXFORMATSTR[pf];
-      pfStrLong = pfStr;
-    }
-
-    tjd.setSourceImage(jpegBuf, jpegSize);
-    if (tjd.getWidth() != w || tjd.getHeight() != h ||
-        tjd.getSubsamp() != subsamp)
-      throw new Exception("Incorrect JPEG header");
-
-    temp1 = scaledWidth;
-    temp2 = scaledHeight;
-    temp1 = tjd.getScaledWidth(temp1, temp2);
-    temp2 = tjd.getScaledHeight(temp1, temp2);
-    if (temp1 != scaledWidth || temp2 != scaledHeight)
-      throw new Exception("Scaled size mismatch");
-
-    if (doYUV) {
-      System.out.format("JPEG -> YUV %s ", SUBNAME_LONG[subsamp]);
-      if (!sf.isOne())
-        System.out.format("%d/%d ... ", sf.getNum(), sf.getDenom());
-      else System.out.print("... ");
-      YUVImage yuvImage = tjd.decompressToYUV(scaledWidth, pad, scaledHeight,
-                                              flags);
-      if (checkBufYUV(yuvImage.getBuf(), yuvImage.getSize(), scaledWidth,
-                      scaledHeight, subsamp, sf) == 1)
-        System.out.print("Passed.\n");
-      else {
-        System.out.print("FAILED!\n");  exitStatus = -1;
-      }
-
-      System.out.format("YUV %s -> %s %s ... ", SUBNAME_LONG[subsamp],
-                        pfStrLong, buStrLong);
-      tjd.setSourceImage(yuvImage);
-    } else {
-      System.out.format("JPEG -> %s %s ", pfStrLong, buStrLong);
-      if (!sf.isOne())
-        System.out.format("%d/%d ... ", sf.getNum(), sf.getDenom());
-      else System.out.print("... ");
-    }
-    if (bi)
-      img = tjd.decompress(scaledWidth, scaledHeight, imgType, flags);
-    else
-      dstBuf = tjd.decompress(scaledWidth, 0, scaledHeight, pf, flags);
-
-    if (bi) {
-      tempStr = baseName + "_dec_" + pfStr + "_" +
-                (((flags & TJ.FLAG_BOTTOMUP) != 0) ? "BU" : "TD") + "_" +
-                SUBNAME[subsamp] + "_" +
-                (double)sf.getNum() / (double)sf.getDenom() + "x" + ".png";
-      File file = new File(tempStr);
-      ImageIO.write(img, "png", file);
-    }
-
-    if ((bi && checkImg(img, pf, subsamp, sf, flags) == 1) ||
-        (!bi && checkBuf(dstBuf, scaledWidth,
-                         scaledWidth * TJ.getPixelSize(pf), scaledHeight, pf,
-                         subsamp, sf, flags) == 1))
-      System.out.print("Passed.\n");
-    else {
-      System.out.print("FAILED!\n");
-      exitStatus = -1;
-    }
-  }
-
-  static void decompTest(TJDecompressor tjd, byte[] jpegBuf, int jpegSize,
-                         int w, int h, int pf, String baseName, int subsamp,
-                         int flags) throws Exception {
-    int i;
-    TJScalingFactor[] sf = TJ.getScalingFactors();
-    for (i = 0; i < sf.length; i++) {
-      int num = sf[i].getNum();
-      int denom = sf[i].getDenom();
-      if (subsamp == TJ.SAMP_444 || subsamp == TJ.SAMP_GRAY ||
-          (subsamp == TJ.SAMP_411 && num == 1 &&
-           (denom == 2 || denom == 1)) ||
-          (subsamp != TJ.SAMP_411 && num == 1 &&
-           (denom == 4 || denom == 2 || denom == 1)))
-        decompTest(tjd, jpegBuf, jpegSize, w, h, pf, baseName, subsamp,
-                   flags, sf[i]);
-    }
-  }
-
-  static void doTest(int w, int h, int[] formats, int subsamp, String baseName)
-                     throws Exception {
-    TJCompressor tjc = null;
-    TJDecompressor tjd = null;
-    int size;
-    byte[] dstBuf;
-
-    dstBuf = new byte[TJ.bufSize(w, h, subsamp)];
-
-    try {
-      tjc = new TJCompressor();
-      tjd = new TJDecompressor();
-
-      for (int pf : formats) {
-        if (pf < 0) continue;
-        for (int i = 0; i < 2; i++) {
-          int flags = 0;
-          if (subsamp == TJ.SAMP_422 || subsamp == TJ.SAMP_420 ||
-              subsamp == TJ.SAMP_440 || subsamp == TJ.SAMP_411)
-            flags |= TJ.FLAG_FASTUPSAMPLE;
-          if (i == 1)
-            flags |= TJ.FLAG_BOTTOMUP;
-          size = compTest(tjc, dstBuf, w, h, pf, baseName, subsamp, 100,
-                          flags);
-          decompTest(tjd, dstBuf, size, w, h, pf, baseName, subsamp, flags);
-          if (pf >= TJ.PF_RGBX && pf <= TJ.PF_XRGB && !bi) {
-            System.out.print("\n");
-            decompTest(tjd, dstBuf, size, w, h, pf + (TJ.PF_RGBA - TJ.PF_RGBX),
-                       baseName, subsamp, flags);
-          }
-          System.out.print("\n");
-        }
-      }
-      System.out.print("--------------------\n\n");
-    } catch (Exception e) {
-      if (tjc != null) tjc.close();
-      if (tjd != null) tjd.close();
-      throw e;
-    }
-    if (tjc != null) tjc.close();
-    if (tjd != null) tjd.close();
-  }
-
-  static void bufSizeTest() throws Exception {
-    int w, h, i, subsamp;
-    byte[] srcBuf, dstBuf = null;
-    YUVImage dstImage = null;
-    TJCompressor tjc = null;
-    Random r = new Random();
-
-    try {
-      tjc = new TJCompressor();
-      System.out.println("Buffer size regression test");
-      for (subsamp = 0; subsamp < TJ.NUMSAMP; subsamp++) {
-        for (w = 1; w < 48; w++) {
-          int maxh = (w == 1) ? 2048 : 48;
-          for (h = 1; h < maxh; h++) {
-            if (h % 100 == 0)
-              System.out.format("%04d x %04d\b\b\b\b\b\b\b\b\b\b\b", w, h);
-            srcBuf = new byte[w * h * 4];
-            if (doYUV)
-              dstImage = new YUVImage(w, pad, h, subsamp);
-            else
-              dstBuf = new byte[TJ.bufSize(w, h, subsamp)];
-            for (i = 0; i < w * h * 4; i++) {
-              srcBuf[i] = (byte)(r.nextInt(2) * 255);
-            }
-            tjc.setSourceImage(srcBuf, 0, 0, w, 0, h, TJ.PF_BGRX);
-            tjc.setSubsamp(subsamp);
-            tjc.setJPEGQuality(100);
-            if (doYUV)
-              tjc.encodeYUV(dstImage, 0);
-            else
-              tjc.compress(dstBuf, 0);
-
-            srcBuf = new byte[h * w * 4];
-            if (doYUV)
-              dstImage = new YUVImage(h, pad, w, subsamp);
-            else
-              dstBuf = new byte[TJ.bufSize(h, w, subsamp)];
-            for (i = 0; i < h * w * 4; i++) {
-              srcBuf[i] = (byte)(r.nextInt(2) * 255);
-            }
-            tjc.setSourceImage(srcBuf, 0, 0, h, 0, w, TJ.PF_BGRX);
-            if (doYUV)
-              tjc.encodeYUV(dstImage, 0);
-            else
-              tjc.compress(dstBuf, 0);
-          }
-          dstImage = null;
-          dstBuf = null;
-          System.gc();
-        }
-      }
-      System.out.println("Done.      ");
-    } catch (Exception e) {
-      if (tjc != null) tjc.close();
-      throw e;
-    }
-    if (tjc != null) tjc.close();
-  }
-
-  public static void main(String[] argv) {
-    try {
-      String testName = "javatest";
-      for (int i = 0; i < argv.length; i++) {
-        if (argv[i].equalsIgnoreCase("-yuv"))
-          doYUV = true;
-        else if (argv[i].equalsIgnoreCase("-noyuvpad"))
-          pad = 1;
-        else if (argv[i].equalsIgnoreCase("-bi")) {
-          bi = true;
-          testName = "javabitest";
-        } else
-          usage();
-      }
-      if (doYUV)
-        FORMATS_4BYTE[4] = -1;
-      doTest(35, 39, bi ? FORMATS_3BYTEBI : FORMATS_3BYTE, TJ.SAMP_444,
-             testName);
-      doTest(39, 41, bi ? FORMATS_4BYTEBI : FORMATS_4BYTE, TJ.SAMP_444,
-             testName);
-      doTest(41, 35, bi ? FORMATS_3BYTEBI : FORMATS_3BYTE, TJ.SAMP_422,
-             testName);
-      doTest(35, 39, bi ? FORMATS_4BYTEBI : FORMATS_4BYTE, TJ.SAMP_422,
-             testName);
-      doTest(39, 41, bi ? FORMATS_3BYTEBI : FORMATS_3BYTE, TJ.SAMP_420,
-             testName);
-      doTest(41, 35, bi ? FORMATS_4BYTEBI : FORMATS_4BYTE, TJ.SAMP_420,
-             testName);
-      doTest(35, 39, bi ? FORMATS_3BYTEBI : FORMATS_3BYTE, TJ.SAMP_440,
-             testName);
-      doTest(39, 41, bi ? FORMATS_4BYTEBI : FORMATS_4BYTE, TJ.SAMP_440,
-             testName);
-      doTest(41, 35, bi ? FORMATS_3BYTEBI : FORMATS_3BYTE, TJ.SAMP_411,
-             testName);
-      doTest(35, 39, bi ? FORMATS_4BYTEBI : FORMATS_4BYTE, TJ.SAMP_411,
-             testName);
-      doTest(39, 41, bi ? FORMATS_GRAYBI : FORMATS_GRAY, TJ.SAMP_GRAY,
-             testName);
-      doTest(41, 35, bi ? FORMATS_3BYTEBI : FORMATS_3BYTE, TJ.SAMP_GRAY,
-             testName);
-      FORMATS_4BYTE[4] = -1;
-      doTest(35, 39, bi ? FORMATS_4BYTEBI : FORMATS_4BYTE, TJ.SAMP_GRAY,
-             testName);
-      if (!bi)
-        bufSizeTest();
-      if (doYUV && !bi) {
-        System.out.print("\n--------------------\n\n");
-        doTest(48, 48, FORMATS_RGB, TJ.SAMP_444, "javatest_yuv0");
-        doTest(48, 48, FORMATS_RGB, TJ.SAMP_422, "javatest_yuv0");
-        doTest(48, 48, FORMATS_RGB, TJ.SAMP_420, "javatest_yuv0");
-        doTest(48, 48, FORMATS_RGB, TJ.SAMP_440, "javatest_yuv0");
-        doTest(48, 48, FORMATS_RGB, TJ.SAMP_411, "javatest_yuv0");
-        doTest(48, 48, FORMATS_RGB, TJ.SAMP_GRAY, "javatest_yuv0");
-        doTest(48, 48, FORMATS_GRAY, TJ.SAMP_GRAY, "javatest_yuv0");
-      }
-    } catch (Exception e) {
-      e.printStackTrace();
-      exitStatus = -1;
-    }
-    System.exit(exitStatus);
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/allclasses-frame.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/allclasses-frame.html
deleted file mode 100644
index fecac06..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/allclasses-frame.html
+++ /dev/null
@@ -1,24 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>All Classes</title>
-<link rel="stylesheet" type="text/css" href="stylesheet.css" title="Style">
-</head>
-<body>
-<h1 class="bar">All Classes</h1>
-<div class="indexContainer">
-<ul>
-<li><a href="org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg" target="classFrame">TJ</a></li>
-<li><a href="org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg" target="classFrame">TJCompressor</a></li>
-<li><a href="org/libjpegturbo/turbojpeg/TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg" target="classFrame"><i>TJCustomFilter</i></a></li>
-<li><a href="org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg" target="classFrame">TJDecompressor</a></li>
-<li><a href="org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg" target="classFrame">TJException</a></li>
-<li><a href="org/libjpegturbo/turbojpeg/TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg" target="classFrame">TJScalingFactor</a></li>
-<li><a href="org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg" target="classFrame">TJTransform</a></li>
-<li><a href="org/libjpegturbo/turbojpeg/TJTransformer.html" title="class in org.libjpegturbo.turbojpeg" target="classFrame">TJTransformer</a></li>
-<li><a href="org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg" target="classFrame">YUVImage</a></li>
-</ul>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/allclasses-noframe.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/allclasses-noframe.html
deleted file mode 100644
index 1f7fd3c..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/allclasses-noframe.html
+++ /dev/null
@@ -1,24 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>All Classes</title>
-<link rel="stylesheet" type="text/css" href="stylesheet.css" title="Style">
-</head>
-<body>
-<h1 class="bar">All Classes</h1>
-<div class="indexContainer">
-<ul>
-<li><a href="org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></li>
-<li><a href="org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></li>
-<li><a href="org/libjpegturbo/turbojpeg/TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg"><i>TJCustomFilter</i></a></li>
-<li><a href="org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></li>
-<li><a href="org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></li>
-<li><a href="org/libjpegturbo/turbojpeg/TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg">TJScalingFactor</a></li>
-<li><a href="org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></li>
-<li><a href="org/libjpegturbo/turbojpeg/TJTransformer.html" title="class in org.libjpegturbo.turbojpeg">TJTransformer</a></li>
-<li><a href="org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></li>
-</ul>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/constant-values.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/constant-values.html
deleted file mode 100644
index 07ba052..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/constant-values.html
+++ /dev/null
@@ -1,539 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>Constant Field Values</title>
-<link rel="stylesheet" type="text/css" href="stylesheet.css" title="Style">
-</head>
-<body>
-<script type="text/javascript"><!--
-    try {
-        if (location.href.indexOf('is-external=true') == -1) {
-            parent.document.title="Constant Field Values";
-        }
-    }
-    catch(err) {
-    }
-//-->
-</script>
-<noscript>
-<div>JavaScript is disabled on your browser.</div>
-</noscript>
-<!-- ========= START OF TOP NAVBAR ======= -->
-<div class="topNav"><a name="navbar_top">
-<!--   -->
-</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li>Class</li>
-<li><a href="org/libjpegturbo/turbojpeg/package-tree.html">Tree</a></li>
-<li><a href="deprecated-list.html">Deprecated</a></li>
-<li><a href="index-all.html">Index</a></li>
-<li><a href="help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li>Prev</li>
-<li>Next</li>
-</ul>
-<ul class="navList">
-<li><a href="index.html?constant-values.html" target="_top">Frames</a></li>
-<li><a href="constant-values.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_top">
-<li><a href="allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_top");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<a name="skip-navbar_top">
-<!--   -->
-</a></div>
-<!-- ========= END OF TOP NAVBAR ========= -->
-<div class="header">
-<h1 title="Constant Field Values" class="title">Constant Field Values</h1>
-<h2 title="Contents">Contents</h2>
-<ul>
-<li><a href="#org.libjpegturbo">org.libjpegturbo.*</a></li>
-</ul>
-</div>
-<div class="constantValuesContainer"><a name="org.libjpegturbo">
-<!--   -->
-</a>
-<h2 title="org.libjpegturbo">org.libjpegturbo.*</h2>
-<ul class="blockList">
-<li class="blockList">
-<table border="0" cellpadding="3" cellspacing="0" summary="Constant Field Values table, listing constant fields, and values">
-<caption><span>org.libjpegturbo.turbojpeg.<a href="org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colFirst" scope="col">Modifier and Type</th>
-<th scope="col">Constant Field</th>
-<th class="colLast" scope="col">Value</th>
-</tr>
-<tbody>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.CS_CMYK">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#CS_CMYK">CS_CMYK</a></code></td>
-<td class="colLast"><code>3</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.CS_GRAY">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#CS_GRAY">CS_GRAY</a></code></td>
-<td class="colLast"><code>2</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.CS_RGB">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#CS_RGB">CS_RGB</a></code></td>
-<td class="colLast"><code>0</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.CS_YCbCr">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#CS_YCbCr">CS_YCbCr</a></code></td>
-<td class="colLast"><code>1</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.CS_YCCK">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#CS_YCCK">CS_YCCK</a></code></td>
-<td class="colLast"><code>4</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.ERR_FATAL">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#ERR_FATAL">ERR_FATAL</a></code></td>
-<td class="colLast"><code>1</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.ERR_WARNING">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#ERR_WARNING">ERR_WARNING</a></code></td>
-<td class="colLast"><code>0</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.FLAG_ACCURATEDCT">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#FLAG_ACCURATEDCT">FLAG_ACCURATEDCT</a></code></td>
-<td class="colLast"><code>4096</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.FLAG_BOTTOMUP">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#FLAG_BOTTOMUP">FLAG_BOTTOMUP</a></code></td>
-<td class="colLast"><code>2</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.FLAG_FASTDCT">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#FLAG_FASTDCT">FLAG_FASTDCT</a></code></td>
-<td class="colLast"><code>2048</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.FLAG_FASTUPSAMPLE">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#FLAG_FASTUPSAMPLE">FLAG_FASTUPSAMPLE</a></code></td>
-<td class="colLast"><code>256</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.FLAG_FORCEMMX">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#FLAG_FORCEMMX">FLAG_FORCEMMX</a></code></td>
-<td class="colLast"><code>8</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.FLAG_FORCESSE">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#FLAG_FORCESSE">FLAG_FORCESSE</a></code></td>
-<td class="colLast"><code>16</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.FLAG_FORCESSE2">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#FLAG_FORCESSE2">FLAG_FORCESSE2</a></code></td>
-<td class="colLast"><code>32</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.FLAG_FORCESSE3">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#FLAG_FORCESSE3">FLAG_FORCESSE3</a></code></td>
-<td class="colLast"><code>128</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.FLAG_LIMITSCANS">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#FLAG_LIMITSCANS">FLAG_LIMITSCANS</a></code></td>
-<td class="colLast"><code>32768</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.FLAG_PROGRESSIVE">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#FLAG_PROGRESSIVE">FLAG_PROGRESSIVE</a></code></td>
-<td class="colLast"><code>16384</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.FLAG_STOPONWARNING">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#FLAG_STOPONWARNING">FLAG_STOPONWARNING</a></code></td>
-<td class="colLast"><code>8192</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.NUMCS">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#NUMCS">NUMCS</a></code></td>
-<td class="colLast"><code>5</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.NUMERR">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#NUMERR">NUMERR</a></code></td>
-<td class="colLast"><code>2</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.NUMPF">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#NUMPF">NUMPF</a></code></td>
-<td class="colLast"><code>12</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.NUMSAMP">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#NUMSAMP">NUMSAMP</a></code></td>
-<td class="colLast"><code>6</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.PF_ABGR">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#PF_ABGR">PF_ABGR</a></code></td>
-<td class="colLast"><code>9</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.PF_ARGB">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#PF_ARGB">PF_ARGB</a></code></td>
-<td class="colLast"><code>10</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.PF_BGR">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#PF_BGR">PF_BGR</a></code></td>
-<td class="colLast"><code>1</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.PF_BGRA">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#PF_BGRA">PF_BGRA</a></code></td>
-<td class="colLast"><code>8</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.PF_BGRX">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#PF_BGRX">PF_BGRX</a></code></td>
-<td class="colLast"><code>3</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.PF_CMYK">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#PF_CMYK">PF_CMYK</a></code></td>
-<td class="colLast"><code>11</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.PF_GRAY">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#PF_GRAY">PF_GRAY</a></code></td>
-<td class="colLast"><code>6</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.PF_RGB">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#PF_RGB">PF_RGB</a></code></td>
-<td class="colLast"><code>0</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.PF_RGBA">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#PF_RGBA">PF_RGBA</a></code></td>
-<td class="colLast"><code>7</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.PF_RGBX">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#PF_RGBX">PF_RGBX</a></code></td>
-<td class="colLast"><code>2</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.PF_XBGR">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#PF_XBGR">PF_XBGR</a></code></td>
-<td class="colLast"><code>4</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.PF_XRGB">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#PF_XRGB">PF_XRGB</a></code></td>
-<td class="colLast"><code>5</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.SAMP_411">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#SAMP_411">SAMP_411</a></code></td>
-<td class="colLast"><code>5</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.SAMP_420">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#SAMP_420">SAMP_420</a></code></td>
-<td class="colLast"><code>2</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.SAMP_422">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#SAMP_422">SAMP_422</a></code></td>
-<td class="colLast"><code>1</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.SAMP_440">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#SAMP_440">SAMP_440</a></code></td>
-<td class="colLast"><code>4</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.SAMP_444">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#SAMP_444">SAMP_444</a></code></td>
-<td class="colLast"><code>0</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJ.SAMP_GRAY">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJ.html#SAMP_GRAY">SAMP_GRAY</a></code></td>
-<td class="colLast"><code>3</code></td>
-</tr>
-</tbody>
-</table>
-</li>
-<li class="blockList">
-<table border="0" cellpadding="3" cellspacing="0" summary="Constant Field Values table, listing constant fields, and values">
-<caption><span>org.libjpegturbo.turbojpeg.<a href="org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colFirst" scope="col">Modifier and Type</th>
-<th scope="col">Constant Field</th>
-<th class="colLast" scope="col">Value</th>
-</tr>
-<tbody>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJTransform.NUMOP">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJTransform.html#NUMOP">NUMOP</a></code></td>
-<td class="colLast"><code>8</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJTransform.OP_HFLIP">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJTransform.html#OP_HFLIP">OP_HFLIP</a></code></td>
-<td class="colLast"><code>1</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJTransform.OP_NONE">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJTransform.html#OP_NONE">OP_NONE</a></code></td>
-<td class="colLast"><code>0</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJTransform.OP_ROT180">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJTransform.html#OP_ROT180">OP_ROT180</a></code></td>
-<td class="colLast"><code>6</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJTransform.OP_ROT270">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJTransform.html#OP_ROT270">OP_ROT270</a></code></td>
-<td class="colLast"><code>7</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJTransform.OP_ROT90">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJTransform.html#OP_ROT90">OP_ROT90</a></code></td>
-<td class="colLast"><code>5</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJTransform.OP_TRANSPOSE">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJTransform.html#OP_TRANSPOSE">OP_TRANSPOSE</a></code></td>
-<td class="colLast"><code>3</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJTransform.OP_TRANSVERSE">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJTransform.html#OP_TRANSVERSE">OP_TRANSVERSE</a></code></td>
-<td class="colLast"><code>4</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJTransform.OP_VFLIP">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJTransform.html#OP_VFLIP">OP_VFLIP</a></code></td>
-<td class="colLast"><code>2</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJTransform.OPT_COPYNONE">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJTransform.html#OPT_COPYNONE">OPT_COPYNONE</a></code></td>
-<td class="colLast"><code>64</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJTransform.OPT_CROP">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJTransform.html#OPT_CROP">OPT_CROP</a></code></td>
-<td class="colLast"><code>4</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJTransform.OPT_GRAY">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJTransform.html#OPT_GRAY">OPT_GRAY</a></code></td>
-<td class="colLast"><code>8</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJTransform.OPT_NOOUTPUT">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJTransform.html#OPT_NOOUTPUT">OPT_NOOUTPUT</a></code></td>
-<td class="colLast"><code>16</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJTransform.OPT_PERFECT">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJTransform.html#OPT_PERFECT">OPT_PERFECT</a></code></td>
-<td class="colLast"><code>1</code></td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJTransform.OPT_PROGRESSIVE">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJTransform.html#OPT_PROGRESSIVE">OPT_PROGRESSIVE</a></code></td>
-<td class="colLast"><code>32</code></td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a name="org.libjpegturbo.turbojpeg.TJTransform.OPT_TRIM">
-<!--   -->
-</a><code>public&nbsp;static&nbsp;final&nbsp;int</code></td>
-<td><code><a href="org/libjpegturbo/turbojpeg/TJTransform.html#OPT_TRIM">OPT_TRIM</a></code></td>
-<td class="colLast"><code>2</code></td>
-</tr>
-</tbody>
-</table>
-</li>
-</ul>
-</div>
-<!-- ======= START OF BOTTOM NAVBAR ====== -->
-<div class="bottomNav"><a name="navbar_bottom">
-<!--   -->
-</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li>Class</li>
-<li><a href="org/libjpegturbo/turbojpeg/package-tree.html">Tree</a></li>
-<li><a href="deprecated-list.html">Deprecated</a></li>
-<li><a href="index-all.html">Index</a></li>
-<li><a href="help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li>Prev</li>
-<li>Next</li>
-</ul>
-<ul class="navList">
-<li><a href="index.html?constant-values.html" target="_top">Frames</a></li>
-<li><a href="constant-values.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_bottom">
-<li><a href="allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_bottom");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<a name="skip-navbar_bottom">
-<!--   -->
-</a></div>
-<!-- ======== END OF BOTTOM NAVBAR ======= -->
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/deprecated-list.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/deprecated-list.html
deleted file mode 100644
index 31d4e64..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/deprecated-list.html
+++ /dev/null
@@ -1,252 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>Deprecated List</title>
-<link rel="stylesheet" type="text/css" href="stylesheet.css" title="Style">
-</head>
-<body>
-<script type="text/javascript"><!--
-    try {
-        if (location.href.indexOf('is-external=true') == -1) {
-            parent.document.title="Deprecated List";
-        }
-    }
-    catch(err) {
-    }
-//-->
-</script>
-<noscript>
-<div>JavaScript is disabled on your browser.</div>
-</noscript>
-<!-- ========= START OF TOP NAVBAR ======= -->
-<div class="topNav"><a name="navbar_top">
-<!--   -->
-</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li>Class</li>
-<li><a href="org/libjpegturbo/turbojpeg/package-tree.html">Tree</a></li>
-<li class="navBarCell1Rev">Deprecated</li>
-<li><a href="index-all.html">Index</a></li>
-<li><a href="help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li>Prev</li>
-<li>Next</li>
-</ul>
-<ul class="navList">
-<li><a href="index.html?deprecated-list.html" target="_top">Frames</a></li>
-<li><a href="deprecated-list.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_top">
-<li><a href="allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_top");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<a name="skip-navbar_top">
-<!--   -->
-</a></div>
-<!-- ========= END OF TOP NAVBAR ========= -->
-<div class="header">
-<h1 title="Deprecated API" class="title">Deprecated API</h1>
-<h2 title="Contents">Contents</h2>
-<ul>
-<li><a href="#field">Deprecated Fields</a></li>
-<li><a href="#method">Deprecated Methods</a></li>
-<li><a href="#constructor">Deprecated Constructors</a></li>
-</ul>
-</div>
-<div class="contentContainer"><a name="field">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<table border="0" cellpadding="3" cellspacing="0" summary="Deprecated Fields table, listing deprecated fields, and an explanation">
-<caption><span>Deprecated Fields</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colOne" scope="col">Field and Description</th>
-</tr>
-<tbody>
-<tr class="altColor">
-<td class="colOne"><a href="org/libjpegturbo/turbojpeg/TJ.html#FLAG_FORCEMMX">org.libjpegturbo.turbojpeg.TJ.FLAG_FORCEMMX</a></td>
-</tr>
-<tr class="rowColor">
-<td class="colOne"><a href="org/libjpegturbo/turbojpeg/TJ.html#FLAG_FORCESSE">org.libjpegturbo.turbojpeg.TJ.FLAG_FORCESSE</a></td>
-</tr>
-<tr class="altColor">
-<td class="colOne"><a href="org/libjpegturbo/turbojpeg/TJ.html#FLAG_FORCESSE2">org.libjpegturbo.turbojpeg.TJ.FLAG_FORCESSE2</a></td>
-</tr>
-<tr class="rowColor">
-<td class="colOne"><a href="org/libjpegturbo/turbojpeg/TJ.html#FLAG_FORCESSE3">org.libjpegturbo.turbojpeg.TJ.FLAG_FORCESSE3</a></td>
-</tr>
-</tbody>
-</table>
-</li>
-</ul>
-<a name="method">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<table border="0" cellpadding="3" cellspacing="0" summary="Deprecated Methods table, listing deprecated methods, and an explanation">
-<caption><span>Deprecated Methods</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colOne" scope="col">Method and Description</th>
-</tr>
-<tbody>
-<tr class="altColor">
-<td class="colOne"><a href="org/libjpegturbo/turbojpeg/TJ.html#bufSizeYUV(int,%20int,%20int)">org.libjpegturbo.turbojpeg.TJ.bufSizeYUV(int, int, int)</a>
-<div class="block"><i>Use <a href="org/libjpegturbo/turbojpeg/TJ.html#bufSizeYUV(int,%20int,%20int,%20int)"><code>TJ.bufSizeYUV(int, int, int, int)</code></a> instead.</i></div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colOne"><a href="org/libjpegturbo/turbojpeg/TJCompressor.html#compress(java.awt.image.BufferedImage,%20byte[],%20int)">org.libjpegturbo.turbojpeg.TJCompressor.compress(BufferedImage, byte[], int)</a>
-<div class="block"><i>Use
- <a href="org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>TJCompressor.setSourceImage(BufferedImage, int, int, int, int)</code></a> and
- <a href="org/libjpegturbo/turbojpeg/TJCompressor.html#compress(byte[],%20int)"><code>TJCompressor.compress(byte[], int)</code></a> instead.</i></div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colOne"><a href="org/libjpegturbo/turbojpeg/TJCompressor.html#compress(java.awt.image.BufferedImage,%20int)">org.libjpegturbo.turbojpeg.TJCompressor.compress(BufferedImage, int)</a>
-<div class="block"><i>Use
- <a href="org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>TJCompressor.setSourceImage(BufferedImage, int, int, int, int)</code></a> and
- <a href="org/libjpegturbo/turbojpeg/TJCompressor.html#compress(int)"><code>TJCompressor.compress(int)</code></a> instead.</i></div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colOne"><a href="org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(byte[],%20int,%20int,%20int,%20int,%20int)">org.libjpegturbo.turbojpeg.TJDecompressor.decompress(byte[], int, int, int, int, int)</a>
-<div class="block"><i>Use
- <a href="org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(byte[],%20int,%20int,%20int,%20int,%20int,%20int,%20int)"><code>TJDecompressor.decompress(byte[], int, int, int, int, int, int, int)</code></a> instead.</i></div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colOne"><a href="org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(byte[],%20int)">org.libjpegturbo.turbojpeg.TJDecompressor.decompressToYUV(byte[], int)</a>
-<div class="block"><i>Use <a href="org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(org.libjpegturbo.turbojpeg.YUVImage,%20int)"><code>TJDecompressor.decompressToYUV(YUVImage, int)</code></a> instead.</i></div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colOne"><a href="org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(int)">org.libjpegturbo.turbojpeg.TJDecompressor.decompressToYUV(int)</a>
-<div class="block"><i>Use <a href="org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(int,%20int,%20int,%20int)"><code>TJDecompressor.decompressToYUV(int, int, int, int)</code></a> instead.</i></div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colOne"><a href="org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(java.awt.image.BufferedImage,%20byte[],%20int)">org.libjpegturbo.turbojpeg.TJCompressor.encodeYUV(BufferedImage, byte[], int)</a>
-<div class="block"><i>Use
- <a href="org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>TJCompressor.setSourceImage(BufferedImage, int, int, int, int)</code></a> and
- <a href="org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(byte[],%20int)"><code>TJCompressor.encodeYUV(byte[], int)</code></a> instead.</i></div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colOne"><a href="org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(java.awt.image.BufferedImage,%20int)">org.libjpegturbo.turbojpeg.TJCompressor.encodeYUV(BufferedImage, int)</a>
-<div class="block"><i>Use
- <a href="org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>TJCompressor.setSourceImage(BufferedImage, int, int, int, int)</code></a> and
- <a href="org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(int,%20int)"><code>TJCompressor.encodeYUV(int, int)</code></a> instead.</i></div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colOne"><a href="org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(byte[],%20int)">org.libjpegturbo.turbojpeg.TJCompressor.encodeYUV(byte[], int)</a>
-<div class="block"><i>Use <a href="org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(org.libjpegturbo.turbojpeg.YUVImage,%20int)"><code>TJCompressor.encodeYUV(YUVImage, int)</code></a> instead.</i></div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colOne"><a href="org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(int)">org.libjpegturbo.turbojpeg.TJCompressor.encodeYUV(int)</a>
-<div class="block"><i>Use <a href="org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(int,%20int)"><code>TJCompressor.encodeYUV(int, int)</code></a> instead.</i></div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colOne"><a href="org/libjpegturbo/turbojpeg/TJDecompressor.html#setJPEGImage(byte[],%20int)">org.libjpegturbo.turbojpeg.TJDecompressor.setJPEGImage(byte[], int)</a>
-<div class="block"><i>Use <a href="org/libjpegturbo/turbojpeg/TJDecompressor.html#setSourceImage(byte[],%20int)"><code>TJDecompressor.setSourceImage(byte[], int)</code></a> instead.</i></div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colOne"><a href="org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(byte[],%20int,%20int,%20int,%20int)">org.libjpegturbo.turbojpeg.TJCompressor.setSourceImage(byte[], int, int, int, int)</a>
-<div class="block"><i>Use
- <a href="org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(byte[],%20int,%20int,%20int,%20int,%20int,%20int)"><code>TJCompressor.setSourceImage(byte[], int, int, int, int, int, int)</code></a> instead.</i></div>
-</td>
-</tr>
-</tbody>
-</table>
-</li>
-</ul>
-<a name="constructor">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<table border="0" cellpadding="3" cellspacing="0" summary="Deprecated Constructors table, listing deprecated constructors, and an explanation">
-<caption><span>Deprecated Constructors</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colOne" scope="col">Constructor and Description</th>
-</tr>
-<tbody>
-<tr class="altColor">
-<td class="colOne"><a href="org/libjpegturbo/turbojpeg/TJCompressor.html#TJCompressor(byte[],%20int,%20int,%20int,%20int)">org.libjpegturbo.turbojpeg.TJCompressor(byte[], int, int, int, int)</a>
-<div class="block"><i>Use
- <a href="org/libjpegturbo/turbojpeg/TJCompressor.html#TJCompressor(byte[],%20int,%20int,%20int,%20int,%20int,%20int)"><code>TJCompressor.TJCompressor(byte[], int, int, int, int, int, int)</code></a> instead.</i></div>
-</td>
-</tr>
-</tbody>
-</table>
-</li>
-</ul>
-</div>
-<!-- ======= START OF BOTTOM NAVBAR ====== -->
-<div class="bottomNav"><a name="navbar_bottom">
-<!--   -->
-</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li>Class</li>
-<li><a href="org/libjpegturbo/turbojpeg/package-tree.html">Tree</a></li>
-<li class="navBarCell1Rev">Deprecated</li>
-<li><a href="index-all.html">Index</a></li>
-<li><a href="help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li>Prev</li>
-<li>Next</li>
-</ul>
-<ul class="navList">
-<li><a href="index.html?deprecated-list.html" target="_top">Frames</a></li>
-<li><a href="deprecated-list.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_bottom">
-<li><a href="allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_bottom");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<a name="skip-navbar_bottom">
-<!--   -->
-</a></div>
-<!-- ======== END OF BOTTOM NAVBAR ======= -->
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/help-doc.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/help-doc.html
deleted file mode 100644
index 6645d95..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/help-doc.html
+++ /dev/null
@@ -1,210 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>API Help</title>
-<link rel="stylesheet" type="text/css" href="stylesheet.css" title="Style">
-</head>
-<body>
-<script type="text/javascript"><!--
-    try {
-        if (location.href.indexOf('is-external=true') == -1) {
-            parent.document.title="API Help";
-        }
-    }
-    catch(err) {
-    }
-//-->
-</script>
-<noscript>
-<div>JavaScript is disabled on your browser.</div>
-</noscript>
-<!-- ========= START OF TOP NAVBAR ======= -->
-<div class="topNav"><a name="navbar_top">
-<!--   -->
-</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li>Class</li>
-<li><a href="org/libjpegturbo/turbojpeg/package-tree.html">Tree</a></li>
-<li><a href="deprecated-list.html">Deprecated</a></li>
-<li><a href="index-all.html">Index</a></li>
-<li class="navBarCell1Rev">Help</li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li>Prev</li>
-<li>Next</li>
-</ul>
-<ul class="navList">
-<li><a href="index.html?help-doc.html" target="_top">Frames</a></li>
-<li><a href="help-doc.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_top">
-<li><a href="allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_top");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<a name="skip-navbar_top">
-<!--   -->
-</a></div>
-<!-- ========= END OF TOP NAVBAR ========= -->
-<div class="header">
-<h1 class="title">How This API Document Is Organized</h1>
-<div class="subTitle">This API (Application Programming Interface) document has pages corresponding to the items in the navigation bar, described as follows.</div>
-</div>
-<div class="contentContainer">
-<ul class="blockList">
-<li class="blockList">
-<h2>Package</h2>
-<p>Each package has a page that contains a list of its classes and interfaces, with a summary for each. This page can contain six categories:</p>
-<ul>
-<li>Interfaces (italic)</li>
-<li>Classes</li>
-<li>Enums</li>
-<li>Exceptions</li>
-<li>Errors</li>
-<li>Annotation Types</li>
-</ul>
-</li>
-<li class="blockList">
-<h2>Class/Interface</h2>
-<p>Each class, interface, nested class and nested interface has its own separate page. Each of these pages has three sections consisting of a class/interface description, summary tables, and detailed member descriptions:</p>
-<ul>
-<li>Class inheritance diagram</li>
-<li>Direct Subclasses</li>
-<li>All Known Subinterfaces</li>
-<li>All Known Implementing Classes</li>
-<li>Class/interface declaration</li>
-<li>Class/interface description</li>
-</ul>
-<ul>
-<li>Nested Class Summary</li>
-<li>Field Summary</li>
-<li>Constructor Summary</li>
-<li>Method Summary</li>
-</ul>
-<ul>
-<li>Field Detail</li>
-<li>Constructor Detail</li>
-<li>Method Detail</li>
-</ul>
-<p>Each summary entry contains the first sentence from the detailed description for that item. The summary entries are alphabetical, while the detailed descriptions are in the order they appear in the source code. This preserves the logical groupings established by the programmer.</p>
-</li>
-<li class="blockList">
-<h2>Annotation Type</h2>
-<p>Each annotation type has its own separate page with the following sections:</p>
-<ul>
-<li>Annotation Type declaration</li>
-<li>Annotation Type description</li>
-<li>Required Element Summary</li>
-<li>Optional Element Summary</li>
-<li>Element Detail</li>
-</ul>
-</li>
-<li class="blockList">
-<h2>Enum</h2>
-<p>Each enum has its own separate page with the following sections:</p>
-<ul>
-<li>Enum declaration</li>
-<li>Enum description</li>
-<li>Enum Constant Summary</li>
-<li>Enum Constant Detail</li>
-</ul>
-</li>
-<li class="blockList">
-<h2>Tree (Class Hierarchy)</h2>
-<p>There is a <a href="overview-tree.html">Class Hierarchy</a> page for all packages, plus a hierarchy for each package. Each hierarchy page contains a list of classes and a list of interfaces. The classes are organized by inheritance structure starting with <code>java.lang.Object</code>. The interfaces do not inherit from <code>java.lang.Object</code>.</p>
-<ul>
-<li>When viewing the Overview page, clicking on "Tree" displays the hierarchy for all packages.</li>
-<li>When viewing a particular package, class or interface page, clicking "Tree" displays the hierarchy for only that package.</li>
-</ul>
-</li>
-<li class="blockList">
-<h2>Deprecated API</h2>
-<p>The <a href="deprecated-list.html">Deprecated API</a> page lists all of the API that have been deprecated. A deprecated API is not recommended for use, generally due to improvements, and a replacement API is usually given. Deprecated APIs may be removed in future implementations.</p>
-</li>
-<li class="blockList">
-<h2>Index</h2>
-<p>The <a href="index-all.html">Index</a> contains an alphabetic list of all classes, interfaces, constructors, methods, and fields.</p>
-</li>
-<li class="blockList">
-<h2>Prev/Next</h2>
-<p>These links take you to the next or previous class, interface, package, or related page.</p>
-</li>
-<li class="blockList">
-<h2>Frames/No Frames</h2>
-<p>These links show and hide the HTML frames.  All pages are available with or without frames.</p>
-</li>
-<li class="blockList">
-<h2>All Classes</h2>
-<p>The <a href="allclasses-noframe.html">All Classes</a> link shows all classes and interfaces except non-static nested types.</p>
-</li>
-<li class="blockList">
-<h2>Serialized Form</h2>
-<p>Each serializable or externalizable class has a description of its serialization fields and methods. This information is of interest to re-implementors, not to developers using the API. While there is no link in the navigation bar, you can get to this information by going to any serialized class and clicking "Serialized Form" in the "See also" section of the class description.</p>
-</li>
-<li class="blockList">
-<h2>Constant Field Values</h2>
-<p>The <a href="constant-values.html">Constant Field Values</a> page lists the static final fields and their values.</p>
-</li>
-</ul>
-<em>This help file applies to API documentation generated using the standard doclet.</em></div>
-<!-- ======= START OF BOTTOM NAVBAR ====== -->
-<div class="bottomNav"><a name="navbar_bottom">
-<!--   -->
-</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li>Class</li>
-<li><a href="org/libjpegturbo/turbojpeg/package-tree.html">Tree</a></li>
-<li><a href="deprecated-list.html">Deprecated</a></li>
-<li><a href="index-all.html">Index</a></li>
-<li class="navBarCell1Rev">Help</li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li>Prev</li>
-<li>Next</li>
-</ul>
-<ul class="navList">
-<li><a href="index.html?help-doc.html" target="_top">Frames</a></li>
-<li><a href="help-doc.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_bottom">
-<li><a href="allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_bottom");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<a name="skip-navbar_bottom">
-<!--   -->
-</a></div>
-<!-- ======== END OF BOTTOM NAVBAR ======= -->
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/index-all.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/index-all.html
deleted file mode 100644
index 3a49818..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/index-all.html
+++ /dev/null
@@ -1,1034 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>Index</title>
-<link rel="stylesheet" type="text/css" href="./stylesheet.css" title="Style">
-</head>
-<body>
-<script type="text/javascript"><!--
-    try {
-        if (location.href.indexOf('is-external=true') == -1) {
-            parent.document.title="Index";
-        }
-    }
-    catch(err) {
-    }
-//-->
-</script>
-<noscript>
-<div>JavaScript is disabled on your browser.</div>
-</noscript>
-<!-- ========= START OF TOP NAVBAR ======= -->
-<div class="topNav"><a name="navbar_top">
-<!--   -->
-</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="./org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li>Class</li>
-<li><a href="./org/libjpegturbo/turbojpeg/package-tree.html">Tree</a></li>
-<li><a href="./deprecated-list.html">Deprecated</a></li>
-<li class="navBarCell1Rev">Index</li>
-<li><a href="./help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li>Prev</li>
-<li>Next</li>
-</ul>
-<ul class="navList">
-<li><a href="./index.html?index-all.html" target="_top">Frames</a></li>
-<li><a href="index-all.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_top">
-<li><a href="./allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_top");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<a name="skip-navbar_top">
-<!--   -->
-</a></div>
-<!-- ========= END OF TOP NAVBAR ========= -->
-<div class="contentContainer"><a href="#_B_">B</a>&nbsp;<a href="#_C_">C</a>&nbsp;<a href="#_D_">D</a>&nbsp;<a href="#_E_">E</a>&nbsp;<a href="#_F_">F</a>&nbsp;<a href="#_G_">G</a>&nbsp;<a href="#_H_">H</a>&nbsp;<a href="#_I_">I</a>&nbsp;<a href="#_J_">J</a>&nbsp;<a href="#_N_">N</a>&nbsp;<a href="#_O_">O</a>&nbsp;<a href="#_P_">P</a>&nbsp;<a href="#_S_">S</a>&nbsp;<a href="#_T_">T</a>&nbsp;<a href="#_Y_">Y</a>&nbsp;<a name="_B_">
-<!--   -->
-</a>
-<h2 class="title">B</h2>
-<dl>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#bufSize(int,%20int,%20int)">bufSize(int, int, int)</a></span> - Static method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">Returns the maximum size of the buffer (in bytes) required to hold a JPEG
- image with the given width, height, and level of chrominance subsampling.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#bufSizeYUV(int,%20int,%20int,%20int)">bufSizeYUV(int, int, int, int)</a></span> - Static method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">Returns the size of the buffer (in bytes) required to hold a YUV planar
- image with the given width, height, and level of chrominance subsampling.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#bufSizeYUV(int,%20int,%20int)">bufSizeYUV(int, int, int)</a></span> - Static method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block"><span class="strong">Deprecated.</span>
-<div class="block"><i>Use <a href="./org/libjpegturbo/turbojpeg/TJ.html#bufSizeYUV(int,%20int,%20int,%20int)"><code>TJ.bufSizeYUV(int, int, int, int)</code></a> instead.</i></div>
-</div>
-</dd>
-</dl>
-<a name="_C_">
-<!--   -->
-</a>
-<h2 class="title">C</h2>
-<dl>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#cf">cf</a></span> - Variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">Custom filter instance</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#close()">close()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block">Free the native structures associated with this compressor instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#close()">close()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Free the native structures associated with this decompressor instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#compress(byte[],%20int)">compress(byte[], int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block">Compress the uncompressed source image associated with this compressor
- instance and output a JPEG image to the given destination buffer.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#compress(int)">compress(int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block">Compress the uncompressed source image associated with this compressor
- instance and return a buffer containing a JPEG image.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#compress(java.awt.image.BufferedImage,%20byte[],%20int)">compress(BufferedImage, byte[], int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block"><span class="strong">Deprecated.</span>
-<div class="block"><i>Use
- <a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>TJCompressor.setSourceImage(BufferedImage, int, int, int, int)</code></a> and
- <a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#compress(byte[],%20int)"><code>TJCompressor.compress(byte[], int)</code></a> instead.</i></div>
-</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#compress(java.awt.image.BufferedImage,%20int)">compress(BufferedImage, int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block"><span class="strong">Deprecated.</span>
-<div class="block"><i>Use
- <a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>TJCompressor.setSourceImage(BufferedImage, int, int, int, int)</code></a> and
- <a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#compress(int)"><code>TJCompressor.compress(int)</code></a> instead.</i></div>
-</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#CS_CMYK">CS_CMYK</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">CMYK colorspace.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#CS_GRAY">CS_GRAY</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">Grayscale colorspace.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#CS_RGB">CS_RGB</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">RGB colorspace.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#CS_YCbCr">CS_YCbCr</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">YCbCr colorspace.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#CS_YCCK">CS_YCCK</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">YCCK colorspace.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCustomFilter.html#customFilter(java.nio.ShortBuffer,%20java.awt.Rectangle,%20java.awt.Rectangle,%20int,%20int,%20org.libjpegturbo.turbojpeg.TJTransform)">customFilter(ShortBuffer, Rectangle, Rectangle, int, int, TJTransform)</a></span> - Method in interface org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg">TJCustomFilter</a></dt>
-<dd>
-<div class="block">A callback function that can be used to modify the DCT coefficients after
- they are losslessly transformed but before they are transcoded to a new
- JPEG image.</div>
-</dd>
-</dl>
-<a name="_D_">
-<!--   -->
-</a>
-<h2 class="title">D</h2>
-<dl>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(byte[],%20int,%20int,%20int,%20int,%20int,%20int,%20int)">decompress(byte[], int, int, int, int, int, int, int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Decompress the JPEG source image or decode the YUV source image associated
- with this decompressor instance and output a grayscale, RGB, or CMYK image
- to the given destination buffer.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(byte[],%20int,%20int,%20int,%20int,%20int)">decompress(byte[], int, int, int, int, int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block"><span class="strong">Deprecated.</span>
-<div class="block"><i>Use
- <a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(byte[],%20int,%20int,%20int,%20int,%20int,%20int,%20int)"><code>TJDecompressor.decompress(byte[], int, int, int, int, int, int, int)</code></a> instead.</i></div>
-</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(int,%20int,%20int,%20int,%20int)">decompress(int, int, int, int, int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Decompress the JPEG source image associated with this decompressor
- instance and return a buffer containing the decompressed image.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(int[],%20int,%20int,%20int,%20int,%20int,%20int,%20int)">decompress(int[], int, int, int, int, int, int, int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Decompress the JPEG source image or decode the YUV source image associated
- with this decompressor instance and output a grayscale, RGB, or CMYK image
- to the given destination buffer.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(java.awt.image.BufferedImage,%20int)">decompress(BufferedImage, int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Decompress the JPEG source image or decode the YUV source image associated
- with this decompressor instance and output a decompressed/decoded image to
- the given <code>BufferedImage</code> instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(int,%20int,%20int,%20int)">decompress(int, int, int, int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Decompress the JPEG source image or decode the YUV source image associated
- with this decompressor instance and return a <code>BufferedImage</code>
- instance containing the decompressed/decoded image.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(org.libjpegturbo.turbojpeg.YUVImage,%20int)">decompressToYUV(YUVImage, int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Decompress the JPEG source image associated with this decompressor
- instance into a YUV planar image and store it in the given
- <code>YUVImage</code> instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(byte[],%20int)">decompressToYUV(byte[], int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block"><span class="strong">Deprecated.</span>
-<div class="block"><i>Use <a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(org.libjpegturbo.turbojpeg.YUVImage,%20int)"><code>TJDecompressor.decompressToYUV(YUVImage, int)</code></a> instead.</i></div>
-</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(int,%20int[],%20int,%20int)">decompressToYUV(int, int[], int, int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Decompress the JPEG source image associated with this decompressor
- instance into a set of Y, U (Cb), and V (Cr) image planes and return a
- <code>YUVImage</code> instance containing the decompressed image planes.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(int,%20int,%20int,%20int)">decompressToYUV(int, int, int, int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Decompress the JPEG source image associated with this decompressor
- instance into a unified YUV planar image buffer and return a
- <code>YUVImage</code> instance containing the decompressed image.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(int)">decompressToYUV(int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block"><span class="strong">Deprecated.</span>
-<div class="block"><i>Use <a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(int,%20int,%20int,%20int)"><code>TJDecompressor.decompressToYUV(int, int, int, int)</code></a> instead.</i></div>
-</div>
-</dd>
-</dl>
-<a name="_E_">
-<!--   -->
-</a>
-<h2 class="title">E</h2>
-<dl>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(org.libjpegturbo.turbojpeg.YUVImage,%20int)">encodeYUV(YUVImage, int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block">Encode the uncompressed source image associated with this compressor
- instance into a YUV planar image and store it in the given
- <code>YUVImage</code> instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(byte[],%20int)">encodeYUV(byte[], int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block"><span class="strong">Deprecated.</span>
-<div class="block"><i>Use <a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(org.libjpegturbo.turbojpeg.YUVImage,%20int)"><code>TJCompressor.encodeYUV(YUVImage, int)</code></a> instead.</i></div>
-</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(int,%20int)">encodeYUV(int, int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block">Encode the uncompressed source image associated with this compressor
- instance into a unified YUV planar image buffer and return a
- <code>YUVImage</code> instance containing the encoded image.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(int[],%20int)">encodeYUV(int[], int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block">Encode the uncompressed source image associated with this compressor
- instance into separate Y, U (Cb), and V (Cr) image planes and return a
- <code>YUVImage</code> instance containing the encoded image planes.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(int)">encodeYUV(int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block"><span class="strong">Deprecated.</span>
-<div class="block"><i>Use <a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(int,%20int)"><code>TJCompressor.encodeYUV(int, int)</code></a> instead.</i></div>
-</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(java.awt.image.BufferedImage,%20byte[],%20int)">encodeYUV(BufferedImage, byte[], int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block"><span class="strong">Deprecated.</span>
-<div class="block"><i>Use
- <a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>TJCompressor.setSourceImage(BufferedImage, int, int, int, int)</code></a> and
- <a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(byte[],%20int)"><code>TJCompressor.encodeYUV(byte[], int)</code></a> instead.</i></div>
-</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(java.awt.image.BufferedImage,%20int)">encodeYUV(BufferedImage, int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block"><span class="strong">Deprecated.</span>
-<div class="block"><i>Use
- <a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>TJCompressor.setSourceImage(BufferedImage, int, int, int, int)</code></a> and
- <a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(int,%20int)"><code>TJCompressor.encodeYUV(int, int)</code></a> instead.</i></div>
-</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJScalingFactor.html#equals(org.libjpegturbo.turbojpeg.TJScalingFactor)">equals(TJScalingFactor)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg">TJScalingFactor</a></dt>
-<dd>
-<div class="block">Returns true or false, depending on whether this instance and
- <code>other</code> have the same numerator and denominator.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#ERR_FATAL">ERR_FATAL</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">The error was fatal and non-recoverable.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#ERR_WARNING">ERR_WARNING</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">The error was non-fatal and recoverable, but the image may still be
- corrupt.</div>
-</dd>
-</dl>
-<a name="_F_">
-<!--   -->
-</a>
-<h2 class="title">F</h2>
-<dl>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#finalize()">finalize()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>&nbsp;</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#finalize()">finalize()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>&nbsp;</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#FLAG_ACCURATEDCT">FLAG_ACCURATEDCT</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">Use the most accurate DCT/IDCT algorithm available in the underlying
- codec.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#FLAG_BOTTOMUP">FLAG_BOTTOMUP</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">The uncompressed source/destination image is stored in bottom-up (Windows,
- OpenGL) order, not top-down (X11) order.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#FLAG_FASTDCT">FLAG_FASTDCT</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">Use the fastest DCT/IDCT algorithm available in the underlying codec.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#FLAG_FASTUPSAMPLE">FLAG_FASTUPSAMPLE</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">When decompressing an image that was compressed using chrominance
- subsampling, use the fastest chrominance upsampling algorithm available in
- the underlying codec.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#FLAG_FORCEMMX">FLAG_FORCEMMX</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block"><span class="strong">Deprecated.</span></div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#FLAG_FORCESSE">FLAG_FORCESSE</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block"><span class="strong">Deprecated.</span></div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#FLAG_FORCESSE2">FLAG_FORCESSE2</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block"><span class="strong">Deprecated.</span></div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#FLAG_FORCESSE3">FLAG_FORCESSE3</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block"><span class="strong">Deprecated.</span></div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#FLAG_LIMITSCANS">FLAG_LIMITSCANS</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">Limit the number of progressive JPEG scans that the decompression and
- transform operations will process.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#FLAG_PROGRESSIVE">FLAG_PROGRESSIVE</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">Use progressive entropy coding in JPEG images generated by compression and
- transform operations.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#FLAG_STOPONWARNING">FLAG_STOPONWARNING</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">Immediately discontinue the current compression/decompression/transform
- operation if the underlying codec throws a warning (non-fatal error).</div>
-</dd>
-</dl>
-<a name="_G_">
-<!--   -->
-</a>
-<h2 class="title">G</h2>
-<dl>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#getAlphaOffset(int)">getAlphaOffset(int)</a></span> - Static method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">For the given pixel format, returns the number of bytes that the alpha
- component is offset from the start of the pixel.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#getBlueOffset(int)">getBlueOffset(int)</a></span> - Static method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">For the given pixel format, returns the number of bytes that the blue
- component is offset from the start of the pixel.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#getBuf()">getBuf()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>
-<div class="block">Returns the YUV image buffer (if this image is stored in a unified
- buffer rather than separate image planes.)</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#getColorspace()">getColorspace()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Returns the colorspace used in the source image (JPEG or YUV) associated
- with this decompressor instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#getCompressedSize()">getCompressedSize()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block">Returns the size of the image (in bytes) generated by the most recent
- compress operation.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJScalingFactor.html#getDenom()">getDenom()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg">TJScalingFactor</a></dt>
-<dd>
-<div class="block">Returns denominator</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJException.html#getErrorCode()">getErrorCode()</a></span> - Method in exception org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></dt>
-<dd>
-<div class="block">Returns a code (one of <a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg"><code>TJ.ERR_*</code></a>) indicating the severity of the
- last error.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#getGreenOffset(int)">getGreenOffset(int)</a></span> - Static method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">For the given pixel format, returns the number of bytes that the green
- component is offset from the start of the pixel.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#getHeight()">getHeight()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Returns the height of the source image (JPEG or YUV) associated with this
- decompressor instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#getHeight()">getHeight()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>
-<div class="block">Returns the height of the YUV image (or subregion.)</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#getJPEGBuf()">getJPEGBuf()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Returns the JPEG image buffer associated with this decompressor instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#getJPEGSize()">getJPEGSize()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Returns the size of the JPEG image (in bytes) associated with this
- decompressor instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#getMCUHeight(int)">getMCUHeight(int)</a></span> - Static method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">Returns the MCU block height for the given level of chrominance
- subsampling.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#getMCUWidth(int)">getMCUWidth(int)</a></span> - Static method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">Returns the MCU block width for the given level of chrominance
- subsampling.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJScalingFactor.html#getNum()">getNum()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg">TJScalingFactor</a></dt>
-<dd>
-<div class="block">Returns numerator</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#getOffsets()">getOffsets()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>
-<div class="block">Returns the offsets (in bytes) of each plane within the planes of a larger
- YUV image.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#getPad()">getPad()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>
-<div class="block">Returns the line padding used in the YUV image buffer (if this image is
- stored in a unified buffer rather than separate image planes.)</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#getPixelSize(int)">getPixelSize(int)</a></span> - Static method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">Returns the pixel size (in bytes) for the given pixel format.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#getPlanes()">getPlanes()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>
-<div class="block">Returns the YUV image planes.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#getRedOffset(int)">getRedOffset(int)</a></span> - Static method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">For the given pixel format, returns the number of bytes that the red
- component is offset from the start of the pixel.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJScalingFactor.html#getScaled(int)">getScaled(int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg">TJScalingFactor</a></dt>
-<dd>
-<div class="block">Returns the scaled value of <code>dimension</code>.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#getScaledHeight(int,%20int)">getScaledHeight(int, int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Returns the height of the largest scaled-down image that the TurboJPEG
- decompressor can generate without exceeding the desired image width and
- height.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#getScaledWidth(int,%20int)">getScaledWidth(int, int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Returns the width of the largest scaled-down image that the TurboJPEG
- decompressor can generate without exceeding the desired image width and
- height.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#getScalingFactors()">getScalingFactors()</a></span> - Static method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">Returns a list of fractional scaling factors that the JPEG decompressor in
- this implementation of TurboJPEG supports.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#getSize()">getSize()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>
-<div class="block">Returns the size (in bytes) of the YUV image buffer (if this image is
- stored in a unified buffer rather than separate image planes.)</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#getStrides()">getStrides()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>
-<div class="block">Returns the number of bytes per line of each plane in the YUV image.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#getSubsamp()">getSubsamp()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Returns the level of chrominance subsampling used in the source image
- (JPEG or YUV) associated with this decompressor instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#getSubsamp()">getSubsamp()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>
-<div class="block">Returns the level of chrominance subsampling used in the YUV image.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransformer.html#getTransformedSizes()">getTransformedSizes()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransformer.html" title="class in org.libjpegturbo.turbojpeg">TJTransformer</a></dt>
-<dd>
-<div class="block">Returns an array containing the sizes of the transformed JPEG images
- generated by the most recent transform operation.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#getWidth()">getWidth()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Returns the width of the source image (JPEG or YUV) associated with this
- decompressor instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#getWidth()">getWidth()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>
-<div class="block">Returns the width of the YUV image (or subregion.)</div>
-</dd>
-</dl>
-<a name="_H_">
-<!--   -->
-</a>
-<h2 class="title">H</h2>
-<dl>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#handle">handle</a></span> - Variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>&nbsp;</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#handle">handle</a></span> - Variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>&nbsp;</dd>
-</dl>
-<a name="_I_">
-<!--   -->
-</a>
-<h2 class="title">I</h2>
-<dl>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJScalingFactor.html#isOne()">isOne()</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg">TJScalingFactor</a></dt>
-<dd>
-<div class="block">Returns true or false, depending on whether this instance is equal to
- 1/1.</div>
-</dd>
-</dl>
-<a name="_J_">
-<!--   -->
-</a>
-<h2 class="title">J</h2>
-<dl>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#jpegBuf">jpegBuf</a></span> - Variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>&nbsp;</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#jpegBufSize">jpegBufSize</a></span> - Variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>&nbsp;</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#jpegColorspace">jpegColorspace</a></span> - Variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>&nbsp;</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#jpegHeight">jpegHeight</a></span> - Variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>&nbsp;</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#jpegSubsamp">jpegSubsamp</a></span> - Variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>&nbsp;</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#jpegWidth">jpegWidth</a></span> - Variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>&nbsp;</dd>
-</dl>
-<a name="_N_">
-<!--   -->
-</a>
-<h2 class="title">N</h2>
-<dl>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#NUMCS">NUMCS</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">The number of JPEG colorspaces</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#NUMERR">NUMERR</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">The number of error codes</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#NUMOP">NUMOP</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">The number of lossless transform operations</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#NUMPF">NUMPF</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">The number of pixel formats</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#NUMSAMP">NUMSAMP</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">The number of chrominance subsampling options</div>
-</dd>
-</dl>
-<a name="_O_">
-<!--   -->
-</a>
-<h2 class="title">O</h2>
-<dl>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#op">op</a></span> - Variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">Transform operation (one of <code>OP_*</code>)</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#OP_HFLIP">OP_HFLIP</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">Flip (mirror) image horizontally.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#OP_NONE">OP_NONE</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">Do not transform the position of the image pixels.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#OP_ROT180">OP_ROT180</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">Rotate image 180 degrees.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#OP_ROT270">OP_ROT270</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">Rotate image counter-clockwise by 90 degrees.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#OP_ROT90">OP_ROT90</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">Rotate image clockwise by 90 degrees.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#OP_TRANSPOSE">OP_TRANSPOSE</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">Transpose image (flip/mirror along upper left to lower right axis).</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#OP_TRANSVERSE">OP_TRANSVERSE</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">Transverse transpose image (flip/mirror along upper right to lower left
- axis).</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#OP_VFLIP">OP_VFLIP</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">Flip (mirror) image vertically.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#OPT_COPYNONE">OPT_COPYNONE</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">This option will prevent <a href="./org/libjpegturbo/turbojpeg/TJTransformer.html#transform(byte[][],%20org.libjpegturbo.turbojpeg.TJTransform[],%20int)"><code>TJTransformer.transform()</code></a> from copying any extra markers (including EXIF
- and ICC profile data) from the source image to the output image.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#OPT_CROP">OPT_CROP</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">This option will enable lossless cropping.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#OPT_GRAY">OPT_GRAY</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">This option will discard the color data in the input image and produce
- a grayscale output image.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#OPT_NOOUTPUT">OPT_NOOUTPUT</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">This option will prevent <a href="./org/libjpegturbo/turbojpeg/TJTransformer.html#transform(byte[][],%20org.libjpegturbo.turbojpeg.TJTransform[],%20int)"><code>TJTransformer.transform()</code></a> from outputting a JPEG image for this
- particular transform.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#OPT_PERFECT">OPT_PERFECT</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">This option will cause <a href="./org/libjpegturbo/turbojpeg/TJTransformer.html#transform(byte[][],%20org.libjpegturbo.turbojpeg.TJTransform[],%20int)"><code>TJTransformer.transform()</code></a> to throw an exception if the transform is not
- perfect.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#OPT_PROGRESSIVE">OPT_PROGRESSIVE</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">This option will enable progressive entropy coding in the output image
- generated by this particular transform.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#OPT_TRIM">OPT_TRIM</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">This option will discard any partial MCU blocks that cannot be
- transformed.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#options">options</a></span> - Variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">Transform options (bitwise OR of one or more of <code>OPT_*</code>)</div>
-</dd>
-<dt><a href="./org/libjpegturbo/turbojpeg/package-summary.html">org.libjpegturbo.turbojpeg</a> - package org.libjpegturbo.turbojpeg</dt>
-<dd>&nbsp;</dd>
-</dl>
-<a name="_P_">
-<!--   -->
-</a>
-<h2 class="title">P</h2>
-<dl>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#PF_ABGR">PF_ABGR</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">ABGR pixel format.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#PF_ARGB">PF_ARGB</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">ARGB pixel format.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#PF_BGR">PF_BGR</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">BGR pixel format.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#PF_BGRA">PF_BGRA</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">BGRA pixel format.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#PF_BGRX">PF_BGRX</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">BGRX pixel format.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#PF_CMYK">PF_CMYK</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">CMYK pixel format.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#PF_GRAY">PF_GRAY</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">Grayscale pixel format.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#PF_RGB">PF_RGB</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">RGB pixel format.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#PF_RGBA">PF_RGBA</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">RGBA pixel format.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#PF_RGBX">PF_RGBX</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">RGBX pixel format.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#PF_XBGR">PF_XBGR</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">XBGR pixel format.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#PF_XRGB">PF_XRGB</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">XRGB pixel format.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#planeHeight(int,%20int,%20int)">planeHeight(int, int, int)</a></span> - Static method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">Returns the plane height of a YUV image plane with the given parameters.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#planeSizeYUV(int,%20int,%20int,%20int,%20int)">planeSizeYUV(int, int, int, int, int)</a></span> - Static method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">Returns the size of the buffer (in bytes) required to hold a YUV image
- plane with the given parameters.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#planeWidth(int,%20int,%20int)">planeWidth(int, int, int)</a></span> - Static method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">Returns the plane width of a YUV image plane with the given parameters.</div>
-</dd>
-</dl>
-<a name="_S_">
-<!--   -->
-</a>
-<h2 class="title">S</h2>
-<dl>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#SAMP_411">SAMP_411</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">4:1:1 chrominance subsampling.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#SAMP_420">SAMP_420</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">4:2:0 chrominance subsampling.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#SAMP_422">SAMP_422</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">4:2:2 chrominance subsampling.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#SAMP_440">SAMP_440</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">4:4:0 chrominance subsampling.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#SAMP_444">SAMP_444</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">4:4:4 chrominance subsampling (no chrominance subsampling).</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJ.html#SAMP_GRAY">SAMP_GRAY</a></span> - Static variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></dt>
-<dd>
-<div class="block">Grayscale.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#setBuf(byte[][],%20int[],%20int,%20int[],%20int,%20int)">setBuf(byte[][], int[], int, int[], int, int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>
-<div class="block">Assign a set of image planes to this <code>YUVImage</code> instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#setBuf(byte[],%20int,%20int,%20int,%20int)">setBuf(byte[], int, int, int, int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>
-<div class="block">Assign a unified image buffer to this <code>YUVImage</code> instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#setJPEGImage(byte[],%20int)">setJPEGImage(byte[], int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block"><span class="strong">Deprecated.</span>
-<div class="block"><i>Use <a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#setSourceImage(byte[],%20int)"><code>TJDecompressor.setSourceImage(byte[], int)</code></a> instead.</i></div>
-</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#setJPEGQuality(int)">setJPEGQuality(int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block">Set the JPEG image quality level for subsequent compress operations.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(byte[],%20int,%20int,%20int,%20int,%20int,%20int)">setSourceImage(byte[], int, int, int, int, int, int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block">Associate an uncompressed RGB, grayscale, or CMYK source image with this
- compressor instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(byte[],%20int,%20int,%20int,%20int)">setSourceImage(byte[], int, int, int, int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block"><span class="strong">Deprecated.</span>
-<div class="block"><i>Use
- <a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(byte[],%20int,%20int,%20int,%20int,%20int,%20int)"><code>TJCompressor.setSourceImage(byte[], int, int, int, int, int, int)</code></a> instead.</i></div>
-</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)">setSourceImage(BufferedImage, int, int, int, int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block">Associate an uncompressed RGB or grayscale source image with this
- compressor instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(org.libjpegturbo.turbojpeg.YUVImage)">setSourceImage(YUVImage)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block">Associate an uncompressed YUV planar source image with this compressor
- instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#setSourceImage(byte[],%20int)">setSourceImage(byte[], int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Associate the JPEG image of length <code>imageSize</code> bytes stored in
- <code>jpegImage</code> with this decompressor instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#setSourceImage(org.libjpegturbo.turbojpeg.YUVImage)">setSourceImage(YUVImage)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Associate the specified YUV planar source image with this decompressor
- instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#setSubsamp(int)">setSubsamp(int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block">Set the level of chrominance subsampling for subsequent compress/encode
- operations.</div>
-</dd>
-</dl>
-<a name="_T_">
-<!--   -->
-</a>
-<h2 class="title">T</h2>
-<dl>
-<dt><a href="./org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJ</span></a> - Class in <a href="./org/libjpegturbo/turbojpeg/package-summary.html">org.libjpegturbo.turbojpeg</a></dt>
-<dd>
-<div class="block">TurboJPEG utility class (cannot be instantiated)</div>
-</dd>
-<dt><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJCompressor</span></a> - Class in <a href="./org/libjpegturbo/turbojpeg/package-summary.html">org.libjpegturbo.turbojpeg</a></dt>
-<dd>
-<div class="block">TurboJPEG compressor</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#TJCompressor()">TJCompressor()</a></span> - Constructor for class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block">Create a TurboJPEG compressor instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#TJCompressor(byte[],%20int,%20int,%20int,%20int,%20int,%20int)">TJCompressor(byte[], int, int, int, int, int, int)</a></span> - Constructor for class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block">Create a TurboJPEG compressor instance and associate the uncompressed
- source image stored in <code>srcImage</code> with the newly created
- instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#TJCompressor(byte[],%20int,%20int,%20int,%20int)">TJCompressor(byte[], int, int, int, int)</a></span> - Constructor for class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block"><span class="strong">Deprecated.</span>
-<div class="block"><i>Use
- <a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#TJCompressor(byte[],%20int,%20int,%20int,%20int,%20int,%20int)"><code>TJCompressor.TJCompressor(byte[], int, int, int, int, int, int)</code></a> instead.</i></div>
-</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJCompressor.html#TJCompressor(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)">TJCompressor(BufferedImage, int, int, int, int)</a></span> - Constructor for class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></dt>
-<dd>
-<div class="block">Create a TurboJPEG compressor instance and associate the uncompressed
- source image stored in <code>srcImage</code> with the newly created
- instance.</div>
-</dd>
-<dt><a href="./org/libjpegturbo/turbojpeg/TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg"><span class="strong">TJCustomFilter</span></a> - Interface in <a href="./org/libjpegturbo/turbojpeg/package-summary.html">org.libjpegturbo.turbojpeg</a></dt>
-<dd>
-<div class="block">Custom filter callback interface</div>
-</dd>
-<dt><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJDecompressor</span></a> - Class in <a href="./org/libjpegturbo/turbojpeg/package-summary.html">org.libjpegturbo.turbojpeg</a></dt>
-<dd>
-<div class="block">TurboJPEG decompressor</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#TJDecompressor()">TJDecompressor()</a></span> - Constructor for class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Create a TurboJPEG decompresssor instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#TJDecompressor(byte[])">TJDecompressor(byte[])</a></span> - Constructor for class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Create a TurboJPEG decompressor instance and associate the JPEG source
- image stored in <code>jpegImage</code> with the newly created instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#TJDecompressor(byte[],%20int)">TJDecompressor(byte[], int)</a></span> - Constructor for class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Create a TurboJPEG decompressor instance and associate the JPEG source
- image of length <code>imageSize</code> bytes stored in
- <code>jpegImage</code> with the newly created instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#TJDecompressor(org.libjpegturbo.turbojpeg.YUVImage)">TJDecompressor(YUVImage)</a></span> - Constructor for class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>
-<div class="block">Create a TurboJPEG decompressor instance and associate the YUV planar
- source image stored in <code>yuvImage</code> with the newly created
- instance.</div>
-</dd>
-<dt><a href="./org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJException</span></a> - Exception in <a href="./org/libjpegturbo/turbojpeg/package-summary.html">org.libjpegturbo.turbojpeg</a></dt>
-<dd>&nbsp;</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJException.html#TJException()">TJException()</a></span> - Constructor for exception org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></dt>
-<dd>&nbsp;</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJException.html#TJException(java.lang.String,%20java.lang.Throwable)">TJException(String, Throwable)</a></span> - Constructor for exception org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></dt>
-<dd>&nbsp;</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJException.html#TJException(java.lang.String)">TJException(String)</a></span> - Constructor for exception org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></dt>
-<dd>&nbsp;</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJException.html#TJException(java.lang.String,%20int)">TJException(String, int)</a></span> - Constructor for exception org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></dt>
-<dd>&nbsp;</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJException.html#TJException(java.lang.Throwable)">TJException(Throwable)</a></span> - Constructor for exception org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></dt>
-<dd>&nbsp;</dd>
-<dt><a href="./org/libjpegturbo/turbojpeg/TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJScalingFactor</span></a> - Class in <a href="./org/libjpegturbo/turbojpeg/package-summary.html">org.libjpegturbo.turbojpeg</a></dt>
-<dd>
-<div class="block">Fractional scaling factor</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJScalingFactor.html#TJScalingFactor(int,%20int)">TJScalingFactor(int, int)</a></span> - Constructor for class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg">TJScalingFactor</a></dt>
-<dd>
-<div class="block">Create a TurboJPEG scaling factor instance.</div>
-</dd>
-<dt><a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJTransform</span></a> - Class in <a href="./org/libjpegturbo/turbojpeg/package-summary.html">org.libjpegturbo.turbojpeg</a></dt>
-<dd>
-<div class="block">Lossless transform parameters</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#TJTransform()">TJTransform()</a></span> - Constructor for class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">Create a new lossless transform instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#TJTransform(int,%20int,%20int,%20int,%20int,%20int,%20org.libjpegturbo.turbojpeg.TJCustomFilter)">TJTransform(int, int, int, int, int, int, TJCustomFilter)</a></span> - Constructor for class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">Create a new lossless transform instance with the given parameters.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransform.html#TJTransform(java.awt.Rectangle,%20int,%20int,%20org.libjpegturbo.turbojpeg.TJCustomFilter)">TJTransform(Rectangle, int, int, TJCustomFilter)</a></span> - Constructor for class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></dt>
-<dd>
-<div class="block">Create a new lossless transform instance with the given parameters.</div>
-</dd>
-<dt><a href="./org/libjpegturbo/turbojpeg/TJTransformer.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJTransformer</span></a> - Class in <a href="./org/libjpegturbo/turbojpeg/package-summary.html">org.libjpegturbo.turbojpeg</a></dt>
-<dd>
-<div class="block">TurboJPEG lossless transformer</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransformer.html#TJTransformer()">TJTransformer()</a></span> - Constructor for class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransformer.html" title="class in org.libjpegturbo.turbojpeg">TJTransformer</a></dt>
-<dd>
-<div class="block">Create a TurboJPEG lossless transformer instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransformer.html#TJTransformer(byte[])">TJTransformer(byte[])</a></span> - Constructor for class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransformer.html" title="class in org.libjpegturbo.turbojpeg">TJTransformer</a></dt>
-<dd>
-<div class="block">Create a TurboJPEG lossless transformer instance and associate the JPEG
- image stored in <code>jpegImage</code> with the newly created instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransformer.html#TJTransformer(byte[],%20int)">TJTransformer(byte[], int)</a></span> - Constructor for class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransformer.html" title="class in org.libjpegturbo.turbojpeg">TJTransformer</a></dt>
-<dd>
-<div class="block">Create a TurboJPEG lossless transformer instance and associate the JPEG
- image of length <code>imageSize</code> bytes stored in
- <code>jpegImage</code> with the newly created instance.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransformer.html#transform(byte[][],%20org.libjpegturbo.turbojpeg.TJTransform[],%20int)">transform(byte[][], TJTransform[], int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransformer.html" title="class in org.libjpegturbo.turbojpeg">TJTransformer</a></dt>
-<dd>
-<div class="block">Losslessly transform the JPEG image associated with this transformer
- instance into one or more JPEG images stored in the given destination
- buffers.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJTransformer.html#transform(org.libjpegturbo.turbojpeg.TJTransform[],%20int)">transform(TJTransform[], int)</a></span> - Method in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJTransformer.html" title="class in org.libjpegturbo.turbojpeg">TJTransformer</a></dt>
-<dd>
-<div class="block">Losslessly transform the JPEG image associated with this transformer
- instance and return an array of <a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg"><code>TJDecompressor</code></a> instances, each of
- which has a transformed JPEG image associated with it.</div>
-</dd>
-</dl>
-<a name="_Y_">
-<!--   -->
-</a>
-<h2 class="title">Y</h2>
-<dl>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#yuvHeight">yuvHeight</a></span> - Variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>&nbsp;</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html#yuvImage">yuvImage</a></span> - Variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></dt>
-<dd>&nbsp;</dd>
-<dt><a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">YUVImage</span></a> - Class in <a href="./org/libjpegturbo/turbojpeg/package-summary.html">org.libjpegturbo.turbojpeg</a></dt>
-<dd>
-<div class="block">This class encapsulates a YUV planar image and the metadata
- associated with it.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#YUVImage(int,%20int[],%20int,%20int)">YUVImage(int, int[], int, int)</a></span> - Constructor for class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>
-<div class="block">Create a new <code>YUVImage</code> instance backed by separate image
- planes, and allocate memory for the image planes.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#YUVImage(int,%20int,%20int,%20int)">YUVImage(int, int, int, int)</a></span> - Constructor for class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>
-<div class="block">Create a new <code>YUVImage</code> instance backed by a unified image
- buffer, and allocate memory for the image buffer.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#YUVImage(byte[][],%20int[],%20int,%20int[],%20int,%20int)">YUVImage(byte[][], int[], int, int[], int, int)</a></span> - Constructor for class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>
-<div class="block">Create a new <code>YUVImage</code> instance from a set of existing image
- planes.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#YUVImage(byte[],%20int,%20int,%20int,%20int)">YUVImage(byte[], int, int, int, int)</a></span> - Constructor for class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>
-<div class="block">Create a new <code>YUVImage</code> instance from an existing unified image
- buffer.</div>
-</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#yuvOffsets">yuvOffsets</a></span> - Variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>&nbsp;</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#yuvPad">yuvPad</a></span> - Variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>&nbsp;</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#yuvPlanes">yuvPlanes</a></span> - Variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>&nbsp;</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#yuvStrides">yuvStrides</a></span> - Variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>&nbsp;</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#yuvSubsamp">yuvSubsamp</a></span> - Variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>&nbsp;</dd>
-<dt><span class="strong"><a href="./org/libjpegturbo/turbojpeg/YUVImage.html#yuvWidth">yuvWidth</a></span> - Variable in class org.libjpegturbo.turbojpeg.<a href="./org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></dt>
-<dd>&nbsp;</dd>
-</dl>
-<a href="#_B_">B</a>&nbsp;<a href="#_C_">C</a>&nbsp;<a href="#_D_">D</a>&nbsp;<a href="#_E_">E</a>&nbsp;<a href="#_F_">F</a>&nbsp;<a href="#_G_">G</a>&nbsp;<a href="#_H_">H</a>&nbsp;<a href="#_I_">I</a>&nbsp;<a href="#_J_">J</a>&nbsp;<a href="#_N_">N</a>&nbsp;<a href="#_O_">O</a>&nbsp;<a href="#_P_">P</a>&nbsp;<a href="#_S_">S</a>&nbsp;<a href="#_T_">T</a>&nbsp;<a href="#_Y_">Y</a>&nbsp;</div>
-<!-- ======= START OF BOTTOM NAVBAR ====== -->
-<div class="bottomNav"><a name="navbar_bottom">
-<!--   -->
-</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="./org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li>Class</li>
-<li><a href="./org/libjpegturbo/turbojpeg/package-tree.html">Tree</a></li>
-<li><a href="./deprecated-list.html">Deprecated</a></li>
-<li class="navBarCell1Rev">Index</li>
-<li><a href="./help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li>Prev</li>
-<li>Next</li>
-</ul>
-<ul class="navList">
-<li><a href="./index.html?index-all.html" target="_top">Frames</a></li>
-<li><a href="index-all.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_bottom">
-<li><a href="./allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_bottom");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<a name="skip-navbar_bottom">
-<!--   -->
-</a></div>
-<!-- ======== END OF BOTTOM NAVBAR ======= -->
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/index.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/index.html
deleted file mode 100644
index 4e21075..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/index.html
+++ /dev/null
@@ -1,71 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>Generated Documentation (Untitled)</title>
-<script type="text/javascript">
-    tmpTargetPage = "" + window.location.search;
-    if (tmpTargetPage != "" && tmpTargetPage != "undefined")
-        tmpTargetPage = tmpTargetPage.substring(1);
-    if (tmpTargetPage.indexOf(":") != -1 || (tmpTargetPage != "" && !validURL(tmpTargetPage)))
-        tmpTargetPage = "undefined";
-    targetPage = tmpTargetPage;
-    function validURL(url) {
-        try {
-            url = decodeURIComponent(url);
-        }
-        catch (error) {
-            return false;
-        }
-        var pos = url.indexOf(".html");
-        if (pos == -1 || pos != url.length - 5)
-            return false;
-        var allowNumber = false;
-        var allowSep = false;
-        var seenDot = false;
-        for (var i = 0; i < url.length - 5; i++) {
-            var ch = url.charAt(i);
-            if ('a' <= ch && ch <= 'z' ||
-                    'A' <= ch && ch <= 'Z' ||
-                    ch == '$' ||
-                    ch == '_' ||
-                    ch.charCodeAt(0) > 127) {
-                allowNumber = true;
-                allowSep = true;
-            } else if ('0' <= ch && ch <= '9'
-                    || ch == '-') {
-                if (!allowNumber)
-                     return false;
-            } else if (ch == '/' || ch == '.') {
-                if (!allowSep)
-                    return false;
-                allowNumber = false;
-                allowSep = false;
-                if (ch == '.')
-                     seenDot = true;
-                if (ch == '/' && seenDot)
-                     return false;
-            } else {
-                return false;
-            }
-        }
-        return true;
-    }
-    function loadFrames() {
-        if (targetPage != "" && targetPage != "undefined")
-             top.classFrame.location = top.targetPage;
-    }
-</script>
-</head>
-<frameset cols="20%,80%" title="Documentation frame" onload="top.loadFrames()">
-<frame src="allclasses-frame.html" name="packageFrame" title="All classes and interfaces (except non-static nested types)">
-<frame src="org/libjpegturbo/turbojpeg/package-summary.html" name="classFrame" title="Package, class and interface descriptions" scrolling="yes">
-<noframes>
-<noscript>
-<div>JavaScript is disabled on your browser.</div>
-</noscript>
-<h2>Frame Alert</h2>
-<p>This document is designed to be viewed using the frames feature. If you see this message, you are using a non-frame-capable web client. Link to <a href="org/libjpegturbo/turbojpeg/package-summary.html">Non-frame version</a>.</p>
-</noframes>
-</frameset>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJ.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJ.html
deleted file mode 100644
index 2a3de37..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJ.html
+++ /dev/null
@@ -1,1381 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>TJ</title>
-<link rel="stylesheet" type="text/css" href="../../../stylesheet.css" title="Style">
-</head>
-<body>
-<script type="text/javascript"><!--
-    try {
-        if (location.href.indexOf('is-external=true') == -1) {
-            parent.document.title="TJ";
-        }
-    }
-    catch(err) {
-    }
-//-->
-</script>
-<noscript>
-<div>JavaScript is disabled on your browser.</div>
-</noscript>
-<!-- ========= START OF TOP NAVBAR ======= -->
-<div class="topNav"><a name="navbar_top">
-<!--   -->
-</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li class="navBarCell1Rev">Class</li>
-<li><a href="package-tree.html">Tree</a></li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li>Prev Class</li>
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Next Class</span></a></li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/TJ.html" target="_top">Frames</a></li>
-<li><a href="TJ.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_top">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_top");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<div>
-<ul class="subNavList">
-<li>Summary:&nbsp;</li>
-<li>Nested&nbsp;|&nbsp;</li>
-<li><a href="#field_summary">Field</a>&nbsp;|&nbsp;</li>
-<li>Constr&nbsp;|&nbsp;</li>
-<li><a href="#method_summary">Method</a></li>
-</ul>
-<ul class="subNavList">
-<li>Detail:&nbsp;</li>
-<li><a href="#field_detail">Field</a>&nbsp;|&nbsp;</li>
-<li>Constr&nbsp;|&nbsp;</li>
-<li><a href="#method_detail">Method</a></li>
-</ul>
-</div>
-<a name="skip-navbar_top">
-<!--   -->
-</a></div>
-<!-- ========= END OF TOP NAVBAR ========= -->
-<!-- ======== START OF CLASS DATA ======== -->
-<div class="header">
-<div class="subTitle">org.libjpegturbo.turbojpeg</div>
-<h2 title="Class TJ" class="title">Class TJ</h2>
-</div>
-<div class="contentContainer">
-<ul class="inheritance">
-<li>java.lang.Object</li>
-<li>
-<ul class="inheritance">
-<li>org.libjpegturbo.turbojpeg.TJ</li>
-</ul>
-</li>
-</ul>
-<div class="description">
-<ul class="blockList">
-<li class="blockList">
-<hr>
-<br>
-<pre>public final class <span class="strong">TJ</span>
-extends java.lang.Object</pre>
-<div class="block">TurboJPEG utility class (cannot be instantiated)</div>
-</li>
-</ul>
-</div>
-<div class="summary">
-<ul class="blockList">
-<li class="blockList">
-<!-- =========== FIELD SUMMARY =========== -->
-<ul class="blockList">
-<li class="blockList"><a name="field_summary">
-<!--   -->
-</a>
-<h3>Field Summary</h3>
-<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Field Summary table, listing fields, and an explanation">
-<caption><span>Fields</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colFirst" scope="col">Modifier and Type</th>
-<th class="colLast" scope="col">Field and Description</th>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#CS_CMYK">CS_CMYK</a></strong></code>
-<div class="block">CMYK colorspace.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#CS_GRAY">CS_GRAY</a></strong></code>
-<div class="block">Grayscale colorspace.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#CS_RGB">CS_RGB</a></strong></code>
-<div class="block">RGB colorspace.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#CS_YCbCr">CS_YCbCr</a></strong></code>
-<div class="block">YCbCr colorspace.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#CS_YCCK">CS_YCCK</a></strong></code>
-<div class="block">YCCK colorspace.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#ERR_FATAL">ERR_FATAL</a></strong></code>
-<div class="block">The error was fatal and non-recoverable.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#ERR_WARNING">ERR_WARNING</a></strong></code>
-<div class="block">The error was non-fatal and recoverable, but the image may still be
- corrupt.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_ACCURATEDCT">FLAG_ACCURATEDCT</a></strong></code>
-<div class="block">Use the most accurate DCT/IDCT algorithm available in the underlying
- codec.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_BOTTOMUP">FLAG_BOTTOMUP</a></strong></code>
-<div class="block">The uncompressed source/destination image is stored in bottom-up (Windows,
- OpenGL) order, not top-down (X11) order.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_FASTDCT">FLAG_FASTDCT</a></strong></code>
-<div class="block">Use the fastest DCT/IDCT algorithm available in the underlying codec.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_FASTUPSAMPLE">FLAG_FASTUPSAMPLE</a></strong></code>
-<div class="block">When decompressing an image that was compressed using chrominance
- subsampling, use the fastest chrominance upsampling algorithm available in
- the underlying codec.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_FORCEMMX">FLAG_FORCEMMX</a></strong></code>
-<div class="block"><strong>Deprecated.</strong>&nbsp;</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_FORCESSE">FLAG_FORCESSE</a></strong></code>
-<div class="block"><strong>Deprecated.</strong>&nbsp;</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_FORCESSE2">FLAG_FORCESSE2</a></strong></code>
-<div class="block"><strong>Deprecated.</strong>&nbsp;</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_FORCESSE3">FLAG_FORCESSE3</a></strong></code>
-<div class="block"><strong>Deprecated.</strong>&nbsp;</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_LIMITSCANS">FLAG_LIMITSCANS</a></strong></code>
-<div class="block">Limit the number of progressive JPEG scans that the decompression and
- transform operations will process.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_PROGRESSIVE">FLAG_PROGRESSIVE</a></strong></code>
-<div class="block">Use progressive entropy coding in JPEG images generated by compression and
- transform operations.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_STOPONWARNING">FLAG_STOPONWARNING</a></strong></code>
-<div class="block">Immediately discontinue the current compression/decompression/transform
- operation if the underlying codec throws a warning (non-fatal error).</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#NUMCS">NUMCS</a></strong></code>
-<div class="block">The number of JPEG colorspaces</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#NUMERR">NUMERR</a></strong></code>
-<div class="block">The number of error codes</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#NUMPF">NUMPF</a></strong></code>
-<div class="block">The number of pixel formats</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#NUMSAMP">NUMSAMP</a></strong></code>
-<div class="block">The number of chrominance subsampling options</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_ABGR">PF_ABGR</a></strong></code>
-<div class="block">ABGR pixel format.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_ARGB">PF_ARGB</a></strong></code>
-<div class="block">ARGB pixel format.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_BGR">PF_BGR</a></strong></code>
-<div class="block">BGR pixel format.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_BGRA">PF_BGRA</a></strong></code>
-<div class="block">BGRA pixel format.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_BGRX">PF_BGRX</a></strong></code>
-<div class="block">BGRX pixel format.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_CMYK">PF_CMYK</a></strong></code>
-<div class="block">CMYK pixel format.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_GRAY">PF_GRAY</a></strong></code>
-<div class="block">Grayscale pixel format.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_RGB">PF_RGB</a></strong></code>
-<div class="block">RGB pixel format.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_RGBA">PF_RGBA</a></strong></code>
-<div class="block">RGBA pixel format.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_RGBX">PF_RGBX</a></strong></code>
-<div class="block">RGBX pixel format.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_XBGR">PF_XBGR</a></strong></code>
-<div class="block">XBGR pixel format.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_XRGB">PF_XRGB</a></strong></code>
-<div class="block">XRGB pixel format.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#SAMP_411">SAMP_411</a></strong></code>
-<div class="block">4:1:1 chrominance subsampling.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#SAMP_420">SAMP_420</a></strong></code>
-<div class="block">4:2:0 chrominance subsampling.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#SAMP_422">SAMP_422</a></strong></code>
-<div class="block">4:2:2 chrominance subsampling.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#SAMP_440">SAMP_440</a></strong></code>
-<div class="block">4:4:0 chrominance subsampling.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#SAMP_444">SAMP_444</a></strong></code>
-<div class="block">4:4:4 chrominance subsampling (no chrominance subsampling).</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#SAMP_GRAY">SAMP_GRAY</a></strong></code>
-<div class="block">Grayscale.</div>
-</td>
-</tr>
-</table>
-</li>
-</ul>
-<!-- ========== METHOD SUMMARY =========== -->
-<ul class="blockList">
-<li class="blockList"><a name="method_summary">
-<!--   -->
-</a>
-<h3>Method Summary</h3>
-<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation">
-<caption><span>Methods</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colFirst" scope="col">Modifier and Type</th>
-<th class="colLast" scope="col">Method and Description</th>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#bufSize(int,%20int,%20int)">bufSize</a></strong>(int&nbsp;width,
-       int&nbsp;height,
-       int&nbsp;jpegSubsamp)</code>
-<div class="block">Returns the maximum size of the buffer (in bytes) required to hold a JPEG
- image with the given width, height, and level of chrominance subsampling.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#bufSizeYUV(int,%20int,%20int)">bufSizeYUV</a></strong>(int&nbsp;width,
-          int&nbsp;height,
-          int&nbsp;subsamp)</code>
-<div class="block"><strong>Deprecated.</strong>&nbsp;
-<div class="block"><i>Use <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#bufSizeYUV(int,%20int,%20int,%20int)"><code>bufSizeYUV(int, int, int, int)</code></a> instead.</i></div>
-</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#bufSizeYUV(int,%20int,%20int,%20int)">bufSizeYUV</a></strong>(int&nbsp;width,
-          int&nbsp;pad,
-          int&nbsp;height,
-          int&nbsp;subsamp)</code>
-<div class="block">Returns the size of the buffer (in bytes) required to hold a YUV planar
- image with the given width, height, and level of chrominance subsampling.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#getAlphaOffset(int)">getAlphaOffset</a></strong>(int&nbsp;pixelFormat)</code>
-<div class="block">For the given pixel format, returns the number of bytes that the alpha
- component is offset from the start of the pixel.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#getBlueOffset(int)">getBlueOffset</a></strong>(int&nbsp;pixelFormat)</code>
-<div class="block">For the given pixel format, returns the number of bytes that the blue
- component is offset from the start of the pixel.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#getGreenOffset(int)">getGreenOffset</a></strong>(int&nbsp;pixelFormat)</code>
-<div class="block">For the given pixel format, returns the number of bytes that the green
- component is offset from the start of the pixel.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#getMCUHeight(int)">getMCUHeight</a></strong>(int&nbsp;subsamp)</code>
-<div class="block">Returns the MCU block height for the given level of chrominance
- subsampling.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#getMCUWidth(int)">getMCUWidth</a></strong>(int&nbsp;subsamp)</code>
-<div class="block">Returns the MCU block width for the given level of chrominance
- subsampling.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#getPixelSize(int)">getPixelSize</a></strong>(int&nbsp;pixelFormat)</code>
-<div class="block">Returns the pixel size (in bytes) for the given pixel format.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#getRedOffset(int)">getRedOffset</a></strong>(int&nbsp;pixelFormat)</code>
-<div class="block">For the given pixel format, returns the number of bytes that the red
- component is offset from the start of the pixel.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static <a href="../../../org/libjpegturbo/turbojpeg/TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg">TJScalingFactor</a>[]</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#getScalingFactors()">getScalingFactors</a></strong>()</code>
-<div class="block">Returns a list of fractional scaling factors that the JPEG decompressor in
- this implementation of TurboJPEG supports.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#planeHeight(int,%20int,%20int)">planeHeight</a></strong>(int&nbsp;componentID,
-           int&nbsp;height,
-           int&nbsp;subsamp)</code>
-<div class="block">Returns the plane height of a YUV image plane with the given parameters.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#planeSizeYUV(int,%20int,%20int,%20int,%20int)">planeSizeYUV</a></strong>(int&nbsp;componentID,
-            int&nbsp;width,
-            int&nbsp;stride,
-            int&nbsp;height,
-            int&nbsp;subsamp)</code>
-<div class="block">Returns the size of the buffer (in bytes) required to hold a YUV image
- plane with the given parameters.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJ.html#planeWidth(int,%20int,%20int)">planeWidth</a></strong>(int&nbsp;componentID,
-          int&nbsp;width,
-          int&nbsp;subsamp)</code>
-<div class="block">Returns the plane width of a YUV image plane with the given parameters.</div>
-</td>
-</tr>
-</table>
-<ul class="blockList">
-<li class="blockList"><a name="methods_inherited_from_class_java.lang.Object">
-<!--   -->
-</a>
-<h3>Methods inherited from class&nbsp;java.lang.Object</h3>
-<code>clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait</code></li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</div>
-<div class="details">
-<ul class="blockList">
-<li class="blockList">
-<!-- ============ FIELD DETAIL =========== -->
-<ul class="blockList">
-<li class="blockList"><a name="field_detail">
-<!--   -->
-</a>
-<h3>Field Detail</h3>
-<a name="NUMSAMP">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>NUMSAMP</h4>
-<pre>public static final&nbsp;int NUMSAMP</pre>
-<div class="block">The number of chrominance subsampling options</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.NUMSAMP">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="SAMP_444">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>SAMP_444</h4>
-<pre>public static final&nbsp;int SAMP_444</pre>
-<div class="block">4:4:4 chrominance subsampling (no chrominance subsampling).  The JPEG
- or YUV image will contain one chrominance component for every pixel in the
- source image.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.SAMP_444">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="SAMP_422">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>SAMP_422</h4>
-<pre>public static final&nbsp;int SAMP_422</pre>
-<div class="block">4:2:2 chrominance subsampling.  The JPEG or YUV image will contain one
- chrominance component for every 2x1 block of pixels in the source image.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.SAMP_422">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="SAMP_420">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>SAMP_420</h4>
-<pre>public static final&nbsp;int SAMP_420</pre>
-<div class="block">4:2:0 chrominance subsampling.  The JPEG or YUV image will contain one
- chrominance component for every 2x2 block of pixels in the source image.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.SAMP_420">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="SAMP_GRAY">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>SAMP_GRAY</h4>
-<pre>public static final&nbsp;int SAMP_GRAY</pre>
-<div class="block">Grayscale.  The JPEG or YUV image will contain no chrominance components.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.SAMP_GRAY">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="SAMP_440">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>SAMP_440</h4>
-<pre>public static final&nbsp;int SAMP_440</pre>
-<div class="block">4:4:0 chrominance subsampling.  The JPEG or YUV image will contain one
- chrominance component for every 1x2 block of pixels in the source image.
- Note that 4:4:0 subsampling is not fully accelerated in libjpeg-turbo.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.SAMP_440">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="SAMP_411">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>SAMP_411</h4>
-<pre>public static final&nbsp;int SAMP_411</pre>
-<div class="block">4:1:1 chrominance subsampling.  The JPEG or YUV image will contain one
- chrominance component for every 4x1 block of pixels in the source image.
- JPEG images compressed with 4:1:1 subsampling will be almost exactly the
- same size as those compressed with 4:2:0 subsampling, and in the
- aggregate, both subsampling methods produce approximately the same
- perceptual quality.  However, 4:1:1 is better able to reproduce sharp
- horizontal features.  Note that 4:1:1 subsampling is not fully accelerated
- in libjpeg-turbo.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.SAMP_411">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="NUMPF">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>NUMPF</h4>
-<pre>public static final&nbsp;int NUMPF</pre>
-<div class="block">The number of pixel formats</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.NUMPF">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="PF_RGB">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>PF_RGB</h4>
-<pre>public static final&nbsp;int PF_RGB</pre>
-<div class="block">RGB pixel format.  The red, green, and blue components in the image are
- stored in 3-byte pixels in the order R, G, B from lowest to highest byte
- address within each pixel.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.PF_RGB">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="PF_BGR">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>PF_BGR</h4>
-<pre>public static final&nbsp;int PF_BGR</pre>
-<div class="block">BGR pixel format.  The red, green, and blue components in the image are
- stored in 3-byte pixels in the order B, G, R from lowest to highest byte
- address within each pixel.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.PF_BGR">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="PF_RGBX">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>PF_RGBX</h4>
-<pre>public static final&nbsp;int PF_RGBX</pre>
-<div class="block">RGBX pixel format.  The red, green, and blue components in the image are
- stored in 4-byte pixels in the order R, G, B from lowest to highest byte
- address within each pixel.  The X component is ignored when compressing
- and undefined when decompressing.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.PF_RGBX">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="PF_BGRX">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>PF_BGRX</h4>
-<pre>public static final&nbsp;int PF_BGRX</pre>
-<div class="block">BGRX pixel format.  The red, green, and blue components in the image are
- stored in 4-byte pixels in the order B, G, R from lowest to highest byte
- address within each pixel.  The X component is ignored when compressing
- and undefined when decompressing.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.PF_BGRX">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="PF_XBGR">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>PF_XBGR</h4>
-<pre>public static final&nbsp;int PF_XBGR</pre>
-<div class="block">XBGR pixel format.  The red, green, and blue components in the image are
- stored in 4-byte pixels in the order R, G, B from highest to lowest byte
- address within each pixel.  The X component is ignored when compressing
- and undefined when decompressing.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.PF_XBGR">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="PF_XRGB">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>PF_XRGB</h4>
-<pre>public static final&nbsp;int PF_XRGB</pre>
-<div class="block">XRGB pixel format.  The red, green, and blue components in the image are
- stored in 4-byte pixels in the order B, G, R from highest to lowest byte
- address within each pixel.  The X component is ignored when compressing
- and undefined when decompressing.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.PF_XRGB">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="PF_GRAY">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>PF_GRAY</h4>
-<pre>public static final&nbsp;int PF_GRAY</pre>
-<div class="block">Grayscale pixel format.  Each 1-byte pixel represents a luminance
- (brightness) level from 0 to 255.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.PF_GRAY">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="PF_RGBA">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>PF_RGBA</h4>
-<pre>public static final&nbsp;int PF_RGBA</pre>
-<div class="block">RGBA pixel format.  This is the same as <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_RGBX"><code>PF_RGBX</code></a>, except that when
- decompressing, the X byte is guaranteed to be 0xFF, which can be
- interpreted as an opaque alpha channel.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.PF_RGBA">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="PF_BGRA">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>PF_BGRA</h4>
-<pre>public static final&nbsp;int PF_BGRA</pre>
-<div class="block">BGRA pixel format.  This is the same as <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_BGRX"><code>PF_BGRX</code></a>, except that when
- decompressing, the X byte is guaranteed to be 0xFF, which can be
- interpreted as an opaque alpha channel.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.PF_BGRA">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="PF_ABGR">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>PF_ABGR</h4>
-<pre>public static final&nbsp;int PF_ABGR</pre>
-<div class="block">ABGR pixel format.  This is the same as <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_XBGR"><code>PF_XBGR</code></a>, except that when
- decompressing, the X byte is guaranteed to be 0xFF, which can be
- interpreted as an opaque alpha channel.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.PF_ABGR">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="PF_ARGB">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>PF_ARGB</h4>
-<pre>public static final&nbsp;int PF_ARGB</pre>
-<div class="block">ARGB pixel format.  This is the same as <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_XRGB"><code>PF_XRGB</code></a>, except that when
- decompressing, the X byte is guaranteed to be 0xFF, which can be
- interpreted as an opaque alpha channel.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.PF_ARGB">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="PF_CMYK">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>PF_CMYK</h4>
-<pre>public static final&nbsp;int PF_CMYK</pre>
-<div class="block">CMYK pixel format.  Unlike RGB, which is an additive color model used
- primarily for display, CMYK (Cyan/Magenta/Yellow/Key) is a subtractive
- color model used primarily for printing.  In the CMYK color model, the
- value of each color component typically corresponds to an amount of cyan,
- magenta, yellow, or black ink that is applied to a white background.  In
- order to convert between CMYK and RGB, it is necessary to use a color
- management system (CMS.)  A CMS will attempt to map colors within the
- printer's gamut to perceptually similar colors in the display's gamut and
- vice versa, but the mapping is typically not 1:1 or reversible, nor can it
- be defined with a simple formula.  Thus, such a conversion is out of scope
- for a codec library.  However, the TurboJPEG API allows for compressing
- CMYK pixels into a YCCK JPEG image (see <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#CS_YCCK"><code>CS_YCCK</code></a>) and
- decompressing YCCK JPEG images into CMYK pixels.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.PF_CMYK">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="NUMCS">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>NUMCS</h4>
-<pre>public static final&nbsp;int NUMCS</pre>
-<div class="block">The number of JPEG colorspaces</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.NUMCS">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="CS_RGB">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>CS_RGB</h4>
-<pre>public static final&nbsp;int CS_RGB</pre>
-<div class="block">RGB colorspace.  When compressing the JPEG image, the R, G, and B
- components in the source image are reordered into image planes, but no
- colorspace conversion or subsampling is performed.  RGB JPEG images can be
- decompressed to any of the extended RGB pixel formats or grayscale, but
- they cannot be decompressed to YUV images.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.CS_RGB">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="CS_YCbCr">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>CS_YCbCr</h4>
-<pre>public static final&nbsp;int CS_YCbCr</pre>
-<div class="block">YCbCr colorspace.  YCbCr is not an absolute colorspace but rather a
- mathematical transformation of RGB designed solely for storage and
- transmission.  YCbCr images must be converted to RGB before they can
- actually be displayed.  In the YCbCr colorspace, the Y (luminance)
- component represents the black &amp; white portion of the original image,
- and the Cb and Cr (chrominance) components represent the color portion of
- the original image.  Originally, the analog equivalent of this
- transformation allowed the same signal to drive both black &amp; white and
- color televisions, but JPEG images use YCbCr primarily because it allows
- the color data to be optionally subsampled for the purposes of reducing
- bandwidth or disk space.  YCbCr is the most common JPEG colorspace, and
- YCbCr JPEG images can be compressed from and decompressed to any of the
- extended RGB pixel formats or grayscale, or they can be decompressed to
- YUV planar images.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.CS_YCbCr">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="CS_GRAY">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>CS_GRAY</h4>
-<pre>public static final&nbsp;int CS_GRAY</pre>
-<div class="block">Grayscale colorspace.  The JPEG image retains only the luminance data (Y
- component), and any color data from the source image is discarded.
- Grayscale JPEG images can be compressed from and decompressed to any of
- the extended RGB pixel formats or grayscale, or they can be decompressed
- to YUV planar images.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.CS_GRAY">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="CS_CMYK">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>CS_CMYK</h4>
-<pre>public static final&nbsp;int CS_CMYK</pre>
-<div class="block">CMYK colorspace.  When compressing the JPEG image, the C, M, Y, and K
- components in the source image are reordered into image planes, but no
- colorspace conversion or subsampling is performed.  CMYK JPEG images can
- only be decompressed to CMYK pixels.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.CS_CMYK">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="CS_YCCK">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>CS_YCCK</h4>
-<pre>public static final&nbsp;int CS_YCCK</pre>
-<div class="block">YCCK colorspace.  YCCK (AKA "YCbCrK") is not an absolute colorspace but
- rather a mathematical transformation of CMYK designed solely for storage
- and transmission.  It is to CMYK as YCbCr is to RGB.  CMYK pixels can be
- reversibly transformed into YCCK, and as with YCbCr, the chrominance
- components in the YCCK pixels can be subsampled without incurring major
- perceptual loss.  YCCK JPEG images can only be compressed from and
- decompressed to CMYK pixels.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.CS_YCCK">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="FLAG_BOTTOMUP">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>FLAG_BOTTOMUP</h4>
-<pre>public static final&nbsp;int FLAG_BOTTOMUP</pre>
-<div class="block">The uncompressed source/destination image is stored in bottom-up (Windows,
- OpenGL) order, not top-down (X11) order.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.FLAG_BOTTOMUP">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="FLAG_FORCEMMX">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>FLAG_FORCEMMX</h4>
-<pre>@Deprecated
-public static final&nbsp;int FLAG_FORCEMMX</pre>
-<div class="block"><span class="strong">Deprecated.</span>&nbsp;</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.FLAG_FORCEMMX">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="FLAG_FORCESSE">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>FLAG_FORCESSE</h4>
-<pre>@Deprecated
-public static final&nbsp;int FLAG_FORCESSE</pre>
-<div class="block"><span class="strong">Deprecated.</span>&nbsp;</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.FLAG_FORCESSE">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="FLAG_FORCESSE2">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>FLAG_FORCESSE2</h4>
-<pre>@Deprecated
-public static final&nbsp;int FLAG_FORCESSE2</pre>
-<div class="block"><span class="strong">Deprecated.</span>&nbsp;</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.FLAG_FORCESSE2">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="FLAG_FORCESSE3">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>FLAG_FORCESSE3</h4>
-<pre>@Deprecated
-public static final&nbsp;int FLAG_FORCESSE3</pre>
-<div class="block"><span class="strong">Deprecated.</span>&nbsp;</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.FLAG_FORCESSE3">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="FLAG_FASTUPSAMPLE">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>FLAG_FASTUPSAMPLE</h4>
-<pre>public static final&nbsp;int FLAG_FASTUPSAMPLE</pre>
-<div class="block">When decompressing an image that was compressed using chrominance
- subsampling, use the fastest chrominance upsampling algorithm available in
- the underlying codec.  The default is to use smooth upsampling, which
- creates a smooth transition between neighboring chrominance components in
- order to reduce upsampling artifacts in the decompressed image.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.FLAG_FASTUPSAMPLE">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="FLAG_FASTDCT">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>FLAG_FASTDCT</h4>
-<pre>public static final&nbsp;int FLAG_FASTDCT</pre>
-<div class="block">Use the fastest DCT/IDCT algorithm available in the underlying codec.  The
- default if this flag is not specified is implementation-specific.  For
- example, the implementation of TurboJPEG for libjpeg[-turbo] uses the fast
- algorithm by default when compressing, because this has been shown to have
- only a very slight effect on accuracy, but it uses the accurate algorithm
- when decompressing, because this has been shown to have a larger effect.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.FLAG_FASTDCT">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="FLAG_ACCURATEDCT">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>FLAG_ACCURATEDCT</h4>
-<pre>public static final&nbsp;int FLAG_ACCURATEDCT</pre>
-<div class="block">Use the most accurate DCT/IDCT algorithm available in the underlying
- codec.  The default if this flag is not specified is
- implementation-specific.  For example, the implementation of TurboJPEG for
- libjpeg[-turbo] uses the fast algorithm by default when compressing,
- because this has been shown to have only a very slight effect on accuracy,
- but it uses the accurate algorithm when decompressing, because this has
- been shown to have a larger effect.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.FLAG_ACCURATEDCT">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="FLAG_STOPONWARNING">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>FLAG_STOPONWARNING</h4>
-<pre>public static final&nbsp;int FLAG_STOPONWARNING</pre>
-<div class="block">Immediately discontinue the current compression/decompression/transform
- operation if the underlying codec throws a warning (non-fatal error).  The
- default behavior is to allow the operation to complete unless a fatal
- error is encountered.
- <p>
- NOTE: due to the design of the TurboJPEG Java API, only certain methods
- (specifically, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg"><code>TJDecompressor.decompress*()</code></a> methods
- with a void return type) will complete and leave the output image in a
- fully recoverable state after a non-fatal error occurs.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.FLAG_STOPONWARNING">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="FLAG_PROGRESSIVE">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>FLAG_PROGRESSIVE</h4>
-<pre>public static final&nbsp;int FLAG_PROGRESSIVE</pre>
-<div class="block">Use progressive entropy coding in JPEG images generated by compression and
- transform operations.  Progressive entropy coding will generally improve
- compression relative to baseline entropy coding (the default), but it will
- reduce compression and decompression performance considerably.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.FLAG_PROGRESSIVE">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="FLAG_LIMITSCANS">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>FLAG_LIMITSCANS</h4>
-<pre>public static final&nbsp;int FLAG_LIMITSCANS</pre>
-<div class="block">Limit the number of progressive JPEG scans that the decompression and
- transform operations will process.  If a progressive JPEG image contains
- an unreasonably large number of scans, then this flag will cause the
- decompression and transform operations to throw an error.  The primary
- purpose of this is to allow security-critical applications to guard
- against an exploit of the progressive JPEG format described in
- <a href="https://libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf" target="_blank">this report</a>.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.FLAG_LIMITSCANS">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="NUMERR">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>NUMERR</h4>
-<pre>public static final&nbsp;int NUMERR</pre>
-<div class="block">The number of error codes</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.NUMERR">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="ERR_WARNING">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>ERR_WARNING</h4>
-<pre>public static final&nbsp;int ERR_WARNING</pre>
-<div class="block">The error was non-fatal and recoverable, but the image may still be
- corrupt.
- <p>
- NOTE: due to the design of the TurboJPEG Java API, only certain methods
- (specifically, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg"><code>TJDecompressor.decompress*()</code></a> methods
- with a void return type) will complete and leave the output image in a
- fully recoverable state after a non-fatal error occurs.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.ERR_WARNING">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="ERR_FATAL">
-<!--   -->
-</a>
-<ul class="blockListLast">
-<li class="blockList">
-<h4>ERR_FATAL</h4>
-<pre>public static final&nbsp;int ERR_FATAL</pre>
-<div class="block">The error was fatal and non-recoverable.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJ.ERR_FATAL">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-</li>
-</ul>
-<!-- ============ METHOD DETAIL ========== -->
-<ul class="blockList">
-<li class="blockList"><a name="method_detail">
-<!--   -->
-</a>
-<h3>Method Detail</h3>
-<a name="getMCUWidth(int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getMCUWidth</h4>
-<pre>public static&nbsp;int&nbsp;getMCUWidth(int&nbsp;subsamp)</pre>
-<div class="block">Returns the MCU block width for the given level of chrominance
- subsampling.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>subsamp</code> - the level of chrominance subsampling (one of
- <code>SAMP_*</code>)</dd>
-<dt><span class="strong">Returns:</span></dt><dd>the MCU block width for the given level of chrominance
- subsampling.</dd></dl>
-</li>
-</ul>
-<a name="getMCUHeight(int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getMCUHeight</h4>
-<pre>public static&nbsp;int&nbsp;getMCUHeight(int&nbsp;subsamp)</pre>
-<div class="block">Returns the MCU block height for the given level of chrominance
- subsampling.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>subsamp</code> - the level of chrominance subsampling (one of
- <code>SAMP_*</code>)</dd>
-<dt><span class="strong">Returns:</span></dt><dd>the MCU block height for the given level of chrominance
- subsampling.</dd></dl>
-</li>
-</ul>
-<a name="getPixelSize(int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getPixelSize</h4>
-<pre>public static&nbsp;int&nbsp;getPixelSize(int&nbsp;pixelFormat)</pre>
-<div class="block">Returns the pixel size (in bytes) for the given pixel format.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>pixelFormat</code> - the pixel format (one of <code>PF_*</code>)</dd>
-<dt><span class="strong">Returns:</span></dt><dd>the pixel size (in bytes) for the given pixel format.</dd></dl>
-</li>
-</ul>
-<a name="getRedOffset(int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getRedOffset</h4>
-<pre>public static&nbsp;int&nbsp;getRedOffset(int&nbsp;pixelFormat)</pre>
-<div class="block">For the given pixel format, returns the number of bytes that the red
- component is offset from the start of the pixel.  For instance, if a pixel
- of format <code>TJ.PF_BGRX</code> is stored in <code>char pixel[]</code>,
- then the red component will be
- <code>pixel[TJ.getRedOffset(TJ.PF_BGRX)]</code>.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>pixelFormat</code> - the pixel format (one of <code>PF_*</code>)</dd>
-<dt><span class="strong">Returns:</span></dt><dd>the red offset for the given pixel format, or -1 if the pixel
- format does not have a red component.</dd></dl>
-</li>
-</ul>
-<a name="getGreenOffset(int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getGreenOffset</h4>
-<pre>public static&nbsp;int&nbsp;getGreenOffset(int&nbsp;pixelFormat)</pre>
-<div class="block">For the given pixel format, returns the number of bytes that the green
- component is offset from the start of the pixel.  For instance, if a pixel
- of format <code>TJ.PF_BGRX</code> is stored in <code>char pixel[]</code>,
- then the green component will be
- <code>pixel[TJ.getGreenOffset(TJ.PF_BGRX)]</code>.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>pixelFormat</code> - the pixel format (one of <code>PF_*</code>)</dd>
-<dt><span class="strong">Returns:</span></dt><dd>the green offset for the given pixel format, or -1 if the pixel
- format does not have a green component.</dd></dl>
-</li>
-</ul>
-<a name="getBlueOffset(int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getBlueOffset</h4>
-<pre>public static&nbsp;int&nbsp;getBlueOffset(int&nbsp;pixelFormat)</pre>
-<div class="block">For the given pixel format, returns the number of bytes that the blue
- component is offset from the start of the pixel.  For instance, if a pixel
- of format <code>TJ.PF_BGRX</code> is stored in <code>char pixel[]</code>,
- then the blue component will be
- <code>pixel[TJ.getBlueOffset(TJ.PF_BGRX)]</code>.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>pixelFormat</code> - the pixel format (one of <code>PF_*</code>)</dd>
-<dt><span class="strong">Returns:</span></dt><dd>the blue offset for the given pixel format, or -1 if the pixel
- format does not have a blue component.</dd></dl>
-</li>
-</ul>
-<a name="getAlphaOffset(int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getAlphaOffset</h4>
-<pre>public static&nbsp;int&nbsp;getAlphaOffset(int&nbsp;pixelFormat)</pre>
-<div class="block">For the given pixel format, returns the number of bytes that the alpha
- component is offset from the start of the pixel.  For instance, if a pixel
- of format <code>TJ.PF_BGRA</code> is stored in <code>char pixel[]</code>,
- then the alpha component will be
- <code>pixel[TJ.getAlphaOffset(TJ.PF_BGRA)]</code>.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>pixelFormat</code> - the pixel format (one of <code>PF_*</code>)</dd>
-<dt><span class="strong">Returns:</span></dt><dd>the alpha offset for the given pixel format, or -1 if the pixel
- format does not have a alpha component.</dd></dl>
-</li>
-</ul>
-<a name="bufSize(int, int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>bufSize</h4>
-<pre>public static&nbsp;int&nbsp;bufSize(int&nbsp;width,
-          int&nbsp;height,
-          int&nbsp;jpegSubsamp)</pre>
-<div class="block">Returns the maximum size of the buffer (in bytes) required to hold a JPEG
- image with the given width, height, and level of chrominance subsampling.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>width</code> - the width (in pixels) of the JPEG image</dd><dd><code>height</code> - the height (in pixels) of the JPEG image</dd><dd><code>jpegSubsamp</code> - the level of chrominance subsampling to be used when
- generating the JPEG image (one of <a href="../../../org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg"><code>TJ.SAMP_*</code></a>)</dd>
-<dt><span class="strong">Returns:</span></dt><dd>the maximum size of the buffer (in bytes) required to hold a JPEG
- image with the given width, height, and level of chrominance subsampling.</dd></dl>
-</li>
-</ul>
-<a name="bufSizeYUV(int, int, int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>bufSizeYUV</h4>
-<pre>public static&nbsp;int&nbsp;bufSizeYUV(int&nbsp;width,
-             int&nbsp;pad,
-             int&nbsp;height,
-             int&nbsp;subsamp)</pre>
-<div class="block">Returns the size of the buffer (in bytes) required to hold a YUV planar
- image with the given width, height, and level of chrominance subsampling.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>width</code> - the width (in pixels) of the YUV image</dd><dd><code>pad</code> - the width of each line in each plane of the image is padded to
- the nearest multiple of this number of bytes (must be a power of 2.)</dd><dd><code>height</code> - the height (in pixels) of the YUV image</dd><dd><code>subsamp</code> - the level of chrominance subsampling used in the YUV
- image (one of <a href="../../../org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg"><code>TJ.SAMP_*</code></a>)</dd>
-<dt><span class="strong">Returns:</span></dt><dd>the size of the buffer (in bytes) required to hold a YUV planar
- image with the given width, height, and level of chrominance subsampling.</dd></dl>
-</li>
-</ul>
-<a name="bufSizeYUV(int, int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>bufSizeYUV</h4>
-<pre>@Deprecated
-public static&nbsp;int&nbsp;bufSizeYUV(int&nbsp;width,
-                        int&nbsp;height,
-                        int&nbsp;subsamp)</pre>
-<div class="block"><span class="strong">Deprecated.</span>&nbsp;<i>Use <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#bufSizeYUV(int,%20int,%20int,%20int)"><code>bufSizeYUV(int, int, int, int)</code></a> instead.</i></div>
-</li>
-</ul>
-<a name="planeSizeYUV(int, int, int, int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>planeSizeYUV</h4>
-<pre>public static&nbsp;int&nbsp;planeSizeYUV(int&nbsp;componentID,
-               int&nbsp;width,
-               int&nbsp;stride,
-               int&nbsp;height,
-               int&nbsp;subsamp)</pre>
-<div class="block">Returns the size of the buffer (in bytes) required to hold a YUV image
- plane with the given parameters.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>componentID</code> - ID number of the image plane (0 = Y, 1 = U/Cb,
- 2 = V/Cr)</dd><dd><code>width</code> - width (in pixels) of the YUV image.  NOTE: this is the width
- of the whole image, not the plane width.</dd><dd><code>stride</code> - bytes per line in the image plane.</dd><dd><code>height</code> - height (in pixels) of the YUV image.  NOTE: this is the
- height of the whole image, not the plane height.</dd><dd><code>subsamp</code> - the level of chrominance subsampling used in the YUV
- image (one of <a href="../../../org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg"><code>TJ.SAMP_*</code></a>)</dd>
-<dt><span class="strong">Returns:</span></dt><dd>the size of the buffer (in bytes) required to hold a YUV planar
- image with the given parameters.</dd></dl>
-</li>
-</ul>
-<a name="planeWidth(int, int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>planeWidth</h4>
-<pre>public static&nbsp;int&nbsp;planeWidth(int&nbsp;componentID,
-             int&nbsp;width,
-             int&nbsp;subsamp)</pre>
-<div class="block">Returns the plane width of a YUV image plane with the given parameters.
- Refer to <a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg"><code>YUVImage</code></a> for a description of plane width.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>componentID</code> - ID number of the image plane (0 = Y, 1 = U/Cb,
- 2 = V/Cr)</dd><dd><code>width</code> - width (in pixels) of the YUV image</dd><dd><code>subsamp</code> - the level of chrominance subsampling used in the YUV image
- (one of <a href="../../../org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg"><code>TJ.SAMP_*</code></a>)</dd>
-<dt><span class="strong">Returns:</span></dt><dd>the plane width of a YUV image plane with the given parameters.</dd></dl>
-</li>
-</ul>
-<a name="planeHeight(int, int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>planeHeight</h4>
-<pre>public static&nbsp;int&nbsp;planeHeight(int&nbsp;componentID,
-              int&nbsp;height,
-              int&nbsp;subsamp)</pre>
-<div class="block">Returns the plane height of a YUV image plane with the given parameters.
- Refer to <a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg"><code>YUVImage</code></a> for a description of plane height.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>componentID</code> - ID number of the image plane (0 = Y, 1 = U/Cb,
- 2 = V/Cr)</dd><dd><code>height</code> - height (in pixels) of the YUV image</dd><dd><code>subsamp</code> - the level of chrominance subsampling used in the YUV image
- (one of <a href="../../../org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg"><code>TJ.SAMP_*</code></a>)</dd>
-<dt><span class="strong">Returns:</span></dt><dd>the plane height of a YUV image plane with the given parameters.</dd></dl>
-</li>
-</ul>
-<a name="getScalingFactors()">
-<!--   -->
-</a>
-<ul class="blockListLast">
-<li class="blockList">
-<h4>getScalingFactors</h4>
-<pre>public static&nbsp;<a href="../../../org/libjpegturbo/turbojpeg/TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg">TJScalingFactor</a>[]&nbsp;getScalingFactors()</pre>
-<div class="block">Returns a list of fractional scaling factors that the JPEG decompressor in
- this implementation of TurboJPEG supports.</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>a list of fractional scaling factors that the JPEG decompressor in
- this implementation of TurboJPEG supports.</dd></dl>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</div>
-</div>
-<!-- ========= END OF CLASS DATA ========= -->
-<!-- ======= START OF BOTTOM NAVBAR ====== -->
-<div class="bottomNav"><a name="navbar_bottom">
-<!--   -->
-</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li class="navBarCell1Rev">Class</li>
-<li><a href="package-tree.html">Tree</a></li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li>Prev Class</li>
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Next Class</span></a></li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/TJ.html" target="_top">Frames</a></li>
-<li><a href="TJ.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_bottom">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_bottom");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<div>
-<ul class="subNavList">
-<li>Summary:&nbsp;</li>
-<li>Nested&nbsp;|&nbsp;</li>
-<li><a href="#field_summary">Field</a>&nbsp;|&nbsp;</li>
-<li>Constr&nbsp;|&nbsp;</li>
-<li><a href="#method_summary">Method</a></li>
-</ul>
-<ul class="subNavList">
-<li>Detail:&nbsp;</li>
-<li><a href="#field_detail">Field</a>&nbsp;|&nbsp;</li>
-<li>Constr&nbsp;|&nbsp;</li>
-<li><a href="#method_detail">Method</a></li>
-</ul>
-</div>
-<a name="skip-navbar_bottom">
-<!--   -->
-</a></div>
-<!-- ======== END OF BOTTOM NAVBAR ======= -->
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJCompressor.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJCompressor.html
deleted file mode 100644
index a53f879..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJCompressor.html
+++ /dev/null
@@ -1,926 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>TJCompressor</title>
-<link rel="stylesheet" type="text/css" href="../../../stylesheet.css" title="Style">
-</head>
-<body>
-<script type="text/javascript"><!--
-    try {
-        if (location.href.indexOf('is-external=true') == -1) {
-            parent.document.title="TJCompressor";
-        }
-    }
-    catch(err) {
-    }
-//-->
-</script>
-<noscript>
-<div>JavaScript is disabled on your browser.</div>
-</noscript>
-<!-- ========= START OF TOP NAVBAR ======= -->
-<div class="topNav"><a name="navbar_top">
-<!--   -->
-</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li class="navBarCell1Rev">Class</li>
-<li><a href="package-tree.html">Tree</a></li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Prev Class</span></a></li>
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg"><span class="strong">Next Class</span></a></li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/TJCompressor.html" target="_top">Frames</a></li>
-<li><a href="TJCompressor.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_top">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_top");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<div>
-<ul class="subNavList">
-<li>Summary:&nbsp;</li>
-<li>Nested&nbsp;|&nbsp;</li>
-<li>Field&nbsp;|&nbsp;</li>
-<li><a href="#constructor_summary">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_summary">Method</a></li>
-</ul>
-<ul class="subNavList">
-<li>Detail:&nbsp;</li>
-<li>Field&nbsp;|&nbsp;</li>
-<li><a href="#constructor_detail">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_detail">Method</a></li>
-</ul>
-</div>
-<a name="skip-navbar_top">
-<!--   -->
-</a></div>
-<!-- ========= END OF TOP NAVBAR ========= -->
-<!-- ======== START OF CLASS DATA ======== -->
-<div class="header">
-<div class="subTitle">org.libjpegturbo.turbojpeg</div>
-<h2 title="Class TJCompressor" class="title">Class TJCompressor</h2>
-</div>
-<div class="contentContainer">
-<ul class="inheritance">
-<li>java.lang.Object</li>
-<li>
-<ul class="inheritance">
-<li>org.libjpegturbo.turbojpeg.TJCompressor</li>
-</ul>
-</li>
-</ul>
-<div class="description">
-<ul class="blockList">
-<li class="blockList">
-<dl>
-<dt>All Implemented Interfaces:</dt>
-<dd>java.io.Closeable, java.lang.AutoCloseable</dd>
-</dl>
-<hr>
-<br>
-<pre>public class <span class="strong">TJCompressor</span>
-extends java.lang.Object
-implements java.io.Closeable</pre>
-<div class="block">TurboJPEG compressor</div>
-</li>
-</ul>
-</div>
-<div class="summary">
-<ul class="blockList">
-<li class="blockList">
-<!-- ======== CONSTRUCTOR SUMMARY ======== -->
-<ul class="blockList">
-<li class="blockList"><a name="constructor_summary">
-<!--   -->
-</a>
-<h3>Constructor Summary</h3>
-<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Constructor Summary table, listing constructors, and an explanation">
-<caption><span>Constructors</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colOne" scope="col">Constructor and Description</th>
-</tr>
-<tr class="altColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#TJCompressor()">TJCompressor</a></strong>()</code>
-<div class="block">Create a TurboJPEG compressor instance.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#TJCompressor(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)">TJCompressor</a></strong>(java.awt.image.BufferedImage&nbsp;srcImage,
-            int&nbsp;x,
-            int&nbsp;y,
-            int&nbsp;width,
-            int&nbsp;height)</code>
-<div class="block">Create a TurboJPEG compressor instance and associate the uncompressed
- source image stored in <code>srcImage</code> with the newly created
- instance.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#TJCompressor(byte[],%20int,%20int,%20int,%20int)">TJCompressor</a></strong>(byte[]&nbsp;srcImage,
-            int&nbsp;width,
-            int&nbsp;pitch,
-            int&nbsp;height,
-            int&nbsp;pixelFormat)</code>
-<div class="block"><strong>Deprecated.</strong>&nbsp;
-<div class="block"><i>Use
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#TJCompressor(byte[],%20int,%20int,%20int,%20int,%20int,%20int)"><code>TJCompressor(byte[], int, int, int, int, int, int)</code></a> instead.</i></div>
-</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#TJCompressor(byte[],%20int,%20int,%20int,%20int,%20int,%20int)">TJCompressor</a></strong>(byte[]&nbsp;srcImage,
-            int&nbsp;x,
-            int&nbsp;y,
-            int&nbsp;width,
-            int&nbsp;pitch,
-            int&nbsp;height,
-            int&nbsp;pixelFormat)</code>
-<div class="block">Create a TurboJPEG compressor instance and associate the uncompressed
- source image stored in <code>srcImage</code> with the newly created
- instance.</div>
-</td>
-</tr>
-</table>
-</li>
-</ul>
-<!-- ========== METHOD SUMMARY =========== -->
-<ul class="blockList">
-<li class="blockList"><a name="method_summary">
-<!--   -->
-</a>
-<h3>Method Summary</h3>
-<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation">
-<caption><span>Methods</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colFirst" scope="col">Modifier and Type</th>
-<th class="colLast" scope="col">Method and Description</th>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#close()">close</a></strong>()</code>
-<div class="block">Free the native structures associated with this compressor instance.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#compress(java.awt.image.BufferedImage,%20byte[],%20int)">compress</a></strong>(java.awt.image.BufferedImage&nbsp;srcImage,
-        byte[]&nbsp;dstBuf,
-        int&nbsp;flags)</code>
-<div class="block"><strong>Deprecated.</strong>&nbsp;
-<div class="block"><i>Use
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>setSourceImage(BufferedImage, int, int, int, int)</code></a> and
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#compress(byte[],%20int)"><code>compress(byte[], int)</code></a> instead.</i></div>
-</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>byte[]</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#compress(java.awt.image.BufferedImage,%20int)">compress</a></strong>(java.awt.image.BufferedImage&nbsp;srcImage,
-        int&nbsp;flags)</code>
-<div class="block"><strong>Deprecated.</strong>&nbsp;
-<div class="block"><i>Use
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>setSourceImage(BufferedImage, int, int, int, int)</code></a> and
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#compress(int)"><code>compress(int)</code></a> instead.</i></div>
-</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#compress(byte[],%20int)">compress</a></strong>(byte[]&nbsp;dstBuf,
-        int&nbsp;flags)</code>
-<div class="block">Compress the uncompressed source image associated with this compressor
- instance and output a JPEG image to the given destination buffer.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>byte[]</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#compress(int)">compress</a></strong>(int&nbsp;flags)</code>
-<div class="block">Compress the uncompressed source image associated with this compressor
- instance and return a buffer containing a JPEG image.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(java.awt.image.BufferedImage,%20byte[],%20int)">encodeYUV</a></strong>(java.awt.image.BufferedImage&nbsp;srcImage,
-         byte[]&nbsp;dstBuf,
-         int&nbsp;flags)</code>
-<div class="block"><strong>Deprecated.</strong>&nbsp;
-<div class="block"><i>Use
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>setSourceImage(BufferedImage, int, int, int, int)</code></a> and
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(byte[],%20int)"><code>encodeYUV(byte[], int)</code></a> instead.</i></div>
-</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>byte[]</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(java.awt.image.BufferedImage,%20int)">encodeYUV</a></strong>(java.awt.image.BufferedImage&nbsp;srcImage,
-         int&nbsp;flags)</code>
-<div class="block"><strong>Deprecated.</strong>&nbsp;
-<div class="block"><i>Use
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>setSourceImage(BufferedImage, int, int, int, int)</code></a> and
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(int,%20int)"><code>encodeYUV(int, int)</code></a> instead.</i></div>
-</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(byte[],%20int)">encodeYUV</a></strong>(byte[]&nbsp;dstBuf,
-         int&nbsp;flags)</code>
-<div class="block"><strong>Deprecated.</strong>&nbsp;
-<div class="block"><i>Use <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(org.libjpegturbo.turbojpeg.YUVImage,%20int)"><code>encodeYUV(YUVImage, int)</code></a> instead.</i></div>
-</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>byte[]</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(int)">encodeYUV</a></strong>(int&nbsp;flags)</code>
-<div class="block"><strong>Deprecated.</strong>&nbsp;
-<div class="block"><i>Use <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(int,%20int)"><code>encodeYUV(int, int)</code></a> instead.</i></div>
-</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(int[],%20int)">encodeYUV</a></strong>(int[]&nbsp;strides,
-         int&nbsp;flags)</code>
-<div class="block">Encode the uncompressed source image associated with this compressor
- instance into separate Y, U (Cb), and V (Cr) image planes and return a
- <code>YUVImage</code> instance containing the encoded image planes.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(int,%20int)">encodeYUV</a></strong>(int&nbsp;pad,
-         int&nbsp;flags)</code>
-<div class="block">Encode the uncompressed source image associated with this compressor
- instance into a unified YUV planar image buffer and return a
- <code>YUVImage</code> instance containing the encoded image.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(org.libjpegturbo.turbojpeg.YUVImage,%20int)">encodeYUV</a></strong>(<a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a>&nbsp;dstImage,
-         int&nbsp;flags)</code>
-<div class="block">Encode the uncompressed source image associated with this compressor
- instance into a YUV planar image and store it in the given
- <code>YUVImage</code> instance.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>protected void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#finalize()">finalize</a></strong>()</code>&nbsp;</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#getCompressedSize()">getCompressedSize</a></strong>()</code>
-<div class="block">Returns the size of the image (in bytes) generated by the most recent
- compress operation.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setJPEGQuality(int)">setJPEGQuality</a></strong>(int&nbsp;quality)</code>
-<div class="block">Set the JPEG image quality level for subsequent compress operations.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)">setSourceImage</a></strong>(java.awt.image.BufferedImage&nbsp;srcImage,
-              int&nbsp;x,
-              int&nbsp;y,
-              int&nbsp;width,
-              int&nbsp;height)</code>
-<div class="block">Associate an uncompressed RGB or grayscale source image with this
- compressor instance.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(byte[],%20int,%20int,%20int,%20int)">setSourceImage</a></strong>(byte[]&nbsp;srcImage,
-              int&nbsp;width,
-              int&nbsp;pitch,
-              int&nbsp;height,
-              int&nbsp;pixelFormat)</code>
-<div class="block"><strong>Deprecated.</strong>&nbsp;
-<div class="block"><i>Use
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(byte[],%20int,%20int,%20int,%20int,%20int,%20int)"><code>setSourceImage(byte[], int, int, int, int, int, int)</code></a> instead.</i></div>
-</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(byte[],%20int,%20int,%20int,%20int,%20int,%20int)">setSourceImage</a></strong>(byte[]&nbsp;srcImage,
-              int&nbsp;x,
-              int&nbsp;y,
-              int&nbsp;width,
-              int&nbsp;pitch,
-              int&nbsp;height,
-              int&nbsp;pixelFormat)</code>
-<div class="block">Associate an uncompressed RGB, grayscale, or CMYK source image with this
- compressor instance.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(org.libjpegturbo.turbojpeg.YUVImage)">setSourceImage</a></strong>(<a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a>&nbsp;srcImage)</code>
-<div class="block">Associate an uncompressed YUV planar source image with this compressor
- instance.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSubsamp(int)">setSubsamp</a></strong>(int&nbsp;newSubsamp)</code>
-<div class="block">Set the level of chrominance subsampling for subsequent compress/encode
- operations.</div>
-</td>
-</tr>
-</table>
-<ul class="blockList">
-<li class="blockList"><a name="methods_inherited_from_class_java.lang.Object">
-<!--   -->
-</a>
-<h3>Methods inherited from class&nbsp;java.lang.Object</h3>
-<code>clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait</code></li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</div>
-<div class="details">
-<ul class="blockList">
-<li class="blockList">
-<!-- ========= CONSTRUCTOR DETAIL ======== -->
-<ul class="blockList">
-<li class="blockList"><a name="constructor_detail">
-<!--   -->
-</a>
-<h3>Constructor Detail</h3>
-<a name="TJCompressor()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>TJCompressor</h4>
-<pre>public&nbsp;TJCompressor()
-             throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Create a TurboJPEG compressor instance.</div>
-<dl><dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="TJCompressor(byte[], int, int, int, int, int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>TJCompressor</h4>
-<pre>public&nbsp;TJCompressor(byte[]&nbsp;srcImage,
-            int&nbsp;x,
-            int&nbsp;y,
-            int&nbsp;width,
-            int&nbsp;pitch,
-            int&nbsp;height,
-            int&nbsp;pixelFormat)
-             throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Create a TurboJPEG compressor instance and associate the uncompressed
- source image stored in <code>srcImage</code> with the newly created
- instance.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>srcImage</code> - see <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(byte[],%20int,%20int,%20int,%20int,%20int,%20int)"><code>setSourceImage(byte[], int, int, int, int, int, int)</code></a> for description</dd><dd><code>x</code> - see <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(byte[],%20int,%20int,%20int,%20int,%20int,%20int)"><code>setSourceImage(byte[], int, int, int, int, int, int)</code></a> for description</dd><dd><code>y</code> - see <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(byte[],%20int,%20int,%20int,%20int,%20int,%20int)"><code>setSourceImage(byte[], int, int, int, int, int, int)</code></a> for description</dd><dd><code>width</code> - see <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(byte[],%20int,%20int,%20int,%20int,%20int,%20int)"><code>setSourceImage(byte[], int, int, int, int, int, int)</code></a> for description</dd><dd><code>pitch</code> - see <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(byte[],%20int,%20int,%20int,%20int,%20int,%20int)"><code>setSourceImage(byte[], int, int, int, int, int, int)</code></a> for description</dd><dd><code>height</code> - see <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(byte[],%20int,%20int,%20int,%20int,%20int,%20int)"><code>setSourceImage(byte[], int, int, int, int, int, int)</code></a> for description</dd><dd><code>pixelFormat</code> - pixel format of the source image (one of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_RGB"><code>TJ.PF_*</code></a>)</dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="TJCompressor(byte[], int, int, int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>TJCompressor</h4>
-<pre>@Deprecated
-public&nbsp;TJCompressor(byte[]&nbsp;srcImage,
-                       int&nbsp;width,
-                       int&nbsp;pitch,
-                       int&nbsp;height,
-                       int&nbsp;pixelFormat)
-             throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block"><span class="strong">Deprecated.</span>&nbsp;<i>Use
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#TJCompressor(byte[],%20int,%20int,%20int,%20int,%20int,%20int)"><code>TJCompressor(byte[], int, int, int, int, int, int)</code></a> instead.</i></div>
-<dl><dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="TJCompressor(java.awt.image.BufferedImage, int, int, int, int)">
-<!--   -->
-</a>
-<ul class="blockListLast">
-<li class="blockList">
-<h4>TJCompressor</h4>
-<pre>public&nbsp;TJCompressor(java.awt.image.BufferedImage&nbsp;srcImage,
-            int&nbsp;x,
-            int&nbsp;y,
-            int&nbsp;width,
-            int&nbsp;height)
-             throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Create a TurboJPEG compressor instance and associate the uncompressed
- source image stored in <code>srcImage</code> with the newly created
- instance.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>srcImage</code> - see
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>setSourceImage(BufferedImage, int, int, int, int)</code></a> for description</dd><dd><code>x</code> - see
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>setSourceImage(BufferedImage, int, int, int, int)</code></a> for description</dd><dd><code>y</code> - see
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>setSourceImage(BufferedImage, int, int, int, int)</code></a> for description</dd><dd><code>width</code> - see
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>setSourceImage(BufferedImage, int, int, int, int)</code></a> for description</dd><dd><code>height</code> - see
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>setSourceImage(BufferedImage, int, int, int, int)</code></a> for description</dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-</li>
-</ul>
-<!-- ============ METHOD DETAIL ========== -->
-<ul class="blockList">
-<li class="blockList"><a name="method_detail">
-<!--   -->
-</a>
-<h3>Method Detail</h3>
-<a name="setSourceImage(byte[], int, int, int, int, int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>setSourceImage</h4>
-<pre>public&nbsp;void&nbsp;setSourceImage(byte[]&nbsp;srcImage,
-                  int&nbsp;x,
-                  int&nbsp;y,
-                  int&nbsp;width,
-                  int&nbsp;pitch,
-                  int&nbsp;height,
-                  int&nbsp;pixelFormat)
-                    throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Associate an uncompressed RGB, grayscale, or CMYK source image with this
- compressor instance.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>srcImage</code> - image buffer containing RGB, grayscale, or CMYK pixels to
- be compressed or encoded.  This buffer is not modified.</dd><dd><code>x</code> - x offset (in pixels) of the region in the source image from which
- the JPEG or YUV image should be compressed/encoded</dd><dd><code>y</code> - y offset (in pixels) of the region in the source image from which
- the JPEG or YUV image should be compressed/encoded</dd><dd><code>width</code> - width (in pixels) of the region in the source image from
- which the JPEG or YUV image should be compressed/encoded</dd><dd><code>pitch</code> - bytes per line of the source image.  Normally, this should be
- <code>width * TJ.pixelSize(pixelFormat)</code> if the source image is
- unpadded, but you can use this parameter to, for instance, specify that
- the scanlines in the source image are padded to a 4-byte boundary or to
- compress/encode a JPEG or YUV image from a region of a larger source
- image.  You can also be clever and use this parameter to skip lines, etc.
- Setting this parameter to 0 is the equivalent of setting it to
- <code>width * TJ.pixelSize(pixelFormat)</code>.</dd><dd><code>height</code> - height (in pixels) of the region in the source image from
- which the JPEG or YUV image should be compressed/encoded</dd><dd><code>pixelFormat</code> - pixel format of the source image (one of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_RGB"><code>TJ.PF_*</code></a>)</dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="setSourceImage(byte[], int, int, int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>setSourceImage</h4>
-<pre>@Deprecated
-public&nbsp;void&nbsp;setSourceImage(byte[]&nbsp;srcImage,
-                             int&nbsp;width,
-                             int&nbsp;pitch,
-                             int&nbsp;height,
-                             int&nbsp;pixelFormat)
-                    throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block"><span class="strong">Deprecated.</span>&nbsp;<i>Use
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(byte[],%20int,%20int,%20int,%20int,%20int,%20int)"><code>setSourceImage(byte[], int, int, int, int, int, int)</code></a> instead.</i></div>
-<dl><dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="setSourceImage(java.awt.image.BufferedImage, int, int, int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>setSourceImage</h4>
-<pre>public&nbsp;void&nbsp;setSourceImage(java.awt.image.BufferedImage&nbsp;srcImage,
-                  int&nbsp;x,
-                  int&nbsp;y,
-                  int&nbsp;width,
-                  int&nbsp;height)
-                    throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Associate an uncompressed RGB or grayscale source image with this
- compressor instance.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>srcImage</code> - a <code>BufferedImage</code> instance containing RGB or
- grayscale pixels to be compressed or encoded.  This image is not modified.</dd><dd><code>x</code> - x offset (in pixels) of the region in the source image from which
- the JPEG or YUV image should be compressed/encoded</dd><dd><code>y</code> - y offset (in pixels) of the region in the source image from which
- the JPEG or YUV image should be compressed/encoded</dd><dd><code>width</code> - width (in pixels) of the region in the source image from
- which the JPEG or YUV image should be compressed/encoded (0 = use the
- width of the source image)</dd><dd><code>height</code> - height (in pixels) of the region in the source image from
- which the JPEG or YUV image should be compressed/encoded (0 = use the
- height of the source image)</dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="setSourceImage(org.libjpegturbo.turbojpeg.YUVImage)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>setSourceImage</h4>
-<pre>public&nbsp;void&nbsp;setSourceImage(<a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a>&nbsp;srcImage)
-                    throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Associate an uncompressed YUV planar source image with this compressor
- instance.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>srcImage</code> - YUV planar image to be compressed.  This image is not
- modified.</dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="setSubsamp(int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>setSubsamp</h4>
-<pre>public&nbsp;void&nbsp;setSubsamp(int&nbsp;newSubsamp)</pre>
-<div class="block">Set the level of chrominance subsampling for subsequent compress/encode
- operations.  When pixels are converted from RGB to YCbCr (see
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#CS_YCbCr"><code>TJ.CS_YCbCr</code></a>) or from CMYK to YCCK (see <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#CS_YCCK"><code>TJ.CS_YCCK</code></a>) as part
- of the JPEG compression process, some of the Cb and Cr (chrominance)
- components can be discarded or averaged together to produce a smaller
- image with little perceptible loss of image clarity (the human eye is more
- sensitive to small changes in brightness than to small changes in color.)
- This is called "chrominance subsampling".
- <p>
- NOTE: This method has no effect when compressing a JPEG image from a YUV
- planar source.  In that case, the level of chrominance subsampling in
- the JPEG image is determined by the source.  Furthermore, this method has
- no effect when encoding to a pre-allocated <a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg"><code>YUVImage</code></a> instance.  In
- that case, the level of chrominance subsampling is determined by the
- destination.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>newSubsamp</code> - the level of chrominance subsampling to use in
- subsequent compress/encode oeprations (one of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#SAMP_444"><code>TJ.SAMP_*</code></a>)</dd></dl>
-</li>
-</ul>
-<a name="setJPEGQuality(int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>setJPEGQuality</h4>
-<pre>public&nbsp;void&nbsp;setJPEGQuality(int&nbsp;quality)</pre>
-<div class="block">Set the JPEG image quality level for subsequent compress operations.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>quality</code> - the new JPEG image quality level (1 to 100, 1 = worst,
- 100 = best)</dd></dl>
-</li>
-</ul>
-<a name="compress(byte[], int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>compress</h4>
-<pre>public&nbsp;void&nbsp;compress(byte[]&nbsp;dstBuf,
-            int&nbsp;flags)
-              throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Compress the uncompressed source image associated with this compressor
- instance and output a JPEG image to the given destination buffer.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>dstBuf</code> - buffer that will receive the JPEG image.  Use
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#bufSize(int,%20int,%20int)"><code>TJ.bufSize(int, int, int)</code></a> to determine the maximum size for this buffer based on
- the source image's width and height and the desired level of chrominance
- subsampling.</dd><dd><code>flags</code> - the bitwise OR of one or more of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_BOTTOMUP"><code>TJ.FLAG_*</code></a></dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="compress(int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>compress</h4>
-<pre>public&nbsp;byte[]&nbsp;compress(int&nbsp;flags)
-                throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Compress the uncompressed source image associated with this compressor
- instance and return a buffer containing a JPEG image.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>flags</code> - the bitwise OR of one or more of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_BOTTOMUP"><code>TJ.FLAG_*</code></a></dd>
-<dt><span class="strong">Returns:</span></dt><dd>a buffer containing a JPEG image.  The length of this buffer will
- not be equal to the size of the JPEG image.  Use <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#getCompressedSize()"><code>getCompressedSize()</code></a> to obtain the size of the JPEG image.</dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="compress(java.awt.image.BufferedImage, byte[], int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>compress</h4>
-<pre>@Deprecated
-public&nbsp;void&nbsp;compress(java.awt.image.BufferedImage&nbsp;srcImage,
-                       byte[]&nbsp;dstBuf,
-                       int&nbsp;flags)
-              throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block"><span class="strong">Deprecated.</span>&nbsp;<i>Use
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>setSourceImage(BufferedImage, int, int, int, int)</code></a> and
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#compress(byte[],%20int)"><code>compress(byte[], int)</code></a> instead.</i></div>
-<dl><dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="compress(java.awt.image.BufferedImage, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>compress</h4>
-<pre>@Deprecated
-public&nbsp;byte[]&nbsp;compress(java.awt.image.BufferedImage&nbsp;srcImage,
-                         int&nbsp;flags)
-                throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block"><span class="strong">Deprecated.</span>&nbsp;<i>Use
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>setSourceImage(BufferedImage, int, int, int, int)</code></a> and
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#compress(int)"><code>compress(int)</code></a> instead.</i></div>
-<dl><dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="encodeYUV(org.libjpegturbo.turbojpeg.YUVImage, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>encodeYUV</h4>
-<pre>public&nbsp;void&nbsp;encodeYUV(<a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a>&nbsp;dstImage,
-             int&nbsp;flags)
-               throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Encode the uncompressed source image associated with this compressor
- instance into a YUV planar image and store it in the given
- <code>YUVImage</code> instance.   This method uses the accelerated color
- conversion routines in TurboJPEG's underlying codec but does not execute
- any of the other steps in the JPEG compression process.  Encoding
- CMYK source images to YUV is not supported.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>dstImage</code> - <a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg"><code>YUVImage</code></a> instance that will receive the YUV planar
- image</dd><dd><code>flags</code> - the bitwise OR of one or more of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_BOTTOMUP"><code>TJ.FLAG_*</code></a></dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="encodeYUV(byte[], int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>encodeYUV</h4>
-<pre>@Deprecated
-public&nbsp;void&nbsp;encodeYUV(byte[]&nbsp;dstBuf,
-                        int&nbsp;flags)
-               throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block"><span class="strong">Deprecated.</span>&nbsp;<i>Use <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(org.libjpegturbo.turbojpeg.YUVImage,%20int)"><code>encodeYUV(YUVImage, int)</code></a> instead.</i></div>
-<dl><dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="encodeYUV(int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>encodeYUV</h4>
-<pre>public&nbsp;<a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a>&nbsp;encodeYUV(int&nbsp;pad,
-                 int&nbsp;flags)
-                   throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Encode the uncompressed source image associated with this compressor
- instance into a unified YUV planar image buffer and return a
- <code>YUVImage</code> instance containing the encoded image.  This method
- uses the accelerated color conversion routines in TurboJPEG's underlying
- codec but does not execute any of the other steps in the JPEG compression
- process.  Encoding CMYK source images to YUV is not supported.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>pad</code> - the width of each line in each plane of the YUV image will be
- padded to the nearest multiple of this number of bytes (must be a power of
- 2.)</dd><dd><code>flags</code> - the bitwise OR of one or more of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_BOTTOMUP"><code>TJ.FLAG_*</code></a></dd>
-<dt><span class="strong">Returns:</span></dt><dd>a YUV planar image.</dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="encodeYUV(int[], int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>encodeYUV</h4>
-<pre>public&nbsp;<a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a>&nbsp;encodeYUV(int[]&nbsp;strides,
-                 int&nbsp;flags)
-                   throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Encode the uncompressed source image associated with this compressor
- instance into separate Y, U (Cb), and V (Cr) image planes and return a
- <code>YUVImage</code> instance containing the encoded image planes.  This
- method uses the accelerated color conversion routines in TurboJPEG's
- underlying codec but does not execute any of the other steps in the JPEG
- compression process.  Encoding CMYK source images to YUV is not supported.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>strides</code> - an array of integers, each specifying the number of bytes
- per line in the corresponding plane of the output image.  Setting the
- stride for any plane to 0 is the same as setting it to the component width
- of the plane.  If <code>strides</code> is null, then the strides for all
- planes will be set to their respective component widths.  You can adjust
- the strides in order to add an arbitrary amount of line padding to each
- plane.</dd><dd><code>flags</code> - the bitwise OR of one or more of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_BOTTOMUP"><code>TJ.FLAG_*</code></a></dd>
-<dt><span class="strong">Returns:</span></dt><dd>a YUV planar image.</dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="encodeYUV(int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>encodeYUV</h4>
-<pre>@Deprecated
-public&nbsp;byte[]&nbsp;encodeYUV(int&nbsp;flags)
-                 throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block"><span class="strong">Deprecated.</span>&nbsp;<i>Use <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(int,%20int)"><code>encodeYUV(int, int)</code></a> instead.</i></div>
-<dl><dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="encodeYUV(java.awt.image.BufferedImage, byte[], int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>encodeYUV</h4>
-<pre>@Deprecated
-public&nbsp;void&nbsp;encodeYUV(java.awt.image.BufferedImage&nbsp;srcImage,
-                        byte[]&nbsp;dstBuf,
-                        int&nbsp;flags)
-               throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block"><span class="strong">Deprecated.</span>&nbsp;<i>Use
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>setSourceImage(BufferedImage, int, int, int, int)</code></a> and
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(byte[],%20int)"><code>encodeYUV(byte[], int)</code></a> instead.</i></div>
-<dl><dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="encodeYUV(java.awt.image.BufferedImage, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>encodeYUV</h4>
-<pre>@Deprecated
-public&nbsp;byte[]&nbsp;encodeYUV(java.awt.image.BufferedImage&nbsp;srcImage,
-                          int&nbsp;flags)
-                 throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block"><span class="strong">Deprecated.</span>&nbsp;<i>Use
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#setSourceImage(java.awt.image.BufferedImage,%20int,%20int,%20int,%20int)"><code>setSourceImage(BufferedImage, int, int, int, int)</code></a> and
- <a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html#encodeYUV(int,%20int)"><code>encodeYUV(int, int)</code></a> instead.</i></div>
-<dl><dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="getCompressedSize()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getCompressedSize</h4>
-<pre>public&nbsp;int&nbsp;getCompressedSize()</pre>
-<div class="block">Returns the size of the image (in bytes) generated by the most recent
- compress operation.</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>the size of the image (in bytes) generated by the most recent
- compress operation.</dd></dl>
-</li>
-</ul>
-<a name="close()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>close</h4>
-<pre>public&nbsp;void&nbsp;close()
-           throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Free the native structures associated with this compressor instance.</div>
-<dl>
-<dt><strong>Specified by:</strong></dt>
-<dd><code>close</code>&nbsp;in interface&nbsp;<code>java.io.Closeable</code></dd>
-<dt><strong>Specified by:</strong></dt>
-<dd><code>close</code>&nbsp;in interface&nbsp;<code>java.lang.AutoCloseable</code></dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="finalize()">
-<!--   -->
-</a>
-<ul class="blockListLast">
-<li class="blockList">
-<h4>finalize</h4>
-<pre>protected&nbsp;void&nbsp;finalize()
-                 throws java.lang.Throwable</pre>
-<dl>
-<dt><strong>Overrides:</strong></dt>
-<dd><code>finalize</code>&nbsp;in class&nbsp;<code>java.lang.Object</code></dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code>java.lang.Throwable</code></dd></dl>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</div>
-</div>
-<!-- ========= END OF CLASS DATA ========= -->
-<!-- ======= START OF BOTTOM NAVBAR ====== -->
-<div class="bottomNav"><a name="navbar_bottom">
-<!--   -->
-</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li class="navBarCell1Rev">Class</li>
-<li><a href="package-tree.html">Tree</a></li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Prev Class</span></a></li>
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg"><span class="strong">Next Class</span></a></li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/TJCompressor.html" target="_top">Frames</a></li>
-<li><a href="TJCompressor.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_bottom">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_bottom");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<div>
-<ul class="subNavList">
-<li>Summary:&nbsp;</li>
-<li>Nested&nbsp;|&nbsp;</li>
-<li>Field&nbsp;|&nbsp;</li>
-<li><a href="#constructor_summary">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_summary">Method</a></li>
-</ul>
-<ul class="subNavList">
-<li>Detail:&nbsp;</li>
-<li>Field&nbsp;|&nbsp;</li>
-<li><a href="#constructor_detail">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_detail">Method</a></li>
-</ul>
-</div>
-<a name="skip-navbar_bottom">
-<!--   -->
-</a></div>
-<!-- ======== END OF BOTTOM NAVBAR ======= -->
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJCustomFilter.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJCustomFilter.html
deleted file mode 100644
index 412dcd4..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJCustomFilter.html
+++ /dev/null
@@ -1,241 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>TJCustomFilter</title>
-<link rel="stylesheet" type="text/css" href="../../../stylesheet.css" title="Style">
-</head>
-<body>
-<script type="text/javascript"><!--
-    try {
-        if (location.href.indexOf('is-external=true') == -1) {
-            parent.document.title="TJCustomFilter";
-        }
-    }
-    catch(err) {
-    }
-//-->
-</script>
-<noscript>
-<div>JavaScript is disabled on your browser.</div>
-</noscript>
-<!-- ========= START OF TOP NAVBAR ======= -->
-<div class="topNav"><a name="navbar_top">
-<!--   -->
-</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li class="navBarCell1Rev">Class</li>
-<li><a href="package-tree.html">Tree</a></li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Prev Class</span></a></li>
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Next Class</span></a></li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/TJCustomFilter.html" target="_top">Frames</a></li>
-<li><a href="TJCustomFilter.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_top">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_top");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<div>
-<ul class="subNavList">
-<li>Summary:&nbsp;</li>
-<li>Nested&nbsp;|&nbsp;</li>
-<li>Field&nbsp;|&nbsp;</li>
-<li>Constr&nbsp;|&nbsp;</li>
-<li><a href="#method_summary">Method</a></li>
-</ul>
-<ul class="subNavList">
-<li>Detail:&nbsp;</li>
-<li>Field&nbsp;|&nbsp;</li>
-<li>Constr&nbsp;|&nbsp;</li>
-<li><a href="#method_detail">Method</a></li>
-</ul>
-</div>
-<a name="skip-navbar_top">
-<!--   -->
-</a></div>
-<!-- ========= END OF TOP NAVBAR ========= -->
-<!-- ======== START OF CLASS DATA ======== -->
-<div class="header">
-<div class="subTitle">org.libjpegturbo.turbojpeg</div>
-<h2 title="Interface TJCustomFilter" class="title">Interface TJCustomFilter</h2>
-</div>
-<div class="contentContainer">
-<div class="description">
-<ul class="blockList">
-<li class="blockList">
-<hr>
-<br>
-<pre>public interface <span class="strong">TJCustomFilter</span></pre>
-<div class="block">Custom filter callback interface</div>
-</li>
-</ul>
-</div>
-<div class="summary">
-<ul class="blockList">
-<li class="blockList">
-<!-- ========== METHOD SUMMARY =========== -->
-<ul class="blockList">
-<li class="blockList"><a name="method_summary">
-<!--   -->
-</a>
-<h3>Method Summary</h3>
-<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation">
-<caption><span>Methods</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colFirst" scope="col">Modifier and Type</th>
-<th class="colLast" scope="col">Method and Description</th>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJCustomFilter.html#customFilter(java.nio.ShortBuffer,%20java.awt.Rectangle,%20java.awt.Rectangle,%20int,%20int,%20org.libjpegturbo.turbojpeg.TJTransform)">customFilter</a></strong>(java.nio.ShortBuffer&nbsp;coeffBuffer,
-            java.awt.Rectangle&nbsp;bufferRegion,
-            java.awt.Rectangle&nbsp;planeRegion,
-            int&nbsp;componentID,
-            int&nbsp;transformID,
-            <a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a>&nbsp;transform)</code>
-<div class="block">A callback function that can be used to modify the DCT coefficients after
- they are losslessly transformed but before they are transcoded to a new
- JPEG image.</div>
-</td>
-</tr>
-</table>
-</li>
-</ul>
-</li>
-</ul>
-</div>
-<div class="details">
-<ul class="blockList">
-<li class="blockList">
-<!-- ============ METHOD DETAIL ========== -->
-<ul class="blockList">
-<li class="blockList"><a name="method_detail">
-<!--   -->
-</a>
-<h3>Method Detail</h3>
-<a name="customFilter(java.nio.ShortBuffer, java.awt.Rectangle, java.awt.Rectangle, int, int, org.libjpegturbo.turbojpeg.TJTransform)">
-<!--   -->
-</a>
-<ul class="blockListLast">
-<li class="blockList">
-<h4>customFilter</h4>
-<pre>void&nbsp;customFilter(java.nio.ShortBuffer&nbsp;coeffBuffer,
-                java.awt.Rectangle&nbsp;bufferRegion,
-                java.awt.Rectangle&nbsp;planeRegion,
-                int&nbsp;componentID,
-                int&nbsp;transformID,
-                <a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a>&nbsp;transform)
-                  throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">A callback function that can be used to modify the DCT coefficients after
- they are losslessly transformed but before they are transcoded to a new
- JPEG image.  This allows for custom filters or other transformations to be
- applied in the frequency domain.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>coeffBuffer</code> - a buffer containing transformed DCT coefficients.
- (NOTE: this buffer is not guaranteed to be valid once the callback
- returns, so applications wishing to hand off the DCT coefficients to
- another function or library should make a copy of them within the body of
- the callback.)</dd><dd><code>bufferRegion</code> - rectangle containing the width and height of
- <code>coeffBuffer</code> as well as its offset relative to the component
- plane.  TurboJPEG implementations may choose to split each component plane
- into multiple DCT coefficient buffers and call the callback function once
- for each buffer.</dd><dd><code>planeRegion</code> - rectangle containing the width and height of the
- component plane to which <code>coeffBuffer</code> belongs</dd><dd><code>componentID</code> - ID number of the component plane to which
- <code>coeffBuffer</code> belongs (Y, Cb, and Cr have, respectively, ID's
- of 0, 1, and 2 in typical JPEG images.)</dd><dd><code>transformID</code> - ID number of the transformed image to which
- <code>coeffBuffer</code> belongs.  This is the same as the index of the
- transform in the <code>transforms</code> array that was passed to <a href="../../../org/libjpegturbo/turbojpeg/TJTransformer.html#transform(byte[][],%20org.libjpegturbo.turbojpeg.TJTransform[],%20int)"><code>TJTransformer.transform()</code></a>.</dd><dd><code>transform</code> - a <a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg"><code>TJTransform</code></a> instance that specifies the
- parameters and/or cropping region for this transform</dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</div>
-</div>
-<!-- ========= END OF CLASS DATA ========= -->
-<!-- ======= START OF BOTTOM NAVBAR ====== -->
-<div class="bottomNav"><a name="navbar_bottom">
-<!--   -->
-</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li class="navBarCell1Rev">Class</li>
-<li><a href="package-tree.html">Tree</a></li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Prev Class</span></a></li>
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Next Class</span></a></li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/TJCustomFilter.html" target="_top">Frames</a></li>
-<li><a href="TJCustomFilter.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_bottom">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_bottom");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<div>
-<ul class="subNavList">
-<li>Summary:&nbsp;</li>
-<li>Nested&nbsp;|&nbsp;</li>
-<li>Field&nbsp;|&nbsp;</li>
-<li>Constr&nbsp;|&nbsp;</li>
-<li><a href="#method_summary">Method</a></li>
-</ul>
-<ul class="subNavList">
-<li>Detail:&nbsp;</li>
-<li>Field&nbsp;|&nbsp;</li>
-<li>Constr&nbsp;|&nbsp;</li>
-<li><a href="#method_detail">Method</a></li>
-</ul>
-</div>
-<a name="skip-navbar_bottom">
-<!--   -->
-</a></div>
-<!-- ======== END OF BOTTOM NAVBAR ======= -->
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJDecompressor.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJDecompressor.html
deleted file mode 100644
index b281e32..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJDecompressor.html
+++ /dev/null
@@ -1,1255 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>TJDecompressor</title>
-<link rel="stylesheet" type="text/css" href="../../../stylesheet.css" title="Style">
-</head>
-<body>
-<script type="text/javascript"><!--
-    try {
-        if (location.href.indexOf('is-external=true') == -1) {
-            parent.document.title="TJDecompressor";
-        }
-    }
-    catch(err) {
-    }
-//-->
-</script>
-<noscript>
-<div>JavaScript is disabled on your browser.</div>
-</noscript>
-<!-- ========= START OF TOP NAVBAR ======= -->
-<div class="topNav"><a name="navbar_top">
-<!--   -->
-</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li class="navBarCell1Rev">Class</li>
-<li><a href="package-tree.html">Tree</a></li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg"><span class="strong">Prev Class</span></a></li>
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Next Class</span></a></li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/TJDecompressor.html" target="_top">Frames</a></li>
-<li><a href="TJDecompressor.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_top">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_top");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<div>
-<ul class="subNavList">
-<li>Summary:&nbsp;</li>
-<li>Nested&nbsp;|&nbsp;</li>
-<li><a href="#field_summary">Field</a>&nbsp;|&nbsp;</li>
-<li><a href="#constructor_summary">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_summary">Method</a></li>
-</ul>
-<ul class="subNavList">
-<li>Detail:&nbsp;</li>
-<li><a href="#field_detail">Field</a>&nbsp;|&nbsp;</li>
-<li><a href="#constructor_detail">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_detail">Method</a></li>
-</ul>
-</div>
-<a name="skip-navbar_top">
-<!--   -->
-</a></div>
-<!-- ========= END OF TOP NAVBAR ========= -->
-<!-- ======== START OF CLASS DATA ======== -->
-<div class="header">
-<div class="subTitle">org.libjpegturbo.turbojpeg</div>
-<h2 title="Class TJDecompressor" class="title">Class TJDecompressor</h2>
-</div>
-<div class="contentContainer">
-<ul class="inheritance">
-<li>java.lang.Object</li>
-<li>
-<ul class="inheritance">
-<li>org.libjpegturbo.turbojpeg.TJDecompressor</li>
-</ul>
-</li>
-</ul>
-<div class="description">
-<ul class="blockList">
-<li class="blockList">
-<dl>
-<dt>All Implemented Interfaces:</dt>
-<dd>java.io.Closeable, java.lang.AutoCloseable</dd>
-</dl>
-<dl>
-<dt>Direct Known Subclasses:</dt>
-<dd><a href="../../../org/libjpegturbo/turbojpeg/TJTransformer.html" title="class in org.libjpegturbo.turbojpeg">TJTransformer</a></dd>
-</dl>
-<hr>
-<br>
-<pre>public class <span class="strong">TJDecompressor</span>
-extends java.lang.Object
-implements java.io.Closeable</pre>
-<div class="block">TurboJPEG decompressor</div>
-</li>
-</ul>
-</div>
-<div class="summary">
-<ul class="blockList">
-<li class="blockList">
-<!-- =========== FIELD SUMMARY =========== -->
-<ul class="blockList">
-<li class="blockList"><a name="field_summary">
-<!--   -->
-</a>
-<h3>Field Summary</h3>
-<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Field Summary table, listing fields, and an explanation">
-<caption><span>Fields</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colFirst" scope="col">Modifier and Type</th>
-<th class="colLast" scope="col">Field and Description</th>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>protected long</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#handle">handle</a></strong></code>&nbsp;</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>protected byte[]</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#jpegBuf">jpegBuf</a></strong></code>&nbsp;</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>protected int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#jpegBufSize">jpegBufSize</a></strong></code>&nbsp;</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>protected int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#jpegColorspace">jpegColorspace</a></strong></code>&nbsp;</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>protected int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#jpegHeight">jpegHeight</a></strong></code>&nbsp;</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>protected int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#jpegSubsamp">jpegSubsamp</a></strong></code>&nbsp;</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>protected int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#jpegWidth">jpegWidth</a></strong></code>&nbsp;</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>protected <a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#yuvImage">yuvImage</a></strong></code>&nbsp;</td>
-</tr>
-</table>
-</li>
-</ul>
-<!-- ======== CONSTRUCTOR SUMMARY ======== -->
-<ul class="blockList">
-<li class="blockList"><a name="constructor_summary">
-<!--   -->
-</a>
-<h3>Constructor Summary</h3>
-<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Constructor Summary table, listing constructors, and an explanation">
-<caption><span>Constructors</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colOne" scope="col">Constructor and Description</th>
-</tr>
-<tr class="altColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#TJDecompressor()">TJDecompressor</a></strong>()</code>
-<div class="block">Create a TurboJPEG decompresssor instance.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#TJDecompressor(byte[])">TJDecompressor</a></strong>(byte[]&nbsp;jpegImage)</code>
-<div class="block">Create a TurboJPEG decompressor instance and associate the JPEG source
- image stored in <code>jpegImage</code> with the newly created instance.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#TJDecompressor(byte[],%20int)">TJDecompressor</a></strong>(byte[]&nbsp;jpegImage,
-              int&nbsp;imageSize)</code>
-<div class="block">Create a TurboJPEG decompressor instance and associate the JPEG source
- image of length <code>imageSize</code> bytes stored in
- <code>jpegImage</code> with the newly created instance.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#TJDecompressor(org.libjpegturbo.turbojpeg.YUVImage)">TJDecompressor</a></strong>(<a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a>&nbsp;yuvImage)</code>
-<div class="block">Create a TurboJPEG decompressor instance and associate the YUV planar
- source image stored in <code>yuvImage</code> with the newly created
- instance.</div>
-</td>
-</tr>
-</table>
-</li>
-</ul>
-<!-- ========== METHOD SUMMARY =========== -->
-<ul class="blockList">
-<li class="blockList"><a name="method_summary">
-<!--   -->
-</a>
-<h3>Method Summary</h3>
-<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation">
-<caption><span>Methods</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colFirst" scope="col">Modifier and Type</th>
-<th class="colLast" scope="col">Method and Description</th>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#close()">close</a></strong>()</code>
-<div class="block">Free the native structures associated with this decompressor instance.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(java.awt.image.BufferedImage,%20int)">decompress</a></strong>(java.awt.image.BufferedImage&nbsp;dstImage,
-          int&nbsp;flags)</code>
-<div class="block">Decompress the JPEG source image or decode the YUV source image associated
- with this decompressor instance and output a decompressed/decoded image to
- the given <code>BufferedImage</code> instance.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(byte[],%20int,%20int,%20int,%20int,%20int)">decompress</a></strong>(byte[]&nbsp;dstBuf,
-          int&nbsp;desiredWidth,
-          int&nbsp;pitch,
-          int&nbsp;desiredHeight,
-          int&nbsp;pixelFormat,
-          int&nbsp;flags)</code>
-<div class="block"><strong>Deprecated.</strong>&nbsp;
-<div class="block"><i>Use
- <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(byte[],%20int,%20int,%20int,%20int,%20int,%20int,%20int)"><code>decompress(byte[], int, int, int, int, int, int, int)</code></a> instead.</i></div>
-</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(byte[],%20int,%20int,%20int,%20int,%20int,%20int,%20int)">decompress</a></strong>(byte[]&nbsp;dstBuf,
-          int&nbsp;x,
-          int&nbsp;y,
-          int&nbsp;desiredWidth,
-          int&nbsp;pitch,
-          int&nbsp;desiredHeight,
-          int&nbsp;pixelFormat,
-          int&nbsp;flags)</code>
-<div class="block">Decompress the JPEG source image or decode the YUV source image associated
- with this decompressor instance and output a grayscale, RGB, or CMYK image
- to the given destination buffer.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(int[],%20int,%20int,%20int,%20int,%20int,%20int,%20int)">decompress</a></strong>(int[]&nbsp;dstBuf,
-          int&nbsp;x,
-          int&nbsp;y,
-          int&nbsp;desiredWidth,
-          int&nbsp;stride,
-          int&nbsp;desiredHeight,
-          int&nbsp;pixelFormat,
-          int&nbsp;flags)</code>
-<div class="block">Decompress the JPEG source image or decode the YUV source image associated
- with this decompressor instance and output a grayscale, RGB, or CMYK image
- to the given destination buffer.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>java.awt.image.BufferedImage</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(int,%20int,%20int,%20int)">decompress</a></strong>(int&nbsp;desiredWidth,
-          int&nbsp;desiredHeight,
-          int&nbsp;bufferedImageType,
-          int&nbsp;flags)</code>
-<div class="block">Decompress the JPEG source image or decode the YUV source image associated
- with this decompressor instance and return a <code>BufferedImage</code>
- instance containing the decompressed/decoded image.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>byte[]</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(int,%20int,%20int,%20int,%20int)">decompress</a></strong>(int&nbsp;desiredWidth,
-          int&nbsp;pitch,
-          int&nbsp;desiredHeight,
-          int&nbsp;pixelFormat,
-          int&nbsp;flags)</code>
-<div class="block">Decompress the JPEG source image associated with this decompressor
- instance and return a buffer containing the decompressed image.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(byte[],%20int)">decompressToYUV</a></strong>(byte[]&nbsp;dstBuf,
-               int&nbsp;flags)</code>
-<div class="block"><strong>Deprecated.</strong>&nbsp;
-<div class="block"><i>Use <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(org.libjpegturbo.turbojpeg.YUVImage,%20int)"><code>decompressToYUV(YUVImage, int)</code></a> instead.</i></div>
-</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>byte[]</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(int)">decompressToYUV</a></strong>(int&nbsp;flags)</code>
-<div class="block"><strong>Deprecated.</strong>&nbsp;
-<div class="block"><i>Use <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(int,%20int,%20int,%20int)"><code>decompressToYUV(int, int, int, int)</code></a> instead.</i></div>
-</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(int,%20int[],%20int,%20int)">decompressToYUV</a></strong>(int&nbsp;desiredWidth,
-               int[]&nbsp;strides,
-               int&nbsp;desiredHeight,
-               int&nbsp;flags)</code>
-<div class="block">Decompress the JPEG source image associated with this decompressor
- instance into a set of Y, U (Cb), and V (Cr) image planes and return a
- <code>YUVImage</code> instance containing the decompressed image planes.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(int,%20int,%20int,%20int)">decompressToYUV</a></strong>(int&nbsp;desiredWidth,
-               int&nbsp;pad,
-               int&nbsp;desiredHeight,
-               int&nbsp;flags)</code>
-<div class="block">Decompress the JPEG source image associated with this decompressor
- instance into a unified YUV planar image buffer and return a
- <code>YUVImage</code> instance containing the decompressed image.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(org.libjpegturbo.turbojpeg.YUVImage,%20int)">decompressToYUV</a></strong>(<a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a>&nbsp;dstImage,
-               int&nbsp;flags)</code>
-<div class="block">Decompress the JPEG source image associated with this decompressor
- instance into a YUV planar image and store it in the given
- <code>YUVImage</code> instance.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>protected void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#finalize()">finalize</a></strong>()</code>&nbsp;</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#getColorspace()">getColorspace</a></strong>()</code>
-<div class="block">Returns the colorspace used in the source image (JPEG or YUV) associated
- with this decompressor instance.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#getHeight()">getHeight</a></strong>()</code>
-<div class="block">Returns the height of the source image (JPEG or YUV) associated with this
- decompressor instance.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>byte[]</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#getJPEGBuf()">getJPEGBuf</a></strong>()</code>
-<div class="block">Returns the JPEG image buffer associated with this decompressor instance.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#getJPEGSize()">getJPEGSize</a></strong>()</code>
-<div class="block">Returns the size of the JPEG image (in bytes) associated with this
- decompressor instance.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#getScaledHeight(int,%20int)">getScaledHeight</a></strong>(int&nbsp;desiredWidth,
-               int&nbsp;desiredHeight)</code>
-<div class="block">Returns the height of the largest scaled-down image that the TurboJPEG
- decompressor can generate without exceeding the desired image width and
- height.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#getScaledWidth(int,%20int)">getScaledWidth</a></strong>(int&nbsp;desiredWidth,
-              int&nbsp;desiredHeight)</code>
-<div class="block">Returns the width of the largest scaled-down image that the TurboJPEG
- decompressor can generate without exceeding the desired image width and
- height.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#getSubsamp()">getSubsamp</a></strong>()</code>
-<div class="block">Returns the level of chrominance subsampling used in the source image
- (JPEG or YUV) associated with this decompressor instance.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#getWidth()">getWidth</a></strong>()</code>
-<div class="block">Returns the width of the source image (JPEG or YUV) associated with this
- decompressor instance.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#setJPEGImage(byte[],%20int)">setJPEGImage</a></strong>(byte[]&nbsp;jpegImage,
-            int&nbsp;imageSize)</code>
-<div class="block"><strong>Deprecated.</strong>&nbsp;
-<div class="block"><i>Use <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#setSourceImage(byte[],%20int)"><code>setSourceImage(byte[], int)</code></a> instead.</i></div>
-</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#setSourceImage(byte[],%20int)">setSourceImage</a></strong>(byte[]&nbsp;jpegImage,
-              int&nbsp;imageSize)</code>
-<div class="block">Associate the JPEG image of length <code>imageSize</code> bytes stored in
- <code>jpegImage</code> with this decompressor instance.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#setSourceImage(org.libjpegturbo.turbojpeg.YUVImage)">setSourceImage</a></strong>(<a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a>&nbsp;srcImage)</code>
-<div class="block">Associate the specified YUV planar source image with this decompressor
- instance.</div>
-</td>
-</tr>
-</table>
-<ul class="blockList">
-<li class="blockList"><a name="methods_inherited_from_class_java.lang.Object">
-<!--   -->
-</a>
-<h3>Methods inherited from class&nbsp;java.lang.Object</h3>
-<code>clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait</code></li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</div>
-<div class="details">
-<ul class="blockList">
-<li class="blockList">
-<!-- ============ FIELD DETAIL =========== -->
-<ul class="blockList">
-<li class="blockList"><a name="field_detail">
-<!--   -->
-</a>
-<h3>Field Detail</h3>
-<a name="handle">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>handle</h4>
-<pre>protected&nbsp;long handle</pre>
-</li>
-</ul>
-<a name="jpegBuf">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>jpegBuf</h4>
-<pre>protected&nbsp;byte[] jpegBuf</pre>
-</li>
-</ul>
-<a name="jpegBufSize">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>jpegBufSize</h4>
-<pre>protected&nbsp;int jpegBufSize</pre>
-</li>
-</ul>
-<a name="yuvImage">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>yuvImage</h4>
-<pre>protected&nbsp;<a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a> yuvImage</pre>
-</li>
-</ul>
-<a name="jpegWidth">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>jpegWidth</h4>
-<pre>protected&nbsp;int jpegWidth</pre>
-</li>
-</ul>
-<a name="jpegHeight">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>jpegHeight</h4>
-<pre>protected&nbsp;int jpegHeight</pre>
-</li>
-</ul>
-<a name="jpegSubsamp">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>jpegSubsamp</h4>
-<pre>protected&nbsp;int jpegSubsamp</pre>
-</li>
-</ul>
-<a name="jpegColorspace">
-<!--   -->
-</a>
-<ul class="blockListLast">
-<li class="blockList">
-<h4>jpegColorspace</h4>
-<pre>protected&nbsp;int jpegColorspace</pre>
-</li>
-</ul>
-</li>
-</ul>
-<!-- ========= CONSTRUCTOR DETAIL ======== -->
-<ul class="blockList">
-<li class="blockList"><a name="constructor_detail">
-<!--   -->
-</a>
-<h3>Constructor Detail</h3>
-<a name="TJDecompressor()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>TJDecompressor</h4>
-<pre>public&nbsp;TJDecompressor()
-               throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Create a TurboJPEG decompresssor instance.</div>
-<dl><dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="TJDecompressor(byte[])">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>TJDecompressor</h4>
-<pre>public&nbsp;TJDecompressor(byte[]&nbsp;jpegImage)
-               throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Create a TurboJPEG decompressor instance and associate the JPEG source
- image stored in <code>jpegImage</code> with the newly created instance.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>jpegImage</code> - JPEG image buffer (size of the JPEG image is assumed to
- be the length of the array.)  This buffer is not modified.</dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="TJDecompressor(byte[], int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>TJDecompressor</h4>
-<pre>public&nbsp;TJDecompressor(byte[]&nbsp;jpegImage,
-              int&nbsp;imageSize)
-               throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Create a TurboJPEG decompressor instance and associate the JPEG source
- image of length <code>imageSize</code> bytes stored in
- <code>jpegImage</code> with the newly created instance.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>jpegImage</code> - JPEG image buffer.  This buffer is not modified.</dd><dd><code>imageSize</code> - size of the JPEG image (in bytes)</dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="TJDecompressor(org.libjpegturbo.turbojpeg.YUVImage)">
-<!--   -->
-</a>
-<ul class="blockListLast">
-<li class="blockList">
-<h4>TJDecompressor</h4>
-<pre>public&nbsp;TJDecompressor(<a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a>&nbsp;yuvImage)
-               throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Create a TurboJPEG decompressor instance and associate the YUV planar
- source image stored in <code>yuvImage</code> with the newly created
- instance.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>yuvImage</code> - <a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg"><code>YUVImage</code></a> instance containing a YUV planar
- image to be decoded.  This image is not modified.</dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-</li>
-</ul>
-<!-- ============ METHOD DETAIL ========== -->
-<ul class="blockList">
-<li class="blockList"><a name="method_detail">
-<!--   -->
-</a>
-<h3>Method Detail</h3>
-<a name="setSourceImage(byte[], int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>setSourceImage</h4>
-<pre>public&nbsp;void&nbsp;setSourceImage(byte[]&nbsp;jpegImage,
-                  int&nbsp;imageSize)
-                    throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Associate the JPEG image of length <code>imageSize</code> bytes stored in
- <code>jpegImage</code> with this decompressor instance.  This image will
- be used as the source image for subsequent decompress operations.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>jpegImage</code> - JPEG image buffer.  This buffer is not modified.</dd><dd><code>imageSize</code> - size of the JPEG image (in bytes)</dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="setJPEGImage(byte[], int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>setJPEGImage</h4>
-<pre>@Deprecated
-public&nbsp;void&nbsp;setJPEGImage(byte[]&nbsp;jpegImage,
-                           int&nbsp;imageSize)
-                  throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block"><span class="strong">Deprecated.</span>&nbsp;<i>Use <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#setSourceImage(byte[],%20int)"><code>setSourceImage(byte[], int)</code></a> instead.</i></div>
-<dl><dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="setSourceImage(org.libjpegturbo.turbojpeg.YUVImage)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>setSourceImage</h4>
-<pre>public&nbsp;void&nbsp;setSourceImage(<a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a>&nbsp;srcImage)</pre>
-<div class="block">Associate the specified YUV planar source image with this decompressor
- instance.  Subsequent decompress operations will decode this image into an
- RGB or grayscale destination image.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>srcImage</code> - <a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg"><code>YUVImage</code></a> instance containing a YUV planar image to
- be decoded.  This image is not modified.</dd></dl>
-</li>
-</ul>
-<a name="getWidth()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getWidth</h4>
-<pre>public&nbsp;int&nbsp;getWidth()</pre>
-<div class="block">Returns the width of the source image (JPEG or YUV) associated with this
- decompressor instance.</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>the width of the source image (JPEG or YUV) associated with this
- decompressor instance.</dd></dl>
-</li>
-</ul>
-<a name="getHeight()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getHeight</h4>
-<pre>public&nbsp;int&nbsp;getHeight()</pre>
-<div class="block">Returns the height of the source image (JPEG or YUV) associated with this
- decompressor instance.</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>the height of the source image (JPEG or YUV) associated with this
- decompressor instance.</dd></dl>
-</li>
-</ul>
-<a name="getSubsamp()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getSubsamp</h4>
-<pre>public&nbsp;int&nbsp;getSubsamp()</pre>
-<div class="block">Returns the level of chrominance subsampling used in the source image
- (JPEG or YUV) associated with this decompressor instance.  See
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#SAMP_444"><code>TJ.SAMP_*</code></a>.</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>the level of chrominance subsampling used in the source image
- (JPEG or YUV) associated with this decompressor instance.</dd></dl>
-</li>
-</ul>
-<a name="getColorspace()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getColorspace</h4>
-<pre>public&nbsp;int&nbsp;getColorspace()</pre>
-<div class="block">Returns the colorspace used in the source image (JPEG or YUV) associated
- with this decompressor instance.  See <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#CS_RGB"><code>TJ.CS_*</code></a>.  If the
- source image is YUV, then this always returns <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#CS_YCbCr"><code>TJ.CS_YCbCr</code></a>.</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>the colorspace used in the source image (JPEG or YUV) associated
- with this decompressor instance.</dd></dl>
-</li>
-</ul>
-<a name="getJPEGBuf()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getJPEGBuf</h4>
-<pre>public&nbsp;byte[]&nbsp;getJPEGBuf()</pre>
-<div class="block">Returns the JPEG image buffer associated with this decompressor instance.</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>the JPEG image buffer associated with this decompressor instance.</dd></dl>
-</li>
-</ul>
-<a name="getJPEGSize()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getJPEGSize</h4>
-<pre>public&nbsp;int&nbsp;getJPEGSize()</pre>
-<div class="block">Returns the size of the JPEG image (in bytes) associated with this
- decompressor instance.</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>the size of the JPEG image (in bytes) associated with this
- decompressor instance.</dd></dl>
-</li>
-</ul>
-<a name="getScaledWidth(int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getScaledWidth</h4>
-<pre>public&nbsp;int&nbsp;getScaledWidth(int&nbsp;desiredWidth,
-                 int&nbsp;desiredHeight)</pre>
-<div class="block">Returns the width of the largest scaled-down image that the TurboJPEG
- decompressor can generate without exceeding the desired image width and
- height.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>desiredWidth</code> - desired width (in pixels) of the decompressed image.
- Setting this to 0 is the same as setting it to the width of the JPEG image
- (in other words, the width will not be considered when determining the
- scaled image size.)</dd><dd><code>desiredHeight</code> - desired height (in pixels) of the decompressed image.
- Setting this to 0 is the same as setting it to the height of the JPEG
- image (in other words, the height will not be considered when determining
- the scaled image size.)</dd>
-<dt><span class="strong">Returns:</span></dt><dd>the width of the largest scaled-down image that the TurboJPEG
- decompressor can generate without exceeding the desired image width and
- height.</dd></dl>
-</li>
-</ul>
-<a name="getScaledHeight(int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getScaledHeight</h4>
-<pre>public&nbsp;int&nbsp;getScaledHeight(int&nbsp;desiredWidth,
-                  int&nbsp;desiredHeight)</pre>
-<div class="block">Returns the height of the largest scaled-down image that the TurboJPEG
- decompressor can generate without exceeding the desired image width and
- height.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>desiredWidth</code> - desired width (in pixels) of the decompressed image.
- Setting this to 0 is the same as setting it to the width of the JPEG image
- (in other words, the width will not be considered when determining the
- scaled image size.)</dd><dd><code>desiredHeight</code> - desired height (in pixels) of the decompressed image.
- Setting this to 0 is the same as setting it to the height of the JPEG
- image (in other words, the height will not be considered when determining
- the scaled image size.)</dd>
-<dt><span class="strong">Returns:</span></dt><dd>the height of the largest scaled-down image that the TurboJPEG
- decompressor can generate without exceeding the desired image width and
- height.</dd></dl>
-</li>
-</ul>
-<a name="decompress(byte[], int, int, int, int, int, int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>decompress</h4>
-<pre>public&nbsp;void&nbsp;decompress(byte[]&nbsp;dstBuf,
-              int&nbsp;x,
-              int&nbsp;y,
-              int&nbsp;desiredWidth,
-              int&nbsp;pitch,
-              int&nbsp;desiredHeight,
-              int&nbsp;pixelFormat,
-              int&nbsp;flags)
-                throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Decompress the JPEG source image or decode the YUV source image associated
- with this decompressor instance and output a grayscale, RGB, or CMYK image
- to the given destination buffer.
- <p>
- NOTE: The output image is fully recoverable if this method throws a
- non-fatal <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg"><code>TJException</code></a> (unless
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_STOPONWARNING"><code>TJ.FLAG_STOPONWARNING</code></a> is specified.)</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>dstBuf</code> - buffer that will receive the decompressed/decoded image.
- If the source image is a JPEG image, then this buffer should normally be
- <code>pitch * scaledHeight</code> bytes in size, where
- <code>scaledHeight</code> can be determined by calling <code>
- scalingFactor.<a href="../../../org/libjpegturbo/turbojpeg/TJScalingFactor.html#getScaled(int)"><code>getScaled</code></a>(jpegHeight)
- </code> with one of the scaling factors returned from <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#getScalingFactors()"><code>TJ.getScalingFactors()</code></a> or by calling <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#getScaledHeight(int,%20int)"><code>getScaledHeight(int, int)</code></a>.  If the
- source image is a YUV image, then this buffer should normally be
- <code>pitch * height</code> bytes in size, where <code>height</code> is
- the height of the YUV image.  However, the buffer may also be larger than
- the dimensions of the source image, in which case the <code>x</code>,
- <code>y</code>, and <code>pitch</code> parameters can be used to specify
- the region into which the source image should be decompressed/decoded.</dd><dd><code>x</code> - x offset (in pixels) of the region in the destination image into
- which the source image should be decompressed/decoded</dd><dd><code>y</code> - y offset (in pixels) of the region in the destination image into
- which the source image should be decompressed/decoded</dd><dd><code>desiredWidth</code> - If the source image is a JPEG image, then this
- specifies the desired width (in pixels) of the decompressed image (or
- image region.)  If the desired destination image dimensions are different
- than the source image dimensions, then TurboJPEG will use scaling in the
- JPEG decompressor to generate the largest possible image that will fit
- within the desired dimensions.  Setting this to 0 is the same as setting
- it to the width of the JPEG image (in other words, the width will not be
- considered when determining the scaled image size.)  This parameter is
- ignored if the source image is a YUV image.</dd><dd><code>pitch</code> - bytes per line of the destination image.  Normally, this
- should be set to <code>scaledWidth * TJ.pixelSize(pixelFormat)</code> if
- the destination image is unpadded, but you can use this to, for instance,
- pad each line of the destination image to a 4-byte boundary or to
- decompress/decode the source image into a region of a larger image.  NOTE:
- if the source image is a JPEG image, then <code>scaledWidth</code> can be
- determined by calling <code>
- scalingFactor.<a href="../../../org/libjpegturbo/turbojpeg/TJScalingFactor.html#getScaled(int)"><code>getScaled</code></a>(jpegWidth)
- </code> or by calling <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#getScaledWidth(int,%20int)"><code>getScaledWidth(int, int)</code></a>.  If the source image is a
- YUV image, then <code>scaledWidth</code> is the width of the YUV image.
- Setting this parameter to 0 is the equivalent of setting it to
- <code>scaledWidth * TJ.pixelSize(pixelFormat)</code>.</dd><dd><code>desiredHeight</code> - If the source image is a JPEG image, then this
- specifies the desired height (in pixels) of the decompressed image (or
- image region.)  If the desired destination image dimensions are different
- than the source image dimensions, then TurboJPEG will use scaling in the
- JPEG decompressor to generate the largest possible image that will fit
- within the desired dimensions.  Setting this to 0 is the same as setting
- it to the height of the JPEG image (in other words, the height will not be
- considered when determining the scaled image size.)  This parameter is
- ignored if the source image is a YUV image.</dd><dd><code>pixelFormat</code> - pixel format of the decompressed/decoded image (one of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_RGB"><code>TJ.PF_*</code></a>)</dd><dd><code>flags</code> - the bitwise OR of one or more of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_BOTTOMUP"><code>TJ.FLAG_*</code></a></dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="decompress(byte[], int, int, int, int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>decompress</h4>
-<pre>@Deprecated
-public&nbsp;void&nbsp;decompress(byte[]&nbsp;dstBuf,
-                         int&nbsp;desiredWidth,
-                         int&nbsp;pitch,
-                         int&nbsp;desiredHeight,
-                         int&nbsp;pixelFormat,
-                         int&nbsp;flags)
-                throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block"><span class="strong">Deprecated.</span>&nbsp;<i>Use
- <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(byte[],%20int,%20int,%20int,%20int,%20int,%20int,%20int)"><code>decompress(byte[], int, int, int, int, int, int, int)</code></a> instead.</i></div>
-<dl><dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="decompress(int, int, int, int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>decompress</h4>
-<pre>public&nbsp;byte[]&nbsp;decompress(int&nbsp;desiredWidth,
-                int&nbsp;pitch,
-                int&nbsp;desiredHeight,
-                int&nbsp;pixelFormat,
-                int&nbsp;flags)
-                  throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Decompress the JPEG source image associated with this decompressor
- instance and return a buffer containing the decompressed image.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>desiredWidth</code> - see
- <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(byte[],%20int,%20int,%20int,%20int,%20int,%20int,%20int)"><code>decompress(byte[], int, int, int, int, int, int, int)</code></a>
- for description</dd><dd><code>pitch</code> - see
- <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(byte[],%20int,%20int,%20int,%20int,%20int,%20int,%20int)"><code>decompress(byte[], int, int, int, int, int, int, int)</code></a>
- for description</dd><dd><code>desiredHeight</code> - see
- <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(byte[],%20int,%20int,%20int,%20int,%20int,%20int,%20int)"><code>decompress(byte[], int, int, int, int, int, int, int)</code></a>
- for description</dd><dd><code>pixelFormat</code> - pixel format of the decompressed image (one of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_RGB"><code>TJ.PF_*</code></a>)</dd><dd><code>flags</code> - the bitwise OR of one or more of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_BOTTOMUP"><code>TJ.FLAG_*</code></a></dd>
-<dt><span class="strong">Returns:</span></dt><dd>a buffer containing the decompressed image.</dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="decompressToYUV(org.libjpegturbo.turbojpeg.YUVImage, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>decompressToYUV</h4>
-<pre>public&nbsp;void&nbsp;decompressToYUV(<a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a>&nbsp;dstImage,
-                   int&nbsp;flags)
-                     throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Decompress the JPEG source image associated with this decompressor
- instance into a YUV planar image and store it in the given
- <code>YUVImage</code> instance.  This method performs JPEG decompression
- but leaves out the color conversion step, so a planar YUV image is
- generated instead of an RGB or grayscale image.  This method cannot be
- used to decompress JPEG source images with the CMYK or YCCK colorspace.
- <p>
- NOTE: The YUV planar output image is fully recoverable if this method
- throws a non-fatal <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg"><code>TJException</code></a> (unless
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_STOPONWARNING"><code>TJ.FLAG_STOPONWARNING</code></a> is specified.)</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>dstImage</code> - <a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg"><code>YUVImage</code></a> instance that will receive the YUV planar
- image.  The level of subsampling specified in this <code>YUVImage</code>
- instance must match that of the JPEG image, and the width and height
- specified in the <code>YUVImage</code> instance must match one of the
- scaled image sizes that TurboJPEG is capable of generating from the JPEG
- source image.</dd><dd><code>flags</code> - the bitwise OR of one or more of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_BOTTOMUP"><code>TJ.FLAG_*</code></a></dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="decompressToYUV(byte[], int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>decompressToYUV</h4>
-<pre>@Deprecated
-public&nbsp;void&nbsp;decompressToYUV(byte[]&nbsp;dstBuf,
-                              int&nbsp;flags)
-                     throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block"><span class="strong">Deprecated.</span>&nbsp;<i>Use <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(org.libjpegturbo.turbojpeg.YUVImage,%20int)"><code>decompressToYUV(YUVImage, int)</code></a> instead.</i></div>
-<dl><dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="decompressToYUV(int, int[], int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>decompressToYUV</h4>
-<pre>public&nbsp;<a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a>&nbsp;decompressToYUV(int&nbsp;desiredWidth,
-                       int[]&nbsp;strides,
-                       int&nbsp;desiredHeight,
-                       int&nbsp;flags)
-                         throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Decompress the JPEG source image associated with this decompressor
- instance into a set of Y, U (Cb), and V (Cr) image planes and return a
- <code>YUVImage</code> instance containing the decompressed image planes.
- This method performs JPEG decompression but leaves out the color
- conversion step, so a planar YUV image is generated instead of an RGB or
- grayscale image.  This method cannot be used to decompress JPEG source
- images with the CMYK or YCCK colorspace.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>desiredWidth</code> - desired width (in pixels) of the YUV image.  If the
- desired image dimensions are different than the dimensions of the JPEG
- image being decompressed, then TurboJPEG will use scaling in the JPEG
- decompressor to generate the largest possible image that will fit within
- the desired dimensions.  Setting this to 0 is the same as setting it to
- the width of the JPEG image (in other words, the width will not be
- considered when determining the scaled image size.)</dd><dd><code>strides</code> - an array of integers, each specifying the number of bytes
- per line in the corresponding plane of the output image.  Setting the
- stride for any plane to 0 is the same as setting it to the scaled
- component width of the plane.  If <tt>strides</tt> is NULL, then the
- strides for all planes will be set to their respective scaled component
- widths.  You can adjust the strides in order to add an arbitrary amount of
- line padding to each plane.</dd><dd><code>desiredHeight</code> - desired height (in pixels) of the YUV image.  If the
- desired image dimensions are different than the dimensions of the JPEG
- image being decompressed, then TurboJPEG will use scaling in the JPEG
- decompressor to generate the largest possible image that will fit within
- the desired dimensions.  Setting this to 0 is the same as setting it to
- the height of the JPEG image (in other words, the height will not be
- considered when determining the scaled image size.)</dd><dd><code>flags</code> - the bitwise OR of one or more of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_BOTTOMUP"><code>TJ.FLAG_*</code></a></dd>
-<dt><span class="strong">Returns:</span></dt><dd>a YUV planar image.</dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="decompressToYUV(int, int, int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>decompressToYUV</h4>
-<pre>public&nbsp;<a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a>&nbsp;decompressToYUV(int&nbsp;desiredWidth,
-                       int&nbsp;pad,
-                       int&nbsp;desiredHeight,
-                       int&nbsp;flags)
-                         throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Decompress the JPEG source image associated with this decompressor
- instance into a unified YUV planar image buffer and return a
- <code>YUVImage</code> instance containing the decompressed image.  This
- method performs JPEG decompression but leaves out the color conversion
- step, so a planar YUV image is generated instead of an RGB or grayscale
- image.  This method cannot be used to decompress JPEG source images with
- the CMYK or YCCK colorspace.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>desiredWidth</code> - desired width (in pixels) of the YUV image.  If the
- desired image dimensions are different than the dimensions of the JPEG
- image being decompressed, then TurboJPEG will use scaling in the JPEG
- decompressor to generate the largest possible image that will fit within
- the desired dimensions.  Setting this to 0 is the same as setting it to
- the width of the JPEG image (in other words, the width will not be
- considered when determining the scaled image size.)</dd><dd><code>pad</code> - the width of each line in each plane of the YUV image will be
- padded to the nearest multiple of this number of bytes (must be a power of
- 2.)</dd><dd><code>desiredHeight</code> - desired height (in pixels) of the YUV image.  If the
- desired image dimensions are different than the dimensions of the JPEG
- image being decompressed, then TurboJPEG will use scaling in the JPEG
- decompressor to generate the largest possible image that will fit within
- the desired dimensions.  Setting this to 0 is the same as setting it to
- the height of the JPEG image (in other words, the height will not be
- considered when determining the scaled image size.)</dd><dd><code>flags</code> - the bitwise OR of one or more of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_BOTTOMUP"><code>TJ.FLAG_*</code></a></dd>
-<dt><span class="strong">Returns:</span></dt><dd>a YUV planar image.</dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="decompressToYUV(int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>decompressToYUV</h4>
-<pre>@Deprecated
-public&nbsp;byte[]&nbsp;decompressToYUV(int&nbsp;flags)
-                       throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block"><span class="strong">Deprecated.</span>&nbsp;<i>Use <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(int,%20int,%20int,%20int)"><code>decompressToYUV(int, int, int, int)</code></a> instead.</i></div>
-<dl><dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="decompress(int[], int, int, int, int, int, int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>decompress</h4>
-<pre>public&nbsp;void&nbsp;decompress(int[]&nbsp;dstBuf,
-              int&nbsp;x,
-              int&nbsp;y,
-              int&nbsp;desiredWidth,
-              int&nbsp;stride,
-              int&nbsp;desiredHeight,
-              int&nbsp;pixelFormat,
-              int&nbsp;flags)
-                throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Decompress the JPEG source image or decode the YUV source image associated
- with this decompressor instance and output a grayscale, RGB, or CMYK image
- to the given destination buffer.
- <p>
- NOTE: The output image is fully recoverable if this method throws a
- non-fatal <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg"><code>TJException</code></a> (unless
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_STOPONWARNING"><code>TJ.FLAG_STOPONWARNING</code></a> is specified.)</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>dstBuf</code> - buffer that will receive the decompressed/decoded image.
- If the source image is a JPEG image, then this buffer should normally be
- <code>stride * scaledHeight</code> pixels in size, where
- <code>scaledHeight</code> can be determined by calling <code>
- scalingFactor.<a href="../../../org/libjpegturbo/turbojpeg/TJScalingFactor.html#getScaled(int)"><code>getScaled</code></a>(jpegHeight)
- </code> with one of the scaling factors returned from <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#getScalingFactors()"><code>TJ.getScalingFactors()</code></a> or by calling <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#getScaledHeight(int,%20int)"><code>getScaledHeight(int, int)</code></a>.  If the
- source image is a YUV image, then this buffer should normally be
- <code>stride * height</code> pixels in size, where <code>height</code> is
- the height of the YUV image.  However, the buffer may also be larger than
- the dimensions of the JPEG image, in which case the <code>x</code>,
- <code>y</code>, and <code>stride</code> parameters can be used to specify
- the region into which the source image should be decompressed.</dd><dd><code>x</code> - x offset (in pixels) of the region in the destination image into
- which the source image should be decompressed/decoded</dd><dd><code>y</code> - y offset (in pixels) of the region in the destination image into
- which the source image should be decompressed/decoded</dd><dd><code>desiredWidth</code> - If the source image is a JPEG image, then this
- specifies the desired width (in pixels) of the decompressed image (or
- image region.)  If the desired destination image dimensions are different
- than the source image dimensions, then TurboJPEG will use scaling in the
- JPEG decompressor to generate the largest possible image that will fit
- within the desired dimensions.  Setting this to 0 is the same as setting
- it to the width of the JPEG image (in other words, the width will not be
- considered when determining the scaled image size.)  This parameter is
- ignored if the source image is a YUV image.</dd><dd><code>stride</code> - pixels per line of the destination image.  Normally, this
- should be set to <code>scaledWidth</code>, but you can use this to, for
- instance, decompress the JPEG image into a region of a larger image.
- NOTE: if the source image is a JPEG image, then <code>scaledWidth</code>
- can be determined by calling <code>
- scalingFactor.<a href="../../../org/libjpegturbo/turbojpeg/TJScalingFactor.html#getScaled(int)"><code>getScaled</code></a>(jpegWidth)
- </code> or by calling <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#getScaledWidth(int,%20int)"><code>getScaledWidth(int, int)</code></a>.  If the source image is a
- YUV image, then <code>scaledWidth</code> is the width of the YUV image.
- Setting this parameter to 0 is the equivalent of setting it to
- <code>scaledWidth</code>.</dd><dd><code>desiredHeight</code> - If the source image is a JPEG image, then this
- specifies the desired height (in pixels) of the decompressed image (or
- image region.)  If the desired destination image dimensions are different
- than the source image dimensions, then TurboJPEG will use scaling in the
- JPEG decompressor to generate the largest possible image that will fit
- within the desired dimensions.  Setting this to 0 is the same as setting
- it to the height of the JPEG image (in other words, the height will not be
- considered when determining the scaled image size.)  This parameter is
- ignored if the source image is a YUV image.</dd><dd><code>pixelFormat</code> - pixel format of the decompressed image (one of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#PF_RGB"><code>TJ.PF_*</code></a>)</dd><dd><code>flags</code> - the bitwise OR of one or more of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_BOTTOMUP"><code>TJ.FLAG_*</code></a></dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="decompress(java.awt.image.BufferedImage, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>decompress</h4>
-<pre>public&nbsp;void&nbsp;decompress(java.awt.image.BufferedImage&nbsp;dstImage,
-              int&nbsp;flags)
-                throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Decompress the JPEG source image or decode the YUV source image associated
- with this decompressor instance and output a decompressed/decoded image to
- the given <code>BufferedImage</code> instance.
- <p>
- NOTE: The output image is fully recoverable if this method throws a
- non-fatal <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg"><code>TJException</code></a> (unless
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_STOPONWARNING"><code>TJ.FLAG_STOPONWARNING</code></a> is specified.)</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>dstImage</code> - a <code>BufferedImage</code> instance that will receive
- the decompressed/decoded image.  If the source image is a JPEG image, then
- the width and height of the <code>BufferedImage</code> instance must match
- one of the scaled image sizes that TurboJPEG is capable of generating from
- the JPEG image.  If the source image is a YUV image, then the width and
- height of the <code>BufferedImage</code> instance must match the width and
- height of the YUV image.</dd><dd><code>flags</code> - the bitwise OR of one or more of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_BOTTOMUP"><code>TJ.FLAG_*</code></a></dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="decompress(int, int, int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>decompress</h4>
-<pre>public&nbsp;java.awt.image.BufferedImage&nbsp;decompress(int&nbsp;desiredWidth,
-                                      int&nbsp;desiredHeight,
-                                      int&nbsp;bufferedImageType,
-                                      int&nbsp;flags)
-                                        throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Decompress the JPEG source image or decode the YUV source image associated
- with this decompressor instance and return a <code>BufferedImage</code>
- instance containing the decompressed/decoded image.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>desiredWidth</code> - see
- <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(byte[],%20int,%20int,%20int,%20int,%20int,%20int,%20int)"><code>decompress(byte[], int, int, int, int, int, int, int)</code></a> for
- description</dd><dd><code>desiredHeight</code> - see
- <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(byte[],%20int,%20int,%20int,%20int,%20int,%20int,%20int)"><code>decompress(byte[], int, int, int, int, int, int, int)</code></a> for
- description</dd><dd><code>bufferedImageType</code> - the image type of the <code>BufferedImage</code>
- instance that will be created (for instance,
- <code>BufferedImage.TYPE_INT_RGB</code>)</dd><dd><code>flags</code> - the bitwise OR of one or more of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_BOTTOMUP"><code>TJ.FLAG_*</code></a></dd>
-<dt><span class="strong">Returns:</span></dt><dd>a <code>BufferedImage</code> instance containing the
- decompressed/decoded image.</dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="close()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>close</h4>
-<pre>public&nbsp;void&nbsp;close()
-           throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Free the native structures associated with this decompressor instance.</div>
-<dl>
-<dt><strong>Specified by:</strong></dt>
-<dd><code>close</code>&nbsp;in interface&nbsp;<code>java.io.Closeable</code></dd>
-<dt><strong>Specified by:</strong></dt>
-<dd><code>close</code>&nbsp;in interface&nbsp;<code>java.lang.AutoCloseable</code></dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="finalize()">
-<!--   -->
-</a>
-<ul class="blockListLast">
-<li class="blockList">
-<h4>finalize</h4>
-<pre>protected&nbsp;void&nbsp;finalize()
-                 throws java.lang.Throwable</pre>
-<dl>
-<dt><strong>Overrides:</strong></dt>
-<dd><code>finalize</code>&nbsp;in class&nbsp;<code>java.lang.Object</code></dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code>java.lang.Throwable</code></dd></dl>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</div>
-</div>
-<!-- ========= END OF CLASS DATA ========= -->
-<!-- ======= START OF BOTTOM NAVBAR ====== -->
-<div class="bottomNav"><a name="navbar_bottom">
-<!--   -->
-</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li class="navBarCell1Rev">Class</li>
-<li><a href="package-tree.html">Tree</a></li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg"><span class="strong">Prev Class</span></a></li>
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Next Class</span></a></li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/TJDecompressor.html" target="_top">Frames</a></li>
-<li><a href="TJDecompressor.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_bottom">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_bottom");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<div>
-<ul class="subNavList">
-<li>Summary:&nbsp;</li>
-<li>Nested&nbsp;|&nbsp;</li>
-<li><a href="#field_summary">Field</a>&nbsp;|&nbsp;</li>
-<li><a href="#constructor_summary">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_summary">Method</a></li>
-</ul>
-<ul class="subNavList">
-<li>Detail:&nbsp;</li>
-<li><a href="#field_detail">Field</a>&nbsp;|&nbsp;</li>
-<li><a href="#constructor_detail">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_detail">Method</a></li>
-</ul>
-</div>
-<a name="skip-navbar_bottom">
-<!--   -->
-</a></div>
-<!-- ======== END OF BOTTOM NAVBAR ======= -->
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJException.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJException.html
deleted file mode 100644
index 66d73e7..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJException.html
+++ /dev/null
@@ -1,340 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>TJException</title>
-<link rel="stylesheet" type="text/css" href="../../../stylesheet.css" title="Style">
-</head>
-<body>
-<script type="text/javascript"><!--
-    try {
-        if (location.href.indexOf('is-external=true') == -1) {
-            parent.document.title="TJException";
-        }
-    }
-    catch(err) {
-    }
-//-->
-</script>
-<noscript>
-<div>JavaScript is disabled on your browser.</div>
-</noscript>
-<!-- ========= START OF TOP NAVBAR ======= -->
-<div class="topNav"><a name="navbar_top">
-<!--   -->
-</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li class="navBarCell1Rev">Class</li>
-<li><a href="package-tree.html">Tree</a></li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Prev Class</span></a></li>
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Next Class</span></a></li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/TJException.html" target="_top">Frames</a></li>
-<li><a href="TJException.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_top">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_top");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<div>
-<ul class="subNavList">
-<li>Summary:&nbsp;</li>
-<li>Nested&nbsp;|&nbsp;</li>
-<li>Field&nbsp;|&nbsp;</li>
-<li><a href="#constructor_summary">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_summary">Method</a></li>
-</ul>
-<ul class="subNavList">
-<li>Detail:&nbsp;</li>
-<li>Field&nbsp;|&nbsp;</li>
-<li><a href="#constructor_detail">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_detail">Method</a></li>
-</ul>
-</div>
-<a name="skip-navbar_top">
-<!--   -->
-</a></div>
-<!-- ========= END OF TOP NAVBAR ========= -->
-<!-- ======== START OF CLASS DATA ======== -->
-<div class="header">
-<div class="subTitle">org.libjpegturbo.turbojpeg</div>
-<h2 title="Class TJException" class="title">Class TJException</h2>
-</div>
-<div class="contentContainer">
-<ul class="inheritance">
-<li>java.lang.Object</li>
-<li>
-<ul class="inheritance">
-<li>java.lang.Throwable</li>
-<li>
-<ul class="inheritance">
-<li>java.lang.Exception</li>
-<li>
-<ul class="inheritance">
-<li>java.io.IOException</li>
-<li>
-<ul class="inheritance">
-<li>org.libjpegturbo.turbojpeg.TJException</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-<div class="description">
-<ul class="blockList">
-<li class="blockList">
-<dl>
-<dt>All Implemented Interfaces:</dt>
-<dd>java.io.Serializable</dd>
-</dl>
-<hr>
-<br>
-<pre>public class <span class="strong">TJException</span>
-extends java.io.IOException</pre>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../serialized-form.html#org.libjpegturbo.turbojpeg.TJException">Serialized Form</a></dd></dl>
-</li>
-</ul>
-</div>
-<div class="summary">
-<ul class="blockList">
-<li class="blockList">
-<!-- ======== CONSTRUCTOR SUMMARY ======== -->
-<ul class="blockList">
-<li class="blockList"><a name="constructor_summary">
-<!--   -->
-</a>
-<h3>Constructor Summary</h3>
-<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Constructor Summary table, listing constructors, and an explanation">
-<caption><span>Constructors</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colOne" scope="col">Constructor and Description</th>
-</tr>
-<tr class="altColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJException.html#TJException()">TJException</a></strong>()</code>&nbsp;</td>
-</tr>
-<tr class="rowColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJException.html#TJException(java.lang.String)">TJException</a></strong>(java.lang.String&nbsp;message)</code>&nbsp;</td>
-</tr>
-<tr class="altColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJException.html#TJException(java.lang.String,%20int)">TJException</a></strong>(java.lang.String&nbsp;message,
-           int&nbsp;code)</code>&nbsp;</td>
-</tr>
-<tr class="rowColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJException.html#TJException(java.lang.String,%20java.lang.Throwable)">TJException</a></strong>(java.lang.String&nbsp;message,
-           java.lang.Throwable&nbsp;cause)</code>&nbsp;</td>
-</tr>
-<tr class="altColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJException.html#TJException(java.lang.Throwable)">TJException</a></strong>(java.lang.Throwable&nbsp;cause)</code>&nbsp;</td>
-</tr>
-</table>
-</li>
-</ul>
-<!-- ========== METHOD SUMMARY =========== -->
-<ul class="blockList">
-<li class="blockList"><a name="method_summary">
-<!--   -->
-</a>
-<h3>Method Summary</h3>
-<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation">
-<caption><span>Methods</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colFirst" scope="col">Modifier and Type</th>
-<th class="colLast" scope="col">Method and Description</th>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJException.html#getErrorCode()">getErrorCode</a></strong>()</code>
-<div class="block">Returns a code (one of <a href="../../../org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg"><code>TJ.ERR_*</code></a>) indicating the severity of the
- last error.</div>
-</td>
-</tr>
-</table>
-<ul class="blockList">
-<li class="blockList"><a name="methods_inherited_from_class_java.lang.Throwable">
-<!--   -->
-</a>
-<h3>Methods inherited from class&nbsp;java.lang.Throwable</h3>
-<code>addSuppressed, fillInStackTrace, getCause, getLocalizedMessage, getMessage, getStackTrace, getSuppressed, initCause, printStackTrace, printStackTrace, printStackTrace, setStackTrace, toString</code></li>
-</ul>
-<ul class="blockList">
-<li class="blockList"><a name="methods_inherited_from_class_java.lang.Object">
-<!--   -->
-</a>
-<h3>Methods inherited from class&nbsp;java.lang.Object</h3>
-<code>clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait</code></li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</div>
-<div class="details">
-<ul class="blockList">
-<li class="blockList">
-<!-- ========= CONSTRUCTOR DETAIL ======== -->
-<ul class="blockList">
-<li class="blockList"><a name="constructor_detail">
-<!--   -->
-</a>
-<h3>Constructor Detail</h3>
-<a name="TJException()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>TJException</h4>
-<pre>public&nbsp;TJException()</pre>
-</li>
-</ul>
-<a name="TJException(java.lang.String, java.lang.Throwable)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>TJException</h4>
-<pre>public&nbsp;TJException(java.lang.String&nbsp;message,
-           java.lang.Throwable&nbsp;cause)</pre>
-</li>
-</ul>
-<a name="TJException(java.lang.String)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>TJException</h4>
-<pre>public&nbsp;TJException(java.lang.String&nbsp;message)</pre>
-</li>
-</ul>
-<a name="TJException(java.lang.String, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>TJException</h4>
-<pre>public&nbsp;TJException(java.lang.String&nbsp;message,
-           int&nbsp;code)</pre>
-</li>
-</ul>
-<a name="TJException(java.lang.Throwable)">
-<!--   -->
-</a>
-<ul class="blockListLast">
-<li class="blockList">
-<h4>TJException</h4>
-<pre>public&nbsp;TJException(java.lang.Throwable&nbsp;cause)</pre>
-</li>
-</ul>
-</li>
-</ul>
-<!-- ============ METHOD DETAIL ========== -->
-<ul class="blockList">
-<li class="blockList"><a name="method_detail">
-<!--   -->
-</a>
-<h3>Method Detail</h3>
-<a name="getErrorCode()">
-<!--   -->
-</a>
-<ul class="blockListLast">
-<li class="blockList">
-<h4>getErrorCode</h4>
-<pre>public&nbsp;int&nbsp;getErrorCode()</pre>
-<div class="block">Returns a code (one of <a href="../../../org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg"><code>TJ.ERR_*</code></a>) indicating the severity of the
- last error.</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>a code (one of <a href="../../../org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg"><code>TJ.ERR_*</code></a>) indicating the severity of the
- last error.</dd></dl>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</div>
-</div>
-<!-- ========= END OF CLASS DATA ========= -->
-<!-- ======= START OF BOTTOM NAVBAR ====== -->
-<div class="bottomNav"><a name="navbar_bottom">
-<!--   -->
-</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li class="navBarCell1Rev">Class</li>
-<li><a href="package-tree.html">Tree</a></li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Prev Class</span></a></li>
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Next Class</span></a></li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/TJException.html" target="_top">Frames</a></li>
-<li><a href="TJException.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_bottom">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_bottom");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<div>
-<ul class="subNavList">
-<li>Summary:&nbsp;</li>
-<li>Nested&nbsp;|&nbsp;</li>
-<li>Field&nbsp;|&nbsp;</li>
-<li><a href="#constructor_summary">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_summary">Method</a></li>
-</ul>
-<ul class="subNavList">
-<li>Detail:&nbsp;</li>
-<li>Field&nbsp;|&nbsp;</li>
-<li><a href="#constructor_detail">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_detail">Method</a></li>
-</ul>
-</div>
-<a name="skip-navbar_bottom">
-<!--   -->
-</a></div>
-<!-- ======== END OF BOTTOM NAVBAR ======= -->
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJScalingFactor.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJScalingFactor.html
deleted file mode 100644
index 4006bac..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJScalingFactor.html
+++ /dev/null
@@ -1,343 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>TJScalingFactor</title>
-<link rel="stylesheet" type="text/css" href="../../../stylesheet.css" title="Style">
-</head>
-<body>
-<script type="text/javascript"><!--
-    try {
-        if (location.href.indexOf('is-external=true') == -1) {
-            parent.document.title="TJScalingFactor";
-        }
-    }
-    catch(err) {
-    }
-//-->
-</script>
-<noscript>
-<div>JavaScript is disabled on your browser.</div>
-</noscript>
-<!-- ========= START OF TOP NAVBAR ======= -->
-<div class="topNav"><a name="navbar_top">
-<!--   -->
-</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li class="navBarCell1Rev">Class</li>
-<li><a href="package-tree.html">Tree</a></li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Prev Class</span></a></li>
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Next Class</span></a></li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/TJScalingFactor.html" target="_top">Frames</a></li>
-<li><a href="TJScalingFactor.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_top">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_top");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<div>
-<ul class="subNavList">
-<li>Summary:&nbsp;</li>
-<li>Nested&nbsp;|&nbsp;</li>
-<li>Field&nbsp;|&nbsp;</li>
-<li><a href="#constructor_summary">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_summary">Method</a></li>
-</ul>
-<ul class="subNavList">
-<li>Detail:&nbsp;</li>
-<li>Field&nbsp;|&nbsp;</li>
-<li><a href="#constructor_detail">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_detail">Method</a></li>
-</ul>
-</div>
-<a name="skip-navbar_top">
-<!--   -->
-</a></div>
-<!-- ========= END OF TOP NAVBAR ========= -->
-<!-- ======== START OF CLASS DATA ======== -->
-<div class="header">
-<div class="subTitle">org.libjpegturbo.turbojpeg</div>
-<h2 title="Class TJScalingFactor" class="title">Class TJScalingFactor</h2>
-</div>
-<div class="contentContainer">
-<ul class="inheritance">
-<li>java.lang.Object</li>
-<li>
-<ul class="inheritance">
-<li>org.libjpegturbo.turbojpeg.TJScalingFactor</li>
-</ul>
-</li>
-</ul>
-<div class="description">
-<ul class="blockList">
-<li class="blockList">
-<hr>
-<br>
-<pre>public class <span class="strong">TJScalingFactor</span>
-extends java.lang.Object</pre>
-<div class="block">Fractional scaling factor</div>
-</li>
-</ul>
-</div>
-<div class="summary">
-<ul class="blockList">
-<li class="blockList">
-<!-- ======== CONSTRUCTOR SUMMARY ======== -->
-<ul class="blockList">
-<li class="blockList"><a name="constructor_summary">
-<!--   -->
-</a>
-<h3>Constructor Summary</h3>
-<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Constructor Summary table, listing constructors, and an explanation">
-<caption><span>Constructors</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colOne" scope="col">Constructor and Description</th>
-</tr>
-<tr class="altColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJScalingFactor.html#TJScalingFactor(int,%20int)">TJScalingFactor</a></strong>(int&nbsp;num,
-               int&nbsp;denom)</code>
-<div class="block">Create a TurboJPEG scaling factor instance.</div>
-</td>
-</tr>
-</table>
-</li>
-</ul>
-<!-- ========== METHOD SUMMARY =========== -->
-<ul class="blockList">
-<li class="blockList"><a name="method_summary">
-<!--   -->
-</a>
-<h3>Method Summary</h3>
-<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation">
-<caption><span>Methods</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colFirst" scope="col">Modifier and Type</th>
-<th class="colLast" scope="col">Method and Description</th>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>boolean</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJScalingFactor.html#equals(org.libjpegturbo.turbojpeg.TJScalingFactor)">equals</a></strong>(<a href="../../../org/libjpegturbo/turbojpeg/TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg">TJScalingFactor</a>&nbsp;other)</code>
-<div class="block">Returns true or false, depending on whether this instance and
- <code>other</code> have the same numerator and denominator.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJScalingFactor.html#getDenom()">getDenom</a></strong>()</code>
-<div class="block">Returns denominator</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJScalingFactor.html#getNum()">getNum</a></strong>()</code>
-<div class="block">Returns numerator</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJScalingFactor.html#getScaled(int)">getScaled</a></strong>(int&nbsp;dimension)</code>
-<div class="block">Returns the scaled value of <code>dimension</code>.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>boolean</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJScalingFactor.html#isOne()">isOne</a></strong>()</code>
-<div class="block">Returns true or false, depending on whether this instance is equal to
- 1/1.</div>
-</td>
-</tr>
-</table>
-<ul class="blockList">
-<li class="blockList"><a name="methods_inherited_from_class_java.lang.Object">
-<!--   -->
-</a>
-<h3>Methods inherited from class&nbsp;java.lang.Object</h3>
-<code>clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait</code></li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</div>
-<div class="details">
-<ul class="blockList">
-<li class="blockList">
-<!-- ========= CONSTRUCTOR DETAIL ======== -->
-<ul class="blockList">
-<li class="blockList"><a name="constructor_detail">
-<!--   -->
-</a>
-<h3>Constructor Detail</h3>
-<a name="TJScalingFactor(int, int)">
-<!--   -->
-</a>
-<ul class="blockListLast">
-<li class="blockList">
-<h4>TJScalingFactor</h4>
-<pre>public&nbsp;TJScalingFactor(int&nbsp;num,
-               int&nbsp;denom)</pre>
-<div class="block">Create a TurboJPEG scaling factor instance.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>num</code> - numerator</dd><dd><code>denom</code> - denominator</dd></dl>
-</li>
-</ul>
-</li>
-</ul>
-<!-- ============ METHOD DETAIL ========== -->
-<ul class="blockList">
-<li class="blockList"><a name="method_detail">
-<!--   -->
-</a>
-<h3>Method Detail</h3>
-<a name="getNum()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getNum</h4>
-<pre>public&nbsp;int&nbsp;getNum()</pre>
-<div class="block">Returns numerator</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>numerator</dd></dl>
-</li>
-</ul>
-<a name="getDenom()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getDenom</h4>
-<pre>public&nbsp;int&nbsp;getDenom()</pre>
-<div class="block">Returns denominator</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>denominator</dd></dl>
-</li>
-</ul>
-<a name="getScaled(int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getScaled</h4>
-<pre>public&nbsp;int&nbsp;getScaled(int&nbsp;dimension)</pre>
-<div class="block">Returns the scaled value of <code>dimension</code>.  This function
- performs the integer equivalent of
- <code>ceil(dimension * scalingFactor)</code>.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>dimension</code> - width or height to multiply by this scaling factor</dd>
-<dt><span class="strong">Returns:</span></dt><dd>the scaled value of <code>dimension</code>.</dd></dl>
-</li>
-</ul>
-<a name="equals(org.libjpegturbo.turbojpeg.TJScalingFactor)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>equals</h4>
-<pre>public&nbsp;boolean&nbsp;equals(<a href="../../../org/libjpegturbo/turbojpeg/TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg">TJScalingFactor</a>&nbsp;other)</pre>
-<div class="block">Returns true or false, depending on whether this instance and
- <code>other</code> have the same numerator and denominator.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>other</code> - the scaling factor against which to compare this one</dd>
-<dt><span class="strong">Returns:</span></dt><dd>true or false, depending on whether this instance and
- <code>other</code> have the same numerator and denominator.</dd></dl>
-</li>
-</ul>
-<a name="isOne()">
-<!--   -->
-</a>
-<ul class="blockListLast">
-<li class="blockList">
-<h4>isOne</h4>
-<pre>public&nbsp;boolean&nbsp;isOne()</pre>
-<div class="block">Returns true or false, depending on whether this instance is equal to
- 1/1.</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>true or false, depending on whether this instance is equal to
- 1/1.</dd></dl>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</div>
-</div>
-<!-- ========= END OF CLASS DATA ========= -->
-<!-- ======= START OF BOTTOM NAVBAR ====== -->
-<div class="bottomNav"><a name="navbar_bottom">
-<!--   -->
-</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li class="navBarCell1Rev">Class</li>
-<li><a href="package-tree.html">Tree</a></li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Prev Class</span></a></li>
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Next Class</span></a></li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/TJScalingFactor.html" target="_top">Frames</a></li>
-<li><a href="TJScalingFactor.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_bottom">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_bottom");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<div>
-<ul class="subNavList">
-<li>Summary:&nbsp;</li>
-<li>Nested&nbsp;|&nbsp;</li>
-<li>Field&nbsp;|&nbsp;</li>
-<li><a href="#constructor_summary">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_summary">Method</a></li>
-</ul>
-<ul class="subNavList">
-<li>Detail:&nbsp;</li>
-<li>Field&nbsp;|&nbsp;</li>
-<li><a href="#constructor_detail">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_detail">Method</a></li>
-</ul>
-</div>
-<a name="skip-navbar_bottom">
-<!--   -->
-</a></div>
-<!-- ======== END OF BOTTOM NAVBAR ======= -->
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJTransform.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJTransform.html
deleted file mode 100644
index 5f22691..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJTransform.html
+++ /dev/null
@@ -1,751 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>TJTransform</title>
-<link rel="stylesheet" type="text/css" href="../../../stylesheet.css" title="Style">
-</head>
-<body>
-<script type="text/javascript"><!--
-    try {
-        if (location.href.indexOf('is-external=true') == -1) {
-            parent.document.title="TJTransform";
-        }
-    }
-    catch(err) {
-    }
-//-->
-</script>
-<noscript>
-<div>JavaScript is disabled on your browser.</div>
-</noscript>
-<!-- ========= START OF TOP NAVBAR ======= -->
-<div class="topNav"><a name="navbar_top">
-<!--   -->
-</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li class="navBarCell1Rev">Class</li>
-<li><a href="package-tree.html">Tree</a></li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Prev Class</span></a></li>
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJTransformer.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Next Class</span></a></li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/TJTransform.html" target="_top">Frames</a></li>
-<li><a href="TJTransform.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_top">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_top");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<div>
-<ul class="subNavList">
-<li>Summary:&nbsp;</li>
-<li><a href="#nested_classes_inherited_from_class_java.awt.geom.Rectangle2D">Nested</a>&nbsp;|&nbsp;</li>
-<li><a href="#field_summary">Field</a>&nbsp;|&nbsp;</li>
-<li><a href="#constructor_summary">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#methods_inherited_from_class_java.awt.Rectangle">Method</a></li>
-</ul>
-<ul class="subNavList">
-<li>Detail:&nbsp;</li>
-<li><a href="#field_detail">Field</a>&nbsp;|&nbsp;</li>
-<li><a href="#constructor_detail">Constr</a>&nbsp;|&nbsp;</li>
-<li>Method</li>
-</ul>
-</div>
-<a name="skip-navbar_top">
-<!--   -->
-</a></div>
-<!-- ========= END OF TOP NAVBAR ========= -->
-<!-- ======== START OF CLASS DATA ======== -->
-<div class="header">
-<div class="subTitle">org.libjpegturbo.turbojpeg</div>
-<h2 title="Class TJTransform" class="title">Class TJTransform</h2>
-</div>
-<div class="contentContainer">
-<ul class="inheritance">
-<li>java.lang.Object</li>
-<li>
-<ul class="inheritance">
-<li>java.awt.geom.RectangularShape</li>
-<li>
-<ul class="inheritance">
-<li>java.awt.geom.Rectangle2D</li>
-<li>
-<ul class="inheritance">
-<li>java.awt.Rectangle</li>
-<li>
-<ul class="inheritance">
-<li>org.libjpegturbo.turbojpeg.TJTransform</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-<div class="description">
-<ul class="blockList">
-<li class="blockList">
-<dl>
-<dt>All Implemented Interfaces:</dt>
-<dd>java.awt.Shape, java.io.Serializable, java.lang.Cloneable</dd>
-</dl>
-<hr>
-<br>
-<pre>public class <span class="strong">TJTransform</span>
-extends java.awt.Rectangle</pre>
-<div class="block">Lossless transform parameters</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../serialized-form.html#org.libjpegturbo.turbojpeg.TJTransform">Serialized Form</a></dd></dl>
-</li>
-</ul>
-</div>
-<div class="summary">
-<ul class="blockList">
-<li class="blockList">
-<!-- ======== NESTED CLASS SUMMARY ======== -->
-<ul class="blockList">
-<li class="blockList"><a name="nested_class_summary">
-<!--   -->
-</a>
-<h3>Nested Class Summary</h3>
-<ul class="blockList">
-<li class="blockList"><a name="nested_classes_inherited_from_class_java.awt.geom.Rectangle2D">
-<!--   -->
-</a>
-<h3>Nested classes/interfaces inherited from class&nbsp;java.awt.geom.Rectangle2D</h3>
-<code>java.awt.geom.Rectangle2D.Double, java.awt.geom.Rectangle2D.Float</code></li>
-</ul>
-</li>
-</ul>
-<!-- =========== FIELD SUMMARY =========== -->
-<ul class="blockList">
-<li class="blockList"><a name="field_summary">
-<!--   -->
-</a>
-<h3>Field Summary</h3>
-<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Field Summary table, listing fields, and an explanation">
-<caption><span>Fields</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colFirst" scope="col">Modifier and Type</th>
-<th class="colLast" scope="col">Field and Description</th>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code><a href="../../../org/libjpegturbo/turbojpeg/TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg">TJCustomFilter</a></code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#cf">cf</a></strong></code>
-<div class="block">Custom filter instance</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#NUMOP">NUMOP</a></strong></code>
-<div class="block">The number of lossless transform operations</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#op">op</a></strong></code>
-<div class="block">Transform operation (one of <code>OP_*</code>)</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OP_HFLIP">OP_HFLIP</a></strong></code>
-<div class="block">Flip (mirror) image horizontally.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OP_NONE">OP_NONE</a></strong></code>
-<div class="block">Do not transform the position of the image pixels.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OP_ROT180">OP_ROT180</a></strong></code>
-<div class="block">Rotate image 180 degrees.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OP_ROT270">OP_ROT270</a></strong></code>
-<div class="block">Rotate image counter-clockwise by 90 degrees.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OP_ROT90">OP_ROT90</a></strong></code>
-<div class="block">Rotate image clockwise by 90 degrees.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OP_TRANSPOSE">OP_TRANSPOSE</a></strong></code>
-<div class="block">Transpose image (flip/mirror along upper left to lower right axis).</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OP_TRANSVERSE">OP_TRANSVERSE</a></strong></code>
-<div class="block">Transverse transpose image (flip/mirror along upper right to lower left
- axis).</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OP_VFLIP">OP_VFLIP</a></strong></code>
-<div class="block">Flip (mirror) image vertically.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OPT_COPYNONE">OPT_COPYNONE</a></strong></code>
-<div class="block">This option will prevent <a href="../../../org/libjpegturbo/turbojpeg/TJTransformer.html#transform(byte[][],%20org.libjpegturbo.turbojpeg.TJTransform[],%20int)"><code>TJTransformer.transform()</code></a> from copying any extra markers (including EXIF
- and ICC profile data) from the source image to the output image.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OPT_CROP">OPT_CROP</a></strong></code>
-<div class="block">This option will enable lossless cropping.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OPT_GRAY">OPT_GRAY</a></strong></code>
-<div class="block">This option will discard the color data in the input image and produce
- a grayscale output image.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OPT_NOOUTPUT">OPT_NOOUTPUT</a></strong></code>
-<div class="block">This option will prevent <a href="../../../org/libjpegturbo/turbojpeg/TJTransformer.html#transform(byte[][],%20org.libjpegturbo.turbojpeg.TJTransform[],%20int)"><code>TJTransformer.transform()</code></a> from outputting a JPEG image for this
- particular transform.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OPT_PERFECT">OPT_PERFECT</a></strong></code>
-<div class="block">This option will cause <a href="../../../org/libjpegturbo/turbojpeg/TJTransformer.html#transform(byte[][],%20org.libjpegturbo.turbojpeg.TJTransform[],%20int)"><code>TJTransformer.transform()</code></a> to throw an exception if the transform is not
- perfect.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OPT_PROGRESSIVE">OPT_PROGRESSIVE</a></strong></code>
-<div class="block">This option will enable progressive entropy coding in the output image
- generated by this particular transform.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>static int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OPT_TRIM">OPT_TRIM</a></strong></code>
-<div class="block">This option will discard any partial MCU blocks that cannot be
- transformed.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#options">options</a></strong></code>
-<div class="block">Transform options (bitwise OR of one or more of <code>OPT_*</code>)</div>
-</td>
-</tr>
-</table>
-<ul class="blockList">
-<li class="blockList"><a name="fields_inherited_from_class_java.awt.Rectangle">
-<!--   -->
-</a>
-<h3>Fields inherited from class&nbsp;java.awt.Rectangle</h3>
-<code>height, width, x, y</code></li>
-</ul>
-<ul class="blockList">
-<li class="blockList"><a name="fields_inherited_from_class_java.awt.geom.Rectangle2D">
-<!--   -->
-</a>
-<h3>Fields inherited from class&nbsp;java.awt.geom.Rectangle2D</h3>
-<code>OUT_BOTTOM, OUT_LEFT, OUT_RIGHT, OUT_TOP</code></li>
-</ul>
-</li>
-</ul>
-<!-- ======== CONSTRUCTOR SUMMARY ======== -->
-<ul class="blockList">
-<li class="blockList"><a name="constructor_summary">
-<!--   -->
-</a>
-<h3>Constructor Summary</h3>
-<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Constructor Summary table, listing constructors, and an explanation">
-<caption><span>Constructors</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colOne" scope="col">Constructor and Description</th>
-</tr>
-<tr class="altColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#TJTransform()">TJTransform</a></strong>()</code>
-<div class="block">Create a new lossless transform instance.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#TJTransform(int,%20int,%20int,%20int,%20int,%20int,%20org.libjpegturbo.turbojpeg.TJCustomFilter)">TJTransform</a></strong>(int&nbsp;x,
-           int&nbsp;y,
-           int&nbsp;w,
-           int&nbsp;h,
-           int&nbsp;op,
-           int&nbsp;options,
-           <a href="../../../org/libjpegturbo/turbojpeg/TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg">TJCustomFilter</a>&nbsp;cf)</code>
-<div class="block">Create a new lossless transform instance with the given parameters.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#TJTransform(java.awt.Rectangle,%20int,%20int,%20org.libjpegturbo.turbojpeg.TJCustomFilter)">TJTransform</a></strong>(java.awt.Rectangle&nbsp;r,
-           int&nbsp;op,
-           int&nbsp;options,
-           <a href="../../../org/libjpegturbo/turbojpeg/TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg">TJCustomFilter</a>&nbsp;cf)</code>
-<div class="block">Create a new lossless transform instance with the given parameters.</div>
-</td>
-</tr>
-</table>
-</li>
-</ul>
-<!-- ========== METHOD SUMMARY =========== -->
-<ul class="blockList">
-<li class="blockList"><a name="method_summary">
-<!--   -->
-</a>
-<h3>Method Summary</h3>
-<ul class="blockList">
-<li class="blockList"><a name="methods_inherited_from_class_java.awt.Rectangle">
-<!--   -->
-</a>
-<h3>Methods inherited from class&nbsp;java.awt.Rectangle</h3>
-<code>add, add, add, contains, contains, contains, contains, createIntersection, createUnion, equals, getBounds, getBounds2D, getHeight, getLocation, getSize, getWidth, getX, getY, grow, inside, intersection, intersects, isEmpty, move, outcode, reshape, resize, setBounds, setBounds, setLocation, setLocation, setRect, setSize, setSize, toString, translate, union</code></li>
-</ul>
-<ul class="blockList">
-<li class="blockList"><a name="methods_inherited_from_class_java.awt.geom.Rectangle2D">
-<!--   -->
-</a>
-<h3>Methods inherited from class&nbsp;java.awt.geom.Rectangle2D</h3>
-<code>add, add, add, contains, contains, getPathIterator, getPathIterator, hashCode, intersect, intersects, intersectsLine, intersectsLine, outcode, setFrame, setRect, union</code></li>
-</ul>
-<ul class="blockList">
-<li class="blockList"><a name="methods_inherited_from_class_java.awt.geom.RectangularShape">
-<!--   -->
-</a>
-<h3>Methods inherited from class&nbsp;java.awt.geom.RectangularShape</h3>
-<code>clone, contains, contains, getCenterX, getCenterY, getFrame, getMaxX, getMaxY, getMinX, getMinY, intersects, setFrame, setFrame, setFrameFromCenter, setFrameFromCenter, setFrameFromDiagonal, setFrameFromDiagonal</code></li>
-</ul>
-<ul class="blockList">
-<li class="blockList"><a name="methods_inherited_from_class_java.lang.Object">
-<!--   -->
-</a>
-<h3>Methods inherited from class&nbsp;java.lang.Object</h3>
-<code>finalize, getClass, notify, notifyAll, wait, wait, wait</code></li>
-</ul>
-<ul class="blockList">
-<li class="blockList"><a name="methods_inherited_from_class_java.awt.Shape">
-<!--   -->
-</a>
-<h3>Methods inherited from interface&nbsp;java.awt.Shape</h3>
-<code>contains, contains, contains, contains, getPathIterator, getPathIterator, intersects, intersects</code></li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</div>
-<div class="details">
-<ul class="blockList">
-<li class="blockList">
-<!-- ============ FIELD DETAIL =========== -->
-<ul class="blockList">
-<li class="blockList"><a name="field_detail">
-<!--   -->
-</a>
-<h3>Field Detail</h3>
-<a name="NUMOP">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>NUMOP</h4>
-<pre>public static final&nbsp;int NUMOP</pre>
-<div class="block">The number of lossless transform operations</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJTransform.NUMOP">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="OP_NONE">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>OP_NONE</h4>
-<pre>public static final&nbsp;int OP_NONE</pre>
-<div class="block">Do not transform the position of the image pixels.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJTransform.OP_NONE">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="OP_HFLIP">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>OP_HFLIP</h4>
-<pre>public static final&nbsp;int OP_HFLIP</pre>
-<div class="block">Flip (mirror) image horizontally.  This transform is imperfect if there
- are any partial MCU blocks on the right edge.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OPT_PERFECT"><code>OPT_PERFECT</code></a>, 
-<a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJTransform.OP_HFLIP">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="OP_VFLIP">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>OP_VFLIP</h4>
-<pre>public static final&nbsp;int OP_VFLIP</pre>
-<div class="block">Flip (mirror) image vertically.  This transform is imperfect if there are
- any partial MCU blocks on the bottom edge.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OPT_PERFECT"><code>OPT_PERFECT</code></a>, 
-<a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJTransform.OP_VFLIP">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="OP_TRANSPOSE">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>OP_TRANSPOSE</h4>
-<pre>public static final&nbsp;int OP_TRANSPOSE</pre>
-<div class="block">Transpose image (flip/mirror along upper left to lower right axis).  This
- transform is always perfect.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OPT_PERFECT"><code>OPT_PERFECT</code></a>, 
-<a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJTransform.OP_TRANSPOSE">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="OP_TRANSVERSE">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>OP_TRANSVERSE</h4>
-<pre>public static final&nbsp;int OP_TRANSVERSE</pre>
-<div class="block">Transverse transpose image (flip/mirror along upper right to lower left
- axis).  This transform is imperfect if there are any partial MCU blocks in
- the image.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OPT_PERFECT"><code>OPT_PERFECT</code></a>, 
-<a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJTransform.OP_TRANSVERSE">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="OP_ROT90">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>OP_ROT90</h4>
-<pre>public static final&nbsp;int OP_ROT90</pre>
-<div class="block">Rotate image clockwise by 90 degrees.  This transform is imperfect if
- there are any partial MCU blocks on the bottom edge.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OPT_PERFECT"><code>OPT_PERFECT</code></a>, 
-<a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJTransform.OP_ROT90">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="OP_ROT180">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>OP_ROT180</h4>
-<pre>public static final&nbsp;int OP_ROT180</pre>
-<div class="block">Rotate image 180 degrees.  This transform is imperfect if there are any
- partial MCU blocks in the image.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OPT_PERFECT"><code>OPT_PERFECT</code></a>, 
-<a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJTransform.OP_ROT180">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="OP_ROT270">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>OP_ROT270</h4>
-<pre>public static final&nbsp;int OP_ROT270</pre>
-<div class="block">Rotate image counter-clockwise by 90 degrees.  This transform is imperfect
- if there are any partial MCU blocks on the right edge.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#OPT_PERFECT"><code>OPT_PERFECT</code></a>, 
-<a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJTransform.OP_ROT270">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="OPT_PERFECT">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>OPT_PERFECT</h4>
-<pre>public static final&nbsp;int OPT_PERFECT</pre>
-<div class="block">This option will cause <a href="../../../org/libjpegturbo/turbojpeg/TJTransformer.html#transform(byte[][],%20org.libjpegturbo.turbojpeg.TJTransform[],%20int)"><code>TJTransformer.transform()</code></a> to throw an exception if the transform is not
- perfect.  Lossless transforms operate on MCU blocks, whose size depends on
- the level of chrominance subsampling used.  If the image's width or height
- is not evenly divisible by the MCU block size (see <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#getMCUWidth(int)"><code>TJ.getMCUWidth(int)</code></a>
- and <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#getMCUHeight(int)"><code>TJ.getMCUHeight(int)</code></a>), then there will be partial MCU blocks on the
- right and/or bottom edges.   It is not possible to move these partial MCU
- blocks to the top or left of the image, so any transform that would
- require that is "imperfect."  If this option is not specified, then any
- partial MCU blocks that cannot be transformed will be left in place, which
- will create odd-looking strips on the right or bottom edge of the image.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJTransform.OPT_PERFECT">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="OPT_TRIM">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>OPT_TRIM</h4>
-<pre>public static final&nbsp;int OPT_TRIM</pre>
-<div class="block">This option will discard any partial MCU blocks that cannot be
- transformed.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJTransform.OPT_TRIM">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="OPT_CROP">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>OPT_CROP</h4>
-<pre>public static final&nbsp;int OPT_CROP</pre>
-<div class="block">This option will enable lossless cropping.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJTransform.OPT_CROP">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="OPT_GRAY">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>OPT_GRAY</h4>
-<pre>public static final&nbsp;int OPT_GRAY</pre>
-<div class="block">This option will discard the color data in the input image and produce
- a grayscale output image.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJTransform.OPT_GRAY">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="OPT_NOOUTPUT">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>OPT_NOOUTPUT</h4>
-<pre>public static final&nbsp;int OPT_NOOUTPUT</pre>
-<div class="block">This option will prevent <a href="../../../org/libjpegturbo/turbojpeg/TJTransformer.html#transform(byte[][],%20org.libjpegturbo.turbojpeg.TJTransform[],%20int)"><code>TJTransformer.transform()</code></a> from outputting a JPEG image for this
- particular transform.  This can be used in conjunction with a custom
- filter to capture the transformed DCT coefficients without transcoding
- them.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJTransform.OPT_NOOUTPUT">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="OPT_PROGRESSIVE">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>OPT_PROGRESSIVE</h4>
-<pre>public static final&nbsp;int OPT_PROGRESSIVE</pre>
-<div class="block">This option will enable progressive entropy coding in the output image
- generated by this particular transform.  Progressive entropy coding will
- generally improve compression relative to baseline entropy coding (the
- default), but it will reduce compression and decompression performance
- considerably.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJTransform.OPT_PROGRESSIVE">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="OPT_COPYNONE">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>OPT_COPYNONE</h4>
-<pre>public static final&nbsp;int OPT_COPYNONE</pre>
-<div class="block">This option will prevent <a href="../../../org/libjpegturbo/turbojpeg/TJTransformer.html#transform(byte[][],%20org.libjpegturbo.turbojpeg.TJTransform[],%20int)"><code>TJTransformer.transform()</code></a> from copying any extra markers (including EXIF
- and ICC profile data) from the source image to the output image.</div>
-<dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../constant-values.html#org.libjpegturbo.turbojpeg.TJTransform.OPT_COPYNONE">Constant Field Values</a></dd></dl>
-</li>
-</ul>
-<a name="op">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>op</h4>
-<pre>public&nbsp;int op</pre>
-<div class="block">Transform operation (one of <code>OP_*</code>)</div>
-</li>
-</ul>
-<a name="options">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>options</h4>
-<pre>public&nbsp;int options</pre>
-<div class="block">Transform options (bitwise OR of one or more of <code>OPT_*</code>)</div>
-</li>
-</ul>
-<a name="cf">
-<!--   -->
-</a>
-<ul class="blockListLast">
-<li class="blockList">
-<h4>cf</h4>
-<pre>public&nbsp;<a href="../../../org/libjpegturbo/turbojpeg/TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg">TJCustomFilter</a> cf</pre>
-<div class="block">Custom filter instance</div>
-</li>
-</ul>
-</li>
-</ul>
-<!-- ========= CONSTRUCTOR DETAIL ======== -->
-<ul class="blockList">
-<li class="blockList"><a name="constructor_detail">
-<!--   -->
-</a>
-<h3>Constructor Detail</h3>
-<a name="TJTransform()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>TJTransform</h4>
-<pre>public&nbsp;TJTransform()</pre>
-<div class="block">Create a new lossless transform instance.</div>
-</li>
-</ul>
-<a name="TJTransform(int, int, int, int, int, int, org.libjpegturbo.turbojpeg.TJCustomFilter)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>TJTransform</h4>
-<pre>public&nbsp;TJTransform(int&nbsp;x,
-           int&nbsp;y,
-           int&nbsp;w,
-           int&nbsp;h,
-           int&nbsp;op,
-           int&nbsp;options,
-           <a href="../../../org/libjpegturbo/turbojpeg/TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg">TJCustomFilter</a>&nbsp;cf)</pre>
-<div class="block">Create a new lossless transform instance with the given parameters.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>x</code> - the left boundary of the cropping region.  This must be evenly
- divisible by the MCU block width (see <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#getMCUWidth(int)"><code>TJ.getMCUWidth(int)</code></a>)</dd><dd><code>y</code> - the upper boundary of the cropping region.  This must be evenly
- divisible by the MCU block height (see <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#getMCUHeight(int)"><code>TJ.getMCUHeight(int)</code></a>)</dd><dd><code>w</code> - the width of the cropping region.  Setting this to 0 is the
- equivalent of setting it to (width of the source JPEG image -
- <code>x</code>).</dd><dd><code>h</code> - the height of the cropping region.  Setting this to 0 is the
- equivalent of setting it to (height of the source JPEG image -
- <code>y</code>).</dd><dd><code>op</code> - one of the transform operations (<code>OP_*</code>)</dd><dd><code>options</code> - the bitwise OR of one or more of the transform options
- (<code>OPT_*</code>)</dd><dd><code>cf</code> - an instance of an object that implements the <a href="../../../org/libjpegturbo/turbojpeg/TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg"><code>TJCustomFilter</code></a> interface, or null if no custom filter is needed</dd></dl>
-</li>
-</ul>
-<a name="TJTransform(java.awt.Rectangle, int, int, org.libjpegturbo.turbojpeg.TJCustomFilter)">
-<!--   -->
-</a>
-<ul class="blockListLast">
-<li class="blockList">
-<h4>TJTransform</h4>
-<pre>public&nbsp;TJTransform(java.awt.Rectangle&nbsp;r,
-           int&nbsp;op,
-           int&nbsp;options,
-           <a href="../../../org/libjpegturbo/turbojpeg/TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg">TJCustomFilter</a>&nbsp;cf)</pre>
-<div class="block">Create a new lossless transform instance with the given parameters.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>r</code> - a <code>Rectangle</code> instance that specifies the cropping
- region.  See <a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html#TJTransform(int,%20int,%20int,%20int,%20int,%20int,%20org.libjpegturbo.turbojpeg.TJCustomFilter)"><code>TJTransform(int, int, int, int, int, int, TJCustomFilter)</code></a> for more
- detail.</dd><dd><code>op</code> - one of the transform operations (<code>OP_*</code>)</dd><dd><code>options</code> - the bitwise OR of one or more of the transform options
- (<code>OPT_*</code>)</dd><dd><code>cf</code> - an instance of an object that implements the <a href="../../../org/libjpegturbo/turbojpeg/TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg"><code>TJCustomFilter</code></a> interface, or null if no custom filter is needed</dd></dl>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</div>
-</div>
-<!-- ========= END OF CLASS DATA ========= -->
-<!-- ======= START OF BOTTOM NAVBAR ====== -->
-<div class="bottomNav"><a name="navbar_bottom">
-<!--   -->
-</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li class="navBarCell1Rev">Class</li>
-<li><a href="package-tree.html">Tree</a></li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Prev Class</span></a></li>
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJTransformer.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Next Class</span></a></li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/TJTransform.html" target="_top">Frames</a></li>
-<li><a href="TJTransform.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_bottom">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_bottom");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<div>
-<ul class="subNavList">
-<li>Summary:&nbsp;</li>
-<li><a href="#nested_classes_inherited_from_class_java.awt.geom.Rectangle2D">Nested</a>&nbsp;|&nbsp;</li>
-<li><a href="#field_summary">Field</a>&nbsp;|&nbsp;</li>
-<li><a href="#constructor_summary">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#methods_inherited_from_class_java.awt.Rectangle">Method</a></li>
-</ul>
-<ul class="subNavList">
-<li>Detail:&nbsp;</li>
-<li><a href="#field_detail">Field</a>&nbsp;|&nbsp;</li>
-<li><a href="#constructor_detail">Constr</a>&nbsp;|&nbsp;</li>
-<li>Method</li>
-</ul>
-</div>
-<a name="skip-navbar_bottom">
-<!--   -->
-</a></div>
-<!-- ======== END OF BOTTOM NAVBAR ======= -->
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJTransformer.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJTransformer.html
deleted file mode 100644
index a30fe30..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/TJTransformer.html
+++ /dev/null
@@ -1,421 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>TJTransformer</title>
-<link rel="stylesheet" type="text/css" href="../../../stylesheet.css" title="Style">
-</head>
-<body>
-<script type="text/javascript"><!--
-    try {
-        if (location.href.indexOf('is-external=true') == -1) {
-            parent.document.title="TJTransformer";
-        }
-    }
-    catch(err) {
-    }
-//-->
-</script>
-<noscript>
-<div>JavaScript is disabled on your browser.</div>
-</noscript>
-<!-- ========= START OF TOP NAVBAR ======= -->
-<div class="topNav"><a name="navbar_top">
-<!--   -->
-</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li class="navBarCell1Rev">Class</li>
-<li><a href="package-tree.html">Tree</a></li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Prev Class</span></a></li>
-<li><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Next Class</span></a></li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/TJTransformer.html" target="_top">Frames</a></li>
-<li><a href="TJTransformer.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_top">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_top");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<div>
-<ul class="subNavList">
-<li>Summary:&nbsp;</li>
-<li>Nested&nbsp;|&nbsp;</li>
-<li><a href="#fields_inherited_from_class_org.libjpegturbo.turbojpeg.TJDecompressor">Field</a>&nbsp;|&nbsp;</li>
-<li><a href="#constructor_summary">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_summary">Method</a></li>
-</ul>
-<ul class="subNavList">
-<li>Detail:&nbsp;</li>
-<li>Field&nbsp;|&nbsp;</li>
-<li><a href="#constructor_detail">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_detail">Method</a></li>
-</ul>
-</div>
-<a name="skip-navbar_top">
-<!--   -->
-</a></div>
-<!-- ========= END OF TOP NAVBAR ========= -->
-<!-- ======== START OF CLASS DATA ======== -->
-<div class="header">
-<div class="subTitle">org.libjpegturbo.turbojpeg</div>
-<h2 title="Class TJTransformer" class="title">Class TJTransformer</h2>
-</div>
-<div class="contentContainer">
-<ul class="inheritance">
-<li>java.lang.Object</li>
-<li>
-<ul class="inheritance">
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">org.libjpegturbo.turbojpeg.TJDecompressor</a></li>
-<li>
-<ul class="inheritance">
-<li>org.libjpegturbo.turbojpeg.TJTransformer</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-<div class="description">
-<ul class="blockList">
-<li class="blockList">
-<dl>
-<dt>All Implemented Interfaces:</dt>
-<dd>java.io.Closeable, java.lang.AutoCloseable</dd>
-</dl>
-<hr>
-<br>
-<pre>public class <span class="strong">TJTransformer</span>
-extends <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></pre>
-<div class="block">TurboJPEG lossless transformer</div>
-</li>
-</ul>
-</div>
-<div class="summary">
-<ul class="blockList">
-<li class="blockList">
-<!-- =========== FIELD SUMMARY =========== -->
-<ul class="blockList">
-<li class="blockList"><a name="field_summary">
-<!--   -->
-</a>
-<h3>Field Summary</h3>
-<ul class="blockList">
-<li class="blockList"><a name="fields_inherited_from_class_org.libjpegturbo.turbojpeg.TJDecompressor">
-<!--   -->
-</a>
-<h3>Fields inherited from class&nbsp;org.libjpegturbo.turbojpeg.<a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></h3>
-<code><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#handle">handle</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#jpegBuf">jpegBuf</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#jpegBufSize">jpegBufSize</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#jpegColorspace">jpegColorspace</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#jpegHeight">jpegHeight</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#jpegSubsamp">jpegSubsamp</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#jpegWidth">jpegWidth</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#yuvImage">yuvImage</a></code></li>
-</ul>
-</li>
-</ul>
-<!-- ======== CONSTRUCTOR SUMMARY ======== -->
-<ul class="blockList">
-<li class="blockList"><a name="constructor_summary">
-<!--   -->
-</a>
-<h3>Constructor Summary</h3>
-<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Constructor Summary table, listing constructors, and an explanation">
-<caption><span>Constructors</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colOne" scope="col">Constructor and Description</th>
-</tr>
-<tr class="altColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransformer.html#TJTransformer()">TJTransformer</a></strong>()</code>
-<div class="block">Create a TurboJPEG lossless transformer instance.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransformer.html#TJTransformer(byte[])">TJTransformer</a></strong>(byte[]&nbsp;jpegImage)</code>
-<div class="block">Create a TurboJPEG lossless transformer instance and associate the JPEG
- image stored in <code>jpegImage</code> with the newly created instance.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransformer.html#TJTransformer(byte[],%20int)">TJTransformer</a></strong>(byte[]&nbsp;jpegImage,
-             int&nbsp;imageSize)</code>
-<div class="block">Create a TurboJPEG lossless transformer instance and associate the JPEG
- image of length <code>imageSize</code> bytes stored in
- <code>jpegImage</code> with the newly created instance.</div>
-</td>
-</tr>
-</table>
-</li>
-</ul>
-<!-- ========== METHOD SUMMARY =========== -->
-<ul class="blockList">
-<li class="blockList"><a name="method_summary">
-<!--   -->
-</a>
-<h3>Method Summary</h3>
-<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation">
-<caption><span>Methods</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colFirst" scope="col">Modifier and Type</th>
-<th class="colLast" scope="col">Method and Description</th>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>int[]</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransformer.html#getTransformedSizes()">getTransformedSizes</a></strong>()</code>
-<div class="block">Returns an array containing the sizes of the transformed JPEG images
- generated by the most recent transform operation.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransformer.html#transform(byte[][],%20org.libjpegturbo.turbojpeg.TJTransform[],%20int)">transform</a></strong>(byte[][]&nbsp;dstBufs,
-         <a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a>[]&nbsp;transforms,
-         int&nbsp;flags)</code>
-<div class="block">Losslessly transform the JPEG image associated with this transformer
- instance into one or more JPEG images stored in the given destination
- buffers.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a>[]</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/TJTransformer.html#transform(org.libjpegturbo.turbojpeg.TJTransform[],%20int)">transform</a></strong>(<a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a>[]&nbsp;transforms,
-         int&nbsp;flags)</code>
-<div class="block">Losslessly transform the JPEG image associated with this transformer
- instance and return an array of <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg"><code>TJDecompressor</code></a> instances, each of
- which has a transformed JPEG image associated with it.</div>
-</td>
-</tr>
-</table>
-<ul class="blockList">
-<li class="blockList"><a name="methods_inherited_from_class_org.libjpegturbo.turbojpeg.TJDecompressor">
-<!--   -->
-</a>
-<h3>Methods inherited from class&nbsp;org.libjpegturbo.turbojpeg.<a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></h3>
-<code><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#close()">close</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(java.awt.image.BufferedImage,%20int)">decompress</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(byte[],%20int,%20int,%20int,%20int,%20int)">decompress</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(byte[],%20int,%20int,%20int,%20int,%20int,%20int,%20int)">decompress</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(int[],%20int,%20int,%20int,%20int,%20int,%20int,%20int)">decompress</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(int,%20int,%20int,%20int)">decompress</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompress(int,%20int,%20int,%20int,%20int)">decompress</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(byte[],%20int)">decompressToYUV</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(int)">decompressToYUV</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(int,%20int[],%20int,%20int)">decompressToYUV</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(int,%20int,%20int,%20int)">decompressToYUV</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#decompressToYUV(org.libjpegturbo.turbojpeg.YUVImage,%20int)">decompressToYUV</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#finalize()">finalize</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#getColorspace()">getColorspace</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#getHeight()">getHeight</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#getJPEGBuf()">getJPEGBuf</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#getJPEGSize()">getJPEGSize</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#getScaledHeight(int,%20int)">getScaledHeight</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#getScaledWidth(int,%20int)">getScaledWidth</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#getSubsamp()">getSubsamp</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#getWidth()">getWidth</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#setJPEGImage(byte[],%20int)">setJPEGImage</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#setSourceImage(byte[],%20int)">setSourceImage</a>, <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html#setSourceImage(org.libjpegturbo.turbojpeg.YUVImage)">setSourceImage</a></code></li>
-</ul>
-<ul class="blockList">
-<li class="blockList"><a name="methods_inherited_from_class_java.lang.Object">
-<!--   -->
-</a>
-<h3>Methods inherited from class&nbsp;java.lang.Object</h3>
-<code>clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait</code></li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</div>
-<div class="details">
-<ul class="blockList">
-<li class="blockList">
-<!-- ========= CONSTRUCTOR DETAIL ======== -->
-<ul class="blockList">
-<li class="blockList"><a name="constructor_detail">
-<!--   -->
-</a>
-<h3>Constructor Detail</h3>
-<a name="TJTransformer()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>TJTransformer</h4>
-<pre>public&nbsp;TJTransformer()
-              throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Create a TurboJPEG lossless transformer instance.</div>
-<dl><dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="TJTransformer(byte[])">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>TJTransformer</h4>
-<pre>public&nbsp;TJTransformer(byte[]&nbsp;jpegImage)
-              throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Create a TurboJPEG lossless transformer instance and associate the JPEG
- image stored in <code>jpegImage</code> with the newly created instance.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>jpegImage</code> - JPEG image buffer (size of the JPEG image is assumed to
- be the length of the array.)  This buffer is not modified.</dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="TJTransformer(byte[], int)">
-<!--   -->
-</a>
-<ul class="blockListLast">
-<li class="blockList">
-<h4>TJTransformer</h4>
-<pre>public&nbsp;TJTransformer(byte[]&nbsp;jpegImage,
-             int&nbsp;imageSize)
-              throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Create a TurboJPEG lossless transformer instance and associate the JPEG
- image of length <code>imageSize</code> bytes stored in
- <code>jpegImage</code> with the newly created instance.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>jpegImage</code> - JPEG image buffer.  This buffer is not modified.</dd><dd><code>imageSize</code> - size of the JPEG image (in bytes)</dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-</li>
-</ul>
-<!-- ============ METHOD DETAIL ========== -->
-<ul class="blockList">
-<li class="blockList"><a name="method_detail">
-<!--   -->
-</a>
-<h3>Method Detail</h3>
-<a name="transform(byte[][], org.libjpegturbo.turbojpeg.TJTransform[], int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>transform</h4>
-<pre>public&nbsp;void&nbsp;transform(byte[][]&nbsp;dstBufs,
-             <a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a>[]&nbsp;transforms,
-             int&nbsp;flags)
-               throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Losslessly transform the JPEG image associated with this transformer
- instance into one or more JPEG images stored in the given destination
- buffers.  Lossless transforms work by moving the raw coefficients from one
- JPEG image structure to another without altering the values of the
- coefficients.  While this is typically faster than decompressing the
- image, transforming it, and re-compressing it, lossless transforms are not
- free.  Each lossless transform requires reading and performing Huffman
- decoding on all of the coefficients in the source image, regardless of the
- size of the destination image.  Thus, this method provides a means of
- generating multiple transformed images from the same source or of applying
- multiple transformations simultaneously, in order to eliminate the need to
- read the source coefficients multiple times.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>dstBufs</code> - an array of image buffers.  <code>dstbufs[i]</code> will
- receive a JPEG image that has been transformed using the parameters in
- <code>transforms[i]</code>.  Use <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#bufSize(int,%20int,%20int)"><code>TJ.bufSize(int, int, int)</code></a> to determine the
- maximum size for each buffer based on the transformed or cropped width and
- height and the level of subsampling used in the source image.</dd><dd><code>transforms</code> - an array of <a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg"><code>TJTransform</code></a> instances, each of
- which specifies the transform parameters and/or cropping region for the
- corresponding transformed output image</dd><dd><code>flags</code> - the bitwise OR of one or more of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_BOTTOMUP"><code>TJ.FLAG_*</code></a></dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="transform(org.libjpegturbo.turbojpeg.TJTransform[], int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>transform</h4>
-<pre>public&nbsp;<a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a>[]&nbsp;transform(<a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a>[]&nbsp;transforms,
-                         int&nbsp;flags)
-                           throws <a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></pre>
-<div class="block">Losslessly transform the JPEG image associated with this transformer
- instance and return an array of <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg"><code>TJDecompressor</code></a> instances, each of
- which has a transformed JPEG image associated with it.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>transforms</code> - an array of <a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg"><code>TJTransform</code></a> instances, each of
- which specifies the transform parameters and/or cropping region for the
- corresponding transformed output image</dd><dd><code>flags</code> - the bitwise OR of one or more of
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#FLAG_BOTTOMUP"><code>TJ.FLAG_*</code></a></dd>
-<dt><span class="strong">Returns:</span></dt><dd>an array of <a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg"><code>TJDecompressor</code></a> instances, each of
- which has a transformed JPEG image associated with it.</dd>
-<dt><span class="strong">Throws:</span></dt>
-<dd><code><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></code></dd></dl>
-</li>
-</ul>
-<a name="getTransformedSizes()">
-<!--   -->
-</a>
-<ul class="blockListLast">
-<li class="blockList">
-<h4>getTransformedSizes</h4>
-<pre>public&nbsp;int[]&nbsp;getTransformedSizes()</pre>
-<div class="block">Returns an array containing the sizes of the transformed JPEG images
- generated by the most recent transform operation.</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>an array containing the sizes of the transformed JPEG images
- generated by the most recent transform operation.</dd></dl>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</div>
-</div>
-<!-- ========= END OF CLASS DATA ========= -->
-<!-- ======= START OF BOTTOM NAVBAR ====== -->
-<div class="bottomNav"><a name="navbar_bottom">
-<!--   -->
-</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li class="navBarCell1Rev">Class</li>
-<li><a href="package-tree.html">Tree</a></li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Prev Class</span></a></li>
-<li><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Next Class</span></a></li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/TJTransformer.html" target="_top">Frames</a></li>
-<li><a href="TJTransformer.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_bottom">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_bottom");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<div>
-<ul class="subNavList">
-<li>Summary:&nbsp;</li>
-<li>Nested&nbsp;|&nbsp;</li>
-<li><a href="#fields_inherited_from_class_org.libjpegturbo.turbojpeg.TJDecompressor">Field</a>&nbsp;|&nbsp;</li>
-<li><a href="#constructor_summary">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_summary">Method</a></li>
-</ul>
-<ul class="subNavList">
-<li>Detail:&nbsp;</li>
-<li>Field&nbsp;|&nbsp;</li>
-<li><a href="#constructor_detail">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_detail">Method</a></li>
-</ul>
-</div>
-<a name="skip-navbar_bottom">
-<!--   -->
-</a></div>
-<!-- ======== END OF BOTTOM NAVBAR ======= -->
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/YUVImage.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/YUVImage.html
deleted file mode 100644
index d4485ed..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/YUVImage.html
+++ /dev/null
@@ -1,765 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>YUVImage</title>
-<link rel="stylesheet" type="text/css" href="../../../stylesheet.css" title="Style">
-</head>
-<body>
-<script type="text/javascript"><!--
-    try {
-        if (location.href.indexOf('is-external=true') == -1) {
-            parent.document.title="YUVImage";
-        }
-    }
-    catch(err) {
-    }
-//-->
-</script>
-<noscript>
-<div>JavaScript is disabled on your browser.</div>
-</noscript>
-<!-- ========= START OF TOP NAVBAR ======= -->
-<div class="topNav"><a name="navbar_top">
-<!--   -->
-</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li class="navBarCell1Rev">Class</li>
-<li><a href="package-tree.html">Tree</a></li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJTransformer.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Prev Class</span></a></li>
-<li>Next Class</li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/YUVImage.html" target="_top">Frames</a></li>
-<li><a href="YUVImage.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_top">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_top");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<div>
-<ul class="subNavList">
-<li>Summary:&nbsp;</li>
-<li>Nested&nbsp;|&nbsp;</li>
-<li><a href="#field_summary">Field</a>&nbsp;|&nbsp;</li>
-<li><a href="#constructor_summary">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_summary">Method</a></li>
-</ul>
-<ul class="subNavList">
-<li>Detail:&nbsp;</li>
-<li><a href="#field_detail">Field</a>&nbsp;|&nbsp;</li>
-<li><a href="#constructor_detail">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_detail">Method</a></li>
-</ul>
-</div>
-<a name="skip-navbar_top">
-<!--   -->
-</a></div>
-<!-- ========= END OF TOP NAVBAR ========= -->
-<!-- ======== START OF CLASS DATA ======== -->
-<div class="header">
-<div class="subTitle">org.libjpegturbo.turbojpeg</div>
-<h2 title="Class YUVImage" class="title">Class YUVImage</h2>
-</div>
-<div class="contentContainer">
-<ul class="inheritance">
-<li>java.lang.Object</li>
-<li>
-<ul class="inheritance">
-<li>org.libjpegturbo.turbojpeg.YUVImage</li>
-</ul>
-</li>
-</ul>
-<div class="description">
-<ul class="blockList">
-<li class="blockList">
-<hr>
-<br>
-<pre>public class <span class="strong">YUVImage</span>
-extends java.lang.Object</pre>
-<div class="block">This class encapsulates a YUV planar image and the metadata
- associated with it.  The TurboJPEG API allows both the JPEG compression and
- decompression pipelines to be split into stages:  YUV encode, compress from
- YUV, decompress to YUV, and YUV decode.  A <code>YUVImage</code> instance
- serves as the destination image for YUV encode and decompress-to-YUV
- operations and as the source image for compress-from-YUV and YUV decode
- operations.
- <p>
- Technically, the JPEG format uses the YCbCr colorspace (which technically is
- not a "colorspace" but rather a "color transform"), but per the convention
- of the digital video community, the TurboJPEG API uses "YUV" to refer to an
- image format consisting of Y, Cb, and Cr image planes.
- <p>
- Each plane is simply a 2D array of bytes, each byte representing the value
- of one of the components (Y, Cb, or Cr) at a particular location in the
- image.  The width and height of each plane are determined by the image
- width, height, and level of chrominance subsampling.  The luminance plane
- width is the image width padded to the nearest multiple of the horizontal
- subsampling factor (2 in the case of 4:2:0 and 4:2:2, 4 in the case of
- 4:1:1, 1 in the case of 4:4:4 or grayscale.)  Similarly, the luminance plane
- height is the image height padded to the nearest multiple of the vertical
- subsampling factor (2 in the case of 4:2:0 or 4:4:0, 1 in the case of 4:4:4
- or grayscale.)  The chrominance plane width is equal to the luminance plane
- width divided by the horizontal subsampling factor, and the chrominance
- plane height is equal to the luminance plane height divided by the vertical
- subsampling factor.
- <p>
- For example, if the source image is 35 x 35 pixels and 4:2:2 subsampling is
- used, then the luminance plane would be 36 x 35 bytes, and each of the
- chrominance planes would be 18 x 35 bytes.  If you specify a line padding of
- 4 bytes on top of this, then the luminance plane would be 36 x 35 bytes, and
- each of the chrominance planes would be 20 x 35 bytes.</div>
-</li>
-</ul>
-</div>
-<div class="summary">
-<ul class="blockList">
-<li class="blockList">
-<!-- =========== FIELD SUMMARY =========== -->
-<ul class="blockList">
-<li class="blockList"><a name="field_summary">
-<!--   -->
-</a>
-<h3>Field Summary</h3>
-<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Field Summary table, listing fields, and an explanation">
-<caption><span>Fields</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colFirst" scope="col">Modifier and Type</th>
-<th class="colLast" scope="col">Field and Description</th>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>protected long</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#handle">handle</a></strong></code>&nbsp;</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>protected int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#yuvHeight">yuvHeight</a></strong></code>&nbsp;</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>protected int[]</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#yuvOffsets">yuvOffsets</a></strong></code>&nbsp;</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>protected int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#yuvPad">yuvPad</a></strong></code>&nbsp;</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>protected byte[][]</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#yuvPlanes">yuvPlanes</a></strong></code>&nbsp;</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>protected int[]</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#yuvStrides">yuvStrides</a></strong></code>&nbsp;</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>protected int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#yuvSubsamp">yuvSubsamp</a></strong></code>&nbsp;</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>protected int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#yuvWidth">yuvWidth</a></strong></code>&nbsp;</td>
-</tr>
-</table>
-</li>
-</ul>
-<!-- ======== CONSTRUCTOR SUMMARY ======== -->
-<ul class="blockList">
-<li class="blockList"><a name="constructor_summary">
-<!--   -->
-</a>
-<h3>Constructor Summary</h3>
-<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Constructor Summary table, listing constructors, and an explanation">
-<caption><span>Constructors</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colOne" scope="col">Constructor and Description</th>
-</tr>
-<tr class="altColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#YUVImage(byte[][],%20int[],%20int,%20int[],%20int,%20int)">YUVImage</a></strong>(byte[][]&nbsp;planes,
-        int[]&nbsp;offsets,
-        int&nbsp;width,
-        int[]&nbsp;strides,
-        int&nbsp;height,
-        int&nbsp;subsamp)</code>
-<div class="block">Create a new <code>YUVImage</code> instance from a set of existing image
- planes.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#YUVImage(byte[],%20int,%20int,%20int,%20int)">YUVImage</a></strong>(byte[]&nbsp;yuvImage,
-        int&nbsp;width,
-        int&nbsp;pad,
-        int&nbsp;height,
-        int&nbsp;subsamp)</code>
-<div class="block">Create a new <code>YUVImage</code> instance from an existing unified image
- buffer.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#YUVImage(int,%20int[],%20int,%20int)">YUVImage</a></strong>(int&nbsp;width,
-        int[]&nbsp;strides,
-        int&nbsp;height,
-        int&nbsp;subsamp)</code>
-<div class="block">Create a new <code>YUVImage</code> instance backed by separate image
- planes, and allocate memory for the image planes.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colOne"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#YUVImage(int,%20int,%20int,%20int)">YUVImage</a></strong>(int&nbsp;width,
-        int&nbsp;pad,
-        int&nbsp;height,
-        int&nbsp;subsamp)</code>
-<div class="block">Create a new <code>YUVImage</code> instance backed by a unified image
- buffer, and allocate memory for the image buffer.</div>
-</td>
-</tr>
-</table>
-</li>
-</ul>
-<!-- ========== METHOD SUMMARY =========== -->
-<ul class="blockList">
-<li class="blockList"><a name="method_summary">
-<!--   -->
-</a>
-<h3>Method Summary</h3>
-<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation">
-<caption><span>Methods</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colFirst" scope="col">Modifier and Type</th>
-<th class="colLast" scope="col">Method and Description</th>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>byte[]</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#getBuf()">getBuf</a></strong>()</code>
-<div class="block">Returns the YUV image buffer (if this image is stored in a unified
- buffer rather than separate image planes.)</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#getHeight()">getHeight</a></strong>()</code>
-<div class="block">Returns the height of the YUV image (or subregion.)</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>int[]</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#getOffsets()">getOffsets</a></strong>()</code>
-<div class="block">Returns the offsets (in bytes) of each plane within the planes of a larger
- YUV image.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#getPad()">getPad</a></strong>()</code>
-<div class="block">Returns the line padding used in the YUV image buffer (if this image is
- stored in a unified buffer rather than separate image planes.)</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>byte[][]</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#getPlanes()">getPlanes</a></strong>()</code>
-<div class="block">Returns the YUV image planes.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#getSize()">getSize</a></strong>()</code>
-<div class="block">Returns the size (in bytes) of the YUV image buffer (if this image is
- stored in a unified buffer rather than separate image planes.)</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>int[]</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#getStrides()">getStrides</a></strong>()</code>
-<div class="block">Returns the number of bytes per line of each plane in the YUV image.</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#getSubsamp()">getSubsamp</a></strong>()</code>
-<div class="block">Returns the level of chrominance subsampling used in the YUV image.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>int</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#getWidth()">getWidth</a></strong>()</code>
-<div class="block">Returns the width of the YUV image (or subregion.)</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#setBuf(byte[][],%20int[],%20int,%20int[],%20int,%20int)">setBuf</a></strong>(byte[][]&nbsp;planes,
-      int[]&nbsp;offsets,
-      int&nbsp;width,
-      int[]&nbsp;strides,
-      int&nbsp;height,
-      int&nbsp;subsamp)</code>
-<div class="block">Assign a set of image planes to this <code>YUVImage</code> instance.</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><code>void</code></td>
-<td class="colLast"><code><strong><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html#setBuf(byte[],%20int,%20int,%20int,%20int)">setBuf</a></strong>(byte[]&nbsp;yuvImage,
-      int&nbsp;width,
-      int&nbsp;pad,
-      int&nbsp;height,
-      int&nbsp;subsamp)</code>
-<div class="block">Assign a unified image buffer to this <code>YUVImage</code> instance.</div>
-</td>
-</tr>
-</table>
-<ul class="blockList">
-<li class="blockList"><a name="methods_inherited_from_class_java.lang.Object">
-<!--   -->
-</a>
-<h3>Methods inherited from class&nbsp;java.lang.Object</h3>
-<code>clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait</code></li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</div>
-<div class="details">
-<ul class="blockList">
-<li class="blockList">
-<!-- ============ FIELD DETAIL =========== -->
-<ul class="blockList">
-<li class="blockList"><a name="field_detail">
-<!--   -->
-</a>
-<h3>Field Detail</h3>
-<a name="handle">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>handle</h4>
-<pre>protected&nbsp;long handle</pre>
-</li>
-</ul>
-<a name="yuvPlanes">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>yuvPlanes</h4>
-<pre>protected&nbsp;byte[][] yuvPlanes</pre>
-</li>
-</ul>
-<a name="yuvOffsets">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>yuvOffsets</h4>
-<pre>protected&nbsp;int[] yuvOffsets</pre>
-</li>
-</ul>
-<a name="yuvStrides">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>yuvStrides</h4>
-<pre>protected&nbsp;int[] yuvStrides</pre>
-</li>
-</ul>
-<a name="yuvPad">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>yuvPad</h4>
-<pre>protected&nbsp;int yuvPad</pre>
-</li>
-</ul>
-<a name="yuvWidth">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>yuvWidth</h4>
-<pre>protected&nbsp;int yuvWidth</pre>
-</li>
-</ul>
-<a name="yuvHeight">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>yuvHeight</h4>
-<pre>protected&nbsp;int yuvHeight</pre>
-</li>
-</ul>
-<a name="yuvSubsamp">
-<!--   -->
-</a>
-<ul class="blockListLast">
-<li class="blockList">
-<h4>yuvSubsamp</h4>
-<pre>protected&nbsp;int yuvSubsamp</pre>
-</li>
-</ul>
-</li>
-</ul>
-<!-- ========= CONSTRUCTOR DETAIL ======== -->
-<ul class="blockList">
-<li class="blockList"><a name="constructor_detail">
-<!--   -->
-</a>
-<h3>Constructor Detail</h3>
-<a name="YUVImage(int, int[], int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>YUVImage</h4>
-<pre>public&nbsp;YUVImage(int&nbsp;width,
-        int[]&nbsp;strides,
-        int&nbsp;height,
-        int&nbsp;subsamp)</pre>
-<div class="block">Create a new <code>YUVImage</code> instance backed by separate image
- planes, and allocate memory for the image planes.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>width</code> - width (in pixels) of the YUV image</dd><dd><code>strides</code> - an array of integers, each specifying the number of bytes
- per line in the corresponding plane of the YUV image.  Setting the stride
- for any plane to 0 is the same as setting it to the plane width (see
- <a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg"><code>above</code></a>.)  If <code>strides</code> is null, then the
- strides for all planes will be set to their respective plane widths.  When
- using this constructor, the stride for each plane must be equal to or
- greater than the plane width.</dd><dd><code>height</code> - height (in pixels) of the YUV image</dd><dd><code>subsamp</code> - the level of chrominance subsampling to be used in the YUV
- image (one of <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#SAMP_444"><code>TJ.SAMP_*</code></a>)</dd></dl>
-</li>
-</ul>
-<a name="YUVImage(int, int, int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>YUVImage</h4>
-<pre>public&nbsp;YUVImage(int&nbsp;width,
-        int&nbsp;pad,
-        int&nbsp;height,
-        int&nbsp;subsamp)</pre>
-<div class="block">Create a new <code>YUVImage</code> instance backed by a unified image
- buffer, and allocate memory for the image buffer.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>width</code> - width (in pixels) of the YUV image</dd><dd><code>pad</code> - Each line of each plane in the YUV image buffer will be padded
- to this number of bytes (must be a power of 2.)</dd><dd><code>height</code> - height (in pixels) of the YUV image</dd><dd><code>subsamp</code> - the level of chrominance subsampling to be used in the YUV
- image (one of <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#SAMP_444"><code>TJ.SAMP_*</code></a>)</dd></dl>
-</li>
-</ul>
-<a name="YUVImage(byte[][], int[], int, int[], int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>YUVImage</h4>
-<pre>public&nbsp;YUVImage(byte[][]&nbsp;planes,
-        int[]&nbsp;offsets,
-        int&nbsp;width,
-        int[]&nbsp;strides,
-        int&nbsp;height,
-        int&nbsp;subsamp)</pre>
-<div class="block">Create a new <code>YUVImage</code> instance from a set of existing image
- planes.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>planes</code> - an array of buffers representing the Y, U (Cb), and V (Cr)
- image planes (or just the Y plane, if the image is grayscale.)   These
- planes can be contiguous or non-contiguous in memory.  Plane
- <code>i</code> should be at least <code>offsets[i] +
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#planeSizeYUV(int,%20int,%20int,%20int,%20int)"><code>TJ.planeSizeYUV</code></a>(i, width, strides[i], height, subsamp)</code>
- bytes in size.</dd><dd><code>offsets</code> - If this <code>YUVImage</code> instance represents a
- subregion of a larger image, then <code>offsets[i]</code> specifies the
- offset (in bytes) of the subregion within plane <code>i</code> of the
- larger image.  Setting this to null is the same as setting the offsets for
- all planes to 0.</dd><dd><code>width</code> - width (in pixels) of the new YUV image (or subregion)</dd><dd><code>strides</code> - an array of integers, each specifying the number of bytes
- per line in the corresponding plane of the YUV image.  Setting the stride
- for any plane to 0 is the same as setting it to the plane width (see
- <a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg"><code>above</code></a>.)  If <code>strides</code> is null, then the
- strides for all planes will be set to their respective plane widths.  You
- can adjust the strides in order to add an arbitrary amount of line padding
- to each plane or to specify that this <code>YUVImage</code> instance is a
- subregion of a larger image (in which case, <code>strides[i]</code> should
- be set to the plane width of plane <code>i</code> in the larger image.)</dd><dd><code>height</code> - height (in pixels) of the new YUV image (or subregion)</dd><dd><code>subsamp</code> - the level of chrominance subsampling used in the YUV
- image (one of <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#SAMP_444"><code>TJ.SAMP_*</code></a>)</dd></dl>
-</li>
-</ul>
-<a name="YUVImage(byte[], int, int, int, int)">
-<!--   -->
-</a>
-<ul class="blockListLast">
-<li class="blockList">
-<h4>YUVImage</h4>
-<pre>public&nbsp;YUVImage(byte[]&nbsp;yuvImage,
-        int&nbsp;width,
-        int&nbsp;pad,
-        int&nbsp;height,
-        int&nbsp;subsamp)</pre>
-<div class="block">Create a new <code>YUVImage</code> instance from an existing unified image
- buffer.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>yuvImage</code> - image buffer that contains or will contain YUV planar
- image data.  Use <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#bufSizeYUV(int,%20int,%20int,%20int)"><code>TJ.bufSizeYUV(int, int, int, int)</code></a> to determine the minimum size for
- this buffer.  The Y, U (Cb), and V (Cr) image planes are stored
- sequentially in the buffer (see <a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg"><code>above</code></a> for a description
- of the image format.)</dd><dd><code>width</code> - width (in pixels) of the YUV image</dd><dd><code>pad</code> - the line padding used in the YUV image buffer.  For
- instance, if each line in each plane of the buffer is padded to the
- nearest multiple of 4 bytes, then <code>pad</code> should be set to 4.</dd><dd><code>height</code> - height (in pixels) of the YUV image</dd><dd><code>subsamp</code> - the level of chrominance subsampling used in the YUV
- image (one of <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#SAMP_444"><code>TJ.SAMP_*</code></a>)</dd></dl>
-</li>
-</ul>
-</li>
-</ul>
-<!-- ============ METHOD DETAIL ========== -->
-<ul class="blockList">
-<li class="blockList"><a name="method_detail">
-<!--   -->
-</a>
-<h3>Method Detail</h3>
-<a name="setBuf(byte[][], int[], int, int[], int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>setBuf</h4>
-<pre>public&nbsp;void&nbsp;setBuf(byte[][]&nbsp;planes,
-          int[]&nbsp;offsets,
-          int&nbsp;width,
-          int[]&nbsp;strides,
-          int&nbsp;height,
-          int&nbsp;subsamp)</pre>
-<div class="block">Assign a set of image planes to this <code>YUVImage</code> instance.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>planes</code> - an array of buffers representing the Y, U (Cb), and V (Cr)
- image planes (or just the Y plane, if the image is grayscale.)  These
- planes can be contiguous or non-contiguous in memory.  Plane
- <code>i</code> should be at least <code>offsets[i] +
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#planeSizeYUV(int,%20int,%20int,%20int,%20int)"><code>TJ.planeSizeYUV</code></a>(i, width, strides[i], height, subsamp)</code>
- bytes in size.</dd><dd><code>offsets</code> - If this <code>YUVImage</code> instance represents a
- subregion of a larger image, then <code>offsets[i]</code> specifies the
- offset (in bytes) of the subregion within plane <code>i</code> of the
- larger image.  Setting this to null is the same as setting the offsets for
- all planes to 0.</dd><dd><code>width</code> - width (in pixels) of the YUV image (or subregion)</dd><dd><code>strides</code> - an array of integers, each specifying the number of bytes
- per line in the corresponding plane of the YUV image.  Setting the stride
- for any plane to 0 is the same as setting it to the plane width (see
- <a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg"><code>above</code></a>.)  If <code>strides</code> is null, then the
- strides for all planes will be set to their respective plane widths.  You
- can adjust the strides in order to add an arbitrary amount of line padding
- to each plane or to specify that this <code>YUVImage</code> image is a
- subregion of a larger image (in which case, <code>strides[i]</code> should
- be set to the plane width of plane <code>i</code> in the larger image.)</dd><dd><code>height</code> - height (in pixels) of the YUV image (or subregion)</dd><dd><code>subsamp</code> - the level of chrominance subsampling used in the YUV
- image (one of <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#SAMP_444"><code>TJ.SAMP_*</code></a>)</dd></dl>
-</li>
-</ul>
-<a name="setBuf(byte[], int, int, int, int)">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>setBuf</h4>
-<pre>public&nbsp;void&nbsp;setBuf(byte[]&nbsp;yuvImage,
-          int&nbsp;width,
-          int&nbsp;pad,
-          int&nbsp;height,
-          int&nbsp;subsamp)</pre>
-<div class="block">Assign a unified image buffer to this <code>YUVImage</code> instance.</div>
-<dl><dt><span class="strong">Parameters:</span></dt><dd><code>yuvImage</code> - image buffer that contains or will contain YUV planar
- image data.  Use <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#bufSizeYUV(int,%20int,%20int,%20int)"><code>TJ.bufSizeYUV(int, int, int, int)</code></a> to determine the minimum size for
- this buffer.  The Y, U (Cb), and V (Cr) image planes are stored
- sequentially in the buffer (see <a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg"><code>above</code></a> for a description
- of the image format.)</dd><dd><code>width</code> - width (in pixels) of the YUV image</dd><dd><code>pad</code> - the line padding used in the YUV image buffer.  For
- instance, if each line in each plane of the buffer is padded to the
- nearest multiple of 4 bytes, then <code>pad</code> should be set to 4.</dd><dd><code>height</code> - height (in pixels) of the YUV image</dd><dd><code>subsamp</code> - the level of chrominance subsampling used in the YUV
- image (one of <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#SAMP_444"><code>TJ.SAMP_*</code></a>)</dd></dl>
-</li>
-</ul>
-<a name="getWidth()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getWidth</h4>
-<pre>public&nbsp;int&nbsp;getWidth()</pre>
-<div class="block">Returns the width of the YUV image (or subregion.)</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>the width of the YUV image (or subregion)</dd></dl>
-</li>
-</ul>
-<a name="getHeight()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getHeight</h4>
-<pre>public&nbsp;int&nbsp;getHeight()</pre>
-<div class="block">Returns the height of the YUV image (or subregion.)</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>the height of the YUV image (or subregion)</dd></dl>
-</li>
-</ul>
-<a name="getPad()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getPad</h4>
-<pre>public&nbsp;int&nbsp;getPad()</pre>
-<div class="block">Returns the line padding used in the YUV image buffer (if this image is
- stored in a unified buffer rather than separate image planes.)</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>the line padding used in the YUV image buffer</dd></dl>
-</li>
-</ul>
-<a name="getStrides()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getStrides</h4>
-<pre>public&nbsp;int[]&nbsp;getStrides()</pre>
-<div class="block">Returns the number of bytes per line of each plane in the YUV image.</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>the number of bytes per line of each plane in the YUV image</dd></dl>
-</li>
-</ul>
-<a name="getOffsets()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getOffsets</h4>
-<pre>public&nbsp;int[]&nbsp;getOffsets()</pre>
-<div class="block">Returns the offsets (in bytes) of each plane within the planes of a larger
- YUV image.</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>the offsets (in bytes) of each plane within the planes of a larger
- YUV image</dd></dl>
-</li>
-</ul>
-<a name="getSubsamp()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getSubsamp</h4>
-<pre>public&nbsp;int&nbsp;getSubsamp()</pre>
-<div class="block">Returns the level of chrominance subsampling used in the YUV image.  See
- <a href="../../../org/libjpegturbo/turbojpeg/TJ.html#SAMP_444"><code>TJ.SAMP_*</code></a>.</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>the level of chrominance subsampling used in the YUV image</dd></dl>
-</li>
-</ul>
-<a name="getPlanes()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getPlanes</h4>
-<pre>public&nbsp;byte[][]&nbsp;getPlanes()</pre>
-<div class="block">Returns the YUV image planes.  If the image is stored in a unified buffer,
- then all image planes will point to that buffer.</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>the YUV image planes</dd></dl>
-</li>
-</ul>
-<a name="getBuf()">
-<!--   -->
-</a>
-<ul class="blockList">
-<li class="blockList">
-<h4>getBuf</h4>
-<pre>public&nbsp;byte[]&nbsp;getBuf()</pre>
-<div class="block">Returns the YUV image buffer (if this image is stored in a unified
- buffer rather than separate image planes.)</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>the YUV image buffer</dd></dl>
-</li>
-</ul>
-<a name="getSize()">
-<!--   -->
-</a>
-<ul class="blockListLast">
-<li class="blockList">
-<h4>getSize</h4>
-<pre>public&nbsp;int&nbsp;getSize()</pre>
-<div class="block">Returns the size (in bytes) of the YUV image buffer (if this image is
- stored in a unified buffer rather than separate image planes.)</div>
-<dl><dt><span class="strong">Returns:</span></dt><dd>the size (in bytes) of the YUV image buffer</dd></dl>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</div>
-</div>
-<!-- ========= END OF CLASS DATA ========= -->
-<!-- ======= START OF BOTTOM NAVBAR ====== -->
-<div class="bottomNav"><a name="navbar_bottom">
-<!--   -->
-</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li class="navBarCell1Rev">Class</li>
-<li><a href="package-tree.html">Tree</a></li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li><a href="../../../org/libjpegturbo/turbojpeg/TJTransformer.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">Prev Class</span></a></li>
-<li>Next Class</li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/YUVImage.html" target="_top">Frames</a></li>
-<li><a href="YUVImage.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_bottom">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_bottom");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<div>
-<ul class="subNavList">
-<li>Summary:&nbsp;</li>
-<li>Nested&nbsp;|&nbsp;</li>
-<li><a href="#field_summary">Field</a>&nbsp;|&nbsp;</li>
-<li><a href="#constructor_summary">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_summary">Method</a></li>
-</ul>
-<ul class="subNavList">
-<li>Detail:&nbsp;</li>
-<li><a href="#field_detail">Field</a>&nbsp;|&nbsp;</li>
-<li><a href="#constructor_detail">Constr</a>&nbsp;|&nbsp;</li>
-<li><a href="#method_detail">Method</a></li>
-</ul>
-</div>
-<a name="skip-navbar_bottom">
-<!--   -->
-</a></div>
-<!-- ======== END OF BOTTOM NAVBAR ======= -->
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/package-frame.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/package-frame.html
deleted file mode 100644
index 08a8bf8..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/package-frame.html
+++ /dev/null
@@ -1,31 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>org.libjpegturbo.turbojpeg</title>
-<link rel="stylesheet" type="text/css" href="../../../stylesheet.css" title="Style">
-</head>
-<body>
-<h1 class="bar"><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html" target="classFrame">org.libjpegturbo.turbojpeg</a></h1>
-<div class="indexContainer">
-<h2 title="Interfaces">Interfaces</h2>
-<ul title="Interfaces">
-<li><a href="TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg" target="classFrame"><i>TJCustomFilter</i></a></li>
-</ul>
-<h2 title="Classes">Classes</h2>
-<ul title="Classes">
-<li><a href="TJ.html" title="class in org.libjpegturbo.turbojpeg" target="classFrame">TJ</a></li>
-<li><a href="TJCompressor.html" title="class in org.libjpegturbo.turbojpeg" target="classFrame">TJCompressor</a></li>
-<li><a href="TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg" target="classFrame">TJDecompressor</a></li>
-<li><a href="TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg" target="classFrame">TJScalingFactor</a></li>
-<li><a href="TJTransform.html" title="class in org.libjpegturbo.turbojpeg" target="classFrame">TJTransform</a></li>
-<li><a href="TJTransformer.html" title="class in org.libjpegturbo.turbojpeg" target="classFrame">TJTransformer</a></li>
-<li><a href="YUVImage.html" title="class in org.libjpegturbo.turbojpeg" target="classFrame">YUVImage</a></li>
-</ul>
-<h2 title="Exceptions">Exceptions</h2>
-<ul title="Exceptions">
-<li><a href="TJException.html" title="class in org.libjpegturbo.turbojpeg" target="classFrame">TJException</a></li>
-</ul>
-</div>
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/package-summary.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/package-summary.html
deleted file mode 100644
index dedcce5..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/package-summary.html
+++ /dev/null
@@ -1,202 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>org.libjpegturbo.turbojpeg</title>
-<link rel="stylesheet" type="text/css" href="../../../stylesheet.css" title="Style">
-</head>
-<body>
-<script type="text/javascript"><!--
-    try {
-        if (location.href.indexOf('is-external=true') == -1) {
-            parent.document.title="org.libjpegturbo.turbojpeg";
-        }
-    }
-    catch(err) {
-    }
-//-->
-</script>
-<noscript>
-<div>JavaScript is disabled on your browser.</div>
-</noscript>
-<!-- ========= START OF TOP NAVBAR ======= -->
-<div class="topNav"><a name="navbar_top">
-<!--   -->
-</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li>Class</li>
-<li><a href="package-tree.html">Tree</a></li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li>Prev Package</li>
-<li>Next Package</li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/package-summary.html" target="_top">Frames</a></li>
-<li><a href="package-summary.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_top">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_top");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<a name="skip-navbar_top">
-<!--   -->
-</a></div>
-<!-- ========= END OF TOP NAVBAR ========= -->
-<div class="header">
-<h1 title="Package" class="title">Package&nbsp;org.libjpegturbo.turbojpeg</h1>
-</div>
-<div class="contentContainer">
-<ul class="blockList">
-<li class="blockList">
-<table class="packageSummary" border="0" cellpadding="3" cellspacing="0" summary="Interface Summary table, listing interfaces, and an explanation">
-<caption><span>Interface Summary</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colFirst" scope="col">Interface</th>
-<th class="colLast" scope="col">Description</th>
-</tr>
-<tbody>
-<tr class="altColor">
-<td class="colFirst"><a href="../../../org/libjpegturbo/turbojpeg/TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg">TJCustomFilter</a></td>
-<td class="colLast">
-<div class="block">Custom filter callback interface</div>
-</td>
-</tr>
-</tbody>
-</table>
-</li>
-<li class="blockList">
-<table class="packageSummary" border="0" cellpadding="3" cellspacing="0" summary="Class Summary table, listing classes, and an explanation">
-<caption><span>Class Summary</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colFirst" scope="col">Class</th>
-<th class="colLast" scope="col">Description</th>
-</tr>
-<tbody>
-<tr class="altColor">
-<td class="colFirst"><a href="../../../org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg">TJ</a></td>
-<td class="colLast">
-<div class="block">TurboJPEG utility class (cannot be instantiated)</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg">TJCompressor</a></td>
-<td class="colLast">
-<div class="block">TurboJPEG compressor</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg">TJDecompressor</a></td>
-<td class="colLast">
-<div class="block">TurboJPEG decompressor</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a href="../../../org/libjpegturbo/turbojpeg/TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg">TJScalingFactor</a></td>
-<td class="colLast">
-<div class="block">Fractional scaling factor</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">TJTransform</a></td>
-<td class="colLast">
-<div class="block">Lossless transform parameters</div>
-</td>
-</tr>
-<tr class="rowColor">
-<td class="colFirst"><a href="../../../org/libjpegturbo/turbojpeg/TJTransformer.html" title="class in org.libjpegturbo.turbojpeg">TJTransformer</a></td>
-<td class="colLast">
-<div class="block">TurboJPEG lossless transformer</div>
-</td>
-</tr>
-<tr class="altColor">
-<td class="colFirst"><a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg">YUVImage</a></td>
-<td class="colLast">
-<div class="block">This class encapsulates a YUV planar image and the metadata
- associated with it.</div>
-</td>
-</tr>
-</tbody>
-</table>
-</li>
-<li class="blockList">
-<table class="packageSummary" border="0" cellpadding="3" cellspacing="0" summary="Exception Summary table, listing exceptions, and an explanation">
-<caption><span>Exception Summary</span><span class="tabEnd">&nbsp;</span></caption>
-<tr>
-<th class="colFirst" scope="col">Exception</th>
-<th class="colLast" scope="col">Description</th>
-</tr>
-<tbody>
-<tr class="altColor">
-<td class="colFirst"><a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">TJException</a></td>
-<td class="colLast">&nbsp;</td>
-</tr>
-</tbody>
-</table>
-</li>
-</ul>
-</div>
-<!-- ======= START OF BOTTOM NAVBAR ====== -->
-<div class="bottomNav"><a name="navbar_bottom">
-<!--   -->
-</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li>Class</li>
-<li><a href="package-tree.html">Tree</a></li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li>Prev Package</li>
-<li>Next Package</li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/package-summary.html" target="_top">Frames</a></li>
-<li><a href="package-summary.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_bottom">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_bottom");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<a name="skip-navbar_bottom">
-<!--   -->
-</a></div>
-<!-- ======== END OF BOTTOM NAVBAR ======= -->
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/package-tree.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/package-tree.html
deleted file mode 100644
index 5f0f8c3..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/org/libjpegturbo/turbojpeg/package-tree.html
+++ /dev/null
@@ -1,160 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>org.libjpegturbo.turbojpeg Class Hierarchy</title>
-<link rel="stylesheet" type="text/css" href="../../../stylesheet.css" title="Style">
-</head>
-<body>
-<script type="text/javascript"><!--
-    try {
-        if (location.href.indexOf('is-external=true') == -1) {
-            parent.document.title="org.libjpegturbo.turbojpeg Class Hierarchy";
-        }
-    }
-    catch(err) {
-    }
-//-->
-</script>
-<noscript>
-<div>JavaScript is disabled on your browser.</div>
-</noscript>
-<!-- ========= START OF TOP NAVBAR ======= -->
-<div class="topNav"><a name="navbar_top">
-<!--   -->
-</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li>Class</li>
-<li class="navBarCell1Rev">Tree</li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li>Prev</li>
-<li>Next</li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/package-tree.html" target="_top">Frames</a></li>
-<li><a href="package-tree.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_top">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_top");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<a name="skip-navbar_top">
-<!--   -->
-</a></div>
-<!-- ========= END OF TOP NAVBAR ========= -->
-<div class="header">
-<h1 class="title">Hierarchy For Package org.libjpegturbo.turbojpeg</h1>
-</div>
-<div class="contentContainer">
-<h2 title="Class Hierarchy">Class Hierarchy</h2>
-<ul>
-<li type="circle">java.lang.Object
-<ul>
-<li type="circle">java.awt.geom.RectangularShape (implements java.lang.Cloneable, java.awt.Shape)
-<ul>
-<li type="circle">java.awt.geom.Rectangle2D
-<ul>
-<li type="circle">java.awt.Rectangle (implements java.io.Serializable, java.awt.Shape)
-<ul>
-<li type="circle">org.libjpegturbo.turbojpeg.<a href="../../../org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJTransform</span></a></li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-<li type="circle">java.lang.Throwable (implements java.io.Serializable)
-<ul>
-<li type="circle">java.lang.Exception
-<ul>
-<li type="circle">java.io.IOException
-<ul>
-<li type="circle">org.libjpegturbo.turbojpeg.<a href="../../../org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJException</span></a></li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-<li type="circle">org.libjpegturbo.turbojpeg.<a href="../../../org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJ</span></a></li>
-<li type="circle">org.libjpegturbo.turbojpeg.<a href="../../../org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJCompressor</span></a> (implements java.io.Closeable)</li>
-<li type="circle">org.libjpegturbo.turbojpeg.<a href="../../../org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJDecompressor</span></a> (implements java.io.Closeable)
-<ul>
-<li type="circle">org.libjpegturbo.turbojpeg.<a href="../../../org/libjpegturbo/turbojpeg/TJTransformer.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJTransformer</span></a></li>
-</ul>
-</li>
-<li type="circle">org.libjpegturbo.turbojpeg.<a href="../../../org/libjpegturbo/turbojpeg/TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJScalingFactor</span></a></li>
-<li type="circle">org.libjpegturbo.turbojpeg.<a href="../../../org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">YUVImage</span></a></li>
-</ul>
-</li>
-</ul>
-<h2 title="Interface Hierarchy">Interface Hierarchy</h2>
-<ul>
-<li type="circle">org.libjpegturbo.turbojpeg.<a href="../../../org/libjpegturbo/turbojpeg/TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg"><span class="strong">TJCustomFilter</span></a></li>
-</ul>
-</div>
-<!-- ======= START OF BOTTOM NAVBAR ====== -->
-<div class="bottomNav"><a name="navbar_bottom">
-<!--   -->
-</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="../../../org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li>Class</li>
-<li class="navBarCell1Rev">Tree</li>
-<li><a href="../../../deprecated-list.html">Deprecated</a></li>
-<li><a href="../../../index-all.html">Index</a></li>
-<li><a href="../../../help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li>Prev</li>
-<li>Next</li>
-</ul>
-<ul class="navList">
-<li><a href="../../../index.html?org/libjpegturbo/turbojpeg/package-tree.html" target="_top">Frames</a></li>
-<li><a href="package-tree.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_bottom">
-<li><a href="../../../allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_bottom");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<a name="skip-navbar_bottom">
-<!--   -->
-</a></div>
-<!-- ======== END OF BOTTOM NAVBAR ======= -->
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/overview-tree.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/overview-tree.html
deleted file mode 100644
index b659995..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/overview-tree.html
+++ /dev/null
@@ -1,164 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>Class Hierarchy</title>
-<link rel="stylesheet" type="text/css" href="stylesheet.css" title="Style">
-</head>
-<body>
-<script type="text/javascript"><!--
-    try {
-        if (location.href.indexOf('is-external=true') == -1) {
-            parent.document.title="Class Hierarchy";
-        }
-    }
-    catch(err) {
-    }
-//-->
-</script>
-<noscript>
-<div>JavaScript is disabled on your browser.</div>
-</noscript>
-<!-- ========= START OF TOP NAVBAR ======= -->
-<div class="topNav"><a name="navbar_top">
-<!--   -->
-</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li>Class</li>
-<li class="navBarCell1Rev">Tree</li>
-<li><a href="deprecated-list.html">Deprecated</a></li>
-<li><a href="index-all.html">Index</a></li>
-<li><a href="help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li>Prev</li>
-<li>Next</li>
-</ul>
-<ul class="navList">
-<li><a href="index.html?overview-tree.html" target="_top">Frames</a></li>
-<li><a href="overview-tree.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_top">
-<li><a href="allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_top");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<a name="skip-navbar_top">
-<!--   -->
-</a></div>
-<!-- ========= END OF TOP NAVBAR ========= -->
-<div class="header">
-<h1 class="title">Hierarchy For All Packages</h1>
-<span class="strong">Package Hierarchies:</span>
-<ul class="horizontal">
-<li><a href="org/libjpegturbo/turbojpeg/package-tree.html">org.libjpegturbo.turbojpeg</a></li>
-</ul>
-</div>
-<div class="contentContainer">
-<h2 title="Class Hierarchy">Class Hierarchy</h2>
-<ul>
-<li type="circle">java.lang.Object
-<ul>
-<li type="circle">java.awt.geom.RectangularShape (implements java.lang.Cloneable, java.awt.Shape)
-<ul>
-<li type="circle">java.awt.geom.Rectangle2D
-<ul>
-<li type="circle">java.awt.Rectangle (implements java.io.Serializable, java.awt.Shape)
-<ul>
-<li type="circle">org.libjpegturbo.turbojpeg.<a href="org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJTransform</span></a></li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-<li type="circle">java.lang.Throwable (implements java.io.Serializable)
-<ul>
-<li type="circle">java.lang.Exception
-<ul>
-<li type="circle">java.io.IOException
-<ul>
-<li type="circle">org.libjpegturbo.turbojpeg.<a href="org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJException</span></a></li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-<li type="circle">org.libjpegturbo.turbojpeg.<a href="org/libjpegturbo/turbojpeg/TJ.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJ</span></a></li>
-<li type="circle">org.libjpegturbo.turbojpeg.<a href="org/libjpegturbo/turbojpeg/TJCompressor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJCompressor</span></a> (implements java.io.Closeable)</li>
-<li type="circle">org.libjpegturbo.turbojpeg.<a href="org/libjpegturbo/turbojpeg/TJDecompressor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJDecompressor</span></a> (implements java.io.Closeable)
-<ul>
-<li type="circle">org.libjpegturbo.turbojpeg.<a href="org/libjpegturbo/turbojpeg/TJTransformer.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJTransformer</span></a></li>
-</ul>
-</li>
-<li type="circle">org.libjpegturbo.turbojpeg.<a href="org/libjpegturbo/turbojpeg/TJScalingFactor.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">TJScalingFactor</span></a></li>
-<li type="circle">org.libjpegturbo.turbojpeg.<a href="org/libjpegturbo/turbojpeg/YUVImage.html" title="class in org.libjpegturbo.turbojpeg"><span class="strong">YUVImage</span></a></li>
-</ul>
-</li>
-</ul>
-<h2 title="Interface Hierarchy">Interface Hierarchy</h2>
-<ul>
-<li type="circle">org.libjpegturbo.turbojpeg.<a href="org/libjpegturbo/turbojpeg/TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg"><span class="strong">TJCustomFilter</span></a></li>
-</ul>
-</div>
-<!-- ======= START OF BOTTOM NAVBAR ====== -->
-<div class="bottomNav"><a name="navbar_bottom">
-<!--   -->
-</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li>Class</li>
-<li class="navBarCell1Rev">Tree</li>
-<li><a href="deprecated-list.html">Deprecated</a></li>
-<li><a href="index-all.html">Index</a></li>
-<li><a href="help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li>Prev</li>
-<li>Next</li>
-</ul>
-<ul class="navList">
-<li><a href="index.html?overview-tree.html" target="_top">Frames</a></li>
-<li><a href="overview-tree.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_bottom">
-<li><a href="allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_bottom");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<a name="skip-navbar_bottom">
-<!--   -->
-</a></div>
-<!-- ======== END OF BOTTOM NAVBAR ======= -->
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/package-list b/3rdparty/libjpeg-turbo_2_1_0/java/doc/package-list
deleted file mode 100644
index 918d936..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/package-list
+++ /dev/null
@@ -1 +0,0 @@
-org.libjpegturbo.turbojpeg
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/resources/background.gif b/3rdparty/libjpeg-turbo_2_1_0/java/doc/resources/background.gif
deleted file mode 100644
index f471940..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/java/doc/resources/background.gif and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/resources/tab.gif b/3rdparty/libjpeg-turbo_2_1_0/java/doc/resources/tab.gif
deleted file mode 100644
index 1a73a83..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/java/doc/resources/tab.gif and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/resources/titlebar.gif b/3rdparty/libjpeg-turbo_2_1_0/java/doc/resources/titlebar.gif
deleted file mode 100644
index 17443b3..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/java/doc/resources/titlebar.gif and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/resources/titlebar_end.gif b/3rdparty/libjpeg-turbo_2_1_0/java/doc/resources/titlebar_end.gif
deleted file mode 100644
index 3ad78d4..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/java/doc/resources/titlebar_end.gif and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/script.js b/3rdparty/libjpeg-turbo_2_1_0/java/doc/script.js
deleted file mode 100644
index b346356..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/script.js
+++ /dev/null
@@ -1,30 +0,0 @@
-function show(type)
-{
-    count = 0;
-    for (var key in methods) {
-        var row = document.getElementById(key);
-        if ((methods[key] &  type) != 0) {
-            row.style.display = '';
-            row.className = (count++ % 2) ? rowColor : altColor;
-        }
-        else
-            row.style.display = 'none';
-    }
-    updateTabs(type);
-}
-
-function updateTabs(type)
-{
-    for (var value in tabs) {
-        var sNode = document.getElementById(tabs[value][0]);
-        var spanNode = sNode.firstChild;
-        if (value == type) {
-            sNode.className = activeTableTab;
-            spanNode.innerHTML = tabs[value][1];
-        }
-        else {
-            sNode.className = tableTab;
-            spanNode.innerHTML = "<a href=\"javascript:show("+ value + ");\">" + tabs[value][1] + "</a>";
-        }
-    }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/serialized-form.html b/3rdparty/libjpeg-turbo_2_1_0/java/doc/serialized-form.html
deleted file mode 100644
index 45bbc86..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/serialized-form.html
+++ /dev/null
@@ -1,176 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<!-- NewPage -->
-<html lang="en">
-<head>
-<title>Serialized Form</title>
-<link rel="stylesheet" type="text/css" href="stylesheet.css" title="Style">
-</head>
-<body>
-<script type="text/javascript"><!--
-    try {
-        if (location.href.indexOf('is-external=true') == -1) {
-            parent.document.title="Serialized Form";
-        }
-    }
-    catch(err) {
-    }
-//-->
-</script>
-<noscript>
-<div>JavaScript is disabled on your browser.</div>
-</noscript>
-<!-- ========= START OF TOP NAVBAR ======= -->
-<div class="topNav"><a name="navbar_top">
-<!--   -->
-</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li>Class</li>
-<li><a href="org/libjpegturbo/turbojpeg/package-tree.html">Tree</a></li>
-<li><a href="deprecated-list.html">Deprecated</a></li>
-<li><a href="index-all.html">Index</a></li>
-<li><a href="help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li>Prev</li>
-<li>Next</li>
-</ul>
-<ul class="navList">
-<li><a href="index.html?serialized-form.html" target="_top">Frames</a></li>
-<li><a href="serialized-form.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_top">
-<li><a href="allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_top");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<a name="skip-navbar_top">
-<!--   -->
-</a></div>
-<!-- ========= END OF TOP NAVBAR ========= -->
-<div class="header">
-<h1 title="Serialized Form" class="title">Serialized Form</h1>
-</div>
-<div class="serializedFormContainer">
-<ul class="blockList">
-<li class="blockList">
-<h2 title="Package">Package&nbsp;org.libjpegturbo.turbojpeg</h2>
-<ul class="blockList">
-<li class="blockList"><a name="org.libjpegturbo.turbojpeg.TJException">
-<!--   -->
-</a>
-<h3>Class <a href="org/libjpegturbo/turbojpeg/TJException.html" title="class in org.libjpegturbo.turbojpeg">org.libjpegturbo.turbojpeg.TJException</a> extends java.io.IOException implements Serializable</h3>
-<dl class="nameValue">
-<dt>serialVersionUID:</dt>
-<dd>1L</dd>
-</dl>
-<ul class="blockList">
-<li class="blockList"><a name="serializedForm">
-<!--   -->
-</a>
-<h3>Serialized Fields</h3>
-<ul class="blockList">
-<li class="blockListLast">
-<h4>errorCode</h4>
-<pre>int errorCode</pre>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-<li class="blockList"><a name="org.libjpegturbo.turbojpeg.TJTransform">
-<!--   -->
-</a>
-<h3>Class <a href="org/libjpegturbo/turbojpeg/TJTransform.html" title="class in org.libjpegturbo.turbojpeg">org.libjpegturbo.turbojpeg.TJTransform</a> extends java.awt.Rectangle implements Serializable</h3>
-<dl class="nameValue">
-<dt>serialVersionUID:</dt>
-<dd>-127367705761430371L</dd>
-</dl>
-<ul class="blockList">
-<li class="blockList"><a name="serializedForm">
-<!--   -->
-</a>
-<h3>Serialized Fields</h3>
-<ul class="blockList">
-<li class="blockList">
-<h4>op</h4>
-<pre>int op</pre>
-<div class="block">Transform operation (one of <code>OP_*</code>)</div>
-</li>
-<li class="blockList">
-<h4>options</h4>
-<pre>int options</pre>
-<div class="block">Transform options (bitwise OR of one or more of <code>OPT_*</code>)</div>
-</li>
-<li class="blockListLast">
-<h4>cf</h4>
-<pre><a href="org/libjpegturbo/turbojpeg/TJCustomFilter.html" title="interface in org.libjpegturbo.turbojpeg">TJCustomFilter</a> cf</pre>
-<div class="block">Custom filter instance</div>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</li>
-</ul>
-</div>
-<!-- ======= START OF BOTTOM NAVBAR ====== -->
-<div class="bottomNav"><a name="navbar_bottom">
-<!--   -->
-</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
-<!--   -->
-</a>
-<ul class="navList" title="Navigation">
-<li><a href="org/libjpegturbo/turbojpeg/package-summary.html">Package</a></li>
-<li>Class</li>
-<li><a href="org/libjpegturbo/turbojpeg/package-tree.html">Tree</a></li>
-<li><a href="deprecated-list.html">Deprecated</a></li>
-<li><a href="index-all.html">Index</a></li>
-<li><a href="help-doc.html">Help</a></li>
-</ul>
-</div>
-<div class="subNav">
-<ul class="navList">
-<li>Prev</li>
-<li>Next</li>
-</ul>
-<ul class="navList">
-<li><a href="index.html?serialized-form.html" target="_top">Frames</a></li>
-<li><a href="serialized-form.html" target="_top">No Frames</a></li>
-</ul>
-<ul class="navList" id="allclasses_navbar_bottom">
-<li><a href="allclasses-noframe.html">All Classes</a></li>
-</ul>
-<div>
-<script type="text/javascript"><!--
-  allClassesLink = document.getElementById("allclasses_navbar_bottom");
-  if(window==top) {
-    allClassesLink.style.display = "block";
-  }
-  else {
-    allClassesLink.style.display = "none";
-  }
-  //-->
-</script>
-</div>
-<a name="skip-navbar_bottom">
-<!--   -->
-</a></div>
-<!-- ======== END OF BOTTOM NAVBAR ======= -->
-</body>
-</html>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/doc/stylesheet.css b/3rdparty/libjpeg-turbo_2_1_0/java/doc/stylesheet.css
deleted file mode 100644
index 0aeaa97..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/doc/stylesheet.css
+++ /dev/null
@@ -1,474 +0,0 @@
-/* Javadoc style sheet */
-/*
-Overall document style
-*/
-body {
-    background-color:#ffffff;
-    color:#353833;
-    font-family:Arial, Helvetica, sans-serif;
-    font-size:76%;
-    margin:0;
-}
-a:link, a:visited {
-    text-decoration:none;
-    color:#4c6b87;
-}
-a:hover, a:focus {
-    text-decoration:none;
-    color:#bb7a2a;
-}
-a:active {
-    text-decoration:none;
-    color:#4c6b87;
-}
-a[name] {
-    color:#353833;
-}
-a[name]:hover {
-    text-decoration:none;
-    color:#353833;
-}
-pre {
-    font-size:1.3em;
-}
-h1 {
-    font-size:1.8em;
-}
-h2 {
-    font-size:1.5em;
-}
-h3 {
-    font-size:1.4em;
-}
-h4 {
-    font-size:1.3em;
-}
-h5 {
-    font-size:1.2em;
-}
-h6 {
-    font-size:1.1em;
-}
-ul {
-    list-style-type:disc;
-}
-code, tt {
-    font-size:1.2em;
-}
-dt code {
-    font-size:1.2em;
-}
-table tr td dt code {
-    font-size:1.2em;
-    vertical-align:top;
-}
-sup {
-    font-size:.6em;
-}
-/*
-Document title and Copyright styles
-*/
-.clear {
-    clear:both;
-    height:0px;
-    overflow:hidden;
-}
-.aboutLanguage {
-    float:right;
-    padding:0px 21px;
-    font-size:.8em;
-    z-index:200;
-    margin-top:-7px;
-}
-.legalCopy {
-    margin-left:.5em;
-}
-.bar a, .bar a:link, .bar a:visited, .bar a:active {
-    color:#FFFFFF;
-    text-decoration:none;
-}
-.bar a:hover, .bar a:focus {
-    color:#bb7a2a;
-}
-.tab {
-    background-color:#0066FF;
-    background-image:url(resources/titlebar.gif);
-    background-position:left top;
-    background-repeat:no-repeat;
-    color:#ffffff;
-    padding:8px;
-    width:5em;
-    font-weight:bold;
-}
-/*
-Navigation bar styles
-*/
-.bar {
-    background-image:url(resources/background.gif);
-    background-repeat:repeat-x;
-    color:#FFFFFF;
-    padding:.8em .5em .4em .8em;
-    height:auto;/*height:1.8em;*/
-    font-size:1em;
-    margin:0;
-}
-.topNav {
-    background-image:url(resources/background.gif);
-    background-repeat:repeat-x;
-    color:#FFFFFF;
-    float:left;
-    padding:0;
-    width:100%;
-    clear:right;
-    height:2.8em;
-    padding-top:10px;
-    overflow:hidden;
-}
-.bottomNav {
-    margin-top:10px;
-    background-image:url(resources/background.gif);
-    background-repeat:repeat-x;
-    color:#FFFFFF;
-    float:left;
-    padding:0;
-    width:100%;
-    clear:right;
-    height:2.8em;
-    padding-top:10px;
-    overflow:hidden;
-}
-.subNav {
-    background-color:#dee3e9;
-    border-bottom:1px solid #9eadc0;
-    float:left;
-    width:100%;
-    overflow:hidden;
-}
-.subNav div {
-    clear:left;
-    float:left;
-    padding:0 0 5px 6px;
-}
-ul.navList, ul.subNavList {
-    float:left;
-    margin:0 25px 0 0;
-    padding:0;
-}
-ul.navList li{
-    list-style:none;
-    float:left;
-    padding:3px 6px;
-}
-ul.subNavList li{
-    list-style:none;
-    float:left;
-    font-size:90%;
-}
-.topNav a:link, .topNav a:active, .topNav a:visited, .bottomNav a:link, .bottomNav a:active, .bottomNav a:visited {
-    color:#FFFFFF;
-    text-decoration:none;
-}
-.topNav a:hover, .bottomNav a:hover {
-    text-decoration:none;
-    color:#bb7a2a;
-}
-.navBarCell1Rev {
-    background-image:url(resources/tab.gif);
-    background-color:#a88834;
-    color:#FFFFFF;
-    margin: auto 5px;
-    border:1px solid #c9aa44;
-}
-/*
-Page header and footer styles
-*/
-.header, .footer {
-    clear:both;
-    margin:0 20px;
-    padding:5px 0 0 0;
-}
-.indexHeader {
-    margin:10px;
-    position:relative;
-}
-.indexHeader h1 {
-    font-size:1.3em;
-}
-.title {
-    color:#2c4557;
-    margin:10px 0;
-}
-.subTitle {
-    margin:5px 0 0 0;
-}
-.header ul {
-    margin:0 0 25px 0;
-    padding:0;
-}
-.footer ul {
-    margin:20px 0 5px 0;
-}
-.header ul li, .footer ul li {
-    list-style:none;
-    font-size:1.2em;
-}
-/*
-Heading styles
-*/
-div.details ul.blockList ul.blockList ul.blockList li.blockList h4, div.details ul.blockList ul.blockList ul.blockListLast li.blockList h4 {
-    background-color:#dee3e9;
-    border-top:1px solid #9eadc0;
-    border-bottom:1px solid #9eadc0;
-    margin:0 0 6px -8px;
-    padding:2px 5px;
-}
-ul.blockList ul.blockList ul.blockList li.blockList h3 {
-    background-color:#dee3e9;
-    border-top:1px solid #9eadc0;
-    border-bottom:1px solid #9eadc0;
-    margin:0 0 6px -8px;
-    padding:2px 5px;
-}
-ul.blockList ul.blockList li.blockList h3 {
-    padding:0;
-    margin:15px 0;
-}
-ul.blockList li.blockList h2 {
-    padding:0px 0 20px 0;
-}
-/*
-Page layout container styles
-*/
-.contentContainer, .sourceContainer, .classUseContainer, .serializedFormContainer, .constantValuesContainer {
-    clear:both;
-    padding:10px 20px;
-    position:relative;
-}
-.indexContainer {
-    margin:10px;
-    position:relative;
-    font-size:1.0em;
-}
-.indexContainer h2 {
-    font-size:1.1em;
-    padding:0 0 3px 0;
-}
-.indexContainer ul {
-    margin:0;
-    padding:0;
-}
-.indexContainer ul li {
-    list-style:none;
-}
-.contentContainer .description dl dt, .contentContainer .details dl dt, .serializedFormContainer dl dt {
-    font-size:1.1em;
-    font-weight:bold;
-    margin:10px 0 0 0;
-    color:#4E4E4E;
-}
-.contentContainer .description dl dd, .contentContainer .details dl dd, .serializedFormContainer dl dd {
-    margin:10px 0 10px 20px;
-}
-.serializedFormContainer dl.nameValue dt {
-    margin-left:1px;
-    font-size:1.1em;
-    display:inline;
-    font-weight:bold;
-}
-.serializedFormContainer dl.nameValue dd {
-    margin:0 0 0 1px;
-    font-size:1.1em;
-    display:inline;
-}
-/*
-List styles
-*/
-ul.horizontal li {
-    display:inline;
-    font-size:0.9em;
-}
-ul.inheritance {
-    margin:0;
-    padding:0;
-}
-ul.inheritance li {
-    display:inline;
-    list-style:none;
-}
-ul.inheritance li ul.inheritance {
-    margin-left:15px;
-    padding-left:15px;
-    padding-top:1px;
-}
-ul.blockList, ul.blockListLast {
-    margin:10px 0 10px 0;
-    padding:0;
-}
-ul.blockList li.blockList, ul.blockListLast li.blockList {
-    list-style:none;
-    margin-bottom:25px;
-}
-ul.blockList ul.blockList li.blockList, ul.blockList ul.blockListLast li.blockList {
-    padding:0px 20px 5px 10px;
-    border:1px solid #9eadc0;
-    background-color:#f9f9f9;
-}
-ul.blockList ul.blockList ul.blockList li.blockList, ul.blockList ul.blockList ul.blockListLast li.blockList {
-    padding:0 0 5px 8px;
-    background-color:#ffffff;
-    border:1px solid #9eadc0;
-    border-top:none;
-}
-ul.blockList ul.blockList ul.blockList ul.blockList li.blockList {
-    margin-left:0;
-    padding-left:0;
-    padding-bottom:15px;
-    border:none;
-    border-bottom:1px solid #9eadc0;
-}
-ul.blockList ul.blockList ul.blockList ul.blockList li.blockListLast {
-    list-style:none;
-    border-bottom:none;
-    padding-bottom:0;
-}
-table tr td dl, table tr td dl dt, table tr td dl dd {
-    margin-top:0;
-    margin-bottom:1px;
-}
-/*
-Table styles
-*/
-.contentContainer table, .classUseContainer table, .constantValuesContainer table {
-    border-bottom:1px solid #9eadc0;
-    width:100%;
-}
-.contentContainer ul li table, .classUseContainer ul li table, .constantValuesContainer ul li table {
-    width:100%;
-}
-.contentContainer .description table, .contentContainer .details table {
-    border-bottom:none;
-}
-.contentContainer ul li table th.colOne, .contentContainer ul li table th.colFirst, .contentContainer ul li table th.colLast, .classUseContainer ul li table th, .constantValuesContainer ul li table th, .contentContainer ul li table td.colOne, .contentContainer ul li table td.colFirst, .contentContainer ul li table td.colLast, .classUseContainer ul li table td, .constantValuesContainer ul li table td{
-    vertical-align:top;
-    padding-right:20px;
-}
-.contentContainer ul li table th.colLast, .classUseContainer ul li table th.colLast,.constantValuesContainer ul li table th.colLast,
-.contentContainer ul li table td.colLast, .classUseContainer ul li table td.colLast,.constantValuesContainer ul li table td.colLast,
-.contentContainer ul li table th.colOne, .classUseContainer ul li table th.colOne,
-.contentContainer ul li table td.colOne, .classUseContainer ul li table td.colOne {
-    padding-right:3px;
-}
-.overviewSummary caption, .packageSummary caption, .contentContainer ul.blockList li.blockList caption, .summary caption, .classUseContainer caption, .constantValuesContainer caption {
-    position:relative;
-    text-align:left;
-    background-repeat:no-repeat;
-    color:#FFFFFF;
-    font-weight:bold;
-    clear:none;
-    overflow:hidden;
-    padding:0px;
-    margin:0px;
-}
-caption a:link, caption a:hover, caption a:active, caption a:visited {
-    color:#FFFFFF;
-}
-.overviewSummary caption span, .packageSummary caption span, .contentContainer ul.blockList li.blockList caption span, .summary caption span, .classUseContainer caption span, .constantValuesContainer caption span {
-    white-space:nowrap;
-    padding-top:8px;
-    padding-left:8px;
-    display:block;
-    float:left;
-    background-image:url(resources/titlebar.gif);
-    height:18px;
-}
-.overviewSummary .tabEnd, .packageSummary .tabEnd, .contentContainer ul.blockList li.blockList .tabEnd, .summary .tabEnd, .classUseContainer .tabEnd, .constantValuesContainer .tabEnd {
-    width:10px;
-    background-image:url(resources/titlebar_end.gif);
-    background-repeat:no-repeat;
-    background-position:top right;
-    position:relative;
-    float:left;
-}
-ul.blockList ul.blockList li.blockList table {
-    margin:0 0 12px 0px;
-    width:100%;
-}
-.tableSubHeadingColor {
-    background-color: #EEEEFF;
-}
-.altColor {
-    background-color:#eeeeef;
-}
-.rowColor {
-    background-color:#ffffff;
-}
-.overviewSummary td, .packageSummary td, .contentContainer ul.blockList li.blockList td, .summary td, .classUseContainer td, .constantValuesContainer td {
-    text-align:left;
-    padding:3px 3px 3px 7px;
-}
-th.colFirst, th.colLast, th.colOne, .constantValuesContainer th {
-    background:#dee3e9;
-    border-top:1px solid #9eadc0;
-    border-bottom:1px solid #9eadc0;
-    text-align:left;
-    padding:3px 3px 3px 7px;
-}
-td.colOne a:link, td.colOne a:active, td.colOne a:visited, td.colOne a:hover, td.colFirst a:link, td.colFirst a:active, td.colFirst a:visited, td.colFirst a:hover, td.colLast a:link, td.colLast a:active, td.colLast a:visited, td.colLast a:hover, .constantValuesContainer td a:link, .constantValuesContainer td a:active, .constantValuesContainer td a:visited, .constantValuesContainer td a:hover {
-    font-weight:bold;
-}
-td.colFirst, th.colFirst {
-    border-left:1px solid #9eadc0;
-    white-space:nowrap;
-}
-td.colLast, th.colLast {
-    border-right:1px solid #9eadc0;
-}
-td.colOne, th.colOne {
-    border-right:1px solid #9eadc0;
-    border-left:1px solid #9eadc0;
-}
-table.overviewSummary  {
-    padding:0px;
-    margin-left:0px;
-}
-table.overviewSummary td.colFirst, table.overviewSummary th.colFirst,
-table.overviewSummary td.colOne, table.overviewSummary th.colOne {
-    width:25%;
-    vertical-align:middle;
-}
-table.packageSummary td.colFirst, table.overviewSummary th.colFirst {
-    width:25%;
-    vertical-align:middle;
-}
-/*
-Content styles
-*/
-.description pre {
-    margin-top:0;
-}
-.deprecatedContent {
-    margin:0;
-    padding:10px 0;
-}
-.docSummary {
-    padding:0;
-}
-/*
-Formatting effect styles
-*/
-.sourceLineNo {
-    color:green;
-    padding:0 30px 0 0;
-}
-h1.hidden {
-    visibility:hidden;
-    overflow:hidden;
-    font-size:.9em;
-}
-.block {
-    display:block;
-    margin:3px 0 0 0;
-}
-.strong {
-    font-weight:bold;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJ.java b/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJ.java
deleted file mode 100644
index d791e00..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJ.java
+++ /dev/null
@@ -1,596 +0,0 @@
-/*
- * Copyright (C)2011-2013, 2017-2018, 2020-2021 D. R. Commander.
- *                                              All Rights Reserved.
- * Copyright (C)2015 Viktor Szathmáry.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-package org.libjpegturbo.turbojpeg;
-
-/**
- * TurboJPEG utility class (cannot be instantiated)
- */
-public final class TJ {
-
-  private TJ() {}
-
-  /**
-   * The number of chrominance subsampling options
-   */
-  public static final int NUMSAMP   = 6;
-  /**
-   * 4:4:4 chrominance subsampling (no chrominance subsampling).  The JPEG
-   * or YUV image will contain one chrominance component for every pixel in the
-   * source image.
-   */
-  public static final int SAMP_444  = 0;
-  /**
-   * 4:2:2 chrominance subsampling.  The JPEG or YUV image will contain one
-   * chrominance component for every 2x1 block of pixels in the source image.
-   */
-  public static final int SAMP_422  = 1;
-  /**
-   * 4:2:0 chrominance subsampling.  The JPEG or YUV image will contain one
-   * chrominance component for every 2x2 block of pixels in the source image.
-   */
-  public static final int SAMP_420  = 2;
-  /**
-   * Grayscale.  The JPEG or YUV image will contain no chrominance components.
-   */
-  public static final int SAMP_GRAY = 3;
-  /**
-   * 4:4:0 chrominance subsampling.  The JPEG or YUV image will contain one
-   * chrominance component for every 1x2 block of pixels in the source image.
-   * Note that 4:4:0 subsampling is not fully accelerated in libjpeg-turbo.
-   */
-  public static final int SAMP_440  = 4;
-  /**
-   * 4:1:1 chrominance subsampling.  The JPEG or YUV image will contain one
-   * chrominance component for every 4x1 block of pixels in the source image.
-   * JPEG images compressed with 4:1:1 subsampling will be almost exactly the
-   * same size as those compressed with 4:2:0 subsampling, and in the
-   * aggregate, both subsampling methods produce approximately the same
-   * perceptual quality.  However, 4:1:1 is better able to reproduce sharp
-   * horizontal features.  Note that 4:1:1 subsampling is not fully accelerated
-   * in libjpeg-turbo.
-   */
-  public static final int SAMP_411  = 5;
-
-
-  /**
-   * Returns the MCU block width for the given level of chrominance
-   * subsampling.
-   *
-   * @param subsamp the level of chrominance subsampling (one of
-   * <code>SAMP_*</code>)
-   *
-   * @return the MCU block width for the given level of chrominance
-   * subsampling.
-   */
-  public static int getMCUWidth(int subsamp) {
-    checkSubsampling(subsamp);
-    return MCU_WIDTH[subsamp];
-  }
-
-  private static final int[] MCU_WIDTH = {
-    8, 16, 16, 8, 8, 32
-  };
-
-
-  /**
-   * Returns the MCU block height for the given level of chrominance
-   * subsampling.
-   *
-   * @param subsamp the level of chrominance subsampling (one of
-   * <code>SAMP_*</code>)
-   *
-   * @return the MCU block height for the given level of chrominance
-   * subsampling.
-   */
-  public static int getMCUHeight(int subsamp) {
-    checkSubsampling(subsamp);
-    return MCU_HEIGHT[subsamp];
-  }
-
-  private static final int[] MCU_HEIGHT = {
-    8, 8, 16, 8, 16, 8
-  };
-
-
-  /**
-   * The number of pixel formats
-   */
-  public static final int NUMPF   = 12;
-  /**
-   * RGB pixel format.  The red, green, and blue components in the image are
-   * stored in 3-byte pixels in the order R, G, B from lowest to highest byte
-   * address within each pixel.
-   */
-  public static final int PF_RGB  = 0;
-  /**
-   * BGR pixel format.  The red, green, and blue components in the image are
-   * stored in 3-byte pixels in the order B, G, R from lowest to highest byte
-   * address within each pixel.
-   */
-  public static final int PF_BGR  = 1;
-  /**
-   * RGBX pixel format.  The red, green, and blue components in the image are
-   * stored in 4-byte pixels in the order R, G, B from lowest to highest byte
-   * address within each pixel.  The X component is ignored when compressing
-   * and undefined when decompressing.
-   */
-  public static final int PF_RGBX = 2;
-  /**
-   * BGRX pixel format.  The red, green, and blue components in the image are
-   * stored in 4-byte pixels in the order B, G, R from lowest to highest byte
-   * address within each pixel.  The X component is ignored when compressing
-   * and undefined when decompressing.
-   */
-  public static final int PF_BGRX = 3;
-  /**
-   * XBGR pixel format.  The red, green, and blue components in the image are
-   * stored in 4-byte pixels in the order R, G, B from highest to lowest byte
-   * address within each pixel.  The X component is ignored when compressing
-   * and undefined when decompressing.
-   */
-  public static final int PF_XBGR = 4;
-  /**
-   * XRGB pixel format.  The red, green, and blue components in the image are
-   * stored in 4-byte pixels in the order B, G, R from highest to lowest byte
-   * address within each pixel.  The X component is ignored when compressing
-   * and undefined when decompressing.
-   */
-  public static final int PF_XRGB = 5;
-  /**
-   * Grayscale pixel format.  Each 1-byte pixel represents a luminance
-   * (brightness) level from 0 to 255.
-   */
-  public static final int PF_GRAY = 6;
-  /**
-   * RGBA pixel format.  This is the same as {@link #PF_RGBX}, except that when
-   * decompressing, the X byte is guaranteed to be 0xFF, which can be
-   * interpreted as an opaque alpha channel.
-   */
-  public static final int PF_RGBA = 7;
-  /**
-   * BGRA pixel format.  This is the same as {@link #PF_BGRX}, except that when
-   * decompressing, the X byte is guaranteed to be 0xFF, which can be
-   * interpreted as an opaque alpha channel.
-   */
-  public static final int PF_BGRA = 8;
-  /**
-   * ABGR pixel format.  This is the same as {@link #PF_XBGR}, except that when
-   * decompressing, the X byte is guaranteed to be 0xFF, which can be
-   * interpreted as an opaque alpha channel.
-   */
-  public static final int PF_ABGR = 9;
-  /**
-   * ARGB pixel format.  This is the same as {@link #PF_XRGB}, except that when
-   * decompressing, the X byte is guaranteed to be 0xFF, which can be
-   * interpreted as an opaque alpha channel.
-   */
-  public static final int PF_ARGB = 10;
-  /**
-   * CMYK pixel format.  Unlike RGB, which is an additive color model used
-   * primarily for display, CMYK (Cyan/Magenta/Yellow/Key) is a subtractive
-   * color model used primarily for printing.  In the CMYK color model, the
-   * value of each color component typically corresponds to an amount of cyan,
-   * magenta, yellow, or black ink that is applied to a white background.  In
-   * order to convert between CMYK and RGB, it is necessary to use a color
-   * management system (CMS.)  A CMS will attempt to map colors within the
-   * printer's gamut to perceptually similar colors in the display's gamut and
-   * vice versa, but the mapping is typically not 1:1 or reversible, nor can it
-   * be defined with a simple formula.  Thus, such a conversion is out of scope
-   * for a codec library.  However, the TurboJPEG API allows for compressing
-   * CMYK pixels into a YCCK JPEG image (see {@link #CS_YCCK}) and
-   * decompressing YCCK JPEG images into CMYK pixels.
-   */
-  public static final int PF_CMYK = 11;
-
-
-  /**
-   * Returns the pixel size (in bytes) for the given pixel format.
-   *
-   * @param pixelFormat the pixel format (one of <code>PF_*</code>)
-   *
-   * @return the pixel size (in bytes) for the given pixel format.
-   */
-  public static int getPixelSize(int pixelFormat) {
-    checkPixelFormat(pixelFormat);
-    return PIXEL_SIZE[pixelFormat];
-  }
-
-  private static final int[] PIXEL_SIZE = {
-    3, 3, 4, 4, 4, 4, 1, 4, 4, 4, 4, 4
-  };
-
-
-  /**
-   * For the given pixel format, returns the number of bytes that the red
-   * component is offset from the start of the pixel.  For instance, if a pixel
-   * of format <code>TJ.PF_BGRX</code> is stored in <code>char pixel[]</code>,
-   * then the red component will be
-   * <code>pixel[TJ.getRedOffset(TJ.PF_BGRX)]</code>.
-   *
-   * @param pixelFormat the pixel format (one of <code>PF_*</code>)
-   *
-   * @return the red offset for the given pixel format, or -1 if the pixel
-   * format does not have a red component.
-   */
-  public static int getRedOffset(int pixelFormat) {
-    checkPixelFormat(pixelFormat);
-    return RED_OFFSET[pixelFormat];
-  }
-
-  private static final int[] RED_OFFSET = {
-    0, 2, 0, 2, 3, 1, -1, 0, 2, 3, 1, -1
-  };
-
-
-  /**
-   * For the given pixel format, returns the number of bytes that the green
-   * component is offset from the start of the pixel.  For instance, if a pixel
-   * of format <code>TJ.PF_BGRX</code> is stored in <code>char pixel[]</code>,
-   * then the green component will be
-   * <code>pixel[TJ.getGreenOffset(TJ.PF_BGRX)]</code>.
-   *
-   * @param pixelFormat the pixel format (one of <code>PF_*</code>)
-   *
-   * @return the green offset for the given pixel format, or -1 if the pixel
-   * format does not have a green component.
-   */
-  public static int getGreenOffset(int pixelFormat) {
-    checkPixelFormat(pixelFormat);
-    return GREEN_OFFSET[pixelFormat];
-  }
-
-  private static final int[] GREEN_OFFSET = {
-    1, 1, 1, 1, 2, 2, -1, 1, 1, 2, 2, -1
-  };
-
-
-  /**
-   * For the given pixel format, returns the number of bytes that the blue
-   * component is offset from the start of the pixel.  For instance, if a pixel
-   * of format <code>TJ.PF_BGRX</code> is stored in <code>char pixel[]</code>,
-   * then the blue component will be
-   * <code>pixel[TJ.getBlueOffset(TJ.PF_BGRX)]</code>.
-   *
-   * @param pixelFormat the pixel format (one of <code>PF_*</code>)
-   *
-   * @return the blue offset for the given pixel format, or -1 if the pixel
-   * format does not have a blue component.
-   */
-  public static int getBlueOffset(int pixelFormat) {
-    checkPixelFormat(pixelFormat);
-    return BLUE_OFFSET[pixelFormat];
-  }
-
-  private static final int[] BLUE_OFFSET = {
-    2, 0, 2, 0, 1, 3, -1, 2, 0, 1, 3, -1
-  };
-
-
-  /**
-   * For the given pixel format, returns the number of bytes that the alpha
-   * component is offset from the start of the pixel.  For instance, if a pixel
-   * of format <code>TJ.PF_BGRA</code> is stored in <code>char pixel[]</code>,
-   * then the alpha component will be
-   * <code>pixel[TJ.getAlphaOffset(TJ.PF_BGRA)]</code>.
-   *
-   * @param pixelFormat the pixel format (one of <code>PF_*</code>)
-   *
-   * @return the alpha offset for the given pixel format, or -1 if the pixel
-   * format does not have a alpha component.
-   */
-  public static int getAlphaOffset(int pixelFormat) {
-    checkPixelFormat(pixelFormat);
-    return ALPHA_OFFSET[pixelFormat];
-  }
-
-  private static final int[] ALPHA_OFFSET = {
-    -1, -1, -1, -1, -1, -1, -1, 3, 3, 0, 0, -1
-  };
-
-
-  /**
-   * The number of JPEG colorspaces
-   */
-  public static final int NUMCS = 5;
-  /**
-   * RGB colorspace.  When compressing the JPEG image, the R, G, and B
-   * components in the source image are reordered into image planes, but no
-   * colorspace conversion or subsampling is performed.  RGB JPEG images can be
-   * decompressed to any of the extended RGB pixel formats or grayscale, but
-   * they cannot be decompressed to YUV images.
-   */
-  public static final int CS_RGB = 0;
-  /**
-   * YCbCr colorspace.  YCbCr is not an absolute colorspace but rather a
-   * mathematical transformation of RGB designed solely for storage and
-   * transmission.  YCbCr images must be converted to RGB before they can
-   * actually be displayed.  In the YCbCr colorspace, the Y (luminance)
-   * component represents the black &amp; white portion of the original image,
-   * and the Cb and Cr (chrominance) components represent the color portion of
-   * the original image.  Originally, the analog equivalent of this
-   * transformation allowed the same signal to drive both black &amp; white and
-   * color televisions, but JPEG images use YCbCr primarily because it allows
-   * the color data to be optionally subsampled for the purposes of reducing
-   * bandwidth or disk space.  YCbCr is the most common JPEG colorspace, and
-   * YCbCr JPEG images can be compressed from and decompressed to any of the
-   * extended RGB pixel formats or grayscale, or they can be decompressed to
-   * YUV planar images.
-   */
-  @SuppressWarnings("checkstyle:ConstantName")
-  public static final int CS_YCbCr = 1;
-  /**
-   * Grayscale colorspace.  The JPEG image retains only the luminance data (Y
-   * component), and any color data from the source image is discarded.
-   * Grayscale JPEG images can be compressed from and decompressed to any of
-   * the extended RGB pixel formats or grayscale, or they can be decompressed
-   * to YUV planar images.
-   */
-  public static final int CS_GRAY = 2;
-  /**
-   * CMYK colorspace.  When compressing the JPEG image, the C, M, Y, and K
-   * components in the source image are reordered into image planes, but no
-   * colorspace conversion or subsampling is performed.  CMYK JPEG images can
-   * only be decompressed to CMYK pixels.
-   */
-  public static final int CS_CMYK = 3;
-  /**
-   * YCCK colorspace.  YCCK (AKA "YCbCrK") is not an absolute colorspace but
-   * rather a mathematical transformation of CMYK designed solely for storage
-   * and transmission.  It is to CMYK as YCbCr is to RGB.  CMYK pixels can be
-   * reversibly transformed into YCCK, and as with YCbCr, the chrominance
-   * components in the YCCK pixels can be subsampled without incurring major
-   * perceptual loss.  YCCK JPEG images can only be compressed from and
-   * decompressed to CMYK pixels.
-   */
-  public static final int CS_YCCK = 4;
-
-
-  /**
-   * The uncompressed source/destination image is stored in bottom-up (Windows,
-   * OpenGL) order, not top-down (X11) order.
-   */
-  public static final int FLAG_BOTTOMUP      = 2;
-
-  @SuppressWarnings("checkstyle:JavadocVariable")
-  @Deprecated
-  public static final int FLAG_FORCEMMX      = 8;
-  @SuppressWarnings("checkstyle:JavadocVariable")
-  @Deprecated
-  public static final int FLAG_FORCESSE      = 16;
-  @SuppressWarnings("checkstyle:JavadocVariable")
-  @Deprecated
-  public static final int FLAG_FORCESSE2     = 32;
-  @SuppressWarnings("checkstyle:JavadocVariable")
-  @Deprecated
-  public static final int FLAG_FORCESSE3     = 128;
-
-  /**
-   * When decompressing an image that was compressed using chrominance
-   * subsampling, use the fastest chrominance upsampling algorithm available in
-   * the underlying codec.  The default is to use smooth upsampling, which
-   * creates a smooth transition between neighboring chrominance components in
-   * order to reduce upsampling artifacts in the decompressed image.
-   */
-  public static final int FLAG_FASTUPSAMPLE  = 256;
-  /**
-   * Use the fastest DCT/IDCT algorithm available in the underlying codec.  The
-   * default if this flag is not specified is implementation-specific.  For
-   * example, the implementation of TurboJPEG for libjpeg[-turbo] uses the fast
-   * algorithm by default when compressing, because this has been shown to have
-   * only a very slight effect on accuracy, but it uses the accurate algorithm
-   * when decompressing, because this has been shown to have a larger effect.
-   */
-  public static final int FLAG_FASTDCT       = 2048;
-  /**
-   * Use the most accurate DCT/IDCT algorithm available in the underlying
-   * codec.  The default if this flag is not specified is
-   * implementation-specific.  For example, the implementation of TurboJPEG for
-   * libjpeg[-turbo] uses the fast algorithm by default when compressing,
-   * because this has been shown to have only a very slight effect on accuracy,
-   * but it uses the accurate algorithm when decompressing, because this has
-   * been shown to have a larger effect.
-   */
-  public static final int FLAG_ACCURATEDCT   = 4096;
-  /**
-   * Immediately discontinue the current compression/decompression/transform
-   * operation if the underlying codec throws a warning (non-fatal error).  The
-   * default behavior is to allow the operation to complete unless a fatal
-   * error is encountered.
-   * <p>
-   * NOTE: due to the design of the TurboJPEG Java API, only certain methods
-   * (specifically, {@link TJDecompressor TJDecompressor.decompress*()} methods
-   * with a void return type) will complete and leave the output image in a
-   * fully recoverable state after a non-fatal error occurs.
-   */
-  public static final int FLAG_STOPONWARNING = 8192;
-  /**
-   * Use progressive entropy coding in JPEG images generated by compression and
-   * transform operations.  Progressive entropy coding will generally improve
-   * compression relative to baseline entropy coding (the default), but it will
-   * reduce compression and decompression performance considerably.
-   */
-  public static final int FLAG_PROGRESSIVE   = 16384;
-  /**
-   * Limit the number of progressive JPEG scans that the decompression and
-   * transform operations will process.  If a progressive JPEG image contains
-   * an unreasonably large number of scans, then this flag will cause the
-   * decompression and transform operations to throw an error.  The primary
-   * purpose of this is to allow security-critical applications to guard
-   * against an exploit of the progressive JPEG format described in
-   * <a href="https://libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf" target="_blank">this report</a>.
-   */
-  public static final int FLAG_LIMITSCANS    = 32768;
-
-
-  /**
-   * The number of error codes
-   */
-  public static final int NUMERR = 2;
-  /**
-   * The error was non-fatal and recoverable, but the image may still be
-   * corrupt.
-   * <p>
-   * NOTE: due to the design of the TurboJPEG Java API, only certain methods
-   * (specifically, {@link TJDecompressor TJDecompressor.decompress*()} methods
-   * with a void return type) will complete and leave the output image in a
-   * fully recoverable state after a non-fatal error occurs.
-   */
-  public static final int ERR_WARNING = 0;
-  /**
-   * The error was fatal and non-recoverable.
-   */
-  public static final int ERR_FATAL = 1;
-
-
-  /**
-   * Returns the maximum size of the buffer (in bytes) required to hold a JPEG
-   * image with the given width, height, and level of chrominance subsampling.
-   *
-   * @param width the width (in pixels) of the JPEG image
-   *
-   * @param height the height (in pixels) of the JPEG image
-   *
-   * @param jpegSubsamp the level of chrominance subsampling to be used when
-   * generating the JPEG image (one of {@link TJ TJ.SAMP_*})
-   *
-   * @return the maximum size of the buffer (in bytes) required to hold a JPEG
-   * image with the given width, height, and level of chrominance subsampling.
-   */
-  public static native int bufSize(int width, int height, int jpegSubsamp);
-
-  /**
-   * Returns the size of the buffer (in bytes) required to hold a YUV planar
-   * image with the given width, height, and level of chrominance subsampling.
-   *
-   * @param width the width (in pixels) of the YUV image
-   *
-   * @param pad the width of each line in each plane of the image is padded to
-   * the nearest multiple of this number of bytes (must be a power of 2.)
-   *
-   * @param height the height (in pixels) of the YUV image
-   *
-   * @param subsamp the level of chrominance subsampling used in the YUV
-   * image (one of {@link TJ TJ.SAMP_*})
-   *
-   * @return the size of the buffer (in bytes) required to hold a YUV planar
-   * image with the given width, height, and level of chrominance subsampling.
-   */
-  public static native int bufSizeYUV(int width, int pad, int height,
-                                      int subsamp);
-
-  /**
-   * @deprecated Use {@link #bufSizeYUV(int, int, int, int)} instead.
-   */
-  @SuppressWarnings("checkstyle:JavadocMethod")
-  @Deprecated
-  public static native int bufSizeYUV(int width, int height, int subsamp);
-
-  /**
-   * Returns the size of the buffer (in bytes) required to hold a YUV image
-   * plane with the given parameters.
-   *
-   * @param componentID ID number of the image plane (0 = Y, 1 = U/Cb,
-   * 2 = V/Cr)
-   *
-   * @param width width (in pixels) of the YUV image.  NOTE: this is the width
-   * of the whole image, not the plane width.
-   *
-   * @param stride bytes per line in the image plane.
-   *
-   * @param height height (in pixels) of the YUV image.  NOTE: this is the
-   * height of the whole image, not the plane height.
-   *
-   * @param subsamp the level of chrominance subsampling used in the YUV
-   * image (one of {@link TJ TJ.SAMP_*})
-   *
-   * @return the size of the buffer (in bytes) required to hold a YUV planar
-   * image with the given parameters.
-   */
-  public static native int planeSizeYUV(int componentID, int width, int stride,
-                                        int height, int subsamp);
-
-  /**
-   * Returns the plane width of a YUV image plane with the given parameters.
-   * Refer to {@link YUVImage YUVImage} for a description of plane width.
-   *
-   * @param componentID ID number of the image plane (0 = Y, 1 = U/Cb,
-   * 2 = V/Cr)
-   *
-   * @param width width (in pixels) of the YUV image
-   *
-   * @param subsamp the level of chrominance subsampling used in the YUV image
-   * (one of {@link TJ TJ.SAMP_*})
-   *
-   * @return the plane width of a YUV image plane with the given parameters.
-   */
-  public static native int planeWidth(int componentID, int width, int subsamp);
-
-  /**
-   * Returns the plane height of a YUV image plane with the given parameters.
-   * Refer to {@link YUVImage YUVImage} for a description of plane height.
-   *
-   * @param componentID ID number of the image plane (0 = Y, 1 = U/Cb,
-   * 2 = V/Cr)
-   *
-   * @param height height (in pixels) of the YUV image
-   *
-   * @param subsamp the level of chrominance subsampling used in the YUV image
-   * (one of {@link TJ TJ.SAMP_*})
-   *
-   * @return the plane height of a YUV image plane with the given parameters.
-   */
-  public static native int planeHeight(int componentID, int height,
-                                       int subsamp);
-
-  /**
-   * Returns a list of fractional scaling factors that the JPEG decompressor in
-   * this implementation of TurboJPEG supports.
-   *
-   * @return a list of fractional scaling factors that the JPEG decompressor in
-   * this implementation of TurboJPEG supports.
-   */
-  public static native TJScalingFactor[] getScalingFactors();
-
-  static {
-    TJLoader.load();
-  }
-
-  private static void checkPixelFormat(int pixelFormat) {
-    if (pixelFormat < 0 || pixelFormat >= NUMPF)
-      throw new IllegalArgumentException("Invalid pixel format");
-  }
-
-  private static void checkSubsampling(int subsamp) {
-    if (subsamp < 0 || subsamp >= NUMSAMP)
-      throw new IllegalArgumentException("Invalid subsampling type");
-  }
-
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJCompressor.java b/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJCompressor.java
deleted file mode 100644
index 6d4830f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJCompressor.java
+++ /dev/null
@@ -1,684 +0,0 @@
-/*
- * Copyright (C)2011-2015, 2018, 2020 D. R. Commander.  All Rights Reserved.
- * Copyright (C)2015 Viktor Szathmáry.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-package org.libjpegturbo.turbojpeg;
-
-import java.awt.image.*;
-import java.nio.*;
-import java.io.*;
-
-/**
- * TurboJPEG compressor
- */
-public class TJCompressor implements Closeable {
-
-  private static final String NO_ASSOC_ERROR =
-    "No source image is associated with this instance";
-
-  /**
-   * Create a TurboJPEG compressor instance.
-   */
-  public TJCompressor() throws TJException {
-    init();
-  }
-
-  /**
-   * Create a TurboJPEG compressor instance and associate the uncompressed
-   * source image stored in <code>srcImage</code> with the newly created
-   * instance.
-   *
-   * @param srcImage see {@link #setSourceImage} for description
-   *
-   * @param x see {@link #setSourceImage} for description
-   *
-   * @param y see {@link #setSourceImage} for description
-   *
-   * @param width see {@link #setSourceImage} for description
-   *
-   * @param pitch see {@link #setSourceImage} for description
-   *
-   * @param height see {@link #setSourceImage} for description
-   *
-   * @param pixelFormat pixel format of the source image (one of
-   * {@link TJ#PF_RGB TJ.PF_*})
-   */
-  public TJCompressor(byte[] srcImage, int x, int y, int width, int pitch,
-                      int height, int pixelFormat) throws TJException {
-    setSourceImage(srcImage, x, y, width, pitch, height, pixelFormat);
-  }
-
-  /**
-   * @deprecated Use
-   * {@link #TJCompressor(byte[], int, int, int, int, int, int)} instead.
-   */
-  @SuppressWarnings("checkstyle:JavadocMethod")
-  @Deprecated
-  public TJCompressor(byte[] srcImage, int width, int pitch, int height,
-                      int pixelFormat) throws TJException {
-    setSourceImage(srcImage, width, pitch, height, pixelFormat);
-  }
-
-  /**
-   * Create a TurboJPEG compressor instance and associate the uncompressed
-   * source image stored in <code>srcImage</code> with the newly created
-   * instance.
-   *
-   * @param srcImage see
-   * {@link #setSourceImage(BufferedImage, int, int, int, int)} for description
-   *
-   * @param x see
-   * {@link #setSourceImage(BufferedImage, int, int, int, int)} for description
-   *
-   * @param y see
-   * {@link #setSourceImage(BufferedImage, int, int, int, int)} for description
-   *
-   * @param width see
-   * {@link #setSourceImage(BufferedImage, int, int, int, int)} for description
-   *
-   * @param height see
-   * {@link #setSourceImage(BufferedImage, int, int, int, int)} for description
-   */
-  public TJCompressor(BufferedImage srcImage, int x, int y, int width,
-                      int height) throws TJException {
-    setSourceImage(srcImage, x, y, width, height);
-  }
-
-  /**
-   * Associate an uncompressed RGB, grayscale, or CMYK source image with this
-   * compressor instance.
-   *
-   * @param srcImage image buffer containing RGB, grayscale, or CMYK pixels to
-   * be compressed or encoded.  This buffer is not modified.
-   *
-   * @param x x offset (in pixels) of the region in the source image from which
-   * the JPEG or YUV image should be compressed/encoded
-   *
-   * @param y y offset (in pixels) of the region in the source image from which
-   * the JPEG or YUV image should be compressed/encoded
-   *
-   * @param width width (in pixels) of the region in the source image from
-   * which the JPEG or YUV image should be compressed/encoded
-   *
-   * @param pitch bytes per line of the source image.  Normally, this should be
-   * <code>width * TJ.pixelSize(pixelFormat)</code> if the source image is
-   * unpadded, but you can use this parameter to, for instance, specify that
-   * the scanlines in the source image are padded to a 4-byte boundary or to
-   * compress/encode a JPEG or YUV image from a region of a larger source
-   * image.  You can also be clever and use this parameter to skip lines, etc.
-   * Setting this parameter to 0 is the equivalent of setting it to
-   * <code>width * TJ.pixelSize(pixelFormat)</code>.
-   *
-   * @param height height (in pixels) of the region in the source image from
-   * which the JPEG or YUV image should be compressed/encoded
-   *
-   * @param pixelFormat pixel format of the source image (one of
-   * {@link TJ#PF_RGB TJ.PF_*})
-   */
-  public void setSourceImage(byte[] srcImage, int x, int y, int width,
-                             int pitch, int height, int pixelFormat)
-                             throws TJException {
-    if (handle == 0) init();
-    if (srcImage == null || x < 0 || y < 0 || width < 1 || height < 1 ||
-        pitch < 0 || pixelFormat < 0 || pixelFormat >= TJ.NUMPF)
-      throw new IllegalArgumentException("Invalid argument in setSourceImage()");
-    srcBuf = srcImage;
-    srcWidth = width;
-    if (pitch == 0)
-      srcPitch = width * TJ.getPixelSize(pixelFormat);
-    else
-      srcPitch = pitch;
-    srcHeight = height;
-    srcPixelFormat = pixelFormat;
-    srcX = x;
-    srcY = y;
-    srcBufInt = null;
-    srcYUVImage = null;
-  }
-
-  /**
-   * @deprecated Use
-   * {@link #setSourceImage(byte[], int, int, int, int, int, int)} instead.
-   */
-  @SuppressWarnings("checkstyle:JavadocMethod")
-  @Deprecated
-  public void setSourceImage(byte[] srcImage, int width, int pitch,
-                             int height, int pixelFormat) throws TJException {
-    setSourceImage(srcImage, 0, 0, width, pitch, height, pixelFormat);
-    srcX = srcY = -1;
-  }
-
-  /**
-   * Associate an uncompressed RGB or grayscale source image with this
-   * compressor instance.
-   *
-   * @param srcImage a <code>BufferedImage</code> instance containing RGB or
-   * grayscale pixels to be compressed or encoded.  This image is not modified.
-   *
-   * @param x x offset (in pixels) of the region in the source image from which
-   * the JPEG or YUV image should be compressed/encoded
-   *
-   * @param y y offset (in pixels) of the region in the source image from which
-   * the JPEG or YUV image should be compressed/encoded
-   *
-   * @param width width (in pixels) of the region in the source image from
-   * which the JPEG or YUV image should be compressed/encoded (0 = use the
-   * width of the source image)
-   *
-   * @param height height (in pixels) of the region in the source image from
-   * which the JPEG or YUV image should be compressed/encoded (0 = use the
-   * height of the source image)
-   */
-  public void setSourceImage(BufferedImage srcImage, int x, int y, int width,
-                             int height) throws TJException {
-    if (handle == 0) init();
-    if (srcImage == null || x < 0 || y < 0 || width < 0 || height < 0)
-      throw new IllegalArgumentException("Invalid argument in setSourceImage()");
-    srcX = x;
-    srcY = y;
-    srcWidth = (width == 0) ? srcImage.getWidth() : width;
-    srcHeight = (height == 0) ? srcImage.getHeight() : height;
-    if (x + width > srcImage.getWidth() || y + height > srcImage.getHeight())
-      throw new IllegalArgumentException("Compression region exceeds the bounds of the source image");
-
-    int pixelFormat;
-    boolean intPixels = false;
-    if (byteOrder == null)
-      byteOrder = ByteOrder.nativeOrder();
-    switch (srcImage.getType()) {
-    case BufferedImage.TYPE_3BYTE_BGR:
-      pixelFormat = TJ.PF_BGR;  break;
-    case BufferedImage.TYPE_4BYTE_ABGR:
-    case BufferedImage.TYPE_4BYTE_ABGR_PRE:
-      pixelFormat = TJ.PF_XBGR;  break;
-    case BufferedImage.TYPE_BYTE_GRAY:
-      pixelFormat = TJ.PF_GRAY;  break;
-    case BufferedImage.TYPE_INT_BGR:
-      if (byteOrder == ByteOrder.BIG_ENDIAN)
-        pixelFormat = TJ.PF_XBGR;
-      else
-        pixelFormat = TJ.PF_RGBX;
-      intPixels = true;  break;
-    case BufferedImage.TYPE_INT_RGB:
-    case BufferedImage.TYPE_INT_ARGB:
-    case BufferedImage.TYPE_INT_ARGB_PRE:
-      if (byteOrder == ByteOrder.BIG_ENDIAN)
-        pixelFormat = TJ.PF_XRGB;
-      else
-        pixelFormat = TJ.PF_BGRX;
-      intPixels = true;  break;
-    default:
-      throw new IllegalArgumentException("Unsupported BufferedImage format");
-    }
-    srcPixelFormat = pixelFormat;
-
-    WritableRaster wr = srcImage.getRaster();
-    if (intPixels) {
-      SinglePixelPackedSampleModel sm =
-        (SinglePixelPackedSampleModel)srcImage.getSampleModel();
-      srcStride = sm.getScanlineStride();
-      DataBufferInt db = (DataBufferInt)wr.getDataBuffer();
-      srcBufInt = db.getData();
-      srcBuf = null;
-    } else {
-      ComponentSampleModel sm =
-        (ComponentSampleModel)srcImage.getSampleModel();
-      int pixelSize = sm.getPixelStride();
-      if (pixelSize != TJ.getPixelSize(pixelFormat))
-        throw new IllegalArgumentException("Inconsistency between pixel format and pixel size in BufferedImage");
-      srcPitch = sm.getScanlineStride();
-      DataBufferByte db = (DataBufferByte)wr.getDataBuffer();
-      srcBuf = db.getData();
-      srcBufInt = null;
-    }
-    srcYUVImage = null;
-  }
-
-  /**
-   * Associate an uncompressed YUV planar source image with this compressor
-   * instance.
-   *
-   * @param srcImage YUV planar image to be compressed.  This image is not
-   * modified.
-   */
-  public void setSourceImage(YUVImage srcImage) throws TJException {
-    if (handle == 0) init();
-    if (srcImage == null)
-      throw new IllegalArgumentException("Invalid argument in setSourceImage()");
-    srcYUVImage = srcImage;
-    srcBuf = null;
-    srcBufInt = null;
-  }
-
-  /**
-   * Set the level of chrominance subsampling for subsequent compress/encode
-   * operations.  When pixels are converted from RGB to YCbCr (see
-   * {@link TJ#CS_YCbCr}) or from CMYK to YCCK (see {@link TJ#CS_YCCK}) as part
-   * of the JPEG compression process, some of the Cb and Cr (chrominance)
-   * components can be discarded or averaged together to produce a smaller
-   * image with little perceptible loss of image clarity (the human eye is more
-   * sensitive to small changes in brightness than to small changes in color.)
-   * This is called "chrominance subsampling".
-   * <p>
-   * NOTE: This method has no effect when compressing a JPEG image from a YUV
-   * planar source.  In that case, the level of chrominance subsampling in
-   * the JPEG image is determined by the source.  Furthermore, this method has
-   * no effect when encoding to a pre-allocated {@link YUVImage} instance.  In
-   * that case, the level of chrominance subsampling is determined by the
-   * destination.
-   *
-   * @param newSubsamp the level of chrominance subsampling to use in
-   * subsequent compress/encode oeprations (one of
-   * {@link TJ#SAMP_444 TJ.SAMP_*})
-   */
-  public void setSubsamp(int newSubsamp) {
-    if (newSubsamp < 0 || newSubsamp >= TJ.NUMSAMP)
-      throw new IllegalArgumentException("Invalid argument in setSubsamp()");
-    subsamp = newSubsamp;
-  }
-
-  /**
-   * Set the JPEG image quality level for subsequent compress operations.
-   *
-   * @param quality the new JPEG image quality level (1 to 100, 1 = worst,
-   * 100 = best)
-   */
-  public void setJPEGQuality(int quality) {
-    if (quality < 1 || quality > 100)
-      throw new IllegalArgumentException("Invalid argument in setJPEGQuality()");
-    jpegQuality = quality;
-  }
-
-  /**
-   * Compress the uncompressed source image associated with this compressor
-   * instance and output a JPEG image to the given destination buffer.
-   *
-   * @param dstBuf buffer that will receive the JPEG image.  Use
-   * {@link TJ#bufSize} to determine the maximum size for this buffer based on
-   * the source image's width and height and the desired level of chrominance
-   * subsampling.
-   *
-   * @param flags the bitwise OR of one or more of
-   * {@link TJ#FLAG_BOTTOMUP TJ.FLAG_*}
-   */
-  public void compress(byte[] dstBuf, int flags) throws TJException {
-    if (dstBuf == null || flags < 0)
-      throw new IllegalArgumentException("Invalid argument in compress()");
-    if (srcBuf == null && srcBufInt == null && srcYUVImage == null)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    if (jpegQuality < 0)
-      throw new IllegalStateException("JPEG Quality not set");
-    if (subsamp < 0 && srcYUVImage == null)
-      throw new IllegalStateException("Subsampling level not set");
-
-    if (srcYUVImage != null)
-      compressedSize = compressFromYUV(srcYUVImage.getPlanes(),
-                                       srcYUVImage.getOffsets(),
-                                       srcYUVImage.getWidth(),
-                                       srcYUVImage.getStrides(),
-                                       srcYUVImage.getHeight(),
-                                       srcYUVImage.getSubsamp(),
-                                       dstBuf, jpegQuality, flags);
-    else if (srcBuf != null) {
-      if (srcX >= 0 && srcY >= 0)
-        compressedSize = compress(srcBuf, srcX, srcY, srcWidth, srcPitch,
-                                  srcHeight, srcPixelFormat, dstBuf, subsamp,
-                                  jpegQuality, flags);
-      else
-        compressedSize = compress(srcBuf, srcWidth, srcPitch, srcHeight,
-                                  srcPixelFormat, dstBuf, subsamp, jpegQuality,
-                                  flags);
-    } else if (srcBufInt != null) {
-      if (srcX >= 0 && srcY >= 0)
-        compressedSize = compress(srcBufInt, srcX, srcY, srcWidth, srcStride,
-                                  srcHeight, srcPixelFormat, dstBuf, subsamp,
-                                  jpegQuality, flags);
-      else
-        compressedSize = compress(srcBufInt, srcWidth, srcStride, srcHeight,
-                                  srcPixelFormat, dstBuf, subsamp, jpegQuality,
-                                  flags);
-    }
-  }
-
-  /**
-   * Compress the uncompressed source image associated with this compressor
-   * instance and return a buffer containing a JPEG image.
-   *
-   * @param flags the bitwise OR of one or more of
-   * {@link TJ#FLAG_BOTTOMUP TJ.FLAG_*}
-   *
-   * @return a buffer containing a JPEG image.  The length of this buffer will
-   * not be equal to the size of the JPEG image.  Use {@link
-   * #getCompressedSize} to obtain the size of the JPEG image.
-   */
-  public byte[] compress(int flags) throws TJException {
-    byte[] buf;
-    if (srcYUVImage != null) {
-      buf = new byte[TJ.bufSize(srcYUVImage.getWidth(),
-                                srcYUVImage.getHeight(),
-                                srcYUVImage.getSubsamp())];
-    } else {
-      checkSourceImage();
-      buf = new byte[TJ.bufSize(srcWidth, srcHeight, subsamp)];
-    }
-    compress(buf, flags);
-    return buf;
-  }
-
-  /**
-   * @deprecated Use
-   * {@link #setSourceImage(BufferedImage, int, int, int, int)} and
-   * {@link #compress(byte[], int)} instead.
-   */
-  @SuppressWarnings("checkstyle:JavadocMethod")
-  @Deprecated
-  public void compress(BufferedImage srcImage, byte[] dstBuf, int flags)
-                       throws TJException {
-    setSourceImage(srcImage, 0, 0, 0, 0);
-    compress(dstBuf, flags);
-  }
-
-  /**
-   * @deprecated Use
-   * {@link #setSourceImage(BufferedImage, int, int, int, int)} and
-   * {@link #compress(int)} instead.
-   */
-  @SuppressWarnings("checkstyle:JavadocMethod")
-  @Deprecated
-  public byte[] compress(BufferedImage srcImage, int flags)
-                         throws TJException {
-    setSourceImage(srcImage, 0, 0, 0, 0);
-    return compress(flags);
-  }
-
-  /**
-   * Encode the uncompressed source image associated with this compressor
-   * instance into a YUV planar image and store it in the given
-   * <code>YUVImage</code> instance.   This method uses the accelerated color
-   * conversion routines in TurboJPEG's underlying codec but does not execute
-   * any of the other steps in the JPEG compression process.  Encoding
-   * CMYK source images to YUV is not supported.
-   *
-   * @param dstImage {@link YUVImage} instance that will receive the YUV planar
-   * image
-   *
-   * @param flags the bitwise OR of one or more of
-   * {@link TJ#FLAG_BOTTOMUP TJ.FLAG_*}
-   */
-  public void encodeYUV(YUVImage dstImage, int flags) throws TJException {
-    if (dstImage == null || flags < 0)
-      throw new IllegalArgumentException("Invalid argument in encodeYUV()");
-    if (srcBuf == null && srcBufInt == null)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    if (srcYUVImage != null)
-      throw new IllegalStateException("Source image is not correct type");
-    checkSubsampling();
-    if (srcWidth != dstImage.getWidth() || srcHeight != dstImage.getHeight())
-      throw new IllegalStateException("Destination image is the wrong size");
-
-    if (srcBufInt != null) {
-      encodeYUV(srcBufInt, srcX, srcY, srcWidth, srcStride, srcHeight,
-                srcPixelFormat, dstImage.getPlanes(), dstImage.getOffsets(),
-                dstImage.getStrides(), dstImage.getSubsamp(), flags);
-    } else {
-      encodeYUV(srcBuf, srcX, srcY, srcWidth, srcPitch, srcHeight,
-                srcPixelFormat, dstImage.getPlanes(), dstImage.getOffsets(),
-                dstImage.getStrides(), dstImage.getSubsamp(), flags);
-    }
-    compressedSize = 0;
-  }
-
-  /**
-   * @deprecated Use {@link #encodeYUV(YUVImage, int)} instead.
-   */
-  @SuppressWarnings("checkstyle:JavadocMethod")
-  @Deprecated
-  public void encodeYUV(byte[] dstBuf, int flags) throws TJException {
-    if (dstBuf == null)
-      throw new IllegalArgumentException("Invalid argument in encodeYUV()");
-    checkSourceImage();
-    checkSubsampling();
-    YUVImage dstYUVImage = new YUVImage(dstBuf, srcWidth, 4, srcHeight,
-                                        subsamp);
-    encodeYUV(dstYUVImage, flags);
-  }
-
-  /**
-   * Encode the uncompressed source image associated with this compressor
-   * instance into a unified YUV planar image buffer and return a
-   * <code>YUVImage</code> instance containing the encoded image.  This method
-   * uses the accelerated color conversion routines in TurboJPEG's underlying
-   * codec but does not execute any of the other steps in the JPEG compression
-   * process.  Encoding CMYK source images to YUV is not supported.
-   *
-   * @param pad the width of each line in each plane of the YUV image will be
-   * padded to the nearest multiple of this number of bytes (must be a power of
-   * 2.)
-   *
-   * @param flags the bitwise OR of one or more of
-   * {@link TJ#FLAG_BOTTOMUP TJ.FLAG_*}
-   *
-   * @return a YUV planar image.
-   */
-  public YUVImage encodeYUV(int pad, int flags) throws TJException {
-    checkSourceImage();
-    checkSubsampling();
-    if (pad < 1 || ((pad & (pad - 1)) != 0))
-      throw new IllegalStateException("Invalid argument in encodeYUV()");
-    YUVImage dstYUVImage = new YUVImage(srcWidth, pad, srcHeight, subsamp);
-    encodeYUV(dstYUVImage, flags);
-    return dstYUVImage;
-  }
-
-  /**
-   * Encode the uncompressed source image associated with this compressor
-   * instance into separate Y, U (Cb), and V (Cr) image planes and return a
-   * <code>YUVImage</code> instance containing the encoded image planes.  This
-   * method uses the accelerated color conversion routines in TurboJPEG's
-   * underlying codec but does not execute any of the other steps in the JPEG
-   * compression process.  Encoding CMYK source images to YUV is not supported.
-   *
-   * @param strides an array of integers, each specifying the number of bytes
-   * per line in the corresponding plane of the output image.  Setting the
-   * stride for any plane to 0 is the same as setting it to the component width
-   * of the plane.  If <code>strides</code> is null, then the strides for all
-   * planes will be set to their respective component widths.  You can adjust
-   * the strides in order to add an arbitrary amount of line padding to each
-   * plane.
-   *
-   * @param flags the bitwise OR of one or more of
-   * {@link TJ#FLAG_BOTTOMUP TJ.FLAG_*}
-   *
-   * @return a YUV planar image.
-   */
-  public YUVImage encodeYUV(int[] strides, int flags) throws TJException {
-    checkSourceImage();
-    checkSubsampling();
-    YUVImage dstYUVImage = new YUVImage(srcWidth, strides, srcHeight, subsamp);
-    encodeYUV(dstYUVImage, flags);
-    return dstYUVImage;
-  }
-
-  /**
-   * @deprecated Use {@link #encodeYUV(int, int)} instead.
-   */
-  @SuppressWarnings("checkstyle:JavadocMethod")
-  @Deprecated
-  public byte[] encodeYUV(int flags) throws TJException {
-    checkSourceImage();
-    checkSubsampling();
-    YUVImage dstYUVImage = new YUVImage(srcWidth, 4, srcHeight, subsamp);
-    encodeYUV(dstYUVImage, flags);
-    return dstYUVImage.getBuf();
-  }
-
-  /**
-   * @deprecated Use
-   * {@link #setSourceImage(BufferedImage, int, int, int, int)} and
-   * {@link #encodeYUV(byte[], int)} instead.
-   */
-  @SuppressWarnings("checkstyle:JavadocMethod")
-  @Deprecated
-  public void encodeYUV(BufferedImage srcImage, byte[] dstBuf, int flags)
-                        throws TJException {
-    setSourceImage(srcImage, 0, 0, 0, 0);
-    encodeYUV(dstBuf, flags);
-  }
-
-  /**
-   * @deprecated Use
-   * {@link #setSourceImage(BufferedImage, int, int, int, int)} and
-   * {@link #encodeYUV(int, int)} instead.
-   */
-  @SuppressWarnings("checkstyle:JavadocMethod")
-  @Deprecated
-  public byte[] encodeYUV(BufferedImage srcImage, int flags)
-                          throws TJException {
-    setSourceImage(srcImage, 0, 0, 0, 0);
-    return encodeYUV(flags);
-  }
-
-  /**
-   * Returns the size of the image (in bytes) generated by the most recent
-   * compress operation.
-   *
-   * @return the size of the image (in bytes) generated by the most recent
-   * compress operation.
-   */
-  public int getCompressedSize() {
-    return compressedSize;
-  }
-
-  /**
-   * Free the native structures associated with this compressor instance.
-   */
-  @Override
-  public void close() throws TJException {
-    if (handle != 0)
-      destroy();
-  }
-
-  @SuppressWarnings("checkstyle:DesignForExtension")
-  @Override
-  protected void finalize() throws Throwable {
-    try {
-      close();
-    } catch (TJException e) {
-    } finally {
-      super.finalize();
-    }
-  };
-
-  private native void init() throws TJException;
-
-  private native void destroy() throws TJException;
-
-  // JPEG size in bytes is returned
-  @SuppressWarnings("checkstyle:HiddenField")
-  @Deprecated
-  private native int compress(byte[] srcBuf, int width, int pitch,
-    int height, int pixelFormat, byte[] jpegBuf, int jpegSubsamp, int jpegQual,
-    int flags) throws TJException;
-
-  @SuppressWarnings("checkstyle:HiddenField")
-  private native int compress(byte[] srcBuf, int x, int y, int width,
-    int pitch, int height, int pixelFormat, byte[] jpegBuf, int jpegSubsamp,
-    int jpegQual, int flags) throws TJException;
-
-  @SuppressWarnings("checkstyle:HiddenField")
-  @Deprecated
-  private native int compress(int[] srcBuf, int width, int stride,
-    int height, int pixelFormat, byte[] jpegBuf, int jpegSubsamp, int jpegQual,
-    int flags) throws TJException;
-
-  @SuppressWarnings("checkstyle:HiddenField")
-  private native int compress(int[] srcBuf, int x, int y, int width,
-    int stride, int height, int pixelFormat, byte[] jpegBuf, int jpegSubsamp,
-    int jpegQual, int flags) throws TJException;
-
-  @SuppressWarnings("checkstyle:HiddenField")
-  private native int compressFromYUV(byte[][] srcPlanes, int[] srcOffsets,
-    int width, int[] srcStrides, int height, int subsamp, byte[] jpegBuf,
-    int jpegQual, int flags)
-    throws TJException;
-
-  @SuppressWarnings("checkstyle:HiddenField")
-  @Deprecated
-  private native void encodeYUV(byte[] srcBuf, int width, int pitch,
-    int height, int pixelFormat, byte[] dstBuf, int subsamp, int flags)
-    throws TJException;
-
-  @SuppressWarnings("checkstyle:HiddenField")
-  private native void encodeYUV(byte[] srcBuf, int x, int y, int width,
-    int pitch, int height, int pixelFormat, byte[][] dstPlanes,
-    int[] dstOffsets, int[] dstStrides, int subsamp, int flags)
-    throws TJException;
-
-  @SuppressWarnings("checkstyle:HiddenField")
-  @Deprecated
-  private native void encodeYUV(int[] srcBuf, int width, int stride,
-    int height, int pixelFormat, byte[] dstBuf, int subsamp, int flags)
-    throws TJException;
-
-  @SuppressWarnings("checkstyle:HiddenField")
-  private native void encodeYUV(int[] srcBuf, int x, int y, int width,
-    int srcStride, int height, int pixelFormat, byte[][] dstPlanes,
-    int[] dstOffsets, int[] dstStrides, int subsamp, int flags)
-    throws TJException;
-
-  static {
-    TJLoader.load();
-  }
-
-  private void checkSourceImage() {
-    if (srcWidth < 1 || srcHeight < 1)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-  }
-
-  private void checkSubsampling() {
-    if (subsamp < 0)
-      throw new IllegalStateException("Subsampling level not set");
-  }
-
-  private long handle = 0;
-  private byte[] srcBuf = null;
-  private int[] srcBufInt = null;
-  private int srcWidth = 0;
-  private int srcHeight = 0;
-  private int srcX = -1;
-  private int srcY = -1;
-  private int srcPitch = 0;
-  private int srcStride = 0;
-  private int srcPixelFormat = -1;
-  private YUVImage srcYUVImage = null;
-  private int subsamp = -1;
-  private int jpegQuality = -1;
-  private int compressedSize = 0;
-  private int yuvPad = 4;
-  private ByteOrder byteOrder = null;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJCustomFilter.java b/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJCustomFilter.java
deleted file mode 100644
index 9a34587..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJCustomFilter.java
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * Copyright (C)2011, 2013 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-package org.libjpegturbo.turbojpeg;
-
-import java.awt.*;
-import java.nio.*;
-
-/**
- * Custom filter callback interface
- */
-public interface TJCustomFilter {
-
-  /**
-   * A callback function that can be used to modify the DCT coefficients after
-   * they are losslessly transformed but before they are transcoded to a new
-   * JPEG image.  This allows for custom filters or other transformations to be
-   * applied in the frequency domain.
-   *
-   * @param coeffBuffer a buffer containing transformed DCT coefficients.
-   * (NOTE: this buffer is not guaranteed to be valid once the callback
-   * returns, so applications wishing to hand off the DCT coefficients to
-   * another function or library should make a copy of them within the body of
-   * the callback.)
-   *
-   * @param bufferRegion rectangle containing the width and height of
-   * <code>coeffBuffer</code> as well as its offset relative to the component
-   * plane.  TurboJPEG implementations may choose to split each component plane
-   * into multiple DCT coefficient buffers and call the callback function once
-   * for each buffer.
-   *
-   * @param planeRegion rectangle containing the width and height of the
-   * component plane to which <code>coeffBuffer</code> belongs
-   *
-   * @param componentID ID number of the component plane to which
-   * <code>coeffBuffer</code> belongs (Y, Cb, and Cr have, respectively, ID's
-   * of 0, 1, and 2 in typical JPEG images.)
-   *
-   * @param transformID ID number of the transformed image to which
-   * <code>coeffBuffer</code> belongs.  This is the same as the index of the
-   * transform in the <code>transforms</code> array that was passed to {@link
-   * TJTransformer#transform TJTransformer.transform()}.
-   *
-   * @param transform a {@link TJTransform} instance that specifies the
-   * parameters and/or cropping region for this transform
-   */
-  void customFilter(ShortBuffer coeffBuffer, Rectangle bufferRegion,
-                    Rectangle planeRegion, int componentID, int transformID,
-                    TJTransform transform)
-    throws TJException;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJDecompressor.java b/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJDecompressor.java
deleted file mode 100644
index cba9ff0..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJDecompressor.java
+++ /dev/null
@@ -1,931 +0,0 @@
-/*
- * Copyright (C)2011-2015, 2018 D. R. Commander.  All Rights Reserved.
- * Copyright (C)2015 Viktor Szathmáry.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-package org.libjpegturbo.turbojpeg;
-
-import java.awt.image.*;
-import java.nio.*;
-import java.io.*;
-
-/**
- * TurboJPEG decompressor
- */
-public class TJDecompressor implements Closeable {
-
-  private static final String NO_ASSOC_ERROR =
-    "No JPEG image is associated with this instance";
-
-  /**
-   * Create a TurboJPEG decompresssor instance.
-   */
-  public TJDecompressor() throws TJException {
-    init();
-  }
-
-  /**
-   * Create a TurboJPEG decompressor instance and associate the JPEG source
-   * image stored in <code>jpegImage</code> with the newly created instance.
-   *
-   * @param jpegImage JPEG image buffer (size of the JPEG image is assumed to
-   * be the length of the array.)  This buffer is not modified.
-   */
-  public TJDecompressor(byte[] jpegImage) throws TJException {
-    init();
-    setSourceImage(jpegImage, jpegImage.length);
-  }
-
-  /**
-   * Create a TurboJPEG decompressor instance and associate the JPEG source
-   * image of length <code>imageSize</code> bytes stored in
-   * <code>jpegImage</code> with the newly created instance.
-   *
-   * @param jpegImage JPEG image buffer.  This buffer is not modified.
-   *
-   * @param imageSize size of the JPEG image (in bytes)
-   */
-  public TJDecompressor(byte[] jpegImage, int imageSize) throws TJException {
-    init();
-    setSourceImage(jpegImage, imageSize);
-  }
-
-  /**
-   * Create a TurboJPEG decompressor instance and associate the YUV planar
-   * source image stored in <code>yuvImage</code> with the newly created
-   * instance.
-   *
-   * @param yuvImage {@link YUVImage} instance containing a YUV planar
-   * image to be decoded.  This image is not modified.
-   */
-  @SuppressWarnings("checkstyle:HiddenField")
-  public TJDecompressor(YUVImage yuvImage) throws TJException {
-    init();
-    setSourceImage(yuvImage);
-  }
-
-  /**
-   * Associate the JPEG image of length <code>imageSize</code> bytes stored in
-   * <code>jpegImage</code> with this decompressor instance.  This image will
-   * be used as the source image for subsequent decompress operations.
-   *
-   * @param jpegImage JPEG image buffer.  This buffer is not modified.
-   *
-   * @param imageSize size of the JPEG image (in bytes)
-   */
-  public void setSourceImage(byte[] jpegImage, int imageSize)
-                             throws TJException {
-    if (jpegImage == null || imageSize < 1)
-      throw new IllegalArgumentException("Invalid argument in setSourceImage()");
-    jpegBuf = jpegImage;
-    jpegBufSize = imageSize;
-    decompressHeader(jpegBuf, jpegBufSize);
-    yuvImage = null;
-  }
-
-  /**
-   * @deprecated Use {@link #setSourceImage(byte[], int)} instead.
-   */
-  @SuppressWarnings("checkstyle:JavadocMethod")
-  @Deprecated
-  public void setJPEGImage(byte[] jpegImage, int imageSize)
-                           throws TJException {
-    setSourceImage(jpegImage, imageSize);
-  }
-
-  /**
-   * Associate the specified YUV planar source image with this decompressor
-   * instance.  Subsequent decompress operations will decode this image into an
-   * RGB or grayscale destination image.
-   *
-   * @param srcImage {@link YUVImage} instance containing a YUV planar image to
-   * be decoded.  This image is not modified.
-   */
-  public void setSourceImage(YUVImage srcImage) {
-    if (srcImage == null)
-      throw new IllegalArgumentException("Invalid argument in setSourceImage()");
-    yuvImage = srcImage;
-    jpegBuf = null;
-    jpegBufSize = 0;
-  }
-
-
-  /**
-   * Returns the width of the source image (JPEG or YUV) associated with this
-   * decompressor instance.
-   *
-   * @return the width of the source image (JPEG or YUV) associated with this
-   * decompressor instance.
-   */
-  public int getWidth() {
-    if (yuvImage != null)
-      return yuvImage.getWidth();
-    if (jpegWidth < 1)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    return jpegWidth;
-  }
-
-  /**
-   * Returns the height of the source image (JPEG or YUV) associated with this
-   * decompressor instance.
-   *
-   * @return the height of the source image (JPEG or YUV) associated with this
-   * decompressor instance.
-   */
-  public int getHeight() {
-    if (yuvImage != null)
-      return yuvImage.getHeight();
-    if (jpegHeight < 1)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    return jpegHeight;
-  }
-
-  /**
-   * Returns the level of chrominance subsampling used in the source image
-   * (JPEG or YUV) associated with this decompressor instance.  See
-   * {@link TJ#SAMP_444 TJ.SAMP_*}.
-   *
-   * @return the level of chrominance subsampling used in the source image
-   * (JPEG or YUV) associated with this decompressor instance.
-   */
-  public int getSubsamp() {
-    if (yuvImage != null)
-      return yuvImage.getSubsamp();
-    if (jpegSubsamp < 0)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    if (jpegSubsamp >= TJ.NUMSAMP)
-      throw new IllegalStateException("JPEG header information is invalid");
-    return jpegSubsamp;
-  }
-
-  /**
-   * Returns the colorspace used in the source image (JPEG or YUV) associated
-   * with this decompressor instance.  See {@link TJ#CS_RGB TJ.CS_*}.  If the
-   * source image is YUV, then this always returns {@link TJ#CS_YCbCr}.
-   *
-   * @return the colorspace used in the source image (JPEG or YUV) associated
-   * with this decompressor instance.
-   */
-  public int getColorspace() {
-    if (yuvImage != null)
-      return TJ.CS_YCbCr;
-    if (jpegColorspace < 0)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    if (jpegColorspace >= TJ.NUMCS)
-      throw new IllegalStateException("JPEG header information is invalid");
-    return jpegColorspace;
-  }
-
-  /**
-   * Returns the JPEG image buffer associated with this decompressor instance.
-   *
-   * @return the JPEG image buffer associated with this decompressor instance.
-   */
-  public byte[] getJPEGBuf() {
-    if (jpegBuf == null)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    return jpegBuf;
-  }
-
-  /**
-   * Returns the size of the JPEG image (in bytes) associated with this
-   * decompressor instance.
-   *
-   * @return the size of the JPEG image (in bytes) associated with this
-   * decompressor instance.
-   */
-  public int getJPEGSize() {
-    if (jpegBufSize < 1)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    return jpegBufSize;
-  }
-
-  /**
-   * Returns the width of the largest scaled-down image that the TurboJPEG
-   * decompressor can generate without exceeding the desired image width and
-   * height.
-   *
-   * @param desiredWidth desired width (in pixels) of the decompressed image.
-   * Setting this to 0 is the same as setting it to the width of the JPEG image
-   * (in other words, the width will not be considered when determining the
-   * scaled image size.)
-   *
-   * @param desiredHeight desired height (in pixels) of the decompressed image.
-   * Setting this to 0 is the same as setting it to the height of the JPEG
-   * image (in other words, the height will not be considered when determining
-   * the scaled image size.)
-   *
-   * @return the width of the largest scaled-down image that the TurboJPEG
-   * decompressor can generate without exceeding the desired image width and
-   * height.
-   */
-  public int getScaledWidth(int desiredWidth, int desiredHeight) {
-    if (jpegWidth < 1 || jpegHeight < 1)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    if (desiredWidth < 0 || desiredHeight < 0)
-      throw new IllegalArgumentException("Invalid argument in getScaledWidth()");
-    TJScalingFactor[] sf = TJ.getScalingFactors();
-    if (desiredWidth == 0)
-      desiredWidth = jpegWidth;
-    if (desiredHeight == 0)
-      desiredHeight = jpegHeight;
-    int scaledWidth = jpegWidth, scaledHeight = jpegHeight;
-    for (int i = 0; i < sf.length; i++) {
-      scaledWidth = sf[i].getScaled(jpegWidth);
-      scaledHeight = sf[i].getScaled(jpegHeight);
-      if (scaledWidth <= desiredWidth && scaledHeight <= desiredHeight)
-        break;
-    }
-    if (scaledWidth > desiredWidth || scaledHeight > desiredHeight)
-      throw new IllegalArgumentException("Could not scale down to desired image dimensions");
-    return scaledWidth;
-  }
-
-  /**
-   * Returns the height of the largest scaled-down image that the TurboJPEG
-   * decompressor can generate without exceeding the desired image width and
-   * height.
-   *
-   * @param desiredWidth desired width (in pixels) of the decompressed image.
-   * Setting this to 0 is the same as setting it to the width of the JPEG image
-   * (in other words, the width will not be considered when determining the
-   * scaled image size.)
-   *
-   * @param desiredHeight desired height (in pixels) of the decompressed image.
-   * Setting this to 0 is the same as setting it to the height of the JPEG
-   * image (in other words, the height will not be considered when determining
-   * the scaled image size.)
-   *
-   * @return the height of the largest scaled-down image that the TurboJPEG
-   * decompressor can generate without exceeding the desired image width and
-   * height.
-   */
-  public int getScaledHeight(int desiredWidth, int desiredHeight) {
-    if (jpegWidth < 1 || jpegHeight < 1)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    if (desiredWidth < 0 || desiredHeight < 0)
-      throw new IllegalArgumentException("Invalid argument in getScaledHeight()");
-    TJScalingFactor[] sf = TJ.getScalingFactors();
-    if (desiredWidth == 0)
-      desiredWidth = jpegWidth;
-    if (desiredHeight == 0)
-      desiredHeight = jpegHeight;
-    int scaledWidth = jpegWidth, scaledHeight = jpegHeight;
-    for (int i = 0; i < sf.length; i++) {
-      scaledWidth = sf[i].getScaled(jpegWidth);
-      scaledHeight = sf[i].getScaled(jpegHeight);
-      if (scaledWidth <= desiredWidth && scaledHeight <= desiredHeight)
-        break;
-    }
-    if (scaledWidth > desiredWidth || scaledHeight > desiredHeight)
-      throw new IllegalArgumentException("Could not scale down to desired image dimensions");
-    return scaledHeight;
-  }
-
-  /**
-   * Decompress the JPEG source image or decode the YUV source image associated
-   * with this decompressor instance and output a grayscale, RGB, or CMYK image
-   * to the given destination buffer.
-   * <p>
-   * NOTE: The output image is fully recoverable if this method throws a
-   * non-fatal {@link TJException} (unless
-   * {@link TJ#FLAG_STOPONWARNING TJ.FLAG_STOPONWARNING} is specified.)
-   *
-   * @param dstBuf buffer that will receive the decompressed/decoded image.
-   * If the source image is a JPEG image, then this buffer should normally be
-   * <code>pitch * scaledHeight</code> bytes in size, where
-   * <code>scaledHeight</code> can be determined by calling <code>
-   * scalingFactor.{@link TJScalingFactor#getScaled getScaled}(jpegHeight)
-   * </code> with one of the scaling factors returned from {@link
-   * TJ#getScalingFactors} or by calling {@link #getScaledHeight}.  If the
-   * source image is a YUV image, then this buffer should normally be
-   * <code>pitch * height</code> bytes in size, where <code>height</code> is
-   * the height of the YUV image.  However, the buffer may also be larger than
-   * the dimensions of the source image, in which case the <code>x</code>,
-   * <code>y</code>, and <code>pitch</code> parameters can be used to specify
-   * the region into which the source image should be decompressed/decoded.
-   *
-   * @param x x offset (in pixels) of the region in the destination image into
-   * which the source image should be decompressed/decoded
-   *
-   * @param y y offset (in pixels) of the region in the destination image into
-   * which the source image should be decompressed/decoded
-   *
-   * @param desiredWidth If the source image is a JPEG image, then this
-   * specifies the desired width (in pixels) of the decompressed image (or
-   * image region.)  If the desired destination image dimensions are different
-   * than the source image dimensions, then TurboJPEG will use scaling in the
-   * JPEG decompressor to generate the largest possible image that will fit
-   * within the desired dimensions.  Setting this to 0 is the same as setting
-   * it to the width of the JPEG image (in other words, the width will not be
-   * considered when determining the scaled image size.)  This parameter is
-   * ignored if the source image is a YUV image.
-   *
-   * @param pitch bytes per line of the destination image.  Normally, this
-   * should be set to <code>scaledWidth * TJ.pixelSize(pixelFormat)</code> if
-   * the destination image is unpadded, but you can use this to, for instance,
-   * pad each line of the destination image to a 4-byte boundary or to
-   * decompress/decode the source image into a region of a larger image.  NOTE:
-   * if the source image is a JPEG image, then <code>scaledWidth</code> can be
-   * determined by calling <code>
-   * scalingFactor.{@link TJScalingFactor#getScaled getScaled}(jpegWidth)
-   * </code> or by calling {@link #getScaledWidth}.  If the source image is a
-   * YUV image, then <code>scaledWidth</code> is the width of the YUV image.
-   * Setting this parameter to 0 is the equivalent of setting it to
-   * <code>scaledWidth * TJ.pixelSize(pixelFormat)</code>.
-   *
-   * @param desiredHeight If the source image is a JPEG image, then this
-   * specifies the desired height (in pixels) of the decompressed image (or
-   * image region.)  If the desired destination image dimensions are different
-   * than the source image dimensions, then TurboJPEG will use scaling in the
-   * JPEG decompressor to generate the largest possible image that will fit
-   * within the desired dimensions.  Setting this to 0 is the same as setting
-   * it to the height of the JPEG image (in other words, the height will not be
-   * considered when determining the scaled image size.)  This parameter is
-   * ignored if the source image is a YUV image.
-   *
-   * @param pixelFormat pixel format of the decompressed/decoded image (one of
-   * {@link TJ#PF_RGB TJ.PF_*})
-   *
-   * @param flags the bitwise OR of one or more of
-   * {@link TJ#FLAG_BOTTOMUP TJ.FLAG_*}
-   */
-  public void decompress(byte[] dstBuf, int x, int y, int desiredWidth,
-                         int pitch, int desiredHeight, int pixelFormat,
-                         int flags) throws TJException {
-    if (jpegBuf == null && yuvImage == null)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    if (dstBuf == null || x < 0 || y < 0 || pitch < 0 ||
-        (yuvImage != null && (desiredWidth < 0 || desiredHeight < 0)) ||
-        pixelFormat < 0 || pixelFormat >= TJ.NUMPF || flags < 0)
-      throw new IllegalArgumentException("Invalid argument in decompress()");
-    if (yuvImage != null)
-      decodeYUV(yuvImage.getPlanes(), yuvImage.getOffsets(),
-                yuvImage.getStrides(), yuvImage.getSubsamp(), dstBuf, x, y,
-                yuvImage.getWidth(), pitch, yuvImage.getHeight(), pixelFormat,
-                flags);
-    else {
-      if (x > 0 || y > 0)
-        decompress(jpegBuf, jpegBufSize, dstBuf, x, y, desiredWidth, pitch,
-                   desiredHeight, pixelFormat, flags);
-      else
-        decompress(jpegBuf, jpegBufSize, dstBuf, desiredWidth, pitch,
-                   desiredHeight, pixelFormat, flags);
-    }
-  }
-
-  /**
-   * @deprecated Use
-   * {@link #decompress(byte[], int, int, int, int, int, int, int)} instead.
-   */
-  @SuppressWarnings("checkstyle:JavadocMethod")
-  @Deprecated
-  public void decompress(byte[] dstBuf, int desiredWidth, int pitch,
-                         int desiredHeight, int pixelFormat, int flags)
-                         throws TJException {
-    decompress(dstBuf, 0, 0, desiredWidth, pitch, desiredHeight, pixelFormat,
-               flags);
-  }
-
-  /**
-   * Decompress the JPEG source image associated with this decompressor
-   * instance and return a buffer containing the decompressed image.
-   *
-   * @param desiredWidth see
-   * {@link #decompress(byte[], int, int, int, int, int, int, int)}
-   * for description
-   *
-   * @param pitch see
-   * {@link #decompress(byte[], int, int, int, int, int, int, int)}
-   * for description
-   *
-   * @param desiredHeight see
-   * {@link #decompress(byte[], int, int, int, int, int, int, int)}
-   * for description
-   *
-   * @param pixelFormat pixel format of the decompressed image (one of
-   * {@link TJ#PF_RGB TJ.PF_*})
-   *
-   * @param flags the bitwise OR of one or more of
-   * {@link TJ#FLAG_BOTTOMUP TJ.FLAG_*}
-   *
-   * @return a buffer containing the decompressed image.
-   */
-  public byte[] decompress(int desiredWidth, int pitch, int desiredHeight,
-                           int pixelFormat, int flags) throws TJException {
-    if (pitch < 0 ||
-        (yuvImage == null && (desiredWidth < 0 || desiredHeight < 0)) ||
-        pixelFormat < 0 || pixelFormat >= TJ.NUMPF || flags < 0)
-      throw new IllegalArgumentException("Invalid argument in decompress()");
-    int pixelSize = TJ.getPixelSize(pixelFormat);
-    int scaledWidth = getScaledWidth(desiredWidth, desiredHeight);
-    int scaledHeight = getScaledHeight(desiredWidth, desiredHeight);
-    if (pitch == 0)
-      pitch = scaledWidth * pixelSize;
-    byte[] buf = new byte[pitch * scaledHeight];
-    decompress(buf, desiredWidth, pitch, desiredHeight, pixelFormat, flags);
-    return buf;
-  }
-
-  /**
-   * Decompress the JPEG source image associated with this decompressor
-   * instance into a YUV planar image and store it in the given
-   * <code>YUVImage</code> instance.  This method performs JPEG decompression
-   * but leaves out the color conversion step, so a planar YUV image is
-   * generated instead of an RGB or grayscale image.  This method cannot be
-   * used to decompress JPEG source images with the CMYK or YCCK colorspace.
-   * <p>
-   * NOTE: The YUV planar output image is fully recoverable if this method
-   * throws a non-fatal {@link TJException} (unless
-   * {@link TJ#FLAG_STOPONWARNING TJ.FLAG_STOPONWARNING} is specified.)
-   *
-   * @param dstImage {@link YUVImage} instance that will receive the YUV planar
-   * image.  The level of subsampling specified in this <code>YUVImage</code>
-   * instance must match that of the JPEG image, and the width and height
-   * specified in the <code>YUVImage</code> instance must match one of the
-   * scaled image sizes that TurboJPEG is capable of generating from the JPEG
-   * source image.
-   *
-   * @param flags the bitwise OR of one or more of
-   * {@link TJ#FLAG_BOTTOMUP TJ.FLAG_*}
-   */
-  public void decompressToYUV(YUVImage dstImage, int flags)
-                              throws TJException {
-    if (jpegBuf == null)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    if (dstImage == null || flags < 0)
-      throw new IllegalArgumentException("Invalid argument in decompressToYUV()");
-    int scaledWidth = getScaledWidth(dstImage.getWidth(),
-                                     dstImage.getHeight());
-    int scaledHeight = getScaledHeight(dstImage.getWidth(),
-                                       dstImage.getHeight());
-    if (scaledWidth != dstImage.getWidth() ||
-        scaledHeight != dstImage.getHeight())
-      throw new IllegalArgumentException("YUVImage dimensions do not match one of the scaled image sizes that TurboJPEG is capable of generating.");
-    if (jpegSubsamp != dstImage.getSubsamp())
-      throw new IllegalArgumentException("YUVImage subsampling level does not match that of the JPEG image");
-
-    decompressToYUV(jpegBuf, jpegBufSize, dstImage.getPlanes(),
-                    dstImage.getOffsets(), dstImage.getWidth(),
-                    dstImage.getStrides(), dstImage.getHeight(), flags);
-  }
-
-  /**
-   * @deprecated Use {@link #decompressToYUV(YUVImage, int)} instead.
-   */
-  @SuppressWarnings("checkstyle:JavadocMethod")
-  @Deprecated
-  public void decompressToYUV(byte[] dstBuf, int flags) throws TJException {
-    YUVImage dstYUVImage = new YUVImage(dstBuf, jpegWidth, 4, jpegHeight,
-                                        jpegSubsamp);
-    decompressToYUV(dstYUVImage, flags);
-  }
-
-  /**
-   * Decompress the JPEG source image associated with this decompressor
-   * instance into a set of Y, U (Cb), and V (Cr) image planes and return a
-   * <code>YUVImage</code> instance containing the decompressed image planes.
-   * This method performs JPEG decompression but leaves out the color
-   * conversion step, so a planar YUV image is generated instead of an RGB or
-   * grayscale image.  This method cannot be used to decompress JPEG source
-   * images with the CMYK or YCCK colorspace.
-   *
-   * @param desiredWidth desired width (in pixels) of the YUV image.  If the
-   * desired image dimensions are different than the dimensions of the JPEG
-   * image being decompressed, then TurboJPEG will use scaling in the JPEG
-   * decompressor to generate the largest possible image that will fit within
-   * the desired dimensions.  Setting this to 0 is the same as setting it to
-   * the width of the JPEG image (in other words, the width will not be
-   * considered when determining the scaled image size.)
-   *
-   * @param strides an array of integers, each specifying the number of bytes
-   * per line in the corresponding plane of the output image.  Setting the
-   * stride for any plane to 0 is the same as setting it to the scaled
-   * component width of the plane.  If <tt>strides</tt> is NULL, then the
-   * strides for all planes will be set to their respective scaled component
-   * widths.  You can adjust the strides in order to add an arbitrary amount of
-   * line padding to each plane.
-   *
-   * @param desiredHeight desired height (in pixels) of the YUV image.  If the
-   * desired image dimensions are different than the dimensions of the JPEG
-   * image being decompressed, then TurboJPEG will use scaling in the JPEG
-   * decompressor to generate the largest possible image that will fit within
-   * the desired dimensions.  Setting this to 0 is the same as setting it to
-   * the height of the JPEG image (in other words, the height will not be
-   * considered when determining the scaled image size.)
-   *
-   * @param flags the bitwise OR of one or more of
-   * {@link TJ#FLAG_BOTTOMUP TJ.FLAG_*}
-   *
-   * @return a YUV planar image.
-   */
-  public YUVImage decompressToYUV(int desiredWidth, int[] strides,
-                                  int desiredHeight,
-                                  int flags) throws TJException {
-    if (flags < 0)
-      throw new IllegalArgumentException("Invalid argument in decompressToYUV()");
-    if (jpegWidth < 1 || jpegHeight < 1 || jpegSubsamp < 0)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    if (jpegSubsamp >= TJ.NUMSAMP)
-      throw new IllegalStateException("JPEG header information is invalid");
-    if (yuvImage != null)
-      throw new IllegalStateException("Source image is the wrong type");
-
-    int scaledWidth = getScaledWidth(desiredWidth, desiredHeight);
-    int scaledHeight = getScaledHeight(desiredWidth, desiredHeight);
-    YUVImage dstYUVImage = new YUVImage(scaledWidth, null, scaledHeight,
-                                        jpegSubsamp);
-    decompressToYUV(dstYUVImage, flags);
-    return dstYUVImage;
-  }
-
-  /**
-   * Decompress the JPEG source image associated with this decompressor
-   * instance into a unified YUV planar image buffer and return a
-   * <code>YUVImage</code> instance containing the decompressed image.  This
-   * method performs JPEG decompression but leaves out the color conversion
-   * step, so a planar YUV image is generated instead of an RGB or grayscale
-   * image.  This method cannot be used to decompress JPEG source images with
-   * the CMYK or YCCK colorspace.
-   *
-   * @param desiredWidth desired width (in pixels) of the YUV image.  If the
-   * desired image dimensions are different than the dimensions of the JPEG
-   * image being decompressed, then TurboJPEG will use scaling in the JPEG
-   * decompressor to generate the largest possible image that will fit within
-   * the desired dimensions.  Setting this to 0 is the same as setting it to
-   * the width of the JPEG image (in other words, the width will not be
-   * considered when determining the scaled image size.)
-   *
-   * @param pad the width of each line in each plane of the YUV image will be
-   * padded to the nearest multiple of this number of bytes (must be a power of
-   * 2.)
-   *
-   * @param desiredHeight desired height (in pixels) of the YUV image.  If the
-   * desired image dimensions are different than the dimensions of the JPEG
-   * image being decompressed, then TurboJPEG will use scaling in the JPEG
-   * decompressor to generate the largest possible image that will fit within
-   * the desired dimensions.  Setting this to 0 is the same as setting it to
-   * the height of the JPEG image (in other words, the height will not be
-   * considered when determining the scaled image size.)
-   *
-   * @param flags the bitwise OR of one or more of
-   * {@link TJ#FLAG_BOTTOMUP TJ.FLAG_*}
-   *
-   * @return a YUV planar image.
-   */
-  public YUVImage decompressToYUV(int desiredWidth, int pad, int desiredHeight,
-                                  int flags) throws TJException {
-    if (flags < 0)
-      throw new IllegalArgumentException("Invalid argument in decompressToYUV()");
-    if (jpegWidth < 1 || jpegHeight < 1 || jpegSubsamp < 0)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    if (jpegSubsamp >= TJ.NUMSAMP)
-      throw new IllegalStateException("JPEG header information is invalid");
-    if (yuvImage != null)
-      throw new IllegalStateException("Source image is the wrong type");
-
-    int scaledWidth = getScaledWidth(desiredWidth, desiredHeight);
-    int scaledHeight = getScaledHeight(desiredWidth, desiredHeight);
-    YUVImage dstYUVImage = new YUVImage(scaledWidth, pad, scaledHeight,
-                                        jpegSubsamp);
-    decompressToYUV(dstYUVImage, flags);
-    return dstYUVImage;
-  }
-
-  /**
-   * @deprecated Use {@link #decompressToYUV(int, int, int, int)} instead.
-   */
-  @SuppressWarnings("checkstyle:JavadocMethod")
-  @Deprecated
-  public byte[] decompressToYUV(int flags) throws TJException {
-    YUVImage dstYUVImage = new YUVImage(jpegWidth, 4, jpegHeight, jpegSubsamp);
-    decompressToYUV(dstYUVImage, flags);
-    return dstYUVImage.getBuf();
-  }
-
-  /**
-   * Decompress the JPEG source image or decode the YUV source image associated
-   * with this decompressor instance and output a grayscale, RGB, or CMYK image
-   * to the given destination buffer.
-   * <p>
-   * NOTE: The output image is fully recoverable if this method throws a
-   * non-fatal {@link TJException} (unless
-   * {@link TJ#FLAG_STOPONWARNING TJ.FLAG_STOPONWARNING} is specified.)
-   *
-   * @param dstBuf buffer that will receive the decompressed/decoded image.
-   * If the source image is a JPEG image, then this buffer should normally be
-   * <code>stride * scaledHeight</code> pixels in size, where
-   * <code>scaledHeight</code> can be determined by calling <code>
-   * scalingFactor.{@link TJScalingFactor#getScaled getScaled}(jpegHeight)
-   * </code> with one of the scaling factors returned from {@link
-   * TJ#getScalingFactors} or by calling {@link #getScaledHeight}.  If the
-   * source image is a YUV image, then this buffer should normally be
-   * <code>stride * height</code> pixels in size, where <code>height</code> is
-   * the height of the YUV image.  However, the buffer may also be larger than
-   * the dimensions of the JPEG image, in which case the <code>x</code>,
-   * <code>y</code>, and <code>stride</code> parameters can be used to specify
-   * the region into which the source image should be decompressed.
-   *
-   * @param x x offset (in pixels) of the region in the destination image into
-   * which the source image should be decompressed/decoded
-   *
-   * @param y y offset (in pixels) of the region in the destination image into
-   * which the source image should be decompressed/decoded
-   *
-   * @param desiredWidth If the source image is a JPEG image, then this
-   * specifies the desired width (in pixels) of the decompressed image (or
-   * image region.)  If the desired destination image dimensions are different
-   * than the source image dimensions, then TurboJPEG will use scaling in the
-   * JPEG decompressor to generate the largest possible image that will fit
-   * within the desired dimensions.  Setting this to 0 is the same as setting
-   * it to the width of the JPEG image (in other words, the width will not be
-   * considered when determining the scaled image size.)  This parameter is
-   * ignored if the source image is a YUV image.
-   *
-   * @param stride pixels per line of the destination image.  Normally, this
-   * should be set to <code>scaledWidth</code>, but you can use this to, for
-   * instance, decompress the JPEG image into a region of a larger image.
-   * NOTE: if the source image is a JPEG image, then <code>scaledWidth</code>
-   * can be determined by calling <code>
-   * scalingFactor.{@link TJScalingFactor#getScaled getScaled}(jpegWidth)
-   * </code> or by calling {@link #getScaledWidth}.  If the source image is a
-   * YUV image, then <code>scaledWidth</code> is the width of the YUV image.
-   * Setting this parameter to 0 is the equivalent of setting it to
-   * <code>scaledWidth</code>.
-   *
-   * @param desiredHeight If the source image is a JPEG image, then this
-   * specifies the desired height (in pixels) of the decompressed image (or
-   * image region.)  If the desired destination image dimensions are different
-   * than the source image dimensions, then TurboJPEG will use scaling in the
-   * JPEG decompressor to generate the largest possible image that will fit
-   * within the desired dimensions.  Setting this to 0 is the same as setting
-   * it to the height of the JPEG image (in other words, the height will not be
-   * considered when determining the scaled image size.)  This parameter is
-   * ignored if the source image is a YUV image.
-   *
-   * @param pixelFormat pixel format of the decompressed image (one of
-   * {@link TJ#PF_RGB TJ.PF_*})
-   *
-   * @param flags the bitwise OR of one or more of
-   * {@link TJ#FLAG_BOTTOMUP TJ.FLAG_*}
-   */
-  public void decompress(int[] dstBuf, int x, int y, int desiredWidth,
-                         int stride, int desiredHeight, int pixelFormat,
-                         int flags) throws TJException {
-    if (jpegBuf == null && yuvImage == null)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    if (dstBuf == null || x < 0 || y < 0 || stride < 0 ||
-        (yuvImage != null && (desiredWidth < 0 || desiredHeight < 0)) ||
-        pixelFormat < 0 || pixelFormat >= TJ.NUMPF || flags < 0)
-      throw new IllegalArgumentException("Invalid argument in decompress()");
-    if (yuvImage != null)
-      decodeYUV(yuvImage.getPlanes(), yuvImage.getOffsets(),
-                yuvImage.getStrides(), yuvImage.getSubsamp(), dstBuf, x, y,
-                yuvImage.getWidth(), stride, yuvImage.getHeight(), pixelFormat,
-                flags);
-    else
-      decompress(jpegBuf, jpegBufSize, dstBuf, x, y, desiredWidth, stride,
-                 desiredHeight, pixelFormat, flags);
-  }
-
-  /**
-   * Decompress the JPEG source image or decode the YUV source image associated
-   * with this decompressor instance and output a decompressed/decoded image to
-   * the given <code>BufferedImage</code> instance.
-   * <p>
-   * NOTE: The output image is fully recoverable if this method throws a
-   * non-fatal {@link TJException} (unless
-   * {@link TJ#FLAG_STOPONWARNING TJ.FLAG_STOPONWARNING} is specified.)
-   *
-   * @param dstImage a <code>BufferedImage</code> instance that will receive
-   * the decompressed/decoded image.  If the source image is a JPEG image, then
-   * the width and height of the <code>BufferedImage</code> instance must match
-   * one of the scaled image sizes that TurboJPEG is capable of generating from
-   * the JPEG image.  If the source image is a YUV image, then the width and
-   * height of the <code>BufferedImage</code> instance must match the width and
-   * height of the YUV image.
-   *
-   * @param flags the bitwise OR of one or more of
-   * {@link TJ#FLAG_BOTTOMUP TJ.FLAG_*}
-   */
-  public void decompress(BufferedImage dstImage, int flags)
-                         throws TJException {
-    if (dstImage == null || flags < 0)
-      throw new IllegalArgumentException("Invalid argument in decompress()");
-    int desiredWidth = dstImage.getWidth();
-    int desiredHeight = dstImage.getHeight();
-    int scaledWidth, scaledHeight;
-
-    if (yuvImage != null) {
-      if (desiredWidth != yuvImage.getWidth() ||
-          desiredHeight != yuvImage.getHeight())
-        throw new IllegalArgumentException("BufferedImage dimensions do not match the dimensions of the source image.");
-      scaledWidth = yuvImage.getWidth();
-      scaledHeight = yuvImage.getHeight();
-    } else {
-      scaledWidth = getScaledWidth(desiredWidth, desiredHeight);
-      scaledHeight = getScaledHeight(desiredWidth, desiredHeight);
-      if (scaledWidth != desiredWidth || scaledHeight != desiredHeight)
-        throw new IllegalArgumentException("BufferedImage dimensions do not match one of the scaled image sizes that TurboJPEG is capable of generating.");
-    }
-    int pixelFormat;  boolean intPixels = false;
-    if (byteOrder == null)
-      byteOrder = ByteOrder.nativeOrder();
-    switch (dstImage.getType()) {
-    case BufferedImage.TYPE_3BYTE_BGR:
-      pixelFormat = TJ.PF_BGR;  break;
-    case BufferedImage.TYPE_4BYTE_ABGR:
-    case BufferedImage.TYPE_4BYTE_ABGR_PRE:
-      pixelFormat = TJ.PF_XBGR;  break;
-    case BufferedImage.TYPE_BYTE_GRAY:
-      pixelFormat = TJ.PF_GRAY;  break;
-    case BufferedImage.TYPE_INT_BGR:
-      if (byteOrder == ByteOrder.BIG_ENDIAN)
-        pixelFormat = TJ.PF_XBGR;
-      else
-        pixelFormat = TJ.PF_RGBX;
-      intPixels = true;  break;
-    case BufferedImage.TYPE_INT_RGB:
-      if (byteOrder == ByteOrder.BIG_ENDIAN)
-        pixelFormat = TJ.PF_XRGB;
-      else
-        pixelFormat = TJ.PF_BGRX;
-      intPixels = true;  break;
-    case BufferedImage.TYPE_INT_ARGB:
-    case BufferedImage.TYPE_INT_ARGB_PRE:
-      if (byteOrder == ByteOrder.BIG_ENDIAN)
-        pixelFormat = TJ.PF_ARGB;
-      else
-        pixelFormat = TJ.PF_BGRA;
-      intPixels = true;  break;
-    default:
-      throw new IllegalArgumentException("Unsupported BufferedImage format");
-    }
-    WritableRaster wr = dstImage.getRaster();
-    if (intPixels) {
-      SinglePixelPackedSampleModel sm =
-        (SinglePixelPackedSampleModel)dstImage.getSampleModel();
-      int stride = sm.getScanlineStride();
-      DataBufferInt db = (DataBufferInt)wr.getDataBuffer();
-      int[] buf = db.getData();
-      if (yuvImage != null)
-        decodeYUV(yuvImage.getPlanes(), yuvImage.getOffsets(),
-                  yuvImage.getStrides(), yuvImage.getSubsamp(), buf, 0, 0,
-                  yuvImage.getWidth(), stride, yuvImage.getHeight(),
-                  pixelFormat, flags);
-      else {
-        if (jpegBuf == null)
-          throw new IllegalStateException(NO_ASSOC_ERROR);
-        decompress(jpegBuf, jpegBufSize, buf, 0, 0, scaledWidth, stride,
-                   scaledHeight, pixelFormat, flags);
-      }
-    } else {
-      ComponentSampleModel sm =
-        (ComponentSampleModel)dstImage.getSampleModel();
-      int pixelSize = sm.getPixelStride();
-      if (pixelSize != TJ.getPixelSize(pixelFormat))
-        throw new IllegalArgumentException("Inconsistency between pixel format and pixel size in BufferedImage");
-      int pitch = sm.getScanlineStride();
-      DataBufferByte db = (DataBufferByte)wr.getDataBuffer();
-      byte[] buf = db.getData();
-      decompress(buf, 0, 0, scaledWidth, pitch, scaledHeight, pixelFormat,
-                 flags);
-    }
-  }
-
-  /**
-   * Decompress the JPEG source image or decode the YUV source image associated
-   * with this decompressor instance and return a <code>BufferedImage</code>
-   * instance containing the decompressed/decoded image.
-   *
-   * @param desiredWidth see
-   * {@link #decompress(byte[], int, int, int, int, int, int, int)} for
-   * description
-   *
-   * @param desiredHeight see
-   * {@link #decompress(byte[], int, int, int, int, int, int, int)} for
-   * description
-   *
-   * @param bufferedImageType the image type of the <code>BufferedImage</code>
-   * instance that will be created (for instance,
-   * <code>BufferedImage.TYPE_INT_RGB</code>)
-   *
-   * @param flags the bitwise OR of one or more of
-   * {@link TJ#FLAG_BOTTOMUP TJ.FLAG_*}
-   *
-   * @return a <code>BufferedImage</code> instance containing the
-   * decompressed/decoded image.
-   */
-  public BufferedImage decompress(int desiredWidth, int desiredHeight,
-                                  int bufferedImageType, int flags)
-                                  throws TJException {
-    if ((yuvImage == null && (desiredWidth < 0 || desiredHeight < 0)) ||
-        flags < 0)
-      throw new IllegalArgumentException("Invalid argument in decompress()");
-    int scaledWidth = getScaledWidth(desiredWidth, desiredHeight);
-    int scaledHeight = getScaledHeight(desiredWidth, desiredHeight);
-    BufferedImage img = new BufferedImage(scaledWidth, scaledHeight,
-                                          bufferedImageType);
-    decompress(img, flags);
-    return img;
-  }
-
-  /**
-   * Free the native structures associated with this decompressor instance.
-   */
-  @Override
-  public void close() throws TJException {
-    if (handle != 0)
-      destroy();
-  }
-
-  @SuppressWarnings("checkstyle:DesignForExtension")
-  @Override
-  protected void finalize() throws Throwable {
-    try {
-      close();
-    } catch (TJException e) {
-    } finally {
-      super.finalize();
-    }
-  };
-
-  private native void init() throws TJException;
-
-  private native void destroy() throws TJException;
-
-  private native void decompressHeader(byte[] srcBuf, int size)
-    throws TJException;
-
-  @Deprecated
-  private native void decompress(byte[] srcBuf, int size, byte[] dstBuf,
-    int desiredWidth, int pitch, int desiredHeight, int pixelFormat, int flags)
-    throws TJException;
-
-  private native void decompress(byte[] srcBuf, int size, byte[] dstBuf, int x,
-    int y, int desiredWidth, int pitch, int desiredHeight, int pixelFormat,
-    int flags) throws TJException;
-
-  @Deprecated
-  private native void decompress(byte[] srcBuf, int size, int[] dstBuf,
-    int desiredWidth, int stride, int desiredHeight, int pixelFormat,
-    int flags) throws TJException;
-
-  private native void decompress(byte[] srcBuf, int size, int[] dstBuf, int x,
-    int y, int desiredWidth, int stride, int desiredHeight, int pixelFormat,
-    int flags) throws TJException;
-
-  @Deprecated
-  private native void decompressToYUV(byte[] srcBuf, int size, byte[] dstBuf,
-    int flags) throws TJException;
-
-  private native void decompressToYUV(byte[] srcBuf, int size,
-    byte[][] dstPlanes, int[] dstOffsets, int desiredWidth, int[] dstStrides,
-    int desiredheight, int flags) throws TJException;
-
-  private native void decodeYUV(byte[][] srcPlanes, int[] srcOffsets,
-    int[] srcStrides, int subsamp, byte[] dstBuf, int x, int y, int width,
-    int pitch, int height, int pixelFormat, int flags) throws TJException;
-
-  private native void decodeYUV(byte[][] srcPlanes, int[] srcOffsets,
-    int[] srcStrides, int subsamp, int[] dstBuf, int x, int y, int width,
-    int stride, int height, int pixelFormat, int flags) throws TJException;
-
-  static {
-    TJLoader.load();
-  }
-
-  protected long handle = 0;
-  protected byte[] jpegBuf = null;
-  protected int jpegBufSize = 0;
-  protected YUVImage yuvImage = null;
-  protected int jpegWidth = 0;
-  protected int jpegHeight = 0;
-  protected int jpegSubsamp = -1;
-  protected int jpegColorspace = -1;
-  private ByteOrder byteOrder = null;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJException.java b/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJException.java
deleted file mode 100644
index d03a256..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJException.java
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * Copyright (C)2015 Viktor Szathmáry.  All Rights Reserved.
- * Copyright (C)2017-2018 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-package org.libjpegturbo.turbojpeg;
-
-import java.io.IOException;
-
-@SuppressWarnings("checkstyle:JavadocType")
-public class TJException extends IOException {
-
-  private static final long serialVersionUID = 1L;
-
-  @SuppressWarnings("checkstyle:JavadocMethod")
-  public TJException() {
-    super();
-  }
-
-  @SuppressWarnings("checkstyle:JavadocMethod")
-  public TJException(String message, Throwable cause) {
-    super(message, cause);
-  }
-
-  @SuppressWarnings("checkstyle:JavadocMethod")
-  public TJException(String message) {
-    super(message);
-  }
-
-  @SuppressWarnings("checkstyle:JavadocMethod")
-  public TJException(String message, int code) {
-    super(message);
-    if (errorCode >= 0 && errorCode < TJ.NUMERR)
-      errorCode = code;
-  }
-
-  @SuppressWarnings("checkstyle:JavadocMethod")
-  public TJException(Throwable cause) {
-    super(cause);
-  }
-
-  /**
-   * Returns a code (one of {@link TJ TJ.ERR_*}) indicating the severity of the
-   * last error.
-   *
-   * @return a code (one of {@link TJ TJ.ERR_*}) indicating the severity of the
-   * last error.
-   */
-  public int getErrorCode() {
-    return errorCode;
-  }
-
-  private int errorCode = TJ.ERR_FATAL;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJLoader-unix.java.in b/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJLoader-unix.java.in
deleted file mode 100644
index d8cc495..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJLoader-unix.java.in
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * Copyright (C)2011-2013, 2016, 2020 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-package org.libjpegturbo.turbojpeg;
-
-final class TJLoader {
-  static void load() {
-    try {
-      System.loadLibrary("turbojpeg");
-    } catch (java.lang.UnsatisfiedLinkError e) {
-      String os = System.getProperty("os.name").toLowerCase();
-      if (os.indexOf("mac") >= 0) {
-        try {
-          System.load("@CMAKE_INSTALL_FULL_LIBDIR@/libturbojpeg.dylib");
-        } catch (java.lang.UnsatisfiedLinkError e2) {
-          System.load("/usr/lib/libturbojpeg.dylib");
-        }
-      } else {
-        try {
-          System.load("@CMAKE_INSTALL_FULL_LIBDIR@/libturbojpeg.so");
-        } catch (java.lang.UnsatisfiedLinkError e3) {
-          String libdir = "@CMAKE_INSTALL_FULL_LIBDIR@";
-          if (libdir.equals("@CMAKE_INSTALL_DEFAULT_PREFIX@/lib64")) {
-            System.load("@CMAKE_INSTALL_DEFAULT_PREFIX@/lib32/libturbojpeg.so");
-          } else if (libdir.equals("@CMAKE_INSTALL_DEFAULT_PREFIX@/lib32")) {
-            System.load("@CMAKE_INSTALL_DEFAULT_PREFIX@/lib64/libturbojpeg.so");
-          } else {
-            throw e3;
-          }
-        }
-      }
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJLoader-win.java.in b/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJLoader-win.java.in
deleted file mode 100644
index 8397780..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJLoader-win.java.in
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Copyright (C)2011 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-package org.libjpegturbo.turbojpeg;
-
-final class TJLoader {
-  static void load() {
-    System.loadLibrary("@TURBOJPEG_DLL_NAME@");
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJScalingFactor.java b/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJScalingFactor.java
deleted file mode 100644
index ccf9179..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJScalingFactor.java
+++ /dev/null
@@ -1,115 +0,0 @@
-/*
- * Copyright (C)2011, 2018 D. R. Commander.  All Rights Reserved.
- * Copyright (C)2015 Viktor Szathmáry.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-package org.libjpegturbo.turbojpeg;
-
-/**
- * Fractional scaling factor
- */
-public class TJScalingFactor {
-
-  /**
-   * Create a TurboJPEG scaling factor instance.
-   *
-   * @param num numerator
-   * @param denom denominator
-   */
-  @SuppressWarnings("checkstyle:HiddenField")
-  public TJScalingFactor(int num, int denom) {
-    if (num < 1 || denom < 1)
-      throw new IllegalArgumentException("Numerator and denominator must be >= 1");
-    this.num = num;
-    this.denom = denom;
-  }
-
-  /**
-   * Returns numerator
-   *
-   * @return numerator
-   */
-  public int getNum() {
-    return num;
-  }
-
-  /**
-   * Returns denominator
-   *
-   * @return denominator
-   */
-  public int getDenom() {
-    return denom;
-  }
-
-  /**
-   * Returns the scaled value of <code>dimension</code>.  This function
-   * performs the integer equivalent of
-   * <code>ceil(dimension * scalingFactor)</code>.
-   *
-   * @param dimension width or height to multiply by this scaling factor
-   *
-   * @return the scaled value of <code>dimension</code>.
-   */
-  public int getScaled(int dimension) {
-    return (dimension * num + denom - 1) / denom;
-  }
-
-  /**
-   * Returns true or false, depending on whether this instance and
-   * <code>other</code> have the same numerator and denominator.
-   *
-   * @param other the scaling factor against which to compare this one
-   *
-   * @return true or false, depending on whether this instance and
-   * <code>other</code> have the same numerator and denominator.
-   */
-  public boolean equals(TJScalingFactor other) {
-    return this.num == other.num && this.denom == other.denom;
-  }
-
-  /**
-   * Returns true or false, depending on whether this instance is equal to
-   * 1/1.
-   *
-   * @return true or false, depending on whether this instance is equal to
-   * 1/1.
-   */
-  public boolean isOne() {
-    return num == 1 && denom == 1;
-  }
-
-  /**
-   * Numerator
-   */
-  private int num = 1;
-
-  /**
-   * Denominator
-   */
-  private int denom = 1;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJTransform.java b/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJTransform.java
deleted file mode 100644
index 41c4b45..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJTransform.java
+++ /dev/null
@@ -1,227 +0,0 @@
-/*
- * Copyright (C)2011, 2013, 2018 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-package org.libjpegturbo.turbojpeg;
-
-import java.awt.*;
-
-/**
- * Lossless transform parameters
- */
-public class TJTransform extends Rectangle {
-
-  private static final long serialVersionUID = -127367705761430371L;
-
-  /**
-   * The number of lossless transform operations
-   */
-  public static final int NUMOP         = 8;
-  /**
-   * Do not transform the position of the image pixels.
-   */
-  public static final int OP_NONE       = 0;
-  /**
-   * Flip (mirror) image horizontally.  This transform is imperfect if there
-   * are any partial MCU blocks on the right edge.
-   * @see #OPT_PERFECT
-   */
-  public static final int OP_HFLIP      = 1;
-  /**
-   * Flip (mirror) image vertically.  This transform is imperfect if there are
-   * any partial MCU blocks on the bottom edge.
-   * @see #OPT_PERFECT
-   */
-  public static final int OP_VFLIP      = 2;
-  /**
-   * Transpose image (flip/mirror along upper left to lower right axis).  This
-   * transform is always perfect.
-   * @see #OPT_PERFECT
-   */
-  public static final int OP_TRANSPOSE  = 3;
-  /**
-   * Transverse transpose image (flip/mirror along upper right to lower left
-   * axis).  This transform is imperfect if there are any partial MCU blocks in
-   * the image.
-   * @see #OPT_PERFECT
-   */
-  public static final int OP_TRANSVERSE = 4;
-  /**
-   * Rotate image clockwise by 90 degrees.  This transform is imperfect if
-   * there are any partial MCU blocks on the bottom edge.
-   * @see #OPT_PERFECT
-   */
-  public static final int OP_ROT90      = 5;
-  /**
-   * Rotate image 180 degrees.  This transform is imperfect if there are any
-   * partial MCU blocks in the image.
-   * @see #OPT_PERFECT
-   */
-  public static final int OP_ROT180     = 6;
-  /**
-   * Rotate image counter-clockwise by 90 degrees.  This transform is imperfect
-   * if there are any partial MCU blocks on the right edge.
-   * @see #OPT_PERFECT
-   */
-  public static final int OP_ROT270     = 7;
-
-
-  /**
-   * This option will cause {@link TJTransformer#transform
-   * TJTransformer.transform()} to throw an exception if the transform is not
-   * perfect.  Lossless transforms operate on MCU blocks, whose size depends on
-   * the level of chrominance subsampling used.  If the image's width or height
-   * is not evenly divisible by the MCU block size (see {@link TJ#getMCUWidth}
-   * and {@link TJ#getMCUHeight}), then there will be partial MCU blocks on the
-   * right and/or bottom edges.   It is not possible to move these partial MCU
-   * blocks to the top or left of the image, so any transform that would
-   * require that is "imperfect."  If this option is not specified, then any
-   * partial MCU blocks that cannot be transformed will be left in place, which
-   * will create odd-looking strips on the right or bottom edge of the image.
-   */
-  public static final int OPT_PERFECT     = 1;
-  /**
-   * This option will discard any partial MCU blocks that cannot be
-   * transformed.
-   */
-  public static final int OPT_TRIM        = 2;
-  /**
-   * This option will enable lossless cropping.
-   */
-  public static final int OPT_CROP        = 4;
-  /**
-   * This option will discard the color data in the input image and produce
-   * a grayscale output image.
-   */
-  public static final int OPT_GRAY        = 8;
-  /**
-   * This option will prevent {@link TJTransformer#transform
-   * TJTransformer.transform()} from outputting a JPEG image for this
-   * particular transform.  This can be used in conjunction with a custom
-   * filter to capture the transformed DCT coefficients without transcoding
-   * them.
-   */
-  public static final int OPT_NOOUTPUT    = 16;
-  /**
-   * This option will enable progressive entropy coding in the output image
-   * generated by this particular transform.  Progressive entropy coding will
-   * generally improve compression relative to baseline entropy coding (the
-   * default), but it will reduce compression and decompression performance
-   * considerably.
-   */
-  public static final int OPT_PROGRESSIVE = 32;
-  /**
-   * This option will prevent {@link TJTransformer#transform
-   * TJTransformer.transform()} from copying any extra markers (including EXIF
-   * and ICC profile data) from the source image to the output image.
-   */
-  public static final int OPT_COPYNONE    = 64;
-
-
-  /**
-   * Create a new lossless transform instance.
-   */
-  public TJTransform() {
-  }
-
-  /**
-   * Create a new lossless transform instance with the given parameters.
-   *
-   * @param x the left boundary of the cropping region.  This must be evenly
-   * divisible by the MCU block width (see {@link TJ#getMCUWidth})
-   *
-   * @param y the upper boundary of the cropping region.  This must be evenly
-   * divisible by the MCU block height (see {@link TJ#getMCUHeight})
-   *
-   * @param w the width of the cropping region.  Setting this to 0 is the
-   * equivalent of setting it to (width of the source JPEG image -
-   * <code>x</code>).
-   *
-   * @param h the height of the cropping region.  Setting this to 0 is the
-   * equivalent of setting it to (height of the source JPEG image -
-   * <code>y</code>).
-   *
-   * @param op one of the transform operations (<code>OP_*</code>)
-   *
-   * @param options the bitwise OR of one or more of the transform options
-   * (<code>OPT_*</code>)
-   *
-   * @param cf an instance of an object that implements the {@link
-   * TJCustomFilter} interface, or null if no custom filter is needed
-   */
-  @SuppressWarnings("checkstyle:HiddenField")
-  public TJTransform(int x, int y, int w, int h, int op, int options,
-                     TJCustomFilter cf) {
-    super(x, y, w, h);
-    this.op = op;
-    this.options = options;
-    this.cf = cf;
-  }
-
-  /**
-   * Create a new lossless transform instance with the given parameters.
-   *
-   * @param r a <code>Rectangle</code> instance that specifies the cropping
-   * region.  See {@link
-   * #TJTransform(int, int, int, int, int, int, TJCustomFilter)} for more
-   * detail.
-   *
-   * @param op one of the transform operations (<code>OP_*</code>)
-   *
-   * @param options the bitwise OR of one or more of the transform options
-   * (<code>OPT_*</code>)
-   *
-   * @param cf an instance of an object that implements the {@link
-   * TJCustomFilter} interface, or null if no custom filter is needed
-   */
-  @SuppressWarnings("checkstyle:HiddenField")
-  public TJTransform(Rectangle r, int op, int options,
-                     TJCustomFilter cf) {
-    super(r);
-    this.op = op;
-    this.options = options;
-    this.cf = cf;
-  }
-
-  /**
-   * Transform operation (one of <code>OP_*</code>)
-   */
-  @SuppressWarnings("checkstyle:VisibilityModifier")
-  public int op = 0;
-
-  /**
-   * Transform options (bitwise OR of one or more of <code>OPT_*</code>)
-   */
-  @SuppressWarnings("checkstyle:VisibilityModifier")
-  public int options = 0;
-
-  /**
-   * Custom filter instance
-   */
-  @SuppressWarnings("checkstyle:VisibilityModifier")
-  public TJCustomFilter cf = null;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJTransformer.java b/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJTransformer.java
deleted file mode 100644
index d7a56f3..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/TJTransformer.java
+++ /dev/null
@@ -1,163 +0,0 @@
-/*
- * Copyright (C)2011, 2013-2015 D. R. Commander.  All Rights Reserved.
- * Copyright (C)2015 Viktor Szathmáry.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-package org.libjpegturbo.turbojpeg;
-
-/**
- * TurboJPEG lossless transformer
- */
-public class TJTransformer extends TJDecompressor {
-
-  /**
-   * Create a TurboJPEG lossless transformer instance.
-   */
-  public TJTransformer() throws TJException {
-    init();
-  }
-
-  /**
-   * Create a TurboJPEG lossless transformer instance and associate the JPEG
-   * image stored in <code>jpegImage</code> with the newly created instance.
-   *
-   * @param jpegImage JPEG image buffer (size of the JPEG image is assumed to
-   * be the length of the array.)  This buffer is not modified.
-   */
-  public TJTransformer(byte[] jpegImage) throws TJException {
-    init();
-    setSourceImage(jpegImage, jpegImage.length);
-  }
-
-  /**
-   * Create a TurboJPEG lossless transformer instance and associate the JPEG
-   * image of length <code>imageSize</code> bytes stored in
-   * <code>jpegImage</code> with the newly created instance.
-   *
-   * @param jpegImage JPEG image buffer.  This buffer is not modified.
-   *
-   * @param imageSize size of the JPEG image (in bytes)
-   */
-  public TJTransformer(byte[] jpegImage, int imageSize) throws TJException {
-    init();
-    setSourceImage(jpegImage, imageSize);
-  }
-
-  /**
-   * Losslessly transform the JPEG image associated with this transformer
-   * instance into one or more JPEG images stored in the given destination
-   * buffers.  Lossless transforms work by moving the raw coefficients from one
-   * JPEG image structure to another without altering the values of the
-   * coefficients.  While this is typically faster than decompressing the
-   * image, transforming it, and re-compressing it, lossless transforms are not
-   * free.  Each lossless transform requires reading and performing Huffman
-   * decoding on all of the coefficients in the source image, regardless of the
-   * size of the destination image.  Thus, this method provides a means of
-   * generating multiple transformed images from the same source or of applying
-   * multiple transformations simultaneously, in order to eliminate the need to
-   * read the source coefficients multiple times.
-   *
-   * @param dstBufs an array of image buffers.  <code>dstbufs[i]</code> will
-   * receive a JPEG image that has been transformed using the parameters in
-   * <code>transforms[i]</code>.  Use {@link TJ#bufSize} to determine the
-   * maximum size for each buffer based on the transformed or cropped width and
-   * height and the level of subsampling used in the source image.
-   *
-   * @param transforms an array of {@link TJTransform} instances, each of
-   * which specifies the transform parameters and/or cropping region for the
-   * corresponding transformed output image
-   *
-   * @param flags the bitwise OR of one or more of
-   * {@link TJ#FLAG_BOTTOMUP TJ.FLAG_*}
-   */
-  public void transform(byte[][] dstBufs, TJTransform[] transforms,
-                        int flags) throws TJException {
-    if (jpegBuf == null)
-      throw new IllegalStateException("JPEG buffer not initialized");
-    transformedSizes = transform(jpegBuf, jpegBufSize, dstBufs, transforms,
-                                 flags);
-  }
-
-  /**
-   * Losslessly transform the JPEG image associated with this transformer
-   * instance and return an array of {@link TJDecompressor} instances, each of
-   * which has a transformed JPEG image associated with it.
-   *
-   * @param transforms an array of {@link TJTransform} instances, each of
-   * which specifies the transform parameters and/or cropping region for the
-   * corresponding transformed output image
-   *
-   * @param flags the bitwise OR of one or more of
-   * {@link TJ#FLAG_BOTTOMUP TJ.FLAG_*}
-   *
-   * @return an array of {@link TJDecompressor} instances, each of
-   * which has a transformed JPEG image associated with it.
-   */
-  public TJDecompressor[] transform(TJTransform[] transforms, int flags)
-                                    throws TJException {
-    byte[][] dstBufs = new byte[transforms.length][];
-    if (jpegWidth < 1 || jpegHeight < 1)
-      throw new IllegalStateException("JPEG buffer not initialized");
-    for (int i = 0; i < transforms.length; i++) {
-      int w = jpegWidth, h = jpegHeight;
-      if ((transforms[i].options & TJTransform.OPT_CROP) != 0) {
-        if (transforms[i].width != 0) w = transforms[i].width;
-        if (transforms[i].height != 0) h = transforms[i].height;
-      }
-      dstBufs[i] = new byte[TJ.bufSize(w, h, jpegSubsamp)];
-    }
-    TJDecompressor[] tjd = new TJDecompressor[transforms.length];
-    transform(dstBufs, transforms, flags);
-    for (int i = 0; i < transforms.length; i++)
-      tjd[i] = new TJDecompressor(dstBufs[i], transformedSizes[i]);
-    return tjd;
-  }
-
-  /**
-   * Returns an array containing the sizes of the transformed JPEG images
-   * generated by the most recent transform operation.
-   *
-   * @return an array containing the sizes of the transformed JPEG images
-   * generated by the most recent transform operation.
-   */
-  public int[] getTransformedSizes() {
-    if (transformedSizes == null)
-      throw new IllegalStateException("No image has been transformed yet");
-    return transformedSizes;
-  }
-
-  private native void init() throws TJException;
-
-  private native int[] transform(byte[] srcBuf, int srcSize, byte[][] dstBufs,
-    TJTransform[] transforms, int flags) throws TJException;
-
-  static {
-    TJLoader.load();
-  }
-
-  private int[] transformedSizes = null;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/YUVImage.java b/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/YUVImage.java
deleted file mode 100644
index 4da9843..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/org/libjpegturbo/turbojpeg/YUVImage.java
+++ /dev/null
@@ -1,445 +0,0 @@
-/*
- * Copyright (C)2014, 2017 D. R. Commander.  All Rights Reserved.
- * Copyright (C)2015 Viktor Szathmáry.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-package org.libjpegturbo.turbojpeg;
-
-/**
- * This class encapsulates a YUV planar image and the metadata
- * associated with it.  The TurboJPEG API allows both the JPEG compression and
- * decompression pipelines to be split into stages:  YUV encode, compress from
- * YUV, decompress to YUV, and YUV decode.  A <code>YUVImage</code> instance
- * serves as the destination image for YUV encode and decompress-to-YUV
- * operations and as the source image for compress-from-YUV and YUV decode
- * operations.
- * <p>
- * Technically, the JPEG format uses the YCbCr colorspace (which technically is
- * not a "colorspace" but rather a "color transform"), but per the convention
- * of the digital video community, the TurboJPEG API uses "YUV" to refer to an
- * image format consisting of Y, Cb, and Cr image planes.
- * <p>
- * Each plane is simply a 2D array of bytes, each byte representing the value
- * of one of the components (Y, Cb, or Cr) at a particular location in the
- * image.  The width and height of each plane are determined by the image
- * width, height, and level of chrominance subsampling.  The luminance plane
- * width is the image width padded to the nearest multiple of the horizontal
- * subsampling factor (2 in the case of 4:2:0 and 4:2:2, 4 in the case of
- * 4:1:1, 1 in the case of 4:4:4 or grayscale.)  Similarly, the luminance plane
- * height is the image height padded to the nearest multiple of the vertical
- * subsampling factor (2 in the case of 4:2:0 or 4:4:0, 1 in the case of 4:4:4
- * or grayscale.)  The chrominance plane width is equal to the luminance plane
- * width divided by the horizontal subsampling factor, and the chrominance
- * plane height is equal to the luminance plane height divided by the vertical
- * subsampling factor.
- * <p>
- * For example, if the source image is 35 x 35 pixels and 4:2:2 subsampling is
- * used, then the luminance plane would be 36 x 35 bytes, and each of the
- * chrominance planes would be 18 x 35 bytes.  If you specify a line padding of
- * 4 bytes on top of this, then the luminance plane would be 36 x 35 bytes, and
- * each of the chrominance planes would be 20 x 35 bytes.
- */
-public class YUVImage {
-
-  private static final String NO_ASSOC_ERROR =
-    "No image data is associated with this instance";
-
-  /**
-   * Create a new <code>YUVImage</code> instance backed by separate image
-   * planes, and allocate memory for the image planes.
-   *
-   * @param width width (in pixels) of the YUV image
-   *
-   * @param strides an array of integers, each specifying the number of bytes
-   * per line in the corresponding plane of the YUV image.  Setting the stride
-   * for any plane to 0 is the same as setting it to the plane width (see
-   * {@link YUVImage above}.)  If <code>strides</code> is null, then the
-   * strides for all planes will be set to their respective plane widths.  When
-   * using this constructor, the stride for each plane must be equal to or
-   * greater than the plane width.
-   *
-   * @param height height (in pixels) of the YUV image
-   *
-   * @param subsamp the level of chrominance subsampling to be used in the YUV
-   * image (one of {@link TJ#SAMP_444 TJ.SAMP_*})
-   */
-  public YUVImage(int width, int[] strides, int height, int subsamp) {
-    setBuf(null, null, width, strides, height, subsamp, true);
-  }
-
-  /**
-   * Create a new <code>YUVImage</code> instance backed by a unified image
-   * buffer, and allocate memory for the image buffer.
-   *
-   * @param width width (in pixels) of the YUV image
-   *
-   * @param pad Each line of each plane in the YUV image buffer will be padded
-   * to this number of bytes (must be a power of 2.)
-   *
-   * @param height height (in pixels) of the YUV image
-   *
-   * @param subsamp the level of chrominance subsampling to be used in the YUV
-   * image (one of {@link TJ#SAMP_444 TJ.SAMP_*})
-   */
-  public YUVImage(int width, int pad, int height, int subsamp) {
-    setBuf(new byte[TJ.bufSizeYUV(width, pad, height, subsamp)], width, pad,
-           height, subsamp);
-  }
-
-  /**
-   * Create a new <code>YUVImage</code> instance from a set of existing image
-   * planes.
-   *
-   * @param planes an array of buffers representing the Y, U (Cb), and V (Cr)
-   * image planes (or just the Y plane, if the image is grayscale.)   These
-   * planes can be contiguous or non-contiguous in memory.  Plane
-   * <code>i</code> should be at least <code>offsets[i] +
-   * {@link TJ#planeSizeYUV TJ.planeSizeYUV}(i, width, strides[i], height, subsamp)</code>
-   * bytes in size.
-   *
-   * @param offsets If this <code>YUVImage</code> instance represents a
-   * subregion of a larger image, then <code>offsets[i]</code> specifies the
-   * offset (in bytes) of the subregion within plane <code>i</code> of the
-   * larger image.  Setting this to null is the same as setting the offsets for
-   * all planes to 0.
-   *
-   * @param width width (in pixels) of the new YUV image (or subregion)
-   *
-   * @param strides an array of integers, each specifying the number of bytes
-   * per line in the corresponding plane of the YUV image.  Setting the stride
-   * for any plane to 0 is the same as setting it to the plane width (see
-   * {@link YUVImage above}.)  If <code>strides</code> is null, then the
-   * strides for all planes will be set to their respective plane widths.  You
-   * can adjust the strides in order to add an arbitrary amount of line padding
-   * to each plane or to specify that this <code>YUVImage</code> instance is a
-   * subregion of a larger image (in which case, <code>strides[i]</code> should
-   * be set to the plane width of plane <code>i</code> in the larger image.)
-   *
-   * @param height height (in pixels) of the new YUV image (or subregion)
-   *
-   * @param subsamp the level of chrominance subsampling used in the YUV
-   * image (one of {@link TJ#SAMP_444 TJ.SAMP_*})
-   */
-  public YUVImage(byte[][] planes, int[] offsets, int width, int[] strides,
-                  int height, int subsamp) {
-    setBuf(planes, offsets, width, strides, height, subsamp, false);
-  }
-
-  /**
-   * Create a new <code>YUVImage</code> instance from an existing unified image
-   * buffer.
-   *
-   * @param yuvImage image buffer that contains or will contain YUV planar
-   * image data.  Use {@link TJ#bufSizeYUV} to determine the minimum size for
-   * this buffer.  The Y, U (Cb), and V (Cr) image planes are stored
-   * sequentially in the buffer (see {@link YUVImage above} for a description
-   * of the image format.)
-   *
-   * @param width width (in pixels) of the YUV image
-   *
-   * @param pad the line padding used in the YUV image buffer.  For
-   * instance, if each line in each plane of the buffer is padded to the
-   * nearest multiple of 4 bytes, then <code>pad</code> should be set to 4.
-   *
-   * @param height height (in pixels) of the YUV image
-   *
-   * @param subsamp the level of chrominance subsampling used in the YUV
-   * image (one of {@link TJ#SAMP_444 TJ.SAMP_*})
-   */
-  public YUVImage(byte[] yuvImage, int width, int pad, int height,
-                  int subsamp) {
-    setBuf(yuvImage, width, pad, height, subsamp);
-  }
-
-  /**
-   * Assign a set of image planes to this <code>YUVImage</code> instance.
-   *
-   * @param planes an array of buffers representing the Y, U (Cb), and V (Cr)
-   * image planes (or just the Y plane, if the image is grayscale.)  These
-   * planes can be contiguous or non-contiguous in memory.  Plane
-   * <code>i</code> should be at least <code>offsets[i] +
-   * {@link TJ#planeSizeYUV TJ.planeSizeYUV}(i, width, strides[i], height, subsamp)</code>
-   * bytes in size.
-   *
-   * @param offsets If this <code>YUVImage</code> instance represents a
-   * subregion of a larger image, then <code>offsets[i]</code> specifies the
-   * offset (in bytes) of the subregion within plane <code>i</code> of the
-   * larger image.  Setting this to null is the same as setting the offsets for
-   * all planes to 0.
-   *
-   * @param width width (in pixels) of the YUV image (or subregion)
-   *
-   * @param strides an array of integers, each specifying the number of bytes
-   * per line in the corresponding plane of the YUV image.  Setting the stride
-   * for any plane to 0 is the same as setting it to the plane width (see
-   * {@link YUVImage above}.)  If <code>strides</code> is null, then the
-   * strides for all planes will be set to their respective plane widths.  You
-   * can adjust the strides in order to add an arbitrary amount of line padding
-   * to each plane or to specify that this <code>YUVImage</code> image is a
-   * subregion of a larger image (in which case, <code>strides[i]</code> should
-   * be set to the plane width of plane <code>i</code> in the larger image.)
-   *
-   * @param height height (in pixels) of the YUV image (or subregion)
-   *
-   * @param subsamp the level of chrominance subsampling used in the YUV
-   * image (one of {@link TJ#SAMP_444 TJ.SAMP_*})
-   */
-  public void setBuf(byte[][] planes, int[] offsets, int width, int[] strides,
-                     int height, int subsamp) {
-    setBuf(planes, offsets, width, strides, height, subsamp, false);
-  }
-
-  private void setBuf(byte[][] planes, int[] offsets, int width, int[] strides,
-                     int height, int subsamp, boolean alloc) {
-    if ((planes == null && !alloc) || width < 1 || height < 1 || subsamp < 0 ||
-        subsamp >= TJ.NUMSAMP)
-      throw new IllegalArgumentException("Invalid argument in YUVImage::setBuf()");
-
-    int nc = (subsamp == TJ.SAMP_GRAY ? 1 : 3);
-    if ((planes != null && planes.length != nc) ||
-        (offsets != null && offsets.length != nc) ||
-        (strides != null && strides.length != nc))
-      throw new IllegalArgumentException("YUVImage::setBuf(): planes, offsets, or strides array is the wrong size");
-
-    if (planes == null)
-      planes = new byte[nc][];
-    if (offsets == null)
-      offsets = new int[nc];
-    if (strides == null)
-      strides = new int[nc];
-
-    for (int i = 0; i < nc; i++) {
-      int pw = TJ.planeWidth(i, width, subsamp);
-      int ph = TJ.planeHeight(i, height, subsamp);
-      int planeSize = TJ.planeSizeYUV(i, width, strides[i], height, subsamp);
-
-      if (strides[i] == 0)
-        strides[i] = pw;
-      if (alloc) {
-        if (strides[i] < pw)
-          throw new IllegalArgumentException("Stride must be >= plane width when allocating a new YUV image");
-        planes[i] = new byte[strides[i] * ph];
-      }
-      if (planes[i] == null || offsets[i] < 0)
-        throw new IllegalArgumentException("Invalid argument in YUVImage::setBuf()");
-      if (strides[i] < 0 && offsets[i] - planeSize + pw < 0)
-        throw new IllegalArgumentException("Stride for plane " + i +
-                                           " would cause memory to be accessed below plane boundary");
-      if (planes[i].length < offsets[i] + planeSize)
-        throw new IllegalArgumentException("Image plane " + i +
-                                           " is not large enough");
-    }
-
-    yuvPlanes = planes;
-    yuvOffsets = offsets;
-    yuvWidth = width;
-    yuvStrides = strides;
-    yuvHeight = height;
-    yuvSubsamp = subsamp;
-  }
-
-  /**
-   * Assign a unified image buffer to this <code>YUVImage</code> instance.
-   *
-   * @param yuvImage image buffer that contains or will contain YUV planar
-   * image data.  Use {@link TJ#bufSizeYUV} to determine the minimum size for
-   * this buffer.  The Y, U (Cb), and V (Cr) image planes are stored
-   * sequentially in the buffer (see {@link YUVImage above} for a description
-   * of the image format.)
-   *
-   * @param width width (in pixels) of the YUV image
-   *
-   * @param pad the line padding used in the YUV image buffer.  For
-   * instance, if each line in each plane of the buffer is padded to the
-   * nearest multiple of 4 bytes, then <code>pad</code> should be set to 4.
-   *
-   * @param height height (in pixels) of the YUV image
-   *
-   * @param subsamp the level of chrominance subsampling used in the YUV
-   * image (one of {@link TJ#SAMP_444 TJ.SAMP_*})
-   */
-  public void setBuf(byte[] yuvImage, int width, int pad, int height,
-                     int subsamp) {
-    if (yuvImage == null || width < 1 || pad < 1 || ((pad & (pad - 1)) != 0) ||
-        height < 1 || subsamp < 0 || subsamp >= TJ.NUMSAMP)
-      throw new IllegalArgumentException("Invalid argument in YUVImage::setBuf()");
-    if (yuvImage.length < TJ.bufSizeYUV(width, pad, height, subsamp))
-      throw new IllegalArgumentException("YUV image buffer is not large enough");
-
-    int nc = (subsamp == TJ.SAMP_GRAY ? 1 : 3);
-    byte[][] planes = new byte[nc][];
-    int[] strides = new int[nc];
-    int[] offsets = new int[nc];
-
-    planes[0] = yuvImage;
-    strides[0] = pad(TJ.planeWidth(0, width, subsamp), pad);
-    if (subsamp != TJ.SAMP_GRAY) {
-      strides[1] = strides[2] = pad(TJ.planeWidth(1, width, subsamp), pad);
-      planes[1] = planes[2] = yuvImage;
-      offsets[1] = offsets[0] +
-        strides[0] * TJ.planeHeight(0, height, subsamp);
-      offsets[2] = offsets[1] +
-        strides[1] * TJ.planeHeight(1, height, subsamp);
-    }
-
-    yuvPad = pad;
-    setBuf(planes, offsets, width, strides, height, subsamp);
-  }
-
-  /**
-   * Returns the width of the YUV image (or subregion.)
-   *
-   * @return the width of the YUV image (or subregion)
-   */
-  public int getWidth() {
-    if (yuvWidth < 1)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    return yuvWidth;
-  }
-
-  /**
-   * Returns the height of the YUV image (or subregion.)
-   *
-   * @return the height of the YUV image (or subregion)
-   */
-  public int getHeight() {
-    if (yuvHeight < 1)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    return yuvHeight;
-  }
-
-  /**
-   * Returns the line padding used in the YUV image buffer (if this image is
-   * stored in a unified buffer rather than separate image planes.)
-   *
-   * @return the line padding used in the YUV image buffer
-   */
-  public int getPad() {
-    if (yuvPlanes == null)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    if (yuvPad < 1 || ((yuvPad & (yuvPad - 1)) != 0))
-      throw new IllegalStateException("Image is not stored in a unified buffer");
-    return yuvPad;
-  }
-
-  /**
-   * Returns the number of bytes per line of each plane in the YUV image.
-   *
-   * @return the number of bytes per line of each plane in the YUV image
-   */
-  public int[] getStrides() {
-    if (yuvStrides == null)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    return yuvStrides;
-  }
-
-  /**
-   * Returns the offsets (in bytes) of each plane within the planes of a larger
-   * YUV image.
-   *
-   * @return the offsets (in bytes) of each plane within the planes of a larger
-   * YUV image
-   */
-  public int[] getOffsets() {
-    if (yuvOffsets == null)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    return yuvOffsets;
-  }
-
-  /**
-   * Returns the level of chrominance subsampling used in the YUV image.  See
-   * {@link TJ#SAMP_444 TJ.SAMP_*}.
-   *
-   * @return the level of chrominance subsampling used in the YUV image
-   */
-  public int getSubsamp() {
-    if (yuvSubsamp < 0 || yuvSubsamp >= TJ.NUMSAMP)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    return yuvSubsamp;
-  }
-
-  /**
-   * Returns the YUV image planes.  If the image is stored in a unified buffer,
-   * then all image planes will point to that buffer.
-   *
-   * @return the YUV image planes
-   */
-  public byte[][] getPlanes() {
-    if (yuvPlanes == null)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    return yuvPlanes;
-  }
-
-  /**
-   * Returns the YUV image buffer (if this image is stored in a unified
-   * buffer rather than separate image planes.)
-   *
-   * @return the YUV image buffer
-   */
-  public byte[] getBuf() {
-    if (yuvPlanes == null || yuvSubsamp < 0 || yuvSubsamp >= TJ.NUMSAMP)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    int nc = (yuvSubsamp == TJ.SAMP_GRAY ? 1 : 3);
-    for (int i = 1; i < nc; i++) {
-      if (yuvPlanes[i] != yuvPlanes[0])
-        throw new IllegalStateException("Image is not stored in a unified buffer");
-    }
-    return yuvPlanes[0];
-  }
-
-  /**
-   * Returns the size (in bytes) of the YUV image buffer (if this image is
-   * stored in a unified buffer rather than separate image planes.)
-   *
-   * @return the size (in bytes) of the YUV image buffer
-   */
-  public int getSize() {
-    if (yuvPlanes == null || yuvSubsamp < 0 || yuvSubsamp >= TJ.NUMSAMP)
-      throw new IllegalStateException(NO_ASSOC_ERROR);
-    int nc = (yuvSubsamp == TJ.SAMP_GRAY ? 1 : 3);
-    if (yuvPad < 1)
-      throw new IllegalStateException("Image is not stored in a unified buffer");
-    for (int i = 1; i < nc; i++) {
-      if (yuvPlanes[i] != yuvPlanes[0])
-        throw new IllegalStateException("Image is not stored in a unified buffer");
-    }
-    return TJ.bufSizeYUV(yuvWidth, yuvPad, yuvHeight, yuvSubsamp);
-  }
-
-  private static int pad(int v, int p) {
-    return (v + p - 1) & (~(p - 1));
-  }
-
-  protected long handle = 0;
-  protected byte[][] yuvPlanes = null;
-  protected int[] yuvOffsets = null;
-  protected int[] yuvStrides = null;
-  protected int yuvPad = 0;
-  protected int yuvWidth = 0;
-  protected int yuvHeight = 0;
-  protected int yuvSubsamp = -1;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/org_libjpegturbo_turbojpeg_TJ.h b/3rdparty/libjpeg-turbo_2_1_0/java/org_libjpegturbo_turbojpeg_TJ.h
deleted file mode 100644
index 8ec4ecd..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/org_libjpegturbo_turbojpeg_TJ.h
+++ /dev/null
@@ -1,149 +0,0 @@
-/* DO NOT EDIT THIS FILE - it is machine generated */
-#include <jni.h>
-/* Header for class org_libjpegturbo_turbojpeg_TJ */
-
-#ifndef _Included_org_libjpegturbo_turbojpeg_TJ
-#define _Included_org_libjpegturbo_turbojpeg_TJ
-#ifdef __cplusplus
-extern "C" {
-#endif
-#undef org_libjpegturbo_turbojpeg_TJ_NUMSAMP
-#define org_libjpegturbo_turbojpeg_TJ_NUMSAMP 6L
-#undef org_libjpegturbo_turbojpeg_TJ_SAMP_444
-#define org_libjpegturbo_turbojpeg_TJ_SAMP_444 0L
-#undef org_libjpegturbo_turbojpeg_TJ_SAMP_422
-#define org_libjpegturbo_turbojpeg_TJ_SAMP_422 1L
-#undef org_libjpegturbo_turbojpeg_TJ_SAMP_420
-#define org_libjpegturbo_turbojpeg_TJ_SAMP_420 2L
-#undef org_libjpegturbo_turbojpeg_TJ_SAMP_GRAY
-#define org_libjpegturbo_turbojpeg_TJ_SAMP_GRAY 3L
-#undef org_libjpegturbo_turbojpeg_TJ_SAMP_440
-#define org_libjpegturbo_turbojpeg_TJ_SAMP_440 4L
-#undef org_libjpegturbo_turbojpeg_TJ_SAMP_411
-#define org_libjpegturbo_turbojpeg_TJ_SAMP_411 5L
-#undef org_libjpegturbo_turbojpeg_TJ_NUMPF
-#define org_libjpegturbo_turbojpeg_TJ_NUMPF 12L
-#undef org_libjpegturbo_turbojpeg_TJ_PF_RGB
-#define org_libjpegturbo_turbojpeg_TJ_PF_RGB 0L
-#undef org_libjpegturbo_turbojpeg_TJ_PF_BGR
-#define org_libjpegturbo_turbojpeg_TJ_PF_BGR 1L
-#undef org_libjpegturbo_turbojpeg_TJ_PF_RGBX
-#define org_libjpegturbo_turbojpeg_TJ_PF_RGBX 2L
-#undef org_libjpegturbo_turbojpeg_TJ_PF_BGRX
-#define org_libjpegturbo_turbojpeg_TJ_PF_BGRX 3L
-#undef org_libjpegturbo_turbojpeg_TJ_PF_XBGR
-#define org_libjpegturbo_turbojpeg_TJ_PF_XBGR 4L
-#undef org_libjpegturbo_turbojpeg_TJ_PF_XRGB
-#define org_libjpegturbo_turbojpeg_TJ_PF_XRGB 5L
-#undef org_libjpegturbo_turbojpeg_TJ_PF_GRAY
-#define org_libjpegturbo_turbojpeg_TJ_PF_GRAY 6L
-#undef org_libjpegturbo_turbojpeg_TJ_PF_RGBA
-#define org_libjpegturbo_turbojpeg_TJ_PF_RGBA 7L
-#undef org_libjpegturbo_turbojpeg_TJ_PF_BGRA
-#define org_libjpegturbo_turbojpeg_TJ_PF_BGRA 8L
-#undef org_libjpegturbo_turbojpeg_TJ_PF_ABGR
-#define org_libjpegturbo_turbojpeg_TJ_PF_ABGR 9L
-#undef org_libjpegturbo_turbojpeg_TJ_PF_ARGB
-#define org_libjpegturbo_turbojpeg_TJ_PF_ARGB 10L
-#undef org_libjpegturbo_turbojpeg_TJ_PF_CMYK
-#define org_libjpegturbo_turbojpeg_TJ_PF_CMYK 11L
-#undef org_libjpegturbo_turbojpeg_TJ_NUMCS
-#define org_libjpegturbo_turbojpeg_TJ_NUMCS 5L
-#undef org_libjpegturbo_turbojpeg_TJ_CS_RGB
-#define org_libjpegturbo_turbojpeg_TJ_CS_RGB 0L
-#undef org_libjpegturbo_turbojpeg_TJ_CS_YCbCr
-#define org_libjpegturbo_turbojpeg_TJ_CS_YCbCr 1L
-#undef org_libjpegturbo_turbojpeg_TJ_CS_GRAY
-#define org_libjpegturbo_turbojpeg_TJ_CS_GRAY 2L
-#undef org_libjpegturbo_turbojpeg_TJ_CS_CMYK
-#define org_libjpegturbo_turbojpeg_TJ_CS_CMYK 3L
-#undef org_libjpegturbo_turbojpeg_TJ_CS_YCCK
-#define org_libjpegturbo_turbojpeg_TJ_CS_YCCK 4L
-#undef org_libjpegturbo_turbojpeg_TJ_FLAG_BOTTOMUP
-#define org_libjpegturbo_turbojpeg_TJ_FLAG_BOTTOMUP 2L
-#undef org_libjpegturbo_turbojpeg_TJ_FLAG_FORCEMMX
-#define org_libjpegturbo_turbojpeg_TJ_FLAG_FORCEMMX 8L
-#undef org_libjpegturbo_turbojpeg_TJ_FLAG_FORCESSE
-#define org_libjpegturbo_turbojpeg_TJ_FLAG_FORCESSE 16L
-#undef org_libjpegturbo_turbojpeg_TJ_FLAG_FORCESSE2
-#define org_libjpegturbo_turbojpeg_TJ_FLAG_FORCESSE2 32L
-#undef org_libjpegturbo_turbojpeg_TJ_FLAG_FORCESSE3
-#define org_libjpegturbo_turbojpeg_TJ_FLAG_FORCESSE3 128L
-#undef org_libjpegturbo_turbojpeg_TJ_FLAG_FASTUPSAMPLE
-#define org_libjpegturbo_turbojpeg_TJ_FLAG_FASTUPSAMPLE 256L
-#undef org_libjpegturbo_turbojpeg_TJ_FLAG_FASTDCT
-#define org_libjpegturbo_turbojpeg_TJ_FLAG_FASTDCT 2048L
-#undef org_libjpegturbo_turbojpeg_TJ_FLAG_ACCURATEDCT
-#define org_libjpegturbo_turbojpeg_TJ_FLAG_ACCURATEDCT 4096L
-#undef org_libjpegturbo_turbojpeg_TJ_FLAG_STOPONWARNING
-#define org_libjpegturbo_turbojpeg_TJ_FLAG_STOPONWARNING 8192L
-#undef org_libjpegturbo_turbojpeg_TJ_FLAG_PROGRESSIVE
-#define org_libjpegturbo_turbojpeg_TJ_FLAG_PROGRESSIVE 16384L
-#undef org_libjpegturbo_turbojpeg_TJ_FLAG_LIMITSCANS
-#define org_libjpegturbo_turbojpeg_TJ_FLAG_LIMITSCANS 32768L
-#undef org_libjpegturbo_turbojpeg_TJ_NUMERR
-#define org_libjpegturbo_turbojpeg_TJ_NUMERR 2L
-#undef org_libjpegturbo_turbojpeg_TJ_ERR_WARNING
-#define org_libjpegturbo_turbojpeg_TJ_ERR_WARNING 0L
-#undef org_libjpegturbo_turbojpeg_TJ_ERR_FATAL
-#define org_libjpegturbo_turbojpeg_TJ_ERR_FATAL 1L
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJ
- * Method:    bufSize
- * Signature: (III)I
- */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJ_bufSize
-  (JNIEnv *, jclass, jint, jint, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJ
- * Method:    bufSizeYUV
- * Signature: (IIII)I
- */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJ_bufSizeYUV__IIII
-  (JNIEnv *, jclass, jint, jint, jint, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJ
- * Method:    bufSizeYUV
- * Signature: (III)I
- */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJ_bufSizeYUV__III
-  (JNIEnv *, jclass, jint, jint, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJ
- * Method:    planeSizeYUV
- * Signature: (IIIII)I
- */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJ_planeSizeYUV__IIIII
-  (JNIEnv *, jclass, jint, jint, jint, jint, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJ
- * Method:    planeWidth
- * Signature: (III)I
- */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJ_planeWidth__III
-  (JNIEnv *, jclass, jint, jint, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJ
- * Method:    planeHeight
- * Signature: (III)I
- */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJ_planeHeight__III
-  (JNIEnv *, jclass, jint, jint, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJ
- * Method:    getScalingFactors
- * Signature: ()[Lorg/libjpegturbo/turbojpeg/TJScalingFactor;
- */
-JNIEXPORT jobjectArray JNICALL Java_org_libjpegturbo_turbojpeg_TJ_getScalingFactors
-  (JNIEnv *, jclass);
-
-#ifdef __cplusplus
-}
-#endif
-#endif
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/org_libjpegturbo_turbojpeg_TJCompressor.h b/3rdparty/libjpeg-turbo_2_1_0/java/org_libjpegturbo_turbojpeg_TJCompressor.h
deleted file mode 100644
index e76bd0e..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/org_libjpegturbo_turbojpeg_TJCompressor.h
+++ /dev/null
@@ -1,101 +0,0 @@
-/* DO NOT EDIT THIS FILE - it is machine generated */
-#include <jni.h>
-/* Header for class org_libjpegturbo_turbojpeg_TJCompressor */
-
-#ifndef _Included_org_libjpegturbo_turbojpeg_TJCompressor
-#define _Included_org_libjpegturbo_turbojpeg_TJCompressor
-#ifdef __cplusplus
-extern "C" {
-#endif
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJCompressor
- * Method:    init
- * Signature: ()V
- */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_init
-  (JNIEnv *, jobject);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJCompressor
- * Method:    destroy
- * Signature: ()V
- */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_destroy
-  (JNIEnv *, jobject);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJCompressor
- * Method:    compress
- * Signature: ([BIIII[BIII)I
- */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_compress___3BIIII_3BIII
-  (JNIEnv *, jobject, jbyteArray, jint, jint, jint, jint, jbyteArray, jint, jint, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJCompressor
- * Method:    compress
- * Signature: ([BIIIIII[BIII)I
- */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_compress___3BIIIIII_3BIII
-  (JNIEnv *, jobject, jbyteArray, jint, jint, jint, jint, jint, jint, jbyteArray, jint, jint, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJCompressor
- * Method:    compress
- * Signature: ([IIIII[BIII)I
- */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_compress___3IIIII_3BIII
-  (JNIEnv *, jobject, jintArray, jint, jint, jint, jint, jbyteArray, jint, jint, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJCompressor
- * Method:    compress
- * Signature: ([IIIIIII[BIII)I
- */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_compress___3IIIIIII_3BIII
-  (JNIEnv *, jobject, jintArray, jint, jint, jint, jint, jint, jint, jbyteArray, jint, jint, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJCompressor
- * Method:    compressFromYUV
- * Signature: ([[B[II[III[BII)I
- */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_compressFromYUV___3_3B_3II_3III_3BII
-  (JNIEnv *, jobject, jobjectArray, jintArray, jint, jintArray, jint, jint, jbyteArray, jint, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJCompressor
- * Method:    encodeYUV
- * Signature: ([BIIII[BII)V
- */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_encodeYUV___3BIIII_3BII
-  (JNIEnv *, jobject, jbyteArray, jint, jint, jint, jint, jbyteArray, jint, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJCompressor
- * Method:    encodeYUV
- * Signature: ([BIIIIII[[B[I[III)V
- */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_encodeYUV___3BIIIIII_3_3B_3I_3III
-  (JNIEnv *, jobject, jbyteArray, jint, jint, jint, jint, jint, jint, jobjectArray, jintArray, jintArray, jint, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJCompressor
- * Method:    encodeYUV
- * Signature: ([IIIII[BII)V
- */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_encodeYUV___3IIIII_3BII
-  (JNIEnv *, jobject, jintArray, jint, jint, jint, jint, jbyteArray, jint, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJCompressor
- * Method:    encodeYUV
- * Signature: ([IIIIIII[[B[I[III)V
- */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_encodeYUV___3IIIIIII_3_3B_3I_3III
-  (JNIEnv *, jobject, jintArray, jint, jint, jint, jint, jint, jint, jobjectArray, jintArray, jintArray, jint, jint);
-
-#ifdef __cplusplus
-}
-#endif
-#endif
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/org_libjpegturbo_turbojpeg_TJDecompressor.h b/3rdparty/libjpeg-turbo_2_1_0/java/org_libjpegturbo_turbojpeg_TJDecompressor.h
deleted file mode 100644
index 2d58e73..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/org_libjpegturbo_turbojpeg_TJDecompressor.h
+++ /dev/null
@@ -1,101 +0,0 @@
-/* DO NOT EDIT THIS FILE - it is machine generated */
-#include <jni.h>
-/* Header for class org_libjpegturbo_turbojpeg_TJDecompressor */
-
-#ifndef _Included_org_libjpegturbo_turbojpeg_TJDecompressor
-#define _Included_org_libjpegturbo_turbojpeg_TJDecompressor
-#ifdef __cplusplus
-extern "C" {
-#endif
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJDecompressor
- * Method:    init
- * Signature: ()V
- */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_init
-  (JNIEnv *, jobject);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJDecompressor
- * Method:    destroy
- * Signature: ()V
- */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_destroy
-  (JNIEnv *, jobject);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJDecompressor
- * Method:    decompressHeader
- * Signature: ([BI)V
- */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompressHeader
-  (JNIEnv *, jobject, jbyteArray, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJDecompressor
- * Method:    decompress
- * Signature: ([BI[BIIIII)V
- */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompress___3BI_3BIIIII
-  (JNIEnv *, jobject, jbyteArray, jint, jbyteArray, jint, jint, jint, jint, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJDecompressor
- * Method:    decompress
- * Signature: ([BI[BIIIIIII)V
- */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompress___3BI_3BIIIIIII
-  (JNIEnv *, jobject, jbyteArray, jint, jbyteArray, jint, jint, jint, jint, jint, jint, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJDecompressor
- * Method:    decompress
- * Signature: ([BI[IIIIII)V
- */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompress___3BI_3IIIIII
-  (JNIEnv *, jobject, jbyteArray, jint, jintArray, jint, jint, jint, jint, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJDecompressor
- * Method:    decompress
- * Signature: ([BI[IIIIIIII)V
- */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompress___3BI_3IIIIIIII
-  (JNIEnv *, jobject, jbyteArray, jint, jintArray, jint, jint, jint, jint, jint, jint, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJDecompressor
- * Method:    decompressToYUV
- * Signature: ([BI[BI)V
- */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompressToYUV___3BI_3BI
-  (JNIEnv *, jobject, jbyteArray, jint, jbyteArray, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJDecompressor
- * Method:    decompressToYUV
- * Signature: ([BI[[B[II[III)V
- */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompressToYUV___3BI_3_3B_3II_3III
-  (JNIEnv *, jobject, jbyteArray, jint, jobjectArray, jintArray, jint, jintArray, jint, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJDecompressor
- * Method:    decodeYUV
- * Signature: ([[B[I[II[BIIIIIII)V
- */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_decodeYUV___3_3B_3I_3II_3BIIIIIII
-  (JNIEnv *, jobject, jobjectArray, jintArray, jintArray, jint, jbyteArray, jint, jint, jint, jint, jint, jint, jint);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJDecompressor
- * Method:    decodeYUV
- * Signature: ([[B[I[II[IIIIIIII)V
- */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_decodeYUV___3_3B_3I_3II_3IIIIIIII
-  (JNIEnv *, jobject, jobjectArray, jintArray, jintArray, jint, jintArray, jint, jint, jint, jint, jint, jint, jint);
-
-#ifdef __cplusplus
-}
-#endif
-#endif
diff --git a/3rdparty/libjpeg-turbo_2_1_0/java/org_libjpegturbo_turbojpeg_TJTransformer.h b/3rdparty/libjpeg-turbo_2_1_0/java/org_libjpegturbo_turbojpeg_TJTransformer.h
deleted file mode 100644
index a9dad4d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/java/org_libjpegturbo_turbojpeg_TJTransformer.h
+++ /dev/null
@@ -1,29 +0,0 @@
-/* DO NOT EDIT THIS FILE - it is machine generated */
-#include <jni.h>
-/* Header for class org_libjpegturbo_turbojpeg_TJTransformer */
-
-#ifndef _Included_org_libjpegturbo_turbojpeg_TJTransformer
-#define _Included_org_libjpegturbo_turbojpeg_TJTransformer
-#ifdef __cplusplus
-extern "C" {
-#endif
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJTransformer
- * Method:    init
- * Signature: ()V
- */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJTransformer_init
-  (JNIEnv *, jobject);
-
-/*
- * Class:     org_libjpegturbo_turbojpeg_TJTransformer
- * Method:    transform
- * Signature: ([BI[[B[Lorg/libjpegturbo/turbojpeg/TJTransform;I)[I
- */
-JNIEXPORT jintArray JNICALL Java_org_libjpegturbo_turbojpeg_TJTransformer_transform
-  (JNIEnv *, jobject, jbyteArray, jint, jobjectArray, jobjectArray, jint);
-
-#ifdef __cplusplus
-}
-#endif
-#endif
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jcapimin.c b/3rdparty/libjpeg-turbo_2_1_0/jcapimin.c
deleted file mode 100644
index 178c55b..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jcapimin.c
+++ /dev/null
@@ -1,295 +0,0 @@
-/*
- * jcapimin.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1998, Thomas G. Lane.
- * Modified 2003-2010 by Guido Vollbeding.
- * It was modified by The libjpeg-turbo Project to include only code relevant
- * to libjpeg-turbo.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains application interface code for the compression half
- * of the JPEG library.  These are the "minimum" API routines that may be
- * needed in either the normal full-compression case or the transcoding-only
- * case.
- *
- * Most of the routines intended to be called directly by an application
- * are in this file or in jcapistd.c.  But also see jcparam.c for
- * parameter-setup helper routines, jcomapi.c for routines shared by
- * compression and decompression, and jctrans.c for the transcoding case.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-
-
-/*
- * Initialization of a JPEG compression object.
- * The error manager must already be set up (in case memory manager fails).
- */
-
-GLOBAL(void)
-jpeg_CreateCompress(j_compress_ptr cinfo, int version, size_t structsize)
-{
-  int i;
-
-  /* Guard against version mismatches between library and caller. */
-  cinfo->mem = NULL;            /* so jpeg_destroy knows mem mgr not called */
-  if (version != JPEG_LIB_VERSION)
-    ERREXIT2(cinfo, JERR_BAD_LIB_VERSION, JPEG_LIB_VERSION, version);
-  if (structsize != sizeof(struct jpeg_compress_struct))
-    ERREXIT2(cinfo, JERR_BAD_STRUCT_SIZE,
-             (int)sizeof(struct jpeg_compress_struct), (int)structsize);
-
-  /* For debugging purposes, we zero the whole master structure.
-   * But the application has already set the err pointer, and may have set
-   * client_data, so we have to save and restore those fields.
-   * Note: if application hasn't set client_data, tools like Purify may
-   * complain here.
-   */
-  {
-    struct jpeg_error_mgr *err = cinfo->err;
-    void *client_data = cinfo->client_data; /* ignore Purify complaint here */
-    MEMZERO(cinfo, sizeof(struct jpeg_compress_struct));
-    cinfo->err = err;
-    cinfo->client_data = client_data;
-  }
-  cinfo->is_decompressor = FALSE;
-
-  /* Initialize a memory manager instance for this object */
-  jinit_memory_mgr((j_common_ptr)cinfo);
-
-  /* Zero out pointers to permanent structures. */
-  cinfo->progress = NULL;
-  cinfo->dest = NULL;
-
-  cinfo->comp_info = NULL;
-
-  for (i = 0; i < NUM_QUANT_TBLS; i++) {
-    cinfo->quant_tbl_ptrs[i] = NULL;
-#if JPEG_LIB_VERSION >= 70
-    cinfo->q_scale_factor[i] = 100;
-#endif
-  }
-
-  for (i = 0; i < NUM_HUFF_TBLS; i++) {
-    cinfo->dc_huff_tbl_ptrs[i] = NULL;
-    cinfo->ac_huff_tbl_ptrs[i] = NULL;
-  }
-
-#if JPEG_LIB_VERSION >= 80
-  /* Must do it here for emit_dqt in case jpeg_write_tables is used */
-  cinfo->block_size = DCTSIZE;
-  cinfo->natural_order = jpeg_natural_order;
-  cinfo->lim_Se = DCTSIZE2 - 1;
-#endif
-
-  cinfo->script_space = NULL;
-
-  cinfo->input_gamma = 1.0;     /* in case application forgets */
-
-  /* OK, I'm ready */
-  cinfo->global_state = CSTATE_START;
-}
-
-
-/*
- * Destruction of a JPEG compression object
- */
-
-GLOBAL(void)
-jpeg_destroy_compress(j_compress_ptr cinfo)
-{
-  jpeg_destroy((j_common_ptr)cinfo); /* use common routine */
-}
-
-
-/*
- * Abort processing of a JPEG compression operation,
- * but don't destroy the object itself.
- */
-
-GLOBAL(void)
-jpeg_abort_compress(j_compress_ptr cinfo)
-{
-  jpeg_abort((j_common_ptr)cinfo); /* use common routine */
-}
-
-
-/*
- * Forcibly suppress or un-suppress all quantization and Huffman tables.
- * Marks all currently defined tables as already written (if suppress)
- * or not written (if !suppress).  This will control whether they get emitted
- * by a subsequent jpeg_start_compress call.
- *
- * This routine is exported for use by applications that want to produce
- * abbreviated JPEG datastreams.  It logically belongs in jcparam.c, but
- * since it is called by jpeg_start_compress, we put it here --- otherwise
- * jcparam.o would be linked whether the application used it or not.
- */
-
-GLOBAL(void)
-jpeg_suppress_tables(j_compress_ptr cinfo, boolean suppress)
-{
-  int i;
-  JQUANT_TBL *qtbl;
-  JHUFF_TBL *htbl;
-
-  for (i = 0; i < NUM_QUANT_TBLS; i++) {
-    if ((qtbl = cinfo->quant_tbl_ptrs[i]) != NULL)
-      qtbl->sent_table = suppress;
-  }
-
-  for (i = 0; i < NUM_HUFF_TBLS; i++) {
-    if ((htbl = cinfo->dc_huff_tbl_ptrs[i]) != NULL)
-      htbl->sent_table = suppress;
-    if ((htbl = cinfo->ac_huff_tbl_ptrs[i]) != NULL)
-      htbl->sent_table = suppress;
-  }
-}
-
-
-/*
- * Finish JPEG compression.
- *
- * If a multipass operating mode was selected, this may do a great deal of
- * work including most of the actual output.
- */
-
-GLOBAL(void)
-jpeg_finish_compress(j_compress_ptr cinfo)
-{
-  JDIMENSION iMCU_row;
-
-  if (cinfo->global_state == CSTATE_SCANNING ||
-      cinfo->global_state == CSTATE_RAW_OK) {
-    /* Terminate first pass */
-    if (cinfo->next_scanline < cinfo->image_height)
-      ERREXIT(cinfo, JERR_TOO_LITTLE_DATA);
-    (*cinfo->master->finish_pass) (cinfo);
-  } else if (cinfo->global_state != CSTATE_WRCOEFS)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-  /* Perform any remaining passes */
-  while (!cinfo->master->is_last_pass) {
-    (*cinfo->master->prepare_for_pass) (cinfo);
-    for (iMCU_row = 0; iMCU_row < cinfo->total_iMCU_rows; iMCU_row++) {
-      if (cinfo->progress != NULL) {
-        cinfo->progress->pass_counter = (long)iMCU_row;
-        cinfo->progress->pass_limit = (long)cinfo->total_iMCU_rows;
-        (*cinfo->progress->progress_monitor) ((j_common_ptr)cinfo);
-      }
-      /* We bypass the main controller and invoke coef controller directly;
-       * all work is being done from the coefficient buffer.
-       */
-      if (!(*cinfo->coef->compress_data) (cinfo, (JSAMPIMAGE)NULL))
-        ERREXIT(cinfo, JERR_CANT_SUSPEND);
-    }
-    (*cinfo->master->finish_pass) (cinfo);
-  }
-  /* Write EOI, do final cleanup */
-  (*cinfo->marker->write_file_trailer) (cinfo);
-  (*cinfo->dest->term_destination) (cinfo);
-  /* We can use jpeg_abort to release memory and reset global_state */
-  jpeg_abort((j_common_ptr)cinfo);
-}
-
-
-/*
- * Write a special marker.
- * This is only recommended for writing COM or APPn markers.
- * Must be called after jpeg_start_compress() and before
- * first call to jpeg_write_scanlines() or jpeg_write_raw_data().
- */
-
-GLOBAL(void)
-jpeg_write_marker(j_compress_ptr cinfo, int marker, const JOCTET *dataptr,
-                  unsigned int datalen)
-{
-  void (*write_marker_byte) (j_compress_ptr info, int val);
-
-  if (cinfo->next_scanline != 0 ||
-      (cinfo->global_state != CSTATE_SCANNING &&
-       cinfo->global_state != CSTATE_RAW_OK &&
-       cinfo->global_state != CSTATE_WRCOEFS))
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-
-  (*cinfo->marker->write_marker_header) (cinfo, marker, datalen);
-  write_marker_byte = cinfo->marker->write_marker_byte; /* copy for speed */
-  while (datalen--) {
-    (*write_marker_byte) (cinfo, *dataptr);
-    dataptr++;
-  }
-}
-
-/* Same, but piecemeal. */
-
-GLOBAL(void)
-jpeg_write_m_header(j_compress_ptr cinfo, int marker, unsigned int datalen)
-{
-  if (cinfo->next_scanline != 0 ||
-      (cinfo->global_state != CSTATE_SCANNING &&
-       cinfo->global_state != CSTATE_RAW_OK &&
-       cinfo->global_state != CSTATE_WRCOEFS))
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-
-  (*cinfo->marker->write_marker_header) (cinfo, marker, datalen);
-}
-
-GLOBAL(void)
-jpeg_write_m_byte(j_compress_ptr cinfo, int val)
-{
-  (*cinfo->marker->write_marker_byte) (cinfo, val);
-}
-
-
-/*
- * Alternate compression function: just write an abbreviated table file.
- * Before calling this, all parameters and a data destination must be set up.
- *
- * To produce a pair of files containing abbreviated tables and abbreviated
- * image data, one would proceed as follows:
- *
- *              initialize JPEG object
- *              set JPEG parameters
- *              set destination to table file
- *              jpeg_write_tables(cinfo);
- *              set destination to image file
- *              jpeg_start_compress(cinfo, FALSE);
- *              write data...
- *              jpeg_finish_compress(cinfo);
- *
- * jpeg_write_tables has the side effect of marking all tables written
- * (same as jpeg_suppress_tables(..., TRUE)).  Thus a subsequent start_compress
- * will not re-emit the tables unless it is passed write_all_tables=TRUE.
- */
-
-GLOBAL(void)
-jpeg_write_tables(j_compress_ptr cinfo)
-{
-  if (cinfo->global_state != CSTATE_START)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-
-  /* (Re)initialize error mgr and destination modules */
-  (*cinfo->err->reset_error_mgr) ((j_common_ptr)cinfo);
-  (*cinfo->dest->init_destination) (cinfo);
-  /* Initialize the marker writer ... bit of a crock to do it here. */
-  jinit_marker_writer(cinfo);
-  /* Write them tables! */
-  (*cinfo->marker->write_tables_only) (cinfo);
-  /* And clean up. */
-  (*cinfo->dest->term_destination) (cinfo);
-  /*
-   * In library releases up through v6a, we called jpeg_abort() here to free
-   * any working memory allocated by the destination manager and marker
-   * writer.  Some applications had a problem with that: they allocated space
-   * of their own from the library memory manager, and didn't want it to go
-   * away during write_tables.  So now we do nothing.  This will cause a
-   * memory leak if an app calls write_tables repeatedly without doing a full
-   * compression cycle or otherwise resetting the JPEG object.  However, that
-   * seems less bad than unexpectedly freeing memory in the normal case.
-   * An app that prefers the old behavior can call jpeg_abort for itself after
-   * each call to jpeg_write_tables().
-   */
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jcapistd.c b/3rdparty/libjpeg-turbo_2_1_0/jcapistd.c
deleted file mode 100644
index aa2aad9..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jcapistd.c
+++ /dev/null
@@ -1,162 +0,0 @@
-/*
- * jcapistd.c
- *
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * This file is part of the Independent JPEG Group's software.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains application interface code for the compression half
- * of the JPEG library.  These are the "standard" API routines that are
- * used in the normal full-compression case.  They are not used by a
- * transcoding-only application.  Note that if an application links in
- * jpeg_start_compress, it will end up linking in the entire compressor.
- * We thus must separate this file from jcapimin.c to avoid linking the
- * whole compression library into a transcoder.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-
-
-/*
- * Compression initialization.
- * Before calling this, all parameters and a data destination must be set up.
- *
- * We require a write_all_tables parameter as a failsafe check when writing
- * multiple datastreams from the same compression object.  Since prior runs
- * will have left all the tables marked sent_table=TRUE, a subsequent run
- * would emit an abbreviated stream (no tables) by default.  This may be what
- * is wanted, but for safety's sake it should not be the default behavior:
- * programmers should have to make a deliberate choice to emit abbreviated
- * images.  Therefore the documentation and examples should encourage people
- * to pass write_all_tables=TRUE; then it will take active thought to do the
- * wrong thing.
- */
-
-GLOBAL(void)
-jpeg_start_compress(j_compress_ptr cinfo, boolean write_all_tables)
-{
-  if (cinfo->global_state != CSTATE_START)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-
-  if (write_all_tables)
-    jpeg_suppress_tables(cinfo, FALSE); /* mark all tables to be written */
-
-  /* (Re)initialize error mgr and destination modules */
-  (*cinfo->err->reset_error_mgr) ((j_common_ptr)cinfo);
-  (*cinfo->dest->init_destination) (cinfo);
-  /* Perform master selection of active modules */
-  jinit_compress_master(cinfo);
-  /* Set up for the first pass */
-  (*cinfo->master->prepare_for_pass) (cinfo);
-  /* Ready for application to drive first pass through jpeg_write_scanlines
-   * or jpeg_write_raw_data.
-   */
-  cinfo->next_scanline = 0;
-  cinfo->global_state = (cinfo->raw_data_in ? CSTATE_RAW_OK : CSTATE_SCANNING);
-}
-
-
-/*
- * Write some scanlines of data to the JPEG compressor.
- *
- * The return value will be the number of lines actually written.
- * This should be less than the supplied num_lines only in case that
- * the data destination module has requested suspension of the compressor,
- * or if more than image_height scanlines are passed in.
- *
- * Note: we warn about excess calls to jpeg_write_scanlines() since
- * this likely signals an application programmer error.  However,
- * excess scanlines passed in the last valid call are *silently* ignored,
- * so that the application need not adjust num_lines for end-of-image
- * when using a multiple-scanline buffer.
- */
-
-GLOBAL(JDIMENSION)
-jpeg_write_scanlines(j_compress_ptr cinfo, JSAMPARRAY scanlines,
-                     JDIMENSION num_lines)
-{
-  JDIMENSION row_ctr, rows_left;
-
-  if (cinfo->global_state != CSTATE_SCANNING)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-  if (cinfo->next_scanline >= cinfo->image_height)
-    WARNMS(cinfo, JWRN_TOO_MUCH_DATA);
-
-  /* Call progress monitor hook if present */
-  if (cinfo->progress != NULL) {
-    cinfo->progress->pass_counter = (long)cinfo->next_scanline;
-    cinfo->progress->pass_limit = (long)cinfo->image_height;
-    (*cinfo->progress->progress_monitor) ((j_common_ptr)cinfo);
-  }
-
-  /* Give master control module another chance if this is first call to
-   * jpeg_write_scanlines.  This lets output of the frame/scan headers be
-   * delayed so that application can write COM, etc, markers between
-   * jpeg_start_compress and jpeg_write_scanlines.
-   */
-  if (cinfo->master->call_pass_startup)
-    (*cinfo->master->pass_startup) (cinfo);
-
-  /* Ignore any extra scanlines at bottom of image. */
-  rows_left = cinfo->image_height - cinfo->next_scanline;
-  if (num_lines > rows_left)
-    num_lines = rows_left;
-
-  row_ctr = 0;
-  (*cinfo->main->process_data) (cinfo, scanlines, &row_ctr, num_lines);
-  cinfo->next_scanline += row_ctr;
-  return row_ctr;
-}
-
-
-/*
- * Alternate entry point to write raw data.
- * Processes exactly one iMCU row per call, unless suspended.
- */
-
-GLOBAL(JDIMENSION)
-jpeg_write_raw_data(j_compress_ptr cinfo, JSAMPIMAGE data,
-                    JDIMENSION num_lines)
-{
-  JDIMENSION lines_per_iMCU_row;
-
-  if (cinfo->global_state != CSTATE_RAW_OK)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-  if (cinfo->next_scanline >= cinfo->image_height) {
-    WARNMS(cinfo, JWRN_TOO_MUCH_DATA);
-    return 0;
-  }
-
-  /* Call progress monitor hook if present */
-  if (cinfo->progress != NULL) {
-    cinfo->progress->pass_counter = (long)cinfo->next_scanline;
-    cinfo->progress->pass_limit = (long)cinfo->image_height;
-    (*cinfo->progress->progress_monitor) ((j_common_ptr)cinfo);
-  }
-
-  /* Give master control module another chance if this is first call to
-   * jpeg_write_raw_data.  This lets output of the frame/scan headers be
-   * delayed so that application can write COM, etc, markers between
-   * jpeg_start_compress and jpeg_write_raw_data.
-   */
-  if (cinfo->master->call_pass_startup)
-    (*cinfo->master->pass_startup) (cinfo);
-
-  /* Verify that at least one iMCU row has been passed. */
-  lines_per_iMCU_row = cinfo->max_v_samp_factor * DCTSIZE;
-  if (num_lines < lines_per_iMCU_row)
-    ERREXIT(cinfo, JERR_BUFFER_SIZE);
-
-  /* Directly compress the row. */
-  if (!(*cinfo->coef->compress_data) (cinfo, data)) {
-    /* If compressor did not consume the whole row, suspend processing. */
-    return 0;
-  }
-
-  /* OK, we processed one iMCU row. */
-  cinfo->next_scanline += lines_per_iMCU_row;
-  return lines_per_iMCU_row;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jcarith.c b/3rdparty/libjpeg-turbo_2_1_0/jcarith.c
deleted file mode 100644
index b6d093f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jcarith.c
+++ /dev/null
@@ -1,932 +0,0 @@
-/*
- * jcarith.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Developed 1997-2009 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2015, 2018, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains portable arithmetic entropy encoding routines for JPEG
- * (implementing Recommendation ITU-T T.81 | ISO/IEC 10918-1).
- *
- * Both sequential and progressive modes are supported in this single module.
- *
- * Suspension is not currently supported in this module.
- *
- * NOTE: All referenced figures are from
- * Recommendation ITU-T T.81 (1992) | ISO/IEC 10918-1:1994.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-
-
-/* Expanded entropy encoder object for arithmetic encoding. */
-
-typedef struct {
-  struct jpeg_entropy_encoder pub; /* public fields */
-
-  JLONG c; /* C register, base of coding interval, layout as in sec. D.1.3 */
-  JLONG a;               /* A register, normalized size of coding interval */
-  JLONG sc;        /* counter for stacked 0xFF values which might overflow */
-  JLONG zc;          /* counter for pending 0x00 output values which might *
-                          * be discarded at the end ("Pacman" termination) */
-  int ct;  /* bit shift counter, determines when next byte will be written */
-  int buffer;                /* buffer for most recent output byte != 0xFF */
-
-  int last_dc_val[MAX_COMPS_IN_SCAN]; /* last DC coef for each component */
-  int dc_context[MAX_COMPS_IN_SCAN]; /* context index for DC conditioning */
-
-  unsigned int restarts_to_go;  /* MCUs left in this restart interval */
-  int next_restart_num;         /* next restart number to write (0-7) */
-
-  /* Pointers to statistics areas (these workspaces have image lifespan) */
-  unsigned char *dc_stats[NUM_ARITH_TBLS];
-  unsigned char *ac_stats[NUM_ARITH_TBLS];
-
-  /* Statistics bin for coding with fixed probability 0.5 */
-  unsigned char fixed_bin[4];
-} arith_entropy_encoder;
-
-typedef arith_entropy_encoder *arith_entropy_ptr;
-
-/* The following two definitions specify the allocation chunk size
- * for the statistics area.
- * According to sections F.1.4.4.1.3 and F.1.4.4.2, we need at least
- * 49 statistics bins for DC, and 245 statistics bins for AC coding.
- *
- * We use a compact representation with 1 byte per statistics bin,
- * thus the numbers directly represent byte sizes.
- * This 1 byte per statistics bin contains the meaning of the MPS
- * (more probable symbol) in the highest bit (mask 0x80), and the
- * index into the probability estimation state machine table
- * in the lower bits (mask 0x7F).
- */
-
-#define DC_STAT_BINS  64
-#define AC_STAT_BINS  256
-
-/* NOTE: Uncomment the following #define if you want to use the
- * given formula for calculating the AC conditioning parameter Kx
- * for spectral selection progressive coding in section G.1.3.2
- * of the spec (Kx = Kmin + SRL (8 + Se - Kmin) 4).
- * Although the spec and P&M authors claim that this "has proven
- * to give good results for 8 bit precision samples", I'm not
- * convinced yet that this is really beneficial.
- * Early tests gave only very marginal compression enhancements
- * (a few - around 5 or so - bytes even for very large files),
- * which would turn out rather negative if we'd suppress the
- * DAC (Define Arithmetic Conditioning) marker segments for
- * the default parameters in the future.
- * Note that currently the marker writing module emits 12-byte
- * DAC segments for a full-component scan in a color image.
- * This is not worth worrying about IMHO. However, since the
- * spec defines the default values to be used if the tables
- * are omitted (unlike Huffman tables, which are required
- * anyway), one might optimize this behaviour in the future,
- * and then it would be disadvantageous to use custom tables if
- * they don't provide sufficient gain to exceed the DAC size.
- *
- * On the other hand, I'd consider it as a reasonable result
- * that the conditioning has no significant influence on the
- * compression performance. This means that the basic
- * statistical model is already rather stable.
- *
- * Thus, at the moment, we use the default conditioning values
- * anyway, and do not use the custom formula.
- *
-#define CALCULATE_SPECTRAL_CONDITIONING
- */
-
-/* IRIGHT_SHIFT is like RIGHT_SHIFT, but works on int rather than JLONG.
- * We assume that int right shift is unsigned if JLONG right shift is,
- * which should be safe.
- */
-
-#ifdef RIGHT_SHIFT_IS_UNSIGNED
-#define ISHIFT_TEMPS    int ishift_temp;
-#define IRIGHT_SHIFT(x, shft) \
-  ((ishift_temp = (x)) < 0 ? \
-   (ishift_temp >> (shft)) | ((~0) << (16 - (shft))) : \
-   (ishift_temp >> (shft)))
-#else
-#define ISHIFT_TEMPS
-#define IRIGHT_SHIFT(x, shft)   ((x) >> (shft))
-#endif
-
-
-LOCAL(void)
-emit_byte(int val, j_compress_ptr cinfo)
-/* Write next output byte; we do not support suspension in this module. */
-{
-  struct jpeg_destination_mgr *dest = cinfo->dest;
-
-  *dest->next_output_byte++ = (JOCTET)val;
-  if (--dest->free_in_buffer == 0)
-    if (!(*dest->empty_output_buffer) (cinfo))
-      ERREXIT(cinfo, JERR_CANT_SUSPEND);
-}
-
-
-/*
- * Finish up at the end of an arithmetic-compressed scan.
- */
-
-METHODDEF(void)
-finish_pass(j_compress_ptr cinfo)
-{
-  arith_entropy_ptr e = (arith_entropy_ptr)cinfo->entropy;
-  JLONG temp;
-
-  /* Section D.1.8: Termination of encoding */
-
-  /* Find the e->c in the coding interval with the largest
-   * number of trailing zero bits */
-  if ((temp = (e->a - 1 + e->c) & 0xFFFF0000UL) < e->c)
-    e->c = temp + 0x8000L;
-  else
-    e->c = temp;
-  /* Send remaining bytes to output */
-  e->c <<= e->ct;
-  if (e->c & 0xF8000000UL) {
-    /* One final overflow has to be handled */
-    if (e->buffer >= 0) {
-      if (e->zc)
-        do emit_byte(0x00, cinfo);
-        while (--e->zc);
-      emit_byte(e->buffer + 1, cinfo);
-      if (e->buffer + 1 == 0xFF)
-        emit_byte(0x00, cinfo);
-    }
-    e->zc += e->sc;  /* carry-over converts stacked 0xFF bytes to 0x00 */
-    e->sc = 0;
-  } else {
-    if (e->buffer == 0)
-      ++e->zc;
-    else if (e->buffer >= 0) {
-      if (e->zc)
-        do emit_byte(0x00, cinfo);
-        while (--e->zc);
-      emit_byte(e->buffer, cinfo);
-    }
-    if (e->sc) {
-      if (e->zc)
-        do emit_byte(0x00, cinfo);
-        while (--e->zc);
-      do {
-        emit_byte(0xFF, cinfo);
-        emit_byte(0x00, cinfo);
-      } while (--e->sc);
-    }
-  }
-  /* Output final bytes only if they are not 0x00 */
-  if (e->c & 0x7FFF800L) {
-    if (e->zc)  /* output final pending zero bytes */
-      do emit_byte(0x00, cinfo);
-      while (--e->zc);
-    emit_byte((e->c >> 19) & 0xFF, cinfo);
-    if (((e->c >> 19) & 0xFF) == 0xFF)
-      emit_byte(0x00, cinfo);
-    if (e->c & 0x7F800L) {
-      emit_byte((e->c >> 11) & 0xFF, cinfo);
-      if (((e->c >> 11) & 0xFF) == 0xFF)
-        emit_byte(0x00, cinfo);
-    }
-  }
-}
-
-
-/*
- * The core arithmetic encoding routine (common in JPEG and JBIG).
- * This needs to go as fast as possible.
- * Machine-dependent optimization facilities
- * are not utilized in this portable implementation.
- * However, this code should be fairly efficient and
- * may be a good base for further optimizations anyway.
- *
- * Parameter 'val' to be encoded may be 0 or 1 (binary decision).
- *
- * Note: I've added full "Pacman" termination support to the
- * byte output routines, which is equivalent to the optional
- * Discard_final_zeros procedure (Figure D.15) in the spec.
- * Thus, we always produce the shortest possible output
- * stream compliant to the spec (no trailing zero bytes,
- * except for FF stuffing).
- *
- * I've also introduced a new scheme for accessing
- * the probability estimation state machine table,
- * derived from Markus Kuhn's JBIG implementation.
- */
-
-LOCAL(void)
-arith_encode(j_compress_ptr cinfo, unsigned char *st, int val)
-{
-  register arith_entropy_ptr e = (arith_entropy_ptr)cinfo->entropy;
-  register unsigned char nl, nm;
-  register JLONG qe, temp;
-  register int sv;
-
-  /* Fetch values from our compact representation of Table D.2:
-   * Qe values and probability estimation state machine
-   */
-  sv = *st;
-  qe = jpeg_aritab[sv & 0x7F];  /* => Qe_Value */
-  nl = qe & 0xFF;  qe >>= 8;    /* Next_Index_LPS + Switch_MPS */
-  nm = qe & 0xFF;  qe >>= 8;    /* Next_Index_MPS */
-
-  /* Encode & estimation procedures per sections D.1.4 & D.1.5 */
-  e->a -= qe;
-  if (val != (sv >> 7)) {
-    /* Encode the less probable symbol */
-    if (e->a >= qe) {
-      /* If the interval size (qe) for the less probable symbol (LPS)
-       * is larger than the interval size for the MPS, then exchange
-       * the two symbols for coding efficiency, otherwise code the LPS
-       * as usual: */
-      e->c += e->a;
-      e->a = qe;
-    }
-    *st = (sv & 0x80) ^ nl;     /* Estimate_after_LPS */
-  } else {
-    /* Encode the more probable symbol */
-    if (e->a >= 0x8000L)
-      return;  /* A >= 0x8000 -> ready, no renormalization required */
-    if (e->a < qe) {
-      /* If the interval size (qe) for the less probable symbol (LPS)
-       * is larger than the interval size for the MPS, then exchange
-       * the two symbols for coding efficiency: */
-      e->c += e->a;
-      e->a = qe;
-    }
-    *st = (sv & 0x80) ^ nm;     /* Estimate_after_MPS */
-  }
-
-  /* Renormalization & data output per section D.1.6 */
-  do {
-    e->a <<= 1;
-    e->c <<= 1;
-    if (--e->ct == 0) {
-      /* Another byte is ready for output */
-      temp = e->c >> 19;
-      if (temp > 0xFF) {
-        /* Handle overflow over all stacked 0xFF bytes */
-        if (e->buffer >= 0) {
-          if (e->zc)
-            do emit_byte(0x00, cinfo);
-            while (--e->zc);
-          emit_byte(e->buffer + 1, cinfo);
-          if (e->buffer + 1 == 0xFF)
-            emit_byte(0x00, cinfo);
-        }
-        e->zc += e->sc;  /* carry-over converts stacked 0xFF bytes to 0x00 */
-        e->sc = 0;
-        /* Note: The 3 spacer bits in the C register guarantee
-         * that the new buffer byte can't be 0xFF here
-         * (see page 160 in the P&M JPEG book). */
-        e->buffer = temp & 0xFF;  /* new output byte, might overflow later */
-      } else if (temp == 0xFF) {
-        ++e->sc;  /* stack 0xFF byte (which might overflow later) */
-      } else {
-        /* Output all stacked 0xFF bytes, they will not overflow any more */
-        if (e->buffer == 0)
-          ++e->zc;
-        else if (e->buffer >= 0) {
-          if (e->zc)
-            do emit_byte(0x00, cinfo);
-            while (--e->zc);
-          emit_byte(e->buffer, cinfo);
-        }
-        if (e->sc) {
-          if (e->zc)
-            do emit_byte(0x00, cinfo);
-            while (--e->zc);
-          do {
-            emit_byte(0xFF, cinfo);
-            emit_byte(0x00, cinfo);
-          } while (--e->sc);
-        }
-        e->buffer = temp & 0xFF;  /* new output byte (can still overflow) */
-      }
-      e->c &= 0x7FFFFL;
-      e->ct += 8;
-    }
-  } while (e->a < 0x8000L);
-}
-
-
-/*
- * Emit a restart marker & resynchronize predictions.
- */
-
-LOCAL(void)
-emit_restart(j_compress_ptr cinfo, int restart_num)
-{
-  arith_entropy_ptr entropy = (arith_entropy_ptr)cinfo->entropy;
-  int ci;
-  jpeg_component_info *compptr;
-
-  finish_pass(cinfo);
-
-  emit_byte(0xFF, cinfo);
-  emit_byte(JPEG_RST0 + restart_num, cinfo);
-
-  /* Re-initialize statistics areas */
-  for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-    compptr = cinfo->cur_comp_info[ci];
-    /* DC needs no table for refinement scan */
-    if (cinfo->progressive_mode == 0 || (cinfo->Ss == 0 && cinfo->Ah == 0)) {
-      MEMZERO(entropy->dc_stats[compptr->dc_tbl_no], DC_STAT_BINS);
-      /* Reset DC predictions to 0 */
-      entropy->last_dc_val[ci] = 0;
-      entropy->dc_context[ci] = 0;
-    }
-    /* AC needs no table when not present */
-    if (cinfo->progressive_mode == 0 || cinfo->Se) {
-      MEMZERO(entropy->ac_stats[compptr->ac_tbl_no], AC_STAT_BINS);
-    }
-  }
-
-  /* Reset arithmetic encoding variables */
-  entropy->c = 0;
-  entropy->a = 0x10000L;
-  entropy->sc = 0;
-  entropy->zc = 0;
-  entropy->ct = 11;
-  entropy->buffer = -1;  /* empty */
-}
-
-
-/*
- * MCU encoding for DC initial scan (either spectral selection,
- * or first pass of successive approximation).
- */
-
-METHODDEF(boolean)
-encode_mcu_DC_first(j_compress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  arith_entropy_ptr entropy = (arith_entropy_ptr)cinfo->entropy;
-  JBLOCKROW block;
-  unsigned char *st;
-  int blkn, ci, tbl;
-  int v, v2, m;
-  ISHIFT_TEMPS
-
-  /* Emit restart marker if needed */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0) {
-      emit_restart(cinfo, entropy->next_restart_num);
-      entropy->restarts_to_go = cinfo->restart_interval;
-      entropy->next_restart_num++;
-      entropy->next_restart_num &= 7;
-    }
-    entropy->restarts_to_go--;
-  }
-
-  /* Encode the MCU data blocks */
-  for (blkn = 0; blkn < cinfo->blocks_in_MCU; blkn++) {
-    block = MCU_data[blkn];
-    ci = cinfo->MCU_membership[blkn];
-    tbl = cinfo->cur_comp_info[ci]->dc_tbl_no;
-
-    /* Compute the DC value after the required point transform by Al.
-     * This is simply an arithmetic right shift.
-     */
-    m = IRIGHT_SHIFT((int)((*block)[0]), cinfo->Al);
-
-    /* Sections F.1.4.1 & F.1.4.4.1: Encoding of DC coefficients */
-
-    /* Table F.4: Point to statistics bin S0 for DC coefficient coding */
-    st = entropy->dc_stats[tbl] + entropy->dc_context[ci];
-
-    /* Figure F.4: Encode_DC_DIFF */
-    if ((v = m - entropy->last_dc_val[ci]) == 0) {
-      arith_encode(cinfo, st, 0);
-      entropy->dc_context[ci] = 0;      /* zero diff category */
-    } else {
-      entropy->last_dc_val[ci] = m;
-      arith_encode(cinfo, st, 1);
-      /* Figure F.6: Encoding nonzero value v */
-      /* Figure F.7: Encoding the sign of v */
-      if (v > 0) {
-        arith_encode(cinfo, st + 1, 0); /* Table F.4: SS = S0 + 1 */
-        st += 2;                        /* Table F.4: SP = S0 + 2 */
-        entropy->dc_context[ci] = 4;    /* small positive diff category */
-      } else {
-        v = -v;
-        arith_encode(cinfo, st + 1, 1); /* Table F.4: SS = S0 + 1 */
-        st += 3;                        /* Table F.4: SN = S0 + 3 */
-        entropy->dc_context[ci] = 8;    /* small negative diff category */
-      }
-      /* Figure F.8: Encoding the magnitude category of v */
-      m = 0;
-      if (v -= 1) {
-        arith_encode(cinfo, st, 1);
-        m = 1;
-        v2 = v;
-        st = entropy->dc_stats[tbl] + 20; /* Table F.4: X1 = 20 */
-        while (v2 >>= 1) {
-          arith_encode(cinfo, st, 1);
-          m <<= 1;
-          st += 1;
-        }
-      }
-      arith_encode(cinfo, st, 0);
-      /* Section F.1.4.4.1.2: Establish dc_context conditioning category */
-      if (m < (int)((1L << cinfo->arith_dc_L[tbl]) >> 1))
-        entropy->dc_context[ci] = 0;    /* zero diff category */
-      else if (m > (int)((1L << cinfo->arith_dc_U[tbl]) >> 1))
-        entropy->dc_context[ci] += 8;   /* large diff category */
-      /* Figure F.9: Encoding the magnitude bit pattern of v */
-      st += 14;
-      while (m >>= 1)
-        arith_encode(cinfo, st, (m & v) ? 1 : 0);
-    }
-  }
-
-  return TRUE;
-}
-
-
-/*
- * MCU encoding for AC initial scan (either spectral selection,
- * or first pass of successive approximation).
- */
-
-METHODDEF(boolean)
-encode_mcu_AC_first(j_compress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  arith_entropy_ptr entropy = (arith_entropy_ptr)cinfo->entropy;
-  JBLOCKROW block;
-  unsigned char *st;
-  int tbl, k, ke;
-  int v, v2, m;
-
-  /* Emit restart marker if needed */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0) {
-      emit_restart(cinfo, entropy->next_restart_num);
-      entropy->restarts_to_go = cinfo->restart_interval;
-      entropy->next_restart_num++;
-      entropy->next_restart_num &= 7;
-    }
-    entropy->restarts_to_go--;
-  }
-
-  /* Encode the MCU data block */
-  block = MCU_data[0];
-  tbl = cinfo->cur_comp_info[0]->ac_tbl_no;
-
-  /* Sections F.1.4.2 & F.1.4.4.2: Encoding of AC coefficients */
-
-  /* Establish EOB (end-of-block) index */
-  for (ke = cinfo->Se; ke > 0; ke--)
-    /* We must apply the point transform by Al.  For AC coefficients this
-     * is an integer division with rounding towards 0.  To do this portably
-     * in C, we shift after obtaining the absolute value.
-     */
-    if ((v = (*block)[jpeg_natural_order[ke]]) >= 0) {
-      if (v >>= cinfo->Al) break;
-    } else {
-      v = -v;
-      if (v >>= cinfo->Al) break;
-    }
-
-  /* Figure F.5: Encode_AC_Coefficients */
-  for (k = cinfo->Ss; k <= ke; k++) {
-    st = entropy->ac_stats[tbl] + 3 * (k - 1);
-    arith_encode(cinfo, st, 0);         /* EOB decision */
-    for (;;) {
-      if ((v = (*block)[jpeg_natural_order[k]]) >= 0) {
-        if (v >>= cinfo->Al) {
-          arith_encode(cinfo, st + 1, 1);
-          arith_encode(cinfo, entropy->fixed_bin, 0);
-          break;
-        }
-      } else {
-        v = -v;
-        if (v >>= cinfo->Al) {
-          arith_encode(cinfo, st + 1, 1);
-          arith_encode(cinfo, entropy->fixed_bin, 1);
-          break;
-        }
-      }
-      arith_encode(cinfo, st + 1, 0);  st += 3;  k++;
-    }
-    st += 2;
-    /* Figure F.8: Encoding the magnitude category of v */
-    m = 0;
-    if (v -= 1) {
-      arith_encode(cinfo, st, 1);
-      m = 1;
-      v2 = v;
-      if (v2 >>= 1) {
-        arith_encode(cinfo, st, 1);
-        m <<= 1;
-        st = entropy->ac_stats[tbl] +
-             (k <= cinfo->arith_ac_K[tbl] ? 189 : 217);
-        while (v2 >>= 1) {
-          arith_encode(cinfo, st, 1);
-          m <<= 1;
-          st += 1;
-        }
-      }
-    }
-    arith_encode(cinfo, st, 0);
-    /* Figure F.9: Encoding the magnitude bit pattern of v */
-    st += 14;
-    while (m >>= 1)
-      arith_encode(cinfo, st, (m & v) ? 1 : 0);
-  }
-  /* Encode EOB decision only if k <= cinfo->Se */
-  if (k <= cinfo->Se) {
-    st = entropy->ac_stats[tbl] + 3 * (k - 1);
-    arith_encode(cinfo, st, 1);
-  }
-
-  return TRUE;
-}
-
-
-/*
- * MCU encoding for DC successive approximation refinement scan.
- */
-
-METHODDEF(boolean)
-encode_mcu_DC_refine(j_compress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  arith_entropy_ptr entropy = (arith_entropy_ptr)cinfo->entropy;
-  unsigned char *st;
-  int Al, blkn;
-
-  /* Emit restart marker if needed */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0) {
-      emit_restart(cinfo, entropy->next_restart_num);
-      entropy->restarts_to_go = cinfo->restart_interval;
-      entropy->next_restart_num++;
-      entropy->next_restart_num &= 7;
-    }
-    entropy->restarts_to_go--;
-  }
-
-  st = entropy->fixed_bin;      /* use fixed probability estimation */
-  Al = cinfo->Al;
-
-  /* Encode the MCU data blocks */
-  for (blkn = 0; blkn < cinfo->blocks_in_MCU; blkn++) {
-    /* We simply emit the Al'th bit of the DC coefficient value. */
-    arith_encode(cinfo, st, (MCU_data[blkn][0][0] >> Al) & 1);
-  }
-
-  return TRUE;
-}
-
-
-/*
- * MCU encoding for AC successive approximation refinement scan.
- */
-
-METHODDEF(boolean)
-encode_mcu_AC_refine(j_compress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  arith_entropy_ptr entropy = (arith_entropy_ptr)cinfo->entropy;
-  JBLOCKROW block;
-  unsigned char *st;
-  int tbl, k, ke, kex;
-  int v;
-
-  /* Emit restart marker if needed */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0) {
-      emit_restart(cinfo, entropy->next_restart_num);
-      entropy->restarts_to_go = cinfo->restart_interval;
-      entropy->next_restart_num++;
-      entropy->next_restart_num &= 7;
-    }
-    entropy->restarts_to_go--;
-  }
-
-  /* Encode the MCU data block */
-  block = MCU_data[0];
-  tbl = cinfo->cur_comp_info[0]->ac_tbl_no;
-
-  /* Section G.1.3.3: Encoding of AC coefficients */
-
-  /* Establish EOB (end-of-block) index */
-  for (ke = cinfo->Se; ke > 0; ke--)
-    /* We must apply the point transform by Al.  For AC coefficients this
-     * is an integer division with rounding towards 0.  To do this portably
-     * in C, we shift after obtaining the absolute value.
-     */
-    if ((v = (*block)[jpeg_natural_order[ke]]) >= 0) {
-      if (v >>= cinfo->Al) break;
-    } else {
-      v = -v;
-      if (v >>= cinfo->Al) break;
-    }
-
-  /* Establish EOBx (previous stage end-of-block) index */
-  for (kex = ke; kex > 0; kex--)
-    if ((v = (*block)[jpeg_natural_order[kex]]) >= 0) {
-      if (v >>= cinfo->Ah) break;
-    } else {
-      v = -v;
-      if (v >>= cinfo->Ah) break;
-    }
-
-  /* Figure G.10: Encode_AC_Coefficients_SA */
-  for (k = cinfo->Ss; k <= ke; k++) {
-    st = entropy->ac_stats[tbl] + 3 * (k - 1);
-    if (k > kex)
-      arith_encode(cinfo, st, 0);       /* EOB decision */
-    for (;;) {
-      if ((v = (*block)[jpeg_natural_order[k]]) >= 0) {
-        if (v >>= cinfo->Al) {
-          if (v >> 1)                   /* previously nonzero coef */
-            arith_encode(cinfo, st + 2, (v & 1));
-          else {                        /* newly nonzero coef */
-            arith_encode(cinfo, st + 1, 1);
-            arith_encode(cinfo, entropy->fixed_bin, 0);
-          }
-          break;
-        }
-      } else {
-        v = -v;
-        if (v >>= cinfo->Al) {
-          if (v >> 1)                   /* previously nonzero coef */
-            arith_encode(cinfo, st + 2, (v & 1));
-          else {                        /* newly nonzero coef */
-            arith_encode(cinfo, st + 1, 1);
-            arith_encode(cinfo, entropy->fixed_bin, 1);
-          }
-          break;
-        }
-      }
-      arith_encode(cinfo, st + 1, 0);  st += 3;  k++;
-    }
-  }
-  /* Encode EOB decision only if k <= cinfo->Se */
-  if (k <= cinfo->Se) {
-    st = entropy->ac_stats[tbl] + 3 * (k - 1);
-    arith_encode(cinfo, st, 1);
-  }
-
-  return TRUE;
-}
-
-
-/*
- * Encode and output one MCU's worth of arithmetic-compressed coefficients.
- */
-
-METHODDEF(boolean)
-encode_mcu(j_compress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  arith_entropy_ptr entropy = (arith_entropy_ptr)cinfo->entropy;
-  jpeg_component_info *compptr;
-  JBLOCKROW block;
-  unsigned char *st;
-  int blkn, ci, tbl, k, ke;
-  int v, v2, m;
-
-  /* Emit restart marker if needed */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0) {
-      emit_restart(cinfo, entropy->next_restart_num);
-      entropy->restarts_to_go = cinfo->restart_interval;
-      entropy->next_restart_num++;
-      entropy->next_restart_num &= 7;
-    }
-    entropy->restarts_to_go--;
-  }
-
-  /* Encode the MCU data blocks */
-  for (blkn = 0; blkn < cinfo->blocks_in_MCU; blkn++) {
-    block = MCU_data[blkn];
-    ci = cinfo->MCU_membership[blkn];
-    compptr = cinfo->cur_comp_info[ci];
-
-    /* Sections F.1.4.1 & F.1.4.4.1: Encoding of DC coefficients */
-
-    tbl = compptr->dc_tbl_no;
-
-    /* Table F.4: Point to statistics bin S0 for DC coefficient coding */
-    st = entropy->dc_stats[tbl] + entropy->dc_context[ci];
-
-    /* Figure F.4: Encode_DC_DIFF */
-    if ((v = (*block)[0] - entropy->last_dc_val[ci]) == 0) {
-      arith_encode(cinfo, st, 0);
-      entropy->dc_context[ci] = 0;      /* zero diff category */
-    } else {
-      entropy->last_dc_val[ci] = (*block)[0];
-      arith_encode(cinfo, st, 1);
-      /* Figure F.6: Encoding nonzero value v */
-      /* Figure F.7: Encoding the sign of v */
-      if (v > 0) {
-        arith_encode(cinfo, st + 1, 0); /* Table F.4: SS = S0 + 1 */
-        st += 2;                        /* Table F.4: SP = S0 + 2 */
-        entropy->dc_context[ci] = 4;    /* small positive diff category */
-      } else {
-        v = -v;
-        arith_encode(cinfo, st + 1, 1); /* Table F.4: SS = S0 + 1 */
-        st += 3;                        /* Table F.4: SN = S0 + 3 */
-        entropy->dc_context[ci] = 8;    /* small negative diff category */
-      }
-      /* Figure F.8: Encoding the magnitude category of v */
-      m = 0;
-      if (v -= 1) {
-        arith_encode(cinfo, st, 1);
-        m = 1;
-        v2 = v;
-        st = entropy->dc_stats[tbl] + 20; /* Table F.4: X1 = 20 */
-        while (v2 >>= 1) {
-          arith_encode(cinfo, st, 1);
-          m <<= 1;
-          st += 1;
-        }
-      }
-      arith_encode(cinfo, st, 0);
-      /* Section F.1.4.4.1.2: Establish dc_context conditioning category */
-      if (m < (int)((1L << cinfo->arith_dc_L[tbl]) >> 1))
-        entropy->dc_context[ci] = 0;    /* zero diff category */
-      else if (m > (int)((1L << cinfo->arith_dc_U[tbl]) >> 1))
-        entropy->dc_context[ci] += 8;   /* large diff category */
-      /* Figure F.9: Encoding the magnitude bit pattern of v */
-      st += 14;
-      while (m >>= 1)
-        arith_encode(cinfo, st, (m & v) ? 1 : 0);
-    }
-
-    /* Sections F.1.4.2 & F.1.4.4.2: Encoding of AC coefficients */
-
-    tbl = compptr->ac_tbl_no;
-
-    /* Establish EOB (end-of-block) index */
-    for (ke = DCTSIZE2 - 1; ke > 0; ke--)
-      if ((*block)[jpeg_natural_order[ke]]) break;
-
-    /* Figure F.5: Encode_AC_Coefficients */
-    for (k = 1; k <= ke; k++) {
-      st = entropy->ac_stats[tbl] + 3 * (k - 1);
-      arith_encode(cinfo, st, 0);       /* EOB decision */
-      while ((v = (*block)[jpeg_natural_order[k]]) == 0) {
-        arith_encode(cinfo, st + 1, 0);  st += 3;  k++;
-      }
-      arith_encode(cinfo, st + 1, 1);
-      /* Figure F.6: Encoding nonzero value v */
-      /* Figure F.7: Encoding the sign of v */
-      if (v > 0) {
-        arith_encode(cinfo, entropy->fixed_bin, 0);
-      } else {
-        v = -v;
-        arith_encode(cinfo, entropy->fixed_bin, 1);
-      }
-      st += 2;
-      /* Figure F.8: Encoding the magnitude category of v */
-      m = 0;
-      if (v -= 1) {
-        arith_encode(cinfo, st, 1);
-        m = 1;
-        v2 = v;
-        if (v2 >>= 1) {
-          arith_encode(cinfo, st, 1);
-          m <<= 1;
-          st = entropy->ac_stats[tbl] +
-               (k <= cinfo->arith_ac_K[tbl] ? 189 : 217);
-          while (v2 >>= 1) {
-            arith_encode(cinfo, st, 1);
-            m <<= 1;
-            st += 1;
-          }
-        }
-      }
-      arith_encode(cinfo, st, 0);
-      /* Figure F.9: Encoding the magnitude bit pattern of v */
-      st += 14;
-      while (m >>= 1)
-        arith_encode(cinfo, st, (m & v) ? 1 : 0);
-    }
-    /* Encode EOB decision only if k <= DCTSIZE2 - 1 */
-    if (k <= DCTSIZE2 - 1) {
-      st = entropy->ac_stats[tbl] + 3 * (k - 1);
-      arith_encode(cinfo, st, 1);
-    }
-  }
-
-  return TRUE;
-}
-
-
-/*
- * Initialize for an arithmetic-compressed scan.
- */
-
-METHODDEF(void)
-start_pass(j_compress_ptr cinfo, boolean gather_statistics)
-{
-  arith_entropy_ptr entropy = (arith_entropy_ptr)cinfo->entropy;
-  int ci, tbl;
-  jpeg_component_info *compptr;
-
-  if (gather_statistics)
-    /* Make sure to avoid that in the master control logic!
-     * We are fully adaptive here and need no extra
-     * statistics gathering pass!
-     */
-    ERREXIT(cinfo, JERR_NOT_COMPILED);
-
-  /* We assume jcmaster.c already validated the progressive scan parameters. */
-
-  /* Select execution routines */
-  if (cinfo->progressive_mode) {
-    if (cinfo->Ah == 0) {
-      if (cinfo->Ss == 0)
-        entropy->pub.encode_mcu = encode_mcu_DC_first;
-      else
-        entropy->pub.encode_mcu = encode_mcu_AC_first;
-    } else {
-      if (cinfo->Ss == 0)
-        entropy->pub.encode_mcu = encode_mcu_DC_refine;
-      else
-        entropy->pub.encode_mcu = encode_mcu_AC_refine;
-    }
-  } else
-    entropy->pub.encode_mcu = encode_mcu;
-
-  /* Allocate & initialize requested statistics areas */
-  for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-    compptr = cinfo->cur_comp_info[ci];
-    /* DC needs no table for refinement scan */
-    if (cinfo->progressive_mode == 0 || (cinfo->Ss == 0 && cinfo->Ah == 0)) {
-      tbl = compptr->dc_tbl_no;
-      if (tbl < 0 || tbl >= NUM_ARITH_TBLS)
-        ERREXIT1(cinfo, JERR_NO_ARITH_TABLE, tbl);
-      if (entropy->dc_stats[tbl] == NULL)
-        entropy->dc_stats[tbl] = (unsigned char *)(*cinfo->mem->alloc_small)
-          ((j_common_ptr)cinfo, JPOOL_IMAGE, DC_STAT_BINS);
-      MEMZERO(entropy->dc_stats[tbl], DC_STAT_BINS);
-      /* Initialize DC predictions to 0 */
-      entropy->last_dc_val[ci] = 0;
-      entropy->dc_context[ci] = 0;
-    }
-    /* AC needs no table when not present */
-    if (cinfo->progressive_mode == 0 || cinfo->Se) {
-      tbl = compptr->ac_tbl_no;
-      if (tbl < 0 || tbl >= NUM_ARITH_TBLS)
-        ERREXIT1(cinfo, JERR_NO_ARITH_TABLE, tbl);
-      if (entropy->ac_stats[tbl] == NULL)
-        entropy->ac_stats[tbl] = (unsigned char *)(*cinfo->mem->alloc_small)
-          ((j_common_ptr)cinfo, JPOOL_IMAGE, AC_STAT_BINS);
-      MEMZERO(entropy->ac_stats[tbl], AC_STAT_BINS);
-#ifdef CALCULATE_SPECTRAL_CONDITIONING
-      if (cinfo->progressive_mode)
-        /* Section G.1.3.2: Set appropriate arithmetic conditioning value Kx */
-        cinfo->arith_ac_K[tbl] = cinfo->Ss +
-                                 ((8 + cinfo->Se - cinfo->Ss) >> 4);
-#endif
-    }
-  }
-
-  /* Initialize arithmetic encoding variables */
-  entropy->c = 0;
-  entropy->a = 0x10000L;
-  entropy->sc = 0;
-  entropy->zc = 0;
-  entropy->ct = 11;
-  entropy->buffer = -1;  /* empty */
-
-  /* Initialize restart stuff */
-  entropy->restarts_to_go = cinfo->restart_interval;
-  entropy->next_restart_num = 0;
-}
-
-
-/*
- * Module initialization routine for arithmetic entropy encoding.
- */
-
-GLOBAL(void)
-jinit_arith_encoder(j_compress_ptr cinfo)
-{
-  arith_entropy_ptr entropy;
-  int i;
-
-  entropy = (arith_entropy_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(arith_entropy_encoder));
-  cinfo->entropy = (struct jpeg_entropy_encoder *)entropy;
-  entropy->pub.start_pass = start_pass;
-  entropy->pub.finish_pass = finish_pass;
-
-  /* Mark tables unallocated */
-  for (i = 0; i < NUM_ARITH_TBLS; i++) {
-    entropy->dc_stats[i] = NULL;
-    entropy->ac_stats[i] = NULL;
-  }
-
-  /* Initialize index for fixed probability estimation */
-  entropy->fixed_bin[0] = 113;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jccoefct.c b/3rdparty/libjpeg-turbo_2_1_0/jccoefct.c
deleted file mode 100644
index 068232a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jccoefct.c
+++ /dev/null
@@ -1,449 +0,0 @@
-/*
- * jccoefct.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1997, Thomas G. Lane.
- * It was modified by The libjpeg-turbo Project to include only code and
- * information relevant to libjpeg-turbo.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains the coefficient buffer controller for compression.
- * This controller is the top level of the JPEG compressor proper.
- * The coefficient buffer lies between forward-DCT and entropy encoding steps.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-
-
-/* We use a full-image coefficient buffer when doing Huffman optimization,
- * and also for writing multiple-scan JPEG files.  In all cases, the DCT
- * step is run during the first pass, and subsequent passes need only read
- * the buffered coefficients.
- */
-#ifdef ENTROPY_OPT_SUPPORTED
-#define FULL_COEF_BUFFER_SUPPORTED
-#else
-#ifdef C_MULTISCAN_FILES_SUPPORTED
-#define FULL_COEF_BUFFER_SUPPORTED
-#endif
-#endif
-
-
-/* Private buffer controller object */
-
-typedef struct {
-  struct jpeg_c_coef_controller pub; /* public fields */
-
-  JDIMENSION iMCU_row_num;      /* iMCU row # within image */
-  JDIMENSION mcu_ctr;           /* counts MCUs processed in current row */
-  int MCU_vert_offset;          /* counts MCU rows within iMCU row */
-  int MCU_rows_per_iMCU_row;    /* number of such rows needed */
-
-  /* For single-pass compression, it's sufficient to buffer just one MCU
-   * (although this may prove a bit slow in practice).  We allocate a
-   * workspace of C_MAX_BLOCKS_IN_MCU coefficient blocks, and reuse it for each
-   * MCU constructed and sent.  In multi-pass modes, this array points to the
-   * current MCU's blocks within the virtual arrays.
-   */
-  JBLOCKROW MCU_buffer[C_MAX_BLOCKS_IN_MCU];
-
-  /* In multi-pass modes, we need a virtual block array for each component. */
-  jvirt_barray_ptr whole_image[MAX_COMPONENTS];
-} my_coef_controller;
-
-typedef my_coef_controller *my_coef_ptr;
-
-
-/* Forward declarations */
-METHODDEF(boolean) compress_data(j_compress_ptr cinfo, JSAMPIMAGE input_buf);
-#ifdef FULL_COEF_BUFFER_SUPPORTED
-METHODDEF(boolean) compress_first_pass(j_compress_ptr cinfo,
-                                       JSAMPIMAGE input_buf);
-METHODDEF(boolean) compress_output(j_compress_ptr cinfo, JSAMPIMAGE input_buf);
-#endif
-
-
-LOCAL(void)
-start_iMCU_row(j_compress_ptr cinfo)
-/* Reset within-iMCU-row counters for a new row */
-{
-  my_coef_ptr coef = (my_coef_ptr)cinfo->coef;
-
-  /* In an interleaved scan, an MCU row is the same as an iMCU row.
-   * In a noninterleaved scan, an iMCU row has v_samp_factor MCU rows.
-   * But at the bottom of the image, process only what's left.
-   */
-  if (cinfo->comps_in_scan > 1) {
-    coef->MCU_rows_per_iMCU_row = 1;
-  } else {
-    if (coef->iMCU_row_num < (cinfo->total_iMCU_rows - 1))
-      coef->MCU_rows_per_iMCU_row = cinfo->cur_comp_info[0]->v_samp_factor;
-    else
-      coef->MCU_rows_per_iMCU_row = cinfo->cur_comp_info[0]->last_row_height;
-  }
-
-  coef->mcu_ctr = 0;
-  coef->MCU_vert_offset = 0;
-}
-
-
-/*
- * Initialize for a processing pass.
- */
-
-METHODDEF(void)
-start_pass_coef(j_compress_ptr cinfo, J_BUF_MODE pass_mode)
-{
-  my_coef_ptr coef = (my_coef_ptr)cinfo->coef;
-
-  coef->iMCU_row_num = 0;
-  start_iMCU_row(cinfo);
-
-  switch (pass_mode) {
-  case JBUF_PASS_THRU:
-    if (coef->whole_image[0] != NULL)
-      ERREXIT(cinfo, JERR_BAD_BUFFER_MODE);
-    coef->pub.compress_data = compress_data;
-    break;
-#ifdef FULL_COEF_BUFFER_SUPPORTED
-  case JBUF_SAVE_AND_PASS:
-    if (coef->whole_image[0] == NULL)
-      ERREXIT(cinfo, JERR_BAD_BUFFER_MODE);
-    coef->pub.compress_data = compress_first_pass;
-    break;
-  case JBUF_CRANK_DEST:
-    if (coef->whole_image[0] == NULL)
-      ERREXIT(cinfo, JERR_BAD_BUFFER_MODE);
-    coef->pub.compress_data = compress_output;
-    break;
-#endif
-  default:
-    ERREXIT(cinfo, JERR_BAD_BUFFER_MODE);
-    break;
-  }
-}
-
-
-/*
- * Process some data in the single-pass case.
- * We process the equivalent of one fully interleaved MCU row ("iMCU" row)
- * per call, ie, v_samp_factor block rows for each component in the image.
- * Returns TRUE if the iMCU row is completed, FALSE if suspended.
- *
- * NB: input_buf contains a plane for each component in image,
- * which we index according to the component's SOF position.
- */
-
-METHODDEF(boolean)
-compress_data(j_compress_ptr cinfo, JSAMPIMAGE input_buf)
-{
-  my_coef_ptr coef = (my_coef_ptr)cinfo->coef;
-  JDIMENSION MCU_col_num;       /* index of current MCU within row */
-  JDIMENSION last_MCU_col = cinfo->MCUs_per_row - 1;
-  JDIMENSION last_iMCU_row = cinfo->total_iMCU_rows - 1;
-  int blkn, bi, ci, yindex, yoffset, blockcnt;
-  JDIMENSION ypos, xpos;
-  jpeg_component_info *compptr;
-
-  /* Loop to write as much as one whole iMCU row */
-  for (yoffset = coef->MCU_vert_offset; yoffset < coef->MCU_rows_per_iMCU_row;
-       yoffset++) {
-    for (MCU_col_num = coef->mcu_ctr; MCU_col_num <= last_MCU_col;
-         MCU_col_num++) {
-      /* Determine where data comes from in input_buf and do the DCT thing.
-       * Each call on forward_DCT processes a horizontal row of DCT blocks
-       * as wide as an MCU; we rely on having allocated the MCU_buffer[] blocks
-       * sequentially.  Dummy blocks at the right or bottom edge are filled in
-       * specially.  The data in them does not matter for image reconstruction,
-       * so we fill them with values that will encode to the smallest amount of
-       * data, viz: all zeroes in the AC entries, DC entries equal to previous
-       * block's DC value.  (Thanks to Thomas Kinsman for this idea.)
-       */
-      blkn = 0;
-      for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-        compptr = cinfo->cur_comp_info[ci];
-        blockcnt = (MCU_col_num < last_MCU_col) ? compptr->MCU_width :
-                                                  compptr->last_col_width;
-        xpos = MCU_col_num * compptr->MCU_sample_width;
-        ypos = yoffset * DCTSIZE; /* ypos == (yoffset+yindex) * DCTSIZE */
-        for (yindex = 0; yindex < compptr->MCU_height; yindex++) {
-          if (coef->iMCU_row_num < last_iMCU_row ||
-              yoffset + yindex < compptr->last_row_height) {
-            (*cinfo->fdct->forward_DCT) (cinfo, compptr,
-                                         input_buf[compptr->component_index],
-                                         coef->MCU_buffer[blkn],
-                                         ypos, xpos, (JDIMENSION)blockcnt);
-            if (blockcnt < compptr->MCU_width) {
-              /* Create some dummy blocks at the right edge of the image. */
-              jzero_far((void *)coef->MCU_buffer[blkn + blockcnt],
-                        (compptr->MCU_width - blockcnt) * sizeof(JBLOCK));
-              for (bi = blockcnt; bi < compptr->MCU_width; bi++) {
-                coef->MCU_buffer[blkn + bi][0][0] =
-                  coef->MCU_buffer[blkn + bi - 1][0][0];
-              }
-            }
-          } else {
-            /* Create a row of dummy blocks at the bottom of the image. */
-            jzero_far((void *)coef->MCU_buffer[blkn],
-                      compptr->MCU_width * sizeof(JBLOCK));
-            for (bi = 0; bi < compptr->MCU_width; bi++) {
-              coef->MCU_buffer[blkn + bi][0][0] =
-                coef->MCU_buffer[blkn - 1][0][0];
-            }
-          }
-          blkn += compptr->MCU_width;
-          ypos += DCTSIZE;
-        }
-      }
-      /* Try to write the MCU.  In event of a suspension failure, we will
-       * re-DCT the MCU on restart (a bit inefficient, could be fixed...)
-       */
-      if (!(*cinfo->entropy->encode_mcu) (cinfo, coef->MCU_buffer)) {
-        /* Suspension forced; update state counters and exit */
-        coef->MCU_vert_offset = yoffset;
-        coef->mcu_ctr = MCU_col_num;
-        return FALSE;
-      }
-    }
-    /* Completed an MCU row, but perhaps not an iMCU row */
-    coef->mcu_ctr = 0;
-  }
-  /* Completed the iMCU row, advance counters for next one */
-  coef->iMCU_row_num++;
-  start_iMCU_row(cinfo);
-  return TRUE;
-}
-
-
-#ifdef FULL_COEF_BUFFER_SUPPORTED
-
-/*
- * Process some data in the first pass of a multi-pass case.
- * We process the equivalent of one fully interleaved MCU row ("iMCU" row)
- * per call, ie, v_samp_factor block rows for each component in the image.
- * This amount of data is read from the source buffer, DCT'd and quantized,
- * and saved into the virtual arrays.  We also generate suitable dummy blocks
- * as needed at the right and lower edges.  (The dummy blocks are constructed
- * in the virtual arrays, which have been padded appropriately.)  This makes
- * it possible for subsequent passes not to worry about real vs. dummy blocks.
- *
- * We must also emit the data to the entropy encoder.  This is conveniently
- * done by calling compress_output() after we've loaded the current strip
- * of the virtual arrays.
- *
- * NB: input_buf contains a plane for each component in image.  All
- * components are DCT'd and loaded into the virtual arrays in this pass.
- * However, it may be that only a subset of the components are emitted to
- * the entropy encoder during this first pass; be careful about looking
- * at the scan-dependent variables (MCU dimensions, etc).
- */
-
-METHODDEF(boolean)
-compress_first_pass(j_compress_ptr cinfo, JSAMPIMAGE input_buf)
-{
-  my_coef_ptr coef = (my_coef_ptr)cinfo->coef;
-  JDIMENSION last_iMCU_row = cinfo->total_iMCU_rows - 1;
-  JDIMENSION blocks_across, MCUs_across, MCUindex;
-  int bi, ci, h_samp_factor, block_row, block_rows, ndummy;
-  JCOEF lastDC;
-  jpeg_component_info *compptr;
-  JBLOCKARRAY buffer;
-  JBLOCKROW thisblockrow, lastblockrow;
-
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    /* Align the virtual buffer for this component. */
-    buffer = (*cinfo->mem->access_virt_barray)
-      ((j_common_ptr)cinfo, coef->whole_image[ci],
-       coef->iMCU_row_num * compptr->v_samp_factor,
-       (JDIMENSION)compptr->v_samp_factor, TRUE);
-    /* Count non-dummy DCT block rows in this iMCU row. */
-    if (coef->iMCU_row_num < last_iMCU_row)
-      block_rows = compptr->v_samp_factor;
-    else {
-      /* NB: can't use last_row_height here, since may not be set! */
-      block_rows = (int)(compptr->height_in_blocks % compptr->v_samp_factor);
-      if (block_rows == 0) block_rows = compptr->v_samp_factor;
-    }
-    blocks_across = compptr->width_in_blocks;
-    h_samp_factor = compptr->h_samp_factor;
-    /* Count number of dummy blocks to be added at the right margin. */
-    ndummy = (int)(blocks_across % h_samp_factor);
-    if (ndummy > 0)
-      ndummy = h_samp_factor - ndummy;
-    /* Perform DCT for all non-dummy blocks in this iMCU row.  Each call
-     * on forward_DCT processes a complete horizontal row of DCT blocks.
-     */
-    for (block_row = 0; block_row < block_rows; block_row++) {
-      thisblockrow = buffer[block_row];
-      (*cinfo->fdct->forward_DCT) (cinfo, compptr,
-                                   input_buf[ci], thisblockrow,
-                                   (JDIMENSION)(block_row * DCTSIZE),
-                                   (JDIMENSION)0, blocks_across);
-      if (ndummy > 0) {
-        /* Create dummy blocks at the right edge of the image. */
-        thisblockrow += blocks_across; /* => first dummy block */
-        jzero_far((void *)thisblockrow, ndummy * sizeof(JBLOCK));
-        lastDC = thisblockrow[-1][0];
-        for (bi = 0; bi < ndummy; bi++) {
-          thisblockrow[bi][0] = lastDC;
-        }
-      }
-    }
-    /* If at end of image, create dummy block rows as needed.
-     * The tricky part here is that within each MCU, we want the DC values
-     * of the dummy blocks to match the last real block's DC value.
-     * This squeezes a few more bytes out of the resulting file...
-     */
-    if (coef->iMCU_row_num == last_iMCU_row) {
-      blocks_across += ndummy;  /* include lower right corner */
-      MCUs_across = blocks_across / h_samp_factor;
-      for (block_row = block_rows; block_row < compptr->v_samp_factor;
-           block_row++) {
-        thisblockrow = buffer[block_row];
-        lastblockrow = buffer[block_row - 1];
-        jzero_far((void *)thisblockrow,
-                  (size_t)(blocks_across * sizeof(JBLOCK)));
-        for (MCUindex = 0; MCUindex < MCUs_across; MCUindex++) {
-          lastDC = lastblockrow[h_samp_factor - 1][0];
-          for (bi = 0; bi < h_samp_factor; bi++) {
-            thisblockrow[bi][0] = lastDC;
-          }
-          thisblockrow += h_samp_factor; /* advance to next MCU in row */
-          lastblockrow += h_samp_factor;
-        }
-      }
-    }
-  }
-  /* NB: compress_output will increment iMCU_row_num if successful.
-   * A suspension return will result in redoing all the work above next time.
-   */
-
-  /* Emit data to the entropy encoder, sharing code with subsequent passes */
-  return compress_output(cinfo, input_buf);
-}
-
-
-/*
- * Process some data in subsequent passes of a multi-pass case.
- * We process the equivalent of one fully interleaved MCU row ("iMCU" row)
- * per call, ie, v_samp_factor block rows for each component in the scan.
- * The data is obtained from the virtual arrays and fed to the entropy coder.
- * Returns TRUE if the iMCU row is completed, FALSE if suspended.
- *
- * NB: input_buf is ignored; it is likely to be a NULL pointer.
- */
-
-METHODDEF(boolean)
-compress_output(j_compress_ptr cinfo, JSAMPIMAGE input_buf)
-{
-  my_coef_ptr coef = (my_coef_ptr)cinfo->coef;
-  JDIMENSION MCU_col_num;       /* index of current MCU within row */
-  int blkn, ci, xindex, yindex, yoffset;
-  JDIMENSION start_col;
-  JBLOCKARRAY buffer[MAX_COMPS_IN_SCAN];
-  JBLOCKROW buffer_ptr;
-  jpeg_component_info *compptr;
-
-  /* Align the virtual buffers for the components used in this scan.
-   * NB: during first pass, this is safe only because the buffers will
-   * already be aligned properly, so jmemmgr.c won't need to do any I/O.
-   */
-  for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-    compptr = cinfo->cur_comp_info[ci];
-    buffer[ci] = (*cinfo->mem->access_virt_barray)
-      ((j_common_ptr)cinfo, coef->whole_image[compptr->component_index],
-       coef->iMCU_row_num * compptr->v_samp_factor,
-       (JDIMENSION)compptr->v_samp_factor, FALSE);
-  }
-
-  /* Loop to process one whole iMCU row */
-  for (yoffset = coef->MCU_vert_offset; yoffset < coef->MCU_rows_per_iMCU_row;
-       yoffset++) {
-    for (MCU_col_num = coef->mcu_ctr; MCU_col_num < cinfo->MCUs_per_row;
-         MCU_col_num++) {
-      /* Construct list of pointers to DCT blocks belonging to this MCU */
-      blkn = 0;                 /* index of current DCT block within MCU */
-      for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-        compptr = cinfo->cur_comp_info[ci];
-        start_col = MCU_col_num * compptr->MCU_width;
-        for (yindex = 0; yindex < compptr->MCU_height; yindex++) {
-          buffer_ptr = buffer[ci][yindex + yoffset] + start_col;
-          for (xindex = 0; xindex < compptr->MCU_width; xindex++) {
-            coef->MCU_buffer[blkn++] = buffer_ptr++;
-          }
-        }
-      }
-      /* Try to write the MCU. */
-      if (!(*cinfo->entropy->encode_mcu) (cinfo, coef->MCU_buffer)) {
-        /* Suspension forced; update state counters and exit */
-        coef->MCU_vert_offset = yoffset;
-        coef->mcu_ctr = MCU_col_num;
-        return FALSE;
-      }
-    }
-    /* Completed an MCU row, but perhaps not an iMCU row */
-    coef->mcu_ctr = 0;
-  }
-  /* Completed the iMCU row, advance counters for next one */
-  coef->iMCU_row_num++;
-  start_iMCU_row(cinfo);
-  return TRUE;
-}
-
-#endif /* FULL_COEF_BUFFER_SUPPORTED */
-
-
-/*
- * Initialize coefficient buffer controller.
- */
-
-GLOBAL(void)
-jinit_c_coef_controller(j_compress_ptr cinfo, boolean need_full_buffer)
-{
-  my_coef_ptr coef;
-
-  coef = (my_coef_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(my_coef_controller));
-  cinfo->coef = (struct jpeg_c_coef_controller *)coef;
-  coef->pub.start_pass = start_pass_coef;
-
-  /* Create the coefficient buffer. */
-  if (need_full_buffer) {
-#ifdef FULL_COEF_BUFFER_SUPPORTED
-    /* Allocate a full-image virtual array for each component, */
-    /* padded to a multiple of samp_factor DCT blocks in each direction. */
-    int ci;
-    jpeg_component_info *compptr;
-
-    for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-         ci++, compptr++) {
-      coef->whole_image[ci] = (*cinfo->mem->request_virt_barray)
-        ((j_common_ptr)cinfo, JPOOL_IMAGE, FALSE,
-         (JDIMENSION)jround_up((long)compptr->width_in_blocks,
-                               (long)compptr->h_samp_factor),
-         (JDIMENSION)jround_up((long)compptr->height_in_blocks,
-                               (long)compptr->v_samp_factor),
-         (JDIMENSION)compptr->v_samp_factor);
-    }
-#else
-    ERREXIT(cinfo, JERR_BAD_BUFFER_MODE);
-#endif
-  } else {
-    /* We only need a single-MCU buffer. */
-    JBLOCKROW buffer;
-    int i;
-
-    buffer = (JBLOCKROW)
-      (*cinfo->mem->alloc_large) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                  C_MAX_BLOCKS_IN_MCU * sizeof(JBLOCK));
-    for (i = 0; i < C_MAX_BLOCKS_IN_MCU; i++) {
-      coef->MCU_buffer[i] = buffer + i;
-    }
-    coef->whole_image[0] = NULL; /* flag for no virtual arrays */
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jccolext.c b/3rdparty/libjpeg-turbo_2_1_0/jccolext.c
deleted file mode 100644
index 303b322..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jccolext.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/*
- * jccolext.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1996, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2009-2012, 2015, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains input colorspace conversion routines.
- */
-
-
-/* This file is included by jccolor.c */
-
-
-/*
- * Convert some rows of samples to the JPEG colorspace.
- *
- * Note that we change from the application's interleaved-pixel format
- * to our internal noninterleaved, one-plane-per-component format.
- * The input buffer is therefore three times as wide as the output buffer.
- *
- * A starting row offset is provided only for the output buffer.  The caller
- * can easily adjust the passed input_buf value to accommodate any row
- * offset required on that side.
- */
-
-INLINE
-LOCAL(void)
-rgb_ycc_convert_internal(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                         JSAMPIMAGE output_buf, JDIMENSION output_row,
-                         int num_rows)
-{
-  my_cconvert_ptr cconvert = (my_cconvert_ptr)cinfo->cconvert;
-  register int r, g, b;
-  register JLONG *ctab = cconvert->rgb_ycc_tab;
-  register JSAMPROW inptr;
-  register JSAMPROW outptr0, outptr1, outptr2;
-  register JDIMENSION col;
-  JDIMENSION num_cols = cinfo->image_width;
-
-  while (--num_rows >= 0) {
-    inptr = *input_buf++;
-    outptr0 = output_buf[0][output_row];
-    outptr1 = output_buf[1][output_row];
-    outptr2 = output_buf[2][output_row];
-    output_row++;
-    for (col = 0; col < num_cols; col++) {
-      r = inptr[RGB_RED];
-      g = inptr[RGB_GREEN];
-      b = inptr[RGB_BLUE];
-      inptr += RGB_PIXELSIZE;
-      /* If the inputs are 0..MAXJSAMPLE, the outputs of these equations
-       * must be too; we do not need an explicit range-limiting operation.
-       * Hence the value being shifted is never negative, and we don't
-       * need the general RIGHT_SHIFT macro.
-       */
-      /* Y */
-      outptr0[col] = (JSAMPLE)((ctab[r + R_Y_OFF] + ctab[g + G_Y_OFF] +
-                                ctab[b + B_Y_OFF]) >> SCALEBITS);
-      /* Cb */
-      outptr1[col] = (JSAMPLE)((ctab[r + R_CB_OFF] + ctab[g + G_CB_OFF] +
-                                ctab[b + B_CB_OFF]) >> SCALEBITS);
-      /* Cr */
-      outptr2[col] = (JSAMPLE)((ctab[r + R_CR_OFF] + ctab[g + G_CR_OFF] +
-                                ctab[b + B_CR_OFF]) >> SCALEBITS);
-    }
-  }
-}
-
-
-/**************** Cases other than RGB -> YCbCr **************/
-
-
-/*
- * Convert some rows of samples to the JPEG colorspace.
- * This version handles RGB->grayscale conversion, which is the same
- * as the RGB->Y portion of RGB->YCbCr.
- * We assume rgb_ycc_start has been called (we only use the Y tables).
- */
-
-INLINE
-LOCAL(void)
-rgb_gray_convert_internal(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                          JSAMPIMAGE output_buf, JDIMENSION output_row,
-                          int num_rows)
-{
-  my_cconvert_ptr cconvert = (my_cconvert_ptr)cinfo->cconvert;
-  register int r, g, b;
-  register JLONG *ctab = cconvert->rgb_ycc_tab;
-  register JSAMPROW inptr;
-  register JSAMPROW outptr;
-  register JDIMENSION col;
-  JDIMENSION num_cols = cinfo->image_width;
-
-  while (--num_rows >= 0) {
-    inptr = *input_buf++;
-    outptr = output_buf[0][output_row];
-    output_row++;
-    for (col = 0; col < num_cols; col++) {
-      r = inptr[RGB_RED];
-      g = inptr[RGB_GREEN];
-      b = inptr[RGB_BLUE];
-      inptr += RGB_PIXELSIZE;
-      /* Y */
-      outptr[col] = (JSAMPLE)((ctab[r + R_Y_OFF] + ctab[g + G_Y_OFF] +
-                               ctab[b + B_Y_OFF]) >> SCALEBITS);
-    }
-  }
-}
-
-
-/*
- * Convert some rows of samples to the JPEG colorspace.
- * This version handles extended RGB->plain RGB conversion
- */
-
-INLINE
-LOCAL(void)
-rgb_rgb_convert_internal(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                         JSAMPIMAGE output_buf, JDIMENSION output_row,
-                         int num_rows)
-{
-  register JSAMPROW inptr;
-  register JSAMPROW outptr0, outptr1, outptr2;
-  register JDIMENSION col;
-  JDIMENSION num_cols = cinfo->image_width;
-
-  while (--num_rows >= 0) {
-    inptr = *input_buf++;
-    outptr0 = output_buf[0][output_row];
-    outptr1 = output_buf[1][output_row];
-    outptr2 = output_buf[2][output_row];
-    output_row++;
-    for (col = 0; col < num_cols; col++) {
-      outptr0[col] = inptr[RGB_RED];
-      outptr1[col] = inptr[RGB_GREEN];
-      outptr2[col] = inptr[RGB_BLUE];
-      inptr += RGB_PIXELSIZE;
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jccolor.c b/3rdparty/libjpeg-turbo_2_1_0/jccolor.c
deleted file mode 100644
index bdc563c..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jccolor.c
+++ /dev/null
@@ -1,710 +0,0 @@
-/*
- * jccolor.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1996, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2009-2012, 2015, D. R. Commander.
- * Copyright (C) 2014, MIPS Technologies, Inc., California.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains input colorspace conversion routines.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jsimd.h"
-#include "jconfigint.h"
-
-
-/* Private subobject */
-
-typedef struct {
-  struct jpeg_color_converter pub; /* public fields */
-
-  /* Private state for RGB->YCC conversion */
-  JLONG *rgb_ycc_tab;           /* => table for RGB to YCbCr conversion */
-} my_color_converter;
-
-typedef my_color_converter *my_cconvert_ptr;
-
-
-/**************** RGB -> YCbCr conversion: most common case **************/
-
-/*
- * YCbCr is defined per CCIR 601-1, except that Cb and Cr are
- * normalized to the range 0..MAXJSAMPLE rather than -0.5 .. 0.5.
- * The conversion equations to be implemented are therefore
- *      Y  =  0.29900 * R + 0.58700 * G + 0.11400 * B
- *      Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B  + CENTERJSAMPLE
- *      Cr =  0.50000 * R - 0.41869 * G - 0.08131 * B  + CENTERJSAMPLE
- * (These numbers are derived from TIFF 6.0 section 21, dated 3-June-92.)
- * Note: older versions of the IJG code used a zero offset of MAXJSAMPLE/2,
- * rather than CENTERJSAMPLE, for Cb and Cr.  This gave equal positive and
- * negative swings for Cb/Cr, but meant that grayscale values (Cb=Cr=0)
- * were not represented exactly.  Now we sacrifice exact representation of
- * maximum red and maximum blue in order to get exact grayscales.
- *
- * To avoid floating-point arithmetic, we represent the fractional constants
- * as integers scaled up by 2^16 (about 4 digits precision); we have to divide
- * the products by 2^16, with appropriate rounding, to get the correct answer.
- *
- * For even more speed, we avoid doing any multiplications in the inner loop
- * by precalculating the constants times R,G,B for all possible values.
- * For 8-bit JSAMPLEs this is very reasonable (only 256 entries per table);
- * for 12-bit samples it is still acceptable.  It's not very reasonable for
- * 16-bit samples, but if you want lossless storage you shouldn't be changing
- * colorspace anyway.
- * The CENTERJSAMPLE offsets and the rounding fudge-factor of 0.5 are included
- * in the tables to save adding them separately in the inner loop.
- */
-
-#define SCALEBITS       16      /* speediest right-shift on some machines */
-#define CBCR_OFFSET     ((JLONG)CENTERJSAMPLE << SCALEBITS)
-#define ONE_HALF        ((JLONG)1 << (SCALEBITS - 1))
-#define FIX(x)          ((JLONG)((x) * (1L << SCALEBITS) + 0.5))
-
-/* We allocate one big table and divide it up into eight parts, instead of
- * doing eight alloc_small requests.  This lets us use a single table base
- * address, which can be held in a register in the inner loops on many
- * machines (more than can hold all eight addresses, anyway).
- */
-
-#define R_Y_OFF         0                       /* offset to R => Y section */
-#define G_Y_OFF         (1 * (MAXJSAMPLE + 1))  /* offset to G => Y section */
-#define B_Y_OFF         (2 * (MAXJSAMPLE + 1))  /* etc. */
-#define R_CB_OFF        (3 * (MAXJSAMPLE + 1))
-#define G_CB_OFF        (4 * (MAXJSAMPLE + 1))
-#define B_CB_OFF        (5 * (MAXJSAMPLE + 1))
-#define R_CR_OFF        B_CB_OFF                /* B=>Cb, R=>Cr are the same */
-#define G_CR_OFF        (6 * (MAXJSAMPLE + 1))
-#define B_CR_OFF        (7 * (MAXJSAMPLE + 1))
-#define TABLE_SIZE      (8 * (MAXJSAMPLE + 1))
-
-
-/* Include inline routines for colorspace extensions */
-
-#include "jccolext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-
-#define RGB_RED  EXT_RGB_RED
-#define RGB_GREEN  EXT_RGB_GREEN
-#define RGB_BLUE  EXT_RGB_BLUE
-#define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-#define rgb_ycc_convert_internal  extrgb_ycc_convert_internal
-#define rgb_gray_convert_internal  extrgb_gray_convert_internal
-#define rgb_rgb_convert_internal  extrgb_rgb_convert_internal
-#include "jccolext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef rgb_ycc_convert_internal
-#undef rgb_gray_convert_internal
-#undef rgb_rgb_convert_internal
-
-#define RGB_RED  EXT_RGBX_RED
-#define RGB_GREEN  EXT_RGBX_GREEN
-#define RGB_BLUE  EXT_RGBX_BLUE
-#define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-#define rgb_ycc_convert_internal  extrgbx_ycc_convert_internal
-#define rgb_gray_convert_internal  extrgbx_gray_convert_internal
-#define rgb_rgb_convert_internal  extrgbx_rgb_convert_internal
-#include "jccolext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef rgb_ycc_convert_internal
-#undef rgb_gray_convert_internal
-#undef rgb_rgb_convert_internal
-
-#define RGB_RED  EXT_BGR_RED
-#define RGB_GREEN  EXT_BGR_GREEN
-#define RGB_BLUE  EXT_BGR_BLUE
-#define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-#define rgb_ycc_convert_internal  extbgr_ycc_convert_internal
-#define rgb_gray_convert_internal  extbgr_gray_convert_internal
-#define rgb_rgb_convert_internal  extbgr_rgb_convert_internal
-#include "jccolext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef rgb_ycc_convert_internal
-#undef rgb_gray_convert_internal
-#undef rgb_rgb_convert_internal
-
-#define RGB_RED  EXT_BGRX_RED
-#define RGB_GREEN  EXT_BGRX_GREEN
-#define RGB_BLUE  EXT_BGRX_BLUE
-#define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-#define rgb_ycc_convert_internal  extbgrx_ycc_convert_internal
-#define rgb_gray_convert_internal  extbgrx_gray_convert_internal
-#define rgb_rgb_convert_internal  extbgrx_rgb_convert_internal
-#include "jccolext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef rgb_ycc_convert_internal
-#undef rgb_gray_convert_internal
-#undef rgb_rgb_convert_internal
-
-#define RGB_RED  EXT_XBGR_RED
-#define RGB_GREEN  EXT_XBGR_GREEN
-#define RGB_BLUE  EXT_XBGR_BLUE
-#define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-#define rgb_ycc_convert_internal  extxbgr_ycc_convert_internal
-#define rgb_gray_convert_internal  extxbgr_gray_convert_internal
-#define rgb_rgb_convert_internal  extxbgr_rgb_convert_internal
-#include "jccolext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef rgb_ycc_convert_internal
-#undef rgb_gray_convert_internal
-#undef rgb_rgb_convert_internal
-
-#define RGB_RED  EXT_XRGB_RED
-#define RGB_GREEN  EXT_XRGB_GREEN
-#define RGB_BLUE  EXT_XRGB_BLUE
-#define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-#define rgb_ycc_convert_internal  extxrgb_ycc_convert_internal
-#define rgb_gray_convert_internal  extxrgb_gray_convert_internal
-#define rgb_rgb_convert_internal  extxrgb_rgb_convert_internal
-#include "jccolext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef rgb_ycc_convert_internal
-#undef rgb_gray_convert_internal
-#undef rgb_rgb_convert_internal
-
-
-/*
- * Initialize for RGB->YCC colorspace conversion.
- */
-
-METHODDEF(void)
-rgb_ycc_start(j_compress_ptr cinfo)
-{
-  my_cconvert_ptr cconvert = (my_cconvert_ptr)cinfo->cconvert;
-  JLONG *rgb_ycc_tab;
-  JLONG i;
-
-  /* Allocate and fill in the conversion tables. */
-  cconvert->rgb_ycc_tab = rgb_ycc_tab = (JLONG *)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                (TABLE_SIZE * sizeof(JLONG)));
-
-  for (i = 0; i <= MAXJSAMPLE; i++) {
-    rgb_ycc_tab[i + R_Y_OFF] = FIX(0.29900) * i;
-    rgb_ycc_tab[i + G_Y_OFF] = FIX(0.58700) * i;
-    rgb_ycc_tab[i + B_Y_OFF] = FIX(0.11400) * i   + ONE_HALF;
-    rgb_ycc_tab[i + R_CB_OFF] = (-FIX(0.16874)) * i;
-    rgb_ycc_tab[i + G_CB_OFF] = (-FIX(0.33126)) * i;
-    /* We use a rounding fudge-factor of 0.5-epsilon for Cb and Cr.
-     * This ensures that the maximum output will round to MAXJSAMPLE
-     * not MAXJSAMPLE+1, and thus that we don't have to range-limit.
-     */
-    rgb_ycc_tab[i + B_CB_OFF] = FIX(0.50000) * i  + CBCR_OFFSET + ONE_HALF - 1;
-/*  B=>Cb and R=>Cr tables are the same
-    rgb_ycc_tab[i + R_CR_OFF] = FIX(0.50000) * i  + CBCR_OFFSET + ONE_HALF - 1;
-*/
-    rgb_ycc_tab[i + G_CR_OFF] = (-FIX(0.41869)) * i;
-    rgb_ycc_tab[i + B_CR_OFF] = (-FIX(0.08131)) * i;
-  }
-}
-
-
-/*
- * Convert some rows of samples to the JPEG colorspace.
- */
-
-METHODDEF(void)
-rgb_ycc_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                JSAMPIMAGE output_buf, JDIMENSION output_row, int num_rows)
-{
-  switch (cinfo->in_color_space) {
-  case JCS_EXT_RGB:
-    extrgb_ycc_convert_internal(cinfo, input_buf, output_buf, output_row,
-                                num_rows);
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    extrgbx_ycc_convert_internal(cinfo, input_buf, output_buf, output_row,
-                                 num_rows);
-    break;
-  case JCS_EXT_BGR:
-    extbgr_ycc_convert_internal(cinfo, input_buf, output_buf, output_row,
-                                num_rows);
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    extbgrx_ycc_convert_internal(cinfo, input_buf, output_buf, output_row,
-                                 num_rows);
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    extxbgr_ycc_convert_internal(cinfo, input_buf, output_buf, output_row,
-                                 num_rows);
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    extxrgb_ycc_convert_internal(cinfo, input_buf, output_buf, output_row,
-                                 num_rows);
-    break;
-  default:
-    rgb_ycc_convert_internal(cinfo, input_buf, output_buf, output_row,
-                             num_rows);
-    break;
-  }
-}
-
-
-/**************** Cases other than RGB -> YCbCr **************/
-
-
-/*
- * Convert some rows of samples to the JPEG colorspace.
- */
-
-METHODDEF(void)
-rgb_gray_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                 JSAMPIMAGE output_buf, JDIMENSION output_row, int num_rows)
-{
-  switch (cinfo->in_color_space) {
-  case JCS_EXT_RGB:
-    extrgb_gray_convert_internal(cinfo, input_buf, output_buf, output_row,
-                                 num_rows);
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    extrgbx_gray_convert_internal(cinfo, input_buf, output_buf, output_row,
-                                  num_rows);
-    break;
-  case JCS_EXT_BGR:
-    extbgr_gray_convert_internal(cinfo, input_buf, output_buf, output_row,
-                                 num_rows);
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    extbgrx_gray_convert_internal(cinfo, input_buf, output_buf, output_row,
-                                  num_rows);
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    extxbgr_gray_convert_internal(cinfo, input_buf, output_buf, output_row,
-                                  num_rows);
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    extxrgb_gray_convert_internal(cinfo, input_buf, output_buf, output_row,
-                                  num_rows);
-    break;
-  default:
-    rgb_gray_convert_internal(cinfo, input_buf, output_buf, output_row,
-                              num_rows);
-    break;
-  }
-}
-
-
-/*
- * Extended RGB to plain RGB conversion
- */
-
-METHODDEF(void)
-rgb_rgb_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                JSAMPIMAGE output_buf, JDIMENSION output_row, int num_rows)
-{
-  switch (cinfo->in_color_space) {
-  case JCS_EXT_RGB:
-    extrgb_rgb_convert_internal(cinfo, input_buf, output_buf, output_row,
-                                num_rows);
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    extrgbx_rgb_convert_internal(cinfo, input_buf, output_buf, output_row,
-                                 num_rows);
-    break;
-  case JCS_EXT_BGR:
-    extbgr_rgb_convert_internal(cinfo, input_buf, output_buf, output_row,
-                                num_rows);
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    extbgrx_rgb_convert_internal(cinfo, input_buf, output_buf, output_row,
-                                 num_rows);
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    extxbgr_rgb_convert_internal(cinfo, input_buf, output_buf, output_row,
-                                 num_rows);
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    extxrgb_rgb_convert_internal(cinfo, input_buf, output_buf, output_row,
-                                 num_rows);
-    break;
-  default:
-    rgb_rgb_convert_internal(cinfo, input_buf, output_buf, output_row,
-                             num_rows);
-    break;
-  }
-}
-
-
-/*
- * Convert some rows of samples to the JPEG colorspace.
- * This version handles Adobe-style CMYK->YCCK conversion,
- * where we convert R=1-C, G=1-M, and B=1-Y to YCbCr using the same
- * conversion as above, while passing K (black) unchanged.
- * We assume rgb_ycc_start has been called.
- */
-
-METHODDEF(void)
-cmyk_ycck_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                  JSAMPIMAGE output_buf, JDIMENSION output_row, int num_rows)
-{
-  my_cconvert_ptr cconvert = (my_cconvert_ptr)cinfo->cconvert;
-  register int r, g, b;
-  register JLONG *ctab = cconvert->rgb_ycc_tab;
-  register JSAMPROW inptr;
-  register JSAMPROW outptr0, outptr1, outptr2, outptr3;
-  register JDIMENSION col;
-  JDIMENSION num_cols = cinfo->image_width;
-
-  while (--num_rows >= 0) {
-    inptr = *input_buf++;
-    outptr0 = output_buf[0][output_row];
-    outptr1 = output_buf[1][output_row];
-    outptr2 = output_buf[2][output_row];
-    outptr3 = output_buf[3][output_row];
-    output_row++;
-    for (col = 0; col < num_cols; col++) {
-      r = MAXJSAMPLE - inptr[0];
-      g = MAXJSAMPLE - inptr[1];
-      b = MAXJSAMPLE - inptr[2];
-      /* K passes through as-is */
-      outptr3[col] = inptr[3];
-      inptr += 4;
-      /* If the inputs are 0..MAXJSAMPLE, the outputs of these equations
-       * must be too; we do not need an explicit range-limiting operation.
-       * Hence the value being shifted is never negative, and we don't
-       * need the general RIGHT_SHIFT macro.
-       */
-      /* Y */
-      outptr0[col] = (JSAMPLE)((ctab[r + R_Y_OFF] + ctab[g + G_Y_OFF] +
-                                ctab[b + B_Y_OFF]) >> SCALEBITS);
-      /* Cb */
-      outptr1[col] = (JSAMPLE)((ctab[r + R_CB_OFF] + ctab[g + G_CB_OFF] +
-                                ctab[b + B_CB_OFF]) >> SCALEBITS);
-      /* Cr */
-      outptr2[col] = (JSAMPLE)((ctab[r + R_CR_OFF] + ctab[g + G_CR_OFF] +
-                                ctab[b + B_CR_OFF]) >> SCALEBITS);
-    }
-  }
-}
-
-
-/*
- * Convert some rows of samples to the JPEG colorspace.
- * This version handles grayscale output with no conversion.
- * The source can be either plain grayscale or YCbCr (since Y == gray).
- */
-
-METHODDEF(void)
-grayscale_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                  JSAMPIMAGE output_buf, JDIMENSION output_row, int num_rows)
-{
-  register JSAMPROW inptr;
-  register JSAMPROW outptr;
-  register JDIMENSION col;
-  JDIMENSION num_cols = cinfo->image_width;
-  int instride = cinfo->input_components;
-
-  while (--num_rows >= 0) {
-    inptr = *input_buf++;
-    outptr = output_buf[0][output_row];
-    output_row++;
-    for (col = 0; col < num_cols; col++) {
-      outptr[col] = inptr[0];
-      inptr += instride;
-    }
-  }
-}
-
-
-/*
- * Convert some rows of samples to the JPEG colorspace.
- * This version handles multi-component colorspaces without conversion.
- * We assume input_components == num_components.
- */
-
-METHODDEF(void)
-null_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-             JDIMENSION output_row, int num_rows)
-{
-  register JSAMPROW inptr;
-  register JSAMPROW outptr, outptr0, outptr1, outptr2, outptr3;
-  register JDIMENSION col;
-  register int ci;
-  int nc = cinfo->num_components;
-  JDIMENSION num_cols = cinfo->image_width;
-
-  if (nc == 3) {
-    while (--num_rows >= 0) {
-      inptr = *input_buf++;
-      outptr0 = output_buf[0][output_row];
-      outptr1 = output_buf[1][output_row];
-      outptr2 = output_buf[2][output_row];
-      output_row++;
-      for (col = 0; col < num_cols; col++) {
-        outptr0[col] = *inptr++;
-        outptr1[col] = *inptr++;
-        outptr2[col] = *inptr++;
-      }
-    }
-  } else if (nc == 4) {
-    while (--num_rows >= 0) {
-      inptr = *input_buf++;
-      outptr0 = output_buf[0][output_row];
-      outptr1 = output_buf[1][output_row];
-      outptr2 = output_buf[2][output_row];
-      outptr3 = output_buf[3][output_row];
-      output_row++;
-      for (col = 0; col < num_cols; col++) {
-        outptr0[col] = *inptr++;
-        outptr1[col] = *inptr++;
-        outptr2[col] = *inptr++;
-        outptr3[col] = *inptr++;
-      }
-    }
-  } else {
-    while (--num_rows >= 0) {
-      /* It seems fastest to make a separate pass for each component. */
-      for (ci = 0; ci < nc; ci++) {
-        inptr = *input_buf;
-        outptr = output_buf[ci][output_row];
-        for (col = 0; col < num_cols; col++) {
-          outptr[col] = inptr[ci];
-          inptr += nc;
-        }
-      }
-      input_buf++;
-      output_row++;
-    }
-  }
-}
-
-
-/*
- * Empty method for start_pass.
- */
-
-METHODDEF(void)
-null_method(j_compress_ptr cinfo)
-{
-  /* no work needed */
-}
-
-
-/*
- * Module initialization routine for input colorspace conversion.
- */
-
-GLOBAL(void)
-jinit_color_converter(j_compress_ptr cinfo)
-{
-  my_cconvert_ptr cconvert;
-
-  cconvert = (my_cconvert_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(my_color_converter));
-  cinfo->cconvert = (struct jpeg_color_converter *)cconvert;
-  /* set start_pass to null method until we find out differently */
-  cconvert->pub.start_pass = null_method;
-
-  /* Make sure input_components agrees with in_color_space */
-  switch (cinfo->in_color_space) {
-  case JCS_GRAYSCALE:
-    if (cinfo->input_components != 1)
-      ERREXIT(cinfo, JERR_BAD_IN_COLORSPACE);
-    break;
-
-  case JCS_RGB:
-  case JCS_EXT_RGB:
-  case JCS_EXT_RGBX:
-  case JCS_EXT_BGR:
-  case JCS_EXT_BGRX:
-  case JCS_EXT_XBGR:
-  case JCS_EXT_XRGB:
-  case JCS_EXT_RGBA:
-  case JCS_EXT_BGRA:
-  case JCS_EXT_ABGR:
-  case JCS_EXT_ARGB:
-    if (cinfo->input_components != rgb_pixelsize[cinfo->in_color_space])
-      ERREXIT(cinfo, JERR_BAD_IN_COLORSPACE);
-    break;
-
-  case JCS_YCbCr:
-    if (cinfo->input_components != 3)
-      ERREXIT(cinfo, JERR_BAD_IN_COLORSPACE);
-    break;
-
-  case JCS_CMYK:
-  case JCS_YCCK:
-    if (cinfo->input_components != 4)
-      ERREXIT(cinfo, JERR_BAD_IN_COLORSPACE);
-    break;
-
-  default:                      /* JCS_UNKNOWN can be anything */
-    if (cinfo->input_components < 1)
-      ERREXIT(cinfo, JERR_BAD_IN_COLORSPACE);
-    break;
-  }
-
-  /* Check num_components, set conversion method based on requested space */
-  switch (cinfo->jpeg_color_space) {
-  case JCS_GRAYSCALE:
-    if (cinfo->num_components != 1)
-      ERREXIT(cinfo, JERR_BAD_J_COLORSPACE);
-    if (cinfo->in_color_space == JCS_GRAYSCALE)
-      cconvert->pub.color_convert = grayscale_convert;
-    else if (cinfo->in_color_space == JCS_RGB ||
-             cinfo->in_color_space == JCS_EXT_RGB ||
-             cinfo->in_color_space == JCS_EXT_RGBX ||
-             cinfo->in_color_space == JCS_EXT_BGR ||
-             cinfo->in_color_space == JCS_EXT_BGRX ||
-             cinfo->in_color_space == JCS_EXT_XBGR ||
-             cinfo->in_color_space == JCS_EXT_XRGB ||
-             cinfo->in_color_space == JCS_EXT_RGBA ||
-             cinfo->in_color_space == JCS_EXT_BGRA ||
-             cinfo->in_color_space == JCS_EXT_ABGR ||
-             cinfo->in_color_space == JCS_EXT_ARGB) {
-      if (jsimd_can_rgb_gray())
-        cconvert->pub.color_convert = jsimd_rgb_gray_convert;
-      else {
-        cconvert->pub.start_pass = rgb_ycc_start;
-        cconvert->pub.color_convert = rgb_gray_convert;
-      }
-    } else if (cinfo->in_color_space == JCS_YCbCr)
-      cconvert->pub.color_convert = grayscale_convert;
-    else
-      ERREXIT(cinfo, JERR_CONVERSION_NOTIMPL);
-    break;
-
-  case JCS_RGB:
-    if (cinfo->num_components != 3)
-      ERREXIT(cinfo, JERR_BAD_J_COLORSPACE);
-    if (rgb_red[cinfo->in_color_space] == 0 &&
-        rgb_green[cinfo->in_color_space] == 1 &&
-        rgb_blue[cinfo->in_color_space] == 2 &&
-        rgb_pixelsize[cinfo->in_color_space] == 3) {
-#if defined(__mips__)
-      if (jsimd_c_can_null_convert())
-        cconvert->pub.color_convert = jsimd_c_null_convert;
-      else
-#endif
-        cconvert->pub.color_convert = null_convert;
-    } else if (cinfo->in_color_space == JCS_RGB ||
-               cinfo->in_color_space == JCS_EXT_RGB ||
-               cinfo->in_color_space == JCS_EXT_RGBX ||
-               cinfo->in_color_space == JCS_EXT_BGR ||
-               cinfo->in_color_space == JCS_EXT_BGRX ||
-               cinfo->in_color_space == JCS_EXT_XBGR ||
-               cinfo->in_color_space == JCS_EXT_XRGB ||
-               cinfo->in_color_space == JCS_EXT_RGBA ||
-               cinfo->in_color_space == JCS_EXT_BGRA ||
-               cinfo->in_color_space == JCS_EXT_ABGR ||
-               cinfo->in_color_space == JCS_EXT_ARGB)
-      cconvert->pub.color_convert = rgb_rgb_convert;
-    else
-      ERREXIT(cinfo, JERR_CONVERSION_NOTIMPL);
-    break;
-
-  case JCS_YCbCr:
-    if (cinfo->num_components != 3)
-      ERREXIT(cinfo, JERR_BAD_J_COLORSPACE);
-    if (cinfo->in_color_space == JCS_RGB ||
-        cinfo->in_color_space == JCS_EXT_RGB ||
-        cinfo->in_color_space == JCS_EXT_RGBX ||
-        cinfo->in_color_space == JCS_EXT_BGR ||
-        cinfo->in_color_space == JCS_EXT_BGRX ||
-        cinfo->in_color_space == JCS_EXT_XBGR ||
-        cinfo->in_color_space == JCS_EXT_XRGB ||
-        cinfo->in_color_space == JCS_EXT_RGBA ||
-        cinfo->in_color_space == JCS_EXT_BGRA ||
-        cinfo->in_color_space == JCS_EXT_ABGR ||
-        cinfo->in_color_space == JCS_EXT_ARGB) {
-      if (jsimd_can_rgb_ycc())
-        cconvert->pub.color_convert = jsimd_rgb_ycc_convert;
-      else {
-        cconvert->pub.start_pass = rgb_ycc_start;
-        cconvert->pub.color_convert = rgb_ycc_convert;
-      }
-    } else if (cinfo->in_color_space == JCS_YCbCr) {
-#if defined(__mips__)
-      if (jsimd_c_can_null_convert())
-        cconvert->pub.color_convert = jsimd_c_null_convert;
-      else
-#endif
-        cconvert->pub.color_convert = null_convert;
-    } else
-      ERREXIT(cinfo, JERR_CONVERSION_NOTIMPL);
-    break;
-
-  case JCS_CMYK:
-    if (cinfo->num_components != 4)
-      ERREXIT(cinfo, JERR_BAD_J_COLORSPACE);
-    if (cinfo->in_color_space == JCS_CMYK) {
-#if defined(__mips__)
-      if (jsimd_c_can_null_convert())
-        cconvert->pub.color_convert = jsimd_c_null_convert;
-      else
-#endif
-        cconvert->pub.color_convert = null_convert;
-    } else
-      ERREXIT(cinfo, JERR_CONVERSION_NOTIMPL);
-    break;
-
-  case JCS_YCCK:
-    if (cinfo->num_components != 4)
-      ERREXIT(cinfo, JERR_BAD_J_COLORSPACE);
-    if (cinfo->in_color_space == JCS_CMYK) {
-      cconvert->pub.start_pass = rgb_ycc_start;
-      cconvert->pub.color_convert = cmyk_ycck_convert;
-    } else if (cinfo->in_color_space == JCS_YCCK) {
-#if defined(__mips__)
-      if (jsimd_c_can_null_convert())
-        cconvert->pub.color_convert = jsimd_c_null_convert;
-      else
-#endif
-        cconvert->pub.color_convert = null_convert;
-    } else
-      ERREXIT(cinfo, JERR_CONVERSION_NOTIMPL);
-    break;
-
-  default:                      /* allow null conversion of JCS_UNKNOWN */
-    if (cinfo->jpeg_color_space != cinfo->in_color_space ||
-        cinfo->num_components != cinfo->input_components)
-      ERREXIT(cinfo, JERR_CONVERSION_NOTIMPL);
-#if defined(__mips__)
-    if (jsimd_c_can_null_convert())
-      cconvert->pub.color_convert = jsimd_c_null_convert;
-    else
-#endif
-      cconvert->pub.color_convert = null_convert;
-    break;
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jcdctmgr.c b/3rdparty/libjpeg-turbo_2_1_0/jcdctmgr.c
deleted file mode 100644
index 7dae17a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jcdctmgr.c
+++ /dev/null
@@ -1,720 +0,0 @@
-/*
- * jcdctmgr.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2011, 2014-2015, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains the forward-DCT management logic.
- * This code selects a particular DCT implementation to be used,
- * and it performs related housekeeping chores including coefficient
- * quantization.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jdct.h"               /* Private declarations for DCT subsystem */
-#include "jsimddct.h"
-
-
-/* Private subobject for this module */
-
-typedef void (*forward_DCT_method_ptr) (DCTELEM *data);
-typedef void (*float_DCT_method_ptr) (FAST_FLOAT *data);
-
-typedef void (*convsamp_method_ptr) (JSAMPARRAY sample_data,
-                                     JDIMENSION start_col,
-                                     DCTELEM *workspace);
-typedef void (*float_convsamp_method_ptr) (JSAMPARRAY sample_data,
-                                           JDIMENSION start_col,
-                                           FAST_FLOAT *workspace);
-
-typedef void (*quantize_method_ptr) (JCOEFPTR coef_block, DCTELEM *divisors,
-                                     DCTELEM *workspace);
-typedef void (*float_quantize_method_ptr) (JCOEFPTR coef_block,
-                                           FAST_FLOAT *divisors,
-                                           FAST_FLOAT *workspace);
-
-METHODDEF(void) quantize(JCOEFPTR, DCTELEM *, DCTELEM *);
-
-typedef struct {
-  struct jpeg_forward_dct pub;  /* public fields */
-
-  /* Pointer to the DCT routine actually in use */
-  forward_DCT_method_ptr dct;
-  convsamp_method_ptr convsamp;
-  quantize_method_ptr quantize;
-
-  /* The actual post-DCT divisors --- not identical to the quant table
-   * entries, because of scaling (especially for an unnormalized DCT).
-   * Each table is given in normal array order.
-   */
-  DCTELEM *divisors[NUM_QUANT_TBLS];
-
-  /* work area for FDCT subroutine */
-  DCTELEM *workspace;
-
-#ifdef DCT_FLOAT_SUPPORTED
-  /* Same as above for the floating-point case. */
-  float_DCT_method_ptr float_dct;
-  float_convsamp_method_ptr float_convsamp;
-  float_quantize_method_ptr float_quantize;
-  FAST_FLOAT *float_divisors[NUM_QUANT_TBLS];
-  FAST_FLOAT *float_workspace;
-#endif
-} my_fdct_controller;
-
-typedef my_fdct_controller *my_fdct_ptr;
-
-
-#if BITS_IN_JSAMPLE == 8
-
-/*
- * Find the highest bit in an integer through binary search.
- */
-
-LOCAL(int)
-flss(UINT16 val)
-{
-  int bit;
-
-  bit = 16;
-
-  if (!val)
-    return 0;
-
-  if (!(val & 0xff00)) {
-    bit -= 8;
-    val <<= 8;
-  }
-  if (!(val & 0xf000)) {
-    bit -= 4;
-    val <<= 4;
-  }
-  if (!(val & 0xc000)) {
-    bit -= 2;
-    val <<= 2;
-  }
-  if (!(val & 0x8000)) {
-    bit -= 1;
-    val <<= 1;
-  }
-
-  return bit;
-}
-
-
-/*
- * Compute values to do a division using reciprocal.
- *
- * This implementation is based on an algorithm described in
- *   "How to optimize for the Pentium family of microprocessors"
- *   (http://www.agner.org/assem/).
- * More information about the basic algorithm can be found in
- * the paper "Integer Division Using Reciprocals" by Robert Alverson.
- *
- * The basic idea is to replace x/d by x * d^-1. In order to store
- * d^-1 with enough precision we shift it left a few places. It turns
- * out that this algoright gives just enough precision, and also fits
- * into DCTELEM:
- *
- *   b = (the number of significant bits in divisor) - 1
- *   r = (word size) + b
- *   f = 2^r / divisor
- *
- * f will not be an integer for most cases, so we need to compensate
- * for the rounding error introduced:
- *
- *   no fractional part:
- *
- *       result = input >> r
- *
- *   fractional part of f < 0.5:
- *
- *       round f down to nearest integer
- *       result = ((input + 1) * f) >> r
- *
- *   fractional part of f > 0.5:
- *
- *       round f up to nearest integer
- *       result = (input * f) >> r
- *
- * This is the original algorithm that gives truncated results. But we
- * want properly rounded results, so we replace "input" with
- * "input + divisor/2".
- *
- * In order to allow SIMD implementations we also tweak the values to
- * allow the same calculation to be made at all times:
- *
- *   dctbl[0] = f rounded to nearest integer
- *   dctbl[1] = divisor / 2 (+ 1 if fractional part of f < 0.5)
- *   dctbl[2] = 1 << ((word size) * 2 - r)
- *   dctbl[3] = r - (word size)
- *
- * dctbl[2] is for stupid instruction sets where the shift operation
- * isn't member wise (e.g. MMX).
- *
- * The reason dctbl[2] and dctbl[3] reduce the shift with (word size)
- * is that most SIMD implementations have a "multiply and store top
- * half" operation.
- *
- * Lastly, we store each of the values in their own table instead
- * of in a consecutive manner, yet again in order to allow SIMD
- * routines.
- */
-
-LOCAL(int)
-compute_reciprocal(UINT16 divisor, DCTELEM *dtbl)
-{
-  UDCTELEM2 fq, fr;
-  UDCTELEM c;
-  int b, r;
-
-  if (divisor == 1) {
-    /* divisor == 1 means unquantized, so these reciprocal/correction/shift
-     * values will cause the C quantization algorithm to act like the
-     * identity function.  Since only the C quantization algorithm is used in
-     * these cases, the scale value is irrelevant.
-     */
-    dtbl[DCTSIZE2 * 0] = (DCTELEM)1;                        /* reciprocal */
-    dtbl[DCTSIZE2 * 1] = (DCTELEM)0;                        /* correction */
-    dtbl[DCTSIZE2 * 2] = (DCTELEM)1;                        /* scale */
-    dtbl[DCTSIZE2 * 3] = -(DCTELEM)(sizeof(DCTELEM) * 8);   /* shift */
-    return 0;
-  }
-
-  b = flss(divisor) - 1;
-  r  = sizeof(DCTELEM) * 8 + b;
-
-  fq = ((UDCTELEM2)1 << r) / divisor;
-  fr = ((UDCTELEM2)1 << r) % divisor;
-
-  c = divisor / 2;                      /* for rounding */
-
-  if (fr == 0) {                        /* divisor is power of two */
-    /* fq will be one bit too large to fit in DCTELEM, so adjust */
-    fq >>= 1;
-    r--;
-  } else if (fr <= (divisor / 2U)) {    /* fractional part is < 0.5 */
-    c++;
-  } else {                              /* fractional part is > 0.5 */
-    fq++;
-  }
-
-  dtbl[DCTSIZE2 * 0] = (DCTELEM)fq;     /* reciprocal */
-  dtbl[DCTSIZE2 * 1] = (DCTELEM)c;      /* correction + roundfactor */
-#ifdef WITH_SIMD
-  dtbl[DCTSIZE2 * 2] = (DCTELEM)(1 << (sizeof(DCTELEM) * 8 * 2 - r)); /* scale */
-#else
-  dtbl[DCTSIZE2 * 2] = 1;
-#endif
-  dtbl[DCTSIZE2 * 3] = (DCTELEM)r - sizeof(DCTELEM) * 8; /* shift */
-
-  if (r <= 16) return 0;
-  else return 1;
-}
-
-#endif
-
-
-/*
- * Initialize for a processing pass.
- * Verify that all referenced Q-tables are present, and set up
- * the divisor table for each one.
- * In the current implementation, DCT of all components is done during
- * the first pass, even if only some components will be output in the
- * first scan.  Hence all components should be examined here.
- */
-
-METHODDEF(void)
-start_pass_fdctmgr(j_compress_ptr cinfo)
-{
-  my_fdct_ptr fdct = (my_fdct_ptr)cinfo->fdct;
-  int ci, qtblno, i;
-  jpeg_component_info *compptr;
-  JQUANT_TBL *qtbl;
-  DCTELEM *dtbl;
-
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    qtblno = compptr->quant_tbl_no;
-    /* Make sure specified quantization table is present */
-    if (qtblno < 0 || qtblno >= NUM_QUANT_TBLS ||
-        cinfo->quant_tbl_ptrs[qtblno] == NULL)
-      ERREXIT1(cinfo, JERR_NO_QUANT_TABLE, qtblno);
-    qtbl = cinfo->quant_tbl_ptrs[qtblno];
-    /* Compute divisors for this quant table */
-    /* We may do this more than once for same table, but it's not a big deal */
-    switch (cinfo->dct_method) {
-#ifdef DCT_ISLOW_SUPPORTED
-    case JDCT_ISLOW:
-      /* For LL&M IDCT method, divisors are equal to raw quantization
-       * coefficients multiplied by 8 (to counteract scaling).
-       */
-      if (fdct->divisors[qtblno] == NULL) {
-        fdct->divisors[qtblno] = (DCTELEM *)
-          (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                      (DCTSIZE2 * 4) * sizeof(DCTELEM));
-      }
-      dtbl = fdct->divisors[qtblno];
-      for (i = 0; i < DCTSIZE2; i++) {
-#if BITS_IN_JSAMPLE == 8
-        if (!compute_reciprocal(qtbl->quantval[i] << 3, &dtbl[i]) &&
-            fdct->quantize == jsimd_quantize)
-          fdct->quantize = quantize;
-#else
-        dtbl[i] = ((DCTELEM)qtbl->quantval[i]) << 3;
-#endif
-      }
-      break;
-#endif
-#ifdef DCT_IFAST_SUPPORTED
-    case JDCT_IFAST:
-      {
-        /* For AA&N IDCT method, divisors are equal to quantization
-         * coefficients scaled by scalefactor[row]*scalefactor[col], where
-         *   scalefactor[0] = 1
-         *   scalefactor[k] = cos(k*PI/16) * sqrt(2)    for k=1..7
-         * We apply a further scale factor of 8.
-         */
-#define CONST_BITS  14
-        static const INT16 aanscales[DCTSIZE2] = {
-          /* precomputed values scaled up by 14 bits */
-          16384, 22725, 21407, 19266, 16384, 12873,  8867,  4520,
-          22725, 31521, 29692, 26722, 22725, 17855, 12299,  6270,
-          21407, 29692, 27969, 25172, 21407, 16819, 11585,  5906,
-          19266, 26722, 25172, 22654, 19266, 15137, 10426,  5315,
-          16384, 22725, 21407, 19266, 16384, 12873,  8867,  4520,
-          12873, 17855, 16819, 15137, 12873, 10114,  6967,  3552,
-           8867, 12299, 11585, 10426,  8867,  6967,  4799,  2446,
-           4520,  6270,  5906,  5315,  4520,  3552,  2446,  1247
-        };
-        SHIFT_TEMPS
-
-        if (fdct->divisors[qtblno] == NULL) {
-          fdct->divisors[qtblno] = (DCTELEM *)
-            (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                        (DCTSIZE2 * 4) * sizeof(DCTELEM));
-        }
-        dtbl = fdct->divisors[qtblno];
-        for (i = 0; i < DCTSIZE2; i++) {
-#if BITS_IN_JSAMPLE == 8
-          if (!compute_reciprocal(
-                DESCALE(MULTIPLY16V16((JLONG)qtbl->quantval[i],
-                                      (JLONG)aanscales[i]),
-                        CONST_BITS - 3), &dtbl[i]) &&
-              fdct->quantize == jsimd_quantize)
-            fdct->quantize = quantize;
-#else
-          dtbl[i] = (DCTELEM)
-            DESCALE(MULTIPLY16V16((JLONG)qtbl->quantval[i],
-                                  (JLONG)aanscales[i]),
-                    CONST_BITS - 3);
-#endif
-        }
-      }
-      break;
-#endif
-#ifdef DCT_FLOAT_SUPPORTED
-    case JDCT_FLOAT:
-      {
-        /* For float AA&N IDCT method, divisors are equal to quantization
-         * coefficients scaled by scalefactor[row]*scalefactor[col], where
-         *   scalefactor[0] = 1
-         *   scalefactor[k] = cos(k*PI/16) * sqrt(2)    for k=1..7
-         * We apply a further scale factor of 8.
-         * What's actually stored is 1/divisor so that the inner loop can
-         * use a multiplication rather than a division.
-         */
-        FAST_FLOAT *fdtbl;
-        int row, col;
-        static const double aanscalefactor[DCTSIZE] = {
-          1.0, 1.387039845, 1.306562965, 1.175875602,
-          1.0, 0.785694958, 0.541196100, 0.275899379
-        };
-
-        if (fdct->float_divisors[qtblno] == NULL) {
-          fdct->float_divisors[qtblno] = (FAST_FLOAT *)
-            (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                        DCTSIZE2 * sizeof(FAST_FLOAT));
-        }
-        fdtbl = fdct->float_divisors[qtblno];
-        i = 0;
-        for (row = 0; row < DCTSIZE; row++) {
-          for (col = 0; col < DCTSIZE; col++) {
-            fdtbl[i] = (FAST_FLOAT)
-              (1.0 / (((double)qtbl->quantval[i] *
-                       aanscalefactor[row] * aanscalefactor[col] * 8.0)));
-            i++;
-          }
-        }
-      }
-      break;
-#endif
-    default:
-      ERREXIT(cinfo, JERR_NOT_COMPILED);
-      break;
-    }
-  }
-}
-
-
-/*
- * Load data into workspace, applying unsigned->signed conversion.
- */
-
-METHODDEF(void)
-convsamp(JSAMPARRAY sample_data, JDIMENSION start_col, DCTELEM *workspace)
-{
-  register DCTELEM *workspaceptr;
-  register JSAMPROW elemptr;
-  register int elemr;
-
-  workspaceptr = workspace;
-  for (elemr = 0; elemr < DCTSIZE; elemr++) {
-    elemptr = sample_data[elemr] + start_col;
-
-#if DCTSIZE == 8                /* unroll the inner loop */
-    *workspaceptr++ = (*elemptr++) - CENTERJSAMPLE;
-    *workspaceptr++ = (*elemptr++) - CENTERJSAMPLE;
-    *workspaceptr++ = (*elemptr++) - CENTERJSAMPLE;
-    *workspaceptr++ = (*elemptr++) - CENTERJSAMPLE;
-    *workspaceptr++ = (*elemptr++) - CENTERJSAMPLE;
-    *workspaceptr++ = (*elemptr++) - CENTERJSAMPLE;
-    *workspaceptr++ = (*elemptr++) - CENTERJSAMPLE;
-    *workspaceptr++ = (*elemptr++) - CENTERJSAMPLE;
-#else
-    {
-      register int elemc;
-      for (elemc = DCTSIZE; elemc > 0; elemc--)
-        *workspaceptr++ = (*elemptr++) - CENTERJSAMPLE;
-    }
-#endif
-  }
-}
-
-
-/*
- * Quantize/descale the coefficients, and store into coef_blocks[].
- */
-
-METHODDEF(void)
-quantize(JCOEFPTR coef_block, DCTELEM *divisors, DCTELEM *workspace)
-{
-  int i;
-  DCTELEM temp;
-  JCOEFPTR output_ptr = coef_block;
-
-#if BITS_IN_JSAMPLE == 8
-
-  UDCTELEM recip, corr;
-  int shift;
-  UDCTELEM2 product;
-
-  for (i = 0; i < DCTSIZE2; i++) {
-    temp = workspace[i];
-    recip = divisors[i + DCTSIZE2 * 0];
-    corr =  divisors[i + DCTSIZE2 * 1];
-    shift = divisors[i + DCTSIZE2 * 3];
-
-    if (temp < 0) {
-      temp = -temp;
-      product = (UDCTELEM2)(temp + corr) * recip;
-      product >>= shift + sizeof(DCTELEM) * 8;
-      temp = (DCTELEM)product;
-      temp = -temp;
-    } else {
-      product = (UDCTELEM2)(temp + corr) * recip;
-      product >>= shift + sizeof(DCTELEM) * 8;
-      temp = (DCTELEM)product;
-    }
-    output_ptr[i] = (JCOEF)temp;
-  }
-
-#else
-
-  register DCTELEM qval;
-
-  for (i = 0; i < DCTSIZE2; i++) {
-    qval = divisors[i];
-    temp = workspace[i];
-    /* Divide the coefficient value by qval, ensuring proper rounding.
-     * Since C does not specify the direction of rounding for negative
-     * quotients, we have to force the dividend positive for portability.
-     *
-     * In most files, at least half of the output values will be zero
-     * (at default quantization settings, more like three-quarters...)
-     * so we should ensure that this case is fast.  On many machines,
-     * a comparison is enough cheaper than a divide to make a special test
-     * a win.  Since both inputs will be nonnegative, we need only test
-     * for a < b to discover whether a/b is 0.
-     * If your machine's division is fast enough, define FAST_DIVIDE.
-     */
-#ifdef FAST_DIVIDE
-#define DIVIDE_BY(a, b)  a /= b
-#else
-#define DIVIDE_BY(a, b)  if (a >= b) a /= b;  else a = 0
-#endif
-    if (temp < 0) {
-      temp = -temp;
-      temp += qval >> 1;        /* for rounding */
-      DIVIDE_BY(temp, qval);
-      temp = -temp;
-    } else {
-      temp += qval >> 1;        /* for rounding */
-      DIVIDE_BY(temp, qval);
-    }
-    output_ptr[i] = (JCOEF)temp;
-  }
-
-#endif
-
-}
-
-
-/*
- * Perform forward DCT on one or more blocks of a component.
- *
- * The input samples are taken from the sample_data[] array starting at
- * position start_row/start_col, and moving to the right for any additional
- * blocks. The quantized coefficients are returned in coef_blocks[].
- */
-
-METHODDEF(void)
-forward_DCT(j_compress_ptr cinfo, jpeg_component_info *compptr,
-            JSAMPARRAY sample_data, JBLOCKROW coef_blocks,
-            JDIMENSION start_row, JDIMENSION start_col, JDIMENSION num_blocks)
-/* This version is used for integer DCT implementations. */
-{
-  /* This routine is heavily used, so it's worth coding it tightly. */
-  my_fdct_ptr fdct = (my_fdct_ptr)cinfo->fdct;
-  DCTELEM *divisors = fdct->divisors[compptr->quant_tbl_no];
-  DCTELEM *workspace;
-  JDIMENSION bi;
-
-  /* Make sure the compiler doesn't look up these every pass */
-  forward_DCT_method_ptr do_dct = fdct->dct;
-  convsamp_method_ptr do_convsamp = fdct->convsamp;
-  quantize_method_ptr do_quantize = fdct->quantize;
-  workspace = fdct->workspace;
-
-  sample_data += start_row;     /* fold in the vertical offset once */
-
-  for (bi = 0; bi < num_blocks; bi++, start_col += DCTSIZE) {
-    /* Load data into workspace, applying unsigned->signed conversion */
-    (*do_convsamp) (sample_data, start_col, workspace);
-
-    /* Perform the DCT */
-    (*do_dct) (workspace);
-
-    /* Quantize/descale the coefficients, and store into coef_blocks[] */
-    (*do_quantize) (coef_blocks[bi], divisors, workspace);
-  }
-}
-
-
-#ifdef DCT_FLOAT_SUPPORTED
-
-METHODDEF(void)
-convsamp_float(JSAMPARRAY sample_data, JDIMENSION start_col,
-               FAST_FLOAT *workspace)
-{
-  register FAST_FLOAT *workspaceptr;
-  register JSAMPROW elemptr;
-  register int elemr;
-
-  workspaceptr = workspace;
-  for (elemr = 0; elemr < DCTSIZE; elemr++) {
-    elemptr = sample_data[elemr] + start_col;
-#if DCTSIZE == 8                /* unroll the inner loop */
-    *workspaceptr++ = (FAST_FLOAT)((*elemptr++) - CENTERJSAMPLE);
-    *workspaceptr++ = (FAST_FLOAT)((*elemptr++) - CENTERJSAMPLE);
-    *workspaceptr++ = (FAST_FLOAT)((*elemptr++) - CENTERJSAMPLE);
-    *workspaceptr++ = (FAST_FLOAT)((*elemptr++) - CENTERJSAMPLE);
-    *workspaceptr++ = (FAST_FLOAT)((*elemptr++) - CENTERJSAMPLE);
-    *workspaceptr++ = (FAST_FLOAT)((*elemptr++) - CENTERJSAMPLE);
-    *workspaceptr++ = (FAST_FLOAT)((*elemptr++) - CENTERJSAMPLE);
-    *workspaceptr++ = (FAST_FLOAT)((*elemptr++) - CENTERJSAMPLE);
-#else
-    {
-      register int elemc;
-      for (elemc = DCTSIZE; elemc > 0; elemc--)
-        *workspaceptr++ = (FAST_FLOAT)((*elemptr++) - CENTERJSAMPLE);
-    }
-#endif
-  }
-}
-
-
-METHODDEF(void)
-quantize_float(JCOEFPTR coef_block, FAST_FLOAT *divisors,
-               FAST_FLOAT *workspace)
-{
-  register FAST_FLOAT temp;
-  register int i;
-  register JCOEFPTR output_ptr = coef_block;
-
-  for (i = 0; i < DCTSIZE2; i++) {
-    /* Apply the quantization and scaling factor */
-    temp = workspace[i] * divisors[i];
-
-    /* Round to nearest integer.
-     * Since C does not specify the direction of rounding for negative
-     * quotients, we have to force the dividend positive for portability.
-     * The maximum coefficient size is +-16K (for 12-bit data), so this
-     * code should work for either 16-bit or 32-bit ints.
-     */
-    output_ptr[i] = (JCOEF)((int)(temp + (FAST_FLOAT)16384.5) - 16384);
-  }
-}
-
-
-METHODDEF(void)
-forward_DCT_float(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                  JSAMPARRAY sample_data, JBLOCKROW coef_blocks,
-                  JDIMENSION start_row, JDIMENSION start_col,
-                  JDIMENSION num_blocks)
-/* This version is used for floating-point DCT implementations. */
-{
-  /* This routine is heavily used, so it's worth coding it tightly. */
-  my_fdct_ptr fdct = (my_fdct_ptr)cinfo->fdct;
-  FAST_FLOAT *divisors = fdct->float_divisors[compptr->quant_tbl_no];
-  FAST_FLOAT *workspace;
-  JDIMENSION bi;
-
-
-  /* Make sure the compiler doesn't look up these every pass */
-  float_DCT_method_ptr do_dct = fdct->float_dct;
-  float_convsamp_method_ptr do_convsamp = fdct->float_convsamp;
-  float_quantize_method_ptr do_quantize = fdct->float_quantize;
-  workspace = fdct->float_workspace;
-
-  sample_data += start_row;     /* fold in the vertical offset once */
-
-  for (bi = 0; bi < num_blocks; bi++, start_col += DCTSIZE) {
-    /* Load data into workspace, applying unsigned->signed conversion */
-    (*do_convsamp) (sample_data, start_col, workspace);
-
-    /* Perform the DCT */
-    (*do_dct) (workspace);
-
-    /* Quantize/descale the coefficients, and store into coef_blocks[] */
-    (*do_quantize) (coef_blocks[bi], divisors, workspace);
-  }
-}
-
-#endif /* DCT_FLOAT_SUPPORTED */
-
-
-/*
- * Initialize FDCT manager.
- */
-
-GLOBAL(void)
-jinit_forward_dct(j_compress_ptr cinfo)
-{
-  my_fdct_ptr fdct;
-  int i;
-
-  fdct = (my_fdct_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(my_fdct_controller));
-  cinfo->fdct = (struct jpeg_forward_dct *)fdct;
-  fdct->pub.start_pass = start_pass_fdctmgr;
-
-  /* First determine the DCT... */
-  switch (cinfo->dct_method) {
-#ifdef DCT_ISLOW_SUPPORTED
-  case JDCT_ISLOW:
-    fdct->pub.forward_DCT = forward_DCT;
-    if (jsimd_can_fdct_islow())
-      fdct->dct = jsimd_fdct_islow;
-    else
-      fdct->dct = jpeg_fdct_islow;
-    break;
-#endif
-#ifdef DCT_IFAST_SUPPORTED
-  case JDCT_IFAST:
-    fdct->pub.forward_DCT = forward_DCT;
-    if (jsimd_can_fdct_ifast())
-      fdct->dct = jsimd_fdct_ifast;
-    else
-      fdct->dct = jpeg_fdct_ifast;
-    break;
-#endif
-#ifdef DCT_FLOAT_SUPPORTED
-  case JDCT_FLOAT:
-    fdct->pub.forward_DCT = forward_DCT_float;
-    if (jsimd_can_fdct_float())
-      fdct->float_dct = jsimd_fdct_float;
-    else
-      fdct->float_dct = jpeg_fdct_float;
-    break;
-#endif
-  default:
-    ERREXIT(cinfo, JERR_NOT_COMPILED);
-    break;
-  }
-
-  /* ...then the supporting stages. */
-  switch (cinfo->dct_method) {
-#ifdef DCT_ISLOW_SUPPORTED
-  case JDCT_ISLOW:
-#endif
-#ifdef DCT_IFAST_SUPPORTED
-  case JDCT_IFAST:
-#endif
-#if defined(DCT_ISLOW_SUPPORTED) || defined(DCT_IFAST_SUPPORTED)
-    if (jsimd_can_convsamp())
-      fdct->convsamp = jsimd_convsamp;
-    else
-      fdct->convsamp = convsamp;
-    if (jsimd_can_quantize())
-      fdct->quantize = jsimd_quantize;
-    else
-      fdct->quantize = quantize;
-    break;
-#endif
-#ifdef DCT_FLOAT_SUPPORTED
-  case JDCT_FLOAT:
-    if (jsimd_can_convsamp_float())
-      fdct->float_convsamp = jsimd_convsamp_float;
-    else
-      fdct->float_convsamp = convsamp_float;
-    if (jsimd_can_quantize_float())
-      fdct->float_quantize = jsimd_quantize_float;
-    else
-      fdct->float_quantize = quantize_float;
-    break;
-#endif
-  default:
-    ERREXIT(cinfo, JERR_NOT_COMPILED);
-    break;
-  }
-
-  /* Allocate workspace memory */
-#ifdef DCT_FLOAT_SUPPORTED
-  if (cinfo->dct_method == JDCT_FLOAT)
-    fdct->float_workspace = (FAST_FLOAT *)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                  sizeof(FAST_FLOAT) * DCTSIZE2);
-  else
-#endif
-    fdct->workspace = (DCTELEM *)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                  sizeof(DCTELEM) * DCTSIZE2);
-
-  /* Mark divisor tables unallocated */
-  for (i = 0; i < NUM_QUANT_TBLS; i++) {
-    fdct->divisors[i] = NULL;
-#ifdef DCT_FLOAT_SUPPORTED
-    fdct->float_divisors[i] = NULL;
-#endif
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jchuff.c b/3rdparty/libjpeg-turbo_2_1_0/jchuff.c
deleted file mode 100644
index 2bce767..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jchuff.c
+++ /dev/null
@@ -1,1136 +0,0 @@
-/*
- * jchuff.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1997, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2009-2011, 2014-2016, 2018-2021, D. R. Commander.
- * Copyright (C) 2015, Matthieu Darbois.
- * Copyright (C) 2018, Matthias Räncker.
- * Copyright (C) 2020, Arm Limited.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains Huffman entropy encoding routines.
- *
- * Much of the complexity here has to do with supporting output suspension.
- * If the data destination module demands suspension, we want to be able to
- * back up to the start of the current MCU.  To do this, we copy state
- * variables into local working storage, and update them back to the
- * permanent JPEG objects only upon successful completion of an MCU.
- *
- * NOTE: All referenced figures are from
- * Recommendation ITU-T T.81 (1992) | ISO/IEC 10918-1:1994.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jsimd.h"
-#include "jconfigint.h"
-#include <limits.h>
-
-/*
- * NOTE: If USE_CLZ_INTRINSIC is defined, then clz/bsr instructions will be
- * used for bit counting rather than the lookup table.  This will reduce the
- * memory footprint by 64k, which is important for some mobile applications
- * that create many isolated instances of libjpeg-turbo (web browsers, for
- * instance.)  This may improve performance on some mobile platforms as well.
- * This feature is enabled by default only on Arm processors, because some x86
- * chips have a slow implementation of bsr, and the use of clz/bsr cannot be
- * shown to have a significant performance impact even on the x86 chips that
- * have a fast implementation of it.  When building for Armv6, you can
- * explicitly disable the use of clz/bsr by adding -mthumb to the compiler
- * flags (this defines __thumb__).
- */
-
-#if defined(__arm__) || defined(__aarch64__) || defined(_M_ARM) || \
-    defined(_M_ARM64)
-#if !defined(__thumb__) || defined(__thumb2__)
-#define USE_CLZ_INTRINSIC
-#endif
-#endif
-
-#ifdef USE_CLZ_INTRINSIC
-#if defined(_MSC_VER) && !defined(__clang__)
-#define JPEG_NBITS_NONZERO(x)  (32 - _CountLeadingZeros(x))
-#else
-#define JPEG_NBITS_NONZERO(x)  (32 - __builtin_clz(x))
-#endif
-#define JPEG_NBITS(x)          (x ? JPEG_NBITS_NONZERO(x) : 0)
-#else
-#include "jpeg_nbits_table.h"
-#define JPEG_NBITS(x)          (jpeg_nbits_table[x])
-#define JPEG_NBITS_NONZERO(x)  JPEG_NBITS(x)
-#endif
-
-
-/* Expanded entropy encoder object for Huffman encoding.
- *
- * The savable_state subrecord contains fields that change within an MCU,
- * but must not be updated permanently until we complete the MCU.
- */
-
-#if defined(__x86_64__) && defined(__ILP32__)
-typedef unsigned long long bit_buf_type;
-#else
-typedef size_t bit_buf_type;
-#endif
-
-/* NOTE: The more optimal Huffman encoding algorithm is only used by the
- * intrinsics implementation of the Arm Neon SIMD extensions, which is why we
- * retain the old Huffman encoder behavior when using the GAS implementation.
- */
-#if defined(WITH_SIMD) && !(defined(__arm__) || defined(__aarch64__) || \
-                            defined(_M_ARM) || defined(_M_ARM64))
-typedef unsigned long long simd_bit_buf_type;
-#else
-typedef bit_buf_type simd_bit_buf_type;
-#endif
-
-#if (defined(SIZEOF_SIZE_T) && SIZEOF_SIZE_T == 8) || defined(_WIN64) || \
-    (defined(__x86_64__) && defined(__ILP32__))
-#define BIT_BUF_SIZE  64
-#elif (defined(SIZEOF_SIZE_T) && SIZEOF_SIZE_T == 4) || defined(_WIN32)
-#define BIT_BUF_SIZE  32
-#else
-#error Cannot determine word size
-#endif
-#define SIMD_BIT_BUF_SIZE  (sizeof(simd_bit_buf_type) * 8)
-
-typedef struct {
-  union {
-    bit_buf_type c;
-    simd_bit_buf_type simd;
-  } put_buffer;                         /* current bit accumulation buffer */
-  int free_bits;                        /* # of bits available in it */
-                                        /* (Neon GAS: # of bits now in it) */
-  int last_dc_val[MAX_COMPS_IN_SCAN];   /* last DC coef for each component */
-} savable_state;
-
-typedef struct {
-  struct jpeg_entropy_encoder pub; /* public fields */
-
-  savable_state saved;          /* Bit buffer & DC state at start of MCU */
-
-  /* These fields are NOT loaded into local working state. */
-  unsigned int restarts_to_go;  /* MCUs left in this restart interval */
-  int next_restart_num;         /* next restart number to write (0-7) */
-
-  /* Pointers to derived tables (these workspaces have image lifespan) */
-  c_derived_tbl *dc_derived_tbls[NUM_HUFF_TBLS];
-  c_derived_tbl *ac_derived_tbls[NUM_HUFF_TBLS];
-
-#ifdef ENTROPY_OPT_SUPPORTED    /* Statistics tables for optimization */
-  long *dc_count_ptrs[NUM_HUFF_TBLS];
-  long *ac_count_ptrs[NUM_HUFF_TBLS];
-#endif
-
-  int simd;
-} huff_entropy_encoder;
-
-typedef huff_entropy_encoder *huff_entropy_ptr;
-
-/* Working state while writing an MCU.
- * This struct contains all the fields that are needed by subroutines.
- */
-
-typedef struct {
-  JOCTET *next_output_byte;     /* => next byte to write in buffer */
-  size_t free_in_buffer;        /* # of byte spaces remaining in buffer */
-  savable_state cur;            /* Current bit buffer & DC state */
-  j_compress_ptr cinfo;         /* dump_buffer needs access to this */
-  int simd;
-} working_state;
-
-
-/* Forward declarations */
-METHODDEF(boolean) encode_mcu_huff(j_compress_ptr cinfo, JBLOCKROW *MCU_data);
-METHODDEF(void) finish_pass_huff(j_compress_ptr cinfo);
-#ifdef ENTROPY_OPT_SUPPORTED
-METHODDEF(boolean) encode_mcu_gather(j_compress_ptr cinfo,
-                                     JBLOCKROW *MCU_data);
-METHODDEF(void) finish_pass_gather(j_compress_ptr cinfo);
-#endif
-
-
-/*
- * Initialize for a Huffman-compressed scan.
- * If gather_statistics is TRUE, we do not output anything during the scan,
- * just count the Huffman symbols used and generate Huffman code tables.
- */
-
-METHODDEF(void)
-start_pass_huff(j_compress_ptr cinfo, boolean gather_statistics)
-{
-  huff_entropy_ptr entropy = (huff_entropy_ptr)cinfo->entropy;
-  int ci, dctbl, actbl;
-  jpeg_component_info *compptr;
-
-  if (gather_statistics) {
-#ifdef ENTROPY_OPT_SUPPORTED
-    entropy->pub.encode_mcu = encode_mcu_gather;
-    entropy->pub.finish_pass = finish_pass_gather;
-#else
-    ERREXIT(cinfo, JERR_NOT_COMPILED);
-#endif
-  } else {
-    entropy->pub.encode_mcu = encode_mcu_huff;
-    entropy->pub.finish_pass = finish_pass_huff;
-  }
-
-  entropy->simd = jsimd_can_huff_encode_one_block();
-
-  for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-    compptr = cinfo->cur_comp_info[ci];
-    dctbl = compptr->dc_tbl_no;
-    actbl = compptr->ac_tbl_no;
-    if (gather_statistics) {
-#ifdef ENTROPY_OPT_SUPPORTED
-      /* Check for invalid table indexes */
-      /* (make_c_derived_tbl does this in the other path) */
-      if (dctbl < 0 || dctbl >= NUM_HUFF_TBLS)
-        ERREXIT1(cinfo, JERR_NO_HUFF_TABLE, dctbl);
-      if (actbl < 0 || actbl >= NUM_HUFF_TBLS)
-        ERREXIT1(cinfo, JERR_NO_HUFF_TABLE, actbl);
-      /* Allocate and zero the statistics tables */
-      /* Note that jpeg_gen_optimal_table expects 257 entries in each table! */
-      if (entropy->dc_count_ptrs[dctbl] == NULL)
-        entropy->dc_count_ptrs[dctbl] = (long *)
-          (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                      257 * sizeof(long));
-      MEMZERO(entropy->dc_count_ptrs[dctbl], 257 * sizeof(long));
-      if (entropy->ac_count_ptrs[actbl] == NULL)
-        entropy->ac_count_ptrs[actbl] = (long *)
-          (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                      257 * sizeof(long));
-      MEMZERO(entropy->ac_count_ptrs[actbl], 257 * sizeof(long));
-#endif
-    } else {
-      /* Compute derived values for Huffman tables */
-      /* We may do this more than once for a table, but it's not expensive */
-      jpeg_make_c_derived_tbl(cinfo, TRUE, dctbl,
-                              &entropy->dc_derived_tbls[dctbl]);
-      jpeg_make_c_derived_tbl(cinfo, FALSE, actbl,
-                              &entropy->ac_derived_tbls[actbl]);
-    }
-    /* Initialize DC predictions to 0 */
-    entropy->saved.last_dc_val[ci] = 0;
-  }
-
-  /* Initialize bit buffer to empty */
-  if (entropy->simd) {
-    entropy->saved.put_buffer.simd = 0;
-#if defined(__aarch64__) && !defined(NEON_INTRINSICS)
-    entropy->saved.free_bits = 0;
-#else
-    entropy->saved.free_bits = SIMD_BIT_BUF_SIZE;
-#endif
-  } else {
-    entropy->saved.put_buffer.c = 0;
-    entropy->saved.free_bits = BIT_BUF_SIZE;
-  }
-
-  /* Initialize restart stuff */
-  entropy->restarts_to_go = cinfo->restart_interval;
-  entropy->next_restart_num = 0;
-}
-
-
-/*
- * Compute the derived values for a Huffman table.
- * This routine also performs some validation checks on the table.
- *
- * Note this is also used by jcphuff.c.
- */
-
-GLOBAL(void)
-jpeg_make_c_derived_tbl(j_compress_ptr cinfo, boolean isDC, int tblno,
-                        c_derived_tbl **pdtbl)
-{
-  JHUFF_TBL *htbl;
-  c_derived_tbl *dtbl;
-  int p, i, l, lastp, si, maxsymbol;
-  char huffsize[257];
-  unsigned int huffcode[257];
-  unsigned int code;
-
-  /* Note that huffsize[] and huffcode[] are filled in code-length order,
-   * paralleling the order of the symbols themselves in htbl->huffval[].
-   */
-
-  /* Find the input Huffman table */
-  if (tblno < 0 || tblno >= NUM_HUFF_TBLS)
-    ERREXIT1(cinfo, JERR_NO_HUFF_TABLE, tblno);
-  htbl =
-    isDC ? cinfo->dc_huff_tbl_ptrs[tblno] : cinfo->ac_huff_tbl_ptrs[tblno];
-  if (htbl == NULL)
-    ERREXIT1(cinfo, JERR_NO_HUFF_TABLE, tblno);
-
-  /* Allocate a workspace if we haven't already done so. */
-  if (*pdtbl == NULL)
-    *pdtbl = (c_derived_tbl *)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                  sizeof(c_derived_tbl));
-  dtbl = *pdtbl;
-
-  /* Figure C.1: make table of Huffman code length for each symbol */
-
-  p = 0;
-  for (l = 1; l <= 16; l++) {
-    i = (int)htbl->bits[l];
-    if (i < 0 || p + i > 256)   /* protect against table overrun */
-      ERREXIT(cinfo, JERR_BAD_HUFF_TABLE);
-    while (i--)
-      huffsize[p++] = (char)l;
-  }
-  huffsize[p] = 0;
-  lastp = p;
-
-  /* Figure C.2: generate the codes themselves */
-  /* We also validate that the counts represent a legal Huffman code tree. */
-
-  code = 0;
-  si = huffsize[0];
-  p = 0;
-  while (huffsize[p]) {
-    while (((int)huffsize[p]) == si) {
-      huffcode[p++] = code;
-      code++;
-    }
-    /* code is now 1 more than the last code used for codelength si; but
-     * it must still fit in si bits, since no code is allowed to be all ones.
-     */
-    if (((JLONG)code) >= (((JLONG)1) << si))
-      ERREXIT(cinfo, JERR_BAD_HUFF_TABLE);
-    code <<= 1;
-    si++;
-  }
-
-  /* Figure C.3: generate encoding tables */
-  /* These are code and size indexed by symbol value */
-
-  /* Set all codeless symbols to have code length 0;
-   * this lets us detect duplicate VAL entries here, and later
-   * allows emit_bits to detect any attempt to emit such symbols.
-   */
-  MEMZERO(dtbl->ehufco, sizeof(dtbl->ehufco));
-  MEMZERO(dtbl->ehufsi, sizeof(dtbl->ehufsi));
-
-  /* This is also a convenient place to check for out-of-range
-   * and duplicated VAL entries.  We allow 0..255 for AC symbols
-   * but only 0..15 for DC.  (We could constrain them further
-   * based on data depth and mode, but this seems enough.)
-   */
-  maxsymbol = isDC ? 15 : 255;
-
-  for (p = 0; p < lastp; p++) {
-    i = htbl->huffval[p];
-    if (i < 0 || i > maxsymbol || dtbl->ehufsi[i])
-      ERREXIT(cinfo, JERR_BAD_HUFF_TABLE);
-    dtbl->ehufco[i] = huffcode[p];
-    dtbl->ehufsi[i] = huffsize[p];
-  }
-}
-
-
-/* Outputting bytes to the file */
-
-/* Emit a byte, taking 'action' if must suspend. */
-#define emit_byte(state, val, action) { \
-  *(state)->next_output_byte++ = (JOCTET)(val); \
-  if (--(state)->free_in_buffer == 0) \
-    if (!dump_buffer(state)) \
-      { action; } \
-}
-
-
-LOCAL(boolean)
-dump_buffer(working_state *state)
-/* Empty the output buffer; return TRUE if successful, FALSE if must suspend */
-{
-  struct jpeg_destination_mgr *dest = state->cinfo->dest;
-
-  if (!(*dest->empty_output_buffer) (state->cinfo))
-    return FALSE;
-  /* After a successful buffer dump, must reset buffer pointers */
-  state->next_output_byte = dest->next_output_byte;
-  state->free_in_buffer = dest->free_in_buffer;
-  return TRUE;
-}
-
-
-/* Outputting bits to the file */
-
-/* Output byte b and, speculatively, an additional 0 byte.  0xFF must be
- * encoded as 0xFF 0x00, so the output buffer pointer is advanced by 2 if the
- * byte is 0xFF.  Otherwise, the output buffer pointer is advanced by 1, and
- * the speculative 0 byte will be overwritten by the next byte.
- */
-#define EMIT_BYTE(b) { \
-  buffer[0] = (JOCTET)(b); \
-  buffer[1] = 0; \
-  buffer -= -2 + ((JOCTET)(b) < 0xFF); \
-}
-
-/* Output the entire bit buffer.  If there are no 0xFF bytes in it, then write
- * directly to the output buffer.  Otherwise, use the EMIT_BYTE() macro to
- * encode 0xFF as 0xFF 0x00.
- */
-#if BIT_BUF_SIZE == 64
-
-#define FLUSH() { \
-  if (put_buffer & 0x8080808080808080 & ~(put_buffer + 0x0101010101010101)) { \
-    EMIT_BYTE(put_buffer >> 56) \
-    EMIT_BYTE(put_buffer >> 48) \
-    EMIT_BYTE(put_buffer >> 40) \
-    EMIT_BYTE(put_buffer >> 32) \
-    EMIT_BYTE(put_buffer >> 24) \
-    EMIT_BYTE(put_buffer >> 16) \
-    EMIT_BYTE(put_buffer >>  8) \
-    EMIT_BYTE(put_buffer      ) \
-  } else { \
-    buffer[0] = (JOCTET)(put_buffer >> 56); \
-    buffer[1] = (JOCTET)(put_buffer >> 48); \
-    buffer[2] = (JOCTET)(put_buffer >> 40); \
-    buffer[3] = (JOCTET)(put_buffer >> 32); \
-    buffer[4] = (JOCTET)(put_buffer >> 24); \
-    buffer[5] = (JOCTET)(put_buffer >> 16); \
-    buffer[6] = (JOCTET)(put_buffer >> 8); \
-    buffer[7] = (JOCTET)(put_buffer); \
-    buffer += 8; \
-  } \
-}
-
-#else
-
-#define FLUSH() { \
-  if (put_buffer & 0x80808080 & ~(put_buffer + 0x01010101)) { \
-    EMIT_BYTE(put_buffer >> 24) \
-    EMIT_BYTE(put_buffer >> 16) \
-    EMIT_BYTE(put_buffer >>  8) \
-    EMIT_BYTE(put_buffer      ) \
-  } else { \
-    buffer[0] = (JOCTET)(put_buffer >> 24); \
-    buffer[1] = (JOCTET)(put_buffer >> 16); \
-    buffer[2] = (JOCTET)(put_buffer >> 8); \
-    buffer[3] = (JOCTET)(put_buffer); \
-    buffer += 4; \
-  } \
-}
-
-#endif
-
-/* Fill the bit buffer to capacity with the leading bits from code, then output
- * the bit buffer and put the remaining bits from code into the bit buffer.
- */
-#define PUT_AND_FLUSH(code, size) { \
-  put_buffer = (put_buffer << (size + free_bits)) | (code >> -free_bits); \
-  FLUSH() \
-  free_bits += BIT_BUF_SIZE; \
-  put_buffer = code; \
-}
-
-/* Insert code into the bit buffer and output the bit buffer if needed.
- * NOTE: We can't flush with free_bits == 0, since the left shift in
- * PUT_AND_FLUSH() would have undefined behavior.
- */
-#define PUT_BITS(code, size) { \
-  free_bits -= size; \
-  if (free_bits < 0) \
-    PUT_AND_FLUSH(code, size) \
-  else \
-    put_buffer = (put_buffer << size) | code; \
-}
-
-#define PUT_CODE(code, size) { \
-  temp &= (((JLONG)1) << nbits) - 1; \
-  temp |= code << nbits; \
-  nbits += size; \
-  PUT_BITS(temp, nbits) \
-}
-
-
-/* Although it is exceedingly rare, it is possible for a Huffman-encoded
- * coefficient block to be larger than the 128-byte unencoded block.  For each
- * of the 64 coefficients, PUT_BITS is invoked twice, and each invocation can
- * theoretically store 16 bits (for a maximum of 2048 bits or 256 bytes per
- * encoded block.)  If, for instance, one artificially sets the AC
- * coefficients to alternating values of 32767 and -32768 (using the JPEG
- * scanning order-- 1, 8, 16, etc.), then this will produce an encoded block
- * larger than 200 bytes.
- */
-#define BUFSIZE  (DCTSIZE2 * 8)
-
-#define LOAD_BUFFER() { \
-  if (state->free_in_buffer < BUFSIZE) { \
-    localbuf = 1; \
-    buffer = _buffer; \
-  } else \
-    buffer = state->next_output_byte; \
-}
-
-#define STORE_BUFFER() { \
-  if (localbuf) { \
-    size_t bytes, bytestocopy; \
-    bytes = buffer - _buffer; \
-    buffer = _buffer; \
-    while (bytes > 0) { \
-      bytestocopy = MIN(bytes, state->free_in_buffer); \
-      MEMCOPY(state->next_output_byte, buffer, bytestocopy); \
-      state->next_output_byte += bytestocopy; \
-      buffer += bytestocopy; \
-      state->free_in_buffer -= bytestocopy; \
-      if (state->free_in_buffer == 0) \
-        if (!dump_buffer(state)) return FALSE; \
-      bytes -= bytestocopy; \
-    } \
-  } else { \
-    state->free_in_buffer -= (buffer - state->next_output_byte); \
-    state->next_output_byte = buffer; \
-  } \
-}
-
-
-LOCAL(boolean)
-flush_bits(working_state *state)
-{
-  JOCTET _buffer[BUFSIZE], *buffer, temp;
-  simd_bit_buf_type put_buffer;  int put_bits;
-  int localbuf = 0;
-
-  if (state->simd) {
-#if defined(__aarch64__) && !defined(NEON_INTRINSICS)
-    put_bits = state->cur.free_bits;
-#else
-    put_bits = SIMD_BIT_BUF_SIZE - state->cur.free_bits;
-#endif
-    put_buffer = state->cur.put_buffer.simd;
-  } else {
-    put_bits = BIT_BUF_SIZE - state->cur.free_bits;
-    put_buffer = state->cur.put_buffer.c;
-  }
-
-  LOAD_BUFFER()
-
-  while (put_bits >= 8) {
-    put_bits -= 8;
-    temp = (JOCTET)(put_buffer >> put_bits);
-    EMIT_BYTE(temp)
-  }
-  if (put_bits) {
-    /* fill partial byte with ones */
-    temp = (JOCTET)((put_buffer << (8 - put_bits)) | (0xFF >> put_bits));
-    EMIT_BYTE(temp)
-  }
-
-  if (state->simd) {                    /* and reset bit buffer to empty */
-    state->cur.put_buffer.simd = 0;
-#if defined(__aarch64__) && !defined(NEON_INTRINSICS)
-    state->cur.free_bits = 0;
-#else
-    state->cur.free_bits = SIMD_BIT_BUF_SIZE;
-#endif
-  } else {
-    state->cur.put_buffer.c = 0;
-    state->cur.free_bits = BIT_BUF_SIZE;
-  }
-  STORE_BUFFER()
-
-  return TRUE;
-}
-
-
-/* Encode a single block's worth of coefficients */
-
-LOCAL(boolean)
-encode_one_block_simd(working_state *state, JCOEFPTR block, int last_dc_val,
-                      c_derived_tbl *dctbl, c_derived_tbl *actbl)
-{
-  JOCTET _buffer[BUFSIZE], *buffer;
-  int localbuf = 0;
-
-  LOAD_BUFFER()
-
-  buffer = jsimd_huff_encode_one_block(state, buffer, block, last_dc_val,
-                                       dctbl, actbl);
-
-  STORE_BUFFER()
-
-  return TRUE;
-}
-
-LOCAL(boolean)
-encode_one_block(working_state *state, JCOEFPTR block, int last_dc_val,
-                 c_derived_tbl *dctbl, c_derived_tbl *actbl)
-{
-  int temp, nbits, free_bits;
-  bit_buf_type put_buffer;
-  JOCTET _buffer[BUFSIZE], *buffer;
-  int localbuf = 0;
-
-  free_bits = state->cur.free_bits;
-  put_buffer = state->cur.put_buffer.c;
-  LOAD_BUFFER()
-
-  /* Encode the DC coefficient difference per section F.1.2.1 */
-
-  temp = block[0] - last_dc_val;
-
-  /* This is a well-known technique for obtaining the absolute value without a
-   * branch.  It is derived from an assembly language technique presented in
-   * "How to Optimize for the Pentium Processors", Copyright (c) 1996, 1997 by
-   * Agner Fog.  This code assumes we are on a two's complement machine.
-   */
-  nbits = temp >> (CHAR_BIT * sizeof(int) - 1);
-  temp += nbits;
-  nbits ^= temp;
-
-  /* Find the number of bits needed for the magnitude of the coefficient */
-  nbits = JPEG_NBITS(nbits);
-
-  /* Emit the Huffman-coded symbol for the number of bits.
-   * Emit that number of bits of the value, if positive,
-   * or the complement of its magnitude, if negative.
-   */
-  PUT_CODE(dctbl->ehufco[nbits], dctbl->ehufsi[nbits])
-
-  /* Encode the AC coefficients per section F.1.2.2 */
-
-  {
-    int r = 0;                  /* r = run length of zeros */
-
-/* Manually unroll the k loop to eliminate the counter variable.  This
- * improves performance greatly on systems with a limited number of
- * registers (such as x86.)
- */
-#define kloop(jpeg_natural_order_of_k) { \
-  if ((temp = block[jpeg_natural_order_of_k]) == 0) { \
-    r += 16; \
-  } else { \
-    /* Branch-less absolute value, bitwise complement, etc., same as above */ \
-    nbits = temp >> (CHAR_BIT * sizeof(int) - 1); \
-    temp += nbits; \
-    nbits ^= temp; \
-    nbits = JPEG_NBITS_NONZERO(nbits); \
-    /* if run length > 15, must emit special run-length-16 codes (0xF0) */ \
-    while (r >= 16 * 16) { \
-      r -= 16 * 16; \
-      PUT_BITS(actbl->ehufco[0xf0], actbl->ehufsi[0xf0]) \
-    } \
-    /* Emit Huffman symbol for run length / number of bits */ \
-    r += nbits; \
-    PUT_CODE(actbl->ehufco[r], actbl->ehufsi[r]) \
-    r = 0; \
-  } \
-}
-
-    /* One iteration for each value in jpeg_natural_order[] */
-    kloop(1);   kloop(8);   kloop(16);  kloop(9);   kloop(2);   kloop(3);
-    kloop(10);  kloop(17);  kloop(24);  kloop(32);  kloop(25);  kloop(18);
-    kloop(11);  kloop(4);   kloop(5);   kloop(12);  kloop(19);  kloop(26);
-    kloop(33);  kloop(40);  kloop(48);  kloop(41);  kloop(34);  kloop(27);
-    kloop(20);  kloop(13);  kloop(6);   kloop(7);   kloop(14);  kloop(21);
-    kloop(28);  kloop(35);  kloop(42);  kloop(49);  kloop(56);  kloop(57);
-    kloop(50);  kloop(43);  kloop(36);  kloop(29);  kloop(22);  kloop(15);
-    kloop(23);  kloop(30);  kloop(37);  kloop(44);  kloop(51);  kloop(58);
-    kloop(59);  kloop(52);  kloop(45);  kloop(38);  kloop(31);  kloop(39);
-    kloop(46);  kloop(53);  kloop(60);  kloop(61);  kloop(54);  kloop(47);
-    kloop(55);  kloop(62);  kloop(63);
-
-    /* If the last coef(s) were zero, emit an end-of-block code */
-    if (r > 0) {
-      PUT_BITS(actbl->ehufco[0], actbl->ehufsi[0])
-    }
-  }
-
-  state->cur.put_buffer.c = put_buffer;
-  state->cur.free_bits = free_bits;
-  STORE_BUFFER()
-
-  return TRUE;
-}
-
-
-/*
- * Emit a restart marker & resynchronize predictions.
- */
-
-LOCAL(boolean)
-emit_restart(working_state *state, int restart_num)
-{
-  int ci;
-
-  if (!flush_bits(state))
-    return FALSE;
-
-  emit_byte(state, 0xFF, return FALSE);
-  emit_byte(state, JPEG_RST0 + restart_num, return FALSE);
-
-  /* Re-initialize DC predictions to 0 */
-  for (ci = 0; ci < state->cinfo->comps_in_scan; ci++)
-    state->cur.last_dc_val[ci] = 0;
-
-  /* The restart counter is not updated until we successfully write the MCU. */
-
-  return TRUE;
-}
-
-
-/*
- * Encode and output one MCU's worth of Huffman-compressed coefficients.
- */
-
-METHODDEF(boolean)
-encode_mcu_huff(j_compress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  huff_entropy_ptr entropy = (huff_entropy_ptr)cinfo->entropy;
-  working_state state;
-  int blkn, ci;
-  jpeg_component_info *compptr;
-
-  /* Load up working state */
-  state.next_output_byte = cinfo->dest->next_output_byte;
-  state.free_in_buffer = cinfo->dest->free_in_buffer;
-  state.cur = entropy->saved;
-  state.cinfo = cinfo;
-  state.simd = entropy->simd;
-
-  /* Emit restart marker if needed */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0)
-      if (!emit_restart(&state, entropy->next_restart_num))
-        return FALSE;
-  }
-
-  /* Encode the MCU data blocks */
-  if (entropy->simd) {
-    for (blkn = 0; blkn < cinfo->blocks_in_MCU; blkn++) {
-      ci = cinfo->MCU_membership[blkn];
-      compptr = cinfo->cur_comp_info[ci];
-      if (!encode_one_block_simd(&state,
-                                 MCU_data[blkn][0], state.cur.last_dc_val[ci],
-                                 entropy->dc_derived_tbls[compptr->dc_tbl_no],
-                                 entropy->ac_derived_tbls[compptr->ac_tbl_no]))
-        return FALSE;
-      /* Update last_dc_val */
-      state.cur.last_dc_val[ci] = MCU_data[blkn][0][0];
-    }
-  } else {
-    for (blkn = 0; blkn < cinfo->blocks_in_MCU; blkn++) {
-      ci = cinfo->MCU_membership[blkn];
-      compptr = cinfo->cur_comp_info[ci];
-      if (!encode_one_block(&state,
-                            MCU_data[blkn][0], state.cur.last_dc_val[ci],
-                            entropy->dc_derived_tbls[compptr->dc_tbl_no],
-                            entropy->ac_derived_tbls[compptr->ac_tbl_no]))
-        return FALSE;
-      /* Update last_dc_val */
-      state.cur.last_dc_val[ci] = MCU_data[blkn][0][0];
-    }
-  }
-
-  /* Completed MCU, so update state */
-  cinfo->dest->next_output_byte = state.next_output_byte;
-  cinfo->dest->free_in_buffer = state.free_in_buffer;
-  entropy->saved = state.cur;
-
-  /* Update restart-interval state too */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0) {
-      entropy->restarts_to_go = cinfo->restart_interval;
-      entropy->next_restart_num++;
-      entropy->next_restart_num &= 7;
-    }
-    entropy->restarts_to_go--;
-  }
-
-  return TRUE;
-}
-
-
-/*
- * Finish up at the end of a Huffman-compressed scan.
- */
-
-METHODDEF(void)
-finish_pass_huff(j_compress_ptr cinfo)
-{
-  huff_entropy_ptr entropy = (huff_entropy_ptr)cinfo->entropy;
-  working_state state;
-
-  /* Load up working state ... flush_bits needs it */
-  state.next_output_byte = cinfo->dest->next_output_byte;
-  state.free_in_buffer = cinfo->dest->free_in_buffer;
-  state.cur = entropy->saved;
-  state.cinfo = cinfo;
-  state.simd = entropy->simd;
-
-  /* Flush out the last data */
-  if (!flush_bits(&state))
-    ERREXIT(cinfo, JERR_CANT_SUSPEND);
-
-  /* Update state */
-  cinfo->dest->next_output_byte = state.next_output_byte;
-  cinfo->dest->free_in_buffer = state.free_in_buffer;
-  entropy->saved = state.cur;
-}
-
-
-/*
- * Huffman coding optimization.
- *
- * We first scan the supplied data and count the number of uses of each symbol
- * that is to be Huffman-coded. (This process MUST agree with the code above.)
- * Then we build a Huffman coding tree for the observed counts.
- * Symbols which are not needed at all for the particular image are not
- * assigned any code, which saves space in the DHT marker as well as in
- * the compressed data.
- */
-
-#ifdef ENTROPY_OPT_SUPPORTED
-
-
-/* Process a single block's worth of coefficients */
-
-LOCAL(void)
-htest_one_block(j_compress_ptr cinfo, JCOEFPTR block, int last_dc_val,
-                long dc_counts[], long ac_counts[])
-{
-  register int temp;
-  register int nbits;
-  register int k, r;
-
-  /* Encode the DC coefficient difference per section F.1.2.1 */
-
-  temp = block[0] - last_dc_val;
-  if (temp < 0)
-    temp = -temp;
-
-  /* Find the number of bits needed for the magnitude of the coefficient */
-  nbits = 0;
-  while (temp) {
-    nbits++;
-    temp >>= 1;
-  }
-  /* Check for out-of-range coefficient values.
-   * Since we're encoding a difference, the range limit is twice as much.
-   */
-  if (nbits > MAX_COEF_BITS + 1)
-    ERREXIT(cinfo, JERR_BAD_DCT_COEF);
-
-  /* Count the Huffman symbol for the number of bits */
-  dc_counts[nbits]++;
-
-  /* Encode the AC coefficients per section F.1.2.2 */
-
-  r = 0;                        /* r = run length of zeros */
-
-  for (k = 1; k < DCTSIZE2; k++) {
-    if ((temp = block[jpeg_natural_order[k]]) == 0) {
-      r++;
-    } else {
-      /* if run length > 15, must emit special run-length-16 codes (0xF0) */
-      while (r > 15) {
-        ac_counts[0xF0]++;
-        r -= 16;
-      }
-
-      /* Find the number of bits needed for the magnitude of the coefficient */
-      if (temp < 0)
-        temp = -temp;
-
-      /* Find the number of bits needed for the magnitude of the coefficient */
-      nbits = 1;                /* there must be at least one 1 bit */
-      while ((temp >>= 1))
-        nbits++;
-      /* Check for out-of-range coefficient values */
-      if (nbits > MAX_COEF_BITS)
-        ERREXIT(cinfo, JERR_BAD_DCT_COEF);
-
-      /* Count Huffman symbol for run length / number of bits */
-      ac_counts[(r << 4) + nbits]++;
-
-      r = 0;
-    }
-  }
-
-  /* If the last coef(s) were zero, emit an end-of-block code */
-  if (r > 0)
-    ac_counts[0]++;
-}
-
-
-/*
- * Trial-encode one MCU's worth of Huffman-compressed coefficients.
- * No data is actually output, so no suspension return is possible.
- */
-
-METHODDEF(boolean)
-encode_mcu_gather(j_compress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  huff_entropy_ptr entropy = (huff_entropy_ptr)cinfo->entropy;
-  int blkn, ci;
-  jpeg_component_info *compptr;
-
-  /* Take care of restart intervals if needed */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0) {
-      /* Re-initialize DC predictions to 0 */
-      for (ci = 0; ci < cinfo->comps_in_scan; ci++)
-        entropy->saved.last_dc_val[ci] = 0;
-      /* Update restart state */
-      entropy->restarts_to_go = cinfo->restart_interval;
-    }
-    entropy->restarts_to_go--;
-  }
-
-  for (blkn = 0; blkn < cinfo->blocks_in_MCU; blkn++) {
-    ci = cinfo->MCU_membership[blkn];
-    compptr = cinfo->cur_comp_info[ci];
-    htest_one_block(cinfo, MCU_data[blkn][0], entropy->saved.last_dc_val[ci],
-                    entropy->dc_count_ptrs[compptr->dc_tbl_no],
-                    entropy->ac_count_ptrs[compptr->ac_tbl_no]);
-    entropy->saved.last_dc_val[ci] = MCU_data[blkn][0][0];
-  }
-
-  return TRUE;
-}
-
-
-/*
- * Generate the best Huffman code table for the given counts, fill htbl.
- * Note this is also used by jcphuff.c.
- *
- * The JPEG standard requires that no symbol be assigned a codeword of all
- * one bits (so that padding bits added at the end of a compressed segment
- * can't look like a valid code).  Because of the canonical ordering of
- * codewords, this just means that there must be an unused slot in the
- * longest codeword length category.  Annex K (Clause K.2) of
- * Rec. ITU-T T.81 (1992) | ISO/IEC 10918-1:1994 suggests reserving such a slot
- * by pretending that symbol 256 is a valid symbol with count 1.  In theory
- * that's not optimal; giving it count zero but including it in the symbol set
- * anyway should give a better Huffman code.  But the theoretically better code
- * actually seems to come out worse in practice, because it produces more
- * all-ones bytes (which incur stuffed zero bytes in the final file).  In any
- * case the difference is tiny.
- *
- * The JPEG standard requires Huffman codes to be no more than 16 bits long.
- * If some symbols have a very small but nonzero probability, the Huffman tree
- * must be adjusted to meet the code length restriction.  We currently use
- * the adjustment method suggested in JPEG section K.2.  This method is *not*
- * optimal; it may not choose the best possible limited-length code.  But
- * typically only very-low-frequency symbols will be given less-than-optimal
- * lengths, so the code is almost optimal.  Experimental comparisons against
- * an optimal limited-length-code algorithm indicate that the difference is
- * microscopic --- usually less than a hundredth of a percent of total size.
- * So the extra complexity of an optimal algorithm doesn't seem worthwhile.
- */
-
-GLOBAL(void)
-jpeg_gen_optimal_table(j_compress_ptr cinfo, JHUFF_TBL *htbl, long freq[])
-{
-#define MAX_CLEN  32            /* assumed maximum initial code length */
-  UINT8 bits[MAX_CLEN + 1];     /* bits[k] = # of symbols with code length k */
-  int codesize[257];            /* codesize[k] = code length of symbol k */
-  int others[257];              /* next symbol in current branch of tree */
-  int c1, c2;
-  int p, i, j;
-  long v;
-
-  /* This algorithm is explained in section K.2 of the JPEG standard */
-
-  MEMZERO(bits, sizeof(bits));
-  MEMZERO(codesize, sizeof(codesize));
-  for (i = 0; i < 257; i++)
-    others[i] = -1;             /* init links to empty */
-
-  freq[256] = 1;                /* make sure 256 has a nonzero count */
-  /* Including the pseudo-symbol 256 in the Huffman procedure guarantees
-   * that no real symbol is given code-value of all ones, because 256
-   * will be placed last in the largest codeword category.
-   */
-
-  /* Huffman's basic algorithm to assign optimal code lengths to symbols */
-
-  for (;;) {
-    /* Find the smallest nonzero frequency, set c1 = its symbol */
-    /* In case of ties, take the larger symbol number */
-    c1 = -1;
-    v = 1000000000L;
-    for (i = 0; i <= 256; i++) {
-      if (freq[i] && freq[i] <= v) {
-        v = freq[i];
-        c1 = i;
-      }
-    }
-
-    /* Find the next smallest nonzero frequency, set c2 = its symbol */
-    /* In case of ties, take the larger symbol number */
-    c2 = -1;
-    v = 1000000000L;
-    for (i = 0; i <= 256; i++) {
-      if (freq[i] && freq[i] <= v && i != c1) {
-        v = freq[i];
-        c2 = i;
-      }
-    }
-
-    /* Done if we've merged everything into one frequency */
-    if (c2 < 0)
-      break;
-
-    /* Else merge the two counts/trees */
-    freq[c1] += freq[c2];
-    freq[c2] = 0;
-
-    /* Increment the codesize of everything in c1's tree branch */
-    codesize[c1]++;
-    while (others[c1] >= 0) {
-      c1 = others[c1];
-      codesize[c1]++;
-    }
-
-    others[c1] = c2;            /* chain c2 onto c1's tree branch */
-
-    /* Increment the codesize of everything in c2's tree branch */
-    codesize[c2]++;
-    while (others[c2] >= 0) {
-      c2 = others[c2];
-      codesize[c2]++;
-    }
-  }
-
-  /* Now count the number of symbols of each code length */
-  for (i = 0; i <= 256; i++) {
-    if (codesize[i]) {
-      /* The JPEG standard seems to think that this can't happen, */
-      /* but I'm paranoid... */
-      if (codesize[i] > MAX_CLEN)
-        ERREXIT(cinfo, JERR_HUFF_CLEN_OVERFLOW);
-
-      bits[codesize[i]]++;
-    }
-  }
-
-  /* JPEG doesn't allow symbols with code lengths over 16 bits, so if the pure
-   * Huffman procedure assigned any such lengths, we must adjust the coding.
-   * Here is what Rec. ITU-T T.81 | ISO/IEC 10918-1 says about how this next
-   * bit works: Since symbols are paired for the longest Huffman code, the
-   * symbols are removed from this length category two at a time.  The prefix
-   * for the pair (which is one bit shorter) is allocated to one of the pair;
-   * then, skipping the BITS entry for that prefix length, a code word from the
-   * next shortest nonzero BITS entry is converted into a prefix for two code
-   * words one bit longer.
-   */
-
-  for (i = MAX_CLEN; i > 16; i--) {
-    while (bits[i] > 0) {
-      j = i - 2;                /* find length of new prefix to be used */
-      while (bits[j] == 0)
-        j--;
-
-      bits[i] -= 2;             /* remove two symbols */
-      bits[i - 1]++;            /* one goes in this length */
-      bits[j + 1] += 2;         /* two new symbols in this length */
-      bits[j]--;                /* symbol of this length is now a prefix */
-    }
-  }
-
-  /* Remove the count for the pseudo-symbol 256 from the largest codelength */
-  while (bits[i] == 0)          /* find largest codelength still in use */
-    i--;
-  bits[i]--;
-
-  /* Return final symbol counts (only for lengths 0..16) */
-  MEMCOPY(htbl->bits, bits, sizeof(htbl->bits));
-
-  /* Return a list of the symbols sorted by code length */
-  /* It's not real clear to me why we don't need to consider the codelength
-   * changes made above, but Rec. ITU-T T.81 | ISO/IEC 10918-1 seems to think
-   * this works.
-   */
-  p = 0;
-  for (i = 1; i <= MAX_CLEN; i++) {
-    for (j = 0; j <= 255; j++) {
-      if (codesize[j] == i) {
-        htbl->huffval[p] = (UINT8)j;
-        p++;
-      }
-    }
-  }
-
-  /* Set sent_table FALSE so updated table will be written to JPEG file. */
-  htbl->sent_table = FALSE;
-}
-
-
-/*
- * Finish up a statistics-gathering pass and create the new Huffman tables.
- */
-
-METHODDEF(void)
-finish_pass_gather(j_compress_ptr cinfo)
-{
-  huff_entropy_ptr entropy = (huff_entropy_ptr)cinfo->entropy;
-  int ci, dctbl, actbl;
-  jpeg_component_info *compptr;
-  JHUFF_TBL **htblptr;
-  boolean did_dc[NUM_HUFF_TBLS];
-  boolean did_ac[NUM_HUFF_TBLS];
-
-  /* It's important not to apply jpeg_gen_optimal_table more than once
-   * per table, because it clobbers the input frequency counts!
-   */
-  MEMZERO(did_dc, sizeof(did_dc));
-  MEMZERO(did_ac, sizeof(did_ac));
-
-  for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-    compptr = cinfo->cur_comp_info[ci];
-    dctbl = compptr->dc_tbl_no;
-    actbl = compptr->ac_tbl_no;
-    if (!did_dc[dctbl]) {
-      htblptr = &cinfo->dc_huff_tbl_ptrs[dctbl];
-      if (*htblptr == NULL)
-        *htblptr = jpeg_alloc_huff_table((j_common_ptr)cinfo);
-      jpeg_gen_optimal_table(cinfo, *htblptr, entropy->dc_count_ptrs[dctbl]);
-      did_dc[dctbl] = TRUE;
-    }
-    if (!did_ac[actbl]) {
-      htblptr = &cinfo->ac_huff_tbl_ptrs[actbl];
-      if (*htblptr == NULL)
-        *htblptr = jpeg_alloc_huff_table((j_common_ptr)cinfo);
-      jpeg_gen_optimal_table(cinfo, *htblptr, entropy->ac_count_ptrs[actbl]);
-      did_ac[actbl] = TRUE;
-    }
-  }
-}
-
-
-#endif /* ENTROPY_OPT_SUPPORTED */
-
-
-/*
- * Module initialization routine for Huffman entropy encoding.
- */
-
-GLOBAL(void)
-jinit_huff_encoder(j_compress_ptr cinfo)
-{
-  huff_entropy_ptr entropy;
-  int i;
-
-  entropy = (huff_entropy_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(huff_entropy_encoder));
-  cinfo->entropy = (struct jpeg_entropy_encoder *)entropy;
-  entropy->pub.start_pass = start_pass_huff;
-
-  /* Mark tables unallocated */
-  for (i = 0; i < NUM_HUFF_TBLS; i++) {
-    entropy->dc_derived_tbls[i] = entropy->ac_derived_tbls[i] = NULL;
-#ifdef ENTROPY_OPT_SUPPORTED
-    entropy->dc_count_ptrs[i] = entropy->ac_count_ptrs[i] = NULL;
-#endif
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jchuff.h b/3rdparty/libjpeg-turbo_2_1_0/jchuff.h
deleted file mode 100644
index 314a232..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jchuff.h
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * jchuff.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1997, Thomas G. Lane.
- * It was modified by The libjpeg-turbo Project to include only code relevant
- * to libjpeg-turbo.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains declarations for Huffman entropy encoding routines
- * that are shared between the sequential encoder (jchuff.c) and the
- * progressive encoder (jcphuff.c).  No other modules need to see these.
- */
-
-/* The legal range of a DCT coefficient is
- *  -1024 .. +1023  for 8-bit data;
- * -16384 .. +16383 for 12-bit data.
- * Hence the magnitude should always fit in 10 or 14 bits respectively.
- */
-
-#if BITS_IN_JSAMPLE == 8
-#define MAX_COEF_BITS  10
-#else
-#define MAX_COEF_BITS  14
-#endif
-
-/* Derived data constructed for each Huffman table */
-
-typedef struct {
-  unsigned int ehufco[256];     /* code for each symbol */
-  char ehufsi[256];             /* length of code for each symbol */
-  /* If no code has been allocated for a symbol S, ehufsi[S] contains 0 */
-} c_derived_tbl;
-
-/* Expand a Huffman table definition into the derived format */
-EXTERN(void) jpeg_make_c_derived_tbl(j_compress_ptr cinfo, boolean isDC,
-                                     int tblno, c_derived_tbl **pdtbl);
-
-/* Generate an optimal table definition given the specified counts */
-EXTERN(void) jpeg_gen_optimal_table(j_compress_ptr cinfo, JHUFF_TBL *htbl,
-                                    long freq[]);
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jcicc.c b/3rdparty/libjpeg-turbo_2_1_0/jcicc.c
deleted file mode 100644
index 11037ff..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jcicc.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * jcicc.c
- *
- * Copyright (C) 1997-1998, Thomas G. Lane, Todd Newman.
- * Copyright (C) 2017, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file provides code to write International Color Consortium (ICC) device
- * profiles embedded in JFIF JPEG image files.  The ICC has defined a standard
- * for including such data in JPEG "APP2" markers.  The code given here does
- * not know anything about the internal structure of the ICC profile data; it
- * just knows how to embed the profile data in a JPEG file while writing it.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jerror.h"
-
-
-/*
- * Since an ICC profile can be larger than the maximum size of a JPEG marker
- * (64K), we need provisions to split it into multiple markers.  The format
- * defined by the ICC specifies one or more APP2 markers containing the
- * following data:
- *      Identifying string      ASCII "ICC_PROFILE\0"  (12 bytes)
- *      Marker sequence number  1 for first APP2, 2 for next, etc (1 byte)
- *      Number of markers       Total number of APP2's used (1 byte)
- *      Profile data            (remainder of APP2 data)
- * Decoders should use the marker sequence numbers to reassemble the profile,
- * rather than assuming that the APP2 markers appear in the correct sequence.
- */
-
-#define ICC_MARKER  (JPEG_APP0 + 2)     /* JPEG marker code for ICC */
-#define ICC_OVERHEAD_LEN  14            /* size of non-profile data in APP2 */
-#define MAX_BYTES_IN_MARKER  65533      /* maximum data len of a JPEG marker */
-#define MAX_DATA_BYTES_IN_MARKER  (MAX_BYTES_IN_MARKER - ICC_OVERHEAD_LEN)
-
-
-/*
- * This routine writes the given ICC profile data into a JPEG file.  It *must*
- * be called AFTER calling jpeg_start_compress() and BEFORE the first call to
- * jpeg_write_scanlines().  (This ordering ensures that the APP2 marker(s) will
- * appear after the SOI and JFIF or Adobe markers, but before all else.)
- */
-
-GLOBAL(void)
-jpeg_write_icc_profile(j_compress_ptr cinfo, const JOCTET *icc_data_ptr,
-                       unsigned int icc_data_len)
-{
-  unsigned int num_markers;     /* total number of markers we'll write */
-  int cur_marker = 1;           /* per spec, counting starts at 1 */
-  unsigned int length;          /* number of bytes to write in this marker */
-
-  if (icc_data_ptr == NULL || icc_data_len == 0)
-    ERREXIT(cinfo, JERR_BUFFER_SIZE);
-  if (cinfo->global_state < CSTATE_SCANNING)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-
-  /* Calculate the number of markers we'll need, rounding up of course */
-  num_markers = icc_data_len / MAX_DATA_BYTES_IN_MARKER;
-  if (num_markers * MAX_DATA_BYTES_IN_MARKER != icc_data_len)
-    num_markers++;
-
-  while (icc_data_len > 0) {
-    /* length of profile to put in this marker */
-    length = icc_data_len;
-    if (length > MAX_DATA_BYTES_IN_MARKER)
-      length = MAX_DATA_BYTES_IN_MARKER;
-    icc_data_len -= length;
-
-    /* Write the JPEG marker header (APP2 code and marker length) */
-    jpeg_write_m_header(cinfo, ICC_MARKER,
-                        (unsigned int)(length + ICC_OVERHEAD_LEN));
-
-    /* Write the marker identifying string "ICC_PROFILE" (null-terminated).  We
-     * code it in this less-than-transparent way so that the code works even if
-     * the local character set is not ASCII.
-     */
-    jpeg_write_m_byte(cinfo, 0x49);
-    jpeg_write_m_byte(cinfo, 0x43);
-    jpeg_write_m_byte(cinfo, 0x43);
-    jpeg_write_m_byte(cinfo, 0x5F);
-    jpeg_write_m_byte(cinfo, 0x50);
-    jpeg_write_m_byte(cinfo, 0x52);
-    jpeg_write_m_byte(cinfo, 0x4F);
-    jpeg_write_m_byte(cinfo, 0x46);
-    jpeg_write_m_byte(cinfo, 0x49);
-    jpeg_write_m_byte(cinfo, 0x4C);
-    jpeg_write_m_byte(cinfo, 0x45);
-    jpeg_write_m_byte(cinfo, 0x0);
-
-    /* Add the sequencing info */
-    jpeg_write_m_byte(cinfo, cur_marker);
-    jpeg_write_m_byte(cinfo, (int)num_markers);
-
-    /* Add the profile data */
-    while (length--) {
-      jpeg_write_m_byte(cinfo, *icc_data_ptr);
-      icc_data_ptr++;
-    }
-    cur_marker++;
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jcinit.c b/3rdparty/libjpeg-turbo_2_1_0/jcinit.c
deleted file mode 100644
index 157353a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jcinit.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * jcinit.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1997, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2020, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains initialization logic for the JPEG compressor.
- * This routine is in charge of selecting the modules to be executed and
- * making an initialization call to each one.
- *
- * Logically, this code belongs in jcmaster.c.  It's split out because
- * linking this routine implies linking the entire compression library.
- * For a transcoding-only application, we want to be able to use jcmaster.c
- * without linking in the whole library.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jpegcomp.h"
-
-
-/*
- * Master selection of compression modules.
- * This is done once at the start of processing an image.  We determine
- * which modules will be used and give them appropriate initialization calls.
- */
-
-GLOBAL(void)
-jinit_compress_master(j_compress_ptr cinfo)
-{
-  /* Initialize master control (includes parameter checking/processing) */
-  jinit_c_master_control(cinfo, FALSE /* full compression */);
-
-  /* Preprocessing */
-  if (!cinfo->raw_data_in) {
-    jinit_color_converter(cinfo);
-    jinit_downsampler(cinfo);
-    jinit_c_prep_controller(cinfo, FALSE /* never need full buffer here */);
-  }
-  /* Forward DCT */
-  jinit_forward_dct(cinfo);
-  /* Entropy encoding: either Huffman or arithmetic coding. */
-  if (cinfo->arith_code) {
-#ifdef C_ARITH_CODING_SUPPORTED
-    jinit_arith_encoder(cinfo);
-#else
-    ERREXIT(cinfo, JERR_ARITH_NOTIMPL);
-#endif
-  } else {
-    if (cinfo->progressive_mode) {
-#ifdef C_PROGRESSIVE_SUPPORTED
-      jinit_phuff_encoder(cinfo);
-#else
-      ERREXIT(cinfo, JERR_NOT_COMPILED);
-#endif
-    } else
-      jinit_huff_encoder(cinfo);
-  }
-
-  /* Need a full-image coefficient buffer in any multi-pass mode. */
-  jinit_c_coef_controller(cinfo, (boolean)(cinfo->num_scans > 1 ||
-                                           cinfo->optimize_coding));
-  jinit_c_main_controller(cinfo, FALSE /* never need full buffer here */);
-
-  jinit_marker_writer(cinfo);
-
-  /* We can now tell the memory manager to allocate virtual arrays. */
-  (*cinfo->mem->realize_virt_arrays) ((j_common_ptr)cinfo);
-
-  /* Write the datastream header (SOI) immediately.
-   * Frame and scan headers are postponed till later.
-   * This lets application insert special markers after the SOI.
-   */
-  (*cinfo->marker->write_file_header) (cinfo);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jcmainct.c b/3rdparty/libjpeg-turbo_2_1_0/jcmainct.c
deleted file mode 100644
index 3f23028..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jcmainct.c
+++ /dev/null
@@ -1,162 +0,0 @@
-/*
- * jcmainct.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * It was modified by The libjpeg-turbo Project to include only code relevant
- * to libjpeg-turbo.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains the main buffer controller for compression.
- * The main buffer lies between the pre-processor and the JPEG
- * compressor proper; it holds downsampled data in the JPEG colorspace.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-
-
-/* Private buffer controller object */
-
-typedef struct {
-  struct jpeg_c_main_controller pub; /* public fields */
-
-  JDIMENSION cur_iMCU_row;      /* number of current iMCU row */
-  JDIMENSION rowgroup_ctr;      /* counts row groups received in iMCU row */
-  boolean suspended;            /* remember if we suspended output */
-  J_BUF_MODE pass_mode;         /* current operating mode */
-
-  /* If using just a strip buffer, this points to the entire set of buffers
-   * (we allocate one for each component).  In the full-image case, this
-   * points to the currently accessible strips of the virtual arrays.
-   */
-  JSAMPARRAY buffer[MAX_COMPONENTS];
-} my_main_controller;
-
-typedef my_main_controller *my_main_ptr;
-
-
-/* Forward declarations */
-METHODDEF(void) process_data_simple_main(j_compress_ptr cinfo,
-                                         JSAMPARRAY input_buf,
-                                         JDIMENSION *in_row_ctr,
-                                         JDIMENSION in_rows_avail);
-
-
-/*
- * Initialize for a processing pass.
- */
-
-METHODDEF(void)
-start_pass_main(j_compress_ptr cinfo, J_BUF_MODE pass_mode)
-{
-  my_main_ptr main_ptr = (my_main_ptr)cinfo->main;
-
-  /* Do nothing in raw-data mode. */
-  if (cinfo->raw_data_in)
-    return;
-
-  if (pass_mode != JBUF_PASS_THRU)
-    ERREXIT(cinfo, JERR_BAD_BUFFER_MODE);
-
-  main_ptr->cur_iMCU_row = 0;   /* initialize counters */
-  main_ptr->rowgroup_ctr = 0;
-  main_ptr->suspended = FALSE;
-  main_ptr->pass_mode = pass_mode;      /* save mode for use by process_data */
-  main_ptr->pub.process_data = process_data_simple_main;
-}
-
-
-/*
- * Process some data.
- * This routine handles the simple pass-through mode,
- * where we have only a strip buffer.
- */
-
-METHODDEF(void)
-process_data_simple_main(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                         JDIMENSION *in_row_ctr, JDIMENSION in_rows_avail)
-{
-  my_main_ptr main_ptr = (my_main_ptr)cinfo->main;
-
-  while (main_ptr->cur_iMCU_row < cinfo->total_iMCU_rows) {
-    /* Read input data if we haven't filled the main buffer yet */
-    if (main_ptr->rowgroup_ctr < DCTSIZE)
-      (*cinfo->prep->pre_process_data) (cinfo, input_buf, in_row_ctr,
-                                        in_rows_avail, main_ptr->buffer,
-                                        &main_ptr->rowgroup_ctr,
-                                        (JDIMENSION)DCTSIZE);
-
-    /* If we don't have a full iMCU row buffered, return to application for
-     * more data.  Note that preprocessor will always pad to fill the iMCU row
-     * at the bottom of the image.
-     */
-    if (main_ptr->rowgroup_ctr != DCTSIZE)
-      return;
-
-    /* Send the completed row to the compressor */
-    if (!(*cinfo->coef->compress_data) (cinfo, main_ptr->buffer)) {
-      /* If compressor did not consume the whole row, then we must need to
-       * suspend processing and return to the application.  In this situation
-       * we pretend we didn't yet consume the last input row; otherwise, if
-       * it happened to be the last row of the image, the application would
-       * think we were done.
-       */
-      if (!main_ptr->suspended) {
-        (*in_row_ctr)--;
-        main_ptr->suspended = TRUE;
-      }
-      return;
-    }
-    /* We did finish the row.  Undo our little suspension hack if a previous
-     * call suspended; then mark the main buffer empty.
-     */
-    if (main_ptr->suspended) {
-      (*in_row_ctr)++;
-      main_ptr->suspended = FALSE;
-    }
-    main_ptr->rowgroup_ctr = 0;
-    main_ptr->cur_iMCU_row++;
-  }
-}
-
-
-/*
- * Initialize main buffer controller.
- */
-
-GLOBAL(void)
-jinit_c_main_controller(j_compress_ptr cinfo, boolean need_full_buffer)
-{
-  my_main_ptr main_ptr;
-  int ci;
-  jpeg_component_info *compptr;
-
-  main_ptr = (my_main_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(my_main_controller));
-  cinfo->main = (struct jpeg_c_main_controller *)main_ptr;
-  main_ptr->pub.start_pass = start_pass_main;
-
-  /* We don't need to create a buffer in raw-data mode. */
-  if (cinfo->raw_data_in)
-    return;
-
-  /* Create the buffer.  It holds downsampled data, so each component
-   * may be of a different size.
-   */
-  if (need_full_buffer) {
-    ERREXIT(cinfo, JERR_BAD_BUFFER_MODE);
-  } else {
-    /* Allocate a strip buffer for each component */
-    for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-         ci++, compptr++) {
-      main_ptr->buffer[ci] = (*cinfo->mem->alloc_sarray)
-        ((j_common_ptr)cinfo, JPOOL_IMAGE,
-         compptr->width_in_blocks * DCTSIZE,
-         (JDIMENSION)(compptr->v_samp_factor * DCTSIZE));
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jcmarker.c b/3rdparty/libjpeg-turbo_2_1_0/jcmarker.c
deleted file mode 100644
index 801fbab..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jcmarker.c
+++ /dev/null
@@ -1,664 +0,0 @@
-/*
- * jcmarker.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1998, Thomas G. Lane.
- * Modified 2003-2010 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2010, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains routines to write JPEG datastream markers.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jpegcomp.h"
-
-
-typedef enum {                  /* JPEG marker codes */
-  M_SOF0  = 0xc0,
-  M_SOF1  = 0xc1,
-  M_SOF2  = 0xc2,
-  M_SOF3  = 0xc3,
-
-  M_SOF5  = 0xc5,
-  M_SOF6  = 0xc6,
-  M_SOF7  = 0xc7,
-
-  M_JPG   = 0xc8,
-  M_SOF9  = 0xc9,
-  M_SOF10 = 0xca,
-  M_SOF11 = 0xcb,
-
-  M_SOF13 = 0xcd,
-  M_SOF14 = 0xce,
-  M_SOF15 = 0xcf,
-
-  M_DHT   = 0xc4,
-
-  M_DAC   = 0xcc,
-
-  M_RST0  = 0xd0,
-  M_RST1  = 0xd1,
-  M_RST2  = 0xd2,
-  M_RST3  = 0xd3,
-  M_RST4  = 0xd4,
-  M_RST5  = 0xd5,
-  M_RST6  = 0xd6,
-  M_RST7  = 0xd7,
-
-  M_SOI   = 0xd8,
-  M_EOI   = 0xd9,
-  M_SOS   = 0xda,
-  M_DQT   = 0xdb,
-  M_DNL   = 0xdc,
-  M_DRI   = 0xdd,
-  M_DHP   = 0xde,
-  M_EXP   = 0xdf,
-
-  M_APP0  = 0xe0,
-  M_APP1  = 0xe1,
-  M_APP2  = 0xe2,
-  M_APP3  = 0xe3,
-  M_APP4  = 0xe4,
-  M_APP5  = 0xe5,
-  M_APP6  = 0xe6,
-  M_APP7  = 0xe7,
-  M_APP8  = 0xe8,
-  M_APP9  = 0xe9,
-  M_APP10 = 0xea,
-  M_APP11 = 0xeb,
-  M_APP12 = 0xec,
-  M_APP13 = 0xed,
-  M_APP14 = 0xee,
-  M_APP15 = 0xef,
-
-  M_JPG0  = 0xf0,
-  M_JPG13 = 0xfd,
-  M_COM   = 0xfe,
-
-  M_TEM   = 0x01,
-
-  M_ERROR = 0x100
-} JPEG_MARKER;
-
-
-/* Private state */
-
-typedef struct {
-  struct jpeg_marker_writer pub; /* public fields */
-
-  unsigned int last_restart_interval; /* last DRI value emitted; 0 after SOI */
-} my_marker_writer;
-
-typedef my_marker_writer *my_marker_ptr;
-
-
-/*
- * Basic output routines.
- *
- * Note that we do not support suspension while writing a marker.
- * Therefore, an application using suspension must ensure that there is
- * enough buffer space for the initial markers (typ. 600-700 bytes) before
- * calling jpeg_start_compress, and enough space to write the trailing EOI
- * (a few bytes) before calling jpeg_finish_compress.  Multipass compression
- * modes are not supported at all with suspension, so those two are the only
- * points where markers will be written.
- */
-
-LOCAL(void)
-emit_byte(j_compress_ptr cinfo, int val)
-/* Emit a byte */
-{
-  struct jpeg_destination_mgr *dest = cinfo->dest;
-
-  *(dest->next_output_byte)++ = (JOCTET)val;
-  if (--dest->free_in_buffer == 0) {
-    if (!(*dest->empty_output_buffer) (cinfo))
-      ERREXIT(cinfo, JERR_CANT_SUSPEND);
-  }
-}
-
-
-LOCAL(void)
-emit_marker(j_compress_ptr cinfo, JPEG_MARKER mark)
-/* Emit a marker code */
-{
-  emit_byte(cinfo, 0xFF);
-  emit_byte(cinfo, (int)mark);
-}
-
-
-LOCAL(void)
-emit_2bytes(j_compress_ptr cinfo, int value)
-/* Emit a 2-byte integer; these are always MSB first in JPEG files */
-{
-  emit_byte(cinfo, (value >> 8) & 0xFF);
-  emit_byte(cinfo, value & 0xFF);
-}
-
-
-/*
- * Routines to write specific marker types.
- */
-
-LOCAL(int)
-emit_dqt(j_compress_ptr cinfo, int index)
-/* Emit a DQT marker */
-/* Returns the precision used (0 = 8bits, 1 = 16bits) for baseline checking */
-{
-  JQUANT_TBL *qtbl = cinfo->quant_tbl_ptrs[index];
-  int prec;
-  int i;
-
-  if (qtbl == NULL)
-    ERREXIT1(cinfo, JERR_NO_QUANT_TABLE, index);
-
-  prec = 0;
-  for (i = 0; i < DCTSIZE2; i++) {
-    if (qtbl->quantval[i] > 255)
-      prec = 1;
-  }
-
-  if (!qtbl->sent_table) {
-    emit_marker(cinfo, M_DQT);
-
-    emit_2bytes(cinfo, prec ? DCTSIZE2 * 2 + 1 + 2 : DCTSIZE2 + 1 + 2);
-
-    emit_byte(cinfo, index + (prec << 4));
-
-    for (i = 0; i < DCTSIZE2; i++) {
-      /* The table entries must be emitted in zigzag order. */
-      unsigned int qval = qtbl->quantval[jpeg_natural_order[i]];
-      if (prec)
-        emit_byte(cinfo, (int)(qval >> 8));
-      emit_byte(cinfo, (int)(qval & 0xFF));
-    }
-
-    qtbl->sent_table = TRUE;
-  }
-
-  return prec;
-}
-
-
-LOCAL(void)
-emit_dht(j_compress_ptr cinfo, int index, boolean is_ac)
-/* Emit a DHT marker */
-{
-  JHUFF_TBL *htbl;
-  int length, i;
-
-  if (is_ac) {
-    htbl = cinfo->ac_huff_tbl_ptrs[index];
-    index += 0x10;              /* output index has AC bit set */
-  } else {
-    htbl = cinfo->dc_huff_tbl_ptrs[index];
-  }
-
-  if (htbl == NULL)
-    ERREXIT1(cinfo, JERR_NO_HUFF_TABLE, index);
-
-  if (!htbl->sent_table) {
-    emit_marker(cinfo, M_DHT);
-
-    length = 0;
-    for (i = 1; i <= 16; i++)
-      length += htbl->bits[i];
-
-    emit_2bytes(cinfo, length + 2 + 1 + 16);
-    emit_byte(cinfo, index);
-
-    for (i = 1; i <= 16; i++)
-      emit_byte(cinfo, htbl->bits[i]);
-
-    for (i = 0; i < length; i++)
-      emit_byte(cinfo, htbl->huffval[i]);
-
-    htbl->sent_table = TRUE;
-  }
-}
-
-
-LOCAL(void)
-emit_dac(j_compress_ptr cinfo)
-/* Emit a DAC marker */
-/* Since the useful info is so small, we want to emit all the tables in */
-/* one DAC marker.  Therefore this routine does its own scan of the table. */
-{
-#ifdef C_ARITH_CODING_SUPPORTED
-  char dc_in_use[NUM_ARITH_TBLS];
-  char ac_in_use[NUM_ARITH_TBLS];
-  int length, i;
-  jpeg_component_info *compptr;
-
-  for (i = 0; i < NUM_ARITH_TBLS; i++)
-    dc_in_use[i] = ac_in_use[i] = 0;
-
-  for (i = 0; i < cinfo->comps_in_scan; i++) {
-    compptr = cinfo->cur_comp_info[i];
-    /* DC needs no table for refinement scan */
-    if (cinfo->Ss == 0 && cinfo->Ah == 0)
-      dc_in_use[compptr->dc_tbl_no] = 1;
-    /* AC needs no table when not present */
-    if (cinfo->Se)
-      ac_in_use[compptr->ac_tbl_no] = 1;
-  }
-
-  length = 0;
-  for (i = 0; i < NUM_ARITH_TBLS; i++)
-    length += dc_in_use[i] + ac_in_use[i];
-
-  if (length) {
-    emit_marker(cinfo, M_DAC);
-
-    emit_2bytes(cinfo, length * 2 + 2);
-
-    for (i = 0; i < NUM_ARITH_TBLS; i++) {
-      if (dc_in_use[i]) {
-        emit_byte(cinfo, i);
-        emit_byte(cinfo, cinfo->arith_dc_L[i] + (cinfo->arith_dc_U[i] << 4));
-      }
-      if (ac_in_use[i]) {
-        emit_byte(cinfo, i + 0x10);
-        emit_byte(cinfo, cinfo->arith_ac_K[i]);
-      }
-    }
-  }
-#endif /* C_ARITH_CODING_SUPPORTED */
-}
-
-
-LOCAL(void)
-emit_dri(j_compress_ptr cinfo)
-/* Emit a DRI marker */
-{
-  emit_marker(cinfo, M_DRI);
-
-  emit_2bytes(cinfo, 4);        /* fixed length */
-
-  emit_2bytes(cinfo, (int)cinfo->restart_interval);
-}
-
-
-LOCAL(void)
-emit_sof(j_compress_ptr cinfo, JPEG_MARKER code)
-/* Emit a SOF marker */
-{
-  int ci;
-  jpeg_component_info *compptr;
-
-  emit_marker(cinfo, code);
-
-  emit_2bytes(cinfo, 3 * cinfo->num_components + 2 + 5 + 1); /* length */
-
-  /* Make sure image isn't bigger than SOF field can handle */
-  if ((long)cinfo->_jpeg_height > 65535L || (long)cinfo->_jpeg_width > 65535L)
-    ERREXIT1(cinfo, JERR_IMAGE_TOO_BIG, (unsigned int)65535);
-
-  emit_byte(cinfo, cinfo->data_precision);
-  emit_2bytes(cinfo, (int)cinfo->_jpeg_height);
-  emit_2bytes(cinfo, (int)cinfo->_jpeg_width);
-
-  emit_byte(cinfo, cinfo->num_components);
-
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    emit_byte(cinfo, compptr->component_id);
-    emit_byte(cinfo, (compptr->h_samp_factor << 4) + compptr->v_samp_factor);
-    emit_byte(cinfo, compptr->quant_tbl_no);
-  }
-}
-
-
-LOCAL(void)
-emit_sos(j_compress_ptr cinfo)
-/* Emit a SOS marker */
-{
-  int i, td, ta;
-  jpeg_component_info *compptr;
-
-  emit_marker(cinfo, M_SOS);
-
-  emit_2bytes(cinfo, 2 * cinfo->comps_in_scan + 2 + 1 + 3); /* length */
-
-  emit_byte(cinfo, cinfo->comps_in_scan);
-
-  for (i = 0; i < cinfo->comps_in_scan; i++) {
-    compptr = cinfo->cur_comp_info[i];
-    emit_byte(cinfo, compptr->component_id);
-
-    /* We emit 0 for unused field(s); this is recommended by the P&M text
-     * but does not seem to be specified in the standard.
-     */
-
-    /* DC needs no table for refinement scan */
-    td = cinfo->Ss == 0 && cinfo->Ah == 0 ? compptr->dc_tbl_no : 0;
-    /* AC needs no table when not present */
-    ta = cinfo->Se ? compptr->ac_tbl_no : 0;
-
-    emit_byte(cinfo, (td << 4) + ta);
-  }
-
-  emit_byte(cinfo, cinfo->Ss);
-  emit_byte(cinfo, cinfo->Se);
-  emit_byte(cinfo, (cinfo->Ah << 4) + cinfo->Al);
-}
-
-
-LOCAL(void)
-emit_jfif_app0(j_compress_ptr cinfo)
-/* Emit a JFIF-compliant APP0 marker */
-{
-  /*
-   * Length of APP0 block       (2 bytes)
-   * Block ID                   (4 bytes - ASCII "JFIF")
-   * Zero byte                  (1 byte to terminate the ID string)
-   * Version Major, Minor       (2 bytes - major first)
-   * Units                      (1 byte - 0x00 = none, 0x01 = inch, 0x02 = cm)
-   * Xdpu                       (2 bytes - dots per unit horizontal)
-   * Ydpu                       (2 bytes - dots per unit vertical)
-   * Thumbnail X size           (1 byte)
-   * Thumbnail Y size           (1 byte)
-   */
-
-  emit_marker(cinfo, M_APP0);
-
-  emit_2bytes(cinfo, 2 + 4 + 1 + 2 + 1 + 2 + 2 + 1 + 1); /* length */
-
-  emit_byte(cinfo, 0x4A);       /* Identifier: ASCII "JFIF" */
-  emit_byte(cinfo, 0x46);
-  emit_byte(cinfo, 0x49);
-  emit_byte(cinfo, 0x46);
-  emit_byte(cinfo, 0);
-  emit_byte(cinfo, cinfo->JFIF_major_version); /* Version fields */
-  emit_byte(cinfo, cinfo->JFIF_minor_version);
-  emit_byte(cinfo, cinfo->density_unit); /* Pixel size information */
-  emit_2bytes(cinfo, (int)cinfo->X_density);
-  emit_2bytes(cinfo, (int)cinfo->Y_density);
-  emit_byte(cinfo, 0);          /* No thumbnail image */
-  emit_byte(cinfo, 0);
-}
-
-
-LOCAL(void)
-emit_adobe_app14(j_compress_ptr cinfo)
-/* Emit an Adobe APP14 marker */
-{
-  /*
-   * Length of APP14 block      (2 bytes)
-   * Block ID                   (5 bytes - ASCII "Adobe")
-   * Version Number             (2 bytes - currently 100)
-   * Flags0                     (2 bytes - currently 0)
-   * Flags1                     (2 bytes - currently 0)
-   * Color transform            (1 byte)
-   *
-   * Although Adobe TN 5116 mentions Version = 101, all the Adobe files
-   * now in circulation seem to use Version = 100, so that's what we write.
-   *
-   * We write the color transform byte as 1 if the JPEG color space is
-   * YCbCr, 2 if it's YCCK, 0 otherwise.  Adobe's definition has to do with
-   * whether the encoder performed a transformation, which is pretty useless.
-   */
-
-  emit_marker(cinfo, M_APP14);
-
-  emit_2bytes(cinfo, 2 + 5 + 2 + 2 + 2 + 1); /* length */
-
-  emit_byte(cinfo, 0x41);       /* Identifier: ASCII "Adobe" */
-  emit_byte(cinfo, 0x64);
-  emit_byte(cinfo, 0x6F);
-  emit_byte(cinfo, 0x62);
-  emit_byte(cinfo, 0x65);
-  emit_2bytes(cinfo, 100);      /* Version */
-  emit_2bytes(cinfo, 0);        /* Flags0 */
-  emit_2bytes(cinfo, 0);        /* Flags1 */
-  switch (cinfo->jpeg_color_space) {
-  case JCS_YCbCr:
-    emit_byte(cinfo, 1);        /* Color transform = 1 */
-    break;
-  case JCS_YCCK:
-    emit_byte(cinfo, 2);        /* Color transform = 2 */
-    break;
-  default:
-    emit_byte(cinfo, 0);        /* Color transform = 0 */
-    break;
-  }
-}
-
-
-/*
- * These routines allow writing an arbitrary marker with parameters.
- * The only intended use is to emit COM or APPn markers after calling
- * write_file_header and before calling write_frame_header.
- * Other uses are not guaranteed to produce desirable results.
- * Counting the parameter bytes properly is the caller's responsibility.
- */
-
-METHODDEF(void)
-write_marker_header(j_compress_ptr cinfo, int marker, unsigned int datalen)
-/* Emit an arbitrary marker header */
-{
-  if (datalen > (unsigned int)65533)            /* safety check */
-    ERREXIT(cinfo, JERR_BAD_LENGTH);
-
-  emit_marker(cinfo, (JPEG_MARKER)marker);
-
-  emit_2bytes(cinfo, (int)(datalen + 2));       /* total length */
-}
-
-METHODDEF(void)
-write_marker_byte(j_compress_ptr cinfo, int val)
-/* Emit one byte of marker parameters following write_marker_header */
-{
-  emit_byte(cinfo, val);
-}
-
-
-/*
- * Write datastream header.
- * This consists of an SOI and optional APPn markers.
- * We recommend use of the JFIF marker, but not the Adobe marker,
- * when using YCbCr or grayscale data.  The JFIF marker should NOT
- * be used for any other JPEG colorspace.  The Adobe marker is helpful
- * to distinguish RGB, CMYK, and YCCK colorspaces.
- * Note that an application can write additional header markers after
- * jpeg_start_compress returns.
- */
-
-METHODDEF(void)
-write_file_header(j_compress_ptr cinfo)
-{
-  my_marker_ptr marker = (my_marker_ptr)cinfo->marker;
-
-  emit_marker(cinfo, M_SOI);    /* first the SOI */
-
-  /* SOI is defined to reset restart interval to 0 */
-  marker->last_restart_interval = 0;
-
-  if (cinfo->write_JFIF_header) /* next an optional JFIF APP0 */
-    emit_jfif_app0(cinfo);
-  if (cinfo->write_Adobe_marker) /* next an optional Adobe APP14 */
-    emit_adobe_app14(cinfo);
-}
-
-
-/*
- * Write frame header.
- * This consists of DQT and SOFn markers.
- * Note that we do not emit the SOF until we have emitted the DQT(s).
- * This avoids compatibility problems with incorrect implementations that
- * try to error-check the quant table numbers as soon as they see the SOF.
- */
-
-METHODDEF(void)
-write_frame_header(j_compress_ptr cinfo)
-{
-  int ci, prec;
-  boolean is_baseline;
-  jpeg_component_info *compptr;
-
-  /* Emit DQT for each quantization table.
-   * Note that emit_dqt() suppresses any duplicate tables.
-   */
-  prec = 0;
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    prec += emit_dqt(cinfo, compptr->quant_tbl_no);
-  }
-  /* now prec is nonzero iff there are any 16-bit quant tables. */
-
-  /* Check for a non-baseline specification.
-   * Note we assume that Huffman table numbers won't be changed later.
-   */
-  if (cinfo->arith_code || cinfo->progressive_mode ||
-      cinfo->data_precision != 8) {
-    is_baseline = FALSE;
-  } else {
-    is_baseline = TRUE;
-    for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-         ci++, compptr++) {
-      if (compptr->dc_tbl_no > 1 || compptr->ac_tbl_no > 1)
-        is_baseline = FALSE;
-    }
-    if (prec && is_baseline) {
-      is_baseline = FALSE;
-      /* If it's baseline except for quantizer size, warn the user */
-      TRACEMS(cinfo, 0, JTRC_16BIT_TABLES);
-    }
-  }
-
-  /* Emit the proper SOF marker */
-  if (cinfo->arith_code) {
-    if (cinfo->progressive_mode)
-      emit_sof(cinfo, M_SOF10); /* SOF code for progressive arithmetic */
-    else
-      emit_sof(cinfo, M_SOF9);  /* SOF code for sequential arithmetic */
-  } else {
-    if (cinfo->progressive_mode)
-      emit_sof(cinfo, M_SOF2);  /* SOF code for progressive Huffman */
-    else if (is_baseline)
-      emit_sof(cinfo, M_SOF0);  /* SOF code for baseline implementation */
-    else
-      emit_sof(cinfo, M_SOF1);  /* SOF code for non-baseline Huffman file */
-  }
-}
-
-
-/*
- * Write scan header.
- * This consists of DHT or DAC markers, optional DRI, and SOS.
- * Compressed data will be written following the SOS.
- */
-
-METHODDEF(void)
-write_scan_header(j_compress_ptr cinfo)
-{
-  my_marker_ptr marker = (my_marker_ptr)cinfo->marker;
-  int i;
-  jpeg_component_info *compptr;
-
-  if (cinfo->arith_code) {
-    /* Emit arith conditioning info.  We may have some duplication
-     * if the file has multiple scans, but it's so small it's hardly
-     * worth worrying about.
-     */
-    emit_dac(cinfo);
-  } else {
-    /* Emit Huffman tables.
-     * Note that emit_dht() suppresses any duplicate tables.
-     */
-    for (i = 0; i < cinfo->comps_in_scan; i++) {
-      compptr = cinfo->cur_comp_info[i];
-      /* DC needs no table for refinement scan */
-      if (cinfo->Ss == 0 && cinfo->Ah == 0)
-        emit_dht(cinfo, compptr->dc_tbl_no, FALSE);
-      /* AC needs no table when not present */
-      if (cinfo->Se)
-        emit_dht(cinfo, compptr->ac_tbl_no, TRUE);
-    }
-  }
-
-  /* Emit DRI if required --- note that DRI value could change for each scan.
-   * We avoid wasting space with unnecessary DRIs, however.
-   */
-  if (cinfo->restart_interval != marker->last_restart_interval) {
-    emit_dri(cinfo);
-    marker->last_restart_interval = cinfo->restart_interval;
-  }
-
-  emit_sos(cinfo);
-}
-
-
-/*
- * Write datastream trailer.
- */
-
-METHODDEF(void)
-write_file_trailer(j_compress_ptr cinfo)
-{
-  emit_marker(cinfo, M_EOI);
-}
-
-
-/*
- * Write an abbreviated table-specification datastream.
- * This consists of SOI, DQT and DHT tables, and EOI.
- * Any table that is defined and not marked sent_table = TRUE will be
- * emitted.  Note that all tables will be marked sent_table = TRUE at exit.
- */
-
-METHODDEF(void)
-write_tables_only(j_compress_ptr cinfo)
-{
-  int i;
-
-  emit_marker(cinfo, M_SOI);
-
-  for (i = 0; i < NUM_QUANT_TBLS; i++) {
-    if (cinfo->quant_tbl_ptrs[i] != NULL)
-      (void)emit_dqt(cinfo, i);
-  }
-
-  if (!cinfo->arith_code) {
-    for (i = 0; i < NUM_HUFF_TBLS; i++) {
-      if (cinfo->dc_huff_tbl_ptrs[i] != NULL)
-        emit_dht(cinfo, i, FALSE);
-      if (cinfo->ac_huff_tbl_ptrs[i] != NULL)
-        emit_dht(cinfo, i, TRUE);
-    }
-  }
-
-  emit_marker(cinfo, M_EOI);
-}
-
-
-/*
- * Initialize the marker writer module.
- */
-
-GLOBAL(void)
-jinit_marker_writer(j_compress_ptr cinfo)
-{
-  my_marker_ptr marker;
-
-  /* Create the subobject */
-  marker = (my_marker_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(my_marker_writer));
-  cinfo->marker = (struct jpeg_marker_writer *)marker;
-  /* Initialize method pointers */
-  marker->pub.write_file_header = write_file_header;
-  marker->pub.write_frame_header = write_frame_header;
-  marker->pub.write_scan_header = write_scan_header;
-  marker->pub.write_file_trailer = write_file_trailer;
-  marker->pub.write_tables_only = write_tables_only;
-  marker->pub.write_marker_header = write_marker_header;
-  marker->pub.write_marker_byte = write_marker_byte;
-  /* Initialize private state */
-  marker->last_restart_interval = 0;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jcmaster.c b/3rdparty/libjpeg-turbo_2_1_0/jcmaster.c
deleted file mode 100644
index 998dc40..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jcmaster.c
+++ /dev/null
@@ -1,640 +0,0 @@
-/*
- * jcmaster.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1997, Thomas G. Lane.
- * Modified 2003-2010 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2010, 2016, 2018, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains master control logic for the JPEG compressor.
- * These routines are concerned with parameter validation, initial setup,
- * and inter-pass control (determining the number of passes and the work
- * to be done in each pass).
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jpegcomp.h"
-#include "jconfigint.h"
-
-
-/* Private state */
-
-typedef enum {
-  main_pass,                    /* input data, also do first output step */
-  huff_opt_pass,                /* Huffman code optimization pass */
-  output_pass                   /* data output pass */
-} c_pass_type;
-
-typedef struct {
-  struct jpeg_comp_master pub;  /* public fields */
-
-  c_pass_type pass_type;        /* the type of the current pass */
-
-  int pass_number;              /* # of passes completed */
-  int total_passes;             /* total # of passes needed */
-
-  int scan_number;              /* current index in scan_info[] */
-
-  /*
-   * This is here so we can add libjpeg-turbo version/build information to the
-   * global string table without introducing a new global symbol.  Adding this
-   * information to the global string table allows one to examine a binary
-   * object and determine which version of libjpeg-turbo it was built from or
-   * linked against.
-   */
-  const char *jpeg_version;
-
-} my_comp_master;
-
-typedef my_comp_master *my_master_ptr;
-
-
-/*
- * Support routines that do various essential calculations.
- */
-
-#if JPEG_LIB_VERSION >= 70
-/*
- * Compute JPEG image dimensions and related values.
- * NOTE: this is exported for possible use by application.
- * Hence it mustn't do anything that can't be done twice.
- */
-
-GLOBAL(void)
-jpeg_calc_jpeg_dimensions(j_compress_ptr cinfo)
-/* Do computations that are needed before master selection phase */
-{
-  /* Hardwire it to "no scaling" */
-  cinfo->jpeg_width = cinfo->image_width;
-  cinfo->jpeg_height = cinfo->image_height;
-  cinfo->min_DCT_h_scaled_size = DCTSIZE;
-  cinfo->min_DCT_v_scaled_size = DCTSIZE;
-}
-#endif
-
-
-LOCAL(void)
-initial_setup(j_compress_ptr cinfo, boolean transcode_only)
-/* Do computations that are needed before master selection phase */
-{
-  int ci;
-  jpeg_component_info *compptr;
-  long samplesperrow;
-  JDIMENSION jd_samplesperrow;
-
-#if JPEG_LIB_VERSION >= 70
-#if JPEG_LIB_VERSION >= 80
-  if (!transcode_only)
-#endif
-    jpeg_calc_jpeg_dimensions(cinfo);
-#endif
-
-  /* Sanity check on image dimensions */
-  if (cinfo->_jpeg_height <= 0 || cinfo->_jpeg_width <= 0 ||
-      cinfo->num_components <= 0 || cinfo->input_components <= 0)
-    ERREXIT(cinfo, JERR_EMPTY_IMAGE);
-
-  /* Make sure image isn't bigger than I can handle */
-  if ((long)cinfo->_jpeg_height > (long)JPEG_MAX_DIMENSION ||
-      (long)cinfo->_jpeg_width > (long)JPEG_MAX_DIMENSION)
-    ERREXIT1(cinfo, JERR_IMAGE_TOO_BIG, (unsigned int)JPEG_MAX_DIMENSION);
-
-  /* Width of an input scanline must be representable as JDIMENSION. */
-  samplesperrow = (long)cinfo->image_width * (long)cinfo->input_components;
-  jd_samplesperrow = (JDIMENSION)samplesperrow;
-  if ((long)jd_samplesperrow != samplesperrow)
-    ERREXIT(cinfo, JERR_WIDTH_OVERFLOW);
-
-  /* For now, precision must match compiled-in value... */
-  if (cinfo->data_precision != BITS_IN_JSAMPLE)
-    ERREXIT1(cinfo, JERR_BAD_PRECISION, cinfo->data_precision);
-
-  /* Check that number of components won't exceed internal array sizes */
-  if (cinfo->num_components > MAX_COMPONENTS)
-    ERREXIT2(cinfo, JERR_COMPONENT_COUNT, cinfo->num_components,
-             MAX_COMPONENTS);
-
-  /* Compute maximum sampling factors; check factor validity */
-  cinfo->max_h_samp_factor = 1;
-  cinfo->max_v_samp_factor = 1;
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    if (compptr->h_samp_factor <= 0 ||
-        compptr->h_samp_factor > MAX_SAMP_FACTOR ||
-        compptr->v_samp_factor <= 0 ||
-        compptr->v_samp_factor > MAX_SAMP_FACTOR)
-      ERREXIT(cinfo, JERR_BAD_SAMPLING);
-    cinfo->max_h_samp_factor = MAX(cinfo->max_h_samp_factor,
-                                   compptr->h_samp_factor);
-    cinfo->max_v_samp_factor = MAX(cinfo->max_v_samp_factor,
-                                   compptr->v_samp_factor);
-  }
-
-  /* Compute dimensions of components */
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    /* Fill in the correct component_index value; don't rely on application */
-    compptr->component_index = ci;
-    /* For compression, we never do DCT scaling. */
-#if JPEG_LIB_VERSION >= 70
-    compptr->DCT_h_scaled_size = compptr->DCT_v_scaled_size = DCTSIZE;
-#else
-    compptr->DCT_scaled_size = DCTSIZE;
-#endif
-    /* Size in DCT blocks */
-    compptr->width_in_blocks = (JDIMENSION)
-      jdiv_round_up((long)cinfo->_jpeg_width * (long)compptr->h_samp_factor,
-                    (long)(cinfo->max_h_samp_factor * DCTSIZE));
-    compptr->height_in_blocks = (JDIMENSION)
-      jdiv_round_up((long)cinfo->_jpeg_height * (long)compptr->v_samp_factor,
-                    (long)(cinfo->max_v_samp_factor * DCTSIZE));
-    /* Size in samples */
-    compptr->downsampled_width = (JDIMENSION)
-      jdiv_round_up((long)cinfo->_jpeg_width * (long)compptr->h_samp_factor,
-                    (long)cinfo->max_h_samp_factor);
-    compptr->downsampled_height = (JDIMENSION)
-      jdiv_round_up((long)cinfo->_jpeg_height * (long)compptr->v_samp_factor,
-                    (long)cinfo->max_v_samp_factor);
-    /* Mark component needed (this flag isn't actually used for compression) */
-    compptr->component_needed = TRUE;
-  }
-
-  /* Compute number of fully interleaved MCU rows (number of times that
-   * main controller will call coefficient controller).
-   */
-  cinfo->total_iMCU_rows = (JDIMENSION)
-    jdiv_round_up((long)cinfo->_jpeg_height,
-                  (long)(cinfo->max_v_samp_factor * DCTSIZE));
-}
-
-
-#ifdef C_MULTISCAN_FILES_SUPPORTED
-
-LOCAL(void)
-validate_script(j_compress_ptr cinfo)
-/* Verify that the scan script in cinfo->scan_info[] is valid; also
- * determine whether it uses progressive JPEG, and set cinfo->progressive_mode.
- */
-{
-  const jpeg_scan_info *scanptr;
-  int scanno, ncomps, ci, coefi, thisi;
-  int Ss, Se, Ah, Al;
-  boolean component_sent[MAX_COMPONENTS];
-#ifdef C_PROGRESSIVE_SUPPORTED
-  int *last_bitpos_ptr;
-  int last_bitpos[MAX_COMPONENTS][DCTSIZE2];
-  /* -1 until that coefficient has been seen; then last Al for it */
-#endif
-
-  if (cinfo->num_scans <= 0)
-    ERREXIT1(cinfo, JERR_BAD_SCAN_SCRIPT, 0);
-
-  /* For sequential JPEG, all scans must have Ss=0, Se=DCTSIZE2-1;
-   * for progressive JPEG, no scan can have this.
-   */
-  scanptr = cinfo->scan_info;
-  if (scanptr->Ss != 0 || scanptr->Se != DCTSIZE2 - 1) {
-#ifdef C_PROGRESSIVE_SUPPORTED
-    cinfo->progressive_mode = TRUE;
-    last_bitpos_ptr = &last_bitpos[0][0];
-    for (ci = 0; ci < cinfo->num_components; ci++)
-      for (coefi = 0; coefi < DCTSIZE2; coefi++)
-        *last_bitpos_ptr++ = -1;
-#else
-    ERREXIT(cinfo, JERR_NOT_COMPILED);
-#endif
-  } else {
-    cinfo->progressive_mode = FALSE;
-    for (ci = 0; ci < cinfo->num_components; ci++)
-      component_sent[ci] = FALSE;
-  }
-
-  for (scanno = 1; scanno <= cinfo->num_scans; scanptr++, scanno++) {
-    /* Validate component indexes */
-    ncomps = scanptr->comps_in_scan;
-    if (ncomps <= 0 || ncomps > MAX_COMPS_IN_SCAN)
-      ERREXIT2(cinfo, JERR_COMPONENT_COUNT, ncomps, MAX_COMPS_IN_SCAN);
-    for (ci = 0; ci < ncomps; ci++) {
-      thisi = scanptr->component_index[ci];
-      if (thisi < 0 || thisi >= cinfo->num_components)
-        ERREXIT1(cinfo, JERR_BAD_SCAN_SCRIPT, scanno);
-      /* Components must appear in SOF order within each scan */
-      if (ci > 0 && thisi <= scanptr->component_index[ci - 1])
-        ERREXIT1(cinfo, JERR_BAD_SCAN_SCRIPT, scanno);
-    }
-    /* Validate progression parameters */
-    Ss = scanptr->Ss;
-    Se = scanptr->Se;
-    Ah = scanptr->Ah;
-    Al = scanptr->Al;
-    if (cinfo->progressive_mode) {
-#ifdef C_PROGRESSIVE_SUPPORTED
-      /* Rec. ITU-T T.81 | ISO/IEC 10918-1 simply gives the ranges 0..13 for Ah
-       * and Al, but that seems wrong: the upper bound ought to depend on data
-       * precision.  Perhaps they really meant 0..N+1 for N-bit precision.
-       * Here we allow 0..10 for 8-bit data; Al larger than 10 results in
-       * out-of-range reconstructed DC values during the first DC scan,
-       * which might cause problems for some decoders.
-       */
-#if BITS_IN_JSAMPLE == 8
-#define MAX_AH_AL  10
-#else
-#define MAX_AH_AL  13
-#endif
-      if (Ss < 0 || Ss >= DCTSIZE2 || Se < Ss || Se >= DCTSIZE2 ||
-          Ah < 0 || Ah > MAX_AH_AL || Al < 0 || Al > MAX_AH_AL)
-        ERREXIT1(cinfo, JERR_BAD_PROG_SCRIPT, scanno);
-      if (Ss == 0) {
-        if (Se != 0)            /* DC and AC together not OK */
-          ERREXIT1(cinfo, JERR_BAD_PROG_SCRIPT, scanno);
-      } else {
-        if (ncomps != 1)        /* AC scans must be for only one component */
-          ERREXIT1(cinfo, JERR_BAD_PROG_SCRIPT, scanno);
-      }
-      for (ci = 0; ci < ncomps; ci++) {
-        last_bitpos_ptr = &last_bitpos[scanptr->component_index[ci]][0];
-        if (Ss != 0 && last_bitpos_ptr[0] < 0) /* AC without prior DC scan */
-          ERREXIT1(cinfo, JERR_BAD_PROG_SCRIPT, scanno);
-        for (coefi = Ss; coefi <= Se; coefi++) {
-          if (last_bitpos_ptr[coefi] < 0) {
-            /* first scan of this coefficient */
-            if (Ah != 0)
-              ERREXIT1(cinfo, JERR_BAD_PROG_SCRIPT, scanno);
-          } else {
-            /* not first scan */
-            if (Ah != last_bitpos_ptr[coefi] || Al != Ah - 1)
-              ERREXIT1(cinfo, JERR_BAD_PROG_SCRIPT, scanno);
-          }
-          last_bitpos_ptr[coefi] = Al;
-        }
-      }
-#endif
-    } else {
-      /* For sequential JPEG, all progression parameters must be these: */
-      if (Ss != 0 || Se != DCTSIZE2 - 1 || Ah != 0 || Al != 0)
-        ERREXIT1(cinfo, JERR_BAD_PROG_SCRIPT, scanno);
-      /* Make sure components are not sent twice */
-      for (ci = 0; ci < ncomps; ci++) {
-        thisi = scanptr->component_index[ci];
-        if (component_sent[thisi])
-          ERREXIT1(cinfo, JERR_BAD_SCAN_SCRIPT, scanno);
-        component_sent[thisi] = TRUE;
-      }
-    }
-  }
-
-  /* Now verify that everything got sent. */
-  if (cinfo->progressive_mode) {
-#ifdef C_PROGRESSIVE_SUPPORTED
-    /* For progressive mode, we only check that at least some DC data
-     * got sent for each component; the spec does not require that all bits
-     * of all coefficients be transmitted.  Would it be wiser to enforce
-     * transmission of all coefficient bits??
-     */
-    for (ci = 0; ci < cinfo->num_components; ci++) {
-      if (last_bitpos[ci][0] < 0)
-        ERREXIT(cinfo, JERR_MISSING_DATA);
-    }
-#endif
-  } else {
-    for (ci = 0; ci < cinfo->num_components; ci++) {
-      if (!component_sent[ci])
-        ERREXIT(cinfo, JERR_MISSING_DATA);
-    }
-  }
-}
-
-#endif /* C_MULTISCAN_FILES_SUPPORTED */
-
-
-LOCAL(void)
-select_scan_parameters(j_compress_ptr cinfo)
-/* Set up the scan parameters for the current scan */
-{
-  int ci;
-
-#ifdef C_MULTISCAN_FILES_SUPPORTED
-  if (cinfo->scan_info != NULL) {
-    /* Prepare for current scan --- the script is already validated */
-    my_master_ptr master = (my_master_ptr)cinfo->master;
-    const jpeg_scan_info *scanptr = cinfo->scan_info + master->scan_number;
-
-    cinfo->comps_in_scan = scanptr->comps_in_scan;
-    for (ci = 0; ci < scanptr->comps_in_scan; ci++) {
-      cinfo->cur_comp_info[ci] =
-        &cinfo->comp_info[scanptr->component_index[ci]];
-    }
-    cinfo->Ss = scanptr->Ss;
-    cinfo->Se = scanptr->Se;
-    cinfo->Ah = scanptr->Ah;
-    cinfo->Al = scanptr->Al;
-  } else
-#endif
-  {
-    /* Prepare for single sequential-JPEG scan containing all components */
-    if (cinfo->num_components > MAX_COMPS_IN_SCAN)
-      ERREXIT2(cinfo, JERR_COMPONENT_COUNT, cinfo->num_components,
-               MAX_COMPS_IN_SCAN);
-    cinfo->comps_in_scan = cinfo->num_components;
-    for (ci = 0; ci < cinfo->num_components; ci++) {
-      cinfo->cur_comp_info[ci] = &cinfo->comp_info[ci];
-    }
-    cinfo->Ss = 0;
-    cinfo->Se = DCTSIZE2 - 1;
-    cinfo->Ah = 0;
-    cinfo->Al = 0;
-  }
-}
-
-
-LOCAL(void)
-per_scan_setup(j_compress_ptr cinfo)
-/* Do computations that are needed before processing a JPEG scan */
-/* cinfo->comps_in_scan and cinfo->cur_comp_info[] are already set */
-{
-  int ci, mcublks, tmp;
-  jpeg_component_info *compptr;
-
-  if (cinfo->comps_in_scan == 1) {
-
-    /* Noninterleaved (single-component) scan */
-    compptr = cinfo->cur_comp_info[0];
-
-    /* Overall image size in MCUs */
-    cinfo->MCUs_per_row = compptr->width_in_blocks;
-    cinfo->MCU_rows_in_scan = compptr->height_in_blocks;
-
-    /* For noninterleaved scan, always one block per MCU */
-    compptr->MCU_width = 1;
-    compptr->MCU_height = 1;
-    compptr->MCU_blocks = 1;
-    compptr->MCU_sample_width = DCTSIZE;
-    compptr->last_col_width = 1;
-    /* For noninterleaved scans, it is convenient to define last_row_height
-     * as the number of block rows present in the last iMCU row.
-     */
-    tmp = (int)(compptr->height_in_blocks % compptr->v_samp_factor);
-    if (tmp == 0) tmp = compptr->v_samp_factor;
-    compptr->last_row_height = tmp;
-
-    /* Prepare array describing MCU composition */
-    cinfo->blocks_in_MCU = 1;
-    cinfo->MCU_membership[0] = 0;
-
-  } else {
-
-    /* Interleaved (multi-component) scan */
-    if (cinfo->comps_in_scan <= 0 || cinfo->comps_in_scan > MAX_COMPS_IN_SCAN)
-      ERREXIT2(cinfo, JERR_COMPONENT_COUNT, cinfo->comps_in_scan,
-               MAX_COMPS_IN_SCAN);
-
-    /* Overall image size in MCUs */
-    cinfo->MCUs_per_row = (JDIMENSION)
-      jdiv_round_up((long)cinfo->_jpeg_width,
-                    (long)(cinfo->max_h_samp_factor * DCTSIZE));
-    cinfo->MCU_rows_in_scan = (JDIMENSION)
-      jdiv_round_up((long)cinfo->_jpeg_height,
-                    (long)(cinfo->max_v_samp_factor * DCTSIZE));
-
-    cinfo->blocks_in_MCU = 0;
-
-    for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-      compptr = cinfo->cur_comp_info[ci];
-      /* Sampling factors give # of blocks of component in each MCU */
-      compptr->MCU_width = compptr->h_samp_factor;
-      compptr->MCU_height = compptr->v_samp_factor;
-      compptr->MCU_blocks = compptr->MCU_width * compptr->MCU_height;
-      compptr->MCU_sample_width = compptr->MCU_width * DCTSIZE;
-      /* Figure number of non-dummy blocks in last MCU column & row */
-      tmp = (int)(compptr->width_in_blocks % compptr->MCU_width);
-      if (tmp == 0) tmp = compptr->MCU_width;
-      compptr->last_col_width = tmp;
-      tmp = (int)(compptr->height_in_blocks % compptr->MCU_height);
-      if (tmp == 0) tmp = compptr->MCU_height;
-      compptr->last_row_height = tmp;
-      /* Prepare array describing MCU composition */
-      mcublks = compptr->MCU_blocks;
-      if (cinfo->blocks_in_MCU + mcublks > C_MAX_BLOCKS_IN_MCU)
-        ERREXIT(cinfo, JERR_BAD_MCU_SIZE);
-      while (mcublks-- > 0) {
-        cinfo->MCU_membership[cinfo->blocks_in_MCU++] = ci;
-      }
-    }
-
-  }
-
-  /* Convert restart specified in rows to actual MCU count. */
-  /* Note that count must fit in 16 bits, so we provide limiting. */
-  if (cinfo->restart_in_rows > 0) {
-    long nominal = (long)cinfo->restart_in_rows * (long)cinfo->MCUs_per_row;
-    cinfo->restart_interval = (unsigned int)MIN(nominal, 65535L);
-  }
-}
-
-
-/*
- * Per-pass setup.
- * This is called at the beginning of each pass.  We determine which modules
- * will be active during this pass and give them appropriate start_pass calls.
- * We also set is_last_pass to indicate whether any more passes will be
- * required.
- */
-
-METHODDEF(void)
-prepare_for_pass(j_compress_ptr cinfo)
-{
-  my_master_ptr master = (my_master_ptr)cinfo->master;
-
-  switch (master->pass_type) {
-  case main_pass:
-    /* Initial pass: will collect input data, and do either Huffman
-     * optimization or data output for the first scan.
-     */
-    select_scan_parameters(cinfo);
-    per_scan_setup(cinfo);
-    if (!cinfo->raw_data_in) {
-      (*cinfo->cconvert->start_pass) (cinfo);
-      (*cinfo->downsample->start_pass) (cinfo);
-      (*cinfo->prep->start_pass) (cinfo, JBUF_PASS_THRU);
-    }
-    (*cinfo->fdct->start_pass) (cinfo);
-    (*cinfo->entropy->start_pass) (cinfo, cinfo->optimize_coding);
-    (*cinfo->coef->start_pass) (cinfo,
-                                (master->total_passes > 1 ?
-                                 JBUF_SAVE_AND_PASS : JBUF_PASS_THRU));
-    (*cinfo->main->start_pass) (cinfo, JBUF_PASS_THRU);
-    if (cinfo->optimize_coding) {
-      /* No immediate data output; postpone writing frame/scan headers */
-      master->pub.call_pass_startup = FALSE;
-    } else {
-      /* Will write frame/scan headers at first jpeg_write_scanlines call */
-      master->pub.call_pass_startup = TRUE;
-    }
-    break;
-#ifdef ENTROPY_OPT_SUPPORTED
-  case huff_opt_pass:
-    /* Do Huffman optimization for a scan after the first one. */
-    select_scan_parameters(cinfo);
-    per_scan_setup(cinfo);
-    if (cinfo->Ss != 0 || cinfo->Ah == 0 || cinfo->arith_code) {
-      (*cinfo->entropy->start_pass) (cinfo, TRUE);
-      (*cinfo->coef->start_pass) (cinfo, JBUF_CRANK_DEST);
-      master->pub.call_pass_startup = FALSE;
-      break;
-    }
-    /* Special case: Huffman DC refinement scans need no Huffman table
-     * and therefore we can skip the optimization pass for them.
-     */
-    master->pass_type = output_pass;
-    master->pass_number++;
-#endif
-    /*FALLTHROUGH*/
-  case output_pass:
-    /* Do a data-output pass. */
-    /* We need not repeat per-scan setup if prior optimization pass did it. */
-    if (!cinfo->optimize_coding) {
-      select_scan_parameters(cinfo);
-      per_scan_setup(cinfo);
-    }
-    (*cinfo->entropy->start_pass) (cinfo, FALSE);
-    (*cinfo->coef->start_pass) (cinfo, JBUF_CRANK_DEST);
-    /* We emit frame/scan headers now */
-    if (master->scan_number == 0)
-      (*cinfo->marker->write_frame_header) (cinfo);
-    (*cinfo->marker->write_scan_header) (cinfo);
-    master->pub.call_pass_startup = FALSE;
-    break;
-  default:
-    ERREXIT(cinfo, JERR_NOT_COMPILED);
-  }
-
-  master->pub.is_last_pass = (master->pass_number == master->total_passes - 1);
-
-  /* Set up progress monitor's pass info if present */
-  if (cinfo->progress != NULL) {
-    cinfo->progress->completed_passes = master->pass_number;
-    cinfo->progress->total_passes = master->total_passes;
-  }
-}
-
-
-/*
- * Special start-of-pass hook.
- * This is called by jpeg_write_scanlines if call_pass_startup is TRUE.
- * In single-pass processing, we need this hook because we don't want to
- * write frame/scan headers during jpeg_start_compress; we want to let the
- * application write COM markers etc. between jpeg_start_compress and the
- * jpeg_write_scanlines loop.
- * In multi-pass processing, this routine is not used.
- */
-
-METHODDEF(void)
-pass_startup(j_compress_ptr cinfo)
-{
-  cinfo->master->call_pass_startup = FALSE; /* reset flag so call only once */
-
-  (*cinfo->marker->write_frame_header) (cinfo);
-  (*cinfo->marker->write_scan_header) (cinfo);
-}
-
-
-/*
- * Finish up at end of pass.
- */
-
-METHODDEF(void)
-finish_pass_master(j_compress_ptr cinfo)
-{
-  my_master_ptr master = (my_master_ptr)cinfo->master;
-
-  /* The entropy coder always needs an end-of-pass call,
-   * either to analyze statistics or to flush its output buffer.
-   */
-  (*cinfo->entropy->finish_pass) (cinfo);
-
-  /* Update state for next pass */
-  switch (master->pass_type) {
-  case main_pass:
-    /* next pass is either output of scan 0 (after optimization)
-     * or output of scan 1 (if no optimization).
-     */
-    master->pass_type = output_pass;
-    if (!cinfo->optimize_coding)
-      master->scan_number++;
-    break;
-  case huff_opt_pass:
-    /* next pass is always output of current scan */
-    master->pass_type = output_pass;
-    break;
-  case output_pass:
-    /* next pass is either optimization or output of next scan */
-    if (cinfo->optimize_coding)
-      master->pass_type = huff_opt_pass;
-    master->scan_number++;
-    break;
-  }
-
-  master->pass_number++;
-}
-
-
-/*
- * Initialize master compression control.
- */
-
-GLOBAL(void)
-jinit_c_master_control(j_compress_ptr cinfo, boolean transcode_only)
-{
-  my_master_ptr master;
-
-  master = (my_master_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(my_comp_master));
-  cinfo->master = (struct jpeg_comp_master *)master;
-  master->pub.prepare_for_pass = prepare_for_pass;
-  master->pub.pass_startup = pass_startup;
-  master->pub.finish_pass = finish_pass_master;
-  master->pub.is_last_pass = FALSE;
-
-  /* Validate parameters, determine derived values */
-  initial_setup(cinfo, transcode_only);
-
-  if (cinfo->scan_info != NULL) {
-#ifdef C_MULTISCAN_FILES_SUPPORTED
-    validate_script(cinfo);
-#else
-    ERREXIT(cinfo, JERR_NOT_COMPILED);
-#endif
-  } else {
-    cinfo->progressive_mode = FALSE;
-    cinfo->num_scans = 1;
-  }
-
-  if (cinfo->progressive_mode && !cinfo->arith_code)  /*  TEMPORARY HACK ??? */
-    cinfo->optimize_coding = TRUE; /* assume default tables no good for progressive mode */
-
-  /* Initialize my private state */
-  if (transcode_only) {
-    /* no main pass in transcoding */
-    if (cinfo->optimize_coding)
-      master->pass_type = huff_opt_pass;
-    else
-      master->pass_type = output_pass;
-  } else {
-    /* for normal compression, first pass is always this type: */
-    master->pass_type = main_pass;
-  }
-  master->scan_number = 0;
-  master->pass_number = 0;
-  if (cinfo->optimize_coding)
-    master->total_passes = cinfo->num_scans * 2;
-  else
-    master->total_passes = cinfo->num_scans;
-
-  master->jpeg_version = PACKAGE_NAME " version " VERSION " (build " BUILD ")";
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jcomapi.c b/3rdparty/libjpeg-turbo_2_1_0/jcomapi.c
deleted file mode 100644
index efbb835..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jcomapi.c
+++ /dev/null
@@ -1,109 +0,0 @@
-/*
- * jcomapi.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1997, Thomas G. Lane.
- * It was modified by The libjpeg-turbo Project to include only code relevant
- * to libjpeg-turbo.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains application interface routines that are used for both
- * compression and decompression.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-
-
-/*
- * Abort processing of a JPEG compression or decompression operation,
- * but don't destroy the object itself.
- *
- * For this, we merely clean up all the nonpermanent memory pools.
- * Note that temp files (virtual arrays) are not allowed to belong to
- * the permanent pool, so we will be able to close all temp files here.
- * Closing a data source or destination, if necessary, is the application's
- * responsibility.
- */
-
-GLOBAL(void)
-jpeg_abort(j_common_ptr cinfo)
-{
-  int pool;
-
-  /* Do nothing if called on a not-initialized or destroyed JPEG object. */
-  if (cinfo->mem == NULL)
-    return;
-
-  /* Releasing pools in reverse order might help avoid fragmentation
-   * with some (brain-damaged) malloc libraries.
-   */
-  for (pool = JPOOL_NUMPOOLS - 1; pool > JPOOL_PERMANENT; pool--) {
-    (*cinfo->mem->free_pool) (cinfo, pool);
-  }
-
-  /* Reset overall state for possible reuse of object */
-  if (cinfo->is_decompressor) {
-    cinfo->global_state = DSTATE_START;
-    /* Try to keep application from accessing now-deleted marker list.
-     * A bit kludgy to do it here, but this is the most central place.
-     */
-    ((j_decompress_ptr)cinfo)->marker_list = NULL;
-  } else {
-    cinfo->global_state = CSTATE_START;
-  }
-}
-
-
-/*
- * Destruction of a JPEG object.
- *
- * Everything gets deallocated except the master jpeg_compress_struct itself
- * and the error manager struct.  Both of these are supplied by the application
- * and must be freed, if necessary, by the application.  (Often they are on
- * the stack and so don't need to be freed anyway.)
- * Closing a data source or destination, if necessary, is the application's
- * responsibility.
- */
-
-GLOBAL(void)
-jpeg_destroy(j_common_ptr cinfo)
-{
-  /* We need only tell the memory manager to release everything. */
-  /* NB: mem pointer is NULL if memory mgr failed to initialize. */
-  if (cinfo->mem != NULL)
-    (*cinfo->mem->self_destruct) (cinfo);
-  cinfo->mem = NULL;            /* be safe if jpeg_destroy is called twice */
-  cinfo->global_state = 0;      /* mark it destroyed */
-}
-
-
-/*
- * Convenience routines for allocating quantization and Huffman tables.
- * (Would jutils.c be a more reasonable place to put these?)
- */
-
-GLOBAL(JQUANT_TBL *)
-jpeg_alloc_quant_table(j_common_ptr cinfo)
-{
-  JQUANT_TBL *tbl;
-
-  tbl = (JQUANT_TBL *)
-    (*cinfo->mem->alloc_small) (cinfo, JPOOL_PERMANENT, sizeof(JQUANT_TBL));
-  tbl->sent_table = FALSE;      /* make sure this is false in any new table */
-  return tbl;
-}
-
-
-GLOBAL(JHUFF_TBL *)
-jpeg_alloc_huff_table(j_common_ptr cinfo)
-{
-  JHUFF_TBL *tbl;
-
-  tbl = (JHUFF_TBL *)
-    (*cinfo->mem->alloc_small) (cinfo, JPOOL_PERMANENT, sizeof(JHUFF_TBL));
-  tbl->sent_table = FALSE;      /* make sure this is false in any new table */
-  return tbl;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jconfig.h.in b/3rdparty/libjpeg-turbo_2_1_0/jconfig.h.in
deleted file mode 100644
index d4284d9..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jconfig.h.in
+++ /dev/null
@@ -1,68 +0,0 @@
-/* Version ID for the JPEG library.
- * Might be useful for tests like "#if JPEG_LIB_VERSION >= 60".
- */
-#define JPEG_LIB_VERSION  @JPEG_LIB_VERSION@
-
-/* libjpeg-turbo version */
-#define LIBJPEG_TURBO_VERSION  @VERSION@
-
-/* libjpeg-turbo version in integer form */
-#define LIBJPEG_TURBO_VERSION_NUMBER  @LIBJPEG_TURBO_VERSION_NUMBER@
-
-/* Support arithmetic encoding */
-#cmakedefine C_ARITH_CODING_SUPPORTED 1
-
-/* Support arithmetic decoding */
-#cmakedefine D_ARITH_CODING_SUPPORTED 1
-
-/* Support in-memory source/destination managers */
-#cmakedefine MEM_SRCDST_SUPPORTED 1
-
-/* Use accelerated SIMD routines. */
-#cmakedefine WITH_SIMD 1
-
-/*
- * Define BITS_IN_JSAMPLE as either
- *   8   for 8-bit sample values (the usual setting)
- *   12  for 12-bit sample values
- * Only 8 and 12 are legal data precisions for lossy JPEG according to the
- * JPEG standard, and the IJG code does not support anything else!
- * We do not support run-time selection of data precision, sorry.
- */
-
-#define BITS_IN_JSAMPLE  @BITS_IN_JSAMPLE@      /* use 8 or 12 */
-
-/* Define to 1 if you have the <locale.h> header file. */
-#cmakedefine HAVE_LOCALE_H 1
-
-/* Define to 1 if you have the <stddef.h> header file. */
-#cmakedefine HAVE_STDDEF_H 1
-
-/* Define to 1 if you have the <stdlib.h> header file. */
-#cmakedefine HAVE_STDLIB_H 1
-
-/* Define if you need to include <sys/types.h> to get size_t. */
-#cmakedefine NEED_SYS_TYPES_H 1
-
-/* Define if you have BSD-like bzero and bcopy in <strings.h> rather than
-   memset/memcpy in <string.h>. */
-#cmakedefine NEED_BSD_STRINGS 1
-
-/* Define to 1 if the system has the type `unsigned char'. */
-#cmakedefine HAVE_UNSIGNED_CHAR 1
-
-/* Define to 1 if the system has the type `unsigned short'. */
-#cmakedefine HAVE_UNSIGNED_SHORT 1
-
-/* Compiler does not support pointers to undefined structures. */
-#cmakedefine INCOMPLETE_TYPES_BROKEN 1
-
-/* Define if your (broken) compiler shifts signed values as if they were
-   unsigned. */
-#cmakedefine RIGHT_SHIFT_IS_UNSIGNED 1
-
-/* Define to empty if `const' does not conform to ANSI C. */
-/* #undef const */
-
-/* Define to `unsigned int' if <sys/types.h> does not define. */
-/* #undef size_t */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jconfig.txt b/3rdparty/libjpeg-turbo_2_1_0/jconfig.txt
deleted file mode 100644
index 21f35c1..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jconfig.txt
+++ /dev/null
@@ -1,136 +0,0 @@
-/*
- * jconfig.txt
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1994, Thomas G. Lane.
- * It was modified by The libjpeg-turbo Project to include only code relevant
- * to libjpeg-turbo.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file documents the configuration options that are required to
- * customize the JPEG software for a particular system.
- *
- * The actual configuration options for a particular installation are stored
- * in jconfig.h.  On many machines, jconfig.h can be generated automatically
- * or copied from one of the "canned" jconfig files that we supply.  But if
- * you need to generate a jconfig.h file by hand, this file tells you how.
- *
- * DO NOT EDIT THIS FILE --- IT WON'T ACCOMPLISH ANYTHING.
- * EDIT A COPY NAMED JCONFIG.H.
- */
-
-
-/*
- * These symbols indicate the properties of your machine or compiler.
- * #define the symbol if yes, #undef it if no.
- */
-
-/* Does your compiler support the declaration "unsigned char" ?
- * How about "unsigned short" ?
- */
-#define HAVE_UNSIGNED_CHAR
-#define HAVE_UNSIGNED_SHORT
-
-/* Define "void" as "char" if your compiler doesn't know about type void.
- * NOTE: be sure to define void such that "void *" represents the most general
- * pointer type, e.g., that returned by malloc().
- */
-/* #define void char */
-
-/* Define "const" as empty if your compiler doesn't know the "const" keyword.
- */
-/* #define const */
-
-/* Define this if your system has an ANSI-conforming <stddef.h> file.
- */
-#define HAVE_STDDEF_H
-
-/* Define this if your system has an ANSI-conforming <stdlib.h> file.
- */
-#define HAVE_STDLIB_H
-
-/* Define this if your system does not have an ANSI/SysV <string.h>,
- * but does have a BSD-style <strings.h>.
- */
-#undef NEED_BSD_STRINGS
-
-/* Define this if your system does not provide typedef size_t in any of the
- * ANSI-standard places (stddef.h, stdlib.h, or stdio.h), but places it in
- * <sys/types.h> instead.
- */
-#undef NEED_SYS_TYPES_H
-
-/* Although a real ANSI C compiler can deal perfectly well with pointers to
- * unspecified structures (see "incomplete types" in the spec), a few pre-ANSI
- * and pseudo-ANSI compilers get confused.  To keep one of these bozos happy,
- * define INCOMPLETE_TYPES_BROKEN.  This is not recommended unless you
- * actually get "missing structure definition" warnings or errors while
- * compiling the JPEG code.
- */
-#undef INCOMPLETE_TYPES_BROKEN
-
-/* Define "boolean" as unsigned char, not int, on Windows systems.
- */
-#ifdef _WIN32
-#ifndef __RPCNDR_H__            /* don't conflict if rpcndr.h already read */
-typedef unsigned char boolean;
-#endif
-#define HAVE_BOOLEAN            /* prevent jmorecfg.h from redefining it */
-#endif
-
-
-/*
- * The following options affect code selection within the JPEG library,
- * but they don't need to be visible to applications using the library.
- * To minimize application namespace pollution, the symbols won't be
- * defined unless JPEG_INTERNALS has been defined.
- */
-
-#ifdef JPEG_INTERNALS
-
-/* Define this if your compiler implements ">>" on signed values as a logical
- * (unsigned) shift; leave it undefined if ">>" is a signed (arithmetic) shift,
- * which is the normal and rational definition.
- */
-#undef RIGHT_SHIFT_IS_UNSIGNED
-
-
-#endif /* JPEG_INTERNALS */
-
-
-/*
- * The remaining options do not affect the JPEG library proper,
- * but only the sample applications cjpeg/djpeg (see cjpeg.c, djpeg.c).
- * Other applications can ignore these.
- */
-
-#ifdef JPEG_CJPEG_DJPEG
-
-/* These defines indicate which image (non-JPEG) file formats are allowed. */
-
-#define BMP_SUPPORTED           /* BMP image file format */
-#define GIF_SUPPORTED           /* GIF image file format */
-#define PPM_SUPPORTED           /* PBMPLUS PPM/PGM image file format */
-#define TARGA_SUPPORTED         /* Targa image file format */
-
-/* Define this if you want to name both input and output files on the command
- * line, rather than using stdout and optionally stdin.  You MUST do this if
- * your system can't cope with binary I/O to stdin/stdout.  See comments at
- * head of cjpeg.c or djpeg.c.
- */
-#undef TWO_FILE_COMMANDLINE
-
-/* By default, we open image files with fopen(..., "rb") or fopen(..., "wb").
- * This is necessary on systems that distinguish text files from binary files,
- * and is harmless on most systems that don't.  If you have one of the rare
- * systems that complains about the "b" spec, define this symbol.
- */
-#undef DONT_USE_B_MODE
-
-/* Define this if you want percent-done progress reports from cjpeg/djpeg.
- */
-#undef PROGRESS_REPORT
-
-
-#endif /* JPEG_CJPEG_DJPEG */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jconfigint.h.in b/3rdparty/libjpeg-turbo_2_1_0/jconfigint.h.in
deleted file mode 100644
index 68cbc2a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jconfigint.h.in
+++ /dev/null
@@ -1,34 +0,0 @@
-/* libjpeg-turbo build number */
-#define BUILD  "@BUILD@"
-
-/* Compiler's inline keyword */
-#undef inline
-
-/* How to obtain function inlining. */
-#define INLINE  @INLINE@
-
-/* How to obtain thread-local storage */
-#define THREAD_LOCAL  @THREAD_LOCAL@
-
-/* Define to the full name of this package. */
-#define PACKAGE_NAME  "@CMAKE_PROJECT_NAME@"
-
-/* Version number of package */
-#define VERSION  "@VERSION@"
-
-/* The size of `size_t', as computed by sizeof. */
-#define SIZEOF_SIZE_T  @SIZE_T@
-
-/* Define if your compiler has __builtin_ctzl() and sizeof(unsigned long) == sizeof(size_t). */
-#cmakedefine HAVE_BUILTIN_CTZL
-
-/* Define to 1 if you have the <intrin.h> header file. */
-#cmakedefine HAVE_INTRIN_H
-
-#if defined(_MSC_VER) && defined(HAVE_INTRIN_H)
-#if (SIZEOF_SIZE_T == 8)
-#define HAVE_BITSCANFORWARD64
-#elif (SIZEOF_SIZE_T == 4)
-#define HAVE_BITSCANFORWARD
-#endif
-#endif
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jcparam.c b/3rdparty/libjpeg-turbo_2_1_0/jcparam.c
deleted file mode 100644
index 5bc7174..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jcparam.c
+++ /dev/null
@@ -1,541 +0,0 @@
-/*
- * jcparam.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1998, Thomas G. Lane.
- * Modified 2003-2008 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2009-2011, 2018, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains optional default-setting code for the JPEG compressor.
- * Applications do not have to use this file, but those that don't use it
- * must know a lot more about the innards of the JPEG code.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jstdhuff.c"
-
-
-/*
- * Quantization table setup routines
- */
-
-GLOBAL(void)
-jpeg_add_quant_table(j_compress_ptr cinfo, int which_tbl,
-                     const unsigned int *basic_table, int scale_factor,
-                     boolean force_baseline)
-/* Define a quantization table equal to the basic_table times
- * a scale factor (given as a percentage).
- * If force_baseline is TRUE, the computed quantization table entries
- * are limited to 1..255 for JPEG baseline compatibility.
- */
-{
-  JQUANT_TBL **qtblptr;
-  int i;
-  long temp;
-
-  /* Safety check to ensure start_compress not called yet. */
-  if (cinfo->global_state != CSTATE_START)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-
-  if (which_tbl < 0 || which_tbl >= NUM_QUANT_TBLS)
-    ERREXIT1(cinfo, JERR_DQT_INDEX, which_tbl);
-
-  qtblptr = &cinfo->quant_tbl_ptrs[which_tbl];
-
-  if (*qtblptr == NULL)
-    *qtblptr = jpeg_alloc_quant_table((j_common_ptr)cinfo);
-
-  for (i = 0; i < DCTSIZE2; i++) {
-    temp = ((long)basic_table[i] * scale_factor + 50L) / 100L;
-    /* limit the values to the valid range */
-    if (temp <= 0L) temp = 1L;
-    if (temp > 32767L) temp = 32767L; /* max quantizer needed for 12 bits */
-    if (force_baseline && temp > 255L)
-      temp = 255L;              /* limit to baseline range if requested */
-    (*qtblptr)->quantval[i] = (UINT16)temp;
-  }
-
-  /* Initialize sent_table FALSE so table will be written to JPEG file. */
-  (*qtblptr)->sent_table = FALSE;
-}
-
-
-/* These are the sample quantization tables given in Annex K (Clause K.1) of
- * Recommendation ITU-T T.81 (1992) | ISO/IEC 10918-1:1994.
- * The spec says that the values given produce "good" quality, and
- * when divided by 2, "very good" quality.
- */
-static const unsigned int std_luminance_quant_tbl[DCTSIZE2] = {
-  16,  11,  10,  16,  24,  40,  51,  61,
-  12,  12,  14,  19,  26,  58,  60,  55,
-  14,  13,  16,  24,  40,  57,  69,  56,
-  14,  17,  22,  29,  51,  87,  80,  62,
-  18,  22,  37,  56,  68, 109, 103,  77,
-  24,  35,  55,  64,  81, 104, 113,  92,
-  49,  64,  78,  87, 103, 121, 120, 101,
-  72,  92,  95,  98, 112, 100, 103,  99
-};
-static const unsigned int std_chrominance_quant_tbl[DCTSIZE2] = {
-  17,  18,  24,  47,  99,  99,  99,  99,
-  18,  21,  26,  66,  99,  99,  99,  99,
-  24,  26,  56,  99,  99,  99,  99,  99,
-  47,  66,  99,  99,  99,  99,  99,  99,
-  99,  99,  99,  99,  99,  99,  99,  99,
-  99,  99,  99,  99,  99,  99,  99,  99,
-  99,  99,  99,  99,  99,  99,  99,  99,
-  99,  99,  99,  99,  99,  99,  99,  99
-};
-
-
-#if JPEG_LIB_VERSION >= 70
-GLOBAL(void)
-jpeg_default_qtables(j_compress_ptr cinfo, boolean force_baseline)
-/* Set or change the 'quality' (quantization) setting, using default tables
- * and straight percentage-scaling quality scales.
- * This entry point allows different scalings for luminance and chrominance.
- */
-{
-  /* Set up two quantization tables using the specified scaling */
-  jpeg_add_quant_table(cinfo, 0, std_luminance_quant_tbl,
-                       cinfo->q_scale_factor[0], force_baseline);
-  jpeg_add_quant_table(cinfo, 1, std_chrominance_quant_tbl,
-                       cinfo->q_scale_factor[1], force_baseline);
-}
-#endif
-
-
-GLOBAL(void)
-jpeg_set_linear_quality(j_compress_ptr cinfo, int scale_factor,
-                        boolean force_baseline)
-/* Set or change the 'quality' (quantization) setting, using default tables
- * and a straight percentage-scaling quality scale.  In most cases it's better
- * to use jpeg_set_quality (below); this entry point is provided for
- * applications that insist on a linear percentage scaling.
- */
-{
-  /* Set up two quantization tables using the specified scaling */
-  jpeg_add_quant_table(cinfo, 0, std_luminance_quant_tbl,
-                       scale_factor, force_baseline);
-  jpeg_add_quant_table(cinfo, 1, std_chrominance_quant_tbl,
-                       scale_factor, force_baseline);
-}
-
-
-GLOBAL(int)
-jpeg_quality_scaling(int quality)
-/* Convert a user-specified quality rating to a percentage scaling factor
- * for an underlying quantization table, using our recommended scaling curve.
- * The input 'quality' factor should be 0 (terrible) to 100 (very good).
- */
-{
-  /* Safety limit on quality factor.  Convert 0 to 1 to avoid zero divide. */
-  if (quality <= 0) quality = 1;
-  if (quality > 100) quality = 100;
-
-  /* The basic table is used as-is (scaling 100) for a quality of 50.
-   * Qualities 50..100 are converted to scaling percentage 200 - 2*Q;
-   * note that at Q=100 the scaling is 0, which will cause jpeg_add_quant_table
-   * to make all the table entries 1 (hence, minimum quantization loss).
-   * Qualities 1..50 are converted to scaling percentage 5000/Q.
-   */
-  if (quality < 50)
-    quality = 5000 / quality;
-  else
-    quality = 200 - quality * 2;
-
-  return quality;
-}
-
-
-GLOBAL(void)
-jpeg_set_quality(j_compress_ptr cinfo, int quality, boolean force_baseline)
-/* Set or change the 'quality' (quantization) setting, using default tables.
- * This is the standard quality-adjusting entry point for typical user
- * interfaces; only those who want detailed control over quantization tables
- * would use the preceding three routines directly.
- */
-{
-  /* Convert user 0-100 rating to percentage scaling */
-  quality = jpeg_quality_scaling(quality);
-
-  /* Set up standard quality tables */
-  jpeg_set_linear_quality(cinfo, quality, force_baseline);
-}
-
-
-/*
- * Default parameter setup for compression.
- *
- * Applications that don't choose to use this routine must do their
- * own setup of all these parameters.  Alternately, you can call this
- * to establish defaults and then alter parameters selectively.  This
- * is the recommended approach since, if we add any new parameters,
- * your code will still work (they'll be set to reasonable defaults).
- */
-
-GLOBAL(void)
-jpeg_set_defaults(j_compress_ptr cinfo)
-{
-  int i;
-
-  /* Safety check to ensure start_compress not called yet. */
-  if (cinfo->global_state != CSTATE_START)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-
-  /* Allocate comp_info array large enough for maximum component count.
-   * Array is made permanent in case application wants to compress
-   * multiple images at same param settings.
-   */
-  if (cinfo->comp_info == NULL)
-    cinfo->comp_info = (jpeg_component_info *)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_PERMANENT,
-                                  MAX_COMPONENTS * sizeof(jpeg_component_info));
-
-  /* Initialize everything not dependent on the color space */
-
-#if JPEG_LIB_VERSION >= 70
-  cinfo->scale_num = 1;         /* 1:1 scaling */
-  cinfo->scale_denom = 1;
-#endif
-  cinfo->data_precision = BITS_IN_JSAMPLE;
-  /* Set up two quantization tables using default quality of 75 */
-  jpeg_set_quality(cinfo, 75, TRUE);
-  /* Set up two Huffman tables */
-  std_huff_tables((j_common_ptr)cinfo);
-
-  /* Initialize default arithmetic coding conditioning */
-  for (i = 0; i < NUM_ARITH_TBLS; i++) {
-    cinfo->arith_dc_L[i] = 0;
-    cinfo->arith_dc_U[i] = 1;
-    cinfo->arith_ac_K[i] = 5;
-  }
-
-  /* Default is no multiple-scan output */
-  cinfo->scan_info = NULL;
-  cinfo->num_scans = 0;
-
-  /* Expect normal source image, not raw downsampled data */
-  cinfo->raw_data_in = FALSE;
-
-  /* Use Huffman coding, not arithmetic coding, by default */
-  cinfo->arith_code = FALSE;
-
-  /* By default, don't do extra passes to optimize entropy coding */
-  cinfo->optimize_coding = FALSE;
-  /* The standard Huffman tables are only valid for 8-bit data precision.
-   * If the precision is higher, force optimization on so that usable
-   * tables will be computed.  This test can be removed if default tables
-   * are supplied that are valid for the desired precision.
-   */
-  if (cinfo->data_precision > 8)
-    cinfo->optimize_coding = TRUE;
-
-  /* By default, use the simpler non-cosited sampling alignment */
-  cinfo->CCIR601_sampling = FALSE;
-
-#if JPEG_LIB_VERSION >= 70
-  /* By default, apply fancy downsampling */
-  cinfo->do_fancy_downsampling = TRUE;
-#endif
-
-  /* No input smoothing */
-  cinfo->smoothing_factor = 0;
-
-  /* DCT algorithm preference */
-  cinfo->dct_method = JDCT_DEFAULT;
-
-  /* No restart markers */
-  cinfo->restart_interval = 0;
-  cinfo->restart_in_rows = 0;
-
-  /* Fill in default JFIF marker parameters.  Note that whether the marker
-   * will actually be written is determined by jpeg_set_colorspace.
-   *
-   * By default, the library emits JFIF version code 1.01.
-   * An application that wants to emit JFIF 1.02 extension markers should set
-   * JFIF_minor_version to 2.  We could probably get away with just defaulting
-   * to 1.02, but there may still be some decoders in use that will complain
-   * about that; saying 1.01 should minimize compatibility problems.
-   */
-  cinfo->JFIF_major_version = 1; /* Default JFIF version = 1.01 */
-  cinfo->JFIF_minor_version = 1;
-  cinfo->density_unit = 0;      /* Pixel size is unknown by default */
-  cinfo->X_density = 1;         /* Pixel aspect ratio is square by default */
-  cinfo->Y_density = 1;
-
-  /* Choose JPEG colorspace based on input space, set defaults accordingly */
-
-  jpeg_default_colorspace(cinfo);
-}
-
-
-/*
- * Select an appropriate JPEG colorspace for in_color_space.
- */
-
-GLOBAL(void)
-jpeg_default_colorspace(j_compress_ptr cinfo)
-{
-  switch (cinfo->in_color_space) {
-  case JCS_GRAYSCALE:
-    jpeg_set_colorspace(cinfo, JCS_GRAYSCALE);
-    break;
-  case JCS_RGB:
-  case JCS_EXT_RGB:
-  case JCS_EXT_RGBX:
-  case JCS_EXT_BGR:
-  case JCS_EXT_BGRX:
-  case JCS_EXT_XBGR:
-  case JCS_EXT_XRGB:
-  case JCS_EXT_RGBA:
-  case JCS_EXT_BGRA:
-  case JCS_EXT_ABGR:
-  case JCS_EXT_ARGB:
-    jpeg_set_colorspace(cinfo, JCS_YCbCr);
-    break;
-  case JCS_YCbCr:
-    jpeg_set_colorspace(cinfo, JCS_YCbCr);
-    break;
-  case JCS_CMYK:
-    jpeg_set_colorspace(cinfo, JCS_CMYK); /* By default, no translation */
-    break;
-  case JCS_YCCK:
-    jpeg_set_colorspace(cinfo, JCS_YCCK);
-    break;
-  case JCS_UNKNOWN:
-    jpeg_set_colorspace(cinfo, JCS_UNKNOWN);
-    break;
-  default:
-    ERREXIT(cinfo, JERR_BAD_IN_COLORSPACE);
-  }
-}
-
-
-/*
- * Set the JPEG colorspace, and choose colorspace-dependent default values.
- */
-
-GLOBAL(void)
-jpeg_set_colorspace(j_compress_ptr cinfo, J_COLOR_SPACE colorspace)
-{
-  jpeg_component_info *compptr;
-  int ci;
-
-#define SET_COMP(index, id, hsamp, vsamp, quant, dctbl, actbl) \
-  (compptr = &cinfo->comp_info[index], \
-   compptr->component_id = (id), \
-   compptr->h_samp_factor = (hsamp), \
-   compptr->v_samp_factor = (vsamp), \
-   compptr->quant_tbl_no = (quant), \
-   compptr->dc_tbl_no = (dctbl), \
-   compptr->ac_tbl_no = (actbl) )
-
-  /* Safety check to ensure start_compress not called yet. */
-  if (cinfo->global_state != CSTATE_START)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-
-  /* For all colorspaces, we use Q and Huff tables 0 for luminance components,
-   * tables 1 for chrominance components.
-   */
-
-  cinfo->jpeg_color_space = colorspace;
-
-  cinfo->write_JFIF_header = FALSE; /* No marker for non-JFIF colorspaces */
-  cinfo->write_Adobe_marker = FALSE; /* write no Adobe marker by default */
-
-  switch (colorspace) {
-  case JCS_GRAYSCALE:
-    cinfo->write_JFIF_header = TRUE; /* Write a JFIF marker */
-    cinfo->num_components = 1;
-    /* JFIF specifies component ID 1 */
-    SET_COMP(0, 1, 1, 1, 0, 0, 0);
-    break;
-  case JCS_RGB:
-    cinfo->write_Adobe_marker = TRUE; /* write Adobe marker to flag RGB */
-    cinfo->num_components = 3;
-    SET_COMP(0, 0x52 /* 'R' */, 1, 1, 0, 0, 0);
-    SET_COMP(1, 0x47 /* 'G' */, 1, 1, 0, 0, 0);
-    SET_COMP(2, 0x42 /* 'B' */, 1, 1, 0, 0, 0);
-    break;
-  case JCS_YCbCr:
-    cinfo->write_JFIF_header = TRUE; /* Write a JFIF marker */
-    cinfo->num_components = 3;
-    /* JFIF specifies component IDs 1,2,3 */
-    /* We default to 2x2 subsamples of chrominance */
-    SET_COMP(0, 1, 2, 2, 0, 0, 0);
-    SET_COMP(1, 2, 1, 1, 1, 1, 1);
-    SET_COMP(2, 3, 1, 1, 1, 1, 1);
-    break;
-  case JCS_CMYK:
-    cinfo->write_Adobe_marker = TRUE; /* write Adobe marker to flag CMYK */
-    cinfo->num_components = 4;
-    SET_COMP(0, 0x43 /* 'C' */, 1, 1, 0, 0, 0);
-    SET_COMP(1, 0x4D /* 'M' */, 1, 1, 0, 0, 0);
-    SET_COMP(2, 0x59 /* 'Y' */, 1, 1, 0, 0, 0);
-    SET_COMP(3, 0x4B /* 'K' */, 1, 1, 0, 0, 0);
-    break;
-  case JCS_YCCK:
-    cinfo->write_Adobe_marker = TRUE; /* write Adobe marker to flag YCCK */
-    cinfo->num_components = 4;
-    SET_COMP(0, 1, 2, 2, 0, 0, 0);
-    SET_COMP(1, 2, 1, 1, 1, 1, 1);
-    SET_COMP(2, 3, 1, 1, 1, 1, 1);
-    SET_COMP(3, 4, 2, 2, 0, 0, 0);
-    break;
-  case JCS_UNKNOWN:
-    cinfo->num_components = cinfo->input_components;
-    if (cinfo->num_components < 1 || cinfo->num_components > MAX_COMPONENTS)
-      ERREXIT2(cinfo, JERR_COMPONENT_COUNT, cinfo->num_components,
-               MAX_COMPONENTS);
-    for (ci = 0; ci < cinfo->num_components; ci++) {
-      SET_COMP(ci, ci, 1, 1, 0, 0, 0);
-    }
-    break;
-  default:
-    ERREXIT(cinfo, JERR_BAD_J_COLORSPACE);
-  }
-}
-
-
-#ifdef C_PROGRESSIVE_SUPPORTED
-
-LOCAL(jpeg_scan_info *)
-fill_a_scan(jpeg_scan_info *scanptr, int ci, int Ss, int Se, int Ah, int Al)
-/* Support routine: generate one scan for specified component */
-{
-  scanptr->comps_in_scan = 1;
-  scanptr->component_index[0] = ci;
-  scanptr->Ss = Ss;
-  scanptr->Se = Se;
-  scanptr->Ah = Ah;
-  scanptr->Al = Al;
-  scanptr++;
-  return scanptr;
-}
-
-LOCAL(jpeg_scan_info *)
-fill_scans(jpeg_scan_info *scanptr, int ncomps, int Ss, int Se, int Ah, int Al)
-/* Support routine: generate one scan for each component */
-{
-  int ci;
-
-  for (ci = 0; ci < ncomps; ci++) {
-    scanptr->comps_in_scan = 1;
-    scanptr->component_index[0] = ci;
-    scanptr->Ss = Ss;
-    scanptr->Se = Se;
-    scanptr->Ah = Ah;
-    scanptr->Al = Al;
-    scanptr++;
-  }
-  return scanptr;
-}
-
-LOCAL(jpeg_scan_info *)
-fill_dc_scans(jpeg_scan_info *scanptr, int ncomps, int Ah, int Al)
-/* Support routine: generate interleaved DC scan if possible, else N scans */
-{
-  int ci;
-
-  if (ncomps <= MAX_COMPS_IN_SCAN) {
-    /* Single interleaved DC scan */
-    scanptr->comps_in_scan = ncomps;
-    for (ci = 0; ci < ncomps; ci++)
-      scanptr->component_index[ci] = ci;
-    scanptr->Ss = scanptr->Se = 0;
-    scanptr->Ah = Ah;
-    scanptr->Al = Al;
-    scanptr++;
-  } else {
-    /* Noninterleaved DC scan for each component */
-    scanptr = fill_scans(scanptr, ncomps, 0, 0, Ah, Al);
-  }
-  return scanptr;
-}
-
-
-/*
- * Create a recommended progressive-JPEG script.
- * cinfo->num_components and cinfo->jpeg_color_space must be correct.
- */
-
-GLOBAL(void)
-jpeg_simple_progression(j_compress_ptr cinfo)
-{
-  int ncomps = cinfo->num_components;
-  int nscans;
-  jpeg_scan_info *scanptr;
-
-  /* Safety check to ensure start_compress not called yet. */
-  if (cinfo->global_state != CSTATE_START)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-
-  /* Figure space needed for script.  Calculation must match code below! */
-  if (ncomps == 3 && cinfo->jpeg_color_space == JCS_YCbCr) {
-    /* Custom script for YCbCr color images. */
-    nscans = 10;
-  } else {
-    /* All-purpose script for other color spaces. */
-    if (ncomps > MAX_COMPS_IN_SCAN)
-      nscans = 6 * ncomps;      /* 2 DC + 4 AC scans per component */
-    else
-      nscans = 2 + 4 * ncomps;  /* 2 DC scans; 4 AC scans per component */
-  }
-
-  /* Allocate space for script.
-   * We need to put it in the permanent pool in case the application performs
-   * multiple compressions without changing the settings.  To avoid a memory
-   * leak if jpeg_simple_progression is called repeatedly for the same JPEG
-   * object, we try to re-use previously allocated space, and we allocate
-   * enough space to handle YCbCr even if initially asked for grayscale.
-   */
-  if (cinfo->script_space == NULL || cinfo->script_space_size < nscans) {
-    cinfo->script_space_size = MAX(nscans, 10);
-    cinfo->script_space = (jpeg_scan_info *)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_PERMANENT,
-                        cinfo->script_space_size * sizeof(jpeg_scan_info));
-  }
-  scanptr = cinfo->script_space;
-  cinfo->scan_info = scanptr;
-  cinfo->num_scans = nscans;
-
-  if (ncomps == 3 && cinfo->jpeg_color_space == JCS_YCbCr) {
-    /* Custom script for YCbCr color images. */
-    /* Initial DC scan */
-    scanptr = fill_dc_scans(scanptr, ncomps, 0, 1);
-    /* Initial AC scan: get some luma data out in a hurry */
-    scanptr = fill_a_scan(scanptr, 0, 1, 5, 0, 2);
-    /* Chroma data is too small to be worth expending many scans on */
-    scanptr = fill_a_scan(scanptr, 2, 1, 63, 0, 1);
-    scanptr = fill_a_scan(scanptr, 1, 1, 63, 0, 1);
-    /* Complete spectral selection for luma AC */
-    scanptr = fill_a_scan(scanptr, 0, 6, 63, 0, 2);
-    /* Refine next bit of luma AC */
-    scanptr = fill_a_scan(scanptr, 0, 1, 63, 2, 1);
-    /* Finish DC successive approximation */
-    scanptr = fill_dc_scans(scanptr, ncomps, 1, 0);
-    /* Finish AC successive approximation */
-    scanptr = fill_a_scan(scanptr, 2, 1, 63, 1, 0);
-    scanptr = fill_a_scan(scanptr, 1, 1, 63, 1, 0);
-    /* Luma bottom bit comes last since it's usually largest scan */
-    scanptr = fill_a_scan(scanptr, 0, 1, 63, 1, 0);
-  } else {
-    /* All-purpose script for other color spaces. */
-    /* Successive approximation first pass */
-    scanptr = fill_dc_scans(scanptr, ncomps, 0, 1);
-    scanptr = fill_scans(scanptr, ncomps, 1, 5, 0, 2);
-    scanptr = fill_scans(scanptr, ncomps, 6, 63, 0, 2);
-    /* Successive approximation second pass */
-    scanptr = fill_scans(scanptr, ncomps, 1, 63, 2, 1);
-    /* Successive approximation final pass */
-    scanptr = fill_dc_scans(scanptr, ncomps, 1, 0);
-    scanptr = fill_scans(scanptr, ncomps, 1, 63, 1, 0);
-  }
-}
-
-#endif /* C_PROGRESSIVE_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jcphuff.c b/3rdparty/libjpeg-turbo_2_1_0/jcphuff.c
deleted file mode 100644
index bd14fc2..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jcphuff.c
+++ /dev/null
@@ -1,1112 +0,0 @@
-/*
- * jcphuff.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1995-1997, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2011, 2015, 2018, 2021, D. R. Commander.
- * Copyright (C) 2016, 2018, Matthieu Darbois.
- * Copyright (C) 2020, Arm Limited.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains Huffman entropy encoding routines for progressive JPEG.
- *
- * We do not support output suspension in this module, since the library
- * currently does not allow multiple-scan files to be written with output
- * suspension.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jsimd.h"
-#include "jconfigint.h"
-#include <limits.h>
-
-#ifdef HAVE_INTRIN_H
-#include <intrin.h>
-#ifdef _MSC_VER
-#ifdef HAVE_BITSCANFORWARD64
-#pragma intrinsic(_BitScanForward64)
-#endif
-#ifdef HAVE_BITSCANFORWARD
-#pragma intrinsic(_BitScanForward)
-#endif
-#endif
-#endif
-
-#ifdef C_PROGRESSIVE_SUPPORTED
-
-/*
- * NOTE: If USE_CLZ_INTRINSIC is defined, then clz/bsr instructions will be
- * used for bit counting rather than the lookup table.  This will reduce the
- * memory footprint by 64k, which is important for some mobile applications
- * that create many isolated instances of libjpeg-turbo (web browsers, for
- * instance.)  This may improve performance on some mobile platforms as well.
- * This feature is enabled by default only on Arm processors, because some x86
- * chips have a slow implementation of bsr, and the use of clz/bsr cannot be
- * shown to have a significant performance impact even on the x86 chips that
- * have a fast implementation of it.  When building for Armv6, you can
- * explicitly disable the use of clz/bsr by adding -mthumb to the compiler
- * flags (this defines __thumb__).
- */
-
-#if defined(__arm__) || defined(__aarch64__) || defined(_M_ARM) || \
-    defined(_M_ARM64)
-#if !defined(__thumb__) || defined(__thumb2__)
-#define USE_CLZ_INTRINSIC
-#endif
-#endif
-
-#ifdef USE_CLZ_INTRINSIC
-#if defined(_MSC_VER) && !defined(__clang__)
-#define JPEG_NBITS_NONZERO(x)  (32 - _CountLeadingZeros(x))
-#else
-#define JPEG_NBITS_NONZERO(x)  (32 - __builtin_clz(x))
-#endif
-#define JPEG_NBITS(x)          (x ? JPEG_NBITS_NONZERO(x) : 0)
-#else
-#include "jpeg_nbits_table.h"
-#define JPEG_NBITS(x)          (jpeg_nbits_table[x])
-#define JPEG_NBITS_NONZERO(x)  JPEG_NBITS(x)
-#endif
-
-
-/* Expanded entropy encoder object for progressive Huffman encoding. */
-
-typedef struct {
-  struct jpeg_entropy_encoder pub; /* public fields */
-
-  /* Pointer to routine to prepare data for encode_mcu_AC_first() */
-  void (*AC_first_prepare) (const JCOEF *block,
-                            const int *jpeg_natural_order_start, int Sl,
-                            int Al, JCOEF *values, size_t *zerobits);
-  /* Pointer to routine to prepare data for encode_mcu_AC_refine() */
-  int (*AC_refine_prepare) (const JCOEF *block,
-                            const int *jpeg_natural_order_start, int Sl,
-                            int Al, JCOEF *absvalues, size_t *bits);
-
-  /* Mode flag: TRUE for optimization, FALSE for actual data output */
-  boolean gather_statistics;
-
-  /* Bit-level coding status.
-   * next_output_byte/free_in_buffer are local copies of cinfo->dest fields.
-   */
-  JOCTET *next_output_byte;     /* => next byte to write in buffer */
-  size_t free_in_buffer;        /* # of byte spaces remaining in buffer */
-  size_t put_buffer;            /* current bit-accumulation buffer */
-  int put_bits;                 /* # of bits now in it */
-  j_compress_ptr cinfo;         /* link to cinfo (needed for dump_buffer) */
-
-  /* Coding status for DC components */
-  int last_dc_val[MAX_COMPS_IN_SCAN]; /* last DC coef for each component */
-
-  /* Coding status for AC components */
-  int ac_tbl_no;                /* the table number of the single component */
-  unsigned int EOBRUN;          /* run length of EOBs */
-  unsigned int BE;              /* # of buffered correction bits before MCU */
-  char *bit_buffer;             /* buffer for correction bits (1 per char) */
-  /* packing correction bits tightly would save some space but cost time... */
-
-  unsigned int restarts_to_go;  /* MCUs left in this restart interval */
-  int next_restart_num;         /* next restart number to write (0-7) */
-
-  /* Pointers to derived tables (these workspaces have image lifespan).
-   * Since any one scan codes only DC or only AC, we only need one set
-   * of tables, not one for DC and one for AC.
-   */
-  c_derived_tbl *derived_tbls[NUM_HUFF_TBLS];
-
-  /* Statistics tables for optimization; again, one set is enough */
-  long *count_ptrs[NUM_HUFF_TBLS];
-} phuff_entropy_encoder;
-
-typedef phuff_entropy_encoder *phuff_entropy_ptr;
-
-/* MAX_CORR_BITS is the number of bits the AC refinement correction-bit
- * buffer can hold.  Larger sizes may slightly improve compression, but
- * 1000 is already well into the realm of overkill.
- * The minimum safe size is 64 bits.
- */
-
-#define MAX_CORR_BITS  1000     /* Max # of correction bits I can buffer */
-
-/* IRIGHT_SHIFT is like RIGHT_SHIFT, but works on int rather than JLONG.
- * We assume that int right shift is unsigned if JLONG right shift is,
- * which should be safe.
- */
-
-#ifdef RIGHT_SHIFT_IS_UNSIGNED
-#define ISHIFT_TEMPS    int ishift_temp;
-#define IRIGHT_SHIFT(x, shft) \
-  ((ishift_temp = (x)) < 0 ? \
-   (ishift_temp >> (shft)) | ((~0) << (16 - (shft))) : \
-   (ishift_temp >> (shft)))
-#else
-#define ISHIFT_TEMPS
-#define IRIGHT_SHIFT(x, shft)   ((x) >> (shft))
-#endif
-
-#define PAD(v, p)  ((v + (p) - 1) & (~((p) - 1)))
-
-/* Forward declarations */
-METHODDEF(boolean) encode_mcu_DC_first(j_compress_ptr cinfo,
-                                       JBLOCKROW *MCU_data);
-METHODDEF(void) encode_mcu_AC_first_prepare
-  (const JCOEF *block, const int *jpeg_natural_order_start, int Sl, int Al,
-   JCOEF *values, size_t *zerobits);
-METHODDEF(boolean) encode_mcu_AC_first(j_compress_ptr cinfo,
-                                       JBLOCKROW *MCU_data);
-METHODDEF(boolean) encode_mcu_DC_refine(j_compress_ptr cinfo,
-                                        JBLOCKROW *MCU_data);
-METHODDEF(int) encode_mcu_AC_refine_prepare
-  (const JCOEF *block, const int *jpeg_natural_order_start, int Sl, int Al,
-   JCOEF *absvalues, size_t *bits);
-METHODDEF(boolean) encode_mcu_AC_refine(j_compress_ptr cinfo,
-                                        JBLOCKROW *MCU_data);
-METHODDEF(void) finish_pass_phuff(j_compress_ptr cinfo);
-METHODDEF(void) finish_pass_gather_phuff(j_compress_ptr cinfo);
-
-
-/* Count bit loop zeroes */
-INLINE
-METHODDEF(int)
-count_zeroes(size_t *x)
-{
-#if defined(HAVE_BUILTIN_CTZL)
-  int result;
-  result = __builtin_ctzl(*x);
-  *x >>= result;
-#elif defined(HAVE_BITSCANFORWARD64)
-  unsigned long result;
-  _BitScanForward64(&result, *x);
-  *x >>= result;
-#elif defined(HAVE_BITSCANFORWARD)
-  unsigned long result;
-  _BitScanForward(&result, *x);
-  *x >>= result;
-#else
-  int result = 0;
-  while ((*x & 1) == 0) {
-    ++result;
-    *x >>= 1;
-  }
-#endif
-  return (int)result;
-}
-
-
-/*
- * Initialize for a Huffman-compressed scan using progressive JPEG.
- */
-
-METHODDEF(void)
-start_pass_phuff(j_compress_ptr cinfo, boolean gather_statistics)
-{
-  phuff_entropy_ptr entropy = (phuff_entropy_ptr)cinfo->entropy;
-  boolean is_DC_band;
-  int ci, tbl;
-  jpeg_component_info *compptr;
-
-  entropy->cinfo = cinfo;
-  entropy->gather_statistics = gather_statistics;
-
-  is_DC_band = (cinfo->Ss == 0);
-
-  /* We assume jcmaster.c already validated the scan parameters. */
-
-  /* Select execution routines */
-  if (cinfo->Ah == 0) {
-    if (is_DC_band)
-      entropy->pub.encode_mcu = encode_mcu_DC_first;
-    else
-      entropy->pub.encode_mcu = encode_mcu_AC_first;
-    if (jsimd_can_encode_mcu_AC_first_prepare())
-      entropy->AC_first_prepare = jsimd_encode_mcu_AC_first_prepare;
-    else
-      entropy->AC_first_prepare = encode_mcu_AC_first_prepare;
-  } else {
-    if (is_DC_band)
-      entropy->pub.encode_mcu = encode_mcu_DC_refine;
-    else {
-      entropy->pub.encode_mcu = encode_mcu_AC_refine;
-      if (jsimd_can_encode_mcu_AC_refine_prepare())
-        entropy->AC_refine_prepare = jsimd_encode_mcu_AC_refine_prepare;
-      else
-        entropy->AC_refine_prepare = encode_mcu_AC_refine_prepare;
-      /* AC refinement needs a correction bit buffer */
-      if (entropy->bit_buffer == NULL)
-        entropy->bit_buffer = (char *)
-          (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                      MAX_CORR_BITS * sizeof(char));
-    }
-  }
-  if (gather_statistics)
-    entropy->pub.finish_pass = finish_pass_gather_phuff;
-  else
-    entropy->pub.finish_pass = finish_pass_phuff;
-
-  /* Only DC coefficients may be interleaved, so cinfo->comps_in_scan = 1
-   * for AC coefficients.
-   */
-  for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-    compptr = cinfo->cur_comp_info[ci];
-    /* Initialize DC predictions to 0 */
-    entropy->last_dc_val[ci] = 0;
-    /* Get table index */
-    if (is_DC_band) {
-      if (cinfo->Ah != 0)       /* DC refinement needs no table */
-        continue;
-      tbl = compptr->dc_tbl_no;
-    } else {
-      entropy->ac_tbl_no = tbl = compptr->ac_tbl_no;
-    }
-    if (gather_statistics) {
-      /* Check for invalid table index */
-      /* (make_c_derived_tbl does this in the other path) */
-      if (tbl < 0 || tbl >= NUM_HUFF_TBLS)
-        ERREXIT1(cinfo, JERR_NO_HUFF_TABLE, tbl);
-      /* Allocate and zero the statistics tables */
-      /* Note that jpeg_gen_optimal_table expects 257 entries in each table! */
-      if (entropy->count_ptrs[tbl] == NULL)
-        entropy->count_ptrs[tbl] = (long *)
-          (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                      257 * sizeof(long));
-      MEMZERO(entropy->count_ptrs[tbl], 257 * sizeof(long));
-    } else {
-      /* Compute derived values for Huffman table */
-      /* We may do this more than once for a table, but it's not expensive */
-      jpeg_make_c_derived_tbl(cinfo, is_DC_band, tbl,
-                              &entropy->derived_tbls[tbl]);
-    }
-  }
-
-  /* Initialize AC stuff */
-  entropy->EOBRUN = 0;
-  entropy->BE = 0;
-
-  /* Initialize bit buffer to empty */
-  entropy->put_buffer = 0;
-  entropy->put_bits = 0;
-
-  /* Initialize restart stuff */
-  entropy->restarts_to_go = cinfo->restart_interval;
-  entropy->next_restart_num = 0;
-}
-
-
-/* Outputting bytes to the file.
- * NB: these must be called only when actually outputting,
- * that is, entropy->gather_statistics == FALSE.
- */
-
-/* Emit a byte */
-#define emit_byte(entropy, val) { \
-  *(entropy)->next_output_byte++ = (JOCTET)(val); \
-  if (--(entropy)->free_in_buffer == 0) \
-    dump_buffer(entropy); \
-}
-
-
-LOCAL(void)
-dump_buffer(phuff_entropy_ptr entropy)
-/* Empty the output buffer; we do not support suspension in this module. */
-{
-  struct jpeg_destination_mgr *dest = entropy->cinfo->dest;
-
-  if (!(*dest->empty_output_buffer) (entropy->cinfo))
-    ERREXIT(entropy->cinfo, JERR_CANT_SUSPEND);
-  /* After a successful buffer dump, must reset buffer pointers */
-  entropy->next_output_byte = dest->next_output_byte;
-  entropy->free_in_buffer = dest->free_in_buffer;
-}
-
-
-/* Outputting bits to the file */
-
-/* Only the right 24 bits of put_buffer are used; the valid bits are
- * left-justified in this part.  At most 16 bits can be passed to emit_bits
- * in one call, and we never retain more than 7 bits in put_buffer
- * between calls, so 24 bits are sufficient.
- */
-
-LOCAL(void)
-emit_bits(phuff_entropy_ptr entropy, unsigned int code, int size)
-/* Emit some bits, unless we are in gather mode */
-{
-  /* This routine is heavily used, so it's worth coding tightly. */
-  register size_t put_buffer = (size_t)code;
-  register int put_bits = entropy->put_bits;
-
-  /* if size is 0, caller used an invalid Huffman table entry */
-  if (size == 0)
-    ERREXIT(entropy->cinfo, JERR_HUFF_MISSING_CODE);
-
-  if (entropy->gather_statistics)
-    return;                     /* do nothing if we're only getting stats */
-
-  put_buffer &= (((size_t)1) << size) - 1; /* mask off any extra bits in code */
-
-  put_bits += size;             /* new number of bits in buffer */
-
-  put_buffer <<= 24 - put_bits; /* align incoming bits */
-
-  put_buffer |= entropy->put_buffer; /* and merge with old buffer contents */
-
-  while (put_bits >= 8) {
-    int c = (int)((put_buffer >> 16) & 0xFF);
-
-    emit_byte(entropy, c);
-    if (c == 0xFF) {            /* need to stuff a zero byte? */
-      emit_byte(entropy, 0);
-    }
-    put_buffer <<= 8;
-    put_bits -= 8;
-  }
-
-  entropy->put_buffer = put_buffer; /* update variables */
-  entropy->put_bits = put_bits;
-}
-
-
-LOCAL(void)
-flush_bits(phuff_entropy_ptr entropy)
-{
-  emit_bits(entropy, 0x7F, 7); /* fill any partial byte with ones */
-  entropy->put_buffer = 0;     /* and reset bit-buffer to empty */
-  entropy->put_bits = 0;
-}
-
-
-/*
- * Emit (or just count) a Huffman symbol.
- */
-
-LOCAL(void)
-emit_symbol(phuff_entropy_ptr entropy, int tbl_no, int symbol)
-{
-  if (entropy->gather_statistics)
-    entropy->count_ptrs[tbl_no][symbol]++;
-  else {
-    c_derived_tbl *tbl = entropy->derived_tbls[tbl_no];
-    emit_bits(entropy, tbl->ehufco[symbol], tbl->ehufsi[symbol]);
-  }
-}
-
-
-/*
- * Emit bits from a correction bit buffer.
- */
-
-LOCAL(void)
-emit_buffered_bits(phuff_entropy_ptr entropy, char *bufstart,
-                   unsigned int nbits)
-{
-  if (entropy->gather_statistics)
-    return;                     /* no real work */
-
-  while (nbits > 0) {
-    emit_bits(entropy, (unsigned int)(*bufstart), 1);
-    bufstart++;
-    nbits--;
-  }
-}
-
-
-/*
- * Emit any pending EOBRUN symbol.
- */
-
-LOCAL(void)
-emit_eobrun(phuff_entropy_ptr entropy)
-{
-  register int temp, nbits;
-
-  if (entropy->EOBRUN > 0) {    /* if there is any pending EOBRUN */
-    temp = entropy->EOBRUN;
-    nbits = JPEG_NBITS_NONZERO(temp) - 1;
-    /* safety check: shouldn't happen given limited correction-bit buffer */
-    if (nbits > 14)
-      ERREXIT(entropy->cinfo, JERR_HUFF_MISSING_CODE);
-
-    emit_symbol(entropy, entropy->ac_tbl_no, nbits << 4);
-    if (nbits)
-      emit_bits(entropy, entropy->EOBRUN, nbits);
-
-    entropy->EOBRUN = 0;
-
-    /* Emit any buffered correction bits */
-    emit_buffered_bits(entropy, entropy->bit_buffer, entropy->BE);
-    entropy->BE = 0;
-  }
-}
-
-
-/*
- * Emit a restart marker & resynchronize predictions.
- */
-
-LOCAL(void)
-emit_restart(phuff_entropy_ptr entropy, int restart_num)
-{
-  int ci;
-
-  emit_eobrun(entropy);
-
-  if (!entropy->gather_statistics) {
-    flush_bits(entropy);
-    emit_byte(entropy, 0xFF);
-    emit_byte(entropy, JPEG_RST0 + restart_num);
-  }
-
-  if (entropy->cinfo->Ss == 0) {
-    /* Re-initialize DC predictions to 0 */
-    for (ci = 0; ci < entropy->cinfo->comps_in_scan; ci++)
-      entropy->last_dc_val[ci] = 0;
-  } else {
-    /* Re-initialize all AC-related fields to 0 */
-    entropy->EOBRUN = 0;
-    entropy->BE = 0;
-  }
-}
-
-
-/*
- * MCU encoding for DC initial scan (either spectral selection,
- * or first pass of successive approximation).
- */
-
-METHODDEF(boolean)
-encode_mcu_DC_first(j_compress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  phuff_entropy_ptr entropy = (phuff_entropy_ptr)cinfo->entropy;
-  register int temp, temp2, temp3;
-  register int nbits;
-  int blkn, ci;
-  int Al = cinfo->Al;
-  JBLOCKROW block;
-  jpeg_component_info *compptr;
-  ISHIFT_TEMPS
-
-  entropy->next_output_byte = cinfo->dest->next_output_byte;
-  entropy->free_in_buffer = cinfo->dest->free_in_buffer;
-
-  /* Emit restart marker if needed */
-  if (cinfo->restart_interval)
-    if (entropy->restarts_to_go == 0)
-      emit_restart(entropy, entropy->next_restart_num);
-
-  /* Encode the MCU data blocks */
-  for (blkn = 0; blkn < cinfo->blocks_in_MCU; blkn++) {
-    block = MCU_data[blkn];
-    ci = cinfo->MCU_membership[blkn];
-    compptr = cinfo->cur_comp_info[ci];
-
-    /* Compute the DC value after the required point transform by Al.
-     * This is simply an arithmetic right shift.
-     */
-    temp2 = IRIGHT_SHIFT((int)((*block)[0]), Al);
-
-    /* DC differences are figured on the point-transformed values. */
-    temp = temp2 - entropy->last_dc_val[ci];
-    entropy->last_dc_val[ci] = temp2;
-
-    /* Encode the DC coefficient difference per section G.1.2.1 */
-
-    /* This is a well-known technique for obtaining the absolute value without
-     * a branch.  It is derived from an assembly language technique presented
-     * in "How to Optimize for the Pentium Processors", Copyright (c) 1996,
-     * 1997 by Agner Fog.
-     */
-    temp3 = temp >> (CHAR_BIT * sizeof(int) - 1);
-    temp ^= temp3;
-    temp -= temp3;              /* temp is abs value of input */
-    /* For a negative input, want temp2 = bitwise complement of abs(input) */
-    temp2 = temp ^ temp3;
-
-    /* Find the number of bits needed for the magnitude of the coefficient */
-    nbits = JPEG_NBITS(temp);
-    /* Check for out-of-range coefficient values.
-     * Since we're encoding a difference, the range limit is twice as much.
-     */
-    if (nbits > MAX_COEF_BITS + 1)
-      ERREXIT(cinfo, JERR_BAD_DCT_COEF);
-
-    /* Count/emit the Huffman-coded symbol for the number of bits */
-    emit_symbol(entropy, compptr->dc_tbl_no, nbits);
-
-    /* Emit that number of bits of the value, if positive, */
-    /* or the complement of its magnitude, if negative. */
-    if (nbits)                  /* emit_bits rejects calls with size 0 */
-      emit_bits(entropy, (unsigned int)temp2, nbits);
-  }
-
-  cinfo->dest->next_output_byte = entropy->next_output_byte;
-  cinfo->dest->free_in_buffer = entropy->free_in_buffer;
-
-  /* Update restart-interval state too */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0) {
-      entropy->restarts_to_go = cinfo->restart_interval;
-      entropy->next_restart_num++;
-      entropy->next_restart_num &= 7;
-    }
-    entropy->restarts_to_go--;
-  }
-
-  return TRUE;
-}
-
-
-/*
- * Data preparation for encode_mcu_AC_first().
- */
-
-#define COMPUTE_ABSVALUES_AC_FIRST(Sl) { \
-  for (k = 0; k < Sl; k++) { \
-    temp = block[jpeg_natural_order_start[k]]; \
-    if (temp == 0) \
-      continue; \
-    /* We must apply the point transform by Al.  For AC coefficients this \
-     * is an integer division with rounding towards 0.  To do this portably \
-     * in C, we shift after obtaining the absolute value; so the code is \
-     * interwoven with finding the abs value (temp) and output bits (temp2). \
-     */ \
-    temp2 = temp >> (CHAR_BIT * sizeof(int) - 1); \
-    temp ^= temp2; \
-    temp -= temp2;              /* temp is abs value of input */ \
-    temp >>= Al;                /* apply the point transform */ \
-    /* Watch out for case that nonzero coef is zero after point transform */ \
-    if (temp == 0) \
-      continue; \
-    /* For a negative coef, want temp2 = bitwise complement of abs(coef) */ \
-    temp2 ^= temp; \
-    values[k] = temp; \
-    values[k + DCTSIZE2] = temp2; \
-    zerobits |= ((size_t)1U) << k; \
-  } \
-}
-
-METHODDEF(void)
-encode_mcu_AC_first_prepare(const JCOEF *block,
-                            const int *jpeg_natural_order_start, int Sl,
-                            int Al, JCOEF *values, size_t *bits)
-{
-  register int k, temp, temp2;
-  size_t zerobits = 0U;
-  int Sl0 = Sl;
-
-#if SIZEOF_SIZE_T == 4
-  if (Sl0 > 32)
-    Sl0 = 32;
-#endif
-
-  COMPUTE_ABSVALUES_AC_FIRST(Sl0);
-
-  bits[0] = zerobits;
-#if SIZEOF_SIZE_T == 4
-  zerobits = 0U;
-
-  if (Sl > 32) {
-    Sl -= 32;
-    jpeg_natural_order_start += 32;
-    values += 32;
-
-    COMPUTE_ABSVALUES_AC_FIRST(Sl);
-  }
-  bits[1] = zerobits;
-#endif
-}
-
-/*
- * MCU encoding for AC initial scan (either spectral selection,
- * or first pass of successive approximation).
- */
-
-#define ENCODE_COEFS_AC_FIRST(label) { \
-  while (zerobits) { \
-    r = count_zeroes(&zerobits); \
-    cvalue += r; \
-label \
-    temp  = cvalue[0]; \
-    temp2 = cvalue[DCTSIZE2]; \
-    \
-    /* if run length > 15, must emit special run-length-16 codes (0xF0) */ \
-    while (r > 15) { \
-      emit_symbol(entropy, entropy->ac_tbl_no, 0xF0); \
-      r -= 16; \
-    } \
-    \
-    /* Find the number of bits needed for the magnitude of the coefficient */ \
-    nbits = JPEG_NBITS_NONZERO(temp);  /* there must be at least one 1 bit */ \
-    /* Check for out-of-range coefficient values */ \
-    if (nbits > MAX_COEF_BITS) \
-      ERREXIT(cinfo, JERR_BAD_DCT_COEF); \
-    \
-    /* Count/emit Huffman symbol for run length / number of bits */ \
-    emit_symbol(entropy, entropy->ac_tbl_no, (r << 4) + nbits); \
-    \
-    /* Emit that number of bits of the value, if positive, */ \
-    /* or the complement of its magnitude, if negative. */ \
-    emit_bits(entropy, (unsigned int)temp2, nbits); \
-    \
-    cvalue++; \
-    zerobits >>= 1; \
-  } \
-}
-
-METHODDEF(boolean)
-encode_mcu_AC_first(j_compress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  phuff_entropy_ptr entropy = (phuff_entropy_ptr)cinfo->entropy;
-  register int temp, temp2;
-  register int nbits, r;
-  int Sl = cinfo->Se - cinfo->Ss + 1;
-  int Al = cinfo->Al;
-  JCOEF values_unaligned[2 * DCTSIZE2 + 15];
-  JCOEF *values;
-  const JCOEF *cvalue;
-  size_t zerobits;
-  size_t bits[8 / SIZEOF_SIZE_T];
-
-  entropy->next_output_byte = cinfo->dest->next_output_byte;
-  entropy->free_in_buffer = cinfo->dest->free_in_buffer;
-
-  /* Emit restart marker if needed */
-  if (cinfo->restart_interval)
-    if (entropy->restarts_to_go == 0)
-      emit_restart(entropy, entropy->next_restart_num);
-
-#ifdef WITH_SIMD
-  cvalue = values = (JCOEF *)PAD((size_t)values_unaligned, 16);
-#else
-  /* Not using SIMD, so alignment is not needed */
-  cvalue = values = values_unaligned;
-#endif
-
-  /* Prepare data */
-  entropy->AC_first_prepare(MCU_data[0][0], jpeg_natural_order + cinfo->Ss,
-                            Sl, Al, values, bits);
-
-  zerobits = bits[0];
-#if SIZEOF_SIZE_T == 4
-  zerobits |= bits[1];
-#endif
-
-  /* Emit any pending EOBRUN */
-  if (zerobits && (entropy->EOBRUN > 0))
-    emit_eobrun(entropy);
-
-#if SIZEOF_SIZE_T == 4
-  zerobits = bits[0];
-#endif
-
-  /* Encode the AC coefficients per section G.1.2.2, fig. G.3 */
-
-  ENCODE_COEFS_AC_FIRST((void)0;);
-
-#if SIZEOF_SIZE_T == 4
-  zerobits = bits[1];
-  if (zerobits) {
-    int diff = ((values + DCTSIZE2 / 2) - cvalue);
-    r = count_zeroes(&zerobits);
-    r += diff;
-    cvalue += r;
-    goto first_iter_ac_first;
-  }
-
-  ENCODE_COEFS_AC_FIRST(first_iter_ac_first:);
-#endif
-
-  if (cvalue < (values + Sl)) { /* If there are trailing zeroes, */
-    entropy->EOBRUN++;          /* count an EOB */
-    if (entropy->EOBRUN == 0x7FFF)
-      emit_eobrun(entropy);     /* force it out to avoid overflow */
-  }
-
-  cinfo->dest->next_output_byte = entropy->next_output_byte;
-  cinfo->dest->free_in_buffer = entropy->free_in_buffer;
-
-  /* Update restart-interval state too */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0) {
-      entropy->restarts_to_go = cinfo->restart_interval;
-      entropy->next_restart_num++;
-      entropy->next_restart_num &= 7;
-    }
-    entropy->restarts_to_go--;
-  }
-
-  return TRUE;
-}
-
-
-/*
- * MCU encoding for DC successive approximation refinement scan.
- * Note: we assume such scans can be multi-component, although the spec
- * is not very clear on the point.
- */
-
-METHODDEF(boolean)
-encode_mcu_DC_refine(j_compress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  phuff_entropy_ptr entropy = (phuff_entropy_ptr)cinfo->entropy;
-  register int temp;
-  int blkn;
-  int Al = cinfo->Al;
-  JBLOCKROW block;
-
-  entropy->next_output_byte = cinfo->dest->next_output_byte;
-  entropy->free_in_buffer = cinfo->dest->free_in_buffer;
-
-  /* Emit restart marker if needed */
-  if (cinfo->restart_interval)
-    if (entropy->restarts_to_go == 0)
-      emit_restart(entropy, entropy->next_restart_num);
-
-  /* Encode the MCU data blocks */
-  for (blkn = 0; blkn < cinfo->blocks_in_MCU; blkn++) {
-    block = MCU_data[blkn];
-
-    /* We simply emit the Al'th bit of the DC coefficient value. */
-    temp = (*block)[0];
-    emit_bits(entropy, (unsigned int)(temp >> Al), 1);
-  }
-
-  cinfo->dest->next_output_byte = entropy->next_output_byte;
-  cinfo->dest->free_in_buffer = entropy->free_in_buffer;
-
-  /* Update restart-interval state too */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0) {
-      entropy->restarts_to_go = cinfo->restart_interval;
-      entropy->next_restart_num++;
-      entropy->next_restart_num &= 7;
-    }
-    entropy->restarts_to_go--;
-  }
-
-  return TRUE;
-}
-
-
-/*
- * Data preparation for encode_mcu_AC_refine().
- */
-
-#define COMPUTE_ABSVALUES_AC_REFINE(Sl, koffset) { \
-  /* It is convenient to make a pre-pass to determine the transformed \
-   * coefficients' absolute values and the EOB position. \
-   */ \
-  for (k = 0; k < Sl; k++) { \
-    temp = block[jpeg_natural_order_start[k]]; \
-    /* We must apply the point transform by Al.  For AC coefficients this \
-     * is an integer division with rounding towards 0.  To do this portably \
-     * in C, we shift after obtaining the absolute value. \
-     */ \
-    temp2 = temp >> (CHAR_BIT * sizeof(int) - 1); \
-    temp ^= temp2; \
-    temp -= temp2;              /* temp is abs value of input */ \
-    temp >>= Al;                /* apply the point transform */ \
-    if (temp != 0) { \
-      zerobits |= ((size_t)1U) << k; \
-      signbits |= ((size_t)(temp2 + 1)) << k; \
-    } \
-    absvalues[k] = (JCOEF)temp; /* save abs value for main pass */ \
-    if (temp == 1) \
-      EOB = k + koffset;        /* EOB = index of last newly-nonzero coef */ \
-  } \
-}
-
-METHODDEF(int)
-encode_mcu_AC_refine_prepare(const JCOEF *block,
-                             const int *jpeg_natural_order_start, int Sl,
-                             int Al, JCOEF *absvalues, size_t *bits)
-{
-  register int k, temp, temp2;
-  int EOB = 0;
-  size_t zerobits = 0U, signbits = 0U;
-  int Sl0 = Sl;
-
-#if SIZEOF_SIZE_T == 4
-  if (Sl0 > 32)
-    Sl0 = 32;
-#endif
-
-  COMPUTE_ABSVALUES_AC_REFINE(Sl0, 0);
-
-  bits[0] = zerobits;
-#if SIZEOF_SIZE_T == 8
-  bits[1] = signbits;
-#else
-  bits[2] = signbits;
-
-  zerobits = 0U;
-  signbits = 0U;
-
-  if (Sl > 32) {
-    Sl -= 32;
-    jpeg_natural_order_start += 32;
-    absvalues += 32;
-
-    COMPUTE_ABSVALUES_AC_REFINE(Sl, 32);
-  }
-
-  bits[1] = zerobits;
-  bits[3] = signbits;
-#endif
-
-  return EOB;
-}
-
-
-/*
- * MCU encoding for AC successive approximation refinement scan.
- */
-
-#define ENCODE_COEFS_AC_REFINE(label) { \
-  while (zerobits) { \
-    idx = count_zeroes(&zerobits); \
-    r += idx; \
-    cabsvalue += idx; \
-    signbits >>= idx; \
-label \
-    /* Emit any required ZRLs, but not if they can be folded into EOB */ \
-    while (r > 15 && (cabsvalue <= EOBPTR)) { \
-      /* emit any pending EOBRUN and the BE correction bits */ \
-      emit_eobrun(entropy); \
-      /* Emit ZRL */ \
-      emit_symbol(entropy, entropy->ac_tbl_no, 0xF0); \
-      r -= 16; \
-      /* Emit buffered correction bits that must be associated with ZRL */ \
-      emit_buffered_bits(entropy, BR_buffer, BR); \
-      BR_buffer = entropy->bit_buffer; /* BE bits are gone now */ \
-      BR = 0; \
-    } \
-    \
-    temp = *cabsvalue++; \
-    \
-    /* If the coef was previously nonzero, it only needs a correction bit. \
-     * NOTE: a straight translation of the spec's figure G.7 would suggest \
-     * that we also need to test r > 15.  But if r > 15, we can only get here \
-     * if k > EOB, which implies that this coefficient is not 1. \
-     */ \
-    if (temp > 1) { \
-      /* The correction bit is the next bit of the absolute value. */ \
-      BR_buffer[BR++] = (char)(temp & 1); \
-      signbits >>= 1; \
-      zerobits >>= 1; \
-      continue; \
-    } \
-    \
-    /* Emit any pending EOBRUN and the BE correction bits */ \
-    emit_eobrun(entropy); \
-    \
-    /* Count/emit Huffman symbol for run length / number of bits */ \
-    emit_symbol(entropy, entropy->ac_tbl_no, (r << 4) + 1); \
-    \
-    /* Emit output bit for newly-nonzero coef */ \
-    temp = signbits & 1; /* ((*block)[jpeg_natural_order_start[k]] < 0) ? 0 : 1 */ \
-    emit_bits(entropy, (unsigned int)temp, 1); \
-    \
-    /* Emit buffered correction bits that must be associated with this code */ \
-    emit_buffered_bits(entropy, BR_buffer, BR); \
-    BR_buffer = entropy->bit_buffer; /* BE bits are gone now */ \
-    BR = 0; \
-    r = 0;                      /* reset zero run length */ \
-    signbits >>= 1; \
-    zerobits >>= 1; \
-  } \
-}
-
-METHODDEF(boolean)
-encode_mcu_AC_refine(j_compress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  phuff_entropy_ptr entropy = (phuff_entropy_ptr)cinfo->entropy;
-  register int temp, r, idx;
-  char *BR_buffer;
-  unsigned int BR;
-  int Sl = cinfo->Se - cinfo->Ss + 1;
-  int Al = cinfo->Al;
-  JCOEF absvalues_unaligned[DCTSIZE2 + 15];
-  JCOEF *absvalues;
-  const JCOEF *cabsvalue, *EOBPTR;
-  size_t zerobits, signbits;
-  size_t bits[16 / SIZEOF_SIZE_T];
-
-  entropy->next_output_byte = cinfo->dest->next_output_byte;
-  entropy->free_in_buffer = cinfo->dest->free_in_buffer;
-
-  /* Emit restart marker if needed */
-  if (cinfo->restart_interval)
-    if (entropy->restarts_to_go == 0)
-      emit_restart(entropy, entropy->next_restart_num);
-
-#ifdef WITH_SIMD
-  cabsvalue = absvalues = (JCOEF *)PAD((size_t)absvalues_unaligned, 16);
-#else
-  /* Not using SIMD, so alignment is not needed */
-  cabsvalue = absvalues = absvalues_unaligned;
-#endif
-
-  /* Prepare data */
-  EOBPTR = absvalues +
-    entropy->AC_refine_prepare(MCU_data[0][0], jpeg_natural_order + cinfo->Ss,
-                               Sl, Al, absvalues, bits);
-
-  /* Encode the AC coefficients per section G.1.2.3, fig. G.7 */
-
-  r = 0;                        /* r = run length of zeros */
-  BR = 0;                       /* BR = count of buffered bits added now */
-  BR_buffer = entropy->bit_buffer + entropy->BE; /* Append bits to buffer */
-
-  zerobits = bits[0];
-#if SIZEOF_SIZE_T == 8
-  signbits = bits[1];
-#else
-  signbits = bits[2];
-#endif
-  ENCODE_COEFS_AC_REFINE((void)0;);
-
-#if SIZEOF_SIZE_T == 4
-  zerobits = bits[1];
-  signbits = bits[3];
-
-  if (zerobits) {
-    int diff = ((absvalues + DCTSIZE2 / 2) - cabsvalue);
-    idx = count_zeroes(&zerobits);
-    signbits >>= idx;
-    idx += diff;
-    r += idx;
-    cabsvalue += idx;
-    goto first_iter_ac_refine;
-  }
-
-  ENCODE_COEFS_AC_REFINE(first_iter_ac_refine:);
-#endif
-
-  r |= (int)((absvalues + Sl) - cabsvalue);
-
-  if (r > 0 || BR > 0) {        /* If there are trailing zeroes, */
-    entropy->EOBRUN++;          /* count an EOB */
-    entropy->BE += BR;          /* concat my correction bits to older ones */
-    /* We force out the EOB if we risk either:
-     * 1. overflow of the EOB counter;
-     * 2. overflow of the correction bit buffer during the next MCU.
-     */
-    if (entropy->EOBRUN == 0x7FFF ||
-        entropy->BE > (MAX_CORR_BITS - DCTSIZE2 + 1))
-      emit_eobrun(entropy);
-  }
-
-  cinfo->dest->next_output_byte = entropy->next_output_byte;
-  cinfo->dest->free_in_buffer = entropy->free_in_buffer;
-
-  /* Update restart-interval state too */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0) {
-      entropy->restarts_to_go = cinfo->restart_interval;
-      entropy->next_restart_num++;
-      entropy->next_restart_num &= 7;
-    }
-    entropy->restarts_to_go--;
-  }
-
-  return TRUE;
-}
-
-
-/*
- * Finish up at the end of a Huffman-compressed progressive scan.
- */
-
-METHODDEF(void)
-finish_pass_phuff(j_compress_ptr cinfo)
-{
-  phuff_entropy_ptr entropy = (phuff_entropy_ptr)cinfo->entropy;
-
-  entropy->next_output_byte = cinfo->dest->next_output_byte;
-  entropy->free_in_buffer = cinfo->dest->free_in_buffer;
-
-  /* Flush out any buffered data */
-  emit_eobrun(entropy);
-  flush_bits(entropy);
-
-  cinfo->dest->next_output_byte = entropy->next_output_byte;
-  cinfo->dest->free_in_buffer = entropy->free_in_buffer;
-}
-
-
-/*
- * Finish up a statistics-gathering pass and create the new Huffman tables.
- */
-
-METHODDEF(void)
-finish_pass_gather_phuff(j_compress_ptr cinfo)
-{
-  phuff_entropy_ptr entropy = (phuff_entropy_ptr)cinfo->entropy;
-  boolean is_DC_band;
-  int ci, tbl;
-  jpeg_component_info *compptr;
-  JHUFF_TBL **htblptr;
-  boolean did[NUM_HUFF_TBLS];
-
-  /* Flush out buffered data (all we care about is counting the EOB symbol) */
-  emit_eobrun(entropy);
-
-  is_DC_band = (cinfo->Ss == 0);
-
-  /* It's important not to apply jpeg_gen_optimal_table more than once
-   * per table, because it clobbers the input frequency counts!
-   */
-  MEMZERO(did, sizeof(did));
-
-  for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-    compptr = cinfo->cur_comp_info[ci];
-    if (is_DC_band) {
-      if (cinfo->Ah != 0)       /* DC refinement needs no table */
-        continue;
-      tbl = compptr->dc_tbl_no;
-    } else {
-      tbl = compptr->ac_tbl_no;
-    }
-    if (!did[tbl]) {
-      if (is_DC_band)
-        htblptr = &cinfo->dc_huff_tbl_ptrs[tbl];
-      else
-        htblptr = &cinfo->ac_huff_tbl_ptrs[tbl];
-      if (*htblptr == NULL)
-        *htblptr = jpeg_alloc_huff_table((j_common_ptr)cinfo);
-      jpeg_gen_optimal_table(cinfo, *htblptr, entropy->count_ptrs[tbl]);
-      did[tbl] = TRUE;
-    }
-  }
-}
-
-
-/*
- * Module initialization routine for progressive Huffman entropy encoding.
- */
-
-GLOBAL(void)
-jinit_phuff_encoder(j_compress_ptr cinfo)
-{
-  phuff_entropy_ptr entropy;
-  int i;
-
-  entropy = (phuff_entropy_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(phuff_entropy_encoder));
-  cinfo->entropy = (struct jpeg_entropy_encoder *)entropy;
-  entropy->pub.start_pass = start_pass_phuff;
-
-  /* Mark tables unallocated */
-  for (i = 0; i < NUM_HUFF_TBLS; i++) {
-    entropy->derived_tbls[i] = NULL;
-    entropy->count_ptrs[i] = NULL;
-  }
-  entropy->bit_buffer = NULL;   /* needed only in AC refinement scan */
-}
-
-#endif /* C_PROGRESSIVE_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jcprepct.c b/3rdparty/libjpeg-turbo_2_1_0/jcprepct.c
deleted file mode 100644
index d59713a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jcprepct.c
+++ /dev/null
@@ -1,351 +0,0 @@
-/*
- * jcprepct.c
- *
- * This file is part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * It was modified by The libjpeg-turbo Project to include only code relevant
- * to libjpeg-turbo.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains the compression preprocessing controller.
- * This controller manages the color conversion, downsampling,
- * and edge expansion steps.
- *
- * Most of the complexity here is associated with buffering input rows
- * as required by the downsampler.  See the comments at the head of
- * jcsample.c for the downsampler's needs.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-
-
-/* At present, jcsample.c can request context rows only for smoothing.
- * In the future, we might also need context rows for CCIR601 sampling
- * or other more-complex downsampling procedures.  The code to support
- * context rows should be compiled only if needed.
- */
-#ifdef INPUT_SMOOTHING_SUPPORTED
-#define CONTEXT_ROWS_SUPPORTED
-#endif
-
-
-/*
- * For the simple (no-context-row) case, we just need to buffer one
- * row group's worth of pixels for the downsampling step.  At the bottom of
- * the image, we pad to a full row group by replicating the last pixel row.
- * The downsampler's last output row is then replicated if needed to pad
- * out to a full iMCU row.
- *
- * When providing context rows, we must buffer three row groups' worth of
- * pixels.  Three row groups are physically allocated, but the row pointer
- * arrays are made five row groups high, with the extra pointers above and
- * below "wrapping around" to point to the last and first real row groups.
- * This allows the downsampler to access the proper context rows.
- * At the top and bottom of the image, we create dummy context rows by
- * copying the first or last real pixel row.  This copying could be avoided
- * by pointer hacking as is done in jdmainct.c, but it doesn't seem worth the
- * trouble on the compression side.
- */
-
-
-/* Private buffer controller object */
-
-typedef struct {
-  struct jpeg_c_prep_controller pub; /* public fields */
-
-  /* Downsampling input buffer.  This buffer holds color-converted data
-   * until we have enough to do a downsample step.
-   */
-  JSAMPARRAY color_buf[MAX_COMPONENTS];
-
-  JDIMENSION rows_to_go;        /* counts rows remaining in source image */
-  int next_buf_row;             /* index of next row to store in color_buf */
-
-#ifdef CONTEXT_ROWS_SUPPORTED   /* only needed for context case */
-  int this_row_group;           /* starting row index of group to process */
-  int next_buf_stop;            /* downsample when we reach this index */
-#endif
-} my_prep_controller;
-
-typedef my_prep_controller *my_prep_ptr;
-
-
-/*
- * Initialize for a processing pass.
- */
-
-METHODDEF(void)
-start_pass_prep(j_compress_ptr cinfo, J_BUF_MODE pass_mode)
-{
-  my_prep_ptr prep = (my_prep_ptr)cinfo->prep;
-
-  if (pass_mode != JBUF_PASS_THRU)
-    ERREXIT(cinfo, JERR_BAD_BUFFER_MODE);
-
-  /* Initialize total-height counter for detecting bottom of image */
-  prep->rows_to_go = cinfo->image_height;
-  /* Mark the conversion buffer empty */
-  prep->next_buf_row = 0;
-#ifdef CONTEXT_ROWS_SUPPORTED
-  /* Preset additional state variables for context mode.
-   * These aren't used in non-context mode, so we needn't test which mode.
-   */
-  prep->this_row_group = 0;
-  /* Set next_buf_stop to stop after two row groups have been read in. */
-  prep->next_buf_stop = 2 * cinfo->max_v_samp_factor;
-#endif
-}
-
-
-/*
- * Expand an image vertically from height input_rows to height output_rows,
- * by duplicating the bottom row.
- */
-
-LOCAL(void)
-expand_bottom_edge(JSAMPARRAY image_data, JDIMENSION num_cols, int input_rows,
-                   int output_rows)
-{
-  register int row;
-
-  for (row = input_rows; row < output_rows; row++) {
-    jcopy_sample_rows(image_data, input_rows - 1, image_data, row, 1,
-                      num_cols);
-  }
-}
-
-
-/*
- * Process some data in the simple no-context case.
- *
- * Preprocessor output data is counted in "row groups".  A row group
- * is defined to be v_samp_factor sample rows of each component.
- * Downsampling will produce this much data from each max_v_samp_factor
- * input rows.
- */
-
-METHODDEF(void)
-pre_process_data(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                 JDIMENSION *in_row_ctr, JDIMENSION in_rows_avail,
-                 JSAMPIMAGE output_buf, JDIMENSION *out_row_group_ctr,
-                 JDIMENSION out_row_groups_avail)
-{
-  my_prep_ptr prep = (my_prep_ptr)cinfo->prep;
-  int numrows, ci;
-  JDIMENSION inrows;
-  jpeg_component_info *compptr;
-
-  while (*in_row_ctr < in_rows_avail &&
-         *out_row_group_ctr < out_row_groups_avail) {
-    /* Do color conversion to fill the conversion buffer. */
-    inrows = in_rows_avail - *in_row_ctr;
-    numrows = cinfo->max_v_samp_factor - prep->next_buf_row;
-    numrows = (int)MIN((JDIMENSION)numrows, inrows);
-    (*cinfo->cconvert->color_convert) (cinfo, input_buf + *in_row_ctr,
-                                       prep->color_buf,
-                                       (JDIMENSION)prep->next_buf_row,
-                                       numrows);
-    *in_row_ctr += numrows;
-    prep->next_buf_row += numrows;
-    prep->rows_to_go -= numrows;
-    /* If at bottom of image, pad to fill the conversion buffer. */
-    if (prep->rows_to_go == 0 &&
-        prep->next_buf_row < cinfo->max_v_samp_factor) {
-      for (ci = 0; ci < cinfo->num_components; ci++) {
-        expand_bottom_edge(prep->color_buf[ci], cinfo->image_width,
-                           prep->next_buf_row, cinfo->max_v_samp_factor);
-      }
-      prep->next_buf_row = cinfo->max_v_samp_factor;
-    }
-    /* If we've filled the conversion buffer, empty it. */
-    if (prep->next_buf_row == cinfo->max_v_samp_factor) {
-      (*cinfo->downsample->downsample) (cinfo,
-                                        prep->color_buf, (JDIMENSION)0,
-                                        output_buf, *out_row_group_ctr);
-      prep->next_buf_row = 0;
-      (*out_row_group_ctr)++;
-    }
-    /* If at bottom of image, pad the output to a full iMCU height.
-     * Note we assume the caller is providing a one-iMCU-height output buffer!
-     */
-    if (prep->rows_to_go == 0 && *out_row_group_ctr < out_row_groups_avail) {
-      for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-           ci++, compptr++) {
-        expand_bottom_edge(output_buf[ci], compptr->width_in_blocks * DCTSIZE,
-                           (int)(*out_row_group_ctr * compptr->v_samp_factor),
-                           (int)(out_row_groups_avail * compptr->v_samp_factor));
-      }
-      *out_row_group_ctr = out_row_groups_avail;
-      break;                    /* can exit outer loop without test */
-    }
-  }
-}
-
-
-#ifdef CONTEXT_ROWS_SUPPORTED
-
-/*
- * Process some data in the context case.
- */
-
-METHODDEF(void)
-pre_process_context(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                    JDIMENSION *in_row_ctr, JDIMENSION in_rows_avail,
-                    JSAMPIMAGE output_buf, JDIMENSION *out_row_group_ctr,
-                    JDIMENSION out_row_groups_avail)
-{
-  my_prep_ptr prep = (my_prep_ptr)cinfo->prep;
-  int numrows, ci;
-  int buf_height = cinfo->max_v_samp_factor * 3;
-  JDIMENSION inrows;
-
-  while (*out_row_group_ctr < out_row_groups_avail) {
-    if (*in_row_ctr < in_rows_avail) {
-      /* Do color conversion to fill the conversion buffer. */
-      inrows = in_rows_avail - *in_row_ctr;
-      numrows = prep->next_buf_stop - prep->next_buf_row;
-      numrows = (int)MIN((JDIMENSION)numrows, inrows);
-      (*cinfo->cconvert->color_convert) (cinfo, input_buf + *in_row_ctr,
-                                         prep->color_buf,
-                                         (JDIMENSION)prep->next_buf_row,
-                                         numrows);
-      /* Pad at top of image, if first time through */
-      if (prep->rows_to_go == cinfo->image_height) {
-        for (ci = 0; ci < cinfo->num_components; ci++) {
-          int row;
-          for (row = 1; row <= cinfo->max_v_samp_factor; row++) {
-            jcopy_sample_rows(prep->color_buf[ci], 0, prep->color_buf[ci],
-                              -row, 1, cinfo->image_width);
-          }
-        }
-      }
-      *in_row_ctr += numrows;
-      prep->next_buf_row += numrows;
-      prep->rows_to_go -= numrows;
-    } else {
-      /* Return for more data, unless we are at the bottom of the image. */
-      if (prep->rows_to_go != 0)
-        break;
-      /* When at bottom of image, pad to fill the conversion buffer. */
-      if (prep->next_buf_row < prep->next_buf_stop) {
-        for (ci = 0; ci < cinfo->num_components; ci++) {
-          expand_bottom_edge(prep->color_buf[ci], cinfo->image_width,
-                             prep->next_buf_row, prep->next_buf_stop);
-        }
-        prep->next_buf_row = prep->next_buf_stop;
-      }
-    }
-    /* If we've gotten enough data, downsample a row group. */
-    if (prep->next_buf_row == prep->next_buf_stop) {
-      (*cinfo->downsample->downsample) (cinfo, prep->color_buf,
-                                        (JDIMENSION)prep->this_row_group,
-                                        output_buf, *out_row_group_ctr);
-      (*out_row_group_ctr)++;
-      /* Advance pointers with wraparound as necessary. */
-      prep->this_row_group += cinfo->max_v_samp_factor;
-      if (prep->this_row_group >= buf_height)
-        prep->this_row_group = 0;
-      if (prep->next_buf_row >= buf_height)
-        prep->next_buf_row = 0;
-      prep->next_buf_stop = prep->next_buf_row + cinfo->max_v_samp_factor;
-    }
-  }
-}
-
-
-/*
- * Create the wrapped-around downsampling input buffer needed for context mode.
- */
-
-LOCAL(void)
-create_context_buffer(j_compress_ptr cinfo)
-{
-  my_prep_ptr prep = (my_prep_ptr)cinfo->prep;
-  int rgroup_height = cinfo->max_v_samp_factor;
-  int ci, i;
-  jpeg_component_info *compptr;
-  JSAMPARRAY true_buffer, fake_buffer;
-
-  /* Grab enough space for fake row pointers for all the components;
-   * we need five row groups' worth of pointers for each component.
-   */
-  fake_buffer = (JSAMPARRAY)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                (cinfo->num_components * 5 * rgroup_height) *
-                                sizeof(JSAMPROW));
-
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    /* Allocate the actual buffer space (3 row groups) for this component.
-     * We make the buffer wide enough to allow the downsampler to edge-expand
-     * horizontally within the buffer, if it so chooses.
-     */
-    true_buffer = (*cinfo->mem->alloc_sarray)
-      ((j_common_ptr)cinfo, JPOOL_IMAGE,
-       (JDIMENSION)(((long)compptr->width_in_blocks * DCTSIZE *
-                     cinfo->max_h_samp_factor) / compptr->h_samp_factor),
-       (JDIMENSION)(3 * rgroup_height));
-    /* Copy true buffer row pointers into the middle of the fake row array */
-    MEMCOPY(fake_buffer + rgroup_height, true_buffer,
-            3 * rgroup_height * sizeof(JSAMPROW));
-    /* Fill in the above and below wraparound pointers */
-    for (i = 0; i < rgroup_height; i++) {
-      fake_buffer[i] = true_buffer[2 * rgroup_height + i];
-      fake_buffer[4 * rgroup_height + i] = true_buffer[i];
-    }
-    prep->color_buf[ci] = fake_buffer + rgroup_height;
-    fake_buffer += 5 * rgroup_height; /* point to space for next component */
-  }
-}
-
-#endif /* CONTEXT_ROWS_SUPPORTED */
-
-
-/*
- * Initialize preprocessing controller.
- */
-
-GLOBAL(void)
-jinit_c_prep_controller(j_compress_ptr cinfo, boolean need_full_buffer)
-{
-  my_prep_ptr prep;
-  int ci;
-  jpeg_component_info *compptr;
-
-  if (need_full_buffer)         /* safety check */
-    ERREXIT(cinfo, JERR_BAD_BUFFER_MODE);
-
-  prep = (my_prep_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(my_prep_controller));
-  cinfo->prep = (struct jpeg_c_prep_controller *)prep;
-  prep->pub.start_pass = start_pass_prep;
-
-  /* Allocate the color conversion buffer.
-   * We make the buffer wide enough to allow the downsampler to edge-expand
-   * horizontally within the buffer, if it so chooses.
-   */
-  if (cinfo->downsample->need_context_rows) {
-    /* Set up to provide context rows */
-#ifdef CONTEXT_ROWS_SUPPORTED
-    prep->pub.pre_process_data = pre_process_context;
-    create_context_buffer(cinfo);
-#else
-    ERREXIT(cinfo, JERR_NOT_COMPILED);
-#endif
-  } else {
-    /* No context, just make it tall enough for one row group */
-    prep->pub.pre_process_data = pre_process_data;
-    for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-         ci++, compptr++) {
-      prep->color_buf[ci] = (*cinfo->mem->alloc_sarray)
-        ((j_common_ptr)cinfo, JPOOL_IMAGE,
-         (JDIMENSION)(((long)compptr->width_in_blocks * DCTSIZE *
-                       cinfo->max_h_samp_factor) / compptr->h_samp_factor),
-         (JDIMENSION)cinfo->max_v_samp_factor);
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jcsample.c b/3rdparty/libjpeg-turbo_2_1_0/jcsample.c
deleted file mode 100644
index e8515eb..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jcsample.c
+++ /dev/null
@@ -1,522 +0,0 @@
-/*
- * jcsample.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1996, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2014, MIPS Technologies, Inc., California.
- * Copyright (C) 2015, 2019, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains downsampling routines.
- *
- * Downsampling input data is counted in "row groups".  A row group
- * is defined to be max_v_samp_factor pixel rows of each component,
- * from which the downsampler produces v_samp_factor sample rows.
- * A single row group is processed in each call to the downsampler module.
- *
- * The downsampler is responsible for edge-expansion of its output data
- * to fill an integral number of DCT blocks horizontally.  The source buffer
- * may be modified if it is helpful for this purpose (the source buffer is
- * allocated wide enough to correspond to the desired output width).
- * The caller (the prep controller) is responsible for vertical padding.
- *
- * The downsampler may request "context rows" by setting need_context_rows
- * during startup.  In this case, the input arrays will contain at least
- * one row group's worth of pixels above and below the passed-in data;
- * the caller will create dummy rows at image top and bottom by replicating
- * the first or last real pixel row.
- *
- * An excellent reference for image resampling is
- *   Digital Image Warping, George Wolberg, 1990.
- *   Pub. by IEEE Computer Society Press, Los Alamitos, CA. ISBN 0-8186-8944-7.
- *
- * The downsampling algorithm used here is a simple average of the source
- * pixels covered by the output pixel.  The hi-falutin sampling literature
- * refers to this as a "box filter".  In general the characteristics of a box
- * filter are not very good, but for the specific cases we normally use (1:1
- * and 2:1 ratios) the box is equivalent to a "triangle filter" which is not
- * nearly so bad.  If you intend to use other sampling ratios, you'd be well
- * advised to improve this code.
- *
- * A simple input-smoothing capability is provided.  This is mainly intended
- * for cleaning up color-dithered GIF input files (if you find it inadequate,
- * we suggest using an external filtering program such as pnmconvol).  When
- * enabled, each input pixel P is replaced by a weighted sum of itself and its
- * eight neighbors.  P's weight is 1-8*SF and each neighbor's weight is SF,
- * where SF = (smoothing_factor / 1024).
- * Currently, smoothing is only supported for 2h2v sampling factors.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jsimd.h"
-
-
-/* Pointer to routine to downsample a single component */
-typedef void (*downsample1_ptr) (j_compress_ptr cinfo,
-                                 jpeg_component_info *compptr,
-                                 JSAMPARRAY input_data,
-                                 JSAMPARRAY output_data);
-
-/* Private subobject */
-
-typedef struct {
-  struct jpeg_downsampler pub;  /* public fields */
-
-  /* Downsampling method pointers, one per component */
-  downsample1_ptr methods[MAX_COMPONENTS];
-} my_downsampler;
-
-typedef my_downsampler *my_downsample_ptr;
-
-
-/*
- * Initialize for a downsampling pass.
- */
-
-METHODDEF(void)
-start_pass_downsample(j_compress_ptr cinfo)
-{
-  /* no work for now */
-}
-
-
-/*
- * Expand a component horizontally from width input_cols to width output_cols,
- * by duplicating the rightmost samples.
- */
-
-LOCAL(void)
-expand_right_edge(JSAMPARRAY image_data, int num_rows, JDIMENSION input_cols,
-                  JDIMENSION output_cols)
-{
-  register JSAMPROW ptr;
-  register JSAMPLE pixval;
-  register int count;
-  int row;
-  int numcols = (int)(output_cols - input_cols);
-
-  if (numcols > 0) {
-    for (row = 0; row < num_rows; row++) {
-      ptr = image_data[row] + input_cols;
-      pixval = ptr[-1];
-      for (count = numcols; count > 0; count--)
-        *ptr++ = pixval;
-    }
-  }
-}
-
-
-/*
- * Do downsampling for a whole row group (all components).
- *
- * In this version we simply downsample each component independently.
- */
-
-METHODDEF(void)
-sep_downsample(j_compress_ptr cinfo, JSAMPIMAGE input_buf,
-               JDIMENSION in_row_index, JSAMPIMAGE output_buf,
-               JDIMENSION out_row_group_index)
-{
-  my_downsample_ptr downsample = (my_downsample_ptr)cinfo->downsample;
-  int ci;
-  jpeg_component_info *compptr;
-  JSAMPARRAY in_ptr, out_ptr;
-
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    in_ptr = input_buf[ci] + in_row_index;
-    out_ptr = output_buf[ci] + (out_row_group_index * compptr->v_samp_factor);
-    (*downsample->methods[ci]) (cinfo, compptr, in_ptr, out_ptr);
-  }
-}
-
-
-/*
- * Downsample pixel values of a single component.
- * One row group is processed per call.
- * This version handles arbitrary integral sampling ratios, without smoothing.
- * Note that this version is not actually used for customary sampling ratios.
- */
-
-METHODDEF(void)
-int_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-               JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  int inrow, outrow, h_expand, v_expand, numpix, numpix2, h, v;
-  JDIMENSION outcol, outcol_h;  /* outcol_h == outcol*h_expand */
-  JDIMENSION output_cols = compptr->width_in_blocks * DCTSIZE;
-  JSAMPROW inptr, outptr;
-  JLONG outvalue;
-
-  h_expand = cinfo->max_h_samp_factor / compptr->h_samp_factor;
-  v_expand = cinfo->max_v_samp_factor / compptr->v_samp_factor;
-  numpix = h_expand * v_expand;
-  numpix2 = numpix / 2;
-
-  /* Expand input data enough to let all the output samples be generated
-   * by the standard loop.  Special-casing padded output would be more
-   * efficient.
-   */
-  expand_right_edge(input_data, cinfo->max_v_samp_factor, cinfo->image_width,
-                    output_cols * h_expand);
-
-  inrow = 0;
-  for (outrow = 0; outrow < compptr->v_samp_factor; outrow++) {
-    outptr = output_data[outrow];
-    for (outcol = 0, outcol_h = 0; outcol < output_cols;
-         outcol++, outcol_h += h_expand) {
-      outvalue = 0;
-      for (v = 0; v < v_expand; v++) {
-        inptr = input_data[inrow + v] + outcol_h;
-        for (h = 0; h < h_expand; h++) {
-          outvalue += (JLONG)(*inptr++);
-        }
-      }
-      *outptr++ = (JSAMPLE)((outvalue + numpix2) / numpix);
-    }
-    inrow += v_expand;
-  }
-}
-
-
-/*
- * Downsample pixel values of a single component.
- * This version handles the special case of a full-size component,
- * without smoothing.
- */
-
-METHODDEF(void)
-fullsize_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                    JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  /* Copy the data */
-  jcopy_sample_rows(input_data, 0, output_data, 0, cinfo->max_v_samp_factor,
-                    cinfo->image_width);
-  /* Edge-expand */
-  expand_right_edge(output_data, cinfo->max_v_samp_factor, cinfo->image_width,
-                    compptr->width_in_blocks * DCTSIZE);
-}
-
-
-/*
- * Downsample pixel values of a single component.
- * This version handles the common case of 2:1 horizontal and 1:1 vertical,
- * without smoothing.
- *
- * A note about the "bias" calculations: when rounding fractional values to
- * integer, we do not want to always round 0.5 up to the next integer.
- * If we did that, we'd introduce a noticeable bias towards larger values.
- * Instead, this code is arranged so that 0.5 will be rounded up or down at
- * alternate pixel locations (a simple ordered dither pattern).
- */
-
-METHODDEF(void)
-h2v1_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  int outrow;
-  JDIMENSION outcol;
-  JDIMENSION output_cols = compptr->width_in_blocks * DCTSIZE;
-  register JSAMPROW inptr, outptr;
-  register int bias;
-
-  /* Expand input data enough to let all the output samples be generated
-   * by the standard loop.  Special-casing padded output would be more
-   * efficient.
-   */
-  expand_right_edge(input_data, cinfo->max_v_samp_factor, cinfo->image_width,
-                    output_cols * 2);
-
-  for (outrow = 0; outrow < compptr->v_samp_factor; outrow++) {
-    outptr = output_data[outrow];
-    inptr = input_data[outrow];
-    bias = 0;                   /* bias = 0,1,0,1,... for successive samples */
-    for (outcol = 0; outcol < output_cols; outcol++) {
-      *outptr++ = (JSAMPLE)((inptr[0] + inptr[1] + bias) >> 1);
-      bias ^= 1;                /* 0=>1, 1=>0 */
-      inptr += 2;
-    }
-  }
-}
-
-
-/*
- * Downsample pixel values of a single component.
- * This version handles the standard case of 2:1 horizontal and 2:1 vertical,
- * without smoothing.
- */
-
-METHODDEF(void)
-h2v2_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  int inrow, outrow;
-  JDIMENSION outcol;
-  JDIMENSION output_cols = compptr->width_in_blocks * DCTSIZE;
-  register JSAMPROW inptr0, inptr1, outptr;
-  register int bias;
-
-  /* Expand input data enough to let all the output samples be generated
-   * by the standard loop.  Special-casing padded output would be more
-   * efficient.
-   */
-  expand_right_edge(input_data, cinfo->max_v_samp_factor, cinfo->image_width,
-                    output_cols * 2);
-
-  inrow = 0;
-  for (outrow = 0; outrow < compptr->v_samp_factor; outrow++) {
-    outptr = output_data[outrow];
-    inptr0 = input_data[inrow];
-    inptr1 = input_data[inrow + 1];
-    bias = 1;                   /* bias = 1,2,1,2,... for successive samples */
-    for (outcol = 0; outcol < output_cols; outcol++) {
-      *outptr++ =
-        (JSAMPLE)((inptr0[0] + inptr0[1] + inptr1[0] + inptr1[1] + bias) >> 2);
-      bias ^= 3;                /* 1=>2, 2=>1 */
-      inptr0 += 2;  inptr1 += 2;
-    }
-    inrow += 2;
-  }
-}
-
-
-#ifdef INPUT_SMOOTHING_SUPPORTED
-
-/*
- * Downsample pixel values of a single component.
- * This version handles the standard case of 2:1 horizontal and 2:1 vertical,
- * with smoothing.  One row of context is required.
- */
-
-METHODDEF(void)
-h2v2_smooth_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                       JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  int inrow, outrow;
-  JDIMENSION colctr;
-  JDIMENSION output_cols = compptr->width_in_blocks * DCTSIZE;
-  register JSAMPROW inptr0, inptr1, above_ptr, below_ptr, outptr;
-  JLONG membersum, neighsum, memberscale, neighscale;
-
-  /* Expand input data enough to let all the output samples be generated
-   * by the standard loop.  Special-casing padded output would be more
-   * efficient.
-   */
-  expand_right_edge(input_data - 1, cinfo->max_v_samp_factor + 2,
-                    cinfo->image_width, output_cols * 2);
-
-  /* We don't bother to form the individual "smoothed" input pixel values;
-   * we can directly compute the output which is the average of the four
-   * smoothed values.  Each of the four member pixels contributes a fraction
-   * (1-8*SF) to its own smoothed image and a fraction SF to each of the three
-   * other smoothed pixels, therefore a total fraction (1-5*SF)/4 to the final
-   * output.  The four corner-adjacent neighbor pixels contribute a fraction
-   * SF to just one smoothed pixel, or SF/4 to the final output; while the
-   * eight edge-adjacent neighbors contribute SF to each of two smoothed
-   * pixels, or SF/2 overall.  In order to use integer arithmetic, these
-   * factors are scaled by 2^16 = 65536.
-   * Also recall that SF = smoothing_factor / 1024.
-   */
-
-  memberscale = 16384 - cinfo->smoothing_factor * 80; /* scaled (1-5*SF)/4 */
-  neighscale = cinfo->smoothing_factor * 16; /* scaled SF/4 */
-
-  inrow = 0;
-  for (outrow = 0; outrow < compptr->v_samp_factor; outrow++) {
-    outptr = output_data[outrow];
-    inptr0 = input_data[inrow];
-    inptr1 = input_data[inrow + 1];
-    above_ptr = input_data[inrow - 1];
-    below_ptr = input_data[inrow + 2];
-
-    /* Special case for first column: pretend column -1 is same as column 0 */
-    membersum = inptr0[0] + inptr0[1] + inptr1[0] + inptr1[1];
-    neighsum = above_ptr[0] + above_ptr[1] + below_ptr[0] + below_ptr[1] +
-               inptr0[0] + inptr0[2] + inptr1[0] + inptr1[2];
-    neighsum += neighsum;
-    neighsum += above_ptr[0] + above_ptr[2] + below_ptr[0] + below_ptr[2];
-    membersum = membersum * memberscale + neighsum * neighscale;
-    *outptr++ = (JSAMPLE)((membersum + 32768) >> 16);
-    inptr0 += 2;  inptr1 += 2;  above_ptr += 2;  below_ptr += 2;
-
-    for (colctr = output_cols - 2; colctr > 0; colctr--) {
-      /* sum of pixels directly mapped to this output element */
-      membersum = inptr0[0] + inptr0[1] + inptr1[0] + inptr1[1];
-      /* sum of edge-neighbor pixels */
-      neighsum = above_ptr[0] + above_ptr[1] + below_ptr[0] + below_ptr[1] +
-                 inptr0[-1] + inptr0[2] + inptr1[-1] + inptr1[2];
-      /* The edge-neighbors count twice as much as corner-neighbors */
-      neighsum += neighsum;
-      /* Add in the corner-neighbors */
-      neighsum += above_ptr[-1] + above_ptr[2] + below_ptr[-1] + below_ptr[2];
-      /* form final output scaled up by 2^16 */
-      membersum = membersum * memberscale + neighsum * neighscale;
-      /* round, descale and output it */
-      *outptr++ = (JSAMPLE)((membersum + 32768) >> 16);
-      inptr0 += 2;  inptr1 += 2;  above_ptr += 2;  below_ptr += 2;
-    }
-
-    /* Special case for last column */
-    membersum = inptr0[0] + inptr0[1] + inptr1[0] + inptr1[1];
-    neighsum = above_ptr[0] + above_ptr[1] + below_ptr[0] + below_ptr[1] +
-               inptr0[-1] + inptr0[1] + inptr1[-1] + inptr1[1];
-    neighsum += neighsum;
-    neighsum += above_ptr[-1] + above_ptr[1] + below_ptr[-1] + below_ptr[1];
-    membersum = membersum * memberscale + neighsum * neighscale;
-    *outptr = (JSAMPLE)((membersum + 32768) >> 16);
-
-    inrow += 2;
-  }
-}
-
-
-/*
- * Downsample pixel values of a single component.
- * This version handles the special case of a full-size component,
- * with smoothing.  One row of context is required.
- */
-
-METHODDEF(void)
-fullsize_smooth_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                           JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  int outrow;
-  JDIMENSION colctr;
-  JDIMENSION output_cols = compptr->width_in_blocks * DCTSIZE;
-  register JSAMPROW inptr, above_ptr, below_ptr, outptr;
-  JLONG membersum, neighsum, memberscale, neighscale;
-  int colsum, lastcolsum, nextcolsum;
-
-  /* Expand input data enough to let all the output samples be generated
-   * by the standard loop.  Special-casing padded output would be more
-   * efficient.
-   */
-  expand_right_edge(input_data - 1, cinfo->max_v_samp_factor + 2,
-                    cinfo->image_width, output_cols);
-
-  /* Each of the eight neighbor pixels contributes a fraction SF to the
-   * smoothed pixel, while the main pixel contributes (1-8*SF).  In order
-   * to use integer arithmetic, these factors are multiplied by 2^16 = 65536.
-   * Also recall that SF = smoothing_factor / 1024.
-   */
-
-  memberscale = 65536L - cinfo->smoothing_factor * 512L; /* scaled 1-8*SF */
-  neighscale = cinfo->smoothing_factor * 64; /* scaled SF */
-
-  for (outrow = 0; outrow < compptr->v_samp_factor; outrow++) {
-    outptr = output_data[outrow];
-    inptr = input_data[outrow];
-    above_ptr = input_data[outrow - 1];
-    below_ptr = input_data[outrow + 1];
-
-    /* Special case for first column */
-    colsum = (*above_ptr++) + (*below_ptr++) + inptr[0];
-    membersum = *inptr++;
-    nextcolsum = above_ptr[0] + below_ptr[0] + inptr[0];
-    neighsum = colsum + (colsum - membersum) + nextcolsum;
-    membersum = membersum * memberscale + neighsum * neighscale;
-    *outptr++ = (JSAMPLE)((membersum + 32768) >> 16);
-    lastcolsum = colsum;  colsum = nextcolsum;
-
-    for (colctr = output_cols - 2; colctr > 0; colctr--) {
-      membersum = *inptr++;
-      above_ptr++;  below_ptr++;
-      nextcolsum = above_ptr[0] + below_ptr[0] + inptr[0];
-      neighsum = lastcolsum + (colsum - membersum) + nextcolsum;
-      membersum = membersum * memberscale + neighsum * neighscale;
-      *outptr++ = (JSAMPLE)((membersum + 32768) >> 16);
-      lastcolsum = colsum;  colsum = nextcolsum;
-    }
-
-    /* Special case for last column */
-    membersum = *inptr;
-    neighsum = lastcolsum + (colsum - membersum) + colsum;
-    membersum = membersum * memberscale + neighsum * neighscale;
-    *outptr = (JSAMPLE)((membersum + 32768) >> 16);
-
-  }
-}
-
-#endif /* INPUT_SMOOTHING_SUPPORTED */
-
-
-/*
- * Module initialization routine for downsampling.
- * Note that we must select a routine for each component.
- */
-
-GLOBAL(void)
-jinit_downsampler(j_compress_ptr cinfo)
-{
-  my_downsample_ptr downsample;
-  int ci;
-  jpeg_component_info *compptr;
-  boolean smoothok = TRUE;
-
-  downsample = (my_downsample_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(my_downsampler));
-  cinfo->downsample = (struct jpeg_downsampler *)downsample;
-  downsample->pub.start_pass = start_pass_downsample;
-  downsample->pub.downsample = sep_downsample;
-  downsample->pub.need_context_rows = FALSE;
-
-  if (cinfo->CCIR601_sampling)
-    ERREXIT(cinfo, JERR_CCIR601_NOTIMPL);
-
-  /* Verify we can handle the sampling factors, and set up method pointers */
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    if (compptr->h_samp_factor == cinfo->max_h_samp_factor &&
-        compptr->v_samp_factor == cinfo->max_v_samp_factor) {
-#ifdef INPUT_SMOOTHING_SUPPORTED
-      if (cinfo->smoothing_factor) {
-        downsample->methods[ci] = fullsize_smooth_downsample;
-        downsample->pub.need_context_rows = TRUE;
-      } else
-#endif
-        downsample->methods[ci] = fullsize_downsample;
-    } else if (compptr->h_samp_factor * 2 == cinfo->max_h_samp_factor &&
-               compptr->v_samp_factor == cinfo->max_v_samp_factor) {
-      smoothok = FALSE;
-      if (jsimd_can_h2v1_downsample())
-        downsample->methods[ci] = jsimd_h2v1_downsample;
-      else
-        downsample->methods[ci] = h2v1_downsample;
-    } else if (compptr->h_samp_factor * 2 == cinfo->max_h_samp_factor &&
-               compptr->v_samp_factor * 2 == cinfo->max_v_samp_factor) {
-#ifdef INPUT_SMOOTHING_SUPPORTED
-      if (cinfo->smoothing_factor) {
-#if defined(__mips__)
-        if (jsimd_can_h2v2_smooth_downsample())
-          downsample->methods[ci] = jsimd_h2v2_smooth_downsample;
-        else
-#endif
-          downsample->methods[ci] = h2v2_smooth_downsample;
-        downsample->pub.need_context_rows = TRUE;
-      } else
-#endif
-      {
-        if (jsimd_can_h2v2_downsample())
-          downsample->methods[ci] = jsimd_h2v2_downsample;
-        else
-          downsample->methods[ci] = h2v2_downsample;
-      }
-    } else if ((cinfo->max_h_samp_factor % compptr->h_samp_factor) == 0 &&
-               (cinfo->max_v_samp_factor % compptr->v_samp_factor) == 0) {
-      smoothok = FALSE;
-      downsample->methods[ci] = int_downsample;
-    } else
-      ERREXIT(cinfo, JERR_FRACT_SAMPLE_NOTIMPL);
-  }
-
-#ifdef INPUT_SMOOTHING_SUPPORTED
-  if (cinfo->smoothing_factor && !smoothok)
-    TRACEMS(cinfo, 0, JTRC_SMOOTH_NOTIMPL);
-#endif
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jcstest.c b/3rdparty/libjpeg-turbo_2_1_0/jcstest.c
deleted file mode 100644
index 8b1fe38..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jcstest.c
+++ /dev/null
@@ -1,126 +0,0 @@
-/*
- * Copyright (C)2011 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-/* This program demonstrates how to check for the colorspace extension
-   capabilities of libjpeg-turbo at both compile time and run time. */
-
-#include <stdio.h>
-#include <jpeglib.h>
-#include <jerror.h>
-#include <setjmp.h>
-
-#ifndef JCS_EXTENSIONS
-#define JCS_EXT_RGB  6
-#endif
-#if !defined(JCS_EXTENSIONS) || !defined(JCS_ALPHA_EXTENSIONS)
-#define JCS_EXT_RGBA  12
-#endif
-
-static char lasterror[JMSG_LENGTH_MAX] = "No error";
-
-typedef struct _error_mgr {
-  struct jpeg_error_mgr pub;
-  jmp_buf jb;
-} error_mgr;
-
-static void my_error_exit(j_common_ptr cinfo)
-{
-  error_mgr *myerr = (error_mgr *)cinfo->err;
-  (*cinfo->err->output_message) (cinfo);
-  longjmp(myerr->jb, 1);
-}
-
-static void my_output_message(j_common_ptr cinfo)
-{
-  (*cinfo->err->format_message) (cinfo, lasterror);
-}
-
-int main(void)
-{
-  int jcs_valid = -1, jcs_alpha_valid = -1;
-  struct jpeg_compress_struct cinfo;
-  error_mgr jerr;
-
-  printf("libjpeg-turbo colorspace extensions:\n");
-#if JCS_EXTENSIONS
-  printf("  Present at compile time\n");
-#else
-  printf("  Not present at compile time\n");
-#endif
-
-  cinfo.err = jpeg_std_error(&jerr.pub);
-  jerr.pub.error_exit = my_error_exit;
-  jerr.pub.output_message = my_output_message;
-
-  if (setjmp(jerr.jb)) {
-    /* this will execute if libjpeg has an error */
-    jcs_valid = 0;
-    goto done;
-  }
-
-  jpeg_create_compress(&cinfo);
-  cinfo.input_components = 3;
-  jpeg_set_defaults(&cinfo);
-  cinfo.in_color_space = JCS_EXT_RGB;
-  jpeg_default_colorspace(&cinfo);
-  jcs_valid = 1;
-
-done:
-  if (jcs_valid)
-    printf("  Working properly\n");
-  else
-    printf("  Not working properly.  Error returned was:\n    %s\n",
-           lasterror);
-
-  printf("libjpeg-turbo alpha colorspace extensions:\n");
-#if JCS_ALPHA_EXTENSIONS
-  printf("  Present at compile time\n");
-#else
-  printf("  Not present at compile time\n");
-#endif
-
-  if (setjmp(jerr.jb)) {
-    /* this will execute if libjpeg has an error */
-    jcs_alpha_valid = 0;
-    goto done2;
-  }
-
-  cinfo.in_color_space = JCS_EXT_RGBA;
-  jpeg_default_colorspace(&cinfo);
-  jcs_alpha_valid = 1;
-
-done2:
-  if (jcs_alpha_valid)
-    printf("  Working properly\n");
-  else
-    printf("  Not working properly.  Error returned was:\n    %s\n",
-           lasterror);
-
-  jpeg_destroy_compress(&cinfo);
-  return 0;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jctrans.c b/3rdparty/libjpeg-turbo_2_1_0/jctrans.c
deleted file mode 100644
index ab6a218..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jctrans.c
+++ /dev/null
@@ -1,401 +0,0 @@
-/*
- * jctrans.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1995-1998, Thomas G. Lane.
- * Modified 2000-2009 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2020, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains library routines for transcoding compression,
- * that is, writing raw DCT coefficient arrays to an output JPEG file.
- * The routines in jcapimin.c will also be needed by a transcoder.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jpegcomp.h"
-
-
-/* Forward declarations */
-LOCAL(void) transencode_master_selection(j_compress_ptr cinfo,
-                                         jvirt_barray_ptr *coef_arrays);
-LOCAL(void) transencode_coef_controller(j_compress_ptr cinfo,
-                                        jvirt_barray_ptr *coef_arrays);
-
-
-/*
- * Compression initialization for writing raw-coefficient data.
- * Before calling this, all parameters and a data destination must be set up.
- * Call jpeg_finish_compress() to actually write the data.
- *
- * The number of passed virtual arrays must match cinfo->num_components.
- * Note that the virtual arrays need not be filled or even realized at
- * the time write_coefficients is called; indeed, if the virtual arrays
- * were requested from this compression object's memory manager, they
- * typically will be realized during this routine and filled afterwards.
- */
-
-GLOBAL(void)
-jpeg_write_coefficients(j_compress_ptr cinfo, jvirt_barray_ptr *coef_arrays)
-{
-  if (cinfo->global_state != CSTATE_START)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-  /* Mark all tables to be written */
-  jpeg_suppress_tables(cinfo, FALSE);
-  /* (Re)initialize error mgr and destination modules */
-  (*cinfo->err->reset_error_mgr) ((j_common_ptr)cinfo);
-  (*cinfo->dest->init_destination) (cinfo);
-  /* Perform master selection of active modules */
-  transencode_master_selection(cinfo, coef_arrays);
-  /* Wait for jpeg_finish_compress() call */
-  cinfo->next_scanline = 0;     /* so jpeg_write_marker works */
-  cinfo->global_state = CSTATE_WRCOEFS;
-}
-
-
-/*
- * Initialize the compression object with default parameters,
- * then copy from the source object all parameters needed for lossless
- * transcoding.  Parameters that can be varied without loss (such as
- * scan script and Huffman optimization) are left in their default states.
- */
-
-GLOBAL(void)
-jpeg_copy_critical_parameters(j_decompress_ptr srcinfo, j_compress_ptr dstinfo)
-{
-  JQUANT_TBL **qtblptr;
-  jpeg_component_info *incomp, *outcomp;
-  JQUANT_TBL *c_quant, *slot_quant;
-  int tblno, ci, coefi;
-
-  /* Safety check to ensure start_compress not called yet. */
-  if (dstinfo->global_state != CSTATE_START)
-    ERREXIT1(dstinfo, JERR_BAD_STATE, dstinfo->global_state);
-  /* Copy fundamental image dimensions */
-  dstinfo->image_width = srcinfo->image_width;
-  dstinfo->image_height = srcinfo->image_height;
-  dstinfo->input_components = srcinfo->num_components;
-  dstinfo->in_color_space = srcinfo->jpeg_color_space;
-#if JPEG_LIB_VERSION >= 70
-  dstinfo->jpeg_width = srcinfo->output_width;
-  dstinfo->jpeg_height = srcinfo->output_height;
-  dstinfo->min_DCT_h_scaled_size = srcinfo->min_DCT_h_scaled_size;
-  dstinfo->min_DCT_v_scaled_size = srcinfo->min_DCT_v_scaled_size;
-#endif
-  /* Initialize all parameters to default values */
-  jpeg_set_defaults(dstinfo);
-  /* jpeg_set_defaults may choose wrong colorspace, eg YCbCr if input is RGB.
-   * Fix it to get the right header markers for the image colorspace.
-   */
-  jpeg_set_colorspace(dstinfo, srcinfo->jpeg_color_space);
-  dstinfo->data_precision = srcinfo->data_precision;
-  dstinfo->CCIR601_sampling = srcinfo->CCIR601_sampling;
-  /* Copy the source's quantization tables. */
-  for (tblno = 0; tblno < NUM_QUANT_TBLS; tblno++) {
-    if (srcinfo->quant_tbl_ptrs[tblno] != NULL) {
-      qtblptr = &dstinfo->quant_tbl_ptrs[tblno];
-      if (*qtblptr == NULL)
-        *qtblptr = jpeg_alloc_quant_table((j_common_ptr)dstinfo);
-      MEMCOPY((*qtblptr)->quantval, srcinfo->quant_tbl_ptrs[tblno]->quantval,
-              sizeof((*qtblptr)->quantval));
-      (*qtblptr)->sent_table = FALSE;
-    }
-  }
-  /* Copy the source's per-component info.
-   * Note we assume jpeg_set_defaults has allocated the dest comp_info array.
-   */
-  dstinfo->num_components = srcinfo->num_components;
-  if (dstinfo->num_components < 1 || dstinfo->num_components > MAX_COMPONENTS)
-    ERREXIT2(dstinfo, JERR_COMPONENT_COUNT, dstinfo->num_components,
-             MAX_COMPONENTS);
-  for (ci = 0, incomp = srcinfo->comp_info, outcomp = dstinfo->comp_info;
-       ci < dstinfo->num_components; ci++, incomp++, outcomp++) {
-    outcomp->component_id = incomp->component_id;
-    outcomp->h_samp_factor = incomp->h_samp_factor;
-    outcomp->v_samp_factor = incomp->v_samp_factor;
-    outcomp->quant_tbl_no = incomp->quant_tbl_no;
-    /* Make sure saved quantization table for component matches the qtable
-     * slot.  If not, the input file re-used this qtable slot.
-     * IJG encoder currently cannot duplicate this.
-     */
-    tblno = outcomp->quant_tbl_no;
-    if (tblno < 0 || tblno >= NUM_QUANT_TBLS ||
-        srcinfo->quant_tbl_ptrs[tblno] == NULL)
-      ERREXIT1(dstinfo, JERR_NO_QUANT_TABLE, tblno);
-    slot_quant = srcinfo->quant_tbl_ptrs[tblno];
-    c_quant = incomp->quant_table;
-    if (c_quant != NULL) {
-      for (coefi = 0; coefi < DCTSIZE2; coefi++) {
-        if (c_quant->quantval[coefi] != slot_quant->quantval[coefi])
-          ERREXIT1(dstinfo, JERR_MISMATCHED_QUANT_TABLE, tblno);
-      }
-    }
-    /* Note: we do not copy the source's Huffman table assignments;
-     * instead we rely on jpeg_set_colorspace to have made a suitable choice.
-     */
-  }
-  /* Also copy JFIF version and resolution information, if available.
-   * Strictly speaking this isn't "critical" info, but it's nearly
-   * always appropriate to copy it if available.  In particular,
-   * if the application chooses to copy JFIF 1.02 extension markers from
-   * the source file, we need to copy the version to make sure we don't
-   * emit a file that has 1.02 extensions but a claimed version of 1.01.
-   * We will *not*, however, copy version info from mislabeled "2.01" files.
-   */
-  if (srcinfo->saw_JFIF_marker) {
-    if (srcinfo->JFIF_major_version == 1) {
-      dstinfo->JFIF_major_version = srcinfo->JFIF_major_version;
-      dstinfo->JFIF_minor_version = srcinfo->JFIF_minor_version;
-    }
-    dstinfo->density_unit = srcinfo->density_unit;
-    dstinfo->X_density = srcinfo->X_density;
-    dstinfo->Y_density = srcinfo->Y_density;
-  }
-}
-
-
-/*
- * Master selection of compression modules for transcoding.
- * This substitutes for jcinit.c's initialization of the full compressor.
- */
-
-LOCAL(void)
-transencode_master_selection(j_compress_ptr cinfo,
-                             jvirt_barray_ptr *coef_arrays)
-{
-  /* Although we don't actually use input_components for transcoding,
-   * jcmaster.c's initial_setup will complain if input_components is 0.
-   */
-  cinfo->input_components = 1;
-  /* Initialize master control (includes parameter checking/processing) */
-  jinit_c_master_control(cinfo, TRUE /* transcode only */);
-
-  /* Entropy encoding: either Huffman or arithmetic coding. */
-  if (cinfo->arith_code) {
-#ifdef C_ARITH_CODING_SUPPORTED
-    jinit_arith_encoder(cinfo);
-#else
-    ERREXIT(cinfo, JERR_ARITH_NOTIMPL);
-#endif
-  } else {
-    if (cinfo->progressive_mode) {
-#ifdef C_PROGRESSIVE_SUPPORTED
-      jinit_phuff_encoder(cinfo);
-#else
-      ERREXIT(cinfo, JERR_NOT_COMPILED);
-#endif
-    } else
-      jinit_huff_encoder(cinfo);
-  }
-
-  /* We need a special coefficient buffer controller. */
-  transencode_coef_controller(cinfo, coef_arrays);
-
-  jinit_marker_writer(cinfo);
-
-  /* We can now tell the memory manager to allocate virtual arrays. */
-  (*cinfo->mem->realize_virt_arrays) ((j_common_ptr)cinfo);
-
-  /* Write the datastream header (SOI, JFIF) immediately.
-   * Frame and scan headers are postponed till later.
-   * This lets application insert special markers after the SOI.
-   */
-  (*cinfo->marker->write_file_header) (cinfo);
-}
-
-
-/*
- * The rest of this file is a special implementation of the coefficient
- * buffer controller.  This is similar to jccoefct.c, but it handles only
- * output from presupplied virtual arrays.  Furthermore, we generate any
- * dummy padding blocks on-the-fly rather than expecting them to be present
- * in the arrays.
- */
-
-/* Private buffer controller object */
-
-typedef struct {
-  struct jpeg_c_coef_controller pub; /* public fields */
-
-  JDIMENSION iMCU_row_num;      /* iMCU row # within image */
-  JDIMENSION mcu_ctr;           /* counts MCUs processed in current row */
-  int MCU_vert_offset;          /* counts MCU rows within iMCU row */
-  int MCU_rows_per_iMCU_row;    /* number of such rows needed */
-
-  /* Virtual block array for each component. */
-  jvirt_barray_ptr *whole_image;
-
-  /* Workspace for constructing dummy blocks at right/bottom edges. */
-  JBLOCKROW dummy_buffer[C_MAX_BLOCKS_IN_MCU];
-} my_coef_controller;
-
-typedef my_coef_controller *my_coef_ptr;
-
-
-LOCAL(void)
-start_iMCU_row(j_compress_ptr cinfo)
-/* Reset within-iMCU-row counters for a new row */
-{
-  my_coef_ptr coef = (my_coef_ptr)cinfo->coef;
-
-  /* In an interleaved scan, an MCU row is the same as an iMCU row.
-   * In a noninterleaved scan, an iMCU row has v_samp_factor MCU rows.
-   * But at the bottom of the image, process only what's left.
-   */
-  if (cinfo->comps_in_scan > 1) {
-    coef->MCU_rows_per_iMCU_row = 1;
-  } else {
-    if (coef->iMCU_row_num < (cinfo->total_iMCU_rows - 1))
-      coef->MCU_rows_per_iMCU_row = cinfo->cur_comp_info[0]->v_samp_factor;
-    else
-      coef->MCU_rows_per_iMCU_row = cinfo->cur_comp_info[0]->last_row_height;
-  }
-
-  coef->mcu_ctr = 0;
-  coef->MCU_vert_offset = 0;
-}
-
-
-/*
- * Initialize for a processing pass.
- */
-
-METHODDEF(void)
-start_pass_coef(j_compress_ptr cinfo, J_BUF_MODE pass_mode)
-{
-  my_coef_ptr coef = (my_coef_ptr)cinfo->coef;
-
-  if (pass_mode != JBUF_CRANK_DEST)
-    ERREXIT(cinfo, JERR_BAD_BUFFER_MODE);
-
-  coef->iMCU_row_num = 0;
-  start_iMCU_row(cinfo);
-}
-
-
-/*
- * Process some data.
- * We process the equivalent of one fully interleaved MCU row ("iMCU" row)
- * per call, ie, v_samp_factor block rows for each component in the scan.
- * The data is obtained from the virtual arrays and fed to the entropy coder.
- * Returns TRUE if the iMCU row is completed, FALSE if suspended.
- *
- * NB: input_buf is ignored; it is likely to be a NULL pointer.
- */
-
-METHODDEF(boolean)
-compress_output(j_compress_ptr cinfo, JSAMPIMAGE input_buf)
-{
-  my_coef_ptr coef = (my_coef_ptr)cinfo->coef;
-  JDIMENSION MCU_col_num;       /* index of current MCU within row */
-  JDIMENSION last_MCU_col = cinfo->MCUs_per_row - 1;
-  JDIMENSION last_iMCU_row = cinfo->total_iMCU_rows - 1;
-  int blkn, ci, xindex, yindex, yoffset, blockcnt;
-  JDIMENSION start_col;
-  JBLOCKARRAY buffer[MAX_COMPS_IN_SCAN];
-  JBLOCKROW MCU_buffer[C_MAX_BLOCKS_IN_MCU];
-  JBLOCKROW buffer_ptr;
-  jpeg_component_info *compptr;
-
-  /* Align the virtual buffers for the components used in this scan. */
-  for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-    compptr = cinfo->cur_comp_info[ci];
-    buffer[ci] = (*cinfo->mem->access_virt_barray)
-      ((j_common_ptr)cinfo, coef->whole_image[compptr->component_index],
-       coef->iMCU_row_num * compptr->v_samp_factor,
-       (JDIMENSION)compptr->v_samp_factor, FALSE);
-  }
-
-  /* Loop to process one whole iMCU row */
-  for (yoffset = coef->MCU_vert_offset; yoffset < coef->MCU_rows_per_iMCU_row;
-       yoffset++) {
-    for (MCU_col_num = coef->mcu_ctr; MCU_col_num < cinfo->MCUs_per_row;
-         MCU_col_num++) {
-      /* Construct list of pointers to DCT blocks belonging to this MCU */
-      blkn = 0;                 /* index of current DCT block within MCU */
-      for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-        compptr = cinfo->cur_comp_info[ci];
-        start_col = MCU_col_num * compptr->MCU_width;
-        blockcnt = (MCU_col_num < last_MCU_col) ? compptr->MCU_width :
-                                                  compptr->last_col_width;
-        for (yindex = 0; yindex < compptr->MCU_height; yindex++) {
-          if (coef->iMCU_row_num < last_iMCU_row ||
-              yindex + yoffset < compptr->last_row_height) {
-            /* Fill in pointers to real blocks in this row */
-            buffer_ptr = buffer[ci][yindex + yoffset] + start_col;
-            for (xindex = 0; xindex < blockcnt; xindex++)
-              MCU_buffer[blkn++] = buffer_ptr++;
-          } else {
-            /* At bottom of image, need a whole row of dummy blocks */
-            xindex = 0;
-          }
-          /* Fill in any dummy blocks needed in this row.
-           * Dummy blocks are filled in the same way as in jccoefct.c:
-           * all zeroes in the AC entries, DC entries equal to previous
-           * block's DC value.  The init routine has already zeroed the
-           * AC entries, so we need only set the DC entries correctly.
-           */
-          for (; xindex < compptr->MCU_width; xindex++) {
-            MCU_buffer[blkn] = coef->dummy_buffer[blkn];
-            MCU_buffer[blkn][0][0] = MCU_buffer[blkn - 1][0][0];
-            blkn++;
-          }
-        }
-      }
-      /* Try to write the MCU. */
-      if (!(*cinfo->entropy->encode_mcu) (cinfo, MCU_buffer)) {
-        /* Suspension forced; update state counters and exit */
-        coef->MCU_vert_offset = yoffset;
-        coef->mcu_ctr = MCU_col_num;
-        return FALSE;
-      }
-    }
-    /* Completed an MCU row, but perhaps not an iMCU row */
-    coef->mcu_ctr = 0;
-  }
-  /* Completed the iMCU row, advance counters for next one */
-  coef->iMCU_row_num++;
-  start_iMCU_row(cinfo);
-  return TRUE;
-}
-
-
-/*
- * Initialize coefficient buffer controller.
- *
- * Each passed coefficient array must be the right size for that
- * coefficient: width_in_blocks wide and height_in_blocks high,
- * with unitheight at least v_samp_factor.
- */
-
-LOCAL(void)
-transencode_coef_controller(j_compress_ptr cinfo,
-                            jvirt_barray_ptr *coef_arrays)
-{
-  my_coef_ptr coef;
-  JBLOCKROW buffer;
-  int i;
-
-  coef = (my_coef_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(my_coef_controller));
-  cinfo->coef = (struct jpeg_c_coef_controller *)coef;
-  coef->pub.start_pass = start_pass_coef;
-  coef->pub.compress_data = compress_output;
-
-  /* Save pointer to virtual arrays */
-  coef->whole_image = coef_arrays;
-
-  /* Allocate and pre-zero space for dummy DCT blocks. */
-  buffer = (JBLOCKROW)
-    (*cinfo->mem->alloc_large) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                C_MAX_BLOCKS_IN_MCU * sizeof(JBLOCK));
-  jzero_far((void *)buffer, C_MAX_BLOCKS_IN_MCU * sizeof(JBLOCK));
-  for (i = 0; i < C_MAX_BLOCKS_IN_MCU; i++) {
-    coef->dummy_buffer[i] = buffer + i;
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdapimin.c b/3rdparty/libjpeg-turbo_2_1_0/jdapimin.c
deleted file mode 100644
index 21a41d2..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdapimin.c
+++ /dev/null
@@ -1,407 +0,0 @@
-/*
- * jdapimin.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1998, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2016, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains application interface code for the decompression half
- * of the JPEG library.  These are the "minimum" API routines that may be
- * needed in either the normal full-decompression case or the
- * transcoding-only case.
- *
- * Most of the routines intended to be called directly by an application
- * are in this file or in jdapistd.c.  But also see jcomapi.c for routines
- * shared by compression and decompression, and jdtrans.c for the transcoding
- * case.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jdmaster.h"
-
-
-/*
- * Initialization of a JPEG decompression object.
- * The error manager must already be set up (in case memory manager fails).
- */
-
-GLOBAL(void)
-jpeg_CreateDecompress(j_decompress_ptr cinfo, int version, size_t structsize)
-{
-  int i;
-
-  /* Guard against version mismatches between library and caller. */
-  cinfo->mem = NULL;            /* so jpeg_destroy knows mem mgr not called */
-  if (version != JPEG_LIB_VERSION)
-    ERREXIT2(cinfo, JERR_BAD_LIB_VERSION, JPEG_LIB_VERSION, version);
-  if (structsize != sizeof(struct jpeg_decompress_struct))
-    ERREXIT2(cinfo, JERR_BAD_STRUCT_SIZE,
-             (int)sizeof(struct jpeg_decompress_struct), (int)structsize);
-
-  /* For debugging purposes, we zero the whole master structure.
-   * But the application has already set the err pointer, and may have set
-   * client_data, so we have to save and restore those fields.
-   * Note: if application hasn't set client_data, tools like Purify may
-   * complain here.
-   */
-  {
-    struct jpeg_error_mgr *err = cinfo->err;
-    void *client_data = cinfo->client_data; /* ignore Purify complaint here */
-    MEMZERO(cinfo, sizeof(struct jpeg_decompress_struct));
-    cinfo->err = err;
-    cinfo->client_data = client_data;
-  }
-  cinfo->is_decompressor = TRUE;
-
-  /* Initialize a memory manager instance for this object */
-  jinit_memory_mgr((j_common_ptr)cinfo);
-
-  /* Zero out pointers to permanent structures. */
-  cinfo->progress = NULL;
-  cinfo->src = NULL;
-
-  for (i = 0; i < NUM_QUANT_TBLS; i++)
-    cinfo->quant_tbl_ptrs[i] = NULL;
-
-  for (i = 0; i < NUM_HUFF_TBLS; i++) {
-    cinfo->dc_huff_tbl_ptrs[i] = NULL;
-    cinfo->ac_huff_tbl_ptrs[i] = NULL;
-  }
-
-  /* Initialize marker processor so application can override methods
-   * for COM, APPn markers before calling jpeg_read_header.
-   */
-  cinfo->marker_list = NULL;
-  jinit_marker_reader(cinfo);
-
-  /* And initialize the overall input controller. */
-  jinit_input_controller(cinfo);
-
-  /* OK, I'm ready */
-  cinfo->global_state = DSTATE_START;
-
-  /* The master struct is used to store extension parameters, so we allocate it
-   * here.
-   */
-  cinfo->master = (struct jpeg_decomp_master *)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_PERMANENT,
-                                sizeof(my_decomp_master));
-  MEMZERO(cinfo->master, sizeof(my_decomp_master));
-}
-
-
-/*
- * Destruction of a JPEG decompression object
- */
-
-GLOBAL(void)
-jpeg_destroy_decompress(j_decompress_ptr cinfo)
-{
-  jpeg_destroy((j_common_ptr)cinfo); /* use common routine */
-}
-
-
-/*
- * Abort processing of a JPEG decompression operation,
- * but don't destroy the object itself.
- */
-
-GLOBAL(void)
-jpeg_abort_decompress(j_decompress_ptr cinfo)
-{
-  jpeg_abort((j_common_ptr)cinfo); /* use common routine */
-}
-
-
-/*
- * Set default decompression parameters.
- */
-
-LOCAL(void)
-default_decompress_parms(j_decompress_ptr cinfo)
-{
-  /* Guess the input colorspace, and set output colorspace accordingly. */
-  /* (Wish JPEG committee had provided a real way to specify this...) */
-  /* Note application may override our guesses. */
-  switch (cinfo->num_components) {
-  case 1:
-    cinfo->jpeg_color_space = JCS_GRAYSCALE;
-    cinfo->out_color_space = JCS_GRAYSCALE;
-    break;
-
-  case 3:
-    if (cinfo->saw_JFIF_marker) {
-      cinfo->jpeg_color_space = JCS_YCbCr; /* JFIF implies YCbCr */
-    } else if (cinfo->saw_Adobe_marker) {
-      switch (cinfo->Adobe_transform) {
-      case 0:
-        cinfo->jpeg_color_space = JCS_RGB;
-        break;
-      case 1:
-        cinfo->jpeg_color_space = JCS_YCbCr;
-        break;
-      default:
-        WARNMS1(cinfo, JWRN_ADOBE_XFORM, cinfo->Adobe_transform);
-        cinfo->jpeg_color_space = JCS_YCbCr; /* assume it's YCbCr */
-        break;
-      }
-    } else {
-      /* Saw no special markers, try to guess from the component IDs */
-      int cid0 = cinfo->comp_info[0].component_id;
-      int cid1 = cinfo->comp_info[1].component_id;
-      int cid2 = cinfo->comp_info[2].component_id;
-
-      if (cid0 == 1 && cid1 == 2 && cid2 == 3)
-        cinfo->jpeg_color_space = JCS_YCbCr; /* assume JFIF w/out marker */
-      else if (cid0 == 82 && cid1 == 71 && cid2 == 66)
-        cinfo->jpeg_color_space = JCS_RGB; /* ASCII 'R', 'G', 'B' */
-      else {
-        TRACEMS3(cinfo, 1, JTRC_UNKNOWN_IDS, cid0, cid1, cid2);
-        cinfo->jpeg_color_space = JCS_YCbCr; /* assume it's YCbCr */
-      }
-    }
-    /* Always guess RGB is proper output colorspace. */
-    cinfo->out_color_space = JCS_RGB;
-    break;
-
-  case 4:
-    if (cinfo->saw_Adobe_marker) {
-      switch (cinfo->Adobe_transform) {
-      case 0:
-        cinfo->jpeg_color_space = JCS_CMYK;
-        break;
-      case 2:
-        cinfo->jpeg_color_space = JCS_YCCK;
-        break;
-      default:
-        WARNMS1(cinfo, JWRN_ADOBE_XFORM, cinfo->Adobe_transform);
-        cinfo->jpeg_color_space = JCS_YCCK; /* assume it's YCCK */
-        break;
-      }
-    } else {
-      /* No special markers, assume straight CMYK. */
-      cinfo->jpeg_color_space = JCS_CMYK;
-    }
-    cinfo->out_color_space = JCS_CMYK;
-    break;
-
-  default:
-    cinfo->jpeg_color_space = JCS_UNKNOWN;
-    cinfo->out_color_space = JCS_UNKNOWN;
-    break;
-  }
-
-  /* Set defaults for other decompression parameters. */
-  cinfo->scale_num = 1;         /* 1:1 scaling */
-  cinfo->scale_denom = 1;
-  cinfo->output_gamma = 1.0;
-  cinfo->buffered_image = FALSE;
-  cinfo->raw_data_out = FALSE;
-  cinfo->dct_method = JDCT_DEFAULT;
-  cinfo->do_fancy_upsampling = TRUE;
-  cinfo->do_block_smoothing = TRUE;
-  cinfo->quantize_colors = FALSE;
-  /* We set these in case application only sets quantize_colors. */
-  cinfo->dither_mode = JDITHER_FS;
-#ifdef QUANT_2PASS_SUPPORTED
-  cinfo->two_pass_quantize = TRUE;
-#else
-  cinfo->two_pass_quantize = FALSE;
-#endif
-  cinfo->desired_number_of_colors = 256;
-  cinfo->colormap = NULL;
-  /* Initialize for no mode change in buffered-image mode. */
-  cinfo->enable_1pass_quant = FALSE;
-  cinfo->enable_external_quant = FALSE;
-  cinfo->enable_2pass_quant = FALSE;
-}
-
-
-/*
- * Decompression startup: read start of JPEG datastream to see what's there.
- * Need only initialize JPEG object and supply a data source before calling.
- *
- * This routine will read as far as the first SOS marker (ie, actual start of
- * compressed data), and will save all tables and parameters in the JPEG
- * object.  It will also initialize the decompression parameters to default
- * values, and finally return JPEG_HEADER_OK.  On return, the application may
- * adjust the decompression parameters and then call jpeg_start_decompress.
- * (Or, if the application only wanted to determine the image parameters,
- * the data need not be decompressed.  In that case, call jpeg_abort or
- * jpeg_destroy to release any temporary space.)
- * If an abbreviated (tables only) datastream is presented, the routine will
- * return JPEG_HEADER_TABLES_ONLY upon reaching EOI.  The application may then
- * re-use the JPEG object to read the abbreviated image datastream(s).
- * It is unnecessary (but OK) to call jpeg_abort in this case.
- * The JPEG_SUSPENDED return code only occurs if the data source module
- * requests suspension of the decompressor.  In this case the application
- * should load more source data and then re-call jpeg_read_header to resume
- * processing.
- * If a non-suspending data source is used and require_image is TRUE, then the
- * return code need not be inspected since only JPEG_HEADER_OK is possible.
- *
- * This routine is now just a front end to jpeg_consume_input, with some
- * extra error checking.
- */
-
-GLOBAL(int)
-jpeg_read_header(j_decompress_ptr cinfo, boolean require_image)
-{
-  int retcode;
-
-  if (cinfo->global_state != DSTATE_START &&
-      cinfo->global_state != DSTATE_INHEADER)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-
-  retcode = jpeg_consume_input(cinfo);
-
-  switch (retcode) {
-  case JPEG_REACHED_SOS:
-    retcode = JPEG_HEADER_OK;
-    break;
-  case JPEG_REACHED_EOI:
-    if (require_image)          /* Complain if application wanted an image */
-      ERREXIT(cinfo, JERR_NO_IMAGE);
-    /* Reset to start state; it would be safer to require the application to
-     * call jpeg_abort, but we can't change it now for compatibility reasons.
-     * A side effect is to free any temporary memory (there shouldn't be any).
-     */
-    jpeg_abort((j_common_ptr)cinfo); /* sets state = DSTATE_START */
-    retcode = JPEG_HEADER_TABLES_ONLY;
-    break;
-  case JPEG_SUSPENDED:
-    /* no work */
-    break;
-  }
-
-  return retcode;
-}
-
-
-/*
- * Consume data in advance of what the decompressor requires.
- * This can be called at any time once the decompressor object has
- * been created and a data source has been set up.
- *
- * This routine is essentially a state machine that handles a couple
- * of critical state-transition actions, namely initial setup and
- * transition from header scanning to ready-for-start_decompress.
- * All the actual input is done via the input controller's consume_input
- * method.
- */
-
-GLOBAL(int)
-jpeg_consume_input(j_decompress_ptr cinfo)
-{
-  int retcode = JPEG_SUSPENDED;
-
-  /* NB: every possible DSTATE value should be listed in this switch */
-  switch (cinfo->global_state) {
-  case DSTATE_START:
-    /* Start-of-datastream actions: reset appropriate modules */
-    (*cinfo->inputctl->reset_input_controller) (cinfo);
-    /* Initialize application's data source module */
-    (*cinfo->src->init_source) (cinfo);
-    cinfo->global_state = DSTATE_INHEADER;
-    /*FALLTHROUGH*/
-  case DSTATE_INHEADER:
-    retcode = (*cinfo->inputctl->consume_input) (cinfo);
-    if (retcode == JPEG_REACHED_SOS) { /* Found SOS, prepare to decompress */
-      /* Set up default parameters based on header data */
-      default_decompress_parms(cinfo);
-      /* Set global state: ready for start_decompress */
-      cinfo->global_state = DSTATE_READY;
-    }
-    break;
-  case DSTATE_READY:
-    /* Can't advance past first SOS until start_decompress is called */
-    retcode = JPEG_REACHED_SOS;
-    break;
-  case DSTATE_PRELOAD:
-  case DSTATE_PRESCAN:
-  case DSTATE_SCANNING:
-  case DSTATE_RAW_OK:
-  case DSTATE_BUFIMAGE:
-  case DSTATE_BUFPOST:
-  case DSTATE_STOPPING:
-    retcode = (*cinfo->inputctl->consume_input) (cinfo);
-    break;
-  default:
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-  }
-  return retcode;
-}
-
-
-/*
- * Have we finished reading the input file?
- */
-
-GLOBAL(boolean)
-jpeg_input_complete(j_decompress_ptr cinfo)
-{
-  /* Check for valid jpeg object */
-  if (cinfo->global_state < DSTATE_START ||
-      cinfo->global_state > DSTATE_STOPPING)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-  return cinfo->inputctl->eoi_reached;
-}
-
-
-/*
- * Is there more than one scan?
- */
-
-GLOBAL(boolean)
-jpeg_has_multiple_scans(j_decompress_ptr cinfo)
-{
-  /* Only valid after jpeg_read_header completes */
-  if (cinfo->global_state < DSTATE_READY ||
-      cinfo->global_state > DSTATE_STOPPING)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-  return cinfo->inputctl->has_multiple_scans;
-}
-
-
-/*
- * Finish JPEG decompression.
- *
- * This will normally just verify the file trailer and release temp storage.
- *
- * Returns FALSE if suspended.  The return value need be inspected only if
- * a suspending data source is used.
- */
-
-GLOBAL(boolean)
-jpeg_finish_decompress(j_decompress_ptr cinfo)
-{
-  if ((cinfo->global_state == DSTATE_SCANNING ||
-       cinfo->global_state == DSTATE_RAW_OK) && !cinfo->buffered_image) {
-    /* Terminate final pass of non-buffered mode */
-    if (cinfo->output_scanline < cinfo->output_height)
-      ERREXIT(cinfo, JERR_TOO_LITTLE_DATA);
-    (*cinfo->master->finish_output_pass) (cinfo);
-    cinfo->global_state = DSTATE_STOPPING;
-  } else if (cinfo->global_state == DSTATE_BUFIMAGE) {
-    /* Finishing after a buffered-image operation */
-    cinfo->global_state = DSTATE_STOPPING;
-  } else if (cinfo->global_state != DSTATE_STOPPING) {
-    /* STOPPING = repeat call after a suspension, anything else is error */
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-  }
-  /* Read until EOI */
-  while (!cinfo->inputctl->eoi_reached) {
-    if ((*cinfo->inputctl->consume_input) (cinfo) == JPEG_SUSPENDED)
-      return FALSE;             /* Suspend, come back later */
-  }
-  /* Do final cleanup */
-  (*cinfo->src->term_source) (cinfo);
-  /* We can use jpeg_abort to release memory and reset global_state */
-  jpeg_abort((j_common_ptr)cinfo);
-  return TRUE;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdapistd.c b/3rdparty/libjpeg-turbo_2_1_0/jdapistd.c
deleted file mode 100644
index 695a620..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdapistd.c
+++ /dev/null
@@ -1,674 +0,0 @@
-/*
- * jdapistd.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2010, 2015-2020, D. R. Commander.
- * Copyright (C) 2015, Google, Inc.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains application interface code for the decompression half
- * of the JPEG library.  These are the "standard" API routines that are
- * used in the normal full-decompression case.  They are not used by a
- * transcoding-only application.  Note that if an application links in
- * jpeg_start_decompress, it will end up linking in the entire decompressor.
- * We thus must separate this file from jdapimin.c to avoid linking the
- * whole decompression library into a transcoder.
- */
-
-#include "jinclude.h"
-#include "jdmainct.h"
-#include "jdcoefct.h"
-#include "jdmaster.h"
-#include "jdmerge.h"
-#include "jdsample.h"
-#include "jmemsys.h"
-
-/* Forward declarations */
-LOCAL(boolean) output_pass_setup(j_decompress_ptr cinfo);
-
-
-/*
- * Decompression initialization.
- * jpeg_read_header must be completed before calling this.
- *
- * If a multipass operating mode was selected, this will do all but the
- * last pass, and thus may take a great deal of time.
- *
- * Returns FALSE if suspended.  The return value need be inspected only if
- * a suspending data source is used.
- */
-
-GLOBAL(boolean)
-jpeg_start_decompress(j_decompress_ptr cinfo)
-{
-  if (cinfo->global_state == DSTATE_READY) {
-    /* First call: initialize master control, select active modules */
-    jinit_master_decompress(cinfo);
-    if (cinfo->buffered_image) {
-      /* No more work here; expecting jpeg_start_output next */
-      cinfo->global_state = DSTATE_BUFIMAGE;
-      return TRUE;
-    }
-    cinfo->global_state = DSTATE_PRELOAD;
-  }
-  if (cinfo->global_state == DSTATE_PRELOAD) {
-    /* If file has multiple scans, absorb them all into the coef buffer */
-    if (cinfo->inputctl->has_multiple_scans) {
-#ifdef D_MULTISCAN_FILES_SUPPORTED
-      for (;;) {
-        int retcode;
-        /* Call progress monitor hook if present */
-        if (cinfo->progress != NULL)
-          (*cinfo->progress->progress_monitor) ((j_common_ptr)cinfo);
-        /* Absorb some more input */
-        retcode = (*cinfo->inputctl->consume_input) (cinfo);
-        if (retcode == JPEG_SUSPENDED)
-          return FALSE;
-        if (retcode == JPEG_REACHED_EOI)
-          break;
-        /* Advance progress counter if appropriate */
-        if (cinfo->progress != NULL &&
-            (retcode == JPEG_ROW_COMPLETED || retcode == JPEG_REACHED_SOS)) {
-          if (++cinfo->progress->pass_counter >= cinfo->progress->pass_limit) {
-            /* jdmaster underestimated number of scans; ratchet up one scan */
-            cinfo->progress->pass_limit += (long)cinfo->total_iMCU_rows;
-          }
-        }
-      }
-#else
-      ERREXIT(cinfo, JERR_NOT_COMPILED);
-#endif /* D_MULTISCAN_FILES_SUPPORTED */
-    }
-    cinfo->output_scan_number = cinfo->input_scan_number;
-  } else if (cinfo->global_state != DSTATE_PRESCAN)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-  /* Perform any dummy output passes, and set up for the final pass */
-  return output_pass_setup(cinfo);
-}
-
-
-/*
- * Set up for an output pass, and perform any dummy pass(es) needed.
- * Common subroutine for jpeg_start_decompress and jpeg_start_output.
- * Entry: global_state = DSTATE_PRESCAN only if previously suspended.
- * Exit: If done, returns TRUE and sets global_state for proper output mode.
- *       If suspended, returns FALSE and sets global_state = DSTATE_PRESCAN.
- */
-
-LOCAL(boolean)
-output_pass_setup(j_decompress_ptr cinfo)
-{
-  if (cinfo->global_state != DSTATE_PRESCAN) {
-    /* First call: do pass setup */
-    (*cinfo->master->prepare_for_output_pass) (cinfo);
-    cinfo->output_scanline = 0;
-    cinfo->global_state = DSTATE_PRESCAN;
-  }
-  /* Loop over any required dummy passes */
-  while (cinfo->master->is_dummy_pass) {
-#ifdef QUANT_2PASS_SUPPORTED
-    /* Crank through the dummy pass */
-    while (cinfo->output_scanline < cinfo->output_height) {
-      JDIMENSION last_scanline;
-      /* Call progress monitor hook if present */
-      if (cinfo->progress != NULL) {
-        cinfo->progress->pass_counter = (long)cinfo->output_scanline;
-        cinfo->progress->pass_limit = (long)cinfo->output_height;
-        (*cinfo->progress->progress_monitor) ((j_common_ptr)cinfo);
-      }
-      /* Process some data */
-      last_scanline = cinfo->output_scanline;
-      (*cinfo->main->process_data) (cinfo, (JSAMPARRAY)NULL,
-                                    &cinfo->output_scanline, (JDIMENSION)0);
-      if (cinfo->output_scanline == last_scanline)
-        return FALSE;           /* No progress made, must suspend */
-    }
-    /* Finish up dummy pass, and set up for another one */
-    (*cinfo->master->finish_output_pass) (cinfo);
-    (*cinfo->master->prepare_for_output_pass) (cinfo);
-    cinfo->output_scanline = 0;
-#else
-    ERREXIT(cinfo, JERR_NOT_COMPILED);
-#endif /* QUANT_2PASS_SUPPORTED */
-  }
-  /* Ready for application to drive output pass through
-   * jpeg_read_scanlines or jpeg_read_raw_data.
-   */
-  cinfo->global_state = cinfo->raw_data_out ? DSTATE_RAW_OK : DSTATE_SCANNING;
-  return TRUE;
-}
-
-
-/*
- * Enable partial scanline decompression
- *
- * Must be called after jpeg_start_decompress() and before any calls to
- * jpeg_read_scanlines() or jpeg_skip_scanlines().
- *
- * Refer to libjpeg.txt for more information.
- */
-
-GLOBAL(void)
-jpeg_crop_scanline(j_decompress_ptr cinfo, JDIMENSION *xoffset,
-                   JDIMENSION *width)
-{
-  int ci, align, orig_downsampled_width;
-  JDIMENSION input_xoffset;
-  boolean reinit_upsampler = FALSE;
-  jpeg_component_info *compptr;
-
-  if (cinfo->global_state != DSTATE_SCANNING || cinfo->output_scanline != 0)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-
-  if (!xoffset || !width)
-    ERREXIT(cinfo, JERR_BAD_CROP_SPEC);
-
-  /* xoffset and width must fall within the output image dimensions. */
-  if (*width == 0 || *xoffset + *width > cinfo->output_width)
-    ERREXIT(cinfo, JERR_WIDTH_OVERFLOW);
-
-  /* No need to do anything if the caller wants the entire width. */
-  if (*width == cinfo->output_width)
-    return;
-
-  /* Ensuring the proper alignment of xoffset is tricky.  At minimum, it
-   * must align with an MCU boundary, because:
-   *
-   *   (1) The IDCT is performed in blocks, and it is not feasible to modify
-   *       the algorithm so that it can transform partial blocks.
-   *   (2) Because of the SIMD extensions, any input buffer passed to the
-   *       upsampling and color conversion routines must be aligned to the
-   *       SIMD word size (for instance, 128-bit in the case of SSE2.)  The
-   *       easiest way to accomplish this without copying data is to ensure
-   *       that upsampling and color conversion begin at the start of the
-   *       first MCU column that will be inverse transformed.
-   *
-   * In practice, we actually impose a stricter alignment requirement.  We
-   * require that xoffset be a multiple of the maximum MCU column width of all
-   * of the components (the "iMCU column width.")  This is to simplify the
-   * single-pass decompression case, allowing us to use the same MCU column
-   * width for all of the components.
-   */
-  if (cinfo->comps_in_scan == 1 && cinfo->num_components == 1)
-    align = cinfo->_min_DCT_scaled_size;
-  else
-    align = cinfo->_min_DCT_scaled_size * cinfo->max_h_samp_factor;
-
-  /* Adjust xoffset to the nearest iMCU boundary <= the requested value */
-  input_xoffset = *xoffset;
-  *xoffset = (input_xoffset / align) * align;
-
-  /* Adjust the width so that the right edge of the output image is as
-   * requested (only the left edge is altered.)  It is important that calling
-   * programs check this value after this function returns, so that they can
-   * allocate an output buffer with the appropriate size.
-   */
-  *width = *width + input_xoffset - *xoffset;
-  cinfo->output_width = *width;
-
-  /* Set the first and last iMCU columns that we must decompress.  These values
-   * will be used in single-scan decompressions.
-   */
-  cinfo->master->first_iMCU_col = (JDIMENSION)(long)(*xoffset) / (long)align;
-  cinfo->master->last_iMCU_col =
-    (JDIMENSION)jdiv_round_up((long)(*xoffset + cinfo->output_width),
-                              (long)align) - 1;
-
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    int hsf = (cinfo->comps_in_scan == 1 && cinfo->num_components == 1) ?
-              1 : compptr->h_samp_factor;
-
-    /* Set downsampled_width to the new output width. */
-    orig_downsampled_width = compptr->downsampled_width;
-    compptr->downsampled_width =
-      (JDIMENSION)jdiv_round_up((long)(cinfo->output_width *
-                                       compptr->h_samp_factor),
-                                (long)cinfo->max_h_samp_factor);
-    if (compptr->downsampled_width < 2 && orig_downsampled_width >= 2)
-      reinit_upsampler = TRUE;
-
-    /* Set the first and last iMCU columns that we must decompress.  These
-     * values will be used in multi-scan decompressions.
-     */
-    cinfo->master->first_MCU_col[ci] =
-      (JDIMENSION)(long)(*xoffset * hsf) / (long)align;
-    cinfo->master->last_MCU_col[ci] =
-      (JDIMENSION)jdiv_round_up((long)((*xoffset + cinfo->output_width) * hsf),
-                                (long)align) - 1;
-  }
-
-  if (reinit_upsampler) {
-    cinfo->master->jinit_upsampler_no_alloc = TRUE;
-    jinit_upsampler(cinfo);
-    cinfo->master->jinit_upsampler_no_alloc = FALSE;
-  }
-}
-
-
-/*
- * Read some scanlines of data from the JPEG decompressor.
- *
- * The return value will be the number of lines actually read.
- * This may be less than the number requested in several cases,
- * including bottom of image, data source suspension, and operating
- * modes that emit multiple scanlines at a time.
- *
- * Note: we warn about excess calls to jpeg_read_scanlines() since
- * this likely signals an application programmer error.  However,
- * an oversize buffer (max_lines > scanlines remaining) is not an error.
- */
-
-GLOBAL(JDIMENSION)
-jpeg_read_scanlines(j_decompress_ptr cinfo, JSAMPARRAY scanlines,
-                    JDIMENSION max_lines)
-{
-  JDIMENSION row_ctr;
-
-  if (cinfo->global_state != DSTATE_SCANNING)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-  if (cinfo->output_scanline >= cinfo->output_height) {
-    WARNMS(cinfo, JWRN_TOO_MUCH_DATA);
-    return 0;
-  }
-
-  /* Call progress monitor hook if present */
-  if (cinfo->progress != NULL) {
-    cinfo->progress->pass_counter = (long)cinfo->output_scanline;
-    cinfo->progress->pass_limit = (long)cinfo->output_height;
-    (*cinfo->progress->progress_monitor) ((j_common_ptr)cinfo);
-  }
-
-  /* Process some data */
-  row_ctr = 0;
-  (*cinfo->main->process_data) (cinfo, scanlines, &row_ctr, max_lines);
-  cinfo->output_scanline += row_ctr;
-  return row_ctr;
-}
-
-
-/* Dummy color convert function used by jpeg_skip_scanlines() */
-LOCAL(void)
-noop_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-             JDIMENSION input_row, JSAMPARRAY output_buf, int num_rows)
-{
-}
-
-
-/* Dummy quantize function used by jpeg_skip_scanlines() */
-LOCAL(void)
-noop_quantize(j_decompress_ptr cinfo, JSAMPARRAY input_buf,
-              JSAMPARRAY output_buf, int num_rows)
-{
-}
-
-
-/*
- * In some cases, it is best to call jpeg_read_scanlines() and discard the
- * output, rather than skipping the scanlines, because this allows us to
- * maintain the internal state of the context-based upsampler.  In these cases,
- * we set up and tear down a dummy color converter in order to avoid valgrind
- * errors and to achieve the best possible performance.
- */
-
-LOCAL(void)
-read_and_discard_scanlines(j_decompress_ptr cinfo, JDIMENSION num_lines)
-{
-  JDIMENSION n;
-  my_master_ptr master = (my_master_ptr)cinfo->master;
-  JSAMPLE dummy_sample[1] = { 0 };
-  JSAMPROW dummy_row = dummy_sample;
-  JSAMPARRAY scanlines = NULL;
-  void (*color_convert) (j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                         JDIMENSION input_row, JSAMPARRAY output_buf,
-                         int num_rows) = NULL;
-  void (*color_quantize) (j_decompress_ptr cinfo, JSAMPARRAY input_buf,
-                          JSAMPARRAY output_buf, int num_rows) = NULL;
-
-  if (cinfo->cconvert && cinfo->cconvert->color_convert) {
-    color_convert = cinfo->cconvert->color_convert;
-    cinfo->cconvert->color_convert = noop_convert;
-    /* This just prevents UBSan from complaining about adding 0 to a NULL
-     * pointer.  The pointer isn't actually used.
-     */
-    scanlines = &dummy_row;
-  }
-
-  if (cinfo->cquantize && cinfo->cquantize->color_quantize) {
-    color_quantize = cinfo->cquantize->color_quantize;
-    cinfo->cquantize->color_quantize = noop_quantize;
-  }
-
-  if (master->using_merged_upsample && cinfo->max_v_samp_factor == 2) {
-    my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
-    scanlines = &upsample->spare_row;
-  }
-
-  for (n = 0; n < num_lines; n++)
-    jpeg_read_scanlines(cinfo, scanlines, 1);
-
-  if (color_convert)
-    cinfo->cconvert->color_convert = color_convert;
-
-  if (color_quantize)
-    cinfo->cquantize->color_quantize = color_quantize;
-}
-
-
-/*
- * Called by jpeg_skip_scanlines().  This partially skips a decompress block by
- * incrementing the rowgroup counter.
- */
-
-LOCAL(void)
-increment_simple_rowgroup_ctr(j_decompress_ptr cinfo, JDIMENSION rows)
-{
-  JDIMENSION rows_left;
-  my_main_ptr main_ptr = (my_main_ptr)cinfo->main;
-  my_master_ptr master = (my_master_ptr)cinfo->master;
-
-  if (master->using_merged_upsample && cinfo->max_v_samp_factor == 2) {
-    read_and_discard_scanlines(cinfo, rows);
-    return;
-  }
-
-  /* Increment the counter to the next row group after the skipped rows. */
-  main_ptr->rowgroup_ctr += rows / cinfo->max_v_samp_factor;
-
-  /* Partially skipping a row group would involve modifying the internal state
-   * of the upsampler, so read the remaining rows into a dummy buffer instead.
-   */
-  rows_left = rows % cinfo->max_v_samp_factor;
-  cinfo->output_scanline += rows - rows_left;
-
-  read_and_discard_scanlines(cinfo, rows_left);
-}
-
-/*
- * Skips some scanlines of data from the JPEG decompressor.
- *
- * The return value will be the number of lines actually skipped.  If skipping
- * num_lines would move beyond the end of the image, then the actual number of
- * lines remaining in the image is returned.  Otherwise, the return value will
- * be equal to num_lines.
- *
- * Refer to libjpeg.txt for more information.
- */
-
-GLOBAL(JDIMENSION)
-jpeg_skip_scanlines(j_decompress_ptr cinfo, JDIMENSION num_lines)
-{
-  my_main_ptr main_ptr = (my_main_ptr)cinfo->main;
-  my_coef_ptr coef = (my_coef_ptr)cinfo->coef;
-  my_master_ptr master = (my_master_ptr)cinfo->master;
-  my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
-  JDIMENSION i, x;
-  int y;
-  JDIMENSION lines_per_iMCU_row, lines_left_in_iMCU_row, lines_after_iMCU_row;
-  JDIMENSION lines_to_skip, lines_to_read;
-
-  /* Two-pass color quantization is not supported. */
-  if (cinfo->quantize_colors && cinfo->two_pass_quantize)
-    ERREXIT(cinfo, JERR_NOTIMPL);
-
-  if (cinfo->global_state != DSTATE_SCANNING)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-
-  /* Do not skip past the bottom of the image. */
-  if (cinfo->output_scanline + num_lines >= cinfo->output_height) {
-    num_lines = cinfo->output_height - cinfo->output_scanline;
-    cinfo->output_scanline = cinfo->output_height;
-    (*cinfo->inputctl->finish_input_pass) (cinfo);
-    cinfo->inputctl->eoi_reached = TRUE;
-    return num_lines;
-  }
-
-  if (num_lines == 0)
-    return 0;
-
-  lines_per_iMCU_row = cinfo->_min_DCT_scaled_size * cinfo->max_v_samp_factor;
-  lines_left_in_iMCU_row =
-    (lines_per_iMCU_row - (cinfo->output_scanline % lines_per_iMCU_row)) %
-    lines_per_iMCU_row;
-  lines_after_iMCU_row = num_lines - lines_left_in_iMCU_row;
-
-  /* Skip the lines remaining in the current iMCU row.  When upsampling
-   * requires context rows, we need the previous and next rows in order to read
-   * the current row.  This adds some complexity.
-   */
-  if (cinfo->upsample->need_context_rows) {
-    /* If the skipped lines would not move us past the current iMCU row, we
-     * read the lines and ignore them.  There might be a faster way of doing
-     * this, but we are facing increasing complexity for diminishing returns.
-     * The increasing complexity would be a by-product of meddling with the
-     * state machine used to skip context rows.  Near the end of an iMCU row,
-     * the next iMCU row may have already been entropy-decoded.  In this unique
-     * case, we will read the next iMCU row if we cannot skip past it as well.
-     */
-    if ((num_lines < lines_left_in_iMCU_row + 1) ||
-        (lines_left_in_iMCU_row <= 1 && main_ptr->buffer_full &&
-         lines_after_iMCU_row < lines_per_iMCU_row + 1)) {
-      read_and_discard_scanlines(cinfo, num_lines);
-      return num_lines;
-    }
-
-    /* If the next iMCU row has already been entropy-decoded, make sure that
-     * we do not skip too far.
-     */
-    if (lines_left_in_iMCU_row <= 1 && main_ptr->buffer_full) {
-      cinfo->output_scanline += lines_left_in_iMCU_row + lines_per_iMCU_row;
-      lines_after_iMCU_row -= lines_per_iMCU_row;
-    } else {
-      cinfo->output_scanline += lines_left_in_iMCU_row;
-    }
-
-    /* If we have just completed the first block, adjust the buffer pointers */
-    if (main_ptr->iMCU_row_ctr == 0 ||
-        (main_ptr->iMCU_row_ctr == 1 && lines_left_in_iMCU_row > 2))
-      set_wraparound_pointers(cinfo);
-    main_ptr->buffer_full = FALSE;
-    main_ptr->rowgroup_ctr = 0;
-    main_ptr->context_state = CTX_PREPARE_FOR_IMCU;
-    if (!master->using_merged_upsample) {
-      upsample->next_row_out = cinfo->max_v_samp_factor;
-      upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
-    }
-  }
-
-  /* Skipping is much simpler when context rows are not required. */
-  else {
-    if (num_lines < lines_left_in_iMCU_row) {
-      increment_simple_rowgroup_ctr(cinfo, num_lines);
-      return num_lines;
-    } else {
-      cinfo->output_scanline += lines_left_in_iMCU_row;
-      main_ptr->buffer_full = FALSE;
-      main_ptr->rowgroup_ctr = 0;
-      if (!master->using_merged_upsample) {
-        upsample->next_row_out = cinfo->max_v_samp_factor;
-        upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
-      }
-    }
-  }
-
-  /* Calculate how many full iMCU rows we can skip. */
-  if (cinfo->upsample->need_context_rows)
-    lines_to_skip = ((lines_after_iMCU_row - 1) / lines_per_iMCU_row) *
-                    lines_per_iMCU_row;
-  else
-    lines_to_skip = (lines_after_iMCU_row / lines_per_iMCU_row) *
-                    lines_per_iMCU_row;
-  /* Calculate the number of lines that remain to be skipped after skipping all
-   * of the full iMCU rows that we can.  We will not read these lines unless we
-   * have to.
-   */
-  lines_to_read = lines_after_iMCU_row - lines_to_skip;
-
-  /* For images requiring multiple scans (progressive, non-interleaved, etc.),
-   * all of the entropy decoding occurs in jpeg_start_decompress(), assuming
-   * that the input data source is non-suspending.  This makes skipping easy.
-   */
-  if (cinfo->inputctl->has_multiple_scans) {
-    if (cinfo->upsample->need_context_rows) {
-      cinfo->output_scanline += lines_to_skip;
-      cinfo->output_iMCU_row += lines_to_skip / lines_per_iMCU_row;
-      main_ptr->iMCU_row_ctr += lines_to_skip / lines_per_iMCU_row;
-      /* It is complex to properly move to the middle of a context block, so
-       * read the remaining lines instead of skipping them.
-       */
-      read_and_discard_scanlines(cinfo, lines_to_read);
-    } else {
-      cinfo->output_scanline += lines_to_skip;
-      cinfo->output_iMCU_row += lines_to_skip / lines_per_iMCU_row;
-      increment_simple_rowgroup_ctr(cinfo, lines_to_read);
-    }
-    if (!master->using_merged_upsample)
-      upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
-    return num_lines;
-  }
-
-  /* Skip the iMCU rows that we can safely skip. */
-  for (i = 0; i < lines_to_skip; i += lines_per_iMCU_row) {
-    for (y = 0; y < coef->MCU_rows_per_iMCU_row; y++) {
-      for (x = 0; x < cinfo->MCUs_per_row; x++) {
-        /* Calling decode_mcu() with a NULL pointer causes it to discard the
-         * decoded coefficients.  This is ~5% faster for large subsets, but
-         * it's tough to tell a difference for smaller images.
-         */
-        if (!cinfo->entropy->insufficient_data)
-          cinfo->master->last_good_iMCU_row = cinfo->input_iMCU_row;
-        (*cinfo->entropy->decode_mcu) (cinfo, NULL);
-      }
-    }
-    cinfo->input_iMCU_row++;
-    cinfo->output_iMCU_row++;
-    if (cinfo->input_iMCU_row < cinfo->total_iMCU_rows)
-      start_iMCU_row(cinfo);
-    else
-      (*cinfo->inputctl->finish_input_pass) (cinfo);
-  }
-  cinfo->output_scanline += lines_to_skip;
-
-  if (cinfo->upsample->need_context_rows) {
-    /* Context-based upsampling keeps track of iMCU rows. */
-    main_ptr->iMCU_row_ctr += lines_to_skip / lines_per_iMCU_row;
-
-    /* It is complex to properly move to the middle of a context block, so
-     * read the remaining lines instead of skipping them.
-     */
-    read_and_discard_scanlines(cinfo, lines_to_read);
-  } else {
-    increment_simple_rowgroup_ctr(cinfo, lines_to_read);
-  }
-
-  /* Since skipping lines involves skipping the upsampling step, the value of
-   * "rows_to_go" will become invalid unless we set it here.  NOTE: This is a
-   * bit odd, since "rows_to_go" seems to be redundantly keeping track of
-   * output_scanline.
-   */
-  if (!master->using_merged_upsample)
-    upsample->rows_to_go = cinfo->output_height - cinfo->output_scanline;
-
-  /* Always skip the requested number of lines. */
-  return num_lines;
-}
-
-/*
- * Alternate entry point to read raw data.
- * Processes exactly one iMCU row per call, unless suspended.
- */
-
-GLOBAL(JDIMENSION)
-jpeg_read_raw_data(j_decompress_ptr cinfo, JSAMPIMAGE data,
-                   JDIMENSION max_lines)
-{
-  JDIMENSION lines_per_iMCU_row;
-
-  if (cinfo->global_state != DSTATE_RAW_OK)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-  if (cinfo->output_scanline >= cinfo->output_height) {
-    WARNMS(cinfo, JWRN_TOO_MUCH_DATA);
-    return 0;
-  }
-
-  /* Call progress monitor hook if present */
-  if (cinfo->progress != NULL) {
-    cinfo->progress->pass_counter = (long)cinfo->output_scanline;
-    cinfo->progress->pass_limit = (long)cinfo->output_height;
-    (*cinfo->progress->progress_monitor) ((j_common_ptr)cinfo);
-  }
-
-  /* Verify that at least one iMCU row can be returned. */
-  lines_per_iMCU_row = cinfo->max_v_samp_factor * cinfo->_min_DCT_scaled_size;
-  if (max_lines < lines_per_iMCU_row)
-    ERREXIT(cinfo, JERR_BUFFER_SIZE);
-
-  /* Decompress directly into user's buffer. */
-  if (!(*cinfo->coef->decompress_data) (cinfo, data))
-    return 0;                   /* suspension forced, can do nothing more */
-
-  /* OK, we processed one iMCU row. */
-  cinfo->output_scanline += lines_per_iMCU_row;
-  return lines_per_iMCU_row;
-}
-
-
-/* Additional entry points for buffered-image mode. */
-
-#ifdef D_MULTISCAN_FILES_SUPPORTED
-
-/*
- * Initialize for an output pass in buffered-image mode.
- */
-
-GLOBAL(boolean)
-jpeg_start_output(j_decompress_ptr cinfo, int scan_number)
-{
-  if (cinfo->global_state != DSTATE_BUFIMAGE &&
-      cinfo->global_state != DSTATE_PRESCAN)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-  /* Limit scan number to valid range */
-  if (scan_number <= 0)
-    scan_number = 1;
-  if (cinfo->inputctl->eoi_reached && scan_number > cinfo->input_scan_number)
-    scan_number = cinfo->input_scan_number;
-  cinfo->output_scan_number = scan_number;
-  /* Perform any dummy output passes, and set up for the real pass */
-  return output_pass_setup(cinfo);
-}
-
-
-/*
- * Finish up after an output pass in buffered-image mode.
- *
- * Returns FALSE if suspended.  The return value need be inspected only if
- * a suspending data source is used.
- */
-
-GLOBAL(boolean)
-jpeg_finish_output(j_decompress_ptr cinfo)
-{
-  if ((cinfo->global_state == DSTATE_SCANNING ||
-       cinfo->global_state == DSTATE_RAW_OK) && cinfo->buffered_image) {
-    /* Terminate this pass. */
-    /* We do not require the whole pass to have been completed. */
-    (*cinfo->master->finish_output_pass) (cinfo);
-    cinfo->global_state = DSTATE_BUFPOST;
-  } else if (cinfo->global_state != DSTATE_BUFPOST) {
-    /* BUFPOST = repeat call after a suspension, anything else is error */
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-  }
-  /* Read markers looking for SOS or EOI */
-  while (cinfo->input_scan_number <= cinfo->output_scan_number &&
-         !cinfo->inputctl->eoi_reached) {
-    if ((*cinfo->inputctl->consume_input) (cinfo) == JPEG_SUSPENDED)
-      return FALSE;             /* Suspend, come back later */
-  }
-  cinfo->global_state = DSTATE_BUFIMAGE;
-  return TRUE;
-}
-
-#endif /* D_MULTISCAN_FILES_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdarith.c b/3rdparty/libjpeg-turbo_2_1_0/jdarith.c
deleted file mode 100644
index 7f0d3a7..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdarith.c
+++ /dev/null
@@ -1,782 +0,0 @@
-/*
- * jdarith.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Developed 1997-2015 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2015-2020, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains portable arithmetic entropy encoding routines for JPEG
- * (implementing Recommendation ITU-T T.81 | ISO/IEC 10918-1).
- *
- * Both sequential and progressive modes are supported in this single module.
- *
- * Suspension is not currently supported in this module.
- *
- * NOTE: All referenced figures are from
- * Recommendation ITU-T T.81 (1992) | ISO/IEC 10918-1:1994.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-
-
-#define NEG_1  ((unsigned int)-1)
-
-
-/* Expanded entropy decoder object for arithmetic decoding. */
-
-typedef struct {
-  struct jpeg_entropy_decoder pub; /* public fields */
-
-  JLONG c;       /* C register, base of coding interval + input bit buffer */
-  JLONG a;               /* A register, normalized size of coding interval */
-  int ct;     /* bit shift counter, # of bits left in bit buffer part of C */
-                                                         /* init: ct = -16 */
-                                                         /* run: ct = 0..7 */
-                                                         /* error: ct = -1 */
-  int last_dc_val[MAX_COMPS_IN_SCAN]; /* last DC coef for each component */
-  int dc_context[MAX_COMPS_IN_SCAN]; /* context index for DC conditioning */
-
-  unsigned int restarts_to_go;  /* MCUs left in this restart interval */
-
-  /* Pointers to statistics areas (these workspaces have image lifespan) */
-  unsigned char *dc_stats[NUM_ARITH_TBLS];
-  unsigned char *ac_stats[NUM_ARITH_TBLS];
-
-  /* Statistics bin for coding with fixed probability 0.5 */
-  unsigned char fixed_bin[4];
-} arith_entropy_decoder;
-
-typedef arith_entropy_decoder *arith_entropy_ptr;
-
-/* The following two definitions specify the allocation chunk size
- * for the statistics area.
- * According to sections F.1.4.4.1.3 and F.1.4.4.2, we need at least
- * 49 statistics bins for DC, and 245 statistics bins for AC coding.
- *
- * We use a compact representation with 1 byte per statistics bin,
- * thus the numbers directly represent byte sizes.
- * This 1 byte per statistics bin contains the meaning of the MPS
- * (more probable symbol) in the highest bit (mask 0x80), and the
- * index into the probability estimation state machine table
- * in the lower bits (mask 0x7F).
- */
-
-#define DC_STAT_BINS  64
-#define AC_STAT_BINS  256
-
-
-LOCAL(int)
-get_byte(j_decompress_ptr cinfo)
-/* Read next input byte; we do not support suspension in this module. */
-{
-  struct jpeg_source_mgr *src = cinfo->src;
-
-  if (src->bytes_in_buffer == 0)
-    if (!(*src->fill_input_buffer) (cinfo))
-      ERREXIT(cinfo, JERR_CANT_SUSPEND);
-  src->bytes_in_buffer--;
-  return *src->next_input_byte++;
-}
-
-
-/*
- * The core arithmetic decoding routine (common in JPEG and JBIG).
- * This needs to go as fast as possible.
- * Machine-dependent optimization facilities
- * are not utilized in this portable implementation.
- * However, this code should be fairly efficient and
- * may be a good base for further optimizations anyway.
- *
- * Return value is 0 or 1 (binary decision).
- *
- * Note: I've changed the handling of the code base & bit
- * buffer register C compared to other implementations
- * based on the standards layout & procedures.
- * While it also contains both the actual base of the
- * coding interval (16 bits) and the next-bits buffer,
- * the cut-point between these two parts is floating
- * (instead of fixed) with the bit shift counter CT.
- * Thus, we also need only one (variable instead of
- * fixed size) shift for the LPS/MPS decision, and
- * we can do away with any renormalization update
- * of C (except for new data insertion, of course).
- *
- * I've also introduced a new scheme for accessing
- * the probability estimation state machine table,
- * derived from Markus Kuhn's JBIG implementation.
- */
-
-LOCAL(int)
-arith_decode(j_decompress_ptr cinfo, unsigned char *st)
-{
-  register arith_entropy_ptr e = (arith_entropy_ptr)cinfo->entropy;
-  register unsigned char nl, nm;
-  register JLONG qe, temp;
-  register int sv, data;
-
-  /* Renormalization & data input per section D.2.6 */
-  while (e->a < 0x8000L) {
-    if (--e->ct < 0) {
-      /* Need to fetch next data byte */
-      if (cinfo->unread_marker)
-        data = 0;               /* stuff zero data */
-      else {
-        data = get_byte(cinfo); /* read next input byte */
-        if (data == 0xFF) {     /* zero stuff or marker code */
-          do data = get_byte(cinfo);
-          while (data == 0xFF); /* swallow extra 0xFF bytes */
-          if (data == 0)
-            data = 0xFF;        /* discard stuffed zero byte */
-          else {
-            /* Note: Different from the Huffman decoder, hitting
-             * a marker while processing the compressed data
-             * segment is legal in arithmetic coding.
-             * The convention is to supply zero data
-             * then until decoding is complete.
-             */
-            cinfo->unread_marker = data;
-            data = 0;
-          }
-        }
-      }
-      e->c = (e->c << 8) | data; /* insert data into C register */
-      if ((e->ct += 8) < 0)      /* update bit shift counter */
-        /* Need more initial bytes */
-        if (++e->ct == 0)
-          /* Got 2 initial bytes -> re-init A and exit loop */
-          e->a = 0x8000L; /* => e->a = 0x10000L after loop exit */
-    }
-    e->a <<= 1;
-  }
-
-  /* Fetch values from our compact representation of Table D.2:
-   * Qe values and probability estimation state machine
-   */
-  sv = *st;
-  qe = jpeg_aritab[sv & 0x7F];  /* => Qe_Value */
-  nl = qe & 0xFF;  qe >>= 8;    /* Next_Index_LPS + Switch_MPS */
-  nm = qe & 0xFF;  qe >>= 8;    /* Next_Index_MPS */
-
-  /* Decode & estimation procedures per sections D.2.4 & D.2.5 */
-  temp = e->a - qe;
-  e->a = temp;
-  temp <<= e->ct;
-  if (e->c >= temp) {
-    e->c -= temp;
-    /* Conditional LPS (less probable symbol) exchange */
-    if (e->a < qe) {
-      e->a = qe;
-      *st = (sv & 0x80) ^ nm;   /* Estimate_after_MPS */
-    } else {
-      e->a = qe;
-      *st = (sv & 0x80) ^ nl;   /* Estimate_after_LPS */
-      sv ^= 0x80;               /* Exchange LPS/MPS */
-    }
-  } else if (e->a < 0x8000L) {
-    /* Conditional MPS (more probable symbol) exchange */
-    if (e->a < qe) {
-      *st = (sv & 0x80) ^ nl;   /* Estimate_after_LPS */
-      sv ^= 0x80;               /* Exchange LPS/MPS */
-    } else {
-      *st = (sv & 0x80) ^ nm;   /* Estimate_after_MPS */
-    }
-  }
-
-  return sv >> 7;
-}
-
-
-/*
- * Check for a restart marker & resynchronize decoder.
- */
-
-LOCAL(void)
-process_restart(j_decompress_ptr cinfo)
-{
-  arith_entropy_ptr entropy = (arith_entropy_ptr)cinfo->entropy;
-  int ci;
-  jpeg_component_info *compptr;
-
-  /* Advance past the RSTn marker */
-  if (!(*cinfo->marker->read_restart_marker) (cinfo))
-    ERREXIT(cinfo, JERR_CANT_SUSPEND);
-
-  /* Re-initialize statistics areas */
-  for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-    compptr = cinfo->cur_comp_info[ci];
-    if (!cinfo->progressive_mode || (cinfo->Ss == 0 && cinfo->Ah == 0)) {
-      MEMZERO(entropy->dc_stats[compptr->dc_tbl_no], DC_STAT_BINS);
-      /* Reset DC predictions to 0 */
-      entropy->last_dc_val[ci] = 0;
-      entropy->dc_context[ci] = 0;
-    }
-    if (!cinfo->progressive_mode || cinfo->Ss) {
-      MEMZERO(entropy->ac_stats[compptr->ac_tbl_no], AC_STAT_BINS);
-    }
-  }
-
-  /* Reset arithmetic decoding variables */
-  entropy->c = 0;
-  entropy->a = 0;
-  entropy->ct = -16;    /* force reading 2 initial bytes to fill C */
-
-  /* Reset restart counter */
-  entropy->restarts_to_go = cinfo->restart_interval;
-}
-
-
-/*
- * Arithmetic MCU decoding.
- * Each of these routines decodes and returns one MCU's worth of
- * arithmetic-compressed coefficients.
- * The coefficients are reordered from zigzag order into natural array order,
- * but are not dequantized.
- *
- * The i'th block of the MCU is stored into the block pointed to by
- * MCU_data[i].  WE ASSUME THIS AREA IS INITIALLY ZEROED BY THE CALLER.
- */
-
-/*
- * MCU decoding for DC initial scan (either spectral selection,
- * or first pass of successive approximation).
- */
-
-METHODDEF(boolean)
-decode_mcu_DC_first(j_decompress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  arith_entropy_ptr entropy = (arith_entropy_ptr)cinfo->entropy;
-  JBLOCKROW block;
-  unsigned char *st;
-  int blkn, ci, tbl, sign;
-  int v, m;
-
-  /* Process restart marker if needed */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0)
-      process_restart(cinfo);
-    entropy->restarts_to_go--;
-  }
-
-  if (entropy->ct == -1) return TRUE;   /* if error do nothing */
-
-  /* Outer loop handles each block in the MCU */
-
-  for (blkn = 0; blkn < cinfo->blocks_in_MCU; blkn++) {
-    block = MCU_data[blkn];
-    ci = cinfo->MCU_membership[blkn];
-    tbl = cinfo->cur_comp_info[ci]->dc_tbl_no;
-
-    /* Sections F.2.4.1 & F.1.4.4.1: Decoding of DC coefficients */
-
-    /* Table F.4: Point to statistics bin S0 for DC coefficient coding */
-    st = entropy->dc_stats[tbl] + entropy->dc_context[ci];
-
-    /* Figure F.19: Decode_DC_DIFF */
-    if (arith_decode(cinfo, st) == 0)
-      entropy->dc_context[ci] = 0;
-    else {
-      /* Figure F.21: Decoding nonzero value v */
-      /* Figure F.22: Decoding the sign of v */
-      sign = arith_decode(cinfo, st + 1);
-      st += 2;  st += sign;
-      /* Figure F.23: Decoding the magnitude category of v */
-      if ((m = arith_decode(cinfo, st)) != 0) {
-        st = entropy->dc_stats[tbl] + 20;       /* Table F.4: X1 = 20 */
-        while (arith_decode(cinfo, st)) {
-          if ((m <<= 1) == 0x8000) {
-            WARNMS(cinfo, JWRN_ARITH_BAD_CODE);
-            entropy->ct = -1;                   /* magnitude overflow */
-            return TRUE;
-          }
-          st += 1;
-        }
-      }
-      /* Section F.1.4.4.1.2: Establish dc_context conditioning category */
-      if (m < (int)((1L << cinfo->arith_dc_L[tbl]) >> 1))
-        entropy->dc_context[ci] = 0;               /* zero diff category */
-      else if (m > (int)((1L << cinfo->arith_dc_U[tbl]) >> 1))
-        entropy->dc_context[ci] = 12 + (sign * 4); /* large diff category */
-      else
-        entropy->dc_context[ci] = 4 + (sign * 4);  /* small diff category */
-      v = m;
-      /* Figure F.24: Decoding the magnitude bit pattern of v */
-      st += 14;
-      while (m >>= 1)
-        if (arith_decode(cinfo, st)) v |= m;
-      v += 1;  if (sign) v = -v;
-      entropy->last_dc_val[ci] = (entropy->last_dc_val[ci] + v) & 0xffff;
-    }
-
-    /* Scale and output the DC coefficient (assumes jpeg_natural_order[0]=0) */
-    (*block)[0] = (JCOEF)LEFT_SHIFT(entropy->last_dc_val[ci], cinfo->Al);
-  }
-
-  return TRUE;
-}
-
-
-/*
- * MCU decoding for AC initial scan (either spectral selection,
- * or first pass of successive approximation).
- */
-
-METHODDEF(boolean)
-decode_mcu_AC_first(j_decompress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  arith_entropy_ptr entropy = (arith_entropy_ptr)cinfo->entropy;
-  JBLOCKROW block;
-  unsigned char *st;
-  int tbl, sign, k;
-  int v, m;
-
-  /* Process restart marker if needed */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0)
-      process_restart(cinfo);
-    entropy->restarts_to_go--;
-  }
-
-  if (entropy->ct == -1) return TRUE;   /* if error do nothing */
-
-  /* There is always only one block per MCU */
-  block = MCU_data[0];
-  tbl = cinfo->cur_comp_info[0]->ac_tbl_no;
-
-  /* Sections F.2.4.2 & F.1.4.4.2: Decoding of AC coefficients */
-
-  /* Figure F.20: Decode_AC_coefficients */
-  for (k = cinfo->Ss; k <= cinfo->Se; k++) {
-    st = entropy->ac_stats[tbl] + 3 * (k - 1);
-    if (arith_decode(cinfo, st)) break;         /* EOB flag */
-    while (arith_decode(cinfo, st + 1) == 0) {
-      st += 3;  k++;
-      if (k > cinfo->Se) {
-        WARNMS(cinfo, JWRN_ARITH_BAD_CODE);
-        entropy->ct = -1;                       /* spectral overflow */
-        return TRUE;
-      }
-    }
-    /* Figure F.21: Decoding nonzero value v */
-    /* Figure F.22: Decoding the sign of v */
-    sign = arith_decode(cinfo, entropy->fixed_bin);
-    st += 2;
-    /* Figure F.23: Decoding the magnitude category of v */
-    if ((m = arith_decode(cinfo, st)) != 0) {
-      if (arith_decode(cinfo, st)) {
-        m <<= 1;
-        st = entropy->ac_stats[tbl] +
-             (k <= cinfo->arith_ac_K[tbl] ? 189 : 217);
-        while (arith_decode(cinfo, st)) {
-          if ((m <<= 1) == 0x8000) {
-            WARNMS(cinfo, JWRN_ARITH_BAD_CODE);
-            entropy->ct = -1;                   /* magnitude overflow */
-            return TRUE;
-          }
-          st += 1;
-        }
-      }
-    }
-    v = m;
-    /* Figure F.24: Decoding the magnitude bit pattern of v */
-    st += 14;
-    while (m >>= 1)
-      if (arith_decode(cinfo, st)) v |= m;
-    v += 1;  if (sign) v = -v;
-    /* Scale and output coefficient in natural (dezigzagged) order */
-    (*block)[jpeg_natural_order[k]] = (JCOEF)((unsigned)v << cinfo->Al);
-  }
-
-  return TRUE;
-}
-
-
-/*
- * MCU decoding for DC successive approximation refinement scan.
- */
-
-METHODDEF(boolean)
-decode_mcu_DC_refine(j_decompress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  arith_entropy_ptr entropy = (arith_entropy_ptr)cinfo->entropy;
-  unsigned char *st;
-  int p1, blkn;
-
-  /* Process restart marker if needed */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0)
-      process_restart(cinfo);
-    entropy->restarts_to_go--;
-  }
-
-  st = entropy->fixed_bin;      /* use fixed probability estimation */
-  p1 = 1 << cinfo->Al;          /* 1 in the bit position being coded */
-
-  /* Outer loop handles each block in the MCU */
-
-  for (blkn = 0; blkn < cinfo->blocks_in_MCU; blkn++) {
-    /* Encoded data is simply the next bit of the two's-complement DC value */
-    if (arith_decode(cinfo, st))
-      MCU_data[blkn][0][0] |= p1;
-  }
-
-  return TRUE;
-}
-
-
-/*
- * MCU decoding for AC successive approximation refinement scan.
- */
-
-METHODDEF(boolean)
-decode_mcu_AC_refine(j_decompress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  arith_entropy_ptr entropy = (arith_entropy_ptr)cinfo->entropy;
-  JBLOCKROW block;
-  JCOEFPTR thiscoef;
-  unsigned char *st;
-  int tbl, k, kex;
-  int p1, m1;
-
-  /* Process restart marker if needed */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0)
-      process_restart(cinfo);
-    entropy->restarts_to_go--;
-  }
-
-  if (entropy->ct == -1) return TRUE;   /* if error do nothing */
-
-  /* There is always only one block per MCU */
-  block = MCU_data[0];
-  tbl = cinfo->cur_comp_info[0]->ac_tbl_no;
-
-  p1 = 1 << cinfo->Al;          /* 1 in the bit position being coded */
-  m1 = (NEG_1) << cinfo->Al;    /* -1 in the bit position being coded */
-
-  /* Establish EOBx (previous stage end-of-block) index */
-  for (kex = cinfo->Se; kex > 0; kex--)
-    if ((*block)[jpeg_natural_order[kex]]) break;
-
-  for (k = cinfo->Ss; k <= cinfo->Se; k++) {
-    st = entropy->ac_stats[tbl] + 3 * (k - 1);
-    if (k > kex)
-      if (arith_decode(cinfo, st)) break;       /* EOB flag */
-    for (;;) {
-      thiscoef = *block + jpeg_natural_order[k];
-      if (*thiscoef) {                          /* previously nonzero coef */
-        if (arith_decode(cinfo, st + 2)) {
-          if (*thiscoef < 0)
-            *thiscoef += m1;
-          else
-            *thiscoef += p1;
-        }
-        break;
-      }
-      if (arith_decode(cinfo, st + 1)) {        /* newly nonzero coef */
-        if (arith_decode(cinfo, entropy->fixed_bin))
-          *thiscoef = m1;
-        else
-          *thiscoef = p1;
-        break;
-      }
-      st += 3;  k++;
-      if (k > cinfo->Se) {
-        WARNMS(cinfo, JWRN_ARITH_BAD_CODE);
-        entropy->ct = -1;                       /* spectral overflow */
-        return TRUE;
-      }
-    }
-  }
-
-  return TRUE;
-}
-
-
-/*
- * Decode one MCU's worth of arithmetic-compressed coefficients.
- */
-
-METHODDEF(boolean)
-decode_mcu(j_decompress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  arith_entropy_ptr entropy = (arith_entropy_ptr)cinfo->entropy;
-  jpeg_component_info *compptr;
-  JBLOCKROW block;
-  unsigned char *st;
-  int blkn, ci, tbl, sign, k;
-  int v, m;
-
-  /* Process restart marker if needed */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0)
-      process_restart(cinfo);
-    entropy->restarts_to_go--;
-  }
-
-  if (entropy->ct == -1) return TRUE;   /* if error do nothing */
-
-  /* Outer loop handles each block in the MCU */
-
-  for (blkn = 0; blkn < cinfo->blocks_in_MCU; blkn++) {
-    block = MCU_data ? MCU_data[blkn] : NULL;
-    ci = cinfo->MCU_membership[blkn];
-    compptr = cinfo->cur_comp_info[ci];
-
-    /* Sections F.2.4.1 & F.1.4.4.1: Decoding of DC coefficients */
-
-    tbl = compptr->dc_tbl_no;
-
-    /* Table F.4: Point to statistics bin S0 for DC coefficient coding */
-    st = entropy->dc_stats[tbl] + entropy->dc_context[ci];
-
-    /* Figure F.19: Decode_DC_DIFF */
-    if (arith_decode(cinfo, st) == 0)
-      entropy->dc_context[ci] = 0;
-    else {
-      /* Figure F.21: Decoding nonzero value v */
-      /* Figure F.22: Decoding the sign of v */
-      sign = arith_decode(cinfo, st + 1);
-      st += 2;  st += sign;
-      /* Figure F.23: Decoding the magnitude category of v */
-      if ((m = arith_decode(cinfo, st)) != 0) {
-        st = entropy->dc_stats[tbl] + 20;       /* Table F.4: X1 = 20 */
-        while (arith_decode(cinfo, st)) {
-          if ((m <<= 1) == 0x8000) {
-            WARNMS(cinfo, JWRN_ARITH_BAD_CODE);
-            entropy->ct = -1;                   /* magnitude overflow */
-            return TRUE;
-          }
-          st += 1;
-        }
-      }
-      /* Section F.1.4.4.1.2: Establish dc_context conditioning category */
-      if (m < (int)((1L << cinfo->arith_dc_L[tbl]) >> 1))
-        entropy->dc_context[ci] = 0;               /* zero diff category */
-      else if (m > (int)((1L << cinfo->arith_dc_U[tbl]) >> 1))
-        entropy->dc_context[ci] = 12 + (sign * 4); /* large diff category */
-      else
-        entropy->dc_context[ci] = 4 + (sign * 4);  /* small diff category */
-      v = m;
-      /* Figure F.24: Decoding the magnitude bit pattern of v */
-      st += 14;
-      while (m >>= 1)
-        if (arith_decode(cinfo, st)) v |= m;
-      v += 1;  if (sign) v = -v;
-      entropy->last_dc_val[ci] = (entropy->last_dc_val[ci] + v) & 0xffff;
-    }
-
-    if (block)
-      (*block)[0] = (JCOEF)entropy->last_dc_val[ci];
-
-    /* Sections F.2.4.2 & F.1.4.4.2: Decoding of AC coefficients */
-
-    tbl = compptr->ac_tbl_no;
-
-    /* Figure F.20: Decode_AC_coefficients */
-    for (k = 1; k <= DCTSIZE2 - 1; k++) {
-      st = entropy->ac_stats[tbl] + 3 * (k - 1);
-      if (arith_decode(cinfo, st)) break;       /* EOB flag */
-      while (arith_decode(cinfo, st + 1) == 0) {
-        st += 3;  k++;
-        if (k > DCTSIZE2 - 1) {
-          WARNMS(cinfo, JWRN_ARITH_BAD_CODE);
-          entropy->ct = -1;                     /* spectral overflow */
-          return TRUE;
-        }
-      }
-      /* Figure F.21: Decoding nonzero value v */
-      /* Figure F.22: Decoding the sign of v */
-      sign = arith_decode(cinfo, entropy->fixed_bin);
-      st += 2;
-      /* Figure F.23: Decoding the magnitude category of v */
-      if ((m = arith_decode(cinfo, st)) != 0) {
-        if (arith_decode(cinfo, st)) {
-          m <<= 1;
-          st = entropy->ac_stats[tbl] +
-               (k <= cinfo->arith_ac_K[tbl] ? 189 : 217);
-          while (arith_decode(cinfo, st)) {
-            if ((m <<= 1) == 0x8000) {
-              WARNMS(cinfo, JWRN_ARITH_BAD_CODE);
-              entropy->ct = -1;                 /* magnitude overflow */
-              return TRUE;
-            }
-            st += 1;
-          }
-        }
-      }
-      v = m;
-      /* Figure F.24: Decoding the magnitude bit pattern of v */
-      st += 14;
-      while (m >>= 1)
-        if (arith_decode(cinfo, st)) v |= m;
-      v += 1;  if (sign) v = -v;
-      if (block)
-        (*block)[jpeg_natural_order[k]] = (JCOEF)v;
-    }
-  }
-
-  return TRUE;
-}
-
-
-/*
- * Initialize for an arithmetic-compressed scan.
- */
-
-METHODDEF(void)
-start_pass(j_decompress_ptr cinfo)
-{
-  arith_entropy_ptr entropy = (arith_entropy_ptr)cinfo->entropy;
-  int ci, tbl;
-  jpeg_component_info *compptr;
-
-  if (cinfo->progressive_mode) {
-    /* Validate progressive scan parameters */
-    if (cinfo->Ss == 0) {
-      if (cinfo->Se != 0)
-        goto bad;
-    } else {
-      /* need not check Ss/Se < 0 since they came from unsigned bytes */
-      if (cinfo->Se < cinfo->Ss || cinfo->Se > DCTSIZE2 - 1)
-        goto bad;
-      /* AC scans may have only one component */
-      if (cinfo->comps_in_scan != 1)
-        goto bad;
-    }
-    if (cinfo->Ah != 0) {
-      /* Successive approximation refinement scan: must have Al = Ah-1. */
-      if (cinfo->Ah - 1 != cinfo->Al)
-        goto bad;
-    }
-    if (cinfo->Al > 13) {       /* need not check for < 0 */
-bad:
-      ERREXIT4(cinfo, JERR_BAD_PROGRESSION,
-               cinfo->Ss, cinfo->Se, cinfo->Ah, cinfo->Al);
-    }
-    /* Update progression status, and verify that scan order is legal.
-     * Note that inter-scan inconsistencies are treated as warnings
-     * not fatal errors ... not clear if this is right way to behave.
-     */
-    for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-      int coefi, cindex = cinfo->cur_comp_info[ci]->component_index;
-      int *coef_bit_ptr = &cinfo->coef_bits[cindex][0];
-      int *prev_coef_bit_ptr =
-        &cinfo->coef_bits[cindex + cinfo->num_components][0];
-      if (cinfo->Ss && coef_bit_ptr[0] < 0) /* AC without prior DC scan */
-        WARNMS2(cinfo, JWRN_BOGUS_PROGRESSION, cindex, 0);
-      for (coefi = MIN(cinfo->Ss, 1); coefi <= MAX(cinfo->Se, 9); coefi++) {
-        if (cinfo->input_scan_number > 1)
-          prev_coef_bit_ptr[coefi] = coef_bit_ptr[coefi];
-        else
-          prev_coef_bit_ptr[coefi] = 0;
-      }
-      for (coefi = cinfo->Ss; coefi <= cinfo->Se; coefi++) {
-        int expected = (coef_bit_ptr[coefi] < 0) ? 0 : coef_bit_ptr[coefi];
-        if (cinfo->Ah != expected)
-          WARNMS2(cinfo, JWRN_BOGUS_PROGRESSION, cindex, coefi);
-        coef_bit_ptr[coefi] = cinfo->Al;
-      }
-    }
-    /* Select MCU decoding routine */
-    if (cinfo->Ah == 0) {
-      if (cinfo->Ss == 0)
-        entropy->pub.decode_mcu = decode_mcu_DC_first;
-      else
-        entropy->pub.decode_mcu = decode_mcu_AC_first;
-    } else {
-      if (cinfo->Ss == 0)
-        entropy->pub.decode_mcu = decode_mcu_DC_refine;
-      else
-        entropy->pub.decode_mcu = decode_mcu_AC_refine;
-    }
-  } else {
-    /* Check that the scan parameters Ss, Se, Ah/Al are OK for sequential JPEG.
-     * This ought to be an error condition, but we make it a warning.
-     */
-    if (cinfo->Ss != 0 || cinfo->Ah != 0 || cinfo->Al != 0 ||
-        (cinfo->Se < DCTSIZE2 && cinfo->Se != DCTSIZE2 - 1))
-      WARNMS(cinfo, JWRN_NOT_SEQUENTIAL);
-    /* Select MCU decoding routine */
-    entropy->pub.decode_mcu = decode_mcu;
-  }
-
-  /* Allocate & initialize requested statistics areas */
-  for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-    compptr = cinfo->cur_comp_info[ci];
-    if (!cinfo->progressive_mode || (cinfo->Ss == 0 && cinfo->Ah == 0)) {
-      tbl = compptr->dc_tbl_no;
-      if (tbl < 0 || tbl >= NUM_ARITH_TBLS)
-        ERREXIT1(cinfo, JERR_NO_ARITH_TABLE, tbl);
-      if (entropy->dc_stats[tbl] == NULL)
-        entropy->dc_stats[tbl] = (unsigned char *)(*cinfo->mem->alloc_small)
-          ((j_common_ptr)cinfo, JPOOL_IMAGE, DC_STAT_BINS);
-      MEMZERO(entropy->dc_stats[tbl], DC_STAT_BINS);
-      /* Initialize DC predictions to 0 */
-      entropy->last_dc_val[ci] = 0;
-      entropy->dc_context[ci] = 0;
-    }
-    if (!cinfo->progressive_mode || cinfo->Ss) {
-      tbl = compptr->ac_tbl_no;
-      if (tbl < 0 || tbl >= NUM_ARITH_TBLS)
-        ERREXIT1(cinfo, JERR_NO_ARITH_TABLE, tbl);
-      if (entropy->ac_stats[tbl] == NULL)
-        entropy->ac_stats[tbl] = (unsigned char *)(*cinfo->mem->alloc_small)
-          ((j_common_ptr)cinfo, JPOOL_IMAGE, AC_STAT_BINS);
-      MEMZERO(entropy->ac_stats[tbl], AC_STAT_BINS);
-    }
-  }
-
-  /* Initialize arithmetic decoding variables */
-  entropy->c = 0;
-  entropy->a = 0;
-  entropy->ct = -16;    /* force reading 2 initial bytes to fill C */
-  entropy->pub.insufficient_data = FALSE;
-
-  /* Initialize restart counter */
-  entropy->restarts_to_go = cinfo->restart_interval;
-}
-
-
-/*
- * Module initialization routine for arithmetic entropy decoding.
- */
-
-GLOBAL(void)
-jinit_arith_decoder(j_decompress_ptr cinfo)
-{
-  arith_entropy_ptr entropy;
-  int i;
-
-  entropy = (arith_entropy_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(arith_entropy_decoder));
-  cinfo->entropy = (struct jpeg_entropy_decoder *)entropy;
-  entropy->pub.start_pass = start_pass;
-
-  /* Mark tables unallocated */
-  for (i = 0; i < NUM_ARITH_TBLS; i++) {
-    entropy->dc_stats[i] = NULL;
-    entropy->ac_stats[i] = NULL;
-  }
-
-  /* Initialize index for fixed probability estimation */
-  entropy->fixed_bin[0] = 113;
-
-  if (cinfo->progressive_mode) {
-    /* Create progression status table */
-    int *coef_bit_ptr, ci;
-    cinfo->coef_bits = (int (*)[DCTSIZE2])
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                  cinfo->num_components * 2 * DCTSIZE2 *
-                                  sizeof(int));
-    coef_bit_ptr = &cinfo->coef_bits[0][0];
-    for (ci = 0; ci < cinfo->num_components; ci++)
-      for (i = 0; i < DCTSIZE2; i++)
-        *coef_bit_ptr++ = -1;
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdatadst-tj.c b/3rdparty/libjpeg-turbo_2_1_0/jdatadst-tj.c
deleted file mode 100644
index fdaa2de..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdatadst-tj.c
+++ /dev/null
@@ -1,202 +0,0 @@
-/*
- * jdatadst-tj.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * Modified 2009-2012 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2011, 2014, 2016, 2019, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains compression data destination routines for the case of
- * emitting JPEG data to memory or to a file (or any stdio stream).
- * While these routines are sufficient for most applications,
- * some will want to use a different destination manager.
- * IMPORTANT: we assume that fwrite() will correctly transcribe an array of
- * JOCTETs into 8-bit-wide elements on external storage.  If char is wider
- * than 8 bits on your machine, you may need to do some tweaking.
- */
-
-/* this is not a core library module, so it doesn't define JPEG_INTERNALS */
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jerror.h"
-
-#ifndef HAVE_STDLIB_H           /* <stdlib.h> should declare malloc(),free() */
-extern void *malloc(size_t size);
-extern void free(void *ptr);
-#endif
-void jpeg_mem_dest_tj(j_compress_ptr cinfo, unsigned char **outbuffer,
-                      unsigned long *outsize, boolean alloc);
-
-
-#define OUTPUT_BUF_SIZE  4096   /* choose an efficiently fwrite'able size */
-
-
-/* Expanded data destination object for memory output */
-
-typedef struct {
-  struct jpeg_destination_mgr pub; /* public fields */
-
-  unsigned char **outbuffer;    /* target buffer */
-  unsigned long *outsize;
-  unsigned char *newbuffer;     /* newly allocated buffer */
-  JOCTET *buffer;               /* start of buffer */
-  size_t bufsize;
-  boolean alloc;
-} my_mem_destination_mgr;
-
-typedef my_mem_destination_mgr *my_mem_dest_ptr;
-
-
-/*
- * Initialize destination --- called by jpeg_start_compress
- * before any data is actually written.
- */
-
-METHODDEF(void)
-init_mem_destination(j_compress_ptr cinfo)
-{
-  /* no work necessary here */
-}
-
-
-/*
- * Empty the output buffer --- called whenever buffer fills up.
- *
- * In typical applications, this should write the entire output buffer
- * (ignoring the current state of next_output_byte & free_in_buffer),
- * reset the pointer & count to the start of the buffer, and return TRUE
- * indicating that the buffer has been dumped.
- *
- * In applications that need to be able to suspend compression due to output
- * overrun, a FALSE return indicates that the buffer cannot be emptied now.
- * In this situation, the compressor will return to its caller (possibly with
- * an indication that it has not accepted all the supplied scanlines).  The
- * application should resume compression after it has made more room in the
- * output buffer.  Note that there are substantial restrictions on the use of
- * suspension --- see the documentation.
- *
- * When suspending, the compressor will back up to a convenient restart point
- * (typically the start of the current MCU). next_output_byte & free_in_buffer
- * indicate where the restart point will be if the current call returns FALSE.
- * Data beyond this point will be regenerated after resumption, so do not
- * write it out when emptying the buffer externally.
- */
-
-METHODDEF(boolean)
-empty_mem_output_buffer(j_compress_ptr cinfo)
-{
-  size_t nextsize;
-  JOCTET *nextbuffer;
-  my_mem_dest_ptr dest = (my_mem_dest_ptr)cinfo->dest;
-
-  if (!dest->alloc) ERREXIT(cinfo, JERR_BUFFER_SIZE);
-
-  /* Try to allocate new buffer with double size */
-  nextsize = dest->bufsize * 2;
-  nextbuffer = (JOCTET *)malloc(nextsize);
-
-  if (nextbuffer == NULL)
-    ERREXIT1(cinfo, JERR_OUT_OF_MEMORY, 10);
-
-  MEMCOPY(nextbuffer, dest->buffer, dest->bufsize);
-
-  free(dest->newbuffer);
-
-  dest->newbuffer = nextbuffer;
-
-  dest->pub.next_output_byte = nextbuffer + dest->bufsize;
-  dest->pub.free_in_buffer = dest->bufsize;
-
-  dest->buffer = nextbuffer;
-  dest->bufsize = nextsize;
-
-  return TRUE;
-}
-
-
-/*
- * Terminate destination --- called by jpeg_finish_compress
- * after all data has been written.  Usually needs to flush buffer.
- *
- * NB: *not* called by jpeg_abort or jpeg_destroy; surrounding
- * application must deal with any cleanup that should happen even
- * for error exit.
- */
-
-METHODDEF(void)
-term_mem_destination(j_compress_ptr cinfo)
-{
-  my_mem_dest_ptr dest = (my_mem_dest_ptr)cinfo->dest;
-
-  if (dest->alloc) *dest->outbuffer = dest->buffer;
-  *dest->outsize = (unsigned long)(dest->bufsize - dest->pub.free_in_buffer);
-}
-
-
-/*
- * Prepare for output to a memory buffer.
- * The caller may supply an own initial buffer with appropriate size.
- * Otherwise, or when the actual data output exceeds the given size,
- * the library adapts the buffer size as necessary.
- * The standard library functions malloc/free are used for allocating
- * larger memory, so the buffer is available to the application after
- * finishing compression, and then the application is responsible for
- * freeing the requested memory.
- */
-
-GLOBAL(void)
-jpeg_mem_dest_tj(j_compress_ptr cinfo, unsigned char **outbuffer,
-                 unsigned long *outsize, boolean alloc)
-{
-  boolean reused = FALSE;
-  my_mem_dest_ptr dest;
-
-  if (outbuffer == NULL || outsize == NULL)     /* sanity check */
-    ERREXIT(cinfo, JERR_BUFFER_SIZE);
-
-  /* The destination object is made permanent so that multiple JPEG images
-   * can be written to the same buffer without re-executing jpeg_mem_dest.
-   */
-  if (cinfo->dest == NULL) {    /* first time for this JPEG object? */
-    cinfo->dest = (struct jpeg_destination_mgr *)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_PERMANENT,
-                                  sizeof(my_mem_destination_mgr));
-    dest = (my_mem_dest_ptr)cinfo->dest;
-    dest->newbuffer = NULL;
-    dest->buffer = NULL;
-  } else if (cinfo->dest->init_destination != init_mem_destination) {
-    /* It is unsafe to reuse the existing destination manager unless it was
-     * created by this function.
-     */
-    ERREXIT(cinfo, JERR_BUFFER_SIZE);
-  }
-
-  dest = (my_mem_dest_ptr)cinfo->dest;
-  dest->pub.init_destination = init_mem_destination;
-  dest->pub.empty_output_buffer = empty_mem_output_buffer;
-  dest->pub.term_destination = term_mem_destination;
-  if (dest->buffer == *outbuffer && *outbuffer != NULL && alloc)
-    reused = TRUE;
-  dest->outbuffer = outbuffer;
-  dest->outsize = outsize;
-  dest->alloc = alloc;
-
-  if (*outbuffer == NULL || *outsize == 0) {
-    if (alloc) {
-      /* Allocate initial buffer */
-      dest->newbuffer = *outbuffer = (unsigned char *)malloc(OUTPUT_BUF_SIZE);
-      if (dest->newbuffer == NULL)
-        ERREXIT1(cinfo, JERR_OUT_OF_MEMORY, 10);
-      *outsize = OUTPUT_BUF_SIZE;
-    } else
-      ERREXIT(cinfo, JERR_BUFFER_SIZE);
-  }
-
-  dest->pub.next_output_byte = dest->buffer = *outbuffer;
-  if (!reused)
-    dest->bufsize = *outsize;
-  dest->pub.free_in_buffer = dest->bufsize;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdatadst.c b/3rdparty/libjpeg-turbo_2_1_0/jdatadst.c
deleted file mode 100644
index 246fffb..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdatadst.c
+++ /dev/null
@@ -1,292 +0,0 @@
-/*
- * jdatadst.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * Modified 2009-2012 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2013, 2016, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains compression data destination routines for the case of
- * emitting JPEG data to memory or to a file (or any stdio stream).
- * While these routines are sufficient for most applications,
- * some will want to use a different destination manager.
- * IMPORTANT: we assume that fwrite() will correctly transcribe an array of
- * JOCTETs into 8-bit-wide elements on external storage.  If char is wider
- * than 8 bits on your machine, you may need to do some tweaking.
- */
-
-/* this is not a core library module, so it doesn't define JPEG_INTERNALS */
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jerror.h"
-
-#ifndef HAVE_STDLIB_H           /* <stdlib.h> should declare malloc(),free() */
-extern void *malloc(size_t size);
-extern void free(void *ptr);
-#endif
-
-
-/* Expanded data destination object for stdio output */
-
-typedef struct {
-  struct jpeg_destination_mgr pub; /* public fields */
-
-  FILE *outfile;                /* target stream */
-  JOCTET *buffer;               /* start of buffer */
-} my_destination_mgr;
-
-typedef my_destination_mgr *my_dest_ptr;
-
-#define OUTPUT_BUF_SIZE  4096   /* choose an efficiently fwrite'able size */
-
-
-#if JPEG_LIB_VERSION >= 80 || defined(MEM_SRCDST_SUPPORTED)
-/* Expanded data destination object for memory output */
-
-typedef struct {
-  struct jpeg_destination_mgr pub; /* public fields */
-
-  unsigned char **outbuffer;    /* target buffer */
-  unsigned long *outsize;
-  unsigned char *newbuffer;     /* newly allocated buffer */
-  JOCTET *buffer;               /* start of buffer */
-  size_t bufsize;
-} my_mem_destination_mgr;
-
-typedef my_mem_destination_mgr *my_mem_dest_ptr;
-#endif
-
-
-/*
- * Initialize destination --- called by jpeg_start_compress
- * before any data is actually written.
- */
-
-METHODDEF(void)
-init_destination(j_compress_ptr cinfo)
-{
-  my_dest_ptr dest = (my_dest_ptr)cinfo->dest;
-
-  /* Allocate the output buffer --- it will be released when done with image */
-  dest->buffer = (JOCTET *)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                OUTPUT_BUF_SIZE * sizeof(JOCTET));
-
-  dest->pub.next_output_byte = dest->buffer;
-  dest->pub.free_in_buffer = OUTPUT_BUF_SIZE;
-}
-
-#if JPEG_LIB_VERSION >= 80 || defined(MEM_SRCDST_SUPPORTED)
-METHODDEF(void)
-init_mem_destination(j_compress_ptr cinfo)
-{
-  /* no work necessary here */
-}
-#endif
-
-
-/*
- * Empty the output buffer --- called whenever buffer fills up.
- *
- * In typical applications, this should write the entire output buffer
- * (ignoring the current state of next_output_byte & free_in_buffer),
- * reset the pointer & count to the start of the buffer, and return TRUE
- * indicating that the buffer has been dumped.
- *
- * In applications that need to be able to suspend compression due to output
- * overrun, a FALSE return indicates that the buffer cannot be emptied now.
- * In this situation, the compressor will return to its caller (possibly with
- * an indication that it has not accepted all the supplied scanlines).  The
- * application should resume compression after it has made more room in the
- * output buffer.  Note that there are substantial restrictions on the use of
- * suspension --- see the documentation.
- *
- * When suspending, the compressor will back up to a convenient restart point
- * (typically the start of the current MCU). next_output_byte & free_in_buffer
- * indicate where the restart point will be if the current call returns FALSE.
- * Data beyond this point will be regenerated after resumption, so do not
- * write it out when emptying the buffer externally.
- */
-
-METHODDEF(boolean)
-empty_output_buffer(j_compress_ptr cinfo)
-{
-  my_dest_ptr dest = (my_dest_ptr)cinfo->dest;
-
-  if (JFWRITE(dest->outfile, dest->buffer, OUTPUT_BUF_SIZE) !=
-      (size_t)OUTPUT_BUF_SIZE)
-    ERREXIT(cinfo, JERR_FILE_WRITE);
-
-  dest->pub.next_output_byte = dest->buffer;
-  dest->pub.free_in_buffer = OUTPUT_BUF_SIZE;
-
-  return TRUE;
-}
-
-#if JPEG_LIB_VERSION >= 80 || defined(MEM_SRCDST_SUPPORTED)
-METHODDEF(boolean)
-empty_mem_output_buffer(j_compress_ptr cinfo)
-{
-  size_t nextsize;
-  JOCTET *nextbuffer;
-  my_mem_dest_ptr dest = (my_mem_dest_ptr)cinfo->dest;
-
-  /* Try to allocate new buffer with double size */
-  nextsize = dest->bufsize * 2;
-  nextbuffer = (JOCTET *)malloc(nextsize);
-
-  if (nextbuffer == NULL)
-    ERREXIT1(cinfo, JERR_OUT_OF_MEMORY, 10);
-
-  MEMCOPY(nextbuffer, dest->buffer, dest->bufsize);
-
-  free(dest->newbuffer);
-
-  dest->newbuffer = nextbuffer;
-
-  dest->pub.next_output_byte = nextbuffer + dest->bufsize;
-  dest->pub.free_in_buffer = dest->bufsize;
-
-  dest->buffer = nextbuffer;
-  dest->bufsize = nextsize;
-
-  return TRUE;
-}
-#endif
-
-
-/*
- * Terminate destination --- called by jpeg_finish_compress
- * after all data has been written.  Usually needs to flush buffer.
- *
- * NB: *not* called by jpeg_abort or jpeg_destroy; surrounding
- * application must deal with any cleanup that should happen even
- * for error exit.
- */
-
-METHODDEF(void)
-term_destination(j_compress_ptr cinfo)
-{
-  my_dest_ptr dest = (my_dest_ptr)cinfo->dest;
-  size_t datacount = OUTPUT_BUF_SIZE - dest->pub.free_in_buffer;
-
-  /* Write any data remaining in the buffer */
-  if (datacount > 0) {
-    if (JFWRITE(dest->outfile, dest->buffer, datacount) != datacount)
-      ERREXIT(cinfo, JERR_FILE_WRITE);
-  }
-  fflush(dest->outfile);
-  /* Make sure we wrote the output file OK */
-  if (ferror(dest->outfile))
-    ERREXIT(cinfo, JERR_FILE_WRITE);
-}
-
-#if JPEG_LIB_VERSION >= 80 || defined(MEM_SRCDST_SUPPORTED)
-METHODDEF(void)
-term_mem_destination(j_compress_ptr cinfo)
-{
-  my_mem_dest_ptr dest = (my_mem_dest_ptr)cinfo->dest;
-
-  *dest->outbuffer = dest->buffer;
-  *dest->outsize = (unsigned long)(dest->bufsize - dest->pub.free_in_buffer);
-}
-#endif
-
-
-/*
- * Prepare for output to a stdio stream.
- * The caller must have already opened the stream, and is responsible
- * for closing it after finishing compression.
- */
-
-GLOBAL(void)
-jpeg_stdio_dest(j_compress_ptr cinfo, FILE *outfile)
-{
-  my_dest_ptr dest;
-
-  /* The destination object is made permanent so that multiple JPEG images
-   * can be written to the same file without re-executing jpeg_stdio_dest.
-   */
-  if (cinfo->dest == NULL) {    /* first time for this JPEG object? */
-    cinfo->dest = (struct jpeg_destination_mgr *)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_PERMANENT,
-                                  sizeof(my_destination_mgr));
-  } else if (cinfo->dest->init_destination != init_destination) {
-    /* It is unsafe to reuse the existing destination manager unless it was
-     * created by this function.  Otherwise, there is no guarantee that the
-     * opaque structure is the right size.  Note that we could just create a
-     * new structure, but the old structure would not be freed until
-     * jpeg_destroy_compress() was called.
-     */
-    ERREXIT(cinfo, JERR_BUFFER_SIZE);
-  }
-
-  dest = (my_dest_ptr)cinfo->dest;
-  dest->pub.init_destination = init_destination;
-  dest->pub.empty_output_buffer = empty_output_buffer;
-  dest->pub.term_destination = term_destination;
-  dest->outfile = outfile;
-}
-
-
-#if JPEG_LIB_VERSION >= 80 || defined(MEM_SRCDST_SUPPORTED)
-/*
- * Prepare for output to a memory buffer.
- * The caller may supply an own initial buffer with appropriate size.
- * Otherwise, or when the actual data output exceeds the given size,
- * the library adapts the buffer size as necessary.
- * The standard library functions malloc/free are used for allocating
- * larger memory, so the buffer is available to the application after
- * finishing compression, and then the application is responsible for
- * freeing the requested memory.
- * Note:  An initial buffer supplied by the caller is expected to be
- * managed by the application.  The library does not free such buffer
- * when allocating a larger buffer.
- */
-
-GLOBAL(void)
-jpeg_mem_dest(j_compress_ptr cinfo, unsigned char **outbuffer,
-              unsigned long *outsize)
-{
-  my_mem_dest_ptr dest;
-
-  if (outbuffer == NULL || outsize == NULL)     /* sanity check */
-    ERREXIT(cinfo, JERR_BUFFER_SIZE);
-
-  /* The destination object is made permanent so that multiple JPEG images
-   * can be written to the same buffer without re-executing jpeg_mem_dest.
-   */
-  if (cinfo->dest == NULL) {    /* first time for this JPEG object? */
-    cinfo->dest = (struct jpeg_destination_mgr *)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_PERMANENT,
-                                  sizeof(my_mem_destination_mgr));
-  } else if (cinfo->dest->init_destination != init_mem_destination) {
-    /* It is unsafe to reuse the existing destination manager unless it was
-     * created by this function.
-     */
-    ERREXIT(cinfo, JERR_BUFFER_SIZE);
-  }
-
-  dest = (my_mem_dest_ptr)cinfo->dest;
-  dest->pub.init_destination = init_mem_destination;
-  dest->pub.empty_output_buffer = empty_mem_output_buffer;
-  dest->pub.term_destination = term_mem_destination;
-  dest->outbuffer = outbuffer;
-  dest->outsize = outsize;
-  dest->newbuffer = NULL;
-
-  if (*outbuffer == NULL || *outsize == 0) {
-    /* Allocate initial buffer */
-    dest->newbuffer = *outbuffer = (unsigned char *)malloc(OUTPUT_BUF_SIZE);
-    if (dest->newbuffer == NULL)
-      ERREXIT1(cinfo, JERR_OUT_OF_MEMORY, 10);
-    *outsize = OUTPUT_BUF_SIZE;
-  }
-
-  dest->pub.next_output_byte = dest->buffer = *outbuffer;
-  dest->pub.free_in_buffer = dest->bufsize = *outsize;
-}
-#endif
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdatasrc-tj.c b/3rdparty/libjpeg-turbo_2_1_0/jdatasrc-tj.c
deleted file mode 100644
index 69fb5ea..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdatasrc-tj.c
+++ /dev/null
@@ -1,194 +0,0 @@
-/*
- * jdatasrc-tj.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * Modified 2009-2011 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2011, 2016, 2019, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains decompression data source routines for the case of
- * reading JPEG data from memory or from a file (or any stdio stream).
- * While these routines are sufficient for most applications,
- * some will want to use a different source manager.
- * IMPORTANT: we assume that fread() will correctly transcribe an array of
- * JOCTETs from 8-bit-wide elements on external storage.  If char is wider
- * than 8 bits on your machine, you may need to do some tweaking.
- */
-
-/* this is not a core library module, so it doesn't define JPEG_INTERNALS */
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jerror.h"
-
-void jpeg_mem_src_tj(j_decompress_ptr cinfo, const unsigned char *inbuffer,
-                     unsigned long insize);
-
-
-/*
- * Initialize source --- called by jpeg_read_header
- * before any data is actually read.
- */
-
-METHODDEF(void)
-init_mem_source(j_decompress_ptr cinfo)
-{
-  /* no work necessary here */
-}
-
-
-/*
- * Fill the input buffer --- called whenever buffer is emptied.
- *
- * In typical applications, this should read fresh data into the buffer
- * (ignoring the current state of next_input_byte & bytes_in_buffer),
- * reset the pointer & count to the start of the buffer, and return TRUE
- * indicating that the buffer has been reloaded.  It is not necessary to
- * fill the buffer entirely, only to obtain at least one more byte.
- *
- * There is no such thing as an EOF return.  If the end of the file has been
- * reached, the routine has a choice of ERREXIT() or inserting fake data into
- * the buffer.  In most cases, generating a warning message and inserting a
- * fake EOI marker is the best course of action --- this will allow the
- * decompressor to output however much of the image is there.  However,
- * the resulting error message is misleading if the real problem is an empty
- * input file, so we handle that case specially.
- *
- * In applications that need to be able to suspend compression due to input
- * not being available yet, a FALSE return indicates that no more data can be
- * obtained right now, but more may be forthcoming later.  In this situation,
- * the decompressor will return to its caller (with an indication of the
- * number of scanlines it has read, if any).  The application should resume
- * decompression after it has loaded more data into the input buffer.  Note
- * that there are substantial restrictions on the use of suspension --- see
- * the documentation.
- *
- * When suspending, the decompressor will back up to a convenient restart point
- * (typically the start of the current MCU). next_input_byte & bytes_in_buffer
- * indicate where the restart point will be if the current call returns FALSE.
- * Data beyond this point must be rescanned after resumption, so move it to
- * the front of the buffer rather than discarding it.
- */
-
-METHODDEF(boolean)
-fill_mem_input_buffer(j_decompress_ptr cinfo)
-{
-  static const JOCTET mybuffer[4] = {
-    (JOCTET)0xFF, (JOCTET)JPEG_EOI, 0, 0
-  };
-
-  /* The whole JPEG data is expected to reside in the supplied memory
-   * buffer, so any request for more data beyond the given buffer size
-   * is treated as an error.
-   */
-  WARNMS(cinfo, JWRN_JPEG_EOF);
-
-  /* Insert a fake EOI marker */
-
-  cinfo->src->next_input_byte = mybuffer;
-  cinfo->src->bytes_in_buffer = 2;
-
-  return TRUE;
-}
-
-
-/*
- * Skip data --- used to skip over a potentially large amount of
- * uninteresting data (such as an APPn marker).
- *
- * Writers of suspendable-input applications must note that skip_input_data
- * is not granted the right to give a suspension return.  If the skip extends
- * beyond the data currently in the buffer, the buffer can be marked empty so
- * that the next read will cause a fill_input_buffer call that can suspend.
- * Arranging for additional bytes to be discarded before reloading the input
- * buffer is the application writer's problem.
- */
-
-METHODDEF(void)
-skip_input_data(j_decompress_ptr cinfo, long num_bytes)
-{
-  struct jpeg_source_mgr *src = cinfo->src;
-
-  /* Just a dumb implementation for now.  Could use fseek() except
-   * it doesn't work on pipes.  Not clear that being smart is worth
-   * any trouble anyway --- large skips are infrequent.
-   */
-  if (num_bytes > 0) {
-    while (num_bytes > (long)src->bytes_in_buffer) {
-      num_bytes -= (long)src->bytes_in_buffer;
-      (void)(*src->fill_input_buffer) (cinfo);
-      /* note we assume that fill_input_buffer will never return FALSE,
-       * so suspension need not be handled.
-       */
-    }
-    src->next_input_byte += (size_t)num_bytes;
-    src->bytes_in_buffer -= (size_t)num_bytes;
-  }
-}
-
-
-/*
- * An additional method that can be provided by data source modules is the
- * resync_to_restart method for error recovery in the presence of RST markers.
- * For the moment, this source module just uses the default resync method
- * provided by the JPEG library.  That method assumes that no backtracking
- * is possible.
- */
-
-
-/*
- * Terminate source --- called by jpeg_finish_decompress
- * after all data has been read.  Often a no-op.
- *
- * NB: *not* called by jpeg_abort or jpeg_destroy; surrounding
- * application must deal with any cleanup that should happen even
- * for error exit.
- */
-
-METHODDEF(void)
-term_source(j_decompress_ptr cinfo)
-{
-  /* no work necessary here */
-}
-
-
-/*
- * Prepare for input from a supplied memory buffer.
- * The buffer must contain the whole JPEG data.
- */
-
-GLOBAL(void)
-jpeg_mem_src_tj(j_decompress_ptr cinfo, const unsigned char *inbuffer,
-                unsigned long insize)
-{
-  struct jpeg_source_mgr *src;
-
-  if (inbuffer == NULL || insize == 0)  /* Treat empty input as fatal error */
-    ERREXIT(cinfo, JERR_INPUT_EMPTY);
-
-  /* The source object is made permanent so that a series of JPEG images
-   * can be read from the same buffer by calling jpeg_mem_src only before
-   * the first one.
-   */
-  if (cinfo->src == NULL) {     /* first time for this JPEG object? */
-    cinfo->src = (struct jpeg_source_mgr *)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_PERMANENT,
-                                  sizeof(struct jpeg_source_mgr));
-  } else if (cinfo->src->init_source != init_mem_source) {
-    /* It is unsafe to reuse the existing source manager unless it was created
-     * by this function.
-     */
-    ERREXIT(cinfo, JERR_BUFFER_SIZE);
-  }
-
-  src = cinfo->src;
-  src->init_source = init_mem_source;
-  src->fill_input_buffer = fill_mem_input_buffer;
-  src->skip_input_data = skip_input_data;
-  src->resync_to_restart = jpeg_resync_to_restart; /* use default method */
-  src->term_source = term_source;
-  src->bytes_in_buffer = (size_t)insize;
-  src->next_input_byte = (const JOCTET *)inbuffer;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdatasrc.c b/3rdparty/libjpeg-turbo_2_1_0/jdatasrc.c
deleted file mode 100644
index eadb4a2..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdatasrc.c
+++ /dev/null
@@ -1,295 +0,0 @@
-/*
- * jdatasrc.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * Modified 2009-2011 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2013, 2016, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains decompression data source routines for the case of
- * reading JPEG data from memory or from a file (or any stdio stream).
- * While these routines are sufficient for most applications,
- * some will want to use a different source manager.
- * IMPORTANT: we assume that fread() will correctly transcribe an array of
- * JOCTETs from 8-bit-wide elements on external storage.  If char is wider
- * than 8 bits on your machine, you may need to do some tweaking.
- */
-
-/* this is not a core library module, so it doesn't define JPEG_INTERNALS */
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jerror.h"
-
-
-/* Expanded data source object for stdio input */
-
-typedef struct {
-  struct jpeg_source_mgr pub;   /* public fields */
-
-  FILE *infile;                 /* source stream */
-  JOCTET *buffer;               /* start of buffer */
-  boolean start_of_file;        /* have we gotten any data yet? */
-} my_source_mgr;
-
-typedef my_source_mgr *my_src_ptr;
-
-#define INPUT_BUF_SIZE  4096    /* choose an efficiently fread'able size */
-
-
-/*
- * Initialize source --- called by jpeg_read_header
- * before any data is actually read.
- */
-
-METHODDEF(void)
-init_source(j_decompress_ptr cinfo)
-{
-  my_src_ptr src = (my_src_ptr)cinfo->src;
-
-  /* We reset the empty-input-file flag for each image,
-   * but we don't clear the input buffer.
-   * This is correct behavior for reading a series of images from one source.
-   */
-  src->start_of_file = TRUE;
-}
-
-#if JPEG_LIB_VERSION >= 80 || defined(MEM_SRCDST_SUPPORTED)
-METHODDEF(void)
-init_mem_source(j_decompress_ptr cinfo)
-{
-  /* no work necessary here */
-}
-#endif
-
-
-/*
- * Fill the input buffer --- called whenever buffer is emptied.
- *
- * In typical applications, this should read fresh data into the buffer
- * (ignoring the current state of next_input_byte & bytes_in_buffer),
- * reset the pointer & count to the start of the buffer, and return TRUE
- * indicating that the buffer has been reloaded.  It is not necessary to
- * fill the buffer entirely, only to obtain at least one more byte.
- *
- * There is no such thing as an EOF return.  If the end of the file has been
- * reached, the routine has a choice of ERREXIT() or inserting fake data into
- * the buffer.  In most cases, generating a warning message and inserting a
- * fake EOI marker is the best course of action --- this will allow the
- * decompressor to output however much of the image is there.  However,
- * the resulting error message is misleading if the real problem is an empty
- * input file, so we handle that case specially.
- *
- * In applications that need to be able to suspend compression due to input
- * not being available yet, a FALSE return indicates that no more data can be
- * obtained right now, but more may be forthcoming later.  In this situation,
- * the decompressor will return to its caller (with an indication of the
- * number of scanlines it has read, if any).  The application should resume
- * decompression after it has loaded more data into the input buffer.  Note
- * that there are substantial restrictions on the use of suspension --- see
- * the documentation.
- *
- * When suspending, the decompressor will back up to a convenient restart point
- * (typically the start of the current MCU). next_input_byte & bytes_in_buffer
- * indicate where the restart point will be if the current call returns FALSE.
- * Data beyond this point must be rescanned after resumption, so move it to
- * the front of the buffer rather than discarding it.
- */
-
-METHODDEF(boolean)
-fill_input_buffer(j_decompress_ptr cinfo)
-{
-  my_src_ptr src = (my_src_ptr)cinfo->src;
-  size_t nbytes;
-
-  nbytes = JFREAD(src->infile, src->buffer, INPUT_BUF_SIZE);
-
-  if (nbytes <= 0) {
-    if (src->start_of_file)     /* Treat empty input file as fatal error */
-      ERREXIT(cinfo, JERR_INPUT_EMPTY);
-    WARNMS(cinfo, JWRN_JPEG_EOF);
-    /* Insert a fake EOI marker */
-    src->buffer[0] = (JOCTET)0xFF;
-    src->buffer[1] = (JOCTET)JPEG_EOI;
-    nbytes = 2;
-  }
-
-  src->pub.next_input_byte = src->buffer;
-  src->pub.bytes_in_buffer = nbytes;
-  src->start_of_file = FALSE;
-
-  return TRUE;
-}
-
-#if JPEG_LIB_VERSION >= 80 || defined(MEM_SRCDST_SUPPORTED)
-METHODDEF(boolean)
-fill_mem_input_buffer(j_decompress_ptr cinfo)
-{
-  static const JOCTET mybuffer[4] = {
-    (JOCTET)0xFF, (JOCTET)JPEG_EOI, 0, 0
-  };
-
-  /* The whole JPEG data is expected to reside in the supplied memory
-   * buffer, so any request for more data beyond the given buffer size
-   * is treated as an error.
-   */
-  WARNMS(cinfo, JWRN_JPEG_EOF);
-
-  /* Insert a fake EOI marker */
-
-  cinfo->src->next_input_byte = mybuffer;
-  cinfo->src->bytes_in_buffer = 2;
-
-  return TRUE;
-}
-#endif
-
-
-/*
- * Skip data --- used to skip over a potentially large amount of
- * uninteresting data (such as an APPn marker).
- *
- * Writers of suspendable-input applications must note that skip_input_data
- * is not granted the right to give a suspension return.  If the skip extends
- * beyond the data currently in the buffer, the buffer can be marked empty so
- * that the next read will cause a fill_input_buffer call that can suspend.
- * Arranging for additional bytes to be discarded before reloading the input
- * buffer is the application writer's problem.
- */
-
-METHODDEF(void)
-skip_input_data(j_decompress_ptr cinfo, long num_bytes)
-{
-  struct jpeg_source_mgr *src = cinfo->src;
-
-  /* Just a dumb implementation for now.  Could use fseek() except
-   * it doesn't work on pipes.  Not clear that being smart is worth
-   * any trouble anyway --- large skips are infrequent.
-   */
-  if (num_bytes > 0) {
-    while (num_bytes > (long)src->bytes_in_buffer) {
-      num_bytes -= (long)src->bytes_in_buffer;
-      (void)(*src->fill_input_buffer) (cinfo);
-      /* note we assume that fill_input_buffer will never return FALSE,
-       * so suspension need not be handled.
-       */
-    }
-    src->next_input_byte += (size_t)num_bytes;
-    src->bytes_in_buffer -= (size_t)num_bytes;
-  }
-}
-
-
-/*
- * An additional method that can be provided by data source modules is the
- * resync_to_restart method for error recovery in the presence of RST markers.
- * For the moment, this source module just uses the default resync method
- * provided by the JPEG library.  That method assumes that no backtracking
- * is possible.
- */
-
-
-/*
- * Terminate source --- called by jpeg_finish_decompress
- * after all data has been read.  Often a no-op.
- *
- * NB: *not* called by jpeg_abort or jpeg_destroy; surrounding
- * application must deal with any cleanup that should happen even
- * for error exit.
- */
-
-METHODDEF(void)
-term_source(j_decompress_ptr cinfo)
-{
-  /* no work necessary here */
-}
-
-
-/*
- * Prepare for input from a stdio stream.
- * The caller must have already opened the stream, and is responsible
- * for closing it after finishing decompression.
- */
-
-GLOBAL(void)
-jpeg_stdio_src(j_decompress_ptr cinfo, FILE *infile)
-{
-  my_src_ptr src;
-
-  /* The source object and input buffer are made permanent so that a series
-   * of JPEG images can be read from the same file by calling jpeg_stdio_src
-   * only before the first one.  (If we discarded the buffer at the end of
-   * one image, we'd likely lose the start of the next one.)
-   */
-  if (cinfo->src == NULL) {     /* first time for this JPEG object? */
-    cinfo->src = (struct jpeg_source_mgr *)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_PERMANENT,
-                                  sizeof(my_source_mgr));
-    src = (my_src_ptr)cinfo->src;
-    src->buffer = (JOCTET *)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_PERMANENT,
-                                  INPUT_BUF_SIZE * sizeof(JOCTET));
-  } else if (cinfo->src->init_source != init_source) {
-    /* It is unsafe to reuse the existing source manager unless it was created
-     * by this function.  Otherwise, there is no guarantee that the opaque
-     * structure is the right size.  Note that we could just create a new
-     * structure, but the old structure would not be freed until
-     * jpeg_destroy_decompress() was called.
-     */
-    ERREXIT(cinfo, JERR_BUFFER_SIZE);
-  }
-
-  src = (my_src_ptr)cinfo->src;
-  src->pub.init_source = init_source;
-  src->pub.fill_input_buffer = fill_input_buffer;
-  src->pub.skip_input_data = skip_input_data;
-  src->pub.resync_to_restart = jpeg_resync_to_restart; /* use default method */
-  src->pub.term_source = term_source;
-  src->infile = infile;
-  src->pub.bytes_in_buffer = 0; /* forces fill_input_buffer on first read */
-  src->pub.next_input_byte = NULL; /* until buffer loaded */
-}
-
-
-#if JPEG_LIB_VERSION >= 80 || defined(MEM_SRCDST_SUPPORTED)
-/*
- * Prepare for input from a supplied memory buffer.
- * The buffer must contain the whole JPEG data.
- */
-
-GLOBAL(void)
-jpeg_mem_src(j_decompress_ptr cinfo, const unsigned char *inbuffer,
-             unsigned long insize)
-{
-  struct jpeg_source_mgr *src;
-
-  if (inbuffer == NULL || insize == 0)  /* Treat empty input as fatal error */
-    ERREXIT(cinfo, JERR_INPUT_EMPTY);
-
-  /* The source object is made permanent so that a series of JPEG images
-   * can be read from the same buffer by calling jpeg_mem_src only before
-   * the first one.
-   */
-  if (cinfo->src == NULL) {     /* first time for this JPEG object? */
-    cinfo->src = (struct jpeg_source_mgr *)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_PERMANENT,
-                                  sizeof(struct jpeg_source_mgr));
-  } else if (cinfo->src->init_source != init_mem_source) {
-    /* It is unsafe to reuse the existing source manager unless it was created
-     * by this function.
-     */
-    ERREXIT(cinfo, JERR_BUFFER_SIZE);
-  }
-
-  src = cinfo->src;
-  src->init_source = init_mem_source;
-  src->fill_input_buffer = fill_mem_input_buffer;
-  src->skip_input_data = skip_input_data;
-  src->resync_to_restart = jpeg_resync_to_restart; /* use default method */
-  src->term_source = term_source;
-  src->bytes_in_buffer = (size_t)insize;
-  src->next_input_byte = (const JOCTET *)inbuffer;
-}
-#endif
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdcoefct.c b/3rdparty/libjpeg-turbo_2_1_0/jdcoefct.c
deleted file mode 100644
index 15e6cde..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdcoefct.c
+++ /dev/null
@@ -1,878 +0,0 @@
-/*
- * jdcoefct.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1997, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2010, 2015-2016, 2019-2020, D. R. Commander.
- * Copyright (C) 2015, 2020, Google, Inc.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains the coefficient buffer controller for decompression.
- * This controller is the top level of the JPEG decompressor proper.
- * The coefficient buffer lies between entropy decoding and inverse-DCT steps.
- *
- * In buffered-image mode, this controller is the interface between
- * input-oriented processing and output-oriented processing.
- * Also, the input side (only) is used when reading a file for transcoding.
- */
-
-#include "jinclude.h"
-#include "jdcoefct.h"
-#include "jpegcomp.h"
-
-
-/* Forward declarations */
-METHODDEF(int) decompress_onepass(j_decompress_ptr cinfo,
-                                  JSAMPIMAGE output_buf);
-#ifdef D_MULTISCAN_FILES_SUPPORTED
-METHODDEF(int) decompress_data(j_decompress_ptr cinfo, JSAMPIMAGE output_buf);
-#endif
-#ifdef BLOCK_SMOOTHING_SUPPORTED
-LOCAL(boolean) smoothing_ok(j_decompress_ptr cinfo);
-METHODDEF(int) decompress_smooth_data(j_decompress_ptr cinfo,
-                                      JSAMPIMAGE output_buf);
-#endif
-
-
-/*
- * Initialize for an input processing pass.
- */
-
-METHODDEF(void)
-start_input_pass(j_decompress_ptr cinfo)
-{
-  cinfo->input_iMCU_row = 0;
-  start_iMCU_row(cinfo);
-}
-
-
-/*
- * Initialize for an output processing pass.
- */
-
-METHODDEF(void)
-start_output_pass(j_decompress_ptr cinfo)
-{
-#ifdef BLOCK_SMOOTHING_SUPPORTED
-  my_coef_ptr coef = (my_coef_ptr)cinfo->coef;
-
-  /* If multipass, check to see whether to use block smoothing on this pass */
-  if (coef->pub.coef_arrays != NULL) {
-    if (cinfo->do_block_smoothing && smoothing_ok(cinfo))
-      coef->pub.decompress_data = decompress_smooth_data;
-    else
-      coef->pub.decompress_data = decompress_data;
-  }
-#endif
-  cinfo->output_iMCU_row = 0;
-}
-
-
-/*
- * Decompress and return some data in the single-pass case.
- * Always attempts to emit one fully interleaved MCU row ("iMCU" row).
- * Input and output must run in lockstep since we have only a one-MCU buffer.
- * Return value is JPEG_ROW_COMPLETED, JPEG_SCAN_COMPLETED, or JPEG_SUSPENDED.
- *
- * NB: output_buf contains a plane for each component in image,
- * which we index according to the component's SOF position.
- */
-
-METHODDEF(int)
-decompress_onepass(j_decompress_ptr cinfo, JSAMPIMAGE output_buf)
-{
-  my_coef_ptr coef = (my_coef_ptr)cinfo->coef;
-  JDIMENSION MCU_col_num;       /* index of current MCU within row */
-  JDIMENSION last_MCU_col = cinfo->MCUs_per_row - 1;
-  JDIMENSION last_iMCU_row = cinfo->total_iMCU_rows - 1;
-  int blkn, ci, xindex, yindex, yoffset, useful_width;
-  JSAMPARRAY output_ptr;
-  JDIMENSION start_col, output_col;
-  jpeg_component_info *compptr;
-  inverse_DCT_method_ptr inverse_DCT;
-
-  /* Loop to process as much as one whole iMCU row */
-  for (yoffset = coef->MCU_vert_offset; yoffset < coef->MCU_rows_per_iMCU_row;
-       yoffset++) {
-    for (MCU_col_num = coef->MCU_ctr; MCU_col_num <= last_MCU_col;
-         MCU_col_num++) {
-      /* Try to fetch an MCU.  Entropy decoder expects buffer to be zeroed. */
-      jzero_far((void *)coef->MCU_buffer[0],
-                (size_t)(cinfo->blocks_in_MCU * sizeof(JBLOCK)));
-      if (!cinfo->entropy->insufficient_data)
-        cinfo->master->last_good_iMCU_row = cinfo->input_iMCU_row;
-      if (!(*cinfo->entropy->decode_mcu) (cinfo, coef->MCU_buffer)) {
-        /* Suspension forced; update state counters and exit */
-        coef->MCU_vert_offset = yoffset;
-        coef->MCU_ctr = MCU_col_num;
-        return JPEG_SUSPENDED;
-      }
-
-      /* Only perform the IDCT on blocks that are contained within the desired
-       * cropping region.
-       */
-      if (MCU_col_num >= cinfo->master->first_iMCU_col &&
-          MCU_col_num <= cinfo->master->last_iMCU_col) {
-        /* Determine where data should go in output_buf and do the IDCT thing.
-         * We skip dummy blocks at the right and bottom edges (but blkn gets
-         * incremented past them!).  Note the inner loop relies on having
-         * allocated the MCU_buffer[] blocks sequentially.
-         */
-        blkn = 0;               /* index of current DCT block within MCU */
-        for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-          compptr = cinfo->cur_comp_info[ci];
-          /* Don't bother to IDCT an uninteresting component. */
-          if (!compptr->component_needed) {
-            blkn += compptr->MCU_blocks;
-            continue;
-          }
-          inverse_DCT = cinfo->idct->inverse_DCT[compptr->component_index];
-          useful_width = (MCU_col_num < last_MCU_col) ?
-                         compptr->MCU_width : compptr->last_col_width;
-          output_ptr = output_buf[compptr->component_index] +
-                       yoffset * compptr->_DCT_scaled_size;
-          start_col = (MCU_col_num - cinfo->master->first_iMCU_col) *
-                      compptr->MCU_sample_width;
-          for (yindex = 0; yindex < compptr->MCU_height; yindex++) {
-            if (cinfo->input_iMCU_row < last_iMCU_row ||
-                yoffset + yindex < compptr->last_row_height) {
-              output_col = start_col;
-              for (xindex = 0; xindex < useful_width; xindex++) {
-                (*inverse_DCT) (cinfo, compptr,
-                                (JCOEFPTR)coef->MCU_buffer[blkn + xindex],
-                                output_ptr, output_col);
-                output_col += compptr->_DCT_scaled_size;
-              }
-            }
-            blkn += compptr->MCU_width;
-            output_ptr += compptr->_DCT_scaled_size;
-          }
-        }
-      }
-    }
-    /* Completed an MCU row, but perhaps not an iMCU row */
-    coef->MCU_ctr = 0;
-  }
-  /* Completed the iMCU row, advance counters for next one */
-  cinfo->output_iMCU_row++;
-  if (++(cinfo->input_iMCU_row) < cinfo->total_iMCU_rows) {
-    start_iMCU_row(cinfo);
-    return JPEG_ROW_COMPLETED;
-  }
-  /* Completed the scan */
-  (*cinfo->inputctl->finish_input_pass) (cinfo);
-  return JPEG_SCAN_COMPLETED;
-}
-
-
-/*
- * Dummy consume-input routine for single-pass operation.
- */
-
-METHODDEF(int)
-dummy_consume_data(j_decompress_ptr cinfo)
-{
-  return JPEG_SUSPENDED;        /* Always indicate nothing was done */
-}
-
-
-#ifdef D_MULTISCAN_FILES_SUPPORTED
-
-/*
- * Consume input data and store it in the full-image coefficient buffer.
- * We read as much as one fully interleaved MCU row ("iMCU" row) per call,
- * ie, v_samp_factor block rows for each component in the scan.
- * Return value is JPEG_ROW_COMPLETED, JPEG_SCAN_COMPLETED, or JPEG_SUSPENDED.
- */
-
-METHODDEF(int)
-consume_data(j_decompress_ptr cinfo)
-{
-  my_coef_ptr coef = (my_coef_ptr)cinfo->coef;
-  JDIMENSION MCU_col_num;       /* index of current MCU within row */
-  int blkn, ci, xindex, yindex, yoffset;
-  JDIMENSION start_col;
-  JBLOCKARRAY buffer[MAX_COMPS_IN_SCAN];
-  JBLOCKROW buffer_ptr;
-  jpeg_component_info *compptr;
-
-  /* Align the virtual buffers for the components used in this scan. */
-  for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-    compptr = cinfo->cur_comp_info[ci];
-    buffer[ci] = (*cinfo->mem->access_virt_barray)
-      ((j_common_ptr)cinfo, coef->whole_image[compptr->component_index],
-       cinfo->input_iMCU_row * compptr->v_samp_factor,
-       (JDIMENSION)compptr->v_samp_factor, TRUE);
-    /* Note: entropy decoder expects buffer to be zeroed,
-     * but this is handled automatically by the memory manager
-     * because we requested a pre-zeroed array.
-     */
-  }
-
-  /* Loop to process one whole iMCU row */
-  for (yoffset = coef->MCU_vert_offset; yoffset < coef->MCU_rows_per_iMCU_row;
-       yoffset++) {
-    for (MCU_col_num = coef->MCU_ctr; MCU_col_num < cinfo->MCUs_per_row;
-         MCU_col_num++) {
-      /* Construct list of pointers to DCT blocks belonging to this MCU */
-      blkn = 0;                 /* index of current DCT block within MCU */
-      for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-        compptr = cinfo->cur_comp_info[ci];
-        start_col = MCU_col_num * compptr->MCU_width;
-        for (yindex = 0; yindex < compptr->MCU_height; yindex++) {
-          buffer_ptr = buffer[ci][yindex + yoffset] + start_col;
-          for (xindex = 0; xindex < compptr->MCU_width; xindex++) {
-            coef->MCU_buffer[blkn++] = buffer_ptr++;
-          }
-        }
-      }
-      if (!cinfo->entropy->insufficient_data)
-        cinfo->master->last_good_iMCU_row = cinfo->input_iMCU_row;
-      /* Try to fetch the MCU. */
-      if (!(*cinfo->entropy->decode_mcu) (cinfo, coef->MCU_buffer)) {
-        /* Suspension forced; update state counters and exit */
-        coef->MCU_vert_offset = yoffset;
-        coef->MCU_ctr = MCU_col_num;
-        return JPEG_SUSPENDED;
-      }
-    }
-    /* Completed an MCU row, but perhaps not an iMCU row */
-    coef->MCU_ctr = 0;
-  }
-  /* Completed the iMCU row, advance counters for next one */
-  if (++(cinfo->input_iMCU_row) < cinfo->total_iMCU_rows) {
-    start_iMCU_row(cinfo);
-    return JPEG_ROW_COMPLETED;
-  }
-  /* Completed the scan */
-  (*cinfo->inputctl->finish_input_pass) (cinfo);
-  return JPEG_SCAN_COMPLETED;
-}
-
-
-/*
- * Decompress and return some data in the multi-pass case.
- * Always attempts to emit one fully interleaved MCU row ("iMCU" row).
- * Return value is JPEG_ROW_COMPLETED, JPEG_SCAN_COMPLETED, or JPEG_SUSPENDED.
- *
- * NB: output_buf contains a plane for each component in image.
- */
-
-METHODDEF(int)
-decompress_data(j_decompress_ptr cinfo, JSAMPIMAGE output_buf)
-{
-  my_coef_ptr coef = (my_coef_ptr)cinfo->coef;
-  JDIMENSION last_iMCU_row = cinfo->total_iMCU_rows - 1;
-  JDIMENSION block_num;
-  int ci, block_row, block_rows;
-  JBLOCKARRAY buffer;
-  JBLOCKROW buffer_ptr;
-  JSAMPARRAY output_ptr;
-  JDIMENSION output_col;
-  jpeg_component_info *compptr;
-  inverse_DCT_method_ptr inverse_DCT;
-
-  /* Force some input to be done if we are getting ahead of the input. */
-  while (cinfo->input_scan_number < cinfo->output_scan_number ||
-         (cinfo->input_scan_number == cinfo->output_scan_number &&
-          cinfo->input_iMCU_row <= cinfo->output_iMCU_row)) {
-    if ((*cinfo->inputctl->consume_input) (cinfo) == JPEG_SUSPENDED)
-      return JPEG_SUSPENDED;
-  }
-
-  /* OK, output from the virtual arrays. */
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    /* Don't bother to IDCT an uninteresting component. */
-    if (!compptr->component_needed)
-      continue;
-    /* Align the virtual buffer for this component. */
-    buffer = (*cinfo->mem->access_virt_barray)
-      ((j_common_ptr)cinfo, coef->whole_image[ci],
-       cinfo->output_iMCU_row * compptr->v_samp_factor,
-       (JDIMENSION)compptr->v_samp_factor, FALSE);
-    /* Count non-dummy DCT block rows in this iMCU row. */
-    if (cinfo->output_iMCU_row < last_iMCU_row)
-      block_rows = compptr->v_samp_factor;
-    else {
-      /* NB: can't use last_row_height here; it is input-side-dependent! */
-      block_rows = (int)(compptr->height_in_blocks % compptr->v_samp_factor);
-      if (block_rows == 0) block_rows = compptr->v_samp_factor;
-    }
-    inverse_DCT = cinfo->idct->inverse_DCT[ci];
-    output_ptr = output_buf[ci];
-    /* Loop over all DCT blocks to be processed. */
-    for (block_row = 0; block_row < block_rows; block_row++) {
-      buffer_ptr = buffer[block_row] + cinfo->master->first_MCU_col[ci];
-      output_col = 0;
-      for (block_num = cinfo->master->first_MCU_col[ci];
-           block_num <= cinfo->master->last_MCU_col[ci]; block_num++) {
-        (*inverse_DCT) (cinfo, compptr, (JCOEFPTR)buffer_ptr, output_ptr,
-                        output_col);
-        buffer_ptr++;
-        output_col += compptr->_DCT_scaled_size;
-      }
-      output_ptr += compptr->_DCT_scaled_size;
-    }
-  }
-
-  if (++(cinfo->output_iMCU_row) < cinfo->total_iMCU_rows)
-    return JPEG_ROW_COMPLETED;
-  return JPEG_SCAN_COMPLETED;
-}
-
-#endif /* D_MULTISCAN_FILES_SUPPORTED */
-
-
-#ifdef BLOCK_SMOOTHING_SUPPORTED
-
-/*
- * This code applies interblock smoothing; the first 9 AC coefficients are
- * estimated from the DC values of a DCT block and its 24 neighboring blocks.
- * We apply smoothing only for progressive JPEG decoding, and only if
- * the coefficients it can estimate are not yet known to full precision.
- */
-
-/* Natural-order array positions of the first 9 zigzag-order coefficients */
-#define Q01_POS  1
-#define Q10_POS  8
-#define Q20_POS  16
-#define Q11_POS  9
-#define Q02_POS  2
-#define Q03_POS  3
-#define Q12_POS  10
-#define Q21_POS  17
-#define Q30_POS  24
-
-/*
- * Determine whether block smoothing is applicable and safe.
- * We also latch the current states of the coef_bits[] entries for the
- * AC coefficients; otherwise, if the input side of the decompressor
- * advances into a new scan, we might think the coefficients are known
- * more accurately than they really are.
- */
-
-LOCAL(boolean)
-smoothing_ok(j_decompress_ptr cinfo)
-{
-  my_coef_ptr coef = (my_coef_ptr)cinfo->coef;
-  boolean smoothing_useful = FALSE;
-  int ci, coefi;
-  jpeg_component_info *compptr;
-  JQUANT_TBL *qtable;
-  int *coef_bits, *prev_coef_bits;
-  int *coef_bits_latch, *prev_coef_bits_latch;
-
-  if (!cinfo->progressive_mode || cinfo->coef_bits == NULL)
-    return FALSE;
-
-  /* Allocate latch area if not already done */
-  if (coef->coef_bits_latch == NULL)
-    coef->coef_bits_latch = (int *)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                  cinfo->num_components * 2 *
-                                  (SAVED_COEFS * sizeof(int)));
-  coef_bits_latch = coef->coef_bits_latch;
-  prev_coef_bits_latch =
-    &coef->coef_bits_latch[cinfo->num_components * SAVED_COEFS];
-
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    /* All components' quantization values must already be latched. */
-    if ((qtable = compptr->quant_table) == NULL)
-      return FALSE;
-    /* Verify DC & first 9 AC quantizers are nonzero to avoid zero-divide. */
-    if (qtable->quantval[0] == 0 ||
-        qtable->quantval[Q01_POS] == 0 ||
-        qtable->quantval[Q10_POS] == 0 ||
-        qtable->quantval[Q20_POS] == 0 ||
-        qtable->quantval[Q11_POS] == 0 ||
-        qtable->quantval[Q02_POS] == 0 ||
-        qtable->quantval[Q03_POS] == 0 ||
-        qtable->quantval[Q12_POS] == 0 ||
-        qtable->quantval[Q21_POS] == 0 ||
-        qtable->quantval[Q30_POS] == 0)
-      return FALSE;
-    /* DC values must be at least partly known for all components. */
-    coef_bits = cinfo->coef_bits[ci];
-    prev_coef_bits = cinfo->coef_bits[ci + cinfo->num_components];
-    if (coef_bits[0] < 0)
-      return FALSE;
-    coef_bits_latch[0] = coef_bits[0];
-    /* Block smoothing is helpful if some AC coefficients remain inaccurate. */
-    for (coefi = 1; coefi < SAVED_COEFS; coefi++) {
-      if (cinfo->input_scan_number > 1)
-        prev_coef_bits_latch[coefi] = prev_coef_bits[coefi];
-      else
-        prev_coef_bits_latch[coefi] = -1;
-      coef_bits_latch[coefi] = coef_bits[coefi];
-      if (coef_bits[coefi] != 0)
-        smoothing_useful = TRUE;
-    }
-    coef_bits_latch += SAVED_COEFS;
-    prev_coef_bits_latch += SAVED_COEFS;
-  }
-
-  return smoothing_useful;
-}
-
-
-/*
- * Variant of decompress_data for use when doing block smoothing.
- */
-
-METHODDEF(int)
-decompress_smooth_data(j_decompress_ptr cinfo, JSAMPIMAGE output_buf)
-{
-  my_coef_ptr coef = (my_coef_ptr)cinfo->coef;
-  JDIMENSION last_iMCU_row = cinfo->total_iMCU_rows - 1;
-  JDIMENSION block_num, last_block_column;
-  int ci, block_row, block_rows, access_rows;
-  JBLOCKARRAY buffer;
-  JBLOCKROW buffer_ptr, prev_prev_block_row, prev_block_row;
-  JBLOCKROW next_block_row, next_next_block_row;
-  JSAMPARRAY output_ptr;
-  JDIMENSION output_col;
-  jpeg_component_info *compptr;
-  inverse_DCT_method_ptr inverse_DCT;
-  boolean change_dc;
-  JCOEF *workspace;
-  int *coef_bits;
-  JQUANT_TBL *quanttbl;
-  JLONG Q00, Q01, Q02, Q03 = 0, Q10, Q11, Q12 = 0, Q20, Q21 = 0, Q30 = 0, num;
-  int DC01, DC02, DC03, DC04, DC05, DC06, DC07, DC08, DC09, DC10, DC11, DC12,
-      DC13, DC14, DC15, DC16, DC17, DC18, DC19, DC20, DC21, DC22, DC23, DC24,
-      DC25;
-  int Al, pred;
-
-  /* Keep a local variable to avoid looking it up more than once */
-  workspace = coef->workspace;
-
-  /* Force some input to be done if we are getting ahead of the input. */
-  while (cinfo->input_scan_number <= cinfo->output_scan_number &&
-         !cinfo->inputctl->eoi_reached) {
-    if (cinfo->input_scan_number == cinfo->output_scan_number) {
-      /* If input is working on current scan, we ordinarily want it to
-       * have completed the current row.  But if input scan is DC,
-       * we want it to keep two rows ahead so that next two block rows' DC
-       * values are up to date.
-       */
-      JDIMENSION delta = (cinfo->Ss == 0) ? 2 : 0;
-      if (cinfo->input_iMCU_row > cinfo->output_iMCU_row + delta)
-        break;
-    }
-    if ((*cinfo->inputctl->consume_input) (cinfo) == JPEG_SUSPENDED)
-      return JPEG_SUSPENDED;
-  }
-
-  /* OK, output from the virtual arrays. */
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    /* Don't bother to IDCT an uninteresting component. */
-    if (!compptr->component_needed)
-      continue;
-    /* Count non-dummy DCT block rows in this iMCU row. */
-    if (cinfo->output_iMCU_row < last_iMCU_row - 1) {
-      block_rows = compptr->v_samp_factor;
-      access_rows = block_rows * 3; /* this and next two iMCU rows */
-    } else if (cinfo->output_iMCU_row < last_iMCU_row) {
-      block_rows = compptr->v_samp_factor;
-      access_rows = block_rows * 2; /* this and next iMCU row */
-    } else {
-      /* NB: can't use last_row_height here; it is input-side-dependent! */
-      block_rows = (int)(compptr->height_in_blocks % compptr->v_samp_factor);
-      if (block_rows == 0) block_rows = compptr->v_samp_factor;
-      access_rows = block_rows; /* this iMCU row only */
-    }
-    /* Align the virtual buffer for this component. */
-    if (cinfo->output_iMCU_row > 1) {
-      access_rows += 2 * compptr->v_samp_factor; /* prior two iMCU rows too */
-      buffer = (*cinfo->mem->access_virt_barray)
-        ((j_common_ptr)cinfo, coef->whole_image[ci],
-         (cinfo->output_iMCU_row - 2) * compptr->v_samp_factor,
-         (JDIMENSION)access_rows, FALSE);
-      buffer += 2 * compptr->v_samp_factor; /* point to current iMCU row */
-    } else if (cinfo->output_iMCU_row > 0) {
-      buffer = (*cinfo->mem->access_virt_barray)
-        ((j_common_ptr)cinfo, coef->whole_image[ci],
-         (cinfo->output_iMCU_row - 1) * compptr->v_samp_factor,
-         (JDIMENSION)access_rows, FALSE);
-      buffer += compptr->v_samp_factor; /* point to current iMCU row */
-    } else {
-      buffer = (*cinfo->mem->access_virt_barray)
-        ((j_common_ptr)cinfo, coef->whole_image[ci],
-         (JDIMENSION)0, (JDIMENSION)access_rows, FALSE);
-    }
-    /* Fetch component-dependent info.
-     * If the current scan is incomplete, then we use the component-dependent
-     * info from the previous scan.
-     */
-    if (cinfo->output_iMCU_row > cinfo->master->last_good_iMCU_row)
-      coef_bits =
-        coef->coef_bits_latch + ((ci + cinfo->num_components) * SAVED_COEFS);
-    else
-      coef_bits = coef->coef_bits_latch + (ci * SAVED_COEFS);
-
-    /* We only do DC interpolation if no AC coefficient data is available. */
-    change_dc =
-      coef_bits[1] == -1 && coef_bits[2] == -1 && coef_bits[3] == -1 &&
-      coef_bits[4] == -1 && coef_bits[5] == -1 && coef_bits[6] == -1 &&
-      coef_bits[7] == -1 && coef_bits[8] == -1 && coef_bits[9] == -1;
-
-    quanttbl = compptr->quant_table;
-    Q00 = quanttbl->quantval[0];
-    Q01 = quanttbl->quantval[Q01_POS];
-    Q10 = quanttbl->quantval[Q10_POS];
-    Q20 = quanttbl->quantval[Q20_POS];
-    Q11 = quanttbl->quantval[Q11_POS];
-    Q02 = quanttbl->quantval[Q02_POS];
-    if (change_dc) {
-      Q03 = quanttbl->quantval[Q03_POS];
-      Q12 = quanttbl->quantval[Q12_POS];
-      Q21 = quanttbl->quantval[Q21_POS];
-      Q30 = quanttbl->quantval[Q30_POS];
-    }
-    inverse_DCT = cinfo->idct->inverse_DCT[ci];
-    output_ptr = output_buf[ci];
-    /* Loop over all DCT blocks to be processed. */
-    for (block_row = 0; block_row < block_rows; block_row++) {
-      buffer_ptr = buffer[block_row] + cinfo->master->first_MCU_col[ci];
-
-      if (block_row > 0 || cinfo->output_iMCU_row > 0)
-        prev_block_row =
-          buffer[block_row - 1] + cinfo->master->first_MCU_col[ci];
-      else
-        prev_block_row = buffer_ptr;
-
-      if (block_row > 1 || cinfo->output_iMCU_row > 1)
-        prev_prev_block_row =
-          buffer[block_row - 2] + cinfo->master->first_MCU_col[ci];
-      else
-        prev_prev_block_row = prev_block_row;
-
-      if (block_row < block_rows - 1 || cinfo->output_iMCU_row < last_iMCU_row)
-        next_block_row =
-          buffer[block_row + 1] + cinfo->master->first_MCU_col[ci];
-      else
-        next_block_row = buffer_ptr;
-
-      if (block_row < block_rows - 2 ||
-          cinfo->output_iMCU_row < last_iMCU_row - 1)
-        next_next_block_row =
-          buffer[block_row + 2] + cinfo->master->first_MCU_col[ci];
-      else
-        next_next_block_row = next_block_row;
-
-      /* We fetch the surrounding DC values using a sliding-register approach.
-       * Initialize all 25 here so as to do the right thing on narrow pics.
-       */
-      DC01 = DC02 = DC03 = DC04 = DC05 = (int)prev_prev_block_row[0][0];
-      DC06 = DC07 = DC08 = DC09 = DC10 = (int)prev_block_row[0][0];
-      DC11 = DC12 = DC13 = DC14 = DC15 = (int)buffer_ptr[0][0];
-      DC16 = DC17 = DC18 = DC19 = DC20 = (int)next_block_row[0][0];
-      DC21 = DC22 = DC23 = DC24 = DC25 = (int)next_next_block_row[0][0];
-      output_col = 0;
-      last_block_column = compptr->width_in_blocks - 1;
-      for (block_num = cinfo->master->first_MCU_col[ci];
-           block_num <= cinfo->master->last_MCU_col[ci]; block_num++) {
-        /* Fetch current DCT block into workspace so we can modify it. */
-        jcopy_block_row(buffer_ptr, (JBLOCKROW)workspace, (JDIMENSION)1);
-        /* Update DC values */
-        if (block_num == cinfo->master->first_MCU_col[ci] &&
-            block_num < last_block_column) {
-          DC04 = (int)prev_prev_block_row[1][0];
-          DC09 = (int)prev_block_row[1][0];
-          DC14 = (int)buffer_ptr[1][0];
-          DC19 = (int)next_block_row[1][0];
-          DC24 = (int)next_next_block_row[1][0];
-        }
-        if (block_num + 1 < last_block_column) {
-          DC05 = (int)prev_prev_block_row[2][0];
-          DC10 = (int)prev_block_row[2][0];
-          DC15 = (int)buffer_ptr[2][0];
-          DC20 = (int)next_block_row[2][0];
-          DC25 = (int)next_next_block_row[2][0];
-        }
-        /* If DC interpolation is enabled, compute coefficient estimates using
-         * a Gaussian-like kernel, keeping the averages of the DC values.
-         *
-         * If DC interpolation is disabled, compute coefficient estimates using
-         * an algorithm similar to the one described in Section K.8 of the JPEG
-         * standard, except applied to a 5x5 window rather than a 3x3 window.
-         *
-         * An estimate is applied only if the coefficient is still zero and is
-         * not known to be fully accurate.
-         */
-        /* AC01 */
-        if ((Al = coef_bits[1]) != 0 && workspace[1] == 0) {
-          num = Q00 * (change_dc ?
-                (-DC01 - DC02 + DC04 + DC05 - 3 * DC06 + 13 * DC07 -
-                 13 * DC09 + 3 * DC10 - 3 * DC11 + 38 * DC12 - 38 * DC14 +
-                 3 * DC15 - 3 * DC16 + 13 * DC17 - 13 * DC19 + 3 * DC20 -
-                 DC21 - DC22 + DC24 + DC25) :
-                (-7 * DC11 + 50 * DC12 - 50 * DC14 + 7 * DC15));
-          if (num >= 0) {
-            pred = (int)(((Q01 << 7) + num) / (Q01 << 8));
-            if (Al > 0 && pred >= (1 << Al))
-              pred = (1 << Al) - 1;
-          } else {
-            pred = (int)(((Q01 << 7) - num) / (Q01 << 8));
-            if (Al > 0 && pred >= (1 << Al))
-              pred = (1 << Al) - 1;
-            pred = -pred;
-          }
-          workspace[1] = (JCOEF)pred;
-        }
-        /* AC10 */
-        if ((Al = coef_bits[2]) != 0 && workspace[8] == 0) {
-          num = Q00 * (change_dc ?
-                (-DC01 - 3 * DC02 - 3 * DC03 - 3 * DC04 - DC05 - DC06 +
-                 13 * DC07 + 38 * DC08 + 13 * DC09 - DC10 + DC16 -
-                 13 * DC17 - 38 * DC18 - 13 * DC19 + DC20 + DC21 +
-                 3 * DC22 + 3 * DC23 + 3 * DC24 + DC25) :
-                (-7 * DC03 + 50 * DC08 - 50 * DC18 + 7 * DC23));
-          if (num >= 0) {
-            pred = (int)(((Q10 << 7) + num) / (Q10 << 8));
-            if (Al > 0 && pred >= (1 << Al))
-              pred = (1 << Al) - 1;
-          } else {
-            pred = (int)(((Q10 << 7) - num) / (Q10 << 8));
-            if (Al > 0 && pred >= (1 << Al))
-              pred = (1 << Al) - 1;
-            pred = -pred;
-          }
-          workspace[8] = (JCOEF)pred;
-        }
-        /* AC20 */
-        if ((Al = coef_bits[3]) != 0 && workspace[16] == 0) {
-          num = Q00 * (change_dc ?
-                (DC03 + 2 * DC07 + 7 * DC08 + 2 * DC09 - 5 * DC12 - 14 * DC13 -
-                 5 * DC14 + 2 * DC17 + 7 * DC18 + 2 * DC19 + DC23) :
-                (-DC03 + 13 * DC08 - 24 * DC13 + 13 * DC18 - DC23));
-          if (num >= 0) {
-            pred = (int)(((Q20 << 7) + num) / (Q20 << 8));
-            if (Al > 0 && pred >= (1 << Al))
-              pred = (1 << Al) - 1;
-          } else {
-            pred = (int)(((Q20 << 7) - num) / (Q20 << 8));
-            if (Al > 0 && pred >= (1 << Al))
-              pred = (1 << Al) - 1;
-            pred = -pred;
-          }
-          workspace[16] = (JCOEF)pred;
-        }
-        /* AC11 */
-        if ((Al = coef_bits[4]) != 0 && workspace[9] == 0) {
-          num = Q00 * (change_dc ?
-                (-DC01 + DC05 + 9 * DC07 - 9 * DC09 - 9 * DC17 +
-                 9 * DC19 + DC21 - DC25) :
-                (DC10 + DC16 - 10 * DC17 + 10 * DC19 - DC02 - DC20 + DC22 -
-                 DC24 + DC04 - DC06 + 10 * DC07 - 10 * DC09));
-          if (num >= 0) {
-            pred = (int)(((Q11 << 7) + num) / (Q11 << 8));
-            if (Al > 0 && pred >= (1 << Al))
-              pred = (1 << Al) - 1;
-          } else {
-            pred = (int)(((Q11 << 7) - num) / (Q11 << 8));
-            if (Al > 0 && pred >= (1 << Al))
-              pred = (1 << Al) - 1;
-            pred = -pred;
-          }
-          workspace[9] = (JCOEF)pred;
-        }
-        /* AC02 */
-        if ((Al = coef_bits[5]) != 0 && workspace[2] == 0) {
-          num = Q00 * (change_dc ?
-                (2 * DC07 - 5 * DC08 + 2 * DC09 + DC11 + 7 * DC12 - 14 * DC13 +
-                 7 * DC14 + DC15 + 2 * DC17 - 5 * DC18 + 2 * DC19) :
-                (-DC11 + 13 * DC12 - 24 * DC13 + 13 * DC14 - DC15));
-          if (num >= 0) {
-            pred = (int)(((Q02 << 7) + num) / (Q02 << 8));
-            if (Al > 0 && pred >= (1 << Al))
-              pred = (1 << Al) - 1;
-          } else {
-            pred = (int)(((Q02 << 7) - num) / (Q02 << 8));
-            if (Al > 0 && pred >= (1 << Al))
-              pred = (1 << Al) - 1;
-            pred = -pred;
-          }
-          workspace[2] = (JCOEF)pred;
-        }
-        if (change_dc) {
-          /* AC03 */
-          if ((Al = coef_bits[6]) != 0 && workspace[3] == 0) {
-            num = Q00 * (DC07 - DC09 + 2 * DC12 - 2 * DC14 + DC17 - DC19);
-            if (num >= 0) {
-              pred = (int)(((Q03 << 7) + num) / (Q03 << 8));
-              if (Al > 0 && pred >= (1 << Al))
-                pred = (1 << Al) - 1;
-            } else {
-              pred = (int)(((Q03 << 7) - num) / (Q03 << 8));
-              if (Al > 0 && pred >= (1 << Al))
-                pred = (1 << Al) - 1;
-              pred = -pred;
-            }
-            workspace[3] = (JCOEF)pred;
-          }
-          /* AC12 */
-          if ((Al = coef_bits[7]) != 0 && workspace[10] == 0) {
-            num = Q00 * (DC07 - 3 * DC08 + DC09 - DC17 + 3 * DC18 - DC19);
-            if (num >= 0) {
-              pred = (int)(((Q12 << 7) + num) / (Q12 << 8));
-              if (Al > 0 && pred >= (1 << Al))
-                pred = (1 << Al) - 1;
-            } else {
-              pred = (int)(((Q12 << 7) - num) / (Q12 << 8));
-              if (Al > 0 && pred >= (1 << Al))
-                pred = (1 << Al) - 1;
-              pred = -pred;
-            }
-            workspace[10] = (JCOEF)pred;
-          }
-          /* AC21 */
-          if ((Al = coef_bits[8]) != 0 && workspace[17] == 0) {
-            num = Q00 * (DC07 - DC09 - 3 * DC12 + 3 * DC14 + DC17 - DC19);
-            if (num >= 0) {
-              pred = (int)(((Q21 << 7) + num) / (Q21 << 8));
-              if (Al > 0 && pred >= (1 << Al))
-                pred = (1 << Al) - 1;
-            } else {
-              pred = (int)(((Q21 << 7) - num) / (Q21 << 8));
-              if (Al > 0 && pred >= (1 << Al))
-                pred = (1 << Al) - 1;
-              pred = -pred;
-            }
-            workspace[17] = (JCOEF)pred;
-          }
-          /* AC30 */
-          if ((Al = coef_bits[9]) != 0 && workspace[24] == 0) {
-            num = Q00 * (DC07 + 2 * DC08 + DC09 - DC17 - 2 * DC18 - DC19);
-            if (num >= 0) {
-              pred = (int)(((Q30 << 7) + num) / (Q30 << 8));
-              if (Al > 0 && pred >= (1 << Al))
-                pred = (1 << Al) - 1;
-            } else {
-              pred = (int)(((Q30 << 7) - num) / (Q30 << 8));
-              if (Al > 0 && pred >= (1 << Al))
-                pred = (1 << Al) - 1;
-              pred = -pred;
-            }
-            workspace[24] = (JCOEF)pred;
-          }
-          /* coef_bits[0] is non-negative.  Otherwise this function would not
-           * be called.
-           */
-          num = Q00 *
-                (-2 * DC01 - 6 * DC02 - 8 * DC03 - 6 * DC04 - 2 * DC05 -
-                 6 * DC06 + 6 * DC07 + 42 * DC08 + 6 * DC09 - 6 * DC10 -
-                 8 * DC11 + 42 * DC12 + 152 * DC13 + 42 * DC14 - 8 * DC15 -
-                 6 * DC16 + 6 * DC17 + 42 * DC18 + 6 * DC19 - 6 * DC20 -
-                 2 * DC21 - 6 * DC22 - 8 * DC23 - 6 * DC24 - 2 * DC25);
-          if (num >= 0) {
-            pred = (int)(((Q00 << 7) + num) / (Q00 << 8));
-          } else {
-            pred = (int)(((Q00 << 7) - num) / (Q00 << 8));
-            pred = -pred;
-          }
-          workspace[0] = (JCOEF)pred;
-        }  /* change_dc */
-
-        /* OK, do the IDCT */
-        (*inverse_DCT) (cinfo, compptr, (JCOEFPTR)workspace, output_ptr,
-                        output_col);
-        /* Advance for next column */
-        DC01 = DC02;  DC02 = DC03;  DC03 = DC04;  DC04 = DC05;
-        DC06 = DC07;  DC07 = DC08;  DC08 = DC09;  DC09 = DC10;
-        DC11 = DC12;  DC12 = DC13;  DC13 = DC14;  DC14 = DC15;
-        DC16 = DC17;  DC17 = DC18;  DC18 = DC19;  DC19 = DC20;
-        DC21 = DC22;  DC22 = DC23;  DC23 = DC24;  DC24 = DC25;
-        buffer_ptr++, prev_block_row++, next_block_row++,
-          prev_prev_block_row++, next_next_block_row++;
-        output_col += compptr->_DCT_scaled_size;
-      }
-      output_ptr += compptr->_DCT_scaled_size;
-    }
-  }
-
-  if (++(cinfo->output_iMCU_row) < cinfo->total_iMCU_rows)
-    return JPEG_ROW_COMPLETED;
-  return JPEG_SCAN_COMPLETED;
-}
-
-#endif /* BLOCK_SMOOTHING_SUPPORTED */
-
-
-/*
- * Initialize coefficient buffer controller.
- */
-
-GLOBAL(void)
-jinit_d_coef_controller(j_decompress_ptr cinfo, boolean need_full_buffer)
-{
-  my_coef_ptr coef;
-
-  coef = (my_coef_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(my_coef_controller));
-  cinfo->coef = (struct jpeg_d_coef_controller *)coef;
-  coef->pub.start_input_pass = start_input_pass;
-  coef->pub.start_output_pass = start_output_pass;
-#ifdef BLOCK_SMOOTHING_SUPPORTED
-  coef->coef_bits_latch = NULL;
-#endif
-
-  /* Create the coefficient buffer. */
-  if (need_full_buffer) {
-#ifdef D_MULTISCAN_FILES_SUPPORTED
-    /* Allocate a full-image virtual array for each component, */
-    /* padded to a multiple of samp_factor DCT blocks in each direction. */
-    /* Note we ask for a pre-zeroed array. */
-    int ci, access_rows;
-    jpeg_component_info *compptr;
-
-    for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-         ci++, compptr++) {
-      access_rows = compptr->v_samp_factor;
-#ifdef BLOCK_SMOOTHING_SUPPORTED
-      /* If block smoothing could be used, need a bigger window */
-      if (cinfo->progressive_mode)
-        access_rows *= 5;
-#endif
-      coef->whole_image[ci] = (*cinfo->mem->request_virt_barray)
-        ((j_common_ptr)cinfo, JPOOL_IMAGE, TRUE,
-         (JDIMENSION)jround_up((long)compptr->width_in_blocks,
-                               (long)compptr->h_samp_factor),
-         (JDIMENSION)jround_up((long)compptr->height_in_blocks,
-                               (long)compptr->v_samp_factor),
-         (JDIMENSION)access_rows);
-    }
-    coef->pub.consume_data = consume_data;
-    coef->pub.decompress_data = decompress_data;
-    coef->pub.coef_arrays = coef->whole_image; /* link to virtual arrays */
-#else
-    ERREXIT(cinfo, JERR_NOT_COMPILED);
-#endif
-  } else {
-    /* We only need a single-MCU buffer. */
-    JBLOCKROW buffer;
-    int i;
-
-    buffer = (JBLOCKROW)
-      (*cinfo->mem->alloc_large) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                  D_MAX_BLOCKS_IN_MCU * sizeof(JBLOCK));
-    for (i = 0; i < D_MAX_BLOCKS_IN_MCU; i++) {
-      coef->MCU_buffer[i] = buffer + i;
-    }
-    coef->pub.consume_data = dummy_consume_data;
-    coef->pub.decompress_data = decompress_onepass;
-    coef->pub.coef_arrays = NULL; /* flag for no virtual arrays */
-  }
-
-  /* Allocate the workspace buffer */
-  coef->workspace = (JCOEF *)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(JCOEF) * DCTSIZE2);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdcoefct.h b/3rdparty/libjpeg-turbo_2_1_0/jdcoefct.h
deleted file mode 100644
index 9a0e780..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdcoefct.h
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * jdcoefct.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1997, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2020, Google, Inc.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- */
-
-#define JPEG_INTERNALS
-#include "jpeglib.h"
-
-
-/* Block smoothing is only applicable for progressive JPEG, so: */
-#ifndef D_PROGRESSIVE_SUPPORTED
-#undef BLOCK_SMOOTHING_SUPPORTED
-#endif
-
-
-/* Private buffer controller object */
-
-typedef struct {
-  struct jpeg_d_coef_controller pub; /* public fields */
-
-  /* These variables keep track of the current location of the input side. */
-  /* cinfo->input_iMCU_row is also used for this. */
-  JDIMENSION MCU_ctr;           /* counts MCUs processed in current row */
-  int MCU_vert_offset;          /* counts MCU rows within iMCU row */
-  int MCU_rows_per_iMCU_row;    /* number of such rows needed */
-
-  /* The output side's location is represented by cinfo->output_iMCU_row. */
-
-  /* In single-pass modes, it's sufficient to buffer just one MCU.
-   * We allocate a workspace of D_MAX_BLOCKS_IN_MCU coefficient blocks,
-   * and let the entropy decoder write into that workspace each time.
-   * In multi-pass modes, this array points to the current MCU's blocks
-   * within the virtual arrays; it is used only by the input side.
-   */
-  JBLOCKROW MCU_buffer[D_MAX_BLOCKS_IN_MCU];
-
-  /* Temporary workspace for one MCU */
-  JCOEF *workspace;
-
-#ifdef D_MULTISCAN_FILES_SUPPORTED
-  /* In multi-pass modes, we need a virtual block array for each component. */
-  jvirt_barray_ptr whole_image[MAX_COMPONENTS];
-#endif
-
-#ifdef BLOCK_SMOOTHING_SUPPORTED
-  /* When doing block smoothing, we latch coefficient Al values here */
-  int *coef_bits_latch;
-#define SAVED_COEFS  10         /* we save coef_bits[0..9] */
-#endif
-} my_coef_controller;
-
-typedef my_coef_controller *my_coef_ptr;
-
-
-LOCAL(void)
-start_iMCU_row(j_decompress_ptr cinfo)
-/* Reset within-iMCU-row counters for a new row (input side) */
-{
-  my_coef_ptr coef = (my_coef_ptr)cinfo->coef;
-
-  /* In an interleaved scan, an MCU row is the same as an iMCU row.
-   * In a noninterleaved scan, an iMCU row has v_samp_factor MCU rows.
-   * But at the bottom of the image, process only what's left.
-   */
-  if (cinfo->comps_in_scan > 1) {
-    coef->MCU_rows_per_iMCU_row = 1;
-  } else {
-    if (cinfo->input_iMCU_row < (cinfo->total_iMCU_rows - 1))
-      coef->MCU_rows_per_iMCU_row = cinfo->cur_comp_info[0]->v_samp_factor;
-    else
-      coef->MCU_rows_per_iMCU_row = cinfo->cur_comp_info[0]->last_row_height;
-  }
-
-  coef->MCU_ctr = 0;
-  coef->MCU_vert_offset = 0;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdcol565.c b/3rdparty/libjpeg-turbo_2_1_0/jdcol565.c
deleted file mode 100644
index 53c7bd9..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdcol565.c
+++ /dev/null
@@ -1,384 +0,0 @@
-/*
- * jdcol565.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1997, Thomas G. Lane.
- * Modifications:
- * Copyright (C) 2013, Linaro Limited.
- * Copyright (C) 2014-2015, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains output colorspace conversion routines.
- */
-
-/* This file is included by jdcolor.c */
-
-
-INLINE
-LOCAL(void)
-ycc_rgb565_convert_internal(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                            JDIMENSION input_row, JSAMPARRAY output_buf,
-                            int num_rows)
-{
-  my_cconvert_ptr cconvert = (my_cconvert_ptr)cinfo->cconvert;
-  register int y, cb, cr;
-  register JSAMPROW outptr;
-  register JSAMPROW inptr0, inptr1, inptr2;
-  register JDIMENSION col;
-  JDIMENSION num_cols = cinfo->output_width;
-  /* copy these pointers into registers if possible */
-  register JSAMPLE *range_limit = cinfo->sample_range_limit;
-  register int *Crrtab = cconvert->Cr_r_tab;
-  register int *Cbbtab = cconvert->Cb_b_tab;
-  register JLONG *Crgtab = cconvert->Cr_g_tab;
-  register JLONG *Cbgtab = cconvert->Cb_g_tab;
-  SHIFT_TEMPS
-
-  while (--num_rows >= 0) {
-    JLONG rgb;
-    unsigned int r, g, b;
-    inptr0 = input_buf[0][input_row];
-    inptr1 = input_buf[1][input_row];
-    inptr2 = input_buf[2][input_row];
-    input_row++;
-    outptr = *output_buf++;
-
-    if (PACK_NEED_ALIGNMENT(outptr)) {
-      y  = *inptr0++;
-      cb = *inptr1++;
-      cr = *inptr2++;
-      r = range_limit[y + Crrtab[cr]];
-      g = range_limit[y + ((int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr],
-                                            SCALEBITS))];
-      b = range_limit[y + Cbbtab[cb]];
-      rgb = PACK_SHORT_565(r, g, b);
-      *(INT16 *)outptr = (INT16)rgb;
-      outptr += 2;
-      num_cols--;
-    }
-    for (col = 0; col < (num_cols >> 1); col++) {
-      y  = *inptr0++;
-      cb = *inptr1++;
-      cr = *inptr2++;
-      r = range_limit[y + Crrtab[cr]];
-      g = range_limit[y + ((int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr],
-                                            SCALEBITS))];
-      b = range_limit[y + Cbbtab[cb]];
-      rgb = PACK_SHORT_565(r, g, b);
-
-      y  = *inptr0++;
-      cb = *inptr1++;
-      cr = *inptr2++;
-      r = range_limit[y + Crrtab[cr]];
-      g = range_limit[y + ((int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr],
-                                            SCALEBITS))];
-      b = range_limit[y + Cbbtab[cb]];
-      rgb = PACK_TWO_PIXELS(rgb, PACK_SHORT_565(r, g, b));
-
-      WRITE_TWO_ALIGNED_PIXELS(outptr, rgb);
-      outptr += 4;
-    }
-    if (num_cols & 1) {
-      y  = *inptr0;
-      cb = *inptr1;
-      cr = *inptr2;
-      r = range_limit[y + Crrtab[cr]];
-      g = range_limit[y + ((int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr],
-                                            SCALEBITS))];
-      b = range_limit[y + Cbbtab[cb]];
-      rgb = PACK_SHORT_565(r, g, b);
-      *(INT16 *)outptr = (INT16)rgb;
-    }
-  }
-}
-
-
-INLINE
-LOCAL(void)
-ycc_rgb565D_convert_internal(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                             JDIMENSION input_row, JSAMPARRAY output_buf,
-                             int num_rows)
-{
-  my_cconvert_ptr cconvert = (my_cconvert_ptr)cinfo->cconvert;
-  register int y, cb, cr;
-  register JSAMPROW outptr;
-  register JSAMPROW inptr0, inptr1, inptr2;
-  register JDIMENSION col;
-  JDIMENSION num_cols = cinfo->output_width;
-  /* copy these pointers into registers if possible */
-  register JSAMPLE *range_limit = cinfo->sample_range_limit;
-  register int *Crrtab = cconvert->Cr_r_tab;
-  register int *Cbbtab = cconvert->Cb_b_tab;
-  register JLONG *Crgtab = cconvert->Cr_g_tab;
-  register JLONG *Cbgtab = cconvert->Cb_g_tab;
-  JLONG d0 = dither_matrix[cinfo->output_scanline & DITHER_MASK];
-  SHIFT_TEMPS
-
-  while (--num_rows >= 0) {
-    JLONG rgb;
-    unsigned int r, g, b;
-
-    inptr0 = input_buf[0][input_row];
-    inptr1 = input_buf[1][input_row];
-    inptr2 = input_buf[2][input_row];
-    input_row++;
-    outptr = *output_buf++;
-    if (PACK_NEED_ALIGNMENT(outptr)) {
-      y  = *inptr0++;
-      cb = *inptr1++;
-      cr = *inptr2++;
-      r = range_limit[DITHER_565_R(y + Crrtab[cr], d0)];
-      g = range_limit[DITHER_565_G(y +
-                                   ((int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr],
-                                                     SCALEBITS)), d0)];
-      b = range_limit[DITHER_565_B(y + Cbbtab[cb], d0)];
-      rgb = PACK_SHORT_565(r, g, b);
-      *(INT16 *)outptr = (INT16)rgb;
-      outptr += 2;
-      num_cols--;
-    }
-    for (col = 0; col < (num_cols >> 1); col++) {
-      y  = *inptr0++;
-      cb = *inptr1++;
-      cr = *inptr2++;
-      r = range_limit[DITHER_565_R(y + Crrtab[cr], d0)];
-      g = range_limit[DITHER_565_G(y +
-                                   ((int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr],
-                                                     SCALEBITS)), d0)];
-      b = range_limit[DITHER_565_B(y + Cbbtab[cb], d0)];
-      d0 = DITHER_ROTATE(d0);
-      rgb = PACK_SHORT_565(r, g, b);
-
-      y  = *inptr0++;
-      cb = *inptr1++;
-      cr = *inptr2++;
-      r = range_limit[DITHER_565_R(y + Crrtab[cr], d0)];
-      g = range_limit[DITHER_565_G(y +
-                                   ((int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr],
-                                                     SCALEBITS)), d0)];
-      b = range_limit[DITHER_565_B(y + Cbbtab[cb], d0)];
-      d0 = DITHER_ROTATE(d0);
-      rgb = PACK_TWO_PIXELS(rgb, PACK_SHORT_565(r, g, b));
-
-      WRITE_TWO_ALIGNED_PIXELS(outptr, rgb);
-      outptr += 4;
-    }
-    if (num_cols & 1) {
-      y  = *inptr0;
-      cb = *inptr1;
-      cr = *inptr2;
-      r = range_limit[DITHER_565_R(y + Crrtab[cr], d0)];
-      g = range_limit[DITHER_565_G(y +
-                                   ((int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr],
-                                                     SCALEBITS)), d0)];
-      b = range_limit[DITHER_565_B(y + Cbbtab[cb], d0)];
-      rgb = PACK_SHORT_565(r, g, b);
-      *(INT16 *)outptr = (INT16)rgb;
-    }
-  }
-}
-
-
-INLINE
-LOCAL(void)
-rgb_rgb565_convert_internal(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                            JDIMENSION input_row, JSAMPARRAY output_buf,
-                            int num_rows)
-{
-  register JSAMPROW outptr;
-  register JSAMPROW inptr0, inptr1, inptr2;
-  register JDIMENSION col;
-  JDIMENSION num_cols = cinfo->output_width;
-  SHIFT_TEMPS
-
-  while (--num_rows >= 0) {
-    JLONG rgb;
-    unsigned int r, g, b;
-
-    inptr0 = input_buf[0][input_row];
-    inptr1 = input_buf[1][input_row];
-    inptr2 = input_buf[2][input_row];
-    input_row++;
-    outptr = *output_buf++;
-    if (PACK_NEED_ALIGNMENT(outptr)) {
-      r = *inptr0++;
-      g = *inptr1++;
-      b = *inptr2++;
-      rgb = PACK_SHORT_565(r, g, b);
-      *(INT16 *)outptr = (INT16)rgb;
-      outptr += 2;
-      num_cols--;
-    }
-    for (col = 0; col < (num_cols >> 1); col++) {
-      r = *inptr0++;
-      g = *inptr1++;
-      b = *inptr2++;
-      rgb = PACK_SHORT_565(r, g, b);
-
-      r = *inptr0++;
-      g = *inptr1++;
-      b = *inptr2++;
-      rgb = PACK_TWO_PIXELS(rgb, PACK_SHORT_565(r, g, b));
-
-      WRITE_TWO_ALIGNED_PIXELS(outptr, rgb);
-      outptr += 4;
-    }
-    if (num_cols & 1) {
-      r = *inptr0;
-      g = *inptr1;
-      b = *inptr2;
-      rgb = PACK_SHORT_565(r, g, b);
-      *(INT16 *)outptr = (INT16)rgb;
-    }
-  }
-}
-
-
-INLINE
-LOCAL(void)
-rgb_rgb565D_convert_internal(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                             JDIMENSION input_row, JSAMPARRAY output_buf,
-                             int num_rows)
-{
-  register JSAMPROW outptr;
-  register JSAMPROW inptr0, inptr1, inptr2;
-  register JDIMENSION col;
-  register JSAMPLE *range_limit = cinfo->sample_range_limit;
-  JDIMENSION num_cols = cinfo->output_width;
-  JLONG d0 = dither_matrix[cinfo->output_scanline & DITHER_MASK];
-  SHIFT_TEMPS
-
-  while (--num_rows >= 0) {
-    JLONG rgb;
-    unsigned int r, g, b;
-
-    inptr0 = input_buf[0][input_row];
-    inptr1 = input_buf[1][input_row];
-    inptr2 = input_buf[2][input_row];
-    input_row++;
-    outptr = *output_buf++;
-    if (PACK_NEED_ALIGNMENT(outptr)) {
-      r = range_limit[DITHER_565_R(*inptr0++, d0)];
-      g = range_limit[DITHER_565_G(*inptr1++, d0)];
-      b = range_limit[DITHER_565_B(*inptr2++, d0)];
-      rgb = PACK_SHORT_565(r, g, b);
-      *(INT16 *)outptr = (INT16)rgb;
-      outptr += 2;
-      num_cols--;
-    }
-    for (col = 0; col < (num_cols >> 1); col++) {
-      r = range_limit[DITHER_565_R(*inptr0++, d0)];
-      g = range_limit[DITHER_565_G(*inptr1++, d0)];
-      b = range_limit[DITHER_565_B(*inptr2++, d0)];
-      d0 = DITHER_ROTATE(d0);
-      rgb = PACK_SHORT_565(r, g, b);
-
-      r = range_limit[DITHER_565_R(*inptr0++, d0)];
-      g = range_limit[DITHER_565_G(*inptr1++, d0)];
-      b = range_limit[DITHER_565_B(*inptr2++, d0)];
-      d0 = DITHER_ROTATE(d0);
-      rgb = PACK_TWO_PIXELS(rgb, PACK_SHORT_565(r, g, b));
-
-      WRITE_TWO_ALIGNED_PIXELS(outptr, rgb);
-      outptr += 4;
-    }
-    if (num_cols & 1) {
-      r = range_limit[DITHER_565_R(*inptr0, d0)];
-      g = range_limit[DITHER_565_G(*inptr1, d0)];
-      b = range_limit[DITHER_565_B(*inptr2, d0)];
-      rgb = PACK_SHORT_565(r, g, b);
-      *(INT16 *)outptr = (INT16)rgb;
-    }
-  }
-}
-
-
-INLINE
-LOCAL(void)
-gray_rgb565_convert_internal(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                             JDIMENSION input_row, JSAMPARRAY output_buf,
-                             int num_rows)
-{
-  register JSAMPROW inptr, outptr;
-  register JDIMENSION col;
-  JDIMENSION num_cols = cinfo->output_width;
-
-  while (--num_rows >= 0) {
-    JLONG rgb;
-    unsigned int g;
-
-    inptr = input_buf[0][input_row++];
-    outptr = *output_buf++;
-    if (PACK_NEED_ALIGNMENT(outptr)) {
-      g = *inptr++;
-      rgb = PACK_SHORT_565(g, g, g);
-      *(INT16 *)outptr = (INT16)rgb;
-      outptr += 2;
-      num_cols--;
-    }
-    for (col = 0; col < (num_cols >> 1); col++) {
-      g = *inptr++;
-      rgb = PACK_SHORT_565(g, g, g);
-      g = *inptr++;
-      rgb = PACK_TWO_PIXELS(rgb, PACK_SHORT_565(g, g, g));
-      WRITE_TWO_ALIGNED_PIXELS(outptr, rgb);
-      outptr += 4;
-    }
-    if (num_cols & 1) {
-      g = *inptr;
-      rgb = PACK_SHORT_565(g, g, g);
-      *(INT16 *)outptr = (INT16)rgb;
-    }
-  }
-}
-
-
-INLINE
-LOCAL(void)
-gray_rgb565D_convert_internal(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                              JDIMENSION input_row, JSAMPARRAY output_buf,
-                              int num_rows)
-{
-  register JSAMPROW inptr, outptr;
-  register JDIMENSION col;
-  register JSAMPLE *range_limit = cinfo->sample_range_limit;
-  JDIMENSION num_cols = cinfo->output_width;
-  JLONG d0 = dither_matrix[cinfo->output_scanline & DITHER_MASK];
-
-  while (--num_rows >= 0) {
-    JLONG rgb;
-    unsigned int g;
-
-    inptr = input_buf[0][input_row++];
-    outptr = *output_buf++;
-    if (PACK_NEED_ALIGNMENT(outptr)) {
-      g = *inptr++;
-      g = range_limit[DITHER_565_R(g, d0)];
-      rgb = PACK_SHORT_565(g, g, g);
-      *(INT16 *)outptr = (INT16)rgb;
-      outptr += 2;
-      num_cols--;
-    }
-    for (col = 0; col < (num_cols >> 1); col++) {
-      g = *inptr++;
-      g = range_limit[DITHER_565_R(g, d0)];
-      rgb = PACK_SHORT_565(g, g, g);
-      d0 = DITHER_ROTATE(d0);
-
-      g = *inptr++;
-      g = range_limit[DITHER_565_R(g, d0)];
-      rgb = PACK_TWO_PIXELS(rgb, PACK_SHORT_565(g, g, g));
-      d0 = DITHER_ROTATE(d0);
-
-      WRITE_TWO_ALIGNED_PIXELS(outptr, rgb);
-      outptr += 4;
-    }
-    if (num_cols & 1) {
-      g = *inptr;
-      g = range_limit[DITHER_565_R(g, d0)];
-      rgb = PACK_SHORT_565(g, g, g);
-      *(INT16 *)outptr = (INT16)rgb;
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdcolext.c b/3rdparty/libjpeg-turbo_2_1_0/jdcolext.c
deleted file mode 100644
index 863c7a2..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdcolext.c
+++ /dev/null
@@ -1,141 +0,0 @@
-/*
- * jdcolext.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1997, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2009, 2011, 2015, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains output colorspace conversion routines.
- */
-
-
-/* This file is included by jdcolor.c */
-
-
-/*
- * Convert some rows of samples to the output colorspace.
- *
- * Note that we change from noninterleaved, one-plane-per-component format
- * to interleaved-pixel format.  The output buffer is therefore three times
- * as wide as the input buffer.
- * A starting row offset is provided only for the input buffer.  The caller
- * can easily adjust the passed output_buf value to accommodate any row
- * offset required on that side.
- */
-
-INLINE
-LOCAL(void)
-ycc_rgb_convert_internal(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                         JDIMENSION input_row, JSAMPARRAY output_buf,
-                         int num_rows)
-{
-  my_cconvert_ptr cconvert = (my_cconvert_ptr)cinfo->cconvert;
-  register int y, cb, cr;
-  register JSAMPROW outptr;
-  register JSAMPROW inptr0, inptr1, inptr2;
-  register JDIMENSION col;
-  JDIMENSION num_cols = cinfo->output_width;
-  /* copy these pointers into registers if possible */
-  register JSAMPLE *range_limit = cinfo->sample_range_limit;
-  register int *Crrtab = cconvert->Cr_r_tab;
-  register int *Cbbtab = cconvert->Cb_b_tab;
-  register JLONG *Crgtab = cconvert->Cr_g_tab;
-  register JLONG *Cbgtab = cconvert->Cb_g_tab;
-  SHIFT_TEMPS
-
-  while (--num_rows >= 0) {
-    inptr0 = input_buf[0][input_row];
-    inptr1 = input_buf[1][input_row];
-    inptr2 = input_buf[2][input_row];
-    input_row++;
-    outptr = *output_buf++;
-    for (col = 0; col < num_cols; col++) {
-      y  = inptr0[col];
-      cb = inptr1[col];
-      cr = inptr2[col];
-      /* Range-limiting is essential due to noise introduced by DCT losses. */
-      outptr[RGB_RED] =   range_limit[y + Crrtab[cr]];
-      outptr[RGB_GREEN] = range_limit[y +
-                              ((int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr],
-                                                SCALEBITS))];
-      outptr[RGB_BLUE] =  range_limit[y + Cbbtab[cb]];
-      /* Set unused byte to 0xFF so it can be interpreted as an opaque */
-      /* alpha channel value */
-#ifdef RGB_ALPHA
-      outptr[RGB_ALPHA] = 0xFF;
-#endif
-      outptr += RGB_PIXELSIZE;
-    }
-  }
-}
-
-
-/*
- * Convert grayscale to RGB: just duplicate the graylevel three times.
- * This is provided to support applications that don't want to cope
- * with grayscale as a separate case.
- */
-
-INLINE
-LOCAL(void)
-gray_rgb_convert_internal(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                          JDIMENSION input_row, JSAMPARRAY output_buf,
-                          int num_rows)
-{
-  register JSAMPROW inptr, outptr;
-  register JDIMENSION col;
-  JDIMENSION num_cols = cinfo->output_width;
-
-  while (--num_rows >= 0) {
-    inptr = input_buf[0][input_row++];
-    outptr = *output_buf++;
-    for (col = 0; col < num_cols; col++) {
-      outptr[RGB_RED] = outptr[RGB_GREEN] = outptr[RGB_BLUE] = inptr[col];
-      /* Set unused byte to 0xFF so it can be interpreted as an opaque */
-      /* alpha channel value */
-#ifdef RGB_ALPHA
-      outptr[RGB_ALPHA] = 0xFF;
-#endif
-      outptr += RGB_PIXELSIZE;
-    }
-  }
-}
-
-
-/*
- * Convert RGB to extended RGB: just swap the order of source pixels
- */
-
-INLINE
-LOCAL(void)
-rgb_rgb_convert_internal(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                         JDIMENSION input_row, JSAMPARRAY output_buf,
-                         int num_rows)
-{
-  register JSAMPROW inptr0, inptr1, inptr2;
-  register JSAMPROW outptr;
-  register JDIMENSION col;
-  JDIMENSION num_cols = cinfo->output_width;
-
-  while (--num_rows >= 0) {
-    inptr0 = input_buf[0][input_row];
-    inptr1 = input_buf[1][input_row];
-    inptr2 = input_buf[2][input_row];
-    input_row++;
-    outptr = *output_buf++;
-    for (col = 0; col < num_cols; col++) {
-      outptr[RGB_RED] = inptr0[col];
-      outptr[RGB_GREEN] = inptr1[col];
-      outptr[RGB_BLUE] = inptr2[col];
-      /* Set unused byte to 0xFF so it can be interpreted as an opaque */
-      /* alpha channel value */
-#ifdef RGB_ALPHA
-      outptr[RGB_ALPHA] = 0xFF;
-#endif
-      outptr += RGB_PIXELSIZE;
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdcolor.c b/3rdparty/libjpeg-turbo_2_1_0/jdcolor.c
deleted file mode 100644
index 8da2b4e..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdcolor.c
+++ /dev/null
@@ -1,882 +0,0 @@
-/*
- * jdcolor.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1997, Thomas G. Lane.
- * Modified 2011 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2009, 2011-2012, 2014-2015, D. R. Commander.
- * Copyright (C) 2013, Linaro Limited.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains output colorspace conversion routines.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jsimd.h"
-#include "jconfigint.h"
-
-
-/* Private subobject */
-
-typedef struct {
-  struct jpeg_color_deconverter pub; /* public fields */
-
-  /* Private state for YCC->RGB conversion */
-  int *Cr_r_tab;                /* => table for Cr to R conversion */
-  int *Cb_b_tab;                /* => table for Cb to B conversion */
-  JLONG *Cr_g_tab;              /* => table for Cr to G conversion */
-  JLONG *Cb_g_tab;              /* => table for Cb to G conversion */
-
-  /* Private state for RGB->Y conversion */
-  JLONG *rgb_y_tab;             /* => table for RGB to Y conversion */
-} my_color_deconverter;
-
-typedef my_color_deconverter *my_cconvert_ptr;
-
-
-/**************** YCbCr -> RGB conversion: most common case **************/
-/****************   RGB -> Y   conversion: less common case **************/
-
-/*
- * YCbCr is defined per CCIR 601-1, except that Cb and Cr are
- * normalized to the range 0..MAXJSAMPLE rather than -0.5 .. 0.5.
- * The conversion equations to be implemented are therefore
- *
- *      R = Y                + 1.40200 * Cr
- *      G = Y - 0.34414 * Cb - 0.71414 * Cr
- *      B = Y + 1.77200 * Cb
- *
- *      Y = 0.29900 * R + 0.58700 * G + 0.11400 * B
- *
- * where Cb and Cr represent the incoming values less CENTERJSAMPLE.
- * (These numbers are derived from TIFF 6.0 section 21, dated 3-June-92.)
- *
- * To avoid floating-point arithmetic, we represent the fractional constants
- * as integers scaled up by 2^16 (about 4 digits precision); we have to divide
- * the products by 2^16, with appropriate rounding, to get the correct answer.
- * Notice that Y, being an integral input, does not contribute any fraction
- * so it need not participate in the rounding.
- *
- * For even more speed, we avoid doing any multiplications in the inner loop
- * by precalculating the constants times Cb and Cr for all possible values.
- * For 8-bit JSAMPLEs this is very reasonable (only 256 entries per table);
- * for 12-bit samples it is still acceptable.  It's not very reasonable for
- * 16-bit samples, but if you want lossless storage you shouldn't be changing
- * colorspace anyway.
- * The Cr=>R and Cb=>B values can be rounded to integers in advance; the
- * values for the G calculation are left scaled up, since we must add them
- * together before rounding.
- */
-
-#define SCALEBITS       16      /* speediest right-shift on some machines */
-#define ONE_HALF        ((JLONG)1 << (SCALEBITS - 1))
-#define FIX(x)          ((JLONG)((x) * (1L << SCALEBITS) + 0.5))
-
-/* We allocate one big table for RGB->Y conversion and divide it up into
- * three parts, instead of doing three alloc_small requests.  This lets us
- * use a single table base address, which can be held in a register in the
- * inner loops on many machines (more than can hold all three addresses,
- * anyway).
- */
-
-#define R_Y_OFF         0                       /* offset to R => Y section */
-#define G_Y_OFF         (1 * (MAXJSAMPLE + 1))  /* offset to G => Y section */
-#define B_Y_OFF         (2 * (MAXJSAMPLE + 1))  /* etc. */
-#define TABLE_SIZE      (3 * (MAXJSAMPLE + 1))
-
-
-/* Include inline routines for colorspace extensions */
-
-#include "jdcolext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-
-#define RGB_RED  EXT_RGB_RED
-#define RGB_GREEN  EXT_RGB_GREEN
-#define RGB_BLUE  EXT_RGB_BLUE
-#define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-#define ycc_rgb_convert_internal  ycc_extrgb_convert_internal
-#define gray_rgb_convert_internal  gray_extrgb_convert_internal
-#define rgb_rgb_convert_internal  rgb_extrgb_convert_internal
-#include "jdcolext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef ycc_rgb_convert_internal
-#undef gray_rgb_convert_internal
-#undef rgb_rgb_convert_internal
-
-#define RGB_RED  EXT_RGBX_RED
-#define RGB_GREEN  EXT_RGBX_GREEN
-#define RGB_BLUE  EXT_RGBX_BLUE
-#define RGB_ALPHA  3
-#define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-#define ycc_rgb_convert_internal  ycc_extrgbx_convert_internal
-#define gray_rgb_convert_internal  gray_extrgbx_convert_internal
-#define rgb_rgb_convert_internal  rgb_extrgbx_convert_internal
-#include "jdcolext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_ALPHA
-#undef RGB_PIXELSIZE
-#undef ycc_rgb_convert_internal
-#undef gray_rgb_convert_internal
-#undef rgb_rgb_convert_internal
-
-#define RGB_RED  EXT_BGR_RED
-#define RGB_GREEN  EXT_BGR_GREEN
-#define RGB_BLUE  EXT_BGR_BLUE
-#define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-#define ycc_rgb_convert_internal  ycc_extbgr_convert_internal
-#define gray_rgb_convert_internal  gray_extbgr_convert_internal
-#define rgb_rgb_convert_internal  rgb_extbgr_convert_internal
-#include "jdcolext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef ycc_rgb_convert_internal
-#undef gray_rgb_convert_internal
-#undef rgb_rgb_convert_internal
-
-#define RGB_RED  EXT_BGRX_RED
-#define RGB_GREEN  EXT_BGRX_GREEN
-#define RGB_BLUE  EXT_BGRX_BLUE
-#define RGB_ALPHA  3
-#define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-#define ycc_rgb_convert_internal  ycc_extbgrx_convert_internal
-#define gray_rgb_convert_internal  gray_extbgrx_convert_internal
-#define rgb_rgb_convert_internal  rgb_extbgrx_convert_internal
-#include "jdcolext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_ALPHA
-#undef RGB_PIXELSIZE
-#undef ycc_rgb_convert_internal
-#undef gray_rgb_convert_internal
-#undef rgb_rgb_convert_internal
-
-#define RGB_RED  EXT_XBGR_RED
-#define RGB_GREEN  EXT_XBGR_GREEN
-#define RGB_BLUE  EXT_XBGR_BLUE
-#define RGB_ALPHA  0
-#define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-#define ycc_rgb_convert_internal  ycc_extxbgr_convert_internal
-#define gray_rgb_convert_internal  gray_extxbgr_convert_internal
-#define rgb_rgb_convert_internal  rgb_extxbgr_convert_internal
-#include "jdcolext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_ALPHA
-#undef RGB_PIXELSIZE
-#undef ycc_rgb_convert_internal
-#undef gray_rgb_convert_internal
-#undef rgb_rgb_convert_internal
-
-#define RGB_RED  EXT_XRGB_RED
-#define RGB_GREEN  EXT_XRGB_GREEN
-#define RGB_BLUE  EXT_XRGB_BLUE
-#define RGB_ALPHA  0
-#define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-#define ycc_rgb_convert_internal  ycc_extxrgb_convert_internal
-#define gray_rgb_convert_internal  gray_extxrgb_convert_internal
-#define rgb_rgb_convert_internal  rgb_extxrgb_convert_internal
-#include "jdcolext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_ALPHA
-#undef RGB_PIXELSIZE
-#undef ycc_rgb_convert_internal
-#undef gray_rgb_convert_internal
-#undef rgb_rgb_convert_internal
-
-
-/*
- * Initialize tables for YCC->RGB colorspace conversion.
- */
-
-LOCAL(void)
-build_ycc_rgb_table(j_decompress_ptr cinfo)
-{
-  my_cconvert_ptr cconvert = (my_cconvert_ptr)cinfo->cconvert;
-  int i;
-  JLONG x;
-  SHIFT_TEMPS
-
-  cconvert->Cr_r_tab = (int *)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                (MAXJSAMPLE + 1) * sizeof(int));
-  cconvert->Cb_b_tab = (int *)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                (MAXJSAMPLE + 1) * sizeof(int));
-  cconvert->Cr_g_tab = (JLONG *)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                (MAXJSAMPLE + 1) * sizeof(JLONG));
-  cconvert->Cb_g_tab = (JLONG *)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                (MAXJSAMPLE + 1) * sizeof(JLONG));
-
-  for (i = 0, x = -CENTERJSAMPLE; i <= MAXJSAMPLE; i++, x++) {
-    /* i is the actual input pixel value, in the range 0..MAXJSAMPLE */
-    /* The Cb or Cr value we are thinking of is x = i - CENTERJSAMPLE */
-    /* Cr=>R value is nearest int to 1.40200 * x */
-    cconvert->Cr_r_tab[i] = (int)
-                    RIGHT_SHIFT(FIX(1.40200) * x + ONE_HALF, SCALEBITS);
-    /* Cb=>B value is nearest int to 1.77200 * x */
-    cconvert->Cb_b_tab[i] = (int)
-                    RIGHT_SHIFT(FIX(1.77200) * x + ONE_HALF, SCALEBITS);
-    /* Cr=>G value is scaled-up -0.71414 * x */
-    cconvert->Cr_g_tab[i] = (-FIX(0.71414)) * x;
-    /* Cb=>G value is scaled-up -0.34414 * x */
-    /* We also add in ONE_HALF so that need not do it in inner loop */
-    cconvert->Cb_g_tab[i] = (-FIX(0.34414)) * x + ONE_HALF;
-  }
-}
-
-
-/*
- * Convert some rows of samples to the output colorspace.
- */
-
-METHODDEF(void)
-ycc_rgb_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                JDIMENSION input_row, JSAMPARRAY output_buf, int num_rows)
-{
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    ycc_extrgb_convert_internal(cinfo, input_buf, input_row, output_buf,
-                                num_rows);
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    ycc_extrgbx_convert_internal(cinfo, input_buf, input_row, output_buf,
-                                 num_rows);
-    break;
-  case JCS_EXT_BGR:
-    ycc_extbgr_convert_internal(cinfo, input_buf, input_row, output_buf,
-                                num_rows);
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    ycc_extbgrx_convert_internal(cinfo, input_buf, input_row, output_buf,
-                                 num_rows);
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    ycc_extxbgr_convert_internal(cinfo, input_buf, input_row, output_buf,
-                                 num_rows);
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    ycc_extxrgb_convert_internal(cinfo, input_buf, input_row, output_buf,
-                                 num_rows);
-    break;
-  default:
-    ycc_rgb_convert_internal(cinfo, input_buf, input_row, output_buf,
-                             num_rows);
-    break;
-  }
-}
-
-
-/**************** Cases other than YCbCr -> RGB **************/
-
-
-/*
- * Initialize for RGB->grayscale colorspace conversion.
- */
-
-LOCAL(void)
-build_rgb_y_table(j_decompress_ptr cinfo)
-{
-  my_cconvert_ptr cconvert = (my_cconvert_ptr)cinfo->cconvert;
-  JLONG *rgb_y_tab;
-  JLONG i;
-
-  /* Allocate and fill in the conversion tables. */
-  cconvert->rgb_y_tab = rgb_y_tab = (JLONG *)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                (TABLE_SIZE * sizeof(JLONG)));
-
-  for (i = 0; i <= MAXJSAMPLE; i++) {
-    rgb_y_tab[i + R_Y_OFF] = FIX(0.29900) * i;
-    rgb_y_tab[i + G_Y_OFF] = FIX(0.58700) * i;
-    rgb_y_tab[i + B_Y_OFF] = FIX(0.11400) * i + ONE_HALF;
-  }
-}
-
-
-/*
- * Convert RGB to grayscale.
- */
-
-METHODDEF(void)
-rgb_gray_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                 JDIMENSION input_row, JSAMPARRAY output_buf, int num_rows)
-{
-  my_cconvert_ptr cconvert = (my_cconvert_ptr)cinfo->cconvert;
-  register int r, g, b;
-  register JLONG *ctab = cconvert->rgb_y_tab;
-  register JSAMPROW outptr;
-  register JSAMPROW inptr0, inptr1, inptr2;
-  register JDIMENSION col;
-  JDIMENSION num_cols = cinfo->output_width;
-
-  while (--num_rows >= 0) {
-    inptr0 = input_buf[0][input_row];
-    inptr1 = input_buf[1][input_row];
-    inptr2 = input_buf[2][input_row];
-    input_row++;
-    outptr = *output_buf++;
-    for (col = 0; col < num_cols; col++) {
-      r = inptr0[col];
-      g = inptr1[col];
-      b = inptr2[col];
-      /* Y */
-      outptr[col] = (JSAMPLE)((ctab[r + R_Y_OFF] + ctab[g + G_Y_OFF] +
-                               ctab[b + B_Y_OFF]) >> SCALEBITS);
-    }
-  }
-}
-
-
-/*
- * Color conversion for no colorspace change: just copy the data,
- * converting from separate-planes to interleaved representation.
- */
-
-METHODDEF(void)
-null_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-             JDIMENSION input_row, JSAMPARRAY output_buf, int num_rows)
-{
-  register JSAMPROW inptr, inptr0, inptr1, inptr2, inptr3, outptr;
-  register JDIMENSION col;
-  register int num_components = cinfo->num_components;
-  JDIMENSION num_cols = cinfo->output_width;
-  int ci;
-
-  if (num_components == 3) {
-    while (--num_rows >= 0) {
-      inptr0 = input_buf[0][input_row];
-      inptr1 = input_buf[1][input_row];
-      inptr2 = input_buf[2][input_row];
-      input_row++;
-      outptr = *output_buf++;
-      for (col = 0; col < num_cols; col++) {
-        *outptr++ = inptr0[col];
-        *outptr++ = inptr1[col];
-        *outptr++ = inptr2[col];
-      }
-    }
-  } else if (num_components == 4) {
-    while (--num_rows >= 0) {
-      inptr0 = input_buf[0][input_row];
-      inptr1 = input_buf[1][input_row];
-      inptr2 = input_buf[2][input_row];
-      inptr3 = input_buf[3][input_row];
-      input_row++;
-      outptr = *output_buf++;
-      for (col = 0; col < num_cols; col++) {
-        *outptr++ = inptr0[col];
-        *outptr++ = inptr1[col];
-        *outptr++ = inptr2[col];
-        *outptr++ = inptr3[col];
-      }
-    }
-  } else {
-    while (--num_rows >= 0) {
-      for (ci = 0; ci < num_components; ci++) {
-        inptr = input_buf[ci][input_row];
-        outptr = *output_buf;
-        for (col = 0; col < num_cols; col++) {
-          outptr[ci] = inptr[col];
-          outptr += num_components;
-        }
-      }
-      output_buf++;
-      input_row++;
-    }
-  }
-}
-
-
-/*
- * Color conversion for grayscale: just copy the data.
- * This also works for YCbCr -> grayscale conversion, in which
- * we just copy the Y (luminance) component and ignore chrominance.
- */
-
-METHODDEF(void)
-grayscale_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                  JDIMENSION input_row, JSAMPARRAY output_buf, int num_rows)
-{
-  jcopy_sample_rows(input_buf[0], (int)input_row, output_buf, 0, num_rows,
-                    cinfo->output_width);
-}
-
-
-/*
- * Convert grayscale to RGB
- */
-
-METHODDEF(void)
-gray_rgb_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                 JDIMENSION input_row, JSAMPARRAY output_buf, int num_rows)
-{
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    gray_extrgb_convert_internal(cinfo, input_buf, input_row, output_buf,
-                                 num_rows);
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    gray_extrgbx_convert_internal(cinfo, input_buf, input_row, output_buf,
-                                  num_rows);
-    break;
-  case JCS_EXT_BGR:
-    gray_extbgr_convert_internal(cinfo, input_buf, input_row, output_buf,
-                                 num_rows);
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    gray_extbgrx_convert_internal(cinfo, input_buf, input_row, output_buf,
-                                  num_rows);
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    gray_extxbgr_convert_internal(cinfo, input_buf, input_row, output_buf,
-                                  num_rows);
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    gray_extxrgb_convert_internal(cinfo, input_buf, input_row, output_buf,
-                                  num_rows);
-    break;
-  default:
-    gray_rgb_convert_internal(cinfo, input_buf, input_row, output_buf,
-                              num_rows);
-    break;
-  }
-}
-
-
-/*
- * Convert plain RGB to extended RGB
- */
-
-METHODDEF(void)
-rgb_rgb_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                JDIMENSION input_row, JSAMPARRAY output_buf, int num_rows)
-{
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    rgb_extrgb_convert_internal(cinfo, input_buf, input_row, output_buf,
-                                num_rows);
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    rgb_extrgbx_convert_internal(cinfo, input_buf, input_row, output_buf,
-                                 num_rows);
-    break;
-  case JCS_EXT_BGR:
-    rgb_extbgr_convert_internal(cinfo, input_buf, input_row, output_buf,
-                                num_rows);
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    rgb_extbgrx_convert_internal(cinfo, input_buf, input_row, output_buf,
-                                 num_rows);
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    rgb_extxbgr_convert_internal(cinfo, input_buf, input_row, output_buf,
-                                 num_rows);
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    rgb_extxrgb_convert_internal(cinfo, input_buf, input_row, output_buf,
-                                 num_rows);
-    break;
-  default:
-    rgb_rgb_convert_internal(cinfo, input_buf, input_row, output_buf,
-                             num_rows);
-    break;
-  }
-}
-
-
-/*
- * Adobe-style YCCK->CMYK conversion.
- * We convert YCbCr to R=1-C, G=1-M, and B=1-Y using the same
- * conversion as above, while passing K (black) unchanged.
- * We assume build_ycc_rgb_table has been called.
- */
-
-METHODDEF(void)
-ycck_cmyk_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                  JDIMENSION input_row, JSAMPARRAY output_buf, int num_rows)
-{
-  my_cconvert_ptr cconvert = (my_cconvert_ptr)cinfo->cconvert;
-  register int y, cb, cr;
-  register JSAMPROW outptr;
-  register JSAMPROW inptr0, inptr1, inptr2, inptr3;
-  register JDIMENSION col;
-  JDIMENSION num_cols = cinfo->output_width;
-  /* copy these pointers into registers if possible */
-  register JSAMPLE *range_limit = cinfo->sample_range_limit;
-  register int *Crrtab = cconvert->Cr_r_tab;
-  register int *Cbbtab = cconvert->Cb_b_tab;
-  register JLONG *Crgtab = cconvert->Cr_g_tab;
-  register JLONG *Cbgtab = cconvert->Cb_g_tab;
-  SHIFT_TEMPS
-
-  while (--num_rows >= 0) {
-    inptr0 = input_buf[0][input_row];
-    inptr1 = input_buf[1][input_row];
-    inptr2 = input_buf[2][input_row];
-    inptr3 = input_buf[3][input_row];
-    input_row++;
-    outptr = *output_buf++;
-    for (col = 0; col < num_cols; col++) {
-      y  = inptr0[col];
-      cb = inptr1[col];
-      cr = inptr2[col];
-      /* Range-limiting is essential due to noise introduced by DCT losses. */
-      outptr[0] = range_limit[MAXJSAMPLE - (y + Crrtab[cr])];   /* red */
-      outptr[1] = range_limit[MAXJSAMPLE - (y +                 /* green */
-                              ((int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr],
-                                                 SCALEBITS)))];
-      outptr[2] = range_limit[MAXJSAMPLE - (y + Cbbtab[cb])];   /* blue */
-      /* K passes through unchanged */
-      outptr[3] = inptr3[col];
-      outptr += 4;
-    }
-  }
-}
-
-
-/*
- * RGB565 conversion
- */
-
-#define PACK_SHORT_565_LE(r, g, b) \
-  ((((r) << 8) & 0xF800) | (((g) << 3) & 0x7E0) | ((b) >> 3))
-#define PACK_SHORT_565_BE(r, g, b) \
-  (((r) & 0xF8) | ((g) >> 5) | (((g) << 11) & 0xE000) | (((b) << 5) & 0x1F00))
-
-#define PACK_TWO_PIXELS_LE(l, r)    ((r << 16) | l)
-#define PACK_TWO_PIXELS_BE(l, r)    ((l << 16) | r)
-
-#define PACK_NEED_ALIGNMENT(ptr)    (((size_t)(ptr)) & 3)
-
-#define WRITE_TWO_ALIGNED_PIXELS(addr, pixels)  ((*(int *)(addr)) = pixels)
-
-#define DITHER_565_R(r, dither)  ((r) + ((dither) & 0xFF))
-#define DITHER_565_G(g, dither)  ((g) + (((dither) & 0xFF) >> 1))
-#define DITHER_565_B(b, dither)  ((b) + ((dither) & 0xFF))
-
-
-/* Declarations for ordered dithering
- *
- * We use a 4x4 ordered dither array packed into 32 bits.  This array is
- * sufficient for dithering RGB888 to RGB565.
- */
-
-#define DITHER_MASK       0x3
-#define DITHER_ROTATE(x)  ((((x) & 0xFF) << 24) | (((x) >> 8) & 0x00FFFFFF))
-static const JLONG dither_matrix[4] = {
-  0x0008020A,
-  0x0C040E06,
-  0x030B0109,
-  0x0F070D05
-};
-
-
-static INLINE boolean is_big_endian(void)
-{
-  int test_value = 1;
-  if (*(char *)&test_value != 1)
-    return TRUE;
-  return FALSE;
-}
-
-
-/* Include inline routines for RGB565 conversion */
-
-#define PACK_SHORT_565  PACK_SHORT_565_LE
-#define PACK_TWO_PIXELS  PACK_TWO_PIXELS_LE
-#define ycc_rgb565_convert_internal  ycc_rgb565_convert_le
-#define ycc_rgb565D_convert_internal  ycc_rgb565D_convert_le
-#define rgb_rgb565_convert_internal  rgb_rgb565_convert_le
-#define rgb_rgb565D_convert_internal  rgb_rgb565D_convert_le
-#define gray_rgb565_convert_internal  gray_rgb565_convert_le
-#define gray_rgb565D_convert_internal  gray_rgb565D_convert_le
-#include "jdcol565.c"
-#undef PACK_SHORT_565
-#undef PACK_TWO_PIXELS
-#undef ycc_rgb565_convert_internal
-#undef ycc_rgb565D_convert_internal
-#undef rgb_rgb565_convert_internal
-#undef rgb_rgb565D_convert_internal
-#undef gray_rgb565_convert_internal
-#undef gray_rgb565D_convert_internal
-
-#define PACK_SHORT_565  PACK_SHORT_565_BE
-#define PACK_TWO_PIXELS  PACK_TWO_PIXELS_BE
-#define ycc_rgb565_convert_internal  ycc_rgb565_convert_be
-#define ycc_rgb565D_convert_internal  ycc_rgb565D_convert_be
-#define rgb_rgb565_convert_internal  rgb_rgb565_convert_be
-#define rgb_rgb565D_convert_internal  rgb_rgb565D_convert_be
-#define gray_rgb565_convert_internal  gray_rgb565_convert_be
-#define gray_rgb565D_convert_internal  gray_rgb565D_convert_be
-#include "jdcol565.c"
-#undef PACK_SHORT_565
-#undef PACK_TWO_PIXELS
-#undef ycc_rgb565_convert_internal
-#undef ycc_rgb565D_convert_internal
-#undef rgb_rgb565_convert_internal
-#undef rgb_rgb565D_convert_internal
-#undef gray_rgb565_convert_internal
-#undef gray_rgb565D_convert_internal
-
-
-METHODDEF(void)
-ycc_rgb565_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                   JDIMENSION input_row, JSAMPARRAY output_buf, int num_rows)
-{
-  if (is_big_endian())
-    ycc_rgb565_convert_be(cinfo, input_buf, input_row, output_buf, num_rows);
-  else
-    ycc_rgb565_convert_le(cinfo, input_buf, input_row, output_buf, num_rows);
-}
-
-
-METHODDEF(void)
-ycc_rgb565D_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                    JDIMENSION input_row, JSAMPARRAY output_buf, int num_rows)
-{
-  if (is_big_endian())
-    ycc_rgb565D_convert_be(cinfo, input_buf, input_row, output_buf, num_rows);
-  else
-    ycc_rgb565D_convert_le(cinfo, input_buf, input_row, output_buf, num_rows);
-}
-
-
-METHODDEF(void)
-rgb_rgb565_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                   JDIMENSION input_row, JSAMPARRAY output_buf, int num_rows)
-{
-  if (is_big_endian())
-    rgb_rgb565_convert_be(cinfo, input_buf, input_row, output_buf, num_rows);
-  else
-    rgb_rgb565_convert_le(cinfo, input_buf, input_row, output_buf, num_rows);
-}
-
-
-METHODDEF(void)
-rgb_rgb565D_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                    JDIMENSION input_row, JSAMPARRAY output_buf, int num_rows)
-{
-  if (is_big_endian())
-    rgb_rgb565D_convert_be(cinfo, input_buf, input_row, output_buf, num_rows);
-  else
-    rgb_rgb565D_convert_le(cinfo, input_buf, input_row, output_buf, num_rows);
-}
-
-
-METHODDEF(void)
-gray_rgb565_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                    JDIMENSION input_row, JSAMPARRAY output_buf, int num_rows)
-{
-  if (is_big_endian())
-    gray_rgb565_convert_be(cinfo, input_buf, input_row, output_buf, num_rows);
-  else
-    gray_rgb565_convert_le(cinfo, input_buf, input_row, output_buf, num_rows);
-}
-
-
-METHODDEF(void)
-gray_rgb565D_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                     JDIMENSION input_row, JSAMPARRAY output_buf, int num_rows)
-{
-  if (is_big_endian())
-    gray_rgb565D_convert_be(cinfo, input_buf, input_row, output_buf, num_rows);
-  else
-    gray_rgb565D_convert_le(cinfo, input_buf, input_row, output_buf, num_rows);
-}
-
-
-/*
- * Empty method for start_pass.
- */
-
-METHODDEF(void)
-start_pass_dcolor(j_decompress_ptr cinfo)
-{
-  /* no work needed */
-}
-
-
-/*
- * Module initialization routine for output colorspace conversion.
- */
-
-GLOBAL(void)
-jinit_color_deconverter(j_decompress_ptr cinfo)
-{
-  my_cconvert_ptr cconvert;
-  int ci;
-
-  cconvert = (my_cconvert_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(my_color_deconverter));
-  cinfo->cconvert = (struct jpeg_color_deconverter *)cconvert;
-  cconvert->pub.start_pass = start_pass_dcolor;
-
-  /* Make sure num_components agrees with jpeg_color_space */
-  switch (cinfo->jpeg_color_space) {
-  case JCS_GRAYSCALE:
-    if (cinfo->num_components != 1)
-      ERREXIT(cinfo, JERR_BAD_J_COLORSPACE);
-    break;
-
-  case JCS_RGB:
-  case JCS_YCbCr:
-    if (cinfo->num_components != 3)
-      ERREXIT(cinfo, JERR_BAD_J_COLORSPACE);
-    break;
-
-  case JCS_CMYK:
-  case JCS_YCCK:
-    if (cinfo->num_components != 4)
-      ERREXIT(cinfo, JERR_BAD_J_COLORSPACE);
-    break;
-
-  default:                      /* JCS_UNKNOWN can be anything */
-    if (cinfo->num_components < 1)
-      ERREXIT(cinfo, JERR_BAD_J_COLORSPACE);
-    break;
-  }
-
-  /* Set out_color_components and conversion method based on requested space.
-   * Also clear the component_needed flags for any unused components,
-   * so that earlier pipeline stages can avoid useless computation.
-   */
-
-  switch (cinfo->out_color_space) {
-  case JCS_GRAYSCALE:
-    cinfo->out_color_components = 1;
-    if (cinfo->jpeg_color_space == JCS_GRAYSCALE ||
-        cinfo->jpeg_color_space == JCS_YCbCr) {
-      cconvert->pub.color_convert = grayscale_convert;
-      /* For color->grayscale conversion, only the Y (0) component is needed */
-      for (ci = 1; ci < cinfo->num_components; ci++)
-        cinfo->comp_info[ci].component_needed = FALSE;
-    } else if (cinfo->jpeg_color_space == JCS_RGB) {
-      cconvert->pub.color_convert = rgb_gray_convert;
-      build_rgb_y_table(cinfo);
-    } else
-      ERREXIT(cinfo, JERR_CONVERSION_NOTIMPL);
-    break;
-
-  case JCS_RGB:
-  case JCS_EXT_RGB:
-  case JCS_EXT_RGBX:
-  case JCS_EXT_BGR:
-  case JCS_EXT_BGRX:
-  case JCS_EXT_XBGR:
-  case JCS_EXT_XRGB:
-  case JCS_EXT_RGBA:
-  case JCS_EXT_BGRA:
-  case JCS_EXT_ABGR:
-  case JCS_EXT_ARGB:
-    cinfo->out_color_components = rgb_pixelsize[cinfo->out_color_space];
-    if (cinfo->jpeg_color_space == JCS_YCbCr) {
-      if (jsimd_can_ycc_rgb())
-        cconvert->pub.color_convert = jsimd_ycc_rgb_convert;
-      else {
-        cconvert->pub.color_convert = ycc_rgb_convert;
-        build_ycc_rgb_table(cinfo);
-      }
-    } else if (cinfo->jpeg_color_space == JCS_GRAYSCALE) {
-      cconvert->pub.color_convert = gray_rgb_convert;
-    } else if (cinfo->jpeg_color_space == JCS_RGB) {
-      if (rgb_red[cinfo->out_color_space] == 0 &&
-          rgb_green[cinfo->out_color_space] == 1 &&
-          rgb_blue[cinfo->out_color_space] == 2 &&
-          rgb_pixelsize[cinfo->out_color_space] == 3)
-        cconvert->pub.color_convert = null_convert;
-      else
-        cconvert->pub.color_convert = rgb_rgb_convert;
-    } else
-      ERREXIT(cinfo, JERR_CONVERSION_NOTIMPL);
-    break;
-
-  case JCS_RGB565:
-    cinfo->out_color_components = 3;
-    if (cinfo->dither_mode == JDITHER_NONE) {
-      if (cinfo->jpeg_color_space == JCS_YCbCr) {
-        if (jsimd_can_ycc_rgb565())
-          cconvert->pub.color_convert = jsimd_ycc_rgb565_convert;
-        else {
-          cconvert->pub.color_convert = ycc_rgb565_convert;
-          build_ycc_rgb_table(cinfo);
-        }
-      } else if (cinfo->jpeg_color_space == JCS_GRAYSCALE) {
-        cconvert->pub.color_convert = gray_rgb565_convert;
-      } else if (cinfo->jpeg_color_space == JCS_RGB) {
-        cconvert->pub.color_convert = rgb_rgb565_convert;
-      } else
-        ERREXIT(cinfo, JERR_CONVERSION_NOTIMPL);
-    } else {
-      /* only ordered dithering is supported */
-      if (cinfo->jpeg_color_space == JCS_YCbCr) {
-        cconvert->pub.color_convert = ycc_rgb565D_convert;
-        build_ycc_rgb_table(cinfo);
-      } else if (cinfo->jpeg_color_space == JCS_GRAYSCALE) {
-        cconvert->pub.color_convert = gray_rgb565D_convert;
-      } else if (cinfo->jpeg_color_space == JCS_RGB) {
-        cconvert->pub.color_convert = rgb_rgb565D_convert;
-      } else
-        ERREXIT(cinfo, JERR_CONVERSION_NOTIMPL);
-    }
-    break;
-
-  case JCS_CMYK:
-    cinfo->out_color_components = 4;
-    if (cinfo->jpeg_color_space == JCS_YCCK) {
-      cconvert->pub.color_convert = ycck_cmyk_convert;
-      build_ycc_rgb_table(cinfo);
-    } else if (cinfo->jpeg_color_space == JCS_CMYK) {
-      cconvert->pub.color_convert = null_convert;
-    } else
-      ERREXIT(cinfo, JERR_CONVERSION_NOTIMPL);
-    break;
-
-  default:
-    /* Permit null conversion to same output space */
-    if (cinfo->out_color_space == cinfo->jpeg_color_space) {
-      cinfo->out_color_components = cinfo->num_components;
-      cconvert->pub.color_convert = null_convert;
-    } else                      /* unsupported non-null conversion */
-      ERREXIT(cinfo, JERR_CONVERSION_NOTIMPL);
-    break;
-  }
-
-  if (cinfo->quantize_colors)
-    cinfo->output_components = 1; /* single colormapped output component */
-  else
-    cinfo->output_components = cinfo->out_color_components;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdct.h b/3rdparty/libjpeg-turbo_2_1_0/jdct.h
deleted file mode 100644
index 66d1718..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdct.h
+++ /dev/null
@@ -1,208 +0,0 @@
-/*
- * jdct.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2015, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This include file contains common declarations for the forward and
- * inverse DCT modules.  These declarations are private to the DCT managers
- * (jcdctmgr.c, jddctmgr.c) and the individual DCT algorithms.
- * The individual DCT algorithms are kept in separate files to ease
- * machine-dependent tuning (e.g., assembly coding).
- */
-
-
-/*
- * A forward DCT routine is given a pointer to a work area of type DCTELEM[];
- * the DCT is to be performed in-place in that buffer.  Type DCTELEM is int
- * for 8-bit samples, JLONG for 12-bit samples.  (NOTE: Floating-point DCT
- * implementations use an array of type FAST_FLOAT, instead.)
- * The DCT inputs are expected to be signed (range +-CENTERJSAMPLE).
- * The DCT outputs are returned scaled up by a factor of 8; they therefore
- * have a range of +-8K for 8-bit data, +-128K for 12-bit data.  This
- * convention improves accuracy in integer implementations and saves some
- * work in floating-point ones.
- * Quantization of the output coefficients is done by jcdctmgr.c. This
- * step requires an unsigned type and also one with twice the bits.
- */
-
-#if BITS_IN_JSAMPLE == 8
-#ifndef WITH_SIMD
-typedef int DCTELEM;            /* 16 or 32 bits is fine */
-typedef unsigned int UDCTELEM;
-typedef unsigned long long UDCTELEM2;
-#else
-typedef short DCTELEM;          /* prefer 16 bit with SIMD for parellelism */
-typedef unsigned short UDCTELEM;
-typedef unsigned int UDCTELEM2;
-#endif
-#else
-typedef JLONG DCTELEM;          /* must have 32 bits */
-typedef unsigned long long UDCTELEM2;
-#endif
-
-
-/*
- * An inverse DCT routine is given a pointer to the input JBLOCK and a pointer
- * to an output sample array.  The routine must dequantize the input data as
- * well as perform the IDCT; for dequantization, it uses the multiplier table
- * pointed to by compptr->dct_table.  The output data is to be placed into the
- * sample array starting at a specified column.  (Any row offset needed will
- * be applied to the array pointer before it is passed to the IDCT code.)
- * Note that the number of samples emitted by the IDCT routine is
- * DCT_scaled_size * DCT_scaled_size.
- */
-
-/* typedef inverse_DCT_method_ptr is declared in jpegint.h */
-
-/*
- * Each IDCT routine has its own ideas about the best dct_table element type.
- */
-
-typedef MULTIPLIER ISLOW_MULT_TYPE;  /* short or int, whichever is faster */
-#if BITS_IN_JSAMPLE == 8
-typedef MULTIPLIER IFAST_MULT_TYPE;  /* 16 bits is OK, use short if faster */
-#define IFAST_SCALE_BITS  2          /* fractional bits in scale factors */
-#else
-typedef JLONG IFAST_MULT_TYPE;       /* need 32 bits for scaled quantizers */
-#define IFAST_SCALE_BITS  13         /* fractional bits in scale factors */
-#endif
-typedef FAST_FLOAT FLOAT_MULT_TYPE;  /* preferred floating type */
-
-
-/*
- * Each IDCT routine is responsible for range-limiting its results and
- * converting them to unsigned form (0..MAXJSAMPLE).  The raw outputs could
- * be quite far out of range if the input data is corrupt, so a bulletproof
- * range-limiting step is required.  We use a mask-and-table-lookup method
- * to do the combined operations quickly.  See the comments with
- * prepare_range_limit_table (in jdmaster.c) for more info.
- */
-
-#define IDCT_range_limit(cinfo)  ((cinfo)->sample_range_limit + CENTERJSAMPLE)
-
-#define RANGE_MASK  (MAXJSAMPLE * 4 + 3) /* 2 bits wider than legal samples */
-
-
-/* Extern declarations for the forward and inverse DCT routines. */
-
-EXTERN(void) jpeg_fdct_islow(DCTELEM *data);
-EXTERN(void) jpeg_fdct_ifast(DCTELEM *data);
-EXTERN(void) jpeg_fdct_float(FAST_FLOAT *data);
-
-EXTERN(void) jpeg_idct_islow(j_decompress_ptr cinfo,
-                             jpeg_component_info *compptr, JCOEFPTR coef_block,
-                             JSAMPARRAY output_buf, JDIMENSION output_col);
-EXTERN(void) jpeg_idct_ifast(j_decompress_ptr cinfo,
-                             jpeg_component_info *compptr, JCOEFPTR coef_block,
-                             JSAMPARRAY output_buf, JDIMENSION output_col);
-EXTERN(void) jpeg_idct_float(j_decompress_ptr cinfo,
-                             jpeg_component_info *compptr, JCOEFPTR coef_block,
-                             JSAMPARRAY output_buf, JDIMENSION output_col);
-EXTERN(void) jpeg_idct_7x7(j_decompress_ptr cinfo,
-                           jpeg_component_info *compptr, JCOEFPTR coef_block,
-                           JSAMPARRAY output_buf, JDIMENSION output_col);
-EXTERN(void) jpeg_idct_6x6(j_decompress_ptr cinfo,
-                           jpeg_component_info *compptr, JCOEFPTR coef_block,
-                           JSAMPARRAY output_buf, JDIMENSION output_col);
-EXTERN(void) jpeg_idct_5x5(j_decompress_ptr cinfo,
-                           jpeg_component_info *compptr, JCOEFPTR coef_block,
-                           JSAMPARRAY output_buf, JDIMENSION output_col);
-EXTERN(void) jpeg_idct_4x4(j_decompress_ptr cinfo,
-                           jpeg_component_info *compptr, JCOEFPTR coef_block,
-                           JSAMPARRAY output_buf, JDIMENSION output_col);
-EXTERN(void) jpeg_idct_3x3(j_decompress_ptr cinfo,
-                           jpeg_component_info *compptr, JCOEFPTR coef_block,
-                           JSAMPARRAY output_buf, JDIMENSION output_col);
-EXTERN(void) jpeg_idct_2x2(j_decompress_ptr cinfo,
-                           jpeg_component_info *compptr, JCOEFPTR coef_block,
-                           JSAMPARRAY output_buf, JDIMENSION output_col);
-EXTERN(void) jpeg_idct_1x1(j_decompress_ptr cinfo,
-                           jpeg_component_info *compptr, JCOEFPTR coef_block,
-                           JSAMPARRAY output_buf, JDIMENSION output_col);
-EXTERN(void) jpeg_idct_9x9(j_decompress_ptr cinfo,
-                           jpeg_component_info *compptr, JCOEFPTR coef_block,
-                           JSAMPARRAY output_buf, JDIMENSION output_col);
-EXTERN(void) jpeg_idct_10x10(j_decompress_ptr cinfo,
-                             jpeg_component_info *compptr, JCOEFPTR coef_block,
-                             JSAMPARRAY output_buf, JDIMENSION output_col);
-EXTERN(void) jpeg_idct_11x11(j_decompress_ptr cinfo,
-                             jpeg_component_info *compptr, JCOEFPTR coef_block,
-                             JSAMPARRAY output_buf, JDIMENSION output_col);
-EXTERN(void) jpeg_idct_12x12(j_decompress_ptr cinfo,
-                             jpeg_component_info *compptr, JCOEFPTR coef_block,
-                             JSAMPARRAY output_buf, JDIMENSION output_col);
-EXTERN(void) jpeg_idct_13x13(j_decompress_ptr cinfo,
-                             jpeg_component_info *compptr, JCOEFPTR coef_block,
-                             JSAMPARRAY output_buf, JDIMENSION output_col);
-EXTERN(void) jpeg_idct_14x14(j_decompress_ptr cinfo,
-                             jpeg_component_info *compptr, JCOEFPTR coef_block,
-                             JSAMPARRAY output_buf, JDIMENSION output_col);
-EXTERN(void) jpeg_idct_15x15(j_decompress_ptr cinfo,
-                             jpeg_component_info *compptr, JCOEFPTR coef_block,
-                             JSAMPARRAY output_buf, JDIMENSION output_col);
-EXTERN(void) jpeg_idct_16x16(j_decompress_ptr cinfo,
-                             jpeg_component_info *compptr, JCOEFPTR coef_block,
-                             JSAMPARRAY output_buf, JDIMENSION output_col);
-
-
-/*
- * Macros for handling fixed-point arithmetic; these are used by many
- * but not all of the DCT/IDCT modules.
- *
- * All values are expected to be of type JLONG.
- * Fractional constants are scaled left by CONST_BITS bits.
- * CONST_BITS is defined within each module using these macros,
- * and may differ from one module to the next.
- */
-
-#define ONE          ((JLONG)1)
-#define CONST_SCALE  (ONE << CONST_BITS)
-
-/* Convert a positive real constant to an integer scaled by CONST_SCALE.
- * Caution: some C compilers fail to reduce "FIX(constant)" at compile time,
- * thus causing a lot of useless floating-point operations at run time.
- */
-
-#define FIX(x)  ((JLONG)((x) * CONST_SCALE + 0.5))
-
-/* Descale and correctly round a JLONG value that's scaled by N bits.
- * We assume RIGHT_SHIFT rounds towards minus infinity, so adding
- * the fudge factor is correct for either sign of X.
- */
-
-#define DESCALE(x, n)  RIGHT_SHIFT((x) + (ONE << ((n) - 1)), n)
-
-/* Multiply a JLONG variable by a JLONG constant to yield a JLONG result.
- * This macro is used only when the two inputs will actually be no more than
- * 16 bits wide, so that a 16x16->32 bit multiply can be used instead of a
- * full 32x32 multiply.  This provides a useful speedup on many machines.
- * Unfortunately there is no way to specify a 16x16->32 multiply portably
- * in C, but some C compilers will do the right thing if you provide the
- * correct combination of casts.
- */
-
-#ifdef SHORTxSHORT_32           /* may work if 'int' is 32 bits */
-#define MULTIPLY16C16(var, const)  (((INT16)(var)) * ((INT16)(const)))
-#endif
-#ifdef SHORTxLCONST_32          /* known to work with Microsoft C 6.0 */
-#define MULTIPLY16C16(var, const)  (((INT16)(var)) * ((JLONG)(const)))
-#endif
-
-#ifndef MULTIPLY16C16           /* default definition */
-#define MULTIPLY16C16(var, const)  ((var) * (const))
-#endif
-
-/* Same except both inputs are variables. */
-
-#ifdef SHORTxSHORT_32           /* may work if 'int' is 32 bits */
-#define MULTIPLY16V16(var1, var2)  (((INT16)(var1)) * ((INT16)(var2)))
-#endif
-
-#ifndef MULTIPLY16V16           /* default definition */
-#define MULTIPLY16V16(var1, var2)  ((var1) * (var2))
-#endif
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jddctmgr.c b/3rdparty/libjpeg-turbo_2_1_0/jddctmgr.c
deleted file mode 100644
index 266f446..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jddctmgr.c
+++ /dev/null
@@ -1,352 +0,0 @@
-/*
- * jddctmgr.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * Modified 2002-2010 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2010, 2015, D. R. Commander.
- * Copyright (C) 2013, MIPS Technologies, Inc., California.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains the inverse-DCT management logic.
- * This code selects a particular IDCT implementation to be used,
- * and it performs related housekeeping chores.  No code in this file
- * is executed per IDCT step, only during output pass setup.
- *
- * Note that the IDCT routines are responsible for performing coefficient
- * dequantization as well as the IDCT proper.  This module sets up the
- * dequantization multiplier table needed by the IDCT routine.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jdct.h"               /* Private declarations for DCT subsystem */
-#include "jsimddct.h"
-#include "jpegcomp.h"
-
-
-/*
- * The decompressor input side (jdinput.c) saves away the appropriate
- * quantization table for each component at the start of the first scan
- * involving that component.  (This is necessary in order to correctly
- * decode files that reuse Q-table slots.)
- * When we are ready to make an output pass, the saved Q-table is converted
- * to a multiplier table that will actually be used by the IDCT routine.
- * The multiplier table contents are IDCT-method-dependent.  To support
- * application changes in IDCT method between scans, we can remake the
- * multiplier tables if necessary.
- * In buffered-image mode, the first output pass may occur before any data
- * has been seen for some components, and thus before their Q-tables have
- * been saved away.  To handle this case, multiplier tables are preset
- * to zeroes; the result of the IDCT will be a neutral gray level.
- */
-
-
-/* Private subobject for this module */
-
-typedef struct {
-  struct jpeg_inverse_dct pub;  /* public fields */
-
-  /* This array contains the IDCT method code that each multiplier table
-   * is currently set up for, or -1 if it's not yet set up.
-   * The actual multiplier tables are pointed to by dct_table in the
-   * per-component comp_info structures.
-   */
-  int cur_method[MAX_COMPONENTS];
-} my_idct_controller;
-
-typedef my_idct_controller *my_idct_ptr;
-
-
-/* Allocated multiplier tables: big enough for any supported variant */
-
-typedef union {
-  ISLOW_MULT_TYPE islow_array[DCTSIZE2];
-#ifdef DCT_IFAST_SUPPORTED
-  IFAST_MULT_TYPE ifast_array[DCTSIZE2];
-#endif
-#ifdef DCT_FLOAT_SUPPORTED
-  FLOAT_MULT_TYPE float_array[DCTSIZE2];
-#endif
-} multiplier_table;
-
-
-/* The current scaled-IDCT routines require ISLOW-style multiplier tables,
- * so be sure to compile that code if either ISLOW or SCALING is requested.
- */
-#ifdef DCT_ISLOW_SUPPORTED
-#define PROVIDE_ISLOW_TABLES
-#else
-#ifdef IDCT_SCALING_SUPPORTED
-#define PROVIDE_ISLOW_TABLES
-#endif
-#endif
-
-
-/*
- * Prepare for an output pass.
- * Here we select the proper IDCT routine for each component and build
- * a matching multiplier table.
- */
-
-METHODDEF(void)
-start_pass(j_decompress_ptr cinfo)
-{
-  my_idct_ptr idct = (my_idct_ptr)cinfo->idct;
-  int ci, i;
-  jpeg_component_info *compptr;
-  int method = 0;
-  inverse_DCT_method_ptr method_ptr = NULL;
-  JQUANT_TBL *qtbl;
-
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    /* Select the proper IDCT routine for this component's scaling */
-    switch (compptr->_DCT_scaled_size) {
-#ifdef IDCT_SCALING_SUPPORTED
-    case 1:
-      method_ptr = jpeg_idct_1x1;
-      method = JDCT_ISLOW;      /* jidctred uses islow-style table */
-      break;
-    case 2:
-      if (jsimd_can_idct_2x2())
-        method_ptr = jsimd_idct_2x2;
-      else
-        method_ptr = jpeg_idct_2x2;
-      method = JDCT_ISLOW;      /* jidctred uses islow-style table */
-      break;
-    case 3:
-      method_ptr = jpeg_idct_3x3;
-      method = JDCT_ISLOW;      /* jidctint uses islow-style table */
-      break;
-    case 4:
-      if (jsimd_can_idct_4x4())
-        method_ptr = jsimd_idct_4x4;
-      else
-        method_ptr = jpeg_idct_4x4;
-      method = JDCT_ISLOW;      /* jidctred uses islow-style table */
-      break;
-    case 5:
-      method_ptr = jpeg_idct_5x5;
-      method = JDCT_ISLOW;      /* jidctint uses islow-style table */
-      break;
-    case 6:
-#if defined(__mips__)
-      if (jsimd_can_idct_6x6())
-        method_ptr = jsimd_idct_6x6;
-      else
-#endif
-      method_ptr = jpeg_idct_6x6;
-      method = JDCT_ISLOW;      /* jidctint uses islow-style table */
-      break;
-    case 7:
-      method_ptr = jpeg_idct_7x7;
-      method = JDCT_ISLOW;      /* jidctint uses islow-style table */
-      break;
-#endif
-    case DCTSIZE:
-      switch (cinfo->dct_method) {
-#ifdef DCT_ISLOW_SUPPORTED
-      case JDCT_ISLOW:
-        if (jsimd_can_idct_islow())
-          method_ptr = jsimd_idct_islow;
-        else
-          method_ptr = jpeg_idct_islow;
-        method = JDCT_ISLOW;
-        break;
-#endif
-#ifdef DCT_IFAST_SUPPORTED
-      case JDCT_IFAST:
-        if (jsimd_can_idct_ifast())
-          method_ptr = jsimd_idct_ifast;
-        else
-          method_ptr = jpeg_idct_ifast;
-        method = JDCT_IFAST;
-        break;
-#endif
-#ifdef DCT_FLOAT_SUPPORTED
-      case JDCT_FLOAT:
-        if (jsimd_can_idct_float())
-          method_ptr = jsimd_idct_float;
-        else
-          method_ptr = jpeg_idct_float;
-        method = JDCT_FLOAT;
-        break;
-#endif
-      default:
-        ERREXIT(cinfo, JERR_NOT_COMPILED);
-        break;
-      }
-      break;
-#ifdef IDCT_SCALING_SUPPORTED
-    case 9:
-      method_ptr = jpeg_idct_9x9;
-      method = JDCT_ISLOW;      /* jidctint uses islow-style table */
-      break;
-    case 10:
-      method_ptr = jpeg_idct_10x10;
-      method = JDCT_ISLOW;      /* jidctint uses islow-style table */
-      break;
-    case 11:
-      method_ptr = jpeg_idct_11x11;
-      method = JDCT_ISLOW;      /* jidctint uses islow-style table */
-      break;
-    case 12:
-#if defined(__mips__)
-      if (jsimd_can_idct_12x12())
-        method_ptr = jsimd_idct_12x12;
-      else
-#endif
-      method_ptr = jpeg_idct_12x12;
-      method = JDCT_ISLOW;      /* jidctint uses islow-style table */
-      break;
-    case 13:
-      method_ptr = jpeg_idct_13x13;
-      method = JDCT_ISLOW;      /* jidctint uses islow-style table */
-      break;
-    case 14:
-      method_ptr = jpeg_idct_14x14;
-      method = JDCT_ISLOW;      /* jidctint uses islow-style table */
-      break;
-    case 15:
-      method_ptr = jpeg_idct_15x15;
-      method = JDCT_ISLOW;      /* jidctint uses islow-style table */
-      break;
-    case 16:
-      method_ptr = jpeg_idct_16x16;
-      method = JDCT_ISLOW;      /* jidctint uses islow-style table */
-      break;
-#endif
-    default:
-      ERREXIT1(cinfo, JERR_BAD_DCTSIZE, compptr->_DCT_scaled_size);
-      break;
-    }
-    idct->pub.inverse_DCT[ci] = method_ptr;
-    /* Create multiplier table from quant table.
-     * However, we can skip this if the component is uninteresting
-     * or if we already built the table.  Also, if no quant table
-     * has yet been saved for the component, we leave the
-     * multiplier table all-zero; we'll be reading zeroes from the
-     * coefficient controller's buffer anyway.
-     */
-    if (!compptr->component_needed || idct->cur_method[ci] == method)
-      continue;
-    qtbl = compptr->quant_table;
-    if (qtbl == NULL)           /* happens if no data yet for component */
-      continue;
-    idct->cur_method[ci] = method;
-    switch (method) {
-#ifdef PROVIDE_ISLOW_TABLES
-    case JDCT_ISLOW:
-      {
-        /* For LL&M IDCT method, multipliers are equal to raw quantization
-         * coefficients, but are stored as ints to ensure access efficiency.
-         */
-        ISLOW_MULT_TYPE *ismtbl = (ISLOW_MULT_TYPE *)compptr->dct_table;
-        for (i = 0; i < DCTSIZE2; i++) {
-          ismtbl[i] = (ISLOW_MULT_TYPE)qtbl->quantval[i];
-        }
-      }
-      break;
-#endif
-#ifdef DCT_IFAST_SUPPORTED
-    case JDCT_IFAST:
-      {
-        /* For AA&N IDCT method, multipliers are equal to quantization
-         * coefficients scaled by scalefactor[row]*scalefactor[col], where
-         *   scalefactor[0] = 1
-         *   scalefactor[k] = cos(k*PI/16) * sqrt(2)    for k=1..7
-         * For integer operation, the multiplier table is to be scaled by
-         * IFAST_SCALE_BITS.
-         */
-        IFAST_MULT_TYPE *ifmtbl = (IFAST_MULT_TYPE *)compptr->dct_table;
-#define CONST_BITS  14
-        static const INT16 aanscales[DCTSIZE2] = {
-          /* precomputed values scaled up by 14 bits */
-          16384, 22725, 21407, 19266, 16384, 12873,  8867,  4520,
-          22725, 31521, 29692, 26722, 22725, 17855, 12299,  6270,
-          21407, 29692, 27969, 25172, 21407, 16819, 11585,  5906,
-          19266, 26722, 25172, 22654, 19266, 15137, 10426,  5315,
-          16384, 22725, 21407, 19266, 16384, 12873,  8867,  4520,
-          12873, 17855, 16819, 15137, 12873, 10114,  6967,  3552,
-           8867, 12299, 11585, 10426,  8867,  6967,  4799,  2446,
-           4520,  6270,  5906,  5315,  4520,  3552,  2446,  1247
-        };
-        SHIFT_TEMPS
-
-        for (i = 0; i < DCTSIZE2; i++) {
-          ifmtbl[i] = (IFAST_MULT_TYPE)
-            DESCALE(MULTIPLY16V16((JLONG)qtbl->quantval[i],
-                                  (JLONG)aanscales[i]),
-                    CONST_BITS - IFAST_SCALE_BITS);
-        }
-      }
-      break;
-#endif
-#ifdef DCT_FLOAT_SUPPORTED
-    case JDCT_FLOAT:
-      {
-        /* For float AA&N IDCT method, multipliers are equal to quantization
-         * coefficients scaled by scalefactor[row]*scalefactor[col], where
-         *   scalefactor[0] = 1
-         *   scalefactor[k] = cos(k*PI/16) * sqrt(2)    for k=1..7
-         */
-        FLOAT_MULT_TYPE *fmtbl = (FLOAT_MULT_TYPE *)compptr->dct_table;
-        int row, col;
-        static const double aanscalefactor[DCTSIZE] = {
-          1.0, 1.387039845, 1.306562965, 1.175875602,
-          1.0, 0.785694958, 0.541196100, 0.275899379
-        };
-
-        i = 0;
-        for (row = 0; row < DCTSIZE; row++) {
-          for (col = 0; col < DCTSIZE; col++) {
-            fmtbl[i] = (FLOAT_MULT_TYPE)
-              ((double)qtbl->quantval[i] *
-               aanscalefactor[row] * aanscalefactor[col]);
-            i++;
-          }
-        }
-      }
-      break;
-#endif
-    default:
-      ERREXIT(cinfo, JERR_NOT_COMPILED);
-      break;
-    }
-  }
-}
-
-
-/*
- * Initialize IDCT manager.
- */
-
-GLOBAL(void)
-jinit_inverse_dct(j_decompress_ptr cinfo)
-{
-  my_idct_ptr idct;
-  int ci;
-  jpeg_component_info *compptr;
-
-  idct = (my_idct_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(my_idct_controller));
-  cinfo->idct = (struct jpeg_inverse_dct *)idct;
-  idct->pub.start_pass = start_pass;
-
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    /* Allocate and pre-zero a multiplier table for each component */
-    compptr->dct_table =
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                  sizeof(multiplier_table));
-    MEMZERO(compptr->dct_table, sizeof(multiplier_table));
-    /* Mark multiplier table not yet set up for any method */
-    idct->cur_method[ci] = -1;
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdhuff.c b/3rdparty/libjpeg-turbo_2_1_0/jdhuff.c
deleted file mode 100644
index f786c10..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdhuff.c
+++ /dev/null
@@ -1,825 +0,0 @@
-/*
- * jdhuff.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1997, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2009-2011, 2016, 2018-2019, D. R. Commander.
- * Copyright (C) 2018, Matthias Räncker.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains Huffman entropy decoding routines.
- *
- * Much of the complexity here has to do with supporting input suspension.
- * If the data source module demands suspension, we want to be able to back
- * up to the start of the current MCU.  To do this, we copy state variables
- * into local working storage, and update them back to the permanent
- * storage only upon successful completion of an MCU.
- *
- * NOTE: All referenced figures are from
- * Recommendation ITU-T T.81 (1992) | ISO/IEC 10918-1:1994.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jdhuff.h"             /* Declarations shared with jdphuff.c */
-#include "jpegcomp.h"
-#include "jstdhuff.c"
-
-
-/*
- * Expanded entropy decoder object for Huffman decoding.
- *
- * The savable_state subrecord contains fields that change within an MCU,
- * but must not be updated permanently until we complete the MCU.
- */
-
-typedef struct {
-  int last_dc_val[MAX_COMPS_IN_SCAN]; /* last DC coef for each component */
-} savable_state;
-
-typedef struct {
-  struct jpeg_entropy_decoder pub; /* public fields */
-
-  /* These fields are loaded into local variables at start of each MCU.
-   * In case of suspension, we exit WITHOUT updating them.
-   */
-  bitread_perm_state bitstate;  /* Bit buffer at start of MCU */
-  savable_state saved;          /* Other state at start of MCU */
-
-  /* These fields are NOT loaded into local working state. */
-  unsigned int restarts_to_go;  /* MCUs left in this restart interval */
-
-  /* Pointers to derived tables (these workspaces have image lifespan) */
-  d_derived_tbl *dc_derived_tbls[NUM_HUFF_TBLS];
-  d_derived_tbl *ac_derived_tbls[NUM_HUFF_TBLS];
-
-  /* Precalculated info set up by start_pass for use in decode_mcu: */
-
-  /* Pointers to derived tables to be used for each block within an MCU */
-  d_derived_tbl *dc_cur_tbls[D_MAX_BLOCKS_IN_MCU];
-  d_derived_tbl *ac_cur_tbls[D_MAX_BLOCKS_IN_MCU];
-  /* Whether we care about the DC and AC coefficient values for each block */
-  boolean dc_needed[D_MAX_BLOCKS_IN_MCU];
-  boolean ac_needed[D_MAX_BLOCKS_IN_MCU];
-} huff_entropy_decoder;
-
-typedef huff_entropy_decoder *huff_entropy_ptr;
-
-
-/*
- * Initialize for a Huffman-compressed scan.
- */
-
-METHODDEF(void)
-start_pass_huff_decoder(j_decompress_ptr cinfo)
-{
-  huff_entropy_ptr entropy = (huff_entropy_ptr)cinfo->entropy;
-  int ci, blkn, dctbl, actbl;
-  d_derived_tbl **pdtbl;
-  jpeg_component_info *compptr;
-
-  /* Check that the scan parameters Ss, Se, Ah/Al are OK for sequential JPEG.
-   * This ought to be an error condition, but we make it a warning because
-   * there are some baseline files out there with all zeroes in these bytes.
-   */
-  if (cinfo->Ss != 0 || cinfo->Se != DCTSIZE2 - 1 ||
-      cinfo->Ah != 0 || cinfo->Al != 0)
-    WARNMS(cinfo, JWRN_NOT_SEQUENTIAL);
-
-  for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-    compptr = cinfo->cur_comp_info[ci];
-    dctbl = compptr->dc_tbl_no;
-    actbl = compptr->ac_tbl_no;
-    /* Compute derived values for Huffman tables */
-    /* We may do this more than once for a table, but it's not expensive */
-    pdtbl = (d_derived_tbl **)(entropy->dc_derived_tbls) + dctbl;
-    jpeg_make_d_derived_tbl(cinfo, TRUE, dctbl, pdtbl);
-    pdtbl = (d_derived_tbl **)(entropy->ac_derived_tbls) + actbl;
-    jpeg_make_d_derived_tbl(cinfo, FALSE, actbl, pdtbl);
-    /* Initialize DC predictions to 0 */
-    entropy->saved.last_dc_val[ci] = 0;
-  }
-
-  /* Precalculate decoding info for each block in an MCU of this scan */
-  for (blkn = 0; blkn < cinfo->blocks_in_MCU; blkn++) {
-    ci = cinfo->MCU_membership[blkn];
-    compptr = cinfo->cur_comp_info[ci];
-    /* Precalculate which table to use for each block */
-    entropy->dc_cur_tbls[blkn] = entropy->dc_derived_tbls[compptr->dc_tbl_no];
-    entropy->ac_cur_tbls[blkn] = entropy->ac_derived_tbls[compptr->ac_tbl_no];
-    /* Decide whether we really care about the coefficient values */
-    if (compptr->component_needed) {
-      entropy->dc_needed[blkn] = TRUE;
-      /* we don't need the ACs if producing a 1/8th-size image */
-      entropy->ac_needed[blkn] = (compptr->_DCT_scaled_size > 1);
-    } else {
-      entropy->dc_needed[blkn] = entropy->ac_needed[blkn] = FALSE;
-    }
-  }
-
-  /* Initialize bitread state variables */
-  entropy->bitstate.bits_left = 0;
-  entropy->bitstate.get_buffer = 0; /* unnecessary, but keeps Purify quiet */
-  entropy->pub.insufficient_data = FALSE;
-
-  /* Initialize restart counter */
-  entropy->restarts_to_go = cinfo->restart_interval;
-}
-
-
-/*
- * Compute the derived values for a Huffman table.
- * This routine also performs some validation checks on the table.
- *
- * Note this is also used by jdphuff.c.
- */
-
-GLOBAL(void)
-jpeg_make_d_derived_tbl(j_decompress_ptr cinfo, boolean isDC, int tblno,
-                        d_derived_tbl **pdtbl)
-{
-  JHUFF_TBL *htbl;
-  d_derived_tbl *dtbl;
-  int p, i, l, si, numsymbols;
-  int lookbits, ctr;
-  char huffsize[257];
-  unsigned int huffcode[257];
-  unsigned int code;
-
-  /* Note that huffsize[] and huffcode[] are filled in code-length order,
-   * paralleling the order of the symbols themselves in htbl->huffval[].
-   */
-
-  /* Find the input Huffman table */
-  if (tblno < 0 || tblno >= NUM_HUFF_TBLS)
-    ERREXIT1(cinfo, JERR_NO_HUFF_TABLE, tblno);
-  htbl =
-    isDC ? cinfo->dc_huff_tbl_ptrs[tblno] : cinfo->ac_huff_tbl_ptrs[tblno];
-  if (htbl == NULL)
-    ERREXIT1(cinfo, JERR_NO_HUFF_TABLE, tblno);
-
-  /* Allocate a workspace if we haven't already done so. */
-  if (*pdtbl == NULL)
-    *pdtbl = (d_derived_tbl *)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                  sizeof(d_derived_tbl));
-  dtbl = *pdtbl;
-  dtbl->pub = htbl;             /* fill in back link */
-
-  /* Figure C.1: make table of Huffman code length for each symbol */
-
-  p = 0;
-  for (l = 1; l <= 16; l++) {
-    i = (int)htbl->bits[l];
-    if (i < 0 || p + i > 256)   /* protect against table overrun */
-      ERREXIT(cinfo, JERR_BAD_HUFF_TABLE);
-    while (i--)
-      huffsize[p++] = (char)l;
-  }
-  huffsize[p] = 0;
-  numsymbols = p;
-
-  /* Figure C.2: generate the codes themselves */
-  /* We also validate that the counts represent a legal Huffman code tree. */
-
-  code = 0;
-  si = huffsize[0];
-  p = 0;
-  while (huffsize[p]) {
-    while (((int)huffsize[p]) == si) {
-      huffcode[p++] = code;
-      code++;
-    }
-    /* code is now 1 more than the last code used for codelength si; but
-     * it must still fit in si bits, since no code is allowed to be all ones.
-     */
-    if (((JLONG)code) >= (((JLONG)1) << si))
-      ERREXIT(cinfo, JERR_BAD_HUFF_TABLE);
-    code <<= 1;
-    si++;
-  }
-
-  /* Figure F.15: generate decoding tables for bit-sequential decoding */
-
-  p = 0;
-  for (l = 1; l <= 16; l++) {
-    if (htbl->bits[l]) {
-      /* valoffset[l] = huffval[] index of 1st symbol of code length l,
-       * minus the minimum code of length l
-       */
-      dtbl->valoffset[l] = (JLONG)p - (JLONG)huffcode[p];
-      p += htbl->bits[l];
-      dtbl->maxcode[l] = huffcode[p - 1]; /* maximum code of length l */
-    } else {
-      dtbl->maxcode[l] = -1;    /* -1 if no codes of this length */
-    }
-  }
-  dtbl->valoffset[17] = 0;
-  dtbl->maxcode[17] = 0xFFFFFL; /* ensures jpeg_huff_decode terminates */
-
-  /* Compute lookahead tables to speed up decoding.
-   * First we set all the table entries to 0, indicating "too long";
-   * then we iterate through the Huffman codes that are short enough and
-   * fill in all the entries that correspond to bit sequences starting
-   * with that code.
-   */
-
-  for (i = 0; i < (1 << HUFF_LOOKAHEAD); i++)
-    dtbl->lookup[i] = (HUFF_LOOKAHEAD + 1) << HUFF_LOOKAHEAD;
-
-  p = 0;
-  for (l = 1; l <= HUFF_LOOKAHEAD; l++) {
-    for (i = 1; i <= (int)htbl->bits[l]; i++, p++) {
-      /* l = current code's length, p = its index in huffcode[] & huffval[]. */
-      /* Generate left-justified code followed by all possible bit sequences */
-      lookbits = huffcode[p] << (HUFF_LOOKAHEAD - l);
-      for (ctr = 1 << (HUFF_LOOKAHEAD - l); ctr > 0; ctr--) {
-        dtbl->lookup[lookbits] = (l << HUFF_LOOKAHEAD) | htbl->huffval[p];
-        lookbits++;
-      }
-    }
-  }
-
-  /* Validate symbols as being reasonable.
-   * For AC tables, we make no check, but accept all byte values 0..255.
-   * For DC tables, we require the symbols to be in range 0..15.
-   * (Tighter bounds could be applied depending on the data depth and mode,
-   * but this is sufficient to ensure safe decoding.)
-   */
-  if (isDC) {
-    for (i = 0; i < numsymbols; i++) {
-      int sym = htbl->huffval[i];
-      if (sym < 0 || sym > 15)
-        ERREXIT(cinfo, JERR_BAD_HUFF_TABLE);
-    }
-  }
-}
-
-
-/*
- * Out-of-line code for bit fetching (shared with jdphuff.c).
- * See jdhuff.h for info about usage.
- * Note: current values of get_buffer and bits_left are passed as parameters,
- * but are returned in the corresponding fields of the state struct.
- *
- * On most machines MIN_GET_BITS should be 25 to allow the full 32-bit width
- * of get_buffer to be used.  (On machines with wider words, an even larger
- * buffer could be used.)  However, on some machines 32-bit shifts are
- * quite slow and take time proportional to the number of places shifted.
- * (This is true with most PC compilers, for instance.)  In this case it may
- * be a win to set MIN_GET_BITS to the minimum value of 15.  This reduces the
- * average shift distance at the cost of more calls to jpeg_fill_bit_buffer.
- */
-
-#ifdef SLOW_SHIFT_32
-#define MIN_GET_BITS  15        /* minimum allowable value */
-#else
-#define MIN_GET_BITS  (BIT_BUF_SIZE - 7)
-#endif
-
-
-GLOBAL(boolean)
-jpeg_fill_bit_buffer(bitread_working_state *state,
-                     register bit_buf_type get_buffer, register int bits_left,
-                     int nbits)
-/* Load up the bit buffer to a depth of at least nbits */
-{
-  /* Copy heavily used state fields into locals (hopefully registers) */
-  register const JOCTET *next_input_byte = state->next_input_byte;
-  register size_t bytes_in_buffer = state->bytes_in_buffer;
-  j_decompress_ptr cinfo = state->cinfo;
-
-  /* Attempt to load at least MIN_GET_BITS bits into get_buffer. */
-  /* (It is assumed that no request will be for more than that many bits.) */
-  /* We fail to do so only if we hit a marker or are forced to suspend. */
-
-  if (cinfo->unread_marker == 0) {      /* cannot advance past a marker */
-    while (bits_left < MIN_GET_BITS) {
-      register int c;
-
-      /* Attempt to read a byte */
-      if (bytes_in_buffer == 0) {
-        if (!(*cinfo->src->fill_input_buffer) (cinfo))
-          return FALSE;
-        next_input_byte = cinfo->src->next_input_byte;
-        bytes_in_buffer = cinfo->src->bytes_in_buffer;
-      }
-      bytes_in_buffer--;
-      c = *next_input_byte++;
-
-      /* If it's 0xFF, check and discard stuffed zero byte */
-      if (c == 0xFF) {
-        /* Loop here to discard any padding FF's on terminating marker,
-         * so that we can save a valid unread_marker value.  NOTE: we will
-         * accept multiple FF's followed by a 0 as meaning a single FF data
-         * byte.  This data pattern is not valid according to the standard.
-         */
-        do {
-          if (bytes_in_buffer == 0) {
-            if (!(*cinfo->src->fill_input_buffer) (cinfo))
-              return FALSE;
-            next_input_byte = cinfo->src->next_input_byte;
-            bytes_in_buffer = cinfo->src->bytes_in_buffer;
-          }
-          bytes_in_buffer--;
-          c = *next_input_byte++;
-        } while (c == 0xFF);
-
-        if (c == 0) {
-          /* Found FF/00, which represents an FF data byte */
-          c = 0xFF;
-        } else {
-          /* Oops, it's actually a marker indicating end of compressed data.
-           * Save the marker code for later use.
-           * Fine point: it might appear that we should save the marker into
-           * bitread working state, not straight into permanent state.  But
-           * once we have hit a marker, we cannot need to suspend within the
-           * current MCU, because we will read no more bytes from the data
-           * source.  So it is OK to update permanent state right away.
-           */
-          cinfo->unread_marker = c;
-          /* See if we need to insert some fake zero bits. */
-          goto no_more_bytes;
-        }
-      }
-
-      /* OK, load c into get_buffer */
-      get_buffer = (get_buffer << 8) | c;
-      bits_left += 8;
-    } /* end while */
-  } else {
-no_more_bytes:
-    /* We get here if we've read the marker that terminates the compressed
-     * data segment.  There should be enough bits in the buffer register
-     * to satisfy the request; if so, no problem.
-     */
-    if (nbits > bits_left) {
-      /* Uh-oh.  Report corrupted data to user and stuff zeroes into
-       * the data stream, so that we can produce some kind of image.
-       * We use a nonvolatile flag to ensure that only one warning message
-       * appears per data segment.
-       */
-      if (!cinfo->entropy->insufficient_data) {
-        WARNMS(cinfo, JWRN_HIT_MARKER);
-        cinfo->entropy->insufficient_data = TRUE;
-      }
-      /* Fill the buffer with zero bits */
-      get_buffer <<= MIN_GET_BITS - bits_left;
-      bits_left = MIN_GET_BITS;
-    }
-  }
-
-  /* Unload the local registers */
-  state->next_input_byte = next_input_byte;
-  state->bytes_in_buffer = bytes_in_buffer;
-  state->get_buffer = get_buffer;
-  state->bits_left = bits_left;
-
-  return TRUE;
-}
-
-
-/* Macro version of the above, which performs much better but does not
-   handle markers.  We have to hand off any blocks with markers to the
-   slower routines. */
-
-#define GET_BYTE { \
-  register int c0, c1; \
-  c0 = *buffer++; \
-  c1 = *buffer; \
-  /* Pre-execute most common case */ \
-  get_buffer = (get_buffer << 8) | c0; \
-  bits_left += 8; \
-  if (c0 == 0xFF) { \
-    /* Pre-execute case of FF/00, which represents an FF data byte */ \
-    buffer++; \
-    if (c1 != 0) { \
-      /* Oops, it's actually a marker indicating end of compressed data. */ \
-      cinfo->unread_marker = c1; \
-      /* Back out pre-execution and fill the buffer with zero bits */ \
-      buffer -= 2; \
-      get_buffer &= ~0xFF; \
-    } \
-  } \
-}
-
-#if SIZEOF_SIZE_T == 8 || defined(_WIN64) || (defined(__x86_64__) && defined(__ILP32__))
-
-/* Pre-fetch 48 bytes, because the holding register is 64-bit */
-#define FILL_BIT_BUFFER_FAST \
-  if (bits_left <= 16) { \
-    GET_BYTE GET_BYTE GET_BYTE GET_BYTE GET_BYTE GET_BYTE \
-  }
-
-#else
-
-/* Pre-fetch 16 bytes, because the holding register is 32-bit */
-#define FILL_BIT_BUFFER_FAST \
-  if (bits_left <= 16) { \
-    GET_BYTE GET_BYTE \
-  }
-
-#endif
-
-
-/*
- * Out-of-line code for Huffman code decoding.
- * See jdhuff.h for info about usage.
- */
-
-GLOBAL(int)
-jpeg_huff_decode(bitread_working_state *state,
-                 register bit_buf_type get_buffer, register int bits_left,
-                 d_derived_tbl *htbl, int min_bits)
-{
-  register int l = min_bits;
-  register JLONG code;
-
-  /* HUFF_DECODE has determined that the code is at least min_bits */
-  /* bits long, so fetch that many bits in one swoop. */
-
-  CHECK_BIT_BUFFER(*state, l, return -1);
-  code = GET_BITS(l);
-
-  /* Collect the rest of the Huffman code one bit at a time. */
-  /* This is per Figure F.16. */
-
-  while (code > htbl->maxcode[l]) {
-    code <<= 1;
-    CHECK_BIT_BUFFER(*state, 1, return -1);
-    code |= GET_BITS(1);
-    l++;
-  }
-
-  /* Unload the local registers */
-  state->get_buffer = get_buffer;
-  state->bits_left = bits_left;
-
-  /* With garbage input we may reach the sentinel value l = 17. */
-
-  if (l > 16) {
-    WARNMS(state->cinfo, JWRN_HUFF_BAD_CODE);
-    return 0;                   /* fake a zero as the safest result */
-  }
-
-  return htbl->pub->huffval[(int)(code + htbl->valoffset[l])];
-}
-
-
-/*
- * Figure F.12: extend sign bit.
- * On some machines, a shift and add will be faster than a table lookup.
- */
-
-#define AVOID_TABLES
-#ifdef AVOID_TABLES
-
-#define NEG_1  ((unsigned int)-1)
-#define HUFF_EXTEND(x, s) \
-  ((x) + ((((x) - (1 << ((s) - 1))) >> 31) & (((NEG_1) << (s)) + 1)))
-
-#else
-
-#define HUFF_EXTEND(x, s) \
-  ((x) < extend_test[s] ? (x) + extend_offset[s] : (x))
-
-static const int extend_test[16] = {   /* entry n is 2**(n-1) */
-  0, 0x0001, 0x0002, 0x0004, 0x0008, 0x0010, 0x0020, 0x0040, 0x0080,
-  0x0100, 0x0200, 0x0400, 0x0800, 0x1000, 0x2000, 0x4000
-};
-
-static const int extend_offset[16] = { /* entry n is (-1 << n) + 1 */
-  0, ((-1) << 1) + 1, ((-1) << 2) + 1, ((-1) << 3) + 1, ((-1) << 4) + 1,
-  ((-1) << 5) + 1, ((-1) << 6) + 1, ((-1) << 7) + 1, ((-1) << 8) + 1,
-  ((-1) << 9) + 1, ((-1) << 10) + 1, ((-1) << 11) + 1, ((-1) << 12) + 1,
-  ((-1) << 13) + 1, ((-1) << 14) + 1, ((-1) << 15) + 1
-};
-
-#endif /* AVOID_TABLES */
-
-
-/*
- * Check for a restart marker & resynchronize decoder.
- * Returns FALSE if must suspend.
- */
-
-LOCAL(boolean)
-process_restart(j_decompress_ptr cinfo)
-{
-  huff_entropy_ptr entropy = (huff_entropy_ptr)cinfo->entropy;
-  int ci;
-
-  /* Throw away any unused bits remaining in bit buffer; */
-  /* include any full bytes in next_marker's count of discarded bytes */
-  cinfo->marker->discarded_bytes += entropy->bitstate.bits_left / 8;
-  entropy->bitstate.bits_left = 0;
-
-  /* Advance past the RSTn marker */
-  if (!(*cinfo->marker->read_restart_marker) (cinfo))
-    return FALSE;
-
-  /* Re-initialize DC predictions to 0 */
-  for (ci = 0; ci < cinfo->comps_in_scan; ci++)
-    entropy->saved.last_dc_val[ci] = 0;
-
-  /* Reset restart counter */
-  entropy->restarts_to_go = cinfo->restart_interval;
-
-  /* Reset out-of-data flag, unless read_restart_marker left us smack up
-   * against a marker.  In that case we will end up treating the next data
-   * segment as empty, and we can avoid producing bogus output pixels by
-   * leaving the flag set.
-   */
-  if (cinfo->unread_marker == 0)
-    entropy->pub.insufficient_data = FALSE;
-
-  return TRUE;
-}
-
-
-#if defined(__has_feature)
-#if __has_feature(undefined_behavior_sanitizer)
-__attribute__((no_sanitize("signed-integer-overflow"),
-               no_sanitize("unsigned-integer-overflow")))
-#endif
-#endif
-LOCAL(boolean)
-decode_mcu_slow(j_decompress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  huff_entropy_ptr entropy = (huff_entropy_ptr)cinfo->entropy;
-  BITREAD_STATE_VARS;
-  int blkn;
-  savable_state state;
-  /* Outer loop handles each block in the MCU */
-
-  /* Load up working state */
-  BITREAD_LOAD_STATE(cinfo, entropy->bitstate);
-  state = entropy->saved;
-
-  for (blkn = 0; blkn < cinfo->blocks_in_MCU; blkn++) {
-    JBLOCKROW block = MCU_data ? MCU_data[blkn] : NULL;
-    d_derived_tbl *dctbl = entropy->dc_cur_tbls[blkn];
-    d_derived_tbl *actbl = entropy->ac_cur_tbls[blkn];
-    register int s, k, r;
-
-    /* Decode a single block's worth of coefficients */
-
-    /* Section F.2.2.1: decode the DC coefficient difference */
-    HUFF_DECODE(s, br_state, dctbl, return FALSE, label1);
-    if (s) {
-      CHECK_BIT_BUFFER(br_state, s, return FALSE);
-      r = GET_BITS(s);
-      s = HUFF_EXTEND(r, s);
-    }
-
-    if (entropy->dc_needed[blkn]) {
-      /* Convert DC difference to actual value, update last_dc_val */
-      int ci = cinfo->MCU_membership[blkn];
-      /* Certain malformed JPEG images produce repeated DC coefficient
-       * differences of 2047 or -2047, which causes state.last_dc_val[ci] to
-       * grow until it overflows or underflows a 32-bit signed integer.  This
-       * behavior is, to the best of our understanding, innocuous, and it is
-       * unclear how to work around it without potentially affecting
-       * performance.  Thus, we (hopefully temporarily) suppress UBSan integer
-       * overflow errors for this function.
-       */
-      s += state.last_dc_val[ci];
-      state.last_dc_val[ci] = s;
-      if (block) {
-        /* Output the DC coefficient (assumes jpeg_natural_order[0] = 0) */
-        (*block)[0] = (JCOEF)s;
-      }
-    }
-
-    if (entropy->ac_needed[blkn] && block) {
-
-      /* Section F.2.2.2: decode the AC coefficients */
-      /* Since zeroes are skipped, output area must be cleared beforehand */
-      for (k = 1; k < DCTSIZE2; k++) {
-        HUFF_DECODE(s, br_state, actbl, return FALSE, label2);
-
-        r = s >> 4;
-        s &= 15;
-
-        if (s) {
-          k += r;
-          CHECK_BIT_BUFFER(br_state, s, return FALSE);
-          r = GET_BITS(s);
-          s = HUFF_EXTEND(r, s);
-          /* Output coefficient in natural (dezigzagged) order.
-           * Note: the extra entries in jpeg_natural_order[] will save us
-           * if k >= DCTSIZE2, which could happen if the data is corrupted.
-           */
-          (*block)[jpeg_natural_order[k]] = (JCOEF)s;
-        } else {
-          if (r != 15)
-            break;
-          k += 15;
-        }
-      }
-
-    } else {
-
-      /* Section F.2.2.2: decode the AC coefficients */
-      /* In this path we just discard the values */
-      for (k = 1; k < DCTSIZE2; k++) {
-        HUFF_DECODE(s, br_state, actbl, return FALSE, label3);
-
-        r = s >> 4;
-        s &= 15;
-
-        if (s) {
-          k += r;
-          CHECK_BIT_BUFFER(br_state, s, return FALSE);
-          DROP_BITS(s);
-        } else {
-          if (r != 15)
-            break;
-          k += 15;
-        }
-      }
-    }
-  }
-
-  /* Completed MCU, so update state */
-  BITREAD_SAVE_STATE(cinfo, entropy->bitstate);
-  entropy->saved = state;
-  return TRUE;
-}
-
-
-LOCAL(boolean)
-decode_mcu_fast(j_decompress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  huff_entropy_ptr entropy = (huff_entropy_ptr)cinfo->entropy;
-  BITREAD_STATE_VARS;
-  JOCTET *buffer;
-  int blkn;
-  savable_state state;
-  /* Outer loop handles each block in the MCU */
-
-  /* Load up working state */
-  BITREAD_LOAD_STATE(cinfo, entropy->bitstate);
-  buffer = (JOCTET *)br_state.next_input_byte;
-  state = entropy->saved;
-
-  for (blkn = 0; blkn < cinfo->blocks_in_MCU; blkn++) {
-    JBLOCKROW block = MCU_data ? MCU_data[blkn] : NULL;
-    d_derived_tbl *dctbl = entropy->dc_cur_tbls[blkn];
-    d_derived_tbl *actbl = entropy->ac_cur_tbls[blkn];
-    register int s, k, r, l;
-
-    HUFF_DECODE_FAST(s, l, dctbl);
-    if (s) {
-      FILL_BIT_BUFFER_FAST
-      r = GET_BITS(s);
-      s = HUFF_EXTEND(r, s);
-    }
-
-    if (entropy->dc_needed[blkn]) {
-      int ci = cinfo->MCU_membership[blkn];
-      s += state.last_dc_val[ci];
-      state.last_dc_val[ci] = s;
-      if (block)
-        (*block)[0] = (JCOEF)s;
-    }
-
-    if (entropy->ac_needed[blkn] && block) {
-
-      for (k = 1; k < DCTSIZE2; k++) {
-        HUFF_DECODE_FAST(s, l, actbl);
-        r = s >> 4;
-        s &= 15;
-
-        if (s) {
-          k += r;
-          FILL_BIT_BUFFER_FAST
-          r = GET_BITS(s);
-          s = HUFF_EXTEND(r, s);
-          (*block)[jpeg_natural_order[k]] = (JCOEF)s;
-        } else {
-          if (r != 15) break;
-          k += 15;
-        }
-      }
-
-    } else {
-
-      for (k = 1; k < DCTSIZE2; k++) {
-        HUFF_DECODE_FAST(s, l, actbl);
-        r = s >> 4;
-        s &= 15;
-
-        if (s) {
-          k += r;
-          FILL_BIT_BUFFER_FAST
-          DROP_BITS(s);
-        } else {
-          if (r != 15) break;
-          k += 15;
-        }
-      }
-    }
-  }
-
-  if (cinfo->unread_marker != 0) {
-    cinfo->unread_marker = 0;
-    return FALSE;
-  }
-
-  br_state.bytes_in_buffer -= (buffer - br_state.next_input_byte);
-  br_state.next_input_byte = buffer;
-  BITREAD_SAVE_STATE(cinfo, entropy->bitstate);
-  entropy->saved = state;
-  return TRUE;
-}
-
-
-/*
- * Decode and return one MCU's worth of Huffman-compressed coefficients.
- * The coefficients are reordered from zigzag order into natural array order,
- * but are not dequantized.
- *
- * The i'th block of the MCU is stored into the block pointed to by
- * MCU_data[i].  WE ASSUME THIS AREA HAS BEEN ZEROED BY THE CALLER.
- * (Wholesale zeroing is usually a little faster than retail...)
- *
- * Returns FALSE if data source requested suspension.  In that case no
- * changes have been made to permanent state.  (Exception: some output
- * coefficients may already have been assigned.  This is harmless for
- * this module, since we'll just re-assign them on the next call.)
- */
-
-#define BUFSIZE  (DCTSIZE2 * 8)
-
-METHODDEF(boolean)
-decode_mcu(j_decompress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  huff_entropy_ptr entropy = (huff_entropy_ptr)cinfo->entropy;
-  int usefast = 1;
-
-  /* Process restart marker if needed; may have to suspend */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0)
-      if (!process_restart(cinfo))
-        return FALSE;
-    usefast = 0;
-  }
-
-  if (cinfo->src->bytes_in_buffer < BUFSIZE * (size_t)cinfo->blocks_in_MCU ||
-      cinfo->unread_marker != 0)
-    usefast = 0;
-
-  /* If we've run out of data, just leave the MCU set to zeroes.
-   * This way, we return uniform gray for the remainder of the segment.
-   */
-  if (!entropy->pub.insufficient_data) {
-
-    if (usefast) {
-      if (!decode_mcu_fast(cinfo, MCU_data)) goto use_slow;
-    } else {
-use_slow:
-      if (!decode_mcu_slow(cinfo, MCU_data)) return FALSE;
-    }
-
-  }
-
-  /* Account for restart interval (no-op if not using restarts) */
-  if (cinfo->restart_interval)
-    entropy->restarts_to_go--;
-
-  return TRUE;
-}
-
-
-/*
- * Module initialization routine for Huffman entropy decoding.
- */
-
-GLOBAL(void)
-jinit_huff_decoder(j_decompress_ptr cinfo)
-{
-  huff_entropy_ptr entropy;
-  int i;
-
-  /* Motion JPEG frames typically do not include the Huffman tables if they
-     are the default tables.  Thus, if the tables are not set by the time
-     the Huffman decoder is initialized (usually within the body of
-     jpeg_start_decompress()), we set them to default values. */
-  std_huff_tables((j_common_ptr)cinfo);
-
-  entropy = (huff_entropy_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(huff_entropy_decoder));
-  cinfo->entropy = (struct jpeg_entropy_decoder *)entropy;
-  entropy->pub.start_pass = start_pass_huff_decoder;
-  entropy->pub.decode_mcu = decode_mcu;
-
-  /* Mark tables unallocated */
-  for (i = 0; i < NUM_HUFF_TBLS; i++) {
-    entropy->dc_derived_tbls[i] = entropy->ac_derived_tbls[i] = NULL;
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdhuff.h b/3rdparty/libjpeg-turbo_2_1_0/jdhuff.h
deleted file mode 100644
index cfa0b7f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdhuff.h
+++ /dev/null
@@ -1,247 +0,0 @@
-/*
- * jdhuff.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1997, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2010-2011, 2015-2016, 2021, D. R. Commander.
- * Copyright (C) 2018, Matthias Räncker.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains declarations for Huffman entropy decoding routines
- * that are shared between the sequential decoder (jdhuff.c) and the
- * progressive decoder (jdphuff.c).  No other modules need to see these.
- */
-
-#include "jconfigint.h"
-
-
-/* Derived data constructed for each Huffman table */
-
-#define HUFF_LOOKAHEAD  8       /* # of bits of lookahead */
-
-typedef struct {
-  /* Basic tables: (element [0] of each array is unused) */
-  JLONG maxcode[18];            /* largest code of length k (-1 if none) */
-  /* (maxcode[17] is a sentinel to ensure jpeg_huff_decode terminates) */
-  JLONG valoffset[18];          /* huffval[] offset for codes of length k */
-  /* valoffset[k] = huffval[] index of 1st symbol of code length k, less
-   * the smallest code of length k; so given a code of length k, the
-   * corresponding symbol is huffval[code + valoffset[k]]
-   */
-
-  /* Link to public Huffman table (needed only in jpeg_huff_decode) */
-  JHUFF_TBL *pub;
-
-  /* Lookahead table: indexed by the next HUFF_LOOKAHEAD bits of
-   * the input data stream.  If the next Huffman code is no more
-   * than HUFF_LOOKAHEAD bits long, we can obtain its length and
-   * the corresponding symbol directly from this tables.
-   *
-   * The lower 8 bits of each table entry contain the number of
-   * bits in the corresponding Huffman code, or HUFF_LOOKAHEAD + 1
-   * if too long.  The next 8 bits of each entry contain the
-   * symbol.
-   */
-  int lookup[1 << HUFF_LOOKAHEAD];
-} d_derived_tbl;
-
-/* Expand a Huffman table definition into the derived format */
-EXTERN(void) jpeg_make_d_derived_tbl(j_decompress_ptr cinfo, boolean isDC,
-                                     int tblno, d_derived_tbl **pdtbl);
-
-
-/*
- * Fetching the next N bits from the input stream is a time-critical operation
- * for the Huffman decoders.  We implement it with a combination of inline
- * macros and out-of-line subroutines.  Note that N (the number of bits
- * demanded at one time) never exceeds 15 for JPEG use.
- *
- * We read source bytes into get_buffer and dole out bits as needed.
- * If get_buffer already contains enough bits, they are fetched in-line
- * by the macros CHECK_BIT_BUFFER and GET_BITS.  When there aren't enough
- * bits, jpeg_fill_bit_buffer is called; it will attempt to fill get_buffer
- * as full as possible (not just to the number of bits needed; this
- * prefetching reduces the overhead cost of calling jpeg_fill_bit_buffer).
- * Note that jpeg_fill_bit_buffer may return FALSE to indicate suspension.
- * On TRUE return, jpeg_fill_bit_buffer guarantees that get_buffer contains
- * at least the requested number of bits --- dummy zeroes are inserted if
- * necessary.
- */
-
-#if !defined(_WIN32) && !defined(SIZEOF_SIZE_T)
-#error Cannot determine word size
-#endif
-
-#if SIZEOF_SIZE_T == 8 || defined(_WIN64)
-
-typedef size_t bit_buf_type;            /* type of bit-extraction buffer */
-#define BIT_BUF_SIZE  64                /* size of buffer in bits */
-
-#elif defined(__x86_64__) && defined(__ILP32__)
-
-typedef unsigned long long bit_buf_type; /* type of bit-extraction buffer */
-#define BIT_BUF_SIZE  64                 /* size of buffer in bits */
-
-#else
-
-typedef unsigned long bit_buf_type;     /* type of bit-extraction buffer */
-#define BIT_BUF_SIZE  32                /* size of buffer in bits */
-
-#endif
-
-/* If long is > 32 bits on your machine, and shifting/masking longs is
- * reasonably fast, making bit_buf_type be long and setting BIT_BUF_SIZE
- * appropriately should be a win.  Unfortunately we can't define the size
- * with something like  #define BIT_BUF_SIZE (sizeof(bit_buf_type)*8)
- * because not all machines measure sizeof in 8-bit bytes.
- */
-
-typedef struct {                /* Bitreading state saved across MCUs */
-  bit_buf_type get_buffer;      /* current bit-extraction buffer */
-  int bits_left;                /* # of unused bits in it */
-} bitread_perm_state;
-
-typedef struct {                /* Bitreading working state within an MCU */
-  /* Current data source location */
-  /* We need a copy, rather than munging the original, in case of suspension */
-  const JOCTET *next_input_byte; /* => next byte to read from source */
-  size_t bytes_in_buffer;       /* # of bytes remaining in source buffer */
-  /* Bit input buffer --- note these values are kept in register variables,
-   * not in this struct, inside the inner loops.
-   */
-  bit_buf_type get_buffer;      /* current bit-extraction buffer */
-  int bits_left;                /* # of unused bits in it */
-  /* Pointer needed by jpeg_fill_bit_buffer. */
-  j_decompress_ptr cinfo;       /* back link to decompress master record */
-} bitread_working_state;
-
-/* Macros to declare and load/save bitread local variables. */
-#define BITREAD_STATE_VARS \
-  register bit_buf_type get_buffer; \
-  register int bits_left; \
-  bitread_working_state br_state
-
-#define BITREAD_LOAD_STATE(cinfop, permstate) \
-  br_state.cinfo = cinfop; \
-  br_state.next_input_byte = cinfop->src->next_input_byte; \
-  br_state.bytes_in_buffer = cinfop->src->bytes_in_buffer; \
-  get_buffer = permstate.get_buffer; \
-  bits_left = permstate.bits_left;
-
-#define BITREAD_SAVE_STATE(cinfop, permstate) \
-  cinfop->src->next_input_byte = br_state.next_input_byte; \
-  cinfop->src->bytes_in_buffer = br_state.bytes_in_buffer; \
-  permstate.get_buffer = get_buffer; \
-  permstate.bits_left = bits_left
-
-/*
- * These macros provide the in-line portion of bit fetching.
- * Use CHECK_BIT_BUFFER to ensure there are N bits in get_buffer
- * before using GET_BITS, PEEK_BITS, or DROP_BITS.
- * The variables get_buffer and bits_left are assumed to be locals,
- * but the state struct might not be (jpeg_huff_decode needs this).
- *      CHECK_BIT_BUFFER(state, n, action);
- *              Ensure there are N bits in get_buffer; if suspend, take action.
- *      val = GET_BITS(n);
- *              Fetch next N bits.
- *      val = PEEK_BITS(n);
- *              Fetch next N bits without removing them from the buffer.
- *      DROP_BITS(n);
- *              Discard next N bits.
- * The value N should be a simple variable, not an expression, because it
- * is evaluated multiple times.
- */
-
-#define CHECK_BIT_BUFFER(state, nbits, action) { \
-  if (bits_left < (nbits)) { \
-    if (!jpeg_fill_bit_buffer(&(state), get_buffer, bits_left, nbits)) \
-      { action; } \
-    get_buffer = (state).get_buffer;  bits_left = (state).bits_left; \
-  } \
-}
-
-#define GET_BITS(nbits) \
-  (((int)(get_buffer >> (bits_left -= (nbits)))) & ((1 << (nbits)) - 1))
-
-#define PEEK_BITS(nbits) \
-  (((int)(get_buffer >> (bits_left -  (nbits)))) & ((1 << (nbits)) - 1))
-
-#define DROP_BITS(nbits) \
-  (bits_left -= (nbits))
-
-/* Load up the bit buffer to a depth of at least nbits */
-EXTERN(boolean) jpeg_fill_bit_buffer(bitread_working_state *state,
-                                     register bit_buf_type get_buffer,
-                                     register int bits_left, int nbits);
-
-
-/*
- * Code for extracting next Huffman-coded symbol from input bit stream.
- * Again, this is time-critical and we make the main paths be macros.
- *
- * We use a lookahead table to process codes of up to HUFF_LOOKAHEAD bits
- * without looping.  Usually, more than 95% of the Huffman codes will be 8
- * or fewer bits long.  The few overlength codes are handled with a loop,
- * which need not be inline code.
- *
- * Notes about the HUFF_DECODE macro:
- * 1. Near the end of the data segment, we may fail to get enough bits
- *    for a lookahead.  In that case, we do it the hard way.
- * 2. If the lookahead table contains no entry, the next code must be
- *    more than HUFF_LOOKAHEAD bits long.
- * 3. jpeg_huff_decode returns -1 if forced to suspend.
- */
-
-#define HUFF_DECODE(result, state, htbl, failaction, slowlabel) { \
-  register int nb, look; \
-  if (bits_left < HUFF_LOOKAHEAD) { \
-    if (!jpeg_fill_bit_buffer(&state, get_buffer, bits_left, 0)) \
-      { failaction; } \
-    get_buffer = state.get_buffer;  bits_left = state.bits_left; \
-    if (bits_left < HUFF_LOOKAHEAD) { \
-      nb = 1;  goto slowlabel; \
-    } \
-  } \
-  look = PEEK_BITS(HUFF_LOOKAHEAD); \
-  if ((nb = (htbl->lookup[look] >> HUFF_LOOKAHEAD)) <= HUFF_LOOKAHEAD) { \
-    DROP_BITS(nb); \
-    result = htbl->lookup[look] & ((1 << HUFF_LOOKAHEAD) - 1); \
-  } else { \
-slowlabel: \
-    if ((result = \
-         jpeg_huff_decode(&state, get_buffer, bits_left, htbl, nb)) < 0) \
-      { failaction; } \
-    get_buffer = state.get_buffer;  bits_left = state.bits_left; \
-  } \
-}
-
-#define HUFF_DECODE_FAST(s, nb, htbl) \
-  FILL_BIT_BUFFER_FAST; \
-  s = PEEK_BITS(HUFF_LOOKAHEAD); \
-  s = htbl->lookup[s]; \
-  nb = s >> HUFF_LOOKAHEAD; \
-  /* Pre-execute the common case of nb <= HUFF_LOOKAHEAD */ \
-  DROP_BITS(nb); \
-  s = s & ((1 << HUFF_LOOKAHEAD) - 1); \
-  if (nb > HUFF_LOOKAHEAD) { \
-    /* Equivalent of jpeg_huff_decode() */ \
-    /* Don't use GET_BITS() here because we don't want to modify bits_left */ \
-    s = (get_buffer >> bits_left) & ((1 << (nb)) - 1); \
-    while (s > htbl->maxcode[nb]) { \
-      s <<= 1; \
-      s |= GET_BITS(1); \
-      nb++; \
-    } \
-    if (nb > 16) \
-      s = 0; \
-    else \
-      s = htbl->pub->huffval[(int)(s + htbl->valoffset[nb]) & 0xFF]; \
-  }
-
-/* Out-of-line case for Huffman code fetching */
-EXTERN(int) jpeg_huff_decode(bitread_working_state *state,
-                             register bit_buf_type get_buffer,
-                             register int bits_left, d_derived_tbl *htbl,
-                             int min_bits);
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdicc.c b/3rdparty/libjpeg-turbo_2_1_0/jdicc.c
deleted file mode 100644
index a1a5b86..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdicc.c
+++ /dev/null
@@ -1,171 +0,0 @@
-/*
- * jdicc.c
- *
- * Copyright (C) 1997-1998, Thomas G. Lane, Todd Newman.
- * Copyright (C) 2017, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file provides code to read International Color Consortium (ICC) device
- * profiles embedded in JFIF JPEG image files.  The ICC has defined a standard
- * for including such data in JPEG "APP2" markers.  The code given here does
- * not know anything about the internal structure of the ICC profile data; it
- * just knows how to get the profile data from a JPEG file while reading it.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jerror.h"
-
-#ifndef HAVE_STDLIB_H           /* <stdlib.h> should declare malloc() */
-extern void *malloc(size_t size);
-#endif
-
-
-#define ICC_MARKER  (JPEG_APP0 + 2)     /* JPEG marker code for ICC */
-#define ICC_OVERHEAD_LEN  14            /* size of non-profile data in APP2 */
-
-
-/*
- * Handy subroutine to test whether a saved marker is an ICC profile marker.
- */
-
-LOCAL(boolean)
-marker_is_icc(jpeg_saved_marker_ptr marker)
-{
-  return
-    marker->marker == ICC_MARKER &&
-    marker->data_length >= ICC_OVERHEAD_LEN &&
-    /* verify the identifying string */
-    marker->data[0] == 0x49 &&
-    marker->data[1] == 0x43 &&
-    marker->data[2] == 0x43 &&
-    marker->data[3] == 0x5F &&
-    marker->data[4] == 0x50 &&
-    marker->data[5] == 0x52 &&
-    marker->data[6] == 0x4F &&
-    marker->data[7] == 0x46 &&
-    marker->data[8] == 0x49 &&
-    marker->data[9] == 0x4C &&
-    marker->data[10] == 0x45 &&
-    marker->data[11] == 0x0;
-}
-
-
-/*
- * See if there was an ICC profile in the JPEG file being read; if so,
- * reassemble and return the profile data.
- *
- * TRUE is returned if an ICC profile was found, FALSE if not.  If TRUE is
- * returned, *icc_data_ptr is set to point to the returned data, and
- * *icc_data_len is set to its length.
- *
- * IMPORTANT: the data at *icc_data_ptr is allocated with malloc() and must be
- * freed by the caller with free() when the caller no longer needs it.
- * (Alternatively, we could write this routine to use the IJG library's memory
- * allocator, so that the data would be freed implicitly when
- * jpeg_finish_decompress() is called.  But it seems likely that many
- * applications will prefer to have the data stick around after decompression
- * finishes.)
- */
-
-GLOBAL(boolean)
-jpeg_read_icc_profile(j_decompress_ptr cinfo, JOCTET **icc_data_ptr,
-                      unsigned int *icc_data_len)
-{
-  jpeg_saved_marker_ptr marker;
-  int num_markers = 0;
-  int seq_no;
-  JOCTET *icc_data;
-  unsigned int total_length;
-#define MAX_SEQ_NO  255         /* sufficient since marker numbers are bytes */
-  char marker_present[MAX_SEQ_NO + 1];      /* 1 if marker found */
-  unsigned int data_length[MAX_SEQ_NO + 1]; /* size of profile data in marker */
-  unsigned int data_offset[MAX_SEQ_NO + 1]; /* offset for data in marker */
-
-  if (icc_data_ptr == NULL || icc_data_len == NULL)
-    ERREXIT(cinfo, JERR_BUFFER_SIZE);
-  if (cinfo->global_state < DSTATE_READY)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-
-  *icc_data_ptr = NULL;         /* avoid confusion if FALSE return */
-  *icc_data_len = 0;
-
-  /* This first pass over the saved markers discovers whether there are
-   * any ICC markers and verifies the consistency of the marker numbering.
-   */
-
-  for (seq_no = 1; seq_no <= MAX_SEQ_NO; seq_no++)
-    marker_present[seq_no] = 0;
-
-  for (marker = cinfo->marker_list; marker != NULL; marker = marker->next) {
-    if (marker_is_icc(marker)) {
-      if (num_markers == 0)
-        num_markers = marker->data[13];
-      else if (num_markers != marker->data[13]) {
-        WARNMS(cinfo, JWRN_BOGUS_ICC);  /* inconsistent num_markers fields */
-        return FALSE;
-      }
-      seq_no = marker->data[12];
-      if (seq_no <= 0 || seq_no > num_markers) {
-        WARNMS(cinfo, JWRN_BOGUS_ICC);  /* bogus sequence number */
-        return FALSE;
-      }
-      if (marker_present[seq_no]) {
-        WARNMS(cinfo, JWRN_BOGUS_ICC);  /* duplicate sequence numbers */
-        return FALSE;
-      }
-      marker_present[seq_no] = 1;
-      data_length[seq_no] = marker->data_length - ICC_OVERHEAD_LEN;
-    }
-  }
-
-  if (num_markers == 0)
-    return FALSE;
-
-  /* Check for missing markers, count total space needed,
-   * compute offset of each marker's part of the data.
-   */
-
-  total_length = 0;
-  for (seq_no = 1; seq_no <= num_markers; seq_no++) {
-    if (marker_present[seq_no] == 0) {
-      WARNMS(cinfo, JWRN_BOGUS_ICC);  /* missing sequence number */
-      return FALSE;
-    }
-    data_offset[seq_no] = total_length;
-    total_length += data_length[seq_no];
-  }
-
-  if (total_length == 0) {
-    WARNMS(cinfo, JWRN_BOGUS_ICC);  /* found only empty markers? */
-    return FALSE;
-  }
-
-  /* Allocate space for assembled data */
-  icc_data = (JOCTET *)malloc(total_length * sizeof(JOCTET));
-  if (icc_data == NULL)
-    ERREXIT1(cinfo, JERR_OUT_OF_MEMORY, 11);  /* oops, out of memory */
-
-  /* and fill it in */
-  for (marker = cinfo->marker_list; marker != NULL; marker = marker->next) {
-    if (marker_is_icc(marker)) {
-      JOCTET FAR *src_ptr;
-      JOCTET *dst_ptr;
-      unsigned int length;
-      seq_no = marker->data[12];
-      dst_ptr = icc_data + data_offset[seq_no];
-      src_ptr = marker->data + ICC_OVERHEAD_LEN;
-      length = data_length[seq_no];
-      while (length--) {
-        *dst_ptr++ = *src_ptr++;
-      }
-    }
-  }
-
-  *icc_data_ptr = icc_data;
-  *icc_data_len = total_length;
-
-  return TRUE;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdinput.c b/3rdparty/libjpeg-turbo_2_1_0/jdinput.c
deleted file mode 100644
index deec618..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdinput.c
+++ /dev/null
@@ -1,408 +0,0 @@
-/*
- * jdinput.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1997, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2010, 2016, 2018, D. R. Commander.
- * Copyright (C) 2015, Google, Inc.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains input control logic for the JPEG decompressor.
- * These routines are concerned with controlling the decompressor's input
- * processing (marker reading and coefficient decoding).  The actual input
- * reading is done in jdmarker.c, jdhuff.c, and jdphuff.c.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jpegcomp.h"
-
-
-/* Private state */
-
-typedef struct {
-  struct jpeg_input_controller pub; /* public fields */
-
-  boolean inheaders;            /* TRUE until first SOS is reached */
-} my_input_controller;
-
-typedef my_input_controller *my_inputctl_ptr;
-
-
-/* Forward declarations */
-METHODDEF(int) consume_markers(j_decompress_ptr cinfo);
-
-
-/*
- * Routines to calculate various quantities related to the size of the image.
- */
-
-LOCAL(void)
-initial_setup(j_decompress_ptr cinfo)
-/* Called once, when first SOS marker is reached */
-{
-  int ci;
-  jpeg_component_info *compptr;
-
-  /* Make sure image isn't bigger than I can handle */
-  if ((long)cinfo->image_height > (long)JPEG_MAX_DIMENSION ||
-      (long)cinfo->image_width > (long)JPEG_MAX_DIMENSION)
-    ERREXIT1(cinfo, JERR_IMAGE_TOO_BIG, (unsigned int)JPEG_MAX_DIMENSION);
-
-  /* For now, precision must match compiled-in value... */
-  if (cinfo->data_precision != BITS_IN_JSAMPLE)
-    ERREXIT1(cinfo, JERR_BAD_PRECISION, cinfo->data_precision);
-
-  /* Check that number of components won't exceed internal array sizes */
-  if (cinfo->num_components > MAX_COMPONENTS)
-    ERREXIT2(cinfo, JERR_COMPONENT_COUNT, cinfo->num_components,
-             MAX_COMPONENTS);
-
-  /* Compute maximum sampling factors; check factor validity */
-  cinfo->max_h_samp_factor = 1;
-  cinfo->max_v_samp_factor = 1;
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    if (compptr->h_samp_factor <= 0 ||
-        compptr->h_samp_factor > MAX_SAMP_FACTOR ||
-        compptr->v_samp_factor <= 0 ||
-        compptr->v_samp_factor > MAX_SAMP_FACTOR)
-      ERREXIT(cinfo, JERR_BAD_SAMPLING);
-    cinfo->max_h_samp_factor = MAX(cinfo->max_h_samp_factor,
-                                   compptr->h_samp_factor);
-    cinfo->max_v_samp_factor = MAX(cinfo->max_v_samp_factor,
-                                   compptr->v_samp_factor);
-  }
-
-#if JPEG_LIB_VERSION >= 80
-  cinfo->block_size = DCTSIZE;
-  cinfo->natural_order = jpeg_natural_order;
-  cinfo->lim_Se = DCTSIZE2 - 1;
-#endif
-
-  /* We initialize DCT_scaled_size and min_DCT_scaled_size to DCTSIZE.
-   * In the full decompressor, this will be overridden by jdmaster.c;
-   * but in the transcoder, jdmaster.c is not used, so we must do it here.
-   */
-#if JPEG_LIB_VERSION >= 70
-  cinfo->min_DCT_h_scaled_size = cinfo->min_DCT_v_scaled_size = DCTSIZE;
-#else
-  cinfo->min_DCT_scaled_size = DCTSIZE;
-#endif
-
-  /* Compute dimensions of components */
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-#if JPEG_LIB_VERSION >= 70
-    compptr->DCT_h_scaled_size = compptr->DCT_v_scaled_size = DCTSIZE;
-#else
-    compptr->DCT_scaled_size = DCTSIZE;
-#endif
-    /* Size in DCT blocks */
-    compptr->width_in_blocks = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_width * (long)compptr->h_samp_factor,
-                    (long)(cinfo->max_h_samp_factor * DCTSIZE));
-    compptr->height_in_blocks = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_height * (long)compptr->v_samp_factor,
-                    (long)(cinfo->max_v_samp_factor * DCTSIZE));
-    /* Set the first and last MCU columns to decompress from multi-scan images.
-     * By default, decompress all of the MCU columns.
-     */
-    cinfo->master->first_MCU_col[ci] = 0;
-    cinfo->master->last_MCU_col[ci] = compptr->width_in_blocks - 1;
-    /* downsampled_width and downsampled_height will also be overridden by
-     * jdmaster.c if we are doing full decompression.  The transcoder library
-     * doesn't use these values, but the calling application might.
-     */
-    /* Size in samples */
-    compptr->downsampled_width = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_width * (long)compptr->h_samp_factor,
-                    (long)cinfo->max_h_samp_factor);
-    compptr->downsampled_height = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_height * (long)compptr->v_samp_factor,
-                    (long)cinfo->max_v_samp_factor);
-    /* Mark component needed, until color conversion says otherwise */
-    compptr->component_needed = TRUE;
-    /* Mark no quantization table yet saved for component */
-    compptr->quant_table = NULL;
-  }
-
-  /* Compute number of fully interleaved MCU rows. */
-  cinfo->total_iMCU_rows = (JDIMENSION)
-    jdiv_round_up((long)cinfo->image_height,
-                  (long)(cinfo->max_v_samp_factor * DCTSIZE));
-
-  /* Decide whether file contains multiple scans */
-  if (cinfo->comps_in_scan < cinfo->num_components || cinfo->progressive_mode)
-    cinfo->inputctl->has_multiple_scans = TRUE;
-  else
-    cinfo->inputctl->has_multiple_scans = FALSE;
-}
-
-
-LOCAL(void)
-per_scan_setup(j_decompress_ptr cinfo)
-/* Do computations that are needed before processing a JPEG scan */
-/* cinfo->comps_in_scan and cinfo->cur_comp_info[] were set from SOS marker */
-{
-  int ci, mcublks, tmp;
-  jpeg_component_info *compptr;
-
-  if (cinfo->comps_in_scan == 1) {
-
-    /* Noninterleaved (single-component) scan */
-    compptr = cinfo->cur_comp_info[0];
-
-    /* Overall image size in MCUs */
-    cinfo->MCUs_per_row = compptr->width_in_blocks;
-    cinfo->MCU_rows_in_scan = compptr->height_in_blocks;
-
-    /* For noninterleaved scan, always one block per MCU */
-    compptr->MCU_width = 1;
-    compptr->MCU_height = 1;
-    compptr->MCU_blocks = 1;
-    compptr->MCU_sample_width = compptr->_DCT_scaled_size;
-    compptr->last_col_width = 1;
-    /* For noninterleaved scans, it is convenient to define last_row_height
-     * as the number of block rows present in the last iMCU row.
-     */
-    tmp = (int)(compptr->height_in_blocks % compptr->v_samp_factor);
-    if (tmp == 0) tmp = compptr->v_samp_factor;
-    compptr->last_row_height = tmp;
-
-    /* Prepare array describing MCU composition */
-    cinfo->blocks_in_MCU = 1;
-    cinfo->MCU_membership[0] = 0;
-
-  } else {
-
-    /* Interleaved (multi-component) scan */
-    if (cinfo->comps_in_scan <= 0 || cinfo->comps_in_scan > MAX_COMPS_IN_SCAN)
-      ERREXIT2(cinfo, JERR_COMPONENT_COUNT, cinfo->comps_in_scan,
-               MAX_COMPS_IN_SCAN);
-
-    /* Overall image size in MCUs */
-    cinfo->MCUs_per_row = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_width,
-                    (long)(cinfo->max_h_samp_factor * DCTSIZE));
-    cinfo->MCU_rows_in_scan = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_height,
-                    (long)(cinfo->max_v_samp_factor * DCTSIZE));
-
-    cinfo->blocks_in_MCU = 0;
-
-    for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-      compptr = cinfo->cur_comp_info[ci];
-      /* Sampling factors give # of blocks of component in each MCU */
-      compptr->MCU_width = compptr->h_samp_factor;
-      compptr->MCU_height = compptr->v_samp_factor;
-      compptr->MCU_blocks = compptr->MCU_width * compptr->MCU_height;
-      compptr->MCU_sample_width = compptr->MCU_width *
-                                  compptr->_DCT_scaled_size;
-      /* Figure number of non-dummy blocks in last MCU column & row */
-      tmp = (int)(compptr->width_in_blocks % compptr->MCU_width);
-      if (tmp == 0) tmp = compptr->MCU_width;
-      compptr->last_col_width = tmp;
-      tmp = (int)(compptr->height_in_blocks % compptr->MCU_height);
-      if (tmp == 0) tmp = compptr->MCU_height;
-      compptr->last_row_height = tmp;
-      /* Prepare array describing MCU composition */
-      mcublks = compptr->MCU_blocks;
-      if (cinfo->blocks_in_MCU + mcublks > D_MAX_BLOCKS_IN_MCU)
-        ERREXIT(cinfo, JERR_BAD_MCU_SIZE);
-      while (mcublks-- > 0) {
-        cinfo->MCU_membership[cinfo->blocks_in_MCU++] = ci;
-      }
-    }
-
-  }
-}
-
-
-/*
- * Save away a copy of the Q-table referenced by each component present
- * in the current scan, unless already saved during a prior scan.
- *
- * In a multiple-scan JPEG file, the encoder could assign different components
- * the same Q-table slot number, but change table definitions between scans
- * so that each component uses a different Q-table.  (The IJG encoder is not
- * currently capable of doing this, but other encoders might.)  Since we want
- * to be able to dequantize all the components at the end of the file, this
- * means that we have to save away the table actually used for each component.
- * We do this by copying the table at the start of the first scan containing
- * the component.
- * Rec. ITU-T T.81 | ISO/IEC 10918-1 prohibits the encoder from changing the
- * contents of a Q-table slot between scans of a component using that slot.  If
- * the encoder does so anyway, this decoder will simply use the Q-table values
- * that were current at the start of the first scan for the component.
- *
- * The decompressor output side looks only at the saved quant tables,
- * not at the current Q-table slots.
- */
-
-LOCAL(void)
-latch_quant_tables(j_decompress_ptr cinfo)
-{
-  int ci, qtblno;
-  jpeg_component_info *compptr;
-  JQUANT_TBL *qtbl;
-
-  for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-    compptr = cinfo->cur_comp_info[ci];
-    /* No work if we already saved Q-table for this component */
-    if (compptr->quant_table != NULL)
-      continue;
-    /* Make sure specified quantization table is present */
-    qtblno = compptr->quant_tbl_no;
-    if (qtblno < 0 || qtblno >= NUM_QUANT_TBLS ||
-        cinfo->quant_tbl_ptrs[qtblno] == NULL)
-      ERREXIT1(cinfo, JERR_NO_QUANT_TABLE, qtblno);
-    /* OK, save away the quantization table */
-    qtbl = (JQUANT_TBL *)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                  sizeof(JQUANT_TBL));
-    MEMCOPY(qtbl, cinfo->quant_tbl_ptrs[qtblno], sizeof(JQUANT_TBL));
-    compptr->quant_table = qtbl;
-  }
-}
-
-
-/*
- * Initialize the input modules to read a scan of compressed data.
- * The first call to this is done by jdmaster.c after initializing
- * the entire decompressor (during jpeg_start_decompress).
- * Subsequent calls come from consume_markers, below.
- */
-
-METHODDEF(void)
-start_input_pass(j_decompress_ptr cinfo)
-{
-  per_scan_setup(cinfo);
-  latch_quant_tables(cinfo);
-  (*cinfo->entropy->start_pass) (cinfo);
-  (*cinfo->coef->start_input_pass) (cinfo);
-  cinfo->inputctl->consume_input = cinfo->coef->consume_data;
-}
-
-
-/*
- * Finish up after inputting a compressed-data scan.
- * This is called by the coefficient controller after it's read all
- * the expected data of the scan.
- */
-
-METHODDEF(void)
-finish_input_pass(j_decompress_ptr cinfo)
-{
-  cinfo->inputctl->consume_input = consume_markers;
-}
-
-
-/*
- * Read JPEG markers before, between, or after compressed-data scans.
- * Change state as necessary when a new scan is reached.
- * Return value is JPEG_SUSPENDED, JPEG_REACHED_SOS, or JPEG_REACHED_EOI.
- *
- * The consume_input method pointer points either here or to the
- * coefficient controller's consume_data routine, depending on whether
- * we are reading a compressed data segment or inter-segment markers.
- */
-
-METHODDEF(int)
-consume_markers(j_decompress_ptr cinfo)
-{
-  my_inputctl_ptr inputctl = (my_inputctl_ptr)cinfo->inputctl;
-  int val;
-
-  if (inputctl->pub.eoi_reached) /* After hitting EOI, read no further */
-    return JPEG_REACHED_EOI;
-
-  val = (*cinfo->marker->read_markers) (cinfo);
-
-  switch (val) {
-  case JPEG_REACHED_SOS:        /* Found SOS */
-    if (inputctl->inheaders) {  /* 1st SOS */
-      initial_setup(cinfo);
-      inputctl->inheaders = FALSE;
-      /* Note: start_input_pass must be called by jdmaster.c
-       * before any more input can be consumed.  jdapimin.c is
-       * responsible for enforcing this sequencing.
-       */
-    } else {                    /* 2nd or later SOS marker */
-      if (!inputctl->pub.has_multiple_scans)
-        ERREXIT(cinfo, JERR_EOI_EXPECTED); /* Oops, I wasn't expecting this! */
-      start_input_pass(cinfo);
-    }
-    break;
-  case JPEG_REACHED_EOI:        /* Found EOI */
-    inputctl->pub.eoi_reached = TRUE;
-    if (inputctl->inheaders) {  /* Tables-only datastream, apparently */
-      if (cinfo->marker->saw_SOF)
-        ERREXIT(cinfo, JERR_SOF_NO_SOS);
-    } else {
-      /* Prevent infinite loop in coef ctlr's decompress_data routine
-       * if user set output_scan_number larger than number of scans.
-       */
-      if (cinfo->output_scan_number > cinfo->input_scan_number)
-        cinfo->output_scan_number = cinfo->input_scan_number;
-    }
-    break;
-  case JPEG_SUSPENDED:
-    break;
-  }
-
-  return val;
-}
-
-
-/*
- * Reset state to begin a fresh datastream.
- */
-
-METHODDEF(void)
-reset_input_controller(j_decompress_ptr cinfo)
-{
-  my_inputctl_ptr inputctl = (my_inputctl_ptr)cinfo->inputctl;
-
-  inputctl->pub.consume_input = consume_markers;
-  inputctl->pub.has_multiple_scans = FALSE; /* "unknown" would be better */
-  inputctl->pub.eoi_reached = FALSE;
-  inputctl->inheaders = TRUE;
-  /* Reset other modules */
-  (*cinfo->err->reset_error_mgr) ((j_common_ptr)cinfo);
-  (*cinfo->marker->reset_marker_reader) (cinfo);
-  /* Reset progression state -- would be cleaner if entropy decoder did this */
-  cinfo->coef_bits = NULL;
-}
-
-
-/*
- * Initialize the input controller module.
- * This is called only once, when the decompression object is created.
- */
-
-GLOBAL(void)
-jinit_input_controller(j_decompress_ptr cinfo)
-{
-  my_inputctl_ptr inputctl;
-
-  /* Create subobject in permanent pool */
-  inputctl = (my_inputctl_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_PERMANENT,
-                                sizeof(my_input_controller));
-  cinfo->inputctl = (struct jpeg_input_controller *)inputctl;
-  /* Initialize method pointers */
-  inputctl->pub.consume_input = consume_markers;
-  inputctl->pub.reset_input_controller = reset_input_controller;
-  inputctl->pub.start_input_pass = start_input_pass;
-  inputctl->pub.finish_input_pass = finish_input_pass;
-  /* Initialize state: can't use reset_input_controller since we don't
-   * want to try to reset other modules yet.
-   */
-  inputctl->pub.has_multiple_scans = FALSE; /* "unknown" would be better */
-  inputctl->pub.eoi_reached = FALSE;
-  inputctl->inheaders = TRUE;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdmainct.c b/3rdparty/libjpeg-turbo_2_1_0/jdmainct.c
deleted file mode 100644
index 50301d6..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdmainct.c
+++ /dev/null
@@ -1,460 +0,0 @@
-/*
- * jdmainct.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2010, 2016, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains the main buffer controller for decompression.
- * The main buffer lies between the JPEG decompressor proper and the
- * post-processor; it holds downsampled data in the JPEG colorspace.
- *
- * Note that this code is bypassed in raw-data mode, since the application
- * supplies the equivalent of the main buffer in that case.
- */
-
-#include "jinclude.h"
-#include "jdmainct.h"
-
-
-/*
- * In the current system design, the main buffer need never be a full-image
- * buffer; any full-height buffers will be found inside the coefficient or
- * postprocessing controllers.  Nonetheless, the main controller is not
- * trivial.  Its responsibility is to provide context rows for upsampling/
- * rescaling, and doing this in an efficient fashion is a bit tricky.
- *
- * Postprocessor input data is counted in "row groups".  A row group
- * is defined to be (v_samp_factor * DCT_scaled_size / min_DCT_scaled_size)
- * sample rows of each component.  (We require DCT_scaled_size values to be
- * chosen such that these numbers are integers.  In practice DCT_scaled_size
- * values will likely be powers of two, so we actually have the stronger
- * condition that DCT_scaled_size / min_DCT_scaled_size is an integer.)
- * Upsampling will typically produce max_v_samp_factor pixel rows from each
- * row group (times any additional scale factor that the upsampler is
- * applying).
- *
- * The coefficient controller will deliver data to us one iMCU row at a time;
- * each iMCU row contains v_samp_factor * DCT_scaled_size sample rows, or
- * exactly min_DCT_scaled_size row groups.  (This amount of data corresponds
- * to one row of MCUs when the image is fully interleaved.)  Note that the
- * number of sample rows varies across components, but the number of row
- * groups does not.  Some garbage sample rows may be included in the last iMCU
- * row at the bottom of the image.
- *
- * Depending on the vertical scaling algorithm used, the upsampler may need
- * access to the sample row(s) above and below its current input row group.
- * The upsampler is required to set need_context_rows TRUE at global selection
- * time if so.  When need_context_rows is FALSE, this controller can simply
- * obtain one iMCU row at a time from the coefficient controller and dole it
- * out as row groups to the postprocessor.
- *
- * When need_context_rows is TRUE, this controller guarantees that the buffer
- * passed to postprocessing contains at least one row group's worth of samples
- * above and below the row group(s) being processed.  Note that the context
- * rows "above" the first passed row group appear at negative row offsets in
- * the passed buffer.  At the top and bottom of the image, the required
- * context rows are manufactured by duplicating the first or last real sample
- * row; this avoids having special cases in the upsampling inner loops.
- *
- * The amount of context is fixed at one row group just because that's a
- * convenient number for this controller to work with.  The existing
- * upsamplers really only need one sample row of context.  An upsampler
- * supporting arbitrary output rescaling might wish for more than one row
- * group of context when shrinking the image; tough, we don't handle that.
- * (This is justified by the assumption that downsizing will be handled mostly
- * by adjusting the DCT_scaled_size values, so that the actual scale factor at
- * the upsample step needn't be much less than one.)
- *
- * To provide the desired context, we have to retain the last two row groups
- * of one iMCU row while reading in the next iMCU row.  (The last row group
- * can't be processed until we have another row group for its below-context,
- * and so we have to save the next-to-last group too for its above-context.)
- * We could do this most simply by copying data around in our buffer, but
- * that'd be very slow.  We can avoid copying any data by creating a rather
- * strange pointer structure.  Here's how it works.  We allocate a workspace
- * consisting of M+2 row groups (where M = min_DCT_scaled_size is the number
- * of row groups per iMCU row).  We create two sets of redundant pointers to
- * the workspace.  Labeling the physical row groups 0 to M+1, the synthesized
- * pointer lists look like this:
- *                   M+1                          M-1
- * master pointer --> 0         master pointer --> 0
- *                    1                            1
- *                   ...                          ...
- *                   M-3                          M-3
- *                   M-2                           M
- *                   M-1                          M+1
- *                    M                           M-2
- *                   M+1                          M-1
- *                    0                            0
- * We read alternate iMCU rows using each master pointer; thus the last two
- * row groups of the previous iMCU row remain un-overwritten in the workspace.
- * The pointer lists are set up so that the required context rows appear to
- * be adjacent to the proper places when we pass the pointer lists to the
- * upsampler.
- *
- * The above pictures describe the normal state of the pointer lists.
- * At top and bottom of the image, we diddle the pointer lists to duplicate
- * the first or last sample row as necessary (this is cheaper than copying
- * sample rows around).
- *
- * This scheme breaks down if M < 2, ie, min_DCT_scaled_size is 1.  In that
- * situation each iMCU row provides only one row group so the buffering logic
- * must be different (eg, we must read two iMCU rows before we can emit the
- * first row group).  For now, we simply do not support providing context
- * rows when min_DCT_scaled_size is 1.  That combination seems unlikely to
- * be worth providing --- if someone wants a 1/8th-size preview, they probably
- * want it quick and dirty, so a context-free upsampler is sufficient.
- */
-
-
-/* Forward declarations */
-METHODDEF(void) process_data_simple_main(j_decompress_ptr cinfo,
-                                         JSAMPARRAY output_buf,
-                                         JDIMENSION *out_row_ctr,
-                                         JDIMENSION out_rows_avail);
-METHODDEF(void) process_data_context_main(j_decompress_ptr cinfo,
-                                          JSAMPARRAY output_buf,
-                                          JDIMENSION *out_row_ctr,
-                                          JDIMENSION out_rows_avail);
-#ifdef QUANT_2PASS_SUPPORTED
-METHODDEF(void) process_data_crank_post(j_decompress_ptr cinfo,
-                                        JSAMPARRAY output_buf,
-                                        JDIMENSION *out_row_ctr,
-                                        JDIMENSION out_rows_avail);
-#endif
-
-
-LOCAL(void)
-alloc_funny_pointers(j_decompress_ptr cinfo)
-/* Allocate space for the funny pointer lists.
- * This is done only once, not once per pass.
- */
-{
-  my_main_ptr main_ptr = (my_main_ptr)cinfo->main;
-  int ci, rgroup;
-  int M = cinfo->_min_DCT_scaled_size;
-  jpeg_component_info *compptr;
-  JSAMPARRAY xbuf;
-
-  /* Get top-level space for component array pointers.
-   * We alloc both arrays with one call to save a few cycles.
-   */
-  main_ptr->xbuffer[0] = (JSAMPIMAGE)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                cinfo->num_components * 2 * sizeof(JSAMPARRAY));
-  main_ptr->xbuffer[1] = main_ptr->xbuffer[0] + cinfo->num_components;
-
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    rgroup = (compptr->v_samp_factor * compptr->_DCT_scaled_size) /
-      cinfo->_min_DCT_scaled_size; /* height of a row group of component */
-    /* Get space for pointer lists --- M+4 row groups in each list.
-     * We alloc both pointer lists with one call to save a few cycles.
-     */
-    xbuf = (JSAMPARRAY)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                  2 * (rgroup * (M + 4)) * sizeof(JSAMPROW));
-    xbuf += rgroup;             /* want one row group at negative offsets */
-    main_ptr->xbuffer[0][ci] = xbuf;
-    xbuf += rgroup * (M + 4);
-    main_ptr->xbuffer[1][ci] = xbuf;
-  }
-}
-
-
-LOCAL(void)
-make_funny_pointers(j_decompress_ptr cinfo)
-/* Create the funny pointer lists discussed in the comments above.
- * The actual workspace is already allocated (in main_ptr->buffer),
- * and the space for the pointer lists is allocated too.
- * This routine just fills in the curiously ordered lists.
- * This will be repeated at the beginning of each pass.
- */
-{
-  my_main_ptr main_ptr = (my_main_ptr)cinfo->main;
-  int ci, i, rgroup;
-  int M = cinfo->_min_DCT_scaled_size;
-  jpeg_component_info *compptr;
-  JSAMPARRAY buf, xbuf0, xbuf1;
-
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    rgroup = (compptr->v_samp_factor * compptr->_DCT_scaled_size) /
-      cinfo->_min_DCT_scaled_size; /* height of a row group of component */
-    xbuf0 = main_ptr->xbuffer[0][ci];
-    xbuf1 = main_ptr->xbuffer[1][ci];
-    /* First copy the workspace pointers as-is */
-    buf = main_ptr->buffer[ci];
-    for (i = 0; i < rgroup * (M + 2); i++) {
-      xbuf0[i] = xbuf1[i] = buf[i];
-    }
-    /* In the second list, put the last four row groups in swapped order */
-    for (i = 0; i < rgroup * 2; i++) {
-      xbuf1[rgroup * (M - 2) + i] = buf[rgroup * M + i];
-      xbuf1[rgroup * M + i] = buf[rgroup * (M - 2) + i];
-    }
-    /* The wraparound pointers at top and bottom will be filled later
-     * (see set_wraparound_pointers, below).  Initially we want the "above"
-     * pointers to duplicate the first actual data line.  This only needs
-     * to happen in xbuffer[0].
-     */
-    for (i = 0; i < rgroup; i++) {
-      xbuf0[i - rgroup] = xbuf0[0];
-    }
-  }
-}
-
-
-LOCAL(void)
-set_bottom_pointers(j_decompress_ptr cinfo)
-/* Change the pointer lists to duplicate the last sample row at the bottom
- * of the image.  whichptr indicates which xbuffer holds the final iMCU row.
- * Also sets rowgroups_avail to indicate number of nondummy row groups in row.
- */
-{
-  my_main_ptr main_ptr = (my_main_ptr)cinfo->main;
-  int ci, i, rgroup, iMCUheight, rows_left;
-  jpeg_component_info *compptr;
-  JSAMPARRAY xbuf;
-
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    /* Count sample rows in one iMCU row and in one row group */
-    iMCUheight = compptr->v_samp_factor * compptr->_DCT_scaled_size;
-    rgroup = iMCUheight / cinfo->_min_DCT_scaled_size;
-    /* Count nondummy sample rows remaining for this component */
-    rows_left = (int)(compptr->downsampled_height % (JDIMENSION)iMCUheight);
-    if (rows_left == 0) rows_left = iMCUheight;
-    /* Count nondummy row groups.  Should get same answer for each component,
-     * so we need only do it once.
-     */
-    if (ci == 0) {
-      main_ptr->rowgroups_avail = (JDIMENSION)((rows_left - 1) / rgroup + 1);
-    }
-    /* Duplicate the last real sample row rgroup*2 times; this pads out the
-     * last partial rowgroup and ensures at least one full rowgroup of context.
-     */
-    xbuf = main_ptr->xbuffer[main_ptr->whichptr][ci];
-    for (i = 0; i < rgroup * 2; i++) {
-      xbuf[rows_left + i] = xbuf[rows_left - 1];
-    }
-  }
-}
-
-
-/*
- * Initialize for a processing pass.
- */
-
-METHODDEF(void)
-start_pass_main(j_decompress_ptr cinfo, J_BUF_MODE pass_mode)
-{
-  my_main_ptr main_ptr = (my_main_ptr)cinfo->main;
-
-  switch (pass_mode) {
-  case JBUF_PASS_THRU:
-    if (cinfo->upsample->need_context_rows) {
-      main_ptr->pub.process_data = process_data_context_main;
-      make_funny_pointers(cinfo); /* Create the xbuffer[] lists */
-      main_ptr->whichptr = 0;   /* Read first iMCU row into xbuffer[0] */
-      main_ptr->context_state = CTX_PREPARE_FOR_IMCU;
-      main_ptr->iMCU_row_ctr = 0;
-    } else {
-      /* Simple case with no context needed */
-      main_ptr->pub.process_data = process_data_simple_main;
-    }
-    main_ptr->buffer_full = FALSE;      /* Mark buffer empty */
-    main_ptr->rowgroup_ctr = 0;
-    break;
-#ifdef QUANT_2PASS_SUPPORTED
-  case JBUF_CRANK_DEST:
-    /* For last pass of 2-pass quantization, just crank the postprocessor */
-    main_ptr->pub.process_data = process_data_crank_post;
-    break;
-#endif
-  default:
-    ERREXIT(cinfo, JERR_BAD_BUFFER_MODE);
-    break;
-  }
-}
-
-
-/*
- * Process some data.
- * This handles the simple case where no context is required.
- */
-
-METHODDEF(void)
-process_data_simple_main(j_decompress_ptr cinfo, JSAMPARRAY output_buf,
-                         JDIMENSION *out_row_ctr, JDIMENSION out_rows_avail)
-{
-  my_main_ptr main_ptr = (my_main_ptr)cinfo->main;
-  JDIMENSION rowgroups_avail;
-
-  /* Read input data if we haven't filled the main buffer yet */
-  if (!main_ptr->buffer_full) {
-    if (!(*cinfo->coef->decompress_data) (cinfo, main_ptr->buffer))
-      return;                   /* suspension forced, can do nothing more */
-    main_ptr->buffer_full = TRUE;       /* OK, we have an iMCU row to work with */
-  }
-
-  /* There are always min_DCT_scaled_size row groups in an iMCU row. */
-  rowgroups_avail = (JDIMENSION)cinfo->_min_DCT_scaled_size;
-  /* Note: at the bottom of the image, we may pass extra garbage row groups
-   * to the postprocessor.  The postprocessor has to check for bottom
-   * of image anyway (at row resolution), so no point in us doing it too.
-   */
-
-  /* Feed the postprocessor */
-  (*cinfo->post->post_process_data) (cinfo, main_ptr->buffer,
-                                     &main_ptr->rowgroup_ctr, rowgroups_avail,
-                                     output_buf, out_row_ctr, out_rows_avail);
-
-  /* Has postprocessor consumed all the data yet? If so, mark buffer empty */
-  if (main_ptr->rowgroup_ctr >= rowgroups_avail) {
-    main_ptr->buffer_full = FALSE;
-    main_ptr->rowgroup_ctr = 0;
-  }
-}
-
-
-/*
- * Process some data.
- * This handles the case where context rows must be provided.
- */
-
-METHODDEF(void)
-process_data_context_main(j_decompress_ptr cinfo, JSAMPARRAY output_buf,
-                          JDIMENSION *out_row_ctr, JDIMENSION out_rows_avail)
-{
-  my_main_ptr main_ptr = (my_main_ptr)cinfo->main;
-
-  /* Read input data if we haven't filled the main buffer yet */
-  if (!main_ptr->buffer_full) {
-    if (!(*cinfo->coef->decompress_data) (cinfo,
-                                          main_ptr->xbuffer[main_ptr->whichptr]))
-      return;                   /* suspension forced, can do nothing more */
-    main_ptr->buffer_full = TRUE;       /* OK, we have an iMCU row to work with */
-    main_ptr->iMCU_row_ctr++;   /* count rows received */
-  }
-
-  /* Postprocessor typically will not swallow all the input data it is handed
-   * in one call (due to filling the output buffer first).  Must be prepared
-   * to exit and restart.  This switch lets us keep track of how far we got.
-   * Note that each case falls through to the next on successful completion.
-   */
-  switch (main_ptr->context_state) {
-  case CTX_POSTPONED_ROW:
-    /* Call postprocessor using previously set pointers for postponed row */
-    (*cinfo->post->post_process_data) (cinfo,
-                                       main_ptr->xbuffer[main_ptr->whichptr],
-                                       &main_ptr->rowgroup_ctr,
-                                       main_ptr->rowgroups_avail, output_buf,
-                                       out_row_ctr, out_rows_avail);
-    if (main_ptr->rowgroup_ctr < main_ptr->rowgroups_avail)
-      return;                   /* Need to suspend */
-    main_ptr->context_state = CTX_PREPARE_FOR_IMCU;
-    if (*out_row_ctr >= out_rows_avail)
-      return;                   /* Postprocessor exactly filled output buf */
-    /*FALLTHROUGH*/
-  case CTX_PREPARE_FOR_IMCU:
-    /* Prepare to process first M-1 row groups of this iMCU row */
-    main_ptr->rowgroup_ctr = 0;
-    main_ptr->rowgroups_avail = (JDIMENSION)(cinfo->_min_DCT_scaled_size - 1);
-    /* Check for bottom of image: if so, tweak pointers to "duplicate"
-     * the last sample row, and adjust rowgroups_avail to ignore padding rows.
-     */
-    if (main_ptr->iMCU_row_ctr == cinfo->total_iMCU_rows)
-      set_bottom_pointers(cinfo);
-    main_ptr->context_state = CTX_PROCESS_IMCU;
-    /*FALLTHROUGH*/
-  case CTX_PROCESS_IMCU:
-    /* Call postprocessor using previously set pointers */
-    (*cinfo->post->post_process_data) (cinfo,
-                                       main_ptr->xbuffer[main_ptr->whichptr],
-                                       &main_ptr->rowgroup_ctr,
-                                       main_ptr->rowgroups_avail, output_buf,
-                                       out_row_ctr, out_rows_avail);
-    if (main_ptr->rowgroup_ctr < main_ptr->rowgroups_avail)
-      return;                   /* Need to suspend */
-    /* After the first iMCU, change wraparound pointers to normal state */
-    if (main_ptr->iMCU_row_ctr == 1)
-      set_wraparound_pointers(cinfo);
-    /* Prepare to load new iMCU row using other xbuffer list */
-    main_ptr->whichptr ^= 1;    /* 0=>1 or 1=>0 */
-    main_ptr->buffer_full = FALSE;
-    /* Still need to process last row group of this iMCU row, */
-    /* which is saved at index M+1 of the other xbuffer */
-    main_ptr->rowgroup_ctr = (JDIMENSION)(cinfo->_min_DCT_scaled_size + 1);
-    main_ptr->rowgroups_avail = (JDIMENSION)(cinfo->_min_DCT_scaled_size + 2);
-    main_ptr->context_state = CTX_POSTPONED_ROW;
-  }
-}
-
-
-/*
- * Process some data.
- * Final pass of two-pass quantization: just call the postprocessor.
- * Source data will be the postprocessor controller's internal buffer.
- */
-
-#ifdef QUANT_2PASS_SUPPORTED
-
-METHODDEF(void)
-process_data_crank_post(j_decompress_ptr cinfo, JSAMPARRAY output_buf,
-                        JDIMENSION *out_row_ctr, JDIMENSION out_rows_avail)
-{
-  (*cinfo->post->post_process_data) (cinfo, (JSAMPIMAGE)NULL,
-                                     (JDIMENSION *)NULL, (JDIMENSION)0,
-                                     output_buf, out_row_ctr, out_rows_avail);
-}
-
-#endif /* QUANT_2PASS_SUPPORTED */
-
-
-/*
- * Initialize main buffer controller.
- */
-
-GLOBAL(void)
-jinit_d_main_controller(j_decompress_ptr cinfo, boolean need_full_buffer)
-{
-  my_main_ptr main_ptr;
-  int ci, rgroup, ngroups;
-  jpeg_component_info *compptr;
-
-  main_ptr = (my_main_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(my_main_controller));
-  cinfo->main = (struct jpeg_d_main_controller *)main_ptr;
-  main_ptr->pub.start_pass = start_pass_main;
-
-  if (need_full_buffer)         /* shouldn't happen */
-    ERREXIT(cinfo, JERR_BAD_BUFFER_MODE);
-
-  /* Allocate the workspace.
-   * ngroups is the number of row groups we need.
-   */
-  if (cinfo->upsample->need_context_rows) {
-    if (cinfo->_min_DCT_scaled_size < 2) /* unsupported, see comments above */
-      ERREXIT(cinfo, JERR_NOTIMPL);
-    alloc_funny_pointers(cinfo); /* Alloc space for xbuffer[] lists */
-    ngroups = cinfo->_min_DCT_scaled_size + 2;
-  } else {
-    ngroups = cinfo->_min_DCT_scaled_size;
-  }
-
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    rgroup = (compptr->v_samp_factor * compptr->_DCT_scaled_size) /
-      cinfo->_min_DCT_scaled_size; /* height of a row group of component */
-    main_ptr->buffer[ci] = (*cinfo->mem->alloc_sarray)
-                        ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                         compptr->width_in_blocks * compptr->_DCT_scaled_size,
-                         (JDIMENSION)(rgroup * ngroups));
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdmainct.h b/3rdparty/libjpeg-turbo_2_1_0/jdmainct.h
deleted file mode 100644
index 37b201c..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdmainct.h
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * jdmainct.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- */
-
-#define JPEG_INTERNALS
-#include "jpeglib.h"
-#include "jpegcomp.h"
-
-
-/* Private buffer controller object */
-
-typedef struct {
-  struct jpeg_d_main_controller pub; /* public fields */
-
-  /* Pointer to allocated workspace (M or M+2 row groups). */
-  JSAMPARRAY buffer[MAX_COMPONENTS];
-
-  boolean buffer_full;          /* Have we gotten an iMCU row from decoder? */
-  JDIMENSION rowgroup_ctr;      /* counts row groups output to postprocessor */
-
-  /* Remaining fields are only used in the context case. */
-
-  /* These are the master pointers to the funny-order pointer lists. */
-  JSAMPIMAGE xbuffer[2];        /* pointers to weird pointer lists */
-
-  int whichptr;                 /* indicates which pointer set is now in use */
-  int context_state;            /* process_data state machine status */
-  JDIMENSION rowgroups_avail;   /* row groups available to postprocessor */
-  JDIMENSION iMCU_row_ctr;      /* counts iMCU rows to detect image top/bot */
-} my_main_controller;
-
-typedef my_main_controller *my_main_ptr;
-
-
-/* context_state values: */
-#define CTX_PREPARE_FOR_IMCU    0       /* need to prepare for MCU row */
-#define CTX_PROCESS_IMCU        1       /* feeding iMCU to postprocessor */
-#define CTX_POSTPONED_ROW       2       /* feeding postponed row group */
-
-
-LOCAL(void)
-set_wraparound_pointers(j_decompress_ptr cinfo)
-/* Set up the "wraparound" pointers at top and bottom of the pointer lists.
- * This changes the pointer list state from top-of-image to the normal state.
- */
-{
-  my_main_ptr main_ptr = (my_main_ptr)cinfo->main;
-  int ci, i, rgroup;
-  int M = cinfo->_min_DCT_scaled_size;
-  jpeg_component_info *compptr;
-  JSAMPARRAY xbuf0, xbuf1;
-
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    rgroup = (compptr->v_samp_factor * compptr->_DCT_scaled_size) /
-      cinfo->_min_DCT_scaled_size; /* height of a row group of component */
-    xbuf0 = main_ptr->xbuffer[0][ci];
-    xbuf1 = main_ptr->xbuffer[1][ci];
-    for (i = 0; i < rgroup; i++) {
-      xbuf0[i - rgroup] = xbuf0[rgroup * (M + 1) + i];
-      xbuf1[i - rgroup] = xbuf1[rgroup * (M + 1) + i];
-      xbuf0[rgroup * (M + 2) + i] = xbuf0[i];
-      xbuf1[rgroup * (M + 2) + i] = xbuf1[i];
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdmarker.c b/3rdparty/libjpeg-turbo_2_1_0/jdmarker.c
deleted file mode 100644
index b964c3a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdmarker.c
+++ /dev/null
@@ -1,1374 +0,0 @@
-/*
- * jdmarker.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1998, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2012, 2015, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains routines to decode JPEG datastream markers.
- * Most of the complexity arises from our desire to support input
- * suspension: if not all of the data for a marker is available,
- * we must exit back to the application.  On resumption, we reprocess
- * the marker.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-
-
-typedef enum {                  /* JPEG marker codes */
-  M_SOF0  = 0xc0,
-  M_SOF1  = 0xc1,
-  M_SOF2  = 0xc2,
-  M_SOF3  = 0xc3,
-
-  M_SOF5  = 0xc5,
-  M_SOF6  = 0xc6,
-  M_SOF7  = 0xc7,
-
-  M_JPG   = 0xc8,
-  M_SOF9  = 0xc9,
-  M_SOF10 = 0xca,
-  M_SOF11 = 0xcb,
-
-  M_SOF13 = 0xcd,
-  M_SOF14 = 0xce,
-  M_SOF15 = 0xcf,
-
-  M_DHT   = 0xc4,
-
-  M_DAC   = 0xcc,
-
-  M_RST0  = 0xd0,
-  M_RST1  = 0xd1,
-  M_RST2  = 0xd2,
-  M_RST3  = 0xd3,
-  M_RST4  = 0xd4,
-  M_RST5  = 0xd5,
-  M_RST6  = 0xd6,
-  M_RST7  = 0xd7,
-
-  M_SOI   = 0xd8,
-  M_EOI   = 0xd9,
-  M_SOS   = 0xda,
-  M_DQT   = 0xdb,
-  M_DNL   = 0xdc,
-  M_DRI   = 0xdd,
-  M_DHP   = 0xde,
-  M_EXP   = 0xdf,
-
-  M_APP0  = 0xe0,
-  M_APP1  = 0xe1,
-  M_APP2  = 0xe2,
-  M_APP3  = 0xe3,
-  M_APP4  = 0xe4,
-  M_APP5  = 0xe5,
-  M_APP6  = 0xe6,
-  M_APP7  = 0xe7,
-  M_APP8  = 0xe8,
-  M_APP9  = 0xe9,
-  M_APP10 = 0xea,
-  M_APP11 = 0xeb,
-  M_APP12 = 0xec,
-  M_APP13 = 0xed,
-  M_APP14 = 0xee,
-  M_APP15 = 0xef,
-
-  M_JPG0  = 0xf0,
-  M_JPG13 = 0xfd,
-  M_COM   = 0xfe,
-
-  M_TEM   = 0x01,
-
-  M_ERROR = 0x100
-} JPEG_MARKER;
-
-
-/* Private state */
-
-typedef struct {
-  struct jpeg_marker_reader pub; /* public fields */
-
-  /* Application-overridable marker processing methods */
-  jpeg_marker_parser_method process_COM;
-  jpeg_marker_parser_method process_APPn[16];
-
-  /* Limit on marker data length to save for each marker type */
-  unsigned int length_limit_COM;
-  unsigned int length_limit_APPn[16];
-
-  /* Status of COM/APPn marker saving */
-  jpeg_saved_marker_ptr cur_marker;     /* NULL if not processing a marker */
-  unsigned int bytes_read;              /* data bytes read so far in marker */
-  /* Note: cur_marker is not linked into marker_list until it's all read. */
-} my_marker_reader;
-
-typedef my_marker_reader *my_marker_ptr;
-
-
-/*
- * Macros for fetching data from the data source module.
- *
- * At all times, cinfo->src->next_input_byte and ->bytes_in_buffer reflect
- * the current restart point; we update them only when we have reached a
- * suitable place to restart if a suspension occurs.
- */
-
-/* Declare and initialize local copies of input pointer/count */
-#define INPUT_VARS(cinfo) \
-  struct jpeg_source_mgr *datasrc = (cinfo)->src; \
-  const JOCTET *next_input_byte = datasrc->next_input_byte; \
-  size_t bytes_in_buffer = datasrc->bytes_in_buffer
-
-/* Unload the local copies --- do this only at a restart boundary */
-#define INPUT_SYNC(cinfo) \
-  ( datasrc->next_input_byte = next_input_byte, \
-    datasrc->bytes_in_buffer = bytes_in_buffer )
-
-/* Reload the local copies --- used only in MAKE_BYTE_AVAIL */
-#define INPUT_RELOAD(cinfo) \
-  ( next_input_byte = datasrc->next_input_byte, \
-    bytes_in_buffer = datasrc->bytes_in_buffer )
-
-/* Internal macro for INPUT_BYTE and INPUT_2BYTES: make a byte available.
- * Note we do *not* do INPUT_SYNC before calling fill_input_buffer,
- * but we must reload the local copies after a successful fill.
- */
-#define MAKE_BYTE_AVAIL(cinfo, action) \
-  if (bytes_in_buffer == 0) { \
-    if (!(*datasrc->fill_input_buffer) (cinfo)) \
-      { action; } \
-    INPUT_RELOAD(cinfo); \
-  }
-
-/* Read a byte into variable V.
- * If must suspend, take the specified action (typically "return FALSE").
- */
-#define INPUT_BYTE(cinfo, V, action) \
-  MAKESTMT( MAKE_BYTE_AVAIL(cinfo, action); \
-            bytes_in_buffer--; \
-            V = *next_input_byte++; )
-
-/* As above, but read two bytes interpreted as an unsigned 16-bit integer.
- * V should be declared unsigned int or perhaps JLONG.
- */
-#define INPUT_2BYTES(cinfo, V, action) \
-  MAKESTMT( MAKE_BYTE_AVAIL(cinfo, action); \
-            bytes_in_buffer--; \
-            V = ((unsigned int)(*next_input_byte++)) << 8; \
-            MAKE_BYTE_AVAIL(cinfo, action); \
-            bytes_in_buffer--; \
-            V += *next_input_byte++; )
-
-
-/*
- * Routines to process JPEG markers.
- *
- * Entry condition: JPEG marker itself has been read and its code saved
- *   in cinfo->unread_marker; input restart point is just after the marker.
- *
- * Exit: if return TRUE, have read and processed any parameters, and have
- *   updated the restart point to point after the parameters.
- *   If return FALSE, was forced to suspend before reaching end of
- *   marker parameters; restart point has not been moved.  Same routine
- *   will be called again after application supplies more input data.
- *
- * This approach to suspension assumes that all of a marker's parameters
- * can fit into a single input bufferload.  This should hold for "normal"
- * markers.  Some COM/APPn markers might have large parameter segments
- * that might not fit.  If we are simply dropping such a marker, we use
- * skip_input_data to get past it, and thereby put the problem on the
- * source manager's shoulders.  If we are saving the marker's contents
- * into memory, we use a slightly different convention: when forced to
- * suspend, the marker processor updates the restart point to the end of
- * what it's consumed (ie, the end of the buffer) before returning FALSE.
- * On resumption, cinfo->unread_marker still contains the marker code,
- * but the data source will point to the next chunk of marker data.
- * The marker processor must retain internal state to deal with this.
- *
- * Note that we don't bother to avoid duplicate trace messages if a
- * suspension occurs within marker parameters.  Other side effects
- * require more care.
- */
-
-
-LOCAL(boolean)
-get_soi(j_decompress_ptr cinfo)
-/* Process an SOI marker */
-{
-  int i;
-
-  TRACEMS(cinfo, 1, JTRC_SOI);
-
-  if (cinfo->marker->saw_SOI)
-    ERREXIT(cinfo, JERR_SOI_DUPLICATE);
-
-  /* Reset all parameters that are defined to be reset by SOI */
-
-  for (i = 0; i < NUM_ARITH_TBLS; i++) {
-    cinfo->arith_dc_L[i] = 0;
-    cinfo->arith_dc_U[i] = 1;
-    cinfo->arith_ac_K[i] = 5;
-  }
-  cinfo->restart_interval = 0;
-
-  /* Set initial assumptions for colorspace etc */
-
-  cinfo->jpeg_color_space = JCS_UNKNOWN;
-  cinfo->CCIR601_sampling = FALSE; /* Assume non-CCIR sampling??? */
-
-  cinfo->saw_JFIF_marker = FALSE;
-  cinfo->JFIF_major_version = 1; /* set default JFIF APP0 values */
-  cinfo->JFIF_minor_version = 1;
-  cinfo->density_unit = 0;
-  cinfo->X_density = 1;
-  cinfo->Y_density = 1;
-  cinfo->saw_Adobe_marker = FALSE;
-  cinfo->Adobe_transform = 0;
-
-  cinfo->marker->saw_SOI = TRUE;
-
-  return TRUE;
-}
-
-
-LOCAL(boolean)
-get_sof(j_decompress_ptr cinfo, boolean is_prog, boolean is_arith)
-/* Process a SOFn marker */
-{
-  JLONG length;
-  int c, ci;
-  jpeg_component_info *compptr;
-  INPUT_VARS(cinfo);
-
-  cinfo->progressive_mode = is_prog;
-  cinfo->arith_code = is_arith;
-
-  INPUT_2BYTES(cinfo, length, return FALSE);
-
-  INPUT_BYTE(cinfo, cinfo->data_precision, return FALSE);
-  INPUT_2BYTES(cinfo, cinfo->image_height, return FALSE);
-  INPUT_2BYTES(cinfo, cinfo->image_width, return FALSE);
-  INPUT_BYTE(cinfo, cinfo->num_components, return FALSE);
-
-  length -= 8;
-
-  TRACEMS4(cinfo, 1, JTRC_SOF, cinfo->unread_marker,
-           (int)cinfo->image_width, (int)cinfo->image_height,
-           cinfo->num_components);
-
-  if (cinfo->marker->saw_SOF)
-    ERREXIT(cinfo, JERR_SOF_DUPLICATE);
-
-  /* We don't support files in which the image height is initially specified */
-  /* as 0 and is later redefined by DNL.  As long as we have to check that,  */
-  /* might as well have a general sanity check. */
-  if (cinfo->image_height <= 0 || cinfo->image_width <= 0 ||
-      cinfo->num_components <= 0)
-    ERREXIT(cinfo, JERR_EMPTY_IMAGE);
-
-  if (length != (cinfo->num_components * 3))
-    ERREXIT(cinfo, JERR_BAD_LENGTH);
-
-  if (cinfo->comp_info == NULL) /* do only once, even if suspend */
-    cinfo->comp_info = (jpeg_component_info *)(*cinfo->mem->alloc_small)
-                        ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                         cinfo->num_components * sizeof(jpeg_component_info));
-
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    compptr->component_index = ci;
-    INPUT_BYTE(cinfo, compptr->component_id, return FALSE);
-    INPUT_BYTE(cinfo, c, return FALSE);
-    compptr->h_samp_factor = (c >> 4) & 15;
-    compptr->v_samp_factor = (c     ) & 15;
-    INPUT_BYTE(cinfo, compptr->quant_tbl_no, return FALSE);
-
-    TRACEMS4(cinfo, 1, JTRC_SOF_COMPONENT,
-             compptr->component_id, compptr->h_samp_factor,
-             compptr->v_samp_factor, compptr->quant_tbl_no);
-  }
-
-  cinfo->marker->saw_SOF = TRUE;
-
-  INPUT_SYNC(cinfo);
-  return TRUE;
-}
-
-
-LOCAL(boolean)
-get_sos(j_decompress_ptr cinfo)
-/* Process a SOS marker */
-{
-  JLONG length;
-  int i, ci, n, c, cc, pi;
-  jpeg_component_info *compptr;
-  INPUT_VARS(cinfo);
-
-  if (!cinfo->marker->saw_SOF)
-    ERREXIT(cinfo, JERR_SOS_NO_SOF);
-
-  INPUT_2BYTES(cinfo, length, return FALSE);
-
-  INPUT_BYTE(cinfo, n, return FALSE); /* Number of components */
-
-  TRACEMS1(cinfo, 1, JTRC_SOS, n);
-
-  if (length != (n * 2 + 6) || n < 1 || n > MAX_COMPS_IN_SCAN)
-    ERREXIT(cinfo, JERR_BAD_LENGTH);
-
-  cinfo->comps_in_scan = n;
-
-  /* Collect the component-spec parameters */
-
-  for (i = 0; i < MAX_COMPS_IN_SCAN; i++)
-    cinfo->cur_comp_info[i] = NULL;
-
-  for (i = 0; i < n; i++) {
-    INPUT_BYTE(cinfo, cc, return FALSE);
-    INPUT_BYTE(cinfo, c, return FALSE);
-
-    for (ci = 0, compptr = cinfo->comp_info;
-         ci < cinfo->num_components && ci < MAX_COMPS_IN_SCAN;
-         ci++, compptr++) {
-      if (cc == compptr->component_id && !cinfo->cur_comp_info[ci])
-        goto id_found;
-    }
-
-    ERREXIT1(cinfo, JERR_BAD_COMPONENT_ID, cc);
-
-id_found:
-
-    cinfo->cur_comp_info[i] = compptr;
-    compptr->dc_tbl_no = (c >> 4) & 15;
-    compptr->ac_tbl_no = (c     ) & 15;
-
-    TRACEMS3(cinfo, 1, JTRC_SOS_COMPONENT, cc,
-             compptr->dc_tbl_no, compptr->ac_tbl_no);
-
-    /* This CSi (cc) should differ from the previous CSi */
-    for (pi = 0; pi < i; pi++) {
-      if (cinfo->cur_comp_info[pi] == compptr) {
-        ERREXIT1(cinfo, JERR_BAD_COMPONENT_ID, cc);
-      }
-    }
-  }
-
-  /* Collect the additional scan parameters Ss, Se, Ah/Al. */
-  INPUT_BYTE(cinfo, c, return FALSE);
-  cinfo->Ss = c;
-  INPUT_BYTE(cinfo, c, return FALSE);
-  cinfo->Se = c;
-  INPUT_BYTE(cinfo, c, return FALSE);
-  cinfo->Ah = (c >> 4) & 15;
-  cinfo->Al = (c     ) & 15;
-
-  TRACEMS4(cinfo, 1, JTRC_SOS_PARAMS, cinfo->Ss, cinfo->Se,
-           cinfo->Ah, cinfo->Al);
-
-  /* Prepare to scan data & restart markers */
-  cinfo->marker->next_restart_num = 0;
-
-  /* Count another SOS marker */
-  cinfo->input_scan_number++;
-
-  INPUT_SYNC(cinfo);
-  return TRUE;
-}
-
-
-#ifdef D_ARITH_CODING_SUPPORTED
-
-LOCAL(boolean)
-get_dac(j_decompress_ptr cinfo)
-/* Process a DAC marker */
-{
-  JLONG length;
-  int index, val;
-  INPUT_VARS(cinfo);
-
-  INPUT_2BYTES(cinfo, length, return FALSE);
-  length -= 2;
-
-  while (length > 0) {
-    INPUT_BYTE(cinfo, index, return FALSE);
-    INPUT_BYTE(cinfo, val, return FALSE);
-
-    length -= 2;
-
-    TRACEMS2(cinfo, 1, JTRC_DAC, index, val);
-
-    if (index < 0 || index >= (2 * NUM_ARITH_TBLS))
-      ERREXIT1(cinfo, JERR_DAC_INDEX, index);
-
-    if (index >= NUM_ARITH_TBLS) { /* define AC table */
-      cinfo->arith_ac_K[index - NUM_ARITH_TBLS] = (UINT8)val;
-    } else {                    /* define DC table */
-      cinfo->arith_dc_L[index] = (UINT8)(val & 0x0F);
-      cinfo->arith_dc_U[index] = (UINT8)(val >> 4);
-      if (cinfo->arith_dc_L[index] > cinfo->arith_dc_U[index])
-        ERREXIT1(cinfo, JERR_DAC_VALUE, val);
-    }
-  }
-
-  if (length != 0)
-    ERREXIT(cinfo, JERR_BAD_LENGTH);
-
-  INPUT_SYNC(cinfo);
-  return TRUE;
-}
-
-#else /* !D_ARITH_CODING_SUPPORTED */
-
-#define get_dac(cinfo)  skip_variable(cinfo)
-
-#endif /* D_ARITH_CODING_SUPPORTED */
-
-
-LOCAL(boolean)
-get_dht(j_decompress_ptr cinfo)
-/* Process a DHT marker */
-{
-  JLONG length;
-  UINT8 bits[17];
-  UINT8 huffval[256];
-  int i, index, count;
-  JHUFF_TBL **htblptr;
-  INPUT_VARS(cinfo);
-
-  INPUT_2BYTES(cinfo, length, return FALSE);
-  length -= 2;
-
-  while (length > 16) {
-    INPUT_BYTE(cinfo, index, return FALSE);
-
-    TRACEMS1(cinfo, 1, JTRC_DHT, index);
-
-    bits[0] = 0;
-    count = 0;
-    for (i = 1; i <= 16; i++) {
-      INPUT_BYTE(cinfo, bits[i], return FALSE);
-      count += bits[i];
-    }
-
-    length -= 1 + 16;
-
-    TRACEMS8(cinfo, 2, JTRC_HUFFBITS,
-             bits[1], bits[2], bits[3], bits[4],
-             bits[5], bits[6], bits[7], bits[8]);
-    TRACEMS8(cinfo, 2, JTRC_HUFFBITS,
-             bits[9], bits[10], bits[11], bits[12],
-             bits[13], bits[14], bits[15], bits[16]);
-
-    /* Here we just do minimal validation of the counts to avoid walking
-     * off the end of our table space.  jdhuff.c will check more carefully.
-     */
-    if (count > 256 || ((JLONG)count) > length)
-      ERREXIT(cinfo, JERR_BAD_HUFF_TABLE);
-
-    for (i = 0; i < count; i++)
-      INPUT_BYTE(cinfo, huffval[i], return FALSE);
-
-    MEMZERO(&huffval[count], (256 - count) * sizeof(UINT8));
-
-    length -= count;
-
-    if (index & 0x10) {         /* AC table definition */
-      index -= 0x10;
-      if (index < 0 || index >= NUM_HUFF_TBLS)
-        ERREXIT1(cinfo, JERR_DHT_INDEX, index);
-      htblptr = &cinfo->ac_huff_tbl_ptrs[index];
-    } else {                    /* DC table definition */
-      if (index < 0 || index >= NUM_HUFF_TBLS)
-        ERREXIT1(cinfo, JERR_DHT_INDEX, index);
-      htblptr = &cinfo->dc_huff_tbl_ptrs[index];
-    }
-
-    if (*htblptr == NULL)
-      *htblptr = jpeg_alloc_huff_table((j_common_ptr)cinfo);
-
-    MEMCOPY((*htblptr)->bits, bits, sizeof((*htblptr)->bits));
-    MEMCOPY((*htblptr)->huffval, huffval, sizeof((*htblptr)->huffval));
-  }
-
-  if (length != 0)
-    ERREXIT(cinfo, JERR_BAD_LENGTH);
-
-  INPUT_SYNC(cinfo);
-  return TRUE;
-}
-
-
-LOCAL(boolean)
-get_dqt(j_decompress_ptr cinfo)
-/* Process a DQT marker */
-{
-  JLONG length;
-  int n, i, prec;
-  unsigned int tmp;
-  JQUANT_TBL *quant_ptr;
-  INPUT_VARS(cinfo);
-
-  INPUT_2BYTES(cinfo, length, return FALSE);
-  length -= 2;
-
-  while (length > 0) {
-    INPUT_BYTE(cinfo, n, return FALSE);
-    prec = n >> 4;
-    n &= 0x0F;
-
-    TRACEMS2(cinfo, 1, JTRC_DQT, n, prec);
-
-    if (n >= NUM_QUANT_TBLS)
-      ERREXIT1(cinfo, JERR_DQT_INDEX, n);
-
-    if (cinfo->quant_tbl_ptrs[n] == NULL)
-      cinfo->quant_tbl_ptrs[n] = jpeg_alloc_quant_table((j_common_ptr)cinfo);
-    quant_ptr = cinfo->quant_tbl_ptrs[n];
-
-    for (i = 0; i < DCTSIZE2; i++) {
-      if (prec)
-        INPUT_2BYTES(cinfo, tmp, return FALSE);
-      else
-        INPUT_BYTE(cinfo, tmp, return FALSE);
-      /* We convert the zigzag-order table to natural array order. */
-      quant_ptr->quantval[jpeg_natural_order[i]] = (UINT16)tmp;
-    }
-
-    if (cinfo->err->trace_level >= 2) {
-      for (i = 0; i < DCTSIZE2; i += 8) {
-        TRACEMS8(cinfo, 2, JTRC_QUANTVALS,
-                 quant_ptr->quantval[i],     quant_ptr->quantval[i + 1],
-                 quant_ptr->quantval[i + 2], quant_ptr->quantval[i + 3],
-                 quant_ptr->quantval[i + 4], quant_ptr->quantval[i + 5],
-                 quant_ptr->quantval[i + 6], quant_ptr->quantval[i + 7]);
-      }
-    }
-
-    length -= DCTSIZE2 + 1;
-    if (prec) length -= DCTSIZE2;
-  }
-
-  if (length != 0)
-    ERREXIT(cinfo, JERR_BAD_LENGTH);
-
-  INPUT_SYNC(cinfo);
-  return TRUE;
-}
-
-
-LOCAL(boolean)
-get_dri(j_decompress_ptr cinfo)
-/* Process a DRI marker */
-{
-  JLONG length;
-  unsigned int tmp;
-  INPUT_VARS(cinfo);
-
-  INPUT_2BYTES(cinfo, length, return FALSE);
-
-  if (length != 4)
-    ERREXIT(cinfo, JERR_BAD_LENGTH);
-
-  INPUT_2BYTES(cinfo, tmp, return FALSE);
-
-  TRACEMS1(cinfo, 1, JTRC_DRI, tmp);
-
-  cinfo->restart_interval = tmp;
-
-  INPUT_SYNC(cinfo);
-  return TRUE;
-}
-
-
-/*
- * Routines for processing APPn and COM markers.
- * These are either saved in memory or discarded, per application request.
- * APP0 and APP14 are specially checked to see if they are
- * JFIF and Adobe markers, respectively.
- */
-
-#define APP0_DATA_LEN   14      /* Length of interesting data in APP0 */
-#define APP14_DATA_LEN  12      /* Length of interesting data in APP14 */
-#define APPN_DATA_LEN   14      /* Must be the largest of the above!! */
-
-
-LOCAL(void)
-examine_app0(j_decompress_ptr cinfo, JOCTET *data, unsigned int datalen,
-             JLONG remaining)
-/* Examine first few bytes from an APP0.
- * Take appropriate action if it is a JFIF marker.
- * datalen is # of bytes at data[], remaining is length of rest of marker data.
- */
-{
-  JLONG totallen = (JLONG)datalen + remaining;
-
-  if (datalen >= APP0_DATA_LEN &&
-      data[0] == 0x4A &&
-      data[1] == 0x46 &&
-      data[2] == 0x49 &&
-      data[3] == 0x46 &&
-      data[4] == 0) {
-    /* Found JFIF APP0 marker: save info */
-    cinfo->saw_JFIF_marker = TRUE;
-    cinfo->JFIF_major_version = data[5];
-    cinfo->JFIF_minor_version = data[6];
-    cinfo->density_unit = data[7];
-    cinfo->X_density = (data[8] << 8) + data[9];
-    cinfo->Y_density = (data[10] << 8) + data[11];
-    /* Check version.
-     * Major version must be 1, anything else signals an incompatible change.
-     * (We used to treat this as an error, but now it's a nonfatal warning,
-     * because some bozo at Hijaak couldn't read the spec.)
-     * Minor version should be 0..2, but process anyway if newer.
-     */
-    if (cinfo->JFIF_major_version != 1)
-      WARNMS2(cinfo, JWRN_JFIF_MAJOR,
-              cinfo->JFIF_major_version, cinfo->JFIF_minor_version);
-    /* Generate trace messages */
-    TRACEMS5(cinfo, 1, JTRC_JFIF,
-             cinfo->JFIF_major_version, cinfo->JFIF_minor_version,
-             cinfo->X_density, cinfo->Y_density, cinfo->density_unit);
-    /* Validate thumbnail dimensions and issue appropriate messages */
-    if (data[12] | data[13])
-      TRACEMS2(cinfo, 1, JTRC_JFIF_THUMBNAIL, data[12], data[13]);
-    totallen -= APP0_DATA_LEN;
-    if (totallen != ((JLONG)data[12] * (JLONG)data[13] * (JLONG)3))
-      TRACEMS1(cinfo, 1, JTRC_JFIF_BADTHUMBNAILSIZE, (int)totallen);
-  } else if (datalen >= 6 &&
-             data[0] == 0x4A &&
-             data[1] == 0x46 &&
-             data[2] == 0x58 &&
-             data[3] == 0x58 &&
-             data[4] == 0) {
-    /* Found JFIF "JFXX" extension APP0 marker */
-    /* The library doesn't actually do anything with these,
-     * but we try to produce a helpful trace message.
-     */
-    switch (data[5]) {
-    case 0x10:
-      TRACEMS1(cinfo, 1, JTRC_THUMB_JPEG, (int)totallen);
-      break;
-    case 0x11:
-      TRACEMS1(cinfo, 1, JTRC_THUMB_PALETTE, (int)totallen);
-      break;
-    case 0x13:
-      TRACEMS1(cinfo, 1, JTRC_THUMB_RGB, (int)totallen);
-      break;
-    default:
-      TRACEMS2(cinfo, 1, JTRC_JFIF_EXTENSION, data[5], (int)totallen);
-      break;
-    }
-  } else {
-    /* Start of APP0 does not match "JFIF" or "JFXX", or too short */
-    TRACEMS1(cinfo, 1, JTRC_APP0, (int)totallen);
-  }
-}
-
-
-LOCAL(void)
-examine_app14(j_decompress_ptr cinfo, JOCTET *data, unsigned int datalen,
-              JLONG remaining)
-/* Examine first few bytes from an APP14.
- * Take appropriate action if it is an Adobe marker.
- * datalen is # of bytes at data[], remaining is length of rest of marker data.
- */
-{
-  unsigned int version, flags0, flags1, transform;
-
-  if (datalen >= APP14_DATA_LEN &&
-      data[0] == 0x41 &&
-      data[1] == 0x64 &&
-      data[2] == 0x6F &&
-      data[3] == 0x62 &&
-      data[4] == 0x65) {
-    /* Found Adobe APP14 marker */
-    version = (data[5] << 8) + data[6];
-    flags0 = (data[7] << 8) + data[8];
-    flags1 = (data[9] << 8) + data[10];
-    transform = data[11];
-    TRACEMS4(cinfo, 1, JTRC_ADOBE, version, flags0, flags1, transform);
-    cinfo->saw_Adobe_marker = TRUE;
-    cinfo->Adobe_transform = (UINT8)transform;
-  } else {
-    /* Start of APP14 does not match "Adobe", or too short */
-    TRACEMS1(cinfo, 1, JTRC_APP14, (int)(datalen + remaining));
-  }
-}
-
-
-METHODDEF(boolean)
-get_interesting_appn(j_decompress_ptr cinfo)
-/* Process an APP0 or APP14 marker without saving it */
-{
-  JLONG length;
-  JOCTET b[APPN_DATA_LEN];
-  unsigned int i, numtoread;
-  INPUT_VARS(cinfo);
-
-  INPUT_2BYTES(cinfo, length, return FALSE);
-  length -= 2;
-
-  /* get the interesting part of the marker data */
-  if (length >= APPN_DATA_LEN)
-    numtoread = APPN_DATA_LEN;
-  else if (length > 0)
-    numtoread = (unsigned int)length;
-  else
-    numtoread = 0;
-  for (i = 0; i < numtoread; i++)
-    INPUT_BYTE(cinfo, b[i], return FALSE);
-  length -= numtoread;
-
-  /* process it */
-  switch (cinfo->unread_marker) {
-  case M_APP0:
-    examine_app0(cinfo, (JOCTET *)b, numtoread, length);
-    break;
-  case M_APP14:
-    examine_app14(cinfo, (JOCTET *)b, numtoread, length);
-    break;
-  default:
-    /* can't get here unless jpeg_save_markers chooses wrong processor */
-    ERREXIT1(cinfo, JERR_UNKNOWN_MARKER, cinfo->unread_marker);
-    break;
-  }
-
-  /* skip any remaining data -- could be lots */
-  INPUT_SYNC(cinfo);
-  if (length > 0)
-    (*cinfo->src->skip_input_data) (cinfo, (long)length);
-
-  return TRUE;
-}
-
-
-#ifdef SAVE_MARKERS_SUPPORTED
-
-METHODDEF(boolean)
-save_marker(j_decompress_ptr cinfo)
-/* Save an APPn or COM marker into the marker list */
-{
-  my_marker_ptr marker = (my_marker_ptr)cinfo->marker;
-  jpeg_saved_marker_ptr cur_marker = marker->cur_marker;
-  unsigned int bytes_read, data_length;
-  JOCTET *data;
-  JLONG length = 0;
-  INPUT_VARS(cinfo);
-
-  if (cur_marker == NULL) {
-    /* begin reading a marker */
-    INPUT_2BYTES(cinfo, length, return FALSE);
-    length -= 2;
-    if (length >= 0) {          /* watch out for bogus length word */
-      /* figure out how much we want to save */
-      unsigned int limit;
-      if (cinfo->unread_marker == (int)M_COM)
-        limit = marker->length_limit_COM;
-      else
-        limit = marker->length_limit_APPn[cinfo->unread_marker - (int)M_APP0];
-      if ((unsigned int)length < limit)
-        limit = (unsigned int)length;
-      /* allocate and initialize the marker item */
-      cur_marker = (jpeg_saved_marker_ptr)
-        (*cinfo->mem->alloc_large) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                    sizeof(struct jpeg_marker_struct) + limit);
-      cur_marker->next = NULL;
-      cur_marker->marker = (UINT8)cinfo->unread_marker;
-      cur_marker->original_length = (unsigned int)length;
-      cur_marker->data_length = limit;
-      /* data area is just beyond the jpeg_marker_struct */
-      data = cur_marker->data = (JOCTET *)(cur_marker + 1);
-      marker->cur_marker = cur_marker;
-      marker->bytes_read = 0;
-      bytes_read = 0;
-      data_length = limit;
-    } else {
-      /* deal with bogus length word */
-      bytes_read = data_length = 0;
-      data = NULL;
-    }
-  } else {
-    /* resume reading a marker */
-    bytes_read = marker->bytes_read;
-    data_length = cur_marker->data_length;
-    data = cur_marker->data + bytes_read;
-  }
-
-  while (bytes_read < data_length) {
-    INPUT_SYNC(cinfo);          /* move the restart point to here */
-    marker->bytes_read = bytes_read;
-    /* If there's not at least one byte in buffer, suspend */
-    MAKE_BYTE_AVAIL(cinfo, return FALSE);
-    /* Copy bytes with reasonable rapidity */
-    while (bytes_read < data_length && bytes_in_buffer > 0) {
-      *data++ = *next_input_byte++;
-      bytes_in_buffer--;
-      bytes_read++;
-    }
-  }
-
-  /* Done reading what we want to read */
-  if (cur_marker != NULL) {     /* will be NULL if bogus length word */
-    /* Add new marker to end of list */
-    if (cinfo->marker_list == NULL) {
-      cinfo->marker_list = cur_marker;
-    } else {
-      jpeg_saved_marker_ptr prev = cinfo->marker_list;
-      while (prev->next != NULL)
-        prev = prev->next;
-      prev->next = cur_marker;
-    }
-    /* Reset pointer & calc remaining data length */
-    data = cur_marker->data;
-    length = cur_marker->original_length - data_length;
-  }
-  /* Reset to initial state for next marker */
-  marker->cur_marker = NULL;
-
-  /* Process the marker if interesting; else just make a generic trace msg */
-  switch (cinfo->unread_marker) {
-  case M_APP0:
-    examine_app0(cinfo, data, data_length, length);
-    break;
-  case M_APP14:
-    examine_app14(cinfo, data, data_length, length);
-    break;
-  default:
-    TRACEMS2(cinfo, 1, JTRC_MISC_MARKER, cinfo->unread_marker,
-             (int)(data_length + length));
-    break;
-  }
-
-  /* skip any remaining data -- could be lots */
-  INPUT_SYNC(cinfo);            /* do before skip_input_data */
-  if (length > 0)
-    (*cinfo->src->skip_input_data) (cinfo, (long)length);
-
-  return TRUE;
-}
-
-#endif /* SAVE_MARKERS_SUPPORTED */
-
-
-METHODDEF(boolean)
-skip_variable(j_decompress_ptr cinfo)
-/* Skip over an unknown or uninteresting variable-length marker */
-{
-  JLONG length;
-  INPUT_VARS(cinfo);
-
-  INPUT_2BYTES(cinfo, length, return FALSE);
-  length -= 2;
-
-  TRACEMS2(cinfo, 1, JTRC_MISC_MARKER, cinfo->unread_marker, (int)length);
-
-  INPUT_SYNC(cinfo);            /* do before skip_input_data */
-  if (length > 0)
-    (*cinfo->src->skip_input_data) (cinfo, (long)length);
-
-  return TRUE;
-}
-
-
-/*
- * Find the next JPEG marker, save it in cinfo->unread_marker.
- * Returns FALSE if had to suspend before reaching a marker;
- * in that case cinfo->unread_marker is unchanged.
- *
- * Note that the result might not be a valid marker code,
- * but it will never be 0 or FF.
- */
-
-LOCAL(boolean)
-next_marker(j_decompress_ptr cinfo)
-{
-  int c;
-  INPUT_VARS(cinfo);
-
-  for (;;) {
-    INPUT_BYTE(cinfo, c, return FALSE);
-    /* Skip any non-FF bytes.
-     * This may look a bit inefficient, but it will not occur in a valid file.
-     * We sync after each discarded byte so that a suspending data source
-     * can discard the byte from its buffer.
-     */
-    while (c != 0xFF) {
-      cinfo->marker->discarded_bytes++;
-      INPUT_SYNC(cinfo);
-      INPUT_BYTE(cinfo, c, return FALSE);
-    }
-    /* This loop swallows any duplicate FF bytes.  Extra FFs are legal as
-     * pad bytes, so don't count them in discarded_bytes.  We assume there
-     * will not be so many consecutive FF bytes as to overflow a suspending
-     * data source's input buffer.
-     */
-    do {
-      INPUT_BYTE(cinfo, c, return FALSE);
-    } while (c == 0xFF);
-    if (c != 0)
-      break;                    /* found a valid marker, exit loop */
-    /* Reach here if we found a stuffed-zero data sequence (FF/00).
-     * Discard it and loop back to try again.
-     */
-    cinfo->marker->discarded_bytes += 2;
-    INPUT_SYNC(cinfo);
-  }
-
-  if (cinfo->marker->discarded_bytes != 0) {
-    WARNMS2(cinfo, JWRN_EXTRANEOUS_DATA, cinfo->marker->discarded_bytes, c);
-    cinfo->marker->discarded_bytes = 0;
-  }
-
-  cinfo->unread_marker = c;
-
-  INPUT_SYNC(cinfo);
-  return TRUE;
-}
-
-
-LOCAL(boolean)
-first_marker(j_decompress_ptr cinfo)
-/* Like next_marker, but used to obtain the initial SOI marker. */
-/* For this marker, we do not allow preceding garbage or fill; otherwise,
- * we might well scan an entire input file before realizing it ain't JPEG.
- * If an application wants to process non-JFIF files, it must seek to the
- * SOI before calling the JPEG library.
- */
-{
-  int c, c2;
-  INPUT_VARS(cinfo);
-
-  INPUT_BYTE(cinfo, c, return FALSE);
-  INPUT_BYTE(cinfo, c2, return FALSE);
-  if (c != 0xFF || c2 != (int)M_SOI)
-    ERREXIT2(cinfo, JERR_NO_SOI, c, c2);
-
-  cinfo->unread_marker = c2;
-
-  INPUT_SYNC(cinfo);
-  return TRUE;
-}
-
-
-/*
- * Read markers until SOS or EOI.
- *
- * Returns same codes as are defined for jpeg_consume_input:
- * JPEG_SUSPENDED, JPEG_REACHED_SOS, or JPEG_REACHED_EOI.
- */
-
-METHODDEF(int)
-read_markers(j_decompress_ptr cinfo)
-{
-  /* Outer loop repeats once for each marker. */
-  for (;;) {
-    /* Collect the marker proper, unless we already did. */
-    /* NB: first_marker() enforces the requirement that SOI appear first. */
-    if (cinfo->unread_marker == 0) {
-      if (!cinfo->marker->saw_SOI) {
-        if (!first_marker(cinfo))
-          return JPEG_SUSPENDED;
-      } else {
-        if (!next_marker(cinfo))
-          return JPEG_SUSPENDED;
-      }
-    }
-    /* At this point cinfo->unread_marker contains the marker code and the
-     * input point is just past the marker proper, but before any parameters.
-     * A suspension will cause us to return with this state still true.
-     */
-    switch (cinfo->unread_marker) {
-    case M_SOI:
-      if (!get_soi(cinfo))
-        return JPEG_SUSPENDED;
-      break;
-
-    case M_SOF0:                /* Baseline */
-    case M_SOF1:                /* Extended sequential, Huffman */
-      if (!get_sof(cinfo, FALSE, FALSE))
-        return JPEG_SUSPENDED;
-      break;
-
-    case M_SOF2:                /* Progressive, Huffman */
-      if (!get_sof(cinfo, TRUE, FALSE))
-        return JPEG_SUSPENDED;
-      break;
-
-    case M_SOF9:                /* Extended sequential, arithmetic */
-      if (!get_sof(cinfo, FALSE, TRUE))
-        return JPEG_SUSPENDED;
-      break;
-
-    case M_SOF10:               /* Progressive, arithmetic */
-      if (!get_sof(cinfo, TRUE, TRUE))
-        return JPEG_SUSPENDED;
-      break;
-
-    /* Currently unsupported SOFn types */
-    case M_SOF3:                /* Lossless, Huffman */
-    case M_SOF5:                /* Differential sequential, Huffman */
-    case M_SOF6:                /* Differential progressive, Huffman */
-    case M_SOF7:                /* Differential lossless, Huffman */
-    case M_JPG:                 /* Reserved for JPEG extensions */
-    case M_SOF11:               /* Lossless, arithmetic */
-    case M_SOF13:               /* Differential sequential, arithmetic */
-    case M_SOF14:               /* Differential progressive, arithmetic */
-    case M_SOF15:               /* Differential lossless, arithmetic */
-      ERREXIT1(cinfo, JERR_SOF_UNSUPPORTED, cinfo->unread_marker);
-      break;
-
-    case M_SOS:
-      if (!get_sos(cinfo))
-        return JPEG_SUSPENDED;
-      cinfo->unread_marker = 0; /* processed the marker */
-      return JPEG_REACHED_SOS;
-
-    case M_EOI:
-      TRACEMS(cinfo, 1, JTRC_EOI);
-      cinfo->unread_marker = 0; /* processed the marker */
-      return JPEG_REACHED_EOI;
-
-    case M_DAC:
-      if (!get_dac(cinfo))
-        return JPEG_SUSPENDED;
-      break;
-
-    case M_DHT:
-      if (!get_dht(cinfo))
-        return JPEG_SUSPENDED;
-      break;
-
-    case M_DQT:
-      if (!get_dqt(cinfo))
-        return JPEG_SUSPENDED;
-      break;
-
-    case M_DRI:
-      if (!get_dri(cinfo))
-        return JPEG_SUSPENDED;
-      break;
-
-    case M_APP0:
-    case M_APP1:
-    case M_APP2:
-    case M_APP3:
-    case M_APP4:
-    case M_APP5:
-    case M_APP6:
-    case M_APP7:
-    case M_APP8:
-    case M_APP9:
-    case M_APP10:
-    case M_APP11:
-    case M_APP12:
-    case M_APP13:
-    case M_APP14:
-    case M_APP15:
-      if (!(*((my_marker_ptr)cinfo->marker)->process_APPn[
-               cinfo->unread_marker - (int)M_APP0]) (cinfo))
-        return JPEG_SUSPENDED;
-      break;
-
-    case M_COM:
-      if (!(*((my_marker_ptr)cinfo->marker)->process_COM) (cinfo))
-        return JPEG_SUSPENDED;
-      break;
-
-    case M_RST0:                /* these are all parameterless */
-    case M_RST1:
-    case M_RST2:
-    case M_RST3:
-    case M_RST4:
-    case M_RST5:
-    case M_RST6:
-    case M_RST7:
-    case M_TEM:
-      TRACEMS1(cinfo, 1, JTRC_PARMLESS_MARKER, cinfo->unread_marker);
-      break;
-
-    case M_DNL:                 /* Ignore DNL ... perhaps the wrong thing */
-      if (!skip_variable(cinfo))
-        return JPEG_SUSPENDED;
-      break;
-
-    default:                    /* must be DHP, EXP, JPGn, or RESn */
-      /* For now, we treat the reserved markers as fatal errors since they are
-       * likely to be used to signal incompatible JPEG Part 3 extensions.
-       * Once the JPEG 3 version-number marker is well defined, this code
-       * ought to change!
-       */
-      ERREXIT1(cinfo, JERR_UNKNOWN_MARKER, cinfo->unread_marker);
-      break;
-    }
-    /* Successfully processed marker, so reset state variable */
-    cinfo->unread_marker = 0;
-  } /* end loop */
-}
-
-
-/*
- * Read a restart marker, which is expected to appear next in the datastream;
- * if the marker is not there, take appropriate recovery action.
- * Returns FALSE if suspension is required.
- *
- * This is called by the entropy decoder after it has read an appropriate
- * number of MCUs.  cinfo->unread_marker may be nonzero if the entropy decoder
- * has already read a marker from the data source.  Under normal conditions
- * cinfo->unread_marker will be reset to 0 before returning; if not reset,
- * it holds a marker which the decoder will be unable to read past.
- */
-
-METHODDEF(boolean)
-read_restart_marker(j_decompress_ptr cinfo)
-{
-  /* Obtain a marker unless we already did. */
-  /* Note that next_marker will complain if it skips any data. */
-  if (cinfo->unread_marker == 0) {
-    if (!next_marker(cinfo))
-      return FALSE;
-  }
-
-  if (cinfo->unread_marker ==
-      ((int)M_RST0 + cinfo->marker->next_restart_num)) {
-    /* Normal case --- swallow the marker and let entropy decoder continue */
-    TRACEMS1(cinfo, 3, JTRC_RST, cinfo->marker->next_restart_num);
-    cinfo->unread_marker = 0;
-  } else {
-    /* Uh-oh, the restart markers have been messed up. */
-    /* Let the data source manager determine how to resync. */
-    if (!(*cinfo->src->resync_to_restart) (cinfo,
-                                           cinfo->marker->next_restart_num))
-      return FALSE;
-  }
-
-  /* Update next-restart state */
-  cinfo->marker->next_restart_num = (cinfo->marker->next_restart_num + 1) & 7;
-
-  return TRUE;
-}
-
-
-/*
- * This is the default resync_to_restart method for data source managers
- * to use if they don't have any better approach.  Some data source managers
- * may be able to back up, or may have additional knowledge about the data
- * which permits a more intelligent recovery strategy; such managers would
- * presumably supply their own resync method.
- *
- * read_restart_marker calls resync_to_restart if it finds a marker other than
- * the restart marker it was expecting.  (This code is *not* used unless
- * a nonzero restart interval has been declared.)  cinfo->unread_marker is
- * the marker code actually found (might be anything, except 0 or FF).
- * The desired restart marker number (0..7) is passed as a parameter.
- * This routine is supposed to apply whatever error recovery strategy seems
- * appropriate in order to position the input stream to the next data segment.
- * Note that cinfo->unread_marker is treated as a marker appearing before
- * the current data-source input point; usually it should be reset to zero
- * before returning.
- * Returns FALSE if suspension is required.
- *
- * This implementation is substantially constrained by wanting to treat the
- * input as a data stream; this means we can't back up.  Therefore, we have
- * only the following actions to work with:
- *   1. Simply discard the marker and let the entropy decoder resume at next
- *      byte of file.
- *   2. Read forward until we find another marker, discarding intervening
- *      data.  (In theory we could look ahead within the current bufferload,
- *      without having to discard data if we don't find the desired marker.
- *      This idea is not implemented here, in part because it makes behavior
- *      dependent on buffer size and chance buffer-boundary positions.)
- *   3. Leave the marker unread (by failing to zero cinfo->unread_marker).
- *      This will cause the entropy decoder to process an empty data segment,
- *      inserting dummy zeroes, and then we will reprocess the marker.
- *
- * #2 is appropriate if we think the desired marker lies ahead, while #3 is
- * appropriate if the found marker is a future restart marker (indicating
- * that we have missed the desired restart marker, probably because it got
- * corrupted).
- * We apply #2 or #3 if the found marker is a restart marker no more than
- * two counts behind or ahead of the expected one.  We also apply #2 if the
- * found marker is not a legal JPEG marker code (it's certainly bogus data).
- * If the found marker is a restart marker more than 2 counts away, we do #1
- * (too much risk that the marker is erroneous; with luck we will be able to
- * resync at some future point).
- * For any valid non-restart JPEG marker, we apply #3.  This keeps us from
- * overrunning the end of a scan.  An implementation limited to single-scan
- * files might find it better to apply #2 for markers other than EOI, since
- * any other marker would have to be bogus data in that case.
- */
-
-GLOBAL(boolean)
-jpeg_resync_to_restart(j_decompress_ptr cinfo, int desired)
-{
-  int marker = cinfo->unread_marker;
-  int action = 1;
-
-  /* Always put up a warning. */
-  WARNMS2(cinfo, JWRN_MUST_RESYNC, marker, desired);
-
-  /* Outer loop handles repeated decision after scanning forward. */
-  for (;;) {
-    if (marker < (int)M_SOF0)
-      action = 2;               /* invalid marker */
-    else if (marker < (int)M_RST0 || marker > (int)M_RST7)
-      action = 3;               /* valid non-restart marker */
-    else {
-      if (marker == ((int)M_RST0 + ((desired + 1) & 7)) ||
-          marker == ((int)M_RST0 + ((desired + 2) & 7)))
-        action = 3;             /* one of the next two expected restarts */
-      else if (marker == ((int)M_RST0 + ((desired - 1) & 7)) ||
-               marker == ((int)M_RST0 + ((desired - 2) & 7)))
-        action = 2;             /* a prior restart, so advance */
-      else
-        action = 1;             /* desired restart or too far away */
-    }
-    TRACEMS2(cinfo, 4, JTRC_RECOVERY_ACTION, marker, action);
-    switch (action) {
-    case 1:
-      /* Discard marker and let entropy decoder resume processing. */
-      cinfo->unread_marker = 0;
-      return TRUE;
-    case 2:
-      /* Scan to the next marker, and repeat the decision loop. */
-      if (!next_marker(cinfo))
-        return FALSE;
-      marker = cinfo->unread_marker;
-      break;
-    case 3:
-      /* Return without advancing past this marker. */
-      /* Entropy decoder will be forced to process an empty segment. */
-      return TRUE;
-    }
-  } /* end loop */
-}
-
-
-/*
- * Reset marker processing state to begin a fresh datastream.
- */
-
-METHODDEF(void)
-reset_marker_reader(j_decompress_ptr cinfo)
-{
-  my_marker_ptr marker = (my_marker_ptr)cinfo->marker;
-
-  cinfo->comp_info = NULL;              /* until allocated by get_sof */
-  cinfo->input_scan_number = 0;         /* no SOS seen yet */
-  cinfo->unread_marker = 0;             /* no pending marker */
-  marker->pub.saw_SOI = FALSE;          /* set internal state too */
-  marker->pub.saw_SOF = FALSE;
-  marker->pub.discarded_bytes = 0;
-  marker->cur_marker = NULL;
-}
-
-
-/*
- * Initialize the marker reader module.
- * This is called only once, when the decompression object is created.
- */
-
-GLOBAL(void)
-jinit_marker_reader(j_decompress_ptr cinfo)
-{
-  my_marker_ptr marker;
-  int i;
-
-  /* Create subobject in permanent pool */
-  marker = (my_marker_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_PERMANENT,
-                                sizeof(my_marker_reader));
-  cinfo->marker = (struct jpeg_marker_reader *)marker;
-  /* Initialize public method pointers */
-  marker->pub.reset_marker_reader = reset_marker_reader;
-  marker->pub.read_markers = read_markers;
-  marker->pub.read_restart_marker = read_restart_marker;
-  /* Initialize COM/APPn processing.
-   * By default, we examine and then discard APP0 and APP14,
-   * but simply discard COM and all other APPn.
-   */
-  marker->process_COM = skip_variable;
-  marker->length_limit_COM = 0;
-  for (i = 0; i < 16; i++) {
-    marker->process_APPn[i] = skip_variable;
-    marker->length_limit_APPn[i] = 0;
-  }
-  marker->process_APPn[0] = get_interesting_appn;
-  marker->process_APPn[14] = get_interesting_appn;
-  /* Reset marker processing state */
-  reset_marker_reader(cinfo);
-}
-
-
-/*
- * Control saving of COM and APPn markers into marker_list.
- */
-
-#ifdef SAVE_MARKERS_SUPPORTED
-
-GLOBAL(void)
-jpeg_save_markers(j_decompress_ptr cinfo, int marker_code,
-                  unsigned int length_limit)
-{
-  my_marker_ptr marker = (my_marker_ptr)cinfo->marker;
-  long maxlength;
-  jpeg_marker_parser_method processor;
-
-  /* Length limit mustn't be larger than what we can allocate
-   * (should only be a concern in a 16-bit environment).
-   */
-  maxlength = cinfo->mem->max_alloc_chunk - sizeof(struct jpeg_marker_struct);
-  if (((long)length_limit) > maxlength)
-    length_limit = (unsigned int)maxlength;
-
-  /* Choose processor routine to use.
-   * APP0/APP14 have special requirements.
-   */
-  if (length_limit) {
-    processor = save_marker;
-    /* If saving APP0/APP14, save at least enough for our internal use. */
-    if (marker_code == (int)M_APP0 && length_limit < APP0_DATA_LEN)
-      length_limit = APP0_DATA_LEN;
-    else if (marker_code == (int)M_APP14 && length_limit < APP14_DATA_LEN)
-      length_limit = APP14_DATA_LEN;
-  } else {
-    processor = skip_variable;
-    /* If discarding APP0/APP14, use our regular on-the-fly processor. */
-    if (marker_code == (int)M_APP0 || marker_code == (int)M_APP14)
-      processor = get_interesting_appn;
-  }
-
-  if (marker_code == (int)M_COM) {
-    marker->process_COM = processor;
-    marker->length_limit_COM = length_limit;
-  } else if (marker_code >= (int)M_APP0 && marker_code <= (int)M_APP15) {
-    marker->process_APPn[marker_code - (int)M_APP0] = processor;
-    marker->length_limit_APPn[marker_code - (int)M_APP0] = length_limit;
-  } else
-    ERREXIT1(cinfo, JERR_UNKNOWN_MARKER, marker_code);
-}
-
-#endif /* SAVE_MARKERS_SUPPORTED */
-
-
-/*
- * Install a special processing method for COM or APPn markers.
- */
-
-GLOBAL(void)
-jpeg_set_marker_processor(j_decompress_ptr cinfo, int marker_code,
-                          jpeg_marker_parser_method routine)
-{
-  my_marker_ptr marker = (my_marker_ptr)cinfo->marker;
-
-  if (marker_code == (int)M_COM)
-    marker->process_COM = routine;
-  else if (marker_code >= (int)M_APP0 && marker_code <= (int)M_APP15)
-    marker->process_APPn[marker_code - (int)M_APP0] = routine;
-  else
-    ERREXIT1(cinfo, JERR_UNKNOWN_MARKER, marker_code);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdmaster.c b/3rdparty/libjpeg-turbo_2_1_0/jdmaster.c
deleted file mode 100644
index cbc8774..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdmaster.c
+++ /dev/null
@@ -1,726 +0,0 @@
-/*
- * jdmaster.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1997, Thomas G. Lane.
- * Modified 2002-2009 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2009-2011, 2016, 2019, D. R. Commander.
- * Copyright (C) 2013, Linaro Limited.
- * Copyright (C) 2015, Google, Inc.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains master control logic for the JPEG decompressor.
- * These routines are concerned with selecting the modules to be executed
- * and with determining the number of passes and the work to be done in each
- * pass.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jpegcomp.h"
-#include "jdmaster.h"
-
-
-/*
- * Determine whether merged upsample/color conversion should be used.
- * CRUCIAL: this must match the actual capabilities of jdmerge.c!
- */
-
-LOCAL(boolean)
-use_merged_upsample(j_decompress_ptr cinfo)
-{
-#ifdef UPSAMPLE_MERGING_SUPPORTED
-  /* Merging is the equivalent of plain box-filter upsampling */
-  if (cinfo->do_fancy_upsampling || cinfo->CCIR601_sampling)
-    return FALSE;
-  /* jdmerge.c only supports YCC=>RGB and YCC=>RGB565 color conversion */
-  if (cinfo->jpeg_color_space != JCS_YCbCr || cinfo->num_components != 3 ||
-      (cinfo->out_color_space != JCS_RGB &&
-       cinfo->out_color_space != JCS_RGB565 &&
-       cinfo->out_color_space != JCS_EXT_RGB &&
-       cinfo->out_color_space != JCS_EXT_RGBX &&
-       cinfo->out_color_space != JCS_EXT_BGR &&
-       cinfo->out_color_space != JCS_EXT_BGRX &&
-       cinfo->out_color_space != JCS_EXT_XBGR &&
-       cinfo->out_color_space != JCS_EXT_XRGB &&
-       cinfo->out_color_space != JCS_EXT_RGBA &&
-       cinfo->out_color_space != JCS_EXT_BGRA &&
-       cinfo->out_color_space != JCS_EXT_ABGR &&
-       cinfo->out_color_space != JCS_EXT_ARGB))
-    return FALSE;
-  if ((cinfo->out_color_space == JCS_RGB565 &&
-       cinfo->out_color_components != 3) ||
-      (cinfo->out_color_space != JCS_RGB565 &&
-       cinfo->out_color_components != rgb_pixelsize[cinfo->out_color_space]))
-    return FALSE;
-  /* and it only handles 2h1v or 2h2v sampling ratios */
-  if (cinfo->comp_info[0].h_samp_factor != 2 ||
-      cinfo->comp_info[1].h_samp_factor != 1 ||
-      cinfo->comp_info[2].h_samp_factor != 1 ||
-      cinfo->comp_info[0].v_samp_factor >  2 ||
-      cinfo->comp_info[1].v_samp_factor != 1 ||
-      cinfo->comp_info[2].v_samp_factor != 1)
-    return FALSE;
-  /* furthermore, it doesn't work if we've scaled the IDCTs differently */
-  if (cinfo->comp_info[0]._DCT_scaled_size != cinfo->_min_DCT_scaled_size ||
-      cinfo->comp_info[1]._DCT_scaled_size != cinfo->_min_DCT_scaled_size ||
-      cinfo->comp_info[2]._DCT_scaled_size != cinfo->_min_DCT_scaled_size)
-    return FALSE;
-  /* ??? also need to test for upsample-time rescaling, when & if supported */
-  return TRUE;                  /* by golly, it'll work... */
-#else
-  return FALSE;
-#endif
-}
-
-
-/*
- * Compute output image dimensions and related values.
- * NOTE: this is exported for possible use by application.
- * Hence it mustn't do anything that can't be done twice.
- */
-
-#if JPEG_LIB_VERSION >= 80
-GLOBAL(void)
-#else
-LOCAL(void)
-#endif
-jpeg_core_output_dimensions(j_decompress_ptr cinfo)
-/* Do computations that are needed before master selection phase.
- * This function is used for transcoding and full decompression.
- */
-{
-#ifdef IDCT_SCALING_SUPPORTED
-  int ci;
-  jpeg_component_info *compptr;
-
-  /* Compute actual output image dimensions and DCT scaling choices. */
-  if (cinfo->scale_num * DCTSIZE <= cinfo->scale_denom) {
-    /* Provide 1/block_size scaling */
-    cinfo->output_width = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_width, (long)DCTSIZE);
-    cinfo->output_height = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_height, (long)DCTSIZE);
-    cinfo->_min_DCT_h_scaled_size = 1;
-    cinfo->_min_DCT_v_scaled_size = 1;
-  } else if (cinfo->scale_num * DCTSIZE <= cinfo->scale_denom * 2) {
-    /* Provide 2/block_size scaling */
-    cinfo->output_width = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_width * 2L, (long)DCTSIZE);
-    cinfo->output_height = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_height * 2L, (long)DCTSIZE);
-    cinfo->_min_DCT_h_scaled_size = 2;
-    cinfo->_min_DCT_v_scaled_size = 2;
-  } else if (cinfo->scale_num * DCTSIZE <= cinfo->scale_denom * 3) {
-    /* Provide 3/block_size scaling */
-    cinfo->output_width = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_width * 3L, (long)DCTSIZE);
-    cinfo->output_height = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_height * 3L, (long)DCTSIZE);
-    cinfo->_min_DCT_h_scaled_size = 3;
-    cinfo->_min_DCT_v_scaled_size = 3;
-  } else if (cinfo->scale_num * DCTSIZE <= cinfo->scale_denom * 4) {
-    /* Provide 4/block_size scaling */
-    cinfo->output_width = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_width * 4L, (long)DCTSIZE);
-    cinfo->output_height = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_height * 4L, (long)DCTSIZE);
-    cinfo->_min_DCT_h_scaled_size = 4;
-    cinfo->_min_DCT_v_scaled_size = 4;
-  } else if (cinfo->scale_num * DCTSIZE <= cinfo->scale_denom * 5) {
-    /* Provide 5/block_size scaling */
-    cinfo->output_width = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_width * 5L, (long)DCTSIZE);
-    cinfo->output_height = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_height * 5L, (long)DCTSIZE);
-    cinfo->_min_DCT_h_scaled_size = 5;
-    cinfo->_min_DCT_v_scaled_size = 5;
-  } else if (cinfo->scale_num * DCTSIZE <= cinfo->scale_denom * 6) {
-    /* Provide 6/block_size scaling */
-    cinfo->output_width = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_width * 6L, (long)DCTSIZE);
-    cinfo->output_height = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_height * 6L, (long)DCTSIZE);
-    cinfo->_min_DCT_h_scaled_size = 6;
-    cinfo->_min_DCT_v_scaled_size = 6;
-  } else if (cinfo->scale_num * DCTSIZE <= cinfo->scale_denom * 7) {
-    /* Provide 7/block_size scaling */
-    cinfo->output_width = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_width * 7L, (long)DCTSIZE);
-    cinfo->output_height = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_height * 7L, (long)DCTSIZE);
-    cinfo->_min_DCT_h_scaled_size = 7;
-    cinfo->_min_DCT_v_scaled_size = 7;
-  } else if (cinfo->scale_num * DCTSIZE <= cinfo->scale_denom * 8) {
-    /* Provide 8/block_size scaling */
-    cinfo->output_width = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_width * 8L, (long)DCTSIZE);
-    cinfo->output_height = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_height * 8L, (long)DCTSIZE);
-    cinfo->_min_DCT_h_scaled_size = 8;
-    cinfo->_min_DCT_v_scaled_size = 8;
-  } else if (cinfo->scale_num * DCTSIZE <= cinfo->scale_denom * 9) {
-    /* Provide 9/block_size scaling */
-    cinfo->output_width = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_width * 9L, (long)DCTSIZE);
-    cinfo->output_height = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_height * 9L, (long)DCTSIZE);
-    cinfo->_min_DCT_h_scaled_size = 9;
-    cinfo->_min_DCT_v_scaled_size = 9;
-  } else if (cinfo->scale_num * DCTSIZE <= cinfo->scale_denom * 10) {
-    /* Provide 10/block_size scaling */
-    cinfo->output_width = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_width * 10L, (long)DCTSIZE);
-    cinfo->output_height = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_height * 10L, (long)DCTSIZE);
-    cinfo->_min_DCT_h_scaled_size = 10;
-    cinfo->_min_DCT_v_scaled_size = 10;
-  } else if (cinfo->scale_num * DCTSIZE <= cinfo->scale_denom * 11) {
-    /* Provide 11/block_size scaling */
-    cinfo->output_width = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_width * 11L, (long)DCTSIZE);
-    cinfo->output_height = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_height * 11L, (long)DCTSIZE);
-    cinfo->_min_DCT_h_scaled_size = 11;
-    cinfo->_min_DCT_v_scaled_size = 11;
-  } else if (cinfo->scale_num * DCTSIZE <= cinfo->scale_denom * 12) {
-    /* Provide 12/block_size scaling */
-    cinfo->output_width = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_width * 12L, (long)DCTSIZE);
-    cinfo->output_height = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_height * 12L, (long)DCTSIZE);
-    cinfo->_min_DCT_h_scaled_size = 12;
-    cinfo->_min_DCT_v_scaled_size = 12;
-  } else if (cinfo->scale_num * DCTSIZE <= cinfo->scale_denom * 13) {
-    /* Provide 13/block_size scaling */
-    cinfo->output_width = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_width * 13L, (long)DCTSIZE);
-    cinfo->output_height = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_height * 13L, (long)DCTSIZE);
-    cinfo->_min_DCT_h_scaled_size = 13;
-    cinfo->_min_DCT_v_scaled_size = 13;
-  } else if (cinfo->scale_num * DCTSIZE <= cinfo->scale_denom * 14) {
-    /* Provide 14/block_size scaling */
-    cinfo->output_width = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_width * 14L, (long)DCTSIZE);
-    cinfo->output_height = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_height * 14L, (long)DCTSIZE);
-    cinfo->_min_DCT_h_scaled_size = 14;
-    cinfo->_min_DCT_v_scaled_size = 14;
-  } else if (cinfo->scale_num * DCTSIZE <= cinfo->scale_denom * 15) {
-    /* Provide 15/block_size scaling */
-    cinfo->output_width = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_width * 15L, (long)DCTSIZE);
-    cinfo->output_height = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_height * 15L, (long)DCTSIZE);
-    cinfo->_min_DCT_h_scaled_size = 15;
-    cinfo->_min_DCT_v_scaled_size = 15;
-  } else {
-    /* Provide 16/block_size scaling */
-    cinfo->output_width = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_width * 16L, (long)DCTSIZE);
-    cinfo->output_height = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_height * 16L, (long)DCTSIZE);
-    cinfo->_min_DCT_h_scaled_size = 16;
-    cinfo->_min_DCT_v_scaled_size = 16;
-  }
-
-  /* Recompute dimensions of components */
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    compptr->_DCT_h_scaled_size = cinfo->_min_DCT_h_scaled_size;
-    compptr->_DCT_v_scaled_size = cinfo->_min_DCT_v_scaled_size;
-  }
-
-#else /* !IDCT_SCALING_SUPPORTED */
-
-  /* Hardwire it to "no scaling" */
-  cinfo->output_width = cinfo->image_width;
-  cinfo->output_height = cinfo->image_height;
-  /* jdinput.c has already initialized DCT_scaled_size,
-   * and has computed unscaled downsampled_width and downsampled_height.
-   */
-
-#endif /* IDCT_SCALING_SUPPORTED */
-}
-
-
-/*
- * Compute output image dimensions and related values.
- * NOTE: this is exported for possible use by application.
- * Hence it mustn't do anything that can't be done twice.
- * Also note that it may be called before the master module is initialized!
- */
-
-GLOBAL(void)
-jpeg_calc_output_dimensions(j_decompress_ptr cinfo)
-/* Do computations that are needed before master selection phase */
-{
-#ifdef IDCT_SCALING_SUPPORTED
-  int ci;
-  jpeg_component_info *compptr;
-#endif
-
-  /* Prevent application from calling me at wrong times */
-  if (cinfo->global_state != DSTATE_READY)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-
-  /* Compute core output image dimensions and DCT scaling choices. */
-  jpeg_core_output_dimensions(cinfo);
-
-#ifdef IDCT_SCALING_SUPPORTED
-
-  /* In selecting the actual DCT scaling for each component, we try to
-   * scale up the chroma components via IDCT scaling rather than upsampling.
-   * This saves time if the upsampler gets to use 1:1 scaling.
-   * Note this code adapts subsampling ratios which are powers of 2.
-   */
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    int ssize = cinfo->_min_DCT_scaled_size;
-    while (ssize < DCTSIZE &&
-           ((cinfo->max_h_samp_factor * cinfo->_min_DCT_scaled_size) %
-            (compptr->h_samp_factor * ssize * 2) == 0) &&
-           ((cinfo->max_v_samp_factor * cinfo->_min_DCT_scaled_size) %
-            (compptr->v_samp_factor * ssize * 2) == 0)) {
-      ssize = ssize * 2;
-    }
-#if JPEG_LIB_VERSION >= 70
-    compptr->DCT_h_scaled_size = compptr->DCT_v_scaled_size = ssize;
-#else
-    compptr->DCT_scaled_size = ssize;
-#endif
-  }
-
-  /* Recompute downsampled dimensions of components;
-   * application needs to know these if using raw downsampled data.
-   */
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    /* Size in samples, after IDCT scaling */
-    compptr->downsampled_width = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_width *
-                    (long)(compptr->h_samp_factor * compptr->_DCT_scaled_size),
-                    (long)(cinfo->max_h_samp_factor * DCTSIZE));
-    compptr->downsampled_height = (JDIMENSION)
-      jdiv_round_up((long)cinfo->image_height *
-                    (long)(compptr->v_samp_factor * compptr->_DCT_scaled_size),
-                    (long)(cinfo->max_v_samp_factor * DCTSIZE));
-  }
-
-#else /* !IDCT_SCALING_SUPPORTED */
-
-  /* Hardwire it to "no scaling" */
-  cinfo->output_width = cinfo->image_width;
-  cinfo->output_height = cinfo->image_height;
-  /* jdinput.c has already initialized DCT_scaled_size to DCTSIZE,
-   * and has computed unscaled downsampled_width and downsampled_height.
-   */
-
-#endif /* IDCT_SCALING_SUPPORTED */
-
-  /* Report number of components in selected colorspace. */
-  /* Probably this should be in the color conversion module... */
-  switch (cinfo->out_color_space) {
-  case JCS_GRAYSCALE:
-    cinfo->out_color_components = 1;
-    break;
-  case JCS_RGB:
-  case JCS_EXT_RGB:
-  case JCS_EXT_RGBX:
-  case JCS_EXT_BGR:
-  case JCS_EXT_BGRX:
-  case JCS_EXT_XBGR:
-  case JCS_EXT_XRGB:
-  case JCS_EXT_RGBA:
-  case JCS_EXT_BGRA:
-  case JCS_EXT_ABGR:
-  case JCS_EXT_ARGB:
-    cinfo->out_color_components = rgb_pixelsize[cinfo->out_color_space];
-    break;
-  case JCS_YCbCr:
-  case JCS_RGB565:
-    cinfo->out_color_components = 3;
-    break;
-  case JCS_CMYK:
-  case JCS_YCCK:
-    cinfo->out_color_components = 4;
-    break;
-  default:                      /* else must be same colorspace as in file */
-    cinfo->out_color_components = cinfo->num_components;
-    break;
-  }
-  cinfo->output_components = (cinfo->quantize_colors ? 1 :
-                              cinfo->out_color_components);
-
-  /* See if upsampler will want to emit more than one row at a time */
-  if (use_merged_upsample(cinfo))
-    cinfo->rec_outbuf_height = cinfo->max_v_samp_factor;
-  else
-    cinfo->rec_outbuf_height = 1;
-}
-
-
-/*
- * Several decompression processes need to range-limit values to the range
- * 0..MAXJSAMPLE; the input value may fall somewhat outside this range
- * due to noise introduced by quantization, roundoff error, etc.  These
- * processes are inner loops and need to be as fast as possible.  On most
- * machines, particularly CPUs with pipelines or instruction prefetch,
- * a (subscript-check-less) C table lookup
- *              x = sample_range_limit[x];
- * is faster than explicit tests
- *              if (x < 0)  x = 0;
- *              else if (x > MAXJSAMPLE)  x = MAXJSAMPLE;
- * These processes all use a common table prepared by the routine below.
- *
- * For most steps we can mathematically guarantee that the initial value
- * of x is within MAXJSAMPLE+1 of the legal range, so a table running from
- * -(MAXJSAMPLE+1) to 2*MAXJSAMPLE+1 is sufficient.  But for the initial
- * limiting step (just after the IDCT), a wildly out-of-range value is
- * possible if the input data is corrupt.  To avoid any chance of indexing
- * off the end of memory and getting a bad-pointer trap, we perform the
- * post-IDCT limiting thus:
- *              x = range_limit[x & MASK];
- * where MASK is 2 bits wider than legal sample data, ie 10 bits for 8-bit
- * samples.  Under normal circumstances this is more than enough range and
- * a correct output will be generated; with bogus input data the mask will
- * cause wraparound, and we will safely generate a bogus-but-in-range output.
- * For the post-IDCT step, we want to convert the data from signed to unsigned
- * representation by adding CENTERJSAMPLE at the same time that we limit it.
- * So the post-IDCT limiting table ends up looking like this:
- *   CENTERJSAMPLE,CENTERJSAMPLE+1,...,MAXJSAMPLE,
- *   MAXJSAMPLE (repeat 2*(MAXJSAMPLE+1)-CENTERJSAMPLE times),
- *   0          (repeat 2*(MAXJSAMPLE+1)-CENTERJSAMPLE times),
- *   0,1,...,CENTERJSAMPLE-1
- * Negative inputs select values from the upper half of the table after
- * masking.
- *
- * We can save some space by overlapping the start of the post-IDCT table
- * with the simpler range limiting table.  The post-IDCT table begins at
- * sample_range_limit + CENTERJSAMPLE.
- */
-
-LOCAL(void)
-prepare_range_limit_table(j_decompress_ptr cinfo)
-/* Allocate and fill in the sample_range_limit table */
-{
-  JSAMPLE *table;
-  int i;
-
-  table = (JSAMPLE *)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                (5 * (MAXJSAMPLE + 1) + CENTERJSAMPLE) * sizeof(JSAMPLE));
-  table += (MAXJSAMPLE + 1);    /* allow negative subscripts of simple table */
-  cinfo->sample_range_limit = table;
-  /* First segment of "simple" table: limit[x] = 0 for x < 0 */
-  MEMZERO(table - (MAXJSAMPLE + 1), (MAXJSAMPLE + 1) * sizeof(JSAMPLE));
-  /* Main part of "simple" table: limit[x] = x */
-  for (i = 0; i <= MAXJSAMPLE; i++)
-    table[i] = (JSAMPLE)i;
-  table += CENTERJSAMPLE;       /* Point to where post-IDCT table starts */
-  /* End of simple table, rest of first half of post-IDCT table */
-  for (i = CENTERJSAMPLE; i < 2 * (MAXJSAMPLE + 1); i++)
-    table[i] = MAXJSAMPLE;
-  /* Second half of post-IDCT table */
-  MEMZERO(table + (2 * (MAXJSAMPLE + 1)),
-          (2 * (MAXJSAMPLE + 1) - CENTERJSAMPLE) * sizeof(JSAMPLE));
-  MEMCOPY(table + (4 * (MAXJSAMPLE + 1) - CENTERJSAMPLE),
-          cinfo->sample_range_limit, CENTERJSAMPLE * sizeof(JSAMPLE));
-}
-
-
-/*
- * Master selection of decompression modules.
- * This is done once at jpeg_start_decompress time.  We determine
- * which modules will be used and give them appropriate initialization calls.
- * We also initialize the decompressor input side to begin consuming data.
- *
- * Since jpeg_read_header has finished, we know what is in the SOF
- * and (first) SOS markers.  We also have all the application parameter
- * settings.
- */
-
-LOCAL(void)
-master_selection(j_decompress_ptr cinfo)
-{
-  my_master_ptr master = (my_master_ptr)cinfo->master;
-  boolean use_c_buffer;
-  long samplesperrow;
-  JDIMENSION jd_samplesperrow;
-
-  /* Initialize dimensions and other stuff */
-  jpeg_calc_output_dimensions(cinfo);
-  prepare_range_limit_table(cinfo);
-
-  /* Width of an output scanline must be representable as JDIMENSION. */
-  samplesperrow = (long)cinfo->output_width *
-                  (long)cinfo->out_color_components;
-  jd_samplesperrow = (JDIMENSION)samplesperrow;
-  if ((long)jd_samplesperrow != samplesperrow)
-    ERREXIT(cinfo, JERR_WIDTH_OVERFLOW);
-
-  /* Initialize my private state */
-  master->pass_number = 0;
-  master->using_merged_upsample = use_merged_upsample(cinfo);
-
-  /* Color quantizer selection */
-  master->quantizer_1pass = NULL;
-  master->quantizer_2pass = NULL;
-  /* No mode changes if not using buffered-image mode. */
-  if (!cinfo->quantize_colors || !cinfo->buffered_image) {
-    cinfo->enable_1pass_quant = FALSE;
-    cinfo->enable_external_quant = FALSE;
-    cinfo->enable_2pass_quant = FALSE;
-  }
-  if (cinfo->quantize_colors) {
-    if (cinfo->raw_data_out)
-      ERREXIT(cinfo, JERR_NOTIMPL);
-    /* 2-pass quantizer only works in 3-component color space. */
-    if (cinfo->out_color_components != 3) {
-      cinfo->enable_1pass_quant = TRUE;
-      cinfo->enable_external_quant = FALSE;
-      cinfo->enable_2pass_quant = FALSE;
-      cinfo->colormap = NULL;
-    } else if (cinfo->colormap != NULL) {
-      cinfo->enable_external_quant = TRUE;
-    } else if (cinfo->two_pass_quantize) {
-      cinfo->enable_2pass_quant = TRUE;
-    } else {
-      cinfo->enable_1pass_quant = TRUE;
-    }
-
-    if (cinfo->enable_1pass_quant) {
-#ifdef QUANT_1PASS_SUPPORTED
-      jinit_1pass_quantizer(cinfo);
-      master->quantizer_1pass = cinfo->cquantize;
-#else
-      ERREXIT(cinfo, JERR_NOT_COMPILED);
-#endif
-    }
-
-    /* We use the 2-pass code to map to external colormaps. */
-    if (cinfo->enable_2pass_quant || cinfo->enable_external_quant) {
-#ifdef QUANT_2PASS_SUPPORTED
-      jinit_2pass_quantizer(cinfo);
-      master->quantizer_2pass = cinfo->cquantize;
-#else
-      ERREXIT(cinfo, JERR_NOT_COMPILED);
-#endif
-    }
-    /* If both quantizers are initialized, the 2-pass one is left active;
-     * this is necessary for starting with quantization to an external map.
-     */
-  }
-
-  /* Post-processing: in particular, color conversion first */
-  if (!cinfo->raw_data_out) {
-    if (master->using_merged_upsample) {
-#ifdef UPSAMPLE_MERGING_SUPPORTED
-      jinit_merged_upsampler(cinfo); /* does color conversion too */
-#else
-      ERREXIT(cinfo, JERR_NOT_COMPILED);
-#endif
-    } else {
-      jinit_color_deconverter(cinfo);
-      jinit_upsampler(cinfo);
-    }
-    jinit_d_post_controller(cinfo, cinfo->enable_2pass_quant);
-  }
-  /* Inverse DCT */
-  jinit_inverse_dct(cinfo);
-  /* Entropy decoding: either Huffman or arithmetic coding. */
-  if (cinfo->arith_code) {
-#ifdef D_ARITH_CODING_SUPPORTED
-    jinit_arith_decoder(cinfo);
-#else
-    ERREXIT(cinfo, JERR_ARITH_NOTIMPL);
-#endif
-  } else {
-    if (cinfo->progressive_mode) {
-#ifdef D_PROGRESSIVE_SUPPORTED
-      jinit_phuff_decoder(cinfo);
-#else
-      ERREXIT(cinfo, JERR_NOT_COMPILED);
-#endif
-    } else
-      jinit_huff_decoder(cinfo);
-  }
-
-  /* Initialize principal buffer controllers. */
-  use_c_buffer = cinfo->inputctl->has_multiple_scans || cinfo->buffered_image;
-  jinit_d_coef_controller(cinfo, use_c_buffer);
-
-  if (!cinfo->raw_data_out)
-    jinit_d_main_controller(cinfo, FALSE /* never need full buffer here */);
-
-  /* We can now tell the memory manager to allocate virtual arrays. */
-  (*cinfo->mem->realize_virt_arrays) ((j_common_ptr)cinfo);
-
-  /* Initialize input side of decompressor to consume first scan. */
-  (*cinfo->inputctl->start_input_pass) (cinfo);
-
-  /* Set the first and last iMCU columns to decompress from single-scan images.
-   * By default, decompress all of the iMCU columns.
-   */
-  cinfo->master->first_iMCU_col = 0;
-  cinfo->master->last_iMCU_col = cinfo->MCUs_per_row - 1;
-  cinfo->master->last_good_iMCU_row = 0;
-
-#ifdef D_MULTISCAN_FILES_SUPPORTED
-  /* If jpeg_start_decompress will read the whole file, initialize
-   * progress monitoring appropriately.  The input step is counted
-   * as one pass.
-   */
-  if (cinfo->progress != NULL && !cinfo->buffered_image &&
-      cinfo->inputctl->has_multiple_scans) {
-    int nscans;
-    /* Estimate number of scans to set pass_limit. */
-    if (cinfo->progressive_mode) {
-      /* Arbitrarily estimate 2 interleaved DC scans + 3 AC scans/component. */
-      nscans = 2 + 3 * cinfo->num_components;
-    } else {
-      /* For a nonprogressive multiscan file, estimate 1 scan per component. */
-      nscans = cinfo->num_components;
-    }
-    cinfo->progress->pass_counter = 0L;
-    cinfo->progress->pass_limit = (long)cinfo->total_iMCU_rows * nscans;
-    cinfo->progress->completed_passes = 0;
-    cinfo->progress->total_passes = (cinfo->enable_2pass_quant ? 3 : 2);
-    /* Count the input pass as done */
-    master->pass_number++;
-  }
-#endif /* D_MULTISCAN_FILES_SUPPORTED */
-}
-
-
-/*
- * Per-pass setup.
- * This is called at the beginning of each output pass.  We determine which
- * modules will be active during this pass and give them appropriate
- * start_pass calls.  We also set is_dummy_pass to indicate whether this
- * is a "real" output pass or a dummy pass for color quantization.
- * (In the latter case, jdapistd.c will crank the pass to completion.)
- */
-
-METHODDEF(void)
-prepare_for_output_pass(j_decompress_ptr cinfo)
-{
-  my_master_ptr master = (my_master_ptr)cinfo->master;
-
-  if (master->pub.is_dummy_pass) {
-#ifdef QUANT_2PASS_SUPPORTED
-    /* Final pass of 2-pass quantization */
-    master->pub.is_dummy_pass = FALSE;
-    (*cinfo->cquantize->start_pass) (cinfo, FALSE);
-    (*cinfo->post->start_pass) (cinfo, JBUF_CRANK_DEST);
-    (*cinfo->main->start_pass) (cinfo, JBUF_CRANK_DEST);
-#else
-    ERREXIT(cinfo, JERR_NOT_COMPILED);
-#endif /* QUANT_2PASS_SUPPORTED */
-  } else {
-    if (cinfo->quantize_colors && cinfo->colormap == NULL) {
-      /* Select new quantization method */
-      if (cinfo->two_pass_quantize && cinfo->enable_2pass_quant) {
-        cinfo->cquantize = master->quantizer_2pass;
-        master->pub.is_dummy_pass = TRUE;
-      } else if (cinfo->enable_1pass_quant) {
-        cinfo->cquantize = master->quantizer_1pass;
-      } else {
-        ERREXIT(cinfo, JERR_MODE_CHANGE);
-      }
-    }
-    (*cinfo->idct->start_pass) (cinfo);
-    (*cinfo->coef->start_output_pass) (cinfo);
-    if (!cinfo->raw_data_out) {
-      if (!master->using_merged_upsample)
-        (*cinfo->cconvert->start_pass) (cinfo);
-      (*cinfo->upsample->start_pass) (cinfo);
-      if (cinfo->quantize_colors)
-        (*cinfo->cquantize->start_pass) (cinfo, master->pub.is_dummy_pass);
-      (*cinfo->post->start_pass) (cinfo,
-            (master->pub.is_dummy_pass ? JBUF_SAVE_AND_PASS : JBUF_PASS_THRU));
-      (*cinfo->main->start_pass) (cinfo, JBUF_PASS_THRU);
-    }
-  }
-
-  /* Set up progress monitor's pass info if present */
-  if (cinfo->progress != NULL) {
-    cinfo->progress->completed_passes = master->pass_number;
-    cinfo->progress->total_passes = master->pass_number +
-                                    (master->pub.is_dummy_pass ? 2 : 1);
-    /* In buffered-image mode, we assume one more output pass if EOI not
-     * yet reached, but no more passes if EOI has been reached.
-     */
-    if (cinfo->buffered_image && !cinfo->inputctl->eoi_reached) {
-      cinfo->progress->total_passes += (cinfo->enable_2pass_quant ? 2 : 1);
-    }
-  }
-}
-
-
-/*
- * Finish up at end of an output pass.
- */
-
-METHODDEF(void)
-finish_output_pass(j_decompress_ptr cinfo)
-{
-  my_master_ptr master = (my_master_ptr)cinfo->master;
-
-  if (cinfo->quantize_colors)
-    (*cinfo->cquantize->finish_pass) (cinfo);
-  master->pass_number++;
-}
-
-
-#ifdef D_MULTISCAN_FILES_SUPPORTED
-
-/*
- * Switch to a new external colormap between output passes.
- */
-
-GLOBAL(void)
-jpeg_new_colormap(j_decompress_ptr cinfo)
-{
-  my_master_ptr master = (my_master_ptr)cinfo->master;
-
-  /* Prevent application from calling me at wrong times */
-  if (cinfo->global_state != DSTATE_BUFIMAGE)
-    ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-
-  if (cinfo->quantize_colors && cinfo->enable_external_quant &&
-      cinfo->colormap != NULL) {
-    /* Select 2-pass quantizer for external colormap use */
-    cinfo->cquantize = master->quantizer_2pass;
-    /* Notify quantizer of colormap change */
-    (*cinfo->cquantize->new_color_map) (cinfo);
-    master->pub.is_dummy_pass = FALSE; /* just in case */
-  } else
-    ERREXIT(cinfo, JERR_MODE_CHANGE);
-}
-
-#endif /* D_MULTISCAN_FILES_SUPPORTED */
-
-
-/*
- * Initialize master decompression control and select active modules.
- * This is performed at the start of jpeg_start_decompress.
- */
-
-GLOBAL(void)
-jinit_master_decompress(j_decompress_ptr cinfo)
-{
-  my_master_ptr master = (my_master_ptr)cinfo->master;
-
-  master->pub.prepare_for_output_pass = prepare_for_output_pass;
-  master->pub.finish_output_pass = finish_output_pass;
-
-  master->pub.is_dummy_pass = FALSE;
-  master->pub.jinit_upsampler_no_alloc = FALSE;
-
-  master_selection(cinfo);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdmaster.h b/3rdparty/libjpeg-turbo_2_1_0/jdmaster.h
deleted file mode 100644
index 76897e2..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdmaster.h
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * jdmaster.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1995, Thomas G. Lane.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains the master control structure for the JPEG decompressor.
- */
-
-/* Private state */
-
-typedef struct {
-  struct jpeg_decomp_master pub; /* public fields */
-
-  int pass_number;              /* # of passes completed */
-
-  boolean using_merged_upsample; /* TRUE if using merged upsample/cconvert */
-
-  /* Saved references to initialized quantizer modules,
-   * in case we need to switch modes.
-   */
-  struct jpeg_color_quantizer *quantizer_1pass;
-  struct jpeg_color_quantizer *quantizer_2pass;
-} my_decomp_master;
-
-typedef my_decomp_master *my_master_ptr;
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdmerge.c b/3rdparty/libjpeg-turbo_2_1_0/jdmerge.c
deleted file mode 100644
index 3a456d6..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdmerge.c
+++ /dev/null
@@ -1,588 +0,0 @@
-/*
- * jdmerge.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2009, 2011, 2014-2015, 2020, D. R. Commander.
- * Copyright (C) 2013, Linaro Limited.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains code for merged upsampling/color conversion.
- *
- * This file combines functions from jdsample.c and jdcolor.c;
- * read those files first to understand what's going on.
- *
- * When the chroma components are to be upsampled by simple replication
- * (ie, box filtering), we can save some work in color conversion by
- * calculating all the output pixels corresponding to a pair of chroma
- * samples at one time.  In the conversion equations
- *      R = Y           + K1 * Cr
- *      G = Y + K2 * Cb + K3 * Cr
- *      B = Y + K4 * Cb
- * only the Y term varies among the group of pixels corresponding to a pair
- * of chroma samples, so the rest of the terms can be calculated just once.
- * At typical sampling ratios, this eliminates half or three-quarters of the
- * multiplications needed for color conversion.
- *
- * This file currently provides implementations for the following cases:
- *      YCbCr => RGB color conversion only.
- *      Sampling ratios of 2h1v or 2h2v.
- *      No scaling needed at upsample time.
- *      Corner-aligned (non-CCIR601) sampling alignment.
- * Other special cases could be added, but in most applications these are
- * the only common cases.  (For uncommon cases we fall back on the more
- * general code in jdsample.c and jdcolor.c.)
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jdmerge.h"
-#include "jsimd.h"
-#include "jconfigint.h"
-
-#ifdef UPSAMPLE_MERGING_SUPPORTED
-
-
-#define SCALEBITS       16      /* speediest right-shift on some machines */
-#define ONE_HALF        ((JLONG)1 << (SCALEBITS - 1))
-#define FIX(x)          ((JLONG)((x) * (1L << SCALEBITS) + 0.5))
-
-
-/* Include inline routines for colorspace extensions */
-
-#include "jdmrgext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-
-#define RGB_RED  EXT_RGB_RED
-#define RGB_GREEN  EXT_RGB_GREEN
-#define RGB_BLUE  EXT_RGB_BLUE
-#define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-#define h2v1_merged_upsample_internal  extrgb_h2v1_merged_upsample_internal
-#define h2v2_merged_upsample_internal  extrgb_h2v2_merged_upsample_internal
-#include "jdmrgext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef h2v1_merged_upsample_internal
-#undef h2v2_merged_upsample_internal
-
-#define RGB_RED  EXT_RGBX_RED
-#define RGB_GREEN  EXT_RGBX_GREEN
-#define RGB_BLUE  EXT_RGBX_BLUE
-#define RGB_ALPHA  3
-#define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-#define h2v1_merged_upsample_internal  extrgbx_h2v1_merged_upsample_internal
-#define h2v2_merged_upsample_internal  extrgbx_h2v2_merged_upsample_internal
-#include "jdmrgext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_ALPHA
-#undef RGB_PIXELSIZE
-#undef h2v1_merged_upsample_internal
-#undef h2v2_merged_upsample_internal
-
-#define RGB_RED  EXT_BGR_RED
-#define RGB_GREEN  EXT_BGR_GREEN
-#define RGB_BLUE  EXT_BGR_BLUE
-#define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-#define h2v1_merged_upsample_internal  extbgr_h2v1_merged_upsample_internal
-#define h2v2_merged_upsample_internal  extbgr_h2v2_merged_upsample_internal
-#include "jdmrgext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef h2v1_merged_upsample_internal
-#undef h2v2_merged_upsample_internal
-
-#define RGB_RED  EXT_BGRX_RED
-#define RGB_GREEN  EXT_BGRX_GREEN
-#define RGB_BLUE  EXT_BGRX_BLUE
-#define RGB_ALPHA  3
-#define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-#define h2v1_merged_upsample_internal  extbgrx_h2v1_merged_upsample_internal
-#define h2v2_merged_upsample_internal  extbgrx_h2v2_merged_upsample_internal
-#include "jdmrgext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_ALPHA
-#undef RGB_PIXELSIZE
-#undef h2v1_merged_upsample_internal
-#undef h2v2_merged_upsample_internal
-
-#define RGB_RED  EXT_XBGR_RED
-#define RGB_GREEN  EXT_XBGR_GREEN
-#define RGB_BLUE  EXT_XBGR_BLUE
-#define RGB_ALPHA  0
-#define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-#define h2v1_merged_upsample_internal  extxbgr_h2v1_merged_upsample_internal
-#define h2v2_merged_upsample_internal  extxbgr_h2v2_merged_upsample_internal
-#include "jdmrgext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_ALPHA
-#undef RGB_PIXELSIZE
-#undef h2v1_merged_upsample_internal
-#undef h2v2_merged_upsample_internal
-
-#define RGB_RED  EXT_XRGB_RED
-#define RGB_GREEN  EXT_XRGB_GREEN
-#define RGB_BLUE  EXT_XRGB_BLUE
-#define RGB_ALPHA  0
-#define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-#define h2v1_merged_upsample_internal  extxrgb_h2v1_merged_upsample_internal
-#define h2v2_merged_upsample_internal  extxrgb_h2v2_merged_upsample_internal
-#include "jdmrgext.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_ALPHA
-#undef RGB_PIXELSIZE
-#undef h2v1_merged_upsample_internal
-#undef h2v2_merged_upsample_internal
-
-
-/*
- * Initialize tables for YCC->RGB colorspace conversion.
- * This is taken directly from jdcolor.c; see that file for more info.
- */
-
-LOCAL(void)
-build_ycc_rgb_table(j_decompress_ptr cinfo)
-{
-  my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
-  int i;
-  JLONG x;
-  SHIFT_TEMPS
-
-  upsample->Cr_r_tab = (int *)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                (MAXJSAMPLE + 1) * sizeof(int));
-  upsample->Cb_b_tab = (int *)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                (MAXJSAMPLE + 1) * sizeof(int));
-  upsample->Cr_g_tab = (JLONG *)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                (MAXJSAMPLE + 1) * sizeof(JLONG));
-  upsample->Cb_g_tab = (JLONG *)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                (MAXJSAMPLE + 1) * sizeof(JLONG));
-
-  for (i = 0, x = -CENTERJSAMPLE; i <= MAXJSAMPLE; i++, x++) {
-    /* i is the actual input pixel value, in the range 0..MAXJSAMPLE */
-    /* The Cb or Cr value we are thinking of is x = i - CENTERJSAMPLE */
-    /* Cr=>R value is nearest int to 1.40200 * x */
-    upsample->Cr_r_tab[i] = (int)
-                    RIGHT_SHIFT(FIX(1.40200) * x + ONE_HALF, SCALEBITS);
-    /* Cb=>B value is nearest int to 1.77200 * x */
-    upsample->Cb_b_tab[i] = (int)
-                    RIGHT_SHIFT(FIX(1.77200) * x + ONE_HALF, SCALEBITS);
-    /* Cr=>G value is scaled-up -0.71414 * x */
-    upsample->Cr_g_tab[i] = (-FIX(0.71414)) * x;
-    /* Cb=>G value is scaled-up -0.34414 * x */
-    /* We also add in ONE_HALF so that need not do it in inner loop */
-    upsample->Cb_g_tab[i] = (-FIX(0.34414)) * x + ONE_HALF;
-  }
-}
-
-
-/*
- * Initialize for an upsampling pass.
- */
-
-METHODDEF(void)
-start_pass_merged_upsample(j_decompress_ptr cinfo)
-{
-  my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
-
-  /* Mark the spare buffer empty */
-  upsample->spare_full = FALSE;
-  /* Initialize total-height counter for detecting bottom of image */
-  upsample->rows_to_go = cinfo->output_height;
-}
-
-
-/*
- * Control routine to do upsampling (and color conversion).
- *
- * The control routine just handles the row buffering considerations.
- */
-
-METHODDEF(void)
-merged_2v_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                   JDIMENSION *in_row_group_ctr,
-                   JDIMENSION in_row_groups_avail, JSAMPARRAY output_buf,
-                   JDIMENSION *out_row_ctr, JDIMENSION out_rows_avail)
-/* 2:1 vertical sampling case: may need a spare row. */
-{
-  my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
-  JSAMPROW work_ptrs[2];
-  JDIMENSION num_rows;          /* number of rows returned to caller */
-
-  if (upsample->spare_full) {
-    /* If we have a spare row saved from a previous cycle, just return it. */
-    JDIMENSION size = upsample->out_row_width;
-    if (cinfo->out_color_space == JCS_RGB565)
-      size = cinfo->output_width * 2;
-    jcopy_sample_rows(&upsample->spare_row, 0, output_buf + *out_row_ctr, 0, 1,
-                      size);
-    num_rows = 1;
-    upsample->spare_full = FALSE;
-  } else {
-    /* Figure number of rows to return to caller. */
-    num_rows = 2;
-    /* Not more than the distance to the end of the image. */
-    if (num_rows > upsample->rows_to_go)
-      num_rows = upsample->rows_to_go;
-    /* And not more than what the client can accept: */
-    out_rows_avail -= *out_row_ctr;
-    if (num_rows > out_rows_avail)
-      num_rows = out_rows_avail;
-    /* Create output pointer array for upsampler. */
-    work_ptrs[0] = output_buf[*out_row_ctr];
-    if (num_rows > 1) {
-      work_ptrs[1] = output_buf[*out_row_ctr + 1];
-    } else {
-      work_ptrs[1] = upsample->spare_row;
-      upsample->spare_full = TRUE;
-    }
-    /* Now do the upsampling. */
-    (*upsample->upmethod) (cinfo, input_buf, *in_row_group_ctr, work_ptrs);
-  }
-
-  /* Adjust counts */
-  *out_row_ctr += num_rows;
-  upsample->rows_to_go -= num_rows;
-  /* When the buffer is emptied, declare this input row group consumed */
-  if (!upsample->spare_full)
-    (*in_row_group_ctr)++;
-}
-
-
-METHODDEF(void)
-merged_1v_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                   JDIMENSION *in_row_group_ctr,
-                   JDIMENSION in_row_groups_avail, JSAMPARRAY output_buf,
-                   JDIMENSION *out_row_ctr, JDIMENSION out_rows_avail)
-/* 1:1 vertical sampling case: much easier, never need a spare row. */
-{
-  my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
-
-  /* Just do the upsampling. */
-  (*upsample->upmethod) (cinfo, input_buf, *in_row_group_ctr,
-                         output_buf + *out_row_ctr);
-  /* Adjust counts */
-  (*out_row_ctr)++;
-  (*in_row_group_ctr)++;
-}
-
-
-/*
- * These are the routines invoked by the control routines to do
- * the actual upsampling/conversion.  One row group is processed per call.
- *
- * Note: since we may be writing directly into application-supplied buffers,
- * we have to be honest about the output width; we can't assume the buffer
- * has been rounded up to an even width.
- */
-
-
-/*
- * Upsample and color convert for the case of 2:1 horizontal and 1:1 vertical.
- */
-
-METHODDEF(void)
-h2v1_merged_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                     JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    extrgb_h2v1_merged_upsample_internal(cinfo, input_buf, in_row_group_ctr,
-                                         output_buf);
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    extrgbx_h2v1_merged_upsample_internal(cinfo, input_buf, in_row_group_ctr,
-                                          output_buf);
-    break;
-  case JCS_EXT_BGR:
-    extbgr_h2v1_merged_upsample_internal(cinfo, input_buf, in_row_group_ctr,
-                                         output_buf);
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    extbgrx_h2v1_merged_upsample_internal(cinfo, input_buf, in_row_group_ctr,
-                                          output_buf);
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    extxbgr_h2v1_merged_upsample_internal(cinfo, input_buf, in_row_group_ctr,
-                                          output_buf);
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    extxrgb_h2v1_merged_upsample_internal(cinfo, input_buf, in_row_group_ctr,
-                                          output_buf);
-    break;
-  default:
-    h2v1_merged_upsample_internal(cinfo, input_buf, in_row_group_ctr,
-                                  output_buf);
-    break;
-  }
-}
-
-
-/*
- * Upsample and color convert for the case of 2:1 horizontal and 2:1 vertical.
- */
-
-METHODDEF(void)
-h2v2_merged_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                     JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    extrgb_h2v2_merged_upsample_internal(cinfo, input_buf, in_row_group_ctr,
-                                         output_buf);
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    extrgbx_h2v2_merged_upsample_internal(cinfo, input_buf, in_row_group_ctr,
-                                          output_buf);
-    break;
-  case JCS_EXT_BGR:
-    extbgr_h2v2_merged_upsample_internal(cinfo, input_buf, in_row_group_ctr,
-                                         output_buf);
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    extbgrx_h2v2_merged_upsample_internal(cinfo, input_buf, in_row_group_ctr,
-                                          output_buf);
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    extxbgr_h2v2_merged_upsample_internal(cinfo, input_buf, in_row_group_ctr,
-                                          output_buf);
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    extxrgb_h2v2_merged_upsample_internal(cinfo, input_buf, in_row_group_ctr,
-                                          output_buf);
-    break;
-  default:
-    h2v2_merged_upsample_internal(cinfo, input_buf, in_row_group_ctr,
-                                  output_buf);
-    break;
-  }
-}
-
-
-/*
- * RGB565 conversion
- */
-
-#define PACK_SHORT_565_LE(r, g, b) \
-  ((((r) << 8) & 0xF800) | (((g) << 3) & 0x7E0) | ((b) >> 3))
-#define PACK_SHORT_565_BE(r, g, b) \
-  (((r) & 0xF8) | ((g) >> 5) | (((g) << 11) & 0xE000) | (((b) << 5) & 0x1F00))
-
-#define PACK_TWO_PIXELS_LE(l, r)    ((r << 16) | l)
-#define PACK_TWO_PIXELS_BE(l, r)    ((l << 16) | r)
-
-#define WRITE_TWO_PIXELS_LE(addr, pixels) { \
-  ((INT16 *)(addr))[0] = (INT16)(pixels); \
-  ((INT16 *)(addr))[1] = (INT16)((pixels) >> 16); \
-}
-#define WRITE_TWO_PIXELS_BE(addr, pixels) { \
-  ((INT16 *)(addr))[1] = (INT16)(pixels); \
-  ((INT16 *)(addr))[0] = (INT16)((pixels) >> 16); \
-}
-
-#define DITHER_565_R(r, dither)  ((r) + ((dither) & 0xFF))
-#define DITHER_565_G(g, dither)  ((g) + (((dither) & 0xFF) >> 1))
-#define DITHER_565_B(b, dither)  ((b) + ((dither) & 0xFF))
-
-
-/* Declarations for ordered dithering
- *
- * We use a 4x4 ordered dither array packed into 32 bits.  This array is
- * sufficient for dithering RGB888 to RGB565.
- */
-
-#define DITHER_MASK       0x3
-#define DITHER_ROTATE(x)  ((((x) & 0xFF) << 24) | (((x) >> 8) & 0x00FFFFFF))
-static const JLONG dither_matrix[4] = {
-  0x0008020A,
-  0x0C040E06,
-  0x030B0109,
-  0x0F070D05
-};
-
-
-/* Include inline routines for RGB565 conversion */
-
-#define PACK_SHORT_565  PACK_SHORT_565_LE
-#define PACK_TWO_PIXELS  PACK_TWO_PIXELS_LE
-#define WRITE_TWO_PIXELS  WRITE_TWO_PIXELS_LE
-#define h2v1_merged_upsample_565_internal  h2v1_merged_upsample_565_le
-#define h2v1_merged_upsample_565D_internal  h2v1_merged_upsample_565D_le
-#define h2v2_merged_upsample_565_internal  h2v2_merged_upsample_565_le
-#define h2v2_merged_upsample_565D_internal  h2v2_merged_upsample_565D_le
-#include "jdmrg565.c"
-#undef PACK_SHORT_565
-#undef PACK_TWO_PIXELS
-#undef WRITE_TWO_PIXELS
-#undef h2v1_merged_upsample_565_internal
-#undef h2v1_merged_upsample_565D_internal
-#undef h2v2_merged_upsample_565_internal
-#undef h2v2_merged_upsample_565D_internal
-
-#define PACK_SHORT_565  PACK_SHORT_565_BE
-#define PACK_TWO_PIXELS  PACK_TWO_PIXELS_BE
-#define WRITE_TWO_PIXELS  WRITE_TWO_PIXELS_BE
-#define h2v1_merged_upsample_565_internal  h2v1_merged_upsample_565_be
-#define h2v1_merged_upsample_565D_internal  h2v1_merged_upsample_565D_be
-#define h2v2_merged_upsample_565_internal  h2v2_merged_upsample_565_be
-#define h2v2_merged_upsample_565D_internal  h2v2_merged_upsample_565D_be
-#include "jdmrg565.c"
-#undef PACK_SHORT_565
-#undef PACK_TWO_PIXELS
-#undef WRITE_TWO_PIXELS
-#undef h2v1_merged_upsample_565_internal
-#undef h2v1_merged_upsample_565D_internal
-#undef h2v2_merged_upsample_565_internal
-#undef h2v2_merged_upsample_565D_internal
-
-
-static INLINE boolean is_big_endian(void)
-{
-  int test_value = 1;
-  if (*(char *)&test_value != 1)
-    return TRUE;
-  return FALSE;
-}
-
-
-METHODDEF(void)
-h2v1_merged_upsample_565(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                         JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-  if (is_big_endian())
-    h2v1_merged_upsample_565_be(cinfo, input_buf, in_row_group_ctr,
-                                output_buf);
-  else
-    h2v1_merged_upsample_565_le(cinfo, input_buf, in_row_group_ctr,
-                                output_buf);
-}
-
-
-METHODDEF(void)
-h2v1_merged_upsample_565D(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                          JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-  if (is_big_endian())
-    h2v1_merged_upsample_565D_be(cinfo, input_buf, in_row_group_ctr,
-                                 output_buf);
-  else
-    h2v1_merged_upsample_565D_le(cinfo, input_buf, in_row_group_ctr,
-                                 output_buf);
-}
-
-
-METHODDEF(void)
-h2v2_merged_upsample_565(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                         JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-  if (is_big_endian())
-    h2v2_merged_upsample_565_be(cinfo, input_buf, in_row_group_ctr,
-                                output_buf);
-  else
-    h2v2_merged_upsample_565_le(cinfo, input_buf, in_row_group_ctr,
-                                output_buf);
-}
-
-
-METHODDEF(void)
-h2v2_merged_upsample_565D(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                          JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-  if (is_big_endian())
-    h2v2_merged_upsample_565D_be(cinfo, input_buf, in_row_group_ctr,
-                                 output_buf);
-  else
-    h2v2_merged_upsample_565D_le(cinfo, input_buf, in_row_group_ctr,
-                                 output_buf);
-}
-
-
-/*
- * Module initialization routine for merged upsampling/color conversion.
- *
- * NB: this is called under the conditions determined by use_merged_upsample()
- * in jdmaster.c.  That routine MUST correspond to the actual capabilities
- * of this module; no safety checks are made here.
- */
-
-GLOBAL(void)
-jinit_merged_upsampler(j_decompress_ptr cinfo)
-{
-  my_merged_upsample_ptr upsample;
-
-  upsample = (my_merged_upsample_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(my_merged_upsampler));
-  cinfo->upsample = (struct jpeg_upsampler *)upsample;
-  upsample->pub.start_pass = start_pass_merged_upsample;
-  upsample->pub.need_context_rows = FALSE;
-
-  upsample->out_row_width = cinfo->output_width * cinfo->out_color_components;
-
-  if (cinfo->max_v_samp_factor == 2) {
-    upsample->pub.upsample = merged_2v_upsample;
-    if (jsimd_can_h2v2_merged_upsample())
-      upsample->upmethod = jsimd_h2v2_merged_upsample;
-    else
-      upsample->upmethod = h2v2_merged_upsample;
-    if (cinfo->out_color_space == JCS_RGB565) {
-      if (cinfo->dither_mode != JDITHER_NONE) {
-        upsample->upmethod = h2v2_merged_upsample_565D;
-      } else {
-        upsample->upmethod = h2v2_merged_upsample_565;
-      }
-    }
-    /* Allocate a spare row buffer */
-    upsample->spare_row = (JSAMPROW)
-      (*cinfo->mem->alloc_large) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                (size_t)(upsample->out_row_width * sizeof(JSAMPLE)));
-  } else {
-    upsample->pub.upsample = merged_1v_upsample;
-    if (jsimd_can_h2v1_merged_upsample())
-      upsample->upmethod = jsimd_h2v1_merged_upsample;
-    else
-      upsample->upmethod = h2v1_merged_upsample;
-    if (cinfo->out_color_space == JCS_RGB565) {
-      if (cinfo->dither_mode != JDITHER_NONE) {
-        upsample->upmethod = h2v1_merged_upsample_565D;
-      } else {
-        upsample->upmethod = h2v1_merged_upsample_565;
-      }
-    }
-    /* No spare row needed */
-    upsample->spare_row = NULL;
-  }
-
-  build_ycc_rgb_table(cinfo);
-}
-
-#endif /* UPSAMPLE_MERGING_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdmerge.h b/3rdparty/libjpeg-turbo_2_1_0/jdmerge.h
deleted file mode 100644
index b583396..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdmerge.h
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * jdmerge.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2020, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- */
-
-#define JPEG_INTERNALS
-#include "jpeglib.h"
-
-#ifdef UPSAMPLE_MERGING_SUPPORTED
-
-
-/* Private subobject */
-
-typedef struct {
-  struct jpeg_upsampler pub;    /* public fields */
-
-  /* Pointer to routine to do actual upsampling/conversion of one row group */
-  void (*upmethod) (j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                    JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf);
-
-  /* Private state for YCC->RGB conversion */
-  int *Cr_r_tab;                /* => table for Cr to R conversion */
-  int *Cb_b_tab;                /* => table for Cb to B conversion */
-  JLONG *Cr_g_tab;              /* => table for Cr to G conversion */
-  JLONG *Cb_g_tab;              /* => table for Cb to G conversion */
-
-  /* For 2:1 vertical sampling, we produce two output rows at a time.
-   * We need a "spare" row buffer to hold the second output row if the
-   * application provides just a one-row buffer; we also use the spare
-   * to discard the dummy last row if the image height is odd.
-   */
-  JSAMPROW spare_row;
-  boolean spare_full;           /* T if spare buffer is occupied */
-
-  JDIMENSION out_row_width;     /* samples per output row */
-  JDIMENSION rows_to_go;        /* counts rows remaining in image */
-} my_merged_upsampler;
-
-typedef my_merged_upsampler *my_merged_upsample_ptr;
-
-#endif /* UPSAMPLE_MERGING_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdmrg565.c b/3rdparty/libjpeg-turbo_2_1_0/jdmrg565.c
deleted file mode 100644
index 980a4e2..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdmrg565.c
+++ /dev/null
@@ -1,354 +0,0 @@
-/*
- * jdmrg565.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2013, Linaro Limited.
- * Copyright (C) 2014-2015, 2018, 2020, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains code for merged upsampling/color conversion.
- */
-
-
-INLINE
-LOCAL(void)
-h2v1_merged_upsample_565_internal(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                                  JDIMENSION in_row_group_ctr,
-                                  JSAMPARRAY output_buf)
-{
-  my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
-  register int y, cred, cgreen, cblue;
-  int cb, cr;
-  register JSAMPROW outptr;
-  JSAMPROW inptr0, inptr1, inptr2;
-  JDIMENSION col;
-  /* copy these pointers into registers if possible */
-  register JSAMPLE *range_limit = cinfo->sample_range_limit;
-  int *Crrtab = upsample->Cr_r_tab;
-  int *Cbbtab = upsample->Cb_b_tab;
-  JLONG *Crgtab = upsample->Cr_g_tab;
-  JLONG *Cbgtab = upsample->Cb_g_tab;
-  unsigned int r, g, b;
-  JLONG rgb;
-  SHIFT_TEMPS
-
-  inptr0 = input_buf[0][in_row_group_ctr];
-  inptr1 = input_buf[1][in_row_group_ctr];
-  inptr2 = input_buf[2][in_row_group_ctr];
-  outptr = output_buf[0];
-
-  /* Loop for each pair of output pixels */
-  for (col = cinfo->output_width >> 1; col > 0; col--) {
-    /* Do the chroma part of the calculation */
-    cb = *inptr1++;
-    cr = *inptr2++;
-    cred = Crrtab[cr];
-    cgreen = (int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr], SCALEBITS);
-    cblue = Cbbtab[cb];
-
-    /* Fetch 2 Y values and emit 2 pixels */
-    y  = *inptr0++;
-    r = range_limit[y + cred];
-    g = range_limit[y + cgreen];
-    b = range_limit[y + cblue];
-    rgb = PACK_SHORT_565(r, g, b);
-
-    y  = *inptr0++;
-    r = range_limit[y + cred];
-    g = range_limit[y + cgreen];
-    b = range_limit[y + cblue];
-    rgb = PACK_TWO_PIXELS(rgb, PACK_SHORT_565(r, g, b));
-
-    WRITE_TWO_PIXELS(outptr, rgb);
-    outptr += 4;
-  }
-
-  /* If image width is odd, do the last output column separately */
-  if (cinfo->output_width & 1) {
-    cb = *inptr1;
-    cr = *inptr2;
-    cred = Crrtab[cr];
-    cgreen = (int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr], SCALEBITS);
-    cblue = Cbbtab[cb];
-    y  = *inptr0;
-    r = range_limit[y + cred];
-    g = range_limit[y + cgreen];
-    b = range_limit[y + cblue];
-    rgb = PACK_SHORT_565(r, g, b);
-    *(INT16 *)outptr = (INT16)rgb;
-  }
-}
-
-
-INLINE
-LOCAL(void)
-h2v1_merged_upsample_565D_internal(j_decompress_ptr cinfo,
-                                   JSAMPIMAGE input_buf,
-                                   JDIMENSION in_row_group_ctr,
-                                   JSAMPARRAY output_buf)
-{
-  my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
-  register int y, cred, cgreen, cblue;
-  int cb, cr;
-  register JSAMPROW outptr;
-  JSAMPROW inptr0, inptr1, inptr2;
-  JDIMENSION col;
-  /* copy these pointers into registers if possible */
-  register JSAMPLE *range_limit = cinfo->sample_range_limit;
-  int *Crrtab = upsample->Cr_r_tab;
-  int *Cbbtab = upsample->Cb_b_tab;
-  JLONG *Crgtab = upsample->Cr_g_tab;
-  JLONG *Cbgtab = upsample->Cb_g_tab;
-  JLONG d0 = dither_matrix[cinfo->output_scanline & DITHER_MASK];
-  unsigned int r, g, b;
-  JLONG rgb;
-  SHIFT_TEMPS
-
-  inptr0 = input_buf[0][in_row_group_ctr];
-  inptr1 = input_buf[1][in_row_group_ctr];
-  inptr2 = input_buf[2][in_row_group_ctr];
-  outptr = output_buf[0];
-
-  /* Loop for each pair of output pixels */
-  for (col = cinfo->output_width >> 1; col > 0; col--) {
-    /* Do the chroma part of the calculation */
-    cb = *inptr1++;
-    cr = *inptr2++;
-    cred = Crrtab[cr];
-    cgreen = (int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr], SCALEBITS);
-    cblue = Cbbtab[cb];
-
-    /* Fetch 2 Y values and emit 2 pixels */
-    y  = *inptr0++;
-    r = range_limit[DITHER_565_R(y + cred, d0)];
-    g = range_limit[DITHER_565_G(y + cgreen, d0)];
-    b = range_limit[DITHER_565_B(y + cblue, d0)];
-    d0 = DITHER_ROTATE(d0);
-    rgb = PACK_SHORT_565(r, g, b);
-
-    y  = *inptr0++;
-    r = range_limit[DITHER_565_R(y + cred, d0)];
-    g = range_limit[DITHER_565_G(y + cgreen, d0)];
-    b = range_limit[DITHER_565_B(y + cblue, d0)];
-    d0 = DITHER_ROTATE(d0);
-    rgb = PACK_TWO_PIXELS(rgb, PACK_SHORT_565(r, g, b));
-
-    WRITE_TWO_PIXELS(outptr, rgb);
-    outptr += 4;
-  }
-
-  /* If image width is odd, do the last output column separately */
-  if (cinfo->output_width & 1) {
-    cb = *inptr1;
-    cr = *inptr2;
-    cred = Crrtab[cr];
-    cgreen = (int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr], SCALEBITS);
-    cblue = Cbbtab[cb];
-    y  = *inptr0;
-    r = range_limit[DITHER_565_R(y + cred, d0)];
-    g = range_limit[DITHER_565_G(y + cgreen, d0)];
-    b = range_limit[DITHER_565_B(y + cblue, d0)];
-    rgb = PACK_SHORT_565(r, g, b);
-    *(INT16 *)outptr = (INT16)rgb;
-  }
-}
-
-
-INLINE
-LOCAL(void)
-h2v2_merged_upsample_565_internal(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                                  JDIMENSION in_row_group_ctr,
-                                  JSAMPARRAY output_buf)
-{
-  my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
-  register int y, cred, cgreen, cblue;
-  int cb, cr;
-  register JSAMPROW outptr0, outptr1;
-  JSAMPROW inptr00, inptr01, inptr1, inptr2;
-  JDIMENSION col;
-  /* copy these pointers into registers if possible */
-  register JSAMPLE *range_limit = cinfo->sample_range_limit;
-  int *Crrtab = upsample->Cr_r_tab;
-  int *Cbbtab = upsample->Cb_b_tab;
-  JLONG *Crgtab = upsample->Cr_g_tab;
-  JLONG *Cbgtab = upsample->Cb_g_tab;
-  unsigned int r, g, b;
-  JLONG rgb;
-  SHIFT_TEMPS
-
-  inptr00 = input_buf[0][in_row_group_ctr * 2];
-  inptr01 = input_buf[0][in_row_group_ctr * 2 + 1];
-  inptr1 = input_buf[1][in_row_group_ctr];
-  inptr2 = input_buf[2][in_row_group_ctr];
-  outptr0 = output_buf[0];
-  outptr1 = output_buf[1];
-
-  /* Loop for each group of output pixels */
-  for (col = cinfo->output_width >> 1; col > 0; col--) {
-    /* Do the chroma part of the calculation */
-    cb = *inptr1++;
-    cr = *inptr2++;
-    cred = Crrtab[cr];
-    cgreen = (int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr], SCALEBITS);
-    cblue = Cbbtab[cb];
-
-    /* Fetch 4 Y values and emit 4 pixels */
-    y  = *inptr00++;
-    r = range_limit[y + cred];
-    g = range_limit[y + cgreen];
-    b = range_limit[y + cblue];
-    rgb = PACK_SHORT_565(r, g, b);
-
-    y  = *inptr00++;
-    r = range_limit[y + cred];
-    g = range_limit[y + cgreen];
-    b = range_limit[y + cblue];
-    rgb = PACK_TWO_PIXELS(rgb, PACK_SHORT_565(r, g, b));
-
-    WRITE_TWO_PIXELS(outptr0, rgb);
-    outptr0 += 4;
-
-    y  = *inptr01++;
-    r = range_limit[y + cred];
-    g = range_limit[y + cgreen];
-    b = range_limit[y + cblue];
-    rgb = PACK_SHORT_565(r, g, b);
-
-    y  = *inptr01++;
-    r = range_limit[y + cred];
-    g = range_limit[y + cgreen];
-    b = range_limit[y + cblue];
-    rgb = PACK_TWO_PIXELS(rgb, PACK_SHORT_565(r, g, b));
-
-    WRITE_TWO_PIXELS(outptr1, rgb);
-    outptr1 += 4;
-  }
-
-  /* If image width is odd, do the last output column separately */
-  if (cinfo->output_width & 1) {
-    cb = *inptr1;
-    cr = *inptr2;
-    cred = Crrtab[cr];
-    cgreen = (int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr], SCALEBITS);
-    cblue = Cbbtab[cb];
-
-    y  = *inptr00;
-    r = range_limit[y + cred];
-    g = range_limit[y + cgreen];
-    b = range_limit[y + cblue];
-    rgb = PACK_SHORT_565(r, g, b);
-    *(INT16 *)outptr0 = (INT16)rgb;
-
-    y  = *inptr01;
-    r = range_limit[y + cred];
-    g = range_limit[y + cgreen];
-    b = range_limit[y + cblue];
-    rgb = PACK_SHORT_565(r, g, b);
-    *(INT16 *)outptr1 = (INT16)rgb;
-  }
-}
-
-
-INLINE
-LOCAL(void)
-h2v2_merged_upsample_565D_internal(j_decompress_ptr cinfo,
-                                   JSAMPIMAGE input_buf,
-                                   JDIMENSION in_row_group_ctr,
-                                   JSAMPARRAY output_buf)
-{
-  my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
-  register int y, cred, cgreen, cblue;
-  int cb, cr;
-  register JSAMPROW outptr0, outptr1;
-  JSAMPROW inptr00, inptr01, inptr1, inptr2;
-  JDIMENSION col;
-  /* copy these pointers into registers if possible */
-  register JSAMPLE *range_limit = cinfo->sample_range_limit;
-  int *Crrtab = upsample->Cr_r_tab;
-  int *Cbbtab = upsample->Cb_b_tab;
-  JLONG *Crgtab = upsample->Cr_g_tab;
-  JLONG *Cbgtab = upsample->Cb_g_tab;
-  JLONG d0 = dither_matrix[cinfo->output_scanline & DITHER_MASK];
-  JLONG d1 = dither_matrix[(cinfo->output_scanline + 1) & DITHER_MASK];
-  unsigned int r, g, b;
-  JLONG rgb;
-  SHIFT_TEMPS
-
-  inptr00 = input_buf[0][in_row_group_ctr * 2];
-  inptr01 = input_buf[0][in_row_group_ctr * 2 + 1];
-  inptr1 = input_buf[1][in_row_group_ctr];
-  inptr2 = input_buf[2][in_row_group_ctr];
-  outptr0 = output_buf[0];
-  outptr1 = output_buf[1];
-
-  /* Loop for each group of output pixels */
-  for (col = cinfo->output_width >> 1; col > 0; col--) {
-    /* Do the chroma part of the calculation */
-    cb = *inptr1++;
-    cr = *inptr2++;
-    cred = Crrtab[cr];
-    cgreen = (int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr], SCALEBITS);
-    cblue = Cbbtab[cb];
-
-    /* Fetch 4 Y values and emit 4 pixels */
-    y  = *inptr00++;
-    r = range_limit[DITHER_565_R(y + cred, d0)];
-    g = range_limit[DITHER_565_G(y + cgreen, d0)];
-    b = range_limit[DITHER_565_B(y + cblue, d0)];
-    d0 = DITHER_ROTATE(d0);
-    rgb = PACK_SHORT_565(r, g, b);
-
-    y  = *inptr00++;
-    r = range_limit[DITHER_565_R(y + cred, d0)];
-    g = range_limit[DITHER_565_G(y + cgreen, d0)];
-    b = range_limit[DITHER_565_B(y + cblue, d0)];
-    d0 = DITHER_ROTATE(d0);
-    rgb = PACK_TWO_PIXELS(rgb, PACK_SHORT_565(r, g, b));
-
-    WRITE_TWO_PIXELS(outptr0, rgb);
-    outptr0 += 4;
-
-    y  = *inptr01++;
-    r = range_limit[DITHER_565_R(y + cred, d1)];
-    g = range_limit[DITHER_565_G(y + cgreen, d1)];
-    b = range_limit[DITHER_565_B(y + cblue, d1)];
-    d1 = DITHER_ROTATE(d1);
-    rgb = PACK_SHORT_565(r, g, b);
-
-    y  = *inptr01++;
-    r = range_limit[DITHER_565_R(y + cred, d1)];
-    g = range_limit[DITHER_565_G(y + cgreen, d1)];
-    b = range_limit[DITHER_565_B(y + cblue, d1)];
-    d1 = DITHER_ROTATE(d1);
-    rgb = PACK_TWO_PIXELS(rgb, PACK_SHORT_565(r, g, b));
-
-    WRITE_TWO_PIXELS(outptr1, rgb);
-    outptr1 += 4;
-  }
-
-  /* If image width is odd, do the last output column separately */
-  if (cinfo->output_width & 1) {
-    cb = *inptr1;
-    cr = *inptr2;
-    cred = Crrtab[cr];
-    cgreen = (int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr], SCALEBITS);
-    cblue = Cbbtab[cb];
-
-    y  = *inptr00;
-    r = range_limit[DITHER_565_R(y + cred, d0)];
-    g = range_limit[DITHER_565_G(y + cgreen, d0)];
-    b = range_limit[DITHER_565_B(y + cblue, d0)];
-    rgb = PACK_SHORT_565(r, g, b);
-    *(INT16 *)outptr0 = (INT16)rgb;
-
-    y  = *inptr01;
-    r = range_limit[DITHER_565_R(y + cred, d1)];
-    g = range_limit[DITHER_565_G(y + cgreen, d1)];
-    b = range_limit[DITHER_565_B(y + cblue, d1)];
-    rgb = PACK_SHORT_565(r, g, b);
-    *(INT16 *)outptr1 = (INT16)rgb;
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdmrgext.c b/3rdparty/libjpeg-turbo_2_1_0/jdmrgext.c
deleted file mode 100644
index 9bf4f1a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdmrgext.c
+++ /dev/null
@@ -1,184 +0,0 @@
-/*
- * jdmrgext.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2011, 2015, 2020, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains code for merged upsampling/color conversion.
- */
-
-
-/* This file is included by jdmerge.c */
-
-
-/*
- * Upsample and color convert for the case of 2:1 horizontal and 1:1 vertical.
- */
-
-INLINE
-LOCAL(void)
-h2v1_merged_upsample_internal(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                              JDIMENSION in_row_group_ctr,
-                              JSAMPARRAY output_buf)
-{
-  my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
-  register int y, cred, cgreen, cblue;
-  int cb, cr;
-  register JSAMPROW outptr;
-  JSAMPROW inptr0, inptr1, inptr2;
-  JDIMENSION col;
-  /* copy these pointers into registers if possible */
-  register JSAMPLE *range_limit = cinfo->sample_range_limit;
-  int *Crrtab = upsample->Cr_r_tab;
-  int *Cbbtab = upsample->Cb_b_tab;
-  JLONG *Crgtab = upsample->Cr_g_tab;
-  JLONG *Cbgtab = upsample->Cb_g_tab;
-  SHIFT_TEMPS
-
-  inptr0 = input_buf[0][in_row_group_ctr];
-  inptr1 = input_buf[1][in_row_group_ctr];
-  inptr2 = input_buf[2][in_row_group_ctr];
-  outptr = output_buf[0];
-  /* Loop for each pair of output pixels */
-  for (col = cinfo->output_width >> 1; col > 0; col--) {
-    /* Do the chroma part of the calculation */
-    cb = *inptr1++;
-    cr = *inptr2++;
-    cred = Crrtab[cr];
-    cgreen = (int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr], SCALEBITS);
-    cblue = Cbbtab[cb];
-    /* Fetch 2 Y values and emit 2 pixels */
-    y  = *inptr0++;
-    outptr[RGB_RED] =   range_limit[y + cred];
-    outptr[RGB_GREEN] = range_limit[y + cgreen];
-    outptr[RGB_BLUE] =  range_limit[y + cblue];
-#ifdef RGB_ALPHA
-    outptr[RGB_ALPHA] = 0xFF;
-#endif
-    outptr += RGB_PIXELSIZE;
-    y  = *inptr0++;
-    outptr[RGB_RED] =   range_limit[y + cred];
-    outptr[RGB_GREEN] = range_limit[y + cgreen];
-    outptr[RGB_BLUE] =  range_limit[y + cblue];
-#ifdef RGB_ALPHA
-    outptr[RGB_ALPHA] = 0xFF;
-#endif
-    outptr += RGB_PIXELSIZE;
-  }
-  /* If image width is odd, do the last output column separately */
-  if (cinfo->output_width & 1) {
-    cb = *inptr1;
-    cr = *inptr2;
-    cred = Crrtab[cr];
-    cgreen = (int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr], SCALEBITS);
-    cblue = Cbbtab[cb];
-    y  = *inptr0;
-    outptr[RGB_RED] =   range_limit[y + cred];
-    outptr[RGB_GREEN] = range_limit[y + cgreen];
-    outptr[RGB_BLUE] =  range_limit[y + cblue];
-#ifdef RGB_ALPHA
-    outptr[RGB_ALPHA] = 0xFF;
-#endif
-  }
-}
-
-
-/*
- * Upsample and color convert for the case of 2:1 horizontal and 2:1 vertical.
- */
-
-INLINE
-LOCAL(void)
-h2v2_merged_upsample_internal(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                              JDIMENSION in_row_group_ctr,
-                              JSAMPARRAY output_buf)
-{
-  my_merged_upsample_ptr upsample = (my_merged_upsample_ptr)cinfo->upsample;
-  register int y, cred, cgreen, cblue;
-  int cb, cr;
-  register JSAMPROW outptr0, outptr1;
-  JSAMPROW inptr00, inptr01, inptr1, inptr2;
-  JDIMENSION col;
-  /* copy these pointers into registers if possible */
-  register JSAMPLE *range_limit = cinfo->sample_range_limit;
-  int *Crrtab = upsample->Cr_r_tab;
-  int *Cbbtab = upsample->Cb_b_tab;
-  JLONG *Crgtab = upsample->Cr_g_tab;
-  JLONG *Cbgtab = upsample->Cb_g_tab;
-  SHIFT_TEMPS
-
-  inptr00 = input_buf[0][in_row_group_ctr * 2];
-  inptr01 = input_buf[0][in_row_group_ctr * 2 + 1];
-  inptr1 = input_buf[1][in_row_group_ctr];
-  inptr2 = input_buf[2][in_row_group_ctr];
-  outptr0 = output_buf[0];
-  outptr1 = output_buf[1];
-  /* Loop for each group of output pixels */
-  for (col = cinfo->output_width >> 1; col > 0; col--) {
-    /* Do the chroma part of the calculation */
-    cb = *inptr1++;
-    cr = *inptr2++;
-    cred = Crrtab[cr];
-    cgreen = (int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr], SCALEBITS);
-    cblue = Cbbtab[cb];
-    /* Fetch 4 Y values and emit 4 pixels */
-    y  = *inptr00++;
-    outptr0[RGB_RED] =   range_limit[y + cred];
-    outptr0[RGB_GREEN] = range_limit[y + cgreen];
-    outptr0[RGB_BLUE] =  range_limit[y + cblue];
-#ifdef RGB_ALPHA
-    outptr0[RGB_ALPHA] = 0xFF;
-#endif
-    outptr0 += RGB_PIXELSIZE;
-    y  = *inptr00++;
-    outptr0[RGB_RED] =   range_limit[y + cred];
-    outptr0[RGB_GREEN] = range_limit[y + cgreen];
-    outptr0[RGB_BLUE] =  range_limit[y + cblue];
-#ifdef RGB_ALPHA
-    outptr0[RGB_ALPHA] = 0xFF;
-#endif
-    outptr0 += RGB_PIXELSIZE;
-    y  = *inptr01++;
-    outptr1[RGB_RED] =   range_limit[y + cred];
-    outptr1[RGB_GREEN] = range_limit[y + cgreen];
-    outptr1[RGB_BLUE] =  range_limit[y + cblue];
-#ifdef RGB_ALPHA
-    outptr1[RGB_ALPHA] = 0xFF;
-#endif
-    outptr1 += RGB_PIXELSIZE;
-    y  = *inptr01++;
-    outptr1[RGB_RED] =   range_limit[y + cred];
-    outptr1[RGB_GREEN] = range_limit[y + cgreen];
-    outptr1[RGB_BLUE] =  range_limit[y + cblue];
-#ifdef RGB_ALPHA
-    outptr1[RGB_ALPHA] = 0xFF;
-#endif
-    outptr1 += RGB_PIXELSIZE;
-  }
-  /* If image width is odd, do the last output column separately */
-  if (cinfo->output_width & 1) {
-    cb = *inptr1;
-    cr = *inptr2;
-    cred = Crrtab[cr];
-    cgreen = (int)RIGHT_SHIFT(Cbgtab[cb] + Crgtab[cr], SCALEBITS);
-    cblue = Cbbtab[cb];
-    y  = *inptr00;
-    outptr0[RGB_RED] =   range_limit[y + cred];
-    outptr0[RGB_GREEN] = range_limit[y + cgreen];
-    outptr0[RGB_BLUE] =  range_limit[y + cblue];
-#ifdef RGB_ALPHA
-    outptr0[RGB_ALPHA] = 0xFF;
-#endif
-    y  = *inptr01;
-    outptr1[RGB_RED] =   range_limit[y + cred];
-    outptr1[RGB_GREEN] = range_limit[y + cgreen];
-    outptr1[RGB_BLUE] =  range_limit[y + cblue];
-#ifdef RGB_ALPHA
-    outptr1[RGB_ALPHA] = 0xFF;
-#endif
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdphuff.c b/3rdparty/libjpeg-turbo_2_1_0/jdphuff.c
deleted file mode 100644
index c6d82ca..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdphuff.c
+++ /dev/null
@@ -1,679 +0,0 @@
-/*
- * jdphuff.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1995-1997, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2015-2016, 2018-2021, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains Huffman entropy decoding routines for progressive JPEG.
- *
- * Much of the complexity here has to do with supporting input suspension.
- * If the data source module demands suspension, we want to be able to back
- * up to the start of the current MCU.  To do this, we copy state variables
- * into local working storage, and update them back to the permanent
- * storage only upon successful completion of an MCU.
- *
- * NOTE: All referenced figures are from
- * Recommendation ITU-T T.81 (1992) | ISO/IEC 10918-1:1994.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jdhuff.h"             /* Declarations shared with jdhuff.c */
-#include <limits.h>
-
-
-#ifdef D_PROGRESSIVE_SUPPORTED
-
-/*
- * Expanded entropy decoder object for progressive Huffman decoding.
- *
- * The savable_state subrecord contains fields that change within an MCU,
- * but must not be updated permanently until we complete the MCU.
- */
-
-typedef struct {
-  unsigned int EOBRUN;                  /* remaining EOBs in EOBRUN */
-  int last_dc_val[MAX_COMPS_IN_SCAN];   /* last DC coef for each component */
-} savable_state;
-
-typedef struct {
-  struct jpeg_entropy_decoder pub; /* public fields */
-
-  /* These fields are loaded into local variables at start of each MCU.
-   * In case of suspension, we exit WITHOUT updating them.
-   */
-  bitread_perm_state bitstate;  /* Bit buffer at start of MCU */
-  savable_state saved;          /* Other state at start of MCU */
-
-  /* These fields are NOT loaded into local working state. */
-  unsigned int restarts_to_go;  /* MCUs left in this restart interval */
-
-  /* Pointers to derived tables (these workspaces have image lifespan) */
-  d_derived_tbl *derived_tbls[NUM_HUFF_TBLS];
-
-  d_derived_tbl *ac_derived_tbl; /* active table during an AC scan */
-} phuff_entropy_decoder;
-
-typedef phuff_entropy_decoder *phuff_entropy_ptr;
-
-/* Forward declarations */
-METHODDEF(boolean) decode_mcu_DC_first(j_decompress_ptr cinfo,
-                                       JBLOCKROW *MCU_data);
-METHODDEF(boolean) decode_mcu_AC_first(j_decompress_ptr cinfo,
-                                       JBLOCKROW *MCU_data);
-METHODDEF(boolean) decode_mcu_DC_refine(j_decompress_ptr cinfo,
-                                        JBLOCKROW *MCU_data);
-METHODDEF(boolean) decode_mcu_AC_refine(j_decompress_ptr cinfo,
-                                        JBLOCKROW *MCU_data);
-
-
-/*
- * Initialize for a Huffman-compressed scan.
- */
-
-METHODDEF(void)
-start_pass_phuff_decoder(j_decompress_ptr cinfo)
-{
-  phuff_entropy_ptr entropy = (phuff_entropy_ptr)cinfo->entropy;
-  boolean is_DC_band, bad;
-  int ci, coefi, tbl;
-  d_derived_tbl **pdtbl;
-  int *coef_bit_ptr, *prev_coef_bit_ptr;
-  jpeg_component_info *compptr;
-
-  is_DC_band = (cinfo->Ss == 0);
-
-  /* Validate scan parameters */
-  bad = FALSE;
-  if (is_DC_band) {
-    if (cinfo->Se != 0)
-      bad = TRUE;
-  } else {
-    /* need not check Ss/Se < 0 since they came from unsigned bytes */
-    if (cinfo->Ss > cinfo->Se || cinfo->Se >= DCTSIZE2)
-      bad = TRUE;
-    /* AC scans may have only one component */
-    if (cinfo->comps_in_scan != 1)
-      bad = TRUE;
-  }
-  if (cinfo->Ah != 0) {
-    /* Successive approximation refinement scan: must have Al = Ah-1. */
-    if (cinfo->Al != cinfo->Ah - 1)
-      bad = TRUE;
-  }
-  if (cinfo->Al > 13)           /* need not check for < 0 */
-    bad = TRUE;
-  /* Arguably the maximum Al value should be less than 13 for 8-bit precision,
-   * but the spec doesn't say so, and we try to be liberal about what we
-   * accept.  Note: large Al values could result in out-of-range DC
-   * coefficients during early scans, leading to bizarre displays due to
-   * overflows in the IDCT math.  But we won't crash.
-   */
-  if (bad)
-    ERREXIT4(cinfo, JERR_BAD_PROGRESSION,
-             cinfo->Ss, cinfo->Se, cinfo->Ah, cinfo->Al);
-  /* Update progression status, and verify that scan order is legal.
-   * Note that inter-scan inconsistencies are treated as warnings
-   * not fatal errors ... not clear if this is right way to behave.
-   */
-  for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-    int cindex = cinfo->cur_comp_info[ci]->component_index;
-    coef_bit_ptr = &cinfo->coef_bits[cindex][0];
-    prev_coef_bit_ptr = &cinfo->coef_bits[cindex + cinfo->num_components][0];
-    if (!is_DC_band && coef_bit_ptr[0] < 0) /* AC without prior DC scan */
-      WARNMS2(cinfo, JWRN_BOGUS_PROGRESSION, cindex, 0);
-    for (coefi = MIN(cinfo->Ss, 1); coefi <= MAX(cinfo->Se, 9); coefi++) {
-      if (cinfo->input_scan_number > 1)
-        prev_coef_bit_ptr[coefi] = coef_bit_ptr[coefi];
-      else
-        prev_coef_bit_ptr[coefi] = 0;
-    }
-    for (coefi = cinfo->Ss; coefi <= cinfo->Se; coefi++) {
-      int expected = (coef_bit_ptr[coefi] < 0) ? 0 : coef_bit_ptr[coefi];
-      if (cinfo->Ah != expected)
-        WARNMS2(cinfo, JWRN_BOGUS_PROGRESSION, cindex, coefi);
-      coef_bit_ptr[coefi] = cinfo->Al;
-    }
-  }
-
-  /* Select MCU decoding routine */
-  if (cinfo->Ah == 0) {
-    if (is_DC_band)
-      entropy->pub.decode_mcu = decode_mcu_DC_first;
-    else
-      entropy->pub.decode_mcu = decode_mcu_AC_first;
-  } else {
-    if (is_DC_band)
-      entropy->pub.decode_mcu = decode_mcu_DC_refine;
-    else
-      entropy->pub.decode_mcu = decode_mcu_AC_refine;
-  }
-
-  for (ci = 0; ci < cinfo->comps_in_scan; ci++) {
-    compptr = cinfo->cur_comp_info[ci];
-    /* Make sure requested tables are present, and compute derived tables.
-     * We may build same derived table more than once, but it's not expensive.
-     */
-    if (is_DC_band) {
-      if (cinfo->Ah == 0) {     /* DC refinement needs no table */
-        tbl = compptr->dc_tbl_no;
-        pdtbl = (d_derived_tbl **)(entropy->derived_tbls) + tbl;
-        jpeg_make_d_derived_tbl(cinfo, TRUE, tbl, pdtbl);
-      }
-    } else {
-      tbl = compptr->ac_tbl_no;
-      pdtbl = (d_derived_tbl **)(entropy->derived_tbls) + tbl;
-      jpeg_make_d_derived_tbl(cinfo, FALSE, tbl, pdtbl);
-      /* remember the single active table */
-      entropy->ac_derived_tbl = entropy->derived_tbls[tbl];
-    }
-    /* Initialize DC predictions to 0 */
-    entropy->saved.last_dc_val[ci] = 0;
-  }
-
-  /* Initialize bitread state variables */
-  entropy->bitstate.bits_left = 0;
-  entropy->bitstate.get_buffer = 0; /* unnecessary, but keeps Purify quiet */
-  entropy->pub.insufficient_data = FALSE;
-
-  /* Initialize private state variables */
-  entropy->saved.EOBRUN = 0;
-
-  /* Initialize restart counter */
-  entropy->restarts_to_go = cinfo->restart_interval;
-}
-
-
-/*
- * Figure F.12: extend sign bit.
- * On some machines, a shift and add will be faster than a table lookup.
- */
-
-#define AVOID_TABLES
-#ifdef AVOID_TABLES
-
-#define NEG_1  ((unsigned)-1)
-#define HUFF_EXTEND(x, s) \
-  ((x) < (1 << ((s) - 1)) ? (x) + (((NEG_1) << (s)) + 1) : (x))
-
-#else
-
-#define HUFF_EXTEND(x, s) \
-  ((x) < extend_test[s] ? (x) + extend_offset[s] : (x))
-
-static const int extend_test[16] = {   /* entry n is 2**(n-1) */
-  0, 0x0001, 0x0002, 0x0004, 0x0008, 0x0010, 0x0020, 0x0040, 0x0080,
-  0x0100, 0x0200, 0x0400, 0x0800, 0x1000, 0x2000, 0x4000
-};
-
-static const int extend_offset[16] = { /* entry n is (-1 << n) + 1 */
-  0, ((-1) << 1) + 1, ((-1) << 2) + 1, ((-1) << 3) + 1, ((-1) << 4) + 1,
-  ((-1) << 5) + 1, ((-1) << 6) + 1, ((-1) << 7) + 1, ((-1) << 8) + 1,
-  ((-1) << 9) + 1, ((-1) << 10) + 1, ((-1) << 11) + 1, ((-1) << 12) + 1,
-  ((-1) << 13) + 1, ((-1) << 14) + 1, ((-1) << 15) + 1
-};
-
-#endif /* AVOID_TABLES */
-
-
-/*
- * Check for a restart marker & resynchronize decoder.
- * Returns FALSE if must suspend.
- */
-
-LOCAL(boolean)
-process_restart(j_decompress_ptr cinfo)
-{
-  phuff_entropy_ptr entropy = (phuff_entropy_ptr)cinfo->entropy;
-  int ci;
-
-  /* Throw away any unused bits remaining in bit buffer; */
-  /* include any full bytes in next_marker's count of discarded bytes */
-  cinfo->marker->discarded_bytes += entropy->bitstate.bits_left / 8;
-  entropy->bitstate.bits_left = 0;
-
-  /* Advance past the RSTn marker */
-  if (!(*cinfo->marker->read_restart_marker) (cinfo))
-    return FALSE;
-
-  /* Re-initialize DC predictions to 0 */
-  for (ci = 0; ci < cinfo->comps_in_scan; ci++)
-    entropy->saved.last_dc_val[ci] = 0;
-  /* Re-init EOB run count, too */
-  entropy->saved.EOBRUN = 0;
-
-  /* Reset restart counter */
-  entropy->restarts_to_go = cinfo->restart_interval;
-
-  /* Reset out-of-data flag, unless read_restart_marker left us smack up
-   * against a marker.  In that case we will end up treating the next data
-   * segment as empty, and we can avoid producing bogus output pixels by
-   * leaving the flag set.
-   */
-  if (cinfo->unread_marker == 0)
-    entropy->pub.insufficient_data = FALSE;
-
-  return TRUE;
-}
-
-
-/*
- * Huffman MCU decoding.
- * Each of these routines decodes and returns one MCU's worth of
- * Huffman-compressed coefficients.
- * The coefficients are reordered from zigzag order into natural array order,
- * but are not dequantized.
- *
- * The i'th block of the MCU is stored into the block pointed to by
- * MCU_data[i].  WE ASSUME THIS AREA IS INITIALLY ZEROED BY THE CALLER.
- *
- * We return FALSE if data source requested suspension.  In that case no
- * changes have been made to permanent state.  (Exception: some output
- * coefficients may already have been assigned.  This is harmless for
- * spectral selection, since we'll just re-assign them on the next call.
- * Successive approximation AC refinement has to be more careful, however.)
- */
-
-/*
- * MCU decoding for DC initial scan (either spectral selection,
- * or first pass of successive approximation).
- */
-
-METHODDEF(boolean)
-decode_mcu_DC_first(j_decompress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  phuff_entropy_ptr entropy = (phuff_entropy_ptr)cinfo->entropy;
-  int Al = cinfo->Al;
-  register int s, r;
-  int blkn, ci;
-  JBLOCKROW block;
-  BITREAD_STATE_VARS;
-  savable_state state;
-  d_derived_tbl *tbl;
-  jpeg_component_info *compptr;
-
-  /* Process restart marker if needed; may have to suspend */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0)
-      if (!process_restart(cinfo))
-        return FALSE;
-  }
-
-  /* If we've run out of data, just leave the MCU set to zeroes.
-   * This way, we return uniform gray for the remainder of the segment.
-   */
-  if (!entropy->pub.insufficient_data) {
-
-    /* Load up working state */
-    BITREAD_LOAD_STATE(cinfo, entropy->bitstate);
-    state = entropy->saved;
-
-    /* Outer loop handles each block in the MCU */
-
-    for (blkn = 0; blkn < cinfo->blocks_in_MCU; blkn++) {
-      block = MCU_data[blkn];
-      ci = cinfo->MCU_membership[blkn];
-      compptr = cinfo->cur_comp_info[ci];
-      tbl = entropy->derived_tbls[compptr->dc_tbl_no];
-
-      /* Decode a single block's worth of coefficients */
-
-      /* Section F.2.2.1: decode the DC coefficient difference */
-      HUFF_DECODE(s, br_state, tbl, return FALSE, label1);
-      if (s) {
-        CHECK_BIT_BUFFER(br_state, s, return FALSE);
-        r = GET_BITS(s);
-        s = HUFF_EXTEND(r, s);
-      }
-
-      /* Convert DC difference to actual value, update last_dc_val */
-      if ((state.last_dc_val[ci] >= 0 &&
-           s > INT_MAX - state.last_dc_val[ci]) ||
-          (state.last_dc_val[ci] < 0 && s < INT_MIN - state.last_dc_val[ci]))
-        ERREXIT(cinfo, JERR_BAD_DCT_COEF);
-      s += state.last_dc_val[ci];
-      state.last_dc_val[ci] = s;
-      /* Scale and output the coefficient (assumes jpeg_natural_order[0]=0) */
-      (*block)[0] = (JCOEF)LEFT_SHIFT(s, Al);
-    }
-
-    /* Completed MCU, so update state */
-    BITREAD_SAVE_STATE(cinfo, entropy->bitstate);
-    entropy->saved = state;
-  }
-
-  /* Account for restart interval (no-op if not using restarts) */
-  if (cinfo->restart_interval)
-    entropy->restarts_to_go--;
-
-  return TRUE;
-}
-
-
-/*
- * MCU decoding for AC initial scan (either spectral selection,
- * or first pass of successive approximation).
- */
-
-METHODDEF(boolean)
-decode_mcu_AC_first(j_decompress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  phuff_entropy_ptr entropy = (phuff_entropy_ptr)cinfo->entropy;
-  int Se = cinfo->Se;
-  int Al = cinfo->Al;
-  register int s, k, r;
-  unsigned int EOBRUN;
-  JBLOCKROW block;
-  BITREAD_STATE_VARS;
-  d_derived_tbl *tbl;
-
-  /* Process restart marker if needed; may have to suspend */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0)
-      if (!process_restart(cinfo))
-        return FALSE;
-  }
-
-  /* If we've run out of data, just leave the MCU set to zeroes.
-   * This way, we return uniform gray for the remainder of the segment.
-   */
-  if (!entropy->pub.insufficient_data) {
-
-    /* Load up working state.
-     * We can avoid loading/saving bitread state if in an EOB run.
-     */
-    EOBRUN = entropy->saved.EOBRUN;     /* only part of saved state we need */
-
-    /* There is always only one block per MCU */
-
-    if (EOBRUN > 0)             /* if it's a band of zeroes... */
-      EOBRUN--;                 /* ...process it now (we do nothing) */
-    else {
-      BITREAD_LOAD_STATE(cinfo, entropy->bitstate);
-      block = MCU_data[0];
-      tbl = entropy->ac_derived_tbl;
-
-      for (k = cinfo->Ss; k <= Se; k++) {
-        HUFF_DECODE(s, br_state, tbl, return FALSE, label2);
-        r = s >> 4;
-        s &= 15;
-        if (s) {
-          k += r;
-          CHECK_BIT_BUFFER(br_state, s, return FALSE);
-          r = GET_BITS(s);
-          s = HUFF_EXTEND(r, s);
-          /* Scale and output coefficient in natural (dezigzagged) order */
-          (*block)[jpeg_natural_order[k]] = (JCOEF)LEFT_SHIFT(s, Al);
-        } else {
-          if (r == 15) {        /* ZRL */
-            k += 15;            /* skip 15 zeroes in band */
-          } else {              /* EOBr, run length is 2^r + appended bits */
-            EOBRUN = 1 << r;
-            if (r) {            /* EOBr, r > 0 */
-              CHECK_BIT_BUFFER(br_state, r, return FALSE);
-              r = GET_BITS(r);
-              EOBRUN += r;
-            }
-            EOBRUN--;           /* this band is processed at this moment */
-            break;              /* force end-of-band */
-          }
-        }
-      }
-
-      BITREAD_SAVE_STATE(cinfo, entropy->bitstate);
-    }
-
-    /* Completed MCU, so update state */
-    entropy->saved.EOBRUN = EOBRUN;     /* only part of saved state we need */
-  }
-
-  /* Account for restart interval (no-op if not using restarts) */
-  if (cinfo->restart_interval)
-    entropy->restarts_to_go--;
-
-  return TRUE;
-}
-
-
-/*
- * MCU decoding for DC successive approximation refinement scan.
- * Note: we assume such scans can be multi-component, although the spec
- * is not very clear on the point.
- */
-
-METHODDEF(boolean)
-decode_mcu_DC_refine(j_decompress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  phuff_entropy_ptr entropy = (phuff_entropy_ptr)cinfo->entropy;
-  int p1 = 1 << cinfo->Al;      /* 1 in the bit position being coded */
-  int blkn;
-  JBLOCKROW block;
-  BITREAD_STATE_VARS;
-
-  /* Process restart marker if needed; may have to suspend */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0)
-      if (!process_restart(cinfo))
-        return FALSE;
-  }
-
-  /* Not worth the cycles to check insufficient_data here,
-   * since we will not change the data anyway if we read zeroes.
-   */
-
-  /* Load up working state */
-  BITREAD_LOAD_STATE(cinfo, entropy->bitstate);
-
-  /* Outer loop handles each block in the MCU */
-
-  for (blkn = 0; blkn < cinfo->blocks_in_MCU; blkn++) {
-    block = MCU_data[blkn];
-
-    /* Encoded data is simply the next bit of the two's-complement DC value */
-    CHECK_BIT_BUFFER(br_state, 1, return FALSE);
-    if (GET_BITS(1))
-      (*block)[0] |= p1;
-    /* Note: since we use |=, repeating the assignment later is safe */
-  }
-
-  /* Completed MCU, so update state */
-  BITREAD_SAVE_STATE(cinfo, entropy->bitstate);
-
-  /* Account for restart interval (no-op if not using restarts) */
-  if (cinfo->restart_interval)
-    entropy->restarts_to_go--;
-
-  return TRUE;
-}
-
-
-/*
- * MCU decoding for AC successive approximation refinement scan.
- */
-
-METHODDEF(boolean)
-decode_mcu_AC_refine(j_decompress_ptr cinfo, JBLOCKROW *MCU_data)
-{
-  phuff_entropy_ptr entropy = (phuff_entropy_ptr)cinfo->entropy;
-  int Se = cinfo->Se;
-  int p1 = 1 << cinfo->Al;        /* 1 in the bit position being coded */
-  int m1 = (NEG_1) << cinfo->Al;  /* -1 in the bit position being coded */
-  register int s, k, r;
-  unsigned int EOBRUN;
-  JBLOCKROW block;
-  JCOEFPTR thiscoef;
-  BITREAD_STATE_VARS;
-  d_derived_tbl *tbl;
-  int num_newnz;
-  int newnz_pos[DCTSIZE2];
-
-  /* Process restart marker if needed; may have to suspend */
-  if (cinfo->restart_interval) {
-    if (entropy->restarts_to_go == 0)
-      if (!process_restart(cinfo))
-        return FALSE;
-  }
-
-  /* If we've run out of data, don't modify the MCU.
-   */
-  if (!entropy->pub.insufficient_data) {
-
-    /* Load up working state */
-    BITREAD_LOAD_STATE(cinfo, entropy->bitstate);
-    EOBRUN = entropy->saved.EOBRUN; /* only part of saved state we need */
-
-    /* There is always only one block per MCU */
-    block = MCU_data[0];
-    tbl = entropy->ac_derived_tbl;
-
-    /* If we are forced to suspend, we must undo the assignments to any newly
-     * nonzero coefficients in the block, because otherwise we'd get confused
-     * next time about which coefficients were already nonzero.
-     * But we need not undo addition of bits to already-nonzero coefficients;
-     * instead, we can test the current bit to see if we already did it.
-     */
-    num_newnz = 0;
-
-    /* initialize coefficient loop counter to start of band */
-    k = cinfo->Ss;
-
-    if (EOBRUN == 0) {
-      for (; k <= Se; k++) {
-        HUFF_DECODE(s, br_state, tbl, goto undoit, label3);
-        r = s >> 4;
-        s &= 15;
-        if (s) {
-          if (s != 1)           /* size of new coef should always be 1 */
-            WARNMS(cinfo, JWRN_HUFF_BAD_CODE);
-          CHECK_BIT_BUFFER(br_state, 1, goto undoit);
-          if (GET_BITS(1))
-            s = p1;             /* newly nonzero coef is positive */
-          else
-            s = m1;             /* newly nonzero coef is negative */
-        } else {
-          if (r != 15) {
-            EOBRUN = 1 << r;    /* EOBr, run length is 2^r + appended bits */
-            if (r) {
-              CHECK_BIT_BUFFER(br_state, r, goto undoit);
-              r = GET_BITS(r);
-              EOBRUN += r;
-            }
-            break;              /* rest of block is handled by EOB logic */
-          }
-          /* note s = 0 for processing ZRL */
-        }
-        /* Advance over already-nonzero coefs and r still-zero coefs,
-         * appending correction bits to the nonzeroes.  A correction bit is 1
-         * if the absolute value of the coefficient must be increased.
-         */
-        do {
-          thiscoef = *block + jpeg_natural_order[k];
-          if (*thiscoef != 0) {
-            CHECK_BIT_BUFFER(br_state, 1, goto undoit);
-            if (GET_BITS(1)) {
-              if ((*thiscoef & p1) == 0) { /* do nothing if already set it */
-                if (*thiscoef >= 0)
-                  *thiscoef += p1;
-                else
-                  *thiscoef += m1;
-              }
-            }
-          } else {
-            if (--r < 0)
-              break;            /* reached target zero coefficient */
-          }
-          k++;
-        } while (k <= Se);
-        if (s) {
-          int pos = jpeg_natural_order[k];
-          /* Output newly nonzero coefficient */
-          (*block)[pos] = (JCOEF)s;
-          /* Remember its position in case we have to suspend */
-          newnz_pos[num_newnz++] = pos;
-        }
-      }
-    }
-
-    if (EOBRUN > 0) {
-      /* Scan any remaining coefficient positions after the end-of-band
-       * (the last newly nonzero coefficient, if any).  Append a correction
-       * bit to each already-nonzero coefficient.  A correction bit is 1
-       * if the absolute value of the coefficient must be increased.
-       */
-      for (; k <= Se; k++) {
-        thiscoef = *block + jpeg_natural_order[k];
-        if (*thiscoef != 0) {
-          CHECK_BIT_BUFFER(br_state, 1, goto undoit);
-          if (GET_BITS(1)) {
-            if ((*thiscoef & p1) == 0) { /* do nothing if already changed it */
-              if (*thiscoef >= 0)
-                *thiscoef += p1;
-              else
-                *thiscoef += m1;
-            }
-          }
-        }
-      }
-      /* Count one block completed in EOB run */
-      EOBRUN--;
-    }
-
-    /* Completed MCU, so update state */
-    BITREAD_SAVE_STATE(cinfo, entropy->bitstate);
-    entropy->saved.EOBRUN = EOBRUN; /* only part of saved state we need */
-  }
-
-  /* Account for restart interval (no-op if not using restarts) */
-  if (cinfo->restart_interval)
-    entropy->restarts_to_go--;
-
-  return TRUE;
-
-undoit:
-  /* Re-zero any output coefficients that we made newly nonzero */
-  while (num_newnz > 0)
-    (*block)[newnz_pos[--num_newnz]] = 0;
-
-  return FALSE;
-}
-
-
-/*
- * Module initialization routine for progressive Huffman entropy decoding.
- */
-
-GLOBAL(void)
-jinit_phuff_decoder(j_decompress_ptr cinfo)
-{
-  phuff_entropy_ptr entropy;
-  int *coef_bit_ptr;
-  int ci, i;
-
-  entropy = (phuff_entropy_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(phuff_entropy_decoder));
-  cinfo->entropy = (struct jpeg_entropy_decoder *)entropy;
-  entropy->pub.start_pass = start_pass_phuff_decoder;
-
-  /* Mark derived tables unallocated */
-  for (i = 0; i < NUM_HUFF_TBLS; i++) {
-    entropy->derived_tbls[i] = NULL;
-  }
-
-  /* Create progression status table */
-  cinfo->coef_bits = (int (*)[DCTSIZE2])
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                cinfo->num_components * 2 * DCTSIZE2 *
-                                sizeof(int));
-  coef_bit_ptr = &cinfo->coef_bits[0][0];
-  for (ci = 0; ci < cinfo->num_components; ci++)
-    for (i = 0; i < DCTSIZE2; i++)
-      *coef_bit_ptr++ = -1;
-}
-
-#endif /* D_PROGRESSIVE_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdpostct.c b/3rdparty/libjpeg-turbo_2_1_0/jdpostct.c
deleted file mode 100644
index 6a2cf5c..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdpostct.c
+++ /dev/null
@@ -1,294 +0,0 @@
-/*
- * jdpostct.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * It was modified by The libjpeg-turbo Project to include only code relevant
- * to libjpeg-turbo.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains the decompression postprocessing controller.
- * This controller manages the upsampling, color conversion, and color
- * quantization/reduction steps; specifically, it controls the buffering
- * between upsample/color conversion and color quantization/reduction.
- *
- * If no color quantization/reduction is required, then this module has no
- * work to do, and it just hands off to the upsample/color conversion code.
- * An integrated upsample/convert/quantize process would replace this module
- * entirely.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-
-
-/* Private buffer controller object */
-
-typedef struct {
-  struct jpeg_d_post_controller pub; /* public fields */
-
-  /* Color quantization source buffer: this holds output data from
-   * the upsample/color conversion step to be passed to the quantizer.
-   * For two-pass color quantization, we need a full-image buffer;
-   * for one-pass operation, a strip buffer is sufficient.
-   */
-  jvirt_sarray_ptr whole_image; /* virtual array, or NULL if one-pass */
-  JSAMPARRAY buffer;            /* strip buffer, or current strip of virtual */
-  JDIMENSION strip_height;      /* buffer size in rows */
-  /* for two-pass mode only: */
-  JDIMENSION starting_row;      /* row # of first row in current strip */
-  JDIMENSION next_row;          /* index of next row to fill/empty in strip */
-} my_post_controller;
-
-typedef my_post_controller *my_post_ptr;
-
-
-/* Forward declarations */
-METHODDEF(void) post_process_1pass(j_decompress_ptr cinfo,
-                                   JSAMPIMAGE input_buf,
-                                   JDIMENSION *in_row_group_ctr,
-                                   JDIMENSION in_row_groups_avail,
-                                   JSAMPARRAY output_buf,
-                                   JDIMENSION *out_row_ctr,
-                                   JDIMENSION out_rows_avail);
-#ifdef QUANT_2PASS_SUPPORTED
-METHODDEF(void) post_process_prepass(j_decompress_ptr cinfo,
-                                     JSAMPIMAGE input_buf,
-                                     JDIMENSION *in_row_group_ctr,
-                                     JDIMENSION in_row_groups_avail,
-                                     JSAMPARRAY output_buf,
-                                     JDIMENSION *out_row_ctr,
-                                     JDIMENSION out_rows_avail);
-METHODDEF(void) post_process_2pass(j_decompress_ptr cinfo,
-                                   JSAMPIMAGE input_buf,
-                                   JDIMENSION *in_row_group_ctr,
-                                   JDIMENSION in_row_groups_avail,
-                                   JSAMPARRAY output_buf,
-                                   JDIMENSION *out_row_ctr,
-                                   JDIMENSION out_rows_avail);
-#endif
-
-
-/*
- * Initialize for a processing pass.
- */
-
-METHODDEF(void)
-start_pass_dpost(j_decompress_ptr cinfo, J_BUF_MODE pass_mode)
-{
-  my_post_ptr post = (my_post_ptr)cinfo->post;
-
-  switch (pass_mode) {
-  case JBUF_PASS_THRU:
-    if (cinfo->quantize_colors) {
-      /* Single-pass processing with color quantization. */
-      post->pub.post_process_data = post_process_1pass;
-      /* We could be doing buffered-image output before starting a 2-pass
-       * color quantization; in that case, jinit_d_post_controller did not
-       * allocate a strip buffer.  Use the virtual-array buffer as workspace.
-       */
-      if (post->buffer == NULL) {
-        post->buffer = (*cinfo->mem->access_virt_sarray)
-          ((j_common_ptr)cinfo, post->whole_image,
-           (JDIMENSION)0, post->strip_height, TRUE);
-      }
-    } else {
-      /* For single-pass processing without color quantization,
-       * I have no work to do; just call the upsampler directly.
-       */
-      post->pub.post_process_data = cinfo->upsample->upsample;
-    }
-    break;
-#ifdef QUANT_2PASS_SUPPORTED
-  case JBUF_SAVE_AND_PASS:
-    /* First pass of 2-pass quantization */
-    if (post->whole_image == NULL)
-      ERREXIT(cinfo, JERR_BAD_BUFFER_MODE);
-    post->pub.post_process_data = post_process_prepass;
-    break;
-  case JBUF_CRANK_DEST:
-    /* Second pass of 2-pass quantization */
-    if (post->whole_image == NULL)
-      ERREXIT(cinfo, JERR_BAD_BUFFER_MODE);
-    post->pub.post_process_data = post_process_2pass;
-    break;
-#endif /* QUANT_2PASS_SUPPORTED */
-  default:
-    ERREXIT(cinfo, JERR_BAD_BUFFER_MODE);
-    break;
-  }
-  post->starting_row = post->next_row = 0;
-}
-
-
-/*
- * Process some data in the one-pass (strip buffer) case.
- * This is used for color precision reduction as well as one-pass quantization.
- */
-
-METHODDEF(void)
-post_process_1pass(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                   JDIMENSION *in_row_group_ctr,
-                   JDIMENSION in_row_groups_avail, JSAMPARRAY output_buf,
-                   JDIMENSION *out_row_ctr, JDIMENSION out_rows_avail)
-{
-  my_post_ptr post = (my_post_ptr)cinfo->post;
-  JDIMENSION num_rows, max_rows;
-
-  /* Fill the buffer, but not more than what we can dump out in one go. */
-  /* Note we rely on the upsampler to detect bottom of image. */
-  max_rows = out_rows_avail - *out_row_ctr;
-  if (max_rows > post->strip_height)
-    max_rows = post->strip_height;
-  num_rows = 0;
-  (*cinfo->upsample->upsample) (cinfo, input_buf, in_row_group_ctr,
-                                in_row_groups_avail, post->buffer, &num_rows,
-                                max_rows);
-  /* Quantize and emit data. */
-  (*cinfo->cquantize->color_quantize) (cinfo, post->buffer,
-                                       output_buf + *out_row_ctr,
-                                       (int)num_rows);
-  *out_row_ctr += num_rows;
-}
-
-
-#ifdef QUANT_2PASS_SUPPORTED
-
-/*
- * Process some data in the first pass of 2-pass quantization.
- */
-
-METHODDEF(void)
-post_process_prepass(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                     JDIMENSION *in_row_group_ctr,
-                     JDIMENSION in_row_groups_avail, JSAMPARRAY output_buf,
-                     JDIMENSION *out_row_ctr, JDIMENSION out_rows_avail)
-{
-  my_post_ptr post = (my_post_ptr)cinfo->post;
-  JDIMENSION old_next_row, num_rows;
-
-  /* Reposition virtual buffer if at start of strip. */
-  if (post->next_row == 0) {
-    post->buffer = (*cinfo->mem->access_virt_sarray)
-        ((j_common_ptr)cinfo, post->whole_image,
-         post->starting_row, post->strip_height, TRUE);
-  }
-
-  /* Upsample some data (up to a strip height's worth). */
-  old_next_row = post->next_row;
-  (*cinfo->upsample->upsample) (cinfo, input_buf, in_row_group_ctr,
-                                in_row_groups_avail, post->buffer,
-                                &post->next_row, post->strip_height);
-
-  /* Allow quantizer to scan new data.  No data is emitted, */
-  /* but we advance out_row_ctr so outer loop can tell when we're done. */
-  if (post->next_row > old_next_row) {
-    num_rows = post->next_row - old_next_row;
-    (*cinfo->cquantize->color_quantize) (cinfo, post->buffer + old_next_row,
-                                         (JSAMPARRAY)NULL, (int)num_rows);
-    *out_row_ctr += num_rows;
-  }
-
-  /* Advance if we filled the strip. */
-  if (post->next_row >= post->strip_height) {
-    post->starting_row += post->strip_height;
-    post->next_row = 0;
-  }
-}
-
-
-/*
- * Process some data in the second pass of 2-pass quantization.
- */
-
-METHODDEF(void)
-post_process_2pass(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                   JDIMENSION *in_row_group_ctr,
-                   JDIMENSION in_row_groups_avail, JSAMPARRAY output_buf,
-                   JDIMENSION *out_row_ctr, JDIMENSION out_rows_avail)
-{
-  my_post_ptr post = (my_post_ptr)cinfo->post;
-  JDIMENSION num_rows, max_rows;
-
-  /* Reposition virtual buffer if at start of strip. */
-  if (post->next_row == 0) {
-    post->buffer = (*cinfo->mem->access_virt_sarray)
-        ((j_common_ptr)cinfo, post->whole_image,
-         post->starting_row, post->strip_height, FALSE);
-  }
-
-  /* Determine number of rows to emit. */
-  num_rows = post->strip_height - post->next_row; /* available in strip */
-  max_rows = out_rows_avail - *out_row_ctr; /* available in output area */
-  if (num_rows > max_rows)
-    num_rows = max_rows;
-  /* We have to check bottom of image here, can't depend on upsampler. */
-  max_rows = cinfo->output_height - post->starting_row;
-  if (num_rows > max_rows)
-    num_rows = max_rows;
-
-  /* Quantize and emit data. */
-  (*cinfo->cquantize->color_quantize) (cinfo, post->buffer + post->next_row,
-                                       output_buf + *out_row_ctr,
-                                       (int)num_rows);
-  *out_row_ctr += num_rows;
-
-  /* Advance if we filled the strip. */
-  post->next_row += num_rows;
-  if (post->next_row >= post->strip_height) {
-    post->starting_row += post->strip_height;
-    post->next_row = 0;
-  }
-}
-
-#endif /* QUANT_2PASS_SUPPORTED */
-
-
-/*
- * Initialize postprocessing controller.
- */
-
-GLOBAL(void)
-jinit_d_post_controller(j_decompress_ptr cinfo, boolean need_full_buffer)
-{
-  my_post_ptr post;
-
-  post = (my_post_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(my_post_controller));
-  cinfo->post = (struct jpeg_d_post_controller *)post;
-  post->pub.start_pass = start_pass_dpost;
-  post->whole_image = NULL;     /* flag for no virtual arrays */
-  post->buffer = NULL;          /* flag for no strip buffer */
-
-  /* Create the quantization buffer, if needed */
-  if (cinfo->quantize_colors) {
-    /* The buffer strip height is max_v_samp_factor, which is typically
-     * an efficient number of rows for upsampling to return.
-     * (In the presence of output rescaling, we might want to be smarter?)
-     */
-    post->strip_height = (JDIMENSION)cinfo->max_v_samp_factor;
-    if (need_full_buffer) {
-      /* Two-pass color quantization: need full-image storage. */
-      /* We round up the number of rows to a multiple of the strip height. */
-#ifdef QUANT_2PASS_SUPPORTED
-      post->whole_image = (*cinfo->mem->request_virt_sarray)
-        ((j_common_ptr)cinfo, JPOOL_IMAGE, FALSE,
-         cinfo->output_width * cinfo->out_color_components,
-         (JDIMENSION)jround_up((long)cinfo->output_height,
-                               (long)post->strip_height),
-         post->strip_height);
-#else
-      ERREXIT(cinfo, JERR_BAD_BUFFER_MODE);
-#endif /* QUANT_2PASS_SUPPORTED */
-    } else {
-      /* One-pass color quantization: just make a strip buffer. */
-      post->buffer = (*cinfo->mem->alloc_sarray)
-        ((j_common_ptr)cinfo, JPOOL_IMAGE,
-         cinfo->output_width * cinfo->out_color_components,
-         post->strip_height);
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdsample.c b/3rdparty/libjpeg-turbo_2_1_0/jdsample.c
deleted file mode 100644
index eaad72a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdsample.c
+++ /dev/null
@@ -1,524 +0,0 @@
-/*
- * jdsample.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1996, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2010, 2015-2016, D. R. Commander.
- * Copyright (C) 2014, MIPS Technologies, Inc., California.
- * Copyright (C) 2015, Google, Inc.
- * Copyright (C) 2019-2020, Arm Limited.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains upsampling routines.
- *
- * Upsampling input data is counted in "row groups".  A row group
- * is defined to be (v_samp_factor * DCT_scaled_size / min_DCT_scaled_size)
- * sample rows of each component.  Upsampling will normally produce
- * max_v_samp_factor pixel rows from each row group (but this could vary
- * if the upsampler is applying a scale factor of its own).
- *
- * An excellent reference for image resampling is
- *   Digital Image Warping, George Wolberg, 1990.
- *   Pub. by IEEE Computer Society Press, Los Alamitos, CA. ISBN 0-8186-8944-7.
- */
-
-#include "jinclude.h"
-#include "jdsample.h"
-#include "jsimd.h"
-#include "jpegcomp.h"
-
-
-
-/*
- * Initialize for an upsampling pass.
- */
-
-METHODDEF(void)
-start_pass_upsample(j_decompress_ptr cinfo)
-{
-  my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
-
-  /* Mark the conversion buffer empty */
-  upsample->next_row_out = cinfo->max_v_samp_factor;
-  /* Initialize total-height counter for detecting bottom of image */
-  upsample->rows_to_go = cinfo->output_height;
-}
-
-
-/*
- * Control routine to do upsampling (and color conversion).
- *
- * In this version we upsample each component independently.
- * We upsample one row group into the conversion buffer, then apply
- * color conversion a row at a time.
- */
-
-METHODDEF(void)
-sep_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-             JDIMENSION *in_row_group_ctr, JDIMENSION in_row_groups_avail,
-             JSAMPARRAY output_buf, JDIMENSION *out_row_ctr,
-             JDIMENSION out_rows_avail)
-{
-  my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
-  int ci;
-  jpeg_component_info *compptr;
-  JDIMENSION num_rows;
-
-  /* Fill the conversion buffer, if it's empty */
-  if (upsample->next_row_out >= cinfo->max_v_samp_factor) {
-    for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-         ci++, compptr++) {
-      /* Invoke per-component upsample method.  Notice we pass a POINTER
-       * to color_buf[ci], so that fullsize_upsample can change it.
-       */
-      (*upsample->methods[ci]) (cinfo, compptr,
-        input_buf[ci] + (*in_row_group_ctr * upsample->rowgroup_height[ci]),
-        upsample->color_buf + ci);
-    }
-    upsample->next_row_out = 0;
-  }
-
-  /* Color-convert and emit rows */
-
-  /* How many we have in the buffer: */
-  num_rows = (JDIMENSION)(cinfo->max_v_samp_factor - upsample->next_row_out);
-  /* Not more than the distance to the end of the image.  Need this test
-   * in case the image height is not a multiple of max_v_samp_factor:
-   */
-  if (num_rows > upsample->rows_to_go)
-    num_rows = upsample->rows_to_go;
-  /* And not more than what the client can accept: */
-  out_rows_avail -= *out_row_ctr;
-  if (num_rows > out_rows_avail)
-    num_rows = out_rows_avail;
-
-  (*cinfo->cconvert->color_convert) (cinfo, upsample->color_buf,
-                                     (JDIMENSION)upsample->next_row_out,
-                                     output_buf + *out_row_ctr, (int)num_rows);
-
-  /* Adjust counts */
-  *out_row_ctr += num_rows;
-  upsample->rows_to_go -= num_rows;
-  upsample->next_row_out += num_rows;
-  /* When the buffer is emptied, declare this input row group consumed */
-  if (upsample->next_row_out >= cinfo->max_v_samp_factor)
-    (*in_row_group_ctr)++;
-}
-
-
-/*
- * These are the routines invoked by sep_upsample to upsample pixel values
- * of a single component.  One row group is processed per call.
- */
-
-
-/*
- * For full-size components, we just make color_buf[ci] point at the
- * input buffer, and thus avoid copying any data.  Note that this is
- * safe only because sep_upsample doesn't declare the input row group
- * "consumed" until we are done color converting and emitting it.
- */
-
-METHODDEF(void)
-fullsize_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                  JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  *output_data_ptr = input_data;
-}
-
-
-/*
- * This is a no-op version used for "uninteresting" components.
- * These components will not be referenced by color conversion.
- */
-
-METHODDEF(void)
-noop_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-              JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  *output_data_ptr = NULL;      /* safety check */
-}
-
-
-/*
- * This version handles any integral sampling ratios.
- * This is not used for typical JPEG files, so it need not be fast.
- * Nor, for that matter, is it particularly accurate: the algorithm is
- * simple replication of the input pixel onto the corresponding output
- * pixels.  The hi-falutin sampling literature refers to this as a
- * "box filter".  A box filter tends to introduce visible artifacts,
- * so if you are actually going to use 3:1 or 4:1 sampling ratios
- * you would be well advised to improve this code.
- */
-
-METHODDEF(void)
-int_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-             JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
-  JSAMPARRAY output_data = *output_data_ptr;
-  register JSAMPROW inptr, outptr;
-  register JSAMPLE invalue;
-  register int h;
-  JSAMPROW outend;
-  int h_expand, v_expand;
-  int inrow, outrow;
-
-  h_expand = upsample->h_expand[compptr->component_index];
-  v_expand = upsample->v_expand[compptr->component_index];
-
-  inrow = outrow = 0;
-  while (outrow < cinfo->max_v_samp_factor) {
-    /* Generate one output row with proper horizontal expansion */
-    inptr = input_data[inrow];
-    outptr = output_data[outrow];
-    outend = outptr + cinfo->output_width;
-    while (outptr < outend) {
-      invalue = *inptr++;
-      for (h = h_expand; h > 0; h--) {
-        *outptr++ = invalue;
-      }
-    }
-    /* Generate any additional output rows by duplicating the first one */
-    if (v_expand > 1) {
-      jcopy_sample_rows(output_data, outrow, output_data, outrow + 1,
-                        v_expand - 1, cinfo->output_width);
-    }
-    inrow++;
-    outrow += v_expand;
-  }
-}
-
-
-/*
- * Fast processing for the common case of 2:1 horizontal and 1:1 vertical.
- * It's still a box filter.
- */
-
-METHODDEF(void)
-h2v1_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-              JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  JSAMPARRAY output_data = *output_data_ptr;
-  register JSAMPROW inptr, outptr;
-  register JSAMPLE invalue;
-  JSAMPROW outend;
-  int inrow;
-
-  for (inrow = 0; inrow < cinfo->max_v_samp_factor; inrow++) {
-    inptr = input_data[inrow];
-    outptr = output_data[inrow];
-    outend = outptr + cinfo->output_width;
-    while (outptr < outend) {
-      invalue = *inptr++;
-      *outptr++ = invalue;
-      *outptr++ = invalue;
-    }
-  }
-}
-
-
-/*
- * Fast processing for the common case of 2:1 horizontal and 2:1 vertical.
- * It's still a box filter.
- */
-
-METHODDEF(void)
-h2v2_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-              JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  JSAMPARRAY output_data = *output_data_ptr;
-  register JSAMPROW inptr, outptr;
-  register JSAMPLE invalue;
-  JSAMPROW outend;
-  int inrow, outrow;
-
-  inrow = outrow = 0;
-  while (outrow < cinfo->max_v_samp_factor) {
-    inptr = input_data[inrow];
-    outptr = output_data[outrow];
-    outend = outptr + cinfo->output_width;
-    while (outptr < outend) {
-      invalue = *inptr++;
-      *outptr++ = invalue;
-      *outptr++ = invalue;
-    }
-    jcopy_sample_rows(output_data, outrow, output_data, outrow + 1, 1,
-                      cinfo->output_width);
-    inrow++;
-    outrow += 2;
-  }
-}
-
-
-/*
- * Fancy processing for the common case of 2:1 horizontal and 1:1 vertical.
- *
- * The upsampling algorithm is linear interpolation between pixel centers,
- * also known as a "triangle filter".  This is a good compromise between
- * speed and visual quality.  The centers of the output pixels are 1/4 and 3/4
- * of the way between input pixel centers.
- *
- * A note about the "bias" calculations: when rounding fractional values to
- * integer, we do not want to always round 0.5 up to the next integer.
- * If we did that, we'd introduce a noticeable bias towards larger values.
- * Instead, this code is arranged so that 0.5 will be rounded up or down at
- * alternate pixel locations (a simple ordered dither pattern).
- */
-
-METHODDEF(void)
-h2v1_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                    JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  JSAMPARRAY output_data = *output_data_ptr;
-  register JSAMPROW inptr, outptr;
-  register int invalue;
-  register JDIMENSION colctr;
-  int inrow;
-
-  for (inrow = 0; inrow < cinfo->max_v_samp_factor; inrow++) {
-    inptr = input_data[inrow];
-    outptr = output_data[inrow];
-    /* Special case for first column */
-    invalue = *inptr++;
-    *outptr++ = (JSAMPLE)invalue;
-    *outptr++ = (JSAMPLE)((invalue * 3 + inptr[0] + 2) >> 2);
-
-    for (colctr = compptr->downsampled_width - 2; colctr > 0; colctr--) {
-      /* General case: 3/4 * nearer pixel + 1/4 * further pixel */
-      invalue = (*inptr++) * 3;
-      *outptr++ = (JSAMPLE)((invalue + inptr[-2] + 1) >> 2);
-      *outptr++ = (JSAMPLE)((invalue + inptr[0] + 2) >> 2);
-    }
-
-    /* Special case for last column */
-    invalue = *inptr;
-    *outptr++ = (JSAMPLE)((invalue * 3 + inptr[-1] + 1) >> 2);
-    *outptr++ = (JSAMPLE)invalue;
-  }
-}
-
-
-/*
- * Fancy processing for 1:1 horizontal and 2:1 vertical (4:4:0 subsampling).
- *
- * This is a less common case, but it can be encountered when losslessly
- * rotating/transposing a JPEG file that uses 4:2:2 chroma subsampling.
- */
-
-METHODDEF(void)
-h1v2_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                    JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  JSAMPARRAY output_data = *output_data_ptr;
-  JSAMPROW inptr0, inptr1, outptr;
-#if BITS_IN_JSAMPLE == 8
-  int thiscolsum, bias;
-#else
-  JLONG thiscolsum, bias;
-#endif
-  JDIMENSION colctr;
-  int inrow, outrow, v;
-
-  inrow = outrow = 0;
-  while (outrow < cinfo->max_v_samp_factor) {
-    for (v = 0; v < 2; v++) {
-      /* inptr0 points to nearest input row, inptr1 points to next nearest */
-      inptr0 = input_data[inrow];
-      if (v == 0) {             /* next nearest is row above */
-        inptr1 = input_data[inrow - 1];
-        bias = 1;
-      } else {                  /* next nearest is row below */
-        inptr1 = input_data[inrow + 1];
-        bias = 2;
-      }
-      outptr = output_data[outrow++];
-
-      for (colctr = 0; colctr < compptr->downsampled_width; colctr++) {
-        thiscolsum = (*inptr0++) * 3 + (*inptr1++);
-        *outptr++ = (JSAMPLE)((thiscolsum + bias) >> 2);
-      }
-    }
-    inrow++;
-  }
-}
-
-
-/*
- * Fancy processing for the common case of 2:1 horizontal and 2:1 vertical.
- * Again a triangle filter; see comments for h2v1 case, above.
- *
- * It is OK for us to reference the adjacent input rows because we demanded
- * context from the main buffer controller (see initialization code).
- */
-
-METHODDEF(void)
-h2v2_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                    JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  JSAMPARRAY output_data = *output_data_ptr;
-  register JSAMPROW inptr0, inptr1, outptr;
-#if BITS_IN_JSAMPLE == 8
-  register int thiscolsum, lastcolsum, nextcolsum;
-#else
-  register JLONG thiscolsum, lastcolsum, nextcolsum;
-#endif
-  register JDIMENSION colctr;
-  int inrow, outrow, v;
-
-  inrow = outrow = 0;
-  while (outrow < cinfo->max_v_samp_factor) {
-    for (v = 0; v < 2; v++) {
-      /* inptr0 points to nearest input row, inptr1 points to next nearest */
-      inptr0 = input_data[inrow];
-      if (v == 0)               /* next nearest is row above */
-        inptr1 = input_data[inrow - 1];
-      else                      /* next nearest is row below */
-        inptr1 = input_data[inrow + 1];
-      outptr = output_data[outrow++];
-
-      /* Special case for first column */
-      thiscolsum = (*inptr0++) * 3 + (*inptr1++);
-      nextcolsum = (*inptr0++) * 3 + (*inptr1++);
-      *outptr++ = (JSAMPLE)((thiscolsum * 4 + 8) >> 4);
-      *outptr++ = (JSAMPLE)((thiscolsum * 3 + nextcolsum + 7) >> 4);
-      lastcolsum = thiscolsum;  thiscolsum = nextcolsum;
-
-      for (colctr = compptr->downsampled_width - 2; colctr > 0; colctr--) {
-        /* General case: 3/4 * nearer pixel + 1/4 * further pixel in each */
-        /* dimension, thus 9/16, 3/16, 3/16, 1/16 overall */
-        nextcolsum = (*inptr0++) * 3 + (*inptr1++);
-        *outptr++ = (JSAMPLE)((thiscolsum * 3 + lastcolsum + 8) >> 4);
-        *outptr++ = (JSAMPLE)((thiscolsum * 3 + nextcolsum + 7) >> 4);
-        lastcolsum = thiscolsum;  thiscolsum = nextcolsum;
-      }
-
-      /* Special case for last column */
-      *outptr++ = (JSAMPLE)((thiscolsum * 3 + lastcolsum + 8) >> 4);
-      *outptr++ = (JSAMPLE)((thiscolsum * 4 + 7) >> 4);
-    }
-    inrow++;
-  }
-}
-
-
-/*
- * Module initialization routine for upsampling.
- */
-
-GLOBAL(void)
-jinit_upsampler(j_decompress_ptr cinfo)
-{
-  my_upsample_ptr upsample;
-  int ci;
-  jpeg_component_info *compptr;
-  boolean need_buffer, do_fancy;
-  int h_in_group, v_in_group, h_out_group, v_out_group;
-
-  if (!cinfo->master->jinit_upsampler_no_alloc) {
-    upsample = (my_upsample_ptr)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                  sizeof(my_upsampler));
-    cinfo->upsample = (struct jpeg_upsampler *)upsample;
-    upsample->pub.start_pass = start_pass_upsample;
-    upsample->pub.upsample = sep_upsample;
-    upsample->pub.need_context_rows = FALSE; /* until we find out differently */
-  } else
-    upsample = (my_upsample_ptr)cinfo->upsample;
-
-  if (cinfo->CCIR601_sampling)  /* this isn't supported */
-    ERREXIT(cinfo, JERR_CCIR601_NOTIMPL);
-
-  /* jdmainct.c doesn't support context rows when min_DCT_scaled_size = 1,
-   * so don't ask for it.
-   */
-  do_fancy = cinfo->do_fancy_upsampling && cinfo->_min_DCT_scaled_size > 1;
-
-  /* Verify we can handle the sampling factors, select per-component methods,
-   * and create storage as needed.
-   */
-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
-       ci++, compptr++) {
-    /* Compute size of an "input group" after IDCT scaling.  This many samples
-     * are to be converted to max_h_samp_factor * max_v_samp_factor pixels.
-     */
-    h_in_group = (compptr->h_samp_factor * compptr->_DCT_scaled_size) /
-                 cinfo->_min_DCT_scaled_size;
-    v_in_group = (compptr->v_samp_factor * compptr->_DCT_scaled_size) /
-                 cinfo->_min_DCT_scaled_size;
-    h_out_group = cinfo->max_h_samp_factor;
-    v_out_group = cinfo->max_v_samp_factor;
-    upsample->rowgroup_height[ci] = v_in_group; /* save for use later */
-    need_buffer = TRUE;
-    if (!compptr->component_needed) {
-      /* Don't bother to upsample an uninteresting component. */
-      upsample->methods[ci] = noop_upsample;
-      need_buffer = FALSE;
-    } else if (h_in_group == h_out_group && v_in_group == v_out_group) {
-      /* Fullsize components can be processed without any work. */
-      upsample->methods[ci] = fullsize_upsample;
-      need_buffer = FALSE;
-    } else if (h_in_group * 2 == h_out_group && v_in_group == v_out_group) {
-      /* Special cases for 2h1v upsampling */
-      if (do_fancy && compptr->downsampled_width > 2) {
-        if (jsimd_can_h2v1_fancy_upsample())
-          upsample->methods[ci] = jsimd_h2v1_fancy_upsample;
-        else
-          upsample->methods[ci] = h2v1_fancy_upsample;
-      } else {
-        if (jsimd_can_h2v1_upsample())
-          upsample->methods[ci] = jsimd_h2v1_upsample;
-        else
-          upsample->methods[ci] = h2v1_upsample;
-      }
-    } else if (h_in_group == h_out_group &&
-               v_in_group * 2 == v_out_group && do_fancy) {
-      /* Non-fancy upsampling is handled by the generic method */
-#if defined(__arm__) || defined(__aarch64__) || \
-    defined(_M_ARM) || defined(_M_ARM64)
-      if (jsimd_can_h1v2_fancy_upsample())
-        upsample->methods[ci] = jsimd_h1v2_fancy_upsample;
-      else
-#endif
-        upsample->methods[ci] = h1v2_fancy_upsample;
-      upsample->pub.need_context_rows = TRUE;
-    } else if (h_in_group * 2 == h_out_group &&
-               v_in_group * 2 == v_out_group) {
-      /* Special cases for 2h2v upsampling */
-      if (do_fancy && compptr->downsampled_width > 2) {
-        if (jsimd_can_h2v2_fancy_upsample())
-          upsample->methods[ci] = jsimd_h2v2_fancy_upsample;
-        else
-          upsample->methods[ci] = h2v2_fancy_upsample;
-        upsample->pub.need_context_rows = TRUE;
-      } else {
-        if (jsimd_can_h2v2_upsample())
-          upsample->methods[ci] = jsimd_h2v2_upsample;
-        else
-          upsample->methods[ci] = h2v2_upsample;
-      }
-    } else if ((h_out_group % h_in_group) == 0 &&
-               (v_out_group % v_in_group) == 0) {
-      /* Generic integral-factors upsampling method */
-#if defined(__mips__)
-      if (jsimd_can_int_upsample())
-        upsample->methods[ci] = jsimd_int_upsample;
-      else
-#endif
-        upsample->methods[ci] = int_upsample;
-      upsample->h_expand[ci] = (UINT8)(h_out_group / h_in_group);
-      upsample->v_expand[ci] = (UINT8)(v_out_group / v_in_group);
-    } else
-      ERREXIT(cinfo, JERR_FRACT_SAMPLE_NOTIMPL);
-    if (need_buffer && !cinfo->master->jinit_upsampler_no_alloc) {
-      upsample->color_buf[ci] = (*cinfo->mem->alloc_sarray)
-        ((j_common_ptr)cinfo, JPOOL_IMAGE,
-         (JDIMENSION)jround_up((long)cinfo->output_width,
-                               (long)cinfo->max_h_samp_factor),
-         (JDIMENSION)cinfo->max_v_samp_factor);
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdsample.h b/3rdparty/libjpeg-turbo_2_1_0/jdsample.h
deleted file mode 100644
index a6bf08a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdsample.h
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * jdsample.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1996, Thomas G. Lane.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- */
-
-#define JPEG_INTERNALS
-#include "jpeglib.h"
-
-
-/* Pointer to routine to upsample a single component */
-typedef void (*upsample1_ptr) (j_decompress_ptr cinfo,
-                               jpeg_component_info *compptr,
-                               JSAMPARRAY input_data,
-                               JSAMPARRAY *output_data_ptr);
-
-/* Private subobject */
-
-typedef struct {
-  struct jpeg_upsampler pub;    /* public fields */
-
-  /* Color conversion buffer.  When using separate upsampling and color
-   * conversion steps, this buffer holds one upsampled row group until it
-   * has been color converted and output.
-   * Note: we do not allocate any storage for component(s) which are full-size,
-   * ie do not need rescaling.  The corresponding entry of color_buf[] is
-   * simply set to point to the input data array, thereby avoiding copying.
-   */
-  JSAMPARRAY color_buf[MAX_COMPONENTS];
-
-  /* Per-component upsampling method pointers */
-  upsample1_ptr methods[MAX_COMPONENTS];
-
-  int next_row_out;             /* counts rows emitted from color_buf */
-  JDIMENSION rows_to_go;        /* counts rows remaining in image */
-
-  /* Height of an input row group for each component. */
-  int rowgroup_height[MAX_COMPONENTS];
-
-  /* These arrays save pixel expansion factors so that int_expand need not
-   * recompute them each time.  They are unused for other upsampling methods.
-   */
-  UINT8 h_expand[MAX_COMPONENTS];
-  UINT8 v_expand[MAX_COMPONENTS];
-} my_upsampler;
-
-typedef my_upsampler *my_upsample_ptr;
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jdtrans.c b/3rdparty/libjpeg-turbo_2_1_0/jdtrans.c
deleted file mode 100644
index d7ec4b8..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jdtrans.c
+++ /dev/null
@@ -1,156 +0,0 @@
-/*
- * jdtrans.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1995-1997, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2020, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains library routines for transcoding decompression,
- * that is, reading raw DCT coefficient arrays from an input JPEG file.
- * The routines in jdapimin.c will also be needed by a transcoder.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jpegcomp.h"
-
-
-/* Forward declarations */
-LOCAL(void) transdecode_master_selection(j_decompress_ptr cinfo);
-
-
-/*
- * Read the coefficient arrays from a JPEG file.
- * jpeg_read_header must be completed before calling this.
- *
- * The entire image is read into a set of virtual coefficient-block arrays,
- * one per component.  The return value is a pointer to the array of
- * virtual-array descriptors.  These can be manipulated directly via the
- * JPEG memory manager, or handed off to jpeg_write_coefficients().
- * To release the memory occupied by the virtual arrays, call
- * jpeg_finish_decompress() when done with the data.
- *
- * An alternative usage is to simply obtain access to the coefficient arrays
- * during a buffered-image-mode decompression operation.  This is allowed
- * after any jpeg_finish_output() call.  The arrays can be accessed until
- * jpeg_finish_decompress() is called.  (Note that any call to the library
- * may reposition the arrays, so don't rely on access_virt_barray() results
- * to stay valid across library calls.)
- *
- * Returns NULL if suspended.  This case need be checked only if
- * a suspending data source is used.
- */
-
-GLOBAL(jvirt_barray_ptr *)
-jpeg_read_coefficients(j_decompress_ptr cinfo)
-{
-  if (cinfo->global_state == DSTATE_READY) {
-    /* First call: initialize active modules */
-    transdecode_master_selection(cinfo);
-    cinfo->global_state = DSTATE_RDCOEFS;
-  }
-  if (cinfo->global_state == DSTATE_RDCOEFS) {
-    /* Absorb whole file into the coef buffer */
-    for (;;) {
-      int retcode;
-      /* Call progress monitor hook if present */
-      if (cinfo->progress != NULL)
-        (*cinfo->progress->progress_monitor) ((j_common_ptr)cinfo);
-      /* Absorb some more input */
-      retcode = (*cinfo->inputctl->consume_input) (cinfo);
-      if (retcode == JPEG_SUSPENDED)
-        return NULL;
-      if (retcode == JPEG_REACHED_EOI)
-        break;
-      /* Advance progress counter if appropriate */
-      if (cinfo->progress != NULL &&
-          (retcode == JPEG_ROW_COMPLETED || retcode == JPEG_REACHED_SOS)) {
-        if (++cinfo->progress->pass_counter >= cinfo->progress->pass_limit) {
-          /* startup underestimated number of scans; ratchet up one scan */
-          cinfo->progress->pass_limit += (long)cinfo->total_iMCU_rows;
-        }
-      }
-    }
-    /* Set state so that jpeg_finish_decompress does the right thing */
-    cinfo->global_state = DSTATE_STOPPING;
-  }
-  /* At this point we should be in state DSTATE_STOPPING if being used
-   * standalone, or in state DSTATE_BUFIMAGE if being invoked to get access
-   * to the coefficients during a full buffered-image-mode decompression.
-   */
-  if ((cinfo->global_state == DSTATE_STOPPING ||
-       cinfo->global_state == DSTATE_BUFIMAGE) && cinfo->buffered_image) {
-    return cinfo->coef->coef_arrays;
-  }
-  /* Oops, improper usage */
-  ERREXIT1(cinfo, JERR_BAD_STATE, cinfo->global_state);
-  return NULL;                  /* keep compiler happy */
-}
-
-
-/*
- * Master selection of decompression modules for transcoding.
- * This substitutes for jdmaster.c's initialization of the full decompressor.
- */
-
-LOCAL(void)
-transdecode_master_selection(j_decompress_ptr cinfo)
-{
-  /* This is effectively a buffered-image operation. */
-  cinfo->buffered_image = TRUE;
-
-#if JPEG_LIB_VERSION >= 80
-  /* Compute output image dimensions and related values. */
-  jpeg_core_output_dimensions(cinfo);
-#endif
-
-  /* Entropy decoding: either Huffman or arithmetic coding. */
-  if (cinfo->arith_code) {
-#ifdef D_ARITH_CODING_SUPPORTED
-    jinit_arith_decoder(cinfo);
-#else
-    ERREXIT(cinfo, JERR_ARITH_NOTIMPL);
-#endif
-  } else {
-    if (cinfo->progressive_mode) {
-#ifdef D_PROGRESSIVE_SUPPORTED
-      jinit_phuff_decoder(cinfo);
-#else
-      ERREXIT(cinfo, JERR_NOT_COMPILED);
-#endif
-    } else
-      jinit_huff_decoder(cinfo);
-  }
-
-  /* Always get a full-image coefficient buffer. */
-  jinit_d_coef_controller(cinfo, TRUE);
-
-  /* We can now tell the memory manager to allocate virtual arrays. */
-  (*cinfo->mem->realize_virt_arrays) ((j_common_ptr)cinfo);
-
-  /* Initialize input side of decompressor to consume first scan. */
-  (*cinfo->inputctl->start_input_pass) (cinfo);
-
-  /* Initialize progress monitoring. */
-  if (cinfo->progress != NULL) {
-    int nscans;
-    /* Estimate number of scans to set pass_limit. */
-    if (cinfo->progressive_mode) {
-      /* Arbitrarily estimate 2 interleaved DC scans + 3 AC scans/component. */
-      nscans = 2 + 3 * cinfo->num_components;
-    } else if (cinfo->inputctl->has_multiple_scans) {
-      /* For a nonprogressive multiscan file, estimate 1 scan per component. */
-      nscans = cinfo->num_components;
-    } else {
-      nscans = 1;
-    }
-    cinfo->progress->pass_counter = 0L;
-    cinfo->progress->pass_limit = (long)cinfo->total_iMCU_rows * nscans;
-    cinfo->progress->completed_passes = 0;
-    cinfo->progress->total_passes = 1;
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jerror.c b/3rdparty/libjpeg-turbo_2_1_0/jerror.c
deleted file mode 100644
index 936c4f5..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jerror.c
+++ /dev/null
@@ -1,251 +0,0 @@
-/*
- * jerror.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1998, Thomas G. Lane.
- * It was modified by The libjpeg-turbo Project to include only code relevant
- * to libjpeg-turbo.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains simple error-reporting and trace-message routines.
- * These are suitable for Unix-like systems and others where writing to
- * stderr is the right thing to do.  Many applications will want to replace
- * some or all of these routines.
- *
- * If you define USE_WINDOWS_MESSAGEBOX in jconfig.h or in the makefile,
- * you get a Windows-specific hack to display error messages in a dialog box.
- * It ain't much, but it beats dropping error messages into the bit bucket,
- * which is what happens to output to stderr under most Windows C compilers.
- *
- * These routines are used by both the compression and decompression code.
- */
-
-/* this is not a core library module, so it doesn't define JPEG_INTERNALS */
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jversion.h"
-#include "jerror.h"
-
-#ifdef USE_WINDOWS_MESSAGEBOX
-#include <windows.h>
-#endif
-
-#ifndef EXIT_FAILURE            /* define exit() codes if not provided */
-#define EXIT_FAILURE  1
-#endif
-
-
-/*
- * Create the message string table.
- * We do this from the master message list in jerror.h by re-reading
- * jerror.h with a suitable definition for macro JMESSAGE.
- * The message table is made an external symbol just in case any applications
- * want to refer to it directly.
- */
-
-#define JMESSAGE(code, string)  string,
-
-const char * const jpeg_std_message_table[] = {
-#include "jerror.h"
-  NULL
-};
-
-
-/*
- * Error exit handler: must not return to caller.
- *
- * Applications may override this if they want to get control back after
- * an error.  Typically one would longjmp somewhere instead of exiting.
- * The setjmp buffer can be made a private field within an expanded error
- * handler object.  Note that the info needed to generate an error message
- * is stored in the error object, so you can generate the message now or
- * later, at your convenience.
- * You should make sure that the JPEG object is cleaned up (with jpeg_abort
- * or jpeg_destroy) at some point.
- */
-
-METHODDEF(void)
-error_exit(j_common_ptr cinfo)
-{
-  /* Always display the message */
-  (*cinfo->err->output_message) (cinfo);
-
-  /* Let the memory manager delete any temp files before we die */
-  jpeg_destroy(cinfo);
-
-  exit(EXIT_FAILURE);
-}
-
-
-/*
- * Actual output of an error or trace message.
- * Applications may override this method to send JPEG messages somewhere
- * other than stderr.
- *
- * On Windows, printing to stderr is generally completely useless,
- * so we provide optional code to produce an error-dialog popup.
- * Most Windows applications will still prefer to override this routine,
- * but if they don't, it'll do something at least marginally useful.
- *
- * NOTE: to use the library in an environment that doesn't support the
- * C stdio library, you may have to delete the call to fprintf() entirely,
- * not just not use this routine.
- */
-
-METHODDEF(void)
-output_message(j_common_ptr cinfo)
-{
-  char buffer[JMSG_LENGTH_MAX];
-
-  /* Create the message */
-  (*cinfo->err->format_message) (cinfo, buffer);
-
-#ifdef USE_WINDOWS_MESSAGEBOX
-  /* Display it in a message dialog box */
-  MessageBox(GetActiveWindow(), buffer, "JPEG Library Error",
-             MB_OK | MB_ICONERROR);
-#else
-  /* Send it to stderr, adding a newline */
-  fprintf(stderr, "%s\n", buffer);
-#endif
-}
-
-
-/*
- * Decide whether to emit a trace or warning message.
- * msg_level is one of:
- *   -1: recoverable corrupt-data warning, may want to abort.
- *    0: important advisory messages (always display to user).
- *    1: first level of tracing detail.
- *    2,3,...: successively more detailed tracing messages.
- * An application might override this method if it wanted to abort on warnings
- * or change the policy about which messages to display.
- */
-
-METHODDEF(void)
-emit_message(j_common_ptr cinfo, int msg_level)
-{
-  struct jpeg_error_mgr *err = cinfo->err;
-
-  if (msg_level < 0) {
-    /* It's a warning message.  Since corrupt files may generate many warnings,
-     * the policy implemented here is to show only the first warning,
-     * unless trace_level >= 3.
-     */
-    if (err->num_warnings == 0 || err->trace_level >= 3)
-      (*err->output_message) (cinfo);
-    /* Always count warnings in num_warnings. */
-    err->num_warnings++;
-  } else {
-    /* It's a trace message.  Show it if trace_level >= msg_level. */
-    if (err->trace_level >= msg_level)
-      (*err->output_message) (cinfo);
-  }
-}
-
-
-/*
- * Format a message string for the most recent JPEG error or message.
- * The message is stored into buffer, which should be at least JMSG_LENGTH_MAX
- * characters.  Note that no '\n' character is added to the string.
- * Few applications should need to override this method.
- */
-
-METHODDEF(void)
-format_message(j_common_ptr cinfo, char *buffer)
-{
-  struct jpeg_error_mgr *err = cinfo->err;
-  int msg_code = err->msg_code;
-  const char *msgtext = NULL;
-  const char *msgptr;
-  char ch;
-  boolean isstring;
-
-  /* Look up message string in proper table */
-  if (msg_code > 0 && msg_code <= err->last_jpeg_message) {
-    msgtext = err->jpeg_message_table[msg_code];
-  } else if (err->addon_message_table != NULL &&
-             msg_code >= err->first_addon_message &&
-             msg_code <= err->last_addon_message) {
-    msgtext = err->addon_message_table[msg_code - err->first_addon_message];
-  }
-
-  /* Defend against bogus message number */
-  if (msgtext == NULL) {
-    err->msg_parm.i[0] = msg_code;
-    msgtext = err->jpeg_message_table[0];
-  }
-
-  /* Check for string parameter, as indicated by %s in the message text */
-  isstring = FALSE;
-  msgptr = msgtext;
-  while ((ch = *msgptr++) != '\0') {
-    if (ch == '%') {
-      if (*msgptr == 's') isstring = TRUE;
-      break;
-    }
-  }
-
-  /* Format the message into the passed buffer */
-  if (isstring)
-    sprintf(buffer, msgtext, err->msg_parm.s);
-  else
-    sprintf(buffer, msgtext,
-            err->msg_parm.i[0], err->msg_parm.i[1],
-            err->msg_parm.i[2], err->msg_parm.i[3],
-            err->msg_parm.i[4], err->msg_parm.i[5],
-            err->msg_parm.i[6], err->msg_parm.i[7]);
-}
-
-
-/*
- * Reset error state variables at start of a new image.
- * This is called during compression startup to reset trace/error
- * processing to default state, without losing any application-specific
- * method pointers.  An application might possibly want to override
- * this method if it has additional error processing state.
- */
-
-METHODDEF(void)
-reset_error_mgr(j_common_ptr cinfo)
-{
-  cinfo->err->num_warnings = 0;
-  /* trace_level is not reset since it is an application-supplied parameter */
-  cinfo->err->msg_code = 0;     /* may be useful as a flag for "no error" */
-}
-
-
-/*
- * Fill in the standard error-handling methods in a jpeg_error_mgr object.
- * Typical call is:
- *      struct jpeg_compress_struct cinfo;
- *      struct jpeg_error_mgr err;
- *
- *      cinfo.err = jpeg_std_error(&err);
- * after which the application may override some of the methods.
- */
-
-GLOBAL(struct jpeg_error_mgr *)
-jpeg_std_error(struct jpeg_error_mgr *err)
-{
-  err->error_exit = error_exit;
-  err->emit_message = emit_message;
-  err->output_message = output_message;
-  err->format_message = format_message;
-  err->reset_error_mgr = reset_error_mgr;
-
-  err->trace_level = 0;         /* default = no tracing */
-  err->num_warnings = 0;        /* no warnings emitted yet */
-  err->msg_code = 0;            /* may be useful as a flag for "no error" */
-
-  /* Initialize message table pointers */
-  err->jpeg_message_table = jpeg_std_message_table;
-  err->last_jpeg_message = (int)JMSG_LASTMSGCODE - 1;
-
-  err->addon_message_table = NULL;
-  err->first_addon_message = 0; /* for safety */
-  err->last_addon_message = 0;
-
-  return err;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jerror.h b/3rdparty/libjpeg-turbo_2_1_0/jerror.h
deleted file mode 100644
index 4476df2..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jerror.h
+++ /dev/null
@@ -1,329 +0,0 @@
-/*
- * jerror.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1997, Thomas G. Lane.
- * Modified 1997-2009 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2014, 2017, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file defines the error and message codes for the JPEG library.
- * Edit this file to add new codes, or to translate the message strings to
- * some other language.
- * A set of error-reporting macros are defined too.  Some applications using
- * the JPEG library may wish to include this file to get the error codes
- * and/or the macros.
- */
-
-/*
- * To define the enum list of message codes, include this file without
- * defining macro JMESSAGE.  To create a message string table, include it
- * again with a suitable JMESSAGE definition (see jerror.c for an example).
- */
-#ifndef JMESSAGE
-#ifndef JERROR_H
-/* First time through, define the enum list */
-#define JMAKE_ENUM_LIST
-#else
-/* Repeated inclusions of this file are no-ops unless JMESSAGE is defined */
-#define JMESSAGE(code, string)
-#endif /* JERROR_H */
-#endif /* JMESSAGE */
-
-#ifdef JMAKE_ENUM_LIST
-
-typedef enum {
-
-#define JMESSAGE(code, string)  code,
-
-#endif /* JMAKE_ENUM_LIST */
-
-JMESSAGE(JMSG_NOMESSAGE, "Bogus message code %d") /* Must be first entry! */
-
-/* For maintenance convenience, list is alphabetical by message code name */
-#if JPEG_LIB_VERSION < 70
-JMESSAGE(JERR_ARITH_NOTIMPL, "Sorry, arithmetic coding is not implemented")
-#endif
-JMESSAGE(JERR_BAD_ALIGN_TYPE, "ALIGN_TYPE is wrong, please fix")
-JMESSAGE(JERR_BAD_ALLOC_CHUNK, "MAX_ALLOC_CHUNK is wrong, please fix")
-JMESSAGE(JERR_BAD_BUFFER_MODE, "Bogus buffer control mode")
-JMESSAGE(JERR_BAD_COMPONENT_ID, "Invalid component ID %d in SOS")
-#if JPEG_LIB_VERSION >= 70
-JMESSAGE(JERR_BAD_CROP_SPEC, "Invalid crop request")
-#endif
-JMESSAGE(JERR_BAD_DCT_COEF, "DCT coefficient out of range")
-JMESSAGE(JERR_BAD_DCTSIZE, "IDCT output block size %d not supported")
-#if JPEG_LIB_VERSION >= 70
-JMESSAGE(JERR_BAD_DROP_SAMPLING,
-         "Component index %d: mismatching sampling ratio %d:%d, %d:%d, %c")
-#endif
-JMESSAGE(JERR_BAD_HUFF_TABLE, "Bogus Huffman table definition")
-JMESSAGE(JERR_BAD_IN_COLORSPACE, "Bogus input colorspace")
-JMESSAGE(JERR_BAD_J_COLORSPACE, "Bogus JPEG colorspace")
-JMESSAGE(JERR_BAD_LENGTH, "Bogus marker length")
-JMESSAGE(JERR_BAD_LIB_VERSION,
-         "Wrong JPEG library version: library is %d, caller expects %d")
-JMESSAGE(JERR_BAD_MCU_SIZE, "Sampling factors too large for interleaved scan")
-JMESSAGE(JERR_BAD_POOL_ID, "Invalid memory pool code %d")
-JMESSAGE(JERR_BAD_PRECISION, "Unsupported JPEG data precision %d")
-JMESSAGE(JERR_BAD_PROGRESSION,
-         "Invalid progressive parameters Ss=%d Se=%d Ah=%d Al=%d")
-JMESSAGE(JERR_BAD_PROG_SCRIPT,
-         "Invalid progressive parameters at scan script entry %d")
-JMESSAGE(JERR_BAD_SAMPLING, "Bogus sampling factors")
-JMESSAGE(JERR_BAD_SCAN_SCRIPT, "Invalid scan script at entry %d")
-JMESSAGE(JERR_BAD_STATE, "Improper call to JPEG library in state %d")
-JMESSAGE(JERR_BAD_STRUCT_SIZE,
-         "JPEG parameter struct mismatch: library thinks size is %u, caller expects %u")
-JMESSAGE(JERR_BAD_VIRTUAL_ACCESS, "Bogus virtual array access")
-JMESSAGE(JERR_BUFFER_SIZE, "Buffer passed to JPEG library is too small")
-JMESSAGE(JERR_CANT_SUSPEND, "Suspension not allowed here")
-JMESSAGE(JERR_CCIR601_NOTIMPL, "CCIR601 sampling not implemented yet")
-JMESSAGE(JERR_COMPONENT_COUNT, "Too many color components: %d, max %d")
-JMESSAGE(JERR_CONVERSION_NOTIMPL, "Unsupported color conversion request")
-JMESSAGE(JERR_DAC_INDEX, "Bogus DAC index %d")
-JMESSAGE(JERR_DAC_VALUE, "Bogus DAC value 0x%x")
-JMESSAGE(JERR_DHT_INDEX, "Bogus DHT index %d")
-JMESSAGE(JERR_DQT_INDEX, "Bogus DQT index %d")
-JMESSAGE(JERR_EMPTY_IMAGE, "Empty JPEG image (DNL not supported)")
-JMESSAGE(JERR_EMS_READ, "Read from EMS failed")
-JMESSAGE(JERR_EMS_WRITE, "Write to EMS failed")
-JMESSAGE(JERR_EOI_EXPECTED, "Didn't expect more than one scan")
-JMESSAGE(JERR_FILE_READ, "Input file read error")
-JMESSAGE(JERR_FILE_WRITE, "Output file write error --- out of disk space?")
-JMESSAGE(JERR_FRACT_SAMPLE_NOTIMPL, "Fractional sampling not implemented yet")
-JMESSAGE(JERR_HUFF_CLEN_OVERFLOW, "Huffman code size table overflow")
-JMESSAGE(JERR_HUFF_MISSING_CODE, "Missing Huffman code table entry")
-JMESSAGE(JERR_IMAGE_TOO_BIG, "Maximum supported image dimension is %u pixels")
-JMESSAGE(JERR_INPUT_EMPTY, "Empty input file")
-JMESSAGE(JERR_INPUT_EOF, "Premature end of input file")
-JMESSAGE(JERR_MISMATCHED_QUANT_TABLE,
-         "Cannot transcode due to multiple use of quantization table %d")
-JMESSAGE(JERR_MISSING_DATA, "Scan script does not transmit all data")
-JMESSAGE(JERR_MODE_CHANGE, "Invalid color quantization mode change")
-JMESSAGE(JERR_NOTIMPL, "Not implemented yet")
-JMESSAGE(JERR_NOT_COMPILED, "Requested feature was omitted at compile time")
-#if JPEG_LIB_VERSION >= 70
-JMESSAGE(JERR_NO_ARITH_TABLE, "Arithmetic table 0x%02x was not defined")
-#endif
-JMESSAGE(JERR_NO_BACKING_STORE, "Backing store not supported")
-JMESSAGE(JERR_NO_HUFF_TABLE, "Huffman table 0x%02x was not defined")
-JMESSAGE(JERR_NO_IMAGE, "JPEG datastream contains no image")
-JMESSAGE(JERR_NO_QUANT_TABLE, "Quantization table 0x%02x was not defined")
-JMESSAGE(JERR_NO_SOI, "Not a JPEG file: starts with 0x%02x 0x%02x")
-JMESSAGE(JERR_OUT_OF_MEMORY, "Insufficient memory (case %d)")
-JMESSAGE(JERR_QUANT_COMPONENTS,
-         "Cannot quantize more than %d color components")
-JMESSAGE(JERR_QUANT_FEW_COLORS, "Cannot quantize to fewer than %d colors")
-JMESSAGE(JERR_QUANT_MANY_COLORS, "Cannot quantize to more than %d colors")
-JMESSAGE(JERR_SOF_DUPLICATE, "Invalid JPEG file structure: two SOF markers")
-JMESSAGE(JERR_SOF_NO_SOS, "Invalid JPEG file structure: missing SOS marker")
-JMESSAGE(JERR_SOF_UNSUPPORTED, "Unsupported JPEG process: SOF type 0x%02x")
-JMESSAGE(JERR_SOI_DUPLICATE, "Invalid JPEG file structure: two SOI markers")
-JMESSAGE(JERR_SOS_NO_SOF, "Invalid JPEG file structure: SOS before SOF")
-JMESSAGE(JERR_TFILE_CREATE, "Failed to create temporary file %s")
-JMESSAGE(JERR_TFILE_READ, "Read failed on temporary file")
-JMESSAGE(JERR_TFILE_SEEK, "Seek failed on temporary file")
-JMESSAGE(JERR_TFILE_WRITE,
-         "Write failed on temporary file --- out of disk space?")
-JMESSAGE(JERR_TOO_LITTLE_DATA, "Application transferred too few scanlines")
-JMESSAGE(JERR_UNKNOWN_MARKER, "Unsupported marker type 0x%02x")
-JMESSAGE(JERR_VIRTUAL_BUG, "Virtual array controller messed up")
-JMESSAGE(JERR_WIDTH_OVERFLOW, "Image too wide for this implementation")
-JMESSAGE(JERR_XMS_READ, "Read from XMS failed")
-JMESSAGE(JERR_XMS_WRITE, "Write to XMS failed")
-JMESSAGE(JMSG_COPYRIGHT, JCOPYRIGHT_SHORT)
-JMESSAGE(JMSG_VERSION, JVERSION)
-JMESSAGE(JTRC_16BIT_TABLES,
-         "Caution: quantization tables are too coarse for baseline JPEG")
-JMESSAGE(JTRC_ADOBE,
-         "Adobe APP14 marker: version %d, flags 0x%04x 0x%04x, transform %d")
-JMESSAGE(JTRC_APP0, "Unknown APP0 marker (not JFIF), length %u")
-JMESSAGE(JTRC_APP14, "Unknown APP14 marker (not Adobe), length %u")
-JMESSAGE(JTRC_DAC, "Define Arithmetic Table 0x%02x: 0x%02x")
-JMESSAGE(JTRC_DHT, "Define Huffman Table 0x%02x")
-JMESSAGE(JTRC_DQT, "Define Quantization Table %d  precision %d")
-JMESSAGE(JTRC_DRI, "Define Restart Interval %u")
-JMESSAGE(JTRC_EMS_CLOSE, "Freed EMS handle %u")
-JMESSAGE(JTRC_EMS_OPEN, "Obtained EMS handle %u")
-JMESSAGE(JTRC_EOI, "End Of Image")
-JMESSAGE(JTRC_HUFFBITS, "        %3d %3d %3d %3d %3d %3d %3d %3d")
-JMESSAGE(JTRC_JFIF, "JFIF APP0 marker: version %d.%02d, density %dx%d  %d")
-JMESSAGE(JTRC_JFIF_BADTHUMBNAILSIZE,
-         "Warning: thumbnail image size does not match data length %u")
-JMESSAGE(JTRC_JFIF_EXTENSION, "JFIF extension marker: type 0x%02x, length %u")
-JMESSAGE(JTRC_JFIF_THUMBNAIL, "    with %d x %d thumbnail image")
-JMESSAGE(JTRC_MISC_MARKER, "Miscellaneous marker 0x%02x, length %u")
-JMESSAGE(JTRC_PARMLESS_MARKER, "Unexpected marker 0x%02x")
-JMESSAGE(JTRC_QUANTVALS, "        %4u %4u %4u %4u %4u %4u %4u %4u")
-JMESSAGE(JTRC_QUANT_3_NCOLORS, "Quantizing to %d = %d*%d*%d colors")
-JMESSAGE(JTRC_QUANT_NCOLORS, "Quantizing to %d colors")
-JMESSAGE(JTRC_QUANT_SELECTED, "Selected %d colors for quantization")
-JMESSAGE(JTRC_RECOVERY_ACTION, "At marker 0x%02x, recovery action %d")
-JMESSAGE(JTRC_RST, "RST%d")
-JMESSAGE(JTRC_SMOOTH_NOTIMPL,
-         "Smoothing not supported with nonstandard sampling ratios")
-JMESSAGE(JTRC_SOF, "Start Of Frame 0x%02x: width=%u, height=%u, components=%d")
-JMESSAGE(JTRC_SOF_COMPONENT, "    Component %d: %dhx%dv q=%d")
-JMESSAGE(JTRC_SOI, "Start of Image")
-JMESSAGE(JTRC_SOS, "Start Of Scan: %d components")
-JMESSAGE(JTRC_SOS_COMPONENT, "    Component %d: dc=%d ac=%d")
-JMESSAGE(JTRC_SOS_PARAMS, "  Ss=%d, Se=%d, Ah=%d, Al=%d")
-JMESSAGE(JTRC_TFILE_CLOSE, "Closed temporary file %s")
-JMESSAGE(JTRC_TFILE_OPEN, "Opened temporary file %s")
-JMESSAGE(JTRC_THUMB_JPEG,
-         "JFIF extension marker: JPEG-compressed thumbnail image, length %u")
-JMESSAGE(JTRC_THUMB_PALETTE,
-         "JFIF extension marker: palette thumbnail image, length %u")
-JMESSAGE(JTRC_THUMB_RGB,
-         "JFIF extension marker: RGB thumbnail image, length %u")
-JMESSAGE(JTRC_UNKNOWN_IDS,
-         "Unrecognized component IDs %d %d %d, assuming YCbCr")
-JMESSAGE(JTRC_XMS_CLOSE, "Freed XMS handle %u")
-JMESSAGE(JTRC_XMS_OPEN, "Obtained XMS handle %u")
-JMESSAGE(JWRN_ADOBE_XFORM, "Unknown Adobe color transform code %d")
-#if JPEG_LIB_VERSION >= 70
-JMESSAGE(JWRN_ARITH_BAD_CODE, "Corrupt JPEG data: bad arithmetic code")
-#endif
-JMESSAGE(JWRN_BOGUS_PROGRESSION,
-         "Inconsistent progression sequence for component %d coefficient %d")
-JMESSAGE(JWRN_EXTRANEOUS_DATA,
-         "Corrupt JPEG data: %u extraneous bytes before marker 0x%02x")
-JMESSAGE(JWRN_HIT_MARKER, "Corrupt JPEG data: premature end of data segment")
-JMESSAGE(JWRN_HUFF_BAD_CODE, "Corrupt JPEG data: bad Huffman code")
-JMESSAGE(JWRN_JFIF_MAJOR, "Warning: unknown JFIF revision number %d.%02d")
-JMESSAGE(JWRN_JPEG_EOF, "Premature end of JPEG file")
-JMESSAGE(JWRN_MUST_RESYNC,
-         "Corrupt JPEG data: found marker 0x%02x instead of RST%d")
-JMESSAGE(JWRN_NOT_SEQUENTIAL, "Invalid SOS parameters for sequential JPEG")
-JMESSAGE(JWRN_TOO_MUCH_DATA, "Application transferred too many scanlines")
-#if JPEG_LIB_VERSION < 70
-JMESSAGE(JERR_BAD_CROP_SPEC, "Invalid crop request")
-#if defined(C_ARITH_CODING_SUPPORTED) || defined(D_ARITH_CODING_SUPPORTED)
-JMESSAGE(JERR_NO_ARITH_TABLE, "Arithmetic table 0x%02x was not defined")
-JMESSAGE(JWRN_ARITH_BAD_CODE, "Corrupt JPEG data: bad arithmetic code")
-#endif
-#endif
-JMESSAGE(JWRN_BOGUS_ICC, "Corrupt JPEG data: bad ICC marker")
-#if JPEG_LIB_VERSION < 70
-JMESSAGE(JERR_BAD_DROP_SAMPLING,
-         "Component index %d: mismatching sampling ratio %d:%d, %d:%d, %c")
-#endif
-
-#ifdef JMAKE_ENUM_LIST
-
-  JMSG_LASTMSGCODE
-} J_MESSAGE_CODE;
-
-#undef JMAKE_ENUM_LIST
-#endif /* JMAKE_ENUM_LIST */
-
-/* Zap JMESSAGE macro so that future re-inclusions do nothing by default */
-#undef JMESSAGE
-
-
-#ifndef JERROR_H
-#define JERROR_H
-
-/* Macros to simplify using the error and trace message stuff */
-/* The first parameter is either type of cinfo pointer */
-
-/* Fatal errors (print message and exit) */
-#define ERREXIT(cinfo, code) \
-  ((cinfo)->err->msg_code = (code), \
-   (*(cinfo)->err->error_exit) ((j_common_ptr)(cinfo)))
-#define ERREXIT1(cinfo, code, p1) \
-  ((cinfo)->err->msg_code = (code), \
-   (cinfo)->err->msg_parm.i[0] = (p1), \
-   (*(cinfo)->err->error_exit) ((j_common_ptr)(cinfo)))
-#define ERREXIT2(cinfo, code, p1, p2) \
-  ((cinfo)->err->msg_code = (code), \
-   (cinfo)->err->msg_parm.i[0] = (p1), \
-   (cinfo)->err->msg_parm.i[1] = (p2), \
-   (*(cinfo)->err->error_exit) ((j_common_ptr)(cinfo)))
-#define ERREXIT3(cinfo, code, p1, p2, p3) \
-  ((cinfo)->err->msg_code = (code), \
-   (cinfo)->err->msg_parm.i[0] = (p1), \
-   (cinfo)->err->msg_parm.i[1] = (p2), \
-   (cinfo)->err->msg_parm.i[2] = (p3), \
-   (*(cinfo)->err->error_exit) ((j_common_ptr)(cinfo)))
-#define ERREXIT4(cinfo, code, p1, p2, p3, p4) \
-  ((cinfo)->err->msg_code = (code), \
-   (cinfo)->err->msg_parm.i[0] = (p1), \
-   (cinfo)->err->msg_parm.i[1] = (p2), \
-   (cinfo)->err->msg_parm.i[2] = (p3), \
-   (cinfo)->err->msg_parm.i[3] = (p4), \
-   (*(cinfo)->err->error_exit) ((j_common_ptr)(cinfo)))
-#define ERREXIT6(cinfo, code, p1, p2, p3, p4, p5, p6) \
-  ((cinfo)->err->msg_code = (code), \
-   (cinfo)->err->msg_parm.i[0] = (p1), \
-   (cinfo)->err->msg_parm.i[1] = (p2), \
-   (cinfo)->err->msg_parm.i[2] = (p3), \
-   (cinfo)->err->msg_parm.i[3] = (p4), \
-   (cinfo)->err->msg_parm.i[4] = (p5), \
-   (cinfo)->err->msg_parm.i[5] = (p6), \
-   (*(cinfo)->err->error_exit) ((j_common_ptr)(cinfo)))
-#define ERREXITS(cinfo, code, str) \
-  ((cinfo)->err->msg_code = (code), \
-   strncpy((cinfo)->err->msg_parm.s, (str), JMSG_STR_PARM_MAX), \
-   (*(cinfo)->err->error_exit) ((j_common_ptr)(cinfo)))
-
-#define MAKESTMT(stuff)         do { stuff } while (0)
-
-/* Nonfatal errors (we can keep going, but the data is probably corrupt) */
-#define WARNMS(cinfo, code) \
-  ((cinfo)->err->msg_code = (code), \
-   (*(cinfo)->err->emit_message) ((j_common_ptr)(cinfo), -1))
-#define WARNMS1(cinfo, code, p1) \
-  ((cinfo)->err->msg_code = (code), \
-   (cinfo)->err->msg_parm.i[0] = (p1), \
-   (*(cinfo)->err->emit_message) ((j_common_ptr)(cinfo), -1))
-#define WARNMS2(cinfo, code, p1, p2) \
-  ((cinfo)->err->msg_code = (code), \
-   (cinfo)->err->msg_parm.i[0] = (p1), \
-   (cinfo)->err->msg_parm.i[1] = (p2), \
-   (*(cinfo)->err->emit_message) ((j_common_ptr)(cinfo), -1))
-
-/* Informational/debugging messages */
-#define TRACEMS(cinfo, lvl, code) \
-  ((cinfo)->err->msg_code = (code), \
-   (*(cinfo)->err->emit_message) ((j_common_ptr)(cinfo), (lvl)))
-#define TRACEMS1(cinfo, lvl, code, p1) \
-  ((cinfo)->err->msg_code = (code), \
-   (cinfo)->err->msg_parm.i[0] = (p1), \
-   (*(cinfo)->err->emit_message) ((j_common_ptr)(cinfo), (lvl)))
-#define TRACEMS2(cinfo, lvl, code, p1, p2) \
-  ((cinfo)->err->msg_code = (code), \
-   (cinfo)->err->msg_parm.i[0] = (p1), \
-   (cinfo)->err->msg_parm.i[1] = (p2), \
-   (*(cinfo)->err->emit_message) ((j_common_ptr)(cinfo), (lvl)))
-#define TRACEMS3(cinfo, lvl, code, p1, p2, p3) \
-  MAKESTMT(int *_mp = (cinfo)->err->msg_parm.i; \
-           _mp[0] = (p1);  _mp[1] = (p2);  _mp[2] = (p3); \
-           (cinfo)->err->msg_code = (code); \
-           (*(cinfo)->err->emit_message) ((j_common_ptr)(cinfo), (lvl)); )
-#define TRACEMS4(cinfo, lvl, code, p1, p2, p3, p4) \
-  MAKESTMT(int *_mp = (cinfo)->err->msg_parm.i; \
-           _mp[0] = (p1);  _mp[1] = (p2);  _mp[2] = (p3);  _mp[3] = (p4); \
-           (cinfo)->err->msg_code = (code); \
-           (*(cinfo)->err->emit_message) ((j_common_ptr)(cinfo), (lvl)); )
-#define TRACEMS5(cinfo, lvl, code, p1, p2, p3, p4, p5) \
-  MAKESTMT(int *_mp = (cinfo)->err->msg_parm.i; \
-           _mp[0] = (p1);  _mp[1] = (p2);  _mp[2] = (p3);  _mp[3] = (p4); \
-           _mp[4] = (p5); \
-           (cinfo)->err->msg_code = (code); \
-           (*(cinfo)->err->emit_message) ((j_common_ptr)(cinfo), (lvl)); )
-#define TRACEMS8(cinfo, lvl, code, p1, p2, p3, p4, p5, p6, p7, p8) \
-  MAKESTMT(int *_mp = (cinfo)->err->msg_parm.i; \
-           _mp[0] = (p1);  _mp[1] = (p2);  _mp[2] = (p3);  _mp[3] = (p4); \
-           _mp[4] = (p5);  _mp[5] = (p6);  _mp[6] = (p7);  _mp[7] = (p8); \
-           (cinfo)->err->msg_code = (code); \
-           (*(cinfo)->err->emit_message) ((j_common_ptr)(cinfo), (lvl)); )
-#define TRACEMSS(cinfo, lvl, code, str) \
-  ((cinfo)->err->msg_code = (code), \
-   strncpy((cinfo)->err->msg_parm.s, (str), JMSG_STR_PARM_MAX), \
-   (*(cinfo)->err->emit_message) ((j_common_ptr)(cinfo), (lvl)))
-
-#endif /* JERROR_H */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jfdctflt.c b/3rdparty/libjpeg-turbo_2_1_0/jfdctflt.c
deleted file mode 100644
index ab6f6d0..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jfdctflt.c
+++ /dev/null
@@ -1,169 +0,0 @@
-/*
- * jfdctflt.c
- *
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * This file is part of the Independent JPEG Group's software.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains a floating-point implementation of the
- * forward DCT (Discrete Cosine Transform).
- *
- * This implementation should be more accurate than either of the integer
- * DCT implementations.  However, it may not give the same results on all
- * machines because of differences in roundoff behavior.  Speed will depend
- * on the hardware's floating point capacity.
- *
- * A 2-D DCT can be done by 1-D DCT on each row followed by 1-D DCT
- * on each column.  Direct algorithms are also available, but they are
- * much more complex and seem not to be any faster when reduced to code.
- *
- * This implementation is based on Arai, Agui, and Nakajima's algorithm for
- * scaled DCT.  Their original paper (Trans. IEICE E-71(11):1095) is in
- * Japanese, but the algorithm is described in the Pennebaker & Mitchell
- * JPEG textbook (see REFERENCES section in file README.ijg).  The following
- * code is based directly on figure 4-8 in P&M.
- * While an 8-point DCT cannot be done in less than 11 multiplies, it is
- * possible to arrange the computation so that many of the multiplies are
- * simple scalings of the final outputs.  These multiplies can then be
- * folded into the multiplications or divisions by the JPEG quantization
- * table entries.  The AA&N method leaves only 5 multiplies and 29 adds
- * to be done in the DCT itself.
- * The primary disadvantage of this method is that with a fixed-point
- * implementation, accuracy is lost due to imprecise representation of the
- * scaled quantization values.  However, that problem does not arise if
- * we use floating point arithmetic.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jdct.h"               /* Private declarations for DCT subsystem */
-
-#ifdef DCT_FLOAT_SUPPORTED
-
-
-/*
- * This module is specialized to the case DCTSIZE = 8.
- */
-
-#if DCTSIZE != 8
-  Sorry, this code only copes with 8x8 DCTs. /* deliberate syntax err */
-#endif
-
-
-/*
- * Perform the forward DCT on one block of samples.
- */
-
-GLOBAL(void)
-jpeg_fdct_float(FAST_FLOAT *data)
-{
-  FAST_FLOAT tmp0, tmp1, tmp2, tmp3, tmp4, tmp5, tmp6, tmp7;
-  FAST_FLOAT tmp10, tmp11, tmp12, tmp13;
-  FAST_FLOAT z1, z2, z3, z4, z5, z11, z13;
-  FAST_FLOAT *dataptr;
-  int ctr;
-
-  /* Pass 1: process rows. */
-
-  dataptr = data;
-  for (ctr = DCTSIZE - 1; ctr >= 0; ctr--) {
-    tmp0 = dataptr[0] + dataptr[7];
-    tmp7 = dataptr[0] - dataptr[7];
-    tmp1 = dataptr[1] + dataptr[6];
-    tmp6 = dataptr[1] - dataptr[6];
-    tmp2 = dataptr[2] + dataptr[5];
-    tmp5 = dataptr[2] - dataptr[5];
-    tmp3 = dataptr[3] + dataptr[4];
-    tmp4 = dataptr[3] - dataptr[4];
-
-    /* Even part */
-
-    tmp10 = tmp0 + tmp3;        /* phase 2 */
-    tmp13 = tmp0 - tmp3;
-    tmp11 = tmp1 + tmp2;
-    tmp12 = tmp1 - tmp2;
-
-    dataptr[0] = tmp10 + tmp11; /* phase 3 */
-    dataptr[4] = tmp10 - tmp11;
-
-    z1 = (tmp12 + tmp13) * ((FAST_FLOAT)0.707106781); /* c4 */
-    dataptr[2] = tmp13 + z1;    /* phase 5 */
-    dataptr[6] = tmp13 - z1;
-
-    /* Odd part */
-
-    tmp10 = tmp4 + tmp5;        /* phase 2 */
-    tmp11 = tmp5 + tmp6;
-    tmp12 = tmp6 + tmp7;
-
-    /* The rotator is modified from fig 4-8 to avoid extra negations. */
-    z5 = (tmp10 - tmp12) * ((FAST_FLOAT)0.382683433); /* c6 */
-    z2 = ((FAST_FLOAT)0.541196100) * tmp10 + z5; /* c2-c6 */
-    z4 = ((FAST_FLOAT)1.306562965) * tmp12 + z5; /* c2+c6 */
-    z3 = tmp11 * ((FAST_FLOAT)0.707106781); /* c4 */
-
-    z11 = tmp7 + z3;            /* phase 5 */
-    z13 = tmp7 - z3;
-
-    dataptr[5] = z13 + z2;      /* phase 6 */
-    dataptr[3] = z13 - z2;
-    dataptr[1] = z11 + z4;
-    dataptr[7] = z11 - z4;
-
-    dataptr += DCTSIZE;         /* advance pointer to next row */
-  }
-
-  /* Pass 2: process columns. */
-
-  dataptr = data;
-  for (ctr = DCTSIZE - 1; ctr >= 0; ctr--) {
-    tmp0 = dataptr[DCTSIZE * 0] + dataptr[DCTSIZE * 7];
-    tmp7 = dataptr[DCTSIZE * 0] - dataptr[DCTSIZE * 7];
-    tmp1 = dataptr[DCTSIZE * 1] + dataptr[DCTSIZE * 6];
-    tmp6 = dataptr[DCTSIZE * 1] - dataptr[DCTSIZE * 6];
-    tmp2 = dataptr[DCTSIZE * 2] + dataptr[DCTSIZE * 5];
-    tmp5 = dataptr[DCTSIZE * 2] - dataptr[DCTSIZE * 5];
-    tmp3 = dataptr[DCTSIZE * 3] + dataptr[DCTSIZE * 4];
-    tmp4 = dataptr[DCTSIZE * 3] - dataptr[DCTSIZE * 4];
-
-    /* Even part */
-
-    tmp10 = tmp0 + tmp3;        /* phase 2 */
-    tmp13 = tmp0 - tmp3;
-    tmp11 = tmp1 + tmp2;
-    tmp12 = tmp1 - tmp2;
-
-    dataptr[DCTSIZE * 0] = tmp10 + tmp11; /* phase 3 */
-    dataptr[DCTSIZE * 4] = tmp10 - tmp11;
-
-    z1 = (tmp12 + tmp13) * ((FAST_FLOAT)0.707106781); /* c4 */
-    dataptr[DCTSIZE * 2] = tmp13 + z1; /* phase 5 */
-    dataptr[DCTSIZE * 6] = tmp13 - z1;
-
-    /* Odd part */
-
-    tmp10 = tmp4 + tmp5;        /* phase 2 */
-    tmp11 = tmp5 + tmp6;
-    tmp12 = tmp6 + tmp7;
-
-    /* The rotator is modified from fig 4-8 to avoid extra negations. */
-    z5 = (tmp10 - tmp12) * ((FAST_FLOAT)0.382683433); /* c6 */
-    z2 = ((FAST_FLOAT)0.541196100) * tmp10 + z5; /* c2-c6 */
-    z4 = ((FAST_FLOAT)1.306562965) * tmp12 + z5; /* c2+c6 */
-    z3 = tmp11 * ((FAST_FLOAT)0.707106781); /* c4 */
-
-    z11 = tmp7 + z3;            /* phase 5 */
-    z13 = tmp7 - z3;
-
-    dataptr[DCTSIZE * 5] = z13 + z2; /* phase 6 */
-    dataptr[DCTSIZE * 3] = z13 - z2;
-    dataptr[DCTSIZE * 1] = z11 + z4;
-    dataptr[DCTSIZE * 7] = z11 - z4;
-
-    dataptr++;                  /* advance pointer to next column */
-  }
-}
-
-#endif /* DCT_FLOAT_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jfdctfst.c b/3rdparty/libjpeg-turbo_2_1_0/jfdctfst.c
deleted file mode 100644
index 4c9ce0d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jfdctfst.c
+++ /dev/null
@@ -1,227 +0,0 @@
-/*
- * jfdctfst.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2015, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains a fast, not so accurate integer implementation of the
- * forward DCT (Discrete Cosine Transform).
- *
- * A 2-D DCT can be done by 1-D DCT on each row followed by 1-D DCT
- * on each column.  Direct algorithms are also available, but they are
- * much more complex and seem not to be any faster when reduced to code.
- *
- * This implementation is based on Arai, Agui, and Nakajima's algorithm for
- * scaled DCT.  Their original paper (Trans. IEICE E-71(11):1095) is in
- * Japanese, but the algorithm is described in the Pennebaker & Mitchell
- * JPEG textbook (see REFERENCES section in file README.ijg).  The following
- * code is based directly on figure 4-8 in P&M.
- * While an 8-point DCT cannot be done in less than 11 multiplies, it is
- * possible to arrange the computation so that many of the multiplies are
- * simple scalings of the final outputs.  These multiplies can then be
- * folded into the multiplications or divisions by the JPEG quantization
- * table entries.  The AA&N method leaves only 5 multiplies and 29 adds
- * to be done in the DCT itself.
- * The primary disadvantage of this method is that with fixed-point math,
- * accuracy is lost due to imprecise representation of the scaled
- * quantization values.  The smaller the quantization table entry, the less
- * precise the scaled value, so this implementation does worse with high-
- * quality-setting files than with low-quality ones.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jdct.h"               /* Private declarations for DCT subsystem */
-
-#ifdef DCT_IFAST_SUPPORTED
-
-
-/*
- * This module is specialized to the case DCTSIZE = 8.
- */
-
-#if DCTSIZE != 8
-  Sorry, this code only copes with 8x8 DCTs. /* deliberate syntax err */
-#endif
-
-
-/* Scaling decisions are generally the same as in the LL&M algorithm;
- * see jfdctint.c for more details.  However, we choose to descale
- * (right shift) multiplication products as soon as they are formed,
- * rather than carrying additional fractional bits into subsequent additions.
- * This compromises accuracy slightly, but it lets us save a few shifts.
- * More importantly, 16-bit arithmetic is then adequate (for 8-bit samples)
- * everywhere except in the multiplications proper; this saves a good deal
- * of work on 16-bit-int machines.
- *
- * Again to save a few shifts, the intermediate results between pass 1 and
- * pass 2 are not upscaled, but are represented only to integral precision.
- *
- * A final compromise is to represent the multiplicative constants to only
- * 8 fractional bits, rather than 13.  This saves some shifting work on some
- * machines, and may also reduce the cost of multiplication (since there
- * are fewer one-bits in the constants).
- */
-
-#define CONST_BITS  8
-
-
-/* Some C compilers fail to reduce "FIX(constant)" at compile time, thus
- * causing a lot of useless floating-point operations at run time.
- * To get around this we use the following pre-calculated constants.
- * If you change CONST_BITS you may want to add appropriate values.
- * (With a reasonable C compiler, you can just rely on the FIX() macro...)
- */
-
-#if CONST_BITS == 8
-#define FIX_0_382683433  ((JLONG)98)            /* FIX(0.382683433) */
-#define FIX_0_541196100  ((JLONG)139)           /* FIX(0.541196100) */
-#define FIX_0_707106781  ((JLONG)181)           /* FIX(0.707106781) */
-#define FIX_1_306562965  ((JLONG)334)           /* FIX(1.306562965) */
-#else
-#define FIX_0_382683433  FIX(0.382683433)
-#define FIX_0_541196100  FIX(0.541196100)
-#define FIX_0_707106781  FIX(0.707106781)
-#define FIX_1_306562965  FIX(1.306562965)
-#endif
-
-
-/* We can gain a little more speed, with a further compromise in accuracy,
- * by omitting the addition in a descaling shift.  This yields an incorrectly
- * rounded result half the time...
- */
-
-#ifndef USE_ACCURATE_ROUNDING
-#undef DESCALE
-#define DESCALE(x, n)  RIGHT_SHIFT(x, n)
-#endif
-
-
-/* Multiply a DCTELEM variable by an JLONG constant, and immediately
- * descale to yield a DCTELEM result.
- */
-
-#define MULTIPLY(var, const)  ((DCTELEM)DESCALE((var) * (const), CONST_BITS))
-
-
-/*
- * Perform the forward DCT on one block of samples.
- */
-
-GLOBAL(void)
-jpeg_fdct_ifast(DCTELEM *data)
-{
-  DCTELEM tmp0, tmp1, tmp2, tmp3, tmp4, tmp5, tmp6, tmp7;
-  DCTELEM tmp10, tmp11, tmp12, tmp13;
-  DCTELEM z1, z2, z3, z4, z5, z11, z13;
-  DCTELEM *dataptr;
-  int ctr;
-  SHIFT_TEMPS
-
-  /* Pass 1: process rows. */
-
-  dataptr = data;
-  for (ctr = DCTSIZE - 1; ctr >= 0; ctr--) {
-    tmp0 = dataptr[0] + dataptr[7];
-    tmp7 = dataptr[0] - dataptr[7];
-    tmp1 = dataptr[1] + dataptr[6];
-    tmp6 = dataptr[1] - dataptr[6];
-    tmp2 = dataptr[2] + dataptr[5];
-    tmp5 = dataptr[2] - dataptr[5];
-    tmp3 = dataptr[3] + dataptr[4];
-    tmp4 = dataptr[3] - dataptr[4];
-
-    /* Even part */
-
-    tmp10 = tmp0 + tmp3;        /* phase 2 */
-    tmp13 = tmp0 - tmp3;
-    tmp11 = tmp1 + tmp2;
-    tmp12 = tmp1 - tmp2;
-
-    dataptr[0] = tmp10 + tmp11; /* phase 3 */
-    dataptr[4] = tmp10 - tmp11;
-
-    z1 = MULTIPLY(tmp12 + tmp13, FIX_0_707106781); /* c4 */
-    dataptr[2] = tmp13 + z1;    /* phase 5 */
-    dataptr[6] = tmp13 - z1;
-
-    /* Odd part */
-
-    tmp10 = tmp4 + tmp5;        /* phase 2 */
-    tmp11 = tmp5 + tmp6;
-    tmp12 = tmp6 + tmp7;
-
-    /* The rotator is modified from fig 4-8 to avoid extra negations. */
-    z5 = MULTIPLY(tmp10 - tmp12, FIX_0_382683433); /* c6 */
-    z2 = MULTIPLY(tmp10, FIX_0_541196100) + z5; /* c2-c6 */
-    z4 = MULTIPLY(tmp12, FIX_1_306562965) + z5; /* c2+c6 */
-    z3 = MULTIPLY(tmp11, FIX_0_707106781); /* c4 */
-
-    z11 = tmp7 + z3;            /* phase 5 */
-    z13 = tmp7 - z3;
-
-    dataptr[5] = z13 + z2;      /* phase 6 */
-    dataptr[3] = z13 - z2;
-    dataptr[1] = z11 + z4;
-    dataptr[7] = z11 - z4;
-
-    dataptr += DCTSIZE;         /* advance pointer to next row */
-  }
-
-  /* Pass 2: process columns. */
-
-  dataptr = data;
-  for (ctr = DCTSIZE - 1; ctr >= 0; ctr--) {
-    tmp0 = dataptr[DCTSIZE * 0] + dataptr[DCTSIZE * 7];
-    tmp7 = dataptr[DCTSIZE * 0] - dataptr[DCTSIZE * 7];
-    tmp1 = dataptr[DCTSIZE * 1] + dataptr[DCTSIZE * 6];
-    tmp6 = dataptr[DCTSIZE * 1] - dataptr[DCTSIZE * 6];
-    tmp2 = dataptr[DCTSIZE * 2] + dataptr[DCTSIZE * 5];
-    tmp5 = dataptr[DCTSIZE * 2] - dataptr[DCTSIZE * 5];
-    tmp3 = dataptr[DCTSIZE * 3] + dataptr[DCTSIZE * 4];
-    tmp4 = dataptr[DCTSIZE * 3] - dataptr[DCTSIZE * 4];
-
-    /* Even part */
-
-    tmp10 = tmp0 + tmp3;        /* phase 2 */
-    tmp13 = tmp0 - tmp3;
-    tmp11 = tmp1 + tmp2;
-    tmp12 = tmp1 - tmp2;
-
-    dataptr[DCTSIZE * 0] = tmp10 + tmp11; /* phase 3 */
-    dataptr[DCTSIZE * 4] = tmp10 - tmp11;
-
-    z1 = MULTIPLY(tmp12 + tmp13, FIX_0_707106781); /* c4 */
-    dataptr[DCTSIZE * 2] = tmp13 + z1; /* phase 5 */
-    dataptr[DCTSIZE * 6] = tmp13 - z1;
-
-    /* Odd part */
-
-    tmp10 = tmp4 + tmp5;        /* phase 2 */
-    tmp11 = tmp5 + tmp6;
-    tmp12 = tmp6 + tmp7;
-
-    /* The rotator is modified from fig 4-8 to avoid extra negations. */
-    z5 = MULTIPLY(tmp10 - tmp12, FIX_0_382683433); /* c6 */
-    z2 = MULTIPLY(tmp10, FIX_0_541196100) + z5; /* c2-c6 */
-    z4 = MULTIPLY(tmp12, FIX_1_306562965) + z5; /* c2+c6 */
-    z3 = MULTIPLY(tmp11, FIX_0_707106781); /* c4 */
-
-    z11 = tmp7 + z3;            /* phase 5 */
-    z13 = tmp7 - z3;
-
-    dataptr[DCTSIZE * 5] = z13 + z2; /* phase 6 */
-    dataptr[DCTSIZE * 3] = z13 - z2;
-    dataptr[DCTSIZE * 1] = z11 + z4;
-    dataptr[DCTSIZE * 7] = z11 - z4;
-
-    dataptr++;                  /* advance pointer to next column */
-  }
-}
-
-#endif /* DCT_IFAST_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jfdctint.c b/3rdparty/libjpeg-turbo_2_1_0/jfdctint.c
deleted file mode 100644
index c95a3a7..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jfdctint.c
+++ /dev/null
@@ -1,288 +0,0 @@
-/*
- * jfdctint.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1996, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2015, 2020, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains a slower but more accurate integer implementation of the
- * forward DCT (Discrete Cosine Transform).
- *
- * A 2-D DCT can be done by 1-D DCT on each row followed by 1-D DCT
- * on each column.  Direct algorithms are also available, but they are
- * much more complex and seem not to be any faster when reduced to code.
- *
- * This implementation is based on an algorithm described in
- *   C. Loeffler, A. Ligtenberg and G. Moschytz, "Practical Fast 1-D DCT
- *   Algorithms with 11 Multiplications", Proc. Int'l. Conf. on Acoustics,
- *   Speech, and Signal Processing 1989 (ICASSP '89), pp. 988-991.
- * The primary algorithm described there uses 11 multiplies and 29 adds.
- * We use their alternate method with 12 multiplies and 32 adds.
- * The advantage of this method is that no data path contains more than one
- * multiplication; this allows a very simple and accurate implementation in
- * scaled fixed-point arithmetic, with a minimal number of shifts.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jdct.h"               /* Private declarations for DCT subsystem */
-
-#ifdef DCT_ISLOW_SUPPORTED
-
-
-/*
- * This module is specialized to the case DCTSIZE = 8.
- */
-
-#if DCTSIZE != 8
-  Sorry, this code only copes with 8x8 DCTs. /* deliberate syntax err */
-#endif
-
-
-/*
- * The poop on this scaling stuff is as follows:
- *
- * Each 1-D DCT step produces outputs which are a factor of sqrt(N)
- * larger than the true DCT outputs.  The final outputs are therefore
- * a factor of N larger than desired; since N=8 this can be cured by
- * a simple right shift at the end of the algorithm.  The advantage of
- * this arrangement is that we save two multiplications per 1-D DCT,
- * because the y0 and y4 outputs need not be divided by sqrt(N).
- * In the IJG code, this factor of 8 is removed by the quantization step
- * (in jcdctmgr.c), NOT in this module.
- *
- * We have to do addition and subtraction of the integer inputs, which
- * is no problem, and multiplication by fractional constants, which is
- * a problem to do in integer arithmetic.  We multiply all the constants
- * by CONST_SCALE and convert them to integer constants (thus retaining
- * CONST_BITS bits of precision in the constants).  After doing a
- * multiplication we have to divide the product by CONST_SCALE, with proper
- * rounding, to produce the correct output.  This division can be done
- * cheaply as a right shift of CONST_BITS bits.  We postpone shifting
- * as long as possible so that partial sums can be added together with
- * full fractional precision.
- *
- * The outputs of the first pass are scaled up by PASS1_BITS bits so that
- * they are represented to better-than-integral precision.  These outputs
- * require BITS_IN_JSAMPLE + PASS1_BITS + 3 bits; this fits in a 16-bit word
- * with the recommended scaling.  (For 12-bit sample data, the intermediate
- * array is JLONG anyway.)
- *
- * To avoid overflow of the 32-bit intermediate results in pass 2, we must
- * have BITS_IN_JSAMPLE + CONST_BITS + PASS1_BITS <= 26.  Error analysis
- * shows that the values given below are the most effective.
- */
-
-#if BITS_IN_JSAMPLE == 8
-#define CONST_BITS  13
-#define PASS1_BITS  2
-#else
-#define CONST_BITS  13
-#define PASS1_BITS  1           /* lose a little precision to avoid overflow */
-#endif
-
-/* Some C compilers fail to reduce "FIX(constant)" at compile time, thus
- * causing a lot of useless floating-point operations at run time.
- * To get around this we use the following pre-calculated constants.
- * If you change CONST_BITS you may want to add appropriate values.
- * (With a reasonable C compiler, you can just rely on the FIX() macro...)
- */
-
-#if CONST_BITS == 13
-#define FIX_0_298631336  ((JLONG)2446)          /* FIX(0.298631336) */
-#define FIX_0_390180644  ((JLONG)3196)          /* FIX(0.390180644) */
-#define FIX_0_541196100  ((JLONG)4433)          /* FIX(0.541196100) */
-#define FIX_0_765366865  ((JLONG)6270)          /* FIX(0.765366865) */
-#define FIX_0_899976223  ((JLONG)7373)          /* FIX(0.899976223) */
-#define FIX_1_175875602  ((JLONG)9633)          /* FIX(1.175875602) */
-#define FIX_1_501321110  ((JLONG)12299)         /* FIX(1.501321110) */
-#define FIX_1_847759065  ((JLONG)15137)         /* FIX(1.847759065) */
-#define FIX_1_961570560  ((JLONG)16069)         /* FIX(1.961570560) */
-#define FIX_2_053119869  ((JLONG)16819)         /* FIX(2.053119869) */
-#define FIX_2_562915447  ((JLONG)20995)         /* FIX(2.562915447) */
-#define FIX_3_072711026  ((JLONG)25172)         /* FIX(3.072711026) */
-#else
-#define FIX_0_298631336  FIX(0.298631336)
-#define FIX_0_390180644  FIX(0.390180644)
-#define FIX_0_541196100  FIX(0.541196100)
-#define FIX_0_765366865  FIX(0.765366865)
-#define FIX_0_899976223  FIX(0.899976223)
-#define FIX_1_175875602  FIX(1.175875602)
-#define FIX_1_501321110  FIX(1.501321110)
-#define FIX_1_847759065  FIX(1.847759065)
-#define FIX_1_961570560  FIX(1.961570560)
-#define FIX_2_053119869  FIX(2.053119869)
-#define FIX_2_562915447  FIX(2.562915447)
-#define FIX_3_072711026  FIX(3.072711026)
-#endif
-
-
-/* Multiply an JLONG variable by an JLONG constant to yield an JLONG result.
- * For 8-bit samples with the recommended scaling, all the variable
- * and constant values involved are no more than 16 bits wide, so a
- * 16x16->32 bit multiply can be used instead of a full 32x32 multiply.
- * For 12-bit samples, a full 32-bit multiplication will be needed.
- */
-
-#if BITS_IN_JSAMPLE == 8
-#define MULTIPLY(var, const)  MULTIPLY16C16(var, const)
-#else
-#define MULTIPLY(var, const)  ((var) * (const))
-#endif
-
-
-/*
- * Perform the forward DCT on one block of samples.
- */
-
-GLOBAL(void)
-jpeg_fdct_islow(DCTELEM *data)
-{
-  JLONG tmp0, tmp1, tmp2, tmp3, tmp4, tmp5, tmp6, tmp7;
-  JLONG tmp10, tmp11, tmp12, tmp13;
-  JLONG z1, z2, z3, z4, z5;
-  DCTELEM *dataptr;
-  int ctr;
-  SHIFT_TEMPS
-
-  /* Pass 1: process rows. */
-  /* Note results are scaled up by sqrt(8) compared to a true DCT; */
-  /* furthermore, we scale the results by 2**PASS1_BITS. */
-
-  dataptr = data;
-  for (ctr = DCTSIZE - 1; ctr >= 0; ctr--) {
-    tmp0 = dataptr[0] + dataptr[7];
-    tmp7 = dataptr[0] - dataptr[7];
-    tmp1 = dataptr[1] + dataptr[6];
-    tmp6 = dataptr[1] - dataptr[6];
-    tmp2 = dataptr[2] + dataptr[5];
-    tmp5 = dataptr[2] - dataptr[5];
-    tmp3 = dataptr[3] + dataptr[4];
-    tmp4 = dataptr[3] - dataptr[4];
-
-    /* Even part per LL&M figure 1 --- note that published figure is faulty;
-     * rotator "sqrt(2)*c1" should be "sqrt(2)*c6".
-     */
-
-    tmp10 = tmp0 + tmp3;
-    tmp13 = tmp0 - tmp3;
-    tmp11 = tmp1 + tmp2;
-    tmp12 = tmp1 - tmp2;
-
-    dataptr[0] = (DCTELEM)LEFT_SHIFT(tmp10 + tmp11, PASS1_BITS);
-    dataptr[4] = (DCTELEM)LEFT_SHIFT(tmp10 - tmp11, PASS1_BITS);
-
-    z1 = MULTIPLY(tmp12 + tmp13, FIX_0_541196100);
-    dataptr[2] = (DCTELEM)DESCALE(z1 + MULTIPLY(tmp13, FIX_0_765366865),
-                                  CONST_BITS - PASS1_BITS);
-    dataptr[6] = (DCTELEM)DESCALE(z1 + MULTIPLY(tmp12, -FIX_1_847759065),
-                                  CONST_BITS - PASS1_BITS);
-
-    /* Odd part per figure 8 --- note paper omits factor of sqrt(2).
-     * cK represents cos(K*pi/16).
-     * i0..i3 in the paper are tmp4..tmp7 here.
-     */
-
-    z1 = tmp4 + tmp7;
-    z2 = tmp5 + tmp6;
-    z3 = tmp4 + tmp6;
-    z4 = tmp5 + tmp7;
-    z5 = MULTIPLY(z3 + z4, FIX_1_175875602); /* sqrt(2) * c3 */
-
-    tmp4 = MULTIPLY(tmp4, FIX_0_298631336); /* sqrt(2) * (-c1+c3+c5-c7) */
-    tmp5 = MULTIPLY(tmp5, FIX_2_053119869); /* sqrt(2) * ( c1+c3-c5+c7) */
-    tmp6 = MULTIPLY(tmp6, FIX_3_072711026); /* sqrt(2) * ( c1+c3+c5-c7) */
-    tmp7 = MULTIPLY(tmp7, FIX_1_501321110); /* sqrt(2) * ( c1+c3-c5-c7) */
-    z1 = MULTIPLY(z1, -FIX_0_899976223); /* sqrt(2) * ( c7-c3) */
-    z2 = MULTIPLY(z2, -FIX_2_562915447); /* sqrt(2) * (-c1-c3) */
-    z3 = MULTIPLY(z3, -FIX_1_961570560); /* sqrt(2) * (-c3-c5) */
-    z4 = MULTIPLY(z4, -FIX_0_390180644); /* sqrt(2) * ( c5-c3) */
-
-    z3 += z5;
-    z4 += z5;
-
-    dataptr[7] = (DCTELEM)DESCALE(tmp4 + z1 + z3, CONST_BITS - PASS1_BITS);
-    dataptr[5] = (DCTELEM)DESCALE(tmp5 + z2 + z4, CONST_BITS - PASS1_BITS);
-    dataptr[3] = (DCTELEM)DESCALE(tmp6 + z2 + z3, CONST_BITS - PASS1_BITS);
-    dataptr[1] = (DCTELEM)DESCALE(tmp7 + z1 + z4, CONST_BITS - PASS1_BITS);
-
-    dataptr += DCTSIZE;         /* advance pointer to next row */
-  }
-
-  /* Pass 2: process columns.
-   * We remove the PASS1_BITS scaling, but leave the results scaled up
-   * by an overall factor of 8.
-   */
-
-  dataptr = data;
-  for (ctr = DCTSIZE - 1; ctr >= 0; ctr--) {
-    tmp0 = dataptr[DCTSIZE * 0] + dataptr[DCTSIZE * 7];
-    tmp7 = dataptr[DCTSIZE * 0] - dataptr[DCTSIZE * 7];
-    tmp1 = dataptr[DCTSIZE * 1] + dataptr[DCTSIZE * 6];
-    tmp6 = dataptr[DCTSIZE * 1] - dataptr[DCTSIZE * 6];
-    tmp2 = dataptr[DCTSIZE * 2] + dataptr[DCTSIZE * 5];
-    tmp5 = dataptr[DCTSIZE * 2] - dataptr[DCTSIZE * 5];
-    tmp3 = dataptr[DCTSIZE * 3] + dataptr[DCTSIZE * 4];
-    tmp4 = dataptr[DCTSIZE * 3] - dataptr[DCTSIZE * 4];
-
-    /* Even part per LL&M figure 1 --- note that published figure is faulty;
-     * rotator "sqrt(2)*c1" should be "sqrt(2)*c6".
-     */
-
-    tmp10 = tmp0 + tmp3;
-    tmp13 = tmp0 - tmp3;
-    tmp11 = tmp1 + tmp2;
-    tmp12 = tmp1 - tmp2;
-
-    dataptr[DCTSIZE * 0] = (DCTELEM)DESCALE(tmp10 + tmp11, PASS1_BITS);
-    dataptr[DCTSIZE * 4] = (DCTELEM)DESCALE(tmp10 - tmp11, PASS1_BITS);
-
-    z1 = MULTIPLY(tmp12 + tmp13, FIX_0_541196100);
-    dataptr[DCTSIZE * 2] =
-      (DCTELEM)DESCALE(z1 + MULTIPLY(tmp13, FIX_0_765366865),
-                       CONST_BITS + PASS1_BITS);
-    dataptr[DCTSIZE * 6] =
-      (DCTELEM)DESCALE(z1 + MULTIPLY(tmp12, -FIX_1_847759065),
-                       CONST_BITS + PASS1_BITS);
-
-    /* Odd part per figure 8 --- note paper omits factor of sqrt(2).
-     * cK represents cos(K*pi/16).
-     * i0..i3 in the paper are tmp4..tmp7 here.
-     */
-
-    z1 = tmp4 + tmp7;
-    z2 = tmp5 + tmp6;
-    z3 = tmp4 + tmp6;
-    z4 = tmp5 + tmp7;
-    z5 = MULTIPLY(z3 + z4, FIX_1_175875602); /* sqrt(2) * c3 */
-
-    tmp4 = MULTIPLY(tmp4, FIX_0_298631336); /* sqrt(2) * (-c1+c3+c5-c7) */
-    tmp5 = MULTIPLY(tmp5, FIX_2_053119869); /* sqrt(2) * ( c1+c3-c5+c7) */
-    tmp6 = MULTIPLY(tmp6, FIX_3_072711026); /* sqrt(2) * ( c1+c3+c5-c7) */
-    tmp7 = MULTIPLY(tmp7, FIX_1_501321110); /* sqrt(2) * ( c1+c3-c5-c7) */
-    z1 = MULTIPLY(z1, -FIX_0_899976223); /* sqrt(2) * ( c7-c3) */
-    z2 = MULTIPLY(z2, -FIX_2_562915447); /* sqrt(2) * (-c1-c3) */
-    z3 = MULTIPLY(z3, -FIX_1_961570560); /* sqrt(2) * (-c3-c5) */
-    z4 = MULTIPLY(z4, -FIX_0_390180644); /* sqrt(2) * ( c5-c3) */
-
-    z3 += z5;
-    z4 += z5;
-
-    dataptr[DCTSIZE * 7] = (DCTELEM)DESCALE(tmp4 + z1 + z3,
-                                            CONST_BITS + PASS1_BITS);
-    dataptr[DCTSIZE * 5] = (DCTELEM)DESCALE(tmp5 + z2 + z4,
-                                            CONST_BITS + PASS1_BITS);
-    dataptr[DCTSIZE * 3] = (DCTELEM)DESCALE(tmp6 + z2 + z3,
-                                            CONST_BITS + PASS1_BITS);
-    dataptr[DCTSIZE * 1] = (DCTELEM)DESCALE(tmp7 + z1 + z4,
-                                            CONST_BITS + PASS1_BITS);
-
-    dataptr++;                  /* advance pointer to next column */
-  }
-}
-
-#endif /* DCT_ISLOW_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jidctflt.c b/3rdparty/libjpeg-turbo_2_1_0/jidctflt.c
deleted file mode 100644
index 5aee74e..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jidctflt.c
+++ /dev/null
@@ -1,240 +0,0 @@
-/*
- * jidctflt.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1998, Thomas G. Lane.
- * Modified 2010 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2014, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains a floating-point implementation of the
- * inverse DCT (Discrete Cosine Transform).  In the IJG code, this routine
- * must also perform dequantization of the input coefficients.
- *
- * This implementation should be more accurate than either of the integer
- * IDCT implementations.  However, it may not give the same results on all
- * machines because of differences in roundoff behavior.  Speed will depend
- * on the hardware's floating point capacity.
- *
- * A 2-D IDCT can be done by 1-D IDCT on each column followed by 1-D IDCT
- * on each row (or vice versa, but it's more convenient to emit a row at
- * a time).  Direct algorithms are also available, but they are much more
- * complex and seem not to be any faster when reduced to code.
- *
- * This implementation is based on Arai, Agui, and Nakajima's algorithm for
- * scaled DCT.  Their original paper (Trans. IEICE E-71(11):1095) is in
- * Japanese, but the algorithm is described in the Pennebaker & Mitchell
- * JPEG textbook (see REFERENCES section in file README.ijg).  The following
- * code is based directly on figure 4-8 in P&M.
- * While an 8-point DCT cannot be done in less than 11 multiplies, it is
- * possible to arrange the computation so that many of the multiplies are
- * simple scalings of the final outputs.  These multiplies can then be
- * folded into the multiplications or divisions by the JPEG quantization
- * table entries.  The AA&N method leaves only 5 multiplies and 29 adds
- * to be done in the DCT itself.
- * The primary disadvantage of this method is that with a fixed-point
- * implementation, accuracy is lost due to imprecise representation of the
- * scaled quantization values.  However, that problem does not arise if
- * we use floating point arithmetic.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jdct.h"               /* Private declarations for DCT subsystem */
-
-#ifdef DCT_FLOAT_SUPPORTED
-
-
-/*
- * This module is specialized to the case DCTSIZE = 8.
- */
-
-#if DCTSIZE != 8
-  Sorry, this code only copes with 8x8 DCTs. /* deliberate syntax err */
-#endif
-
-
-/* Dequantize a coefficient by multiplying it by the multiplier-table
- * entry; produce a float result.
- */
-
-#define DEQUANTIZE(coef, quantval)  (((FAST_FLOAT)(coef)) * (quantval))
-
-
-/*
- * Perform dequantization and inverse DCT on one block of coefficients.
- */
-
-GLOBAL(void)
-jpeg_idct_float(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                JDIMENSION output_col)
-{
-  FAST_FLOAT tmp0, tmp1, tmp2, tmp3, tmp4, tmp5, tmp6, tmp7;
-  FAST_FLOAT tmp10, tmp11, tmp12, tmp13;
-  FAST_FLOAT z5, z10, z11, z12, z13;
-  JCOEFPTR inptr;
-  FLOAT_MULT_TYPE *quantptr;
-  FAST_FLOAT *wsptr;
-  JSAMPROW outptr;
-  JSAMPLE *range_limit = cinfo->sample_range_limit;
-  int ctr;
-  FAST_FLOAT workspace[DCTSIZE2]; /* buffers data between passes */
-#define _0_125  ((FLOAT_MULT_TYPE)0.125)
-
-  /* Pass 1: process columns from input, store into work array. */
-
-  inptr = coef_block;
-  quantptr = (FLOAT_MULT_TYPE *)compptr->dct_table;
-  wsptr = workspace;
-  for (ctr = DCTSIZE; ctr > 0; ctr--) {
-    /* Due to quantization, we will usually find that many of the input
-     * coefficients are zero, especially the AC terms.  We can exploit this
-     * by short-circuiting the IDCT calculation for any column in which all
-     * the AC terms are zero.  In that case each output is equal to the
-     * DC coefficient (with scale factor as needed).
-     * With typical images and quantization tables, half or more of the
-     * column DCT calculations can be simplified this way.
-     */
-
-    if (inptr[DCTSIZE * 1] == 0 && inptr[DCTSIZE * 2] == 0 &&
-        inptr[DCTSIZE * 3] == 0 && inptr[DCTSIZE * 4] == 0 &&
-        inptr[DCTSIZE * 5] == 0 && inptr[DCTSIZE * 6] == 0 &&
-        inptr[DCTSIZE * 7] == 0) {
-      /* AC terms all zero */
-      FAST_FLOAT dcval = DEQUANTIZE(inptr[DCTSIZE * 0],
-                                    quantptr[DCTSIZE * 0] * _0_125);
-
-      wsptr[DCTSIZE * 0] = dcval;
-      wsptr[DCTSIZE * 1] = dcval;
-      wsptr[DCTSIZE * 2] = dcval;
-      wsptr[DCTSIZE * 3] = dcval;
-      wsptr[DCTSIZE * 4] = dcval;
-      wsptr[DCTSIZE * 5] = dcval;
-      wsptr[DCTSIZE * 6] = dcval;
-      wsptr[DCTSIZE * 7] = dcval;
-
-      inptr++;                  /* advance pointers to next column */
-      quantptr++;
-      wsptr++;
-      continue;
-    }
-
-    /* Even part */
-
-    tmp0 = DEQUANTIZE(inptr[DCTSIZE * 0], quantptr[DCTSIZE * 0] * _0_125);
-    tmp1 = DEQUANTIZE(inptr[DCTSIZE * 2], quantptr[DCTSIZE * 2] * _0_125);
-    tmp2 = DEQUANTIZE(inptr[DCTSIZE * 4], quantptr[DCTSIZE * 4] * _0_125);
-    tmp3 = DEQUANTIZE(inptr[DCTSIZE * 6], quantptr[DCTSIZE * 6] * _0_125);
-
-    tmp10 = tmp0 + tmp2;        /* phase 3 */
-    tmp11 = tmp0 - tmp2;
-
-    tmp13 = tmp1 + tmp3;        /* phases 5-3 */
-    tmp12 = (tmp1 - tmp3) * ((FAST_FLOAT)1.414213562) - tmp13; /* 2*c4 */
-
-    tmp0 = tmp10 + tmp13;       /* phase 2 */
-    tmp3 = tmp10 - tmp13;
-    tmp1 = tmp11 + tmp12;
-    tmp2 = tmp11 - tmp12;
-
-    /* Odd part */
-
-    tmp4 = DEQUANTIZE(inptr[DCTSIZE * 1], quantptr[DCTSIZE * 1] * _0_125);
-    tmp5 = DEQUANTIZE(inptr[DCTSIZE * 3], quantptr[DCTSIZE * 3] * _0_125);
-    tmp6 = DEQUANTIZE(inptr[DCTSIZE * 5], quantptr[DCTSIZE * 5] * _0_125);
-    tmp7 = DEQUANTIZE(inptr[DCTSIZE * 7], quantptr[DCTSIZE * 7] * _0_125);
-
-    z13 = tmp6 + tmp5;          /* phase 6 */
-    z10 = tmp6 - tmp5;
-    z11 = tmp4 + tmp7;
-    z12 = tmp4 - tmp7;
-
-    tmp7 = z11 + z13;           /* phase 5 */
-    tmp11 = (z11 - z13) * ((FAST_FLOAT)1.414213562); /* 2*c4 */
-
-    z5 = (z10 + z12) * ((FAST_FLOAT)1.847759065); /* 2*c2 */
-    tmp10 = z5 - z12 * ((FAST_FLOAT)1.082392200); /* 2*(c2-c6) */
-    tmp12 = z5 - z10 * ((FAST_FLOAT)2.613125930); /* 2*(c2+c6) */
-
-    tmp6 = tmp12 - tmp7;        /* phase 2 */
-    tmp5 = tmp11 - tmp6;
-    tmp4 = tmp10 - tmp5;
-
-    wsptr[DCTSIZE * 0] = tmp0 + tmp7;
-    wsptr[DCTSIZE * 7] = tmp0 - tmp7;
-    wsptr[DCTSIZE * 1] = tmp1 + tmp6;
-    wsptr[DCTSIZE * 6] = tmp1 - tmp6;
-    wsptr[DCTSIZE * 2] = tmp2 + tmp5;
-    wsptr[DCTSIZE * 5] = tmp2 - tmp5;
-    wsptr[DCTSIZE * 3] = tmp3 + tmp4;
-    wsptr[DCTSIZE * 4] = tmp3 - tmp4;
-
-    inptr++;                    /* advance pointers to next column */
-    quantptr++;
-    wsptr++;
-  }
-
-  /* Pass 2: process rows from work array, store into output array. */
-
-  wsptr = workspace;
-  for (ctr = 0; ctr < DCTSIZE; ctr++) {
-    outptr = output_buf[ctr] + output_col;
-    /* Rows of zeroes can be exploited in the same way as we did with columns.
-     * However, the column calculation has created many nonzero AC terms, so
-     * the simplification applies less often (typically 5% to 10% of the time).
-     * And testing floats for zero is relatively expensive, so we don't bother.
-     */
-
-    /* Even part */
-
-    /* Apply signed->unsigned and prepare float->int conversion */
-    z5 = wsptr[0] + ((FAST_FLOAT)CENTERJSAMPLE + (FAST_FLOAT)0.5);
-    tmp10 = z5 + wsptr[4];
-    tmp11 = z5 - wsptr[4];
-
-    tmp13 = wsptr[2] + wsptr[6];
-    tmp12 = (wsptr[2] - wsptr[6]) * ((FAST_FLOAT)1.414213562) - tmp13;
-
-    tmp0 = tmp10 + tmp13;
-    tmp3 = tmp10 - tmp13;
-    tmp1 = tmp11 + tmp12;
-    tmp2 = tmp11 - tmp12;
-
-    /* Odd part */
-
-    z13 = wsptr[5] + wsptr[3];
-    z10 = wsptr[5] - wsptr[3];
-    z11 = wsptr[1] + wsptr[7];
-    z12 = wsptr[1] - wsptr[7];
-
-    tmp7 = z11 + z13;
-    tmp11 = (z11 - z13) * ((FAST_FLOAT)1.414213562);
-
-    z5 = (z10 + z12) * ((FAST_FLOAT)1.847759065); /* 2*c2 */
-    tmp10 = z5 - z12 * ((FAST_FLOAT)1.082392200); /* 2*(c2-c6) */
-    tmp12 = z5 - z10 * ((FAST_FLOAT)2.613125930); /* 2*(c2+c6) */
-
-    tmp6 = tmp12 - tmp7;
-    tmp5 = tmp11 - tmp6;
-    tmp4 = tmp10 - tmp5;
-
-    /* Final output stage: float->int conversion and range-limit */
-
-    outptr[0] = range_limit[((int)(tmp0 + tmp7)) & RANGE_MASK];
-    outptr[7] = range_limit[((int)(tmp0 - tmp7)) & RANGE_MASK];
-    outptr[1] = range_limit[((int)(tmp1 + tmp6)) & RANGE_MASK];
-    outptr[6] = range_limit[((int)(tmp1 - tmp6)) & RANGE_MASK];
-    outptr[2] = range_limit[((int)(tmp2 + tmp5)) & RANGE_MASK];
-    outptr[5] = range_limit[((int)(tmp2 - tmp5)) & RANGE_MASK];
-    outptr[3] = range_limit[((int)(tmp3 + tmp4)) & RANGE_MASK];
-    outptr[4] = range_limit[((int)(tmp3 - tmp4)) & RANGE_MASK];
-
-    wsptr += DCTSIZE;           /* advance pointer to next row */
-  }
-}
-
-#endif /* DCT_FLOAT_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jidctfst.c b/3rdparty/libjpeg-turbo_2_1_0/jidctfst.c
deleted file mode 100644
index 89a20c9..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jidctfst.c
+++ /dev/null
@@ -1,371 +0,0 @@
-/*
- * jidctfst.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1998, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2015, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains a fast, not so accurate integer implementation of the
- * inverse DCT (Discrete Cosine Transform).  In the IJG code, this routine
- * must also perform dequantization of the input coefficients.
- *
- * A 2-D IDCT can be done by 1-D IDCT on each column followed by 1-D IDCT
- * on each row (or vice versa, but it's more convenient to emit a row at
- * a time).  Direct algorithms are also available, but they are much more
- * complex and seem not to be any faster when reduced to code.
- *
- * This implementation is based on Arai, Agui, and Nakajima's algorithm for
- * scaled DCT.  Their original paper (Trans. IEICE E-71(11):1095) is in
- * Japanese, but the algorithm is described in the Pennebaker & Mitchell
- * JPEG textbook (see REFERENCES section in file README.ijg).  The following
- * code is based directly on figure 4-8 in P&M.
- * While an 8-point DCT cannot be done in less than 11 multiplies, it is
- * possible to arrange the computation so that many of the multiplies are
- * simple scalings of the final outputs.  These multiplies can then be
- * folded into the multiplications or divisions by the JPEG quantization
- * table entries.  The AA&N method leaves only 5 multiplies and 29 adds
- * to be done in the DCT itself.
- * The primary disadvantage of this method is that with fixed-point math,
- * accuracy is lost due to imprecise representation of the scaled
- * quantization values.  The smaller the quantization table entry, the less
- * precise the scaled value, so this implementation does worse with high-
- * quality-setting files than with low-quality ones.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jdct.h"               /* Private declarations for DCT subsystem */
-
-#ifdef DCT_IFAST_SUPPORTED
-
-
-/*
- * This module is specialized to the case DCTSIZE = 8.
- */
-
-#if DCTSIZE != 8
-  Sorry, this code only copes with 8x8 DCTs. /* deliberate syntax err */
-#endif
-
-
-/* Scaling decisions are generally the same as in the LL&M algorithm;
- * see jidctint.c for more details.  However, we choose to descale
- * (right shift) multiplication products as soon as they are formed,
- * rather than carrying additional fractional bits into subsequent additions.
- * This compromises accuracy slightly, but it lets us save a few shifts.
- * More importantly, 16-bit arithmetic is then adequate (for 8-bit samples)
- * everywhere except in the multiplications proper; this saves a good deal
- * of work on 16-bit-int machines.
- *
- * The dequantized coefficients are not integers because the AA&N scaling
- * factors have been incorporated.  We represent them scaled up by PASS1_BITS,
- * so that the first and second IDCT rounds have the same input scaling.
- * For 8-bit JSAMPLEs, we choose IFAST_SCALE_BITS = PASS1_BITS so as to
- * avoid a descaling shift; this compromises accuracy rather drastically
- * for small quantization table entries, but it saves a lot of shifts.
- * For 12-bit JSAMPLEs, there's no hope of using 16x16 multiplies anyway,
- * so we use a much larger scaling factor to preserve accuracy.
- *
- * A final compromise is to represent the multiplicative constants to only
- * 8 fractional bits, rather than 13.  This saves some shifting work on some
- * machines, and may also reduce the cost of multiplication (since there
- * are fewer one-bits in the constants).
- */
-
-#if BITS_IN_JSAMPLE == 8
-#define CONST_BITS  8
-#define PASS1_BITS  2
-#else
-#define CONST_BITS  8
-#define PASS1_BITS  1           /* lose a little precision to avoid overflow */
-#endif
-
-/* Some C compilers fail to reduce "FIX(constant)" at compile time, thus
- * causing a lot of useless floating-point operations at run time.
- * To get around this we use the following pre-calculated constants.
- * If you change CONST_BITS you may want to add appropriate values.
- * (With a reasonable C compiler, you can just rely on the FIX() macro...)
- */
-
-#if CONST_BITS == 8
-#define FIX_1_082392200  ((JLONG)277)           /* FIX(1.082392200) */
-#define FIX_1_414213562  ((JLONG)362)           /* FIX(1.414213562) */
-#define FIX_1_847759065  ((JLONG)473)           /* FIX(1.847759065) */
-#define FIX_2_613125930  ((JLONG)669)           /* FIX(2.613125930) */
-#else
-#define FIX_1_082392200  FIX(1.082392200)
-#define FIX_1_414213562  FIX(1.414213562)
-#define FIX_1_847759065  FIX(1.847759065)
-#define FIX_2_613125930  FIX(2.613125930)
-#endif
-
-
-/* We can gain a little more speed, with a further compromise in accuracy,
- * by omitting the addition in a descaling shift.  This yields an incorrectly
- * rounded result half the time...
- */
-
-#ifndef USE_ACCURATE_ROUNDING
-#undef DESCALE
-#define DESCALE(x, n)  RIGHT_SHIFT(x, n)
-#endif
-
-
-/* Multiply a DCTELEM variable by an JLONG constant, and immediately
- * descale to yield a DCTELEM result.
- */
-
-#define MULTIPLY(var, const)  ((DCTELEM)DESCALE((var) * (const), CONST_BITS))
-
-
-/* Dequantize a coefficient by multiplying it by the multiplier-table
- * entry; produce a DCTELEM result.  For 8-bit data a 16x16->16
- * multiplication will do.  For 12-bit data, the multiplier table is
- * declared JLONG, so a 32-bit multiply will be used.
- */
-
-#if BITS_IN_JSAMPLE == 8
-#define DEQUANTIZE(coef, quantval)  (((IFAST_MULT_TYPE)(coef)) * (quantval))
-#else
-#define DEQUANTIZE(coef, quantval) \
-  DESCALE((coef) * (quantval), IFAST_SCALE_BITS - PASS1_BITS)
-#endif
-
-
-/* Like DESCALE, but applies to a DCTELEM and produces an int.
- * We assume that int right shift is unsigned if JLONG right shift is.
- */
-
-#ifdef RIGHT_SHIFT_IS_UNSIGNED
-#define ISHIFT_TEMPS    DCTELEM ishift_temp;
-#if BITS_IN_JSAMPLE == 8
-#define DCTELEMBITS  16         /* DCTELEM may be 16 or 32 bits */
-#else
-#define DCTELEMBITS  32         /* DCTELEM must be 32 bits */
-#endif
-#define IRIGHT_SHIFT(x, shft) \
-  ((ishift_temp = (x)) < 0 ? \
-   (ishift_temp >> (shft)) | ((~((DCTELEM)0)) << (DCTELEMBITS - (shft))) : \
-   (ishift_temp >> (shft)))
-#else
-#define ISHIFT_TEMPS
-#define IRIGHT_SHIFT(x, shft)   ((x) >> (shft))
-#endif
-
-#ifdef USE_ACCURATE_ROUNDING
-#define IDESCALE(x, n)  ((int)IRIGHT_SHIFT((x) + (1 << ((n) - 1)), n))
-#else
-#define IDESCALE(x, n)  ((int)IRIGHT_SHIFT(x, n))
-#endif
-
-
-/*
- * Perform dequantization and inverse DCT on one block of coefficients.
- */
-
-GLOBAL(void)
-jpeg_idct_ifast(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                JDIMENSION output_col)
-{
-  DCTELEM tmp0, tmp1, tmp2, tmp3, tmp4, tmp5, tmp6, tmp7;
-  DCTELEM tmp10, tmp11, tmp12, tmp13;
-  DCTELEM z5, z10, z11, z12, z13;
-  JCOEFPTR inptr;
-  IFAST_MULT_TYPE *quantptr;
-  int *wsptr;
-  JSAMPROW outptr;
-  JSAMPLE *range_limit = IDCT_range_limit(cinfo);
-  int ctr;
-  int workspace[DCTSIZE2];      /* buffers data between passes */
-  SHIFT_TEMPS                   /* for DESCALE */
-  ISHIFT_TEMPS                  /* for IDESCALE */
-
-  /* Pass 1: process columns from input, store into work array. */
-
-  inptr = coef_block;
-  quantptr = (IFAST_MULT_TYPE *)compptr->dct_table;
-  wsptr = workspace;
-  for (ctr = DCTSIZE; ctr > 0; ctr--) {
-    /* Due to quantization, we will usually find that many of the input
-     * coefficients are zero, especially the AC terms.  We can exploit this
-     * by short-circuiting the IDCT calculation for any column in which all
-     * the AC terms are zero.  In that case each output is equal to the
-     * DC coefficient (with scale factor as needed).
-     * With typical images and quantization tables, half or more of the
-     * column DCT calculations can be simplified this way.
-     */
-
-    if (inptr[DCTSIZE * 1] == 0 && inptr[DCTSIZE * 2] == 0 &&
-        inptr[DCTSIZE * 3] == 0 && inptr[DCTSIZE * 4] == 0 &&
-        inptr[DCTSIZE * 5] == 0 && inptr[DCTSIZE * 6] == 0 &&
-        inptr[DCTSIZE * 7] == 0) {
-      /* AC terms all zero */
-      int dcval = (int)DEQUANTIZE(inptr[DCTSIZE * 0], quantptr[DCTSIZE * 0]);
-
-      wsptr[DCTSIZE * 0] = dcval;
-      wsptr[DCTSIZE * 1] = dcval;
-      wsptr[DCTSIZE * 2] = dcval;
-      wsptr[DCTSIZE * 3] = dcval;
-      wsptr[DCTSIZE * 4] = dcval;
-      wsptr[DCTSIZE * 5] = dcval;
-      wsptr[DCTSIZE * 6] = dcval;
-      wsptr[DCTSIZE * 7] = dcval;
-
-      inptr++;                  /* advance pointers to next column */
-      quantptr++;
-      wsptr++;
-      continue;
-    }
-
-    /* Even part */
-
-    tmp0 = DEQUANTIZE(inptr[DCTSIZE * 0], quantptr[DCTSIZE * 0]);
-    tmp1 = DEQUANTIZE(inptr[DCTSIZE * 2], quantptr[DCTSIZE * 2]);
-    tmp2 = DEQUANTIZE(inptr[DCTSIZE * 4], quantptr[DCTSIZE * 4]);
-    tmp3 = DEQUANTIZE(inptr[DCTSIZE * 6], quantptr[DCTSIZE * 6]);
-
-    tmp10 = tmp0 + tmp2;        /* phase 3 */
-    tmp11 = tmp0 - tmp2;
-
-    tmp13 = tmp1 + tmp3;        /* phases 5-3 */
-    tmp12 = MULTIPLY(tmp1 - tmp3, FIX_1_414213562) - tmp13; /* 2*c4 */
-
-    tmp0 = tmp10 + tmp13;       /* phase 2 */
-    tmp3 = tmp10 - tmp13;
-    tmp1 = tmp11 + tmp12;
-    tmp2 = tmp11 - tmp12;
-
-    /* Odd part */
-
-    tmp4 = DEQUANTIZE(inptr[DCTSIZE * 1], quantptr[DCTSIZE * 1]);
-    tmp5 = DEQUANTIZE(inptr[DCTSIZE * 3], quantptr[DCTSIZE * 3]);
-    tmp6 = DEQUANTIZE(inptr[DCTSIZE * 5], quantptr[DCTSIZE * 5]);
-    tmp7 = DEQUANTIZE(inptr[DCTSIZE * 7], quantptr[DCTSIZE * 7]);
-
-    z13 = tmp6 + tmp5;          /* phase 6 */
-    z10 = tmp6 - tmp5;
-    z11 = tmp4 + tmp7;
-    z12 = tmp4 - tmp7;
-
-    tmp7 = z11 + z13;           /* phase 5 */
-    tmp11 = MULTIPLY(z11 - z13, FIX_1_414213562); /* 2*c4 */
-
-    z5 = MULTIPLY(z10 + z12, FIX_1_847759065); /* 2*c2 */
-    tmp10 = MULTIPLY(z12, FIX_1_082392200) - z5; /* 2*(c2-c6) */
-    tmp12 = MULTIPLY(z10, -FIX_2_613125930) + z5; /* -2*(c2+c6) */
-
-    tmp6 = tmp12 - tmp7;        /* phase 2 */
-    tmp5 = tmp11 - tmp6;
-    tmp4 = tmp10 + tmp5;
-
-    wsptr[DCTSIZE * 0] = (int)(tmp0 + tmp7);
-    wsptr[DCTSIZE * 7] = (int)(tmp0 - tmp7);
-    wsptr[DCTSIZE * 1] = (int)(tmp1 + tmp6);
-    wsptr[DCTSIZE * 6] = (int)(tmp1 - tmp6);
-    wsptr[DCTSIZE * 2] = (int)(tmp2 + tmp5);
-    wsptr[DCTSIZE * 5] = (int)(tmp2 - tmp5);
-    wsptr[DCTSIZE * 4] = (int)(tmp3 + tmp4);
-    wsptr[DCTSIZE * 3] = (int)(tmp3 - tmp4);
-
-    inptr++;                    /* advance pointers to next column */
-    quantptr++;
-    wsptr++;
-  }
-
-  /* Pass 2: process rows from work array, store into output array. */
-  /* Note that we must descale the results by a factor of 8 == 2**3, */
-  /* and also undo the PASS1_BITS scaling. */
-
-  wsptr = workspace;
-  for (ctr = 0; ctr < DCTSIZE; ctr++) {
-    outptr = output_buf[ctr] + output_col;
-    /* Rows of zeroes can be exploited in the same way as we did with columns.
-     * However, the column calculation has created many nonzero AC terms, so
-     * the simplification applies less often (typically 5% to 10% of the time).
-     * On machines with very fast multiplication, it's possible that the
-     * test takes more time than it's worth.  In that case this section
-     * may be commented out.
-     */
-
-#ifndef NO_ZERO_ROW_TEST
-    if (wsptr[1] == 0 && wsptr[2] == 0 && wsptr[3] == 0 && wsptr[4] == 0 &&
-        wsptr[5] == 0 && wsptr[6] == 0 && wsptr[7] == 0) {
-      /* AC terms all zero */
-      JSAMPLE dcval =
-        range_limit[IDESCALE(wsptr[0], PASS1_BITS + 3) & RANGE_MASK];
-
-      outptr[0] = dcval;
-      outptr[1] = dcval;
-      outptr[2] = dcval;
-      outptr[3] = dcval;
-      outptr[4] = dcval;
-      outptr[5] = dcval;
-      outptr[6] = dcval;
-      outptr[7] = dcval;
-
-      wsptr += DCTSIZE;         /* advance pointer to next row */
-      continue;
-    }
-#endif
-
-    /* Even part */
-
-    tmp10 = ((DCTELEM)wsptr[0] + (DCTELEM)wsptr[4]);
-    tmp11 = ((DCTELEM)wsptr[0] - (DCTELEM)wsptr[4]);
-
-    tmp13 = ((DCTELEM)wsptr[2] + (DCTELEM)wsptr[6]);
-    tmp12 =
-      MULTIPLY((DCTELEM)wsptr[2] - (DCTELEM)wsptr[6], FIX_1_414213562) - tmp13;
-
-    tmp0 = tmp10 + tmp13;
-    tmp3 = tmp10 - tmp13;
-    tmp1 = tmp11 + tmp12;
-    tmp2 = tmp11 - tmp12;
-
-    /* Odd part */
-
-    z13 = (DCTELEM)wsptr[5] + (DCTELEM)wsptr[3];
-    z10 = (DCTELEM)wsptr[5] - (DCTELEM)wsptr[3];
-    z11 = (DCTELEM)wsptr[1] + (DCTELEM)wsptr[7];
-    z12 = (DCTELEM)wsptr[1] - (DCTELEM)wsptr[7];
-
-    tmp7 = z11 + z13;           /* phase 5 */
-    tmp11 = MULTIPLY(z11 - z13, FIX_1_414213562); /* 2*c4 */
-
-    z5 = MULTIPLY(z10 + z12, FIX_1_847759065); /* 2*c2 */
-    tmp10 = MULTIPLY(z12, FIX_1_082392200) - z5; /* 2*(c2-c6) */
-    tmp12 = MULTIPLY(z10, -FIX_2_613125930) + z5; /* -2*(c2+c6) */
-
-    tmp6 = tmp12 - tmp7;        /* phase 2 */
-    tmp5 = tmp11 - tmp6;
-    tmp4 = tmp10 + tmp5;
-
-    /* Final output stage: scale down by a factor of 8 and range-limit */
-
-    outptr[0] =
-      range_limit[IDESCALE(tmp0 + tmp7, PASS1_BITS + 3) & RANGE_MASK];
-    outptr[7] =
-      range_limit[IDESCALE(tmp0 - tmp7, PASS1_BITS + 3) & RANGE_MASK];
-    outptr[1] =
-      range_limit[IDESCALE(tmp1 + tmp6, PASS1_BITS + 3) & RANGE_MASK];
-    outptr[6] =
-      range_limit[IDESCALE(tmp1 - tmp6, PASS1_BITS + 3) & RANGE_MASK];
-    outptr[2] =
-      range_limit[IDESCALE(tmp2 + tmp5, PASS1_BITS + 3) & RANGE_MASK];
-    outptr[5] =
-      range_limit[IDESCALE(tmp2 - tmp5, PASS1_BITS + 3) & RANGE_MASK];
-    outptr[4] =
-      range_limit[IDESCALE(tmp3 + tmp4, PASS1_BITS + 3) & RANGE_MASK];
-    outptr[3] =
-      range_limit[IDESCALE(tmp3 - tmp4, PASS1_BITS + 3) & RANGE_MASK];
-
-    wsptr += DCTSIZE;           /* advance pointer to next row */
-  }
-}
-
-#endif /* DCT_IFAST_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jidctint.c b/3rdparty/libjpeg-turbo_2_1_0/jidctint.c
deleted file mode 100644
index bb08748..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jidctint.c
+++ /dev/null
@@ -1,2627 +0,0 @@
-/*
- * jidctint.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1998, Thomas G. Lane.
- * Modification developed 2002-2018 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2015, 2020, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains a slower but more accurate integer implementation of the
- * inverse DCT (Discrete Cosine Transform).  In the IJG code, this routine
- * must also perform dequantization of the input coefficients.
- *
- * A 2-D IDCT can be done by 1-D IDCT on each column followed by 1-D IDCT
- * on each row (or vice versa, but it's more convenient to emit a row at
- * a time).  Direct algorithms are also available, but they are much more
- * complex and seem not to be any faster when reduced to code.
- *
- * This implementation is based on an algorithm described in
- *   C. Loeffler, A. Ligtenberg and G. Moschytz, "Practical Fast 1-D DCT
- *   Algorithms with 11 Multiplications", Proc. Int'l. Conf. on Acoustics,
- *   Speech, and Signal Processing 1989 (ICASSP '89), pp. 988-991.
- * The primary algorithm described there uses 11 multiplies and 29 adds.
- * We use their alternate method with 12 multiplies and 32 adds.
- * The advantage of this method is that no data path contains more than one
- * multiplication; this allows a very simple and accurate implementation in
- * scaled fixed-point arithmetic, with a minimal number of shifts.
- *
- * We also provide IDCT routines with various output sample block sizes for
- * direct resolution reduction or enlargement without additional resampling:
- * NxN (N=1...16) pixels for one 8x8 input DCT block.
- *
- * For N<8 we simply take the corresponding low-frequency coefficients of
- * the 8x8 input DCT block and apply an NxN point IDCT on the sub-block
- * to yield the downscaled outputs.
- * This can be seen as direct low-pass downsampling from the DCT domain
- * point of view rather than the usual spatial domain point of view,
- * yielding significant computational savings and results at least
- * as good as common bilinear (averaging) spatial downsampling.
- *
- * For N>8 we apply a partial NxN IDCT on the 8 input coefficients as
- * lower frequencies and higher frequencies assumed to be zero.
- * It turns out that the computational effort is similar to the 8x8 IDCT
- * regarding the output size.
- * Furthermore, the scaling and descaling is the same for all IDCT sizes.
- *
- * CAUTION: We rely on the FIX() macro except for the N=1,2,4,8 cases
- * since there would be too many additional constants to pre-calculate.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jdct.h"               /* Private declarations for DCT subsystem */
-
-#ifdef DCT_ISLOW_SUPPORTED
-
-
-/*
- * This module is specialized to the case DCTSIZE = 8.
- */
-
-#if DCTSIZE != 8
-  Sorry, this code only copes with 8x8 DCT blocks. /* deliberate syntax err */
-#endif
-
-
-/*
- * The poop on this scaling stuff is as follows:
- *
- * Each 1-D IDCT step produces outputs which are a factor of sqrt(N)
- * larger than the true IDCT outputs.  The final outputs are therefore
- * a factor of N larger than desired; since N=8 this can be cured by
- * a simple right shift at the end of the algorithm.  The advantage of
- * this arrangement is that we save two multiplications per 1-D IDCT,
- * because the y0 and y4 inputs need not be divided by sqrt(N).
- *
- * We have to do addition and subtraction of the integer inputs, which
- * is no problem, and multiplication by fractional constants, which is
- * a problem to do in integer arithmetic.  We multiply all the constants
- * by CONST_SCALE and convert them to integer constants (thus retaining
- * CONST_BITS bits of precision in the constants).  After doing a
- * multiplication we have to divide the product by CONST_SCALE, with proper
- * rounding, to produce the correct output.  This division can be done
- * cheaply as a right shift of CONST_BITS bits.  We postpone shifting
- * as long as possible so that partial sums can be added together with
- * full fractional precision.
- *
- * The outputs of the first pass are scaled up by PASS1_BITS bits so that
- * they are represented to better-than-integral precision.  These outputs
- * require BITS_IN_JSAMPLE + PASS1_BITS + 3 bits; this fits in a 16-bit word
- * with the recommended scaling.  (To scale up 12-bit sample data further, an
- * intermediate JLONG array would be needed.)
- *
- * To avoid overflow of the 32-bit intermediate results in pass 2, we must
- * have BITS_IN_JSAMPLE + CONST_BITS + PASS1_BITS <= 26.  Error analysis
- * shows that the values given below are the most effective.
- */
-
-#if BITS_IN_JSAMPLE == 8
-#define CONST_BITS  13
-#define PASS1_BITS  2
-#else
-#define CONST_BITS  13
-#define PASS1_BITS  1           /* lose a little precision to avoid overflow */
-#endif
-
-/* Some C compilers fail to reduce "FIX(constant)" at compile time, thus
- * causing a lot of useless floating-point operations at run time.
- * To get around this we use the following pre-calculated constants.
- * If you change CONST_BITS you may want to add appropriate values.
- * (With a reasonable C compiler, you can just rely on the FIX() macro...)
- */
-
-#if CONST_BITS == 13
-#define FIX_0_298631336  ((JLONG)2446)          /* FIX(0.298631336) */
-#define FIX_0_390180644  ((JLONG)3196)          /* FIX(0.390180644) */
-#define FIX_0_541196100  ((JLONG)4433)          /* FIX(0.541196100) */
-#define FIX_0_765366865  ((JLONG)6270)          /* FIX(0.765366865) */
-#define FIX_0_899976223  ((JLONG)7373)          /* FIX(0.899976223) */
-#define FIX_1_175875602  ((JLONG)9633)          /* FIX(1.175875602) */
-#define FIX_1_501321110  ((JLONG)12299)         /* FIX(1.501321110) */
-#define FIX_1_847759065  ((JLONG)15137)         /* FIX(1.847759065) */
-#define FIX_1_961570560  ((JLONG)16069)         /* FIX(1.961570560) */
-#define FIX_2_053119869  ((JLONG)16819)         /* FIX(2.053119869) */
-#define FIX_2_562915447  ((JLONG)20995)         /* FIX(2.562915447) */
-#define FIX_3_072711026  ((JLONG)25172)         /* FIX(3.072711026) */
-#else
-#define FIX_0_298631336  FIX(0.298631336)
-#define FIX_0_390180644  FIX(0.390180644)
-#define FIX_0_541196100  FIX(0.541196100)
-#define FIX_0_765366865  FIX(0.765366865)
-#define FIX_0_899976223  FIX(0.899976223)
-#define FIX_1_175875602  FIX(1.175875602)
-#define FIX_1_501321110  FIX(1.501321110)
-#define FIX_1_847759065  FIX(1.847759065)
-#define FIX_1_961570560  FIX(1.961570560)
-#define FIX_2_053119869  FIX(2.053119869)
-#define FIX_2_562915447  FIX(2.562915447)
-#define FIX_3_072711026  FIX(3.072711026)
-#endif
-
-
-/* Multiply an JLONG variable by an JLONG constant to yield an JLONG result.
- * For 8-bit samples with the recommended scaling, all the variable
- * and constant values involved are no more than 16 bits wide, so a
- * 16x16->32 bit multiply can be used instead of a full 32x32 multiply.
- * For 12-bit samples, a full 32-bit multiplication will be needed.
- */
-
-#if BITS_IN_JSAMPLE == 8
-#define MULTIPLY(var, const)  MULTIPLY16C16(var, const)
-#else
-#define MULTIPLY(var, const)  ((var) * (const))
-#endif
-
-
-/* Dequantize a coefficient by multiplying it by the multiplier-table
- * entry; produce an int result.  In this module, both inputs and result
- * are 16 bits or less, so either int or short multiply will work.
- */
-
-#define DEQUANTIZE(coef, quantval)  (((ISLOW_MULT_TYPE)(coef)) * (quantval))
-
-
-/*
- * Perform dequantization and inverse DCT on one block of coefficients.
- */
-
-GLOBAL(void)
-jpeg_idct_islow(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                JDIMENSION output_col)
-{
-  JLONG tmp0, tmp1, tmp2, tmp3;
-  JLONG tmp10, tmp11, tmp12, tmp13;
-  JLONG z1, z2, z3, z4, z5;
-  JCOEFPTR inptr;
-  ISLOW_MULT_TYPE *quantptr;
-  int *wsptr;
-  JSAMPROW outptr;
-  JSAMPLE *range_limit = IDCT_range_limit(cinfo);
-  int ctr;
-  int workspace[DCTSIZE2];      /* buffers data between passes */
-  SHIFT_TEMPS
-
-  /* Pass 1: process columns from input, store into work array. */
-  /* Note results are scaled up by sqrt(8) compared to a true IDCT; */
-  /* furthermore, we scale the results by 2**PASS1_BITS. */
-
-  inptr = coef_block;
-  quantptr = (ISLOW_MULT_TYPE *)compptr->dct_table;
-  wsptr = workspace;
-  for (ctr = DCTSIZE; ctr > 0; ctr--) {
-    /* Due to quantization, we will usually find that many of the input
-     * coefficients are zero, especially the AC terms.  We can exploit this
-     * by short-circuiting the IDCT calculation for any column in which all
-     * the AC terms are zero.  In that case each output is equal to the
-     * DC coefficient (with scale factor as needed).
-     * With typical images and quantization tables, half or more of the
-     * column DCT calculations can be simplified this way.
-     */
-
-    if (inptr[DCTSIZE * 1] == 0 && inptr[DCTSIZE * 2] == 0 &&
-        inptr[DCTSIZE * 3] == 0 && inptr[DCTSIZE * 4] == 0 &&
-        inptr[DCTSIZE * 5] == 0 && inptr[DCTSIZE * 6] == 0 &&
-        inptr[DCTSIZE * 7] == 0) {
-      /* AC terms all zero */
-      int dcval = LEFT_SHIFT(DEQUANTIZE(inptr[DCTSIZE * 0],
-                             quantptr[DCTSIZE * 0]), PASS1_BITS);
-
-      wsptr[DCTSIZE * 0] = dcval;
-      wsptr[DCTSIZE * 1] = dcval;
-      wsptr[DCTSIZE * 2] = dcval;
-      wsptr[DCTSIZE * 3] = dcval;
-      wsptr[DCTSIZE * 4] = dcval;
-      wsptr[DCTSIZE * 5] = dcval;
-      wsptr[DCTSIZE * 6] = dcval;
-      wsptr[DCTSIZE * 7] = dcval;
-
-      inptr++;                  /* advance pointers to next column */
-      quantptr++;
-      wsptr++;
-      continue;
-    }
-
-    /* Even part: reverse the even part of the forward DCT. */
-    /* The rotator is sqrt(2)*c(-6). */
-
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 2], quantptr[DCTSIZE * 2]);
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 6], quantptr[DCTSIZE * 6]);
-
-    z1 = MULTIPLY(z2 + z3, FIX_0_541196100);
-    tmp2 = z1 + MULTIPLY(z3, -FIX_1_847759065);
-    tmp3 = z1 + MULTIPLY(z2, FIX_0_765366865);
-
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 0], quantptr[DCTSIZE * 0]);
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 4], quantptr[DCTSIZE * 4]);
-
-    tmp0 = LEFT_SHIFT(z2 + z3, CONST_BITS);
-    tmp1 = LEFT_SHIFT(z2 - z3, CONST_BITS);
-
-    tmp10 = tmp0 + tmp3;
-    tmp13 = tmp0 - tmp3;
-    tmp11 = tmp1 + tmp2;
-    tmp12 = tmp1 - tmp2;
-
-    /* Odd part per figure 8; the matrix is unitary and hence its
-     * transpose is its inverse.  i0..i3 are y7,y5,y3,y1 respectively.
-     */
-
-    tmp0 = DEQUANTIZE(inptr[DCTSIZE * 7], quantptr[DCTSIZE * 7]);
-    tmp1 = DEQUANTIZE(inptr[DCTSIZE * 5], quantptr[DCTSIZE * 5]);
-    tmp2 = DEQUANTIZE(inptr[DCTSIZE * 3], quantptr[DCTSIZE * 3]);
-    tmp3 = DEQUANTIZE(inptr[DCTSIZE * 1], quantptr[DCTSIZE * 1]);
-
-    z1 = tmp0 + tmp3;
-    z2 = tmp1 + tmp2;
-    z3 = tmp0 + tmp2;
-    z4 = tmp1 + tmp3;
-    z5 = MULTIPLY(z3 + z4, FIX_1_175875602); /* sqrt(2) * c3 */
-
-    tmp0 = MULTIPLY(tmp0, FIX_0_298631336); /* sqrt(2) * (-c1+c3+c5-c7) */
-    tmp1 = MULTIPLY(tmp1, FIX_2_053119869); /* sqrt(2) * ( c1+c3-c5+c7) */
-    tmp2 = MULTIPLY(tmp2, FIX_3_072711026); /* sqrt(2) * ( c1+c3+c5-c7) */
-    tmp3 = MULTIPLY(tmp3, FIX_1_501321110); /* sqrt(2) * ( c1+c3-c5-c7) */
-    z1 = MULTIPLY(z1, -FIX_0_899976223); /* sqrt(2) * ( c7-c3) */
-    z2 = MULTIPLY(z2, -FIX_2_562915447); /* sqrt(2) * (-c1-c3) */
-    z3 = MULTIPLY(z3, -FIX_1_961570560); /* sqrt(2) * (-c3-c5) */
-    z4 = MULTIPLY(z4, -FIX_0_390180644); /* sqrt(2) * ( c5-c3) */
-
-    z3 += z5;
-    z4 += z5;
-
-    tmp0 += z1 + z3;
-    tmp1 += z2 + z4;
-    tmp2 += z2 + z3;
-    tmp3 += z1 + z4;
-
-    /* Final output stage: inputs are tmp10..tmp13, tmp0..tmp3 */
-
-    wsptr[DCTSIZE * 0] = (int)DESCALE(tmp10 + tmp3, CONST_BITS - PASS1_BITS);
-    wsptr[DCTSIZE * 7] = (int)DESCALE(tmp10 - tmp3, CONST_BITS - PASS1_BITS);
-    wsptr[DCTSIZE * 1] = (int)DESCALE(tmp11 + tmp2, CONST_BITS - PASS1_BITS);
-    wsptr[DCTSIZE * 6] = (int)DESCALE(tmp11 - tmp2, CONST_BITS - PASS1_BITS);
-    wsptr[DCTSIZE * 2] = (int)DESCALE(tmp12 + tmp1, CONST_BITS - PASS1_BITS);
-    wsptr[DCTSIZE * 5] = (int)DESCALE(tmp12 - tmp1, CONST_BITS - PASS1_BITS);
-    wsptr[DCTSIZE * 3] = (int)DESCALE(tmp13 + tmp0, CONST_BITS - PASS1_BITS);
-    wsptr[DCTSIZE * 4] = (int)DESCALE(tmp13 - tmp0, CONST_BITS - PASS1_BITS);
-
-    inptr++;                    /* advance pointers to next column */
-    quantptr++;
-    wsptr++;
-  }
-
-  /* Pass 2: process rows from work array, store into output array. */
-  /* Note that we must descale the results by a factor of 8 == 2**3, */
-  /* and also undo the PASS1_BITS scaling. */
-
-  wsptr = workspace;
-  for (ctr = 0; ctr < DCTSIZE; ctr++) {
-    outptr = output_buf[ctr] + output_col;
-    /* Rows of zeroes can be exploited in the same way as we did with columns.
-     * However, the column calculation has created many nonzero AC terms, so
-     * the simplification applies less often (typically 5% to 10% of the time).
-     * On machines with very fast multiplication, it's possible that the
-     * test takes more time than it's worth.  In that case this section
-     * may be commented out.
-     */
-
-#ifndef NO_ZERO_ROW_TEST
-    if (wsptr[1] == 0 && wsptr[2] == 0 && wsptr[3] == 0 && wsptr[4] == 0 &&
-        wsptr[5] == 0 && wsptr[6] == 0 && wsptr[7] == 0) {
-      /* AC terms all zero */
-      JSAMPLE dcval = range_limit[(int)DESCALE((JLONG)wsptr[0],
-                                               PASS1_BITS + 3) & RANGE_MASK];
-
-      outptr[0] = dcval;
-      outptr[1] = dcval;
-      outptr[2] = dcval;
-      outptr[3] = dcval;
-      outptr[4] = dcval;
-      outptr[5] = dcval;
-      outptr[6] = dcval;
-      outptr[7] = dcval;
-
-      wsptr += DCTSIZE;         /* advance pointer to next row */
-      continue;
-    }
-#endif
-
-    /* Even part: reverse the even part of the forward DCT. */
-    /* The rotator is sqrt(2)*c(-6). */
-
-    z2 = (JLONG)wsptr[2];
-    z3 = (JLONG)wsptr[6];
-
-    z1 = MULTIPLY(z2 + z3, FIX_0_541196100);
-    tmp2 = z1 + MULTIPLY(z3, -FIX_1_847759065);
-    tmp3 = z1 + MULTIPLY(z2, FIX_0_765366865);
-
-    tmp0 = LEFT_SHIFT((JLONG)wsptr[0] + (JLONG)wsptr[4], CONST_BITS);
-    tmp1 = LEFT_SHIFT((JLONG)wsptr[0] - (JLONG)wsptr[4], CONST_BITS);
-
-    tmp10 = tmp0 + tmp3;
-    tmp13 = tmp0 - tmp3;
-    tmp11 = tmp1 + tmp2;
-    tmp12 = tmp1 - tmp2;
-
-    /* Odd part per figure 8; the matrix is unitary and hence its
-     * transpose is its inverse.  i0..i3 are y7,y5,y3,y1 respectively.
-     */
-
-    tmp0 = (JLONG)wsptr[7];
-    tmp1 = (JLONG)wsptr[5];
-    tmp2 = (JLONG)wsptr[3];
-    tmp3 = (JLONG)wsptr[1];
-
-    z1 = tmp0 + tmp3;
-    z2 = tmp1 + tmp2;
-    z3 = tmp0 + tmp2;
-    z4 = tmp1 + tmp3;
-    z5 = MULTIPLY(z3 + z4, FIX_1_175875602); /* sqrt(2) * c3 */
-
-    tmp0 = MULTIPLY(tmp0, FIX_0_298631336); /* sqrt(2) * (-c1+c3+c5-c7) */
-    tmp1 = MULTIPLY(tmp1, FIX_2_053119869); /* sqrt(2) * ( c1+c3-c5+c7) */
-    tmp2 = MULTIPLY(tmp2, FIX_3_072711026); /* sqrt(2) * ( c1+c3+c5-c7) */
-    tmp3 = MULTIPLY(tmp3, FIX_1_501321110); /* sqrt(2) * ( c1+c3-c5-c7) */
-    z1 = MULTIPLY(z1, -FIX_0_899976223); /* sqrt(2) * ( c7-c3) */
-    z2 = MULTIPLY(z2, -FIX_2_562915447); /* sqrt(2) * (-c1-c3) */
-    z3 = MULTIPLY(z3, -FIX_1_961570560); /* sqrt(2) * (-c3-c5) */
-    z4 = MULTIPLY(z4, -FIX_0_390180644); /* sqrt(2) * ( c5-c3) */
-
-    z3 += z5;
-    z4 += z5;
-
-    tmp0 += z1 + z3;
-    tmp1 += z2 + z4;
-    tmp2 += z2 + z3;
-    tmp3 += z1 + z4;
-
-    /* Final output stage: inputs are tmp10..tmp13, tmp0..tmp3 */
-
-    outptr[0] = range_limit[(int)DESCALE(tmp10 + tmp3,
-                                         CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[7] = range_limit[(int)DESCALE(tmp10 - tmp3,
-                                         CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[1] = range_limit[(int)DESCALE(tmp11 + tmp2,
-                                         CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[6] = range_limit[(int)DESCALE(tmp11 - tmp2,
-                                         CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[2] = range_limit[(int)DESCALE(tmp12 + tmp1,
-                                         CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[5] = range_limit[(int)DESCALE(tmp12 - tmp1,
-                                         CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[3] = range_limit[(int)DESCALE(tmp13 + tmp0,
-                                         CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[4] = range_limit[(int)DESCALE(tmp13 - tmp0,
-                                         CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-
-    wsptr += DCTSIZE;           /* advance pointer to next row */
-  }
-}
-
-#ifdef IDCT_SCALING_SUPPORTED
-
-
-/*
- * Perform dequantization and inverse DCT on one block of coefficients,
- * producing a reduced-size 7x7 output block.
- *
- * Optimized algorithm with 12 multiplications in the 1-D kernel.
- * cK represents sqrt(2) * cos(K*pi/14).
- */
-
-GLOBAL(void)
-jpeg_idct_7x7(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-              JCOEFPTR coef_block, JSAMPARRAY output_buf,
-              JDIMENSION output_col)
-{
-  JLONG tmp0, tmp1, tmp2, tmp10, tmp11, tmp12, tmp13;
-  JLONG z1, z2, z3;
-  JCOEFPTR inptr;
-  ISLOW_MULT_TYPE *quantptr;
-  int *wsptr;
-  JSAMPROW outptr;
-  JSAMPLE *range_limit = IDCT_range_limit(cinfo);
-  int ctr;
-  int workspace[7 * 7];         /* buffers data between passes */
-  SHIFT_TEMPS
-
-  /* Pass 1: process columns from input, store into work array. */
-
-  inptr = coef_block;
-  quantptr = (ISLOW_MULT_TYPE *)compptr->dct_table;
-  wsptr = workspace;
-  for (ctr = 0; ctr < 7; ctr++, inptr++, quantptr++, wsptr++) {
-    /* Even part */
-
-    tmp13 = DEQUANTIZE(inptr[DCTSIZE * 0], quantptr[DCTSIZE * 0]);
-    tmp13 = LEFT_SHIFT(tmp13, CONST_BITS);
-    /* Add fudge factor here for final descale. */
-    tmp13 += ONE << (CONST_BITS - PASS1_BITS - 1);
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 2], quantptr[DCTSIZE * 2]);
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 4], quantptr[DCTSIZE * 4]);
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 6], quantptr[DCTSIZE * 6]);
-
-    tmp10 = MULTIPLY(z2 - z3, FIX(0.881747734));     /* c4 */
-    tmp12 = MULTIPLY(z1 - z2, FIX(0.314692123));     /* c6 */
-    tmp11 = tmp10 + tmp12 + tmp13 - MULTIPLY(z2, FIX(1.841218003)); /* c2+c4-c6 */
-    tmp0 = z1 + z3;
-    z2 -= tmp0;
-    tmp0 = MULTIPLY(tmp0, FIX(1.274162392)) + tmp13; /* c2 */
-    tmp10 += tmp0 - MULTIPLY(z3, FIX(0.077722536));  /* c2-c4-c6 */
-    tmp12 += tmp0 - MULTIPLY(z1, FIX(2.470602249));  /* c2+c4+c6 */
-    tmp13 += MULTIPLY(z2, FIX(1.414213562));         /* c0 */
-
-    /* Odd part */
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 1], quantptr[DCTSIZE * 1]);
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 3], quantptr[DCTSIZE * 3]);
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 5], quantptr[DCTSIZE * 5]);
-
-    tmp1 = MULTIPLY(z1 + z2, FIX(0.935414347));      /* (c3+c1-c5)/2 */
-    tmp2 = MULTIPLY(z1 - z2, FIX(0.170262339));      /* (c3+c5-c1)/2 */
-    tmp0 = tmp1 - tmp2;
-    tmp1 += tmp2;
-    tmp2 = MULTIPLY(z2 + z3, -FIX(1.378756276));     /* -c1 */
-    tmp1 += tmp2;
-    z2 = MULTIPLY(z1 + z3, FIX(0.613604268));        /* c5 */
-    tmp0 += z2;
-    tmp2 += z2 + MULTIPLY(z3, FIX(1.870828693));     /* c3+c1-c5 */
-
-    /* Final output stage */
-
-    wsptr[7 * 0] = (int)RIGHT_SHIFT(tmp10 + tmp0, CONST_BITS - PASS1_BITS);
-    wsptr[7 * 6] = (int)RIGHT_SHIFT(tmp10 - tmp0, CONST_BITS - PASS1_BITS);
-    wsptr[7 * 1] = (int)RIGHT_SHIFT(tmp11 + tmp1, CONST_BITS - PASS1_BITS);
-    wsptr[7 * 5] = (int)RIGHT_SHIFT(tmp11 - tmp1, CONST_BITS - PASS1_BITS);
-    wsptr[7 * 2] = (int)RIGHT_SHIFT(tmp12 + tmp2, CONST_BITS - PASS1_BITS);
-    wsptr[7 * 4] = (int)RIGHT_SHIFT(tmp12 - tmp2, CONST_BITS - PASS1_BITS);
-    wsptr[7 * 3] = (int)RIGHT_SHIFT(tmp13, CONST_BITS - PASS1_BITS);
-  }
-
-  /* Pass 2: process 7 rows from work array, store into output array. */
-
-  wsptr = workspace;
-  for (ctr = 0; ctr < 7; ctr++) {
-    outptr = output_buf[ctr] + output_col;
-
-    /* Even part */
-
-    /* Add fudge factor here for final descale. */
-    tmp13 = (JLONG)wsptr[0] + (ONE << (PASS1_BITS + 2));
-    tmp13 = LEFT_SHIFT(tmp13, CONST_BITS);
-
-    z1 = (JLONG)wsptr[2];
-    z2 = (JLONG)wsptr[4];
-    z3 = (JLONG)wsptr[6];
-
-    tmp10 = MULTIPLY(z2 - z3, FIX(0.881747734));     /* c4 */
-    tmp12 = MULTIPLY(z1 - z2, FIX(0.314692123));     /* c6 */
-    tmp11 = tmp10 + tmp12 + tmp13 - MULTIPLY(z2, FIX(1.841218003)); /* c2+c4-c6 */
-    tmp0 = z1 + z3;
-    z2 -= tmp0;
-    tmp0 = MULTIPLY(tmp0, FIX(1.274162392)) + tmp13; /* c2 */
-    tmp10 += tmp0 - MULTIPLY(z3, FIX(0.077722536));  /* c2-c4-c6 */
-    tmp12 += tmp0 - MULTIPLY(z1, FIX(2.470602249));  /* c2+c4+c6 */
-    tmp13 += MULTIPLY(z2, FIX(1.414213562));         /* c0 */
-
-    /* Odd part */
-
-    z1 = (JLONG)wsptr[1];
-    z2 = (JLONG)wsptr[3];
-    z3 = (JLONG)wsptr[5];
-
-    tmp1 = MULTIPLY(z1 + z2, FIX(0.935414347));      /* (c3+c1-c5)/2 */
-    tmp2 = MULTIPLY(z1 - z2, FIX(0.170262339));      /* (c3+c5-c1)/2 */
-    tmp0 = tmp1 - tmp2;
-    tmp1 += tmp2;
-    tmp2 = MULTIPLY(z2 + z3, -FIX(1.378756276));     /* -c1 */
-    tmp1 += tmp2;
-    z2 = MULTIPLY(z1 + z3, FIX(0.613604268));        /* c5 */
-    tmp0 += z2;
-    tmp2 += z2 + MULTIPLY(z3, FIX(1.870828693));     /* c3+c1-c5 */
-
-    /* Final output stage */
-
-    outptr[0] = range_limit[(int)RIGHT_SHIFT(tmp10 + tmp0,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[6] = range_limit[(int)RIGHT_SHIFT(tmp10 - tmp0,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[1] = range_limit[(int)RIGHT_SHIFT(tmp11 + tmp1,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[5] = range_limit[(int)RIGHT_SHIFT(tmp11 - tmp1,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[2] = range_limit[(int)RIGHT_SHIFT(tmp12 + tmp2,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[4] = range_limit[(int)RIGHT_SHIFT(tmp12 - tmp2,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[3] = range_limit[(int)RIGHT_SHIFT(tmp13,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-
-    wsptr += 7;         /* advance pointer to next row */
-  }
-}
-
-
-/*
- * Perform dequantization and inverse DCT on one block of coefficients,
- * producing a reduced-size 6x6 output block.
- *
- * Optimized algorithm with 3 multiplications in the 1-D kernel.
- * cK represents sqrt(2) * cos(K*pi/12).
- */
-
-GLOBAL(void)
-jpeg_idct_6x6(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-              JCOEFPTR coef_block, JSAMPARRAY output_buf,
-              JDIMENSION output_col)
-{
-  JLONG tmp0, tmp1, tmp2, tmp10, tmp11, tmp12;
-  JLONG z1, z2, z3;
-  JCOEFPTR inptr;
-  ISLOW_MULT_TYPE *quantptr;
-  int *wsptr;
-  JSAMPROW outptr;
-  JSAMPLE *range_limit = IDCT_range_limit(cinfo);
-  int ctr;
-  int workspace[6 * 6];         /* buffers data between passes */
-  SHIFT_TEMPS
-
-  /* Pass 1: process columns from input, store into work array. */
-
-  inptr = coef_block;
-  quantptr = (ISLOW_MULT_TYPE *)compptr->dct_table;
-  wsptr = workspace;
-  for (ctr = 0; ctr < 6; ctr++, inptr++, quantptr++, wsptr++) {
-    /* Even part */
-
-    tmp0 = DEQUANTIZE(inptr[DCTSIZE * 0], quantptr[DCTSIZE * 0]);
-    tmp0 = LEFT_SHIFT(tmp0, CONST_BITS);
-    /* Add fudge factor here for final descale. */
-    tmp0 += ONE << (CONST_BITS - PASS1_BITS - 1);
-    tmp2 = DEQUANTIZE(inptr[DCTSIZE * 4], quantptr[DCTSIZE * 4]);
-    tmp10 = MULTIPLY(tmp2, FIX(0.707106781));   /* c4 */
-    tmp1 = tmp0 + tmp10;
-    tmp11 = RIGHT_SHIFT(tmp0 - tmp10 - tmp10, CONST_BITS - PASS1_BITS);
-    tmp10 = DEQUANTIZE(inptr[DCTSIZE * 2], quantptr[DCTSIZE * 2]);
-    tmp0 = MULTIPLY(tmp10, FIX(1.224744871));   /* c2 */
-    tmp10 = tmp1 + tmp0;
-    tmp12 = tmp1 - tmp0;
-
-    /* Odd part */
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 1], quantptr[DCTSIZE * 1]);
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 3], quantptr[DCTSIZE * 3]);
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 5], quantptr[DCTSIZE * 5]);
-    tmp1 = MULTIPLY(z1 + z3, FIX(0.366025404)); /* c5 */
-    tmp0 = tmp1 + LEFT_SHIFT(z1 + z2, CONST_BITS);
-    tmp2 = tmp1 + LEFT_SHIFT(z3 - z2, CONST_BITS);
-    tmp1 = LEFT_SHIFT(z1 - z2 - z3, PASS1_BITS);
-
-    /* Final output stage */
-
-    wsptr[6 * 0] = (int)RIGHT_SHIFT(tmp10 + tmp0, CONST_BITS - PASS1_BITS);
-    wsptr[6 * 5] = (int)RIGHT_SHIFT(tmp10 - tmp0, CONST_BITS - PASS1_BITS);
-    wsptr[6 * 1] = (int)(tmp11 + tmp1);
-    wsptr[6 * 4] = (int)(tmp11 - tmp1);
-    wsptr[6 * 2] = (int)RIGHT_SHIFT(tmp12 + tmp2, CONST_BITS - PASS1_BITS);
-    wsptr[6 * 3] = (int)RIGHT_SHIFT(tmp12 - tmp2, CONST_BITS - PASS1_BITS);
-  }
-
-  /* Pass 2: process 6 rows from work array, store into output array. */
-
-  wsptr = workspace;
-  for (ctr = 0; ctr < 6; ctr++) {
-    outptr = output_buf[ctr] + output_col;
-
-    /* Even part */
-
-    /* Add fudge factor here for final descale. */
-    tmp0 = (JLONG)wsptr[0] + (ONE << (PASS1_BITS + 2));
-    tmp0 = LEFT_SHIFT(tmp0, CONST_BITS);
-    tmp2 = (JLONG)wsptr[4];
-    tmp10 = MULTIPLY(tmp2, FIX(0.707106781));   /* c4 */
-    tmp1 = tmp0 + tmp10;
-    tmp11 = tmp0 - tmp10 - tmp10;
-    tmp10 = (JLONG)wsptr[2];
-    tmp0 = MULTIPLY(tmp10, FIX(1.224744871));   /* c2 */
-    tmp10 = tmp1 + tmp0;
-    tmp12 = tmp1 - tmp0;
-
-    /* Odd part */
-
-    z1 = (JLONG)wsptr[1];
-    z2 = (JLONG)wsptr[3];
-    z3 = (JLONG)wsptr[5];
-    tmp1 = MULTIPLY(z1 + z3, FIX(0.366025404)); /* c5 */
-    tmp0 = tmp1 + LEFT_SHIFT(z1 + z2, CONST_BITS);
-    tmp2 = tmp1 + LEFT_SHIFT(z3 - z2, CONST_BITS);
-    tmp1 = LEFT_SHIFT(z1 - z2 - z3, CONST_BITS);
-
-    /* Final output stage */
-
-    outptr[0] = range_limit[(int)RIGHT_SHIFT(tmp10 + tmp0,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[5] = range_limit[(int)RIGHT_SHIFT(tmp10 - tmp0,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[1] = range_limit[(int)RIGHT_SHIFT(tmp11 + tmp1,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[4] = range_limit[(int)RIGHT_SHIFT(tmp11 - tmp1,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[2] = range_limit[(int)RIGHT_SHIFT(tmp12 + tmp2,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[3] = range_limit[(int)RIGHT_SHIFT(tmp12 - tmp2,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-
-    wsptr += 6;         /* advance pointer to next row */
-  }
-}
-
-
-/*
- * Perform dequantization and inverse DCT on one block of coefficients,
- * producing a reduced-size 5x5 output block.
- *
- * Optimized algorithm with 5 multiplications in the 1-D kernel.
- * cK represents sqrt(2) * cos(K*pi/10).
- */
-
-GLOBAL(void)
-jpeg_idct_5x5(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-              JCOEFPTR coef_block, JSAMPARRAY output_buf,
-              JDIMENSION output_col)
-{
-  JLONG tmp0, tmp1, tmp10, tmp11, tmp12;
-  JLONG z1, z2, z3;
-  JCOEFPTR inptr;
-  ISLOW_MULT_TYPE *quantptr;
-  int *wsptr;
-  JSAMPROW outptr;
-  JSAMPLE *range_limit = IDCT_range_limit(cinfo);
-  int ctr;
-  int workspace[5 * 5];         /* buffers data between passes */
-  SHIFT_TEMPS
-
-  /* Pass 1: process columns from input, store into work array. */
-
-  inptr = coef_block;
-  quantptr = (ISLOW_MULT_TYPE *)compptr->dct_table;
-  wsptr = workspace;
-  for (ctr = 0; ctr < 5; ctr++, inptr++, quantptr++, wsptr++) {
-    /* Even part */
-
-    tmp12 = DEQUANTIZE(inptr[DCTSIZE * 0], quantptr[DCTSIZE * 0]);
-    tmp12 = LEFT_SHIFT(tmp12, CONST_BITS);
-    /* Add fudge factor here for final descale. */
-    tmp12 += ONE << (CONST_BITS - PASS1_BITS - 1);
-    tmp0 = DEQUANTIZE(inptr[DCTSIZE * 2], quantptr[DCTSIZE * 2]);
-    tmp1 = DEQUANTIZE(inptr[DCTSIZE * 4], quantptr[DCTSIZE * 4]);
-    z1 = MULTIPLY(tmp0 + tmp1, FIX(0.790569415)); /* (c2+c4)/2 */
-    z2 = MULTIPLY(tmp0 - tmp1, FIX(0.353553391)); /* (c2-c4)/2 */
-    z3 = tmp12 + z2;
-    tmp10 = z3 + z1;
-    tmp11 = z3 - z1;
-    tmp12 -= LEFT_SHIFT(z2, 2);
-
-    /* Odd part */
-
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 1], quantptr[DCTSIZE * 1]);
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 3], quantptr[DCTSIZE * 3]);
-
-    z1 = MULTIPLY(z2 + z3, FIX(0.831253876));     /* c3 */
-    tmp0 = z1 + MULTIPLY(z2, FIX(0.513743148));   /* c1-c3 */
-    tmp1 = z1 - MULTIPLY(z3, FIX(2.176250899));   /* c1+c3 */
-
-    /* Final output stage */
-
-    wsptr[5 * 0] = (int)RIGHT_SHIFT(tmp10 + tmp0, CONST_BITS - PASS1_BITS);
-    wsptr[5 * 4] = (int)RIGHT_SHIFT(tmp10 - tmp0, CONST_BITS - PASS1_BITS);
-    wsptr[5 * 1] = (int)RIGHT_SHIFT(tmp11 + tmp1, CONST_BITS - PASS1_BITS);
-    wsptr[5 * 3] = (int)RIGHT_SHIFT(tmp11 - tmp1, CONST_BITS - PASS1_BITS);
-    wsptr[5 * 2] = (int)RIGHT_SHIFT(tmp12, CONST_BITS - PASS1_BITS);
-  }
-
-  /* Pass 2: process 5 rows from work array, store into output array. */
-
-  wsptr = workspace;
-  for (ctr = 0; ctr < 5; ctr++) {
-    outptr = output_buf[ctr] + output_col;
-
-    /* Even part */
-
-    /* Add fudge factor here for final descale. */
-    tmp12 = (JLONG)wsptr[0] + (ONE << (PASS1_BITS + 2));
-    tmp12 = LEFT_SHIFT(tmp12, CONST_BITS);
-    tmp0 = (JLONG)wsptr[2];
-    tmp1 = (JLONG)wsptr[4];
-    z1 = MULTIPLY(tmp0 + tmp1, FIX(0.790569415)); /* (c2+c4)/2 */
-    z2 = MULTIPLY(tmp0 - tmp1, FIX(0.353553391)); /* (c2-c4)/2 */
-    z3 = tmp12 + z2;
-    tmp10 = z3 + z1;
-    tmp11 = z3 - z1;
-    tmp12 -= LEFT_SHIFT(z2, 2);
-
-    /* Odd part */
-
-    z2 = (JLONG)wsptr[1];
-    z3 = (JLONG)wsptr[3];
-
-    z1 = MULTIPLY(z2 + z3, FIX(0.831253876));     /* c3 */
-    tmp0 = z1 + MULTIPLY(z2, FIX(0.513743148));   /* c1-c3 */
-    tmp1 = z1 - MULTIPLY(z3, FIX(2.176250899));   /* c1+c3 */
-
-    /* Final output stage */
-
-    outptr[0] = range_limit[(int)RIGHT_SHIFT(tmp10 + tmp0,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[4] = range_limit[(int)RIGHT_SHIFT(tmp10 - tmp0,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[1] = range_limit[(int)RIGHT_SHIFT(tmp11 + tmp1,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[3] = range_limit[(int)RIGHT_SHIFT(tmp11 - tmp1,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[2] = range_limit[(int)RIGHT_SHIFT(tmp12,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-
-    wsptr += 5;         /* advance pointer to next row */
-  }
-}
-
-
-/*
- * Perform dequantization and inverse DCT on one block of coefficients,
- * producing a reduced-size 3x3 output block.
- *
- * Optimized algorithm with 2 multiplications in the 1-D kernel.
- * cK represents sqrt(2) * cos(K*pi/6).
- */
-
-GLOBAL(void)
-jpeg_idct_3x3(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-              JCOEFPTR coef_block, JSAMPARRAY output_buf,
-              JDIMENSION output_col)
-{
-  JLONG tmp0, tmp2, tmp10, tmp12;
-  JCOEFPTR inptr;
-  ISLOW_MULT_TYPE *quantptr;
-  int *wsptr;
-  JSAMPROW outptr;
-  JSAMPLE *range_limit = IDCT_range_limit(cinfo);
-  int ctr;
-  int workspace[3 * 3];         /* buffers data between passes */
-  SHIFT_TEMPS
-
-  /* Pass 1: process columns from input, store into work array. */
-
-  inptr = coef_block;
-  quantptr = (ISLOW_MULT_TYPE *)compptr->dct_table;
-  wsptr = workspace;
-  for (ctr = 0; ctr < 3; ctr++, inptr++, quantptr++, wsptr++) {
-    /* Even part */
-
-    tmp0 = DEQUANTIZE(inptr[DCTSIZE * 0], quantptr[DCTSIZE * 0]);
-    tmp0 = LEFT_SHIFT(tmp0, CONST_BITS);
-    /* Add fudge factor here for final descale. */
-    tmp0 += ONE << (CONST_BITS - PASS1_BITS - 1);
-    tmp2 = DEQUANTIZE(inptr[DCTSIZE * 2], quantptr[DCTSIZE * 2]);
-    tmp12 = MULTIPLY(tmp2, FIX(0.707106781)); /* c2 */
-    tmp10 = tmp0 + tmp12;
-    tmp2 = tmp0 - tmp12 - tmp12;
-
-    /* Odd part */
-
-    tmp12 = DEQUANTIZE(inptr[DCTSIZE * 1], quantptr[DCTSIZE * 1]);
-    tmp0 = MULTIPLY(tmp12, FIX(1.224744871)); /* c1 */
-
-    /* Final output stage */
-
-    wsptr[3 * 0] = (int)RIGHT_SHIFT(tmp10 + tmp0, CONST_BITS - PASS1_BITS);
-    wsptr[3 * 2] = (int)RIGHT_SHIFT(tmp10 - tmp0, CONST_BITS - PASS1_BITS);
-    wsptr[3 * 1] = (int)RIGHT_SHIFT(tmp2, CONST_BITS - PASS1_BITS);
-  }
-
-  /* Pass 2: process 3 rows from work array, store into output array. */
-
-  wsptr = workspace;
-  for (ctr = 0; ctr < 3; ctr++) {
-    outptr = output_buf[ctr] + output_col;
-
-    /* Even part */
-
-    /* Add fudge factor here for final descale. */
-    tmp0 = (JLONG)wsptr[0] + (ONE << (PASS1_BITS + 2));
-    tmp0 = LEFT_SHIFT(tmp0, CONST_BITS);
-    tmp2 = (JLONG)wsptr[2];
-    tmp12 = MULTIPLY(tmp2, FIX(0.707106781)); /* c2 */
-    tmp10 = tmp0 + tmp12;
-    tmp2 = tmp0 - tmp12 - tmp12;
-
-    /* Odd part */
-
-    tmp12 = (JLONG)wsptr[1];
-    tmp0 = MULTIPLY(tmp12, FIX(1.224744871)); /* c1 */
-
-    /* Final output stage */
-
-    outptr[0] = range_limit[(int)RIGHT_SHIFT(tmp10 + tmp0,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[2] = range_limit[(int)RIGHT_SHIFT(tmp10 - tmp0,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[1] = range_limit[(int)RIGHT_SHIFT(tmp2,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-
-    wsptr += 3;         /* advance pointer to next row */
-  }
-}
-
-
-/*
- * Perform dequantization and inverse DCT on one block of coefficients,
- * producing a 9x9 output block.
- *
- * Optimized algorithm with 10 multiplications in the 1-D kernel.
- * cK represents sqrt(2) * cos(K*pi/18).
- */
-
-GLOBAL(void)
-jpeg_idct_9x9(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-              JCOEFPTR coef_block, JSAMPARRAY output_buf,
-              JDIMENSION output_col)
-{
-  JLONG tmp0, tmp1, tmp2, tmp3, tmp10, tmp11, tmp12, tmp13, tmp14;
-  JLONG z1, z2, z3, z4;
-  JCOEFPTR inptr;
-  ISLOW_MULT_TYPE *quantptr;
-  int *wsptr;
-  JSAMPROW outptr;
-  JSAMPLE *range_limit = IDCT_range_limit(cinfo);
-  int ctr;
-  int workspace[8 * 9];         /* buffers data between passes */
-  SHIFT_TEMPS
-
-  /* Pass 1: process columns from input, store into work array. */
-
-  inptr = coef_block;
-  quantptr = (ISLOW_MULT_TYPE *)compptr->dct_table;
-  wsptr = workspace;
-  for (ctr = 0; ctr < 8; ctr++, inptr++, quantptr++, wsptr++) {
-    /* Even part */
-
-    tmp0 = DEQUANTIZE(inptr[DCTSIZE * 0], quantptr[DCTSIZE * 0]);
-    tmp0 = LEFT_SHIFT(tmp0, CONST_BITS);
-    /* Add fudge factor here for final descale. */
-    tmp0 += ONE << (CONST_BITS - PASS1_BITS - 1);
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 2], quantptr[DCTSIZE * 2]);
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 4], quantptr[DCTSIZE * 4]);
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 6], quantptr[DCTSIZE * 6]);
-
-    tmp3 = MULTIPLY(z3, FIX(0.707106781));      /* c6 */
-    tmp1 = tmp0 + tmp3;
-    tmp2 = tmp0 - tmp3 - tmp3;
-
-    tmp0 = MULTIPLY(z1 - z2, FIX(0.707106781)); /* c6 */
-    tmp11 = tmp2 + tmp0;
-    tmp14 = tmp2 - tmp0 - tmp0;
-
-    tmp0 = MULTIPLY(z1 + z2, FIX(1.328926049)); /* c2 */
-    tmp2 = MULTIPLY(z1, FIX(1.083350441));      /* c4 */
-    tmp3 = MULTIPLY(z2, FIX(0.245575608));      /* c8 */
-
-    tmp10 = tmp1 + tmp0 - tmp3;
-    tmp12 = tmp1 - tmp0 + tmp2;
-    tmp13 = tmp1 - tmp2 + tmp3;
-
-    /* Odd part */
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 1], quantptr[DCTSIZE * 1]);
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 3], quantptr[DCTSIZE * 3]);
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 5], quantptr[DCTSIZE * 5]);
-    z4 = DEQUANTIZE(inptr[DCTSIZE * 7], quantptr[DCTSIZE * 7]);
-
-    z2 = MULTIPLY(z2, -FIX(1.224744871));            /* -c3 */
-
-    tmp2 = MULTIPLY(z1 + z3, FIX(0.909038955));      /* c5 */
-    tmp3 = MULTIPLY(z1 + z4, FIX(0.483689525));      /* c7 */
-    tmp0 = tmp2 + tmp3 - z2;
-    tmp1 = MULTIPLY(z3 - z4, FIX(1.392728481));      /* c1 */
-    tmp2 += z2 - tmp1;
-    tmp3 += z2 + tmp1;
-    tmp1 = MULTIPLY(z1 - z3 - z4, FIX(1.224744871)); /* c3 */
-
-    /* Final output stage */
-
-    wsptr[8 * 0] = (int)RIGHT_SHIFT(tmp10 + tmp0, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 8] = (int)RIGHT_SHIFT(tmp10 - tmp0, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 1] = (int)RIGHT_SHIFT(tmp11 + tmp1, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 7] = (int)RIGHT_SHIFT(tmp11 - tmp1, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 2] = (int)RIGHT_SHIFT(tmp12 + tmp2, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 6] = (int)RIGHT_SHIFT(tmp12 - tmp2, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 3] = (int)RIGHT_SHIFT(tmp13 + tmp3, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 5] = (int)RIGHT_SHIFT(tmp13 - tmp3, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 4] = (int)RIGHT_SHIFT(tmp14, CONST_BITS - PASS1_BITS);
-  }
-
-  /* Pass 2: process 9 rows from work array, store into output array. */
-
-  wsptr = workspace;
-  for (ctr = 0; ctr < 9; ctr++) {
-    outptr = output_buf[ctr] + output_col;
-
-    /* Even part */
-
-    /* Add fudge factor here for final descale. */
-    tmp0 = (JLONG)wsptr[0] + (ONE << (PASS1_BITS + 2));
-    tmp0 = LEFT_SHIFT(tmp0, CONST_BITS);
-
-    z1 = (JLONG)wsptr[2];
-    z2 = (JLONG)wsptr[4];
-    z3 = (JLONG)wsptr[6];
-
-    tmp3 = MULTIPLY(z3, FIX(0.707106781));      /* c6 */
-    tmp1 = tmp0 + tmp3;
-    tmp2 = tmp0 - tmp3 - tmp3;
-
-    tmp0 = MULTIPLY(z1 - z2, FIX(0.707106781)); /* c6 */
-    tmp11 = tmp2 + tmp0;
-    tmp14 = tmp2 - tmp0 - tmp0;
-
-    tmp0 = MULTIPLY(z1 + z2, FIX(1.328926049)); /* c2 */
-    tmp2 = MULTIPLY(z1, FIX(1.083350441));      /* c4 */
-    tmp3 = MULTIPLY(z2, FIX(0.245575608));      /* c8 */
-
-    tmp10 = tmp1 + tmp0 - tmp3;
-    tmp12 = tmp1 - tmp0 + tmp2;
-    tmp13 = tmp1 - tmp2 + tmp3;
-
-    /* Odd part */
-
-    z1 = (JLONG)wsptr[1];
-    z2 = (JLONG)wsptr[3];
-    z3 = (JLONG)wsptr[5];
-    z4 = (JLONG)wsptr[7];
-
-    z2 = MULTIPLY(z2, -FIX(1.224744871));            /* -c3 */
-
-    tmp2 = MULTIPLY(z1 + z3, FIX(0.909038955));      /* c5 */
-    tmp3 = MULTIPLY(z1 + z4, FIX(0.483689525));      /* c7 */
-    tmp0 = tmp2 + tmp3 - z2;
-    tmp1 = MULTIPLY(z3 - z4, FIX(1.392728481));      /* c1 */
-    tmp2 += z2 - tmp1;
-    tmp3 += z2 + tmp1;
-    tmp1 = MULTIPLY(z1 - z3 - z4, FIX(1.224744871)); /* c3 */
-
-    /* Final output stage */
-
-    outptr[0] = range_limit[(int)RIGHT_SHIFT(tmp10 + tmp0,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[8] = range_limit[(int)RIGHT_SHIFT(tmp10 - tmp0,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[1] = range_limit[(int)RIGHT_SHIFT(tmp11 + tmp1,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[7] = range_limit[(int)RIGHT_SHIFT(tmp11 - tmp1,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[2] = range_limit[(int)RIGHT_SHIFT(tmp12 + tmp2,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[6] = range_limit[(int)RIGHT_SHIFT(tmp12 - tmp2,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[3] = range_limit[(int)RIGHT_SHIFT(tmp13 + tmp3,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[5] = range_limit[(int)RIGHT_SHIFT(tmp13 - tmp3,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[4] = range_limit[(int)RIGHT_SHIFT(tmp14,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-
-    wsptr += 8;         /* advance pointer to next row */
-  }
-}
-
-
-/*
- * Perform dequantization and inverse DCT on one block of coefficients,
- * producing a 10x10 output block.
- *
- * Optimized algorithm with 12 multiplications in the 1-D kernel.
- * cK represents sqrt(2) * cos(K*pi/20).
- */
-
-GLOBAL(void)
-jpeg_idct_10x10(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                JDIMENSION output_col)
-{
-  JLONG tmp10, tmp11, tmp12, tmp13, tmp14;
-  JLONG tmp20, tmp21, tmp22, tmp23, tmp24;
-  JLONG z1, z2, z3, z4, z5;
-  JCOEFPTR inptr;
-  ISLOW_MULT_TYPE *quantptr;
-  int *wsptr;
-  JSAMPROW outptr;
-  JSAMPLE *range_limit = IDCT_range_limit(cinfo);
-  int ctr;
-  int workspace[8 * 10];        /* buffers data between passes */
-  SHIFT_TEMPS
-
-  /* Pass 1: process columns from input, store into work array. */
-
-  inptr = coef_block;
-  quantptr = (ISLOW_MULT_TYPE *)compptr->dct_table;
-  wsptr = workspace;
-  for (ctr = 0; ctr < 8; ctr++, inptr++, quantptr++, wsptr++) {
-    /* Even part */
-
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 0], quantptr[DCTSIZE * 0]);
-    z3 = LEFT_SHIFT(z3, CONST_BITS);
-    /* Add fudge factor here for final descale. */
-    z3 += ONE << (CONST_BITS - PASS1_BITS - 1);
-    z4 = DEQUANTIZE(inptr[DCTSIZE * 4], quantptr[DCTSIZE * 4]);
-    z1 = MULTIPLY(z4, FIX(1.144122806));         /* c4 */
-    z2 = MULTIPLY(z4, FIX(0.437016024));         /* c8 */
-    tmp10 = z3 + z1;
-    tmp11 = z3 - z2;
-
-    tmp22 = RIGHT_SHIFT(z3 - LEFT_SHIFT(z1 - z2, 1),
-                        CONST_BITS - PASS1_BITS); /* c0 = (c4-c8)*2 */
-
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 2], quantptr[DCTSIZE * 2]);
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 6], quantptr[DCTSIZE * 6]);
-
-    z1 = MULTIPLY(z2 + z3, FIX(0.831253876));    /* c6 */
-    tmp12 = z1 + MULTIPLY(z2, FIX(0.513743148)); /* c2-c6 */
-    tmp13 = z1 - MULTIPLY(z3, FIX(2.176250899)); /* c2+c6 */
-
-    tmp20 = tmp10 + tmp12;
-    tmp24 = tmp10 - tmp12;
-    tmp21 = tmp11 + tmp13;
-    tmp23 = tmp11 - tmp13;
-
-    /* Odd part */
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 1], quantptr[DCTSIZE * 1]);
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 3], quantptr[DCTSIZE * 3]);
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 5], quantptr[DCTSIZE * 5]);
-    z4 = DEQUANTIZE(inptr[DCTSIZE * 7], quantptr[DCTSIZE * 7]);
-
-    tmp11 = z2 + z4;
-    tmp13 = z2 - z4;
-
-    tmp12 = MULTIPLY(tmp13, FIX(0.309016994));        /* (c3-c7)/2 */
-    z5 = LEFT_SHIFT(z3, CONST_BITS);
-
-    z2 = MULTIPLY(tmp11, FIX(0.951056516));           /* (c3+c7)/2 */
-    z4 = z5 + tmp12;
-
-    tmp10 = MULTIPLY(z1, FIX(1.396802247)) + z2 + z4; /* c1 */
-    tmp14 = MULTIPLY(z1, FIX(0.221231742)) - z2 + z4; /* c9 */
-
-    z2 = MULTIPLY(tmp11, FIX(0.587785252));           /* (c1-c9)/2 */
-    z4 = z5 - tmp12 - LEFT_SHIFT(tmp13, CONST_BITS - 1);
-
-    tmp12 = LEFT_SHIFT(z1 - tmp13 - z3, PASS1_BITS);
-
-    tmp11 = MULTIPLY(z1, FIX(1.260073511)) - z2 - z4; /* c3 */
-    tmp13 = MULTIPLY(z1, FIX(0.642039522)) - z2 + z4; /* c7 */
-
-    /* Final output stage */
-
-    wsptr[8 * 0] = (int)RIGHT_SHIFT(tmp20 + tmp10, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 9] = (int)RIGHT_SHIFT(tmp20 - tmp10, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 1] = (int)RIGHT_SHIFT(tmp21 + tmp11, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 8] = (int)RIGHT_SHIFT(tmp21 - tmp11, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 2] = (int)(tmp22 + tmp12);
-    wsptr[8 * 7] = (int)(tmp22 - tmp12);
-    wsptr[8 * 3] = (int)RIGHT_SHIFT(tmp23 + tmp13, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 6] = (int)RIGHT_SHIFT(tmp23 - tmp13, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 4] = (int)RIGHT_SHIFT(tmp24 + tmp14, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 5] = (int)RIGHT_SHIFT(tmp24 - tmp14, CONST_BITS - PASS1_BITS);
-  }
-
-  /* Pass 2: process 10 rows from work array, store into output array. */
-
-  wsptr = workspace;
-  for (ctr = 0; ctr < 10; ctr++) {
-    outptr = output_buf[ctr] + output_col;
-
-    /* Even part */
-
-    /* Add fudge factor here for final descale. */
-    z3 = (JLONG)wsptr[0] + (ONE << (PASS1_BITS + 2));
-    z3 = LEFT_SHIFT(z3, CONST_BITS);
-    z4 = (JLONG)wsptr[4];
-    z1 = MULTIPLY(z4, FIX(1.144122806));         /* c4 */
-    z2 = MULTIPLY(z4, FIX(0.437016024));         /* c8 */
-    tmp10 = z3 + z1;
-    tmp11 = z3 - z2;
-
-    tmp22 = z3 - LEFT_SHIFT(z1 - z2, 1);         /* c0 = (c4-c8)*2 */
-
-    z2 = (JLONG)wsptr[2];
-    z3 = (JLONG)wsptr[6];
-
-    z1 = MULTIPLY(z2 + z3, FIX(0.831253876));    /* c6 */
-    tmp12 = z1 + MULTIPLY(z2, FIX(0.513743148)); /* c2-c6 */
-    tmp13 = z1 - MULTIPLY(z3, FIX(2.176250899)); /* c2+c6 */
-
-    tmp20 = tmp10 + tmp12;
-    tmp24 = tmp10 - tmp12;
-    tmp21 = tmp11 + tmp13;
-    tmp23 = tmp11 - tmp13;
-
-    /* Odd part */
-
-    z1 = (JLONG)wsptr[1];
-    z2 = (JLONG)wsptr[3];
-    z3 = (JLONG)wsptr[5];
-    z3 = LEFT_SHIFT(z3, CONST_BITS);
-    z4 = (JLONG)wsptr[7];
-
-    tmp11 = z2 + z4;
-    tmp13 = z2 - z4;
-
-    tmp12 = MULTIPLY(tmp13, FIX(0.309016994));        /* (c3-c7)/2 */
-
-    z2 = MULTIPLY(tmp11, FIX(0.951056516));           /* (c3+c7)/2 */
-    z4 = z3 + tmp12;
-
-    tmp10 = MULTIPLY(z1, FIX(1.396802247)) + z2 + z4; /* c1 */
-    tmp14 = MULTIPLY(z1, FIX(0.221231742)) - z2 + z4; /* c9 */
-
-    z2 = MULTIPLY(tmp11, FIX(0.587785252));           /* (c1-c9)/2 */
-    z4 = z3 - tmp12 - LEFT_SHIFT(tmp13, CONST_BITS - 1);
-
-    tmp12 = LEFT_SHIFT(z1 - tmp13, CONST_BITS) - z3;
-
-    tmp11 = MULTIPLY(z1, FIX(1.260073511)) - z2 - z4; /* c3 */
-    tmp13 = MULTIPLY(z1, FIX(0.642039522)) - z2 + z4; /* c7 */
-
-    /* Final output stage */
-
-    outptr[0] = range_limit[(int)RIGHT_SHIFT(tmp20 + tmp10,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[9] = range_limit[(int)RIGHT_SHIFT(tmp20 - tmp10,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[1] = range_limit[(int)RIGHT_SHIFT(tmp21 + tmp11,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[8] = range_limit[(int)RIGHT_SHIFT(tmp21 - tmp11,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[2] = range_limit[(int)RIGHT_SHIFT(tmp22 + tmp12,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[7] = range_limit[(int)RIGHT_SHIFT(tmp22 - tmp12,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[3] = range_limit[(int)RIGHT_SHIFT(tmp23 + tmp13,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[6] = range_limit[(int)RIGHT_SHIFT(tmp23 - tmp13,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[4] = range_limit[(int)RIGHT_SHIFT(tmp24 + tmp14,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-    outptr[5] = range_limit[(int)RIGHT_SHIFT(tmp24 - tmp14,
-                                             CONST_BITS + PASS1_BITS + 3) &
-                            RANGE_MASK];
-
-    wsptr += 8;         /* advance pointer to next row */
-  }
-}
-
-
-/*
- * Perform dequantization and inverse DCT on one block of coefficients,
- * producing an 11x11 output block.
- *
- * Optimized algorithm with 24 multiplications in the 1-D kernel.
- * cK represents sqrt(2) * cos(K*pi/22).
- */
-
-GLOBAL(void)
-jpeg_idct_11x11(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                JDIMENSION output_col)
-{
-  JLONG tmp10, tmp11, tmp12, tmp13, tmp14;
-  JLONG tmp20, tmp21, tmp22, tmp23, tmp24, tmp25;
-  JLONG z1, z2, z3, z4;
-  JCOEFPTR inptr;
-  ISLOW_MULT_TYPE *quantptr;
-  int *wsptr;
-  JSAMPROW outptr;
-  JSAMPLE *range_limit = IDCT_range_limit(cinfo);
-  int ctr;
-  int workspace[8 * 11];        /* buffers data between passes */
-  SHIFT_TEMPS
-
-  /* Pass 1: process columns from input, store into work array. */
-
-  inptr = coef_block;
-  quantptr = (ISLOW_MULT_TYPE *)compptr->dct_table;
-  wsptr = workspace;
-  for (ctr = 0; ctr < 8; ctr++, inptr++, quantptr++, wsptr++) {
-    /* Even part */
-
-    tmp10 = DEQUANTIZE(inptr[DCTSIZE * 0], quantptr[DCTSIZE * 0]);
-    tmp10 = LEFT_SHIFT(tmp10, CONST_BITS);
-    /* Add fudge factor here for final descale. */
-    tmp10 += ONE << (CONST_BITS - PASS1_BITS - 1);
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 2], quantptr[DCTSIZE * 2]);
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 4], quantptr[DCTSIZE * 4]);
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 6], quantptr[DCTSIZE * 6]);
-
-    tmp20 = MULTIPLY(z2 - z3, FIX(2.546640132));     /* c2+c4 */
-    tmp23 = MULTIPLY(z2 - z1, FIX(0.430815045));     /* c2-c6 */
-    z4 = z1 + z3;
-    tmp24 = MULTIPLY(z4, -FIX(1.155664402));         /* -(c2-c10) */
-    z4 -= z2;
-    tmp25 = tmp10 + MULTIPLY(z4, FIX(1.356927976));  /* c2 */
-    tmp21 = tmp20 + tmp23 + tmp25 -
-            MULTIPLY(z2, FIX(1.821790775));          /* c2+c4+c10-c6 */
-    tmp20 += tmp25 + MULTIPLY(z3, FIX(2.115825087)); /* c4+c6 */
-    tmp23 += tmp25 - MULTIPLY(z1, FIX(1.513598477)); /* c6+c8 */
-    tmp24 += tmp25;
-    tmp22 = tmp24 - MULTIPLY(z3, FIX(0.788749120));  /* c8+c10 */
-    tmp24 += MULTIPLY(z2, FIX(1.944413522)) -        /* c2+c8 */
-             MULTIPLY(z1, FIX(1.390975730));         /* c4+c10 */
-    tmp25 = tmp10 - MULTIPLY(z4, FIX(1.414213562));  /* c0 */
-
-    /* Odd part */
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 1], quantptr[DCTSIZE * 1]);
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 3], quantptr[DCTSIZE * 3]);
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 5], quantptr[DCTSIZE * 5]);
-    z4 = DEQUANTIZE(inptr[DCTSIZE * 7], quantptr[DCTSIZE * 7]);
-
-    tmp11 = z1 + z2;
-    tmp14 = MULTIPLY(tmp11 + z3 + z4, FIX(0.398430003)); /* c9 */
-    tmp11 = MULTIPLY(tmp11, FIX(0.887983902));           /* c3-c9 */
-    tmp12 = MULTIPLY(z1 + z3, FIX(0.670361295));         /* c5-c9 */
-    tmp13 = tmp14 + MULTIPLY(z1 + z4, FIX(0.366151574)); /* c7-c9 */
-    tmp10 = tmp11 + tmp12 + tmp13 -
-            MULTIPLY(z1, FIX(0.923107866));              /* c7+c5+c3-c1-2*c9 */
-    z1    = tmp14 - MULTIPLY(z2 + z3, FIX(1.163011579)); /* c7+c9 */
-    tmp11 += z1 + MULTIPLY(z2, FIX(2.073276588));        /* c1+c7+3*c9-c3 */
-    tmp12 += z1 - MULTIPLY(z3, FIX(1.192193623));        /* c3+c5-c7-c9 */
-    z1    = MULTIPLY(z2 + z4, -FIX(1.798248910));        /* -(c1+c9) */
-    tmp11 += z1;
-    tmp13 += z1 + MULTIPLY(z4, FIX(2.102458632));        /* c1+c5+c9-c7 */
-    tmp14 += MULTIPLY(z2, -FIX(1.467221301)) +           /* -(c5+c9) */
-             MULTIPLY(z3, FIX(1.001388905)) -            /* c1-c9 */
-             MULTIPLY(z4, FIX(1.684843907));             /* c3+c9 */
-
-    /* Final output stage */
-
-    wsptr[8 * 0]  = (int)RIGHT_SHIFT(tmp20 + tmp10, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 10] = (int)RIGHT_SHIFT(tmp20 - tmp10, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 1]  = (int)RIGHT_SHIFT(tmp21 + tmp11, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 9]  = (int)RIGHT_SHIFT(tmp21 - tmp11, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 2]  = (int)RIGHT_SHIFT(tmp22 + tmp12, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 8]  = (int)RIGHT_SHIFT(tmp22 - tmp12, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 3]  = (int)RIGHT_SHIFT(tmp23 + tmp13, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 7]  = (int)RIGHT_SHIFT(tmp23 - tmp13, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 4]  = (int)RIGHT_SHIFT(tmp24 + tmp14, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 6]  = (int)RIGHT_SHIFT(tmp24 - tmp14, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 5]  = (int)RIGHT_SHIFT(tmp25, CONST_BITS - PASS1_BITS);
-  }
-
-  /* Pass 2: process 11 rows from work array, store into output array. */
-
-  wsptr = workspace;
-  for (ctr = 0; ctr < 11; ctr++) {
-    outptr = output_buf[ctr] + output_col;
-
-    /* Even part */
-
-    /* Add fudge factor here for final descale. */
-    tmp10 = (JLONG)wsptr[0] + (ONE << (PASS1_BITS + 2));
-    tmp10 = LEFT_SHIFT(tmp10, CONST_BITS);
-
-    z1 = (JLONG)wsptr[2];
-    z2 = (JLONG)wsptr[4];
-    z3 = (JLONG)wsptr[6];
-
-    tmp20 = MULTIPLY(z2 - z3, FIX(2.546640132));     /* c2+c4 */
-    tmp23 = MULTIPLY(z2 - z1, FIX(0.430815045));     /* c2-c6 */
-    z4 = z1 + z3;
-    tmp24 = MULTIPLY(z4, -FIX(1.155664402));         /* -(c2-c10) */
-    z4 -= z2;
-    tmp25 = tmp10 + MULTIPLY(z4, FIX(1.356927976));  /* c2 */
-    tmp21 = tmp20 + tmp23 + tmp25 -
-            MULTIPLY(z2, FIX(1.821790775));          /* c2+c4+c10-c6 */
-    tmp20 += tmp25 + MULTIPLY(z3, FIX(2.115825087)); /* c4+c6 */
-    tmp23 += tmp25 - MULTIPLY(z1, FIX(1.513598477)); /* c6+c8 */
-    tmp24 += tmp25;
-    tmp22 = tmp24 - MULTIPLY(z3, FIX(0.788749120));  /* c8+c10 */
-    tmp24 += MULTIPLY(z2, FIX(1.944413522)) -        /* c2+c8 */
-             MULTIPLY(z1, FIX(1.390975730));         /* c4+c10 */
-    tmp25 = tmp10 - MULTIPLY(z4, FIX(1.414213562));  /* c0 */
-
-    /* Odd part */
-
-    z1 = (JLONG)wsptr[1];
-    z2 = (JLONG)wsptr[3];
-    z3 = (JLONG)wsptr[5];
-    z4 = (JLONG)wsptr[7];
-
-    tmp11 = z1 + z2;
-    tmp14 = MULTIPLY(tmp11 + z3 + z4, FIX(0.398430003)); /* c9 */
-    tmp11 = MULTIPLY(tmp11, FIX(0.887983902));           /* c3-c9 */
-    tmp12 = MULTIPLY(z1 + z3, FIX(0.670361295));         /* c5-c9 */
-    tmp13 = tmp14 + MULTIPLY(z1 + z4, FIX(0.366151574)); /* c7-c9 */
-    tmp10 = tmp11 + tmp12 + tmp13 -
-            MULTIPLY(z1, FIX(0.923107866));              /* c7+c5+c3-c1-2*c9 */
-    z1    = tmp14 - MULTIPLY(z2 + z3, FIX(1.163011579)); /* c7+c9 */
-    tmp11 += z1 + MULTIPLY(z2, FIX(2.073276588));        /* c1+c7+3*c9-c3 */
-    tmp12 += z1 - MULTIPLY(z3, FIX(1.192193623));        /* c3+c5-c7-c9 */
-    z1    = MULTIPLY(z2 + z4, -FIX(1.798248910));        /* -(c1+c9) */
-    tmp11 += z1;
-    tmp13 += z1 + MULTIPLY(z4, FIX(2.102458632));        /* c1+c5+c9-c7 */
-    tmp14 += MULTIPLY(z2, -FIX(1.467221301)) +           /* -(c5+c9) */
-             MULTIPLY(z3, FIX(1.001388905)) -            /* c1-c9 */
-             MULTIPLY(z4, FIX(1.684843907));             /* c3+c9 */
-
-    /* Final output stage */
-
-    outptr[0]  = range_limit[(int)RIGHT_SHIFT(tmp20 + tmp10,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[10] = range_limit[(int)RIGHT_SHIFT(tmp20 - tmp10,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[1]  = range_limit[(int)RIGHT_SHIFT(tmp21 + tmp11,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[9]  = range_limit[(int)RIGHT_SHIFT(tmp21 - tmp11,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[2]  = range_limit[(int)RIGHT_SHIFT(tmp22 + tmp12,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[8]  = range_limit[(int)RIGHT_SHIFT(tmp22 - tmp12,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[3]  = range_limit[(int)RIGHT_SHIFT(tmp23 + tmp13,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[7]  = range_limit[(int)RIGHT_SHIFT(tmp23 - tmp13,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[4]  = range_limit[(int)RIGHT_SHIFT(tmp24 + tmp14,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[6]  = range_limit[(int)RIGHT_SHIFT(tmp24 - tmp14,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[5]  = range_limit[(int)RIGHT_SHIFT(tmp25,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-
-    wsptr += 8;         /* advance pointer to next row */
-  }
-}
-
-
-/*
- * Perform dequantization and inverse DCT on one block of coefficients,
- * producing a 12x12 output block.
- *
- * Optimized algorithm with 15 multiplications in the 1-D kernel.
- * cK represents sqrt(2) * cos(K*pi/24).
- */
-
-GLOBAL(void)
-jpeg_idct_12x12(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                JDIMENSION output_col)
-{
-  JLONG tmp10, tmp11, tmp12, tmp13, tmp14, tmp15;
-  JLONG tmp20, tmp21, tmp22, tmp23, tmp24, tmp25;
-  JLONG z1, z2, z3, z4;
-  JCOEFPTR inptr;
-  ISLOW_MULT_TYPE *quantptr;
-  int *wsptr;
-  JSAMPROW outptr;
-  JSAMPLE *range_limit = IDCT_range_limit(cinfo);
-  int ctr;
-  int workspace[8 * 12];        /* buffers data between passes */
-  SHIFT_TEMPS
-
-  /* Pass 1: process columns from input, store into work array. */
-
-  inptr = coef_block;
-  quantptr = (ISLOW_MULT_TYPE *)compptr->dct_table;
-  wsptr = workspace;
-  for (ctr = 0; ctr < 8; ctr++, inptr++, quantptr++, wsptr++) {
-    /* Even part */
-
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 0], quantptr[DCTSIZE * 0]);
-    z3 = LEFT_SHIFT(z3, CONST_BITS);
-    /* Add fudge factor here for final descale. */
-    z3 += ONE << (CONST_BITS - PASS1_BITS - 1);
-
-    z4 = DEQUANTIZE(inptr[DCTSIZE * 4], quantptr[DCTSIZE * 4]);
-    z4 = MULTIPLY(z4, FIX(1.224744871)); /* c4 */
-
-    tmp10 = z3 + z4;
-    tmp11 = z3 - z4;
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 2], quantptr[DCTSIZE * 2]);
-    z4 = MULTIPLY(z1, FIX(1.366025404)); /* c2 */
-    z1 = LEFT_SHIFT(z1, CONST_BITS);
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 6], quantptr[DCTSIZE * 6]);
-    z2 = LEFT_SHIFT(z2, CONST_BITS);
-
-    tmp12 = z1 - z2;
-
-    tmp21 = z3 + tmp12;
-    tmp24 = z3 - tmp12;
-
-    tmp12 = z4 + z2;
-
-    tmp20 = tmp10 + tmp12;
-    tmp25 = tmp10 - tmp12;
-
-    tmp12 = z4 - z1 - z2;
-
-    tmp22 = tmp11 + tmp12;
-    tmp23 = tmp11 - tmp12;
-
-    /* Odd part */
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 1], quantptr[DCTSIZE * 1]);
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 3], quantptr[DCTSIZE * 3]);
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 5], quantptr[DCTSIZE * 5]);
-    z4 = DEQUANTIZE(inptr[DCTSIZE * 7], quantptr[DCTSIZE * 7]);
-
-    tmp11 = MULTIPLY(z2, FIX(1.306562965));                  /* c3 */
-    tmp14 = MULTIPLY(z2, -FIX_0_541196100);                  /* -c9 */
-
-    tmp10 = z1 + z3;
-    tmp15 = MULTIPLY(tmp10 + z4, FIX(0.860918669));          /* c7 */
-    tmp12 = tmp15 + MULTIPLY(tmp10, FIX(0.261052384));       /* c5-c7 */
-    tmp10 = tmp12 + tmp11 + MULTIPLY(z1, FIX(0.280143716));  /* c1-c5 */
-    tmp13 = MULTIPLY(z3 + z4, -FIX(1.045510580));            /* -(c7+c11) */
-    tmp12 += tmp13 + tmp14 - MULTIPLY(z3, FIX(1.478575242)); /* c1+c5-c7-c11 */
-    tmp13 += tmp15 - tmp11 + MULTIPLY(z4, FIX(1.586706681)); /* c1+c11 */
-    tmp15 += tmp14 - MULTIPLY(z1, FIX(0.676326758)) -        /* c7-c11 */
-             MULTIPLY(z4, FIX(1.982889723));                 /* c5+c7 */
-
-    z1 -= z4;
-    z2 -= z3;
-    z3 = MULTIPLY(z1 + z2, FIX_0_541196100);                 /* c9 */
-    tmp11 = z3 + MULTIPLY(z1, FIX_0_765366865);              /* c3-c9 */
-    tmp14 = z3 - MULTIPLY(z2, FIX_1_847759065);              /* c3+c9 */
-
-    /* Final output stage */
-
-    wsptr[8 * 0]  = (int)RIGHT_SHIFT(tmp20 + tmp10, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 11] = (int)RIGHT_SHIFT(tmp20 - tmp10, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 1]  = (int)RIGHT_SHIFT(tmp21 + tmp11, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 10] = (int)RIGHT_SHIFT(tmp21 - tmp11, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 2]  = (int)RIGHT_SHIFT(tmp22 + tmp12, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 9]  = (int)RIGHT_SHIFT(tmp22 - tmp12, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 3]  = (int)RIGHT_SHIFT(tmp23 + tmp13, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 8]  = (int)RIGHT_SHIFT(tmp23 - tmp13, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 4]  = (int)RIGHT_SHIFT(tmp24 + tmp14, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 7]  = (int)RIGHT_SHIFT(tmp24 - tmp14, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 5]  = (int)RIGHT_SHIFT(tmp25 + tmp15, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 6]  = (int)RIGHT_SHIFT(tmp25 - tmp15, CONST_BITS - PASS1_BITS);
-  }
-
-  /* Pass 2: process 12 rows from work array, store into output array. */
-
-  wsptr = workspace;
-  for (ctr = 0; ctr < 12; ctr++) {
-    outptr = output_buf[ctr] + output_col;
-
-    /* Even part */
-
-    /* Add fudge factor here for final descale. */
-    z3 = (JLONG)wsptr[0] + (ONE << (PASS1_BITS + 2));
-    z3 = LEFT_SHIFT(z3, CONST_BITS);
-
-    z4 = (JLONG)wsptr[4];
-    z4 = MULTIPLY(z4, FIX(1.224744871)); /* c4 */
-
-    tmp10 = z3 + z4;
-    tmp11 = z3 - z4;
-
-    z1 = (JLONG)wsptr[2];
-    z4 = MULTIPLY(z1, FIX(1.366025404)); /* c2 */
-    z1 = LEFT_SHIFT(z1, CONST_BITS);
-    z2 = (JLONG)wsptr[6];
-    z2 = LEFT_SHIFT(z2, CONST_BITS);
-
-    tmp12 = z1 - z2;
-
-    tmp21 = z3 + tmp12;
-    tmp24 = z3 - tmp12;
-
-    tmp12 = z4 + z2;
-
-    tmp20 = tmp10 + tmp12;
-    tmp25 = tmp10 - tmp12;
-
-    tmp12 = z4 - z1 - z2;
-
-    tmp22 = tmp11 + tmp12;
-    tmp23 = tmp11 - tmp12;
-
-    /* Odd part */
-
-    z1 = (JLONG)wsptr[1];
-    z2 = (JLONG)wsptr[3];
-    z3 = (JLONG)wsptr[5];
-    z4 = (JLONG)wsptr[7];
-
-    tmp11 = MULTIPLY(z2, FIX(1.306562965));                  /* c3 */
-    tmp14 = MULTIPLY(z2, -FIX_0_541196100);                  /* -c9 */
-
-    tmp10 = z1 + z3;
-    tmp15 = MULTIPLY(tmp10 + z4, FIX(0.860918669));          /* c7 */
-    tmp12 = tmp15 + MULTIPLY(tmp10, FIX(0.261052384));       /* c5-c7 */
-    tmp10 = tmp12 + tmp11 + MULTIPLY(z1, FIX(0.280143716));  /* c1-c5 */
-    tmp13 = MULTIPLY(z3 + z4, -FIX(1.045510580));            /* -(c7+c11) */
-    tmp12 += tmp13 + tmp14 - MULTIPLY(z3, FIX(1.478575242)); /* c1+c5-c7-c11 */
-    tmp13 += tmp15 - tmp11 + MULTIPLY(z4, FIX(1.586706681)); /* c1+c11 */
-    tmp15 += tmp14 - MULTIPLY(z1, FIX(0.676326758)) -        /* c7-c11 */
-             MULTIPLY(z4, FIX(1.982889723));                 /* c5+c7 */
-
-    z1 -= z4;
-    z2 -= z3;
-    z3 = MULTIPLY(z1 + z2, FIX_0_541196100);                 /* c9 */
-    tmp11 = z3 + MULTIPLY(z1, FIX_0_765366865);              /* c3-c9 */
-    tmp14 = z3 - MULTIPLY(z2, FIX_1_847759065);              /* c3+c9 */
-
-    /* Final output stage */
-
-    outptr[0]  = range_limit[(int)RIGHT_SHIFT(tmp20 + tmp10,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[11] = range_limit[(int)RIGHT_SHIFT(tmp20 - tmp10,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[1]  = range_limit[(int)RIGHT_SHIFT(tmp21 + tmp11,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[10] = range_limit[(int)RIGHT_SHIFT(tmp21 - tmp11,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[2]  = range_limit[(int)RIGHT_SHIFT(tmp22 + tmp12,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[9]  = range_limit[(int)RIGHT_SHIFT(tmp22 - tmp12,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[3]  = range_limit[(int)RIGHT_SHIFT(tmp23 + tmp13,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[8]  = range_limit[(int)RIGHT_SHIFT(tmp23 - tmp13,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[4]  = range_limit[(int)RIGHT_SHIFT(tmp24 + tmp14,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[7]  = range_limit[(int)RIGHT_SHIFT(tmp24 - tmp14,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[5]  = range_limit[(int)RIGHT_SHIFT(tmp25 + tmp15,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[6]  = range_limit[(int)RIGHT_SHIFT(tmp25 - tmp15,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-
-    wsptr += 8;         /* advance pointer to next row */
-  }
-}
-
-
-/*
- * Perform dequantization and inverse DCT on one block of coefficients,
- * producing a 13x13 output block.
- *
- * Optimized algorithm with 29 multiplications in the 1-D kernel.
- * cK represents sqrt(2) * cos(K*pi/26).
- */
-
-GLOBAL(void)
-jpeg_idct_13x13(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                JDIMENSION output_col)
-{
-  JLONG tmp10, tmp11, tmp12, tmp13, tmp14, tmp15;
-  JLONG tmp20, tmp21, tmp22, tmp23, tmp24, tmp25, tmp26;
-  JLONG z1, z2, z3, z4;
-  JCOEFPTR inptr;
-  ISLOW_MULT_TYPE *quantptr;
-  int *wsptr;
-  JSAMPROW outptr;
-  JSAMPLE *range_limit = IDCT_range_limit(cinfo);
-  int ctr;
-  int workspace[8 * 13];        /* buffers data between passes */
-  SHIFT_TEMPS
-
-  /* Pass 1: process columns from input, store into work array. */
-
-  inptr = coef_block;
-  quantptr = (ISLOW_MULT_TYPE *)compptr->dct_table;
-  wsptr = workspace;
-  for (ctr = 0; ctr < 8; ctr++, inptr++, quantptr++, wsptr++) {
-    /* Even part */
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 0], quantptr[DCTSIZE * 0]);
-    z1 = LEFT_SHIFT(z1, CONST_BITS);
-    /* Add fudge factor here for final descale. */
-    z1 += ONE << (CONST_BITS - PASS1_BITS - 1);
-
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 2], quantptr[DCTSIZE * 2]);
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 4], quantptr[DCTSIZE * 4]);
-    z4 = DEQUANTIZE(inptr[DCTSIZE * 6], quantptr[DCTSIZE * 6]);
-
-    tmp10 = z3 + z4;
-    tmp11 = z3 - z4;
-
-    tmp12 = MULTIPLY(tmp10, FIX(1.155388986));                /* (c4+c6)/2 */
-    tmp13 = MULTIPLY(tmp11, FIX(0.096834934)) + z1;           /* (c4-c6)/2 */
-
-    tmp20 = MULTIPLY(z2, FIX(1.373119086)) + tmp12 + tmp13;   /* c2 */
-    tmp22 = MULTIPLY(z2, FIX(0.501487041)) - tmp12 + tmp13;   /* c10 */
-
-    tmp12 = MULTIPLY(tmp10, FIX(0.316450131));                /* (c8-c12)/2 */
-    tmp13 = MULTIPLY(tmp11, FIX(0.486914739)) + z1;           /* (c8+c12)/2 */
-
-    tmp21 = MULTIPLY(z2, FIX(1.058554052)) - tmp12 + tmp13;   /* c6 */
-    tmp25 = MULTIPLY(z2, -FIX(1.252223920)) + tmp12 + tmp13;  /* c4 */
-
-    tmp12 = MULTIPLY(tmp10, FIX(0.435816023));                /* (c2-c10)/2 */
-    tmp13 = MULTIPLY(tmp11, FIX(0.937303064)) - z1;           /* (c2+c10)/2 */
-
-    tmp23 = MULTIPLY(z2, -FIX(0.170464608)) - tmp12 - tmp13;  /* c12 */
-    tmp24 = MULTIPLY(z2, -FIX(0.803364869)) + tmp12 - tmp13;  /* c8 */
-
-    tmp26 = MULTIPLY(tmp11 - z2, FIX(1.414213562)) + z1;      /* c0 */
-
-    /* Odd part */
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 1], quantptr[DCTSIZE * 1]);
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 3], quantptr[DCTSIZE * 3]);
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 5], quantptr[DCTSIZE * 5]);
-    z4 = DEQUANTIZE(inptr[DCTSIZE * 7], quantptr[DCTSIZE * 7]);
-
-    tmp11 = MULTIPLY(z1 + z2, FIX(1.322312651));     /* c3 */
-    tmp12 = MULTIPLY(z1 + z3, FIX(1.163874945));     /* c5 */
-    tmp15 = z1 + z4;
-    tmp13 = MULTIPLY(tmp15, FIX(0.937797057));       /* c7 */
-    tmp10 = tmp11 + tmp12 + tmp13 -
-            MULTIPLY(z1, FIX(2.020082300));          /* c7+c5+c3-c1 */
-    tmp14 = MULTIPLY(z2 + z3, -FIX(0.338443458));    /* -c11 */
-    tmp11 += tmp14 + MULTIPLY(z2, FIX(0.837223564)); /* c5+c9+c11-c3 */
-    tmp12 += tmp14 - MULTIPLY(z3, FIX(1.572116027)); /* c1+c5-c9-c11 */
-    tmp14 = MULTIPLY(z2 + z4, -FIX(1.163874945));    /* -c5 */
-    tmp11 += tmp14;
-    tmp13 += tmp14 + MULTIPLY(z4, FIX(2.205608352)); /* c3+c5+c9-c7 */
-    tmp14 = MULTIPLY(z3 + z4, -FIX(0.657217813));    /* -c9 */
-    tmp12 += tmp14;
-    tmp13 += tmp14;
-    tmp15 = MULTIPLY(tmp15, FIX(0.338443458));       /* c11 */
-    tmp14 = tmp15 + MULTIPLY(z1, FIX(0.318774355)) - /* c9-c11 */
-            MULTIPLY(z2, FIX(0.466105296));          /* c1-c7 */
-    z1    = MULTIPLY(z3 - z2, FIX(0.937797057));     /* c7 */
-    tmp14 += z1;
-    tmp15 += z1 + MULTIPLY(z3, FIX(0.384515595)) -   /* c3-c7 */
-             MULTIPLY(z4, FIX(1.742345811));         /* c1+c11 */
-
-    /* Final output stage */
-
-    wsptr[8 * 0]  = (int)RIGHT_SHIFT(tmp20 + tmp10, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 12] = (int)RIGHT_SHIFT(tmp20 - tmp10, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 1]  = (int)RIGHT_SHIFT(tmp21 + tmp11, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 11] = (int)RIGHT_SHIFT(tmp21 - tmp11, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 2]  = (int)RIGHT_SHIFT(tmp22 + tmp12, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 10] = (int)RIGHT_SHIFT(tmp22 - tmp12, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 3]  = (int)RIGHT_SHIFT(tmp23 + tmp13, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 9]  = (int)RIGHT_SHIFT(tmp23 - tmp13, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 4]  = (int)RIGHT_SHIFT(tmp24 + tmp14, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 8]  = (int)RIGHT_SHIFT(tmp24 - tmp14, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 5]  = (int)RIGHT_SHIFT(tmp25 + tmp15, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 7]  = (int)RIGHT_SHIFT(tmp25 - tmp15, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 6]  = (int)RIGHT_SHIFT(tmp26, CONST_BITS - PASS1_BITS);
-  }
-
-  /* Pass 2: process 13 rows from work array, store into output array. */
-
-  wsptr = workspace;
-  for (ctr = 0; ctr < 13; ctr++) {
-    outptr = output_buf[ctr] + output_col;
-
-    /* Even part */
-
-    /* Add fudge factor here for final descale. */
-    z1 = (JLONG)wsptr[0] + (ONE << (PASS1_BITS + 2));
-    z1 = LEFT_SHIFT(z1, CONST_BITS);
-
-    z2 = (JLONG)wsptr[2];
-    z3 = (JLONG)wsptr[4];
-    z4 = (JLONG)wsptr[6];
-
-    tmp10 = z3 + z4;
-    tmp11 = z3 - z4;
-
-    tmp12 = MULTIPLY(tmp10, FIX(1.155388986));                /* (c4+c6)/2 */
-    tmp13 = MULTIPLY(tmp11, FIX(0.096834934)) + z1;           /* (c4-c6)/2 */
-
-    tmp20 = MULTIPLY(z2, FIX(1.373119086)) + tmp12 + tmp13;   /* c2 */
-    tmp22 = MULTIPLY(z2, FIX(0.501487041)) - tmp12 + tmp13;   /* c10 */
-
-    tmp12 = MULTIPLY(tmp10, FIX(0.316450131));                /* (c8-c12)/2 */
-    tmp13 = MULTIPLY(tmp11, FIX(0.486914739)) + z1;           /* (c8+c12)/2 */
-
-    tmp21 = MULTIPLY(z2, FIX(1.058554052)) - tmp12 + tmp13;   /* c6 */
-    tmp25 = MULTIPLY(z2, -FIX(1.252223920)) + tmp12 + tmp13;  /* c4 */
-
-    tmp12 = MULTIPLY(tmp10, FIX(0.435816023));                /* (c2-c10)/2 */
-    tmp13 = MULTIPLY(tmp11, FIX(0.937303064)) - z1;           /* (c2+c10)/2 */
-
-    tmp23 = MULTIPLY(z2, -FIX(0.170464608)) - tmp12 - tmp13;  /* c12 */
-    tmp24 = MULTIPLY(z2, -FIX(0.803364869)) + tmp12 - tmp13;  /* c8 */
-
-    tmp26 = MULTIPLY(tmp11 - z2, FIX(1.414213562)) + z1;      /* c0 */
-
-    /* Odd part */
-
-    z1 = (JLONG)wsptr[1];
-    z2 = (JLONG)wsptr[3];
-    z3 = (JLONG)wsptr[5];
-    z4 = (JLONG)wsptr[7];
-
-    tmp11 = MULTIPLY(z1 + z2, FIX(1.322312651));     /* c3 */
-    tmp12 = MULTIPLY(z1 + z3, FIX(1.163874945));     /* c5 */
-    tmp15 = z1 + z4;
-    tmp13 = MULTIPLY(tmp15, FIX(0.937797057));       /* c7 */
-    tmp10 = tmp11 + tmp12 + tmp13 -
-            MULTIPLY(z1, FIX(2.020082300));          /* c7+c5+c3-c1 */
-    tmp14 = MULTIPLY(z2 + z3, -FIX(0.338443458));    /* -c11 */
-    tmp11 += tmp14 + MULTIPLY(z2, FIX(0.837223564)); /* c5+c9+c11-c3 */
-    tmp12 += tmp14 - MULTIPLY(z3, FIX(1.572116027)); /* c1+c5-c9-c11 */
-    tmp14 = MULTIPLY(z2 + z4, -FIX(1.163874945));    /* -c5 */
-    tmp11 += tmp14;
-    tmp13 += tmp14 + MULTIPLY(z4, FIX(2.205608352)); /* c3+c5+c9-c7 */
-    tmp14 = MULTIPLY(z3 + z4, -FIX(0.657217813));    /* -c9 */
-    tmp12 += tmp14;
-    tmp13 += tmp14;
-    tmp15 = MULTIPLY(tmp15, FIX(0.338443458));       /* c11 */
-    tmp14 = tmp15 + MULTIPLY(z1, FIX(0.318774355)) - /* c9-c11 */
-            MULTIPLY(z2, FIX(0.466105296));          /* c1-c7 */
-    z1    = MULTIPLY(z3 - z2, FIX(0.937797057));     /* c7 */
-    tmp14 += z1;
-    tmp15 += z1 + MULTIPLY(z3, FIX(0.384515595)) -   /* c3-c7 */
-             MULTIPLY(z4, FIX(1.742345811));         /* c1+c11 */
-
-    /* Final output stage */
-
-    outptr[0]  = range_limit[(int)RIGHT_SHIFT(tmp20 + tmp10,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[12] = range_limit[(int)RIGHT_SHIFT(tmp20 - tmp10,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[1]  = range_limit[(int)RIGHT_SHIFT(tmp21 + tmp11,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[11] = range_limit[(int)RIGHT_SHIFT(tmp21 - tmp11,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[2]  = range_limit[(int)RIGHT_SHIFT(tmp22 + tmp12,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[10] = range_limit[(int)RIGHT_SHIFT(tmp22 - tmp12,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[3]  = range_limit[(int)RIGHT_SHIFT(tmp23 + tmp13,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[9]  = range_limit[(int)RIGHT_SHIFT(tmp23 - tmp13,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[4]  = range_limit[(int)RIGHT_SHIFT(tmp24 + tmp14,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[8]  = range_limit[(int)RIGHT_SHIFT(tmp24 - tmp14,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[5]  = range_limit[(int)RIGHT_SHIFT(tmp25 + tmp15,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[7]  = range_limit[(int)RIGHT_SHIFT(tmp25 - tmp15,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[6]  = range_limit[(int)RIGHT_SHIFT(tmp26,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-
-    wsptr += 8;         /* advance pointer to next row */
-  }
-}
-
-
-/*
- * Perform dequantization and inverse DCT on one block of coefficients,
- * producing a 14x14 output block.
- *
- * Optimized algorithm with 20 multiplications in the 1-D kernel.
- * cK represents sqrt(2) * cos(K*pi/28).
- */
-
-GLOBAL(void)
-jpeg_idct_14x14(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                JDIMENSION output_col)
-{
-  JLONG tmp10, tmp11, tmp12, tmp13, tmp14, tmp15, tmp16;
-  JLONG tmp20, tmp21, tmp22, tmp23, tmp24, tmp25, tmp26;
-  JLONG z1, z2, z3, z4;
-  JCOEFPTR inptr;
-  ISLOW_MULT_TYPE *quantptr;
-  int *wsptr;
-  JSAMPROW outptr;
-  JSAMPLE *range_limit = IDCT_range_limit(cinfo);
-  int ctr;
-  int workspace[8 * 14];        /* buffers data between passes */
-  SHIFT_TEMPS
-
-  /* Pass 1: process columns from input, store into work array. */
-
-  inptr = coef_block;
-  quantptr = (ISLOW_MULT_TYPE *)compptr->dct_table;
-  wsptr = workspace;
-  for (ctr = 0; ctr < 8; ctr++, inptr++, quantptr++, wsptr++) {
-    /* Even part */
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 0], quantptr[DCTSIZE * 0]);
-    z1 = LEFT_SHIFT(z1, CONST_BITS);
-    /* Add fudge factor here for final descale. */
-    z1 += ONE << (CONST_BITS - PASS1_BITS - 1);
-    z4 = DEQUANTIZE(inptr[DCTSIZE * 4], quantptr[DCTSIZE * 4]);
-    z2 = MULTIPLY(z4, FIX(1.274162392));         /* c4 */
-    z3 = MULTIPLY(z4, FIX(0.314692123));         /* c12 */
-    z4 = MULTIPLY(z4, FIX(0.881747734));         /* c8 */
-
-    tmp10 = z1 + z2;
-    tmp11 = z1 + z3;
-    tmp12 = z1 - z4;
-
-    tmp23 = RIGHT_SHIFT(z1 - LEFT_SHIFT(z2 + z3 - z4, 1),
-                        CONST_BITS - PASS1_BITS); /* c0 = (c4+c12-c8)*2 */
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 2], quantptr[DCTSIZE * 2]);
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 6], quantptr[DCTSIZE * 6]);
-
-    z3 = MULTIPLY(z1 + z2, FIX(1.105676686));    /* c6 */
-
-    tmp13 = z3 + MULTIPLY(z1, FIX(0.273079590)); /* c2-c6 */
-    tmp14 = z3 - MULTIPLY(z2, FIX(1.719280954)); /* c6+c10 */
-    tmp15 = MULTIPLY(z1, FIX(0.613604268)) -     /* c10 */
-            MULTIPLY(z2, FIX(1.378756276));      /* c2 */
-
-    tmp20 = tmp10 + tmp13;
-    tmp26 = tmp10 - tmp13;
-    tmp21 = tmp11 + tmp14;
-    tmp25 = tmp11 - tmp14;
-    tmp22 = tmp12 + tmp15;
-    tmp24 = tmp12 - tmp15;
-
-    /* Odd part */
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 1], quantptr[DCTSIZE * 1]);
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 3], quantptr[DCTSIZE * 3]);
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 5], quantptr[DCTSIZE * 5]);
-    z4 = DEQUANTIZE(inptr[DCTSIZE * 7], quantptr[DCTSIZE * 7]);
-    tmp13 = LEFT_SHIFT(z4, CONST_BITS);
-
-    tmp14 = z1 + z3;
-    tmp11 = MULTIPLY(z1 + z2, FIX(1.334852607));           /* c3 */
-    tmp12 = MULTIPLY(tmp14, FIX(1.197448846));             /* c5 */
-    tmp10 = tmp11 + tmp12 + tmp13 - MULTIPLY(z1, FIX(1.126980169)); /* c3+c5-c1 */
-    tmp14 = MULTIPLY(tmp14, FIX(0.752406978));             /* c9 */
-    tmp16 = tmp14 - MULTIPLY(z1, FIX(1.061150426));        /* c9+c11-c13 */
-    z1    -= z2;
-    tmp15 = MULTIPLY(z1, FIX(0.467085129)) - tmp13;        /* c11 */
-    tmp16 += tmp15;
-    z1    += z4;
-    z4    = MULTIPLY(z2 + z3, -FIX(0.158341681)) - tmp13;  /* -c13 */
-    tmp11 += z4 - MULTIPLY(z2, FIX(0.424103948));          /* c3-c9-c13 */
-    tmp12 += z4 - MULTIPLY(z3, FIX(2.373959773));          /* c3+c5-c13 */
-    z4    = MULTIPLY(z3 - z2, FIX(1.405321284));           /* c1 */
-    tmp14 += z4 + tmp13 - MULTIPLY(z3, FIX(1.6906431334)); /* c1+c9-c11 */
-    tmp15 += z4 + MULTIPLY(z2, FIX(0.674957567));          /* c1+c11-c5 */
-
-    tmp13 = LEFT_SHIFT(z1 - z3, PASS1_BITS);
-
-    /* Final output stage */
-
-    wsptr[8 * 0]  = (int)RIGHT_SHIFT(tmp20 + tmp10, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 13] = (int)RIGHT_SHIFT(tmp20 - tmp10, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 1]  = (int)RIGHT_SHIFT(tmp21 + tmp11, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 12] = (int)RIGHT_SHIFT(tmp21 - tmp11, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 2]  = (int)RIGHT_SHIFT(tmp22 + tmp12, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 11] = (int)RIGHT_SHIFT(tmp22 - tmp12, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 3]  = (int)(tmp23 + tmp13);
-    wsptr[8 * 10] = (int)(tmp23 - tmp13);
-    wsptr[8 * 4]  = (int)RIGHT_SHIFT(tmp24 + tmp14, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 9]  = (int)RIGHT_SHIFT(tmp24 - tmp14, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 5]  = (int)RIGHT_SHIFT(tmp25 + tmp15, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 8]  = (int)RIGHT_SHIFT(tmp25 - tmp15, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 6]  = (int)RIGHT_SHIFT(tmp26 + tmp16, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 7]  = (int)RIGHT_SHIFT(tmp26 - tmp16, CONST_BITS - PASS1_BITS);
-  }
-
-  /* Pass 2: process 14 rows from work array, store into output array. */
-
-  wsptr = workspace;
-  for (ctr = 0; ctr < 14; ctr++) {
-    outptr = output_buf[ctr] + output_col;
-
-    /* Even part */
-
-    /* Add fudge factor here for final descale. */
-    z1 = (JLONG)wsptr[0] + (ONE << (PASS1_BITS + 2));
-    z1 = LEFT_SHIFT(z1, CONST_BITS);
-    z4 = (JLONG)wsptr[4];
-    z2 = MULTIPLY(z4, FIX(1.274162392));         /* c4 */
-    z3 = MULTIPLY(z4, FIX(0.314692123));         /* c12 */
-    z4 = MULTIPLY(z4, FIX(0.881747734));         /* c8 */
-
-    tmp10 = z1 + z2;
-    tmp11 = z1 + z3;
-    tmp12 = z1 - z4;
-
-    tmp23 = z1 - LEFT_SHIFT(z2 + z3 - z4, 1);    /* c0 = (c4+c12-c8)*2 */
-
-    z1 = (JLONG)wsptr[2];
-    z2 = (JLONG)wsptr[6];
-
-    z3 = MULTIPLY(z1 + z2, FIX(1.105676686));    /* c6 */
-
-    tmp13 = z3 + MULTIPLY(z1, FIX(0.273079590)); /* c2-c6 */
-    tmp14 = z3 - MULTIPLY(z2, FIX(1.719280954)); /* c6+c10 */
-    tmp15 = MULTIPLY(z1, FIX(0.613604268)) -     /* c10 */
-            MULTIPLY(z2, FIX(1.378756276));      /* c2 */
-
-    tmp20 = tmp10 + tmp13;
-    tmp26 = tmp10 - tmp13;
-    tmp21 = tmp11 + tmp14;
-    tmp25 = tmp11 - tmp14;
-    tmp22 = tmp12 + tmp15;
-    tmp24 = tmp12 - tmp15;
-
-    /* Odd part */
-
-    z1 = (JLONG)wsptr[1];
-    z2 = (JLONG)wsptr[3];
-    z3 = (JLONG)wsptr[5];
-    z4 = (JLONG)wsptr[7];
-    z4 = LEFT_SHIFT(z4, CONST_BITS);
-
-    tmp14 = z1 + z3;
-    tmp11 = MULTIPLY(z1 + z2, FIX(1.334852607));           /* c3 */
-    tmp12 = MULTIPLY(tmp14, FIX(1.197448846));             /* c5 */
-    tmp10 = tmp11 + tmp12 + z4 - MULTIPLY(z1, FIX(1.126980169)); /* c3+c5-c1 */
-    tmp14 = MULTIPLY(tmp14, FIX(0.752406978));             /* c9 */
-    tmp16 = tmp14 - MULTIPLY(z1, FIX(1.061150426));        /* c9+c11-c13 */
-    z1    -= z2;
-    tmp15 = MULTIPLY(z1, FIX(0.467085129)) - z4;           /* c11 */
-    tmp16 += tmp15;
-    tmp13 = MULTIPLY(z2 + z3, -FIX(0.158341681)) - z4;     /* -c13 */
-    tmp11 += tmp13 - MULTIPLY(z2, FIX(0.424103948));       /* c3-c9-c13 */
-    tmp12 += tmp13 - MULTIPLY(z3, FIX(2.373959773));       /* c3+c5-c13 */
-    tmp13 = MULTIPLY(z3 - z2, FIX(1.405321284));           /* c1 */
-    tmp14 += tmp13 + z4 - MULTIPLY(z3, FIX(1.6906431334)); /* c1+c9-c11 */
-    tmp15 += tmp13 + MULTIPLY(z2, FIX(0.674957567));       /* c1+c11-c5 */
-
-    tmp13 = LEFT_SHIFT(z1 - z3, CONST_BITS) + z4;
-
-    /* Final output stage */
-
-    outptr[0]  = range_limit[(int)RIGHT_SHIFT(tmp20 + tmp10,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[13] = range_limit[(int)RIGHT_SHIFT(tmp20 - tmp10,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[1]  = range_limit[(int)RIGHT_SHIFT(tmp21 + tmp11,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[12] = range_limit[(int)RIGHT_SHIFT(tmp21 - tmp11,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[2]  = range_limit[(int)RIGHT_SHIFT(tmp22 + tmp12,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[11] = range_limit[(int)RIGHT_SHIFT(tmp22 - tmp12,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[3]  = range_limit[(int)RIGHT_SHIFT(tmp23 + tmp13,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[10] = range_limit[(int)RIGHT_SHIFT(tmp23 - tmp13,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[4]  = range_limit[(int)RIGHT_SHIFT(tmp24 + tmp14,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[9]  = range_limit[(int)RIGHT_SHIFT(tmp24 - tmp14,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[5]  = range_limit[(int)RIGHT_SHIFT(tmp25 + tmp15,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[8]  = range_limit[(int)RIGHT_SHIFT(tmp25 - tmp15,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[6]  = range_limit[(int)RIGHT_SHIFT(tmp26 + tmp16,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[7]  = range_limit[(int)RIGHT_SHIFT(tmp26 - tmp16,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-
-    wsptr += 8;         /* advance pointer to next row */
-  }
-}
-
-
-/*
- * Perform dequantization and inverse DCT on one block of coefficients,
- * producing a 15x15 output block.
- *
- * Optimized algorithm with 22 multiplications in the 1-D kernel.
- * cK represents sqrt(2) * cos(K*pi/30).
- */
-
-GLOBAL(void)
-jpeg_idct_15x15(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                JDIMENSION output_col)
-{
-  JLONG tmp10, tmp11, tmp12, tmp13, tmp14, tmp15, tmp16;
-  JLONG tmp20, tmp21, tmp22, tmp23, tmp24, tmp25, tmp26, tmp27;
-  JLONG z1, z2, z3, z4;
-  JCOEFPTR inptr;
-  ISLOW_MULT_TYPE *quantptr;
-  int *wsptr;
-  JSAMPROW outptr;
-  JSAMPLE *range_limit = IDCT_range_limit(cinfo);
-  int ctr;
-  int workspace[8 * 15];        /* buffers data between passes */
-  SHIFT_TEMPS
-
-  /* Pass 1: process columns from input, store into work array. */
-
-  inptr = coef_block;
-  quantptr = (ISLOW_MULT_TYPE *)compptr->dct_table;
-  wsptr = workspace;
-  for (ctr = 0; ctr < 8; ctr++, inptr++, quantptr++, wsptr++) {
-    /* Even part */
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 0], quantptr[DCTSIZE * 0]);
-    z1 = LEFT_SHIFT(z1, CONST_BITS);
-    /* Add fudge factor here for final descale. */
-    z1 += ONE << (CONST_BITS - PASS1_BITS - 1);
-
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 2], quantptr[DCTSIZE * 2]);
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 4], quantptr[DCTSIZE * 4]);
-    z4 = DEQUANTIZE(inptr[DCTSIZE * 6], quantptr[DCTSIZE * 6]);
-
-    tmp10 = MULTIPLY(z4, FIX(0.437016024)); /* c12 */
-    tmp11 = MULTIPLY(z4, FIX(1.144122806)); /* c6 */
-
-    tmp12 = z1 - tmp10;
-    tmp13 = z1 + tmp11;
-    z1 -= LEFT_SHIFT(tmp11 - tmp10, 1);     /* c0 = (c6-c12)*2 */
-
-    z4 = z2 - z3;
-    z3 += z2;
-    tmp10 = MULTIPLY(z3, FIX(1.337628990)); /* (c2+c4)/2 */
-    tmp11 = MULTIPLY(z4, FIX(0.045680613)); /* (c2-c4)/2 */
-    z2 = MULTIPLY(z2, FIX(1.439773946));    /* c4+c14 */
-
-    tmp20 = tmp13 + tmp10 + tmp11;
-    tmp23 = tmp12 - tmp10 + tmp11 + z2;
-
-    tmp10 = MULTIPLY(z3, FIX(0.547059574)); /* (c8+c14)/2 */
-    tmp11 = MULTIPLY(z4, FIX(0.399234004)); /* (c8-c14)/2 */
-
-    tmp25 = tmp13 - tmp10 - tmp11;
-    tmp26 = tmp12 + tmp10 - tmp11 - z2;
-
-    tmp10 = MULTIPLY(z3, FIX(0.790569415)); /* (c6+c12)/2 */
-    tmp11 = MULTIPLY(z4, FIX(0.353553391)); /* (c6-c12)/2 */
-
-    tmp21 = tmp12 + tmp10 + tmp11;
-    tmp24 = tmp13 - tmp10 + tmp11;
-    tmp11 += tmp11;
-    tmp22 = z1 + tmp11;                     /* c10 = c6-c12 */
-    tmp27 = z1 - tmp11 - tmp11;             /* c0 = (c6-c12)*2 */
-
-    /* Odd part */
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 1], quantptr[DCTSIZE * 1]);
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 3], quantptr[DCTSIZE * 3]);
-    z4 = DEQUANTIZE(inptr[DCTSIZE * 5], quantptr[DCTSIZE * 5]);
-    z3 = MULTIPLY(z4, FIX(1.224744871));                    /* c5 */
-    z4 = DEQUANTIZE(inptr[DCTSIZE * 7], quantptr[DCTSIZE * 7]);
-
-    tmp13 = z2 - z4;
-    tmp15 = MULTIPLY(z1 + tmp13, FIX(0.831253876));         /* c9 */
-    tmp11 = tmp15 + MULTIPLY(z1, FIX(0.513743148));         /* c3-c9 */
-    tmp14 = tmp15 - MULTIPLY(tmp13, FIX(2.176250899));      /* c3+c9 */
-
-    tmp13 = MULTIPLY(z2, -FIX(0.831253876));                /* -c9 */
-    tmp15 = MULTIPLY(z2, -FIX(1.344997024));                /* -c3 */
-    z2 = z1 - z4;
-    tmp12 = z3 + MULTIPLY(z2, FIX(1.406466353));            /* c1 */
-
-    tmp10 = tmp12 + MULTIPLY(z4, FIX(2.457431844)) - tmp15; /* c1+c7 */
-    tmp16 = tmp12 - MULTIPLY(z1, FIX(1.112434820)) + tmp13; /* c1-c13 */
-    tmp12 = MULTIPLY(z2, FIX(1.224744871)) - z3;            /* c5 */
-    z2 = MULTIPLY(z1 + z4, FIX(0.575212477));               /* c11 */
-    tmp13 += z2 + MULTIPLY(z1, FIX(0.475753014)) - z3;      /* c7-c11 */
-    tmp15 += z2 - MULTIPLY(z4, FIX(0.869244010)) + z3;      /* c11+c13 */
-
-    /* Final output stage */
-
-    wsptr[8 * 0]  = (int)RIGHT_SHIFT(tmp20 + tmp10, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 14] = (int)RIGHT_SHIFT(tmp20 - tmp10, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 1]  = (int)RIGHT_SHIFT(tmp21 + tmp11, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 13] = (int)RIGHT_SHIFT(tmp21 - tmp11, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 2]  = (int)RIGHT_SHIFT(tmp22 + tmp12, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 12] = (int)RIGHT_SHIFT(tmp22 - tmp12, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 3]  = (int)RIGHT_SHIFT(tmp23 + tmp13, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 11] = (int)RIGHT_SHIFT(tmp23 - tmp13, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 4]  = (int)RIGHT_SHIFT(tmp24 + tmp14, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 10] = (int)RIGHT_SHIFT(tmp24 - tmp14, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 5]  = (int)RIGHT_SHIFT(tmp25 + tmp15, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 9]  = (int)RIGHT_SHIFT(tmp25 - tmp15, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 6]  = (int)RIGHT_SHIFT(tmp26 + tmp16, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 8]  = (int)RIGHT_SHIFT(tmp26 - tmp16, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 7]  = (int)RIGHT_SHIFT(tmp27, CONST_BITS - PASS1_BITS);
-  }
-
-  /* Pass 2: process 15 rows from work array, store into output array. */
-
-  wsptr = workspace;
-  for (ctr = 0; ctr < 15; ctr++) {
-    outptr = output_buf[ctr] + output_col;
-
-    /* Even part */
-
-    /* Add fudge factor here for final descale. */
-    z1 = (JLONG)wsptr[0] + (ONE << (PASS1_BITS + 2));
-    z1 = LEFT_SHIFT(z1, CONST_BITS);
-
-    z2 = (JLONG)wsptr[2];
-    z3 = (JLONG)wsptr[4];
-    z4 = (JLONG)wsptr[6];
-
-    tmp10 = MULTIPLY(z4, FIX(0.437016024)); /* c12 */
-    tmp11 = MULTIPLY(z4, FIX(1.144122806)); /* c6 */
-
-    tmp12 = z1 - tmp10;
-    tmp13 = z1 + tmp11;
-    z1 -= LEFT_SHIFT(tmp11 - tmp10, 1);     /* c0 = (c6-c12)*2 */
-
-    z4 = z2 - z3;
-    z3 += z2;
-    tmp10 = MULTIPLY(z3, FIX(1.337628990)); /* (c2+c4)/2 */
-    tmp11 = MULTIPLY(z4, FIX(0.045680613)); /* (c2-c4)/2 */
-    z2 = MULTIPLY(z2, FIX(1.439773946));    /* c4+c14 */
-
-    tmp20 = tmp13 + tmp10 + tmp11;
-    tmp23 = tmp12 - tmp10 + tmp11 + z2;
-
-    tmp10 = MULTIPLY(z3, FIX(0.547059574)); /* (c8+c14)/2 */
-    tmp11 = MULTIPLY(z4, FIX(0.399234004)); /* (c8-c14)/2 */
-
-    tmp25 = tmp13 - tmp10 - tmp11;
-    tmp26 = tmp12 + tmp10 - tmp11 - z2;
-
-    tmp10 = MULTIPLY(z3, FIX(0.790569415)); /* (c6+c12)/2 */
-    tmp11 = MULTIPLY(z4, FIX(0.353553391)); /* (c6-c12)/2 */
-
-    tmp21 = tmp12 + tmp10 + tmp11;
-    tmp24 = tmp13 - tmp10 + tmp11;
-    tmp11 += tmp11;
-    tmp22 = z1 + tmp11;                     /* c10 = c6-c12 */
-    tmp27 = z1 - tmp11 - tmp11;             /* c0 = (c6-c12)*2 */
-
-    /* Odd part */
-
-    z1 = (JLONG)wsptr[1];
-    z2 = (JLONG)wsptr[3];
-    z4 = (JLONG)wsptr[5];
-    z3 = MULTIPLY(z4, FIX(1.224744871));                    /* c5 */
-    z4 = (JLONG)wsptr[7];
-
-    tmp13 = z2 - z4;
-    tmp15 = MULTIPLY(z1 + tmp13, FIX(0.831253876));         /* c9 */
-    tmp11 = tmp15 + MULTIPLY(z1, FIX(0.513743148));         /* c3-c9 */
-    tmp14 = tmp15 - MULTIPLY(tmp13, FIX(2.176250899));      /* c3+c9 */
-
-    tmp13 = MULTIPLY(z2, -FIX(0.831253876));                /* -c9 */
-    tmp15 = MULTIPLY(z2, -FIX(1.344997024));                /* -c3 */
-    z2 = z1 - z4;
-    tmp12 = z3 + MULTIPLY(z2, FIX(1.406466353));            /* c1 */
-
-    tmp10 = tmp12 + MULTIPLY(z4, FIX(2.457431844)) - tmp15; /* c1+c7 */
-    tmp16 = tmp12 - MULTIPLY(z1, FIX(1.112434820)) + tmp13; /* c1-c13 */
-    tmp12 = MULTIPLY(z2, FIX(1.224744871)) - z3;            /* c5 */
-    z2 = MULTIPLY(z1 + z4, FIX(0.575212477));               /* c11 */
-    tmp13 += z2 + MULTIPLY(z1, FIX(0.475753014)) - z3;      /* c7-c11 */
-    tmp15 += z2 - MULTIPLY(z4, FIX(0.869244010)) + z3;      /* c11+c13 */
-
-    /* Final output stage */
-
-    outptr[0]  = range_limit[(int)RIGHT_SHIFT(tmp20 + tmp10,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[14] = range_limit[(int)RIGHT_SHIFT(tmp20 - tmp10,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[1]  = range_limit[(int)RIGHT_SHIFT(tmp21 + tmp11,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[13] = range_limit[(int)RIGHT_SHIFT(tmp21 - tmp11,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[2]  = range_limit[(int)RIGHT_SHIFT(tmp22 + tmp12,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[12] = range_limit[(int)RIGHT_SHIFT(tmp22 - tmp12,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[3]  = range_limit[(int)RIGHT_SHIFT(tmp23 + tmp13,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[11] = range_limit[(int)RIGHT_SHIFT(tmp23 - tmp13,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[4]  = range_limit[(int)RIGHT_SHIFT(tmp24 + tmp14,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[10] = range_limit[(int)RIGHT_SHIFT(tmp24 - tmp14,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[5]  = range_limit[(int)RIGHT_SHIFT(tmp25 + tmp15,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[9]  = range_limit[(int)RIGHT_SHIFT(tmp25 - tmp15,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[6]  = range_limit[(int)RIGHT_SHIFT(tmp26 + tmp16,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[8]  = range_limit[(int)RIGHT_SHIFT(tmp26 - tmp16,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[7]  = range_limit[(int)RIGHT_SHIFT(tmp27,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-
-    wsptr += 8;         /* advance pointer to next row */
-  }
-}
-
-
-/*
- * Perform dequantization and inverse DCT on one block of coefficients,
- * producing a 16x16 output block.
- *
- * Optimized algorithm with 28 multiplications in the 1-D kernel.
- * cK represents sqrt(2) * cos(K*pi/32).
- */
-
-GLOBAL(void)
-jpeg_idct_16x16(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                JDIMENSION output_col)
-{
-  JLONG tmp0, tmp1, tmp2, tmp3, tmp10, tmp11, tmp12, tmp13;
-  JLONG tmp20, tmp21, tmp22, tmp23, tmp24, tmp25, tmp26, tmp27;
-  JLONG z1, z2, z3, z4;
-  JCOEFPTR inptr;
-  ISLOW_MULT_TYPE *quantptr;
-  int *wsptr;
-  JSAMPROW outptr;
-  JSAMPLE *range_limit = IDCT_range_limit(cinfo);
-  int ctr;
-  int workspace[8 * 16];        /* buffers data between passes */
-  SHIFT_TEMPS
-
-  /* Pass 1: process columns from input, store into work array. */
-
-  inptr = coef_block;
-  quantptr = (ISLOW_MULT_TYPE *)compptr->dct_table;
-  wsptr = workspace;
-  for (ctr = 0; ctr < 8; ctr++, inptr++, quantptr++, wsptr++) {
-    /* Even part */
-
-    tmp0 = DEQUANTIZE(inptr[DCTSIZE * 0], quantptr[DCTSIZE * 0]);
-    tmp0 = LEFT_SHIFT(tmp0, CONST_BITS);
-    /* Add fudge factor here for final descale. */
-    tmp0 += ONE << (CONST_BITS - PASS1_BITS - 1);
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 4], quantptr[DCTSIZE * 4]);
-    tmp1 = MULTIPLY(z1, FIX(1.306562965));      /* c4[16] = c2[8] */
-    tmp2 = MULTIPLY(z1, FIX_0_541196100);       /* c12[16] = c6[8] */
-
-    tmp10 = tmp0 + tmp1;
-    tmp11 = tmp0 - tmp1;
-    tmp12 = tmp0 + tmp2;
-    tmp13 = tmp0 - tmp2;
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 2], quantptr[DCTSIZE * 2]);
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 6], quantptr[DCTSIZE * 6]);
-    z3 = z1 - z2;
-    z4 = MULTIPLY(z3, FIX(0.275899379));        /* c14[16] = c7[8] */
-    z3 = MULTIPLY(z3, FIX(1.387039845));        /* c2[16] = c1[8] */
-
-    tmp0 = z3 + MULTIPLY(z2, FIX_2_562915447);  /* (c6+c2)[16] = (c3+c1)[8] */
-    tmp1 = z4 + MULTIPLY(z1, FIX_0_899976223);  /* (c6-c14)[16] = (c3-c7)[8] */
-    tmp2 = z3 - MULTIPLY(z1, FIX(0.601344887)); /* (c2-c10)[16] = (c1-c5)[8] */
-    tmp3 = z4 - MULTIPLY(z2, FIX(0.509795579)); /* (c10-c14)[16] = (c5-c7)[8] */
-
-    tmp20 = tmp10 + tmp0;
-    tmp27 = tmp10 - tmp0;
-    tmp21 = tmp12 + tmp1;
-    tmp26 = tmp12 - tmp1;
-    tmp22 = tmp13 + tmp2;
-    tmp25 = tmp13 - tmp2;
-    tmp23 = tmp11 + tmp3;
-    tmp24 = tmp11 - tmp3;
-
-    /* Odd part */
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 1], quantptr[DCTSIZE * 1]);
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 3], quantptr[DCTSIZE * 3]);
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 5], quantptr[DCTSIZE * 5]);
-    z4 = DEQUANTIZE(inptr[DCTSIZE * 7], quantptr[DCTSIZE * 7]);
-
-    tmp11 = z1 + z3;
-
-    tmp1  = MULTIPLY(z1 + z2, FIX(1.353318001));   /* c3 */
-    tmp2  = MULTIPLY(tmp11,   FIX(1.247225013));   /* c5 */
-    tmp3  = MULTIPLY(z1 + z4, FIX(1.093201867));   /* c7 */
-    tmp10 = MULTIPLY(z1 - z4, FIX(0.897167586));   /* c9 */
-    tmp11 = MULTIPLY(tmp11,   FIX(0.666655658));   /* c11 */
-    tmp12 = MULTIPLY(z1 - z2, FIX(0.410524528));   /* c13 */
-    tmp0  = tmp1 + tmp2 + tmp3 -
-            MULTIPLY(z1, FIX(2.286341144));        /* c7+c5+c3-c1 */
-    tmp13 = tmp10 + tmp11 + tmp12 -
-            MULTIPLY(z1, FIX(1.835730603));        /* c9+c11+c13-c15 */
-    z1    = MULTIPLY(z2 + z3, FIX(0.138617169));   /* c15 */
-    tmp1  += z1 + MULTIPLY(z2, FIX(0.071888074));  /* c9+c11-c3-c15 */
-    tmp2  += z1 - MULTIPLY(z3, FIX(1.125726048));  /* c5+c7+c15-c3 */
-    z1    = MULTIPLY(z3 - z2, FIX(1.407403738));   /* c1 */
-    tmp11 += z1 - MULTIPLY(z3, FIX(0.766367282));  /* c1+c11-c9-c13 */
-    tmp12 += z1 + MULTIPLY(z2, FIX(1.971951411));  /* c1+c5+c13-c7 */
-    z2    += z4;
-    z1    = MULTIPLY(z2, -FIX(0.666655658));       /* -c11 */
-    tmp1  += z1;
-    tmp3  += z1 + MULTIPLY(z4, FIX(1.065388962));  /* c3+c11+c15-c7 */
-    z2    = MULTIPLY(z2, -FIX(1.247225013));       /* -c5 */
-    tmp10 += z2 + MULTIPLY(z4, FIX(3.141271809));  /* c1+c5+c9-c13 */
-    tmp12 += z2;
-    z2    = MULTIPLY(z3 + z4, -FIX(1.353318001));  /* -c3 */
-    tmp2  += z2;
-    tmp3  += z2;
-    z2    = MULTIPLY(z4 - z3, FIX(0.410524528));   /* c13 */
-    tmp10 += z2;
-    tmp11 += z2;
-
-    /* Final output stage */
-
-    wsptr[8 * 0]  = (int)RIGHT_SHIFT(tmp20 + tmp0,  CONST_BITS - PASS1_BITS);
-    wsptr[8 * 15] = (int)RIGHT_SHIFT(tmp20 - tmp0,  CONST_BITS - PASS1_BITS);
-    wsptr[8 * 1]  = (int)RIGHT_SHIFT(tmp21 + tmp1,  CONST_BITS - PASS1_BITS);
-    wsptr[8 * 14] = (int)RIGHT_SHIFT(tmp21 - tmp1,  CONST_BITS - PASS1_BITS);
-    wsptr[8 * 2]  = (int)RIGHT_SHIFT(tmp22 + tmp2,  CONST_BITS - PASS1_BITS);
-    wsptr[8 * 13] = (int)RIGHT_SHIFT(tmp22 - tmp2,  CONST_BITS - PASS1_BITS);
-    wsptr[8 * 3]  = (int)RIGHT_SHIFT(tmp23 + tmp3,  CONST_BITS - PASS1_BITS);
-    wsptr[8 * 12] = (int)RIGHT_SHIFT(tmp23 - tmp3,  CONST_BITS - PASS1_BITS);
-    wsptr[8 * 4]  = (int)RIGHT_SHIFT(tmp24 + tmp10, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 11] = (int)RIGHT_SHIFT(tmp24 - tmp10, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 5]  = (int)RIGHT_SHIFT(tmp25 + tmp11, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 10] = (int)RIGHT_SHIFT(tmp25 - tmp11, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 6]  = (int)RIGHT_SHIFT(tmp26 + tmp12, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 9]  = (int)RIGHT_SHIFT(tmp26 - tmp12, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 7]  = (int)RIGHT_SHIFT(tmp27 + tmp13, CONST_BITS - PASS1_BITS);
-    wsptr[8 * 8]  = (int)RIGHT_SHIFT(tmp27 - tmp13, CONST_BITS - PASS1_BITS);
-  }
-
-  /* Pass 2: process 16 rows from work array, store into output array. */
-
-  wsptr = workspace;
-  for (ctr = 0; ctr < 16; ctr++) {
-    outptr = output_buf[ctr] + output_col;
-
-    /* Even part */
-
-    /* Add fudge factor here for final descale. */
-    tmp0 = (JLONG)wsptr[0] + (ONE << (PASS1_BITS + 2));
-    tmp0 = LEFT_SHIFT(tmp0, CONST_BITS);
-
-    z1 = (JLONG)wsptr[4];
-    tmp1 = MULTIPLY(z1, FIX(1.306562965));      /* c4[16] = c2[8] */
-    tmp2 = MULTIPLY(z1, FIX_0_541196100);       /* c12[16] = c6[8] */
-
-    tmp10 = tmp0 + tmp1;
-    tmp11 = tmp0 - tmp1;
-    tmp12 = tmp0 + tmp2;
-    tmp13 = tmp0 - tmp2;
-
-    z1 = (JLONG)wsptr[2];
-    z2 = (JLONG)wsptr[6];
-    z3 = z1 - z2;
-    z4 = MULTIPLY(z3, FIX(0.275899379));        /* c14[16] = c7[8] */
-    z3 = MULTIPLY(z3, FIX(1.387039845));        /* c2[16] = c1[8] */
-
-    tmp0 = z3 + MULTIPLY(z2, FIX_2_562915447);  /* (c6+c2)[16] = (c3+c1)[8] */
-    tmp1 = z4 + MULTIPLY(z1, FIX_0_899976223);  /* (c6-c14)[16] = (c3-c7)[8] */
-    tmp2 = z3 - MULTIPLY(z1, FIX(0.601344887)); /* (c2-c10)[16] = (c1-c5)[8] */
-    tmp3 = z4 - MULTIPLY(z2, FIX(0.509795579)); /* (c10-c14)[16] = (c5-c7)[8] */
-
-    tmp20 = tmp10 + tmp0;
-    tmp27 = tmp10 - tmp0;
-    tmp21 = tmp12 + tmp1;
-    tmp26 = tmp12 - tmp1;
-    tmp22 = tmp13 + tmp2;
-    tmp25 = tmp13 - tmp2;
-    tmp23 = tmp11 + tmp3;
-    tmp24 = tmp11 - tmp3;
-
-    /* Odd part */
-
-    z1 = (JLONG)wsptr[1];
-    z2 = (JLONG)wsptr[3];
-    z3 = (JLONG)wsptr[5];
-    z4 = (JLONG)wsptr[7];
-
-    tmp11 = z1 + z3;
-
-    tmp1  = MULTIPLY(z1 + z2, FIX(1.353318001));   /* c3 */
-    tmp2  = MULTIPLY(tmp11,   FIX(1.247225013));   /* c5 */
-    tmp3  = MULTIPLY(z1 + z4, FIX(1.093201867));   /* c7 */
-    tmp10 = MULTIPLY(z1 - z4, FIX(0.897167586));   /* c9 */
-    tmp11 = MULTIPLY(tmp11,   FIX(0.666655658));   /* c11 */
-    tmp12 = MULTIPLY(z1 - z2, FIX(0.410524528));   /* c13 */
-    tmp0  = tmp1 + tmp2 + tmp3 -
-            MULTIPLY(z1, FIX(2.286341144));        /* c7+c5+c3-c1 */
-    tmp13 = tmp10 + tmp11 + tmp12 -
-            MULTIPLY(z1, FIX(1.835730603));        /* c9+c11+c13-c15 */
-    z1    = MULTIPLY(z2 + z3, FIX(0.138617169));   /* c15 */
-    tmp1  += z1 + MULTIPLY(z2, FIX(0.071888074));  /* c9+c11-c3-c15 */
-    tmp2  += z1 - MULTIPLY(z3, FIX(1.125726048));  /* c5+c7+c15-c3 */
-    z1    = MULTIPLY(z3 - z2, FIX(1.407403738));   /* c1 */
-    tmp11 += z1 - MULTIPLY(z3, FIX(0.766367282));  /* c1+c11-c9-c13 */
-    tmp12 += z1 + MULTIPLY(z2, FIX(1.971951411));  /* c1+c5+c13-c7 */
-    z2    += z4;
-    z1    = MULTIPLY(z2, -FIX(0.666655658));       /* -c11 */
-    tmp1  += z1;
-    tmp3  += z1 + MULTIPLY(z4, FIX(1.065388962));  /* c3+c11+c15-c7 */
-    z2    = MULTIPLY(z2, -FIX(1.247225013));       /* -c5 */
-    tmp10 += z2 + MULTIPLY(z4, FIX(3.141271809));  /* c1+c5+c9-c13 */
-    tmp12 += z2;
-    z2    = MULTIPLY(z3 + z4, -FIX(1.353318001));  /* -c3 */
-    tmp2  += z2;
-    tmp3  += z2;
-    z2    = MULTIPLY(z4 - z3, FIX(0.410524528));   /* c13 */
-    tmp10 += z2;
-    tmp11 += z2;
-
-    /* Final output stage */
-
-    outptr[0]  = range_limit[(int)RIGHT_SHIFT(tmp20 + tmp0,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[15] = range_limit[(int)RIGHT_SHIFT(tmp20 - tmp0,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[1]  = range_limit[(int)RIGHT_SHIFT(tmp21 + tmp1,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[14] = range_limit[(int)RIGHT_SHIFT(tmp21 - tmp1,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[2]  = range_limit[(int)RIGHT_SHIFT(tmp22 + tmp2,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[13] = range_limit[(int)RIGHT_SHIFT(tmp22 - tmp2,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[3]  = range_limit[(int)RIGHT_SHIFT(tmp23 + tmp3,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[12] = range_limit[(int)RIGHT_SHIFT(tmp23 - tmp3,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[4]  = range_limit[(int)RIGHT_SHIFT(tmp24 + tmp10,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[11] = range_limit[(int)RIGHT_SHIFT(tmp24 - tmp10,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[5]  = range_limit[(int)RIGHT_SHIFT(tmp25 + tmp11,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[10] = range_limit[(int)RIGHT_SHIFT(tmp25 - tmp11,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[6]  = range_limit[(int)RIGHT_SHIFT(tmp26 + tmp12,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[9]  = range_limit[(int)RIGHT_SHIFT(tmp26 - tmp12,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[7]  = range_limit[(int)RIGHT_SHIFT(tmp27 + tmp13,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-    outptr[8]  = range_limit[(int)RIGHT_SHIFT(tmp27 - tmp13,
-                                              CONST_BITS + PASS1_BITS + 3) &
-                             RANGE_MASK];
-
-    wsptr += 8;         /* advance pointer to next row */
-  }
-}
-
-#endif /* IDCT_SCALING_SUPPORTED */
-#endif /* DCT_ISLOW_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jidctred.c b/3rdparty/libjpeg-turbo_2_1_0/jidctred.c
deleted file mode 100644
index 1dd65a9..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jidctred.c
+++ /dev/null
@@ -1,409 +0,0 @@
-/*
- * jidctred.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1998, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2015, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains inverse-DCT routines that produce reduced-size output:
- * either 4x4, 2x2, or 1x1 pixels from an 8x8 DCT block.
- *
- * The implementation is based on the Loeffler, Ligtenberg and Moschytz (LL&M)
- * algorithm used in jidctint.c.  We simply replace each 8-to-8 1-D IDCT step
- * with an 8-to-4 step that produces the four averages of two adjacent outputs
- * (or an 8-to-2 step producing two averages of four outputs, for 2x2 output).
- * These steps were derived by computing the corresponding values at the end
- * of the normal LL&M code, then simplifying as much as possible.
- *
- * 1x1 is trivial: just take the DC coefficient divided by 8.
- *
- * See jidctint.c for additional comments.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jdct.h"               /* Private declarations for DCT subsystem */
-
-#ifdef IDCT_SCALING_SUPPORTED
-
-
-/*
- * This module is specialized to the case DCTSIZE = 8.
- */
-
-#if DCTSIZE != 8
-  Sorry, this code only copes with 8x8 DCTs. /* deliberate syntax err */
-#endif
-
-
-/* Scaling is the same as in jidctint.c. */
-
-#if BITS_IN_JSAMPLE == 8
-#define CONST_BITS  13
-#define PASS1_BITS  2
-#else
-#define CONST_BITS  13
-#define PASS1_BITS  1           /* lose a little precision to avoid overflow */
-#endif
-
-/* Some C compilers fail to reduce "FIX(constant)" at compile time, thus
- * causing a lot of useless floating-point operations at run time.
- * To get around this we use the following pre-calculated constants.
- * If you change CONST_BITS you may want to add appropriate values.
- * (With a reasonable C compiler, you can just rely on the FIX() macro...)
- */
-
-#if CONST_BITS == 13
-#define FIX_0_211164243  ((JLONG)1730)          /* FIX(0.211164243) */
-#define FIX_0_509795579  ((JLONG)4176)          /* FIX(0.509795579) */
-#define FIX_0_601344887  ((JLONG)4926)          /* FIX(0.601344887) */
-#define FIX_0_720959822  ((JLONG)5906)          /* FIX(0.720959822) */
-#define FIX_0_765366865  ((JLONG)6270)          /* FIX(0.765366865) */
-#define FIX_0_850430095  ((JLONG)6967)          /* FIX(0.850430095) */
-#define FIX_0_899976223  ((JLONG)7373)          /* FIX(0.899976223) */
-#define FIX_1_061594337  ((JLONG)8697)          /* FIX(1.061594337) */
-#define FIX_1_272758580  ((JLONG)10426)         /* FIX(1.272758580) */
-#define FIX_1_451774981  ((JLONG)11893)         /* FIX(1.451774981) */
-#define FIX_1_847759065  ((JLONG)15137)         /* FIX(1.847759065) */
-#define FIX_2_172734803  ((JLONG)17799)         /* FIX(2.172734803) */
-#define FIX_2_562915447  ((JLONG)20995)         /* FIX(2.562915447) */
-#define FIX_3_624509785  ((JLONG)29692)         /* FIX(3.624509785) */
-#else
-#define FIX_0_211164243  FIX(0.211164243)
-#define FIX_0_509795579  FIX(0.509795579)
-#define FIX_0_601344887  FIX(0.601344887)
-#define FIX_0_720959822  FIX(0.720959822)
-#define FIX_0_765366865  FIX(0.765366865)
-#define FIX_0_850430095  FIX(0.850430095)
-#define FIX_0_899976223  FIX(0.899976223)
-#define FIX_1_061594337  FIX(1.061594337)
-#define FIX_1_272758580  FIX(1.272758580)
-#define FIX_1_451774981  FIX(1.451774981)
-#define FIX_1_847759065  FIX(1.847759065)
-#define FIX_2_172734803  FIX(2.172734803)
-#define FIX_2_562915447  FIX(2.562915447)
-#define FIX_3_624509785  FIX(3.624509785)
-#endif
-
-
-/* Multiply a JLONG variable by a JLONG constant to yield a JLONG result.
- * For 8-bit samples with the recommended scaling, all the variable
- * and constant values involved are no more than 16 bits wide, so a
- * 16x16->32 bit multiply can be used instead of a full 32x32 multiply.
- * For 12-bit samples, a full 32-bit multiplication will be needed.
- */
-
-#if BITS_IN_JSAMPLE == 8
-#define MULTIPLY(var, const)  MULTIPLY16C16(var, const)
-#else
-#define MULTIPLY(var, const)  ((var) * (const))
-#endif
-
-
-/* Dequantize a coefficient by multiplying it by the multiplier-table
- * entry; produce an int result.  In this module, both inputs and result
- * are 16 bits or less, so either int or short multiply will work.
- */
-
-#define DEQUANTIZE(coef, quantval)  (((ISLOW_MULT_TYPE)(coef)) * (quantval))
-
-
-/*
- * Perform dequantization and inverse DCT on one block of coefficients,
- * producing a reduced-size 4x4 output block.
- */
-
-GLOBAL(void)
-jpeg_idct_4x4(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-              JCOEFPTR coef_block, JSAMPARRAY output_buf,
-              JDIMENSION output_col)
-{
-  JLONG tmp0, tmp2, tmp10, tmp12;
-  JLONG z1, z2, z3, z4;
-  JCOEFPTR inptr;
-  ISLOW_MULT_TYPE *quantptr;
-  int *wsptr;
-  JSAMPROW outptr;
-  JSAMPLE *range_limit = IDCT_range_limit(cinfo);
-  int ctr;
-  int workspace[DCTSIZE * 4];   /* buffers data between passes */
-  SHIFT_TEMPS
-
-  /* Pass 1: process columns from input, store into work array. */
-
-  inptr = coef_block;
-  quantptr = (ISLOW_MULT_TYPE *)compptr->dct_table;
-  wsptr = workspace;
-  for (ctr = DCTSIZE; ctr > 0; inptr++, quantptr++, wsptr++, ctr--) {
-    /* Don't bother to process column 4, because second pass won't use it */
-    if (ctr == DCTSIZE - 4)
-      continue;
-    if (inptr[DCTSIZE * 1] == 0 && inptr[DCTSIZE * 2] == 0 &&
-        inptr[DCTSIZE * 3] == 0 && inptr[DCTSIZE * 5] == 0 &&
-        inptr[DCTSIZE * 6] == 0 && inptr[DCTSIZE * 7] == 0) {
-      /* AC terms all zero; we need not examine term 4 for 4x4 output */
-      int dcval = LEFT_SHIFT(DEQUANTIZE(inptr[DCTSIZE * 0],
-                                        quantptr[DCTSIZE * 0]), PASS1_BITS);
-
-      wsptr[DCTSIZE * 0] = dcval;
-      wsptr[DCTSIZE * 1] = dcval;
-      wsptr[DCTSIZE * 2] = dcval;
-      wsptr[DCTSIZE * 3] = dcval;
-
-      continue;
-    }
-
-    /* Even part */
-
-    tmp0 = DEQUANTIZE(inptr[DCTSIZE * 0], quantptr[DCTSIZE * 0]);
-    tmp0 = LEFT_SHIFT(tmp0, CONST_BITS + 1);
-
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 2], quantptr[DCTSIZE * 2]);
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 6], quantptr[DCTSIZE * 6]);
-
-    tmp2 = MULTIPLY(z2, FIX_1_847759065) + MULTIPLY(z3, -FIX_0_765366865);
-
-    tmp10 = tmp0 + tmp2;
-    tmp12 = tmp0 - tmp2;
-
-    /* Odd part */
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 7], quantptr[DCTSIZE * 7]);
-    z2 = DEQUANTIZE(inptr[DCTSIZE * 5], quantptr[DCTSIZE * 5]);
-    z3 = DEQUANTIZE(inptr[DCTSIZE * 3], quantptr[DCTSIZE * 3]);
-    z4 = DEQUANTIZE(inptr[DCTSIZE * 1], quantptr[DCTSIZE * 1]);
-
-    tmp0 = MULTIPLY(z1, -FIX_0_211164243) + /* sqrt(2) * ( c3-c1) */
-           MULTIPLY(z2,  FIX_1_451774981) + /* sqrt(2) * ( c3+c7) */
-           MULTIPLY(z3, -FIX_2_172734803) + /* sqrt(2) * (-c1-c5) */
-           MULTIPLY(z4,  FIX_1_061594337);  /* sqrt(2) * ( c5+c7) */
-
-    tmp2 = MULTIPLY(z1, -FIX_0_509795579) + /* sqrt(2) * (c7-c5) */
-           MULTIPLY(z2, -FIX_0_601344887) + /* sqrt(2) * (c5-c1) */
-           MULTIPLY(z3,  FIX_0_899976223) + /* sqrt(2) * (c3-c7) */
-           MULTIPLY(z4,  FIX_2_562915447);  /* sqrt(2) * (c1+c3) */
-
-    /* Final output stage */
-
-    wsptr[DCTSIZE * 0] =
-      (int)DESCALE(tmp10 + tmp2, CONST_BITS - PASS1_BITS + 1);
-    wsptr[DCTSIZE * 3] =
-      (int)DESCALE(tmp10 - tmp2, CONST_BITS - PASS1_BITS + 1);
-    wsptr[DCTSIZE * 1] =
-      (int)DESCALE(tmp12 + tmp0, CONST_BITS - PASS1_BITS + 1);
-    wsptr[DCTSIZE * 2] =
-      (int)DESCALE(tmp12 - tmp0, CONST_BITS - PASS1_BITS + 1);
-  }
-
-  /* Pass 2: process 4 rows from work array, store into output array. */
-
-  wsptr = workspace;
-  for (ctr = 0; ctr < 4; ctr++) {
-    outptr = output_buf[ctr] + output_col;
-    /* It's not clear whether a zero row test is worthwhile here ... */
-
-#ifndef NO_ZERO_ROW_TEST
-    if (wsptr[1] == 0 && wsptr[2] == 0 && wsptr[3] == 0 &&
-        wsptr[5] == 0 && wsptr[6] == 0 && wsptr[7] == 0) {
-      /* AC terms all zero */
-      JSAMPLE dcval = range_limit[(int)DESCALE((JLONG)wsptr[0],
-                                               PASS1_BITS + 3) & RANGE_MASK];
-
-      outptr[0] = dcval;
-      outptr[1] = dcval;
-      outptr[2] = dcval;
-      outptr[3] = dcval;
-
-      wsptr += DCTSIZE;         /* advance pointer to next row */
-      continue;
-    }
-#endif
-
-    /* Even part */
-
-    tmp0 = LEFT_SHIFT((JLONG)wsptr[0], CONST_BITS + 1);
-
-    tmp2 = MULTIPLY((JLONG)wsptr[2],  FIX_1_847759065) +
-           MULTIPLY((JLONG)wsptr[6], -FIX_0_765366865);
-
-    tmp10 = tmp0 + tmp2;
-    tmp12 = tmp0 - tmp2;
-
-    /* Odd part */
-
-    z1 = (JLONG)wsptr[7];
-    z2 = (JLONG)wsptr[5];
-    z3 = (JLONG)wsptr[3];
-    z4 = (JLONG)wsptr[1];
-
-    tmp0 = MULTIPLY(z1, -FIX_0_211164243) + /* sqrt(2) * ( c3-c1) */
-           MULTIPLY(z2,  FIX_1_451774981) + /* sqrt(2) * ( c3+c7) */
-           MULTIPLY(z3, -FIX_2_172734803) + /* sqrt(2) * (-c1-c5) */
-           MULTIPLY(z4,  FIX_1_061594337);  /* sqrt(2) * ( c5+c7) */
-
-    tmp2 = MULTIPLY(z1, -FIX_0_509795579) + /* sqrt(2) * (c7-c5) */
-           MULTIPLY(z2, -FIX_0_601344887) + /* sqrt(2) * (c5-c1) */
-           MULTIPLY(z3, FIX_0_899976223) +  /* sqrt(2) * (c3-c7) */
-           MULTIPLY(z4, FIX_2_562915447);   /* sqrt(2) * (c1+c3) */
-
-    /* Final output stage */
-
-    outptr[0] = range_limit[(int)DESCALE(tmp10 + tmp2,
-                                         CONST_BITS + PASS1_BITS + 3 + 1) &
-                            RANGE_MASK];
-    outptr[3] = range_limit[(int)DESCALE(tmp10 - tmp2,
-                                         CONST_BITS + PASS1_BITS + 3 + 1) &
-                            RANGE_MASK];
-    outptr[1] = range_limit[(int)DESCALE(tmp12 + tmp0,
-                                         CONST_BITS + PASS1_BITS + 3 + 1) &
-                            RANGE_MASK];
-    outptr[2] = range_limit[(int)DESCALE(tmp12 - tmp0,
-                                         CONST_BITS + PASS1_BITS + 3 + 1) &
-                            RANGE_MASK];
-
-    wsptr += DCTSIZE;           /* advance pointer to next row */
-  }
-}
-
-
-/*
- * Perform dequantization and inverse DCT on one block of coefficients,
- * producing a reduced-size 2x2 output block.
- */
-
-GLOBAL(void)
-jpeg_idct_2x2(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-              JCOEFPTR coef_block, JSAMPARRAY output_buf,
-              JDIMENSION output_col)
-{
-  JLONG tmp0, tmp10, z1;
-  JCOEFPTR inptr;
-  ISLOW_MULT_TYPE *quantptr;
-  int *wsptr;
-  JSAMPROW outptr;
-  JSAMPLE *range_limit = IDCT_range_limit(cinfo);
-  int ctr;
-  int workspace[DCTSIZE * 2];   /* buffers data between passes */
-  SHIFT_TEMPS
-
-  /* Pass 1: process columns from input, store into work array. */
-
-  inptr = coef_block;
-  quantptr = (ISLOW_MULT_TYPE *)compptr->dct_table;
-  wsptr = workspace;
-  for (ctr = DCTSIZE; ctr > 0; inptr++, quantptr++, wsptr++, ctr--) {
-    /* Don't bother to process columns 2,4,6 */
-    if (ctr == DCTSIZE - 2 || ctr == DCTSIZE - 4 || ctr == DCTSIZE - 6)
-      continue;
-    if (inptr[DCTSIZE * 1] == 0 && inptr[DCTSIZE * 3] == 0 &&
-        inptr[DCTSIZE * 5] == 0 && inptr[DCTSIZE * 7] == 0) {
-      /* AC terms all zero; we need not examine terms 2,4,6 for 2x2 output */
-      int dcval = LEFT_SHIFT(DEQUANTIZE(inptr[DCTSIZE * 0],
-                             quantptr[DCTSIZE * 0]), PASS1_BITS);
-
-      wsptr[DCTSIZE * 0] = dcval;
-      wsptr[DCTSIZE * 1] = dcval;
-
-      continue;
-    }
-
-    /* Even part */
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 0], quantptr[DCTSIZE * 0]);
-    tmp10 = LEFT_SHIFT(z1, CONST_BITS + 2);
-
-    /* Odd part */
-
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 7], quantptr[DCTSIZE * 7]);
-    tmp0 = MULTIPLY(z1, -FIX_0_720959822);  /* sqrt(2) * ( c7-c5+c3-c1) */
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 5], quantptr[DCTSIZE * 5]);
-    tmp0 += MULTIPLY(z1, FIX_0_850430095);  /* sqrt(2) * (-c1+c3+c5+c7) */
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 3], quantptr[DCTSIZE * 3]);
-    tmp0 += MULTIPLY(z1, -FIX_1_272758580); /* sqrt(2) * (-c1+c3-c5-c7) */
-    z1 = DEQUANTIZE(inptr[DCTSIZE * 1], quantptr[DCTSIZE * 1]);
-    tmp0 += MULTIPLY(z1, FIX_3_624509785);  /* sqrt(2) * ( c1+c3+c5+c7) */
-
-    /* Final output stage */
-
-    wsptr[DCTSIZE * 0] =
-      (int)DESCALE(tmp10 + tmp0, CONST_BITS - PASS1_BITS + 2);
-    wsptr[DCTSIZE * 1] =
-      (int)DESCALE(tmp10 - tmp0, CONST_BITS - PASS1_BITS + 2);
-  }
-
-  /* Pass 2: process 2 rows from work array, store into output array. */
-
-  wsptr = workspace;
-  for (ctr = 0; ctr < 2; ctr++) {
-    outptr = output_buf[ctr] + output_col;
-    /* It's not clear whether a zero row test is worthwhile here ... */
-
-#ifndef NO_ZERO_ROW_TEST
-    if (wsptr[1] == 0 && wsptr[3] == 0 && wsptr[5] == 0 && wsptr[7] == 0) {
-      /* AC terms all zero */
-      JSAMPLE dcval = range_limit[(int)DESCALE((JLONG)wsptr[0],
-                                               PASS1_BITS + 3) & RANGE_MASK];
-
-      outptr[0] = dcval;
-      outptr[1] = dcval;
-
-      wsptr += DCTSIZE;         /* advance pointer to next row */
-      continue;
-    }
-#endif
-
-    /* Even part */
-
-    tmp10 = LEFT_SHIFT((JLONG)wsptr[0], CONST_BITS + 2);
-
-    /* Odd part */
-
-    tmp0 = MULTIPLY((JLONG)wsptr[7], -FIX_0_720959822) + /* sqrt(2) * ( c7-c5+c3-c1) */
-           MULTIPLY((JLONG)wsptr[5],  FIX_0_850430095) + /* sqrt(2) * (-c1+c3+c5+c7) */
-           MULTIPLY((JLONG)wsptr[3], -FIX_1_272758580) + /* sqrt(2) * (-c1+c3-c5-c7) */
-           MULTIPLY((JLONG)wsptr[1],  FIX_3_624509785);  /* sqrt(2) * ( c1+c3+c5+c7) */
-
-    /* Final output stage */
-
-    outptr[0] = range_limit[(int)DESCALE(tmp10 + tmp0,
-                                         CONST_BITS + PASS1_BITS + 3 + 2) &
-                            RANGE_MASK];
-    outptr[1] = range_limit[(int)DESCALE(tmp10 - tmp0,
-                                         CONST_BITS + PASS1_BITS + 3 + 2) &
-                            RANGE_MASK];
-
-    wsptr += DCTSIZE;           /* advance pointer to next row */
-  }
-}
-
-
-/*
- * Perform dequantization and inverse DCT on one block of coefficients,
- * producing a reduced-size 1x1 output block.
- */
-
-GLOBAL(void)
-jpeg_idct_1x1(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-              JCOEFPTR coef_block, JSAMPARRAY output_buf,
-              JDIMENSION output_col)
-{
-  int dcval;
-  ISLOW_MULT_TYPE *quantptr;
-  JSAMPLE *range_limit = IDCT_range_limit(cinfo);
-  SHIFT_TEMPS
-
-  /* We hardly need an inverse DCT routine for this: just take the
-   * average pixel value, which is one-eighth of the DC coefficient.
-   */
-  quantptr = (ISLOW_MULT_TYPE *)compptr->dct_table;
-  dcval = DEQUANTIZE(coef_block[0], quantptr[0]);
-  dcval = (int)DESCALE((JLONG)dcval, 3);
-
-  output_buf[0][output_col] = range_limit[dcval & RANGE_MASK];
-}
-
-#endif /* IDCT_SCALING_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jinclude.h b/3rdparty/libjpeg-turbo_2_1_0/jinclude.h
deleted file mode 100644
index c1bcf7d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jinclude.h
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * jinclude.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1994, Thomas G. Lane.
- * It was modified by The libjpeg-turbo Project to include only code relevant
- * to libjpeg-turbo.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file exists to provide a single place to fix any problems with
- * including the wrong system include files.  (Common problems are taken
- * care of by the standard jconfig symbols, but on really weird systems
- * you may have to edit this file.)
- *
- * NOTE: this file is NOT intended to be included by applications using the
- * JPEG library.  Most applications need only include jpeglib.h.
- */
-
-
-/* Include auto-config file to find out which system include files we need. */
-
-#include "jconfig.h"            /* auto configuration options */
-#define JCONFIG_INCLUDED        /* so that jpeglib.h doesn't do it again */
-
-/*
- * We need the NULL macro and size_t typedef.
- * On an ANSI-conforming system it is sufficient to include <stddef.h>.
- * Otherwise, we get them from <stdlib.h> or <stdio.h>; we may have to
- * pull in <sys/types.h> as well.
- * Note that the core JPEG library does not require <stdio.h>;
- * only the default error handler and data source/destination modules do.
- * But we must pull it in because of the references to FILE in jpeglib.h.
- * You can remove those references if you want to compile without <stdio.h>.
- */
-
-#ifdef HAVE_STDDEF_H
-#include <stddef.h>
-#endif
-
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-
-#ifdef NEED_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#include <stdio.h>
-
-/*
- * We need memory copying and zeroing functions, plus strncpy().
- * ANSI and System V implementations declare these in <string.h>.
- * BSD doesn't have the mem() functions, but it does have bcopy()/bzero().
- * Some systems may declare memset and memcpy in <memory.h>.
- *
- * NOTE: we assume the size parameters to these functions are of type size_t.
- * Change the casts in these macros if not!
- */
-
-#ifdef NEED_BSD_STRINGS
-
-#include <strings.h>
-#define MEMZERO(target, size) \
-  bzero((void *)(target), (size_t)(size))
-#define MEMCOPY(dest, src, size) \
-  bcopy((const void *)(src), (void *)(dest), (size_t)(size))
-
-#else /* not BSD, assume ANSI/SysV string lib */
-
-#include <string.h>
-#define MEMZERO(target, size) \
-  memset((void *)(target), 0, (size_t)(size))
-#define MEMCOPY(dest, src, size) \
-  memcpy((void *)(dest), (const void *)(src), (size_t)(size))
-
-#endif
-
-/*
- * The modules that use fread() and fwrite() always invoke them through
- * these macros.  On some systems you may need to twiddle the argument casts.
- * CAUTION: argument order is different from underlying functions!
- */
-
-#define JFREAD(file, buf, sizeofbuf) \
-  ((size_t)fread((void *)(buf), (size_t)1, (size_t)(sizeofbuf), (file)))
-#define JFWRITE(file, buf, sizeofbuf) \
-  ((size_t)fwrite((const void *)(buf), (size_t)1, (size_t)(sizeofbuf), (file)))
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jmemmgr.c b/3rdparty/libjpeg-turbo_2_1_0/jmemmgr.c
deleted file mode 100644
index 508ca74..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jmemmgr.c
+++ /dev/null
@@ -1,1179 +0,0 @@
-/*
- * jmemmgr.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1997, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2016, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains the JPEG system-independent memory management
- * routines.  This code is usable across a wide variety of machines; most
- * of the system dependencies have been isolated in a separate file.
- * The major functions provided here are:
- *   * pool-based allocation and freeing of memory;
- *   * policy decisions about how to divide available memory among the
- *     virtual arrays;
- *   * control logic for swapping virtual arrays between main memory and
- *     backing storage.
- * The separate system-dependent file provides the actual backing-storage
- * access code, and it contains the policy decision about how much total
- * main memory to use.
- * This file is system-dependent in the sense that some of its functions
- * are unnecessary in some systems.  For example, if there is enough virtual
- * memory so that backing storage will never be used, much of the virtual
- * array control logic could be removed.  (Of course, if you have that much
- * memory then you shouldn't care about a little bit of unused code...)
- */
-
-#define JPEG_INTERNALS
-#define AM_MEMORY_MANAGER       /* we define jvirt_Xarray_control structs */
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jmemsys.h"            /* import the system-dependent declarations */
-#if !defined(_MSC_VER) || _MSC_VER > 1600
-#include <stdint.h>
-#endif
-#include <limits.h>
-
-#ifndef NO_GETENV
-#ifndef HAVE_STDLIB_H           /* <stdlib.h> should declare getenv() */
-extern char *getenv(const char *name);
-#endif
-#endif
-
-
-LOCAL(size_t)
-round_up_pow2(size_t a, size_t b)
-/* a rounded up to the next multiple of b, i.e. ceil(a/b)*b */
-/* Assumes a >= 0, b > 0, and b is a power of 2 */
-{
-  return ((a + b - 1) & (~(b - 1)));
-}
-
-
-/*
- * Some important notes:
- *   The allocation routines provided here must never return NULL.
- *   They should exit to error_exit if unsuccessful.
- *
- *   It's not a good idea to try to merge the sarray and barray routines,
- *   even though they are textually almost the same, because samples are
- *   usually stored as bytes while coefficients are shorts or ints.  Thus,
- *   in machines where byte pointers have a different representation from
- *   word pointers, the resulting machine code could not be the same.
- */
-
-
-/*
- * Many machines require storage alignment: longs must start on 4-byte
- * boundaries, doubles on 8-byte boundaries, etc.  On such machines, malloc()
- * always returns pointers that are multiples of the worst-case alignment
- * requirement, and we had better do so too.
- * There isn't any really portable way to determine the worst-case alignment
- * requirement.  This module assumes that the alignment requirement is
- * multiples of ALIGN_SIZE.
- * By default, we define ALIGN_SIZE as sizeof(double).  This is necessary on
- * some workstations (where doubles really do need 8-byte alignment) and will
- * work fine on nearly everything.  If your machine has lesser alignment needs,
- * you can save a few bytes by making ALIGN_SIZE smaller.
- * The only place I know of where this will NOT work is certain Macintosh
- * 680x0 compilers that define double as a 10-byte IEEE extended float.
- * Doing 10-byte alignment is counterproductive because longwords won't be
- * aligned well.  Put "#define ALIGN_SIZE 4" in jconfig.h if you have
- * such a compiler.
- */
-
-#ifndef ALIGN_SIZE              /* so can override from jconfig.h */
-#ifndef WITH_SIMD
-#define ALIGN_SIZE  sizeof(double)
-#else
-#define ALIGN_SIZE  32 /* Most of the SIMD instructions we support require
-                          16-byte (128-bit) alignment, but AVX2 requires
-                          32-byte alignment. */
-#endif
-#endif
-
-/*
- * We allocate objects from "pools", where each pool is gotten with a single
- * request to jpeg_get_small() or jpeg_get_large().  There is no per-object
- * overhead within a pool, except for alignment padding.  Each pool has a
- * header with a link to the next pool of the same class.
- * Small and large pool headers are identical.
- */
-
-typedef struct small_pool_struct *small_pool_ptr;
-
-typedef struct small_pool_struct {
-  small_pool_ptr next;          /* next in list of pools */
-  size_t bytes_used;            /* how many bytes already used within pool */
-  size_t bytes_left;            /* bytes still available in this pool */
-} small_pool_hdr;
-
-typedef struct large_pool_struct *large_pool_ptr;
-
-typedef struct large_pool_struct {
-  large_pool_ptr next;          /* next in list of pools */
-  size_t bytes_used;            /* how many bytes already used within pool */
-  size_t bytes_left;            /* bytes still available in this pool */
-} large_pool_hdr;
-
-/*
- * Here is the full definition of a memory manager object.
- */
-
-typedef struct {
-  struct jpeg_memory_mgr pub;   /* public fields */
-
-  /* Each pool identifier (lifetime class) names a linked list of pools. */
-  small_pool_ptr small_list[JPOOL_NUMPOOLS];
-  large_pool_ptr large_list[JPOOL_NUMPOOLS];
-
-  /* Since we only have one lifetime class of virtual arrays, only one
-   * linked list is necessary (for each datatype).  Note that the virtual
-   * array control blocks being linked together are actually stored somewhere
-   * in the small-pool list.
-   */
-  jvirt_sarray_ptr virt_sarray_list;
-  jvirt_barray_ptr virt_barray_list;
-
-  /* This counts total space obtained from jpeg_get_small/large */
-  size_t total_space_allocated;
-
-  /* alloc_sarray and alloc_barray set this value for use by virtual
-   * array routines.
-   */
-  JDIMENSION last_rowsperchunk; /* from most recent alloc_sarray/barray */
-} my_memory_mgr;
-
-typedef my_memory_mgr *my_mem_ptr;
-
-
-/*
- * The control blocks for virtual arrays.
- * Note that these blocks are allocated in the "small" pool area.
- * System-dependent info for the associated backing store (if any) is hidden
- * inside the backing_store_info struct.
- */
-
-struct jvirt_sarray_control {
-  JSAMPARRAY mem_buffer;        /* => the in-memory buffer */
-  JDIMENSION rows_in_array;     /* total virtual array height */
-  JDIMENSION samplesperrow;     /* width of array (and of memory buffer) */
-  JDIMENSION maxaccess;         /* max rows accessed by access_virt_sarray */
-  JDIMENSION rows_in_mem;       /* height of memory buffer */
-  JDIMENSION rowsperchunk;      /* allocation chunk size in mem_buffer */
-  JDIMENSION cur_start_row;     /* first logical row # in the buffer */
-  JDIMENSION first_undef_row;   /* row # of first uninitialized row */
-  boolean pre_zero;             /* pre-zero mode requested? */
-  boolean dirty;                /* do current buffer contents need written? */
-  boolean b_s_open;             /* is backing-store data valid? */
-  jvirt_sarray_ptr next;        /* link to next virtual sarray control block */
-  backing_store_info b_s_info;  /* System-dependent control info */
-};
-
-struct jvirt_barray_control {
-  JBLOCKARRAY mem_buffer;       /* => the in-memory buffer */
-  JDIMENSION rows_in_array;     /* total virtual array height */
-  JDIMENSION blocksperrow;      /* width of array (and of memory buffer) */
-  JDIMENSION maxaccess;         /* max rows accessed by access_virt_barray */
-  JDIMENSION rows_in_mem;       /* height of memory buffer */
-  JDIMENSION rowsperchunk;      /* allocation chunk size in mem_buffer */
-  JDIMENSION cur_start_row;     /* first logical row # in the buffer */
-  JDIMENSION first_undef_row;   /* row # of first uninitialized row */
-  boolean pre_zero;             /* pre-zero mode requested? */
-  boolean dirty;                /* do current buffer contents need written? */
-  boolean b_s_open;             /* is backing-store data valid? */
-  jvirt_barray_ptr next;        /* link to next virtual barray control block */
-  backing_store_info b_s_info;  /* System-dependent control info */
-};
-
-
-#ifdef MEM_STATS                /* optional extra stuff for statistics */
-
-LOCAL(void)
-print_mem_stats(j_common_ptr cinfo, int pool_id)
-{
-  my_mem_ptr mem = (my_mem_ptr)cinfo->mem;
-  small_pool_ptr shdr_ptr;
-  large_pool_ptr lhdr_ptr;
-
-  /* Since this is only a debugging stub, we can cheat a little by using
-   * fprintf directly rather than going through the trace message code.
-   * This is helpful because message parm array can't handle longs.
-   */
-  fprintf(stderr, "Freeing pool %d, total space = %ld\n",
-          pool_id, mem->total_space_allocated);
-
-  for (lhdr_ptr = mem->large_list[pool_id]; lhdr_ptr != NULL;
-       lhdr_ptr = lhdr_ptr->next) {
-    fprintf(stderr, "  Large chunk used %ld\n", (long)lhdr_ptr->bytes_used);
-  }
-
-  for (shdr_ptr = mem->small_list[pool_id]; shdr_ptr != NULL;
-       shdr_ptr = shdr_ptr->next) {
-    fprintf(stderr, "  Small chunk used %ld free %ld\n",
-            (long)shdr_ptr->bytes_used, (long)shdr_ptr->bytes_left);
-  }
-}
-
-#endif /* MEM_STATS */
-
-
-LOCAL(void)
-out_of_memory(j_common_ptr cinfo, int which)
-/* Report an out-of-memory error and stop execution */
-/* If we compiled MEM_STATS support, report alloc requests before dying */
-{
-#ifdef MEM_STATS
-  cinfo->err->trace_level = 2;  /* force self_destruct to report stats */
-#endif
-  ERREXIT1(cinfo, JERR_OUT_OF_MEMORY, which);
-}
-
-
-/*
- * Allocation of "small" objects.
- *
- * For these, we use pooled storage.  When a new pool must be created,
- * we try to get enough space for the current request plus a "slop" factor,
- * where the slop will be the amount of leftover space in the new pool.
- * The speed vs. space tradeoff is largely determined by the slop values.
- * A different slop value is provided for each pool class (lifetime),
- * and we also distinguish the first pool of a class from later ones.
- * NOTE: the values given work fairly well on both 16- and 32-bit-int
- * machines, but may be too small if longs are 64 bits or more.
- *
- * Since we do not know what alignment malloc() gives us, we have to
- * allocate ALIGN_SIZE-1 extra space per pool to have room for alignment
- * adjustment.
- */
-
-static const size_t first_pool_slop[JPOOL_NUMPOOLS] = {
-  1600,                         /* first PERMANENT pool */
-  16000                         /* first IMAGE pool */
-};
-
-static const size_t extra_pool_slop[JPOOL_NUMPOOLS] = {
-  0,                            /* additional PERMANENT pools */
-  5000                          /* additional IMAGE pools */
-};
-
-#define MIN_SLOP  50            /* greater than 0 to avoid futile looping */
-
-
-METHODDEF(void *)
-alloc_small(j_common_ptr cinfo, int pool_id, size_t sizeofobject)
-/* Allocate a "small" object */
-{
-  my_mem_ptr mem = (my_mem_ptr)cinfo->mem;
-  small_pool_ptr hdr_ptr, prev_hdr_ptr;
-  char *data_ptr;
-  size_t min_request, slop;
-
-  /*
-   * Round up the requested size to a multiple of ALIGN_SIZE in order
-   * to assure alignment for the next object allocated in the same pool
-   * and so that algorithms can straddle outside the proper area up
-   * to the next alignment.
-   */
-  if (sizeofobject > MAX_ALLOC_CHUNK) {
-    /* This prevents overflow/wrap-around in round_up_pow2() if sizeofobject
-       is close to SIZE_MAX. */
-    out_of_memory(cinfo, 7);
-  }
-  sizeofobject = round_up_pow2(sizeofobject, ALIGN_SIZE);
-
-  /* Check for unsatisfiable request (do now to ensure no overflow below) */
-  if ((sizeof(small_pool_hdr) + sizeofobject + ALIGN_SIZE - 1) >
-      MAX_ALLOC_CHUNK)
-    out_of_memory(cinfo, 1);    /* request exceeds malloc's ability */
-
-  /* See if space is available in any existing pool */
-  if (pool_id < 0 || pool_id >= JPOOL_NUMPOOLS)
-    ERREXIT1(cinfo, JERR_BAD_POOL_ID, pool_id); /* safety check */
-  prev_hdr_ptr = NULL;
-  hdr_ptr = mem->small_list[pool_id];
-  while (hdr_ptr != NULL) {
-    if (hdr_ptr->bytes_left >= sizeofobject)
-      break;                    /* found pool with enough space */
-    prev_hdr_ptr = hdr_ptr;
-    hdr_ptr = hdr_ptr->next;
-  }
-
-  /* Time to make a new pool? */
-  if (hdr_ptr == NULL) {
-    /* min_request is what we need now, slop is what will be leftover */
-    min_request = sizeof(small_pool_hdr) + sizeofobject + ALIGN_SIZE - 1;
-    if (prev_hdr_ptr == NULL)   /* first pool in class? */
-      slop = first_pool_slop[pool_id];
-    else
-      slop = extra_pool_slop[pool_id];
-    /* Don't ask for more than MAX_ALLOC_CHUNK */
-    if (slop > (size_t)(MAX_ALLOC_CHUNK - min_request))
-      slop = (size_t)(MAX_ALLOC_CHUNK - min_request);
-    /* Try to get space, if fail reduce slop and try again */
-    for (;;) {
-      hdr_ptr = (small_pool_ptr)jpeg_get_small(cinfo, min_request + slop);
-      if (hdr_ptr != NULL)
-        break;
-      slop /= 2;
-      if (slop < MIN_SLOP)      /* give up when it gets real small */
-        out_of_memory(cinfo, 2); /* jpeg_get_small failed */
-    }
-    mem->total_space_allocated += min_request + slop;
-    /* Success, initialize the new pool header and add to end of list */
-    hdr_ptr->next = NULL;
-    hdr_ptr->bytes_used = 0;
-    hdr_ptr->bytes_left = sizeofobject + slop;
-    if (prev_hdr_ptr == NULL)   /* first pool in class? */
-      mem->small_list[pool_id] = hdr_ptr;
-    else
-      prev_hdr_ptr->next = hdr_ptr;
-  }
-
-  /* OK, allocate the object from the current pool */
-  data_ptr = (char *)hdr_ptr; /* point to first data byte in pool... */
-  data_ptr += sizeof(small_pool_hdr); /* ...by skipping the header... */
-  if ((size_t)data_ptr % ALIGN_SIZE) /* ...and adjust for alignment */
-    data_ptr += ALIGN_SIZE - (size_t)data_ptr % ALIGN_SIZE;
-  data_ptr += hdr_ptr->bytes_used; /* point to place for object */
-  hdr_ptr->bytes_used += sizeofobject;
-  hdr_ptr->bytes_left -= sizeofobject;
-
-  return (void *)data_ptr;
-}
-
-
-/*
- * Allocation of "large" objects.
- *
- * The external semantics of these are the same as "small" objects.  However,
- * the pool management heuristics are quite different.  We assume that each
- * request is large enough that it may as well be passed directly to
- * jpeg_get_large; the pool management just links everything together
- * so that we can free it all on demand.
- * Note: the major use of "large" objects is in JSAMPARRAY and JBLOCKARRAY
- * structures.  The routines that create these structures (see below)
- * deliberately bunch rows together to ensure a large request size.
- */
-
-METHODDEF(void *)
-alloc_large(j_common_ptr cinfo, int pool_id, size_t sizeofobject)
-/* Allocate a "large" object */
-{
-  my_mem_ptr mem = (my_mem_ptr)cinfo->mem;
-  large_pool_ptr hdr_ptr;
-  char *data_ptr;
-
-  /*
-   * Round up the requested size to a multiple of ALIGN_SIZE so that
-   * algorithms can straddle outside the proper area up to the next
-   * alignment.
-   */
-  if (sizeofobject > MAX_ALLOC_CHUNK) {
-    /* This prevents overflow/wrap-around in round_up_pow2() if sizeofobject
-       is close to SIZE_MAX. */
-    out_of_memory(cinfo, 8);
-  }
-  sizeofobject = round_up_pow2(sizeofobject, ALIGN_SIZE);
-
-  /* Check for unsatisfiable request (do now to ensure no overflow below) */
-  if ((sizeof(large_pool_hdr) + sizeofobject + ALIGN_SIZE - 1) >
-      MAX_ALLOC_CHUNK)
-    out_of_memory(cinfo, 3);    /* request exceeds malloc's ability */
-
-  /* Always make a new pool */
-  if (pool_id < 0 || pool_id >= JPOOL_NUMPOOLS)
-    ERREXIT1(cinfo, JERR_BAD_POOL_ID, pool_id); /* safety check */
-
-  hdr_ptr = (large_pool_ptr)jpeg_get_large(cinfo, sizeofobject +
-                                           sizeof(large_pool_hdr) +
-                                           ALIGN_SIZE - 1);
-  if (hdr_ptr == NULL)
-    out_of_memory(cinfo, 4);    /* jpeg_get_large failed */
-  mem->total_space_allocated += sizeofobject + sizeof(large_pool_hdr) +
-                                ALIGN_SIZE - 1;
-
-  /* Success, initialize the new pool header and add to list */
-  hdr_ptr->next = mem->large_list[pool_id];
-  /* We maintain space counts in each pool header for statistical purposes,
-   * even though they are not needed for allocation.
-   */
-  hdr_ptr->bytes_used = sizeofobject;
-  hdr_ptr->bytes_left = 0;
-  mem->large_list[pool_id] = hdr_ptr;
-
-  data_ptr = (char *)hdr_ptr; /* point to first data byte in pool... */
-  data_ptr += sizeof(small_pool_hdr); /* ...by skipping the header... */
-  if ((size_t)data_ptr % ALIGN_SIZE) /* ...and adjust for alignment */
-    data_ptr += ALIGN_SIZE - (size_t)data_ptr % ALIGN_SIZE;
-
-  return (void *)data_ptr;
-}
-
-
-/*
- * Creation of 2-D sample arrays.
- *
- * To minimize allocation overhead and to allow I/O of large contiguous
- * blocks, we allocate the sample rows in groups of as many rows as possible
- * without exceeding MAX_ALLOC_CHUNK total bytes per allocation request.
- * NB: the virtual array control routines, later in this file, know about
- * this chunking of rows.  The rowsperchunk value is left in the mem manager
- * object so that it can be saved away if this sarray is the workspace for
- * a virtual array.
- *
- * Since we are often upsampling with a factor 2, we align the size (not
- * the start) to 2 * ALIGN_SIZE so that the upsampling routines don't have
- * to be as careful about size.
- */
-
-METHODDEF(JSAMPARRAY)
-alloc_sarray(j_common_ptr cinfo, int pool_id, JDIMENSION samplesperrow,
-             JDIMENSION numrows)
-/* Allocate a 2-D sample array */
-{
-  my_mem_ptr mem = (my_mem_ptr)cinfo->mem;
-  JSAMPARRAY result;
-  JSAMPROW workspace;
-  JDIMENSION rowsperchunk, currow, i;
-  long ltemp;
-
-  /* Make sure each row is properly aligned */
-  if ((ALIGN_SIZE % sizeof(JSAMPLE)) != 0)
-    out_of_memory(cinfo, 5);    /* safety check */
-
-  if (samplesperrow > MAX_ALLOC_CHUNK) {
-    /* This prevents overflow/wrap-around in round_up_pow2() if sizeofobject
-       is close to SIZE_MAX. */
-    out_of_memory(cinfo, 9);
-  }
-  samplesperrow = (JDIMENSION)round_up_pow2(samplesperrow, (2 * ALIGN_SIZE) /
-                                                           sizeof(JSAMPLE));
-
-  /* Calculate max # of rows allowed in one allocation chunk */
-  ltemp = (MAX_ALLOC_CHUNK - sizeof(large_pool_hdr)) /
-          ((long)samplesperrow * sizeof(JSAMPLE));
-  if (ltemp <= 0)
-    ERREXIT(cinfo, JERR_WIDTH_OVERFLOW);
-  if (ltemp < (long)numrows)
-    rowsperchunk = (JDIMENSION)ltemp;
-  else
-    rowsperchunk = numrows;
-  mem->last_rowsperchunk = rowsperchunk;
-
-  /* Get space for row pointers (small object) */
-  result = (JSAMPARRAY)alloc_small(cinfo, pool_id,
-                                   (size_t)(numrows * sizeof(JSAMPROW)));
-
-  /* Get the rows themselves (large objects) */
-  currow = 0;
-  while (currow < numrows) {
-    rowsperchunk = MIN(rowsperchunk, numrows - currow);
-    workspace = (JSAMPROW)alloc_large(cinfo, pool_id,
-      (size_t)((size_t)rowsperchunk * (size_t)samplesperrow *
-               sizeof(JSAMPLE)));
-    for (i = rowsperchunk; i > 0; i--) {
-      result[currow++] = workspace;
-      workspace += samplesperrow;
-    }
-  }
-
-  return result;
-}
-
-
-/*
- * Creation of 2-D coefficient-block arrays.
- * This is essentially the same as the code for sample arrays, above.
- */
-
-METHODDEF(JBLOCKARRAY)
-alloc_barray(j_common_ptr cinfo, int pool_id, JDIMENSION blocksperrow,
-             JDIMENSION numrows)
-/* Allocate a 2-D coefficient-block array */
-{
-  my_mem_ptr mem = (my_mem_ptr)cinfo->mem;
-  JBLOCKARRAY result;
-  JBLOCKROW workspace;
-  JDIMENSION rowsperchunk, currow, i;
-  long ltemp;
-
-  /* Make sure each row is properly aligned */
-  if ((sizeof(JBLOCK) % ALIGN_SIZE) != 0)
-    out_of_memory(cinfo, 6);    /* safety check */
-
-  /* Calculate max # of rows allowed in one allocation chunk */
-  ltemp = (MAX_ALLOC_CHUNK - sizeof(large_pool_hdr)) /
-          ((long)blocksperrow * sizeof(JBLOCK));
-  if (ltemp <= 0)
-    ERREXIT(cinfo, JERR_WIDTH_OVERFLOW);
-  if (ltemp < (long)numrows)
-    rowsperchunk = (JDIMENSION)ltemp;
-  else
-    rowsperchunk = numrows;
-  mem->last_rowsperchunk = rowsperchunk;
-
-  /* Get space for row pointers (small object) */
-  result = (JBLOCKARRAY)alloc_small(cinfo, pool_id,
-                                    (size_t)(numrows * sizeof(JBLOCKROW)));
-
-  /* Get the rows themselves (large objects) */
-  currow = 0;
-  while (currow < numrows) {
-    rowsperchunk = MIN(rowsperchunk, numrows - currow);
-    workspace = (JBLOCKROW)alloc_large(cinfo, pool_id,
-        (size_t)((size_t)rowsperchunk * (size_t)blocksperrow *
-                  sizeof(JBLOCK)));
-    for (i = rowsperchunk; i > 0; i--) {
-      result[currow++] = workspace;
-      workspace += blocksperrow;
-    }
-  }
-
-  return result;
-}
-
-
-/*
- * About virtual array management:
- *
- * The above "normal" array routines are only used to allocate strip buffers
- * (as wide as the image, but just a few rows high).  Full-image-sized buffers
- * are handled as "virtual" arrays.  The array is still accessed a strip at a
- * time, but the memory manager must save the whole array for repeated
- * accesses.  The intended implementation is that there is a strip buffer in
- * memory (as high as is possible given the desired memory limit), plus a
- * backing file that holds the rest of the array.
- *
- * The request_virt_array routines are told the total size of the image and
- * the maximum number of rows that will be accessed at once.  The in-memory
- * buffer must be at least as large as the maxaccess value.
- *
- * The request routines create control blocks but not the in-memory buffers.
- * That is postponed until realize_virt_arrays is called.  At that time the
- * total amount of space needed is known (approximately, anyway), so free
- * memory can be divided up fairly.
- *
- * The access_virt_array routines are responsible for making a specific strip
- * area accessible (after reading or writing the backing file, if necessary).
- * Note that the access routines are told whether the caller intends to modify
- * the accessed strip; during a read-only pass this saves having to rewrite
- * data to disk.  The access routines are also responsible for pre-zeroing
- * any newly accessed rows, if pre-zeroing was requested.
- *
- * In current usage, the access requests are usually for nonoverlapping
- * strips; that is, successive access start_row numbers differ by exactly
- * num_rows = maxaccess.  This means we can get good performance with simple
- * buffer dump/reload logic, by making the in-memory buffer be a multiple
- * of the access height; then there will never be accesses across bufferload
- * boundaries.  The code will still work with overlapping access requests,
- * but it doesn't handle bufferload overlaps very efficiently.
- */
-
-
-METHODDEF(jvirt_sarray_ptr)
-request_virt_sarray(j_common_ptr cinfo, int pool_id, boolean pre_zero,
-                    JDIMENSION samplesperrow, JDIMENSION numrows,
-                    JDIMENSION maxaccess)
-/* Request a virtual 2-D sample array */
-{
-  my_mem_ptr mem = (my_mem_ptr)cinfo->mem;
-  jvirt_sarray_ptr result;
-
-  /* Only IMAGE-lifetime virtual arrays are currently supported */
-  if (pool_id != JPOOL_IMAGE)
-    ERREXIT1(cinfo, JERR_BAD_POOL_ID, pool_id); /* safety check */
-
-  /* get control block */
-  result = (jvirt_sarray_ptr)alloc_small(cinfo, pool_id,
-                                         sizeof(struct jvirt_sarray_control));
-
-  result->mem_buffer = NULL;    /* marks array not yet realized */
-  result->rows_in_array = numrows;
-  result->samplesperrow = samplesperrow;
-  result->maxaccess = maxaccess;
-  result->pre_zero = pre_zero;
-  result->b_s_open = FALSE;     /* no associated backing-store object */
-  result->next = mem->virt_sarray_list; /* add to list of virtual arrays */
-  mem->virt_sarray_list = result;
-
-  return result;
-}
-
-
-METHODDEF(jvirt_barray_ptr)
-request_virt_barray(j_common_ptr cinfo, int pool_id, boolean pre_zero,
-                    JDIMENSION blocksperrow, JDIMENSION numrows,
-                    JDIMENSION maxaccess)
-/* Request a virtual 2-D coefficient-block array */
-{
-  my_mem_ptr mem = (my_mem_ptr)cinfo->mem;
-  jvirt_barray_ptr result;
-
-  /* Only IMAGE-lifetime virtual arrays are currently supported */
-  if (pool_id != JPOOL_IMAGE)
-    ERREXIT1(cinfo, JERR_BAD_POOL_ID, pool_id); /* safety check */
-
-  /* get control block */
-  result = (jvirt_barray_ptr)alloc_small(cinfo, pool_id,
-                                         sizeof(struct jvirt_barray_control));
-
-  result->mem_buffer = NULL;    /* marks array not yet realized */
-  result->rows_in_array = numrows;
-  result->blocksperrow = blocksperrow;
-  result->maxaccess = maxaccess;
-  result->pre_zero = pre_zero;
-  result->b_s_open = FALSE;     /* no associated backing-store object */
-  result->next = mem->virt_barray_list; /* add to list of virtual arrays */
-  mem->virt_barray_list = result;
-
-  return result;
-}
-
-
-METHODDEF(void)
-realize_virt_arrays(j_common_ptr cinfo)
-/* Allocate the in-memory buffers for any unrealized virtual arrays */
-{
-  my_mem_ptr mem = (my_mem_ptr)cinfo->mem;
-  size_t space_per_minheight, maximum_space, avail_mem;
-  size_t minheights, max_minheights;
-  jvirt_sarray_ptr sptr;
-  jvirt_barray_ptr bptr;
-
-  /* Compute the minimum space needed (maxaccess rows in each buffer)
-   * and the maximum space needed (full image height in each buffer).
-   * These may be of use to the system-dependent jpeg_mem_available routine.
-   */
-  space_per_minheight = 0;
-  maximum_space = 0;
-  for (sptr = mem->virt_sarray_list; sptr != NULL; sptr = sptr->next) {
-    if (sptr->mem_buffer == NULL) { /* if not realized yet */
-      size_t new_space = (long)sptr->rows_in_array *
-                         (long)sptr->samplesperrow * sizeof(JSAMPLE);
-
-      space_per_minheight += (long)sptr->maxaccess *
-                             (long)sptr->samplesperrow * sizeof(JSAMPLE);
-      if (SIZE_MAX - maximum_space < new_space)
-        out_of_memory(cinfo, 10);
-      maximum_space += new_space;
-    }
-  }
-  for (bptr = mem->virt_barray_list; bptr != NULL; bptr = bptr->next) {
-    if (bptr->mem_buffer == NULL) { /* if not realized yet */
-      size_t new_space = (long)bptr->rows_in_array *
-                         (long)bptr->blocksperrow * sizeof(JBLOCK);
-
-      space_per_minheight += (long)bptr->maxaccess *
-                             (long)bptr->blocksperrow * sizeof(JBLOCK);
-      if (SIZE_MAX - maximum_space < new_space)
-        out_of_memory(cinfo, 11);
-      maximum_space += new_space;
-    }
-  }
-
-  if (space_per_minheight <= 0)
-    return;                     /* no unrealized arrays, no work */
-
-  /* Determine amount of memory to actually use; this is system-dependent. */
-  avail_mem = jpeg_mem_available(cinfo, space_per_minheight, maximum_space,
-                                 mem->total_space_allocated);
-
-  /* If the maximum space needed is available, make all the buffers full
-   * height; otherwise parcel it out with the same number of minheights
-   * in each buffer.
-   */
-  if (avail_mem >= maximum_space)
-    max_minheights = 1000000000L;
-  else {
-    max_minheights = avail_mem / space_per_minheight;
-    /* If there doesn't seem to be enough space, try to get the minimum
-     * anyway.  This allows a "stub" implementation of jpeg_mem_available().
-     */
-    if (max_minheights <= 0)
-      max_minheights = 1;
-  }
-
-  /* Allocate the in-memory buffers and initialize backing store as needed. */
-
-  for (sptr = mem->virt_sarray_list; sptr != NULL; sptr = sptr->next) {
-    if (sptr->mem_buffer == NULL) { /* if not realized yet */
-      minheights = ((long)sptr->rows_in_array - 1L) / sptr->maxaccess + 1L;
-      if (minheights <= max_minheights) {
-        /* This buffer fits in memory */
-        sptr->rows_in_mem = sptr->rows_in_array;
-      } else {
-        /* It doesn't fit in memory, create backing store. */
-        sptr->rows_in_mem = (JDIMENSION)(max_minheights * sptr->maxaccess);
-        jpeg_open_backing_store(cinfo, &sptr->b_s_info,
-                                (long)sptr->rows_in_array *
-                                (long)sptr->samplesperrow *
-                                (long)sizeof(JSAMPLE));
-        sptr->b_s_open = TRUE;
-      }
-      sptr->mem_buffer = alloc_sarray(cinfo, JPOOL_IMAGE,
-                                      sptr->samplesperrow, sptr->rows_in_mem);
-      sptr->rowsperchunk = mem->last_rowsperchunk;
-      sptr->cur_start_row = 0;
-      sptr->first_undef_row = 0;
-      sptr->dirty = FALSE;
-    }
-  }
-
-  for (bptr = mem->virt_barray_list; bptr != NULL; bptr = bptr->next) {
-    if (bptr->mem_buffer == NULL) { /* if not realized yet */
-      minheights = ((long)bptr->rows_in_array - 1L) / bptr->maxaccess + 1L;
-      if (minheights <= max_minheights) {
-        /* This buffer fits in memory */
-        bptr->rows_in_mem = bptr->rows_in_array;
-      } else {
-        /* It doesn't fit in memory, create backing store. */
-        bptr->rows_in_mem = (JDIMENSION)(max_minheights * bptr->maxaccess);
-        jpeg_open_backing_store(cinfo, &bptr->b_s_info,
-                                (long)bptr->rows_in_array *
-                                (long)bptr->blocksperrow *
-                                (long)sizeof(JBLOCK));
-        bptr->b_s_open = TRUE;
-      }
-      bptr->mem_buffer = alloc_barray(cinfo, JPOOL_IMAGE,
-                                      bptr->blocksperrow, bptr->rows_in_mem);
-      bptr->rowsperchunk = mem->last_rowsperchunk;
-      bptr->cur_start_row = 0;
-      bptr->first_undef_row = 0;
-      bptr->dirty = FALSE;
-    }
-  }
-}
-
-
-LOCAL(void)
-do_sarray_io(j_common_ptr cinfo, jvirt_sarray_ptr ptr, boolean writing)
-/* Do backing store read or write of a virtual sample array */
-{
-  long bytesperrow, file_offset, byte_count, rows, thisrow, i;
-
-  bytesperrow = (long)ptr->samplesperrow * sizeof(JSAMPLE);
-  file_offset = ptr->cur_start_row * bytesperrow;
-  /* Loop to read or write each allocation chunk in mem_buffer */
-  for (i = 0; i < (long)ptr->rows_in_mem; i += ptr->rowsperchunk) {
-    /* One chunk, but check for short chunk at end of buffer */
-    rows = MIN((long)ptr->rowsperchunk, (long)ptr->rows_in_mem - i);
-    /* Transfer no more than is currently defined */
-    thisrow = (long)ptr->cur_start_row + i;
-    rows = MIN(rows, (long)ptr->first_undef_row - thisrow);
-    /* Transfer no more than fits in file */
-    rows = MIN(rows, (long)ptr->rows_in_array - thisrow);
-    if (rows <= 0)              /* this chunk might be past end of file! */
-      break;
-    byte_count = rows * bytesperrow;
-    if (writing)
-      (*ptr->b_s_info.write_backing_store) (cinfo, &ptr->b_s_info,
-                                            (void *)ptr->mem_buffer[i],
-                                            file_offset, byte_count);
-    else
-      (*ptr->b_s_info.read_backing_store) (cinfo, &ptr->b_s_info,
-                                           (void *)ptr->mem_buffer[i],
-                                           file_offset, byte_count);
-    file_offset += byte_count;
-  }
-}
-
-
-LOCAL(void)
-do_barray_io(j_common_ptr cinfo, jvirt_barray_ptr ptr, boolean writing)
-/* Do backing store read or write of a virtual coefficient-block array */
-{
-  long bytesperrow, file_offset, byte_count, rows, thisrow, i;
-
-  bytesperrow = (long)ptr->blocksperrow * sizeof(JBLOCK);
-  file_offset = ptr->cur_start_row * bytesperrow;
-  /* Loop to read or write each allocation chunk in mem_buffer */
-  for (i = 0; i < (long)ptr->rows_in_mem; i += ptr->rowsperchunk) {
-    /* One chunk, but check for short chunk at end of buffer */
-    rows = MIN((long)ptr->rowsperchunk, (long)ptr->rows_in_mem - i);
-    /* Transfer no more than is currently defined */
-    thisrow = (long)ptr->cur_start_row + i;
-    rows = MIN(rows, (long)ptr->first_undef_row - thisrow);
-    /* Transfer no more than fits in file */
-    rows = MIN(rows, (long)ptr->rows_in_array - thisrow);
-    if (rows <= 0)              /* this chunk might be past end of file! */
-      break;
-    byte_count = rows * bytesperrow;
-    if (writing)
-      (*ptr->b_s_info.write_backing_store) (cinfo, &ptr->b_s_info,
-                                            (void *)ptr->mem_buffer[i],
-                                            file_offset, byte_count);
-    else
-      (*ptr->b_s_info.read_backing_store) (cinfo, &ptr->b_s_info,
-                                           (void *)ptr->mem_buffer[i],
-                                           file_offset, byte_count);
-    file_offset += byte_count;
-  }
-}
-
-
-METHODDEF(JSAMPARRAY)
-access_virt_sarray(j_common_ptr cinfo, jvirt_sarray_ptr ptr,
-                   JDIMENSION start_row, JDIMENSION num_rows, boolean writable)
-/* Access the part of a virtual sample array starting at start_row */
-/* and extending for num_rows rows.  writable is true if  */
-/* caller intends to modify the accessed area. */
-{
-  JDIMENSION end_row = start_row + num_rows;
-  JDIMENSION undef_row;
-
-  /* debugging check */
-  if (end_row > ptr->rows_in_array || num_rows > ptr->maxaccess ||
-      ptr->mem_buffer == NULL)
-    ERREXIT(cinfo, JERR_BAD_VIRTUAL_ACCESS);
-
-  /* Make the desired part of the virtual array accessible */
-  if (start_row < ptr->cur_start_row ||
-      end_row > ptr->cur_start_row + ptr->rows_in_mem) {
-    if (!ptr->b_s_open)
-      ERREXIT(cinfo, JERR_VIRTUAL_BUG);
-    /* Flush old buffer contents if necessary */
-    if (ptr->dirty) {
-      do_sarray_io(cinfo, ptr, TRUE);
-      ptr->dirty = FALSE;
-    }
-    /* Decide what part of virtual array to access.
-     * Algorithm: if target address > current window, assume forward scan,
-     * load starting at target address.  If target address < current window,
-     * assume backward scan, load so that target area is top of window.
-     * Note that when switching from forward write to forward read, will have
-     * start_row = 0, so the limiting case applies and we load from 0 anyway.
-     */
-    if (start_row > ptr->cur_start_row) {
-      ptr->cur_start_row = start_row;
-    } else {
-      /* use long arithmetic here to avoid overflow & unsigned problems */
-      long ltemp;
-
-      ltemp = (long)end_row - (long)ptr->rows_in_mem;
-      if (ltemp < 0)
-        ltemp = 0;              /* don't fall off front end of file */
-      ptr->cur_start_row = (JDIMENSION)ltemp;
-    }
-    /* Read in the selected part of the array.
-     * During the initial write pass, we will do no actual read
-     * because the selected part is all undefined.
-     */
-    do_sarray_io(cinfo, ptr, FALSE);
-  }
-  /* Ensure the accessed part of the array is defined; prezero if needed.
-   * To improve locality of access, we only prezero the part of the array
-   * that the caller is about to access, not the entire in-memory array.
-   */
-  if (ptr->first_undef_row < end_row) {
-    if (ptr->first_undef_row < start_row) {
-      if (writable)             /* writer skipped over a section of array */
-        ERREXIT(cinfo, JERR_BAD_VIRTUAL_ACCESS);
-      undef_row = start_row;    /* but reader is allowed to read ahead */
-    } else {
-      undef_row = ptr->first_undef_row;
-    }
-    if (writable)
-      ptr->first_undef_row = end_row;
-    if (ptr->pre_zero) {
-      size_t bytesperrow = (size_t)ptr->samplesperrow * sizeof(JSAMPLE);
-      undef_row -= ptr->cur_start_row; /* make indexes relative to buffer */
-      end_row -= ptr->cur_start_row;
-      while (undef_row < end_row) {
-        jzero_far((void *)ptr->mem_buffer[undef_row], bytesperrow);
-        undef_row++;
-      }
-    } else {
-      if (!writable)            /* reader looking at undefined data */
-        ERREXIT(cinfo, JERR_BAD_VIRTUAL_ACCESS);
-    }
-  }
-  /* Flag the buffer dirty if caller will write in it */
-  if (writable)
-    ptr->dirty = TRUE;
-  /* Return address of proper part of the buffer */
-  return ptr->mem_buffer + (start_row - ptr->cur_start_row);
-}
-
-
-METHODDEF(JBLOCKARRAY)
-access_virt_barray(j_common_ptr cinfo, jvirt_barray_ptr ptr,
-                   JDIMENSION start_row, JDIMENSION num_rows, boolean writable)
-/* Access the part of a virtual block array starting at start_row */
-/* and extending for num_rows rows.  writable is true if  */
-/* caller intends to modify the accessed area. */
-{
-  JDIMENSION end_row = start_row + num_rows;
-  JDIMENSION undef_row;
-
-  /* debugging check */
-  if (end_row > ptr->rows_in_array || num_rows > ptr->maxaccess ||
-      ptr->mem_buffer == NULL)
-    ERREXIT(cinfo, JERR_BAD_VIRTUAL_ACCESS);
-
-  /* Make the desired part of the virtual array accessible */
-  if (start_row < ptr->cur_start_row ||
-      end_row > ptr->cur_start_row + ptr->rows_in_mem) {
-    if (!ptr->b_s_open)
-      ERREXIT(cinfo, JERR_VIRTUAL_BUG);
-    /* Flush old buffer contents if necessary */
-    if (ptr->dirty) {
-      do_barray_io(cinfo, ptr, TRUE);
-      ptr->dirty = FALSE;
-    }
-    /* Decide what part of virtual array to access.
-     * Algorithm: if target address > current window, assume forward scan,
-     * load starting at target address.  If target address < current window,
-     * assume backward scan, load so that target area is top of window.
-     * Note that when switching from forward write to forward read, will have
-     * start_row = 0, so the limiting case applies and we load from 0 anyway.
-     */
-    if (start_row > ptr->cur_start_row) {
-      ptr->cur_start_row = start_row;
-    } else {
-      /* use long arithmetic here to avoid overflow & unsigned problems */
-      long ltemp;
-
-      ltemp = (long)end_row - (long)ptr->rows_in_mem;
-      if (ltemp < 0)
-        ltemp = 0;              /* don't fall off front end of file */
-      ptr->cur_start_row = (JDIMENSION)ltemp;
-    }
-    /* Read in the selected part of the array.
-     * During the initial write pass, we will do no actual read
-     * because the selected part is all undefined.
-     */
-    do_barray_io(cinfo, ptr, FALSE);
-  }
-  /* Ensure the accessed part of the array is defined; prezero if needed.
-   * To improve locality of access, we only prezero the part of the array
-   * that the caller is about to access, not the entire in-memory array.
-   */
-  if (ptr->first_undef_row < end_row) {
-    if (ptr->first_undef_row < start_row) {
-      if (writable)             /* writer skipped over a section of array */
-        ERREXIT(cinfo, JERR_BAD_VIRTUAL_ACCESS);
-      undef_row = start_row;    /* but reader is allowed to read ahead */
-    } else {
-      undef_row = ptr->first_undef_row;
-    }
-    if (writable)
-      ptr->first_undef_row = end_row;
-    if (ptr->pre_zero) {
-      size_t bytesperrow = (size_t)ptr->blocksperrow * sizeof(JBLOCK);
-      undef_row -= ptr->cur_start_row; /* make indexes relative to buffer */
-      end_row -= ptr->cur_start_row;
-      while (undef_row < end_row) {
-        jzero_far((void *)ptr->mem_buffer[undef_row], bytesperrow);
-        undef_row++;
-      }
-    } else {
-      if (!writable)            /* reader looking at undefined data */
-        ERREXIT(cinfo, JERR_BAD_VIRTUAL_ACCESS);
-    }
-  }
-  /* Flag the buffer dirty if caller will write in it */
-  if (writable)
-    ptr->dirty = TRUE;
-  /* Return address of proper part of the buffer */
-  return ptr->mem_buffer + (start_row - ptr->cur_start_row);
-}
-
-
-/*
- * Release all objects belonging to a specified pool.
- */
-
-METHODDEF(void)
-free_pool(j_common_ptr cinfo, int pool_id)
-{
-  my_mem_ptr mem = (my_mem_ptr)cinfo->mem;
-  small_pool_ptr shdr_ptr;
-  large_pool_ptr lhdr_ptr;
-  size_t space_freed;
-
-  if (pool_id < 0 || pool_id >= JPOOL_NUMPOOLS)
-    ERREXIT1(cinfo, JERR_BAD_POOL_ID, pool_id); /* safety check */
-
-#ifdef MEM_STATS
-  if (cinfo->err->trace_level > 1)
-    print_mem_stats(cinfo, pool_id); /* print pool's memory usage statistics */
-#endif
-
-  /* If freeing IMAGE pool, close any virtual arrays first */
-  if (pool_id == JPOOL_IMAGE) {
-    jvirt_sarray_ptr sptr;
-    jvirt_barray_ptr bptr;
-
-    for (sptr = mem->virt_sarray_list; sptr != NULL; sptr = sptr->next) {
-      if (sptr->b_s_open) {     /* there may be no backing store */
-        sptr->b_s_open = FALSE; /* prevent recursive close if error */
-        (*sptr->b_s_info.close_backing_store) (cinfo, &sptr->b_s_info);
-      }
-    }
-    mem->virt_sarray_list = NULL;
-    for (bptr = mem->virt_barray_list; bptr != NULL; bptr = bptr->next) {
-      if (bptr->b_s_open) {     /* there may be no backing store */
-        bptr->b_s_open = FALSE; /* prevent recursive close if error */
-        (*bptr->b_s_info.close_backing_store) (cinfo, &bptr->b_s_info);
-      }
-    }
-    mem->virt_barray_list = NULL;
-  }
-
-  /* Release large objects */
-  lhdr_ptr = mem->large_list[pool_id];
-  mem->large_list[pool_id] = NULL;
-
-  while (lhdr_ptr != NULL) {
-    large_pool_ptr next_lhdr_ptr = lhdr_ptr->next;
-    space_freed = lhdr_ptr->bytes_used +
-                  lhdr_ptr->bytes_left +
-                  sizeof(large_pool_hdr);
-    jpeg_free_large(cinfo, (void *)lhdr_ptr, space_freed);
-    mem->total_space_allocated -= space_freed;
-    lhdr_ptr = next_lhdr_ptr;
-  }
-
-  /* Release small objects */
-  shdr_ptr = mem->small_list[pool_id];
-  mem->small_list[pool_id] = NULL;
-
-  while (shdr_ptr != NULL) {
-    small_pool_ptr next_shdr_ptr = shdr_ptr->next;
-    space_freed = shdr_ptr->bytes_used + shdr_ptr->bytes_left +
-                  sizeof(small_pool_hdr);
-    jpeg_free_small(cinfo, (void *)shdr_ptr, space_freed);
-    mem->total_space_allocated -= space_freed;
-    shdr_ptr = next_shdr_ptr;
-  }
-}
-
-
-/*
- * Close up shop entirely.
- * Note that this cannot be called unless cinfo->mem is non-NULL.
- */
-
-METHODDEF(void)
-self_destruct(j_common_ptr cinfo)
-{
-  int pool;
-
-  /* Close all backing store, release all memory.
-   * Releasing pools in reverse order might help avoid fragmentation
-   * with some (brain-damaged) malloc libraries.
-   */
-  for (pool = JPOOL_NUMPOOLS - 1; pool >= JPOOL_PERMANENT; pool--) {
-    free_pool(cinfo, pool);
-  }
-
-  /* Release the memory manager control block too. */
-  jpeg_free_small(cinfo, (void *)cinfo->mem, sizeof(my_memory_mgr));
-  cinfo->mem = NULL;            /* ensures I will be called only once */
-
-  jpeg_mem_term(cinfo);         /* system-dependent cleanup */
-}
-
-
-/*
- * Memory manager initialization.
- * When this is called, only the error manager pointer is valid in cinfo!
- */
-
-GLOBAL(void)
-jinit_memory_mgr(j_common_ptr cinfo)
-{
-  my_mem_ptr mem;
-  long max_to_use;
-  int pool;
-  size_t test_mac;
-
-  cinfo->mem = NULL;            /* for safety if init fails */
-
-  /* Check for configuration errors.
-   * sizeof(ALIGN_TYPE) should be a power of 2; otherwise, it probably
-   * doesn't reflect any real hardware alignment requirement.
-   * The test is a little tricky: for X>0, X and X-1 have no one-bits
-   * in common if and only if X is a power of 2, ie has only one one-bit.
-   * Some compilers may give an "unreachable code" warning here; ignore it.
-   */
-  if ((ALIGN_SIZE & (ALIGN_SIZE - 1)) != 0)
-    ERREXIT(cinfo, JERR_BAD_ALIGN_TYPE);
-  /* MAX_ALLOC_CHUNK must be representable as type size_t, and must be
-   * a multiple of ALIGN_SIZE.
-   * Again, an "unreachable code" warning may be ignored here.
-   * But a "constant too large" warning means you need to fix MAX_ALLOC_CHUNK.
-   */
-  test_mac = (size_t)MAX_ALLOC_CHUNK;
-  if ((long)test_mac != MAX_ALLOC_CHUNK ||
-      (MAX_ALLOC_CHUNK % ALIGN_SIZE) != 0)
-    ERREXIT(cinfo, JERR_BAD_ALLOC_CHUNK);
-
-  max_to_use = jpeg_mem_init(cinfo); /* system-dependent initialization */
-
-  /* Attempt to allocate memory manager's control block */
-  mem = (my_mem_ptr)jpeg_get_small(cinfo, sizeof(my_memory_mgr));
-
-  if (mem == NULL) {
-    jpeg_mem_term(cinfo);       /* system-dependent cleanup */
-    ERREXIT1(cinfo, JERR_OUT_OF_MEMORY, 0);
-  }
-
-  /* OK, fill in the method pointers */
-  mem->pub.alloc_small = alloc_small;
-  mem->pub.alloc_large = alloc_large;
-  mem->pub.alloc_sarray = alloc_sarray;
-  mem->pub.alloc_barray = alloc_barray;
-  mem->pub.request_virt_sarray = request_virt_sarray;
-  mem->pub.request_virt_barray = request_virt_barray;
-  mem->pub.realize_virt_arrays = realize_virt_arrays;
-  mem->pub.access_virt_sarray = access_virt_sarray;
-  mem->pub.access_virt_barray = access_virt_barray;
-  mem->pub.free_pool = free_pool;
-  mem->pub.self_destruct = self_destruct;
-
-  /* Make MAX_ALLOC_CHUNK accessible to other modules */
-  mem->pub.max_alloc_chunk = MAX_ALLOC_CHUNK;
-
-  /* Initialize working state */
-  mem->pub.max_memory_to_use = max_to_use;
-
-  for (pool = JPOOL_NUMPOOLS - 1; pool >= JPOOL_PERMANENT; pool--) {
-    mem->small_list[pool] = NULL;
-    mem->large_list[pool] = NULL;
-  }
-  mem->virt_sarray_list = NULL;
-  mem->virt_barray_list = NULL;
-
-  mem->total_space_allocated = sizeof(my_memory_mgr);
-
-  /* Declare ourselves open for business */
-  cinfo->mem = &mem->pub;
-
-  /* Check for an environment variable JPEGMEM; if found, override the
-   * default max_memory setting from jpeg_mem_init.  Note that the
-   * surrounding application may again override this value.
-   * If your system doesn't support getenv(), define NO_GETENV to disable
-   * this feature.
-   */
-#ifndef NO_GETENV
-  {
-    char *memenv;
-
-    if ((memenv = getenv("JPEGMEM")) != NULL) {
-      char ch = 'x';
-
-      if (sscanf(memenv, "%ld%c", &max_to_use, &ch) > 0) {
-        if (ch == 'm' || ch == 'M')
-          max_to_use *= 1000L;
-        mem->pub.max_memory_to_use = max_to_use * 1000L;
-      }
-    }
-  }
-#endif
-
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jmemnobs.c b/3rdparty/libjpeg-turbo_2_1_0/jmemnobs.c
deleted file mode 100644
index 089be8f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jmemnobs.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/*
- * jmemnobs.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1992-1996, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2017-2018, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file provides a really simple implementation of the system-
- * dependent portion of the JPEG memory manager.  This implementation
- * assumes that no backing-store files are needed: all required space
- * can be obtained from malloc().
- * This is very portable in the sense that it'll compile on almost anything,
- * but you'd better have lots of main memory (or virtual memory) if you want
- * to process big images.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jmemsys.h"            /* import the system-dependent declarations */
-
-#ifndef HAVE_STDLIB_H           /* <stdlib.h> should declare malloc(),free() */
-extern void *malloc(size_t size);
-extern void free(void *ptr);
-#endif
-
-
-/*
- * Memory allocation and freeing are controlled by the regular library
- * routines malloc() and free().
- */
-
-GLOBAL(void *)
-jpeg_get_small(j_common_ptr cinfo, size_t sizeofobject)
-{
-  return (void *)malloc(sizeofobject);
-}
-
-GLOBAL(void)
-jpeg_free_small(j_common_ptr cinfo, void *object, size_t sizeofobject)
-{
-  free(object);
-}
-
-
-/*
- * "Large" objects are treated the same as "small" ones.
- */
-
-GLOBAL(void *)
-jpeg_get_large(j_common_ptr cinfo, size_t sizeofobject)
-{
-  return (void *)malloc(sizeofobject);
-}
-
-GLOBAL(void)
-jpeg_free_large(j_common_ptr cinfo, void *object, size_t sizeofobject)
-{
-  free(object);
-}
-
-
-/*
- * This routine computes the total memory space available for allocation.
- */
-
-GLOBAL(size_t)
-jpeg_mem_available(j_common_ptr cinfo, size_t min_bytes_needed,
-                   size_t max_bytes_needed, size_t already_allocated)
-{
-  if (cinfo->mem->max_memory_to_use) {
-    if ((size_t)cinfo->mem->max_memory_to_use > already_allocated)
-      return cinfo->mem->max_memory_to_use - already_allocated;
-    else
-      return 0;
-  } else {
-    /* Here we always say, "we got all you want bud!" */
-    return max_bytes_needed;
-  }
-}
-
-
-/*
- * Backing store (temporary file) management.
- * Since jpeg_mem_available always promised the moon,
- * this should never be called and we can just error out.
- */
-
-GLOBAL(void)
-jpeg_open_backing_store(j_common_ptr cinfo, backing_store_ptr info,
-                        long total_bytes_needed)
-{
-  ERREXIT(cinfo, JERR_NO_BACKING_STORE);
-}
-
-
-/*
- * These routines take care of any system-dependent initialization and
- * cleanup required.  Here, there isn't any.
- */
-
-GLOBAL(long)
-jpeg_mem_init(j_common_ptr cinfo)
-{
-  return 0;                     /* just set max_memory_to_use to 0 */
-}
-
-GLOBAL(void)
-jpeg_mem_term(j_common_ptr cinfo)
-{
-  /* no work */
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jmemsys.h b/3rdparty/libjpeg-turbo_2_1_0/jmemsys.h
deleted file mode 100644
index 9229550..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jmemsys.h
+++ /dev/null
@@ -1,178 +0,0 @@
-/*
- * jmemsys.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1992-1997, Thomas G. Lane.
- * It was modified by The libjpeg-turbo Project to include only code and
- * information relevant to libjpeg-turbo.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This include file defines the interface between the system-independent
- * and system-dependent portions of the JPEG memory manager.  No other
- * modules need include it.  (The system-independent portion is jmemmgr.c;
- * there are several different versions of the system-dependent portion.)
- *
- * This file works as-is for the system-dependent memory managers supplied
- * in the IJG distribution.  You may need to modify it if you write a
- * custom memory manager.  If system-dependent changes are needed in
- * this file, the best method is to #ifdef them based on a configuration
- * symbol supplied in jconfig.h.
- */
-
-
-/*
- * These two functions are used to allocate and release small chunks of
- * memory.  (Typically the total amount requested through jpeg_get_small is
- * no more than 20K or so; this will be requested in chunks of a few K each.)
- * Behavior should be the same as for the standard library functions malloc
- * and free; in particular, jpeg_get_small must return NULL on failure.
- * On most systems, these ARE malloc and free.  jpeg_free_small is passed the
- * size of the object being freed, just in case it's needed.
- */
-
-EXTERN(void *) jpeg_get_small(j_common_ptr cinfo, size_t sizeofobject);
-EXTERN(void) jpeg_free_small(j_common_ptr cinfo, void *object,
-                             size_t sizeofobject);
-
-/*
- * These two functions are used to allocate and release large chunks of
- * memory (up to the total free space designated by jpeg_mem_available).
- * These are identical to the jpeg_get/free_small routines; but we keep them
- * separate anyway, in case a different allocation strategy is desirable for
- * large chunks.
- */
-
-EXTERN(void *) jpeg_get_large(j_common_ptr cinfo, size_t sizeofobject);
-EXTERN(void) jpeg_free_large(j_common_ptr cinfo, void *object,
-                             size_t sizeofobject);
-
-/*
- * The macro MAX_ALLOC_CHUNK designates the maximum number of bytes that may
- * be requested in a single call to jpeg_get_large (and jpeg_get_small for that
- * matter, but that case should never come into play).  This macro was needed
- * to model the 64Kb-segment-size limit of far addressing on 80x86 machines.
- * On machines with flat address spaces, any large constant may be used.
- *
- * NB: jmemmgr.c expects that MAX_ALLOC_CHUNK will be representable as type
- * size_t and will be a multiple of sizeof(align_type).
- */
-
-#ifndef MAX_ALLOC_CHUNK         /* may be overridden in jconfig.h */
-#define MAX_ALLOC_CHUNK  1000000000L
-#endif
-
-/*
- * This routine computes the total space still available for allocation by
- * jpeg_get_large.  If more space than this is needed, backing store will be
- * used.  NOTE: any memory already allocated must not be counted.
- *
- * There is a minimum space requirement, corresponding to the minimum
- * feasible buffer sizes; jmemmgr.c will request that much space even if
- * jpeg_mem_available returns zero.  The maximum space needed, enough to hold
- * all working storage in memory, is also passed in case it is useful.
- * Finally, the total space already allocated is passed.  If no better
- * method is available, cinfo->mem->max_memory_to_use - already_allocated
- * is often a suitable calculation.
- *
- * It is OK for jpeg_mem_available to underestimate the space available
- * (that'll just lead to more backing-store access than is really necessary).
- * However, an overestimate will lead to failure.  Hence it's wise to subtract
- * a slop factor from the true available space.  5% should be enough.
- *
- * On machines with lots of virtual memory, any large constant may be returned.
- * Conversely, zero may be returned to always use the minimum amount of memory.
- */
-
-EXTERN(size_t) jpeg_mem_available(j_common_ptr cinfo, size_t min_bytes_needed,
-                                  size_t max_bytes_needed,
-                                  size_t already_allocated);
-
-
-/*
- * This structure holds whatever state is needed to access a single
- * backing-store object.  The read/write/close method pointers are called
- * by jmemmgr.c to manipulate the backing-store object; all other fields
- * are private to the system-dependent backing store routines.
- */
-
-#define TEMP_NAME_LENGTH   64   /* max length of a temporary file's name */
-
-
-#ifdef USE_MSDOS_MEMMGR         /* DOS-specific junk */
-
-typedef unsigned short XMSH;    /* type of extended-memory handles */
-typedef unsigned short EMSH;    /* type of expanded-memory handles */
-
-typedef union {
-  short file_handle;            /* DOS file handle if it's a temp file */
-  XMSH xms_handle;              /* handle if it's a chunk of XMS */
-  EMSH ems_handle;              /* handle if it's a chunk of EMS */
-} handle_union;
-
-#endif /* USE_MSDOS_MEMMGR */
-
-#ifdef USE_MAC_MEMMGR           /* Mac-specific junk */
-#include <Files.h>
-#endif /* USE_MAC_MEMMGR */
-
-
-typedef struct backing_store_struct *backing_store_ptr;
-
-typedef struct backing_store_struct {
-  /* Methods for reading/writing/closing this backing-store object */
-  void (*read_backing_store) (j_common_ptr cinfo, backing_store_ptr info,
-                              void *buffer_address, long file_offset,
-                              long byte_count);
-  void (*write_backing_store) (j_common_ptr cinfo, backing_store_ptr info,
-                               void *buffer_address, long file_offset,
-                               long byte_count);
-  void (*close_backing_store) (j_common_ptr cinfo, backing_store_ptr info);
-
-  /* Private fields for system-dependent backing-store management */
-#ifdef USE_MSDOS_MEMMGR
-  /* For the MS-DOS manager (jmemdos.c), we need: */
-  handle_union handle;          /* reference to backing-store storage object */
-  char temp_name[TEMP_NAME_LENGTH]; /* name if it's a file */
-#else
-#ifdef USE_MAC_MEMMGR
-  /* For the Mac manager (jmemmac.c), we need: */
-  short temp_file;              /* file reference number to temp file */
-  FSSpec tempSpec;              /* the FSSpec for the temp file */
-  char temp_name[TEMP_NAME_LENGTH]; /* name if it's a file */
-#else
-  /* For a typical implementation with temp files, we need: */
-  FILE *temp_file;              /* stdio reference to temp file */
-  char temp_name[TEMP_NAME_LENGTH]; /* name of temp file */
-#endif
-#endif
-} backing_store_info;
-
-
-/*
- * Initial opening of a backing-store object.  This must fill in the
- * read/write/close pointers in the object.  The read/write routines
- * may take an error exit if the specified maximum file size is exceeded.
- * (If jpeg_mem_available always returns a large value, this routine can
- * just take an error exit.)
- */
-
-EXTERN(void) jpeg_open_backing_store(j_common_ptr cinfo,
-                                     backing_store_ptr info,
-                                     long total_bytes_needed);
-
-
-/*
- * These routines take care of any system-dependent initialization and
- * cleanup required.  jpeg_mem_init will be called before anything is
- * allocated (and, therefore, nothing in cinfo is of use except the error
- * manager pointer).  It should return a suitable default value for
- * max_memory_to_use; this may subsequently be overridden by the surrounding
- * application.  (Note that max_memory_to_use is only important if
- * jpeg_mem_available chooses to consult it ... no one else will.)
- * jpeg_mem_term may assume that all requested memory has been freed and that
- * all opened backing-store objects have been closed.
- */
-
-EXTERN(long) jpeg_mem_init(j_common_ptr cinfo);
-EXTERN(void) jpeg_mem_term(j_common_ptr cinfo);
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jmorecfg.h b/3rdparty/libjpeg-turbo_2_1_0/jmorecfg.h
deleted file mode 100644
index fb3a9cf..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jmorecfg.h
+++ /dev/null
@@ -1,386 +0,0 @@
-/*
- * jmorecfg.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1997, Thomas G. Lane.
- * Modified 1997-2009 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2009, 2011, 2014-2015, 2018, 2020, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains additional configuration options that customize the
- * JPEG software for special applications or support machine-dependent
- * optimizations.  Most users will not need to touch this file.
- */
-
-
-/*
- * Maximum number of components (color channels) allowed in JPEG image.
- * To meet the letter of Rec. ITU-T T.81 | ISO/IEC 10918-1, set this to 255.
- * However, darn few applications need more than 4 channels (maybe 5 for CMYK +
- * alpha mask).  We recommend 10 as a reasonable compromise; use 4 if you are
- * really short on memory.  (Each allowed component costs a hundred or so
- * bytes of storage, whether actually used in an image or not.)
- */
-
-#define MAX_COMPONENTS  10      /* maximum number of image components */
-
-
-/*
- * Basic data types.
- * You may need to change these if you have a machine with unusual data
- * type sizes; for example, "char" not 8 bits, "short" not 16 bits,
- * or "long" not 32 bits.  We don't care whether "int" is 16 or 32 bits,
- * but it had better be at least 16.
- */
-
-/* Representation of a single sample (pixel element value).
- * We frequently allocate large arrays of these, so it's important to keep
- * them small.  But if you have memory to burn and access to char or short
- * arrays is very slow on your hardware, you might want to change these.
- */
-
-#if BITS_IN_JSAMPLE == 8
-/* JSAMPLE should be the smallest type that will hold the values 0..255.
- */
-
-typedef unsigned char JSAMPLE;
-#define GETJSAMPLE(value)  ((int)(value))
-
-#define MAXJSAMPLE      255
-#define CENTERJSAMPLE   128
-
-#endif /* BITS_IN_JSAMPLE == 8 */
-
-
-#if BITS_IN_JSAMPLE == 12
-/* JSAMPLE should be the smallest type that will hold the values 0..4095.
- * On nearly all machines "short" will do nicely.
- */
-
-typedef short JSAMPLE;
-#define GETJSAMPLE(value)  ((int)(value))
-
-#define MAXJSAMPLE      4095
-#define CENTERJSAMPLE   2048
-
-#endif /* BITS_IN_JSAMPLE == 12 */
-
-
-/* Representation of a DCT frequency coefficient.
- * This should be a signed value of at least 16 bits; "short" is usually OK.
- * Again, we allocate large arrays of these, but you can change to int
- * if you have memory to burn and "short" is really slow.
- */
-
-typedef short JCOEF;
-
-
-/* Compressed datastreams are represented as arrays of JOCTET.
- * These must be EXACTLY 8 bits wide, at least once they are written to
- * external storage.  Note that when using the stdio data source/destination
- * managers, this is also the data type passed to fread/fwrite.
- */
-
-typedef unsigned char JOCTET;
-#define GETJOCTET(value)  (value)
-
-
-/* These typedefs are used for various table entries and so forth.
- * They must be at least as wide as specified; but making them too big
- * won't cost a huge amount of memory, so we don't provide special
- * extraction code like we did for JSAMPLE.  (In other words, these
- * typedefs live at a different point on the speed/space tradeoff curve.)
- */
-
-/* UINT8 must hold at least the values 0..255. */
-
-typedef unsigned char UINT8;
-
-/* UINT16 must hold at least the values 0..65535. */
-
-#ifdef HAVE_UNSIGNED_SHORT
-typedef unsigned short UINT16;
-#else /* not HAVE_UNSIGNED_SHORT */
-typedef unsigned int UINT16;
-#endif /* HAVE_UNSIGNED_SHORT */
-
-/* INT16 must hold at least the values -32768..32767. */
-
-#ifndef XMD_H                   /* X11/xmd.h correctly defines INT16 */
-typedef short INT16;
-#endif
-
-/* INT32 must hold at least signed 32-bit values.
- *
- * NOTE: The INT32 typedef dates back to libjpeg v5 (1994.)  Integers were
- * sometimes 16-bit back then (MS-DOS), which is why INT32 is typedef'd to
- * long.  It also wasn't common (or at least as common) in 1994 for INT32 to be
- * defined by platform headers.  Since then, however, INT32 is defined in
- * several other common places:
- *
- * Xmd.h (X11 header) typedefs INT32 to int on 64-bit platforms and long on
- * 32-bit platforms (i.e always a 32-bit signed type.)
- *
- * basetsd.h (Win32 header) typedefs INT32 to int (always a 32-bit signed type
- * on modern platforms.)
- *
- * qglobal.h (Qt header) typedefs INT32 to int (always a 32-bit signed type on
- * modern platforms.)
- *
- * This is a recipe for conflict, since "long" and "int" aren't always
- * compatible types.  Since the definition of INT32 has technically been part
- * of the libjpeg API for more than 20 years, we can't remove it, but we do not
- * use it internally any longer.  We instead define a separate type (JLONG)
- * for internal use, which ensures that internal behavior will always be the
- * same regardless of any external headers that may be included.
- */
-
-#ifndef XMD_H                   /* X11/xmd.h correctly defines INT32 */
-#ifndef _BASETSD_H_             /* Microsoft defines it in basetsd.h */
-#ifndef _BASETSD_H              /* MinGW is slightly different */
-#ifndef QGLOBAL_H               /* Qt defines it in qglobal.h */
-typedef long INT32;
-#endif
-#endif
-#endif
-#endif
-
-/* Datatype used for image dimensions.  The JPEG standard only supports
- * images up to 64K*64K due to 16-bit fields in SOF markers.  Therefore
- * "unsigned int" is sufficient on all machines.  However, if you need to
- * handle larger images and you don't mind deviating from the spec, you
- * can change this datatype.  (Note that changing this datatype will
- * potentially require modifying the SIMD code.  The x86-64 SIMD extensions,
- * in particular, assume a 32-bit JDIMENSION.)
- */
-
-typedef unsigned int JDIMENSION;
-
-#define JPEG_MAX_DIMENSION  65500L  /* a tad under 64K to prevent overflows */
-
-
-/* These macros are used in all function definitions and extern declarations.
- * You could modify them if you need to change function linkage conventions;
- * in particular, you'll need to do that to make the library a Windows DLL.
- * Another application is to make all functions global for use with debuggers
- * or code profilers that require it.
- */
-
-/* a function called through method pointers: */
-#define METHODDEF(type)         static type
-/* a function used only in its module: */
-#define LOCAL(type)             static type
-/* a function referenced thru EXTERNs: */
-#define GLOBAL(type)            type
-/* a reference to a GLOBAL function: */
-#define EXTERN(type)            extern type
-
-
-/* Originally, this macro was used as a way of defining function prototypes
- * for both modern compilers as well as older compilers that did not support
- * prototype parameters.  libjpeg-turbo has never supported these older,
- * non-ANSI compilers, but the macro is still included because there is some
- * software out there that uses it.
- */
-
-#define JMETHOD(type, methodname, arglist)  type (*methodname) arglist
-
-
-/* libjpeg-turbo no longer supports platforms that have far symbols (MS-DOS),
- * but again, some software relies on this macro.
- */
-
-#undef FAR
-#define FAR
-
-
-/*
- * On a few systems, type boolean and/or its values FALSE, TRUE may appear
- * in standard header files.  Or you may have conflicts with application-
- * specific header files that you want to include together with these files.
- * Defining HAVE_BOOLEAN before including jpeglib.h should make it work.
- */
-
-#ifndef HAVE_BOOLEAN
-typedef int boolean;
-#endif
-#ifndef FALSE                   /* in case these macros already exist */
-#define FALSE   0               /* values of boolean */
-#endif
-#ifndef TRUE
-#define TRUE    1
-#endif
-
-
-/*
- * The remaining options affect code selection within the JPEG library,
- * but they don't need to be visible to most applications using the library.
- * To minimize application namespace pollution, the symbols won't be
- * defined unless JPEG_INTERNALS or JPEG_INTERNAL_OPTIONS has been defined.
- */
-
-#ifdef JPEG_INTERNALS
-#define JPEG_INTERNAL_OPTIONS
-#endif
-
-#ifdef JPEG_INTERNAL_OPTIONS
-
-
-/*
- * These defines indicate whether to include various optional functions.
- * Undefining some of these symbols will produce a smaller but less capable
- * library.  Note that you can leave certain source files out of the
- * compilation/linking process if you've #undef'd the corresponding symbols.
- * (You may HAVE to do that if your compiler doesn't like null source files.)
- */
-
-/* Capability options common to encoder and decoder: */
-
-#define DCT_ISLOW_SUPPORTED     /* accurate integer method */
-#define DCT_IFAST_SUPPORTED     /* less accurate int method [legacy feature] */
-#define DCT_FLOAT_SUPPORTED     /* floating-point method [legacy feature] */
-
-/* Encoder capability options: */
-
-#define C_MULTISCAN_FILES_SUPPORTED /* Multiple-scan JPEG files? */
-#define C_PROGRESSIVE_SUPPORTED     /* Progressive JPEG? (Requires MULTISCAN)*/
-#define ENTROPY_OPT_SUPPORTED       /* Optimization of entropy coding parms? */
-/* Note: if you selected 12-bit data precision, it is dangerous to turn off
- * ENTROPY_OPT_SUPPORTED.  The standard Huffman tables are only good for 8-bit
- * precision, so jchuff.c normally uses entropy optimization to compute
- * usable tables for higher precision.  If you don't want to do optimization,
- * you'll have to supply different default Huffman tables.
- * The exact same statements apply for progressive JPEG: the default tables
- * don't work for progressive mode.  (This may get fixed, however.)
- */
-#define INPUT_SMOOTHING_SUPPORTED   /* Input image smoothing option? */
-
-/* Decoder capability options: */
-
-#define D_MULTISCAN_FILES_SUPPORTED /* Multiple-scan JPEG files? */
-#define D_PROGRESSIVE_SUPPORTED     /* Progressive JPEG? (Requires MULTISCAN)*/
-#define SAVE_MARKERS_SUPPORTED      /* jpeg_save_markers() needed? */
-#define BLOCK_SMOOTHING_SUPPORTED   /* Block smoothing? (Progressive only) */
-#define IDCT_SCALING_SUPPORTED      /* Output rescaling via IDCT? */
-#undef  UPSAMPLE_SCALING_SUPPORTED  /* Output rescaling at upsample stage? */
-#define UPSAMPLE_MERGING_SUPPORTED  /* Fast path for sloppy upsampling? */
-#define QUANT_1PASS_SUPPORTED       /* 1-pass color quantization? */
-#define QUANT_2PASS_SUPPORTED       /* 2-pass color quantization? */
-
-/* more capability options later, no doubt */
-
-
-/*
- * The RGB_RED, RGB_GREEN, RGB_BLUE, and RGB_PIXELSIZE macros are a vestigial
- * feature of libjpeg.  The idea was that, if an application developer needed
- * to compress from/decompress to a BGR/BGRX/RGBX/XBGR/XRGB buffer, they could
- * change these macros, rebuild libjpeg, and link their application statically
- * with it.  In reality, few people ever did this, because there were some
- * severe restrictions involved (cjpeg and djpeg no longer worked properly,
- * compressing/decompressing RGB JPEGs no longer worked properly, and the color
- * quantizer wouldn't work with pixel sizes other than 3.)  Furthermore, since
- * all of the O/S-supplied versions of libjpeg were built with the default
- * values of RGB_RED, RGB_GREEN, RGB_BLUE, and RGB_PIXELSIZE, many applications
- * have come to regard these values as immutable.
- *
- * The libjpeg-turbo colorspace extensions provide a much cleaner way of
- * compressing from/decompressing to buffers with arbitrary component orders
- * and pixel sizes.  Thus, we do not support changing the values of RGB_RED,
- * RGB_GREEN, RGB_BLUE, or RGB_PIXELSIZE.  In addition to the restrictions
- * listed above, changing these values will also break the SIMD extensions and
- * the regression tests.
- */
-
-#define RGB_RED         0       /* Offset of Red in an RGB scanline element */
-#define RGB_GREEN       1       /* Offset of Green */
-#define RGB_BLUE        2       /* Offset of Blue */
-#define RGB_PIXELSIZE   3       /* JSAMPLEs per RGB scanline element */
-
-#define JPEG_NUMCS  17
-
-#define EXT_RGB_RED         0
-#define EXT_RGB_GREEN       1
-#define EXT_RGB_BLUE        2
-#define EXT_RGB_PIXELSIZE   3
-
-#define EXT_RGBX_RED        0
-#define EXT_RGBX_GREEN      1
-#define EXT_RGBX_BLUE       2
-#define EXT_RGBX_PIXELSIZE  4
-
-#define EXT_BGR_RED         2
-#define EXT_BGR_GREEN       1
-#define EXT_BGR_BLUE        0
-#define EXT_BGR_PIXELSIZE   3
-
-#define EXT_BGRX_RED        2
-#define EXT_BGRX_GREEN      1
-#define EXT_BGRX_BLUE       0
-#define EXT_BGRX_PIXELSIZE  4
-
-#define EXT_XBGR_RED        3
-#define EXT_XBGR_GREEN      2
-#define EXT_XBGR_BLUE       1
-#define EXT_XBGR_PIXELSIZE  4
-
-#define EXT_XRGB_RED        1
-#define EXT_XRGB_GREEN      2
-#define EXT_XRGB_BLUE       3
-#define EXT_XRGB_PIXELSIZE  4
-
-static const int rgb_red[JPEG_NUMCS] = {
-  -1, -1, RGB_RED, -1, -1, -1, EXT_RGB_RED, EXT_RGBX_RED,
-  EXT_BGR_RED, EXT_BGRX_RED, EXT_XBGR_RED, EXT_XRGB_RED,
-  EXT_RGBX_RED, EXT_BGRX_RED, EXT_XBGR_RED, EXT_XRGB_RED,
-  -1
-};
-
-static const int rgb_green[JPEG_NUMCS] = {
-  -1, -1, RGB_GREEN, -1, -1, -1, EXT_RGB_GREEN, EXT_RGBX_GREEN,
-  EXT_BGR_GREEN, EXT_BGRX_GREEN, EXT_XBGR_GREEN, EXT_XRGB_GREEN,
-  EXT_RGBX_GREEN, EXT_BGRX_GREEN, EXT_XBGR_GREEN, EXT_XRGB_GREEN,
-  -1
-};
-
-static const int rgb_blue[JPEG_NUMCS] = {
-  -1, -1, RGB_BLUE, -1, -1, -1, EXT_RGB_BLUE, EXT_RGBX_BLUE,
-  EXT_BGR_BLUE, EXT_BGRX_BLUE, EXT_XBGR_BLUE, EXT_XRGB_BLUE,
-  EXT_RGBX_BLUE, EXT_BGRX_BLUE, EXT_XBGR_BLUE, EXT_XRGB_BLUE,
-  -1
-};
-
-static const int rgb_pixelsize[JPEG_NUMCS] = {
-  -1, -1, RGB_PIXELSIZE, -1, -1, -1, EXT_RGB_PIXELSIZE, EXT_RGBX_PIXELSIZE,
-  EXT_BGR_PIXELSIZE, EXT_BGRX_PIXELSIZE, EXT_XBGR_PIXELSIZE, EXT_XRGB_PIXELSIZE,
-  EXT_RGBX_PIXELSIZE, EXT_BGRX_PIXELSIZE, EXT_XBGR_PIXELSIZE, EXT_XRGB_PIXELSIZE,
-  -1
-};
-
-/* Definitions for speed-related optimizations. */
-
-/* On some machines (notably 68000 series) "int" is 32 bits, but multiplying
- * two 16-bit shorts is faster than multiplying two ints.  Define MULTIPLIER
- * as short on such a machine.  MULTIPLIER must be at least 16 bits wide.
- */
-
-#ifndef MULTIPLIER
-#ifndef WITH_SIMD
-#define MULTIPLIER  int         /* type for fastest integer multiply */
-#else
-#define MULTIPLIER  short       /* prefer 16-bit with SIMD for parellelism */
-#endif
-#endif
-
-
-/* FAST_FLOAT should be either float or double, whichever is done faster
- * by your compiler.  (Note that this type is only used in the floating point
- * DCT routines, so it only matters if you've defined DCT_FLOAT_SUPPORTED.)
- */
-
-#ifndef FAST_FLOAT
-#define FAST_FLOAT  float
-#endif
-
-#endif /* JPEG_INTERNAL_OPTIONS */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jpeg_nbits_table.h b/3rdparty/libjpeg-turbo_2_1_0/jpeg_nbits_table.h
deleted file mode 100644
index fcf7387..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jpeg_nbits_table.h
+++ /dev/null
@@ -1,4098 +0,0 @@
-static const unsigned char jpeg_nbits_table[65536] = {
-   0,  1,  2,  2,  3,  3,  3,  3,  4,  4,  4,  4,  4,  4,  4,  4,
-   5,  5,  5,  5,  5,  5,  5,  5,  5,  5,  5,  5,  5,  5,  5,  5,
-   6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
-   6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
-   7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,
-   7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,
-   7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,
-   7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,  7,
-   8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,
-   8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,
-   8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,
-   8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,
-   8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,
-   8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,
-   8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,
-   8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,  8,
-   9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,
-   9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,
-   9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,
-   9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,
-   9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,
-   9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,
-   9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,
-   9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,
-   9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,
-   9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,
-   9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,
-   9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,
-   9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,
-   9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,
-   9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,
-   9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,  9,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-  16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16
-};
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jpegcomp.h b/3rdparty/libjpeg-turbo_2_1_0/jpegcomp.h
deleted file mode 100644
index c4834ac..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jpegcomp.h
+++ /dev/null
@@ -1,32 +0,0 @@
-/*
- * jpegcomp.h
- *
- * Copyright (C) 2010, 2020, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * JPEG compatibility macros
- * These declarations are considered internal to the JPEG library; most
- * applications using the library shouldn't need to include this file.
- */
-
-#if JPEG_LIB_VERSION >= 70
-#define _DCT_scaled_size  DCT_h_scaled_size
-#define _DCT_h_scaled_size  DCT_h_scaled_size
-#define _DCT_v_scaled_size  DCT_v_scaled_size
-#define _min_DCT_scaled_size  min_DCT_h_scaled_size
-#define _min_DCT_h_scaled_size  min_DCT_h_scaled_size
-#define _min_DCT_v_scaled_size  min_DCT_v_scaled_size
-#define _jpeg_width  jpeg_width
-#define _jpeg_height  jpeg_height
-#define JERR_ARITH_NOTIMPL  JERR_NOT_COMPILED
-#else
-#define _DCT_scaled_size  DCT_scaled_size
-#define _DCT_h_scaled_size  DCT_scaled_size
-#define _DCT_v_scaled_size  DCT_scaled_size
-#define _min_DCT_scaled_size  min_DCT_scaled_size
-#define _min_DCT_h_scaled_size  min_DCT_scaled_size
-#define _min_DCT_v_scaled_size  min_DCT_scaled_size
-#define _jpeg_width  image_width
-#define _jpeg_height  image_height
-#endif
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jpegint.h b/3rdparty/libjpeg-turbo_2_1_0/jpegint.h
deleted file mode 100644
index 195fbcb..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jpegint.h
+++ /dev/null
@@ -1,371 +0,0 @@
-/*
- * jpegint.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1997, Thomas G. Lane.
- * Modified 1997-2009 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2015-2016, 2019, D. R. Commander.
- * Copyright (C) 2015, Google, Inc.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file provides common declarations for the various JPEG modules.
- * These declarations are considered internal to the JPEG library; most
- * applications using the library shouldn't need to include this file.
- */
-
-
-/* Declarations for both compression & decompression */
-
-typedef enum {            /* Operating modes for buffer controllers */
-  JBUF_PASS_THRU,         /* Plain stripwise operation */
-  /* Remaining modes require a full-image buffer to have been created */
-  JBUF_SAVE_SOURCE,       /* Run source subobject only, save output */
-  JBUF_CRANK_DEST,        /* Run dest subobject only, using saved data */
-  JBUF_SAVE_AND_PASS      /* Run both subobjects, save output */
-} J_BUF_MODE;
-
-/* Values of global_state field (jdapi.c has some dependencies on ordering!) */
-#define CSTATE_START     100    /* after create_compress */
-#define CSTATE_SCANNING  101    /* start_compress done, write_scanlines OK */
-#define CSTATE_RAW_OK    102    /* start_compress done, write_raw_data OK */
-#define CSTATE_WRCOEFS   103    /* jpeg_write_coefficients done */
-#define DSTATE_START     200    /* after create_decompress */
-#define DSTATE_INHEADER  201    /* reading header markers, no SOS yet */
-#define DSTATE_READY     202    /* found SOS, ready for start_decompress */
-#define DSTATE_PRELOAD   203    /* reading multiscan file in start_decompress*/
-#define DSTATE_PRESCAN   204    /* performing dummy pass for 2-pass quant */
-#define DSTATE_SCANNING  205    /* start_decompress done, read_scanlines OK */
-#define DSTATE_RAW_OK    206    /* start_decompress done, read_raw_data OK */
-#define DSTATE_BUFIMAGE  207    /* expecting jpeg_start_output */
-#define DSTATE_BUFPOST   208    /* looking for SOS/EOI in jpeg_finish_output */
-#define DSTATE_RDCOEFS   209    /* reading file in jpeg_read_coefficients */
-#define DSTATE_STOPPING  210    /* looking for EOI in jpeg_finish_decompress */
-
-
-/* JLONG must hold at least signed 32-bit values. */
-typedef long JLONG;
-
-
-/*
- * Left shift macro that handles a negative operand without causing any
- * sanitizer warnings
- */
-
-#define LEFT_SHIFT(a, b)  ((JLONG)((unsigned long)(a) << (b)))
-
-
-/* Declarations for compression modules */
-
-/* Master control module */
-struct jpeg_comp_master {
-  void (*prepare_for_pass) (j_compress_ptr cinfo);
-  void (*pass_startup) (j_compress_ptr cinfo);
-  void (*finish_pass) (j_compress_ptr cinfo);
-
-  /* State variables made visible to other modules */
-  boolean call_pass_startup;    /* True if pass_startup must be called */
-  boolean is_last_pass;         /* True during last pass */
-};
-
-/* Main buffer control (downsampled-data buffer) */
-struct jpeg_c_main_controller {
-  void (*start_pass) (j_compress_ptr cinfo, J_BUF_MODE pass_mode);
-  void (*process_data) (j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                        JDIMENSION *in_row_ctr, JDIMENSION in_rows_avail);
-};
-
-/* Compression preprocessing (downsampling input buffer control) */
-struct jpeg_c_prep_controller {
-  void (*start_pass) (j_compress_ptr cinfo, J_BUF_MODE pass_mode);
-  void (*pre_process_data) (j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                            JDIMENSION *in_row_ctr, JDIMENSION in_rows_avail,
-                            JSAMPIMAGE output_buf,
-                            JDIMENSION *out_row_group_ctr,
-                            JDIMENSION out_row_groups_avail);
-};
-
-/* Coefficient buffer control */
-struct jpeg_c_coef_controller {
-  void (*start_pass) (j_compress_ptr cinfo, J_BUF_MODE pass_mode);
-  boolean (*compress_data) (j_compress_ptr cinfo, JSAMPIMAGE input_buf);
-};
-
-/* Colorspace conversion */
-struct jpeg_color_converter {
-  void (*start_pass) (j_compress_ptr cinfo);
-  void (*color_convert) (j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                         JSAMPIMAGE output_buf, JDIMENSION output_row,
-                         int num_rows);
-};
-
-/* Downsampling */
-struct jpeg_downsampler {
-  void (*start_pass) (j_compress_ptr cinfo);
-  void (*downsample) (j_compress_ptr cinfo, JSAMPIMAGE input_buf,
-                      JDIMENSION in_row_index, JSAMPIMAGE output_buf,
-                      JDIMENSION out_row_group_index);
-
-  boolean need_context_rows;    /* TRUE if need rows above & below */
-};
-
-/* Forward DCT (also controls coefficient quantization) */
-struct jpeg_forward_dct {
-  void (*start_pass) (j_compress_ptr cinfo);
-  /* perhaps this should be an array??? */
-  void (*forward_DCT) (j_compress_ptr cinfo, jpeg_component_info *compptr,
-                       JSAMPARRAY sample_data, JBLOCKROW coef_blocks,
-                       JDIMENSION start_row, JDIMENSION start_col,
-                       JDIMENSION num_blocks);
-};
-
-/* Entropy encoding */
-struct jpeg_entropy_encoder {
-  void (*start_pass) (j_compress_ptr cinfo, boolean gather_statistics);
-  boolean (*encode_mcu) (j_compress_ptr cinfo, JBLOCKROW *MCU_data);
-  void (*finish_pass) (j_compress_ptr cinfo);
-};
-
-/* Marker writing */
-struct jpeg_marker_writer {
-  void (*write_file_header) (j_compress_ptr cinfo);
-  void (*write_frame_header) (j_compress_ptr cinfo);
-  void (*write_scan_header) (j_compress_ptr cinfo);
-  void (*write_file_trailer) (j_compress_ptr cinfo);
-  void (*write_tables_only) (j_compress_ptr cinfo);
-  /* These routines are exported to allow insertion of extra markers */
-  /* Probably only COM and APPn markers should be written this way */
-  void (*write_marker_header) (j_compress_ptr cinfo, int marker,
-                               unsigned int datalen);
-  void (*write_marker_byte) (j_compress_ptr cinfo, int val);
-};
-
-
-/* Declarations for decompression modules */
-
-/* Master control module */
-struct jpeg_decomp_master {
-  void (*prepare_for_output_pass) (j_decompress_ptr cinfo);
-  void (*finish_output_pass) (j_decompress_ptr cinfo);
-
-  /* State variables made visible to other modules */
-  boolean is_dummy_pass;        /* True during 1st pass for 2-pass quant */
-
-  /* Partial decompression variables */
-  JDIMENSION first_iMCU_col;
-  JDIMENSION last_iMCU_col;
-  JDIMENSION first_MCU_col[MAX_COMPONENTS];
-  JDIMENSION last_MCU_col[MAX_COMPONENTS];
-  boolean jinit_upsampler_no_alloc;
-
-  /* Last iMCU row that was successfully decoded */
-  JDIMENSION last_good_iMCU_row;
-};
-
-/* Input control module */
-struct jpeg_input_controller {
-  int (*consume_input) (j_decompress_ptr cinfo);
-  void (*reset_input_controller) (j_decompress_ptr cinfo);
-  void (*start_input_pass) (j_decompress_ptr cinfo);
-  void (*finish_input_pass) (j_decompress_ptr cinfo);
-
-  /* State variables made visible to other modules */
-  boolean has_multiple_scans;   /* True if file has multiple scans */
-  boolean eoi_reached;          /* True when EOI has been consumed */
-};
-
-/* Main buffer control (downsampled-data buffer) */
-struct jpeg_d_main_controller {
-  void (*start_pass) (j_decompress_ptr cinfo, J_BUF_MODE pass_mode);
-  void (*process_data) (j_decompress_ptr cinfo, JSAMPARRAY output_buf,
-                        JDIMENSION *out_row_ctr, JDIMENSION out_rows_avail);
-};
-
-/* Coefficient buffer control */
-struct jpeg_d_coef_controller {
-  void (*start_input_pass) (j_decompress_ptr cinfo);
-  int (*consume_data) (j_decompress_ptr cinfo);
-  void (*start_output_pass) (j_decompress_ptr cinfo);
-  int (*decompress_data) (j_decompress_ptr cinfo, JSAMPIMAGE output_buf);
-  /* Pointer to array of coefficient virtual arrays, or NULL if none */
-  jvirt_barray_ptr *coef_arrays;
-};
-
-/* Decompression postprocessing (color quantization buffer control) */
-struct jpeg_d_post_controller {
-  void (*start_pass) (j_decompress_ptr cinfo, J_BUF_MODE pass_mode);
-  void (*post_process_data) (j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                             JDIMENSION *in_row_group_ctr,
-                             JDIMENSION in_row_groups_avail,
-                             JSAMPARRAY output_buf, JDIMENSION *out_row_ctr,
-                             JDIMENSION out_rows_avail);
-};
-
-/* Marker reading & parsing */
-struct jpeg_marker_reader {
-  void (*reset_marker_reader) (j_decompress_ptr cinfo);
-  /* Read markers until SOS or EOI.
-   * Returns same codes as are defined for jpeg_consume_input:
-   * JPEG_SUSPENDED, JPEG_REACHED_SOS, or JPEG_REACHED_EOI.
-   */
-  int (*read_markers) (j_decompress_ptr cinfo);
-  /* Read a restart marker --- exported for use by entropy decoder only */
-  jpeg_marker_parser_method read_restart_marker;
-
-  /* State of marker reader --- nominally internal, but applications
-   * supplying COM or APPn handlers might like to know the state.
-   */
-  boolean saw_SOI;              /* found SOI? */
-  boolean saw_SOF;              /* found SOF? */
-  int next_restart_num;         /* next restart number expected (0-7) */
-  unsigned int discarded_bytes; /* # of bytes skipped looking for a marker */
-};
-
-/* Entropy decoding */
-struct jpeg_entropy_decoder {
-  void (*start_pass) (j_decompress_ptr cinfo);
-  boolean (*decode_mcu) (j_decompress_ptr cinfo, JBLOCKROW *MCU_data);
-
-  /* This is here to share code between baseline and progressive decoders; */
-  /* other modules probably should not use it */
-  boolean insufficient_data;    /* set TRUE after emitting warning */
-};
-
-/* Inverse DCT (also performs dequantization) */
-typedef void (*inverse_DCT_method_ptr) (j_decompress_ptr cinfo,
-                                        jpeg_component_info *compptr,
-                                        JCOEFPTR coef_block,
-                                        JSAMPARRAY output_buf,
-                                        JDIMENSION output_col);
-
-struct jpeg_inverse_dct {
-  void (*start_pass) (j_decompress_ptr cinfo);
-  /* It is useful to allow each component to have a separate IDCT method. */
-  inverse_DCT_method_ptr inverse_DCT[MAX_COMPONENTS];
-};
-
-/* Upsampling (note that upsampler must also call color converter) */
-struct jpeg_upsampler {
-  void (*start_pass) (j_decompress_ptr cinfo);
-  void (*upsample) (j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                    JDIMENSION *in_row_group_ctr,
-                    JDIMENSION in_row_groups_avail, JSAMPARRAY output_buf,
-                    JDIMENSION *out_row_ctr, JDIMENSION out_rows_avail);
-
-  boolean need_context_rows;    /* TRUE if need rows above & below */
-};
-
-/* Colorspace conversion */
-struct jpeg_color_deconverter {
-  void (*start_pass) (j_decompress_ptr cinfo);
-  void (*color_convert) (j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                         JDIMENSION input_row, JSAMPARRAY output_buf,
-                         int num_rows);
-};
-
-/* Color quantization or color precision reduction */
-struct jpeg_color_quantizer {
-  void (*start_pass) (j_decompress_ptr cinfo, boolean is_pre_scan);
-  void (*color_quantize) (j_decompress_ptr cinfo, JSAMPARRAY input_buf,
-                          JSAMPARRAY output_buf, int num_rows);
-  void (*finish_pass) (j_decompress_ptr cinfo);
-  void (*new_color_map) (j_decompress_ptr cinfo);
-};
-
-
-/* Miscellaneous useful macros */
-
-#undef MAX
-#define MAX(a, b)       ((a) > (b) ? (a) : (b))
-#undef MIN
-#define MIN(a, b)       ((a) < (b) ? (a) : (b))
-
-
-/* We assume that right shift corresponds to signed division by 2 with
- * rounding towards minus infinity.  This is correct for typical "arithmetic
- * shift" instructions that shift in copies of the sign bit.  But some
- * C compilers implement >> with an unsigned shift.  For these machines you
- * must define RIGHT_SHIFT_IS_UNSIGNED.
- * RIGHT_SHIFT provides a proper signed right shift of a JLONG quantity.
- * It is only applied with constant shift counts.  SHIFT_TEMPS must be
- * included in the variables of any routine using RIGHT_SHIFT.
- */
-
-#ifdef RIGHT_SHIFT_IS_UNSIGNED
-#define SHIFT_TEMPS     JLONG shift_temp;
-#define RIGHT_SHIFT(x, shft) \
-  ((shift_temp = (x)) < 0 ? \
-   (shift_temp >> (shft)) | ((~((JLONG)0)) << (32 - (shft))) : \
-   (shift_temp >> (shft)))
-#else
-#define SHIFT_TEMPS
-#define RIGHT_SHIFT(x, shft)    ((x) >> (shft))
-#endif
-
-
-/* Compression module initialization routines */
-EXTERN(void) jinit_compress_master(j_compress_ptr cinfo);
-EXTERN(void) jinit_c_master_control(j_compress_ptr cinfo,
-                                    boolean transcode_only);
-EXTERN(void) jinit_c_main_controller(j_compress_ptr cinfo,
-                                     boolean need_full_buffer);
-EXTERN(void) jinit_c_prep_controller(j_compress_ptr cinfo,
-                                     boolean need_full_buffer);
-EXTERN(void) jinit_c_coef_controller(j_compress_ptr cinfo,
-                                     boolean need_full_buffer);
-EXTERN(void) jinit_color_converter(j_compress_ptr cinfo);
-EXTERN(void) jinit_downsampler(j_compress_ptr cinfo);
-EXTERN(void) jinit_forward_dct(j_compress_ptr cinfo);
-EXTERN(void) jinit_huff_encoder(j_compress_ptr cinfo);
-EXTERN(void) jinit_phuff_encoder(j_compress_ptr cinfo);
-EXTERN(void) jinit_arith_encoder(j_compress_ptr cinfo);
-EXTERN(void) jinit_marker_writer(j_compress_ptr cinfo);
-/* Decompression module initialization routines */
-EXTERN(void) jinit_master_decompress(j_decompress_ptr cinfo);
-EXTERN(void) jinit_d_main_controller(j_decompress_ptr cinfo,
-                                     boolean need_full_buffer);
-EXTERN(void) jinit_d_coef_controller(j_decompress_ptr cinfo,
-                                     boolean need_full_buffer);
-EXTERN(void) jinit_d_post_controller(j_decompress_ptr cinfo,
-                                     boolean need_full_buffer);
-EXTERN(void) jinit_input_controller(j_decompress_ptr cinfo);
-EXTERN(void) jinit_marker_reader(j_decompress_ptr cinfo);
-EXTERN(void) jinit_huff_decoder(j_decompress_ptr cinfo);
-EXTERN(void) jinit_phuff_decoder(j_decompress_ptr cinfo);
-EXTERN(void) jinit_arith_decoder(j_decompress_ptr cinfo);
-EXTERN(void) jinit_inverse_dct(j_decompress_ptr cinfo);
-EXTERN(void) jinit_upsampler(j_decompress_ptr cinfo);
-EXTERN(void) jinit_color_deconverter(j_decompress_ptr cinfo);
-EXTERN(void) jinit_1pass_quantizer(j_decompress_ptr cinfo);
-EXTERN(void) jinit_2pass_quantizer(j_decompress_ptr cinfo);
-EXTERN(void) jinit_merged_upsampler(j_decompress_ptr cinfo);
-/* Memory manager initialization */
-EXTERN(void) jinit_memory_mgr(j_common_ptr cinfo);
-
-/* Utility routines in jutils.c */
-EXTERN(long) jdiv_round_up(long a, long b);
-EXTERN(long) jround_up(long a, long b);
-EXTERN(void) jcopy_sample_rows(JSAMPARRAY input_array, int source_row,
-                               JSAMPARRAY output_array, int dest_row,
-                               int num_rows, JDIMENSION num_cols);
-EXTERN(void) jcopy_block_row(JBLOCKROW input_row, JBLOCKROW output_row,
-                             JDIMENSION num_blocks);
-EXTERN(void) jzero_far(void *target, size_t bytestozero);
-/* Constant tables in jutils.c */
-#if 0                           /* This table is not actually needed in v6a */
-extern const int jpeg_zigzag_order[]; /* natural coef order to zigzag order */
-#endif
-extern const int jpeg_natural_order[]; /* zigzag coef order to natural order */
-
-/* Arithmetic coding probability estimation tables in jaricom.c */
-extern const JLONG jpeg_aritab[];
-
-/* Suppress undefined-structure complaints if necessary. */
-
-#ifdef INCOMPLETE_TYPES_BROKEN
-#ifndef AM_MEMORY_MANAGER       /* only jmemmgr.c defines these */
-struct jvirt_sarray_control { long dummy; };
-struct jvirt_barray_control { long dummy; };
-#endif
-#endif /* INCOMPLETE_TYPES_BROKEN */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jpeglib.h b/3rdparty/libjpeg-turbo_2_1_0/jpeglib.h
deleted file mode 100644
index d7664f0..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jpeglib.h
+++ /dev/null
@@ -1,1132 +0,0 @@
-/*
- * jpeglib.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1998, Thomas G. Lane.
- * Modified 2002-2009 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2009-2011, 2013-2014, 2016-2017, 2020, D. R. Commander.
- * Copyright (C) 2015, Google, Inc.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file defines the application interface for the JPEG library.
- * Most applications using the library need only include this file,
- * and perhaps jerror.h if they want to know the exact error codes.
- */
-
-#ifndef JPEGLIB_H
-#define JPEGLIB_H
-
-/*
- * First we include the configuration files that record how this
- * installation of the JPEG library is set up.  jconfig.h can be
- * generated automatically for many systems.  jmorecfg.h contains
- * manual configuration options that most people need not worry about.
- */
-
-#ifndef JCONFIG_INCLUDED        /* in case jinclude.h already did */
-#include "jconfig.h"            /* widely used configuration options */
-#endif
-#include "jmorecfg.h"           /* seldom changed options */
-
-
-#ifdef __cplusplus
-#ifndef DONT_USE_EXTERN_C
-extern "C" {
-#endif
-#endif
-
-
-/* Various constants determining the sizes of things.
- * All of these are specified by the JPEG standard, so don't change them
- * if you want to be compatible.
- */
-
-#define DCTSIZE             8   /* The basic DCT block is 8x8 samples */
-#define DCTSIZE2            64  /* DCTSIZE squared; # of elements in a block */
-#define NUM_QUANT_TBLS      4   /* Quantization tables are numbered 0..3 */
-#define NUM_HUFF_TBLS       4   /* Huffman tables are numbered 0..3 */
-#define NUM_ARITH_TBLS      16  /* Arith-coding tables are numbered 0..15 */
-#define MAX_COMPS_IN_SCAN   4   /* JPEG limit on # of components in one scan */
-#define MAX_SAMP_FACTOR     4   /* JPEG limit on sampling factors */
-/* Unfortunately, some bozo at Adobe saw no reason to be bound by the standard;
- * the PostScript DCT filter can emit files with many more than 10 blocks/MCU.
- * If you happen to run across such a file, you can up D_MAX_BLOCKS_IN_MCU
- * to handle it.  We even let you do this from the jconfig.h file.  However,
- * we strongly discourage changing C_MAX_BLOCKS_IN_MCU; just because Adobe
- * sometimes emits noncompliant files doesn't mean you should too.
- */
-#define C_MAX_BLOCKS_IN_MCU   10 /* compressor's limit on blocks per MCU */
-#ifndef D_MAX_BLOCKS_IN_MCU
-#define D_MAX_BLOCKS_IN_MCU   10 /* decompressor's limit on blocks per MCU */
-#endif
-
-
-/* Data structures for images (arrays of samples and of DCT coefficients).
- */
-
-typedef JSAMPLE *JSAMPROW;      /* ptr to one image row of pixel samples. */
-typedef JSAMPROW *JSAMPARRAY;   /* ptr to some rows (a 2-D sample array) */
-typedef JSAMPARRAY *JSAMPIMAGE; /* a 3-D sample array: top index is color */
-
-typedef JCOEF JBLOCK[DCTSIZE2]; /* one block of coefficients */
-typedef JBLOCK *JBLOCKROW;      /* pointer to one row of coefficient blocks */
-typedef JBLOCKROW *JBLOCKARRAY;         /* a 2-D array of coefficient blocks */
-typedef JBLOCKARRAY *JBLOCKIMAGE;       /* a 3-D array of coefficient blocks */
-
-typedef JCOEF *JCOEFPTR;        /* useful in a couple of places */
-
-
-/* Types for JPEG compression parameters and working tables. */
-
-
-/* DCT coefficient quantization tables. */
-
-typedef struct {
-  /* This array gives the coefficient quantizers in natural array order
-   * (not the zigzag order in which they are stored in a JPEG DQT marker).
-   * CAUTION: IJG versions prior to v6a kept this array in zigzag order.
-   */
-  UINT16 quantval[DCTSIZE2];    /* quantization step for each coefficient */
-  /* This field is used only during compression.  It's initialized FALSE when
-   * the table is created, and set TRUE when it's been output to the file.
-   * You could suppress output of a table by setting this to TRUE.
-   * (See jpeg_suppress_tables for an example.)
-   */
-  boolean sent_table;           /* TRUE when table has been output */
-} JQUANT_TBL;
-
-
-/* Huffman coding tables. */
-
-typedef struct {
-  /* These two fields directly represent the contents of a JPEG DHT marker */
-  UINT8 bits[17];               /* bits[k] = # of symbols with codes of */
-                                /* length k bits; bits[0] is unused */
-  UINT8 huffval[256];           /* The symbols, in order of incr code length */
-  /* This field is used only during compression.  It's initialized FALSE when
-   * the table is created, and set TRUE when it's been output to the file.
-   * You could suppress output of a table by setting this to TRUE.
-   * (See jpeg_suppress_tables for an example.)
-   */
-  boolean sent_table;           /* TRUE when table has been output */
-} JHUFF_TBL;
-
-
-/* Basic info about one component (color channel). */
-
-typedef struct {
-  /* These values are fixed over the whole image. */
-  /* For compression, they must be supplied by parameter setup; */
-  /* for decompression, they are read from the SOF marker. */
-  int component_id;             /* identifier for this component (0..255) */
-  int component_index;          /* its index in SOF or cinfo->comp_info[] */
-  int h_samp_factor;            /* horizontal sampling factor (1..4) */
-  int v_samp_factor;            /* vertical sampling factor (1..4) */
-  int quant_tbl_no;             /* quantization table selector (0..3) */
-  /* These values may vary between scans. */
-  /* For compression, they must be supplied by parameter setup; */
-  /* for decompression, they are read from the SOS marker. */
-  /* The decompressor output side may not use these variables. */
-  int dc_tbl_no;                /* DC entropy table selector (0..3) */
-  int ac_tbl_no;                /* AC entropy table selector (0..3) */
-
-  /* Remaining fields should be treated as private by applications. */
-
-  /* These values are computed during compression or decompression startup: */
-  /* Component's size in DCT blocks.
-   * Any dummy blocks added to complete an MCU are not counted; therefore
-   * these values do not depend on whether a scan is interleaved or not.
-   */
-  JDIMENSION width_in_blocks;
-  JDIMENSION height_in_blocks;
-  /* Size of a DCT block in samples.  Always DCTSIZE for compression.
-   * For decompression this is the size of the output from one DCT block,
-   * reflecting any scaling we choose to apply during the IDCT step.
-   * Values from 1 to 16 are supported.
-   * Note that different components may receive different IDCT scalings.
-   */
-#if JPEG_LIB_VERSION >= 70
-  int DCT_h_scaled_size;
-  int DCT_v_scaled_size;
-#else
-  int DCT_scaled_size;
-#endif
-  /* The downsampled dimensions are the component's actual, unpadded number
-   * of samples at the main buffer (preprocessing/compression interface), thus
-   * downsampled_width = ceil(image_width * Hi/Hmax)
-   * and similarly for height.  For decompression, IDCT scaling is included, so
-   * downsampled_width = ceil(image_width * Hi/Hmax * DCT_[h_]scaled_size/DCTSIZE)
-   */
-  JDIMENSION downsampled_width;  /* actual width in samples */
-  JDIMENSION downsampled_height; /* actual height in samples */
-  /* This flag is used only for decompression.  In cases where some of the
-   * components will be ignored (eg grayscale output from YCbCr image),
-   * we can skip most computations for the unused components.
-   */
-  boolean component_needed;     /* do we need the value of this component? */
-
-  /* These values are computed before starting a scan of the component. */
-  /* The decompressor output side may not use these variables. */
-  int MCU_width;                /* number of blocks per MCU, horizontally */
-  int MCU_height;               /* number of blocks per MCU, vertically */
-  int MCU_blocks;               /* MCU_width * MCU_height */
-  int MCU_sample_width;         /* MCU width in samples, MCU_width*DCT_[h_]scaled_size */
-  int last_col_width;           /* # of non-dummy blocks across in last MCU */
-  int last_row_height;          /* # of non-dummy blocks down in last MCU */
-
-  /* Saved quantization table for component; NULL if none yet saved.
-   * See jdinput.c comments about the need for this information.
-   * This field is currently used only for decompression.
-   */
-  JQUANT_TBL *quant_table;
-
-  /* Private per-component storage for DCT or IDCT subsystem. */
-  void *dct_table;
-} jpeg_component_info;
-
-
-/* The script for encoding a multiple-scan file is an array of these: */
-
-typedef struct {
-  int comps_in_scan;            /* number of components encoded in this scan */
-  int component_index[MAX_COMPS_IN_SCAN]; /* their SOF/comp_info[] indexes */
-  int Ss, Se;                   /* progressive JPEG spectral selection parms */
-  int Ah, Al;                   /* progressive JPEG successive approx. parms */
-} jpeg_scan_info;
-
-/* The decompressor can save APPn and COM markers in a list of these: */
-
-typedef struct jpeg_marker_struct *jpeg_saved_marker_ptr;
-
-struct jpeg_marker_struct {
-  jpeg_saved_marker_ptr next;   /* next in list, or NULL */
-  UINT8 marker;                 /* marker code: JPEG_COM, or JPEG_APP0+n */
-  unsigned int original_length; /* # bytes of data in the file */
-  unsigned int data_length;     /* # bytes of data saved at data[] */
-  JOCTET *data;                 /* the data contained in the marker */
-  /* the marker length word is not counted in data_length or original_length */
-};
-
-/* Known color spaces. */
-
-#define JCS_EXTENSIONS  1
-#define JCS_ALPHA_EXTENSIONS  1
-
-typedef enum {
-  JCS_UNKNOWN,            /* error/unspecified */
-  JCS_GRAYSCALE,          /* monochrome */
-  JCS_RGB,                /* red/green/blue as specified by the RGB_RED,
-                             RGB_GREEN, RGB_BLUE, and RGB_PIXELSIZE macros */
-  JCS_YCbCr,              /* Y/Cb/Cr (also known as YUV) */
-  JCS_CMYK,               /* C/M/Y/K */
-  JCS_YCCK,               /* Y/Cb/Cr/K */
-  JCS_EXT_RGB,            /* red/green/blue */
-  JCS_EXT_RGBX,           /* red/green/blue/x */
-  JCS_EXT_BGR,            /* blue/green/red */
-  JCS_EXT_BGRX,           /* blue/green/red/x */
-  JCS_EXT_XBGR,           /* x/blue/green/red */
-  JCS_EXT_XRGB,           /* x/red/green/blue */
-  /* When out_color_space it set to JCS_EXT_RGBX, JCS_EXT_BGRX, JCS_EXT_XBGR,
-     or JCS_EXT_XRGB during decompression, the X byte is undefined, and in
-     order to ensure the best performance, libjpeg-turbo can set that byte to
-     whatever value it wishes.  Use the following colorspace constants to
-     ensure that the X byte is set to 0xFF, so that it can be interpreted as an
-     opaque alpha channel. */
-  JCS_EXT_RGBA,           /* red/green/blue/alpha */
-  JCS_EXT_BGRA,           /* blue/green/red/alpha */
-  JCS_EXT_ABGR,           /* alpha/blue/green/red */
-  JCS_EXT_ARGB,           /* alpha/red/green/blue */
-  JCS_RGB565              /* 5-bit red/6-bit green/5-bit blue */
-} J_COLOR_SPACE;
-
-/* DCT/IDCT algorithm options. */
-
-typedef enum {
-  JDCT_ISLOW,             /* accurate integer method */
-  JDCT_IFAST,             /* less accurate integer method [legacy feature] */
-  JDCT_FLOAT              /* floating-point method [legacy feature] */
-} J_DCT_METHOD;
-
-#ifndef JDCT_DEFAULT            /* may be overridden in jconfig.h */
-#define JDCT_DEFAULT  JDCT_ISLOW
-#endif
-#ifndef JDCT_FASTEST            /* may be overridden in jconfig.h */
-#define JDCT_FASTEST  JDCT_IFAST
-#endif
-
-/* Dithering options for decompression. */
-
-typedef enum {
-  JDITHER_NONE,           /* no dithering */
-  JDITHER_ORDERED,        /* simple ordered dither */
-  JDITHER_FS              /* Floyd-Steinberg error diffusion dither */
-} J_DITHER_MODE;
-
-
-/* Common fields between JPEG compression and decompression master structs. */
-
-#define jpeg_common_fields \
-  struct jpeg_error_mgr *err;   /* Error handler module */ \
-  struct jpeg_memory_mgr *mem;  /* Memory manager module */ \
-  struct jpeg_progress_mgr *progress; /* Progress monitor, or NULL if none */ \
-  void *client_data;            /* Available for use by application */ \
-  boolean is_decompressor;      /* So common code can tell which is which */ \
-  int global_state              /* For checking call sequence validity */
-
-/* Routines that are to be used by both halves of the library are declared
- * to receive a pointer to this structure.  There are no actual instances of
- * jpeg_common_struct, only of jpeg_compress_struct and jpeg_decompress_struct.
- */
-struct jpeg_common_struct {
-  jpeg_common_fields;           /* Fields common to both master struct types */
-  /* Additional fields follow in an actual jpeg_compress_struct or
-   * jpeg_decompress_struct.  All three structs must agree on these
-   * initial fields!  (This would be a lot cleaner in C++.)
-   */
-};
-
-typedef struct jpeg_common_struct *j_common_ptr;
-typedef struct jpeg_compress_struct *j_compress_ptr;
-typedef struct jpeg_decompress_struct *j_decompress_ptr;
-
-
-/* Master record for a compression instance */
-
-struct jpeg_compress_struct {
-  jpeg_common_fields;           /* Fields shared with jpeg_decompress_struct */
-
-  /* Destination for compressed data */
-  struct jpeg_destination_mgr *dest;
-
-  /* Description of source image --- these fields must be filled in by
-   * outer application before starting compression.  in_color_space must
-   * be correct before you can even call jpeg_set_defaults().
-   */
-
-  JDIMENSION image_width;       /* input image width */
-  JDIMENSION image_height;      /* input image height */
-  int input_components;         /* # of color components in input image */
-  J_COLOR_SPACE in_color_space; /* colorspace of input image */
-
-  double input_gamma;           /* image gamma of input image */
-
-  /* Compression parameters --- these fields must be set before calling
-   * jpeg_start_compress().  We recommend calling jpeg_set_defaults() to
-   * initialize everything to reasonable defaults, then changing anything
-   * the application specifically wants to change.  That way you won't get
-   * burnt when new parameters are added.  Also note that there are several
-   * helper routines to simplify changing parameters.
-   */
-
-#if JPEG_LIB_VERSION >= 70
-  unsigned int scale_num, scale_denom; /* fraction by which to scale image */
-
-  JDIMENSION jpeg_width;        /* scaled JPEG image width */
-  JDIMENSION jpeg_height;       /* scaled JPEG image height */
-  /* Dimensions of actual JPEG image that will be written to file,
-   * derived from input dimensions by scaling factors above.
-   * These fields are computed by jpeg_start_compress().
-   * You can also use jpeg_calc_jpeg_dimensions() to determine these values
-   * in advance of calling jpeg_start_compress().
-   */
-#endif
-
-  int data_precision;           /* bits of precision in image data */
-
-  int num_components;           /* # of color components in JPEG image */
-  J_COLOR_SPACE jpeg_color_space; /* colorspace of JPEG image */
-
-  jpeg_component_info *comp_info;
-  /* comp_info[i] describes component that appears i'th in SOF */
-
-  JQUANT_TBL *quant_tbl_ptrs[NUM_QUANT_TBLS];
-#if JPEG_LIB_VERSION >= 70
-  int q_scale_factor[NUM_QUANT_TBLS];
-#endif
-  /* ptrs to coefficient quantization tables, or NULL if not defined,
-   * and corresponding scale factors (percentage, initialized 100).
-   */
-
-  JHUFF_TBL *dc_huff_tbl_ptrs[NUM_HUFF_TBLS];
-  JHUFF_TBL *ac_huff_tbl_ptrs[NUM_HUFF_TBLS];
-  /* ptrs to Huffman coding tables, or NULL if not defined */
-
-  UINT8 arith_dc_L[NUM_ARITH_TBLS]; /* L values for DC arith-coding tables */
-  UINT8 arith_dc_U[NUM_ARITH_TBLS]; /* U values for DC arith-coding tables */
-  UINT8 arith_ac_K[NUM_ARITH_TBLS]; /* Kx values for AC arith-coding tables */
-
-  int num_scans;                /* # of entries in scan_info array */
-  const jpeg_scan_info *scan_info; /* script for multi-scan file, or NULL */
-  /* The default value of scan_info is NULL, which causes a single-scan
-   * sequential JPEG file to be emitted.  To create a multi-scan file,
-   * set num_scans and scan_info to point to an array of scan definitions.
-   */
-
-  boolean raw_data_in;          /* TRUE=caller supplies downsampled data */
-  boolean arith_code;           /* TRUE=arithmetic coding, FALSE=Huffman */
-  boolean optimize_coding;      /* TRUE=optimize entropy encoding parms */
-  boolean CCIR601_sampling;     /* TRUE=first samples are cosited */
-#if JPEG_LIB_VERSION >= 70
-  boolean do_fancy_downsampling; /* TRUE=apply fancy downsampling */
-#endif
-  int smoothing_factor;         /* 1..100, or 0 for no input smoothing */
-  J_DCT_METHOD dct_method;      /* DCT algorithm selector */
-
-  /* The restart interval can be specified in absolute MCUs by setting
-   * restart_interval, or in MCU rows by setting restart_in_rows
-   * (in which case the correct restart_interval will be figured
-   * for each scan).
-   */
-  unsigned int restart_interval; /* MCUs per restart, or 0 for no restart */
-  int restart_in_rows;          /* if > 0, MCU rows per restart interval */
-
-  /* Parameters controlling emission of special markers. */
-
-  boolean write_JFIF_header;    /* should a JFIF marker be written? */
-  UINT8 JFIF_major_version;     /* What to write for the JFIF version number */
-  UINT8 JFIF_minor_version;
-  /* These three values are not used by the JPEG code, merely copied */
-  /* into the JFIF APP0 marker.  density_unit can be 0 for unknown, */
-  /* 1 for dots/inch, or 2 for dots/cm.  Note that the pixel aspect */
-  /* ratio is defined by X_density/Y_density even when density_unit=0. */
-  UINT8 density_unit;           /* JFIF code for pixel size units */
-  UINT16 X_density;             /* Horizontal pixel density */
-  UINT16 Y_density;             /* Vertical pixel density */
-  boolean write_Adobe_marker;   /* should an Adobe marker be written? */
-
-  /* State variable: index of next scanline to be written to
-   * jpeg_write_scanlines().  Application may use this to control its
-   * processing loop, e.g., "while (next_scanline < image_height)".
-   */
-
-  JDIMENSION next_scanline;     /* 0 .. image_height-1  */
-
-  /* Remaining fields are known throughout compressor, but generally
-   * should not be touched by a surrounding application.
-   */
-
-  /*
-   * These fields are computed during compression startup
-   */
-  boolean progressive_mode;     /* TRUE if scan script uses progressive mode */
-  int max_h_samp_factor;        /* largest h_samp_factor */
-  int max_v_samp_factor;        /* largest v_samp_factor */
-
-#if JPEG_LIB_VERSION >= 70
-  int min_DCT_h_scaled_size;    /* smallest DCT_h_scaled_size of any component */
-  int min_DCT_v_scaled_size;    /* smallest DCT_v_scaled_size of any component */
-#endif
-
-  JDIMENSION total_iMCU_rows;   /* # of iMCU rows to be input to coef ctlr */
-  /* The coefficient controller receives data in units of MCU rows as defined
-   * for fully interleaved scans (whether the JPEG file is interleaved or not).
-   * There are v_samp_factor * DCTSIZE sample rows of each component in an
-   * "iMCU" (interleaved MCU) row.
-   */
-
-  /*
-   * These fields are valid during any one scan.
-   * They describe the components and MCUs actually appearing in the scan.
-   */
-  int comps_in_scan;            /* # of JPEG components in this scan */
-  jpeg_component_info *cur_comp_info[MAX_COMPS_IN_SCAN];
-  /* *cur_comp_info[i] describes component that appears i'th in SOS */
-
-  JDIMENSION MCUs_per_row;      /* # of MCUs across the image */
-  JDIMENSION MCU_rows_in_scan;  /* # of MCU rows in the image */
-
-  int blocks_in_MCU;            /* # of DCT blocks per MCU */
-  int MCU_membership[C_MAX_BLOCKS_IN_MCU];
-  /* MCU_membership[i] is index in cur_comp_info of component owning */
-  /* i'th block in an MCU */
-
-  int Ss, Se, Ah, Al;           /* progressive JPEG parameters for scan */
-
-#if JPEG_LIB_VERSION >= 80
-  int block_size;               /* the basic DCT block size: 1..16 */
-  const int *natural_order;     /* natural-order position array */
-  int lim_Se;                   /* min( Se, DCTSIZE2-1 ) */
-#endif
-
-  /*
-   * Links to compression subobjects (methods and private variables of modules)
-   */
-  struct jpeg_comp_master *master;
-  struct jpeg_c_main_controller *main;
-  struct jpeg_c_prep_controller *prep;
-  struct jpeg_c_coef_controller *coef;
-  struct jpeg_marker_writer *marker;
-  struct jpeg_color_converter *cconvert;
-  struct jpeg_downsampler *downsample;
-  struct jpeg_forward_dct *fdct;
-  struct jpeg_entropy_encoder *entropy;
-  jpeg_scan_info *script_space; /* workspace for jpeg_simple_progression */
-  int script_space_size;
-};
-
-
-/* Master record for a decompression instance */
-
-struct jpeg_decompress_struct {
-  jpeg_common_fields;           /* Fields shared with jpeg_compress_struct */
-
-  /* Source of compressed data */
-  struct jpeg_source_mgr *src;
-
-  /* Basic description of image --- filled in by jpeg_read_header(). */
-  /* Application may inspect these values to decide how to process image. */
-
-  JDIMENSION image_width;       /* nominal image width (from SOF marker) */
-  JDIMENSION image_height;      /* nominal image height */
-  int num_components;           /* # of color components in JPEG image */
-  J_COLOR_SPACE jpeg_color_space; /* colorspace of JPEG image */
-
-  /* Decompression processing parameters --- these fields must be set before
-   * calling jpeg_start_decompress().  Note that jpeg_read_header() initializes
-   * them to default values.
-   */
-
-  J_COLOR_SPACE out_color_space; /* colorspace for output */
-
-  unsigned int scale_num, scale_denom; /* fraction by which to scale image */
-
-  double output_gamma;          /* image gamma wanted in output */
-
-  boolean buffered_image;       /* TRUE=multiple output passes */
-  boolean raw_data_out;         /* TRUE=downsampled data wanted */
-
-  J_DCT_METHOD dct_method;      /* IDCT algorithm selector */
-  boolean do_fancy_upsampling;  /* TRUE=apply fancy upsampling */
-  boolean do_block_smoothing;   /* TRUE=apply interblock smoothing */
-
-  boolean quantize_colors;      /* TRUE=colormapped output wanted */
-  /* the following are ignored if not quantize_colors: */
-  J_DITHER_MODE dither_mode;    /* type of color dithering to use */
-  boolean two_pass_quantize;    /* TRUE=use two-pass color quantization */
-  int desired_number_of_colors; /* max # colors to use in created colormap */
-  /* these are significant only in buffered-image mode: */
-  boolean enable_1pass_quant;   /* enable future use of 1-pass quantizer */
-  boolean enable_external_quant;/* enable future use of external colormap */
-  boolean enable_2pass_quant;   /* enable future use of 2-pass quantizer */
-
-  /* Description of actual output image that will be returned to application.
-   * These fields are computed by jpeg_start_decompress().
-   * You can also use jpeg_calc_output_dimensions() to determine these values
-   * in advance of calling jpeg_start_decompress().
-   */
-
-  JDIMENSION output_width;      /* scaled image width */
-  JDIMENSION output_height;     /* scaled image height */
-  int out_color_components;     /* # of color components in out_color_space */
-  int output_components;        /* # of color components returned */
-  /* output_components is 1 (a colormap index) when quantizing colors;
-   * otherwise it equals out_color_components.
-   */
-  int rec_outbuf_height;        /* min recommended height of scanline buffer */
-  /* If the buffer passed to jpeg_read_scanlines() is less than this many rows
-   * high, space and time will be wasted due to unnecessary data copying.
-   * Usually rec_outbuf_height will be 1 or 2, at most 4.
-   */
-
-  /* When quantizing colors, the output colormap is described by these fields.
-   * The application can supply a colormap by setting colormap non-NULL before
-   * calling jpeg_start_decompress; otherwise a colormap is created during
-   * jpeg_start_decompress or jpeg_start_output.
-   * The map has out_color_components rows and actual_number_of_colors columns.
-   */
-  int actual_number_of_colors;  /* number of entries in use */
-  JSAMPARRAY colormap;          /* The color map as a 2-D pixel array */
-
-  /* State variables: these variables indicate the progress of decompression.
-   * The application may examine these but must not modify them.
-   */
-
-  /* Row index of next scanline to be read from jpeg_read_scanlines().
-   * Application may use this to control its processing loop, e.g.,
-   * "while (output_scanline < output_height)".
-   */
-  JDIMENSION output_scanline;   /* 0 .. output_height-1  */
-
-  /* Current input scan number and number of iMCU rows completed in scan.
-   * These indicate the progress of the decompressor input side.
-   */
-  int input_scan_number;        /* Number of SOS markers seen so far */
-  JDIMENSION input_iMCU_row;    /* Number of iMCU rows completed */
-
-  /* The "output scan number" is the notional scan being displayed by the
-   * output side.  The decompressor will not allow output scan/row number
-   * to get ahead of input scan/row, but it can fall arbitrarily far behind.
-   */
-  int output_scan_number;       /* Nominal scan number being displayed */
-  JDIMENSION output_iMCU_row;   /* Number of iMCU rows read */
-
-  /* Current progression status.  coef_bits[c][i] indicates the precision
-   * with which component c's DCT coefficient i (in zigzag order) is known.
-   * It is -1 when no data has yet been received, otherwise it is the point
-   * transform (shift) value for the most recent scan of the coefficient
-   * (thus, 0 at completion of the progression).
-   * This pointer is NULL when reading a non-progressive file.
-   */
-  int (*coef_bits)[DCTSIZE2];   /* -1 or current Al value for each coef */
-
-  /* Internal JPEG parameters --- the application usually need not look at
-   * these fields.  Note that the decompressor output side may not use
-   * any parameters that can change between scans.
-   */
-
-  /* Quantization and Huffman tables are carried forward across input
-   * datastreams when processing abbreviated JPEG datastreams.
-   */
-
-  JQUANT_TBL *quant_tbl_ptrs[NUM_QUANT_TBLS];
-  /* ptrs to coefficient quantization tables, or NULL if not defined */
-
-  JHUFF_TBL *dc_huff_tbl_ptrs[NUM_HUFF_TBLS];
-  JHUFF_TBL *ac_huff_tbl_ptrs[NUM_HUFF_TBLS];
-  /* ptrs to Huffman coding tables, or NULL if not defined */
-
-  /* These parameters are never carried across datastreams, since they
-   * are given in SOF/SOS markers or defined to be reset by SOI.
-   */
-
-  int data_precision;           /* bits of precision in image data */
-
-  jpeg_component_info *comp_info;
-  /* comp_info[i] describes component that appears i'th in SOF */
-
-#if JPEG_LIB_VERSION >= 80
-  boolean is_baseline;          /* TRUE if Baseline SOF0 encountered */
-#endif
-  boolean progressive_mode;     /* TRUE if SOFn specifies progressive mode */
-  boolean arith_code;           /* TRUE=arithmetic coding, FALSE=Huffman */
-
-  UINT8 arith_dc_L[NUM_ARITH_TBLS]; /* L values for DC arith-coding tables */
-  UINT8 arith_dc_U[NUM_ARITH_TBLS]; /* U values for DC arith-coding tables */
-  UINT8 arith_ac_K[NUM_ARITH_TBLS]; /* Kx values for AC arith-coding tables */
-
-  unsigned int restart_interval; /* MCUs per restart interval, or 0 for no restart */
-
-  /* These fields record data obtained from optional markers recognized by
-   * the JPEG library.
-   */
-  boolean saw_JFIF_marker;      /* TRUE iff a JFIF APP0 marker was found */
-  /* Data copied from JFIF marker; only valid if saw_JFIF_marker is TRUE: */
-  UINT8 JFIF_major_version;     /* JFIF version number */
-  UINT8 JFIF_minor_version;
-  UINT8 density_unit;           /* JFIF code for pixel size units */
-  UINT16 X_density;             /* Horizontal pixel density */
-  UINT16 Y_density;             /* Vertical pixel density */
-  boolean saw_Adobe_marker;     /* TRUE iff an Adobe APP14 marker was found */
-  UINT8 Adobe_transform;        /* Color transform code from Adobe marker */
-
-  boolean CCIR601_sampling;     /* TRUE=first samples are cosited */
-
-  /* Aside from the specific data retained from APPn markers known to the
-   * library, the uninterpreted contents of any or all APPn and COM markers
-   * can be saved in a list for examination by the application.
-   */
-  jpeg_saved_marker_ptr marker_list; /* Head of list of saved markers */
-
-  /* Remaining fields are known throughout decompressor, but generally
-   * should not be touched by a surrounding application.
-   */
-
-  /*
-   * These fields are computed during decompression startup
-   */
-  int max_h_samp_factor;        /* largest h_samp_factor */
-  int max_v_samp_factor;        /* largest v_samp_factor */
-
-#if JPEG_LIB_VERSION >= 70
-  int min_DCT_h_scaled_size;    /* smallest DCT_h_scaled_size of any component */
-  int min_DCT_v_scaled_size;    /* smallest DCT_v_scaled_size of any component */
-#else
-  int min_DCT_scaled_size;      /* smallest DCT_scaled_size of any component */
-#endif
-
-  JDIMENSION total_iMCU_rows;   /* # of iMCU rows in image */
-  /* The coefficient controller's input and output progress is measured in
-   * units of "iMCU" (interleaved MCU) rows.  These are the same as MCU rows
-   * in fully interleaved JPEG scans, but are used whether the scan is
-   * interleaved or not.  We define an iMCU row as v_samp_factor DCT block
-   * rows of each component.  Therefore, the IDCT output contains
-   * v_samp_factor*DCT_[v_]scaled_size sample rows of a component per iMCU row.
-   */
-
-  JSAMPLE *sample_range_limit;  /* table for fast range-limiting */
-
-  /*
-   * These fields are valid during any one scan.
-   * They describe the components and MCUs actually appearing in the scan.
-   * Note that the decompressor output side must not use these fields.
-   */
-  int comps_in_scan;            /* # of JPEG components in this scan */
-  jpeg_component_info *cur_comp_info[MAX_COMPS_IN_SCAN];
-  /* *cur_comp_info[i] describes component that appears i'th in SOS */
-
-  JDIMENSION MCUs_per_row;      /* # of MCUs across the image */
-  JDIMENSION MCU_rows_in_scan;  /* # of MCU rows in the image */
-
-  int blocks_in_MCU;            /* # of DCT blocks per MCU */
-  int MCU_membership[D_MAX_BLOCKS_IN_MCU];
-  /* MCU_membership[i] is index in cur_comp_info of component owning */
-  /* i'th block in an MCU */
-
-  int Ss, Se, Ah, Al;           /* progressive JPEG parameters for scan */
-
-#if JPEG_LIB_VERSION >= 80
-  /* These fields are derived from Se of first SOS marker.
-   */
-  int block_size;               /* the basic DCT block size: 1..16 */
-  const int *natural_order; /* natural-order position array for entropy decode */
-  int lim_Se;                   /* min( Se, DCTSIZE2-1 ) for entropy decode */
-#endif
-
-  /* This field is shared between entropy decoder and marker parser.
-   * It is either zero or the code of a JPEG marker that has been
-   * read from the data source, but has not yet been processed.
-   */
-  int unread_marker;
-
-  /*
-   * Links to decompression subobjects (methods, private variables of modules)
-   */
-  struct jpeg_decomp_master *master;
-  struct jpeg_d_main_controller *main;
-  struct jpeg_d_coef_controller *coef;
-  struct jpeg_d_post_controller *post;
-  struct jpeg_input_controller *inputctl;
-  struct jpeg_marker_reader *marker;
-  struct jpeg_entropy_decoder *entropy;
-  struct jpeg_inverse_dct *idct;
-  struct jpeg_upsampler *upsample;
-  struct jpeg_color_deconverter *cconvert;
-  struct jpeg_color_quantizer *cquantize;
-};
-
-
-/* "Object" declarations for JPEG modules that may be supplied or called
- * directly by the surrounding application.
- * As with all objects in the JPEG library, these structs only define the
- * publicly visible methods and state variables of a module.  Additional
- * private fields may exist after the public ones.
- */
-
-
-/* Error handler object */
-
-struct jpeg_error_mgr {
-  /* Error exit handler: does not return to caller */
-  void (*error_exit) (j_common_ptr cinfo);
-  /* Conditionally emit a trace or warning message */
-  void (*emit_message) (j_common_ptr cinfo, int msg_level);
-  /* Routine that actually outputs a trace or error message */
-  void (*output_message) (j_common_ptr cinfo);
-  /* Format a message string for the most recent JPEG error or message */
-  void (*format_message) (j_common_ptr cinfo, char *buffer);
-#define JMSG_LENGTH_MAX  200    /* recommended size of format_message buffer */
-  /* Reset error state variables at start of a new image */
-  void (*reset_error_mgr) (j_common_ptr cinfo);
-
-  /* The message ID code and any parameters are saved here.
-   * A message can have one string parameter or up to 8 int parameters.
-   */
-  int msg_code;
-#define JMSG_STR_PARM_MAX  80
-  union {
-    int i[8];
-    char s[JMSG_STR_PARM_MAX];
-  } msg_parm;
-
-  /* Standard state variables for error facility */
-
-  int trace_level;              /* max msg_level that will be displayed */
-
-  /* For recoverable corrupt-data errors, we emit a warning message,
-   * but keep going unless emit_message chooses to abort.  emit_message
-   * should count warnings in num_warnings.  The surrounding application
-   * can check for bad data by seeing if num_warnings is nonzero at the
-   * end of processing.
-   */
-  long num_warnings;            /* number of corrupt-data warnings */
-
-  /* These fields point to the table(s) of error message strings.
-   * An application can change the table pointer to switch to a different
-   * message list (typically, to change the language in which errors are
-   * reported).  Some applications may wish to add additional error codes
-   * that will be handled by the JPEG library error mechanism; the second
-   * table pointer is used for this purpose.
-   *
-   * First table includes all errors generated by JPEG library itself.
-   * Error code 0 is reserved for a "no such error string" message.
-   */
-  const char * const *jpeg_message_table; /* Library errors */
-  int last_jpeg_message;    /* Table contains strings 0..last_jpeg_message */
-  /* Second table can be added by application (see cjpeg/djpeg for example).
-   * It contains strings numbered first_addon_message..last_addon_message.
-   */
-  const char * const *addon_message_table; /* Non-library errors */
-  int first_addon_message;      /* code for first string in addon table */
-  int last_addon_message;       /* code for last string in addon table */
-};
-
-
-/* Progress monitor object */
-
-struct jpeg_progress_mgr {
-  void (*progress_monitor) (j_common_ptr cinfo);
-
-  long pass_counter;            /* work units completed in this pass */
-  long pass_limit;              /* total number of work units in this pass */
-  int completed_passes;         /* passes completed so far */
-  int total_passes;             /* total number of passes expected */
-};
-
-
-/* Data destination object for compression */
-
-struct jpeg_destination_mgr {
-  JOCTET *next_output_byte;     /* => next byte to write in buffer */
-  size_t free_in_buffer;        /* # of byte spaces remaining in buffer */
-
-  void (*init_destination) (j_compress_ptr cinfo);
-  boolean (*empty_output_buffer) (j_compress_ptr cinfo);
-  void (*term_destination) (j_compress_ptr cinfo);
-};
-
-
-/* Data source object for decompression */
-
-struct jpeg_source_mgr {
-  const JOCTET *next_input_byte; /* => next byte to read from buffer */
-  size_t bytes_in_buffer;       /* # of bytes remaining in buffer */
-
-  void (*init_source) (j_decompress_ptr cinfo);
-  boolean (*fill_input_buffer) (j_decompress_ptr cinfo);
-  void (*skip_input_data) (j_decompress_ptr cinfo, long num_bytes);
-  boolean (*resync_to_restart) (j_decompress_ptr cinfo, int desired);
-  void (*term_source) (j_decompress_ptr cinfo);
-};
-
-
-/* Memory manager object.
- * Allocates "small" objects (a few K total), "large" objects (tens of K),
- * and "really big" objects (virtual arrays with backing store if needed).
- * The memory manager does not allow individual objects to be freed; rather,
- * each created object is assigned to a pool, and whole pools can be freed
- * at once.  This is faster and more convenient than remembering exactly what
- * to free, especially where malloc()/free() are not too speedy.
- * NB: alloc routines never return NULL.  They exit to error_exit if not
- * successful.
- */
-
-#define JPOOL_PERMANENT  0      /* lasts until master record is destroyed */
-#define JPOOL_IMAGE      1      /* lasts until done with image/datastream */
-#define JPOOL_NUMPOOLS   2
-
-typedef struct jvirt_sarray_control *jvirt_sarray_ptr;
-typedef struct jvirt_barray_control *jvirt_barray_ptr;
-
-
-struct jpeg_memory_mgr {
-  /* Method pointers */
-  void *(*alloc_small) (j_common_ptr cinfo, int pool_id, size_t sizeofobject);
-  void *(*alloc_large) (j_common_ptr cinfo, int pool_id,
-                        size_t sizeofobject);
-  JSAMPARRAY (*alloc_sarray) (j_common_ptr cinfo, int pool_id,
-                              JDIMENSION samplesperrow, JDIMENSION numrows);
-  JBLOCKARRAY (*alloc_barray) (j_common_ptr cinfo, int pool_id,
-                               JDIMENSION blocksperrow, JDIMENSION numrows);
-  jvirt_sarray_ptr (*request_virt_sarray) (j_common_ptr cinfo, int pool_id,
-                                           boolean pre_zero,
-                                           JDIMENSION samplesperrow,
-                                           JDIMENSION numrows,
-                                           JDIMENSION maxaccess);
-  jvirt_barray_ptr (*request_virt_barray) (j_common_ptr cinfo, int pool_id,
-                                           boolean pre_zero,
-                                           JDIMENSION blocksperrow,
-                                           JDIMENSION numrows,
-                                           JDIMENSION maxaccess);
-  void (*realize_virt_arrays) (j_common_ptr cinfo);
-  JSAMPARRAY (*access_virt_sarray) (j_common_ptr cinfo, jvirt_sarray_ptr ptr,
-                                    JDIMENSION start_row, JDIMENSION num_rows,
-                                    boolean writable);
-  JBLOCKARRAY (*access_virt_barray) (j_common_ptr cinfo, jvirt_barray_ptr ptr,
-                                     JDIMENSION start_row, JDIMENSION num_rows,
-                                     boolean writable);
-  void (*free_pool) (j_common_ptr cinfo, int pool_id);
-  void (*self_destruct) (j_common_ptr cinfo);
-
-  /* Limit on memory allocation for this JPEG object.  (Note that this is
-   * merely advisory, not a guaranteed maximum; it only affects the space
-   * used for virtual-array buffers.)  May be changed by outer application
-   * after creating the JPEG object.
-   */
-  long max_memory_to_use;
-
-  /* Maximum allocation request accepted by alloc_large. */
-  long max_alloc_chunk;
-};
-
-
-/* Routine signature for application-supplied marker processing methods.
- * Need not pass marker code since it is stored in cinfo->unread_marker.
- */
-typedef boolean (*jpeg_marker_parser_method) (j_decompress_ptr cinfo);
-
-
-/* Originally, this macro was used as a way of defining function prototypes
- * for both modern compilers as well as older compilers that did not support
- * prototype parameters.  libjpeg-turbo has never supported these older,
- * non-ANSI compilers, but the macro is still included because there is some
- * software out there that uses it.
- */
-
-#define JPP(arglist)    arglist
-
-
-/* Default error-management setup */
-EXTERN(struct jpeg_error_mgr *) jpeg_std_error(struct jpeg_error_mgr *err);
-
-/* Initialization of JPEG compression objects.
- * jpeg_create_compress() and jpeg_create_decompress() are the exported
- * names that applications should call.  These expand to calls on
- * jpeg_CreateCompress and jpeg_CreateDecompress with additional information
- * passed for version mismatch checking.
- * NB: you must set up the error-manager BEFORE calling jpeg_create_xxx.
- */
-#define jpeg_create_compress(cinfo) \
-  jpeg_CreateCompress((cinfo), JPEG_LIB_VERSION, \
-                      (size_t)sizeof(struct jpeg_compress_struct))
-#define jpeg_create_decompress(cinfo) \
-  jpeg_CreateDecompress((cinfo), JPEG_LIB_VERSION, \
-                        (size_t)sizeof(struct jpeg_decompress_struct))
-EXTERN(void) jpeg_CreateCompress(j_compress_ptr cinfo, int version,
-                                 size_t structsize);
-EXTERN(void) jpeg_CreateDecompress(j_decompress_ptr cinfo, int version,
-                                   size_t structsize);
-/* Destruction of JPEG compression objects */
-EXTERN(void) jpeg_destroy_compress(j_compress_ptr cinfo);
-EXTERN(void) jpeg_destroy_decompress(j_decompress_ptr cinfo);
-
-/* Standard data source and destination managers: stdio streams. */
-/* Caller is responsible for opening the file before and closing after. */
-EXTERN(void) jpeg_stdio_dest(j_compress_ptr cinfo, FILE *outfile);
-EXTERN(void) jpeg_stdio_src(j_decompress_ptr cinfo, FILE *infile);
-
-#if JPEG_LIB_VERSION >= 80 || defined(MEM_SRCDST_SUPPORTED)
-/* Data source and destination managers: memory buffers. */
-EXTERN(void) jpeg_mem_dest(j_compress_ptr cinfo, unsigned char **outbuffer,
-                           unsigned long *outsize);
-EXTERN(void) jpeg_mem_src(j_decompress_ptr cinfo,
-                          const unsigned char *inbuffer, unsigned long insize);
-#endif
-
-/* Default parameter setup for compression */
-EXTERN(void) jpeg_set_defaults(j_compress_ptr cinfo);
-/* Compression parameter setup aids */
-EXTERN(void) jpeg_set_colorspace(j_compress_ptr cinfo,
-                                 J_COLOR_SPACE colorspace);
-EXTERN(void) jpeg_default_colorspace(j_compress_ptr cinfo);
-EXTERN(void) jpeg_set_quality(j_compress_ptr cinfo, int quality,
-                              boolean force_baseline);
-EXTERN(void) jpeg_set_linear_quality(j_compress_ptr cinfo, int scale_factor,
-                                     boolean force_baseline);
-#if JPEG_LIB_VERSION >= 70
-EXTERN(void) jpeg_default_qtables(j_compress_ptr cinfo,
-                                  boolean force_baseline);
-#endif
-EXTERN(void) jpeg_add_quant_table(j_compress_ptr cinfo, int which_tbl,
-                                  const unsigned int *basic_table,
-                                  int scale_factor, boolean force_baseline);
-EXTERN(int) jpeg_quality_scaling(int quality);
-EXTERN(void) jpeg_simple_progression(j_compress_ptr cinfo);
-EXTERN(void) jpeg_suppress_tables(j_compress_ptr cinfo, boolean suppress);
-EXTERN(JQUANT_TBL *) jpeg_alloc_quant_table(j_common_ptr cinfo);
-EXTERN(JHUFF_TBL *) jpeg_alloc_huff_table(j_common_ptr cinfo);
-
-/* Main entry points for compression */
-EXTERN(void) jpeg_start_compress(j_compress_ptr cinfo,
-                                 boolean write_all_tables);
-EXTERN(JDIMENSION) jpeg_write_scanlines(j_compress_ptr cinfo,
-                                        JSAMPARRAY scanlines,
-                                        JDIMENSION num_lines);
-EXTERN(void) jpeg_finish_compress(j_compress_ptr cinfo);
-
-#if JPEG_LIB_VERSION >= 70
-/* Precalculate JPEG dimensions for current compression parameters. */
-EXTERN(void) jpeg_calc_jpeg_dimensions(j_compress_ptr cinfo);
-#endif
-
-/* Replaces jpeg_write_scanlines when writing raw downsampled data. */
-EXTERN(JDIMENSION) jpeg_write_raw_data(j_compress_ptr cinfo, JSAMPIMAGE data,
-                                       JDIMENSION num_lines);
-
-/* Write a special marker.  See libjpeg.txt concerning safe usage. */
-EXTERN(void) jpeg_write_marker(j_compress_ptr cinfo, int marker,
-                               const JOCTET *dataptr, unsigned int datalen);
-/* Same, but piecemeal. */
-EXTERN(void) jpeg_write_m_header(j_compress_ptr cinfo, int marker,
-                                 unsigned int datalen);
-EXTERN(void) jpeg_write_m_byte(j_compress_ptr cinfo, int val);
-
-/* Alternate compression function: just write an abbreviated table file */
-EXTERN(void) jpeg_write_tables(j_compress_ptr cinfo);
-
-/* Write ICC profile.  See libjpeg.txt for usage information. */
-EXTERN(void) jpeg_write_icc_profile(j_compress_ptr cinfo,
-                                    const JOCTET *icc_data_ptr,
-                                    unsigned int icc_data_len);
-
-
-/* Decompression startup: read start of JPEG datastream to see what's there */
-EXTERN(int) jpeg_read_header(j_decompress_ptr cinfo, boolean require_image);
-/* Return value is one of: */
-#define JPEG_SUSPENDED           0 /* Suspended due to lack of input data */
-#define JPEG_HEADER_OK           1 /* Found valid image datastream */
-#define JPEG_HEADER_TABLES_ONLY  2 /* Found valid table-specs-only datastream */
-/* If you pass require_image = TRUE (normal case), you need not check for
- * a TABLES_ONLY return code; an abbreviated file will cause an error exit.
- * JPEG_SUSPENDED is only possible if you use a data source module that can
- * give a suspension return (the stdio source module doesn't).
- */
-
-/* Main entry points for decompression */
-EXTERN(boolean) jpeg_start_decompress(j_decompress_ptr cinfo);
-EXTERN(JDIMENSION) jpeg_read_scanlines(j_decompress_ptr cinfo,
-                                       JSAMPARRAY scanlines,
-                                       JDIMENSION max_lines);
-EXTERN(JDIMENSION) jpeg_skip_scanlines(j_decompress_ptr cinfo,
-                                       JDIMENSION num_lines);
-EXTERN(void) jpeg_crop_scanline(j_decompress_ptr cinfo, JDIMENSION *xoffset,
-                                JDIMENSION *width);
-EXTERN(boolean) jpeg_finish_decompress(j_decompress_ptr cinfo);
-
-/* Replaces jpeg_read_scanlines when reading raw downsampled data. */
-EXTERN(JDIMENSION) jpeg_read_raw_data(j_decompress_ptr cinfo, JSAMPIMAGE data,
-                                      JDIMENSION max_lines);
-
-/* Additional entry points for buffered-image mode. */
-EXTERN(boolean) jpeg_has_multiple_scans(j_decompress_ptr cinfo);
-EXTERN(boolean) jpeg_start_output(j_decompress_ptr cinfo, int scan_number);
-EXTERN(boolean) jpeg_finish_output(j_decompress_ptr cinfo);
-EXTERN(boolean) jpeg_input_complete(j_decompress_ptr cinfo);
-EXTERN(void) jpeg_new_colormap(j_decompress_ptr cinfo);
-EXTERN(int) jpeg_consume_input(j_decompress_ptr cinfo);
-/* Return value is one of: */
-/* #define JPEG_SUSPENDED       0    Suspended due to lack of input data */
-#define JPEG_REACHED_SOS        1 /* Reached start of new scan */
-#define JPEG_REACHED_EOI        2 /* Reached end of image */
-#define JPEG_ROW_COMPLETED      3 /* Completed one iMCU row */
-#define JPEG_SCAN_COMPLETED     4 /* Completed last iMCU row of a scan */
-
-/* Precalculate output dimensions for current decompression parameters. */
-#if JPEG_LIB_VERSION >= 80
-EXTERN(void) jpeg_core_output_dimensions(j_decompress_ptr cinfo);
-#endif
-EXTERN(void) jpeg_calc_output_dimensions(j_decompress_ptr cinfo);
-
-/* Control saving of COM and APPn markers into marker_list. */
-EXTERN(void) jpeg_save_markers(j_decompress_ptr cinfo, int marker_code,
-                               unsigned int length_limit);
-
-/* Install a special processing method for COM or APPn markers. */
-EXTERN(void) jpeg_set_marker_processor(j_decompress_ptr cinfo,
-                                       int marker_code,
-                                       jpeg_marker_parser_method routine);
-
-/* Read or write raw DCT coefficients --- useful for lossless transcoding. */
-EXTERN(jvirt_barray_ptr *) jpeg_read_coefficients(j_decompress_ptr cinfo);
-EXTERN(void) jpeg_write_coefficients(j_compress_ptr cinfo,
-                                     jvirt_barray_ptr *coef_arrays);
-EXTERN(void) jpeg_copy_critical_parameters(j_decompress_ptr srcinfo,
-                                           j_compress_ptr dstinfo);
-
-/* If you choose to abort compression or decompression before completing
- * jpeg_finish_(de)compress, then you need to clean up to release memory,
- * temporary files, etc.  You can just call jpeg_destroy_(de)compress
- * if you're done with the JPEG object, but if you want to clean it up and
- * reuse it, call this:
- */
-EXTERN(void) jpeg_abort_compress(j_compress_ptr cinfo);
-EXTERN(void) jpeg_abort_decompress(j_decompress_ptr cinfo);
-
-/* Generic versions of jpeg_abort and jpeg_destroy that work on either
- * flavor of JPEG object.  These may be more convenient in some places.
- */
-EXTERN(void) jpeg_abort(j_common_ptr cinfo);
-EXTERN(void) jpeg_destroy(j_common_ptr cinfo);
-
-/* Default restart-marker-resync procedure for use by data source modules */
-EXTERN(boolean) jpeg_resync_to_restart(j_decompress_ptr cinfo, int desired);
-
-/* Read ICC profile.  See libjpeg.txt for usage information. */
-EXTERN(boolean) jpeg_read_icc_profile(j_decompress_ptr cinfo,
-                                      JOCTET **icc_data_ptr,
-                                      unsigned int *icc_data_len);
-
-
-/* These marker codes are exported since applications and data source modules
- * are likely to want to use them.
- */
-
-#define JPEG_RST0       0xD0    /* RST0 marker code */
-#define JPEG_EOI        0xD9    /* EOI marker code */
-#define JPEG_APP0       0xE0    /* APP0 marker code */
-#define JPEG_COM        0xFE    /* COM marker code */
-
-
-/* If we have a brain-damaged compiler that emits warnings (or worse, errors)
- * for structure definitions that are never filled in, keep it quiet by
- * supplying dummy definitions for the various substructures.
- */
-
-#ifdef INCOMPLETE_TYPES_BROKEN
-#ifndef JPEG_INTERNALS          /* will be defined in jpegint.h */
-struct jvirt_sarray_control { long dummy; };
-struct jvirt_barray_control { long dummy; };
-struct jpeg_comp_master { long dummy; };
-struct jpeg_c_main_controller { long dummy; };
-struct jpeg_c_prep_controller { long dummy; };
-struct jpeg_c_coef_controller { long dummy; };
-struct jpeg_marker_writer { long dummy; };
-struct jpeg_color_converter { long dummy; };
-struct jpeg_downsampler { long dummy; };
-struct jpeg_forward_dct { long dummy; };
-struct jpeg_entropy_encoder { long dummy; };
-struct jpeg_decomp_master { long dummy; };
-struct jpeg_d_main_controller { long dummy; };
-struct jpeg_d_coef_controller { long dummy; };
-struct jpeg_d_post_controller { long dummy; };
-struct jpeg_input_controller { long dummy; };
-struct jpeg_marker_reader { long dummy; };
-struct jpeg_entropy_decoder { long dummy; };
-struct jpeg_inverse_dct { long dummy; };
-struct jpeg_upsampler { long dummy; };
-struct jpeg_color_deconverter { long dummy; };
-struct jpeg_color_quantizer { long dummy; };
-#endif /* JPEG_INTERNALS */
-#endif /* INCOMPLETE_TYPES_BROKEN */
-
-
-/*
- * The JPEG library modules define JPEG_INTERNALS before including this file.
- * The internal structure declarations are read only when that is true.
- * Applications using the library should not include jpegint.h, but may wish
- * to include jerror.h.
- */
-
-#ifdef JPEG_INTERNALS
-#include "jpegint.h"            /* fetch private declarations */
-#include "jerror.h"             /* fetch error codes too */
-#endif
-
-#ifdef __cplusplus
-#ifndef DONT_USE_EXTERN_C
-}
-#endif
-#endif
-
-#endif /* JPEGLIB_H */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jpegtran.1 b/3rdparty/libjpeg-turbo_2_1_0/jpegtran.1
deleted file mode 100644
index da7a266..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jpegtran.1
+++ /dev/null
@@ -1,358 +0,0 @@
-.TH JPEGTRAN 1 "26 October 2020"
-.SH NAME
-jpegtran \- lossless transformation of JPEG files
-.SH SYNOPSIS
-.B jpegtran
-[
-.I options
-]
-[
-.I filename
-]
-.LP
-.SH DESCRIPTION
-.LP
-.B jpegtran
-performs various useful transformations of JPEG files.
-It can translate the coded representation from one variant of JPEG to another,
-for example from baseline JPEG to progressive JPEG or vice versa.  It can also
-perform some rearrangements of the image data, for example turning an image
-from landscape to portrait format by rotation.
-.PP
-For EXIF files and JPEG files containing Exif data, you may prefer to use
-.B exiftran
-instead.
-.PP
-.B jpegtran
-works by rearranging the compressed data (DCT coefficients), without
-ever fully decoding the image.  Therefore, its transformations are lossless:
-there is no image degradation at all, which would not be true if you used
-.B djpeg
-followed by
-.B cjpeg
-to accomplish the same conversion.  But by the same token,
-.B jpegtran
-cannot perform lossy operations such as changing the image quality.  However,
-while the image data is losslessly transformed, metadata can be removed.  See
-the
-.B \-copy
-option for specifics.
-.PP
-.B jpegtran
-reads the named JPEG/JFIF file, or the standard input if no file is
-named, and produces a JPEG/JFIF file on the standard output.
-.SH OPTIONS
-All switch names may be abbreviated; for example,
-.B \-optimize
-may be written
-.B \-opt
-or
-.BR \-o .
-Upper and lower case are equivalent.
-British spellings are also accepted (e.g.,
-.BR \-optimise ),
-though for brevity these are not mentioned below.
-.PP
-To specify the coded JPEG representation used in the output file,
-.B jpegtran
-accepts a subset of the switches recognized by
-.BR cjpeg :
-.TP
-.B \-optimize
-Perform optimization of entropy encoding parameters.
-.TP
-.B \-progressive
-Create progressive JPEG file.
-.TP
-.BI \-restart " N"
-Emit a JPEG restart marker every N MCU rows, or every N MCU blocks if "B" is
-attached to the number.
-.TP
-.B \-arithmetic
-Use arithmetic coding.
-.TP
-.BI \-scans " file"
-Use the scan script given in the specified text file.
-.PP
-See
-.BR cjpeg (1)
-for more details about these switches.
-If you specify none of these switches, you get a plain baseline-JPEG output
-file.  The quality setting and so forth are determined by the input file.
-.PP
-The image can be losslessly transformed by giving one of these switches:
-.TP
-.B \-flip horizontal
-Mirror image horizontally (left-right).
-.TP
-.B \-flip vertical
-Mirror image vertically (top-bottom).
-.TP
-.B \-rotate 90
-Rotate image 90 degrees clockwise.
-.TP
-.B \-rotate 180
-Rotate image 180 degrees.
-.TP
-.B \-rotate 270
-Rotate image 270 degrees clockwise (or 90 ccw).
-.TP
-.B \-transpose
-Transpose image (across UL-to-LR axis).
-.TP
-.B \-transverse
-Transverse transpose (across UR-to-LL axis).
-.PP
-The transpose transformation has no restrictions regarding image dimensions.
-The other transformations operate rather oddly if the image dimensions are not
-a multiple of the iMCU size (usually 8 or 16 pixels), because they can only
-transform complete blocks of DCT coefficient data in the desired way.
-.PP
-.BR jpegtran 's
-default behavior when transforming an odd-size image is designed
-to preserve exact reversibility and mathematical consistency of the
-transformation set.  As stated, transpose is able to flip the entire image
-area.  Horizontal mirroring leaves any partial iMCU column at the right edge
-untouched, but is able to flip all rows of the image.  Similarly, vertical
-mirroring leaves any partial iMCU row at the bottom edge untouched, but is
-able to flip all columns.  The other transforms can be built up as sequences
-of transpose and flip operations; for consistency, their actions on edge
-pixels are defined to be the same as the end result of the corresponding
-transpose-and-flip sequence.
-.PP
-For practical use, you may prefer to discard any untransformable edge pixels
-rather than having a strange-looking strip along the right and/or bottom edges
-of a transformed image.  To do this, add the
-.B \-trim
-switch:
-.TP
-.B \-trim
-Drop non-transformable edge blocks.
-.IP
-Obviously, a transformation with
-.B \-trim
-is not reversible, so strictly speaking
-.B jpegtran
-with this switch is not lossless.  Also, the expected mathematical
-equivalences between the transformations no longer hold.  For example,
-.B \-rot 270 -trim
-trims only the bottom edge, but
-.B \-rot 90 -trim
-followed by
-.B \-rot 180 -trim
-trims both edges.
-.TP
-.B \-perfect
-If you are only interested in perfect transformations, add the
-.B \-perfect
-switch.  This causes
-.B jpegtran
-to fail with an error if the transformation is not perfect.
-.IP
-For example, you may want to do
-.IP
-.B (jpegtran \-rot 90 -perfect
-.I foo.jpg
-.B || djpeg
-.I foo.jpg
-.B | pnmflip \-r90 | cjpeg)
-.IP
-to do a perfect rotation, if available, or an approximated one if not.
-.PP
-This version of \fBjpegtran\fR also offers a lossless crop option, which
-discards data outside of a given image region but losslessly preserves what is
-inside.  Like the rotate and flip transforms, lossless crop is restricted by
-the current JPEG format; the upper left corner of the selected region must fall
-on an iMCU boundary.  If it doesn't, then it is silently moved up and/or left
-to the nearest iMCU boundary (the lower right corner is unchanged.)  Thus, the
-output image covers at least the requested region, but it may cover more.  The
-adjustment of the region dimensions may be optionally disabled by attaching an
-'f' character ("force") to the width or height number.
-
-The image can be losslessly cropped by giving the switch:
-.TP
-.B \-crop WxH+X+Y
-Crop the image to a rectangular region of width W and height H, starting at
-point X,Y.  The lossless crop feature discards data outside of a given image
-region but losslessly preserves what is inside.  Like the rotate and flip
-transforms, lossless crop is restricted by the current JPEG format; the upper
-left corner of the selected region must fall on an iMCU boundary.  If it
-doesn't, then it is silently moved up and/or left to the nearest iMCU boundary
-(the lower right corner is unchanged.)
-.PP
-If W or H is larger than the width/height of the input image, then the output
-image is expanded in size, and the expanded region is filled in with zeros
-(neutral gray).  Attaching an 'f' character ("flatten") to the width number
-will cause each block in the expanded region to be filled in with the DC
-coefficient of the nearest block in the input image rather than grayed out.
-Attaching an 'r' character ("reflect") to the width number will cause the
-expanded region to be filled in with repeated reflections of the input image
-rather than grayed out.
-.PP
-A complementary lossless wipe option is provided to discard (gray out) data
-inside a given image region while losslessly preserving what is outside:
-.TP
-.B \-wipe WxH+X+Y
-Wipe (gray out) a rectangular region of width W and height H from the input
-image, starting at point X,Y.
-.PP
-Attaching an 'f' character ("flatten") to the width number will cause the
-region to be filled with the average of adjacent blocks rather than grayed out.
-If the wipe region and the region outside the wipe region, when adjusted to the
-nearest iMCU boundary, form two horizontally adjacent rectangles, then
-attaching an 'r' character ("reflect") to the width number will cause the wipe
-region to be filled with repeated reflections of the outside region rather than
-grayed out.
-.PP
-A lossless drop option is also provided, which allows another JPEG image to be
-inserted ("dropped") into the input image data at a given position, replacing
-the existing image data at that position:
-.TP
-.B \-drop +X+Y filename
-Drop (insert) another image at point X,Y
-.PP
-Both the input image and the drop image must have the same subsampling level.
-It is best if they also have the same quantization (quality.)  Otherwise, the
-quantization of the output image will be adapted to accommodate the higher of
-the input image quality and the drop image quality.  The trim option can be
-used with the drop option to requantize the drop image to match the input
-image.  Note that a grayscale image can be dropped into a full-color image or
-vice versa, as long as the full-color image has no vertical subsampling.  If
-the input image is grayscale and the drop image is full-color, then the
-chrominance channels from the drop image will be discarded.
-.PP
-Other not-strictly-lossless transformation switches are:
-.TP
-.B \-grayscale
-Force grayscale output.
-.IP
-This option discards the chrominance channels if the input image is YCbCr
-(ie, a standard color JPEG), resulting in a grayscale JPEG file.  The
-luminance channel is preserved exactly, so this is a better method of reducing
-to grayscale than decompression, conversion, and recompression.  This switch
-is particularly handy for fixing a monochrome picture that was mistakenly
-encoded as a color JPEG.  (In such a case, the space savings from getting rid
-of the near-empty chroma channels won't be large; but the decoding time for
-a grayscale JPEG is substantially less than that for a color JPEG.)
-.PP
-.B jpegtran
-also recognizes these switches that control what to do with "extra" markers,
-such as comment blocks:
-.TP
-.B \-copy none
-Copy no extra markers from source file.  This setting suppresses all
-comments and other metadata in the source file.
-.TP
-.B \-copy comments
-Copy only comment markers.  This setting copies comments from the source file
-but discards any other metadata.
-.TP
-.B \-copy all
-Copy all extra markers.  This setting preserves miscellaneous markers
-found in the source file, such as JFIF thumbnails, Exif data, and Photoshop
-settings.  In some files, these extra markers can be sizable.  Note that this
-option will copy thumbnails as-is; they will not be transformed.
-.PP
-The default behavior is \fB-copy comments\fR.  (Note: in IJG releases v6 and
-v6a, \fBjpegtran\fR always did the equivalent of \fB-copy none\fR.)
-.PP
-Additional switches recognized by jpegtran are:
-.TP
-.BI \-icc " file"
-Embed ICC color management profile contained in the specified file.  Note that
-this will cause \fBjpegtran\fR to ignore any APP2 markers in the input file,
-even if \fB-copy all\fR is specified.
-.TP
-.BI \-maxmemory " N"
-Set limit for amount of memory to use in processing large images.  Value is
-in thousands of bytes, or millions of bytes if "M" is attached to the
-number.  For example,
-.B \-max 4m
-selects 4000000 bytes.  If more space is needed, an error will occur.
-.TP
-.BI \-maxscans " N"
-Abort if the input image contains more than
-.I N
-scans.  This feature demonstrates a method by which applications can guard
-against denial-of-service attacks instigated by specially-crafted malformed
-JPEG images containing numerous scans with missing image data or image data
-consisting only of "EOB runs" (a feature of progressive JPEG images that allows
-potentially hundreds of thousands of adjoining zero-value pixels to be
-represented using only a few bytes.)  Attempting to transform such malformed
-JPEG images can cause excessive CPU activity, since the decompressor must fully
-process each scan (even if the scan is corrupt) before it can proceed to the
-next scan.
-.TP
-.BI \-outfile " name"
-Send output image to the named file, not to standard output.
-.TP
-.BI \-report
-Report transformation progress.
-.TP
-.BI \-strict
-Treat all warnings as fatal.  This feature also demonstrates a method by which
-applications can guard against attacks instigated by specially-crafted
-malformed JPEG images.  Enabling this option will cause the decompressor to
-abort if the input image contains incomplete or corrupt image data.
-.TP
-.B \-verbose
-Enable debug printout.  More
-.BR \-v 's
-give more output.  Also, version information is printed at startup.
-.TP
-.B \-debug
-Same as
-.BR \-verbose .
-.TP
-.B \-version
-Print version information and exit.
-.SH EXAMPLES
-.LP
-This example converts a baseline JPEG file to progressive form:
-.IP
-.B jpegtran \-progressive
-.I foo.jpg
-.B >
-.I fooprog.jpg
-.PP
-This example rotates an image 90 degrees clockwise, discarding any
-unrotatable edge pixels:
-.IP
-.B jpegtran \-rot 90 -trim
-.I foo.jpg
-.B >
-.I foo90.jpg
-.SH ENVIRONMENT
-.TP
-.B JPEGMEM
-If this environment variable is set, its value is the default memory limit.
-The value is specified as described for the
-.B \-maxmemory
-switch.
-.B JPEGMEM
-overrides the default value specified when the program was compiled, and
-itself is overridden by an explicit
-.BR \-maxmemory .
-.SH SEE ALSO
-.BR cjpeg (1),
-.BR djpeg (1),
-.BR rdjpgcom (1),
-.BR wrjpgcom (1)
-.br
-Wallace, Gregory K.  "The JPEG Still Picture Compression Standard",
-Communications of the ACM, April 1991 (vol. 34, no. 4), pp. 30-44.
-.SH AUTHOR
-Independent JPEG Group
-.PP
-This file was modified by The libjpeg-turbo Project to include only information
-relevant to libjpeg-turbo and to wordsmith certain sections.
-.SH BUGS
-The transform options can't transform odd-size images perfectly.  Use
-.B \-trim
-or
-.B \-perfect
-if you don't like the results.
-.PP
-The entire image is read into memory and then written out again, even in
-cases where this isn't really necessary.  Expect swapping on large images,
-especially when using the more complex transform options.
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jpegtran.c b/3rdparty/libjpeg-turbo_2_1_0/jpegtran.c
deleted file mode 100644
index 244996d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jpegtran.c
+++ /dev/null
@@ -1,734 +0,0 @@
-/*
- * jpegtran.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1995-2019, Thomas G. Lane, Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2010, 2014, 2017, 2019-2020, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains a command-line user interface for JPEG transcoding.
- * It is very similar to cjpeg.c, and partly to djpeg.c, but provides
- * lossless transcoding between different JPEG file formats.  It also
- * provides some lossless and sort-of-lossless transformations of JPEG data.
- */
-
-#include "cdjpeg.h"             /* Common decls for cjpeg/djpeg applications */
-#include "transupp.h"           /* Support routines for jpegtran */
-#include "jversion.h"           /* for version message */
-#include "jconfigint.h"
-
-#ifdef USE_CCOMMAND             /* command-line reader for Macintosh */
-#ifdef __MWERKS__
-#include <SIOUX.h>              /* Metrowerks needs this */
-#include <console.h>            /* ... and this */
-#endif
-#ifdef THINK_C
-#include <console.h>            /* Think declares it here */
-#endif
-#endif
-
-
-/*
- * Argument-parsing code.
- * The switch parser is designed to be useful with DOS-style command line
- * syntax, ie, intermixed switches and file names, where only the switches
- * to the left of a given file name affect processing of that file.
- * The main program in this file doesn't actually use this capability...
- */
-
-
-static const char *progname;    /* program name for error messages */
-static char *icc_filename;      /* for -icc switch */
-JDIMENSION max_scans;           /* for -maxscans switch */
-static char *outfilename;       /* for -outfile switch */
-static char *dropfilename;      /* for -drop switch */
-boolean report;                 /* for -report switch */
-boolean strict;                 /* for -strict switch */
-static JCOPY_OPTION copyoption; /* -copy switch */
-static jpeg_transform_info transformoption; /* image transformation options */
-
-
-LOCAL(void)
-usage(void)
-/* complain about bad command line */
-{
-  fprintf(stderr, "usage: %s [switches] ", progname);
-#ifdef TWO_FILE_COMMANDLINE
-  fprintf(stderr, "inputfile outputfile\n");
-#else
-  fprintf(stderr, "[inputfile]\n");
-#endif
-
-  fprintf(stderr, "Switches (names may be abbreviated):\n");
-  fprintf(stderr, "  -copy none     Copy no extra markers from source file\n");
-  fprintf(stderr, "  -copy comments Copy only comment markers (default)\n");
-  fprintf(stderr, "  -copy all      Copy all extra markers\n");
-#ifdef ENTROPY_OPT_SUPPORTED
-  fprintf(stderr, "  -optimize      Optimize Huffman table (smaller file, but slow compression)\n");
-#endif
-#ifdef C_PROGRESSIVE_SUPPORTED
-  fprintf(stderr, "  -progressive   Create progressive JPEG file\n");
-#endif
-  fprintf(stderr, "Switches for modifying the image:\n");
-#if TRANSFORMS_SUPPORTED
-  fprintf(stderr, "  -crop WxH+X+Y  Crop to a rectangular region\n");
-  fprintf(stderr, "  -drop +X+Y filename          Drop (insert) another image\n");
-  fprintf(stderr, "  -flip [horizontal|vertical]  Mirror image (left-right or top-bottom)\n");
-  fprintf(stderr, "  -grayscale     Reduce to grayscale (omit color data)\n");
-  fprintf(stderr, "  -perfect       Fail if there is non-transformable edge blocks\n");
-  fprintf(stderr, "  -rotate [90|180|270]         Rotate image (degrees clockwise)\n");
-#endif
-#if TRANSFORMS_SUPPORTED
-  fprintf(stderr, "  -transpose     Transpose image\n");
-  fprintf(stderr, "  -transverse    Transverse transpose image\n");
-  fprintf(stderr, "  -trim          Drop non-transformable edge blocks\n");
-  fprintf(stderr, "                 with -drop: Requantize drop file to match source file\n");
-  fprintf(stderr, "  -wipe WxH+X+Y  Wipe (gray out) a rectangular region\n");
-#endif
-  fprintf(stderr, "Switches for advanced users:\n");
-#ifdef C_ARITH_CODING_SUPPORTED
-  fprintf(stderr, "  -arithmetic    Use arithmetic coding\n");
-#endif
-  fprintf(stderr, "  -icc FILE      Embed ICC profile contained in FILE\n");
-  fprintf(stderr, "  -restart N     Set restart interval in rows, or in blocks with B\n");
-  fprintf(stderr, "  -maxmemory N   Maximum memory to use (in kbytes)\n");
-  fprintf(stderr, "  -maxscans N    Maximum number of scans to allow in input file\n");
-  fprintf(stderr, "  -outfile name  Specify name for output file\n");
-  fprintf(stderr, "  -report        Report transformation progress\n");
-  fprintf(stderr, "  -strict        Treat all warnings as fatal\n");
-  fprintf(stderr, "  -verbose  or  -debug   Emit debug output\n");
-  fprintf(stderr, "  -version       Print version information and exit\n");
-  fprintf(stderr, "Switches for wizards:\n");
-#ifdef C_MULTISCAN_FILES_SUPPORTED
-  fprintf(stderr, "  -scans FILE    Create multi-scan JPEG per script FILE\n");
-#endif
-  exit(EXIT_FAILURE);
-}
-
-
-LOCAL(void)
-select_transform(JXFORM_CODE transform)
-/* Silly little routine to detect multiple transform options,
- * which we can't handle.
- */
-{
-#if TRANSFORMS_SUPPORTED
-  if (transformoption.transform == JXFORM_NONE ||
-      transformoption.transform == transform) {
-    transformoption.transform = transform;
-  } else {
-    fprintf(stderr, "%s: can only do one image transformation at a time\n",
-            progname);
-    usage();
-  }
-#else
-  fprintf(stderr, "%s: sorry, image transformation was not compiled\n",
-          progname);
-  exit(EXIT_FAILURE);
-#endif
-}
-
-
-LOCAL(int)
-parse_switches(j_compress_ptr cinfo, int argc, char **argv,
-               int last_file_arg_seen, boolean for_real)
-/* Parse optional switches.
- * Returns argv[] index of first file-name argument (== argc if none).
- * Any file names with indexes <= last_file_arg_seen are ignored;
- * they have presumably been processed in a previous iteration.
- * (Pass 0 for last_file_arg_seen on the first or only iteration.)
- * for_real is FALSE on the first (dummy) pass; we may skip any expensive
- * processing.
- */
-{
-  int argn;
-  char *arg;
-  boolean simple_progressive;
-  char *scansarg = NULL;        /* saves -scans parm if any */
-
-  /* Set up default JPEG parameters. */
-  simple_progressive = FALSE;
-  icc_filename = NULL;
-  max_scans = 0;
-  outfilename = NULL;
-  report = FALSE;
-  strict = FALSE;
-  copyoption = JCOPYOPT_DEFAULT;
-  transformoption.transform = JXFORM_NONE;
-  transformoption.perfect = FALSE;
-  transformoption.trim = FALSE;
-  transformoption.force_grayscale = FALSE;
-  transformoption.crop = FALSE;
-  transformoption.slow_hflip = FALSE;
-  cinfo->err->trace_level = 0;
-
-  /* Scan command line options, adjust parameters */
-
-  for (argn = 1; argn < argc; argn++) {
-    arg = argv[argn];
-    if (*arg != '-') {
-      /* Not a switch, must be a file name argument */
-      if (argn <= last_file_arg_seen) {
-        outfilename = NULL;     /* -outfile applies to just one input file */
-        continue;               /* ignore this name if previously processed */
-      }
-      break;                    /* else done parsing switches */
-    }
-    arg++;                      /* advance past switch marker character */
-
-    if (keymatch(arg, "arithmetic", 1)) {
-      /* Use arithmetic coding. */
-#ifdef C_ARITH_CODING_SUPPORTED
-      cinfo->arith_code = TRUE;
-#else
-      fprintf(stderr, "%s: sorry, arithmetic coding not supported\n",
-              progname);
-      exit(EXIT_FAILURE);
-#endif
-
-    } else if (keymatch(arg, "copy", 2)) {
-      /* Select which extra markers to copy. */
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      if (keymatch(argv[argn], "none", 1)) {
-        copyoption = JCOPYOPT_NONE;
-      } else if (keymatch(argv[argn], "comments", 1)) {
-        copyoption = JCOPYOPT_COMMENTS;
-      } else if (keymatch(argv[argn], "all", 1)) {
-        copyoption = JCOPYOPT_ALL;
-      } else
-        usage();
-
-    } else if (keymatch(arg, "crop", 2)) {
-      /* Perform lossless cropping. */
-#if TRANSFORMS_SUPPORTED
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      if (transformoption.crop /* reject multiple crop/drop/wipe requests */ ||
-          !jtransform_parse_crop_spec(&transformoption, argv[argn])) {
-        fprintf(stderr, "%s: bogus -crop argument '%s'\n",
-                progname, argv[argn]);
-        exit(EXIT_FAILURE);
-      }
-#else
-      select_transform(JXFORM_NONE);    /* force an error */
-#endif
-
-    } else if (keymatch(arg, "drop", 2)) {
-#if TRANSFORMS_SUPPORTED
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      if (transformoption.crop /* reject multiple crop/drop/wipe requests */ ||
-          !jtransform_parse_crop_spec(&transformoption, argv[argn]) ||
-          transformoption.crop_width_set != JCROP_UNSET ||
-          transformoption.crop_height_set != JCROP_UNSET) {
-        fprintf(stderr, "%s: bogus -drop argument '%s'\n",
-                progname, argv[argn]);
-        exit(EXIT_FAILURE);
-      }
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      dropfilename = argv[argn];
-      select_transform(JXFORM_DROP);
-#else
-      select_transform(JXFORM_NONE);    /* force an error */
-#endif
-
-    } else if (keymatch(arg, "debug", 1) || keymatch(arg, "verbose", 1)) {
-      /* Enable debug printouts. */
-      /* On first -d, print version identification */
-      static boolean printed_version = FALSE;
-
-      if (!printed_version) {
-        fprintf(stderr, "%s version %s (build %s)\n",
-                PACKAGE_NAME, VERSION, BUILD);
-        fprintf(stderr, "%s\n\n", JCOPYRIGHT);
-        fprintf(stderr, "Emulating The Independent JPEG Group's software, version %s\n\n",
-                JVERSION);
-        printed_version = TRUE;
-      }
-      cinfo->err->trace_level++;
-
-    } else if (keymatch(arg, "version", 4)) {
-      fprintf(stderr, "%s version %s (build %s)\n",
-              PACKAGE_NAME, VERSION, BUILD);
-      exit(EXIT_SUCCESS);
-
-    } else if (keymatch(arg, "flip", 1)) {
-      /* Mirror left-right or top-bottom. */
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      if (keymatch(argv[argn], "horizontal", 1))
-        select_transform(JXFORM_FLIP_H);
-      else if (keymatch(argv[argn], "vertical", 1))
-        select_transform(JXFORM_FLIP_V);
-      else
-        usage();
-
-    } else if (keymatch(arg, "grayscale", 1) ||
-               keymatch(arg, "greyscale", 1)) {
-      /* Force to grayscale. */
-#if TRANSFORMS_SUPPORTED
-      transformoption.force_grayscale = TRUE;
-#else
-      select_transform(JXFORM_NONE);    /* force an error */
-#endif
-
-    } else if (keymatch(arg, "icc", 1)) {
-      /* Set ICC filename. */
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      icc_filename = argv[argn];
-
-    } else if (keymatch(arg, "maxmemory", 3)) {
-      /* Maximum memory in Kb (or Mb with 'm'). */
-      long lval;
-      char ch = 'x';
-
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      if (sscanf(argv[argn], "%ld%c", &lval, &ch) < 1)
-        usage();
-      if (ch == 'm' || ch == 'M')
-        lval *= 1000L;
-      cinfo->mem->max_memory_to_use = lval * 1000L;
-
-    } else if (keymatch(arg, "maxscans", 4)) {
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      if (sscanf(argv[argn], "%u", &max_scans) != 1)
-        usage();
-
-    } else if (keymatch(arg, "optimize", 1) || keymatch(arg, "optimise", 1)) {
-      /* Enable entropy parm optimization. */
-#ifdef ENTROPY_OPT_SUPPORTED
-      cinfo->optimize_coding = TRUE;
-#else
-      fprintf(stderr, "%s: sorry, entropy optimization was not compiled\n",
-              progname);
-      exit(EXIT_FAILURE);
-#endif
-
-    } else if (keymatch(arg, "outfile", 4)) {
-      /* Set output file name. */
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      outfilename = argv[argn]; /* save it away for later use */
-
-    } else if (keymatch(arg, "perfect", 2)) {
-      /* Fail if there is any partial edge MCUs that the transform can't
-       * handle. */
-      transformoption.perfect = TRUE;
-
-    } else if (keymatch(arg, "progressive", 2)) {
-      /* Select simple progressive mode. */
-#ifdef C_PROGRESSIVE_SUPPORTED
-      simple_progressive = TRUE;
-      /* We must postpone execution until num_components is known. */
-#else
-      fprintf(stderr, "%s: sorry, progressive output was not compiled\n",
-              progname);
-      exit(EXIT_FAILURE);
-#endif
-
-    } else if (keymatch(arg, "report", 3)) {
-      report = TRUE;
-
-    } else if (keymatch(arg, "restart", 1)) {
-      /* Restart interval in MCU rows (or in MCUs with 'b'). */
-      long lval;
-      char ch = 'x';
-
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      if (sscanf(argv[argn], "%ld%c", &lval, &ch) < 1)
-        usage();
-      if (lval < 0 || lval > 65535L)
-        usage();
-      if (ch == 'b' || ch == 'B') {
-        cinfo->restart_interval = (unsigned int)lval;
-        cinfo->restart_in_rows = 0; /* else prior '-restart n' overrides me */
-      } else {
-        cinfo->restart_in_rows = (int)lval;
-        /* restart_interval will be computed during startup */
-      }
-
-    } else if (keymatch(arg, "rotate", 2)) {
-      /* Rotate 90, 180, or 270 degrees (measured clockwise). */
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      if (keymatch(argv[argn], "90", 2))
-        select_transform(JXFORM_ROT_90);
-      else if (keymatch(argv[argn], "180", 3))
-        select_transform(JXFORM_ROT_180);
-      else if (keymatch(argv[argn], "270", 3))
-        select_transform(JXFORM_ROT_270);
-      else
-        usage();
-
-    } else if (keymatch(arg, "scans", 1)) {
-      /* Set scan script. */
-#ifdef C_MULTISCAN_FILES_SUPPORTED
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      scansarg = argv[argn];
-      /* We must postpone reading the file in case -progressive appears. */
-#else
-      fprintf(stderr, "%s: sorry, multi-scan output was not compiled\n",
-              progname);
-      exit(EXIT_FAILURE);
-#endif
-
-    } else if (keymatch(arg, "strict", 2)) {
-      strict = TRUE;
-
-    } else if (keymatch(arg, "transpose", 1)) {
-      /* Transpose (across UL-to-LR axis). */
-      select_transform(JXFORM_TRANSPOSE);
-
-    } else if (keymatch(arg, "transverse", 6)) {
-      /* Transverse transpose (across UR-to-LL axis). */
-      select_transform(JXFORM_TRANSVERSE);
-
-    } else if (keymatch(arg, "trim", 3)) {
-      /* Trim off any partial edge MCUs that the transform can't handle. */
-      transformoption.trim = TRUE;
-
-    } else if (keymatch(arg, "wipe", 1)) {
-#if TRANSFORMS_SUPPORTED
-      if (++argn >= argc)       /* advance to next argument */
-        usage();
-      if (transformoption.crop /* reject multiple crop/drop/wipe requests */ ||
-          !jtransform_parse_crop_spec(&transformoption, argv[argn])) {
-        fprintf(stderr, "%s: bogus -wipe argument '%s'\n",
-                progname, argv[argn]);
-        exit(EXIT_FAILURE);
-      }
-      select_transform(JXFORM_WIPE);
-#else
-      select_transform(JXFORM_NONE);    /* force an error */
-#endif
-
-    } else {
-      usage();                  /* bogus switch */
-    }
-  }
-
-  /* Post-switch-scanning cleanup */
-
-  if (for_real) {
-
-#ifdef C_PROGRESSIVE_SUPPORTED
-    if (simple_progressive)     /* process -progressive; -scans can override */
-      jpeg_simple_progression(cinfo);
-#endif
-
-#ifdef C_MULTISCAN_FILES_SUPPORTED
-    if (scansarg != NULL)       /* process -scans if it was present */
-      if (!read_scan_script(cinfo, scansarg))
-        usage();
-#endif
-  }
-
-  return argn;                  /* return index of next arg (file name) */
-}
-
-
-METHODDEF(void)
-my_emit_message(j_common_ptr cinfo, int msg_level)
-{
-  if (msg_level < 0) {
-    /* Treat warning as fatal */
-    cinfo->err->error_exit(cinfo);
-  } else {
-    if (cinfo->err->trace_level >= msg_level)
-      cinfo->err->output_message(cinfo);
-  }
-}
-
-
-/*
- * The main program.
- */
-
-int
-main(int argc, char **argv)
-{
-  struct jpeg_decompress_struct srcinfo;
-#if TRANSFORMS_SUPPORTED
-  struct jpeg_decompress_struct dropinfo;
-  struct jpeg_error_mgr jdroperr;
-  FILE *drop_file;
-#endif
-  struct jpeg_compress_struct dstinfo;
-  struct jpeg_error_mgr jsrcerr, jdsterr;
-  struct cdjpeg_progress_mgr src_progress, dst_progress;
-  jvirt_barray_ptr *src_coef_arrays;
-  jvirt_barray_ptr *dst_coef_arrays;
-  int file_index;
-  /* We assume all-in-memory processing and can therefore use only a
-   * single file pointer for sequential input and output operation.
-   */
-  FILE *fp;
-  FILE *icc_file;
-  JOCTET *icc_profile = NULL;
-  long icc_len = 0;
-
-  /* On Mac, fetch a command line. */
-#ifdef USE_CCOMMAND
-  argc = ccommand(&argv);
-#endif
-
-  progname = argv[0];
-  if (progname == NULL || progname[0] == 0)
-    progname = "jpegtran";      /* in case C library doesn't provide it */
-
-  /* Initialize the JPEG decompression object with default error handling. */
-  srcinfo.err = jpeg_std_error(&jsrcerr);
-  jpeg_create_decompress(&srcinfo);
-  /* Initialize the JPEG compression object with default error handling. */
-  dstinfo.err = jpeg_std_error(&jdsterr);
-  jpeg_create_compress(&dstinfo);
-
-  /* Scan command line to find file names.
-   * It is convenient to use just one switch-parsing routine, but the switch
-   * values read here are mostly ignored; we will rescan the switches after
-   * opening the input file.  Also note that most of the switches affect the
-   * destination JPEG object, so we parse into that and then copy over what
-   * needs to affect the source too.
-   */
-
-  file_index = parse_switches(&dstinfo, argc, argv, 0, FALSE);
-  jsrcerr.trace_level = jdsterr.trace_level;
-  srcinfo.mem->max_memory_to_use = dstinfo.mem->max_memory_to_use;
-
-  if (strict)
-    jsrcerr.emit_message = my_emit_message;
-
-#ifdef TWO_FILE_COMMANDLINE
-  /* Must have either -outfile switch or explicit output file name */
-  if (outfilename == NULL) {
-    if (file_index != argc - 2) {
-      fprintf(stderr, "%s: must name one input and one output file\n",
-              progname);
-      usage();
-    }
-    outfilename = argv[file_index + 1];
-  } else {
-    if (file_index != argc - 1) {
-      fprintf(stderr, "%s: must name one input and one output file\n",
-              progname);
-      usage();
-    }
-  }
-#else
-  /* Unix style: expect zero or one file name */
-  if (file_index < argc - 1) {
-    fprintf(stderr, "%s: only one input file\n", progname);
-    usage();
-  }
-#endif /* TWO_FILE_COMMANDLINE */
-
-  /* Open the input file. */
-  if (file_index < argc) {
-    if ((fp = fopen(argv[file_index], READ_BINARY)) == NULL) {
-      fprintf(stderr, "%s: can't open %s for reading\n", progname,
-              argv[file_index]);
-      exit(EXIT_FAILURE);
-    }
-  } else {
-    /* default input file is stdin */
-    fp = read_stdin();
-  }
-
-  if (icc_filename != NULL) {
-    if ((icc_file = fopen(icc_filename, READ_BINARY)) == NULL) {
-      fprintf(stderr, "%s: can't open %s\n", progname, icc_filename);
-      exit(EXIT_FAILURE);
-    }
-    if (fseek(icc_file, 0, SEEK_END) < 0 ||
-        (icc_len = ftell(icc_file)) < 1 ||
-        fseek(icc_file, 0, SEEK_SET) < 0) {
-      fprintf(stderr, "%s: can't determine size of %s\n", progname,
-              icc_filename);
-      exit(EXIT_FAILURE);
-    }
-    if ((icc_profile = (JOCTET *)malloc(icc_len)) == NULL) {
-      fprintf(stderr, "%s: can't allocate memory for ICC profile\n", progname);
-      fclose(icc_file);
-      exit(EXIT_FAILURE);
-    }
-    if (fread(icc_profile, icc_len, 1, icc_file) < 1) {
-      fprintf(stderr, "%s: can't read ICC profile from %s\n", progname,
-              icc_filename);
-      free(icc_profile);
-      fclose(icc_file);
-      exit(EXIT_FAILURE);
-    }
-    fclose(icc_file);
-    if (copyoption == JCOPYOPT_ALL)
-      copyoption = JCOPYOPT_ALL_EXCEPT_ICC;
-  }
-
-  if (report) {
-    start_progress_monitor((j_common_ptr)&dstinfo, &dst_progress);
-    dst_progress.report = report;
-  }
-  if (report || max_scans != 0) {
-    start_progress_monitor((j_common_ptr)&srcinfo, &src_progress);
-    src_progress.report = report;
-    src_progress.max_scans = max_scans;
-  }
-#if TRANSFORMS_SUPPORTED
-  /* Open the drop file. */
-  if (dropfilename != NULL) {
-    if ((drop_file = fopen(dropfilename, READ_BINARY)) == NULL) {
-      fprintf(stderr, "%s: can't open %s for reading\n", progname,
-              dropfilename);
-      exit(EXIT_FAILURE);
-    }
-    dropinfo.err = jpeg_std_error(&jdroperr);
-    jpeg_create_decompress(&dropinfo);
-    jpeg_stdio_src(&dropinfo, drop_file);
-  } else {
-    drop_file = NULL;
-  }
-#endif
-
-  /* Specify data source for decompression */
-  jpeg_stdio_src(&srcinfo, fp);
-
-  /* Enable saving of extra markers that we want to copy */
-  jcopy_markers_setup(&srcinfo, copyoption);
-
-  /* Read file header */
-  (void)jpeg_read_header(&srcinfo, TRUE);
-
-#if TRANSFORMS_SUPPORTED
-  if (dropfilename != NULL) {
-    (void)jpeg_read_header(&dropinfo, TRUE);
-    transformoption.crop_width = dropinfo.image_width;
-    transformoption.crop_width_set = JCROP_POS;
-    transformoption.crop_height = dropinfo.image_height;
-    transformoption.crop_height_set = JCROP_POS;
-    transformoption.drop_ptr = &dropinfo;
-  }
-#endif
-
-  /* Any space needed by a transform option must be requested before
-   * jpeg_read_coefficients so that memory allocation will be done right.
-   */
-#if TRANSFORMS_SUPPORTED
-  /* Fail right away if -perfect is given and transformation is not perfect.
-   */
-  if (!jtransform_request_workspace(&srcinfo, &transformoption)) {
-    fprintf(stderr, "%s: transformation is not perfect\n", progname);
-    exit(EXIT_FAILURE);
-  }
-#endif
-
-  /* Read source file as DCT coefficients */
-  src_coef_arrays = jpeg_read_coefficients(&srcinfo);
-
-#if TRANSFORMS_SUPPORTED
-  if (dropfilename != NULL) {
-    transformoption.drop_coef_arrays = jpeg_read_coefficients(&dropinfo);
-  }
-#endif
-
-  /* Initialize destination compression parameters from source values */
-  jpeg_copy_critical_parameters(&srcinfo, &dstinfo);
-
-  /* Adjust destination parameters if required by transform options;
-   * also find out which set of coefficient arrays will hold the output.
-   */
-#if TRANSFORMS_SUPPORTED
-  dst_coef_arrays = jtransform_adjust_parameters(&srcinfo, &dstinfo,
-                                                 src_coef_arrays,
-                                                 &transformoption);
-#else
-  dst_coef_arrays = src_coef_arrays;
-#endif
-
-  /* Close input file, if we opened it.
-   * Note: we assume that jpeg_read_coefficients consumed all input
-   * until JPEG_REACHED_EOI, and that jpeg_finish_decompress will
-   * only consume more while (!cinfo->inputctl->eoi_reached).
-   * We cannot call jpeg_finish_decompress here since we still need the
-   * virtual arrays allocated from the source object for processing.
-   */
-  if (fp != stdin)
-    fclose(fp);
-
-  /* Open the output file. */
-  if (outfilename != NULL) {
-    if ((fp = fopen(outfilename, WRITE_BINARY)) == NULL) {
-      fprintf(stderr, "%s: can't open %s for writing\n", progname,
-              outfilename);
-      exit(EXIT_FAILURE);
-    }
-  } else {
-    /* default output file is stdout */
-    fp = write_stdout();
-  }
-
-  /* Adjust default compression parameters by re-parsing the options */
-  file_index = parse_switches(&dstinfo, argc, argv, 0, TRUE);
-
-  /* Specify data destination for compression */
-  jpeg_stdio_dest(&dstinfo, fp);
-
-  /* Start compressor (note no image data is actually written here) */
-  jpeg_write_coefficients(&dstinfo, dst_coef_arrays);
-
-  /* Copy to the output file any extra markers that we want to preserve */
-  jcopy_markers_execute(&srcinfo, &dstinfo, copyoption);
-
-  if (icc_profile != NULL)
-    jpeg_write_icc_profile(&dstinfo, icc_profile, (unsigned int)icc_len);
-
-  /* Execute image transformation, if any */
-#if TRANSFORMS_SUPPORTED
-  jtransform_execute_transformation(&srcinfo, &dstinfo, src_coef_arrays,
-                                    &transformoption);
-#endif
-
-  /* Finish compression and release memory */
-  jpeg_finish_compress(&dstinfo);
-  jpeg_destroy_compress(&dstinfo);
-#if TRANSFORMS_SUPPORTED
-  if (dropfilename != NULL) {
-    (void)jpeg_finish_decompress(&dropinfo);
-    jpeg_destroy_decompress(&dropinfo);
-  }
-#endif
-  (void)jpeg_finish_decompress(&srcinfo);
-  jpeg_destroy_decompress(&srcinfo);
-
-  /* Close output file, if we opened it */
-  if (fp != stdout)
-    fclose(fp);
-#if TRANSFORMS_SUPPORTED
-  if (drop_file != NULL)
-    fclose(drop_file);
-#endif
-
-  if (report)
-    end_progress_monitor((j_common_ptr)&dstinfo);
-  if (report || max_scans != 0)
-    end_progress_monitor((j_common_ptr)&srcinfo);
-
-  free(icc_profile);
-
-  /* All done. */
-#if TRANSFORMS_SUPPORTED
-  if (dropfilename != NULL)
-    exit(jsrcerr.num_warnings + jdroperr.num_warnings +
-         jdsterr.num_warnings ? EXIT_WARNING : EXIT_SUCCESS);
-#endif
-  exit(jsrcerr.num_warnings + jdsterr.num_warnings ?
-       EXIT_WARNING : EXIT_SUCCESS);
-  return 0;                     /* suppress no-return-value warnings */
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jquant1.c b/3rdparty/libjpeg-turbo_2_1_0/jquant1.c
deleted file mode 100644
index 73b83e1..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jquant1.c
+++ /dev/null
@@ -1,856 +0,0 @@
-/*
- * jquant1.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1996, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2009, 2015, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains 1-pass color quantization (color mapping) routines.
- * These routines provide mapping to a fixed color map using equally spaced
- * color values.  Optional Floyd-Steinberg or ordered dithering is available.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-
-#ifdef QUANT_1PASS_SUPPORTED
-
-
-/*
- * The main purpose of 1-pass quantization is to provide a fast, if not very
- * high quality, colormapped output capability.  A 2-pass quantizer usually
- * gives better visual quality; however, for quantized grayscale output this
- * quantizer is perfectly adequate.  Dithering is highly recommended with this
- * quantizer, though you can turn it off if you really want to.
- *
- * In 1-pass quantization the colormap must be chosen in advance of seeing the
- * image.  We use a map consisting of all combinations of Ncolors[i] color
- * values for the i'th component.  The Ncolors[] values are chosen so that
- * their product, the total number of colors, is no more than that requested.
- * (In most cases, the product will be somewhat less.)
- *
- * Since the colormap is orthogonal, the representative value for each color
- * component can be determined without considering the other components;
- * then these indexes can be combined into a colormap index by a standard
- * N-dimensional-array-subscript calculation.  Most of the arithmetic involved
- * can be precalculated and stored in the lookup table colorindex[].
- * colorindex[i][j] maps pixel value j in component i to the nearest
- * representative value (grid plane) for that component; this index is
- * multiplied by the array stride for component i, so that the
- * index of the colormap entry closest to a given pixel value is just
- *    sum( colorindex[component-number][pixel-component-value] )
- * Aside from being fast, this scheme allows for variable spacing between
- * representative values with no additional lookup cost.
- *
- * If gamma correction has been applied in color conversion, it might be wise
- * to adjust the color grid spacing so that the representative colors are
- * equidistant in linear space.  At this writing, gamma correction is not
- * implemented by jdcolor, so nothing is done here.
- */
-
-
-/* Declarations for ordered dithering.
- *
- * We use a standard 16x16 ordered dither array.  The basic concept of ordered
- * dithering is described in many references, for instance Dale Schumacher's
- * chapter II.2 of Graphics Gems II (James Arvo, ed. Academic Press, 1991).
- * In place of Schumacher's comparisons against a "threshold" value, we add a
- * "dither" value to the input pixel and then round the result to the nearest
- * output value.  The dither value is equivalent to (0.5 - threshold) times
- * the distance between output values.  For ordered dithering, we assume that
- * the output colors are equally spaced; if not, results will probably be
- * worse, since the dither may be too much or too little at a given point.
- *
- * The normal calculation would be to form pixel value + dither, range-limit
- * this to 0..MAXJSAMPLE, and then index into the colorindex table as usual.
- * We can skip the separate range-limiting step by extending the colorindex
- * table in both directions.
- */
-
-#define ODITHER_SIZE  16        /* dimension of dither matrix */
-/* NB: if ODITHER_SIZE is not a power of 2, ODITHER_MASK uses will break */
-#define ODITHER_CELLS  (ODITHER_SIZE * ODITHER_SIZE) /* # cells in matrix */
-#define ODITHER_MASK  (ODITHER_SIZE - 1) /* mask for wrapping around
-                                            counters */
-
-typedef int ODITHER_MATRIX[ODITHER_SIZE][ODITHER_SIZE];
-typedef int (*ODITHER_MATRIX_PTR)[ODITHER_SIZE];
-
-static const UINT8 base_dither_matrix[ODITHER_SIZE][ODITHER_SIZE] = {
-  /* Bayer's order-4 dither array.  Generated by the code given in
-   * Stephen Hawley's article "Ordered Dithering" in Graphics Gems I.
-   * The values in this array must range from 0 to ODITHER_CELLS-1.
-   */
-  {   0,192, 48,240, 12,204, 60,252,  3,195, 51,243, 15,207, 63,255 },
-  { 128, 64,176,112,140, 76,188,124,131, 67,179,115,143, 79,191,127 },
-  {  32,224, 16,208, 44,236, 28,220, 35,227, 19,211, 47,239, 31,223 },
-  { 160, 96,144, 80,172,108,156, 92,163, 99,147, 83,175,111,159, 95 },
-  {   8,200, 56,248,  4,196, 52,244, 11,203, 59,251,  7,199, 55,247 },
-  { 136, 72,184,120,132, 68,180,116,139, 75,187,123,135, 71,183,119 },
-  {  40,232, 24,216, 36,228, 20,212, 43,235, 27,219, 39,231, 23,215 },
-  { 168,104,152, 88,164,100,148, 84,171,107,155, 91,167,103,151, 87 },
-  {   2,194, 50,242, 14,206, 62,254,  1,193, 49,241, 13,205, 61,253 },
-  { 130, 66,178,114,142, 78,190,126,129, 65,177,113,141, 77,189,125 },
-  {  34,226, 18,210, 46,238, 30,222, 33,225, 17,209, 45,237, 29,221 },
-  { 162, 98,146, 82,174,110,158, 94,161, 97,145, 81,173,109,157, 93 },
-  {  10,202, 58,250,  6,198, 54,246,  9,201, 57,249,  5,197, 53,245 },
-  { 138, 74,186,122,134, 70,182,118,137, 73,185,121,133, 69,181,117 },
-  {  42,234, 26,218, 38,230, 22,214, 41,233, 25,217, 37,229, 21,213 },
-  { 170,106,154, 90,166,102,150, 86,169,105,153, 89,165,101,149, 85 }
-};
-
-
-/* Declarations for Floyd-Steinberg dithering.
- *
- * Errors are accumulated into the array fserrors[], at a resolution of
- * 1/16th of a pixel count.  The error at a given pixel is propagated
- * to its not-yet-processed neighbors using the standard F-S fractions,
- *              ...     (here)  7/16
- *              3/16    5/16    1/16
- * We work left-to-right on even rows, right-to-left on odd rows.
- *
- * We can get away with a single array (holding one row's worth of errors)
- * by using it to store the current row's errors at pixel columns not yet
- * processed, but the next row's errors at columns already processed.  We
- * need only a few extra variables to hold the errors immediately around the
- * current column.  (If we are lucky, those variables are in registers, but
- * even if not, they're probably cheaper to access than array elements are.)
- *
- * The fserrors[] array is indexed [component#][position].
- * We provide (#columns + 2) entries per component; the extra entry at each
- * end saves us from special-casing the first and last pixels.
- */
-
-#if BITS_IN_JSAMPLE == 8
-typedef INT16 FSERROR;          /* 16 bits should be enough */
-typedef int LOCFSERROR;         /* use 'int' for calculation temps */
-#else
-typedef JLONG FSERROR;          /* may need more than 16 bits */
-typedef JLONG LOCFSERROR;       /* be sure calculation temps are big enough */
-#endif
-
-typedef FSERROR *FSERRPTR;      /* pointer to error array */
-
-
-/* Private subobject */
-
-#define MAX_Q_COMPS  4          /* max components I can handle */
-
-typedef struct {
-  struct jpeg_color_quantizer pub; /* public fields */
-
-  /* Initially allocated colormap is saved here */
-  JSAMPARRAY sv_colormap;       /* The color map as a 2-D pixel array */
-  int sv_actual;                /* number of entries in use */
-
-  JSAMPARRAY colorindex;        /* Precomputed mapping for speed */
-  /* colorindex[i][j] = index of color closest to pixel value j in component i,
-   * premultiplied as described above.  Since colormap indexes must fit into
-   * JSAMPLEs, the entries of this array will too.
-   */
-  boolean is_padded;            /* is the colorindex padded for odither? */
-
-  int Ncolors[MAX_Q_COMPS];     /* # of values allocated to each component */
-
-  /* Variables for ordered dithering */
-  int row_index;                /* cur row's vertical index in dither matrix */
-  ODITHER_MATRIX_PTR odither[MAX_Q_COMPS]; /* one dither array per component */
-
-  /* Variables for Floyd-Steinberg dithering */
-  FSERRPTR fserrors[MAX_Q_COMPS]; /* accumulated errors */
-  boolean on_odd_row;           /* flag to remember which row we are on */
-} my_cquantizer;
-
-typedef my_cquantizer *my_cquantize_ptr;
-
-
-/*
- * Policy-making subroutines for create_colormap and create_colorindex.
- * These routines determine the colormap to be used.  The rest of the module
- * only assumes that the colormap is orthogonal.
- *
- *  * select_ncolors decides how to divvy up the available colors
- *    among the components.
- *  * output_value defines the set of representative values for a component.
- *  * largest_input_value defines the mapping from input values to
- *    representative values for a component.
- * Note that the latter two routines may impose different policies for
- * different components, though this is not currently done.
- */
-
-
-LOCAL(int)
-select_ncolors(j_decompress_ptr cinfo, int Ncolors[])
-/* Determine allocation of desired colors to components, */
-/* and fill in Ncolors[] array to indicate choice. */
-/* Return value is total number of colors (product of Ncolors[] values). */
-{
-  int nc = cinfo->out_color_components; /* number of color components */
-  int max_colors = cinfo->desired_number_of_colors;
-  int total_colors, iroot, i, j;
-  boolean changed;
-  long temp;
-  int RGB_order[3] = { RGB_GREEN, RGB_RED, RGB_BLUE };
-  RGB_order[0] = rgb_green[cinfo->out_color_space];
-  RGB_order[1] = rgb_red[cinfo->out_color_space];
-  RGB_order[2] = rgb_blue[cinfo->out_color_space];
-
-  /* We can allocate at least the nc'th root of max_colors per component. */
-  /* Compute floor(nc'th root of max_colors). */
-  iroot = 1;
-  do {
-    iroot++;
-    temp = iroot;               /* set temp = iroot ** nc */
-    for (i = 1; i < nc; i++)
-      temp *= iroot;
-  } while (temp <= (long)max_colors); /* repeat till iroot exceeds root */
-  iroot--;                      /* now iroot = floor(root) */
-
-  /* Must have at least 2 color values per component */
-  if (iroot < 2)
-    ERREXIT1(cinfo, JERR_QUANT_FEW_COLORS, (int)temp);
-
-  /* Initialize to iroot color values for each component */
-  total_colors = 1;
-  for (i = 0; i < nc; i++) {
-    Ncolors[i] = iroot;
-    total_colors *= iroot;
-  }
-  /* We may be able to increment the count for one or more components without
-   * exceeding max_colors, though we know not all can be incremented.
-   * Sometimes, the first component can be incremented more than once!
-   * (Example: for 16 colors, we start at 2*2*2, go to 3*2*2, then 4*2*2.)
-   * In RGB colorspace, try to increment G first, then R, then B.
-   */
-  do {
-    changed = FALSE;
-    for (i = 0; i < nc; i++) {
-      j = (cinfo->out_color_space == JCS_RGB ? RGB_order[i] : i);
-      /* calculate new total_colors if Ncolors[j] is incremented */
-      temp = total_colors / Ncolors[j];
-      temp *= Ncolors[j] + 1;   /* done in long arith to avoid oflo */
-      if (temp > (long)max_colors)
-        break;                  /* won't fit, done with this pass */
-      Ncolors[j]++;             /* OK, apply the increment */
-      total_colors = (int)temp;
-      changed = TRUE;
-    }
-  } while (changed);
-
-  return total_colors;
-}
-
-
-LOCAL(int)
-output_value(j_decompress_ptr cinfo, int ci, int j, int maxj)
-/* Return j'th output value, where j will range from 0 to maxj */
-/* The output values must fall in 0..MAXJSAMPLE in increasing order */
-{
-  /* We always provide values 0 and MAXJSAMPLE for each component;
-   * any additional values are equally spaced between these limits.
-   * (Forcing the upper and lower values to the limits ensures that
-   * dithering can't produce a color outside the selected gamut.)
-   */
-  return (int)(((JLONG)j * MAXJSAMPLE + maxj / 2) / maxj);
-}
-
-
-LOCAL(int)
-largest_input_value(j_decompress_ptr cinfo, int ci, int j, int maxj)
-/* Return largest input value that should map to j'th output value */
-/* Must have largest(j=0) >= 0, and largest(j=maxj) >= MAXJSAMPLE */
-{
-  /* Breakpoints are halfway between values returned by output_value */
-  return (int)(((JLONG)(2 * j + 1) * MAXJSAMPLE + maxj) / (2 * maxj));
-}
-
-
-/*
- * Create the colormap.
- */
-
-LOCAL(void)
-create_colormap(j_decompress_ptr cinfo)
-{
-  my_cquantize_ptr cquantize = (my_cquantize_ptr)cinfo->cquantize;
-  JSAMPARRAY colormap;          /* Created colormap */
-  int total_colors;             /* Number of distinct output colors */
-  int i, j, k, nci, blksize, blkdist, ptr, val;
-
-  /* Select number of colors for each component */
-  total_colors = select_ncolors(cinfo, cquantize->Ncolors);
-
-  /* Report selected color counts */
-  if (cinfo->out_color_components == 3)
-    TRACEMS4(cinfo, 1, JTRC_QUANT_3_NCOLORS, total_colors,
-             cquantize->Ncolors[0], cquantize->Ncolors[1],
-             cquantize->Ncolors[2]);
-  else
-    TRACEMS1(cinfo, 1, JTRC_QUANT_NCOLORS, total_colors);
-
-  /* Allocate and fill in the colormap. */
-  /* The colors are ordered in the map in standard row-major order, */
-  /* i.e. rightmost (highest-indexed) color changes most rapidly. */
-
-  colormap = (*cinfo->mem->alloc_sarray)
-    ((j_common_ptr)cinfo, JPOOL_IMAGE,
-     (JDIMENSION)total_colors, (JDIMENSION)cinfo->out_color_components);
-
-  /* blksize is number of adjacent repeated entries for a component */
-  /* blkdist is distance between groups of identical entries for a component */
-  blkdist = total_colors;
-
-  for (i = 0; i < cinfo->out_color_components; i++) {
-    /* fill in colormap entries for i'th color component */
-    nci = cquantize->Ncolors[i]; /* # of distinct values for this color */
-    blksize = blkdist / nci;
-    for (j = 0; j < nci; j++) {
-      /* Compute j'th output value (out of nci) for component */
-      val = output_value(cinfo, i, j, nci - 1);
-      /* Fill in all colormap entries that have this value of this component */
-      for (ptr = j * blksize; ptr < total_colors; ptr += blkdist) {
-        /* fill in blksize entries beginning at ptr */
-        for (k = 0; k < blksize; k++)
-          colormap[i][ptr + k] = (JSAMPLE)val;
-      }
-    }
-    blkdist = blksize;          /* blksize of this color is blkdist of next */
-  }
-
-  /* Save the colormap in private storage,
-   * where it will survive color quantization mode changes.
-   */
-  cquantize->sv_colormap = colormap;
-  cquantize->sv_actual = total_colors;
-}
-
-
-/*
- * Create the color index table.
- */
-
-LOCAL(void)
-create_colorindex(j_decompress_ptr cinfo)
-{
-  my_cquantize_ptr cquantize = (my_cquantize_ptr)cinfo->cquantize;
-  JSAMPROW indexptr;
-  int i, j, k, nci, blksize, val, pad;
-
-  /* For ordered dither, we pad the color index tables by MAXJSAMPLE in
-   * each direction (input index values can be -MAXJSAMPLE .. 2*MAXJSAMPLE).
-   * This is not necessary in the other dithering modes.  However, we
-   * flag whether it was done in case user changes dithering mode.
-   */
-  if (cinfo->dither_mode == JDITHER_ORDERED) {
-    pad = MAXJSAMPLE * 2;
-    cquantize->is_padded = TRUE;
-  } else {
-    pad = 0;
-    cquantize->is_padded = FALSE;
-  }
-
-  cquantize->colorindex = (*cinfo->mem->alloc_sarray)
-    ((j_common_ptr)cinfo, JPOOL_IMAGE,
-     (JDIMENSION)(MAXJSAMPLE + 1 + pad),
-     (JDIMENSION)cinfo->out_color_components);
-
-  /* blksize is number of adjacent repeated entries for a component */
-  blksize = cquantize->sv_actual;
-
-  for (i = 0; i < cinfo->out_color_components; i++) {
-    /* fill in colorindex entries for i'th color component */
-    nci = cquantize->Ncolors[i]; /* # of distinct values for this color */
-    blksize = blksize / nci;
-
-    /* adjust colorindex pointers to provide padding at negative indexes. */
-    if (pad)
-      cquantize->colorindex[i] += MAXJSAMPLE;
-
-    /* in loop, val = index of current output value, */
-    /* and k = largest j that maps to current val */
-    indexptr = cquantize->colorindex[i];
-    val = 0;
-    k = largest_input_value(cinfo, i, 0, nci - 1);
-    for (j = 0; j <= MAXJSAMPLE; j++) {
-      while (j > k)             /* advance val if past boundary */
-        k = largest_input_value(cinfo, i, ++val, nci - 1);
-      /* premultiply so that no multiplication needed in main processing */
-      indexptr[j] = (JSAMPLE)(val * blksize);
-    }
-    /* Pad at both ends if necessary */
-    if (pad)
-      for (j = 1; j <= MAXJSAMPLE; j++) {
-        indexptr[-j] = indexptr[0];
-        indexptr[MAXJSAMPLE + j] = indexptr[MAXJSAMPLE];
-      }
-  }
-}
-
-
-/*
- * Create an ordered-dither array for a component having ncolors
- * distinct output values.
- */
-
-LOCAL(ODITHER_MATRIX_PTR)
-make_odither_array(j_decompress_ptr cinfo, int ncolors)
-{
-  ODITHER_MATRIX_PTR odither;
-  int j, k;
-  JLONG num, den;
-
-  odither = (ODITHER_MATRIX_PTR)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(ODITHER_MATRIX));
-  /* The inter-value distance for this color is MAXJSAMPLE/(ncolors-1).
-   * Hence the dither value for the matrix cell with fill order f
-   * (f=0..N-1) should be (N-1-2*f)/(2*N) * MAXJSAMPLE/(ncolors-1).
-   * On 16-bit-int machine, be careful to avoid overflow.
-   */
-  den = 2 * ODITHER_CELLS * ((JLONG)(ncolors - 1));
-  for (j = 0; j < ODITHER_SIZE; j++) {
-    for (k = 0; k < ODITHER_SIZE; k++) {
-      num = ((JLONG)(ODITHER_CELLS - 1 -
-                     2 * ((int)base_dither_matrix[j][k]))) * MAXJSAMPLE;
-      /* Ensure round towards zero despite C's lack of consistency
-       * about rounding negative values in integer division...
-       */
-      odither[j][k] = (int)(num < 0 ? -((-num) / den) : num / den);
-    }
-  }
-  return odither;
-}
-
-
-/*
- * Create the ordered-dither tables.
- * Components having the same number of representative colors may
- * share a dither table.
- */
-
-LOCAL(void)
-create_odither_tables(j_decompress_ptr cinfo)
-{
-  my_cquantize_ptr cquantize = (my_cquantize_ptr)cinfo->cquantize;
-  ODITHER_MATRIX_PTR odither;
-  int i, j, nci;
-
-  for (i = 0; i < cinfo->out_color_components; i++) {
-    nci = cquantize->Ncolors[i]; /* # of distinct values for this color */
-    odither = NULL;             /* search for matching prior component */
-    for (j = 0; j < i; j++) {
-      if (nci == cquantize->Ncolors[j]) {
-        odither = cquantize->odither[j];
-        break;
-      }
-    }
-    if (odither == NULL)        /* need a new table? */
-      odither = make_odither_array(cinfo, nci);
-    cquantize->odither[i] = odither;
-  }
-}
-
-
-/*
- * Map some rows of pixels to the output colormapped representation.
- */
-
-METHODDEF(void)
-color_quantize(j_decompress_ptr cinfo, JSAMPARRAY input_buf,
-               JSAMPARRAY output_buf, int num_rows)
-/* General case, no dithering */
-{
-  my_cquantize_ptr cquantize = (my_cquantize_ptr)cinfo->cquantize;
-  JSAMPARRAY colorindex = cquantize->colorindex;
-  register int pixcode, ci;
-  register JSAMPROW ptrin, ptrout;
-  int row;
-  JDIMENSION col;
-  JDIMENSION width = cinfo->output_width;
-  register int nc = cinfo->out_color_components;
-
-  for (row = 0; row < num_rows; row++) {
-    ptrin = input_buf[row];
-    ptrout = output_buf[row];
-    for (col = width; col > 0; col--) {
-      pixcode = 0;
-      for (ci = 0; ci < nc; ci++) {
-        pixcode += colorindex[ci][*ptrin++];
-      }
-      *ptrout++ = (JSAMPLE)pixcode;
-    }
-  }
-}
-
-
-METHODDEF(void)
-color_quantize3(j_decompress_ptr cinfo, JSAMPARRAY input_buf,
-                JSAMPARRAY output_buf, int num_rows)
-/* Fast path for out_color_components==3, no dithering */
-{
-  my_cquantize_ptr cquantize = (my_cquantize_ptr)cinfo->cquantize;
-  register int pixcode;
-  register JSAMPROW ptrin, ptrout;
-  JSAMPROW colorindex0 = cquantize->colorindex[0];
-  JSAMPROW colorindex1 = cquantize->colorindex[1];
-  JSAMPROW colorindex2 = cquantize->colorindex[2];
-  int row;
-  JDIMENSION col;
-  JDIMENSION width = cinfo->output_width;
-
-  for (row = 0; row < num_rows; row++) {
-    ptrin = input_buf[row];
-    ptrout = output_buf[row];
-    for (col = width; col > 0; col--) {
-      pixcode  = colorindex0[*ptrin++];
-      pixcode += colorindex1[*ptrin++];
-      pixcode += colorindex2[*ptrin++];
-      *ptrout++ = (JSAMPLE)pixcode;
-    }
-  }
-}
-
-
-METHODDEF(void)
-quantize_ord_dither(j_decompress_ptr cinfo, JSAMPARRAY input_buf,
-                    JSAMPARRAY output_buf, int num_rows)
-/* General case, with ordered dithering */
-{
-  my_cquantize_ptr cquantize = (my_cquantize_ptr)cinfo->cquantize;
-  register JSAMPROW input_ptr;
-  register JSAMPROW output_ptr;
-  JSAMPROW colorindex_ci;
-  int *dither;                  /* points to active row of dither matrix */
-  int row_index, col_index;     /* current indexes into dither matrix */
-  int nc = cinfo->out_color_components;
-  int ci;
-  int row;
-  JDIMENSION col;
-  JDIMENSION width = cinfo->output_width;
-
-  for (row = 0; row < num_rows; row++) {
-    /* Initialize output values to 0 so can process components separately */
-    jzero_far((void *)output_buf[row], (size_t)(width * sizeof(JSAMPLE)));
-    row_index = cquantize->row_index;
-    for (ci = 0; ci < nc; ci++) {
-      input_ptr = input_buf[row] + ci;
-      output_ptr = output_buf[row];
-      colorindex_ci = cquantize->colorindex[ci];
-      dither = cquantize->odither[ci][row_index];
-      col_index = 0;
-
-      for (col = width; col > 0; col--) {
-        /* Form pixel value + dither, range-limit to 0..MAXJSAMPLE,
-         * select output value, accumulate into output code for this pixel.
-         * Range-limiting need not be done explicitly, as we have extended
-         * the colorindex table to produce the right answers for out-of-range
-         * inputs.  The maximum dither is +- MAXJSAMPLE; this sets the
-         * required amount of padding.
-         */
-        *output_ptr +=
-          colorindex_ci[*input_ptr + dither[col_index]];
-        input_ptr += nc;
-        output_ptr++;
-        col_index = (col_index + 1) & ODITHER_MASK;
-      }
-    }
-    /* Advance row index for next row */
-    row_index = (row_index + 1) & ODITHER_MASK;
-    cquantize->row_index = row_index;
-  }
-}
-
-
-METHODDEF(void)
-quantize3_ord_dither(j_decompress_ptr cinfo, JSAMPARRAY input_buf,
-                     JSAMPARRAY output_buf, int num_rows)
-/* Fast path for out_color_components==3, with ordered dithering */
-{
-  my_cquantize_ptr cquantize = (my_cquantize_ptr)cinfo->cquantize;
-  register int pixcode;
-  register JSAMPROW input_ptr;
-  register JSAMPROW output_ptr;
-  JSAMPROW colorindex0 = cquantize->colorindex[0];
-  JSAMPROW colorindex1 = cquantize->colorindex[1];
-  JSAMPROW colorindex2 = cquantize->colorindex[2];
-  int *dither0;                 /* points to active row of dither matrix */
-  int *dither1;
-  int *dither2;
-  int row_index, col_index;     /* current indexes into dither matrix */
-  int row;
-  JDIMENSION col;
-  JDIMENSION width = cinfo->output_width;
-
-  for (row = 0; row < num_rows; row++) {
-    row_index = cquantize->row_index;
-    input_ptr = input_buf[row];
-    output_ptr = output_buf[row];
-    dither0 = cquantize->odither[0][row_index];
-    dither1 = cquantize->odither[1][row_index];
-    dither2 = cquantize->odither[2][row_index];
-    col_index = 0;
-
-    for (col = width; col > 0; col--) {
-      pixcode  = colorindex0[(*input_ptr++) + dither0[col_index]];
-      pixcode += colorindex1[(*input_ptr++) + dither1[col_index]];
-      pixcode += colorindex2[(*input_ptr++) + dither2[col_index]];
-      *output_ptr++ = (JSAMPLE)pixcode;
-      col_index = (col_index + 1) & ODITHER_MASK;
-    }
-    row_index = (row_index + 1) & ODITHER_MASK;
-    cquantize->row_index = row_index;
-  }
-}
-
-
-METHODDEF(void)
-quantize_fs_dither(j_decompress_ptr cinfo, JSAMPARRAY input_buf,
-                   JSAMPARRAY output_buf, int num_rows)
-/* General case, with Floyd-Steinberg dithering */
-{
-  my_cquantize_ptr cquantize = (my_cquantize_ptr)cinfo->cquantize;
-  register LOCFSERROR cur;      /* current error or pixel value */
-  LOCFSERROR belowerr;          /* error for pixel below cur */
-  LOCFSERROR bpreverr;          /* error for below/prev col */
-  LOCFSERROR bnexterr;          /* error for below/next col */
-  LOCFSERROR delta;
-  register FSERRPTR errorptr;   /* => fserrors[] at column before current */
-  register JSAMPROW input_ptr;
-  register JSAMPROW output_ptr;
-  JSAMPROW colorindex_ci;
-  JSAMPROW colormap_ci;
-  int pixcode;
-  int nc = cinfo->out_color_components;
-  int dir;                      /* 1 for left-to-right, -1 for right-to-left */
-  int dirnc;                    /* dir * nc */
-  int ci;
-  int row;
-  JDIMENSION col;
-  JDIMENSION width = cinfo->output_width;
-  JSAMPLE *range_limit = cinfo->sample_range_limit;
-  SHIFT_TEMPS
-
-  for (row = 0; row < num_rows; row++) {
-    /* Initialize output values to 0 so can process components separately */
-    jzero_far((void *)output_buf[row], (size_t)(width * sizeof(JSAMPLE)));
-    for (ci = 0; ci < nc; ci++) {
-      input_ptr = input_buf[row] + ci;
-      output_ptr = output_buf[row];
-      if (cquantize->on_odd_row) {
-        /* work right to left in this row */
-        input_ptr += (width - 1) * nc; /* so point to rightmost pixel */
-        output_ptr += width - 1;
-        dir = -1;
-        dirnc = -nc;
-        errorptr = cquantize->fserrors[ci] + (width + 1); /* => entry after last column */
-      } else {
-        /* work left to right in this row */
-        dir = 1;
-        dirnc = nc;
-        errorptr = cquantize->fserrors[ci]; /* => entry before first column */
-      }
-      colorindex_ci = cquantize->colorindex[ci];
-      colormap_ci = cquantize->sv_colormap[ci];
-      /* Preset error values: no error propagated to first pixel from left */
-      cur = 0;
-      /* and no error propagated to row below yet */
-      belowerr = bpreverr = 0;
-
-      for (col = width; col > 0; col--) {
-        /* cur holds the error propagated from the previous pixel on the
-         * current line.  Add the error propagated from the previous line
-         * to form the complete error correction term for this pixel, and
-         * round the error term (which is expressed * 16) to an integer.
-         * RIGHT_SHIFT rounds towards minus infinity, so adding 8 is correct
-         * for either sign of the error value.
-         * Note: errorptr points to *previous* column's array entry.
-         */
-        cur = RIGHT_SHIFT(cur + errorptr[dir] + 8, 4);
-        /* Form pixel value + error, and range-limit to 0..MAXJSAMPLE.
-         * The maximum error is +- MAXJSAMPLE; this sets the required size
-         * of the range_limit array.
-         */
-        cur += *input_ptr;
-        cur = range_limit[cur];
-        /* Select output value, accumulate into output code for this pixel */
-        pixcode = colorindex_ci[cur];
-        *output_ptr += (JSAMPLE)pixcode;
-        /* Compute actual representation error at this pixel */
-        /* Note: we can do this even though we don't have the final */
-        /* pixel code, because the colormap is orthogonal. */
-        cur -= colormap_ci[pixcode];
-        /* Compute error fractions to be propagated to adjacent pixels.
-         * Add these into the running sums, and simultaneously shift the
-         * next-line error sums left by 1 column.
-         */
-        bnexterr = cur;
-        delta = cur * 2;
-        cur += delta;           /* form error * 3 */
-        errorptr[0] = (FSERROR)(bpreverr + cur);
-        cur += delta;           /* form error * 5 */
-        bpreverr = belowerr + cur;
-        belowerr = bnexterr;
-        cur += delta;           /* form error * 7 */
-        /* At this point cur contains the 7/16 error value to be propagated
-         * to the next pixel on the current line, and all the errors for the
-         * next line have been shifted over. We are therefore ready to move on.
-         */
-        input_ptr += dirnc;     /* advance input ptr to next column */
-        output_ptr += dir;      /* advance output ptr to next column */
-        errorptr += dir;        /* advance errorptr to current column */
-      }
-      /* Post-loop cleanup: we must unload the final error value into the
-       * final fserrors[] entry.  Note we need not unload belowerr because
-       * it is for the dummy column before or after the actual array.
-       */
-      errorptr[0] = (FSERROR)bpreverr; /* unload prev err into array */
-    }
-    cquantize->on_odd_row = (cquantize->on_odd_row ? FALSE : TRUE);
-  }
-}
-
-
-/*
- * Allocate workspace for Floyd-Steinberg errors.
- */
-
-LOCAL(void)
-alloc_fs_workspace(j_decompress_ptr cinfo)
-{
-  my_cquantize_ptr cquantize = (my_cquantize_ptr)cinfo->cquantize;
-  size_t arraysize;
-  int i;
-
-  arraysize = (size_t)((cinfo->output_width + 2) * sizeof(FSERROR));
-  for (i = 0; i < cinfo->out_color_components; i++) {
-    cquantize->fserrors[i] = (FSERRPTR)
-      (*cinfo->mem->alloc_large) ((j_common_ptr)cinfo, JPOOL_IMAGE, arraysize);
-  }
-}
-
-
-/*
- * Initialize for one-pass color quantization.
- */
-
-METHODDEF(void)
-start_pass_1_quant(j_decompress_ptr cinfo, boolean is_pre_scan)
-{
-  my_cquantize_ptr cquantize = (my_cquantize_ptr)cinfo->cquantize;
-  size_t arraysize;
-  int i;
-
-  /* Install my colormap. */
-  cinfo->colormap = cquantize->sv_colormap;
-  cinfo->actual_number_of_colors = cquantize->sv_actual;
-
-  /* Initialize for desired dithering mode. */
-  switch (cinfo->dither_mode) {
-  case JDITHER_NONE:
-    if (cinfo->out_color_components == 3)
-      cquantize->pub.color_quantize = color_quantize3;
-    else
-      cquantize->pub.color_quantize = color_quantize;
-    break;
-  case JDITHER_ORDERED:
-    if (cinfo->out_color_components == 3)
-      cquantize->pub.color_quantize = quantize3_ord_dither;
-    else
-      cquantize->pub.color_quantize = quantize_ord_dither;
-    cquantize->row_index = 0;   /* initialize state for ordered dither */
-    /* If user changed to ordered dither from another mode,
-     * we must recreate the color index table with padding.
-     * This will cost extra space, but probably isn't very likely.
-     */
-    if (!cquantize->is_padded)
-      create_colorindex(cinfo);
-    /* Create ordered-dither tables if we didn't already. */
-    if (cquantize->odither[0] == NULL)
-      create_odither_tables(cinfo);
-    break;
-  case JDITHER_FS:
-    cquantize->pub.color_quantize = quantize_fs_dither;
-    cquantize->on_odd_row = FALSE; /* initialize state for F-S dither */
-    /* Allocate Floyd-Steinberg workspace if didn't already. */
-    if (cquantize->fserrors[0] == NULL)
-      alloc_fs_workspace(cinfo);
-    /* Initialize the propagated errors to zero. */
-    arraysize = (size_t)((cinfo->output_width + 2) * sizeof(FSERROR));
-    for (i = 0; i < cinfo->out_color_components; i++)
-      jzero_far((void *)cquantize->fserrors[i], arraysize);
-    break;
-  default:
-    ERREXIT(cinfo, JERR_NOT_COMPILED);
-    break;
-  }
-}
-
-
-/*
- * Finish up at the end of the pass.
- */
-
-METHODDEF(void)
-finish_pass_1_quant(j_decompress_ptr cinfo)
-{
-  /* no work in 1-pass case */
-}
-
-
-/*
- * Switch to a new external colormap between output passes.
- * Shouldn't get to this module!
- */
-
-METHODDEF(void)
-new_color_map_1_quant(j_decompress_ptr cinfo)
-{
-  ERREXIT(cinfo, JERR_MODE_CHANGE);
-}
-
-
-/*
- * Module initialization routine for 1-pass color quantization.
- */
-
-GLOBAL(void)
-jinit_1pass_quantizer(j_decompress_ptr cinfo)
-{
-  my_cquantize_ptr cquantize;
-
-  cquantize = (my_cquantize_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(my_cquantizer));
-  cinfo->cquantize = (struct jpeg_color_quantizer *)cquantize;
-  cquantize->pub.start_pass = start_pass_1_quant;
-  cquantize->pub.finish_pass = finish_pass_1_quant;
-  cquantize->pub.new_color_map = new_color_map_1_quant;
-  cquantize->fserrors[0] = NULL; /* Flag FS workspace not allocated */
-  cquantize->odither[0] = NULL; /* Also flag odither arrays not allocated */
-
-  /* Make sure my internal arrays won't overflow */
-  if (cinfo->out_color_components > MAX_Q_COMPS)
-    ERREXIT1(cinfo, JERR_QUANT_COMPONENTS, MAX_Q_COMPS);
-  /* Make sure colormap indexes can be represented by JSAMPLEs */
-  if (cinfo->desired_number_of_colors > (MAXJSAMPLE + 1))
-    ERREXIT1(cinfo, JERR_QUANT_MANY_COLORS, MAXJSAMPLE + 1);
-
-  /* Create the colormap and color index table. */
-  create_colormap(cinfo);
-  create_colorindex(cinfo);
-
-  /* Allocate Floyd-Steinberg workspace now if requested.
-   * We do this now since it may affect the memory manager's space
-   * calculations.  If the user changes to FS dither mode in a later pass, we
-   * will allocate the space then, and will possibly overrun the
-   * max_memory_to_use setting.
-   */
-  if (cinfo->dither_mode == JDITHER_FS)
-    alloc_fs_workspace(cinfo);
-}
-
-#endif /* QUANT_1PASS_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jquant2.c b/3rdparty/libjpeg-turbo_2_1_0/jquant2.c
deleted file mode 100644
index 44efb18..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jquant2.c
+++ /dev/null
@@ -1,1285 +0,0 @@
-/*
- * jquant2.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1996, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2009, 2014-2015, 2020, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains 2-pass color quantization (color mapping) routines.
- * These routines provide selection of a custom color map for an image,
- * followed by mapping of the image to that color map, with optional
- * Floyd-Steinberg dithering.
- * It is also possible to use just the second pass to map to an arbitrary
- * externally-given color map.
- *
- * Note: ordered dithering is not supported, since there isn't any fast
- * way to compute intercolor distances; it's unclear that ordered dither's
- * fundamental assumptions even hold with an irregularly spaced color map.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-
-#ifdef QUANT_2PASS_SUPPORTED
-
-
-/*
- * This module implements the well-known Heckbert paradigm for color
- * quantization.  Most of the ideas used here can be traced back to
- * Heckbert's seminal paper
- *   Heckbert, Paul.  "Color Image Quantization for Frame Buffer Display",
- *   Proc. SIGGRAPH '82, Computer Graphics v.16 #3 (July 1982), pp 297-304.
- *
- * In the first pass over the image, we accumulate a histogram showing the
- * usage count of each possible color.  To keep the histogram to a reasonable
- * size, we reduce the precision of the input; typical practice is to retain
- * 5 or 6 bits per color, so that 8 or 4 different input values are counted
- * in the same histogram cell.
- *
- * Next, the color-selection step begins with a box representing the whole
- * color space, and repeatedly splits the "largest" remaining box until we
- * have as many boxes as desired colors.  Then the mean color in each
- * remaining box becomes one of the possible output colors.
- *
- * The second pass over the image maps each input pixel to the closest output
- * color (optionally after applying a Floyd-Steinberg dithering correction).
- * This mapping is logically trivial, but making it go fast enough requires
- * considerable care.
- *
- * Heckbert-style quantizers vary a good deal in their policies for choosing
- * the "largest" box and deciding where to cut it.  The particular policies
- * used here have proved out well in experimental comparisons, but better ones
- * may yet be found.
- *
- * In earlier versions of the IJG code, this module quantized in YCbCr color
- * space, processing the raw upsampled data without a color conversion step.
- * This allowed the color conversion math to be done only once per colormap
- * entry, not once per pixel.  However, that optimization precluded other
- * useful optimizations (such as merging color conversion with upsampling)
- * and it also interfered with desired capabilities such as quantizing to an
- * externally-supplied colormap.  We have therefore abandoned that approach.
- * The present code works in the post-conversion color space, typically RGB.
- *
- * To improve the visual quality of the results, we actually work in scaled
- * RGB space, giving G distances more weight than R, and R in turn more than
- * B.  To do everything in integer math, we must use integer scale factors.
- * The 2/3/1 scale factors used here correspond loosely to the relative
- * weights of the colors in the NTSC grayscale equation.
- * If you want to use this code to quantize a non-RGB color space, you'll
- * probably need to change these scale factors.
- */
-
-#define R_SCALE  2              /* scale R distances by this much */
-#define G_SCALE  3              /* scale G distances by this much */
-#define B_SCALE  1              /* and B by this much */
-
-static const int c_scales[3] = { R_SCALE, G_SCALE, B_SCALE };
-#define C0_SCALE  c_scales[rgb_red[cinfo->out_color_space]]
-#define C1_SCALE  c_scales[rgb_green[cinfo->out_color_space]]
-#define C2_SCALE  c_scales[rgb_blue[cinfo->out_color_space]]
-
-/*
- * First we have the histogram data structure and routines for creating it.
- *
- * The number of bits of precision can be adjusted by changing these symbols.
- * We recommend keeping 6 bits for G and 5 each for R and B.
- * If you have plenty of memory and cycles, 6 bits all around gives marginally
- * better results; if you are short of memory, 5 bits all around will save
- * some space but degrade the results.
- * To maintain a fully accurate histogram, we'd need to allocate a "long"
- * (preferably unsigned long) for each cell.  In practice this is overkill;
- * we can get by with 16 bits per cell.  Few of the cell counts will overflow,
- * and clamping those that do overflow to the maximum value will give close-
- * enough results.  This reduces the recommended histogram size from 256Kb
- * to 128Kb, which is a useful savings on PC-class machines.
- * (In the second pass the histogram space is re-used for pixel mapping data;
- * in that capacity, each cell must be able to store zero to the number of
- * desired colors.  16 bits/cell is plenty for that too.)
- * Since the JPEG code is intended to run in small memory model on 80x86
- * machines, we can't just allocate the histogram in one chunk.  Instead
- * of a true 3-D array, we use a row of pointers to 2-D arrays.  Each
- * pointer corresponds to a C0 value (typically 2^5 = 32 pointers) and
- * each 2-D array has 2^6*2^5 = 2048 or 2^6*2^6 = 4096 entries.
- */
-
-#define MAXNUMCOLORS  (MAXJSAMPLE + 1) /* maximum size of colormap */
-
-/* These will do the right thing for either R,G,B or B,G,R color order,
- * but you may not like the results for other color orders.
- */
-#define HIST_C0_BITS  5         /* bits of precision in R/B histogram */
-#define HIST_C1_BITS  6         /* bits of precision in G histogram */
-#define HIST_C2_BITS  5         /* bits of precision in B/R histogram */
-
-/* Number of elements along histogram axes. */
-#define HIST_C0_ELEMS  (1 << HIST_C0_BITS)
-#define HIST_C1_ELEMS  (1 << HIST_C1_BITS)
-#define HIST_C2_ELEMS  (1 << HIST_C2_BITS)
-
-/* These are the amounts to shift an input value to get a histogram index. */
-#define C0_SHIFT  (BITS_IN_JSAMPLE - HIST_C0_BITS)
-#define C1_SHIFT  (BITS_IN_JSAMPLE - HIST_C1_BITS)
-#define C2_SHIFT  (BITS_IN_JSAMPLE - HIST_C2_BITS)
-
-
-typedef UINT16 histcell;        /* histogram cell; prefer an unsigned type */
-
-typedef histcell *histptr;      /* for pointers to histogram cells */
-
-typedef histcell hist1d[HIST_C2_ELEMS]; /* typedefs for the array */
-typedef hist1d *hist2d;         /* type for the 2nd-level pointers */
-typedef hist2d *hist3d;         /* type for top-level pointer */
-
-
-/* Declarations for Floyd-Steinberg dithering.
- *
- * Errors are accumulated into the array fserrors[], at a resolution of
- * 1/16th of a pixel count.  The error at a given pixel is propagated
- * to its not-yet-processed neighbors using the standard F-S fractions,
- *              ...     (here)  7/16
- *              3/16    5/16    1/16
- * We work left-to-right on even rows, right-to-left on odd rows.
- *
- * We can get away with a single array (holding one row's worth of errors)
- * by using it to store the current row's errors at pixel columns not yet
- * processed, but the next row's errors at columns already processed.  We
- * need only a few extra variables to hold the errors immediately around the
- * current column.  (If we are lucky, those variables are in registers, but
- * even if not, they're probably cheaper to access than array elements are.)
- *
- * The fserrors[] array has (#columns + 2) entries; the extra entry at
- * each end saves us from special-casing the first and last pixels.
- * Each entry is three values long, one value for each color component.
- */
-
-#if BITS_IN_JSAMPLE == 8
-typedef INT16 FSERROR;          /* 16 bits should be enough */
-typedef int LOCFSERROR;         /* use 'int' for calculation temps */
-#else
-typedef JLONG FSERROR;          /* may need more than 16 bits */
-typedef JLONG LOCFSERROR;       /* be sure calculation temps are big enough */
-#endif
-
-typedef FSERROR *FSERRPTR;      /* pointer to error array */
-
-
-/* Private subobject */
-
-typedef struct {
-  struct jpeg_color_quantizer pub; /* public fields */
-
-  /* Space for the eventually created colormap is stashed here */
-  JSAMPARRAY sv_colormap;       /* colormap allocated at init time */
-  int desired;                  /* desired # of colors = size of colormap */
-
-  /* Variables for accumulating image statistics */
-  hist3d histogram;             /* pointer to the histogram */
-
-  boolean needs_zeroed;         /* TRUE if next pass must zero histogram */
-
-  /* Variables for Floyd-Steinberg dithering */
-  FSERRPTR fserrors;            /* accumulated errors */
-  boolean on_odd_row;           /* flag to remember which row we are on */
-  int *error_limiter;           /* table for clamping the applied error */
-} my_cquantizer;
-
-typedef my_cquantizer *my_cquantize_ptr;
-
-
-/*
- * Prescan some rows of pixels.
- * In this module the prescan simply updates the histogram, which has been
- * initialized to zeroes by start_pass.
- * An output_buf parameter is required by the method signature, but no data
- * is actually output (in fact the buffer controller is probably passing a
- * NULL pointer).
- */
-
-METHODDEF(void)
-prescan_quantize(j_decompress_ptr cinfo, JSAMPARRAY input_buf,
-                 JSAMPARRAY output_buf, int num_rows)
-{
-  my_cquantize_ptr cquantize = (my_cquantize_ptr)cinfo->cquantize;
-  register JSAMPROW ptr;
-  register histptr histp;
-  register hist3d histogram = cquantize->histogram;
-  int row;
-  JDIMENSION col;
-  JDIMENSION width = cinfo->output_width;
-
-  for (row = 0; row < num_rows; row++) {
-    ptr = input_buf[row];
-    for (col = width; col > 0; col--) {
-      /* get pixel value and index into the histogram */
-      histp = &histogram[ptr[0] >> C0_SHIFT]
-                        [ptr[1] >> C1_SHIFT]
-                        [ptr[2] >> C2_SHIFT];
-      /* increment, check for overflow and undo increment if so. */
-      if (++(*histp) <= 0)
-        (*histp)--;
-      ptr += 3;
-    }
-  }
-}
-
-
-/*
- * Next we have the really interesting routines: selection of a colormap
- * given the completed histogram.
- * These routines work with a list of "boxes", each representing a rectangular
- * subset of the input color space (to histogram precision).
- */
-
-typedef struct {
-  /* The bounds of the box (inclusive); expressed as histogram indexes */
-  int c0min, c0max;
-  int c1min, c1max;
-  int c2min, c2max;
-  /* The volume (actually 2-norm) of the box */
-  JLONG volume;
-  /* The number of nonzero histogram cells within this box */
-  long colorcount;
-} box;
-
-typedef box *boxptr;
-
-
-LOCAL(boxptr)
-find_biggest_color_pop(boxptr boxlist, int numboxes)
-/* Find the splittable box with the largest color population */
-/* Returns NULL if no splittable boxes remain */
-{
-  register boxptr boxp;
-  register int i;
-  register long maxc = 0;
-  boxptr which = NULL;
-
-  for (i = 0, boxp = boxlist; i < numboxes; i++, boxp++) {
-    if (boxp->colorcount > maxc && boxp->volume > 0) {
-      which = boxp;
-      maxc = boxp->colorcount;
-    }
-  }
-  return which;
-}
-
-
-LOCAL(boxptr)
-find_biggest_volume(boxptr boxlist, int numboxes)
-/* Find the splittable box with the largest (scaled) volume */
-/* Returns NULL if no splittable boxes remain */
-{
-  register boxptr boxp;
-  register int i;
-  register JLONG maxv = 0;
-  boxptr which = NULL;
-
-  for (i = 0, boxp = boxlist; i < numboxes; i++, boxp++) {
-    if (boxp->volume > maxv) {
-      which = boxp;
-      maxv = boxp->volume;
-    }
-  }
-  return which;
-}
-
-
-LOCAL(void)
-update_box(j_decompress_ptr cinfo, boxptr boxp)
-/* Shrink the min/max bounds of a box to enclose only nonzero elements, */
-/* and recompute its volume and population */
-{
-  my_cquantize_ptr cquantize = (my_cquantize_ptr)cinfo->cquantize;
-  hist3d histogram = cquantize->histogram;
-  histptr histp;
-  int c0, c1, c2;
-  int c0min, c0max, c1min, c1max, c2min, c2max;
-  JLONG dist0, dist1, dist2;
-  long ccount;
-
-  c0min = boxp->c0min;  c0max = boxp->c0max;
-  c1min = boxp->c1min;  c1max = boxp->c1max;
-  c2min = boxp->c2min;  c2max = boxp->c2max;
-
-  if (c0max > c0min)
-    for (c0 = c0min; c0 <= c0max; c0++)
-      for (c1 = c1min; c1 <= c1max; c1++) {
-        histp = &histogram[c0][c1][c2min];
-        for (c2 = c2min; c2 <= c2max; c2++)
-          if (*histp++ != 0) {
-            boxp->c0min = c0min = c0;
-            goto have_c0min;
-          }
-      }
-have_c0min:
-  if (c0max > c0min)
-    for (c0 = c0max; c0 >= c0min; c0--)
-      for (c1 = c1min; c1 <= c1max; c1++) {
-        histp = &histogram[c0][c1][c2min];
-        for (c2 = c2min; c2 <= c2max; c2++)
-          if (*histp++ != 0) {
-            boxp->c0max = c0max = c0;
-            goto have_c0max;
-          }
-      }
-have_c0max:
-  if (c1max > c1min)
-    for (c1 = c1min; c1 <= c1max; c1++)
-      for (c0 = c0min; c0 <= c0max; c0++) {
-        histp = &histogram[c0][c1][c2min];
-        for (c2 = c2min; c2 <= c2max; c2++)
-          if (*histp++ != 0) {
-            boxp->c1min = c1min = c1;
-            goto have_c1min;
-          }
-      }
-have_c1min:
-  if (c1max > c1min)
-    for (c1 = c1max; c1 >= c1min; c1--)
-      for (c0 = c0min; c0 <= c0max; c0++) {
-        histp = &histogram[c0][c1][c2min];
-        for (c2 = c2min; c2 <= c2max; c2++)
-          if (*histp++ != 0) {
-            boxp->c1max = c1max = c1;
-            goto have_c1max;
-          }
-      }
-have_c1max:
-  if (c2max > c2min)
-    for (c2 = c2min; c2 <= c2max; c2++)
-      for (c0 = c0min; c0 <= c0max; c0++) {
-        histp = &histogram[c0][c1min][c2];
-        for (c1 = c1min; c1 <= c1max; c1++, histp += HIST_C2_ELEMS)
-          if (*histp != 0) {
-            boxp->c2min = c2min = c2;
-            goto have_c2min;
-          }
-      }
-have_c2min:
-  if (c2max > c2min)
-    for (c2 = c2max; c2 >= c2min; c2--)
-      for (c0 = c0min; c0 <= c0max; c0++) {
-        histp = &histogram[c0][c1min][c2];
-        for (c1 = c1min; c1 <= c1max; c1++, histp += HIST_C2_ELEMS)
-          if (*histp != 0) {
-            boxp->c2max = c2max = c2;
-            goto have_c2max;
-          }
-      }
-have_c2max:
-
-  /* Update box volume.
-   * We use 2-norm rather than real volume here; this biases the method
-   * against making long narrow boxes, and it has the side benefit that
-   * a box is splittable iff norm > 0.
-   * Since the differences are expressed in histogram-cell units,
-   * we have to shift back to JSAMPLE units to get consistent distances;
-   * after which, we scale according to the selected distance scale factors.
-   */
-  dist0 = ((c0max - c0min) << C0_SHIFT) * C0_SCALE;
-  dist1 = ((c1max - c1min) << C1_SHIFT) * C1_SCALE;
-  dist2 = ((c2max - c2min) << C2_SHIFT) * C2_SCALE;
-  boxp->volume = dist0 * dist0 + dist1 * dist1 + dist2 * dist2;
-
-  /* Now scan remaining volume of box and compute population */
-  ccount = 0;
-  for (c0 = c0min; c0 <= c0max; c0++)
-    for (c1 = c1min; c1 <= c1max; c1++) {
-      histp = &histogram[c0][c1][c2min];
-      for (c2 = c2min; c2 <= c2max; c2++, histp++)
-        if (*histp != 0) {
-          ccount++;
-        }
-    }
-  boxp->colorcount = ccount;
-}
-
-
-LOCAL(int)
-median_cut(j_decompress_ptr cinfo, boxptr boxlist, int numboxes,
-           int desired_colors)
-/* Repeatedly select and split the largest box until we have enough boxes */
-{
-  int n, lb;
-  int c0, c1, c2, cmax;
-  register boxptr b1, b2;
-
-  while (numboxes < desired_colors) {
-    /* Select box to split.
-     * Current algorithm: by population for first half, then by volume.
-     */
-    if (numboxes * 2 <= desired_colors) {
-      b1 = find_biggest_color_pop(boxlist, numboxes);
-    } else {
-      b1 = find_biggest_volume(boxlist, numboxes);
-    }
-    if (b1 == NULL)             /* no splittable boxes left! */
-      break;
-    b2 = &boxlist[numboxes];    /* where new box will go */
-    /* Copy the color bounds to the new box. */
-    b2->c0max = b1->c0max;  b2->c1max = b1->c1max;  b2->c2max = b1->c2max;
-    b2->c0min = b1->c0min;  b2->c1min = b1->c1min;  b2->c2min = b1->c2min;
-    /* Choose which axis to split the box on.
-     * Current algorithm: longest scaled axis.
-     * See notes in update_box about scaling distances.
-     */
-    c0 = ((b1->c0max - b1->c0min) << C0_SHIFT) * C0_SCALE;
-    c1 = ((b1->c1max - b1->c1min) << C1_SHIFT) * C1_SCALE;
-    c2 = ((b1->c2max - b1->c2min) << C2_SHIFT) * C2_SCALE;
-    /* We want to break any ties in favor of green, then red, blue last.
-     * This code does the right thing for R,G,B or B,G,R color orders only.
-     */
-    if (rgb_red[cinfo->out_color_space] == 0) {
-      cmax = c1;  n = 1;
-      if (c0 > cmax) { cmax = c0;  n = 0; }
-      if (c2 > cmax) { n = 2; }
-    } else {
-      cmax = c1;  n = 1;
-      if (c2 > cmax) { cmax = c2;  n = 2; }
-      if (c0 > cmax) { n = 0; }
-    }
-    /* Choose split point along selected axis, and update box bounds.
-     * Current algorithm: split at halfway point.
-     * (Since the box has been shrunk to minimum volume,
-     * any split will produce two nonempty subboxes.)
-     * Note that lb value is max for lower box, so must be < old max.
-     */
-    switch (n) {
-    case 0:
-      lb = (b1->c0max + b1->c0min) / 2;
-      b1->c0max = lb;
-      b2->c0min = lb + 1;
-      break;
-    case 1:
-      lb = (b1->c1max + b1->c1min) / 2;
-      b1->c1max = lb;
-      b2->c1min = lb + 1;
-      break;
-    case 2:
-      lb = (b1->c2max + b1->c2min) / 2;
-      b1->c2max = lb;
-      b2->c2min = lb + 1;
-      break;
-    }
-    /* Update stats for boxes */
-    update_box(cinfo, b1);
-    update_box(cinfo, b2);
-    numboxes++;
-  }
-  return numboxes;
-}
-
-
-LOCAL(void)
-compute_color(j_decompress_ptr cinfo, boxptr boxp, int icolor)
-/* Compute representative color for a box, put it in colormap[icolor] */
-{
-  /* Current algorithm: mean weighted by pixels (not colors) */
-  /* Note it is important to get the rounding correct! */
-  my_cquantize_ptr cquantize = (my_cquantize_ptr)cinfo->cquantize;
-  hist3d histogram = cquantize->histogram;
-  histptr histp;
-  int c0, c1, c2;
-  int c0min, c0max, c1min, c1max, c2min, c2max;
-  long count;
-  long total = 0;
-  long c0total = 0;
-  long c1total = 0;
-  long c2total = 0;
-
-  c0min = boxp->c0min;  c0max = boxp->c0max;
-  c1min = boxp->c1min;  c1max = boxp->c1max;
-  c2min = boxp->c2min;  c2max = boxp->c2max;
-
-  for (c0 = c0min; c0 <= c0max; c0++)
-    for (c1 = c1min; c1 <= c1max; c1++) {
-      histp = &histogram[c0][c1][c2min];
-      for (c2 = c2min; c2 <= c2max; c2++) {
-        if ((count = *histp++) != 0) {
-          total += count;
-          c0total += ((c0 << C0_SHIFT) + ((1 << C0_SHIFT) >> 1)) * count;
-          c1total += ((c1 << C1_SHIFT) + ((1 << C1_SHIFT) >> 1)) * count;
-          c2total += ((c2 << C2_SHIFT) + ((1 << C2_SHIFT) >> 1)) * count;
-        }
-      }
-    }
-
-  cinfo->colormap[0][icolor] = (JSAMPLE)((c0total + (total >> 1)) / total);
-  cinfo->colormap[1][icolor] = (JSAMPLE)((c1total + (total >> 1)) / total);
-  cinfo->colormap[2][icolor] = (JSAMPLE)((c2total + (total >> 1)) / total);
-}
-
-
-LOCAL(void)
-select_colors(j_decompress_ptr cinfo, int desired_colors)
-/* Master routine for color selection */
-{
-  boxptr boxlist;
-  int numboxes;
-  int i;
-
-  /* Allocate workspace for box list */
-  boxlist = (boxptr)(*cinfo->mem->alloc_small)
-    ((j_common_ptr)cinfo, JPOOL_IMAGE, desired_colors * sizeof(box));
-  /* Initialize one box containing whole space */
-  numboxes = 1;
-  boxlist[0].c0min = 0;
-  boxlist[0].c0max = MAXJSAMPLE >> C0_SHIFT;
-  boxlist[0].c1min = 0;
-  boxlist[0].c1max = MAXJSAMPLE >> C1_SHIFT;
-  boxlist[0].c2min = 0;
-  boxlist[0].c2max = MAXJSAMPLE >> C2_SHIFT;
-  /* Shrink it to actually-used volume and set its statistics */
-  update_box(cinfo, &boxlist[0]);
-  /* Perform median-cut to produce final box list */
-  numboxes = median_cut(cinfo, boxlist, numboxes, desired_colors);
-  /* Compute the representative color for each box, fill colormap */
-  for (i = 0; i < numboxes; i++)
-    compute_color(cinfo, &boxlist[i], i);
-  cinfo->actual_number_of_colors = numboxes;
-  TRACEMS1(cinfo, 1, JTRC_QUANT_SELECTED, numboxes);
-}
-
-
-/*
- * These routines are concerned with the time-critical task of mapping input
- * colors to the nearest color in the selected colormap.
- *
- * We re-use the histogram space as an "inverse color map", essentially a
- * cache for the results of nearest-color searches.  All colors within a
- * histogram cell will be mapped to the same colormap entry, namely the one
- * closest to the cell's center.  This may not be quite the closest entry to
- * the actual input color, but it's almost as good.  A zero in the cache
- * indicates we haven't found the nearest color for that cell yet; the array
- * is cleared to zeroes before starting the mapping pass.  When we find the
- * nearest color for a cell, its colormap index plus one is recorded in the
- * cache for future use.  The pass2 scanning routines call fill_inverse_cmap
- * when they need to use an unfilled entry in the cache.
- *
- * Our method of efficiently finding nearest colors is based on the "locally
- * sorted search" idea described by Heckbert and on the incremental distance
- * calculation described by Spencer W. Thomas in chapter III.1 of Graphics
- * Gems II (James Arvo, ed.  Academic Press, 1991).  Thomas points out that
- * the distances from a given colormap entry to each cell of the histogram can
- * be computed quickly using an incremental method: the differences between
- * distances to adjacent cells themselves differ by a constant.  This allows a
- * fairly fast implementation of the "brute force" approach of computing the
- * distance from every colormap entry to every histogram cell.  Unfortunately,
- * it needs a work array to hold the best-distance-so-far for each histogram
- * cell (because the inner loop has to be over cells, not colormap entries).
- * The work array elements have to be JLONGs, so the work array would need
- * 256Kb at our recommended precision.  This is not feasible in DOS machines.
- *
- * To get around these problems, we apply Thomas' method to compute the
- * nearest colors for only the cells within a small subbox of the histogram.
- * The work array need be only as big as the subbox, so the memory usage
- * problem is solved.  Furthermore, we need not fill subboxes that are never
- * referenced in pass2; many images use only part of the color gamut, so a
- * fair amount of work is saved.  An additional advantage of this
- * approach is that we can apply Heckbert's locality criterion to quickly
- * eliminate colormap entries that are far away from the subbox; typically
- * three-fourths of the colormap entries are rejected by Heckbert's criterion,
- * and we need not compute their distances to individual cells in the subbox.
- * The speed of this approach is heavily influenced by the subbox size: too
- * small means too much overhead, too big loses because Heckbert's criterion
- * can't eliminate as many colormap entries.  Empirically the best subbox
- * size seems to be about 1/512th of the histogram (1/8th in each direction).
- *
- * Thomas' article also describes a refined method which is asymptotically
- * faster than the brute-force method, but it is also far more complex and
- * cannot efficiently be applied to small subboxes.  It is therefore not
- * useful for programs intended to be portable to DOS machines.  On machines
- * with plenty of memory, filling the whole histogram in one shot with Thomas'
- * refined method might be faster than the present code --- but then again,
- * it might not be any faster, and it's certainly more complicated.
- */
-
-
-/* log2(histogram cells in update box) for each axis; this can be adjusted */
-#define BOX_C0_LOG  (HIST_C0_BITS - 3)
-#define BOX_C1_LOG  (HIST_C1_BITS - 3)
-#define BOX_C2_LOG  (HIST_C2_BITS - 3)
-
-#define BOX_C0_ELEMS  (1 << BOX_C0_LOG) /* # of hist cells in update box */
-#define BOX_C1_ELEMS  (1 << BOX_C1_LOG)
-#define BOX_C2_ELEMS  (1 << BOX_C2_LOG)
-
-#define BOX_C0_SHIFT  (C0_SHIFT + BOX_C0_LOG)
-#define BOX_C1_SHIFT  (C1_SHIFT + BOX_C1_LOG)
-#define BOX_C2_SHIFT  (C2_SHIFT + BOX_C2_LOG)
-
-
-/*
- * The next three routines implement inverse colormap filling.  They could
- * all be folded into one big routine, but splitting them up this way saves
- * some stack space (the mindist[] and bestdist[] arrays need not coexist)
- * and may allow some compilers to produce better code by registerizing more
- * inner-loop variables.
- */
-
-LOCAL(int)
-find_nearby_colors(j_decompress_ptr cinfo, int minc0, int minc1, int minc2,
-                   JSAMPLE colorlist[])
-/* Locate the colormap entries close enough to an update box to be candidates
- * for the nearest entry to some cell(s) in the update box.  The update box
- * is specified by the center coordinates of its first cell.  The number of
- * candidate colormap entries is returned, and their colormap indexes are
- * placed in colorlist[].
- * This routine uses Heckbert's "locally sorted search" criterion to select
- * the colors that need further consideration.
- */
-{
-  int numcolors = cinfo->actual_number_of_colors;
-  int maxc0, maxc1, maxc2;
-  int centerc0, centerc1, centerc2;
-  int i, x, ncolors;
-  JLONG minmaxdist, min_dist, max_dist, tdist;
-  JLONG mindist[MAXNUMCOLORS];  /* min distance to colormap entry i */
-
-  /* Compute true coordinates of update box's upper corner and center.
-   * Actually we compute the coordinates of the center of the upper-corner
-   * histogram cell, which are the upper bounds of the volume we care about.
-   * Note that since ">>" rounds down, the "center" values may be closer to
-   * min than to max; hence comparisons to them must be "<=", not "<".
-   */
-  maxc0 = minc0 + ((1 << BOX_C0_SHIFT) - (1 << C0_SHIFT));
-  centerc0 = (minc0 + maxc0) >> 1;
-  maxc1 = minc1 + ((1 << BOX_C1_SHIFT) - (1 << C1_SHIFT));
-  centerc1 = (minc1 + maxc1) >> 1;
-  maxc2 = minc2 + ((1 << BOX_C2_SHIFT) - (1 << C2_SHIFT));
-  centerc2 = (minc2 + maxc2) >> 1;
-
-  /* For each color in colormap, find:
-   *  1. its minimum squared-distance to any point in the update box
-   *     (zero if color is within update box);
-   *  2. its maximum squared-distance to any point in the update box.
-   * Both of these can be found by considering only the corners of the box.
-   * We save the minimum distance for each color in mindist[];
-   * only the smallest maximum distance is of interest.
-   */
-  minmaxdist = 0x7FFFFFFFL;
-
-  for (i = 0; i < numcolors; i++) {
-    /* We compute the squared-c0-distance term, then add in the other two. */
-    x = cinfo->colormap[0][i];
-    if (x < minc0) {
-      tdist = (x - minc0) * C0_SCALE;
-      min_dist = tdist * tdist;
-      tdist = (x - maxc0) * C0_SCALE;
-      max_dist = tdist * tdist;
-    } else if (x > maxc0) {
-      tdist = (x - maxc0) * C0_SCALE;
-      min_dist = tdist * tdist;
-      tdist = (x - minc0) * C0_SCALE;
-      max_dist = tdist * tdist;
-    } else {
-      /* within cell range so no contribution to min_dist */
-      min_dist = 0;
-      if (x <= centerc0) {
-        tdist = (x - maxc0) * C0_SCALE;
-        max_dist = tdist * tdist;
-      } else {
-        tdist = (x - minc0) * C0_SCALE;
-        max_dist = tdist * tdist;
-      }
-    }
-
-    x = cinfo->colormap[1][i];
-    if (x < minc1) {
-      tdist = (x - minc1) * C1_SCALE;
-      min_dist += tdist * tdist;
-      tdist = (x - maxc1) * C1_SCALE;
-      max_dist += tdist * tdist;
-    } else if (x > maxc1) {
-      tdist = (x - maxc1) * C1_SCALE;
-      min_dist += tdist * tdist;
-      tdist = (x - minc1) * C1_SCALE;
-      max_dist += tdist * tdist;
-    } else {
-      /* within cell range so no contribution to min_dist */
-      if (x <= centerc1) {
-        tdist = (x - maxc1) * C1_SCALE;
-        max_dist += tdist * tdist;
-      } else {
-        tdist = (x - minc1) * C1_SCALE;
-        max_dist += tdist * tdist;
-      }
-    }
-
-    x = cinfo->colormap[2][i];
-    if (x < minc2) {
-      tdist = (x - minc2) * C2_SCALE;
-      min_dist += tdist * tdist;
-      tdist = (x - maxc2) * C2_SCALE;
-      max_dist += tdist * tdist;
-    } else if (x > maxc2) {
-      tdist = (x - maxc2) * C2_SCALE;
-      min_dist += tdist * tdist;
-      tdist = (x - minc2) * C2_SCALE;
-      max_dist += tdist * tdist;
-    } else {
-      /* within cell range so no contribution to min_dist */
-      if (x <= centerc2) {
-        tdist = (x - maxc2) * C2_SCALE;
-        max_dist += tdist * tdist;
-      } else {
-        tdist = (x - minc2) * C2_SCALE;
-        max_dist += tdist * tdist;
-      }
-    }
-
-    mindist[i] = min_dist;      /* save away the results */
-    if (max_dist < minmaxdist)
-      minmaxdist = max_dist;
-  }
-
-  /* Now we know that no cell in the update box is more than minmaxdist
-   * away from some colormap entry.  Therefore, only colors that are
-   * within minmaxdist of some part of the box need be considered.
-   */
-  ncolors = 0;
-  for (i = 0; i < numcolors; i++) {
-    if (mindist[i] <= minmaxdist)
-      colorlist[ncolors++] = (JSAMPLE)i;
-  }
-  return ncolors;
-}
-
-
-LOCAL(void)
-find_best_colors(j_decompress_ptr cinfo, int minc0, int minc1, int minc2,
-                 int numcolors, JSAMPLE colorlist[], JSAMPLE bestcolor[])
-/* Find the closest colormap entry for each cell in the update box,
- * given the list of candidate colors prepared by find_nearby_colors.
- * Return the indexes of the closest entries in the bestcolor[] array.
- * This routine uses Thomas' incremental distance calculation method to
- * find the distance from a colormap entry to successive cells in the box.
- */
-{
-  int ic0, ic1, ic2;
-  int i, icolor;
-  register JLONG *bptr;         /* pointer into bestdist[] array */
-  JSAMPLE *cptr;                /* pointer into bestcolor[] array */
-  JLONG dist0, dist1;           /* initial distance values */
-  register JLONG dist2;         /* current distance in inner loop */
-  JLONG xx0, xx1;               /* distance increments */
-  register JLONG xx2;
-  JLONG inc0, inc1, inc2;       /* initial values for increments */
-  /* This array holds the distance to the nearest-so-far color for each cell */
-  JLONG bestdist[BOX_C0_ELEMS * BOX_C1_ELEMS * BOX_C2_ELEMS];
-
-  /* Initialize best-distance for each cell of the update box */
-  bptr = bestdist;
-  for (i = BOX_C0_ELEMS * BOX_C1_ELEMS * BOX_C2_ELEMS - 1; i >= 0; i--)
-    *bptr++ = 0x7FFFFFFFL;
-
-  /* For each color selected by find_nearby_colors,
-   * compute its distance to the center of each cell in the box.
-   * If that's less than best-so-far, update best distance and color number.
-   */
-
-  /* Nominal steps between cell centers ("x" in Thomas article) */
-#define STEP_C0  ((1 << C0_SHIFT) * C0_SCALE)
-#define STEP_C1  ((1 << C1_SHIFT) * C1_SCALE)
-#define STEP_C2  ((1 << C2_SHIFT) * C2_SCALE)
-
-  for (i = 0; i < numcolors; i++) {
-    icolor = colorlist[i];
-    /* Compute (square of) distance from minc0/c1/c2 to this color */
-    inc0 = (minc0 - cinfo->colormap[0][icolor]) * C0_SCALE;
-    dist0 = inc0 * inc0;
-    inc1 = (minc1 - cinfo->colormap[1][icolor]) * C1_SCALE;
-    dist0 += inc1 * inc1;
-    inc2 = (minc2 - cinfo->colormap[2][icolor]) * C2_SCALE;
-    dist0 += inc2 * inc2;
-    /* Form the initial difference increments */
-    inc0 = inc0 * (2 * STEP_C0) + STEP_C0 * STEP_C0;
-    inc1 = inc1 * (2 * STEP_C1) + STEP_C1 * STEP_C1;
-    inc2 = inc2 * (2 * STEP_C2) + STEP_C2 * STEP_C2;
-    /* Now loop over all cells in box, updating distance per Thomas method */
-    bptr = bestdist;
-    cptr = bestcolor;
-    xx0 = inc0;
-    for (ic0 = BOX_C0_ELEMS - 1; ic0 >= 0; ic0--) {
-      dist1 = dist0;
-      xx1 = inc1;
-      for (ic1 = BOX_C1_ELEMS - 1; ic1 >= 0; ic1--) {
-        dist2 = dist1;
-        xx2 = inc2;
-        for (ic2 = BOX_C2_ELEMS - 1; ic2 >= 0; ic2--) {
-          if (dist2 < *bptr) {
-            *bptr = dist2;
-            *cptr = (JSAMPLE)icolor;
-          }
-          dist2 += xx2;
-          xx2 += 2 * STEP_C2 * STEP_C2;
-          bptr++;
-          cptr++;
-        }
-        dist1 += xx1;
-        xx1 += 2 * STEP_C1 * STEP_C1;
-      }
-      dist0 += xx0;
-      xx0 += 2 * STEP_C0 * STEP_C0;
-    }
-  }
-}
-
-
-LOCAL(void)
-fill_inverse_cmap(j_decompress_ptr cinfo, int c0, int c1, int c2)
-/* Fill the inverse-colormap entries in the update box that contains */
-/* histogram cell c0/c1/c2.  (Only that one cell MUST be filled, but */
-/* we can fill as many others as we wish.) */
-{
-  my_cquantize_ptr cquantize = (my_cquantize_ptr)cinfo->cquantize;
-  hist3d histogram = cquantize->histogram;
-  int minc0, minc1, minc2;      /* lower left corner of update box */
-  int ic0, ic1, ic2;
-  register JSAMPLE *cptr;       /* pointer into bestcolor[] array */
-  register histptr cachep;      /* pointer into main cache array */
-  /* This array lists the candidate colormap indexes. */
-  JSAMPLE colorlist[MAXNUMCOLORS];
-  int numcolors;                /* number of candidate colors */
-  /* This array holds the actually closest colormap index for each cell. */
-  JSAMPLE bestcolor[BOX_C0_ELEMS * BOX_C1_ELEMS * BOX_C2_ELEMS];
-
-  /* Convert cell coordinates to update box ID */
-  c0 >>= BOX_C0_LOG;
-  c1 >>= BOX_C1_LOG;
-  c2 >>= BOX_C2_LOG;
-
-  /* Compute true coordinates of update box's origin corner.
-   * Actually we compute the coordinates of the center of the corner
-   * histogram cell, which are the lower bounds of the volume we care about.
-   */
-  minc0 = (c0 << BOX_C0_SHIFT) + ((1 << C0_SHIFT) >> 1);
-  minc1 = (c1 << BOX_C1_SHIFT) + ((1 << C1_SHIFT) >> 1);
-  minc2 = (c2 << BOX_C2_SHIFT) + ((1 << C2_SHIFT) >> 1);
-
-  /* Determine which colormap entries are close enough to be candidates
-   * for the nearest entry to some cell in the update box.
-   */
-  numcolors = find_nearby_colors(cinfo, minc0, minc1, minc2, colorlist);
-
-  /* Determine the actually nearest colors. */
-  find_best_colors(cinfo, minc0, minc1, minc2, numcolors, colorlist,
-                   bestcolor);
-
-  /* Save the best color numbers (plus 1) in the main cache array */
-  c0 <<= BOX_C0_LOG;            /* convert ID back to base cell indexes */
-  c1 <<= BOX_C1_LOG;
-  c2 <<= BOX_C2_LOG;
-  cptr = bestcolor;
-  for (ic0 = 0; ic0 < BOX_C0_ELEMS; ic0++) {
-    for (ic1 = 0; ic1 < BOX_C1_ELEMS; ic1++) {
-      cachep = &histogram[c0 + ic0][c1 + ic1][c2];
-      for (ic2 = 0; ic2 < BOX_C2_ELEMS; ic2++) {
-        *cachep++ = (histcell)((*cptr++) + 1);
-      }
-    }
-  }
-}
-
-
-/*
- * Map some rows of pixels to the output colormapped representation.
- */
-
-METHODDEF(void)
-pass2_no_dither(j_decompress_ptr cinfo, JSAMPARRAY input_buf,
-                JSAMPARRAY output_buf, int num_rows)
-/* This version performs no dithering */
-{
-  my_cquantize_ptr cquantize = (my_cquantize_ptr)cinfo->cquantize;
-  hist3d histogram = cquantize->histogram;
-  register JSAMPROW inptr, outptr;
-  register histptr cachep;
-  register int c0, c1, c2;
-  int row;
-  JDIMENSION col;
-  JDIMENSION width = cinfo->output_width;
-
-  for (row = 0; row < num_rows; row++) {
-    inptr = input_buf[row];
-    outptr = output_buf[row];
-    for (col = width; col > 0; col--) {
-      /* get pixel value and index into the cache */
-      c0 = (*inptr++) >> C0_SHIFT;
-      c1 = (*inptr++) >> C1_SHIFT;
-      c2 = (*inptr++) >> C2_SHIFT;
-      cachep = &histogram[c0][c1][c2];
-      /* If we have not seen this color before, find nearest colormap entry */
-      /* and update the cache */
-      if (*cachep == 0)
-        fill_inverse_cmap(cinfo, c0, c1, c2);
-      /* Now emit the colormap index for this cell */
-      *outptr++ = (JSAMPLE)(*cachep - 1);
-    }
-  }
-}
-
-
-METHODDEF(void)
-pass2_fs_dither(j_decompress_ptr cinfo, JSAMPARRAY input_buf,
-                JSAMPARRAY output_buf, int num_rows)
-/* This version performs Floyd-Steinberg dithering */
-{
-  my_cquantize_ptr cquantize = (my_cquantize_ptr)cinfo->cquantize;
-  hist3d histogram = cquantize->histogram;
-  register LOCFSERROR cur0, cur1, cur2; /* current error or pixel value */
-  LOCFSERROR belowerr0, belowerr1, belowerr2; /* error for pixel below cur */
-  LOCFSERROR bpreverr0, bpreverr1, bpreverr2; /* error for below/prev col */
-  register FSERRPTR errorptr;   /* => fserrors[] at column before current */
-  JSAMPROW inptr;               /* => current input pixel */
-  JSAMPROW outptr;              /* => current output pixel */
-  histptr cachep;
-  int dir;                      /* +1 or -1 depending on direction */
-  int dir3;                     /* 3*dir, for advancing inptr & errorptr */
-  int row;
-  JDIMENSION col;
-  JDIMENSION width = cinfo->output_width;
-  JSAMPLE *range_limit = cinfo->sample_range_limit;
-  int *error_limit = cquantize->error_limiter;
-  JSAMPROW colormap0 = cinfo->colormap[0];
-  JSAMPROW colormap1 = cinfo->colormap[1];
-  JSAMPROW colormap2 = cinfo->colormap[2];
-  SHIFT_TEMPS
-
-  for (row = 0; row < num_rows; row++) {
-    inptr = input_buf[row];
-    outptr = output_buf[row];
-    if (cquantize->on_odd_row) {
-      /* work right to left in this row */
-      inptr += (width - 1) * 3; /* so point to rightmost pixel */
-      outptr += width - 1;
-      dir = -1;
-      dir3 = -3;
-      errorptr = cquantize->fserrors + (width + 1) * 3; /* => entry after last column */
-      cquantize->on_odd_row = FALSE; /* flip for next time */
-    } else {
-      /* work left to right in this row */
-      dir = 1;
-      dir3 = 3;
-      errorptr = cquantize->fserrors; /* => entry before first real column */
-      cquantize->on_odd_row = TRUE; /* flip for next time */
-    }
-    /* Preset error values: no error propagated to first pixel from left */
-    cur0 = cur1 = cur2 = 0;
-    /* and no error propagated to row below yet */
-    belowerr0 = belowerr1 = belowerr2 = 0;
-    bpreverr0 = bpreverr1 = bpreverr2 = 0;
-
-    for (col = width; col > 0; col--) {
-      /* curN holds the error propagated from the previous pixel on the
-       * current line.  Add the error propagated from the previous line
-       * to form the complete error correction term for this pixel, and
-       * round the error term (which is expressed * 16) to an integer.
-       * RIGHT_SHIFT rounds towards minus infinity, so adding 8 is correct
-       * for either sign of the error value.
-       * Note: errorptr points to *previous* column's array entry.
-       */
-      cur0 = RIGHT_SHIFT(cur0 + errorptr[dir3 + 0] + 8, 4);
-      cur1 = RIGHT_SHIFT(cur1 + errorptr[dir3 + 1] + 8, 4);
-      cur2 = RIGHT_SHIFT(cur2 + errorptr[dir3 + 2] + 8, 4);
-      /* Limit the error using transfer function set by init_error_limit.
-       * See comments with init_error_limit for rationale.
-       */
-      cur0 = error_limit[cur0];
-      cur1 = error_limit[cur1];
-      cur2 = error_limit[cur2];
-      /* Form pixel value + error, and range-limit to 0..MAXJSAMPLE.
-       * The maximum error is +- MAXJSAMPLE (or less with error limiting);
-       * this sets the required size of the range_limit array.
-       */
-      cur0 += inptr[0];
-      cur1 += inptr[1];
-      cur2 += inptr[2];
-      cur0 = range_limit[cur0];
-      cur1 = range_limit[cur1];
-      cur2 = range_limit[cur2];
-      /* Index into the cache with adjusted pixel value */
-      cachep =
-        &histogram[cur0 >> C0_SHIFT][cur1 >> C1_SHIFT][cur2 >> C2_SHIFT];
-      /* If we have not seen this color before, find nearest colormap */
-      /* entry and update the cache */
-      if (*cachep == 0)
-        fill_inverse_cmap(cinfo, cur0 >> C0_SHIFT, cur1 >> C1_SHIFT,
-                          cur2 >> C2_SHIFT);
-      /* Now emit the colormap index for this cell */
-      {
-        register int pixcode = *cachep - 1;
-        *outptr = (JSAMPLE)pixcode;
-        /* Compute representation error for this pixel */
-        cur0 -= colormap0[pixcode];
-        cur1 -= colormap1[pixcode];
-        cur2 -= colormap2[pixcode];
-      }
-      /* Compute error fractions to be propagated to adjacent pixels.
-       * Add these into the running sums, and simultaneously shift the
-       * next-line error sums left by 1 column.
-       */
-      {
-        register LOCFSERROR bnexterr;
-
-        bnexterr = cur0;        /* Process component 0 */
-        errorptr[0] = (FSERROR)(bpreverr0 + cur0 * 3);
-        bpreverr0 = belowerr0 + cur0 * 5;
-        belowerr0 = bnexterr;
-        cur0 *= 7;
-        bnexterr = cur1;        /* Process component 1 */
-        errorptr[1] = (FSERROR)(bpreverr1 + cur1 * 3);
-        bpreverr1 = belowerr1 + cur1 * 5;
-        belowerr1 = bnexterr;
-        cur1 *= 7;
-        bnexterr = cur2;        /* Process component 2 */
-        errorptr[2] = (FSERROR)(bpreverr2 + cur2 * 3);
-        bpreverr2 = belowerr2 + cur2 * 5;
-        belowerr2 = bnexterr;
-        cur2 *= 7;
-      }
-      /* At this point curN contains the 7/16 error value to be propagated
-       * to the next pixel on the current line, and all the errors for the
-       * next line have been shifted over.  We are therefore ready to move on.
-       */
-      inptr += dir3;            /* Advance pixel pointers to next column */
-      outptr += dir;
-      errorptr += dir3;         /* advance errorptr to current column */
-    }
-    /* Post-loop cleanup: we must unload the final error values into the
-     * final fserrors[] entry.  Note we need not unload belowerrN because
-     * it is for the dummy column before or after the actual array.
-     */
-    errorptr[0] = (FSERROR)bpreverr0; /* unload prev errs into array */
-    errorptr[1] = (FSERROR)bpreverr1;
-    errorptr[2] = (FSERROR)bpreverr2;
-  }
-}
-
-
-/*
- * Initialize the error-limiting transfer function (lookup table).
- * The raw F-S error computation can potentially compute error values of up to
- * +- MAXJSAMPLE.  But we want the maximum correction applied to a pixel to be
- * much less, otherwise obviously wrong pixels will be created.  (Typical
- * effects include weird fringes at color-area boundaries, isolated bright
- * pixels in a dark area, etc.)  The standard advice for avoiding this problem
- * is to ensure that the "corners" of the color cube are allocated as output
- * colors; then repeated errors in the same direction cannot cause cascading
- * error buildup.  However, that only prevents the error from getting
- * completely out of hand; Aaron Giles reports that error limiting improves
- * the results even with corner colors allocated.
- * A simple clamping of the error values to about +- MAXJSAMPLE/8 works pretty
- * well, but the smoother transfer function used below is even better.  Thanks
- * to Aaron Giles for this idea.
- */
-
-LOCAL(void)
-init_error_limit(j_decompress_ptr cinfo)
-/* Allocate and fill in the error_limiter table */
-{
-  my_cquantize_ptr cquantize = (my_cquantize_ptr)cinfo->cquantize;
-  int *table;
-  int in, out;
-
-  table = (int *)(*cinfo->mem->alloc_small)
-    ((j_common_ptr)cinfo, JPOOL_IMAGE, (MAXJSAMPLE * 2 + 1) * sizeof(int));
-  table += MAXJSAMPLE;          /* so can index -MAXJSAMPLE .. +MAXJSAMPLE */
-  cquantize->error_limiter = table;
-
-#define STEPSIZE  ((MAXJSAMPLE + 1) / 16)
-  /* Map errors 1:1 up to +- MAXJSAMPLE/16 */
-  out = 0;
-  for (in = 0; in < STEPSIZE; in++, out++) {
-    table[in] = out;  table[-in] = -out;
-  }
-  /* Map errors 1:2 up to +- 3*MAXJSAMPLE/16 */
-  for (; in < STEPSIZE * 3; in++, out += (in & 1) ? 0 : 1) {
-    table[in] = out;  table[-in] = -out;
-  }
-  /* Clamp the rest to final out value (which is (MAXJSAMPLE+1)/8) */
-  for (; in <= MAXJSAMPLE; in++) {
-    table[in] = out;  table[-in] = -out;
-  }
-#undef STEPSIZE
-}
-
-
-/*
- * Finish up at the end of each pass.
- */
-
-METHODDEF(void)
-finish_pass1(j_decompress_ptr cinfo)
-{
-  my_cquantize_ptr cquantize = (my_cquantize_ptr)cinfo->cquantize;
-
-  /* Select the representative colors and fill in cinfo->colormap */
-  cinfo->colormap = cquantize->sv_colormap;
-  select_colors(cinfo, cquantize->desired);
-  /* Force next pass to zero the color index table */
-  cquantize->needs_zeroed = TRUE;
-}
-
-
-METHODDEF(void)
-finish_pass2(j_decompress_ptr cinfo)
-{
-  /* no work */
-}
-
-
-/*
- * Initialize for each processing pass.
- */
-
-METHODDEF(void)
-start_pass_2_quant(j_decompress_ptr cinfo, boolean is_pre_scan)
-{
-  my_cquantize_ptr cquantize = (my_cquantize_ptr)cinfo->cquantize;
-  hist3d histogram = cquantize->histogram;
-  int i;
-
-  /* Only F-S dithering or no dithering is supported. */
-  /* If user asks for ordered dither, give them F-S. */
-  if (cinfo->dither_mode != JDITHER_NONE)
-    cinfo->dither_mode = JDITHER_FS;
-
-  if (is_pre_scan) {
-    /* Set up method pointers */
-    cquantize->pub.color_quantize = prescan_quantize;
-    cquantize->pub.finish_pass = finish_pass1;
-    cquantize->needs_zeroed = TRUE; /* Always zero histogram */
-  } else {
-    /* Set up method pointers */
-    if (cinfo->dither_mode == JDITHER_FS)
-      cquantize->pub.color_quantize = pass2_fs_dither;
-    else
-      cquantize->pub.color_quantize = pass2_no_dither;
-    cquantize->pub.finish_pass = finish_pass2;
-
-    /* Make sure color count is acceptable */
-    i = cinfo->actual_number_of_colors;
-    if (i < 1)
-      ERREXIT1(cinfo, JERR_QUANT_FEW_COLORS, 1);
-    if (i > MAXNUMCOLORS)
-      ERREXIT1(cinfo, JERR_QUANT_MANY_COLORS, MAXNUMCOLORS);
-
-    if (cinfo->dither_mode == JDITHER_FS) {
-      size_t arraysize =
-        (size_t)((cinfo->output_width + 2) * (3 * sizeof(FSERROR)));
-      /* Allocate Floyd-Steinberg workspace if we didn't already. */
-      if (cquantize->fserrors == NULL)
-        cquantize->fserrors = (FSERRPTR)(*cinfo->mem->alloc_large)
-          ((j_common_ptr)cinfo, JPOOL_IMAGE, arraysize);
-      /* Initialize the propagated errors to zero. */
-      jzero_far((void *)cquantize->fserrors, arraysize);
-      /* Make the error-limit table if we didn't already. */
-      if (cquantize->error_limiter == NULL)
-        init_error_limit(cinfo);
-      cquantize->on_odd_row = FALSE;
-    }
-
-  }
-  /* Zero the histogram or inverse color map, if necessary */
-  if (cquantize->needs_zeroed) {
-    for (i = 0; i < HIST_C0_ELEMS; i++) {
-      jzero_far((void *)histogram[i],
-                HIST_C1_ELEMS * HIST_C2_ELEMS * sizeof(histcell));
-    }
-    cquantize->needs_zeroed = FALSE;
-  }
-}
-
-
-/*
- * Switch to a new external colormap between output passes.
- */
-
-METHODDEF(void)
-new_color_map_2_quant(j_decompress_ptr cinfo)
-{
-  my_cquantize_ptr cquantize = (my_cquantize_ptr)cinfo->cquantize;
-
-  /* Reset the inverse color map */
-  cquantize->needs_zeroed = TRUE;
-}
-
-
-/*
- * Module initialization routine for 2-pass color quantization.
- */
-
-GLOBAL(void)
-jinit_2pass_quantizer(j_decompress_ptr cinfo)
-{
-  my_cquantize_ptr cquantize;
-  int i;
-
-  cquantize = (my_cquantize_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(my_cquantizer));
-  cinfo->cquantize = (struct jpeg_color_quantizer *)cquantize;
-  cquantize->pub.start_pass = start_pass_2_quant;
-  cquantize->pub.new_color_map = new_color_map_2_quant;
-  cquantize->fserrors = NULL;   /* flag optional arrays not allocated */
-  cquantize->error_limiter = NULL;
-
-  /* Make sure jdmaster didn't give me a case I can't handle */
-  if (cinfo->out_color_components != 3)
-    ERREXIT(cinfo, JERR_NOTIMPL);
-
-  /* Allocate the histogram/inverse colormap storage */
-  cquantize->histogram = (hist3d)(*cinfo->mem->alloc_small)
-    ((j_common_ptr)cinfo, JPOOL_IMAGE, HIST_C0_ELEMS * sizeof(hist2d));
-  for (i = 0; i < HIST_C0_ELEMS; i++) {
-    cquantize->histogram[i] = (hist2d)(*cinfo->mem->alloc_large)
-      ((j_common_ptr)cinfo, JPOOL_IMAGE,
-       HIST_C1_ELEMS * HIST_C2_ELEMS * sizeof(histcell));
-  }
-  cquantize->needs_zeroed = TRUE; /* histogram is garbage now */
-
-  /* Allocate storage for the completed colormap, if required.
-   * We do this now since it may affect the memory manager's space
-   * calculations.
-   */
-  if (cinfo->enable_2pass_quant) {
-    /* Make sure color count is acceptable */
-    int desired = cinfo->desired_number_of_colors;
-    /* Lower bound on # of colors ... somewhat arbitrary as long as > 0 */
-    if (desired < 8)
-      ERREXIT1(cinfo, JERR_QUANT_FEW_COLORS, 8);
-    /* Make sure colormap indexes can be represented by JSAMPLEs */
-    if (desired > MAXNUMCOLORS)
-      ERREXIT1(cinfo, JERR_QUANT_MANY_COLORS, MAXNUMCOLORS);
-    cquantize->sv_colormap = (*cinfo->mem->alloc_sarray)
-      ((j_common_ptr)cinfo, JPOOL_IMAGE, (JDIMENSION)desired, (JDIMENSION)3);
-    cquantize->desired = desired;
-  } else
-    cquantize->sv_colormap = NULL;
-
-  /* Only F-S dithering or no dithering is supported. */
-  /* If user asks for ordered dither, give them F-S. */
-  if (cinfo->dither_mode != JDITHER_NONE)
-    cinfo->dither_mode = JDITHER_FS;
-
-  /* Allocate Floyd-Steinberg workspace if necessary.
-   * This isn't really needed until pass 2, but again it may affect the memory
-   * manager's space calculations.  Although we will cope with a later change
-   * in dither_mode, we do not promise to honor max_memory_to_use if
-   * dither_mode changes.
-   */
-  if (cinfo->dither_mode == JDITHER_FS) {
-    cquantize->fserrors = (FSERRPTR)(*cinfo->mem->alloc_large)
-      ((j_common_ptr)cinfo, JPOOL_IMAGE,
-       (size_t)((cinfo->output_width + 2) * (3 * sizeof(FSERROR))));
-    /* Might as well create the error-limiting table too. */
-    init_error_limit(cinfo);
-  }
-}
-
-#endif /* QUANT_2PASS_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jsimd.h b/3rdparty/libjpeg-turbo_2_1_0/jsimd.h
deleted file mode 100644
index 6c20365..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jsimd.h
+++ /dev/null
@@ -1,123 +0,0 @@
-/*
- * jsimd.h
- *
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2011, 2014, D. R. Commander.
- * Copyright (C) 2015-2016, 2018, Matthieu Darbois.
- * Copyright (C) 2020, Arm Limited.
- *
- * Based on the x86 SIMD extension for IJG JPEG library,
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- * For conditions of distribution and use, see copyright notice in jsimdext.inc
- *
- */
-
-#include "jchuff.h"             /* Declarations shared with jcphuff.c */
-
-EXTERN(int) jsimd_can_rgb_ycc(void);
-EXTERN(int) jsimd_can_rgb_gray(void);
-EXTERN(int) jsimd_can_ycc_rgb(void);
-EXTERN(int) jsimd_can_ycc_rgb565(void);
-EXTERN(int) jsimd_c_can_null_convert(void);
-
-EXTERN(void) jsimd_rgb_ycc_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                                   JSAMPIMAGE output_buf,
-                                   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_rgb_gray_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                                    JSAMPIMAGE output_buf,
-                                    JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_ycc_rgb_convert(j_decompress_ptr cinfo,
-                                   JSAMPIMAGE input_buf, JDIMENSION input_row,
-                                   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_rgb565_convert(j_decompress_ptr cinfo,
-                                      JSAMPIMAGE input_buf,
-                                      JDIMENSION input_row,
-                                      JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_c_null_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                                  JSAMPIMAGE output_buf, JDIMENSION output_row,
-                                  int num_rows);
-
-EXTERN(int) jsimd_can_h2v2_downsample(void);
-EXTERN(int) jsimd_can_h2v1_downsample(void);
-
-EXTERN(void) jsimd_h2v2_downsample(j_compress_ptr cinfo,
-                                   jpeg_component_info *compptr,
-                                   JSAMPARRAY input_data,
-                                   JSAMPARRAY output_data);
-
-EXTERN(int) jsimd_can_h2v2_smooth_downsample(void);
-
-EXTERN(void) jsimd_h2v2_smooth_downsample(j_compress_ptr cinfo,
-                                          jpeg_component_info *compptr,
-                                          JSAMPARRAY input_data,
-                                          JSAMPARRAY output_data);
-
-EXTERN(void) jsimd_h2v1_downsample(j_compress_ptr cinfo,
-                                   jpeg_component_info *compptr,
-                                   JSAMPARRAY input_data,
-                                   JSAMPARRAY output_data);
-
-EXTERN(int) jsimd_can_h2v2_upsample(void);
-EXTERN(int) jsimd_can_h2v1_upsample(void);
-EXTERN(int) jsimd_can_int_upsample(void);
-
-EXTERN(void) jsimd_h2v2_upsample(j_decompress_ptr cinfo,
-                                 jpeg_component_info *compptr,
-                                 JSAMPARRAY input_data,
-                                 JSAMPARRAY *output_data_ptr);
-EXTERN(void) jsimd_h2v1_upsample(j_decompress_ptr cinfo,
-                                 jpeg_component_info *compptr,
-                                 JSAMPARRAY input_data,
-                                 JSAMPARRAY *output_data_ptr);
-EXTERN(void) jsimd_int_upsample(j_decompress_ptr cinfo,
-                                jpeg_component_info *compptr,
-                                JSAMPARRAY input_data,
-                                JSAMPARRAY *output_data_ptr);
-
-EXTERN(int) jsimd_can_h2v2_fancy_upsample(void);
-EXTERN(int) jsimd_can_h2v1_fancy_upsample(void);
-EXTERN(int) jsimd_can_h1v2_fancy_upsample(void);
-
-EXTERN(void) jsimd_h2v2_fancy_upsample(j_decompress_ptr cinfo,
-                                       jpeg_component_info *compptr,
-                                       JSAMPARRAY input_data,
-                                       JSAMPARRAY *output_data_ptr);
-EXTERN(void) jsimd_h2v1_fancy_upsample(j_decompress_ptr cinfo,
-                                       jpeg_component_info *compptr,
-                                       JSAMPARRAY input_data,
-                                       JSAMPARRAY *output_data_ptr);
-EXTERN(void) jsimd_h1v2_fancy_upsample(j_decompress_ptr cinfo,
-                                       jpeg_component_info *compptr,
-                                       JSAMPARRAY input_data,
-                                       JSAMPARRAY *output_data_ptr);
-
-EXTERN(int) jsimd_can_h2v2_merged_upsample(void);
-EXTERN(int) jsimd_can_h2v1_merged_upsample(void);
-
-EXTERN(void) jsimd_h2v2_merged_upsample(j_decompress_ptr cinfo,
-                                        JSAMPIMAGE input_buf,
-                                        JDIMENSION in_row_group_ctr,
-                                        JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_merged_upsample(j_decompress_ptr cinfo,
-                                        JSAMPIMAGE input_buf,
-                                        JDIMENSION in_row_group_ctr,
-                                        JSAMPARRAY output_buf);
-
-EXTERN(int) jsimd_can_huff_encode_one_block(void);
-
-EXTERN(JOCTET *) jsimd_huff_encode_one_block(void *state, JOCTET *buffer,
-                                             JCOEFPTR block, int last_dc_val,
-                                             c_derived_tbl *dctbl,
-                                             c_derived_tbl *actbl);
-
-EXTERN(int) jsimd_can_encode_mcu_AC_first_prepare(void);
-
-EXTERN(void) jsimd_encode_mcu_AC_first_prepare
-  (const JCOEF *block, const int *jpeg_natural_order_start, int Sl, int Al,
-   JCOEF *values, size_t *zerobits);
-
-EXTERN(int) jsimd_can_encode_mcu_AC_refine_prepare(void);
-
-EXTERN(int) jsimd_encode_mcu_AC_refine_prepare
-  (const JCOEF *block, const int *jpeg_natural_order_start, int Sl, int Al,
-   JCOEF *absvalues, size_t *bits);
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jsimd_none.c b/3rdparty/libjpeg-turbo_2_1_0/jsimd_none.c
deleted file mode 100644
index 5b38a9f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jsimd_none.c
+++ /dev/null
@@ -1,431 +0,0 @@
-/*
- * jsimd_none.c
- *
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2009-2011, 2014, D. R. Commander.
- * Copyright (C) 2015-2016, 2018, Matthieu Darbois.
- * Copyright (C) 2020, Arm Limited.
- *
- * Based on the x86 SIMD extension for IJG JPEG library,
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- * For conditions of distribution and use, see copyright notice in jsimdext.inc
- *
- * This file contains stubs for when there is no SIMD support available.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "jsimd.h"
-#include "jdct.h"
-#include "jsimddct.h"
-
-GLOBAL(int)
-jsimd_can_rgb_ycc(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_rgb_gray(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_ycc_rgb(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_ycc_rgb565(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_c_can_null_convert(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_rgb_ycc_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                      JSAMPIMAGE output_buf, JDIMENSION output_row,
-                      int num_rows)
-{
-}
-
-GLOBAL(void)
-jsimd_rgb_gray_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                       JSAMPIMAGE output_buf, JDIMENSION output_row,
-                       int num_rows)
-{
-}
-
-GLOBAL(void)
-jsimd_ycc_rgb_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                      JDIMENSION input_row, JSAMPARRAY output_buf,
-                      int num_rows)
-{
-}
-
-GLOBAL(void)
-jsimd_ycc_rgb565_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                         JDIMENSION input_row, JSAMPARRAY output_buf,
-                         int num_rows)
-{
-}
-
-GLOBAL(void)
-jsimd_c_null_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                     JSAMPIMAGE output_buf, JDIMENSION output_row,
-                     int num_rows)
-{
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_downsample(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_downsample(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_smooth_downsample(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                      JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-}
-
-GLOBAL(void)
-jsimd_h2v2_smooth_downsample(j_compress_ptr cinfo,
-                             jpeg_component_info *compptr,
-                             JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-}
-
-GLOBAL(void)
-jsimd_h2v1_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                      JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_upsample(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_upsample(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_int_upsample(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_int_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                   JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-}
-
-GLOBAL(void)
-jsimd_h2v2_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                    JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-}
-
-GLOBAL(void)
-jsimd_h2v1_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                    JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_fancy_upsample(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_fancy_upsample(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h1v2_fancy_upsample(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-}
-
-GLOBAL(void)
-jsimd_h2v1_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-}
-
-GLOBAL(void)
-jsimd_h1v2_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_merged_upsample(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_merged_upsample(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_merged_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                           JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-}
-
-GLOBAL(void)
-jsimd_h2v1_merged_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                           JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-}
-
-GLOBAL(int)
-jsimd_can_convsamp(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_convsamp_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_convsamp(JSAMPARRAY sample_data, JDIMENSION start_col,
-               DCTELEM *workspace)
-{
-}
-
-GLOBAL(void)
-jsimd_convsamp_float(JSAMPARRAY sample_data, JDIMENSION start_col,
-                     FAST_FLOAT *workspace)
-{
-}
-
-GLOBAL(int)
-jsimd_can_fdct_islow(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_fdct_ifast(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_fdct_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_fdct_islow(DCTELEM *data)
-{
-}
-
-GLOBAL(void)
-jsimd_fdct_ifast(DCTELEM *data)
-{
-}
-
-GLOBAL(void)
-jsimd_fdct_float(FAST_FLOAT *data)
-{
-}
-
-GLOBAL(int)
-jsimd_can_quantize(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_quantize_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_quantize(JCOEFPTR coef_block, DCTELEM *divisors, DCTELEM *workspace)
-{
-}
-
-GLOBAL(void)
-jsimd_quantize_float(JCOEFPTR coef_block, FAST_FLOAT *divisors,
-                     FAST_FLOAT *workspace)
-{
-}
-
-GLOBAL(int)
-jsimd_can_idct_2x2(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_4x4(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_6x6(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_12x12(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_idct_2x2(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-               JCOEFPTR coef_block, JSAMPARRAY output_buf,
-               JDIMENSION output_col)
-{
-}
-
-GLOBAL(void)
-jsimd_idct_4x4(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-               JCOEFPTR coef_block, JSAMPARRAY output_buf,
-               JDIMENSION output_col)
-{
-}
-
-GLOBAL(void)
-jsimd_idct_6x6(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-               JCOEFPTR coef_block, JSAMPARRAY output_buf,
-               JDIMENSION output_col)
-{
-}
-
-GLOBAL(void)
-jsimd_idct_12x12(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-}
-
-GLOBAL(int)
-jsimd_can_idct_islow(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_ifast(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_idct_islow(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-}
-
-GLOBAL(void)
-jsimd_idct_ifast(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-}
-
-GLOBAL(void)
-jsimd_idct_float(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-}
-
-GLOBAL(int)
-jsimd_can_huff_encode_one_block(void)
-{
-  return 0;
-}
-
-GLOBAL(JOCTET *)
-jsimd_huff_encode_one_block(void *state, JOCTET *buffer, JCOEFPTR block,
-                            int last_dc_val, c_derived_tbl *dctbl,
-                            c_derived_tbl *actbl)
-{
-  return NULL;
-}
-
-GLOBAL(int)
-jsimd_can_encode_mcu_AC_first_prepare(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_encode_mcu_AC_first_prepare(const JCOEF *block,
-                                  const int *jpeg_natural_order_start, int Sl,
-                                  int Al, JCOEF *values, size_t *zerobits)
-{
-}
-
-GLOBAL(int)
-jsimd_can_encode_mcu_AC_refine_prepare(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_encode_mcu_AC_refine_prepare(const JCOEF *block,
-                                   const int *jpeg_natural_order_start, int Sl,
-                                   int Al, JCOEF *absvalues, size_t *bits)
-{
-  return 0;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jsimddct.h b/3rdparty/libjpeg-turbo_2_1_0/jsimddct.h
deleted file mode 100644
index 55ee8cf..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jsimddct.h
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * jsimddct.h
- *
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- *
- * Based on the x86 SIMD extension for IJG JPEG library,
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- * For conditions of distribution and use, see copyright notice in jsimdext.inc
- *
- */
-
-EXTERN(int) jsimd_can_convsamp(void);
-EXTERN(int) jsimd_can_convsamp_float(void);
-
-EXTERN(void) jsimd_convsamp(JSAMPARRAY sample_data, JDIMENSION start_col,
-                            DCTELEM *workspace);
-EXTERN(void) jsimd_convsamp_float(JSAMPARRAY sample_data, JDIMENSION start_col,
-                                  FAST_FLOAT *workspace);
-
-EXTERN(int) jsimd_can_fdct_islow(void);
-EXTERN(int) jsimd_can_fdct_ifast(void);
-EXTERN(int) jsimd_can_fdct_float(void);
-
-EXTERN(void) jsimd_fdct_islow(DCTELEM *data);
-EXTERN(void) jsimd_fdct_ifast(DCTELEM *data);
-EXTERN(void) jsimd_fdct_float(FAST_FLOAT *data);
-
-EXTERN(int) jsimd_can_quantize(void);
-EXTERN(int) jsimd_can_quantize_float(void);
-
-EXTERN(void) jsimd_quantize(JCOEFPTR coef_block, DCTELEM *divisors,
-                            DCTELEM *workspace);
-EXTERN(void) jsimd_quantize_float(JCOEFPTR coef_block, FAST_FLOAT *divisors,
-                                  FAST_FLOAT *workspace);
-
-EXTERN(int) jsimd_can_idct_2x2(void);
-EXTERN(int) jsimd_can_idct_4x4(void);
-EXTERN(int) jsimd_can_idct_6x6(void);
-EXTERN(int) jsimd_can_idct_12x12(void);
-
-EXTERN(void) jsimd_idct_2x2(j_decompress_ptr cinfo,
-                            jpeg_component_info *compptr, JCOEFPTR coef_block,
-                            JSAMPARRAY output_buf, JDIMENSION output_col);
-EXTERN(void) jsimd_idct_4x4(j_decompress_ptr cinfo,
-                            jpeg_component_info *compptr, JCOEFPTR coef_block,
-                            JSAMPARRAY output_buf, JDIMENSION output_col);
-EXTERN(void) jsimd_idct_6x6(j_decompress_ptr cinfo,
-                            jpeg_component_info *compptr, JCOEFPTR coef_block,
-                            JSAMPARRAY output_buf, JDIMENSION output_col);
-EXTERN(void) jsimd_idct_12x12(j_decompress_ptr cinfo,
-                              jpeg_component_info *compptr,
-                              JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                              JDIMENSION output_col);
-
-EXTERN(int) jsimd_can_idct_islow(void);
-EXTERN(int) jsimd_can_idct_ifast(void);
-EXTERN(int) jsimd_can_idct_float(void);
-
-EXTERN(void) jsimd_idct_islow(j_decompress_ptr cinfo,
-                              jpeg_component_info *compptr,
-                              JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                              JDIMENSION output_col);
-EXTERN(void) jsimd_idct_ifast(j_decompress_ptr cinfo,
-                              jpeg_component_info *compptr,
-                              JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                              JDIMENSION output_col);
-EXTERN(void) jsimd_idct_float(j_decompress_ptr cinfo,
-                              jpeg_component_info *compptr,
-                              JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                              JDIMENSION output_col);
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jstdhuff.c b/3rdparty/libjpeg-turbo_2_1_0/jstdhuff.c
deleted file mode 100644
index 036d649..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jstdhuff.c
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * jstdhuff.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1998, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2013, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains routines to set the default Huffman tables, if they are
- * not already set.
- */
-
-/*
- * Huffman table setup routines
- */
-
-LOCAL(void)
-add_huff_table(j_common_ptr cinfo, JHUFF_TBL **htblptr, const UINT8 *bits,
-               const UINT8 *val)
-/* Define a Huffman table */
-{
-  int nsymbols, len;
-
-  if (*htblptr == NULL)
-    *htblptr = jpeg_alloc_huff_table(cinfo);
-  else
-    return;
-
-  /* Copy the number-of-symbols-of-each-code-length counts */
-  MEMCOPY((*htblptr)->bits, bits, sizeof((*htblptr)->bits));
-
-  /* Validate the counts.  We do this here mainly so we can copy the right
-   * number of symbols from the val[] array, without risking marching off
-   * the end of memory.  jchuff.c will do a more thorough test later.
-   */
-  nsymbols = 0;
-  for (len = 1; len <= 16; len++)
-    nsymbols += bits[len];
-  if (nsymbols < 1 || nsymbols > 256)
-    ERREXIT(cinfo, JERR_BAD_HUFF_TABLE);
-
-  MEMCOPY((*htblptr)->huffval, val, nsymbols * sizeof(UINT8));
-  MEMZERO(&((*htblptr)->huffval[nsymbols]), (256 - nsymbols) * sizeof(UINT8));
-
-  /* Initialize sent_table FALSE so table will be written to JPEG file. */
-  (*htblptr)->sent_table = FALSE;
-}
-
-
-LOCAL(void)
-std_huff_tables(j_common_ptr cinfo)
-/* Set up the standard Huffman tables (cf. JPEG standard section K.3) */
-/* IMPORTANT: these are only valid for 8-bit data precision! */
-{
-  JHUFF_TBL **dc_huff_tbl_ptrs, **ac_huff_tbl_ptrs;
-
-  static const UINT8 bits_dc_luminance[17] = {
-    /* 0-base */ 0, 0, 1, 5, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0
-  };
-  static const UINT8 val_dc_luminance[] = {
-    0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11
-  };
-
-  static const UINT8 bits_dc_chrominance[17] = {
-    /* 0-base */ 0, 0, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0
-  };
-  static const UINT8 val_dc_chrominance[] = {
-    0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11
-  };
-
-  static const UINT8 bits_ac_luminance[17] = {
-    /* 0-base */ 0, 0, 2, 1, 3, 3, 2, 4, 3, 5, 5, 4, 4, 0, 0, 1, 0x7d
-  };
-  static const UINT8 val_ac_luminance[] = {
-    0x01, 0x02, 0x03, 0x00, 0x04, 0x11, 0x05, 0x12,
-    0x21, 0x31, 0x41, 0x06, 0x13, 0x51, 0x61, 0x07,
-    0x22, 0x71, 0x14, 0x32, 0x81, 0x91, 0xa1, 0x08,
-    0x23, 0x42, 0xb1, 0xc1, 0x15, 0x52, 0xd1, 0xf0,
-    0x24, 0x33, 0x62, 0x72, 0x82, 0x09, 0x0a, 0x16,
-    0x17, 0x18, 0x19, 0x1a, 0x25, 0x26, 0x27, 0x28,
-    0x29, 0x2a, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39,
-    0x3a, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49,
-    0x4a, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59,
-    0x5a, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69,
-    0x6a, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79,
-    0x7a, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89,
-    0x8a, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98,
-    0x99, 0x9a, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
-    0xa8, 0xa9, 0xaa, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6,
-    0xb7, 0xb8, 0xb9, 0xba, 0xc2, 0xc3, 0xc4, 0xc5,
-    0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xd2, 0xd3, 0xd4,
-    0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xe1, 0xe2,
-    0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea,
-    0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8,
-    0xf9, 0xfa
-  };
-
-  static const UINT8 bits_ac_chrominance[17] = {
-    /* 0-base */ 0, 0, 2, 1, 2, 4, 4, 3, 4, 7, 5, 4, 4, 0, 1, 2, 0x77
-  };
-  static const UINT8 val_ac_chrominance[] = {
-    0x00, 0x01, 0x02, 0x03, 0x11, 0x04, 0x05, 0x21,
-    0x31, 0x06, 0x12, 0x41, 0x51, 0x07, 0x61, 0x71,
-    0x13, 0x22, 0x32, 0x81, 0x08, 0x14, 0x42, 0x91,
-    0xa1, 0xb1, 0xc1, 0x09, 0x23, 0x33, 0x52, 0xf0,
-    0x15, 0x62, 0x72, 0xd1, 0x0a, 0x16, 0x24, 0x34,
-    0xe1, 0x25, 0xf1, 0x17, 0x18, 0x19, 0x1a, 0x26,
-    0x27, 0x28, 0x29, 0x2a, 0x35, 0x36, 0x37, 0x38,
-    0x39, 0x3a, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48,
-    0x49, 0x4a, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58,
-    0x59, 0x5a, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68,
-    0x69, 0x6a, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78,
-    0x79, 0x7a, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
-    0x88, 0x89, 0x8a, 0x92, 0x93, 0x94, 0x95, 0x96,
-    0x97, 0x98, 0x99, 0x9a, 0xa2, 0xa3, 0xa4, 0xa5,
-    0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xb2, 0xb3, 0xb4,
-    0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xc2, 0xc3,
-    0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xd2,
-    0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda,
-    0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9,
-    0xea, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8,
-    0xf9, 0xfa
-  };
-
-  if (cinfo->is_decompressor) {
-    dc_huff_tbl_ptrs = ((j_decompress_ptr)cinfo)->dc_huff_tbl_ptrs;
-    ac_huff_tbl_ptrs = ((j_decompress_ptr)cinfo)->ac_huff_tbl_ptrs;
-  } else {
-    dc_huff_tbl_ptrs = ((j_compress_ptr)cinfo)->dc_huff_tbl_ptrs;
-    ac_huff_tbl_ptrs = ((j_compress_ptr)cinfo)->ac_huff_tbl_ptrs;
-  }
-
-  add_huff_table(cinfo, &dc_huff_tbl_ptrs[0], bits_dc_luminance,
-                 val_dc_luminance);
-  add_huff_table(cinfo, &ac_huff_tbl_ptrs[0], bits_ac_luminance,
-                 val_ac_luminance);
-  add_huff_table(cinfo, &dc_huff_tbl_ptrs[1], bits_dc_chrominance,
-                 val_dc_chrominance);
-  add_huff_table(cinfo, &ac_huff_tbl_ptrs[1], bits_ac_chrominance,
-                 val_ac_chrominance);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jutils.c b/3rdparty/libjpeg-turbo_2_1_0/jutils.c
deleted file mode 100644
index 5c5bb17..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jutils.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * jutils.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1996, Thomas G. Lane.
- * It was modified by The libjpeg-turbo Project to include only code
- * relevant to libjpeg-turbo.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains tables and miscellaneous utility routines needed
- * for both compression and decompression.
- * Note we prefix all global names with "j" to minimize conflicts with
- * a surrounding application.
- */
-
-#define JPEG_INTERNALS
-#include "jinclude.h"
-#include "jpeglib.h"
-
-
-/*
- * jpeg_zigzag_order[i] is the zigzag-order position of the i'th element
- * of a DCT block read in natural order (left to right, top to bottom).
- */
-
-#if 0                           /* This table is not actually needed in v6a */
-
-const int jpeg_zigzag_order[DCTSIZE2] = {
-   0,  1,  5,  6, 14, 15, 27, 28,
-   2,  4,  7, 13, 16, 26, 29, 42,
-   3,  8, 12, 17, 25, 30, 41, 43,
-   9, 11, 18, 24, 31, 40, 44, 53,
-  10, 19, 23, 32, 39, 45, 52, 54,
-  20, 22, 33, 38, 46, 51, 55, 60,
-  21, 34, 37, 47, 50, 56, 59, 61,
-  35, 36, 48, 49, 57, 58, 62, 63
-};
-
-#endif
-
-/*
- * jpeg_natural_order[i] is the natural-order position of the i'th element
- * of zigzag order.
- *
- * When reading corrupted data, the Huffman decoders could attempt
- * to reference an entry beyond the end of this array (if the decoded
- * zero run length reaches past the end of the block).  To prevent
- * wild stores without adding an inner-loop test, we put some extra
- * "63"s after the real entries.  This will cause the extra coefficient
- * to be stored in location 63 of the block, not somewhere random.
- * The worst case would be a run-length of 15, which means we need 16
- * fake entries.
- */
-
-const int jpeg_natural_order[DCTSIZE2 + 16] = {
-  0,  1,  8, 16,  9,  2,  3, 10,
- 17, 24, 32, 25, 18, 11,  4,  5,
- 12, 19, 26, 33, 40, 48, 41, 34,
- 27, 20, 13,  6,  7, 14, 21, 28,
- 35, 42, 49, 56, 57, 50, 43, 36,
- 29, 22, 15, 23, 30, 37, 44, 51,
- 58, 59, 52, 45, 38, 31, 39, 46,
- 53, 60, 61, 54, 47, 55, 62, 63,
- 63, 63, 63, 63, 63, 63, 63, 63, /* extra entries for safety in decoder */
- 63, 63, 63, 63, 63, 63, 63, 63
-};
-
-
-/*
- * Arithmetic utilities
- */
-
-GLOBAL(long)
-jdiv_round_up(long a, long b)
-/* Compute a/b rounded up to next integer, ie, ceil(a/b) */
-/* Assumes a >= 0, b > 0 */
-{
-  return (a + b - 1L) / b;
-}
-
-
-GLOBAL(long)
-jround_up(long a, long b)
-/* Compute a rounded up to next multiple of b, ie, ceil(a/b)*b */
-/* Assumes a >= 0, b > 0 */
-{
-  a += b - 1L;
-  return a - (a % b);
-}
-
-
-GLOBAL(void)
-jcopy_sample_rows(JSAMPARRAY input_array, int source_row,
-                  JSAMPARRAY output_array, int dest_row, int num_rows,
-                  JDIMENSION num_cols)
-/* Copy some rows of samples from one place to another.
- * num_rows rows are copied from input_array[source_row++]
- * to output_array[dest_row++]; these areas may overlap for duplication.
- * The source and destination arrays must be at least as wide as num_cols.
- */
-{
-  register JSAMPROW inptr, outptr;
-  register size_t count = (size_t)(num_cols * sizeof(JSAMPLE));
-  register int row;
-
-  input_array += source_row;
-  output_array += dest_row;
-
-  for (row = num_rows; row > 0; row--) {
-    inptr = *input_array++;
-    outptr = *output_array++;
-    MEMCOPY(outptr, inptr, count);
-  }
-}
-
-
-GLOBAL(void)
-jcopy_block_row(JBLOCKROW input_row, JBLOCKROW output_row,
-                JDIMENSION num_blocks)
-/* Copy a row of coefficient blocks from one place to another. */
-{
-  MEMCOPY(output_row, input_row, num_blocks * (DCTSIZE2 * sizeof(JCOEF)));
-}
-
-
-GLOBAL(void)
-jzero_far(void *target, size_t bytestozero)
-/* Zero out a chunk of memory. */
-/* This might be sample-array data, block-array data, or alloc_large data. */
-{
-  MEMZERO(target, bytestozero);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/jversion.h b/3rdparty/libjpeg-turbo_2_1_0/jversion.h
deleted file mode 100644
index 2ab534a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/jversion.h
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * jversion.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-2020, Thomas G. Lane, Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2010, 2012-2021, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains software version identification.
- */
-
-
-#if JPEG_LIB_VERSION >= 80
-
-#define JVERSION        "8d  15-Jan-2012"
-
-#elif JPEG_LIB_VERSION >= 70
-
-#define JVERSION        "7  27-Jun-2009"
-
-#else
-
-#define JVERSION        "6b  27-Mar-1998"
-
-#endif
-
-/*
- * NOTE: It is our convention to place the authors in the following order:
- * - libjpeg-turbo authors (2009-) in descending order of the date of their
- *   most recent contribution to the project, then in ascending order of the
- *   date of their first contribution to the project, then in alphabetical
- *   order
- * - Upstream authors in descending order of the date of the first inclusion of
- *   their code
- */
-
-#define JCOPYRIGHT \
-  "Copyright (C) 2009-2021 D. R. Commander\n" \
-  "Copyright (C) 2015, 2020 Google, Inc.\n" \
-  "Copyright (C) 2019-2020 Arm Limited\n" \
-  "Copyright (C) 2015-2016, 2018 Matthieu Darbois\n" \
-  "Copyright (C) 2011-2016 Siarhei Siamashka\n" \
-  "Copyright (C) 2015 Intel Corporation\n" \
-  "Copyright (C) 2013-2014 Linaro Limited\n" \
-  "Copyright (C) 2013-2014 MIPS Technologies, Inc.\n" \
-  "Copyright (C) 2009, 2012 Pierre Ossman for Cendio AB\n" \
-  "Copyright (C) 2009-2011 Nokia Corporation and/or its subsidiary(-ies)\n" \
-  "Copyright (C) 1999-2006 MIYASAKA Masaru\n" \
-  "Copyright (C) 1991-2020 Thomas G. Lane, Guido Vollbeding"
-
-#define JCOPYRIGHT_SHORT \
-  "Copyright (C) 1991-2021 The libjpeg-turbo Project and many others"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/libjpeg.map.in b/3rdparty/libjpeg-turbo_2_1_0/libjpeg.map.in
deleted file mode 100644
index b4480d8..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/libjpeg.map.in
+++ /dev/null
@@ -1,11 +0,0 @@
-LIBJPEGTURBO_@JPEG_LIB_VERSION_DECIMAL@ {
-  @MEM_SRCDST_FUNCTIONS@
-  local:
-    jsimd_*;
-    jconst_*;
-};
-
-LIBJPEG_@JPEG_LIB_VERSION_DECIMAL@ {
-  global:
-    *;
-};
diff --git a/3rdparty/libjpeg-turbo_2_1_0/libjpeg.txt b/3rdparty/libjpeg-turbo_2_1_0/libjpeg.txt
deleted file mode 100644
index 3c680b5..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/libjpeg.txt
+++ /dev/null
@@ -1,3162 +0,0 @@
-USING THE IJG JPEG LIBRARY
-
-This file was part of the Independent JPEG Group's software:
-Copyright (C) 1994-2013, Thomas G. Lane, Guido Vollbeding.
-libjpeg-turbo Modifications:
-Copyright (C) 2010, 2014-2018, 2020, D. R. Commander.
-Copyright (C) 2015, Google, Inc.
-For conditions of distribution and use, see the accompanying README.ijg file.
-
-
-This file describes how to use the IJG JPEG library within an application
-program.  Read it if you want to write a program that uses the library.
-
-The file example.txt provides heavily commented skeleton code for calling the
-JPEG library.  Also see jpeglib.h (the include file to be used by application
-programs) for full details about data structures and function parameter lists.
-The library source code, of course, is the ultimate reference.
-
-Note that there have been *major* changes from the application interface
-presented by IJG version 4 and earlier versions.  The old design had several
-inherent limitations, and it had accumulated a lot of cruft as we added
-features while trying to minimize application-interface changes.  We have
-sacrificed backward compatibility in the version 5 rewrite, but we think the
-improvements justify this.
-
-
-TABLE OF CONTENTS
------------------
-
-Overview:
-        Functions provided by the library
-        Outline of typical usage
-Basic library usage:
-        Data formats
-        Compression details
-        Decompression details
-        Partial image decompression
-        Mechanics of usage: include files, linking, etc
-Advanced features:
-        Compression parameter selection
-        Decompression parameter selection
-        Special color spaces
-        Error handling
-        Compressed data handling (source and destination managers)
-        I/O suspension
-        Progressive JPEG support
-        Buffered-image mode
-        Abbreviated datastreams and multiple images
-        Special markers
-        ICC profiles
-        Raw (downsampled) image data
-        Really raw data: DCT coefficients
-        Progress monitoring
-        Memory management
-        Memory usage
-        Library compile-time options
-        Portability considerations
-
-You should read at least the overview and basic usage sections before trying
-to program with the library.  The sections on advanced features can be read
-if and when you need them.
-
-
-OVERVIEW
-========
-
-Functions provided by the library
----------------------------------
-
-The IJG JPEG library provides C code to read and write JPEG-compressed image
-files.  The surrounding application program receives or supplies image data a
-scanline at a time, using a straightforward uncompressed image format.  All
-details of color conversion and other preprocessing/postprocessing can be
-handled by the library.
-
-The library includes a substantial amount of code that is not covered by the
-JPEG standard but is necessary for typical applications of JPEG.  These
-functions preprocess the image before JPEG compression or postprocess it after
-decompression.  They include colorspace conversion, downsampling/upsampling,
-and color quantization.  The application indirectly selects use of this code
-by specifying the format in which it wishes to supply or receive image data.
-For example, if colormapped output is requested, then the decompression
-library automatically invokes color quantization.
-
-A wide range of quality vs. speed tradeoffs are possible in JPEG processing,
-and even more so in decompression postprocessing.  The decompression library
-provides multiple implementations that cover most of the useful tradeoffs,
-ranging from very-high-quality down to fast-preview operation.  On the
-compression side we have generally not provided low-quality choices, since
-compression is normally less time-critical.  It should be understood that the
-low-quality modes may not meet the JPEG standard's accuracy requirements;
-nonetheless, they are useful for viewers.
-
-A word about functions *not* provided by the library.  We handle a subset of
-the ISO JPEG standard; most baseline, extended-sequential, and progressive
-JPEG processes are supported.  (Our subset includes all features now in common
-use.)  Unsupported ISO options include:
-        * Hierarchical storage
-        * Lossless JPEG
-        * DNL marker
-        * Nonintegral subsampling ratios
-We support both 8- and 12-bit data precision, but this is a compile-time
-choice rather than a run-time choice; hence it is difficult to use both
-precisions in a single application.
-
-By itself, the library handles only interchange JPEG datastreams --- in
-particular the widely used JFIF file format.  The library can be used by
-surrounding code to process interchange or abbreviated JPEG datastreams that
-are embedded in more complex file formats.  (For example, this library is
-used by the free LIBTIFF library to support JPEG compression in TIFF.)
-
-
-Outline of typical usage
-------------------------
-
-The rough outline of a JPEG compression operation is:
-
-        Allocate and initialize a JPEG compression object
-        Specify the destination for the compressed data (eg, a file)
-        Set parameters for compression, including image size & colorspace
-        jpeg_start_compress(...);
-        while (scan lines remain to be written)
-                jpeg_write_scanlines(...);
-        jpeg_finish_compress(...);
-        Release the JPEG compression object
-
-A JPEG compression object holds parameters and working state for the JPEG
-library.  We make creation/destruction of the object separate from starting
-or finishing compression of an image; the same object can be re-used for a
-series of image compression operations.  This makes it easy to re-use the
-same parameter settings for a sequence of images.  Re-use of a JPEG object
-also has important implications for processing abbreviated JPEG datastreams,
-as discussed later.
-
-The image data to be compressed is supplied to jpeg_write_scanlines() from
-in-memory buffers.  If the application is doing file-to-file compression,
-reading image data from the source file is the application's responsibility.
-The library emits compressed data by calling a "data destination manager",
-which typically will write the data into a file; but the application can
-provide its own destination manager to do something else.
-
-Similarly, the rough outline of a JPEG decompression operation is:
-
-        Allocate and initialize a JPEG decompression object
-        Specify the source of the compressed data (eg, a file)
-        Call jpeg_read_header() to obtain image info
-        Set parameters for decompression
-        jpeg_start_decompress(...);
-        while (scan lines remain to be read)
-                jpeg_read_scanlines(...);
-        jpeg_finish_decompress(...);
-        Release the JPEG decompression object
-
-This is comparable to the compression outline except that reading the
-datastream header is a separate step.  This is helpful because information
-about the image's size, colorspace, etc is available when the application
-selects decompression parameters.  For example, the application can choose an
-output scaling ratio that will fit the image into the available screen size.
-
-The decompression library obtains compressed data by calling a data source
-manager, which typically will read the data from a file; but other behaviors
-can be obtained with a custom source manager.  Decompressed data is delivered
-into in-memory buffers passed to jpeg_read_scanlines().
-
-It is possible to abort an incomplete compression or decompression operation
-by calling jpeg_abort(); or, if you do not need to retain the JPEG object,
-simply release it by calling jpeg_destroy().
-
-JPEG compression and decompression objects are two separate struct types.
-However, they share some common fields, and certain routines such as
-jpeg_destroy() can work on either type of object.
-
-The JPEG library has no static variables: all state is in the compression
-or decompression object.  Therefore it is possible to process multiple
-compression and decompression operations concurrently, using multiple JPEG
-objects.
-
-Both compression and decompression can be done in an incremental memory-to-
-memory fashion, if suitable source/destination managers are used.  See the
-section on "I/O suspension" for more details.
-
-
-BASIC LIBRARY USAGE
-===================
-
-Data formats
-------------
-
-Before diving into procedural details, it is helpful to understand the
-image data format that the JPEG library expects or returns.
-
-The standard input image format is a rectangular array of pixels, with each
-pixel having the same number of "component" or "sample" values (color
-channels).  You must specify how many components there are and the colorspace
-interpretation of the components.  Most applications will use RGB data
-(three components per pixel) or grayscale data (one component per pixel).
-PLEASE NOTE THAT RGB DATA IS THREE SAMPLES PER PIXEL, GRAYSCALE ONLY ONE.
-A remarkable number of people manage to miss this, only to find that their
-programs don't work with grayscale JPEG files.
-
-There is no provision for colormapped input.  JPEG files are always full-color
-or full grayscale (or sometimes another colorspace such as CMYK).  You can
-feed in a colormapped image by expanding it to full-color format.  However
-JPEG often doesn't work very well with source data that has been colormapped,
-because of dithering noise.  This is discussed in more detail in the JPEG FAQ
-and the other references mentioned in the README.ijg file.
-
-Pixels are stored by scanlines, with each scanline running from left to
-right.  The component values for each pixel are adjacent in the row; for
-example, R,G,B,R,G,B,R,G,B,... for 24-bit RGB color.  Each scanline is an
-array of data type JSAMPLE --- which is typically "unsigned char", unless
-you've changed jmorecfg.h.  (You can also change the RGB pixel layout, say
-to B,G,R order, by modifying jmorecfg.h.  But see the restrictions listed in
-that file before doing so.)
-
-A 2-D array of pixels is formed by making a list of pointers to the starts of
-scanlines; so the scanlines need not be physically adjacent in memory.  Even
-if you process just one scanline at a time, you must make a one-element
-pointer array to conform to this structure.  Pointers to JSAMPLE rows are of
-type JSAMPROW, and the pointer to the pointer array is of type JSAMPARRAY.
-
-The library accepts or supplies one or more complete scanlines per call.
-It is not possible to process part of a row at a time.  Scanlines are always
-processed top-to-bottom.  You can process an entire image in one call if you
-have it all in memory, but usually it's simplest to process one scanline at
-a time.
-
-For best results, source data values should have the precision specified by
-BITS_IN_JSAMPLE (normally 8 bits).  For instance, if you choose to compress
-data that's only 6 bits/channel, you should left-justify each value in a
-byte before passing it to the compressor.  If you need to compress data
-that has more than 8 bits/channel, compile with BITS_IN_JSAMPLE = 12.
-(See "Library compile-time options", later.)
-
-
-The data format returned by the decompressor is the same in all details,
-except that colormapped output is supported.  (Again, a JPEG file is never
-colormapped.  But you can ask the decompressor to perform on-the-fly color
-quantization to deliver colormapped output.)  If you request colormapped
-output then the returned data array contains a single JSAMPLE per pixel;
-its value is an index into a color map.  The color map is represented as
-a 2-D JSAMPARRAY in which each row holds the values of one color component,
-that is, colormap[i][j] is the value of the i'th color component for pixel
-value (map index) j.  Note that since the colormap indexes are stored in
-JSAMPLEs, the maximum number of colors is limited by the size of JSAMPLE
-(ie, at most 256 colors for an 8-bit JPEG library).
-
-
-Compression details
--------------------
-
-Here we revisit the JPEG compression outline given in the overview.
-
-1. Allocate and initialize a JPEG compression object.
-
-A JPEG compression object is a "struct jpeg_compress_struct".  (It also has
-a bunch of subsidiary structures which are allocated via malloc(), but the
-application doesn't control those directly.)  This struct can be just a local
-variable in the calling routine, if a single routine is going to execute the
-whole JPEG compression sequence.  Otherwise it can be static or allocated
-from malloc().
-
-You will also need a structure representing a JPEG error handler.  The part
-of this that the library cares about is a "struct jpeg_error_mgr".  If you
-are providing your own error handler, you'll typically want to embed the
-jpeg_error_mgr struct in a larger structure; this is discussed later under
-"Error handling".  For now we'll assume you are just using the default error
-handler.  The default error handler will print JPEG error/warning messages
-on stderr, and it will call exit() if a fatal error occurs.
-
-You must initialize the error handler structure, store a pointer to it into
-the JPEG object's "err" field, and then call jpeg_create_compress() to
-initialize the rest of the JPEG object.
-
-Typical code for this step, if you are using the default error handler, is
-
-        struct jpeg_compress_struct cinfo;
-        struct jpeg_error_mgr jerr;
-        ...
-        cinfo.err = jpeg_std_error(&jerr);
-        jpeg_create_compress(&cinfo);
-
-jpeg_create_compress allocates a small amount of memory, so it could fail
-if you are out of memory.  In that case it will exit via the error handler;
-that's why the error handler must be initialized first.
-
-
-2. Specify the destination for the compressed data (eg, a file).
-
-As previously mentioned, the JPEG library delivers compressed data to a
-"data destination" module.  The library includes one data destination
-module which knows how to write to a stdio stream.  You can use your own
-destination module if you want to do something else, as discussed later.
-
-If you use the standard destination module, you must open the target stdio
-stream beforehand.  Typical code for this step looks like:
-
-        FILE *outfile;
-        ...
-        if ((outfile = fopen(filename, "wb")) == NULL) {
-            fprintf(stderr, "can't open %s\n", filename);
-            exit(1);
-        }
-        jpeg_stdio_dest(&cinfo, outfile);
-
-where the last line invokes the standard destination module.
-
-WARNING: it is critical that the binary compressed data be delivered to the
-output file unchanged.  On non-Unix systems the stdio library may perform
-newline translation or otherwise corrupt binary data.  To suppress this
-behavior, you may need to use a "b" option to fopen (as shown above), or use
-setmode() or another routine to put the stdio stream in binary mode.  See
-cjpeg.c and djpeg.c for code that has been found to work on many systems.
-
-You can select the data destination after setting other parameters (step 3),
-if that's more convenient.  You may not change the destination between
-calling jpeg_start_compress() and jpeg_finish_compress().
-
-
-3. Set parameters for compression, including image size & colorspace.
-
-You must supply information about the source image by setting the following
-fields in the JPEG object (cinfo structure):
-
-        image_width             Width of image, in pixels
-        image_height            Height of image, in pixels
-        input_components        Number of color channels (samples per pixel)
-        in_color_space          Color space of source image
-
-The image dimensions are, hopefully, obvious.  JPEG supports image dimensions
-of 1 to 64K pixels in either direction.  The input color space is typically
-RGB or grayscale, and input_components is 3 or 1 accordingly.  (See "Special
-color spaces", later, for more info.)  The in_color_space field must be
-assigned one of the J_COLOR_SPACE enum constants, typically JCS_RGB or
-JCS_GRAYSCALE.
-
-JPEG has a large number of compression parameters that determine how the
-image is encoded.  Most applications don't need or want to know about all
-these parameters.  You can set all the parameters to reasonable defaults by
-calling jpeg_set_defaults(); then, if there are particular values you want
-to change, you can do so after that.  The "Compression parameter selection"
-section tells about all the parameters.
-
-You must set in_color_space correctly before calling jpeg_set_defaults(),
-because the defaults depend on the source image colorspace.  However the
-other three source image parameters need not be valid until you call
-jpeg_start_compress().  There's no harm in calling jpeg_set_defaults() more
-than once, if that happens to be convenient.
-
-Typical code for a 24-bit RGB source image is
-
-        cinfo.image_width = Width;      /* image width and height, in pixels */
-        cinfo.image_height = Height;
-        cinfo.input_components = 3;     /* # of color components per pixel */
-        cinfo.in_color_space = JCS_RGB; /* colorspace of input image */
-
-        jpeg_set_defaults(&cinfo);
-        /* Make optional parameter settings here */
-
-
-4. jpeg_start_compress(...);
-
-After you have established the data destination and set all the necessary
-source image info and other parameters, call jpeg_start_compress() to begin
-a compression cycle.  This will initialize internal state, allocate working
-storage, and emit the first few bytes of the JPEG datastream header.
-
-Typical code:
-
-        jpeg_start_compress(&cinfo, TRUE);
-
-The "TRUE" parameter ensures that a complete JPEG interchange datastream
-will be written.  This is appropriate in most cases.  If you think you might
-want to use an abbreviated datastream, read the section on abbreviated
-datastreams, below.
-
-Once you have called jpeg_start_compress(), you may not alter any JPEG
-parameters or other fields of the JPEG object until you have completed
-the compression cycle.
-
-
-5. while (scan lines remain to be written)
-        jpeg_write_scanlines(...);
-
-Now write all the required image data by calling jpeg_write_scanlines()
-one or more times.  You can pass one or more scanlines in each call, up
-to the total image height.  In most applications it is convenient to pass
-just one or a few scanlines at a time.  The expected format for the passed
-data is discussed under "Data formats", above.
-
-Image data should be written in top-to-bottom scanline order.
-Rec. ITU-T T.81 | ISO/IEC 10918-1 says, "Applications determine which edges of
-a source image are defined as top, bottom, left, and right."  However, if you
-want your files to be compatible with everyone else's, then top-to-bottom order
-must be used.  If the source data must be read in bottom-to-top order, then you
-can use the JPEG library's virtual array mechanism to invert the data
-efficiently.  Examples of this can be found in the sample application cjpeg.
-
-The library maintains a count of the number of scanlines written so far
-in the next_scanline field of the JPEG object.  Usually you can just use
-this variable as the loop counter, so that the loop test looks like
-"while (cinfo.next_scanline < cinfo.image_height)".
-
-Code for this step depends heavily on the way that you store the source data.
-example.txt shows the following code for the case of a full-size 2-D source
-array containing 3-byte RGB pixels:
-
-        JSAMPROW row_pointer[1];        /* pointer to a single row */
-        int row_stride;                 /* physical row width in buffer */
-
-        row_stride = image_width * 3;   /* JSAMPLEs per row in image_buffer */
-
-        while (cinfo.next_scanline < cinfo.image_height) {
-            row_pointer[0] = &image_buffer[cinfo.next_scanline * row_stride];
-            jpeg_write_scanlines(&cinfo, row_pointer, 1);
-        }
-
-jpeg_write_scanlines() returns the number of scanlines actually written.
-This will normally be equal to the number passed in, so you can usually
-ignore the return value.  It is different in just two cases:
-  * If you try to write more scanlines than the declared image height,
-    the additional scanlines are ignored.
-  * If you use a suspending data destination manager, output buffer overrun
-    will cause the compressor to return before accepting all the passed lines.
-    This feature is discussed under "I/O suspension", below.  The normal
-    stdio destination manager will NOT cause this to happen.
-In any case, the return value is the same as the change in the value of
-next_scanline.
-
-
-6. jpeg_finish_compress(...);
-
-After all the image data has been written, call jpeg_finish_compress() to
-complete the compression cycle.  This step is ESSENTIAL to ensure that the
-last bufferload of data is written to the data destination.
-jpeg_finish_compress() also releases working memory associated with the JPEG
-object.
-
-Typical code:
-
-        jpeg_finish_compress(&cinfo);
-
-If using the stdio destination manager, don't forget to close the output
-stdio stream (if necessary) afterwards.
-
-If you have requested a multi-pass operating mode, such as Huffman code
-optimization, jpeg_finish_compress() will perform the additional passes using
-data buffered by the first pass.  In this case jpeg_finish_compress() may take
-quite a while to complete.  With the default compression parameters, this will
-not happen.
-
-It is an error to call jpeg_finish_compress() before writing the necessary
-total number of scanlines.  If you wish to abort compression, call
-jpeg_abort() as discussed below.
-
-After completing a compression cycle, you may dispose of the JPEG object
-as discussed next, or you may use it to compress another image.  In that case
-return to step 2, 3, or 4 as appropriate.  If you do not change the
-destination manager, the new datastream will be written to the same target.
-If you do not change any JPEG parameters, the new datastream will be written
-with the same parameters as before.  Note that you can change the input image
-dimensions freely between cycles, but if you change the input colorspace, you
-should call jpeg_set_defaults() to adjust for the new colorspace; and then
-you'll need to repeat all of step 3.
-
-
-7. Release the JPEG compression object.
-
-When you are done with a JPEG compression object, destroy it by calling
-jpeg_destroy_compress().  This will free all subsidiary memory (regardless of
-the previous state of the object).  Or you can call jpeg_destroy(), which
-works for either compression or decompression objects --- this may be more
-convenient if you are sharing code between compression and decompression
-cases.  (Actually, these routines are equivalent except for the declared type
-of the passed pointer.  To avoid gripes from ANSI C compilers, jpeg_destroy()
-should be passed a j_common_ptr.)
-
-If you allocated the jpeg_compress_struct structure from malloc(), freeing
-it is your responsibility --- jpeg_destroy() won't.  Ditto for the error
-handler structure.
-
-Typical code:
-
-        jpeg_destroy_compress(&cinfo);
-
-
-8. Aborting.
-
-If you decide to abort a compression cycle before finishing, you can clean up
-in either of two ways:
-
-* If you don't need the JPEG object any more, just call
-  jpeg_destroy_compress() or jpeg_destroy() to release memory.  This is
-  legitimate at any point after calling jpeg_create_compress() --- in fact,
-  it's safe even if jpeg_create_compress() fails.
-
-* If you want to re-use the JPEG object, call jpeg_abort_compress(), or call
-  jpeg_abort() which works on both compression and decompression objects.
-  This will return the object to an idle state, releasing any working memory.
-  jpeg_abort() is allowed at any time after successful object creation.
-
-Note that cleaning up the data destination, if required, is your
-responsibility; neither of these routines will call term_destination().
-(See "Compressed data handling", below, for more about that.)
-
-jpeg_destroy() and jpeg_abort() are the only safe calls to make on a JPEG
-object that has reported an error by calling error_exit (see "Error handling"
-for more info).  The internal state of such an object is likely to be out of
-whack.  Either of these two routines will return the object to a known state.
-
-
-Decompression details
----------------------
-
-Here we revisit the JPEG decompression outline given in the overview.
-
-1. Allocate and initialize a JPEG decompression object.
-
-This is just like initialization for compression, as discussed above,
-except that the object is a "struct jpeg_decompress_struct" and you
-call jpeg_create_decompress().  Error handling is exactly the same.
-
-Typical code:
-
-        struct jpeg_decompress_struct cinfo;
-        struct jpeg_error_mgr jerr;
-        ...
-        cinfo.err = jpeg_std_error(&jerr);
-        jpeg_create_decompress(&cinfo);
-
-(Both here and in the IJG code, we usually use variable name "cinfo" for
-both compression and decompression objects.)
-
-
-2. Specify the source of the compressed data (eg, a file).
-
-As previously mentioned, the JPEG library reads compressed data from a "data
-source" module.  The library includes one data source module which knows how
-to read from a stdio stream.  You can use your own source module if you want
-to do something else, as discussed later.
-
-If you use the standard source module, you must open the source stdio stream
-beforehand.  Typical code for this step looks like:
-
-        FILE *infile;
-        ...
-        if ((infile = fopen(filename, "rb")) == NULL) {
-            fprintf(stderr, "can't open %s\n", filename);
-            exit(1);
-        }
-        jpeg_stdio_src(&cinfo, infile);
-
-where the last line invokes the standard source module.
-
-WARNING: it is critical that the binary compressed data be read unchanged.
-On non-Unix systems the stdio library may perform newline translation or
-otherwise corrupt binary data.  To suppress this behavior, you may need to use
-a "b" option to fopen (as shown above), or use setmode() or another routine to
-put the stdio stream in binary mode.  See cjpeg.c and djpeg.c for code that
-has been found to work on many systems.
-
-You may not change the data source between calling jpeg_read_header() and
-jpeg_finish_decompress().  If you wish to read a series of JPEG images from
-a single source file, you should repeat the jpeg_read_header() to
-jpeg_finish_decompress() sequence without reinitializing either the JPEG
-object or the data source module; this prevents buffered input data from
-being discarded.
-
-
-3. Call jpeg_read_header() to obtain image info.
-
-Typical code for this step is just
-
-        jpeg_read_header(&cinfo, TRUE);
-
-This will read the source datastream header markers, up to the beginning
-of the compressed data proper.  On return, the image dimensions and other
-info have been stored in the JPEG object.  The application may wish to
-consult this information before selecting decompression parameters.
-
-More complex code is necessary if
-  * A suspending data source is used --- in that case jpeg_read_header()
-    may return before it has read all the header data.  See "I/O suspension",
-    below.  The normal stdio source manager will NOT cause this to happen.
-  * Abbreviated JPEG files are to be processed --- see the section on
-    abbreviated datastreams.  Standard applications that deal only in
-    interchange JPEG files need not be concerned with this case either.
-
-It is permissible to stop at this point if you just wanted to find out the
-image dimensions and other header info for a JPEG file.  In that case,
-call jpeg_destroy() when you are done with the JPEG object, or call
-jpeg_abort() to return it to an idle state before selecting a new data
-source and reading another header.
-
-
-4. Set parameters for decompression.
-
-jpeg_read_header() sets appropriate default decompression parameters based on
-the properties of the image (in particular, its colorspace).  However, you
-may well want to alter these defaults before beginning the decompression.
-For example, the default is to produce full color output from a color file.
-If you want colormapped output you must ask for it.  Other options allow the
-returned image to be scaled and allow various speed/quality tradeoffs to be
-selected.  "Decompression parameter selection", below, gives details.
-
-If the defaults are appropriate, nothing need be done at this step.
-
-Note that all default values are set by each call to jpeg_read_header().
-If you reuse a decompression object, you cannot expect your parameter
-settings to be preserved across cycles, as you can for compression.
-You must set desired parameter values each time.
-
-
-5. jpeg_start_decompress(...);
-
-Once the parameter values are satisfactory, call jpeg_start_decompress() to
-begin decompression.  This will initialize internal state, allocate working
-memory, and prepare for returning data.
-
-Typical code is just
-
-        jpeg_start_decompress(&cinfo);
-
-If you have requested a multi-pass operating mode, such as 2-pass color
-quantization, jpeg_start_decompress() will do everything needed before data
-output can begin.  In this case jpeg_start_decompress() may take quite a while
-to complete.  With a single-scan (non progressive) JPEG file and default
-decompression parameters, this will not happen; jpeg_start_decompress() will
-return quickly.
-
-After this call, the final output image dimensions, including any requested
-scaling, are available in the JPEG object; so is the selected colormap, if
-colormapped output has been requested.  Useful fields include
-
-        output_width            image width and height, as scaled
-        output_height
-        out_color_components    # of color components in out_color_space
-        output_components       # of color components returned per pixel
-        colormap                the selected colormap, if any
-        actual_number_of_colors         number of entries in colormap
-
-output_components is 1 (a colormap index) when quantizing colors; otherwise it
-equals out_color_components.  It is the number of JSAMPLE values that will be
-emitted per pixel in the output arrays.
-
-Typically you will need to allocate data buffers to hold the incoming image.
-You will need output_width * output_components JSAMPLEs per scanline in your
-output buffer, and a total of output_height scanlines will be returned.
-
-Note: if you are using the JPEG library's internal memory manager to allocate
-data buffers (as djpeg does), then the manager's protocol requires that you
-request large buffers *before* calling jpeg_start_decompress().  This is a
-little tricky since the output_XXX fields are not normally valid then.  You
-can make them valid by calling jpeg_calc_output_dimensions() after setting the
-relevant parameters (scaling, output color space, and quantization flag).
-
-
-6. while (scan lines remain to be read)
-        jpeg_read_scanlines(...);
-
-Now you can read the decompressed image data by calling jpeg_read_scanlines()
-one or more times.  At each call, you pass in the maximum number of scanlines
-to be read (ie, the height of your working buffer); jpeg_read_scanlines()
-will return up to that many lines.  The return value is the number of lines
-actually read.  The format of the returned data is discussed under "Data
-formats", above.  Don't forget that grayscale and color JPEGs will return
-different data formats!
-
-Image data is returned in top-to-bottom scanline order.  If you must write
-out the image in bottom-to-top order, you can use the JPEG library's virtual
-array mechanism to invert the data efficiently.  Examples of this can be
-found in the sample application djpeg.
-
-The library maintains a count of the number of scanlines returned so far
-in the output_scanline field of the JPEG object.  Usually you can just use
-this variable as the loop counter, so that the loop test looks like
-"while (cinfo.output_scanline < cinfo.output_height)".  (Note that the test
-should NOT be against image_height, unless you never use scaling.  The
-image_height field is the height of the original unscaled image.)
-The return value always equals the change in the value of output_scanline.
-
-If you don't use a suspending data source, it is safe to assume that
-jpeg_read_scanlines() reads at least one scanline per call, until the
-bottom of the image has been reached.
-
-If you use a buffer larger than one scanline, it is NOT safe to assume that
-jpeg_read_scanlines() fills it.  (The current implementation returns only a
-few scanlines per call, no matter how large a buffer you pass.)  So you must
-always provide a loop that calls jpeg_read_scanlines() repeatedly until the
-whole image has been read.
-
-
-7. jpeg_finish_decompress(...);
-
-After all the image data has been read, call jpeg_finish_decompress() to
-complete the decompression cycle.  This causes working memory associated
-with the JPEG object to be released.
-
-Typical code:
-
-        jpeg_finish_decompress(&cinfo);
-
-If using the stdio source manager, don't forget to close the source stdio
-stream if necessary.
-
-It is an error to call jpeg_finish_decompress() before reading the correct
-total number of scanlines.  If you wish to abort decompression, call
-jpeg_abort() as discussed below.
-
-After completing a decompression cycle, you may dispose of the JPEG object as
-discussed next, or you may use it to decompress another image.  In that case
-return to step 2 or 3 as appropriate.  If you do not change the source
-manager, the next image will be read from the same source.
-
-
-8. Release the JPEG decompression object.
-
-When you are done with a JPEG decompression object, destroy it by calling
-jpeg_destroy_decompress() or jpeg_destroy().  The previous discussion of
-destroying compression objects applies here too.
-
-Typical code:
-
-        jpeg_destroy_decompress(&cinfo);
-
-
-9. Aborting.
-
-You can abort a decompression cycle by calling jpeg_destroy_decompress() or
-jpeg_destroy() if you don't need the JPEG object any more, or
-jpeg_abort_decompress() or jpeg_abort() if you want to reuse the object.
-The previous discussion of aborting compression cycles applies here too.
-
-
-Partial image decompression
----------------------------
-
-Partial image decompression is convenient for performance-critical applications
-that wish to view only a portion of a large JPEG image without decompressing
-the whole thing.  It it also useful in memory-constrained environments (such as
-on mobile devices.)  This library provides the following functions to support
-partial image decompression:
-
-1. Skipping rows when decompressing
-
-        jpeg_skip_scanlines(j_decompress_ptr cinfo, JDIMENSION num_lines);
-
-This function provides application programmers with the ability to skip over
-multiple rows in the JPEG image.
-
-Suspending data sources are not supported by this function.  Calling
-jpeg_skip_scanlines() with a suspending data source will result in undefined
-behavior.  Two-pass color quantization is also not supported by this function.
-Calling jpeg_skip_scanlines() with two-pass color quantization enabled will
-result in an error.
-
-jpeg_skip_scanlines() will not allow skipping past the bottom of the image.  If
-the value of num_lines is large enough to skip past the bottom of the image,
-then the function will skip to the end of the image instead.
-
-If the value of num_lines is valid, then jpeg_skip_scanlines() will always
-skip all of the input rows requested.  There is no need to inspect the return
-value of the function in that case.
-
-Best results will be achieved by calling jpeg_skip_scanlines() for large chunks
-of rows.  The function should be viewed as a way to quickly jump to a
-particular vertical offset in the JPEG image in order to decode a subset of the
-image.  Used in this manner, it will provide significant performance
-improvements.
-
-Calling jpeg_skip_scanlines() for small values of num_lines has several
-potential drawbacks:
-    1) JPEG decompression occurs in blocks, so if jpeg_skip_scanlines() is
-       called from the middle of a decompression block, then it is likely that
-       much of the decompression work has already been done for the first
-       couple of rows that need to be skipped.
-    2) When this function returns, it must leave the decompressor in a state
-       such that it is ready to read the next line.  This may involve
-       decompressing a block that must be partially skipped.
-These issues are especially tricky for cases in which upsampling requires
-context rows.  In the worst case, jpeg_skip_scanlines() will perform similarly
-to jpeg_read_scanlines() (since it will actually call jpeg_read_scanlines().)
-
-2. Decompressing partial scanlines
-
-        jpeg_crop_scanline (j_decompress_ptr cinfo, JDIMENSION *xoffset,
-                            JDIMENSION *width)
-
-This function provides application programmers with the ability to decompress
-only a portion of each row in the JPEG image.  It must be called after
-jpeg_start_decompress() and before any calls to jpeg_read_scanlines() or
-jpeg_skip_scanlines().
-
-If xoffset and width do not form a valid subset of the image row, then this
-function will generate an error.  Note that if the output image is scaled, then
-xoffset and width are relative to the scaled image dimensions.
-
-xoffset and width are passed by reference because xoffset must fall on an iMCU
-boundary.  If it doesn't, then it will be moved left to the nearest iMCU
-boundary, and width will be increased accordingly.  If the calling program does
-not like the adjusted values of xoffset and width, then it can call
-jpeg_crop_scanline() again with new values (for instance, if it wants to move
-xoffset to the nearest iMCU boundary to the right instead of to the left.)
-
-After calling this function, cinfo->output_width will be set to the adjusted
-width.  This value should be used when allocating an output buffer to pass to
-jpeg_read_scanlines().
-
-The output image from a partial-width decompression will be identical to the
-corresponding image region from a full decode, with one exception:  The "fancy"
-(smooth) h2v2 (4:2:0) and h2v1 (4:2:2) upsampling algorithms fill in the
-missing chroma components by averaging the chroma components from neighboring
-pixels, except on the right and left edges of the image (where there are no
-neighboring pixels.)  When performing a partial-width decompression, these
-"fancy" upsampling algorithms may treat the left and right edges of the partial
-image region as if they are the left and right edges of the image, meaning that
-the upsampling algorithm may be simplified.  The result is that the pixels on
-the left or right edge of the partial image may not be exactly identical to the
-corresponding pixels in the original image.
-
-
-Mechanics of usage: include files, linking, etc
------------------------------------------------
-
-Applications using the JPEG library should include the header file jpeglib.h
-to obtain declarations of data types and routines.  Before including
-jpeglib.h, include system headers that define at least the typedefs FILE and
-size_t.  On ANSI-conforming systems, including <stdio.h> is sufficient; on
-older Unix systems, you may need <sys/types.h> to define size_t.
-
-If the application needs to refer to individual JPEG library error codes, also
-include jerror.h to define those symbols.
-
-jpeglib.h indirectly includes the files jconfig.h and jmorecfg.h.  If you are
-installing the JPEG header files in a system directory, you will want to
-install all four files: jpeglib.h, jerror.h, jconfig.h, jmorecfg.h.
-
-The most convenient way to include the JPEG code into your executable program
-is to prepare a library file ("libjpeg.a", or a corresponding name on non-Unix
-machines) and reference it at your link step.  If you use only half of the
-library (only compression or only decompression), only that much code will be
-included from the library, unless your linker is hopelessly brain-damaged.
-The supplied makefiles build libjpeg.a automatically (see install.txt).
-
-While you can build the JPEG library as a shared library if the whim strikes
-you, we don't really recommend it.  The trouble with shared libraries is that
-at some point you'll probably try to substitute a new version of the library
-without recompiling the calling applications.  That generally doesn't work
-because the parameter struct declarations usually change with each new
-version.  In other words, the library's API is *not* guaranteed binary
-compatible across versions; we only try to ensure source-code compatibility.
-(In hindsight, it might have been smarter to hide the parameter structs from
-applications and introduce a ton of access functions instead.  Too late now,
-however.)
-
-It may be worth pointing out that the core JPEG library does not actually
-require the stdio library: only the default source/destination managers and
-error handler need it.  You can use the library in a stdio-less environment
-if you replace those modules and use jmemnobs.c (or another memory manager of
-your own devising).  More info about the minimum system library requirements
-may be found in jinclude.h.
-
-
-ADVANCED FEATURES
-=================
-
-Compression parameter selection
--------------------------------
-
-This section describes all the optional parameters you can set for JPEG
-compression, as well as the "helper" routines provided to assist in this
-task.  Proper setting of some parameters requires detailed understanding
-of the JPEG standard; if you don't know what a parameter is for, it's best
-not to mess with it!  See REFERENCES in the README.ijg file for pointers to
-more info about JPEG.
-
-It's a good idea to call jpeg_set_defaults() first, even if you plan to set
-all the parameters; that way your code is more likely to work with future JPEG
-libraries that have additional parameters.  For the same reason, we recommend
-you use a helper routine where one is provided, in preference to twiddling
-cinfo fields directly.
-
-The helper routines are:
-
-jpeg_set_defaults (j_compress_ptr cinfo)
-        This routine sets all JPEG parameters to reasonable defaults, using
-        only the input image's color space (field in_color_space, which must
-        already be set in cinfo).  Many applications will only need to use
-        this routine and perhaps jpeg_set_quality().
-
-jpeg_set_colorspace (j_compress_ptr cinfo, J_COLOR_SPACE colorspace)
-        Sets the JPEG file's colorspace (field jpeg_color_space) as specified,
-        and sets other color-space-dependent parameters appropriately.  See
-        "Special color spaces", below, before using this.  A large number of
-        parameters, including all per-component parameters, are set by this
-        routine; if you want to twiddle individual parameters you should call
-        jpeg_set_colorspace() before rather than after.
-
-jpeg_default_colorspace (j_compress_ptr cinfo)
-        Selects an appropriate JPEG colorspace based on cinfo->in_color_space,
-        and calls jpeg_set_colorspace().  This is actually a subroutine of
-        jpeg_set_defaults().  It's broken out in case you want to change
-        just the colorspace-dependent JPEG parameters.
-
-jpeg_set_quality (j_compress_ptr cinfo, int quality, boolean force_baseline)
-        Constructs JPEG quantization tables appropriate for the indicated
-        quality setting.  The quality value is expressed on the 0..100 scale
-        recommended by IJG (cjpeg's "-quality" switch uses this routine).
-        Note that the exact mapping from quality values to tables may change
-        in future IJG releases as more is learned about DCT quantization.
-        If the force_baseline parameter is TRUE, then the quantization table
-        entries are constrained to the range 1..255 for full JPEG baseline
-        compatibility.  In the current implementation, this only makes a
-        difference for quality settings below 25, and it effectively prevents
-        very small/low quality files from being generated.  The IJG decoder
-        is capable of reading the non-baseline files generated at low quality
-        settings when force_baseline is FALSE, but other decoders may not be.
-
-jpeg_set_linear_quality (j_compress_ptr cinfo, int scale_factor,
-                         boolean force_baseline)
-        Same as jpeg_set_quality() except that the generated tables are the
-        sample tables given in Annex K (Clause K.1) of
-        Rec. ITU-T T.81 (1992) | ISO/IEC 10918-1:1994, multiplied by the
-        specified scale factor (which is expressed as a percentage; thus
-        scale_factor = 100 reproduces the spec's tables).  Note that larger
-        scale factors give lower quality.  This entry point is useful for
-        conforming to the Adobe PostScript DCT conventions, but we do not
-        recommend linear scaling as a user-visible quality scale otherwise.
-        force_baseline again constrains the computed table entries to 1..255.
-
-int jpeg_quality_scaling (int quality)
-        Converts a value on the IJG-recommended quality scale to a linear
-        scaling percentage.  Note that this routine may change or go away
-        in future releases --- IJG may choose to adopt a scaling method that
-        can't be expressed as a simple scalar multiplier, in which case the
-        premise of this routine collapses.  Caveat user.
-
-jpeg_default_qtables (j_compress_ptr cinfo, boolean force_baseline)
-        [libjpeg v7+ API/ABI emulation only]
-        Set default quantization tables with linear q_scale_factor[] values
-        (see below).
-
-jpeg_add_quant_table (j_compress_ptr cinfo, int which_tbl,
-                      const unsigned int *basic_table,
-                      int scale_factor, boolean force_baseline)
-        Allows an arbitrary quantization table to be created.  which_tbl
-        indicates which table slot to fill.  basic_table points to an array
-        of 64 unsigned ints given in normal array order.  These values are
-        multiplied by scale_factor/100 and then clamped to the range 1..65535
-        (or to 1..255 if force_baseline is TRUE).
-        CAUTION: prior to library version 6a, jpeg_add_quant_table expected
-        the basic table to be given in JPEG zigzag order.  If you need to
-        write code that works with either older or newer versions of this
-        routine, you must check the library version number.  Something like
-        "#if JPEG_LIB_VERSION >= 61" is the right test.
-
-jpeg_simple_progression (j_compress_ptr cinfo)
-        Generates a default scan script for writing a progressive-JPEG file.
-        This is the recommended method of creating a progressive file,
-        unless you want to make a custom scan sequence.  You must ensure that
-        the JPEG color space is set correctly before calling this routine.
-
-
-Compression parameters (cinfo fields) include:
-
-boolean arith_code
-        If TRUE, use arithmetic coding.
-        If FALSE, use Huffman coding.
-
-J_DCT_METHOD dct_method
-        Selects the algorithm used for the DCT step.  Choices are:
-                JDCT_ISLOW: accurate integer method
-                JDCT_IFAST: less accurate integer method [legacy feature]
-                JDCT_FLOAT: floating-point method [legacy feature]
-                JDCT_DEFAULT: default method (normally JDCT_ISLOW)
-                JDCT_FASTEST: fastest method (normally JDCT_IFAST)
-        When the Independent JPEG Group's software was first released in 1991,
-        the compression time for a 1-megapixel JPEG image on a mainstream PC
-        was measured in minutes.  Thus, JDCT_IFAST provided noticeable
-        performance benefits.  On modern CPUs running libjpeg-turbo, however,
-        the compression time for a 1-megapixel JPEG image is measured in
-        milliseconds, and thus the performance benefits of JDCT_IFAST are much
-        less noticeable.  On modern x86/x86-64 CPUs that support AVX2
-        instructions, JDCT_IFAST and JDCT_ISLOW have similar performance.  On
-        other types of CPUs, JDCT_IFAST is generally about 5-15% faster than
-        JDCT_ISLOW.
-
-        For quality levels of 90 and below, there should be little or no
-        perceptible quality difference between the two algorithms.  For quality
-        levels above 90, however, the difference between JDCT_IFAST and
-        JDCT_ISLOW becomes more pronounced.  With quality=97, for instance,
-        JDCT_IFAST incurs generally about a 1-3 dB loss in PSNR relative to
-        JDCT_ISLOW, but this can be larger for some images.  Do not use
-        JDCT_IFAST with quality levels above 97.  The algorithm often
-        degenerates at quality=98 and above and can actually produce a more
-        lossy image than if lower quality levels had been used.  Also, in
-        libjpeg-turbo, JDCT_IFAST is not fully accelerated for quality levels
-        above 97, so it will be slower than JDCT_ISLOW.
-
-        JDCT_FLOAT does not produce significantly more accurate results than
-        JDCT_ISLOW, and it is much slower.  JDCT_FLOAT may also give different
-        results on different machines due to varying roundoff behavior, whereas
-        the integer methods should give the same results on all machines.
-
-J_COLOR_SPACE jpeg_color_space
-int num_components
-        The JPEG color space and corresponding number of components; see
-        "Special color spaces", below, for more info.  We recommend using
-        jpeg_set_color_space() if you want to change these.
-
-boolean optimize_coding
-        TRUE causes the compressor to compute optimal Huffman coding tables
-        for the image.  This requires an extra pass over the data and
-        therefore costs a good deal of space and time.  The default is
-        FALSE, which tells the compressor to use the supplied or default
-        Huffman tables.  In most cases optimal tables save only a few percent
-        of file size compared to the default tables.  Note that when this is
-        TRUE, you need not supply Huffman tables at all, and any you do
-        supply will be overwritten.
-
-unsigned int restart_interval
-int restart_in_rows
-        To emit restart markers in the JPEG file, set one of these nonzero.
-        Set restart_interval to specify the exact interval in MCU blocks.
-        Set restart_in_rows to specify the interval in MCU rows.  (If
-        restart_in_rows is not 0, then restart_interval is set after the
-        image width in MCUs is computed.)  Defaults are zero (no restarts).
-        One restart marker per MCU row is often a good choice.
-        NOTE: the overhead of restart markers is higher in grayscale JPEG
-        files than in color files, and MUCH higher in progressive JPEGs.
-        If you use restarts, you may want to use larger intervals in those
-        cases.
-
-const jpeg_scan_info *scan_info
-int num_scans
-        By default, scan_info is NULL; this causes the compressor to write a
-        single-scan sequential JPEG file.  If not NULL, scan_info points to
-        an array of scan definition records of length num_scans.  The
-        compressor will then write a JPEG file having one scan for each scan
-        definition record.  This is used to generate noninterleaved or
-        progressive JPEG files.  The library checks that the scan array
-        defines a valid JPEG scan sequence.  (jpeg_simple_progression creates
-        a suitable scan definition array for progressive JPEG.)  This is
-        discussed further under "Progressive JPEG support".
-
-int smoothing_factor
-        If non-zero, the input image is smoothed; the value should be 1 for
-        minimal smoothing to 100 for maximum smoothing.  Consult jcsample.c
-        for details of the smoothing algorithm.  The default is zero.
-
-boolean write_JFIF_header
-        If TRUE, a JFIF APP0 marker is emitted.  jpeg_set_defaults() and
-        jpeg_set_colorspace() set this TRUE if a JFIF-legal JPEG color space
-        (ie, YCbCr or grayscale) is selected, otherwise FALSE.
-
-UINT8 JFIF_major_version
-UINT8 JFIF_minor_version
-        The version number to be written into the JFIF marker.
-        jpeg_set_defaults() initializes the version to 1.01 (major=minor=1).
-        You should set it to 1.02 (major=1, minor=2) if you plan to write
-        any JFIF 1.02 extension markers.
-
-UINT8 density_unit
-UINT16 X_density
-UINT16 Y_density
-        The resolution information to be written into the JFIF marker;
-        not used otherwise.  density_unit may be 0 for unknown,
-        1 for dots/inch, or 2 for dots/cm.  The default values are 0,1,1
-        indicating square pixels of unknown size.
-
-boolean write_Adobe_marker
-        If TRUE, an Adobe APP14 marker is emitted.  jpeg_set_defaults() and
-        jpeg_set_colorspace() set this TRUE if JPEG color space RGB, CMYK,
-        or YCCK is selected, otherwise FALSE.  It is generally a bad idea
-        to set both write_JFIF_header and write_Adobe_marker.  In fact,
-        you probably shouldn't change the default settings at all --- the
-        default behavior ensures that the JPEG file's color space can be
-        recognized by the decoder.
-
-JQUANT_TBL *quant_tbl_ptrs[NUM_QUANT_TBLS]
-        Pointers to coefficient quantization tables, one per table slot,
-        or NULL if no table is defined for a slot.  Usually these should
-        be set via one of the above helper routines; jpeg_add_quant_table()
-        is general enough to define any quantization table.  The other
-        routines will set up table slot 0 for luminance quality and table
-        slot 1 for chrominance.
-
-int q_scale_factor[NUM_QUANT_TBLS]
-        [libjpeg v7+ API/ABI emulation only]
-        Linear quantization scaling factors (0-100, default 100)
-        for use with jpeg_default_qtables().
-        See rdswitch.c and cjpeg.c for an example of usage.
-        Note that the q_scale_factor[] values use "linear" scales, so JPEG
-        quality levels chosen by the user must be converted to these scales
-        using jpeg_quality_scaling().  Here is an example that corresponds to
-        cjpeg -quality 90,70:
-
-                jpeg_set_defaults(cinfo);
-
-                /* Set luminance quality 90. */
-                cinfo->q_scale_factor[0] = jpeg_quality_scaling(90);
-                /* Set chrominance quality 70. */
-                cinfo->q_scale_factor[1] = jpeg_quality_scaling(70);
-
-                jpeg_default_qtables(cinfo, force_baseline);
-
-        CAUTION: Setting separate quality levels for chrominance and luminance
-        is mainly only useful if chrominance subsampling is disabled.  2x2
-        chrominance subsampling (AKA "4:2:0") is the default, but you can
-        explicitly disable subsampling as follows:
-
-                cinfo->comp_info[0].v_samp_factor = 1;
-                cinfo->comp_info[0].h_samp_factor = 1;
-
-JHUFF_TBL *dc_huff_tbl_ptrs[NUM_HUFF_TBLS]
-JHUFF_TBL *ac_huff_tbl_ptrs[NUM_HUFF_TBLS]
-        Pointers to Huffman coding tables, one per table slot, or NULL if
-        no table is defined for a slot.  Slots 0 and 1 are filled with the
-        JPEG sample tables by jpeg_set_defaults().  If you need to allocate
-        more table structures, jpeg_alloc_huff_table() may be used.
-        Note that optimal Huffman tables can be computed for an image
-        by setting optimize_coding, as discussed above; there's seldom
-        any need to mess with providing your own Huffman tables.
-
-
-[libjpeg v7+ API/ABI emulation only]
-The actual dimensions of the JPEG image that will be written to the file are
-given by the following fields.  These are computed from the input image
-dimensions and the compression parameters by jpeg_start_compress().  You can
-also call jpeg_calc_jpeg_dimensions() to obtain the values that will result
-from the current parameter settings.  This can be useful if you are trying
-to pick a scaling ratio that will get close to a desired target size.
-
-JDIMENSION jpeg_width           Actual dimensions of output image.
-JDIMENSION jpeg_height
-
-
-Per-component parameters are stored in the struct cinfo.comp_info[i] for
-component number i.  Note that components here refer to components of the
-JPEG color space, *not* the source image color space.  A suitably large
-comp_info[] array is allocated by jpeg_set_defaults(); if you choose not
-to use that routine, it's up to you to allocate the array.
-
-int component_id
-        The one-byte identifier code to be recorded in the JPEG file for
-        this component.  For the standard color spaces, we recommend you
-        leave the default values alone.
-
-int h_samp_factor
-int v_samp_factor
-        Horizontal and vertical sampling factors for the component; must
-        be 1..4 according to the JPEG standard.  Note that larger sampling
-        factors indicate a higher-resolution component; many people find
-        this behavior quite unintuitive.  The default values are 2,2 for
-        luminance components and 1,1 for chrominance components, except
-        for grayscale where 1,1 is used.
-
-int quant_tbl_no
-        Quantization table number for component.  The default value is
-        0 for luminance components and 1 for chrominance components.
-
-int dc_tbl_no
-int ac_tbl_no
-        DC and AC entropy coding table numbers.  The default values are
-        0 for luminance components and 1 for chrominance components.
-
-int component_index
-        Must equal the component's index in comp_info[].  (Beginning in
-        release v6, the compressor library will fill this in automatically;
-        you don't have to.)
-
-
-Decompression parameter selection
----------------------------------
-
-Decompression parameter selection is somewhat simpler than compression
-parameter selection, since all of the JPEG internal parameters are
-recorded in the source file and need not be supplied by the application.
-(Unless you are working with abbreviated files, in which case see
-"Abbreviated datastreams", below.)  Decompression parameters control
-the postprocessing done on the image to deliver it in a format suitable
-for the application's use.  Many of the parameters control speed/quality
-tradeoffs, in which faster decompression may be obtained at the price of
-a poorer-quality image.  The defaults select the highest quality (slowest)
-processing.
-
-The following fields in the JPEG object are set by jpeg_read_header() and
-may be useful to the application in choosing decompression parameters:
-
-JDIMENSION image_width                  Width and height of image
-JDIMENSION image_height
-int num_components                      Number of color components
-J_COLOR_SPACE jpeg_color_space          Colorspace of image
-boolean saw_JFIF_marker                 TRUE if a JFIF APP0 marker was seen
-  UINT8 JFIF_major_version              Version information from JFIF marker
-  UINT8 JFIF_minor_version
-  UINT8 density_unit                    Resolution data from JFIF marker
-  UINT16 X_density
-  UINT16 Y_density
-boolean saw_Adobe_marker                TRUE if an Adobe APP14 marker was seen
-  UINT8 Adobe_transform                 Color transform code from Adobe marker
-
-The JPEG color space, unfortunately, is something of a guess since the JPEG
-standard proper does not provide a way to record it.  In practice most files
-adhere to the JFIF or Adobe conventions, and the decoder will recognize these
-correctly.  See "Special color spaces", below, for more info.
-
-
-The decompression parameters that determine the basic properties of the
-returned image are:
-
-J_COLOR_SPACE out_color_space
-        Output color space.  jpeg_read_header() sets an appropriate default
-        based on jpeg_color_space; typically it will be RGB or grayscale.
-        The application can change this field to request output in a different
-        colorspace.  For example, set it to JCS_GRAYSCALE to get grayscale
-        output from a color file.  (This is useful for previewing: grayscale
-        output is faster than full color since the color components need not
-        be processed.)  Note that not all possible color space transforms are
-        currently implemented; you may need to extend jdcolor.c if you want an
-        unusual conversion.
-
-unsigned int scale_num, scale_denom
-        Scale the image by the fraction scale_num/scale_denom.  Default is
-        1/1, or no scaling.  Currently, the only supported scaling ratios
-        are M/8 with all M from 1 to 16, or any reduced fraction thereof (such
-        as 1/2, 3/4, etc.)  (The library design allows for arbitrary
-        scaling ratios but this is not likely to be implemented any time soon.)
-        Smaller scaling ratios permit significantly faster decoding since
-        fewer pixels need be processed and a simpler IDCT method can be used.
-
-boolean quantize_colors
-        If set TRUE, colormapped output will be delivered.  Default is FALSE,
-        meaning that full-color output will be delivered.
-
-The next three parameters are relevant only if quantize_colors is TRUE.
-
-int desired_number_of_colors
-        Maximum number of colors to use in generating a library-supplied color
-        map (the actual number of colors is returned in a different field).
-        Default 256.  Ignored when the application supplies its own color map.
-
-boolean two_pass_quantize
-        If TRUE, an extra pass over the image is made to select a custom color
-        map for the image.  This usually looks a lot better than the one-size-
-        fits-all colormap that is used otherwise.  Default is TRUE.  Ignored
-        when the application supplies its own color map.
-
-J_DITHER_MODE dither_mode
-        Selects color dithering method.  Supported values are:
-                JDITHER_NONE    no dithering: fast, very low quality
-                JDITHER_ORDERED ordered dither: moderate speed and quality
-                JDITHER_FS      Floyd-Steinberg dither: slow, high quality
-        Default is JDITHER_FS.  (At present, ordered dither is implemented
-        only in the single-pass, standard-colormap case.  If you ask for
-        ordered dither when two_pass_quantize is TRUE or when you supply
-        an external color map, you'll get F-S dithering.)
-
-When quantize_colors is TRUE, the target color map is described by the next
-two fields.  colormap is set to NULL by jpeg_read_header().  The application
-can supply a color map by setting colormap non-NULL and setting
-actual_number_of_colors to the map size.  Otherwise, jpeg_start_decompress()
-selects a suitable color map and sets these two fields itself.
-[Implementation restriction: at present, an externally supplied colormap is
-only accepted for 3-component output color spaces.]
-
-JSAMPARRAY colormap
-        The color map, represented as a 2-D pixel array of out_color_components
-        rows and actual_number_of_colors columns.  Ignored if not quantizing.
-        CAUTION: if the JPEG library creates its own colormap, the storage
-        pointed to by this field is released by jpeg_finish_decompress().
-        Copy the colormap somewhere else first, if you want to save it.
-
-int actual_number_of_colors
-        The number of colors in the color map.
-
-Additional decompression parameters that the application may set include:
-
-J_DCT_METHOD dct_method
-        Selects the algorithm used for the DCT step.  Choices are:
-                JDCT_ISLOW: accurate integer method
-                JDCT_IFAST: less accurate integer method [legacy feature]
-                JDCT_FLOAT: floating-point method [legacy feature]
-                JDCT_DEFAULT: default method (normally JDCT_ISLOW)
-                JDCT_FASTEST: fastest method (normally JDCT_IFAST)
-        When the Independent JPEG Group's software was first released in 1991,
-        the decompression time for a 1-megapixel JPEG image on a mainstream PC
-        was measured in minutes.  Thus, JDCT_IFAST provided noticeable
-        performance benefits.  On modern CPUs running libjpeg-turbo, however,
-        the decompression time for a 1-megapixel JPEG image is measured in
-        milliseconds, and thus the performance benefits of JDCT_IFAST are much
-        less noticeable.  On modern x86/x86-64 CPUs that support AVX2
-        instructions, JDCT_IFAST and JDCT_ISLOW have similar performance.  On
-        other types of CPUs, JDCT_IFAST is generally about 5-15% faster than
-        JDCT_ISLOW.
-
-        If the JPEG image was compressed using a quality level of 85 or below,
-        then there should be little or no perceptible quality difference
-        between the two algorithms.  When decompressing images that were
-        compressed using quality levels above 85, however, the difference
-        between JDCT_IFAST and JDCT_ISLOW becomes more pronounced.  With images
-        compressed using quality=97, for instance, JDCT_IFAST incurs generally
-        about a 4-6 dB loss in PSNR relative to JDCT_ISLOW, but this can be
-        larger for some images.  If you can avoid it, do not use JDCT_IFAST
-        when decompressing images that were compressed using quality levels
-        above 97.  The algorithm often degenerates for such images and can
-        actually produce a more lossy output image than if the JPEG image had
-        been compressed using lower quality levels.
-
-        JDCT_FLOAT does not produce significantly more accurate results than
-        JDCT_ISLOW, and it is much slower.  JDCT_FLOAT may also give different
-        results on different machines due to varying roundoff behavior, whereas
-        the integer methods should give the same results on all machines.
-
-boolean do_fancy_upsampling
-        If TRUE, do careful upsampling of chroma components.  If FALSE,
-        a faster but sloppier method is used.  Default is TRUE.  The visual
-        impact of the sloppier method is often very small.
-
-boolean do_block_smoothing
-        If TRUE, interblock smoothing is applied in early stages of decoding
-        progressive JPEG files; if FALSE, not.  Default is TRUE.  Early
-        progression stages look "fuzzy" with smoothing, "blocky" without.
-        In any case, block smoothing ceases to be applied after the first few
-        AC coefficients are known to full accuracy, so it is relevant only
-        when using buffered-image mode for progressive images.
-
-boolean enable_1pass_quant
-boolean enable_external_quant
-boolean enable_2pass_quant
-        These are significant only in buffered-image mode, which is
-        described in its own section below.
-
-
-The output image dimensions are given by the following fields.  These are
-computed from the source image dimensions and the decompression parameters
-by jpeg_start_decompress().  You can also call jpeg_calc_output_dimensions()
-to obtain the values that will result from the current parameter settings.
-This can be useful if you are trying to pick a scaling ratio that will get
-close to a desired target size.  It's also important if you are using the
-JPEG library's memory manager to allocate output buffer space, because you
-are supposed to request such buffers *before* jpeg_start_decompress().
-
-JDIMENSION output_width         Actual dimensions of output image.
-JDIMENSION output_height
-int out_color_components        Number of color components in out_color_space.
-int output_components           Number of color components returned.
-int rec_outbuf_height           Recommended height of scanline buffer.
-
-When quantizing colors, output_components is 1, indicating a single color map
-index per pixel.  Otherwise it equals out_color_components.  The output arrays
-are required to be output_width * output_components JSAMPLEs wide.
-
-rec_outbuf_height is the recommended minimum height (in scanlines) of the
-buffer passed to jpeg_read_scanlines().  If the buffer is smaller, the
-library will still work, but time will be wasted due to unnecessary data
-copying.  In high-quality modes, rec_outbuf_height is always 1, but some
-faster, lower-quality modes set it to larger values (typically 2 to 4).
-If you are going to ask for a high-speed processing mode, you may as well
-go to the trouble of honoring rec_outbuf_height so as to avoid data copying.
-(An output buffer larger than rec_outbuf_height lines is OK, but won't
-provide any material speed improvement over that height.)
-
-
-Special color spaces
---------------------
-
-The JPEG standard itself is "color blind" and doesn't specify any particular
-color space.  It is customary to convert color data to a luminance/chrominance
-color space before compressing, since this permits greater compression.  The
-existing de-facto JPEG file format standards specify YCbCr or grayscale data
-(JFIF), or grayscale, RGB, YCbCr, CMYK, or YCCK (Adobe).  For special
-applications such as multispectral images, other color spaces can be used,
-but it must be understood that such files will be unportable.
-
-The JPEG library can handle the most common colorspace conversions (namely
-RGB <=> YCbCr and CMYK <=> YCCK).  It can also deal with data of an unknown
-color space, passing it through without conversion.  If you deal extensively
-with an unusual color space, you can easily extend the library to understand
-additional color spaces and perform appropriate conversions.
-
-For compression, the source data's color space is specified by field
-in_color_space.  This is transformed to the JPEG file's color space given
-by jpeg_color_space.  jpeg_set_defaults() chooses a reasonable JPEG color
-space depending on in_color_space, but you can override this by calling
-jpeg_set_colorspace().  Of course you must select a supported transformation.
-jccolor.c currently supports the following transformations:
-        RGB => YCbCr
-        RGB => GRAYSCALE
-        YCbCr => GRAYSCALE
-        CMYK => YCCK
-plus the null transforms: GRAYSCALE => GRAYSCALE, RGB => RGB,
-YCbCr => YCbCr, CMYK => CMYK, YCCK => YCCK, and UNKNOWN => UNKNOWN.
-
-The de-facto file format standards (JFIF and Adobe) specify APPn markers that
-indicate the color space of the JPEG file.  It is important to ensure that
-these are written correctly, or omitted if the JPEG file's color space is not
-one of the ones supported by the de-facto standards.  jpeg_set_colorspace()
-will set the compression parameters to include or omit the APPn markers
-properly, so long as it is told the truth about the JPEG color space.
-For example, if you are writing some random 3-component color space without
-conversion, don't try to fake out the library by setting in_color_space and
-jpeg_color_space to JCS_YCbCr; use JCS_UNKNOWN.  You may want to write an
-APPn marker of your own devising to identify the colorspace --- see "Special
-markers", below.
-
-When told that the color space is UNKNOWN, the library will default to using
-luminance-quality compression parameters for all color components.  You may
-well want to change these parameters.  See the source code for
-jpeg_set_colorspace(), in jcparam.c, for details.
-
-For decompression, the JPEG file's color space is given in jpeg_color_space,
-and this is transformed to the output color space out_color_space.
-jpeg_read_header's setting of jpeg_color_space can be relied on if the file
-conforms to JFIF or Adobe conventions, but otherwise it is no better than a
-guess.  If you know the JPEG file's color space for certain, you can override
-jpeg_read_header's guess by setting jpeg_color_space.  jpeg_read_header also
-selects a default output color space based on (its guess of) jpeg_color_space;
-set out_color_space to override this.  Again, you must select a supported
-transformation.  jdcolor.c currently supports
-        YCbCr => RGB
-        YCbCr => GRAYSCALE
-        RGB => GRAYSCALE
-        GRAYSCALE => RGB
-        YCCK => CMYK
-as well as the null transforms.  (Since GRAYSCALE=>RGB is provided, an
-application can force grayscale JPEGs to look like color JPEGs if it only
-wants to handle one case.)
-
-The two-pass color quantizer, jquant2.c, is specialized to handle RGB data
-(it weights distances appropriately for RGB colors).  You'll need to modify
-the code if you want to use it for non-RGB output color spaces.  Note that
-jquant2.c is used to map to an application-supplied colormap as well as for
-the normal two-pass colormap selection process.
-
-CAUTION: it appears that Adobe Photoshop writes inverted data in CMYK JPEG
-files: 0 represents 100% ink coverage, rather than 0% ink as you'd expect.
-This is arguably a bug in Photoshop, but if you need to work with Photoshop
-CMYK files, you will have to deal with it in your application.  We cannot
-"fix" this in the library by inverting the data during the CMYK<=>YCCK
-transform, because that would break other applications, notably Ghostscript.
-Photoshop versions prior to 3.0 write EPS files containing JPEG-encoded CMYK
-data in the same inverted-YCCK representation used in bare JPEG files, but
-the surrounding PostScript code performs an inversion using the PS image
-operator.  I am told that Photoshop 3.0 will write uninverted YCCK in
-EPS/JPEG files, and will omit the PS-level inversion.  (But the data
-polarity used in bare JPEG files will not change in 3.0.)  In either case,
-the JPEG library must not invert the data itself, or else Ghostscript would
-read these EPS files incorrectly.
-
-
-Error handling
---------------
-
-When the default error handler is used, any error detected inside the JPEG
-routines will cause a message to be printed on stderr, followed by exit().
-You can supply your own error handling routines to override this behavior
-and to control the treatment of nonfatal warnings and trace/debug messages.
-The file example.txt illustrates the most common case, which is to have the
-application regain control after an error rather than exiting.
-
-The JPEG library never writes any message directly; it always goes through
-the error handling routines.  Three classes of messages are recognized:
-  * Fatal errors: the library cannot continue.
-  * Warnings: the library can continue, but the data is corrupt, and a
-    damaged output image is likely to result.
-  * Trace/informational messages.  These come with a trace level indicating
-    the importance of the message; you can control the verbosity of the
-    program by adjusting the maximum trace level that will be displayed.
-
-You may, if you wish, simply replace the entire JPEG error handling module
-(jerror.c) with your own code.  However, you can avoid code duplication by
-only replacing some of the routines depending on the behavior you need.
-This is accomplished by calling jpeg_std_error() as usual, but then overriding
-some of the method pointers in the jpeg_error_mgr struct, as illustrated by
-example.txt.
-
-All of the error handling routines will receive a pointer to the JPEG object
-(a j_common_ptr which points to either a jpeg_compress_struct or a
-jpeg_decompress_struct; if you need to tell which, test the is_decompressor
-field).  This struct includes a pointer to the error manager struct in its
-"err" field.  Frequently, custom error handler routines will need to access
-additional data which is not known to the JPEG library or the standard error
-handler.  The most convenient way to do this is to embed either the JPEG
-object or the jpeg_error_mgr struct in a larger structure that contains
-additional fields; then casting the passed pointer provides access to the
-additional fields.  Again, see example.txt for one way to do it.  (Beginning
-with IJG version 6b, there is also a void pointer "client_data" in each
-JPEG object, which the application can also use to find related data.
-The library does not touch client_data at all.)
-
-The individual methods that you might wish to override are:
-
-error_exit (j_common_ptr cinfo)
-        Receives control for a fatal error.  Information sufficient to
-        generate the error message has been stored in cinfo->err; call
-        output_message to display it.  Control must NOT return to the caller;
-        generally this routine will exit() or longjmp() somewhere.
-        Typically you would override this routine to get rid of the exit()
-        default behavior.  Note that if you continue processing, you should
-        clean up the JPEG object with jpeg_abort() or jpeg_destroy().
-
-output_message (j_common_ptr cinfo)
-        Actual output of any JPEG message.  Override this to send messages
-        somewhere other than stderr.  Note that this method does not know
-        how to generate a message, only where to send it.
-
-format_message (j_common_ptr cinfo, char *buffer)
-        Constructs a readable error message string based on the error info
-        stored in cinfo->err.  This method is called by output_message.  Few
-        applications should need to override this method.  One possible
-        reason for doing so is to implement dynamic switching of error message
-        language.
-
-emit_message (j_common_ptr cinfo, int msg_level)
-        Decide whether or not to emit a warning or trace message; if so,
-        calls output_message.  The main reason for overriding this method
-        would be to abort on warnings.  msg_level is -1 for warnings,
-        0 and up for trace messages.
-
-Only error_exit() and emit_message() are called from the rest of the JPEG
-library; the other two are internal to the error handler.
-
-The actual message texts are stored in an array of strings which is pointed to
-by the field err->jpeg_message_table.  The messages are numbered from 0 to
-err->last_jpeg_message, and it is these code numbers that are used in the
-JPEG library code.  You could replace the message texts (for instance, with
-messages in French or German) by changing the message table pointer.  See
-jerror.h for the default texts.  CAUTION: this table will almost certainly
-change or grow from one library version to the next.
-
-It may be useful for an application to add its own message texts that are
-handled by the same mechanism.  The error handler supports a second "add-on"
-message table for this purpose.  To define an addon table, set the pointer
-err->addon_message_table and the message numbers err->first_addon_message and
-err->last_addon_message.  If you number the addon messages beginning at 1000
-or so, you won't have to worry about conflicts with the library's built-in
-messages.  See the sample applications cjpeg/djpeg for an example of using
-addon messages (the addon messages are defined in cderror.h).
-
-Actual invocation of the error handler is done via macros defined in jerror.h:
-        ERREXITn(...)   for fatal errors
-        WARNMSn(...)    for corrupt-data warnings
-        TRACEMSn(...)   for trace and informational messages.
-These macros store the message code and any additional parameters into the
-error handler struct, then invoke the error_exit() or emit_message() method.
-The variants of each macro are for varying numbers of additional parameters.
-The additional parameters are inserted into the generated message using
-standard printf() format codes.
-
-See jerror.h and jerror.c for further details.
-
-
-Compressed data handling (source and destination managers)
-----------------------------------------------------------
-
-The JPEG compression library sends its compressed data to a "destination
-manager" module.  The default destination manager just writes the data to a
-memory buffer or to a stdio stream, but you can provide your own manager to
-do something else.  Similarly, the decompression library calls a "source
-manager" to obtain the compressed data; you can provide your own source
-manager if you want the data to come from somewhere other than a memory
-buffer or a stdio stream.
-
-In both cases, compressed data is processed a bufferload at a time: the
-destination or source manager provides a work buffer, and the library invokes
-the manager only when the buffer is filled or emptied.  (You could define a
-one-character buffer to force the manager to be invoked for each byte, but
-that would be rather inefficient.)  The buffer's size and location are
-controlled by the manager, not by the library.  For example, the memory
-source manager just makes the buffer pointer and length point to the original
-data in memory.  In this case the buffer-reload procedure will be invoked
-only if the decompressor ran off the end of the datastream, which would
-indicate an erroneous datastream.
-
-The work buffer is defined as an array of datatype JOCTET, which is generally
-"char" or "unsigned char".  On a machine where char is not exactly 8 bits
-wide, you must define JOCTET as a wider data type and then modify the data
-source and destination modules to transcribe the work arrays into 8-bit units
-on external storage.
-
-A data destination manager struct contains a pointer and count defining the
-next byte to write in the work buffer and the remaining free space:
-
-        JOCTET *next_output_byte;   /* => next byte to write in buffer */
-        size_t free_in_buffer;      /* # of byte spaces remaining in buffer */
-
-The library increments the pointer and decrements the count until the buffer
-is filled.  The manager's empty_output_buffer method must reset the pointer
-and count.  The manager is expected to remember the buffer's starting address
-and total size in private fields not visible to the library.
-
-A data destination manager provides three methods:
-
-init_destination (j_compress_ptr cinfo)
-        Initialize destination.  This is called by jpeg_start_compress()
-        before any data is actually written.  It must initialize
-        next_output_byte and free_in_buffer.  free_in_buffer must be
-        initialized to a positive value.
-
-empty_output_buffer (j_compress_ptr cinfo)
-        This is called whenever the buffer has filled (free_in_buffer
-        reaches zero).  In typical applications, it should write out the
-        *entire* buffer (use the saved start address and buffer length;
-        ignore the current state of next_output_byte and free_in_buffer).
-        Then reset the pointer & count to the start of the buffer, and
-        return TRUE indicating that the buffer has been dumped.
-        free_in_buffer must be set to a positive value when TRUE is
-        returned.  A FALSE return should only be used when I/O suspension is
-        desired (this operating mode is discussed in the next section).
-
-term_destination (j_compress_ptr cinfo)
-        Terminate destination --- called by jpeg_finish_compress() after all
-        data has been written.  In most applications, this must flush any
-        data remaining in the buffer.  Use either next_output_byte or
-        free_in_buffer to determine how much data is in the buffer.
-
-term_destination() is NOT called by jpeg_abort() or jpeg_destroy().  If you
-want the destination manager to be cleaned up during an abort, you must do it
-yourself.
-
-You will also need code to create a jpeg_destination_mgr struct, fill in its
-method pointers, and insert a pointer to the struct into the "dest" field of
-the JPEG compression object.  This can be done in-line in your setup code if
-you like, but it's probably cleaner to provide a separate routine similar to
-the jpeg_stdio_dest() or jpeg_mem_dest() routines of the supplied destination
-managers.
-
-Decompression source managers follow a parallel design, but with some
-additional frammishes.  The source manager struct contains a pointer and count
-defining the next byte to read from the work buffer and the number of bytes
-remaining:
-
-        const JOCTET *next_input_byte;  /* => next byte to read from buffer */
-        size_t bytes_in_buffer;         /* # of bytes remaining in buffer */
-
-The library increments the pointer and decrements the count until the buffer
-is emptied.  The manager's fill_input_buffer method must reset the pointer and
-count.  In most applications, the manager must remember the buffer's starting
-address and total size in private fields not visible to the library.
-
-A data source manager provides five methods:
-
-init_source (j_decompress_ptr cinfo)
-        Initialize source.  This is called by jpeg_read_header() before any
-        data is actually read.  Unlike init_destination(), it may leave
-        bytes_in_buffer set to 0 (in which case a fill_input_buffer() call
-        will occur immediately).
-
-fill_input_buffer (j_decompress_ptr cinfo)
-        This is called whenever bytes_in_buffer has reached zero and more
-        data is wanted.  In typical applications, it should read fresh data
-        into the buffer (ignoring the current state of next_input_byte and
-        bytes_in_buffer), reset the pointer & count to the start of the
-        buffer, and return TRUE indicating that the buffer has been reloaded.
-        It is not necessary to fill the buffer entirely, only to obtain at
-        least one more byte.  bytes_in_buffer MUST be set to a positive value
-        if TRUE is returned.  A FALSE return should only be used when I/O
-        suspension is desired (this mode is discussed in the next section).
-
-skip_input_data (j_decompress_ptr cinfo, long num_bytes)
-        Skip num_bytes worth of data.  The buffer pointer and count should
-        be advanced over num_bytes input bytes, refilling the buffer as
-        needed.  This is used to skip over a potentially large amount of
-        uninteresting data (such as an APPn marker).  In some applications
-        it may be possible to optimize away the reading of the skipped data,
-        but it's not clear that being smart is worth much trouble; large
-        skips are uncommon.  bytes_in_buffer may be zero on return.
-        A zero or negative skip count should be treated as a no-op.
-
-resync_to_restart (j_decompress_ptr cinfo, int desired)
-        This routine is called only when the decompressor has failed to find
-        a restart (RSTn) marker where one is expected.  Its mission is to
-        find a suitable point for resuming decompression.  For most
-        applications, we recommend that you just use the default resync
-        procedure, jpeg_resync_to_restart().  However, if you are able to back
-        up in the input data stream, or if you have a-priori knowledge about
-        the likely location of restart markers, you may be able to do better.
-        Read the read_restart_marker() and jpeg_resync_to_restart() routines
-        in jdmarker.c if you think you'd like to implement your own resync
-        procedure.
-
-term_source (j_decompress_ptr cinfo)
-        Terminate source --- called by jpeg_finish_decompress() after all
-        data has been read.  Often a no-op.
-
-For both fill_input_buffer() and skip_input_data(), there is no such thing
-as an EOF return.  If the end of the file has been reached, the routine has
-a choice of exiting via ERREXIT() or inserting fake data into the buffer.
-In most cases, generating a warning message and inserting a fake EOI marker
-is the best course of action --- this will allow the decompressor to output
-however much of the image is there.  In pathological cases, the decompressor
-may swallow the EOI and again demand data ... just keep feeding it fake EOIs.
-jdatasrc.c illustrates the recommended error recovery behavior.
-
-term_source() is NOT called by jpeg_abort() or jpeg_destroy().  If you want
-the source manager to be cleaned up during an abort, you must do it yourself.
-
-You will also need code to create a jpeg_source_mgr struct, fill in its method
-pointers, and insert a pointer to the struct into the "src" field of the JPEG
-decompression object.  This can be done in-line in your setup code if you
-like, but it's probably cleaner to provide a separate routine similar to the
-jpeg_stdio_src() or jpeg_mem_src() routines of the supplied source managers.
-
-For more information, consult the memory and stdio source and destination
-managers in jdatasrc.c and jdatadst.c.
-
-
-I/O suspension
---------------
-
-Some applications need to use the JPEG library as an incremental memory-to-
-memory filter: when the compressed data buffer is filled or emptied, they want
-control to return to the outer loop, rather than expecting that the buffer can
-be emptied or reloaded within the data source/destination manager subroutine.
-The library supports this need by providing an "I/O suspension" mode, which we
-describe in this section.
-
-The I/O suspension mode is not a panacea: nothing is guaranteed about the
-maximum amount of time spent in any one call to the library, so it will not
-eliminate response-time problems in single-threaded applications.  If you
-need guaranteed response time, we suggest you "bite the bullet" and implement
-a real multi-tasking capability.
-
-To use I/O suspension, cooperation is needed between the calling application
-and the data source or destination manager; you will always need a custom
-source/destination manager.  (Please read the previous section if you haven't
-already.)  The basic idea is that the empty_output_buffer() or
-fill_input_buffer() routine is a no-op, merely returning FALSE to indicate
-that it has done nothing.  Upon seeing this, the JPEG library suspends
-operation and returns to its caller.  The surrounding application is
-responsible for emptying or refilling the work buffer before calling the
-JPEG library again.
-
-Compression suspension:
-
-For compression suspension, use an empty_output_buffer() routine that returns
-FALSE; typically it will not do anything else.  This will cause the
-compressor to return to the caller of jpeg_write_scanlines(), with the return
-value indicating that not all the supplied scanlines have been accepted.
-The application must make more room in the output buffer, adjust the output
-buffer pointer/count appropriately, and then call jpeg_write_scanlines()
-again, pointing to the first unconsumed scanline.
-
-When forced to suspend, the compressor will backtrack to a convenient stopping
-point (usually the start of the current MCU); it will regenerate some output
-data when restarted.  Therefore, although empty_output_buffer() is only
-called when the buffer is filled, you should NOT write out the entire buffer
-after a suspension.  Write only the data up to the current position of
-next_output_byte/free_in_buffer.  The data beyond that point will be
-regenerated after resumption.
-
-Because of the backtracking behavior, a good-size output buffer is essential
-for efficiency; you don't want the compressor to suspend often.  (In fact, an
-overly small buffer could lead to infinite looping, if a single MCU required
-more data than would fit in the buffer.)  We recommend a buffer of at least
-several Kbytes.  You may want to insert explicit code to ensure that you don't
-call jpeg_write_scanlines() unless there is a reasonable amount of space in
-the output buffer; in other words, flush the buffer before trying to compress
-more data.
-
-The compressor does not allow suspension while it is trying to write JPEG
-markers at the beginning and end of the file.  This means that:
-  * At the beginning of a compression operation, there must be enough free
-    space in the output buffer to hold the header markers (typically 600 or
-    so bytes).  The recommended buffer size is bigger than this anyway, so
-    this is not a problem as long as you start with an empty buffer.  However,
-    this restriction might catch you if you insert large special markers, such
-    as a JFIF thumbnail image, without flushing the buffer afterwards.
-  * When you call jpeg_finish_compress(), there must be enough space in the
-    output buffer to emit any buffered data and the final EOI marker.  In the
-    current implementation, half a dozen bytes should suffice for this, but
-    for safety's sake we recommend ensuring that at least 100 bytes are free
-    before calling jpeg_finish_compress().
-
-A more significant restriction is that jpeg_finish_compress() cannot suspend.
-This means you cannot use suspension with multi-pass operating modes, namely
-Huffman code optimization and multiple-scan output.  Those modes write the
-whole file during jpeg_finish_compress(), which will certainly result in
-buffer overrun.  (Note that this restriction applies only to compression,
-not decompression.  The decompressor supports input suspension in all of its
-operating modes.)
-
-Decompression suspension:
-
-For decompression suspension, use a fill_input_buffer() routine that simply
-returns FALSE (except perhaps during error recovery, as discussed below).
-This will cause the decompressor to return to its caller with an indication
-that suspension has occurred.  This can happen at four places:
-  * jpeg_read_header(): will return JPEG_SUSPENDED.
-  * jpeg_start_decompress(): will return FALSE, rather than its usual TRUE.
-  * jpeg_read_scanlines(): will return the number of scanlines already
-        completed (possibly 0).
-  * jpeg_finish_decompress(): will return FALSE, rather than its usual TRUE.
-The surrounding application must recognize these cases, load more data into
-the input buffer, and repeat the call.  In the case of jpeg_read_scanlines(),
-increment the passed pointers past any scanlines successfully read.
-
-Just as with compression, the decompressor will typically backtrack to a
-convenient restart point before suspending.  When fill_input_buffer() is
-called, next_input_byte/bytes_in_buffer point to the current restart point,
-which is where the decompressor will backtrack to if FALSE is returned.
-The data beyond that position must NOT be discarded if you suspend; it needs
-to be re-read upon resumption.  In most implementations, you'll need to shift
-this data down to the start of your work buffer and then load more data after
-it.  Again, this behavior means that a several-Kbyte work buffer is essential
-for decent performance; furthermore, you should load a reasonable amount of
-new data before resuming decompression.  (If you loaded, say, only one new
-byte each time around, you could waste a LOT of cycles.)
-
-The skip_input_data() source manager routine requires special care in a
-suspension scenario.  This routine is NOT granted the ability to suspend the
-decompressor; it can decrement bytes_in_buffer to zero, but no more.  If the
-requested skip distance exceeds the amount of data currently in the input
-buffer, then skip_input_data() must set bytes_in_buffer to zero and record the
-additional skip distance somewhere else.  The decompressor will immediately
-call fill_input_buffer(), which should return FALSE, which will cause a
-suspension return.  The surrounding application must then arrange to discard
-the recorded number of bytes before it resumes loading the input buffer.
-(Yes, this design is rather baroque, but it avoids complexity in the far more
-common case where a non-suspending source manager is used.)
-
-If the input data has been exhausted, we recommend that you emit a warning
-and insert dummy EOI markers just as a non-suspending data source manager
-would do.  This can be handled either in the surrounding application logic or
-within fill_input_buffer(); the latter is probably more efficient.  If
-fill_input_buffer() knows that no more data is available, it can set the
-pointer/count to point to a dummy EOI marker and then return TRUE just as
-though it had read more data in a non-suspending situation.
-
-The decompressor does not attempt to suspend within standard JPEG markers;
-instead it will backtrack to the start of the marker and reprocess the whole
-marker next time.  Hence the input buffer must be large enough to hold the
-longest standard marker in the file.  Standard JPEG markers should normally
-not exceed a few hundred bytes each (DHT tables are typically the longest).
-We recommend at least a 2K buffer for performance reasons, which is much
-larger than any correct marker is likely to be.  For robustness against
-damaged marker length counts, you may wish to insert a test in your
-application for the case that the input buffer is completely full and yet
-the decoder has suspended without consuming any data --- otherwise, if this
-situation did occur, it would lead to an endless loop.  (The library can't
-provide this test since it has no idea whether "the buffer is full", or
-even whether there is a fixed-size input buffer.)
-
-The input buffer would need to be 64K to allow for arbitrary COM or APPn
-markers, but these are handled specially: they are either saved into allocated
-memory, or skipped over by calling skip_input_data().  In the former case,
-suspension is handled correctly, and in the latter case, the problem of
-buffer overrun is placed on skip_input_data's shoulders, as explained above.
-Note that if you provide your own marker handling routine for large markers,
-you should consider how to deal with buffer overflow.
-
-Multiple-buffer management:
-
-In some applications it is desirable to store the compressed data in a linked
-list of buffer areas, so as to avoid data copying.  This can be handled by
-having empty_output_buffer() or fill_input_buffer() set the pointer and count
-to reference the next available buffer; FALSE is returned only if no more
-buffers are available.  Although seemingly straightforward, there is a
-pitfall in this approach: the backtrack that occurs when FALSE is returned
-could back up into an earlier buffer.  For example, when fill_input_buffer()
-is called, the current pointer & count indicate the backtrack restart point.
-Since fill_input_buffer() will set the pointer and count to refer to a new
-buffer, the restart position must be saved somewhere else.  Suppose a second
-call to fill_input_buffer() occurs in the same library call, and no
-additional input data is available, so fill_input_buffer must return FALSE.
-If the JPEG library has not moved the pointer/count forward in the current
-buffer, then *the correct restart point is the saved position in the prior
-buffer*.  Prior buffers may be discarded only after the library establishes
-a restart point within a later buffer.  Similar remarks apply for output into
-a chain of buffers.
-
-The library will never attempt to backtrack over a skip_input_data() call,
-so any skipped data can be permanently discarded.  You still have to deal
-with the case of skipping not-yet-received data, however.
-
-It's much simpler to use only a single buffer; when fill_input_buffer() is
-called, move any unconsumed data (beyond the current pointer/count) down to
-the beginning of this buffer and then load new data into the remaining buffer
-space.  This approach requires a little more data copying but is far easier
-to get right.
-
-
-Progressive JPEG support
-------------------------
-
-Progressive JPEG rearranges the stored data into a series of scans of
-increasing quality.  In situations where a JPEG file is transmitted across a
-slow communications link, a decoder can generate a low-quality image very
-quickly from the first scan, then gradually improve the displayed quality as
-more scans are received.  The final image after all scans are complete is
-identical to that of a regular (sequential) JPEG file of the same quality
-setting.  Progressive JPEG files are often slightly smaller than equivalent
-sequential JPEG files, but the possibility of incremental display is the main
-reason for using progressive JPEG.
-
-The IJG encoder library generates progressive JPEG files when given a
-suitable "scan script" defining how to divide the data into scans.
-Creation of progressive JPEG files is otherwise transparent to the encoder.
-Progressive JPEG files can also be read transparently by the decoder library.
-If the decoding application simply uses the library as defined above, it
-will receive a final decoded image without any indication that the file was
-progressive.  Of course, this approach does not allow incremental display.
-To perform incremental display, an application needs to use the decoder
-library's "buffered-image" mode, in which it receives a decoded image
-multiple times.
-
-Each displayed scan requires about as much work to decode as a full JPEG
-image of the same size, so the decoder must be fairly fast in relation to the
-data transmission rate in order to make incremental display useful.  However,
-it is possible to skip displaying the image and simply add the incoming bits
-to the decoder's coefficient buffer.  This is fast because only Huffman
-decoding need be done, not IDCT, upsampling, colorspace conversion, etc.
-The IJG decoder library allows the application to switch dynamically between
-displaying the image and simply absorbing the incoming bits.  A properly
-coded application can automatically adapt the number of display passes to
-suit the time available as the image is received.  Also, a final
-higher-quality display cycle can be performed from the buffered data after
-the end of the file is reached.
-
-Progressive compression:
-
-To create a progressive JPEG file (or a multiple-scan sequential JPEG file),
-set the scan_info cinfo field to point to an array of scan descriptors, and
-perform compression as usual.  Instead of constructing your own scan list,
-you can call the jpeg_simple_progression() helper routine to create a
-recommended progression sequence; this method should be used by all
-applications that don't want to get involved in the nitty-gritty of
-progressive scan sequence design.  (If you want to provide user control of
-scan sequences, you may wish to borrow the scan script reading code found
-in rdswitch.c, so that you can read scan script files just like cjpeg's.)
-When scan_info is not NULL, the compression library will store DCT'd data
-into a buffer array as jpeg_write_scanlines() is called, and will emit all
-the requested scans during jpeg_finish_compress().  This implies that
-multiple-scan output cannot be created with a suspending data destination
-manager, since jpeg_finish_compress() does not support suspension.  We
-should also note that the compressor currently forces Huffman optimization
-mode when creating a progressive JPEG file, because the default Huffman
-tables are unsuitable for progressive files.
-
-Progressive decompression:
-
-When buffered-image mode is not used, the decoder library will read all of
-a multi-scan file during jpeg_start_decompress(), so that it can provide a
-final decoded image.  (Here "multi-scan" means either progressive or
-multi-scan sequential.)  This makes multi-scan files transparent to the
-decoding application.  However, existing applications that used suspending
-input with version 5 of the IJG library will need to be modified to check
-for a suspension return from jpeg_start_decompress().
-
-To perform incremental display, an application must use the library's
-buffered-image mode.  This is described in the next section.
-
-
-Buffered-image mode
--------------------
-
-In buffered-image mode, the library stores the partially decoded image in a
-coefficient buffer, from which it can be read out as many times as desired.
-This mode is typically used for incremental display of progressive JPEG files,
-but it can be used with any JPEG file.  Each scan of a progressive JPEG file
-adds more data (more detail) to the buffered image.  The application can
-display in lockstep with the source file (one display pass per input scan),
-or it can allow input processing to outrun display processing.  By making
-input and display processing run independently, it is possible for the
-application to adapt progressive display to a wide range of data transmission
-rates.
-
-The basic control flow for buffered-image decoding is
-
-        jpeg_create_decompress()
-        set data source
-        jpeg_read_header()
-        set overall decompression parameters
-        cinfo.buffered_image = TRUE;    /* select buffered-image mode */
-        jpeg_start_decompress()
-        for (each output pass) {
-            adjust output decompression parameters if required
-            jpeg_start_output()         /* start a new output pass */
-            for (all scanlines in image) {
-                jpeg_read_scanlines()
-                display scanlines
-            }
-            jpeg_finish_output()        /* terminate output pass */
-        }
-        jpeg_finish_decompress()
-        jpeg_destroy_decompress()
-
-This differs from ordinary unbuffered decoding in that there is an additional
-level of looping.  The application can choose how many output passes to make
-and how to display each pass.
-
-The simplest approach to displaying progressive images is to do one display
-pass for each scan appearing in the input file.  In this case the outer loop
-condition is typically
-        while (!jpeg_input_complete(&cinfo))
-and the start-output call should read
-        jpeg_start_output(&cinfo, cinfo.input_scan_number);
-The second parameter to jpeg_start_output() indicates which scan of the input
-file is to be displayed; the scans are numbered starting at 1 for this
-purpose.  (You can use a loop counter starting at 1 if you like, but using
-the library's input scan counter is easier.)  The library automatically reads
-data as necessary to complete each requested scan, and jpeg_finish_output()
-advances to the next scan or end-of-image marker (hence input_scan_number
-will be incremented by the time control arrives back at jpeg_start_output()).
-With this technique, data is read from the input file only as needed, and
-input and output processing run in lockstep.
-
-After reading the final scan and reaching the end of the input file, the
-buffered image remains available; it can be read additional times by
-repeating the jpeg_start_output()/jpeg_read_scanlines()/jpeg_finish_output()
-sequence.  For example, a useful technique is to use fast one-pass color
-quantization for display passes made while the image is arriving, followed by
-a final display pass using two-pass quantization for highest quality.  This
-is done by changing the library parameters before the final output pass.
-Changing parameters between passes is discussed in detail below.
-
-In general the last scan of a progressive file cannot be recognized as such
-until after it is read, so a post-input display pass is the best approach if
-you want special processing in the final pass.
-
-When done with the image, be sure to call jpeg_finish_decompress() to release
-the buffered image (or just use jpeg_destroy_decompress()).
-
-If input data arrives faster than it can be displayed, the application can
-cause the library to decode input data in advance of what's needed to produce
-output.  This is done by calling the routine jpeg_consume_input().
-The return value is one of the following:
-        JPEG_REACHED_SOS:    reached an SOS marker (the start of a new scan)
-        JPEG_REACHED_EOI:    reached the EOI marker (end of image)
-        JPEG_ROW_COMPLETED:  completed reading one MCU row of compressed data
-        JPEG_SCAN_COMPLETED: completed reading last MCU row of current scan
-        JPEG_SUSPENDED:      suspended before completing any of the above
-(JPEG_SUSPENDED can occur only if a suspending data source is used.)  This
-routine can be called at any time after initializing the JPEG object.  It
-reads some additional data and returns when one of the indicated significant
-events occurs.  (If called after the EOI marker is reached, it will
-immediately return JPEG_REACHED_EOI without attempting to read more data.)
-
-The library's output processing will automatically call jpeg_consume_input()
-whenever the output processing overtakes the input; thus, simple lockstep
-display requires no direct calls to jpeg_consume_input().  But by adding
-calls to jpeg_consume_input(), you can absorb data in advance of what is
-being displayed.  This has two benefits:
-  * You can limit buildup of unprocessed data in your input buffer.
-  * You can eliminate extra display passes by paying attention to the
-    state of the library's input processing.
-
-The first of these benefits only requires interspersing calls to
-jpeg_consume_input() with your display operations and any other processing
-you may be doing.  To avoid wasting cycles due to backtracking, it's best to
-call jpeg_consume_input() only after a hundred or so new bytes have arrived.
-This is discussed further under "I/O suspension", above.  (Note: the JPEG
-library currently is not thread-safe.  You must not call jpeg_consume_input()
-from one thread of control if a different library routine is working on the
-same JPEG object in another thread.)
-
-When input arrives fast enough that more than one new scan is available
-before you start a new output pass, you may as well skip the output pass
-corresponding to the completed scan.  This occurs for free if you pass
-cinfo.input_scan_number as the target scan number to jpeg_start_output().
-The input_scan_number field is simply the index of the scan currently being
-consumed by the input processor.  You can ensure that this is up-to-date by
-emptying the input buffer just before calling jpeg_start_output(): call
-jpeg_consume_input() repeatedly until it returns JPEG_SUSPENDED or
-JPEG_REACHED_EOI.
-
-The target scan number passed to jpeg_start_output() is saved in the
-cinfo.output_scan_number field.  The library's output processing calls
-jpeg_consume_input() whenever the current input scan number and row within
-that scan is less than or equal to the current output scan number and row.
-Thus, input processing can "get ahead" of the output processing but is not
-allowed to "fall behind".  You can achieve several different effects by
-manipulating this interlock rule.  For example, if you pass a target scan
-number greater than the current input scan number, the output processor will
-wait until that scan starts to arrive before producing any output.  (To avoid
-an infinite loop, the target scan number is automatically reset to the last
-scan number when the end of image is reached.  Thus, if you specify a large
-target scan number, the library will just absorb the entire input file and
-then perform an output pass.  This is effectively the same as what
-jpeg_start_decompress() does when you don't select buffered-image mode.)
-When you pass a target scan number equal to the current input scan number,
-the image is displayed no faster than the current input scan arrives.  The
-final possibility is to pass a target scan number less than the current input
-scan number; this disables the input/output interlock and causes the output
-processor to simply display whatever it finds in the image buffer, without
-waiting for input.  (However, the library will not accept a target scan
-number less than one, so you can't avoid waiting for the first scan.)
-
-When data is arriving faster than the output display processing can advance
-through the image, jpeg_consume_input() will store data into the buffered
-image beyond the point at which the output processing is reading data out
-again.  If the input arrives fast enough, it may "wrap around" the buffer to
-the point where the input is more than one whole scan ahead of the output.
-If the output processing simply proceeds through its display pass without
-paying attention to the input, the effect seen on-screen is that the lower
-part of the image is one or more scans better in quality than the upper part.
-Then, when the next output scan is started, you have a choice of what target
-scan number to use.  The recommended choice is to use the current input scan
-number at that time, which implies that you've skipped the output scans
-corresponding to the input scans that were completed while you processed the
-previous output scan.  In this way, the decoder automatically adapts its
-speed to the arriving data, by skipping output scans as necessary to keep up
-with the arriving data.
-
-When using this strategy, you'll want to be sure that you perform a final
-output pass after receiving all the data; otherwise your last display may not
-be full quality across the whole screen.  So the right outer loop logic is
-something like this:
-        do {
-            absorb any waiting input by calling jpeg_consume_input()
-            final_pass = jpeg_input_complete(&cinfo);
-            adjust output decompression parameters if required
-            jpeg_start_output(&cinfo, cinfo.input_scan_number);
-            ...
-            jpeg_finish_output()
-        } while (!final_pass);
-rather than quitting as soon as jpeg_input_complete() returns TRUE.  This
-arrangement makes it simple to use higher-quality decoding parameters
-for the final pass.  But if you don't want to use special parameters for
-the final pass, the right loop logic is like this:
-        for (;;) {
-            absorb any waiting input by calling jpeg_consume_input()
-            jpeg_start_output(&cinfo, cinfo.input_scan_number);
-            ...
-            jpeg_finish_output()
-            if (jpeg_input_complete(&cinfo) &&
-                cinfo.input_scan_number == cinfo.output_scan_number)
-              break;
-        }
-In this case you don't need to know in advance whether an output pass is to
-be the last one, so it's not necessary to have reached EOF before starting
-the final output pass; rather, what you want to test is whether the output
-pass was performed in sync with the final input scan.  This form of the loop
-will avoid an extra output pass whenever the decoder is able (or nearly able)
-to keep up with the incoming data.
-
-When the data transmission speed is high, you might begin a display pass,
-then find that much or all of the file has arrived before you can complete
-the pass.  (You can detect this by noting the JPEG_REACHED_EOI return code
-from jpeg_consume_input(), or equivalently by testing jpeg_input_complete().)
-In this situation you may wish to abort the current display pass and start a
-new one using the newly arrived information.  To do so, just call
-jpeg_finish_output() and then start a new pass with jpeg_start_output().
-
-A variant strategy is to abort and restart display if more than one complete
-scan arrives during an output pass; this can be detected by noting
-JPEG_REACHED_SOS returns and/or examining cinfo.input_scan_number.  This
-idea should be employed with caution, however, since the display process
-might never get to the bottom of the image before being aborted, resulting
-in the lower part of the screen being several passes worse than the upper.
-In most cases it's probably best to abort an output pass only if the whole
-file has arrived and you want to begin the final output pass immediately.
-
-When receiving data across a communication link, we recommend always using
-the current input scan number for the output target scan number; if a
-higher-quality final pass is to be done, it should be started (aborting any
-incomplete output pass) as soon as the end of file is received.  However,
-many other strategies are possible.  For example, the application can examine
-the parameters of the current input scan and decide whether to display it or
-not.  If the scan contains only chroma data, one might choose not to use it
-as the target scan, expecting that the scan will be small and will arrive
-quickly.  To skip to the next scan, call jpeg_consume_input() until it
-returns JPEG_REACHED_SOS or JPEG_REACHED_EOI.  Or just use the next higher
-number as the target scan for jpeg_start_output(); but that method doesn't
-let you inspect the next scan's parameters before deciding to display it.
-
-
-In buffered-image mode, jpeg_start_decompress() never performs input and
-thus never suspends.  An application that uses input suspension with
-buffered-image mode must be prepared for suspension returns from these
-routines:
-* jpeg_start_output() performs input only if you request 2-pass quantization
-  and the target scan isn't fully read yet.  (This is discussed below.)
-* jpeg_read_scanlines(), as always, returns the number of scanlines that it
-  was able to produce before suspending.
-* jpeg_finish_output() will read any markers following the target scan,
-  up to the end of the file or the SOS marker that begins another scan.
-  (But it reads no input if jpeg_consume_input() has already reached the
-  end of the file or a SOS marker beyond the target output scan.)
-* jpeg_finish_decompress() will read until the end of file, and thus can
-  suspend if the end hasn't already been reached (as can be tested by
-  calling jpeg_input_complete()).
-jpeg_start_output(), jpeg_finish_output(), and jpeg_finish_decompress()
-all return TRUE if they completed their tasks, FALSE if they had to suspend.
-In the event of a FALSE return, the application must load more input data
-and repeat the call.  Applications that use non-suspending data sources need
-not check the return values of these three routines.
-
-
-It is possible to change decoding parameters between output passes in the
-buffered-image mode.  The decoder library currently supports only very
-limited changes of parameters.  ONLY THE FOLLOWING parameter changes are
-allowed after jpeg_start_decompress() is called:
-* dct_method can be changed before each call to jpeg_start_output().
-  For example, one could use a fast DCT method for early scans, changing
-  to a higher quality method for the final scan.
-* dither_mode can be changed before each call to jpeg_start_output();
-  of course this has no impact if not using color quantization.  Typically
-  one would use ordered dither for initial passes, then switch to
-  Floyd-Steinberg dither for the final pass.  Caution: changing dither mode
-  can cause more memory to be allocated by the library.  Although the amount
-  of memory involved is not large (a scanline or so), it may cause the
-  initial max_memory_to_use specification to be exceeded, which in the worst
-  case would result in an out-of-memory failure.
-* do_block_smoothing can be changed before each call to jpeg_start_output().
-  This setting is relevant only when decoding a progressive JPEG image.
-  During the first DC-only scan, block smoothing provides a very "fuzzy" look
-  instead of the very "blocky" look seen without it; which is better seems a
-  matter of personal taste.  But block smoothing is nearly always a win
-  during later stages, especially when decoding a successive-approximation
-  image: smoothing helps to hide the slight blockiness that otherwise shows
-  up on smooth gradients until the lowest coefficient bits are sent.
-* Color quantization mode can be changed under the rules described below.
-  You *cannot* change between full-color and quantized output (because that
-  would alter the required I/O buffer sizes), but you can change which
-  quantization method is used.
-
-When generating color-quantized output, changing quantization method is a
-very useful way of switching between high-speed and high-quality display.
-The library allows you to change among its three quantization methods:
-1. Single-pass quantization to a fixed color cube.
-   Selected by cinfo.two_pass_quantize = FALSE and cinfo.colormap = NULL.
-2. Single-pass quantization to an application-supplied colormap.
-   Selected by setting cinfo.colormap to point to the colormap (the value of
-   two_pass_quantize is ignored); also set cinfo.actual_number_of_colors.
-3. Two-pass quantization to a colormap chosen specifically for the image.
-   Selected by cinfo.two_pass_quantize = TRUE and cinfo.colormap = NULL.
-   (This is the default setting selected by jpeg_read_header, but it is
-   probably NOT what you want for the first pass of progressive display!)
-These methods offer successively better quality and lesser speed.  However,
-only the first method is available for quantizing in non-RGB color spaces.
-
-IMPORTANT: because the different quantizer methods have very different
-working-storage requirements, the library requires you to indicate which
-one(s) you intend to use before you call jpeg_start_decompress().  (If we did
-not require this, the max_memory_to_use setting would be a complete fiction.)
-You do this by setting one or more of these three cinfo fields to TRUE:
-        enable_1pass_quant              Fixed color cube colormap
-        enable_external_quant           Externally-supplied colormap
-        enable_2pass_quant              Two-pass custom colormap
-All three are initialized FALSE by jpeg_read_header().  But
-jpeg_start_decompress() automatically sets TRUE the one selected by the
-current two_pass_quantize and colormap settings, so you only need to set the
-enable flags for any other quantization methods you plan to change to later.
-
-After setting the enable flags correctly at jpeg_start_decompress() time, you
-can change to any enabled quantization method by setting two_pass_quantize
-and colormap properly just before calling jpeg_start_output().  The following
-special rules apply:
-1. You must explicitly set cinfo.colormap to NULL when switching to 1-pass
-   or 2-pass mode from a different mode, or when you want the 2-pass
-   quantizer to be re-run to generate a new colormap.
-2. To switch to an external colormap, or to change to a different external
-   colormap than was used on the prior pass, you must call
-   jpeg_new_colormap() after setting cinfo.colormap.
-NOTE: if you want to use the same colormap as was used in the prior pass,
-you should not do either of these things.  This will save some nontrivial
-switchover costs.
-(These requirements exist because cinfo.colormap will always be non-NULL
-after completing a prior output pass, since both the 1-pass and 2-pass
-quantizers set it to point to their output colormaps.  Thus you have to
-do one of these two things to notify the library that something has changed.
-Yup, it's a bit klugy, but it's necessary to do it this way for backwards
-compatibility.)
-
-Note that in buffered-image mode, the library generates any requested colormap
-during jpeg_start_output(), not during jpeg_start_decompress().
-
-When using two-pass quantization, jpeg_start_output() makes a pass over the
-buffered image to determine the optimum color map; it therefore may take a
-significant amount of time, whereas ordinarily it does little work.  The
-progress monitor hook is called during this pass, if defined.  It is also
-important to realize that if the specified target scan number is greater than
-or equal to the current input scan number, jpeg_start_output() will attempt
-to consume input as it makes this pass.  If you use a suspending data source,
-you need to check for a FALSE return from jpeg_start_output() under these
-conditions.  The combination of 2-pass quantization and a not-yet-fully-read
-target scan is the only case in which jpeg_start_output() will consume input.
-
-
-Application authors who support buffered-image mode may be tempted to use it
-for all JPEG images, even single-scan ones.  This will work, but it is
-inefficient: there is no need to create an image-sized coefficient buffer for
-single-scan images.  Requesting buffered-image mode for such an image wastes
-memory.  Worse, it can cost time on large images, since the buffered data has
-to be swapped out or written to a temporary file.  If you are concerned about
-maximum performance on baseline JPEG files, you should use buffered-image
-mode only when the incoming file actually has multiple scans.  This can be
-tested by calling jpeg_has_multiple_scans(), which will return a correct
-result at any time after jpeg_read_header() completes.
-
-It is also worth noting that when you use jpeg_consume_input() to let input
-processing get ahead of output processing, the resulting pattern of access to
-the coefficient buffer is quite nonsequential.  It's best to use the memory
-manager jmemnobs.c if you can (ie, if you have enough real or virtual main
-memory).  If not, at least make sure that max_memory_to_use is set as high as
-possible.  If the JPEG memory manager has to use a temporary file, you will
-probably see a lot of disk traffic and poor performance.  (This could be
-improved with additional work on the memory manager, but we haven't gotten
-around to it yet.)
-
-In some applications it may be convenient to use jpeg_consume_input() for all
-input processing, including reading the initial markers; that is, you may
-wish to call jpeg_consume_input() instead of jpeg_read_header() during
-startup.  This works, but note that you must check for JPEG_REACHED_SOS and
-JPEG_REACHED_EOI return codes as the equivalent of jpeg_read_header's codes.
-Once the first SOS marker has been reached, you must call
-jpeg_start_decompress() before jpeg_consume_input() will consume more input;
-it'll just keep returning JPEG_REACHED_SOS until you do.  If you read a
-tables-only file this way, jpeg_consume_input() will return JPEG_REACHED_EOI
-without ever returning JPEG_REACHED_SOS; be sure to check for this case.
-If this happens, the decompressor will not read any more input until you call
-jpeg_abort() to reset it.  It is OK to call jpeg_consume_input() even when not
-using buffered-image mode, but in that case it's basically a no-op after the
-initial markers have been read: it will just return JPEG_SUSPENDED.
-
-
-Abbreviated datastreams and multiple images
--------------------------------------------
-
-A JPEG compression or decompression object can be reused to process multiple
-images.  This saves a small amount of time per image by eliminating the
-"create" and "destroy" operations, but that isn't the real purpose of the
-feature.  Rather, reuse of an object provides support for abbreviated JPEG
-datastreams.  Object reuse can also simplify processing a series of images in
-a single input or output file.  This section explains these features.
-
-A JPEG file normally contains several hundred bytes worth of quantization
-and Huffman tables.  In a situation where many images will be stored or
-transmitted with identical tables, this may represent an annoying overhead.
-The JPEG standard therefore permits tables to be omitted.  The standard
-defines three classes of JPEG datastreams:
-  * "Interchange" datastreams contain an image and all tables needed to decode
-     the image.  These are the usual kind of JPEG file.
-  * "Abbreviated image" datastreams contain an image, but are missing some or
-    all of the tables needed to decode that image.
-  * "Abbreviated table specification" (henceforth "tables-only") datastreams
-    contain only table specifications.
-To decode an abbreviated image, it is necessary to load the missing table(s)
-into the decoder beforehand.  This can be accomplished by reading a separate
-tables-only file.  A variant scheme uses a series of images in which the first
-image is an interchange (complete) datastream, while subsequent ones are
-abbreviated and rely on the tables loaded by the first image.  It is assumed
-that once the decoder has read a table, it will remember that table until a
-new definition for the same table number is encountered.
-
-It is the application designer's responsibility to figure out how to associate
-the correct tables with an abbreviated image.  While abbreviated datastreams
-can be useful in a closed environment, their use is strongly discouraged in
-any situation where data exchange with other applications might be needed.
-Caveat designer.
-
-The JPEG library provides support for reading and writing any combination of
-tables-only datastreams and abbreviated images.  In both compression and
-decompression objects, a quantization or Huffman table will be retained for
-the lifetime of the object, unless it is overwritten by a new table definition.
-
-
-To create abbreviated image datastreams, it is only necessary to tell the
-compressor not to emit some or all of the tables it is using.  Each
-quantization and Huffman table struct contains a boolean field "sent_table",
-which normally is initialized to FALSE.  For each table used by the image, the
-header-writing process emits the table and sets sent_table = TRUE unless it is
-already TRUE.  (In normal usage, this prevents outputting the same table
-definition multiple times, as would otherwise occur because the chroma
-components typically share tables.)  Thus, setting this field to TRUE before
-calling jpeg_start_compress() will prevent the table from being written at
-all.
-
-If you want to create a "pure" abbreviated image file containing no tables,
-just call "jpeg_suppress_tables(&cinfo, TRUE)" after constructing all the
-tables.  If you want to emit some but not all tables, you'll need to set the
-individual sent_table fields directly.
-
-To create an abbreviated image, you must also call jpeg_start_compress()
-with a second parameter of FALSE, not TRUE.  Otherwise jpeg_start_compress()
-will force all the sent_table fields to FALSE.  (This is a safety feature to
-prevent abbreviated images from being created accidentally.)
-
-To create a tables-only file, perform the same parameter setup that you
-normally would, but instead of calling jpeg_start_compress() and so on, call
-jpeg_write_tables(&cinfo).  This will write an abbreviated datastream
-containing only SOI, DQT and/or DHT markers, and EOI.  All the quantization
-and Huffman tables that are currently defined in the compression object will
-be emitted unless their sent_tables flag is already TRUE, and then all the
-sent_tables flags will be set TRUE.
-
-A sure-fire way to create matching tables-only and abbreviated image files
-is to proceed as follows:
-
-        create JPEG compression object
-        set JPEG parameters
-        set destination to tables-only file
-        jpeg_write_tables(&cinfo);
-        set destination to image file
-        jpeg_start_compress(&cinfo, FALSE);
-        write data...
-        jpeg_finish_compress(&cinfo);
-
-Since the JPEG parameters are not altered between writing the table file and
-the abbreviated image file, the same tables are sure to be used.  Of course,
-you can repeat the jpeg_start_compress() ... jpeg_finish_compress() sequence
-many times to produce many abbreviated image files matching the table file.
-
-You cannot suppress output of the computed Huffman tables when Huffman
-optimization is selected.  (If you could, there'd be no way to decode the
-image...)  Generally, you don't want to set optimize_coding = TRUE when
-you are trying to produce abbreviated files.
-
-In some cases you might want to compress an image using tables which are
-not stored in the application, but are defined in an interchange or
-tables-only file readable by the application.  This can be done by setting up
-a JPEG decompression object to read the specification file, then copying the
-tables into your compression object.  See jpeg_copy_critical_parameters()
-for an example of copying quantization tables.
-
-
-To read abbreviated image files, you simply need to load the proper tables
-into the decompression object before trying to read the abbreviated image.
-If the proper tables are stored in the application program, you can just
-allocate the table structs and fill in their contents directly.  For example,
-to load a fixed quantization table into table slot "n":
-
-    if (cinfo.quant_tbl_ptrs[n] == NULL)
-      cinfo.quant_tbl_ptrs[n] = jpeg_alloc_quant_table((j_common_ptr) &cinfo);
-    quant_ptr = cinfo.quant_tbl_ptrs[n];        /* quant_ptr is JQUANT_TBL* */
-    for (i = 0; i < 64; i++) {
-      /* Qtable[] is desired quantization table, in natural array order */
-      quant_ptr->quantval[i] = Qtable[i];
-    }
-
-Code to load a fixed Huffman table is typically (for AC table "n"):
-
-    if (cinfo.ac_huff_tbl_ptrs[n] == NULL)
-      cinfo.ac_huff_tbl_ptrs[n] = jpeg_alloc_huff_table((j_common_ptr) &cinfo);
-    huff_ptr = cinfo.ac_huff_tbl_ptrs[n];       /* huff_ptr is JHUFF_TBL* */
-    for (i = 1; i <= 16; i++) {
-      /* counts[i] is number of Huffman codes of length i bits, i=1..16 */
-      huff_ptr->bits[i] = counts[i];
-    }
-    for (i = 0; i < 256; i++) {
-      /* symbols[] is the list of Huffman symbols, in code-length order */
-      huff_ptr->huffval[i] = symbols[i];
-    }
-
-(Note that trying to set cinfo.quant_tbl_ptrs[n] to point directly at a
-constant JQUANT_TBL object is not safe.  If the incoming file happened to
-contain a quantization table definition, your master table would get
-overwritten!  Instead allocate a working table copy and copy the master table
-into it, as illustrated above.  Ditto for Huffman tables, of course.)
-
-You might want to read the tables from a tables-only file, rather than
-hard-wiring them into your application.  The jpeg_read_header() call is
-sufficient to read a tables-only file.  You must pass a second parameter of
-FALSE to indicate that you do not require an image to be present.  Thus, the
-typical scenario is
-
-        create JPEG decompression object
-        set source to tables-only file
-        jpeg_read_header(&cinfo, FALSE);
-        set source to abbreviated image file
-        jpeg_read_header(&cinfo, TRUE);
-        set decompression parameters
-        jpeg_start_decompress(&cinfo);
-        read data...
-        jpeg_finish_decompress(&cinfo);
-
-In some cases, you may want to read a file without knowing whether it contains
-an image or just tables.  In that case, pass FALSE and check the return value
-from jpeg_read_header(): it will be JPEG_HEADER_OK if an image was found,
-JPEG_HEADER_TABLES_ONLY if only tables were found.  (A third return value,
-JPEG_SUSPENDED, is possible when using a suspending data source manager.)
-Note that jpeg_read_header() will not complain if you read an abbreviated
-image for which you haven't loaded the missing tables; the missing-table check
-occurs later, in jpeg_start_decompress().
-
-
-It is possible to read a series of images from a single source file by
-repeating the jpeg_read_header() ... jpeg_finish_decompress() sequence,
-without releasing/recreating the JPEG object or the data source module.
-(If you did reinitialize, any partial bufferload left in the data source
-buffer at the end of one image would be discarded, causing you to lose the
-start of the next image.)  When you use this method, stored tables are
-automatically carried forward, so some of the images can be abbreviated images
-that depend on tables from earlier images.
-
-If you intend to write a series of images into a single destination file,
-you might want to make a specialized data destination module that doesn't
-flush the output buffer at term_destination() time.  This would speed things
-up by some trifling amount.  Of course, you'd need to remember to flush the
-buffer after the last image.  You can make the later images be abbreviated
-ones by passing FALSE to jpeg_start_compress().
-
-
-Special markers
----------------
-
-Some applications may need to insert or extract special data in the JPEG
-datastream.  The JPEG standard provides marker types "COM" (comment) and
-"APP0" through "APP15" (application) to hold application-specific data.
-Unfortunately, the use of these markers is not specified by the standard.
-COM markers are fairly widely used to hold user-supplied text.  The JFIF file
-format spec uses APP0 markers with specified initial strings to hold certain
-data.  Adobe applications use APP14 markers beginning with the string "Adobe"
-for miscellaneous data.  Other APPn markers are rarely seen, but might
-contain almost anything.
-
-If you wish to store user-supplied text, we recommend you use COM markers
-and place readable 7-bit ASCII text in them.  Newline conventions are not
-standardized --- expect to find LF (Unix style), CR/LF (DOS style), or CR
-(Mac style).  A robust COM reader should be able to cope with random binary
-garbage, including nulls, since some applications generate COM markers
-containing non-ASCII junk.  (But yours should not be one of them.)
-
-For program-supplied data, use an APPn marker, and be sure to begin it with an
-identifying string so that you can tell whether the marker is actually yours.
-It's probably best to avoid using APP0 or APP14 for any private markers.
-(NOTE: the upcoming SPIFF standard will use APP8 markers; we recommend you
-not use APP8 markers for any private purposes, either.)
-
-Keep in mind that at most 65533 bytes can be put into one marker, but you
-can have as many markers as you like.
-
-By default, the IJG compression library will write a JFIF APP0 marker if the
-selected JPEG colorspace is grayscale or YCbCr, or an Adobe APP14 marker if
-the selected colorspace is RGB, CMYK, or YCCK.  You can disable this, but
-we don't recommend it.  The decompression library will recognize JFIF and
-Adobe markers and will set the JPEG colorspace properly when one is found.
-
-
-You can write special markers immediately following the datastream header by
-calling jpeg_write_marker() after jpeg_start_compress() and before the first
-call to jpeg_write_scanlines().  When you do this, the markers appear after
-the SOI and the JFIF APP0 and Adobe APP14 markers (if written), but before
-all else.  Specify the marker type parameter as "JPEG_COM" for COM or
-"JPEG_APP0 + n" for APPn.  (Actually, jpeg_write_marker will let you write
-any marker type, but we don't recommend writing any other kinds of marker.)
-For example, to write a user comment string pointed to by comment_text:
-        jpeg_write_marker(cinfo, JPEG_COM, comment_text, strlen(comment_text));
-
-If it's not convenient to store all the marker data in memory at once,
-you can instead call jpeg_write_m_header() followed by multiple calls to
-jpeg_write_m_byte().  If you do it this way, it's your responsibility to
-call jpeg_write_m_byte() exactly the number of times given in the length
-parameter to jpeg_write_m_header().  (This method lets you empty the
-output buffer partway through a marker, which might be important when
-using a suspending data destination module.  In any case, if you are using
-a suspending destination, you should flush its buffer after inserting
-any special markers.  See "I/O suspension".)
-
-Or, if you prefer to synthesize the marker byte sequence yourself,
-you can just cram it straight into the data destination module.
-
-If you are writing JFIF 1.02 extension markers (thumbnail images), don't
-forget to set cinfo.JFIF_minor_version = 2 so that the encoder will write the
-correct JFIF version number in the JFIF header marker.  The library's default
-is to write version 1.01, but that's wrong if you insert any 1.02 extension
-markers.  (We could probably get away with just defaulting to 1.02, but there
-used to be broken decoders that would complain about unknown minor version
-numbers.  To reduce compatibility risks it's safest not to write 1.02 unless
-you are actually using 1.02 extensions.)
-
-
-When reading, two methods of handling special markers are available:
-1. You can ask the library to save the contents of COM and/or APPn markers
-into memory, and then examine them at your leisure afterwards.
-2. You can supply your own routine to process COM and/or APPn markers
-on-the-fly as they are read.
-The first method is simpler to use, especially if you are using a suspending
-data source; writing a marker processor that copes with input suspension is
-not easy (consider what happens if the marker is longer than your available
-input buffer).  However, the second method conserves memory since the marker
-data need not be kept around after it's been processed.
-
-For either method, you'd normally set up marker handling after creating a
-decompression object and before calling jpeg_read_header(), because the
-markers of interest will typically be near the head of the file and so will
-be scanned by jpeg_read_header.  Once you've established a marker handling
-method, it will be used for the life of that decompression object
-(potentially many datastreams), unless you change it.  Marker handling is
-determined separately for COM markers and for each APPn marker code.
-
-
-To save the contents of special markers in memory, call
-        jpeg_save_markers(cinfo, marker_code, length_limit)
-where marker_code is the marker type to save, JPEG_COM or JPEG_APP0+n.
-(To arrange to save all the special marker types, you need to call this
-routine 17 times, for COM and APP0-APP15.)  If the incoming marker is longer
-than length_limit data bytes, only length_limit bytes will be saved; this
-parameter allows you to avoid chewing up memory when you only need to see the
-first few bytes of a potentially large marker.  If you want to save all the
-data, set length_limit to 0xFFFF; that is enough since marker lengths are only
-16 bits.  As a special case, setting length_limit to 0 prevents that marker
-type from being saved at all.  (That is the default behavior, in fact.)
-
-After jpeg_read_header() completes, you can examine the special markers by
-following the cinfo->marker_list pointer chain.  All the special markers in
-the file appear in this list, in order of their occurrence in the file (but
-omitting any markers of types you didn't ask for).  Both the original data
-length and the saved data length are recorded for each list entry; the latter
-will not exceed length_limit for the particular marker type.  Note that these
-lengths exclude the marker length word, whereas the stored representation
-within the JPEG file includes it.  (Hence the maximum data length is really
-only 65533.)
-
-It is possible that additional special markers appear in the file beyond the
-SOS marker at which jpeg_read_header stops; if so, the marker list will be
-extended during reading of the rest of the file.  This is not expected to be
-common, however.  If you are short on memory you may want to reset the length
-limit to zero for all marker types after finishing jpeg_read_header, to
-ensure that the max_memory_to_use setting cannot be exceeded due to addition
-of later markers.
-
-The marker list remains stored until you call jpeg_finish_decompress or
-jpeg_abort, at which point the memory is freed and the list is set to empty.
-(jpeg_destroy also releases the storage, of course.)
-
-Note that the library is internally interested in APP0 and APP14 markers;
-if you try to set a small nonzero length limit on these types, the library
-will silently force the length up to the minimum it wants.  (But you can set
-a zero length limit to prevent them from being saved at all.)  Also, in a
-16-bit environment, the maximum length limit may be constrained to less than
-65533 by malloc() limitations.  It is therefore best not to assume that the
-effective length limit is exactly what you set it to be.
-
-
-If you want to supply your own marker-reading routine, you do it by calling
-jpeg_set_marker_processor().  A marker processor routine must have the
-signature
-        boolean jpeg_marker_parser_method (j_decompress_ptr cinfo)
-Although the marker code is not explicitly passed, the routine can find it
-in cinfo->unread_marker.  At the time of call, the marker proper has been
-read from the data source module.  The processor routine is responsible for
-reading the marker length word and the remaining parameter bytes, if any.
-Return TRUE to indicate success.  (FALSE should be returned only if you are
-using a suspending data source and it tells you to suspend.  See the standard
-marker processors in jdmarker.c for appropriate coding methods if you need to
-use a suspending data source.)
-
-If you override the default APP0 or APP14 processors, it is up to you to
-recognize JFIF and Adobe markers if you want colorspace recognition to occur
-properly.  We recommend copying and extending the default processors if you
-want to do that.  (A better idea is to save these marker types for later
-examination by calling jpeg_save_markers(); that method doesn't interfere
-with the library's own processing of these markers.)
-
-jpeg_set_marker_processor() and jpeg_save_markers() are mutually exclusive
---- if you call one it overrides any previous call to the other, for the
-particular marker type specified.
-
-A simple example of an external COM processor can be found in djpeg.c.
-Also, see jpegtran.c for an example of using jpeg_save_markers.
-
-
-ICC profiles
-------------
-
-Two functions are provided for writing and reading International Color
-Consortium (ICC) device profiles embedded in JFIF JPEG image files:
-
-        void jpeg_write_icc_profile (j_compress_ptr cinfo,
-                                     const JOCTET *icc_data_ptr,
-                                     unsigned int icc_data_len);
-        boolean jpeg_read_icc_profile (j_decompress_ptr cinfo,
-                                       JOCTET **icc_data_ptr,
-                                       unsigned int *icc_data_len);
-
-The ICC has defined a standard for including such data in JPEG "APP2" markers.
-The aforementioned functions do not know anything about the internal structure
-of the ICC profile data; they just know how to embed the profile data into a
-JPEG file while writing it, or to extract the profile data from a JPEG file
-while reading it.
-
-jpeg_write_icc_profile() must be called after calling jpeg_start_compress() and
-before the first call to jpeg_write_scanlines() or jpeg_write_raw_data().  This
-ordering ensures that the APP2 marker(s) will appear after the SOI and JFIF or
-Adobe markers, but before all other data.
-
-jpeg_read_icc_profile() returns TRUE if an ICC profile was found and FALSE
-otherwise.  If an ICC profile was found, then the function will allocate a
-memory region containing the profile and will return a pointer to that memory
-region in *icc_data_ptr, as well as the length of the region in *icc_data_len.
-This memory region is allocated by the library using malloc() and must be freed
-by the caller using free() when the memory region is no longer needed.  Callers
-wishing to use jpeg_read_icc_profile() must call
-
-        jpeg_save_markers(cinfo, JPEG_APP0 + 2, 0xFFFF);
-
-prior to calling jpeg_read_header().  jpeg_read_icc_profile() can be called at
-any point between jpeg_read_header() and jpeg_finish_decompress().
-
-
-Raw (downsampled) image data
-----------------------------
-
-Some applications need to supply already-downsampled image data to the JPEG
-compressor, or to receive raw downsampled data from the decompressor.  The
-library supports this requirement by allowing the application to write or
-read raw data, bypassing the normal preprocessing or postprocessing steps.
-The interface is different from the standard one and is somewhat harder to
-use.  If your interest is merely in bypassing color conversion, we recommend
-that you use the standard interface and simply set jpeg_color_space =
-in_color_space (or jpeg_color_space = out_color_space for decompression).
-The mechanism described in this section is necessary only to supply or
-receive downsampled image data, in which not all components have the same
-dimensions.
-
-
-To compress raw data, you must supply the data in the colorspace to be used
-in the JPEG file (please read the earlier section on Special color spaces)
-and downsampled to the sampling factors specified in the JPEG parameters.
-You must supply the data in the format used internally by the JPEG library,
-namely a JSAMPIMAGE array.  This is an array of pointers to two-dimensional
-arrays, each of type JSAMPARRAY.  Each 2-D array holds the values for one
-color component.  This structure is necessary since the components are of
-different sizes.  If the image dimensions are not a multiple of the MCU size,
-you must also pad the data correctly (usually, this is done by replicating
-the last column and/or row).  The data must be padded to a multiple of a DCT
-block in each component: that is, each downsampled row must contain a
-multiple of 8 valid samples, and there must be a multiple of 8 sample rows
-for each component.  (For applications such as conversion of digital TV
-images, the standard image size is usually a multiple of the DCT block size,
-so that no padding need actually be done.)
-
-The procedure for compression of raw data is basically the same as normal
-compression, except that you call jpeg_write_raw_data() in place of
-jpeg_write_scanlines().  Before calling jpeg_start_compress(), you must do
-the following:
-  * Set cinfo->raw_data_in to TRUE.  (It is set FALSE by jpeg_set_defaults().)
-    This notifies the library that you will be supplying raw data.
-  * Ensure jpeg_color_space is correct --- an explicit jpeg_set_colorspace()
-    call is a good idea.  Note that since color conversion is bypassed,
-    in_color_space is ignored, except that jpeg_set_defaults() uses it to
-    choose the default jpeg_color_space setting.
-  * Ensure the sampling factors, cinfo->comp_info[i].h_samp_factor and
-    cinfo->comp_info[i].v_samp_factor, are correct.  Since these indicate the
-    dimensions of the data you are supplying, it's wise to set them
-    explicitly, rather than assuming the library's defaults are what you want.
-
-To pass raw data to the library, call jpeg_write_raw_data() in place of
-jpeg_write_scanlines().  The two routines work similarly except that
-jpeg_write_raw_data takes a JSAMPIMAGE data array rather than JSAMPARRAY.
-The scanlines count passed to and returned from jpeg_write_raw_data is
-measured in terms of the component with the largest v_samp_factor.
-
-jpeg_write_raw_data() processes one MCU row per call, which is to say
-v_samp_factor*DCTSIZE sample rows of each component.  The passed num_lines
-value must be at least max_v_samp_factor*DCTSIZE, and the return value will
-be exactly that amount (or possibly some multiple of that amount, in future
-library versions).  This is true even on the last call at the bottom of the
-image; don't forget to pad your data as necessary.
-
-The required dimensions of the supplied data can be computed for each
-component as
-        cinfo->comp_info[i].width_in_blocks*DCTSIZE  samples per row
-        cinfo->comp_info[i].height_in_blocks*DCTSIZE rows in image
-after jpeg_start_compress() has initialized those fields.  If the valid data
-is smaller than this, it must be padded appropriately.  For some sampling
-factors and image sizes, additional dummy DCT blocks are inserted to make
-the image a multiple of the MCU dimensions.  The library creates such dummy
-blocks itself; it does not read them from your supplied data.  Therefore you
-need never pad by more than DCTSIZE samples.  An example may help here.
-Assume 2h2v downsampling of YCbCr data, that is
-        cinfo->comp_info[0].h_samp_factor = 2           for Y
-        cinfo->comp_info[0].v_samp_factor = 2
-        cinfo->comp_info[1].h_samp_factor = 1           for Cb
-        cinfo->comp_info[1].v_samp_factor = 1
-        cinfo->comp_info[2].h_samp_factor = 1           for Cr
-        cinfo->comp_info[2].v_samp_factor = 1
-and suppose that the nominal image dimensions (cinfo->image_width and
-cinfo->image_height) are 101x101 pixels.  Then jpeg_start_compress() will
-compute downsampled_width = 101 and width_in_blocks = 13 for Y,
-downsampled_width = 51 and width_in_blocks = 7 for Cb and Cr (and the same
-for the height fields).  You must pad the Y data to at least 13*8 = 104
-columns and rows, the Cb/Cr data to at least 7*8 = 56 columns and rows.  The
-MCU height is max_v_samp_factor = 2 DCT rows so you must pass at least 16
-scanlines on each call to jpeg_write_raw_data(), which is to say 16 actual
-sample rows of Y and 8 each of Cb and Cr.  A total of 7 MCU rows are needed,
-so you must pass a total of 7*16 = 112 "scanlines".  The last DCT block row
-of Y data is dummy, so it doesn't matter what you pass for it in the data
-arrays, but the scanlines count must total up to 112 so that all of the Cb
-and Cr data gets passed.
-
-Output suspension is supported with raw-data compression: if the data
-destination module suspends, jpeg_write_raw_data() will return 0.
-In this case the same data rows must be passed again on the next call.
-
-
-Decompression with raw data output implies bypassing all postprocessing:
-you cannot ask for rescaling or color quantization, for instance.  More
-seriously, you must deal with the color space and sampling factors present in
-the incoming file.  If your application only handles, say, 2h1v YCbCr data,
-you must check for and fail on other color spaces or other sampling factors.
-The library will not convert to a different color space for you.
-
-To obtain raw data output, set cinfo->raw_data_out = TRUE before
-jpeg_start_decompress() (it is set FALSE by jpeg_read_header()).  Be sure to
-verify that the color space and sampling factors are ones you can handle.
-Then call jpeg_read_raw_data() in place of jpeg_read_scanlines().  The
-decompression process is otherwise the same as usual.
-
-jpeg_read_raw_data() returns one MCU row per call, and thus you must pass a
-buffer of at least max_v_samp_factor*DCTSIZE scanlines (scanline counting is
-the same as for raw-data compression).  The buffer you pass must be large
-enough to hold the actual data plus padding to DCT-block boundaries.  As with
-compression, any entirely dummy DCT blocks are not processed so you need not
-allocate space for them, but the total scanline count includes them.  The
-above example of computing buffer dimensions for raw-data compression is
-equally valid for decompression.
-
-Input suspension is supported with raw-data decompression: if the data source
-module suspends, jpeg_read_raw_data() will return 0.  You can also use
-buffered-image mode to read raw data in multiple passes.
-
-
-Really raw data: DCT coefficients
----------------------------------
-
-It is possible to read or write the contents of a JPEG file as raw DCT
-coefficients.  This facility is mainly intended for use in lossless
-transcoding between different JPEG file formats.  Other possible applications
-include lossless cropping of a JPEG image, lossless reassembly of a
-multi-strip or multi-tile TIFF/JPEG file into a single JPEG datastream, etc.
-
-To read the contents of a JPEG file as DCT coefficients, open the file and do
-jpeg_read_header() as usual.  But instead of calling jpeg_start_decompress()
-and jpeg_read_scanlines(), call jpeg_read_coefficients().  This will read the
-entire image into a set of virtual coefficient-block arrays, one array per
-component.  The return value is a pointer to an array of virtual-array
-descriptors.  Each virtual array can be accessed directly using the JPEG
-memory manager's access_virt_barray method (see Memory management, below,
-and also read structure.txt's discussion of virtual array handling).  Or,
-for simple transcoding to a different JPEG file format, the array list can
-just be handed directly to jpeg_write_coefficients().
-
-Each block in the block arrays contains quantized coefficient values in
-normal array order (not JPEG zigzag order).  The block arrays contain only
-DCT blocks containing real data; any entirely-dummy blocks added to fill out
-interleaved MCUs at the right or bottom edges of the image are discarded
-during reading and are not stored in the block arrays.  (The size of each
-block array can be determined from the width_in_blocks and height_in_blocks
-fields of the component's comp_info entry.)  This is also the data format
-expected by jpeg_write_coefficients().
-
-When you are done using the virtual arrays, call jpeg_finish_decompress()
-to release the array storage and return the decompression object to an idle
-state; or just call jpeg_destroy() if you don't need to reuse the object.
-
-If you use a suspending data source, jpeg_read_coefficients() will return
-NULL if it is forced to suspend; a non-NULL return value indicates successful
-completion.  You need not test for a NULL return value when using a
-non-suspending data source.
-
-It is also possible to call jpeg_read_coefficients() to obtain access to the
-decoder's coefficient arrays during a normal decode cycle in buffered-image
-mode.  This frammish might be useful for progressively displaying an incoming
-image and then re-encoding it without loss.  To do this, decode in buffered-
-image mode as discussed previously, then call jpeg_read_coefficients() after
-the last jpeg_finish_output() call.  The arrays will be available for your use
-until you call jpeg_finish_decompress().
-
-
-To write the contents of a JPEG file as DCT coefficients, you must provide
-the DCT coefficients stored in virtual block arrays.  You can either pass
-block arrays read from an input JPEG file by jpeg_read_coefficients(), or
-allocate virtual arrays from the JPEG compression object and fill them
-yourself.  In either case, jpeg_write_coefficients() is substituted for
-jpeg_start_compress() and jpeg_write_scanlines().  Thus the sequence is
-  * Create compression object
-  * Set all compression parameters as necessary
-  * Request virtual arrays if needed
-  * jpeg_write_coefficients()
-  * jpeg_finish_compress()
-  * Destroy or re-use compression object
-jpeg_write_coefficients() is passed a pointer to an array of virtual block
-array descriptors; the number of arrays is equal to cinfo.num_components.
-
-The virtual arrays need only have been requested, not realized, before
-jpeg_write_coefficients() is called.  A side-effect of
-jpeg_write_coefficients() is to realize any virtual arrays that have been
-requested from the compression object's memory manager.  Thus, when obtaining
-the virtual arrays from the compression object, you should fill the arrays
-after calling jpeg_write_coefficients().  The data is actually written out
-when you call jpeg_finish_compress(); jpeg_write_coefficients() only writes
-the file header.
-
-When writing raw DCT coefficients, it is crucial that the JPEG quantization
-tables and sampling factors match the way the data was encoded, or the
-resulting file will be invalid.  For transcoding from an existing JPEG file,
-we recommend using jpeg_copy_critical_parameters().  This routine initializes
-all the compression parameters to default values (like jpeg_set_defaults()),
-then copies the critical information from a source decompression object.
-The decompression object should have just been used to read the entire
-JPEG input file --- that is, it should be awaiting jpeg_finish_decompress().
-
-jpeg_write_coefficients() marks all tables stored in the compression object
-as needing to be written to the output file (thus, it acts like
-jpeg_start_compress(cinfo, TRUE)).  This is for safety's sake, to avoid
-emitting abbreviated JPEG files by accident.  If you really want to emit an
-abbreviated JPEG file, call jpeg_suppress_tables(), or set the tables'
-individual sent_table flags, between calling jpeg_write_coefficients() and
-jpeg_finish_compress().
-
-
-Progress monitoring
--------------------
-
-Some applications may need to regain control from the JPEG library every so
-often.  The typical use of this feature is to produce a percent-done bar or
-other progress display.  (For a simple example, see cjpeg.c or djpeg.c.)
-Although you do get control back frequently during the data-transferring pass
-(the jpeg_read_scanlines or jpeg_write_scanlines loop), any additional passes
-will occur inside jpeg_finish_compress or jpeg_start_decompress; those
-routines may take a long time to execute, and you don't get control back
-until they are done.
-
-You can define a progress-monitor routine which will be called periodically
-by the library.  No guarantees are made about how often this call will occur,
-so we don't recommend you use it for mouse tracking or anything like that.
-At present, a call will occur once per MCU row, scanline, or sample row
-group, whichever unit is convenient for the current processing mode; so the
-wider the image, the longer the time between calls.  During the data
-transferring pass, only one call occurs per call of jpeg_read_scanlines or
-jpeg_write_scanlines, so don't pass a large number of scanlines at once if
-you want fine resolution in the progress count.  (If you really need to use
-the callback mechanism for time-critical tasks like mouse tracking, you could
-insert additional calls inside some of the library's inner loops.)
-
-To establish a progress-monitor callback, create a struct jpeg_progress_mgr,
-fill in its progress_monitor field with a pointer to your callback routine,
-and set cinfo->progress to point to the struct.  The callback will be called
-whenever cinfo->progress is non-NULL.  (This pointer is set to NULL by
-jpeg_create_compress or jpeg_create_decompress; the library will not change
-it thereafter.  So if you allocate dynamic storage for the progress struct,
-make sure it will live as long as the JPEG object does.  Allocating from the
-JPEG memory manager with lifetime JPOOL_PERMANENT will work nicely.)  You
-can use the same callback routine for both compression and decompression.
-
-The jpeg_progress_mgr struct contains four fields which are set by the library:
-        long pass_counter;      /* work units completed in this pass */
-        long pass_limit;        /* total number of work units in this pass */
-        int completed_passes;   /* passes completed so far */
-        int total_passes;       /* total number of passes expected */
-During any one pass, pass_counter increases from 0 up to (not including)
-pass_limit; the step size is usually but not necessarily 1.  The pass_limit
-value may change from one pass to another.  The expected total number of
-passes is in total_passes, and the number of passes already completed is in
-completed_passes.  Thus the fraction of work completed may be estimated as
-                completed_passes + (pass_counter/pass_limit)
-                --------------------------------------------
-                                total_passes
-ignoring the fact that the passes may not be equal amounts of work.
-
-When decompressing, pass_limit can even change within a pass, because it
-depends on the number of scans in the JPEG file, which isn't always known in
-advance.  The computed fraction-of-work-done may jump suddenly (if the library
-discovers it has overestimated the number of scans) or even decrease (in the
-opposite case).  It is not wise to put great faith in the work estimate.
-
-When using the decompressor's buffered-image mode, the progress monitor work
-estimate is likely to be completely unhelpful, because the library has no way
-to know how many output passes will be demanded of it.  Currently, the library
-sets total_passes based on the assumption that there will be one more output
-pass if the input file end hasn't yet been read (jpeg_input_complete() isn't
-TRUE), but no more output passes if the file end has been reached when the
-output pass is started.  This means that total_passes will rise as additional
-output passes are requested.  If you have a way of determining the input file
-size, estimating progress based on the fraction of the file that's been read
-will probably be more useful than using the library's value.
-
-
-Memory management
------------------
-
-This section covers some key facts about the JPEG library's built-in memory
-manager.  For more info, please read structure.txt's section about the memory
-manager, and consult the source code if necessary.
-
-All memory and temporary file allocation within the library is done via the
-memory manager.  If necessary, you can replace the "back end" of the memory
-manager to control allocation yourself (for example, if you don't want the
-library to use malloc() and free() for some reason).
-
-Some data is allocated "permanently" and will not be freed until the JPEG
-object is destroyed.  Most data is allocated "per image" and is freed by
-jpeg_finish_compress, jpeg_finish_decompress, or jpeg_abort.  You can call the
-memory manager yourself to allocate structures that will automatically be
-freed at these times.  Typical code for this is
-  ptr = (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE, size);
-Use JPOOL_PERMANENT to get storage that lasts as long as the JPEG object.
-Use alloc_large instead of alloc_small for anything bigger than a few Kbytes.
-There are also alloc_sarray and alloc_barray routines that automatically
-build 2-D sample or block arrays.
-
-The library's minimum space requirements to process an image depend on the
-image's width, but not on its height, because the library ordinarily works
-with "strip" buffers that are as wide as the image but just a few rows high.
-Some operating modes (eg, two-pass color quantization) require full-image
-buffers.  Such buffers are treated as "virtual arrays": only the current strip
-need be in memory, and the rest can be swapped out to a temporary file.
-
-When using temporary files, the library will make the in-memory buffers for
-its virtual arrays just big enough to stay within a "maximum memory" setting.
-Your application can set this limit by setting cinfo->mem->max_memory_to_use
-after creating the JPEG object.  (Of course, there is still a minimum size for
-the buffers, so the max-memory setting is effective only if it is bigger than
-the minimum space needed.)  If you allocate any large structures yourself, you
-must allocate them before jpeg_start_compress() or jpeg_start_decompress() in
-order to have them counted against the max memory limit.  Also keep in mind
-that space allocated with alloc_small() is ignored, on the assumption that
-it's too small to be worth worrying about; so a reasonable safety margin
-should be left when setting max_memory_to_use.
-
-NOTE: Unless you develop your own memory manager back end, then temporary files
-will never be used.  The back end provided in libjpeg-turbo (jmemnobs.c) simply
-malloc()s and free()s virtual arrays, and an error occurs if the required
-memory exceeds the limit specified in cinfo->mem->max_memory_to_use.
-
-
-Memory usage
-------------
-
-Working memory requirements while performing compression or decompression
-depend on image dimensions, image characteristics (such as colorspace and
-JPEG process), and operating mode (application-selected options).
-
-As of v6b, the decompressor requires:
- 1. About 24K in more-or-less-fixed-size data.  This varies a bit depending
-    on operating mode and image characteristics (particularly color vs.
-    grayscale), but it doesn't depend on image dimensions.
- 2. Strip buffers (of size proportional to the image width) for IDCT and
-    upsampling results.  The worst case for commonly used sampling factors
-    is about 34 bytes * width in pixels for a color image.  A grayscale image
-    only needs about 8 bytes per pixel column.
- 3. A full-image DCT coefficient buffer is needed to decode a multi-scan JPEG
-    file (including progressive JPEGs), or whenever you select buffered-image
-    mode.  This takes 2 bytes/coefficient.  At typical 2x2 sampling, that's
-    3 bytes per pixel for a color image.  Worst case (1x1 sampling) requires
-    6 bytes/pixel.  For grayscale, figure 2 bytes/pixel.
- 4. To perform 2-pass color quantization, the decompressor also needs a
-    128K color lookup table and a full-image pixel buffer (3 bytes/pixel).
-This does not count any memory allocated by the application, such as a
-buffer to hold the final output image.
-
-The above figures are valid for 8-bit JPEG data precision and a machine with
-32-bit ints.  For 12-bit JPEG data, double the size of the strip buffers and
-quantization pixel buffer.  The "fixed-size" data will be somewhat smaller
-with 16-bit ints, larger with 64-bit ints.  Also, CMYK or other unusual
-color spaces will require different amounts of space.
-
-The full-image coefficient and pixel buffers, if needed at all, do not
-have to be fully RAM resident; you can have the library use temporary
-files instead when the total memory usage would exceed a limit you set.
-(But if your OS supports virtual memory, it's probably better to just use
-jmemnobs and let the OS do the swapping.)
-
-The compressor's memory requirements are similar, except that it has no need
-for color quantization.  Also, it needs a full-image DCT coefficient buffer
-if Huffman-table optimization is asked for, even if progressive mode is not
-requested.
-
-If you need more detailed information about memory usage in a particular
-situation, you can enable the MEM_STATS code in jmemmgr.c.
-
-
-Library compile-time options
-----------------------------
-
-A number of compile-time options are available by modifying jmorecfg.h.
-
-The JPEG standard provides for both the baseline 8-bit DCT process and
-a 12-bit DCT process.  The IJG code supports 12-bit lossy JPEG if you define
-BITS_IN_JSAMPLE as 12 rather than 8.  Note that this causes JSAMPLE to be
-larger than a char, so it affects the surrounding application's image data.
-The sample applications cjpeg and djpeg can support 12-bit mode only for PPM
-and GIF file formats; you must disable the other file formats to compile a
-12-bit cjpeg or djpeg.  (install.txt has more information about that.)
-At present, a 12-bit library can handle *only* 12-bit images, not both
-precisions.
-
-Note that a 12-bit library always compresses in Huffman optimization mode,
-in order to generate valid Huffman tables.  This is necessary because our
-default Huffman tables only cover 8-bit data.  If you need to output 12-bit
-files in one pass, you'll have to supply suitable default Huffman tables.
-You may also want to supply your own DCT quantization tables; the existing
-quality-scaling code has been developed for 8-bit use, and probably doesn't
-generate especially good tables for 12-bit.
-
-The maximum number of components (color channels) in the image is determined
-by MAX_COMPONENTS.  The JPEG standard allows up to 255 components, but we
-expect that few applications will need more than four or so.
-
-On machines with unusual data type sizes, you may be able to improve
-performance or reduce memory space by tweaking the various typedefs in
-jmorecfg.h.  In particular, on some RISC CPUs, access to arrays of "short"s
-is quite slow; consider trading memory for speed by making JCOEF, INT16, and
-UINT16 be "int" or "unsigned int".  UINT8 is also a candidate to become int.
-You probably don't want to make JSAMPLE be int unless you have lots of memory
-to burn.
-
-You can reduce the size of the library by compiling out various optional
-functions.  To do this, undefine xxx_SUPPORTED symbols as necessary.
-
-You can also save a few K by not having text error messages in the library;
-the standard error message table occupies about 5Kb.  This is particularly
-reasonable for embedded applications where there's no good way to display
-a message anyway.  To do this, remove the creation of the message table
-(jpeg_std_message_table[]) from jerror.c, and alter format_message to do
-something reasonable without it.  You could output the numeric value of the
-message code number, for example.  If you do this, you can also save a couple
-more K by modifying the TRACEMSn() macros in jerror.h to expand to nothing;
-you don't need trace capability anyway, right?
-
-
-Portability considerations
---------------------------
-
-The JPEG library has been written to be extremely portable; the sample
-applications cjpeg and djpeg are slightly less so.  This section summarizes
-the design goals in this area.  (If you encounter any bugs that cause the
-library to be less portable than is claimed here, we'd appreciate hearing
-about them.)
-
-The code works fine on ANSI C and C++ compilers, using any of the popular
-system include file setups, and some not-so-popular ones too.
-
-The code is not dependent on the exact sizes of the C data types.  As
-distributed, we make the assumptions that
-        char    is at least 8 bits wide
-        short   is at least 16 bits wide
-        int     is at least 16 bits wide
-        long    is at least 32 bits wide
-(These are the minimum requirements of the ANSI C standard.)  Wider types will
-work fine, although memory may be used inefficiently if char is much larger
-than 8 bits or short is much bigger than 16 bits.  The code should work
-equally well with 16- or 32-bit ints.
-
-In a system where these assumptions are not met, you may be able to make the
-code work by modifying the typedefs in jmorecfg.h.  However, you will probably
-have difficulty if int is less than 16 bits wide, since references to plain
-int abound in the code.
-
-char can be either signed or unsigned, although the code runs faster if an
-unsigned char type is available.  If char is wider than 8 bits, you will need
-to redefine JOCTET and/or provide custom data source/destination managers so
-that JOCTET represents exactly 8 bits of data on external storage.
-
-The JPEG library proper does not assume ASCII representation of characters.
-But some of the image file I/O modules in cjpeg/djpeg do have ASCII
-dependencies in file-header manipulation; so does cjpeg's select_file_type()
-routine.
-
-The JPEG library does not rely heavily on the C library.  In particular, C
-stdio is used only by the data source/destination modules and the error
-handler, all of which are application-replaceable.  (cjpeg/djpeg are more
-heavily dependent on stdio.)  malloc and free are called only from the memory
-manager "back end" module, so you can use a different memory allocator by
-replacing that one file.
-
-More info about porting the code may be gleaned by reading jconfig.txt,
-jmorecfg.h, and jinclude.h.
diff --git a/3rdparty/libjpeg-turbo_2_1_0/md5/CMakeLists.txt b/3rdparty/libjpeg-turbo_2_1_0/md5/CMakeLists.txt
deleted file mode 100644
index 526ef08..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/md5/CMakeLists.txt
+++ /dev/null
@@ -1 +0,0 @@
-add_executable(md5cmp md5cmp.c md5.c md5hl.c)
diff --git a/3rdparty/libjpeg-turbo_2_1_0/md5/md5.c b/3rdparty/libjpeg-turbo_2_1_0/md5/md5.c
deleted file mode 100644
index 9ef5daa..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/md5/md5.c
+++ /dev/null
@@ -1,275 +0,0 @@
-/*
- * This code implements the MD5 message-digest algorithm.
- * The algorithm is due to Ron Rivest.  This code was
- * written by Colin Plumb in 1993, no copyright is claimed.
- * This code is in the public domain; do with it what you wish.
- *
- * Equivalent code is available from RSA Data Security, Inc.
- * This code has been tested against that, and is equivalent,
- * except that you don't need to include two pages of legalese
- * with every copy.
- *
- * To compute the message digest of a chunk of bytes, declare an
- * MD5Context structure, pass it to MD5Init, call MD5Update as
- * needed on buffers full of bytes, and then call MD5Final, which
- * will fill a supplied 16-byte array with the digest.
- * ----------------------------------------------------------------------------
- * libjpeg-turbo Modifications:
- * Copyright (C)2018, D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- * ----------------------------------------------------------------------------
- */
-
-#include <string.h>             /* for memcpy() */
-#include "md5.h"
-
-#if (BYTE_ORDER == LITTLE_ENDIAN)
-#define byteReverse(buf, len)   /* Nothing */
-#else
-/*
- * Note: this code is harmless on little-endian machines.
- */
-static void byteReverse(unsigned char *buf, unsigned int longs)
-{
-  uint32 t;
-  do {
-    t = (uint32)((unsigned int)buf[3] << 8 | buf[2]) << 16 |
-        ((unsigned int)buf[1] << 8 | buf[0]);
-    *(uint32 *)buf = t;
-    buf += 4;
-  } while (--longs);
-}
-#endif
-
-/*
- * Start MD5 accumulation.  Set bit count to 0 and buffer to mysterious
- * initialization constants.
- */
-void MD5Init(struct MD5Context *ctx)
-{
-  ctx->buf[0] = 0x67452301;
-  ctx->buf[1] = 0xefcdab89;
-  ctx->buf[2] = 0x98badcfe;
-  ctx->buf[3] = 0x10325476;
-
-  ctx->bits[0] = 0;
-  ctx->bits[1] = 0;
-}
-
-/*
- * Update context to reflect the concatenation of another buffer full
- * of bytes.
- */
-void MD5Update(struct MD5Context *ctx, unsigned char *buf, unsigned int len)
-{
-  uint32 t;
-
-  /* Update bitcount */
-
-  t = ctx->bits[0];
-  if ((ctx->bits[0] = t + ((uint32)len << 3)) < t)
-    ctx->bits[1]++;             /* Carry from low to high */
-  ctx->bits[1] += len >> 29;
-
-  t = (t >> 3) & 0x3f;          /* Bytes already in shsInfo->data */
-
-  /* Handle any leading odd-sized chunks */
-
-  if (t) {
-    unsigned char *p = (unsigned char *)ctx->in + t;
-
-    t = 64 - t;
-    if (len < t) {
-      memcpy(p, buf, len);
-      return;
-    }
-    memcpy(p, buf, t);
-    byteReverse(ctx->in, 16);
-    MD5Transform(ctx->buf, (uint32 *)ctx->in);
-    buf += t;
-    len -= t;
-  }
-  /* Process data in 64-byte chunks */
-
-  while (len >= 64) {
-    memcpy(ctx->in, buf, 64);
-    byteReverse(ctx->in, 16);
-    MD5Transform(ctx->buf, (uint32 *)ctx->in);
-    buf += 64;
-    len -= 64;
-  }
-
-  /* Handle any remaining bytes of data. */
-
-  memcpy(ctx->in, buf, len);
-}
-
-/*
- * Final wrapup - pad to 64-byte boundary with the bit pattern
- * 1 0* (64-bit count of bits processed, MSB-first)
- */
-void MD5Final(unsigned char digest[16], struct MD5Context *ctx)
-{
-  unsigned int count;
-  unsigned char *p;
-  uint32 *in32 = (uint32 *)ctx->in;
-
-  /* Compute number of bytes mod 64 */
-  count = (ctx->bits[0] >> 3) & 0x3F;
-
-  /* Set the first char of padding to 0x80.  This is safe since there is
-     always at least one byte free */
-  p = ctx->in + count;
-  *p++ = 0x80;
-
-  /* Bytes of padding needed to make 64 bytes */
-  count = 64 - 1 - count;
-
-  /* Pad out to 56 mod 64 */
-  if (count < 8) {
-    /* Two lots of padding:  Pad the first block to 64 bytes */
-    memset(p, 0, count);
-    byteReverse(ctx->in, 16);
-    MD5Transform(ctx->buf, (uint32 *)ctx->in);
-
-    /* Now fill the next block with 56 bytes */
-    memset(ctx->in, 0, 56);
-  } else {
-    /* Pad block to 56 bytes */
-    memset(p, 0, count - 8);
-  }
-  byteReverse(ctx->in, 14);
-
-  /* Append length in bits and transform */
-  in32[14] = ctx->bits[0];
-  in32[15] = ctx->bits[1];
-
-  MD5Transform(ctx->buf, (uint32 *)ctx->in);
-  byteReverse((unsigned char *)ctx->buf, 4);
-  memcpy(digest, ctx->buf, 16);
-  memset(ctx, 0, sizeof(struct MD5Context));     /* In case it's sensitive */
-}
-
-
-/* The four core functions - F1 is optimized somewhat */
-
-/* #define F1(x, y, z) (x & y | ~x & z) */
-#define F1(x, y, z)  (z ^ (x & (y ^ z)))
-#define F2(x, y, z)  F1(z, x, y)
-#define F3(x, y, z)  (x ^ y ^ z)
-#define F4(x, y, z)  (y ^ (x | ~z))
-
-/* This is the central step in the MD5 algorithm. */
-#define MD5STEP(f, w, x, y, z, data, s) \
-  ( w += f(x, y, z) + data,  w = w << s | w >> (32 - s),  w += x )
-
-/*
- * The core of the MD5 algorithm, this alters an existing MD5 hash to
- * reflect the addition of 16 longwords of new data.  MD5Update blocks
- * the data and converts bytes into longwords for this routine.
- */
-void MD5Transform(uint32 buf[4], uint32 in[16])
-{
-  register uint32 a, b, c, d;
-
-  a = buf[0];
-  b = buf[1];
-  c = buf[2];
-  d = buf[3];
-
-  MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7);
-  MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12);
-  MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17);
-  MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22);
-  MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7);
-  MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12);
-  MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17);
-  MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22);
-  MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7);
-  MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12);
-  MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17);
-  MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22);
-  MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7);
-  MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12);
-  MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17);
-  MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22);
-
-  MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5);
-  MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9);
-  MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14);
-  MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20);
-  MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5);
-  MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9);
-  MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14);
-  MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20);
-  MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5);
-  MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9);
-  MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14);
-  MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20);
-  MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5);
-  MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9);
-  MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14);
-  MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20);
-
-  MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4);
-  MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11);
-  MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16);
-  MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23);
-  MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4);
-  MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11);
-  MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16);
-  MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23);
-  MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4);
-  MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11);
-  MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16);
-  MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23);
-  MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4);
-  MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11);
-  MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16);
-  MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23);
-
-  MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6);
-  MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10);
-  MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15);
-  MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21);
-  MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6);
-  MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10);
-  MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15);
-  MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21);
-  MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6);
-  MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10);
-  MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15);
-  MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21);
-  MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6);
-  MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10);
-  MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15);
-  MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21);
-
-  buf[0] += a;
-  buf[1] += b;
-  buf[2] += c;
-  buf[3] += d;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/md5/md5.h b/3rdparty/libjpeg-turbo_2_1_0/md5/md5.h
deleted file mode 100644
index 6d745e9..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/md5/md5.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * libjpeg-turbo Modifications:
- * Copyright (C)2018 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-#ifndef MD5_H
-#define MD5_H
-
-#include <sys/types.h>
-#ifdef __amigaos4__
-#include <machine/endian.h>
-#endif
-
-/*  On machines where "long" is 64 bits, we need to declare
-    uint32 as something guaranteed to be 32 bits.  */
-
-typedef unsigned int uint32;
-
-typedef struct MD5Context {
-  uint32 buf[4];
-  uint32 bits[2];
-  unsigned char in[64];
-} MD5_CTX;
-
-extern void MD5Init(struct MD5Context *ctx);
-extern void MD5Update(struct MD5Context *ctx, unsigned char *buf,
-                      unsigned int len);
-extern void MD5Final(unsigned char digest[16], struct MD5Context *ctx);
-extern void MD5Transform(uint32 buf[4], uint32 in[16]);
-extern char *MD5File(const char *, char *);
-extern char *MD5FileChunk(const char *, char *, off_t, off_t);
-
-#endif /* !MD5_H */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/md5/md5cmp.c b/3rdparty/libjpeg-turbo_2_1_0/md5/md5cmp.c
deleted file mode 100644
index 42b94ce..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/md5/md5cmp.c
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * Copyright (C)2013, 2016 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "./md5.h"
-#include "../tjutil.h"
-
-int main(int argc, char *argv[])
-{
-  char *md5sum = NULL, buf[65];
-
-  if (argc < 3) {
-    fprintf(stderr, "USAGE: %s <correct MD5 sum> <file>\n", argv[0]);
-    return -1;
-  }
-
-  if (strlen(argv[1]) != 32)
-    fprintf(stderr, "WARNING: MD5 hash size is wrong.\n");
-
-  md5sum = MD5File(argv[2], buf);
-  if (!md5sum) {
-    perror("Could not obtain MD5 sum");
-    return -1;
-  }
-
-  if (!strcasecmp(md5sum, argv[1])) {
-    fprintf(stderr, "%s: OK\n", argv[2]);
-    return 0;
-  } else {
-    fprintf(stderr, "%s: FAILED.  Checksum is %s\n", argv[2], md5sum);
-    return -1;
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/md5/md5hl.c b/3rdparty/libjpeg-turbo_2_1_0/md5/md5hl.c
deleted file mode 100644
index 8a4a762..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/md5/md5hl.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/* mdXhl.c
- * ----------------------------------------------------------------------------
- * "THE BEER-WARE LICENSE" (Revision 42):
- * <phk@FreeBSD.org> wrote this file.  As long as you retain this notice you
- * can do whatever you want with this stuff. If we meet some day, and you think
- * this stuff is worth it, you can buy me a beer in return.   Poul-Henning Kamp
- * ----------------------------------------------------------------------------
- * libjpeg-turbo Modifications:
- * Copyright (C)2016, 2018-2019 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- * ----------------------------------------------------------------------------
- */
-
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#ifdef _WIN32
-#include <io.h>
-#define close  _close
-#define fstat  _fstat
-#define lseek  _lseek
-#define read  _read
-#define stat  _stat
-#else
-#include <unistd.h>
-#endif
-
-#include <errno.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#define LENGTH  16
-
-#include "./md5.h"
-
-static char *MD5End(MD5_CTX *ctx, char *buf)
-{
-  int i;
-  unsigned char digest[LENGTH];
-  static const char hex[] = "0123456789abcdef";
-
-  if (!buf)
-    buf = malloc(2 * LENGTH + 1);
-  if (!buf)
-    return 0;
-  MD5Final(digest, ctx);
-  for (i = 0; i < LENGTH; i++) {
-    buf[i + i] = hex[digest[i] >> 4];
-    buf[i + i + 1] = hex[digest[i] & 0x0f];
-  }
-  buf[i + i] = '\0';
-  return buf;
-}
-
-char *MD5File(const char *filename, char *buf)
-{
-  return (MD5FileChunk(filename, buf, 0, 0));
-}
-
-char *MD5FileChunk(const char *filename, char *buf, off_t ofs, off_t len)
-{
-  unsigned char buffer[BUFSIZ];
-  MD5_CTX ctx;
-  struct stat stbuf;
-  int f, i, e;
-  off_t n;
-
-  MD5Init(&ctx);
-#ifdef _WIN32
-  f = _open(filename, O_RDONLY | O_BINARY);
-#else
-  f = open(filename, O_RDONLY);
-#endif
-  if (f < 0)
-    return 0;
-  if (fstat(f, &stbuf) < 0)
-    return 0;
-  if (ofs > stbuf.st_size)
-    ofs = stbuf.st_size;
-  if ((len == 0) || (len > stbuf.st_size - ofs))
-    len = stbuf.st_size - ofs;
-  if (lseek(f, ofs, SEEK_SET) < 0)
-    return 0;
-  n = len;
-  i = 0;
-  while (n > 0) {
-    if (n > sizeof(buffer))
-      i = read(f, buffer, sizeof(buffer));
-    else
-      i = read(f, buffer, n);
-    if (i < 0)
-      break;
-    MD5Update(&ctx, buffer, i);
-    n -= i;
-  }
-  e = errno;
-  close(f);
-  errno = e;
-  if (i < 0)
-    return 0;
-  return (MD5End(&ctx, buf));
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/rdbmp.c b/3rdparty/libjpeg-turbo_2_1_0/rdbmp.c
deleted file mode 100644
index 358a026..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/rdbmp.c
+++ /dev/null
@@ -1,689 +0,0 @@
-/*
- * rdbmp.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * Modified 2009-2017 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Modified 2011 by Siarhei Siamashka.
- * Copyright (C) 2015, 2017-2018, 2021, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains routines to read input images in Microsoft "BMP"
- * format (MS Windows 3.x, OS/2 1.x, and OS/2 2.x flavors).
- * Currently, only 8-, 24-, and 32-bit images are supported, not 1-bit or
- * 4-bit (feeding such low-depth images into JPEG would be silly anyway).
- * Also, we don't support RLE-compressed files.
- *
- * These routines may need modification for non-Unix environments or
- * specialized applications.  As they stand, they assume input from
- * an ordinary stdio stream.  They further assume that reading begins
- * at the start of the file; start_input may need work if the
- * user interface has already read some data (e.g., to determine that
- * the file is indeed BMP format).
- *
- * This code contributed by James Arthur Boucher.
- */
-
-#include "cmyk.h"
-#include "cdjpeg.h"             /* Common decls for cjpeg/djpeg applications */
-
-#ifdef BMP_SUPPORTED
-
-
-/* Macros to deal with unsigned chars as efficiently as compiler allows */
-
-typedef unsigned char U_CHAR;
-#define UCH(x)  ((int)(x))
-
-
-#define ReadOK(file, buffer, len) \
-  (JFREAD(file, buffer, len) == ((size_t)(len)))
-
-static int alpha_index[JPEG_NUMCS] = {
-  -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 3, 3, 0, 0, -1
-};
-
-
-/* Private version of data source object */
-
-typedef struct _bmp_source_struct *bmp_source_ptr;
-
-typedef struct _bmp_source_struct {
-  struct cjpeg_source_struct pub; /* public fields */
-
-  j_compress_ptr cinfo;         /* back link saves passing separate parm */
-
-  JSAMPARRAY colormap;          /* BMP colormap (converted to my format) */
-
-  jvirt_sarray_ptr whole_image; /* Needed to reverse row order */
-  JDIMENSION source_row;        /* Current source row number */
-  JDIMENSION row_width;         /* Physical width of scanlines in file */
-
-  int bits_per_pixel;           /* remembers 8-, 24-, or 32-bit format */
-  int cmap_length;              /* colormap length */
-
-  boolean use_inversion_array;  /* TRUE = preload the whole image, which is
-                                   stored in bottom-up order, and feed it to
-                                   the calling program in top-down order
-
-                                   FALSE = the calling program will maintain
-                                   its own image buffer and read the rows in
-                                   bottom-up order */
-
-  U_CHAR *iobuffer;             /* I/O buffer (used to buffer a single row from
-                                   disk if use_inversion_array == FALSE) */
-} bmp_source_struct;
-
-
-LOCAL(int)
-read_byte(bmp_source_ptr sinfo)
-/* Read next byte from BMP file */
-{
-  register FILE *infile = sinfo->pub.input_file;
-  register int c;
-
-  if ((c = getc(infile)) == EOF)
-    ERREXIT(sinfo->cinfo, JERR_INPUT_EOF);
-  return c;
-}
-
-
-LOCAL(void)
-read_colormap(bmp_source_ptr sinfo, int cmaplen, int mapentrysize)
-/* Read the colormap from a BMP file */
-{
-  int i, gray = 1;
-
-  switch (mapentrysize) {
-  case 3:
-    /* BGR format (occurs in OS/2 files) */
-    for (i = 0; i < cmaplen; i++) {
-      sinfo->colormap[2][i] = (JSAMPLE)read_byte(sinfo);
-      sinfo->colormap[1][i] = (JSAMPLE)read_byte(sinfo);
-      sinfo->colormap[0][i] = (JSAMPLE)read_byte(sinfo);
-      if (sinfo->colormap[2][i] != sinfo->colormap[1][i] ||
-          sinfo->colormap[1][i] != sinfo->colormap[0][i])
-        gray = 0;
-    }
-    break;
-  case 4:
-    /* BGR0 format (occurs in MS Windows files) */
-    for (i = 0; i < cmaplen; i++) {
-      sinfo->colormap[2][i] = (JSAMPLE)read_byte(sinfo);
-      sinfo->colormap[1][i] = (JSAMPLE)read_byte(sinfo);
-      sinfo->colormap[0][i] = (JSAMPLE)read_byte(sinfo);
-      (void)read_byte(sinfo);
-      if (sinfo->colormap[2][i] != sinfo->colormap[1][i] ||
-          sinfo->colormap[1][i] != sinfo->colormap[0][i])
-        gray = 0;
-    }
-    break;
-  default:
-    ERREXIT(sinfo->cinfo, JERR_BMP_BADCMAP);
-    break;
-  }
-
-  if (sinfo->cinfo->in_color_space == JCS_UNKNOWN && gray)
-    sinfo->cinfo->in_color_space = JCS_GRAYSCALE;
-
-  if (sinfo->cinfo->in_color_space == JCS_GRAYSCALE && !gray)
-    ERREXIT(sinfo->cinfo, JERR_BAD_IN_COLORSPACE);
-}
-
-
-/*
- * Read one row of pixels.
- * The image has been read into the whole_image array, but is otherwise
- * unprocessed.  We must read it out in top-to-bottom row order, and if
- * it is an 8-bit image, we must expand colormapped pixels to 24bit format.
- */
-
-METHODDEF(JDIMENSION)
-get_8bit_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-/* This version is for reading 8-bit colormap indexes */
-{
-  bmp_source_ptr source = (bmp_source_ptr)sinfo;
-  register JSAMPARRAY colormap = source->colormap;
-  int cmaplen = source->cmap_length;
-  JSAMPARRAY image_ptr;
-  register int t;
-  register JSAMPROW inptr, outptr;
-  register JDIMENSION col;
-
-  if (source->use_inversion_array) {
-    /* Fetch next row from virtual array */
-    source->source_row--;
-    image_ptr = (*cinfo->mem->access_virt_sarray)
-      ((j_common_ptr)cinfo, source->whole_image,
-       source->source_row, (JDIMENSION)1, FALSE);
-    inptr = image_ptr[0];
-  } else {
-    if (!ReadOK(source->pub.input_file, source->iobuffer, source->row_width))
-      ERREXIT(cinfo, JERR_INPUT_EOF);
-    inptr = source->iobuffer;
-  }
-
-  /* Expand the colormap indexes to real data */
-  outptr = source->pub.buffer[0];
-  if (cinfo->in_color_space == JCS_GRAYSCALE) {
-    for (col = cinfo->image_width; col > 0; col--) {
-      t = *inptr++;
-      if (t >= cmaplen)
-        ERREXIT(cinfo, JERR_BMP_OUTOFRANGE);
-      *outptr++ = colormap[0][t];
-    }
-  } else if (cinfo->in_color_space == JCS_CMYK) {
-    for (col = cinfo->image_width; col > 0; col--) {
-      t = *inptr++;
-      if (t >= cmaplen)
-        ERREXIT(cinfo, JERR_BMP_OUTOFRANGE);
-      rgb_to_cmyk(colormap[0][t], colormap[1][t], colormap[2][t], outptr,
-                  outptr + 1, outptr + 2, outptr + 3);
-      outptr += 4;
-    }
-  } else {
-    register int rindex = rgb_red[cinfo->in_color_space];
-    register int gindex = rgb_green[cinfo->in_color_space];
-    register int bindex = rgb_blue[cinfo->in_color_space];
-    register int aindex = alpha_index[cinfo->in_color_space];
-    register int ps = rgb_pixelsize[cinfo->in_color_space];
-
-    if (aindex >= 0) {
-      for (col = cinfo->image_width; col > 0; col--) {
-        t = *inptr++;
-        if (t >= cmaplen)
-          ERREXIT(cinfo, JERR_BMP_OUTOFRANGE);
-        outptr[rindex] = colormap[0][t];
-        outptr[gindex] = colormap[1][t];
-        outptr[bindex] = colormap[2][t];
-        outptr[aindex] = 0xFF;
-        outptr += ps;
-      }
-    } else {
-      for (col = cinfo->image_width; col > 0; col--) {
-        t = *inptr++;
-        if (t >= cmaplen)
-          ERREXIT(cinfo, JERR_BMP_OUTOFRANGE);
-        outptr[rindex] = colormap[0][t];
-        outptr[gindex] = colormap[1][t];
-        outptr[bindex] = colormap[2][t];
-        outptr += ps;
-      }
-    }
-  }
-
-  return 1;
-}
-
-
-METHODDEF(JDIMENSION)
-get_24bit_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-/* This version is for reading 24-bit pixels */
-{
-  bmp_source_ptr source = (bmp_source_ptr)sinfo;
-  JSAMPARRAY image_ptr;
-  register JSAMPROW inptr, outptr;
-  register JDIMENSION col;
-
-  if (source->use_inversion_array) {
-    /* Fetch next row from virtual array */
-    source->source_row--;
-    image_ptr = (*cinfo->mem->access_virt_sarray)
-      ((j_common_ptr)cinfo, source->whole_image,
-       source->source_row, (JDIMENSION)1, FALSE);
-    inptr = image_ptr[0];
-  } else {
-    if (!ReadOK(source->pub.input_file, source->iobuffer, source->row_width))
-      ERREXIT(cinfo, JERR_INPUT_EOF);
-    inptr = source->iobuffer;
-  }
-
-  /* Transfer data.  Note source values are in BGR order
-   * (even though Microsoft's own documents say the opposite).
-   */
-  outptr = source->pub.buffer[0];
-  if (cinfo->in_color_space == JCS_EXT_BGR) {
-    MEMCOPY(outptr, inptr, source->row_width);
-  } else if (cinfo->in_color_space == JCS_CMYK) {
-    for (col = cinfo->image_width; col > 0; col--) {
-      JSAMPLE b = *inptr++, g = *inptr++, r = *inptr++;
-      rgb_to_cmyk(r, g, b, outptr, outptr + 1, outptr + 2, outptr + 3);
-      outptr += 4;
-    }
-  } else {
-    register int rindex = rgb_red[cinfo->in_color_space];
-    register int gindex = rgb_green[cinfo->in_color_space];
-    register int bindex = rgb_blue[cinfo->in_color_space];
-    register int aindex = alpha_index[cinfo->in_color_space];
-    register int ps = rgb_pixelsize[cinfo->in_color_space];
-
-    if (aindex >= 0) {
-      for (col = cinfo->image_width; col > 0; col--) {
-        outptr[bindex] = *inptr++;
-        outptr[gindex] = *inptr++;
-        outptr[rindex] = *inptr++;
-        outptr[aindex] = 0xFF;
-        outptr += ps;
-      }
-    } else {
-      for (col = cinfo->image_width; col > 0; col--) {
-        outptr[bindex] = *inptr++;
-        outptr[gindex] = *inptr++;
-        outptr[rindex] = *inptr++;
-        outptr += ps;
-      }
-    }
-  }
-
-  return 1;
-}
-
-
-METHODDEF(JDIMENSION)
-get_32bit_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-/* This version is for reading 32-bit pixels */
-{
-  bmp_source_ptr source = (bmp_source_ptr)sinfo;
-  JSAMPARRAY image_ptr;
-  register JSAMPROW inptr, outptr;
-  register JDIMENSION col;
-
-  if (source->use_inversion_array) {
-    /* Fetch next row from virtual array */
-    source->source_row--;
-    image_ptr = (*cinfo->mem->access_virt_sarray)
-      ((j_common_ptr)cinfo, source->whole_image,
-       source->source_row, (JDIMENSION)1, FALSE);
-    inptr = image_ptr[0];
-  } else {
-    if (!ReadOK(source->pub.input_file, source->iobuffer, source->row_width))
-      ERREXIT(cinfo, JERR_INPUT_EOF);
-    inptr = source->iobuffer;
-  }
-
-  /* Transfer data.  Note source values are in BGR order
-   * (even though Microsoft's own documents say the opposite).
-   */
-  outptr = source->pub.buffer[0];
-  if (cinfo->in_color_space == JCS_EXT_BGRX ||
-      cinfo->in_color_space == JCS_EXT_BGRA) {
-    MEMCOPY(outptr, inptr, source->row_width);
-  } else if (cinfo->in_color_space == JCS_CMYK) {
-    for (col = cinfo->image_width; col > 0; col--) {
-      JSAMPLE b = *inptr++, g = *inptr++, r = *inptr++;
-      rgb_to_cmyk(r, g, b, outptr, outptr + 1, outptr + 2, outptr + 3);
-      inptr++;                          /* skip the 4th byte (Alpha channel) */
-      outptr += 4;
-    }
-  } else {
-    register int rindex = rgb_red[cinfo->in_color_space];
-    register int gindex = rgb_green[cinfo->in_color_space];
-    register int bindex = rgb_blue[cinfo->in_color_space];
-    register int aindex = alpha_index[cinfo->in_color_space];
-    register int ps = rgb_pixelsize[cinfo->in_color_space];
-
-    if (aindex >= 0) {
-      for (col = cinfo->image_width; col > 0; col--) {
-        outptr[bindex] = *inptr++;
-        outptr[gindex] = *inptr++;
-        outptr[rindex] = *inptr++;
-        outptr[aindex] = *inptr++;
-        outptr += ps;
-      }
-    } else {
-      for (col = cinfo->image_width; col > 0; col--) {
-        outptr[bindex] = *inptr++;
-        outptr[gindex] = *inptr++;
-        outptr[rindex] = *inptr++;
-        inptr++;                        /* skip the 4th byte (Alpha channel) */
-        outptr += ps;
-      }
-    }
-  }
-
-  return 1;
-}
-
-
-/*
- * This method loads the image into whole_image during the first call on
- * get_pixel_rows.  The get_pixel_rows pointer is then adjusted to call
- * get_8bit_row, get_24bit_row, or get_32bit_row on subsequent calls.
- */
-
-METHODDEF(JDIMENSION)
-preload_image(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-{
-  bmp_source_ptr source = (bmp_source_ptr)sinfo;
-  register FILE *infile = source->pub.input_file;
-  register JSAMPROW out_ptr;
-  JSAMPARRAY image_ptr;
-  JDIMENSION row;
-  cd_progress_ptr progress = (cd_progress_ptr)cinfo->progress;
-
-  /* Read the data into a virtual array in input-file row order. */
-  for (row = 0; row < cinfo->image_height; row++) {
-    if (progress != NULL) {
-      progress->pub.pass_counter = (long)row;
-      progress->pub.pass_limit = (long)cinfo->image_height;
-      (*progress->pub.progress_monitor) ((j_common_ptr)cinfo);
-    }
-    image_ptr = (*cinfo->mem->access_virt_sarray)
-      ((j_common_ptr)cinfo, source->whole_image, row, (JDIMENSION)1, TRUE);
-    out_ptr = image_ptr[0];
-    if (fread(out_ptr, 1, source->row_width, infile) != source->row_width) {
-      if (feof(infile))
-        ERREXIT(cinfo, JERR_INPUT_EOF);
-      else
-        ERREXIT(cinfo, JERR_FILE_READ);
-    }
-  }
-  if (progress != NULL)
-    progress->completed_extra_passes++;
-
-  /* Set up to read from the virtual array in top-to-bottom order */
-  switch (source->bits_per_pixel) {
-  case 8:
-    source->pub.get_pixel_rows = get_8bit_row;
-    break;
-  case 24:
-    source->pub.get_pixel_rows = get_24bit_row;
-    break;
-  case 32:
-    source->pub.get_pixel_rows = get_32bit_row;
-    break;
-  default:
-    ERREXIT(cinfo, JERR_BMP_BADDEPTH);
-  }
-  source->source_row = cinfo->image_height;
-
-  /* And read the first row */
-  return (*source->pub.get_pixel_rows) (cinfo, sinfo);
-}
-
-
-/*
- * Read the file header; return image size and component count.
- */
-
-METHODDEF(void)
-start_input_bmp(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-{
-  bmp_source_ptr source = (bmp_source_ptr)sinfo;
-  U_CHAR bmpfileheader[14];
-  U_CHAR bmpinfoheader[64];
-
-#define GET_2B(array, offset) \
-  ((unsigned short)UCH(array[offset]) + \
-   (((unsigned short)UCH(array[offset + 1])) << 8))
-#define GET_4B(array, offset) \
-  ((unsigned int)UCH(array[offset]) + \
-   (((unsigned int)UCH(array[offset + 1])) << 8) + \
-   (((unsigned int)UCH(array[offset + 2])) << 16) + \
-   (((unsigned int)UCH(array[offset + 3])) << 24))
-
-  int bfOffBits;
-  int headerSize;
-  int biWidth;
-  int biHeight;
-  unsigned short biPlanes;
-  unsigned int biCompression;
-  int biXPelsPerMeter, biYPelsPerMeter;
-  int biClrUsed = 0;
-  int mapentrysize = 0;         /* 0 indicates no colormap */
-  int bPad;
-  JDIMENSION row_width = 0;
-
-  /* Read and verify the bitmap file header */
-  if (!ReadOK(source->pub.input_file, bmpfileheader, 14))
-    ERREXIT(cinfo, JERR_INPUT_EOF);
-  if (GET_2B(bmpfileheader, 0) != 0x4D42) /* 'BM' */
-    ERREXIT(cinfo, JERR_BMP_NOT);
-  bfOffBits = GET_4B(bmpfileheader, 10);
-  /* We ignore the remaining fileheader fields */
-
-  /* The infoheader might be 12 bytes (OS/2 1.x), 40 bytes (Windows),
-   * or 64 bytes (OS/2 2.x).  Check the first 4 bytes to find out which.
-   */
-  if (!ReadOK(source->pub.input_file, bmpinfoheader, 4))
-    ERREXIT(cinfo, JERR_INPUT_EOF);
-  headerSize = GET_4B(bmpinfoheader, 0);
-  if (headerSize < 12 || headerSize > 64 || (headerSize + 14) > bfOffBits)
-    ERREXIT(cinfo, JERR_BMP_BADHEADER);
-  if (!ReadOK(source->pub.input_file, bmpinfoheader + 4, headerSize - 4))
-    ERREXIT(cinfo, JERR_INPUT_EOF);
-
-  switch (headerSize) {
-  case 12:
-    /* Decode OS/2 1.x header (Microsoft calls this a BITMAPCOREHEADER) */
-    biWidth = (int)GET_2B(bmpinfoheader, 4);
-    biHeight = (int)GET_2B(bmpinfoheader, 6);
-    biPlanes = GET_2B(bmpinfoheader, 8);
-    source->bits_per_pixel = (int)GET_2B(bmpinfoheader, 10);
-
-    switch (source->bits_per_pixel) {
-    case 8:                     /* colormapped image */
-      mapentrysize = 3;         /* OS/2 uses RGBTRIPLE colormap */
-      TRACEMS2(cinfo, 1, JTRC_BMP_OS2_MAPPED, biWidth, biHeight);
-      break;
-    case 24:                    /* RGB image */
-    case 32:                    /* RGB image + Alpha channel */
-      TRACEMS3(cinfo, 1, JTRC_BMP_OS2, biWidth, biHeight,
-               source->bits_per_pixel);
-      break;
-    default:
-      ERREXIT(cinfo, JERR_BMP_BADDEPTH);
-      break;
-    }
-    break;
-  case 40:
-  case 64:
-    /* Decode Windows 3.x header (Microsoft calls this a BITMAPINFOHEADER) */
-    /* or OS/2 2.x header, which has additional fields that we ignore */
-    biWidth = (int)GET_4B(bmpinfoheader, 4);
-    biHeight = (int)GET_4B(bmpinfoheader, 8);
-    biPlanes = GET_2B(bmpinfoheader, 12);
-    source->bits_per_pixel = (int)GET_2B(bmpinfoheader, 14);
-    biCompression = GET_4B(bmpinfoheader, 16);
-    biXPelsPerMeter = (int)GET_4B(bmpinfoheader, 24);
-    biYPelsPerMeter = (int)GET_4B(bmpinfoheader, 28);
-    biClrUsed = GET_4B(bmpinfoheader, 32);
-    /* biSizeImage, biClrImportant fields are ignored */
-
-    switch (source->bits_per_pixel) {
-    case 8:                     /* colormapped image */
-      mapentrysize = 4;         /* Windows uses RGBQUAD colormap */
-      TRACEMS2(cinfo, 1, JTRC_BMP_MAPPED, biWidth, biHeight);
-      break;
-    case 24:                    /* RGB image */
-    case 32:                    /* RGB image + Alpha channel */
-      TRACEMS3(cinfo, 1, JTRC_BMP, biWidth, biHeight, source->bits_per_pixel);
-      break;
-    default:
-      ERREXIT(cinfo, JERR_BMP_BADDEPTH);
-      break;
-    }
-    if (biCompression != 0)
-      ERREXIT(cinfo, JERR_BMP_COMPRESSED);
-
-    if (biXPelsPerMeter > 0 && biYPelsPerMeter > 0) {
-      /* Set JFIF density parameters from the BMP data */
-      cinfo->X_density = (UINT16)(biXPelsPerMeter / 100); /* 100 cm per meter */
-      cinfo->Y_density = (UINT16)(biYPelsPerMeter / 100);
-      cinfo->density_unit = 2;  /* dots/cm */
-    }
-    break;
-  default:
-    ERREXIT(cinfo, JERR_BMP_BADHEADER);
-    return;
-  }
-
-  if (biWidth <= 0 || biHeight <= 0)
-    ERREXIT(cinfo, JERR_BMP_EMPTY);
-#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
-  if (sinfo->max_pixels &&
-      (unsigned long long)biWidth * biHeight > sinfo->max_pixels)
-    ERREXIT(cinfo, JERR_WIDTH_OVERFLOW);
-#endif
-  if (biPlanes != 1)
-    ERREXIT(cinfo, JERR_BMP_BADPLANES);
-
-  /* Compute distance to bitmap data --- will adjust for colormap below */
-  bPad = bfOffBits - (headerSize + 14);
-
-  /* Read the colormap, if any */
-  if (mapentrysize > 0) {
-    if (biClrUsed <= 0)
-      biClrUsed = 256;          /* assume it's 256 */
-    else if (biClrUsed > 256)
-      ERREXIT(cinfo, JERR_BMP_BADCMAP);
-    /* Allocate space to store the colormap */
-    source->colormap = (*cinfo->mem->alloc_sarray)
-      ((j_common_ptr)cinfo, JPOOL_IMAGE, (JDIMENSION)biClrUsed, (JDIMENSION)3);
-    source->cmap_length = (int)biClrUsed;
-    /* and read it from the file */
-    read_colormap(source, (int)biClrUsed, mapentrysize);
-    /* account for size of colormap */
-    bPad -= biClrUsed * mapentrysize;
-  }
-
-  /* Skip any remaining pad bytes */
-  if (bPad < 0)                 /* incorrect bfOffBits value? */
-    ERREXIT(cinfo, JERR_BMP_BADHEADER);
-  while (--bPad >= 0) {
-    (void)read_byte(source);
-  }
-
-  /* Compute row width in file, including padding to 4-byte boundary */
-  switch (source->bits_per_pixel) {
-  case 8:
-    if (cinfo->in_color_space == JCS_UNKNOWN)
-      cinfo->in_color_space = JCS_EXT_RGB;
-    if (IsExtRGB(cinfo->in_color_space))
-      cinfo->input_components = rgb_pixelsize[cinfo->in_color_space];
-    else if (cinfo->in_color_space == JCS_GRAYSCALE)
-      cinfo->input_components = 1;
-    else if (cinfo->in_color_space == JCS_CMYK)
-      cinfo->input_components = 4;
-    else
-      ERREXIT(cinfo, JERR_BAD_IN_COLORSPACE);
-    row_width = (JDIMENSION)biWidth;
-    break;
-  case 24:
-    if (cinfo->in_color_space == JCS_UNKNOWN)
-      cinfo->in_color_space = JCS_EXT_BGR;
-    if (IsExtRGB(cinfo->in_color_space))
-      cinfo->input_components = rgb_pixelsize[cinfo->in_color_space];
-    else if (cinfo->in_color_space == JCS_CMYK)
-      cinfo->input_components = 4;
-    else
-      ERREXIT(cinfo, JERR_BAD_IN_COLORSPACE);
-    if ((unsigned long long)biWidth * 3ULL > 0xFFFFFFFFULL)
-      ERREXIT(cinfo, JERR_WIDTH_OVERFLOW);
-    row_width = (JDIMENSION)biWidth * 3;
-    break;
-  case 32:
-    if (cinfo->in_color_space == JCS_UNKNOWN)
-      cinfo->in_color_space = JCS_EXT_BGRA;
-    if (IsExtRGB(cinfo->in_color_space))
-      cinfo->input_components = rgb_pixelsize[cinfo->in_color_space];
-    else if (cinfo->in_color_space == JCS_CMYK)
-      cinfo->input_components = 4;
-    else
-      ERREXIT(cinfo, JERR_BAD_IN_COLORSPACE);
-    if ((unsigned long long)biWidth * 4ULL > 0xFFFFFFFFULL)
-      ERREXIT(cinfo, JERR_WIDTH_OVERFLOW);
-    row_width = (JDIMENSION)biWidth * 4;
-    break;
-  default:
-    ERREXIT(cinfo, JERR_BMP_BADDEPTH);
-  }
-  while ((row_width & 3) != 0) row_width++;
-  source->row_width = row_width;
-
-  if (source->use_inversion_array) {
-    /* Allocate space for inversion array, prepare for preload pass */
-    source->whole_image = (*cinfo->mem->request_virt_sarray)
-      ((j_common_ptr)cinfo, JPOOL_IMAGE, FALSE,
-       row_width, (JDIMENSION)biHeight, (JDIMENSION)1);
-    source->pub.get_pixel_rows = preload_image;
-    if (cinfo->progress != NULL) {
-      cd_progress_ptr progress = (cd_progress_ptr)cinfo->progress;
-      progress->total_extra_passes++; /* count file input as separate pass */
-    }
-  } else {
-    source->iobuffer = (U_CHAR *)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE, row_width);
-    switch (source->bits_per_pixel) {
-    case 8:
-      source->pub.get_pixel_rows = get_8bit_row;
-      break;
-    case 24:
-      source->pub.get_pixel_rows = get_24bit_row;
-      break;
-    case 32:
-      source->pub.get_pixel_rows = get_32bit_row;
-      break;
-    default:
-      ERREXIT(cinfo, JERR_BMP_BADDEPTH);
-    }
-  }
-
-  /* Ensure that biWidth * cinfo->input_components doesn't exceed the maximum
-     value of the JDIMENSION type.  This is only a danger with BMP files, since
-     their width and height fields are 32-bit integers. */
-  if ((unsigned long long)biWidth *
-      (unsigned long long)cinfo->input_components > 0xFFFFFFFFULL)
-    ERREXIT(cinfo, JERR_WIDTH_OVERFLOW);
-  /* Allocate one-row buffer for returned data */
-  source->pub.buffer = (*cinfo->mem->alloc_sarray)
-    ((j_common_ptr)cinfo, JPOOL_IMAGE,
-     (JDIMENSION)biWidth * (JDIMENSION)cinfo->input_components, (JDIMENSION)1);
-  source->pub.buffer_height = 1;
-
-  cinfo->data_precision = 8;
-  cinfo->image_width = (JDIMENSION)biWidth;
-  cinfo->image_height = (JDIMENSION)biHeight;
-}
-
-
-/*
- * Finish up at the end of the file.
- */
-
-METHODDEF(void)
-finish_input_bmp(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-{
-  /* no work */
-}
-
-
-/*
- * The module selection routine for BMP format input.
- */
-
-GLOBAL(cjpeg_source_ptr)
-jinit_read_bmp(j_compress_ptr cinfo, boolean use_inversion_array)
-{
-  bmp_source_ptr source;
-
-  /* Create module interface object */
-  source = (bmp_source_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(bmp_source_struct));
-  source->cinfo = cinfo;        /* make back link for subroutines */
-  /* Fill in method ptrs, except get_pixel_rows which start_input sets */
-  source->pub.start_input = start_input_bmp;
-  source->pub.finish_input = finish_input_bmp;
-#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
-  source->pub.max_pixels = 0;
-#endif
-
-  source->use_inversion_array = use_inversion_array;
-
-  return (cjpeg_source_ptr)source;
-}
-
-#endif /* BMP_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/rdcolmap.c b/3rdparty/libjpeg-turbo_2_1_0/rdcolmap.c
deleted file mode 100644
index d2ed95c..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/rdcolmap.c
+++ /dev/null
@@ -1,253 +0,0 @@
-/*
- * rdcolmap.c
- *
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * This file is part of the Independent JPEG Group's software.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file implements djpeg's "-map file" switch.  It reads a source image
- * and constructs a colormap to be supplied to the JPEG decompressor.
- *
- * Currently, these file formats are supported for the map file:
- *   GIF: the contents of the GIF's global colormap are used.
- *   PPM (either text or raw flavor): the entire file is read and
- *      each unique pixel value is entered in the map.
- * Note that reading a large PPM file will be horrendously slow.
- * Typically, a PPM-format map file should contain just one pixel
- * of each desired color.  Such a file can be extracted from an
- * ordinary image PPM file with ppmtomap(1).
- *
- * Rescaling a PPM that has a maxval unequal to MAXJSAMPLE is not
- * currently implemented.
- */
-
-#include "cdjpeg.h"             /* Common decls for cjpeg/djpeg applications */
-
-#ifdef QUANT_2PASS_SUPPORTED    /* otherwise can't quantize to supplied map */
-
-/* Portions of this code are based on the PBMPLUS library, which is:
-**
-** Copyright (C) 1988 by Jef Poskanzer.
-**
-** Permission to use, copy, modify, and distribute this software and its
-** documentation for any purpose and without fee is hereby granted, provided
-** that the above copyright notice appear in all copies and that both that
-** copyright notice and this permission notice appear in supporting
-** documentation.  This software is provided "as is" without express or
-** implied warranty.
-*/
-
-
-/*
- * Add a (potentially) new color to the color map.
- */
-
-LOCAL(void)
-add_map_entry(j_decompress_ptr cinfo, int R, int G, int B)
-{
-  JSAMPROW colormap0 = cinfo->colormap[0];
-  JSAMPROW colormap1 = cinfo->colormap[1];
-  JSAMPROW colormap2 = cinfo->colormap[2];
-  int ncolors = cinfo->actual_number_of_colors;
-  int index;
-
-  /* Check for duplicate color. */
-  for (index = 0; index < ncolors; index++) {
-    if (colormap0[index] == R && colormap1[index] == G &&
-        colormap2[index] == B)
-      return;                   /* color is already in map */
-  }
-
-  /* Check for map overflow. */
-  if (ncolors >= (MAXJSAMPLE + 1))
-    ERREXIT1(cinfo, JERR_QUANT_MANY_COLORS, (MAXJSAMPLE + 1));
-
-  /* OK, add color to map. */
-  colormap0[ncolors] = (JSAMPLE)R;
-  colormap1[ncolors] = (JSAMPLE)G;
-  colormap2[ncolors] = (JSAMPLE)B;
-  cinfo->actual_number_of_colors++;
-}
-
-
-/*
- * Extract color map from a GIF file.
- */
-
-LOCAL(void)
-read_gif_map(j_decompress_ptr cinfo, FILE *infile)
-{
-  int header[13];
-  int i, colormaplen;
-  int R, G, B;
-
-  /* Initial 'G' has already been read by read_color_map */
-  /* Read the rest of the GIF header and logical screen descriptor */
-  for (i = 1; i < 13; i++) {
-    if ((header[i] = getc(infile)) == EOF)
-      ERREXIT(cinfo, JERR_BAD_CMAP_FILE);
-  }
-
-  /* Verify GIF Header */
-  if (header[1] != 'I' || header[2] != 'F')
-    ERREXIT(cinfo, JERR_BAD_CMAP_FILE);
-
-  /* There must be a global color map. */
-  if ((header[10] & 0x80) == 0)
-    ERREXIT(cinfo, JERR_BAD_CMAP_FILE);
-
-  /* OK, fetch it. */
-  colormaplen = 2 << (header[10] & 0x07);
-
-  for (i = 0; i < colormaplen; i++) {
-    R = getc(infile);
-    G = getc(infile);
-    B = getc(infile);
-    if (R == EOF || G == EOF || B == EOF)
-      ERREXIT(cinfo, JERR_BAD_CMAP_FILE);
-    add_map_entry(cinfo,
-                  R << (BITS_IN_JSAMPLE - 8),
-                  G << (BITS_IN_JSAMPLE - 8),
-                  B << (BITS_IN_JSAMPLE - 8));
-  }
-}
-
-
-/* Support routines for reading PPM */
-
-
-LOCAL(int)
-pbm_getc(FILE *infile)
-/* Read next char, skipping over any comments */
-/* A comment/newline sequence is returned as a newline */
-{
-  register int ch;
-
-  ch = getc(infile);
-  if (ch == '#') {
-    do {
-      ch = getc(infile);
-    } while (ch != '\n' && ch != EOF);
-  }
-  return ch;
-}
-
-
-LOCAL(unsigned int)
-read_pbm_integer(j_decompress_ptr cinfo, FILE *infile)
-/* Read an unsigned decimal integer from the PPM file */
-/* Swallows one trailing character after the integer */
-/* Note that on a 16-bit-int machine, only values up to 64k can be read. */
-/* This should not be a problem in practice. */
-{
-  register int ch;
-  register unsigned int val;
-
-  /* Skip any leading whitespace */
-  do {
-    ch = pbm_getc(infile);
-    if (ch == EOF)
-      ERREXIT(cinfo, JERR_BAD_CMAP_FILE);
-  } while (ch == ' ' || ch == '\t' || ch == '\n' || ch == '\r');
-
-  if (ch < '0' || ch > '9')
-    ERREXIT(cinfo, JERR_BAD_CMAP_FILE);
-
-  val = ch - '0';
-  while ((ch = pbm_getc(infile)) >= '0' && ch <= '9') {
-    val *= 10;
-    val += ch - '0';
-  }
-  return val;
-}
-
-
-/*
- * Extract color map from a PPM file.
- */
-
-LOCAL(void)
-read_ppm_map(j_decompress_ptr cinfo, FILE *infile)
-{
-  int c;
-  unsigned int w, h, maxval, row, col;
-  int R, G, B;
-
-  /* Initial 'P' has already been read by read_color_map */
-  c = getc(infile);             /* save format discriminator for a sec */
-
-  /* while we fetch the remaining header info */
-  w = read_pbm_integer(cinfo, infile);
-  h = read_pbm_integer(cinfo, infile);
-  maxval = read_pbm_integer(cinfo, infile);
-
-  if (w <= 0 || h <= 0 || maxval <= 0) /* error check */
-    ERREXIT(cinfo, JERR_BAD_CMAP_FILE);
-
-  /* For now, we don't support rescaling from an unusual maxval. */
-  if (maxval != (unsigned int)MAXJSAMPLE)
-    ERREXIT(cinfo, JERR_BAD_CMAP_FILE);
-
-  switch (c) {
-  case '3':                     /* it's a text-format PPM file */
-    for (row = 0; row < h; row++) {
-      for (col = 0; col < w; col++) {
-        R = read_pbm_integer(cinfo, infile);
-        G = read_pbm_integer(cinfo, infile);
-        B = read_pbm_integer(cinfo, infile);
-        add_map_entry(cinfo, R, G, B);
-      }
-    }
-    break;
-
-  case '6':                     /* it's a raw-format PPM file */
-    for (row = 0; row < h; row++) {
-      for (col = 0; col < w; col++) {
-        R = getc(infile);
-        G = getc(infile);
-        B = getc(infile);
-        if (R == EOF || G == EOF || B == EOF)
-          ERREXIT(cinfo, JERR_BAD_CMAP_FILE);
-        add_map_entry(cinfo, R, G, B);
-      }
-    }
-    break;
-
-  default:
-    ERREXIT(cinfo, JERR_BAD_CMAP_FILE);
-    break;
-  }
-}
-
-
-/*
- * Main entry point from djpeg.c.
- *  Input: opened input file (from file name argument on command line).
- *  Output: colormap and actual_number_of_colors fields are set in cinfo.
- */
-
-GLOBAL(void)
-read_color_map(j_decompress_ptr cinfo, FILE *infile)
-{
-  /* Allocate space for a color map of maximum supported size. */
-  cinfo->colormap = (*cinfo->mem->alloc_sarray)
-    ((j_common_ptr)cinfo, JPOOL_IMAGE,
-     (JDIMENSION)(MAXJSAMPLE + 1), (JDIMENSION)3);
-  cinfo->actual_number_of_colors = 0; /* initialize map to empty */
-
-  /* Read first byte to determine file format */
-  switch (getc(infile)) {
-  case 'G':
-    read_gif_map(cinfo, infile);
-    break;
-  case 'P':
-    read_ppm_map(cinfo, infile);
-    break;
-  default:
-    ERREXIT(cinfo, JERR_BAD_CMAP_FILE);
-    break;
-  }
-}
-
-#endif /* QUANT_2PASS_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/rdgif.c b/3rdparty/libjpeg-turbo_2_1_0/rdgif.c
deleted file mode 100644
index c814c6b..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/rdgif.c
+++ /dev/null
@@ -1,695 +0,0 @@
-/*
- * rdgif.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1997, Thomas G. Lane.
- * Modified 2019 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2021, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains routines to read input images in GIF format.
- *
- * These routines may need modification for non-Unix environments or
- * specialized applications.  As they stand, they assume input from
- * an ordinary stdio stream.  They further assume that reading begins
- * at the start of the file; start_input may need work if the
- * user interface has already read some data (e.g., to determine that
- * the file is indeed GIF format).
- */
-
-/*
- * This code is loosely based on giftoppm from the PBMPLUS distribution
- * of Feb. 1991.  That file contains the following copyright notice:
- * +-------------------------------------------------------------------+
- * | Copyright 1990, David Koblas.                                     |
- * |   Permission to use, copy, modify, and distribute this software   |
- * |   and its documentation for any purpose and without fee is hereby |
- * |   granted, provided that the above copyright notice appear in all |
- * |   copies and that both that copyright notice and this permission  |
- * |   notice appear in supporting documentation.  This software is    |
- * |   provided "as is" without express or implied warranty.           |
- * +-------------------------------------------------------------------+
- */
-
-#include "cdjpeg.h"             /* Common decls for cjpeg/djpeg applications */
-
-#ifdef GIF_SUPPORTED
-
-
-/* Macros to deal with unsigned chars as efficiently as compiler allows */
-
-typedef unsigned char U_CHAR;
-#define UCH(x)  ((int)(x))
-
-
-#define ReadOK(file, buffer, len) \
-  (JFREAD(file, buffer, len) == ((size_t)(len)))
-
-
-#define MAXCOLORMAPSIZE  256    /* max # of colors in a GIF colormap */
-#define NUMCOLORS        3      /* # of colors */
-#define CM_RED           0      /* color component numbers */
-#define CM_GREEN         1
-#define CM_BLUE          2
-
-#define MAX_LZW_BITS     12     /* maximum LZW code size */
-#define LZW_TABLE_SIZE   (1 << MAX_LZW_BITS) /* # of possible LZW symbols */
-
-/* Macros for extracting header data --- note we assume chars may be signed */
-
-#define LM_to_uint(array, offset) \
-  ((unsigned int)UCH(array[offset]) + \
-   (((unsigned int)UCH(array[offset + 1])) << 8))
-
-#define BitSet(byte, bit)       ((byte) & (bit))
-#define INTERLACE       0x40    /* mask for bit signifying interlaced image */
-#define COLORMAPFLAG    0x80    /* mask for bit signifying colormap presence */
-
-
-/*
- * LZW decompression tables look like this:
- *   symbol_head[K] = prefix symbol of any LZW symbol K (0..LZW_TABLE_SIZE-1)
- *   symbol_tail[K] = suffix byte   of any LZW symbol K (0..LZW_TABLE_SIZE-1)
- * Note that entries 0..end_code of the above tables are not used,
- * since those symbols represent raw bytes or special codes.
- *
- * The stack represents the not-yet-used expansion of the last LZW symbol.
- * In the worst case, a symbol could expand to as many bytes as there are
- * LZW symbols, so we allocate LZW_TABLE_SIZE bytes for the stack.
- * (This is conservative since that number includes the raw-byte symbols.)
- */
-
-
-/* Private version of data source object */
-
-typedef struct {
-  struct cjpeg_source_struct pub; /* public fields */
-
-  j_compress_ptr cinfo;         /* back link saves passing separate parm */
-
-  JSAMPARRAY colormap;          /* GIF colormap (converted to my format) */
-
-  /* State for GetCode and LZWReadByte */
-  U_CHAR code_buf[256 + 4];     /* current input data block */
-  int last_byte;                /* # of bytes in code_buf */
-  int last_bit;                 /* # of bits in code_buf */
-  int cur_bit;                  /* next bit index to read */
-  boolean first_time;           /* flags first call to GetCode */
-  boolean out_of_blocks;        /* TRUE if hit terminator data block */
-
-  int input_code_size;          /* codesize given in GIF file */
-  int clear_code, end_code;     /* values for Clear and End codes */
-
-  int code_size;                /* current actual code size */
-  int limit_code;               /* 2^code_size */
-  int max_code;                 /* first unused code value */
-
-  /* Private state for LZWReadByte */
-  int oldcode;                  /* previous LZW symbol */
-  int firstcode;                /* first byte of oldcode's expansion */
-
-  /* LZW symbol table and expansion stack */
-  UINT16 *symbol_head;          /* => table of prefix symbols */
-  UINT8  *symbol_tail;          /* => table of suffix bytes */
-  UINT8  *symbol_stack;         /* => stack for symbol expansions */
-  UINT8  *sp;                   /* stack pointer */
-
-  /* State for interlaced image processing */
-  boolean is_interlaced;        /* TRUE if have interlaced image */
-  jvirt_sarray_ptr interlaced_image; /* full image in interlaced order */
-  JDIMENSION cur_row_number;    /* need to know actual row number */
-  JDIMENSION pass2_offset;      /* # of pixel rows in pass 1 */
-  JDIMENSION pass3_offset;      /* # of pixel rows in passes 1&2 */
-  JDIMENSION pass4_offset;      /* # of pixel rows in passes 1,2,3 */
-} gif_source_struct;
-
-typedef gif_source_struct *gif_source_ptr;
-
-
-/* Forward declarations */
-METHODDEF(JDIMENSION) get_pixel_rows(j_compress_ptr cinfo,
-                                     cjpeg_source_ptr sinfo);
-METHODDEF(JDIMENSION) load_interlaced_image(j_compress_ptr cinfo,
-                                            cjpeg_source_ptr sinfo);
-METHODDEF(JDIMENSION) get_interlaced_row(j_compress_ptr cinfo,
-                                         cjpeg_source_ptr sinfo);
-
-
-LOCAL(int)
-ReadByte(gif_source_ptr sinfo)
-/* Read next byte from GIF file */
-{
-  register FILE *infile = sinfo->pub.input_file;
-  register int c;
-
-  if ((c = getc(infile)) == EOF)
-    ERREXIT(sinfo->cinfo, JERR_INPUT_EOF);
-  return c;
-}
-
-
-LOCAL(int)
-GetDataBlock(gif_source_ptr sinfo, U_CHAR *buf)
-/* Read a GIF data block, which has a leading count byte */
-/* A zero-length block marks the end of a data block sequence */
-{
-  int count;
-
-  count = ReadByte(sinfo);
-  if (count > 0) {
-    if (!ReadOK(sinfo->pub.input_file, buf, count))
-      ERREXIT(sinfo->cinfo, JERR_INPUT_EOF);
-  }
-  return count;
-}
-
-
-LOCAL(void)
-SkipDataBlocks(gif_source_ptr sinfo)
-/* Skip a series of data blocks, until a block terminator is found */
-{
-  U_CHAR buf[256];
-
-  while (GetDataBlock(sinfo, buf) > 0)
-    /* skip */;
-}
-
-
-LOCAL(void)
-ReInitLZW(gif_source_ptr sinfo)
-/* (Re)initialize LZW state; shared code for startup and Clear processing */
-{
-  sinfo->code_size = sinfo->input_code_size + 1;
-  sinfo->limit_code = sinfo->clear_code << 1;   /* 2^code_size */
-  sinfo->max_code = sinfo->clear_code + 2;      /* first unused code value */
-  sinfo->sp = sinfo->symbol_stack;              /* init stack to empty */
-}
-
-
-LOCAL(void)
-InitLZWCode(gif_source_ptr sinfo)
-/* Initialize for a series of LZWReadByte (and hence GetCode) calls */
-{
-  /* GetCode initialization */
-  sinfo->last_byte = 2;         /* make safe to "recopy last two bytes" */
-  sinfo->code_buf[0] = 0;
-  sinfo->code_buf[1] = 0;
-  sinfo->last_bit = 0;          /* nothing in the buffer */
-  sinfo->cur_bit = 0;           /* force buffer load on first call */
-  sinfo->first_time = TRUE;
-  sinfo->out_of_blocks = FALSE;
-
-  /* LZWReadByte initialization: */
-  /* compute special code values (note that these do not change later) */
-  sinfo->clear_code = 1 << sinfo->input_code_size;
-  sinfo->end_code = sinfo->clear_code + 1;
-  ReInitLZW(sinfo);
-}
-
-
-LOCAL(int)
-GetCode(gif_source_ptr sinfo)
-/* Fetch the next code_size bits from the GIF data */
-/* We assume code_size is less than 16 */
-{
-  register int accum;
-  int offs, count;
-
-  while (sinfo->cur_bit + sinfo->code_size > sinfo->last_bit) {
-    /* Time to reload the buffer */
-    /* First time, share code with Clear case */
-    if (sinfo->first_time) {
-      sinfo->first_time = FALSE;
-      return sinfo->clear_code;
-    }
-    if (sinfo->out_of_blocks) {
-      WARNMS(sinfo->cinfo, JWRN_GIF_NOMOREDATA);
-      return sinfo->end_code;   /* fake something useful */
-    }
-    /* preserve last two bytes of what we have -- assume code_size <= 16 */
-    sinfo->code_buf[0] = sinfo->code_buf[sinfo->last_byte-2];
-    sinfo->code_buf[1] = sinfo->code_buf[sinfo->last_byte-1];
-    /* Load more bytes; set flag if we reach the terminator block */
-    if ((count = GetDataBlock(sinfo, &sinfo->code_buf[2])) == 0) {
-      sinfo->out_of_blocks = TRUE;
-      WARNMS(sinfo->cinfo, JWRN_GIF_NOMOREDATA);
-      return sinfo->end_code;   /* fake something useful */
-    }
-    /* Reset counters */
-    sinfo->cur_bit = (sinfo->cur_bit - sinfo->last_bit) + 16;
-    sinfo->last_byte = 2 + count;
-    sinfo->last_bit = sinfo->last_byte * 8;
-  }
-
-  /* Form up next 24 bits in accum */
-  offs = sinfo->cur_bit >> 3;   /* byte containing cur_bit */
-  accum = UCH(sinfo->code_buf[offs + 2]);
-  accum <<= 8;
-  accum |= UCH(sinfo->code_buf[offs + 1]);
-  accum <<= 8;
-  accum |= UCH(sinfo->code_buf[offs]);
-
-  /* Right-align cur_bit in accum, then mask off desired number of bits */
-  accum >>= (sinfo->cur_bit & 7);
-  sinfo->cur_bit += sinfo->code_size;
-  return accum & ((1 << sinfo->code_size) - 1);
-}
-
-
-LOCAL(int)
-LZWReadByte(gif_source_ptr sinfo)
-/* Read an LZW-compressed byte */
-{
-  register int code;            /* current working code */
-  int incode;                   /* saves actual input code */
-
-  /* If any codes are stacked from a previously read symbol, return them */
-  if (sinfo->sp > sinfo->symbol_stack)
-    return (int)(*(--sinfo->sp));
-
-  /* Time to read a new symbol */
-  code = GetCode(sinfo);
-
-  if (code == sinfo->clear_code) {
-    /* Reinit state, swallow any extra Clear codes, and */
-    /* return next code, which is expected to be a raw byte. */
-    ReInitLZW(sinfo);
-    do {
-      code = GetCode(sinfo);
-    } while (code == sinfo->clear_code);
-    if (code > sinfo->clear_code) { /* make sure it is a raw byte */
-      WARNMS(sinfo->cinfo, JWRN_GIF_BADDATA);
-      code = 0;                 /* use something valid */
-    }
-    /* make firstcode, oldcode valid! */
-    sinfo->firstcode = sinfo->oldcode = code;
-    return code;
-  }
-
-  if (code == sinfo->end_code) {
-    /* Skip the rest of the image, unless GetCode already read terminator */
-    if (!sinfo->out_of_blocks) {
-      SkipDataBlocks(sinfo);
-      sinfo->out_of_blocks = TRUE;
-    }
-    /* Complain that there's not enough data */
-    WARNMS(sinfo->cinfo, JWRN_GIF_ENDCODE);
-    /* Pad data with 0's */
-    return 0;                   /* fake something usable */
-  }
-
-  /* Got normal raw byte or LZW symbol */
-  incode = code;                /* save for a moment */
-
-  if (code >= sinfo->max_code) { /* special case for not-yet-defined symbol */
-    /* code == max_code is OK; anything bigger is bad data */
-    if (code > sinfo->max_code) {
-      WARNMS(sinfo->cinfo, JWRN_GIF_BADDATA);
-      incode = 0;               /* prevent creation of loops in symbol table */
-    }
-    /* this symbol will be defined as oldcode/firstcode */
-    *(sinfo->sp++) = (UINT8)sinfo->firstcode;
-    code = sinfo->oldcode;
-  }
-
-  /* If it's a symbol, expand it into the stack */
-  while (code >= sinfo->clear_code) {
-    *(sinfo->sp++) = sinfo->symbol_tail[code]; /* tail is a byte value */
-    code = sinfo->symbol_head[code]; /* head is another LZW symbol */
-  }
-  /* At this point code just represents a raw byte */
-  sinfo->firstcode = code;      /* save for possible future use */
-
-  /* If there's room in table... */
-  if ((code = sinfo->max_code) < LZW_TABLE_SIZE) {
-    /* Define a new symbol = prev sym + head of this sym's expansion */
-    sinfo->symbol_head[code] = (UINT16)sinfo->oldcode;
-    sinfo->symbol_tail[code] = (UINT8)sinfo->firstcode;
-    sinfo->max_code++;
-    /* Is it time to increase code_size? */
-    if (sinfo->max_code >= sinfo->limit_code &&
-        sinfo->code_size < MAX_LZW_BITS) {
-      sinfo->code_size++;
-      sinfo->limit_code <<= 1;  /* keep equal to 2^code_size */
-    }
-  }
-
-  sinfo->oldcode = incode;      /* save last input symbol for future use */
-  return sinfo->firstcode;      /* return first byte of symbol's expansion */
-}
-
-
-LOCAL(void)
-ReadColorMap(gif_source_ptr sinfo, int cmaplen, JSAMPARRAY cmap)
-/* Read a GIF colormap */
-{
-  int i;
-
-  for (i = 0; i < cmaplen; i++) {
-#if BITS_IN_JSAMPLE == 8
-#define UPSCALE(x)  (x)
-#else
-#define UPSCALE(x)  ((x) << (BITS_IN_JSAMPLE - 8))
-#endif
-    cmap[CM_RED][i]   = (JSAMPLE)UPSCALE(ReadByte(sinfo));
-    cmap[CM_GREEN][i] = (JSAMPLE)UPSCALE(ReadByte(sinfo));
-    cmap[CM_BLUE][i]  = (JSAMPLE)UPSCALE(ReadByte(sinfo));
-  }
-}
-
-
-LOCAL(void)
-DoExtension(gif_source_ptr sinfo)
-/* Process an extension block */
-/* Currently we ignore 'em all */
-{
-  int extlabel;
-
-  /* Read extension label byte */
-  extlabel = ReadByte(sinfo);
-  TRACEMS1(sinfo->cinfo, 1, JTRC_GIF_EXTENSION, extlabel);
-  /* Skip the data block(s) associated with the extension */
-  SkipDataBlocks(sinfo);
-}
-
-
-/*
- * Read the file header; return image size and component count.
- */
-
-METHODDEF(void)
-start_input_gif(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-{
-  gif_source_ptr source = (gif_source_ptr)sinfo;
-  U_CHAR hdrbuf[10];            /* workspace for reading control blocks */
-  unsigned int width, height;   /* image dimensions */
-  int colormaplen, aspectRatio;
-  int c;
-
-  /* Read and verify GIF Header */
-  if (!ReadOK(source->pub.input_file, hdrbuf, 6))
-    ERREXIT(cinfo, JERR_GIF_NOT);
-  if (hdrbuf[0] != 'G' || hdrbuf[1] != 'I' || hdrbuf[2] != 'F')
-    ERREXIT(cinfo, JERR_GIF_NOT);
-  /* Check for expected version numbers.
-   * If unknown version, give warning and try to process anyway;
-   * this is per recommendation in GIF89a standard.
-   */
-  if ((hdrbuf[3] != '8' || hdrbuf[4] != '7' || hdrbuf[5] != 'a') &&
-      (hdrbuf[3] != '8' || hdrbuf[4] != '9' || hdrbuf[5] != 'a'))
-    TRACEMS3(cinfo, 1, JTRC_GIF_BADVERSION, hdrbuf[3], hdrbuf[4], hdrbuf[5]);
-
-  /* Read and decipher Logical Screen Descriptor */
-  if (!ReadOK(source->pub.input_file, hdrbuf, 7))
-    ERREXIT(cinfo, JERR_INPUT_EOF);
-  width = LM_to_uint(hdrbuf, 0);
-  height = LM_to_uint(hdrbuf, 2);
-  if (width == 0 || height == 0)
-    ERREXIT(cinfo, JERR_GIF_EMPTY);
-#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
-  if (sinfo->max_pixels &&
-      (unsigned long long)width * height > sinfo->max_pixels)
-    ERREXIT(cinfo, JERR_WIDTH_OVERFLOW);
-#endif
-  /* we ignore the color resolution, sort flag, and background color index */
-  aspectRatio = UCH(hdrbuf[6]);
-  if (aspectRatio != 0 && aspectRatio != 49)
-    TRACEMS(cinfo, 1, JTRC_GIF_NONSQUARE);
-
-  /* Allocate space to store the colormap */
-  source->colormap = (*cinfo->mem->alloc_sarray)
-    ((j_common_ptr)cinfo, JPOOL_IMAGE, (JDIMENSION)MAXCOLORMAPSIZE,
-     (JDIMENSION)NUMCOLORS);
-  colormaplen = 0;              /* indicate initialization */
-
-  /* Read global colormap if header indicates it is present */
-  if (BitSet(hdrbuf[4], COLORMAPFLAG)) {
-    colormaplen = 2 << (hdrbuf[4] & 0x07);
-    ReadColorMap(source, colormaplen, source->colormap);
-  }
-
-  /* Scan until we reach start of desired image.
-   * We don't currently support skipping images, but could add it easily.
-   */
-  for (;;) {
-    c = ReadByte(source);
-
-    if (c == ';')               /* GIF terminator?? */
-      ERREXIT(cinfo, JERR_GIF_IMAGENOTFOUND);
-
-    if (c == '!') {             /* Extension */
-      DoExtension(source);
-      continue;
-    }
-
-    if (c != ',') {             /* Not an image separator? */
-      WARNMS1(cinfo, JWRN_GIF_CHAR, c);
-      continue;
-    }
-
-    /* Read and decipher Local Image Descriptor */
-    if (!ReadOK(source->pub.input_file, hdrbuf, 9))
-      ERREXIT(cinfo, JERR_INPUT_EOF);
-    /* we ignore top/left position info, also sort flag */
-    width = LM_to_uint(hdrbuf, 4);
-    height = LM_to_uint(hdrbuf, 6);
-    if (width == 0 || height == 0)
-      ERREXIT(cinfo, JERR_GIF_EMPTY);
-#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
-    if (sinfo->max_pixels &&
-        (unsigned long long)width * height > sinfo->max_pixels)
-      ERREXIT(cinfo, JERR_WIDTH_OVERFLOW);
-#endif
-    source->is_interlaced = (BitSet(hdrbuf[8], INTERLACE) != 0);
-
-    /* Read local colormap if header indicates it is present */
-    /* Note: if we wanted to support skipping images, */
-    /* we'd need to skip rather than read colormap for ignored images */
-    if (BitSet(hdrbuf[8], COLORMAPFLAG)) {
-      colormaplen = 2 << (hdrbuf[8] & 0x07);
-      ReadColorMap(source, colormaplen, source->colormap);
-    }
-
-    source->input_code_size = ReadByte(source); /* get min-code-size byte */
-    if (source->input_code_size < 2 || source->input_code_size > 8)
-      ERREXIT1(cinfo, JERR_GIF_CODESIZE, source->input_code_size);
-
-    /* Reached desired image, so break out of loop */
-    /* If we wanted to skip this image, */
-    /* we'd call SkipDataBlocks and then continue the loop */
-    break;
-  }
-
-  /* Prepare to read selected image: first initialize LZW decompressor */
-  source->symbol_head = (UINT16 *)
-    (*cinfo->mem->alloc_large) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                LZW_TABLE_SIZE * sizeof(UINT16));
-  source->symbol_tail = (UINT8 *)
-    (*cinfo->mem->alloc_large) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                LZW_TABLE_SIZE * sizeof(UINT8));
-  source->symbol_stack = (UINT8 *)
-    (*cinfo->mem->alloc_large) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                LZW_TABLE_SIZE * sizeof(UINT8));
-  InitLZWCode(source);
-
-  /*
-   * If image is interlaced, we read it into a full-size sample array,
-   * decompressing as we go; then get_interlaced_row selects rows from the
-   * sample array in the proper order.
-   */
-  if (source->is_interlaced) {
-    /* We request the virtual array now, but can't access it until virtual
-     * arrays have been allocated.  Hence, the actual work of reading the
-     * image is postponed until the first call to get_pixel_rows.
-     */
-    source->interlaced_image = (*cinfo->mem->request_virt_sarray)
-      ((j_common_ptr)cinfo, JPOOL_IMAGE, FALSE,
-       (JDIMENSION)width, (JDIMENSION)height, (JDIMENSION)1);
-    if (cinfo->progress != NULL) {
-      cd_progress_ptr progress = (cd_progress_ptr)cinfo->progress;
-      progress->total_extra_passes++; /* count file input as separate pass */
-    }
-    source->pub.get_pixel_rows = load_interlaced_image;
-  } else {
-    source->pub.get_pixel_rows = get_pixel_rows;
-  }
-
-  /* Create compressor input buffer. */
-  source->pub.buffer = (*cinfo->mem->alloc_sarray)
-    ((j_common_ptr)cinfo, JPOOL_IMAGE, (JDIMENSION)width * NUMCOLORS,
-     (JDIMENSION)1);
-  source->pub.buffer_height = 1;
-
-  /* Pad colormap for safety. */
-  for (c = colormaplen; c < source->clear_code; c++) {
-    source->colormap[CM_RED][c]   =
-    source->colormap[CM_GREEN][c] =
-    source->colormap[CM_BLUE][c]  = CENTERJSAMPLE;
-  }
-
-  /* Return info about the image. */
-  cinfo->in_color_space = JCS_RGB;
-  cinfo->input_components = NUMCOLORS;
-  cinfo->data_precision = BITS_IN_JSAMPLE; /* we always rescale data to this */
-  cinfo->image_width = width;
-  cinfo->image_height = height;
-
-  TRACEMS3(cinfo, 1, JTRC_GIF, width, height, colormaplen);
-}
-
-
-/*
- * Read one row of pixels.
- * This version is used for noninterlaced GIF images:
- * we read directly from the GIF file.
- */
-
-METHODDEF(JDIMENSION)
-get_pixel_rows(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-{
-  gif_source_ptr source = (gif_source_ptr)sinfo;
-  register int c;
-  register JSAMPROW ptr;
-  register JDIMENSION col;
-  register JSAMPARRAY colormap = source->colormap;
-
-  ptr = source->pub.buffer[0];
-  for (col = cinfo->image_width; col > 0; col--) {
-    c = LZWReadByte(source);
-    *ptr++ = colormap[CM_RED][c];
-    *ptr++ = colormap[CM_GREEN][c];
-    *ptr++ = colormap[CM_BLUE][c];
-  }
-  return 1;
-}
-
-
-/*
- * Read one row of pixels.
- * This version is used for the first call on get_pixel_rows when
- * reading an interlaced GIF file: we read the whole image into memory.
- */
-
-METHODDEF(JDIMENSION)
-load_interlaced_image(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-{
-  gif_source_ptr source = (gif_source_ptr)sinfo;
-  register JSAMPROW sptr;
-  register JDIMENSION col;
-  JDIMENSION row;
-  cd_progress_ptr progress = (cd_progress_ptr)cinfo->progress;
-
-  /* Read the interlaced image into the virtual array we've created. */
-  for (row = 0; row < cinfo->image_height; row++) {
-    if (progress != NULL) {
-      progress->pub.pass_counter = (long)row;
-      progress->pub.pass_limit = (long)cinfo->image_height;
-      (*progress->pub.progress_monitor) ((j_common_ptr)cinfo);
-    }
-    sptr = *(*cinfo->mem->access_virt_sarray)
-      ((j_common_ptr)cinfo, source->interlaced_image, row, (JDIMENSION)1,
-       TRUE);
-    for (col = cinfo->image_width; col > 0; col--) {
-      *sptr++ = (JSAMPLE)LZWReadByte(source);
-    }
-  }
-  if (progress != NULL)
-    progress->completed_extra_passes++;
-
-  /* Replace method pointer so subsequent calls don't come here. */
-  source->pub.get_pixel_rows = get_interlaced_row;
-  /* Initialize for get_interlaced_row, and perform first call on it. */
-  source->cur_row_number = 0;
-  source->pass2_offset = (cinfo->image_height + 7) / 8;
-  source->pass3_offset = source->pass2_offset + (cinfo->image_height + 3) / 8;
-  source->pass4_offset = source->pass3_offset + (cinfo->image_height + 1) / 4;
-
-  return get_interlaced_row(cinfo, sinfo);
-}
-
-
-/*
- * Read one row of pixels.
- * This version is used for interlaced GIF images:
- * we read from the virtual array.
- */
-
-METHODDEF(JDIMENSION)
-get_interlaced_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-{
-  gif_source_ptr source = (gif_source_ptr)sinfo;
-  register int c;
-  register JSAMPROW sptr, ptr;
-  register JDIMENSION col;
-  register JSAMPARRAY colormap = source->colormap;
-  JDIMENSION irow;
-
-  /* Figure out which row of interlaced image is needed, and access it. */
-  switch ((int)(source->cur_row_number & 7)) {
-  case 0:                       /* first-pass row */
-    irow = source->cur_row_number >> 3;
-    break;
-  case 4:                       /* second-pass row */
-    irow = (source->cur_row_number >> 3) + source->pass2_offset;
-    break;
-  case 2:                       /* third-pass row */
-  case 6:
-    irow = (source->cur_row_number >> 2) + source->pass3_offset;
-    break;
-  default:                      /* fourth-pass row */
-    irow = (source->cur_row_number >> 1) + source->pass4_offset;
-  }
-  sptr = *(*cinfo->mem->access_virt_sarray)
-    ((j_common_ptr)cinfo, source->interlaced_image, irow, (JDIMENSION)1,
-     FALSE);
-  /* Scan the row, expand colormap, and output */
-  ptr = source->pub.buffer[0];
-  for (col = cinfo->image_width; col > 0; col--) {
-    c = *sptr++;
-    *ptr++ = colormap[CM_RED][c];
-    *ptr++ = colormap[CM_GREEN][c];
-    *ptr++ = colormap[CM_BLUE][c];
-  }
-  source->cur_row_number++;     /* for next time */
-  return 1;
-}
-
-
-/*
- * Finish up at the end of the file.
- */
-
-METHODDEF(void)
-finish_input_gif(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-{
-  /* no work */
-}
-
-
-/*
- * The module selection routine for GIF format input.
- */
-
-GLOBAL(cjpeg_source_ptr)
-jinit_read_gif(j_compress_ptr cinfo)
-{
-  gif_source_ptr source;
-
-  /* Create module interface object */
-  source = (gif_source_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(gif_source_struct));
-  source->cinfo = cinfo;        /* make back link for subroutines */
-  /* Fill in method ptrs, except get_pixel_rows which start_input sets */
-  source->pub.start_input = start_input_gif;
-  source->pub.finish_input = finish_input_gif;
-#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
-  source->pub.max_pixels = 0;
-#endif
-
-  return (cjpeg_source_ptr)source;
-}
-
-#endif /* GIF_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/rdjpgcom.1 b/3rdparty/libjpeg-turbo_2_1_0/rdjpgcom.1
deleted file mode 100644
index 97611df..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/rdjpgcom.1
+++ /dev/null
@@ -1,63 +0,0 @@
-.TH RDJPGCOM 1 "02 April 2009"
-.SH NAME
-rdjpgcom \- display text comments from a JPEG file
-.SH SYNOPSIS
-.B rdjpgcom
-[
-.B \-raw
-]
-[
-.B \-verbose
-]
-[
-.I filename
-]
-.LP
-.SH DESCRIPTION
-.LP
-.B rdjpgcom
-reads the named JPEG/JFIF file, or the standard input if no file is named,
-and prints any text comments found in the file on the standard output.
-.PP
-The JPEG standard allows "comment" (COM) blocks to occur within a JPEG file.
-Although the standard doesn't actually define what COM blocks are for, they
-are widely used to hold user-supplied text strings.  This lets you add
-annotations, titles, index terms, etc to your JPEG files, and later retrieve
-them as text.  COM blocks do not interfere with the image stored in the JPEG
-file.  The maximum size of a COM block is 64K, but you can have as many of
-them as you like in one JPEG file.
-.SH OPTIONS
-.TP
-.B \-raw
-Normally
-.B rdjpgcom
-escapes non-printable characters in comments, for security reasons.
-This option avoids that.
-.PP
-.B \-verbose
-Causes
-.B rdjpgcom
-to also display the JPEG image dimensions.
-.PP
-Switch names may be abbreviated, and are not case sensitive.
-.SH HINTS
-.B rdjpgcom
-does not depend on the IJG JPEG library.  Its source code is intended as an
-illustration of the minimum amount of code required to parse a JPEG file
-header correctly.
-.PP
-In
-.B \-verbose
-mode,
-.B rdjpgcom
-will also attempt to print the contents of any "APP12" markers as text.
-Some digital cameras produce APP12 markers containing useful textual
-information.  If you like, you can modify the source code to print
-other APPn marker types as well.
-.SH SEE ALSO
-.BR cjpeg (1),
-.BR djpeg (1),
-.BR jpegtran (1),
-.BR wrjpgcom (1)
-.SH AUTHOR
-Independent JPEG Group
diff --git a/3rdparty/libjpeg-turbo_2_1_0/rdjpgcom.c b/3rdparty/libjpeg-turbo_2_1_0/rdjpgcom.c
deleted file mode 100644
index 620270e..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/rdjpgcom.c
+++ /dev/null
@@ -1,510 +0,0 @@
-/*
- * rdjpgcom.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1997, Thomas G. Lane.
- * Modified 2009 by Bill Allombert, Guido Vollbeding.
- * It was modified by The libjpeg-turbo Project to include only code relevant
- * to libjpeg-turbo.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains a very simple stand-alone application that displays
- * the text in COM (comment) markers in a JFIF file.
- * This may be useful as an example of the minimum logic needed to parse
- * JPEG markers.
- */
-
-#define JPEG_CJPEG_DJPEG        /* to get the command-line config symbols */
-#include "jinclude.h"           /* get auto-config symbols, <stdio.h> */
-
-#ifdef HAVE_LOCALE_H
-#include <locale.h>             /* Bill Allombert: use locale for isprint */
-#endif
-#include <ctype.h>              /* to declare isupper(), tolower() */
-#ifdef USE_SETMODE
-#include <fcntl.h>              /* to declare setmode()'s parameter macros */
-/* If you have setmode() but not <io.h>, just delete this line: */
-#include <io.h>                 /* to declare setmode() */
-#endif
-
-#ifdef USE_CCOMMAND             /* command-line reader for Macintosh */
-#ifdef __MWERKS__
-#include <SIOUX.h>              /* Metrowerks needs this */
-#include <console.h>            /* ... and this */
-#endif
-#ifdef THINK_C
-#include <console.h>            /* Think declares it here */
-#endif
-#endif
-
-#ifdef DONT_USE_B_MODE          /* define mode parameters for fopen() */
-#define READ_BINARY     "r"
-#else
-#define READ_BINARY     "rb"
-#endif
-
-#ifndef EXIT_FAILURE            /* define exit() codes if not provided */
-#define EXIT_FAILURE  1
-#endif
-#ifndef EXIT_SUCCESS
-#define EXIT_SUCCESS  0
-#endif
-
-
-/*
- * These macros are used to read the input file.
- * To reuse this code in another application, you might need to change these.
- */
-
-static FILE *infile;            /* input JPEG file */
-
-/* Return next input byte, or EOF if no more */
-#define NEXTBYTE()  getc(infile)
-
-
-/* Error exit handler */
-#define ERREXIT(msg)  (fprintf(stderr, "%s\n", msg), exit(EXIT_FAILURE))
-
-
-/* Read one byte, testing for EOF */
-static int
-read_1_byte(void)
-{
-  int c;
-
-  c = NEXTBYTE();
-  if (c == EOF)
-    ERREXIT("Premature EOF in JPEG file");
-  return c;
-}
-
-/* Read 2 bytes, convert to unsigned int */
-/* All 2-byte quantities in JPEG markers are MSB first */
-static unsigned int
-read_2_bytes(void)
-{
-  int c1, c2;
-
-  c1 = NEXTBYTE();
-  if (c1 == EOF)
-    ERREXIT("Premature EOF in JPEG file");
-  c2 = NEXTBYTE();
-  if (c2 == EOF)
-    ERREXIT("Premature EOF in JPEG file");
-  return (((unsigned int)c1) << 8) + ((unsigned int)c2);
-}
-
-
-/*
- * JPEG markers consist of one or more 0xFF bytes, followed by a marker
- * code byte (which is not an FF).  Here are the marker codes of interest
- * in this program.  (See jdmarker.c for a more complete list.)
- */
-
-#define M_SOF0   0xC0           /* Start Of Frame N */
-#define M_SOF1   0xC1           /* N indicates which compression process */
-#define M_SOF2   0xC2           /* Only SOF0-SOF2 are now in common use */
-#define M_SOF3   0xC3
-#define M_SOF5   0xC5           /* NB: codes C4 and CC are NOT SOF markers */
-#define M_SOF6   0xC6
-#define M_SOF7   0xC7
-#define M_SOF9   0xC9
-#define M_SOF10  0xCA
-#define M_SOF11  0xCB
-#define M_SOF13  0xCD
-#define M_SOF14  0xCE
-#define M_SOF15  0xCF
-#define M_SOI    0xD8           /* Start Of Image (beginning of datastream) */
-#define M_EOI    0xD9           /* End Of Image (end of datastream) */
-#define M_SOS    0xDA           /* Start Of Scan (begins compressed data) */
-#define M_APP12  0xEC           /* (we don't bother to list all 16 APPn's) */
-#define M_COM    0xFE           /* COMment */
-
-
-/*
- * Find the next JPEG marker and return its marker code.
- * We expect at least one FF byte, possibly more if the compressor used FFs
- * to pad the file.
- * There could also be non-FF garbage between markers.  The treatment of such
- * garbage is unspecified; we choose to skip over it but emit a warning msg.
- * NB: this routine must not be used after seeing SOS marker, since it will
- * not deal correctly with FF/00 sequences in the compressed image data...
- */
-
-static int
-next_marker(void)
-{
-  int c;
-  int discarded_bytes = 0;
-
-  /* Find 0xFF byte; count and skip any non-FFs. */
-  c = read_1_byte();
-  while (c != 0xFF) {
-    discarded_bytes++;
-    c = read_1_byte();
-  }
-  /* Get marker code byte, swallowing any duplicate FF bytes.  Extra FFs
-   * are legal as pad bytes, so don't count them in discarded_bytes.
-   */
-  do {
-    c = read_1_byte();
-  } while (c == 0xFF);
-
-  if (discarded_bytes != 0) {
-    fprintf(stderr, "Warning: garbage data found in JPEG file\n");
-  }
-
-  return c;
-}
-
-
-/*
- * Read the initial marker, which should be SOI.
- * For a JFIF file, the first two bytes of the file should be literally
- * 0xFF M_SOI.  To be more general, we could use next_marker, but if the
- * input file weren't actually JPEG at all, next_marker might read the whole
- * file and then return a misleading error message...
- */
-
-static int
-first_marker(void)
-{
-  int c1, c2;
-
-  c1 = NEXTBYTE();
-  c2 = NEXTBYTE();
-  if (c1 != 0xFF || c2 != M_SOI)
-    ERREXIT("Not a JPEG file");
-  return c2;
-}
-
-
-/*
- * Most types of marker are followed by a variable-length parameter segment.
- * This routine skips over the parameters for any marker we don't otherwise
- * want to process.
- * Note that we MUST skip the parameter segment explicitly in order not to
- * be fooled by 0xFF bytes that might appear within the parameter segment;
- * such bytes do NOT introduce new markers.
- */
-
-static void
-skip_variable(void)
-/* Skip over an unknown or uninteresting variable-length marker */
-{
-  unsigned int length;
-
-  /* Get the marker parameter length count */
-  length = read_2_bytes();
-  /* Length includes itself, so must be at least 2 */
-  if (length < 2)
-    ERREXIT("Erroneous JPEG marker length");
-  length -= 2;
-  /* Skip over the remaining bytes */
-  while (length > 0) {
-    (void)read_1_byte();
-    length--;
-  }
-}
-
-
-/*
- * Process a COM marker.
- * We want to print out the marker contents as legible text;
- * we must guard against non-text junk and varying newline representations.
- */
-
-static void
-process_COM(int raw)
-{
-  unsigned int length;
-  int ch;
-  int lastch = 0;
-
-  /* Bill Allombert: set locale properly for isprint */
-#ifdef HAVE_LOCALE_H
-  setlocale(LC_CTYPE, "");
-#endif
-
-  /* Get the marker parameter length count */
-  length = read_2_bytes();
-  /* Length includes itself, so must be at least 2 */
-  if (length < 2)
-    ERREXIT("Erroneous JPEG marker length");
-  length -= 2;
-
-  while (length > 0) {
-    ch = read_1_byte();
-    if (raw) {
-      putc(ch, stdout);
-    /* Emit the character in a readable form.
-     * Nonprintables are converted to \nnn form,
-     * while \ is converted to \\.
-     * Newlines in CR, CR/LF, or LF form will be printed as one newline.
-     */
-    } else if (ch == '\r') {
-      printf("\n");
-    } else if (ch == '\n') {
-      if (lastch != '\r')
-        printf("\n");
-    } else if (ch == '\\') {
-      printf("\\\\");
-    } else if (isprint(ch)) {
-      putc(ch, stdout);
-    } else {
-      printf("\\%03o", ch);
-    }
-    lastch = ch;
-    length--;
-  }
-  printf("\n");
-
-  /* Bill Allombert: revert to C locale */
-#ifdef HAVE_LOCALE_H
-  setlocale(LC_CTYPE, "C");
-#endif
-}
-
-
-/*
- * Process a SOFn marker.
- * This code is only needed if you want to know the image dimensions...
- */
-
-static void
-process_SOFn(int marker)
-{
-  unsigned int length;
-  unsigned int image_height, image_width;
-  int data_precision, num_components;
-  const char *process;
-  int ci;
-
-  length = read_2_bytes();      /* usual parameter length count */
-
-  data_precision = read_1_byte();
-  image_height = read_2_bytes();
-  image_width = read_2_bytes();
-  num_components = read_1_byte();
-
-  switch (marker) {
-  case M_SOF0:  process = "Baseline";  break;
-  case M_SOF1:  process = "Extended sequential";  break;
-  case M_SOF2:  process = "Progressive";  break;
-  case M_SOF3:  process = "Lossless";  break;
-  case M_SOF5:  process = "Differential sequential";  break;
-  case M_SOF6:  process = "Differential progressive";  break;
-  case M_SOF7:  process = "Differential lossless";  break;
-  case M_SOF9:  process = "Extended sequential, arithmetic coding";  break;
-  case M_SOF10: process = "Progressive, arithmetic coding";  break;
-  case M_SOF11: process = "Lossless, arithmetic coding";  break;
-  case M_SOF13: process = "Differential sequential, arithmetic coding";  break;
-  case M_SOF14:
-    process = "Differential progressive, arithmetic coding";  break;
-  case M_SOF15: process = "Differential lossless, arithmetic coding";  break;
-  default:      process = "Unknown";  break;
-  }
-
-  printf("JPEG image is %uw * %uh, %d color components, %d bits per sample\n",
-         image_width, image_height, num_components, data_precision);
-  printf("JPEG process: %s\n", process);
-
-  if (length != (unsigned int)(8 + num_components * 3))
-    ERREXIT("Bogus SOF marker length");
-
-  for (ci = 0; ci < num_components; ci++) {
-    (void)read_1_byte();        /* Component ID code */
-    (void)read_1_byte();        /* H, V sampling factors */
-    (void)read_1_byte();        /* Quantization table number */
-  }
-}
-
-
-/*
- * Parse the marker stream until SOS or EOI is seen;
- * display any COM markers.
- * While the companion program wrjpgcom will always insert COM markers before
- * SOFn, other implementations might not, so we scan to SOS before stopping.
- * If we were only interested in the image dimensions, we would stop at SOFn.
- * (Conversely, if we only cared about COM markers, there would be no need
- * for special code to handle SOFn; we could treat it like other markers.)
- */
-
-static int
-scan_JPEG_header(int verbose, int raw)
-{
-  int marker;
-
-  /* Expect SOI at start of file */
-  if (first_marker() != M_SOI)
-    ERREXIT("Expected SOI marker first");
-
-  /* Scan miscellaneous markers until we reach SOS. */
-  for (;;) {
-    marker = next_marker();
-    switch (marker) {
-      /* Note that marker codes 0xC4, 0xC8, 0xCC are not, and must not be,
-       * treated as SOFn.  C4 in particular is actually DHT.
-       */
-    case M_SOF0:                /* Baseline */
-    case M_SOF1:                /* Extended sequential, Huffman */
-    case M_SOF2:                /* Progressive, Huffman */
-    case M_SOF3:                /* Lossless, Huffman */
-    case M_SOF5:                /* Differential sequential, Huffman */
-    case M_SOF6:                /* Differential progressive, Huffman */
-    case M_SOF7:                /* Differential lossless, Huffman */
-    case M_SOF9:                /* Extended sequential, arithmetic */
-    case M_SOF10:               /* Progressive, arithmetic */
-    case M_SOF11:               /* Lossless, arithmetic */
-    case M_SOF13:               /* Differential sequential, arithmetic */
-    case M_SOF14:               /* Differential progressive, arithmetic */
-    case M_SOF15:               /* Differential lossless, arithmetic */
-      if (verbose)
-        process_SOFn(marker);
-      else
-        skip_variable();
-      break;
-
-    case M_SOS:                 /* stop before hitting compressed data */
-      return marker;
-
-    case M_EOI:                 /* in case it's a tables-only JPEG stream */
-      return marker;
-
-    case M_COM:
-      process_COM(raw);
-      break;
-
-    case M_APP12:
-      /* Some digital camera makers put useful textual information into
-       * APP12 markers, so we print those out too when in -verbose mode.
-       */
-      if (verbose) {
-        printf("APP12 contains:\n");
-        process_COM(raw);
-      } else
-        skip_variable();
-      break;
-
-    default:                    /* Anything else just gets skipped */
-      skip_variable();          /* we assume it has a parameter count... */
-      break;
-    }
-  } /* end loop */
-}
-
-
-/* Command line parsing code */
-
-static const char *progname;    /* program name for error messages */
-
-
-static void
-usage(void)
-/* complain about bad command line */
-{
-  fprintf(stderr, "rdjpgcom displays any textual comments in a JPEG file.\n");
-
-  fprintf(stderr, "Usage: %s [switches] [inputfile]\n", progname);
-
-  fprintf(stderr, "Switches (names may be abbreviated):\n");
-  fprintf(stderr, "  -raw        Display non-printable characters in comments (unsafe)\n");
-  fprintf(stderr, "  -verbose    Also display dimensions of JPEG image\n");
-
-  exit(EXIT_FAILURE);
-}
-
-
-static int
-keymatch(char *arg, const char *keyword, int minchars)
-/* Case-insensitive matching of (possibly abbreviated) keyword switches. */
-/* keyword is the constant keyword (must be lower case already), */
-/* minchars is length of minimum legal abbreviation. */
-{
-  register int ca, ck;
-  register int nmatched = 0;
-
-  while ((ca = *arg++) != '\0') {
-    if ((ck = *keyword++) == '\0')
-      return 0;                 /* arg longer than keyword, no good */
-    if (isupper(ca))            /* force arg to lcase (assume ck is already) */
-      ca = tolower(ca);
-    if (ca != ck)
-      return 0;                 /* no good */
-    nmatched++;                 /* count matched characters */
-  }
-  /* reached end of argument; fail if it's too short for unique abbrev */
-  if (nmatched < minchars)
-    return 0;
-  return 1;                     /* A-OK */
-}
-
-
-/*
- * The main program.
- */
-
-int
-main(int argc, char **argv)
-{
-  int argn;
-  char *arg;
-  int verbose = 0, raw = 0;
-
-  /* On Mac, fetch a command line. */
-#ifdef USE_CCOMMAND
-  argc = ccommand(&argv);
-#endif
-
-  progname = argv[0];
-  if (progname == NULL || progname[0] == 0)
-    progname = "rdjpgcom";      /* in case C library doesn't provide it */
-
-  /* Parse switches, if any */
-  for (argn = 1; argn < argc; argn++) {
-    arg = argv[argn];
-    if (arg[0] != '-')
-      break;                    /* not switch, must be file name */
-    arg++;                      /* advance over '-' */
-    if (keymatch(arg, "verbose", 1)) {
-      verbose++;
-    } else if (keymatch(arg, "raw", 1)) {
-      raw = 1;
-    } else
-      usage();
-  }
-
-  /* Open the input file. */
-  /* Unix style: expect zero or one file name */
-  if (argn < argc - 1) {
-    fprintf(stderr, "%s: only one input file\n", progname);
-    usage();
-  }
-  if (argn < argc) {
-    if ((infile = fopen(argv[argn], READ_BINARY)) == NULL) {
-      fprintf(stderr, "%s: can't open %s\n", progname, argv[argn]);
-      exit(EXIT_FAILURE);
-    }
-  } else {
-    /* default input file is stdin */
-#ifdef USE_SETMODE              /* need to hack file mode? */
-    setmode(fileno(stdin), O_BINARY);
-#endif
-#ifdef USE_FDOPEN               /* need to re-open in binary mode? */
-    if ((infile = fdopen(fileno(stdin), READ_BINARY)) == NULL) {
-      fprintf(stderr, "%s: can't open stdin\n", progname);
-      exit(EXIT_FAILURE);
-    }
-#else
-    infile = stdin;
-#endif
-  }
-
-  /* Scan the JPEG headers. */
-  (void)scan_JPEG_header(verbose, raw);
-
-  /* All done. */
-  exit(EXIT_SUCCESS);
-  return 0;                     /* suppress no-return-value warnings */
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/rdppm.c b/3rdparty/libjpeg-turbo_2_1_0/rdppm.c
deleted file mode 100644
index 9699ca5..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/rdppm.c
+++ /dev/null
@@ -1,779 +0,0 @@
-/*
- * rdppm.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1997, Thomas G. Lane.
- * Modified 2009 by Bill Allombert, Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2015-2017, 2020-2021, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains routines to read input images in PPM/PGM format.
- * The extended 2-byte-per-sample raw PPM/PGM formats are supported.
- * The PBMPLUS library is NOT required to compile this software
- * (but it is highly useful as a set of PPM image manipulation programs).
- *
- * These routines may need modification for non-Unix environments or
- * specialized applications.  As they stand, they assume input from
- * an ordinary stdio stream.  They further assume that reading begins
- * at the start of the file; start_input may need work if the
- * user interface has already read some data (e.g., to determine that
- * the file is indeed PPM format).
- */
-
-#include "cmyk.h"
-#include "cdjpeg.h"             /* Common decls for cjpeg/djpeg applications */
-
-#ifdef PPM_SUPPORTED
-
-
-/* Portions of this code are based on the PBMPLUS library, which is:
-**
-** Copyright (C) 1988 by Jef Poskanzer.
-**
-** Permission to use, copy, modify, and distribute this software and its
-** documentation for any purpose and without fee is hereby granted, provided
-** that the above copyright notice appear in all copies and that both that
-** copyright notice and this permission notice appear in supporting
-** documentation.  This software is provided "as is" without express or
-** implied warranty.
-*/
-
-
-/* Macros to deal with unsigned chars as efficiently as compiler allows */
-
-typedef unsigned char U_CHAR;
-#define UCH(x)  ((int)(x))
-
-
-#define ReadOK(file, buffer, len) \
-  (JFREAD(file, buffer, len) == ((size_t)(len)))
-
-static int alpha_index[JPEG_NUMCS] = {
-  -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 3, 3, 0, 0, -1
-};
-
-
-/* Private version of data source object */
-
-typedef struct {
-  struct cjpeg_source_struct pub; /* public fields */
-
-  /* Usually these two pointers point to the same place: */
-  U_CHAR *iobuffer;             /* fread's I/O buffer */
-  JSAMPROW pixrow;              /* compressor input buffer */
-  size_t buffer_width;          /* width of I/O buffer */
-  JSAMPLE *rescale;             /* => maxval-remapping array, or NULL */
-  unsigned int maxval;
-} ppm_source_struct;
-
-typedef ppm_source_struct *ppm_source_ptr;
-
-
-LOCAL(int)
-pbm_getc(FILE *infile)
-/* Read next char, skipping over any comments */
-/* A comment/newline sequence is returned as a newline */
-{
-  register int ch;
-
-  ch = getc(infile);
-  if (ch == '#') {
-    do {
-      ch = getc(infile);
-    } while (ch != '\n' && ch != EOF);
-  }
-  return ch;
-}
-
-
-LOCAL(unsigned int)
-read_pbm_integer(j_compress_ptr cinfo, FILE *infile, unsigned int maxval)
-/* Read an unsigned decimal integer from the PPM file */
-/* Swallows one trailing character after the integer */
-/* Note that on a 16-bit-int machine, only values up to 64k can be read. */
-/* This should not be a problem in practice. */
-{
-  register int ch;
-  register unsigned int val;
-
-  /* Skip any leading whitespace */
-  do {
-    ch = pbm_getc(infile);
-    if (ch == EOF)
-      ERREXIT(cinfo, JERR_INPUT_EOF);
-  } while (ch == ' ' || ch == '\t' || ch == '\n' || ch == '\r');
-
-  if (ch < '0' || ch > '9')
-    ERREXIT(cinfo, JERR_PPM_NONNUMERIC);
-
-  val = ch - '0';
-  while ((ch = pbm_getc(infile)) >= '0' && ch <= '9') {
-    val *= 10;
-    val += ch - '0';
-    if (val > maxval)
-      ERREXIT(cinfo, JERR_PPM_OUTOFRANGE);
-  }
-
-  return val;
-}
-
-
-/*
- * Read one row of pixels.
- *
- * We provide several different versions depending on input file format.
- * In all cases, input is scaled to the size of JSAMPLE.
- *
- * A really fast path is provided for reading byte/sample raw files with
- * maxval = MAXJSAMPLE, which is the normal case for 8-bit data.
- */
-
-
-METHODDEF(JDIMENSION)
-get_text_gray_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-/* This version is for reading text-format PGM files with any maxval */
-{
-  ppm_source_ptr source = (ppm_source_ptr)sinfo;
-  FILE *infile = source->pub.input_file;
-  register JSAMPROW ptr;
-  register JSAMPLE *rescale = source->rescale;
-  JDIMENSION col;
-  unsigned int maxval = source->maxval;
-
-  ptr = source->pub.buffer[0];
-  for (col = cinfo->image_width; col > 0; col--) {
-    *ptr++ = rescale[read_pbm_integer(cinfo, infile, maxval)];
-  }
-  return 1;
-}
-
-
-#define GRAY_RGB_READ_LOOP(read_op, alpha_set_op) { \
-  for (col = cinfo->image_width; col > 0; col--) { \
-    ptr[rindex] = ptr[gindex] = ptr[bindex] = read_op; \
-    alpha_set_op \
-    ptr += ps; \
-  } \
-}
-
-METHODDEF(JDIMENSION)
-get_text_gray_rgb_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-/* This version is for reading text-format PGM files with any maxval and
-   converting to extended RGB */
-{
-  ppm_source_ptr source = (ppm_source_ptr)sinfo;
-  FILE *infile = source->pub.input_file;
-  register JSAMPROW ptr;
-  register JSAMPLE *rescale = source->rescale;
-  JDIMENSION col;
-  unsigned int maxval = source->maxval;
-  register int rindex = rgb_red[cinfo->in_color_space];
-  register int gindex = rgb_green[cinfo->in_color_space];
-  register int bindex = rgb_blue[cinfo->in_color_space];
-  register int aindex = alpha_index[cinfo->in_color_space];
-  register int ps = rgb_pixelsize[cinfo->in_color_space];
-
-  ptr = source->pub.buffer[0];
-  if (maxval == MAXJSAMPLE) {
-    if (aindex >= 0)
-      GRAY_RGB_READ_LOOP(read_pbm_integer(cinfo, infile, maxval),
-                         ptr[aindex] = 0xFF;)
-    else
-      GRAY_RGB_READ_LOOP(read_pbm_integer(cinfo, infile, maxval),)
-  } else {
-    if (aindex >= 0)
-      GRAY_RGB_READ_LOOP(rescale[read_pbm_integer(cinfo, infile, maxval)],
-                         ptr[aindex] = 0xFF;)
-    else
-      GRAY_RGB_READ_LOOP(rescale[read_pbm_integer(cinfo, infile, maxval)],)
-  }
-  return 1;
-}
-
-
-METHODDEF(JDIMENSION)
-get_text_gray_cmyk_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-/* This version is for reading text-format PGM files with any maxval and
-   converting to CMYK */
-{
-  ppm_source_ptr source = (ppm_source_ptr)sinfo;
-  FILE *infile = source->pub.input_file;
-  register JSAMPROW ptr;
-  register JSAMPLE *rescale = source->rescale;
-  JDIMENSION col;
-  unsigned int maxval = source->maxval;
-
-  ptr = source->pub.buffer[0];
-  if (maxval == MAXJSAMPLE) {
-    for (col = cinfo->image_width; col > 0; col--) {
-      JSAMPLE gray = read_pbm_integer(cinfo, infile, maxval);
-      rgb_to_cmyk(gray, gray, gray, ptr, ptr + 1, ptr + 2, ptr + 3);
-      ptr += 4;
-    }
-  } else {
-    for (col = cinfo->image_width; col > 0; col--) {
-      JSAMPLE gray = rescale[read_pbm_integer(cinfo, infile, maxval)];
-      rgb_to_cmyk(gray, gray, gray, ptr, ptr + 1, ptr + 2, ptr + 3);
-      ptr += 4;
-    }
-  }
-  return 1;
-}
-
-
-#define RGB_READ_LOOP(read_op, alpha_set_op) { \
-  for (col = cinfo->image_width; col > 0; col--) { \
-    ptr[rindex] = read_op; \
-    ptr[gindex] = read_op; \
-    ptr[bindex] = read_op; \
-    alpha_set_op \
-    ptr += ps; \
-  } \
-}
-
-METHODDEF(JDIMENSION)
-get_text_rgb_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-/* This version is for reading text-format PPM files with any maxval */
-{
-  ppm_source_ptr source = (ppm_source_ptr)sinfo;
-  FILE *infile = source->pub.input_file;
-  register JSAMPROW ptr;
-  register JSAMPLE *rescale = source->rescale;
-  JDIMENSION col;
-  unsigned int maxval = source->maxval;
-  register int rindex = rgb_red[cinfo->in_color_space];
-  register int gindex = rgb_green[cinfo->in_color_space];
-  register int bindex = rgb_blue[cinfo->in_color_space];
-  register int aindex = alpha_index[cinfo->in_color_space];
-  register int ps = rgb_pixelsize[cinfo->in_color_space];
-
-  ptr = source->pub.buffer[0];
-  if (maxval == MAXJSAMPLE) {
-    if (aindex >= 0)
-      RGB_READ_LOOP(read_pbm_integer(cinfo, infile, maxval),
-                    ptr[aindex] = 0xFF;)
-    else
-      RGB_READ_LOOP(read_pbm_integer(cinfo, infile, maxval),)
-  } else {
-    if (aindex >= 0)
-      RGB_READ_LOOP(rescale[read_pbm_integer(cinfo, infile, maxval)],
-                    ptr[aindex] = 0xFF;)
-    else
-      RGB_READ_LOOP(rescale[read_pbm_integer(cinfo, infile, maxval)],)
-  }
-  return 1;
-}
-
-
-METHODDEF(JDIMENSION)
-get_text_rgb_cmyk_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-/* This version is for reading text-format PPM files with any maxval and
-   converting to CMYK */
-{
-  ppm_source_ptr source = (ppm_source_ptr)sinfo;
-  FILE *infile = source->pub.input_file;
-  register JSAMPROW ptr;
-  register JSAMPLE *rescale = source->rescale;
-  JDIMENSION col;
-  unsigned int maxval = source->maxval;
-
-  ptr = source->pub.buffer[0];
-  if (maxval == MAXJSAMPLE) {
-    for (col = cinfo->image_width; col > 0; col--) {
-      JSAMPLE r = read_pbm_integer(cinfo, infile, maxval);
-      JSAMPLE g = read_pbm_integer(cinfo, infile, maxval);
-      JSAMPLE b = read_pbm_integer(cinfo, infile, maxval);
-      rgb_to_cmyk(r, g, b, ptr, ptr + 1, ptr + 2, ptr + 3);
-      ptr += 4;
-    }
-  } else {
-    for (col = cinfo->image_width; col > 0; col--) {
-      JSAMPLE r = rescale[read_pbm_integer(cinfo, infile, maxval)];
-      JSAMPLE g = rescale[read_pbm_integer(cinfo, infile, maxval)];
-      JSAMPLE b = rescale[read_pbm_integer(cinfo, infile, maxval)];
-      rgb_to_cmyk(r, g, b, ptr, ptr + 1, ptr + 2, ptr + 3);
-      ptr += 4;
-    }
-  }
-  return 1;
-}
-
-
-METHODDEF(JDIMENSION)
-get_scaled_gray_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-/* This version is for reading raw-byte-format PGM files with any maxval */
-{
-  ppm_source_ptr source = (ppm_source_ptr)sinfo;
-  register JSAMPROW ptr;
-  register U_CHAR *bufferptr;
-  register JSAMPLE *rescale = source->rescale;
-  JDIMENSION col;
-
-  if (!ReadOK(source->pub.input_file, source->iobuffer, source->buffer_width))
-    ERREXIT(cinfo, JERR_INPUT_EOF);
-  ptr = source->pub.buffer[0];
-  bufferptr = source->iobuffer;
-  for (col = cinfo->image_width; col > 0; col--) {
-    *ptr++ = rescale[UCH(*bufferptr++)];
-  }
-  return 1;
-}
-
-
-METHODDEF(JDIMENSION)
-get_gray_rgb_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-/* This version is for reading raw-byte-format PGM files with any maxval
-   and converting to extended RGB */
-{
-  ppm_source_ptr source = (ppm_source_ptr)sinfo;
-  register JSAMPROW ptr;
-  register U_CHAR *bufferptr;
-  register JSAMPLE *rescale = source->rescale;
-  JDIMENSION col;
-  unsigned int maxval = source->maxval;
-  register int rindex = rgb_red[cinfo->in_color_space];
-  register int gindex = rgb_green[cinfo->in_color_space];
-  register int bindex = rgb_blue[cinfo->in_color_space];
-  register int aindex = alpha_index[cinfo->in_color_space];
-  register int ps = rgb_pixelsize[cinfo->in_color_space];
-
-  if (!ReadOK(source->pub.input_file, source->iobuffer, source->buffer_width))
-    ERREXIT(cinfo, JERR_INPUT_EOF);
-  ptr = source->pub.buffer[0];
-  bufferptr = source->iobuffer;
-  if (maxval == MAXJSAMPLE) {
-    if (aindex >= 0)
-      GRAY_RGB_READ_LOOP(*bufferptr++, ptr[aindex] = 0xFF;)
-    else
-      GRAY_RGB_READ_LOOP(*bufferptr++,)
-  } else {
-    if (aindex >= 0)
-      GRAY_RGB_READ_LOOP(rescale[UCH(*bufferptr++)], ptr[aindex] = 0xFF;)
-    else
-      GRAY_RGB_READ_LOOP(rescale[UCH(*bufferptr++)],)
-  }
-  return 1;
-}
-
-
-METHODDEF(JDIMENSION)
-get_gray_cmyk_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-/* This version is for reading raw-byte-format PGM files with any maxval
-   and converting to CMYK */
-{
-  ppm_source_ptr source = (ppm_source_ptr)sinfo;
-  register JSAMPROW ptr;
-  register U_CHAR *bufferptr;
-  register JSAMPLE *rescale = source->rescale;
-  JDIMENSION col;
-  unsigned int maxval = source->maxval;
-
-  if (!ReadOK(source->pub.input_file, source->iobuffer, source->buffer_width))
-    ERREXIT(cinfo, JERR_INPUT_EOF);
-  ptr = source->pub.buffer[0];
-  bufferptr = source->iobuffer;
-  if (maxval == MAXJSAMPLE) {
-    for (col = cinfo->image_width; col > 0; col--) {
-      JSAMPLE gray = *bufferptr++;
-      rgb_to_cmyk(gray, gray, gray, ptr, ptr + 1, ptr + 2, ptr + 3);
-      ptr += 4;
-    }
-  } else {
-    for (col = cinfo->image_width; col > 0; col--) {
-      JSAMPLE gray = rescale[UCH(*bufferptr++)];
-      rgb_to_cmyk(gray, gray, gray, ptr, ptr + 1, ptr + 2, ptr + 3);
-      ptr += 4;
-    }
-  }
-  return 1;
-}
-
-
-METHODDEF(JDIMENSION)
-get_rgb_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-/* This version is for reading raw-byte-format PPM files with any maxval */
-{
-  ppm_source_ptr source = (ppm_source_ptr)sinfo;
-  register JSAMPROW ptr;
-  register U_CHAR *bufferptr;
-  register JSAMPLE *rescale = source->rescale;
-  JDIMENSION col;
-  unsigned int maxval = source->maxval;
-  register int rindex = rgb_red[cinfo->in_color_space];
-  register int gindex = rgb_green[cinfo->in_color_space];
-  register int bindex = rgb_blue[cinfo->in_color_space];
-  register int aindex = alpha_index[cinfo->in_color_space];
-  register int ps = rgb_pixelsize[cinfo->in_color_space];
-
-  if (!ReadOK(source->pub.input_file, source->iobuffer, source->buffer_width))
-    ERREXIT(cinfo, JERR_INPUT_EOF);
-  ptr = source->pub.buffer[0];
-  bufferptr = source->iobuffer;
-  if (maxval == MAXJSAMPLE) {
-    if (aindex >= 0)
-      RGB_READ_LOOP(*bufferptr++, ptr[aindex] = 0xFF;)
-    else
-      RGB_READ_LOOP(*bufferptr++,)
-  } else {
-    if (aindex >= 0)
-      RGB_READ_LOOP(rescale[UCH(*bufferptr++)], ptr[aindex] = 0xFF;)
-    else
-      RGB_READ_LOOP(rescale[UCH(*bufferptr++)],)
-  }
-  return 1;
-}
-
-
-METHODDEF(JDIMENSION)
-get_rgb_cmyk_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-/* This version is for reading raw-byte-format PPM files with any maxval and
-   converting to CMYK */
-{
-  ppm_source_ptr source = (ppm_source_ptr)sinfo;
-  register JSAMPROW ptr;
-  register U_CHAR *bufferptr;
-  register JSAMPLE *rescale = source->rescale;
-  JDIMENSION col;
-  unsigned int maxval = source->maxval;
-
-  if (!ReadOK(source->pub.input_file, source->iobuffer, source->buffer_width))
-    ERREXIT(cinfo, JERR_INPUT_EOF);
-  ptr = source->pub.buffer[0];
-  bufferptr = source->iobuffer;
-  if (maxval == MAXJSAMPLE) {
-    for (col = cinfo->image_width; col > 0; col--) {
-      JSAMPLE r = *bufferptr++;
-      JSAMPLE g = *bufferptr++;
-      JSAMPLE b = *bufferptr++;
-      rgb_to_cmyk(r, g, b, ptr, ptr + 1, ptr + 2, ptr + 3);
-      ptr += 4;
-    }
-  } else {
-    for (col = cinfo->image_width; col > 0; col--) {
-      JSAMPLE r = rescale[UCH(*bufferptr++)];
-      JSAMPLE g = rescale[UCH(*bufferptr++)];
-      JSAMPLE b = rescale[UCH(*bufferptr++)];
-      rgb_to_cmyk(r, g, b, ptr, ptr + 1, ptr + 2, ptr + 3);
-      ptr += 4;
-    }
-  }
-  return 1;
-}
-
-
-METHODDEF(JDIMENSION)
-get_raw_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-/* This version is for reading raw-byte-format files with maxval = MAXJSAMPLE.
- * In this case we just read right into the JSAMPLE buffer!
- * Note that same code works for PPM and PGM files.
- */
-{
-  ppm_source_ptr source = (ppm_source_ptr)sinfo;
-
-  if (!ReadOK(source->pub.input_file, source->iobuffer, source->buffer_width))
-    ERREXIT(cinfo, JERR_INPUT_EOF);
-  return 1;
-}
-
-
-METHODDEF(JDIMENSION)
-get_word_gray_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-/* This version is for reading raw-word-format PGM files with any maxval */
-{
-  ppm_source_ptr source = (ppm_source_ptr)sinfo;
-  register JSAMPROW ptr;
-  register U_CHAR *bufferptr;
-  register JSAMPLE *rescale = source->rescale;
-  JDIMENSION col;
-  unsigned int maxval = source->maxval;
-
-  if (!ReadOK(source->pub.input_file, source->iobuffer, source->buffer_width))
-    ERREXIT(cinfo, JERR_INPUT_EOF);
-  ptr = source->pub.buffer[0];
-  bufferptr = source->iobuffer;
-  for (col = cinfo->image_width; col > 0; col--) {
-    register unsigned int temp;
-    temp  = UCH(*bufferptr++) << 8;
-    temp |= UCH(*bufferptr++);
-    if (temp > maxval)
-      ERREXIT(cinfo, JERR_PPM_OUTOFRANGE);
-    *ptr++ = rescale[temp];
-  }
-  return 1;
-}
-
-
-METHODDEF(JDIMENSION)
-get_word_rgb_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-/* This version is for reading raw-word-format PPM files with any maxval */
-{
-  ppm_source_ptr source = (ppm_source_ptr)sinfo;
-  register JSAMPROW ptr;
-  register U_CHAR *bufferptr;
-  register JSAMPLE *rescale = source->rescale;
-  JDIMENSION col;
-  unsigned int maxval = source->maxval;
-  register int rindex = rgb_red[cinfo->in_color_space];
-  register int gindex = rgb_green[cinfo->in_color_space];
-  register int bindex = rgb_blue[cinfo->in_color_space];
-  register int aindex = alpha_index[cinfo->in_color_space];
-  register int ps = rgb_pixelsize[cinfo->in_color_space];
-
-  if (!ReadOK(source->pub.input_file, source->iobuffer, source->buffer_width))
-    ERREXIT(cinfo, JERR_INPUT_EOF);
-  ptr = source->pub.buffer[0];
-  bufferptr = source->iobuffer;
-  for (col = cinfo->image_width; col > 0; col--) {
-    register unsigned int temp;
-    temp  = UCH(*bufferptr++) << 8;
-    temp |= UCH(*bufferptr++);
-    if (temp > maxval)
-      ERREXIT(cinfo, JERR_PPM_OUTOFRANGE);
-    ptr[rindex] = rescale[temp];
-    temp  = UCH(*bufferptr++) << 8;
-    temp |= UCH(*bufferptr++);
-    if (temp > maxval)
-      ERREXIT(cinfo, JERR_PPM_OUTOFRANGE);
-    ptr[gindex] = rescale[temp];
-    temp  = UCH(*bufferptr++) << 8;
-    temp |= UCH(*bufferptr++);
-    if (temp > maxval)
-      ERREXIT(cinfo, JERR_PPM_OUTOFRANGE);
-    ptr[bindex] = rescale[temp];
-    if (aindex >= 0)
-      ptr[aindex] = 0xFF;
-    ptr += ps;
-  }
-  return 1;
-}
-
-
-/*
- * Read the file header; return image size and component count.
- */
-
-METHODDEF(void)
-start_input_ppm(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-{
-  ppm_source_ptr source = (ppm_source_ptr)sinfo;
-  int c;
-  unsigned int w, h, maxval;
-  boolean need_iobuffer, use_raw_buffer, need_rescale;
-
-  if (getc(source->pub.input_file) != 'P')
-    ERREXIT(cinfo, JERR_PPM_NOT);
-
-  c = getc(source->pub.input_file); /* subformat discriminator character */
-
-  /* detect unsupported variants (ie, PBM) before trying to read header */
-  switch (c) {
-  case '2':                     /* it's a text-format PGM file */
-  case '3':                     /* it's a text-format PPM file */
-  case '5':                     /* it's a raw-format PGM file */
-  case '6':                     /* it's a raw-format PPM file */
-    break;
-  default:
-    ERREXIT(cinfo, JERR_PPM_NOT);
-    break;
-  }
-
-  /* fetch the remaining header info */
-  w = read_pbm_integer(cinfo, source->pub.input_file, 65535);
-  h = read_pbm_integer(cinfo, source->pub.input_file, 65535);
-  maxval = read_pbm_integer(cinfo, source->pub.input_file, 65535);
-
-  if (w <= 0 || h <= 0 || maxval <= 0) /* error check */
-    ERREXIT(cinfo, JERR_PPM_NOT);
-#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
-  if (sinfo->max_pixels && (unsigned long long)w * h > sinfo->max_pixels)
-    ERREXIT(cinfo, JERR_WIDTH_OVERFLOW);
-#endif
-
-  cinfo->data_precision = BITS_IN_JSAMPLE; /* we always rescale data to this */
-  cinfo->image_width = (JDIMENSION)w;
-  cinfo->image_height = (JDIMENSION)h;
-  source->maxval = maxval;
-
-  /* initialize flags to most common settings */
-  need_iobuffer = TRUE;         /* do we need an I/O buffer? */
-  use_raw_buffer = FALSE;       /* do we map input buffer onto I/O buffer? */
-  need_rescale = TRUE;          /* do we need a rescale array? */
-
-  switch (c) {
-  case '2':                     /* it's a text-format PGM file */
-    if (cinfo->in_color_space == JCS_UNKNOWN)
-      cinfo->in_color_space = JCS_GRAYSCALE;
-    TRACEMS2(cinfo, 1, JTRC_PGM_TEXT, w, h);
-    if (cinfo->in_color_space == JCS_GRAYSCALE)
-      source->pub.get_pixel_rows = get_text_gray_row;
-    else if (IsExtRGB(cinfo->in_color_space))
-      source->pub.get_pixel_rows = get_text_gray_rgb_row;
-    else if (cinfo->in_color_space == JCS_CMYK)
-      source->pub.get_pixel_rows = get_text_gray_cmyk_row;
-    else
-      ERREXIT(cinfo, JERR_BAD_IN_COLORSPACE);
-    need_iobuffer = FALSE;
-    break;
-
-  case '3':                     /* it's a text-format PPM file */
-    if (cinfo->in_color_space == JCS_UNKNOWN)
-      cinfo->in_color_space = JCS_EXT_RGB;
-    TRACEMS2(cinfo, 1, JTRC_PPM_TEXT, w, h);
-    if (IsExtRGB(cinfo->in_color_space))
-      source->pub.get_pixel_rows = get_text_rgb_row;
-    else if (cinfo->in_color_space == JCS_CMYK)
-      source->pub.get_pixel_rows = get_text_rgb_cmyk_row;
-    else
-      ERREXIT(cinfo, JERR_BAD_IN_COLORSPACE);
-    need_iobuffer = FALSE;
-    break;
-
-  case '5':                     /* it's a raw-format PGM file */
-    if (cinfo->in_color_space == JCS_UNKNOWN)
-      cinfo->in_color_space = JCS_GRAYSCALE;
-    TRACEMS2(cinfo, 1, JTRC_PGM, w, h);
-    if (maxval > 255) {
-      if (cinfo->in_color_space == JCS_GRAYSCALE)
-        source->pub.get_pixel_rows = get_word_gray_row;
-      else
-        ERREXIT(cinfo, JERR_BAD_IN_COLORSPACE);
-    } else if (maxval == MAXJSAMPLE && sizeof(JSAMPLE) == sizeof(U_CHAR) &&
-               cinfo->in_color_space == JCS_GRAYSCALE) {
-      source->pub.get_pixel_rows = get_raw_row;
-      use_raw_buffer = TRUE;
-      need_rescale = FALSE;
-    } else {
-      if (cinfo->in_color_space == JCS_GRAYSCALE)
-        source->pub.get_pixel_rows = get_scaled_gray_row;
-      else if (IsExtRGB(cinfo->in_color_space))
-        source->pub.get_pixel_rows = get_gray_rgb_row;
-      else if (cinfo->in_color_space == JCS_CMYK)
-        source->pub.get_pixel_rows = get_gray_cmyk_row;
-      else
-        ERREXIT(cinfo, JERR_BAD_IN_COLORSPACE);
-    }
-    break;
-
-  case '6':                     /* it's a raw-format PPM file */
-    if (cinfo->in_color_space == JCS_UNKNOWN)
-      cinfo->in_color_space = JCS_EXT_RGB;
-    TRACEMS2(cinfo, 1, JTRC_PPM, w, h);
-    if (maxval > 255) {
-      if (IsExtRGB(cinfo->in_color_space))
-        source->pub.get_pixel_rows = get_word_rgb_row;
-      else
-        ERREXIT(cinfo, JERR_BAD_IN_COLORSPACE);
-    } else if (maxval == MAXJSAMPLE && sizeof(JSAMPLE) == sizeof(U_CHAR) &&
-#if RGB_RED == 0 && RGB_GREEN == 1 && RGB_BLUE == 2 && RGB_PIXELSIZE == 3
-               (cinfo->in_color_space == JCS_EXT_RGB ||
-                cinfo->in_color_space == JCS_RGB)) {
-#else
-               cinfo->in_color_space == JCS_EXT_RGB) {
-#endif
-      source->pub.get_pixel_rows = get_raw_row;
-      use_raw_buffer = TRUE;
-      need_rescale = FALSE;
-    } else {
-      if (IsExtRGB(cinfo->in_color_space))
-        source->pub.get_pixel_rows = get_rgb_row;
-      else if (cinfo->in_color_space == JCS_CMYK)
-        source->pub.get_pixel_rows = get_rgb_cmyk_row;
-      else
-        ERREXIT(cinfo, JERR_BAD_IN_COLORSPACE);
-    }
-    break;
-  }
-
-  if (IsExtRGB(cinfo->in_color_space))
-    cinfo->input_components = rgb_pixelsize[cinfo->in_color_space];
-  else if (cinfo->in_color_space == JCS_GRAYSCALE)
-    cinfo->input_components = 1;
-  else if (cinfo->in_color_space == JCS_CMYK)
-    cinfo->input_components = 4;
-
-  /* Allocate space for I/O buffer: 1 or 3 bytes or words/pixel. */
-  if (need_iobuffer) {
-    if (c == '6')
-      source->buffer_width = (size_t)w * 3 *
-        ((maxval <= 255) ? sizeof(U_CHAR) : (2 * sizeof(U_CHAR)));
-    else
-      source->buffer_width = (size_t)w *
-        ((maxval <= 255) ? sizeof(U_CHAR) : (2 * sizeof(U_CHAR)));
-    source->iobuffer = (U_CHAR *)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                  source->buffer_width);
-  }
-
-  /* Create compressor input buffer. */
-  if (use_raw_buffer) {
-    /* For unscaled raw-input case, we can just map it onto the I/O buffer. */
-    /* Synthesize a JSAMPARRAY pointer structure */
-    source->pixrow = (JSAMPROW)source->iobuffer;
-    source->pub.buffer = &source->pixrow;
-    source->pub.buffer_height = 1;
-  } else {
-    /* Need to translate anyway, so make a separate sample buffer. */
-    source->pub.buffer = (*cinfo->mem->alloc_sarray)
-      ((j_common_ptr)cinfo, JPOOL_IMAGE,
-       (JDIMENSION)w * cinfo->input_components, (JDIMENSION)1);
-    source->pub.buffer_height = 1;
-  }
-
-  /* Compute the rescaling array if required. */
-  if (need_rescale) {
-    long val, half_maxval;
-
-    /* On 16-bit-int machines we have to be careful of maxval = 65535 */
-    source->rescale = (JSAMPLE *)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                  (size_t)(((long)MAX(maxval, 255) + 1L) *
-                                           sizeof(JSAMPLE)));
-    MEMZERO(source->rescale, (size_t)(((long)MAX(maxval, 255) + 1L) *
-                                      sizeof(JSAMPLE)));
-    half_maxval = maxval / 2;
-    for (val = 0; val <= (long)maxval; val++) {
-      /* The multiplication here must be done in 32 bits to avoid overflow */
-      source->rescale[val] = (JSAMPLE)((val * MAXJSAMPLE + half_maxval) /
-                                        maxval);
-    }
-  }
-}
-
-
-/*
- * Finish up at the end of the file.
- */
-
-METHODDEF(void)
-finish_input_ppm(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-{
-  /* no work */
-}
-
-
-/*
- * The module selection routine for PPM format input.
- */
-
-GLOBAL(cjpeg_source_ptr)
-jinit_read_ppm(j_compress_ptr cinfo)
-{
-  ppm_source_ptr source;
-
-  /* Create module interface object */
-  source = (ppm_source_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(ppm_source_struct));
-  /* Fill in method ptrs, except get_pixel_rows which start_input sets */
-  source->pub.start_input = start_input_ppm;
-  source->pub.finish_input = finish_input_ppm;
-#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
-  source->pub.max_pixels = 0;
-#endif
-
-  return (cjpeg_source_ptr)source;
-}
-
-#endif /* PPM_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/rdswitch.c b/3rdparty/libjpeg-turbo_2_1_0/rdswitch.c
deleted file mode 100644
index 886fec3..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/rdswitch.c
+++ /dev/null
@@ -1,424 +0,0 @@
-/*
- * rdswitch.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1996, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2010, 2018, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains routines to process some of cjpeg's more complicated
- * command-line switches.  Switches processed here are:
- *      -qtables file           Read quantization tables from text file
- *      -scans file             Read scan script from text file
- *      -quality N[,N,...]      Set quality ratings
- *      -qslots N[,N,...]       Set component quantization table selectors
- *      -sample HxV[,HxV,...]   Set component sampling factors
- */
-
-#include "cdjpeg.h"             /* Common decls for cjpeg/djpeg applications */
-#include <ctype.h>              /* to declare isdigit(), isspace() */
-
-
-LOCAL(int)
-text_getc(FILE *file)
-/* Read next char, skipping over any comments (# to end of line) */
-/* A comment/newline sequence is returned as a newline */
-{
-  register int ch;
-
-  ch = getc(file);
-  if (ch == '#') {
-    do {
-      ch = getc(file);
-    } while (ch != '\n' && ch != EOF);
-  }
-  return ch;
-}
-
-
-LOCAL(boolean)
-read_text_integer(FILE *file, long *result, int *termchar)
-/* Read an unsigned decimal integer from a file, store it in result */
-/* Reads one trailing character after the integer; returns it in termchar */
-{
-  register int ch;
-  register long val;
-
-  /* Skip any leading whitespace, detect EOF */
-  do {
-    ch = text_getc(file);
-    if (ch == EOF) {
-      *termchar = ch;
-      return FALSE;
-    }
-  } while (isspace(ch));
-
-  if (!isdigit(ch)) {
-    *termchar = ch;
-    return FALSE;
-  }
-
-  val = ch - '0';
-  while ((ch = text_getc(file)) != EOF) {
-    if (!isdigit(ch))
-      break;
-    val *= 10;
-    val += ch - '0';
-  }
-  *result = val;
-  *termchar = ch;
-  return TRUE;
-}
-
-
-#if JPEG_LIB_VERSION < 70
-static int q_scale_factor[NUM_QUANT_TBLS] = { 100, 100, 100, 100 };
-#endif
-
-GLOBAL(boolean)
-read_quant_tables(j_compress_ptr cinfo, char *filename, boolean force_baseline)
-/* Read a set of quantization tables from the specified file.
- * The file is plain ASCII text: decimal numbers with whitespace between.
- * Comments preceded by '#' may be included in the file.
- * There may be one to NUM_QUANT_TBLS tables in the file, each of 64 values.
- * The tables are implicitly numbered 0,1,etc.
- * NOTE: does not affect the qslots mapping, which will default to selecting
- * table 0 for luminance (or primary) components, 1 for chrominance components.
- * You must use -qslots if you want a different component->table mapping.
- */
-{
-  FILE *fp;
-  int tblno, i, termchar;
-  long val;
-  unsigned int table[DCTSIZE2];
-
-  if ((fp = fopen(filename, "r")) == NULL) {
-    fprintf(stderr, "Can't open table file %s\n", filename);
-    return FALSE;
-  }
-  tblno = 0;
-
-  while (read_text_integer(fp, &val, &termchar)) { /* read 1st element of table */
-    if (tblno >= NUM_QUANT_TBLS) {
-      fprintf(stderr, "Too many tables in file %s\n", filename);
-      fclose(fp);
-      return FALSE;
-    }
-    table[0] = (unsigned int)val;
-    for (i = 1; i < DCTSIZE2; i++) {
-      if (!read_text_integer(fp, &val, &termchar)) {
-        fprintf(stderr, "Invalid table data in file %s\n", filename);
-        fclose(fp);
-        return FALSE;
-      }
-      table[i] = (unsigned int)val;
-    }
-#if JPEG_LIB_VERSION >= 70
-    jpeg_add_quant_table(cinfo, tblno, table, cinfo->q_scale_factor[tblno],
-                         force_baseline);
-#else
-    jpeg_add_quant_table(cinfo, tblno, table, q_scale_factor[tblno],
-                         force_baseline);
-#endif
-    tblno++;
-  }
-
-  if (termchar != EOF) {
-    fprintf(stderr, "Non-numeric data in file %s\n", filename);
-    fclose(fp);
-    return FALSE;
-  }
-
-  fclose(fp);
-  return TRUE;
-}
-
-
-#ifdef C_MULTISCAN_FILES_SUPPORTED
-
-LOCAL(boolean)
-read_scan_integer(FILE *file, long *result, int *termchar)
-/* Variant of read_text_integer that always looks for a non-space termchar;
- * this simplifies parsing of punctuation in scan scripts.
- */
-{
-  register int ch;
-
-  if (!read_text_integer(file, result, termchar))
-    return FALSE;
-  ch = *termchar;
-  while (ch != EOF && isspace(ch))
-    ch = text_getc(file);
-  if (isdigit(ch)) {            /* oops, put it back */
-    if (ungetc(ch, file) == EOF)
-      return FALSE;
-    ch = ' ';
-  } else {
-    /* Any separators other than ';' and ':' are ignored;
-     * this allows user to insert commas, etc, if desired.
-     */
-    if (ch != EOF && ch != ';' && ch != ':')
-      ch = ' ';
-  }
-  *termchar = ch;
-  return TRUE;
-}
-
-
-GLOBAL(boolean)
-read_scan_script(j_compress_ptr cinfo, char *filename)
-/* Read a scan script from the specified text file.
- * Each entry in the file defines one scan to be emitted.
- * Entries are separated by semicolons ';'.
- * An entry contains one to four component indexes,
- * optionally followed by a colon ':' and four progressive-JPEG parameters.
- * The component indexes denote which component(s) are to be transmitted
- * in the current scan.  The first component has index 0.
- * Sequential JPEG is used if the progressive-JPEG parameters are omitted.
- * The file is free format text: any whitespace may appear between numbers
- * and the ':' and ';' punctuation marks.  Also, other punctuation (such
- * as commas or dashes) can be placed between numbers if desired.
- * Comments preceded by '#' may be included in the file.
- * Note: we do very little validity checking here;
- * jcmaster.c will validate the script parameters.
- */
-{
-  FILE *fp;
-  int scanno, ncomps, termchar;
-  long val;
-  jpeg_scan_info *scanptr;
-#define MAX_SCANS  100          /* quite arbitrary limit */
-  jpeg_scan_info scans[MAX_SCANS];
-
-  if ((fp = fopen(filename, "r")) == NULL) {
-    fprintf(stderr, "Can't open scan definition file %s\n", filename);
-    return FALSE;
-  }
-  scanptr = scans;
-  scanno = 0;
-
-  while (read_scan_integer(fp, &val, &termchar)) {
-    if (scanno >= MAX_SCANS) {
-      fprintf(stderr, "Too many scans defined in file %s\n", filename);
-      fclose(fp);
-      return FALSE;
-    }
-    scanptr->component_index[0] = (int)val;
-    ncomps = 1;
-    while (termchar == ' ') {
-      if (ncomps >= MAX_COMPS_IN_SCAN) {
-        fprintf(stderr, "Too many components in one scan in file %s\n",
-                filename);
-        fclose(fp);
-        return FALSE;
-      }
-      if (!read_scan_integer(fp, &val, &termchar))
-        goto bogus;
-      scanptr->component_index[ncomps] = (int)val;
-      ncomps++;
-    }
-    scanptr->comps_in_scan = ncomps;
-    if (termchar == ':') {
-      if (!read_scan_integer(fp, &val, &termchar) || termchar != ' ')
-        goto bogus;
-      scanptr->Ss = (int)val;
-      if (!read_scan_integer(fp, &val, &termchar) || termchar != ' ')
-        goto bogus;
-      scanptr->Se = (int)val;
-      if (!read_scan_integer(fp, &val, &termchar) || termchar != ' ')
-        goto bogus;
-      scanptr->Ah = (int)val;
-      if (!read_scan_integer(fp, &val, &termchar))
-        goto bogus;
-      scanptr->Al = (int)val;
-    } else {
-      /* set non-progressive parameters */
-      scanptr->Ss = 0;
-      scanptr->Se = DCTSIZE2 - 1;
-      scanptr->Ah = 0;
-      scanptr->Al = 0;
-    }
-    if (termchar != ';' && termchar != EOF) {
-bogus:
-      fprintf(stderr, "Invalid scan entry format in file %s\n", filename);
-      fclose(fp);
-      return FALSE;
-    }
-    scanptr++, scanno++;
-  }
-
-  if (termchar != EOF) {
-    fprintf(stderr, "Non-numeric data in file %s\n", filename);
-    fclose(fp);
-    return FALSE;
-  }
-
-  if (scanno > 0) {
-    /* Stash completed scan list in cinfo structure.
-     * NOTE: for cjpeg's use, JPOOL_IMAGE is the right lifetime for this data,
-     * but if you want to compress multiple images you'd want JPOOL_PERMANENT.
-     */
-    scanptr = (jpeg_scan_info *)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                  scanno * sizeof(jpeg_scan_info));
-    MEMCOPY(scanptr, scans, scanno * sizeof(jpeg_scan_info));
-    cinfo->scan_info = scanptr;
-    cinfo->num_scans = scanno;
-  }
-
-  fclose(fp);
-  return TRUE;
-}
-
-#endif /* C_MULTISCAN_FILES_SUPPORTED */
-
-
-#if JPEG_LIB_VERSION < 70
-/* These are the sample quantization tables given in Annex K (Clause K.1) of
- * Recommendation ITU-T T.81 (1992) | ISO/IEC 10918-1:1994.
- * The spec says that the values given produce "good" quality, and
- * when divided by 2, "very good" quality.
- */
-static const unsigned int std_luminance_quant_tbl[DCTSIZE2] = {
-  16,  11,  10,  16,  24,  40,  51,  61,
-  12,  12,  14,  19,  26,  58,  60,  55,
-  14,  13,  16,  24,  40,  57,  69,  56,
-  14,  17,  22,  29,  51,  87,  80,  62,
-  18,  22,  37,  56,  68, 109, 103,  77,
-  24,  35,  55,  64,  81, 104, 113,  92,
-  49,  64,  78,  87, 103, 121, 120, 101,
-  72,  92,  95,  98, 112, 100, 103,  99
-};
-static const unsigned int std_chrominance_quant_tbl[DCTSIZE2] = {
-  17,  18,  24,  47,  99,  99,  99,  99,
-  18,  21,  26,  66,  99,  99,  99,  99,
-  24,  26,  56,  99,  99,  99,  99,  99,
-  47,  66,  99,  99,  99,  99,  99,  99,
-  99,  99,  99,  99,  99,  99,  99,  99,
-  99,  99,  99,  99,  99,  99,  99,  99,
-  99,  99,  99,  99,  99,  99,  99,  99,
-  99,  99,  99,  99,  99,  99,  99,  99
-};
-
-
-LOCAL(void)
-jpeg_default_qtables(j_compress_ptr cinfo, boolean force_baseline)
-{
-  jpeg_add_quant_table(cinfo, 0, std_luminance_quant_tbl, q_scale_factor[0],
-                       force_baseline);
-  jpeg_add_quant_table(cinfo, 1, std_chrominance_quant_tbl, q_scale_factor[1],
-                       force_baseline);
-}
-#endif
-
-
-GLOBAL(boolean)
-set_quality_ratings(j_compress_ptr cinfo, char *arg, boolean force_baseline)
-/* Process a quality-ratings parameter string, of the form
- *     N[,N,...]
- * If there are more q-table slots than parameters, the last value is replicated.
- */
-{
-  int val = 75;                 /* default value */
-  int tblno;
-  char ch;
-
-  for (tblno = 0; tblno < NUM_QUANT_TBLS; tblno++) {
-    if (*arg) {
-      ch = ',';                 /* if not set by sscanf, will be ',' */
-      if (sscanf(arg, "%d%c", &val, &ch) < 1)
-        return FALSE;
-      if (ch != ',')            /* syntax check */
-        return FALSE;
-      /* Convert user 0-100 rating to percentage scaling */
-#if JPEG_LIB_VERSION >= 70
-      cinfo->q_scale_factor[tblno] = jpeg_quality_scaling(val);
-#else
-      q_scale_factor[tblno] = jpeg_quality_scaling(val);
-#endif
-      while (*arg && *arg++ != ','); /* advance to next segment of arg
-                                        string */
-    } else {
-      /* reached end of parameter, set remaining factors to last value */
-#if JPEG_LIB_VERSION >= 70
-      cinfo->q_scale_factor[tblno] = jpeg_quality_scaling(val);
-#else
-      q_scale_factor[tblno] = jpeg_quality_scaling(val);
-#endif
-    }
-  }
-  jpeg_default_qtables(cinfo, force_baseline);
-  return TRUE;
-}
-
-
-GLOBAL(boolean)
-set_quant_slots(j_compress_ptr cinfo, char *arg)
-/* Process a quantization-table-selectors parameter string, of the form
- *     N[,N,...]
- * If there are more components than parameters, the last value is replicated.
- */
-{
-  int val = 0;                  /* default table # */
-  int ci;
-  char ch;
-
-  for (ci = 0; ci < MAX_COMPONENTS; ci++) {
-    if (*arg) {
-      ch = ',';                 /* if not set by sscanf, will be ',' */
-      if (sscanf(arg, "%d%c", &val, &ch) < 1)
-        return FALSE;
-      if (ch != ',')            /* syntax check */
-        return FALSE;
-      if (val < 0 || val >= NUM_QUANT_TBLS) {
-        fprintf(stderr, "JPEG quantization tables are numbered 0..%d\n",
-                NUM_QUANT_TBLS - 1);
-        return FALSE;
-      }
-      cinfo->comp_info[ci].quant_tbl_no = val;
-      while (*arg && *arg++ != ','); /* advance to next segment of arg
-                                        string */
-    } else {
-      /* reached end of parameter, set remaining components to last table */
-      cinfo->comp_info[ci].quant_tbl_no = val;
-    }
-  }
-  return TRUE;
-}
-
-
-GLOBAL(boolean)
-set_sample_factors(j_compress_ptr cinfo, char *arg)
-/* Process a sample-factors parameter string, of the form
- *     HxV[,HxV,...]
- * If there are more components than parameters, "1x1" is assumed for the rest.
- */
-{
-  int ci, val1, val2;
-  char ch1, ch2;
-
-  for (ci = 0; ci < MAX_COMPONENTS; ci++) {
-    if (*arg) {
-      ch2 = ',';                /* if not set by sscanf, will be ',' */
-      if (sscanf(arg, "%d%c%d%c", &val1, &ch1, &val2, &ch2) < 3)
-        return FALSE;
-      if ((ch1 != 'x' && ch1 != 'X') || ch2 != ',') /* syntax check */
-        return FALSE;
-      if (val1 <= 0 || val1 > 4 || val2 <= 0 || val2 > 4) {
-        fprintf(stderr, "JPEG sampling factors must be 1..4\n");
-        return FALSE;
-      }
-      cinfo->comp_info[ci].h_samp_factor = val1;
-      cinfo->comp_info[ci].v_samp_factor = val2;
-      while (*arg && *arg++ != ',');  /* advance to next segment of arg
-                                         string */
-    } else {
-      /* reached end of parameter, set remaining components to 1x1 sampling */
-      cinfo->comp_info[ci].h_samp_factor = 1;
-      cinfo->comp_info[ci].v_samp_factor = 1;
-    }
-  }
-  return TRUE;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/rdtarga.c b/3rdparty/libjpeg-turbo_2_1_0/rdtarga.c
deleted file mode 100644
index 8f2d031..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/rdtarga.c
+++ /dev/null
@@ -1,508 +0,0 @@
-/*
- * rdtarga.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1996, Thomas G. Lane.
- * Modified 2017 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2018, 2021, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains routines to read input images in Targa format.
- *
- * These routines may need modification for non-Unix environments or
- * specialized applications.  As they stand, they assume input from
- * an ordinary stdio stream.  They further assume that reading begins
- * at the start of the file; start_input may need work if the
- * user interface has already read some data (e.g., to determine that
- * the file is indeed Targa format).
- *
- * Based on code contributed by Lee Daniel Crocker.
- */
-
-#include "cdjpeg.h"             /* Common decls for cjpeg/djpeg applications */
-
-#ifdef TARGA_SUPPORTED
-
-
-/* Macros to deal with unsigned chars as efficiently as compiler allows */
-
-typedef unsigned char U_CHAR;
-#define UCH(x)  ((int)(x))
-
-
-#define ReadOK(file, buffer, len) \
-  (JFREAD(file, buffer, len) == ((size_t)(len)))
-
-
-/* Private version of data source object */
-
-typedef struct _tga_source_struct *tga_source_ptr;
-
-typedef struct _tga_source_struct {
-  struct cjpeg_source_struct pub; /* public fields */
-
-  j_compress_ptr cinfo;         /* back link saves passing separate parm */
-
-  JSAMPARRAY colormap;          /* Targa colormap (converted to my format) */
-
-  jvirt_sarray_ptr whole_image; /* Needed if funny input row order */
-  JDIMENSION current_row;       /* Current logical row number to read */
-
-  /* Pointer to routine to extract next Targa pixel from input file */
-  void (*read_pixel) (tga_source_ptr sinfo);
-
-  /* Result of read_pixel is delivered here: */
-  U_CHAR tga_pixel[4];
-
-  int pixel_size;               /* Bytes per Targa pixel (1 to 4) */
-  int cmap_length;              /* colormap length */
-
-  /* State info for reading RLE-coded pixels; both counts must be init to 0 */
-  int block_count;              /* # of pixels remaining in RLE block */
-  int dup_pixel_count;          /* # of times to duplicate previous pixel */
-
-  /* This saves the correct pixel-row-expansion method for preload_image */
-  JDIMENSION (*get_pixel_rows) (j_compress_ptr cinfo, cjpeg_source_ptr sinfo);
-} tga_source_struct;
-
-
-/* For expanding 5-bit pixel values to 8-bit with best rounding */
-
-static const UINT8 c5to8bits[32] = {
-    0,   8,  16,  25,  33,  41,  49,  58,
-   66,  74,  82,  90,  99, 107, 115, 123,
-  132, 140, 148, 156, 165, 173, 181, 189,
-  197, 206, 214, 222, 230, 239, 247, 255
-};
-
-
-
-LOCAL(int)
-read_byte(tga_source_ptr sinfo)
-/* Read next byte from Targa file */
-{
-  register FILE *infile = sinfo->pub.input_file;
-  register int c;
-
-  if ((c = getc(infile)) == EOF)
-    ERREXIT(sinfo->cinfo, JERR_INPUT_EOF);
-  return c;
-}
-
-
-LOCAL(void)
-read_colormap(tga_source_ptr sinfo, int cmaplen, int mapentrysize)
-/* Read the colormap from a Targa file */
-{
-  int i;
-
-  /* Presently only handles 24-bit BGR format */
-  if (mapentrysize != 24)
-    ERREXIT(sinfo->cinfo, JERR_TGA_BADCMAP);
-
-  for (i = 0; i < cmaplen; i++) {
-    sinfo->colormap[2][i] = (JSAMPLE)read_byte(sinfo);
-    sinfo->colormap[1][i] = (JSAMPLE)read_byte(sinfo);
-    sinfo->colormap[0][i] = (JSAMPLE)read_byte(sinfo);
-  }
-}
-
-
-/*
- * read_pixel methods: get a single pixel from Targa file into tga_pixel[]
- */
-
-METHODDEF(void)
-read_non_rle_pixel(tga_source_ptr sinfo)
-/* Read one Targa pixel from the input file; no RLE expansion */
-{
-  register int i;
-
-  for (i = 0; i < sinfo->pixel_size; i++) {
-    sinfo->tga_pixel[i] = (U_CHAR)read_byte(sinfo);
-  }
-}
-
-
-METHODDEF(void)
-read_rle_pixel(tga_source_ptr sinfo)
-/* Read one Targa pixel from the input file, expanding RLE data as needed */
-{
-  register int i;
-
-  /* Duplicate previously read pixel? */
-  if (sinfo->dup_pixel_count > 0) {
-    sinfo->dup_pixel_count--;
-    return;
-  }
-
-  /* Time to read RLE block header? */
-  if (--sinfo->block_count < 0) { /* decrement pixels remaining in block */
-    i = read_byte(sinfo);
-    if (i & 0x80) {             /* Start of duplicate-pixel block? */
-      sinfo->dup_pixel_count = i & 0x7F; /* number of dups after this one */
-      sinfo->block_count = 0;   /* then read new block header */
-    } else {
-      sinfo->block_count = i & 0x7F; /* number of pixels after this one */
-    }
-  }
-
-  /* Read next pixel */
-  for (i = 0; i < sinfo->pixel_size; i++) {
-    sinfo->tga_pixel[i] = (U_CHAR)read_byte(sinfo);
-  }
-}
-
-
-/*
- * Read one row of pixels.
- *
- * We provide several different versions depending on input file format.
- */
-
-
-METHODDEF(JDIMENSION)
-get_8bit_gray_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-/* This version is for reading 8-bit grayscale pixels */
-{
-  tga_source_ptr source = (tga_source_ptr)sinfo;
-  register JSAMPROW ptr;
-  register JDIMENSION col;
-
-  ptr = source->pub.buffer[0];
-  for (col = cinfo->image_width; col > 0; col--) {
-    (*source->read_pixel) (source); /* Load next pixel into tga_pixel */
-    *ptr++ = (JSAMPLE)UCH(source->tga_pixel[0]);
-  }
-  return 1;
-}
-
-METHODDEF(JDIMENSION)
-get_8bit_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-/* This version is for reading 8-bit colormap indexes */
-{
-  tga_source_ptr source = (tga_source_ptr)sinfo;
-  register int t;
-  register JSAMPROW ptr;
-  register JDIMENSION col;
-  register JSAMPARRAY colormap = source->colormap;
-  int cmaplen = source->cmap_length;
-
-  ptr = source->pub.buffer[0];
-  for (col = cinfo->image_width; col > 0; col--) {
-    (*source->read_pixel) (source); /* Load next pixel into tga_pixel */
-    t = UCH(source->tga_pixel[0]);
-    if (t >= cmaplen)
-      ERREXIT(cinfo, JERR_TGA_BADPARMS);
-    *ptr++ = colormap[0][t];
-    *ptr++ = colormap[1][t];
-    *ptr++ = colormap[2][t];
-  }
-  return 1;
-}
-
-METHODDEF(JDIMENSION)
-get_16bit_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-/* This version is for reading 16-bit pixels */
-{
-  tga_source_ptr source = (tga_source_ptr)sinfo;
-  register int t;
-  register JSAMPROW ptr;
-  register JDIMENSION col;
-
-  ptr = source->pub.buffer[0];
-  for (col = cinfo->image_width; col > 0; col--) {
-    (*source->read_pixel) (source); /* Load next pixel into tga_pixel */
-    t = UCH(source->tga_pixel[0]);
-    t += UCH(source->tga_pixel[1]) << 8;
-    /* We expand 5 bit data to 8 bit sample width.
-     * The format of the 16-bit (LSB first) input word is
-     *     xRRRRRGGGGGBBBBB
-     */
-    ptr[2] = (JSAMPLE)c5to8bits[t & 0x1F];
-    t >>= 5;
-    ptr[1] = (JSAMPLE)c5to8bits[t & 0x1F];
-    t >>= 5;
-    ptr[0] = (JSAMPLE)c5to8bits[t & 0x1F];
-    ptr += 3;
-  }
-  return 1;
-}
-
-METHODDEF(JDIMENSION)
-get_24bit_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-/* This version is for reading 24-bit pixels */
-{
-  tga_source_ptr source = (tga_source_ptr)sinfo;
-  register JSAMPROW ptr;
-  register JDIMENSION col;
-
-  ptr = source->pub.buffer[0];
-  for (col = cinfo->image_width; col > 0; col--) {
-    (*source->read_pixel) (source); /* Load next pixel into tga_pixel */
-    *ptr++ = (JSAMPLE)UCH(source->tga_pixel[2]); /* change BGR to RGB order */
-    *ptr++ = (JSAMPLE)UCH(source->tga_pixel[1]);
-    *ptr++ = (JSAMPLE)UCH(source->tga_pixel[0]);
-  }
-  return 1;
-}
-
-/*
- * Targa also defines a 32-bit pixel format with order B,G,R,A.
- * We presently ignore the attribute byte, so the code for reading
- * these pixels is identical to the 24-bit routine above.
- * This works because the actual pixel length is only known to read_pixel.
- */
-
-#define get_32bit_row  get_24bit_row
-
-
-/*
- * This method is for re-reading the input data in standard top-down
- * row order.  The entire image has already been read into whole_image
- * with proper conversion of pixel format, but it's in a funny row order.
- */
-
-METHODDEF(JDIMENSION)
-get_memory_row(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-{
-  tga_source_ptr source = (tga_source_ptr)sinfo;
-  JDIMENSION source_row;
-
-  /* Compute row of source that maps to current_row of normal order */
-  /* For now, assume image is bottom-up and not interlaced. */
-  /* NEEDS WORK to support interlaced images! */
-  source_row = cinfo->image_height - source->current_row - 1;
-
-  /* Fetch that row from virtual array */
-  source->pub.buffer = (*cinfo->mem->access_virt_sarray)
-    ((j_common_ptr)cinfo, source->whole_image,
-     source_row, (JDIMENSION)1, FALSE);
-
-  source->current_row++;
-  return 1;
-}
-
-
-/*
- * This method loads the image into whole_image during the first call on
- * get_pixel_rows.  The get_pixel_rows pointer is then adjusted to call
- * get_memory_row on subsequent calls.
- */
-
-METHODDEF(JDIMENSION)
-preload_image(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-{
-  tga_source_ptr source = (tga_source_ptr)sinfo;
-  JDIMENSION row;
-  cd_progress_ptr progress = (cd_progress_ptr)cinfo->progress;
-
-  /* Read the data into a virtual array in input-file row order. */
-  for (row = 0; row < cinfo->image_height; row++) {
-    if (progress != NULL) {
-      progress->pub.pass_counter = (long)row;
-      progress->pub.pass_limit = (long)cinfo->image_height;
-      (*progress->pub.progress_monitor) ((j_common_ptr)cinfo);
-    }
-    source->pub.buffer = (*cinfo->mem->access_virt_sarray)
-      ((j_common_ptr)cinfo, source->whole_image, row, (JDIMENSION)1, TRUE);
-    (*source->get_pixel_rows) (cinfo, sinfo);
-  }
-  if (progress != NULL)
-    progress->completed_extra_passes++;
-
-  /* Set up to read from the virtual array in unscrambled order */
-  source->pub.get_pixel_rows = get_memory_row;
-  source->current_row = 0;
-  /* And read the first row */
-  return get_memory_row(cinfo, sinfo);
-}
-
-
-/*
- * Read the file header; return image size and component count.
- */
-
-METHODDEF(void)
-start_input_tga(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-{
-  tga_source_ptr source = (tga_source_ptr)sinfo;
-  U_CHAR targaheader[18];
-  int idlen, cmaptype, subtype, flags, interlace_type, components;
-  unsigned int width, height, maplen;
-  boolean is_bottom_up;
-
-#define GET_2B(offset) \
-  ((unsigned int)UCH(targaheader[offset]) + \
-   (((unsigned int)UCH(targaheader[offset + 1])) << 8))
-
-  if (!ReadOK(source->pub.input_file, targaheader, 18))
-    ERREXIT(cinfo, JERR_INPUT_EOF);
-
-  /* Pretend "15-bit" pixels are 16-bit --- we ignore attribute bit anyway */
-  if (targaheader[16] == 15)
-    targaheader[16] = 16;
-
-  idlen = UCH(targaheader[0]);
-  cmaptype = UCH(targaheader[1]);
-  subtype = UCH(targaheader[2]);
-  maplen = GET_2B(5);
-  width = GET_2B(12);
-  height = GET_2B(14);
-  source->pixel_size = UCH(targaheader[16]) >> 3;
-  flags = UCH(targaheader[17]); /* Image Descriptor byte */
-
-  is_bottom_up = ((flags & 0x20) == 0); /* bit 5 set => top-down */
-  interlace_type = flags >> 6;  /* bits 6/7 are interlace code */
-
-  if (cmaptype > 1 ||           /* cmaptype must be 0 or 1 */
-      source->pixel_size < 1 || source->pixel_size > 4 ||
-      (UCH(targaheader[16]) & 7) != 0 || /* bits/pixel must be multiple of 8 */
-      interlace_type != 0 ||      /* currently don't allow interlaced image */
-      width == 0 || height == 0)  /* image width/height must be non-zero */
-    ERREXIT(cinfo, JERR_TGA_BADPARMS);
-#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
-  if (sinfo->max_pixels &&
-      (unsigned long long)width * height > sinfo->max_pixels)
-    ERREXIT(cinfo, JERR_WIDTH_OVERFLOW);
-#endif
-
-  if (subtype > 8) {
-    /* It's an RLE-coded file */
-    source->read_pixel = read_rle_pixel;
-    source->block_count = source->dup_pixel_count = 0;
-    subtype -= 8;
-  } else {
-    /* Non-RLE file */
-    source->read_pixel = read_non_rle_pixel;
-  }
-
-  /* Now should have subtype 1, 2, or 3 */
-  components = 3;               /* until proven different */
-  cinfo->in_color_space = JCS_RGB;
-
-  switch (subtype) {
-  case 1:                       /* Colormapped image */
-    if (source->pixel_size == 1 && cmaptype == 1)
-      source->get_pixel_rows = get_8bit_row;
-    else
-      ERREXIT(cinfo, JERR_TGA_BADPARMS);
-    TRACEMS2(cinfo, 1, JTRC_TGA_MAPPED, width, height);
-    break;
-  case 2:                       /* RGB image */
-    switch (source->pixel_size) {
-    case 2:
-      source->get_pixel_rows = get_16bit_row;
-      break;
-    case 3:
-      source->get_pixel_rows = get_24bit_row;
-      break;
-    case 4:
-      source->get_pixel_rows = get_32bit_row;
-      break;
-    default:
-      ERREXIT(cinfo, JERR_TGA_BADPARMS);
-      break;
-    }
-    TRACEMS2(cinfo, 1, JTRC_TGA, width, height);
-    break;
-  case 3:                       /* Grayscale image */
-    components = 1;
-    cinfo->in_color_space = JCS_GRAYSCALE;
-    if (source->pixel_size == 1)
-      source->get_pixel_rows = get_8bit_gray_row;
-    else
-      ERREXIT(cinfo, JERR_TGA_BADPARMS);
-    TRACEMS2(cinfo, 1, JTRC_TGA_GRAY, width, height);
-    break;
-  default:
-    ERREXIT(cinfo, JERR_TGA_BADPARMS);
-    break;
-  }
-
-  if (is_bottom_up) {
-    /* Create a virtual array to buffer the upside-down image. */
-    source->whole_image = (*cinfo->mem->request_virt_sarray)
-      ((j_common_ptr)cinfo, JPOOL_IMAGE, FALSE,
-       (JDIMENSION)width * components, (JDIMENSION)height, (JDIMENSION)1);
-    if (cinfo->progress != NULL) {
-      cd_progress_ptr progress = (cd_progress_ptr)cinfo->progress;
-      progress->total_extra_passes++; /* count file input as separate pass */
-    }
-    /* source->pub.buffer will point to the virtual array. */
-    source->pub.buffer_height = 1; /* in case anyone looks at it */
-    source->pub.get_pixel_rows = preload_image;
-  } else {
-    /* Don't need a virtual array, but do need a one-row input buffer. */
-    source->whole_image = NULL;
-    source->pub.buffer = (*cinfo->mem->alloc_sarray)
-      ((j_common_ptr)cinfo, JPOOL_IMAGE,
-       (JDIMENSION)width * components, (JDIMENSION)1);
-    source->pub.buffer_height = 1;
-    source->pub.get_pixel_rows = source->get_pixel_rows;
-  }
-
-  while (idlen--)               /* Throw away ID field */
-    (void)read_byte(source);
-
-  if (maplen > 0) {
-    if (maplen > 256 || GET_2B(3) != 0)
-      ERREXIT(cinfo, JERR_TGA_BADCMAP);
-    /* Allocate space to store the colormap */
-    source->colormap = (*cinfo->mem->alloc_sarray)
-      ((j_common_ptr)cinfo, JPOOL_IMAGE, (JDIMENSION)maplen, (JDIMENSION)3);
-    source->cmap_length = (int)maplen;
-    /* and read it from the file */
-    read_colormap(source, (int)maplen, UCH(targaheader[7]));
-  } else {
-    if (cmaptype)               /* but you promised a cmap! */
-      ERREXIT(cinfo, JERR_TGA_BADPARMS);
-    source->colormap = NULL;
-    source->cmap_length = 0;
-  }
-
-  cinfo->input_components = components;
-  cinfo->data_precision = 8;
-  cinfo->image_width = width;
-  cinfo->image_height = height;
-}
-
-
-/*
- * Finish up at the end of the file.
- */
-
-METHODDEF(void)
-finish_input_tga(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-{
-  /* no work */
-}
-
-
-/*
- * The module selection routine for Targa format input.
- */
-
-GLOBAL(cjpeg_source_ptr)
-jinit_read_targa(j_compress_ptr cinfo)
-{
-  tga_source_ptr source;
-
-  /* Create module interface object */
-  source = (tga_source_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(tga_source_struct));
-  source->cinfo = cinfo;        /* make back link for subroutines */
-  /* Fill in method ptrs, except get_pixel_rows which start_input sets */
-  source->pub.start_input = start_input_tga;
-  source->pub.finish_input = finish_input_tga;
-#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
-  source->pub.max_pixels = 0;
-#endif
-
-  return (cjpeg_source_ptr)source;
-}
-
-#endif /* TARGA_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/release/Config.cmake.in b/3rdparty/libjpeg-turbo_2_1_0/release/Config.cmake.in
deleted file mode 100644
index 0c1ba8a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/release/Config.cmake.in
+++ /dev/null
@@ -1,4 +0,0 @@
-@PACKAGE_INIT@
-
-include("${CMAKE_CURRENT_LIST_DIR}/@CMAKE_PROJECT_NAME@Targets.cmake")
-check_required_components("@CMAKE_PROJECT_NAME@")
diff --git a/3rdparty/libjpeg-turbo_2_1_0/release/Distribution.xml.in b/3rdparty/libjpeg-turbo_2_1_0/release/Distribution.xml.in
deleted file mode 100644
index e1f79ee..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/release/Distribution.xml.in
+++ /dev/null
@@ -1,24 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<installer-gui-script minSpecVersion="1">
-	<title>@CMAKE_PROJECT_NAME@</title>
-	<welcome file="Welcome.rtf" />
-	<readme file="ReadMe.txt" />
-	<license file="License.rtf" />
-	<domains
-		enable_anywhere="false"
-		enable_currentUserHome="false"
-		enable_localSystem="true"
-	/>
-	<options customize="never" />
-	<choices-outline>
-		<line choice="default">
-			<line choice="@PKGID@"/>
-		</line>
-	</choices-outline>
-	<choice id="default"/>
-	<choice id="@PKGID@" visible="false">
-		<pkg-ref id="@PKGID@"/>
-	</choice>
-	<pkg-ref auth="root"
-		id="@PKGID@">@PKGNAME@.pkg</pkg-ref>
-</installer-gui-script>
diff --git a/3rdparty/libjpeg-turbo_2_1_0/release/License.rtf b/3rdparty/libjpeg-turbo_2_1_0/release/License.rtf
deleted file mode 100644
index 5073a27..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/release/License.rtf
+++ /dev/null
@@ -1,20 +0,0 @@
-{\rtf1\ansi\ansicpg1252\cocoartf1038\cocoasubrtf350
-{\fonttbl\f0\fswiss\fcharset0 Helvetica;}
-{\colortbl;\red255\green255\blue255;}
-{\*\listtable{\list\listtemplateid1\listhybrid{\listlevel\levelnfc23\levelnfcn23\leveljc0\leveljcn0\levelfollow0\levelstartat1\levelspace360\levelindent0{\*\levelmarker \{disc\}}{\leveltext\leveltemplateid1\'01\uc0\u8226 ;}{\levelnumbers;}\fi-360\li720\lin720 }{\listname ;}\listid1}}
-{\*\listoverridetable{\listoverride\listid1\listoverridecount0\ls1}}
-\margl1440\margr1440\vieww9820\viewh8480\viewkind0
-\deftab720
-\pard\pardeftab720
-
-\f0\fs24 \cf0 Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:\
-\
-\pard\tx220\tx720\pardeftab720\li720\fi-720
-\ls1\ilvl0\cf0 {\listtext	\'95	}Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.\
-{\listtext	\'95	}Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.\
-{\listtext	\'95	}Neither the name of the libjpeg-turbo Project nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.\
-\pard\pardeftab720\qc
-\cf0 \
-\pard\pardeftab720
-\cf0 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS", AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;  LOSS OF USE, DATA, OR PROFITS;  OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\
-}
\ No newline at end of file
diff --git a/3rdparty/libjpeg-turbo_2_1_0/release/ReadMe.txt b/3rdparty/libjpeg-turbo_2_1_0/release/ReadMe.txt
deleted file mode 100644
index 446ce46..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/release/ReadMe.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-libjpeg-turbo is a JPEG image codec that uses SIMD instructions to accelerate baseline JPEG compression and decompression on x86, x86-64, Arm, PowerPC, and MIPS systems, as well as progressive JPEG compression on x86, x86-64, and Arm systems.  On such systems, libjpeg-turbo is generally 2-6x as fast as libjpeg, all else being equal.  On other types of systems, libjpeg-turbo can still outperform libjpeg by a significant amount, by virtue of its highly-optimized Huffman coding routines.  In many cases, the performance of libjpeg-turbo rivals that of proprietary high-speed JPEG codecs.
-
-libjpeg-turbo implements both the traditional libjpeg API as well as the less powerful but more straightforward TurboJPEG API.  libjpeg-turbo also features colorspace extensions that allow it to compress from/decompress to 32-bit and big-endian pixel buffers (RGBX, XBGR, etc.), as well as a full-featured Java interface.
-
-libjpeg-turbo was originally based on libjpeg/SIMD, an MMX-accelerated derivative of libjpeg v6b developed by Miyasaka Masaru.  The TigerVNC and VirtualGL projects made numerous enhancements to the codec in 2009, and in early 2010, libjpeg-turbo spun off into an independent project, with the goal of making high-speed JPEG compression/decompression technology available to a broader range of users and developers.
diff --git a/3rdparty/libjpeg-turbo_2_1_0/release/Welcome.rtf.in b/3rdparty/libjpeg-turbo_2_1_0/release/Welcome.rtf.in
deleted file mode 100644
index 6bec24d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/release/Welcome.rtf.in
+++ /dev/null
@@ -1,17 +0,0 @@
-{\rtf1\ansi\ansicpg1252\cocoartf1038\cocoasubrtf360
-{\fonttbl\f0\fswiss\fcharset0 Helvetica;\f1\fmodern\fcharset0 CourierNewPSMT;}
-{\colortbl;\red255\green255\blue255;}
-\margl1440\margr1440\vieww9000\viewh8400\viewkind0
-\deftab720
-\pard\pardeftab720\ql\qnatural
-
-\f0\fs24 \cf0 This installer will install the libjpeg-turbo SDK and run-time libraries onto your computer so that you can use libjpeg-turbo to build new applications or accelerate existing ones.  To remove the libjpeg-turbo package, run\
-\
-\pard\pardeftab720\ql\qnatural
-
-\f1 \cf0   @CMAKE_INSTALL_FULL_BINDIR@/uninstall\
-\pard\pardeftab720\ql\qnatural
-
-\f0 \cf0 \
-from the command line.\
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/release/deb-control.in b/3rdparty/libjpeg-turbo_2_1_0/release/deb-control.in
deleted file mode 100644
index 72bceec..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/release/deb-control.in
+++ /dev/null
@@ -1,31 +0,0 @@
-Package: {__PKGNAME}
-Version: @VERSION@-@BUILD@
-Section: misc
-Priority: optional
-Architecture: {__ARCH}
-Essential: no
-Maintainer: @PKGVENDOR@ <@PKGEMAIL@>
-Homepage: @PKGURL@
-Installed-Size: {__SIZE}
-Description: A SIMD-accelerated JPEG codec that provides both the libjpeg and TurboJPEG APIs
- libjpeg-turbo is a JPEG image codec that uses SIMD instructions to accelerate
- baseline JPEG compression and decompression on x86, x86-64, Arm, PowerPC, and
- MIPS systems, as well as progressive JPEG compression on x86, x86-64, and
- Arm systems.  On such systems, libjpeg-turbo is generally 2-6x as fast as
- libjpeg, all else being equal.  On other types of systems, libjpeg-turbo can
- still outperform libjpeg by a significant amount, by virtue of its
- highly-optimized Huffman coding routines.  In many cases, the performance of
- libjpeg-turbo rivals that of proprietary high-speed JPEG codecs.
- .
- libjpeg-turbo implements both the traditional libjpeg API as well as the less
- powerful but more straightforward TurboJPEG API.  libjpeg-turbo also features
- colorspace extensions that allow it to compress from/decompress to 32-bit and
- big-endian pixel buffers (RGBX, XBGR, etc.), as well as a full-featured Java
- interface.
- .
- libjpeg-turbo was originally based on libjpeg/SIMD, an MMX-accelerated
- derivative of libjpeg v6b developed by Miyasaka Masaru.  The TigerVNC and
- VirtualGL projects made numerous enhancements to the codec in 2009, and in
- early 2010, libjpeg-turbo spun off into an independent project, with the goal
- of making high-speed JPEG compression/decompression technology available to a
- broader range of users and developers.
diff --git a/3rdparty/libjpeg-turbo_2_1_0/release/installer.nsi.in b/3rdparty/libjpeg-turbo_2_1_0/release/installer.nsi.in
deleted file mode 100644
index 65db63d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/release/installer.nsi.in
+++ /dev/null
@@ -1,202 +0,0 @@
-!include x64.nsh
-Name "@CMAKE_PROJECT_NAME@ SDK for @INST_PLATFORM@"
-OutFile "@CMAKE_CURRENT_BINARY_DIR@\${BUILDDIR}@INST_NAME@.exe"
-InstallDir "@INST_DIR@"
-
-SetCompressor bzip2
-
-Page directory
-Page instfiles
-
-UninstPage uninstConfirm
-UninstPage instfiles
-
-Section "@CMAKE_PROJECT_NAME@ SDK for @INST_PLATFORM@ (required)"
-!ifdef WIN64
-	${If} ${RunningX64}
-	${DisableX64FSRedirection}
-	${Endif}
-!endif
-	SectionIn RO
-!ifdef GCC
-	IfFileExists $SYSDIR/libturbojpeg.dll exists 0
-!else
-	IfFileExists $SYSDIR/turbojpeg.dll exists 0
-!endif
-	goto notexists
-	exists:
-!ifdef GCC
-	MessageBox MB_OK "An existing version of the @CMAKE_PROJECT_NAME@ SDK for @INST_PLATFORM@ is already installed.  Please uninstall it first."
-!else
-	MessageBox MB_OK "An existing version of the @CMAKE_PROJECT_NAME@ SDK for @INST_PLATFORM@ or the TurboJPEG SDK is already installed.  Please uninstall it first."
-!endif
-	quit
-
-	notexists:
-	SetOutPath $SYSDIR
-!ifdef GCC
-	File "@CMAKE_CURRENT_BINARY_DIR@\libturbojpeg.dll"
-!else
-	File "@CMAKE_CURRENT_BINARY_DIR@\${BUILDDIR}turbojpeg.dll"
-!endif
-	SetOutPath $INSTDIR\bin
-!ifdef GCC
-	File "@CMAKE_CURRENT_BINARY_DIR@\libturbojpeg.dll"
-!else
-	File "@CMAKE_CURRENT_BINARY_DIR@\${BUILDDIR}turbojpeg.dll"
-!endif
-!ifdef GCC
-	File "@CMAKE_CURRENT_BINARY_DIR@\libjpeg-@SO_MAJOR_VERSION@.dll"
-!else
-	File "@CMAKE_CURRENT_BINARY_DIR@\${BUILDDIR}jpeg@SO_MAJOR_VERSION@.dll"
-!endif
-	File "@CMAKE_CURRENT_BINARY_DIR@\${BUILDDIR}cjpeg.exe"
-	File "@CMAKE_CURRENT_BINARY_DIR@\${BUILDDIR}djpeg.exe"
-	File "@CMAKE_CURRENT_BINARY_DIR@\${BUILDDIR}jpegtran.exe"
-	File "@CMAKE_CURRENT_BINARY_DIR@\${BUILDDIR}tjbench.exe"
-	File "@CMAKE_CURRENT_BINARY_DIR@\${BUILDDIR}rdjpgcom.exe"
-	File "@CMAKE_CURRENT_BINARY_DIR@\${BUILDDIR}wrjpgcom.exe"
-	SetOutPath $INSTDIR\lib
-!ifdef GCC
-	File "@CMAKE_CURRENT_BINARY_DIR@\libturbojpeg.dll.a"
-	File "@CMAKE_CURRENT_BINARY_DIR@\libturbojpeg.a"
-	File "@CMAKE_CURRENT_BINARY_DIR@\libjpeg.dll.a"
-	File "@CMAKE_CURRENT_BINARY_DIR@\libjpeg.a"
-!else
-	File "@CMAKE_CURRENT_BINARY_DIR@\${BUILDDIR}turbojpeg.lib"
-	File "@CMAKE_CURRENT_BINARY_DIR@\${BUILDDIR}turbojpeg-static.lib"
-	File "@CMAKE_CURRENT_BINARY_DIR@\${BUILDDIR}jpeg.lib"
-	File "@CMAKE_CURRENT_BINARY_DIR@\${BUILDDIR}jpeg-static.lib"
-!endif
-	SetOutPath $INSTDIR\lib\pkgconfig
-	File "@CMAKE_CURRENT_BINARY_DIR@\pkgscripts\libjpeg.pc"
-	File "@CMAKE_CURRENT_BINARY_DIR@\pkgscripts\libturbojpeg.pc"
-	SetOutPath $INSTDIR\lib\cmake\@CMAKE_PROJECT_NAME@
-	File "@CMAKE_CURRENT_BINARY_DIR@\pkgscripts\@CMAKE_PROJECT_NAME@Config.cmake"
-	File "@CMAKE_CURRENT_BINARY_DIR@\pkgscripts\@CMAKE_PROJECT_NAME@ConfigVersion.cmake"
-	File "@CMAKE_CURRENT_BINARY_DIR@\win\@CMAKE_PROJECT_NAME@Targets.cmake"
-	File "@CMAKE_CURRENT_BINARY_DIR@\win\@CMAKE_PROJECT_NAME@Targets-release.cmake"
-!ifdef JAVA
-	SetOutPath $INSTDIR\classes
-	File "@CMAKE_CURRENT_BINARY_DIR@\java\turbojpeg.jar"
-!endif
-	SetOutPath $INSTDIR\include
-	File "@CMAKE_CURRENT_BINARY_DIR@\jconfig.h"
-	File "@CMAKE_CURRENT_SOURCE_DIR@\jerror.h"
-	File "@CMAKE_CURRENT_SOURCE_DIR@\jmorecfg.h"
-	File "@CMAKE_CURRENT_SOURCE_DIR@\jpeglib.h"
-	File "@CMAKE_CURRENT_SOURCE_DIR@\turbojpeg.h"
-	SetOutPath $INSTDIR\doc
-	File "@CMAKE_CURRENT_SOURCE_DIR@\README.ijg"
-	File "@CMAKE_CURRENT_SOURCE_DIR@\README.md"
-	File "@CMAKE_CURRENT_SOURCE_DIR@\LICENSE.md"
-	File "@CMAKE_CURRENT_SOURCE_DIR@\example.txt"
-	File "@CMAKE_CURRENT_SOURCE_DIR@\libjpeg.txt"
-	File "@CMAKE_CURRENT_SOURCE_DIR@\structure.txt"
-	File "@CMAKE_CURRENT_SOURCE_DIR@\usage.txt"
-	File "@CMAKE_CURRENT_SOURCE_DIR@\wizard.txt"
-	File "@CMAKE_CURRENT_SOURCE_DIR@\tjexample.c"
-	File "@CMAKE_CURRENT_SOURCE_DIR@\java\TJExample.java"
-!ifdef GCC
-	SetOutPath $INSTDIR\man\man1
-	File "@CMAKE_CURRENT_SOURCE_DIR@\cjpeg.1"
-	File "@CMAKE_CURRENT_SOURCE_DIR@\djpeg.1"
-	File "@CMAKE_CURRENT_SOURCE_DIR@\jpegtran.1"
-	File "@CMAKE_CURRENT_SOURCE_DIR@\rdjpgcom.1"
-	File "@CMAKE_CURRENT_SOURCE_DIR@\wrjpgcom.1"
-!endif
-
-	WriteRegStr HKLM "SOFTWARE\@INST_REG_NAME@ @VERSION@" "Install_Dir" "$INSTDIR"
-
-	WriteRegStr HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\@INST_REG_NAME@ @VERSION@" "DisplayName" "@CMAKE_PROJECT_NAME@ SDK v@VERSION@ for @INST_PLATFORM@"
-	WriteRegStr HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\@INST_REG_NAME@ @VERSION@" "UninstallString" '"$INSTDIR\uninstall_@VERSION@.exe"'
-	WriteRegDWORD HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\@INST_REG_NAME@ @VERSION@" "NoModify" 1
-	WriteRegDWORD HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\@INST_REG_NAME@ @VERSION@" "NoRepair" 1
-	WriteUninstaller "uninstall_@VERSION@.exe"
-SectionEnd
-
-Section "Uninstall"
-!ifdef WIN64
-	${If} ${RunningX64}
-	${DisableX64FSRedirection}
-	${Endif}
-!endif
-
-	SetShellVarContext all
-
-	DeleteRegKey HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\@INST_REG_NAME@ @VERSION@"
-	DeleteRegKey HKLM "SOFTWARE\@INST_REG_NAME@ @VERSION@"
-
-!ifdef GCC
-	Delete $INSTDIR\bin\libjpeg-@SO_MAJOR_VERSION@.dll
-	Delete $INSTDIR\bin\libturbojpeg.dll
-	Delete $SYSDIR\libturbojpeg.dll
-	Delete $INSTDIR\lib\libturbojpeg.dll.a
-	Delete $INSTDIR\lib\libturbojpeg.a
-	Delete $INSTDIR\lib\libjpeg.dll.a
-	Delete $INSTDIR\lib\libjpeg.a
-!else
-	Delete $INSTDIR\bin\jpeg@SO_MAJOR_VERSION@.dll
-	Delete $INSTDIR\bin\turbojpeg.dll
-	Delete $SYSDIR\turbojpeg.dll
-	Delete $INSTDIR\lib\jpeg.lib
-	Delete $INSTDIR\lib\jpeg-static.lib
-	Delete $INSTDIR\lib\turbojpeg.lib
-	Delete $INSTDIR\lib\turbojpeg-static.lib
-!endif
-	Delete $INSTDIR\lib\pkgconfig\libjpeg.pc
-	Delete $INSTDIR\lib\pkgconfig\libturbojpeg.pc
-	Delete $INSTDIR\lib\cmake\@CMAKE_PROJECT_NAME@\@CMAKE_PROJECT_NAME@Config.cmake
-	Delete $INSTDIR\lib\cmake\@CMAKE_PROJECT_NAME@\@CMAKE_PROJECT_NAME@ConfigVersion.cmake
-	Delete $INSTDIR\lib\cmake\@CMAKE_PROJECT_NAME@\@CMAKE_PROJECT_NAME@Targets.cmake
-	Delete $INSTDIR\lib\cmake\@CMAKE_PROJECT_NAME@\@CMAKE_PROJECT_NAME@Targets-release.cmake
-!ifdef JAVA
-	Delete $INSTDIR\classes\turbojpeg.jar
-!endif
-	Delete $INSTDIR\bin\cjpeg.exe
-	Delete $INSTDIR\bin\djpeg.exe
-	Delete $INSTDIR\bin\jpegtran.exe
-	Delete $INSTDIR\bin\tjbench.exe
-	Delete $INSTDIR\bin\rdjpgcom.exe
-	Delete $INSTDIR\bin\wrjpgcom.exe
-	Delete $INSTDIR\include\jconfig.h
-	Delete $INSTDIR\include\jerror.h
-	Delete $INSTDIR\include\jmorecfg.h
-	Delete $INSTDIR\include\jpeglib.h
-	Delete $INSTDIR\include\turbojpeg.h
-	Delete $INSTDIR\uninstall_@VERSION@.exe
-	Delete $INSTDIR\doc\README.ijg
-	Delete $INSTDIR\doc\README.md
-	Delete $INSTDIR\doc\LICENSE.md
-	Delete $INSTDIR\doc\example.txt
-	Delete $INSTDIR\doc\libjpeg.txt
-	Delete $INSTDIR\doc\structure.txt
-	Delete $INSTDIR\doc\usage.txt
-	Delete $INSTDIR\doc\wizard.txt
-	Delete $INSTDIR\doc\tjexample.c
-	Delete $INSTDIR\doc\TJExample.java
-!ifdef GCC
-	Delete $INSTDIR\man\man1\cjpeg.1
-	Delete $INSTDIR\man\man1\djpeg.1
-	Delete $INSTDIR\man\man1\jpegtran.1
-	Delete $INSTDIR\man\man1\rdjpgcom.1
-	Delete $INSTDIR\man\man1\wrjpgcom.1
-!endif
-
-	RMDir "$INSTDIR\include"
-	RMDir "$INSTDIR\lib\pkgconfig"
-	RMDir "$INSTDIR\lib\cmake\@CMAKE_PROJECT_NAME@"
-	RMDir "$INSTDIR\lib\cmake"
-	RMDir "$INSTDIR\lib"
-	RMDir "$INSTDIR\doc"
-!ifdef GCC
-	RMDir "$INSTDIR\man\man1"
-	RMDir "$INSTDIR\man"
-!endif
-!ifdef JAVA
-	RMDir "$INSTDIR\classes"
-!endif
-	RMDir "$INSTDIR\bin"
-	RMDir "$INSTDIR"
-
-SectionEnd
diff --git a/3rdparty/libjpeg-turbo_2_1_0/release/libjpeg.pc.in b/3rdparty/libjpeg-turbo_2_1_0/release/libjpeg.pc.in
deleted file mode 100644
index 74fb7fc..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/release/libjpeg.pc.in
+++ /dev/null
@@ -1,10 +0,0 @@
-prefix=@CMAKE_INSTALL_PREFIX@
-exec_prefix=@CMAKE_INSTALL_PREFIX@
-libdir=@CMAKE_INSTALL_FULL_LIBDIR@
-includedir=@CMAKE_INSTALL_FULL_INCLUDEDIR@
-
-Name: libjpeg
-Description: A SIMD-accelerated JPEG codec that provides the libjpeg API
-Version: @VERSION@
-Libs: -L${libdir} -ljpeg
-Cflags: -I${includedir}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/release/libturbojpeg.pc.in b/3rdparty/libjpeg-turbo_2_1_0/release/libturbojpeg.pc.in
deleted file mode 100644
index 81a0063..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/release/libturbojpeg.pc.in
+++ /dev/null
@@ -1,10 +0,0 @@
-prefix=@CMAKE_INSTALL_PREFIX@
-exec_prefix=@CMAKE_INSTALL_PREFIX@
-libdir=@CMAKE_INSTALL_FULL_LIBDIR@
-includedir=@CMAKE_INSTALL_FULL_INCLUDEDIR@
-
-Name: libturbojpeg
-Description: A SIMD-accelerated JPEG codec that provides the TurboJPEG API
-Version: @VERSION@
-Libs: -L${libdir} -lturbojpeg
-Cflags: -I${includedir}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/release/makedpkg.in b/3rdparty/libjpeg-turbo_2_1_0/release/makedpkg.in
deleted file mode 100644
index 0b7b7e7..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/release/makedpkg.in
+++ /dev/null
@@ -1,121 +0,0 @@
-#!/bin/sh
-
-set -u
-set -e
-trap onexit INT
-trap onexit TERM
-trap onexit EXIT
-
-TMPDIR=
-SUDO=
-
-onexit()
-{
-	if [ ! "$TMPDIR" = "" ]; then
-		$SUDO rm -rf $TMPDIR
-	fi
-}
-
-uid()
-{
-	id | cut -f2 -d = | cut -f1 -d \(;
-}
-
-safedirmove ()
-{
-	if [ "$1" = "$2" ]; then
-		return 0
-	fi
-	if [ "$1" = "" -o ! -d "$1" ]; then
-		echo safedirmove: source dir $1 is not valid
-		return 1
-	fi
-	if [ "$2" = "" -o -e "$2" ]; then
-		echo safedirmove: dest dir $2 is not valid
-		return 1
-	fi
-	if [ "$3" = "" -o -e "$3" ]; then
-		echo safedirmove: tmp dir $3 is not valid
-		return 1
-	fi
-	mkdir -p $3
-	mv $1/* $3/
-	rmdir $1
-	mkdir -p $2
-	mv $3/* $2/
-	rmdir $3
-	return 0
-}
-
-makedeb()
-{
-	SUPPLEMENT=$1
-	DIRNAME=$PKGNAME
-
-	if [ $SUPPLEMENT = 1 ]; then
-		PKGNAME=$PKGNAME\32
-		if [ "$DEBARCH" = "i386" ]; then
-			DEBARCH=amd64
-		else
-			DEBARCH=arm64
-		fi
-	fi
-
-	umask 022
-	rm -f $PKGNAME\_$VERSION\_$DEBARCH.deb
-	TMPDIR=`mktemp -d /tmp/$PKGNAME-build.XXXXXX`
-	mkdir $TMPDIR/DEBIAN
-
-	if [ $SUPPLEMENT = 1 ]; then
-		DESTDIR=$TMPDIR @CMAKE_MAKE_PROGRAM@ install
-		rm -rf $TMPDIR$BINDIR
-		if [ "$DATAROOTDIR" != "$PREFIX" ]; then
-			rm -rf $TMPDIR$DATAROOTDIR
-		fi
-		if [ "$JAVADIR" != "" ]; then
-			rm -rf $TMPDIR$JAVADIR
-		fi
-		rm -rf $TMPDIR$DOCDIR
-		rm -rf $TMPDIR$INCLUDEDIR
-		rm -rf $TMPDIR$MANDIR
-	else
-		DESTDIR=$TMPDIR @CMAKE_MAKE_PROGRAM@ install
-		if [ "$PREFIX" = "@CMAKE_INSTALL_DEFAULT_PREFIX@" -a "$DOCDIR" = "@CMAKE_INSTALL_DEFAULT_PREFIX@/doc" ]; then
-			safedirmove $TMPDIR/$DOCDIR $TMPDIR/usr/share/doc/$PKGNAME-$VERSION $TMPDIR/__tmpdoc
-			ln -fs /usr/share/doc/$DIRNAME-$VERSION $TMPDIR$DOCDIR
-		fi
-	fi
-
-	SIZE=`du -s $TMPDIR | cut -f1`
-	(cat pkgscripts/deb-control | sed s/{__PKGNAME}/$PKGNAME/g \
-		| sed s/{__ARCH}/$DEBARCH/g | sed s/{__SIZE}/$SIZE/g \
-		> $TMPDIR/DEBIAN/control)
-
-	/sbin/ldconfig -n $TMPDIR$LIBDIR
-
-	$SUDO chown -Rh root:root $TMPDIR/*
-	dpkg -b $TMPDIR $PKGNAME\_$VERSION\_$DEBARCH.deb
-}
-
-PKGNAME=@PKGNAME@
-VERSION=@VERSION@
-DEBARCH=@DEBARCH@
-PREFIX=@CMAKE_INSTALL_PREFIX@
-BINDIR=@CMAKE_INSTALL_FULL_BINDIR@
-DATAROOTDIR=@CMAKE_INSTALL_FULL_DATAROOTDIR@
-DOCDIR=@CMAKE_INSTALL_FULL_DOCDIR@
-INCLUDEDIR=@CMAKE_INSTALL_FULL_INCLUDEDIR@
-JAVADIR=@CMAKE_INSTALL_FULL_JAVADIR@
-LIBDIR=@CMAKE_INSTALL_FULL_LIBDIR@
-MANDIR=@CMAKE_INSTALL_FULL_MANDIR@
-
-if [ ! `uid` -eq 0 ]; then
-	SUDO=sudo
-fi
-
-makedeb 0
-if [ "$DEBARCH" = "i386" -o "$DEBARCH" = "armel" -o "$DEBARCH" = "armhf" ]; then
-	makedeb 1
-fi
-
-exit
diff --git a/3rdparty/libjpeg-turbo_2_1_0/release/makemacpkg.in b/3rdparty/libjpeg-turbo_2_1_0/release/makemacpkg.in
deleted file mode 100644
index c87d339..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/release/makemacpkg.in
+++ /dev/null
@@ -1,207 +0,0 @@
-#!/bin/sh
-
-set -u
-set -e
-trap onexit INT
-trap onexit TERM
-trap onexit EXIT
-
-TMPDIR=
-
-onexit()
-{
-	if [ ! "$TMPDIR" = "" ]; then
-		rm -rf $TMPDIR
-	fi
-}
-
-safedirmove ()
-{
-	if [ "$1" = "$2" ]; then
-		return 0
-	fi
-	if [ "$1" = "" -o ! -d "$1" ]; then
-		echo safedirmove: source dir $1 is not valid
-		return 1
-	fi
-	if [ "$2" = "" -o -e "$2" ]; then
-		echo safedirmove: dest dir $2 is not valid
-		return 1
-	fi
-	if [ "$3" = "" -o -e "$3" ]; then
-		echo safedirmove: tmp dir $3 is not valid
-		return 1
-	fi
-	mkdir -p $3
-	mv $1/* $3/
-	rmdir $1
-	mkdir -p $2
-	mv $3/* $2/
-	rmdir $3
-	return 0
-}
-
-usage()
-{
-	echo "$0 [-lipo [path to lipo]]"
-	exit 1
-}
-
-PKGNAME=@PKGNAME@
-VERSION=@VERSION@
-BUILD=@BUILD@
-SRCDIR=@CMAKE_CURRENT_SOURCE_DIR@
-BUILDDIRARMV8=@ARMV8_BUILD@
-WITH_JAVA=@WITH_JAVA@
-MACOS_APP_CERT_NAME="@MACOS_APP_CERT_NAME@"
-MACOS_INST_CERT_NAME="@MACOS_INST_CERT_NAME@"
-LIPO=lipo
-
-PREFIX=@CMAKE_INSTALL_PREFIX@
-BINDIR=@CMAKE_INSTALL_FULL_BINDIR@
-DOCDIR=@CMAKE_INSTALL_FULL_DOCDIR@
-LIBDIR=@CMAKE_INSTALL_FULL_LIBDIR@
-
-LIBJPEG_DSO_NAME=libjpeg.@SO_MAJOR_VERSION@.@SO_AGE@.@SO_MINOR_VERSION@.dylib
-TURBOJPEG_DSO_NAME=libturbojpeg.@TURBOJPEG_SO_VERSION@.dylib
-
-while [ $# -gt 0 ]; do
-	case $1 in
-	-h*)
-		usage 0
-		;;
-	-lipo)
-		if [ $# -gt 1 ]; then
-			if [[ ! "$2" =~ -.* ]]; then
-				LIPO=$2;  shift
-			fi
-		fi
-		;;
-	esac
-	shift
-done
-
-if [ -f $PKGNAME-$VERSION.dmg ]; then
-	rm -f $PKGNAME-$VERSION.dmg
-fi
-
-umask 022
-TMPDIR=`mktemp -d /tmp/$PKGNAME-build.XXXXXX`
-PKGROOT=$TMPDIR/pkg/Package_Root
-mkdir -p $PKGROOT
-
-DESTDIR=$PKGROOT @CMAKE_MAKE_PROGRAM@ install
-
-if [ "$PREFIX" = "@CMAKE_INSTALL_DEFAULT_PREFIX@" -a "$DOCDIR" = "@CMAKE_INSTALL_DEFAULT_PREFIX@/doc" ]; then
-	mkdir -p $PKGROOT/Library/Documentation
-	safedirmove $PKGROOT$DOCDIR $PKGROOT/Library/Documentation/$PKGNAME $TMPDIR/__tmpdoc
-	ln -fs /Library/Documentation/$PKGNAME $PKGROOT$DOCDIR
-fi
-
-install_subbuild()
-{
-	BUILDDIR=$1
-	ARCHNAME=$2
-	DIRNAME=$3
-	LIPOARCH=$4
-
-	if [ ! -d $BUILDDIR ]; then
-		echo ERROR: $ARCHNAME build directory $BUILDDIR does not exist
-		exit 1
-	fi
-	if [ ! -f $BUILDDIR/Makefile -a ! -f $BUILDDIR/build.ninja ]; then
-		echo ERROR: $ARCHNAME build directory $BUILDDIR is not configured
-		exit 1
-	fi
-	mkdir -p $TMPDIR/dist.$DIRNAME
-	pushd $BUILDDIR
-	DESTDIR=$TMPDIR/dist.$DIRNAME @CMAKE_MAKE_PROGRAM@ install
-	popd
-	$LIPO -create \
-		$PKGROOT/$LIBDIR/$LIBJPEG_DSO_NAME \
-		-arch $LIPOARCH $TMPDIR/dist.$DIRNAME/$LIBDIR/$LIBJPEG_DSO_NAME \
-		-output $PKGROOT/$LIBDIR/$LIBJPEG_DSO_NAME
-	$LIPO -create \
-		$PKGROOT/$LIBDIR/libjpeg.a \
-		-arch $LIPOARCH $TMPDIR/dist.$DIRNAME/$LIBDIR/libjpeg.a \
-		-output $PKGROOT/$LIBDIR/libjpeg.a
-	$LIPO -create \
-		$PKGROOT/$LIBDIR/$TURBOJPEG_DSO_NAME \
-		-arch $LIPOARCH $TMPDIR/dist.$DIRNAME/$LIBDIR/$TURBOJPEG_DSO_NAME \
-		-output $PKGROOT/$LIBDIR/$TURBOJPEG_DSO_NAME
-	$LIPO -create \
-		$PKGROOT/$LIBDIR/libturbojpeg.a \
-		-arch $LIPOARCH $TMPDIR/dist.$DIRNAME/$LIBDIR/libturbojpeg.a \
-		-output $PKGROOT/$LIBDIR/libturbojpeg.a
-	$LIPO -create \
-		$PKGROOT/$BINDIR/cjpeg \
-		-arch $LIPOARCH $TMPDIR/dist.$DIRNAME/$BINDIR/cjpeg \
-		-output $PKGROOT/$BINDIR/cjpeg
-	$LIPO -create \
-		$PKGROOT/$BINDIR/djpeg \
-		-arch $LIPOARCH $TMPDIR/dist.$DIRNAME/$BINDIR/djpeg \
-		-output $PKGROOT/$BINDIR/djpeg
-	$LIPO -create \
-		$PKGROOT/$BINDIR/jpegtran \
-		-arch $LIPOARCH $TMPDIR/dist.$DIRNAME/$BINDIR/jpegtran \
-		-output $PKGROOT/$BINDIR/jpegtran
-	$LIPO -create \
-		$PKGROOT/$BINDIR/tjbench \
-		-arch $LIPOARCH $TMPDIR/dist.$DIRNAME/$BINDIR/tjbench \
-		-output $PKGROOT/$BINDIR/tjbench
-	$LIPO -create \
-		$PKGROOT/$BINDIR/rdjpgcom \
-		-arch $LIPOARCH $TMPDIR/dist.$DIRNAME/$BINDIR/rdjpgcom \
-		-output $PKGROOT/$BINDIR/rdjpgcom
-	$LIPO -create \
-		$PKGROOT/$BINDIR/wrjpgcom \
-		-arch $LIPOARCH $TMPDIR/dist.$DIRNAME/$BINDIR/wrjpgcom \
-		-output $PKGROOT/$BINDIR/wrjpgcom
-}
-
-if [ "$BUILDDIRARMV8" != "" ]; then
-	install_subbuild $BUILDDIRARMV8 Armv8 armv8 arm64
-fi
-
-install_name_tool -id $LIBDIR/$LIBJPEG_DSO_NAME $PKGROOT/$LIBDIR/$LIBJPEG_DSO_NAME
-install_name_tool -id $LIBDIR/$TURBOJPEG_DSO_NAME $PKGROOT/$LIBDIR/$TURBOJPEG_DSO_NAME
-
-if [ "$PREFIX" = "@CMAKE_INSTALL_DEFAULT_PREFIX@" -a "$LIBDIR" = "@CMAKE_INSTALL_DEFAULT_PREFIX@/lib" ]; then
-	if [ ! -h $PKGROOT/$PREFIX/lib64 ]; then
-		ln -fs lib $PKGROOT/$PREFIX/lib64
-	fi
-fi
-
-mkdir -p $TMPDIR/pkg
-
-install -m 755 pkgscripts/uninstall $PKGROOT/$BINDIR/
-
-find $PKGROOT -type f | while read file; do xattr -c $file; done
-
-cp $SRCDIR/release/License.rtf pkgscripts/Welcome.rtf $SRCDIR/release/ReadMe.txt $TMPDIR/pkg/
-
-mkdir $TMPDIR/dmg
-pkgbuild --root $PKGROOT --version $VERSION.$BUILD --identifier @PKGID@ \
-	$TMPDIR/pkg/$PKGNAME.pkg
-SUFFIX=
-if [ "$MACOS_INST_CERT_NAME" != "" ]; then
-	SUFFIX=-unsigned
-fi
-productbuild --distribution pkgscripts/Distribution.xml \
-	--package-path $TMPDIR/pkg/ --resources $TMPDIR/pkg/ \
-	$TMPDIR/dmg/$PKGNAME$SUFFIX.pkg
-if [ "$MACOS_INST_CERT_NAME" != "" ]; then
-	productsign --sign "$MACOS_INST_CERT_NAME" --timestamp \
-		$TMPDIR/dmg/$PKGNAME$SUFFIX.pkg $TMPDIR/dmg/$PKGNAME.pkg
-	rm -r $TMPDIR/dmg/$PKGNAME$SUFFIX.pkg
-	pkgutil --check-signature $TMPDIR/dmg/$PKGNAME.pkg
-fi
-hdiutil create -fs HFS+ -volname $PKGNAME-$VERSION \
-	-srcfolder "$TMPDIR/dmg" $TMPDIR/$PKGNAME-$VERSION.dmg
-if [ "$MACOS_APP_CERT_NAME" != "" ]; then
-	codesign -s "$MACOS_APP_CERT_NAME" --timestamp $TMPDIR/$PKGNAME-$VERSION.dmg
-	codesign -vv $TMPDIR/$PKGNAME-$VERSION.dmg
-fi
-cp $TMPDIR/$PKGNAME-$VERSION.dmg .
-
-exit
diff --git a/3rdparty/libjpeg-turbo_2_1_0/release/makerpm.in b/3rdparty/libjpeg-turbo_2_1_0/release/makerpm.in
deleted file mode 100644
index fc3b1d4..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/release/makerpm.in
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/sh
-
-set -u
-set -e
-trap onexit INT
-trap onexit TERM
-trap onexit EXIT
-
-TMPDIR=
-
-onexit()
-{
-	if [ ! "$TMPDIR" = "" ]; then
-		rm -rf $TMPDIR
-	fi
-}
-
-if [ -f @PKGNAME@-@VERSION@.@RPMARCH@.rpm ]; then
-	rm -f @PKGNAME@-@VERSION@.@RPMARCH@.rpm
-fi
-
-umask 022
-TMPDIR=`mktemp -d /tmp/@CMAKE_PROJECT_NAME@-build.XXXXXX`
-
-mkdir -p $TMPDIR/RPMS
-ln -fs `pwd` $TMPDIR/BUILD
-rpmbuild -bb --define "_blddir $TMPDIR/buildroot" --define "_topdir $TMPDIR" \
-	--target @RPMARCH@ pkgscripts/rpm.spec; \
-cp $TMPDIR/RPMS/@RPMARCH@/@PKGNAME@-@VERSION@-@BUILD@.@RPMARCH@.rpm \
-	@PKGNAME@-@VERSION@.@RPMARCH@.rpm
diff --git a/3rdparty/libjpeg-turbo_2_1_0/release/makesrpm.in b/3rdparty/libjpeg-turbo_2_1_0/release/makesrpm.in
deleted file mode 100644
index 84c39d4..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/release/makesrpm.in
+++ /dev/null
@@ -1,48 +0,0 @@
-#!/bin/sh
-
-set -u
-set -e
-trap onexit INT
-trap onexit TERM
-trap onexit EXIT
-
-TMPDIR=
-
-onexit()
-{
-	if [ ! "$TMPDIR" = "" ]; then
-		rm -rf $TMPDIR
-	fi
-}
-
-PKGNAME=@PKGNAME@
-PROJECT=@CMAKE_PROJECT_NAME@
-VERSION=@VERSION@
-BUILD=@BUILD@
-
-if [ -f $PKGNAME-$VERSION.src.rpm ]; then
-	rm -f $PKGNAME-$VERSION.src.rpm
-fi
-
-umask 022
-TMPDIR=`mktemp -d /tmp/$PKGNAME-build.XXXXXX`
-
-mkdir -p $TMPDIR/RPMS
-mkdir -p $TMPDIR/SRPMS
-mkdir -p $TMPDIR/BUILD
-mkdir -p $TMPDIR/SOURCES
-mkdir -p $TMPDIR/SPECS
-
-if [ ! -f $PROJECT-$VERSION.tar.gz ]; then
-	echo "ERROR: $PROJECT-$VERSION.tar.gz does not exist."
-fi
-
-cp $PROJECT-$VERSION.tar.gz $TMPDIR/SOURCES/$PROJECT-$VERSION.tar.gz
-
-cat pkgscripts/rpm.spec | sed s/%{_blddir}/%{_tmppath}/g \
-	| sed s/#--\>//g > $TMPDIR/SPECS/$PKGNAME.spec
-
-rpmbuild -bs --define "_topdir $TMPDIR" $TMPDIR/SPECS/$PKGNAME.spec
-mv $TMPDIR/SRPMS/$PKGNAME-$VERSION-$BUILD.src.rpm $PKGNAME-$VERSION.src.rpm
-
-exit
diff --git a/3rdparty/libjpeg-turbo_2_1_0/release/maketarball.in b/3rdparty/libjpeg-turbo_2_1_0/release/maketarball.in
deleted file mode 100644
index e2bbe66..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/release/maketarball.in
+++ /dev/null
@@ -1,51 +0,0 @@
-#!/bin/sh
-
-set -u
-set -e
-trap onexit INT
-trap onexit TERM
-trap onexit EXIT
-
-TMPDIR=
-SUDO=
-
-onexit()
-{
-	if [ ! "$TMPDIR" = "" ]; then
-		rm -rf $TMPDIR
-	fi
-}
-
-uid()
-{
-	id | cut -f2 -d = | cut -f1 -d \(;
-}
-
-PKGNAME=@PKGNAME@
-VERSION=@VERSION@
-ARCH=@CPU_TYPE@
-OS=@CMAKE_SYSTEM_NAME@
-PREFIX=@CMAKE_INSTALL_PREFIX@
-
-umask 022
-rm -f $PKGNAME-$VERSION-$OS-$ARCH.tar.bz2
-TMPDIR=`mktemp -d /tmp/$PKGNAME-build.XXXXXX`
-mkdir -p $TMPDIR/install
-
-DESTDIR=$TMPDIR/install @CMAKE_MAKE_PROGRAM@ install
-echo tartest >$TMPDIR/tartest
-GNUTAR=0
-BSDTAR=0
-tar cf $TMPDIR/tartest.tar --owner=root --group=root -C $TMPDIR tartest >/dev/null 2>&1 && GNUTAR=1
-if [ "$GNUTAR" = "1" ]; then
-	tar cf - --owner=root --group=root -C $TMPDIR/install .$PREFIX | bzip2 -c >$PKGNAME-$VERSION-$OS-$ARCH.tar.bz2
-else
-	tar cf $TMPDIR/tartest.tar --uid 0 --gid 0 -C $TMPDIR tartest >/dev/null 2>&1 && BSDTAR=1
-	if [ "$BSDTAR" = "1" ]; then
-		tar cf - --uid=0 --gid=0 -C $TMPDIR/install .$PREFIX | bzip2 -c >$PKGNAME-$VERSION-$OS-$ARCH.tar.bz2
-	else
-		tar cf - -C $TMPDIR/install .$PREFIX | bzip2 -c >$PKGNAME-$VERSION-$OS-$ARCH.tar.bz2
-	fi
-fi
-
-exit
diff --git a/3rdparty/libjpeg-turbo_2_1_0/release/rpm.spec.in b/3rdparty/libjpeg-turbo_2_1_0/release/rpm.spec.in
deleted file mode 100644
index 7274ea6..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/release/rpm.spec.in
+++ /dev/null
@@ -1,224 +0,0 @@
-%global _docdir %{_defaultdocdir}/%{name}-%{version}
-%define _prefix  @CMAKE_INSTALL_PREFIX@
-%define _bindir  @CMAKE_INSTALL_FULL_BINDIR@
-%define _datarootdir  @CMAKE_INSTALL_FULL_DATAROOTDIR@
-%define _includedir  @CMAKE_INSTALL_FULL_INCLUDEDIR@
-%define _javadir  @CMAKE_INSTALL_FULL_JAVADIR@
-%define _mandir  @CMAKE_INSTALL_FULL_MANDIR@
-%define _enable_static  @ENABLE_STATIC@
-%define _enable_shared  @ENABLE_SHARED@
-%define _with_turbojpeg  @WITH_TURBOJPEG@
-%define _with_java  @WITH_JAVA@
-
-%if "%{?__isa_bits:1}" == "1"
-%define _bits  %{__isa_bits}
-%else
-# RPM < 4.6
-%if "%{_lib}" == "lib64"
-%define _bits  64
-%else
-%define _bits  32
-%endif
-%endif
-
-#-->%if 1
-%if "%{_bits}" == "64"
-%define _libdir  %{_exec_prefix}/lib64
-%else
-%if "%{_prefix}" == "/opt/libjpeg-turbo"
-%define _libdir  %{_exec_prefix}/lib32
-%endif
-%endif
-#-->%else
-%define _libdir  @CMAKE_INSTALL_FULL_LIBDIR@
-#-->%endif
-
-Summary: A SIMD-accelerated JPEG codec that provides both the libjpeg and TurboJPEG APIs
-Name: @PKGNAME@
-Version: @VERSION@
-Vendor: @PKGVENDOR@
-URL: @PKGURL@
-Group: System Environment/Libraries
-#-->Source0: http://prdownloads.sourceforge.net/@CMAKE_PROJECT_NAME@/@CMAKE_PROJECT_NAME@-%{version}.tar.gz
-Release: @BUILD@
-License: BSD-style
-BuildRoot: %{_blddir}/%{name}-buildroot-%{version}-%{release}
-Requires: /sbin/ldconfig
-%if "%{_bits}" == "64"
-Provides: %{name} = %{version}-%{release}, @CMAKE_PROJECT_NAME@ = %{version}-%{release}, libturbojpeg.so()(64bit)
-%else
-Provides: %{name} = %{version}-%{release}, @CMAKE_PROJECT_NAME@ = %{version}-%{release}, libturbojpeg.so
-%endif
-
-%description
-libjpeg-turbo is a JPEG image codec that uses SIMD instructions to accelerate
-baseline JPEG compression and decompression on x86, x86-64, Arm, PowerPC, and
-MIPS systems, as well as progressive JPEG compression on x86, x86-64, and Arm
-systems.  On such systems, libjpeg-turbo is generally 2-6x as fast as libjpeg,
-all else being equal.  On other types of systems, libjpeg-turbo can still
-outperform libjpeg by a significant amount, by virtue of its highly-optimized
-Huffman coding routines.  In many cases, the performance of libjpeg-turbo
-rivals that of proprietary high-speed JPEG codecs.
-
-libjpeg-turbo implements both the traditional libjpeg API as well as the less
-powerful but more straightforward TurboJPEG API.  libjpeg-turbo also features
-colorspace extensions that allow it to compress from/decompress to 32-bit and
-big-endian pixel buffers (RGBX, XBGR, etc.), as well as a full-featured Java
-interface.
-
-libjpeg-turbo was originally based on libjpeg/SIMD, an MMX-accelerated
-derivative of libjpeg v6b developed by Miyasaka Masaru.  The TigerVNC and
-VirtualGL projects made numerous enhancements to the codec in 2009, and in
-early 2010, libjpeg-turbo spun off into an independent project, with the goal
-of making high-speed JPEG compression/decompression technology available to a
-broader range of users and developers.
-
-#-->%prep
-#-->%setup -q -n @CMAKE_PROJECT_NAME@-%{version}
-
-#-->%build
-#-->cmake -G"Unix Makefiles" -DCMAKE_BUILD_TYPE=@CMAKE_BUILD_TYPE@ \
-#-->  -DBUILD=%{release} \
-#-->  -DCMAKE_INSTALL_BINDIR=%{_bindir} \
-#-->  -DCMAKE_INSTALL_DATAROOTDIR=%{_datarootdir} \
-#-->  -DCMAKE_INSTALL_DOCDIR=%{_docdir} \
-#-->  -DCMAKE_INSTALL_INCLUDEDIR=%{_includedir} \
-#-->  -DCMAKE_INSTALL_JAVADIR=%{_javadir} \
-#-->  -DCMAKE_INSTALL_LIBDIR=%{_libdir} \
-#-->  -DCMAKE_INSTALL_MANDIR=%{_mandir} \
-#-->  -DCMAKE_INSTALL_PREFIX=%{_prefix} \
-#-->  -DCMAKE_POSITION_INDEPENDENT_CODE=@CMAKE_POSITION_INDEPENDENT_CODE@ \
-#-->  -DENABLE_SHARED=@ENABLE_SHARED@ -DENABLE_STATIC=@ENABLE_STATIC@ \
-#-->  -DSO_MAJOR_VERSION=@SO_MAJOR_VERSION@ \
-#-->  -DSO_MINOR_VERSION=@SO_MINOR_VERSION@ \
-#-->  -DJPEG_LIB_VERSION=@JPEG_LIB_VERSION@ \
-#-->  -DREQUIRE_SIMD=@REQUIRE_SIMD@ \
-#-->  -DWITH_12BIT=@WITH_12BIT@ -DWITH_ARITH_DEC=@WITH_ARITH_DEC@ \
-#-->  -DWITH_ARITH_ENC=@WITH_ARITH_ENC@ -DWITH_JAVA=@WITH_JAVA@ \
-#-->  -DWITH_JPEG7=@WITH_JPEG7@ -DWITH_JPEG8=@WITH_JPEG8@ \
-#-->  -DWITH_MEM_SRCDST=@WITH_MEM_SRCDST@ -DWITH_SIMD=@WITH_SIMD@ \
-#-->  -DWITH_TURBOJPEG=@WITH_TURBOJPEG@ .
-#-->make DESTDIR=$RPM_BUILD_ROOT
-
-%install
-rm -rf $RPM_BUILD_ROOT
-DESTDIR=$RPM_BUILD_ROOT @CMAKE_MAKE_PROGRAM@ install
-/sbin/ldconfig -n $RPM_BUILD_ROOT%{_libdir}
-
-#-->%if 0
-
-# This is only needed to support in-tree RPM generation via 'make rpm'.  When
-# building from a SRPM, we control where things are installed via CMake
-# variables.
-
-safedirmove ()
-{
-	if [ "$1" = "$2" ]; then
-		return 0
-	fi
-	if [ "$1" = "" -o ! -d "$1" ]; then
-		echo safedirmove: source dir $1 is not valid
-		return 1
-	fi
-	if [ "$2" = "" -o -e "$2" ]; then
-		echo safedirmove: dest dir $2 is not valid
-		return 1
-	fi
-	if [ "$3" = "" -o -e "$3" ]; then
-		echo safedirmove: tmp dir $3 is not valid
-		return 1
-	fi
-	mkdir -p $3
-	mv $1/* $3/
-	rmdir $1
-	mkdir -p $2
-	mv $3/* $2/
-	rmdir $3
-	return 0
-}
-
-LJT_DOCDIR=@CMAKE_INSTALL_FULL_DOCDIR@
-if [ ! "$LJT_DOCDIR" = "%{_docdir}" ]; then
-	safedirmove $RPM_BUILD_ROOT/$LJT_DOCDIR $RPM_BUILD_ROOT/%{_docdir} $RPM_BUILD_ROOT/__tmpdoc
-fi
-
-#-->%endif
-
-LJT_DOCDIR=@CMAKE_INSTALL_FULL_DOCDIR@
-if [ "%{_prefix}" = "@CMAKE_INSTALL_DEFAULT_PREFIX@" -a "$LJT_DOCDIR" = "@CMAKE_INSTALL_DEFAULT_PREFIX@/doc" ]; then
-	ln -fs %{_docdir} $RPM_BUILD_ROOT/$LJT_DOCDIR
-fi
-
-%post -p /sbin/ldconfig
-
-%postun -p /sbin/ldconfig
-
-%clean
-rm -rf $RPM_BUILD_ROOT
-
-%files
-%defattr(-,root,root)
-%dir %{_docdir}
-%doc %{_docdir}/*
-%dir %{_prefix}
-%if "%{_prefix}" == "@CMAKE_INSTALL_DEFAULT_PREFIX@" && "%{_docdir}" != "%{_prefix}/doc"
-	%{_prefix}/doc
-%endif
-%dir %{_bindir}
-%{_bindir}/cjpeg
-%{_bindir}/djpeg
-%{_bindir}/jpegtran
-%if "%{_with_turbojpeg}" == "1"
-	%{_bindir}/tjbench
-%endif
-%{_bindir}/rdjpgcom
-%{_bindir}/wrjpgcom
-%dir %{_libdir}
-%if "%{_enable_shared}" == "1"
-	%{_libdir}/libjpeg.so.@SO_MAJOR_VERSION@.@SO_AGE@.@SO_MINOR_VERSION@
-	%{_libdir}/libjpeg.so.@SO_MAJOR_VERSION@
-	%{_libdir}/libjpeg.so
-%endif
-%if "%{_enable_static}" == "1"
-	%{_libdir}/libjpeg.a
-%endif
-%dir %{_libdir}/pkgconfig
-%{_libdir}/pkgconfig/libjpeg.pc
-%dir %{_libdir}/cmake
-%dir %{_libdir}/cmake/@CMAKE_PROJECT_NAME@
-%{_libdir}/cmake/@CMAKE_PROJECT_NAME@
-%if "%{_with_turbojpeg}" == "1"
-	%if "%{_enable_shared}" == "1" || "%{_with_java}" == "1"
-		%{_libdir}/libturbojpeg.so.@TURBOJPEG_SO_VERSION@
-		%{_libdir}/libturbojpeg.so.@TURBOJPEG_SO_MAJOR_VERSION@
-		%{_libdir}/libturbojpeg.so
-	%endif
-	%if "%{_enable_static}" == "1"
-		%{_libdir}/libturbojpeg.a
-	%endif
-	%{_libdir}/pkgconfig/libturbojpeg.pc
-%endif
-%dir %{_includedir}
-%{_includedir}/jconfig.h
-%{_includedir}/jerror.h
-%{_includedir}/jmorecfg.h
-%{_includedir}/jpeglib.h
-%if "%{_with_turbojpeg}" == "1"
-	%{_includedir}/turbojpeg.h
-%endif
-%dir %{_mandir}
-%dir %{_mandir}/man1
-%{_mandir}/man1/cjpeg.1*
-%{_mandir}/man1/djpeg.1*
-%{_mandir}/man1/jpegtran.1*
-%{_mandir}/man1/rdjpgcom.1*
-%{_mandir}/man1/wrjpgcom.1*
-%if "%{_prefix}" != "%{_datarootdir}"
-	%dir %{_datarootdir}
-%endif
-%if "%{_with_java}" == "1"
-	%dir %{_javadir}
-	%{_javadir}/turbojpeg.jar
-%endif
-
-%changelog
diff --git a/3rdparty/libjpeg-turbo_2_1_0/release/uninstall.in b/3rdparty/libjpeg-turbo_2_1_0/release/uninstall.in
deleted file mode 100644
index 34757b0..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/release/uninstall.in
+++ /dev/null
@@ -1,120 +0,0 @@
-# Copyright (C)2009-2011, 2013, 2016, 2020 D. R. Commander.
-#                                          All Rights Reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are met:
-#
-# - Redistributions of source code must retain the above copyright notice,
-#   this list of conditions and the following disclaimer.
-# - Redistributions in binary form must reproduce the above copyright notice,
-#   this list of conditions and the following disclaimer in the documentation
-#   and/or other materials provided with the distribution.
-# - Neither the name of the libjpeg-turbo Project nor the names of its
-#   contributors may be used to endorse or promote products derived from this
-#   software without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
-# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-# ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
-# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-
-#!/bin/sh
-
-if [ ! "`id -u`" = "0" ]; then
-	echo "ERROR: This script must be executed as root"
-	exit -1
-fi
-
-PKGNAME=@PKGNAME@
-PKGID=@PKGID@
-RECEIPT=/Library/Receipts/$PKGNAME.pkg
-
-LSBOM=
-if [ -d $RECEIPT ]; then
-	LSBOM='lsbom -s -f -l '$RECEIPT'/Contents/Archive.bom'
-else
-	LSBOM='pkgutil --files '$PKGID
-fi
-
-mylsbom()
-{
-	$LSBOM || (echo "ERROR: Could not list package contents"; exit -1)
-}
-
-echo Removing package files ...
-EXITSTATUS=0
-pushd /
-mylsbom | while read file; do
-	if [ ! -d "$file" ]; then rm "$file" 2>&1 || EXITSTATUS=-1; fi
-done
-popd
-
-echo Removing package directories ...
-PREFIX=@CMAKE_INSTALL_PREFIX@
-BINDIR=@CMAKE_INSTALL_FULL_BINDIR@
-DATAROOTDIR=@CMAKE_INSTALL_FULL_DATAROOTDIR@
-INCLUDEDIR=@CMAKE_INSTALL_FULL_INCLUDEDIR@
-JAVADIR=@CMAKE_INSTALL_FULL_JAVADIR@
-LIBDIR=@CMAKE_INSTALL_FULL_LIBDIR@
-MANDIR=@CMAKE_INSTALL_FULL_MANDIR@
-
-if [ -d $BINDIR ]; then
-	rmdir $BINDIR 2>&1 || EXITSTATUS=-1
-fi
-if [ -d $LIBDIR/pkgconfig ]; then
-	rmdir $LIBDIR/pkgconfig 2>&1 || EXITSTATUS=-1
-fi
-if [ -d $LIBDIR/cmake/@CMAKE_PROJECT_NAME@ ]; then
-	rmdir $LIBDIR/cmake/@CMAKE_PROJECT_NAME@ || EXITSTATUS=-1
-fi
-if [ -d $LIBDIR/cmake ]; then
-	rmdir $LIBDIR/cmake || EXITSTATUS=-1
-fi
-if [ -d $LIBDIR ]; then
-	rmdir $LIBDIR 2>&1 || EXITSTATUS=-1
-fi
-if [ -d $INCLUDEDIR ]; then
-	rmdir $INCLUDEDIR 2>&1 || EXITSTATUS=-1
-fi
-if [ "$PREFIX" = "@CMAKE_INSTALL_DEFAULT_PREFIX@" -a "$LIBDIR" = "@CMAKE_INSTALL_DEFAULT_PREFIX@/lib" ]; then
-	if [ -h $LIBDIR\32 ]; then
-		rm $LIBDIR\32 2>&1 || EXITSTATUS=-1
-	fi
-	if [ -h $LIBDIR\64 ]; then
-		rm $LIBDIR\64 2>&1 || EXITSTATUS=-1
-	fi
-fi
-if [ -d $MANDIR/man1 ]; then
-	rmdir $MANDIR/man1 2>&1 || EXITSTATUS=-1
-fi
-if [ -d $MANDIR ]; then
-	rmdir $MANDIR 2>&1 || EXITSTATUS=-1
-fi
-if [ -d "$JAVADIR" ]; then
-	rmdir $JAVADIR 2>&1 || EXITSTATUS=-1
-fi
-if [ -d $DATAROOTDIR -a "$DATAROOTDIR" != "$PREFIX" ]; then
-	rmdir $DATAROOTDIR 2>&1 || EXITSTATUS=-1
-fi
-if [ "$PREFIX" = "@CMAKE_INSTALL_DEFAULT_PREFIX@" -a -h "$PREFIX/doc" ]; then
-	rm $PREFIX/doc 2>&1 || EXITSTATUS=-1
-fi
-rmdir $PREFIX 2>&1 || EXITSTATUS=-1
-rmdir /Library/Documentation/$PKGNAME 2>&1 || EXITSTATUS=-1
-
-if [ -d $RECEIPT ]; then
-	echo Removing package receipt ...
-	rm -r $RECEIPT 2>&1 || EXITSTATUS=-1
-else
-	echo Forgetting package $PKGID ...
-	pkgutil --forget $PKGID
-fi
-
-exit $EXITSTATUS
diff --git a/3rdparty/libjpeg-turbo_2_1_0/sharedlib/CMakeLists.txt b/3rdparty/libjpeg-turbo_2_1_0/sharedlib/CMakeLists.txt
deleted file mode 100644
index 78a2f28..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/sharedlib/CMakeLists.txt
+++ /dev/null
@@ -1,102 +0,0 @@
-# Anything that must be linked against the shared C library on Windows must
-# be built in this subdirectory, because CMake doesn't allow us to override
-# the compiler flags for each build type except at directory scope.  Note
-# to CMake developers:  Add a COMPILE_FLAGS_<CONFIG> target property, or
-# better yet, provide a friendly way of configuring a Windows target to use the
-# static C library.
-
-set(CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/..)
-set(CMAKE_LIBRARY_OUTPUT_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/..)
-set(CMAKE_ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/..)
-
-if(MSVC)
-  # Build all configurations against shared C library
-  foreach(var CMAKE_C_FLAGS CMAKE_C_FLAGS_DEBUG CMAKE_C_FLAGS_RELEASE
-    CMAKE_C_FLAGS_MINSIZEREL CMAKE_C_FLAGS_RELWITHDEBINFO)
-    if(${var} MATCHES "/MT")
-      string(REGEX REPLACE "/MT" "/MD" ${var} "${${var}}")
-    endif()
-  endforeach()
-endif()
-
-foreach(src ${JPEG_SOURCES})
-  set(JPEG_SRCS ${JPEG_SRCS} ../${src})
-endforeach()
-
-if(WITH_SIMD AND (MSVC_IDE OR XCODE))
-  # This tells CMake that the "source" files haven't been generated yet
-  set_source_files_properties(${SIMD_OBJS} PROPERTIES GENERATED 1)
-endif()
-
-if(WIN32)
-  if(WITH_MEM_SRCDST)
-    set(DEFFILE ../win/jpeg${SO_MAJOR_VERSION}-memsrcdst.def)
-  else()
-    set(DEFFILE ../win/jpeg${SO_MAJOR_VERSION}.def)
-  endif()
-endif()
-add_library(jpeg SHARED ${JPEG_SRCS} ${DEFFILE} $<TARGET_OBJECTS:simd>
-  ${SIMD_OBJS})
-
-set_target_properties(jpeg PROPERTIES SOVERSION ${SO_MAJOR_VERSION}
-  VERSION ${SO_MAJOR_VERSION}.${SO_AGE}.${SO_MINOR_VERSION})
-if(APPLE AND (NOT CMAKE_OSX_DEPLOYMENT_TARGET OR
-              CMAKE_OSX_DEPLOYMENT_TARGET VERSION_GREATER 10.4))
-  if(NOT CMAKE_SHARED_LIBRARY_RUNTIME_C_FLAG)
-    set(CMAKE_SHARED_LIBRARY_RUNTIME_C_FLAG "-Wl,-rpath,")
-  endif()
-  set_target_properties(jpeg PROPERTIES MACOSX_RPATH 1)
-endif()
-if(MAPFLAG)
-  set_target_properties(jpeg PROPERTIES
-    LINK_FLAGS "${MAPFLAG}${CMAKE_CURRENT_BINARY_DIR}/../libjpeg.map")
-endif()
-if(MSVC)
-  set_target_properties(jpeg PROPERTIES
-    RUNTIME_OUTPUT_NAME jpeg${SO_MAJOR_VERSION})
-  # The jsimd_*.c file is built using /MT, so this prevents a linker warning.
-  set_target_properties(jpeg PROPERTIES LINK_FLAGS "/NODEFAULTLIB:LIBCMT /NODEFAULTLIB:LIBCMTD")
-elseif(MINGW)
-  set_target_properties(jpeg PROPERTIES SUFFIX -${SO_MAJOR_VERSION}.dll)
-endif()
-
-if(WIN32)
-  set(USE_SETMODE "-DUSE_SETMODE")
-endif()
-if(WITH_12BIT)
-  set(COMPILE_FLAGS "-DGIF_SUPPORTED -DPPM_SUPPORTED ${USE_SETMODE}")
-else()
-  set(COMPILE_FLAGS "-DBMP_SUPPORTED -DGIF_SUPPORTED -DPPM_SUPPORTED -DTARGA_SUPPORTED ${USE_SETMODE}")
-  set(CJPEG_BMP_SOURCES ../rdbmp.c ../rdtarga.c)
-  set(DJPEG_BMP_SOURCES ../wrbmp.c ../wrtarga.c)
-endif()
-
-add_executable(cjpeg ../cjpeg.c ../cdjpeg.c ../rdgif.c ../rdppm.c
-  ../rdswitch.c ${CJPEG_BMP_SOURCES})
-set_property(TARGET cjpeg PROPERTY COMPILE_FLAGS ${COMPILE_FLAGS})
-target_link_libraries(cjpeg jpeg)
-
-add_executable(djpeg ../djpeg.c ../cdjpeg.c ../rdcolmap.c ../rdswitch.c
-  ../wrgif.c ../wrppm.c ${DJPEG_BMP_SOURCES})
-set_property(TARGET djpeg PROPERTY COMPILE_FLAGS ${COMPILE_FLAGS})
-target_link_libraries(djpeg jpeg)
-
-add_executable(jpegtran ../jpegtran.c ../cdjpeg.c ../rdswitch.c ../transupp.c)
-target_link_libraries(jpegtran jpeg)
-set_property(TARGET jpegtran PROPERTY COMPILE_FLAGS "${USE_SETMODE}")
-
-add_executable(jcstest ../jcstest.c)
-target_link_libraries(jcstest jpeg)
-
-install(TARGETS jpeg EXPORT ${CMAKE_PROJECT_NAME}Targets
-  INCLUDES DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}
-  ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR}
-  LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR}
-  RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
-install(TARGETS cjpeg djpeg jpegtran
-  RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
-if(NOT CMAKE_VERSION VERSION_LESS "3.1" AND MSVC AND
-  CMAKE_C_LINKER_SUPPORTS_PDB)
-  install(FILES "$<TARGET_PDB_FILE:jpeg>"
-    DESTINATION ${CMAKE_INSTALL_BINDIR} OPTIONAL)
-endif()
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/CMakeLists.txt b/3rdparty/libjpeg-turbo_2_1_0/simd/CMakeLists.txt
deleted file mode 100644
index 7f380dc..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/CMakeLists.txt
+++ /dev/null
@@ -1,425 +0,0 @@
-macro(simd_fail message)
-  if(REQUIRE_SIMD)
-    message(FATAL_ERROR "${message}.")
-  else()
-    message(WARNING "${message}.  Performance will suffer.")
-    set(WITH_SIMD 0 PARENT_SCOPE)
-  endif()
-endmacro()
-
-
-###############################################################################
-# x86[-64] (NASM)
-###############################################################################
-
-if(CPU_TYPE STREQUAL "x86_64" OR CPU_TYPE STREQUAL "i386")
-
-set(CMAKE_ASM_NASM_FLAGS_DEBUG_INIT "-g")
-set(CMAKE_ASM_NASM_FLAGS_RELWITHDEBINFO_INIT "-g")
-
-# Allow the location of the NASM executable to be specified using the ASM_NASM
-# environment variable.  This should happen automatically, but unfortunately
-# enable_language(ASM_NASM) doesn't parse the ASM_NASM environment variable
-# until after CMAKE_ASM_NASM_COMPILER has been populated with the results of
-# searching for NASM or YASM in the PATH.
-if(NOT DEFINED CMAKE_ASM_NASM_COMPILER AND DEFINED ENV{ASM_NASM})
-  set(CMAKE_ASM_NASM_COMPILER $ENV{ASM_NASM})
-endif()
-
-if(CPU_TYPE STREQUAL "x86_64")
-  if(CYGWIN)
-    set(CMAKE_ASM_NASM_OBJECT_FORMAT win64)
-  endif()
-  if(CMAKE_C_COMPILER_ABI MATCHES "ELF X32")
-    set(CMAKE_ASM_NASM_OBJECT_FORMAT elfx32)
-  endif()
-elseif(CPU_TYPE STREQUAL "i386")
-  if(BORLAND)
-    set(CMAKE_ASM_NASM_OBJECT_FORMAT obj)
-  elseif(CYGWIN)
-    set(CMAKE_ASM_NASM_OBJECT_FORMAT win32)
-  endif()
-endif()
-
-if(NOT REQUIRE_SIMD)
-  include(CheckLanguage)
-  check_language(ASM_NASM)
-  if(NOT CMAKE_ASM_NASM_COMPILER)
-    simd_fail("SIMD extensions disabled: could not find NASM compiler")
-    return()
-  endif()
-endif()
-enable_language(ASM_NASM)
-message(STATUS "CMAKE_ASM_NASM_COMPILER = ${CMAKE_ASM_NASM_COMPILER}")
-
-if(CMAKE_ASM_NASM_OBJECT_FORMAT MATCHES "^macho")
-  set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -DMACHO")
-elseif(CMAKE_ASM_NASM_OBJECT_FORMAT MATCHES "^elf")
-  set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -DELF")
-  set(CMAKE_ASM_NASM_DEBUG_FORMAT "dwarf2")
-endif()
-if(CPU_TYPE STREQUAL "x86_64")
-  if(WIN32 OR CYGWIN)
-    set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -DWIN64")
-  endif()
-  set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -D__x86_64__")
-elseif(CPU_TYPE STREQUAL "i386")
-  if(BORLAND)
-    set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -DOBJ32")
-  elseif(WIN32 OR CYGWIN)
-    set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -DWIN32")
-  endif()
-endif()
-
-message(STATUS "CMAKE_ASM_NASM_OBJECT_FORMAT = ${CMAKE_ASM_NASM_OBJECT_FORMAT}")
-
-if(NOT CMAKE_ASM_NASM_OBJECT_FORMAT)
-  simd_fail("SIMD extensions disabled: could not determine NASM object format")
-  return()
-endif()
-
-get_filename_component(CMAKE_ASM_NASM_COMPILER_TYPE
-  "${CMAKE_ASM_NASM_COMPILER}" NAME_WE)
-if(CMAKE_ASM_NASM_COMPILER_TYPE MATCHES "yasm")
-  foreach(var CMAKE_ASM_NASM_FLAGS_DEBUG CMAKE_ASM_NASM_FLAGS_RELWITHDEBINFO)
-    if(${var} STREQUAL "-g")
-      if(CMAKE_ASM_NASM_DEBUG_FORMAT)
-        set_property(CACHE ${var} PROPERTY VALUE "-g ${CMAKE_ASM_NASM_DEBUG_FORMAT}")
-      else()
-        set_property(CACHE ${var} PROPERTY VALUE "")
-      endif()
-    endif()
-  endforeach()
-endif()
-
-if(NOT WIN32 AND (CMAKE_POSITION_INDEPENDENT_CODE OR ENABLE_SHARED))
-  set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -DPIC")
-endif()
-
-string(TOUPPER ${CMAKE_BUILD_TYPE} CMAKE_BUILD_TYPE_UC)
-set(EFFECTIVE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} ${CMAKE_ASM_NASM_FLAGS_${CMAKE_BUILD_TYPE_UC}}")
-message(STATUS "CMAKE_ASM_NASM_FLAGS = ${EFFECTIVE_ASM_NASM_FLAGS}")
-
-set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -I\"${CMAKE_CURRENT_SOURCE_DIR}/nasm/\" -I\"${CMAKE_CURRENT_SOURCE_DIR}/${CPU_TYPE}/\"")
-
-set(GREP grep)
-if(CMAKE_SYSTEM_NAME STREQUAL "SunOS")
-  set(GREP ggrep)
-endif()
-add_custom_target(jsimdcfg COMMAND
-  ${CMAKE_C_COMPILER} -E -I${CMAKE_BINARY_DIR} -I${CMAKE_CURRENT_BINARY_DIR}
-    -I${CMAKE_CURRENT_SOURCE_DIR}
-    ${CMAKE_CURRENT_SOURCE_DIR}/nasm/jsimdcfg.inc.h |
-  ${GREP} -E '^[\;%]|^\ %' | sed 's%_cpp_protection_%%' |
-  sed 's@% define@%define@g' >${CMAKE_CURRENT_SOURCE_DIR}/nasm/jsimdcfg.inc)
-
-if(CPU_TYPE STREQUAL "x86_64")
-  set(SIMD_SOURCES x86_64/jsimdcpu.asm x86_64/jfdctflt-sse.asm
-    x86_64/jccolor-sse2.asm x86_64/jcgray-sse2.asm x86_64/jchuff-sse2.asm
-    x86_64/jcphuff-sse2.asm x86_64/jcsample-sse2.asm x86_64/jdcolor-sse2.asm
-    x86_64/jdmerge-sse2.asm x86_64/jdsample-sse2.asm x86_64/jfdctfst-sse2.asm
-    x86_64/jfdctint-sse2.asm x86_64/jidctflt-sse2.asm x86_64/jidctfst-sse2.asm
-    x86_64/jidctint-sse2.asm x86_64/jidctred-sse2.asm x86_64/jquantf-sse2.asm
-    x86_64/jquanti-sse2.asm
-    x86_64/jccolor-avx2.asm x86_64/jcgray-avx2.asm x86_64/jcsample-avx2.asm
-    x86_64/jdcolor-avx2.asm x86_64/jdmerge-avx2.asm x86_64/jdsample-avx2.asm
-    x86_64/jfdctint-avx2.asm x86_64/jidctint-avx2.asm x86_64/jquanti-avx2.asm)
-else()
-  set(SIMD_SOURCES i386/jsimdcpu.asm i386/jfdctflt-3dn.asm
-    i386/jidctflt-3dn.asm i386/jquant-3dn.asm
-    i386/jccolor-mmx.asm i386/jcgray-mmx.asm i386/jcsample-mmx.asm
-    i386/jdcolor-mmx.asm i386/jdmerge-mmx.asm i386/jdsample-mmx.asm
-    i386/jfdctfst-mmx.asm i386/jfdctint-mmx.asm i386/jidctfst-mmx.asm
-    i386/jidctint-mmx.asm i386/jidctred-mmx.asm i386/jquant-mmx.asm
-    i386/jfdctflt-sse.asm i386/jidctflt-sse.asm i386/jquant-sse.asm
-    i386/jccolor-sse2.asm i386/jcgray-sse2.asm i386/jchuff-sse2.asm
-    i386/jcphuff-sse2.asm i386/jcsample-sse2.asm i386/jdcolor-sse2.asm
-    i386/jdmerge-sse2.asm i386/jdsample-sse2.asm i386/jfdctfst-sse2.asm
-    i386/jfdctint-sse2.asm i386/jidctflt-sse2.asm i386/jidctfst-sse2.asm
-    i386/jidctint-sse2.asm i386/jidctred-sse2.asm i386/jquantf-sse2.asm
-    i386/jquanti-sse2.asm
-    i386/jccolor-avx2.asm i386/jcgray-avx2.asm i386/jcsample-avx2.asm
-    i386/jdcolor-avx2.asm i386/jdmerge-avx2.asm i386/jdsample-avx2.asm
-    i386/jfdctint-avx2.asm i386/jidctint-avx2.asm i386/jquanti-avx2.asm)
-endif()
-
-if(MSVC_IDE)
-  set(OBJDIR "${CMAKE_CURRENT_BINARY_DIR}/${CMAKE_CFG_INTDIR}")
-  string(REGEX REPLACE " " ";" CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS}")
-elseif(XCODE)
-  set(OBJDIR "${CMAKE_CURRENT_BINARY_DIR}")
-  string(REGEX REPLACE " " ";" CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS}")
-endif()
-
-file(GLOB INC_FILES nasm/*.inc)
-
-foreach(file ${SIMD_SOURCES})
-  set(OBJECT_DEPENDS "")
-  if(${file} MATCHES jccolor)
-    string(REGEX REPLACE "jccolor" "jccolext" DEPFILE ${file})
-    set(OBJECT_DEPENDS ${OBJECT_DEPENDS}
-      ${CMAKE_CURRENT_SOURCE_DIR}/${DEPFILE})
-  endif()
-  if(${file} MATCHES jcgray)
-    string(REGEX REPLACE "jcgray" "jcgryext" DEPFILE ${file})
-    set(OBJECT_DEPENDS ${OBJECT_DEPENDS}
-      ${CMAKE_CURRENT_SOURCE_DIR}/${DEPFILE})
-  endif()
-  if(${file} MATCHES jdcolor)
-    string(REGEX REPLACE "jdcolor" "jdcolext" DEPFILE ${file})
-    set(OBJECT_DEPENDS ${OBJECT_DEPENDS}
-      ${CMAKE_CURRENT_SOURCE_DIR}/${DEPFILE})
-  endif()
-  if(${file} MATCHES jdmerge)
-    string(REGEX REPLACE "jdmerge" "jdmrgext" DEPFILE ${file})
-    set(OBJECT_DEPENDS ${OBJECT_DEPENDS}
-      ${CMAKE_CURRENT_SOURCE_DIR}/${DEPFILE})
-  endif()
-  set(OBJECT_DEPENDS ${OBJECT_DEPENDS} ${INC_FILES})
-  if(MSVC_IDE OR XCODE)
-    # The CMake Visual Studio generators do not work properly with the ASM_NASM
-    # language, so we have to go rogue here and use a custom command like we
-    # did in prior versions of libjpeg-turbo.  (This is why we can't have nice
-    # things.)
-    string(REGEX REPLACE "${CPU_TYPE}/" "" filename ${file})
-    set(SIMD_OBJ ${OBJDIR}/${filename}${CMAKE_C_OUTPUT_EXTENSION})
-    add_custom_command(OUTPUT ${SIMD_OBJ} DEPENDS ${file} ${OBJECT_DEPENDS}
-      COMMAND ${CMAKE_ASM_NASM_COMPILER} -f${CMAKE_ASM_NASM_OBJECT_FORMAT}
-        ${CMAKE_ASM_NASM_FLAGS} ${CMAKE_CURRENT_SOURCE_DIR}/${file}
-        -o${SIMD_OBJ})
-    set(SIMD_OBJS ${SIMD_OBJS} ${SIMD_OBJ})
-  else()
-    set_source_files_properties(${file} PROPERTIES OBJECT_DEPENDS
-      "${OBJECT_DEPENDS}")
-  endif()
-endforeach()
-
-if(MSVC_IDE OR XCODE)
-  set(SIMD_OBJS ${SIMD_OBJS} PARENT_SCOPE)
-  add_library(simd OBJECT ${CPU_TYPE}/jsimd.c)
-  add_custom_target(simd-objs DEPENDS ${SIMD_OBJS})
-  add_dependencies(simd simd-objs)
-else()
-  add_library(simd OBJECT ${SIMD_SOURCES} ${CPU_TYPE}/jsimd.c)
-endif()
-if(NOT WIN32 AND (CMAKE_POSITION_INDEPENDENT_CODE OR ENABLE_SHARED))
-  set_target_properties(simd PROPERTIES POSITION_INDEPENDENT_CODE 1)
-endif()
-
-
-###############################################################################
-# Arm (Intrinsics or GAS)
-###############################################################################
-
-elseif(CPU_TYPE STREQUAL "arm64" OR CPU_TYPE STREQUAL "arm")
-
-include(CheckSymbolExists)
-if(BITS EQUAL 32)
-  set(CMAKE_REQUIRED_FLAGS -mfpu=neon)
-endif()
-check_symbol_exists(vld1_s16_x3 arm_neon.h HAVE_VLD1_S16_X3)
-check_symbol_exists(vld1_u16_x2 arm_neon.h HAVE_VLD1_U16_X2)
-check_symbol_exists(vld1q_u8_x4 arm_neon.h HAVE_VLD1Q_U8_X4)
-if(BITS EQUAL 32)
-  unset(CMAKE_REQUIRED_FLAGS)
-endif()
-configure_file(arm/neon-compat.h.in arm/neon-compat.h @ONLY)
-include_directories(${CMAKE_CURRENT_BINARY_DIR}/arm)
-
-# GCC (as of this writing) and some older versions of Clang do not have a full
-# or optimal set of Neon intrinsics, so for performance reasons, when using
-# those compilers, we default to using the older GAS implementation of the Neon
-# SIMD extensions for certain algorithms.  The presence or absence of the three
-# intrinsics we tested above is a reasonable proxy for this.  We always default
-# to using the full Neon intrinsics implementation when building for macOS or
-# iOS, to avoid the need for gas-preprocessor.
-if((HAVE_VLD1_S16_X3 AND HAVE_VLD1_U16_X2 AND HAVE_VLD1Q_U8_X4) OR APPLE)
-  set(DEFAULT_NEON_INTRINSICS 1)
-else()
-  set(DEFAULT_NEON_INTRINSICS 0)
-endif()
-option(NEON_INTRINSICS
-  "Because GCC (as of this writing) and some older versions of Clang do not have a full or optimal set of Neon intrinsics, for performance reasons, the default when building libjpeg-turbo with those compilers is to continue using the older GAS implementation of the Neon SIMD extensions for certain algorithms.  Setting this option forces the full Neon intrinsics implementation to be used with all compilers.  Unsetting this option forces the hybrid GAS/intrinsics implementation to be used with all compilers."
-  ${DEFAULT_NEON_INTRINSICS})
-boolean_number(NEON_INTRINSICS PARENT_SCOPE)
-if(NEON_INTRINSICS)
-  add_definitions(-DNEON_INTRINSICS)
-  message(STATUS "Use full Neon SIMD intrinsics implementation (NEON_INTRINSICS = ${NEON_INTRINSICS})")
-else()
-  message(STATUS "Use partial Neon SIMD intrinsics implementation (NEON_INTRINSICS = ${NEON_INTRINSICS})")
-endif()
-
-set(SIMD_SOURCES arm/jcgray-neon.c arm/jcphuff-neon.c arm/jcsample-neon.c
-  arm/jdmerge-neon.c arm/jdsample-neon.c arm/jfdctfst-neon.c
-  arm/jidctred-neon.c arm/jquanti-neon.c)
-if(NEON_INTRINSICS)
-  set(SIMD_SOURCES ${SIMD_SOURCES} arm/jccolor-neon.c arm/jidctint-neon.c)
-endif()
-if(NEON_INTRINSICS OR BITS EQUAL 64)
-  set(SIMD_SOURCES ${SIMD_SOURCES} arm/jidctfst-neon.c)
-endif()
-if(NEON_INTRINSICS OR BITS EQUAL 32)
-  set(SIMD_SOURCES ${SIMD_SOURCES} arm/aarch${BITS}/jchuff-neon.c
-    arm/jdcolor-neon.c arm/jfdctint-neon.c)
-endif()
-if(BITS EQUAL 32)
-  set_source_files_properties(${SIMD_SOURCES} COMPILE_FLAGS -mfpu=neon)
-endif()
-if(NOT NEON_INTRINSICS)
-  enable_language(ASM)
-
-  set(CMAKE_ASM_FLAGS "${CMAKE_C_FLAGS} ${CMAKE_ASM_FLAGS}")
-
-  string(TOUPPER ${CMAKE_BUILD_TYPE} CMAKE_BUILD_TYPE_UC)
-  set(EFFECTIVE_ASM_FLAGS "${CMAKE_ASM_FLAGS} ${CMAKE_ASM_FLAGS_${CMAKE_BUILD_TYPE_UC}}")
-  message(STATUS "CMAKE_ASM_FLAGS = ${EFFECTIVE_ASM_FLAGS}")
-
-  set(SIMD_SOURCES ${SIMD_SOURCES} arm/aarch${BITS}/jsimd_neon.S)
-endif()
-
-add_library(simd OBJECT ${SIMD_SOURCES} arm/aarch${BITS}/jsimd.c)
-
-if(CMAKE_POSITION_INDEPENDENT_CODE OR ENABLE_SHARED)
-  set_target_properties(simd PROPERTIES POSITION_INDEPENDENT_CODE 1)
-endif()
-
-
-###############################################################################
-# MIPS (GAS)
-###############################################################################
-
-elseif(CPU_TYPE STREQUAL "mips" OR CPU_TYPE STREQUAL "mipsel")
-
-enable_language(ASM)
-
-string(TOUPPER ${CMAKE_BUILD_TYPE} CMAKE_BUILD_TYPE_UC)
-set(EFFECTIVE_ASM_FLAGS "${CMAKE_ASM_FLAGS} ${CMAKE_ASM_FLAGS_${CMAKE_BUILD_TYPE_UC}}")
-message(STATUS "CMAKE_ASM_FLAGS = ${EFFECTIVE_ASM_FLAGS}")
-
-set(CMAKE_REQUIRED_FLAGS -mdspr2)
-
-check_c_source_compiles("
-  #if !(defined(__mips__) && __mips_isa_rev >= 2)
-  #error MIPS DSPr2 is currently only available on MIPS32r2 platforms.
-  #endif
-  int main(void) {
-    int c = 0, a = 0, b = 0;
-    __asm__ __volatile__ (
-      \"precr.qb.ph %[c], %[a], %[b]\"
-      : [c] \"=r\" (c)
-      : [a] \"r\" (a), [b] \"r\" (b)
-    );
-    return c;
-  }" HAVE_DSPR2)
-
-unset(CMAKE_REQUIRED_FLAGS)
-
-if(NOT HAVE_DSPR2)
-  simd_fail("SIMD extensions not available for this CPU")
-  return()
-endif()
-
-add_library(simd OBJECT mips/jsimd_dspr2.S mips/jsimd.c)
-
-if(CMAKE_POSITION_INDEPENDENT_CODE OR ENABLE_SHARED)
-  set_target_properties(simd PROPERTIES POSITION_INDEPENDENT_CODE 1)
-endif()
-
-###############################################################################
-# MIPS64 (Intrinsics)
-###############################################################################
-
-elseif(CPU_TYPE STREQUAL "loongson" OR CPU_TYPE MATCHES "^mips64")
-
-set(CMAKE_REQUIRED_FLAGS -Wa,-mloongson-mmi,-mloongson-ext)
-
-check_c_source_compiles("
-  int main(void) {
-    int c = 0, a = 0, b = 0;
-    asm (
-      \"paddb %0, %1, %2\"
-      : \"=f\" (c)
-      : \"f\" (a), \"f\" (b)
-    );
-    return c;
-  }" HAVE_MMI)
-
-unset(CMAKE_REQUIRED_FLAGS)
-
-if(NOT HAVE_MMI)
-  simd_fail("SIMD extensions not available for this CPU")
-  return()
-endif()
-
-set(SIMD_SOURCES mips64/jccolor-mmi.c mips64/jcgray-mmi.c mips64/jcsample-mmi.c
-  mips64/jdcolor-mmi.c mips64/jdmerge-mmi.c mips64/jdsample-mmi.c
-  mips64/jfdctfst-mmi.c mips64/jfdctint-mmi.c mips64/jidctfst-mmi.c
-  mips64/jidctint-mmi.c mips64/jquanti-mmi.c)
-
-if(CMAKE_COMPILER_IS_GNUCC)
-  foreach(file ${SIMD_SOURCES})
-    set_property(SOURCE ${file} APPEND_STRING PROPERTY COMPILE_FLAGS
-      " -fno-strict-aliasing")
-  endforeach()
-endif()
-foreach(file ${SIMD_SOURCES})
-  set_property(SOURCE ${file} APPEND_STRING PROPERTY COMPILE_FLAGS
-    " -Wa,-mloongson-mmi,-mloongson-ext")
-endforeach()
-
-add_library(simd OBJECT ${SIMD_SOURCES} mips64/jsimd.c)
-
-if(CMAKE_POSITION_INDEPENDENT_CODE OR ENABLE_SHARED)
-  set_target_properties(simd PROPERTIES POSITION_INDEPENDENT_CODE 1)
-endif()
-
-###############################################################################
-# PowerPC (Intrinsics)
-###############################################################################
-
-elseif(CPU_TYPE STREQUAL "powerpc")
-
-set(CMAKE_REQUIRED_FLAGS -maltivec)
-
-check_c_source_compiles("
-  #include <altivec.h>
-  int main(void) {
-    __vector int vi = { 0, 0, 0, 0 };
-    int i[4];
-    vec_st(vi, 0, i);
-    return i[0];
-  }" HAVE_ALTIVEC)
-
-unset(CMAKE_REQUIRED_FLAGS)
-
-if(NOT HAVE_ALTIVEC)
-  simd_fail("SIMD extensions not available for this CPU (PowerPC SPE)")
-  return()
-endif()
-
-set(SIMD_SOURCES powerpc/jccolor-altivec.c powerpc/jcgray-altivec.c
-  powerpc/jcsample-altivec.c powerpc/jdcolor-altivec.c
-  powerpc/jdmerge-altivec.c powerpc/jdsample-altivec.c
-  powerpc/jfdctfst-altivec.c powerpc/jfdctint-altivec.c
-  powerpc/jidctfst-altivec.c powerpc/jidctint-altivec.c
-  powerpc/jquanti-altivec.c)
-
-set_source_files_properties(${SIMD_SOURCES} PROPERTIES
-  COMPILE_FLAGS -maltivec)
-
-add_library(simd OBJECT ${SIMD_SOURCES} powerpc/jsimd.c)
-
-if(CMAKE_POSITION_INDEPENDENT_CODE OR ENABLE_SHARED)
-  set_target_properties(simd PROPERTIES POSITION_INDEPENDENT_CODE 1)
-endif()
-
-
-###############################################################################
-# None
-###############################################################################
-
-else()
-
-simd_fail("SIMD extensions not available for this CPU (${CMAKE_SYSTEM_PROCESSOR})")
-
-endif() # CPU_TYPE
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch32/jccolext-neon.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch32/jccolext-neon.c
deleted file mode 100644
index 362102d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch32/jccolext-neon.c
+++ /dev/null
@@ -1,148 +0,0 @@
-/*
- * jccolext-neon.c - colorspace conversion (32-bit Arm Neon)
- *
- * Copyright (C) 2020, Arm Limited.  All Rights Reserved.
- * Copyright (C) 2020, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* This file is included by jccolor-neon.c */
-
-
-/* RGB -> YCbCr conversion is defined by the following equations:
- *    Y  =  0.29900 * R + 0.58700 * G + 0.11400 * B
- *    Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B  + 128
- *    Cr =  0.50000 * R - 0.41869 * G - 0.08131 * B  + 128
- *
- * Avoid floating point arithmetic by using shifted integer constants:
- *    0.29899597 = 19595 * 2^-16
- *    0.58700561 = 38470 * 2^-16
- *    0.11399841 =  7471 * 2^-16
- *    0.16874695 = 11059 * 2^-16
- *    0.33125305 = 21709 * 2^-16
- *    0.50000000 = 32768 * 2^-16
- *    0.41868592 = 27439 * 2^-16
- *    0.08131409 =  5329 * 2^-16
- * These constants are defined in jccolor-neon.c
- *
- * We add the fixed-point equivalent of 0.5 to Cb and Cr, which effectively
- * rounds up or down the result via integer truncation.
- */
-
-void jsimd_rgb_ycc_convert_neon(JDIMENSION image_width, JSAMPARRAY input_buf,
-                                JSAMPIMAGE output_buf, JDIMENSION output_row,
-                                int num_rows)
-{
-  /* Pointer to RGB(X/A) input data */
-  JSAMPROW inptr;
-  /* Pointers to Y, Cb, and Cr output data */
-  JSAMPROW outptr0, outptr1, outptr2;
-  /* Allocate temporary buffer for final (image_width % 8) pixels in row. */
-  ALIGN(16) uint8_t tmp_buf[8 * RGB_PIXELSIZE];
-
-  /* Set up conversion constants. */
-#ifdef HAVE_VLD1_U16_X2
-  const uint16x4x2_t consts = vld1_u16_x2(jsimd_rgb_ycc_neon_consts);
-#else
-  /* GCC does not currently support the intrinsic vld1_<type>_x2(). */
-  const uint16x4_t consts1 = vld1_u16(jsimd_rgb_ycc_neon_consts);
-  const uint16x4_t consts2 = vld1_u16(jsimd_rgb_ycc_neon_consts + 4);
-  const uint16x4x2_t consts = { { consts1, consts2 } };
-#endif
-  const uint32x4_t scaled_128_5 = vdupq_n_u32((128 << 16) + 32767);
-
-  while (--num_rows >= 0) {
-    inptr = *input_buf++;
-    outptr0 = output_buf[0][output_row];
-    outptr1 = output_buf[1][output_row];
-    outptr2 = output_buf[2][output_row];
-    output_row++;
-
-    int cols_remaining = image_width;
-    for (; cols_remaining > 0; cols_remaining -= 8) {
-
-      /* To prevent buffer overread by the vector load instructions, the last
-       * (image_width % 8) columns of data are first memcopied to a temporary
-       * buffer large enough to accommodate the vector load.
-       */
-      if (cols_remaining < 8) {
-        memcpy(tmp_buf, inptr, cols_remaining * RGB_PIXELSIZE);
-        inptr = tmp_buf;
-      }
-
-#if RGB_PIXELSIZE == 4
-      uint8x8x4_t input_pixels = vld4_u8(inptr);
-#else
-      uint8x8x3_t input_pixels = vld3_u8(inptr);
-#endif
-      uint16x8_t r = vmovl_u8(input_pixels.val[RGB_RED]);
-      uint16x8_t g = vmovl_u8(input_pixels.val[RGB_GREEN]);
-      uint16x8_t b = vmovl_u8(input_pixels.val[RGB_BLUE]);
-
-      /* Compute Y = 0.29900 * R + 0.58700 * G + 0.11400 * B */
-      uint32x4_t y_low = vmull_lane_u16(vget_low_u16(r), consts.val[0], 0);
-      y_low = vmlal_lane_u16(y_low, vget_low_u16(g), consts.val[0], 1);
-      y_low = vmlal_lane_u16(y_low, vget_low_u16(b), consts.val[0], 2);
-      uint32x4_t y_high = vmull_lane_u16(vget_high_u16(r), consts.val[0], 0);
-      y_high = vmlal_lane_u16(y_high, vget_high_u16(g), consts.val[0], 1);
-      y_high = vmlal_lane_u16(y_high, vget_high_u16(b), consts.val[0], 2);
-
-      /* Compute Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B  + 128 */
-      uint32x4_t cb_low = scaled_128_5;
-      cb_low = vmlsl_lane_u16(cb_low, vget_low_u16(r), consts.val[0], 3);
-      cb_low = vmlsl_lane_u16(cb_low, vget_low_u16(g), consts.val[1], 0);
-      cb_low = vmlal_lane_u16(cb_low, vget_low_u16(b), consts.val[1], 1);
-      uint32x4_t cb_high = scaled_128_5;
-      cb_high = vmlsl_lane_u16(cb_high, vget_high_u16(r), consts.val[0], 3);
-      cb_high = vmlsl_lane_u16(cb_high, vget_high_u16(g), consts.val[1], 0);
-      cb_high = vmlal_lane_u16(cb_high, vget_high_u16(b), consts.val[1], 1);
-
-      /* Compute Cr = 0.50000 * R - 0.41869 * G - 0.08131 * B  + 128 */
-      uint32x4_t cr_low = scaled_128_5;
-      cr_low = vmlal_lane_u16(cr_low, vget_low_u16(r), consts.val[1], 1);
-      cr_low = vmlsl_lane_u16(cr_low, vget_low_u16(g), consts.val[1], 2);
-      cr_low = vmlsl_lane_u16(cr_low, vget_low_u16(b), consts.val[1], 3);
-      uint32x4_t cr_high = scaled_128_5;
-      cr_high = vmlal_lane_u16(cr_high, vget_high_u16(r), consts.val[1], 1);
-      cr_high = vmlsl_lane_u16(cr_high, vget_high_u16(g), consts.val[1], 2);
-      cr_high = vmlsl_lane_u16(cr_high, vget_high_u16(b), consts.val[1], 3);
-
-      /* Descale Y values (rounding right shift) and narrow to 16-bit. */
-      uint16x8_t y_u16 = vcombine_u16(vrshrn_n_u32(y_low, 16),
-                                      vrshrn_n_u32(y_high, 16));
-      /* Descale Cb values (right shift) and narrow to 16-bit. */
-      uint16x8_t cb_u16 = vcombine_u16(vshrn_n_u32(cb_low, 16),
-                                       vshrn_n_u32(cb_high, 16));
-      /* Descale Cr values (right shift) and narrow to 16-bit. */
-      uint16x8_t cr_u16 = vcombine_u16(vshrn_n_u32(cr_low, 16),
-                                       vshrn_n_u32(cr_high, 16));
-      /* Narrow Y, Cb, and Cr values to 8-bit and store to memory.  Buffer
-       * overwrite is permitted up to the next multiple of ALIGN_SIZE bytes.
-       */
-      vst1_u8(outptr0, vmovn_u16(y_u16));
-      vst1_u8(outptr1, vmovn_u16(cb_u16));
-      vst1_u8(outptr2, vmovn_u16(cr_u16));
-
-      /* Increment pointers. */
-      inptr += (8 * RGB_PIXELSIZE);
-      outptr0 += 8;
-      outptr1 += 8;
-      outptr2 += 8;
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch32/jchuff-neon.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch32/jchuff-neon.c
deleted file mode 100644
index 19d94f7..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch32/jchuff-neon.c
+++ /dev/null
@@ -1,334 +0,0 @@
-/*
- * jchuff-neon.c - Huffman entropy encoding (32-bit Arm Neon)
- *
- * Copyright (C) 2020, Arm Limited.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- *
- * NOTE: All referenced figures are from
- * Recommendation ITU-T T.81 (1992) | ISO/IEC 10918-1:1994.
- */
-
-#define JPEG_INTERNALS
-#include "../../../jinclude.h"
-#include "../../../jpeglib.h"
-#include "../../../jsimd.h"
-#include "../../../jdct.h"
-#include "../../../jsimddct.h"
-#include "../../jsimd.h"
-#include "../jchuff.h"
-#include "neon-compat.h"
-
-#include <limits.h>
-
-#include <arm_neon.h>
-
-
-JOCTET *jsimd_huff_encode_one_block_neon(void *state, JOCTET *buffer,
-                                         JCOEFPTR block, int last_dc_val,
-                                         c_derived_tbl *dctbl,
-                                         c_derived_tbl *actbl)
-{
-  uint8_t block_nbits[DCTSIZE2];
-  uint16_t block_diff[DCTSIZE2];
-
-  /* Load rows of coefficients from DCT block in zig-zag order. */
-
-  /* Compute DC coefficient difference value. (F.1.1.5.1) */
-  int16x8_t row0 = vdupq_n_s16(block[0] - last_dc_val);
-  row0 = vld1q_lane_s16(block +  1, row0, 1);
-  row0 = vld1q_lane_s16(block +  8, row0, 2);
-  row0 = vld1q_lane_s16(block + 16, row0, 3);
-  row0 = vld1q_lane_s16(block +  9, row0, 4);
-  row0 = vld1q_lane_s16(block +  2, row0, 5);
-  row0 = vld1q_lane_s16(block +  3, row0, 6);
-  row0 = vld1q_lane_s16(block + 10, row0, 7);
-
-  int16x8_t row1 = vld1q_dup_s16(block + 17);
-  row1 = vld1q_lane_s16(block + 24, row1, 1);
-  row1 = vld1q_lane_s16(block + 32, row1, 2);
-  row1 = vld1q_lane_s16(block + 25, row1, 3);
-  row1 = vld1q_lane_s16(block + 18, row1, 4);
-  row1 = vld1q_lane_s16(block + 11, row1, 5);
-  row1 = vld1q_lane_s16(block +  4, row1, 6);
-  row1 = vld1q_lane_s16(block +  5, row1, 7);
-
-  int16x8_t row2 = vld1q_dup_s16(block + 12);
-  row2 = vld1q_lane_s16(block + 19, row2, 1);
-  row2 = vld1q_lane_s16(block + 26, row2, 2);
-  row2 = vld1q_lane_s16(block + 33, row2, 3);
-  row2 = vld1q_lane_s16(block + 40, row2, 4);
-  row2 = vld1q_lane_s16(block + 48, row2, 5);
-  row2 = vld1q_lane_s16(block + 41, row2, 6);
-  row2 = vld1q_lane_s16(block + 34, row2, 7);
-
-  int16x8_t row3 = vld1q_dup_s16(block + 27);
-  row3 = vld1q_lane_s16(block + 20, row3, 1);
-  row3 = vld1q_lane_s16(block + 13, row3, 2);
-  row3 = vld1q_lane_s16(block +  6, row3, 3);
-  row3 = vld1q_lane_s16(block +  7, row3, 4);
-  row3 = vld1q_lane_s16(block + 14, row3, 5);
-  row3 = vld1q_lane_s16(block + 21, row3, 6);
-  row3 = vld1q_lane_s16(block + 28, row3, 7);
-
-  int16x8_t abs_row0 = vabsq_s16(row0);
-  int16x8_t abs_row1 = vabsq_s16(row1);
-  int16x8_t abs_row2 = vabsq_s16(row2);
-  int16x8_t abs_row3 = vabsq_s16(row3);
-
-  int16x8_t row0_lz = vclzq_s16(abs_row0);
-  int16x8_t row1_lz = vclzq_s16(abs_row1);
-  int16x8_t row2_lz = vclzq_s16(abs_row2);
-  int16x8_t row3_lz = vclzq_s16(abs_row3);
-
-  /* Compute number of bits required to represent each coefficient. */
-  uint8x8_t row0_nbits = vsub_u8(vdup_n_u8(16),
-                                 vmovn_u16(vreinterpretq_u16_s16(row0_lz)));
-  uint8x8_t row1_nbits = vsub_u8(vdup_n_u8(16),
-                                 vmovn_u16(vreinterpretq_u16_s16(row1_lz)));
-  uint8x8_t row2_nbits = vsub_u8(vdup_n_u8(16),
-                                 vmovn_u16(vreinterpretq_u16_s16(row2_lz)));
-  uint8x8_t row3_nbits = vsub_u8(vdup_n_u8(16),
-                                 vmovn_u16(vreinterpretq_u16_s16(row3_lz)));
-
-  vst1_u8(block_nbits + 0 * DCTSIZE, row0_nbits);
-  vst1_u8(block_nbits + 1 * DCTSIZE, row1_nbits);
-  vst1_u8(block_nbits + 2 * DCTSIZE, row2_nbits);
-  vst1_u8(block_nbits + 3 * DCTSIZE, row3_nbits);
-
-  uint16x8_t row0_mask =
-    vshlq_u16(vreinterpretq_u16_s16(vshrq_n_s16(row0, 15)),
-              vnegq_s16(row0_lz));
-  uint16x8_t row1_mask =
-    vshlq_u16(vreinterpretq_u16_s16(vshrq_n_s16(row1, 15)),
-              vnegq_s16(row1_lz));
-  uint16x8_t row2_mask =
-    vshlq_u16(vreinterpretq_u16_s16(vshrq_n_s16(row2, 15)),
-              vnegq_s16(row2_lz));
-  uint16x8_t row3_mask =
-    vshlq_u16(vreinterpretq_u16_s16(vshrq_n_s16(row3, 15)),
-              vnegq_s16(row3_lz));
-
-  uint16x8_t row0_diff = veorq_u16(vreinterpretq_u16_s16(abs_row0), row0_mask);
-  uint16x8_t row1_diff = veorq_u16(vreinterpretq_u16_s16(abs_row1), row1_mask);
-  uint16x8_t row2_diff = veorq_u16(vreinterpretq_u16_s16(abs_row2), row2_mask);
-  uint16x8_t row3_diff = veorq_u16(vreinterpretq_u16_s16(abs_row3), row3_mask);
-
-  /* Store diff values for rows 0, 1, 2, and 3. */
-  vst1q_u16(block_diff + 0 * DCTSIZE, row0_diff);
-  vst1q_u16(block_diff + 1 * DCTSIZE, row1_diff);
-  vst1q_u16(block_diff + 2 * DCTSIZE, row2_diff);
-  vst1q_u16(block_diff + 3 * DCTSIZE, row3_diff);
-
-  /* Load last four rows of coefficients from DCT block in zig-zag order. */
-  int16x8_t row4 = vld1q_dup_s16(block + 35);
-  row4 = vld1q_lane_s16(block + 42, row4, 1);
-  row4 = vld1q_lane_s16(block + 49, row4, 2);
-  row4 = vld1q_lane_s16(block + 56, row4, 3);
-  row4 = vld1q_lane_s16(block + 57, row4, 4);
-  row4 = vld1q_lane_s16(block + 50, row4, 5);
-  row4 = vld1q_lane_s16(block + 43, row4, 6);
-  row4 = vld1q_lane_s16(block + 36, row4, 7);
-
-  int16x8_t row5 = vld1q_dup_s16(block + 29);
-  row5 = vld1q_lane_s16(block + 22, row5, 1);
-  row5 = vld1q_lane_s16(block + 15, row5, 2);
-  row5 = vld1q_lane_s16(block + 23, row5, 3);
-  row5 = vld1q_lane_s16(block + 30, row5, 4);
-  row5 = vld1q_lane_s16(block + 37, row5, 5);
-  row5 = vld1q_lane_s16(block + 44, row5, 6);
-  row5 = vld1q_lane_s16(block + 51, row5, 7);
-
-  int16x8_t row6 = vld1q_dup_s16(block + 58);
-  row6 = vld1q_lane_s16(block + 59, row6, 1);
-  row6 = vld1q_lane_s16(block + 52, row6, 2);
-  row6 = vld1q_lane_s16(block + 45, row6, 3);
-  row6 = vld1q_lane_s16(block + 38, row6, 4);
-  row6 = vld1q_lane_s16(block + 31, row6, 5);
-  row6 = vld1q_lane_s16(block + 39, row6, 6);
-  row6 = vld1q_lane_s16(block + 46, row6, 7);
-
-  int16x8_t row7 = vld1q_dup_s16(block + 53);
-  row7 = vld1q_lane_s16(block + 60, row7, 1);
-  row7 = vld1q_lane_s16(block + 61, row7, 2);
-  row7 = vld1q_lane_s16(block + 54, row7, 3);
-  row7 = vld1q_lane_s16(block + 47, row7, 4);
-  row7 = vld1q_lane_s16(block + 55, row7, 5);
-  row7 = vld1q_lane_s16(block + 62, row7, 6);
-  row7 = vld1q_lane_s16(block + 63, row7, 7);
-
-  int16x8_t abs_row4 = vabsq_s16(row4);
-  int16x8_t abs_row5 = vabsq_s16(row5);
-  int16x8_t abs_row6 = vabsq_s16(row6);
-  int16x8_t abs_row7 = vabsq_s16(row7);
-
-  int16x8_t row4_lz = vclzq_s16(abs_row4);
-  int16x8_t row5_lz = vclzq_s16(abs_row5);
-  int16x8_t row6_lz = vclzq_s16(abs_row6);
-  int16x8_t row7_lz = vclzq_s16(abs_row7);
-
-  /* Compute number of bits required to represent each coefficient. */
-  uint8x8_t row4_nbits = vsub_u8(vdup_n_u8(16),
-                                 vmovn_u16(vreinterpretq_u16_s16(row4_lz)));
-  uint8x8_t row5_nbits = vsub_u8(vdup_n_u8(16),
-                                 vmovn_u16(vreinterpretq_u16_s16(row5_lz)));
-  uint8x8_t row6_nbits = vsub_u8(vdup_n_u8(16),
-                                 vmovn_u16(vreinterpretq_u16_s16(row6_lz)));
-  uint8x8_t row7_nbits = vsub_u8(vdup_n_u8(16),
-                                 vmovn_u16(vreinterpretq_u16_s16(row7_lz)));
-
-  vst1_u8(block_nbits + 4 * DCTSIZE, row4_nbits);
-  vst1_u8(block_nbits + 5 * DCTSIZE, row5_nbits);
-  vst1_u8(block_nbits + 6 * DCTSIZE, row6_nbits);
-  vst1_u8(block_nbits + 7 * DCTSIZE, row7_nbits);
-
-  uint16x8_t row4_mask =
-    vshlq_u16(vreinterpretq_u16_s16(vshrq_n_s16(row4, 15)),
-              vnegq_s16(row4_lz));
-  uint16x8_t row5_mask =
-    vshlq_u16(vreinterpretq_u16_s16(vshrq_n_s16(row5, 15)),
-              vnegq_s16(row5_lz));
-  uint16x8_t row6_mask =
-    vshlq_u16(vreinterpretq_u16_s16(vshrq_n_s16(row6, 15)),
-              vnegq_s16(row6_lz));
-  uint16x8_t row7_mask =
-    vshlq_u16(vreinterpretq_u16_s16(vshrq_n_s16(row7, 15)),
-              vnegq_s16(row7_lz));
-
-  uint16x8_t row4_diff = veorq_u16(vreinterpretq_u16_s16(abs_row4), row4_mask);
-  uint16x8_t row5_diff = veorq_u16(vreinterpretq_u16_s16(abs_row5), row5_mask);
-  uint16x8_t row6_diff = veorq_u16(vreinterpretq_u16_s16(abs_row6), row6_mask);
-  uint16x8_t row7_diff = veorq_u16(vreinterpretq_u16_s16(abs_row7), row7_mask);
-
-  /* Store diff values for rows 4, 5, 6, and 7. */
-  vst1q_u16(block_diff + 4 * DCTSIZE, row4_diff);
-  vst1q_u16(block_diff + 5 * DCTSIZE, row5_diff);
-  vst1q_u16(block_diff + 6 * DCTSIZE, row6_diff);
-  vst1q_u16(block_diff + 7 * DCTSIZE, row7_diff);
-
-  /* Construct bitmap to accelerate encoding of AC coefficients.  A set bit
-   * means that the corresponding coefficient != 0.
-   */
-  uint8x8_t row0_nbits_gt0 = vcgt_u8(row0_nbits, vdup_n_u8(0));
-  uint8x8_t row1_nbits_gt0 = vcgt_u8(row1_nbits, vdup_n_u8(0));
-  uint8x8_t row2_nbits_gt0 = vcgt_u8(row2_nbits, vdup_n_u8(0));
-  uint8x8_t row3_nbits_gt0 = vcgt_u8(row3_nbits, vdup_n_u8(0));
-  uint8x8_t row4_nbits_gt0 = vcgt_u8(row4_nbits, vdup_n_u8(0));
-  uint8x8_t row5_nbits_gt0 = vcgt_u8(row5_nbits, vdup_n_u8(0));
-  uint8x8_t row6_nbits_gt0 = vcgt_u8(row6_nbits, vdup_n_u8(0));
-  uint8x8_t row7_nbits_gt0 = vcgt_u8(row7_nbits, vdup_n_u8(0));
-
-  /* { 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01 } */
-  const uint8x8_t bitmap_mask =
-    vreinterpret_u8_u64(vmov_n_u64(0x0102040810204080));
-
-  row0_nbits_gt0 = vand_u8(row0_nbits_gt0, bitmap_mask);
-  row1_nbits_gt0 = vand_u8(row1_nbits_gt0, bitmap_mask);
-  row2_nbits_gt0 = vand_u8(row2_nbits_gt0, bitmap_mask);
-  row3_nbits_gt0 = vand_u8(row3_nbits_gt0, bitmap_mask);
-  row4_nbits_gt0 = vand_u8(row4_nbits_gt0, bitmap_mask);
-  row5_nbits_gt0 = vand_u8(row5_nbits_gt0, bitmap_mask);
-  row6_nbits_gt0 = vand_u8(row6_nbits_gt0, bitmap_mask);
-  row7_nbits_gt0 = vand_u8(row7_nbits_gt0, bitmap_mask);
-
-  uint8x8_t bitmap_rows_10 = vpadd_u8(row1_nbits_gt0, row0_nbits_gt0);
-  uint8x8_t bitmap_rows_32 = vpadd_u8(row3_nbits_gt0, row2_nbits_gt0);
-  uint8x8_t bitmap_rows_54 = vpadd_u8(row5_nbits_gt0, row4_nbits_gt0);
-  uint8x8_t bitmap_rows_76 = vpadd_u8(row7_nbits_gt0, row6_nbits_gt0);
-  uint8x8_t bitmap_rows_3210 = vpadd_u8(bitmap_rows_32, bitmap_rows_10);
-  uint8x8_t bitmap_rows_7654 = vpadd_u8(bitmap_rows_76, bitmap_rows_54);
-  uint8x8_t bitmap = vpadd_u8(bitmap_rows_7654, bitmap_rows_3210);
-
-  /* Shift left to remove DC bit. */
-  bitmap = vreinterpret_u8_u64(vshl_n_u64(vreinterpret_u64_u8(bitmap), 1));
-  /* Move bitmap to 32-bit scalar registers. */
-  uint32_t bitmap_1_32 = vget_lane_u32(vreinterpret_u32_u8(bitmap), 1);
-  uint32_t bitmap_33_63 = vget_lane_u32(vreinterpret_u32_u8(bitmap), 0);
-
-  /* Set up state and bit buffer for output bitstream. */
-  working_state *state_ptr = (working_state *)state;
-  int free_bits = state_ptr->cur.free_bits;
-  size_t put_buffer = state_ptr->cur.put_buffer;
-
-  /* Encode DC coefficient. */
-
-  unsigned int nbits = block_nbits[0];
-  /* Emit Huffman-coded symbol and additional diff bits. */
-  unsigned int diff = block_diff[0];
-  PUT_CODE(dctbl->ehufco[nbits], dctbl->ehufsi[nbits], diff)
-
-  /* Encode AC coefficients. */
-
-  unsigned int r = 0;  /* r = run length of zeros */
-  unsigned int i = 1;  /* i = number of coefficients encoded */
-  /* Code and size information for a run length of 16 zero coefficients */
-  const unsigned int code_0xf0 = actbl->ehufco[0xf0];
-  const unsigned int size_0xf0 = actbl->ehufsi[0xf0];
-
-  while (bitmap_1_32 != 0) {
-    r = BUILTIN_CLZ(bitmap_1_32);
-    i += r;
-    bitmap_1_32 <<= r;
-    nbits = block_nbits[i];
-    diff = block_diff[i];
-    while (r > 15) {
-      /* If run length > 15, emit special run-length-16 codes. */
-      PUT_BITS(code_0xf0, size_0xf0)
-      r -= 16;
-    }
-    /* Emit Huffman symbol for run length / number of bits. (F.1.2.2.1) */
-    unsigned int rs = (r << 4) + nbits;
-    PUT_CODE(actbl->ehufco[rs], actbl->ehufsi[rs], diff)
-    i++;
-    bitmap_1_32 <<= 1;
-  }
-
-  r = 33 - i;
-  i = 33;
-
-  while (bitmap_33_63 != 0) {
-    unsigned int leading_zeros = BUILTIN_CLZ(bitmap_33_63);
-    r += leading_zeros;
-    i += leading_zeros;
-    bitmap_33_63 <<= leading_zeros;
-    nbits = block_nbits[i];
-    diff = block_diff[i];
-    while (r > 15) {
-      /* If run length > 15, emit special run-length-16 codes. */
-      PUT_BITS(code_0xf0, size_0xf0)
-      r -= 16;
-    }
-    /* Emit Huffman symbol for run length / number of bits. (F.1.2.2.1) */
-    unsigned int rs = (r << 4) + nbits;
-    PUT_CODE(actbl->ehufco[rs], actbl->ehufsi[rs], diff)
-    r = 0;
-    i++;
-    bitmap_33_63 <<= 1;
-  }
-
-  /* If the last coefficient(s) were zero, emit an end-of-block (EOB) code.
-   * The value of RS for the EOB code is 0.
-   */
-  if (i != 64) {
-    PUT_BITS(actbl->ehufco[0], actbl->ehufsi[0])
-  }
-
-  state_ptr->cur.put_buffer = put_buffer;
-  state_ptr->cur.free_bits = free_bits;
-
-  return buffer;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch32/jsimd.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch32/jsimd.c
deleted file mode 100644
index fac55df..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch32/jsimd.c
+++ /dev/null
@@ -1,983 +0,0 @@
-/*
- * jsimd_arm.c
- *
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2011, Nokia Corporation and/or its subsidiary(-ies).
- * Copyright (C) 2009-2011, 2013-2014, 2016, 2018, D. R. Commander.
- * Copyright (C) 2015-2016, 2018, Matthieu Darbois.
- * Copyright (C) 2019, Google LLC.
- * Copyright (C) 2020, Arm Limited.
- *
- * Based on the x86 SIMD extension for IJG JPEG library,
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- * For conditions of distribution and use, see copyright notice in jsimdext.inc
- *
- * This file contains the interface between the "normal" portions
- * of the library and the SIMD implementations when running on a
- * 32-bit Arm architecture.
- */
-
-#define JPEG_INTERNALS
-#include "../../../jinclude.h"
-#include "../../../jpeglib.h"
-#include "../../../jsimd.h"
-#include "../../../jdct.h"
-#include "../../../jsimddct.h"
-#include "../../jsimd.h"
-
-#include <stdio.h>
-#include <string.h>
-#include <ctype.h>
-
-static unsigned int simd_support = ~0;
-static unsigned int simd_huffman = 1;
-
-#if !defined(__ARM_NEON__) && (defined(__linux__) || defined(ANDROID) || defined(__ANDROID__))
-
-#define SOMEWHAT_SANE_PROC_CPUINFO_SIZE_LIMIT  (1024 * 1024)
-
-LOCAL(int)
-check_feature(char *buffer, char *feature)
-{
-  char *p;
-
-  if (*feature == 0)
-    return 0;
-  if (strncmp(buffer, "Features", 8) != 0)
-    return 0;
-  buffer += 8;
-  while (isspace(*buffer))
-    buffer++;
-
-  /* Check if 'feature' is present in the buffer as a separate word */
-  while ((p = strstr(buffer, feature))) {
-    if (p > buffer && !isspace(*(p - 1))) {
-      buffer++;
-      continue;
-    }
-    p += strlen(feature);
-    if (*p != 0 && !isspace(*p)) {
-      buffer++;
-      continue;
-    }
-    return 1;
-  }
-  return 0;
-}
-
-LOCAL(int)
-parse_proc_cpuinfo(int bufsize)
-{
-  char *buffer = (char *)malloc(bufsize);
-  FILE *fd;
-
-  simd_support = 0;
-
-  if (!buffer)
-    return 0;
-
-  fd = fopen("/proc/cpuinfo", "r");
-  if (fd) {
-    while (fgets(buffer, bufsize, fd)) {
-      if (!strchr(buffer, '\n') && !feof(fd)) {
-        /* "impossible" happened - insufficient size of the buffer! */
-        fclose(fd);
-        free(buffer);
-        return 0;
-      }
-      if (check_feature(buffer, "neon"))
-        simd_support |= JSIMD_NEON;
-    }
-    fclose(fd);
-  }
-  free(buffer);
-  return 1;
-}
-
-#endif
-
-/*
- * Check what SIMD accelerations are supported.
- *
- * FIXME: This code is racy under a multi-threaded environment.
- */
-LOCAL(void)
-init_simd(void)
-{
-#ifndef NO_GETENV
-  char *env = NULL;
-#endif
-#if !defined(__ARM_NEON__) && (defined(__linux__) || defined(ANDROID) || defined(__ANDROID__))
-  int bufsize = 1024; /* an initial guess for the line buffer size limit */
-#endif
-
-  if (simd_support != ~0U)
-    return;
-
-  simd_support = 0;
-
-#if defined(__ARM_NEON__)
-  simd_support |= JSIMD_NEON;
-#elif defined(__linux__) || defined(ANDROID) || defined(__ANDROID__)
-  /* We still have a chance to use Neon regardless of globally used
-   * -mcpu/-mfpu options passed to gcc by performing runtime detection via
-   * /proc/cpuinfo parsing on linux/android */
-  while (!parse_proc_cpuinfo(bufsize)) {
-    bufsize *= 2;
-    if (bufsize > SOMEWHAT_SANE_PROC_CPUINFO_SIZE_LIMIT)
-      break;
-  }
-#endif
-
-#ifndef NO_GETENV
-  /* Force different settings through environment variables */
-  env = getenv("JSIMD_FORCENEON");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_support = JSIMD_NEON;
-  env = getenv("JSIMD_FORCENONE");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_support = 0;
-  env = getenv("JSIMD_NOHUFFENC");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_huffman = 0;
-#endif
-}
-
-GLOBAL(int)
-jsimd_can_rgb_ycc(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_rgb_gray(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_ycc_rgb(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_ycc_rgb565(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_rgb_ycc_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                      JSAMPIMAGE output_buf, JDIMENSION output_row,
-                      int num_rows)
-{
-  void (*neonfct) (JDIMENSION, JSAMPARRAY, JSAMPIMAGE, JDIMENSION, int);
-
-  switch (cinfo->in_color_space) {
-  case JCS_EXT_RGB:
-    neonfct = jsimd_extrgb_ycc_convert_neon;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    neonfct = jsimd_extrgbx_ycc_convert_neon;
-    break;
-  case JCS_EXT_BGR:
-    neonfct = jsimd_extbgr_ycc_convert_neon;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    neonfct = jsimd_extbgrx_ycc_convert_neon;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    neonfct = jsimd_extxbgr_ycc_convert_neon;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    neonfct = jsimd_extxrgb_ycc_convert_neon;
-    break;
-  default:
-    neonfct = jsimd_extrgb_ycc_convert_neon;
-    break;
-  }
-
-  neonfct(cinfo->image_width, input_buf, output_buf, output_row, num_rows);
-}
-
-GLOBAL(void)
-jsimd_rgb_gray_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                       JSAMPIMAGE output_buf, JDIMENSION output_row,
-                       int num_rows)
-{
-  void (*neonfct) (JDIMENSION, JSAMPARRAY, JSAMPIMAGE, JDIMENSION, int);
-
-  switch (cinfo->in_color_space) {
-  case JCS_EXT_RGB:
-    neonfct = jsimd_extrgb_gray_convert_neon;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    neonfct = jsimd_extrgbx_gray_convert_neon;
-    break;
-  case JCS_EXT_BGR:
-    neonfct = jsimd_extbgr_gray_convert_neon;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    neonfct = jsimd_extbgrx_gray_convert_neon;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    neonfct = jsimd_extxbgr_gray_convert_neon;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    neonfct = jsimd_extxrgb_gray_convert_neon;
-    break;
-  default:
-    neonfct = jsimd_extrgb_gray_convert_neon;
-    break;
-  }
-
-  neonfct(cinfo->image_width, input_buf, output_buf, output_row, num_rows);
-}
-
-GLOBAL(void)
-jsimd_ycc_rgb_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                      JDIMENSION input_row, JSAMPARRAY output_buf,
-                      int num_rows)
-{
-  void (*neonfct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY, int);
-
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    neonfct = jsimd_ycc_extrgb_convert_neon;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    neonfct = jsimd_ycc_extrgbx_convert_neon;
-    break;
-  case JCS_EXT_BGR:
-    neonfct = jsimd_ycc_extbgr_convert_neon;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    neonfct = jsimd_ycc_extbgrx_convert_neon;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    neonfct = jsimd_ycc_extxbgr_convert_neon;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    neonfct = jsimd_ycc_extxrgb_convert_neon;
-    break;
-  default:
-    neonfct = jsimd_ycc_extrgb_convert_neon;
-    break;
-  }
-
-  neonfct(cinfo->output_width, input_buf, input_row, output_buf, num_rows);
-}
-
-GLOBAL(void)
-jsimd_ycc_rgb565_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                         JDIMENSION input_row, JSAMPARRAY output_buf,
-                         int num_rows)
-{
-  jsimd_ycc_rgb565_convert_neon(cinfo->output_width, input_buf, input_row,
-                                output_buf, num_rows);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_downsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_downsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                      JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  jsimd_h2v2_downsample_neon(cinfo->image_width, cinfo->max_v_samp_factor,
-                             compptr->v_samp_factor, compptr->width_in_blocks,
-                             input_data, output_data);
-}
-
-GLOBAL(void)
-jsimd_h2v1_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                      JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  jsimd_h2v1_downsample_neon(cinfo->image_width, cinfo->max_v_samp_factor,
-                             compptr->v_samp_factor, compptr->width_in_blocks,
-                             input_data, output_data);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                    JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  jsimd_h2v2_upsample_neon(cinfo->max_v_samp_factor, cinfo->output_width,
-                           input_data, output_data_ptr);
-}
-
-GLOBAL(void)
-jsimd_h2v1_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                    JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  jsimd_h2v1_upsample_neon(cinfo->max_v_samp_factor, cinfo->output_width,
-                           input_data, output_data_ptr);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_fancy_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_fancy_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h1v2_fancy_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  jsimd_h2v2_fancy_upsample_neon(cinfo->max_v_samp_factor,
-                                 compptr->downsampled_width, input_data,
-                                 output_data_ptr);
-}
-
-GLOBAL(void)
-jsimd_h2v1_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  jsimd_h2v1_fancy_upsample_neon(cinfo->max_v_samp_factor,
-                                 compptr->downsampled_width, input_data,
-                                 output_data_ptr);
-}
-
-GLOBAL(void)
-jsimd_h1v2_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  jsimd_h1v2_fancy_upsample_neon(cinfo->max_v_samp_factor,
-                                 compptr->downsampled_width, input_data,
-                                 output_data_ptr);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_merged_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_merged_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_merged_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                           JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-  void (*neonfct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY);
-
-  switch (cinfo->out_color_space) {
-    case JCS_EXT_RGB:
-      neonfct = jsimd_h2v2_extrgb_merged_upsample_neon;
-      break;
-    case JCS_EXT_RGBX:
-    case JCS_EXT_RGBA:
-      neonfct = jsimd_h2v2_extrgbx_merged_upsample_neon;
-      break;
-    case JCS_EXT_BGR:
-      neonfct = jsimd_h2v2_extbgr_merged_upsample_neon;
-      break;
-    case JCS_EXT_BGRX:
-    case JCS_EXT_BGRA:
-      neonfct = jsimd_h2v2_extbgrx_merged_upsample_neon;
-      break;
-    case JCS_EXT_XBGR:
-    case JCS_EXT_ABGR:
-      neonfct = jsimd_h2v2_extxbgr_merged_upsample_neon;
-      break;
-    case JCS_EXT_XRGB:
-    case JCS_EXT_ARGB:
-      neonfct = jsimd_h2v2_extxrgb_merged_upsample_neon;
-      break;
-    default:
-      neonfct = jsimd_h2v2_extrgb_merged_upsample_neon;
-      break;
-  }
-
-  neonfct(cinfo->output_width, input_buf, in_row_group_ctr, output_buf);
-}
-
-GLOBAL(void)
-jsimd_h2v1_merged_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                           JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-  void (*neonfct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY);
-
-  switch (cinfo->out_color_space) {
-    case JCS_EXT_RGB:
-      neonfct = jsimd_h2v1_extrgb_merged_upsample_neon;
-      break;
-    case JCS_EXT_RGBX:
-    case JCS_EXT_RGBA:
-      neonfct = jsimd_h2v1_extrgbx_merged_upsample_neon;
-      break;
-    case JCS_EXT_BGR:
-      neonfct = jsimd_h2v1_extbgr_merged_upsample_neon;
-      break;
-    case JCS_EXT_BGRX:
-    case JCS_EXT_BGRA:
-      neonfct = jsimd_h2v1_extbgrx_merged_upsample_neon;
-      break;
-    case JCS_EXT_XBGR:
-    case JCS_EXT_ABGR:
-      neonfct = jsimd_h2v1_extxbgr_merged_upsample_neon;
-      break;
-    case JCS_EXT_XRGB:
-    case JCS_EXT_ARGB:
-      neonfct = jsimd_h2v1_extxrgb_merged_upsample_neon;
-      break;
-    default:
-      neonfct = jsimd_h2v1_extrgb_merged_upsample_neon;
-      break;
-  }
-
-  neonfct(cinfo->output_width, input_buf, in_row_group_ctr, output_buf);
-}
-
-GLOBAL(int)
-jsimd_can_convsamp(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_convsamp_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_convsamp(JSAMPARRAY sample_data, JDIMENSION start_col,
-               DCTELEM *workspace)
-{
-  jsimd_convsamp_neon(sample_data, start_col, workspace);
-}
-
-GLOBAL(void)
-jsimd_convsamp_float(JSAMPARRAY sample_data, JDIMENSION start_col,
-                     FAST_FLOAT *workspace)
-{
-}
-
-GLOBAL(int)
-jsimd_can_fdct_islow(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_fdct_ifast(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_fdct_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_fdct_islow(DCTELEM *data)
-{
-  jsimd_fdct_islow_neon(data);
-}
-
-GLOBAL(void)
-jsimd_fdct_ifast(DCTELEM *data)
-{
-  jsimd_fdct_ifast_neon(data);
-}
-
-GLOBAL(void)
-jsimd_fdct_float(FAST_FLOAT *data)
-{
-}
-
-GLOBAL(int)
-jsimd_can_quantize(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_quantize_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_quantize(JCOEFPTR coef_block, DCTELEM *divisors, DCTELEM *workspace)
-{
-  jsimd_quantize_neon(coef_block, divisors, workspace);
-}
-
-GLOBAL(void)
-jsimd_quantize_float(JCOEFPTR coef_block, FAST_FLOAT *divisors,
-                     FAST_FLOAT *workspace)
-{
-}
-
-GLOBAL(int)
-jsimd_can_idct_2x2(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(ISLOW_MULT_TYPE) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_4x4(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(ISLOW_MULT_TYPE) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_idct_2x2(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-               JCOEFPTR coef_block, JSAMPARRAY output_buf,
-               JDIMENSION output_col)
-{
-  jsimd_idct_2x2_neon(compptr->dct_table, coef_block, output_buf, output_col);
-}
-
-GLOBAL(void)
-jsimd_idct_4x4(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-               JCOEFPTR coef_block, JSAMPARRAY output_buf,
-               JDIMENSION output_col)
-{
-  jsimd_idct_4x4_neon(compptr->dct_table, coef_block, output_buf, output_col);
-}
-
-GLOBAL(int)
-jsimd_can_idct_islow(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(ISLOW_MULT_TYPE) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_ifast(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(IFAST_MULT_TYPE) != 2)
-    return 0;
-  if (IFAST_SCALE_BITS != 2)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_idct_islow(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-  jsimd_idct_islow_neon(compptr->dct_table, coef_block, output_buf,
-                        output_col);
-}
-
-GLOBAL(void)
-jsimd_idct_ifast(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-  jsimd_idct_ifast_neon(compptr->dct_table, coef_block, output_buf,
-                        output_col);
-}
-
-GLOBAL(void)
-jsimd_idct_float(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-}
-
-GLOBAL(int)
-jsimd_can_huff_encode_one_block(void)
-{
-  init_simd();
-
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_NEON && simd_huffman)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(JOCTET *)
-jsimd_huff_encode_one_block(void *state, JOCTET *buffer, JCOEFPTR block,
-                            int last_dc_val, c_derived_tbl *dctbl,
-                            c_derived_tbl *actbl)
-{
-  return jsimd_huff_encode_one_block_neon(state, buffer, block, last_dc_val,
-                                          dctbl, actbl);
-}
-
-GLOBAL(int)
-jsimd_can_encode_mcu_AC_first_prepare(void)
-{
-  init_simd();
-
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_encode_mcu_AC_first_prepare(const JCOEF *block,
-                                  const int *jpeg_natural_order_start, int Sl,
-                                  int Al, JCOEF *values, size_t *zerobits)
-{
-  jsimd_encode_mcu_AC_first_prepare_neon(block, jpeg_natural_order_start,
-                                         Sl, Al, values, zerobits);
-}
-
-GLOBAL(int)
-jsimd_can_encode_mcu_AC_refine_prepare(void)
-{
-  init_simd();
-
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_encode_mcu_AC_refine_prepare(const JCOEF *block,
-                                   const int *jpeg_natural_order_start, int Sl,
-                                   int Al, JCOEF *absvalues, size_t *bits)
-{
-  return jsimd_encode_mcu_AC_refine_prepare_neon(block,
-                                                 jpeg_natural_order_start, Sl,
-                                                 Al, absvalues, bits);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch32/jsimd_neon.S b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch32/jsimd_neon.S
deleted file mode 100644
index 7e1e2b1..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch32/jsimd_neon.S
+++ /dev/null
@@ -1,1200 +0,0 @@
-/*
- * Armv7 Neon optimizations for libjpeg-turbo
- *
- * Copyright (C) 2009-2011, Nokia Corporation and/or its subsidiary(-ies).
- *                          All Rights Reserved.
- * Author:  Siarhei Siamashka <siarhei.siamashka@nokia.com>
- * Copyright (C) 2014, Siarhei Siamashka.  All Rights Reserved.
- * Copyright (C) 2014, Linaro Limited.  All Rights Reserved.
- * Copyright (C) 2015, D. R. Commander.  All Rights Reserved.
- * Copyright (C) 2015-2016, 2018, Matthieu Darbois.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#if defined(__linux__) && defined(__ELF__)
-.section .note.GNU-stack, "", %progbits  /* mark stack as non-executable */
-#endif
-
-.text
-.fpu neon
-.arch armv7a
-.object_arch armv4
-.arm
-.syntax unified
-
-
-/*****************************************************************************/
-
-/* Supplementary macro for setting function attributes */
-.macro asm_function fname
-#ifdef __APPLE__
-    .private_extern _\fname
-    .globl _\fname
-_\fname:
-#else
-    .global \fname
-#ifdef __ELF__
-    .hidden \fname
-    .type \fname, %function
-#endif
-\fname:
-#endif
-.endm
-
-
-#define CENTERJSAMPLE  128
-
-/*****************************************************************************/
-
-/*
- * Perform dequantization and inverse DCT on one block of coefficients.
- *
- * GLOBAL(void)
- * jsimd_idct_islow_neon(void *dct_table, JCOEFPTR coef_block,
- *                       JSAMPARRAY output_buf, JDIMENSION output_col)
- */
-
-#define FIX_0_298631336  (2446)
-#define FIX_0_390180644  (3196)
-#define FIX_0_541196100  (4433)
-#define FIX_0_765366865  (6270)
-#define FIX_0_899976223  (7373)
-#define FIX_1_175875602  (9633)
-#define FIX_1_501321110  (12299)
-#define FIX_1_847759065  (15137)
-#define FIX_1_961570560  (16069)
-#define FIX_2_053119869  (16819)
-#define FIX_2_562915447  (20995)
-#define FIX_3_072711026  (25172)
-
-#define FIX_1_175875602_MINUS_1_961570560  (FIX_1_175875602 - FIX_1_961570560)
-#define FIX_1_175875602_MINUS_0_390180644  (FIX_1_175875602 - FIX_0_390180644)
-#define FIX_0_541196100_MINUS_1_847759065  (FIX_0_541196100 - FIX_1_847759065)
-#define FIX_3_072711026_MINUS_2_562915447  (FIX_3_072711026 - FIX_2_562915447)
-#define FIX_0_298631336_MINUS_0_899976223  (FIX_0_298631336 - FIX_0_899976223)
-#define FIX_1_501321110_MINUS_0_899976223  (FIX_1_501321110 - FIX_0_899976223)
-#define FIX_2_053119869_MINUS_2_562915447  (FIX_2_053119869 - FIX_2_562915447)
-#define FIX_0_541196100_PLUS_0_765366865   (FIX_0_541196100 + FIX_0_765366865)
-
-/*
- * Reference SIMD-friendly 1-D ISLOW iDCT C implementation.
- * Uses some ideas from the comments in 'simd/jiss2int-64.asm'
- */
-#define REF_1D_IDCT(xrow0, xrow1, xrow2, xrow3, xrow4, xrow5, xrow6, xrow7) { \
-  DCTELEM row0, row1, row2, row3, row4, row5, row6, row7; \
-  JLONG   q1, q2, q3, q4, q5, q6, q7; \
-  JLONG   tmp11_plus_tmp2, tmp11_minus_tmp2; \
-  \
-  /* 1-D iDCT input data */ \
-  row0 = xrow0; \
-  row1 = xrow1; \
-  row2 = xrow2; \
-  row3 = xrow3; \
-  row4 = xrow4; \
-  row5 = xrow5; \
-  row6 = xrow6; \
-  row7 = xrow7; \
-  \
-  q5 = row7 + row3; \
-  q4 = row5 + row1; \
-  q6 = MULTIPLY(q5, FIX_1_175875602_MINUS_1_961570560) + \
-       MULTIPLY(q4, FIX_1_175875602); \
-  q7 = MULTIPLY(q5, FIX_1_175875602) + \
-       MULTIPLY(q4, FIX_1_175875602_MINUS_0_390180644); \
-  q2 = MULTIPLY(row2, FIX_0_541196100) + \
-       MULTIPLY(row6, FIX_0_541196100_MINUS_1_847759065); \
-  q4 = q6; \
-  q3 = ((JLONG)row0 - (JLONG)row4) << 13; \
-  q6 += MULTIPLY(row5, -FIX_2_562915447) + \
-        MULTIPLY(row3, FIX_3_072711026_MINUS_2_562915447); \
-  /* now we can use q1 (reloadable constants have been used up) */ \
-  q1 = q3 + q2; \
-  q4 += MULTIPLY(row7, FIX_0_298631336_MINUS_0_899976223) + \
-        MULTIPLY(row1, -FIX_0_899976223); \
-  q5 = q7; \
-  q1 = q1 + q6; \
-  q7 += MULTIPLY(row7, -FIX_0_899976223) + \
-        MULTIPLY(row1, FIX_1_501321110_MINUS_0_899976223); \
-  \
-  /* (tmp11 + tmp2) has been calculated (out_row1 before descale) */ \
-  tmp11_plus_tmp2 = q1; \
-  row1 = 0; \
-  \
-  q1 = q1 - q6; \
-  q5 += MULTIPLY(row5, FIX_2_053119869_MINUS_2_562915447) + \
-        MULTIPLY(row3, -FIX_2_562915447); \
-  q1 = q1 - q6; \
-  q6 = MULTIPLY(row2, FIX_0_541196100_PLUS_0_765366865) + \
-       MULTIPLY(row6, FIX_0_541196100); \
-  q3 = q3 - q2; \
-  \
-  /* (tmp11 - tmp2) has been calculated (out_row6 before descale) */ \
-  tmp11_minus_tmp2 = q1; \
-  \
-  q1 = ((JLONG)row0 + (JLONG)row4) << 13; \
-  q2 = q1 + q6; \
-  q1 = q1 - q6; \
-  \
-  /* pick up the results */ \
-  tmp0  = q4; \
-  tmp1  = q5; \
-  tmp2  = (tmp11_plus_tmp2 - tmp11_minus_tmp2) / 2; \
-  tmp3  = q7; \
-  tmp10 = q2; \
-  tmp11 = (tmp11_plus_tmp2 + tmp11_minus_tmp2) / 2; \
-  tmp12 = q3; \
-  tmp13 = q1; \
-}
-
-#define XFIX_0_899976223                    d0[0]
-#define XFIX_0_541196100                    d0[1]
-#define XFIX_2_562915447                    d0[2]
-#define XFIX_0_298631336_MINUS_0_899976223  d0[3]
-#define XFIX_1_501321110_MINUS_0_899976223  d1[0]
-#define XFIX_2_053119869_MINUS_2_562915447  d1[1]
-#define XFIX_0_541196100_PLUS_0_765366865   d1[2]
-#define XFIX_1_175875602                    d1[3]
-#define XFIX_1_175875602_MINUS_0_390180644  d2[0]
-#define XFIX_0_541196100_MINUS_1_847759065  d2[1]
-#define XFIX_3_072711026_MINUS_2_562915447  d2[2]
-#define XFIX_1_175875602_MINUS_1_961570560  d2[3]
-
-.balign 16
-jsimd_idct_islow_neon_consts:
-  .short FIX_0_899976223                    /* d0[0] */
-  .short FIX_0_541196100                    /* d0[1] */
-  .short FIX_2_562915447                    /* d0[2] */
-  .short FIX_0_298631336_MINUS_0_899976223  /* d0[3] */
-  .short FIX_1_501321110_MINUS_0_899976223  /* d1[0] */
-  .short FIX_2_053119869_MINUS_2_562915447  /* d1[1] */
-  .short FIX_0_541196100_PLUS_0_765366865   /* d1[2] */
-  .short FIX_1_175875602                    /* d1[3] */
-  /* reloadable constants */
-  .short FIX_1_175875602_MINUS_0_390180644  /* d2[0] */
-  .short FIX_0_541196100_MINUS_1_847759065  /* d2[1] */
-  .short FIX_3_072711026_MINUS_2_562915447  /* d2[2] */
-  .short FIX_1_175875602_MINUS_1_961570560  /* d2[3] */
-
-asm_function jsimd_idct_islow_neon
-
-    DCT_TABLE       .req r0
-    COEF_BLOCK      .req r1
-    OUTPUT_BUF      .req r2
-    OUTPUT_COL      .req r3
-    TMP1            .req r0
-    TMP2            .req r1
-    TMP3            .req r2
-    TMP4            .req ip
-
-    ROW0L           .req d16
-    ROW0R           .req d17
-    ROW1L           .req d18
-    ROW1R           .req d19
-    ROW2L           .req d20
-    ROW2R           .req d21
-    ROW3L           .req d22
-    ROW3R           .req d23
-    ROW4L           .req d24
-    ROW4R           .req d25
-    ROW5L           .req d26
-    ROW5R           .req d27
-    ROW6L           .req d28
-    ROW6R           .req d29
-    ROW7L           .req d30
-    ROW7R           .req d31
-
-    /* Load and dequantize coefficients into Neon registers
-     * with the following allocation:
-     *       0 1 2 3 | 4 5 6 7
-     *      ---------+--------
-     *   0 | d16     | d17     ( q8  )
-     *   1 | d18     | d19     ( q9  )
-     *   2 | d20     | d21     ( q10 )
-     *   3 | d22     | d23     ( q11 )
-     *   4 | d24     | d25     ( q12 )
-     *   5 | d26     | d27     ( q13 )
-     *   6 | d28     | d29     ( q14 )
-     *   7 | d30     | d31     ( q15 )
-     */
-    adr             ip, jsimd_idct_islow_neon_consts
-    vld1.16         {d16, d17, d18, d19}, [COEF_BLOCK, :128]!
-    vld1.16         {d0, d1, d2, d3}, [DCT_TABLE, :128]!
-    vld1.16         {d20, d21, d22, d23}, [COEF_BLOCK, :128]!
-    vmul.s16        q8, q8, q0
-    vld1.16         {d4, d5, d6, d7}, [DCT_TABLE, :128]!
-    vmul.s16        q9, q9, q1
-    vld1.16         {d24, d25, d26, d27}, [COEF_BLOCK, :128]!
-    vmul.s16        q10, q10, q2
-    vld1.16         {d0, d1, d2, d3}, [DCT_TABLE, :128]!
-    vmul.s16        q11, q11, q3
-    vld1.16         {d28, d29, d30, d31}, [COEF_BLOCK, :128]
-    vmul.s16        q12, q12, q0
-    vld1.16         {d4, d5, d6, d7}, [DCT_TABLE, :128]!
-    vmul.s16        q14, q14, q2
-    vmul.s16        q13, q13, q1
-    vld1.16         {d0, d1, d2, d3}, [ip, :128]  /* load constants */
-    add             ip, ip, #16
-    vmul.s16        q15, q15, q3
-    vpush           {d8 - d15}                    /* save Neon registers */
-    /* 1-D IDCT, pass 1, left 4x8 half */
-    vadd.s16        d4, ROW7L, ROW3L
-    vadd.s16        d5, ROW5L, ROW1L
-    vmull.s16       q6, d4, XFIX_1_175875602_MINUS_1_961570560
-    vmlal.s16       q6, d5, XFIX_1_175875602
-    vmull.s16       q7, d4, XFIX_1_175875602
-      /* Check for the zero coefficients in the right 4x8 half */
-      push            {r4, r5}
-    vmlal.s16       q7, d5, XFIX_1_175875602_MINUS_0_390180644
-    vsubl.s16       q3, ROW0L, ROW4L
-      ldrd            r4, [COEF_BLOCK, #(-96 + 2 * (4 + 1 * 8))]
-    vmull.s16       q2, ROW2L, XFIX_0_541196100
-    vmlal.s16       q2, ROW6L, XFIX_0_541196100_MINUS_1_847759065
-      orr             r0, r4, r5
-    vmov            q4, q6
-    vmlsl.s16       q6, ROW5L, XFIX_2_562915447
-      ldrd            r4, [COEF_BLOCK, #(-96 + 2 * (4 + 2 * 8))]
-    vmlal.s16       q6, ROW3L, XFIX_3_072711026_MINUS_2_562915447
-    vshl.s32        q3, q3, #13
-      orr             r0, r0, r4
-    vmlsl.s16       q4, ROW1L, XFIX_0_899976223
-      orr             r0, r0, r5
-    vadd.s32        q1, q3, q2
-      ldrd            r4, [COEF_BLOCK, #(-96 + 2 * (4 + 3 * 8))]
-    vmov            q5, q7
-    vadd.s32        q1, q1, q6
-      orr             r0, r0, r4
-    vmlsl.s16       q7, ROW7L, XFIX_0_899976223
-      orr             r0, r0, r5
-    vmlal.s16       q7, ROW1L, XFIX_1_501321110_MINUS_0_899976223
-    vrshrn.s32      ROW1L, q1, #11
-      ldrd            r4, [COEF_BLOCK, #(-96 + 2 * (4 + 4 * 8))]
-    vsub.s32        q1, q1, q6
-    vmlal.s16       q5, ROW5L, XFIX_2_053119869_MINUS_2_562915447
-      orr             r0, r0, r4
-    vmlsl.s16       q5, ROW3L, XFIX_2_562915447
-      orr             r0, r0, r5
-    vsub.s32        q1, q1, q6
-    vmull.s16       q6, ROW2L, XFIX_0_541196100_PLUS_0_765366865
-      ldrd            r4, [COEF_BLOCK, #(-96 + 2 * (4 + 5 * 8))]
-    vmlal.s16       q6, ROW6L, XFIX_0_541196100
-    vsub.s32        q3, q3, q2
-      orr             r0, r0, r4
-    vrshrn.s32      ROW6L, q1, #11
-      orr             r0, r0, r5
-    vadd.s32        q1, q3, q5
-      ldrd            r4, [COEF_BLOCK, #(-96 + 2 * (4 + 6 * 8))]
-    vsub.s32        q3, q3, q5
-    vaddl.s16       q5, ROW0L, ROW4L
-      orr             r0, r0, r4
-    vrshrn.s32      ROW2L, q1, #11
-      orr             r0, r0, r5
-    vrshrn.s32      ROW5L, q3, #11
-      ldrd            r4, [COEF_BLOCK, #(-96 + 2 * (4 + 7 * 8))]
-    vshl.s32        q5, q5, #13
-    vmlal.s16       q4, ROW7L, XFIX_0_298631336_MINUS_0_899976223
-      orr             r0, r0, r4
-    vadd.s32        q2, q5, q6
-      orrs            r0, r0, r5
-    vsub.s32        q1, q5, q6
-    vadd.s32        q6, q2, q7
-      ldrd            r4, [COEF_BLOCK, #(-96 + 2 * (4 + 0 * 8))]
-    vsub.s32        q2, q2, q7
-    vadd.s32        q5, q1, q4
-      orr             r0, r4, r5
-    vsub.s32        q3, q1, q4
-      pop             {r4, r5}
-    vrshrn.s32      ROW7L, q2, #11
-    vrshrn.s32      ROW3L, q5, #11
-    vrshrn.s32      ROW0L, q6, #11
-    vrshrn.s32      ROW4L, q3, #11
-
-      beq             3f  /* Go to do some special handling for the sparse
-                             right 4x8 half */
-
-    /* 1-D IDCT, pass 1, right 4x8 half */
-    vld1.s16        {d2}, [ip, :64]  /* reload constants */
-    vadd.s16        d10, ROW7R, ROW3R
-    vadd.s16        d8, ROW5R, ROW1R
-      /* Transpose left 4x8 half */
-      vtrn.16         ROW6L, ROW7L
-    vmull.s16       q6, d10, XFIX_1_175875602_MINUS_1_961570560
-    vmlal.s16       q6, d8, XFIX_1_175875602
-      vtrn.16         ROW2L, ROW3L
-    vmull.s16       q7, d10, XFIX_1_175875602
-    vmlal.s16       q7, d8, XFIX_1_175875602_MINUS_0_390180644
-      vtrn.16         ROW0L, ROW1L
-    vsubl.s16       q3, ROW0R, ROW4R
-    vmull.s16       q2, ROW2R, XFIX_0_541196100
-    vmlal.s16       q2, ROW6R, XFIX_0_541196100_MINUS_1_847759065
-      vtrn.16         ROW4L, ROW5L
-    vmov            q4, q6
-    vmlsl.s16       q6, ROW5R, XFIX_2_562915447
-    vmlal.s16       q6, ROW3R, XFIX_3_072711026_MINUS_2_562915447
-      vtrn.32         ROW1L, ROW3L
-    vshl.s32        q3, q3, #13
-    vmlsl.s16       q4, ROW1R, XFIX_0_899976223
-      vtrn.32         ROW4L, ROW6L
-    vadd.s32        q1, q3, q2
-    vmov            q5, q7
-    vadd.s32        q1, q1, q6
-      vtrn.32         ROW0L, ROW2L
-    vmlsl.s16       q7, ROW7R, XFIX_0_899976223
-    vmlal.s16       q7, ROW1R, XFIX_1_501321110_MINUS_0_899976223
-    vrshrn.s32      ROW1R, q1, #11
-      vtrn.32         ROW5L, ROW7L
-    vsub.s32        q1, q1, q6
-    vmlal.s16       q5, ROW5R, XFIX_2_053119869_MINUS_2_562915447
-    vmlsl.s16       q5, ROW3R, XFIX_2_562915447
-    vsub.s32        q1, q1, q6
-    vmull.s16       q6, ROW2R, XFIX_0_541196100_PLUS_0_765366865
-    vmlal.s16       q6, ROW6R, XFIX_0_541196100
-    vsub.s32        q3, q3, q2
-    vrshrn.s32      ROW6R, q1, #11
-    vadd.s32        q1, q3, q5
-    vsub.s32        q3, q3, q5
-    vaddl.s16       q5, ROW0R, ROW4R
-    vrshrn.s32      ROW2R, q1, #11
-    vrshrn.s32      ROW5R, q3, #11
-    vshl.s32        q5, q5, #13
-    vmlal.s16       q4, ROW7R, XFIX_0_298631336_MINUS_0_899976223
-    vadd.s32        q2, q5, q6
-    vsub.s32        q1, q5, q6
-    vadd.s32        q6, q2, q7
-    vsub.s32        q2, q2, q7
-    vadd.s32        q5, q1, q4
-    vsub.s32        q3, q1, q4
-    vrshrn.s32      ROW7R, q2, #11
-    vrshrn.s32      ROW3R, q5, #11
-    vrshrn.s32      ROW0R, q6, #11
-    vrshrn.s32      ROW4R, q3, #11
-    /* Transpose right 4x8 half */
-    vtrn.16         ROW6R, ROW7R
-    vtrn.16         ROW2R, ROW3R
-    vtrn.16         ROW0R, ROW1R
-    vtrn.16         ROW4R, ROW5R
-    vtrn.32         ROW1R, ROW3R
-    vtrn.32         ROW4R, ROW6R
-    vtrn.32         ROW0R, ROW2R
-    vtrn.32         ROW5R, ROW7R
-
-1:  /* 1-D IDCT, pass 2 (normal variant), left 4x8 half */
-    vld1.s16        {d2}, [ip, :64]               /* reload constants */
-    vmull.s16       q6, ROW1R, XFIX_1_175875602   /* ROW5L <-> ROW1R */
-    vmlal.s16       q6, ROW1L, XFIX_1_175875602
-    vmlal.s16       q6, ROW3R, XFIX_1_175875602_MINUS_1_961570560  /* ROW7L <-> ROW3R */
-    vmlal.s16       q6, ROW3L, XFIX_1_175875602_MINUS_1_961570560
-    vmull.s16       q7, ROW3R, XFIX_1_175875602   /* ROW7L <-> ROW3R */
-    vmlal.s16       q7, ROW3L, XFIX_1_175875602
-    vmlal.s16       q7, ROW1R, XFIX_1_175875602_MINUS_0_390180644  /* ROW5L <-> ROW1R */
-    vmlal.s16       q7, ROW1L, XFIX_1_175875602_MINUS_0_390180644
-    vsubl.s16       q3, ROW0L, ROW0R              /* ROW4L <-> ROW0R */
-    vmull.s16       q2, ROW2L, XFIX_0_541196100
-    vmlal.s16       q2, ROW2R, XFIX_0_541196100_MINUS_1_847759065  /* ROW6L <-> ROW2R */
-    vmov            q4, q6
-    vmlsl.s16       q6, ROW1R, XFIX_2_562915447   /* ROW5L <-> ROW1R */
-    vmlal.s16       q6, ROW3L, XFIX_3_072711026_MINUS_2_562915447
-    vshl.s32        q3, q3, #13
-    vmlsl.s16       q4, ROW1L, XFIX_0_899976223
-    vadd.s32        q1, q3, q2
-    vmov            q5, q7
-    vadd.s32        q1, q1, q6
-    vmlsl.s16       q7, ROW3R, XFIX_0_899976223   /* ROW7L <-> ROW3R */
-    vmlal.s16       q7, ROW1L, XFIX_1_501321110_MINUS_0_899976223
-    vshrn.s32       ROW1L, q1, #16
-    vsub.s32        q1, q1, q6
-    vmlal.s16       q5, ROW1R, XFIX_2_053119869_MINUS_2_562915447  /* ROW5L <-> ROW1R */
-    vmlsl.s16       q5, ROW3L, XFIX_2_562915447
-    vsub.s32        q1, q1, q6
-    vmull.s16       q6, ROW2L, XFIX_0_541196100_PLUS_0_765366865
-    vmlal.s16       q6, ROW2R, XFIX_0_541196100   /* ROW6L <-> ROW2R */
-    vsub.s32        q3, q3, q2
-    vshrn.s32       ROW2R, q1, #16                /* ROW6L <-> ROW2R */
-    vadd.s32        q1, q3, q5
-    vsub.s32        q3, q3, q5
-    vaddl.s16       q5, ROW0L, ROW0R              /* ROW4L <-> ROW0R */
-    vshrn.s32       ROW2L, q1, #16
-    vshrn.s32       ROW1R, q3, #16                /* ROW5L <-> ROW1R */
-    vshl.s32        q5, q5, #13
-    vmlal.s16       q4, ROW3R, XFIX_0_298631336_MINUS_0_899976223  /* ROW7L <-> ROW3R */
-    vadd.s32        q2, q5, q6
-    vsub.s32        q1, q5, q6
-    vadd.s32        q6, q2, q7
-    vsub.s32        q2, q2, q7
-    vadd.s32        q5, q1, q4
-    vsub.s32        q3, q1, q4
-    vshrn.s32       ROW3R, q2, #16                /* ROW7L <-> ROW3R */
-    vshrn.s32       ROW3L, q5, #16
-    vshrn.s32       ROW0L, q6, #16
-    vshrn.s32       ROW0R, q3, #16                /* ROW4L <-> ROW0R */
-    /* 1-D IDCT, pass 2, right 4x8 half */
-    vld1.s16        {d2}, [ip, :64]               /* reload constants */
-    vmull.s16       q6, ROW5R, XFIX_1_175875602
-    vmlal.s16       q6, ROW5L, XFIX_1_175875602   /* ROW5L <-> ROW1R */
-    vmlal.s16       q6, ROW7R, XFIX_1_175875602_MINUS_1_961570560
-    vmlal.s16       q6, ROW7L, XFIX_1_175875602_MINUS_1_961570560  /* ROW7L <-> ROW3R */
-    vmull.s16       q7, ROW7R, XFIX_1_175875602
-    vmlal.s16       q7, ROW7L, XFIX_1_175875602   /* ROW7L <-> ROW3R */
-    vmlal.s16       q7, ROW5R, XFIX_1_175875602_MINUS_0_390180644
-    vmlal.s16       q7, ROW5L, XFIX_1_175875602_MINUS_0_390180644  /* ROW5L <-> ROW1R */
-    vsubl.s16       q3, ROW4L, ROW4R              /* ROW4L <-> ROW0R */
-    vmull.s16       q2, ROW6L, XFIX_0_541196100   /* ROW6L <-> ROW2R */
-    vmlal.s16       q2, ROW6R, XFIX_0_541196100_MINUS_1_847759065
-    vmov            q4, q6
-    vmlsl.s16       q6, ROW5R, XFIX_2_562915447
-    vmlal.s16       q6, ROW7L, XFIX_3_072711026_MINUS_2_562915447  /* ROW7L <-> ROW3R */
-    vshl.s32        q3, q3, #13
-    vmlsl.s16       q4, ROW5L, XFIX_0_899976223   /* ROW5L <-> ROW1R */
-    vadd.s32        q1, q3, q2
-    vmov            q5, q7
-    vadd.s32        q1, q1, q6
-    vmlsl.s16       q7, ROW7R, XFIX_0_899976223
-    vmlal.s16       q7, ROW5L, XFIX_1_501321110_MINUS_0_899976223  /* ROW5L <-> ROW1R */
-    vshrn.s32       ROW5L, q1, #16                /* ROW5L <-> ROW1R */
-    vsub.s32        q1, q1, q6
-    vmlal.s16       q5, ROW5R, XFIX_2_053119869_MINUS_2_562915447
-    vmlsl.s16       q5, ROW7L, XFIX_2_562915447   /* ROW7L <-> ROW3R */
-    vsub.s32        q1, q1, q6
-    vmull.s16       q6, ROW6L, XFIX_0_541196100_PLUS_0_765366865  /* ROW6L <-> ROW2R */
-    vmlal.s16       q6, ROW6R, XFIX_0_541196100
-    vsub.s32        q3, q3, q2
-    vshrn.s32       ROW6R, q1, #16
-    vadd.s32        q1, q3, q5
-    vsub.s32        q3, q3, q5
-    vaddl.s16       q5, ROW4L, ROW4R              /* ROW4L <-> ROW0R */
-    vshrn.s32       ROW6L, q1, #16                /* ROW6L <-> ROW2R */
-    vshrn.s32       ROW5R, q3, #16
-    vshl.s32        q5, q5, #13
-    vmlal.s16       q4, ROW7R, XFIX_0_298631336_MINUS_0_899976223
-    vadd.s32        q2, q5, q6
-    vsub.s32        q1, q5, q6
-    vadd.s32        q6, q2, q7
-    vsub.s32        q2, q2, q7
-    vadd.s32        q5, q1, q4
-    vsub.s32        q3, q1, q4
-    vshrn.s32       ROW7R, q2, #16
-    vshrn.s32       ROW7L, q5, #16                /* ROW7L <-> ROW3R */
-    vshrn.s32       ROW4L, q6, #16                /* ROW4L <-> ROW0R */
-    vshrn.s32       ROW4R, q3, #16
-
-2:  /* Descale to 8-bit and range limit */
-    vqrshrn.s16     d16, q8, #2
-    vqrshrn.s16     d17, q9, #2
-    vqrshrn.s16     d18, q10, #2
-    vqrshrn.s16     d19, q11, #2
-    vpop            {d8 - d15}                    /* restore Neon registers */
-    vqrshrn.s16     d20, q12, #2
-      /* Transpose the final 8-bit samples and do signed->unsigned conversion */
-      vtrn.16         q8, q9
-    vqrshrn.s16     d21, q13, #2
-    vqrshrn.s16     d22, q14, #2
-      vmov.u8         q0, #(CENTERJSAMPLE)
-    vqrshrn.s16     d23, q15, #2
-      vtrn.8          d16, d17
-      vtrn.8          d18, d19
-      vadd.u8         q8, q8, q0
-      vadd.u8         q9, q9, q0
-      vtrn.16         q10, q11
-        /* Store results to the output buffer */
-        ldmia           OUTPUT_BUF!, {TMP1, TMP2}
-        add             TMP1, TMP1, OUTPUT_COL
-        add             TMP2, TMP2, OUTPUT_COL
-        vst1.8          {d16}, [TMP1]
-      vtrn.8          d20, d21
-        vst1.8          {d17}, [TMP2]
-        ldmia           OUTPUT_BUF!, {TMP1, TMP2}
-        add             TMP1, TMP1, OUTPUT_COL
-        add             TMP2, TMP2, OUTPUT_COL
-        vst1.8          {d18}, [TMP1]
-      vadd.u8         q10, q10, q0
-        vst1.8          {d19}, [TMP2]
-        ldmia           OUTPUT_BUF, {TMP1, TMP2, TMP3, TMP4}
-        add             TMP1, TMP1, OUTPUT_COL
-        add             TMP2, TMP2, OUTPUT_COL
-        add             TMP3, TMP3, OUTPUT_COL
-        add             TMP4, TMP4, OUTPUT_COL
-      vtrn.8          d22, d23
-        vst1.8          {d20}, [TMP1]
-      vadd.u8         q11, q11, q0
-        vst1.8          {d21}, [TMP2]
-        vst1.8          {d22}, [TMP3]
-        vst1.8          {d23}, [TMP4]
-    bx              lr
-
-3:  /* Left 4x8 half is done, right 4x8 half contains mostly zeros */
-
-    /* Transpose left 4x8 half */
-    vtrn.16         ROW6L, ROW7L
-    vtrn.16         ROW2L, ROW3L
-    vtrn.16         ROW0L, ROW1L
-    vtrn.16         ROW4L, ROW5L
-    vshl.s16        ROW0R, ROW0R, #2  /* PASS1_BITS */
-    vtrn.32         ROW1L, ROW3L
-    vtrn.32         ROW4L, ROW6L
-    vtrn.32         ROW0L, ROW2L
-    vtrn.32         ROW5L, ROW7L
-
-    cmp             r0, #0
-    beq             4f  /* Right 4x8 half has all zeros, go to 'sparse' second
-                           pass */
-
-    /* Only row 0 is non-zero for the right 4x8 half  */
-    vdup.s16        ROW1R, ROW0R[1]
-    vdup.s16        ROW2R, ROW0R[2]
-    vdup.s16        ROW3R, ROW0R[3]
-    vdup.s16        ROW4R, ROW0R[0]
-    vdup.s16        ROW5R, ROW0R[1]
-    vdup.s16        ROW6R, ROW0R[2]
-    vdup.s16        ROW7R, ROW0R[3]
-    vdup.s16        ROW0R, ROW0R[0]
-    b               1b  /* Go to 'normal' second pass */
-
-4:  /* 1-D IDCT, pass 2 (sparse variant with zero rows 4-7), left 4x8 half */
-    vld1.s16        {d2}, [ip, :64]               /* reload constants */
-    vmull.s16       q6, ROW1L, XFIX_1_175875602
-    vmlal.s16       q6, ROW3L, XFIX_1_175875602_MINUS_1_961570560
-    vmull.s16       q7, ROW3L, XFIX_1_175875602
-    vmlal.s16       q7, ROW1L, XFIX_1_175875602_MINUS_0_390180644
-    vmull.s16       q2, ROW2L, XFIX_0_541196100
-    vshll.s16       q3, ROW0L, #13
-    vmov            q4, q6
-    vmlal.s16       q6, ROW3L, XFIX_3_072711026_MINUS_2_562915447
-    vmlsl.s16       q4, ROW1L, XFIX_0_899976223
-    vadd.s32        q1, q3, q2
-    vmov            q5, q7
-    vmlal.s16       q7, ROW1L, XFIX_1_501321110_MINUS_0_899976223
-    vadd.s32        q1, q1, q6
-    vadd.s32        q6, q6, q6
-    vmlsl.s16       q5, ROW3L, XFIX_2_562915447
-    vshrn.s32       ROW1L, q1, #16
-    vsub.s32        q1, q1, q6
-    vmull.s16       q6, ROW2L, XFIX_0_541196100_PLUS_0_765366865
-    vsub.s32        q3, q3, q2
-    vshrn.s32       ROW2R, q1, #16                /* ROW6L <-> ROW2R */
-    vadd.s32        q1, q3, q5
-    vsub.s32        q3, q3, q5
-    vshll.s16       q5, ROW0L, #13
-    vshrn.s32       ROW2L, q1, #16
-    vshrn.s32       ROW1R, q3, #16                /* ROW5L <-> ROW1R */
-    vadd.s32        q2, q5, q6
-    vsub.s32        q1, q5, q6
-    vadd.s32        q6, q2, q7
-    vsub.s32        q2, q2, q7
-    vadd.s32        q5, q1, q4
-    vsub.s32        q3, q1, q4
-    vshrn.s32       ROW3R, q2, #16                /* ROW7L <-> ROW3R */
-    vshrn.s32       ROW3L, q5, #16
-    vshrn.s32       ROW0L, q6, #16
-    vshrn.s32       ROW0R, q3, #16                /* ROW4L <-> ROW0R */
-    /* 1-D IDCT, pass 2 (sparse variant with zero rows 4-7), right 4x8 half */
-    vld1.s16        {d2}, [ip, :64]               /* reload constants */
-    vmull.s16       q6, ROW5L, XFIX_1_175875602
-    vmlal.s16       q6, ROW7L, XFIX_1_175875602_MINUS_1_961570560
-    vmull.s16       q7, ROW7L, XFIX_1_175875602
-    vmlal.s16       q7, ROW5L, XFIX_1_175875602_MINUS_0_390180644
-    vmull.s16       q2, ROW6L, XFIX_0_541196100
-    vshll.s16       q3, ROW4L, #13
-    vmov            q4, q6
-    vmlal.s16       q6, ROW7L, XFIX_3_072711026_MINUS_2_562915447
-    vmlsl.s16       q4, ROW5L, XFIX_0_899976223
-    vadd.s32        q1, q3, q2
-    vmov            q5, q7
-    vmlal.s16       q7, ROW5L, XFIX_1_501321110_MINUS_0_899976223
-    vadd.s32        q1, q1, q6
-    vadd.s32        q6, q6, q6
-    vmlsl.s16       q5, ROW7L, XFIX_2_562915447
-    vshrn.s32       ROW5L, q1, #16                /* ROW5L <-> ROW1R */
-    vsub.s32        q1, q1, q6
-    vmull.s16       q6, ROW6L, XFIX_0_541196100_PLUS_0_765366865
-    vsub.s32        q3, q3, q2
-    vshrn.s32       ROW6R, q1, #16
-    vadd.s32        q1, q3, q5
-    vsub.s32        q3, q3, q5
-    vshll.s16       q5, ROW4L, #13
-    vshrn.s32       ROW6L, q1, #16                /* ROW6L <-> ROW2R */
-    vshrn.s32       ROW5R, q3, #16
-    vadd.s32        q2, q5, q6
-    vsub.s32        q1, q5, q6
-    vadd.s32        q6, q2, q7
-    vsub.s32        q2, q2, q7
-    vadd.s32        q5, q1, q4
-    vsub.s32        q3, q1, q4
-    vshrn.s32       ROW7R, q2, #16
-    vshrn.s32       ROW7L, q5, #16                /* ROW7L <-> ROW3R */
-    vshrn.s32       ROW4L, q6, #16                /* ROW4L <-> ROW0R */
-    vshrn.s32       ROW4R, q3, #16
-    b               2b                            /* Go to epilogue */
-
-    .unreq          DCT_TABLE
-    .unreq          COEF_BLOCK
-    .unreq          OUTPUT_BUF
-    .unreq          OUTPUT_COL
-    .unreq          TMP1
-    .unreq          TMP2
-    .unreq          TMP3
-    .unreq          TMP4
-
-    .unreq          ROW0L
-    .unreq          ROW0R
-    .unreq          ROW1L
-    .unreq          ROW1R
-    .unreq          ROW2L
-    .unreq          ROW2R
-    .unreq          ROW3L
-    .unreq          ROW3R
-    .unreq          ROW4L
-    .unreq          ROW4R
-    .unreq          ROW5L
-    .unreq          ROW5R
-    .unreq          ROW6L
-    .unreq          ROW6R
-    .unreq          ROW7L
-    .unreq          ROW7R
-
-
-/*****************************************************************************/
-
-/*
- * jsimd_idct_ifast_neon
- *
- * This function contains a fast, not so accurate integer implementation of
- * the inverse DCT (Discrete Cosine Transform). It uses the same calculations
- * and produces exactly the same output as IJG's original 'jpeg_idct_ifast'
- * function from jidctfst.c
- *
- * Normally 1-D AAN DCT needs 5 multiplications and 29 additions.
- * But in Arm Neon case some extra additions are required because VQDMULH
- * instruction can't handle the constants larger than 1. So the expressions
- * like "x * 1.082392200" have to be converted to "x * 0.082392200 + x",
- * which introduces an extra addition. Overall, there are 6 extra additions
- * per 1-D IDCT pass, totalling to 5 VQDMULH and 35 VADD/VSUB instructions.
- */
-
-#define XFIX_1_082392200  d0[0]
-#define XFIX_1_414213562  d0[1]
-#define XFIX_1_847759065  d0[2]
-#define XFIX_2_613125930  d0[3]
-
-.balign 16
-jsimd_idct_ifast_neon_consts:
-  .short (277 * 128 - 256 * 128)  /* XFIX_1_082392200 */
-  .short (362 * 128 - 256 * 128)  /* XFIX_1_414213562 */
-  .short (473 * 128 - 256 * 128)  /* XFIX_1_847759065 */
-  .short (669 * 128 - 512 * 128)  /* XFIX_2_613125930 */
-
-asm_function jsimd_idct_ifast_neon
-
-    DCT_TABLE       .req r0
-    COEF_BLOCK      .req r1
-    OUTPUT_BUF      .req r2
-    OUTPUT_COL      .req r3
-    TMP1            .req r0
-    TMP2            .req r1
-    TMP3            .req r2
-    TMP4            .req ip
-
-    /* Load and dequantize coefficients into Neon registers
-     * with the following allocation:
-     *       0 1 2 3 | 4 5 6 7
-     *      ---------+--------
-     *   0 | d16     | d17     ( q8  )
-     *   1 | d18     | d19     ( q9  )
-     *   2 | d20     | d21     ( q10 )
-     *   3 | d22     | d23     ( q11 )
-     *   4 | d24     | d25     ( q12 )
-     *   5 | d26     | d27     ( q13 )
-     *   6 | d28     | d29     ( q14 )
-     *   7 | d30     | d31     ( q15 )
-     */
-    adr             ip, jsimd_idct_ifast_neon_consts
-    vld1.16         {d16, d17, d18, d19}, [COEF_BLOCK, :128]!
-    vld1.16         {d0, d1, d2, d3}, [DCT_TABLE, :128]!
-    vld1.16         {d20, d21, d22, d23}, [COEF_BLOCK, :128]!
-    vmul.s16        q8, q8, q0
-    vld1.16         {d4, d5, d6, d7}, [DCT_TABLE, :128]!
-    vmul.s16        q9, q9, q1
-    vld1.16         {d24, d25, d26, d27}, [COEF_BLOCK, :128]!
-    vmul.s16        q10, q10, q2
-    vld1.16         {d0, d1, d2, d3}, [DCT_TABLE, :128]!
-    vmul.s16        q11, q11, q3
-    vld1.16         {d28, d29, d30, d31}, [COEF_BLOCK, :128]
-    vmul.s16        q12, q12, q0
-    vld1.16         {d4, d5, d6, d7}, [DCT_TABLE, :128]!
-    vmul.s16        q14, q14, q2
-    vmul.s16        q13, q13, q1
-    vld1.16         {d0}, [ip, :64]  /* load constants */
-    vmul.s16        q15, q15, q3
-    vpush           {d8 - d13}       /* save Neon registers */
-    /* 1-D IDCT, pass 1 */
-    vsub.s16        q2, q10, q14
-    vadd.s16        q14, q10, q14
-    vsub.s16        q1, q11, q13
-    vadd.s16        q13, q11, q13
-    vsub.s16        q5, q9, q15
-    vadd.s16        q15, q9, q15
-    vqdmulh.s16     q4, q2, XFIX_1_414213562
-    vqdmulh.s16     q6, q1, XFIX_2_613125930
-    vadd.s16        q3, q1, q1
-    vsub.s16        q1, q5, q1
-    vadd.s16        q10, q2, q4
-    vqdmulh.s16     q4, q1, XFIX_1_847759065
-    vsub.s16        q2, q15, q13
-    vadd.s16        q3, q3, q6
-    vqdmulh.s16     q6, q2, XFIX_1_414213562
-    vadd.s16        q1, q1, q4
-    vqdmulh.s16     q4, q5, XFIX_1_082392200
-    vsub.s16        q10, q10, q14
-    vadd.s16        q2, q2, q6
-    vsub.s16        q6, q8, q12
-    vadd.s16        q12, q8, q12
-    vadd.s16        q9, q5, q4
-    vadd.s16        q5, q6, q10
-    vsub.s16        q10, q6, q10
-    vadd.s16        q6, q15, q13
-    vadd.s16        q8, q12, q14
-    vsub.s16        q3, q6, q3
-    vsub.s16        q12, q12, q14
-    vsub.s16        q3, q3, q1
-    vsub.s16        q1, q9, q1
-    vadd.s16        q2, q3, q2
-    vsub.s16        q15, q8, q6
-    vadd.s16        q1, q1, q2
-    vadd.s16        q8, q8, q6
-    vadd.s16        q14, q5, q3
-    vsub.s16        q9, q5, q3
-    vsub.s16        q13, q10, q2
-    vadd.s16        q10, q10, q2
-      /* Transpose */
-      vtrn.16         q8, q9
-    vsub.s16        q11, q12, q1
-      vtrn.16         q14, q15
-    vadd.s16        q12, q12, q1
-      vtrn.16         q10, q11
-      vtrn.16         q12, q13
-      vtrn.32         q9, q11
-      vtrn.32         q12, q14
-      vtrn.32         q8, q10
-      vtrn.32         q13, q15
-      vswp            d28, d21
-      vswp            d26, d19
-    /* 1-D IDCT, pass 2 */
-    vsub.s16        q2, q10, q14
-      vswp            d30, d23
-    vadd.s16        q14, q10, q14
-      vswp            d24, d17
-    vsub.s16        q1, q11, q13
-    vadd.s16        q13, q11, q13
-    vsub.s16        q5, q9, q15
-    vadd.s16        q15, q9, q15
-    vqdmulh.s16     q4, q2, XFIX_1_414213562
-    vqdmulh.s16     q6, q1, XFIX_2_613125930
-    vadd.s16        q3, q1, q1
-    vsub.s16        q1, q5, q1
-    vadd.s16        q10, q2, q4
-    vqdmulh.s16     q4, q1, XFIX_1_847759065
-    vsub.s16        q2, q15, q13
-    vadd.s16        q3, q3, q6
-    vqdmulh.s16     q6, q2, XFIX_1_414213562
-    vadd.s16        q1, q1, q4
-    vqdmulh.s16     q4, q5, XFIX_1_082392200
-    vsub.s16        q10, q10, q14
-    vadd.s16        q2, q2, q6
-    vsub.s16        q6, q8, q12
-    vadd.s16        q12, q8, q12
-    vadd.s16        q9, q5, q4
-    vadd.s16        q5, q6, q10
-    vsub.s16        q10, q6, q10
-    vadd.s16        q6, q15, q13
-    vadd.s16        q8, q12, q14
-    vsub.s16        q3, q6, q3
-    vsub.s16        q12, q12, q14
-    vsub.s16        q3, q3, q1
-    vsub.s16        q1, q9, q1
-    vadd.s16        q2, q3, q2
-    vsub.s16        q15, q8, q6
-    vadd.s16        q1, q1, q2
-    vadd.s16        q8, q8, q6
-    vadd.s16        q14, q5, q3
-    vsub.s16        q9, q5, q3
-    vsub.s16        q13, q10, q2
-    vpop            {d8 - d13}    /* restore Neon registers */
-    vadd.s16        q10, q10, q2
-    vsub.s16        q11, q12, q1
-    vadd.s16        q12, q12, q1
-    /* Descale to 8-bit and range limit */
-    vmov.u8         q0, #0x80
-    vqshrn.s16      d16, q8, #5
-    vqshrn.s16      d17, q9, #5
-    vqshrn.s16      d18, q10, #5
-    vqshrn.s16      d19, q11, #5
-    vqshrn.s16      d20, q12, #5
-    vqshrn.s16      d21, q13, #5
-    vqshrn.s16      d22, q14, #5
-    vqshrn.s16      d23, q15, #5
-    vadd.u8         q8, q8, q0
-    vadd.u8         q9, q9, q0
-    vadd.u8         q10, q10, q0
-    vadd.u8         q11, q11, q0
-    /* Transpose the final 8-bit samples */
-    vtrn.16         q8, q9
-    vtrn.16         q10, q11
-    vtrn.32         q8, q10
-    vtrn.32         q9, q11
-    vtrn.8          d16, d17
-    vtrn.8          d18, d19
-      /* Store results to the output buffer */
-      ldmia           OUTPUT_BUF!, {TMP1, TMP2}
-      add             TMP1, TMP1, OUTPUT_COL
-      add             TMP2, TMP2, OUTPUT_COL
-      vst1.8          {d16}, [TMP1]
-      vst1.8          {d17}, [TMP2]
-      ldmia           OUTPUT_BUF!, {TMP1, TMP2}
-      add             TMP1, TMP1, OUTPUT_COL
-      add             TMP2, TMP2, OUTPUT_COL
-      vst1.8          {d18}, [TMP1]
-    vtrn.8          d20, d21
-      vst1.8          {d19}, [TMP2]
-      ldmia           OUTPUT_BUF, {TMP1, TMP2, TMP3, TMP4}
-      add             TMP1, TMP1, OUTPUT_COL
-      add             TMP2, TMP2, OUTPUT_COL
-      add             TMP3, TMP3, OUTPUT_COL
-      add             TMP4, TMP4, OUTPUT_COL
-      vst1.8          {d20}, [TMP1]
-    vtrn.8          d22, d23
-      vst1.8          {d21}, [TMP2]
-      vst1.8          {d22}, [TMP3]
-      vst1.8          {d23}, [TMP4]
-    bx              lr
-
-    .unreq          DCT_TABLE
-    .unreq          COEF_BLOCK
-    .unreq          OUTPUT_BUF
-    .unreq          OUTPUT_COL
-    .unreq          TMP1
-    .unreq          TMP2
-    .unreq          TMP3
-    .unreq          TMP4
-
-
-/*****************************************************************************/
-
-/*
- * jsimd_extrgb_ycc_convert_neon
- * jsimd_extbgr_ycc_convert_neon
- * jsimd_extrgbx_ycc_convert_neon
- * jsimd_extbgrx_ycc_convert_neon
- * jsimd_extxbgr_ycc_convert_neon
- * jsimd_extxrgb_ycc_convert_neon
- *
- * Colorspace conversion RGB -> YCbCr
- */
-
-.macro do_store size
-  .if \size == 8
-    vst1.8          {d20}, [Y]!
-    vst1.8          {d21}, [U]!
-    vst1.8          {d22}, [V]!
-  .elseif \size == 4
-    vst1.8          {d20[0]}, [Y]!
-    vst1.8          {d20[1]}, [Y]!
-    vst1.8          {d20[2]}, [Y]!
-    vst1.8          {d20[3]}, [Y]!
-    vst1.8          {d21[0]}, [U]!
-    vst1.8          {d21[1]}, [U]!
-    vst1.8          {d21[2]}, [U]!
-    vst1.8          {d21[3]}, [U]!
-    vst1.8          {d22[0]}, [V]!
-    vst1.8          {d22[1]}, [V]!
-    vst1.8          {d22[2]}, [V]!
-    vst1.8          {d22[3]}, [V]!
-  .elseif \size == 2
-    vst1.8          {d20[4]}, [Y]!
-    vst1.8          {d20[5]}, [Y]!
-    vst1.8          {d21[4]}, [U]!
-    vst1.8          {d21[5]}, [U]!
-    vst1.8          {d22[4]}, [V]!
-    vst1.8          {d22[5]}, [V]!
-  .elseif \size == 1
-    vst1.8          {d20[6]}, [Y]!
-    vst1.8          {d21[6]}, [U]!
-    vst1.8          {d22[6]}, [V]!
-  .else
-    .error unsupported macroblock size
-  .endif
-.endm
-
-.macro do_load bpp, size
-  .if \bpp == 24
-    .if \size == 8
-      vld3.8        {d10, d11, d12}, [RGB]!
-      pld           [RGB, #128]
-    .elseif \size == 4
-      vld3.8        {d10[0], d11[0], d12[0]}, [RGB]!
-      vld3.8        {d10[1], d11[1], d12[1]}, [RGB]!
-      vld3.8        {d10[2], d11[2], d12[2]}, [RGB]!
-      vld3.8        {d10[3], d11[3], d12[3]}, [RGB]!
-    .elseif \size == 2
-      vld3.8        {d10[4], d11[4], d12[4]}, [RGB]!
-      vld3.8        {d10[5], d11[5], d12[5]}, [RGB]!
-    .elseif \size == 1
-      vld3.8        {d10[6], d11[6], d12[6]}, [RGB]!
-    .else
-      .error unsupported macroblock size
-    .endif
-  .elseif \bpp == 32
-    .if \size == 8
-      vld4.8        {d10, d11, d12, d13}, [RGB]!
-      pld           [RGB, #128]
-    .elseif \size == 4
-      vld4.8        {d10[0], d11[0], d12[0], d13[0]}, [RGB]!
-      vld4.8        {d10[1], d11[1], d12[1], d13[1]}, [RGB]!
-      vld4.8        {d10[2], d11[2], d12[2], d13[2]}, [RGB]!
-      vld4.8        {d10[3], d11[3], d12[3], d13[3]}, [RGB]!
-    .elseif \size == 2
-      vld4.8        {d10[4], d11[4], d12[4], d13[4]}, [RGB]!
-      vld4.8        {d10[5], d11[5], d12[5], d13[5]}, [RGB]!
-    .elseif \size == 1
-      vld4.8        {d10[6], d11[6], d12[6], d13[6]}, [RGB]!
-    .else
-      .error unsupported macroblock size
-    .endif
-  .else
-    .error unsupported bpp
-  .endif
-.endm
-
-.macro generate_jsimd_rgb_ycc_convert_neon colorid, bpp, r_offs, g_offs, b_offs
-
-/*
- * 2-stage pipelined RGB->YCbCr conversion
- */
-
-.macro do_rgb_to_yuv_stage1
-    vmovl.u8        q2, d1\r_offs  /* r = { d4, d5 } */
-    vmovl.u8        q3, d1\g_offs  /* g = { d6, d7 } */
-    vmovl.u8        q4, d1\b_offs  /* b = { d8, d9 } */
-    vmull.u16       q7, d4, d0[0]
-    vmlal.u16       q7, d6, d0[1]
-    vmlal.u16       q7, d8, d0[2]
-    vmull.u16       q8, d5, d0[0]
-    vmlal.u16       q8, d7, d0[1]
-    vmlal.u16       q8, d9, d0[2]
-    vrev64.32       q9, q1
-    vrev64.32       q13, q1
-    vmlsl.u16       q9, d4, d0[3]
-    vmlsl.u16       q9, d6, d1[0]
-    vmlal.u16       q9, d8, d1[1]
-    vmlsl.u16       q13, d5, d0[3]
-    vmlsl.u16       q13, d7, d1[0]
-    vmlal.u16       q13, d9, d1[1]
-    vrev64.32       q14, q1
-    vrev64.32       q15, q1
-    vmlal.u16       q14, d4, d1[1]
-    vmlsl.u16       q14, d6, d1[2]
-    vmlsl.u16       q14, d8, d1[3]
-    vmlal.u16       q15, d5, d1[1]
-    vmlsl.u16       q15, d7, d1[2]
-    vmlsl.u16       q15, d9, d1[3]
-.endm
-
-.macro do_rgb_to_yuv_stage2
-    vrshrn.u32      d20, q7, #16
-    vrshrn.u32      d21, q8, #16
-    vshrn.u32       d22, q9, #16
-    vshrn.u32       d23, q13, #16
-    vshrn.u32       d24, q14, #16
-    vshrn.u32       d25, q15, #16
-    vmovn.u16       d20, q10       /* d20 = y */
-    vmovn.u16       d21, q11       /* d21 = u */
-    vmovn.u16       d22, q12       /* d22 = v */
-.endm
-
-.macro do_rgb_to_yuv
-    do_rgb_to_yuv_stage1
-    do_rgb_to_yuv_stage2
-.endm
-
-.macro do_rgb_to_yuv_stage2_store_load_stage1
-      vrshrn.u32      d20, q7, #16
-      vrshrn.u32      d21, q8, #16
-      vshrn.u32       d22, q9, #16
-    vrev64.32       q9, q1
-      vshrn.u32       d23, q13, #16
-    vrev64.32       q13, q1
-      vshrn.u32       d24, q14, #16
-      vshrn.u32       d25, q15, #16
-    do_load         \bpp, 8
-      vmovn.u16       d20, q10     /* d20 = y */
-    vmovl.u8        q2, d1\r_offs  /* r = { d4, d5 } */
-      vmovn.u16       d21, q11     /* d21 = u */
-    vmovl.u8        q3, d1\g_offs  /* g = { d6, d7 } */
-      vmovn.u16       d22, q12     /* d22 = v */
-    vmovl.u8        q4, d1\b_offs  /* b = { d8, d9 } */
-    vmull.u16       q7, d4, d0[0]
-    vmlal.u16       q7, d6, d0[1]
-    vmlal.u16       q7, d8, d0[2]
-      vst1.8          {d20}, [Y]!
-    vmull.u16       q8, d5, d0[0]
-    vmlal.u16       q8, d7, d0[1]
-    vmlal.u16       q8, d9, d0[2]
-    vmlsl.u16       q9, d4, d0[3]
-    vmlsl.u16       q9, d6, d1[0]
-    vmlal.u16       q9, d8, d1[1]
-      vst1.8          {d21}, [U]!
-    vmlsl.u16       q13, d5, d0[3]
-    vmlsl.u16       q13, d7, d1[0]
-    vmlal.u16       q13, d9, d1[1]
-    vrev64.32       q14, q1
-    vrev64.32       q15, q1
-    vmlal.u16       q14, d4, d1[1]
-    vmlsl.u16       q14, d6, d1[2]
-    vmlsl.u16       q14, d8, d1[3]
-      vst1.8          {d22}, [V]!
-    vmlal.u16       q15, d5, d1[1]
-    vmlsl.u16       q15, d7, d1[2]
-    vmlsl.u16       q15, d9, d1[3]
-.endm
-
-.balign 16
-jsimd_\colorid\()_ycc_neon_consts:
-  .short 19595, 38470, 7471,  11059
-  .short 21709, 32768, 27439, 5329
-  .short 32767, 128,   32767, 128
-  .short 32767, 128,   32767, 128
-
-asm_function jsimd_\colorid\()_ycc_convert_neon
-    OUTPUT_WIDTH    .req r0
-    INPUT_BUF       .req r1
-    OUTPUT_BUF      .req r2
-    OUTPUT_ROW      .req r3
-    NUM_ROWS        .req r4
-
-    OUTPUT_BUF0     .req r5
-    OUTPUT_BUF1     .req r6
-    OUTPUT_BUF2     .req OUTPUT_BUF
-
-    RGB             .req r7
-    Y               .req r8
-    U               .req r9
-    V               .req r10
-    N               .req ip
-
-    /* Load constants to d0, d1, d2, d3 */
-    adr             ip, jsimd_\colorid\()_ycc_neon_consts
-    vld1.16         {d0, d1, d2, d3}, [ip, :128]
-
-    /* Save Arm registers and handle input arguments */
-    push            {r4, r5, r6, r7, r8, r9, r10, lr}
-    ldr             NUM_ROWS, [sp, #(4 * 8)]
-    ldr             OUTPUT_BUF0, [OUTPUT_BUF]
-    ldr             OUTPUT_BUF1, [OUTPUT_BUF, #4]
-    ldr             OUTPUT_BUF2, [OUTPUT_BUF, #8]
-    .unreq          OUTPUT_BUF
-
-    /* Save Neon registers */
-    vpush           {d8 - d15}
-
-    /* Outer loop over scanlines */
-    cmp             NUM_ROWS, #1
-    blt             9f
-0:
-    ldr             Y, [OUTPUT_BUF0, OUTPUT_ROW, lsl #2]
-    ldr             U, [OUTPUT_BUF1, OUTPUT_ROW, lsl #2]
-    mov             N, OUTPUT_WIDTH
-    ldr             V, [OUTPUT_BUF2, OUTPUT_ROW, lsl #2]
-    add             OUTPUT_ROW, OUTPUT_ROW, #1
-    ldr             RGB, [INPUT_BUF], #4
-
-    /* Inner loop over pixels */
-    subs            N, N, #8
-    blt             3f
-    do_load         \bpp, 8
-    do_rgb_to_yuv_stage1
-    subs            N, N, #8
-    blt             2f
-1:
-    do_rgb_to_yuv_stage2_store_load_stage1
-    subs            N, N, #8
-    bge             1b
-2:
-    do_rgb_to_yuv_stage2
-    do_store        8
-    tst             N, #7
-    beq             8f
-3:
-    tst             N, #4
-    beq             3f
-    do_load         \bpp, 4
-3:
-    tst             N, #2
-    beq             4f
-    do_load         \bpp, 2
-4:
-    tst             N, #1
-    beq             5f
-    do_load         \bpp, 1
-5:
-    do_rgb_to_yuv
-    tst             N, #4
-    beq             6f
-    do_store        4
-6:
-    tst             N, #2
-    beq             7f
-    do_store        2
-7:
-    tst             N, #1
-    beq             8f
-    do_store        1
-8:
-    subs            NUM_ROWS, NUM_ROWS, #1
-    bgt             0b
-9:
-    /* Restore all registers and return */
-    vpop            {d8 - d15}
-    pop             {r4, r5, r6, r7, r8, r9, r10, pc}
-
-    .unreq          OUTPUT_WIDTH
-    .unreq          OUTPUT_ROW
-    .unreq          INPUT_BUF
-    .unreq          NUM_ROWS
-    .unreq          OUTPUT_BUF0
-    .unreq          OUTPUT_BUF1
-    .unreq          OUTPUT_BUF2
-    .unreq          RGB
-    .unreq          Y
-    .unreq          U
-    .unreq          V
-    .unreq          N
-
-.purgem do_rgb_to_yuv
-.purgem do_rgb_to_yuv_stage1
-.purgem do_rgb_to_yuv_stage2
-.purgem do_rgb_to_yuv_stage2_store_load_stage1
-
-.endm
-
-/*--------------------------------- id ----- bpp R  G  B */
-generate_jsimd_rgb_ycc_convert_neon extrgb,  24, 0, 1, 2
-generate_jsimd_rgb_ycc_convert_neon extbgr,  24, 2, 1, 0
-generate_jsimd_rgb_ycc_convert_neon extrgbx, 32, 0, 1, 2
-generate_jsimd_rgb_ycc_convert_neon extbgrx, 32, 2, 1, 0
-generate_jsimd_rgb_ycc_convert_neon extxbgr, 32, 3, 2, 1
-generate_jsimd_rgb_ycc_convert_neon extxrgb, 32, 1, 2, 3
-
-.purgem do_load
-.purgem do_store
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch64/jccolext-neon.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch64/jccolext-neon.c
deleted file mode 100644
index 37130c2..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch64/jccolext-neon.c
+++ /dev/null
@@ -1,316 +0,0 @@
-/*
- * jccolext-neon.c - colorspace conversion (64-bit Arm Neon)
- *
- * Copyright (C) 2020, Arm Limited.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* This file is included by jccolor-neon.c */
-
-
-/* RGB -> YCbCr conversion is defined by the following equations:
- *    Y  =  0.29900 * R + 0.58700 * G + 0.11400 * B
- *    Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B  + 128
- *    Cr =  0.50000 * R - 0.41869 * G - 0.08131 * B  + 128
- *
- * Avoid floating point arithmetic by using shifted integer constants:
- *    0.29899597 = 19595 * 2^-16
- *    0.58700561 = 38470 * 2^-16
- *    0.11399841 =  7471 * 2^-16
- *    0.16874695 = 11059 * 2^-16
- *    0.33125305 = 21709 * 2^-16
- *    0.50000000 = 32768 * 2^-16
- *    0.41868592 = 27439 * 2^-16
- *    0.08131409 =  5329 * 2^-16
- * These constants are defined in jccolor-neon.c
- *
- * We add the fixed-point equivalent of 0.5 to Cb and Cr, which effectively
- * rounds up or down the result via integer truncation.
- */
-
-void jsimd_rgb_ycc_convert_neon(JDIMENSION image_width, JSAMPARRAY input_buf,
-                                JSAMPIMAGE output_buf, JDIMENSION output_row,
-                                int num_rows)
-{
-  /* Pointer to RGB(X/A) input data */
-  JSAMPROW inptr;
-  /* Pointers to Y, Cb, and Cr output data */
-  JSAMPROW outptr0, outptr1, outptr2;
-  /* Allocate temporary buffer for final (image_width % 16) pixels in row. */
-  ALIGN(16) uint8_t tmp_buf[16 * RGB_PIXELSIZE];
-
-  /* Set up conversion constants. */
-  const uint16x8_t consts = vld1q_u16(jsimd_rgb_ycc_neon_consts);
-  const uint32x4_t scaled_128_5 = vdupq_n_u32((128 << 16) + 32767);
-
-  while (--num_rows >= 0) {
-    inptr = *input_buf++;
-    outptr0 = output_buf[0][output_row];
-    outptr1 = output_buf[1][output_row];
-    outptr2 = output_buf[2][output_row];
-    output_row++;
-
-    int cols_remaining = image_width;
-    for (; cols_remaining >= 16; cols_remaining -= 16) {
-
-#if RGB_PIXELSIZE == 4
-      uint8x16x4_t input_pixels = vld4q_u8(inptr);
-#else
-      uint8x16x3_t input_pixels = vld3q_u8(inptr);
-#endif
-      uint16x8_t r_l = vmovl_u8(vget_low_u8(input_pixels.val[RGB_RED]));
-      uint16x8_t g_l = vmovl_u8(vget_low_u8(input_pixels.val[RGB_GREEN]));
-      uint16x8_t b_l = vmovl_u8(vget_low_u8(input_pixels.val[RGB_BLUE]));
-      uint16x8_t r_h = vmovl_u8(vget_high_u8(input_pixels.val[RGB_RED]));
-      uint16x8_t g_h = vmovl_u8(vget_high_u8(input_pixels.val[RGB_GREEN]));
-      uint16x8_t b_h = vmovl_u8(vget_high_u8(input_pixels.val[RGB_BLUE]));
-
-      /* Compute Y = 0.29900 * R + 0.58700 * G + 0.11400 * B */
-      uint32x4_t y_ll = vmull_laneq_u16(vget_low_u16(r_l), consts, 0);
-      y_ll = vmlal_laneq_u16(y_ll, vget_low_u16(g_l), consts, 1);
-      y_ll = vmlal_laneq_u16(y_ll, vget_low_u16(b_l), consts, 2);
-      uint32x4_t y_lh = vmull_laneq_u16(vget_high_u16(r_l), consts, 0);
-      y_lh = vmlal_laneq_u16(y_lh, vget_high_u16(g_l), consts, 1);
-      y_lh = vmlal_laneq_u16(y_lh, vget_high_u16(b_l), consts, 2);
-      uint32x4_t y_hl = vmull_laneq_u16(vget_low_u16(r_h), consts, 0);
-      y_hl = vmlal_laneq_u16(y_hl, vget_low_u16(g_h), consts, 1);
-      y_hl = vmlal_laneq_u16(y_hl, vget_low_u16(b_h), consts, 2);
-      uint32x4_t y_hh = vmull_laneq_u16(vget_high_u16(r_h), consts, 0);
-      y_hh = vmlal_laneq_u16(y_hh, vget_high_u16(g_h), consts, 1);
-      y_hh = vmlal_laneq_u16(y_hh, vget_high_u16(b_h), consts, 2);
-
-      /* Compute Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B  + 128 */
-      uint32x4_t cb_ll = scaled_128_5;
-      cb_ll = vmlsl_laneq_u16(cb_ll, vget_low_u16(r_l), consts, 3);
-      cb_ll = vmlsl_laneq_u16(cb_ll, vget_low_u16(g_l), consts, 4);
-      cb_ll = vmlal_laneq_u16(cb_ll, vget_low_u16(b_l), consts, 5);
-      uint32x4_t cb_lh = scaled_128_5;
-      cb_lh = vmlsl_laneq_u16(cb_lh, vget_high_u16(r_l), consts, 3);
-      cb_lh = vmlsl_laneq_u16(cb_lh, vget_high_u16(g_l), consts, 4);
-      cb_lh = vmlal_laneq_u16(cb_lh, vget_high_u16(b_l), consts, 5);
-      uint32x4_t cb_hl = scaled_128_5;
-      cb_hl = vmlsl_laneq_u16(cb_hl, vget_low_u16(r_h), consts, 3);
-      cb_hl = vmlsl_laneq_u16(cb_hl, vget_low_u16(g_h), consts, 4);
-      cb_hl = vmlal_laneq_u16(cb_hl, vget_low_u16(b_h), consts, 5);
-      uint32x4_t cb_hh = scaled_128_5;
-      cb_hh = vmlsl_laneq_u16(cb_hh, vget_high_u16(r_h), consts, 3);
-      cb_hh = vmlsl_laneq_u16(cb_hh, vget_high_u16(g_h), consts, 4);
-      cb_hh = vmlal_laneq_u16(cb_hh, vget_high_u16(b_h), consts, 5);
-
-      /* Compute Cr = 0.50000 * R - 0.41869 * G - 0.08131 * B  + 128 */
-      uint32x4_t cr_ll = scaled_128_5;
-      cr_ll = vmlal_laneq_u16(cr_ll, vget_low_u16(r_l), consts, 5);
-      cr_ll = vmlsl_laneq_u16(cr_ll, vget_low_u16(g_l), consts, 6);
-      cr_ll = vmlsl_laneq_u16(cr_ll, vget_low_u16(b_l), consts, 7);
-      uint32x4_t cr_lh = scaled_128_5;
-      cr_lh = vmlal_laneq_u16(cr_lh, vget_high_u16(r_l), consts, 5);
-      cr_lh = vmlsl_laneq_u16(cr_lh, vget_high_u16(g_l), consts, 6);
-      cr_lh = vmlsl_laneq_u16(cr_lh, vget_high_u16(b_l), consts, 7);
-      uint32x4_t cr_hl = scaled_128_5;
-      cr_hl = vmlal_laneq_u16(cr_hl, vget_low_u16(r_h), consts, 5);
-      cr_hl = vmlsl_laneq_u16(cr_hl, vget_low_u16(g_h), consts, 6);
-      cr_hl = vmlsl_laneq_u16(cr_hl, vget_low_u16(b_h), consts, 7);
-      uint32x4_t cr_hh = scaled_128_5;
-      cr_hh = vmlal_laneq_u16(cr_hh, vget_high_u16(r_h), consts, 5);
-      cr_hh = vmlsl_laneq_u16(cr_hh, vget_high_u16(g_h), consts, 6);
-      cr_hh = vmlsl_laneq_u16(cr_hh, vget_high_u16(b_h), consts, 7);
-
-      /* Descale Y values (rounding right shift) and narrow to 16-bit. */
-      uint16x8_t y_l = vcombine_u16(vrshrn_n_u32(y_ll, 16),
-                                    vrshrn_n_u32(y_lh, 16));
-      uint16x8_t y_h = vcombine_u16(vrshrn_n_u32(y_hl, 16),
-                                    vrshrn_n_u32(y_hh, 16));
-      /* Descale Cb values (right shift) and narrow to 16-bit. */
-      uint16x8_t cb_l = vcombine_u16(vshrn_n_u32(cb_ll, 16),
-                                     vshrn_n_u32(cb_lh, 16));
-      uint16x8_t cb_h = vcombine_u16(vshrn_n_u32(cb_hl, 16),
-                                     vshrn_n_u32(cb_hh, 16));
-      /* Descale Cr values (right shift) and narrow to 16-bit. */
-      uint16x8_t cr_l = vcombine_u16(vshrn_n_u32(cr_ll, 16),
-                                     vshrn_n_u32(cr_lh, 16));
-      uint16x8_t cr_h = vcombine_u16(vshrn_n_u32(cr_hl, 16),
-                                     vshrn_n_u32(cr_hh, 16));
-      /* Narrow Y, Cb, and Cr values to 8-bit and store to memory.  Buffer
-       * overwrite is permitted up to the next multiple of ALIGN_SIZE bytes.
-       */
-      vst1q_u8(outptr0, vcombine_u8(vmovn_u16(y_l), vmovn_u16(y_h)));
-      vst1q_u8(outptr1, vcombine_u8(vmovn_u16(cb_l), vmovn_u16(cb_h)));
-      vst1q_u8(outptr2, vcombine_u8(vmovn_u16(cr_l), vmovn_u16(cr_h)));
-
-      /* Increment pointers. */
-      inptr += (16 * RGB_PIXELSIZE);
-      outptr0 += 16;
-      outptr1 += 16;
-      outptr2 += 16;
-    }
-
-    if (cols_remaining > 8) {
-      /* To prevent buffer overread by the vector load instructions, the last
-       * (image_width % 16) columns of data are first memcopied to a temporary
-       * buffer large enough to accommodate the vector load.
-       */
-      memcpy(tmp_buf, inptr, cols_remaining * RGB_PIXELSIZE);
-      inptr = tmp_buf;
-
-#if RGB_PIXELSIZE == 4
-      uint8x16x4_t input_pixels = vld4q_u8(inptr);
-#else
-      uint8x16x3_t input_pixels = vld3q_u8(inptr);
-#endif
-      uint16x8_t r_l = vmovl_u8(vget_low_u8(input_pixels.val[RGB_RED]));
-      uint16x8_t g_l = vmovl_u8(vget_low_u8(input_pixels.val[RGB_GREEN]));
-      uint16x8_t b_l = vmovl_u8(vget_low_u8(input_pixels.val[RGB_BLUE]));
-      uint16x8_t r_h = vmovl_u8(vget_high_u8(input_pixels.val[RGB_RED]));
-      uint16x8_t g_h = vmovl_u8(vget_high_u8(input_pixels.val[RGB_GREEN]));
-      uint16x8_t b_h = vmovl_u8(vget_high_u8(input_pixels.val[RGB_BLUE]));
-
-      /* Compute Y = 0.29900 * R + 0.58700 * G + 0.11400 * B */
-      uint32x4_t y_ll = vmull_laneq_u16(vget_low_u16(r_l), consts, 0);
-      y_ll = vmlal_laneq_u16(y_ll, vget_low_u16(g_l), consts, 1);
-      y_ll = vmlal_laneq_u16(y_ll, vget_low_u16(b_l), consts, 2);
-      uint32x4_t y_lh = vmull_laneq_u16(vget_high_u16(r_l), consts, 0);
-      y_lh = vmlal_laneq_u16(y_lh, vget_high_u16(g_l), consts, 1);
-      y_lh = vmlal_laneq_u16(y_lh, vget_high_u16(b_l), consts, 2);
-      uint32x4_t y_hl = vmull_laneq_u16(vget_low_u16(r_h), consts, 0);
-      y_hl = vmlal_laneq_u16(y_hl, vget_low_u16(g_h), consts, 1);
-      y_hl = vmlal_laneq_u16(y_hl, vget_low_u16(b_h), consts, 2);
-      uint32x4_t y_hh = vmull_laneq_u16(vget_high_u16(r_h), consts, 0);
-      y_hh = vmlal_laneq_u16(y_hh, vget_high_u16(g_h), consts, 1);
-      y_hh = vmlal_laneq_u16(y_hh, vget_high_u16(b_h), consts, 2);
-
-      /* Compute Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B  + 128 */
-      uint32x4_t cb_ll = scaled_128_5;
-      cb_ll = vmlsl_laneq_u16(cb_ll, vget_low_u16(r_l), consts, 3);
-      cb_ll = vmlsl_laneq_u16(cb_ll, vget_low_u16(g_l), consts, 4);
-      cb_ll = vmlal_laneq_u16(cb_ll, vget_low_u16(b_l), consts, 5);
-      uint32x4_t cb_lh = scaled_128_5;
-      cb_lh = vmlsl_laneq_u16(cb_lh, vget_high_u16(r_l), consts, 3);
-      cb_lh = vmlsl_laneq_u16(cb_lh, vget_high_u16(g_l), consts, 4);
-      cb_lh = vmlal_laneq_u16(cb_lh, vget_high_u16(b_l), consts, 5);
-      uint32x4_t cb_hl = scaled_128_5;
-      cb_hl = vmlsl_laneq_u16(cb_hl, vget_low_u16(r_h), consts, 3);
-      cb_hl = vmlsl_laneq_u16(cb_hl, vget_low_u16(g_h), consts, 4);
-      cb_hl = vmlal_laneq_u16(cb_hl, vget_low_u16(b_h), consts, 5);
-      uint32x4_t cb_hh = scaled_128_5;
-      cb_hh = vmlsl_laneq_u16(cb_hh, vget_high_u16(r_h), consts, 3);
-      cb_hh = vmlsl_laneq_u16(cb_hh, vget_high_u16(g_h), consts, 4);
-      cb_hh = vmlal_laneq_u16(cb_hh, vget_high_u16(b_h), consts, 5);
-
-      /* Compute Cr = 0.50000 * R - 0.41869 * G - 0.08131 * B  + 128 */
-      uint32x4_t cr_ll = scaled_128_5;
-      cr_ll = vmlal_laneq_u16(cr_ll, vget_low_u16(r_l), consts, 5);
-      cr_ll = vmlsl_laneq_u16(cr_ll, vget_low_u16(g_l), consts, 6);
-      cr_ll = vmlsl_laneq_u16(cr_ll, vget_low_u16(b_l), consts, 7);
-      uint32x4_t cr_lh = scaled_128_5;
-      cr_lh = vmlal_laneq_u16(cr_lh, vget_high_u16(r_l), consts, 5);
-      cr_lh = vmlsl_laneq_u16(cr_lh, vget_high_u16(g_l), consts, 6);
-      cr_lh = vmlsl_laneq_u16(cr_lh, vget_high_u16(b_l), consts, 7);
-      uint32x4_t cr_hl = scaled_128_5;
-      cr_hl = vmlal_laneq_u16(cr_hl, vget_low_u16(r_h), consts, 5);
-      cr_hl = vmlsl_laneq_u16(cr_hl, vget_low_u16(g_h), consts, 6);
-      cr_hl = vmlsl_laneq_u16(cr_hl, vget_low_u16(b_h), consts, 7);
-      uint32x4_t cr_hh = scaled_128_5;
-      cr_hh = vmlal_laneq_u16(cr_hh, vget_high_u16(r_h), consts, 5);
-      cr_hh = vmlsl_laneq_u16(cr_hh, vget_high_u16(g_h), consts, 6);
-      cr_hh = vmlsl_laneq_u16(cr_hh, vget_high_u16(b_h), consts, 7);
-
-      /* Descale Y values (rounding right shift) and narrow to 16-bit. */
-      uint16x8_t y_l = vcombine_u16(vrshrn_n_u32(y_ll, 16),
-                                    vrshrn_n_u32(y_lh, 16));
-      uint16x8_t y_h = vcombine_u16(vrshrn_n_u32(y_hl, 16),
-                                    vrshrn_n_u32(y_hh, 16));
-      /* Descale Cb values (right shift) and narrow to 16-bit. */
-      uint16x8_t cb_l = vcombine_u16(vshrn_n_u32(cb_ll, 16),
-                                     vshrn_n_u32(cb_lh, 16));
-      uint16x8_t cb_h = vcombine_u16(vshrn_n_u32(cb_hl, 16),
-                                     vshrn_n_u32(cb_hh, 16));
-      /* Descale Cr values (right shift) and narrow to 16-bit. */
-      uint16x8_t cr_l = vcombine_u16(vshrn_n_u32(cr_ll, 16),
-                                     vshrn_n_u32(cr_lh, 16));
-      uint16x8_t cr_h = vcombine_u16(vshrn_n_u32(cr_hl, 16),
-                                     vshrn_n_u32(cr_hh, 16));
-      /* Narrow Y, Cb, and Cr values to 8-bit and store to memory.  Buffer
-       * overwrite is permitted up to the next multiple of ALIGN_SIZE bytes.
-       */
-      vst1q_u8(outptr0, vcombine_u8(vmovn_u16(y_l), vmovn_u16(y_h)));
-      vst1q_u8(outptr1, vcombine_u8(vmovn_u16(cb_l), vmovn_u16(cb_h)));
-      vst1q_u8(outptr2, vcombine_u8(vmovn_u16(cr_l), vmovn_u16(cr_h)));
-
-    } else if (cols_remaining > 0) {
-      /* To prevent buffer overread by the vector load instructions, the last
-       * (image_width % 8) columns of data are first memcopied to a temporary
-       * buffer large enough to accommodate the vector load.
-       */
-      memcpy(tmp_buf, inptr, cols_remaining * RGB_PIXELSIZE);
-      inptr = tmp_buf;
-
-#if RGB_PIXELSIZE == 4
-      uint8x8x4_t input_pixels = vld4_u8(inptr);
-#else
-      uint8x8x3_t input_pixels = vld3_u8(inptr);
-#endif
-      uint16x8_t r = vmovl_u8(input_pixels.val[RGB_RED]);
-      uint16x8_t g = vmovl_u8(input_pixels.val[RGB_GREEN]);
-      uint16x8_t b = vmovl_u8(input_pixels.val[RGB_BLUE]);
-
-      /* Compute Y = 0.29900 * R + 0.58700 * G + 0.11400 * B */
-      uint32x4_t y_l = vmull_laneq_u16(vget_low_u16(r), consts, 0);
-      y_l = vmlal_laneq_u16(y_l, vget_low_u16(g), consts, 1);
-      y_l = vmlal_laneq_u16(y_l, vget_low_u16(b), consts, 2);
-      uint32x4_t y_h = vmull_laneq_u16(vget_high_u16(r), consts, 0);
-      y_h = vmlal_laneq_u16(y_h, vget_high_u16(g), consts, 1);
-      y_h = vmlal_laneq_u16(y_h, vget_high_u16(b), consts, 2);
-
-      /* Compute Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B  + 128 */
-      uint32x4_t cb_l = scaled_128_5;
-      cb_l = vmlsl_laneq_u16(cb_l, vget_low_u16(r), consts, 3);
-      cb_l = vmlsl_laneq_u16(cb_l, vget_low_u16(g), consts, 4);
-      cb_l = vmlal_laneq_u16(cb_l, vget_low_u16(b), consts, 5);
-      uint32x4_t cb_h = scaled_128_5;
-      cb_h = vmlsl_laneq_u16(cb_h, vget_high_u16(r), consts, 3);
-      cb_h = vmlsl_laneq_u16(cb_h, vget_high_u16(g), consts, 4);
-      cb_h = vmlal_laneq_u16(cb_h, vget_high_u16(b), consts, 5);
-
-      /* Compute Cr = 0.50000 * R - 0.41869 * G - 0.08131 * B  + 128 */
-      uint32x4_t cr_l = scaled_128_5;
-      cr_l = vmlal_laneq_u16(cr_l, vget_low_u16(r), consts, 5);
-      cr_l = vmlsl_laneq_u16(cr_l, vget_low_u16(g), consts, 6);
-      cr_l = vmlsl_laneq_u16(cr_l, vget_low_u16(b), consts, 7);
-      uint32x4_t cr_h = scaled_128_5;
-      cr_h = vmlal_laneq_u16(cr_h, vget_high_u16(r), consts, 5);
-      cr_h = vmlsl_laneq_u16(cr_h, vget_high_u16(g), consts, 6);
-      cr_h = vmlsl_laneq_u16(cr_h, vget_high_u16(b), consts, 7);
-
-      /* Descale Y values (rounding right shift) and narrow to 16-bit. */
-      uint16x8_t y_u16 = vcombine_u16(vrshrn_n_u32(y_l, 16),
-                                      vrshrn_n_u32(y_h, 16));
-      /* Descale Cb values (right shift) and narrow to 16-bit. */
-      uint16x8_t cb_u16 = vcombine_u16(vshrn_n_u32(cb_l, 16),
-                                       vshrn_n_u32(cb_h, 16));
-      /* Descale Cr values (right shift) and narrow to 16-bit. */
-      uint16x8_t cr_u16 = vcombine_u16(vshrn_n_u32(cr_l, 16),
-                                       vshrn_n_u32(cr_h, 16));
-      /* Narrow Y, Cb, and Cr values to 8-bit and store to memory.  Buffer
-       * overwrite is permitted up to the next multiple of ALIGN_SIZE bytes.
-       */
-      vst1_u8(outptr0, vmovn_u16(y_u16));
-      vst1_u8(outptr1, vmovn_u16(cb_u16));
-      vst1_u8(outptr2, vmovn_u16(cr_u16));
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch64/jchuff-neon.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch64/jchuff-neon.c
deleted file mode 100644
index f13fd1b..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch64/jchuff-neon.c
+++ /dev/null
@@ -1,403 +0,0 @@
-/*
- * jchuff-neon.c - Huffman entropy encoding (64-bit Arm Neon)
- *
- * Copyright (C) 2020-2021, Arm Limited.  All Rights Reserved.
- * Copyright (C) 2020, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- *
- * NOTE: All referenced figures are from
- * Recommendation ITU-T T.81 (1992) | ISO/IEC 10918-1:1994.
- */
-
-#define JPEG_INTERNALS
-#include "../../../jinclude.h"
-#include "../../../jpeglib.h"
-#include "../../../jsimd.h"
-#include "../../../jdct.h"
-#include "../../../jsimddct.h"
-#include "../../jsimd.h"
-#include "../align.h"
-#include "../jchuff.h"
-#include "neon-compat.h"
-
-#include <limits.h>
-
-#include <arm_neon.h>
-
-
-ALIGN(16) static const uint8_t jsimd_huff_encode_one_block_consts[] = {
-    0,   1,   2,   3,  16,  17,  32,  33,
-   18,  19,   4,   5,   6,   7,  20,  21,
-   34,  35,  48,  49, 255, 255,  50,  51,
-   36,  37,  22,  23,   8,   9,  10,  11,
-  255, 255,   6,   7,  20,  21,  34,  35,
-   48,  49, 255, 255,  50,  51,  36,  37,
-   54,  55,  40,  41,  26,  27,  12,  13,
-   14,  15,  28,  29,  42,  43,  56,  57,
-    6,   7,  20,  21,  34,  35,  48,  49,
-   50,  51,  36,  37,  22,  23,   8,   9,
-   26,  27,  12,  13, 255, 255,  14,  15,
-   28,  29,  42,  43,  56,  57, 255, 255,
-   52,  53,  54,  55,  40,  41,  26,  27,
-   12,  13, 255, 255,  14,  15,  28,  29,
-   26,  27,  40,  41,  42,  43,  28,  29,
-   14,  15,  30,  31,  44,  45,  46,  47
-};
-
-JOCTET *jsimd_huff_encode_one_block_neon(void *state, JOCTET *buffer,
-                                         JCOEFPTR block, int last_dc_val,
-                                         c_derived_tbl *dctbl,
-                                         c_derived_tbl *actbl)
-{
-  uint16_t block_diff[DCTSIZE2];
-
-  /* Load lookup table indices for rows of zig-zag ordering. */
-#ifdef HAVE_VLD1Q_U8_X4
-  const uint8x16x4_t idx_rows_0123 =
-    vld1q_u8_x4(jsimd_huff_encode_one_block_consts + 0 * DCTSIZE);
-  const uint8x16x4_t idx_rows_4567 =
-    vld1q_u8_x4(jsimd_huff_encode_one_block_consts + 8 * DCTSIZE);
-#else
-  /* GCC does not currently support intrinsics vl1dq_<type>_x4(). */
-  const uint8x16x4_t idx_rows_0123 = { {
-    vld1q_u8(jsimd_huff_encode_one_block_consts + 0 * DCTSIZE),
-    vld1q_u8(jsimd_huff_encode_one_block_consts + 2 * DCTSIZE),
-    vld1q_u8(jsimd_huff_encode_one_block_consts + 4 * DCTSIZE),
-    vld1q_u8(jsimd_huff_encode_one_block_consts + 6 * DCTSIZE)
-  } };
-  const uint8x16x4_t idx_rows_4567 = { {
-    vld1q_u8(jsimd_huff_encode_one_block_consts + 8 * DCTSIZE),
-    vld1q_u8(jsimd_huff_encode_one_block_consts + 10 * DCTSIZE),
-    vld1q_u8(jsimd_huff_encode_one_block_consts + 12 * DCTSIZE),
-    vld1q_u8(jsimd_huff_encode_one_block_consts + 14 * DCTSIZE)
-  } };
-#endif
-
-  /* Load 8x8 block of DCT coefficients. */
-#ifdef HAVE_VLD1Q_U8_X4
-  const int8x16x4_t tbl_rows_0123 =
-    vld1q_s8_x4((int8_t *)(block + 0 * DCTSIZE));
-  const int8x16x4_t tbl_rows_4567 =
-    vld1q_s8_x4((int8_t *)(block + 4 * DCTSIZE));
-#else
-  const int8x16x4_t tbl_rows_0123 = { {
-    vld1q_s8((int8_t *)(block + 0 * DCTSIZE)),
-    vld1q_s8((int8_t *)(block + 1 * DCTSIZE)),
-    vld1q_s8((int8_t *)(block + 2 * DCTSIZE)),
-    vld1q_s8((int8_t *)(block + 3 * DCTSIZE))
-  } };
-  const int8x16x4_t tbl_rows_4567 = { {
-    vld1q_s8((int8_t *)(block + 4 * DCTSIZE)),
-    vld1q_s8((int8_t *)(block + 5 * DCTSIZE)),
-    vld1q_s8((int8_t *)(block + 6 * DCTSIZE)),
-    vld1q_s8((int8_t *)(block + 7 * DCTSIZE))
-  } };
-#endif
-
-  /* Initialise extra lookup tables. */
-  const int8x16x4_t tbl_rows_2345 = { {
-    tbl_rows_0123.val[2], tbl_rows_0123.val[3],
-    tbl_rows_4567.val[0], tbl_rows_4567.val[1]
-  } };
-  const int8x16x3_t tbl_rows_567 =
-    { { tbl_rows_4567.val[1], tbl_rows_4567.val[2], tbl_rows_4567.val[3] } };
-
-  /* Shuffle coefficients into zig-zag order. */
-  int16x8_t row0 =
-    vreinterpretq_s16_s8(vqtbl4q_s8(tbl_rows_0123, idx_rows_0123.val[0]));
-  int16x8_t row1 =
-    vreinterpretq_s16_s8(vqtbl4q_s8(tbl_rows_0123, idx_rows_0123.val[1]));
-  int16x8_t row2 =
-    vreinterpretq_s16_s8(vqtbl4q_s8(tbl_rows_2345, idx_rows_0123.val[2]));
-  int16x8_t row3 =
-    vreinterpretq_s16_s8(vqtbl4q_s8(tbl_rows_0123, idx_rows_0123.val[3]));
-  int16x8_t row4 =
-    vreinterpretq_s16_s8(vqtbl4q_s8(tbl_rows_4567, idx_rows_4567.val[0]));
-  int16x8_t row5 =
-    vreinterpretq_s16_s8(vqtbl4q_s8(tbl_rows_2345, idx_rows_4567.val[1]));
-  int16x8_t row6 =
-    vreinterpretq_s16_s8(vqtbl4q_s8(tbl_rows_4567, idx_rows_4567.val[2]));
-  int16x8_t row7 =
-    vreinterpretq_s16_s8(vqtbl3q_s8(tbl_rows_567, idx_rows_4567.val[3]));
-
-  /* Compute DC coefficient difference value (F.1.1.5.1). */
-  row0 = vsetq_lane_s16(block[0] - last_dc_val, row0, 0);
-  /* Initialize AC coefficient lanes not reachable by lookup tables. */
-  row1 =
-    vsetq_lane_s16(vgetq_lane_s16(vreinterpretq_s16_s8(tbl_rows_4567.val[0]),
-                                  0), row1, 2);
-  row2 =
-    vsetq_lane_s16(vgetq_lane_s16(vreinterpretq_s16_s8(tbl_rows_0123.val[1]),
-                                  4), row2, 0);
-  row2 =
-    vsetq_lane_s16(vgetq_lane_s16(vreinterpretq_s16_s8(tbl_rows_4567.val[2]),
-                                  0), row2, 5);
-  row5 =
-    vsetq_lane_s16(vgetq_lane_s16(vreinterpretq_s16_s8(tbl_rows_0123.val[1]),
-                                  7), row5, 2);
-  row5 =
-    vsetq_lane_s16(vgetq_lane_s16(vreinterpretq_s16_s8(tbl_rows_4567.val[2]),
-                                  3), row5, 7);
-  row6 =
-    vsetq_lane_s16(vgetq_lane_s16(vreinterpretq_s16_s8(tbl_rows_0123.val[3]),
-                                  7), row6, 5);
-
-  /* DCT block is now in zig-zag order; start Huffman encoding process. */
-  int16x8_t abs_row0 = vabsq_s16(row0);
-  int16x8_t abs_row1 = vabsq_s16(row1);
-  int16x8_t abs_row2 = vabsq_s16(row2);
-  int16x8_t abs_row3 = vabsq_s16(row3);
-  int16x8_t abs_row4 = vabsq_s16(row4);
-  int16x8_t abs_row5 = vabsq_s16(row5);
-  int16x8_t abs_row6 = vabsq_s16(row6);
-  int16x8_t abs_row7 = vabsq_s16(row7);
-
-  /* For negative coeffs: diff = abs(coeff) -1 = ~abs(coeff) */
-  uint16x8_t row0_diff =
-    vreinterpretq_u16_s16(veorq_s16(abs_row0, vshrq_n_s16(row0, 15)));
-  uint16x8_t row1_diff =
-    vreinterpretq_u16_s16(veorq_s16(abs_row1, vshrq_n_s16(row1, 15)));
-  uint16x8_t row2_diff =
-    vreinterpretq_u16_s16(veorq_s16(abs_row2, vshrq_n_s16(row2, 15)));
-  uint16x8_t row3_diff =
-    vreinterpretq_u16_s16(veorq_s16(abs_row3, vshrq_n_s16(row3, 15)));
-  uint16x8_t row4_diff =
-    vreinterpretq_u16_s16(veorq_s16(abs_row4, vshrq_n_s16(row4, 15)));
-  uint16x8_t row5_diff =
-    vreinterpretq_u16_s16(veorq_s16(abs_row5, vshrq_n_s16(row5, 15)));
-  uint16x8_t row6_diff =
-    vreinterpretq_u16_s16(veorq_s16(abs_row6, vshrq_n_s16(row6, 15)));
-  uint16x8_t row7_diff =
-    vreinterpretq_u16_s16(veorq_s16(abs_row7, vshrq_n_s16(row7, 15)));
-
-  /* Construct bitmap to accelerate encoding of AC coefficients.  A set bit
-   * means that the corresponding coefficient != 0.
-   */
-  uint8x8_t abs_row0_gt0 = vmovn_u16(vcgtq_u16(vreinterpretq_u16_s16(abs_row0),
-                                               vdupq_n_u16(0)));
-  uint8x8_t abs_row1_gt0 = vmovn_u16(vcgtq_u16(vreinterpretq_u16_s16(abs_row1),
-                                               vdupq_n_u16(0)));
-  uint8x8_t abs_row2_gt0 = vmovn_u16(vcgtq_u16(vreinterpretq_u16_s16(abs_row2),
-                                               vdupq_n_u16(0)));
-  uint8x8_t abs_row3_gt0 = vmovn_u16(vcgtq_u16(vreinterpretq_u16_s16(abs_row3),
-                                               vdupq_n_u16(0)));
-  uint8x8_t abs_row4_gt0 = vmovn_u16(vcgtq_u16(vreinterpretq_u16_s16(abs_row4),
-                                               vdupq_n_u16(0)));
-  uint8x8_t abs_row5_gt0 = vmovn_u16(vcgtq_u16(vreinterpretq_u16_s16(abs_row5),
-                                               vdupq_n_u16(0)));
-  uint8x8_t abs_row6_gt0 = vmovn_u16(vcgtq_u16(vreinterpretq_u16_s16(abs_row6),
-                                               vdupq_n_u16(0)));
-  uint8x8_t abs_row7_gt0 = vmovn_u16(vcgtq_u16(vreinterpretq_u16_s16(abs_row7),
-                                               vdupq_n_u16(0)));
-
-  /* { 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01 } */
-  const uint8x8_t bitmap_mask =
-    vreinterpret_u8_u64(vmov_n_u64(0x0102040810204080));
-
-  abs_row0_gt0 = vand_u8(abs_row0_gt0, bitmap_mask);
-  abs_row1_gt0 = vand_u8(abs_row1_gt0, bitmap_mask);
-  abs_row2_gt0 = vand_u8(abs_row2_gt0, bitmap_mask);
-  abs_row3_gt0 = vand_u8(abs_row3_gt0, bitmap_mask);
-  abs_row4_gt0 = vand_u8(abs_row4_gt0, bitmap_mask);
-  abs_row5_gt0 = vand_u8(abs_row5_gt0, bitmap_mask);
-  abs_row6_gt0 = vand_u8(abs_row6_gt0, bitmap_mask);
-  abs_row7_gt0 = vand_u8(abs_row7_gt0, bitmap_mask);
-
-  uint8x8_t bitmap_rows_10 = vpadd_u8(abs_row1_gt0, abs_row0_gt0);
-  uint8x8_t bitmap_rows_32 = vpadd_u8(abs_row3_gt0, abs_row2_gt0);
-  uint8x8_t bitmap_rows_54 = vpadd_u8(abs_row5_gt0, abs_row4_gt0);
-  uint8x8_t bitmap_rows_76 = vpadd_u8(abs_row7_gt0, abs_row6_gt0);
-  uint8x8_t bitmap_rows_3210 = vpadd_u8(bitmap_rows_32, bitmap_rows_10);
-  uint8x8_t bitmap_rows_7654 = vpadd_u8(bitmap_rows_76, bitmap_rows_54);
-  uint8x8_t bitmap_all = vpadd_u8(bitmap_rows_7654, bitmap_rows_3210);
-
-  /* Shift left to remove DC bit. */
-  bitmap_all =
-    vreinterpret_u8_u64(vshl_n_u64(vreinterpret_u64_u8(bitmap_all), 1));
-  /* Count bits set (number of non-zero coefficients) in bitmap. */
-  unsigned int non_zero_coefficients = vaddv_u8(vcnt_u8(bitmap_all));
-  /* Move bitmap to 64-bit scalar register. */
-  uint64_t bitmap = vget_lane_u64(vreinterpret_u64_u8(bitmap_all), 0);
-
-  /* Set up state and bit buffer for output bitstream. */
-  working_state *state_ptr = (working_state *)state;
-  int free_bits = state_ptr->cur.free_bits;
-  size_t put_buffer = state_ptr->cur.put_buffer;
-
-  /* Encode DC coefficient. */
-
-  /* Find nbits required to specify sign and amplitude of coefficient. */
-#if defined(_MSC_VER) && !defined(__clang__)
-  unsigned int lz = BUILTIN_CLZ(vgetq_lane_s16(abs_row0, 0));
-#else
-  unsigned int lz;
-  __asm__("clz %w0, %w1" : "=r"(lz) : "r"(vgetq_lane_s16(abs_row0, 0)));
-#endif
-  unsigned int nbits = 32 - lz;
-  /* Emit Huffman-coded symbol and additional diff bits. */
-  unsigned int diff = (unsigned int)(vgetq_lane_u16(row0_diff, 0) << lz) >> lz;
-  PUT_CODE(dctbl->ehufco[nbits], dctbl->ehufsi[nbits], diff)
-
-  /* Encode AC coefficients. */
-
-  unsigned int r = 0;  /* r = run length of zeros */
-  unsigned int i = 1;  /* i = number of coefficients encoded */
-  /* Code and size information for a run length of 16 zero coefficients */
-  const unsigned int code_0xf0 = actbl->ehufco[0xf0];
-  const unsigned int size_0xf0 = actbl->ehufsi[0xf0];
-
-  /* The most efficient method of computing nbits and diff depends on the
-   * number of non-zero coefficients.  If the bitmap is not too sparse (> 8
-   * non-zero AC coefficients), it is beneficial to use Neon; else we compute
-   * nbits and diff on demand using scalar code.
-   */
-  if (non_zero_coefficients > 8) {
-    uint8_t block_nbits[DCTSIZE2];
-
-    int16x8_t row0_lz = vclzq_s16(abs_row0);
-    int16x8_t row1_lz = vclzq_s16(abs_row1);
-    int16x8_t row2_lz = vclzq_s16(abs_row2);
-    int16x8_t row3_lz = vclzq_s16(abs_row3);
-    int16x8_t row4_lz = vclzq_s16(abs_row4);
-    int16x8_t row5_lz = vclzq_s16(abs_row5);
-    int16x8_t row6_lz = vclzq_s16(abs_row6);
-    int16x8_t row7_lz = vclzq_s16(abs_row7);
-    /* Compute nbits needed to specify magnitude of each coefficient. */
-    uint8x8_t row0_nbits = vsub_u8(vdup_n_u8(16),
-                                   vmovn_u16(vreinterpretq_u16_s16(row0_lz)));
-    uint8x8_t row1_nbits = vsub_u8(vdup_n_u8(16),
-                                   vmovn_u16(vreinterpretq_u16_s16(row1_lz)));
-    uint8x8_t row2_nbits = vsub_u8(vdup_n_u8(16),
-                                   vmovn_u16(vreinterpretq_u16_s16(row2_lz)));
-    uint8x8_t row3_nbits = vsub_u8(vdup_n_u8(16),
-                                   vmovn_u16(vreinterpretq_u16_s16(row3_lz)));
-    uint8x8_t row4_nbits = vsub_u8(vdup_n_u8(16),
-                                   vmovn_u16(vreinterpretq_u16_s16(row4_lz)));
-    uint8x8_t row5_nbits = vsub_u8(vdup_n_u8(16),
-                                   vmovn_u16(vreinterpretq_u16_s16(row5_lz)));
-    uint8x8_t row6_nbits = vsub_u8(vdup_n_u8(16),
-                                   vmovn_u16(vreinterpretq_u16_s16(row6_lz)));
-    uint8x8_t row7_nbits = vsub_u8(vdup_n_u8(16),
-                                   vmovn_u16(vreinterpretq_u16_s16(row7_lz)));
-    /* Store nbits. */
-    vst1_u8(block_nbits + 0 * DCTSIZE, row0_nbits);
-    vst1_u8(block_nbits + 1 * DCTSIZE, row1_nbits);
-    vst1_u8(block_nbits + 2 * DCTSIZE, row2_nbits);
-    vst1_u8(block_nbits + 3 * DCTSIZE, row3_nbits);
-    vst1_u8(block_nbits + 4 * DCTSIZE, row4_nbits);
-    vst1_u8(block_nbits + 5 * DCTSIZE, row5_nbits);
-    vst1_u8(block_nbits + 6 * DCTSIZE, row6_nbits);
-    vst1_u8(block_nbits + 7 * DCTSIZE, row7_nbits);
-    /* Mask bits not required to specify sign and amplitude of diff. */
-    row0_diff = vshlq_u16(row0_diff, row0_lz);
-    row1_diff = vshlq_u16(row1_diff, row1_lz);
-    row2_diff = vshlq_u16(row2_diff, row2_lz);
-    row3_diff = vshlq_u16(row3_diff, row3_lz);
-    row4_diff = vshlq_u16(row4_diff, row4_lz);
-    row5_diff = vshlq_u16(row5_diff, row5_lz);
-    row6_diff = vshlq_u16(row6_diff, row6_lz);
-    row7_diff = vshlq_u16(row7_diff, row7_lz);
-    row0_diff = vshlq_u16(row0_diff, vnegq_s16(row0_lz));
-    row1_diff = vshlq_u16(row1_diff, vnegq_s16(row1_lz));
-    row2_diff = vshlq_u16(row2_diff, vnegq_s16(row2_lz));
-    row3_diff = vshlq_u16(row3_diff, vnegq_s16(row3_lz));
-    row4_diff = vshlq_u16(row4_diff, vnegq_s16(row4_lz));
-    row5_diff = vshlq_u16(row5_diff, vnegq_s16(row5_lz));
-    row6_diff = vshlq_u16(row6_diff, vnegq_s16(row6_lz));
-    row7_diff = vshlq_u16(row7_diff, vnegq_s16(row7_lz));
-    /* Store diff bits. */
-    vst1q_u16(block_diff + 0 * DCTSIZE, row0_diff);
-    vst1q_u16(block_diff + 1 * DCTSIZE, row1_diff);
-    vst1q_u16(block_diff + 2 * DCTSIZE, row2_diff);
-    vst1q_u16(block_diff + 3 * DCTSIZE, row3_diff);
-    vst1q_u16(block_diff + 4 * DCTSIZE, row4_diff);
-    vst1q_u16(block_diff + 5 * DCTSIZE, row5_diff);
-    vst1q_u16(block_diff + 6 * DCTSIZE, row6_diff);
-    vst1q_u16(block_diff + 7 * DCTSIZE, row7_diff);
-
-    while (bitmap != 0) {
-      r = BUILTIN_CLZLL(bitmap);
-      i += r;
-      bitmap <<= r;
-      nbits = block_nbits[i];
-      diff = block_diff[i];
-      while (r > 15) {
-        /* If run length > 15, emit special run-length-16 codes. */
-        PUT_BITS(code_0xf0, size_0xf0)
-        r -= 16;
-      }
-      /* Emit Huffman symbol for run length / number of bits. (F.1.2.2.1) */
-      unsigned int rs = (r << 4) + nbits;
-      PUT_CODE(actbl->ehufco[rs], actbl->ehufsi[rs], diff)
-      i++;
-      bitmap <<= 1;
-    }
-  } else if (bitmap != 0) {
-    uint16_t block_abs[DCTSIZE2];
-    /* Store absolute value of coefficients. */
-    vst1q_u16(block_abs + 0 * DCTSIZE, vreinterpretq_u16_s16(abs_row0));
-    vst1q_u16(block_abs + 1 * DCTSIZE, vreinterpretq_u16_s16(abs_row1));
-    vst1q_u16(block_abs + 2 * DCTSIZE, vreinterpretq_u16_s16(abs_row2));
-    vst1q_u16(block_abs + 3 * DCTSIZE, vreinterpretq_u16_s16(abs_row3));
-    vst1q_u16(block_abs + 4 * DCTSIZE, vreinterpretq_u16_s16(abs_row4));
-    vst1q_u16(block_abs + 5 * DCTSIZE, vreinterpretq_u16_s16(abs_row5));
-    vst1q_u16(block_abs + 6 * DCTSIZE, vreinterpretq_u16_s16(abs_row6));
-    vst1q_u16(block_abs + 7 * DCTSIZE, vreinterpretq_u16_s16(abs_row7));
-    /* Store diff bits. */
-    vst1q_u16(block_diff + 0 * DCTSIZE, row0_diff);
-    vst1q_u16(block_diff + 1 * DCTSIZE, row1_diff);
-    vst1q_u16(block_diff + 2 * DCTSIZE, row2_diff);
-    vst1q_u16(block_diff + 3 * DCTSIZE, row3_diff);
-    vst1q_u16(block_diff + 4 * DCTSIZE, row4_diff);
-    vst1q_u16(block_diff + 5 * DCTSIZE, row5_diff);
-    vst1q_u16(block_diff + 6 * DCTSIZE, row6_diff);
-    vst1q_u16(block_diff + 7 * DCTSIZE, row7_diff);
-
-    /* Same as above but must mask diff bits and compute nbits on demand. */
-    while (bitmap != 0) {
-      r = BUILTIN_CLZLL(bitmap);
-      i += r;
-      bitmap <<= r;
-      lz = BUILTIN_CLZ(block_abs[i]);
-      nbits = 32 - lz;
-      diff = (unsigned int)(block_diff[i] << lz) >> lz;
-      while (r > 15) {
-        /* If run length > 15, emit special run-length-16 codes. */
-        PUT_BITS(code_0xf0, size_0xf0)
-        r -= 16;
-      }
-      /* Emit Huffman symbol for run length / number of bits. (F.1.2.2.1) */
-      unsigned int rs = (r << 4) + nbits;
-      PUT_CODE(actbl->ehufco[rs], actbl->ehufsi[rs], diff)
-      i++;
-      bitmap <<= 1;
-    }
-  }
-
-  /* If the last coefficient(s) were zero, emit an end-of-block (EOB) code.
-   * The value of RS for the EOB code is 0.
-   */
-  if (i != 64) {
-    PUT_BITS(actbl->ehufco[0], actbl->ehufsi[0])
-  }
-
-  state_ptr->cur.put_buffer = put_buffer;
-  state_ptr->cur.free_bits = free_bits;
-
-  return buffer;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch64/jsimd.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch64/jsimd.c
deleted file mode 100644
index 8570b82..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch64/jsimd.c
+++ /dev/null
@@ -1,1063 +0,0 @@
-/*
- * jsimd_arm64.c
- *
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2011, Nokia Corporation and/or its subsidiary(-ies).
- * Copyright (C) 2009-2011, 2013-2014, 2016, 2018, 2020, D. R. Commander.
- * Copyright (C) 2015-2016, 2018, Matthieu Darbois.
- * Copyright (C) 2020, Arm Limited.
- *
- * Based on the x86 SIMD extension for IJG JPEG library,
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- * For conditions of distribution and use, see copyright notice in jsimdext.inc
- *
- * This file contains the interface between the "normal" portions
- * of the library and the SIMD implementations when running on a
- * 64-bit Arm architecture.
- */
-
-#define JPEG_INTERNALS
-#include "../../../jinclude.h"
-#include "../../../jpeglib.h"
-#include "../../../jsimd.h"
-#include "../../../jdct.h"
-#include "../../../jsimddct.h"
-#include "../../jsimd.h"
-#include "jconfigint.h"
-
-#include <stdio.h>
-#include <string.h>
-#include <ctype.h>
-
-#define JSIMD_FASTLD3  1
-#define JSIMD_FASTST3  2
-#define JSIMD_FASTTBL  4
-
-static unsigned int simd_support = ~0;
-static unsigned int simd_huffman = 1;
-static unsigned int simd_features = JSIMD_FASTLD3 | JSIMD_FASTST3 |
-                                    JSIMD_FASTTBL;
-
-#if defined(__linux__) || defined(ANDROID) || defined(__ANDROID__)
-
-#define SOMEWHAT_SANE_PROC_CPUINFO_SIZE_LIMIT  (1024 * 1024)
-
-LOCAL(int)
-check_cpuinfo(char *buffer, const char *field, char *value)
-{
-  char *p;
-
-  if (*value == 0)
-    return 0;
-  if (strncmp(buffer, field, strlen(field)) != 0)
-    return 0;
-  buffer += strlen(field);
-  while (isspace(*buffer))
-    buffer++;
-
-  /* Check if 'value' is present in the buffer as a separate word */
-  while ((p = strstr(buffer, value))) {
-    if (p > buffer && !isspace(*(p - 1))) {
-      buffer++;
-      continue;
-    }
-    p += strlen(value);
-    if (*p != 0 && !isspace(*p)) {
-      buffer++;
-      continue;
-    }
-    return 1;
-  }
-  return 0;
-}
-
-LOCAL(int)
-parse_proc_cpuinfo(int bufsize)
-{
-  char *buffer = (char *)malloc(bufsize);
-  FILE *fd;
-
-  if (!buffer)
-    return 0;
-
-  fd = fopen("/proc/cpuinfo", "r");
-  if (fd) {
-    while (fgets(buffer, bufsize, fd)) {
-      if (!strchr(buffer, '\n') && !feof(fd)) {
-        /* "impossible" happened - insufficient size of the buffer! */
-        fclose(fd);
-        free(buffer);
-        return 0;
-      }
-      if (check_cpuinfo(buffer, "CPU part", "0xd03") ||
-          check_cpuinfo(buffer, "CPU part", "0xd07"))
-        /* The Cortex-A53 has a slow tbl implementation.  We can gain a few
-           percent speedup by disabling the use of that instruction.  The
-           speedup on Cortex-A57 is more subtle but still measurable. */
-        simd_features &= ~JSIMD_FASTTBL;
-      else if (check_cpuinfo(buffer, "CPU part", "0x0a1"))
-        /* The SIMD version of Huffman encoding is slower than the C version on
-           Cavium ThunderX.  Also, ld3 and st3 are abyssmally slow on that
-           CPU. */
-        simd_huffman = simd_features = 0;
-    }
-    fclose(fd);
-  }
-  free(buffer);
-  return 1;
-}
-
-#endif
-
-/*
- * Check what SIMD accelerations are supported.
- *
- * FIXME: This code is racy under a multi-threaded environment.
- */
-
-/*
- * Armv8 architectures support Neon extensions by default.
- * It is no longer optional as it was with Armv7.
- */
-
-
-LOCAL(void)
-init_simd(void)
-{
-#ifndef NO_GETENV
-  char *env = NULL;
-#endif
-#if defined(__linux__) || defined(ANDROID) || defined(__ANDROID__)
-  int bufsize = 1024; /* an initial guess for the line buffer size limit */
-#endif
-
-  if (simd_support != ~0U)
-    return;
-
-  simd_support = 0;
-
-  simd_support |= JSIMD_NEON;
-#if defined(__linux__) || defined(ANDROID) || defined(__ANDROID__)
-  while (!parse_proc_cpuinfo(bufsize)) {
-    bufsize *= 2;
-    if (bufsize > SOMEWHAT_SANE_PROC_CPUINFO_SIZE_LIMIT)
-      break;
-  }
-#endif
-
-#ifndef NO_GETENV
-  /* Force different settings through environment variables */
-  env = getenv("JSIMD_FORCENEON");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_support = JSIMD_NEON;
-  env = getenv("JSIMD_FORCENONE");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_support = 0;
-  env = getenv("JSIMD_NOHUFFENC");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_huffman = 0;
-  env = getenv("JSIMD_FASTLD3");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_features |= JSIMD_FASTLD3;
-  if ((env != NULL) && (strcmp(env, "0") == 0))
-    simd_features &= ~JSIMD_FASTLD3;
-  env = getenv("JSIMD_FASTST3");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_features |= JSIMD_FASTST3;
-  if ((env != NULL) && (strcmp(env, "0") == 0))
-    simd_features &= ~JSIMD_FASTST3;
-#endif
-}
-
-GLOBAL(int)
-jsimd_can_rgb_ycc(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_rgb_gray(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_ycc_rgb(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_ycc_rgb565(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_rgb_ycc_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                      JSAMPIMAGE output_buf, JDIMENSION output_row,
-                      int num_rows)
-{
-  void (*neonfct) (JDIMENSION, JSAMPARRAY, JSAMPIMAGE, JDIMENSION, int);
-
-  switch (cinfo->in_color_space) {
-  case JCS_EXT_RGB:
-#ifndef NEON_INTRINSICS
-    if (simd_features & JSIMD_FASTLD3)
-#endif
-      neonfct = jsimd_extrgb_ycc_convert_neon;
-#ifndef NEON_INTRINSICS
-    else
-      neonfct = jsimd_extrgb_ycc_convert_neon_slowld3;
-#endif
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    neonfct = jsimd_extrgbx_ycc_convert_neon;
-    break;
-  case JCS_EXT_BGR:
-#ifndef NEON_INTRINSICS
-    if (simd_features & JSIMD_FASTLD3)
-#endif
-      neonfct = jsimd_extbgr_ycc_convert_neon;
-#ifndef NEON_INTRINSICS
-    else
-      neonfct = jsimd_extbgr_ycc_convert_neon_slowld3;
-#endif
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    neonfct = jsimd_extbgrx_ycc_convert_neon;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    neonfct = jsimd_extxbgr_ycc_convert_neon;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    neonfct = jsimd_extxrgb_ycc_convert_neon;
-    break;
-  default:
-#ifndef NEON_INTRINSICS
-    if (simd_features & JSIMD_FASTLD3)
-#endif
-      neonfct = jsimd_extrgb_ycc_convert_neon;
-#ifndef NEON_INTRINSICS
-    else
-      neonfct = jsimd_extrgb_ycc_convert_neon_slowld3;
-#endif
-    break;
-  }
-
-  neonfct(cinfo->image_width, input_buf, output_buf, output_row, num_rows);
-}
-
-GLOBAL(void)
-jsimd_rgb_gray_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                       JSAMPIMAGE output_buf, JDIMENSION output_row,
-                       int num_rows)
-{
-  void (*neonfct) (JDIMENSION, JSAMPARRAY, JSAMPIMAGE, JDIMENSION, int);
-
-  switch (cinfo->in_color_space) {
-  case JCS_EXT_RGB:
-    neonfct = jsimd_extrgb_gray_convert_neon;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    neonfct = jsimd_extrgbx_gray_convert_neon;
-    break;
-  case JCS_EXT_BGR:
-    neonfct = jsimd_extbgr_gray_convert_neon;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    neonfct = jsimd_extbgrx_gray_convert_neon;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    neonfct = jsimd_extxbgr_gray_convert_neon;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    neonfct = jsimd_extxrgb_gray_convert_neon;
-    break;
-  default:
-    neonfct = jsimd_extrgb_gray_convert_neon;
-    break;
-  }
-
-  neonfct(cinfo->image_width, input_buf, output_buf, output_row, num_rows);
-}
-
-GLOBAL(void)
-jsimd_ycc_rgb_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                      JDIMENSION input_row, JSAMPARRAY output_buf,
-                      int num_rows)
-{
-  void (*neonfct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY, int);
-
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-#ifndef NEON_INTRINSICS
-    if (simd_features & JSIMD_FASTST3)
-#endif
-      neonfct = jsimd_ycc_extrgb_convert_neon;
-#ifndef NEON_INTRINSICS
-    else
-      neonfct = jsimd_ycc_extrgb_convert_neon_slowst3;
-#endif
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    neonfct = jsimd_ycc_extrgbx_convert_neon;
-    break;
-  case JCS_EXT_BGR:
-#ifndef NEON_INTRINSICS
-    if (simd_features & JSIMD_FASTST3)
-#endif
-      neonfct = jsimd_ycc_extbgr_convert_neon;
-#ifndef NEON_INTRINSICS
-    else
-      neonfct = jsimd_ycc_extbgr_convert_neon_slowst3;
-#endif
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    neonfct = jsimd_ycc_extbgrx_convert_neon;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    neonfct = jsimd_ycc_extxbgr_convert_neon;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    neonfct = jsimd_ycc_extxrgb_convert_neon;
-    break;
-  default:
-#ifndef NEON_INTRINSICS
-    if (simd_features & JSIMD_FASTST3)
-#endif
-      neonfct = jsimd_ycc_extrgb_convert_neon;
-#ifndef NEON_INTRINSICS
-    else
-      neonfct = jsimd_ycc_extrgb_convert_neon_slowst3;
-#endif
-    break;
-  }
-
-  neonfct(cinfo->output_width, input_buf, input_row, output_buf, num_rows);
-}
-
-GLOBAL(void)
-jsimd_ycc_rgb565_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                         JDIMENSION input_row, JSAMPARRAY output_buf,
-                         int num_rows)
-{
-  jsimd_ycc_rgb565_convert_neon(cinfo->output_width, input_buf, input_row,
-                                output_buf, num_rows);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_downsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_downsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                      JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  jsimd_h2v2_downsample_neon(cinfo->image_width, cinfo->max_v_samp_factor,
-                             compptr->v_samp_factor, compptr->width_in_blocks,
-                             input_data, output_data);
-}
-
-GLOBAL(void)
-jsimd_h2v1_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                      JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  jsimd_h2v1_downsample_neon(cinfo->image_width, cinfo->max_v_samp_factor,
-                             compptr->v_samp_factor, compptr->width_in_blocks,
-                             input_data, output_data);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                    JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  jsimd_h2v2_upsample_neon(cinfo->max_v_samp_factor, cinfo->output_width,
-                           input_data, output_data_ptr);
-}
-
-GLOBAL(void)
-jsimd_h2v1_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                    JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  jsimd_h2v1_upsample_neon(cinfo->max_v_samp_factor, cinfo->output_width,
-                           input_data, output_data_ptr);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_fancy_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_fancy_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h1v2_fancy_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  jsimd_h2v2_fancy_upsample_neon(cinfo->max_v_samp_factor,
-                                 compptr->downsampled_width, input_data,
-                                 output_data_ptr);
-}
-
-GLOBAL(void)
-jsimd_h2v1_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  jsimd_h2v1_fancy_upsample_neon(cinfo->max_v_samp_factor,
-                                 compptr->downsampled_width, input_data,
-                                 output_data_ptr);
-}
-
-GLOBAL(void)
-jsimd_h1v2_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  jsimd_h1v2_fancy_upsample_neon(cinfo->max_v_samp_factor,
-                                 compptr->downsampled_width, input_data,
-                                 output_data_ptr);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_merged_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_merged_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_merged_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                           JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-  void (*neonfct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY);
-
-  switch (cinfo->out_color_space) {
-    case JCS_EXT_RGB:
-      neonfct = jsimd_h2v2_extrgb_merged_upsample_neon;
-      break;
-    case JCS_EXT_RGBX:
-    case JCS_EXT_RGBA:
-      neonfct = jsimd_h2v2_extrgbx_merged_upsample_neon;
-      break;
-    case JCS_EXT_BGR:
-      neonfct = jsimd_h2v2_extbgr_merged_upsample_neon;
-      break;
-    case JCS_EXT_BGRX:
-    case JCS_EXT_BGRA:
-      neonfct = jsimd_h2v2_extbgrx_merged_upsample_neon;
-      break;
-    case JCS_EXT_XBGR:
-    case JCS_EXT_ABGR:
-      neonfct = jsimd_h2v2_extxbgr_merged_upsample_neon;
-      break;
-    case JCS_EXT_XRGB:
-    case JCS_EXT_ARGB:
-      neonfct = jsimd_h2v2_extxrgb_merged_upsample_neon;
-      break;
-    default:
-      neonfct = jsimd_h2v2_extrgb_merged_upsample_neon;
-      break;
-  }
-
-  neonfct(cinfo->output_width, input_buf, in_row_group_ctr, output_buf);
-}
-
-GLOBAL(void)
-jsimd_h2v1_merged_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                           JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-  void (*neonfct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY);
-
-  switch (cinfo->out_color_space) {
-    case JCS_EXT_RGB:
-      neonfct = jsimd_h2v1_extrgb_merged_upsample_neon;
-      break;
-    case JCS_EXT_RGBX:
-    case JCS_EXT_RGBA:
-      neonfct = jsimd_h2v1_extrgbx_merged_upsample_neon;
-      break;
-    case JCS_EXT_BGR:
-      neonfct = jsimd_h2v1_extbgr_merged_upsample_neon;
-      break;
-    case JCS_EXT_BGRX:
-    case JCS_EXT_BGRA:
-      neonfct = jsimd_h2v1_extbgrx_merged_upsample_neon;
-      break;
-    case JCS_EXT_XBGR:
-    case JCS_EXT_ABGR:
-      neonfct = jsimd_h2v1_extxbgr_merged_upsample_neon;
-      break;
-    case JCS_EXT_XRGB:
-    case JCS_EXT_ARGB:
-      neonfct = jsimd_h2v1_extxrgb_merged_upsample_neon;
-      break;
-    default:
-      neonfct = jsimd_h2v1_extrgb_merged_upsample_neon;
-      break;
-  }
-
-  neonfct(cinfo->output_width, input_buf, in_row_group_ctr, output_buf);
-}
-
-GLOBAL(int)
-jsimd_can_convsamp(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_convsamp_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_convsamp(JSAMPARRAY sample_data, JDIMENSION start_col,
-               DCTELEM *workspace)
-{
-  jsimd_convsamp_neon(sample_data, start_col, workspace);
-}
-
-GLOBAL(void)
-jsimd_convsamp_float(JSAMPARRAY sample_data, JDIMENSION start_col,
-                     FAST_FLOAT *workspace)
-{
-}
-
-GLOBAL(int)
-jsimd_can_fdct_islow(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_fdct_ifast(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_fdct_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_fdct_islow(DCTELEM *data)
-{
-  jsimd_fdct_islow_neon(data);
-}
-
-GLOBAL(void)
-jsimd_fdct_ifast(DCTELEM *data)
-{
-  jsimd_fdct_ifast_neon(data);
-}
-
-GLOBAL(void)
-jsimd_fdct_float(FAST_FLOAT *data)
-{
-}
-
-GLOBAL(int)
-jsimd_can_quantize(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_quantize_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_quantize(JCOEFPTR coef_block, DCTELEM *divisors, DCTELEM *workspace)
-{
-  jsimd_quantize_neon(coef_block, divisors, workspace);
-}
-
-GLOBAL(void)
-jsimd_quantize_float(JCOEFPTR coef_block, FAST_FLOAT *divisors,
-                     FAST_FLOAT *workspace)
-{
-}
-
-GLOBAL(int)
-jsimd_can_idct_2x2(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(ISLOW_MULT_TYPE) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_4x4(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(ISLOW_MULT_TYPE) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_idct_2x2(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-               JCOEFPTR coef_block, JSAMPARRAY output_buf,
-               JDIMENSION output_col)
-{
-  jsimd_idct_2x2_neon(compptr->dct_table, coef_block, output_buf, output_col);
-}
-
-GLOBAL(void)
-jsimd_idct_4x4(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-               JCOEFPTR coef_block, JSAMPARRAY output_buf,
-               JDIMENSION output_col)
-{
-  jsimd_idct_4x4_neon(compptr->dct_table, coef_block, output_buf, output_col);
-}
-
-GLOBAL(int)
-jsimd_can_idct_islow(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(ISLOW_MULT_TYPE) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_ifast(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(IFAST_MULT_TYPE) != 2)
-    return 0;
-  if (IFAST_SCALE_BITS != 2)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_idct_islow(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-  jsimd_idct_islow_neon(compptr->dct_table, coef_block, output_buf,
-                        output_col);
-}
-
-GLOBAL(void)
-jsimd_idct_ifast(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-  jsimd_idct_ifast_neon(compptr->dct_table, coef_block, output_buf,
-                        output_col);
-}
-
-GLOBAL(void)
-jsimd_idct_float(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-}
-
-GLOBAL(int)
-jsimd_can_huff_encode_one_block(void)
-{
-  init_simd();
-
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_NEON && simd_huffman)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(JOCTET *)
-jsimd_huff_encode_one_block(void *state, JOCTET *buffer, JCOEFPTR block,
-                            int last_dc_val, c_derived_tbl *dctbl,
-                            c_derived_tbl *actbl)
-{
-#ifndef NEON_INTRINSICS
-  if (simd_features & JSIMD_FASTTBL)
-#endif
-    return jsimd_huff_encode_one_block_neon(state, buffer, block, last_dc_val,
-                                            dctbl, actbl);
-#ifndef NEON_INTRINSICS
-  else
-    return jsimd_huff_encode_one_block_neon_slowtbl(state, buffer, block,
-                                                    last_dc_val, dctbl, actbl);
-#endif
-}
-
-GLOBAL(int)
-jsimd_can_encode_mcu_AC_first_prepare(void)
-{
-  init_simd();
-
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (SIZEOF_SIZE_T != 8)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_encode_mcu_AC_first_prepare(const JCOEF *block,
-                                  const int *jpeg_natural_order_start, int Sl,
-                                  int Al, JCOEF *values, size_t *zerobits)
-{
-  jsimd_encode_mcu_AC_first_prepare_neon(block, jpeg_natural_order_start,
-                                         Sl, Al, values, zerobits);
-}
-
-GLOBAL(int)
-jsimd_can_encode_mcu_AC_refine_prepare(void)
-{
-  init_simd();
-
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (SIZEOF_SIZE_T != 8)
-    return 0;
-
-  if (simd_support & JSIMD_NEON)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_encode_mcu_AC_refine_prepare(const JCOEF *block,
-                                   const int *jpeg_natural_order_start, int Sl,
-                                   int Al, JCOEF *absvalues, size_t *bits)
-{
-  return jsimd_encode_mcu_AC_refine_prepare_neon(block,
-                                                 jpeg_natural_order_start,
-                                                 Sl, Al, absvalues, bits);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch64/jsimd_neon.S b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch64/jsimd_neon.S
deleted file mode 100644
index 31aa8e2..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/aarch64/jsimd_neon.S
+++ /dev/null
@@ -1,2252 +0,0 @@
-/*
- * Armv8 Neon optimizations for libjpeg-turbo
- *
- * Copyright (C) 2009-2011, Nokia Corporation and/or its subsidiary(-ies).
- *                          All Rights Reserved.
- * Author:  Siarhei Siamashka <siarhei.siamashka@nokia.com>
- * Copyright (C) 2013-2014, Linaro Limited.  All Rights Reserved.
- * Author:  Ragesh Radhakrishnan <ragesh.r@linaro.org>
- * Copyright (C) 2014-2016, 2020, D. R. Commander.  All Rights Reserved.
- * Copyright (C) 2015-2016, 2018, Matthieu Darbois.  All Rights Reserved.
- * Copyright (C) 2016, Siarhei Siamashka.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#if defined(__linux__) && defined(__ELF__)
-.section .note.GNU-stack, "", %progbits  /* mark stack as non-executable */
-#endif
-
-#if defined(__APPLE__)
-.section __DATA, __const
-#elif defined(_WIN32)
-.section .rdata
-#else
-.section .rodata, "a", %progbits
-#endif
-
-/* Constants for jsimd_idct_islow_neon() */
-
-#define F_0_298   2446  /* FIX(0.298631336) */
-#define F_0_390   3196  /* FIX(0.390180644) */
-#define F_0_541   4433  /* FIX(0.541196100) */
-#define F_0_765   6270  /* FIX(0.765366865) */
-#define F_0_899   7373  /* FIX(0.899976223) */
-#define F_1_175   9633  /* FIX(1.175875602) */
-#define F_1_501  12299  /* FIX(1.501321110) */
-#define F_1_847  15137  /* FIX(1.847759065) */
-#define F_1_961  16069  /* FIX(1.961570560) */
-#define F_2_053  16819  /* FIX(2.053119869) */
-#define F_2_562  20995  /* FIX(2.562915447) */
-#define F_3_072  25172  /* FIX(3.072711026) */
-
-.balign 16
-Ljsimd_idct_islow_neon_consts:
-  .short F_0_298
-  .short -F_0_390
-  .short F_0_541
-  .short F_0_765
-  .short - F_0_899
-  .short F_1_175
-  .short F_1_501
-  .short - F_1_847
-  .short - F_1_961
-  .short F_2_053
-  .short - F_2_562
-  .short F_3_072
-  .short 0          /* padding */
-  .short 0
-  .short 0
-  .short 0
-
-#undef F_0_298
-#undef F_0_390
-#undef F_0_541
-#undef F_0_765
-#undef F_0_899
-#undef F_1_175
-#undef F_1_501
-#undef F_1_847
-#undef F_1_961
-#undef F_2_053
-#undef F_2_562
-#undef F_3_072
-
-/* Constants for jsimd_ycc_*_neon() */
-
-.balign 16
-Ljsimd_ycc_rgb_neon_consts:
-  .short 0,      0,     0,      0
-  .short 22971, -11277, -23401, 29033
-  .short -128,  -128,   -128,   -128
-  .short -128,  -128,   -128,   -128
-
-/* Constants for jsimd_*_ycc_neon() */
-
-.balign 16
-Ljsimd_rgb_ycc_neon_consts:
-  .short 19595, 38470, 7471, 11059
-  .short 21709, 32768, 27439, 5329
-  .short 32767, 128, 32767, 128
-  .short 32767, 128, 32767, 128
-
-/* Constants for jsimd_fdct_islow_neon() */
-
-#define F_0_298   2446  /* FIX(0.298631336) */
-#define F_0_390   3196  /* FIX(0.390180644) */
-#define F_0_541   4433  /* FIX(0.541196100) */
-#define F_0_765   6270  /* FIX(0.765366865) */
-#define F_0_899   7373  /* FIX(0.899976223) */
-#define F_1_175   9633  /* FIX(1.175875602) */
-#define F_1_501  12299  /* FIX(1.501321110) */
-#define F_1_847  15137  /* FIX(1.847759065) */
-#define F_1_961  16069  /* FIX(1.961570560) */
-#define F_2_053  16819  /* FIX(2.053119869) */
-#define F_2_562  20995  /* FIX(2.562915447) */
-#define F_3_072  25172  /* FIX(3.072711026) */
-
-.balign 16
-Ljsimd_fdct_islow_neon_consts:
-  .short F_0_298
-  .short -F_0_390
-  .short F_0_541
-  .short F_0_765
-  .short - F_0_899
-  .short F_1_175
-  .short F_1_501
-  .short - F_1_847
-  .short - F_1_961
-  .short F_2_053
-  .short - F_2_562
-  .short F_3_072
-  .short 0          /* padding */
-  .short 0
-  .short 0
-  .short 0
-
-#undef F_0_298
-#undef F_0_390
-#undef F_0_541
-#undef F_0_765
-#undef F_0_899
-#undef F_1_175
-#undef F_1_501
-#undef F_1_847
-#undef F_1_961
-#undef F_2_053
-#undef F_2_562
-#undef F_3_072
-
-/* Constants for jsimd_huff_encode_one_block_neon() */
-
-.balign 16
-Ljsimd_huff_encode_one_block_neon_consts:
-    .byte 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, \
-          0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80
-    .byte    0,   1,   2,   3,  16,  17,  32,  33, \
-            18,  19,   4,   5,   6,   7,  20,  21  /* L0 => L3 : 4 lines OK */
-    .byte   34,  35,  48,  49, 255, 255,  50,  51, \
-            36,  37,  22,  23,   8,   9,  10,  11  /* L0 => L3 : 4 lines OK */
-    .byte    8,   9,  22,  23,  36,  37,  50,  51, \
-           255, 255, 255, 255, 255, 255,  52,  53  /* L1 => L4 : 4 lines OK */
-    .byte   54,  55,  40,  41,  26,  27,  12,  13, \
-            14,  15,  28,  29,  42,  43,  56,  57  /* L0 => L3 : 4 lines OK */
-    .byte    6,   7,  20,  21,  34,  35,  48,  49, \
-            50,  51,  36,  37,  22,  23,   8,   9  /* L4 => L7 : 4 lines OK */
-    .byte   42,  43,  28,  29,  14,  15,  30,  31, \
-            44,  45,  58,  59, 255, 255, 255, 255  /* L1 => L4 : 4 lines OK */
-    .byte  255, 255, 255, 255,  56,  57,  42,  43, \
-            28,  29,  14,  15,  30,  31,  44,  45  /* L3 => L6 : 4 lines OK */
-    .byte   26,  27,  40,  41,  42,  43,  28,  29, \
-            14,  15,  30,  31,  44,  45,  46,  47  /* L5 => L7 : 3 lines OK */
-    .byte  255, 255, 255, 255,   0,   1, 255, 255, \
-           255, 255, 255, 255, 255, 255, 255, 255  /* L4 : 1 lines OK */
-    .byte  255, 255, 255, 255, 255, 255, 255, 255, \
-             0,   1,  16,  17,   2,   3, 255, 255  /* L5 => L6 : 2 lines OK */
-    .byte  255, 255, 255, 255, 255, 255, 255, 255, \
-           255, 255, 255, 255,   8,   9,  22,  23  /* L5 => L6 : 2 lines OK */
-    .byte    4,   5,   6,   7, 255, 255, 255, 255, \
-           255, 255, 255, 255, 255, 255, 255, 255  /* L7 : 1 line OK */
-
-
-/*****************************************************************************/
-
-/* Supplementary macro for setting function attributes */
-.macro asm_function fname
-#ifdef __APPLE__
-    .private_extern _\fname
-    .globl _\fname
-_\fname:
-#else
-    .global \fname
-#ifdef __ELF__
-    .hidden \fname
-    .type \fname, %function
-#endif
-\fname:
-#endif
-.endm
-
-/* Get symbol location */
-.macro get_symbol_loc reg, symbol
-#ifdef __APPLE__
-    adrp            \reg, \symbol@PAGE
-    add             \reg, \reg, \symbol@PAGEOFF
-#else
-    adrp            \reg, \symbol
-    add             \reg, \reg, :lo12:\symbol
-#endif
-.endm
-
-.macro transpose_8x8 l0, l1, l2, l3, l4, l5, l6, l7, t0, t1, t2, t3
-    trn1            \t0\().8h, \l0\().8h, \l1\().8h
-    trn1            \t1\().8h, \l2\().8h, \l3\().8h
-    trn1            \t2\().8h, \l4\().8h, \l5\().8h
-    trn1            \t3\().8h, \l6\().8h, \l7\().8h
-    trn2            \l1\().8h, \l0\().8h, \l1\().8h
-    trn2            \l3\().8h, \l2\().8h, \l3\().8h
-    trn2            \l5\().8h, \l4\().8h, \l5\().8h
-    trn2            \l7\().8h, \l6\().8h, \l7\().8h
-
-    trn1            \l4\().4s, \t2\().4s, \t3\().4s
-    trn2            \t3\().4s, \t2\().4s, \t3\().4s
-    trn1            \t2\().4s, \t0\().4s, \t1\().4s
-    trn2            \l2\().4s, \t0\().4s, \t1\().4s
-    trn1            \t0\().4s, \l1\().4s, \l3\().4s
-    trn2            \l3\().4s, \l1\().4s, \l3\().4s
-    trn2            \t1\().4s, \l5\().4s, \l7\().4s
-    trn1            \l5\().4s, \l5\().4s, \l7\().4s
-
-    trn2            \l6\().2d, \l2\().2d, \t3\().2d
-    trn1            \l0\().2d, \t2\().2d, \l4\().2d
-    trn1            \l1\().2d, \t0\().2d, \l5\().2d
-    trn2            \l7\().2d, \l3\().2d, \t1\().2d
-    trn1            \l2\().2d, \l2\().2d, \t3\().2d
-    trn2            \l4\().2d, \t2\().2d, \l4\().2d
-    trn1            \l3\().2d, \l3\().2d, \t1\().2d
-    trn2            \l5\().2d, \t0\().2d, \l5\().2d
-.endm
-
-
-#define CENTERJSAMPLE  128
-
-/*****************************************************************************/
-
-/*
- * Perform dequantization and inverse DCT on one block of coefficients.
- *
- * GLOBAL(void)
- * jsimd_idct_islow_neon(void *dct_table, JCOEFPTR coef_block,
- *                       JSAMPARRAY output_buf, JDIMENSION output_col)
- */
-
-#define CONST_BITS  13
-#define PASS1_BITS  2
-
-#define XFIX_P_0_298  v0.h[0]
-#define XFIX_N_0_390  v0.h[1]
-#define XFIX_P_0_541  v0.h[2]
-#define XFIX_P_0_765  v0.h[3]
-#define XFIX_N_0_899  v0.h[4]
-#define XFIX_P_1_175  v0.h[5]
-#define XFIX_P_1_501  v0.h[6]
-#define XFIX_N_1_847  v0.h[7]
-#define XFIX_N_1_961  v1.h[0]
-#define XFIX_P_2_053  v1.h[1]
-#define XFIX_N_2_562  v1.h[2]
-#define XFIX_P_3_072  v1.h[3]
-
-asm_function jsimd_idct_islow_neon
-    DCT_TABLE       .req x0
-    COEF_BLOCK      .req x1
-    OUTPUT_BUF      .req x2
-    OUTPUT_COL      .req x3
-    TMP1            .req x0
-    TMP2            .req x1
-    TMP3            .req x9
-    TMP4            .req x10
-    TMP5            .req x11
-    TMP6            .req x12
-    TMP7            .req x13
-    TMP8            .req x14
-
-    /* OUTPUT_COL is a JDIMENSION (unsigned int) argument, so the ABI doesn't
-       guarantee that the upper (unused) 32 bits of x3 are valid.  This
-       instruction ensures that those bits are set to zero. */
-    uxtw x3, w3
-
-    sub             sp, sp, #64
-    get_symbol_loc  x15, Ljsimd_idct_islow_neon_consts
-    mov             x10, sp
-    st1             {v8.8b, v9.8b, v10.8b, v11.8b}, [x10], #32
-    st1             {v12.8b, v13.8b, v14.8b, v15.8b}, [x10], #32
-    ld1             {v0.8h, v1.8h}, [x15]
-    ld1             {v2.8h, v3.8h, v4.8h, v5.8h}, [COEF_BLOCK], #64
-    ld1             {v18.8h, v19.8h, v20.8h, v21.8h}, [DCT_TABLE], #64
-    ld1             {v6.8h, v7.8h, v8.8h, v9.8h}, [COEF_BLOCK], #64
-    ld1             {v22.8h, v23.8h, v24.8h, v25.8h}, [DCT_TABLE], #64
-
-    cmeq            v16.8h, v3.8h, #0
-    cmeq            v26.8h, v4.8h, #0
-    cmeq            v27.8h, v5.8h, #0
-    cmeq            v28.8h, v6.8h, #0
-    cmeq            v29.8h, v7.8h, #0
-    cmeq            v30.8h, v8.8h, #0
-    cmeq            v31.8h, v9.8h, #0
-
-    and             v10.16b, v16.16b, v26.16b
-    and             v11.16b, v27.16b, v28.16b
-    and             v12.16b, v29.16b, v30.16b
-    and             v13.16b, v31.16b, v10.16b
-    and             v14.16b, v11.16b, v12.16b
-    mul             v2.8h, v2.8h, v18.8h
-    and             v15.16b, v13.16b, v14.16b
-    shl             v10.8h, v2.8h, #(PASS1_BITS)
-    sqxtn           v16.8b, v15.8h
-    mov             TMP1, v16.d[0]
-    mvn             TMP2, TMP1
-
-    cbnz            TMP2, 2f
-    /* case all AC coeffs are zeros */
-    dup             v2.2d, v10.d[0]
-    dup             v6.2d, v10.d[1]
-    mov             v3.16b, v2.16b
-    mov             v7.16b, v6.16b
-    mov             v4.16b, v2.16b
-    mov             v8.16b, v6.16b
-    mov             v5.16b, v2.16b
-    mov             v9.16b, v6.16b
-1:
-    /* for this transpose, we should organise data like this:
-     * 00, 01, 02, 03, 40, 41, 42, 43
-     * 10, 11, 12, 13, 50, 51, 52, 53
-     * 20, 21, 22, 23, 60, 61, 62, 63
-     * 30, 31, 32, 33, 70, 71, 72, 73
-     * 04, 05, 06, 07, 44, 45, 46, 47
-     * 14, 15, 16, 17, 54, 55, 56, 57
-     * 24, 25, 26, 27, 64, 65, 66, 67
-     * 34, 35, 36, 37, 74, 75, 76, 77
-     */
-    trn1            v28.8h, v2.8h, v3.8h
-    trn1            v29.8h, v4.8h, v5.8h
-    trn1            v30.8h, v6.8h, v7.8h
-    trn1            v31.8h, v8.8h, v9.8h
-    trn2            v16.8h, v2.8h, v3.8h
-    trn2            v17.8h, v4.8h, v5.8h
-    trn2            v18.8h, v6.8h, v7.8h
-    trn2            v19.8h, v8.8h, v9.8h
-    trn1            v2.4s, v28.4s, v29.4s
-    trn1            v6.4s, v30.4s, v31.4s
-    trn1            v3.4s, v16.4s, v17.4s
-    trn1            v7.4s, v18.4s, v19.4s
-    trn2            v4.4s, v28.4s, v29.4s
-    trn2            v8.4s, v30.4s, v31.4s
-    trn2            v5.4s, v16.4s, v17.4s
-    trn2            v9.4s, v18.4s, v19.4s
-    /* Even part: reverse the even part of the forward DCT. */
-    add             v18.8h, v4.8h, v8.8h           /* z2 + z3 = DEQUANTIZE(inptr[DCTSIZE*2], quantptr[DCTSIZE*2]) + DEQUANTIZE(inptr[DCTSIZE*6], quantptr[DCTSIZE*6]) */
-    add             v22.8h, v2.8h, v6.8h           /* z2 + z3 = DEQUANTIZE(inptr[DCTSIZE*0], quantptr[DCTSIZE*0]) + DEQUANTIZE(inptr[DCTSIZE*4], quantptr[DCTSIZE*4]) */
-    smull2          v19.4s, v18.8h, XFIX_P_0_541   /* z1h z1 = MULTIPLY(z2 + z3, FIX_0_541196100); */
-    sub             v26.8h, v2.8h, v6.8h           /* z2 - z3 = DEQUANTIZE(inptr[DCTSIZE*0], quantptr[DCTSIZE*0]) - DEQUANTIZE(inptr[DCTSIZE*4], quantptr[DCTSIZE*4]) */
-    smull           v18.4s, v18.4h, XFIX_P_0_541   /* z1l z1 = MULTIPLY(z2 + z3, FIX_0_541196100); */
-    sshll2          v23.4s, v22.8h, #(CONST_BITS)  /* tmp0h tmp0 = LEFT_SHIFT(z2 + z3, CONST_BITS); */
-    mov             v21.16b, v19.16b               /* tmp3 = z1 */
-    mov             v20.16b, v18.16b               /* tmp3 = z1 */
-    smlal2          v19.4s, v8.8h, XFIX_N_1_847    /* tmp2h tmp2 = z1 + MULTIPLY(z3, -FIX_1_847759065); */
-    smlal           v18.4s, v8.4h, XFIX_N_1_847    /* tmp2l tmp2 = z1 + MULTIPLY(z3, -FIX_1_847759065); */
-    sshll2          v27.4s, v26.8h, #(CONST_BITS)  /* tmp1h tmp1 = LEFT_SHIFT(z2 - z3, CONST_BITS); */
-    smlal2          v21.4s, v4.8h, XFIX_P_0_765    /* tmp3h tmp3 = z1 + MULTIPLY(z2, FIX_0_765366865); */
-    smlal           v20.4s, v4.4h, XFIX_P_0_765    /* tmp3l tmp3 = z1 + MULTIPLY(z2, FIX_0_765366865); */
-    sshll           v22.4s, v22.4h, #(CONST_BITS)  /* tmp0l tmp0 = LEFT_SHIFT(z2 + z3, CONST_BITS); */
-    sshll           v26.4s, v26.4h, #(CONST_BITS)  /* tmp1l tmp1 = LEFT_SHIFT(z2 - z3, CONST_BITS); */
-    add             v2.4s, v22.4s, v20.4s          /* tmp10l tmp10 = tmp0 + tmp3; */
-    sub             v6.4s, v22.4s, v20.4s          /* tmp13l tmp13 = tmp0 - tmp3; */
-    add             v8.4s, v26.4s, v18.4s          /* tmp11l tmp11 = tmp1 + tmp2; */
-    sub             v4.4s, v26.4s, v18.4s          /* tmp12l tmp12 = tmp1 - tmp2; */
-    add             v28.4s, v23.4s, v21.4s         /* tmp10h tmp10 = tmp0 + tmp3; */
-    sub             v31.4s, v23.4s, v21.4s         /* tmp13h tmp13 = tmp0 - tmp3; */
-    add             v29.4s, v27.4s, v19.4s         /* tmp11h tmp11 = tmp1 + tmp2; */
-    sub             v30.4s, v27.4s, v19.4s         /* tmp12h tmp12 = tmp1 - tmp2; */
-
-    /* Odd part per figure 8; the matrix is unitary and hence its
-     * transpose is its inverse.  i0..i3 are y7,y5,y3,y1 respectively.
-     */
-
-    add             v22.8h, v9.8h, v5.8h    /* z3 = tmp0 + tmp2 = DEQUANTIZE(inptr[DCTSIZE*7], quantptr[DCTSIZE*7]) + DEQUANTIZE(inptr[DCTSIZE*3], quantptr[DCTSIZE*3]) */
-    add             v24.8h, v7.8h, v3.8h    /* z4 = tmp1 + tmp3 = DEQUANTIZE(inptr[DCTSIZE*5], quantptr[DCTSIZE*5]) + DEQUANTIZE(inptr[DCTSIZE*1], quantptr[DCTSIZE*1]) */
-    add             v18.8h, v9.8h, v3.8h    /* z1 = tmp0 + tmp3 = DEQUANTIZE(inptr[DCTSIZE*7], quantptr[DCTSIZE*7]) + DEQUANTIZE(inptr[DCTSIZE*1], quantptr[DCTSIZE*1]) */
-    add             v20.8h, v7.8h, v5.8h    /* z2 = tmp1 + tmp2 = DEQUANTIZE(inptr[DCTSIZE*5], quantptr[DCTSIZE*5]) + DEQUANTIZE(inptr[DCTSIZE*3], quantptr[DCTSIZE*3]) */
-    add             v26.8h, v22.8h, v24.8h  /* z5 = z3 + z4 */
-
-    smull2          v11.4s, v9.8h, XFIX_P_0_298   /* tmp0 = MULTIPLY(tmp0, FIX_0_298631336) */
-    smull2          v13.4s, v7.8h, XFIX_P_2_053   /* tmp1 = MULTIPLY(tmp1, FIX_2_053119869) */
-    smull2          v15.4s, v5.8h, XFIX_P_3_072   /* tmp2 = MULTIPLY(tmp2, FIX_3_072711026) */
-    smull2          v17.4s, v3.8h, XFIX_P_1_501   /* tmp3 = MULTIPLY(tmp3, FIX_1_501321110) */
-    smull2          v27.4s, v26.8h, XFIX_P_1_175  /* z5h z5 = MULTIPLY(z3 + z4, FIX_1_175875602) */
-    smull2          v23.4s, v22.8h, XFIX_N_1_961  /* z3 = MULTIPLY(z3, -FIX_1_961570560) */
-    smull2          v25.4s, v24.8h, XFIX_N_0_390  /* z4 = MULTIPLY(z4, -FIX_0_390180644) */
-    smull2          v19.4s, v18.8h, XFIX_N_0_899  /* z1 = MULTIPLY(z1, -FIX_0_899976223) */
-    smull2          v21.4s, v20.8h, XFIX_N_2_562  /* z2 = MULTIPLY(z2, -FIX_2_562915447) */
-
-    smull           v10.4s, v9.4h, XFIX_P_0_298   /* tmp0 = MULTIPLY(tmp0, FIX_0_298631336) */
-    smull           v12.4s, v7.4h, XFIX_P_2_053   /* tmp1 = MULTIPLY(tmp1, FIX_2_053119869) */
-    smull           v14.4s, v5.4h, XFIX_P_3_072   /* tmp2 = MULTIPLY(tmp2, FIX_3_072711026) */
-    smull           v16.4s, v3.4h, XFIX_P_1_501   /* tmp3 = MULTIPLY(tmp3, FIX_1_501321110) */
-    smull           v26.4s, v26.4h, XFIX_P_1_175  /* z5l z5 = MULTIPLY(z3 + z4, FIX_1_175875602) */
-    smull           v22.4s, v22.4h, XFIX_N_1_961  /* z3 = MULTIPLY(z3, -FIX_1_961570560) */
-    smull           v24.4s, v24.4h, XFIX_N_0_390  /* z4 = MULTIPLY(z4, -FIX_0_390180644) */
-    smull           v18.4s, v18.4h, XFIX_N_0_899  /* z1 = MULTIPLY(z1, -FIX_0_899976223) */
-    smull           v20.4s, v20.4h, XFIX_N_2_562  /* z2 = MULTIPLY(z2, -FIX_2_562915447) */
-
-    add             v23.4s, v23.4s, v27.4s  /* z3 += z5 */
-    add             v22.4s, v22.4s, v26.4s  /* z3 += z5 */
-    add             v25.4s, v25.4s, v27.4s  /* z4 += z5 */
-    add             v24.4s, v24.4s, v26.4s  /* z4 += z5 */
-
-    add             v11.4s, v11.4s, v19.4s  /* tmp0 += z1 */
-    add             v10.4s, v10.4s, v18.4s  /* tmp0 += z1 */
-    add             v13.4s, v13.4s, v21.4s  /* tmp1 += z2 */
-    add             v12.4s, v12.4s, v20.4s  /* tmp1 += z2 */
-    add             v15.4s, v15.4s, v21.4s  /* tmp2 += z2 */
-    add             v14.4s, v14.4s, v20.4s  /* tmp2 += z2 */
-    add             v17.4s, v17.4s, v19.4s  /* tmp3 += z1 */
-    add             v16.4s, v16.4s, v18.4s  /* tmp3 += z1 */
-
-    add             v11.4s, v11.4s, v23.4s  /* tmp0 += z3 */
-    add             v10.4s, v10.4s, v22.4s  /* tmp0 += z3 */
-    add             v13.4s, v13.4s, v25.4s  /* tmp1 += z4 */
-    add             v12.4s, v12.4s, v24.4s  /* tmp1 += z4 */
-    add             v17.4s, v17.4s, v25.4s  /* tmp3 += z4 */
-    add             v16.4s, v16.4s, v24.4s  /* tmp3 += z4 */
-    add             v15.4s, v15.4s, v23.4s  /* tmp2 += z3 */
-    add             v14.4s, v14.4s, v22.4s  /* tmp2 += z3 */
-
-    /* Final output stage: inputs are tmp10..tmp13, tmp0..tmp3 */
-
-    add             v18.4s, v2.4s, v16.4s   /* tmp10 + tmp3 */
-    add             v19.4s, v28.4s, v17.4s  /* tmp10 + tmp3 */
-    sub             v20.4s, v2.4s, v16.4s   /* tmp10 - tmp3 */
-    sub             v21.4s, v28.4s, v17.4s  /* tmp10 - tmp3 */
-    add             v22.4s, v8.4s, v14.4s   /* tmp11 + tmp2 */
-    add             v23.4s, v29.4s, v15.4s  /* tmp11 + tmp2 */
-    sub             v24.4s, v8.4s, v14.4s   /* tmp11 - tmp2 */
-    sub             v25.4s, v29.4s, v15.4s  /* tmp11 - tmp2 */
-    add             v26.4s, v4.4s, v12.4s   /* tmp12 + tmp1 */
-    add             v27.4s, v30.4s, v13.4s  /* tmp12 + tmp1 */
-    sub             v28.4s, v4.4s, v12.4s   /* tmp12 - tmp1 */
-    sub             v29.4s, v30.4s, v13.4s  /* tmp12 - tmp1 */
-    add             v14.4s, v6.4s, v10.4s   /* tmp13 + tmp0 */
-    add             v15.4s, v31.4s, v11.4s  /* tmp13 + tmp0 */
-    sub             v16.4s, v6.4s, v10.4s   /* tmp13 - tmp0 */
-    sub             v17.4s, v31.4s, v11.4s  /* tmp13 - tmp0 */
-
-    shrn            v2.4h, v18.4s, #16  /* wsptr[DCTSIZE*0] = (int)DESCALE(tmp10 + tmp3, CONST_BITS+PASS1_BITS+3) */
-    shrn            v9.4h, v20.4s, #16  /* wsptr[DCTSIZE*7] = (int)DESCALE(tmp10 - tmp3, CONST_BITS+PASS1_BITS+3) */
-    shrn            v3.4h, v22.4s, #16  /* wsptr[DCTSIZE*1] = (int)DESCALE(tmp11 + tmp2, CONST_BITS+PASS1_BITS+3) */
-    shrn            v8.4h, v24.4s, #16  /* wsptr[DCTSIZE*6] = (int)DESCALE(tmp11 - tmp2, CONST_BITS+PASS1_BITS+3) */
-    shrn            v4.4h, v26.4s, #16  /* wsptr[DCTSIZE*2] = (int)DESCALE(tmp12 + tmp1, CONST_BITS+PASS1_BITS+3) */
-    shrn            v7.4h, v28.4s, #16  /* wsptr[DCTSIZE*5] = (int)DESCALE(tmp12 - tmp1, CONST_BITS+PASS1_BITS+3) */
-    shrn            v5.4h, v14.4s, #16  /* wsptr[DCTSIZE*3] = (int)DESCALE(tmp13 + tmp0, CONST_BITS+PASS1_BITS+3) */
-    shrn            v6.4h, v16.4s, #16  /* wsptr[DCTSIZE*4] = (int)DESCALE(tmp13 - tmp0, CONST_BITS+PASS1_BITS+3) */
-    shrn2           v2.8h, v19.4s, #16  /* wsptr[DCTSIZE*0] = (int)DESCALE(tmp10 + tmp3, CONST_BITS+PASS1_BITS+3) */
-    shrn2           v9.8h, v21.4s, #16  /* wsptr[DCTSIZE*7] = (int)DESCALE(tmp10 - tmp3, CONST_BITS+PASS1_BITS+3) */
-    shrn2           v3.8h, v23.4s, #16  /* wsptr[DCTSIZE*1] = (int)DESCALE(tmp11 + tmp2, CONST_BITS+PASS1_BITS+3) */
-    shrn2           v8.8h, v25.4s, #16  /* wsptr[DCTSIZE*6] = (int)DESCALE(tmp11 - tmp2, CONST_BITS+PASS1_BITS+3) */
-    shrn2           v4.8h, v27.4s, #16  /* wsptr[DCTSIZE*2] = (int)DESCALE(tmp12 + tmp1, CONST_BITS+PASS1_BITS+3) */
-    shrn2           v7.8h, v29.4s, #16  /* wsptr[DCTSIZE*5] = (int)DESCALE(tmp12 - tmp1, CONST_BITS+PASS1_BITS+3) */
-    shrn2           v5.8h, v15.4s, #16  /* wsptr[DCTSIZE*3] = (int)DESCALE(tmp13 + tmp0, CONST_BITS+PASS1_BITS+3) */
-    shrn2           v6.8h, v17.4s, #16  /* wsptr[DCTSIZE*4] = (int)DESCALE(tmp13 - tmp0, CONST_BITS+PASS1_BITS+3) */
-    movi            v0.16b, #(CENTERJSAMPLE)
-    /* Prepare pointers (dual-issue with Neon instructions) */
-      ldp             TMP1, TMP2, [OUTPUT_BUF], 16
-    sqrshrn         v28.8b, v2.8h, #(CONST_BITS + PASS1_BITS + 3 - 16)
-      ldp             TMP3, TMP4, [OUTPUT_BUF], 16
-    sqrshrn         v29.8b, v3.8h, #(CONST_BITS + PASS1_BITS + 3 - 16)
-      add             TMP1, TMP1, OUTPUT_COL
-    sqrshrn         v30.8b, v4.8h, #(CONST_BITS + PASS1_BITS + 3 - 16)
-      add             TMP2, TMP2, OUTPUT_COL
-    sqrshrn         v31.8b, v5.8h, #(CONST_BITS + PASS1_BITS + 3 - 16)
-      add             TMP3, TMP3, OUTPUT_COL
-    sqrshrn2        v28.16b, v6.8h, #(CONST_BITS + PASS1_BITS + 3 - 16)
-      add             TMP4, TMP4, OUTPUT_COL
-    sqrshrn2        v29.16b, v7.8h, #(CONST_BITS + PASS1_BITS + 3 - 16)
-      ldp             TMP5, TMP6, [OUTPUT_BUF], 16
-    sqrshrn2        v30.16b, v8.8h, #(CONST_BITS + PASS1_BITS + 3 - 16)
-      ldp             TMP7, TMP8, [OUTPUT_BUF], 16
-    sqrshrn2        v31.16b, v9.8h, #(CONST_BITS + PASS1_BITS + 3 - 16)
-      add             TMP5, TMP5, OUTPUT_COL
-    add             v16.16b, v28.16b, v0.16b
-      add             TMP6, TMP6, OUTPUT_COL
-    add             v18.16b, v29.16b, v0.16b
-      add             TMP7, TMP7, OUTPUT_COL
-    add             v20.16b, v30.16b, v0.16b
-      add             TMP8, TMP8, OUTPUT_COL
-    add             v22.16b, v31.16b, v0.16b
-
-    /* Transpose the final 8-bit samples */
-    trn1            v28.16b, v16.16b, v18.16b
-    trn1            v30.16b, v20.16b, v22.16b
-    trn2            v29.16b, v16.16b, v18.16b
-    trn2            v31.16b, v20.16b, v22.16b
-
-    trn1            v16.8h, v28.8h, v30.8h
-    trn2            v18.8h, v28.8h, v30.8h
-    trn1            v20.8h, v29.8h, v31.8h
-    trn2            v22.8h, v29.8h, v31.8h
-
-    uzp1            v28.4s, v16.4s, v18.4s
-    uzp2            v30.4s, v16.4s, v18.4s
-    uzp1            v29.4s, v20.4s, v22.4s
-    uzp2            v31.4s, v20.4s, v22.4s
-
-    /* Store results to the output buffer */
-    st1             {v28.d}[0], [TMP1]
-    st1             {v29.d}[0], [TMP2]
-    st1             {v28.d}[1], [TMP3]
-    st1             {v29.d}[1], [TMP4]
-    st1             {v30.d}[0], [TMP5]
-    st1             {v31.d}[0], [TMP6]
-    st1             {v30.d}[1], [TMP7]
-    st1             {v31.d}[1], [TMP8]
-    ld1             {v8.8b, v9.8b, v10.8b, v11.8b}, [sp], #32
-    ld1             {v12.8b, v13.8b, v14.8b, v15.8b}, [sp], #32
-    blr             x30
-
-.balign 16
-2:
-    mul             v3.8h, v3.8h, v19.8h
-    mul             v4.8h, v4.8h, v20.8h
-    mul             v5.8h, v5.8h, v21.8h
-    add             TMP4, xzr, TMP2, LSL #32
-    mul             v6.8h, v6.8h, v22.8h
-    mul             v7.8h, v7.8h, v23.8h
-    adds            TMP3, xzr, TMP2, LSR #32
-    mul             v8.8h, v8.8h, v24.8h
-    mul             v9.8h, v9.8h, v25.8h
-    b.ne            3f
-    /* Right AC coef is zero */
-    dup             v15.2d, v10.d[1]
-    /* Even part: reverse the even part of the forward DCT. */
-    add             v18.4h, v4.4h, v8.4h           /* z2 + z3 = DEQUANTIZE(inptr[DCTSIZE*2], quantptr[DCTSIZE*2]) + DEQUANTIZE(inptr[DCTSIZE*6], quantptr[DCTSIZE*6]) */
-    add             v22.4h, v2.4h, v6.4h           /* z2 + z3 = DEQUANTIZE(inptr[DCTSIZE*0], quantptr[DCTSIZE*0]) + DEQUANTIZE(inptr[DCTSIZE*4], quantptr[DCTSIZE*4]) */
-    sub             v26.4h, v2.4h, v6.4h           /* z2 - z3 = DEQUANTIZE(inptr[DCTSIZE*0], quantptr[DCTSIZE*0]) - DEQUANTIZE(inptr[DCTSIZE*4], quantptr[DCTSIZE*4]) */
-    smull           v18.4s, v18.4h, XFIX_P_0_541   /* z1l z1 = MULTIPLY(z2 + z3, FIX_0_541196100); */
-    sshll           v22.4s, v22.4h, #(CONST_BITS)  /* tmp0l tmp0 = LEFT_SHIFT(z2 + z3, CONST_BITS); */
-    mov             v20.16b, v18.16b               /* tmp3 = z1 */
-    sshll           v26.4s, v26.4h, #(CONST_BITS)  /* tmp1l tmp1 = LEFT_SHIFT(z2 - z3, CONST_BITS); */
-    smlal           v18.4s, v8.4h, XFIX_N_1_847    /* tmp2l tmp2 = z1 + MULTIPLY(z3, -FIX_1_847759065); */
-    smlal           v20.4s, v4.4h, XFIX_P_0_765    /* tmp3l tmp3 = z1 + MULTIPLY(z2, FIX_0_765366865); */
-    add             v2.4s, v22.4s, v20.4s          /* tmp10l tmp10 = tmp0 + tmp3; */
-    sub             v6.4s, v22.4s, v20.4s          /* tmp13l tmp13 = tmp0 - tmp3; */
-    add             v8.4s, v26.4s, v18.4s          /* tmp11l tmp11 = tmp1 + tmp2; */
-    sub             v4.4s, v26.4s, v18.4s          /* tmp12l tmp12 = tmp1 - tmp2; */
-
-    /* Odd part per figure 8; the matrix is unitary and hence its
-     * transpose is its inverse.  i0..i3 are y7,y5,y3,y1 respectively.
-     */
-
-    add             v22.4h, v9.4h, v5.4h    /* z3 = tmp0 + tmp2 = DEQUANTIZE(inptr[DCTSIZE*7], quantptr[DCTSIZE*7]) + DEQUANTIZE(inptr[DCTSIZE*3], quantptr[DCTSIZE*3]) */
-    add             v24.4h, v7.4h, v3.4h    /* z4 = tmp1 + tmp3 = DEQUANTIZE(inptr[DCTSIZE*5], quantptr[DCTSIZE*5]) + DEQUANTIZE(inptr[DCTSIZE*1], quantptr[DCTSIZE*1]) */
-    add             v18.4h, v9.4h, v3.4h    /* z1 = tmp0 + tmp3 = DEQUANTIZE(inptr[DCTSIZE*7], quantptr[DCTSIZE*7]) + DEQUANTIZE(inptr[DCTSIZE*1], quantptr[DCTSIZE*1]) */
-    add             v20.4h, v7.4h, v5.4h    /* z2 = tmp1 + tmp2 = DEQUANTIZE(inptr[DCTSIZE*5], quantptr[DCTSIZE*5]) + DEQUANTIZE(inptr[DCTSIZE*3], quantptr[DCTSIZE*3]) */
-    add             v26.4h, v22.4h, v24.4h  /* z5 = z3 + z4 */
-
-    smull           v10.4s, v9.4h, XFIX_P_0_298   /* tmp0 = MULTIPLY(tmp0, FIX_0_298631336) */
-    smull           v12.4s, v7.4h, XFIX_P_2_053   /* tmp1 = MULTIPLY(tmp1, FIX_2_053119869) */
-    smull           v14.4s, v5.4h, XFIX_P_3_072   /* tmp2 = MULTIPLY(tmp2, FIX_3_072711026) */
-    smull           v16.4s, v3.4h, XFIX_P_1_501   /* tmp3 = MULTIPLY(tmp3, FIX_1_501321110) */
-    smull           v26.4s, v26.4h, XFIX_P_1_175  /* z5l z5 = MULTIPLY(z3 + z4, FIX_1_175875602) */
-    smull           v22.4s, v22.4h, XFIX_N_1_961  /* z3 = MULTIPLY(z3, -FIX_1_961570560) */
-    smull           v24.4s, v24.4h, XFIX_N_0_390  /* z4 = MULTIPLY(z4, -FIX_0_390180644) */
-    smull           v18.4s, v18.4h, XFIX_N_0_899  /* z1 = MULTIPLY(z1, -FIX_0_899976223) */
-    smull           v20.4s, v20.4h, XFIX_N_2_562  /* z2 = MULTIPLY(z2, -FIX_2_562915447) */
-
-    add             v22.4s, v22.4s, v26.4s  /* z3 += z5 */
-    add             v24.4s, v24.4s, v26.4s  /* z4 += z5 */
-
-    add             v10.4s, v10.4s, v18.4s  /* tmp0 += z1 */
-    add             v12.4s, v12.4s, v20.4s  /* tmp1 += z2 */
-    add             v14.4s, v14.4s, v20.4s  /* tmp2 += z2 */
-    add             v16.4s, v16.4s, v18.4s  /* tmp3 += z1 */
-
-    add             v10.4s, v10.4s, v22.4s  /* tmp0 += z3 */
-    add             v12.4s, v12.4s, v24.4s  /* tmp1 += z4 */
-    add             v16.4s, v16.4s, v24.4s  /* tmp3 += z4 */
-    add             v14.4s, v14.4s, v22.4s  /* tmp2 += z3 */
-
-    /* Final output stage: inputs are tmp10..tmp13, tmp0..tmp3 */
-
-    add             v18.4s, v2.4s, v16.4s  /* tmp10 + tmp3 */
-    sub             v20.4s, v2.4s, v16.4s  /* tmp10 - tmp3 */
-    add             v22.4s, v8.4s, v14.4s  /* tmp11 + tmp2 */
-    sub             v24.4s, v8.4s, v14.4s  /* tmp11 - tmp2 */
-    add             v26.4s, v4.4s, v12.4s  /* tmp12 + tmp1 */
-    sub             v28.4s, v4.4s, v12.4s  /* tmp12 - tmp1 */
-    add             v14.4s, v6.4s, v10.4s  /* tmp13 + tmp0 */
-    sub             v16.4s, v6.4s, v10.4s  /* tmp13 - tmp0 */
-
-    rshrn           v2.4h, v18.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*0] = (int)DESCALE(tmp10 + tmp3, CONST_BITS-PASS1_BITS) */
-    rshrn           v3.4h, v22.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*1] = (int)DESCALE(tmp11 + tmp2, CONST_BITS-PASS1_BITS) */
-    rshrn           v4.4h, v26.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*2] = (int)DESCALE(tmp12 + tmp1, CONST_BITS-PASS1_BITS) */
-    rshrn           v5.4h, v14.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*3] = (int)DESCALE(tmp13 + tmp0, CONST_BITS-PASS1_BITS) */
-    rshrn2          v2.8h, v16.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*4] = (int)DESCALE(tmp13 - tmp0, CONST_BITS-PASS1_BITS) */
-    rshrn2          v3.8h, v28.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*5] = (int)DESCALE(tmp12 - tmp1, CONST_BITS-PASS1_BITS) */
-    rshrn2          v4.8h, v24.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*6] = (int)DESCALE(tmp11 - tmp2, CONST_BITS-PASS1_BITS) */
-    rshrn2          v5.8h, v20.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*7] = (int)DESCALE(tmp10 - tmp3, CONST_BITS-PASS1_BITS) */
-    mov             v6.16b, v15.16b
-    mov             v7.16b, v15.16b
-    mov             v8.16b, v15.16b
-    mov             v9.16b, v15.16b
-    b               1b
-
-.balign 16
-3:
-    cbnz            TMP4, 4f
-    /* Left AC coef is zero */
-    dup             v14.2d, v10.d[0]
-    /* Even part: reverse the even part of the forward DCT. */
-    add             v18.8h, v4.8h, v8.8h           /* z2 + z3 = DEQUANTIZE(inptr[DCTSIZE*2], quantptr[DCTSIZE*2]) + DEQUANTIZE(inptr[DCTSIZE*6], quantptr[DCTSIZE*6]) */
-    add             v22.8h, v2.8h, v6.8h           /* z2 + z3 = DEQUANTIZE(inptr[DCTSIZE*0], quantptr[DCTSIZE*0]) + DEQUANTIZE(inptr[DCTSIZE*4], quantptr[DCTSIZE*4]) */
-    smull2          v19.4s, v18.8h, XFIX_P_0_541   /* z1h z1 = MULTIPLY(z2 + z3, FIX_0_541196100); */
-    sub             v26.8h, v2.8h, v6.8h           /* z2 - z3 = DEQUANTIZE(inptr[DCTSIZE*0], quantptr[DCTSIZE*0]) - DEQUANTIZE(inptr[DCTSIZE*4], quantptr[DCTSIZE*4]) */
-    sshll2          v23.4s, v22.8h, #(CONST_BITS)  /* tmp0h tmp0 = LEFT_SHIFT(z2 + z3, CONST_BITS); */
-    mov             v21.16b, v19.16b               /* tmp3 = z1 */
-    smlal2          v19.4s, v8.8h, XFIX_N_1_847    /* tmp2h tmp2 = z1 + MULTIPLY(z3, -FIX_1_847759065); */
-    sshll2          v27.4s, v26.8h, #(CONST_BITS)  /* tmp1h tmp1 = LEFT_SHIFT(z2 - z3, CONST_BITS); */
-    smlal2          v21.4s, v4.8h, XFIX_P_0_765    /* tmp3h tmp3 = z1 + MULTIPLY(z2, FIX_0_765366865); */
-    add             v28.4s, v23.4s, v21.4s         /* tmp10h tmp10 = tmp0 + tmp3; */
-    sub             v31.4s, v23.4s, v21.4s         /* tmp13h tmp13 = tmp0 - tmp3; */
-    add             v29.4s, v27.4s, v19.4s         /* tmp11h tmp11 = tmp1 + tmp2; */
-    sub             v30.4s, v27.4s, v19.4s         /* tmp12h tmp12 = tmp1 - tmp2; */
-
-    /* Odd part per figure 8; the matrix is unitary and hence its
-     * transpose is its inverse.  i0..i3 are y7,y5,y3,y1 respectively.
-     */
-
-    add             v22.8h, v9.8h, v5.8h    /* z3 = tmp0 + tmp2 = DEQUANTIZE(inptr[DCTSIZE*7], quantptr[DCTSIZE*7]) + DEQUANTIZE(inptr[DCTSIZE*3], quantptr[DCTSIZE*3]) */
-    add             v24.8h, v7.8h, v3.8h    /* z4 = tmp1 + tmp3 = DEQUANTIZE(inptr[DCTSIZE*5], quantptr[DCTSIZE*5]) + DEQUANTIZE(inptr[DCTSIZE*1], quantptr[DCTSIZE*1]) */
-    add             v18.8h, v9.8h, v3.8h    /* z1 = tmp0 + tmp3 = DEQUANTIZE(inptr[DCTSIZE*7], quantptr[DCTSIZE*7]) + DEQUANTIZE(inptr[DCTSIZE*1], quantptr[DCTSIZE*1]) */
-    add             v20.8h, v7.8h, v5.8h    /* z2 = tmp1 + tmp2 = DEQUANTIZE(inptr[DCTSIZE*5], quantptr[DCTSIZE*5]) + DEQUANTIZE(inptr[DCTSIZE*3], quantptr[DCTSIZE*3]) */
-    add             v26.8h, v22.8h, v24.8h  /* z5 = z3 + z4 */
-
-    smull2          v11.4s, v9.8h, XFIX_P_0_298   /* tmp0 = MULTIPLY(tmp0, FIX_0_298631336) */
-    smull2          v13.4s, v7.8h, XFIX_P_2_053   /* tmp1 = MULTIPLY(tmp1, FIX_2_053119869) */
-    smull2          v15.4s, v5.8h, XFIX_P_3_072   /* tmp2 = MULTIPLY(tmp2, FIX_3_072711026) */
-    smull2          v17.4s, v3.8h, XFIX_P_1_501   /* tmp3 = MULTIPLY(tmp3, FIX_1_501321110) */
-    smull2          v27.4s, v26.8h, XFIX_P_1_175  /* z5h z5 = MULTIPLY(z3 + z4, FIX_1_175875602) */
-    smull2          v23.4s, v22.8h, XFIX_N_1_961  /* z3 = MULTIPLY(z3, -FIX_1_961570560) */
-    smull2          v25.4s, v24.8h, XFIX_N_0_390  /* z4 = MULTIPLY(z4, -FIX_0_390180644) */
-    smull2          v19.4s, v18.8h, XFIX_N_0_899  /* z1 = MULTIPLY(z1, -FIX_0_899976223) */
-    smull2          v21.4s, v20.8h, XFIX_N_2_562  /* z2 = MULTIPLY(z2, -FIX_2_562915447) */
-
-    add             v23.4s, v23.4s, v27.4s  /* z3 += z5 */
-    add             v22.4s, v22.4s, v26.4s  /* z3 += z5 */
-    add             v25.4s, v25.4s, v27.4s  /* z4 += z5 */
-    add             v24.4s, v24.4s, v26.4s  /* z4 += z5 */
-
-    add             v11.4s, v11.4s, v19.4s  /* tmp0 += z1 */
-    add             v13.4s, v13.4s, v21.4s  /* tmp1 += z2 */
-    add             v15.4s, v15.4s, v21.4s  /* tmp2 += z2 */
-    add             v17.4s, v17.4s, v19.4s  /* tmp3 += z1 */
-
-    add             v11.4s, v11.4s, v23.4s  /* tmp0 += z3 */
-    add             v13.4s, v13.4s, v25.4s  /* tmp1 += z4 */
-    add             v17.4s, v17.4s, v25.4s  /* tmp3 += z4 */
-    add             v15.4s, v15.4s, v23.4s  /* tmp2 += z3 */
-
-    /* Final output stage: inputs are tmp10..tmp13, tmp0..tmp3 */
-
-    add             v19.4s, v28.4s, v17.4s  /* tmp10 + tmp3 */
-    sub             v21.4s, v28.4s, v17.4s  /* tmp10 - tmp3 */
-    add             v23.4s, v29.4s, v15.4s  /* tmp11 + tmp2 */
-    sub             v25.4s, v29.4s, v15.4s  /* tmp11 - tmp2 */
-    add             v27.4s, v30.4s, v13.4s  /* tmp12 + tmp1 */
-    sub             v29.4s, v30.4s, v13.4s  /* tmp12 - tmp1 */
-    add             v15.4s, v31.4s, v11.4s  /* tmp13 + tmp0 */
-    sub             v17.4s, v31.4s, v11.4s  /* tmp13 - tmp0 */
-
-    mov             v2.16b, v14.16b
-    mov             v3.16b, v14.16b
-    mov             v4.16b, v14.16b
-    mov             v5.16b, v14.16b
-    rshrn           v6.4h, v19.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*0] = (int)DESCALE(tmp10 + tmp3, CONST_BITS-PASS1_BITS) */
-    rshrn           v7.4h, v23.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*1] = (int)DESCALE(tmp11 + tmp2, CONST_BITS-PASS1_BITS) */
-    rshrn           v8.4h, v27.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*2] = (int)DESCALE(tmp12 + tmp1, CONST_BITS-PASS1_BITS) */
-    rshrn           v9.4h, v15.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*3] = (int)DESCALE(tmp13 + tmp0, CONST_BITS-PASS1_BITS) */
-    rshrn2          v6.8h, v17.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*4] = (int)DESCALE(tmp13 - tmp0, CONST_BITS-PASS1_BITS) */
-    rshrn2          v7.8h, v29.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*5] = (int)DESCALE(tmp12 - tmp1, CONST_BITS-PASS1_BITS) */
-    rshrn2          v8.8h, v25.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*6] = (int)DESCALE(tmp11 - tmp2, CONST_BITS-PASS1_BITS) */
-    rshrn2          v9.8h, v21.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*7] = (int)DESCALE(tmp10 - tmp3, CONST_BITS-PASS1_BITS) */
-    b               1b
-
-.balign 16
-4:
-    /* "No" AC coef is zero */
-    /* Even part: reverse the even part of the forward DCT. */
-    add             v18.8h, v4.8h, v8.8h           /* z2 + z3 = DEQUANTIZE(inptr[DCTSIZE*2], quantptr[DCTSIZE*2]) + DEQUANTIZE(inptr[DCTSIZE*6], quantptr[DCTSIZE*6]) */
-    add             v22.8h, v2.8h, v6.8h           /* z2 + z3 = DEQUANTIZE(inptr[DCTSIZE*0], quantptr[DCTSIZE*0]) + DEQUANTIZE(inptr[DCTSIZE*4], quantptr[DCTSIZE*4]) */
-    smull2          v19.4s, v18.8h, XFIX_P_0_541   /* z1h z1 = MULTIPLY(z2 + z3, FIX_0_541196100); */
-    sub             v26.8h, v2.8h, v6.8h           /* z2 - z3 = DEQUANTIZE(inptr[DCTSIZE*0], quantptr[DCTSIZE*0]) - DEQUANTIZE(inptr[DCTSIZE*4], quantptr[DCTSIZE*4]) */
-    smull           v18.4s, v18.4h, XFIX_P_0_541   /* z1l z1 = MULTIPLY(z2 + z3, FIX_0_541196100); */
-    sshll2          v23.4s, v22.8h, #(CONST_BITS)  /* tmp0h tmp0 = LEFT_SHIFT(z2 + z3, CONST_BITS); */
-    mov             v21.16b, v19.16b               /* tmp3 = z1 */
-    mov             v20.16b, v18.16b               /* tmp3 = z1 */
-    smlal2          v19.4s, v8.8h, XFIX_N_1_847    /* tmp2h tmp2 = z1 + MULTIPLY(z3, -FIX_1_847759065); */
-    smlal           v18.4s, v8.4h, XFIX_N_1_847    /* tmp2l tmp2 = z1 + MULTIPLY(z3, -FIX_1_847759065); */
-    sshll2          v27.4s, v26.8h, #(CONST_BITS)  /* tmp1h tmp1 = LEFT_SHIFT(z2 - z3, CONST_BITS); */
-    smlal2          v21.4s, v4.8h, XFIX_P_0_765    /* tmp3h tmp3 = z1 + MULTIPLY(z2, FIX_0_765366865); */
-    smlal           v20.4s, v4.4h, XFIX_P_0_765    /* tmp3l tmp3 = z1 + MULTIPLY(z2, FIX_0_765366865); */
-    sshll           v22.4s, v22.4h, #(CONST_BITS)  /* tmp0l tmp0 = LEFT_SHIFT(z2 + z3, CONST_BITS); */
-    sshll           v26.4s, v26.4h, #(CONST_BITS)  /* tmp1l tmp1 = LEFT_SHIFT(z2 - z3, CONST_BITS); */
-    add             v2.4s, v22.4s, v20.4s          /* tmp10l tmp10 = tmp0 + tmp3; */
-    sub             v6.4s, v22.4s, v20.4s          /* tmp13l tmp13 = tmp0 - tmp3; */
-    add             v8.4s, v26.4s, v18.4s          /* tmp11l tmp11 = tmp1 + tmp2; */
-    sub             v4.4s, v26.4s, v18.4s          /* tmp12l tmp12 = tmp1 - tmp2; */
-    add             v28.4s, v23.4s, v21.4s         /* tmp10h tmp10 = tmp0 + tmp3; */
-    sub             v31.4s, v23.4s, v21.4s         /* tmp13h tmp13 = tmp0 - tmp3; */
-    add             v29.4s, v27.4s, v19.4s         /* tmp11h tmp11 = tmp1 + tmp2; */
-    sub             v30.4s, v27.4s, v19.4s         /* tmp12h tmp12 = tmp1 - tmp2; */
-
-    /* Odd part per figure 8; the matrix is unitary and hence its
-     * transpose is its inverse.  i0..i3 are y7,y5,y3,y1 respectively.
-     */
-
-    add             v22.8h, v9.8h, v5.8h    /* z3 = tmp0 + tmp2 = DEQUANTIZE(inptr[DCTSIZE*7], quantptr[DCTSIZE*7]) + DEQUANTIZE(inptr[DCTSIZE*3], quantptr[DCTSIZE*3]) */
-    add             v24.8h, v7.8h, v3.8h    /* z4 = tmp1 + tmp3 = DEQUANTIZE(inptr[DCTSIZE*5], quantptr[DCTSIZE*5]) + DEQUANTIZE(inptr[DCTSIZE*1], quantptr[DCTSIZE*1]) */
-    add             v18.8h, v9.8h, v3.8h    /* z1 = tmp0 + tmp3 = DEQUANTIZE(inptr[DCTSIZE*7], quantptr[DCTSIZE*7]) + DEQUANTIZE(inptr[DCTSIZE*1], quantptr[DCTSIZE*1]) */
-    add             v20.8h, v7.8h, v5.8h    /* z2 = tmp1 + tmp2 = DEQUANTIZE(inptr[DCTSIZE*5], quantptr[DCTSIZE*5]) + DEQUANTIZE(inptr[DCTSIZE*3], quantptr[DCTSIZE*3]) */
-    add             v26.8h, v22.8h, v24.8h  /* z5 = z3 + z4 */
-
-    smull2          v11.4s, v9.8h, XFIX_P_0_298   /* tmp0 = MULTIPLY(tmp0, FIX_0_298631336) */
-    smull2          v13.4s, v7.8h, XFIX_P_2_053   /* tmp1 = MULTIPLY(tmp1, FIX_2_053119869) */
-    smull2          v15.4s, v5.8h, XFIX_P_3_072   /* tmp2 = MULTIPLY(tmp2, FIX_3_072711026) */
-    smull2          v17.4s, v3.8h, XFIX_P_1_501   /* tmp3 = MULTIPLY(tmp3, FIX_1_501321110) */
-    smull2          v27.4s, v26.8h, XFIX_P_1_175  /* z5h z5 = MULTIPLY(z3 + z4, FIX_1_175875602) */
-    smull2          v23.4s, v22.8h, XFIX_N_1_961  /* z3 = MULTIPLY(z3, -FIX_1_961570560) */
-    smull2          v25.4s, v24.8h, XFIX_N_0_390  /* z4 = MULTIPLY(z4, -FIX_0_390180644) */
-    smull2          v19.4s, v18.8h, XFIX_N_0_899  /* z1 = MULTIPLY(z1, -FIX_0_899976223) */
-    smull2          v21.4s, v20.8h, XFIX_N_2_562  /* z2 = MULTIPLY(z2, -FIX_2_562915447) */
-
-    smull           v10.4s, v9.4h, XFIX_P_0_298   /* tmp0 = MULTIPLY(tmp0, FIX_0_298631336) */
-    smull           v12.4s, v7.4h, XFIX_P_2_053   /* tmp1 = MULTIPLY(tmp1, FIX_2_053119869) */
-    smull           v14.4s, v5.4h, XFIX_P_3_072   /* tmp2 = MULTIPLY(tmp2, FIX_3_072711026) */
-    smull           v16.4s, v3.4h, XFIX_P_1_501   /* tmp3 = MULTIPLY(tmp3, FIX_1_501321110) */
-    smull           v26.4s, v26.4h, XFIX_P_1_175  /* z5l z5 = MULTIPLY(z3 + z4, FIX_1_175875602) */
-    smull           v22.4s, v22.4h, XFIX_N_1_961  /* z3 = MULTIPLY(z3, -FIX_1_961570560) */
-    smull           v24.4s, v24.4h, XFIX_N_0_390  /* z4 = MULTIPLY(z4, -FIX_0_390180644) */
-    smull           v18.4s, v18.4h, XFIX_N_0_899  /* z1 = MULTIPLY(z1, -FIX_0_899976223) */
-    smull           v20.4s, v20.4h, XFIX_N_2_562  /* z2 = MULTIPLY(z2, -FIX_2_562915447) */
-
-    add             v23.4s, v23.4s, v27.4s  /* z3 += z5 */
-    add             v22.4s, v22.4s, v26.4s  /* z3 += z5 */
-    add             v25.4s, v25.4s, v27.4s  /* z4 += z5 */
-    add             v24.4s, v24.4s, v26.4s  /* z4 += z5 */
-
-    add             v11.4s, v11.4s, v19.4s  /* tmp0 += z1 */
-    add             v10.4s, v10.4s, v18.4s  /* tmp0 += z1 */
-    add             v13.4s, v13.4s, v21.4s  /* tmp1 += z2 */
-    add             v12.4s, v12.4s, v20.4s  /* tmp1 += z2 */
-    add             v15.4s, v15.4s, v21.4s  /* tmp2 += z2 */
-    add             v14.4s, v14.4s, v20.4s  /* tmp2 += z2 */
-    add             v17.4s, v17.4s, v19.4s  /* tmp3 += z1 */
-    add             v16.4s, v16.4s, v18.4s  /* tmp3 += z1 */
-
-    add             v11.4s, v11.4s, v23.4s  /* tmp0 += z3 */
-    add             v10.4s, v10.4s, v22.4s  /* tmp0 += z3 */
-    add             v13.4s, v13.4s, v25.4s  /* tmp1 += z4 */
-    add             v12.4s, v12.4s, v24.4s  /* tmp1 += z4 */
-    add             v17.4s, v17.4s, v25.4s  /* tmp3 += z4 */
-    add             v16.4s, v16.4s, v24.4s  /* tmp3 += z4 */
-    add             v15.4s, v15.4s, v23.4s  /* tmp2 += z3 */
-    add             v14.4s, v14.4s, v22.4s  /* tmp2 += z3 */
-
-    /* Final output stage: inputs are tmp10..tmp13, tmp0..tmp3 */
-
-    add             v18.4s, v2.4s, v16.4s   /* tmp10 + tmp3 */
-    add             v19.4s, v28.4s, v17.4s  /* tmp10 + tmp3 */
-    sub             v20.4s, v2.4s, v16.4s   /* tmp10 - tmp3 */
-    sub             v21.4s, v28.4s, v17.4s  /* tmp10 - tmp3 */
-    add             v22.4s, v8.4s, v14.4s   /* tmp11 + tmp2 */
-    add             v23.4s, v29.4s, v15.4s  /* tmp11 + tmp2 */
-    sub             v24.4s, v8.4s, v14.4s   /* tmp11 - tmp2 */
-    sub             v25.4s, v29.4s, v15.4s  /* tmp11 - tmp2 */
-    add             v26.4s, v4.4s, v12.4s   /* tmp12 + tmp1 */
-    add             v27.4s, v30.4s, v13.4s  /* tmp12 + tmp1 */
-    sub             v28.4s, v4.4s, v12.4s   /* tmp12 - tmp1 */
-    sub             v29.4s, v30.4s, v13.4s  /* tmp12 - tmp1 */
-    add             v14.4s, v6.4s, v10.4s   /* tmp13 + tmp0 */
-    add             v15.4s, v31.4s, v11.4s  /* tmp13 + tmp0 */
-    sub             v16.4s, v6.4s, v10.4s   /* tmp13 - tmp0 */
-    sub             v17.4s, v31.4s, v11.4s  /* tmp13 - tmp0 */
-
-    rshrn           v2.4h, v18.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*0] = (int)DESCALE(tmp10 + tmp3, CONST_BITS-PASS1_BITS) */
-    rshrn           v3.4h, v22.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*1] = (int)DESCALE(tmp11 + tmp2, CONST_BITS-PASS1_BITS) */
-    rshrn           v4.4h, v26.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*2] = (int)DESCALE(tmp12 + tmp1, CONST_BITS-PASS1_BITS) */
-    rshrn           v5.4h, v14.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*3] = (int)DESCALE(tmp13 + tmp0, CONST_BITS-PASS1_BITS) */
-    rshrn           v6.4h, v19.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*0] = (int)DESCALE(tmp10 + tmp3, CONST_BITS-PASS1_BITS) */
-    rshrn           v7.4h, v23.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*1] = (int)DESCALE(tmp11 + tmp2, CONST_BITS-PASS1_BITS) */
-    rshrn           v8.4h, v27.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*2] = (int)DESCALE(tmp12 + tmp1, CONST_BITS-PASS1_BITS) */
-    rshrn           v9.4h, v15.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*3] = (int)DESCALE(tmp13 + tmp0, CONST_BITS-PASS1_BITS) */
-    rshrn2          v2.8h, v16.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*4] = (int)DESCALE(tmp13 - tmp0, CONST_BITS-PASS1_BITS) */
-    rshrn2          v3.8h, v28.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*5] = (int)DESCALE(tmp12 - tmp1, CONST_BITS-PASS1_BITS) */
-    rshrn2          v4.8h, v24.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*6] = (int)DESCALE(tmp11 - tmp2, CONST_BITS-PASS1_BITS) */
-    rshrn2          v5.8h, v20.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*7] = (int)DESCALE(tmp10 - tmp3, CONST_BITS-PASS1_BITS) */
-    rshrn2          v6.8h, v17.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*4] = (int)DESCALE(tmp13 - tmp0, CONST_BITS-PASS1_BITS) */
-    rshrn2          v7.8h, v29.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*5] = (int)DESCALE(tmp12 - tmp1, CONST_BITS-PASS1_BITS) */
-    rshrn2          v8.8h, v25.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*6] = (int)DESCALE(tmp11 - tmp2, CONST_BITS-PASS1_BITS) */
-    rshrn2          v9.8h, v21.4s, #(CONST_BITS - PASS1_BITS)  /* wsptr[DCTSIZE*7] = (int)DESCALE(tmp10 - tmp3, CONST_BITS-PASS1_BITS) */
-    b               1b
-
-    .unreq          DCT_TABLE
-    .unreq          COEF_BLOCK
-    .unreq          OUTPUT_BUF
-    .unreq          OUTPUT_COL
-    .unreq          TMP1
-    .unreq          TMP2
-    .unreq          TMP3
-    .unreq          TMP4
-    .unreq          TMP5
-    .unreq          TMP6
-    .unreq          TMP7
-    .unreq          TMP8
-
-#undef CENTERJSAMPLE
-#undef CONST_BITS
-#undef PASS1_BITS
-#undef XFIX_P_0_298
-#undef XFIX_N_0_390
-#undef XFIX_P_0_541
-#undef XFIX_P_0_765
-#undef XFIX_N_0_899
-#undef XFIX_P_1_175
-#undef XFIX_P_1_501
-#undef XFIX_N_1_847
-#undef XFIX_N_1_961
-#undef XFIX_P_2_053
-#undef XFIX_N_2_562
-#undef XFIX_P_3_072
-
-
-/*****************************************************************************/
-
-/*
- * jsimd_ycc_extrgb_convert_neon
- * jsimd_ycc_extbgr_convert_neon
- * jsimd_ycc_extrgbx_convert_neon
- * jsimd_ycc_extbgrx_convert_neon
- * jsimd_ycc_extxbgr_convert_neon
- * jsimd_ycc_extxrgb_convert_neon
- *
- * Colorspace conversion YCbCr -> RGB
- */
-
-.macro do_load size
-  .if \size == 8
-    ld1             {v4.8b}, [U], 8
-    ld1             {v5.8b}, [V], 8
-    ld1             {v0.8b}, [Y], 8
-    prfm            pldl1keep, [U, #64]
-    prfm            pldl1keep, [V, #64]
-    prfm            pldl1keep, [Y, #64]
-  .elseif \size == 4
-    ld1             {v4.b}[0], [U], 1
-    ld1             {v4.b}[1], [U], 1
-    ld1             {v4.b}[2], [U], 1
-    ld1             {v4.b}[3], [U], 1
-    ld1             {v5.b}[0], [V], 1
-    ld1             {v5.b}[1], [V], 1
-    ld1             {v5.b}[2], [V], 1
-    ld1             {v5.b}[3], [V], 1
-    ld1             {v0.b}[0], [Y], 1
-    ld1             {v0.b}[1], [Y], 1
-    ld1             {v0.b}[2], [Y], 1
-    ld1             {v0.b}[3], [Y], 1
-  .elseif \size == 2
-    ld1             {v4.b}[4], [U], 1
-    ld1             {v4.b}[5], [U], 1
-    ld1             {v5.b}[4], [V], 1
-    ld1             {v5.b}[5], [V], 1
-    ld1             {v0.b}[4], [Y], 1
-    ld1             {v0.b}[5], [Y], 1
-  .elseif \size == 1
-    ld1             {v4.b}[6], [U], 1
-    ld1             {v5.b}[6], [V], 1
-    ld1             {v0.b}[6], [Y], 1
-  .else
-    .error unsupported macroblock size
-  .endif
-.endm
-
-.macro do_store bpp, size, fast_st3
-  .if \bpp == 24
-    .if \size == 8
-      .if \fast_st3 == 1
-        st3         {v10.8b, v11.8b, v12.8b}, [RGB], 24
-      .else
-        st1         {v10.b}[0], [RGB], #1
-        st1         {v11.b}[0], [RGB], #1
-        st1         {v12.b}[0], [RGB], #1
-
-        st1         {v10.b}[1], [RGB], #1
-        st1         {v11.b}[1], [RGB], #1
-        st1         {v12.b}[1], [RGB], #1
-
-        st1         {v10.b}[2], [RGB], #1
-        st1         {v11.b}[2], [RGB], #1
-        st1         {v12.b}[2], [RGB], #1
-
-        st1         {v10.b}[3], [RGB], #1
-        st1         {v11.b}[3], [RGB], #1
-        st1         {v12.b}[3], [RGB], #1
-
-        st1         {v10.b}[4], [RGB], #1
-        st1         {v11.b}[4], [RGB], #1
-        st1         {v12.b}[4], [RGB], #1
-
-        st1         {v10.b}[5], [RGB], #1
-        st1         {v11.b}[5], [RGB], #1
-        st1         {v12.b}[5], [RGB], #1
-
-        st1         {v10.b}[6], [RGB], #1
-        st1         {v11.b}[6], [RGB], #1
-        st1         {v12.b}[6], [RGB], #1
-
-        st1         {v10.b}[7], [RGB], #1
-        st1         {v11.b}[7], [RGB], #1
-        st1         {v12.b}[7], [RGB], #1
-      .endif
-    .elseif \size == 4
-      st3           {v10.b, v11.b, v12.b}[0], [RGB], 3
-      st3           {v10.b, v11.b, v12.b}[1], [RGB], 3
-      st3           {v10.b, v11.b, v12.b}[2], [RGB], 3
-      st3           {v10.b, v11.b, v12.b}[3], [RGB], 3
-    .elseif \size == 2
-      st3           {v10.b, v11.b, v12.b}[4], [RGB], 3
-      st3           {v10.b, v11.b, v12.b}[5], [RGB], 3
-    .elseif \size == 1
-      st3           {v10.b, v11.b, v12.b}[6], [RGB], 3
-    .else
-     .error unsupported macroblock size
-    .endif
-  .elseif \bpp == 32
-    .if \size == 8
-      st4           {v10.8b, v11.8b, v12.8b, v13.8b}, [RGB], 32
-    .elseif \size == 4
-      st4           {v10.b, v11.b, v12.b, v13.b}[0], [RGB], 4
-      st4           {v10.b, v11.b, v12.b, v13.b}[1], [RGB], 4
-      st4           {v10.b, v11.b, v12.b, v13.b}[2], [RGB], 4
-      st4           {v10.b, v11.b, v12.b, v13.b}[3], [RGB], 4
-    .elseif \size == 2
-      st4           {v10.b, v11.b, v12.b, v13.b}[4], [RGB], 4
-      st4           {v10.b, v11.b, v12.b, v13.b}[5], [RGB], 4
-    .elseif \size == 1
-      st4           {v10.b, v11.b, v12.b, v13.b}[6], [RGB], 4
-    .else
-      .error unsupported macroblock size
-    .endif
-  .elseif \bpp == 16
-    .if \size == 8
-      st1           {v25.8h}, [RGB], 16
-    .elseif \size == 4
-      st1           {v25.4h}, [RGB], 8
-    .elseif \size == 2
-      st1           {v25.h}[4], [RGB], 2
-      st1           {v25.h}[5], [RGB], 2
-    .elseif \size == 1
-      st1           {v25.h}[6], [RGB], 2
-    .else
-      .error unsupported macroblock size
-    .endif
-  .else
-    .error unsupported bpp
-  .endif
-.endm
-
-.macro generate_jsimd_ycc_rgb_convert_neon colorid, bpp, r_offs, rsize, \
-                                           g_offs, gsize, b_offs, bsize, \
-                                           defsize, fast_st3
-
-/*
- * 2-stage pipelined YCbCr->RGB conversion
- */
-
-.macro do_yuv_to_rgb_stage1
-    uaddw           v6.8h, v2.8h, v4.8b     /* q3 = u - 128 */
-    uaddw           v8.8h, v2.8h, v5.8b     /* q2 = v - 128 */
-    smull           v20.4s, v6.4h, v1.h[1]  /* multiply by -11277 */
-    smlal           v20.4s, v8.4h, v1.h[2]  /* multiply by -23401 */
-    smull2          v22.4s, v6.8h, v1.h[1]  /* multiply by -11277 */
-    smlal2          v22.4s, v8.8h, v1.h[2]  /* multiply by -23401 */
-    smull           v24.4s, v8.4h, v1.h[0]  /* multiply by 22971 */
-    smull2          v26.4s, v8.8h, v1.h[0]  /* multiply by 22971 */
-    smull           v28.4s, v6.4h, v1.h[3]  /* multiply by 29033 */
-    smull2          v30.4s, v6.8h, v1.h[3]  /* multiply by 29033 */
-.endm
-
-.macro do_yuv_to_rgb_stage2
-    rshrn           v20.4h, v20.4s, #15
-    rshrn2          v20.8h, v22.4s, #15
-    rshrn           v24.4h, v24.4s, #14
-    rshrn2          v24.8h, v26.4s, #14
-    rshrn           v28.4h, v28.4s, #14
-    rshrn2          v28.8h, v30.4s, #14
-    uaddw           v20.8h, v20.8h, v0.8b
-    uaddw           v24.8h, v24.8h, v0.8b
-    uaddw           v28.8h, v28.8h, v0.8b
-  .if \bpp != 16
-    sqxtun          v1\g_offs\defsize, v20.8h
-    sqxtun          v1\r_offs\defsize, v24.8h
-    sqxtun          v1\b_offs\defsize, v28.8h
-  .else
-    sqshlu          v21.8h, v20.8h, #8
-    sqshlu          v25.8h, v24.8h, #8
-    sqshlu          v29.8h, v28.8h, #8
-    sri             v25.8h, v21.8h, #5
-    sri             v25.8h, v29.8h, #11
-  .endif
-.endm
-
-.macro do_yuv_to_rgb_stage2_store_load_stage1 fast_st3
-    rshrn           v20.4h, v20.4s, #15
-    rshrn           v24.4h, v24.4s, #14
-    rshrn           v28.4h, v28.4s, #14
-    ld1             {v4.8b}, [U], 8
-    rshrn2          v20.8h, v22.4s, #15
-    rshrn2          v24.8h, v26.4s, #14
-    rshrn2          v28.8h, v30.4s, #14
-    ld1             {v5.8b}, [V], 8
-    uaddw           v20.8h, v20.8h, v0.8b
-    uaddw           v24.8h, v24.8h, v0.8b
-    uaddw           v28.8h, v28.8h, v0.8b
-  .if \bpp != 16  /**************** rgb24/rgb32 ******************************/
-    sqxtun          v1\g_offs\defsize, v20.8h
-    ld1             {v0.8b}, [Y], 8
-    sqxtun          v1\r_offs\defsize, v24.8h
-    prfm            pldl1keep, [U, #64]
-    prfm            pldl1keep, [V, #64]
-    prfm            pldl1keep, [Y, #64]
-    sqxtun          v1\b_offs\defsize, v28.8h
-    uaddw           v6.8h, v2.8h, v4.8b     /* v6.16b = u - 128 */
-    uaddw           v8.8h, v2.8h, v5.8b     /* q2 = v - 128 */
-    smull           v20.4s, v6.4h, v1.h[1]  /* multiply by -11277 */
-    smlal           v20.4s, v8.4h, v1.h[2]  /* multiply by -23401 */
-    smull2          v22.4s, v6.8h, v1.h[1]  /* multiply by -11277 */
-    smlal2          v22.4s, v8.8h, v1.h[2]  /* multiply by -23401 */
-    smull           v24.4s, v8.4h, v1.h[0]  /* multiply by 22971 */
-    smull2          v26.4s, v8.8h, v1.h[0]  /* multiply by 22971 */
-  .else  /**************************** rgb565 ********************************/
-    sqshlu          v21.8h, v20.8h, #8
-    sqshlu          v25.8h, v24.8h, #8
-    sqshlu          v29.8h, v28.8h, #8
-    uaddw           v6.8h, v2.8h, v4.8b     /* v6.16b = u - 128 */
-    uaddw           v8.8h, v2.8h, v5.8b     /* q2 = v - 128 */
-    ld1             {v0.8b}, [Y], 8
-    smull           v20.4s, v6.4h, v1.h[1]  /* multiply by -11277 */
-    smlal           v20.4s, v8.4h, v1.h[2]  /* multiply by -23401 */
-    smull2          v22.4s, v6.8h, v1.h[1]  /* multiply by -11277 */
-    smlal2          v22.4s, v8.8h, v1.h[2]  /* multiply by -23401 */
-    sri             v25.8h, v21.8h, #5
-    smull           v24.4s, v8.4h, v1.h[0]  /* multiply by 22971 */
-    smull2          v26.4s, v8.8h, v1.h[0]  /* multiply by 22971 */
-    prfm            pldl1keep, [U, #64]
-    prfm            pldl1keep, [V, #64]
-    prfm            pldl1keep, [Y, #64]
-    sri             v25.8h, v29.8h, #11
-  .endif
-    do_store        \bpp, 8, \fast_st3
-    smull           v28.4s, v6.4h, v1.h[3]  /* multiply by 29033 */
-    smull2          v30.4s, v6.8h, v1.h[3]  /* multiply by 29033 */
-.endm
-
-.macro do_yuv_to_rgb
-    do_yuv_to_rgb_stage1
-    do_yuv_to_rgb_stage2
-.endm
-
-.if \fast_st3 == 1
-asm_function jsimd_ycc_\colorid\()_convert_neon
-.else
-asm_function jsimd_ycc_\colorid\()_convert_neon_slowst3
-.endif
-    OUTPUT_WIDTH    .req w0
-    INPUT_BUF       .req x1
-    INPUT_ROW       .req w2
-    OUTPUT_BUF      .req x3
-    NUM_ROWS        .req w4
-
-    INPUT_BUF0      .req x5
-    INPUT_BUF1      .req x6
-    INPUT_BUF2      .req x1
-
-    RGB             .req x7
-    Y               .req x9
-    U               .req x10
-    V               .req x11
-    N               .req w15
-
-    sub             sp, sp, 64
-    mov             x9, sp
-
-    /* Load constants to d1, d2, d3 (v0.4h is just used for padding) */
-    get_symbol_loc  x15, Ljsimd_ycc_rgb_neon_consts
-
-    /* Save Neon registers */
-    st1             {v8.8b, v9.8b, v10.8b, v11.8b}, [x9], 32
-    st1             {v12.8b, v13.8b, v14.8b, v15.8b}, [x9], 32
-    ld1             {v0.4h, v1.4h}, [x15], 16
-    ld1             {v2.8h}, [x15]
-
-    ldr             INPUT_BUF0, [INPUT_BUF]
-    ldr             INPUT_BUF1, [INPUT_BUF, #8]
-    ldr             INPUT_BUF2, [INPUT_BUF, #16]
-    .unreq          INPUT_BUF
-
-    /* Initially set v10, v11.4h, v12.8b, d13 to 0xFF */
-    movi            v10.16b, #255
-    movi            v13.16b, #255
-
-    /* Outer loop over scanlines */
-    cmp             NUM_ROWS, #1
-    b.lt            9f
-0:
-    ldr             Y, [INPUT_BUF0, INPUT_ROW, uxtw #3]
-    ldr             U, [INPUT_BUF1, INPUT_ROW, uxtw #3]
-    mov             N, OUTPUT_WIDTH
-    ldr             V, [INPUT_BUF2, INPUT_ROW, uxtw #3]
-    add             INPUT_ROW, INPUT_ROW, #1
-    ldr             RGB, [OUTPUT_BUF], #8
-
-    /* Inner loop over pixels */
-    subs            N, N, #8
-    b.lt            3f
-    do_load         8
-    do_yuv_to_rgb_stage1
-    subs            N, N, #8
-    b.lt            2f
-1:
-    do_yuv_to_rgb_stage2_store_load_stage1 \fast_st3
-    subs            N, N, #8
-    b.ge            1b
-2:
-    do_yuv_to_rgb_stage2
-    do_store        \bpp, 8, \fast_st3
-    tst             N, #7
-    b.eq            8f
-3:
-    tst             N, #4
-    b.eq            3f
-    do_load         4
-3:
-    tst             N, #2
-    b.eq            4f
-    do_load         2
-4:
-    tst             N, #1
-    b.eq            5f
-    do_load         1
-5:
-    do_yuv_to_rgb
-    tst             N, #4
-    b.eq            6f
-    do_store        \bpp, 4, \fast_st3
-6:
-    tst             N, #2
-    b.eq            7f
-    do_store        \bpp, 2, \fast_st3
-7:
-    tst             N, #1
-    b.eq            8f
-    do_store        \bpp, 1, \fast_st3
-8:
-    subs            NUM_ROWS, NUM_ROWS, #1
-    b.gt            0b
-9:
-    /* Restore all registers and return */
-    ld1             {v8.8b, v9.8b, v10.8b, v11.8b}, [sp], 32
-    ld1             {v12.8b, v13.8b, v14.8b, v15.8b}, [sp], 32
-    br              x30
-    .unreq          OUTPUT_WIDTH
-    .unreq          INPUT_ROW
-    .unreq          OUTPUT_BUF
-    .unreq          NUM_ROWS
-    .unreq          INPUT_BUF0
-    .unreq          INPUT_BUF1
-    .unreq          INPUT_BUF2
-    .unreq          RGB
-    .unreq          Y
-    .unreq          U
-    .unreq          V
-    .unreq          N
-
-.purgem do_yuv_to_rgb
-.purgem do_yuv_to_rgb_stage1
-.purgem do_yuv_to_rgb_stage2
-.purgem do_yuv_to_rgb_stage2_store_load_stage1
-
-.endm
-
-/*--------------------------------- id ----- bpp R  rsize G  gsize B  bsize defsize fast_st3*/
-generate_jsimd_ycc_rgb_convert_neon extrgb,  24, 0, .4h,  1, .4h,  2, .4h,  .8b,    1
-generate_jsimd_ycc_rgb_convert_neon extbgr,  24, 2, .4h,  1, .4h,  0, .4h,  .8b,    1
-generate_jsimd_ycc_rgb_convert_neon extrgbx, 32, 0, .4h,  1, .4h,  2, .4h,  .8b,    1
-generate_jsimd_ycc_rgb_convert_neon extbgrx, 32, 2, .4h,  1, .4h,  0, .4h,  .8b,    1
-generate_jsimd_ycc_rgb_convert_neon extxbgr, 32, 3, .4h,  2, .4h,  1, .4h,  .8b,    1
-generate_jsimd_ycc_rgb_convert_neon extxrgb, 32, 1, .4h,  2, .4h,  3, .4h,  .8b,    1
-generate_jsimd_ycc_rgb_convert_neon rgb565,  16, 0, .4h,  0, .4h,  0, .4h,  .8b,    1
-
-generate_jsimd_ycc_rgb_convert_neon extrgb,  24, 0, .4h,  1, .4h,  2, .4h,  .8b,    0
-generate_jsimd_ycc_rgb_convert_neon extbgr,  24, 2, .4h,  1, .4h,  0, .4h,  .8b,    0
-
-.purgem do_load
-.purgem do_store
-
-
-/*****************************************************************************/
-
-/*
- * jsimd_extrgb_ycc_convert_neon
- * jsimd_extbgr_ycc_convert_neon
- * jsimd_extrgbx_ycc_convert_neon
- * jsimd_extbgrx_ycc_convert_neon
- * jsimd_extxbgr_ycc_convert_neon
- * jsimd_extxrgb_ycc_convert_neon
- *
- * Colorspace conversion RGB -> YCbCr
- */
-
-.macro do_store size
-  .if \size == 8
-    st1             {v20.8b}, [Y], #8
-    st1             {v21.8b}, [U], #8
-    st1             {v22.8b}, [V], #8
-  .elseif \size == 4
-    st1             {v20.b}[0], [Y], #1
-    st1             {v20.b}[1], [Y], #1
-    st1             {v20.b}[2], [Y], #1
-    st1             {v20.b}[3], [Y], #1
-    st1             {v21.b}[0], [U], #1
-    st1             {v21.b}[1], [U], #1
-    st1             {v21.b}[2], [U], #1
-    st1             {v21.b}[3], [U], #1
-    st1             {v22.b}[0], [V], #1
-    st1             {v22.b}[1], [V], #1
-    st1             {v22.b}[2], [V], #1
-    st1             {v22.b}[3], [V], #1
-  .elseif \size == 2
-    st1             {v20.b}[4], [Y], #1
-    st1             {v20.b}[5], [Y], #1
-    st1             {v21.b}[4], [U], #1
-    st1             {v21.b}[5], [U], #1
-    st1             {v22.b}[4], [V], #1
-    st1             {v22.b}[5], [V], #1
-  .elseif \size == 1
-    st1             {v20.b}[6], [Y], #1
-    st1             {v21.b}[6], [U], #1
-    st1             {v22.b}[6], [V], #1
-  .else
-    .error unsupported macroblock size
-  .endif
-.endm
-
-.macro do_load bpp, size, fast_ld3
-  .if \bpp == 24
-    .if \size == 8
-      .if \fast_ld3 == 1
-        ld3         {v10.8b, v11.8b, v12.8b}, [RGB], #24
-      .else
-        ld1         {v10.b}[0], [RGB], #1
-        ld1         {v11.b}[0], [RGB], #1
-        ld1         {v12.b}[0], [RGB], #1
-
-        ld1         {v10.b}[1], [RGB], #1
-        ld1         {v11.b}[1], [RGB], #1
-        ld1         {v12.b}[1], [RGB], #1
-
-        ld1         {v10.b}[2], [RGB], #1
-        ld1         {v11.b}[2], [RGB], #1
-        ld1         {v12.b}[2], [RGB], #1
-
-        ld1         {v10.b}[3], [RGB], #1
-        ld1         {v11.b}[3], [RGB], #1
-        ld1         {v12.b}[3], [RGB], #1
-
-        ld1         {v10.b}[4], [RGB], #1
-        ld1         {v11.b}[4], [RGB], #1
-        ld1         {v12.b}[4], [RGB], #1
-
-        ld1         {v10.b}[5], [RGB], #1
-        ld1         {v11.b}[5], [RGB], #1
-        ld1         {v12.b}[5], [RGB], #1
-
-        ld1         {v10.b}[6], [RGB], #1
-        ld1         {v11.b}[6], [RGB], #1
-        ld1         {v12.b}[6], [RGB], #1
-
-        ld1         {v10.b}[7], [RGB], #1
-        ld1         {v11.b}[7], [RGB], #1
-        ld1         {v12.b}[7], [RGB], #1
-      .endif
-      prfm          pldl1keep, [RGB, #128]
-    .elseif \size == 4
-      ld3           {v10.b, v11.b, v12.b}[0], [RGB], #3
-      ld3           {v10.b, v11.b, v12.b}[1], [RGB], #3
-      ld3           {v10.b, v11.b, v12.b}[2], [RGB], #3
-      ld3           {v10.b, v11.b, v12.b}[3], [RGB], #3
-    .elseif \size == 2
-      ld3           {v10.b, v11.b, v12.b}[4], [RGB], #3
-      ld3           {v10.b, v11.b, v12.b}[5], [RGB], #3
-    .elseif \size == 1
-      ld3           {v10.b, v11.b, v12.b}[6], [RGB], #3
-    .else
-      .error unsupported macroblock size
-    .endif
-  .elseif \bpp == 32
-    .if \size == 8
-      ld4           {v10.8b, v11.8b, v12.8b, v13.8b}, [RGB], #32
-      prfm          pldl1keep, [RGB, #128]
-    .elseif \size == 4
-      ld4           {v10.b, v11.b, v12.b, v13.b}[0], [RGB], #4
-      ld4           {v10.b, v11.b, v12.b, v13.b}[1], [RGB], #4
-      ld4           {v10.b, v11.b, v12.b, v13.b}[2], [RGB], #4
-      ld4           {v10.b, v11.b, v12.b, v13.b}[3], [RGB], #4
-    .elseif \size == 2
-      ld4           {v10.b, v11.b, v12.b, v13.b}[4], [RGB], #4
-      ld4           {v10.b, v11.b, v12.b, v13.b}[5], [RGB], #4
-    .elseif \size == 1
-      ld4           {v10.b, v11.b, v12.b, v13.b}[6], [RGB], #4
-    .else
-      .error unsupported macroblock size
-    .endif
-  .else
-    .error unsupported bpp
-  .endif
-.endm
-
-.macro generate_jsimd_rgb_ycc_convert_neon colorid, bpp, r_offs, g_offs, \
-                                           b_offs, fast_ld3
-
-/*
- * 2-stage pipelined RGB->YCbCr conversion
- */
-
-.macro do_rgb_to_yuv_stage1
-    ushll           v4.8h, v1\r_offs\().8b, #0  /* r = v4 */
-    ushll           v6.8h, v1\g_offs\().8b, #0  /* g = v6 */
-    ushll           v8.8h, v1\b_offs\().8b, #0  /* b = v8 */
-    rev64           v18.4s, v1.4s
-    rev64           v26.4s, v1.4s
-    rev64           v28.4s, v1.4s
-    rev64           v30.4s, v1.4s
-    umull           v14.4s, v4.4h, v0.h[0]
-    umull2          v16.4s, v4.8h, v0.h[0]
-    umlsl           v18.4s, v4.4h, v0.h[3]
-    umlsl2          v26.4s, v4.8h, v0.h[3]
-    umlal           v28.4s, v4.4h, v0.h[5]
-    umlal2          v30.4s, v4.8h, v0.h[5]
-    umlal           v14.4s, v6.4h, v0.h[1]
-    umlal2          v16.4s, v6.8h, v0.h[1]
-    umlsl           v18.4s, v6.4h, v0.h[4]
-    umlsl2          v26.4s, v6.8h, v0.h[4]
-    umlsl           v28.4s, v6.4h, v0.h[6]
-    umlsl2          v30.4s, v6.8h, v0.h[6]
-    umlal           v14.4s, v8.4h, v0.h[2]
-    umlal2          v16.4s, v8.8h, v0.h[2]
-    umlal           v18.4s, v8.4h, v0.h[5]
-    umlal2          v26.4s, v8.8h, v0.h[5]
-    umlsl           v28.4s, v8.4h, v0.h[7]
-    umlsl2          v30.4s, v8.8h, v0.h[7]
-.endm
-
-.macro do_rgb_to_yuv_stage2
-    rshrn           v20.4h, v14.4s, #16
-    shrn            v22.4h, v18.4s, #16
-    shrn            v24.4h, v28.4s, #16
-    rshrn2          v20.8h, v16.4s, #16
-    shrn2           v22.8h, v26.4s, #16
-    shrn2           v24.8h, v30.4s, #16
-    xtn             v20.8b, v20.8h       /* v20 = y */
-    xtn             v21.8b, v22.8h       /* v21 = u */
-    xtn             v22.8b, v24.8h       /* v22 = v */
-.endm
-
-.macro do_rgb_to_yuv
-    do_rgb_to_yuv_stage1
-    do_rgb_to_yuv_stage2
-.endm
-
-/* TODO: expand macros and interleave instructions if some in-order
- *       AArch64 processor actually can dual-issue LOAD/STORE with ALU */
-.macro do_rgb_to_yuv_stage2_store_load_stage1 fast_ld3
-    do_rgb_to_yuv_stage2
-    do_load         \bpp, 8, \fast_ld3
-    st1             {v20.8b}, [Y], #8
-    st1             {v21.8b}, [U], #8
-    st1             {v22.8b}, [V], #8
-    do_rgb_to_yuv_stage1
-.endm
-
-.if \fast_ld3 == 1
-asm_function jsimd_\colorid\()_ycc_convert_neon
-.else
-asm_function jsimd_\colorid\()_ycc_convert_neon_slowld3
-.endif
-    OUTPUT_WIDTH    .req w0
-    INPUT_BUF       .req x1
-    OUTPUT_BUF      .req x2
-    OUTPUT_ROW      .req w3
-    NUM_ROWS        .req w4
-
-    OUTPUT_BUF0     .req x5
-    OUTPUT_BUF1     .req x6
-    OUTPUT_BUF2     .req x2  /* OUTPUT_BUF */
-
-    RGB             .req x7
-    Y               .req x9
-    U               .req x10
-    V               .req x11
-    N               .req w12
-
-    /* Load constants to d0, d1, d2, d3 */
-    get_symbol_loc  x13, Ljsimd_rgb_ycc_neon_consts
-    ld1             {v0.8h, v1.8h}, [x13]
-
-    ldr             OUTPUT_BUF0, [OUTPUT_BUF]
-    ldr             OUTPUT_BUF1, [OUTPUT_BUF, #8]
-    ldr             OUTPUT_BUF2, [OUTPUT_BUF, #16]
-    .unreq          OUTPUT_BUF
-
-    /* Save Neon registers */
-    sub             sp, sp, #64
-    mov             x9, sp
-    st1             {v8.8b, v9.8b, v10.8b, v11.8b}, [x9], 32
-    st1             {v12.8b, v13.8b, v14.8b, v15.8b}, [x9], 32
-
-    /* Outer loop over scanlines */
-    cmp             NUM_ROWS, #1
-    b.lt            9f
-0:
-    ldr             Y, [OUTPUT_BUF0, OUTPUT_ROW, uxtw #3]
-    ldr             U, [OUTPUT_BUF1, OUTPUT_ROW, uxtw #3]
-    mov             N, OUTPUT_WIDTH
-    ldr             V, [OUTPUT_BUF2, OUTPUT_ROW, uxtw #3]
-    add             OUTPUT_ROW, OUTPUT_ROW, #1
-    ldr             RGB, [INPUT_BUF], #8
-
-    /* Inner loop over pixels */
-    subs            N, N, #8
-    b.lt            3f
-    do_load         \bpp, 8, \fast_ld3
-    do_rgb_to_yuv_stage1
-    subs            N, N, #8
-    b.lt            2f
-1:
-    do_rgb_to_yuv_stage2_store_load_stage1 \fast_ld3
-    subs            N, N, #8
-    b.ge            1b
-2:
-    do_rgb_to_yuv_stage2
-    do_store        8
-    tst             N, #7
-    b.eq            8f
-3:
-    tbz             N, #2, 3f
-    do_load         \bpp, 4, \fast_ld3
-3:
-    tbz             N, #1, 4f
-    do_load         \bpp, 2, \fast_ld3
-4:
-    tbz             N, #0, 5f
-    do_load         \bpp, 1, \fast_ld3
-5:
-    do_rgb_to_yuv
-    tbz             N, #2, 6f
-    do_store        4
-6:
-    tbz             N, #1, 7f
-    do_store        2
-7:
-    tbz             N, #0, 8f
-    do_store        1
-8:
-    subs            NUM_ROWS, NUM_ROWS, #1
-    b.gt            0b
-9:
-    /* Restore all registers and return */
-    ld1             {v8.8b, v9.8b, v10.8b, v11.8b}, [sp], 32
-    ld1             {v12.8b, v13.8b, v14.8b, v15.8b}, [sp], 32
-    br              x30
-
-    .unreq          OUTPUT_WIDTH
-    .unreq          OUTPUT_ROW
-    .unreq          INPUT_BUF
-    .unreq          NUM_ROWS
-    .unreq          OUTPUT_BUF0
-    .unreq          OUTPUT_BUF1
-    .unreq          OUTPUT_BUF2
-    .unreq          RGB
-    .unreq          Y
-    .unreq          U
-    .unreq          V
-    .unreq          N
-
-.purgem do_rgb_to_yuv
-.purgem do_rgb_to_yuv_stage1
-.purgem do_rgb_to_yuv_stage2
-.purgem do_rgb_to_yuv_stage2_store_load_stage1
-
-.endm
-
-/*--------------------------------- id ----- bpp R  G  B  Fast LD3 */
-generate_jsimd_rgb_ycc_convert_neon extrgb,  24, 0, 1, 2, 1
-generate_jsimd_rgb_ycc_convert_neon extbgr,  24, 2, 1, 0, 1
-generate_jsimd_rgb_ycc_convert_neon extrgbx, 32, 0, 1, 2, 1
-generate_jsimd_rgb_ycc_convert_neon extbgrx, 32, 2, 1, 0, 1
-generate_jsimd_rgb_ycc_convert_neon extxbgr, 32, 3, 2, 1, 1
-generate_jsimd_rgb_ycc_convert_neon extxrgb, 32, 1, 2, 3, 1
-
-generate_jsimd_rgb_ycc_convert_neon extrgb,  24, 0, 1, 2, 0
-generate_jsimd_rgb_ycc_convert_neon extbgr,  24, 2, 1, 0, 0
-
-.purgem do_load
-.purgem do_store
-
-
-/*****************************************************************************/
-
-/*
- * jsimd_fdct_islow_neon
- *
- * This file contains a slower but more accurate integer implementation of the
- * forward DCT (Discrete Cosine Transform). The following code is based
- * directly on the IJG''s original jfdctint.c; see the jfdctint.c for
- * more details.
- *
- * TODO: can be combined with 'jsimd_convsamp_neon' to get
- *       rid of a bunch of VLD1.16 instructions
- */
-
-#define CONST_BITS  13
-#define PASS1_BITS  2
-
-#define DESCALE_P1  (CONST_BITS - PASS1_BITS)
-#define DESCALE_P2  (CONST_BITS + PASS1_BITS)
-
-#define XFIX_P_0_298  v0.h[0]
-#define XFIX_N_0_390  v0.h[1]
-#define XFIX_P_0_541  v0.h[2]
-#define XFIX_P_0_765  v0.h[3]
-#define XFIX_N_0_899  v0.h[4]
-#define XFIX_P_1_175  v0.h[5]
-#define XFIX_P_1_501  v0.h[6]
-#define XFIX_N_1_847  v0.h[7]
-#define XFIX_N_1_961  v1.h[0]
-#define XFIX_P_2_053  v1.h[1]
-#define XFIX_N_2_562  v1.h[2]
-#define XFIX_P_3_072  v1.h[3]
-
-asm_function jsimd_fdct_islow_neon
-
-    DATA            .req x0
-    TMP             .req x9
-
-    /* Load constants */
-    get_symbol_loc  TMP, Ljsimd_fdct_islow_neon_consts
-    ld1             {v0.8h, v1.8h}, [TMP]
-
-    /* Save Neon registers */
-    sub             sp, sp, #64
-    mov             x10, sp
-    st1             {v8.8b, v9.8b, v10.8b, v11.8b}, [x10], 32
-    st1             {v12.8b, v13.8b, v14.8b, v15.8b}, [x10], 32
-
-    /* Load all DATA into Neon registers with the following allocation:
-     *       0 1 2 3 | 4 5 6 7
-     *      ---------+--------
-     *   0 | d16     | d17    | v16.8h
-     *   1 | d18     | d19    | v17.8h
-     *   2 | d20     | d21    | v18.8h
-     *   3 | d22     | d23    | v19.8h
-     *   4 | d24     | d25    | v20.8h
-     *   5 | d26     | d27    | v21.8h
-     *   6 | d28     | d29    | v22.8h
-     *   7 | d30     | d31    | v23.8h
-     */
-
-    ld1             {v16.8h, v17.8h, v18.8h, v19.8h}, [DATA], 64
-    ld1             {v20.8h, v21.8h, v22.8h, v23.8h}, [DATA]
-    sub             DATA, DATA, #64
-
-    /* Transpose */
-    transpose_8x8   v16, v17, v18, v19, v20, v21, v22, v23, v31, v2, v3, v4
-    /* 1-D FDCT */
-    add             v24.8h, v16.8h, v23.8h  /* tmp0 = dataptr[0] + dataptr[7]; */
-    sub             v31.8h, v16.8h, v23.8h  /* tmp7 = dataptr[0] - dataptr[7]; */
-    add             v25.8h, v17.8h, v22.8h  /* tmp1 = dataptr[1] + dataptr[6]; */
-    sub             v30.8h, v17.8h, v22.8h  /* tmp6 = dataptr[1] - dataptr[6]; */
-    add             v26.8h, v18.8h, v21.8h  /* tmp2 = dataptr[2] + dataptr[5]; */
-    sub             v29.8h, v18.8h, v21.8h  /* tmp5 = dataptr[2] - dataptr[5]; */
-    add             v27.8h, v19.8h, v20.8h  /* tmp3 = dataptr[3] + dataptr[4]; */
-    sub             v28.8h, v19.8h, v20.8h  /* tmp4 = dataptr[3] - dataptr[4]; */
-
-    /* even part */
-
-    add             v8.8h, v24.8h, v27.8h   /* tmp10 = tmp0 + tmp3; */
-    sub             v9.8h, v24.8h, v27.8h   /* tmp13 = tmp0 - tmp3; */
-    add             v10.8h, v25.8h, v26.8h  /* tmp11 = tmp1 + tmp2; */
-    sub             v11.8h, v25.8h, v26.8h  /* tmp12 = tmp1 - tmp2; */
-
-    add             v16.8h, v8.8h, v10.8h  /* tmp10 + tmp11 */
-    sub             v20.8h, v8.8h, v10.8h  /* tmp10 - tmp11 */
-
-    add             v18.8h, v11.8h, v9.8h  /* tmp12 + tmp13 */
-
-    shl             v16.8h, v16.8h, #PASS1_BITS  /* dataptr[0] = (DCTELEM)LEFT_SHIFT(tmp10 + tmp11, PASS1_BITS); */
-    shl             v20.8h, v20.8h, #PASS1_BITS  /* dataptr[4] = (DCTELEM)LEFT_SHIFT(tmp10 - tmp11, PASS1_BITS); */
-
-    smull2          v24.4s, v18.8h, XFIX_P_0_541  /* z1 hi = MULTIPLY(tmp12 + tmp13, XFIX_P_0_541); */
-    smull           v18.4s, v18.4h, XFIX_P_0_541  /* z1 lo = MULTIPLY(tmp12 + tmp13, XFIX_P_0_541); */
-    mov             v22.16b, v18.16b
-    mov             v25.16b, v24.16b
-
-    smlal           v18.4s, v9.4h, XFIX_P_0_765   /* lo z1 + MULTIPLY(tmp13, XFIX_P_0_765) */
-    smlal2          v24.4s, v9.8h, XFIX_P_0_765   /* hi z1 + MULTIPLY(tmp13, XFIX_P_0_765) */
-    smlal           v22.4s, v11.4h, XFIX_N_1_847  /* lo z1 + MULTIPLY(tmp12, XFIX_N_1_847) */
-    smlal2          v25.4s, v11.8h, XFIX_N_1_847  /* hi z1 + MULTIPLY(tmp12, XFIX_N_1_847) */
-
-    rshrn           v18.4h, v18.4s, #DESCALE_P1
-    rshrn           v22.4h, v22.4s, #DESCALE_P1
-    rshrn2          v18.8h, v24.4s, #DESCALE_P1  /* dataptr[2] = (DCTELEM)DESCALE(z1 + MULTIPLY(tmp13, XFIX_P_0_765), CONST_BITS-PASS1_BITS); */
-    rshrn2          v22.8h, v25.4s, #DESCALE_P1  /* dataptr[6] = (DCTELEM)DESCALE(z1 + MULTIPLY(tmp12, XFIX_N_1_847), CONST_BITS-PASS1_BITS); */
-
-    /* Odd part */
-
-    add             v8.8h, v28.8h, v31.8h        /* z1 = tmp4 + tmp7; */
-    add             v9.8h, v29.8h, v30.8h        /* z2 = tmp5 + tmp6; */
-    add             v10.8h, v28.8h, v30.8h       /* z3 = tmp4 + tmp6; */
-    add             v11.8h, v29.8h, v31.8h       /* z4 = tmp5 + tmp7; */
-    smull           v4.4s, v10.4h, XFIX_P_1_175  /* z5 lo = z3 lo * XFIX_P_1_175 */
-    smull2          v5.4s, v10.8h, XFIX_P_1_175
-    smlal           v4.4s, v11.4h, XFIX_P_1_175  /* z5 = MULTIPLY(z3 + z4, FIX_1_175875602); */
-    smlal2          v5.4s, v11.8h, XFIX_P_1_175
-
-    smull2          v24.4s, v28.8h, XFIX_P_0_298
-    smull2          v25.4s, v29.8h, XFIX_P_2_053
-    smull2          v26.4s, v30.8h, XFIX_P_3_072
-    smull2          v27.4s, v31.8h, XFIX_P_1_501
-    smull           v28.4s, v28.4h, XFIX_P_0_298  /* tmp4 = MULTIPLY(tmp4, FIX_0_298631336); */
-    smull           v29.4s, v29.4h, XFIX_P_2_053  /* tmp5 = MULTIPLY(tmp5, FIX_2_053119869); */
-    smull           v30.4s, v30.4h, XFIX_P_3_072  /* tmp6 = MULTIPLY(tmp6, FIX_3_072711026); */
-    smull           v31.4s, v31.4h, XFIX_P_1_501  /* tmp7 = MULTIPLY(tmp7, FIX_1_501321110); */
-
-    smull2          v12.4s, v8.8h, XFIX_N_0_899
-    smull2          v13.4s, v9.8h, XFIX_N_2_562
-    smull2          v14.4s, v10.8h, XFIX_N_1_961
-    smull2          v15.4s, v11.8h, XFIX_N_0_390
-    smull           v8.4s, v8.4h, XFIX_N_0_899    /* z1 = MULTIPLY(z1, -FIX_0_899976223); */
-    smull           v9.4s, v9.4h, XFIX_N_2_562    /* z2 = MULTIPLY(z2, -FIX_2_562915447); */
-    smull           v10.4s, v10.4h, XFIX_N_1_961  /* z3 = MULTIPLY(z3, -FIX_1_961570560); */
-    smull           v11.4s, v11.4h, XFIX_N_0_390  /* z4 = MULTIPLY(z4, -FIX_0_390180644); */
-
-    add             v10.4s, v10.4s, v4.4s  /* z3 += z5 */
-    add             v14.4s, v14.4s, v5.4s
-    add             v11.4s, v11.4s, v4.4s  /* z4 += z5 */
-    add             v15.4s, v15.4s, v5.4s
-
-    add             v28.4s, v28.4s, v8.4s   /* tmp4 += z1 */
-    add             v24.4s, v24.4s, v12.4s
-    add             v29.4s, v29.4s, v9.4s   /* tmp5 += z2 */
-    add             v25.4s, v25.4s, v13.4s
-    add             v30.4s, v30.4s, v10.4s  /* tmp6 += z3 */
-    add             v26.4s, v26.4s, v14.4s
-    add             v31.4s, v31.4s, v11.4s  /* tmp7 += z4 */
-    add             v27.4s, v27.4s, v15.4s
-
-    add             v28.4s, v28.4s, v10.4s  /* tmp4 += z3 */
-    add             v24.4s, v24.4s, v14.4s
-    add             v29.4s, v29.4s, v11.4s  /* tmp5 += z4 */
-    add             v25.4s, v25.4s, v15.4s
-    add             v30.4s, v30.4s, v9.4s   /* tmp6 += z2 */
-    add             v26.4s, v26.4s, v13.4s
-    add             v31.4s, v31.4s, v8.4s   /* tmp7 += z1 */
-    add             v27.4s, v27.4s, v12.4s
-
-    rshrn           v23.4h, v28.4s, #DESCALE_P1
-    rshrn           v21.4h, v29.4s, #DESCALE_P1
-    rshrn           v19.4h, v30.4s, #DESCALE_P1
-    rshrn           v17.4h, v31.4s, #DESCALE_P1
-    rshrn2          v23.8h, v24.4s, #DESCALE_P1  /* dataptr[7] = (DCTELEM)DESCALE(tmp4 + z1 + z3, CONST_BITS-PASS1_BITS); */
-    rshrn2          v21.8h, v25.4s, #DESCALE_P1  /* dataptr[5] = (DCTELEM)DESCALE(tmp5 + z2 + z4, CONST_BITS-PASS1_BITS); */
-    rshrn2          v19.8h, v26.4s, #DESCALE_P1  /* dataptr[3] = (DCTELEM)DESCALE(tmp6 + z2 + z3, CONST_BITS-PASS1_BITS); */
-    rshrn2          v17.8h, v27.4s, #DESCALE_P1  /* dataptr[1] = (DCTELEM)DESCALE(tmp7 + z1 + z4, CONST_BITS-PASS1_BITS); */
-
-    /* Transpose */
-    transpose_8x8   v16, v17, v18, v19, v20, v21, v22, v23, v31, v2, v3, v4
-
-    /* 1-D FDCT */
-    add             v24.8h, v16.8h, v23.8h  /* tmp0 = dataptr[0] + dataptr[7]; */
-    sub             v31.8h, v16.8h, v23.8h  /* tmp7 = dataptr[0] - dataptr[7]; */
-    add             v25.8h, v17.8h, v22.8h  /* tmp1 = dataptr[1] + dataptr[6]; */
-    sub             v30.8h, v17.8h, v22.8h  /* tmp6 = dataptr[1] - dataptr[6]; */
-    add             v26.8h, v18.8h, v21.8h  /* tmp2 = dataptr[2] + dataptr[5]; */
-    sub             v29.8h, v18.8h, v21.8h  /* tmp5 = dataptr[2] - dataptr[5]; */
-    add             v27.8h, v19.8h, v20.8h  /* tmp3 = dataptr[3] + dataptr[4]; */
-    sub             v28.8h, v19.8h, v20.8h  /* tmp4 = dataptr[3] - dataptr[4]; */
-
-    /* even part */
-    add             v8.8h, v24.8h, v27.8h   /* tmp10 = tmp0 + tmp3; */
-    sub             v9.8h, v24.8h, v27.8h   /* tmp13 = tmp0 - tmp3; */
-    add             v10.8h, v25.8h, v26.8h  /* tmp11 = tmp1 + tmp2; */
-    sub             v11.8h, v25.8h, v26.8h  /* tmp12 = tmp1 - tmp2; */
-
-    add             v16.8h, v8.8h, v10.8h  /* tmp10 + tmp11 */
-    sub             v20.8h, v8.8h, v10.8h  /* tmp10 - tmp11 */
-
-    add             v18.8h, v11.8h, v9.8h  /* tmp12 + tmp13 */
-
-    srshr           v16.8h, v16.8h, #PASS1_BITS  /* dataptr[0] = (DCTELEM)DESCALE(tmp10 + tmp11, PASS1_BITS); */
-    srshr           v20.8h, v20.8h, #PASS1_BITS  /* dataptr[4] = (DCTELEM)DESCALE(tmp10 - tmp11, PASS1_BITS); */
-
-    smull2          v24.4s, v18.8h, XFIX_P_0_541  /* z1 hi = MULTIPLY(tmp12 + tmp13, XFIX_P_0_541); */
-    smull           v18.4s, v18.4h, XFIX_P_0_541  /* z1 lo = MULTIPLY(tmp12 + tmp13, XFIX_P_0_541); */
-    mov             v22.16b, v18.16b
-    mov             v25.16b, v24.16b
-
-    smlal           v18.4s, v9.4h, XFIX_P_0_765   /* lo z1 + MULTIPLY(tmp13, XFIX_P_0_765) */
-    smlal2          v24.4s, v9.8h, XFIX_P_0_765   /* hi z1 + MULTIPLY(tmp13, XFIX_P_0_765) */
-    smlal           v22.4s, v11.4h, XFIX_N_1_847  /* lo z1 + MULTIPLY(tmp12, XFIX_N_1_847) */
-    smlal2          v25.4s, v11.8h, XFIX_N_1_847  /* hi z1 + MULTIPLY(tmp12, XFIX_N_1_847) */
-
-    rshrn           v18.4h, v18.4s, #DESCALE_P2
-    rshrn           v22.4h, v22.4s, #DESCALE_P2
-    rshrn2          v18.8h, v24.4s, #DESCALE_P2  /* dataptr[2] = (DCTELEM)DESCALE(z1 + MULTIPLY(tmp13, XFIX_P_0_765), CONST_BITS-PASS1_BITS); */
-    rshrn2          v22.8h, v25.4s, #DESCALE_P2  /* dataptr[6] = (DCTELEM)DESCALE(z1 + MULTIPLY(tmp12, XFIX_N_1_847), CONST_BITS-PASS1_BITS); */
-
-    /* Odd part */
-    add             v8.8h, v28.8h, v31.8h   /* z1 = tmp4 + tmp7; */
-    add             v9.8h, v29.8h, v30.8h   /* z2 = tmp5 + tmp6; */
-    add             v10.8h, v28.8h, v30.8h  /* z3 = tmp4 + tmp6; */
-    add             v11.8h, v29.8h, v31.8h  /* z4 = tmp5 + tmp7; */
-
-    smull           v4.4s, v10.4h, XFIX_P_1_175  /* z5 lo = z3 lo * XFIX_P_1_175 */
-    smull2          v5.4s, v10.8h, XFIX_P_1_175
-    smlal           v4.4s, v11.4h, XFIX_P_1_175  /* z5 = MULTIPLY(z3 + z4, FIX_1_175875602); */
-    smlal2          v5.4s, v11.8h, XFIX_P_1_175
-
-    smull2          v24.4s, v28.8h, XFIX_P_0_298
-    smull2          v25.4s, v29.8h, XFIX_P_2_053
-    smull2          v26.4s, v30.8h, XFIX_P_3_072
-    smull2          v27.4s, v31.8h, XFIX_P_1_501
-    smull           v28.4s, v28.4h, XFIX_P_0_298  /* tmp4 = MULTIPLY(tmp4, FIX_0_298631336); */
-    smull           v29.4s, v29.4h, XFIX_P_2_053  /* tmp5 = MULTIPLY(tmp5, FIX_2_053119869); */
-    smull           v30.4s, v30.4h, XFIX_P_3_072  /* tmp6 = MULTIPLY(tmp6, FIX_3_072711026); */
-    smull           v31.4s, v31.4h, XFIX_P_1_501  /* tmp7 = MULTIPLY(tmp7, FIX_1_501321110); */
-
-    smull2          v12.4s, v8.8h, XFIX_N_0_899
-    smull2          v13.4s, v9.8h, XFIX_N_2_562
-    smull2          v14.4s, v10.8h, XFIX_N_1_961
-    smull2          v15.4s, v11.8h, XFIX_N_0_390
-    smull           v8.4s, v8.4h, XFIX_N_0_899    /* z1 = MULTIPLY(z1, -FIX_0_899976223); */
-    smull           v9.4s, v9.4h, XFIX_N_2_562    /* z2 = MULTIPLY(z2, -FIX_2_562915447); */
-    smull           v10.4s, v10.4h, XFIX_N_1_961  /* z3 = MULTIPLY(z3, -FIX_1_961570560); */
-    smull           v11.4s, v11.4h, XFIX_N_0_390  /* z4 = MULTIPLY(z4, -FIX_0_390180644); */
-
-    add             v10.4s, v10.4s, v4.4s
-    add             v14.4s, v14.4s, v5.4s
-    add             v11.4s, v11.4s, v4.4s
-    add             v15.4s, v15.4s, v5.4s
-
-    add             v28.4s, v28.4s, v8.4s   /* tmp4 += z1 */
-    add             v24.4s, v24.4s, v12.4s
-    add             v29.4s, v29.4s, v9.4s   /* tmp5 += z2 */
-    add             v25.4s, v25.4s, v13.4s
-    add             v30.4s, v30.4s, v10.4s  /* tmp6 += z3 */
-    add             v26.4s, v26.4s, v14.4s
-    add             v31.4s, v31.4s, v11.4s  /* tmp7 += z4 */
-    add             v27.4s, v27.4s, v15.4s
-
-    add             v28.4s, v28.4s, v10.4s  /* tmp4 += z3 */
-    add             v24.4s, v24.4s, v14.4s
-    add             v29.4s, v29.4s, v11.4s  /* tmp5 += z4 */
-    add             v25.4s, v25.4s, v15.4s
-    add             v30.4s, v30.4s, v9.4s   /* tmp6 += z2 */
-    add             v26.4s, v26.4s, v13.4s
-    add             v31.4s, v31.4s, v8.4s   /* tmp7 += z1 */
-    add             v27.4s, v27.4s, v12.4s
-
-    rshrn           v23.4h, v28.4s, #DESCALE_P2
-    rshrn           v21.4h, v29.4s, #DESCALE_P2
-    rshrn           v19.4h, v30.4s, #DESCALE_P2
-    rshrn           v17.4h, v31.4s, #DESCALE_P2
-    rshrn2          v23.8h, v24.4s, #DESCALE_P2  /* dataptr[7] = (DCTELEM)DESCALE(tmp4 + z1 + z3, CONST_BITS-PASS1_BITS); */
-    rshrn2          v21.8h, v25.4s, #DESCALE_P2  /* dataptr[5] = (DCTELEM)DESCALE(tmp5 + z2 + z4, CONST_BITS-PASS1_BITS); */
-    rshrn2          v19.8h, v26.4s, #DESCALE_P2  /* dataptr[3] = (DCTELEM)DESCALE(tmp6 + z2 + z3, CONST_BITS-PASS1_BITS); */
-    rshrn2          v17.8h, v27.4s, #DESCALE_P2  /* dataptr[1] = (DCTELEM)DESCALE(tmp7 + z1 + z4, CONST_BITS-PASS1_BITS); */
-
-    /* store results */
-    st1             {v16.8h, v17.8h, v18.8h, v19.8h}, [DATA], 64
-    st1             {v20.8h, v21.8h, v22.8h, v23.8h}, [DATA]
-
-    /* Restore Neon registers */
-    ld1             {v8.8b, v9.8b, v10.8b, v11.8b}, [sp], 32
-    ld1             {v12.8b, v13.8b, v14.8b, v15.8b}, [sp], 32
-
-    br              x30
-
-    .unreq          DATA
-    .unreq          TMP
-
-#undef XFIX_P_0_298
-#undef XFIX_N_0_390
-#undef XFIX_P_0_541
-#undef XFIX_P_0_765
-#undef XFIX_N_0_899
-#undef XFIX_P_1_175
-#undef XFIX_P_1_501
-#undef XFIX_N_1_847
-#undef XFIX_N_1_961
-#undef XFIX_P_2_053
-#undef XFIX_N_2_562
-#undef XFIX_P_3_072
-
-
-/*****************************************************************************/
-
-/*
- * GLOBAL(JOCTET *)
- * jsimd_huff_encode_one_block(working_state *state, JOCTET *buffer,
- *                             JCOEFPTR block, int last_dc_val,
- *                             c_derived_tbl *dctbl, c_derived_tbl *actbl)
- *
- */
-
-    BUFFER          .req x1
-    PUT_BUFFER      .req x6
-    PUT_BITS        .req x7
-    PUT_BITSw       .req w7
-
-.macro emit_byte
-    sub             PUT_BITS, PUT_BITS, #0x8
-    lsr             x19, PUT_BUFFER, PUT_BITS
-    uxtb            w19, w19
-    strb            w19, [BUFFER, #1]!
-    cmp             w19, #0xff
-    b.ne            14f
-    strb            wzr, [BUFFER, #1]!
-14:
-.endm
-.macro put_bits CODE, SIZE
-    lsl             PUT_BUFFER, PUT_BUFFER, \SIZE
-    add             PUT_BITS, PUT_BITS, \SIZE
-    orr             PUT_BUFFER, PUT_BUFFER, \CODE
-.endm
-.macro checkbuf31
-    cmp             PUT_BITS, #0x20
-    b.lt            31f
-    emit_byte
-    emit_byte
-    emit_byte
-    emit_byte
-31:
-.endm
-.macro checkbuf47
-    cmp             PUT_BITS, #0x30
-    b.lt            47f
-    emit_byte
-    emit_byte
-    emit_byte
-    emit_byte
-    emit_byte
-    emit_byte
-47:
-.endm
-
-.macro generate_jsimd_huff_encode_one_block fast_tbl
-
-.if \fast_tbl == 1
-asm_function jsimd_huff_encode_one_block_neon
-.else
-asm_function jsimd_huff_encode_one_block_neon_slowtbl
-.endif
-    sub             sp, sp, 272
-    sub             BUFFER, BUFFER, #0x1    /* BUFFER=buffer-- */
-    /* Save Arm registers */
-    stp             x19, x20, [sp]
-    get_symbol_loc  x15, Ljsimd_huff_encode_one_block_neon_consts
-    ldr             PUT_BUFFER, [x0, #0x10]
-    ldr             PUT_BITSw, [x0, #0x18]
-    ldrsh           w12, [x2]               /* load DC coeff in w12 */
-    /* prepare data */
-.if \fast_tbl == 1
-    ld1             {v23.16b}, [x15], #16
-    ld1             {v0.16b, v1.16b, v2.16b, v3.16b}, [x15], #64
-    ld1             {v4.16b, v5.16b, v6.16b, v7.16b}, [x15], #64
-    ld1             {v16.16b, v17.16b, v18.16b, v19.16b}, [x15], #64
-    ld1             {v24.16b, v25.16b, v26.16b, v27.16b}, [x2], #64
-    ld1             {v28.16b, v29.16b, v30.16b, v31.16b}, [x2], #64
-    sub             w12, w12, w3      /* last_dc_val, not used afterwards */
-    /* ZigZag 8x8 */
-    tbl             v0.16b, {v24.16b, v25.16b, v26.16b, v27.16b}, v0.16b
-    tbl             v1.16b, {v24.16b, v25.16b, v26.16b, v27.16b}, v1.16b
-    tbl             v2.16b, {v25.16b, v26.16b, v27.16b, v28.16b}, v2.16b
-    tbl             v3.16b, {v24.16b, v25.16b, v26.16b, v27.16b}, v3.16b
-    tbl             v4.16b, {v28.16b, v29.16b, v30.16b, v31.16b}, v4.16b
-    tbl             v5.16b, {v25.16b, v26.16b, v27.16b, v28.16b}, v5.16b
-    tbl             v6.16b, {v27.16b, v28.16b, v29.16b, v30.16b}, v6.16b
-    tbl             v7.16b, {v29.16b, v30.16b, v31.16b}, v7.16b
-    ins             v0.h[0], w12
-    tbx             v1.16b, {v28.16b}, v16.16b
-    tbx             v2.16b, {v29.16b, v30.16b}, v17.16b
-    tbx             v5.16b, {v29.16b, v30.16b}, v18.16b
-    tbx             v6.16b, {v31.16b}, v19.16b
-.else
-      add             x13, x2, #0x22
-      sub             w12, w12, w3    /* last_dc_val, not used afterwards */
-    ld1             {v23.16b}, [x15]
-      add             x14, x2, #0x18
-      add             x3, x2, #0x36
-    ins             v0.h[0], w12
-      add             x9, x2, #0x2
-    ld1             {v1.h}[0], [x13]
-      add             x15, x2, #0x30
-    ld1             {v2.h}[0], [x14]
-      add             x19, x2, #0x26
-    ld1             {v3.h}[0], [x3]
-      add             x20, x2, #0x28
-    ld1             {v0.h}[1], [x9]
-      add             x12, x2, #0x10
-    ld1             {v1.h}[1], [x15]
-      add             x13, x2, #0x40
-    ld1             {v2.h}[1], [x19]
-      add             x14, x2, #0x34
-    ld1             {v3.h}[1], [x20]
-      add             x3, x2, #0x1a
-    ld1             {v0.h}[2], [x12]
-      add             x9, x2, #0x20
-    ld1             {v1.h}[2], [x13]
-      add             x15, x2, #0x32
-    ld1             {v2.h}[2], [x14]
-      add             x19, x2, #0x42
-    ld1             {v3.h}[2], [x3]
-      add             x20, x2, #0xc
-    ld1             {v0.h}[3], [x9]
-      add             x12, x2, #0x12
-    ld1             {v1.h}[3], [x15]
-      add             x13, x2, #0x24
-    ld1             {v2.h}[3], [x19]
-      add             x14, x2, #0x50
-    ld1             {v3.h}[3], [x20]
-      add             x3, x2, #0xe
-    ld1             {v0.h}[4], [x12]
-      add             x9, x2, #0x4
-    ld1             {v1.h}[4], [x13]
-      add             x15, x2, #0x16
-    ld1             {v2.h}[4], [x14]
-      add             x19, x2, #0x60
-    ld1             {v3.h}[4], [x3]
-      add             x20, x2, #0x1c
-    ld1             {v0.h}[5], [x9]
-      add             x12, x2, #0x6
-    ld1             {v1.h}[5], [x15]
-      add             x13, x2, #0x8
-    ld1             {v2.h}[5], [x19]
-      add             x14, x2, #0x52
-    ld1             {v3.h}[5], [x20]
-      add             x3, x2, #0x2a
-    ld1             {v0.h}[6], [x12]
-      add             x9, x2, #0x14
-    ld1             {v1.h}[6], [x13]
-      add             x15, x2, #0xa
-    ld1             {v2.h}[6], [x14]
-      add             x19, x2, #0x44
-    ld1             {v3.h}[6], [x3]
-      add             x20, x2, #0x38
-    ld1             {v0.h}[7], [x9]
-      add             x12, x2, #0x46
-    ld1             {v1.h}[7], [x15]
-      add             x13, x2, #0x3a
-    ld1             {v2.h}[7], [x19]
-      add             x14, x2, #0x74
-    ld1             {v3.h}[7], [x20]
-      add             x3, x2, #0x6a
-    ld1             {v4.h}[0], [x12]
-      add             x9, x2, #0x54
-    ld1             {v5.h}[0], [x13]
-      add             x15, x2, #0x2c
-    ld1             {v6.h}[0], [x14]
-      add             x19, x2, #0x76
-    ld1             {v7.h}[0], [x3]
-      add             x20, x2, #0x78
-    ld1             {v4.h}[1], [x9]
-      add             x12, x2, #0x62
-    ld1             {v5.h}[1], [x15]
-      add             x13, x2, #0x1e
-    ld1             {v6.h}[1], [x19]
-      add             x14, x2, #0x68
-    ld1             {v7.h}[1], [x20]
-      add             x3, x2, #0x7a
-    ld1             {v4.h}[2], [x12]
-      add             x9, x2, #0x70
-    ld1             {v5.h}[2], [x13]
-      add             x15, x2, #0x2e
-    ld1             {v6.h}[2], [x14]
-      add             x19, x2, #0x5a
-    ld1             {v7.h}[2], [x3]
-      add             x20, x2, #0x6c
-    ld1             {v4.h}[3], [x9]
-      add             x12, x2, #0x72
-    ld1             {v5.h}[3], [x15]
-      add             x13, x2, #0x3c
-    ld1             {v6.h}[3], [x19]
-      add             x14, x2, #0x4c
-    ld1             {v7.h}[3], [x20]
-      add             x3, x2, #0x5e
-    ld1             {v4.h}[4], [x12]
-      add             x9, x2, #0x64
-    ld1             {v5.h}[4], [x13]
-      add             x15, x2, #0x4a
-    ld1             {v6.h}[4], [x14]
-      add             x19, x2, #0x3e
-    ld1             {v7.h}[4], [x3]
-      add             x20, x2, #0x6e
-    ld1             {v4.h}[5], [x9]
-      add             x12, x2, #0x56
-    ld1             {v5.h}[5], [x15]
-      add             x13, x2, #0x58
-    ld1             {v6.h}[5], [x19]
-      add             x14, x2, #0x4e
-    ld1             {v7.h}[5], [x20]
-      add             x3, x2, #0x7c
-    ld1             {v4.h}[6], [x12]
-      add             x9, x2, #0x48
-    ld1             {v5.h}[6], [x13]
-      add             x15, x2, #0x66
-    ld1             {v6.h}[6], [x14]
-      add             x19, x2, #0x5c
-    ld1             {v7.h}[6], [x3]
-      add             x20, x2, #0x7e
-    ld1             {v4.h}[7], [x9]
-    ld1             {v5.h}[7], [x15]
-    ld1             {v6.h}[7], [x19]
-    ld1             {v7.h}[7], [x20]
-.endif
-    cmlt            v24.8h, v0.8h, #0
-    cmlt            v25.8h, v1.8h, #0
-    cmlt            v26.8h, v2.8h, #0
-    cmlt            v27.8h, v3.8h, #0
-    cmlt            v28.8h, v4.8h, #0
-    cmlt            v29.8h, v5.8h, #0
-    cmlt            v30.8h, v6.8h, #0
-    cmlt            v31.8h, v7.8h, #0
-    abs             v0.8h, v0.8h
-    abs             v1.8h, v1.8h
-    abs             v2.8h, v2.8h
-    abs             v3.8h, v3.8h
-    abs             v4.8h, v4.8h
-    abs             v5.8h, v5.8h
-    abs             v6.8h, v6.8h
-    abs             v7.8h, v7.8h
-    eor             v24.16b, v24.16b, v0.16b
-    eor             v25.16b, v25.16b, v1.16b
-    eor             v26.16b, v26.16b, v2.16b
-    eor             v27.16b, v27.16b, v3.16b
-    eor             v28.16b, v28.16b, v4.16b
-    eor             v29.16b, v29.16b, v5.16b
-    eor             v30.16b, v30.16b, v6.16b
-    eor             v31.16b, v31.16b, v7.16b
-    cmeq            v16.8h, v0.8h, #0
-    cmeq            v17.8h, v1.8h, #0
-    cmeq            v18.8h, v2.8h, #0
-    cmeq            v19.8h, v3.8h, #0
-    cmeq            v20.8h, v4.8h, #0
-    cmeq            v21.8h, v5.8h, #0
-    cmeq            v22.8h, v6.8h, #0
-    xtn             v16.8b, v16.8h
-    xtn             v18.8b, v18.8h
-    xtn             v20.8b, v20.8h
-    xtn             v22.8b, v22.8h
-      umov            w14, v0.h[0]
-    xtn2            v16.16b, v17.8h
-      umov            w13, v24.h[0]
-    xtn2            v18.16b, v19.8h
-      clz             w14, w14
-    xtn2            v20.16b, v21.8h
-      lsl             w13, w13, w14
-    cmeq            v17.8h, v7.8h, #0
-      sub             w12, w14, #32
-    xtn2            v22.16b, v17.8h
-      lsr             w13, w13, w14
-    and             v16.16b, v16.16b, v23.16b
-      neg             w12, w12
-    and             v18.16b, v18.16b, v23.16b
-      add             x3, x4, #0x400           /* r1 = dctbl->ehufsi */
-    and             v20.16b, v20.16b, v23.16b
-      add             x15, sp, #0x90           /* x15 = t2 */
-    and             v22.16b, v22.16b, v23.16b
-      ldr             w10, [x4, x12, lsl #2]
-    addp            v16.16b, v16.16b, v18.16b
-      ldrb            w11, [x3, x12]
-    addp            v20.16b, v20.16b, v22.16b
-      checkbuf47
-    addp            v16.16b, v16.16b, v20.16b
-      put_bits        x10, x11
-    addp            v16.16b, v16.16b, v18.16b
-      checkbuf47
-    umov            x9, v16.D[0]
-      put_bits        x13, x12
-    cnt             v17.8b, v16.8b
-      mvn             x9, x9
-    addv            B18, v17.8b
-      add             x4, x5, #0x400   /* x4 = actbl->ehufsi */
-    umov            w12, v18.b[0]
-      lsr             x9, x9, #0x1     /* clear AC coeff */
-    ldr             w13, [x5, #0x3c0]  /* x13 = actbl->ehufco[0xf0] */
-    rbit            x9, x9             /* x9 = index0 */
-    ldrb            w14, [x4, #0xf0]   /* x14 = actbl->ehufsi[0xf0] */
-    cmp             w12, #(64-8)
-    add             x11, sp, #16
-    b.lt            4f
-    cbz             x9, 6f
-    st1             {v0.8h, v1.8h, v2.8h, v3.8h}, [x11], #64
-    st1             {v4.8h, v5.8h, v6.8h, v7.8h}, [x11], #64
-    st1             {v24.8h, v25.8h, v26.8h, v27.8h}, [x11], #64
-    st1             {v28.8h, v29.8h, v30.8h, v31.8h}, [x11], #64
-1:
-    clz             x2, x9
-    add             x15, x15, x2, lsl #1
-    lsl             x9, x9, x2
-    ldrh            w20, [x15, #-126]
-2:
-    cmp             x2, #0x10
-    b.lt            3f
-    sub             x2, x2, #0x10
-    checkbuf47
-    put_bits        x13, x14
-    b               2b
-3:
-    clz             w20, w20
-    ldrh            w3, [x15, #2]!
-    sub             w11, w20, #32
-    lsl             w3, w3, w20
-    neg             w11, w11
-    lsr             w3, w3, w20
-    add             x2, x11, x2, lsl #4
-    lsl             x9, x9, #0x1
-    ldr             w12, [x5, x2, lsl #2]
-    ldrb            w10, [x4, x2]
-    checkbuf31
-    put_bits        x12, x10
-    put_bits        x3, x11
-    cbnz            x9, 1b
-    b               6f
-4:
-    movi            v21.8h, #0x0010
-    clz             v0.8h, v0.8h
-    clz             v1.8h, v1.8h
-    clz             v2.8h, v2.8h
-    clz             v3.8h, v3.8h
-    clz             v4.8h, v4.8h
-    clz             v5.8h, v5.8h
-    clz             v6.8h, v6.8h
-    clz             v7.8h, v7.8h
-    ushl            v24.8h, v24.8h, v0.8h
-    ushl            v25.8h, v25.8h, v1.8h
-    ushl            v26.8h, v26.8h, v2.8h
-    ushl            v27.8h, v27.8h, v3.8h
-    ushl            v28.8h, v28.8h, v4.8h
-    ushl            v29.8h, v29.8h, v5.8h
-    ushl            v30.8h, v30.8h, v6.8h
-    ushl            v31.8h, v31.8h, v7.8h
-    neg             v0.8h, v0.8h
-    neg             v1.8h, v1.8h
-    neg             v2.8h, v2.8h
-    neg             v3.8h, v3.8h
-    neg             v4.8h, v4.8h
-    neg             v5.8h, v5.8h
-    neg             v6.8h, v6.8h
-    neg             v7.8h, v7.8h
-    ushl            v24.8h, v24.8h, v0.8h
-    ushl            v25.8h, v25.8h, v1.8h
-    ushl            v26.8h, v26.8h, v2.8h
-    ushl            v27.8h, v27.8h, v3.8h
-    ushl            v28.8h, v28.8h, v4.8h
-    ushl            v29.8h, v29.8h, v5.8h
-    ushl            v30.8h, v30.8h, v6.8h
-    ushl            v31.8h, v31.8h, v7.8h
-    add             v0.8h, v21.8h, v0.8h
-    add             v1.8h, v21.8h, v1.8h
-    add             v2.8h, v21.8h, v2.8h
-    add             v3.8h, v21.8h, v3.8h
-    add             v4.8h, v21.8h, v4.8h
-    add             v5.8h, v21.8h, v5.8h
-    add             v6.8h, v21.8h, v6.8h
-    add             v7.8h, v21.8h, v7.8h
-    st1             {v0.8h, v1.8h, v2.8h, v3.8h}, [x11], #64
-    st1             {v4.8h, v5.8h, v6.8h, v7.8h}, [x11], #64
-    st1             {v24.8h, v25.8h, v26.8h, v27.8h}, [x11], #64
-    st1             {v28.8h, v29.8h, v30.8h, v31.8h}, [x11], #64
-1:
-    clz             x2, x9
-    add             x15, x15, x2, lsl #1
-    lsl             x9, x9, x2
-    ldrh            w11, [x15, #-126]
-2:
-    cmp             x2, #0x10
-    b.lt            3f
-    sub             x2, x2, #0x10
-    checkbuf47
-    put_bits        x13, x14
-    b               2b
-3:
-    ldrh            w3, [x15, #2]!
-    add             x2, x11, x2, lsl #4
-    lsl             x9, x9, #0x1
-    ldr             w12, [x5, x2, lsl #2]
-    ldrb            w10, [x4, x2]
-    checkbuf31
-    put_bits        x12, x10
-    put_bits        x3, x11
-    cbnz            x9, 1b
-6:
-    add             x13, sp, #0x10e
-    cmp             x15, x13
-    b.hs            1f
-    ldr             w12, [x5]
-    ldrb            w14, [x4]
-    checkbuf47
-    put_bits        x12, x14
-1:
-    str             PUT_BUFFER, [x0, #0x10]
-    str             PUT_BITSw, [x0, #0x18]
-    ldp             x19, x20, [sp], 16
-    add             x0, BUFFER, #0x1
-    add             sp, sp, 256
-    br              x30
-
-.endm
-
-generate_jsimd_huff_encode_one_block 1
-generate_jsimd_huff_encode_one_block 0
-
-    .unreq          BUFFER
-    .unreq          PUT_BUFFER
-    .unreq          PUT_BITS
-    .unreq          PUT_BITSw
-
-.purgem emit_byte
-.purgem put_bits
-.purgem checkbuf31
-.purgem checkbuf47
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/align.h b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/align.h
deleted file mode 100644
index cff4241..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/align.h
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * Copyright (C) 2020, Arm Limited.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* How to obtain memory alignment for structures and variables */
-#if defined(_MSC_VER)
-#define ALIGN(alignment)  __declspec(align(alignment))
-#elif defined(__clang__) || defined(__GNUC__)
-#define ALIGN(alignment)  __attribute__((aligned(alignment)))
-#else
-#error "Unknown compiler"
-#endif
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jccolor-neon.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jccolor-neon.c
deleted file mode 100644
index 9fcc62d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jccolor-neon.c
+++ /dev/null
@@ -1,160 +0,0 @@
-/*
- * jccolor-neon.c - colorspace conversion (Arm Neon)
- *
- * Copyright (C) 2020, Arm Limited.  All Rights Reserved.
- * Copyright (C) 2020, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#define JPEG_INTERNALS
-#include "../../jinclude.h"
-#include "../../jpeglib.h"
-#include "../../jsimd.h"
-#include "../../jdct.h"
-#include "../../jsimddct.h"
-#include "../jsimd.h"
-#include "align.h"
-#include "neon-compat.h"
-
-#include <arm_neon.h>
-
-
-/* RGB -> YCbCr conversion constants */
-
-#define F_0_298  19595
-#define F_0_587  38470
-#define F_0_113  7471
-#define F_0_168  11059
-#define F_0_331  21709
-#define F_0_500  32768
-#define F_0_418  27439
-#define F_0_081  5329
-
-ALIGN(16) static const uint16_t jsimd_rgb_ycc_neon_consts[] = {
-  F_0_298, F_0_587, F_0_113, F_0_168,
-  F_0_331, F_0_500, F_0_418, F_0_081
-};
-
-
-/* Include inline routines for colorspace extensions. */
-
-#if defined(__aarch64__) || defined(_M_ARM64)
-#include "aarch64/jccolext-neon.c"
-#else
-#include "aarch32/jccolext-neon.c"
-#endif
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-
-#define RGB_RED  EXT_RGB_RED
-#define RGB_GREEN  EXT_RGB_GREEN
-#define RGB_BLUE  EXT_RGB_BLUE
-#define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-#define jsimd_rgb_ycc_convert_neon  jsimd_extrgb_ycc_convert_neon
-#if defined(__aarch64__) || defined(_M_ARM64)
-#include "aarch64/jccolext-neon.c"
-#else
-#include "aarch32/jccolext-neon.c"
-#endif
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_ycc_convert_neon
-
-#define RGB_RED  EXT_RGBX_RED
-#define RGB_GREEN  EXT_RGBX_GREEN
-#define RGB_BLUE  EXT_RGBX_BLUE
-#define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-#define jsimd_rgb_ycc_convert_neon  jsimd_extrgbx_ycc_convert_neon
-#if defined(__aarch64__) || defined(_M_ARM64)
-#include "aarch64/jccolext-neon.c"
-#else
-#include "aarch32/jccolext-neon.c"
-#endif
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_ycc_convert_neon
-
-#define RGB_RED  EXT_BGR_RED
-#define RGB_GREEN  EXT_BGR_GREEN
-#define RGB_BLUE  EXT_BGR_BLUE
-#define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-#define jsimd_rgb_ycc_convert_neon  jsimd_extbgr_ycc_convert_neon
-#if defined(__aarch64__) || defined(_M_ARM64)
-#include "aarch64/jccolext-neon.c"
-#else
-#include "aarch32/jccolext-neon.c"
-#endif
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_ycc_convert_neon
-
-#define RGB_RED  EXT_BGRX_RED
-#define RGB_GREEN  EXT_BGRX_GREEN
-#define RGB_BLUE  EXT_BGRX_BLUE
-#define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-#define jsimd_rgb_ycc_convert_neon  jsimd_extbgrx_ycc_convert_neon
-#if defined(__aarch64__) || defined(_M_ARM64)
-#include "aarch64/jccolext-neon.c"
-#else
-#include "aarch32/jccolext-neon.c"
-#endif
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_ycc_convert_neon
-
-#define RGB_RED  EXT_XBGR_RED
-#define RGB_GREEN  EXT_XBGR_GREEN
-#define RGB_BLUE  EXT_XBGR_BLUE
-#define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-#define jsimd_rgb_ycc_convert_neon  jsimd_extxbgr_ycc_convert_neon
-#if defined(__aarch64__) || defined(_M_ARM64)
-#include "aarch64/jccolext-neon.c"
-#else
-#include "aarch32/jccolext-neon.c"
-#endif
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_ycc_convert_neon
-
-#define RGB_RED  EXT_XRGB_RED
-#define RGB_GREEN  EXT_XRGB_GREEN
-#define RGB_BLUE  EXT_XRGB_BLUE
-#define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-#define jsimd_rgb_ycc_convert_neon  jsimd_extxrgb_ycc_convert_neon
-#if defined(__aarch64__) || defined(_M_ARM64)
-#include "aarch64/jccolext-neon.c"
-#else
-#include "aarch32/jccolext-neon.c"
-#endif
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_ycc_convert_neon
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jcgray-neon.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jcgray-neon.c
deleted file mode 100644
index 71c7b2d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jcgray-neon.c
+++ /dev/null
@@ -1,120 +0,0 @@
-/*
- * jcgray-neon.c - grayscale colorspace conversion (Arm Neon)
- *
- * Copyright (C) 2020, Arm Limited.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#define JPEG_INTERNALS
-#include "../../jinclude.h"
-#include "../../jpeglib.h"
-#include "../../jsimd.h"
-#include "../../jdct.h"
-#include "../../jsimddct.h"
-#include "../jsimd.h"
-#include "align.h"
-
-#include <arm_neon.h>
-
-
-/* RGB -> Grayscale conversion constants */
-
-#define F_0_298  19595
-#define F_0_587  38470
-#define F_0_113  7471
-
-
-/* Include inline routines for colorspace extensions. */
-
-#include "jcgryext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-
-#define RGB_RED  EXT_RGB_RED
-#define RGB_GREEN  EXT_RGB_GREEN
-#define RGB_BLUE  EXT_RGB_BLUE
-#define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-#define jsimd_rgb_gray_convert_neon  jsimd_extrgb_gray_convert_neon
-#include "jcgryext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_gray_convert_neon
-
-#define RGB_RED  EXT_RGBX_RED
-#define RGB_GREEN  EXT_RGBX_GREEN
-#define RGB_BLUE  EXT_RGBX_BLUE
-#define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-#define jsimd_rgb_gray_convert_neon  jsimd_extrgbx_gray_convert_neon
-#include "jcgryext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_gray_convert_neon
-
-#define RGB_RED  EXT_BGR_RED
-#define RGB_GREEN  EXT_BGR_GREEN
-#define RGB_BLUE  EXT_BGR_BLUE
-#define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-#define jsimd_rgb_gray_convert_neon  jsimd_extbgr_gray_convert_neon
-#include "jcgryext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_gray_convert_neon
-
-#define RGB_RED  EXT_BGRX_RED
-#define RGB_GREEN  EXT_BGRX_GREEN
-#define RGB_BLUE  EXT_BGRX_BLUE
-#define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-#define jsimd_rgb_gray_convert_neon  jsimd_extbgrx_gray_convert_neon
-#include "jcgryext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_gray_convert_neon
-
-#define RGB_RED  EXT_XBGR_RED
-#define RGB_GREEN  EXT_XBGR_GREEN
-#define RGB_BLUE  EXT_XBGR_BLUE
-#define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-#define jsimd_rgb_gray_convert_neon  jsimd_extxbgr_gray_convert_neon
-#include "jcgryext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_gray_convert_neon
-
-#define RGB_RED  EXT_XRGB_RED
-#define RGB_GREEN  EXT_XRGB_GREEN
-#define RGB_BLUE  EXT_XRGB_BLUE
-#define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-#define jsimd_rgb_gray_convert_neon  jsimd_extxrgb_gray_convert_neon
-#include "jcgryext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_gray_convert_neon
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jcgryext-neon.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jcgryext-neon.c
deleted file mode 100644
index 416a738..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jcgryext-neon.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/*
- * jcgryext-neon.c - grayscale colorspace conversion (Arm Neon)
- *
- * Copyright (C) 2020, Arm Limited.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* This file is included by jcgray-neon.c */
-
-
-/* RGB -> Grayscale conversion is defined by the following equation:
- *    Y  =  0.29900 * R + 0.58700 * G + 0.11400 * B
- *
- * Avoid floating point arithmetic by using shifted integer constants:
- *    0.29899597 = 19595 * 2^-16
- *    0.58700561 = 38470 * 2^-16
- *    0.11399841 =  7471 * 2^-16
- * These constants are defined in jcgray-neon.c
- *
- * This is the same computation as the RGB -> Y portion of RGB -> YCbCr.
- */
-
-void jsimd_rgb_gray_convert_neon(JDIMENSION image_width, JSAMPARRAY input_buf,
-                                 JSAMPIMAGE output_buf, JDIMENSION output_row,
-                                 int num_rows)
-{
-  JSAMPROW inptr;
-  JSAMPROW outptr;
-  /* Allocate temporary buffer for final (image_width % 16) pixels in row. */
-  ALIGN(16) uint8_t tmp_buf[16 * RGB_PIXELSIZE];
-
-  while (--num_rows >= 0) {
-    inptr = *input_buf++;
-    outptr = output_buf[0][output_row];
-    output_row++;
-
-    int cols_remaining = image_width;
-    for (; cols_remaining > 0; cols_remaining -= 16) {
-
-      /* To prevent buffer overread by the vector load instructions, the last
-       * (image_width % 16) columns of data are first memcopied to a temporary
-       * buffer large enough to accommodate the vector load.
-       */
-      if (cols_remaining < 16) {
-        memcpy(tmp_buf, inptr, cols_remaining * RGB_PIXELSIZE);
-        inptr = tmp_buf;
-      }
-
-#if RGB_PIXELSIZE == 4
-      uint8x16x4_t input_pixels = vld4q_u8(inptr);
-#else
-      uint8x16x3_t input_pixels = vld3q_u8(inptr);
-#endif
-      uint16x8_t r_l = vmovl_u8(vget_low_u8(input_pixels.val[RGB_RED]));
-      uint16x8_t r_h = vmovl_u8(vget_high_u8(input_pixels.val[RGB_RED]));
-      uint16x8_t g_l = vmovl_u8(vget_low_u8(input_pixels.val[RGB_GREEN]));
-      uint16x8_t g_h = vmovl_u8(vget_high_u8(input_pixels.val[RGB_GREEN]));
-      uint16x8_t b_l = vmovl_u8(vget_low_u8(input_pixels.val[RGB_BLUE]));
-      uint16x8_t b_h = vmovl_u8(vget_high_u8(input_pixels.val[RGB_BLUE]));
-
-      /* Compute Y = 0.29900 * R + 0.58700 * G + 0.11400 * B */
-      uint32x4_t y_ll = vmull_n_u16(vget_low_u16(r_l), F_0_298);
-      uint32x4_t y_lh = vmull_n_u16(vget_high_u16(r_l), F_0_298);
-      uint32x4_t y_hl = vmull_n_u16(vget_low_u16(r_h), F_0_298);
-      uint32x4_t y_hh = vmull_n_u16(vget_high_u16(r_h), F_0_298);
-      y_ll = vmlal_n_u16(y_ll, vget_low_u16(g_l), F_0_587);
-      y_lh = vmlal_n_u16(y_lh, vget_high_u16(g_l), F_0_587);
-      y_hl = vmlal_n_u16(y_hl, vget_low_u16(g_h), F_0_587);
-      y_hh = vmlal_n_u16(y_hh, vget_high_u16(g_h), F_0_587);
-      y_ll = vmlal_n_u16(y_ll, vget_low_u16(b_l), F_0_113);
-      y_lh = vmlal_n_u16(y_lh, vget_high_u16(b_l), F_0_113);
-      y_hl = vmlal_n_u16(y_hl, vget_low_u16(b_h), F_0_113);
-      y_hh = vmlal_n_u16(y_hh, vget_high_u16(b_h), F_0_113);
-
-      /* Descale Y values (rounding right shift) and narrow to 16-bit. */
-      uint16x8_t y_l = vcombine_u16(vrshrn_n_u32(y_ll, 16),
-                                    vrshrn_n_u32(y_lh, 16));
-      uint16x8_t y_h = vcombine_u16(vrshrn_n_u32(y_hl, 16),
-                                    vrshrn_n_u32(y_hh, 16));
-
-      /* Narrow Y values to 8-bit and store to memory.  Buffer overwrite is
-       * permitted up to the next multiple of ALIGN_SIZE bytes.
-       */
-      vst1q_u8(outptr, vcombine_u8(vmovn_u16(y_l), vmovn_u16(y_h)));
-
-      /* Increment pointers. */
-      inptr += (16 * RGB_PIXELSIZE);
-      outptr += 16;
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jchuff.h b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jchuff.h
deleted file mode 100644
index d4edd5e..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jchuff.h
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
- * jchuff.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1997, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2009, 2018, D. R. Commander.
- * Copyright (C) 2018, Matthias Räncker.
- * Copyright (C) 2020-2021, Arm Limited.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- */
-
-/* Expanded entropy encoder object for Huffman encoding.
- *
- * The savable_state subrecord contains fields that change within an MCU,
- * but must not be updated permanently until we complete the MCU.
- */
-
-#if defined(__aarch64__) || defined(_M_ARM64)
-#define BIT_BUF_SIZE  64
-#else
-#define BIT_BUF_SIZE  32
-#endif
-
-typedef struct {
-  size_t put_buffer;                    /* current bit accumulation buffer */
-  int free_bits;                        /* # of bits available in it */
-  int last_dc_val[MAX_COMPS_IN_SCAN];   /* last DC coef for each component */
-} savable_state;
-
-typedef struct {
-  JOCTET *next_output_byte;     /* => next byte to write in buffer */
-  size_t free_in_buffer;        /* # of byte spaces remaining in buffer */
-  savable_state cur;            /* Current bit buffer & DC state */
-  j_compress_ptr cinfo;         /* dump_buffer needs access to this */
-  int simd;
-} working_state;
-
-/* Outputting bits to the file */
-
-/* Output byte b and, speculatively, an additional 0 byte. 0xFF must be encoded
- * as 0xFF 0x00, so the output buffer pointer is advanced by 2 if the byte is
- * 0xFF.  Otherwise, the output buffer pointer is advanced by 1, and the
- * speculative 0 byte will be overwritten by the next byte.
- */
-#define EMIT_BYTE(b) { \
-  buffer[0] = (JOCTET)(b); \
-  buffer[1] = 0; \
-  buffer -= -2 + ((JOCTET)(b) < 0xFF); \
-}
-
-/* Output the entire bit buffer.  If there are no 0xFF bytes in it, then write
- * directly to the output buffer.  Otherwise, use the EMIT_BYTE() macro to
- * encode 0xFF as 0xFF 0x00.
- */
-#if defined(__aarch64__) || defined(_M_ARM64)
-
-#define FLUSH() { \
-  if (put_buffer & 0x8080808080808080 & ~(put_buffer + 0x0101010101010101)) { \
-    EMIT_BYTE(put_buffer >> 56) \
-    EMIT_BYTE(put_buffer >> 48) \
-    EMIT_BYTE(put_buffer >> 40) \
-    EMIT_BYTE(put_buffer >> 32) \
-    EMIT_BYTE(put_buffer >> 24) \
-    EMIT_BYTE(put_buffer >> 16) \
-    EMIT_BYTE(put_buffer >>  8) \
-    EMIT_BYTE(put_buffer      ) \
-  } else { \
-    *((uint64_t *)buffer) = BUILTIN_BSWAP64(put_buffer); \
-    buffer += 8; \
-  } \
-}
-
-#else
-
-#define FLUSH() { \
-  if (put_buffer & 0x80808080 & ~(put_buffer + 0x01010101)) { \
-    EMIT_BYTE(put_buffer >> 24) \
-    EMIT_BYTE(put_buffer >> 16) \
-    EMIT_BYTE(put_buffer >>  8) \
-    EMIT_BYTE(put_buffer      ) \
-  } else { \
-    *((uint32_t *)buffer) = BUILTIN_BSWAP32(put_buffer); \
-    buffer += 4; \
-  } \
-}
-
-#endif
-
-/* Fill the bit buffer to capacity with the leading bits from code, then output
- * the bit buffer and put the remaining bits from code into the bit buffer.
- */
-#define PUT_AND_FLUSH(code, size) { \
-  put_buffer = (put_buffer << (size + free_bits)) | (code >> -free_bits); \
-  FLUSH() \
-  free_bits += BIT_BUF_SIZE; \
-  put_buffer = code; \
-}
-
-/* Insert code into the bit buffer and output the bit buffer if needed.
- * NOTE: We can't flush with free_bits == 0, since the left shift in
- * PUT_AND_FLUSH() would have undefined behavior.
- */
-#define PUT_BITS(code, size) { \
-  free_bits -= size; \
-  if (free_bits < 0) \
-    PUT_AND_FLUSH(code, size) \
-  else \
-    put_buffer = (put_buffer << size) | code; \
-}
-
-#define PUT_CODE(code, size, diff) { \
-  diff |= code << nbits; \
-  nbits += size; \
-  PUT_BITS(diff, nbits) \
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jcphuff-neon.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jcphuff-neon.c
deleted file mode 100644
index 86a263f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jcphuff-neon.c
+++ /dev/null
@@ -1,591 +0,0 @@
-/*
- * jcphuff-neon.c - prepare data for progressive Huffman encoding (Arm Neon)
- *
- * Copyright (C) 2020-2021, Arm Limited.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#define JPEG_INTERNALS
-#include "../../jinclude.h"
-#include "../../jpeglib.h"
-#include "../../jsimd.h"
-#include "../../jdct.h"
-#include "../../jsimddct.h"
-#include "../jsimd.h"
-#include "neon-compat.h"
-
-#include <arm_neon.h>
-
-
-/* Data preparation for encode_mcu_AC_first().
- *
- * The equivalent scalar C function (encode_mcu_AC_first_prepare()) can be
- * found in jcphuff.c.
- */
-
-void jsimd_encode_mcu_AC_first_prepare_neon
-  (const JCOEF *block, const int *jpeg_natural_order_start, int Sl, int Al,
-   JCOEF *values, size_t *zerobits)
-{
-  JCOEF *values_ptr = values;
-  JCOEF *diff_values_ptr = values + DCTSIZE2;
-
-  /* Rows of coefficients to zero (since they haven't been processed) */
-  int i, rows_to_zero = 8;
-
-  for (i = 0; i < Sl / 16; i++) {
-    int16x8_t coefs1 = vld1q_dup_s16(block + jpeg_natural_order_start[0]);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[1], coefs1, 1);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[2], coefs1, 2);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[3], coefs1, 3);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[4], coefs1, 4);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[5], coefs1, 5);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[6], coefs1, 6);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[7], coefs1, 7);
-    int16x8_t coefs2 = vld1q_dup_s16(block + jpeg_natural_order_start[8]);
-    coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[9], coefs2, 1);
-    coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[10], coefs2, 2);
-    coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[11], coefs2, 3);
-    coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[12], coefs2, 4);
-    coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[13], coefs2, 5);
-    coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[14], coefs2, 6);
-    coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[15], coefs2, 7);
-
-    /* Isolate sign of coefficients. */
-    int16x8_t sign_coefs1 = vshrq_n_s16(coefs1, 15);
-    int16x8_t sign_coefs2 = vshrq_n_s16(coefs2, 15);
-    /* Compute absolute value of coefficients and apply point transform Al. */
-    int16x8_t abs_coefs1 = vabsq_s16(coefs1);
-    int16x8_t abs_coefs2 = vabsq_s16(coefs2);
-    coefs1 = vshlq_s16(abs_coefs1, vdupq_n_s16(-Al));
-    coefs2 = vshlq_s16(abs_coefs2, vdupq_n_s16(-Al));
-
-    /* Compute diff values. */
-    int16x8_t diff1 = veorq_s16(coefs1, sign_coefs1);
-    int16x8_t diff2 = veorq_s16(coefs2, sign_coefs2);
-
-    /* Store transformed coefficients and diff values. */
-    vst1q_s16(values_ptr, coefs1);
-    vst1q_s16(values_ptr + DCTSIZE, coefs2);
-    vst1q_s16(diff_values_ptr, diff1);
-    vst1q_s16(diff_values_ptr + DCTSIZE, diff2);
-    values_ptr += 16;
-    diff_values_ptr += 16;
-    jpeg_natural_order_start += 16;
-    rows_to_zero -= 2;
-  }
-
-  /* Same operation but for remaining partial vector */
-  int remaining_coefs = Sl % 16;
-  if (remaining_coefs > 8) {
-    int16x8_t coefs1 = vld1q_dup_s16(block + jpeg_natural_order_start[0]);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[1], coefs1, 1);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[2], coefs1, 2);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[3], coefs1, 3);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[4], coefs1, 4);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[5], coefs1, 5);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[6], coefs1, 6);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[7], coefs1, 7);
-    int16x8_t coefs2 = vdupq_n_s16(0);
-    switch (remaining_coefs) {
-    case 15:
-      coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[14], coefs2, 6);
-    case 14:
-      coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[13], coefs2, 5);
-    case 13:
-      coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[12], coefs2, 4);
-    case 12:
-      coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[11], coefs2, 3);
-    case 11:
-      coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[10], coefs2, 2);
-    case 10:
-      coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[9], coefs2, 1);
-    case 9:
-      coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[8], coefs2, 0);
-    default:
-      break;
-    }
-
-    /* Isolate sign of coefficients. */
-    int16x8_t sign_coefs1 = vshrq_n_s16(coefs1, 15);
-    int16x8_t sign_coefs2 = vshrq_n_s16(coefs2, 15);
-    /* Compute absolute value of coefficients and apply point transform Al. */
-    int16x8_t abs_coefs1 = vabsq_s16(coefs1);
-    int16x8_t abs_coefs2 = vabsq_s16(coefs2);
-    coefs1 = vshlq_s16(abs_coefs1, vdupq_n_s16(-Al));
-    coefs2 = vshlq_s16(abs_coefs2, vdupq_n_s16(-Al));
-
-    /* Compute diff values. */
-    int16x8_t diff1 = veorq_s16(coefs1, sign_coefs1);
-    int16x8_t diff2 = veorq_s16(coefs2, sign_coefs2);
-
-    /* Store transformed coefficients and diff values. */
-    vst1q_s16(values_ptr, coefs1);
-    vst1q_s16(values_ptr + DCTSIZE, coefs2);
-    vst1q_s16(diff_values_ptr, diff1);
-    vst1q_s16(diff_values_ptr + DCTSIZE, diff2);
-    values_ptr += 16;
-    diff_values_ptr += 16;
-    rows_to_zero -= 2;
-
-  } else if (remaining_coefs > 0) {
-    int16x8_t coefs = vdupq_n_s16(0);
-
-    switch (remaining_coefs) {
-    case 8:
-      coefs = vld1q_lane_s16(block + jpeg_natural_order_start[7], coefs, 7);
-    case 7:
-      coefs = vld1q_lane_s16(block + jpeg_natural_order_start[6], coefs, 6);
-    case 6:
-      coefs = vld1q_lane_s16(block + jpeg_natural_order_start[5], coefs, 5);
-    case 5:
-      coefs = vld1q_lane_s16(block + jpeg_natural_order_start[4], coefs, 4);
-    case 4:
-      coefs = vld1q_lane_s16(block + jpeg_natural_order_start[3], coefs, 3);
-    case 3:
-      coefs = vld1q_lane_s16(block + jpeg_natural_order_start[2], coefs, 2);
-    case 2:
-      coefs = vld1q_lane_s16(block + jpeg_natural_order_start[1], coefs, 1);
-    case 1:
-      coefs = vld1q_lane_s16(block + jpeg_natural_order_start[0], coefs, 0);
-    default:
-      break;
-    }
-
-    /* Isolate sign of coefficients. */
-    int16x8_t sign_coefs = vshrq_n_s16(coefs, 15);
-    /* Compute absolute value of coefficients and apply point transform Al. */
-    int16x8_t abs_coefs = vabsq_s16(coefs);
-    coefs = vshlq_s16(abs_coefs, vdupq_n_s16(-Al));
-
-    /* Compute diff values. */
-    int16x8_t diff = veorq_s16(coefs, sign_coefs);
-
-    /* Store transformed coefficients and diff values. */
-    vst1q_s16(values_ptr, coefs);
-    vst1q_s16(diff_values_ptr, diff);
-    values_ptr += 8;
-    diff_values_ptr += 8;
-    rows_to_zero--;
-  }
-
-  /* Zero remaining memory in the values and diff_values blocks. */
-  for (i = 0; i < rows_to_zero; i++) {
-    vst1q_s16(values_ptr, vdupq_n_s16(0));
-    vst1q_s16(diff_values_ptr, vdupq_n_s16(0));
-    values_ptr += 8;
-    diff_values_ptr += 8;
-  }
-
-  /* Construct zerobits bitmap.  A set bit means that the corresponding
-   * coefficient != 0.
-   */
-  int16x8_t row0 = vld1q_s16(values + 0 * DCTSIZE);
-  int16x8_t row1 = vld1q_s16(values + 1 * DCTSIZE);
-  int16x8_t row2 = vld1q_s16(values + 2 * DCTSIZE);
-  int16x8_t row3 = vld1q_s16(values + 3 * DCTSIZE);
-  int16x8_t row4 = vld1q_s16(values + 4 * DCTSIZE);
-  int16x8_t row5 = vld1q_s16(values + 5 * DCTSIZE);
-  int16x8_t row6 = vld1q_s16(values + 6 * DCTSIZE);
-  int16x8_t row7 = vld1q_s16(values + 7 * DCTSIZE);
-
-  uint8x8_t row0_eq0 = vmovn_u16(vceqq_s16(row0, vdupq_n_s16(0)));
-  uint8x8_t row1_eq0 = vmovn_u16(vceqq_s16(row1, vdupq_n_s16(0)));
-  uint8x8_t row2_eq0 = vmovn_u16(vceqq_s16(row2, vdupq_n_s16(0)));
-  uint8x8_t row3_eq0 = vmovn_u16(vceqq_s16(row3, vdupq_n_s16(0)));
-  uint8x8_t row4_eq0 = vmovn_u16(vceqq_s16(row4, vdupq_n_s16(0)));
-  uint8x8_t row5_eq0 = vmovn_u16(vceqq_s16(row5, vdupq_n_s16(0)));
-  uint8x8_t row6_eq0 = vmovn_u16(vceqq_s16(row6, vdupq_n_s16(0)));
-  uint8x8_t row7_eq0 = vmovn_u16(vceqq_s16(row7, vdupq_n_s16(0)));
-
-  /* { 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80 } */
-  const uint8x8_t bitmap_mask =
-    vreinterpret_u8_u64(vmov_n_u64(0x8040201008040201));
-
-  row0_eq0 = vand_u8(row0_eq0, bitmap_mask);
-  row1_eq0 = vand_u8(row1_eq0, bitmap_mask);
-  row2_eq0 = vand_u8(row2_eq0, bitmap_mask);
-  row3_eq0 = vand_u8(row3_eq0, bitmap_mask);
-  row4_eq0 = vand_u8(row4_eq0, bitmap_mask);
-  row5_eq0 = vand_u8(row5_eq0, bitmap_mask);
-  row6_eq0 = vand_u8(row6_eq0, bitmap_mask);
-  row7_eq0 = vand_u8(row7_eq0, bitmap_mask);
-
-  uint8x8_t bitmap_rows_01 = vpadd_u8(row0_eq0, row1_eq0);
-  uint8x8_t bitmap_rows_23 = vpadd_u8(row2_eq0, row3_eq0);
-  uint8x8_t bitmap_rows_45 = vpadd_u8(row4_eq0, row5_eq0);
-  uint8x8_t bitmap_rows_67 = vpadd_u8(row6_eq0, row7_eq0);
-  uint8x8_t bitmap_rows_0123 = vpadd_u8(bitmap_rows_01, bitmap_rows_23);
-  uint8x8_t bitmap_rows_4567 = vpadd_u8(bitmap_rows_45, bitmap_rows_67);
-  uint8x8_t bitmap_all = vpadd_u8(bitmap_rows_0123, bitmap_rows_4567);
-
-#if defined(__aarch64__) || defined(_M_ARM64)
-  /* Move bitmap to a 64-bit scalar register. */
-  uint64_t bitmap = vget_lane_u64(vreinterpret_u64_u8(bitmap_all), 0);
-  /* Store zerobits bitmap. */
-  *zerobits = ~bitmap;
-#else
-  /* Move bitmap to two 32-bit scalar registers. */
-  uint32_t bitmap0 = vget_lane_u32(vreinterpret_u32_u8(bitmap_all), 0);
-  uint32_t bitmap1 = vget_lane_u32(vreinterpret_u32_u8(bitmap_all), 1);
-  /* Store zerobits bitmap. */
-  zerobits[0] = ~bitmap0;
-  zerobits[1] = ~bitmap1;
-#endif
-}
-
-
-/* Data preparation for encode_mcu_AC_refine().
- *
- * The equivalent scalar C function (encode_mcu_AC_refine_prepare()) can be
- * found in jcphuff.c.
- */
-
-int jsimd_encode_mcu_AC_refine_prepare_neon
-  (const JCOEF *block, const int *jpeg_natural_order_start, int Sl, int Al,
-   JCOEF *absvalues, size_t *bits)
-{
-  /* Temporary storage buffers for data used to compute the signbits bitmap and
-   * the end-of-block (EOB) position
-   */
-  uint8_t coef_sign_bits[64];
-  uint8_t coef_eq1_bits[64];
-
-  JCOEF *absvalues_ptr = absvalues;
-  uint8_t *coef_sign_bits_ptr = coef_sign_bits;
-  uint8_t *eq1_bits_ptr = coef_eq1_bits;
-
-  /* Rows of coefficients to zero (since they haven't been processed) */
-  int i, rows_to_zero = 8;
-
-  for (i = 0; i < Sl / 16; i++) {
-    int16x8_t coefs1 = vld1q_dup_s16(block + jpeg_natural_order_start[0]);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[1], coefs1, 1);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[2], coefs1, 2);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[3], coefs1, 3);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[4], coefs1, 4);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[5], coefs1, 5);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[6], coefs1, 6);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[7], coefs1, 7);
-    int16x8_t coefs2 = vld1q_dup_s16(block + jpeg_natural_order_start[8]);
-    coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[9], coefs2, 1);
-    coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[10], coefs2, 2);
-    coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[11], coefs2, 3);
-    coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[12], coefs2, 4);
-    coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[13], coefs2, 5);
-    coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[14], coefs2, 6);
-    coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[15], coefs2, 7);
-
-    /* Compute and store data for signbits bitmap. */
-    uint8x8_t sign_coefs1 =
-      vmovn_u16(vreinterpretq_u16_s16(vshrq_n_s16(coefs1, 15)));
-    uint8x8_t sign_coefs2 =
-      vmovn_u16(vreinterpretq_u16_s16(vshrq_n_s16(coefs2, 15)));
-    vst1_u8(coef_sign_bits_ptr, sign_coefs1);
-    vst1_u8(coef_sign_bits_ptr + DCTSIZE, sign_coefs2);
-
-    /* Compute absolute value of coefficients and apply point transform Al. */
-    int16x8_t abs_coefs1 = vabsq_s16(coefs1);
-    int16x8_t abs_coefs2 = vabsq_s16(coefs2);
-    coefs1 = vshlq_s16(abs_coefs1, vdupq_n_s16(-Al));
-    coefs2 = vshlq_s16(abs_coefs2, vdupq_n_s16(-Al));
-    vst1q_s16(absvalues_ptr, coefs1);
-    vst1q_s16(absvalues_ptr + DCTSIZE, coefs2);
-
-    /* Test whether transformed coefficient values == 1 (used to find EOB
-     * position.)
-     */
-    uint8x8_t coefs_eq11 = vmovn_u16(vceqq_s16(coefs1, vdupq_n_s16(1)));
-    uint8x8_t coefs_eq12 = vmovn_u16(vceqq_s16(coefs2, vdupq_n_s16(1)));
-    vst1_u8(eq1_bits_ptr, coefs_eq11);
-    vst1_u8(eq1_bits_ptr + DCTSIZE, coefs_eq12);
-
-    absvalues_ptr += 16;
-    coef_sign_bits_ptr += 16;
-    eq1_bits_ptr += 16;
-    jpeg_natural_order_start += 16;
-    rows_to_zero -= 2;
-  }
-
-  /* Same operation but for remaining partial vector */
-  int remaining_coefs = Sl % 16;
-  if (remaining_coefs > 8) {
-    int16x8_t coefs1 = vld1q_dup_s16(block + jpeg_natural_order_start[0]);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[1], coefs1, 1);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[2], coefs1, 2);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[3], coefs1, 3);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[4], coefs1, 4);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[5], coefs1, 5);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[6], coefs1, 6);
-    coefs1 = vld1q_lane_s16(block + jpeg_natural_order_start[7], coefs1, 7);
-    int16x8_t coefs2 = vdupq_n_s16(0);
-    switch (remaining_coefs) {
-    case 15:
-      coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[14], coefs2, 6);
-    case 14:
-      coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[13], coefs2, 5);
-    case 13:
-      coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[12], coefs2, 4);
-    case 12:
-      coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[11], coefs2, 3);
-    case 11:
-      coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[10], coefs2, 2);
-    case 10:
-      coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[9], coefs2, 1);
-    case 9:
-      coefs2 = vld1q_lane_s16(block + jpeg_natural_order_start[8], coefs2, 0);
-    default:
-      break;
-    }
-
-    /* Compute and store data for signbits bitmap. */
-    uint8x8_t sign_coefs1 =
-      vmovn_u16(vreinterpretq_u16_s16(vshrq_n_s16(coefs1, 15)));
-    uint8x8_t sign_coefs2 =
-      vmovn_u16(vreinterpretq_u16_s16(vshrq_n_s16(coefs2, 15)));
-    vst1_u8(coef_sign_bits_ptr, sign_coefs1);
-    vst1_u8(coef_sign_bits_ptr + DCTSIZE, sign_coefs2);
-
-    /* Compute absolute value of coefficients and apply point transform Al. */
-    int16x8_t abs_coefs1 = vabsq_s16(coefs1);
-    int16x8_t abs_coefs2 = vabsq_s16(coefs2);
-    coefs1 = vshlq_s16(abs_coefs1, vdupq_n_s16(-Al));
-    coefs2 = vshlq_s16(abs_coefs2, vdupq_n_s16(-Al));
-    vst1q_s16(absvalues_ptr, coefs1);
-    vst1q_s16(absvalues_ptr + DCTSIZE, coefs2);
-
-    /* Test whether transformed coefficient values == 1 (used to find EOB
-     * position.)
-     */
-    uint8x8_t coefs_eq11 = vmovn_u16(vceqq_s16(coefs1, vdupq_n_s16(1)));
-    uint8x8_t coefs_eq12 = vmovn_u16(vceqq_s16(coefs2, vdupq_n_s16(1)));
-    vst1_u8(eq1_bits_ptr, coefs_eq11);
-    vst1_u8(eq1_bits_ptr + DCTSIZE, coefs_eq12);
-
-    absvalues_ptr += 16;
-    coef_sign_bits_ptr += 16;
-    eq1_bits_ptr += 16;
-    jpeg_natural_order_start += 16;
-    rows_to_zero -= 2;
-
-  } else if (remaining_coefs > 0) {
-    int16x8_t coefs = vdupq_n_s16(0);
-
-    switch (remaining_coefs) {
-    case 8:
-      coefs = vld1q_lane_s16(block + jpeg_natural_order_start[7], coefs, 7);
-    case 7:
-      coefs = vld1q_lane_s16(block + jpeg_natural_order_start[6], coefs, 6);
-    case 6:
-      coefs = vld1q_lane_s16(block + jpeg_natural_order_start[5], coefs, 5);
-    case 5:
-      coefs = vld1q_lane_s16(block + jpeg_natural_order_start[4], coefs, 4);
-    case 4:
-      coefs = vld1q_lane_s16(block + jpeg_natural_order_start[3], coefs, 3);
-    case 3:
-      coefs = vld1q_lane_s16(block + jpeg_natural_order_start[2], coefs, 2);
-    case 2:
-      coefs = vld1q_lane_s16(block + jpeg_natural_order_start[1], coefs, 1);
-    case 1:
-      coefs = vld1q_lane_s16(block + jpeg_natural_order_start[0], coefs, 0);
-    default:
-      break;
-    }
-
-    /* Compute and store data for signbits bitmap. */
-    uint8x8_t sign_coefs =
-      vmovn_u16(vreinterpretq_u16_s16(vshrq_n_s16(coefs, 15)));
-    vst1_u8(coef_sign_bits_ptr, sign_coefs);
-
-    /* Compute absolute value of coefficients and apply point transform Al. */
-    int16x8_t abs_coefs = vabsq_s16(coefs);
-    coefs = vshlq_s16(abs_coefs, vdupq_n_s16(-Al));
-    vst1q_s16(absvalues_ptr, coefs);
-
-    /* Test whether transformed coefficient values == 1 (used to find EOB
-     * position.)
-     */
-    uint8x8_t coefs_eq1 = vmovn_u16(vceqq_s16(coefs, vdupq_n_s16(1)));
-    vst1_u8(eq1_bits_ptr, coefs_eq1);
-
-    absvalues_ptr += 8;
-    coef_sign_bits_ptr += 8;
-    eq1_bits_ptr += 8;
-    rows_to_zero--;
-  }
-
-  /* Zero remaining memory in blocks. */
-  for (i = 0; i < rows_to_zero; i++) {
-    vst1q_s16(absvalues_ptr, vdupq_n_s16(0));
-    vst1_u8(coef_sign_bits_ptr, vdup_n_u8(0));
-    vst1_u8(eq1_bits_ptr, vdup_n_u8(0));
-    absvalues_ptr += 8;
-    coef_sign_bits_ptr += 8;
-    eq1_bits_ptr += 8;
-  }
-
-  /* Construct zerobits bitmap. */
-  int16x8_t abs_row0 = vld1q_s16(absvalues + 0 * DCTSIZE);
-  int16x8_t abs_row1 = vld1q_s16(absvalues + 1 * DCTSIZE);
-  int16x8_t abs_row2 = vld1q_s16(absvalues + 2 * DCTSIZE);
-  int16x8_t abs_row3 = vld1q_s16(absvalues + 3 * DCTSIZE);
-  int16x8_t abs_row4 = vld1q_s16(absvalues + 4 * DCTSIZE);
-  int16x8_t abs_row5 = vld1q_s16(absvalues + 5 * DCTSIZE);
-  int16x8_t abs_row6 = vld1q_s16(absvalues + 6 * DCTSIZE);
-  int16x8_t abs_row7 = vld1q_s16(absvalues + 7 * DCTSIZE);
-
-  uint8x8_t abs_row0_eq0 = vmovn_u16(vceqq_s16(abs_row0, vdupq_n_s16(0)));
-  uint8x8_t abs_row1_eq0 = vmovn_u16(vceqq_s16(abs_row1, vdupq_n_s16(0)));
-  uint8x8_t abs_row2_eq0 = vmovn_u16(vceqq_s16(abs_row2, vdupq_n_s16(0)));
-  uint8x8_t abs_row3_eq0 = vmovn_u16(vceqq_s16(abs_row3, vdupq_n_s16(0)));
-  uint8x8_t abs_row4_eq0 = vmovn_u16(vceqq_s16(abs_row4, vdupq_n_s16(0)));
-  uint8x8_t abs_row5_eq0 = vmovn_u16(vceqq_s16(abs_row5, vdupq_n_s16(0)));
-  uint8x8_t abs_row6_eq0 = vmovn_u16(vceqq_s16(abs_row6, vdupq_n_s16(0)));
-  uint8x8_t abs_row7_eq0 = vmovn_u16(vceqq_s16(abs_row7, vdupq_n_s16(0)));
-
-  /* { 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80 } */
-  const uint8x8_t bitmap_mask =
-    vreinterpret_u8_u64(vmov_n_u64(0x8040201008040201));
-
-  abs_row0_eq0 = vand_u8(abs_row0_eq0, bitmap_mask);
-  abs_row1_eq0 = vand_u8(abs_row1_eq0, bitmap_mask);
-  abs_row2_eq0 = vand_u8(abs_row2_eq0, bitmap_mask);
-  abs_row3_eq0 = vand_u8(abs_row3_eq0, bitmap_mask);
-  abs_row4_eq0 = vand_u8(abs_row4_eq0, bitmap_mask);
-  abs_row5_eq0 = vand_u8(abs_row5_eq0, bitmap_mask);
-  abs_row6_eq0 = vand_u8(abs_row6_eq0, bitmap_mask);
-  abs_row7_eq0 = vand_u8(abs_row7_eq0, bitmap_mask);
-
-  uint8x8_t bitmap_rows_01 = vpadd_u8(abs_row0_eq0, abs_row1_eq0);
-  uint8x8_t bitmap_rows_23 = vpadd_u8(abs_row2_eq0, abs_row3_eq0);
-  uint8x8_t bitmap_rows_45 = vpadd_u8(abs_row4_eq0, abs_row5_eq0);
-  uint8x8_t bitmap_rows_67 = vpadd_u8(abs_row6_eq0, abs_row7_eq0);
-  uint8x8_t bitmap_rows_0123 = vpadd_u8(bitmap_rows_01, bitmap_rows_23);
-  uint8x8_t bitmap_rows_4567 = vpadd_u8(bitmap_rows_45, bitmap_rows_67);
-  uint8x8_t bitmap_all = vpadd_u8(bitmap_rows_0123, bitmap_rows_4567);
-
-#if defined(__aarch64__) || defined(_M_ARM64)
-  /* Move bitmap to a 64-bit scalar register. */
-  uint64_t bitmap = vget_lane_u64(vreinterpret_u64_u8(bitmap_all), 0);
-  /* Store zerobits bitmap. */
-  bits[0] = ~bitmap;
-#else
-  /* Move bitmap to two 32-bit scalar registers. */
-  uint32_t bitmap0 = vget_lane_u32(vreinterpret_u32_u8(bitmap_all), 0);
-  uint32_t bitmap1 = vget_lane_u32(vreinterpret_u32_u8(bitmap_all), 1);
-  /* Store zerobits bitmap. */
-  bits[0] = ~bitmap0;
-  bits[1] = ~bitmap1;
-#endif
-
-  /* Construct signbits bitmap. */
-  uint8x8_t signbits_row0 = vld1_u8(coef_sign_bits + 0 * DCTSIZE);
-  uint8x8_t signbits_row1 = vld1_u8(coef_sign_bits + 1 * DCTSIZE);
-  uint8x8_t signbits_row2 = vld1_u8(coef_sign_bits + 2 * DCTSIZE);
-  uint8x8_t signbits_row3 = vld1_u8(coef_sign_bits + 3 * DCTSIZE);
-  uint8x8_t signbits_row4 = vld1_u8(coef_sign_bits + 4 * DCTSIZE);
-  uint8x8_t signbits_row5 = vld1_u8(coef_sign_bits + 5 * DCTSIZE);
-  uint8x8_t signbits_row6 = vld1_u8(coef_sign_bits + 6 * DCTSIZE);
-  uint8x8_t signbits_row7 = vld1_u8(coef_sign_bits + 7 * DCTSIZE);
-
-  signbits_row0 = vand_u8(signbits_row0, bitmap_mask);
-  signbits_row1 = vand_u8(signbits_row1, bitmap_mask);
-  signbits_row2 = vand_u8(signbits_row2, bitmap_mask);
-  signbits_row3 = vand_u8(signbits_row3, bitmap_mask);
-  signbits_row4 = vand_u8(signbits_row4, bitmap_mask);
-  signbits_row5 = vand_u8(signbits_row5, bitmap_mask);
-  signbits_row6 = vand_u8(signbits_row6, bitmap_mask);
-  signbits_row7 = vand_u8(signbits_row7, bitmap_mask);
-
-  bitmap_rows_01 = vpadd_u8(signbits_row0, signbits_row1);
-  bitmap_rows_23 = vpadd_u8(signbits_row2, signbits_row3);
-  bitmap_rows_45 = vpadd_u8(signbits_row4, signbits_row5);
-  bitmap_rows_67 = vpadd_u8(signbits_row6, signbits_row7);
-  bitmap_rows_0123 = vpadd_u8(bitmap_rows_01, bitmap_rows_23);
-  bitmap_rows_4567 = vpadd_u8(bitmap_rows_45, bitmap_rows_67);
-  bitmap_all = vpadd_u8(bitmap_rows_0123, bitmap_rows_4567);
-
-#if defined(__aarch64__) || defined(_M_ARM64)
-  /* Move bitmap to a 64-bit scalar register. */
-  bitmap = vget_lane_u64(vreinterpret_u64_u8(bitmap_all), 0);
-  /* Store signbits bitmap. */
-  bits[1] = ~bitmap;
-#else
-  /* Move bitmap to two 32-bit scalar registers. */
-  bitmap0 = vget_lane_u32(vreinterpret_u32_u8(bitmap_all), 0);
-  bitmap1 = vget_lane_u32(vreinterpret_u32_u8(bitmap_all), 1);
-  /* Store signbits bitmap. */
-  bits[2] = ~bitmap0;
-  bits[3] = ~bitmap1;
-#endif
-
-  /* Construct bitmap to find EOB position (the index of the last coefficient
-   * equal to 1.)
-   */
-  uint8x8_t row0_eq1 = vld1_u8(coef_eq1_bits + 0 * DCTSIZE);
-  uint8x8_t row1_eq1 = vld1_u8(coef_eq1_bits + 1 * DCTSIZE);
-  uint8x8_t row2_eq1 = vld1_u8(coef_eq1_bits + 2 * DCTSIZE);
-  uint8x8_t row3_eq1 = vld1_u8(coef_eq1_bits + 3 * DCTSIZE);
-  uint8x8_t row4_eq1 = vld1_u8(coef_eq1_bits + 4 * DCTSIZE);
-  uint8x8_t row5_eq1 = vld1_u8(coef_eq1_bits + 5 * DCTSIZE);
-  uint8x8_t row6_eq1 = vld1_u8(coef_eq1_bits + 6 * DCTSIZE);
-  uint8x8_t row7_eq1 = vld1_u8(coef_eq1_bits + 7 * DCTSIZE);
-
-  row0_eq1 = vand_u8(row0_eq1, bitmap_mask);
-  row1_eq1 = vand_u8(row1_eq1, bitmap_mask);
-  row2_eq1 = vand_u8(row2_eq1, bitmap_mask);
-  row3_eq1 = vand_u8(row3_eq1, bitmap_mask);
-  row4_eq1 = vand_u8(row4_eq1, bitmap_mask);
-  row5_eq1 = vand_u8(row5_eq1, bitmap_mask);
-  row6_eq1 = vand_u8(row6_eq1, bitmap_mask);
-  row7_eq1 = vand_u8(row7_eq1, bitmap_mask);
-
-  bitmap_rows_01 = vpadd_u8(row0_eq1, row1_eq1);
-  bitmap_rows_23 = vpadd_u8(row2_eq1, row3_eq1);
-  bitmap_rows_45 = vpadd_u8(row4_eq1, row5_eq1);
-  bitmap_rows_67 = vpadd_u8(row6_eq1, row7_eq1);
-  bitmap_rows_0123 = vpadd_u8(bitmap_rows_01, bitmap_rows_23);
-  bitmap_rows_4567 = vpadd_u8(bitmap_rows_45, bitmap_rows_67);
-  bitmap_all = vpadd_u8(bitmap_rows_0123, bitmap_rows_4567);
-
-#if defined(__aarch64__) || defined(_M_ARM64)
-  /* Move bitmap to a 64-bit scalar register. */
-  bitmap = vget_lane_u64(vreinterpret_u64_u8(bitmap_all), 0);
-
-  /* Return EOB position. */
-  if (bitmap == 0) {
-    /* EOB position is defined to be 0 if all coefficients != 1. */
-    return 0;
-  } else {
-    return 63 - BUILTIN_CLZLL(bitmap);
-  }
-#else
-  /* Move bitmap to two 32-bit scalar registers. */
-  bitmap0 = vget_lane_u32(vreinterpret_u32_u8(bitmap_all), 0);
-  bitmap1 = vget_lane_u32(vreinterpret_u32_u8(bitmap_all), 1);
-
-  /* Return EOB position. */
-  if (bitmap0 == 0 && bitmap1 == 0) {
-    return 0;
-  } else if (bitmap1 != 0) {
-    return 63 - BUILTIN_CLZ(bitmap1);
-  } else {
-    return 31 - BUILTIN_CLZ(bitmap0);
-  }
-#endif
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jcsample-neon.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jcsample-neon.c
deleted file mode 100644
index 8a3e237..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jcsample-neon.c
+++ /dev/null
@@ -1,192 +0,0 @@
-/*
- * jcsample-neon.c - downsampling (Arm Neon)
- *
- * Copyright (C) 2020, Arm Limited.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#define JPEG_INTERNALS
-#include "../../jinclude.h"
-#include "../../jpeglib.h"
-#include "../../jsimd.h"
-#include "../../jdct.h"
-#include "../../jsimddct.h"
-#include "../jsimd.h"
-#include "align.h"
-
-#include <arm_neon.h>
-
-
-ALIGN(16) static const uint8_t jsimd_h2_downsample_consts[] = {
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,   /* Pad 0 */
-  0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,   /* Pad 1 */
-  0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0E,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,   /* Pad 2 */
-  0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0D, 0x0D,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,   /* Pad 3 */
-  0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0C, 0x0C, 0x0C,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,   /* Pad 4 */
-  0x08, 0x09, 0x0A, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,   /* Pad 5 */
-  0x08, 0x09, 0x0A, 0x0A, 0x0A, 0x0A, 0x0A, 0x0A,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,   /* Pad 6 */
-  0x08, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,   /* Pad 7 */
-  0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,   /* Pad 8 */
-  0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x06,   /* Pad 9 */
-  0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x05, 0x05,   /* Pad 10 */
-  0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x04, 0x04, 0x04,   /* Pad 11 */
-  0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04,
-  0x00, 0x01, 0x02, 0x03, 0x03, 0x03, 0x03, 0x03,   /* Pad 12 */
-  0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
-  0x00, 0x01, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,   /* Pad 13 */
-  0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
-  0x00, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,   /* Pad 14 */
-  0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
-  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,   /* Pad 15 */
-  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-};
-
-
-/* Downsample pixel values of a single component.
- * This version handles the common case of 2:1 horizontal and 1:1 vertical,
- * without smoothing.
- */
-
-void jsimd_h2v1_downsample_neon(JDIMENSION image_width, int max_v_samp_factor,
-                                JDIMENSION v_samp_factor,
-                                JDIMENSION width_in_blocks,
-                                JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  JSAMPROW inptr, outptr;
-  /* Load expansion mask to pad remaining elements of last DCT block. */
-  const int mask_offset = 16 * ((width_in_blocks * 2 * DCTSIZE) - image_width);
-  const uint8x16_t expand_mask =
-    vld1q_u8(&jsimd_h2_downsample_consts[mask_offset]);
-  /* Load bias pattern (alternating every pixel.) */
-  /* { 0, 1, 0, 1, 0, 1, 0, 1 } */
-  const uint16x8_t bias = vreinterpretq_u16_u32(vdupq_n_u32(0x00010000));
-  unsigned i, outrow;
-
-  for (outrow = 0; outrow < v_samp_factor; outrow++) {
-    outptr = output_data[outrow];
-    inptr = input_data[outrow];
-
-    /* Downsample all but the last DCT block of pixels. */
-    for (i = 0; i < width_in_blocks - 1; i++) {
-      uint8x16_t pixels = vld1q_u8(inptr + i * 2 * DCTSIZE);
-      /* Add adjacent pixel values, widen to 16-bit, and add bias. */
-      uint16x8_t samples_u16 = vpadalq_u8(bias, pixels);
-      /* Divide total by 2 and narrow to 8-bit. */
-      uint8x8_t samples_u8 = vshrn_n_u16(samples_u16, 1);
-      /* Store samples to memory. */
-      vst1_u8(outptr + i * DCTSIZE, samples_u8);
-    }
-
-    /* Load pixels in last DCT block into a table. */
-    uint8x16_t pixels = vld1q_u8(inptr + (width_in_blocks - 1) * 2 * DCTSIZE);
-#if defined(__aarch64__) || defined(_M_ARM64)
-    /* Pad the empty elements with the value of the last pixel. */
-    pixels = vqtbl1q_u8(pixels, expand_mask);
-#else
-    uint8x8x2_t table = { { vget_low_u8(pixels), vget_high_u8(pixels) } };
-    pixels = vcombine_u8(vtbl2_u8(table, vget_low_u8(expand_mask)),
-                         vtbl2_u8(table, vget_high_u8(expand_mask)));
-#endif
-    /* Add adjacent pixel values, widen to 16-bit, and add bias. */
-    uint16x8_t samples_u16 = vpadalq_u8(bias, pixels);
-    /* Divide total by 2, narrow to 8-bit, and store. */
-    uint8x8_t samples_u8 = vshrn_n_u16(samples_u16, 1);
-    vst1_u8(outptr + (width_in_blocks - 1) * DCTSIZE, samples_u8);
-  }
-}
-
-
-/* Downsample pixel values of a single component.
- * This version handles the standard case of 2:1 horizontal and 2:1 vertical,
- * without smoothing.
- */
-
-void jsimd_h2v2_downsample_neon(JDIMENSION image_width, int max_v_samp_factor,
-                                JDIMENSION v_samp_factor,
-                                JDIMENSION width_in_blocks,
-                                JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  JSAMPROW inptr0, inptr1, outptr;
-  /* Load expansion mask to pad remaining elements of last DCT block. */
-  const int mask_offset = 16 * ((width_in_blocks * 2 * DCTSIZE) - image_width);
-  const uint8x16_t expand_mask =
-    vld1q_u8(&jsimd_h2_downsample_consts[mask_offset]);
-  /* Load bias pattern (alternating every pixel.) */
-  /* { 1, 2, 1, 2, 1, 2, 1, 2 } */
-  const uint16x8_t bias = vreinterpretq_u16_u32(vdupq_n_u32(0x00020001));
-  unsigned i, outrow;
-
-  for (outrow = 0; outrow < v_samp_factor; outrow++) {
-    outptr = output_data[outrow];
-    inptr0 = input_data[outrow];
-    inptr1 = input_data[outrow + 1];
-
-    /* Downsample all but the last DCT block of pixels. */
-    for (i = 0; i < width_in_blocks - 1; i++) {
-      uint8x16_t pixels_r0 = vld1q_u8(inptr0 + i * 2 * DCTSIZE);
-      uint8x16_t pixels_r1 = vld1q_u8(inptr1 + i * 2 * DCTSIZE);
-      /* Add adjacent pixel values in row 0, widen to 16-bit, and add bias. */
-      uint16x8_t samples_u16 = vpadalq_u8(bias, pixels_r0);
-      /* Add adjacent pixel values in row 1, widen to 16-bit, and accumulate.
-       */
-      samples_u16 = vpadalq_u8(samples_u16, pixels_r1);
-      /* Divide total by 4 and narrow to 8-bit. */
-      uint8x8_t samples_u8 = vshrn_n_u16(samples_u16, 2);
-      /* Store samples to memory and increment pointers. */
-      vst1_u8(outptr + i * DCTSIZE, samples_u8);
-    }
-
-    /* Load pixels in last DCT block into a table. */
-    uint8x16_t pixels_r0 =
-      vld1q_u8(inptr0 + (width_in_blocks - 1) * 2 * DCTSIZE);
-    uint8x16_t pixels_r1 =
-      vld1q_u8(inptr1 + (width_in_blocks - 1) * 2 * DCTSIZE);
-#if defined(__aarch64__) || defined(_M_ARM64)
-    /* Pad the empty elements with the value of the last pixel. */
-    pixels_r0 = vqtbl1q_u8(pixels_r0, expand_mask);
-    pixels_r1 = vqtbl1q_u8(pixels_r1, expand_mask);
-#else
-    uint8x8x2_t table_r0 =
-      { { vget_low_u8(pixels_r0), vget_high_u8(pixels_r0) } };
-    uint8x8x2_t table_r1 =
-      { { vget_low_u8(pixels_r1), vget_high_u8(pixels_r1) } };
-    pixels_r0 = vcombine_u8(vtbl2_u8(table_r0, vget_low_u8(expand_mask)),
-                            vtbl2_u8(table_r0, vget_high_u8(expand_mask)));
-    pixels_r1 = vcombine_u8(vtbl2_u8(table_r1, vget_low_u8(expand_mask)),
-                            vtbl2_u8(table_r1, vget_high_u8(expand_mask)));
-#endif
-    /* Add adjacent pixel values in row 0, widen to 16-bit, and add bias. */
-    uint16x8_t samples_u16 = vpadalq_u8(bias, pixels_r0);
-    /* Add adjacent pixel values in row 1, widen to 16-bit, and accumulate. */
-    samples_u16 = vpadalq_u8(samples_u16, pixels_r1);
-    /* Divide total by 4, narrow to 8-bit, and store. */
-    uint8x8_t samples_u8 = vshrn_n_u16(samples_u16, 2);
-    vst1_u8(outptr + (width_in_blocks - 1) * DCTSIZE, samples_u8);
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jdcolext-neon.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jdcolext-neon.c
deleted file mode 100644
index ae440f4..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jdcolext-neon.c
+++ /dev/null
@@ -1,353 +0,0 @@
-/*
- * jdcolext-neon.c - colorspace conversion (Arm Neon)
- *
- * Copyright (C) 2020, Arm Limited.  All Rights Reserved.
- * Copyright (C) 2020, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* This file is included by jdcolor-neon.c. */
-
-
-/* YCbCr -> RGB conversion is defined by the following equations:
- *    R = Y                        + 1.40200 * (Cr - 128)
- *    G = Y - 0.34414 * (Cb - 128) - 0.71414 * (Cr - 128)
- *    B = Y + 1.77200 * (Cb - 128)
- *
- * Scaled integer constants are used to avoid floating-point arithmetic:
- *    0.3441467 = 11277 * 2^-15
- *    0.7141418 = 23401 * 2^-15
- *    1.4020386 = 22971 * 2^-14
- *    1.7720337 = 29033 * 2^-14
- * These constants are defined in jdcolor-neon.c.
- *
- * To ensure correct results, rounding is used when descaling.
- */
-
-/* Notes on safe memory access for YCbCr -> RGB conversion routines:
- *
- * Input memory buffers can be safely overread up to the next multiple of
- * ALIGN_SIZE bytes, since they are always allocated by alloc_sarray() in
- * jmemmgr.c.
- *
- * The output buffer cannot safely be written beyond output_width, since
- * output_buf points to a possibly unpadded row in the decompressed image
- * buffer allocated by the calling program.
- */
-
-void jsimd_ycc_rgb_convert_neon(JDIMENSION output_width, JSAMPIMAGE input_buf,
-                                JDIMENSION input_row, JSAMPARRAY output_buf,
-                                int num_rows)
-{
-  JSAMPROW outptr;
-  /* Pointers to Y, Cb, and Cr data */
-  JSAMPROW inptr0, inptr1, inptr2;
-
-  const int16x4_t consts = vld1_s16(jsimd_ycc_rgb_convert_neon_consts);
-  const int16x8_t neg_128 = vdupq_n_s16(-128);
-
-  while (--num_rows >= 0) {
-    inptr0 = input_buf[0][input_row];
-    inptr1 = input_buf[1][input_row];
-    inptr2 = input_buf[2][input_row];
-    input_row++;
-    outptr = *output_buf++;
-    int cols_remaining = output_width;
-    for (; cols_remaining >= 16; cols_remaining -= 16) {
-      uint8x16_t y  = vld1q_u8(inptr0);
-      uint8x16_t cb = vld1q_u8(inptr1);
-      uint8x16_t cr = vld1q_u8(inptr2);
-      /* Subtract 128 from Cb and Cr. */
-      int16x8_t cr_128_l =
-        vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(neg_128),
-                                       vget_low_u8(cr)));
-      int16x8_t cr_128_h =
-        vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(neg_128),
-                                       vget_high_u8(cr)));
-      int16x8_t cb_128_l =
-        vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(neg_128),
-                                       vget_low_u8(cb)));
-      int16x8_t cb_128_h =
-        vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(neg_128),
-                                       vget_high_u8(cb)));
-      /* Compute G-Y: - 0.34414 * (Cb - 128) - 0.71414 * (Cr - 128) */
-      int32x4_t g_sub_y_ll = vmull_lane_s16(vget_low_s16(cb_128_l), consts, 0);
-      int32x4_t g_sub_y_lh = vmull_lane_s16(vget_high_s16(cb_128_l),
-                                            consts, 0);
-      int32x4_t g_sub_y_hl = vmull_lane_s16(vget_low_s16(cb_128_h), consts, 0);
-      int32x4_t g_sub_y_hh = vmull_lane_s16(vget_high_s16(cb_128_h),
-                                            consts, 0);
-      g_sub_y_ll = vmlsl_lane_s16(g_sub_y_ll, vget_low_s16(cr_128_l),
-                                  consts, 1);
-      g_sub_y_lh = vmlsl_lane_s16(g_sub_y_lh, vget_high_s16(cr_128_l),
-                                  consts, 1);
-      g_sub_y_hl = vmlsl_lane_s16(g_sub_y_hl, vget_low_s16(cr_128_h),
-                                  consts, 1);
-      g_sub_y_hh = vmlsl_lane_s16(g_sub_y_hh, vget_high_s16(cr_128_h),
-                                  consts, 1);
-      /* Descale G components: shift right 15, round, and narrow to 16-bit. */
-      int16x8_t g_sub_y_l = vcombine_s16(vrshrn_n_s32(g_sub_y_ll, 15),
-                                         vrshrn_n_s32(g_sub_y_lh, 15));
-      int16x8_t g_sub_y_h = vcombine_s16(vrshrn_n_s32(g_sub_y_hl, 15),
-                                         vrshrn_n_s32(g_sub_y_hh, 15));
-      /* Compute R-Y: 1.40200 * (Cr - 128) */
-      int16x8_t r_sub_y_l = vqrdmulhq_lane_s16(vshlq_n_s16(cr_128_l, 1),
-                                               consts, 2);
-      int16x8_t r_sub_y_h = vqrdmulhq_lane_s16(vshlq_n_s16(cr_128_h, 1),
-                                               consts, 2);
-      /* Compute B-Y: 1.77200 * (Cb - 128) */
-      int16x8_t b_sub_y_l = vqrdmulhq_lane_s16(vshlq_n_s16(cb_128_l, 1),
-                                               consts, 3);
-      int16x8_t b_sub_y_h = vqrdmulhq_lane_s16(vshlq_n_s16(cb_128_h, 1),
-                                               consts, 3);
-      /* Add Y. */
-      int16x8_t r_l =
-        vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(r_sub_y_l),
-                                       vget_low_u8(y)));
-      int16x8_t r_h =
-        vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(r_sub_y_h),
-                                       vget_high_u8(y)));
-      int16x8_t b_l =
-        vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(b_sub_y_l),
-                                       vget_low_u8(y)));
-      int16x8_t b_h =
-        vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(b_sub_y_h),
-                                       vget_high_u8(y)));
-      int16x8_t g_l =
-        vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(g_sub_y_l),
-                                       vget_low_u8(y)));
-      int16x8_t g_h =
-        vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(g_sub_y_h),
-                                       vget_high_u8(y)));
-
-#if RGB_PIXELSIZE == 4
-      uint8x16x4_t rgba;
-      /* Convert each component to unsigned and narrow, clamping to [0-255]. */
-      rgba.val[RGB_RED] = vcombine_u8(vqmovun_s16(r_l), vqmovun_s16(r_h));
-      rgba.val[RGB_GREEN] = vcombine_u8(vqmovun_s16(g_l), vqmovun_s16(g_h));
-      rgba.val[RGB_BLUE] = vcombine_u8(vqmovun_s16(b_l), vqmovun_s16(b_h));
-      /* Set alpha channel to opaque (0xFF). */
-      rgba.val[RGB_ALPHA] = vdupq_n_u8(0xFF);
-      /* Store RGBA pixel data to memory. */
-      vst4q_u8(outptr, rgba);
-#elif RGB_PIXELSIZE == 3
-      uint8x16x3_t rgb;
-      /* Convert each component to unsigned and narrow, clamping to [0-255]. */
-      rgb.val[RGB_RED] = vcombine_u8(vqmovun_s16(r_l), vqmovun_s16(r_h));
-      rgb.val[RGB_GREEN] = vcombine_u8(vqmovun_s16(g_l), vqmovun_s16(g_h));
-      rgb.val[RGB_BLUE] = vcombine_u8(vqmovun_s16(b_l), vqmovun_s16(b_h));
-      /* Store RGB pixel data to memory. */
-      vst3q_u8(outptr, rgb);
-#else
-      /* Pack R, G, and B values in ratio 5:6:5. */
-      uint16x8_t rgb565_l = vqshluq_n_s16(r_l, 8);
-      rgb565_l = vsriq_n_u16(rgb565_l, vqshluq_n_s16(g_l, 8), 5);
-      rgb565_l = vsriq_n_u16(rgb565_l, vqshluq_n_s16(b_l, 8), 11);
-      uint16x8_t rgb565_h = vqshluq_n_s16(r_h, 8);
-      rgb565_h = vsriq_n_u16(rgb565_h, vqshluq_n_s16(g_h, 8), 5);
-      rgb565_h = vsriq_n_u16(rgb565_h, vqshluq_n_s16(b_h, 8), 11);
-      /* Store RGB pixel data to memory. */
-      vst1q_u16((uint16_t *)outptr, rgb565_l);
-      vst1q_u16(((uint16_t *)outptr) + 8, rgb565_h);
-#endif
-
-      /* Increment pointers. */
-      inptr0 += 16;
-      inptr1 += 16;
-      inptr2 += 16;
-      outptr += (RGB_PIXELSIZE * 16);
-    }
-
-    if (cols_remaining >= 8) {
-      uint8x8_t y  = vld1_u8(inptr0);
-      uint8x8_t cb = vld1_u8(inptr1);
-      uint8x8_t cr = vld1_u8(inptr2);
-      /* Subtract 128 from Cb and Cr. */
-      int16x8_t cr_128 =
-        vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(neg_128), cr));
-      int16x8_t cb_128 =
-        vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(neg_128), cb));
-      /* Compute G-Y: - 0.34414 * (Cb - 128) - 0.71414 * (Cr - 128) */
-      int32x4_t g_sub_y_l = vmull_lane_s16(vget_low_s16(cb_128), consts, 0);
-      int32x4_t g_sub_y_h = vmull_lane_s16(vget_high_s16(cb_128), consts, 0);
-      g_sub_y_l = vmlsl_lane_s16(g_sub_y_l, vget_low_s16(cr_128), consts, 1);
-      g_sub_y_h = vmlsl_lane_s16(g_sub_y_h, vget_high_s16(cr_128), consts, 1);
-      /* Descale G components: shift right 15, round, and narrow to 16-bit. */
-      int16x8_t g_sub_y = vcombine_s16(vrshrn_n_s32(g_sub_y_l, 15),
-                                       vrshrn_n_s32(g_sub_y_h, 15));
-      /* Compute R-Y: 1.40200 * (Cr - 128) */
-      int16x8_t r_sub_y = vqrdmulhq_lane_s16(vshlq_n_s16(cr_128, 1),
-                                             consts, 2);
-      /* Compute B-Y: 1.77200 * (Cb - 128) */
-      int16x8_t b_sub_y = vqrdmulhq_lane_s16(vshlq_n_s16(cb_128, 1),
-                                             consts, 3);
-      /* Add Y. */
-      int16x8_t r =
-        vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(r_sub_y), y));
-      int16x8_t b =
-        vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(b_sub_y), y));
-      int16x8_t g =
-        vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(g_sub_y), y));
-
-#if RGB_PIXELSIZE == 4
-      uint8x8x4_t rgba;
-      /* Convert each component to unsigned and narrow, clamping to [0-255]. */
-      rgba.val[RGB_RED] = vqmovun_s16(r);
-      rgba.val[RGB_GREEN] = vqmovun_s16(g);
-      rgba.val[RGB_BLUE] = vqmovun_s16(b);
-      /* Set alpha channel to opaque (0xFF). */
-      rgba.val[RGB_ALPHA] = vdup_n_u8(0xFF);
-      /* Store RGBA pixel data to memory. */
-      vst4_u8(outptr, rgba);
-#elif RGB_PIXELSIZE == 3
-      uint8x8x3_t rgb;
-      /* Convert each component to unsigned and narrow, clamping to [0-255]. */
-      rgb.val[RGB_RED] = vqmovun_s16(r);
-      rgb.val[RGB_GREEN] = vqmovun_s16(g);
-      rgb.val[RGB_BLUE] = vqmovun_s16(b);
-      /* Store RGB pixel data to memory. */
-      vst3_u8(outptr, rgb);
-#else
-      /* Pack R, G, and B values in ratio 5:6:5. */
-      uint16x8_t rgb565 = vqshluq_n_s16(r, 8);
-      rgb565 = vsriq_n_u16(rgb565, vqshluq_n_s16(g, 8), 5);
-      rgb565 = vsriq_n_u16(rgb565, vqshluq_n_s16(b, 8), 11);
-      /* Store RGB pixel data to memory. */
-      vst1q_u16((uint16_t *)outptr, rgb565);
-#endif
-
-      /* Increment pointers. */
-      inptr0 += 8;
-      inptr1 += 8;
-      inptr2 += 8;
-      outptr += (RGB_PIXELSIZE * 8);
-      cols_remaining -= 8;
-    }
-
-    /* Handle the tail elements. */
-    if (cols_remaining > 0) {
-      uint8x8_t y  = vld1_u8(inptr0);
-      uint8x8_t cb = vld1_u8(inptr1);
-      uint8x8_t cr = vld1_u8(inptr2);
-      /* Subtract 128 from Cb and Cr. */
-      int16x8_t cr_128 =
-        vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(neg_128), cr));
-      int16x8_t cb_128 =
-        vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(neg_128), cb));
-      /* Compute G-Y: - 0.34414 * (Cb - 128) - 0.71414 * (Cr - 128) */
-      int32x4_t g_sub_y_l = vmull_lane_s16(vget_low_s16(cb_128), consts, 0);
-      int32x4_t g_sub_y_h = vmull_lane_s16(vget_high_s16(cb_128), consts, 0);
-      g_sub_y_l = vmlsl_lane_s16(g_sub_y_l, vget_low_s16(cr_128), consts, 1);
-      g_sub_y_h = vmlsl_lane_s16(g_sub_y_h, vget_high_s16(cr_128), consts, 1);
-      /* Descale G components: shift right 15, round, and narrow to 16-bit. */
-      int16x8_t g_sub_y = vcombine_s16(vrshrn_n_s32(g_sub_y_l, 15),
-                                       vrshrn_n_s32(g_sub_y_h, 15));
-      /* Compute R-Y: 1.40200 * (Cr - 128) */
-      int16x8_t r_sub_y = vqrdmulhq_lane_s16(vshlq_n_s16(cr_128, 1),
-                                             consts, 2);
-      /* Compute B-Y: 1.77200 * (Cb - 128) */
-      int16x8_t b_sub_y = vqrdmulhq_lane_s16(vshlq_n_s16(cb_128, 1),
-                                             consts, 3);
-      /* Add Y. */
-      int16x8_t r =
-        vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(r_sub_y), y));
-      int16x8_t b =
-        vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(b_sub_y), y));
-      int16x8_t g =
-        vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(g_sub_y), y));
-
-#if RGB_PIXELSIZE == 4
-      uint8x8x4_t rgba;
-      /* Convert each component to unsigned and narrow, clamping to [0-255]. */
-      rgba.val[RGB_RED] = vqmovun_s16(r);
-      rgba.val[RGB_GREEN] = vqmovun_s16(g);
-      rgba.val[RGB_BLUE] = vqmovun_s16(b);
-      /* Set alpha channel to opaque (0xFF). */
-      rgba.val[RGB_ALPHA] = vdup_n_u8(0xFF);
-      /* Store RGBA pixel data to memory. */
-      switch (cols_remaining) {
-      case 7:
-        vst4_lane_u8(outptr + 6 * RGB_PIXELSIZE, rgba, 6);
-      case 6:
-        vst4_lane_u8(outptr + 5 * RGB_PIXELSIZE, rgba, 5);
-      case 5:
-        vst4_lane_u8(outptr + 4 * RGB_PIXELSIZE, rgba, 4);
-      case 4:
-        vst4_lane_u8(outptr + 3 * RGB_PIXELSIZE, rgba, 3);
-      case 3:
-        vst4_lane_u8(outptr + 2 * RGB_PIXELSIZE, rgba, 2);
-      case 2:
-        vst4_lane_u8(outptr + RGB_PIXELSIZE, rgba, 1);
-      case 1:
-        vst4_lane_u8(outptr, rgba, 0);
-      default:
-        break;
-      }
-#elif RGB_PIXELSIZE == 3
-      uint8x8x3_t rgb;
-      /* Convert each component to unsigned and narrow, clamping to [0-255]. */
-      rgb.val[RGB_RED] = vqmovun_s16(r);
-      rgb.val[RGB_GREEN] = vqmovun_s16(g);
-      rgb.val[RGB_BLUE] = vqmovun_s16(b);
-      /* Store RGB pixel data to memory. */
-      switch (cols_remaining) {
-      case 7:
-        vst3_lane_u8(outptr + 6 * RGB_PIXELSIZE, rgb, 6);
-      case 6:
-        vst3_lane_u8(outptr + 5 * RGB_PIXELSIZE, rgb, 5);
-      case 5:
-        vst3_lane_u8(outptr + 4 * RGB_PIXELSIZE, rgb, 4);
-      case 4:
-        vst3_lane_u8(outptr + 3 * RGB_PIXELSIZE, rgb, 3);
-      case 3:
-        vst3_lane_u8(outptr + 2 * RGB_PIXELSIZE, rgb, 2);
-      case 2:
-        vst3_lane_u8(outptr + RGB_PIXELSIZE, rgb, 1);
-      case 1:
-        vst3_lane_u8(outptr, rgb, 0);
-      default:
-        break;
-      }
-#else
-      /* Pack R, G, and B values in ratio 5:6:5. */
-      uint16x8_t rgb565 = vqshluq_n_s16(r, 8);
-      rgb565 = vsriq_n_u16(rgb565, vqshluq_n_s16(g, 8), 5);
-      rgb565 = vsriq_n_u16(rgb565, vqshluq_n_s16(b, 8), 11);
-      /* Store RGB565 pixel data to memory. */
-      switch (cols_remaining) {
-      case 7:
-        vst1q_lane_u16((uint16_t *)(outptr + 6 * RGB_PIXELSIZE), rgb565, 6);
-      case 6:
-        vst1q_lane_u16((uint16_t *)(outptr + 5 * RGB_PIXELSIZE), rgb565, 5);
-      case 5:
-        vst1q_lane_u16((uint16_t *)(outptr + 4 * RGB_PIXELSIZE), rgb565, 4);
-      case 4:
-        vst1q_lane_u16((uint16_t *)(outptr + 3 * RGB_PIXELSIZE), rgb565, 3);
-      case 3:
-        vst1q_lane_u16((uint16_t *)(outptr + 2 * RGB_PIXELSIZE), rgb565, 2);
-      case 2:
-        vst1q_lane_u16((uint16_t *)(outptr + RGB_PIXELSIZE), rgb565, 1);
-      case 1:
-        vst1q_lane_u16((uint16_t *)outptr, rgb565, 0);
-      default:
-        break;
-      }
-#endif
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jdcolor-neon.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jdcolor-neon.c
deleted file mode 100644
index 28dbc57..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jdcolor-neon.c
+++ /dev/null
@@ -1,141 +0,0 @@
-/*
- * jdcolor-neon.c - colorspace conversion (Arm Neon)
- *
- * Copyright (C) 2020, Arm Limited.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#define JPEG_INTERNALS
-#include "../../jinclude.h"
-#include "../../jpeglib.h"
-#include "../../jsimd.h"
-#include "../../jdct.h"
-#include "../../jsimddct.h"
-#include "../jsimd.h"
-#include "align.h"
-
-#include <arm_neon.h>
-
-
-/* YCbCr -> RGB conversion constants */
-
-#define F_0_344  11277  /* 0.3441467 = 11277 * 2^-15 */
-#define F_0_714  23401  /* 0.7141418 = 23401 * 2^-15 */
-#define F_1_402  22971  /* 1.4020386 = 22971 * 2^-14 */
-#define F_1_772  29033  /* 1.7720337 = 29033 * 2^-14 */
-
-ALIGN(16) static const int16_t jsimd_ycc_rgb_convert_neon_consts[] = {
-  -F_0_344, F_0_714, F_1_402, F_1_772
-};
-
-
-/* Include inline routines for colorspace extensions. */
-
-#include "jdcolext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-
-#define RGB_RED  EXT_RGB_RED
-#define RGB_GREEN  EXT_RGB_GREEN
-#define RGB_BLUE  EXT_RGB_BLUE
-#define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-#define jsimd_ycc_rgb_convert_neon  jsimd_ycc_extrgb_convert_neon
-#include "jdcolext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_ycc_rgb_convert_neon
-
-#define RGB_RED  EXT_RGBX_RED
-#define RGB_GREEN  EXT_RGBX_GREEN
-#define RGB_BLUE  EXT_RGBX_BLUE
-#define RGB_ALPHA  3
-#define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-#define jsimd_ycc_rgb_convert_neon  jsimd_ycc_extrgbx_convert_neon
-#include "jdcolext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_ALPHA
-#undef RGB_PIXELSIZE
-#undef jsimd_ycc_rgb_convert_neon
-
-#define RGB_RED  EXT_BGR_RED
-#define RGB_GREEN  EXT_BGR_GREEN
-#define RGB_BLUE  EXT_BGR_BLUE
-#define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-#define jsimd_ycc_rgb_convert_neon  jsimd_ycc_extbgr_convert_neon
-#include "jdcolext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_ycc_rgb_convert_neon
-
-#define RGB_RED  EXT_BGRX_RED
-#define RGB_GREEN  EXT_BGRX_GREEN
-#define RGB_BLUE  EXT_BGRX_BLUE
-#define RGB_ALPHA  3
-#define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-#define jsimd_ycc_rgb_convert_neon  jsimd_ycc_extbgrx_convert_neon
-#include "jdcolext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_ALPHA
-#undef RGB_PIXELSIZE
-#undef jsimd_ycc_rgb_convert_neon
-
-#define RGB_RED  EXT_XBGR_RED
-#define RGB_GREEN  EXT_XBGR_GREEN
-#define RGB_BLUE  EXT_XBGR_BLUE
-#define RGB_ALPHA  0
-#define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-#define jsimd_ycc_rgb_convert_neon  jsimd_ycc_extxbgr_convert_neon
-#include "jdcolext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_ALPHA
-#undef RGB_PIXELSIZE
-#undef jsimd_ycc_rgb_convert_neon
-
-#define RGB_RED  EXT_XRGB_RED
-#define RGB_GREEN  EXT_XRGB_GREEN
-#define RGB_BLUE  EXT_XRGB_BLUE
-#define RGB_ALPHA  0
-#define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-#define jsimd_ycc_rgb_convert_neon  jsimd_ycc_extxrgb_convert_neon
-#include "jdcolext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_ALPHA
-#undef RGB_PIXELSIZE
-#undef jsimd_ycc_rgb_convert_neon
-
-/* YCbCr -> RGB565 Conversion */
-
-#define RGB_PIXELSIZE  2
-#define jsimd_ycc_rgb_convert_neon  jsimd_ycc_rgb565_convert_neon
-#include "jdcolext-neon.c"
-#undef RGB_PIXELSIZE
-#undef jsimd_ycc_rgb_convert_neon
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jdmerge-neon.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jdmerge-neon.c
deleted file mode 100644
index 18fb9d8..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jdmerge-neon.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/*
- * jdmerge-neon.c - merged upsampling/color conversion (Arm Neon)
- *
- * Copyright (C) 2020, Arm Limited.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#define JPEG_INTERNALS
-#include "../../jinclude.h"
-#include "../../jpeglib.h"
-#include "../../jsimd.h"
-#include "../../jdct.h"
-#include "../../jsimddct.h"
-#include "../jsimd.h"
-#include "align.h"
-
-#include <arm_neon.h>
-
-
-/* YCbCr -> RGB conversion constants */
-
-#define F_0_344  11277  /* 0.3441467 = 11277 * 2^-15 */
-#define F_0_714  23401  /* 0.7141418 = 23401 * 2^-15 */
-#define F_1_402  22971  /* 1.4020386 = 22971 * 2^-14 */
-#define F_1_772  29033  /* 1.7720337 = 29033 * 2^-14 */
-
-ALIGN(16) static const int16_t jsimd_ycc_rgb_convert_neon_consts[] = {
-  -F_0_344, F_0_714, F_1_402, F_1_772
-};
-
-
-/* Include inline routines for colorspace extensions. */
-
-#include "jdmrgext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-
-#define RGB_RED  EXT_RGB_RED
-#define RGB_GREEN  EXT_RGB_GREEN
-#define RGB_BLUE  EXT_RGB_BLUE
-#define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-#define jsimd_h2v1_merged_upsample_neon  jsimd_h2v1_extrgb_merged_upsample_neon
-#define jsimd_h2v2_merged_upsample_neon  jsimd_h2v2_extrgb_merged_upsample_neon
-#include "jdmrgext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_h2v1_merged_upsample_neon
-#undef jsimd_h2v2_merged_upsample_neon
-
-#define RGB_RED  EXT_RGBX_RED
-#define RGB_GREEN  EXT_RGBX_GREEN
-#define RGB_BLUE  EXT_RGBX_BLUE
-#define RGB_ALPHA  3
-#define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-#define jsimd_h2v1_merged_upsample_neon  jsimd_h2v1_extrgbx_merged_upsample_neon
-#define jsimd_h2v2_merged_upsample_neon  jsimd_h2v2_extrgbx_merged_upsample_neon
-#include "jdmrgext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_ALPHA
-#undef RGB_PIXELSIZE
-#undef jsimd_h2v1_merged_upsample_neon
-#undef jsimd_h2v2_merged_upsample_neon
-
-#define RGB_RED  EXT_BGR_RED
-#define RGB_GREEN  EXT_BGR_GREEN
-#define RGB_BLUE  EXT_BGR_BLUE
-#define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-#define jsimd_h2v1_merged_upsample_neon  jsimd_h2v1_extbgr_merged_upsample_neon
-#define jsimd_h2v2_merged_upsample_neon  jsimd_h2v2_extbgr_merged_upsample_neon
-#include "jdmrgext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_h2v1_merged_upsample_neon
-#undef jsimd_h2v2_merged_upsample_neon
-
-#define RGB_RED  EXT_BGRX_RED
-#define RGB_GREEN  EXT_BGRX_GREEN
-#define RGB_BLUE  EXT_BGRX_BLUE
-#define RGB_ALPHA  3
-#define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-#define jsimd_h2v1_merged_upsample_neon  jsimd_h2v1_extbgrx_merged_upsample_neon
-#define jsimd_h2v2_merged_upsample_neon  jsimd_h2v2_extbgrx_merged_upsample_neon
-#include "jdmrgext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_ALPHA
-#undef RGB_PIXELSIZE
-#undef jsimd_h2v1_merged_upsample_neon
-#undef jsimd_h2v2_merged_upsample_neon
-
-#define RGB_RED  EXT_XBGR_RED
-#define RGB_GREEN  EXT_XBGR_GREEN
-#define RGB_BLUE  EXT_XBGR_BLUE
-#define RGB_ALPHA  0
-#define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-#define jsimd_h2v1_merged_upsample_neon  jsimd_h2v1_extxbgr_merged_upsample_neon
-#define jsimd_h2v2_merged_upsample_neon  jsimd_h2v2_extxbgr_merged_upsample_neon
-#include "jdmrgext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_ALPHA
-#undef RGB_PIXELSIZE
-#undef jsimd_h2v1_merged_upsample_neon
-#undef jsimd_h2v2_merged_upsample_neon
-
-#define RGB_RED  EXT_XRGB_RED
-#define RGB_GREEN  EXT_XRGB_GREEN
-#define RGB_BLUE  EXT_XRGB_BLUE
-#define RGB_ALPHA  0
-#define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-#define jsimd_h2v1_merged_upsample_neon  jsimd_h2v1_extxrgb_merged_upsample_neon
-#define jsimd_h2v2_merged_upsample_neon  jsimd_h2v2_extxrgb_merged_upsample_neon
-#include "jdmrgext-neon.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_ALPHA
-#undef RGB_PIXELSIZE
-#undef jsimd_h2v1_merged_upsample_neon
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jdmrgext-neon.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jdmrgext-neon.c
deleted file mode 100644
index fa2ec05..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jdmrgext-neon.c
+++ /dev/null
@@ -1,667 +0,0 @@
-/*
- * jdmrgext-neon.c - merged upsampling/color conversion (Arm Neon)
- *
- * Copyright (C) 2020, Arm Limited.  All Rights Reserved.
- * Copyright (C) 2020, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* This file is included by jdmerge-neon.c. */
-
-
-/* These routines combine simple (non-fancy, i.e. non-smooth) h2v1 or h2v2
- * chroma upsampling and YCbCr -> RGB color conversion into a single function.
- *
- * As with the standalone functions, YCbCr -> RGB conversion is defined by the
- * following equations:
- *    R = Y                        + 1.40200 * (Cr - 128)
- *    G = Y - 0.34414 * (Cb - 128) - 0.71414 * (Cr - 128)
- *    B = Y + 1.77200 * (Cb - 128)
- *
- * Scaled integer constants are used to avoid floating-point arithmetic:
- *    0.3441467 = 11277 * 2^-15
- *    0.7141418 = 23401 * 2^-15
- *    1.4020386 = 22971 * 2^-14
- *    1.7720337 = 29033 * 2^-14
- * These constants are defined in jdmerge-neon.c.
- *
- * To ensure correct results, rounding is used when descaling.
- */
-
-/* Notes on safe memory access for merged upsampling/YCbCr -> RGB conversion
- * routines:
- *
- * Input memory buffers can be safely overread up to the next multiple of
- * ALIGN_SIZE bytes, since they are always allocated by alloc_sarray() in
- * jmemmgr.c.
- *
- * The output buffer cannot safely be written beyond output_width, since
- * output_buf points to a possibly unpadded row in the decompressed image
- * buffer allocated by the calling program.
- */
-
-/* Upsample and color convert for the case of 2:1 horizontal and 1:1 vertical.
- */
-
-void jsimd_h2v1_merged_upsample_neon(JDIMENSION output_width,
-                                     JSAMPIMAGE input_buf,
-                                     JDIMENSION in_row_group_ctr,
-                                     JSAMPARRAY output_buf)
-{
-  JSAMPROW outptr;
-  /* Pointers to Y, Cb, and Cr data */
-  JSAMPROW inptr0, inptr1, inptr2;
-
-  const int16x4_t consts = vld1_s16(jsimd_ycc_rgb_convert_neon_consts);
-  const int16x8_t neg_128 = vdupq_n_s16(-128);
-
-  inptr0 = input_buf[0][in_row_group_ctr];
-  inptr1 = input_buf[1][in_row_group_ctr];
-  inptr2 = input_buf[2][in_row_group_ctr];
-  outptr = output_buf[0];
-
-  int cols_remaining = output_width;
-  for (; cols_remaining >= 16; cols_remaining -= 16) {
-    /* De-interleave Y component values into two separate vectors, one
-     * containing the component values with even-numbered indices and one
-     * containing the component values with odd-numbered indices.
-     */
-    uint8x8x2_t y = vld2_u8(inptr0);
-    uint8x8_t cb = vld1_u8(inptr1);
-    uint8x8_t cr = vld1_u8(inptr2);
-    /* Subtract 128 from Cb and Cr. */
-    int16x8_t cr_128 =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(neg_128), cr));
-    int16x8_t cb_128 =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(neg_128), cb));
-    /* Compute G-Y: - 0.34414 * (Cb - 128) - 0.71414 * (Cr - 128) */
-    int32x4_t g_sub_y_l = vmull_lane_s16(vget_low_s16(cb_128), consts, 0);
-    int32x4_t g_sub_y_h = vmull_lane_s16(vget_high_s16(cb_128), consts, 0);
-    g_sub_y_l = vmlsl_lane_s16(g_sub_y_l, vget_low_s16(cr_128), consts, 1);
-    g_sub_y_h = vmlsl_lane_s16(g_sub_y_h, vget_high_s16(cr_128), consts, 1);
-    /* Descale G components: shift right 15, round, and narrow to 16-bit. */
-    int16x8_t g_sub_y = vcombine_s16(vrshrn_n_s32(g_sub_y_l, 15),
-                                     vrshrn_n_s32(g_sub_y_h, 15));
-    /* Compute R-Y: 1.40200 * (Cr - 128) */
-    int16x8_t r_sub_y = vqrdmulhq_lane_s16(vshlq_n_s16(cr_128, 1), consts, 2);
-    /* Compute B-Y: 1.77200 * (Cb - 128) */
-    int16x8_t b_sub_y = vqrdmulhq_lane_s16(vshlq_n_s16(cb_128, 1), consts, 3);
-    /* Add the chroma-derived values (G-Y, R-Y, and B-Y) to both the "even" and
-     * "odd" Y component values.  This effectively upsamples the chroma
-     * components horizontally.
-     */
-    int16x8_t g_even =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(g_sub_y),
-                                     y.val[0]));
-    int16x8_t r_even =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(r_sub_y),
-                                     y.val[0]));
-    int16x8_t b_even =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(b_sub_y),
-                                     y.val[0]));
-    int16x8_t g_odd =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(g_sub_y),
-                                     y.val[1]));
-    int16x8_t r_odd =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(r_sub_y),
-                                     y.val[1]));
-    int16x8_t b_odd =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(b_sub_y),
-                                     y.val[1]));
-    /* Convert each component to unsigned and narrow, clamping to [0-255].
-     * Re-interleave the "even" and "odd" component values.
-     */
-    uint8x8x2_t r = vzip_u8(vqmovun_s16(r_even), vqmovun_s16(r_odd));
-    uint8x8x2_t g = vzip_u8(vqmovun_s16(g_even), vqmovun_s16(g_odd));
-    uint8x8x2_t b = vzip_u8(vqmovun_s16(b_even), vqmovun_s16(b_odd));
-
-#ifdef RGB_ALPHA
-    uint8x16x4_t rgba;
-    rgba.val[RGB_RED] = vcombine_u8(r.val[0], r.val[1]);
-    rgba.val[RGB_GREEN] = vcombine_u8(g.val[0], g.val[1]);
-    rgba.val[RGB_BLUE] = vcombine_u8(b.val[0], b.val[1]);
-    /* Set alpha channel to opaque (0xFF). */
-    rgba.val[RGB_ALPHA] = vdupq_n_u8(0xFF);
-    /* Store RGBA pixel data to memory. */
-    vst4q_u8(outptr, rgba);
-#else
-    uint8x16x3_t rgb;
-    rgb.val[RGB_RED] = vcombine_u8(r.val[0], r.val[1]);
-    rgb.val[RGB_GREEN] = vcombine_u8(g.val[0], g.val[1]);
-    rgb.val[RGB_BLUE] = vcombine_u8(b.val[0], b.val[1]);
-    /* Store RGB pixel data to memory. */
-    vst3q_u8(outptr, rgb);
-#endif
-
-    /* Increment pointers. */
-    inptr0 += 16;
-    inptr1 += 8;
-    inptr2 += 8;
-    outptr += (RGB_PIXELSIZE * 16);
-  }
-
-  if (cols_remaining > 0) {
-    /* De-interleave Y component values into two separate vectors, one
-     * containing the component values with even-numbered indices and one
-     * containing the component values with odd-numbered indices.
-     */
-    uint8x8x2_t y = vld2_u8(inptr0);
-    uint8x8_t cb = vld1_u8(inptr1);
-    uint8x8_t cr = vld1_u8(inptr2);
-    /* Subtract 128 from Cb and Cr. */
-    int16x8_t cr_128 =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(neg_128), cr));
-    int16x8_t cb_128 =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(neg_128), cb));
-    /* Compute G-Y: - 0.34414 * (Cb - 128) - 0.71414 * (Cr - 128) */
-    int32x4_t g_sub_y_l = vmull_lane_s16(vget_low_s16(cb_128), consts, 0);
-    int32x4_t g_sub_y_h = vmull_lane_s16(vget_high_s16(cb_128), consts, 0);
-    g_sub_y_l = vmlsl_lane_s16(g_sub_y_l, vget_low_s16(cr_128), consts, 1);
-    g_sub_y_h = vmlsl_lane_s16(g_sub_y_h, vget_high_s16(cr_128), consts, 1);
-    /* Descale G components: shift right 15, round, and narrow to 16-bit. */
-    int16x8_t g_sub_y = vcombine_s16(vrshrn_n_s32(g_sub_y_l, 15),
-                                     vrshrn_n_s32(g_sub_y_h, 15));
-    /* Compute R-Y: 1.40200 * (Cr - 128) */
-    int16x8_t r_sub_y = vqrdmulhq_lane_s16(vshlq_n_s16(cr_128, 1), consts, 2);
-    /* Compute B-Y: 1.77200 * (Cb - 128) */
-    int16x8_t b_sub_y = vqrdmulhq_lane_s16(vshlq_n_s16(cb_128, 1), consts, 3);
-    /* Add the chroma-derived values (G-Y, R-Y, and B-Y) to both the "even" and
-     * "odd" Y component values.  This effectively upsamples the chroma
-     * components horizontally.
-     */
-    int16x8_t g_even =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(g_sub_y),
-                                     y.val[0]));
-    int16x8_t r_even =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(r_sub_y),
-                                     y.val[0]));
-    int16x8_t b_even =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(b_sub_y),
-                                     y.val[0]));
-    int16x8_t g_odd =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(g_sub_y),
-                                     y.val[1]));
-    int16x8_t r_odd =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(r_sub_y),
-                                     y.val[1]));
-    int16x8_t b_odd =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(b_sub_y),
-                                     y.val[1]));
-    /* Convert each component to unsigned and narrow, clamping to [0-255].
-     * Re-interleave the "even" and "odd" component values.
-     */
-    uint8x8x2_t r = vzip_u8(vqmovun_s16(r_even), vqmovun_s16(r_odd));
-    uint8x8x2_t g = vzip_u8(vqmovun_s16(g_even), vqmovun_s16(g_odd));
-    uint8x8x2_t b = vzip_u8(vqmovun_s16(b_even), vqmovun_s16(b_odd));
-
-#ifdef RGB_ALPHA
-    uint8x8x4_t rgba_h;
-    rgba_h.val[RGB_RED] = r.val[1];
-    rgba_h.val[RGB_GREEN] = g.val[1];
-    rgba_h.val[RGB_BLUE] = b.val[1];
-    /* Set alpha channel to opaque (0xFF). */
-    rgba_h.val[RGB_ALPHA] = vdup_n_u8(0xFF);
-    uint8x8x4_t rgba_l;
-    rgba_l.val[RGB_RED] = r.val[0];
-    rgba_l.val[RGB_GREEN] = g.val[0];
-    rgba_l.val[RGB_BLUE] = b.val[0];
-    /* Set alpha channel to opaque (0xFF). */
-    rgba_l.val[RGB_ALPHA] = vdup_n_u8(0xFF);
-    /* Store RGBA pixel data to memory. */
-    switch (cols_remaining) {
-    case 15:
-      vst4_lane_u8(outptr + 14 * RGB_PIXELSIZE, rgba_h, 6);
-    case 14:
-      vst4_lane_u8(outptr + 13 * RGB_PIXELSIZE, rgba_h, 5);
-    case 13:
-      vst4_lane_u8(outptr + 12 * RGB_PIXELSIZE, rgba_h, 4);
-    case 12:
-      vst4_lane_u8(outptr + 11 * RGB_PIXELSIZE, rgba_h, 3);
-    case 11:
-      vst4_lane_u8(outptr + 10 * RGB_PIXELSIZE, rgba_h, 2);
-    case 10:
-      vst4_lane_u8(outptr + 9 * RGB_PIXELSIZE, rgba_h, 1);
-    case 9:
-      vst4_lane_u8(outptr + 8 * RGB_PIXELSIZE, rgba_h, 0);
-    case 8:
-      vst4_u8(outptr, rgba_l);
-      break;
-    case 7:
-      vst4_lane_u8(outptr + 6 * RGB_PIXELSIZE, rgba_l, 6);
-    case 6:
-      vst4_lane_u8(outptr + 5 * RGB_PIXELSIZE, rgba_l, 5);
-    case 5:
-      vst4_lane_u8(outptr + 4 * RGB_PIXELSIZE, rgba_l, 4);
-    case 4:
-      vst4_lane_u8(outptr + 3 * RGB_PIXELSIZE, rgba_l, 3);
-    case 3:
-      vst4_lane_u8(outptr + 2 * RGB_PIXELSIZE, rgba_l, 2);
-    case 2:
-      vst4_lane_u8(outptr + RGB_PIXELSIZE, rgba_l, 1);
-    case 1:
-      vst4_lane_u8(outptr, rgba_l, 0);
-    default:
-      break;
-    }
-#else
-    uint8x8x3_t rgb_h;
-    rgb_h.val[RGB_RED] = r.val[1];
-    rgb_h.val[RGB_GREEN] = g.val[1];
-    rgb_h.val[RGB_BLUE] = b.val[1];
-    uint8x8x3_t rgb_l;
-    rgb_l.val[RGB_RED] = r.val[0];
-    rgb_l.val[RGB_GREEN] = g.val[0];
-    rgb_l.val[RGB_BLUE] = b.val[0];
-    /* Store RGB pixel data to memory. */
-    switch (cols_remaining) {
-    case 15:
-      vst3_lane_u8(outptr + 14 * RGB_PIXELSIZE, rgb_h, 6);
-    case 14:
-      vst3_lane_u8(outptr + 13 * RGB_PIXELSIZE, rgb_h, 5);
-    case 13:
-      vst3_lane_u8(outptr + 12 * RGB_PIXELSIZE, rgb_h, 4);
-    case 12:
-      vst3_lane_u8(outptr + 11 * RGB_PIXELSIZE, rgb_h, 3);
-    case 11:
-      vst3_lane_u8(outptr + 10 * RGB_PIXELSIZE, rgb_h, 2);
-    case 10:
-      vst3_lane_u8(outptr + 9 * RGB_PIXELSIZE, rgb_h, 1);
-    case 9:
-      vst3_lane_u8(outptr + 8 * RGB_PIXELSIZE, rgb_h, 0);
-    case 8:
-      vst3_u8(outptr, rgb_l);
-      break;
-    case 7:
-      vst3_lane_u8(outptr + 6 * RGB_PIXELSIZE, rgb_l, 6);
-    case 6:
-      vst3_lane_u8(outptr + 5 * RGB_PIXELSIZE, rgb_l, 5);
-    case 5:
-      vst3_lane_u8(outptr + 4 * RGB_PIXELSIZE, rgb_l, 4);
-    case 4:
-      vst3_lane_u8(outptr + 3 * RGB_PIXELSIZE, rgb_l, 3);
-    case 3:
-      vst3_lane_u8(outptr + 2 * RGB_PIXELSIZE, rgb_l, 2);
-    case 2:
-      vst3_lane_u8(outptr + RGB_PIXELSIZE, rgb_l, 1);
-    case 1:
-      vst3_lane_u8(outptr, rgb_l, 0);
-    default:
-      break;
-    }
-#endif
-  }
-}
-
-
-/* Upsample and color convert for the case of 2:1 horizontal and 2:1 vertical.
- *
- * See comments above for details regarding color conversion and safe memory
- * access.
- */
-
-void jsimd_h2v2_merged_upsample_neon(JDIMENSION output_width,
-                                     JSAMPIMAGE input_buf,
-                                     JDIMENSION in_row_group_ctr,
-                                     JSAMPARRAY output_buf)
-{
-  JSAMPROW outptr0, outptr1;
-  /* Pointers to Y (both rows), Cb, and Cr data */
-  JSAMPROW inptr0_0, inptr0_1, inptr1, inptr2;
-
-  const int16x4_t consts = vld1_s16(jsimd_ycc_rgb_convert_neon_consts);
-  const int16x8_t neg_128 = vdupq_n_s16(-128);
-
-  inptr0_0 = input_buf[0][in_row_group_ctr * 2];
-  inptr0_1 = input_buf[0][in_row_group_ctr * 2 + 1];
-  inptr1 = input_buf[1][in_row_group_ctr];
-  inptr2 = input_buf[2][in_row_group_ctr];
-  outptr0 = output_buf[0];
-  outptr1 = output_buf[1];
-
-  int cols_remaining = output_width;
-  for (; cols_remaining >= 16; cols_remaining -= 16) {
-    /* For each row, de-interleave Y component values into two separate
-     * vectors, one containing the component values with even-numbered indices
-     * and one containing the component values with odd-numbered indices.
-     */
-    uint8x8x2_t y0 = vld2_u8(inptr0_0);
-    uint8x8x2_t y1 = vld2_u8(inptr0_1);
-    uint8x8_t cb = vld1_u8(inptr1);
-    uint8x8_t cr = vld1_u8(inptr2);
-    /* Subtract 128 from Cb and Cr. */
-    int16x8_t cr_128 =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(neg_128), cr));
-    int16x8_t cb_128 =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(neg_128), cb));
-    /* Compute G-Y: - 0.34414 * (Cb - 128) - 0.71414 * (Cr - 128) */
-    int32x4_t g_sub_y_l = vmull_lane_s16(vget_low_s16(cb_128), consts, 0);
-    int32x4_t g_sub_y_h = vmull_lane_s16(vget_high_s16(cb_128), consts, 0);
-    g_sub_y_l = vmlsl_lane_s16(g_sub_y_l, vget_low_s16(cr_128), consts, 1);
-    g_sub_y_h = vmlsl_lane_s16(g_sub_y_h, vget_high_s16(cr_128), consts, 1);
-    /* Descale G components: shift right 15, round, and narrow to 16-bit. */
-    int16x8_t g_sub_y = vcombine_s16(vrshrn_n_s32(g_sub_y_l, 15),
-                                     vrshrn_n_s32(g_sub_y_h, 15));
-    /* Compute R-Y: 1.40200 * (Cr - 128) */
-    int16x8_t r_sub_y = vqrdmulhq_lane_s16(vshlq_n_s16(cr_128, 1), consts, 2);
-    /* Compute B-Y: 1.77200 * (Cb - 128) */
-    int16x8_t b_sub_y = vqrdmulhq_lane_s16(vshlq_n_s16(cb_128, 1), consts, 3);
-    /* For each row, add the chroma-derived values (G-Y, R-Y, and B-Y) to both
-     * the "even" and "odd" Y component values.  This effectively upsamples the
-     * chroma components both horizontally and vertically.
-     */
-    int16x8_t g0_even =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(g_sub_y),
-                                     y0.val[0]));
-    int16x8_t r0_even =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(r_sub_y),
-                                     y0.val[0]));
-    int16x8_t b0_even =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(b_sub_y),
-                                     y0.val[0]));
-    int16x8_t g0_odd =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(g_sub_y),
-                                     y0.val[1]));
-    int16x8_t r0_odd =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(r_sub_y),
-                                     y0.val[1]));
-    int16x8_t b0_odd =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(b_sub_y),
-                                     y0.val[1]));
-    int16x8_t g1_even =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(g_sub_y),
-                                     y1.val[0]));
-    int16x8_t r1_even =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(r_sub_y),
-                                     y1.val[0]));
-    int16x8_t b1_even =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(b_sub_y),
-                                     y1.val[0]));
-    int16x8_t g1_odd =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(g_sub_y),
-                                     y1.val[1]));
-    int16x8_t r1_odd =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(r_sub_y),
-                                     y1.val[1]));
-    int16x8_t b1_odd =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(b_sub_y),
-                                     y1.val[1]));
-    /* Convert each component to unsigned and narrow, clamping to [0-255].
-     * Re-interleave the "even" and "odd" component values.
-     */
-    uint8x8x2_t r0 = vzip_u8(vqmovun_s16(r0_even), vqmovun_s16(r0_odd));
-    uint8x8x2_t r1 = vzip_u8(vqmovun_s16(r1_even), vqmovun_s16(r1_odd));
-    uint8x8x2_t g0 = vzip_u8(vqmovun_s16(g0_even), vqmovun_s16(g0_odd));
-    uint8x8x2_t g1 = vzip_u8(vqmovun_s16(g1_even), vqmovun_s16(g1_odd));
-    uint8x8x2_t b0 = vzip_u8(vqmovun_s16(b0_even), vqmovun_s16(b0_odd));
-    uint8x8x2_t b1 = vzip_u8(vqmovun_s16(b1_even), vqmovun_s16(b1_odd));
-
-#ifdef RGB_ALPHA
-    uint8x16x4_t rgba0, rgba1;
-    rgba0.val[RGB_RED] = vcombine_u8(r0.val[0], r0.val[1]);
-    rgba1.val[RGB_RED] = vcombine_u8(r1.val[0], r1.val[1]);
-    rgba0.val[RGB_GREEN] = vcombine_u8(g0.val[0], g0.val[1]);
-    rgba1.val[RGB_GREEN] = vcombine_u8(g1.val[0], g1.val[1]);
-    rgba0.val[RGB_BLUE] = vcombine_u8(b0.val[0], b0.val[1]);
-    rgba1.val[RGB_BLUE] = vcombine_u8(b1.val[0], b1.val[1]);
-    /* Set alpha channel to opaque (0xFF). */
-    rgba0.val[RGB_ALPHA] = vdupq_n_u8(0xFF);
-    rgba1.val[RGB_ALPHA] = vdupq_n_u8(0xFF);
-    /* Store RGBA pixel data to memory. */
-    vst4q_u8(outptr0, rgba0);
-    vst4q_u8(outptr1, rgba1);
-#else
-    uint8x16x3_t rgb0, rgb1;
-    rgb0.val[RGB_RED] = vcombine_u8(r0.val[0], r0.val[1]);
-    rgb1.val[RGB_RED] = vcombine_u8(r1.val[0], r1.val[1]);
-    rgb0.val[RGB_GREEN] = vcombine_u8(g0.val[0], g0.val[1]);
-    rgb1.val[RGB_GREEN] = vcombine_u8(g1.val[0], g1.val[1]);
-    rgb0.val[RGB_BLUE] = vcombine_u8(b0.val[0], b0.val[1]);
-    rgb1.val[RGB_BLUE] = vcombine_u8(b1.val[0], b1.val[1]);
-    /* Store RGB pixel data to memory. */
-    vst3q_u8(outptr0, rgb0);
-    vst3q_u8(outptr1, rgb1);
-#endif
-
-    /* Increment pointers. */
-    inptr0_0 += 16;
-    inptr0_1 += 16;
-    inptr1 += 8;
-    inptr2 += 8;
-    outptr0 += (RGB_PIXELSIZE * 16);
-    outptr1 += (RGB_PIXELSIZE * 16);
-  }
-
-  if (cols_remaining > 0) {
-    /* For each row, de-interleave Y component values into two separate
-     * vectors, one containing the component values with even-numbered indices
-     * and one containing the component values with odd-numbered indices.
-     */
-    uint8x8x2_t y0 = vld2_u8(inptr0_0);
-    uint8x8x2_t y1 = vld2_u8(inptr0_1);
-    uint8x8_t cb = vld1_u8(inptr1);
-    uint8x8_t cr = vld1_u8(inptr2);
-    /* Subtract 128 from Cb and Cr. */
-    int16x8_t cr_128 =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(neg_128), cr));
-    int16x8_t cb_128 =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(neg_128), cb));
-    /* Compute G-Y: - 0.34414 * (Cb - 128) - 0.71414 * (Cr - 128) */
-    int32x4_t g_sub_y_l = vmull_lane_s16(vget_low_s16(cb_128), consts, 0);
-    int32x4_t g_sub_y_h = vmull_lane_s16(vget_high_s16(cb_128), consts, 0);
-    g_sub_y_l = vmlsl_lane_s16(g_sub_y_l, vget_low_s16(cr_128), consts, 1);
-    g_sub_y_h = vmlsl_lane_s16(g_sub_y_h, vget_high_s16(cr_128), consts, 1);
-    /* Descale G components: shift right 15, round, and narrow to 16-bit. */
-    int16x8_t g_sub_y = vcombine_s16(vrshrn_n_s32(g_sub_y_l, 15),
-                                     vrshrn_n_s32(g_sub_y_h, 15));
-    /* Compute R-Y: 1.40200 * (Cr - 128) */
-    int16x8_t r_sub_y = vqrdmulhq_lane_s16(vshlq_n_s16(cr_128, 1), consts, 2);
-    /* Compute B-Y: 1.77200 * (Cb - 128) */
-    int16x8_t b_sub_y = vqrdmulhq_lane_s16(vshlq_n_s16(cb_128, 1), consts, 3);
-    /* For each row, add the chroma-derived values (G-Y, R-Y, and B-Y) to both
-     * the "even" and "odd" Y component values.  This effectively upsamples the
-     * chroma components both horizontally and vertically.
-     */
-    int16x8_t g0_even =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(g_sub_y),
-                                     y0.val[0]));
-    int16x8_t r0_even =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(r_sub_y),
-                                     y0.val[0]));
-    int16x8_t b0_even =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(b_sub_y),
-                                     y0.val[0]));
-    int16x8_t g0_odd =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(g_sub_y),
-                                     y0.val[1]));
-    int16x8_t r0_odd =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(r_sub_y),
-                                     y0.val[1]));
-    int16x8_t b0_odd =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(b_sub_y),
-                                     y0.val[1]));
-    int16x8_t g1_even =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(g_sub_y),
-                                     y1.val[0]));
-    int16x8_t r1_even =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(r_sub_y),
-                                     y1.val[0]));
-    int16x8_t b1_even =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(b_sub_y),
-                                     y1.val[0]));
-    int16x8_t g1_odd =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(g_sub_y),
-                                     y1.val[1]));
-    int16x8_t r1_odd =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(r_sub_y),
-                                     y1.val[1]));
-    int16x8_t b1_odd =
-      vreinterpretq_s16_u16(vaddw_u8(vreinterpretq_u16_s16(b_sub_y),
-                                     y1.val[1]));
-    /* Convert each component to unsigned and narrow, clamping to [0-255].
-     * Re-interleave the "even" and "odd" component values.
-     */
-    uint8x8x2_t r0 = vzip_u8(vqmovun_s16(r0_even), vqmovun_s16(r0_odd));
-    uint8x8x2_t r1 = vzip_u8(vqmovun_s16(r1_even), vqmovun_s16(r1_odd));
-    uint8x8x2_t g0 = vzip_u8(vqmovun_s16(g0_even), vqmovun_s16(g0_odd));
-    uint8x8x2_t g1 = vzip_u8(vqmovun_s16(g1_even), vqmovun_s16(g1_odd));
-    uint8x8x2_t b0 = vzip_u8(vqmovun_s16(b0_even), vqmovun_s16(b0_odd));
-    uint8x8x2_t b1 = vzip_u8(vqmovun_s16(b1_even), vqmovun_s16(b1_odd));
-
-#ifdef RGB_ALPHA
-    uint8x8x4_t rgba0_h, rgba1_h;
-    rgba0_h.val[RGB_RED] = r0.val[1];
-    rgba1_h.val[RGB_RED] = r1.val[1];
-    rgba0_h.val[RGB_GREEN] = g0.val[1];
-    rgba1_h.val[RGB_GREEN] = g1.val[1];
-    rgba0_h.val[RGB_BLUE] = b0.val[1];
-    rgba1_h.val[RGB_BLUE] = b1.val[1];
-    /* Set alpha channel to opaque (0xFF). */
-    rgba0_h.val[RGB_ALPHA] = vdup_n_u8(0xFF);
-    rgba1_h.val[RGB_ALPHA] = vdup_n_u8(0xFF);
-
-    uint8x8x4_t rgba0_l, rgba1_l;
-    rgba0_l.val[RGB_RED] = r0.val[0];
-    rgba1_l.val[RGB_RED] = r1.val[0];
-    rgba0_l.val[RGB_GREEN] = g0.val[0];
-    rgba1_l.val[RGB_GREEN] = g1.val[0];
-    rgba0_l.val[RGB_BLUE] = b0.val[0];
-    rgba1_l.val[RGB_BLUE] = b1.val[0];
-    /* Set alpha channel to opaque (0xFF). */
-    rgba0_l.val[RGB_ALPHA] = vdup_n_u8(0xFF);
-    rgba1_l.val[RGB_ALPHA] = vdup_n_u8(0xFF);
-    /* Store RGBA pixel data to memory. */
-    switch (cols_remaining) {
-    case 15:
-      vst4_lane_u8(outptr0 + 14 * RGB_PIXELSIZE, rgba0_h, 6);
-      vst4_lane_u8(outptr1 + 14 * RGB_PIXELSIZE, rgba1_h, 6);
-    case 14:
-      vst4_lane_u8(outptr0 + 13 * RGB_PIXELSIZE, rgba0_h, 5);
-      vst4_lane_u8(outptr1 + 13 * RGB_PIXELSIZE, rgba1_h, 5);
-    case 13:
-      vst4_lane_u8(outptr0 + 12 * RGB_PIXELSIZE, rgba0_h, 4);
-      vst4_lane_u8(outptr1 + 12 * RGB_PIXELSIZE, rgba1_h, 4);
-    case 12:
-      vst4_lane_u8(outptr0 + 11 * RGB_PIXELSIZE, rgba0_h, 3);
-      vst4_lane_u8(outptr1 + 11 * RGB_PIXELSIZE, rgba1_h, 3);
-    case 11:
-      vst4_lane_u8(outptr0 + 10 * RGB_PIXELSIZE, rgba0_h, 2);
-      vst4_lane_u8(outptr1 + 10 * RGB_PIXELSIZE, rgba1_h, 2);
-    case 10:
-      vst4_lane_u8(outptr0 + 9 * RGB_PIXELSIZE, rgba0_h, 1);
-      vst4_lane_u8(outptr1 + 9 * RGB_PIXELSIZE, rgba1_h, 1);
-    case 9:
-      vst4_lane_u8(outptr0 + 8 * RGB_PIXELSIZE, rgba0_h, 0);
-      vst4_lane_u8(outptr1 + 8 * RGB_PIXELSIZE, rgba1_h, 0);
-    case 8:
-      vst4_u8(outptr0, rgba0_l);
-      vst4_u8(outptr1, rgba1_l);
-      break;
-    case 7:
-      vst4_lane_u8(outptr0 + 6 * RGB_PIXELSIZE, rgba0_l, 6);
-      vst4_lane_u8(outptr1 + 6 * RGB_PIXELSIZE, rgba1_l, 6);
-    case 6:
-      vst4_lane_u8(outptr0 + 5 * RGB_PIXELSIZE, rgba0_l, 5);
-      vst4_lane_u8(outptr1 + 5 * RGB_PIXELSIZE, rgba1_l, 5);
-    case 5:
-      vst4_lane_u8(outptr0 + 4 * RGB_PIXELSIZE, rgba0_l, 4);
-      vst4_lane_u8(outptr1 + 4 * RGB_PIXELSIZE, rgba1_l, 4);
-    case 4:
-      vst4_lane_u8(outptr0 + 3 * RGB_PIXELSIZE, rgba0_l, 3);
-      vst4_lane_u8(outptr1 + 3 * RGB_PIXELSIZE, rgba1_l, 3);
-    case 3:
-      vst4_lane_u8(outptr0 + 2 * RGB_PIXELSIZE, rgba0_l, 2);
-      vst4_lane_u8(outptr1 + 2 * RGB_PIXELSIZE, rgba1_l, 2);
-    case 2:
-      vst4_lane_u8(outptr0 + 1 * RGB_PIXELSIZE, rgba0_l, 1);
-      vst4_lane_u8(outptr1 + 1 * RGB_PIXELSIZE, rgba1_l, 1);
-    case 1:
-      vst4_lane_u8(outptr0, rgba0_l, 0);
-      vst4_lane_u8(outptr1, rgba1_l, 0);
-    default:
-      break;
-    }
-#else
-    uint8x8x3_t rgb0_h, rgb1_h;
-    rgb0_h.val[RGB_RED] = r0.val[1];
-    rgb1_h.val[RGB_RED] = r1.val[1];
-    rgb0_h.val[RGB_GREEN] = g0.val[1];
-    rgb1_h.val[RGB_GREEN] = g1.val[1];
-    rgb0_h.val[RGB_BLUE] = b0.val[1];
-    rgb1_h.val[RGB_BLUE] = b1.val[1];
-
-    uint8x8x3_t rgb0_l, rgb1_l;
-    rgb0_l.val[RGB_RED] = r0.val[0];
-    rgb1_l.val[RGB_RED] = r1.val[0];
-    rgb0_l.val[RGB_GREEN] = g0.val[0];
-    rgb1_l.val[RGB_GREEN] = g1.val[0];
-    rgb0_l.val[RGB_BLUE] = b0.val[0];
-    rgb1_l.val[RGB_BLUE] = b1.val[0];
-    /* Store RGB pixel data to memory. */
-    switch (cols_remaining) {
-    case 15:
-      vst3_lane_u8(outptr0 + 14 * RGB_PIXELSIZE, rgb0_h, 6);
-      vst3_lane_u8(outptr1 + 14 * RGB_PIXELSIZE, rgb1_h, 6);
-    case 14:
-      vst3_lane_u8(outptr0 + 13 * RGB_PIXELSIZE, rgb0_h, 5);
-      vst3_lane_u8(outptr1 + 13 * RGB_PIXELSIZE, rgb1_h, 5);
-    case 13:
-      vst3_lane_u8(outptr0 + 12 * RGB_PIXELSIZE, rgb0_h, 4);
-      vst3_lane_u8(outptr1 + 12 * RGB_PIXELSIZE, rgb1_h, 4);
-    case 12:
-      vst3_lane_u8(outptr0 + 11 * RGB_PIXELSIZE, rgb0_h, 3);
-      vst3_lane_u8(outptr1 + 11 * RGB_PIXELSIZE, rgb1_h, 3);
-    case 11:
-      vst3_lane_u8(outptr0 + 10 * RGB_PIXELSIZE, rgb0_h, 2);
-      vst3_lane_u8(outptr1 + 10 * RGB_PIXELSIZE, rgb1_h, 2);
-    case 10:
-      vst3_lane_u8(outptr0 + 9 * RGB_PIXELSIZE, rgb0_h, 1);
-      vst3_lane_u8(outptr1 + 9 * RGB_PIXELSIZE, rgb1_h, 1);
-    case 9:
-      vst3_lane_u8(outptr0 + 8 * RGB_PIXELSIZE, rgb0_h, 0);
-      vst3_lane_u8(outptr1 + 8 * RGB_PIXELSIZE, rgb1_h, 0);
-    case 8:
-      vst3_u8(outptr0, rgb0_l);
-      vst3_u8(outptr1, rgb1_l);
-      break;
-    case 7:
-      vst3_lane_u8(outptr0 + 6 * RGB_PIXELSIZE, rgb0_l, 6);
-      vst3_lane_u8(outptr1 + 6 * RGB_PIXELSIZE, rgb1_l, 6);
-    case 6:
-      vst3_lane_u8(outptr0 + 5 * RGB_PIXELSIZE, rgb0_l, 5);
-      vst3_lane_u8(outptr1 + 5 * RGB_PIXELSIZE, rgb1_l, 5);
-    case 5:
-      vst3_lane_u8(outptr0 + 4 * RGB_PIXELSIZE, rgb0_l, 4);
-      vst3_lane_u8(outptr1 + 4 * RGB_PIXELSIZE, rgb1_l, 4);
-    case 4:
-      vst3_lane_u8(outptr0 + 3 * RGB_PIXELSIZE, rgb0_l, 3);
-      vst3_lane_u8(outptr1 + 3 * RGB_PIXELSIZE, rgb1_l, 3);
-    case 3:
-      vst3_lane_u8(outptr0 + 2 * RGB_PIXELSIZE, rgb0_l, 2);
-      vst3_lane_u8(outptr1 + 2 * RGB_PIXELSIZE, rgb1_l, 2);
-    case 2:
-      vst3_lane_u8(outptr0 + 1 * RGB_PIXELSIZE, rgb0_l, 1);
-      vst3_lane_u8(outptr1 + 1 * RGB_PIXELSIZE, rgb1_l, 1);
-    case 1:
-      vst3_lane_u8(outptr0, rgb0_l, 0);
-      vst3_lane_u8(outptr1, rgb1_l, 0);
-    default:
-      break;
-    }
-#endif
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jdsample-neon.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jdsample-neon.c
deleted file mode 100644
index 90ec678..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jdsample-neon.c
+++ /dev/null
@@ -1,569 +0,0 @@
-/*
- * jdsample-neon.c - upsampling (Arm Neon)
- *
- * Copyright (C) 2020, Arm Limited.  All Rights Reserved.
- * Copyright (C) 2020, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#define JPEG_INTERNALS
-#include "../../jinclude.h"
-#include "../../jpeglib.h"
-#include "../../jsimd.h"
-#include "../../jdct.h"
-#include "../../jsimddct.h"
-#include "../jsimd.h"
-
-#include <arm_neon.h>
-
-
-/* The diagram below shows a row of samples produced by h2v1 downsampling.
- *
- *                s0        s1        s2
- *            +---------+---------+---------+
- *            |         |         |         |
- *            | p0   p1 | p2   p3 | p4   p5 |
- *            |         |         |         |
- *            +---------+---------+---------+
- *
- * Samples s0-s2 were created by averaging the original pixel component values
- * centered at positions p0-p5 above.  To approximate those original pixel
- * component values, we proportionally blend the adjacent samples in each row.
- *
- * An upsampled pixel component value is computed by blending the sample
- * containing the pixel center with the nearest neighboring sample, in the
- * ratio 3:1.  For example:
- *     p1(upsampled) = 3/4 * s0 + 1/4 * s1
- *     p2(upsampled) = 3/4 * s1 + 1/4 * s0
- * When computing the first and last pixel component values in the row, there
- * is no adjacent sample to blend, so:
- *     p0(upsampled) = s0
- *     p5(upsampled) = s2
- */
-
-void jsimd_h2v1_fancy_upsample_neon(int max_v_samp_factor,
-                                    JDIMENSION downsampled_width,
-                                    JSAMPARRAY input_data,
-                                    JSAMPARRAY *output_data_ptr)
-{
-  JSAMPARRAY output_data = *output_data_ptr;
-  JSAMPROW inptr, outptr;
-  int inrow;
-  unsigned colctr;
-  /* Set up constants. */
-  const uint16x8_t one_u16 = vdupq_n_u16(1);
-  const uint8x8_t three_u8 = vdup_n_u8(3);
-
-  for (inrow = 0; inrow < max_v_samp_factor; inrow++) {
-    inptr = input_data[inrow];
-    outptr = output_data[inrow];
-    /* First pixel component value in this row of the original image */
-    *outptr = (JSAMPLE)GETJSAMPLE(*inptr);
-
-    /*    3/4 * containing sample + 1/4 * nearest neighboring sample
-     * For p1: containing sample = s0, nearest neighboring sample = s1
-     * For p2: containing sample = s1, nearest neighboring sample = s0
-     */
-    uint8x16_t s0 = vld1q_u8(inptr);
-    uint8x16_t s1 = vld1q_u8(inptr + 1);
-    /* Multiplication makes vectors twice as wide.  '_l' and '_h' suffixes
-     * denote low half and high half respectively.
-     */
-    uint16x8_t s1_add_3s0_l =
-      vmlal_u8(vmovl_u8(vget_low_u8(s1)), vget_low_u8(s0), three_u8);
-    uint16x8_t s1_add_3s0_h =
-      vmlal_u8(vmovl_u8(vget_high_u8(s1)), vget_high_u8(s0), three_u8);
-    uint16x8_t s0_add_3s1_l =
-      vmlal_u8(vmovl_u8(vget_low_u8(s0)), vget_low_u8(s1), three_u8);
-    uint16x8_t s0_add_3s1_h =
-      vmlal_u8(vmovl_u8(vget_high_u8(s0)), vget_high_u8(s1), three_u8);
-    /* Add ordered dithering bias to odd pixel values. */
-    s0_add_3s1_l = vaddq_u16(s0_add_3s1_l, one_u16);
-    s0_add_3s1_h = vaddq_u16(s0_add_3s1_h, one_u16);
-
-    /* The offset is initially 1, because the first pixel component has already
-     * been stored.  However, in subsequent iterations of the SIMD loop, this
-     * offset is (2 * colctr - 1) to stay within the bounds of the sample
-     * buffers without having to resort to a slow scalar tail case for the last
-     * (downsampled_width % 16) samples.  See "Creation of 2-D sample arrays"
-     * in jmemmgr.c for more details.
-     */
-    unsigned outptr_offset = 1;
-    uint8x16x2_t output_pixels;
-
-    /* We use software pipelining to maximise performance.  The code indented
-     * an extra two spaces begins the next iteration of the loop.
-     */
-    for (colctr = 16; colctr < downsampled_width; colctr += 16) {
-
-        s0 = vld1q_u8(inptr + colctr - 1);
-        s1 = vld1q_u8(inptr + colctr);
-
-      /* Right-shift by 2 (divide by 4), narrow to 8-bit, and combine. */
-      output_pixels.val[0] = vcombine_u8(vrshrn_n_u16(s1_add_3s0_l, 2),
-                                         vrshrn_n_u16(s1_add_3s0_h, 2));
-      output_pixels.val[1] = vcombine_u8(vshrn_n_u16(s0_add_3s1_l, 2),
-                                         vshrn_n_u16(s0_add_3s1_h, 2));
-
-        /* Multiplication makes vectors twice as wide.  '_l' and '_h' suffixes
-         * denote low half and high half respectively.
-         */
-        s1_add_3s0_l =
-          vmlal_u8(vmovl_u8(vget_low_u8(s1)), vget_low_u8(s0), three_u8);
-        s1_add_3s0_h =
-          vmlal_u8(vmovl_u8(vget_high_u8(s1)), vget_high_u8(s0), three_u8);
-        s0_add_3s1_l =
-          vmlal_u8(vmovl_u8(vget_low_u8(s0)), vget_low_u8(s1), three_u8);
-        s0_add_3s1_h =
-          vmlal_u8(vmovl_u8(vget_high_u8(s0)), vget_high_u8(s1), three_u8);
-        /* Add ordered dithering bias to odd pixel values. */
-        s0_add_3s1_l = vaddq_u16(s0_add_3s1_l, one_u16);
-        s0_add_3s1_h = vaddq_u16(s0_add_3s1_h, one_u16);
-
-      /* Store pixel component values to memory. */
-      vst2q_u8(outptr + outptr_offset, output_pixels);
-      outptr_offset = 2 * colctr - 1;
-    }
-
-    /* Complete the last iteration of the loop. */
-
-    /* Right-shift by 2 (divide by 4), narrow to 8-bit, and combine. */
-    output_pixels.val[0] = vcombine_u8(vrshrn_n_u16(s1_add_3s0_l, 2),
-                                       vrshrn_n_u16(s1_add_3s0_h, 2));
-    output_pixels.val[1] = vcombine_u8(vshrn_n_u16(s0_add_3s1_l, 2),
-                                       vshrn_n_u16(s0_add_3s1_h, 2));
-    /* Store pixel component values to memory. */
-    vst2q_u8(outptr + outptr_offset, output_pixels);
-
-    /* Last pixel component value in this row of the original image */
-    outptr[2 * downsampled_width - 1] =
-      GETJSAMPLE(inptr[downsampled_width - 1]);
-  }
-}
-
-
-/* The diagram below shows an array of samples produced by h2v2 downsampling.
- *
- *                s0        s1        s2
- *            +---------+---------+---------+
- *            | p0   p1 | p2   p3 | p4   p5 |
- *       sA   |         |         |         |
- *            | p6   p7 | p8   p9 | p10  p11|
- *            +---------+---------+---------+
- *            | p12  p13| p14  p15| p16  p17|
- *       sB   |         |         |         |
- *            | p18  p19| p20  p21| p22  p23|
- *            +---------+---------+---------+
- *            | p24  p25| p26  p27| p28  p29|
- *       sC   |         |         |         |
- *            | p30  p31| p32  p33| p34  p35|
- *            +---------+---------+---------+
- *
- * Samples s0A-s2C were created by averaging the original pixel component
- * values centered at positions p0-p35 above.  To approximate one of those
- * original pixel component values, we proportionally blend the sample
- * containing the pixel center with the nearest neighboring samples in each
- * row, column, and diagonal.
- *
- * An upsampled pixel component value is computed by first blending the sample
- * containing the pixel center with the nearest neighboring samples in the
- * same column, in the ratio 3:1, and then blending each column sum with the
- * nearest neighboring column sum, in the ratio 3:1.  For example:
- *     p14(upsampled) = 3/4 * (3/4 * s1B + 1/4 * s1A) +
- *                      1/4 * (3/4 * s0B + 1/4 * s0A)
- *                    = 9/16 * s1B + 3/16 * s1A + 3/16 * s0B + 1/16 * s0A
- * When computing the first and last pixel component values in the row, there
- * is no horizontally adjacent sample to blend, so:
- *     p12(upsampled) = 3/4 * s0B + 1/4 * s0A
- *     p23(upsampled) = 3/4 * s2B + 1/4 * s2C
- * When computing the first and last pixel component values in the column,
- * there is no vertically adjacent sample to blend, so:
- *     p2(upsampled) = 3/4 * s1A + 1/4 * s0A
- *     p33(upsampled) = 3/4 * s1C + 1/4 * s2C
- * When computing the corner pixel component values, there is no adjacent
- * sample to blend, so:
- *     p0(upsampled) = s0A
- *     p35(upsampled) = s2C
- */
-
-void jsimd_h2v2_fancy_upsample_neon(int max_v_samp_factor,
-                                    JDIMENSION downsampled_width,
-                                    JSAMPARRAY input_data,
-                                    JSAMPARRAY *output_data_ptr)
-{
-  JSAMPARRAY output_data = *output_data_ptr;
-  JSAMPROW inptr0, inptr1, inptr2, outptr0, outptr1;
-  int inrow, outrow;
-  unsigned colctr;
-  /* Set up constants. */
-  const uint16x8_t seven_u16 = vdupq_n_u16(7);
-  const uint8x8_t three_u8 = vdup_n_u8(3);
-  const uint16x8_t three_u16 = vdupq_n_u16(3);
-
-  inrow = outrow = 0;
-  while (outrow < max_v_samp_factor) {
-    inptr0 = input_data[inrow - 1];
-    inptr1 = input_data[inrow];
-    inptr2 = input_data[inrow + 1];
-    /* Suffixes 0 and 1 denote the upper and lower rows of output pixels,
-     * respectively.
-     */
-    outptr0 = output_data[outrow++];
-    outptr1 = output_data[outrow++];
-
-    /* First pixel component value in this row of the original image */
-    int s0colsum0 = GETJSAMPLE(*inptr1) * 3 + GETJSAMPLE(*inptr0);
-    *outptr0 = (JSAMPLE)((s0colsum0 * 4 + 8) >> 4);
-    int s0colsum1 = GETJSAMPLE(*inptr1) * 3 + GETJSAMPLE(*inptr2);
-    *outptr1 = (JSAMPLE)((s0colsum1 * 4 + 8) >> 4);
-
-    /* Step 1: Blend samples vertically in columns s0 and s1.
-     * Leave the divide by 4 until the end, when it can be done for both
-     * dimensions at once, right-shifting by 4.
-     */
-
-    /* Load and compute s0colsum0 and s0colsum1. */
-    uint8x16_t s0A = vld1q_u8(inptr0);
-    uint8x16_t s0B = vld1q_u8(inptr1);
-    uint8x16_t s0C = vld1q_u8(inptr2);
-    /* Multiplication makes vectors twice as wide.  '_l' and '_h' suffixes
-     * denote low half and high half respectively.
-     */
-    uint16x8_t s0colsum0_l = vmlal_u8(vmovl_u8(vget_low_u8(s0A)),
-                                      vget_low_u8(s0B), three_u8);
-    uint16x8_t s0colsum0_h = vmlal_u8(vmovl_u8(vget_high_u8(s0A)),
-                                      vget_high_u8(s0B), three_u8);
-    uint16x8_t s0colsum1_l = vmlal_u8(vmovl_u8(vget_low_u8(s0C)),
-                                      vget_low_u8(s0B), three_u8);
-    uint16x8_t s0colsum1_h = vmlal_u8(vmovl_u8(vget_high_u8(s0C)),
-                                      vget_high_u8(s0B), three_u8);
-    /* Load and compute s1colsum0 and s1colsum1. */
-    uint8x16_t s1A = vld1q_u8(inptr0 + 1);
-    uint8x16_t s1B = vld1q_u8(inptr1 + 1);
-    uint8x16_t s1C = vld1q_u8(inptr2 + 1);
-    uint16x8_t s1colsum0_l = vmlal_u8(vmovl_u8(vget_low_u8(s1A)),
-                                      vget_low_u8(s1B), three_u8);
-    uint16x8_t s1colsum0_h = vmlal_u8(vmovl_u8(vget_high_u8(s1A)),
-                                      vget_high_u8(s1B), three_u8);
-    uint16x8_t s1colsum1_l = vmlal_u8(vmovl_u8(vget_low_u8(s1C)),
-                                      vget_low_u8(s1B), three_u8);
-    uint16x8_t s1colsum1_h = vmlal_u8(vmovl_u8(vget_high_u8(s1C)),
-                                      vget_high_u8(s1B), three_u8);
-
-    /* Step 2: Blend the already-blended columns. */
-
-    uint16x8_t output0_p1_l = vmlaq_u16(s1colsum0_l, s0colsum0_l, three_u16);
-    uint16x8_t output0_p1_h = vmlaq_u16(s1colsum0_h, s0colsum0_h, three_u16);
-    uint16x8_t output0_p2_l = vmlaq_u16(s0colsum0_l, s1colsum0_l, three_u16);
-    uint16x8_t output0_p2_h = vmlaq_u16(s0colsum0_h, s1colsum0_h, three_u16);
-    uint16x8_t output1_p1_l = vmlaq_u16(s1colsum1_l, s0colsum1_l, three_u16);
-    uint16x8_t output1_p1_h = vmlaq_u16(s1colsum1_h, s0colsum1_h, three_u16);
-    uint16x8_t output1_p2_l = vmlaq_u16(s0colsum1_l, s1colsum1_l, three_u16);
-    uint16x8_t output1_p2_h = vmlaq_u16(s0colsum1_h, s1colsum1_h, three_u16);
-    /* Add ordered dithering bias to odd pixel values. */
-    output0_p1_l = vaddq_u16(output0_p1_l, seven_u16);
-    output0_p1_h = vaddq_u16(output0_p1_h, seven_u16);
-    output1_p1_l = vaddq_u16(output1_p1_l, seven_u16);
-    output1_p1_h = vaddq_u16(output1_p1_h, seven_u16);
-    /* Right-shift by 4 (divide by 16), narrow to 8-bit, and combine. */
-    uint8x16x2_t output_pixels0 = { {
-      vcombine_u8(vshrn_n_u16(output0_p1_l, 4), vshrn_n_u16(output0_p1_h, 4)),
-      vcombine_u8(vrshrn_n_u16(output0_p2_l, 4), vrshrn_n_u16(output0_p2_h, 4))
-    } };
-    uint8x16x2_t output_pixels1 = { {
-      vcombine_u8(vshrn_n_u16(output1_p1_l, 4), vshrn_n_u16(output1_p1_h, 4)),
-      vcombine_u8(vrshrn_n_u16(output1_p2_l, 4), vrshrn_n_u16(output1_p2_h, 4))
-    } };
-
-    /* Store pixel component values to memory.
-     * The minimum size of the output buffer for each row is 64 bytes => no
-     * need to worry about buffer overflow here.  See "Creation of 2-D sample
-     * arrays" in jmemmgr.c for more details.
-     */
-    vst2q_u8(outptr0 + 1, output_pixels0);
-    vst2q_u8(outptr1 + 1, output_pixels1);
-
-    /* The first pixel of the image shifted our loads and stores by one byte.
-     * We have to re-align on a 32-byte boundary at some point before the end
-     * of the row (we do it now on the 32/33 pixel boundary) to stay within the
-     * bounds of the sample buffers without having to resort to a slow scalar
-     * tail case for the last (downsampled_width % 16) samples.  See "Creation
-     * of 2-D sample arrays" in jmemmgr.c for more details.
-     */
-    for (colctr = 16; colctr < downsampled_width; colctr += 16) {
-      /* Step 1: Blend samples vertically in columns s0 and s1. */
-
-      /* Load and compute s0colsum0 and s0colsum1. */
-      s0A = vld1q_u8(inptr0 + colctr - 1);
-      s0B = vld1q_u8(inptr1 + colctr - 1);
-      s0C = vld1q_u8(inptr2 + colctr - 1);
-      s0colsum0_l = vmlal_u8(vmovl_u8(vget_low_u8(s0A)), vget_low_u8(s0B),
-                             three_u8);
-      s0colsum0_h = vmlal_u8(vmovl_u8(vget_high_u8(s0A)), vget_high_u8(s0B),
-                             three_u8);
-      s0colsum1_l = vmlal_u8(vmovl_u8(vget_low_u8(s0C)), vget_low_u8(s0B),
-                             three_u8);
-      s0colsum1_h = vmlal_u8(vmovl_u8(vget_high_u8(s0C)), vget_high_u8(s0B),
-                             three_u8);
-      /* Load and compute s1colsum0 and s1colsum1. */
-      s1A = vld1q_u8(inptr0 + colctr);
-      s1B = vld1q_u8(inptr1 + colctr);
-      s1C = vld1q_u8(inptr2 + colctr);
-      s1colsum0_l = vmlal_u8(vmovl_u8(vget_low_u8(s1A)), vget_low_u8(s1B),
-                             three_u8);
-      s1colsum0_h = vmlal_u8(vmovl_u8(vget_high_u8(s1A)), vget_high_u8(s1B),
-                             three_u8);
-      s1colsum1_l = vmlal_u8(vmovl_u8(vget_low_u8(s1C)), vget_low_u8(s1B),
-                             three_u8);
-      s1colsum1_h = vmlal_u8(vmovl_u8(vget_high_u8(s1C)), vget_high_u8(s1B),
-                             three_u8);
-
-      /* Step 2: Blend the already-blended columns. */
-
-      output0_p1_l = vmlaq_u16(s1colsum0_l, s0colsum0_l, three_u16);
-      output0_p1_h = vmlaq_u16(s1colsum0_h, s0colsum0_h, three_u16);
-      output0_p2_l = vmlaq_u16(s0colsum0_l, s1colsum0_l, three_u16);
-      output0_p2_h = vmlaq_u16(s0colsum0_h, s1colsum0_h, three_u16);
-      output1_p1_l = vmlaq_u16(s1colsum1_l, s0colsum1_l, three_u16);
-      output1_p1_h = vmlaq_u16(s1colsum1_h, s0colsum1_h, three_u16);
-      output1_p2_l = vmlaq_u16(s0colsum1_l, s1colsum1_l, three_u16);
-      output1_p2_h = vmlaq_u16(s0colsum1_h, s1colsum1_h, three_u16);
-      /* Add ordered dithering bias to odd pixel values. */
-      output0_p1_l = vaddq_u16(output0_p1_l, seven_u16);
-      output0_p1_h = vaddq_u16(output0_p1_h, seven_u16);
-      output1_p1_l = vaddq_u16(output1_p1_l, seven_u16);
-      output1_p1_h = vaddq_u16(output1_p1_h, seven_u16);
-      /* Right-shift by 4 (divide by 16), narrow to 8-bit, and combine. */
-      output_pixels0.val[0] = vcombine_u8(vshrn_n_u16(output0_p1_l, 4),
-                                          vshrn_n_u16(output0_p1_h, 4));
-      output_pixels0.val[1] = vcombine_u8(vrshrn_n_u16(output0_p2_l, 4),
-                                          vrshrn_n_u16(output0_p2_h, 4));
-      output_pixels1.val[0] = vcombine_u8(vshrn_n_u16(output1_p1_l, 4),
-                                          vshrn_n_u16(output1_p1_h, 4));
-      output_pixels1.val[1] = vcombine_u8(vrshrn_n_u16(output1_p2_l, 4),
-                                          vrshrn_n_u16(output1_p2_h, 4));
-      /* Store pixel component values to memory. */
-      vst2q_u8(outptr0 + 2 * colctr - 1, output_pixels0);
-      vst2q_u8(outptr1 + 2 * colctr - 1, output_pixels1);
-    }
-
-    /* Last pixel component value in this row of the original image */
-    int s1colsum0 = GETJSAMPLE(inptr1[downsampled_width - 1]) * 3 +
-                    GETJSAMPLE(inptr0[downsampled_width - 1]);
-    outptr0[2 * downsampled_width - 1] = (JSAMPLE)((s1colsum0 * 4 + 7) >> 4);
-    int s1colsum1 = GETJSAMPLE(inptr1[downsampled_width - 1]) * 3 +
-                    GETJSAMPLE(inptr2[downsampled_width - 1]);
-    outptr1[2 * downsampled_width - 1] = (JSAMPLE)((s1colsum1 * 4 + 7) >> 4);
-    inrow++;
-  }
-}
-
-
-/* The diagram below shows a column of samples produced by h1v2 downsampling
- * (or by losslessly rotating or transposing an h2v1-downsampled image.)
- *
- *            +---------+
- *            |   p0    |
- *     sA     |         |
- *            |   p1    |
- *            +---------+
- *            |   p2    |
- *     sB     |         |
- *            |   p3    |
- *            +---------+
- *            |   p4    |
- *     sC     |         |
- *            |   p5    |
- *            +---------+
- *
- * Samples sA-sC were created by averaging the original pixel component values
- * centered at positions p0-p5 above.  To approximate those original pixel
- * component values, we proportionally blend the adjacent samples in each
- * column.
- *
- * An upsampled pixel component value is computed by blending the sample
- * containing the pixel center with the nearest neighboring sample, in the
- * ratio 3:1.  For example:
- *     p1(upsampled) = 3/4 * sA + 1/4 * sB
- *     p2(upsampled) = 3/4 * sB + 1/4 * sA
- * When computing the first and last pixel component values in the column,
- * there is no adjacent sample to blend, so:
- *     p0(upsampled) = sA
- *     p5(upsampled) = sC
- */
-
-void jsimd_h1v2_fancy_upsample_neon(int max_v_samp_factor,
-                                    JDIMENSION downsampled_width,
-                                    JSAMPARRAY input_data,
-                                    JSAMPARRAY *output_data_ptr)
-{
-  JSAMPARRAY output_data = *output_data_ptr;
-  JSAMPROW inptr0, inptr1, inptr2, outptr0, outptr1;
-  int inrow, outrow;
-  unsigned colctr;
-  /* Set up constants. */
-  const uint16x8_t one_u16 = vdupq_n_u16(1);
-  const uint8x8_t three_u8 = vdup_n_u8(3);
-
-  inrow = outrow = 0;
-  while (outrow < max_v_samp_factor) {
-    inptr0 = input_data[inrow - 1];
-    inptr1 = input_data[inrow];
-    inptr2 = input_data[inrow + 1];
-    /* Suffixes 0 and 1 denote the upper and lower rows of output pixels,
-     * respectively.
-     */
-    outptr0 = output_data[outrow++];
-    outptr1 = output_data[outrow++];
-    inrow++;
-
-    /* The size of the input and output buffers is always a multiple of 32
-     * bytes => no need to worry about buffer overflow when reading/writing
-     * memory.  See "Creation of 2-D sample arrays" in jmemmgr.c for more
-     * details.
-     */
-    for (colctr = 0; colctr < downsampled_width; colctr += 16) {
-      /* Load samples. */
-      uint8x16_t sA = vld1q_u8(inptr0 + colctr);
-      uint8x16_t sB = vld1q_u8(inptr1 + colctr);
-      uint8x16_t sC = vld1q_u8(inptr2 + colctr);
-      /* Blend samples vertically. */
-      uint16x8_t colsum0_l = vmlal_u8(vmovl_u8(vget_low_u8(sA)),
-                                      vget_low_u8(sB), three_u8);
-      uint16x8_t colsum0_h = vmlal_u8(vmovl_u8(vget_high_u8(sA)),
-                                      vget_high_u8(sB), three_u8);
-      uint16x8_t colsum1_l = vmlal_u8(vmovl_u8(vget_low_u8(sC)),
-                                      vget_low_u8(sB), three_u8);
-      uint16x8_t colsum1_h = vmlal_u8(vmovl_u8(vget_high_u8(sC)),
-                                      vget_high_u8(sB), three_u8);
-      /* Add ordered dithering bias to pixel values in even output rows. */
-      colsum0_l = vaddq_u16(colsum0_l, one_u16);
-      colsum0_h = vaddq_u16(colsum0_h, one_u16);
-      /* Right-shift by 2 (divide by 4), narrow to 8-bit, and combine. */
-      uint8x16_t output_pixels0 = vcombine_u8(vshrn_n_u16(colsum0_l, 2),
-                                              vshrn_n_u16(colsum0_h, 2));
-      uint8x16_t output_pixels1 = vcombine_u8(vrshrn_n_u16(colsum1_l, 2),
-                                              vrshrn_n_u16(colsum1_h, 2));
-      /* Store pixel component values to memory. */
-      vst1q_u8(outptr0 + colctr, output_pixels0);
-      vst1q_u8(outptr1 + colctr, output_pixels1);
-    }
-  }
-}
-
-
-/* The diagram below shows a row of samples produced by h2v1 downsampling.
- *
- *                s0        s1
- *            +---------+---------+
- *            |         |         |
- *            | p0   p1 | p2   p3 |
- *            |         |         |
- *            +---------+---------+
- *
- * Samples s0 and s1 were created by averaging the original pixel component
- * values centered at positions p0-p3 above.  To approximate those original
- * pixel component values, we duplicate the samples horizontally:
- *     p0(upsampled) = p1(upsampled) = s0
- *     p2(upsampled) = p3(upsampled) = s1
- */
-
-void jsimd_h2v1_upsample_neon(int max_v_samp_factor, JDIMENSION output_width,
-                              JSAMPARRAY input_data,
-                              JSAMPARRAY *output_data_ptr)
-{
-  JSAMPARRAY output_data = *output_data_ptr;
-  JSAMPROW inptr, outptr;
-  int inrow;
-  unsigned colctr;
-
-  for (inrow = 0; inrow < max_v_samp_factor; inrow++) {
-    inptr = input_data[inrow];
-    outptr = output_data[inrow];
-    for (colctr = 0; 2 * colctr < output_width; colctr += 16) {
-      uint8x16_t samples = vld1q_u8(inptr + colctr);
-      /* Duplicate the samples.  The store operation below interleaves them so
-       * that adjacent pixel component values take on the same sample value,
-       * per above.
-       */
-      uint8x16x2_t output_pixels = { { samples, samples } };
-      /* Store pixel component values to memory.
-       * Due to the way sample buffers are allocated, we don't need to worry
-       * about tail cases when output_width is not a multiple of 32.  See
-       * "Creation of 2-D sample arrays" in jmemmgr.c for details.
-       */
-      vst2q_u8(outptr + 2 * colctr, output_pixels);
-    }
-  }
-}
-
-
-/* The diagram below shows an array of samples produced by h2v2 downsampling.
- *
- *                s0        s1
- *            +---------+---------+
- *            | p0   p1 | p2   p3 |
- *       sA   |         |         |
- *            | p4   p5 | p6   p7 |
- *            +---------+---------+
- *            | p8   p9 | p10  p11|
- *       sB   |         |         |
- *            | p12  p13| p14  p15|
- *            +---------+---------+
- *
- * Samples s0A-s1B were created by averaging the original pixel component
- * values centered at positions p0-p15 above.  To approximate those original
- * pixel component values, we duplicate the samples both horizontally and
- * vertically:
- *     p0(upsampled) = p1(upsampled) = p4(upsampled) = p5(upsampled) = s0A
- *     p2(upsampled) = p3(upsampled) = p6(upsampled) = p7(upsampled) = s1A
- *     p8(upsampled) = p9(upsampled) = p12(upsampled) = p13(upsampled) = s0B
- *     p10(upsampled) = p11(upsampled) = p14(upsampled) = p15(upsampled) = s1B
- */
-
-void jsimd_h2v2_upsample_neon(int max_v_samp_factor, JDIMENSION output_width,
-                              JSAMPARRAY input_data,
-                              JSAMPARRAY *output_data_ptr)
-{
-  JSAMPARRAY output_data = *output_data_ptr;
-  JSAMPROW inptr, outptr0, outptr1;
-  int inrow, outrow;
-  unsigned colctr;
-
-  for (inrow = 0, outrow = 0; outrow < max_v_samp_factor; inrow++) {
-    inptr = input_data[inrow];
-    outptr0 = output_data[outrow++];
-    outptr1 = output_data[outrow++];
-
-    for (colctr = 0; 2 * colctr < output_width; colctr += 16) {
-      uint8x16_t samples = vld1q_u8(inptr + colctr);
-      /* Duplicate the samples.  The store operation below interleaves them so
-       * that adjacent pixel component values take on the same sample value,
-       * per above.
-       */
-      uint8x16x2_t output_pixels = { { samples, samples } };
-      /* Store pixel component values for both output rows to memory.
-       * Due to the way sample buffers are allocated, we don't need to worry
-       * about tail cases when output_width is not a multiple of 32.  See
-       * "Creation of 2-D sample arrays" in jmemmgr.c for details.
-       */
-      vst2q_u8(outptr0 + 2 * colctr, output_pixels);
-      vst2q_u8(outptr1 + 2 * colctr, output_pixels);
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jfdctfst-neon.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jfdctfst-neon.c
deleted file mode 100644
index bb371be..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jfdctfst-neon.c
+++ /dev/null
@@ -1,214 +0,0 @@
-/*
- * jfdctfst-neon.c - fast integer FDCT (Arm Neon)
- *
- * Copyright (C) 2020, Arm Limited.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#define JPEG_INTERNALS
-#include "../../jinclude.h"
-#include "../../jpeglib.h"
-#include "../../jsimd.h"
-#include "../../jdct.h"
-#include "../../jsimddct.h"
-#include "../jsimd.h"
-#include "align.h"
-
-#include <arm_neon.h>
-
-
-/* jsimd_fdct_ifast_neon() performs a fast, not so accurate forward DCT
- * (Discrete Cosine Transform) on one block of samples.  It uses the same
- * calculations and produces exactly the same output as IJG's original
- * jpeg_fdct_ifast() function, which can be found in jfdctfst.c.
- *
- * Scaled integer constants are used to avoid floating-point arithmetic:
- *    0.382683433 = 12544 * 2^-15
- *    0.541196100 = 17795 * 2^-15
- *    0.707106781 = 23168 * 2^-15
- *    0.306562965 =  9984 * 2^-15
- *
- * See jfdctfst.c for further details of the DCT algorithm.  Where possible,
- * the variable names and comments here in jsimd_fdct_ifast_neon() match up
- * with those in jpeg_fdct_ifast().
- */
-
-#define F_0_382  12544
-#define F_0_541  17792
-#define F_0_707  23168
-#define F_0_306  9984
-
-
-ALIGN(16) static const int16_t jsimd_fdct_ifast_neon_consts[] = {
-  F_0_382, F_0_541, F_0_707, F_0_306
-};
-
-void jsimd_fdct_ifast_neon(DCTELEM *data)
-{
-  /* Load an 8x8 block of samples into Neon registers.  De-interleaving loads
-   * are used, followed by vuzp to transpose the block such that we have a
-   * column of samples per vector - allowing all rows to be processed at once.
-   */
-  int16x8x4_t data1 = vld4q_s16(data);
-  int16x8x4_t data2 = vld4q_s16(data + 4 * DCTSIZE);
-
-  int16x8x2_t cols_04 = vuzpq_s16(data1.val[0], data2.val[0]);
-  int16x8x2_t cols_15 = vuzpq_s16(data1.val[1], data2.val[1]);
-  int16x8x2_t cols_26 = vuzpq_s16(data1.val[2], data2.val[2]);
-  int16x8x2_t cols_37 = vuzpq_s16(data1.val[3], data2.val[3]);
-
-  int16x8_t col0 = cols_04.val[0];
-  int16x8_t col1 = cols_15.val[0];
-  int16x8_t col2 = cols_26.val[0];
-  int16x8_t col3 = cols_37.val[0];
-  int16x8_t col4 = cols_04.val[1];
-  int16x8_t col5 = cols_15.val[1];
-  int16x8_t col6 = cols_26.val[1];
-  int16x8_t col7 = cols_37.val[1];
-
-  /* Pass 1: process rows. */
-
-  /* Load DCT conversion constants. */
-  const int16x4_t consts = vld1_s16(jsimd_fdct_ifast_neon_consts);
-
-  int16x8_t tmp0 = vaddq_s16(col0, col7);
-  int16x8_t tmp7 = vsubq_s16(col0, col7);
-  int16x8_t tmp1 = vaddq_s16(col1, col6);
-  int16x8_t tmp6 = vsubq_s16(col1, col6);
-  int16x8_t tmp2 = vaddq_s16(col2, col5);
-  int16x8_t tmp5 = vsubq_s16(col2, col5);
-  int16x8_t tmp3 = vaddq_s16(col3, col4);
-  int16x8_t tmp4 = vsubq_s16(col3, col4);
-
-  /* Even part */
-  int16x8_t tmp10 = vaddq_s16(tmp0, tmp3);    /* phase 2 */
-  int16x8_t tmp13 = vsubq_s16(tmp0, tmp3);
-  int16x8_t tmp11 = vaddq_s16(tmp1, tmp2);
-  int16x8_t tmp12 = vsubq_s16(tmp1, tmp2);
-
-  col0 = vaddq_s16(tmp10, tmp11);             /* phase 3 */
-  col4 = vsubq_s16(tmp10, tmp11);
-
-  int16x8_t z1 = vqdmulhq_lane_s16(vaddq_s16(tmp12, tmp13), consts, 2);
-  col2 = vaddq_s16(tmp13, z1);                /* phase 5 */
-  col6 = vsubq_s16(tmp13, z1);
-
-  /* Odd part */
-  tmp10 = vaddq_s16(tmp4, tmp5);              /* phase 2 */
-  tmp11 = vaddq_s16(tmp5, tmp6);
-  tmp12 = vaddq_s16(tmp6, tmp7);
-
-  int16x8_t z5 = vqdmulhq_lane_s16(vsubq_s16(tmp10, tmp12), consts, 0);
-  int16x8_t z2 = vqdmulhq_lane_s16(tmp10, consts, 1);
-  z2 = vaddq_s16(z2, z5);
-  int16x8_t z4 = vqdmulhq_lane_s16(tmp12, consts, 3);
-  z5 = vaddq_s16(tmp12, z5);
-  z4 = vaddq_s16(z4, z5);
-  int16x8_t z3 = vqdmulhq_lane_s16(tmp11, consts, 2);
-
-  int16x8_t z11 = vaddq_s16(tmp7, z3);        /* phase 5 */
-  int16x8_t z13 = vsubq_s16(tmp7, z3);
-
-  col5 = vaddq_s16(z13, z2);                  /* phase 6 */
-  col3 = vsubq_s16(z13, z2);
-  col1 = vaddq_s16(z11, z4);
-  col7 = vsubq_s16(z11, z4);
-
-  /* Transpose to work on columns in pass 2. */
-  int16x8x2_t cols_01 = vtrnq_s16(col0, col1);
-  int16x8x2_t cols_23 = vtrnq_s16(col2, col3);
-  int16x8x2_t cols_45 = vtrnq_s16(col4, col5);
-  int16x8x2_t cols_67 = vtrnq_s16(col6, col7);
-
-  int32x4x2_t cols_0145_l = vtrnq_s32(vreinterpretq_s32_s16(cols_01.val[0]),
-                                      vreinterpretq_s32_s16(cols_45.val[0]));
-  int32x4x2_t cols_0145_h = vtrnq_s32(vreinterpretq_s32_s16(cols_01.val[1]),
-                                      vreinterpretq_s32_s16(cols_45.val[1]));
-  int32x4x2_t cols_2367_l = vtrnq_s32(vreinterpretq_s32_s16(cols_23.val[0]),
-                                      vreinterpretq_s32_s16(cols_67.val[0]));
-  int32x4x2_t cols_2367_h = vtrnq_s32(vreinterpretq_s32_s16(cols_23.val[1]),
-                                      vreinterpretq_s32_s16(cols_67.val[1]));
-
-  int32x4x2_t rows_04 = vzipq_s32(cols_0145_l.val[0], cols_2367_l.val[0]);
-  int32x4x2_t rows_15 = vzipq_s32(cols_0145_h.val[0], cols_2367_h.val[0]);
-  int32x4x2_t rows_26 = vzipq_s32(cols_0145_l.val[1], cols_2367_l.val[1]);
-  int32x4x2_t rows_37 = vzipq_s32(cols_0145_h.val[1], cols_2367_h.val[1]);
-
-  int16x8_t row0 = vreinterpretq_s16_s32(rows_04.val[0]);
-  int16x8_t row1 = vreinterpretq_s16_s32(rows_15.val[0]);
-  int16x8_t row2 = vreinterpretq_s16_s32(rows_26.val[0]);
-  int16x8_t row3 = vreinterpretq_s16_s32(rows_37.val[0]);
-  int16x8_t row4 = vreinterpretq_s16_s32(rows_04.val[1]);
-  int16x8_t row5 = vreinterpretq_s16_s32(rows_15.val[1]);
-  int16x8_t row6 = vreinterpretq_s16_s32(rows_26.val[1]);
-  int16x8_t row7 = vreinterpretq_s16_s32(rows_37.val[1]);
-
-  /* Pass 2: process columns. */
-
-  tmp0 = vaddq_s16(row0, row7);
-  tmp7 = vsubq_s16(row0, row7);
-  tmp1 = vaddq_s16(row1, row6);
-  tmp6 = vsubq_s16(row1, row6);
-  tmp2 = vaddq_s16(row2, row5);
-  tmp5 = vsubq_s16(row2, row5);
-  tmp3 = vaddq_s16(row3, row4);
-  tmp4 = vsubq_s16(row3, row4);
-
-  /* Even part */
-  tmp10 = vaddq_s16(tmp0, tmp3);              /* phase 2 */
-  tmp13 = vsubq_s16(tmp0, tmp3);
-  tmp11 = vaddq_s16(tmp1, tmp2);
-  tmp12 = vsubq_s16(tmp1, tmp2);
-
-  row0 = vaddq_s16(tmp10, tmp11);             /* phase 3 */
-  row4 = vsubq_s16(tmp10, tmp11);
-
-  z1 = vqdmulhq_lane_s16(vaddq_s16(tmp12, tmp13), consts, 2);
-  row2 = vaddq_s16(tmp13, z1);                /* phase 5 */
-  row6 = vsubq_s16(tmp13, z1);
-
-  /* Odd part */
-  tmp10 = vaddq_s16(tmp4, tmp5);              /* phase 2 */
-  tmp11 = vaddq_s16(tmp5, tmp6);
-  tmp12 = vaddq_s16(tmp6, tmp7);
-
-  z5 = vqdmulhq_lane_s16(vsubq_s16(tmp10, tmp12), consts, 0);
-  z2 = vqdmulhq_lane_s16(tmp10, consts, 1);
-  z2 = vaddq_s16(z2, z5);
-  z4 = vqdmulhq_lane_s16(tmp12, consts, 3);
-  z5 = vaddq_s16(tmp12, z5);
-  z4 = vaddq_s16(z4, z5);
-  z3 = vqdmulhq_lane_s16(tmp11, consts, 2);
-
-  z11 = vaddq_s16(tmp7, z3);                  /* phase 5 */
-  z13 = vsubq_s16(tmp7, z3);
-
-  row5 = vaddq_s16(z13, z2);                  /* phase 6 */
-  row3 = vsubq_s16(z13, z2);
-  row1 = vaddq_s16(z11, z4);
-  row7 = vsubq_s16(z11, z4);
-
-  vst1q_s16(data + 0 * DCTSIZE, row0);
-  vst1q_s16(data + 1 * DCTSIZE, row1);
-  vst1q_s16(data + 2 * DCTSIZE, row2);
-  vst1q_s16(data + 3 * DCTSIZE, row3);
-  vst1q_s16(data + 4 * DCTSIZE, row4);
-  vst1q_s16(data + 5 * DCTSIZE, row5);
-  vst1q_s16(data + 6 * DCTSIZE, row6);
-  vst1q_s16(data + 7 * DCTSIZE, row7);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jfdctint-neon.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jfdctint-neon.c
deleted file mode 100644
index ccfc07b..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jfdctint-neon.c
+++ /dev/null
@@ -1,376 +0,0 @@
-/*
- * jfdctint-neon.c - accurate integer FDCT (Arm Neon)
- *
- * Copyright (C) 2020, Arm Limited.  All Rights Reserved.
- * Copyright (C) 2020, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#define JPEG_INTERNALS
-#include "../../jinclude.h"
-#include "../../jpeglib.h"
-#include "../../jsimd.h"
-#include "../../jdct.h"
-#include "../../jsimddct.h"
-#include "../jsimd.h"
-#include "align.h"
-#include "neon-compat.h"
-
-#include <arm_neon.h>
-
-
-/* jsimd_fdct_islow_neon() performs a slower but more accurate forward DCT
- * (Discrete Cosine Transform) on one block of samples.  It uses the same
- * calculations and produces exactly the same output as IJG's original
- * jpeg_fdct_islow() function, which can be found in jfdctint.c.
- *
- * Scaled integer constants are used to avoid floating-point arithmetic:
- *    0.298631336 =  2446 * 2^-13
- *    0.390180644 =  3196 * 2^-13
- *    0.541196100 =  4433 * 2^-13
- *    0.765366865 =  6270 * 2^-13
- *    0.899976223 =  7373 * 2^-13
- *    1.175875602 =  9633 * 2^-13
- *    1.501321110 = 12299 * 2^-13
- *    1.847759065 = 15137 * 2^-13
- *    1.961570560 = 16069 * 2^-13
- *    2.053119869 = 16819 * 2^-13
- *    2.562915447 = 20995 * 2^-13
- *    3.072711026 = 25172 * 2^-13
- *
- * See jfdctint.c for further details of the DCT algorithm.  Where possible,
- * the variable names and comments here in jsimd_fdct_islow_neon() match up
- * with those in jpeg_fdct_islow().
- */
-
-#define CONST_BITS  13
-#define PASS1_BITS  2
-
-#define DESCALE_P1  (CONST_BITS - PASS1_BITS)
-#define DESCALE_P2  (CONST_BITS + PASS1_BITS)
-
-#define F_0_298  2446
-#define F_0_390  3196
-#define F_0_541  4433
-#define F_0_765  6270
-#define F_0_899  7373
-#define F_1_175  9633
-#define F_1_501  12299
-#define F_1_847  15137
-#define F_1_961  16069
-#define F_2_053  16819
-#define F_2_562  20995
-#define F_3_072  25172
-
-
-ALIGN(16) static const int16_t jsimd_fdct_islow_neon_consts[] = {
-  F_0_298, -F_0_390,  F_0_541,  F_0_765,
- -F_0_899,  F_1_175,  F_1_501, -F_1_847,
- -F_1_961,  F_2_053, -F_2_562,  F_3_072
-};
-
-void jsimd_fdct_islow_neon(DCTELEM *data)
-{
-  /* Load DCT constants. */
-#ifdef HAVE_VLD1_S16_X3
-  const int16x4x3_t consts = vld1_s16_x3(jsimd_fdct_islow_neon_consts);
-#else
-  /* GCC does not currently support the intrinsic vld1_<type>_x3(). */
-  const int16x4_t consts1 = vld1_s16(jsimd_fdct_islow_neon_consts);
-  const int16x4_t consts2 = vld1_s16(jsimd_fdct_islow_neon_consts + 4);
-  const int16x4_t consts3 = vld1_s16(jsimd_fdct_islow_neon_consts + 8);
-  const int16x4x3_t consts = { { consts1, consts2, consts3 } };
-#endif
-
-  /* Load an 8x8 block of samples into Neon registers.  De-interleaving loads
-   * are used, followed by vuzp to transpose the block such that we have a
-   * column of samples per vector - allowing all rows to be processed at once.
-   */
-  int16x8x4_t s_rows_0123 = vld4q_s16(data);
-  int16x8x4_t s_rows_4567 = vld4q_s16(data + 4 * DCTSIZE);
-
-  int16x8x2_t cols_04 = vuzpq_s16(s_rows_0123.val[0], s_rows_4567.val[0]);
-  int16x8x2_t cols_15 = vuzpq_s16(s_rows_0123.val[1], s_rows_4567.val[1]);
-  int16x8x2_t cols_26 = vuzpq_s16(s_rows_0123.val[2], s_rows_4567.val[2]);
-  int16x8x2_t cols_37 = vuzpq_s16(s_rows_0123.val[3], s_rows_4567.val[3]);
-
-  int16x8_t col0 = cols_04.val[0];
-  int16x8_t col1 = cols_15.val[0];
-  int16x8_t col2 = cols_26.val[0];
-  int16x8_t col3 = cols_37.val[0];
-  int16x8_t col4 = cols_04.val[1];
-  int16x8_t col5 = cols_15.val[1];
-  int16x8_t col6 = cols_26.val[1];
-  int16x8_t col7 = cols_37.val[1];
-
-  /* Pass 1: process rows. */
-
-  int16x8_t tmp0 = vaddq_s16(col0, col7);
-  int16x8_t tmp7 = vsubq_s16(col0, col7);
-  int16x8_t tmp1 = vaddq_s16(col1, col6);
-  int16x8_t tmp6 = vsubq_s16(col1, col6);
-  int16x8_t tmp2 = vaddq_s16(col2, col5);
-  int16x8_t tmp5 = vsubq_s16(col2, col5);
-  int16x8_t tmp3 = vaddq_s16(col3, col4);
-  int16x8_t tmp4 = vsubq_s16(col3, col4);
-
-  /* Even part */
-  int16x8_t tmp10 = vaddq_s16(tmp0, tmp3);
-  int16x8_t tmp13 = vsubq_s16(tmp0, tmp3);
-  int16x8_t tmp11 = vaddq_s16(tmp1, tmp2);
-  int16x8_t tmp12 = vsubq_s16(tmp1, tmp2);
-
-  col0 = vshlq_n_s16(vaddq_s16(tmp10, tmp11), PASS1_BITS);
-  col4 = vshlq_n_s16(vsubq_s16(tmp10, tmp11), PASS1_BITS);
-
-  int16x8_t tmp12_add_tmp13 = vaddq_s16(tmp12, tmp13);
-  int32x4_t z1_l =
-    vmull_lane_s16(vget_low_s16(tmp12_add_tmp13), consts.val[0], 2);
-  int32x4_t z1_h =
-    vmull_lane_s16(vget_high_s16(tmp12_add_tmp13), consts.val[0], 2);
-
-  int32x4_t col2_scaled_l =
-    vmlal_lane_s16(z1_l, vget_low_s16(tmp13), consts.val[0], 3);
-  int32x4_t col2_scaled_h =
-    vmlal_lane_s16(z1_h, vget_high_s16(tmp13), consts.val[0], 3);
-  col2 = vcombine_s16(vrshrn_n_s32(col2_scaled_l, DESCALE_P1),
-                      vrshrn_n_s32(col2_scaled_h, DESCALE_P1));
-
-  int32x4_t col6_scaled_l =
-    vmlal_lane_s16(z1_l, vget_low_s16(tmp12), consts.val[1], 3);
-  int32x4_t col6_scaled_h =
-    vmlal_lane_s16(z1_h, vget_high_s16(tmp12), consts.val[1], 3);
-  col6 = vcombine_s16(vrshrn_n_s32(col6_scaled_l, DESCALE_P1),
-                      vrshrn_n_s32(col6_scaled_h, DESCALE_P1));
-
-  /* Odd part */
-  int16x8_t z1 = vaddq_s16(tmp4, tmp7);
-  int16x8_t z2 = vaddq_s16(tmp5, tmp6);
-  int16x8_t z3 = vaddq_s16(tmp4, tmp6);
-  int16x8_t z4 = vaddq_s16(tmp5, tmp7);
-  /* sqrt(2) * c3 */
-  int32x4_t z5_l = vmull_lane_s16(vget_low_s16(z3), consts.val[1], 1);
-  int32x4_t z5_h = vmull_lane_s16(vget_high_s16(z3), consts.val[1], 1);
-  z5_l = vmlal_lane_s16(z5_l, vget_low_s16(z4), consts.val[1], 1);
-  z5_h = vmlal_lane_s16(z5_h, vget_high_s16(z4), consts.val[1], 1);
-
-  /* sqrt(2) * (-c1+c3+c5-c7) */
-  int32x4_t tmp4_l = vmull_lane_s16(vget_low_s16(tmp4), consts.val[0], 0);
-  int32x4_t tmp4_h = vmull_lane_s16(vget_high_s16(tmp4), consts.val[0], 0);
-  /* sqrt(2) * ( c1+c3-c5+c7) */
-  int32x4_t tmp5_l = vmull_lane_s16(vget_low_s16(tmp5), consts.val[2], 1);
-  int32x4_t tmp5_h = vmull_lane_s16(vget_high_s16(tmp5), consts.val[2], 1);
-  /* sqrt(2) * ( c1+c3+c5-c7) */
-  int32x4_t tmp6_l = vmull_lane_s16(vget_low_s16(tmp6), consts.val[2], 3);
-  int32x4_t tmp6_h = vmull_lane_s16(vget_high_s16(tmp6), consts.val[2], 3);
-  /* sqrt(2) * ( c1+c3-c5-c7) */
-  int32x4_t tmp7_l = vmull_lane_s16(vget_low_s16(tmp7), consts.val[1], 2);
-  int32x4_t tmp7_h = vmull_lane_s16(vget_high_s16(tmp7), consts.val[1], 2);
-
-  /* sqrt(2) * (c7-c3) */
-  z1_l = vmull_lane_s16(vget_low_s16(z1), consts.val[1], 0);
-  z1_h = vmull_lane_s16(vget_high_s16(z1), consts.val[1], 0);
-  /* sqrt(2) * (-c1-c3) */
-  int32x4_t z2_l = vmull_lane_s16(vget_low_s16(z2), consts.val[2], 2);
-  int32x4_t z2_h = vmull_lane_s16(vget_high_s16(z2), consts.val[2], 2);
-  /* sqrt(2) * (-c3-c5) */
-  int32x4_t z3_l = vmull_lane_s16(vget_low_s16(z3), consts.val[2], 0);
-  int32x4_t z3_h = vmull_lane_s16(vget_high_s16(z3), consts.val[2], 0);
-  /* sqrt(2) * (c5-c3) */
-  int32x4_t z4_l = vmull_lane_s16(vget_low_s16(z4), consts.val[0], 1);
-  int32x4_t z4_h = vmull_lane_s16(vget_high_s16(z4), consts.val[0], 1);
-
-  z3_l = vaddq_s32(z3_l, z5_l);
-  z3_h = vaddq_s32(z3_h, z5_h);
-  z4_l = vaddq_s32(z4_l, z5_l);
-  z4_h = vaddq_s32(z4_h, z5_h);
-
-  tmp4_l = vaddq_s32(tmp4_l, z1_l);
-  tmp4_h = vaddq_s32(tmp4_h, z1_h);
-  tmp4_l = vaddq_s32(tmp4_l, z3_l);
-  tmp4_h = vaddq_s32(tmp4_h, z3_h);
-  col7 = vcombine_s16(vrshrn_n_s32(tmp4_l, DESCALE_P1),
-                      vrshrn_n_s32(tmp4_h, DESCALE_P1));
-
-  tmp5_l = vaddq_s32(tmp5_l, z2_l);
-  tmp5_h = vaddq_s32(tmp5_h, z2_h);
-  tmp5_l = vaddq_s32(tmp5_l, z4_l);
-  tmp5_h = vaddq_s32(tmp5_h, z4_h);
-  col5 = vcombine_s16(vrshrn_n_s32(tmp5_l, DESCALE_P1),
-                      vrshrn_n_s32(tmp5_h, DESCALE_P1));
-
-  tmp6_l = vaddq_s32(tmp6_l, z2_l);
-  tmp6_h = vaddq_s32(tmp6_h, z2_h);
-  tmp6_l = vaddq_s32(tmp6_l, z3_l);
-  tmp6_h = vaddq_s32(tmp6_h, z3_h);
-  col3 = vcombine_s16(vrshrn_n_s32(tmp6_l, DESCALE_P1),
-                      vrshrn_n_s32(tmp6_h, DESCALE_P1));
-
-  tmp7_l = vaddq_s32(tmp7_l, z1_l);
-  tmp7_h = vaddq_s32(tmp7_h, z1_h);
-  tmp7_l = vaddq_s32(tmp7_l, z4_l);
-  tmp7_h = vaddq_s32(tmp7_h, z4_h);
-  col1 = vcombine_s16(vrshrn_n_s32(tmp7_l, DESCALE_P1),
-                      vrshrn_n_s32(tmp7_h, DESCALE_P1));
-
-  /* Transpose to work on columns in pass 2. */
-  int16x8x2_t cols_01 = vtrnq_s16(col0, col1);
-  int16x8x2_t cols_23 = vtrnq_s16(col2, col3);
-  int16x8x2_t cols_45 = vtrnq_s16(col4, col5);
-  int16x8x2_t cols_67 = vtrnq_s16(col6, col7);
-
-  int32x4x2_t cols_0145_l = vtrnq_s32(vreinterpretq_s32_s16(cols_01.val[0]),
-                                      vreinterpretq_s32_s16(cols_45.val[0]));
-  int32x4x2_t cols_0145_h = vtrnq_s32(vreinterpretq_s32_s16(cols_01.val[1]),
-                                      vreinterpretq_s32_s16(cols_45.val[1]));
-  int32x4x2_t cols_2367_l = vtrnq_s32(vreinterpretq_s32_s16(cols_23.val[0]),
-                                      vreinterpretq_s32_s16(cols_67.val[0]));
-  int32x4x2_t cols_2367_h = vtrnq_s32(vreinterpretq_s32_s16(cols_23.val[1]),
-                                      vreinterpretq_s32_s16(cols_67.val[1]));
-
-  int32x4x2_t rows_04 = vzipq_s32(cols_0145_l.val[0], cols_2367_l.val[0]);
-  int32x4x2_t rows_15 = vzipq_s32(cols_0145_h.val[0], cols_2367_h.val[0]);
-  int32x4x2_t rows_26 = vzipq_s32(cols_0145_l.val[1], cols_2367_l.val[1]);
-  int32x4x2_t rows_37 = vzipq_s32(cols_0145_h.val[1], cols_2367_h.val[1]);
-
-  int16x8_t row0 = vreinterpretq_s16_s32(rows_04.val[0]);
-  int16x8_t row1 = vreinterpretq_s16_s32(rows_15.val[0]);
-  int16x8_t row2 = vreinterpretq_s16_s32(rows_26.val[0]);
-  int16x8_t row3 = vreinterpretq_s16_s32(rows_37.val[0]);
-  int16x8_t row4 = vreinterpretq_s16_s32(rows_04.val[1]);
-  int16x8_t row5 = vreinterpretq_s16_s32(rows_15.val[1]);
-  int16x8_t row6 = vreinterpretq_s16_s32(rows_26.val[1]);
-  int16x8_t row7 = vreinterpretq_s16_s32(rows_37.val[1]);
-
-  /* Pass 2: process columns. */
-
-  tmp0 = vaddq_s16(row0, row7);
-  tmp7 = vsubq_s16(row0, row7);
-  tmp1 = vaddq_s16(row1, row6);
-  tmp6 = vsubq_s16(row1, row6);
-  tmp2 = vaddq_s16(row2, row5);
-  tmp5 = vsubq_s16(row2, row5);
-  tmp3 = vaddq_s16(row3, row4);
-  tmp4 = vsubq_s16(row3, row4);
-
-  /* Even part */
-  tmp10 = vaddq_s16(tmp0, tmp3);
-  tmp13 = vsubq_s16(tmp0, tmp3);
-  tmp11 = vaddq_s16(tmp1, tmp2);
-  tmp12 = vsubq_s16(tmp1, tmp2);
-
-  row0 = vrshrq_n_s16(vaddq_s16(tmp10, tmp11), PASS1_BITS);
-  row4 = vrshrq_n_s16(vsubq_s16(tmp10, tmp11), PASS1_BITS);
-
-  tmp12_add_tmp13 = vaddq_s16(tmp12, tmp13);
-  z1_l = vmull_lane_s16(vget_low_s16(tmp12_add_tmp13), consts.val[0], 2);
-  z1_h = vmull_lane_s16(vget_high_s16(tmp12_add_tmp13), consts.val[0], 2);
-
-  int32x4_t row2_scaled_l =
-    vmlal_lane_s16(z1_l, vget_low_s16(tmp13), consts.val[0], 3);
-  int32x4_t row2_scaled_h =
-    vmlal_lane_s16(z1_h, vget_high_s16(tmp13), consts.val[0], 3);
-  row2 = vcombine_s16(vrshrn_n_s32(row2_scaled_l, DESCALE_P2),
-                      vrshrn_n_s32(row2_scaled_h, DESCALE_P2));
-
-  int32x4_t row6_scaled_l =
-    vmlal_lane_s16(z1_l, vget_low_s16(tmp12), consts.val[1], 3);
-  int32x4_t row6_scaled_h =
-    vmlal_lane_s16(z1_h, vget_high_s16(tmp12), consts.val[1], 3);
-  row6 = vcombine_s16(vrshrn_n_s32(row6_scaled_l, DESCALE_P2),
-                      vrshrn_n_s32(row6_scaled_h, DESCALE_P2));
-
-  /* Odd part */
-  z1 = vaddq_s16(tmp4, tmp7);
-  z2 = vaddq_s16(tmp5, tmp6);
-  z3 = vaddq_s16(tmp4, tmp6);
-  z4 = vaddq_s16(tmp5, tmp7);
-  /* sqrt(2) * c3 */
-  z5_l = vmull_lane_s16(vget_low_s16(z3), consts.val[1], 1);
-  z5_h = vmull_lane_s16(vget_high_s16(z3), consts.val[1], 1);
-  z5_l = vmlal_lane_s16(z5_l, vget_low_s16(z4), consts.val[1], 1);
-  z5_h = vmlal_lane_s16(z5_h, vget_high_s16(z4), consts.val[1], 1);
-
-  /* sqrt(2) * (-c1+c3+c5-c7) */
-  tmp4_l = vmull_lane_s16(vget_low_s16(tmp4), consts.val[0], 0);
-  tmp4_h = vmull_lane_s16(vget_high_s16(tmp4), consts.val[0], 0);
-  /* sqrt(2) * ( c1+c3-c5+c7) */
-  tmp5_l = vmull_lane_s16(vget_low_s16(tmp5), consts.val[2], 1);
-  tmp5_h = vmull_lane_s16(vget_high_s16(tmp5), consts.val[2], 1);
-  /* sqrt(2) * ( c1+c3+c5-c7) */
-  tmp6_l = vmull_lane_s16(vget_low_s16(tmp6), consts.val[2], 3);
-  tmp6_h = vmull_lane_s16(vget_high_s16(tmp6), consts.val[2], 3);
-  /* sqrt(2) * ( c1+c3-c5-c7) */
-  tmp7_l = vmull_lane_s16(vget_low_s16(tmp7), consts.val[1], 2);
-  tmp7_h = vmull_lane_s16(vget_high_s16(tmp7), consts.val[1], 2);
-
-  /* sqrt(2) * (c7-c3) */
-  z1_l = vmull_lane_s16(vget_low_s16(z1), consts.val[1], 0);
-  z1_h = vmull_lane_s16(vget_high_s16(z1), consts.val[1], 0);
-  /* sqrt(2) * (-c1-c3) */
-  z2_l = vmull_lane_s16(vget_low_s16(z2), consts.val[2], 2);
-  z2_h = vmull_lane_s16(vget_high_s16(z2), consts.val[2], 2);
-  /* sqrt(2) * (-c3-c5) */
-  z3_l = vmull_lane_s16(vget_low_s16(z3), consts.val[2], 0);
-  z3_h = vmull_lane_s16(vget_high_s16(z3), consts.val[2], 0);
-  /* sqrt(2) * (c5-c3) */
-  z4_l = vmull_lane_s16(vget_low_s16(z4), consts.val[0], 1);
-  z4_h = vmull_lane_s16(vget_high_s16(z4), consts.val[0], 1);
-
-  z3_l = vaddq_s32(z3_l, z5_l);
-  z3_h = vaddq_s32(z3_h, z5_h);
-  z4_l = vaddq_s32(z4_l, z5_l);
-  z4_h = vaddq_s32(z4_h, z5_h);
-
-  tmp4_l = vaddq_s32(tmp4_l, z1_l);
-  tmp4_h = vaddq_s32(tmp4_h, z1_h);
-  tmp4_l = vaddq_s32(tmp4_l, z3_l);
-  tmp4_h = vaddq_s32(tmp4_h, z3_h);
-  row7 = vcombine_s16(vrshrn_n_s32(tmp4_l, DESCALE_P2),
-                      vrshrn_n_s32(tmp4_h, DESCALE_P2));
-
-  tmp5_l = vaddq_s32(tmp5_l, z2_l);
-  tmp5_h = vaddq_s32(tmp5_h, z2_h);
-  tmp5_l = vaddq_s32(tmp5_l, z4_l);
-  tmp5_h = vaddq_s32(tmp5_h, z4_h);
-  row5 = vcombine_s16(vrshrn_n_s32(tmp5_l, DESCALE_P2),
-                      vrshrn_n_s32(tmp5_h, DESCALE_P2));
-
-  tmp6_l = vaddq_s32(tmp6_l, z2_l);
-  tmp6_h = vaddq_s32(tmp6_h, z2_h);
-  tmp6_l = vaddq_s32(tmp6_l, z3_l);
-  tmp6_h = vaddq_s32(tmp6_h, z3_h);
-  row3 = vcombine_s16(vrshrn_n_s32(tmp6_l, DESCALE_P2),
-                      vrshrn_n_s32(tmp6_h, DESCALE_P2));
-
-  tmp7_l = vaddq_s32(tmp7_l, z1_l);
-  tmp7_h = vaddq_s32(tmp7_h, z1_h);
-  tmp7_l = vaddq_s32(tmp7_l, z4_l);
-  tmp7_h = vaddq_s32(tmp7_h, z4_h);
-  row1 = vcombine_s16(vrshrn_n_s32(tmp7_l, DESCALE_P2),
-                      vrshrn_n_s32(tmp7_h, DESCALE_P2));
-
-  vst1q_s16(data + 0 * DCTSIZE, row0);
-  vst1q_s16(data + 1 * DCTSIZE, row1);
-  vst1q_s16(data + 2 * DCTSIZE, row2);
-  vst1q_s16(data + 3 * DCTSIZE, row3);
-  vst1q_s16(data + 4 * DCTSIZE, row4);
-  vst1q_s16(data + 5 * DCTSIZE, row5);
-  vst1q_s16(data + 6 * DCTSIZE, row6);
-  vst1q_s16(data + 7 * DCTSIZE, row7);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jidctfst-neon.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jidctfst-neon.c
deleted file mode 100644
index a91be53..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jidctfst-neon.c
+++ /dev/null
@@ -1,472 +0,0 @@
-/*
- * jidctfst-neon.c - fast integer IDCT (Arm Neon)
- *
- * Copyright (C) 2020, Arm Limited.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#define JPEG_INTERNALS
-#include "../../jinclude.h"
-#include "../../jpeglib.h"
-#include "../../jsimd.h"
-#include "../../jdct.h"
-#include "../../jsimddct.h"
-#include "../jsimd.h"
-#include "align.h"
-
-#include <arm_neon.h>
-
-
-/* jsimd_idct_ifast_neon() performs dequantization and a fast, not so accurate
- * inverse DCT (Discrete Cosine Transform) on one block of coefficients.  It
- * uses the same calculations and produces exactly the same output as IJG's
- * original jpeg_idct_ifast() function, which can be found in jidctfst.c.
- *
- * Scaled integer constants are used to avoid floating-point arithmetic:
- *    0.082392200 =  2688 * 2^-15
- *    0.414213562 = 13568 * 2^-15
- *    0.847759065 = 27776 * 2^-15
- *    0.613125930 = 20096 * 2^-15
- *
- * See jidctfst.c for further details of the IDCT algorithm.  Where possible,
- * the variable names and comments here in jsimd_idct_ifast_neon() match up
- * with those in jpeg_idct_ifast().
- */
-
-#define PASS1_BITS  2
-
-#define F_0_082  2688
-#define F_0_414  13568
-#define F_0_847  27776
-#define F_0_613  20096
-
-
-ALIGN(16) static const int16_t jsimd_idct_ifast_neon_consts[] = {
-  F_0_082, F_0_414, F_0_847, F_0_613
-};
-
-void jsimd_idct_ifast_neon(void *dct_table, JCOEFPTR coef_block,
-                           JSAMPARRAY output_buf, JDIMENSION output_col)
-{
-  IFAST_MULT_TYPE *quantptr = dct_table;
-
-  /* Load DCT coefficients. */
-  int16x8_t row0 = vld1q_s16(coef_block + 0 * DCTSIZE);
-  int16x8_t row1 = vld1q_s16(coef_block + 1 * DCTSIZE);
-  int16x8_t row2 = vld1q_s16(coef_block + 2 * DCTSIZE);
-  int16x8_t row3 = vld1q_s16(coef_block + 3 * DCTSIZE);
-  int16x8_t row4 = vld1q_s16(coef_block + 4 * DCTSIZE);
-  int16x8_t row5 = vld1q_s16(coef_block + 5 * DCTSIZE);
-  int16x8_t row6 = vld1q_s16(coef_block + 6 * DCTSIZE);
-  int16x8_t row7 = vld1q_s16(coef_block + 7 * DCTSIZE);
-
-  /* Load quantization table values for DC coefficients. */
-  int16x8_t quant_row0 = vld1q_s16(quantptr + 0 * DCTSIZE);
-  /* Dequantize DC coefficients. */
-  row0 = vmulq_s16(row0, quant_row0);
-
-  /* Construct bitmap to test if all AC coefficients are 0. */
-  int16x8_t bitmap = vorrq_s16(row1, row2);
-  bitmap = vorrq_s16(bitmap, row3);
-  bitmap = vorrq_s16(bitmap, row4);
-  bitmap = vorrq_s16(bitmap, row5);
-  bitmap = vorrq_s16(bitmap, row6);
-  bitmap = vorrq_s16(bitmap, row7);
-
-  int64_t left_ac_bitmap = vgetq_lane_s64(vreinterpretq_s64_s16(bitmap), 0);
-  int64_t right_ac_bitmap = vgetq_lane_s64(vreinterpretq_s64_s16(bitmap), 1);
-
-  /* Load IDCT conversion constants. */
-  const int16x4_t consts = vld1_s16(jsimd_idct_ifast_neon_consts);
-
-  if (left_ac_bitmap == 0 && right_ac_bitmap == 0) {
-    /* All AC coefficients are zero.
-     * Compute DC values and duplicate into vectors.
-     */
-    int16x8_t dcval = row0;
-    row1 = dcval;
-    row2 = dcval;
-    row3 = dcval;
-    row4 = dcval;
-    row5 = dcval;
-    row6 = dcval;
-    row7 = dcval;
-  } else if (left_ac_bitmap == 0) {
-    /* AC coefficients are zero for columns 0, 1, 2, and 3.
-     * Use DC values for these columns.
-     */
-    int16x4_t dcval = vget_low_s16(row0);
-
-    /* Commence regular fast IDCT computation for columns 4, 5, 6, and 7. */
-
-    /* Load quantization table. */
-    int16x4_t quant_row1 = vld1_s16(quantptr + 1 * DCTSIZE + 4);
-    int16x4_t quant_row2 = vld1_s16(quantptr + 2 * DCTSIZE + 4);
-    int16x4_t quant_row3 = vld1_s16(quantptr + 3 * DCTSIZE + 4);
-    int16x4_t quant_row4 = vld1_s16(quantptr + 4 * DCTSIZE + 4);
-    int16x4_t quant_row5 = vld1_s16(quantptr + 5 * DCTSIZE + 4);
-    int16x4_t quant_row6 = vld1_s16(quantptr + 6 * DCTSIZE + 4);
-    int16x4_t quant_row7 = vld1_s16(quantptr + 7 * DCTSIZE + 4);
-
-    /* Even part: dequantize DCT coefficients. */
-    int16x4_t tmp0 = vget_high_s16(row0);
-    int16x4_t tmp1 = vmul_s16(vget_high_s16(row2), quant_row2);
-    int16x4_t tmp2 = vmul_s16(vget_high_s16(row4), quant_row4);
-    int16x4_t tmp3 = vmul_s16(vget_high_s16(row6), quant_row6);
-
-    int16x4_t tmp10 = vadd_s16(tmp0, tmp2);   /* phase 3 */
-    int16x4_t tmp11 = vsub_s16(tmp0, tmp2);
-
-    int16x4_t tmp13 = vadd_s16(tmp1, tmp3);   /* phases 5-3 */
-    int16x4_t tmp1_sub_tmp3 = vsub_s16(tmp1, tmp3);
-    int16x4_t tmp12 = vqdmulh_lane_s16(tmp1_sub_tmp3, consts, 1);
-    tmp12 = vadd_s16(tmp12, tmp1_sub_tmp3);
-    tmp12 = vsub_s16(tmp12, tmp13);
-
-    tmp0 = vadd_s16(tmp10, tmp13);            /* phase 2 */
-    tmp3 = vsub_s16(tmp10, tmp13);
-    tmp1 = vadd_s16(tmp11, tmp12);
-    tmp2 = vsub_s16(tmp11, tmp12);
-
-    /* Odd part: dequantize DCT coefficients. */
-    int16x4_t tmp4 = vmul_s16(vget_high_s16(row1), quant_row1);
-    int16x4_t tmp5 = vmul_s16(vget_high_s16(row3), quant_row3);
-    int16x4_t tmp6 = vmul_s16(vget_high_s16(row5), quant_row5);
-    int16x4_t tmp7 = vmul_s16(vget_high_s16(row7), quant_row7);
-
-    int16x4_t z13 = vadd_s16(tmp6, tmp5);     /* phase 6 */
-    int16x4_t neg_z10 = vsub_s16(tmp5, tmp6);
-    int16x4_t z11 = vadd_s16(tmp4, tmp7);
-    int16x4_t z12 = vsub_s16(tmp4, tmp7);
-
-    tmp7 = vadd_s16(z11, z13);                /* phase 5 */
-    int16x4_t z11_sub_z13 = vsub_s16(z11, z13);
-    tmp11 = vqdmulh_lane_s16(z11_sub_z13, consts, 1);
-    tmp11 = vadd_s16(tmp11, z11_sub_z13);
-
-    int16x4_t z10_add_z12 = vsub_s16(z12, neg_z10);
-    int16x4_t z5 = vqdmulh_lane_s16(z10_add_z12, consts, 2);
-    z5 = vadd_s16(z5, z10_add_z12);
-    tmp10 = vqdmulh_lane_s16(z12, consts, 0);
-    tmp10 = vadd_s16(tmp10, z12);
-    tmp10 = vsub_s16(tmp10, z5);
-    tmp12 = vqdmulh_lane_s16(neg_z10, consts, 3);
-    tmp12 = vadd_s16(tmp12, vadd_s16(neg_z10, neg_z10));
-    tmp12 = vadd_s16(tmp12, z5);
-
-    tmp6 = vsub_s16(tmp12, tmp7);             /* phase 2 */
-    tmp5 = vsub_s16(tmp11, tmp6);
-    tmp4 = vadd_s16(tmp10, tmp5);
-
-    row0 = vcombine_s16(dcval, vadd_s16(tmp0, tmp7));
-    row7 = vcombine_s16(dcval, vsub_s16(tmp0, tmp7));
-    row1 = vcombine_s16(dcval, vadd_s16(tmp1, tmp6));
-    row6 = vcombine_s16(dcval, vsub_s16(tmp1, tmp6));
-    row2 = vcombine_s16(dcval, vadd_s16(tmp2, tmp5));
-    row5 = vcombine_s16(dcval, vsub_s16(tmp2, tmp5));
-    row4 = vcombine_s16(dcval, vadd_s16(tmp3, tmp4));
-    row3 = vcombine_s16(dcval, vsub_s16(tmp3, tmp4));
-  } else if (right_ac_bitmap == 0) {
-    /* AC coefficients are zero for columns 4, 5, 6, and 7.
-     * Use DC values for these columns.
-     */
-    int16x4_t dcval = vget_high_s16(row0);
-
-    /* Commence regular fast IDCT computation for columns 0, 1, 2, and 3. */
-
-    /* Load quantization table. */
-    int16x4_t quant_row1 = vld1_s16(quantptr + 1 * DCTSIZE);
-    int16x4_t quant_row2 = vld1_s16(quantptr + 2 * DCTSIZE);
-    int16x4_t quant_row3 = vld1_s16(quantptr + 3 * DCTSIZE);
-    int16x4_t quant_row4 = vld1_s16(quantptr + 4 * DCTSIZE);
-    int16x4_t quant_row5 = vld1_s16(quantptr + 5 * DCTSIZE);
-    int16x4_t quant_row6 = vld1_s16(quantptr + 6 * DCTSIZE);
-    int16x4_t quant_row7 = vld1_s16(quantptr + 7 * DCTSIZE);
-
-    /* Even part: dequantize DCT coefficients. */
-    int16x4_t tmp0 = vget_low_s16(row0);
-    int16x4_t tmp1 = vmul_s16(vget_low_s16(row2), quant_row2);
-    int16x4_t tmp2 = vmul_s16(vget_low_s16(row4), quant_row4);
-    int16x4_t tmp3 = vmul_s16(vget_low_s16(row6), quant_row6);
-
-    int16x4_t tmp10 = vadd_s16(tmp0, tmp2);   /* phase 3 */
-    int16x4_t tmp11 = vsub_s16(tmp0, tmp2);
-
-    int16x4_t tmp13 = vadd_s16(tmp1, tmp3);   /* phases 5-3 */
-    int16x4_t tmp1_sub_tmp3 = vsub_s16(tmp1, tmp3);
-    int16x4_t tmp12 = vqdmulh_lane_s16(tmp1_sub_tmp3, consts, 1);
-    tmp12 = vadd_s16(tmp12, tmp1_sub_tmp3);
-    tmp12 = vsub_s16(tmp12, tmp13);
-
-    tmp0 = vadd_s16(tmp10, tmp13);            /* phase 2 */
-    tmp3 = vsub_s16(tmp10, tmp13);
-    tmp1 = vadd_s16(tmp11, tmp12);
-    tmp2 = vsub_s16(tmp11, tmp12);
-
-    /* Odd part: dequantize DCT coefficients. */
-    int16x4_t tmp4 = vmul_s16(vget_low_s16(row1), quant_row1);
-    int16x4_t tmp5 = vmul_s16(vget_low_s16(row3), quant_row3);
-    int16x4_t tmp6 = vmul_s16(vget_low_s16(row5), quant_row5);
-    int16x4_t tmp7 = vmul_s16(vget_low_s16(row7), quant_row7);
-
-    int16x4_t z13 = vadd_s16(tmp6, tmp5);     /* phase 6 */
-    int16x4_t neg_z10 = vsub_s16(tmp5, tmp6);
-    int16x4_t z11 = vadd_s16(tmp4, tmp7);
-    int16x4_t z12 = vsub_s16(tmp4, tmp7);
-
-    tmp7 = vadd_s16(z11, z13);                /* phase 5 */
-    int16x4_t z11_sub_z13 = vsub_s16(z11, z13);
-    tmp11 = vqdmulh_lane_s16(z11_sub_z13, consts, 1);
-    tmp11 = vadd_s16(tmp11, z11_sub_z13);
-
-    int16x4_t z10_add_z12 = vsub_s16(z12, neg_z10);
-    int16x4_t z5 = vqdmulh_lane_s16(z10_add_z12, consts, 2);
-    z5 = vadd_s16(z5, z10_add_z12);
-    tmp10 = vqdmulh_lane_s16(z12, consts, 0);
-    tmp10 = vadd_s16(tmp10, z12);
-    tmp10 = vsub_s16(tmp10, z5);
-    tmp12 = vqdmulh_lane_s16(neg_z10, consts, 3);
-    tmp12 = vadd_s16(tmp12, vadd_s16(neg_z10, neg_z10));
-    tmp12 = vadd_s16(tmp12, z5);
-
-    tmp6 = vsub_s16(tmp12, tmp7);             /* phase 2 */
-    tmp5 = vsub_s16(tmp11, tmp6);
-    tmp4 = vadd_s16(tmp10, tmp5);
-
-    row0 = vcombine_s16(vadd_s16(tmp0, tmp7), dcval);
-    row7 = vcombine_s16(vsub_s16(tmp0, tmp7), dcval);
-    row1 = vcombine_s16(vadd_s16(tmp1, tmp6), dcval);
-    row6 = vcombine_s16(vsub_s16(tmp1, tmp6), dcval);
-    row2 = vcombine_s16(vadd_s16(tmp2, tmp5), dcval);
-    row5 = vcombine_s16(vsub_s16(tmp2, tmp5), dcval);
-    row4 = vcombine_s16(vadd_s16(tmp3, tmp4), dcval);
-    row3 = vcombine_s16(vsub_s16(tmp3, tmp4), dcval);
-  } else {
-    /* Some AC coefficients are non-zero; full IDCT calculation required. */
-
-    /* Load quantization table. */
-    int16x8_t quant_row1 = vld1q_s16(quantptr + 1 * DCTSIZE);
-    int16x8_t quant_row2 = vld1q_s16(quantptr + 2 * DCTSIZE);
-    int16x8_t quant_row3 = vld1q_s16(quantptr + 3 * DCTSIZE);
-    int16x8_t quant_row4 = vld1q_s16(quantptr + 4 * DCTSIZE);
-    int16x8_t quant_row5 = vld1q_s16(quantptr + 5 * DCTSIZE);
-    int16x8_t quant_row6 = vld1q_s16(quantptr + 6 * DCTSIZE);
-    int16x8_t quant_row7 = vld1q_s16(quantptr + 7 * DCTSIZE);
-
-    /* Even part: dequantize DCT coefficients. */
-    int16x8_t tmp0 = row0;
-    int16x8_t tmp1 = vmulq_s16(row2, quant_row2);
-    int16x8_t tmp2 = vmulq_s16(row4, quant_row4);
-    int16x8_t tmp3 = vmulq_s16(row6, quant_row6);
-
-    int16x8_t tmp10 = vaddq_s16(tmp0, tmp2);   /* phase 3 */
-    int16x8_t tmp11 = vsubq_s16(tmp0, tmp2);
-
-    int16x8_t tmp13 = vaddq_s16(tmp1, tmp3);   /* phases 5-3 */
-    int16x8_t tmp1_sub_tmp3 = vsubq_s16(tmp1, tmp3);
-    int16x8_t tmp12 = vqdmulhq_lane_s16(tmp1_sub_tmp3, consts, 1);
-    tmp12 = vaddq_s16(tmp12, tmp1_sub_tmp3);
-    tmp12 = vsubq_s16(tmp12, tmp13);
-
-    tmp0 = vaddq_s16(tmp10, tmp13);            /* phase 2 */
-    tmp3 = vsubq_s16(tmp10, tmp13);
-    tmp1 = vaddq_s16(tmp11, tmp12);
-    tmp2 = vsubq_s16(tmp11, tmp12);
-
-    /* Odd part: dequantize DCT coefficients. */
-    int16x8_t tmp4 = vmulq_s16(row1, quant_row1);
-    int16x8_t tmp5 = vmulq_s16(row3, quant_row3);
-    int16x8_t tmp6 = vmulq_s16(row5, quant_row5);
-    int16x8_t tmp7 = vmulq_s16(row7, quant_row7);
-
-    int16x8_t z13 = vaddq_s16(tmp6, tmp5);     /* phase 6 */
-    int16x8_t neg_z10 = vsubq_s16(tmp5, tmp6);
-    int16x8_t z11 = vaddq_s16(tmp4, tmp7);
-    int16x8_t z12 = vsubq_s16(tmp4, tmp7);
-
-    tmp7 = vaddq_s16(z11, z13);                /* phase 5 */
-    int16x8_t z11_sub_z13 = vsubq_s16(z11, z13);
-    tmp11 = vqdmulhq_lane_s16(z11_sub_z13, consts, 1);
-    tmp11 = vaddq_s16(tmp11, z11_sub_z13);
-
-    int16x8_t z10_add_z12 = vsubq_s16(z12, neg_z10);
-    int16x8_t z5 = vqdmulhq_lane_s16(z10_add_z12, consts, 2);
-    z5 = vaddq_s16(z5, z10_add_z12);
-    tmp10 = vqdmulhq_lane_s16(z12, consts, 0);
-    tmp10 = vaddq_s16(tmp10, z12);
-    tmp10 = vsubq_s16(tmp10, z5);
-    tmp12 = vqdmulhq_lane_s16(neg_z10, consts, 3);
-    tmp12 = vaddq_s16(tmp12, vaddq_s16(neg_z10, neg_z10));
-    tmp12 = vaddq_s16(tmp12, z5);
-
-    tmp6 = vsubq_s16(tmp12, tmp7);             /* phase 2 */
-    tmp5 = vsubq_s16(tmp11, tmp6);
-    tmp4 = vaddq_s16(tmp10, tmp5);
-
-    row0 = vaddq_s16(tmp0, tmp7);
-    row7 = vsubq_s16(tmp0, tmp7);
-    row1 = vaddq_s16(tmp1, tmp6);
-    row6 = vsubq_s16(tmp1, tmp6);
-    row2 = vaddq_s16(tmp2, tmp5);
-    row5 = vsubq_s16(tmp2, tmp5);
-    row4 = vaddq_s16(tmp3, tmp4);
-    row3 = vsubq_s16(tmp3, tmp4);
-  }
-
-  /* Transpose rows to work on columns in pass 2. */
-  int16x8x2_t rows_01 = vtrnq_s16(row0, row1);
-  int16x8x2_t rows_23 = vtrnq_s16(row2, row3);
-  int16x8x2_t rows_45 = vtrnq_s16(row4, row5);
-  int16x8x2_t rows_67 = vtrnq_s16(row6, row7);
-
-  int32x4x2_t rows_0145_l = vtrnq_s32(vreinterpretq_s32_s16(rows_01.val[0]),
-                                      vreinterpretq_s32_s16(rows_45.val[0]));
-  int32x4x2_t rows_0145_h = vtrnq_s32(vreinterpretq_s32_s16(rows_01.val[1]),
-                                      vreinterpretq_s32_s16(rows_45.val[1]));
-  int32x4x2_t rows_2367_l = vtrnq_s32(vreinterpretq_s32_s16(rows_23.val[0]),
-                                      vreinterpretq_s32_s16(rows_67.val[0]));
-  int32x4x2_t rows_2367_h = vtrnq_s32(vreinterpretq_s32_s16(rows_23.val[1]),
-                                      vreinterpretq_s32_s16(rows_67.val[1]));
-
-  int32x4x2_t cols_04 = vzipq_s32(rows_0145_l.val[0], rows_2367_l.val[0]);
-  int32x4x2_t cols_15 = vzipq_s32(rows_0145_h.val[0], rows_2367_h.val[0]);
-  int32x4x2_t cols_26 = vzipq_s32(rows_0145_l.val[1], rows_2367_l.val[1]);
-  int32x4x2_t cols_37 = vzipq_s32(rows_0145_h.val[1], rows_2367_h.val[1]);
-
-  int16x8_t col0 = vreinterpretq_s16_s32(cols_04.val[0]);
-  int16x8_t col1 = vreinterpretq_s16_s32(cols_15.val[0]);
-  int16x8_t col2 = vreinterpretq_s16_s32(cols_26.val[0]);
-  int16x8_t col3 = vreinterpretq_s16_s32(cols_37.val[0]);
-  int16x8_t col4 = vreinterpretq_s16_s32(cols_04.val[1]);
-  int16x8_t col5 = vreinterpretq_s16_s32(cols_15.val[1]);
-  int16x8_t col6 = vreinterpretq_s16_s32(cols_26.val[1]);
-  int16x8_t col7 = vreinterpretq_s16_s32(cols_37.val[1]);
-
-  /* 1-D IDCT, pass 2 */
-
-  /* Even part */
-  int16x8_t tmp10 = vaddq_s16(col0, col4);
-  int16x8_t tmp11 = vsubq_s16(col0, col4);
-
-  int16x8_t tmp13 = vaddq_s16(col2, col6);
-  int16x8_t col2_sub_col6 = vsubq_s16(col2, col6);
-  int16x8_t tmp12 = vqdmulhq_lane_s16(col2_sub_col6, consts, 1);
-  tmp12 = vaddq_s16(tmp12, col2_sub_col6);
-  tmp12 = vsubq_s16(tmp12, tmp13);
-
-  int16x8_t tmp0 = vaddq_s16(tmp10, tmp13);
-  int16x8_t tmp3 = vsubq_s16(tmp10, tmp13);
-  int16x8_t tmp1 = vaddq_s16(tmp11, tmp12);
-  int16x8_t tmp2 = vsubq_s16(tmp11, tmp12);
-
-  /* Odd part */
-  int16x8_t z13 = vaddq_s16(col5, col3);
-  int16x8_t neg_z10 = vsubq_s16(col3, col5);
-  int16x8_t z11 = vaddq_s16(col1, col7);
-  int16x8_t z12 = vsubq_s16(col1, col7);
-
-  int16x8_t tmp7 = vaddq_s16(z11, z13);      /* phase 5 */
-  int16x8_t z11_sub_z13 = vsubq_s16(z11, z13);
-  tmp11 = vqdmulhq_lane_s16(z11_sub_z13, consts, 1);
-  tmp11 = vaddq_s16(tmp11, z11_sub_z13);
-
-  int16x8_t z10_add_z12 = vsubq_s16(z12, neg_z10);
-  int16x8_t z5 = vqdmulhq_lane_s16(z10_add_z12, consts, 2);
-  z5 = vaddq_s16(z5, z10_add_z12);
-  tmp10 = vqdmulhq_lane_s16(z12, consts, 0);
-  tmp10 = vaddq_s16(tmp10, z12);
-  tmp10 = vsubq_s16(tmp10, z5);
-  tmp12 = vqdmulhq_lane_s16(neg_z10, consts, 3);
-  tmp12 = vaddq_s16(tmp12, vaddq_s16(neg_z10, neg_z10));
-  tmp12 = vaddq_s16(tmp12, z5);
-
-  int16x8_t tmp6 = vsubq_s16(tmp12, tmp7);   /* phase 2 */
-  int16x8_t tmp5 = vsubq_s16(tmp11, tmp6);
-  int16x8_t tmp4 = vaddq_s16(tmp10, tmp5);
-
-  col0 = vaddq_s16(tmp0, tmp7);
-  col7 = vsubq_s16(tmp0, tmp7);
-  col1 = vaddq_s16(tmp1, tmp6);
-  col6 = vsubq_s16(tmp1, tmp6);
-  col2 = vaddq_s16(tmp2, tmp5);
-  col5 = vsubq_s16(tmp2, tmp5);
-  col4 = vaddq_s16(tmp3, tmp4);
-  col3 = vsubq_s16(tmp3, tmp4);
-
-  /* Scale down by a factor of 8, narrowing to 8-bit. */
-  int8x16_t cols_01_s8 = vcombine_s8(vqshrn_n_s16(col0, PASS1_BITS + 3),
-                                     vqshrn_n_s16(col1, PASS1_BITS + 3));
-  int8x16_t cols_45_s8 = vcombine_s8(vqshrn_n_s16(col4, PASS1_BITS + 3),
-                                     vqshrn_n_s16(col5, PASS1_BITS + 3));
-  int8x16_t cols_23_s8 = vcombine_s8(vqshrn_n_s16(col2, PASS1_BITS + 3),
-                                     vqshrn_n_s16(col3, PASS1_BITS + 3));
-  int8x16_t cols_67_s8 = vcombine_s8(vqshrn_n_s16(col6, PASS1_BITS + 3),
-                                     vqshrn_n_s16(col7, PASS1_BITS + 3));
-  /* Clamp to range [0-255]. */
-  uint8x16_t cols_01 =
-    vreinterpretq_u8_s8
-      (vaddq_s8(cols_01_s8, vreinterpretq_s8_u8(vdupq_n_u8(CENTERJSAMPLE))));
-  uint8x16_t cols_45 =
-    vreinterpretq_u8_s8
-      (vaddq_s8(cols_45_s8, vreinterpretq_s8_u8(vdupq_n_u8(CENTERJSAMPLE))));
-  uint8x16_t cols_23 =
-    vreinterpretq_u8_s8
-      (vaddq_s8(cols_23_s8, vreinterpretq_s8_u8(vdupq_n_u8(CENTERJSAMPLE))));
-  uint8x16_t cols_67 =
-    vreinterpretq_u8_s8
-      (vaddq_s8(cols_67_s8, vreinterpretq_s8_u8(vdupq_n_u8(CENTERJSAMPLE))));
-
-  /* Transpose block to prepare for store. */
-  uint32x4x2_t cols_0415 = vzipq_u32(vreinterpretq_u32_u8(cols_01),
-                                     vreinterpretq_u32_u8(cols_45));
-  uint32x4x2_t cols_2637 = vzipq_u32(vreinterpretq_u32_u8(cols_23),
-                                     vreinterpretq_u32_u8(cols_67));
-
-  uint8x16x2_t cols_0145 = vtrnq_u8(vreinterpretq_u8_u32(cols_0415.val[0]),
-                                    vreinterpretq_u8_u32(cols_0415.val[1]));
-  uint8x16x2_t cols_2367 = vtrnq_u8(vreinterpretq_u8_u32(cols_2637.val[0]),
-                                    vreinterpretq_u8_u32(cols_2637.val[1]));
-  uint16x8x2_t rows_0426 = vtrnq_u16(vreinterpretq_u16_u8(cols_0145.val[0]),
-                                     vreinterpretq_u16_u8(cols_2367.val[0]));
-  uint16x8x2_t rows_1537 = vtrnq_u16(vreinterpretq_u16_u8(cols_0145.val[1]),
-                                     vreinterpretq_u16_u8(cols_2367.val[1]));
-
-  uint8x16_t rows_04 = vreinterpretq_u8_u16(rows_0426.val[0]);
-  uint8x16_t rows_15 = vreinterpretq_u8_u16(rows_1537.val[0]);
-  uint8x16_t rows_26 = vreinterpretq_u8_u16(rows_0426.val[1]);
-  uint8x16_t rows_37 = vreinterpretq_u8_u16(rows_1537.val[1]);
-
-  JSAMPROW outptr0 = output_buf[0] + output_col;
-  JSAMPROW outptr1 = output_buf[1] + output_col;
-  JSAMPROW outptr2 = output_buf[2] + output_col;
-  JSAMPROW outptr3 = output_buf[3] + output_col;
-  JSAMPROW outptr4 = output_buf[4] + output_col;
-  JSAMPROW outptr5 = output_buf[5] + output_col;
-  JSAMPROW outptr6 = output_buf[6] + output_col;
-  JSAMPROW outptr7 = output_buf[7] + output_col;
-
-  /* Store DCT block to memory. */
-  vst1q_lane_u64((uint64_t *)outptr0, vreinterpretq_u64_u8(rows_04), 0);
-  vst1q_lane_u64((uint64_t *)outptr1, vreinterpretq_u64_u8(rows_15), 0);
-  vst1q_lane_u64((uint64_t *)outptr2, vreinterpretq_u64_u8(rows_26), 0);
-  vst1q_lane_u64((uint64_t *)outptr3, vreinterpretq_u64_u8(rows_37), 0);
-  vst1q_lane_u64((uint64_t *)outptr4, vreinterpretq_u64_u8(rows_04), 1);
-  vst1q_lane_u64((uint64_t *)outptr5, vreinterpretq_u64_u8(rows_15), 1);
-  vst1q_lane_u64((uint64_t *)outptr6, vreinterpretq_u64_u8(rows_26), 1);
-  vst1q_lane_u64((uint64_t *)outptr7, vreinterpretq_u64_u8(rows_37), 1);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jidctint-neon.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jidctint-neon.c
deleted file mode 100644
index 043b652..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jidctint-neon.c
+++ /dev/null
@@ -1,802 +0,0 @@
-/*
- * jidctint-neon.c - accurate integer IDCT (Arm Neon)
- *
- * Copyright (C) 2020, Arm Limited.  All Rights Reserved.
- * Copyright (C) 2020, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#define JPEG_INTERNALS
-#include "jconfigint.h"
-#include "../../jinclude.h"
-#include "../../jpeglib.h"
-#include "../../jsimd.h"
-#include "../../jdct.h"
-#include "../../jsimddct.h"
-#include "../jsimd.h"
-#include "align.h"
-#include "neon-compat.h"
-
-#include <arm_neon.h>
-
-
-#define CONST_BITS  13
-#define PASS1_BITS  2
-
-#define DESCALE_P1  (CONST_BITS - PASS1_BITS)
-#define DESCALE_P2  (CONST_BITS + PASS1_BITS + 3)
-
-/* The computation of the inverse DCT requires the use of constants known at
- * compile time.  Scaled integer constants are used to avoid floating-point
- * arithmetic:
- *    0.298631336 =  2446 * 2^-13
- *    0.390180644 =  3196 * 2^-13
- *    0.541196100 =  4433 * 2^-13
- *    0.765366865 =  6270 * 2^-13
- *    0.899976223 =  7373 * 2^-13
- *    1.175875602 =  9633 * 2^-13
- *    1.501321110 = 12299 * 2^-13
- *    1.847759065 = 15137 * 2^-13
- *    1.961570560 = 16069 * 2^-13
- *    2.053119869 = 16819 * 2^-13
- *    2.562915447 = 20995 * 2^-13
- *    3.072711026 = 25172 * 2^-13
- */
-
-#define F_0_298  2446
-#define F_0_390  3196
-#define F_0_541  4433
-#define F_0_765  6270
-#define F_0_899  7373
-#define F_1_175  9633
-#define F_1_501  12299
-#define F_1_847  15137
-#define F_1_961  16069
-#define F_2_053  16819
-#define F_2_562  20995
-#define F_3_072  25172
-
-#define F_1_175_MINUS_1_961  (F_1_175 - F_1_961)
-#define F_1_175_MINUS_0_390  (F_1_175 - F_0_390)
-#define F_0_541_MINUS_1_847  (F_0_541 - F_1_847)
-#define F_3_072_MINUS_2_562  (F_3_072 - F_2_562)
-#define F_0_298_MINUS_0_899  (F_0_298 - F_0_899)
-#define F_1_501_MINUS_0_899  (F_1_501 - F_0_899)
-#define F_2_053_MINUS_2_562  (F_2_053 - F_2_562)
-#define F_0_541_PLUS_0_765   (F_0_541 + F_0_765)
-
-
-ALIGN(16) static const int16_t jsimd_idct_islow_neon_consts[] = {
-  F_0_899,             F_0_541,
-  F_2_562,             F_0_298_MINUS_0_899,
-  F_1_501_MINUS_0_899, F_2_053_MINUS_2_562,
-  F_0_541_PLUS_0_765,  F_1_175,
-  F_1_175_MINUS_0_390, F_0_541_MINUS_1_847,
-  F_3_072_MINUS_2_562, F_1_175_MINUS_1_961,
-  0, 0, 0, 0
-};
-
-
-/* Forward declaration of regular and sparse IDCT helper functions */
-
-static INLINE void jsimd_idct_islow_pass1_regular(int16x4_t row0,
-                                                  int16x4_t row1,
-                                                  int16x4_t row2,
-                                                  int16x4_t row3,
-                                                  int16x4_t row4,
-                                                  int16x4_t row5,
-                                                  int16x4_t row6,
-                                                  int16x4_t row7,
-                                                  int16x4_t quant_row0,
-                                                  int16x4_t quant_row1,
-                                                  int16x4_t quant_row2,
-                                                  int16x4_t quant_row3,
-                                                  int16x4_t quant_row4,
-                                                  int16x4_t quant_row5,
-                                                  int16x4_t quant_row6,
-                                                  int16x4_t quant_row7,
-                                                  int16_t *workspace_1,
-                                                  int16_t *workspace_2);
-
-static INLINE void jsimd_idct_islow_pass1_sparse(int16x4_t row0,
-                                                 int16x4_t row1,
-                                                 int16x4_t row2,
-                                                 int16x4_t row3,
-                                                 int16x4_t quant_row0,
-                                                 int16x4_t quant_row1,
-                                                 int16x4_t quant_row2,
-                                                 int16x4_t quant_row3,
-                                                 int16_t *workspace_1,
-                                                 int16_t *workspace_2);
-
-static INLINE void jsimd_idct_islow_pass2_regular(int16_t *workspace,
-                                                  JSAMPARRAY output_buf,
-                                                  JDIMENSION output_col,
-                                                  unsigned buf_offset);
-
-static INLINE void jsimd_idct_islow_pass2_sparse(int16_t *workspace,
-                                                 JSAMPARRAY output_buf,
-                                                 JDIMENSION output_col,
-                                                 unsigned buf_offset);
-
-
-/* Perform dequantization and inverse DCT on one block of coefficients.  For
- * reference, the C implementation (jpeg_idct_slow()) can be found in
- * jidctint.c.
- *
- * Optimization techniques used for fast data access:
- *
- * In each pass, the inverse DCT is computed for the left and right 4x8 halves
- * of the DCT block.  This avoids spilling due to register pressure, and the
- * increased granularity allows for an optimized calculation depending on the
- * values of the DCT coefficients.  Between passes, intermediate data is stored
- * in 4x8 workspace buffers.
- *
- * Transposing the 8x8 DCT block after each pass can be achieved by transposing
- * each of the four 4x4 quadrants and swapping quadrants 1 and 2 (refer to the
- * diagram below.)  Swapping quadrants is cheap, since the second pass can just
- * swap the workspace buffer pointers.
- *
- *      +-------+-------+                   +-------+-------+
- *      |       |       |                   |       |       |
- *      |   0   |   1   |                   |   0   |   2   |
- *      |       |       |    transpose      |       |       |
- *      +-------+-------+     ------>       +-------+-------+
- *      |       |       |                   |       |       |
- *      |   2   |   3   |                   |   1   |   3   |
- *      |       |       |                   |       |       |
- *      +-------+-------+                   +-------+-------+
- *
- * Optimization techniques used to accelerate the inverse DCT calculation:
- *
- * In a DCT coefficient block, the coefficients are increasingly likely to be 0
- * as you move diagonally from top left to bottom right.  If whole rows of
- * coefficients are 0, then the inverse DCT calculation can be simplified.  On
- * the first pass of the inverse DCT, we test for three special cases before
- * defaulting to a full "regular" inverse DCT:
- *
- * 1) Coefficients in rows 4-7 are all zero.  In this case, we perform a
- *    "sparse" simplified inverse DCT on rows 0-3.
- * 2) AC coefficients (rows 1-7) are all zero.  In this case, the inverse DCT
- *    result is equal to the dequantized DC coefficients.
- * 3) AC and DC coefficients are all zero.  In this case, the inverse DCT
- *    result is all zero.  For the left 4x8 half, this is handled identically
- *    to Case 2 above.  For the right 4x8 half, we do no work and signal that
- *    the "sparse" algorithm is required for the second pass.
- *
- * In the second pass, only a single special case is tested: whether the AC and
- * DC coefficients were all zero in the right 4x8 block during the first pass
- * (refer to Case 3 above.)  If this is the case, then a "sparse" variant of
- * the second pass is performed for both the left and right halves of the DCT
- * block.  (The transposition after the first pass means that the right 4x8
- * block during the first pass becomes rows 4-7 during the second pass.)
- */
-
-void jsimd_idct_islow_neon(void *dct_table, JCOEFPTR coef_block,
-                           JSAMPARRAY output_buf, JDIMENSION output_col)
-{
-  ISLOW_MULT_TYPE *quantptr = dct_table;
-
-  int16_t workspace_l[8 * DCTSIZE / 2];
-  int16_t workspace_r[8 * DCTSIZE / 2];
-
-  /* Compute IDCT first pass on left 4x8 coefficient block. */
-
-  /* Load DCT coefficients in left 4x8 block. */
-  int16x4_t row0 = vld1_s16(coef_block + 0 * DCTSIZE);
-  int16x4_t row1 = vld1_s16(coef_block + 1 * DCTSIZE);
-  int16x4_t row2 = vld1_s16(coef_block + 2 * DCTSIZE);
-  int16x4_t row3 = vld1_s16(coef_block + 3 * DCTSIZE);
-  int16x4_t row4 = vld1_s16(coef_block + 4 * DCTSIZE);
-  int16x4_t row5 = vld1_s16(coef_block + 5 * DCTSIZE);
-  int16x4_t row6 = vld1_s16(coef_block + 6 * DCTSIZE);
-  int16x4_t row7 = vld1_s16(coef_block + 7 * DCTSIZE);
-
-  /* Load quantization table for left 4x8 block. */
-  int16x4_t quant_row0 = vld1_s16(quantptr + 0 * DCTSIZE);
-  int16x4_t quant_row1 = vld1_s16(quantptr + 1 * DCTSIZE);
-  int16x4_t quant_row2 = vld1_s16(quantptr + 2 * DCTSIZE);
-  int16x4_t quant_row3 = vld1_s16(quantptr + 3 * DCTSIZE);
-  int16x4_t quant_row4 = vld1_s16(quantptr + 4 * DCTSIZE);
-  int16x4_t quant_row5 = vld1_s16(quantptr + 5 * DCTSIZE);
-  int16x4_t quant_row6 = vld1_s16(quantptr + 6 * DCTSIZE);
-  int16x4_t quant_row7 = vld1_s16(quantptr + 7 * DCTSIZE);
-
-  /* Construct bitmap to test if DCT coefficients in left 4x8 block are 0. */
-  int16x4_t bitmap = vorr_s16(row7, row6);
-  bitmap = vorr_s16(bitmap, row5);
-  bitmap = vorr_s16(bitmap, row4);
-  int64_t bitmap_rows_4567 = vget_lane_s64(vreinterpret_s64_s16(bitmap), 0);
-
-  if (bitmap_rows_4567 == 0) {
-    bitmap = vorr_s16(bitmap, row3);
-    bitmap = vorr_s16(bitmap, row2);
-    bitmap = vorr_s16(bitmap, row1);
-    int64_t left_ac_bitmap = vget_lane_s64(vreinterpret_s64_s16(bitmap), 0);
-
-    if (left_ac_bitmap == 0) {
-      int16x4_t dcval = vshl_n_s16(vmul_s16(row0, quant_row0), PASS1_BITS);
-      int16x4x4_t quadrant = { { dcval, dcval, dcval, dcval } };
-      /* Store 4x4 blocks to workspace, transposing in the process. */
-      vst4_s16(workspace_l, quadrant);
-      vst4_s16(workspace_r, quadrant);
-    } else {
-      jsimd_idct_islow_pass1_sparse(row0, row1, row2, row3, quant_row0,
-                                    quant_row1, quant_row2, quant_row3,
-                                    workspace_l, workspace_r);
-    }
-  } else {
-    jsimd_idct_islow_pass1_regular(row0, row1, row2, row3, row4, row5,
-                                   row6, row7, quant_row0, quant_row1,
-                                   quant_row2, quant_row3, quant_row4,
-                                   quant_row5, quant_row6, quant_row7,
-                                   workspace_l, workspace_r);
-  }
-
-  /* Compute IDCT first pass on right 4x8 coefficient block. */
-
-  /* Load DCT coefficients in right 4x8 block. */
-  row0 = vld1_s16(coef_block + 0 * DCTSIZE + 4);
-  row1 = vld1_s16(coef_block + 1 * DCTSIZE + 4);
-  row2 = vld1_s16(coef_block + 2 * DCTSIZE + 4);
-  row3 = vld1_s16(coef_block + 3 * DCTSIZE + 4);
-  row4 = vld1_s16(coef_block + 4 * DCTSIZE + 4);
-  row5 = vld1_s16(coef_block + 5 * DCTSIZE + 4);
-  row6 = vld1_s16(coef_block + 6 * DCTSIZE + 4);
-  row7 = vld1_s16(coef_block + 7 * DCTSIZE + 4);
-
-  /* Load quantization table for right 4x8 block. */
-  quant_row0 = vld1_s16(quantptr + 0 * DCTSIZE + 4);
-  quant_row1 = vld1_s16(quantptr + 1 * DCTSIZE + 4);
-  quant_row2 = vld1_s16(quantptr + 2 * DCTSIZE + 4);
-  quant_row3 = vld1_s16(quantptr + 3 * DCTSIZE + 4);
-  quant_row4 = vld1_s16(quantptr + 4 * DCTSIZE + 4);
-  quant_row5 = vld1_s16(quantptr + 5 * DCTSIZE + 4);
-  quant_row6 = vld1_s16(quantptr + 6 * DCTSIZE + 4);
-  quant_row7 = vld1_s16(quantptr + 7 * DCTSIZE + 4);
-
-  /* Construct bitmap to test if DCT coefficients in right 4x8 block are 0. */
-  bitmap = vorr_s16(row7, row6);
-  bitmap = vorr_s16(bitmap, row5);
-  bitmap = vorr_s16(bitmap, row4);
-  bitmap_rows_4567 = vget_lane_s64(vreinterpret_s64_s16(bitmap), 0);
-  bitmap = vorr_s16(bitmap, row3);
-  bitmap = vorr_s16(bitmap, row2);
-  bitmap = vorr_s16(bitmap, row1);
-  int64_t right_ac_bitmap = vget_lane_s64(vreinterpret_s64_s16(bitmap), 0);
-
-  /* If this remains non-zero, a "regular" second pass will be performed. */
-  int64_t right_ac_dc_bitmap = 1;
-
-  if (right_ac_bitmap == 0) {
-    bitmap = vorr_s16(bitmap, row0);
-    right_ac_dc_bitmap = vget_lane_s64(vreinterpret_s64_s16(bitmap), 0);
-
-    if (right_ac_dc_bitmap != 0) {
-      int16x4_t dcval = vshl_n_s16(vmul_s16(row0, quant_row0), PASS1_BITS);
-      int16x4x4_t quadrant = { { dcval, dcval, dcval, dcval } };
-      /* Store 4x4 blocks to workspace, transposing in the process. */
-      vst4_s16(workspace_l + 4 * DCTSIZE / 2, quadrant);
-      vst4_s16(workspace_r + 4 * DCTSIZE / 2, quadrant);
-    }
-  } else {
-    if (bitmap_rows_4567 == 0) {
-      jsimd_idct_islow_pass1_sparse(row0, row1, row2, row3, quant_row0,
-                                    quant_row1, quant_row2, quant_row3,
-                                    workspace_l + 4 * DCTSIZE / 2,
-                                    workspace_r + 4 * DCTSIZE / 2);
-    } else {
-      jsimd_idct_islow_pass1_regular(row0, row1, row2, row3, row4, row5,
-                                     row6, row7, quant_row0, quant_row1,
-                                     quant_row2, quant_row3, quant_row4,
-                                     quant_row5, quant_row6, quant_row7,
-                                     workspace_l + 4 * DCTSIZE / 2,
-                                     workspace_r + 4 * DCTSIZE / 2);
-    }
-  }
-
-  /* Second pass: compute IDCT on rows in workspace. */
-
-  /* If all coefficients in right 4x8 block are 0, use "sparse" second pass. */
-  if (right_ac_dc_bitmap == 0) {
-    jsimd_idct_islow_pass2_sparse(workspace_l, output_buf, output_col, 0);
-    jsimd_idct_islow_pass2_sparse(workspace_r, output_buf, output_col, 4);
-  } else {
-    jsimd_idct_islow_pass2_regular(workspace_l, output_buf, output_col, 0);
-    jsimd_idct_islow_pass2_regular(workspace_r, output_buf, output_col, 4);
-  }
-}
-
-
-/* Perform dequantization and the first pass of the accurate inverse DCT on a
- * 4x8 block of coefficients.  (To process the full 8x8 DCT block, this
- * function-- or some other optimized variant-- needs to be called for both the
- * left and right 4x8 blocks.)
- *
- * This "regular" version assumes that no optimization can be made to the IDCT
- * calculation, since no useful set of AC coefficients is all 0.
- *
- * The original C implementation of the accurate IDCT (jpeg_idct_slow()) can be
- * found in jidctint.c.  Algorithmic changes made here are documented inline.
- */
-
-static INLINE void jsimd_idct_islow_pass1_regular(int16x4_t row0,
-                                                  int16x4_t row1,
-                                                  int16x4_t row2,
-                                                  int16x4_t row3,
-                                                  int16x4_t row4,
-                                                  int16x4_t row5,
-                                                  int16x4_t row6,
-                                                  int16x4_t row7,
-                                                  int16x4_t quant_row0,
-                                                  int16x4_t quant_row1,
-                                                  int16x4_t quant_row2,
-                                                  int16x4_t quant_row3,
-                                                  int16x4_t quant_row4,
-                                                  int16x4_t quant_row5,
-                                                  int16x4_t quant_row6,
-                                                  int16x4_t quant_row7,
-                                                  int16_t *workspace_1,
-                                                  int16_t *workspace_2)
-{
-  /* Load constants for IDCT computation. */
-#ifdef HAVE_VLD1_S16_X3
-  const int16x4x3_t consts = vld1_s16_x3(jsimd_idct_islow_neon_consts);
-#else
-  const int16x4_t consts1 = vld1_s16(jsimd_idct_islow_neon_consts);
-  const int16x4_t consts2 = vld1_s16(jsimd_idct_islow_neon_consts + 4);
-  const int16x4_t consts3 = vld1_s16(jsimd_idct_islow_neon_consts + 8);
-  const int16x4x3_t consts = { { consts1, consts2, consts3 } };
-#endif
-
-  /* Even part */
-  int16x4_t z2_s16 = vmul_s16(row2, quant_row2);
-  int16x4_t z3_s16 = vmul_s16(row6, quant_row6);
-
-  int32x4_t tmp2 = vmull_lane_s16(z2_s16, consts.val[0], 1);
-  int32x4_t tmp3 = vmull_lane_s16(z2_s16, consts.val[1], 2);
-  tmp2 = vmlal_lane_s16(tmp2, z3_s16, consts.val[2], 1);
-  tmp3 = vmlal_lane_s16(tmp3, z3_s16, consts.val[0], 1);
-
-  z2_s16 = vmul_s16(row0, quant_row0);
-  z3_s16 = vmul_s16(row4, quant_row4);
-
-  int32x4_t tmp0 = vshll_n_s16(vadd_s16(z2_s16, z3_s16), CONST_BITS);
-  int32x4_t tmp1 = vshll_n_s16(vsub_s16(z2_s16, z3_s16), CONST_BITS);
-
-  int32x4_t tmp10 = vaddq_s32(tmp0, tmp3);
-  int32x4_t tmp13 = vsubq_s32(tmp0, tmp3);
-  int32x4_t tmp11 = vaddq_s32(tmp1, tmp2);
-  int32x4_t tmp12 = vsubq_s32(tmp1, tmp2);
-
-  /* Odd part */
-  int16x4_t tmp0_s16 = vmul_s16(row7, quant_row7);
-  int16x4_t tmp1_s16 = vmul_s16(row5, quant_row5);
-  int16x4_t tmp2_s16 = vmul_s16(row3, quant_row3);
-  int16x4_t tmp3_s16 = vmul_s16(row1, quant_row1);
-
-  z3_s16 = vadd_s16(tmp0_s16, tmp2_s16);
-  int16x4_t z4_s16 = vadd_s16(tmp1_s16, tmp3_s16);
-
-  /* Implementation as per jpeg_idct_islow() in jidctint.c:
-   *   z5 = (z3 + z4) * 1.175875602;
-   *   z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644;
-   *   z3 += z5;  z4 += z5;
-   *
-   * This implementation:
-   *   z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602;
-   *   z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644);
-   */
-
-  int32x4_t z3 = vmull_lane_s16(z3_s16, consts.val[2], 3);
-  int32x4_t z4 = vmull_lane_s16(z3_s16, consts.val[1], 3);
-  z3 = vmlal_lane_s16(z3, z4_s16, consts.val[1], 3);
-  z4 = vmlal_lane_s16(z4, z4_s16, consts.val[2], 0);
-
-  /* Implementation as per jpeg_idct_islow() in jidctint.c:
-   *   z1 = tmp0 + tmp3;  z2 = tmp1 + tmp2;
-   *   tmp0 = tmp0 * 0.298631336;  tmp1 = tmp1 * 2.053119869;
-   *   tmp2 = tmp2 * 3.072711026;  tmp3 = tmp3 * 1.501321110;
-   *   z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447;
-   *   tmp0 += z1 + z3;  tmp1 += z2 + z4;
-   *   tmp2 += z2 + z3;  tmp3 += z1 + z4;
-   *
-   * This implementation:
-   *   tmp0 = tmp0 * (0.298631336 - 0.899976223) + tmp3 * -0.899976223;
-   *   tmp1 = tmp1 * (2.053119869 - 2.562915447) + tmp2 * -2.562915447;
-   *   tmp2 = tmp1 * -2.562915447 + tmp2 * (3.072711026 - 2.562915447);
-   *   tmp3 = tmp0 * -0.899976223 + tmp3 * (1.501321110 - 0.899976223);
-   *   tmp0 += z3;  tmp1 += z4;
-   *   tmp2 += z3;  tmp3 += z4;
-   */
-
-  tmp0 = vmull_lane_s16(tmp0_s16, consts.val[0], 3);
-  tmp1 = vmull_lane_s16(tmp1_s16, consts.val[1], 1);
-  tmp2 = vmull_lane_s16(tmp2_s16, consts.val[2], 2);
-  tmp3 = vmull_lane_s16(tmp3_s16, consts.val[1], 0);
-
-  tmp0 = vmlsl_lane_s16(tmp0, tmp3_s16, consts.val[0], 0);
-  tmp1 = vmlsl_lane_s16(tmp1, tmp2_s16, consts.val[0], 2);
-  tmp2 = vmlsl_lane_s16(tmp2, tmp1_s16, consts.val[0], 2);
-  tmp3 = vmlsl_lane_s16(tmp3, tmp0_s16, consts.val[0], 0);
-
-  tmp0 = vaddq_s32(tmp0, z3);
-  tmp1 = vaddq_s32(tmp1, z4);
-  tmp2 = vaddq_s32(tmp2, z3);
-  tmp3 = vaddq_s32(tmp3, z4);
-
-  /* Final output stage: descale and narrow to 16-bit. */
-  int16x4x4_t rows_0123 = { {
-    vrshrn_n_s32(vaddq_s32(tmp10, tmp3), DESCALE_P1),
-    vrshrn_n_s32(vaddq_s32(tmp11, tmp2), DESCALE_P1),
-    vrshrn_n_s32(vaddq_s32(tmp12, tmp1), DESCALE_P1),
-    vrshrn_n_s32(vaddq_s32(tmp13, tmp0), DESCALE_P1)
-  } };
-  int16x4x4_t rows_4567 = { {
-    vrshrn_n_s32(vsubq_s32(tmp13, tmp0), DESCALE_P1),
-    vrshrn_n_s32(vsubq_s32(tmp12, tmp1), DESCALE_P1),
-    vrshrn_n_s32(vsubq_s32(tmp11, tmp2), DESCALE_P1),
-    vrshrn_n_s32(vsubq_s32(tmp10, tmp3), DESCALE_P1)
-  } };
-
-  /* Store 4x4 blocks to the intermediate workspace, ready for the second pass.
-   * (VST4 transposes the blocks.  We need to operate on rows in the next
-   * pass.)
-   */
-  vst4_s16(workspace_1, rows_0123);
-  vst4_s16(workspace_2, rows_4567);
-}
-
-
-/* Perform dequantization and the first pass of the accurate inverse DCT on a
- * 4x8 block of coefficients.
- *
- * This "sparse" version assumes that the AC coefficients in rows 4-7 are all
- * 0.  This simplifies the IDCT calculation, accelerating overall performance.
- */
-
-static INLINE void jsimd_idct_islow_pass1_sparse(int16x4_t row0,
-                                                 int16x4_t row1,
-                                                 int16x4_t row2,
-                                                 int16x4_t row3,
-                                                 int16x4_t quant_row0,
-                                                 int16x4_t quant_row1,
-                                                 int16x4_t quant_row2,
-                                                 int16x4_t quant_row3,
-                                                 int16_t *workspace_1,
-                                                 int16_t *workspace_2)
-{
-  /* Load constants for IDCT computation. */
-#ifdef HAVE_VLD1_S16_X3
-  const int16x4x3_t consts = vld1_s16_x3(jsimd_idct_islow_neon_consts);
-#else
-  const int16x4_t consts1 = vld1_s16(jsimd_idct_islow_neon_consts);
-  const int16x4_t consts2 = vld1_s16(jsimd_idct_islow_neon_consts + 4);
-  const int16x4_t consts3 = vld1_s16(jsimd_idct_islow_neon_consts + 8);
-  const int16x4x3_t consts = { { consts1, consts2, consts3 } };
-#endif
-
-  /* Even part (z3 is all 0) */
-  int16x4_t z2_s16 = vmul_s16(row2, quant_row2);
-
-  int32x4_t tmp2 = vmull_lane_s16(z2_s16, consts.val[0], 1);
-  int32x4_t tmp3 = vmull_lane_s16(z2_s16, consts.val[1], 2);
-
-  z2_s16 = vmul_s16(row0, quant_row0);
-  int32x4_t tmp0 = vshll_n_s16(z2_s16, CONST_BITS);
-  int32x4_t tmp1 = vshll_n_s16(z2_s16, CONST_BITS);
-
-  int32x4_t tmp10 = vaddq_s32(tmp0, tmp3);
-  int32x4_t tmp13 = vsubq_s32(tmp0, tmp3);
-  int32x4_t tmp11 = vaddq_s32(tmp1, tmp2);
-  int32x4_t tmp12 = vsubq_s32(tmp1, tmp2);
-
-  /* Odd part (tmp0 and tmp1 are both all 0) */
-  int16x4_t tmp2_s16 = vmul_s16(row3, quant_row3);
-  int16x4_t tmp3_s16 = vmul_s16(row1, quant_row1);
-
-  int16x4_t z3_s16 = tmp2_s16;
-  int16x4_t z4_s16 = tmp3_s16;
-
-  int32x4_t z3 = vmull_lane_s16(z3_s16, consts.val[2], 3);
-  int32x4_t z4 = vmull_lane_s16(z3_s16, consts.val[1], 3);
-  z3 = vmlal_lane_s16(z3, z4_s16, consts.val[1], 3);
-  z4 = vmlal_lane_s16(z4, z4_s16, consts.val[2], 0);
-
-  tmp0 = vmlsl_lane_s16(z3, tmp3_s16, consts.val[0], 0);
-  tmp1 = vmlsl_lane_s16(z4, tmp2_s16, consts.val[0], 2);
-  tmp2 = vmlal_lane_s16(z3, tmp2_s16, consts.val[2], 2);
-  tmp3 = vmlal_lane_s16(z4, tmp3_s16, consts.val[1], 0);
-
-  /* Final output stage: descale and narrow to 16-bit. */
-  int16x4x4_t rows_0123 = { {
-    vrshrn_n_s32(vaddq_s32(tmp10, tmp3), DESCALE_P1),
-    vrshrn_n_s32(vaddq_s32(tmp11, tmp2), DESCALE_P1),
-    vrshrn_n_s32(vaddq_s32(tmp12, tmp1), DESCALE_P1),
-    vrshrn_n_s32(vaddq_s32(tmp13, tmp0), DESCALE_P1)
-  } };
-  int16x4x4_t rows_4567 = { {
-    vrshrn_n_s32(vsubq_s32(tmp13, tmp0), DESCALE_P1),
-    vrshrn_n_s32(vsubq_s32(tmp12, tmp1), DESCALE_P1),
-    vrshrn_n_s32(vsubq_s32(tmp11, tmp2), DESCALE_P1),
-    vrshrn_n_s32(vsubq_s32(tmp10, tmp3), DESCALE_P1)
-  } };
-
-  /* Store 4x4 blocks to the intermediate workspace, ready for the second pass.
-   * (VST4 transposes the blocks.  We need to operate on rows in the next
-   * pass.)
-   */
-  vst4_s16(workspace_1, rows_0123);
-  vst4_s16(workspace_2, rows_4567);
-}
-
-
-/* Perform the second pass of the accurate inverse DCT on a 4x8 block of
- * coefficients.  (To process the full 8x8 DCT block, this function-- or some
- * other optimized variant-- needs to be called for both the right and left 4x8
- * blocks.)
- *
- * This "regular" version assumes that no optimization can be made to the IDCT
- * calculation, since no useful set of coefficient values are all 0 after the
- * first pass.
- *
- * Again, the original C implementation of the accurate IDCT (jpeg_idct_slow())
- * can be found in jidctint.c.  Algorithmic changes made here are documented
- * inline.
- */
-
-static INLINE void jsimd_idct_islow_pass2_regular(int16_t *workspace,
-                                                  JSAMPARRAY output_buf,
-                                                  JDIMENSION output_col,
-                                                  unsigned buf_offset)
-{
-  /* Load constants for IDCT computation. */
-#ifdef HAVE_VLD1_S16_X3
-  const int16x4x3_t consts = vld1_s16_x3(jsimd_idct_islow_neon_consts);
-#else
-  const int16x4_t consts1 = vld1_s16(jsimd_idct_islow_neon_consts);
-  const int16x4_t consts2 = vld1_s16(jsimd_idct_islow_neon_consts + 4);
-  const int16x4_t consts3 = vld1_s16(jsimd_idct_islow_neon_consts + 8);
-  const int16x4x3_t consts = { { consts1, consts2, consts3 } };
-#endif
-
-  /* Even part */
-  int16x4_t z2_s16 = vld1_s16(workspace + 2 * DCTSIZE / 2);
-  int16x4_t z3_s16 = vld1_s16(workspace + 6 * DCTSIZE / 2);
-
-  int32x4_t tmp2 = vmull_lane_s16(z2_s16, consts.val[0], 1);
-  int32x4_t tmp3 = vmull_lane_s16(z2_s16, consts.val[1], 2);
-  tmp2 = vmlal_lane_s16(tmp2, z3_s16, consts.val[2], 1);
-  tmp3 = vmlal_lane_s16(tmp3, z3_s16, consts.val[0], 1);
-
-  z2_s16 = vld1_s16(workspace + 0 * DCTSIZE / 2);
-  z3_s16 = vld1_s16(workspace + 4 * DCTSIZE / 2);
-
-  int32x4_t tmp0 = vshll_n_s16(vadd_s16(z2_s16, z3_s16), CONST_BITS);
-  int32x4_t tmp1 = vshll_n_s16(vsub_s16(z2_s16, z3_s16), CONST_BITS);
-
-  int32x4_t tmp10 = vaddq_s32(tmp0, tmp3);
-  int32x4_t tmp13 = vsubq_s32(tmp0, tmp3);
-  int32x4_t tmp11 = vaddq_s32(tmp1, tmp2);
-  int32x4_t tmp12 = vsubq_s32(tmp1, tmp2);
-
-  /* Odd part */
-  int16x4_t tmp0_s16 = vld1_s16(workspace + 7 * DCTSIZE / 2);
-  int16x4_t tmp1_s16 = vld1_s16(workspace + 5 * DCTSIZE / 2);
-  int16x4_t tmp2_s16 = vld1_s16(workspace + 3 * DCTSIZE / 2);
-  int16x4_t tmp3_s16 = vld1_s16(workspace + 1 * DCTSIZE / 2);
-
-  z3_s16 = vadd_s16(tmp0_s16, tmp2_s16);
-  int16x4_t z4_s16 = vadd_s16(tmp1_s16, tmp3_s16);
-
-  /* Implementation as per jpeg_idct_islow() in jidctint.c:
-   *   z5 = (z3 + z4) * 1.175875602;
-   *   z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644;
-   *   z3 += z5;  z4 += z5;
-   *
-   * This implementation:
-   *   z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602;
-   *   z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644);
-   */
-
-  int32x4_t z3 = vmull_lane_s16(z3_s16, consts.val[2], 3);
-  int32x4_t z4 = vmull_lane_s16(z3_s16, consts.val[1], 3);
-  z3 = vmlal_lane_s16(z3, z4_s16, consts.val[1], 3);
-  z4 = vmlal_lane_s16(z4, z4_s16, consts.val[2], 0);
-
-  /* Implementation as per jpeg_idct_islow() in jidctint.c:
-   *   z1 = tmp0 + tmp3;  z2 = tmp1 + tmp2;
-   *   tmp0 = tmp0 * 0.298631336;  tmp1 = tmp1 * 2.053119869;
-   *   tmp2 = tmp2 * 3.072711026;  tmp3 = tmp3 * 1.501321110;
-   *   z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447;
-   *   tmp0 += z1 + z3;  tmp1 += z2 + z4;
-   *   tmp2 += z2 + z3;  tmp3 += z1 + z4;
-   *
-   * This implementation:
-   *   tmp0 = tmp0 * (0.298631336 - 0.899976223) + tmp3 * -0.899976223;
-   *   tmp1 = tmp1 * (2.053119869 - 2.562915447) + tmp2 * -2.562915447;
-   *   tmp2 = tmp1 * -2.562915447 + tmp2 * (3.072711026 - 2.562915447);
-   *   tmp3 = tmp0 * -0.899976223 + tmp3 * (1.501321110 - 0.899976223);
-   *   tmp0 += z3;  tmp1 += z4;
-   *   tmp2 += z3;  tmp3 += z4;
-   */
-
-  tmp0 = vmull_lane_s16(tmp0_s16, consts.val[0], 3);
-  tmp1 = vmull_lane_s16(tmp1_s16, consts.val[1], 1);
-  tmp2 = vmull_lane_s16(tmp2_s16, consts.val[2], 2);
-  tmp3 = vmull_lane_s16(tmp3_s16, consts.val[1], 0);
-
-  tmp0 = vmlsl_lane_s16(tmp0, tmp3_s16, consts.val[0], 0);
-  tmp1 = vmlsl_lane_s16(tmp1, tmp2_s16, consts.val[0], 2);
-  tmp2 = vmlsl_lane_s16(tmp2, tmp1_s16, consts.val[0], 2);
-  tmp3 = vmlsl_lane_s16(tmp3, tmp0_s16, consts.val[0], 0);
-
-  tmp0 = vaddq_s32(tmp0, z3);
-  tmp1 = vaddq_s32(tmp1, z4);
-  tmp2 = vaddq_s32(tmp2, z3);
-  tmp3 = vaddq_s32(tmp3, z4);
-
-  /* Final output stage: descale and narrow to 16-bit. */
-  int16x8_t cols_02_s16 = vcombine_s16(vaddhn_s32(tmp10, tmp3),
-                                       vaddhn_s32(tmp12, tmp1));
-  int16x8_t cols_13_s16 = vcombine_s16(vaddhn_s32(tmp11, tmp2),
-                                       vaddhn_s32(tmp13, tmp0));
-  int16x8_t cols_46_s16 = vcombine_s16(vsubhn_s32(tmp13, tmp0),
-                                       vsubhn_s32(tmp11, tmp2));
-  int16x8_t cols_57_s16 = vcombine_s16(vsubhn_s32(tmp12, tmp1),
-                                       vsubhn_s32(tmp10, tmp3));
-  /* Descale and narrow to 8-bit. */
-  int8x8_t cols_02_s8 = vqrshrn_n_s16(cols_02_s16, DESCALE_P2 - 16);
-  int8x8_t cols_13_s8 = vqrshrn_n_s16(cols_13_s16, DESCALE_P2 - 16);
-  int8x8_t cols_46_s8 = vqrshrn_n_s16(cols_46_s16, DESCALE_P2 - 16);
-  int8x8_t cols_57_s8 = vqrshrn_n_s16(cols_57_s16, DESCALE_P2 - 16);
-  /* Clamp to range [0-255]. */
-  uint8x8_t cols_02_u8 = vadd_u8(vreinterpret_u8_s8(cols_02_s8),
-                                 vdup_n_u8(CENTERJSAMPLE));
-  uint8x8_t cols_13_u8 = vadd_u8(vreinterpret_u8_s8(cols_13_s8),
-                                 vdup_n_u8(CENTERJSAMPLE));
-  uint8x8_t cols_46_u8 = vadd_u8(vreinterpret_u8_s8(cols_46_s8),
-                                 vdup_n_u8(CENTERJSAMPLE));
-  uint8x8_t cols_57_u8 = vadd_u8(vreinterpret_u8_s8(cols_57_s8),
-                                 vdup_n_u8(CENTERJSAMPLE));
-
-  /* Transpose 4x8 block and store to memory.  (Zipping adjacent columns
-   * together allows us to store 16-bit elements.)
-   */
-  uint8x8x2_t cols_01_23 = vzip_u8(cols_02_u8, cols_13_u8);
-  uint8x8x2_t cols_45_67 = vzip_u8(cols_46_u8, cols_57_u8);
-  uint16x4x4_t cols_01_23_45_67 = { {
-    vreinterpret_u16_u8(cols_01_23.val[0]),
-    vreinterpret_u16_u8(cols_01_23.val[1]),
-    vreinterpret_u16_u8(cols_45_67.val[0]),
-    vreinterpret_u16_u8(cols_45_67.val[1])
-  } };
-
-  JSAMPROW outptr0 = output_buf[buf_offset + 0] + output_col;
-  JSAMPROW outptr1 = output_buf[buf_offset + 1] + output_col;
-  JSAMPROW outptr2 = output_buf[buf_offset + 2] + output_col;
-  JSAMPROW outptr3 = output_buf[buf_offset + 3] + output_col;
-  /* VST4 of 16-bit elements completes the transpose. */
-  vst4_lane_u16((uint16_t *)outptr0, cols_01_23_45_67, 0);
-  vst4_lane_u16((uint16_t *)outptr1, cols_01_23_45_67, 1);
-  vst4_lane_u16((uint16_t *)outptr2, cols_01_23_45_67, 2);
-  vst4_lane_u16((uint16_t *)outptr3, cols_01_23_45_67, 3);
-}
-
-
-/* Performs the second pass of the accurate inverse DCT on a 4x8 block
- * of coefficients.
- *
- * This "sparse" version assumes that the coefficient values (after the first
- * pass) in rows 4-7 are all 0.  This simplifies the IDCT calculation,
- * accelerating overall performance.
- */
-
-static INLINE void jsimd_idct_islow_pass2_sparse(int16_t *workspace,
-                                                 JSAMPARRAY output_buf,
-                                                 JDIMENSION output_col,
-                                                 unsigned buf_offset)
-{
-  /* Load constants for IDCT computation. */
-#ifdef HAVE_VLD1_S16_X3
-  const int16x4x3_t consts = vld1_s16_x3(jsimd_idct_islow_neon_consts);
-#else
-  const int16x4_t consts1 = vld1_s16(jsimd_idct_islow_neon_consts);
-  const int16x4_t consts2 = vld1_s16(jsimd_idct_islow_neon_consts + 4);
-  const int16x4_t consts3 = vld1_s16(jsimd_idct_islow_neon_consts + 8);
-  const int16x4x3_t consts = { { consts1, consts2, consts3 } };
-#endif
-
-  /* Even part (z3 is all 0) */
-  int16x4_t z2_s16 = vld1_s16(workspace + 2 * DCTSIZE / 2);
-
-  int32x4_t tmp2 = vmull_lane_s16(z2_s16, consts.val[0], 1);
-  int32x4_t tmp3 = vmull_lane_s16(z2_s16, consts.val[1], 2);
-
-  z2_s16 = vld1_s16(workspace + 0 * DCTSIZE / 2);
-  int32x4_t tmp0 = vshll_n_s16(z2_s16, CONST_BITS);
-  int32x4_t tmp1 = vshll_n_s16(z2_s16, CONST_BITS);
-
-  int32x4_t tmp10 = vaddq_s32(tmp0, tmp3);
-  int32x4_t tmp13 = vsubq_s32(tmp0, tmp3);
-  int32x4_t tmp11 = vaddq_s32(tmp1, tmp2);
-  int32x4_t tmp12 = vsubq_s32(tmp1, tmp2);
-
-  /* Odd part (tmp0 and tmp1 are both all 0) */
-  int16x4_t tmp2_s16 = vld1_s16(workspace + 3 * DCTSIZE / 2);
-  int16x4_t tmp3_s16 = vld1_s16(workspace + 1 * DCTSIZE / 2);
-
-  int16x4_t z3_s16 = tmp2_s16;
-  int16x4_t z4_s16 = tmp3_s16;
-
-  int32x4_t z3 = vmull_lane_s16(z3_s16, consts.val[2], 3);
-  z3 = vmlal_lane_s16(z3, z4_s16, consts.val[1], 3);
-  int32x4_t z4 = vmull_lane_s16(z3_s16, consts.val[1], 3);
-  z4 = vmlal_lane_s16(z4, z4_s16, consts.val[2], 0);
-
-  tmp0 = vmlsl_lane_s16(z3, tmp3_s16, consts.val[0], 0);
-  tmp1 = vmlsl_lane_s16(z4, tmp2_s16, consts.val[0], 2);
-  tmp2 = vmlal_lane_s16(z3, tmp2_s16, consts.val[2], 2);
-  tmp3 = vmlal_lane_s16(z4, tmp3_s16, consts.val[1], 0);
-
-  /* Final output stage: descale and narrow to 16-bit. */
-  int16x8_t cols_02_s16 = vcombine_s16(vaddhn_s32(tmp10, tmp3),
-                                       vaddhn_s32(tmp12, tmp1));
-  int16x8_t cols_13_s16 = vcombine_s16(vaddhn_s32(tmp11, tmp2),
-                                       vaddhn_s32(tmp13, tmp0));
-  int16x8_t cols_46_s16 = vcombine_s16(vsubhn_s32(tmp13, tmp0),
-                                       vsubhn_s32(tmp11, tmp2));
-  int16x8_t cols_57_s16 = vcombine_s16(vsubhn_s32(tmp12, tmp1),
-                                       vsubhn_s32(tmp10, tmp3));
-  /* Descale and narrow to 8-bit. */
-  int8x8_t cols_02_s8 = vqrshrn_n_s16(cols_02_s16, DESCALE_P2 - 16);
-  int8x8_t cols_13_s8 = vqrshrn_n_s16(cols_13_s16, DESCALE_P2 - 16);
-  int8x8_t cols_46_s8 = vqrshrn_n_s16(cols_46_s16, DESCALE_P2 - 16);
-  int8x8_t cols_57_s8 = vqrshrn_n_s16(cols_57_s16, DESCALE_P2 - 16);
-  /* Clamp to range [0-255]. */
-  uint8x8_t cols_02_u8 = vadd_u8(vreinterpret_u8_s8(cols_02_s8),
-                                 vdup_n_u8(CENTERJSAMPLE));
-  uint8x8_t cols_13_u8 = vadd_u8(vreinterpret_u8_s8(cols_13_s8),
-                                 vdup_n_u8(CENTERJSAMPLE));
-  uint8x8_t cols_46_u8 = vadd_u8(vreinterpret_u8_s8(cols_46_s8),
-                                 vdup_n_u8(CENTERJSAMPLE));
-  uint8x8_t cols_57_u8 = vadd_u8(vreinterpret_u8_s8(cols_57_s8),
-                                 vdup_n_u8(CENTERJSAMPLE));
-
-  /* Transpose 4x8 block and store to memory.  (Zipping adjacent columns
-   * together allows us to store 16-bit elements.)
-   */
-  uint8x8x2_t cols_01_23 = vzip_u8(cols_02_u8, cols_13_u8);
-  uint8x8x2_t cols_45_67 = vzip_u8(cols_46_u8, cols_57_u8);
-  uint16x4x4_t cols_01_23_45_67 = { {
-    vreinterpret_u16_u8(cols_01_23.val[0]),
-    vreinterpret_u16_u8(cols_01_23.val[1]),
-    vreinterpret_u16_u8(cols_45_67.val[0]),
-    vreinterpret_u16_u8(cols_45_67.val[1])
-  } };
-
-  JSAMPROW outptr0 = output_buf[buf_offset + 0] + output_col;
-  JSAMPROW outptr1 = output_buf[buf_offset + 1] + output_col;
-  JSAMPROW outptr2 = output_buf[buf_offset + 2] + output_col;
-  JSAMPROW outptr3 = output_buf[buf_offset + 3] + output_col;
-  /* VST4 of 16-bit elements completes the transpose. */
-  vst4_lane_u16((uint16_t *)outptr0, cols_01_23_45_67, 0);
-  vst4_lane_u16((uint16_t *)outptr1, cols_01_23_45_67, 1);
-  vst4_lane_u16((uint16_t *)outptr2, cols_01_23_45_67, 2);
-  vst4_lane_u16((uint16_t *)outptr3, cols_01_23_45_67, 3);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jidctred-neon.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jidctred-neon.c
deleted file mode 100644
index be9627e..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jidctred-neon.c
+++ /dev/null
@@ -1,486 +0,0 @@
-/*
- * jidctred-neon.c - reduced-size IDCT (Arm Neon)
- *
- * Copyright (C) 2020, Arm Limited.  All Rights Reserved.
- * Copyright (C) 2020, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#define JPEG_INTERNALS
-#include "../../jinclude.h"
-#include "../../jpeglib.h"
-#include "../../jsimd.h"
-#include "../../jdct.h"
-#include "../../jsimddct.h"
-#include "../jsimd.h"
-#include "align.h"
-#include "neon-compat.h"
-
-#include <arm_neon.h>
-
-
-#define CONST_BITS  13
-#define PASS1_BITS  2
-
-#define F_0_211  1730
-#define F_0_509  4176
-#define F_0_601  4926
-#define F_0_720  5906
-#define F_0_765  6270
-#define F_0_850  6967
-#define F_0_899  7373
-#define F_1_061  8697
-#define F_1_272  10426
-#define F_1_451  11893
-#define F_1_847  15137
-#define F_2_172  17799
-#define F_2_562  20995
-#define F_3_624  29692
-
-
-/* jsimd_idct_2x2_neon() is an inverse DCT function that produces reduced-size
- * 2x2 output from an 8x8 DCT block.  It uses the same calculations and
- * produces exactly the same output as IJG's original jpeg_idct_2x2() function
- * from jpeg-6b, which can be found in jidctred.c.
- *
- * Scaled integer constants are used to avoid floating-point arithmetic:
- *    0.720959822 =  5906 * 2^-13
- *    0.850430095 =  6967 * 2^-13
- *    1.272758580 = 10426 * 2^-13
- *    3.624509785 = 29692 * 2^-13
- *
- * See jidctred.c for further details of the 2x2 IDCT algorithm.  Where
- * possible, the variable names and comments here in jsimd_idct_2x2_neon()
- * match up with those in jpeg_idct_2x2().
- */
-
-ALIGN(16) static const int16_t jsimd_idct_2x2_neon_consts[] = {
-  -F_0_720, F_0_850, -F_1_272, F_3_624
-};
-
-void jsimd_idct_2x2_neon(void *dct_table, JCOEFPTR coef_block,
-                         JSAMPARRAY output_buf, JDIMENSION output_col)
-{
-  ISLOW_MULT_TYPE *quantptr = dct_table;
-
-  /* Load DCT coefficients. */
-  int16x8_t row0 = vld1q_s16(coef_block + 0 * DCTSIZE);
-  int16x8_t row1 = vld1q_s16(coef_block + 1 * DCTSIZE);
-  int16x8_t row3 = vld1q_s16(coef_block + 3 * DCTSIZE);
-  int16x8_t row5 = vld1q_s16(coef_block + 5 * DCTSIZE);
-  int16x8_t row7 = vld1q_s16(coef_block + 7 * DCTSIZE);
-
-  /* Load quantization table values. */
-  int16x8_t quant_row0 = vld1q_s16(quantptr + 0 * DCTSIZE);
-  int16x8_t quant_row1 = vld1q_s16(quantptr + 1 * DCTSIZE);
-  int16x8_t quant_row3 = vld1q_s16(quantptr + 3 * DCTSIZE);
-  int16x8_t quant_row5 = vld1q_s16(quantptr + 5 * DCTSIZE);
-  int16x8_t quant_row7 = vld1q_s16(quantptr + 7 * DCTSIZE);
-
-  /* Dequantize DCT coefficients. */
-  row0 = vmulq_s16(row0, quant_row0);
-  row1 = vmulq_s16(row1, quant_row1);
-  row3 = vmulq_s16(row3, quant_row3);
-  row5 = vmulq_s16(row5, quant_row5);
-  row7 = vmulq_s16(row7, quant_row7);
-
-  /* Load IDCT conversion constants. */
-  const int16x4_t consts = vld1_s16(jsimd_idct_2x2_neon_consts);
-
-  /* Pass 1: process columns from input, put results in vectors row0 and
-   * row1.
-   */
-
-  /* Even part */
-  int32x4_t tmp10_l = vshll_n_s16(vget_low_s16(row0), CONST_BITS + 2);
-  int32x4_t tmp10_h = vshll_n_s16(vget_high_s16(row0), CONST_BITS + 2);
-
-  /* Odd part */
-  int32x4_t tmp0_l = vmull_lane_s16(vget_low_s16(row1), consts, 3);
-  tmp0_l = vmlal_lane_s16(tmp0_l, vget_low_s16(row3), consts, 2);
-  tmp0_l = vmlal_lane_s16(tmp0_l, vget_low_s16(row5), consts, 1);
-  tmp0_l = vmlal_lane_s16(tmp0_l, vget_low_s16(row7), consts, 0);
-  int32x4_t tmp0_h = vmull_lane_s16(vget_high_s16(row1), consts, 3);
-  tmp0_h = vmlal_lane_s16(tmp0_h, vget_high_s16(row3), consts, 2);
-  tmp0_h = vmlal_lane_s16(tmp0_h, vget_high_s16(row5), consts, 1);
-  tmp0_h = vmlal_lane_s16(tmp0_h, vget_high_s16(row7), consts, 0);
-
-  /* Final output stage: descale and narrow to 16-bit. */
-  row0 = vcombine_s16(vrshrn_n_s32(vaddq_s32(tmp10_l, tmp0_l), CONST_BITS),
-                      vrshrn_n_s32(vaddq_s32(tmp10_h, tmp0_h), CONST_BITS));
-  row1 = vcombine_s16(vrshrn_n_s32(vsubq_s32(tmp10_l, tmp0_l), CONST_BITS),
-                      vrshrn_n_s32(vsubq_s32(tmp10_h, tmp0_h), CONST_BITS));
-
-  /* Transpose two rows, ready for second pass. */
-  int16x8x2_t cols_0246_1357 = vtrnq_s16(row0, row1);
-  int16x8_t cols_0246 = cols_0246_1357.val[0];
-  int16x8_t cols_1357 = cols_0246_1357.val[1];
-  /* Duplicate columns such that each is accessible in its own vector. */
-  int32x4x2_t cols_1155_3377 = vtrnq_s32(vreinterpretq_s32_s16(cols_1357),
-                                         vreinterpretq_s32_s16(cols_1357));
-  int16x8_t cols_1155 = vreinterpretq_s16_s32(cols_1155_3377.val[0]);
-  int16x8_t cols_3377 = vreinterpretq_s16_s32(cols_1155_3377.val[1]);
-
-  /* Pass 2: process two rows, store to output array. */
-
-  /* Even part: we're only interested in col0; the top half of tmp10 is "don't
-   * care."
-   */
-  int32x4_t tmp10 = vshll_n_s16(vget_low_s16(cols_0246), CONST_BITS + 2);
-
-  /* Odd part: we're only interested in the bottom half of tmp0. */
-  int32x4_t tmp0 = vmull_lane_s16(vget_low_s16(cols_1155), consts, 3);
-  tmp0 = vmlal_lane_s16(tmp0, vget_low_s16(cols_3377), consts, 2);
-  tmp0 = vmlal_lane_s16(tmp0, vget_high_s16(cols_1155), consts, 1);
-  tmp0 = vmlal_lane_s16(tmp0, vget_high_s16(cols_3377), consts, 0);
-
-  /* Final output stage: descale and clamp to range [0-255]. */
-  int16x8_t output_s16 = vcombine_s16(vaddhn_s32(tmp10, tmp0),
-                                      vsubhn_s32(tmp10, tmp0));
-  output_s16 = vrsraq_n_s16(vdupq_n_s16(CENTERJSAMPLE), output_s16,
-                            CONST_BITS + PASS1_BITS + 3 + 2 - 16);
-  /* Narrow to 8-bit and convert to unsigned. */
-  uint8x8_t output_u8 = vqmovun_s16(output_s16);
-
-  /* Store 2x2 block to memory. */
-  vst1_lane_u8(output_buf[0] + output_col, output_u8, 0);
-  vst1_lane_u8(output_buf[1] + output_col, output_u8, 1);
-  vst1_lane_u8(output_buf[0] + output_col + 1, output_u8, 4);
-  vst1_lane_u8(output_buf[1] + output_col + 1, output_u8, 5);
-}
-
-
-/* jsimd_idct_4x4_neon() is an inverse DCT function that produces reduced-size
- * 4x4 output from an 8x8 DCT block.  It uses the same calculations and
- * produces exactly the same output as IJG's original jpeg_idct_4x4() function
- * from jpeg-6b, which can be found in jidctred.c.
- *
- * Scaled integer constants are used to avoid floating-point arithmetic:
- *    0.211164243 =  1730 * 2^-13
- *    0.509795579 =  4176 * 2^-13
- *    0.601344887 =  4926 * 2^-13
- *    0.765366865 =  6270 * 2^-13
- *    0.899976223 =  7373 * 2^-13
- *    1.061594337 =  8697 * 2^-13
- *    1.451774981 = 11893 * 2^-13
- *    1.847759065 = 15137 * 2^-13
- *    2.172734803 = 17799 * 2^-13
- *    2.562915447 = 20995 * 2^-13
- *
- * See jidctred.c for further details of the 4x4 IDCT algorithm.  Where
- * possible, the variable names and comments here in jsimd_idct_4x4_neon()
- * match up with those in jpeg_idct_4x4().
- */
-
-ALIGN(16) static const int16_t jsimd_idct_4x4_neon_consts[] = {
-  F_1_847, -F_0_765, -F_0_211,  F_1_451,
- -F_2_172,  F_1_061, -F_0_509, -F_0_601,
-  F_0_899,  F_2_562,        0,        0
-};
-
-void jsimd_idct_4x4_neon(void *dct_table, JCOEFPTR coef_block,
-                         JSAMPARRAY output_buf, JDIMENSION output_col)
-{
-  ISLOW_MULT_TYPE *quantptr = dct_table;
-
-  /* Load DCT coefficients. */
-  int16x8_t row0  = vld1q_s16(coef_block + 0 * DCTSIZE);
-  int16x8_t row1  = vld1q_s16(coef_block + 1 * DCTSIZE);
-  int16x8_t row2  = vld1q_s16(coef_block + 2 * DCTSIZE);
-  int16x8_t row3  = vld1q_s16(coef_block + 3 * DCTSIZE);
-  int16x8_t row5  = vld1q_s16(coef_block + 5 * DCTSIZE);
-  int16x8_t row6  = vld1q_s16(coef_block + 6 * DCTSIZE);
-  int16x8_t row7  = vld1q_s16(coef_block + 7 * DCTSIZE);
-
-  /* Load quantization table values for DC coefficients. */
-  int16x8_t quant_row0 = vld1q_s16(quantptr + 0 * DCTSIZE);
-  /* Dequantize DC coefficients. */
-  row0 = vmulq_s16(row0, quant_row0);
-
-  /* Construct bitmap to test if all AC coefficients are 0. */
-  int16x8_t bitmap = vorrq_s16(row1, row2);
-  bitmap = vorrq_s16(bitmap, row3);
-  bitmap = vorrq_s16(bitmap, row5);
-  bitmap = vorrq_s16(bitmap, row6);
-  bitmap = vorrq_s16(bitmap, row7);
-
-  int64_t left_ac_bitmap = vgetq_lane_s64(vreinterpretq_s64_s16(bitmap), 0);
-  int64_t right_ac_bitmap = vgetq_lane_s64(vreinterpretq_s64_s16(bitmap), 1);
-
-  /* Load constants for IDCT computation. */
-#ifdef HAVE_VLD1_S16_X3
-  const int16x4x3_t consts = vld1_s16_x3(jsimd_idct_4x4_neon_consts);
-#else
-  /* GCC does not currently support the intrinsic vld1_<type>_x3(). */
-  const int16x4_t consts1 = vld1_s16(jsimd_idct_4x4_neon_consts);
-  const int16x4_t consts2 = vld1_s16(jsimd_idct_4x4_neon_consts + 4);
-  const int16x4_t consts3 = vld1_s16(jsimd_idct_4x4_neon_consts + 8);
-  const int16x4x3_t consts = { { consts1, consts2, consts3 } };
-#endif
-
-  if (left_ac_bitmap == 0 && right_ac_bitmap == 0) {
-    /* All AC coefficients are zero.
-     * Compute DC values and duplicate into row vectors 0, 1, 2, and 3.
-     */
-    int16x8_t dcval = vshlq_n_s16(row0, PASS1_BITS);
-    row0 = dcval;
-    row1 = dcval;
-    row2 = dcval;
-    row3 = dcval;
-  } else if (left_ac_bitmap == 0) {
-    /* AC coefficients are zero for columns 0, 1, 2, and 3.
-     * Compute DC values for these columns.
-     */
-    int16x4_t dcval = vshl_n_s16(vget_low_s16(row0), PASS1_BITS);
-
-    /* Commence regular IDCT computation for columns 4, 5, 6, and 7. */
-
-    /* Load quantization table. */
-    int16x4_t quant_row1 = vld1_s16(quantptr + 1 * DCTSIZE + 4);
-    int16x4_t quant_row2 = vld1_s16(quantptr + 2 * DCTSIZE + 4);
-    int16x4_t quant_row3 = vld1_s16(quantptr + 3 * DCTSIZE + 4);
-    int16x4_t quant_row5 = vld1_s16(quantptr + 5 * DCTSIZE + 4);
-    int16x4_t quant_row6 = vld1_s16(quantptr + 6 * DCTSIZE + 4);
-    int16x4_t quant_row7 = vld1_s16(quantptr + 7 * DCTSIZE + 4);
-
-    /* Even part */
-    int32x4_t tmp0 = vshll_n_s16(vget_high_s16(row0), CONST_BITS + 1);
-
-    int16x4_t z2 = vmul_s16(vget_high_s16(row2), quant_row2);
-    int16x4_t z3 = vmul_s16(vget_high_s16(row6), quant_row6);
-
-    int32x4_t tmp2 = vmull_lane_s16(z2, consts.val[0], 0);
-    tmp2 = vmlal_lane_s16(tmp2, z3, consts.val[0], 1);
-
-    int32x4_t tmp10 = vaddq_s32(tmp0, tmp2);
-    int32x4_t tmp12 = vsubq_s32(tmp0, tmp2);
-
-    /* Odd part */
-    int16x4_t z1 = vmul_s16(vget_high_s16(row7), quant_row7);
-    z2 = vmul_s16(vget_high_s16(row5), quant_row5);
-    z3 = vmul_s16(vget_high_s16(row3), quant_row3);
-    int16x4_t z4 = vmul_s16(vget_high_s16(row1), quant_row1);
-
-    tmp0 = vmull_lane_s16(z1, consts.val[0], 2);
-    tmp0 = vmlal_lane_s16(tmp0, z2, consts.val[0], 3);
-    tmp0 = vmlal_lane_s16(tmp0, z3, consts.val[1], 0);
-    tmp0 = vmlal_lane_s16(tmp0, z4, consts.val[1], 1);
-
-    tmp2 = vmull_lane_s16(z1, consts.val[1], 2);
-    tmp2 = vmlal_lane_s16(tmp2, z2, consts.val[1], 3);
-    tmp2 = vmlal_lane_s16(tmp2, z3, consts.val[2], 0);
-    tmp2 = vmlal_lane_s16(tmp2, z4, consts.val[2], 1);
-
-    /* Final output stage: descale and narrow to 16-bit. */
-    row0 = vcombine_s16(dcval, vrshrn_n_s32(vaddq_s32(tmp10, tmp2),
-                                            CONST_BITS - PASS1_BITS + 1));
-    row3 = vcombine_s16(dcval, vrshrn_n_s32(vsubq_s32(tmp10, tmp2),
-                                            CONST_BITS - PASS1_BITS + 1));
-    row1 = vcombine_s16(dcval, vrshrn_n_s32(vaddq_s32(tmp12, tmp0),
-                                            CONST_BITS - PASS1_BITS + 1));
-    row2 = vcombine_s16(dcval, vrshrn_n_s32(vsubq_s32(tmp12, tmp0),
-                                            CONST_BITS - PASS1_BITS + 1));
-  } else if (right_ac_bitmap == 0) {
-    /* AC coefficients are zero for columns 4, 5, 6, and 7.
-     * Compute DC values for these columns.
-     */
-    int16x4_t dcval = vshl_n_s16(vget_high_s16(row0), PASS1_BITS);
-
-    /* Commence regular IDCT computation for columns 0, 1, 2, and 3. */
-
-    /* Load quantization table. */
-    int16x4_t quant_row1 = vld1_s16(quantptr + 1 * DCTSIZE);
-    int16x4_t quant_row2 = vld1_s16(quantptr + 2 * DCTSIZE);
-    int16x4_t quant_row3 = vld1_s16(quantptr + 3 * DCTSIZE);
-    int16x4_t quant_row5 = vld1_s16(quantptr + 5 * DCTSIZE);
-    int16x4_t quant_row6 = vld1_s16(quantptr + 6 * DCTSIZE);
-    int16x4_t quant_row7 = vld1_s16(quantptr + 7 * DCTSIZE);
-
-    /* Even part */
-    int32x4_t tmp0 = vshll_n_s16(vget_low_s16(row0), CONST_BITS + 1);
-
-    int16x4_t z2 = vmul_s16(vget_low_s16(row2), quant_row2);
-    int16x4_t z3 = vmul_s16(vget_low_s16(row6), quant_row6);
-
-    int32x4_t tmp2 = vmull_lane_s16(z2, consts.val[0], 0);
-    tmp2 = vmlal_lane_s16(tmp2, z3, consts.val[0], 1);
-
-    int32x4_t tmp10 = vaddq_s32(tmp0, tmp2);
-    int32x4_t tmp12 = vsubq_s32(tmp0, tmp2);
-
-    /* Odd part */
-    int16x4_t z1 = vmul_s16(vget_low_s16(row7), quant_row7);
-    z2 = vmul_s16(vget_low_s16(row5), quant_row5);
-    z3 = vmul_s16(vget_low_s16(row3), quant_row3);
-    int16x4_t z4 = vmul_s16(vget_low_s16(row1), quant_row1);
-
-    tmp0 = vmull_lane_s16(z1, consts.val[0], 2);
-    tmp0 = vmlal_lane_s16(tmp0, z2, consts.val[0], 3);
-    tmp0 = vmlal_lane_s16(tmp0, z3, consts.val[1], 0);
-    tmp0 = vmlal_lane_s16(tmp0, z4, consts.val[1], 1);
-
-    tmp2 = vmull_lane_s16(z1, consts.val[1], 2);
-    tmp2 = vmlal_lane_s16(tmp2, z2, consts.val[1], 3);
-    tmp2 = vmlal_lane_s16(tmp2, z3, consts.val[2], 0);
-    tmp2 = vmlal_lane_s16(tmp2, z4, consts.val[2], 1);
-
-    /* Final output stage: descale and narrow to 16-bit. */
-    row0 = vcombine_s16(vrshrn_n_s32(vaddq_s32(tmp10, tmp2),
-                                     CONST_BITS - PASS1_BITS + 1), dcval);
-    row3 = vcombine_s16(vrshrn_n_s32(vsubq_s32(tmp10, tmp2),
-                                     CONST_BITS - PASS1_BITS + 1), dcval);
-    row1 = vcombine_s16(vrshrn_n_s32(vaddq_s32(tmp12, tmp0),
-                                     CONST_BITS - PASS1_BITS + 1), dcval);
-    row2 = vcombine_s16(vrshrn_n_s32(vsubq_s32(tmp12, tmp0),
-                                     CONST_BITS - PASS1_BITS + 1), dcval);
-  } else {
-    /* All AC coefficients are non-zero; full IDCT calculation required. */
-    int16x8_t quant_row1 = vld1q_s16(quantptr + 1 * DCTSIZE);
-    int16x8_t quant_row2 = vld1q_s16(quantptr + 2 * DCTSIZE);
-    int16x8_t quant_row3 = vld1q_s16(quantptr + 3 * DCTSIZE);
-    int16x8_t quant_row5 = vld1q_s16(quantptr + 5 * DCTSIZE);
-    int16x8_t quant_row6 = vld1q_s16(quantptr + 6 * DCTSIZE);
-    int16x8_t quant_row7 = vld1q_s16(quantptr + 7 * DCTSIZE);
-
-    /* Even part */
-    int32x4_t tmp0_l = vshll_n_s16(vget_low_s16(row0), CONST_BITS + 1);
-    int32x4_t tmp0_h = vshll_n_s16(vget_high_s16(row0), CONST_BITS + 1);
-
-    int16x8_t z2 = vmulq_s16(row2, quant_row2);
-    int16x8_t z3 = vmulq_s16(row6, quant_row6);
-
-    int32x4_t tmp2_l = vmull_lane_s16(vget_low_s16(z2), consts.val[0], 0);
-    int32x4_t tmp2_h = vmull_lane_s16(vget_high_s16(z2), consts.val[0], 0);
-    tmp2_l = vmlal_lane_s16(tmp2_l, vget_low_s16(z3), consts.val[0], 1);
-    tmp2_h = vmlal_lane_s16(tmp2_h, vget_high_s16(z3), consts.val[0], 1);
-
-    int32x4_t tmp10_l = vaddq_s32(tmp0_l, tmp2_l);
-    int32x4_t tmp10_h = vaddq_s32(tmp0_h, tmp2_h);
-    int32x4_t tmp12_l = vsubq_s32(tmp0_l, tmp2_l);
-    int32x4_t tmp12_h = vsubq_s32(tmp0_h, tmp2_h);
-
-    /* Odd part */
-    int16x8_t z1 = vmulq_s16(row7, quant_row7);
-    z2 = vmulq_s16(row5, quant_row5);
-    z3 = vmulq_s16(row3, quant_row3);
-    int16x8_t z4 = vmulq_s16(row1, quant_row1);
-
-    tmp0_l = vmull_lane_s16(vget_low_s16(z1), consts.val[0], 2);
-    tmp0_l = vmlal_lane_s16(tmp0_l, vget_low_s16(z2), consts.val[0], 3);
-    tmp0_l = vmlal_lane_s16(tmp0_l, vget_low_s16(z3), consts.val[1], 0);
-    tmp0_l = vmlal_lane_s16(tmp0_l, vget_low_s16(z4), consts.val[1], 1);
-    tmp0_h = vmull_lane_s16(vget_high_s16(z1), consts.val[0], 2);
-    tmp0_h = vmlal_lane_s16(tmp0_h, vget_high_s16(z2), consts.val[0], 3);
-    tmp0_h = vmlal_lane_s16(tmp0_h, vget_high_s16(z3), consts.val[1], 0);
-    tmp0_h = vmlal_lane_s16(tmp0_h, vget_high_s16(z4), consts.val[1], 1);
-
-    tmp2_l = vmull_lane_s16(vget_low_s16(z1), consts.val[1], 2);
-    tmp2_l = vmlal_lane_s16(tmp2_l, vget_low_s16(z2), consts.val[1], 3);
-    tmp2_l = vmlal_lane_s16(tmp2_l, vget_low_s16(z3), consts.val[2], 0);
-    tmp2_l = vmlal_lane_s16(tmp2_l, vget_low_s16(z4), consts.val[2], 1);
-    tmp2_h = vmull_lane_s16(vget_high_s16(z1), consts.val[1], 2);
-    tmp2_h = vmlal_lane_s16(tmp2_h, vget_high_s16(z2), consts.val[1], 3);
-    tmp2_h = vmlal_lane_s16(tmp2_h, vget_high_s16(z3), consts.val[2], 0);
-    tmp2_h = vmlal_lane_s16(tmp2_h, vget_high_s16(z4), consts.val[2], 1);
-
-    /* Final output stage: descale and narrow to 16-bit. */
-    row0 = vcombine_s16(vrshrn_n_s32(vaddq_s32(tmp10_l, tmp2_l),
-                                     CONST_BITS - PASS1_BITS + 1),
-                        vrshrn_n_s32(vaddq_s32(tmp10_h, tmp2_h),
-                                     CONST_BITS - PASS1_BITS + 1));
-    row3 = vcombine_s16(vrshrn_n_s32(vsubq_s32(tmp10_l, tmp2_l),
-                                     CONST_BITS - PASS1_BITS + 1),
-                        vrshrn_n_s32(vsubq_s32(tmp10_h, tmp2_h),
-                                     CONST_BITS - PASS1_BITS + 1));
-    row1 = vcombine_s16(vrshrn_n_s32(vaddq_s32(tmp12_l, tmp0_l),
-                                     CONST_BITS - PASS1_BITS + 1),
-                        vrshrn_n_s32(vaddq_s32(tmp12_h, tmp0_h),
-                                     CONST_BITS - PASS1_BITS + 1));
-    row2 = vcombine_s16(vrshrn_n_s32(vsubq_s32(tmp12_l, tmp0_l),
-                                     CONST_BITS - PASS1_BITS + 1),
-                        vrshrn_n_s32(vsubq_s32(tmp12_h, tmp0_h),
-                                     CONST_BITS - PASS1_BITS + 1));
-  }
-
-  /* Transpose 8x4 block to perform IDCT on rows in second pass. */
-  int16x8x2_t row_01 = vtrnq_s16(row0, row1);
-  int16x8x2_t row_23 = vtrnq_s16(row2, row3);
-
-  int32x4x2_t cols_0426 = vtrnq_s32(vreinterpretq_s32_s16(row_01.val[0]),
-                                    vreinterpretq_s32_s16(row_23.val[0]));
-  int32x4x2_t cols_1537 = vtrnq_s32(vreinterpretq_s32_s16(row_01.val[1]),
-                                    vreinterpretq_s32_s16(row_23.val[1]));
-
-  int16x4_t col0 = vreinterpret_s16_s32(vget_low_s32(cols_0426.val[0]));
-  int16x4_t col1 = vreinterpret_s16_s32(vget_low_s32(cols_1537.val[0]));
-  int16x4_t col2 = vreinterpret_s16_s32(vget_low_s32(cols_0426.val[1]));
-  int16x4_t col3 = vreinterpret_s16_s32(vget_low_s32(cols_1537.val[1]));
-  int16x4_t col5 = vreinterpret_s16_s32(vget_high_s32(cols_1537.val[0]));
-  int16x4_t col6 = vreinterpret_s16_s32(vget_high_s32(cols_0426.val[1]));
-  int16x4_t col7 = vreinterpret_s16_s32(vget_high_s32(cols_1537.val[1]));
-
-  /* Commence second pass of IDCT. */
-
-  /* Even part */
-  int32x4_t tmp0 = vshll_n_s16(col0, CONST_BITS + 1);
-  int32x4_t tmp2 = vmull_lane_s16(col2, consts.val[0], 0);
-  tmp2 = vmlal_lane_s16(tmp2, col6, consts.val[0], 1);
-
-  int32x4_t tmp10 = vaddq_s32(tmp0, tmp2);
-  int32x4_t tmp12 = vsubq_s32(tmp0, tmp2);
-
-  /* Odd part */
-  tmp0 = vmull_lane_s16(col7, consts.val[0], 2);
-  tmp0 = vmlal_lane_s16(tmp0, col5, consts.val[0], 3);
-  tmp0 = vmlal_lane_s16(tmp0, col3, consts.val[1], 0);
-  tmp0 = vmlal_lane_s16(tmp0, col1, consts.val[1], 1);
-
-  tmp2 = vmull_lane_s16(col7, consts.val[1], 2);
-  tmp2 = vmlal_lane_s16(tmp2, col5, consts.val[1], 3);
-  tmp2 = vmlal_lane_s16(tmp2, col3, consts.val[2], 0);
-  tmp2 = vmlal_lane_s16(tmp2, col1, consts.val[2], 1);
-
-  /* Final output stage: descale and clamp to range [0-255]. */
-  int16x8_t output_cols_02 = vcombine_s16(vaddhn_s32(tmp10, tmp2),
-                                          vsubhn_s32(tmp12, tmp0));
-  int16x8_t output_cols_13 = vcombine_s16(vaddhn_s32(tmp12, tmp0),
-                                          vsubhn_s32(tmp10, tmp2));
-  output_cols_02 = vrsraq_n_s16(vdupq_n_s16(CENTERJSAMPLE), output_cols_02,
-                                CONST_BITS + PASS1_BITS + 3 + 1 - 16);
-  output_cols_13 = vrsraq_n_s16(vdupq_n_s16(CENTERJSAMPLE), output_cols_13,
-                                CONST_BITS + PASS1_BITS + 3 + 1 - 16);
-  /* Narrow to 8-bit and convert to unsigned while zipping 8-bit elements.
-   * An interleaving store completes the transpose.
-   */
-  uint8x8x2_t output_0123 = vzip_u8(vqmovun_s16(output_cols_02),
-                                    vqmovun_s16(output_cols_13));
-  uint16x4x2_t output_01_23 = { {
-    vreinterpret_u16_u8(output_0123.val[0]),
-    vreinterpret_u16_u8(output_0123.val[1])
-  } };
-
-  /* Store 4x4 block to memory. */
-  JSAMPROW outptr0 = output_buf[0] + output_col;
-  JSAMPROW outptr1 = output_buf[1] + output_col;
-  JSAMPROW outptr2 = output_buf[2] + output_col;
-  JSAMPROW outptr3 = output_buf[3] + output_col;
-  vst2_lane_u16((uint16_t *)outptr0, output_01_23, 0);
-  vst2_lane_u16((uint16_t *)outptr1, output_01_23, 1);
-  vst2_lane_u16((uint16_t *)outptr2, output_01_23, 2);
-  vst2_lane_u16((uint16_t *)outptr3, output_01_23, 3);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jquanti-neon.c b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jquanti-neon.c
deleted file mode 100644
index a7eb6f1..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/jquanti-neon.c
+++ /dev/null
@@ -1,190 +0,0 @@
-/*
- * jquanti-neon.c - sample data conversion and quantization (Arm Neon)
- *
- * Copyright (C) 2020, Arm Limited.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#define JPEG_INTERNALS
-#include "../../jinclude.h"
-#include "../../jpeglib.h"
-#include "../../jsimd.h"
-#include "../../jdct.h"
-#include "../../jsimddct.h"
-#include "../jsimd.h"
-
-#include <arm_neon.h>
-
-
-/* After downsampling, the resulting sample values are in the range [0, 255],
- * but the Discrete Cosine Transform (DCT) operates on values centered around
- * 0.
- *
- * To prepare sample values for the DCT, load samples into a DCT workspace,
- * subtracting CENTERJSAMPLE (128).  The samples, now in the range [-128, 127],
- * are also widened from 8- to 16-bit.
- *
- * The equivalent scalar C function convsamp() can be found in jcdctmgr.c.
- */
-
-void jsimd_convsamp_neon(JSAMPARRAY sample_data, JDIMENSION start_col,
-                         DCTELEM *workspace)
-{
-  uint8x8_t samp_row0 = vld1_u8(sample_data[0] + start_col);
-  uint8x8_t samp_row1 = vld1_u8(sample_data[1] + start_col);
-  uint8x8_t samp_row2 = vld1_u8(sample_data[2] + start_col);
-  uint8x8_t samp_row3 = vld1_u8(sample_data[3] + start_col);
-  uint8x8_t samp_row4 = vld1_u8(sample_data[4] + start_col);
-  uint8x8_t samp_row5 = vld1_u8(sample_data[5] + start_col);
-  uint8x8_t samp_row6 = vld1_u8(sample_data[6] + start_col);
-  uint8x8_t samp_row7 = vld1_u8(sample_data[7] + start_col);
-
-  int16x8_t row0 =
-    vreinterpretq_s16_u16(vsubl_u8(samp_row0, vdup_n_u8(CENTERJSAMPLE)));
-  int16x8_t row1 =
-    vreinterpretq_s16_u16(vsubl_u8(samp_row1, vdup_n_u8(CENTERJSAMPLE)));
-  int16x8_t row2 =
-    vreinterpretq_s16_u16(vsubl_u8(samp_row2, vdup_n_u8(CENTERJSAMPLE)));
-  int16x8_t row3 =
-    vreinterpretq_s16_u16(vsubl_u8(samp_row3, vdup_n_u8(CENTERJSAMPLE)));
-  int16x8_t row4 =
-    vreinterpretq_s16_u16(vsubl_u8(samp_row4, vdup_n_u8(CENTERJSAMPLE)));
-  int16x8_t row5 =
-    vreinterpretq_s16_u16(vsubl_u8(samp_row5, vdup_n_u8(CENTERJSAMPLE)));
-  int16x8_t row6 =
-    vreinterpretq_s16_u16(vsubl_u8(samp_row6, vdup_n_u8(CENTERJSAMPLE)));
-  int16x8_t row7 =
-    vreinterpretq_s16_u16(vsubl_u8(samp_row7, vdup_n_u8(CENTERJSAMPLE)));
-
-  vst1q_s16(workspace + 0 * DCTSIZE, row0);
-  vst1q_s16(workspace + 1 * DCTSIZE, row1);
-  vst1q_s16(workspace + 2 * DCTSIZE, row2);
-  vst1q_s16(workspace + 3 * DCTSIZE, row3);
-  vst1q_s16(workspace + 4 * DCTSIZE, row4);
-  vst1q_s16(workspace + 5 * DCTSIZE, row5);
-  vst1q_s16(workspace + 6 * DCTSIZE, row6);
-  vst1q_s16(workspace + 7 * DCTSIZE, row7);
-}
-
-
-/* After the DCT, the resulting array of coefficient values needs to be divided
- * by an array of quantization values.
- *
- * To avoid a slow division operation, the DCT coefficients are multiplied by
- * the (scaled) reciprocals of the quantization values and then right-shifted.
- *
- * The equivalent scalar C function quantize() can be found in jcdctmgr.c.
- */
-
-void jsimd_quantize_neon(JCOEFPTR coef_block, DCTELEM *divisors,
-                         DCTELEM *workspace)
-{
-  JCOEFPTR out_ptr = coef_block;
-  UDCTELEM *recip_ptr = (UDCTELEM *)divisors;
-  UDCTELEM *corr_ptr = (UDCTELEM *)divisors + DCTSIZE2;
-  DCTELEM *shift_ptr = divisors + 3 * DCTSIZE2;
-  int i;
-
-  for (i = 0; i < DCTSIZE; i += DCTSIZE / 2) {
-    /* Load DCT coefficients. */
-    int16x8_t row0 = vld1q_s16(workspace + (i + 0) * DCTSIZE);
-    int16x8_t row1 = vld1q_s16(workspace + (i + 1) * DCTSIZE);
-    int16x8_t row2 = vld1q_s16(workspace + (i + 2) * DCTSIZE);
-    int16x8_t row3 = vld1q_s16(workspace + (i + 3) * DCTSIZE);
-    /* Load reciprocals of quantization values. */
-    uint16x8_t recip0 = vld1q_u16(recip_ptr + (i + 0) * DCTSIZE);
-    uint16x8_t recip1 = vld1q_u16(recip_ptr + (i + 1) * DCTSIZE);
-    uint16x8_t recip2 = vld1q_u16(recip_ptr + (i + 2) * DCTSIZE);
-    uint16x8_t recip3 = vld1q_u16(recip_ptr + (i + 3) * DCTSIZE);
-    uint16x8_t corr0 = vld1q_u16(corr_ptr + (i + 0) * DCTSIZE);
-    uint16x8_t corr1 = vld1q_u16(corr_ptr + (i + 1) * DCTSIZE);
-    uint16x8_t corr2 = vld1q_u16(corr_ptr + (i + 2) * DCTSIZE);
-    uint16x8_t corr3 = vld1q_u16(corr_ptr + (i + 3) * DCTSIZE);
-    int16x8_t shift0 = vld1q_s16(shift_ptr + (i + 0) * DCTSIZE);
-    int16x8_t shift1 = vld1q_s16(shift_ptr + (i + 1) * DCTSIZE);
-    int16x8_t shift2 = vld1q_s16(shift_ptr + (i + 2) * DCTSIZE);
-    int16x8_t shift3 = vld1q_s16(shift_ptr + (i + 3) * DCTSIZE);
-
-    /* Extract sign from coefficients. */
-    int16x8_t sign_row0 = vshrq_n_s16(row0, 15);
-    int16x8_t sign_row1 = vshrq_n_s16(row1, 15);
-    int16x8_t sign_row2 = vshrq_n_s16(row2, 15);
-    int16x8_t sign_row3 = vshrq_n_s16(row3, 15);
-    /* Get absolute value of DCT coefficients. */
-    uint16x8_t abs_row0 = vreinterpretq_u16_s16(vabsq_s16(row0));
-    uint16x8_t abs_row1 = vreinterpretq_u16_s16(vabsq_s16(row1));
-    uint16x8_t abs_row2 = vreinterpretq_u16_s16(vabsq_s16(row2));
-    uint16x8_t abs_row3 = vreinterpretq_u16_s16(vabsq_s16(row3));
-    /* Add correction. */
-    abs_row0 = vaddq_u16(abs_row0, corr0);
-    abs_row1 = vaddq_u16(abs_row1, corr1);
-    abs_row2 = vaddq_u16(abs_row2, corr2);
-    abs_row3 = vaddq_u16(abs_row3, corr3);
-
-    /* Multiply DCT coefficients by quantization reciprocals. */
-    int32x4_t row0_l = vreinterpretq_s32_u32(vmull_u16(vget_low_u16(abs_row0),
-                                                       vget_low_u16(recip0)));
-    int32x4_t row0_h = vreinterpretq_s32_u32(vmull_u16(vget_high_u16(abs_row0),
-                                                       vget_high_u16(recip0)));
-    int32x4_t row1_l = vreinterpretq_s32_u32(vmull_u16(vget_low_u16(abs_row1),
-                                                       vget_low_u16(recip1)));
-    int32x4_t row1_h = vreinterpretq_s32_u32(vmull_u16(vget_high_u16(abs_row1),
-                                                       vget_high_u16(recip1)));
-    int32x4_t row2_l = vreinterpretq_s32_u32(vmull_u16(vget_low_u16(abs_row2),
-                                                       vget_low_u16(recip2)));
-    int32x4_t row2_h = vreinterpretq_s32_u32(vmull_u16(vget_high_u16(abs_row2),
-                                                       vget_high_u16(recip2)));
-    int32x4_t row3_l = vreinterpretq_s32_u32(vmull_u16(vget_low_u16(abs_row3),
-                                                       vget_low_u16(recip3)));
-    int32x4_t row3_h = vreinterpretq_s32_u32(vmull_u16(vget_high_u16(abs_row3),
-                                                       vget_high_u16(recip3)));
-    /* Narrow back to 16-bit. */
-    row0 = vcombine_s16(vshrn_n_s32(row0_l, 16), vshrn_n_s32(row0_h, 16));
-    row1 = vcombine_s16(vshrn_n_s32(row1_l, 16), vshrn_n_s32(row1_h, 16));
-    row2 = vcombine_s16(vshrn_n_s32(row2_l, 16), vshrn_n_s32(row2_h, 16));
-    row3 = vcombine_s16(vshrn_n_s32(row3_l, 16), vshrn_n_s32(row3_h, 16));
-
-    /* Since VSHR only supports an immediate as its second argument, negate the
-     * shift value and shift left.
-     */
-    row0 = vreinterpretq_s16_u16(vshlq_u16(vreinterpretq_u16_s16(row0),
-                                           vnegq_s16(shift0)));
-    row1 = vreinterpretq_s16_u16(vshlq_u16(vreinterpretq_u16_s16(row1),
-                                           vnegq_s16(shift1)));
-    row2 = vreinterpretq_s16_u16(vshlq_u16(vreinterpretq_u16_s16(row2),
-                                           vnegq_s16(shift2)));
-    row3 = vreinterpretq_s16_u16(vshlq_u16(vreinterpretq_u16_s16(row3),
-                                           vnegq_s16(shift3)));
-
-    /* Restore sign to original product. */
-    row0 = veorq_s16(row0, sign_row0);
-    row0 = vsubq_s16(row0, sign_row0);
-    row1 = veorq_s16(row1, sign_row1);
-    row1 = vsubq_s16(row1, sign_row1);
-    row2 = veorq_s16(row2, sign_row2);
-    row2 = vsubq_s16(row2, sign_row2);
-    row3 = veorq_s16(row3, sign_row3);
-    row3 = vsubq_s16(row3, sign_row3);
-
-    /* Store quantized coefficients to memory. */
-    vst1q_s16(out_ptr + (i + 0) * DCTSIZE, row0);
-    vst1q_s16(out_ptr + (i + 1) * DCTSIZE, row1);
-    vst1q_s16(out_ptr + (i + 2) * DCTSIZE, row2);
-    vst1q_s16(out_ptr + (i + 3) * DCTSIZE, row3);
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/neon-compat.h.in b/3rdparty/libjpeg-turbo_2_1_0/simd/arm/neon-compat.h.in
deleted file mode 100644
index 436c402..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/arm/neon-compat.h.in
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Copyright (C) 2020, D. R. Commander.  All Rights Reserved.
- * Copyright (C) 2020-2021, Arm Limited.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#cmakedefine HAVE_VLD1_S16_X3
-#cmakedefine HAVE_VLD1_U16_X2
-#cmakedefine HAVE_VLD1Q_U8_X4
-
-/* Define compiler-independent count-leading-zeros and byte-swap macros */
-#if defined(_MSC_VER) && !defined(__clang__)
-#define BUILTIN_CLZ(x)  _CountLeadingZeros(x)
-#define BUILTIN_CLZLL(x)  _CountLeadingZeros64(x)
-#define BUILTIN_BSWAP32(x)  _byteswap_ulong(x)
-#define BUILTIN_BSWAP64(x)  _byteswap_uint64(x)
-#elif defined(__clang__) || defined(__GNUC__)
-#define BUILTIN_CLZ(x)  __builtin_clz(x)
-#define BUILTIN_CLZLL(x)  __builtin_clzll(x)
-#define BUILTIN_BSWAP32(x)  __builtin_bswap32(x)
-#define BUILTIN_BSWAP64(x)  __builtin_bswap64(x)
-#else
-#error "Unknown compiler"
-#endif
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jccolext-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jccolext-avx2.asm
deleted file mode 100644
index c46d684..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jccolext-avx2.asm
+++ /dev/null
@@ -1,578 +0,0 @@
-;
-; jccolext.asm - colorspace conversion (AVX2)
-;
-; Copyright (C) 2015, Intel Corporation.
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jcolsamp.inc"
-
-; --------------------------------------------------------------------------
-;
-; Convert some rows of samples to the output colorspace.
-;
-; GLOBAL(void)
-; jsimd_rgb_ycc_convert_avx2(JDIMENSION img_width, JSAMPARRAY input_buf,
-;                            JSAMPIMAGE output_buf, JDIMENSION output_row,
-;                            int num_rows);
-;
-
-%define img_width(b)   (b) + 8          ; JDIMENSION img_width
-%define input_buf(b)   (b) + 12         ; JSAMPARRAY input_buf
-%define output_buf(b)  (b) + 16         ; JSAMPIMAGE output_buf
-%define output_row(b)  (b) + 20         ; JDIMENSION output_row
-%define num_rows(b)    (b) + 24         ; int num_rows
-
-%define original_ebp   ebp + 0
-%define wk(i)          ebp - (WK_NUM - (i)) * SIZEOF_YMMWORD
-                                        ; ymmword wk[WK_NUM]
-%define WK_NUM         8
-%define gotptr         wk(0) - SIZEOF_POINTER  ; void * gotptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_rgb_ycc_convert_avx2)
-
-EXTN(jsimd_rgb_ycc_convert_avx2):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_YMMWORD)  ; align to 256 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     eax                     ; make a room for GOT address
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-    movpic      POINTER [gotptr], ebx   ; save GOT address
-
-    mov         ecx, JDIMENSION [img_width(eax)]
-    test        ecx, ecx
-    jz          near .return
-
-    push        ecx
-
-    mov         esi, JSAMPIMAGE [output_buf(eax)]
-    mov         ecx, JDIMENSION [output_row(eax)]
-    mov         edi, JSAMPARRAY [esi+0*SIZEOF_JSAMPARRAY]
-    mov         ebx, JSAMPARRAY [esi+1*SIZEOF_JSAMPARRAY]
-    mov         edx, JSAMPARRAY [esi+2*SIZEOF_JSAMPARRAY]
-    lea         edi, [edi+ecx*SIZEOF_JSAMPROW]
-    lea         ebx, [ebx+ecx*SIZEOF_JSAMPROW]
-    lea         edx, [edx+ecx*SIZEOF_JSAMPROW]
-
-    pop         ecx
-
-    mov         esi, JSAMPARRAY [input_buf(eax)]
-    mov         eax, INT [num_rows(eax)]
-    test        eax, eax
-    jle         near .return
-    alignx      16, 7
-.rowloop:
-    pushpic     eax
-    push        edx
-    push        ebx
-    push        edi
-    push        esi
-    push        ecx                     ; col
-
-    mov         esi, JSAMPROW [esi]     ; inptr
-    mov         edi, JSAMPROW [edi]     ; outptr0
-    mov         ebx, JSAMPROW [ebx]     ; outptr1
-    mov         edx, JSAMPROW [edx]     ; outptr2
-    movpic      eax, POINTER [gotptr]   ; load GOT address (eax)
-
-    cmp         ecx, byte SIZEOF_YMMWORD
-    jae         near .columnloop
-    alignx      16, 7
-
-%if RGB_PIXELSIZE == 3  ; ---------------
-
-.column_ld1:
-    push        eax
-    push        edx
-    lea         ecx, [ecx+ecx*2]        ; imul ecx,RGB_PIXELSIZE
-    test        cl, SIZEOF_BYTE
-    jz          short .column_ld2
-    sub         ecx, byte SIZEOF_BYTE
-    movzx       eax, byte [esi+ecx]
-.column_ld2:
-    test        cl, SIZEOF_WORD
-    jz          short .column_ld4
-    sub         ecx, byte SIZEOF_WORD
-    movzx       edx, word [esi+ecx]
-    shl         eax, WORD_BIT
-    or          eax, edx
-.column_ld4:
-    vmovd       xmmA, eax
-    pop         edx
-    pop         eax
-    test        cl, SIZEOF_DWORD
-    jz          short .column_ld8
-    sub         ecx, byte SIZEOF_DWORD
-    vmovd       xmmF, XMM_DWORD [esi+ecx]
-    vpslldq     xmmA, xmmA, SIZEOF_DWORD
-    vpor        xmmA, xmmA, xmmF
-.column_ld8:
-    test        cl, SIZEOF_MMWORD
-    jz          short .column_ld16
-    sub         ecx, byte SIZEOF_MMWORD
-    vmovq       xmmB, XMM_MMWORD [esi+ecx]
-    vpslldq     xmmA, xmmA, SIZEOF_MMWORD
-    vpor        xmmA, xmmA, xmmB
-.column_ld16:
-    test        cl, SIZEOF_XMMWORD
-    jz          short .column_ld32
-    sub         ecx, byte SIZEOF_XMMWORD
-    vmovdqu     xmmB, XMM_MMWORD [esi+ecx]
-    vperm2i128  ymmA, ymmA, ymmA, 1
-    vpor        ymmA, ymmB
-.column_ld32:
-    test        cl, SIZEOF_YMMWORD
-    jz          short .column_ld64
-    sub         ecx, byte SIZEOF_YMMWORD
-    vmovdqa     ymmF, ymmA
-    vmovdqu     ymmA, YMMWORD [esi+0*SIZEOF_YMMWORD]
-.column_ld64:
-    test        cl, 2*SIZEOF_YMMWORD
-    mov         ecx, SIZEOF_YMMWORD
-    jz          short .rgb_ycc_cnv
-    vmovdqa     ymmB, ymmA
-    vmovdqu     ymmA, YMMWORD [esi+0*SIZEOF_YMMWORD]
-    vmovdqu     ymmF, YMMWORD [esi+1*SIZEOF_YMMWORD]
-    jmp         short .rgb_ycc_cnv
-    alignx      16, 7
-
-.columnloop:
-    vmovdqu     ymmA, YMMWORD [esi+0*SIZEOF_YMMWORD]
-    vmovdqu     ymmF, YMMWORD [esi+1*SIZEOF_YMMWORD]
-    vmovdqu     ymmB, YMMWORD [esi+2*SIZEOF_YMMWORD]
-
-.rgb_ycc_cnv:
-    ; ymmA=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05
-    ;       15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A)
-    ; ymmF=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F
-    ;       0G 1G 2G 0H 1H 2H 0I 1I 2I 0J 1J 2J 0K 1K 2K 0L)
-    ; ymmB=(1L 2L 0M 1M 2M 0N 1N 2N 0O 1O 2O 0P 1P 2P 0Q 1Q
-    ;       2Q 0R 1R 2R 0S 1S 2S 0T 1T 2T 0U 1U 2U 0V 1V 2V)
-
-    vmovdqu     ymmC, ymmA
-    vinserti128 ymmA, ymmF, xmmA, 0  ; ymmA=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05
-                                     ;       0G 1G 2G 0H 1H 2H 0I 1I 2I 0J 1J 2J 0K 1K 2K 0L)
-    vinserti128 ymmC, ymmC, xmmB, 0  ; ymmC=(1L 2L 0M 1M 2M 0N 1N 2N 0O 1O 2O 0P 1P 2P 0Q 1Q
-                                     ;       15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A)
-    vinserti128 ymmB, ymmB, xmmF, 0  ; ymmB=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F
-                                     ;       2Q 0R 1R 2R 0S 1S 2S 0T 1T 2T 0U 1U 2U 0V 1V 2V)
-    vperm2i128  ymmF, ymmC, ymmC, 1  ; ymmF=(15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A
-                                     ;       1L 2L 0M 1M 2M 0N 1N 2N 0O 1O 2O 0P 1P 2P 0Q 1Q)
-
-    vmovdqa     ymmG, ymmA
-    vpslldq     ymmA, ymmA, 8     ; ymmA=(-- -- -- -- -- -- -- -- 00 10 20 01 11 21 02 12
-                                  ;       22 03 13 23 04 14 24 05 0G 1G 2G 0H 1H 2H 0I 1I)
-    vpsrldq     ymmG, ymmG, 8     ; ymmG=(22 03 13 23 04 14 24 05 0G 1G 2G 0H 1H 2H 0I 1I
-                                  ;       2I 0J 1J 2J 0K 1K 2K 0L -- -- -- -- -- -- -- --)
-
-    vpunpckhbw  ymmA, ymmA, ymmF  ; ymmA=(00 08 10 18 20 28 01 09 11 19 21 29 02 0A 12 1A
-                                  ;       0G 0O 1G 1O 2G 2O 0H 0P 1H 1P 2H 2P 0I 0Q 1I 1Q)
-    vpslldq     ymmF, ymmF, 8     ; ymmF=(-- -- -- -- -- -- -- -- 15 25 06 16 26 07 17 27
-                                  ;       08 18 28 09 19 29 0A 1A 1L 2L 0M 1M 2M 0N 1N 2N)
-
-    vpunpcklbw  ymmG, ymmG, ymmB  ; ymmG=(22 2A 03 0B 13 1B 23 2B 04 0C 14 1C 24 2C 05 0D
-                                  ;       2I 2Q 0J 0R 1J 1R 2J 2R 0K 0S 1K 1S 2K 2S 0L 0T)
-    vpunpckhbw  ymmF, ymmF, ymmB  ; ymmF=(15 1D 25 2D 06 0E 16 1E 26 2E 07 0F 17 1F 27 2F
-                                  ;       1L 1T 2L 2T 0M 0U 1M 1U 2M 2U 0N 0V 1N 1V 2N 2V)
-
-    vmovdqa     ymmD, ymmA
-    vpslldq     ymmA, ymmA, 8     ; ymmA=(-- -- -- -- -- -- -- -- 00 08 10 18 20 28 01 09
-                                  ;       11 19 21 29 02 0A 12 1A 0G 0O 1G 1O 2G 2O 0H 0P)
-    vpsrldq     ymmD, ymmD, 8     ; ymmD=(11 19 21 29 02 0A 12 1A 0G 0O 1G 1O 2G 2O 0H 0P
-                                  ;       1H 1P 2H 2P 0I 0Q 1I 1Q -- -- -- -- -- -- -- --)
-
-    vpunpckhbw  ymmA, ymmA, ymmG  ; ymmA=(00 04 08 0C 10 14 18 1C 20 24 28 2C 01 05 09 0D
-                                  ;       0G 0K 0O 0S 1G 1K 1O 1S 2G 2K 2O 2S 0H 0L 0P 0T)
-    vpslldq     ymmG, ymmG, 8     ; ymmG=(-- -- -- -- -- -- -- -- 22 2A 03 0B 13 1B 23 2B
-                                  ;       04 0C 14 1C 24 2C 05 0D 2I 2Q 0J 0R 1J 1R 2J 2R)
-
-    vpunpcklbw  ymmD, ymmD, ymmF  ; ymmD=(11 15 19 1D 21 25 29 2D 02 06 0A 0E 12 16 1A 1E
-                                  ;       1H 1L 1P 1T 2H 2L 2P 2T 0I 0M 0Q 0U 1I 1M 1Q 1U)
-    vpunpckhbw  ymmG, ymmG, ymmF  ; ymmG=(22 26 2A 2E 03 07 0B 0F 13 17 1B 1F 23 27 2B 2F
-                                  ;       2I 2M 2Q 2U 0J 0N 0R 0V 1J 1N 1R 1V 2J 2N 2R 2V)
-
-    vmovdqa     ymmE, ymmA
-    vpslldq     ymmA, ymmA, 8     ; ymmA=(-- -- -- -- -- -- -- -- 00 04 08 0C 10 14 18 1C
-                                  ;       20 24 28 2C 01 05 09 0D 0G 0K 0O 0S 1G 1K 1O 1S)
-    vpsrldq     ymmE, ymmE, 8     ; ymmE=(20 24 28 2C 01 05 09 0D 0G 0K 0O 0S 1G 1K 1O 1S
-                                  ;       2G 2K 2O 2S 0H 0L 0P 0T -- -- -- -- -- -- -- --)
-
-    vpunpckhbw  ymmA, ymmA, ymmD  ; ymmA=(00 02 04 06 08 0A 0C 0E 10 12 14 16 18 1A 1C 1E
-                                  ;       0G 0I 0K 0M 0O 0Q 0S 0U 1G 1I 1K 1M 1O 1Q 1S 1U)
-    vpslldq     ymmD, ymmD, 8     ; ymmD=(-- -- -- -- -- -- -- -- 11 15 19 1D 21 25 29 2D
-                                  ;       02 06 0A 0E 12 16 1A 1E 1H 1L 1P 1T 2H 2L 2P 2T)
-
-    vpunpcklbw  ymmE, ymmE, ymmG  ; ymmE=(20 22 24 26 28 2A 2C 2E 01 03 05 07 09 0B 0D 0F
-                                  ;       2G 2I 2K 2M 2O 2Q 2S 2U 0H 0J 0L 0N 0P 0R 0T 0V)
-    vpunpckhbw  ymmD, ymmD, ymmG  ; ymmD=(11 13 15 17 19 1B 1D 1F 21 23 25 27 29 2B 2D 2F
-                                  ;       1H 1J 1L 1N 1P 1R 1T 1V 2H 2J 2L 2N 2P 2R 2T 2V)
-
-    vpxor       ymmH, ymmH, ymmH
-
-    vmovdqa     ymmC, ymmA
-    vpunpcklbw  ymmA, ymmA, ymmH  ; ymmA=(00 02 04 06 08 0A 0C 0E 0G 0I 0K 0M 0O 0Q 0S 0U)
-    vpunpckhbw  ymmC, ymmC, ymmH  ; ymmC=(10 12 14 16 18 1A 1C 1E 1G 1I 1K 1M 1O 1Q 1S 1U)
-
-    vmovdqa     ymmB, ymmE
-    vpunpcklbw  ymmE, ymmE, ymmH  ; ymmE=(20 22 24 26 28 2A 2C 2E 2G 2I 2K 2M 2O 2Q 2S 2U)
-    vpunpckhbw  ymmB, ymmB, ymmH  ; ymmB=(01 03 05 07 09 0B 0D 0F 0H 0J 0L 0N 0P 0R 0T 0V)
-
-    vmovdqa     ymmF, ymmD
-    vpunpcklbw  ymmD, ymmD, ymmH  ; ymmD=(11 13 15 17 19 1B 1D 1F 1H 1J 1L 1N 1P 1R 1T 1V)
-    vpunpckhbw  ymmF, ymmF, ymmH  ; ymmF=(21 23 25 27 29 2B 2D 2F 2H 2J 2L 2N 2P 2R 2T 2V)
-
-%else  ; RGB_PIXELSIZE == 4 ; -----------
-
-.column_ld1:
-    test        cl, SIZEOF_XMMWORD/16
-    jz          short .column_ld2
-    sub         ecx, byte SIZEOF_XMMWORD/16
-    vmovd       xmmA, XMM_DWORD [esi+ecx*RGB_PIXELSIZE]
-.column_ld2:
-    test        cl, SIZEOF_XMMWORD/8
-    jz          short .column_ld4
-    sub         ecx, byte SIZEOF_XMMWORD/8
-    vmovq       xmmF, XMM_MMWORD [esi+ecx*RGB_PIXELSIZE]
-    vpslldq     xmmA, xmmA, SIZEOF_MMWORD
-    vpor        xmmA, xmmA, xmmF
-.column_ld4:
-    test        cl, SIZEOF_XMMWORD/4
-    jz          short .column_ld8
-    sub         ecx, byte SIZEOF_XMMWORD/4
-    vmovdqa     xmmF, xmmA
-    vperm2i128  ymmF, ymmF, ymmF, 1
-    vmovdqu     xmmA, XMMWORD [esi+ecx*RGB_PIXELSIZE]
-    vpor        ymmA, ymmA, ymmF
-.column_ld8:
-    test        cl, SIZEOF_XMMWORD/2
-    jz          short .column_ld16
-    sub         ecx, byte SIZEOF_XMMWORD/2
-    vmovdqa     ymmF, ymmA
-    vmovdqu     ymmA, YMMWORD [esi+ecx*RGB_PIXELSIZE]
-.column_ld16:
-    test        cl, SIZEOF_XMMWORD
-    mov         ecx, SIZEOF_YMMWORD
-    jz          short .rgb_ycc_cnv
-    vmovdqa     ymmE, ymmA
-    vmovdqa     ymmH, ymmF
-    vmovdqu     ymmA, YMMWORD [esi+0*SIZEOF_YMMWORD]
-    vmovdqu     ymmF, YMMWORD [esi+1*SIZEOF_YMMWORD]
-    jmp         short .rgb_ycc_cnv
-    alignx      16, 7
-
-.columnloop:
-    vmovdqu     ymmA, YMMWORD [esi+0*SIZEOF_YMMWORD]
-    vmovdqu     ymmF, YMMWORD [esi+1*SIZEOF_YMMWORD]
-    vmovdqu     ymmE, YMMWORD [esi+2*SIZEOF_YMMWORD]
-    vmovdqu     ymmH, YMMWORD [esi+3*SIZEOF_YMMWORD]
-
-.rgb_ycc_cnv:
-    ; ymmA=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33
-    ;       04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37)
-    ; ymmF=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B
-    ;       0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F)
-    ; ymmE=(0G 1G 2G 3G 0H 1H 2H 3H 0I 1I 2I 3I 0J 1J 2J 3J
-    ;       0K 1K 2K 3K 0L 1L 2L 3L 0M 1M 2M 3M 0N 1N 2N 3N)
-    ; ymmH=(0O 1O 2O 3O 0P 1P 2P 3P 0Q 1Q 2Q 3Q 0R 1R 2R 3R
-    ;       0S 1S 2S 3S 0T 1T 2T 3T 0U 1U 2U 3U 0V 1V 2V 3V)
-
-    vmovdqa     ymmB, ymmA
-    vinserti128 ymmA, ymmA, xmmE, 1     ; ymmA=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33
-                                        ;       0G 1G 2G 3G 0H 1H 2H 3H 0I 1I 2I 3I 0J 1J 2J 3J)
-    vperm2i128  ymmE, ymmB, ymmE, 0x31  ; ymmE=(04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37
-                                        ;       0K 1K 2K 3K 0L 1L 2L 3L 0M 1M 2M 3M 0N 1N 2N 3N)
-
-    vmovdqa     ymmB, ymmF
-    vinserti128 ymmF, ymmF, xmmH, 1     ; ymmF=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B
-                                        ;       0O 1O 2O 3O 0P 1P 2P 3P 0Q 1Q 2Q 3Q 0R 1R 2R 3R)
-    vperm2i128  ymmH, ymmB, ymmH, 0x31  ; ymmH=(0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F
-                                        ;       0S 1S 2S 3S 0T 1T 2T 3T 0U 1U 2U 3U 0V 1V 2V 3V)
-
-    vmovdqa     ymmD, ymmA
-    vpunpcklbw  ymmA, ymmA, ymmE      ; ymmA=(00 04 10 14 20 24 30 34 01 05 11 15 21 25 31 35
-                                      ;       0G 0K 1G 1K 2G 2K 3G 3K 0H 0L 1H 1L 2H 2L 3H 3L)
-    vpunpckhbw  ymmD, ymmD, ymmE      ; ymmD=(02 06 12 16 22 26 32 36 03 07 13 17 23 27 33 37
-                                      ;       0I 0M 1I 1M 2I 2M 3I 3M 0J 0N 1J 1N 2J 2N 3J 3N)
-
-    vmovdqa     ymmC, ymmF
-    vpunpcklbw  ymmF, ymmF, ymmH      ; ymmF=(08 0C 18 1C 28 2C 38 3C 09 0D 19 1D 29 2D 39 3D
-                                      ;       0O 0S 1O 1S 2O 2S 3O 3S 0P 0T 1P 1T 2P 2T 3P 3T)
-    vpunpckhbw  ymmC, ymmC, ymmH      ; ymmC=(0A 0E 1A 1E 2A 2E 3A 3E 0B 0F 1B 1F 2B 2F 3B 3F
-                                      ;       0Q 0U 1Q 1U 2Q 2U 3Q 3U 0R 0V 1R 1V 2R 2V 3R 3V)
-
-    vmovdqa     ymmB, ymmA
-    vpunpcklwd  ymmA, ymmA, ymmF      ; ymmA=(00 04 08 0C 10 14 18 1C 20 24 28 2C 30 34 38 3C
-                                      ;       0G 0K 0O 0S 1G 1K 1O 1S 2G 2K 2O 2S 3G 3K 3O 3S)
-    vpunpckhwd  ymmB, ymmB, ymmF      ; ymmB=(01 05 09 0D 11 15 19 1D 21 25 29 2D 31 35 39 3D
-                                      ;       0H 0L 0P 0T 1H 1L 1P 1T 2H 2L 2P 2T 3H 3L 3P 3T)
-
-    vmovdqa     ymmG, ymmD
-    vpunpcklwd  ymmD, ymmD, ymmC      ; ymmD=(02 06 0A 0E 12 16 1A 1E 22 26 2A 2E 32 36 3A 3E
-                                      ;       0I 0M 0Q 0U 1I 1M 1Q 1U 2I 2M 2Q 2U 3I 3M 3Q 3U)
-    vpunpckhwd  ymmG, ymmG, ymmC      ; ymmG=(03 07 0B 0F 13 17 1B 1F 23 27 2B 2F 33 37 3B 3F
-                                      ;       0J 0N 0R 0V 1J 1N 1R 1V 2J 2N 2R 2V 3J 3N 3R 3V)
-
-    vmovdqa     ymmE, ymmA
-    vpunpcklbw  ymmA, ymmA, ymmD      ; ymmA=(00 02 04 06 08 0A 0C 0E 10 12 14 16 18 1A 1C 1E
-                                      ;       0G 0I 0K 0M 0O 0Q 0S 0U 1G 1I 1K 1M 1O 1Q 1S 1U)
-    vpunpckhbw  ymmE, ymmE, ymmD      ; ymmE=(20 22 24 26 28 2A 2C 2E 30 32 34 36 38 3A 3C 3E
-                                      ;       2G 2I 2K 2M 2O 2Q 2S 2U 3G 3I 3K 3M 3O 3Q 3S 3U)
-
-    vmovdqa     ymmH, ymmB
-    vpunpcklbw  ymmB, ymmB, ymmG      ; ymmB=(01 03 05 07 09 0B 0D 0F 11 13 15 17 19 1B 1D 1F
-                                      ;       0H 0J 0L 0N 0P 0R 0T 0V 1H 1J 1L 1N 1P 1R 1T 1V)
-    vpunpckhbw  ymmH, ymmH, ymmG      ; ymmH=(21 23 25 27 29 2B 2D 2F 31 33 35 37 39 3B 3D 3F
-                                      ;       2H 2J 2L 2N 2P 2R 2T 2V 3H 3J 3L 3N 3P 3R 3T 3V)
-
-    vpxor       ymmF, ymmF, ymmF
-
-    vmovdqa     ymmC, ymmA
-    vpunpcklbw  ymmA, ymmA, ymmF      ; ymmA=(00 02 04 06 08 0A 0C 0E 0G 0I 0K 0M 0O 0Q 0S 0U)
-    vpunpckhbw  ymmC, ymmC, ymmF      ; ymmC=(10 12 14 16 18 1A 1C 1E 1G 1I 1K 1M 1O 1Q 1S 1U)
-
-    vmovdqa     ymmD, ymmB
-    vpunpcklbw  ymmB, ymmB, ymmF      ; ymmB=(01 03 05 07 09 0B 0D 0F 0H 0J 0L 0N 0P 0R 0T 0V)
-    vpunpckhbw  ymmD, ymmD, ymmF      ; ymmD=(11 13 15 17 19 1B 1D 1F 1H 1J 1L 1N 1P 1R 1T 1V)
-
-    vmovdqa     ymmG, ymmE
-    vpunpcklbw  ymmE, ymmE, ymmF      ; ymmE=(20 22 24 26 28 2A 2C 2E 2G 2I 2K 2M 2O 2Q 2S 2U)
-    vpunpckhbw  ymmG, ymmG, ymmF      ; ymmG=(30 32 34 36 38 3A 3C 3E 3G 3I 3K 3M 3O 3Q 3S 3U)
-
-    vpunpcklbw  ymmF, ymmF, ymmH
-    vpunpckhbw  ymmH, ymmH, ymmH
-    vpsrlw      ymmF, ymmF, BYTE_BIT  ; ymmF=(21 23 25 27 29 2B 2D 2F 2H 2J 2L 2N 2P 2R 2T 2V)
-    vpsrlw      ymmH, ymmH, BYTE_BIT  ; ymmH=(31 33 35 37 39 3B 3D 3F 3H 3J 3L 3N 3P 3R 3T 3V)
-
-%endif  ; RGB_PIXELSIZE ; ---------------
-
-    ; ymm0=R(02468ACEGIKMOQSU)=RE, ymm2=G(02468ACEGIKMOQSU)=GE, ymm4=B(02468ACEGIKMOQSU)=BE
-    ; ymm1=R(13579BDFHJLNPRTV)=RO, ymm3=G(13579BDFHJLNPRTV)=GO, ymm5=B(13579BDFHJLNPRTV)=BO
-
-    ; (Original)
-    ; Y  =  0.29900 * R + 0.58700 * G + 0.11400 * B
-    ; Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B + CENTERJSAMPLE
-    ; Cr =  0.50000 * R - 0.41869 * G - 0.08131 * B + CENTERJSAMPLE
-    ;
-    ; (This implementation)
-    ; Y  =  0.29900 * R + 0.33700 * G + 0.11400 * B + 0.25000 * G
-    ; Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B + CENTERJSAMPLE
-    ; Cr =  0.50000 * R - 0.41869 * G - 0.08131 * B + CENTERJSAMPLE
-
-    vmovdqa     YMMWORD [wk(0)], ymm0   ; wk(0)=RE
-    vmovdqa     YMMWORD [wk(1)], ymm1   ; wk(1)=RO
-    vmovdqa     YMMWORD [wk(2)], ymm4   ; wk(2)=BE
-    vmovdqa     YMMWORD [wk(3)], ymm5   ; wk(3)=BO
-
-    vmovdqa     ymm6, ymm1
-    vpunpcklwd  ymm1, ymm1, ymm3
-    vpunpckhwd  ymm6, ymm6, ymm3
-    vmovdqa     ymm7, ymm1
-    vmovdqa     ymm4, ymm6
-    vpmaddwd    ymm1, ymm1, [GOTOFF(eax,PW_F0299_F0337)]  ; ymm1=ROL*FIX(0.299)+GOL*FIX(0.337)
-    vpmaddwd    ymm6, ymm6, [GOTOFF(eax,PW_F0299_F0337)]  ; ymm6=ROH*FIX(0.299)+GOH*FIX(0.337)
-    vpmaddwd    ymm7, ymm7, [GOTOFF(eax,PW_MF016_MF033)]  ; ymm7=ROL*-FIX(0.168)+GOL*-FIX(0.331)
-    vpmaddwd    ymm4, ymm4, [GOTOFF(eax,PW_MF016_MF033)]  ; ymm4=ROH*-FIX(0.168)+GOH*-FIX(0.331)
-
-    vmovdqa     YMMWORD [wk(4)], ymm1   ; wk(4)=ROL*FIX(0.299)+GOL*FIX(0.337)
-    vmovdqa     YMMWORD [wk(5)], ymm6   ; wk(5)=ROH*FIX(0.299)+GOH*FIX(0.337)
-
-    vpxor       ymm1, ymm1, ymm1
-    vpxor       ymm6, ymm6, ymm6
-    vpunpcklwd  ymm1, ymm1, ymm5        ; ymm1=BOL
-    vpunpckhwd  ymm6, ymm6, ymm5        ; ymm6=BOH
-    vpsrld      ymm1, ymm1, 1           ; ymm1=BOL*FIX(0.500)
-    vpsrld      ymm6, ymm6, 1           ; ymm6=BOH*FIX(0.500)
-
-    vmovdqa     ymm5, [GOTOFF(eax,PD_ONEHALFM1_CJ)]  ; ymm5=[PD_ONEHALFM1_CJ]
-
-    vpaddd      ymm7, ymm7, ymm1
-    vpaddd      ymm4, ymm4, ymm6
-    vpaddd      ymm7, ymm7, ymm5
-    vpaddd      ymm4, ymm4, ymm5
-    vpsrld      ymm7, ymm7, SCALEBITS   ; ymm7=CbOL
-    vpsrld      ymm4, ymm4, SCALEBITS   ; ymm4=CbOH
-    vpackssdw   ymm7, ymm7, ymm4        ; ymm7=CbO
-
-    vmovdqa     ymm1, YMMWORD [wk(2)]   ; ymm1=BE
-
-    vmovdqa     ymm6, ymm0
-    vpunpcklwd  ymm0, ymm0, ymm2
-    vpunpckhwd  ymm6, ymm6, ymm2
-    vmovdqa     ymm5, ymm0
-    vmovdqa     ymm4, ymm6
-    vpmaddwd    ymm0, ymm0, [GOTOFF(eax,PW_F0299_F0337)]  ; ymm0=REL*FIX(0.299)+GEL*FIX(0.337)
-    vpmaddwd    ymm6, ymm6, [GOTOFF(eax,PW_F0299_F0337)]  ; ymm6=REH*FIX(0.299)+GEH*FIX(0.337)
-    vpmaddwd    ymm5, ymm5, [GOTOFF(eax,PW_MF016_MF033)]  ; ymm5=REL*-FIX(0.168)+GEL*-FIX(0.331)
-    vpmaddwd    ymm4, ymm4, [GOTOFF(eax,PW_MF016_MF033)]  ; ymm4=REH*-FIX(0.168)+GEH*-FIX(0.331)
-
-    vmovdqa     YMMWORD [wk(6)], ymm0   ; wk(6)=REL*FIX(0.299)+GEL*FIX(0.337)
-    vmovdqa     YMMWORD [wk(7)], ymm6   ; wk(7)=REH*FIX(0.299)+GEH*FIX(0.337)
-
-    vpxor       ymm0, ymm0, ymm0
-    vpxor       ymm6, ymm6, ymm6
-    vpunpcklwd  ymm0, ymm0, ymm1        ; ymm0=BEL
-    vpunpckhwd  ymm6, ymm6, ymm1        ; ymm6=BEH
-    vpsrld      ymm0, ymm0, 1           ; ymm0=BEL*FIX(0.500)
-    vpsrld      ymm6, ymm6, 1           ; ymm6=BEH*FIX(0.500)
-
-    vmovdqa     ymm1, [GOTOFF(eax,PD_ONEHALFM1_CJ)]  ; ymm1=[PD_ONEHALFM1_CJ]
-
-    vpaddd      ymm5, ymm5, ymm0
-    vpaddd      ymm4, ymm4, ymm6
-    vpaddd      ymm5, ymm5, ymm1
-    vpaddd      ymm4, ymm4, ymm1
-    vpsrld      ymm5, ymm5, SCALEBITS   ; ymm5=CbEL
-    vpsrld      ymm4, ymm4, SCALEBITS   ; ymm4=CbEH
-    vpackssdw   ymm5, ymm5, ymm4        ; ymm5=CbE
-
-    vpsllw      ymm7, ymm7, BYTE_BIT
-    vpor        ymm5, ymm5, ymm7        ; ymm5=Cb
-    vmovdqu     YMMWORD [ebx], ymm5     ; Save Cb
-
-    vmovdqa     ymm0, YMMWORD [wk(3)]   ; ymm0=BO
-    vmovdqa     ymm6, YMMWORD [wk(2)]   ; ymm6=BE
-    vmovdqa     ymm1, YMMWORD [wk(1)]   ; ymm1=RO
-
-    vmovdqa     ymm4, ymm0
-    vpunpcklwd  ymm0, ymm0, ymm3
-    vpunpckhwd  ymm4, ymm4, ymm3
-    vmovdqa     ymm7, ymm0
-    vmovdqa     ymm5, ymm4
-    vpmaddwd    ymm0, ymm0, [GOTOFF(eax,PW_F0114_F0250)]  ; ymm0=BOL*FIX(0.114)+GOL*FIX(0.250)
-    vpmaddwd    ymm4, ymm4, [GOTOFF(eax,PW_F0114_F0250)]  ; ymm4=BOH*FIX(0.114)+GOH*FIX(0.250)
-    vpmaddwd    ymm7, ymm7, [GOTOFF(eax,PW_MF008_MF041)]  ; ymm7=BOL*-FIX(0.081)+GOL*-FIX(0.418)
-    vpmaddwd    ymm5, ymm5, [GOTOFF(eax,PW_MF008_MF041)]  ; ymm5=BOH*-FIX(0.081)+GOH*-FIX(0.418)
-
-    vmovdqa     ymm3, [GOTOFF(eax,PD_ONEHALF)]            ; ymm3=[PD_ONEHALF]
-
-    vpaddd      ymm0, ymm0, YMMWORD [wk(4)]
-    vpaddd      ymm4, ymm4, YMMWORD [wk(5)]
-    vpaddd      ymm0, ymm0, ymm3
-    vpaddd      ymm4, ymm4, ymm3
-    vpsrld      ymm0, ymm0, SCALEBITS   ; ymm0=YOL
-    vpsrld      ymm4, ymm4, SCALEBITS   ; ymm4=YOH
-    vpackssdw   ymm0, ymm0, ymm4        ; ymm0=YO
-
-    vpxor       ymm3, ymm3, ymm3
-    vpxor       ymm4, ymm4, ymm4
-    vpunpcklwd  ymm3, ymm3, ymm1        ; ymm3=ROL
-    vpunpckhwd  ymm4, ymm4, ymm1        ; ymm4=ROH
-    vpsrld      ymm3, ymm3, 1           ; ymm3=ROL*FIX(0.500)
-    vpsrld      ymm4, ymm4, 1           ; ymm4=ROH*FIX(0.500)
-
-    vmovdqa     ymm1, [GOTOFF(eax,PD_ONEHALFM1_CJ)]  ; ymm1=[PD_ONEHALFM1_CJ]
-
-    vpaddd      ymm7, ymm7, ymm3
-    vpaddd      ymm5, ymm5, ymm4
-    vpaddd      ymm7, ymm7, ymm1
-    vpaddd      ymm5, ymm5, ymm1
-    vpsrld      ymm7, ymm7, SCALEBITS   ; ymm7=CrOL
-    vpsrld      ymm5, ymm5, SCALEBITS   ; ymm5=CrOH
-    vpackssdw   ymm7, ymm7, ymm5        ; ymm7=CrO
-
-    vmovdqa     ymm3, YMMWORD [wk(0)]   ; ymm3=RE
-
-    vmovdqa     ymm4, ymm6
-    vpunpcklwd  ymm6, ymm6, ymm2
-    vpunpckhwd  ymm4, ymm4, ymm2
-    vmovdqa     ymm1, ymm6
-    vmovdqa     ymm5, ymm4
-    vpmaddwd    ymm6, ymm6, [GOTOFF(eax,PW_F0114_F0250)]  ; ymm6=BEL*FIX(0.114)+GEL*FIX(0.250)
-    vpmaddwd    ymm4, ymm4, [GOTOFF(eax,PW_F0114_F0250)]  ; ymm4=BEH*FIX(0.114)+GEH*FIX(0.250)
-    vpmaddwd    ymm1, ymm1, [GOTOFF(eax,PW_MF008_MF041)]  ; ymm1=BEL*-FIX(0.081)+GEL*-FIX(0.418)
-    vpmaddwd    ymm5, ymm5, [GOTOFF(eax,PW_MF008_MF041)]  ; ymm5=BEH*-FIX(0.081)+GEH*-FIX(0.418)
-
-    vmovdqa     ymm2, [GOTOFF(eax,PD_ONEHALF)]            ; ymm2=[PD_ONEHALF]
-
-    vpaddd      ymm6, ymm6, YMMWORD [wk(6)]
-    vpaddd      ymm4, ymm4, YMMWORD [wk(7)]
-    vpaddd      ymm6, ymm6, ymm2
-    vpaddd      ymm4, ymm4, ymm2
-    vpsrld      ymm6, ymm6, SCALEBITS   ; ymm6=YEL
-    vpsrld      ymm4, ymm4, SCALEBITS   ; ymm4=YEH
-    vpackssdw   ymm6, ymm6, ymm4        ; ymm6=YE
-
-    vpsllw      ymm0, ymm0, BYTE_BIT
-    vpor        ymm6, ymm6, ymm0        ; ymm6=Y
-    vmovdqu     YMMWORD [edi], ymm6     ; Save Y
-
-    vpxor       ymm2, ymm2, ymm2
-    vpxor       ymm4, ymm4, ymm4
-    vpunpcklwd  ymm2, ymm2, ymm3        ; ymm2=REL
-    vpunpckhwd  ymm4, ymm4, ymm3        ; ymm4=REH
-    vpsrld      ymm2, ymm2, 1           ; ymm2=REL*FIX(0.500)
-    vpsrld      ymm4, ymm4, 1           ; ymm4=REH*FIX(0.500)
-
-    vmovdqa     ymm0, [GOTOFF(eax,PD_ONEHALFM1_CJ)]  ; ymm0=[PD_ONEHALFM1_CJ]
-
-    vpaddd      ymm1, ymm1, ymm2
-    vpaddd      ymm5, ymm5, ymm4
-    vpaddd      ymm1, ymm1, ymm0
-    vpaddd      ymm5, ymm5, ymm0
-    vpsrld      ymm1, ymm1, SCALEBITS   ; ymm1=CrEL
-    vpsrld      ymm5, ymm5, SCALEBITS   ; ymm5=CrEH
-    vpackssdw   ymm1, ymm1, ymm5        ; ymm1=CrE
-
-    vpsllw      ymm7, ymm7, BYTE_BIT
-    vpor        ymm1, ymm1, ymm7        ; ymm1=Cr
-    vmovdqu     YMMWORD [edx], ymm1     ; Save Cr
-
-    sub         ecx, byte SIZEOF_YMMWORD
-    add         esi, RGB_PIXELSIZE*SIZEOF_YMMWORD  ; inptr
-    add         edi, byte SIZEOF_YMMWORD           ; outptr0
-    add         ebx, byte SIZEOF_YMMWORD           ; outptr1
-    add         edx, byte SIZEOF_YMMWORD           ; outptr2
-    cmp         ecx, byte SIZEOF_YMMWORD
-    jae         near .columnloop
-    test        ecx, ecx
-    jnz         near .column_ld1
-
-    pop         ecx                     ; col
-    pop         esi
-    pop         edi
-    pop         ebx
-    pop         edx
-    poppic      eax
-
-    add         esi, byte SIZEOF_JSAMPROW  ; input_buf
-    add         edi, byte SIZEOF_JSAMPROW
-    add         ebx, byte SIZEOF_JSAMPROW
-    add         edx, byte SIZEOF_JSAMPROW
-    dec         eax                        ; num_rows
-    jg          near .rowloop
-
-.return:
-    vzeroupper
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jccolext-mmx.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jccolext-mmx.asm
deleted file mode 100644
index 6357a42..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jccolext-mmx.asm
+++ /dev/null
@@ -1,476 +0,0 @@
-;
-; jccolext.asm - colorspace conversion (MMX)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jcolsamp.inc"
-
-; --------------------------------------------------------------------------
-;
-; Convert some rows of samples to the output colorspace.
-;
-; GLOBAL(void)
-; jsimd_rgb_ycc_convert_mmx(JDIMENSION img_width, JSAMPARRAY input_buf,
-;                           JSAMPIMAGE output_buf, JDIMENSION output_row,
-;                           int num_rows);
-;
-
-%define img_width(b)   (b) + 8          ; JDIMENSION img_width
-%define input_buf(b)   (b) + 12         ; JSAMPARRAY input_buf
-%define output_buf(b)  (b) + 16         ; JSAMPIMAGE output_buf
-%define output_row(b)  (b) + 20         ; JDIMENSION output_row
-%define num_rows(b)    (b) + 24         ; int num_rows
-
-%define original_ebp   ebp + 0
-%define wk(i)          ebp - (WK_NUM - (i)) * SIZEOF_MMWORD
-                                        ; mmword wk[WK_NUM]
-%define WK_NUM         8
-%define gotptr         wk(0) - SIZEOF_POINTER  ; void * gotptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_rgb_ycc_convert_mmx)
-
-EXTN(jsimd_rgb_ycc_convert_mmx):
-    push        ebp
-    mov         eax, esp                    ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_MMWORD)  ; align to 64 bits
-    mov         [esp], eax
-    mov         ebp, esp                    ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     eax                     ; make a room for GOT address
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-    movpic      POINTER [gotptr], ebx   ; save GOT address
-
-    mov         ecx, JDIMENSION [img_width(eax)]  ; num_cols
-    test        ecx, ecx
-    jz          near .return
-
-    push        ecx
-
-    mov         esi, JSAMPIMAGE [output_buf(eax)]
-    mov         ecx, JDIMENSION [output_row(eax)]
-    mov         edi, JSAMPARRAY [esi+0*SIZEOF_JSAMPARRAY]
-    mov         ebx, JSAMPARRAY [esi+1*SIZEOF_JSAMPARRAY]
-    mov         edx, JSAMPARRAY [esi+2*SIZEOF_JSAMPARRAY]
-    lea         edi, [edi+ecx*SIZEOF_JSAMPROW]
-    lea         ebx, [ebx+ecx*SIZEOF_JSAMPROW]
-    lea         edx, [edx+ecx*SIZEOF_JSAMPROW]
-
-    pop         ecx
-
-    mov         esi, JSAMPARRAY [input_buf(eax)]
-    mov         eax, INT [num_rows(eax)]
-    test        eax, eax
-    jle         near .return
-    alignx      16, 7
-.rowloop:
-    pushpic     eax
-    push        edx
-    push        ebx
-    push        edi
-    push        esi
-    push        ecx                     ; col
-
-    mov         esi, JSAMPROW [esi]     ; inptr
-    mov         edi, JSAMPROW [edi]     ; outptr0
-    mov         ebx, JSAMPROW [ebx]     ; outptr1
-    mov         edx, JSAMPROW [edx]     ; outptr2
-    movpic      eax, POINTER [gotptr]   ; load GOT address (eax)
-
-    cmp         ecx, byte SIZEOF_MMWORD
-    jae         short .columnloop
-    alignx      16, 7
-
-%if RGB_PIXELSIZE == 3  ; ---------------
-
-.column_ld1:
-    push        eax
-    push        edx
-    lea         ecx, [ecx+ecx*2]        ; imul ecx,RGB_PIXELSIZE
-    test        cl, SIZEOF_BYTE
-    jz          short .column_ld2
-    sub         ecx, byte SIZEOF_BYTE
-    xor         eax, eax
-    mov         al, byte [esi+ecx]
-.column_ld2:
-    test        cl, SIZEOF_WORD
-    jz          short .column_ld4
-    sub         ecx, byte SIZEOF_WORD
-    xor         edx, edx
-    mov         dx, word [esi+ecx]
-    shl         eax, WORD_BIT
-    or          eax, edx
-.column_ld4:
-    movd        mmA, eax
-    pop         edx
-    pop         eax
-    test        cl, SIZEOF_DWORD
-    jz          short .column_ld8
-    sub         ecx, byte SIZEOF_DWORD
-    movd        mmG, dword [esi+ecx]
-    psllq       mmA, DWORD_BIT
-    por         mmA, mmG
-.column_ld8:
-    test        cl, SIZEOF_MMWORD
-    jz          short .column_ld16
-    movq        mmG, mmA
-    movq        mmA, MMWORD [esi+0*SIZEOF_MMWORD]
-    mov         ecx, SIZEOF_MMWORD
-    jmp         short .rgb_ycc_cnv
-.column_ld16:
-    test        cl, 2*SIZEOF_MMWORD
-    mov         ecx, SIZEOF_MMWORD
-    jz          short .rgb_ycc_cnv
-    movq        mmF, mmA
-    movq        mmA, MMWORD [esi+0*SIZEOF_MMWORD]
-    movq        mmG, MMWORD [esi+1*SIZEOF_MMWORD]
-    jmp         short .rgb_ycc_cnv
-    alignx      16, 7
-
-.columnloop:
-    movq        mmA, MMWORD [esi+0*SIZEOF_MMWORD]
-    movq        mmG, MMWORD [esi+1*SIZEOF_MMWORD]
-    movq        mmF, MMWORD [esi+2*SIZEOF_MMWORD]
-
-.rgb_ycc_cnv:
-    ; mmA=(00 10 20 01 11 21 02 12)
-    ; mmG=(22 03 13 23 04 14 24 05)
-    ; mmF=(15 25 06 16 26 07 17 27)
-
-    movq        mmD, mmA
-    psllq       mmA, 4*BYTE_BIT         ; mmA=(-- -- -- -- 00 10 20 01)
-    psrlq       mmD, 4*BYTE_BIT         ; mmD=(11 21 02 12 -- -- -- --)
-
-    punpckhbw   mmA, mmG                ; mmA=(00 04 10 14 20 24 01 05)
-    psllq       mmG, 4*BYTE_BIT         ; mmG=(-- -- -- -- 22 03 13 23)
-
-    punpcklbw   mmD, mmF                ; mmD=(11 15 21 25 02 06 12 16)
-    punpckhbw   mmG, mmF                ; mmG=(22 26 03 07 13 17 23 27)
-
-    movq        mmE, mmA
-    psllq       mmA, 4*BYTE_BIT         ; mmA=(-- -- -- -- 00 04 10 14)
-    psrlq       mmE, 4*BYTE_BIT         ; mmE=(20 24 01 05 -- -- -- --)
-
-    punpckhbw   mmA, mmD                ; mmA=(00 02 04 06 10 12 14 16)
-    psllq       mmD, 4*BYTE_BIT         ; mmD=(-- -- -- -- 11 15 21 25)
-
-    punpcklbw   mmE, mmG                ; mmE=(20 22 24 26 01 03 05 07)
-    punpckhbw   mmD, mmG                ; mmD=(11 13 15 17 21 23 25 27)
-
-    pxor        mmH, mmH
-
-    movq        mmC, mmA
-    punpcklbw   mmA, mmH                ; mmA=(00 02 04 06)
-    punpckhbw   mmC, mmH                ; mmC=(10 12 14 16)
-
-    movq        mmB, mmE
-    punpcklbw   mmE, mmH                ; mmE=(20 22 24 26)
-    punpckhbw   mmB, mmH                ; mmB=(01 03 05 07)
-
-    movq        mmF, mmD
-    punpcklbw   mmD, mmH                ; mmD=(11 13 15 17)
-    punpckhbw   mmF, mmH                ; mmF=(21 23 25 27)
-
-%else  ; RGB_PIXELSIZE == 4 ; -----------
-
-.column_ld1:
-    test        cl, SIZEOF_MMWORD/8
-    jz          short .column_ld2
-    sub         ecx, byte SIZEOF_MMWORD/8
-    movd        mmA, dword [esi+ecx*RGB_PIXELSIZE]
-.column_ld2:
-    test        cl, SIZEOF_MMWORD/4
-    jz          short .column_ld4
-    sub         ecx, byte SIZEOF_MMWORD/4
-    movq        mmF, mmA
-    movq        mmA, MMWORD [esi+ecx*RGB_PIXELSIZE]
-.column_ld4:
-    test        cl, SIZEOF_MMWORD/2
-    mov         ecx, SIZEOF_MMWORD
-    jz          short .rgb_ycc_cnv
-    movq        mmD, mmA
-    movq        mmC, mmF
-    movq        mmA, MMWORD [esi+0*SIZEOF_MMWORD]
-    movq        mmF, MMWORD [esi+1*SIZEOF_MMWORD]
-    jmp         short .rgb_ycc_cnv
-    alignx      16, 7
-
-.columnloop:
-    movq        mmA, MMWORD [esi+0*SIZEOF_MMWORD]
-    movq        mmF, MMWORD [esi+1*SIZEOF_MMWORD]
-    movq        mmD, MMWORD [esi+2*SIZEOF_MMWORD]
-    movq        mmC, MMWORD [esi+3*SIZEOF_MMWORD]
-
-.rgb_ycc_cnv:
-    ; mmA=(00 10 20 30 01 11 21 31)
-    ; mmF=(02 12 22 32 03 13 23 33)
-    ; mmD=(04 14 24 34 05 15 25 35)
-    ; mmC=(06 16 26 36 07 17 27 37)
-
-    movq        mmB, mmA
-    punpcklbw   mmA, mmF                ; mmA=(00 02 10 12 20 22 30 32)
-    punpckhbw   mmB, mmF                ; mmB=(01 03 11 13 21 23 31 33)
-
-    movq        mmG, mmD
-    punpcklbw   mmD, mmC                ; mmD=(04 06 14 16 24 26 34 36)
-    punpckhbw   mmG, mmC                ; mmG=(05 07 15 17 25 27 35 37)
-
-    movq        mmE, mmA
-    punpcklwd   mmA, mmD                ; mmA=(00 02 04 06 10 12 14 16)
-    punpckhwd   mmE, mmD                ; mmE=(20 22 24 26 30 32 34 36)
-
-    movq        mmH, mmB
-    punpcklwd   mmB, mmG                ; mmB=(01 03 05 07 11 13 15 17)
-    punpckhwd   mmH, mmG                ; mmH=(21 23 25 27 31 33 35 37)
-
-    pxor        mmF, mmF
-
-    movq        mmC, mmA
-    punpcklbw   mmA, mmF                ; mmA=(00 02 04 06)
-    punpckhbw   mmC, mmF                ; mmC=(10 12 14 16)
-
-    movq        mmD, mmB
-    punpcklbw   mmB, mmF                ; mmB=(01 03 05 07)
-    punpckhbw   mmD, mmF                ; mmD=(11 13 15 17)
-
-    movq        mmG, mmE
-    punpcklbw   mmE, mmF                ; mmE=(20 22 24 26)
-    punpckhbw   mmG, mmF                ; mmG=(30 32 34 36)
-
-    punpcklbw   mmF, mmH
-    punpckhbw   mmH, mmH
-    psrlw       mmF, BYTE_BIT           ; mmF=(21 23 25 27)
-    psrlw       mmH, BYTE_BIT           ; mmH=(31 33 35 37)
-
-%endif  ; RGB_PIXELSIZE ; ---------------
-
-    ; mm0=(R0 R2 R4 R6)=RE, mm2=(G0 G2 G4 G6)=GE, mm4=(B0 B2 B4 B6)=BE
-    ; mm1=(R1 R3 R5 R7)=RO, mm3=(G1 G3 G5 G7)=GO, mm5=(B1 B3 B5 B7)=BO
-
-    ; (Original)
-    ; Y  =  0.29900 * R + 0.58700 * G + 0.11400 * B
-    ; Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B + CENTERJSAMPLE
-    ; Cr =  0.50000 * R - 0.41869 * G - 0.08131 * B + CENTERJSAMPLE
-    ;
-    ; (This implementation)
-    ; Y  =  0.29900 * R + 0.33700 * G + 0.11400 * B + 0.25000 * G
-    ; Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B + CENTERJSAMPLE
-    ; Cr =  0.50000 * R - 0.41869 * G - 0.08131 * B + CENTERJSAMPLE
-
-    movq        MMWORD [wk(0)], mm0     ; wk(0)=RE
-    movq        MMWORD [wk(1)], mm1     ; wk(1)=RO
-    movq        MMWORD [wk(2)], mm4     ; wk(2)=BE
-    movq        MMWORD [wk(3)], mm5     ; wk(3)=BO
-
-    movq        mm6, mm1
-    punpcklwd   mm1, mm3
-    punpckhwd   mm6, mm3
-    movq        mm7, mm1
-    movq        mm4, mm6
-    pmaddwd     mm1, [GOTOFF(eax,PW_F0299_F0337)]  ; mm1=ROL*FIX(0.299)+GOL*FIX(0.337)
-    pmaddwd     mm6, [GOTOFF(eax,PW_F0299_F0337)]  ; mm6=ROH*FIX(0.299)+GOH*FIX(0.337)
-    pmaddwd     mm7, [GOTOFF(eax,PW_MF016_MF033)]  ; mm7=ROL*-FIX(0.168)+GOL*-FIX(0.331)
-    pmaddwd     mm4, [GOTOFF(eax,PW_MF016_MF033)]  ; mm4=ROH*-FIX(0.168)+GOH*-FIX(0.331)
-
-    movq        MMWORD [wk(4)], mm1     ; wk(4)=ROL*FIX(0.299)+GOL*FIX(0.337)
-    movq        MMWORD [wk(5)], mm6     ; wk(5)=ROH*FIX(0.299)+GOH*FIX(0.337)
-
-    pxor        mm1, mm1
-    pxor        mm6, mm6
-    punpcklwd   mm1, mm5                ; mm1=BOL
-    punpckhwd   mm6, mm5                ; mm6=BOH
-    psrld       mm1, 1                  ; mm1=BOL*FIX(0.500)
-    psrld       mm6, 1                  ; mm6=BOH*FIX(0.500)
-
-    movq        mm5, [GOTOFF(eax,PD_ONEHALFM1_CJ)]  ; mm5=[PD_ONEHALFM1_CJ]
-
-    paddd       mm7, mm1
-    paddd       mm4, mm6
-    paddd       mm7, mm5
-    paddd       mm4, mm5
-    psrld       mm7, SCALEBITS          ; mm7=CbOL
-    psrld       mm4, SCALEBITS          ; mm4=CbOH
-    packssdw    mm7, mm4                ; mm7=CbO
-
-    movq        mm1, MMWORD [wk(2)]     ; mm1=BE
-
-    movq        mm6, mm0
-    punpcklwd   mm0, mm2
-    punpckhwd   mm6, mm2
-    movq        mm5, mm0
-    movq        mm4, mm6
-    pmaddwd     mm0, [GOTOFF(eax,PW_F0299_F0337)]  ; mm0=REL*FIX(0.299)+GEL*FIX(0.337)
-    pmaddwd     mm6, [GOTOFF(eax,PW_F0299_F0337)]  ; mm6=REH*FIX(0.299)+GEH*FIX(0.337)
-    pmaddwd     mm5, [GOTOFF(eax,PW_MF016_MF033)]  ; mm5=REL*-FIX(0.168)+GEL*-FIX(0.331)
-    pmaddwd     mm4, [GOTOFF(eax,PW_MF016_MF033)]  ; mm4=REH*-FIX(0.168)+GEH*-FIX(0.331)
-
-    movq        MMWORD [wk(6)], mm0     ; wk(6)=REL*FIX(0.299)+GEL*FIX(0.337)
-    movq        MMWORD [wk(7)], mm6     ; wk(7)=REH*FIX(0.299)+GEH*FIX(0.337)
-
-    pxor        mm0, mm0
-    pxor        mm6, mm6
-    punpcklwd   mm0, mm1                ; mm0=BEL
-    punpckhwd   mm6, mm1                ; mm6=BEH
-    psrld       mm0, 1                  ; mm0=BEL*FIX(0.500)
-    psrld       mm6, 1                  ; mm6=BEH*FIX(0.500)
-
-    movq        mm1, [GOTOFF(eax,PD_ONEHALFM1_CJ)]  ; mm1=[PD_ONEHALFM1_CJ]
-
-    paddd       mm5, mm0
-    paddd       mm4, mm6
-    paddd       mm5, mm1
-    paddd       mm4, mm1
-    psrld       mm5, SCALEBITS          ; mm5=CbEL
-    psrld       mm4, SCALEBITS          ; mm4=CbEH
-    packssdw    mm5, mm4                ; mm5=CbE
-
-    psllw       mm7, BYTE_BIT
-    por         mm5, mm7                ; mm5=Cb
-    movq        MMWORD [ebx], mm5       ; Save Cb
-
-    movq        mm0, MMWORD [wk(3)]     ; mm0=BO
-    movq        mm6, MMWORD [wk(2)]     ; mm6=BE
-    movq        mm1, MMWORD [wk(1)]     ; mm1=RO
-
-    movq        mm4, mm0
-    punpcklwd   mm0, mm3
-    punpckhwd   mm4, mm3
-    movq        mm7, mm0
-    movq        mm5, mm4
-    pmaddwd     mm0, [GOTOFF(eax,PW_F0114_F0250)]  ; mm0=BOL*FIX(0.114)+GOL*FIX(0.250)
-    pmaddwd     mm4, [GOTOFF(eax,PW_F0114_F0250)]  ; mm4=BOH*FIX(0.114)+GOH*FIX(0.250)
-    pmaddwd     mm7, [GOTOFF(eax,PW_MF008_MF041)]  ; mm7=BOL*-FIX(0.081)+GOL*-FIX(0.418)
-    pmaddwd     mm5, [GOTOFF(eax,PW_MF008_MF041)]  ; mm5=BOH*-FIX(0.081)+GOH*-FIX(0.418)
-
-    movq        mm3, [GOTOFF(eax,PD_ONEHALF)]  ; mm3=[PD_ONEHALF]
-
-    paddd       mm0, MMWORD [wk(4)]
-    paddd       mm4, MMWORD [wk(5)]
-    paddd       mm0, mm3
-    paddd       mm4, mm3
-    psrld       mm0, SCALEBITS          ; mm0=YOL
-    psrld       mm4, SCALEBITS          ; mm4=YOH
-    packssdw    mm0, mm4                ; mm0=YO
-
-    pxor        mm3, mm3
-    pxor        mm4, mm4
-    punpcklwd   mm3, mm1                ; mm3=ROL
-    punpckhwd   mm4, mm1                ; mm4=ROH
-    psrld       mm3, 1                  ; mm3=ROL*FIX(0.500)
-    psrld       mm4, 1                  ; mm4=ROH*FIX(0.500)
-
-    movq        mm1, [GOTOFF(eax,PD_ONEHALFM1_CJ)]  ; mm1=[PD_ONEHALFM1_CJ]
-
-    paddd       mm7, mm3
-    paddd       mm5, mm4
-    paddd       mm7, mm1
-    paddd       mm5, mm1
-    psrld       mm7, SCALEBITS          ; mm7=CrOL
-    psrld       mm5, SCALEBITS          ; mm5=CrOH
-    packssdw    mm7, mm5                ; mm7=CrO
-
-    movq        mm3, MMWORD [wk(0)]     ; mm3=RE
-
-    movq        mm4, mm6
-    punpcklwd   mm6, mm2
-    punpckhwd   mm4, mm2
-    movq        mm1, mm6
-    movq        mm5, mm4
-    pmaddwd     mm6, [GOTOFF(eax,PW_F0114_F0250)]  ; mm6=BEL*FIX(0.114)+GEL*FIX(0.250)
-    pmaddwd     mm4, [GOTOFF(eax,PW_F0114_F0250)]  ; mm4=BEH*FIX(0.114)+GEH*FIX(0.250)
-    pmaddwd     mm1, [GOTOFF(eax,PW_MF008_MF041)]  ; mm1=BEL*-FIX(0.081)+GEL*-FIX(0.418)
-    pmaddwd     mm5, [GOTOFF(eax,PW_MF008_MF041)]  ; mm5=BEH*-FIX(0.081)+GEH*-FIX(0.418)
-
-    movq        mm2, [GOTOFF(eax,PD_ONEHALF)]      ; mm2=[PD_ONEHALF]
-
-    paddd       mm6, MMWORD [wk(6)]
-    paddd       mm4, MMWORD [wk(7)]
-    paddd       mm6, mm2
-    paddd       mm4, mm2
-    psrld       mm6, SCALEBITS          ; mm6=YEL
-    psrld       mm4, SCALEBITS          ; mm4=YEH
-    packssdw    mm6, mm4                ; mm6=YE
-
-    psllw       mm0, BYTE_BIT
-    por         mm6, mm0                ; mm6=Y
-    movq        MMWORD [edi], mm6       ; Save Y
-
-    pxor        mm2, mm2
-    pxor        mm4, mm4
-    punpcklwd   mm2, mm3                ; mm2=REL
-    punpckhwd   mm4, mm3                ; mm4=REH
-    psrld       mm2, 1                  ; mm2=REL*FIX(0.500)
-    psrld       mm4, 1                  ; mm4=REH*FIX(0.500)
-
-    movq        mm0, [GOTOFF(eax,PD_ONEHALFM1_CJ)]  ; mm0=[PD_ONEHALFM1_CJ]
-
-    paddd       mm1, mm2
-    paddd       mm5, mm4
-    paddd       mm1, mm0
-    paddd       mm5, mm0
-    psrld       mm1, SCALEBITS          ; mm1=CrEL
-    psrld       mm5, SCALEBITS          ; mm5=CrEH
-    packssdw    mm1, mm5                ; mm1=CrE
-
-    psllw       mm7, BYTE_BIT
-    por         mm1, mm7                ; mm1=Cr
-    movq        MMWORD [edx], mm1       ; Save Cr
-
-    sub         ecx, byte SIZEOF_MMWORD
-    add         esi, byte RGB_PIXELSIZE*SIZEOF_MMWORD  ; inptr
-    add         edi, byte SIZEOF_MMWORD                ; outptr0
-    add         ebx, byte SIZEOF_MMWORD                ; outptr1
-    add         edx, byte SIZEOF_MMWORD                ; outptr2
-    cmp         ecx, byte SIZEOF_MMWORD
-    jae         near .columnloop
-    test        ecx, ecx
-    jnz         near .column_ld1
-
-    pop         ecx                     ; col
-    pop         esi
-    pop         edi
-    pop         ebx
-    pop         edx
-    poppic      eax
-
-    add         esi, byte SIZEOF_JSAMPROW  ; input_buf
-    add         edi, byte SIZEOF_JSAMPROW
-    add         ebx, byte SIZEOF_JSAMPROW
-    add         edx, byte SIZEOF_JSAMPROW
-    dec         eax                        ; num_rows
-    jg          near .rowloop
-
-    emms                                ; empty MMX state
-
-.return:
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jccolext-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jccolext-sse2.asm
deleted file mode 100644
index c6c8085..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jccolext-sse2.asm
+++ /dev/null
@@ -1,503 +0,0 @@
-;
-; jccolext.asm - colorspace conversion (SSE2)
-;
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jcolsamp.inc"
-
-; --------------------------------------------------------------------------
-;
-; Convert some rows of samples to the output colorspace.
-;
-; GLOBAL(void)
-; jsimd_rgb_ycc_convert_sse2(JDIMENSION img_width, JSAMPARRAY input_buf,
-;                            JSAMPIMAGE output_buf, JDIMENSION output_row,
-;                            int num_rows);
-;
-
-%define img_width(b)   (b) + 8          ; JDIMENSION img_width
-%define input_buf(b)   (b) + 12         ; JSAMPARRAY input_buf
-%define output_buf(b)  (b) + 16         ; JSAMPIMAGE output_buf
-%define output_row(b)  (b) + 20         ; JDIMENSION output_row
-%define num_rows(b)    (b) + 24         ; int num_rows
-
-%define original_ebp   ebp + 0
-%define wk(i)          ebp - (WK_NUM - (i)) * SIZEOF_XMMWORD
-                                        ; xmmword wk[WK_NUM]
-%define WK_NUM         8
-%define gotptr         wk(0) - SIZEOF_POINTER  ; void * gotptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_rgb_ycc_convert_sse2)
-
-EXTN(jsimd_rgb_ycc_convert_sse2):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     eax                     ; make a room for GOT address
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-    movpic      POINTER [gotptr], ebx   ; save GOT address
-
-    mov         ecx, JDIMENSION [img_width(eax)]
-    test        ecx, ecx
-    jz          near .return
-
-    push        ecx
-
-    mov         esi, JSAMPIMAGE [output_buf(eax)]
-    mov         ecx, JDIMENSION [output_row(eax)]
-    mov         edi, JSAMPARRAY [esi+0*SIZEOF_JSAMPARRAY]
-    mov         ebx, JSAMPARRAY [esi+1*SIZEOF_JSAMPARRAY]
-    mov         edx, JSAMPARRAY [esi+2*SIZEOF_JSAMPARRAY]
-    lea         edi, [edi+ecx*SIZEOF_JSAMPROW]
-    lea         ebx, [ebx+ecx*SIZEOF_JSAMPROW]
-    lea         edx, [edx+ecx*SIZEOF_JSAMPROW]
-
-    pop         ecx
-
-    mov         esi, JSAMPARRAY [input_buf(eax)]
-    mov         eax, INT [num_rows(eax)]
-    test        eax, eax
-    jle         near .return
-    alignx      16, 7
-.rowloop:
-    pushpic     eax
-    push        edx
-    push        ebx
-    push        edi
-    push        esi
-    push        ecx                     ; col
-
-    mov         esi, JSAMPROW [esi]     ; inptr
-    mov         edi, JSAMPROW [edi]     ; outptr0
-    mov         ebx, JSAMPROW [ebx]     ; outptr1
-    mov         edx, JSAMPROW [edx]     ; outptr2
-    movpic      eax, POINTER [gotptr]   ; load GOT address (eax)
-
-    cmp         ecx, byte SIZEOF_XMMWORD
-    jae         near .columnloop
-    alignx      16, 7
-
-%if RGB_PIXELSIZE == 3  ; ---------------
-
-.column_ld1:
-    push        eax
-    push        edx
-    lea         ecx, [ecx+ecx*2]        ; imul ecx,RGB_PIXELSIZE
-    test        cl, SIZEOF_BYTE
-    jz          short .column_ld2
-    sub         ecx, byte SIZEOF_BYTE
-    movzx       eax, byte [esi+ecx]
-.column_ld2:
-    test        cl, SIZEOF_WORD
-    jz          short .column_ld4
-    sub         ecx, byte SIZEOF_WORD
-    movzx       edx, word [esi+ecx]
-    shl         eax, WORD_BIT
-    or          eax, edx
-.column_ld4:
-    movd        xmmA, eax
-    pop         edx
-    pop         eax
-    test        cl, SIZEOF_DWORD
-    jz          short .column_ld8
-    sub         ecx, byte SIZEOF_DWORD
-    movd        xmmF, XMM_DWORD [esi+ecx]
-    pslldq      xmmA, SIZEOF_DWORD
-    por         xmmA, xmmF
-.column_ld8:
-    test        cl, SIZEOF_MMWORD
-    jz          short .column_ld16
-    sub         ecx, byte SIZEOF_MMWORD
-    movq        xmmB, XMM_MMWORD [esi+ecx]
-    pslldq      xmmA, SIZEOF_MMWORD
-    por         xmmA, xmmB
-.column_ld16:
-    test        cl, SIZEOF_XMMWORD
-    jz          short .column_ld32
-    movdqa      xmmF, xmmA
-    movdqu      xmmA, XMMWORD [esi+0*SIZEOF_XMMWORD]
-    mov         ecx, SIZEOF_XMMWORD
-    jmp         short .rgb_ycc_cnv
-.column_ld32:
-    test        cl, 2*SIZEOF_XMMWORD
-    mov         ecx, SIZEOF_XMMWORD
-    jz          short .rgb_ycc_cnv
-    movdqa      xmmB, xmmA
-    movdqu      xmmA, XMMWORD [esi+0*SIZEOF_XMMWORD]
-    movdqu      xmmF, XMMWORD [esi+1*SIZEOF_XMMWORD]
-    jmp         short .rgb_ycc_cnv
-    alignx      16, 7
-
-.columnloop:
-    movdqu      xmmA, XMMWORD [esi+0*SIZEOF_XMMWORD]
-    movdqu      xmmF, XMMWORD [esi+1*SIZEOF_XMMWORD]
-    movdqu      xmmB, XMMWORD [esi+2*SIZEOF_XMMWORD]
-
-.rgb_ycc_cnv:
-    ; xmmA=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05)
-    ; xmmF=(15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A)
-    ; xmmB=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F)
-
-    movdqa      xmmG, xmmA
-    pslldq      xmmA, 8     ; xmmA=(-- -- -- -- -- -- -- -- 00 10 20 01 11 21 02 12)
-    psrldq      xmmG, 8     ; xmmG=(22 03 13 23 04 14 24 05 -- -- -- -- -- -- -- --)
-
-    punpckhbw   xmmA, xmmF  ; xmmA=(00 08 10 18 20 28 01 09 11 19 21 29 02 0A 12 1A)
-    pslldq      xmmF, 8     ; xmmF=(-- -- -- -- -- -- -- -- 15 25 06 16 26 07 17 27)
-
-    punpcklbw   xmmG, xmmB  ; xmmG=(22 2A 03 0B 13 1B 23 2B 04 0C 14 1C 24 2C 05 0D)
-    punpckhbw   xmmF, xmmB  ; xmmF=(15 1D 25 2D 06 0E 16 1E 26 2E 07 0F 17 1F 27 2F)
-
-    movdqa      xmmD, xmmA
-    pslldq      xmmA, 8     ; xmmA=(-- -- -- -- -- -- -- -- 00 08 10 18 20 28 01 09)
-    psrldq      xmmD, 8     ; xmmD=(11 19 21 29 02 0A 12 1A -- -- -- -- -- -- -- --)
-
-    punpckhbw   xmmA, xmmG  ; xmmA=(00 04 08 0C 10 14 18 1C 20 24 28 2C 01 05 09 0D)
-    pslldq      xmmG, 8     ; xmmG=(-- -- -- -- -- -- -- -- 22 2A 03 0B 13 1B 23 2B)
-
-    punpcklbw   xmmD, xmmF  ; xmmD=(11 15 19 1D 21 25 29 2D 02 06 0A 0E 12 16 1A 1E)
-    punpckhbw   xmmG, xmmF  ; xmmG=(22 26 2A 2E 03 07 0B 0F 13 17 1B 1F 23 27 2B 2F)
-
-    movdqa      xmmE, xmmA
-    pslldq      xmmA, 8     ; xmmA=(-- -- -- -- -- -- -- -- 00 04 08 0C 10 14 18 1C)
-    psrldq      xmmE, 8     ; xmmE=(20 24 28 2C 01 05 09 0D -- -- -- -- -- -- -- --)
-
-    punpckhbw   xmmA, xmmD  ; xmmA=(00 02 04 06 08 0A 0C 0E 10 12 14 16 18 1A 1C 1E)
-    pslldq      xmmD, 8     ; xmmD=(-- -- -- -- -- -- -- -- 11 15 19 1D 21 25 29 2D)
-
-    punpcklbw   xmmE, xmmG  ; xmmE=(20 22 24 26 28 2A 2C 2E 01 03 05 07 09 0B 0D 0F)
-    punpckhbw   xmmD, xmmG  ; xmmD=(11 13 15 17 19 1B 1D 1F 21 23 25 27 29 2B 2D 2F)
-
-    pxor        xmmH, xmmH
-
-    movdqa      xmmC, xmmA
-    punpcklbw   xmmA, xmmH  ; xmmA=(00 02 04 06 08 0A 0C 0E)
-    punpckhbw   xmmC, xmmH  ; xmmC=(10 12 14 16 18 1A 1C 1E)
-
-    movdqa      xmmB, xmmE
-    punpcklbw   xmmE, xmmH  ; xmmE=(20 22 24 26 28 2A 2C 2E)
-    punpckhbw   xmmB, xmmH  ; xmmB=(01 03 05 07 09 0B 0D 0F)
-
-    movdqa      xmmF, xmmD
-    punpcklbw   xmmD, xmmH  ; xmmD=(11 13 15 17 19 1B 1D 1F)
-    punpckhbw   xmmF, xmmH  ; xmmF=(21 23 25 27 29 2B 2D 2F)
-
-%else  ; RGB_PIXELSIZE == 4 ; -----------
-
-.column_ld1:
-    test        cl, SIZEOF_XMMWORD/16
-    jz          short .column_ld2
-    sub         ecx, byte SIZEOF_XMMWORD/16
-    movd        xmmA, XMM_DWORD [esi+ecx*RGB_PIXELSIZE]
-.column_ld2:
-    test        cl, SIZEOF_XMMWORD/8
-    jz          short .column_ld4
-    sub         ecx, byte SIZEOF_XMMWORD/8
-    movq        xmmE, XMM_MMWORD [esi+ecx*RGB_PIXELSIZE]
-    pslldq      xmmA, SIZEOF_MMWORD
-    por         xmmA, xmmE
-.column_ld4:
-    test        cl, SIZEOF_XMMWORD/4
-    jz          short .column_ld8
-    sub         ecx, byte SIZEOF_XMMWORD/4
-    movdqa      xmmE, xmmA
-    movdqu      xmmA, XMMWORD [esi+ecx*RGB_PIXELSIZE]
-.column_ld8:
-    test        cl, SIZEOF_XMMWORD/2
-    mov         ecx, SIZEOF_XMMWORD
-    jz          short .rgb_ycc_cnv
-    movdqa      xmmF, xmmA
-    movdqa      xmmH, xmmE
-    movdqu      xmmA, XMMWORD [esi+0*SIZEOF_XMMWORD]
-    movdqu      xmmE, XMMWORD [esi+1*SIZEOF_XMMWORD]
-    jmp         short .rgb_ycc_cnv
-    alignx      16, 7
-
-.columnloop:
-    movdqu      xmmA, XMMWORD [esi+0*SIZEOF_XMMWORD]
-    movdqu      xmmE, XMMWORD [esi+1*SIZEOF_XMMWORD]
-    movdqu      xmmF, XMMWORD [esi+2*SIZEOF_XMMWORD]
-    movdqu      xmmH, XMMWORD [esi+3*SIZEOF_XMMWORD]
-
-.rgb_ycc_cnv:
-    ; xmmA=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33)
-    ; xmmE=(04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37)
-    ; xmmF=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B)
-    ; xmmH=(0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F)
-
-    movdqa      xmmD, xmmA
-    punpcklbw   xmmA, xmmE      ; xmmA=(00 04 10 14 20 24 30 34 01 05 11 15 21 25 31 35)
-    punpckhbw   xmmD, xmmE      ; xmmD=(02 06 12 16 22 26 32 36 03 07 13 17 23 27 33 37)
-
-    movdqa      xmmC, xmmF
-    punpcklbw   xmmF, xmmH      ; xmmF=(08 0C 18 1C 28 2C 38 3C 09 0D 19 1D 29 2D 39 3D)
-    punpckhbw   xmmC, xmmH      ; xmmC=(0A 0E 1A 1E 2A 2E 3A 3E 0B 0F 1B 1F 2B 2F 3B 3F)
-
-    movdqa      xmmB, xmmA
-    punpcklwd   xmmA, xmmF      ; xmmA=(00 04 08 0C 10 14 18 1C 20 24 28 2C 30 34 38 3C)
-    punpckhwd   xmmB, xmmF      ; xmmB=(01 05 09 0D 11 15 19 1D 21 25 29 2D 31 35 39 3D)
-
-    movdqa      xmmG, xmmD
-    punpcklwd   xmmD, xmmC      ; xmmD=(02 06 0A 0E 12 16 1A 1E 22 26 2A 2E 32 36 3A 3E)
-    punpckhwd   xmmG, xmmC      ; xmmG=(03 07 0B 0F 13 17 1B 1F 23 27 2B 2F 33 37 3B 3F)
-
-    movdqa      xmmE, xmmA
-    punpcklbw   xmmA, xmmD      ; xmmA=(00 02 04 06 08 0A 0C 0E 10 12 14 16 18 1A 1C 1E)
-    punpckhbw   xmmE, xmmD      ; xmmE=(20 22 24 26 28 2A 2C 2E 30 32 34 36 38 3A 3C 3E)
-
-    movdqa      xmmH, xmmB
-    punpcklbw   xmmB, xmmG      ; xmmB=(01 03 05 07 09 0B 0D 0F 11 13 15 17 19 1B 1D 1F)
-    punpckhbw   xmmH, xmmG      ; xmmH=(21 23 25 27 29 2B 2D 2F 31 33 35 37 39 3B 3D 3F)
-
-    pxor        xmmF, xmmF
-
-    movdqa      xmmC, xmmA
-    punpcklbw   xmmA, xmmF      ; xmmA=(00 02 04 06 08 0A 0C 0E)
-    punpckhbw   xmmC, xmmF      ; xmmC=(10 12 14 16 18 1A 1C 1E)
-
-    movdqa      xmmD, xmmB
-    punpcklbw   xmmB, xmmF      ; xmmB=(01 03 05 07 09 0B 0D 0F)
-    punpckhbw   xmmD, xmmF      ; xmmD=(11 13 15 17 19 1B 1D 1F)
-
-    movdqa      xmmG, xmmE
-    punpcklbw   xmmE, xmmF      ; xmmE=(20 22 24 26 28 2A 2C 2E)
-    punpckhbw   xmmG, xmmF      ; xmmG=(30 32 34 36 38 3A 3C 3E)
-
-    punpcklbw   xmmF, xmmH
-    punpckhbw   xmmH, xmmH
-    psrlw       xmmF, BYTE_BIT  ; xmmF=(21 23 25 27 29 2B 2D 2F)
-    psrlw       xmmH, BYTE_BIT  ; xmmH=(31 33 35 37 39 3B 3D 3F)
-
-%endif  ; RGB_PIXELSIZE ; ---------------
-
-    ; xmm0=R(02468ACE)=RE, xmm2=G(02468ACE)=GE, xmm4=B(02468ACE)=BE
-    ; xmm1=R(13579BDF)=RO, xmm3=G(13579BDF)=GO, xmm5=B(13579BDF)=BO
-
-    ; (Original)
-    ; Y  =  0.29900 * R + 0.58700 * G + 0.11400 * B
-    ; Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B + CENTERJSAMPLE
-    ; Cr =  0.50000 * R - 0.41869 * G - 0.08131 * B + CENTERJSAMPLE
-    ;
-    ; (This implementation)
-    ; Y  =  0.29900 * R + 0.33700 * G + 0.11400 * B + 0.25000 * G
-    ; Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B + CENTERJSAMPLE
-    ; Cr =  0.50000 * R - 0.41869 * G - 0.08131 * B + CENTERJSAMPLE
-
-    movdqa      XMMWORD [wk(0)], xmm0   ; wk(0)=RE
-    movdqa      XMMWORD [wk(1)], xmm1   ; wk(1)=RO
-    movdqa      XMMWORD [wk(2)], xmm4   ; wk(2)=BE
-    movdqa      XMMWORD [wk(3)], xmm5   ; wk(3)=BO
-
-    movdqa      xmm6, xmm1
-    punpcklwd   xmm1, xmm3
-    punpckhwd   xmm6, xmm3
-    movdqa      xmm7, xmm1
-    movdqa      xmm4, xmm6
-    pmaddwd     xmm1, [GOTOFF(eax,PW_F0299_F0337)]  ; xmm1=ROL*FIX(0.299)+GOL*FIX(0.337)
-    pmaddwd     xmm6, [GOTOFF(eax,PW_F0299_F0337)]  ; xmm6=ROH*FIX(0.299)+GOH*FIX(0.337)
-    pmaddwd     xmm7, [GOTOFF(eax,PW_MF016_MF033)]  ; xmm7=ROL*-FIX(0.168)+GOL*-FIX(0.331)
-    pmaddwd     xmm4, [GOTOFF(eax,PW_MF016_MF033)]  ; xmm4=ROH*-FIX(0.168)+GOH*-FIX(0.331)
-
-    movdqa      XMMWORD [wk(4)], xmm1   ; wk(4)=ROL*FIX(0.299)+GOL*FIX(0.337)
-    movdqa      XMMWORD [wk(5)], xmm6   ; wk(5)=ROH*FIX(0.299)+GOH*FIX(0.337)
-
-    pxor        xmm1, xmm1
-    pxor        xmm6, xmm6
-    punpcklwd   xmm1, xmm5              ; xmm1=BOL
-    punpckhwd   xmm6, xmm5              ; xmm6=BOH
-    psrld       xmm1, 1                 ; xmm1=BOL*FIX(0.500)
-    psrld       xmm6, 1                 ; xmm6=BOH*FIX(0.500)
-
-    movdqa      xmm5, [GOTOFF(eax,PD_ONEHALFM1_CJ)]  ; xmm5=[PD_ONEHALFM1_CJ]
-
-    paddd       xmm7, xmm1
-    paddd       xmm4, xmm6
-    paddd       xmm7, xmm5
-    paddd       xmm4, xmm5
-    psrld       xmm7, SCALEBITS         ; xmm7=CbOL
-    psrld       xmm4, SCALEBITS         ; xmm4=CbOH
-    packssdw    xmm7, xmm4              ; xmm7=CbO
-
-    movdqa      xmm1, XMMWORD [wk(2)]   ; xmm1=BE
-
-    movdqa      xmm6, xmm0
-    punpcklwd   xmm0, xmm2
-    punpckhwd   xmm6, xmm2
-    movdqa      xmm5, xmm0
-    movdqa      xmm4, xmm6
-    pmaddwd     xmm0, [GOTOFF(eax,PW_F0299_F0337)]  ; xmm0=REL*FIX(0.299)+GEL*FIX(0.337)
-    pmaddwd     xmm6, [GOTOFF(eax,PW_F0299_F0337)]  ; xmm6=REH*FIX(0.299)+GEH*FIX(0.337)
-    pmaddwd     xmm5, [GOTOFF(eax,PW_MF016_MF033)]  ; xmm5=REL*-FIX(0.168)+GEL*-FIX(0.331)
-    pmaddwd     xmm4, [GOTOFF(eax,PW_MF016_MF033)]  ; xmm4=REH*-FIX(0.168)+GEH*-FIX(0.331)
-
-    movdqa      XMMWORD [wk(6)], xmm0   ; wk(6)=REL*FIX(0.299)+GEL*FIX(0.337)
-    movdqa      XMMWORD [wk(7)], xmm6   ; wk(7)=REH*FIX(0.299)+GEH*FIX(0.337)
-
-    pxor        xmm0, xmm0
-    pxor        xmm6, xmm6
-    punpcklwd   xmm0, xmm1              ; xmm0=BEL
-    punpckhwd   xmm6, xmm1              ; xmm6=BEH
-    psrld       xmm0, 1                 ; xmm0=BEL*FIX(0.500)
-    psrld       xmm6, 1                 ; xmm6=BEH*FIX(0.500)
-
-    movdqa      xmm1, [GOTOFF(eax,PD_ONEHALFM1_CJ)]  ; xmm1=[PD_ONEHALFM1_CJ]
-
-    paddd       xmm5, xmm0
-    paddd       xmm4, xmm6
-    paddd       xmm5, xmm1
-    paddd       xmm4, xmm1
-    psrld       xmm5, SCALEBITS         ; xmm5=CbEL
-    psrld       xmm4, SCALEBITS         ; xmm4=CbEH
-    packssdw    xmm5, xmm4              ; xmm5=CbE
-
-    psllw       xmm7, BYTE_BIT
-    por         xmm5, xmm7              ; xmm5=Cb
-    movdqa      XMMWORD [ebx], xmm5     ; Save Cb
-
-    movdqa      xmm0, XMMWORD [wk(3)]   ; xmm0=BO
-    movdqa      xmm6, XMMWORD [wk(2)]   ; xmm6=BE
-    movdqa      xmm1, XMMWORD [wk(1)]   ; xmm1=RO
-
-    movdqa      xmm4, xmm0
-    punpcklwd   xmm0, xmm3
-    punpckhwd   xmm4, xmm3
-    movdqa      xmm7, xmm0
-    movdqa      xmm5, xmm4
-    pmaddwd     xmm0, [GOTOFF(eax,PW_F0114_F0250)]  ; xmm0=BOL*FIX(0.114)+GOL*FIX(0.250)
-    pmaddwd     xmm4, [GOTOFF(eax,PW_F0114_F0250)]  ; xmm4=BOH*FIX(0.114)+GOH*FIX(0.250)
-    pmaddwd     xmm7, [GOTOFF(eax,PW_MF008_MF041)]  ; xmm7=BOL*-FIX(0.081)+GOL*-FIX(0.418)
-    pmaddwd     xmm5, [GOTOFF(eax,PW_MF008_MF041)]  ; xmm5=BOH*-FIX(0.081)+GOH*-FIX(0.418)
-
-    movdqa      xmm3, [GOTOFF(eax,PD_ONEHALF)]  ; xmm3=[PD_ONEHALF]
-
-    paddd       xmm0, XMMWORD [wk(4)]
-    paddd       xmm4, XMMWORD [wk(5)]
-    paddd       xmm0, xmm3
-    paddd       xmm4, xmm3
-    psrld       xmm0, SCALEBITS         ; xmm0=YOL
-    psrld       xmm4, SCALEBITS         ; xmm4=YOH
-    packssdw    xmm0, xmm4              ; xmm0=YO
-
-    pxor        xmm3, xmm3
-    pxor        xmm4, xmm4
-    punpcklwd   xmm3, xmm1              ; xmm3=ROL
-    punpckhwd   xmm4, xmm1              ; xmm4=ROH
-    psrld       xmm3, 1                 ; xmm3=ROL*FIX(0.500)
-    psrld       xmm4, 1                 ; xmm4=ROH*FIX(0.500)
-
-    movdqa      xmm1, [GOTOFF(eax,PD_ONEHALFM1_CJ)]  ; xmm1=[PD_ONEHALFM1_CJ]
-
-    paddd       xmm7, xmm3
-    paddd       xmm5, xmm4
-    paddd       xmm7, xmm1
-    paddd       xmm5, xmm1
-    psrld       xmm7, SCALEBITS         ; xmm7=CrOL
-    psrld       xmm5, SCALEBITS         ; xmm5=CrOH
-    packssdw    xmm7, xmm5              ; xmm7=CrO
-
-    movdqa      xmm3, XMMWORD [wk(0)]   ; xmm3=RE
-
-    movdqa      xmm4, xmm6
-    punpcklwd   xmm6, xmm2
-    punpckhwd   xmm4, xmm2
-    movdqa      xmm1, xmm6
-    movdqa      xmm5, xmm4
-    pmaddwd     xmm6, [GOTOFF(eax,PW_F0114_F0250)]  ; xmm6=BEL*FIX(0.114)+GEL*FIX(0.250)
-    pmaddwd     xmm4, [GOTOFF(eax,PW_F0114_F0250)]  ; xmm4=BEH*FIX(0.114)+GEH*FIX(0.250)
-    pmaddwd     xmm1, [GOTOFF(eax,PW_MF008_MF041)]  ; xmm1=BEL*-FIX(0.081)+GEL*-FIX(0.418)
-    pmaddwd     xmm5, [GOTOFF(eax,PW_MF008_MF041)]  ; xmm5=BEH*-FIX(0.081)+GEH*-FIX(0.418)
-
-    movdqa      xmm2, [GOTOFF(eax,PD_ONEHALF)]      ; xmm2=[PD_ONEHALF]
-
-    paddd       xmm6, XMMWORD [wk(6)]
-    paddd       xmm4, XMMWORD [wk(7)]
-    paddd       xmm6, xmm2
-    paddd       xmm4, xmm2
-    psrld       xmm6, SCALEBITS         ; xmm6=YEL
-    psrld       xmm4, SCALEBITS         ; xmm4=YEH
-    packssdw    xmm6, xmm4              ; xmm6=YE
-
-    psllw       xmm0, BYTE_BIT
-    por         xmm6, xmm0              ; xmm6=Y
-    movdqa      XMMWORD [edi], xmm6     ; Save Y
-
-    pxor        xmm2, xmm2
-    pxor        xmm4, xmm4
-    punpcklwd   xmm2, xmm3              ; xmm2=REL
-    punpckhwd   xmm4, xmm3              ; xmm4=REH
-    psrld       xmm2, 1                 ; xmm2=REL*FIX(0.500)
-    psrld       xmm4, 1                 ; xmm4=REH*FIX(0.500)
-
-    movdqa      xmm0, [GOTOFF(eax,PD_ONEHALFM1_CJ)]  ; xmm0=[PD_ONEHALFM1_CJ]
-
-    paddd       xmm1, xmm2
-    paddd       xmm5, xmm4
-    paddd       xmm1, xmm0
-    paddd       xmm5, xmm0
-    psrld       xmm1, SCALEBITS         ; xmm1=CrEL
-    psrld       xmm5, SCALEBITS         ; xmm5=CrEH
-    packssdw    xmm1, xmm5              ; xmm1=CrE
-
-    psllw       xmm7, BYTE_BIT
-    por         xmm1, xmm7              ; xmm1=Cr
-    movdqa      XMMWORD [edx], xmm1     ; Save Cr
-
-    sub         ecx, byte SIZEOF_XMMWORD
-    add         esi, byte RGB_PIXELSIZE*SIZEOF_XMMWORD  ; inptr
-    add         edi, byte SIZEOF_XMMWORD                ; outptr0
-    add         ebx, byte SIZEOF_XMMWORD                ; outptr1
-    add         edx, byte SIZEOF_XMMWORD                ; outptr2
-    cmp         ecx, byte SIZEOF_XMMWORD
-    jae         near .columnloop
-    test        ecx, ecx
-    jnz         near .column_ld1
-
-    pop         ecx                     ; col
-    pop         esi
-    pop         edi
-    pop         ebx
-    pop         edx
-    poppic      eax
-
-    add         esi, byte SIZEOF_JSAMPROW  ; input_buf
-    add         edi, byte SIZEOF_JSAMPROW
-    add         ebx, byte SIZEOF_JSAMPROW
-    add         edx, byte SIZEOF_JSAMPROW
-    dec         eax                        ; num_rows
-    jg          near .rowloop
-
-.return:
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jccolor-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jccolor-avx2.asm
deleted file mode 100644
index 14944e9..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jccolor-avx2.asm
+++ /dev/null
@@ -1,121 +0,0 @@
-;
-; jccolor.asm - colorspace conversion (AVX2)
-;
-; Copyright (C) 2009, 2016, D. R. Commander.
-; Copyright (C) 2015, Intel Corporation.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-
-%define SCALEBITS  16
-
-F_0_081 equ  5329                ; FIX(0.08131)
-F_0_114 equ  7471                ; FIX(0.11400)
-F_0_168 equ 11059                ; FIX(0.16874)
-F_0_250 equ 16384                ; FIX(0.25000)
-F_0_299 equ 19595                ; FIX(0.29900)
-F_0_331 equ 21709                ; FIX(0.33126)
-F_0_418 equ 27439                ; FIX(0.41869)
-F_0_587 equ 38470                ; FIX(0.58700)
-F_0_337 equ (F_0_587 - F_0_250)  ; FIX(0.58700) - FIX(0.25000)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_rgb_ycc_convert_avx2)
-
-EXTN(jconst_rgb_ycc_convert_avx2):
-
-PW_F0299_F0337  times 8 dw  F_0_299,  F_0_337
-PW_F0114_F0250  times 8 dw  F_0_114,  F_0_250
-PW_MF016_MF033  times 8 dw -F_0_168, -F_0_331
-PW_MF008_MF041  times 8 dw -F_0_081, -F_0_418
-PD_ONEHALFM1_CJ times 8 dd  (1 << (SCALEBITS - 1)) - 1 + \
-                            (CENTERJSAMPLE << SCALEBITS)
-PD_ONEHALF      times 8 dd  (1 << (SCALEBITS - 1))
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-
-%include "jccolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGB_RED
-%define RGB_GREEN  EXT_RGB_GREEN
-%define RGB_BLUE  EXT_RGB_BLUE
-%define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-%define jsimd_rgb_ycc_convert_avx2  jsimd_extrgb_ycc_convert_avx2
-%include "jccolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGBX_RED
-%define RGB_GREEN  EXT_RGBX_GREEN
-%define RGB_BLUE  EXT_RGBX_BLUE
-%define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-%define jsimd_rgb_ycc_convert_avx2  jsimd_extrgbx_ycc_convert_avx2
-%include "jccolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGR_RED
-%define RGB_GREEN  EXT_BGR_GREEN
-%define RGB_BLUE  EXT_BGR_BLUE
-%define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-%define jsimd_rgb_ycc_convert_avx2  jsimd_extbgr_ycc_convert_avx2
-%include "jccolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGRX_RED
-%define RGB_GREEN  EXT_BGRX_GREEN
-%define RGB_BLUE  EXT_BGRX_BLUE
-%define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-%define jsimd_rgb_ycc_convert_avx2  jsimd_extbgrx_ycc_convert_avx2
-%include "jccolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XBGR_RED
-%define RGB_GREEN  EXT_XBGR_GREEN
-%define RGB_BLUE  EXT_XBGR_BLUE
-%define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-%define jsimd_rgb_ycc_convert_avx2  jsimd_extxbgr_ycc_convert_avx2
-%include "jccolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XRGB_RED
-%define RGB_GREEN  EXT_XRGB_GREEN
-%define RGB_BLUE  EXT_XRGB_BLUE
-%define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-%define jsimd_rgb_ycc_convert_avx2  jsimd_extxrgb_ycc_convert_avx2
-%include "jccolext-avx2.asm"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jccolor-mmx.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jccolor-mmx.asm
deleted file mode 100644
index 8cb399b..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jccolor-mmx.asm
+++ /dev/null
@@ -1,121 +0,0 @@
-;
-; jccolor.asm - colorspace conversion (MMX)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-
-%define SCALEBITS  16
-
-F_0_081 equ  5329                ; FIX(0.08131)
-F_0_114 equ  7471                ; FIX(0.11400)
-F_0_168 equ 11059                ; FIX(0.16874)
-F_0_250 equ 16384                ; FIX(0.25000)
-F_0_299 equ 19595                ; FIX(0.29900)
-F_0_331 equ 21709                ; FIX(0.33126)
-F_0_418 equ 27439                ; FIX(0.41869)
-F_0_587 equ 38470                ; FIX(0.58700)
-F_0_337 equ (F_0_587 - F_0_250)  ; FIX(0.58700) - FIX(0.25000)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_rgb_ycc_convert_mmx)
-
-EXTN(jconst_rgb_ycc_convert_mmx):
-
-PW_F0299_F0337  times 2 dw  F_0_299,  F_0_337
-PW_F0114_F0250  times 2 dw  F_0_114,  F_0_250
-PW_MF016_MF033  times 2 dw -F_0_168, -F_0_331
-PW_MF008_MF041  times 2 dw -F_0_081, -F_0_418
-PD_ONEHALFM1_CJ times 2 dd  (1 << (SCALEBITS - 1)) - 1 + \
-                            (CENTERJSAMPLE << SCALEBITS)
-PD_ONEHALF      times 2 dd  (1 << (SCALEBITS - 1))
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-
-%include "jccolext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGB_RED
-%define RGB_GREEN  EXT_RGB_GREEN
-%define RGB_BLUE  EXT_RGB_BLUE
-%define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-%define jsimd_rgb_ycc_convert_mmx  jsimd_extrgb_ycc_convert_mmx
-%include "jccolext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGBX_RED
-%define RGB_GREEN  EXT_RGBX_GREEN
-%define RGB_BLUE  EXT_RGBX_BLUE
-%define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-%define jsimd_rgb_ycc_convert_mmx  jsimd_extrgbx_ycc_convert_mmx
-%include "jccolext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGR_RED
-%define RGB_GREEN  EXT_BGR_GREEN
-%define RGB_BLUE  EXT_BGR_BLUE
-%define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-%define jsimd_rgb_ycc_convert_mmx  jsimd_extbgr_ycc_convert_mmx
-%include "jccolext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGRX_RED
-%define RGB_GREEN  EXT_BGRX_GREEN
-%define RGB_BLUE  EXT_BGRX_BLUE
-%define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-%define jsimd_rgb_ycc_convert_mmx  jsimd_extbgrx_ycc_convert_mmx
-%include "jccolext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XBGR_RED
-%define RGB_GREEN  EXT_XBGR_GREEN
-%define RGB_BLUE  EXT_XBGR_BLUE
-%define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-%define jsimd_rgb_ycc_convert_mmx  jsimd_extxbgr_ycc_convert_mmx
-%include "jccolext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XRGB_RED
-%define RGB_GREEN  EXT_XRGB_GREEN
-%define RGB_BLUE  EXT_XRGB_BLUE
-%define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-%define jsimd_rgb_ycc_convert_mmx  jsimd_extxrgb_ycc_convert_mmx
-%include "jccolext-mmx.asm"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jccolor-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jccolor-sse2.asm
deleted file mode 100644
index 686d222..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jccolor-sse2.asm
+++ /dev/null
@@ -1,120 +0,0 @@
-;
-; jccolor.asm - colorspace conversion (SSE2)
-;
-; Copyright (C) 2009, 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-
-%define SCALEBITS  16
-
-F_0_081 equ  5329                ; FIX(0.08131)
-F_0_114 equ  7471                ; FIX(0.11400)
-F_0_168 equ 11059                ; FIX(0.16874)
-F_0_250 equ 16384                ; FIX(0.25000)
-F_0_299 equ 19595                ; FIX(0.29900)
-F_0_331 equ 21709                ; FIX(0.33126)
-F_0_418 equ 27439                ; FIX(0.41869)
-F_0_587 equ 38470                ; FIX(0.58700)
-F_0_337 equ (F_0_587 - F_0_250)  ; FIX(0.58700) - FIX(0.25000)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_rgb_ycc_convert_sse2)
-
-EXTN(jconst_rgb_ycc_convert_sse2):
-
-PW_F0299_F0337  times 4 dw  F_0_299,  F_0_337
-PW_F0114_F0250  times 4 dw  F_0_114,  F_0_250
-PW_MF016_MF033  times 4 dw -F_0_168, -F_0_331
-PW_MF008_MF041  times 4 dw -F_0_081, -F_0_418
-PD_ONEHALFM1_CJ times 4 dd  (1 << (SCALEBITS - 1)) - 1 + \
-                            (CENTERJSAMPLE << SCALEBITS)
-PD_ONEHALF      times 4 dd  (1 << (SCALEBITS - 1))
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-
-%include "jccolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGB_RED
-%define RGB_GREEN  EXT_RGB_GREEN
-%define RGB_BLUE  EXT_RGB_BLUE
-%define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-%define jsimd_rgb_ycc_convert_sse2  jsimd_extrgb_ycc_convert_sse2
-%include "jccolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGBX_RED
-%define RGB_GREEN  EXT_RGBX_GREEN
-%define RGB_BLUE  EXT_RGBX_BLUE
-%define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-%define jsimd_rgb_ycc_convert_sse2  jsimd_extrgbx_ycc_convert_sse2
-%include "jccolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGR_RED
-%define RGB_GREEN  EXT_BGR_GREEN
-%define RGB_BLUE  EXT_BGR_BLUE
-%define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-%define jsimd_rgb_ycc_convert_sse2  jsimd_extbgr_ycc_convert_sse2
-%include "jccolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGRX_RED
-%define RGB_GREEN  EXT_BGRX_GREEN
-%define RGB_BLUE  EXT_BGRX_BLUE
-%define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-%define jsimd_rgb_ycc_convert_sse2  jsimd_extbgrx_ycc_convert_sse2
-%include "jccolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XBGR_RED
-%define RGB_GREEN  EXT_XBGR_GREEN
-%define RGB_BLUE  EXT_XBGR_BLUE
-%define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-%define jsimd_rgb_ycc_convert_sse2  jsimd_extxbgr_ycc_convert_sse2
-%include "jccolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XRGB_RED
-%define RGB_GREEN  EXT_XRGB_GREEN
-%define RGB_BLUE  EXT_XRGB_BLUE
-%define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-%define jsimd_rgb_ycc_convert_sse2  jsimd_extxrgb_ycc_convert_sse2
-%include "jccolext-sse2.asm"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcgray-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcgray-avx2.asm
deleted file mode 100644
index 560ee0c..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcgray-avx2.asm
+++ /dev/null
@@ -1,113 +0,0 @@
-;
-; jcgray.asm - grayscale colorspace conversion (AVX2)
-;
-; Copyright (C) 2011, 2016, D. R. Commander.
-; Copyright (C) 2015, Intel Corporation.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-
-%define SCALEBITS  16
-
-F_0_114 equ  7471                ; FIX(0.11400)
-F_0_250 equ 16384                ; FIX(0.25000)
-F_0_299 equ 19595                ; FIX(0.29900)
-F_0_587 equ 38470                ; FIX(0.58700)
-F_0_337 equ (F_0_587 - F_0_250)  ; FIX(0.58700) - FIX(0.25000)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_rgb_gray_convert_avx2)
-
-EXTN(jconst_rgb_gray_convert_avx2):
-
-PW_F0299_F0337 times 8 dw F_0_299, F_0_337
-PW_F0114_F0250 times 8 dw F_0_114, F_0_250
-PD_ONEHALF     times 8 dd (1 << (SCALEBITS - 1))
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-
-%include "jcgryext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGB_RED
-%define RGB_GREEN  EXT_RGB_GREEN
-%define RGB_BLUE  EXT_RGB_BLUE
-%define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-%define jsimd_rgb_gray_convert_avx2  jsimd_extrgb_gray_convert_avx2
-%include "jcgryext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGBX_RED
-%define RGB_GREEN  EXT_RGBX_GREEN
-%define RGB_BLUE  EXT_RGBX_BLUE
-%define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-%define jsimd_rgb_gray_convert_avx2  jsimd_extrgbx_gray_convert_avx2
-%include "jcgryext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGR_RED
-%define RGB_GREEN  EXT_BGR_GREEN
-%define RGB_BLUE  EXT_BGR_BLUE
-%define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-%define jsimd_rgb_gray_convert_avx2  jsimd_extbgr_gray_convert_avx2
-%include "jcgryext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGRX_RED
-%define RGB_GREEN  EXT_BGRX_GREEN
-%define RGB_BLUE  EXT_BGRX_BLUE
-%define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-%define jsimd_rgb_gray_convert_avx2  jsimd_extbgrx_gray_convert_avx2
-%include "jcgryext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XBGR_RED
-%define RGB_GREEN  EXT_XBGR_GREEN
-%define RGB_BLUE  EXT_XBGR_BLUE
-%define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-%define jsimd_rgb_gray_convert_avx2  jsimd_extxbgr_gray_convert_avx2
-%include "jcgryext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XRGB_RED
-%define RGB_GREEN  EXT_XRGB_GREEN
-%define RGB_BLUE  EXT_XRGB_BLUE
-%define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-%define jsimd_rgb_gray_convert_avx2  jsimd_extxrgb_gray_convert_avx2
-%include "jcgryext-avx2.asm"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcgray-mmx.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcgray-mmx.asm
deleted file mode 100644
index 79fdf08..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcgray-mmx.asm
+++ /dev/null
@@ -1,113 +0,0 @@
-;
-; jcgray.asm - grayscale colorspace conversion (MMX)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2011, 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-
-%define SCALEBITS  16
-
-F_0_114 equ  7471                ; FIX(0.11400)
-F_0_250 equ 16384                ; FIX(0.25000)
-F_0_299 equ 19595                ; FIX(0.29900)
-F_0_587 equ 38470                ; FIX(0.58700)
-F_0_337 equ (F_0_587 - F_0_250)  ; FIX(0.58700) - FIX(0.25000)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_rgb_gray_convert_mmx)
-
-EXTN(jconst_rgb_gray_convert_mmx):
-
-PW_F0299_F0337 times 2 dw F_0_299, F_0_337
-PW_F0114_F0250 times 2 dw F_0_114, F_0_250
-PD_ONEHALF     times 2 dd (1 << (SCALEBITS - 1))
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-
-%include "jcgryext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGB_RED
-%define RGB_GREEN  EXT_RGB_GREEN
-%define RGB_BLUE  EXT_RGB_BLUE
-%define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-%define jsimd_rgb_gray_convert_mmx  jsimd_extrgb_gray_convert_mmx
-%include "jcgryext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGBX_RED
-%define RGB_GREEN  EXT_RGBX_GREEN
-%define RGB_BLUE  EXT_RGBX_BLUE
-%define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-%define jsimd_rgb_gray_convert_mmx  jsimd_extrgbx_gray_convert_mmx
-%include "jcgryext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGR_RED
-%define RGB_GREEN  EXT_BGR_GREEN
-%define RGB_BLUE  EXT_BGR_BLUE
-%define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-%define jsimd_rgb_gray_convert_mmx  jsimd_extbgr_gray_convert_mmx
-%include "jcgryext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGRX_RED
-%define RGB_GREEN  EXT_BGRX_GREEN
-%define RGB_BLUE  EXT_BGRX_BLUE
-%define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-%define jsimd_rgb_gray_convert_mmx  jsimd_extbgrx_gray_convert_mmx
-%include "jcgryext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XBGR_RED
-%define RGB_GREEN  EXT_XBGR_GREEN
-%define RGB_BLUE  EXT_XBGR_BLUE
-%define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-%define jsimd_rgb_gray_convert_mmx  jsimd_extxbgr_gray_convert_mmx
-%include "jcgryext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XRGB_RED
-%define RGB_GREEN  EXT_XRGB_GREEN
-%define RGB_BLUE  EXT_XRGB_BLUE
-%define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-%define jsimd_rgb_gray_convert_mmx  jsimd_extxrgb_gray_convert_mmx
-%include "jcgryext-mmx.asm"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcgray-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcgray-sse2.asm
deleted file mode 100644
index cb4b28e..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcgray-sse2.asm
+++ /dev/null
@@ -1,112 +0,0 @@
-;
-; jcgray.asm - grayscale colorspace conversion (SSE2)
-;
-; Copyright (C) 2011, 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-
-%define SCALEBITS  16
-
-F_0_114 equ  7471                ; FIX(0.11400)
-F_0_250 equ 16384                ; FIX(0.25000)
-F_0_299 equ 19595                ; FIX(0.29900)
-F_0_587 equ 38470                ; FIX(0.58700)
-F_0_337 equ (F_0_587 - F_0_250)  ; FIX(0.58700) - FIX(0.25000)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_rgb_gray_convert_sse2)
-
-EXTN(jconst_rgb_gray_convert_sse2):
-
-PW_F0299_F0337 times 4 dw F_0_299, F_0_337
-PW_F0114_F0250 times 4 dw F_0_114, F_0_250
-PD_ONEHALF     times 4 dd (1 << (SCALEBITS - 1))
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-
-%include "jcgryext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGB_RED
-%define RGB_GREEN  EXT_RGB_GREEN
-%define RGB_BLUE  EXT_RGB_BLUE
-%define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-%define jsimd_rgb_gray_convert_sse2  jsimd_extrgb_gray_convert_sse2
-%include "jcgryext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGBX_RED
-%define RGB_GREEN  EXT_RGBX_GREEN
-%define RGB_BLUE  EXT_RGBX_BLUE
-%define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-%define jsimd_rgb_gray_convert_sse2  jsimd_extrgbx_gray_convert_sse2
-%include "jcgryext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGR_RED
-%define RGB_GREEN  EXT_BGR_GREEN
-%define RGB_BLUE  EXT_BGR_BLUE
-%define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-%define jsimd_rgb_gray_convert_sse2  jsimd_extbgr_gray_convert_sse2
-%include "jcgryext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGRX_RED
-%define RGB_GREEN  EXT_BGRX_GREEN
-%define RGB_BLUE  EXT_BGRX_BLUE
-%define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-%define jsimd_rgb_gray_convert_sse2  jsimd_extbgrx_gray_convert_sse2
-%include "jcgryext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XBGR_RED
-%define RGB_GREEN  EXT_XBGR_GREEN
-%define RGB_BLUE  EXT_XBGR_BLUE
-%define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-%define jsimd_rgb_gray_convert_sse2  jsimd_extxbgr_gray_convert_sse2
-%include "jcgryext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XRGB_RED
-%define RGB_GREEN  EXT_XRGB_GREEN
-%define RGB_BLUE  EXT_XRGB_BLUE
-%define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-%define jsimd_rgb_gray_convert_sse2  jsimd_extxrgb_gray_convert_sse2
-%include "jcgryext-sse2.asm"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcgryext-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcgryext-avx2.asm
deleted file mode 100644
index 3fa7973..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcgryext-avx2.asm
+++ /dev/null
@@ -1,457 +0,0 @@
-;
-; jcgryext.asm - grayscale colorspace conversion (AVX2)
-;
-; Copyright (C) 2011, 2016, D. R. Commander.
-; Copyright (C) 2015, Intel Corporation.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jcolsamp.inc"
-
-; --------------------------------------------------------------------------
-;
-; Convert some rows of samples to the output colorspace.
-;
-; GLOBAL(void)
-; jsimd_rgb_gray_convert_avx2(JDIMENSION img_width, JSAMPARRAY input_buf,
-;                             JSAMPIMAGE output_buf, JDIMENSION output_row,
-;                             int num_rows);
-;
-
-%define img_width(b)   (b) + 8          ; JDIMENSION img_width
-%define input_buf(b)   (b) + 12         ; JSAMPARRAY input_buf
-%define output_buf(b)  (b) + 16         ; JSAMPIMAGE output_buf
-%define output_row(b)  (b) + 20         ; JDIMENSION output_row
-%define num_rows(b)    (b) + 24         ; int num_rows
-
-%define original_ebp   ebp + 0
-%define wk(i)          ebp - (WK_NUM - (i)) * SIZEOF_YMMWORD
-                                        ; ymmword wk[WK_NUM]
-%define WK_NUM         2
-%define gotptr         wk(0) - SIZEOF_POINTER  ; void * gotptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_rgb_gray_convert_avx2)
-
-EXTN(jsimd_rgb_gray_convert_avx2):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_YMMWORD)  ; align to 256 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     eax                     ; make a room for GOT address
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-    movpic      POINTER [gotptr], ebx   ; save GOT address
-
-    mov         ecx, JDIMENSION [img_width(eax)]
-    test        ecx, ecx
-    jz          near .return
-
-    push        ecx
-
-    mov         esi, JSAMPIMAGE [output_buf(eax)]
-    mov         ecx, JDIMENSION [output_row(eax)]
-    mov         edi, JSAMPARRAY [esi+0*SIZEOF_JSAMPARRAY]
-    lea         edi, [edi+ecx*SIZEOF_JSAMPROW]
-
-    pop         ecx
-
-    mov         esi, JSAMPARRAY [input_buf(eax)]
-    mov         eax, INT [num_rows(eax)]
-    test        eax, eax
-    jle         near .return
-    alignx      16, 7
-.rowloop:
-    pushpic     eax
-    push        edi
-    push        esi
-    push        ecx                     ; col
-
-    mov         esi, JSAMPROW [esi]     ; inptr
-    mov         edi, JSAMPROW [edi]     ; outptr0
-    movpic      eax, POINTER [gotptr]   ; load GOT address (eax)
-
-    cmp         ecx, byte SIZEOF_YMMWORD
-    jae         near .columnloop
-    alignx      16, 7
-
-%if RGB_PIXELSIZE == 3  ; ---------------
-
-.column_ld1:
-    push        eax
-    push        edx
-    lea         ecx, [ecx+ecx*2]        ; imul ecx,RGB_PIXELSIZE
-    test        cl, SIZEOF_BYTE
-    jz          short .column_ld2
-    sub         ecx, byte SIZEOF_BYTE
-    movzx       eax, byte [esi+ecx]
-.column_ld2:
-    test        cl, SIZEOF_WORD
-    jz          short .column_ld4
-    sub         ecx, byte SIZEOF_WORD
-    movzx       edx, word [esi+ecx]
-    shl         eax, WORD_BIT
-    or          eax, edx
-.column_ld4:
-    vmovd       xmmA, eax
-    pop         edx
-    pop         eax
-    test        cl, SIZEOF_DWORD
-    jz          short .column_ld8
-    sub         ecx, byte SIZEOF_DWORD
-    vmovd       xmmF, XMM_DWORD [esi+ecx]
-    vpslldq     xmmA, xmmA, SIZEOF_DWORD
-    vpor        xmmA, xmmA, xmmF
-.column_ld8:
-    test        cl, SIZEOF_MMWORD
-    jz          short .column_ld16
-    sub         ecx, byte SIZEOF_MMWORD
-    vmovq       xmmB, XMM_MMWORD [esi+ecx]
-    vpslldq     xmmA, xmmA, SIZEOF_MMWORD
-    vpor        xmmA, xmmA, xmmB
-.column_ld16:
-    test        cl, SIZEOF_XMMWORD
-    jz          short .column_ld32
-    sub         ecx, byte SIZEOF_XMMWORD
-    vmovdqu     xmmB, XMM_MMWORD [esi+ecx]
-    vperm2i128  ymmA, ymmA, ymmA, 1
-    vpor        ymmA, ymmB
-.column_ld32:
-    test        cl, SIZEOF_YMMWORD
-    jz          short .column_ld64
-    sub         ecx, byte SIZEOF_YMMWORD
-    vmovdqa     ymmF, ymmA
-    vmovdqu     ymmA, YMMWORD [esi+0*SIZEOF_YMMWORD]
-.column_ld64:
-    test        cl, 2*SIZEOF_YMMWORD
-    mov         ecx, SIZEOF_YMMWORD
-    jz          short .rgb_gray_cnv
-    vmovdqa     ymmB, ymmA
-    vmovdqu     ymmA, YMMWORD [esi+0*SIZEOF_YMMWORD]
-    vmovdqu     ymmF, YMMWORD [esi+1*SIZEOF_YMMWORD]
-    jmp         short .rgb_gray_cnv
-    alignx      16, 7
-
-.columnloop:
-    vmovdqu     ymmA, YMMWORD [esi+0*SIZEOF_YMMWORD]
-    vmovdqu     ymmF, YMMWORD [esi+1*SIZEOF_YMMWORD]
-    vmovdqu     ymmB, YMMWORD [esi+2*SIZEOF_YMMWORD]
-
-.rgb_gray_cnv:
-    ; ymmA=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05
-    ;       15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A)
-    ; ymmF=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F
-    ;       0G 1G 2G 0H 1H 2H 0I 1I 2I 0J 1J 2J 0K 1K 2K 0L)
-    ; ymmB=(1L 2L 0M 1M 2M 0N 1N 2N 0O 1O 2O 0P 1P 2P 0Q 1Q
-    ;       2Q 0R 1R 2R 0S 1S 2S 0T 1T 2T 0U 1U 2U 0V 1V 2V)
-
-    vmovdqu     ymmC, ymmA
-    vinserti128 ymmA, ymmF, xmmA, 0  ; ymmA=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05
-                                     ;       0G 1G 2G 0H 1H 2H 0I 1I 2I 0J 1J 2J 0K 1K 2K 0L)
-    vinserti128 ymmC, ymmC, xmmB, 0  ; ymmC=(1L 2L 0M 1M 2M 0N 1N 2N 0O 1O 2O 0P 1P 2P 0Q 1Q
-                                     ;       15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A)
-    vinserti128 ymmB, ymmB, xmmF, 0  ; ymmB=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F
-                                     ;       2Q 0R 1R 2R 0S 1S 2S 0T 1T 2T 0U 1U 2U 0V 1V 2V)
-    vperm2i128  ymmF, ymmC, ymmC, 1  ; ymmF=(15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A
-                                     ;       1L 2L 0M 1M 2M 0N 1N 2N 0O 1O 2O 0P 1P 2P 0Q 1Q)
-
-    vmovdqa     ymmG, ymmA
-    vpslldq     ymmA, ymmA, 8     ; ymmA=(-- -- -- -- -- -- -- -- 00 10 20 01 11 21 02 12
-                                  ;       22 03 13 23 04 14 24 05 0G 1G 2G 0H 1H 2H 0I 1I)
-    vpsrldq     ymmG, ymmG, 8     ; ymmG=(22 03 13 23 04 14 24 05 0G 1G 2G 0H 1H 2H 0I 1I
-                                  ;       2I 0J 1J 2J 0K 1K 2K 0L -- -- -- -- -- -- -- --)
-
-    vpunpckhbw  ymmA, ymmA, ymmF  ; ymmA=(00 08 10 18 20 28 01 09 11 19 21 29 02 0A 12 1A
-                                  ;       0G 0O 1G 1O 2G 2O 0H 0P 1H 1P 2H 2P 0I 0Q 1I 1Q)
-    vpslldq     ymmF, ymmF, 8     ; ymmF=(-- -- -- -- -- -- -- -- 15 25 06 16 26 07 17 27
-                                  ;       08 18 28 09 19 29 0A 1A 1L 2L 0M 1M 2M 0N 1N 2N)
-
-    vpunpcklbw  ymmG, ymmG, ymmB  ; ymmG=(22 2A 03 0B 13 1B 23 2B 04 0C 14 1C 24 2C 05 0D
-                                  ;       2I 2Q 0J 0R 1J 1R 2J 2R 0K 0S 1K 1S 2K 2S 0L 0T)
-    vpunpckhbw  ymmF, ymmF, ymmB  ; ymmF=(15 1D 25 2D 06 0E 16 1E 26 2E 07 0F 17 1F 27 2F
-                                  ;       1L 1T 2L 2T 0M 0U 1M 1U 2M 2U 0N 0V 1N 1V 2N 2V)
-
-    vmovdqa     ymmD, ymmA
-    vpslldq     ymmA, ymmA, 8     ; ymmA=(-- -- -- -- -- -- -- -- 00 08 10 18 20 28 01 09
-                                  ;       11 19 21 29 02 0A 12 1A 0G 0O 1G 1O 2G 2O 0H 0P)
-    vpsrldq     ymmD, ymmD, 8     ; ymmD=(11 19 21 29 02 0A 12 1A 0G 0O 1G 1O 2G 2O 0H 0P
-                                  ;       1H 1P 2H 2P 0I 0Q 1I 1Q -- -- -- -- -- -- -- --)
-
-    vpunpckhbw  ymmA, ymmA, ymmG  ; ymmA=(00 04 08 0C 10 14 18 1C 20 24 28 2C 01 05 09 0D
-                                  ;       0G 0K 0O 0S 1G 1K 1O 1S 2G 2K 2O 2S 0H 0L 0P 0T)
-    vpslldq     ymmG, ymmG, 8     ; ymmG=(-- -- -- -- -- -- -- -- 22 2A 03 0B 13 1B 23 2B
-                                  ;       04 0C 14 1C 24 2C 05 0D 2I 2Q 0J 0R 1J 1R 2J 2R)
-
-    vpunpcklbw  ymmD, ymmD, ymmF  ; ymmD=(11 15 19 1D 21 25 29 2D 02 06 0A 0E 12 16 1A 1E
-                                  ;       1H 1L 1P 1T 2H 2L 2P 2T 0I 0M 0Q 0U 1I 1M 1Q 1U)
-    vpunpckhbw  ymmG, ymmG, ymmF  ; ymmG=(22 26 2A 2E 03 07 0B 0F 13 17 1B 1F 23 27 2B 2F
-                                  ;       2I 2M 2Q 2U 0J 0N 0R 0V 1J 1N 1R 1V 2J 2N 2R 2V)
-
-    vmovdqa     ymmE, ymmA
-    vpslldq     ymmA, ymmA, 8     ; ymmA=(-- -- -- -- -- -- -- -- 00 04 08 0C 10 14 18 1C
-                                  ;       20 24 28 2C 01 05 09 0D 0G 0K 0O 0S 1G 1K 1O 1S)
-    vpsrldq     ymmE, ymmE, 8     ; ymmE=(20 24 28 2C 01 05 09 0D 0G 0K 0O 0S 1G 1K 1O 1S
-                                  ;       2G 2K 2O 2S 0H 0L 0P 0T -- -- -- -- -- -- -- --)
-
-    vpunpckhbw  ymmA, ymmA, ymmD  ; ymmA=(00 02 04 06 08 0A 0C 0E 10 12 14 16 18 1A 1C 1E
-                                  ;       0G 0I 0K 0M 0O 0Q 0S 0U 1G 1I 1K 1M 1O 1Q 1S 1U)
-    vpslldq     ymmD, ymmD, 8     ; ymmD=(-- -- -- -- -- -- -- -- 11 15 19 1D 21 25 29 2D
-                                  ;       02 06 0A 0E 12 16 1A 1E 1H 1L 1P 1T 2H 2L 2P 2T)
-
-    vpunpcklbw  ymmE, ymmE, ymmG  ; ymmE=(20 22 24 26 28 2A 2C 2E 01 03 05 07 09 0B 0D 0F
-                                  ;       2G 2I 2K 2M 2O 2Q 2S 2U 0H 0J 0L 0N 0P 0R 0T 0V)
-    vpunpckhbw  ymmD, ymmD, ymmG  ; ymmD=(11 13 15 17 19 1B 1D 1F 21 23 25 27 29 2B 2D 2F
-                                  ;       1H 1J 1L 1N 1P 1R 1T 1V 2H 2J 2L 2N 2P 2R 2T 2V)
-
-    vpxor       ymmH, ymmH, ymmH
-
-    vmovdqa     ymmC, ymmA
-    vpunpcklbw  ymmA, ymmA, ymmH  ; ymmA=(00 02 04 06 08 0A 0C 0E 0G 0I 0K 0M 0O 0Q 0S 0U)
-    vpunpckhbw  ymmC, ymmC, ymmH  ; ymmC=(10 12 14 16 18 1A 1C 1E 1G 1I 1K 1M 1O 1Q 1S 1U)
-
-    vmovdqa     ymmB, ymmE
-    vpunpcklbw  ymmE, ymmE, ymmH  ; ymmE=(20 22 24 26 28 2A 2C 2E 2G 2I 2K 2M 2O 2Q 2S 2U)
-    vpunpckhbw  ymmB, ymmB, ymmH  ; ymmB=(01 03 05 07 09 0B 0D 0F 0H 0J 0L 0N 0P 0R 0T 0V)
-
-    vmovdqa     ymmF, ymmD
-    vpunpcklbw  ymmD, ymmD, ymmH  ; ymmD=(11 13 15 17 19 1B 1D 1F 1H 1J 1L 1N 1P 1R 1T 1V)
-    vpunpckhbw  ymmF, ymmF, ymmH  ; ymmF=(21 23 25 27 29 2B 2D 2F 2H 2J 2L 2N 2P 2R 2T 2V)
-
-%else  ; RGB_PIXELSIZE == 4 ; -----------
-
-.column_ld1:
-    test        cl, SIZEOF_XMMWORD/16
-    jz          short .column_ld2
-    sub         ecx, byte SIZEOF_XMMWORD/16
-    vmovd       xmmA, XMM_DWORD [esi+ecx*RGB_PIXELSIZE]
-.column_ld2:
-    test        cl, SIZEOF_XMMWORD/8
-    jz          short .column_ld4
-    sub         ecx, byte SIZEOF_XMMWORD/8
-    vmovq       xmmF, XMM_MMWORD [esi+ecx*RGB_PIXELSIZE]
-    vpslldq     xmmA, xmmA, SIZEOF_MMWORD
-    vpor        xmmA, xmmA, xmmF
-.column_ld4:
-    test        cl, SIZEOF_XMMWORD/4
-    jz          short .column_ld8
-    sub         ecx, byte SIZEOF_XMMWORD/4
-    vmovdqa     xmmF, xmmA
-    vperm2i128  ymmF, ymmF, ymmF, 1
-    vmovdqu     xmmA, XMMWORD [esi+ecx*RGB_PIXELSIZE]
-    vpor        ymmA, ymmA, ymmF
-.column_ld8:
-    test        cl, SIZEOF_XMMWORD/2
-    jz          short .column_ld16
-    sub         ecx, byte SIZEOF_XMMWORD/2
-    vmovdqa     ymmF, ymmA
-    vmovdqu     ymmA, YMMWORD [esi+ecx*RGB_PIXELSIZE]
-.column_ld16:
-    test        cl, SIZEOF_XMMWORD
-    mov         ecx, SIZEOF_YMMWORD
-    jz          short .rgb_gray_cnv
-    vmovdqa     ymmE, ymmA
-    vmovdqa     ymmH, ymmF
-    vmovdqu     ymmA, YMMWORD [esi+0*SIZEOF_YMMWORD]
-    vmovdqu     ymmF, YMMWORD [esi+1*SIZEOF_YMMWORD]
-    jmp         short .rgb_gray_cnv
-    alignx      16, 7
-
-.columnloop:
-    vmovdqu     ymmA, YMMWORD [esi+0*SIZEOF_YMMWORD]
-    vmovdqu     ymmF, YMMWORD [esi+1*SIZEOF_YMMWORD]
-    vmovdqu     ymmE, YMMWORD [esi+2*SIZEOF_YMMWORD]
-    vmovdqu     ymmH, YMMWORD [esi+3*SIZEOF_YMMWORD]
-
-.rgb_gray_cnv:
-    ; ymmA=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33
-    ;       04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37)
-    ; ymmF=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B
-    ;       0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F)
-    ; ymmE=(0G 1G 2G 3G 0H 1H 2H 3H 0I 1I 2I 3I 0J 1J 2J 3J
-    ;       0K 1K 2K 3K 0L 1L 2L 3L 0M 1M 2M 3M 0N 1N 2N 3N)
-    ; ymmH=(0O 1O 2O 3O 0P 1P 2P 3P 0Q 1Q 2Q 3Q 0R 1R 2R 3R
-    ;       0S 1S 2S 3S 0T 1T 2T 3T 0U 1U 2U 3U 0V 1V 2V 3V)
-
-    vmovdqa     ymmB, ymmA
-    vinserti128 ymmA, ymmA, xmmE, 1     ; ymmA=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33
-                                        ;       0G 1G 2G 3G 0H 1H 2H 3H 0I 1I 2I 3I 0J 1J 2J 3J)
-    vperm2i128  ymmE, ymmB, ymmE, 0x31  ; ymmE=(04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37
-                                        ;       0K 1K 2K 3K 0L 1L 2L 3L 0M 1M 2M 3M 0N 1N 2N 3N)
-
-    vmovdqa     ymmB, ymmF
-    vinserti128 ymmF, ymmF, xmmH, 1     ; ymmF=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B
-                                        ;       0O 1O 2O 3O 0P 1P 2P 3P 0Q 1Q 2Q 3Q 0R 1R 2R 3R)
-    vperm2i128  ymmH, ymmB, ymmH, 0x31  ; ymmH=(0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F
-                                        ;       0S 1S 2S 3S 0T 1T 2T 3T 0U 1U 2U 3U 0V 1V 2V 3V)
-
-    vmovdqa     ymmD, ymmA
-    vpunpcklbw  ymmA, ymmA, ymmE      ; ymmA=(00 04 10 14 20 24 30 34 01 05 11 15 21 25 31 35
-                                      ;       0G 0K 1G 1K 2G 2K 3G 3K 0H 0L 1H 1L 2H 2L 3H 3L)
-    vpunpckhbw  ymmD, ymmD, ymmE      ; ymmD=(02 06 12 16 22 26 32 36 03 07 13 17 23 27 33 37
-                                      ;       0I 0M 1I 1M 2I 2M 3I 3M 0J 0N 1J 1N 2J 2N 3J 3N)
-
-    vmovdqa     ymmC, ymmF
-    vpunpcklbw  ymmF, ymmF, ymmH      ; ymmF=(08 0C 18 1C 28 2C 38 3C 09 0D 19 1D 29 2D 39 3D
-                                      ;       0O 0S 1O 1S 2O 2S 3O 3S 0P 0T 1P 1T 2P 2T 3P 3T)
-    vpunpckhbw  ymmC, ymmC, ymmH      ; ymmC=(0A 0E 1A 1E 2A 2E 3A 3E 0B 0F 1B 1F 2B 2F 3B 3F
-                                      ;       0Q 0U 1Q 1U 2Q 2U 3Q 3U 0R 0V 1R 1V 2R 2V 3R 3V)
-
-    vmovdqa     ymmB, ymmA
-    vpunpcklwd  ymmA, ymmA, ymmF      ; ymmA=(00 04 08 0C 10 14 18 1C 20 24 28 2C 30 34 38 3C
-                                      ;       0G 0K 0O 0S 1G 1K 1O 1S 2G 2K 2O 2S 3G 3K 3O 3S)
-    vpunpckhwd  ymmB, ymmB, ymmF      ; ymmB=(01 05 09 0D 11 15 19 1D 21 25 29 2D 31 35 39 3D
-                                      ;       0H 0L 0P 0T 1H 1L 1P 1T 2H 2L 2P 2T 3H 3L 3P 3T)
-
-    vmovdqa     ymmG, ymmD
-    vpunpcklwd  ymmD, ymmD, ymmC      ; ymmD=(02 06 0A 0E 12 16 1A 1E 22 26 2A 2E 32 36 3A 3E
-                                      ;       0I 0M 0Q 0U 1I 1M 1Q 1U 2I 2M 2Q 2U 3I 3M 3Q 3U)
-    vpunpckhwd  ymmG, ymmG, ymmC      ; ymmG=(03 07 0B 0F 13 17 1B 1F 23 27 2B 2F 33 37 3B 3F
-                                      ;       0J 0N 0R 0V 1J 1N 1R 1V 2J 2N 2R 2V 3J 3N 3R 3V)
-
-    vmovdqa     ymmE, ymmA
-    vpunpcklbw  ymmA, ymmA, ymmD      ; ymmA=(00 02 04 06 08 0A 0C 0E 10 12 14 16 18 1A 1C 1E
-                                      ;       0G 0I 0K 0M 0O 0Q 0S 0U 1G 1I 1K 1M 1O 1Q 1S 1U)
-    vpunpckhbw  ymmE, ymmE, ymmD      ; ymmE=(20 22 24 26 28 2A 2C 2E 30 32 34 36 38 3A 3C 3E
-                                      ;       2G 2I 2K 2M 2O 2Q 2S 2U 3G 3I 3K 3M 3O 3Q 3S 3U)
-
-    vmovdqa     ymmH, ymmB
-    vpunpcklbw  ymmB, ymmB, ymmG      ; ymmB=(01 03 05 07 09 0B 0D 0F 11 13 15 17 19 1B 1D 1F
-                                      ;       0H 0J 0L 0N 0P 0R 0T 0V 1H 1J 1L 1N 1P 1R 1T 1V)
-    vpunpckhbw  ymmH, ymmH, ymmG      ; ymmH=(21 23 25 27 29 2B 2D 2F 31 33 35 37 39 3B 3D 3F
-                                      ;       2H 2J 2L 2N 2P 2R 2T 2V 3H 3J 3L 3N 3P 3R 3T 3V)
-
-    vpxor       ymmF, ymmF, ymmF
-
-    vmovdqa     ymmC, ymmA
-    vpunpcklbw  ymmA, ymmA, ymmF      ; ymmA=(00 02 04 06 08 0A 0C 0E 0G 0I 0K 0M 0O 0Q 0S 0U)
-    vpunpckhbw  ymmC, ymmC, ymmF      ; ymmC=(10 12 14 16 18 1A 1C 1E 1G 1I 1K 1M 1O 1Q 1S 1U)
-
-    vmovdqa     ymmD, ymmB
-    vpunpcklbw  ymmB, ymmB, ymmF      ; ymmB=(01 03 05 07 09 0B 0D 0F 0H 0J 0L 0N 0P 0R 0T 0V)
-    vpunpckhbw  ymmD, ymmD, ymmF      ; ymmD=(11 13 15 17 19 1B 1D 1F 1H 1J 1L 1N 1P 1R 1T 1V)
-
-    vmovdqa     ymmG, ymmE
-    vpunpcklbw  ymmE, ymmE, ymmF      ; ymmE=(20 22 24 26 28 2A 2C 2E 2G 2I 2K 2M 2O 2Q 2S 2U)
-    vpunpckhbw  ymmG, ymmG, ymmF      ; ymmG=(30 32 34 36 38 3A 3C 3E 3G 3I 3K 3M 3O 3Q 3S 3U)
-
-    vpunpcklbw  ymmF, ymmF, ymmH
-    vpunpckhbw  ymmH, ymmH, ymmH
-    vpsrlw      ymmF, ymmF, BYTE_BIT  ; ymmF=(21 23 25 27 29 2B 2D 2F 2H 2J 2L 2N 2P 2R 2T 2V)
-    vpsrlw      ymmH, ymmH, BYTE_BIT  ; ymmH=(31 33 35 37 39 3B 3D 3F 3H 3J 3L 3N 3P 3R 3T 3V)
-
-%endif  ; RGB_PIXELSIZE ; ---------------
-
-    ; ymm0=R(02468ACEGIKMOQSU)=RE, ymm2=G(02468ACEGIKMOQSU)=GE, ymm4=B(02468ACEGIKMOQSU)=BE
-    ; ymm1=R(13579BDFHJLNPRTV)=RO, ymm3=G(13579BDFHJLNPRTV)=GO, ymm5=B(13579BDFHJLNPRTV)=BO
-
-    ; (Original)
-    ; Y  =  0.29900 * R + 0.58700 * G + 0.11400 * B
-    ;
-    ; (This implementation)
-    ; Y  =  0.29900 * R + 0.33700 * G + 0.11400 * B + 0.25000 * G
-
-    vmovdqa     ymm6, ymm1
-    vpunpcklwd  ymm1, ymm1, ymm3
-    vpunpckhwd  ymm6, ymm6, ymm3
-    vpmaddwd    ymm1, ymm1, [GOTOFF(eax,PW_F0299_F0337)]  ; ymm1=ROL*FIX(0.299)+GOL*FIX(0.337)
-    vpmaddwd    ymm6, ymm6, [GOTOFF(eax,PW_F0299_F0337)]  ; ymm6=ROH*FIX(0.299)+GOH*FIX(0.337)
-
-    vmovdqa     ymm7, ymm6              ; ymm7=ROH*FIX(0.299)+GOH*FIX(0.337)
-
-    vmovdqa     ymm6, ymm0
-    vpunpcklwd  ymm0, ymm0, ymm2
-    vpunpckhwd  ymm6, ymm6, ymm2
-    vpmaddwd    ymm0, ymm0, [GOTOFF(eax,PW_F0299_F0337)]  ; ymm0=REL*FIX(0.299)+GEL*FIX(0.337)
-    vpmaddwd    ymm6, ymm6, [GOTOFF(eax,PW_F0299_F0337)]  ; ymm6=REH*FIX(0.299)+GEH*FIX(0.337)
-
-    vmovdqa     YMMWORD [wk(0)], ymm0   ; wk(0)=REL*FIX(0.299)+GEL*FIX(0.337)
-    vmovdqa     YMMWORD [wk(1)], ymm6   ; wk(1)=REH*FIX(0.299)+GEH*FIX(0.337)
-
-    vmovdqa     ymm0, ymm5              ; ymm0=BO
-    vmovdqa     ymm6, ymm4              ; ymm6=BE
-
-    vmovdqa     ymm4, ymm0
-    vpunpcklwd  ymm0, ymm0, ymm3
-    vpunpckhwd  ymm4, ymm4, ymm3
-    vpmaddwd    ymm0, ymm0, [GOTOFF(eax,PW_F0114_F0250)]  ; ymm0=BOL*FIX(0.114)+GOL*FIX(0.250)
-    vpmaddwd    ymm4, ymm4, [GOTOFF(eax,PW_F0114_F0250)]  ; ymm4=BOH*FIX(0.114)+GOH*FIX(0.250)
-
-    vmovdqa     ymm3, [GOTOFF(eax,PD_ONEHALF)]            ; ymm3=[PD_ONEHALF]
-
-    vpaddd      ymm0, ymm0, ymm1
-    vpaddd      ymm4, ymm4, ymm7
-    vpaddd      ymm0, ymm0, ymm3
-    vpaddd      ymm4, ymm4, ymm3
-    vpsrld      ymm0, ymm0, SCALEBITS   ; ymm0=YOL
-    vpsrld      ymm4, ymm4, SCALEBITS   ; ymm4=YOH
-    vpackssdw   ymm0, ymm0, ymm4        ; ymm0=YO
-
-    vmovdqa     ymm4, ymm6
-    vpunpcklwd  ymm6, ymm6, ymm2
-    vpunpckhwd  ymm4, ymm4, ymm2
-    vpmaddwd    ymm6, ymm6, [GOTOFF(eax,PW_F0114_F0250)]  ; ymm6=BEL*FIX(0.114)+GEL*FIX(0.250)
-    vpmaddwd    ymm4, ymm4, [GOTOFF(eax,PW_F0114_F0250)]  ; ymm4=BEH*FIX(0.114)+GEH*FIX(0.250)
-
-    vmovdqa     ymm2, [GOTOFF(eax,PD_ONEHALF)]            ; ymm2=[PD_ONEHALF]
-
-    vpaddd      ymm6, ymm6, YMMWORD [wk(0)]
-    vpaddd      ymm4, ymm4, YMMWORD [wk(1)]
-    vpaddd      ymm6, ymm6, ymm2
-    vpaddd      ymm4, ymm4, ymm2
-    vpsrld      ymm6, ymm6, SCALEBITS   ; ymm6=YEL
-    vpsrld      ymm4, ymm4, SCALEBITS   ; ymm4=YEH
-    vpackssdw   ymm6, ymm6, ymm4        ; ymm6=YE
-
-    vpsllw      ymm0, ymm0, BYTE_BIT
-    vpor        ymm6, ymm6, ymm0        ; ymm6=Y
-    vmovdqu     YMMWORD [edi], ymm6     ; Save Y
-
-    sub         ecx, byte SIZEOF_YMMWORD
-    add         esi, RGB_PIXELSIZE*SIZEOF_YMMWORD  ; inptr
-    add         edi, byte SIZEOF_YMMWORD           ; outptr0
-    cmp         ecx, byte SIZEOF_YMMWORD
-    jae         near .columnloop
-    test        ecx, ecx
-    jnz         near .column_ld1
-
-    pop         ecx                     ; col
-    pop         esi
-    pop         edi
-    poppic      eax
-
-    add         esi, byte SIZEOF_JSAMPROW  ; input_buf
-    add         edi, byte SIZEOF_JSAMPROW
-    dec         eax                        ; num_rows
-    jg          near .rowloop
-
-.return:
-    vzeroupper
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcgryext-mmx.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcgryext-mmx.asm
deleted file mode 100644
index 8af42e5..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcgryext-mmx.asm
+++ /dev/null
@@ -1,355 +0,0 @@
-;
-; jcgryext.asm - grayscale colorspace conversion (MMX)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2011, 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jcolsamp.inc"
-
-; --------------------------------------------------------------------------
-;
-; Convert some rows of samples to the output colorspace.
-;
-; GLOBAL(void)
-; jsimd_rgb_gray_convert_mmx(JDIMENSION img_width, JSAMPARRAY input_buf,
-;                            JSAMPIMAGE output_buf, JDIMENSION output_row,
-;                            int num_rows);
-;
-
-%define img_width(b)   (b) + 8          ; JDIMENSION img_width
-%define input_buf(b)   (b) + 12         ; JSAMPARRAY input_buf
-%define output_buf(b)  (b) + 16         ; JSAMPIMAGE output_buf
-%define output_row(b)  (b) + 20         ; JDIMENSION output_row
-%define num_rows(b)    (b) + 24         ; int num_rows
-
-%define original_ebp   ebp + 0
-%define wk(i)          ebp - (WK_NUM - (i)) * SIZEOF_MMWORD
-                                        ; mmword wk[WK_NUM]
-%define WK_NUM         2
-%define gotptr         wk(0) - SIZEOF_POINTER  ; void * gotptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_rgb_gray_convert_mmx)
-
-EXTN(jsimd_rgb_gray_convert_mmx):
-    push        ebp
-    mov         eax, esp                    ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_MMWORD)  ; align to 64 bits
-    mov         [esp], eax
-    mov         ebp, esp                    ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     eax                     ; make a room for GOT address
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-    movpic      POINTER [gotptr], ebx   ; save GOT address
-
-    mov         ecx, JDIMENSION [img_width(eax)]  ; num_cols
-    test        ecx, ecx
-    jz          near .return
-
-    push        ecx
-
-    mov         esi, JSAMPIMAGE [output_buf(eax)]
-    mov         ecx, JDIMENSION [output_row(eax)]
-    mov         edi, JSAMPARRAY [esi+0*SIZEOF_JSAMPARRAY]
-    lea         edi, [edi+ecx*SIZEOF_JSAMPROW]
-
-    pop         ecx
-
-    mov         esi, JSAMPARRAY [input_buf(eax)]
-    mov         eax, INT [num_rows(eax)]
-    test        eax, eax
-    jle         near .return
-    alignx      16, 7
-.rowloop:
-    pushpic     eax
-    push        edi
-    push        esi
-    push        ecx                     ; col
-
-    mov         esi, JSAMPROW [esi]     ; inptr
-    mov         edi, JSAMPROW [edi]     ; outptr0
-    movpic      eax, POINTER [gotptr]   ; load GOT address (eax)
-
-    cmp         ecx, byte SIZEOF_MMWORD
-    jae         short .columnloop
-    alignx      16, 7
-
-%if RGB_PIXELSIZE == 3  ; ---------------
-
-.column_ld1:
-    push        eax
-    push        edx
-    lea         ecx, [ecx+ecx*2]        ; imul ecx,RGB_PIXELSIZE
-    test        cl, SIZEOF_BYTE
-    jz          short .column_ld2
-    sub         ecx, byte SIZEOF_BYTE
-    xor         eax, eax
-    mov         al, byte [esi+ecx]
-.column_ld2:
-    test        cl, SIZEOF_WORD
-    jz          short .column_ld4
-    sub         ecx, byte SIZEOF_WORD
-    xor         edx, edx
-    mov         dx, word [esi+ecx]
-    shl         eax, WORD_BIT
-    or          eax, edx
-.column_ld4:
-    movd        mmA, eax
-    pop         edx
-    pop         eax
-    test        cl, SIZEOF_DWORD
-    jz          short .column_ld8
-    sub         ecx, byte SIZEOF_DWORD
-    movd        mmG, dword [esi+ecx]
-    psllq       mmA, DWORD_BIT
-    por         mmA, mmG
-.column_ld8:
-    test        cl, SIZEOF_MMWORD
-    jz          short .column_ld16
-    movq        mmG, mmA
-    movq        mmA, MMWORD [esi+0*SIZEOF_MMWORD]
-    mov         ecx, SIZEOF_MMWORD
-    jmp         short .rgb_gray_cnv
-.column_ld16:
-    test        cl, 2*SIZEOF_MMWORD
-    mov         ecx, SIZEOF_MMWORD
-    jz          short .rgb_gray_cnv
-    movq        mmF, mmA
-    movq        mmA, MMWORD [esi+0*SIZEOF_MMWORD]
-    movq        mmG, MMWORD [esi+1*SIZEOF_MMWORD]
-    jmp         short .rgb_gray_cnv
-    alignx      16, 7
-
-.columnloop:
-    movq        mmA, MMWORD [esi+0*SIZEOF_MMWORD]
-    movq        mmG, MMWORD [esi+1*SIZEOF_MMWORD]
-    movq        mmF, MMWORD [esi+2*SIZEOF_MMWORD]
-
-.rgb_gray_cnv:
-    ; mmA=(00 10 20 01 11 21 02 12)
-    ; mmG=(22 03 13 23 04 14 24 05)
-    ; mmF=(15 25 06 16 26 07 17 27)
-
-    movq        mmD, mmA
-    psllq       mmA, 4*BYTE_BIT         ; mmA=(-- -- -- -- 00 10 20 01)
-    psrlq       mmD, 4*BYTE_BIT         ; mmD=(11 21 02 12 -- -- -- --)
-
-    punpckhbw   mmA, mmG                ; mmA=(00 04 10 14 20 24 01 05)
-    psllq       mmG, 4*BYTE_BIT         ; mmG=(-- -- -- -- 22 03 13 23)
-
-    punpcklbw   mmD, mmF                ; mmD=(11 15 21 25 02 06 12 16)
-    punpckhbw   mmG, mmF                ; mmG=(22 26 03 07 13 17 23 27)
-
-    movq        mmE, mmA
-    psllq       mmA, 4*BYTE_BIT         ; mmA=(-- -- -- -- 00 04 10 14)
-    psrlq       mmE, 4*BYTE_BIT         ; mmE=(20 24 01 05 -- -- -- --)
-
-    punpckhbw   mmA, mmD                ; mmA=(00 02 04 06 10 12 14 16)
-    psllq       mmD, 4*BYTE_BIT         ; mmD=(-- -- -- -- 11 15 21 25)
-
-    punpcklbw   mmE, mmG                ; mmE=(20 22 24 26 01 03 05 07)
-    punpckhbw   mmD, mmG                ; mmD=(11 13 15 17 21 23 25 27)
-
-    pxor        mmH, mmH
-
-    movq        mmC, mmA
-    punpcklbw   mmA, mmH                ; mmA=(00 02 04 06)
-    punpckhbw   mmC, mmH                ; mmC=(10 12 14 16)
-
-    movq        mmB, mmE
-    punpcklbw   mmE, mmH                ; mmE=(20 22 24 26)
-    punpckhbw   mmB, mmH                ; mmB=(01 03 05 07)
-
-    movq        mmF, mmD
-    punpcklbw   mmD, mmH                ; mmD=(11 13 15 17)
-    punpckhbw   mmF, mmH                ; mmF=(21 23 25 27)
-
-%else  ; RGB_PIXELSIZE == 4 ; -----------
-
-.column_ld1:
-    test        cl, SIZEOF_MMWORD/8
-    jz          short .column_ld2
-    sub         ecx, byte SIZEOF_MMWORD/8
-    movd        mmA, dword [esi+ecx*RGB_PIXELSIZE]
-.column_ld2:
-    test        cl, SIZEOF_MMWORD/4
-    jz          short .column_ld4
-    sub         ecx, byte SIZEOF_MMWORD/4
-    movq        mmF, mmA
-    movq        mmA, MMWORD [esi+ecx*RGB_PIXELSIZE]
-.column_ld4:
-    test        cl, SIZEOF_MMWORD/2
-    mov         ecx, SIZEOF_MMWORD
-    jz          short .rgb_gray_cnv
-    movq        mmD, mmA
-    movq        mmC, mmF
-    movq        mmA, MMWORD [esi+0*SIZEOF_MMWORD]
-    movq        mmF, MMWORD [esi+1*SIZEOF_MMWORD]
-    jmp         short .rgb_gray_cnv
-    alignx      16, 7
-
-.columnloop:
-    movq        mmA, MMWORD [esi+0*SIZEOF_MMWORD]
-    movq        mmF, MMWORD [esi+1*SIZEOF_MMWORD]
-    movq        mmD, MMWORD [esi+2*SIZEOF_MMWORD]
-    movq        mmC, MMWORD [esi+3*SIZEOF_MMWORD]
-
-.rgb_gray_cnv:
-    ; mmA=(00 10 20 30 01 11 21 31)
-    ; mmF=(02 12 22 32 03 13 23 33)
-    ; mmD=(04 14 24 34 05 15 25 35)
-    ; mmC=(06 16 26 36 07 17 27 37)
-
-    movq        mmB, mmA
-    punpcklbw   mmA, mmF                ; mmA=(00 02 10 12 20 22 30 32)
-    punpckhbw   mmB, mmF                ; mmB=(01 03 11 13 21 23 31 33)
-
-    movq        mmG, mmD
-    punpcklbw   mmD, mmC                ; mmD=(04 06 14 16 24 26 34 36)
-    punpckhbw   mmG, mmC                ; mmG=(05 07 15 17 25 27 35 37)
-
-    movq        mmE, mmA
-    punpcklwd   mmA, mmD                ; mmA=(00 02 04 06 10 12 14 16)
-    punpckhwd   mmE, mmD                ; mmE=(20 22 24 26 30 32 34 36)
-
-    movq        mmH, mmB
-    punpcklwd   mmB, mmG                ; mmB=(01 03 05 07 11 13 15 17)
-    punpckhwd   mmH, mmG                ; mmH=(21 23 25 27 31 33 35 37)
-
-    pxor        mmF, mmF
-
-    movq        mmC, mmA
-    punpcklbw   mmA, mmF                ; mmA=(00 02 04 06)
-    punpckhbw   mmC, mmF                ; mmC=(10 12 14 16)
-
-    movq        mmD, mmB
-    punpcklbw   mmB, mmF                ; mmB=(01 03 05 07)
-    punpckhbw   mmD, mmF                ; mmD=(11 13 15 17)
-
-    movq        mmG, mmE
-    punpcklbw   mmE, mmF                ; mmE=(20 22 24 26)
-    punpckhbw   mmG, mmF                ; mmG=(30 32 34 36)
-
-    punpcklbw   mmF, mmH
-    punpckhbw   mmH, mmH
-    psrlw       mmF, BYTE_BIT           ; mmF=(21 23 25 27)
-    psrlw       mmH, BYTE_BIT           ; mmH=(31 33 35 37)
-
-%endif  ; RGB_PIXELSIZE ; ---------------
-
-    ; mm0=(R0 R2 R4 R6)=RE, mm2=(G0 G2 G4 G6)=GE, mm4=(B0 B2 B4 B6)=BE
-    ; mm1=(R1 R3 R5 R7)=RO, mm3=(G1 G3 G5 G7)=GO, mm5=(B1 B3 B5 B7)=BO
-
-    ; (Original)
-    ; Y  =  0.29900 * R + 0.58700 * G + 0.11400 * B
-    ;
-    ; (This implementation)
-    ; Y  =  0.29900 * R + 0.33700 * G + 0.11400 * B + 0.25000 * G
-
-    movq        mm6, mm1
-    punpcklwd   mm1, mm3
-    punpckhwd   mm6, mm3
-    pmaddwd     mm1, [GOTOFF(eax,PW_F0299_F0337)]  ; mm1=ROL*FIX(0.299)+GOL*FIX(0.337)
-    pmaddwd     mm6, [GOTOFF(eax,PW_F0299_F0337)]  ; mm6=ROH*FIX(0.299)+GOH*FIX(0.337)
-
-    movq        mm7,  mm6               ; mm7=ROH*FIX(0.299)+GOH*FIX(0.337)
-
-    movq        mm6, mm0
-    punpcklwd   mm0, mm2
-    punpckhwd   mm6, mm2
-    pmaddwd     mm0, [GOTOFF(eax,PW_F0299_F0337)]  ; mm0=REL*FIX(0.299)+GEL*FIX(0.337)
-    pmaddwd     mm6, [GOTOFF(eax,PW_F0299_F0337)]  ; mm6=REH*FIX(0.299)+GEH*FIX(0.337)
-
-    movq        MMWORD [wk(0)], mm0     ; wk(0)=REL*FIX(0.299)+GEL*FIX(0.337)
-    movq        MMWORD [wk(1)], mm6     ; wk(1)=REH*FIX(0.299)+GEH*FIX(0.337)
-
-    movq        mm0, mm5                ; mm0=BO
-    movq        mm6, mm4                ; mm6=BE
-
-    movq        mm4, mm0
-    punpcklwd   mm0, mm3
-    punpckhwd   mm4, mm3
-    pmaddwd     mm0, [GOTOFF(eax,PW_F0114_F0250)]  ; mm0=BOL*FIX(0.114)+GOL*FIX(0.250)
-    pmaddwd     mm4, [GOTOFF(eax,PW_F0114_F0250)]  ; mm4=BOH*FIX(0.114)+GOH*FIX(0.250)
-
-    movq        mm3, [GOTOFF(eax,PD_ONEHALF)]  ; mm3=[PD_ONEHALF]
-
-    paddd       mm0, mm1
-    paddd       mm4, mm7
-    paddd       mm0, mm3
-    paddd       mm4, mm3
-    psrld       mm0, SCALEBITS          ; mm0=YOL
-    psrld       mm4, SCALEBITS          ; mm4=YOH
-    packssdw    mm0, mm4                ; mm0=YO
-
-    movq        mm4, mm6
-    punpcklwd   mm6, mm2
-    punpckhwd   mm4, mm2
-    pmaddwd     mm6, [GOTOFF(eax,PW_F0114_F0250)]  ; mm6=BEL*FIX(0.114)+GEL*FIX(0.250)
-    pmaddwd     mm4, [GOTOFF(eax,PW_F0114_F0250)]  ; mm4=BEH*FIX(0.114)+GEH*FIX(0.250)
-
-    movq        mm2, [GOTOFF(eax,PD_ONEHALF)]      ; mm2=[PD_ONEHALF]
-
-    paddd       mm6, MMWORD [wk(0)]
-    paddd       mm4, MMWORD [wk(1)]
-    paddd       mm6, mm2
-    paddd       mm4, mm2
-    psrld       mm6, SCALEBITS          ; mm6=YEL
-    psrld       mm4, SCALEBITS          ; mm4=YEH
-    packssdw    mm6, mm4                ; mm6=YE
-
-    psllw       mm0, BYTE_BIT
-    por         mm6, mm0                ; mm6=Y
-    movq        MMWORD [edi], mm6       ; Save Y
-
-    sub         ecx, byte SIZEOF_MMWORD
-    add         esi, byte RGB_PIXELSIZE*SIZEOF_MMWORD  ; inptr
-    add         edi, byte SIZEOF_MMWORD                ; outptr0
-    cmp         ecx, byte SIZEOF_MMWORD
-    jae         near .columnloop
-    test        ecx, ecx
-    jnz         near .column_ld1
-
-    pop         ecx                     ; col
-    pop         esi
-    pop         edi
-    poppic      eax
-
-    add         esi, byte SIZEOF_JSAMPROW  ; input_buf
-    add         edi, byte SIZEOF_JSAMPROW
-    dec         eax                        ; num_rows
-    jg          near .rowloop
-
-    emms                                ; empty MMX state
-
-.return:
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcgryext-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcgryext-sse2.asm
deleted file mode 100644
index c9d6ff1..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcgryext-sse2.asm
+++ /dev/null
@@ -1,382 +0,0 @@
-;
-; jcgryext.asm - grayscale colorspace conversion (SSE2)
-;
-; Copyright (C) 2011, 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jcolsamp.inc"
-
-; --------------------------------------------------------------------------
-;
-; Convert some rows of samples to the output colorspace.
-;
-; GLOBAL(void)
-; jsimd_rgb_gray_convert_sse2(JDIMENSION img_width, JSAMPARRAY input_buf,
-;                             JSAMPIMAGE output_buf, JDIMENSION output_row,
-;                             int num_rows);
-;
-
-%define img_width(b)   (b) + 8          ; JDIMENSION img_width
-%define input_buf(b)   (b) + 12         ; JSAMPARRAY input_buf
-%define output_buf(b)  (b) + 16         ; JSAMPIMAGE output_buf
-%define output_row(b)  (b) + 20         ; JDIMENSION output_row
-%define num_rows(b)    (b) + 24         ; int num_rows
-
-%define original_ebp   ebp + 0
-%define wk(i)          ebp - (WK_NUM - (i)) * SIZEOF_XMMWORD
-                                        ; xmmword wk[WK_NUM]
-%define WK_NUM         2
-%define gotptr         wk(0) - SIZEOF_POINTER  ; void * gotptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_rgb_gray_convert_sse2)
-
-EXTN(jsimd_rgb_gray_convert_sse2):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     eax                     ; make a room for GOT address
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-    movpic      POINTER [gotptr], ebx   ; save GOT address
-
-    mov         ecx, JDIMENSION [img_width(eax)]
-    test        ecx, ecx
-    jz          near .return
-
-    push        ecx
-
-    mov         esi, JSAMPIMAGE [output_buf(eax)]
-    mov         ecx, JDIMENSION [output_row(eax)]
-    mov         edi, JSAMPARRAY [esi+0*SIZEOF_JSAMPARRAY]
-    lea         edi, [edi+ecx*SIZEOF_JSAMPROW]
-
-    pop         ecx
-
-    mov         esi, JSAMPARRAY [input_buf(eax)]
-    mov         eax, INT [num_rows(eax)]
-    test        eax, eax
-    jle         near .return
-    alignx      16, 7
-.rowloop:
-    pushpic     eax
-    push        edi
-    push        esi
-    push        ecx                     ; col
-
-    mov         esi, JSAMPROW [esi]     ; inptr
-    mov         edi, JSAMPROW [edi]     ; outptr0
-    movpic      eax, POINTER [gotptr]   ; load GOT address (eax)
-
-    cmp         ecx, byte SIZEOF_XMMWORD
-    jae         near .columnloop
-    alignx      16, 7
-
-%if RGB_PIXELSIZE == 3  ; ---------------
-
-.column_ld1:
-    push        eax
-    push        edx
-    lea         ecx, [ecx+ecx*2]        ; imul ecx,RGB_PIXELSIZE
-    test        cl, SIZEOF_BYTE
-    jz          short .column_ld2
-    sub         ecx, byte SIZEOF_BYTE
-    movzx       eax, byte [esi+ecx]
-.column_ld2:
-    test        cl, SIZEOF_WORD
-    jz          short .column_ld4
-    sub         ecx, byte SIZEOF_WORD
-    movzx       edx, word [esi+ecx]
-    shl         eax, WORD_BIT
-    or          eax, edx
-.column_ld4:
-    movd        xmmA, eax
-    pop         edx
-    pop         eax
-    test        cl, SIZEOF_DWORD
-    jz          short .column_ld8
-    sub         ecx, byte SIZEOF_DWORD
-    movd        xmmF, XMM_DWORD [esi+ecx]
-    pslldq      xmmA, SIZEOF_DWORD
-    por         xmmA, xmmF
-.column_ld8:
-    test        cl, SIZEOF_MMWORD
-    jz          short .column_ld16
-    sub         ecx, byte SIZEOF_MMWORD
-    movq        xmmB, XMM_MMWORD [esi+ecx]
-    pslldq      xmmA, SIZEOF_MMWORD
-    por         xmmA, xmmB
-.column_ld16:
-    test        cl, SIZEOF_XMMWORD
-    jz          short .column_ld32
-    movdqa      xmmF, xmmA
-    movdqu      xmmA, XMMWORD [esi+0*SIZEOF_XMMWORD]
-    mov         ecx, SIZEOF_XMMWORD
-    jmp         short .rgb_gray_cnv
-.column_ld32:
-    test        cl, 2*SIZEOF_XMMWORD
-    mov         ecx, SIZEOF_XMMWORD
-    jz          short .rgb_gray_cnv
-    movdqa      xmmB, xmmA
-    movdqu      xmmA, XMMWORD [esi+0*SIZEOF_XMMWORD]
-    movdqu      xmmF, XMMWORD [esi+1*SIZEOF_XMMWORD]
-    jmp         short .rgb_gray_cnv
-    alignx      16, 7
-
-.columnloop:
-    movdqu      xmmA, XMMWORD [esi+0*SIZEOF_XMMWORD]
-    movdqu      xmmF, XMMWORD [esi+1*SIZEOF_XMMWORD]
-    movdqu      xmmB, XMMWORD [esi+2*SIZEOF_XMMWORD]
-
-.rgb_gray_cnv:
-    ; xmmA=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05)
-    ; xmmF=(15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A)
-    ; xmmB=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F)
-
-    movdqa      xmmG, xmmA
-    pslldq      xmmA, 8     ; xmmA=(-- -- -- -- -- -- -- -- 00 10 20 01 11 21 02 12)
-    psrldq      xmmG, 8     ; xmmG=(22 03 13 23 04 14 24 05 -- -- -- -- -- -- -- --)
-
-    punpckhbw   xmmA, xmmF  ; xmmA=(00 08 10 18 20 28 01 09 11 19 21 29 02 0A 12 1A)
-    pslldq      xmmF, 8     ; xmmF=(-- -- -- -- -- -- -- -- 15 25 06 16 26 07 17 27)
-
-    punpcklbw   xmmG, xmmB  ; xmmG=(22 2A 03 0B 13 1B 23 2B 04 0C 14 1C 24 2C 05 0D)
-    punpckhbw   xmmF, xmmB  ; xmmF=(15 1D 25 2D 06 0E 16 1E 26 2E 07 0F 17 1F 27 2F)
-
-    movdqa      xmmD, xmmA
-    pslldq      xmmA, 8     ; xmmA=(-- -- -- -- -- -- -- -- 00 08 10 18 20 28 01 09)
-    psrldq      xmmD, 8     ; xmmD=(11 19 21 29 02 0A 12 1A -- -- -- -- -- -- -- --)
-
-    punpckhbw   xmmA, xmmG  ; xmmA=(00 04 08 0C 10 14 18 1C 20 24 28 2C 01 05 09 0D)
-    pslldq      xmmG, 8     ; xmmG=(-- -- -- -- -- -- -- -- 22 2A 03 0B 13 1B 23 2B)
-
-    punpcklbw   xmmD, xmmF  ; xmmD=(11 15 19 1D 21 25 29 2D 02 06 0A 0E 12 16 1A 1E)
-    punpckhbw   xmmG, xmmF  ; xmmG=(22 26 2A 2E 03 07 0B 0F 13 17 1B 1F 23 27 2B 2F)
-
-    movdqa      xmmE, xmmA
-    pslldq      xmmA, 8     ; xmmA=(-- -- -- -- -- -- -- -- 00 04 08 0C 10 14 18 1C)
-    psrldq      xmmE, 8     ; xmmE=(20 24 28 2C 01 05 09 0D -- -- -- -- -- -- -- --)
-
-    punpckhbw   xmmA, xmmD  ; xmmA=(00 02 04 06 08 0A 0C 0E 10 12 14 16 18 1A 1C 1E)
-    pslldq      xmmD, 8     ; xmmD=(-- -- -- -- -- -- -- -- 11 15 19 1D 21 25 29 2D)
-
-    punpcklbw   xmmE, xmmG  ; xmmE=(20 22 24 26 28 2A 2C 2E 01 03 05 07 09 0B 0D 0F)
-    punpckhbw   xmmD, xmmG  ; xmmD=(11 13 15 17 19 1B 1D 1F 21 23 25 27 29 2B 2D 2F)
-
-    pxor        xmmH, xmmH
-
-    movdqa      xmmC, xmmA
-    punpcklbw   xmmA, xmmH  ; xmmA=(00 02 04 06 08 0A 0C 0E)
-    punpckhbw   xmmC, xmmH  ; xmmC=(10 12 14 16 18 1A 1C 1E)
-
-    movdqa      xmmB, xmmE
-    punpcklbw   xmmE, xmmH  ; xmmE=(20 22 24 26 28 2A 2C 2E)
-    punpckhbw   xmmB, xmmH  ; xmmB=(01 03 05 07 09 0B 0D 0F)
-
-    movdqa      xmmF, xmmD
-    punpcklbw   xmmD, xmmH  ; xmmD=(11 13 15 17 19 1B 1D 1F)
-    punpckhbw   xmmF, xmmH  ; xmmF=(21 23 25 27 29 2B 2D 2F)
-
-%else  ; RGB_PIXELSIZE == 4 ; -----------
-
-.column_ld1:
-    test        cl, SIZEOF_XMMWORD/16
-    jz          short .column_ld2
-    sub         ecx, byte SIZEOF_XMMWORD/16
-    movd        xmmA, XMM_DWORD [esi+ecx*RGB_PIXELSIZE]
-.column_ld2:
-    test        cl, SIZEOF_XMMWORD/8
-    jz          short .column_ld4
-    sub         ecx, byte SIZEOF_XMMWORD/8
-    movq        xmmE, XMM_MMWORD [esi+ecx*RGB_PIXELSIZE]
-    pslldq      xmmA, SIZEOF_MMWORD
-    por         xmmA, xmmE
-.column_ld4:
-    test        cl, SIZEOF_XMMWORD/4
-    jz          short .column_ld8
-    sub         ecx, byte SIZEOF_XMMWORD/4
-    movdqa      xmmE, xmmA
-    movdqu      xmmA, XMMWORD [esi+ecx*RGB_PIXELSIZE]
-.column_ld8:
-    test        cl, SIZEOF_XMMWORD/2
-    mov         ecx, SIZEOF_XMMWORD
-    jz          short .rgb_gray_cnv
-    movdqa      xmmF, xmmA
-    movdqa      xmmH, xmmE
-    movdqu      xmmA, XMMWORD [esi+0*SIZEOF_XMMWORD]
-    movdqu      xmmE, XMMWORD [esi+1*SIZEOF_XMMWORD]
-    jmp         short .rgb_gray_cnv
-    alignx      16, 7
-
-.columnloop:
-    movdqu      xmmA, XMMWORD [esi+0*SIZEOF_XMMWORD]
-    movdqu      xmmE, XMMWORD [esi+1*SIZEOF_XMMWORD]
-    movdqu      xmmF, XMMWORD [esi+2*SIZEOF_XMMWORD]
-    movdqu      xmmH, XMMWORD [esi+3*SIZEOF_XMMWORD]
-
-.rgb_gray_cnv:
-    ; xmmA=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33)
-    ; xmmE=(04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37)
-    ; xmmF=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B)
-    ; xmmH=(0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F)
-
-    movdqa      xmmD, xmmA
-    punpcklbw   xmmA, xmmE      ; xmmA=(00 04 10 14 20 24 30 34 01 05 11 15 21 25 31 35)
-    punpckhbw   xmmD, xmmE      ; xmmD=(02 06 12 16 22 26 32 36 03 07 13 17 23 27 33 37)
-
-    movdqa      xmmC, xmmF
-    punpcklbw   xmmF, xmmH      ; xmmF=(08 0C 18 1C 28 2C 38 3C 09 0D 19 1D 29 2D 39 3D)
-    punpckhbw   xmmC, xmmH      ; xmmC=(0A 0E 1A 1E 2A 2E 3A 3E 0B 0F 1B 1F 2B 2F 3B 3F)
-
-    movdqa      xmmB, xmmA
-    punpcklwd   xmmA, xmmF      ; xmmA=(00 04 08 0C 10 14 18 1C 20 24 28 2C 30 34 38 3C)
-    punpckhwd   xmmB, xmmF      ; xmmB=(01 05 09 0D 11 15 19 1D 21 25 29 2D 31 35 39 3D)
-
-    movdqa      xmmG, xmmD
-    punpcklwd   xmmD, xmmC      ; xmmD=(02 06 0A 0E 12 16 1A 1E 22 26 2A 2E 32 36 3A 3E)
-    punpckhwd   xmmG, xmmC      ; xmmG=(03 07 0B 0F 13 17 1B 1F 23 27 2B 2F 33 37 3B 3F)
-
-    movdqa      xmmE, xmmA
-    punpcklbw   xmmA, xmmD      ; xmmA=(00 02 04 06 08 0A 0C 0E 10 12 14 16 18 1A 1C 1E)
-    punpckhbw   xmmE, xmmD      ; xmmE=(20 22 24 26 28 2A 2C 2E 30 32 34 36 38 3A 3C 3E)
-
-    movdqa      xmmH, xmmB
-    punpcklbw   xmmB, xmmG      ; xmmB=(01 03 05 07 09 0B 0D 0F 11 13 15 17 19 1B 1D 1F)
-    punpckhbw   xmmH, xmmG      ; xmmH=(21 23 25 27 29 2B 2D 2F 31 33 35 37 39 3B 3D 3F)
-
-    pxor        xmmF, xmmF
-
-    movdqa      xmmC, xmmA
-    punpcklbw   xmmA, xmmF      ; xmmA=(00 02 04 06 08 0A 0C 0E)
-    punpckhbw   xmmC, xmmF      ; xmmC=(10 12 14 16 18 1A 1C 1E)
-
-    movdqa      xmmD, xmmB
-    punpcklbw   xmmB, xmmF      ; xmmB=(01 03 05 07 09 0B 0D 0F)
-    punpckhbw   xmmD, xmmF      ; xmmD=(11 13 15 17 19 1B 1D 1F)
-
-    movdqa      xmmG, xmmE
-    punpcklbw   xmmE, xmmF      ; xmmE=(20 22 24 26 28 2A 2C 2E)
-    punpckhbw   xmmG, xmmF      ; xmmG=(30 32 34 36 38 3A 3C 3E)
-
-    punpcklbw   xmmF, xmmH
-    punpckhbw   xmmH, xmmH
-    psrlw       xmmF, BYTE_BIT  ; xmmF=(21 23 25 27 29 2B 2D 2F)
-    psrlw       xmmH, BYTE_BIT  ; xmmH=(31 33 35 37 39 3B 3D 3F)
-
-%endif  ; RGB_PIXELSIZE ; ---------------
-
-    ; xmm0=R(02468ACE)=RE, xmm2=G(02468ACE)=GE, xmm4=B(02468ACE)=BE
-    ; xmm1=R(13579BDF)=RO, xmm3=G(13579BDF)=GO, xmm5=B(13579BDF)=BO
-
-    ; (Original)
-    ; Y  =  0.29900 * R + 0.58700 * G + 0.11400 * B
-    ;
-    ; (This implementation)
-    ; Y  =  0.29900 * R + 0.33700 * G + 0.11400 * B + 0.25000 * G
-
-    movdqa      xmm6, xmm1
-    punpcklwd   xmm1, xmm3
-    punpckhwd   xmm6, xmm3
-    pmaddwd     xmm1, [GOTOFF(eax,PW_F0299_F0337)]  ; xmm1=ROL*FIX(0.299)+GOL*FIX(0.337)
-    pmaddwd     xmm6, [GOTOFF(eax,PW_F0299_F0337)]  ; xmm6=ROH*FIX(0.299)+GOH*FIX(0.337)
-
-    movdqa      xmm7, xmm6              ; xmm7=ROH*FIX(0.299)+GOH*FIX(0.337)
-
-    movdqa      xmm6, xmm0
-    punpcklwd   xmm0, xmm2
-    punpckhwd   xmm6, xmm2
-    pmaddwd     xmm0, [GOTOFF(eax,PW_F0299_F0337)]  ; xmm0=REL*FIX(0.299)+GEL*FIX(0.337)
-    pmaddwd     xmm6, [GOTOFF(eax,PW_F0299_F0337)]  ; xmm6=REH*FIX(0.299)+GEH*FIX(0.337)
-
-    movdqa      XMMWORD [wk(0)], xmm0   ; wk(0)=REL*FIX(0.299)+GEL*FIX(0.337)
-    movdqa      XMMWORD [wk(1)], xmm6   ; wk(1)=REH*FIX(0.299)+GEH*FIX(0.337)
-
-    movdqa      xmm0, xmm5              ; xmm0=BO
-    movdqa      xmm6, xmm4              ; xmm6=BE
-
-    movdqa      xmm4, xmm0
-    punpcklwd   xmm0, xmm3
-    punpckhwd   xmm4, xmm3
-    pmaddwd     xmm0, [GOTOFF(eax,PW_F0114_F0250)]  ; xmm0=BOL*FIX(0.114)+GOL*FIX(0.250)
-    pmaddwd     xmm4, [GOTOFF(eax,PW_F0114_F0250)]  ; xmm4=BOH*FIX(0.114)+GOH*FIX(0.250)
-
-    movdqa      xmm3, [GOTOFF(eax,PD_ONEHALF)]      ; xmm3=[PD_ONEHALF]
-
-    paddd       xmm0, xmm1
-    paddd       xmm4, xmm7
-    paddd       xmm0, xmm3
-    paddd       xmm4, xmm3
-    psrld       xmm0, SCALEBITS         ; xmm0=YOL
-    psrld       xmm4, SCALEBITS         ; xmm4=YOH
-    packssdw    xmm0, xmm4              ; xmm0=YO
-
-    movdqa      xmm4, xmm6
-    punpcklwd   xmm6, xmm2
-    punpckhwd   xmm4, xmm2
-    pmaddwd     xmm6, [GOTOFF(eax,PW_F0114_F0250)]  ; xmm6=BEL*FIX(0.114)+GEL*FIX(0.250)
-    pmaddwd     xmm4, [GOTOFF(eax,PW_F0114_F0250)]  ; xmm4=BEH*FIX(0.114)+GEH*FIX(0.250)
-
-    movdqa      xmm2, [GOTOFF(eax,PD_ONEHALF)]      ; xmm2=[PD_ONEHALF]
-
-    paddd       xmm6, XMMWORD [wk(0)]
-    paddd       xmm4, XMMWORD [wk(1)]
-    paddd       xmm6, xmm2
-    paddd       xmm4, xmm2
-    psrld       xmm6, SCALEBITS         ; xmm6=YEL
-    psrld       xmm4, SCALEBITS         ; xmm4=YEH
-    packssdw    xmm6, xmm4              ; xmm6=YE
-
-    psllw       xmm0, BYTE_BIT
-    por         xmm6, xmm0              ; xmm6=Y
-    movdqa      XMMWORD [edi], xmm6     ; Save Y
-
-    sub         ecx, byte SIZEOF_XMMWORD
-    add         esi, byte RGB_PIXELSIZE*SIZEOF_XMMWORD  ; inptr
-    add         edi, byte SIZEOF_XMMWORD                ; outptr0
-    cmp         ecx, byte SIZEOF_XMMWORD
-    jae         near .columnloop
-    test        ecx, ecx
-    jnz         near .column_ld1
-
-    pop         ecx                     ; col
-    pop         esi
-    pop         edi
-    poppic      eax
-
-    add         esi, byte SIZEOF_JSAMPROW  ; input_buf
-    add         edi, byte SIZEOF_JSAMPROW
-    dec         eax                        ; num_rows
-    jg          near .rowloop
-
-.return:
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jchuff-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jchuff-sse2.asm
deleted file mode 100644
index 278cf5e..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jchuff-sse2.asm
+++ /dev/null
@@ -1,761 +0,0 @@
-;
-; jchuff-sse2.asm - Huffman entropy encoding (SSE2)
-;
-; Copyright (C) 2009-2011, 2014-2017, 2019, D. R. Commander.
-; Copyright (C) 2015, Matthieu Darbois.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains an SSE2 implementation for Huffman coding of one block.
-; The following code is based on jchuff.c; see jchuff.c for more details.
-
-%include "jsimdext.inc"
-
-struc working_state
-.next_output_byte:   resp 1     ; => next byte to write in buffer
-.free_in_buffer:     resp 1     ; # of byte spaces remaining in buffer
-.cur.put_buffer.simd resq 1     ; current bit accumulation buffer
-.cur.free_bits       resd 1     ; # of bits available in it
-.cur.last_dc_val     resd 4     ; last DC coef for each component
-.cinfo:              resp 1     ; dump_buffer needs access to this
-endstruc
-
-struc c_derived_tbl
-.ehufco:             resd 256   ; code for each symbol
-.ehufsi:             resb 256   ; length of code for each symbol
-; If no code has been allocated for a symbol S, ehufsi[S] contains 0
-endstruc
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    GLOBAL_DATA(jconst_huff_encode_one_block)
-
-EXTN(jconst_huff_encode_one_block):
-
-    alignz      32
-
-jpeg_mask_bits dq 0x0000, 0x0001, 0x0003, 0x0007
-               dq 0x000f, 0x001f, 0x003f, 0x007f
-               dq 0x00ff, 0x01ff, 0x03ff, 0x07ff
-               dq 0x0fff, 0x1fff, 0x3fff, 0x7fff
-
-times 1 << 14 db 15
-times 1 << 13 db 14
-times 1 << 12 db 13
-times 1 << 11 db 12
-times 1 << 10 db 11
-times 1 <<  9 db 10
-times 1 <<  8 db  9
-times 1 <<  7 db  8
-times 1 <<  6 db  7
-times 1 <<  5 db  6
-times 1 <<  4 db  5
-times 1 <<  3 db  4
-times 1 <<  2 db  3
-times 1 <<  1 db  2
-times 1 <<  0 db  1
-times 1       db  0
-jpeg_nbits_table:
-times 1       db  0
-times 1 <<  0 db  1
-times 1 <<  1 db  2
-times 1 <<  2 db  3
-times 1 <<  3 db  4
-times 1 <<  4 db  5
-times 1 <<  5 db  6
-times 1 <<  6 db  7
-times 1 <<  7 db  8
-times 1 <<  8 db  9
-times 1 <<  9 db 10
-times 1 << 10 db 11
-times 1 << 11 db 12
-times 1 << 12 db 13
-times 1 << 13 db 14
-times 1 << 14 db 15
-
-    alignz      32
-
-%ifdef PIC
-%define NBITS(x)      nbits_base + x
-%else
-%define NBITS(x)      jpeg_nbits_table + x
-%endif
-%define MASK_BITS(x)  NBITS((x) * 8) + (jpeg_mask_bits - jpeg_nbits_table)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-
-%define mm_put_buffer     mm0
-%define mm_all_0xff       mm1
-%define mm_temp           mm2
-%define mm_nbits          mm3
-%define mm_code_bits      mm3
-%define mm_code           mm4
-%define mm_overflow_bits  mm5
-%define mm_save_nbits     mm6
-
-; Shorthand used to describe SIMD operations:
-; wN:  xmmN treated as eight signed 16-bit values
-; wN[i]:  perform the same operation on all eight signed 16-bit values, i=0..7
-; bN:  xmmN treated as 16 unsigned 8-bit values, or
-;      mmN treated as eight unsigned 8-bit values
-; bN[i]:  perform the same operation on all unsigned 8-bit values,
-;         i=0..15 (SSE register) or i=0..7 (MMX register)
-; Contents of SIMD registers are shown in memory order.
-
-; Fill the bit buffer to capacity with the leading bits from code, then output
-; the bit buffer and put the remaining bits from code into the bit buffer.
-;
-; Usage:
-; code - contains the bits to shift into the bit buffer (LSB-aligned)
-; %1 - temp register
-; %2 - low byte of temp register
-; %3 - second byte of temp register
-; %4-%8 (optional) - extra instructions to execute before the macro completes
-; %9 - the label to which to jump when the macro completes
-;
-; Upon completion, free_bits will be set to the number of remaining bits from
-; code, and put_buffer will contain those remaining bits.  temp and code will
-; be clobbered.
-;
-; This macro encodes any 0xFF bytes as 0xFF 0x00, as does the EMIT_BYTE()
-; macro in jchuff.c.
-
-%macro EMIT_QWORD 9
-%define %%temp   %1
-%define %%tempb  %2
-%define %%temph  %3
-    add         nbits, free_bits             ; nbits += free_bits;
-    neg         free_bits                    ; free_bits = -free_bits;
-    movq        mm_temp, mm_code             ; temp = code;
-    movd        mm_nbits, nbits              ; nbits --> MMX register
-    movd        mm_overflow_bits, free_bits  ; overflow_bits (temp register) = free_bits;
-    neg         free_bits                    ; free_bits = -free_bits;
-    psllq       mm_put_buffer, mm_nbits      ; put_buffer <<= nbits;
-    psrlq       mm_temp, mm_overflow_bits    ; temp >>= overflow_bits;
-    add         free_bits, 64                ; free_bits += 64;
-    por         mm_temp, mm_put_buffer       ; temp |= put_buffer;
-%ifidn %%temp, nbits_base
-    movd        mm_save_nbits, nbits_base    ; save nbits_base
-%endif
-    movq        mm_code_bits, mm_temp        ; code_bits (temp register) = temp;
-    movq        mm_put_buffer, mm_code       ; put_buffer = code;
-    pcmpeqb     mm_temp, mm_all_0xff         ; b_temp[i] = (b_temp[i] == 0xFF ? 0xFF : 0);
-    movq        mm_code, mm_code_bits        ; code = code_bits;
-    psrlq       mm_code_bits, 32             ; code_bits >>= 32;
-    pmovmskb    nbits, mm_temp               ; nbits = 0;  nbits |= ((b_temp[i] >> 7) << i);
-    movd        %%temp, mm_code_bits         ; temp = code_bits;
-    bswap       %%temp                       ; temp = htonl(temp);
-    test        nbits, nbits                 ; if (nbits != 0)  /* Some 0xFF bytes */
-    jnz         %%.SLOW                      ;   goto %%.SLOW
-    mov         dword [buffer], %%temp       ; *(uint32_t)buffer = temp;
-%ifidn %%temp, nbits_base
-    movd        nbits_base, mm_save_nbits    ; restore nbits_base
-%endif
-    %4
-    movd        nbits, mm_code               ; nbits = (uint32_t)(code);
-    %5
-    bswap       nbits                        ; nbits = htonl(nbits);
-    mov         dword [buffer + 4], nbits    ; *(uint32_t)(buffer + 4) = nbits;
-    lea         buffer, [buffer + 8]         ; buffer += 8;
-    %6
-    %7
-    %8
-    jmp %9                                   ; return
-%%.SLOW:
-    ; Execute the equivalent of the EMIT_BYTE() macro in jchuff.c for all 8
-    ; bytes in the qword.
-    mov         byte [buffer], %%tempb     ; buffer[0] = temp[0];
-    cmp         %%tempb, 0xFF              ; Set CF if temp[0] < 0xFF
-    mov         byte [buffer+1], 0         ; buffer[1] = 0;
-    sbb         buffer, -2                 ; buffer -= (-2 + (temp[0] < 0xFF ? 1 : 0));
-    mov         byte [buffer], %%temph     ; buffer[0] = temp[1];
-    cmp         %%temph, 0xFF              ; Set CF if temp[1] < 0xFF
-    mov         byte [buffer+1], 0         ; buffer[1] = 0;
-    sbb         buffer, -2                 ; buffer -= (-2 + (temp[1] < 0xFF ? 1 : 0));
-    shr         %%temp, 16                 ; temp >>= 16;
-    mov         byte [buffer], %%tempb     ; buffer[0] = temp[0];
-    cmp         %%tempb, 0xFF              ; Set CF if temp[0] < 0xFF
-    mov         byte [buffer+1], 0         ; buffer[1] = 0;
-    sbb         buffer, -2                 ; buffer -= (-2 + (temp[0] < 0xFF ? 1 : 0));
-    mov         byte [buffer], %%temph     ; buffer[0] = temp[1];
-    cmp         %%temph, 0xFF              ; Set CF if temp[1] < 0xFF
-    mov         byte [buffer+1], 0         ; buffer[1] = 0;
-    sbb         buffer, -2                 ; buffer -= (-2 + (temp[1] < 0xFF ? 1 : 0));
-    movd        nbits, mm_code             ; nbits (temp register) = (uint32_t)(code)
-%ifidn %%temp, nbits_base
-    movd        nbits_base, mm_save_nbits  ; restore nbits_base
-%endif
-    bswap       nbits                      ; nbits = htonl(nbits)
-    mov         byte [buffer], nbitsb      ; buffer[0] = nbits[0];
-    cmp         nbitsb, 0xFF               ; Set CF if nbits[0] < 0xFF
-    mov         byte [buffer+1], 0         ; buffer[1] = 0;
-    sbb         buffer, -2                 ; buffer -= (-2 + (nbits[0] < 0xFF ? 1 : 0));
-    mov         byte [buffer], nbitsh      ; buffer[0] = nbits[1];
-    cmp         nbitsh, 0xFF               ; Set CF if nbits[1] < 0xFF
-    mov         byte [buffer+1], 0         ; buffer[1] = 0;
-    sbb         buffer, -2                 ; buffer -= (-2 + (nbits[1] < 0xFF ? 1 : 0));
-    shr         nbits, 16                  ; nbits >>= 16;
-    mov         byte [buffer], nbitsb      ; buffer[0] = nbits[0];
-    cmp         nbitsb, 0xFF               ; Set CF if nbits[0] < 0xFF
-    mov         byte [buffer+1], 0         ; buffer[1] = 0;
-    sbb         buffer, -2                 ; buffer -= (-2 + (nbits[0] < 0xFF ? 1 : 0));
-    mov         byte [buffer], nbitsh      ; buffer[0] = nbits[1];
-    %4
-    cmp         nbitsh, 0xFF               ; Set CF if nbits[1] < 0xFF
-    mov         byte [buffer+1], 0         ; buffer[1] = 0;
-    sbb         buffer, -2                 ; buffer -= (-2 + (nbits[1] < 0xFF ? 1 : 0));
-    %5
-    %6
-    %7
-    %8
-    jmp %9                                 ; return;
-%endmacro
-
-%macro PUSH 1
-    push        %1
-%assign stack_offset  stack_offset + 4
-%endmacro
-
-%macro POP 1
-    pop         %1
-%assign stack_offset  stack_offset - 4
-%endmacro
-
-; If PIC is defined, load the address of a symbol defined in this file into a
-; register.  Equivalent to
-;   get_GOT     %1
-;   lea         %1, [GOTOFF(%1, %2)]
-; without using the GOT.
-;
-; Usage:
-; %1 - register into which to load the address of the symbol
-; %2 - symbol whose address should be loaded
-; %3 - optional multi-line macro to execute before the symbol address is loaded
-; %4 - optional multi-line macro to execute after the symbol address is loaded
-;
-; If PIC is not defined, then %3 and %4 are executed in order.
-
-%macro GET_SYM 2-4
-%ifdef PIC
-    call        %%.geteip
-%%.ref:
-    %4
-    add         %1, %2 - %%.ref
-    jmp         short %%.done
-    align       32
-%%.geteip:
-    %3          4               ; must adjust stack pointer because of call
-    mov         %1, POINTER [esp]
-    ret
-    align       32
-%%.done:
-%else
-    %3          0
-    %4
-%endif
-%endmacro
-
-;
-; Encode a single block's worth of coefficients.
-;
-; GLOBAL(JOCTET *)
-; jsimd_huff_encode_one_block_sse2(working_state *state, JOCTET *buffer,
-;                                  JCOEFPTR block, int last_dc_val,
-;                                  c_derived_tbl *dctbl, c_derived_tbl *actbl)
-;
-; Stack layout:
-; Function args
-; Return address
-; Saved ebx
-; Saved ebp
-; Saved esi
-; Saved edi <-- esp_save
-; ...
-; esp_save
-; t_ 64*2 bytes (aligned to 128 bytes)
-;
-; esp is used (as t) to point into t_ (data in lower indices is not used once
-; esp passes over them, so this is signal-safe.)  Aligning to 128 bytes allows
-; us to find the rest of the data again.
-;
-; NOTES:
-; When shuffling data, we try to avoid pinsrw as much as possible, since it is
-; slow on many CPUs.  Its reciprocal throughput (issue latency) is 1 even on
-; modern CPUs, so chains of pinsrw instructions (even with different outputs)
-; can limit performance.  pinsrw is a VectorPath instruction on AMD K8 and
-; requires 2 µops (with memory operand) on Intel.  In either case, only one
-; pinsrw instruction can be decoded per cycle (and nothing else if they are
-; back-to-back), so out-of-order execution cannot be used to work around long
-; pinsrw chains (though for Sandy Bridge and later, this may be less of a
-; problem if the code runs from the µop cache.)
-;
-; We use tzcnt instead of bsf without checking for support.  The instruction is
-; executed as bsf on CPUs that don't support tzcnt (encoding is equivalent to
-; rep bsf.)  The destination (first) operand of bsf (and tzcnt on some CPUs) is
-; an input dependency (although the behavior is not formally defined, Intel
-; CPUs usually leave the destination unmodified if the source is zero.)  This
-; can prevent out-of-order execution, so we clear the destination before
-; invoking tzcnt.
-;
-; Initial register allocation
-; eax - frame --> buffer
-; ebx - nbits_base (PIC) / emit_temp
-; ecx - dctbl --> size --> state
-; edx - block --> nbits
-; esi - code_temp --> state --> actbl
-; edi - index_temp --> free_bits
-; esp - t
-; ebp - index
-
-%define frame       eax
-%ifdef PIC
-%define nbits_base  ebx
-%endif
-%define emit_temp   ebx
-%define emit_tempb  bl
-%define emit_temph  bh
-%define dctbl       ecx
-%define block       edx
-%define code_temp   esi
-%define index_temp  edi
-%define t           esp
-%define index       ebp
-
-%assign save_frame  DCTSIZE2 * SIZEOF_WORD
-
-; Step 1: Re-arrange input data according to jpeg_natural_order
-; xx 01 02 03 04 05 06 07      xx 01 08 16 09 02 03 10
-; 08 09 10 11 12 13 14 15      17 24 32 25 18 11 04 05
-; 16 17 18 19 20 21 22 23      12 19 26 33 40 48 41 34
-; 24 25 26 27 28 29 30 31 ==>  27 20 13 06 07 14 21 28
-; 32 33 34 35 36 37 38 39      35 42 49 56 57 50 43 36
-; 40 41 42 43 44 45 46 47      29 22 15 23 30 37 44 51
-; 48 49 50 51 52 53 54 55      58 59 52 45 38 31 39 46
-; 56 57 58 59 60 61 62 63      53 60 61 54 47 55 62 63
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_huff_encode_one_block_sse2)
-
-EXTN(jsimd_huff_encode_one_block_sse2):
-
-%assign stack_offset      0
-%define arg_state         4 + stack_offset
-%define arg_buffer        8 + stack_offset
-%define arg_block        12 + stack_offset
-%define arg_last_dc_val  16 + stack_offset
-%define arg_dctbl        20 + stack_offset
-%define arg_actbl        24 + stack_offset
-
-                                                          ;X: X = code stream
-    mov         block, [esp + arg_block]
-    PUSH        ebx
-    PUSH        ebp
-    movups      xmm3, XMMWORD [block + 0 * SIZEOF_WORD]   ;D: w3 = xx 01 02 03 04 05 06 07
-    PUSH        esi
-    PUSH        edi
-    movdqa      xmm0, xmm3                                ;A: w0 = xx 01 02 03 04 05 06 07
-    mov         frame, esp
-    lea         t, [frame - (save_frame + 4)]
-    movups      xmm1, XMMWORD [block + 8 * SIZEOF_WORD]   ;B: w1 = 08 09 10 11 12 13 14 15
-    and         t, -DCTSIZE2 * SIZEOF_WORD                                             ; t = &t_[0]
-    mov         [t + save_frame], frame
-    pxor        xmm4, xmm4                                ;A: w4[i] = 0;
-    punpckldq   xmm0, xmm1                                ;A: w0 = xx 01 08 09 02 03 10 11
-    pshuflw     xmm0, xmm0, 11001001b                     ;A: w0 = 01 08 xx 09 02 03 10 11
-    pinsrw      xmm0, word [block + 16 * SIZEOF_WORD], 2  ;A: w0 = 01 08 16 09 02 03 10 11
-    punpckhdq   xmm3, xmm1                                ;D: w3 = 04 05 12 13 06 07 14 15
-    punpcklqdq  xmm1, xmm3                                ;B: w1 = 08 09 10 11 04 05 12 13
-    pinsrw      xmm0, word [block + 17 * SIZEOF_WORD], 7  ;A: w0 = 01 08 16 09 02 03 10 17
-                                                          ;A:      (Row 0, offset 1)
-    pcmpgtw     xmm4, xmm0                                ;A: w4[i] = (w0[i] < 0 ? -1 : 0);
-    paddw       xmm0, xmm4                                ;A: w0[i] += w4[i];
-    movaps      XMMWORD [t + 0 * SIZEOF_WORD], xmm0       ;A: t[i] = w0[i];
-
-    movq        xmm2, qword [block + 24 * SIZEOF_WORD]    ;B: w2 = 24 25 26 27 -- -- -- --
-    pshuflw     xmm2, xmm2, 11011000b                     ;B: w2 = 24 26 25 27 -- -- -- --
-    pslldq      xmm1, 1 * SIZEOF_WORD                     ;B: w1 = -- 08 09 10 11 04 05 12
-    movups      xmm5, XMMWORD [block + 48 * SIZEOF_WORD]  ;H: w5 = 48 49 50 51 52 53 54 55
-    movsd       xmm1, xmm2                                ;B: w1 = 24 26 25 27 11 04 05 12
-    punpcklqdq  xmm2, xmm5                                ;C: w2 = 24 26 25 27 48 49 50 51
-    pinsrw      xmm1, word [block + 32 * SIZEOF_WORD], 1  ;B: w1 = 24 32 25 27 11 04 05 12
-    pxor        xmm4, xmm4                                ;A: w4[i] = 0;
-    psrldq      xmm3, 2 * SIZEOF_WORD                     ;D: w3 = 12 13 06 07 14 15 -- --
-    pcmpeqw     xmm0, xmm4                                ;A: w0[i] = (w0[i] == 0 ? -1 : 0);
-    pinsrw      xmm1, word [block + 18 * SIZEOF_WORD], 3  ;B: w1 = 24 32 25 18 11 04 05 12
-                                                          ;        (Row 1, offset 1)
-    pcmpgtw     xmm4, xmm1                                ;B: w4[i] = (w1[i] < 0 ? -1 : 0);
-    paddw       xmm1, xmm4                                ;B: w1[i] += w4[i];
-    movaps      XMMWORD [t + 8 * SIZEOF_WORD], xmm1       ;B: t[i+8] = w1[i];
-    pxor        xmm4, xmm4                                ;B: w4[i] = 0;
-    pcmpeqw     xmm1, xmm4                                ;B: w1[i] = (w1[i] == 0 ? -1 : 0);
-
-    packsswb    xmm0, xmm1                                ;AB: b0[i] = w0[i], b0[i+8] = w1[i]
-                                                          ;    w/ signed saturation
-
-    pinsrw      xmm3, word [block + 20 * SIZEOF_WORD], 0  ;D: w3 = 20 13 06 07 14 15 -- --
-    pinsrw      xmm3, word [block + 21 * SIZEOF_WORD], 5  ;D: w3 = 20 13 06 07 14 21 -- --
-    pinsrw      xmm3, word [block + 28 * SIZEOF_WORD], 6  ;D: w3 = 20 13 06 07 14 21 28 --
-    pinsrw      xmm3, word [block + 35 * SIZEOF_WORD], 7  ;D: w3 = 20 13 06 07 14 21 28 35
-                                                          ;        (Row 3, offset 1)
-    pcmpgtw     xmm4, xmm3                                ;D: w4[i] = (w3[i] < 0 ? -1 : 0);
-    paddw       xmm3, xmm4                                ;D: w3[i] += w4[i];
-    movaps      XMMWORD [t + 24 * SIZEOF_WORD], xmm3      ;D: t[i+24] = w3[i];
-    pxor        xmm4, xmm4                                ;D: w4[i] = 0;
-    pcmpeqw     xmm3, xmm4                                ;D: w3[i] = (w3[i] == 0 ? -1 : 0);
-
-    pinsrw      xmm2, word [block + 19 * SIZEOF_WORD], 0  ;C: w2 = 19 26 25 27 48 49 50 51
-    pinsrw      xmm2, word [block + 33 * SIZEOF_WORD], 2  ;C: w2 = 19 26 33 27 48 49 50 51
-    pinsrw      xmm2, word [block + 40 * SIZEOF_WORD], 3  ;C: w2 = 19 26 33 40 48 49 50 51
-    pinsrw      xmm2, word [block + 41 * SIZEOF_WORD], 5  ;C: w2 = 19 26 33 40 48 41 50 51
-    pinsrw      xmm2, word [block + 34 * SIZEOF_WORD], 6  ;C: w2 = 19 26 33 40 48 41 34 51
-    pinsrw      xmm2, word [block + 27 * SIZEOF_WORD], 7  ;C: w2 = 19 26 33 40 48 41 34 27
-                                                          ;        (Row 2, offset 1)
-    pcmpgtw     xmm4, xmm2                                ;C: w4[i] = (w2[i] < 0 ? -1 : 0);
-    paddw       xmm2, xmm4                                ;C: w2[i] += w4[i];
-    movsx       code_temp, word [block]                   ;Z:     code_temp = block[0];
-
-; %1 - stack pointer adjustment
-%macro GET_SYM_BEFORE 1
-    movaps      XMMWORD [t + 16 * SIZEOF_WORD + %1], xmm2
-                                                          ;C: t[i+16] = w2[i];
-    pxor        xmm4, xmm4                                ;C: w4[i] = 0;
-    pcmpeqw     xmm2, xmm4                                ;C: w2[i] = (w2[i] == 0 ? -1 : 0);
-    sub         code_temp, [frame + arg_last_dc_val]      ;Z:     code_temp -= last_dc_val;
-
-    packsswb    xmm2, xmm3                                ;CD: b2[i] = w2[i], b2[i+8] = w3[i]
-                                                          ;    w/ signed saturation
-
-    movdqa      xmm3, xmm5                                ;H: w3 = 48 49 50 51 52 53 54 55
-    pmovmskb    index_temp, xmm2                          ;Z:     index_temp = 0;  index_temp |= ((b2[i] >> 7) << i);
-    pmovmskb    index, xmm0                               ;Z:     index = 0;  index |= ((b0[i] >> 7) << i);
-    movups      xmm0, XMMWORD [block + 56 * SIZEOF_WORD]  ;H: w0 = 56 57 58 59 60 61 62 63
-    punpckhdq   xmm3, xmm0                                ;H: w3 = 52 53 60 61 54 55 62 63
-    shl         index_temp, 16                            ;Z:     index_temp <<= 16;
-    psrldq      xmm3, 1 * SIZEOF_WORD                     ;H: w3 = 53 60 61 54 55 62 63 --
-    pxor        xmm2, xmm2                                ;H: w2[i] = 0;
-    pshuflw     xmm3, xmm3, 00111001b                     ;H: w3 = 60 61 54 53 55 62 63 --
-    or          index, index_temp                         ;Z:     index |= index_temp;
-%undef index_temp
-%define free_bits  edi
-%endmacro
-
-%macro GET_SYM_AFTER 0
-    movq        xmm1, qword [block + 44 * SIZEOF_WORD]    ;G: w1 = 44 45 46 47 -- -- -- --
-    unpcklps    xmm5, xmm0                                ;E: w5 = 48 49 56 57 50 51 58 59
-    pxor        xmm0, xmm0                                ;H: w0[i] = 0;
-    not         index                                     ;Z:     index = ~index;
-    pinsrw      xmm3, word [block + 47 * SIZEOF_WORD], 3  ;H: w3 = 60 61 54 47 55 62 63 --
-                                                          ;        (Row 7, offset 1)
-    pcmpgtw     xmm2, xmm3                                ;H: w2[i] = (w3[i] < 0 ? -1 : 0);
-    mov         dctbl, [frame + arg_dctbl]
-    paddw       xmm3, xmm2                                ;H: w3[i] += w2[i];
-    movaps      XMMWORD [t + 56 * SIZEOF_WORD], xmm3      ;H: t[i+56] = w3[i];
-    movq        xmm4, qword [block + 36 * SIZEOF_WORD]    ;G: w4 = 36 37 38 39 -- -- -- --
-    pcmpeqw     xmm3, xmm0                                ;H: w3[i] = (w3[i] == 0 ? -1 : 0);
-    punpckldq   xmm4, xmm1                                ;G: w4 = 36 37 44 45 38 39 46 47
-    movdqa      xmm1, xmm4                                ;F: w1 = 36 37 44 45 38 39 46 47
-    pcmpeqw     mm_all_0xff, mm_all_0xff                  ;Z:     all_0xff[i] = 0xFF;
-%endmacro
-
-    GET_SYM     nbits_base, jpeg_nbits_table, GET_SYM_BEFORE, GET_SYM_AFTER
-
-    psrldq      xmm4, 1 * SIZEOF_WORD                     ;G: w4 = 37 44 45 38 39 46 47 --
-    shufpd      xmm1, xmm5, 10b                           ;F: w1 = 36 37 44 45 50 51 58 59
-    pshufhw     xmm4, xmm4, 11010011b                     ;G: w4 = 37 44 45 38 -- 39 46 --
-    pslldq      xmm1, 1 * SIZEOF_WORD                     ;F: w1 = -- 36 37 44 45 50 51 58
-    pinsrw      xmm4, word [block + 59 * SIZEOF_WORD], 0  ;G: w4 = 59 44 45 38 -- 39 46 --
-    pshufd      xmm1, xmm1, 11011000b                     ;F: w1 = -- 36 45 50 37 44 51 58
-    cmp         code_temp, 1 << 31                        ;Z:     Set CF if code_temp < 0x80000000,
-                                                          ;Z:     i.e. if code_temp is positive
-    pinsrw      xmm4, word [block + 52 * SIZEOF_WORD], 1  ;G: w4 = 59 52 45 38 -- 39 46 --
-    movlps      xmm1, qword [block + 20 * SIZEOF_WORD]    ;F: w1 = 20 21 22 23 37 44 51 58
-    pinsrw      xmm4, word [block + 31 * SIZEOF_WORD], 4  ;G: w4 = 59 52 45 38 31 39 46 --
-    pshuflw     xmm1, xmm1, 01110010b                     ;F: w1 = 22 20 23 21 37 44 51 58
-    pinsrw      xmm4, word [block + 53 * SIZEOF_WORD], 7  ;G: w4 = 59 52 45 38 31 39 46 53
-                                                          ;        (Row 6, offset 1)
-    adc         code_temp, -1                             ;Z:     code_temp += -1 + (code_temp >= 0 ? 1 : 0);
-    pxor        xmm2, xmm2                                ;G: w2[i] = 0;
-    pcmpgtw     xmm0, xmm4                                ;G: w0[i] = (w4[i] < 0 ? -1 : 0);
-    pinsrw      xmm1, word [block + 15 * SIZEOF_WORD], 1  ;F: w1 = 22 15 23 21 37 44 51 58
-    paddw       xmm4, xmm0                                ;G: w4[i] += w0[i];
-    movaps      XMMWORD [t + 48 * SIZEOF_WORD], xmm4      ;G: t[48+i] = w4[i];
-    movd        mm_temp, code_temp                        ;Z:     temp = code_temp
-    pinsrw      xmm1, word [block + 30 * SIZEOF_WORD], 3  ;F: w1 = 22 15 23 30 37 44 51 58
-                                                          ;        (Row 5, offset 1)
-    pcmpeqw     xmm4, xmm2                                ;G: w4[i] = (w4[i] == 0 ? -1 : 0);
-
-    packsswb    xmm4, xmm3                                ;GH: b4[i] = w4[i], b4[i+8] = w3[i]
-                                                          ;    w/ signed saturation
-
-    lea         t, [t - SIZEOF_WORD]                      ;Z:     t = &t[-1]
-    pxor        xmm0, xmm0                                ;F: w0[i] = 0;
-    pcmpgtw     xmm2, xmm1                                ;F: w2[i] = (w1[i] < 0 ? -1 : 0);
-    paddw       xmm1, xmm2                                ;F: w1[i] += w2[i];
-    movaps      XMMWORD [t + (40+1) * SIZEOF_WORD], xmm1  ;F: t[40+i] = w1[i];
-    pcmpeqw     xmm1, xmm0                                ;F: w1[i] = (w1[i] == 0 ? -1 : 0);
-    pinsrw      xmm5, word [block + 42 * SIZEOF_WORD], 0  ;E: w5 = 42 49 56 57 50 51 58 59
-    pinsrw      xmm5, word [block + 43 * SIZEOF_WORD], 5  ;E: w5 = 42 49 56 57 50 43 58 59
-    pinsrw      xmm5, word [block + 36 * SIZEOF_WORD], 6  ;E: w5 = 42 49 56 57 50 43 36 59
-    pinsrw      xmm5, word [block + 29 * SIZEOF_WORD], 7  ;E: w5 = 42 49 56 57 50 43 36 29
-                                                          ;        (Row 4, offset 1)
-%undef block
-%define nbits  edx
-%define nbitsb  dl
-%define nbitsh  dh
-    movzx       nbits, byte [NBITS(code_temp)]            ;Z:     nbits = JPEG_NBITS(code_temp);
-%undef code_temp
-%define state  esi
-    pxor        xmm2, xmm2                                ;E: w2[i] = 0;
-    mov         state, [frame + arg_state]
-    movd        mm_nbits, nbits                           ;Z:     nbits --> MMX register
-    pcmpgtw     xmm0, xmm5                                ;E: w0[i] = (w5[i] < 0 ? -1 : 0);
-    movd        mm_code, dword [dctbl + c_derived_tbl.ehufco + nbits * 4]
-                                                          ;Z:     code = dctbl->ehufco[nbits];
-%define size  ecx
-%define sizeb  cl
-%define sizeh  ch
-    paddw       xmm5, xmm0                                ;E: w5[i] += w0[i];
-    movaps      XMMWORD [t + (32+1) * SIZEOF_WORD], xmm5  ;E: t[32+i] = w5[i];
-    movzx       size, byte [dctbl + c_derived_tbl.ehufsi + nbits]
-                                                          ;Z:     size = dctbl->ehufsi[nbits];
-%undef dctbl
-    pcmpeqw     xmm5, xmm2                                ;E: w5[i] = (w5[i] == 0 ? -1 : 0);
-
-    packsswb    xmm5, xmm1                                ;EF: b5[i] = w5[i], b5[i+8] = w1[i]
-                                                          ;    w/ signed saturation
-
-    movq        mm_put_buffer, [state + working_state.cur.put_buffer.simd]
-                                                          ;Z:     put_buffer = state->cur.put_buffer.simd;
-    mov         free_bits, [state + working_state.cur.free_bits]
-                                                          ;Z:     free_bits = state->cur.free_bits;
-%undef state
-%define actbl  esi
-    mov         actbl, [frame + arg_actbl]
-%define buffer  eax
-    mov         buffer, [frame + arg_buffer]
-%undef frame
-    jmp        .BEGIN
-
-; ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-    align       16
-; size <= 32, so this is not really a loop
-.BRLOOP1:                                                 ; .BRLOOP1:
-    movzx       nbits, byte [actbl + c_derived_tbl.ehufsi + 0xf0]
-                                                          ; nbits = actbl->ehufsi[0xf0];
-    movd        mm_code, dword [actbl + c_derived_tbl.ehufco + 0xf0 * 4]
-                                                          ; code = actbl->ehufco[0xf0];
-    and         index, 0x7ffffff                          ; clear index if size == 32
-    sub         size, 16                                  ; size -= 16;
-    sub         free_bits, nbits                          ; if ((free_bits -= nbits) <= 0)
-    jle         .EMIT_BRLOOP1                             ;   goto .EMIT_BRLOOP1;
-    movd        mm_nbits, nbits                           ; nbits --> MMX register
-    psllq       mm_put_buffer, mm_nbits                   ; put_buffer <<= nbits;
-    por         mm_put_buffer, mm_code                    ; put_buffer |= code;
-    jmp         .ERLOOP1                                  ; goto .ERLOOP1;
-
-; ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-    align       16
-%ifdef PIC
-    times 6     nop
-%else
-    times 2     nop
-%endif
-.BLOOP1:                                                  ; do {  /* size = # of zero bits/elements to skip */
-; if size == 32, index remains unchanged.  Correct in .BRLOOP.
-    shr         index, sizeb                              ;   index >>= size;
-    lea         t, [t + size * SIZEOF_WORD]               ;   t += size;
-    cmp         size, 16                                  ;   if (size > 16)
-    jg          .BRLOOP1                                  ;     goto .BRLOOP1;
-.ERLOOP1:                                                 ; .ERLOOP1:
-    movsx       nbits, word [t]                           ;   nbits = *t;
-%ifdef PIC
-    add         size, size                                ;   size += size;
-%else
-    lea         size, [size * 2]                          ;   size += size;
-%endif
-    movd        mm_temp, nbits                            ;   temp = nbits;
-    movzx       nbits, byte [NBITS(nbits)]                ;   nbits = JPEG_NBITS(nbits);
-    lea         size, [size * 8 + nbits]                  ;   size = size * 8 + nbits;
-    movd        mm_nbits, nbits                           ;   nbits --> MMX register
-    movd        mm_code, dword [actbl + c_derived_tbl.ehufco + (size - 16) * 4]
-                                                          ;   code = actbl->ehufco[size-16];
-    movzx       size, byte [actbl + c_derived_tbl.ehufsi + (size - 16)]
-                                                          ;   size = actbl->ehufsi[size-16];
-.BEGIN:                                                   ; .BEGIN:
-    pand        mm_temp, [MASK_BITS(nbits)]               ;   temp &= (1 << nbits) - 1;
-    psllq       mm_code, mm_nbits                         ;   code <<= nbits;
-    add         nbits, size                               ;   nbits += size;
-    por         mm_code, mm_temp                          ;   code |= temp;
-    sub         free_bits, nbits                          ;   if ((free_bits -= nbits) <= 0)
-    jle         .EMIT_ERLOOP1                             ;     insert code, flush buffer, init size, goto .BLOOP1
-    xor         size, size                                ;   size = 0;  /* kill tzcnt input dependency */
-    tzcnt       size, index                               ;   size = # of trailing 0 bits in index
-    movd        mm_nbits, nbits                           ;   nbits --> MMX register
-    psllq       mm_put_buffer, mm_nbits                   ;   put_buffer <<= nbits;
-    inc         size                                      ;   ++size;
-    por         mm_put_buffer, mm_code                    ;   put_buffer |= code;
-    test        index, index
-    jnz         .BLOOP1                                   ; } while (index != 0);
-; Round 2
-; t points to the last used word, possibly below t_ if the previous index had 32 zero bits.
-.ELOOP1:                                                  ; .ELOOP1:
-    pmovmskb    size, xmm4                                ; size = 0;  size |= ((b4[i] >> 7) << i);
-    pmovmskb    index, xmm5                               ; index = 0;  index |= ((b5[i] >> 7) << i);
-    shl         size, 16                                  ; size <<= 16;
-    or          index, size                               ; index |= size;
-    not         index                                     ; index = ~index;
-    lea         nbits, [t + (1 + DCTSIZE2) * SIZEOF_WORD]
-                                                          ; nbits = t + 1 + 64;
-    and         nbits, -DCTSIZE2 * SIZEOF_WORD            ; nbits &= -128;  /* now points to &t_[64] */
-    sub         nbits, t                                  ; nbits -= t;
-    shr         nbits, 1                                  ; nbits >>= 1;  /* # of leading 0 bits in old index + 33 */
-    tzcnt       size, index                               ; size = # of trailing 0 bits in index
-    inc         size                                      ; ++size;
-    test        index, index                              ; if (index == 0)
-    jz          .ELOOP2                                   ;   goto .ELOOP2;
-; NOTE: size == 32 cannot happen, since the last element is always 0.
-    shr         index, sizeb                              ; index >>= size;
-    lea         size, [size + nbits - 33]                 ; size = size + nbits - 33;
-    lea         t, [t + size * SIZEOF_WORD]               ; t += size;
-    cmp         size, 16                                  ; if (size <= 16)
-    jle         .ERLOOP2                                  ;   goto .ERLOOP2;
-.BRLOOP2:                                                 ; do {
-    movzx       nbits, byte [actbl + c_derived_tbl.ehufsi + 0xf0]
-                                                          ;   nbits = actbl->ehufsi[0xf0];
-    sub         size, 16                                  ;   size -= 16;
-    movd        mm_code, dword [actbl + c_derived_tbl.ehufco + 0xf0 * 4]
-                                                          ;   code = actbl->ehufco[0xf0];
-    sub         free_bits, nbits                          ;   if ((free_bits -= nbits) <= 0)
-    jle         .EMIT_BRLOOP2                             ;     insert code and flush put_buffer
-    movd        mm_nbits, nbits                           ;   else { nbits --> MMX register
-    psllq       mm_put_buffer, mm_nbits                   ;     put_buffer <<= nbits;
-    por         mm_put_buffer, mm_code                    ;     put_buffer |= code;
-    cmp         size, 16                                  ;     if (size <= 16)
-    jle        .ERLOOP2                                   ;       goto .ERLOOP2;
-    jmp        .BRLOOP2                                   ; } while (1);
-
-; ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-    align      16
-.BLOOP2:                                                  ; do {  /* size = # of zero bits/elements to skip */
-    shr         index, sizeb                              ;   index >>= size;
-    lea         t, [t + size * SIZEOF_WORD]               ;   t += size;
-    cmp         size, 16                                  ;   if (size > 16)
-    jg          .BRLOOP2                                  ;     goto .BRLOOP2;
-.ERLOOP2:                                                 ; .ERLOOP2:
-    movsx       nbits, word [t]                           ;   nbits = *t;
-    add         size, size                                ;   size += size;
-    movd        mm_temp, nbits                            ;   temp = nbits;
-    movzx       nbits, byte [NBITS(nbits)]                ;   nbits = JPEG_NBITS(nbits);
-    movd        mm_nbits, nbits                           ;   nbits --> MMX register
-    lea         size, [size * 8 + nbits]                  ;   size = size * 8 + nbits;
-    movd        mm_code, dword [actbl + c_derived_tbl.ehufco + (size - 16) * 4]
-                                                          ;   code = actbl->ehufco[size-16];
-    movzx       size, byte [actbl + c_derived_tbl.ehufsi + (size - 16)]
-                                                          ;   size = actbl->ehufsi[size-16];
-    psllq       mm_code, mm_nbits                         ;   code <<= nbits;
-    pand        mm_temp, [MASK_BITS(nbits)]               ;   temp &= (1 << nbits) - 1;
-    lea         nbits, [nbits + size]                     ;   nbits += size;
-    por         mm_code, mm_temp                          ;   code |= temp;
-    xor         size, size                                ;   size = 0;  /* kill tzcnt input dependency */
-    sub         free_bits, nbits                          ;   if ((free_bits -= nbits) <= 0)
-    jle         .EMIT_ERLOOP2                             ;     insert code, flush buffer, init size, goto .BLOOP2
-    tzcnt       size, index                               ;   size = # of trailing 0 bits in index
-    movd        mm_nbits, nbits                           ;   nbits --> MMX register
-    psllq       mm_put_buffer, mm_nbits                   ;   put_buffer <<= nbits;
-    inc         size                                      ;   ++size;
-    por         mm_put_buffer, mm_code                    ;   put_buffer |= code;
-    test        index, index
-    jnz         .BLOOP2                                   ; } while (index != 0);
-.ELOOP2:                                                  ; .ELOOP2:
-    mov         nbits, t                                  ; nbits = t;
-    lea         t, [t + SIZEOF_WORD]                      ; t = &t[1];
-    and         nbits, DCTSIZE2 * SIZEOF_WORD - 1         ; nbits &= 127;
-    and         t, -DCTSIZE2 * SIZEOF_WORD                ; t &= -128;  /* t = &t_[0]; */
-    cmp         nbits, (DCTSIZE2 - 2) * SIZEOF_WORD       ; if (nbits != 62 * 2)
-    je          .EFN                                      ; {
-    movd        mm_code, dword [actbl + c_derived_tbl.ehufco + 0]
-                                                          ;   code = actbl->ehufco[0];
-    movzx       nbits, byte [actbl + c_derived_tbl.ehufsi + 0]
-                                                          ;   nbits = actbl->ehufsi[0];
-    sub         free_bits, nbits                          ;   if ((free_bits -= nbits) <= 0)
-    jg          .EFN_SKIP_EMIT_CODE                       ;   {
-    EMIT_QWORD  size, sizeb, sizeh, , , , , , .EFN        ;     insert code, flush put_buffer
-    align       16
-.EFN_SKIP_EMIT_CODE:                                      ;   } else {
-    movd        mm_nbits, nbits                           ;     nbits --> MMX register
-    psllq       mm_put_buffer, mm_nbits                   ;     put_buffer <<= nbits;
-    por         mm_put_buffer, mm_code                    ;     put_buffer |= code;
-.EFN:                                                     ; } }
-%define frame  esp
-    mov         frame, [t + save_frame]
-%define state  ecx
-    mov         state, [frame + arg_state]
-    movq        [state + working_state.cur.put_buffer.simd], mm_put_buffer
-                                                          ; state->cur.put_buffer.simd = put_buffer;
-    emms
-    mov         [state + working_state.cur.free_bits], free_bits
-                                                          ; state->cur.free_bits = free_bits;
-    POP         edi
-    POP         esi
-    POP         ebp
-    POP         ebx
-    ret
-
-; ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-    align       16
-.EMIT_BRLOOP1:
-    EMIT_QWORD  emit_temp, emit_tempb, emit_temph, , , , , , \
-      .ERLOOP1
-
-; ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-    align       16
-.EMIT_ERLOOP1:
-    EMIT_QWORD  size, sizeb, sizeh, \
-      { xor     size, size }, \
-      { tzcnt   size, index }, \
-      { inc     size }, \
-      { test    index, index }, \
-      { jnz     .BLOOP1 }, \
-      .ELOOP1
-
-; ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-    align       16
-.EMIT_BRLOOP2:
-    EMIT_QWORD  emit_temp, emit_tempb, emit_temph, , , , \
-      { cmp     size, 16 }, \
-      { jle     .ERLOOP2 }, \
-      .BRLOOP2
-
-; ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-    align       16
-.EMIT_ERLOOP2:
-    EMIT_QWORD  size, sizeb, sizeh, \
-      { xor     size, size }, \
-      { tzcnt   size, index }, \
-      { inc     size }, \
-      { test    index, index }, \
-      { jnz     .BLOOP2 }, \
-      .ELOOP2
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcphuff-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcphuff-sse2.asm
deleted file mode 100644
index c26b48a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcphuff-sse2.asm
+++ /dev/null
@@ -1,662 +0,0 @@
-;
-; jcphuff-sse2.asm - prepare data for progressive Huffman encoding (SSE2)
-;
-; Copyright (C) 2016, 2018, Matthieu Darbois
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains an SSE2 implementation of data preparation for progressive
-; Huffman encoding.  See jcphuff.c for more details.
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-
-; --------------------------------------------------------------------------
-; Macros to load data for jsimd_encode_mcu_AC_first_prepare_sse2() and
-; jsimd_encode_mcu_AC_refine_prepare_sse2()
-
-%macro LOAD16 0
-    pxor        N0, N0
-    pxor        N1, N1
-
-    mov         T0, INT [LUT +  0*SIZEOF_INT]
-    mov         T1, INT [LUT +  8*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 0
-    pinsrw      X1, word [BLOCK + T1 * 2], 0
-
-    mov         T0, INT [LUT +  1*SIZEOF_INT]
-    mov         T1, INT [LUT +  9*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 1
-    pinsrw      X1, word [BLOCK + T1 * 2], 1
-
-    mov         T0, INT [LUT +  2*SIZEOF_INT]
-    mov         T1, INT [LUT + 10*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 2
-    pinsrw      X1, word [BLOCK + T1 * 2], 2
-
-    mov         T0, INT [LUT +  3*SIZEOF_INT]
-    mov         T1, INT [LUT + 11*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 3
-    pinsrw      X1, word [BLOCK + T1 * 2], 3
-
-    mov         T0, INT [LUT +  4*SIZEOF_INT]
-    mov         T1, INT [LUT + 12*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 4
-    pinsrw      X1, word [BLOCK + T1 * 2], 4
-
-    mov         T0, INT [LUT +  5*SIZEOF_INT]
-    mov         T1, INT [LUT + 13*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 5
-    pinsrw      X1, word [BLOCK + T1 * 2], 5
-
-    mov         T0, INT [LUT +  6*SIZEOF_INT]
-    mov         T1, INT [LUT + 14*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 6
-    pinsrw      X1, word [BLOCK + T1 * 2], 6
-
-    mov         T0, INT [LUT +  7*SIZEOF_INT]
-    mov         T1, INT [LUT + 15*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 7
-    pinsrw      X1, word [BLOCK + T1 * 2], 7
-%endmacro
-
-%macro LOAD15 0
-    pxor        N0, N0
-    pxor        N1, N1
-    pxor        X1, X1
-
-    mov         T0, INT [LUT +  0*SIZEOF_INT]
-    mov         T1, INT [LUT +  8*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 0
-    pinsrw      X1, word [BLOCK + T1 * 2], 0
-
-    mov         T0, INT [LUT +  1*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 1
-
-    mov         T0, INT [LUT +  2*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 2
-
-    mov         T0, INT [LUT +  3*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 3
-
-    mov         T0, INT [LUT +  4*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 4
-
-    mov         T0, INT [LUT +  5*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 5
-
-    mov         T0, INT [LUT +  6*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 6
-
-    mov         T0, INT [LUT +  7*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 7
-
-    cmp         LENEND, 2
-    jl          %%.ELOAD15
-    mov         T1, INT [LUT +  9*SIZEOF_INT]
-    pinsrw      X1, word [BLOCK + T1 * 2], 1
-
-    cmp         LENEND, 3
-    jl          %%.ELOAD15
-    mov         T1, INT [LUT + 10*SIZEOF_INT]
-    pinsrw      X1, word [BLOCK + T1 * 2], 2
-
-    cmp         LENEND, 4
-    jl          %%.ELOAD15
-    mov         T1, INT [LUT + 11*SIZEOF_INT]
-    pinsrw      X1, word [BLOCK + T1 * 2], 3
-
-    cmp         LENEND, 5
-    jl          %%.ELOAD15
-    mov         T1, INT [LUT + 12*SIZEOF_INT]
-    pinsrw      X1, word [BLOCK + T1 * 2], 4
-
-    cmp         LENEND, 6
-    jl          %%.ELOAD15
-    mov         T1, INT [LUT + 13*SIZEOF_INT]
-    pinsrw      X1, word [BLOCK + T1 * 2], 5
-
-    cmp         LENEND, 7
-    jl          %%.ELOAD15
-    mov         T1, INT [LUT + 14*SIZEOF_INT]
-    pinsrw      X1, word [BLOCK + T1 * 2], 6
-%%.ELOAD15:
-%endmacro
-
-%macro LOAD8 0
-    pxor        N0, N0
-
-    mov         T0, INT [LUT +  0*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 0
-
-    mov         T0, INT [LUT +  1*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 1
-
-    mov         T0, INT [LUT +  2*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 2
-
-    mov         T0, INT [LUT +  3*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 3
-
-    mov         T0, INT [LUT +  4*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 4
-
-    mov         T0, INT [LUT +  5*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 5
-
-    mov         T0, INT [LUT +  6*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 6
-
-    mov         T0, INT [LUT +  7*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 7
-%endmacro
-
-%macro LOAD7 0
-    pxor        N0, N0
-    pxor        X0, X0
-
-    mov         T1, INT [LUT +  0*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T1 * 2], 0
-
-    cmp         LENEND, 2
-    jl          %%.ELOAD7
-    mov         T1, INT [LUT +  1*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T1 * 2], 1
-
-    cmp         LENEND, 3
-    jl          %%.ELOAD7
-    mov         T1, INT [LUT +  2*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T1 * 2], 2
-
-    cmp         LENEND, 4
-    jl          %%.ELOAD7
-    mov         T1, INT [LUT +  3*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T1 * 2], 3
-
-    cmp         LENEND, 5
-    jl          %%.ELOAD7
-    mov         T1, INT [LUT +  4*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T1 * 2], 4
-
-    cmp         LENEND, 6
-    jl          %%.ELOAD7
-    mov         T1, INT [LUT +  5*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T1 * 2], 5
-
-    cmp         LENEND, 7
-    jl          %%.ELOAD7
-    mov         T1, INT [LUT +  6*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T1 * 2], 6
-%%.ELOAD7:
-%endmacro
-
-%macro REDUCE0 0
-    movdqa      xmm0, XMMWORD [VALUES + ( 0*2)]
-    movdqa      xmm1, XMMWORD [VALUES + ( 8*2)]
-    movdqa      xmm2, XMMWORD [VALUES + (16*2)]
-    movdqa      xmm3, XMMWORD [VALUES + (24*2)]
-    movdqa      xmm4, XMMWORD [VALUES + (32*2)]
-    movdqa      xmm5, XMMWORD [VALUES + (40*2)]
-    movdqa      xmm6, XMMWORD [VALUES + (48*2)]
-
-    pcmpeqw     xmm0, ZERO
-    pcmpeqw     xmm1, ZERO
-    pcmpeqw     xmm2, ZERO
-    pcmpeqw     xmm3, ZERO
-    pcmpeqw     xmm4, ZERO
-    pcmpeqw     xmm5, ZERO
-    pcmpeqw     xmm6, ZERO
-    pcmpeqw     xmm7, XMMWORD [VALUES + (56*2)]
-
-    packsswb    xmm0, xmm1
-    packsswb    xmm2, xmm3
-    packsswb    xmm4, xmm5
-    packsswb    xmm6, xmm7
-
-    pmovmskb    eax, xmm0
-    pmovmskb    ecx, xmm2
-    pmovmskb    edx, xmm4
-    pmovmskb    esi, xmm6
-
-    shl         ecx, 16
-    shl         esi, 16
-
-    or          eax, ecx
-    or          edx, esi
-
-    not         eax
-    not         edx
-
-    mov         edi, ZEROBITS
-
-    mov         INT [edi], eax
-    mov         INT [edi+SIZEOF_INT], edx
-%endmacro
-
-;
-; Prepare data for jsimd_encode_mcu_AC_first().
-;
-; GLOBAL(void)
-; jsimd_encode_mcu_AC_first_prepare_sse2(const JCOEF *block,
-;                                        const int *jpeg_natural_order_start,
-;                                        int Sl, int Al, JCOEF *values,
-;                                        size_t *zerobits)
-;
-; eax + 8 = const JCOEF *block
-; eax + 12 = const int *jpeg_natural_order_start
-; eax + 16 = int Sl
-; eax + 20 = int Al
-; eax + 24 = JCOEF *values
-; eax + 28 = size_t *zerobits
-
-%define ZERO    xmm7
-%define X0      xmm0
-%define X1      xmm1
-%define N0      xmm2
-%define N1      xmm3
-%define AL      xmm4
-%define K       eax
-%define LENEND  eax
-%define LUT     ebx
-%define T0      ecx
-%define T1      edx
-%define BLOCK   esi
-%define VALUES  edi
-%define LEN     ebp
-
-%define ZEROBITS  INT [esp + 5 * 4]
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_encode_mcu_AC_first_prepare_sse2)
-
-EXTN(jsimd_encode_mcu_AC_first_prepare_sse2):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    sub         esp, 4
-    push        ebx
-    push        ecx
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-    push        ebp
-
-    mov         BLOCK, INT [eax + 8]
-    mov         LUT, INT [eax + 12]
-    mov         VALUES, INT [eax + 24]
-    movd        AL, INT [eax + 20]
-    mov         T0, INT [eax + 28]
-    mov         ZEROBITS, T0
-    mov         LEN, INT [eax + 16]
-    pxor        ZERO, ZERO
-    mov         K, LEN
-    and         K, -16
-    shr         K, 4
-    jz          .ELOOP16
-.BLOOP16:
-    LOAD16
-    pcmpgtw     N0, X0
-    pcmpgtw     N1, X1
-    paddw       X0, N0
-    paddw       X1, N1
-    pxor        X0, N0
-    pxor        X1, N1
-    psrlw       X0, AL
-    psrlw       X1, AL
-    pxor        N0, X0
-    pxor        N1, X1
-    movdqa      XMMWORD [VALUES + (0) * 2], X0
-    movdqa      XMMWORD [VALUES + (8) * 2], X1
-    movdqa      XMMWORD [VALUES + (0 + DCTSIZE2) * 2], N0
-    movdqa      XMMWORD [VALUES + (8 + DCTSIZE2) * 2], N1
-    add         VALUES, 16*2
-    add         LUT, 16*SIZEOF_INT
-    dec         K
-    jnz         .BLOOP16
-    test        LEN, 15
-    je          .PADDING
-.ELOOP16:
-    mov         LENEND, LEN
-    and         LENEND, 7
-
-    test        LEN, 8
-    jz          .TRY7
-    test        LEN, 7
-    jz          .TRY8
-
-    LOAD15
-    pcmpgtw     N0, X0
-    pcmpgtw     N1, X1
-    paddw       X0, N0
-    paddw       X1, N1
-    pxor        X0, N0
-    pxor        X1, N1
-    psrlw       X0, AL
-    psrlw       X1, AL
-    pxor        N0, X0
-    pxor        N1, X1
-    movdqa      XMMWORD [VALUES + (0) * 2], X0
-    movdqa      XMMWORD [VALUES + (8) * 2], X1
-    movdqa      XMMWORD [VALUES + (0 + DCTSIZE2) * 2], N0
-    movdqa      XMMWORD [VALUES + (8 + DCTSIZE2) * 2], N1
-    add         VALUES, 16*2
-    jmp         .PADDING
-.TRY8:
-    LOAD8
-    pcmpgtw     N0, X0
-    paddw       X0, N0
-    pxor        X0, N0
-    psrlw       X0, AL
-    pxor        N0, X0
-    movdqa      XMMWORD [VALUES + (0) * 2], X0
-    movdqa      XMMWORD [VALUES + (0 + DCTSIZE2) * 2], N0
-    add         VALUES, 8*2
-    jmp         .PADDING
-.TRY7:
-    LOAD7
-    pcmpgtw     N0, X0
-    paddw       X0, N0
-    pxor        X0, N0
-    psrlw       X0, AL
-    pxor        N0, X0
-    movdqa      XMMWORD [VALUES + (0) * 2], X0
-    movdqa      XMMWORD [VALUES + (0 + DCTSIZE2) * 2], N0
-    add         VALUES, 8*2
-.PADDING:
-    mov         K, LEN
-    add         K, 7
-    and         K, -8
-    shr         K, 3
-    sub         K, DCTSIZE2/8
-    jz          .EPADDING
-    align       16
-.ZEROLOOP:
-    movdqa      XMMWORD [VALUES + 0], ZERO
-    add         VALUES, 8*2
-    inc         K
-    jnz         .ZEROLOOP
-.EPADDING:
-    sub         VALUES, DCTSIZE2*2
-
-    REDUCE0
-
-    pop         ebp
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-    pop         ecx
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-%undef ZERO
-%undef X0
-%undef X1
-%undef N0
-%undef N1
-%undef AL
-%undef K
-%undef LUT
-%undef T0
-%undef T1
-%undef BLOCK
-%undef VALUES
-%undef LEN
-
-;
-; Prepare data for jsimd_encode_mcu_AC_refine().
-;
-; GLOBAL(int)
-; jsimd_encode_mcu_AC_refine_prepare_sse2(const JCOEF *block,
-;                                         const int *jpeg_natural_order_start,
-;                                         int Sl, int Al, JCOEF *absvalues,
-;                                         size_t *bits)
-;
-; eax + 8 = const JCOEF *block
-; eax + 12 = const int *jpeg_natural_order_start
-; eax + 16 = int Sl
-; eax + 20 = int Al
-; eax + 24 = JCOEF *values
-; eax + 28 = size_t *bits
-
-%define ZERO    xmm7
-%define ONE     xmm5
-%define X0      xmm0
-%define X1      xmm1
-%define N0      xmm2
-%define N1      xmm3
-%define AL      xmm4
-%define K       eax
-%define LENEND  eax
-%define LUT     ebx
-%define T0      ecx
-%define T0w      cx
-%define T1      edx
-%define BLOCK   esi
-%define VALUES  edi
-%define KK      ebp
-
-%define ZEROBITS  INT [esp + 5 * 4]
-%define EOB       INT [esp + 5 * 4 + 4]
-%define LEN       INT [esp + 5 * 4 + 8]
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_encode_mcu_AC_refine_prepare_sse2)
-
-EXTN(jsimd_encode_mcu_AC_refine_prepare_sse2):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    sub         esp, 16
-    push        ebx
-    push        ecx
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-    push        ebp
-
-    pcmpeqw     ONE, ONE
-    psrlw       ONE, 15
-    mov         BLOCK, INT [eax + 8]
-    mov         LUT, INT [eax + 12]
-    mov         VALUES, INT [eax + 24]
-    movd        AL, INT [eax + 20]
-    mov         T0, INT [eax + 28]
-    mov         K,  INT [eax + 16]
-    mov         INT [T0 + 2 * SIZEOF_INT], -1
-    mov         INT [T0 + 3 * SIZEOF_INT], -1
-    mov         ZEROBITS, T0
-    mov         LEN, K
-    pxor        ZERO, ZERO
-    and         K, -16
-    mov         EOB, 0
-    xor         KK, KK
-    shr         K, 4
-    jz          .ELOOPR16
-.BLOOPR16:
-    LOAD16
-    pcmpgtw     N0, X0
-    pcmpgtw     N1, X1
-    paddw       X0, N0
-    paddw       X1, N1
-    pxor        X0, N0
-    pxor        X1, N1
-    psrlw       X0, AL
-    psrlw       X1, AL
-    movdqa      XMMWORD [VALUES + (0) * 2], X0
-    movdqa      XMMWORD [VALUES + (8) * 2], X1
-    pcmpeqw     X0, ONE
-    pcmpeqw     X1, ONE
-    packsswb    N0, N1
-    packsswb    X0, X1
-    pmovmskb    T0, N0                  ; lsignbits.val16u[k>>4] = _mm_movemask_epi8(neg);
-    mov         T1, ZEROBITS
-    not         T0
-    mov         word [T1 + 2 * SIZEOF_INT + KK], T0w
-    pmovmskb    T1, X0                  ; idx = _mm_movemask_epi8(x1);
-    bsr         T1, T1                  ;  idx = 16 - (__builtin_clz(idx)>>1);
-    jz          .CONTINUER16            ; if (idx) {
-    lea         T1, [T1+KK*8]
-    mov         EOB, T1                 ; EOB = k + idx;
-.CONTINUER16:
-    add         VALUES, 16*2
-    add         LUT, 16*SIZEOF_INT
-    add         KK, 2
-    dec         K
-    jnz         .BLOOPR16
-    test        LEN, 15
-    je          .PADDINGR
-.ELOOPR16:
-    mov         LENEND, LEN
-
-    test        LENEND, 8
-    jz          .TRYR7
-    test        LENEND, 7
-    jz          .TRYR8
-
-    and         LENEND, 7
-    LOAD15
-    pcmpgtw     N0, X0
-    pcmpgtw     N1, X1
-    paddw       X0, N0
-    paddw       X1, N1
-    pxor        X0, N0
-    pxor        X1, N1
-    psrlw       X0, AL
-    psrlw       X1, AL
-    movdqa      XMMWORD [VALUES + (0) * 2], X0
-    movdqa      XMMWORD [VALUES + (8) * 2], X1
-    pcmpeqw     X0, ONE
-    pcmpeqw     X1, ONE
-    packsswb    N0, N1
-    packsswb    X0, X1
-    pmovmskb    T0, N0                  ; lsignbits.val16u[k>>4] = _mm_movemask_epi8(neg);
-    mov         T1, ZEROBITS
-    not         T0
-    mov         word [T1 + 2 * SIZEOF_INT + KK], T0w
-    pmovmskb    T1, X0                  ; idx = _mm_movemask_epi8(x1);
-    bsr         T1, T1                  ;  idx = 16 - (__builtin_clz(idx)>>1);
-    jz          .CONTINUER15            ; if (idx) {
-    lea         T1, [T1+KK*8]
-    mov         EOB, T1                 ; EOB = k + idx;
-.CONTINUER15:
-    add         VALUES, 16*2
-    jmp         .PADDINGR
-.TRYR8:
-    LOAD8
-
-    pcmpgtw     N0, X0
-    paddw       X0, N0
-    pxor        X0, N0
-    psrlw       X0, AL
-    movdqa      XMMWORD [VALUES + (0) * 2], X0
-    pcmpeqw     X0, ONE
-    packsswb    N0, ZERO
-    packsswb    X0, ZERO
-    pmovmskb    T0, N0                  ; lsignbits.val16u[k>>4] = _mm_movemask_epi8(neg);
-    mov         T1, ZEROBITS
-    not         T0
-    mov         word [T1 + 2 * SIZEOF_INT + KK], T0w
-    pmovmskb    T1, X0                  ; idx = _mm_movemask_epi8(x1);
-    bsr         T1, T1                  ;  idx = 16 - (__builtin_clz(idx)>>1);
-    jz          .CONTINUER8             ; if (idx) {
-    lea         T1, [T1+KK*8]
-    mov         EOB, T1                 ; EOB = k + idx;
-.CONTINUER8:
-    add         VALUES, 8*2
-    jmp         .PADDINGR
-.TRYR7:
-    and         LENEND, 7
-    LOAD7
-
-    pcmpgtw     N0, X0
-    paddw       X0, N0
-    pxor        X0, N0
-    psrlw       X0, AL
-    movdqa      XMMWORD [VALUES + (0) * 2], X0
-    pcmpeqw     X0, ONE
-    packsswb    N0, ZERO
-    packsswb    X0, ZERO
-    pmovmskb    T0, N0                  ; lsignbits.val16u[k>>4] = _mm_movemask_epi8(neg);
-    mov         T1, ZEROBITS
-    not         T0
-    mov         word [T1 + 2 * SIZEOF_INT + KK], T0w
-    pmovmskb    T1, X0                  ; idx = _mm_movemask_epi8(x1);
-    bsr         T1, T1                  ;  idx = 16 - (__builtin_clz(idx)>>1);
-    jz          .CONTINUER7             ; if (idx) {
-    lea         T1, [T1+KK*8]
-    mov         EOB, T1                 ; EOB = k + idx;
-.CONTINUER7:
-    add         VALUES, 8*2
-.PADDINGR:
-    mov         K, LEN
-    add         K, 7
-    and         K, -8
-    shr         K, 3
-    sub         K, DCTSIZE2/8
-    jz          .EPADDINGR
-    align       16
-.ZEROLOOPR:
-    movdqa      XMMWORD [VALUES + 0], ZERO
-    add         VALUES, 8*2
-    inc         K
-    jnz         .ZEROLOOPR
-.EPADDINGR:
-    sub         VALUES, DCTSIZE2*2
-
-    REDUCE0
-
-    mov         eax, EOB
-
-    pop         ebp
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-    pop         ecx
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-%undef ZERO
-%undef ONE
-%undef X0
-%undef X1
-%undef N0
-%undef N1
-%undef AL
-%undef K
-%undef KK
-%undef EOB
-%undef SIGN
-%undef LUT
-%undef T0
-%undef T1
-%undef BLOCK
-%undef VALUES
-%undef LEN
-%undef LENEND
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcsample-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcsample-avx2.asm
deleted file mode 100644
index 0a20802..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcsample-avx2.asm
+++ /dev/null
@@ -1,388 +0,0 @@
-;
-; jcsample.asm - downsampling (AVX2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2015, Intel Corporation.
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Downsample pixel values of a single component.
-; This version handles the common case of 2:1 horizontal and 1:1 vertical,
-; without smoothing.
-;
-; GLOBAL(void)
-; jsimd_h2v1_downsample_avx2(JDIMENSION image_width, int max_v_samp_factor,
-;                            JDIMENSION v_samp_factor,
-;                            JDIMENSION width_in_blocks, JSAMPARRAY input_data,
-;                            JSAMPARRAY output_data);
-;
-
-%define img_width(b)    (b) + 8         ; JDIMENSION image_width
-%define max_v_samp(b)   (b) + 12        ; int max_v_samp_factor
-%define v_samp(b)       (b) + 16        ; JDIMENSION v_samp_factor
-%define width_blks(b)   (b) + 20        ; JDIMENSION width_in_blocks
-%define input_data(b)   (b) + 24        ; JSAMPARRAY input_data
-%define output_data(b)  (b) + 28        ; JSAMPARRAY output_data
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v1_downsample_avx2)
-
-EXTN(jsimd_h2v1_downsample_avx2):
-    push        ebp
-    mov         ebp, esp
-;   push        ebx                     ; unused
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         ecx, JDIMENSION [width_blks(ebp)]
-    shl         ecx, 3                  ; imul ecx,DCTSIZE (ecx = output_cols)
-    jz          near .return
-
-    mov         edx, JDIMENSION [img_width(ebp)]
-
-    ; -- expand_right_edge
-
-    push        ecx
-    shl         ecx, 1                  ; output_cols * 2
-    sub         ecx, edx
-    jle         short .expand_end
-
-    mov         eax, INT [max_v_samp(ebp)]
-    test        eax, eax
-    jle         short .expand_end
-
-    cld
-    mov         esi, JSAMPARRAY [input_data(ebp)]  ; input_data
-    alignx      16, 7
-.expandloop:
-    push        eax
-    push        ecx
-
-    mov         edi, JSAMPROW [esi]
-    add         edi, edx
-    mov         al, JSAMPLE [edi-1]
-
-    rep stosb
-
-    pop         ecx
-    pop         eax
-
-    add         esi, byte SIZEOF_JSAMPROW
-    dec         eax
-    jg          short .expandloop
-
-.expand_end:
-    pop         ecx                     ; output_cols
-
-    ; -- h2v1_downsample
-
-    mov         eax, JDIMENSION [v_samp(ebp)]  ; rowctr
-    test        eax, eax
-    jle         near .return
-
-    mov         edx, 0x00010000         ; bias pattern
-    vmovd       xmm7, edx
-    vpshufd     xmm7, xmm7, 0x00        ; xmm7={0, 1, 0, 1, 0, 1, 0, 1}
-    vperm2i128  ymm7, ymm7, ymm7, 0     ; ymm7={xmm7, xmm7}
-    vpcmpeqw    ymm6, ymm6, ymm6
-    vpsrlw      ymm6, ymm6, BYTE_BIT    ; ymm6={0xFF 0x00 0xFF 0x00 ..}
-
-    mov         esi, JSAMPARRAY [input_data(ebp)]   ; input_data
-    mov         edi, JSAMPARRAY [output_data(ebp)]  ; output_data
-    alignx      16, 7
-.rowloop:
-    push        ecx
-    push        edi
-    push        esi
-
-    mov         esi, JSAMPROW [esi]     ; inptr
-    mov         edi, JSAMPROW [edi]     ; outptr
-
-    cmp         ecx, byte SIZEOF_YMMWORD
-    jae         short .columnloop
-    alignx      16, 7
-
-.columnloop_r24:
-    ; ecx can possibly be 8, 16, 24
-    cmp         ecx, 24
-    jne         .columnloop_r16
-    vmovdqu     ymm0, YMMWORD [esi+0*SIZEOF_YMMWORD]
-    vmovdqu     xmm1, XMMWORD [esi+1*SIZEOF_YMMWORD]
-    mov         ecx, SIZEOF_YMMWORD
-    jmp         short .downsample
-
-.columnloop_r16:
-    cmp         ecx, 16
-    jne         .columnloop_r8
-    vmovdqu     ymm0, YMMWORD [esi+0*SIZEOF_YMMWORD]
-    vpxor       ymm1, ymm1, ymm1
-    mov         ecx, SIZEOF_YMMWORD
-    jmp         short .downsample
-
-.columnloop_r8:
-    vmovdqu     xmm0, XMMWORD[esi+0*SIZEOF_YMMWORD]
-    vpxor       ymm1, ymm1, ymm1
-    mov         ecx, SIZEOF_YMMWORD
-    jmp         short .downsample
-    alignx      16, 7
-
-.columnloop:
-    vmovdqu     ymm0, YMMWORD [esi+0*SIZEOF_YMMWORD]
-    vmovdqu     ymm1, YMMWORD [esi+1*SIZEOF_YMMWORD]
-
-.downsample:
-    vpsrlw      ymm2, ymm0, BYTE_BIT
-    vpand       ymm0, ymm0, ymm6
-    vpsrlw      ymm3, ymm1, BYTE_BIT
-    vpand       ymm1, ymm1, ymm6
-
-    vpaddw      ymm0, ymm0, ymm2
-    vpaddw      ymm1, ymm1, ymm3
-    vpaddw      ymm0, ymm0, ymm7
-    vpaddw      ymm1, ymm1, ymm7
-    vpsrlw      ymm0, ymm0, 1
-    vpsrlw      ymm1, ymm1, 1
-
-    vpackuswb   ymm0, ymm0, ymm1
-    vpermq      ymm0, ymm0, 0xd8
-
-    vmovdqu     YMMWORD [edi+0*SIZEOF_YMMWORD], ymm0
-
-    sub         ecx, byte SIZEOF_YMMWORD    ; outcol
-    add         esi, byte 2*SIZEOF_YMMWORD  ; inptr
-    add         edi, byte 1*SIZEOF_YMMWORD  ; outptr
-    cmp         ecx, byte SIZEOF_YMMWORD
-    jae         short .columnloop
-    test        ecx, ecx
-    jnz         near .columnloop_r24
-
-    pop         esi
-    pop         edi
-    pop         ecx
-
-    add         esi, byte SIZEOF_JSAMPROW  ; input_data
-    add         edi, byte SIZEOF_JSAMPROW  ; output_data
-    dec         eax                        ; rowctr
-    jg          near .rowloop
-
-.return:
-    vzeroupper
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-;   pop         ebx                     ; unused
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Downsample pixel values of a single component.
-; This version handles the standard case of 2:1 horizontal and 2:1 vertical,
-; without smoothing.
-;
-; GLOBAL(void)
-; jsimd_h2v2_downsample_avx2(JDIMENSION image_width, int max_v_samp_factor,
-;                            JDIMENSION v_samp_factor,
-;                            JDIMENSION width_in_blocks, JSAMPARRAY input_data,
-;                            JSAMPARRAY output_data);
-;
-
-%define img_width(b)    (b) + 8         ; JDIMENSION image_width
-%define max_v_samp(b)   (b) + 12        ; int max_v_samp_factor
-%define v_samp(b)       (b) + 16        ; JDIMENSION v_samp_factor
-%define width_blks(b)   (b) + 20        ; JDIMENSION width_in_blocks
-%define input_data(b)   (b) + 24        ; JSAMPARRAY input_data
-%define output_data(b)  (b) + 28        ; JSAMPARRAY output_data
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v2_downsample_avx2)
-
-EXTN(jsimd_h2v2_downsample_avx2):
-    push        ebp
-    mov         ebp, esp
-;   push        ebx                     ; unused
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         ecx, JDIMENSION [width_blks(ebp)]
-    shl         ecx, 3                  ; imul ecx,DCTSIZE (ecx = output_cols)
-    jz          near .return
-
-    mov         edx, JDIMENSION [img_width(ebp)]
-
-    ; -- expand_right_edge
-
-    push        ecx
-    shl         ecx, 1                  ; output_cols * 2
-    sub         ecx, edx
-    jle         short .expand_end
-
-    mov         eax, INT [max_v_samp(ebp)]
-    test        eax, eax
-    jle         short .expand_end
-
-    cld
-    mov         esi, JSAMPARRAY [input_data(ebp)]  ; input_data
-    alignx      16, 7
-.expandloop:
-    push        eax
-    push        ecx
-
-    mov         edi, JSAMPROW [esi]
-    add         edi, edx
-    mov         al, JSAMPLE [edi-1]
-
-    rep stosb
-
-    pop         ecx
-    pop         eax
-
-    add         esi, byte SIZEOF_JSAMPROW
-    dec         eax
-    jg          short .expandloop
-
-.expand_end:
-    pop         ecx                     ; output_cols
-
-    ; -- h2v2_downsample
-
-    mov         eax, JDIMENSION [v_samp(ebp)]  ; rowctr
-    test        eax, eax
-    jle         near .return
-
-    mov         edx, 0x00020001         ; bias pattern
-    vmovd       xmm7, edx
-    vpcmpeqw    ymm6, ymm6, ymm6
-    vpshufd     xmm7, xmm7, 0x00        ; ymm7={1, 2, 1, 2, 1, 2, 1, 2}
-    vperm2i128  ymm7, ymm7, ymm7, 0
-    vpsrlw      ymm6, ymm6, BYTE_BIT    ; ymm6={0xFF 0x00 0xFF 0x00 ..}
-
-    mov         esi, JSAMPARRAY [input_data(ebp)]   ; input_data
-    mov         edi, JSAMPARRAY [output_data(ebp)]  ; output_data
-    alignx      16, 7
-.rowloop:
-    push        ecx
-    push        edi
-    push        esi
-
-    mov         edx, JSAMPROW [esi+0*SIZEOF_JSAMPROW]  ; inptr0
-    mov         esi, JSAMPROW [esi+1*SIZEOF_JSAMPROW]  ; inptr1
-    mov         edi, JSAMPROW [edi]                    ; outptr
-
-    cmp         ecx, byte SIZEOF_YMMWORD
-    jae         short .columnloop
-    alignx      16, 7
-
-.columnloop_r24:
-    cmp         ecx, 24
-    jne         .columnloop_r16
-    vmovdqu     ymm0, YMMWORD [edx+0*SIZEOF_YMMWORD]
-    vmovdqu     ymm1, YMMWORD [esi+0*SIZEOF_YMMWORD]
-    vmovdqu     xmm2, XMMWORD [edx+1*SIZEOF_YMMWORD]
-    vmovdqu     xmm3, XMMWORD [esi+1*SIZEOF_YMMWORD]
-    mov         ecx, SIZEOF_YMMWORD
-    jmp         short .downsample
-
-.columnloop_r16:
-    cmp         ecx, 16
-    jne         .columnloop_r8
-    vmovdqu     ymm0, YMMWORD [edx+0*SIZEOF_YMMWORD]
-    vmovdqu     ymm1, YMMWORD [esi+0*SIZEOF_YMMWORD]
-    vpxor       ymm2, ymm2, ymm2
-    vpxor       ymm3, ymm3, ymm3
-    mov         ecx, SIZEOF_YMMWORD
-    jmp         short .downsample
-
-.columnloop_r8:
-    vmovdqu     xmm0, XMMWORD [edx+0*SIZEOF_XMMWORD]
-    vmovdqu     xmm1, XMMWORD [esi+0*SIZEOF_XMMWORD]
-    vpxor       ymm2, ymm2, ymm2
-    vpxor       ymm3, ymm3, ymm3
-    mov         ecx, SIZEOF_YMMWORD
-    jmp         short .downsample
-    alignx      16, 7
-
-.columnloop:
-    vmovdqu     ymm0, YMMWORD [edx+0*SIZEOF_YMMWORD]
-    vmovdqu     ymm1, YMMWORD [esi+0*SIZEOF_YMMWORD]
-    vmovdqu     ymm2, YMMWORD [edx+1*SIZEOF_YMMWORD]
-    vmovdqu     ymm3, YMMWORD [esi+1*SIZEOF_YMMWORD]
-
-.downsample:
-    vpand       ymm4, ymm0, ymm6
-    vpsrlw      ymm0, ymm0, BYTE_BIT
-    vpand       ymm5, ymm1, ymm6
-    vpsrlw      ymm1, ymm1, BYTE_BIT
-    vpaddw      ymm0, ymm0, ymm4
-    vpaddw      ymm1, ymm1, ymm5
-
-    vpand       ymm4, ymm2, ymm6
-    vpsrlw      ymm2, ymm2, BYTE_BIT
-    vpand       ymm5, ymm3, ymm6
-    vpsrlw      ymm3, ymm3, BYTE_BIT
-    vpaddw      ymm2, ymm2, ymm4
-    vpaddw      ymm3, ymm3, ymm5
-
-    vpaddw      ymm0, ymm0, ymm1
-    vpaddw      ymm2, ymm2, ymm3
-    vpaddw      ymm0, ymm0, ymm7
-    vpaddw      ymm2, ymm2, ymm7
-    vpsrlw      ymm0, ymm0, 2
-    vpsrlw      ymm2, ymm2, 2
-
-    vpackuswb   ymm0, ymm0, ymm2
-    vpermq      ymm0, ymm0, 0xd8
-
-    vmovdqu     YMMWORD [edi+0*SIZEOF_YMMWORD], ymm0
-
-    sub         ecx, byte SIZEOF_YMMWORD    ; outcol
-    add         edx, byte 2*SIZEOF_YMMWORD  ; inptr0
-    add         esi, byte 2*SIZEOF_YMMWORD  ; inptr1
-    add         edi, byte 1*SIZEOF_YMMWORD  ; outptr
-    cmp         ecx, byte SIZEOF_YMMWORD
-    jae         near .columnloop
-    test        ecx, ecx
-    jnz         near .columnloop_r24
-
-    pop         esi
-    pop         edi
-    pop         ecx
-
-    add         esi, byte 2*SIZEOF_JSAMPROW  ; input_data
-    add         edi, byte 1*SIZEOF_JSAMPROW  ; output_data
-    dec         eax                          ; rowctr
-    jg          near .rowloop
-
-.return:
-    vzeroupper
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-;   pop         ebx                     ; unused
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcsample-mmx.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcsample-mmx.asm
deleted file mode 100644
index 2c223ee..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcsample-mmx.asm
+++ /dev/null
@@ -1,324 +0,0 @@
-;
-; jcsample.asm - downsampling (MMX)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Downsample pixel values of a single component.
-; This version handles the common case of 2:1 horizontal and 1:1 vertical,
-; without smoothing.
-;
-; GLOBAL(void)
-; jsimd_h2v1_downsample_mmx(JDIMENSION image_width, int max_v_samp_factor,
-;                           JDIMENSION v_samp_factor,
-;                           JDIMENSION width_in_blocks, JSAMPARRAY input_data,
-;                           JSAMPARRAY output_data);
-;
-
-%define img_width(b)    (b) + 8         ; JDIMENSION image_width
-%define max_v_samp(b)   (b) + 12        ; int max_v_samp_factor
-%define v_samp(b)       (b) + 16        ; JDIMENSION v_samp_factor
-%define width_blks(b)   (b) + 20        ; JDIMENSION width_in_blocks
-%define input_data(b)   (b) + 24        ; JSAMPARRAY input_data
-%define output_data(b)  (b) + 28        ; JSAMPARRAY output_data
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v1_downsample_mmx)
-
-EXTN(jsimd_h2v1_downsample_mmx):
-    push        ebp
-    mov         ebp, esp
-;   push        ebx                     ; unused
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         ecx, JDIMENSION [width_blks(ebp)]
-    shl         ecx, 3                  ; imul ecx,DCTSIZE (ecx = output_cols)
-    jz          near .return
-
-    mov         edx, JDIMENSION [img_width(ebp)]
-
-    ; -- expand_right_edge
-
-    push        ecx
-    shl         ecx, 1                  ; output_cols * 2
-    sub         ecx, edx
-    jle         short .expand_end
-
-    mov         eax, INT [max_v_samp(ebp)]
-    test        eax, eax
-    jle         short .expand_end
-
-    cld
-    mov         esi, JSAMPARRAY [input_data(ebp)]  ; input_data
-    alignx      16, 7
-.expandloop:
-    push        eax
-    push        ecx
-
-    mov         edi, JSAMPROW [esi]
-    add         edi, edx
-    mov         al, JSAMPLE [edi-1]
-
-    rep stosb
-
-    pop         ecx
-    pop         eax
-
-    add         esi, byte SIZEOF_JSAMPROW
-    dec         eax
-    jg          short .expandloop
-
-.expand_end:
-    pop         ecx                     ; output_cols
-
-    ; -- h2v1_downsample
-
-    mov         eax, JDIMENSION [v_samp(ebp)]  ; rowctr
-    test        eax, eax
-    jle         near .return
-
-    mov         edx, 0x00010000         ; bias pattern
-    movd        mm7, edx
-    pcmpeqw     mm6, mm6
-    punpckldq   mm7, mm7                ; mm7={0, 1, 0, 1}
-    psrlw       mm6, BYTE_BIT           ; mm6={0xFF 0x00 0xFF 0x00 ..}
-
-    mov         esi, JSAMPARRAY [input_data(ebp)]   ; input_data
-    mov         edi, JSAMPARRAY [output_data(ebp)]  ; output_data
-    alignx      16, 7
-.rowloop:
-    push        ecx
-    push        edi
-    push        esi
-
-    mov         esi, JSAMPROW [esi]     ; inptr
-    mov         edi, JSAMPROW [edi]     ; outptr
-    alignx      16, 7
-.columnloop:
-
-    movq        mm0, MMWORD [esi+0*SIZEOF_MMWORD]
-    movq        mm1, MMWORD [esi+1*SIZEOF_MMWORD]
-    movq        mm2, mm0
-    movq        mm3, mm1
-
-    pand        mm0, mm6
-    psrlw       mm2, BYTE_BIT
-    pand        mm1, mm6
-    psrlw       mm3, BYTE_BIT
-
-    paddw       mm0, mm2
-    paddw       mm1, mm3
-    paddw       mm0, mm7
-    paddw       mm1, mm7
-    psrlw       mm0, 1
-    psrlw       mm1, 1
-
-    packuswb    mm0, mm1
-
-    movq        MMWORD [edi+0*SIZEOF_MMWORD], mm0
-
-    add         esi, byte 2*SIZEOF_MMWORD  ; inptr
-    add         edi, byte 1*SIZEOF_MMWORD  ; outptr
-    sub         ecx, byte SIZEOF_MMWORD    ; outcol
-    jnz         short .columnloop
-
-    pop         esi
-    pop         edi
-    pop         ecx
-
-    add         esi, byte SIZEOF_JSAMPROW  ; input_data
-    add         edi, byte SIZEOF_JSAMPROW  ; output_data
-    dec         eax                        ; rowctr
-    jg          short .rowloop
-
-    emms                                ; empty MMX state
-
-.return:
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-;   pop         ebx                     ; unused
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Downsample pixel values of a single component.
-; This version handles the standard case of 2:1 horizontal and 2:1 vertical,
-; without smoothing.
-;
-; GLOBAL(void)
-; jsimd_h2v2_downsample_mmx(JDIMENSION image_width, int max_v_samp_factor,
-;                           JDIMENSION v_samp_factor,
-;                           JDIMENSION width_in_blocks, JSAMPARRAY input_data,
-;                           JSAMPARRAY output_data);
-;
-
-%define img_width(b)    (b) + 8         ; JDIMENSION image_width
-%define max_v_samp(b)   (b) + 12        ; int max_v_samp_factor
-%define v_samp(b)       (b) + 16        ; JDIMENSION v_samp_factor
-%define width_blks(b)   (b) + 20        ; JDIMENSION width_in_blocks
-%define input_data(b)   (b) + 24        ; JSAMPARRAY input_data
-%define output_data(b)  (b) + 28        ; JSAMPARRAY output_data
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v2_downsample_mmx)
-
-EXTN(jsimd_h2v2_downsample_mmx):
-    push        ebp
-    mov         ebp, esp
-;   push        ebx                     ; unused
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         ecx, JDIMENSION [width_blks(ebp)]
-    shl         ecx, 3                  ; imul ecx,DCTSIZE (ecx = output_cols)
-    jz          near .return
-
-    mov         edx, JDIMENSION [img_width(ebp)]
-
-    ; -- expand_right_edge
-
-    push        ecx
-    shl         ecx, 1                  ; output_cols * 2
-    sub         ecx, edx
-    jle         short .expand_end
-
-    mov         eax, INT [max_v_samp(ebp)]
-    test        eax, eax
-    jle         short .expand_end
-
-    cld
-    mov         esi, JSAMPARRAY [input_data(ebp)]  ; input_data
-    alignx      16, 7
-.expandloop:
-    push        eax
-    push        ecx
-
-    mov         edi, JSAMPROW [esi]
-    add         edi, edx
-    mov         al, JSAMPLE [edi-1]
-
-    rep stosb
-
-    pop         ecx
-    pop         eax
-
-    add         esi, byte SIZEOF_JSAMPROW
-    dec         eax
-    jg          short .expandloop
-
-.expand_end:
-    pop         ecx                     ; output_cols
-
-    ; -- h2v2_downsample
-
-    mov         eax, JDIMENSION [v_samp(ebp)]  ; rowctr
-    test        eax, eax
-    jle         near .return
-
-    mov         edx, 0x00020001         ; bias pattern
-    movd        mm7, edx
-    pcmpeqw     mm6, mm6
-    punpckldq   mm7, mm7                ; mm7={1, 2, 1, 2}
-    psrlw       mm6, BYTE_BIT           ; mm6={0xFF 0x00 0xFF 0x00 ..}
-
-    mov         esi, JSAMPARRAY [input_data(ebp)]   ; input_data
-    mov         edi, JSAMPARRAY [output_data(ebp)]  ; output_data
-    alignx      16, 7
-.rowloop:
-    push        ecx
-    push        edi
-    push        esi
-
-    mov         edx, JSAMPROW [esi+0*SIZEOF_JSAMPROW]  ; inptr0
-    mov         esi, JSAMPROW [esi+1*SIZEOF_JSAMPROW]  ; inptr1
-    mov         edi, JSAMPROW [edi]                    ; outptr
-    alignx      16, 7
-.columnloop:
-
-    movq        mm0, MMWORD [edx+0*SIZEOF_MMWORD]
-    movq        mm1, MMWORD [esi+0*SIZEOF_MMWORD]
-    movq        mm2, MMWORD [edx+1*SIZEOF_MMWORD]
-    movq        mm3, MMWORD [esi+1*SIZEOF_MMWORD]
-
-    movq        mm4, mm0
-    movq        mm5, mm1
-    pand        mm0, mm6
-    psrlw       mm4, BYTE_BIT
-    pand        mm1, mm6
-    psrlw       mm5, BYTE_BIT
-    paddw       mm0, mm4
-    paddw       mm1, mm5
-
-    movq        mm4, mm2
-    movq        mm5, mm3
-    pand        mm2, mm6
-    psrlw       mm4, BYTE_BIT
-    pand        mm3, mm6
-    psrlw       mm5, BYTE_BIT
-    paddw       mm2, mm4
-    paddw       mm3, mm5
-
-    paddw       mm0, mm1
-    paddw       mm2, mm3
-    paddw       mm0, mm7
-    paddw       mm2, mm7
-    psrlw       mm0, 2
-    psrlw       mm2, 2
-
-    packuswb    mm0, mm2
-
-    movq        MMWORD [edi+0*SIZEOF_MMWORD], mm0
-
-    add         edx, byte 2*SIZEOF_MMWORD  ; inptr0
-    add         esi, byte 2*SIZEOF_MMWORD  ; inptr1
-    add         edi, byte 1*SIZEOF_MMWORD  ; outptr
-    sub         ecx, byte SIZEOF_MMWORD    ; outcol
-    jnz         near .columnloop
-
-    pop         esi
-    pop         edi
-    pop         ecx
-
-    add         esi, byte 2*SIZEOF_JSAMPROW  ; input_data
-    add         edi, byte 1*SIZEOF_JSAMPROW  ; output_data
-    dec         eax                          ; rowctr
-    jg          near .rowloop
-
-    emms                                ; empty MMX state
-
-.return:
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-;   pop         ebx                     ; unused
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcsample-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcsample-sse2.asm
deleted file mode 100644
index 4fea60d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jcsample-sse2.asm
+++ /dev/null
@@ -1,351 +0,0 @@
-;
-; jcsample.asm - downsampling (SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Downsample pixel values of a single component.
-; This version handles the common case of 2:1 horizontal and 1:1 vertical,
-; without smoothing.
-;
-; GLOBAL(void)
-; jsimd_h2v1_downsample_sse2(JDIMENSION image_width, int max_v_samp_factor,
-;                            JDIMENSION v_samp_factor,
-;                            JDIMENSION width_in_blocks, JSAMPARRAY input_data,
-;                            JSAMPARRAY output_data);
-;
-
-%define img_width(b)    (b) + 8         ; JDIMENSION image_width
-%define max_v_samp(b)   (b) + 12        ; int max_v_samp_factor
-%define v_samp(b)       (b) + 16        ; JDIMENSION v_samp_factor
-%define width_blks(b)   (b) + 20        ; JDIMENSION width_in_blocks
-%define input_data(b)   (b) + 24        ; JSAMPARRAY input_data
-%define output_data(b)  (b) + 28        ; JSAMPARRAY output_data
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v1_downsample_sse2)
-
-EXTN(jsimd_h2v1_downsample_sse2):
-    push        ebp
-    mov         ebp, esp
-;   push        ebx                     ; unused
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         ecx, JDIMENSION [width_blks(ebp)]
-    shl         ecx, 3                  ; imul ecx,DCTSIZE (ecx = output_cols)
-    jz          near .return
-
-    mov         edx, JDIMENSION [img_width(ebp)]
-
-    ; -- expand_right_edge
-
-    push        ecx
-    shl         ecx, 1                  ; output_cols * 2
-    sub         ecx, edx
-    jle         short .expand_end
-
-    mov         eax, INT [max_v_samp(ebp)]
-    test        eax, eax
-    jle         short .expand_end
-
-    cld
-    mov         esi, JSAMPARRAY [input_data(ebp)]  ; input_data
-    alignx      16, 7
-.expandloop:
-    push        eax
-    push        ecx
-
-    mov         edi, JSAMPROW [esi]
-    add         edi, edx
-    mov         al, JSAMPLE [edi-1]
-
-    rep stosb
-
-    pop         ecx
-    pop         eax
-
-    add         esi, byte SIZEOF_JSAMPROW
-    dec         eax
-    jg          short .expandloop
-
-.expand_end:
-    pop         ecx                     ; output_cols
-
-    ; -- h2v1_downsample
-
-    mov         eax, JDIMENSION [v_samp(ebp)]  ; rowctr
-    test        eax, eax
-    jle         near .return
-
-    mov         edx, 0x00010000         ; bias pattern
-    movd        xmm7, edx
-    pcmpeqw     xmm6, xmm6
-    pshufd      xmm7, xmm7, 0x00        ; xmm7={0, 1, 0, 1, 0, 1, 0, 1}
-    psrlw       xmm6, BYTE_BIT          ; xmm6={0xFF 0x00 0xFF 0x00 ..}
-
-    mov         esi, JSAMPARRAY [input_data(ebp)]   ; input_data
-    mov         edi, JSAMPARRAY [output_data(ebp)]  ; output_data
-    alignx      16, 7
-.rowloop:
-    push        ecx
-    push        edi
-    push        esi
-
-    mov         esi, JSAMPROW [esi]     ; inptr
-    mov         edi, JSAMPROW [edi]     ; outptr
-
-    cmp         ecx, byte SIZEOF_XMMWORD
-    jae         short .columnloop
-    alignx      16, 7
-
-.columnloop_r8:
-    movdqa      xmm0, XMMWORD [esi+0*SIZEOF_XMMWORD]
-    pxor        xmm1, xmm1
-    mov         ecx, SIZEOF_XMMWORD
-    jmp         short .downsample
-    alignx      16, 7
-
-.columnloop:
-    movdqa      xmm0, XMMWORD [esi+0*SIZEOF_XMMWORD]
-    movdqa      xmm1, XMMWORD [esi+1*SIZEOF_XMMWORD]
-
-.downsample:
-    movdqa      xmm2, xmm0
-    movdqa      xmm3, xmm1
-
-    pand        xmm0, xmm6
-    psrlw       xmm2, BYTE_BIT
-    pand        xmm1, xmm6
-    psrlw       xmm3, BYTE_BIT
-
-    paddw       xmm0, xmm2
-    paddw       xmm1, xmm3
-    paddw       xmm0, xmm7
-    paddw       xmm1, xmm7
-    psrlw       xmm0, 1
-    psrlw       xmm1, 1
-
-    packuswb    xmm0, xmm1
-
-    movdqa      XMMWORD [edi+0*SIZEOF_XMMWORD], xmm0
-
-    sub         ecx, byte SIZEOF_XMMWORD    ; outcol
-    add         esi, byte 2*SIZEOF_XMMWORD  ; inptr
-    add         edi, byte 1*SIZEOF_XMMWORD  ; outptr
-    cmp         ecx, byte SIZEOF_XMMWORD
-    jae         short .columnloop
-    test        ecx, ecx
-    jnz         short .columnloop_r8
-
-    pop         esi
-    pop         edi
-    pop         ecx
-
-    add         esi, byte SIZEOF_JSAMPROW  ; input_data
-    add         edi, byte SIZEOF_JSAMPROW  ; output_data
-    dec         eax                        ; rowctr
-    jg          near .rowloop
-
-.return:
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-;   pop         ebx                     ; unused
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Downsample pixel values of a single component.
-; This version handles the standard case of 2:1 horizontal and 2:1 vertical,
-; without smoothing.
-;
-; GLOBAL(void)
-; jsimd_h2v2_downsample_sse2(JDIMENSION image_width, int max_v_samp_factor,
-;                            JDIMENSION v_samp_factor,
-;                            JDIMENSION width_in_blocks, JSAMPARRAY input_data,
-;                            JSAMPARRAY output_data);
-;
-
-%define img_width(b)    (b) + 8         ; JDIMENSION image_width
-%define max_v_samp(b)   (b) + 12        ; int max_v_samp_factor
-%define v_samp(b)       (b) + 16        ; JDIMENSION v_samp_factor
-%define width_blks(b)   (b) + 20        ; JDIMENSION width_in_blocks
-%define input_data(b)   (b) + 24        ; JSAMPARRAY input_data
-%define output_data(b)  (b) + 28        ; JSAMPARRAY output_data
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v2_downsample_sse2)
-
-EXTN(jsimd_h2v2_downsample_sse2):
-    push        ebp
-    mov         ebp, esp
-;   push        ebx                     ; unused
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         ecx, JDIMENSION [width_blks(ebp)]
-    shl         ecx, 3                  ; imul ecx,DCTSIZE (ecx = output_cols)
-    jz          near .return
-
-    mov         edx, JDIMENSION [img_width(ebp)]
-
-    ; -- expand_right_edge
-
-    push        ecx
-    shl         ecx, 1                  ; output_cols * 2
-    sub         ecx, edx
-    jle         short .expand_end
-
-    mov         eax, INT [max_v_samp(ebp)]
-    test        eax, eax
-    jle         short .expand_end
-
-    cld
-    mov         esi, JSAMPARRAY [input_data(ebp)]  ; input_data
-    alignx      16, 7
-.expandloop:
-    push        eax
-    push        ecx
-
-    mov         edi, JSAMPROW [esi]
-    add         edi, edx
-    mov         al, JSAMPLE [edi-1]
-
-    rep stosb
-
-    pop         ecx
-    pop         eax
-
-    add         esi, byte SIZEOF_JSAMPROW
-    dec         eax
-    jg          short .expandloop
-
-.expand_end:
-    pop         ecx                     ; output_cols
-
-    ; -- h2v2_downsample
-
-    mov         eax, JDIMENSION [v_samp(ebp)]  ; rowctr
-    test        eax, eax
-    jle         near .return
-
-    mov         edx, 0x00020001         ; bias pattern
-    movd        xmm7, edx
-    pcmpeqw     xmm6, xmm6
-    pshufd      xmm7, xmm7, 0x00        ; xmm7={1, 2, 1, 2, 1, 2, 1, 2}
-    psrlw       xmm6, BYTE_BIT          ; xmm6={0xFF 0x00 0xFF 0x00 ..}
-
-    mov         esi, JSAMPARRAY [input_data(ebp)]   ; input_data
-    mov         edi, JSAMPARRAY [output_data(ebp)]  ; output_data
-    alignx      16, 7
-.rowloop:
-    push        ecx
-    push        edi
-    push        esi
-
-    mov         edx, JSAMPROW [esi+0*SIZEOF_JSAMPROW]  ; inptr0
-    mov         esi, JSAMPROW [esi+1*SIZEOF_JSAMPROW]  ; inptr1
-    mov         edi, JSAMPROW [edi]                    ; outptr
-
-    cmp         ecx, byte SIZEOF_XMMWORD
-    jae         short .columnloop
-    alignx      16, 7
-
-.columnloop_r8:
-    movdqa      xmm0, XMMWORD [edx+0*SIZEOF_XMMWORD]
-    movdqa      xmm1, XMMWORD [esi+0*SIZEOF_XMMWORD]
-    pxor        xmm2, xmm2
-    pxor        xmm3, xmm3
-    mov         ecx, SIZEOF_XMMWORD
-    jmp         short .downsample
-    alignx      16, 7
-
-.columnloop:
-    movdqa      xmm0, XMMWORD [edx+0*SIZEOF_XMMWORD]
-    movdqa      xmm1, XMMWORD [esi+0*SIZEOF_XMMWORD]
-    movdqa      xmm2, XMMWORD [edx+1*SIZEOF_XMMWORD]
-    movdqa      xmm3, XMMWORD [esi+1*SIZEOF_XMMWORD]
-
-.downsample:
-    movdqa      xmm4, xmm0
-    movdqa      xmm5, xmm1
-    pand        xmm0, xmm6
-    psrlw       xmm4, BYTE_BIT
-    pand        xmm1, xmm6
-    psrlw       xmm5, BYTE_BIT
-    paddw       xmm0, xmm4
-    paddw       xmm1, xmm5
-
-    movdqa      xmm4, xmm2
-    movdqa      xmm5, xmm3
-    pand        xmm2, xmm6
-    psrlw       xmm4, BYTE_BIT
-    pand        xmm3, xmm6
-    psrlw       xmm5, BYTE_BIT
-    paddw       xmm2, xmm4
-    paddw       xmm3, xmm5
-
-    paddw       xmm0, xmm1
-    paddw       xmm2, xmm3
-    paddw       xmm0, xmm7
-    paddw       xmm2, xmm7
-    psrlw       xmm0, 2
-    psrlw       xmm2, 2
-
-    packuswb    xmm0, xmm2
-
-    movdqa      XMMWORD [edi+0*SIZEOF_XMMWORD], xmm0
-
-    sub         ecx, byte SIZEOF_XMMWORD    ; outcol
-    add         edx, byte 2*SIZEOF_XMMWORD  ; inptr0
-    add         esi, byte 2*SIZEOF_XMMWORD  ; inptr1
-    add         edi, byte 1*SIZEOF_XMMWORD  ; outptr
-    cmp         ecx, byte SIZEOF_XMMWORD
-    jae         near .columnloop
-    test        ecx, ecx
-    jnz         near .columnloop_r8
-
-    pop         esi
-    pop         edi
-    pop         ecx
-
-    add         esi, byte 2*SIZEOF_JSAMPROW  ; input_data
-    add         edi, byte 1*SIZEOF_JSAMPROW  ; output_data
-    dec         eax                          ; rowctr
-    jg          near .rowloop
-
-.return:
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-;   pop         ebx                     ; unused
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdcolext-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdcolext-avx2.asm
deleted file mode 100644
index 015be04..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdcolext-avx2.asm
+++ /dev/null
@@ -1,515 +0,0 @@
-;
-; jdcolext.asm - colorspace conversion (AVX2)
-;
-; Copyright 2009, 2012 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2012, 2016, D. R. Commander.
-; Copyright (C) 2015, Intel Corporation.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jcolsamp.inc"
-
-; --------------------------------------------------------------------------
-;
-; Convert some rows of samples to the output colorspace.
-;
-; GLOBAL(void)
-; jsimd_ycc_rgb_convert_avx2(JDIMENSION out_width, JSAMPIMAGE input_buf,
-;                            JDIMENSION input_row, JSAMPARRAY output_buf,
-;                            int num_rows)
-;
-
-%define out_width(b)   (b) + 8          ; JDIMENSION out_width
-%define input_buf(b)   (b) + 12         ; JSAMPIMAGE input_buf
-%define input_row(b)   (b) + 16         ; JDIMENSION input_row
-%define output_buf(b)  (b) + 20         ; JSAMPARRAY output_buf
-%define num_rows(b)    (b) + 24         ; int num_rows
-
-%define original_ebp   ebp + 0
-%define wk(i)          ebp - (WK_NUM - (i)) * SIZEOF_YMMWORD
-                                        ; ymmword wk[WK_NUM]
-%define WK_NUM         2
-%define gotptr         wk(0) - SIZEOF_POINTER  ; void * gotptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_ycc_rgb_convert_avx2)
-
-EXTN(jsimd_ycc_rgb_convert_avx2):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_YMMWORD)  ; align to 256 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     eax                     ; make a room for GOT address
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-    movpic      POINTER [gotptr], ebx   ; save GOT address
-
-    mov         ecx, JDIMENSION [out_width(eax)]  ; num_cols
-    test        ecx, ecx
-    jz          near .return
-
-    push        ecx
-
-    mov         edi, JSAMPIMAGE [input_buf(eax)]
-    mov         ecx, JDIMENSION [input_row(eax)]
-    mov         esi, JSAMPARRAY [edi+0*SIZEOF_JSAMPARRAY]
-    mov         ebx, JSAMPARRAY [edi+1*SIZEOF_JSAMPARRAY]
-    mov         edx, JSAMPARRAY [edi+2*SIZEOF_JSAMPARRAY]
-    lea         esi, [esi+ecx*SIZEOF_JSAMPROW]
-    lea         ebx, [ebx+ecx*SIZEOF_JSAMPROW]
-    lea         edx, [edx+ecx*SIZEOF_JSAMPROW]
-
-    pop         ecx
-
-    mov         edi, JSAMPARRAY [output_buf(eax)]
-    mov         eax, INT [num_rows(eax)]
-    test        eax, eax
-    jle         near .return
-    alignx      16, 7
-.rowloop:
-    push        eax
-    push        edi
-    push        edx
-    push        ebx
-    push        esi
-    push        ecx                     ; col
-
-    mov         esi, JSAMPROW [esi]     ; inptr0
-    mov         ebx, JSAMPROW [ebx]     ; inptr1
-    mov         edx, JSAMPROW [edx]     ; inptr2
-    mov         edi, JSAMPROW [edi]     ; outptr
-    movpic      eax, POINTER [gotptr]   ; load GOT address (eax)
-    alignx      16, 7
-.columnloop:
-
-    vmovdqu     ymm5, YMMWORD [ebx]     ; ymm5=Cb(0123456789ABCDEFGHIJKLMNOPQRSTUV)
-    vmovdqu     ymm1, YMMWORD [edx]     ; ymm1=Cr(0123456789ABCDEFGHIJKLMNOPQRSTUV)
-
-    vpcmpeqw    ymm0, ymm0, ymm0
-    vpcmpeqw    ymm7, ymm7, ymm7
-    vpsrlw      ymm0, ymm0, BYTE_BIT    ; ymm0={0xFF 0x00 0xFF 0x00 ..}
-    vpsllw      ymm7, ymm7, 7           ; ymm7={0xFF80 0xFF80 0xFF80 0xFF80 ..}
-
-    vpand       ymm4, ymm0, ymm5        ; ymm4=Cb(02468ACEGIKMOQSU)=CbE
-    vpsrlw      ymm5, ymm5, BYTE_BIT    ; ymm5=Cb(13579BDFHJLNPRTV)=CbO
-    vpand       ymm0, ymm0, ymm1        ; ymm0=Cr(02468ACEGIKMOQSU)=CrE
-    vpsrlw      ymm1, ymm1, BYTE_BIT    ; ymm1=Cr(13579BDFHJLNPRTV)=CrO
-
-    vpaddw      ymm2, ymm4, ymm7
-    vpaddw      ymm3, ymm5, ymm7
-    vpaddw      ymm6, ymm0, ymm7
-    vpaddw      ymm7, ymm1, ymm7
-
-    ; (Original)
-    ; R = Y                + 1.40200 * Cr
-    ; G = Y - 0.34414 * Cb - 0.71414 * Cr
-    ; B = Y + 1.77200 * Cb
-    ;
-    ; (This implementation)
-    ; R = Y                + 0.40200 * Cr + Cr
-    ; G = Y - 0.34414 * Cb + 0.28586 * Cr - Cr
-    ; B = Y - 0.22800 * Cb + Cb + Cb
-
-    vpaddw      ymm4, ymm2, ymm2                     ; ymm4=2*CbE
-    vpaddw      ymm5, ymm3, ymm3                     ; ymm5=2*CbO
-    vpaddw      ymm0, ymm6, ymm6                     ; ymm0=2*CrE
-    vpaddw      ymm1, ymm7, ymm7                     ; ymm1=2*CrO
-
-    vpmulhw     ymm4, ymm4, [GOTOFF(eax,PW_MF0228)]  ; ymm4=(2*CbE * -FIX(0.22800))
-    vpmulhw     ymm5, ymm5, [GOTOFF(eax,PW_MF0228)]  ; ymm5=(2*CbO * -FIX(0.22800))
-    vpmulhw     ymm0, ymm0, [GOTOFF(eax,PW_F0402)]   ; ymm0=(2*CrE * FIX(0.40200))
-    vpmulhw     ymm1, ymm1, [GOTOFF(eax,PW_F0402)]   ; ymm1=(2*CrO * FIX(0.40200))
-
-    vpaddw      ymm4, ymm4, [GOTOFF(eax,PW_ONE)]
-    vpaddw      ymm5, ymm5, [GOTOFF(eax,PW_ONE)]
-    vpsraw      ymm4, ymm4, 1                        ; ymm4=(CbE * -FIX(0.22800))
-    vpsraw      ymm5, ymm5, 1                        ; ymm5=(CbO * -FIX(0.22800))
-    vpaddw      ymm0, ymm0, [GOTOFF(eax,PW_ONE)]
-    vpaddw      ymm1, ymm1, [GOTOFF(eax,PW_ONE)]
-    vpsraw      ymm0, ymm0, 1                        ; ymm0=(CrE * FIX(0.40200))
-    vpsraw      ymm1, ymm1, 1                        ; ymm1=(CrO * FIX(0.40200))
-
-    vpaddw      ymm4, ymm4, ymm2
-    vpaddw      ymm5, ymm5, ymm3
-    vpaddw      ymm4, ymm4, ymm2                     ; ymm4=(CbE * FIX(1.77200))=(B-Y)E
-    vpaddw      ymm5, ymm5, ymm3                     ; ymm5=(CbO * FIX(1.77200))=(B-Y)O
-    vpaddw      ymm0, ymm0, ymm6                     ; ymm0=(CrE * FIX(1.40200))=(R-Y)E
-    vpaddw      ymm1, ymm1, ymm7                     ; ymm1=(CrO * FIX(1.40200))=(R-Y)O
-
-    vmovdqa     YMMWORD [wk(0)], ymm4                ; wk(0)=(B-Y)E
-    vmovdqa     YMMWORD [wk(1)], ymm5                ; wk(1)=(B-Y)O
-
-    vpunpckhwd  ymm4, ymm2, ymm6
-    vpunpcklwd  ymm2, ymm2, ymm6
-    vpmaddwd    ymm2, ymm2, [GOTOFF(eax,PW_MF0344_F0285)]
-    vpmaddwd    ymm4, ymm4, [GOTOFF(eax,PW_MF0344_F0285)]
-    vpunpckhwd  ymm5, ymm3, ymm7
-    vpunpcklwd  ymm3, ymm3, ymm7
-    vpmaddwd    ymm3, ymm3, [GOTOFF(eax,PW_MF0344_F0285)]
-    vpmaddwd    ymm5, ymm5, [GOTOFF(eax,PW_MF0344_F0285)]
-
-    vpaddd      ymm2, ymm2, [GOTOFF(eax,PD_ONEHALF)]
-    vpaddd      ymm4, ymm4, [GOTOFF(eax,PD_ONEHALF)]
-    vpsrad      ymm2, ymm2, SCALEBITS
-    vpsrad      ymm4, ymm4, SCALEBITS
-    vpaddd      ymm3, ymm3, [GOTOFF(eax,PD_ONEHALF)]
-    vpaddd      ymm5, ymm5, [GOTOFF(eax,PD_ONEHALF)]
-    vpsrad      ymm3, ymm3, SCALEBITS
-    vpsrad      ymm5, ymm5, SCALEBITS
-
-    vpackssdw   ymm2, ymm2, ymm4             ; ymm2=CbE*-FIX(0.344)+CrE*FIX(0.285)
-    vpackssdw   ymm3, ymm3, ymm5             ; ymm3=CbO*-FIX(0.344)+CrO*FIX(0.285)
-    vpsubw      ymm2, ymm2, ymm6             ; ymm2=CbE*-FIX(0.344)+CrE*-FIX(0.714)=(G-Y)E
-    vpsubw      ymm3, ymm3, ymm7             ; ymm3=CbO*-FIX(0.344)+CrO*-FIX(0.714)=(G-Y)O
-
-    vmovdqu     ymm5, YMMWORD [esi]          ; ymm5=Y(0123456789ABCDEFGHIJKLMNOPQRSTUV)
-
-    vpcmpeqw    ymm4, ymm4, ymm4
-    vpsrlw      ymm4, ymm4, BYTE_BIT         ; ymm4={0xFF 0x00 0xFF 0x00 ..}
-    vpand       ymm4, ymm4, ymm5             ; ymm4=Y(02468ACEGIKMOQSU)=YE
-    vpsrlw      ymm5, ymm5, BYTE_BIT         ; ymm5=Y(13579BDFHJLNPRTV)=YO
-
-    vpaddw      ymm0, ymm0, ymm4             ; ymm0=((R-Y)E+YE)=RE=R(02468ACEGIKMOQSU)
-    vpaddw      ymm1, ymm1, ymm5             ; ymm1=((R-Y)O+YO)=RO=R(13579BDFHJLNPRTV)
-    vpackuswb   ymm0, ymm0, ymm0             ; ymm0=R(02468ACE********GIKMOQSU********)
-    vpackuswb   ymm1, ymm1, ymm1             ; ymm1=R(13579BDF********HJLNPRTV********)
-
-    vpaddw      ymm2, ymm2, ymm4             ; ymm2=((G-Y)E+YE)=GE=G(02468ACEGIKMOQSU)
-    vpaddw      ymm3, ymm3, ymm5             ; ymm3=((G-Y)O+YO)=GO=G(13579BDFHJLNPRTV)
-    vpackuswb   ymm2, ymm2, ymm2             ; ymm2=G(02468ACE********GIKMOQSU********)
-    vpackuswb   ymm3, ymm3, ymm3             ; ymm3=G(13579BDF********HJLNPRTV********)
-
-    vpaddw      ymm4, ymm4, YMMWORD [wk(0)]  ; ymm4=(YE+(B-Y)E)=BE=B(02468ACEGIKMOQSU)
-    vpaddw      ymm5, ymm5, YMMWORD [wk(1)]  ; ymm5=(YO+(B-Y)O)=BO=B(13579BDFHJLNPRTV)
-    vpackuswb   ymm4, ymm4, ymm4             ; ymm4=B(02468ACE********GIKMOQSU********)
-    vpackuswb   ymm5, ymm5, ymm5             ; ymm5=B(13579BDF********HJLNPRTV********)
-
-%if RGB_PIXELSIZE == 3  ; ---------------
-
-    ; ymmA=(00 02 04 06 08 0A 0C 0E ** 0G 0I 0K 0M 0O 0Q 0S 0U **)
-    ; ymmB=(01 03 05 07 09 0B 0D 0F ** 0H 0J 0L 0N 0P 0R 0T 0V **)
-    ; ymmC=(10 12 14 16 18 1A 1C 1E ** 1G 1I 1K 1M 1O 1Q 1S 1U **)
-    ; ymmD=(11 13 15 17 19 1B 1D 1F ** 1H 1J 1L 1N 1P 1R 1T 1V **)
-    ; ymmE=(20 22 24 26 28 2A 2C 2E ** 2G 2I 2K 2M 2O 2Q 2S 2U **)
-    ; ymmF=(21 23 25 27 29 2B 2D 2F ** 2H 2J 2L 2N 2P 2R 2T 2V **)
-    ; ymmG=(** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** **)
-    ; ymmH=(** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** **)
-
-    vpunpcklbw  ymmA, ymmA, ymmC        ; ymmA=(00 10 02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E
-                                        ;       0G 1G 0I 1I 0K 1K 0M 1M 0O 1O 0Q 1Q 0S 1S 0U 1U)
-    vpunpcklbw  ymmE, ymmE, ymmB        ; ymmE=(20 01 22 03 24 05 26 07 28 09 2A 0B 2C 0D 2E 0F
-                                        ;       2G 0H 2I 0J 2K 0L 2M 0N 2O 0P 2Q 0R 2S 0T 2U 0V)
-    vpunpcklbw  ymmD, ymmD, ymmF        ; ymmD=(11 21 13 23 15 25 17 27 19 29 1B 2B 1D 2D 1F 2F
-                                        ;       1H 2H 1J 2J 1L 2L 1N 2N 1P 2P 1R 2R 1T 2T 1V 2V)
-
-    vpsrldq     ymmH, ymmA, 2           ; ymmH=(02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E 0G 1G
-                                        ;       0I 1I 0K 1K 0M 1M 0O 1O 0Q 1Q 0S 1S 0U 1U -- --)
-    vpunpckhwd  ymmG, ymmA, ymmE        ; ymmG=(08 18 28 09 0A 1A 2A 0B 0C 1C 2C 0D 0E 1E 2E 0F
-                                        ;       0O 1O 2O 0P 0Q 1Q 2Q 0R 0S 1S 2S 0T 0U 1U 2U 0V)
-    vpunpcklwd  ymmA, ymmA, ymmE        ; ymmA=(00 10 20 01 02 12 22 03 04 14 24 05 06 16 26 07
-                                        ;       0G 1G 2G 0H 0I 1I 2I 0J 0K 1K 2K 0L 0M 1M 2M 0N)
-
-    vpsrldq     ymmE, ymmE, 2           ; ymmE=(22 03 24 05 26 07 28 09 2A 0B 2C 0D 2E 0F 2G 0H
-                                        ;       2I 0J 2K 0L 2M 0N 2O 0P 2Q 0R 2S 0T 2U 0V -- --)
-
-    vpsrldq     ymmB, ymmD, 2           ; ymmB=(13 23 15 25 17 27 19 29 1B 2B 1D 2D 1F 2F 1H 2H
-                                        ;       1J 2J 1L 2L 1N 2N 1P 2P 1R 2R 1T 2T 1V 2V -- --)
-    vpunpckhwd  ymmC, ymmD, ymmH        ; ymmC=(19 29 0A 1A 1B 2B 0C 1C 1D 2D 0E 1E 1F 2F 0G 1G
-                                        ;       1P 2P 0Q 1Q 1R 2R 0S 1S 1T 2T 0U 1U 1V 2V -- --)
-    vpunpcklwd  ymmD, ymmD, ymmH        ; ymmD=(11 21 02 12 13 23 04 14 15 25 06 16 17 27 08 18
-                                        ;       1H 2H 0I 1I 1J 2J 0K 1K 1L 2L 0M 1M 1N 2N 0O 1O)
-
-    vpunpckhwd  ymmF, ymmE, ymmB        ; ymmF=(2A 0B 1B 2B 2C 0D 1D 2D 2E 0F 1F 2F 2G 0H 1H 2H
-                                        ;       2Q 0R 1R 2R 2S 0T 1T 2T 2U 0V 1V 2V -- -- -- --)
-    vpunpcklwd  ymmE, ymmE, ymmB        ; ymmE=(22 03 13 23 24 05 15 25 26 07 17 27 28 09 19 29
-                                        ;       2I 0J 1J 2J 2K 0L 1L 2L 2M 0N 1N 2N 2O 0P 1P 2P)
-
-    vpshufd     ymmH, ymmA, 0x4E        ; ymmH=(04 14 24 05 06 16 26 07 00 10 20 01 02 12 22 03
-                                        ;       0K 1K 2K 0L 0M 1M 2M 0N 0G 1G 2G 0H 0I 1I 2I 0J)
-    vpunpckldq  ymmA, ymmA, ymmD        ; ymmA=(00 10 20 01 11 21 02 12 02 12 22 03 13 23 04 14
-                                        ;       0G 1G 2G 0H 1H 2H 0I 1I 0I 1I 2I 0J 1J 2J 0K 1K)
-    vpunpckhdq  ymmD, ymmD, ymmE        ; ymmD=(15 25 06 16 26 07 17 27 17 27 08 18 28 09 19 29
-                                        ;       1L 2L 0M 1M 2M 0N 1N 2N 1N 2N 0O 1O 2O 0P 1P 2P)
-    vpunpckldq  ymmE, ymmE, ymmH        ; ymmE=(22 03 13 23 04 14 24 05 24 05 15 25 06 16 26 07
-                                        ;       2I 0J 1J 2J 0K 1K 2K 0L 2K 0L 1L 2L 0M 1M 2M 0N)
-
-    vpshufd     ymmH, ymmG, 0x4E        ; ymmH=(0C 1C 2C 0D 0E 1E 2E 0F 08 18 28 09 0A 1A 2A 0B
-                                        ;       0S 1S 2S 0T 0U 1U 2U 0V 0O 1O 2O 0P 0Q 1Q 2Q 0R)
-    vpunpckldq  ymmG, ymmG, ymmC        ; ymmG=(08 18 28 09 19 29 0A 1A 0A 1A 2A 0B 1B 2B 0C 1C
-                                        ;       0O 1O 2O 0P 1P 2P 0Q 1Q 0Q 1Q 2Q 0R 1R 2R 0S 1S)
-    vpunpckhdq  ymmC, ymmC, ymmF        ; ymmC=(1D 2D 0E 1E 2E 0F 1F 2F 1F 2F 0G 1G 2G 0H 1H 2H
-                                        ;       1T 2T 0U 1U 2U 0V 1V 2V 1V 2V -- -- -- -- -- --)
-    vpunpckldq  ymmF, ymmF, ymmH        ; ymmF=(2A 0B 1B 2B 0C 1C 2C 0D 2C 0D 1D 2D 0E 1E 2E 0F
-                                        ;       2Q 0R 1R 2R 0S 1S 2S 0T 2S 0T 1T 2T 0U 1U 2U 0V)
-
-    vpunpcklqdq ymmH, ymmA, ymmE        ; ymmH=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05
-                                        ;       0G 1G 2G 0H 1H 2H 0I 1I 2I 0J 1J 2J 0K 1K 2K 0L)
-    vpunpcklqdq ymmG, ymmD, ymmG        ; ymmG=(15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A
-                                        ;       1L 2L 0M 1M 2M 0N 1N 2N 0O 1O 2O 0P 1P 2P 0Q 1Q)
-    vpunpcklqdq ymmC, ymmF, ymmC        ; ymmC=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F
-                                        ;       2Q 0R 1R 2R 0S 1S 2S 0T 1T 2T 0U 1U 2U 0V 1V 2V)
-
-    vperm2i128  ymmA, ymmH, ymmG, 0x20  ; ymmA=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05
-                                        ;       15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A)
-    vperm2i128  ymmD, ymmC, ymmH, 0x30  ; ymmD=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F
-                                        ;       0G 1G 2G 0H 1H 2H 0I 1I 2I 0J 1J 2J 0K 1K 2K 0L)
-    vperm2i128  ymmF, ymmG, ymmC, 0x31  ; ymmF=(1L 2L 0M 1M 2M 0N 1N 2N 0O 1O 2O 0P 1P 2P 0Q 1Q
-                                        ;       2Q 0R 1R 2R 0S 1S 2S 0T 1T 2T 0U 1U 2U 0V 1V 2V)
-
-    cmp         ecx, byte SIZEOF_YMMWORD
-    jb          short .column_st64
-
-    test        edi, SIZEOF_YMMWORD-1
-    jnz         short .out1
-    ; --(aligned)-------------------
-    vmovntdq    YMMWORD [edi+0*SIZEOF_YMMWORD], ymmA
-    vmovntdq    YMMWORD [edi+1*SIZEOF_YMMWORD], ymmD
-    vmovntdq    YMMWORD [edi+2*SIZEOF_YMMWORD], ymmF
-    jmp         short .out0
-.out1:  ; --(unaligned)-----------------
-    vmovdqu     YMMWORD [edi+0*SIZEOF_YMMWORD], ymmA
-    vmovdqu     YMMWORD [edi+1*SIZEOF_YMMWORD], ymmD
-    vmovdqu     YMMWORD [edi+2*SIZEOF_YMMWORD], ymmF
-.out0:
-    add         edi, byte RGB_PIXELSIZE*SIZEOF_YMMWORD  ; outptr
-    sub         ecx, byte SIZEOF_YMMWORD
-    jz          near .nextrow
-
-    add         esi, byte SIZEOF_YMMWORD  ; inptr0
-    add         ebx, byte SIZEOF_YMMWORD  ; inptr1
-    add         edx, byte SIZEOF_YMMWORD  ; inptr2
-    jmp         near .columnloop
-    alignx      16, 7
-
-.column_st64:
-    lea         ecx, [ecx+ecx*2]            ; imul ecx, RGB_PIXELSIZE
-    cmp         ecx, byte 2*SIZEOF_YMMWORD
-    jb          short .column_st32
-    vmovdqu     YMMWORD [edi+0*SIZEOF_YMMWORD], ymmA
-    vmovdqu     YMMWORD [edi+1*SIZEOF_YMMWORD], ymmD
-    add         edi, byte 2*SIZEOF_YMMWORD  ; outptr
-    vmovdqa     ymmA, ymmF
-    sub         ecx, byte 2*SIZEOF_YMMWORD
-    jmp         short .column_st31
-.column_st32:
-    cmp         ecx, byte SIZEOF_YMMWORD
-    jb          short .column_st31
-    vmovdqu     YMMWORD [edi+0*SIZEOF_YMMWORD], ymmA
-    add         edi, byte SIZEOF_YMMWORD    ; outptr
-    vmovdqa     ymmA, ymmD
-    sub         ecx, byte SIZEOF_YMMWORD
-    jmp         short .column_st31
-.column_st31:
-    cmp         ecx, byte SIZEOF_XMMWORD
-    jb          short .column_st15
-    vmovdqu     XMMWORD [edi+0*SIZEOF_XMMWORD], xmmA
-    add         edi, byte SIZEOF_XMMWORD    ; outptr
-    vperm2i128  ymmA, ymmA, ymmA, 1
-    sub         ecx, byte SIZEOF_XMMWORD
-.column_st15:
-    ; Store the lower 8 bytes of xmmA to the output when it has enough
-    ; space.
-    cmp         ecx, byte SIZEOF_MMWORD
-    jb          short .column_st7
-    vmovq       XMM_MMWORD [edi], xmmA
-    add         edi, byte SIZEOF_MMWORD
-    sub         ecx, byte SIZEOF_MMWORD
-    vpsrldq     xmmA, xmmA, SIZEOF_MMWORD
-.column_st7:
-    ; Store the lower 4 bytes of xmmA to the output when it has enough
-    ; space.
-    cmp         ecx, byte SIZEOF_DWORD
-    jb          short .column_st3
-    vmovd       XMM_DWORD [edi], xmmA
-    add         edi, byte SIZEOF_DWORD
-    sub         ecx, byte SIZEOF_DWORD
-    vpsrldq     xmmA, xmmA, SIZEOF_DWORD
-.column_st3:
-    ; Store the lower 2 bytes of eax to the output when it has enough
-    ; space.
-    vmovd       eax, xmmA
-    cmp         ecx, byte SIZEOF_WORD
-    jb          short .column_st1
-    mov         word [edi], ax
-    add         edi, byte SIZEOF_WORD
-    sub         ecx, byte SIZEOF_WORD
-    shr         eax, 16
-.column_st1:
-    ; Store the lower 1 byte of eax to the output when it has enough
-    ; space.
-    test        ecx, ecx
-    jz          short .nextrow
-    mov         byte [edi], al
-
-%else  ; RGB_PIXELSIZE == 4 ; -----------
-
-%ifdef RGBX_FILLER_0XFF
-    vpcmpeqb    ymm6, ymm6, ymm6        ; ymm6=XE=X(02468ACE********GIKMOQSU********)
-    vpcmpeqb    ymm7, ymm7, ymm7        ; ymm7=XO=X(13579BDF********HJLNPRTV********)
-%else
-    vpxor       ymm6, ymm6, ymm6        ; ymm6=XE=X(02468ACE********GIKMOQSU********)
-    vpxor       ymm7, ymm7, ymm7        ; ymm7=XO=X(13579BDF********HJLNPRTV********)
-%endif
-    ; ymmA=(00 02 04 06 08 0A 0C 0E ** 0G 0I 0K 0M 0O 0Q 0S 0U **)
-    ; ymmB=(01 03 05 07 09 0B 0D 0F ** 0H 0J 0L 0N 0P 0R 0T 0V **)
-    ; ymmC=(10 12 14 16 18 1A 1C 1E ** 1G 1I 1K 1M 1O 1Q 1S 1U **)
-    ; ymmD=(11 13 15 17 19 1B 1D 1F ** 1H 1J 1L 1N 1P 1R 1T 1V **)
-    ; ymmE=(20 22 24 26 28 2A 2C 2E ** 2G 2I 2K 2M 2O 2Q 2S 2U **)
-    ; ymmF=(21 23 25 27 29 2B 2D 2F ** 2H 2J 2L 2N 2P 2R 2T 2V **)
-    ; ymmG=(30 32 34 36 38 3A 3C 3E ** 3G 3I 3K 3M 3O 3Q 3S 3U **)
-    ; ymmH=(31 33 35 37 39 3B 3D 3F ** 3H 3J 3L 3N 3P 3R 3T 3V **)
-
-    vpunpcklbw  ymmA, ymmA, ymmC        ; ymmA=(00 10 02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E
-                                        ;       0G 1G 0I 1I 0K 1K 0M 1M 0O 1O 0Q 1Q 0S 1S 0U 1U)
-    vpunpcklbw  ymmE, ymmE, ymmG        ; ymmE=(20 30 22 32 24 34 26 36 28 38 2A 3A 2C 3C 2E 3E
-                                        ;       2G 3G 2I 3I 2K 3K 2M 3M 2O 3O 2Q 3Q 2S 3S 2U 3U)
-    vpunpcklbw  ymmB, ymmB, ymmD        ; ymmB=(01 11 03 13 05 15 07 17 09 19 0B 1B 0D 1D 0F 1F
-                                        ;       0H 1H 0J 1J 0L 1L 0N 1N 0P 1P 0R 1R 0T 1T 0V 1V)
-    vpunpcklbw  ymmF, ymmF, ymmH        ; ymmF=(21 31 23 33 25 35 27 37 29 39 2B 3B 2D 3D 2F 3F
-                                        ;       2H 3H 2J 3J 2L 3L 2N 3N 2P 3P 2R 3R 2T 3T 2V 3V)
-
-    vpunpckhwd  ymmC, ymmA, ymmE        ; ymmC=(08 18 28 38 0A 1A 2A 3A 0C 1C 2C 3C 0E 1E 2E 3E
-                                        ;       0O 1O 2O 3O 0Q 1Q 2Q 3Q 0S 1S 2S 3S 0U 1U 2U 3U)
-    vpunpcklwd  ymmA, ymmA, ymmE        ; ymmA=(00 10 20 30 02 12 22 32 04 14 24 34 06 16 26 36
-                                        ;       0G 1G 2G 3G 0I 1I 2I 3I 0K 1K 2K 3K 0M 1M 2M 3M)
-    vpunpckhwd  ymmG, ymmB, ymmF        ; ymmG=(09 19 29 39 0B 1B 2B 3B 0D 1D 2D 3D 0F 1F 2F 3F
-                                        ;       0P 1P 2P 3P 0R 1R 2R 3R 0T 1T 2T 3T 0V 1V 2V 3V)
-    vpunpcklwd  ymmB, ymmB, ymmF        ; ymmB=(01 11 21 31 03 13 23 33 05 15 25 35 07 17 27 37
-                                        ;       0H 1H 2H 3H 0J 1J 2J 3J 0L 1L 2L 3L 0N 1N 2N 3N)
-
-    vpunpckhdq  ymmE, ymmA, ymmB        ; ymmE=(04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37
-                                        ;       0K 1K 2K 3K 0L 1L 2L 3L 0M 1M 2M 3M 0N 1N 2N 3N)
-    vpunpckldq  ymmB, ymmA, ymmB        ; ymmB=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33
-                                        ;       0G 1G 2G 3G 0H 1H 2H 3H 0I 1I 2I 3I 0J 1J 2J 3J)
-    vpunpckhdq  ymmF, ymmC, ymmG        ; ymmF=(0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F
-                                        ;       0S 1S 2S 3S 0T 1T 2T 3T 0U 1U 2U 3U 0V 1V 2V 3V)
-    vpunpckldq  ymmG, ymmC, ymmG        ; ymmG=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B
-                                        ;       0O 1O 2O 3O 0P 1P 2P 3P 0Q 1Q 2Q 3Q 0R 1R 2R 3R)
-
-    vperm2i128  ymmA, ymmB, ymmE, 0x20  ; ymmA=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33
-                                        ;       04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37)
-    vperm2i128  ymmD, ymmG, ymmF, 0x20  ; ymmD=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B
-                                        ;       0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F)
-    vperm2i128  ymmC, ymmB, ymmE, 0x31  ; ymmC=(0G 1G 2G 3G 0H 1H 2H 3H 0I 1I 2I 3I 0J 1J 2J 3J
-                                        ;       0K 1K 2K 3K 0L 1L 2L 3L 0M 1M 2M 3M 0N 1N 2N 3N)
-    vperm2i128  ymmH, ymmG, ymmF, 0x31  ; ymmH=(0O 1O 2O 3O 0P 1P 2P 3P 0Q 1Q 2Q 3Q 0R 1R 2R 3R
-                                        ;       0S 1S 2S 3S 0T 1T 2T 3T 0U 1U 2U 3U 0V 1V 2V 3V)
-
-    cmp         ecx, byte SIZEOF_YMMWORD
-    jb          short .column_st64
-
-    test        edi, SIZEOF_YMMWORD-1
-    jnz         short .out1
-    ; --(aligned)-------------------
-    vmovntdq    YMMWORD [edi+0*SIZEOF_YMMWORD], ymmA
-    vmovntdq    YMMWORD [edi+1*SIZEOF_YMMWORD], ymmD
-    vmovntdq    YMMWORD [edi+2*SIZEOF_YMMWORD], ymmC
-    vmovntdq    YMMWORD [edi+3*SIZEOF_YMMWORD], ymmH
-    jmp         short .out0
-.out1:  ; --(unaligned)-----------------
-    vmovdqu     YMMWORD [edi+0*SIZEOF_YMMWORD], ymmA
-    vmovdqu     YMMWORD [edi+1*SIZEOF_YMMWORD], ymmD
-    vmovdqu     YMMWORD [edi+2*SIZEOF_YMMWORD], ymmC
-    vmovdqu     YMMWORD [edi+3*SIZEOF_YMMWORD], ymmH
-.out0:
-    add         edi, RGB_PIXELSIZE*SIZEOF_YMMWORD  ; outptr
-    sub         ecx, byte SIZEOF_YMMWORD
-    jz          near .nextrow
-
-    add         esi, byte SIZEOF_YMMWORD  ; inptr0
-    add         ebx, byte SIZEOF_YMMWORD  ; inptr1
-    add         edx, byte SIZEOF_YMMWORD  ; inptr2
-    jmp         near .columnloop
-    alignx      16, 7
-
-.column_st64:
-    cmp         ecx, byte SIZEOF_YMMWORD/2
-    jb          short .column_st32
-    vmovdqu     YMMWORD [edi+0*SIZEOF_YMMWORD], ymmA
-    vmovdqu     YMMWORD [edi+1*SIZEOF_YMMWORD], ymmD
-    add         edi, byte 2*SIZEOF_YMMWORD  ; outptr
-    vmovdqa     ymmA, ymmC
-    vmovdqa     ymmD, ymmH
-    sub         ecx, byte SIZEOF_YMMWORD/2
-.column_st32:
-    cmp         ecx, byte SIZEOF_YMMWORD/4
-    jb          short .column_st16
-    vmovdqu     YMMWORD [edi+0*SIZEOF_YMMWORD], ymmA
-    add         edi, byte SIZEOF_YMMWORD    ; outptr
-    vmovdqa     ymmA, ymmD
-    sub         ecx, byte SIZEOF_YMMWORD/4
-.column_st16:
-    cmp         ecx, byte SIZEOF_YMMWORD/8
-    jb          short .column_st15
-    vmovdqu     XMMWORD [edi+0*SIZEOF_XMMWORD], xmmA
-    vperm2i128  ymmA, ymmA, ymmA, 1
-    add         edi, byte SIZEOF_XMMWORD    ; outptr
-    sub         ecx, byte SIZEOF_YMMWORD/8
-.column_st15:
-    ; Store two pixels (8 bytes) of ymmA to the output when it has enough
-    ; space.
-    cmp         ecx, byte SIZEOF_YMMWORD/16
-    jb          short .column_st7
-    vmovq       MMWORD [edi], xmmA
-    add         edi, byte SIZEOF_YMMWORD/16*4
-    sub         ecx, byte SIZEOF_YMMWORD/16
-    vpsrldq     xmmA, SIZEOF_YMMWORD/16*4
-.column_st7:
-    ; Store one pixel (4 bytes) of ymmA to the output when it has enough
-    ; space.
-    test        ecx, ecx
-    jz          short .nextrow
-    vmovd       XMM_DWORD [edi], xmmA
-
-%endif  ; RGB_PIXELSIZE ; ---------------
-
-    alignx      16, 7
-
-.nextrow:
-    pop         ecx
-    pop         esi
-    pop         ebx
-    pop         edx
-    pop         edi
-    pop         eax
-
-    add         esi, byte SIZEOF_JSAMPROW
-    add         ebx, byte SIZEOF_JSAMPROW
-    add         edx, byte SIZEOF_JSAMPROW
-    add         edi, byte SIZEOF_JSAMPROW  ; output_buf
-    dec         eax                        ; num_rows
-    jg          near .rowloop
-
-    sfence                              ; flush the write buffer
-
-.return:
-    vzeroupper
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdcolext-mmx.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdcolext-mmx.asm
deleted file mode 100644
index 5813cfc..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdcolext-mmx.asm
+++ /dev/null
@@ -1,404 +0,0 @@
-;
-; jdcolext.asm - colorspace conversion (MMX)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jcolsamp.inc"
-
-; --------------------------------------------------------------------------
-;
-; Convert some rows of samples to the output colorspace.
-;
-; GLOBAL(void)
-; jsimd_ycc_rgb_convert_mmx(JDIMENSION out_width, JSAMPIMAGE input_buf,
-;                           JDIMENSION input_row, JSAMPARRAY output_buf,
-;                           int num_rows)
-;
-
-%define out_width(b)   (b) + 8          ; JDIMENSION out_width
-%define input_buf(b)   (b) + 12         ; JSAMPIMAGE input_buf
-%define input_row(b)   (b) + 16         ; JDIMENSION input_row
-%define output_buf(b)  (b) + 20         ; JSAMPARRAY output_buf
-%define num_rows(b)    (b) + 24         ; int num_rows
-
-%define original_ebp   ebp + 0
-%define wk(i)          ebp - (WK_NUM - (i)) * SIZEOF_MMWORD
-                                        ; mmword wk[WK_NUM]
-%define WK_NUM         2
-%define gotptr         wk(0) - SIZEOF_POINTER  ; void * gotptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_ycc_rgb_convert_mmx)
-
-EXTN(jsimd_ycc_rgb_convert_mmx):
-    push        ebp
-    mov         eax, esp                    ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_MMWORD)  ; align to 64 bits
-    mov         [esp], eax
-    mov         ebp, esp                    ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     eax                     ; make a room for GOT address
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-    movpic      POINTER [gotptr], ebx   ; save GOT address
-
-    mov         ecx, JDIMENSION [out_width(eax)]  ; num_cols
-    test        ecx, ecx
-    jz          near .return
-
-    push        ecx
-
-    mov         edi, JSAMPIMAGE [input_buf(eax)]
-    mov         ecx, JDIMENSION [input_row(eax)]
-    mov         esi, JSAMPARRAY [edi+0*SIZEOF_JSAMPARRAY]
-    mov         ebx, JSAMPARRAY [edi+1*SIZEOF_JSAMPARRAY]
-    mov         edx, JSAMPARRAY [edi+2*SIZEOF_JSAMPARRAY]
-    lea         esi, [esi+ecx*SIZEOF_JSAMPROW]
-    lea         ebx, [ebx+ecx*SIZEOF_JSAMPROW]
-    lea         edx, [edx+ecx*SIZEOF_JSAMPROW]
-
-    pop         ecx
-
-    mov         edi, JSAMPARRAY [output_buf(eax)]
-    mov         eax, INT [num_rows(eax)]
-    test        eax, eax
-    jle         near .return
-    alignx      16, 7
-.rowloop:
-    push        eax
-    push        edi
-    push        edx
-    push        ebx
-    push        esi
-    push        ecx                     ; col
-
-    mov         esi, JSAMPROW [esi]     ; inptr0
-    mov         ebx, JSAMPROW [ebx]     ; inptr1
-    mov         edx, JSAMPROW [edx]     ; inptr2
-    mov         edi, JSAMPROW [edi]     ; outptr
-    movpic      eax, POINTER [gotptr]   ; load GOT address (eax)
-    alignx      16, 7
-.columnloop:
-
-    movq        mm5, MMWORD [ebx]       ; mm5=Cb(01234567)
-    movq        mm1, MMWORD [edx]       ; mm1=Cr(01234567)
-
-    pcmpeqw     mm4, mm4
-    pcmpeqw     mm7, mm7
-    psrlw       mm4, BYTE_BIT
-    psllw       mm7, 7                  ; mm7={0xFF80 0xFF80 0xFF80 0xFF80}
-    movq        mm0, mm4                ; mm0=mm4={0xFF 0x00 0xFF 0x00 ..}
-
-    pand        mm4, mm5                ; mm4=Cb(0246)=CbE
-    psrlw       mm5, BYTE_BIT           ; mm5=Cb(1357)=CbO
-    pand        mm0, mm1                ; mm0=Cr(0246)=CrE
-    psrlw       mm1, BYTE_BIT           ; mm1=Cr(1357)=CrO
-
-    paddw       mm4, mm7
-    paddw       mm5, mm7
-    paddw       mm0, mm7
-    paddw       mm1, mm7
-
-    ; (Original)
-    ; R = Y                + 1.40200 * Cr
-    ; G = Y - 0.34414 * Cb - 0.71414 * Cr
-    ; B = Y + 1.77200 * Cb
-    ;
-    ; (This implementation)
-    ; R = Y                + 0.40200 * Cr + Cr
-    ; G = Y - 0.34414 * Cb + 0.28586 * Cr - Cr
-    ; B = Y - 0.22800 * Cb + Cb + Cb
-
-    movq        mm2, mm4                ; mm2=CbE
-    movq        mm3, mm5                ; mm3=CbO
-    paddw       mm4, mm4                ; mm4=2*CbE
-    paddw       mm5, mm5                ; mm5=2*CbO
-    movq        mm6, mm0                ; mm6=CrE
-    movq        mm7, mm1                ; mm7=CrO
-    paddw       mm0, mm0                ; mm0=2*CrE
-    paddw       mm1, mm1                ; mm1=2*CrO
-
-    pmulhw      mm4, [GOTOFF(eax,PW_MF0228)]  ; mm4=(2*CbE * -FIX(0.22800))
-    pmulhw      mm5, [GOTOFF(eax,PW_MF0228)]  ; mm5=(2*CbO * -FIX(0.22800))
-    pmulhw      mm0, [GOTOFF(eax,PW_F0402)]   ; mm0=(2*CrE * FIX(0.40200))
-    pmulhw      mm1, [GOTOFF(eax,PW_F0402)]   ; mm1=(2*CrO * FIX(0.40200))
-
-    paddw       mm4, [GOTOFF(eax,PW_ONE)]
-    paddw       mm5, [GOTOFF(eax,PW_ONE)]
-    psraw       mm4, 1                  ; mm4=(CbE * -FIX(0.22800))
-    psraw       mm5, 1                  ; mm5=(CbO * -FIX(0.22800))
-    paddw       mm0, [GOTOFF(eax,PW_ONE)]
-    paddw       mm1, [GOTOFF(eax,PW_ONE)]
-    psraw       mm0, 1                  ; mm0=(CrE * FIX(0.40200))
-    psraw       mm1, 1                  ; mm1=(CrO * FIX(0.40200))
-
-    paddw       mm4, mm2
-    paddw       mm5, mm3
-    paddw       mm4, mm2                ; mm4=(CbE * FIX(1.77200))=(B-Y)E
-    paddw       mm5, mm3                ; mm5=(CbO * FIX(1.77200))=(B-Y)O
-    paddw       mm0, mm6                ; mm0=(CrE * FIX(1.40200))=(R-Y)E
-    paddw       mm1, mm7                ; mm1=(CrO * FIX(1.40200))=(R-Y)O
-
-    movq        MMWORD [wk(0)], mm4     ; wk(0)=(B-Y)E
-    movq        MMWORD [wk(1)], mm5     ; wk(1)=(B-Y)O
-
-    movq        mm4, mm2
-    movq        mm5, mm3
-    punpcklwd   mm2, mm6
-    punpckhwd   mm4, mm6
-    pmaddwd     mm2, [GOTOFF(eax,PW_MF0344_F0285)]
-    pmaddwd     mm4, [GOTOFF(eax,PW_MF0344_F0285)]
-    punpcklwd   mm3, mm7
-    punpckhwd   mm5, mm7
-    pmaddwd     mm3, [GOTOFF(eax,PW_MF0344_F0285)]
-    pmaddwd     mm5, [GOTOFF(eax,PW_MF0344_F0285)]
-
-    paddd       mm2, [GOTOFF(eax,PD_ONEHALF)]
-    paddd       mm4, [GOTOFF(eax,PD_ONEHALF)]
-    psrad       mm2, SCALEBITS
-    psrad       mm4, SCALEBITS
-    paddd       mm3, [GOTOFF(eax,PD_ONEHALF)]
-    paddd       mm5, [GOTOFF(eax,PD_ONEHALF)]
-    psrad       mm3, SCALEBITS
-    psrad       mm5, SCALEBITS
-
-    packssdw    mm2, mm4                ; mm2=CbE*-FIX(0.344)+CrE*FIX(0.285)
-    packssdw    mm3, mm5                ; mm3=CbO*-FIX(0.344)+CrO*FIX(0.285)
-    psubw       mm2, mm6                ; mm2=CbE*-FIX(0.344)+CrE*-FIX(0.714)=(G-Y)E
-    psubw       mm3, mm7                ; mm3=CbO*-FIX(0.344)+CrO*-FIX(0.714)=(G-Y)O
-
-    movq        mm5, MMWORD [esi]       ; mm5=Y(01234567)
-
-    pcmpeqw     mm4, mm4
-    psrlw       mm4, BYTE_BIT           ; mm4={0xFF 0x00 0xFF 0x00 ..}
-    pand        mm4, mm5                ; mm4=Y(0246)=YE
-    psrlw       mm5, BYTE_BIT           ; mm5=Y(1357)=YO
-
-    paddw       mm0, mm4                ; mm0=((R-Y)E+YE)=RE=(R0 R2 R4 R6)
-    paddw       mm1, mm5                ; mm1=((R-Y)O+YO)=RO=(R1 R3 R5 R7)
-    packuswb    mm0, mm0                ; mm0=(R0 R2 R4 R6 ** ** ** **)
-    packuswb    mm1, mm1                ; mm1=(R1 R3 R5 R7 ** ** ** **)
-
-    paddw       mm2, mm4                ; mm2=((G-Y)E+YE)=GE=(G0 G2 G4 G6)
-    paddw       mm3, mm5                ; mm3=((G-Y)O+YO)=GO=(G1 G3 G5 G7)
-    packuswb    mm2, mm2                ; mm2=(G0 G2 G4 G6 ** ** ** **)
-    packuswb    mm3, mm3                ; mm3=(G1 G3 G5 G7 ** ** ** **)
-
-    paddw       mm4,  MMWORD [wk(0)]    ; mm4=(YE+(B-Y)E)=BE=(B0 B2 B4 B6)
-    paddw       mm5,  MMWORD [wk(1)]    ; mm5=(YO+(B-Y)O)=BO=(B1 B3 B5 B7)
-    packuswb    mm4, mm4                ; mm4=(B0 B2 B4 B6 ** ** ** **)
-    packuswb    mm5, mm5                ; mm5=(B1 B3 B5 B7 ** ** ** **)
-
-%if RGB_PIXELSIZE == 3  ; ---------------
-
-    ; mmA=(00 02 04 06 ** ** ** **), mmB=(01 03 05 07 ** ** ** **)
-    ; mmC=(10 12 14 16 ** ** ** **), mmD=(11 13 15 17 ** ** ** **)
-    ; mmE=(20 22 24 26 ** ** ** **), mmF=(21 23 25 27 ** ** ** **)
-    ; mmG=(** ** ** ** ** ** ** **), mmH=(** ** ** ** ** ** ** **)
-
-    punpcklbw   mmA, mmC                ; mmA=(00 10 02 12 04 14 06 16)
-    punpcklbw   mmE, mmB                ; mmE=(20 01 22 03 24 05 26 07)
-    punpcklbw   mmD, mmF                ; mmD=(11 21 13 23 15 25 17 27)
-
-    movq        mmG, mmA
-    movq        mmH, mmA
-    punpcklwd   mmA, mmE                ; mmA=(00 10 20 01 02 12 22 03)
-    punpckhwd   mmG, mmE                ; mmG=(04 14 24 05 06 16 26 07)
-
-    psrlq       mmH, 2*BYTE_BIT         ; mmH=(02 12 04 14 06 16 -- --)
-    psrlq       mmE, 2*BYTE_BIT         ; mmE=(22 03 24 05 26 07 -- --)
-
-    movq        mmC, mmD
-    movq        mmB, mmD
-    punpcklwd   mmD, mmH                ; mmD=(11 21 02 12 13 23 04 14)
-    punpckhwd   mmC, mmH                ; mmC=(15 25 06 16 17 27 -- --)
-
-    psrlq       mmB, 2*BYTE_BIT         ; mmB=(13 23 15 25 17 27 -- --)
-
-    movq        mmF, mmE
-    punpcklwd   mmE, mmB                ; mmE=(22 03 13 23 24 05 15 25)
-    punpckhwd   mmF, mmB                ; mmF=(26 07 17 27 -- -- -- --)
-
-    punpckldq   mmA, mmD                ; mmA=(00 10 20 01 11 21 02 12)
-    punpckldq   mmE, mmG                ; mmE=(22 03 13 23 04 14 24 05)
-    punpckldq   mmC, mmF                ; mmC=(15 25 06 16 26 07 17 27)
-
-    cmp         ecx, byte SIZEOF_MMWORD
-    jb          short .column_st16
-
-    movq        MMWORD [edi+0*SIZEOF_MMWORD], mmA
-    movq        MMWORD [edi+1*SIZEOF_MMWORD], mmE
-    movq        MMWORD [edi+2*SIZEOF_MMWORD], mmC
-
-    sub         ecx, byte SIZEOF_MMWORD
-    jz          short .nextrow
-
-    add         esi, byte SIZEOF_MMWORD                ; inptr0
-    add         ebx, byte SIZEOF_MMWORD                ; inptr1
-    add         edx, byte SIZEOF_MMWORD                ; inptr2
-    add         edi, byte RGB_PIXELSIZE*SIZEOF_MMWORD  ; outptr
-    jmp         near .columnloop
-    alignx      16, 7
-
-.column_st16:
-    lea         ecx, [ecx+ecx*2]        ; imul ecx, RGB_PIXELSIZE
-    cmp         ecx, byte 2*SIZEOF_MMWORD
-    jb          short .column_st8
-    movq        MMWORD [edi+0*SIZEOF_MMWORD], mmA
-    movq        MMWORD [edi+1*SIZEOF_MMWORD], mmE
-    movq        mmA, mmC
-    sub         ecx, byte 2*SIZEOF_MMWORD
-    add         edi, byte 2*SIZEOF_MMWORD
-    jmp         short .column_st4
-.column_st8:
-    cmp         ecx, byte SIZEOF_MMWORD
-    jb          short .column_st4
-    movq        MMWORD [edi+0*SIZEOF_MMWORD], mmA
-    movq        mmA, mmE
-    sub         ecx, byte SIZEOF_MMWORD
-    add         edi, byte SIZEOF_MMWORD
-.column_st4:
-    movd        eax, mmA
-    cmp         ecx, byte SIZEOF_DWORD
-    jb          short .column_st2
-    mov         dword [edi+0*SIZEOF_DWORD], eax
-    psrlq       mmA, DWORD_BIT
-    movd        eax, mmA
-    sub         ecx, byte SIZEOF_DWORD
-    add         edi, byte SIZEOF_DWORD
-.column_st2:
-    cmp         ecx, byte SIZEOF_WORD
-    jb          short .column_st1
-    mov         word [edi+0*SIZEOF_WORD], ax
-    shr         eax, WORD_BIT
-    sub         ecx, byte SIZEOF_WORD
-    add         edi, byte SIZEOF_WORD
-.column_st1:
-    cmp         ecx, byte SIZEOF_BYTE
-    jb          short .nextrow
-    mov         byte [edi+0*SIZEOF_BYTE], al
-
-%else  ; RGB_PIXELSIZE == 4 ; -----------
-
-%ifdef RGBX_FILLER_0XFF
-    pcmpeqb     mm6, mm6                ; mm6=(X0 X2 X4 X6 ** ** ** **)
-    pcmpeqb     mm7, mm7                ; mm7=(X1 X3 X5 X7 ** ** ** **)
-%else
-    pxor        mm6, mm6                ; mm6=(X0 X2 X4 X6 ** ** ** **)
-    pxor        mm7, mm7                ; mm7=(X1 X3 X5 X7 ** ** ** **)
-%endif
-    ; mmA=(00 02 04 06 ** ** ** **), mmB=(01 03 05 07 ** ** ** **)
-    ; mmC=(10 12 14 16 ** ** ** **), mmD=(11 13 15 17 ** ** ** **)
-    ; mmE=(20 22 24 26 ** ** ** **), mmF=(21 23 25 27 ** ** ** **)
-    ; mmG=(30 32 34 36 ** ** ** **), mmH=(31 33 35 37 ** ** ** **)
-
-    punpcklbw   mmA, mmC                ; mmA=(00 10 02 12 04 14 06 16)
-    punpcklbw   mmE, mmG                ; mmE=(20 30 22 32 24 34 26 36)
-    punpcklbw   mmB, mmD                ; mmB=(01 11 03 13 05 15 07 17)
-    punpcklbw   mmF, mmH                ; mmF=(21 31 23 33 25 35 27 37)
-
-    movq        mmC, mmA
-    punpcklwd   mmA, mmE                ; mmA=(00 10 20 30 02 12 22 32)
-    punpckhwd   mmC, mmE                ; mmC=(04 14 24 34 06 16 26 36)
-    movq        mmG, mmB
-    punpcklwd   mmB, mmF                ; mmB=(01 11 21 31 03 13 23 33)
-    punpckhwd   mmG, mmF                ; mmG=(05 15 25 35 07 17 27 37)
-
-    movq        mmD, mmA
-    punpckldq   mmA, mmB                ; mmA=(00 10 20 30 01 11 21 31)
-    punpckhdq   mmD, mmB                ; mmD=(02 12 22 32 03 13 23 33)
-    movq        mmH, mmC
-    punpckldq   mmC, mmG                ; mmC=(04 14 24 34 05 15 25 35)
-    punpckhdq   mmH, mmG                ; mmH=(06 16 26 36 07 17 27 37)
-
-    cmp         ecx, byte SIZEOF_MMWORD
-    jb          short .column_st16
-
-    movq        MMWORD [edi+0*SIZEOF_MMWORD], mmA
-    movq        MMWORD [edi+1*SIZEOF_MMWORD], mmD
-    movq        MMWORD [edi+2*SIZEOF_MMWORD], mmC
-    movq        MMWORD [edi+3*SIZEOF_MMWORD], mmH
-
-    sub         ecx, byte SIZEOF_MMWORD
-    jz          short .nextrow
-
-    add         esi, byte SIZEOF_MMWORD                ; inptr0
-    add         ebx, byte SIZEOF_MMWORD                ; inptr1
-    add         edx, byte SIZEOF_MMWORD                ; inptr2
-    add         edi, byte RGB_PIXELSIZE*SIZEOF_MMWORD  ; outptr
-    jmp         near .columnloop
-    alignx      16, 7
-
-.column_st16:
-    cmp         ecx, byte SIZEOF_MMWORD/2
-    jb          short .column_st8
-    movq        MMWORD [edi+0*SIZEOF_MMWORD], mmA
-    movq        MMWORD [edi+1*SIZEOF_MMWORD], mmD
-    movq        mmA, mmC
-    movq        mmD, mmH
-    sub         ecx, byte SIZEOF_MMWORD/2
-    add         edi, byte 2*SIZEOF_MMWORD
-.column_st8:
-    cmp         ecx, byte SIZEOF_MMWORD/4
-    jb          short .column_st4
-    movq        MMWORD [edi+0*SIZEOF_MMWORD], mmA
-    movq        mmA, mmD
-    sub         ecx, byte SIZEOF_MMWORD/4
-    add         edi, byte 1*SIZEOF_MMWORD
-.column_st4:
-    cmp         ecx, byte SIZEOF_MMWORD/8
-    jb          short .nextrow
-    movd        dword [edi+0*SIZEOF_DWORD], mmA
-
-%endif  ; RGB_PIXELSIZE ; ---------------
-
-    alignx      16, 7
-
-.nextrow:
-    pop         ecx
-    pop         esi
-    pop         ebx
-    pop         edx
-    pop         edi
-    pop         eax
-
-    add         esi, byte SIZEOF_JSAMPROW
-    add         ebx, byte SIZEOF_JSAMPROW
-    add         edx, byte SIZEOF_JSAMPROW
-    add         edi, byte SIZEOF_JSAMPROW  ; output_buf
-    dec         eax                        ; num_rows
-    jg          near .rowloop
-
-    emms                                ; empty MMX state
-
-.return:
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdcolext-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdcolext-sse2.asm
deleted file mode 100644
index d5572b3..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdcolext-sse2.asm
+++ /dev/null
@@ -1,458 +0,0 @@
-;
-; jdcolext.asm - colorspace conversion (SSE2)
-;
-; Copyright 2009, 2012 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2012, 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jcolsamp.inc"
-
-; --------------------------------------------------------------------------
-;
-; Convert some rows of samples to the output colorspace.
-;
-; GLOBAL(void)
-; jsimd_ycc_rgb_convert_sse2(JDIMENSION out_width, JSAMPIMAGE input_buf,
-;                            JDIMENSION input_row, JSAMPARRAY output_buf,
-;                            int num_rows)
-;
-
-%define out_width(b)   (b) + 8          ; JDIMENSION out_width
-%define input_buf(b)   (b) + 12         ; JSAMPIMAGE input_buf
-%define input_row(b)   (b) + 16         ; JDIMENSION input_row
-%define output_buf(b)  (b) + 20         ; JSAMPARRAY output_buf
-%define num_rows(b)    (b) + 24         ; int num_rows
-
-%define original_ebp   ebp + 0
-%define wk(i)          ebp - (WK_NUM - (i)) * SIZEOF_XMMWORD
-                                        ; xmmword wk[WK_NUM]
-%define WK_NUM         2
-%define gotptr         wk(0) - SIZEOF_POINTER  ; void * gotptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_ycc_rgb_convert_sse2)
-
-EXTN(jsimd_ycc_rgb_convert_sse2):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     eax                     ; make a room for GOT address
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-    movpic      POINTER [gotptr], ebx   ; save GOT address
-
-    mov         ecx, JDIMENSION [out_width(eax)]  ; num_cols
-    test        ecx, ecx
-    jz          near .return
-
-    push        ecx
-
-    mov         edi, JSAMPIMAGE [input_buf(eax)]
-    mov         ecx, JDIMENSION [input_row(eax)]
-    mov         esi, JSAMPARRAY [edi+0*SIZEOF_JSAMPARRAY]
-    mov         ebx, JSAMPARRAY [edi+1*SIZEOF_JSAMPARRAY]
-    mov         edx, JSAMPARRAY [edi+2*SIZEOF_JSAMPARRAY]
-    lea         esi, [esi+ecx*SIZEOF_JSAMPROW]
-    lea         ebx, [ebx+ecx*SIZEOF_JSAMPROW]
-    lea         edx, [edx+ecx*SIZEOF_JSAMPROW]
-
-    pop         ecx
-
-    mov         edi, JSAMPARRAY [output_buf(eax)]
-    mov         eax, INT [num_rows(eax)]
-    test        eax, eax
-    jle         near .return
-    alignx      16, 7
-.rowloop:
-    push        eax
-    push        edi
-    push        edx
-    push        ebx
-    push        esi
-    push        ecx                     ; col
-
-    mov         esi, JSAMPROW [esi]     ; inptr0
-    mov         ebx, JSAMPROW [ebx]     ; inptr1
-    mov         edx, JSAMPROW [edx]     ; inptr2
-    mov         edi, JSAMPROW [edi]     ; outptr
-    movpic      eax, POINTER [gotptr]   ; load GOT address (eax)
-    alignx      16, 7
-.columnloop:
-
-    movdqa      xmm5, XMMWORD [ebx]     ; xmm5=Cb(0123456789ABCDEF)
-    movdqa      xmm1, XMMWORD [edx]     ; xmm1=Cr(0123456789ABCDEF)
-
-    pcmpeqw     xmm4, xmm4
-    pcmpeqw     xmm7, xmm7
-    psrlw       xmm4, BYTE_BIT
-    psllw       xmm7, 7                 ; xmm7={0xFF80 0xFF80 0xFF80 0xFF80 ..}
-    movdqa      xmm0, xmm4              ; xmm0=xmm4={0xFF 0x00 0xFF 0x00 ..}
-
-    pand        xmm4, xmm5              ; xmm4=Cb(02468ACE)=CbE
-    psrlw       xmm5, BYTE_BIT          ; xmm5=Cb(13579BDF)=CbO
-    pand        xmm0, xmm1              ; xmm0=Cr(02468ACE)=CrE
-    psrlw       xmm1, BYTE_BIT          ; xmm1=Cr(13579BDF)=CrO
-
-    paddw       xmm4, xmm7
-    paddw       xmm5, xmm7
-    paddw       xmm0, xmm7
-    paddw       xmm1, xmm7
-
-    ; (Original)
-    ; R = Y                + 1.40200 * Cr
-    ; G = Y - 0.34414 * Cb - 0.71414 * Cr
-    ; B = Y + 1.77200 * Cb
-    ;
-    ; (This implementation)
-    ; R = Y                + 0.40200 * Cr + Cr
-    ; G = Y - 0.34414 * Cb + 0.28586 * Cr - Cr
-    ; B = Y - 0.22800 * Cb + Cb + Cb
-
-    movdqa      xmm2, xmm4              ; xmm2=CbE
-    movdqa      xmm3, xmm5              ; xmm3=CbO
-    paddw       xmm4, xmm4              ; xmm4=2*CbE
-    paddw       xmm5, xmm5              ; xmm5=2*CbO
-    movdqa      xmm6, xmm0              ; xmm6=CrE
-    movdqa      xmm7, xmm1              ; xmm7=CrO
-    paddw       xmm0, xmm0              ; xmm0=2*CrE
-    paddw       xmm1, xmm1              ; xmm1=2*CrO
-
-    pmulhw      xmm4, [GOTOFF(eax,PW_MF0228)]  ; xmm4=(2*CbE * -FIX(0.22800))
-    pmulhw      xmm5, [GOTOFF(eax,PW_MF0228)]  ; xmm5=(2*CbO * -FIX(0.22800))
-    pmulhw      xmm0, [GOTOFF(eax,PW_F0402)]   ; xmm0=(2*CrE * FIX(0.40200))
-    pmulhw      xmm1, [GOTOFF(eax,PW_F0402)]   ; xmm1=(2*CrO * FIX(0.40200))
-
-    paddw       xmm4, [GOTOFF(eax,PW_ONE)]
-    paddw       xmm5, [GOTOFF(eax,PW_ONE)]
-    psraw       xmm4, 1                 ; xmm4=(CbE * -FIX(0.22800))
-    psraw       xmm5, 1                 ; xmm5=(CbO * -FIX(0.22800))
-    paddw       xmm0, [GOTOFF(eax,PW_ONE)]
-    paddw       xmm1, [GOTOFF(eax,PW_ONE)]
-    psraw       xmm0, 1                 ; xmm0=(CrE * FIX(0.40200))
-    psraw       xmm1, 1                 ; xmm1=(CrO * FIX(0.40200))
-
-    paddw       xmm4, xmm2
-    paddw       xmm5, xmm3
-    paddw       xmm4, xmm2              ; xmm4=(CbE * FIX(1.77200))=(B-Y)E
-    paddw       xmm5, xmm3              ; xmm5=(CbO * FIX(1.77200))=(B-Y)O
-    paddw       xmm0, xmm6              ; xmm0=(CrE * FIX(1.40200))=(R-Y)E
-    paddw       xmm1, xmm7              ; xmm1=(CrO * FIX(1.40200))=(R-Y)O
-
-    movdqa      XMMWORD [wk(0)], xmm4   ; wk(0)=(B-Y)E
-    movdqa      XMMWORD [wk(1)], xmm5   ; wk(1)=(B-Y)O
-
-    movdqa      xmm4, xmm2
-    movdqa      xmm5, xmm3
-    punpcklwd   xmm2, xmm6
-    punpckhwd   xmm4, xmm6
-    pmaddwd     xmm2, [GOTOFF(eax,PW_MF0344_F0285)]
-    pmaddwd     xmm4, [GOTOFF(eax,PW_MF0344_F0285)]
-    punpcklwd   xmm3, xmm7
-    punpckhwd   xmm5, xmm7
-    pmaddwd     xmm3, [GOTOFF(eax,PW_MF0344_F0285)]
-    pmaddwd     xmm5, [GOTOFF(eax,PW_MF0344_F0285)]
-
-    paddd       xmm2, [GOTOFF(eax,PD_ONEHALF)]
-    paddd       xmm4, [GOTOFF(eax,PD_ONEHALF)]
-    psrad       xmm2, SCALEBITS
-    psrad       xmm4, SCALEBITS
-    paddd       xmm3, [GOTOFF(eax,PD_ONEHALF)]
-    paddd       xmm5, [GOTOFF(eax,PD_ONEHALF)]
-    psrad       xmm3, SCALEBITS
-    psrad       xmm5, SCALEBITS
-
-    packssdw    xmm2, xmm4              ; xmm2=CbE*-FIX(0.344)+CrE*FIX(0.285)
-    packssdw    xmm3, xmm5              ; xmm3=CbO*-FIX(0.344)+CrO*FIX(0.285)
-    psubw       xmm2, xmm6              ; xmm2=CbE*-FIX(0.344)+CrE*-FIX(0.714)=(G-Y)E
-    psubw       xmm3, xmm7              ; xmm3=CbO*-FIX(0.344)+CrO*-FIX(0.714)=(G-Y)O
-
-    movdqa      xmm5, XMMWORD [esi]     ; xmm5=Y(0123456789ABCDEF)
-
-    pcmpeqw     xmm4, xmm4
-    psrlw       xmm4, BYTE_BIT          ; xmm4={0xFF 0x00 0xFF 0x00 ..}
-    pand        xmm4, xmm5              ; xmm4=Y(02468ACE)=YE
-    psrlw       xmm5, BYTE_BIT          ; xmm5=Y(13579BDF)=YO
-
-    paddw       xmm0, xmm4              ; xmm0=((R-Y)E+YE)=RE=R(02468ACE)
-    paddw       xmm1, xmm5              ; xmm1=((R-Y)O+YO)=RO=R(13579BDF)
-    packuswb    xmm0, xmm0              ; xmm0=R(02468ACE********)
-    packuswb    xmm1, xmm1              ; xmm1=R(13579BDF********)
-
-    paddw       xmm2, xmm4              ; xmm2=((G-Y)E+YE)=GE=G(02468ACE)
-    paddw       xmm3, xmm5              ; xmm3=((G-Y)O+YO)=GO=G(13579BDF)
-    packuswb    xmm2, xmm2              ; xmm2=G(02468ACE********)
-    packuswb    xmm3, xmm3              ; xmm3=G(13579BDF********)
-
-    paddw       xmm4, XMMWORD [wk(0)]   ; xmm4=(YE+(B-Y)E)=BE=B(02468ACE)
-    paddw       xmm5, XMMWORD [wk(1)]   ; xmm5=(YO+(B-Y)O)=BO=B(13579BDF)
-    packuswb    xmm4, xmm4              ; xmm4=B(02468ACE********)
-    packuswb    xmm5, xmm5              ; xmm5=B(13579BDF********)
-
-%if RGB_PIXELSIZE == 3  ; ---------------
-
-    ; xmmA=(00 02 04 06 08 0A 0C 0E **), xmmB=(01 03 05 07 09 0B 0D 0F **)
-    ; xmmC=(10 12 14 16 18 1A 1C 1E **), xmmD=(11 13 15 17 19 1B 1D 1F **)
-    ; xmmE=(20 22 24 26 28 2A 2C 2E **), xmmF=(21 23 25 27 29 2B 2D 2F **)
-    ; xmmG=(** ** ** ** ** ** ** ** **), xmmH=(** ** ** ** ** ** ** ** **)
-
-    punpcklbw   xmmA, xmmC        ; xmmA=(00 10 02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E)
-    punpcklbw   xmmE, xmmB        ; xmmE=(20 01 22 03 24 05 26 07 28 09 2A 0B 2C 0D 2E 0F)
-    punpcklbw   xmmD, xmmF        ; xmmD=(11 21 13 23 15 25 17 27 19 29 1B 2B 1D 2D 1F 2F)
-
-    movdqa      xmmG, xmmA
-    movdqa      xmmH, xmmA
-    punpcklwd   xmmA, xmmE        ; xmmA=(00 10 20 01 02 12 22 03 04 14 24 05 06 16 26 07)
-    punpckhwd   xmmG, xmmE        ; xmmG=(08 18 28 09 0A 1A 2A 0B 0C 1C 2C 0D 0E 1E 2E 0F)
-
-    psrldq      xmmH, 2           ; xmmH=(02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E -- --)
-    psrldq      xmmE, 2           ; xmmE=(22 03 24 05 26 07 28 09 2A 0B 2C 0D 2E 0F -- --)
-
-    movdqa      xmmC, xmmD
-    movdqa      xmmB, xmmD
-    punpcklwd   xmmD, xmmH        ; xmmD=(11 21 02 12 13 23 04 14 15 25 06 16 17 27 08 18)
-    punpckhwd   xmmC, xmmH        ; xmmC=(19 29 0A 1A 1B 2B 0C 1C 1D 2D 0E 1E 1F 2F -- --)
-
-    psrldq      xmmB, 2           ; xmmB=(13 23 15 25 17 27 19 29 1B 2B 1D 2D 1F 2F -- --)
-
-    movdqa      xmmF, xmmE
-    punpcklwd   xmmE, xmmB        ; xmmE=(22 03 13 23 24 05 15 25 26 07 17 27 28 09 19 29)
-    punpckhwd   xmmF, xmmB        ; xmmF=(2A 0B 1B 2B 2C 0D 1D 2D 2E 0F 1F 2F -- -- -- --)
-
-    pshufd      xmmH, xmmA, 0x4E  ; xmmH=(04 14 24 05 06 16 26 07 00 10 20 01 02 12 22 03)
-    movdqa      xmmB, xmmE
-    punpckldq   xmmA, xmmD        ; xmmA=(00 10 20 01 11 21 02 12 02 12 22 03 13 23 04 14)
-    punpckldq   xmmE, xmmH        ; xmmE=(22 03 13 23 04 14 24 05 24 05 15 25 06 16 26 07)
-    punpckhdq   xmmD, xmmB        ; xmmD=(15 25 06 16 26 07 17 27 17 27 08 18 28 09 19 29)
-
-    pshufd      xmmH, xmmG, 0x4E  ; xmmH=(0C 1C 2C 0D 0E 1E 2E 0F 08 18 28 09 0A 1A 2A 0B)
-    movdqa      xmmB, xmmF
-    punpckldq   xmmG, xmmC        ; xmmG=(08 18 28 09 19 29 0A 1A 0A 1A 2A 0B 1B 2B 0C 1C)
-    punpckldq   xmmF, xmmH        ; xmmF=(2A 0B 1B 2B 0C 1C 2C 0D 2C 0D 1D 2D 0E 1E 2E 0F)
-    punpckhdq   xmmC, xmmB        ; xmmC=(1D 2D 0E 1E 2E 0F 1F 2F 1F 2F -- -- -- -- -- --)
-
-    punpcklqdq  xmmA, xmmE        ; xmmA=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05)
-    punpcklqdq  xmmD, xmmG        ; xmmD=(15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A)
-    punpcklqdq  xmmF, xmmC        ; xmmF=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F)
-
-    cmp         ecx, byte SIZEOF_XMMWORD
-    jb          short .column_st32
-
-    test        edi, SIZEOF_XMMWORD-1
-    jnz         short .out1
-    ; --(aligned)-------------------
-    movntdq     XMMWORD [edi+0*SIZEOF_XMMWORD], xmmA
-    movntdq     XMMWORD [edi+1*SIZEOF_XMMWORD], xmmD
-    movntdq     XMMWORD [edi+2*SIZEOF_XMMWORD], xmmF
-    jmp         short .out0
-.out1:  ; --(unaligned)-----------------
-    movdqu      XMMWORD [edi+0*SIZEOF_XMMWORD], xmmA
-    movdqu      XMMWORD [edi+1*SIZEOF_XMMWORD], xmmD
-    movdqu      XMMWORD [edi+2*SIZEOF_XMMWORD], xmmF
-.out0:
-    add         edi, byte RGB_PIXELSIZE*SIZEOF_XMMWORD  ; outptr
-    sub         ecx, byte SIZEOF_XMMWORD
-    jz          near .nextrow
-
-    add         esi, byte SIZEOF_XMMWORD  ; inptr0
-    add         ebx, byte SIZEOF_XMMWORD  ; inptr1
-    add         edx, byte SIZEOF_XMMWORD  ; inptr2
-    jmp         near .columnloop
-    alignx      16, 7
-
-.column_st32:
-    lea         ecx, [ecx+ecx*2]        ; imul ecx, RGB_PIXELSIZE
-    cmp         ecx, byte 2*SIZEOF_XMMWORD
-    jb          short .column_st16
-    movdqu      XMMWORD [edi+0*SIZEOF_XMMWORD], xmmA
-    movdqu      XMMWORD [edi+1*SIZEOF_XMMWORD], xmmD
-    add         edi, byte 2*SIZEOF_XMMWORD  ; outptr
-    movdqa      xmmA, xmmF
-    sub         ecx, byte 2*SIZEOF_XMMWORD
-    jmp         short .column_st15
-.column_st16:
-    cmp         ecx, byte SIZEOF_XMMWORD
-    jb          short .column_st15
-    movdqu      XMMWORD [edi+0*SIZEOF_XMMWORD], xmmA
-    add         edi, byte SIZEOF_XMMWORD    ; outptr
-    movdqa      xmmA, xmmD
-    sub         ecx, byte SIZEOF_XMMWORD
-.column_st15:
-    ; Store the lower 8 bytes of xmmA to the output when it has enough
-    ; space.
-    cmp         ecx, byte SIZEOF_MMWORD
-    jb          short .column_st7
-    movq        XMM_MMWORD [edi], xmmA
-    add         edi, byte SIZEOF_MMWORD
-    sub         ecx, byte SIZEOF_MMWORD
-    psrldq      xmmA, SIZEOF_MMWORD
-.column_st7:
-    ; Store the lower 4 bytes of xmmA to the output when it has enough
-    ; space.
-    cmp         ecx, byte SIZEOF_DWORD
-    jb          short .column_st3
-    movd        XMM_DWORD [edi], xmmA
-    add         edi, byte SIZEOF_DWORD
-    sub         ecx, byte SIZEOF_DWORD
-    psrldq      xmmA, SIZEOF_DWORD
-.column_st3:
-    ; Store the lower 2 bytes of eax to the output when it has enough
-    ; space.
-    movd        eax, xmmA
-    cmp         ecx, byte SIZEOF_WORD
-    jb          short .column_st1
-    mov         word [edi], ax
-    add         edi, byte SIZEOF_WORD
-    sub         ecx, byte SIZEOF_WORD
-    shr         eax, 16
-.column_st1:
-    ; Store the lower 1 byte of eax to the output when it has enough
-    ; space.
-    test        ecx, ecx
-    jz          short .nextrow
-    mov         byte [edi], al
-
-%else  ; RGB_PIXELSIZE == 4 ; -----------
-
-%ifdef RGBX_FILLER_0XFF
-    pcmpeqb     xmm6, xmm6              ; xmm6=XE=X(02468ACE********)
-    pcmpeqb     xmm7, xmm7              ; xmm7=XO=X(13579BDF********)
-%else
-    pxor        xmm6, xmm6              ; xmm6=XE=X(02468ACE********)
-    pxor        xmm7, xmm7              ; xmm7=XO=X(13579BDF********)
-%endif
-    ; xmmA=(00 02 04 06 08 0A 0C 0E **), xmmB=(01 03 05 07 09 0B 0D 0F **)
-    ; xmmC=(10 12 14 16 18 1A 1C 1E **), xmmD=(11 13 15 17 19 1B 1D 1F **)
-    ; xmmE=(20 22 24 26 28 2A 2C 2E **), xmmF=(21 23 25 27 29 2B 2D 2F **)
-    ; xmmG=(30 32 34 36 38 3A 3C 3E **), xmmH=(31 33 35 37 39 3B 3D 3F **)
-
-    punpcklbw   xmmA, xmmC  ; xmmA=(00 10 02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E)
-    punpcklbw   xmmE, xmmG  ; xmmE=(20 30 22 32 24 34 26 36 28 38 2A 3A 2C 3C 2E 3E)
-    punpcklbw   xmmB, xmmD  ; xmmB=(01 11 03 13 05 15 07 17 09 19 0B 1B 0D 1D 0F 1F)
-    punpcklbw   xmmF, xmmH  ; xmmF=(21 31 23 33 25 35 27 37 29 39 2B 3B 2D 3D 2F 3F)
-
-    movdqa      xmmC, xmmA
-    punpcklwd   xmmA, xmmE  ; xmmA=(00 10 20 30 02 12 22 32 04 14 24 34 06 16 26 36)
-    punpckhwd   xmmC, xmmE  ; xmmC=(08 18 28 38 0A 1A 2A 3A 0C 1C 2C 3C 0E 1E 2E 3E)
-    movdqa      xmmG, xmmB
-    punpcklwd   xmmB, xmmF  ; xmmB=(01 11 21 31 03 13 23 33 05 15 25 35 07 17 27 37)
-    punpckhwd   xmmG, xmmF  ; xmmG=(09 19 29 39 0B 1B 2B 3B 0D 1D 2D 3D 0F 1F 2F 3F)
-
-    movdqa      xmmD, xmmA
-    punpckldq   xmmA, xmmB  ; xmmA=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33)
-    punpckhdq   xmmD, xmmB  ; xmmD=(04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37)
-    movdqa      xmmH, xmmC
-    punpckldq   xmmC, xmmG  ; xmmC=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B)
-    punpckhdq   xmmH, xmmG  ; xmmH=(0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F)
-
-    cmp         ecx, byte SIZEOF_XMMWORD
-    jb          short .column_st32
-
-    test        edi, SIZEOF_XMMWORD-1
-    jnz         short .out1
-    ; --(aligned)-------------------
-    movntdq     XMMWORD [edi+0*SIZEOF_XMMWORD], xmmA
-    movntdq     XMMWORD [edi+1*SIZEOF_XMMWORD], xmmD
-    movntdq     XMMWORD [edi+2*SIZEOF_XMMWORD], xmmC
-    movntdq     XMMWORD [edi+3*SIZEOF_XMMWORD], xmmH
-    jmp         short .out0
-.out1:  ; --(unaligned)-----------------
-    movdqu      XMMWORD [edi+0*SIZEOF_XMMWORD], xmmA
-    movdqu      XMMWORD [edi+1*SIZEOF_XMMWORD], xmmD
-    movdqu      XMMWORD [edi+2*SIZEOF_XMMWORD], xmmC
-    movdqu      XMMWORD [edi+3*SIZEOF_XMMWORD], xmmH
-.out0:
-    add         edi, byte RGB_PIXELSIZE*SIZEOF_XMMWORD  ; outptr
-    sub         ecx, byte SIZEOF_XMMWORD
-    jz          near .nextrow
-
-    add         esi, byte SIZEOF_XMMWORD  ; inptr0
-    add         ebx, byte SIZEOF_XMMWORD  ; inptr1
-    add         edx, byte SIZEOF_XMMWORD  ; inptr2
-    jmp         near .columnloop
-    alignx      16, 7
-
-.column_st32:
-    cmp         ecx, byte SIZEOF_XMMWORD/2
-    jb          short .column_st16
-    movdqu      XMMWORD [edi+0*SIZEOF_XMMWORD], xmmA
-    movdqu      XMMWORD [edi+1*SIZEOF_XMMWORD], xmmD
-    add         edi, byte 2*SIZEOF_XMMWORD  ; outptr
-    movdqa      xmmA, xmmC
-    movdqa      xmmD, xmmH
-    sub         ecx, byte SIZEOF_XMMWORD/2
-.column_st16:
-    cmp         ecx, byte SIZEOF_XMMWORD/4
-    jb          short .column_st15
-    movdqu      XMMWORD [edi+0*SIZEOF_XMMWORD], xmmA
-    add         edi, byte SIZEOF_XMMWORD    ; outptr
-    movdqa      xmmA, xmmD
-    sub         ecx, byte SIZEOF_XMMWORD/4
-.column_st15:
-    ; Store two pixels (8 bytes) of xmmA to the output when it has enough
-    ; space.
-    cmp         ecx, byte SIZEOF_XMMWORD/8
-    jb          short .column_st7
-    movq        XMM_MMWORD [edi], xmmA
-    add         edi, byte SIZEOF_XMMWORD/8*4
-    sub         ecx, byte SIZEOF_XMMWORD/8
-    psrldq      xmmA, SIZEOF_XMMWORD/8*4
-.column_st7:
-    ; Store one pixel (4 bytes) of xmmA to the output when it has enough
-    ; space.
-    test        ecx, ecx
-    jz          short .nextrow
-    movd        XMM_DWORD [edi], xmmA
-
-%endif  ; RGB_PIXELSIZE ; ---------------
-
-    alignx      16, 7
-
-.nextrow:
-    pop         ecx
-    pop         esi
-    pop         ebx
-    pop         edx
-    pop         edi
-    pop         eax
-
-    add         esi, byte SIZEOF_JSAMPROW
-    add         ebx, byte SIZEOF_JSAMPROW
-    add         edx, byte SIZEOF_JSAMPROW
-    add         edi, byte SIZEOF_JSAMPROW  ; output_buf
-    dec         eax                        ; num_rows
-    jg          near .rowloop
-
-    sfence                              ; flush the write buffer
-
-.return:
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdcolor-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdcolor-avx2.asm
deleted file mode 100644
index e05b60d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdcolor-avx2.asm
+++ /dev/null
@@ -1,118 +0,0 @@
-;
-; jdcolor.asm - colorspace conversion (AVX2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2015, Intel Corporation.
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-
-%define SCALEBITS  16
-
-F_0_344 equ  22554              ; FIX(0.34414)
-F_0_714 equ  46802              ; FIX(0.71414)
-F_1_402 equ  91881              ; FIX(1.40200)
-F_1_772 equ 116130              ; FIX(1.77200)
-F_0_402 equ (F_1_402 - 65536)   ; FIX(1.40200) - FIX(1)
-F_0_285 equ ( 65536 - F_0_714)  ; FIX(1) - FIX(0.71414)
-F_0_228 equ (131072 - F_1_772)  ; FIX(2) - FIX(1.77200)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_ycc_rgb_convert_avx2)
-
-EXTN(jconst_ycc_rgb_convert_avx2):
-
-PW_F0402        times 16 dw  F_0_402
-PW_MF0228       times 16 dw -F_0_228
-PW_MF0344_F0285 times 8  dw -F_0_344, F_0_285
-PW_ONE          times 16 dw  1
-PD_ONEHALF      times 8  dd  1 << (SCALEBITS - 1)
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-
-%include "jdcolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGB_RED
-%define RGB_GREEN  EXT_RGB_GREEN
-%define RGB_BLUE  EXT_RGB_BLUE
-%define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-%define jsimd_ycc_rgb_convert_avx2  jsimd_ycc_extrgb_convert_avx2
-%include "jdcolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGBX_RED
-%define RGB_GREEN  EXT_RGBX_GREEN
-%define RGB_BLUE  EXT_RGBX_BLUE
-%define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-%define jsimd_ycc_rgb_convert_avx2  jsimd_ycc_extrgbx_convert_avx2
-%include "jdcolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGR_RED
-%define RGB_GREEN  EXT_BGR_GREEN
-%define RGB_BLUE  EXT_BGR_BLUE
-%define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-%define jsimd_ycc_rgb_convert_avx2  jsimd_ycc_extbgr_convert_avx2
-%include "jdcolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGRX_RED
-%define RGB_GREEN  EXT_BGRX_GREEN
-%define RGB_BLUE  EXT_BGRX_BLUE
-%define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-%define jsimd_ycc_rgb_convert_avx2  jsimd_ycc_extbgrx_convert_avx2
-%include "jdcolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XBGR_RED
-%define RGB_GREEN  EXT_XBGR_GREEN
-%define RGB_BLUE  EXT_XBGR_BLUE
-%define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-%define jsimd_ycc_rgb_convert_avx2  jsimd_ycc_extxbgr_convert_avx2
-%include "jdcolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XRGB_RED
-%define RGB_GREEN  EXT_XRGB_GREEN
-%define RGB_BLUE  EXT_XRGB_BLUE
-%define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-%define jsimd_ycc_rgb_convert_avx2  jsimd_ycc_extxrgb_convert_avx2
-%include "jdcolext-avx2.asm"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdcolor-mmx.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdcolor-mmx.asm
deleted file mode 100644
index fb7e7bc..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdcolor-mmx.asm
+++ /dev/null
@@ -1,117 +0,0 @@
-;
-; jdcolor.asm - colorspace conversion (MMX)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-
-%define SCALEBITS  16
-
-F_0_344 equ  22554              ; FIX(0.34414)
-F_0_714 equ  46802              ; FIX(0.71414)
-F_1_402 equ  91881              ; FIX(1.40200)
-F_1_772 equ 116130              ; FIX(1.77200)
-F_0_402 equ (F_1_402 - 65536)   ; FIX(1.40200) - FIX(1)
-F_0_285 equ ( 65536 - F_0_714)  ; FIX(1) - FIX(0.71414)
-F_0_228 equ (131072 - F_1_772)  ; FIX(2) - FIX(1.77200)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_ycc_rgb_convert_mmx)
-
-EXTN(jconst_ycc_rgb_convert_mmx):
-
-PW_F0402        times 4 dw  F_0_402
-PW_MF0228       times 4 dw -F_0_228
-PW_MF0344_F0285 times 2 dw -F_0_344, F_0_285
-PW_ONE          times 4 dw  1
-PD_ONEHALF      times 2 dd  1 << (SCALEBITS - 1)
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-
-%include "jdcolext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGB_RED
-%define RGB_GREEN  EXT_RGB_GREEN
-%define RGB_BLUE  EXT_RGB_BLUE
-%define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-%define jsimd_ycc_rgb_convert_mmx  jsimd_ycc_extrgb_convert_mmx
-%include "jdcolext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGBX_RED
-%define RGB_GREEN  EXT_RGBX_GREEN
-%define RGB_BLUE  EXT_RGBX_BLUE
-%define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-%define jsimd_ycc_rgb_convert_mmx  jsimd_ycc_extrgbx_convert_mmx
-%include "jdcolext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGR_RED
-%define RGB_GREEN  EXT_BGR_GREEN
-%define RGB_BLUE  EXT_BGR_BLUE
-%define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-%define jsimd_ycc_rgb_convert_mmx  jsimd_ycc_extbgr_convert_mmx
-%include "jdcolext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGRX_RED
-%define RGB_GREEN  EXT_BGRX_GREEN
-%define RGB_BLUE  EXT_BGRX_BLUE
-%define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-%define jsimd_ycc_rgb_convert_mmx  jsimd_ycc_extbgrx_convert_mmx
-%include "jdcolext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XBGR_RED
-%define RGB_GREEN  EXT_XBGR_GREEN
-%define RGB_BLUE  EXT_XBGR_BLUE
-%define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-%define jsimd_ycc_rgb_convert_mmx  jsimd_ycc_extxbgr_convert_mmx
-%include "jdcolext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XRGB_RED
-%define RGB_GREEN  EXT_XRGB_GREEN
-%define RGB_BLUE  EXT_XRGB_BLUE
-%define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-%define jsimd_ycc_rgb_convert_mmx  jsimd_ycc_extxrgb_convert_mmx
-%include "jdcolext-mmx.asm"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdcolor-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdcolor-sse2.asm
deleted file mode 100644
index b736255..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdcolor-sse2.asm
+++ /dev/null
@@ -1,117 +0,0 @@
-;
-; jdcolor.asm - colorspace conversion (SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-
-%define SCALEBITS  16
-
-F_0_344 equ  22554              ; FIX(0.34414)
-F_0_714 equ  46802              ; FIX(0.71414)
-F_1_402 equ  91881              ; FIX(1.40200)
-F_1_772 equ 116130              ; FIX(1.77200)
-F_0_402 equ (F_1_402 - 65536)   ; FIX(1.40200) - FIX(1)
-F_0_285 equ ( 65536 - F_0_714)  ; FIX(1) - FIX(0.71414)
-F_0_228 equ (131072 - F_1_772)  ; FIX(2) - FIX(1.77200)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_ycc_rgb_convert_sse2)
-
-EXTN(jconst_ycc_rgb_convert_sse2):
-
-PW_F0402        times 8 dw  F_0_402
-PW_MF0228       times 8 dw -F_0_228
-PW_MF0344_F0285 times 4 dw -F_0_344, F_0_285
-PW_ONE          times 8 dw  1
-PD_ONEHALF      times 4 dd  1 << (SCALEBITS - 1)
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-
-%include "jdcolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGB_RED
-%define RGB_GREEN  EXT_RGB_GREEN
-%define RGB_BLUE  EXT_RGB_BLUE
-%define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-%define jsimd_ycc_rgb_convert_sse2  jsimd_ycc_extrgb_convert_sse2
-%include "jdcolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGBX_RED
-%define RGB_GREEN  EXT_RGBX_GREEN
-%define RGB_BLUE  EXT_RGBX_BLUE
-%define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-%define jsimd_ycc_rgb_convert_sse2  jsimd_ycc_extrgbx_convert_sse2
-%include "jdcolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGR_RED
-%define RGB_GREEN  EXT_BGR_GREEN
-%define RGB_BLUE  EXT_BGR_BLUE
-%define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-%define jsimd_ycc_rgb_convert_sse2  jsimd_ycc_extbgr_convert_sse2
-%include "jdcolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGRX_RED
-%define RGB_GREEN  EXT_BGRX_GREEN
-%define RGB_BLUE  EXT_BGRX_BLUE
-%define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-%define jsimd_ycc_rgb_convert_sse2  jsimd_ycc_extbgrx_convert_sse2
-%include "jdcolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XBGR_RED
-%define RGB_GREEN  EXT_XBGR_GREEN
-%define RGB_BLUE  EXT_XBGR_BLUE
-%define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-%define jsimd_ycc_rgb_convert_sse2  jsimd_ycc_extxbgr_convert_sse2
-%include "jdcolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XRGB_RED
-%define RGB_GREEN  EXT_XRGB_GREEN
-%define RGB_BLUE  EXT_XRGB_BLUE
-%define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-%define jsimd_ycc_rgb_convert_sse2  jsimd_ycc_extxrgb_convert_sse2
-%include "jdcolext-sse2.asm"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdmerge-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdmerge-avx2.asm
deleted file mode 100644
index 711e679..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdmerge-avx2.asm
+++ /dev/null
@@ -1,136 +0,0 @@
-;
-; jdmerge.asm - merged upsampling/color conversion (AVX2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-; Copyright (C) 2015, Intel Corporation.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-
-%define SCALEBITS  16
-
-F_0_344 equ  22554              ; FIX(0.34414)
-F_0_714 equ  46802              ; FIX(0.71414)
-F_1_402 equ  91881              ; FIX(1.40200)
-F_1_772 equ 116130              ; FIX(1.77200)
-F_0_402 equ (F_1_402 - 65536)   ; FIX(1.40200) - FIX(1)
-F_0_285 equ ( 65536 - F_0_714)  ; FIX(1) - FIX(0.71414)
-F_0_228 equ (131072 - F_1_772)  ; FIX(2) - FIX(1.77200)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_merged_upsample_avx2)
-
-EXTN(jconst_merged_upsample_avx2):
-
-PW_F0402        times 16 dw  F_0_402
-PW_MF0228       times 16 dw -F_0_228
-PW_MF0344_F0285 times 8  dw -F_0_344, F_0_285
-PW_ONE          times 16 dw  1
-PD_ONEHALF      times 8  dd  1 << (SCALEBITS - 1)
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-
-%include "jdmrgext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGB_RED
-%define RGB_GREEN  EXT_RGB_GREEN
-%define RGB_BLUE  EXT_RGB_BLUE
-%define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_avx2 \
-  jsimd_h2v1_extrgb_merged_upsample_avx2
-%define jsimd_h2v2_merged_upsample_avx2 \
-  jsimd_h2v2_extrgb_merged_upsample_avx2
-%include "jdmrgext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGBX_RED
-%define RGB_GREEN  EXT_RGBX_GREEN
-%define RGB_BLUE  EXT_RGBX_BLUE
-%define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_avx2 \
-  jsimd_h2v1_extrgbx_merged_upsample_avx2
-%define jsimd_h2v2_merged_upsample_avx2 \
-  jsimd_h2v2_extrgbx_merged_upsample_avx2
-%include "jdmrgext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGR_RED
-%define RGB_GREEN  EXT_BGR_GREEN
-%define RGB_BLUE  EXT_BGR_BLUE
-%define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_avx2 \
-  jsimd_h2v1_extbgr_merged_upsample_avx2
-%define jsimd_h2v2_merged_upsample_avx2 \
-  jsimd_h2v2_extbgr_merged_upsample_avx2
-%include "jdmrgext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGRX_RED
-%define RGB_GREEN  EXT_BGRX_GREEN
-%define RGB_BLUE  EXT_BGRX_BLUE
-%define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_avx2 \
-  jsimd_h2v1_extbgrx_merged_upsample_avx2
-%define jsimd_h2v2_merged_upsample_avx2 \
-  jsimd_h2v2_extbgrx_merged_upsample_avx2
-%include "jdmrgext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XBGR_RED
-%define RGB_GREEN  EXT_XBGR_GREEN
-%define RGB_BLUE  EXT_XBGR_BLUE
-%define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_avx2 \
-  jsimd_h2v1_extxbgr_merged_upsample_avx2
-%define jsimd_h2v2_merged_upsample_avx2 \
-  jsimd_h2v2_extxbgr_merged_upsample_avx2
-%include "jdmrgext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XRGB_RED
-%define RGB_GREEN  EXT_XRGB_GREEN
-%define RGB_BLUE  EXT_XRGB_BLUE
-%define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_avx2 \
-  jsimd_h2v1_extxrgb_merged_upsample_avx2
-%define jsimd_h2v2_merged_upsample_avx2 \
-  jsimd_h2v2_extxrgb_merged_upsample_avx2
-%include "jdmrgext-avx2.asm"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdmerge-mmx.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdmerge-mmx.asm
deleted file mode 100644
index 6e8311d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdmerge-mmx.asm
+++ /dev/null
@@ -1,123 +0,0 @@
-;
-; jdmerge.asm - merged upsampling/color conversion (MMX)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-
-%define SCALEBITS  16
-
-F_0_344 equ  22554              ; FIX(0.34414)
-F_0_714 equ  46802              ; FIX(0.71414)
-F_1_402 equ  91881              ; FIX(1.40200)
-F_1_772 equ 116130              ; FIX(1.77200)
-F_0_402 equ (F_1_402 - 65536)   ; FIX(1.40200) - FIX(1)
-F_0_285 equ ( 65536 - F_0_714)  ; FIX(1) - FIX(0.71414)
-F_0_228 equ (131072 - F_1_772)  ; FIX(2) - FIX(1.77200)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_merged_upsample_mmx)
-
-EXTN(jconst_merged_upsample_mmx):
-
-PW_F0402        times 4 dw  F_0_402
-PW_MF0228       times 4 dw -F_0_228
-PW_MF0344_F0285 times 2 dw -F_0_344, F_0_285
-PW_ONE          times 4 dw  1
-PD_ONEHALF      times 2 dd  1 << (SCALEBITS - 1)
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-
-%include "jdmrgext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGB_RED
-%define RGB_GREEN  EXT_RGB_GREEN
-%define RGB_BLUE  EXT_RGB_BLUE
-%define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_mmx  jsimd_h2v1_extrgb_merged_upsample_mmx
-%define jsimd_h2v2_merged_upsample_mmx  jsimd_h2v2_extrgb_merged_upsample_mmx
-%include "jdmrgext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGBX_RED
-%define RGB_GREEN  EXT_RGBX_GREEN
-%define RGB_BLUE  EXT_RGBX_BLUE
-%define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_mmx  jsimd_h2v1_extrgbx_merged_upsample_mmx
-%define jsimd_h2v2_merged_upsample_mmx  jsimd_h2v2_extrgbx_merged_upsample_mmx
-%include "jdmrgext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGR_RED
-%define RGB_GREEN  EXT_BGR_GREEN
-%define RGB_BLUE  EXT_BGR_BLUE
-%define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_mmx  jsimd_h2v1_extbgr_merged_upsample_mmx
-%define jsimd_h2v2_merged_upsample_mmx  jsimd_h2v2_extbgr_merged_upsample_mmx
-%include "jdmrgext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGRX_RED
-%define RGB_GREEN  EXT_BGRX_GREEN
-%define RGB_BLUE  EXT_BGRX_BLUE
-%define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_mmx  jsimd_h2v1_extbgrx_merged_upsample_mmx
-%define jsimd_h2v2_merged_upsample_mmx  jsimd_h2v2_extbgrx_merged_upsample_mmx
-%include "jdmrgext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XBGR_RED
-%define RGB_GREEN  EXT_XBGR_GREEN
-%define RGB_BLUE  EXT_XBGR_BLUE
-%define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_mmx  jsimd_h2v1_extxbgr_merged_upsample_mmx
-%define jsimd_h2v2_merged_upsample_mmx  jsimd_h2v2_extxbgr_merged_upsample_mmx
-%include "jdmrgext-mmx.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XRGB_RED
-%define RGB_GREEN  EXT_XRGB_GREEN
-%define RGB_BLUE  EXT_XRGB_BLUE
-%define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_mmx  jsimd_h2v1_extxrgb_merged_upsample_mmx
-%define jsimd_h2v2_merged_upsample_mmx  jsimd_h2v2_extxrgb_merged_upsample_mmx
-%include "jdmrgext-mmx.asm"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdmerge-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdmerge-sse2.asm
deleted file mode 100644
index e32f90a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdmerge-sse2.asm
+++ /dev/null
@@ -1,135 +0,0 @@
-;
-; jdmerge.asm - merged upsampling/color conversion (SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-
-%define SCALEBITS  16
-
-F_0_344 equ  22554              ; FIX(0.34414)
-F_0_714 equ  46802              ; FIX(0.71414)
-F_1_402 equ  91881              ; FIX(1.40200)
-F_1_772 equ 116130              ; FIX(1.77200)
-F_0_402 equ (F_1_402 - 65536)   ; FIX(1.40200) - FIX(1)
-F_0_285 equ ( 65536 - F_0_714)  ; FIX(1) - FIX(0.71414)
-F_0_228 equ (131072 - F_1_772)  ; FIX(2) - FIX(1.77200)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_merged_upsample_sse2)
-
-EXTN(jconst_merged_upsample_sse2):
-
-PW_F0402        times 8 dw  F_0_402
-PW_MF0228       times 8 dw -F_0_228
-PW_MF0344_F0285 times 4 dw -F_0_344, F_0_285
-PW_ONE          times 8 dw  1
-PD_ONEHALF      times 4 dd  1 << (SCALEBITS - 1)
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-
-%include "jdmrgext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGB_RED
-%define RGB_GREEN  EXT_RGB_GREEN
-%define RGB_BLUE  EXT_RGB_BLUE
-%define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_sse2 \
-  jsimd_h2v1_extrgb_merged_upsample_sse2
-%define jsimd_h2v2_merged_upsample_sse2 \
-  jsimd_h2v2_extrgb_merged_upsample_sse2
-%include "jdmrgext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGBX_RED
-%define RGB_GREEN  EXT_RGBX_GREEN
-%define RGB_BLUE  EXT_RGBX_BLUE
-%define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_sse2 \
-  jsimd_h2v1_extrgbx_merged_upsample_sse2
-%define jsimd_h2v2_merged_upsample_sse2 \
-  jsimd_h2v2_extrgbx_merged_upsample_sse2
-%include "jdmrgext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGR_RED
-%define RGB_GREEN  EXT_BGR_GREEN
-%define RGB_BLUE  EXT_BGR_BLUE
-%define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_sse2 \
-  jsimd_h2v1_extbgr_merged_upsample_sse2
-%define jsimd_h2v2_merged_upsample_sse2 \
-  jsimd_h2v2_extbgr_merged_upsample_sse2
-%include "jdmrgext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGRX_RED
-%define RGB_GREEN  EXT_BGRX_GREEN
-%define RGB_BLUE  EXT_BGRX_BLUE
-%define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_sse2 \
-  jsimd_h2v1_extbgrx_merged_upsample_sse2
-%define jsimd_h2v2_merged_upsample_sse2 \
-  jsimd_h2v2_extbgrx_merged_upsample_sse2
-%include "jdmrgext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XBGR_RED
-%define RGB_GREEN  EXT_XBGR_GREEN
-%define RGB_BLUE  EXT_XBGR_BLUE
-%define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_sse2 \
-  jsimd_h2v1_extxbgr_merged_upsample_sse2
-%define jsimd_h2v2_merged_upsample_sse2 \
-  jsimd_h2v2_extxbgr_merged_upsample_sse2
-%include "jdmrgext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XRGB_RED
-%define RGB_GREEN  EXT_XRGB_GREEN
-%define RGB_BLUE  EXT_XRGB_BLUE
-%define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_sse2 \
-  jsimd_h2v1_extxrgb_merged_upsample_sse2
-%define jsimd_h2v2_merged_upsample_sse2 \
-  jsimd_h2v2_extxrgb_merged_upsample_sse2
-%include "jdmrgext-sse2.asm"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdmrgext-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdmrgext-avx2.asm
deleted file mode 100644
index e35f728..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdmrgext-avx2.asm
+++ /dev/null
@@ -1,575 +0,0 @@
-;
-; jdmrgext.asm - merged upsampling/color conversion (AVX2)
-;
-; Copyright 2009, 2012 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2012, 2016, D. R. Commander.
-; Copyright (C) 2015, Intel Corporation.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jcolsamp.inc"
-
-; --------------------------------------------------------------------------
-;
-; Upsample and color convert for the case of 2:1 horizontal and 1:1 vertical.
-;
-; GLOBAL(void)
-; jsimd_h2v1_merged_upsample_avx2(JDIMENSION output_width,
-;                                 JSAMPIMAGE input_buf,
-;                                 JDIMENSION in_row_group_ctr,
-;                                 JSAMPARRAY output_buf);
-;
-
-%define output_width(b)      (b) + 8    ; JDIMENSION output_width
-%define input_buf(b)         (b) + 12   ; JSAMPIMAGE input_buf
-%define in_row_group_ctr(b)  (b) + 16   ; JDIMENSION in_row_group_ctr
-%define output_buf(b)        (b) + 20   ; JSAMPARRAY output_buf
-
-%define original_ebp  ebp + 0
-%define wk(i)         ebp - (WK_NUM - (i)) * SIZEOF_YMMWORD
-                                        ; ymmword wk[WK_NUM]
-%define WK_NUM        3
-%define gotptr        wk(0) - SIZEOF_POINTER  ; void * gotptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v1_merged_upsample_avx2)
-
-EXTN(jsimd_h2v1_merged_upsample_avx2):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_YMMWORD)  ; align to 256 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     eax                     ; make a room for GOT address
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-    movpic      POINTER [gotptr], ebx   ; save GOT address
-
-    mov         ecx, JDIMENSION [output_width(eax)]  ; col
-    test        ecx, ecx
-    jz          near .return
-
-    push        ecx
-
-    mov         edi, JSAMPIMAGE [input_buf(eax)]
-    mov         ecx, JDIMENSION [in_row_group_ctr(eax)]
-    mov         esi, JSAMPARRAY [edi+0*SIZEOF_JSAMPARRAY]
-    mov         ebx, JSAMPARRAY [edi+1*SIZEOF_JSAMPARRAY]
-    mov         edx, JSAMPARRAY [edi+2*SIZEOF_JSAMPARRAY]
-    mov         edi, JSAMPARRAY [output_buf(eax)]
-    mov         esi, JSAMPROW [esi+ecx*SIZEOF_JSAMPROW]  ; inptr0
-    mov         ebx, JSAMPROW [ebx+ecx*SIZEOF_JSAMPROW]  ; inptr1
-    mov         edx, JSAMPROW [edx+ecx*SIZEOF_JSAMPROW]  ; inptr2
-    mov         edi, JSAMPROW [edi]                      ; outptr
-
-    pop         ecx                     ; col
-
-    alignx      16, 7
-.columnloop:
-    movpic      eax, POINTER [gotptr]   ; load GOT address (eax)
-
-    vmovdqu     ymm6, YMMWORD [ebx]     ; ymm6=Cb(0123456789ABCDEFGHIJKLMNOPQRSTUV)
-    vmovdqu     ymm7, YMMWORD [edx]     ; ymm7=Cr(0123456789ABCDEFGHIJKLMNOPQRSTUV)
-
-    vpxor       ymm1, ymm1, ymm1        ; ymm1=(all 0's)
-    vpcmpeqw    ymm3, ymm3, ymm3
-    vpsllw      ymm3, ymm3, 7           ; ymm3={0xFF80 0xFF80 0xFF80 0xFF80 ..}
-
-    vpermq      ymm6, ymm6, 0xd8        ; ymm6=Cb(01234567GHIJKLMN89ABCDEFOPQRSTUV)
-    vpermq      ymm7, ymm7, 0xd8        ; ymm7=Cr(01234567GHIJKLMN89ABCDEFOPQRSTUV)
-    vpunpcklbw  ymm4, ymm6, ymm1        ; ymm4=Cb(0123456789ABCDEF)=CbL
-    vpunpckhbw  ymm6, ymm6, ymm1        ; ymm6=Cb(GHIJKLMNOPQRSTUV)=CbH
-    vpunpcklbw  ymm0, ymm7, ymm1        ; ymm0=Cr(0123456789ABCDEF)=CrL
-    vpunpckhbw  ymm7, ymm7, ymm1        ; ymm7=Cr(GHIJKLMNOPQRSTUV)=CrH
-
-    vpaddw      ymm5, ymm6, ymm3
-    vpaddw      ymm2, ymm4, ymm3
-    vpaddw      ymm1, ymm7, ymm3
-    vpaddw      ymm3, ymm0, ymm3
-
-    ; (Original)
-    ; R = Y                + 1.40200 * Cr
-    ; G = Y - 0.34414 * Cb - 0.71414 * Cr
-    ; B = Y + 1.77200 * Cb
-    ;
-    ; (This implementation)
-    ; R = Y                + 0.40200 * Cr + Cr
-    ; G = Y - 0.34414 * Cb + 0.28586 * Cr - Cr
-    ; B = Y - 0.22800 * Cb + Cb + Cb
-
-    vpaddw      ymm6, ymm5, ymm5             ; ymm6=2*CbH
-    vpaddw      ymm4, ymm2, ymm2             ; ymm4=2*CbL
-    vpaddw      ymm7, ymm1, ymm1             ; ymm7=2*CrH
-    vpaddw      ymm0, ymm3, ymm3             ; ymm0=2*CrL
-
-    vpmulhw     ymm6, ymm6, [GOTOFF(eax,PW_MF0228)]  ; ymm6=(2*CbH * -FIX(0.22800))
-    vpmulhw     ymm4, ymm4, [GOTOFF(eax,PW_MF0228)]  ; ymm4=(2*CbL * -FIX(0.22800))
-    vpmulhw     ymm7, ymm7, [GOTOFF(eax,PW_F0402)]   ; ymm7=(2*CrH * FIX(0.40200))
-    vpmulhw     ymm0, ymm0, [GOTOFF(eax,PW_F0402)]   ; ymm0=(2*CrL * FIX(0.40200))
-
-    vpaddw      ymm6, ymm6, [GOTOFF(eax,PW_ONE)]
-    vpaddw      ymm4, ymm4, [GOTOFF(eax,PW_ONE)]
-    vpsraw      ymm6, ymm6, 1                     ; ymm6=(CbH * -FIX(0.22800))
-    vpsraw      ymm4, ymm4, 1                     ; ymm4=(CbL * -FIX(0.22800))
-    vpaddw      ymm7, ymm7, [GOTOFF(eax,PW_ONE)]
-    vpaddw      ymm0, ymm0, [GOTOFF(eax,PW_ONE)]
-    vpsraw      ymm7, ymm7, 1                     ; ymm7=(CrH * FIX(0.40200))
-    vpsraw      ymm0, ymm0, 1                     ; ymm0=(CrL * FIX(0.40200))
-
-    vpaddw      ymm6, ymm6, ymm5
-    vpaddw      ymm4, ymm4, ymm2
-    vpaddw      ymm6, ymm6, ymm5                  ; ymm6=(CbH * FIX(1.77200))=(B-Y)H
-    vpaddw      ymm4, ymm4, ymm2                  ; ymm4=(CbL * FIX(1.77200))=(B-Y)L
-    vpaddw      ymm7, ymm7, ymm1                  ; ymm7=(CrH * FIX(1.40200))=(R-Y)H
-    vpaddw      ymm0, ymm0, ymm3                  ; ymm0=(CrL * FIX(1.40200))=(R-Y)L
-
-    vmovdqa     YMMWORD [wk(0)], ymm6             ; wk(0)=(B-Y)H
-    vmovdqa     YMMWORD [wk(1)], ymm7             ; wk(1)=(R-Y)H
-
-    vpunpckhwd  ymm6, ymm5, ymm1
-    vpunpcklwd  ymm5, ymm5, ymm1
-    vpmaddwd    ymm5, ymm5, [GOTOFF(eax,PW_MF0344_F0285)]
-    vpmaddwd    ymm6, ymm6, [GOTOFF(eax,PW_MF0344_F0285)]
-    vpunpckhwd  ymm7, ymm2, ymm3
-    vpunpcklwd  ymm2, ymm2, ymm3
-    vpmaddwd    ymm2, ymm2, [GOTOFF(eax,PW_MF0344_F0285)]
-    vpmaddwd    ymm7, ymm7, [GOTOFF(eax,PW_MF0344_F0285)]
-
-    vpaddd      ymm5, ymm5, [GOTOFF(eax,PD_ONEHALF)]
-    vpaddd      ymm6, ymm6, [GOTOFF(eax,PD_ONEHALF)]
-    vpsrad      ymm5, ymm5, SCALEBITS
-    vpsrad      ymm6, ymm6, SCALEBITS
-    vpaddd      ymm2, ymm2, [GOTOFF(eax,PD_ONEHALF)]
-    vpaddd      ymm7, ymm7, [GOTOFF(eax,PD_ONEHALF)]
-    vpsrad      ymm2, ymm2, SCALEBITS
-    vpsrad      ymm7, ymm7, SCALEBITS
-
-    vpackssdw   ymm5, ymm5, ymm6        ; ymm5=CbH*-FIX(0.344)+CrH*FIX(0.285)
-    vpackssdw   ymm2, ymm2, ymm7        ; ymm2=CbL*-FIX(0.344)+CrL*FIX(0.285)
-    vpsubw      ymm5, ymm5, ymm1        ; ymm5=CbH*-FIX(0.344)+CrH*-FIX(0.714)=(G-Y)H
-    vpsubw      ymm2, ymm2, ymm3        ; ymm2=CbL*-FIX(0.344)+CrL*-FIX(0.714)=(G-Y)L
-
-    vmovdqa     YMMWORD [wk(2)], ymm5   ; wk(2)=(G-Y)H
-
-    mov         al, 2                   ; Yctr
-    jmp         short .Yloop_1st
-    alignx      16, 7
-
-.Yloop_2nd:
-    vmovdqa     ymm0, YMMWORD [wk(1)]   ; ymm0=(R-Y)H
-    vmovdqa     ymm2, YMMWORD [wk(2)]   ; ymm2=(G-Y)H
-    vmovdqa     ymm4, YMMWORD [wk(0)]   ; ymm4=(B-Y)H
-    alignx      16, 7
-
-.Yloop_1st:
-    vmovdqu     ymm7, YMMWORD [esi]     ; ymm7=Y(0123456789ABCDEFGHIJKLMNOPQRSTUV)
-
-    vpcmpeqw    ymm6, ymm6, ymm6
-    vpsrlw      ymm6, ymm6, BYTE_BIT    ; ymm6={0xFF 0x00 0xFF 0x00 ..}
-    vpand       ymm6, ymm6, ymm7        ; ymm6=Y(02468ACEGIKMOQSU)=YE
-    vpsrlw      ymm7, ymm7, BYTE_BIT    ; ymm7=Y(13579BDFHJLNPRTV)=YO
-
-    vmovdqa     ymm1, ymm0              ; ymm1=ymm0=(R-Y)(L/H)
-    vmovdqa     ymm3, ymm2              ; ymm3=ymm2=(G-Y)(L/H)
-    vmovdqa     ymm5, ymm4              ; ymm5=ymm4=(B-Y)(L/H)
-
-    vpaddw      ymm0, ymm0, ymm6        ; ymm0=((R-Y)+YE)=RE=R(02468ACEGIKMOQSU)
-    vpaddw      ymm1, ymm1, ymm7        ; ymm1=((R-Y)+YO)=RO=R(13579BDFHJLNPRTV)
-    vpackuswb   ymm0, ymm0, ymm0        ; ymm0=R(02468ACE********GIKMOQSU********)
-    vpackuswb   ymm1, ymm1, ymm1        ; ymm1=R(13579BDF********HJLNPRTV********)
-
-    vpaddw      ymm2, ymm2, ymm6        ; ymm2=((G-Y)+YE)=GE=G(02468ACEGIKMOQSU)
-    vpaddw      ymm3, ymm3, ymm7        ; ymm3=((G-Y)+YO)=GO=G(13579BDFHJLNPRTV)
-    vpackuswb   ymm2, ymm2, ymm2        ; ymm2=G(02468ACE********GIKMOQSU********)
-    vpackuswb   ymm3, ymm3, ymm3        ; ymm3=G(13579BDF********HJLNPRTV********)
-
-    vpaddw      ymm4, ymm4, ymm6        ; ymm4=((B-Y)+YE)=BE=B(02468ACEGIKMOQSU)
-    vpaddw      ymm5, ymm5, ymm7        ; ymm5=((B-Y)+YO)=BO=B(13579BDFHJLNPRTV)
-    vpackuswb   ymm4, ymm4, ymm4        ; ymm4=B(02468ACE********GIKMOQSU********)
-    vpackuswb   ymm5, ymm5, ymm5        ; ymm5=B(13579BDF********HJLNPRTV********)
-
-%if RGB_PIXELSIZE == 3  ; ---------------
-
-    ; ymmA=(00 02 04 06 08 0A 0C 0E ** 0G 0I 0K 0M 0O 0Q 0S 0U **)
-    ; ymmB=(01 03 05 07 09 0B 0D 0F ** 0H 0J 0L 0N 0P 0R 0T 0V **)
-    ; ymmC=(10 12 14 16 18 1A 1C 1E ** 1G 1I 1K 1M 1O 1Q 1S 1U **)
-    ; ymmD=(11 13 15 17 19 1B 1D 1F ** 1H 1J 1L 1N 1P 1R 1T 1V **)
-    ; ymmE=(20 22 24 26 28 2A 2C 2E ** 2G 2I 2K 2M 2O 2Q 2S 2U **)
-    ; ymmF=(21 23 25 27 29 2B 2D 2F ** 2H 2J 2L 2N 2P 2R 2T 2V **)
-    ; ymmG=(** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** **)
-    ; ymmH=(** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** **)
-
-    vpunpcklbw  ymmA, ymmA, ymmC        ; ymmA=(00 10 02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E
-                                        ;       0G 1G 0I 1I 0K 1K 0M 1M 0O 1O 0Q 1Q 0S 1S 0U 1U)
-    vpunpcklbw  ymmE, ymmE, ymmB        ; ymmE=(20 01 22 03 24 05 26 07 28 09 2A 0B 2C 0D 2E 0F
-                                        ;       2G 0H 2I 0J 2K 0L 2M 0N 2O 0P 2Q 0R 2S 0T 2U 0V)
-    vpunpcklbw  ymmD, ymmD, ymmF        ; ymmD=(11 21 13 23 15 25 17 27 19 29 1B 2B 1D 2D 1F 2F
-                                        ;       1H 2H 1J 2J 1L 2L 1N 2N 1P 2P 1R 2R 1T 2T 1V 2V)
-
-    vpsrldq     ymmH, ymmA, 2           ; ymmH=(02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E 0G 1G
-                                        ;       0I 1I 0K 1K 0M 1M 0O 1O 0Q 1Q 0S 1S 0U 1U -- --)
-    vpunpckhwd  ymmG, ymmA, ymmE        ; ymmG=(08 18 28 09 0A 1A 2A 0B 0C 1C 2C 0D 0E 1E 2E 0F
-                                        ;       0O 1O 2O 0P 0Q 1Q 2Q 0R 0S 1S 2S 0T 0U 1U 2U 0V)
-    vpunpcklwd  ymmA, ymmA, ymmE        ; ymmA=(00 10 20 01 02 12 22 03 04 14 24 05 06 16 26 07
-                                        ;       0G 1G 2G 0H 0I 1I 2I 0J 0K 1K 2K 0L 0M 1M 2M 0N)
-
-    vpsrldq     ymmE, ymmE, 2           ; ymmE=(22 03 24 05 26 07 28 09 2A 0B 2C 0D 2E 0F 2G 0H
-                                        ;       2I 0J 2K 0L 2M 0N 2O 0P 2Q 0R 2S 0T 2U 0V -- --)
-
-    vpsrldq     ymmB, ymmD, 2           ; ymmB=(13 23 15 25 17 27 19 29 1B 2B 1D 2D 1F 2F 1H 2H
-                                        ;       1J 2J 1L 2L 1N 2N 1P 2P 1R 2R 1T 2T 1V 2V -- --)
-    vpunpckhwd  ymmC, ymmD, ymmH        ; ymmC=(19 29 0A 1A 1B 2B 0C 1C 1D 2D 0E 1E 1F 2F 0G 1G
-                                        ;       1P 2P 0Q 1Q 1R 2R 0S 1S 1T 2T 0U 1U 1V 2V -- --)
-    vpunpcklwd  ymmD, ymmD, ymmH        ; ymmD=(11 21 02 12 13 23 04 14 15 25 06 16 17 27 08 18
-                                        ;       1H 2H 0I 1I 1J 2J 0K 1K 1L 2L 0M 1M 1N 2N 0O 1O)
-
-    vpunpckhwd  ymmF, ymmE, ymmB        ; ymmF=(2A 0B 1B 2B 2C 0D 1D 2D 2E 0F 1F 2F 2G 0H 1H 2H
-                                        ;       2Q 0R 1R 2R 2S 0T 1T 2T 2U 0V 1V 2V -- -- -- --)
-    vpunpcklwd  ymmE, ymmE, ymmB        ; ymmE=(22 03 13 23 24 05 15 25 26 07 17 27 28 09 19 29
-                                        ;       2I 0J 1J 2J 2K 0L 1L 2L 2M 0N 1N 2N 2O 0P 1P 2P)
-
-    vpshufd     ymmH, ymmA, 0x4E        ; ymmH=(04 14 24 05 06 16 26 07 00 10 20 01 02 12 22 03
-                                        ;       0K 1K 2K 0L 0M 1M 2M 0N 0G 1G 2G 0H 0I 1I 2I 0J)
-    vpunpckldq  ymmA, ymmA, ymmD        ; ymmA=(00 10 20 01 11 21 02 12 02 12 22 03 13 23 04 14
-                                        ;       0G 1G 2G 0H 1H 2H 0I 1I 0I 1I 2I 0J 1J 2J 0K 1K)
-    vpunpckhdq  ymmD, ymmD, ymmE        ; ymmD=(15 25 06 16 26 07 17 27 17 27 08 18 28 09 19 29
-                                        ;       1L 2L 0M 1M 2M 0N 1N 2N 1N 2N 0O 1O 2O 0P 1P 2P)
-    vpunpckldq  ymmE, ymmE, ymmH        ; ymmE=(22 03 13 23 04 14 24 05 24 05 15 25 06 16 26 07
-                                        ;       2I 0J 1J 2J 0K 1K 2K 0L 2K 0L 1L 2L 0M 1M 2M 0N)
-
-    vpshufd     ymmH, ymmG, 0x4E        ; ymmH=(0C 1C 2C 0D 0E 1E 2E 0F 08 18 28 09 0A 1A 2A 0B
-                                        ;       0S 1S 2S 0T 0U 1U 2U 0V 0O 1O 2O 0P 0Q 1Q 2Q 0R)
-    vpunpckldq  ymmG, ymmG, ymmC        ; ymmG=(08 18 28 09 19 29 0A 1A 0A 1A 2A 0B 1B 2B 0C 1C
-                                        ;       0O 1O 2O 0P 1P 2P 0Q 1Q 0Q 1Q 2Q 0R 1R 2R 0S 1S)
-    vpunpckhdq  ymmC, ymmC, ymmF        ; ymmC=(1D 2D 0E 1E 2E 0F 1F 2F 1F 2F 0G 1G 2G 0H 1H 2H
-                                        ;       1T 2T 0U 1U 2U 0V 1V 2V 1V 2V -- -- -- -- -- --)
-    vpunpckldq  ymmF, ymmF, ymmH        ; ymmF=(2A 0B 1B 2B 0C 1C 2C 0D 2C 0D 1D 2D 0E 1E 2E 0F
-                                        ;       2Q 0R 1R 2R 0S 1S 2S 0T 2S 0T 1T 2T 0U 1U 2U 0V)
-
-    vpunpcklqdq ymmH, ymmA, ymmE        ; ymmH=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05
-                                        ;       0G 1G 2G 0H 1H 2H 0I 1I 2I 0J 1J 2J 0K 1K 2K 0L)
-    vpunpcklqdq ymmG, ymmD, ymmG        ; ymmG=(15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A
-                                        ;       1L 2L 0M 1M 2M 0N 1N 2N 0O 1O 2O 0P 1P 2P 0Q 1Q)
-    vpunpcklqdq ymmC, ymmF, ymmC        ; ymmC=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F
-                                        ;       2Q 0R 1R 2R 0S 1S 2S 0T 1T 2T 0U 1U 2U 0V 1V 2V)
-
-    vperm2i128  ymmA, ymmH, ymmG, 0x20  ; ymmA=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05
-                                        ;       15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A)
-    vperm2i128  ymmD, ymmC, ymmH, 0x30  ; ymmD=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F
-                                        ;       0G 1G 2G 0H 1H 2H 0I 1I 2I 0J 1J 2J 0K 1K 2K 0L)
-    vperm2i128  ymmF, ymmG, ymmC, 0x31  ; ymmF=(1L 2L 0M 1M 2M 0N 1N 2N 0O 1O 2O 0P 1P 2P 0Q 1Q
-                                        ;       2Q 0R 1R 2R 0S 1S 2S 0T 1T 2T 0U 1U 2U 0V 1V 2V)
-
-    cmp         ecx, byte SIZEOF_YMMWORD
-    jb          short .column_st64
-
-    test        edi, SIZEOF_YMMWORD-1
-    jnz         short .out1
-    ; --(aligned)-------------------
-    vmovntdq    YMMWORD [edi+0*SIZEOF_YMMWORD], ymmA
-    vmovntdq    YMMWORD [edi+1*SIZEOF_YMMWORD], ymmD
-    vmovntdq    YMMWORD [edi+2*SIZEOF_YMMWORD], ymmF
-    jmp         short .out0
-.out1:  ; --(unaligned)-----------------
-    vmovdqu     YMMWORD [edi+0*SIZEOF_YMMWORD], ymmA
-    vmovdqu     YMMWORD [edi+1*SIZEOF_YMMWORD], ymmD
-    vmovdqu     YMMWORD [edi+2*SIZEOF_YMMWORD], ymmF
-.out0:
-    add         edi, byte RGB_PIXELSIZE*SIZEOF_YMMWORD  ; outptr
-    sub         ecx, byte SIZEOF_YMMWORD
-    jz          near .endcolumn
-
-    add         esi, byte SIZEOF_YMMWORD  ; inptr0
-    dec         al                        ; Yctr
-    jnz         near .Yloop_2nd
-
-    add         ebx, byte SIZEOF_YMMWORD  ; inptr1
-    add         edx, byte SIZEOF_YMMWORD  ; inptr2
-    jmp         near .columnloop
-    alignx      16, 7
-
-.column_st64:
-    lea         ecx, [ecx+ecx*2]            ; imul ecx, RGB_PIXELSIZE
-    cmp         ecx, byte 2*SIZEOF_YMMWORD
-    jb          short .column_st32
-    vmovdqu     YMMWORD [edi+0*SIZEOF_YMMWORD], ymmA
-    vmovdqu     YMMWORD [edi+1*SIZEOF_YMMWORD], ymmD
-    add         edi, byte 2*SIZEOF_YMMWORD  ; outptr
-    vmovdqa     ymmA, ymmF
-    sub         ecx, byte 2*SIZEOF_YMMWORD
-    jmp         short .column_st31
-.column_st32:
-    cmp         ecx, byte SIZEOF_YMMWORD
-    jb          short .column_st31
-    vmovdqu     YMMWORD [edi+0*SIZEOF_YMMWORD], ymmA
-    add         edi, byte SIZEOF_YMMWORD    ; outptr
-    vmovdqa     ymmA, ymmD
-    sub         ecx, byte SIZEOF_YMMWORD
-    jmp         short .column_st31
-.column_st31:
-    cmp         ecx, byte SIZEOF_XMMWORD
-    jb          short .column_st15
-    vmovdqu     XMMWORD [edi+0*SIZEOF_XMMWORD], xmmA
-    add         edi, byte SIZEOF_XMMWORD    ; outptr
-    vperm2i128  ymmA, ymmA, ymmA, 1
-    sub         ecx, byte SIZEOF_XMMWORD
-.column_st15:
-    ; Store the lower 8 bytes of xmmA to the output when it has enough
-    ; space.
-    cmp         ecx, byte SIZEOF_MMWORD
-    jb          short .column_st7
-    vmovq       XMM_MMWORD [edi], xmmA
-    add         edi, byte SIZEOF_MMWORD
-    sub         ecx, byte SIZEOF_MMWORD
-    vpsrldq     xmmA, xmmA, SIZEOF_MMWORD
-.column_st7:
-    ; Store the lower 4 bytes of xmmA to the output when it has enough
-    ; space.
-    cmp         ecx, byte SIZEOF_DWORD
-    jb          short .column_st3
-    vmovd       XMM_DWORD [edi], xmmA
-    add         edi, byte SIZEOF_DWORD
-    sub         ecx, byte SIZEOF_DWORD
-    vpsrldq     xmmA, xmmA, SIZEOF_DWORD
-.column_st3:
-    ; Store the lower 2 bytes of eax to the output when it has enough
-    ; space.
-    vmovd       eax, xmmA
-    cmp         ecx, byte SIZEOF_WORD
-    jb          short .column_st1
-    mov         word [edi], ax
-    add         edi, byte SIZEOF_WORD
-    sub         ecx, byte SIZEOF_WORD
-    shr         eax, 16
-.column_st1:
-    ; Store the lower 1 byte of eax to the output when it has enough
-    ; space.
-    test        ecx, ecx
-    jz          short .endcolumn
-    mov         byte [edi], al
-
-%else  ; RGB_PIXELSIZE == 4 ; -----------
-
-%ifdef RGBX_FILLER_0XFF
-    vpcmpeqb    ymm6, ymm6, ymm6        ; ymm6=XE=X(02468ACE********GIKMOQSU********)
-    vpcmpeqb    ymm7, ymm7, ymm7        ; ymm7=XO=X(13579BDF********HJLNPRTV********)
-%else
-    vpxor       ymm6, ymm6, ymm6        ; ymm6=XE=X(02468ACE********GIKMOQSU********)
-    vpxor       ymm7, ymm7, ymm7        ; ymm7=XO=X(13579BDF********HJLNPRTV********)
-%endif
-    ; ymmA=(00 02 04 06 08 0A 0C 0E ** 0G 0I 0K 0M 0O 0Q 0S 0U **)
-    ; ymmB=(01 03 05 07 09 0B 0D 0F ** 0H 0J 0L 0N 0P 0R 0T 0V **)
-    ; ymmC=(10 12 14 16 18 1A 1C 1E ** 1G 1I 1K 1M 1O 1Q 1S 1U **)
-    ; ymmD=(11 13 15 17 19 1B 1D 1F ** 1H 1J 1L 1N 1P 1R 1T 1V **)
-    ; ymmE=(20 22 24 26 28 2A 2C 2E ** 2G 2I 2K 2M 2O 2Q 2S 2U **)
-    ; ymmF=(21 23 25 27 29 2B 2D 2F ** 2H 2J 2L 2N 2P 2R 2T 2V **)
-    ; ymmG=(30 32 34 36 38 3A 3C 3E ** 3G 3I 3K 3M 3O 3Q 3S 3U **)
-    ; ymmH=(31 33 35 37 39 3B 3D 3F ** 3H 3J 3L 3N 3P 3R 3T 3V **)
-
-    vpunpcklbw  ymmA, ymmA, ymmC        ; ymmA=(00 10 02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E
-                                        ;       0G 1G 0I 1I 0K 1K 0M 1M 0O 1O 0Q 1Q 0S 1S 0U 1U)
-    vpunpcklbw  ymmE, ymmE, ymmG        ; ymmE=(20 30 22 32 24 34 26 36 28 38 2A 3A 2C 3C 2E 3E
-                                        ;       2G 3G 2I 3I 2K 3K 2M 3M 2O 3O 2Q 3Q 2S 3S 2U 3U)
-    vpunpcklbw  ymmB, ymmB, ymmD        ; ymmB=(01 11 03 13 05 15 07 17 09 19 0B 1B 0D 1D 0F 1F
-                                        ;       0H 1H 0J 1J 0L 1L 0N 1N 0P 1P 0R 1R 0T 1T 0V 1V)
-    vpunpcklbw  ymmF, ymmF, ymmH        ; ymmF=(21 31 23 33 25 35 27 37 29 39 2B 3B 2D 3D 2F 3F
-                                        ;       2H 3H 2J 3J 2L 3L 2N 3N 2P 3P 2R 3R 2T 3T 2V 3V)
-
-    vpunpckhwd  ymmC, ymmA, ymmE        ; ymmC=(08 18 28 38 0A 1A 2A 3A 0C 1C 2C 3C 0E 1E 2E 3E
-                                        ;       0O 1O 2O 3O 0Q 1Q 2Q 3Q 0S 1S 2S 3S 0U 1U 2U 3U)
-    vpunpcklwd  ymmA, ymmA, ymmE        ; ymmA=(00 10 20 30 02 12 22 32 04 14 24 34 06 16 26 36
-                                        ;       0G 1G 2G 3G 0I 1I 2I 3I 0K 1K 2K 3K 0M 1M 2M 3M)
-    vpunpckhwd  ymmG, ymmB, ymmF        ; ymmG=(09 19 29 39 0B 1B 2B 3B 0D 1D 2D 3D 0F 1F 2F 3F
-                                        ;       0P 1P 2P 3P 0R 1R 2R 3R 0T 1T 2T 3T 0V 1V 2V 3V)
-    vpunpcklwd  ymmB, ymmB, ymmF        ; ymmB=(01 11 21 31 03 13 23 33 05 15 25 35 07 17 27 37
-                                        ;       0H 1H 2H 3H 0J 1J 2J 3J 0L 1L 2L 3L 0N 1N 2N 3N)
-
-    vpunpckhdq  ymmE, ymmA, ymmB        ; ymmE=(04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37
-                                        ;       0K 1K 2K 3K 0L 1L 2L 3L 0M 1M 2M 3M 0N 1N 2N 3N)
-    vpunpckldq  ymmB, ymmA, ymmB        ; ymmB=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33
-                                        ;       0G 1G 2G 3G 0H 1H 2H 3H 0I 1I 2I 3I 0J 1J 2J 3J)
-    vpunpckhdq  ymmF, ymmC, ymmG        ; ymmF=(0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F
-                                        ;       0S 1S 2S 3S 0T 1T 2T 3T 0U 1U 2U 3U 0V 1V 2V 3V)
-    vpunpckldq  ymmG, ymmC, ymmG        ; ymmG=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B
-                                        ;       0O 1O 2O 3O 0P 1P 2P 3P 0Q 1Q 2Q 3Q 0R 1R 2R 3R)
-
-    vperm2i128  ymmA, ymmB, ymmE, 0x20  ; ymmA=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33
-                                        ;       04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37)
-    vperm2i128  ymmD, ymmG, ymmF, 0x20  ; ymmD=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B
-                                        ;       0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F)
-    vperm2i128  ymmC, ymmB, ymmE, 0x31  ; ymmC=(0G 1G 2G 3G 0H 1H 2H 3H 0I 1I 2I 3I 0J 1J 2J 3J
-                                        ;       0K 1K 2K 3K 0L 1L 2L 3L 0M 1M 2M 3M 0N 1N 2N 3N)
-    vperm2i128  ymmH, ymmG, ymmF, 0x31  ; ymmH=(0O 1O 2O 3O 0P 1P 2P 3P 0Q 1Q 2Q 3Q 0R 1R 2R 3R
-                                        ;       0S 1S 2S 3S 0T 1T 2T 3T 0U 1U 2U 3U 0V 1V 2V 3V)
-
-    cmp         ecx, byte SIZEOF_YMMWORD
-    jb          short .column_st64
-
-    test        edi, SIZEOF_YMMWORD-1
-    jnz         short .out1
-    ; --(aligned)-------------------
-    vmovntdq    YMMWORD [edi+0*SIZEOF_YMMWORD], ymmA
-    vmovntdq    YMMWORD [edi+1*SIZEOF_YMMWORD], ymmD
-    vmovntdq    YMMWORD [edi+2*SIZEOF_YMMWORD], ymmC
-    vmovntdq    YMMWORD [edi+3*SIZEOF_YMMWORD], ymmH
-    jmp         short .out0
-.out1:  ; --(unaligned)-----------------
-    vmovdqu     YMMWORD [edi+0*SIZEOF_YMMWORD], ymmA
-    vmovdqu     YMMWORD [edi+1*SIZEOF_YMMWORD], ymmD
-    vmovdqu     YMMWORD [edi+2*SIZEOF_YMMWORD], ymmC
-    vmovdqu     YMMWORD [edi+3*SIZEOF_YMMWORD], ymmH
-.out0:
-    add         edi, RGB_PIXELSIZE*SIZEOF_YMMWORD  ; outptr
-    sub         ecx, byte SIZEOF_YMMWORD
-    jz          near .endcolumn
-
-    add         esi, byte SIZEOF_YMMWORD  ; inptr0
-    dec         al
-    jnz         near .Yloop_2nd
-
-    add         ebx, byte SIZEOF_YMMWORD  ; inptr1
-    add         edx, byte SIZEOF_YMMWORD  ; inptr2
-    jmp         near .columnloop
-    alignx      16, 7
-
-.column_st64:
-    cmp         ecx, byte SIZEOF_YMMWORD/2
-    jb          short .column_st32
-    vmovdqu     YMMWORD [edi+0*SIZEOF_YMMWORD], ymmA
-    vmovdqu     YMMWORD [edi+1*SIZEOF_YMMWORD], ymmD
-    add         edi, byte 2*SIZEOF_YMMWORD  ; outptr
-    vmovdqa     ymmA, ymmC
-    vmovdqa     ymmD, ymmH
-    sub         ecx, byte SIZEOF_YMMWORD/2
-.column_st32:
-    cmp         ecx, byte SIZEOF_YMMWORD/4
-    jb          short .column_st16
-    vmovdqu     YMMWORD [edi+0*SIZEOF_YMMWORD], ymmA
-    add         edi, byte SIZEOF_YMMWORD    ; outptr
-    vmovdqa     ymmA, ymmD
-    sub         ecx, byte SIZEOF_YMMWORD/4
-.column_st16:
-    cmp         ecx, byte SIZEOF_YMMWORD/8
-    jb          short .column_st15
-    vmovdqu     XMMWORD [edi+0*SIZEOF_XMMWORD], xmmA
-    add         edi, byte SIZEOF_XMMWORD    ; outptr
-    vperm2i128  ymmA, ymmA, ymmA, 1
-    sub         ecx, byte SIZEOF_YMMWORD/8
-.column_st15:
-    ; Store two pixels (8 bytes) of ymmA to the output when it has enough
-    ; space.
-    cmp         ecx, byte SIZEOF_YMMWORD/16
-    jb          short .column_st7
-    vmovq       MMWORD [edi], xmmA
-    add         edi, byte SIZEOF_YMMWORD/16*4
-    sub         ecx, byte SIZEOF_YMMWORD/16
-    vpsrldq     xmmA, SIZEOF_YMMWORD/16*4
-.column_st7:
-    ; Store one pixel (4 bytes) of ymmA to the output when it has enough
-    ; space.
-    test        ecx, ecx
-    jz          short .endcolumn
-    vmovd       XMM_DWORD [edi], xmmA
-
-%endif  ; RGB_PIXELSIZE ; ---------------
-
-.endcolumn:
-    sfence                              ; flush the write buffer
-
-.return:
-    vzeroupper
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Upsample and color convert for the case of 2:1 horizontal and 2:1 vertical.
-;
-; GLOBAL(void)
-; jsimd_h2v2_merged_upsample_avx2(JDIMENSION output_width,
-;                                 JSAMPIMAGE input_buf,
-;                                 JDIMENSION in_row_group_ctr,
-;                                 JSAMPARRAY output_buf);
-;
-
-%define output_width(b)      (b) + 8    ; JDIMENSION output_width
-%define input_buf(b)         (b) + 12   ; JSAMPIMAGE input_buf
-%define in_row_group_ctr(b)  (b) + 16   ; JDIMENSION in_row_group_ctr
-%define output_buf(b)        (b) + 20   ; JSAMPARRAY output_buf
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v2_merged_upsample_avx2)
-
-EXTN(jsimd_h2v2_merged_upsample_avx2):
-    push        ebp
-    mov         ebp, esp
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         eax, POINTER [output_width(ebp)]
-
-    mov         edi, JSAMPIMAGE [input_buf(ebp)]
-    mov         ecx, JDIMENSION [in_row_group_ctr(ebp)]
-    mov         esi, JSAMPARRAY [edi+0*SIZEOF_JSAMPARRAY]
-    mov         ebx, JSAMPARRAY [edi+1*SIZEOF_JSAMPARRAY]
-    mov         edx, JSAMPARRAY [edi+2*SIZEOF_JSAMPARRAY]
-    mov         edi, JSAMPARRAY [output_buf(ebp)]
-    lea         esi, [esi+ecx*SIZEOF_JSAMPROW]
-
-    push        edx                     ; inptr2
-    push        ebx                     ; inptr1
-    push        esi                     ; inptr00
-    mov         ebx, esp
-
-    push        edi                     ; output_buf (outptr0)
-    push        ecx                     ; in_row_group_ctr
-    push        ebx                     ; input_buf
-    push        eax                     ; output_width
-
-    call        near EXTN(jsimd_h2v1_merged_upsample_avx2)
-
-    add         esi, byte SIZEOF_JSAMPROW  ; inptr01
-    add         edi, byte SIZEOF_JSAMPROW  ; outptr1
-    mov         POINTER [ebx+0*SIZEOF_POINTER], esi
-    mov         POINTER [ebx-1*SIZEOF_POINTER], edi
-
-    call        near EXTN(jsimd_h2v1_merged_upsample_avx2)
-
-    add         esp, byte 7*SIZEOF_DWORD
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdmrgext-mmx.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdmrgext-mmx.asm
deleted file mode 100644
index eb3e36b..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdmrgext-mmx.asm
+++ /dev/null
@@ -1,460 +0,0 @@
-;
-; jdmrgext.asm - merged upsampling/color conversion (MMX)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jcolsamp.inc"
-
-; --------------------------------------------------------------------------
-;
-; Upsample and color convert for the case of 2:1 horizontal and 1:1 vertical.
-;
-; GLOBAL(void)
-; jsimd_h2v1_merged_upsample_mmx(JDIMENSION output_width, JSAMPIMAGE input_buf,
-;                                JDIMENSION in_row_group_ctr,
-;                                JSAMPARRAY output_buf);
-;
-
-%define output_width(b)      (b) + 8    ; JDIMENSION output_width
-%define input_buf(b)         (b) + 12   ; JSAMPIMAGE input_buf
-%define in_row_group_ctr(b)  (b) + 16   ; JDIMENSION in_row_group_ctr
-%define output_buf(b)        (b) + 20   ; JSAMPARRAY output_buf
-
-%define original_ebp  ebp + 0
-%define wk(i)         ebp - (WK_NUM - (i)) * SIZEOF_MMWORD  ; mmword wk[WK_NUM]
-%define WK_NUM        3
-%define gotptr        wk(0) - SIZEOF_POINTER  ; void * gotptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v1_merged_upsample_mmx)
-
-EXTN(jsimd_h2v1_merged_upsample_mmx):
-    push        ebp
-    mov         eax, esp                    ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_MMWORD)  ; align to 64 bits
-    mov         [esp], eax
-    mov         ebp, esp                    ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     eax                     ; make a room for GOT address
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-    movpic      POINTER [gotptr], ebx   ; save GOT address
-
-    mov         ecx, JDIMENSION [output_width(eax)]  ; col
-    test        ecx, ecx
-    jz          near .return
-
-    push        ecx
-
-    mov         edi, JSAMPIMAGE [input_buf(eax)]
-    mov         ecx, JDIMENSION [in_row_group_ctr(eax)]
-    mov         esi, JSAMPARRAY [edi+0*SIZEOF_JSAMPARRAY]
-    mov         ebx, JSAMPARRAY [edi+1*SIZEOF_JSAMPARRAY]
-    mov         edx, JSAMPARRAY [edi+2*SIZEOF_JSAMPARRAY]
-    mov         edi, JSAMPARRAY [output_buf(eax)]
-    mov         esi, JSAMPROW [esi+ecx*SIZEOF_JSAMPROW]  ; inptr0
-    mov         ebx, JSAMPROW [ebx+ecx*SIZEOF_JSAMPROW]  ; inptr1
-    mov         edx, JSAMPROW [edx+ecx*SIZEOF_JSAMPROW]  ; inptr2
-    mov         edi, JSAMPROW [edi]                      ; outptr
-
-    pop         ecx                     ; col
-
-    alignx      16, 7
-.columnloop:
-    movpic      eax, POINTER [gotptr]   ; load GOT address (eax)
-
-    movq        mm6, MMWORD [ebx]       ; mm6=Cb(01234567)
-    movq        mm7, MMWORD [edx]       ; mm7=Cr(01234567)
-
-    pxor        mm1, mm1                ; mm1=(all 0's)
-    pcmpeqw     mm3, mm3
-    psllw       mm3, 7                  ; mm3={0xFF80 0xFF80 0xFF80 0xFF80}
-
-    movq        mm4, mm6
-    punpckhbw   mm6, mm1                ; mm6=Cb(4567)=CbH
-    punpcklbw   mm4, mm1                ; mm4=Cb(0123)=CbL
-    movq        mm0, mm7
-    punpckhbw   mm7, mm1                ; mm7=Cr(4567)=CrH
-    punpcklbw   mm0, mm1                ; mm0=Cr(0123)=CrL
-
-    paddw       mm6, mm3
-    paddw       mm4, mm3
-    paddw       mm7, mm3
-    paddw       mm0, mm3
-
-    ; (Original)
-    ; R = Y                + 1.40200 * Cr
-    ; G = Y - 0.34414 * Cb - 0.71414 * Cr
-    ; B = Y + 1.77200 * Cb
-    ;
-    ; (This implementation)
-    ; R = Y                + 0.40200 * Cr + Cr
-    ; G = Y - 0.34414 * Cb + 0.28586 * Cr - Cr
-    ; B = Y - 0.22800 * Cb + Cb + Cb
-
-    movq        mm5, mm6                ; mm5=CbH
-    movq        mm2, mm4                ; mm2=CbL
-    paddw       mm6, mm6                ; mm6=2*CbH
-    paddw       mm4, mm4                ; mm4=2*CbL
-    movq        mm1, mm7                ; mm1=CrH
-    movq        mm3, mm0                ; mm3=CrL
-    paddw       mm7, mm7                ; mm7=2*CrH
-    paddw       mm0, mm0                ; mm0=2*CrL
-
-    pmulhw      mm6, [GOTOFF(eax,PW_MF0228)]  ; mm6=(2*CbH * -FIX(0.22800))
-    pmulhw      mm4, [GOTOFF(eax,PW_MF0228)]  ; mm4=(2*CbL * -FIX(0.22800))
-    pmulhw      mm7, [GOTOFF(eax,PW_F0402)]   ; mm7=(2*CrH * FIX(0.40200))
-    pmulhw      mm0, [GOTOFF(eax,PW_F0402)]   ; mm0=(2*CrL * FIX(0.40200))
-
-    paddw       mm6, [GOTOFF(eax,PW_ONE)]
-    paddw       mm4, [GOTOFF(eax,PW_ONE)]
-    psraw       mm6, 1                  ; mm6=(CbH * -FIX(0.22800))
-    psraw       mm4, 1                  ; mm4=(CbL * -FIX(0.22800))
-    paddw       mm7, [GOTOFF(eax,PW_ONE)]
-    paddw       mm0, [GOTOFF(eax,PW_ONE)]
-    psraw       mm7, 1                  ; mm7=(CrH * FIX(0.40200))
-    psraw       mm0, 1                  ; mm0=(CrL * FIX(0.40200))
-
-    paddw       mm6, mm5
-    paddw       mm4, mm2
-    paddw       mm6, mm5                ; mm6=(CbH * FIX(1.77200))=(B-Y)H
-    paddw       mm4, mm2                ; mm4=(CbL * FIX(1.77200))=(B-Y)L
-    paddw       mm7, mm1                ; mm7=(CrH * FIX(1.40200))=(R-Y)H
-    paddw       mm0, mm3                ; mm0=(CrL * FIX(1.40200))=(R-Y)L
-
-    movq        MMWORD [wk(0)], mm6     ; wk(0)=(B-Y)H
-    movq        MMWORD [wk(1)], mm7     ; wk(1)=(R-Y)H
-
-    movq        mm6, mm5
-    movq        mm7, mm2
-    punpcklwd   mm5, mm1
-    punpckhwd   mm6, mm1
-    pmaddwd     mm5, [GOTOFF(eax,PW_MF0344_F0285)]
-    pmaddwd     mm6, [GOTOFF(eax,PW_MF0344_F0285)]
-    punpcklwd   mm2, mm3
-    punpckhwd   mm7, mm3
-    pmaddwd     mm2, [GOTOFF(eax,PW_MF0344_F0285)]
-    pmaddwd     mm7, [GOTOFF(eax,PW_MF0344_F0285)]
-
-    paddd       mm5, [GOTOFF(eax,PD_ONEHALF)]
-    paddd       mm6, [GOTOFF(eax,PD_ONEHALF)]
-    psrad       mm5, SCALEBITS
-    psrad       mm6, SCALEBITS
-    paddd       mm2, [GOTOFF(eax,PD_ONEHALF)]
-    paddd       mm7, [GOTOFF(eax,PD_ONEHALF)]
-    psrad       mm2, SCALEBITS
-    psrad       mm7, SCALEBITS
-
-    packssdw    mm5, mm6                ; mm5=CbH*-FIX(0.344)+CrH*FIX(0.285)
-    packssdw    mm2, mm7                ; mm2=CbL*-FIX(0.344)+CrL*FIX(0.285)
-    psubw       mm5, mm1                ; mm5=CbH*-FIX(0.344)+CrH*-FIX(0.714)=(G-Y)H
-    psubw       mm2, mm3                ; mm2=CbL*-FIX(0.344)+CrL*-FIX(0.714)=(G-Y)L
-
-    movq        MMWORD [wk(2)], mm5     ; wk(2)=(G-Y)H
-
-    mov         al, 2                   ; Yctr
-    jmp         short .Yloop_1st
-    alignx      16, 7
-
-.Yloop_2nd:
-    movq        mm0, MMWORD [wk(1)]     ; mm0=(R-Y)H
-    movq        mm2, MMWORD [wk(2)]     ; mm2=(G-Y)H
-    movq        mm4, MMWORD [wk(0)]     ; mm4=(B-Y)H
-    alignx      16, 7
-
-.Yloop_1st:
-    movq        mm7, MMWORD [esi]       ; mm7=Y(01234567)
-
-    pcmpeqw     mm6, mm6
-    psrlw       mm6, BYTE_BIT           ; mm6={0xFF 0x00 0xFF 0x00 ..}
-    pand        mm6, mm7                ; mm6=Y(0246)=YE
-    psrlw       mm7, BYTE_BIT           ; mm7=Y(1357)=YO
-
-    movq        mm1, mm0                ; mm1=mm0=(R-Y)(L/H)
-    movq        mm3, mm2                ; mm3=mm2=(G-Y)(L/H)
-    movq        mm5, mm4                ; mm5=mm4=(B-Y)(L/H)
-
-    paddw       mm0, mm6                ; mm0=((R-Y)+YE)=RE=(R0 R2 R4 R6)
-    paddw       mm1, mm7                ; mm1=((R-Y)+YO)=RO=(R1 R3 R5 R7)
-    packuswb    mm0, mm0                ; mm0=(R0 R2 R4 R6 ** ** ** **)
-    packuswb    mm1, mm1                ; mm1=(R1 R3 R5 R7 ** ** ** **)
-
-    paddw       mm2, mm6                ; mm2=((G-Y)+YE)=GE=(G0 G2 G4 G6)
-    paddw       mm3, mm7                ; mm3=((G-Y)+YO)=GO=(G1 G3 G5 G7)
-    packuswb    mm2, mm2                ; mm2=(G0 G2 G4 G6 ** ** ** **)
-    packuswb    mm3, mm3                ; mm3=(G1 G3 G5 G7 ** ** ** **)
-
-    paddw       mm4, mm6                ; mm4=((B-Y)+YE)=BE=(B0 B2 B4 B6)
-    paddw       mm5, mm7                ; mm5=((B-Y)+YO)=BO=(B1 B3 B5 B7)
-    packuswb    mm4, mm4                ; mm4=(B0 B2 B4 B6 ** ** ** **)
-    packuswb    mm5, mm5                ; mm5=(B1 B3 B5 B7 ** ** ** **)
-
-%if RGB_PIXELSIZE == 3  ; ---------------
-
-    ; mmA=(00 02 04 06 ** ** ** **), mmB=(01 03 05 07 ** ** ** **)
-    ; mmC=(10 12 14 16 ** ** ** **), mmD=(11 13 15 17 ** ** ** **)
-    ; mmE=(20 22 24 26 ** ** ** **), mmF=(21 23 25 27 ** ** ** **)
-    ; mmG=(** ** ** ** ** ** ** **), mmH=(** ** ** ** ** ** ** **)
-
-    punpcklbw   mmA, mmC                ; mmA=(00 10 02 12 04 14 06 16)
-    punpcklbw   mmE, mmB                ; mmE=(20 01 22 03 24 05 26 07)
-    punpcklbw   mmD, mmF                ; mmD=(11 21 13 23 15 25 17 27)
-
-    movq        mmG, mmA
-    movq        mmH, mmA
-    punpcklwd   mmA, mmE                ; mmA=(00 10 20 01 02 12 22 03)
-    punpckhwd   mmG, mmE                ; mmG=(04 14 24 05 06 16 26 07)
-
-    psrlq       mmH, 2*BYTE_BIT         ; mmH=(02 12 04 14 06 16 -- --)
-    psrlq       mmE, 2*BYTE_BIT         ; mmE=(22 03 24 05 26 07 -- --)
-
-    movq        mmC, mmD
-    movq        mmB, mmD
-    punpcklwd   mmD, mmH                ; mmD=(11 21 02 12 13 23 04 14)
-    punpckhwd   mmC, mmH                ; mmC=(15 25 06 16 17 27 -- --)
-
-    psrlq       mmB, 2*BYTE_BIT         ; mmB=(13 23 15 25 17 27 -- --)
-
-    movq        mmF, mmE
-    punpcklwd   mmE, mmB                ; mmE=(22 03 13 23 24 05 15 25)
-    punpckhwd   mmF, mmB                ; mmF=(26 07 17 27 -- -- -- --)
-
-    punpckldq   mmA, mmD                ; mmA=(00 10 20 01 11 21 02 12)
-    punpckldq   mmE, mmG                ; mmE=(22 03 13 23 04 14 24 05)
-    punpckldq   mmC, mmF                ; mmC=(15 25 06 16 26 07 17 27)
-
-    cmp         ecx, byte SIZEOF_MMWORD
-    jb          short .column_st16
-
-    movq        MMWORD [edi+0*SIZEOF_MMWORD], mmA
-    movq        MMWORD [edi+1*SIZEOF_MMWORD], mmE
-    movq        MMWORD [edi+2*SIZEOF_MMWORD], mmC
-
-    sub         ecx, byte SIZEOF_MMWORD
-    jz          near .endcolumn
-
-    add         edi, byte RGB_PIXELSIZE*SIZEOF_MMWORD  ; outptr
-    add         esi, byte SIZEOF_MMWORD                ; inptr0
-    dec         al                                     ; Yctr
-    jnz         near .Yloop_2nd
-
-    add         ebx, byte SIZEOF_MMWORD                ; inptr1
-    add         edx, byte SIZEOF_MMWORD                ; inptr2
-    jmp         near .columnloop
-    alignx      16, 7
-
-.column_st16:
-    lea         ecx, [ecx+ecx*2]        ; imul ecx, RGB_PIXELSIZE
-    cmp         ecx, byte 2*SIZEOF_MMWORD
-    jb          short .column_st8
-    movq        MMWORD [edi+0*SIZEOF_MMWORD], mmA
-    movq        MMWORD [edi+1*SIZEOF_MMWORD], mmE
-    movq        mmA, mmC
-    sub         ecx, byte 2*SIZEOF_MMWORD
-    add         edi, byte 2*SIZEOF_MMWORD
-    jmp         short .column_st4
-.column_st8:
-    cmp         ecx, byte SIZEOF_MMWORD
-    jb          short .column_st4
-    movq        MMWORD [edi+0*SIZEOF_MMWORD], mmA
-    movq        mmA, mmE
-    sub         ecx, byte SIZEOF_MMWORD
-    add         edi, byte SIZEOF_MMWORD
-.column_st4:
-    movd        eax, mmA
-    cmp         ecx, byte SIZEOF_DWORD
-    jb          short .column_st2
-    mov         dword [edi+0*SIZEOF_DWORD], eax
-    psrlq       mmA, DWORD_BIT
-    movd        eax, mmA
-    sub         ecx, byte SIZEOF_DWORD
-    add         edi, byte SIZEOF_DWORD
-.column_st2:
-    cmp         ecx, byte SIZEOF_WORD
-    jb          short .column_st1
-    mov         word [edi+0*SIZEOF_WORD], ax
-    shr         eax, WORD_BIT
-    sub         ecx, byte SIZEOF_WORD
-    add         edi, byte SIZEOF_WORD
-.column_st1:
-    cmp         ecx, byte SIZEOF_BYTE
-    jb          short .endcolumn
-    mov         byte [edi+0*SIZEOF_BYTE], al
-
-%else  ; RGB_PIXELSIZE == 4 ; -----------
-
-%ifdef RGBX_FILLER_0XFF
-    pcmpeqb     mm6, mm6                ; mm6=(X0 X2 X4 X6 ** ** ** **)
-    pcmpeqb     mm7, mm7                ; mm7=(X1 X3 X5 X7 ** ** ** **)
-%else
-    pxor        mm6, mm6                ; mm6=(X0 X2 X4 X6 ** ** ** **)
-    pxor        mm7, mm7                ; mm7=(X1 X3 X5 X7 ** ** ** **)
-%endif
-    ; mmA=(00 02 04 06 ** ** ** **), mmB=(01 03 05 07 ** ** ** **)
-    ; mmC=(10 12 14 16 ** ** ** **), mmD=(11 13 15 17 ** ** ** **)
-    ; mmE=(20 22 24 26 ** ** ** **), mmF=(21 23 25 27 ** ** ** **)
-    ; mmG=(30 32 34 36 ** ** ** **), mmH=(31 33 35 37 ** ** ** **)
-
-    punpcklbw   mmA, mmC                ; mmA=(00 10 02 12 04 14 06 16)
-    punpcklbw   mmE, mmG                ; mmE=(20 30 22 32 24 34 26 36)
-    punpcklbw   mmB, mmD                ; mmB=(01 11 03 13 05 15 07 17)
-    punpcklbw   mmF, mmH                ; mmF=(21 31 23 33 25 35 27 37)
-
-    movq        mmC, mmA
-    punpcklwd   mmA, mmE                ; mmA=(00 10 20 30 02 12 22 32)
-    punpckhwd   mmC, mmE                ; mmC=(04 14 24 34 06 16 26 36)
-    movq        mmG, mmB
-    punpcklwd   mmB, mmF                ; mmB=(01 11 21 31 03 13 23 33)
-    punpckhwd   mmG, mmF                ; mmG=(05 15 25 35 07 17 27 37)
-
-    movq        mmD, mmA
-    punpckldq   mmA, mmB                ; mmA=(00 10 20 30 01 11 21 31)
-    punpckhdq   mmD, mmB                ; mmD=(02 12 22 32 03 13 23 33)
-    movq        mmH, mmC
-    punpckldq   mmC, mmG                ; mmC=(04 14 24 34 05 15 25 35)
-    punpckhdq   mmH, mmG                ; mmH=(06 16 26 36 07 17 27 37)
-
-    cmp         ecx, byte SIZEOF_MMWORD
-    jb          short .column_st16
-
-    movq        MMWORD [edi+0*SIZEOF_MMWORD], mmA
-    movq        MMWORD [edi+1*SIZEOF_MMWORD], mmD
-    movq        MMWORD [edi+2*SIZEOF_MMWORD], mmC
-    movq        MMWORD [edi+3*SIZEOF_MMWORD], mmH
-
-    sub         ecx, byte SIZEOF_MMWORD
-    jz          short .endcolumn
-
-    add         edi, byte RGB_PIXELSIZE*SIZEOF_MMWORD  ; outptr
-    add         esi, byte SIZEOF_MMWORD                ; inptr0
-    dec         al                                     ; Yctr
-    jnz         near .Yloop_2nd
-
-    add         ebx, byte SIZEOF_MMWORD                ; inptr1
-    add         edx, byte SIZEOF_MMWORD                ; inptr2
-    jmp         near .columnloop
-    alignx      16, 7
-
-.column_st16:
-    cmp         ecx, byte SIZEOF_MMWORD/2
-    jb          short .column_st8
-    movq        MMWORD [edi+0*SIZEOF_MMWORD], mmA
-    movq        MMWORD [edi+1*SIZEOF_MMWORD], mmD
-    movq        mmA, mmC
-    movq        mmD, mmH
-    sub         ecx, byte SIZEOF_MMWORD/2
-    add         edi, byte 2*SIZEOF_MMWORD
-.column_st8:
-    cmp         ecx, byte SIZEOF_MMWORD/4
-    jb          short .column_st4
-    movq        MMWORD [edi+0*SIZEOF_MMWORD], mmA
-    movq        mmA, mmD
-    sub         ecx, byte SIZEOF_MMWORD/4
-    add         edi, byte 1*SIZEOF_MMWORD
-.column_st4:
-    cmp         ecx, byte SIZEOF_MMWORD/8
-    jb          short .endcolumn
-    movd        dword [edi+0*SIZEOF_DWORD], mmA
-
-%endif  ; RGB_PIXELSIZE ; ---------------
-
-.endcolumn:
-    emms                                ; empty MMX state
-
-.return:
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Upsample and color convert for the case of 2:1 horizontal and 2:1 vertical.
-;
-; GLOBAL(void)
-; jsimd_h2v2_merged_upsample_mmx(JDIMENSION output_width, JSAMPIMAGE input_buf,
-;                                JDIMENSION in_row_group_ctr,
-;                                JSAMPARRAY output_buf);
-;
-
-%define output_width(b)      (b) + 8    ; JDIMENSION output_width
-%define input_buf(b)         (b) + 12   ; JSAMPIMAGE input_buf
-%define in_row_group_ctr(b)  (b) + 16   ; JDIMENSION in_row_group_ctr
-%define output_buf(b)        (b) + 20   ; JSAMPARRAY output_buf
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v2_merged_upsample_mmx)
-
-EXTN(jsimd_h2v2_merged_upsample_mmx):
-    push        ebp
-    mov         ebp, esp
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         eax, JDIMENSION [output_width(ebp)]
-
-    mov         edi, JSAMPIMAGE [input_buf(ebp)]
-    mov         ecx, JDIMENSION [in_row_group_ctr(ebp)]
-    mov         esi, JSAMPARRAY [edi+0*SIZEOF_JSAMPARRAY]
-    mov         ebx, JSAMPARRAY [edi+1*SIZEOF_JSAMPARRAY]
-    mov         edx, JSAMPARRAY [edi+2*SIZEOF_JSAMPARRAY]
-    mov         edi, JSAMPARRAY [output_buf(ebp)]
-    lea         esi, [esi+ecx*SIZEOF_JSAMPROW]
-
-    push        edx                     ; inptr2
-    push        ebx                     ; inptr1
-    push        esi                     ; inptr00
-    mov         ebx, esp
-
-    push        edi                     ; output_buf (outptr0)
-    push        ecx                     ; in_row_group_ctr
-    push        ebx                     ; input_buf
-    push        eax                     ; output_width
-
-    call        near EXTN(jsimd_h2v1_merged_upsample_mmx)
-
-    add         esi, byte SIZEOF_JSAMPROW  ; inptr01
-    add         edi, byte SIZEOF_JSAMPROW  ; outptr1
-    mov         POINTER [ebx+0*SIZEOF_POINTER], esi
-    mov         POINTER [ebx-1*SIZEOF_POINTER], edi
-
-    call        near EXTN(jsimd_h2v1_merged_upsample_mmx)
-
-    add         esp, byte 7*SIZEOF_DWORD
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdmrgext-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdmrgext-sse2.asm
deleted file mode 100644
index c113dc4..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdmrgext-sse2.asm
+++ /dev/null
@@ -1,517 +0,0 @@
-;
-; jdmrgext.asm - merged upsampling/color conversion (SSE2)
-;
-; Copyright 2009, 2012 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2012, 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jcolsamp.inc"
-
-; --------------------------------------------------------------------------
-;
-; Upsample and color convert for the case of 2:1 horizontal and 1:1 vertical.
-;
-; GLOBAL(void)
-; jsimd_h2v1_merged_upsample_sse2(JDIMENSION output_width,
-;                                 JSAMPIMAGE input_buf,
-;                                 JDIMENSION in_row_group_ctr,
-;                                 JSAMPARRAY output_buf);
-;
-
-%define output_width(b)      (b) + 8    ; JDIMENSION output_width
-%define input_buf(b)         (b) + 12   ; JSAMPIMAGE input_buf
-%define in_row_group_ctr(b)  (b) + 16   ; JDIMENSION in_row_group_ctr
-%define output_buf(b)        (b) + 20   ; JSAMPARRAY output_buf
-
-%define original_ebp  ebp + 0
-%define wk(i)         ebp - (WK_NUM - (i)) * SIZEOF_XMMWORD
-                                        ; xmmword wk[WK_NUM]
-%define WK_NUM        3
-%define gotptr        wk(0) - SIZEOF_POINTER  ; void * gotptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v1_merged_upsample_sse2)
-
-EXTN(jsimd_h2v1_merged_upsample_sse2):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     eax                     ; make a room for GOT address
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-    movpic      POINTER [gotptr], ebx   ; save GOT address
-
-    mov         ecx, JDIMENSION [output_width(eax)]  ; col
-    test        ecx, ecx
-    jz          near .return
-
-    push        ecx
-
-    mov         edi, JSAMPIMAGE [input_buf(eax)]
-    mov         ecx, JDIMENSION [in_row_group_ctr(eax)]
-    mov         esi, JSAMPARRAY [edi+0*SIZEOF_JSAMPARRAY]
-    mov         ebx, JSAMPARRAY [edi+1*SIZEOF_JSAMPARRAY]
-    mov         edx, JSAMPARRAY [edi+2*SIZEOF_JSAMPARRAY]
-    mov         edi, JSAMPARRAY [output_buf(eax)]
-    mov         esi, JSAMPROW [esi+ecx*SIZEOF_JSAMPROW]  ; inptr0
-    mov         ebx, JSAMPROW [ebx+ecx*SIZEOF_JSAMPROW]  ; inptr1
-    mov         edx, JSAMPROW [edx+ecx*SIZEOF_JSAMPROW]  ; inptr2
-    mov         edi, JSAMPROW [edi]                      ; outptr
-
-    pop         ecx                     ; col
-
-    alignx      16, 7
-.columnloop:
-    movpic      eax, POINTER [gotptr]   ; load GOT address (eax)
-
-    movdqa      xmm6, XMMWORD [ebx]     ; xmm6=Cb(0123456789ABCDEF)
-    movdqa      xmm7, XMMWORD [edx]     ; xmm7=Cr(0123456789ABCDEF)
-
-    pxor        xmm1, xmm1              ; xmm1=(all 0's)
-    pcmpeqw     xmm3, xmm3
-    psllw       xmm3, 7                 ; xmm3={0xFF80 0xFF80 0xFF80 0xFF80 ..}
-
-    movdqa      xmm4, xmm6
-    punpckhbw   xmm6, xmm1              ; xmm6=Cb(89ABCDEF)=CbH
-    punpcklbw   xmm4, xmm1              ; xmm4=Cb(01234567)=CbL
-    movdqa      xmm0, xmm7
-    punpckhbw   xmm7, xmm1              ; xmm7=Cr(89ABCDEF)=CrH
-    punpcklbw   xmm0, xmm1              ; xmm0=Cr(01234567)=CrL
-
-    paddw       xmm6, xmm3
-    paddw       xmm4, xmm3
-    paddw       xmm7, xmm3
-    paddw       xmm0, xmm3
-
-    ; (Original)
-    ; R = Y                + 1.40200 * Cr
-    ; G = Y - 0.34414 * Cb - 0.71414 * Cr
-    ; B = Y + 1.77200 * Cb
-    ;
-    ; (This implementation)
-    ; R = Y                + 0.40200 * Cr + Cr
-    ; G = Y - 0.34414 * Cb + 0.28586 * Cr - Cr
-    ; B = Y - 0.22800 * Cb + Cb + Cb
-
-    movdqa      xmm5, xmm6              ; xmm5=CbH
-    movdqa      xmm2, xmm4              ; xmm2=CbL
-    paddw       xmm6, xmm6              ; xmm6=2*CbH
-    paddw       xmm4, xmm4              ; xmm4=2*CbL
-    movdqa      xmm1, xmm7              ; xmm1=CrH
-    movdqa      xmm3, xmm0              ; xmm3=CrL
-    paddw       xmm7, xmm7              ; xmm7=2*CrH
-    paddw       xmm0, xmm0              ; xmm0=2*CrL
-
-    pmulhw      xmm6, [GOTOFF(eax,PW_MF0228)]  ; xmm6=(2*CbH * -FIX(0.22800))
-    pmulhw      xmm4, [GOTOFF(eax,PW_MF0228)]  ; xmm4=(2*CbL * -FIX(0.22800))
-    pmulhw      xmm7, [GOTOFF(eax,PW_F0402)]   ; xmm7=(2*CrH * FIX(0.40200))
-    pmulhw      xmm0, [GOTOFF(eax,PW_F0402)]   ; xmm0=(2*CrL * FIX(0.40200))
-
-    paddw       xmm6, [GOTOFF(eax,PW_ONE)]
-    paddw       xmm4, [GOTOFF(eax,PW_ONE)]
-    psraw       xmm6, 1                 ; xmm6=(CbH * -FIX(0.22800))
-    psraw       xmm4, 1                 ; xmm4=(CbL * -FIX(0.22800))
-    paddw       xmm7, [GOTOFF(eax,PW_ONE)]
-    paddw       xmm0, [GOTOFF(eax,PW_ONE)]
-    psraw       xmm7, 1                 ; xmm7=(CrH * FIX(0.40200))
-    psraw       xmm0, 1                 ; xmm0=(CrL * FIX(0.40200))
-
-    paddw       xmm6, xmm5
-    paddw       xmm4, xmm2
-    paddw       xmm6, xmm5              ; xmm6=(CbH * FIX(1.77200))=(B-Y)H
-    paddw       xmm4, xmm2              ; xmm4=(CbL * FIX(1.77200))=(B-Y)L
-    paddw       xmm7, xmm1              ; xmm7=(CrH * FIX(1.40200))=(R-Y)H
-    paddw       xmm0, xmm3              ; xmm0=(CrL * FIX(1.40200))=(R-Y)L
-
-    movdqa      XMMWORD [wk(0)], xmm6   ; wk(0)=(B-Y)H
-    movdqa      XMMWORD [wk(1)], xmm7   ; wk(1)=(R-Y)H
-
-    movdqa      xmm6, xmm5
-    movdqa      xmm7, xmm2
-    punpcklwd   xmm5, xmm1
-    punpckhwd   xmm6, xmm1
-    pmaddwd     xmm5, [GOTOFF(eax,PW_MF0344_F0285)]
-    pmaddwd     xmm6, [GOTOFF(eax,PW_MF0344_F0285)]
-    punpcklwd   xmm2, xmm3
-    punpckhwd   xmm7, xmm3
-    pmaddwd     xmm2, [GOTOFF(eax,PW_MF0344_F0285)]
-    pmaddwd     xmm7, [GOTOFF(eax,PW_MF0344_F0285)]
-
-    paddd       xmm5, [GOTOFF(eax,PD_ONEHALF)]
-    paddd       xmm6, [GOTOFF(eax,PD_ONEHALF)]
-    psrad       xmm5, SCALEBITS
-    psrad       xmm6, SCALEBITS
-    paddd       xmm2, [GOTOFF(eax,PD_ONEHALF)]
-    paddd       xmm7, [GOTOFF(eax,PD_ONEHALF)]
-    psrad       xmm2, SCALEBITS
-    psrad       xmm7, SCALEBITS
-
-    packssdw    xmm5, xmm6              ; xmm5=CbH*-FIX(0.344)+CrH*FIX(0.285)
-    packssdw    xmm2, xmm7              ; xmm2=CbL*-FIX(0.344)+CrL*FIX(0.285)
-    psubw       xmm5, xmm1              ; xmm5=CbH*-FIX(0.344)+CrH*-FIX(0.714)=(G-Y)H
-    psubw       xmm2, xmm3              ; xmm2=CbL*-FIX(0.344)+CrL*-FIX(0.714)=(G-Y)L
-
-    movdqa      XMMWORD [wk(2)], xmm5   ; wk(2)=(G-Y)H
-
-    mov         al, 2                   ; Yctr
-    jmp         short .Yloop_1st
-    alignx      16, 7
-
-.Yloop_2nd:
-    movdqa      xmm0, XMMWORD [wk(1)]   ; xmm0=(R-Y)H
-    movdqa      xmm2, XMMWORD [wk(2)]   ; xmm2=(G-Y)H
-    movdqa      xmm4, XMMWORD [wk(0)]   ; xmm4=(B-Y)H
-    alignx      16, 7
-
-.Yloop_1st:
-    movdqa      xmm7, XMMWORD [esi]     ; xmm7=Y(0123456789ABCDEF)
-
-    pcmpeqw     xmm6, xmm6
-    psrlw       xmm6, BYTE_BIT          ; xmm6={0xFF 0x00 0xFF 0x00 ..}
-    pand        xmm6, xmm7              ; xmm6=Y(02468ACE)=YE
-    psrlw       xmm7, BYTE_BIT          ; xmm7=Y(13579BDF)=YO
-
-    movdqa      xmm1, xmm0              ; xmm1=xmm0=(R-Y)(L/H)
-    movdqa      xmm3, xmm2              ; xmm3=xmm2=(G-Y)(L/H)
-    movdqa      xmm5, xmm4              ; xmm5=xmm4=(B-Y)(L/H)
-
-    paddw       xmm0, xmm6              ; xmm0=((R-Y)+YE)=RE=R(02468ACE)
-    paddw       xmm1, xmm7              ; xmm1=((R-Y)+YO)=RO=R(13579BDF)
-    packuswb    xmm0, xmm0              ; xmm0=R(02468ACE********)
-    packuswb    xmm1, xmm1              ; xmm1=R(13579BDF********)
-
-    paddw       xmm2, xmm6              ; xmm2=((G-Y)+YE)=GE=G(02468ACE)
-    paddw       xmm3, xmm7              ; xmm3=((G-Y)+YO)=GO=G(13579BDF)
-    packuswb    xmm2, xmm2              ; xmm2=G(02468ACE********)
-    packuswb    xmm3, xmm3              ; xmm3=G(13579BDF********)
-
-    paddw       xmm4, xmm6              ; xmm4=((B-Y)+YE)=BE=B(02468ACE)
-    paddw       xmm5, xmm7              ; xmm5=((B-Y)+YO)=BO=B(13579BDF)
-    packuswb    xmm4, xmm4              ; xmm4=B(02468ACE********)
-    packuswb    xmm5, xmm5              ; xmm5=B(13579BDF********)
-
-%if RGB_PIXELSIZE == 3  ; ---------------
-
-    ; xmmA=(00 02 04 06 08 0A 0C 0E **), xmmB=(01 03 05 07 09 0B 0D 0F **)
-    ; xmmC=(10 12 14 16 18 1A 1C 1E **), xmmD=(11 13 15 17 19 1B 1D 1F **)
-    ; xmmE=(20 22 24 26 28 2A 2C 2E **), xmmF=(21 23 25 27 29 2B 2D 2F **)
-    ; xmmG=(** ** ** ** ** ** ** ** **), xmmH=(** ** ** ** ** ** ** ** **)
-
-    punpcklbw   xmmA, xmmC        ; xmmA=(00 10 02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E)
-    punpcklbw   xmmE, xmmB        ; xmmE=(20 01 22 03 24 05 26 07 28 09 2A 0B 2C 0D 2E 0F)
-    punpcklbw   xmmD, xmmF        ; xmmD=(11 21 13 23 15 25 17 27 19 29 1B 2B 1D 2D 1F 2F)
-
-    movdqa      xmmG, xmmA
-    movdqa      xmmH, xmmA
-    punpcklwd   xmmA, xmmE        ; xmmA=(00 10 20 01 02 12 22 03 04 14 24 05 06 16 26 07)
-    punpckhwd   xmmG, xmmE        ; xmmG=(08 18 28 09 0A 1A 2A 0B 0C 1C 2C 0D 0E 1E 2E 0F)
-
-    psrldq      xmmH, 2           ; xmmH=(02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E -- --)
-    psrldq      xmmE, 2           ; xmmE=(22 03 24 05 26 07 28 09 2A 0B 2C 0D 2E 0F -- --)
-
-    movdqa      xmmC, xmmD
-    movdqa      xmmB, xmmD
-    punpcklwd   xmmD, xmmH        ; xmmD=(11 21 02 12 13 23 04 14 15 25 06 16 17 27 08 18)
-    punpckhwd   xmmC, xmmH        ; xmmC=(19 29 0A 1A 1B 2B 0C 1C 1D 2D 0E 1E 1F 2F -- --)
-
-    psrldq      xmmB, 2           ; xmmB=(13 23 15 25 17 27 19 29 1B 2B 1D 2D 1F 2F -- --)
-
-    movdqa      xmmF, xmmE
-    punpcklwd   xmmE, xmmB        ; xmmE=(22 03 13 23 24 05 15 25 26 07 17 27 28 09 19 29)
-    punpckhwd   xmmF, xmmB        ; xmmF=(2A 0B 1B 2B 2C 0D 1D 2D 2E 0F 1F 2F -- -- -- --)
-
-    pshufd      xmmH, xmmA, 0x4E  ; xmmH=(04 14 24 05 06 16 26 07 00 10 20 01 02 12 22 03)
-    movdqa      xmmB, xmmE
-    punpckldq   xmmA, xmmD        ; xmmA=(00 10 20 01 11 21 02 12 02 12 22 03 13 23 04 14)
-    punpckldq   xmmE, xmmH        ; xmmE=(22 03 13 23 04 14 24 05 24 05 15 25 06 16 26 07)
-    punpckhdq   xmmD, xmmB        ; xmmD=(15 25 06 16 26 07 17 27 17 27 08 18 28 09 19 29)
-
-    pshufd      xmmH, xmmG, 0x4E  ; xmmH=(0C 1C 2C 0D 0E 1E 2E 0F 08 18 28 09 0A 1A 2A 0B)
-    movdqa      xmmB, xmmF
-    punpckldq   xmmG, xmmC        ; xmmG=(08 18 28 09 19 29 0A 1A 0A 1A 2A 0B 1B 2B 0C 1C)
-    punpckldq   xmmF, xmmH        ; xmmF=(2A 0B 1B 2B 0C 1C 2C 0D 2C 0D 1D 2D 0E 1E 2E 0F)
-    punpckhdq   xmmC, xmmB        ; xmmC=(1D 2D 0E 1E 2E 0F 1F 2F 1F 2F -- -- -- -- -- --)
-
-    punpcklqdq  xmmA, xmmE        ; xmmA=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05)
-    punpcklqdq  xmmD, xmmG        ; xmmD=(15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A)
-    punpcklqdq  xmmF, xmmC        ; xmmF=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F)
-
-    cmp         ecx, byte SIZEOF_XMMWORD
-    jb          short .column_st32
-
-    test        edi, SIZEOF_XMMWORD-1
-    jnz         short .out1
-    ; --(aligned)-------------------
-    movntdq     XMMWORD [edi+0*SIZEOF_XMMWORD], xmmA
-    movntdq     XMMWORD [edi+1*SIZEOF_XMMWORD], xmmD
-    movntdq     XMMWORD [edi+2*SIZEOF_XMMWORD], xmmF
-    jmp         short .out0
-.out1:  ; --(unaligned)-----------------
-    movdqu      XMMWORD [edi+0*SIZEOF_XMMWORD], xmmA
-    movdqu      XMMWORD [edi+1*SIZEOF_XMMWORD], xmmD
-    movdqu      XMMWORD [edi+2*SIZEOF_XMMWORD], xmmF
-.out0:
-    add         edi, byte RGB_PIXELSIZE*SIZEOF_XMMWORD  ; outptr
-    sub         ecx, byte SIZEOF_XMMWORD
-    jz          near .endcolumn
-
-    add         esi, byte SIZEOF_XMMWORD  ; inptr0
-    dec         al                        ; Yctr
-    jnz         near .Yloop_2nd
-
-    add         ebx, byte SIZEOF_XMMWORD  ; inptr1
-    add         edx, byte SIZEOF_XMMWORD  ; inptr2
-    jmp         near .columnloop
-    alignx      16, 7
-
-.column_st32:
-    lea         ecx, [ecx+ecx*2]            ; imul ecx, RGB_PIXELSIZE
-    cmp         ecx, byte 2*SIZEOF_XMMWORD
-    jb          short .column_st16
-    movdqu      XMMWORD [edi+0*SIZEOF_XMMWORD], xmmA
-    movdqu      XMMWORD [edi+1*SIZEOF_XMMWORD], xmmD
-    add         edi, byte 2*SIZEOF_XMMWORD  ; outptr
-    movdqa      xmmA, xmmF
-    sub         ecx, byte 2*SIZEOF_XMMWORD
-    jmp         short .column_st15
-.column_st16:
-    cmp         ecx, byte SIZEOF_XMMWORD
-    jb          short .column_st15
-    movdqu      XMMWORD [edi+0*SIZEOF_XMMWORD], xmmA
-    add         edi, byte SIZEOF_XMMWORD    ; outptr
-    movdqa      xmmA, xmmD
-    sub         ecx, byte SIZEOF_XMMWORD
-.column_st15:
-    ; Store the lower 8 bytes of xmmA to the output when it has enough
-    ; space.
-    cmp         ecx, byte SIZEOF_MMWORD
-    jb          short .column_st7
-    movq        XMM_MMWORD [edi], xmmA
-    add         edi, byte SIZEOF_MMWORD
-    sub         ecx, byte SIZEOF_MMWORD
-    psrldq      xmmA, SIZEOF_MMWORD
-.column_st7:
-    ; Store the lower 4 bytes of xmmA to the output when it has enough
-    ; space.
-    cmp         ecx, byte SIZEOF_DWORD
-    jb          short .column_st3
-    movd        XMM_DWORD [edi], xmmA
-    add         edi, byte SIZEOF_DWORD
-    sub         ecx, byte SIZEOF_DWORD
-    psrldq      xmmA, SIZEOF_DWORD
-.column_st3:
-    ; Store the lower 2 bytes of eax to the output when it has enough
-    ; space.
-    movd        eax, xmmA
-    cmp         ecx, byte SIZEOF_WORD
-    jb          short .column_st1
-    mov         word [edi], ax
-    add         edi, byte SIZEOF_WORD
-    sub         ecx, byte SIZEOF_WORD
-    shr         eax, 16
-.column_st1:
-    ; Store the lower 1 byte of eax to the output when it has enough
-    ; space.
-    test        ecx, ecx
-    jz          short .endcolumn
-    mov         byte [edi], al
-
-%else  ; RGB_PIXELSIZE == 4 ; -----------
-
-%ifdef RGBX_FILLER_0XFF
-    pcmpeqb     xmm6, xmm6              ; xmm6=XE=X(02468ACE********)
-    pcmpeqb     xmm7, xmm7              ; xmm7=XO=X(13579BDF********)
-%else
-    pxor        xmm6, xmm6              ; xmm6=XE=X(02468ACE********)
-    pxor        xmm7, xmm7              ; xmm7=XO=X(13579BDF********)
-%endif
-    ; xmmA=(00 02 04 06 08 0A 0C 0E **), xmmB=(01 03 05 07 09 0B 0D 0F **)
-    ; xmmC=(10 12 14 16 18 1A 1C 1E **), xmmD=(11 13 15 17 19 1B 1D 1F **)
-    ; xmmE=(20 22 24 26 28 2A 2C 2E **), xmmF=(21 23 25 27 29 2B 2D 2F **)
-    ; xmmG=(30 32 34 36 38 3A 3C 3E **), xmmH=(31 33 35 37 39 3B 3D 3F **)
-
-    punpcklbw   xmmA, xmmC  ; xmmA=(00 10 02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E)
-    punpcklbw   xmmE, xmmG  ; xmmE=(20 30 22 32 24 34 26 36 28 38 2A 3A 2C 3C 2E 3E)
-    punpcklbw   xmmB, xmmD  ; xmmB=(01 11 03 13 05 15 07 17 09 19 0B 1B 0D 1D 0F 1F)
-    punpcklbw   xmmF, xmmH  ; xmmF=(21 31 23 33 25 35 27 37 29 39 2B 3B 2D 3D 2F 3F)
-
-    movdqa      xmmC, xmmA
-    punpcklwd   xmmA, xmmE  ; xmmA=(00 10 20 30 02 12 22 32 04 14 24 34 06 16 26 36)
-    punpckhwd   xmmC, xmmE  ; xmmC=(08 18 28 38 0A 1A 2A 3A 0C 1C 2C 3C 0E 1E 2E 3E)
-    movdqa      xmmG, xmmB
-    punpcklwd   xmmB, xmmF  ; xmmB=(01 11 21 31 03 13 23 33 05 15 25 35 07 17 27 37)
-    punpckhwd   xmmG, xmmF  ; xmmG=(09 19 29 39 0B 1B 2B 3B 0D 1D 2D 3D 0F 1F 2F 3F)
-
-    movdqa      xmmD, xmmA
-    punpckldq   xmmA, xmmB  ; xmmA=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33)
-    punpckhdq   xmmD, xmmB  ; xmmD=(04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37)
-    movdqa      xmmH, xmmC
-    punpckldq   xmmC, xmmG  ; xmmC=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B)
-    punpckhdq   xmmH, xmmG  ; xmmH=(0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F)
-
-    cmp         ecx, byte SIZEOF_XMMWORD
-    jb          short .column_st32
-
-    test        edi, SIZEOF_XMMWORD-1
-    jnz         short .out1
-    ; --(aligned)-------------------
-    movntdq     XMMWORD [edi+0*SIZEOF_XMMWORD], xmmA
-    movntdq     XMMWORD [edi+1*SIZEOF_XMMWORD], xmmD
-    movntdq     XMMWORD [edi+2*SIZEOF_XMMWORD], xmmC
-    movntdq     XMMWORD [edi+3*SIZEOF_XMMWORD], xmmH
-    jmp         short .out0
-.out1:  ; --(unaligned)-----------------
-    movdqu      XMMWORD [edi+0*SIZEOF_XMMWORD], xmmA
-    movdqu      XMMWORD [edi+1*SIZEOF_XMMWORD], xmmD
-    movdqu      XMMWORD [edi+2*SIZEOF_XMMWORD], xmmC
-    movdqu      XMMWORD [edi+3*SIZEOF_XMMWORD], xmmH
-.out0:
-    add         edi, byte RGB_PIXELSIZE*SIZEOF_XMMWORD  ; outptr
-    sub         ecx, byte SIZEOF_XMMWORD
-    jz          near .endcolumn
-
-    add         esi, byte SIZEOF_XMMWORD  ; inptr0
-    dec         al                        ; Yctr
-    jnz         near .Yloop_2nd
-
-    add         ebx, byte SIZEOF_XMMWORD  ; inptr1
-    add         edx, byte SIZEOF_XMMWORD  ; inptr2
-    jmp         near .columnloop
-    alignx      16, 7
-
-.column_st32:
-    cmp         ecx, byte SIZEOF_XMMWORD/2
-    jb          short .column_st16
-    movdqu      XMMWORD [edi+0*SIZEOF_XMMWORD], xmmA
-    movdqu      XMMWORD [edi+1*SIZEOF_XMMWORD], xmmD
-    add         edi, byte 2*SIZEOF_XMMWORD  ; outptr
-    movdqa      xmmA, xmmC
-    movdqa      xmmD, xmmH
-    sub         ecx, byte SIZEOF_XMMWORD/2
-.column_st16:
-    cmp         ecx, byte SIZEOF_XMMWORD/4
-    jb          short .column_st15
-    movdqu      XMMWORD [edi+0*SIZEOF_XMMWORD], xmmA
-    add         edi, byte SIZEOF_XMMWORD    ; outptr
-    movdqa      xmmA, xmmD
-    sub         ecx, byte SIZEOF_XMMWORD/4
-.column_st15:
-    ; Store two pixels (8 bytes) of xmmA to the output when it has enough
-    ; space.
-    cmp         ecx, byte SIZEOF_XMMWORD/8
-    jb          short .column_st7
-    movq        XMM_MMWORD [edi], xmmA
-    add         edi, byte SIZEOF_XMMWORD/8*4
-    sub         ecx, byte SIZEOF_XMMWORD/8
-    psrldq      xmmA, SIZEOF_XMMWORD/8*4
-.column_st7:
-    ; Store one pixel (4 bytes) of xmmA to the output when it has enough
-    ; space.
-    test        ecx, ecx
-    jz          short .endcolumn
-    movd        XMM_DWORD [edi], xmmA
-
-%endif  ; RGB_PIXELSIZE ; ---------------
-
-.endcolumn:
-    sfence                              ; flush the write buffer
-
-.return:
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Upsample and color convert for the case of 2:1 horizontal and 2:1 vertical.
-;
-; GLOBAL(void)
-; jsimd_h2v2_merged_upsample_sse2(JDIMENSION output_width,
-;                                 JSAMPIMAGE input_buf,
-;                                 JDIMENSION in_row_group_ctr,
-;                                 JSAMPARRAY output_buf);
-;
-
-%define output_width(b)      (b) + 8    ; JDIMENSION output_width
-%define input_buf(b)         (b) + 12   ; JSAMPIMAGE input_buf
-%define in_row_group_ctr(b)  (b) + 16   ; JDIMENSION in_row_group_ctr
-%define output_buf(b)        (b) + 20   ; JSAMPARRAY output_buf
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v2_merged_upsample_sse2)
-
-EXTN(jsimd_h2v2_merged_upsample_sse2):
-    push        ebp
-    mov         ebp, esp
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         eax, POINTER [output_width(ebp)]
-
-    mov         edi, JSAMPIMAGE [input_buf(ebp)]
-    mov         ecx, JDIMENSION [in_row_group_ctr(ebp)]
-    mov         esi, JSAMPARRAY [edi+0*SIZEOF_JSAMPARRAY]
-    mov         ebx, JSAMPARRAY [edi+1*SIZEOF_JSAMPARRAY]
-    mov         edx, JSAMPARRAY [edi+2*SIZEOF_JSAMPARRAY]
-    mov         edi, JSAMPARRAY [output_buf(ebp)]
-    lea         esi, [esi+ecx*SIZEOF_JSAMPROW]
-
-    push        edx                     ; inptr2
-    push        ebx                     ; inptr1
-    push        esi                     ; inptr00
-    mov         ebx, esp
-
-    push        edi                     ; output_buf (outptr0)
-    push        ecx                     ; in_row_group_ctr
-    push        ebx                     ; input_buf
-    push        eax                     ; output_width
-
-    call        near EXTN(jsimd_h2v1_merged_upsample_sse2)
-
-    add         esi, byte SIZEOF_JSAMPROW  ; inptr01
-    add         edi, byte SIZEOF_JSAMPROW  ; outptr1
-    mov         POINTER [ebx+0*SIZEOF_POINTER], esi
-    mov         POINTER [ebx-1*SIZEOF_POINTER], edi
-
-    call        near EXTN(jsimd_h2v1_merged_upsample_sse2)
-
-    add         esp, byte 7*SIZEOF_DWORD
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdsample-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdsample-avx2.asm
deleted file mode 100644
index a800c35..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdsample-avx2.asm
+++ /dev/null
@@ -1,760 +0,0 @@
-;
-; jdsample.asm - upsampling (AVX2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2015, Intel Corporation.
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_fancy_upsample_avx2)
-
-EXTN(jconst_fancy_upsample_avx2):
-
-PW_ONE   times 16 dw 1
-PW_TWO   times 16 dw 2
-PW_THREE times 16 dw 3
-PW_SEVEN times 16 dw 7
-PW_EIGHT times 16 dw 8
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Fancy processing for the common case of 2:1 horizontal and 1:1 vertical.
-;
-; The upsampling algorithm is linear interpolation between pixel centers,
-; also known as a "triangle filter".  This is a good compromise between
-; speed and visual quality.  The centers of the output pixels are 1/4 and 3/4
-; of the way between input pixel centers.
-;
-; GLOBAL(void)
-; jsimd_h2v1_fancy_upsample_avx2(int max_v_samp_factor,
-;                                JDIMENSION downsampled_width,
-;                                JSAMPARRAY input_data,
-;                                JSAMPARRAY *output_data_ptr);
-;
-
-%define max_v_samp(b)       (b) + 8     ; int max_v_samp_factor
-%define downsamp_width(b)   (b) + 12    ; JDIMENSION downsampled_width
-%define input_data(b)       (b) + 16    ; JSAMPARRAY input_data
-%define output_data_ptr(b)  (b) + 20    ; JSAMPARRAY *output_data_ptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v1_fancy_upsample_avx2)
-
-EXTN(jsimd_h2v1_fancy_upsample_avx2):
-    push        ebp
-    mov         ebp, esp
-    pushpic     ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-
-    mov         eax, JDIMENSION [downsamp_width(ebp)]  ; colctr
-    test        eax, eax
-    jz          near .return
-
-    mov         ecx, INT [max_v_samp(ebp)]  ; rowctr
-    test        ecx, ecx
-    jz          near .return
-
-    mov         esi, JSAMPARRAY [input_data(ebp)]    ; input_data
-    mov         edi, POINTER [output_data_ptr(ebp)]
-    mov         edi, JSAMPARRAY [edi]                ; output_data
-    alignx      16, 7
-.rowloop:
-    push        eax                     ; colctr
-    push        edi
-    push        esi
-
-    mov         esi, JSAMPROW [esi]     ; inptr
-    mov         edi, JSAMPROW [edi]     ; outptr
-
-    test        eax, SIZEOF_YMMWORD-1
-    jz          short .skip
-    mov         dl, JSAMPLE [esi+(eax-1)*SIZEOF_JSAMPLE]
-    mov         JSAMPLE [esi+eax*SIZEOF_JSAMPLE], dl    ; insert a dummy sample
-.skip:
-    vpxor       ymm0, ymm0, ymm0                ; ymm0=(all 0's)
-    vpcmpeqb    xmm7, xmm7, xmm7
-    vpsrldq     xmm7, xmm7, (SIZEOF_XMMWORD-1)  ; (ff -- -- -- ... -- --) LSB is ff
-    vpand       ymm7, ymm7, YMMWORD [esi+0*SIZEOF_YMMWORD]
-
-    add         eax, byte SIZEOF_YMMWORD-1
-    and         eax, byte -SIZEOF_YMMWORD
-    cmp         eax, byte SIZEOF_YMMWORD
-    ja          short .columnloop
-    alignx      16, 7
-
-.columnloop_last:
-    vpcmpeqb    xmm6, xmm6, xmm6
-    vpslldq     xmm6, xmm6, (SIZEOF_XMMWORD-1)
-    vperm2i128  ymm6, ymm6, ymm6, 1             ; (---- ---- ... ---- ---- ff) MSB is ff
-    vpand       ymm6, ymm6, YMMWORD [esi+0*SIZEOF_YMMWORD]
-    jmp         short .upsample
-    alignx      16, 7
-
-.columnloop:
-    vmovdqu     ymm6, YMMWORD [esi+1*SIZEOF_YMMWORD]
-    vperm2i128  ymm6, ymm0, ymm6, 0x20
-    vpslldq     ymm6, ymm6, 15
-
-.upsample:
-    vmovdqu     ymm1, YMMWORD [esi+0*SIZEOF_YMMWORD]  ; ymm1=( 0  1  2 ... 29 30 31)
-
-    vperm2i128  ymm2, ymm0, ymm1, 0x20
-    vpalignr    ymm2, ymm1, ymm2, 15            ; ymm2=(--  0  1 ... 28 29 30)
-    vperm2i128  ymm4, ymm0, ymm1, 0x03
-    vpalignr    ymm3, ymm4, ymm1, 1             ; ymm3=( 1  2  3 ... 30 31 --)
-
-    vpor        ymm2, ymm2, ymm7                ; ymm2=(-1  0  1 ... 28 29 30)
-    vpor        ymm3, ymm3, ymm6                ; ymm3=( 1  2  3 ... 30 31 32)
-
-    vpsrldq     ymm7, ymm4, (SIZEOF_XMMWORD-1)  ; ymm7=(31 -- -- ... -- -- --)
-
-    vpunpckhbw  ymm4, ymm1, ymm0                ; ymm4=( 8  9 10 11 12 13 14 15 24 25 26 27 28 29 30 31)
-    vpunpcklbw  ymm5, ymm1, ymm0                ; ymm5=( 0  1  2  3  4  5  6  7 16 17 18 19 20 21 22 23)
-    vperm2i128  ymm1, ymm5, ymm4, 0x20          ; ymm1=( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vperm2i128  ymm4, ymm5, ymm4, 0x31          ; ymm4=(16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vpunpckhbw  ymm5, ymm2, ymm0                ; ymm5=( 7  8  9 10 11 12 13 14 23 24 25 26 27 28 29 30)
-    vpunpcklbw  ymm6, ymm2, ymm0                ; ymm6=(-1  0  1  2  3  4  5  6 15 16 17 18 19 20 21 22)
-    vperm2i128  ymm2, ymm6, ymm5, 0x20          ; ymm2=(-1  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14)
-    vperm2i128  ymm5, ymm6, ymm5, 0x31          ; ymm5=(15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30)
-
-    vpunpckhbw  ymm6, ymm3, ymm0                ; ymm6=( 1  2  3  4  5  6  7  8 17 18 19 20 21 22 23 24)
-    vpunpcklbw  ymm0, ymm3, ymm0                ; ymm0=( 9 10 11 12 13 14 15 16 25 26 27 28 29 30 31 32)
-    vperm2i128  ymm3, ymm0, ymm6, 0x20          ; ymm3=( 1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16)
-    vperm2i128  ymm6, ymm0, ymm6, 0x31          ; ymm6=(17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32)
-
-    vpxor       ymm0, ymm0, ymm0                ; ymm0=(all 0's)
-
-    vpmullw     ymm1, ymm1, [GOTOFF(ebx,PW_THREE)]
-    vpmullw     ymm4, ymm4, [GOTOFF(ebx,PW_THREE)]
-    vpaddw      ymm2, ymm2, [GOTOFF(ebx,PW_ONE)]
-    vpaddw      ymm5, ymm5, [GOTOFF(ebx,PW_ONE)]
-    vpaddw      ymm3, ymm3, [GOTOFF(ebx,PW_TWO)]
-    vpaddw      ymm6, ymm6, [GOTOFF(ebx,PW_TWO)]
-
-    vpaddw      ymm2, ymm2, ymm1
-    vpaddw      ymm5, ymm5, ymm4
-    vpsrlw      ymm2, ymm2, 2                   ; ymm2=OutLE=( 0  2  4  6  8 10 12 14 16 18 20 22 24 26 28 30)
-    vpsrlw      ymm5, ymm5, 2                   ; ymm5=OutHE=(32 34 36 38 40 42 44 46 48 50 52 54 56 58 60 62)
-    vpaddw      ymm3, ymm3, ymm1
-    vpaddw      ymm6, ymm6, ymm4
-    vpsrlw      ymm3, ymm3, 2                   ; ymm3=OutLO=( 1  3  5  7  9 11 13 15 17 19 21 23 25 27 29 31)
-    vpsrlw      ymm6, ymm6, 2                   ; ymm6=OutHO=(33 35 37 39 41 43 45 47 49 51 53 55 57 59 61 63)
-
-    vpsllw      ymm3, ymm3, BYTE_BIT
-    vpsllw      ymm6, ymm6, BYTE_BIT
-    vpor        ymm2, ymm2, ymm3                ; ymm2=OutL=( 0  1  2 ... 29 30 31)
-    vpor        ymm5, ymm5, ymm6                ; ymm5=OutH=(32 33 34 ... 61 62 63)
-
-    vmovdqu     YMMWORD [edi+0*SIZEOF_YMMWORD], ymm2
-    vmovdqu     YMMWORD [edi+1*SIZEOF_YMMWORD], ymm5
-
-    sub         eax, byte SIZEOF_YMMWORD
-    add         esi, byte 1*SIZEOF_YMMWORD  ; inptr
-    add         edi, byte 2*SIZEOF_YMMWORD  ; outptr
-    cmp         eax, byte SIZEOF_YMMWORD
-    ja          near .columnloop
-    test        eax, eax
-    jnz         near .columnloop_last
-
-    pop         esi
-    pop         edi
-    pop         eax
-
-    add         esi, byte SIZEOF_JSAMPROW  ; input_data
-    add         edi, byte SIZEOF_JSAMPROW  ; output_data
-    dec         ecx                        ; rowctr
-    jg          near .rowloop
-
-.return:
-    vzeroupper
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    poppic      ebx
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Fancy processing for the common case of 2:1 horizontal and 2:1 vertical.
-; Again a triangle filter; see comments for h2v1 case, above.
-;
-; GLOBAL(void)
-; jsimd_h2v2_fancy_upsample_avx2(int max_v_samp_factor,
-;                                JDIMENSION downsampled_width,
-;                                JSAMPARRAY input_data,
-;                                JSAMPARRAY *output_data_ptr);
-;
-
-%define max_v_samp(b)       (b) + 8     ; int max_v_samp_factor
-%define downsamp_width(b)   (b) + 12    ; JDIMENSION downsampled_width
-%define input_data(b)       (b) + 16    ; JSAMPARRAY input_data
-%define output_data_ptr(b)  (b) + 20    ; JSAMPARRAY *output_data_ptr
-
-%define original_ebp  ebp + 0
-%define wk(i)         ebp - (WK_NUM - (i)) * SIZEOF_YMMWORD
-                                        ; ymmword wk[WK_NUM]
-%define WK_NUM        4
-%define gotptr        wk(0) - SIZEOF_POINTER  ; void *gotptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v2_fancy_upsample_avx2)
-
-EXTN(jsimd_h2v2_fancy_upsample_avx2):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_YMMWORD)  ; align to 256 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     eax                     ; make a room for GOT address
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-    movpic      POINTER [gotptr], ebx   ; save GOT address
-
-    mov         edx, eax                ; edx = original ebp
-    mov         eax, JDIMENSION [downsamp_width(edx)]  ; colctr
-    test        eax, eax
-    jz          near .return
-
-    mov         ecx, INT [max_v_samp(edx)]  ; rowctr
-    test        ecx, ecx
-    jz          near .return
-
-    mov         esi, JSAMPARRAY [input_data(edx)]    ; input_data
-    mov         edi, POINTER [output_data_ptr(edx)]
-    mov         edi, JSAMPARRAY [edi]                ; output_data
-    alignx      16, 7
-.rowloop:
-    push        eax                     ; colctr
-    push        ecx
-    push        edi
-    push        esi
-
-    mov         ecx, JSAMPROW [esi-1*SIZEOF_JSAMPROW]  ; inptr1(above)
-    mov         ebx, JSAMPROW [esi+0*SIZEOF_JSAMPROW]  ; inptr0
-    mov         esi, JSAMPROW [esi+1*SIZEOF_JSAMPROW]  ; inptr1(below)
-    mov         edx, JSAMPROW [edi+0*SIZEOF_JSAMPROW]  ; outptr0
-    mov         edi, JSAMPROW [edi+1*SIZEOF_JSAMPROW]  ; outptr1
-
-    test        eax, SIZEOF_YMMWORD-1
-    jz          short .skip
-    push        edx
-    mov         dl, JSAMPLE [ecx+(eax-1)*SIZEOF_JSAMPLE]
-    mov         JSAMPLE [ecx+eax*SIZEOF_JSAMPLE], dl
-    mov         dl, JSAMPLE [ebx+(eax-1)*SIZEOF_JSAMPLE]
-    mov         JSAMPLE [ebx+eax*SIZEOF_JSAMPLE], dl
-    mov         dl, JSAMPLE [esi+(eax-1)*SIZEOF_JSAMPLE]
-    mov         JSAMPLE [esi+eax*SIZEOF_JSAMPLE], dl    ; insert a dummy sample
-    pop         edx
-.skip:
-    ; -- process the first column block
-
-    vmovdqu     ymm0, YMMWORD [ebx+0*SIZEOF_YMMWORD]  ; ymm0=row[ 0][0]
-    vmovdqu     ymm1, YMMWORD [ecx+0*SIZEOF_YMMWORD]  ; ymm1=row[-1][0]
-    vmovdqu     ymm2, YMMWORD [esi+0*SIZEOF_YMMWORD]  ; ymm2=row[+1][0]
-
-    pushpic     ebx
-    movpic      ebx, POINTER [gotptr]   ; load GOT address
-
-    vpxor       ymm3, ymm3, ymm3        ; ymm3=(all 0's)
-
-    vpunpckhbw  ymm4, ymm0, ymm3        ; ymm4=row[ 0]( 8  9 10 11 12 13 14 15 24 25 26 27 28 29 30 31)
-    vpunpcklbw  ymm5, ymm0, ymm3        ; ymm5=row[ 0]( 0  1  2  3  4  5  6  7 16 17 18 19 20 21 22 23)
-    vperm2i128  ymm0, ymm5, ymm4, 0x20  ; ymm0=row[ 0]( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vperm2i128  ymm4, ymm5, ymm4, 0x31  ; ymm4=row[ 0](16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vpunpckhbw  ymm5, ymm1, ymm3        ; ymm5=row[-1]( 8  9 10 11 12 13 14 15 24 25 26 27 28 29 30 31)
-    vpunpcklbw  ymm6, ymm1, ymm3        ; ymm6=row[-1]( 0  1  2  3  4  5  6  7 16 17 18 19 20 21 22 23)
-    vperm2i128  ymm1, ymm6, ymm5, 0x20  ; ymm1=row[-1]( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vperm2i128  ymm5, ymm6, ymm5, 0x31  ; ymm5=row[-1](16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vpunpckhbw  ymm6, ymm2, ymm3        ; ymm6=row[+1]( 8  9 10 11 12 13 14 15 24 25 26 27 28 29 30 31)
-    vpunpcklbw  ymm3, ymm2, ymm3        ; ymm3=row[+1]( 0  1  2  3  4  5  6  7 16 17 18 19 20 21 22 23)
-    vperm2i128  ymm2, ymm3, ymm6, 0x20  ; ymm2=row[+1]( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vperm2i128  ymm6, ymm3, ymm6, 0x31  ; ymm6=row[+1](16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vpmullw     ymm0, ymm0, [GOTOFF(ebx,PW_THREE)]
-    vpmullw     ymm4, ymm4, [GOTOFF(ebx,PW_THREE)]
-
-    vpcmpeqb    xmm7, xmm7, xmm7
-    vpsrldq     xmm7, xmm7, (SIZEOF_XMMWORD-2)  ; (ffff ---- ---- ... ---- ----) LSB is ffff
-
-    vpaddw      ymm1, ymm1, ymm0        ; ymm1=Int0L=( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vpaddw      ymm5, ymm5, ymm4        ; ymm5=Int0H=(16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-    vpaddw      ymm2, ymm2, ymm0        ; ymm2=Int1L=( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vpaddw      ymm6, ymm6, ymm4        ; ymm6=Int1H=(16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vmovdqu     YMMWORD [edx+0*SIZEOF_YMMWORD], ymm1  ; temporarily save
-    vmovdqu     YMMWORD [edx+1*SIZEOF_YMMWORD], ymm5  ; the intermediate data
-    vmovdqu     YMMWORD [edi+0*SIZEOF_YMMWORD], ymm2
-    vmovdqu     YMMWORD [edi+1*SIZEOF_YMMWORD], ymm6
-
-    vpand       ymm1, ymm1, ymm7        ; ymm1=( 0 -- -- -- -- -- -- -- -- -- -- -- -- -- -- --)
-    vpand       ymm2, ymm2, ymm7        ; ymm2=( 0 -- -- -- -- -- -- -- -- -- -- -- -- -- -- --)
-
-    vmovdqa     YMMWORD [wk(0)], ymm1
-    vmovdqa     YMMWORD [wk(1)], ymm2
-
-    poppic      ebx
-
-    add         eax, byte SIZEOF_YMMWORD-1
-    and         eax, byte -SIZEOF_YMMWORD
-    cmp         eax, byte SIZEOF_YMMWORD
-    ja          short .columnloop
-    alignx      16, 7
-
-.columnloop_last:
-    ; -- process the last column block
-
-    pushpic     ebx
-    movpic      ebx, POINTER [gotptr]   ; load GOT address
-
-    vpcmpeqb    xmm1, xmm1, xmm1
-    vpslldq     xmm1, xmm1, (SIZEOF_XMMWORD-2)
-    vperm2i128  ymm1, ymm1, ymm1, 1             ; (---- ---- ... ---- ---- ffff) MSB is ffff
-
-    vpand       ymm2, ymm1, YMMWORD [edi+1*SIZEOF_YMMWORD]
-    vpand       ymm1, ymm1, YMMWORD [edx+1*SIZEOF_YMMWORD]
-
-    vmovdqa     YMMWORD [wk(2)], ymm1          ; ymm1=(-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- 31)
-    vmovdqa     YMMWORD [wk(3)], ymm2          ; ymm2=(-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- 31)
-
-    jmp         near .upsample
-    alignx      16, 7
-
-.columnloop:
-    ; -- process the next column block
-
-    vmovdqu     ymm0, YMMWORD [ebx+1*SIZEOF_YMMWORD]  ; ymm0=row[ 0][1]
-    vmovdqu     ymm1, YMMWORD [ecx+1*SIZEOF_YMMWORD]  ; ymm1=row[-1][1]
-    vmovdqu     ymm2, YMMWORD [esi+1*SIZEOF_YMMWORD]  ; ymm2=row[+1][1]
-
-    pushpic     ebx
-    movpic      ebx, POINTER [gotptr]   ; load GOT address
-
-    vpxor       ymm3, ymm3, ymm3        ; ymm3=(all 0's)
-
-    vpunpckhbw  ymm4, ymm0, ymm3        ; ymm4=row[ 0]( 8  9 10 11 12 13 14 15 24 25 26 27 28 29 30 31)
-    vpunpcklbw  ymm5, ymm0, ymm3        ; ymm5=row[ 0]( 0  1  2  3  4  5  6  7 16 17 18 19 20 21 22 23)
-    vperm2i128  ymm0, ymm5, ymm4, 0x20  ; ymm0=row[ 0]( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vperm2i128  ymm4, ymm5, ymm4, 0x31  ; ymm4=row[ 0](16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vpunpckhbw  ymm5, ymm1, ymm3        ; ymm5=row[-1]( 8  9 10 11 12 13 14 15 24 25 26 27 28 29 30 31)
-    vpunpcklbw  ymm6, ymm1, ymm3        ; ymm6=row[-1]( 0  1  2  3  4  5  6  7 16 17 18 19 20 21 22 23)
-    vperm2i128  ymm1, ymm6, ymm5, 0x20  ; ymm1=row[-1]( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vperm2i128  ymm5, ymm6, ymm5, 0x31  ; ymm5=row[-1](16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vpunpckhbw  ymm6, ymm2, ymm3        ; ymm6=row[+1]( 8  9 10 11 12 13 14 15 24 25 26 27 28 29 30 31)
-    vpunpcklbw  ymm7, ymm2, ymm3        ; ymm7=row[+1]( 0  1  2  3  4  5  6  7 16 17 18 19 20 21 22 23)
-    vperm2i128  ymm2, ymm7, ymm6, 0x20  ; ymm2=row[+1]( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vperm2i128  ymm6, ymm7, ymm6, 0x31  ; ymm6=row[+1](16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vpmullw     ymm0, ymm0, [GOTOFF(ebx,PW_THREE)]
-    vpmullw     ymm4, ymm4, [GOTOFF(ebx,PW_THREE)]
-
-    vpaddw      ymm1, ymm1, ymm0        ; ymm1=Int0L=( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vpaddw      ymm5, ymm5, ymm4        ; ymm5=Int0H=(16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-    vpaddw      ymm2, ymm2, ymm0        ; ymm2=Int1L=( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vpaddw      ymm6, ymm6, ymm4        ; ymm6=Int1H=(16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vmovdqu     YMMWORD [edx+2*SIZEOF_YMMWORD], ymm1  ; temporarily save
-    vmovdqu     YMMWORD [edx+3*SIZEOF_YMMWORD], ymm5  ; the intermediate data
-    vmovdqu     YMMWORD [edi+2*SIZEOF_YMMWORD], ymm2
-    vmovdqu     YMMWORD [edi+3*SIZEOF_YMMWORD], ymm6
-
-    vperm2i128  ymm1, ymm3, ymm1, 0x20
-    vpslldq     ymm1, ymm1, 14          ; ymm1=(-- -- -- -- -- -- -- -- -- -- -- -- -- -- --  0)
-    vperm2i128  ymm2, ymm3, ymm2, 0x20
-    vpslldq     ymm2, ymm2, 14          ; ymm2=(-- -- -- -- -- -- -- -- -- -- -- -- -- -- --  0)
-
-    vmovdqa     YMMWORD [wk(2)], ymm1
-    vmovdqa     YMMWORD [wk(3)], ymm2
-
-.upsample:
-    ; -- process the upper row
-
-    vmovdqu     ymm7, YMMWORD [edx+0*SIZEOF_YMMWORD]  ; ymm7=Int0L=( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vmovdqu     ymm3, YMMWORD [edx+1*SIZEOF_YMMWORD]  ; ymm3=Int0H=(16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vpxor       ymm1, ymm1, ymm1        ; ymm1=(all 0's)
-
-    vperm2i128  ymm0, ymm1, ymm7, 0x03
-    vpalignr    ymm0, ymm0, ymm7, 2     ; ymm0=( 1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 --)
-    vperm2i128  ymm4, ymm1, ymm3, 0x20
-    vpslldq     ymm4, ymm4, 14          ; ymm4=(-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- 16)
-
-    vperm2i128  ymm5, ymm1, ymm7, 0x03
-    vpsrldq     ymm5, ymm5, 14          ; ymm5=(15 -- -- -- -- -- -- -- -- -- -- -- -- -- -- --)
-    vperm2i128  ymm6, ymm1, ymm3, 0x20
-    vpalignr    ymm6, ymm3, ymm6, 14    ; ymm6=(-- 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30)
-
-    vpor        ymm0, ymm0, ymm4        ; ymm0=( 1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16)
-    vpor        ymm5, ymm5, ymm6        ; ymm5=(15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30)
-
-    vperm2i128  ymm2, ymm1, ymm3, 0x03
-    vpalignr    ymm2, ymm2, ymm3, 2     ; ymm2=(17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 --)
-    vperm2i128  ymm4, ymm1, ymm3, 0x03
-    vpsrldq     ymm4, ymm4, 14          ; ymm4=(31 -- -- -- -- -- -- -- -- -- -- -- -- -- -- --)
-    vperm2i128  ymm1, ymm1, ymm7, 0x20
-    vpalignr    ymm1, ymm7, ymm1, 14    ; ymm1=(--  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14)
-
-    vpor        ymm1, ymm1, YMMWORD [wk(0)]  ; ymm1=(-1  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14)
-    vpor        ymm2, ymm2, YMMWORD [wk(2)]  ; ymm2=(17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32)
-
-    vmovdqa     YMMWORD [wk(0)], ymm4
-
-    vpmullw     ymm7, ymm7, [GOTOFF(ebx,PW_THREE)]
-    vpmullw     ymm3, ymm3, [GOTOFF(ebx,PW_THREE)]
-    vpaddw      ymm1, ymm1, [GOTOFF(ebx,PW_EIGHT)]
-    vpaddw      ymm5, ymm5, [GOTOFF(ebx,PW_EIGHT)]
-    vpaddw      ymm0, ymm0, [GOTOFF(ebx,PW_SEVEN)]
-    vpaddw      ymm2, [GOTOFF(ebx,PW_SEVEN)]
-
-    vpaddw      ymm1, ymm1, ymm7
-    vpaddw      ymm5, ymm5, ymm3
-    vpsrlw      ymm1, ymm1, 4           ; ymm1=Out0LE=( 0  2  4  6  8 10 12 14 16 18 20 22 24 26 28 30)
-    vpsrlw      ymm5, ymm5, 4           ; ymm5=Out0HE=(32 34 36 38 40 42 44 46 48 50 52 54 56 58 60 62)
-    vpaddw      ymm0, ymm0, ymm7
-    vpaddw      ymm2, ymm2, ymm3
-    vpsrlw      ymm0, ymm0, 4           ; ymm0=Out0LO=( 1  3  5  7  9 11 13 15 17 19 21 23 25 27 29 31)
-    vpsrlw      ymm2, ymm2, 4           ; ymm2=Out0HO=(33 35 37 39 41 43 45 47 49 51 53 55 57 59 61 63)
-
-    vpsllw      ymm0, ymm0, BYTE_BIT
-    vpsllw      ymm2, ymm2, BYTE_BIT
-    vpor        ymm1, ymm1, ymm0        ; ymm1=Out0L=( 0  1  2 ... 29 30 31)
-    vpor        ymm5, ymm5, ymm2        ; ymm5=Out0H=(32 33 34 ... 61 62 63)
-
-    vmovdqu     YMMWORD [edx+0*SIZEOF_YMMWORD], ymm1
-    vmovdqu     YMMWORD [edx+1*SIZEOF_YMMWORD], ymm5
-
-    ; -- process the lower row
-
-    vmovdqu     ymm6, YMMWORD [edi+0*SIZEOF_YMMWORD]  ; ymm6=Int1L=( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vmovdqu     ymm4, YMMWORD [edi+1*SIZEOF_YMMWORD]  ; ymm4=Int1H=(16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vpxor       ymm1, ymm1, ymm1        ; ymm1=(all 0's)
-
-    vperm2i128  ymm7, ymm1, ymm6, 0x03
-    vpalignr    ymm7, ymm7, ymm6, 2     ; ymm7=( 1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 --)
-    vperm2i128  ymm3, ymm1, ymm4, 0x20
-    vpslldq     ymm3, ymm3, 14          ; ymm3=(-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- 16)
-
-    vperm2i128  ymm0, ymm1, ymm6, 0x03
-    vpsrldq     ymm0, ymm0, 14          ; ymm0=(15 -- -- -- -- -- -- -- -- -- -- -- -- -- -- --)
-    vperm2i128  ymm2, ymm1, ymm4, 0x20
-    vpalignr    ymm2, ymm4, ymm2, 14    ; ymm2=(-- 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30)
-
-    vpor        ymm7, ymm7, ymm3        ; ymm7=( 1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16)
-    vpor        ymm0, ymm0, ymm2        ; ymm0=(15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30)
-
-    vperm2i128  ymm5, ymm1, ymm4, 0x03
-    vpalignr    ymm5, ymm5, ymm4, 2     ; ymm5=(17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 --)
-    vperm2i128  ymm3, ymm1, ymm4, 0x03
-    vpsrldq     ymm3, ymm3, 14          ; ymm3=(31 -- -- -- -- -- -- -- -- -- -- -- -- -- -- --)
-    vperm2i128  ymm1, ymm1, ymm6, 0x20
-    vpalignr    ymm1, ymm6, ymm1, 14    ; ymm1=(--  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14)
-
-    vpor        ymm1, ymm1, YMMWORD [wk(1)]  ; ymm1=(-1  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14)
-    vpor        ymm5, ymm5, YMMWORD [wk(3)]  ; ymm5=(17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32)
-
-    vmovdqa     YMMWORD [wk(1)], ymm3
-
-    vpmullw     ymm6, ymm6, [GOTOFF(ebx,PW_THREE)]
-    vpmullw     ymm4, ymm4, [GOTOFF(ebx,PW_THREE)]
-    vpaddw      ymm1, ymm1, [GOTOFF(ebx,PW_EIGHT)]
-    vpaddw      ymm0, ymm0, [GOTOFF(ebx,PW_EIGHT)]
-    vpaddw      ymm7, ymm7, [GOTOFF(ebx,PW_SEVEN)]
-    vpaddw      ymm5, ymm5, [GOTOFF(ebx,PW_SEVEN)]
-
-    vpaddw      ymm1, ymm1, ymm6
-    vpaddw      ymm0, ymm0, ymm4
-    vpsrlw      ymm1, ymm1, 4           ; ymm1=Out1LE=( 0  2  4  6  8 10 12 14 16 18 20 22 24 26 28 30)
-    vpsrlw      ymm0, ymm0, 4           ; ymm0=Out1HE=(32 34 36 38 40 42 44 46 48 50 52 54 56 58 60 62)
-    vpaddw      ymm7, ymm7, ymm6
-    vpaddw      ymm5, ymm5, ymm4
-    vpsrlw      ymm7, ymm7, 4           ; ymm7=Out1LO=( 1  3  5  7  9 11 13 15 17 19 21 23 25 27 29 31)
-    vpsrlw      ymm5, ymm5, 4           ; ymm5=Out1HO=(33 35 37 39 41 43 45 47 49 51 53 55 57 59 61 63)
-
-    vpsllw      ymm7, ymm7, BYTE_BIT
-    vpsllw      ymm5, ymm5, BYTE_BIT
-    vpor        ymm1, ymm1, ymm7        ; ymm1=Out1L=( 0  1  2 ... 29 30 31)
-    vpor        ymm0, ymm0, ymm5        ; ymm0=Out1H=(32 33 34 ... 61 62 63)
-
-    vmovdqu     YMMWORD [edi+0*SIZEOF_YMMWORD], ymm1
-    vmovdqu     YMMWORD [edi+1*SIZEOF_YMMWORD], ymm0
-
-    poppic      ebx
-
-    sub         eax, byte SIZEOF_YMMWORD
-    add         ecx, byte 1*SIZEOF_YMMWORD  ; inptr1(above)
-    add         ebx, byte 1*SIZEOF_YMMWORD  ; inptr0
-    add         esi, byte 1*SIZEOF_YMMWORD  ; inptr1(below)
-    add         edx, byte 2*SIZEOF_YMMWORD  ; outptr0
-    add         edi, byte 2*SIZEOF_YMMWORD  ; outptr1
-    cmp         eax, byte SIZEOF_YMMWORD
-    ja          near .columnloop
-    test        eax, eax
-    jnz         near .columnloop_last
-
-    pop         esi
-    pop         edi
-    pop         ecx
-    pop         eax
-
-    add         esi, byte 1*SIZEOF_JSAMPROW  ; input_data
-    add         edi, byte 2*SIZEOF_JSAMPROW  ; output_data
-    sub         ecx, byte 2                  ; rowctr
-    jg          near .rowloop
-
-.return:
-    vzeroupper
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Fast processing for the common case of 2:1 horizontal and 1:1 vertical.
-; It's still a box filter.
-;
-; GLOBAL(void)
-; jsimd_h2v1_upsample_avx2(int max_v_samp_factor, JDIMENSION output_width,
-;                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr);
-;
-
-%define max_v_samp(b)       (b) + 8     ; int max_v_samp_factor
-%define output_width(b)     (b) + 12    ; JDIMENSION output_width
-%define input_data(b)       (b) + 16    ; JSAMPARRAY input_data
-%define output_data_ptr(b)  (b) + 20    ; JSAMPARRAY *output_data_ptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v1_upsample_avx2)
-
-EXTN(jsimd_h2v1_upsample_avx2):
-    push        ebp
-    mov         ebp, esp
-;   push        ebx                     ; unused
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         edx, JDIMENSION [output_width(ebp)]
-    add         edx, byte (SIZEOF_YMMWORD-1)
-    and         edx, -SIZEOF_YMMWORD
-    jz          short .return
-
-    mov         ecx, INT [max_v_samp(ebp)]  ; rowctr
-    test        ecx, ecx
-    jz          short .return
-
-    mov         esi, JSAMPARRAY [input_data(ebp)]    ; input_data
-    mov         edi, POINTER [output_data_ptr(ebp)]
-    mov         edi, JSAMPARRAY [edi]                ; output_data
-    alignx      16, 7
-.rowloop:
-    push        edi
-    push        esi
-
-    mov         esi, JSAMPROW [esi]     ; inptr
-    mov         edi, JSAMPROW [edi]     ; outptr
-    mov         eax, edx                ; colctr
-    alignx      16, 7
-.columnloop:
-
-    cmp         eax, byte SIZEOF_YMMWORD
-    ja          near .above_16
-
-    vmovdqu     xmm0, XMMWORD [esi+0*SIZEOF_YMMWORD]
-    vpunpckhbw  xmm1, xmm0, xmm0
-    vpunpcklbw  xmm0, xmm0, xmm0
-
-    vmovdqu     XMMWORD [edi+0*SIZEOF_XMMWORD], xmm0
-    vmovdqu     XMMWORD [edi+1*SIZEOF_XMMWORD], xmm1
-
-    jmp         short .nextrow
-
-.above_16:
-    vmovdqu     ymm0, YMMWORD [esi+0*SIZEOF_YMMWORD]
-
-    vpermq      ymm0, ymm0, 0xd8
-    vpunpckhbw  ymm1, ymm0, ymm0
-    vpunpcklbw  ymm0, ymm0, ymm0
-
-    vmovdqu     YMMWORD [edi+0*SIZEOF_YMMWORD], ymm0
-    vmovdqu     YMMWORD [edi+1*SIZEOF_YMMWORD], ymm1
-
-    sub         eax, byte 2*SIZEOF_YMMWORD
-    jz          short .nextrow
-
-    add         esi, byte SIZEOF_YMMWORD    ; inptr
-    add         edi, byte 2*SIZEOF_YMMWORD  ; outptr
-    jmp         short .columnloop
-    alignx      16, 7
-
-.nextrow:
-    pop         esi
-    pop         edi
-
-    add         esi, byte SIZEOF_JSAMPROW  ; input_data
-    add         edi, byte SIZEOF_JSAMPROW  ; output_data
-    dec         ecx                        ; rowctr
-    jg          short .rowloop
-
-.return:
-    vzeroupper
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-;   pop         ebx                     ; unused
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Fast processing for the common case of 2:1 horizontal and 2:1 vertical.
-; It's still a box filter.
-;
-; GLOBAL(void)
-; jsimd_h2v2_upsample_avx2(int max_v_samp_factor, JDIMENSION output_width,
-;                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr);
-;
-
-%define max_v_samp(b)       (b) + 8     ; int max_v_samp_factor
-%define output_width(b)     (b) + 12    ; JDIMENSION output_width
-%define input_data(b)       (b) + 16    ; JSAMPARRAY input_data
-%define output_data_ptr(b)  (b) + 20    ; JSAMPARRAY *output_data_ptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v2_upsample_avx2)
-
-EXTN(jsimd_h2v2_upsample_avx2):
-    push        ebp
-    mov         ebp, esp
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         edx, JDIMENSION [output_width(ebp)]
-    add         edx, byte (SIZEOF_YMMWORD-1)
-    and         edx, -SIZEOF_YMMWORD
-    jz          near .return
-
-    mov         ecx, INT [max_v_samp(ebp)]  ; rowctr
-    test        ecx, ecx
-    jz          near .return
-
-    mov         esi, JSAMPARRAY [input_data(ebp)]    ; input_data
-    mov         edi, POINTER [output_data_ptr(ebp)]
-    mov         edi, JSAMPARRAY [edi]                ; output_data
-    alignx      16, 7
-.rowloop:
-    push        edi
-    push        esi
-
-    mov         esi, JSAMPROW [esi]                    ; inptr
-    mov         ebx, JSAMPROW [edi+0*SIZEOF_JSAMPROW]  ; outptr0
-    mov         edi, JSAMPROW [edi+1*SIZEOF_JSAMPROW]  ; outptr1
-    mov         eax, edx                               ; colctr
-    alignx      16, 7
-.columnloop:
-
-    cmp         eax, byte SIZEOF_YMMWORD
-    ja          short .above_16
-
-    vmovdqu     xmm0, XMMWORD [esi+0*SIZEOF_XMMWORD]
-    vpunpckhbw  xmm1, xmm0, xmm0
-    vpunpcklbw  xmm0, xmm0, xmm0
-
-    vmovdqu     XMMWORD [ebx+0*SIZEOF_XMMWORD], xmm0
-    vmovdqu     XMMWORD [ebx+1*SIZEOF_XMMWORD], xmm1
-    vmovdqu     XMMWORD [edi+0*SIZEOF_XMMWORD], xmm0
-    vmovdqu     XMMWORD [edi+1*SIZEOF_XMMWORD], xmm1
-
-    jmp         near .nextrow
-
-.above_16:
-    vmovdqu     ymm0, YMMWORD [esi+0*SIZEOF_YMMWORD]
-
-    vpermq      ymm0, ymm0, 0xd8
-    vpunpckhbw  ymm1, ymm0, ymm0
-    vpunpcklbw  ymm0, ymm0, ymm0
-
-    vmovdqu     YMMWORD [ebx+0*SIZEOF_YMMWORD], ymm0
-    vmovdqu     YMMWORD [ebx+1*SIZEOF_YMMWORD], ymm1
-    vmovdqu     YMMWORD [edi+0*SIZEOF_YMMWORD], ymm0
-    vmovdqu     YMMWORD [edi+1*SIZEOF_YMMWORD], ymm1
-
-    sub         eax, byte 2*SIZEOF_YMMWORD
-    jz          short .nextrow
-
-    add         esi, byte SIZEOF_YMMWORD  ; inptr
-    add         ebx, 2*SIZEOF_YMMWORD     ; outptr0
-    add         edi, 2*SIZEOF_YMMWORD     ; outptr1
-    jmp         short .columnloop
-    alignx      16, 7
-
-.nextrow:
-    pop         esi
-    pop         edi
-
-    add         esi, byte 1*SIZEOF_JSAMPROW  ; input_data
-    add         edi, byte 2*SIZEOF_JSAMPROW  ; output_data
-    sub         ecx, byte 2                  ; rowctr
-    jg          near .rowloop
-
-.return:
-    vzeroupper
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdsample-mmx.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdsample-mmx.asm
deleted file mode 100644
index 12c49f0..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdsample-mmx.asm
+++ /dev/null
@@ -1,731 +0,0 @@
-;
-; jdsample.asm - upsampling (MMX)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_fancy_upsample_mmx)
-
-EXTN(jconst_fancy_upsample_mmx):
-
-PW_ONE   times 4 dw 1
-PW_TWO   times 4 dw 2
-PW_THREE times 4 dw 3
-PW_SEVEN times 4 dw 7
-PW_EIGHT times 4 dw 8
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Fancy processing for the common case of 2:1 horizontal and 1:1 vertical.
-;
-; The upsampling algorithm is linear interpolation between pixel centers,
-; also known as a "triangle filter".  This is a good compromise between
-; speed and visual quality.  The centers of the output pixels are 1/4 and 3/4
-; of the way between input pixel centers.
-;
-; GLOBAL(void)
-; jsimd_h2v1_fancy_upsample_mmx(int max_v_samp_factor,
-;                               JDIMENSION downsampled_width,
-;                               JSAMPARRAY input_data,
-;                               JSAMPARRAY *output_data_ptr);
-;
-
-%define max_v_samp(b)       (b) + 8     ; int max_v_samp_factor
-%define downsamp_width(b)   (b) + 12    ; JDIMENSION downsampled_width
-%define input_data(b)       (b) + 16    ; JSAMPARRAY input_data
-%define output_data_ptr(b)  (b) + 20    ; JSAMPARRAY *output_data_ptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v1_fancy_upsample_mmx)
-
-EXTN(jsimd_h2v1_fancy_upsample_mmx):
-    push        ebp
-    mov         ebp, esp
-    pushpic     ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-
-    mov         eax, JDIMENSION [downsamp_width(ebp)]  ; colctr
-    test        eax, eax
-    jz          near .return
-
-    mov         ecx, INT [max_v_samp(ebp)]  ; rowctr
-    test        ecx, ecx
-    jz          near .return
-
-    mov         esi, JSAMPARRAY [input_data(ebp)]    ; input_data
-    mov         edi, POINTER [output_data_ptr(ebp)]
-    mov         edi, JSAMPARRAY [edi]                ; output_data
-    alignx      16, 7
-.rowloop:
-    push        eax                     ; colctr
-    push        edi
-    push        esi
-
-    mov         esi, JSAMPROW [esi]     ; inptr
-    mov         edi, JSAMPROW [edi]     ; outptr
-
-    test        eax, SIZEOF_MMWORD-1
-    jz          short .skip
-    mov         dl, JSAMPLE [esi+(eax-1)*SIZEOF_JSAMPLE]
-    mov         JSAMPLE [esi+eax*SIZEOF_JSAMPLE], dl    ; insert a dummy sample
-.skip:
-    pxor        mm0, mm0                ; mm0=(all 0's)
-    pcmpeqb     mm7, mm7
-    psrlq       mm7, (SIZEOF_MMWORD-1)*BYTE_BIT
-    pand        mm7,  MMWORD [esi+0*SIZEOF_MMWORD]
-
-    add         eax, byte SIZEOF_MMWORD-1
-    and         eax, byte -SIZEOF_MMWORD
-    cmp         eax, byte SIZEOF_MMWORD
-    ja          short .columnloop
-    alignx      16, 7
-
-.columnloop_last:
-    pcmpeqb     mm6, mm6
-    psllq       mm6, (SIZEOF_MMWORD-1)*BYTE_BIT
-    pand        mm6, MMWORD [esi+0*SIZEOF_MMWORD]
-    jmp         short .upsample
-    alignx      16, 7
-
-.columnloop:
-    movq        mm6, MMWORD [esi+1*SIZEOF_MMWORD]
-    psllq       mm6, (SIZEOF_MMWORD-1)*BYTE_BIT
-
-.upsample:
-    movq        mm1, MMWORD [esi+0*SIZEOF_MMWORD]
-    movq        mm2, mm1
-    movq        mm3, mm1                ; mm1=( 0 1 2 3 4 5 6 7)
-    psllq       mm2, BYTE_BIT           ; mm2=( - 0 1 2 3 4 5 6)
-    psrlq       mm3, BYTE_BIT           ; mm3=( 1 2 3 4 5 6 7 -)
-
-    por         mm2, mm7                ; mm2=(-1 0 1 2 3 4 5 6)
-    por         mm3, mm6                ; mm3=( 1 2 3 4 5 6 7 8)
-
-    movq        mm7, mm1
-    psrlq       mm7, (SIZEOF_MMWORD-1)*BYTE_BIT  ; mm7=( 7 - - - - - - -)
-
-    movq        mm4, mm1
-    punpcklbw   mm1, mm0                ; mm1=( 0 1 2 3)
-    punpckhbw   mm4, mm0                ; mm4=( 4 5 6 7)
-    movq        mm5, mm2
-    punpcklbw   mm2, mm0                ; mm2=(-1 0 1 2)
-    punpckhbw   mm5, mm0                ; mm5=( 3 4 5 6)
-    movq        mm6, mm3
-    punpcklbw   mm3, mm0                ; mm3=( 1 2 3 4)
-    punpckhbw   mm6, mm0                ; mm6=( 5 6 7 8)
-
-    pmullw      mm1, [GOTOFF(ebx,PW_THREE)]
-    pmullw      mm4, [GOTOFF(ebx,PW_THREE)]
-    paddw       mm2, [GOTOFF(ebx,PW_ONE)]
-    paddw       mm5, [GOTOFF(ebx,PW_ONE)]
-    paddw       mm3, [GOTOFF(ebx,PW_TWO)]
-    paddw       mm6, [GOTOFF(ebx,PW_TWO)]
-
-    paddw       mm2, mm1
-    paddw       mm5, mm4
-    psrlw       mm2, 2                  ; mm2=OutLE=( 0  2  4  6)
-    psrlw       mm5, 2                  ; mm5=OutHE=( 8 10 12 14)
-    paddw       mm3, mm1
-    paddw       mm6, mm4
-    psrlw       mm3, 2                  ; mm3=OutLO=( 1  3  5  7)
-    psrlw       mm6, 2                  ; mm6=OutHO=( 9 11 13 15)
-
-    psllw       mm3, BYTE_BIT
-    psllw       mm6, BYTE_BIT
-    por         mm2, mm3                ; mm2=OutL=( 0  1  2  3  4  5  6  7)
-    por         mm5, mm6                ; mm5=OutH=( 8  9 10 11 12 13 14 15)
-
-    movq        MMWORD [edi+0*SIZEOF_MMWORD], mm2
-    movq        MMWORD [edi+1*SIZEOF_MMWORD], mm5
-
-    sub         eax, byte SIZEOF_MMWORD
-    add         esi, byte 1*SIZEOF_MMWORD  ; inptr
-    add         edi, byte 2*SIZEOF_MMWORD  ; outptr
-    cmp         eax, byte SIZEOF_MMWORD
-    ja          near .columnloop
-    test        eax, eax
-    jnz         near .columnloop_last
-
-    pop         esi
-    pop         edi
-    pop         eax
-
-    add         esi, byte SIZEOF_JSAMPROW  ; input_data
-    add         edi, byte SIZEOF_JSAMPROW  ; output_data
-    dec         ecx                        ; rowctr
-    jg          near .rowloop
-
-    emms                                ; empty MMX state
-
-.return:
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    poppic      ebx
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Fancy processing for the common case of 2:1 horizontal and 2:1 vertical.
-; Again a triangle filter; see comments for h2v1 case, above.
-;
-; GLOBAL(void)
-; jsimd_h2v2_fancy_upsample_mmx(int max_v_samp_factor,
-;                               JDIMENSION downsampled_width,
-;                               JSAMPARRAY input_data,
-;                               JSAMPARRAY *output_data_ptr);
-;
-
-%define max_v_samp(b)       (b) + 8     ; int max_v_samp_factor
-%define downsamp_width(b)   (b) + 12    ; JDIMENSION downsampled_width
-%define input_data(b)       (b) + 16    ; JSAMPARRAY input_data
-%define output_data_ptr(b)  (b) + 20    ; JSAMPARRAY *output_data_ptr
-
-%define original_ebp  ebp + 0
-%define wk(i)         ebp - (WK_NUM - (i)) * SIZEOF_MMWORD  ; mmword wk[WK_NUM]
-%define WK_NUM        4
-%define gotptr        wk(0) - SIZEOF_POINTER  ; void *gotptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v2_fancy_upsample_mmx)
-
-EXTN(jsimd_h2v2_fancy_upsample_mmx):
-    push        ebp
-    mov         eax, esp                    ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_MMWORD)  ; align to 64 bits
-    mov         [esp], eax
-    mov         ebp, esp                    ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     eax                     ; make a room for GOT address
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-    movpic      POINTER [gotptr], ebx   ; save GOT address
-
-    mov         edx, eax                ; edx = original ebp
-    mov         eax, JDIMENSION [downsamp_width(edx)]  ; colctr
-    test        eax, eax
-    jz          near .return
-
-    mov         ecx, INT [max_v_samp(edx)]  ; rowctr
-    test        ecx, ecx
-    jz          near .return
-
-    mov         esi, JSAMPARRAY [input_data(edx)]    ; input_data
-    mov         edi, POINTER [output_data_ptr(edx)]
-    mov         edi, JSAMPARRAY [edi]                ; output_data
-    alignx      16, 7
-.rowloop:
-    push        eax                     ; colctr
-    push        ecx
-    push        edi
-    push        esi
-
-    mov         ecx, JSAMPROW [esi-1*SIZEOF_JSAMPROW]  ; inptr1(above)
-    mov         ebx, JSAMPROW [esi+0*SIZEOF_JSAMPROW]  ; inptr0
-    mov         esi, JSAMPROW [esi+1*SIZEOF_JSAMPROW]  ; inptr1(below)
-    mov         edx, JSAMPROW [edi+0*SIZEOF_JSAMPROW]  ; outptr0
-    mov         edi, JSAMPROW [edi+1*SIZEOF_JSAMPROW]  ; outptr1
-
-    test        eax, SIZEOF_MMWORD-1
-    jz          short .skip
-    push        edx
-    mov         dl, JSAMPLE [ecx+(eax-1)*SIZEOF_JSAMPLE]
-    mov         JSAMPLE [ecx+eax*SIZEOF_JSAMPLE], dl
-    mov         dl, JSAMPLE [ebx+(eax-1)*SIZEOF_JSAMPLE]
-    mov         JSAMPLE [ebx+eax*SIZEOF_JSAMPLE], dl
-    mov         dl, JSAMPLE [esi+(eax-1)*SIZEOF_JSAMPLE]
-    mov         JSAMPLE [esi+eax*SIZEOF_JSAMPLE], dl    ; insert a dummy sample
-    pop         edx
-.skip:
-    ; -- process the first column block
-
-    movq        mm0, MMWORD [ebx+0*SIZEOF_MMWORD]  ; mm0=row[ 0][0]
-    movq        mm1, MMWORD [ecx+0*SIZEOF_MMWORD]  ; mm1=row[-1][0]
-    movq        mm2, MMWORD [esi+0*SIZEOF_MMWORD]  ; mm2=row[+1][0]
-
-    pushpic     ebx
-    movpic      ebx, POINTER [gotptr]   ; load GOT address
-
-    pxor        mm3, mm3                ; mm3=(all 0's)
-    movq        mm4, mm0
-    punpcklbw   mm0, mm3                ; mm0=row[ 0][0]( 0 1 2 3)
-    punpckhbw   mm4, mm3                ; mm4=row[ 0][0]( 4 5 6 7)
-    movq        mm5, mm1
-    punpcklbw   mm1, mm3                ; mm1=row[-1][0]( 0 1 2 3)
-    punpckhbw   mm5, mm3                ; mm5=row[-1][0]( 4 5 6 7)
-    movq        mm6, mm2
-    punpcklbw   mm2, mm3                ; mm2=row[+1][0]( 0 1 2 3)
-    punpckhbw   mm6, mm3                ; mm6=row[+1][0]( 4 5 6 7)
-
-    pmullw      mm0, [GOTOFF(ebx,PW_THREE)]
-    pmullw      mm4, [GOTOFF(ebx,PW_THREE)]
-
-    pcmpeqb     mm7, mm7
-    psrlq       mm7, (SIZEOF_MMWORD-2)*BYTE_BIT
-
-    paddw       mm1, mm0                ; mm1=Int0L=( 0 1 2 3)
-    paddw       mm5, mm4                ; mm5=Int0H=( 4 5 6 7)
-    paddw       mm2, mm0                ; mm2=Int1L=( 0 1 2 3)
-    paddw       mm6, mm4                ; mm6=Int1H=( 4 5 6 7)
-
-    movq        MMWORD [edx+0*SIZEOF_MMWORD], mm1  ; temporarily save
-    movq        MMWORD [edx+1*SIZEOF_MMWORD], mm5  ; the intermediate data
-    movq        MMWORD [edi+0*SIZEOF_MMWORD], mm2
-    movq        MMWORD [edi+1*SIZEOF_MMWORD], mm6
-
-    pand        mm1, mm7                ; mm1=( 0 - - -)
-    pand        mm2, mm7                ; mm2=( 0 - - -)
-
-    movq        MMWORD [wk(0)], mm1
-    movq        MMWORD [wk(1)], mm2
-
-    poppic      ebx
-
-    add         eax, byte SIZEOF_MMWORD-1
-    and         eax, byte -SIZEOF_MMWORD
-    cmp         eax, byte SIZEOF_MMWORD
-    ja          short .columnloop
-    alignx      16, 7
-
-.columnloop_last:
-    ; -- process the last column block
-
-    pushpic     ebx
-    movpic      ebx, POINTER [gotptr]   ; load GOT address
-
-    pcmpeqb     mm1, mm1
-    psllq       mm1, (SIZEOF_MMWORD-2)*BYTE_BIT
-    movq        mm2, mm1
-
-    pand        mm1, MMWORD [edx+1*SIZEOF_MMWORD]  ; mm1=( - - - 7)
-    pand        mm2, MMWORD [edi+1*SIZEOF_MMWORD]  ; mm2=( - - - 7)
-
-    movq        MMWORD [wk(2)], mm1
-    movq        MMWORD [wk(3)], mm2
-
-    jmp         short .upsample
-    alignx      16, 7
-
-.columnloop:
-    ; -- process the next column block
-
-    movq        mm0, MMWORD [ebx+1*SIZEOF_MMWORD]  ; mm0=row[ 0][1]
-    movq        mm1, MMWORD [ecx+1*SIZEOF_MMWORD]  ; mm1=row[-1][1]
-    movq        mm2, MMWORD [esi+1*SIZEOF_MMWORD]  ; mm2=row[+1][1]
-
-    pushpic     ebx
-    movpic      ebx, POINTER [gotptr]   ; load GOT address
-
-    pxor        mm3, mm3                ; mm3=(all 0's)
-    movq        mm4, mm0
-    punpcklbw   mm0, mm3                ; mm0=row[ 0][1]( 0 1 2 3)
-    punpckhbw   mm4, mm3                ; mm4=row[ 0][1]( 4 5 6 7)
-    movq        mm5, mm1
-    punpcklbw   mm1, mm3                ; mm1=row[-1][1]( 0 1 2 3)
-    punpckhbw   mm5, mm3                ; mm5=row[-1][1]( 4 5 6 7)
-    movq        mm6, mm2
-    punpcklbw   mm2, mm3                ; mm2=row[+1][1]( 0 1 2 3)
-    punpckhbw   mm6, mm3                ; mm6=row[+1][1]( 4 5 6 7)
-
-    pmullw      mm0, [GOTOFF(ebx,PW_THREE)]
-    pmullw      mm4, [GOTOFF(ebx,PW_THREE)]
-
-    paddw       mm1, mm0                ; mm1=Int0L=( 0 1 2 3)
-    paddw       mm5, mm4                ; mm5=Int0H=( 4 5 6 7)
-    paddw       mm2, mm0                ; mm2=Int1L=( 0 1 2 3)
-    paddw       mm6, mm4                ; mm6=Int1H=( 4 5 6 7)
-
-    movq        MMWORD [edx+2*SIZEOF_MMWORD], mm1  ; temporarily save
-    movq        MMWORD [edx+3*SIZEOF_MMWORD], mm5  ; the intermediate data
-    movq        MMWORD [edi+2*SIZEOF_MMWORD], mm2
-    movq        MMWORD [edi+3*SIZEOF_MMWORD], mm6
-
-    psllq       mm1, (SIZEOF_MMWORD-2)*BYTE_BIT  ; mm1=( - - - 0)
-    psllq       mm2, (SIZEOF_MMWORD-2)*BYTE_BIT  ; mm2=( - - - 0)
-
-    movq        MMWORD [wk(2)], mm1
-    movq        MMWORD [wk(3)], mm2
-
-.upsample:
-    ; -- process the upper row
-
-    movq        mm7, MMWORD [edx+0*SIZEOF_MMWORD]  ; mm7=Int0L=( 0 1 2 3)
-    movq        mm3, MMWORD [edx+1*SIZEOF_MMWORD]  ; mm3=Int0H=( 4 5 6 7)
-
-    movq        mm0, mm7
-    movq        mm4, mm3
-    psrlq       mm0, 2*BYTE_BIT                  ; mm0=( 1 2 3 -)
-    psllq       mm4, (SIZEOF_MMWORD-2)*BYTE_BIT  ; mm4=( - - - 4)
-    movq        mm5, mm7
-    movq        mm6, mm3
-    psrlq       mm5, (SIZEOF_MMWORD-2)*BYTE_BIT  ; mm5=( 3 - - -)
-    psllq       mm6, 2*BYTE_BIT                  ; mm6=( - 4 5 6)
-
-    por         mm0, mm4                         ; mm0=( 1 2 3 4)
-    por         mm5, mm6                         ; mm5=( 3 4 5 6)
-
-    movq        mm1, mm7
-    movq        mm2, mm3
-    psllq       mm1, 2*BYTE_BIT                  ; mm1=( - 0 1 2)
-    psrlq       mm2, 2*BYTE_BIT                  ; mm2=( 5 6 7 -)
-    movq        mm4, mm3
-    psrlq       mm4, (SIZEOF_MMWORD-2)*BYTE_BIT  ; mm4=( 7 - - -)
-
-    por         mm1, MMWORD [wk(0)]              ; mm1=(-1 0 1 2)
-    por         mm2, MMWORD [wk(2)]              ; mm2=( 5 6 7 8)
-
-    movq        MMWORD [wk(0)], mm4
-
-    pmullw      mm7, [GOTOFF(ebx,PW_THREE)]
-    pmullw      mm3, [GOTOFF(ebx,PW_THREE)]
-    paddw       mm1, [GOTOFF(ebx,PW_EIGHT)]
-    paddw       mm5, [GOTOFF(ebx,PW_EIGHT)]
-    paddw       mm0, [GOTOFF(ebx,PW_SEVEN)]
-    paddw       mm2, [GOTOFF(ebx,PW_SEVEN)]
-
-    paddw       mm1, mm7
-    paddw       mm5, mm3
-    psrlw       mm1, 4                  ; mm1=Out0LE=( 0  2  4  6)
-    psrlw       mm5, 4                  ; mm5=Out0HE=( 8 10 12 14)
-    paddw       mm0, mm7
-    paddw       mm2, mm3
-    psrlw       mm0, 4                  ; mm0=Out0LO=( 1  3  5  7)
-    psrlw       mm2, 4                  ; mm2=Out0HO=( 9 11 13 15)
-
-    psllw       mm0, BYTE_BIT
-    psllw       mm2, BYTE_BIT
-    por         mm1, mm0                ; mm1=Out0L=( 0  1  2  3  4  5  6  7)
-    por         mm5, mm2                ; mm5=Out0H=( 8  9 10 11 12 13 14 15)
-
-    movq        MMWORD [edx+0*SIZEOF_MMWORD], mm1
-    movq        MMWORD [edx+1*SIZEOF_MMWORD], mm5
-
-    ; -- process the lower row
-
-    movq        mm6, MMWORD [edi+0*SIZEOF_MMWORD]  ; mm6=Int1L=( 0 1 2 3)
-    movq        mm4, MMWORD [edi+1*SIZEOF_MMWORD]  ; mm4=Int1H=( 4 5 6 7)
-
-    movq        mm7, mm6
-    movq        mm3, mm4
-    psrlq       mm7, 2*BYTE_BIT                  ; mm7=( 1 2 3 -)
-    psllq       mm3, (SIZEOF_MMWORD-2)*BYTE_BIT  ; mm3=( - - - 4)
-    movq        mm0, mm6
-    movq        mm2, mm4
-    psrlq       mm0, (SIZEOF_MMWORD-2)*BYTE_BIT  ; mm0=( 3 - - -)
-    psllq       mm2, 2*BYTE_BIT                  ; mm2=( - 4 5 6)
-
-    por         mm7, mm3                         ; mm7=( 1 2 3 4)
-    por         mm0, mm2                         ; mm0=( 3 4 5 6)
-
-    movq        mm1, mm6
-    movq        mm5, mm4
-    psllq       mm1, 2*BYTE_BIT                  ; mm1=( - 0 1 2)
-    psrlq       mm5, 2*BYTE_BIT                  ; mm5=( 5 6 7 -)
-    movq        mm3, mm4
-    psrlq       mm3, (SIZEOF_MMWORD-2)*BYTE_BIT  ; mm3=( 7 - - -)
-
-    por         mm1, MMWORD [wk(1)]              ; mm1=(-1 0 1 2)
-    por         mm5, MMWORD [wk(3)]              ; mm5=( 5 6 7 8)
-
-    movq        MMWORD [wk(1)], mm3
-
-    pmullw      mm6, [GOTOFF(ebx,PW_THREE)]
-    pmullw      mm4, [GOTOFF(ebx,PW_THREE)]
-    paddw       mm1, [GOTOFF(ebx,PW_EIGHT)]
-    paddw       mm0, [GOTOFF(ebx,PW_EIGHT)]
-    paddw       mm7, [GOTOFF(ebx,PW_SEVEN)]
-    paddw       mm5, [GOTOFF(ebx,PW_SEVEN)]
-
-    paddw       mm1, mm6
-    paddw       mm0, mm4
-    psrlw       mm1, 4                  ; mm1=Out1LE=( 0  2  4  6)
-    psrlw       mm0, 4                  ; mm0=Out1HE=( 8 10 12 14)
-    paddw       mm7, mm6
-    paddw       mm5, mm4
-    psrlw       mm7, 4                  ; mm7=Out1LO=( 1  3  5  7)
-    psrlw       mm5, 4                  ; mm5=Out1HO=( 9 11 13 15)
-
-    psllw       mm7, BYTE_BIT
-    psllw       mm5, BYTE_BIT
-    por         mm1, mm7                ; mm1=Out1L=( 0  1  2  3  4  5  6  7)
-    por         mm0, mm5                ; mm0=Out1H=( 8  9 10 11 12 13 14 15)
-
-    movq        MMWORD [edi+0*SIZEOF_MMWORD], mm1
-    movq        MMWORD [edi+1*SIZEOF_MMWORD], mm0
-
-    poppic      ebx
-
-    sub         eax, byte SIZEOF_MMWORD
-    add         ecx, byte 1*SIZEOF_MMWORD  ; inptr1(above)
-    add         ebx, byte 1*SIZEOF_MMWORD  ; inptr0
-    add         esi, byte 1*SIZEOF_MMWORD  ; inptr1(below)
-    add         edx, byte 2*SIZEOF_MMWORD  ; outptr0
-    add         edi, byte 2*SIZEOF_MMWORD  ; outptr1
-    cmp         eax, byte SIZEOF_MMWORD
-    ja          near .columnloop
-    test        eax, eax
-    jnz         near .columnloop_last
-
-    pop         esi
-    pop         edi
-    pop         ecx
-    pop         eax
-
-    add         esi, byte 1*SIZEOF_JSAMPROW  ; input_data
-    add         edi, byte 2*SIZEOF_JSAMPROW  ; output_data
-    sub         ecx, byte 2                  ; rowctr
-    jg          near .rowloop
-
-    emms                                ; empty MMX state
-
-.return:
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Fast processing for the common case of 2:1 horizontal and 1:1 vertical.
-; It's still a box filter.
-;
-; GLOBAL(void)
-; jsimd_h2v1_upsample_mmx(int max_v_samp_factor, JDIMENSION output_width,
-;                         JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr);
-;
-
-%define max_v_samp(b)       (b) + 8     ; int max_v_samp_factor
-%define output_width(b)     (b) + 12    ; JDIMENSION output_width
-%define input_data(b)       (b) + 16    ; JSAMPARRAY input_data
-%define output_data_ptr(b)  (b) + 20    ; JSAMPARRAY *output_data_ptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v1_upsample_mmx)
-
-EXTN(jsimd_h2v1_upsample_mmx):
-    push        ebp
-    mov         ebp, esp
-;   push        ebx                     ; unused
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         edx, JDIMENSION [output_width(ebp)]
-    add         edx, byte (2*SIZEOF_MMWORD)-1
-    and         edx, byte -(2*SIZEOF_MMWORD)
-    jz          short .return
-
-    mov         ecx, INT [max_v_samp(ebp)]  ; rowctr
-    test        ecx, ecx
-    jz          short .return
-
-    mov         esi, JSAMPARRAY [input_data(ebp)]    ; input_data
-    mov         edi, POINTER [output_data_ptr(ebp)]
-    mov         edi, JSAMPARRAY [edi]                ; output_data
-    alignx      16, 7
-.rowloop:
-    push        edi
-    push        esi
-
-    mov         esi, JSAMPROW [esi]     ; inptr
-    mov         edi, JSAMPROW [edi]     ; outptr
-    mov         eax, edx                ; colctr
-    alignx      16, 7
-.columnloop:
-
-    movq        mm0, MMWORD [esi+0*SIZEOF_MMWORD]
-
-    movq        mm1, mm0
-    punpcklbw   mm0, mm0
-    punpckhbw   mm1, mm1
-
-    movq        MMWORD [edi+0*SIZEOF_MMWORD], mm0
-    movq        MMWORD [edi+1*SIZEOF_MMWORD], mm1
-
-    sub         eax, byte 2*SIZEOF_MMWORD
-    jz          short .nextrow
-
-    movq        mm2, MMWORD [esi+1*SIZEOF_MMWORD]
-
-    movq        mm3, mm2
-    punpcklbw   mm2, mm2
-    punpckhbw   mm3, mm3
-
-    movq        MMWORD [edi+2*SIZEOF_MMWORD], mm2
-    movq        MMWORD [edi+3*SIZEOF_MMWORD], mm3
-
-    sub         eax, byte 2*SIZEOF_MMWORD
-    jz          short .nextrow
-
-    add         esi, byte 2*SIZEOF_MMWORD  ; inptr
-    add         edi, byte 4*SIZEOF_MMWORD  ; outptr
-    jmp         short .columnloop
-    alignx      16, 7
-
-.nextrow:
-    pop         esi
-    pop         edi
-
-    add         esi, byte SIZEOF_JSAMPROW  ; input_data
-    add         edi, byte SIZEOF_JSAMPROW  ; output_data
-    dec         ecx                        ; rowctr
-    jg          short .rowloop
-
-    emms                                ; empty MMX state
-
-.return:
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-;   pop         ebx                     ; unused
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Fast processing for the common case of 2:1 horizontal and 2:1 vertical.
-; It's still a box filter.
-;
-; GLOBAL(void)
-; jsimd_h2v2_upsample_mmx(int max_v_samp_factor, JDIMENSION output_width,
-;                         JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr);
-;
-
-%define max_v_samp(b)       (b) + 8     ; int max_v_samp_factor
-%define output_width(b)     (b) + 12    ; JDIMENSION output_width
-%define input_data(b)       (b) + 16    ; JSAMPARRAY input_data
-%define output_data_ptr(b)  (b) + 20    ; JSAMPARRAY *output_data_ptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v2_upsample_mmx)
-
-EXTN(jsimd_h2v2_upsample_mmx):
-    push        ebp
-    mov         ebp, esp
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         edx, JDIMENSION [output_width(ebp)]
-    add         edx, byte (2*SIZEOF_MMWORD)-1
-    and         edx, byte -(2*SIZEOF_MMWORD)
-    jz          near .return
-
-    mov         ecx, INT [max_v_samp(ebp)]  ; rowctr
-    test        ecx, ecx
-    jz          short .return
-
-    mov         esi, JSAMPARRAY [input_data(ebp)]    ; input_data
-    mov         edi, POINTER [output_data_ptr(ebp)]
-    mov         edi, JSAMPARRAY [edi]                ; output_data
-    alignx      16, 7
-.rowloop:
-    push        edi
-    push        esi
-
-    mov         esi, JSAMPROW [esi]                    ; inptr
-    mov         ebx, JSAMPROW [edi+0*SIZEOF_JSAMPROW]  ; outptr0
-    mov         edi, JSAMPROW [edi+1*SIZEOF_JSAMPROW]  ; outptr1
-    mov         eax, edx                               ; colctr
-    alignx      16, 7
-.columnloop:
-
-    movq        mm0, MMWORD [esi+0*SIZEOF_MMWORD]
-
-    movq        mm1, mm0
-    punpcklbw   mm0, mm0
-    punpckhbw   mm1, mm1
-
-    movq        MMWORD [ebx+0*SIZEOF_MMWORD], mm0
-    movq        MMWORD [ebx+1*SIZEOF_MMWORD], mm1
-    movq        MMWORD [edi+0*SIZEOF_MMWORD], mm0
-    movq        MMWORD [edi+1*SIZEOF_MMWORD], mm1
-
-    sub         eax, byte 2*SIZEOF_MMWORD
-    jz          short .nextrow
-
-    movq        mm2, MMWORD [esi+1*SIZEOF_MMWORD]
-
-    movq        mm3, mm2
-    punpcklbw   mm2, mm2
-    punpckhbw   mm3, mm3
-
-    movq        MMWORD [ebx+2*SIZEOF_MMWORD], mm2
-    movq        MMWORD [ebx+3*SIZEOF_MMWORD], mm3
-    movq        MMWORD [edi+2*SIZEOF_MMWORD], mm2
-    movq        MMWORD [edi+3*SIZEOF_MMWORD], mm3
-
-    sub         eax, byte 2*SIZEOF_MMWORD
-    jz          short .nextrow
-
-    add         esi, byte 2*SIZEOF_MMWORD  ; inptr
-    add         ebx, byte 4*SIZEOF_MMWORD  ; outptr0
-    add         edi, byte 4*SIZEOF_MMWORD  ; outptr1
-    jmp         short .columnloop
-    alignx      16, 7
-
-.nextrow:
-    pop         esi
-    pop         edi
-
-    add         esi, byte 1*SIZEOF_JSAMPROW  ; input_data
-    add         edi, byte 2*SIZEOF_JSAMPROW  ; output_data
-    sub         ecx, byte 2                  ; rowctr
-    jg          short .rowloop
-
-    emms                                ; empty MMX state
-
-.return:
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdsample-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdsample-sse2.asm
deleted file mode 100644
index 4e28d2f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jdsample-sse2.asm
+++ /dev/null
@@ -1,724 +0,0 @@
-;
-; jdsample.asm - upsampling (SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_fancy_upsample_sse2)
-
-EXTN(jconst_fancy_upsample_sse2):
-
-PW_ONE   times 8 dw 1
-PW_TWO   times 8 dw 2
-PW_THREE times 8 dw 3
-PW_SEVEN times 8 dw 7
-PW_EIGHT times 8 dw 8
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Fancy processing for the common case of 2:1 horizontal and 1:1 vertical.
-;
-; The upsampling algorithm is linear interpolation between pixel centers,
-; also known as a "triangle filter".  This is a good compromise between
-; speed and visual quality.  The centers of the output pixels are 1/4 and 3/4
-; of the way between input pixel centers.
-;
-; GLOBAL(void)
-; jsimd_h2v1_fancy_upsample_sse2(int max_v_samp_factor,
-;                                JDIMENSION downsampled_width,
-;                                JSAMPARRAY input_data,
-;                                JSAMPARRAY *output_data_ptr);
-;
-
-%define max_v_samp(b)       (b) + 8     ; int max_v_samp_factor
-%define downsamp_width(b)   (b) + 12    ; JDIMENSION downsampled_width
-%define input_data(b)       (b) + 16    ; JSAMPARRAY input_data
-%define output_data_ptr(b)  (b) + 20    ; JSAMPARRAY *output_data_ptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v1_fancy_upsample_sse2)
-
-EXTN(jsimd_h2v1_fancy_upsample_sse2):
-    push        ebp
-    mov         ebp, esp
-    pushpic     ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-
-    mov         eax, JDIMENSION [downsamp_width(ebp)]  ; colctr
-    test        eax, eax
-    jz          near .return
-
-    mov         ecx, INT [max_v_samp(ebp)]  ; rowctr
-    test        ecx, ecx
-    jz          near .return
-
-    mov         esi, JSAMPARRAY [input_data(ebp)]    ; input_data
-    mov         edi, POINTER [output_data_ptr(ebp)]
-    mov         edi, JSAMPARRAY [edi]                ; output_data
-    alignx      16, 7
-.rowloop:
-    push        eax                     ; colctr
-    push        edi
-    push        esi
-
-    mov         esi, JSAMPROW [esi]     ; inptr
-    mov         edi, JSAMPROW [edi]     ; outptr
-
-    test        eax, SIZEOF_XMMWORD-1
-    jz          short .skip
-    mov         dl, JSAMPLE [esi+(eax-1)*SIZEOF_JSAMPLE]
-    mov         JSAMPLE [esi+eax*SIZEOF_JSAMPLE], dl    ; insert a dummy sample
-.skip:
-    pxor        xmm0, xmm0              ; xmm0=(all 0's)
-    pcmpeqb     xmm7, xmm7
-    psrldq      xmm7, (SIZEOF_XMMWORD-1)
-    pand        xmm7, XMMWORD [esi+0*SIZEOF_XMMWORD]
-
-    add         eax, byte SIZEOF_XMMWORD-1
-    and         eax, byte -SIZEOF_XMMWORD
-    cmp         eax, byte SIZEOF_XMMWORD
-    ja          short .columnloop
-    alignx      16, 7
-
-.columnloop_last:
-    pcmpeqb     xmm6, xmm6
-    pslldq      xmm6, (SIZEOF_XMMWORD-1)
-    pand        xmm6, XMMWORD [esi+0*SIZEOF_XMMWORD]
-    jmp         short .upsample
-    alignx      16, 7
-
-.columnloop:
-    movdqa      xmm6, XMMWORD [esi+1*SIZEOF_XMMWORD]
-    pslldq      xmm6, (SIZEOF_XMMWORD-1)
-
-.upsample:
-    movdqa      xmm1, XMMWORD [esi+0*SIZEOF_XMMWORD]
-    movdqa      xmm2, xmm1
-    movdqa      xmm3, xmm1                ; xmm1=( 0  1  2 ... 13 14 15)
-    pslldq      xmm2, 1                   ; xmm2=(--  0  1 ... 12 13 14)
-    psrldq      xmm3, 1                   ; xmm3=( 1  2  3 ... 14 15 --)
-
-    por         xmm2, xmm7                ; xmm2=(-1  0  1 ... 12 13 14)
-    por         xmm3, xmm6                ; xmm3=( 1  2  3 ... 14 15 16)
-
-    movdqa      xmm7, xmm1
-    psrldq      xmm7, (SIZEOF_XMMWORD-1)  ; xmm7=(15 -- -- ... -- -- --)
-
-    movdqa      xmm4, xmm1
-    punpcklbw   xmm1, xmm0                ; xmm1=( 0  1  2  3  4  5  6  7)
-    punpckhbw   xmm4, xmm0                ; xmm4=( 8  9 10 11 12 13 14 15)
-    movdqa      xmm5, xmm2
-    punpcklbw   xmm2, xmm0                ; xmm2=(-1  0  1  2  3  4  5  6)
-    punpckhbw   xmm5, xmm0                ; xmm5=( 7  8  9 10 11 12 13 14)
-    movdqa      xmm6, xmm3
-    punpcklbw   xmm3, xmm0                ; xmm3=( 1  2  3  4  5  6  7  8)
-    punpckhbw   xmm6, xmm0                ; xmm6=( 9 10 11 12 13 14 15 16)
-
-    pmullw      xmm1, [GOTOFF(ebx,PW_THREE)]
-    pmullw      xmm4, [GOTOFF(ebx,PW_THREE)]
-    paddw       xmm2, [GOTOFF(ebx,PW_ONE)]
-    paddw       xmm5, [GOTOFF(ebx,PW_ONE)]
-    paddw       xmm3, [GOTOFF(ebx,PW_TWO)]
-    paddw       xmm6, [GOTOFF(ebx,PW_TWO)]
-
-    paddw       xmm2, xmm1
-    paddw       xmm5, xmm4
-    psrlw       xmm2, 2                 ; xmm2=OutLE=( 0  2  4  6  8 10 12 14)
-    psrlw       xmm5, 2                 ; xmm5=OutHE=(16 18 20 22 24 26 28 30)
-    paddw       xmm3, xmm1
-    paddw       xmm6, xmm4
-    psrlw       xmm3, 2                 ; xmm3=OutLO=( 1  3  5  7  9 11 13 15)
-    psrlw       xmm6, 2                 ; xmm6=OutHO=(17 19 21 23 25 27 29 31)
-
-    psllw       xmm3, BYTE_BIT
-    psllw       xmm6, BYTE_BIT
-    por         xmm2, xmm3              ; xmm2=OutL=( 0  1  2 ... 13 14 15)
-    por         xmm5, xmm6              ; xmm5=OutH=(16 17 18 ... 29 30 31)
-
-    movdqa      XMMWORD [edi+0*SIZEOF_XMMWORD], xmm2
-    movdqa      XMMWORD [edi+1*SIZEOF_XMMWORD], xmm5
-
-    sub         eax, byte SIZEOF_XMMWORD
-    add         esi, byte 1*SIZEOF_XMMWORD  ; inptr
-    add         edi, byte 2*SIZEOF_XMMWORD  ; outptr
-    cmp         eax, byte SIZEOF_XMMWORD
-    ja          near .columnloop
-    test        eax, eax
-    jnz         near .columnloop_last
-
-    pop         esi
-    pop         edi
-    pop         eax
-
-    add         esi, byte SIZEOF_JSAMPROW  ; input_data
-    add         edi, byte SIZEOF_JSAMPROW  ; output_data
-    dec         ecx                        ; rowctr
-    jg          near .rowloop
-
-.return:
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    poppic      ebx
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Fancy processing for the common case of 2:1 horizontal and 2:1 vertical.
-; Again a triangle filter; see comments for h2v1 case, above.
-;
-; GLOBAL(void)
-; jsimd_h2v2_fancy_upsample_sse2(int max_v_samp_factor,
-;                                JDIMENSION downsampled_width,
-;                                JSAMPARRAY input_data,
-;                                JSAMPARRAY *output_data_ptr);
-;
-
-%define max_v_samp(b)       (b) + 8     ; int max_v_samp_factor
-%define downsamp_width(b)   (b) + 12    ; JDIMENSION downsampled_width
-%define input_data(b)       (b) + 16    ; JSAMPARRAY input_data
-%define output_data_ptr(b)  (b) + 20    ; JSAMPARRAY *output_data_ptr
-
-%define original_ebp  ebp + 0
-%define wk(i)         ebp - (WK_NUM - (i)) * SIZEOF_XMMWORD
-                                        ; xmmword wk[WK_NUM]
-%define WK_NUM        4
-%define gotptr        wk(0) - SIZEOF_POINTER  ; void *gotptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v2_fancy_upsample_sse2)
-
-EXTN(jsimd_h2v2_fancy_upsample_sse2):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     eax                     ; make a room for GOT address
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-    movpic      POINTER [gotptr], ebx   ; save GOT address
-
-    mov         edx, eax                ; edx = original ebp
-    mov         eax, JDIMENSION [downsamp_width(edx)]  ; colctr
-    test        eax, eax
-    jz          near .return
-
-    mov         ecx, INT [max_v_samp(edx)]  ; rowctr
-    test        ecx, ecx
-    jz          near .return
-
-    mov         esi, JSAMPARRAY [input_data(edx)]    ; input_data
-    mov         edi, POINTER [output_data_ptr(edx)]
-    mov         edi, JSAMPARRAY [edi]                ; output_data
-    alignx      16, 7
-.rowloop:
-    push        eax                     ; colctr
-    push        ecx
-    push        edi
-    push        esi
-
-    mov         ecx, JSAMPROW [esi-1*SIZEOF_JSAMPROW]  ; inptr1(above)
-    mov         ebx, JSAMPROW [esi+0*SIZEOF_JSAMPROW]  ; inptr0
-    mov         esi, JSAMPROW [esi+1*SIZEOF_JSAMPROW]  ; inptr1(below)
-    mov         edx, JSAMPROW [edi+0*SIZEOF_JSAMPROW]  ; outptr0
-    mov         edi, JSAMPROW [edi+1*SIZEOF_JSAMPROW]  ; outptr1
-
-    test        eax, SIZEOF_XMMWORD-1
-    jz          short .skip
-    push        edx
-    mov         dl, JSAMPLE [ecx+(eax-1)*SIZEOF_JSAMPLE]
-    mov         JSAMPLE [ecx+eax*SIZEOF_JSAMPLE], dl
-    mov         dl, JSAMPLE [ebx+(eax-1)*SIZEOF_JSAMPLE]
-    mov         JSAMPLE [ebx+eax*SIZEOF_JSAMPLE], dl
-    mov         dl, JSAMPLE [esi+(eax-1)*SIZEOF_JSAMPLE]
-    mov         JSAMPLE [esi+eax*SIZEOF_JSAMPLE], dl    ; insert a dummy sample
-    pop         edx
-.skip:
-    ; -- process the first column block
-
-    movdqa      xmm0, XMMWORD [ebx+0*SIZEOF_XMMWORD]  ; xmm0=row[ 0][0]
-    movdqa      xmm1, XMMWORD [ecx+0*SIZEOF_XMMWORD]  ; xmm1=row[-1][0]
-    movdqa      xmm2, XMMWORD [esi+0*SIZEOF_XMMWORD]  ; xmm2=row[+1][0]
-
-    pushpic     ebx
-    movpic      ebx, POINTER [gotptr]   ; load GOT address
-
-    pxor        xmm3, xmm3              ; xmm3=(all 0's)
-    movdqa      xmm4, xmm0
-    punpcklbw   xmm0, xmm3              ; xmm0=row[ 0]( 0  1  2  3  4  5  6  7)
-    punpckhbw   xmm4, xmm3              ; xmm4=row[ 0]( 8  9 10 11 12 13 14 15)
-    movdqa      xmm5, xmm1
-    punpcklbw   xmm1, xmm3              ; xmm1=row[-1]( 0  1  2  3  4  5  6  7)
-    punpckhbw   xmm5, xmm3              ; xmm5=row[-1]( 8  9 10 11 12 13 14 15)
-    movdqa      xmm6, xmm2
-    punpcklbw   xmm2, xmm3              ; xmm2=row[+1]( 0  1  2  3  4  5  6  7)
-    punpckhbw   xmm6, xmm3              ; xmm6=row[+1]( 8  9 10 11 12 13 14 15)
-
-    pmullw      xmm0, [GOTOFF(ebx,PW_THREE)]
-    pmullw      xmm4, [GOTOFF(ebx,PW_THREE)]
-
-    pcmpeqb     xmm7, xmm7
-    psrldq      xmm7, (SIZEOF_XMMWORD-2)
-
-    paddw       xmm1, xmm0              ; xmm1=Int0L=( 0  1  2  3  4  5  6  7)
-    paddw       xmm5, xmm4              ; xmm5=Int0H=( 8  9 10 11 12 13 14 15)
-    paddw       xmm2, xmm0              ; xmm2=Int1L=( 0  1  2  3  4  5  6  7)
-    paddw       xmm6, xmm4              ; xmm6=Int1H=( 8  9 10 11 12 13 14 15)
-
-    movdqa      XMMWORD [edx+0*SIZEOF_XMMWORD], xmm1  ; temporarily save
-    movdqa      XMMWORD [edx+1*SIZEOF_XMMWORD], xmm5  ; the intermediate data
-    movdqa      XMMWORD [edi+0*SIZEOF_XMMWORD], xmm2
-    movdqa      XMMWORD [edi+1*SIZEOF_XMMWORD], xmm6
-
-    pand        xmm1, xmm7              ; xmm1=( 0 -- -- -- -- -- -- --)
-    pand        xmm2, xmm7              ; xmm2=( 0 -- -- -- -- -- -- --)
-
-    movdqa      XMMWORD [wk(0)], xmm1
-    movdqa      XMMWORD [wk(1)], xmm2
-
-    poppic      ebx
-
-    add         eax, byte SIZEOF_XMMWORD-1
-    and         eax, byte -SIZEOF_XMMWORD
-    cmp         eax, byte SIZEOF_XMMWORD
-    ja          short .columnloop
-    alignx      16, 7
-
-.columnloop_last:
-    ; -- process the last column block
-
-    pushpic     ebx
-    movpic      ebx, POINTER [gotptr]   ; load GOT address
-
-    pcmpeqb     xmm1, xmm1
-    pslldq      xmm1, (SIZEOF_XMMWORD-2)
-    movdqa      xmm2, xmm1
-
-    pand        xmm1, XMMWORD [edx+1*SIZEOF_XMMWORD]
-    pand        xmm2, XMMWORD [edi+1*SIZEOF_XMMWORD]
-
-    movdqa      XMMWORD [wk(2)], xmm1   ; xmm1=(-- -- -- -- -- -- -- 15)
-    movdqa      XMMWORD [wk(3)], xmm2   ; xmm2=(-- -- -- -- -- -- -- 15)
-
-    jmp         near .upsample
-    alignx      16, 7
-
-.columnloop:
-    ; -- process the next column block
-
-    movdqa      xmm0, XMMWORD [ebx+1*SIZEOF_XMMWORD]  ; xmm0=row[ 0][1]
-    movdqa      xmm1, XMMWORD [ecx+1*SIZEOF_XMMWORD]  ; xmm1=row[-1][1]
-    movdqa      xmm2, XMMWORD [esi+1*SIZEOF_XMMWORD]  ; xmm2=row[+1][1]
-
-    pushpic     ebx
-    movpic      ebx, POINTER [gotptr]   ; load GOT address
-
-    pxor        xmm3, xmm3              ; xmm3=(all 0's)
-    movdqa      xmm4, xmm0
-    punpcklbw   xmm0, xmm3              ; xmm0=row[ 0]( 0  1  2  3  4  5  6  7)
-    punpckhbw   xmm4, xmm3              ; xmm4=row[ 0]( 8  9 10 11 12 13 14 15)
-    movdqa      xmm5, xmm1
-    punpcklbw   xmm1, xmm3              ; xmm1=row[-1]( 0  1  2  3  4  5  6  7)
-    punpckhbw   xmm5, xmm3              ; xmm5=row[-1]( 8  9 10 11 12 13 14 15)
-    movdqa      xmm6, xmm2
-    punpcklbw   xmm2, xmm3              ; xmm2=row[+1]( 0  1  2  3  4  5  6  7)
-    punpckhbw   xmm6, xmm3              ; xmm6=row[+1]( 8  9 10 11 12 13 14 15)
-
-    pmullw      xmm0, [GOTOFF(ebx,PW_THREE)]
-    pmullw      xmm4, [GOTOFF(ebx,PW_THREE)]
-
-    paddw       xmm1, xmm0              ; xmm1=Int0L=( 0  1  2  3  4  5  6  7)
-    paddw       xmm5, xmm4              ; xmm5=Int0H=( 8  9 10 11 12 13 14 15)
-    paddw       xmm2, xmm0              ; xmm2=Int1L=( 0  1  2  3  4  5  6  7)
-    paddw       xmm6, xmm4              ; xmm6=Int1H=( 8  9 10 11 12 13 14 15)
-
-    movdqa      XMMWORD [edx+2*SIZEOF_XMMWORD], xmm1  ; temporarily save
-    movdqa      XMMWORD [edx+3*SIZEOF_XMMWORD], xmm5  ; the intermediate data
-    movdqa      XMMWORD [edi+2*SIZEOF_XMMWORD], xmm2
-    movdqa      XMMWORD [edi+3*SIZEOF_XMMWORD], xmm6
-
-    pslldq      xmm1, (SIZEOF_XMMWORD-2)  ; xmm1=(-- -- -- -- -- -- --  0)
-    pslldq      xmm2, (SIZEOF_XMMWORD-2)  ; xmm2=(-- -- -- -- -- -- --  0)
-
-    movdqa      XMMWORD [wk(2)], xmm1
-    movdqa      XMMWORD [wk(3)], xmm2
-
-.upsample:
-    ; -- process the upper row
-
-    movdqa      xmm7, XMMWORD [edx+0*SIZEOF_XMMWORD]
-    movdqa      xmm3, XMMWORD [edx+1*SIZEOF_XMMWORD]
-
-    movdqa      xmm0, xmm7                ; xmm7=Int0L=( 0  1  2  3  4  5  6  7)
-    movdqa      xmm4, xmm3                ; xmm3=Int0H=( 8  9 10 11 12 13 14 15)
-    psrldq      xmm0, 2                   ; xmm0=( 1  2  3  4  5  6  7 --)
-    pslldq      xmm4, (SIZEOF_XMMWORD-2)  ; xmm4=(-- -- -- -- -- -- --  8)
-    movdqa      xmm5, xmm7
-    movdqa      xmm6, xmm3
-    psrldq      xmm5, (SIZEOF_XMMWORD-2)  ; xmm5=( 7 -- -- -- -- -- -- --)
-    pslldq      xmm6, 2                   ; xmm6=(--  8  9 10 11 12 13 14)
-
-    por         xmm0, xmm4                ; xmm0=( 1  2  3  4  5  6  7  8)
-    por         xmm5, xmm6                ; xmm5=( 7  8  9 10 11 12 13 14)
-
-    movdqa      xmm1, xmm7
-    movdqa      xmm2, xmm3
-    pslldq      xmm1, 2                   ; xmm1=(--  0  1  2  3  4  5  6)
-    psrldq      xmm2, 2                   ; xmm2=( 9 10 11 12 13 14 15 --)
-    movdqa      xmm4, xmm3
-    psrldq      xmm4, (SIZEOF_XMMWORD-2)  ; xmm4=(15 -- -- -- -- -- -- --)
-
-    por         xmm1, XMMWORD [wk(0)]     ; xmm1=(-1  0  1  2  3  4  5  6)
-    por         xmm2, XMMWORD [wk(2)]     ; xmm2=( 9 10 11 12 13 14 15 16)
-
-    movdqa      XMMWORD [wk(0)], xmm4
-
-    pmullw      xmm7, [GOTOFF(ebx,PW_THREE)]
-    pmullw      xmm3, [GOTOFF(ebx,PW_THREE)]
-    paddw       xmm1, [GOTOFF(ebx,PW_EIGHT)]
-    paddw       xmm5, [GOTOFF(ebx,PW_EIGHT)]
-    paddw       xmm0, [GOTOFF(ebx,PW_SEVEN)]
-    paddw       xmm2, [GOTOFF(ebx,PW_SEVEN)]
-
-    paddw       xmm1, xmm7
-    paddw       xmm5, xmm3
-    psrlw       xmm1, 4                 ; xmm1=Out0LE=( 0  2  4  6  8 10 12 14)
-    psrlw       xmm5, 4                 ; xmm5=Out0HE=(16 18 20 22 24 26 28 30)
-    paddw       xmm0, xmm7
-    paddw       xmm2, xmm3
-    psrlw       xmm0, 4                 ; xmm0=Out0LO=( 1  3  5  7  9 11 13 15)
-    psrlw       xmm2, 4                 ; xmm2=Out0HO=(17 19 21 23 25 27 29 31)
-
-    psllw       xmm0, BYTE_BIT
-    psllw       xmm2, BYTE_BIT
-    por         xmm1, xmm0              ; xmm1=Out0L=( 0  1  2 ... 13 14 15)
-    por         xmm5, xmm2              ; xmm5=Out0H=(16 17 18 ... 29 30 31)
-
-    movdqa      XMMWORD [edx+0*SIZEOF_XMMWORD], xmm1
-    movdqa      XMMWORD [edx+1*SIZEOF_XMMWORD], xmm5
-
-    ; -- process the lower row
-
-    movdqa      xmm6, XMMWORD [edi+0*SIZEOF_XMMWORD]
-    movdqa      xmm4, XMMWORD [edi+1*SIZEOF_XMMWORD]
-
-    movdqa      xmm7, xmm6                ; xmm6=Int1L=( 0  1  2  3  4  5  6  7)
-    movdqa      xmm3, xmm4                ; xmm4=Int1H=( 8  9 10 11 12 13 14 15)
-    psrldq      xmm7, 2                   ; xmm7=( 1  2  3  4  5  6  7 --)
-    pslldq      xmm3, (SIZEOF_XMMWORD-2)  ; xmm3=(-- -- -- -- -- -- --  8)
-    movdqa      xmm0, xmm6
-    movdqa      xmm2, xmm4
-    psrldq      xmm0, (SIZEOF_XMMWORD-2)  ; xmm0=( 7 -- -- -- -- -- -- --)
-    pslldq      xmm2, 2                   ; xmm2=(--  8  9 10 11 12 13 14)
-
-    por         xmm7, xmm3                ; xmm7=( 1  2  3  4  5  6  7  8)
-    por         xmm0, xmm2                ; xmm0=( 7  8  9 10 11 12 13 14)
-
-    movdqa      xmm1, xmm6
-    movdqa      xmm5, xmm4
-    pslldq      xmm1, 2                   ; xmm1=(--  0  1  2  3  4  5  6)
-    psrldq      xmm5, 2                   ; xmm5=( 9 10 11 12 13 14 15 --)
-    movdqa      xmm3, xmm4
-    psrldq      xmm3, (SIZEOF_XMMWORD-2)  ; xmm3=(15 -- -- -- -- -- -- --)
-
-    por         xmm1, XMMWORD [wk(1)]     ; xmm1=(-1  0  1  2  3  4  5  6)
-    por         xmm5, XMMWORD [wk(3)]     ; xmm5=( 9 10 11 12 13 14 15 16)
-
-    movdqa      XMMWORD [wk(1)], xmm3
-
-    pmullw      xmm6, [GOTOFF(ebx,PW_THREE)]
-    pmullw      xmm4, [GOTOFF(ebx,PW_THREE)]
-    paddw       xmm1, [GOTOFF(ebx,PW_EIGHT)]
-    paddw       xmm0, [GOTOFF(ebx,PW_EIGHT)]
-    paddw       xmm7, [GOTOFF(ebx,PW_SEVEN)]
-    paddw       xmm5, [GOTOFF(ebx,PW_SEVEN)]
-
-    paddw       xmm1, xmm6
-    paddw       xmm0, xmm4
-    psrlw       xmm1, 4                 ; xmm1=Out1LE=( 0  2  4  6  8 10 12 14)
-    psrlw       xmm0, 4                 ; xmm0=Out1HE=(16 18 20 22 24 26 28 30)
-    paddw       xmm7, xmm6
-    paddw       xmm5, xmm4
-    psrlw       xmm7, 4                 ; xmm7=Out1LO=( 1  3  5  7  9 11 13 15)
-    psrlw       xmm5, 4                 ; xmm5=Out1HO=(17 19 21 23 25 27 29 31)
-
-    psllw       xmm7, BYTE_BIT
-    psllw       xmm5, BYTE_BIT
-    por         xmm1, xmm7              ; xmm1=Out1L=( 0  1  2 ... 13 14 15)
-    por         xmm0, xmm5              ; xmm0=Out1H=(16 17 18 ... 29 30 31)
-
-    movdqa      XMMWORD [edi+0*SIZEOF_XMMWORD], xmm1
-    movdqa      XMMWORD [edi+1*SIZEOF_XMMWORD], xmm0
-
-    poppic      ebx
-
-    sub         eax, byte SIZEOF_XMMWORD
-    add         ecx, byte 1*SIZEOF_XMMWORD  ; inptr1(above)
-    add         ebx, byte 1*SIZEOF_XMMWORD  ; inptr0
-    add         esi, byte 1*SIZEOF_XMMWORD  ; inptr1(below)
-    add         edx, byte 2*SIZEOF_XMMWORD  ; outptr0
-    add         edi, byte 2*SIZEOF_XMMWORD  ; outptr1
-    cmp         eax, byte SIZEOF_XMMWORD
-    ja          near .columnloop
-    test        eax, eax
-    jnz         near .columnloop_last
-
-    pop         esi
-    pop         edi
-    pop         ecx
-    pop         eax
-
-    add         esi, byte 1*SIZEOF_JSAMPROW  ; input_data
-    add         edi, byte 2*SIZEOF_JSAMPROW  ; output_data
-    sub         ecx, byte 2                  ; rowctr
-    jg          near .rowloop
-
-.return:
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Fast processing for the common case of 2:1 horizontal and 1:1 vertical.
-; It's still a box filter.
-;
-; GLOBAL(void)
-; jsimd_h2v1_upsample_sse2(int max_v_samp_factor, JDIMENSION output_width,
-;                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr);
-;
-
-%define max_v_samp(b)       (b) + 8     ; int max_v_samp_factor
-%define output_width(b)     (b) + 12    ; JDIMENSION output_width
-%define input_data(b)       (b) + 16    ; JSAMPARRAY input_data
-%define output_data_ptr(b)  (b) + 20    ; JSAMPARRAY *output_data_ptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v1_upsample_sse2)
-
-EXTN(jsimd_h2v1_upsample_sse2):
-    push        ebp
-    mov         ebp, esp
-;   push        ebx                     ; unused
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         edx, JDIMENSION [output_width(ebp)]
-    add         edx, byte (2*SIZEOF_XMMWORD)-1
-    and         edx, byte -(2*SIZEOF_XMMWORD)
-    jz          short .return
-
-    mov         ecx, INT [max_v_samp(ebp)]  ; rowctr
-    test        ecx, ecx
-    jz          short .return
-
-    mov         esi, JSAMPARRAY [input_data(ebp)]    ; input_data
-    mov         edi, POINTER [output_data_ptr(ebp)]
-    mov         edi, JSAMPARRAY [edi]                ; output_data
-    alignx      16, 7
-.rowloop:
-    push        edi
-    push        esi
-
-    mov         esi, JSAMPROW [esi]     ; inptr
-    mov         edi, JSAMPROW [edi]     ; outptr
-    mov         eax, edx                ; colctr
-    alignx      16, 7
-.columnloop:
-
-    movdqa      xmm0, XMMWORD [esi+0*SIZEOF_XMMWORD]
-
-    movdqa      xmm1, xmm0
-    punpcklbw   xmm0, xmm0
-    punpckhbw   xmm1, xmm1
-
-    movdqa      XMMWORD [edi+0*SIZEOF_XMMWORD], xmm0
-    movdqa      XMMWORD [edi+1*SIZEOF_XMMWORD], xmm1
-
-    sub         eax, byte 2*SIZEOF_XMMWORD
-    jz          short .nextrow
-
-    movdqa      xmm2, XMMWORD [esi+1*SIZEOF_XMMWORD]
-
-    movdqa      xmm3, xmm2
-    punpcklbw   xmm2, xmm2
-    punpckhbw   xmm3, xmm3
-
-    movdqa      XMMWORD [edi+2*SIZEOF_XMMWORD], xmm2
-    movdqa      XMMWORD [edi+3*SIZEOF_XMMWORD], xmm3
-
-    sub         eax, byte 2*SIZEOF_XMMWORD
-    jz          short .nextrow
-
-    add         esi, byte 2*SIZEOF_XMMWORD  ; inptr
-    add         edi, byte 4*SIZEOF_XMMWORD  ; outptr
-    jmp         short .columnloop
-    alignx      16, 7
-
-.nextrow:
-    pop         esi
-    pop         edi
-
-    add         esi, byte SIZEOF_JSAMPROW  ; input_data
-    add         edi, byte SIZEOF_JSAMPROW  ; output_data
-    dec         ecx                        ; rowctr
-    jg          short .rowloop
-
-.return:
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-;   pop         ebx                     ; unused
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Fast processing for the common case of 2:1 horizontal and 2:1 vertical.
-; It's still a box filter.
-;
-; GLOBAL(void)
-; jsimd_h2v2_upsample_sse2(int max_v_samp_factor, JDIMENSION output_width,
-;                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr);
-;
-
-%define max_v_samp(b)       (b) + 8     ; int max_v_samp_factor
-%define output_width(b)     (b) + 12    ; JDIMENSION output_width
-%define input_data(b)       (b) + 16    ; JSAMPARRAY input_data
-%define output_data_ptr(b)  (b) + 20    ; JSAMPARRAY *output_data_ptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v2_upsample_sse2)
-
-EXTN(jsimd_h2v2_upsample_sse2):
-    push        ebp
-    mov         ebp, esp
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         edx, JDIMENSION [output_width(ebp)]
-    add         edx, byte (2*SIZEOF_XMMWORD)-1
-    and         edx, byte -(2*SIZEOF_XMMWORD)
-    jz          near .return
-
-    mov         ecx, INT [max_v_samp(ebp)]  ; rowctr
-    test        ecx, ecx
-    jz          near .return
-
-    mov         esi, JSAMPARRAY [input_data(ebp)]    ; input_data
-    mov         edi, POINTER [output_data_ptr(ebp)]
-    mov         edi, JSAMPARRAY [edi]                ; output_data
-    alignx      16, 7
-.rowloop:
-    push        edi
-    push        esi
-
-    mov         esi, JSAMPROW [esi]                    ; inptr
-    mov         ebx, JSAMPROW [edi+0*SIZEOF_JSAMPROW]  ; outptr0
-    mov         edi, JSAMPROW [edi+1*SIZEOF_JSAMPROW]  ; outptr1
-    mov         eax, edx                               ; colctr
-    alignx      16, 7
-.columnloop:
-
-    movdqa      xmm0, XMMWORD [esi+0*SIZEOF_XMMWORD]
-
-    movdqa      xmm1, xmm0
-    punpcklbw   xmm0, xmm0
-    punpckhbw   xmm1, xmm1
-
-    movdqa      XMMWORD [ebx+0*SIZEOF_XMMWORD], xmm0
-    movdqa      XMMWORD [ebx+1*SIZEOF_XMMWORD], xmm1
-    movdqa      XMMWORD [edi+0*SIZEOF_XMMWORD], xmm0
-    movdqa      XMMWORD [edi+1*SIZEOF_XMMWORD], xmm1
-
-    sub         eax, byte 2*SIZEOF_XMMWORD
-    jz          short .nextrow
-
-    movdqa      xmm2, XMMWORD [esi+1*SIZEOF_XMMWORD]
-
-    movdqa      xmm3, xmm2
-    punpcklbw   xmm2, xmm2
-    punpckhbw   xmm3, xmm3
-
-    movdqa      XMMWORD [ebx+2*SIZEOF_XMMWORD], xmm2
-    movdqa      XMMWORD [ebx+3*SIZEOF_XMMWORD], xmm3
-    movdqa      XMMWORD [edi+2*SIZEOF_XMMWORD], xmm2
-    movdqa      XMMWORD [edi+3*SIZEOF_XMMWORD], xmm3
-
-    sub         eax, byte 2*SIZEOF_XMMWORD
-    jz          short .nextrow
-
-    add         esi, byte 2*SIZEOF_XMMWORD  ; inptr
-    add         ebx, byte 4*SIZEOF_XMMWORD  ; outptr0
-    add         edi, byte 4*SIZEOF_XMMWORD  ; outptr1
-    jmp         short .columnloop
-    alignx      16, 7
-
-.nextrow:
-    pop         esi
-    pop         edi
-
-    add         esi, byte 1*SIZEOF_JSAMPROW  ; input_data
-    add         edi, byte 2*SIZEOF_JSAMPROW  ; output_data
-    sub         ecx, byte 2                  ; rowctr
-    jg          short .rowloop
-
-.return:
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctflt-3dn.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctflt-3dn.asm
deleted file mode 100644
index 322ab16..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctflt-3dn.asm
+++ /dev/null
@@ -1,318 +0,0 @@
-;
-; jfdctflt.asm - floating-point FDCT (3DNow!)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a floating-point implementation of the forward DCT
-; (Discrete Cosine Transform). The following code is based directly on
-; the IJG's original jfdctflt.c; see the jfdctflt.c for more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_fdct_float_3dnow)
-
-EXTN(jconst_fdct_float_3dnow):
-
-PD_0_382 times 2 dd 0.382683432365089771728460
-PD_0_707 times 2 dd 0.707106781186547524400844
-PD_0_541 times 2 dd 0.541196100146196984399723
-PD_1_306 times 2 dd 1.306562964876376527856643
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Perform the forward DCT on one block of samples.
-;
-; GLOBAL(void)
-; jsimd_fdct_float_3dnow(FAST_FLOAT *data)
-;
-
-%define data(b)       (b) + 8           ; FAST_FLOAT *data
-
-%define original_ebp  ebp + 0
-%define wk(i)         ebp - (WK_NUM - (i)) * SIZEOF_MMWORD  ; mmword wk[WK_NUM]
-%define WK_NUM        2
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_fdct_float_3dnow)
-
-EXTN(jsimd_fdct_float_3dnow):
-    push        ebp
-    mov         eax, esp                    ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_MMWORD)  ; align to 64 bits
-    mov         [esp], eax
-    mov         ebp, esp                    ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-;   push        esi                     ; unused
-;   push        edi                     ; unused
-
-    get_GOT     ebx                     ; get GOT address
-
-    ; ---- Pass 1: process rows.
-
-    mov         edx, POINTER [data(eax)]  ; (FAST_FLOAT *)
-    mov         ecx, DCTSIZE/2
-    alignx      16, 7
-.rowloop:
-
-    movq        mm0, MMWORD [MMBLOCK(0,0,edx,SIZEOF_FAST_FLOAT)]
-    movq        mm1, MMWORD [MMBLOCK(1,0,edx,SIZEOF_FAST_FLOAT)]
-    movq        mm2, MMWORD [MMBLOCK(0,3,edx,SIZEOF_FAST_FLOAT)]
-    movq        mm3, MMWORD [MMBLOCK(1,3,edx,SIZEOF_FAST_FLOAT)]
-
-    ; mm0=(00 01), mm1=(10 11), mm2=(06 07), mm3=(16 17)
-
-    movq        mm4, mm0                ; transpose coefficients
-    punpckldq   mm0, mm1                ; mm0=(00 10)=data0
-    punpckhdq   mm4, mm1                ; mm4=(01 11)=data1
-    movq        mm5, mm2                ; transpose coefficients
-    punpckldq   mm2, mm3                ; mm2=(06 16)=data6
-    punpckhdq   mm5, mm3                ; mm5=(07 17)=data7
-
-    movq        mm6, mm4
-    movq        mm7, mm0
-    pfsub       mm4, mm2                ; mm4=data1-data6=tmp6
-    pfsub       mm0, mm5                ; mm0=data0-data7=tmp7
-    pfadd       mm6, mm2                ; mm6=data1+data6=tmp1
-    pfadd       mm7, mm5                ; mm7=data0+data7=tmp0
-
-    movq        mm1, MMWORD [MMBLOCK(0,1,edx,SIZEOF_FAST_FLOAT)]
-    movq        mm3, MMWORD [MMBLOCK(1,1,edx,SIZEOF_FAST_FLOAT)]
-    movq        mm2, MMWORD [MMBLOCK(0,2,edx,SIZEOF_FAST_FLOAT)]
-    movq        mm5, MMWORD [MMBLOCK(1,2,edx,SIZEOF_FAST_FLOAT)]
-
-    ; mm1=(02 03), mm3=(12 13), mm2=(04 05), mm5=(14 15)
-
-    movq        MMWORD [wk(0)], mm4     ; wk(0)=tmp6
-    movq        MMWORD [wk(1)], mm0     ; wk(1)=tmp7
-
-    movq        mm4, mm1                ; transpose coefficients
-    punpckldq   mm1, mm3                ; mm1=(02 12)=data2
-    punpckhdq   mm4, mm3                ; mm4=(03 13)=data3
-    movq        mm0, mm2                ; transpose coefficients
-    punpckldq   mm2, mm5                ; mm2=(04 14)=data4
-    punpckhdq   mm0, mm5                ; mm0=(05 15)=data5
-
-    movq        mm3, mm4
-    movq        mm5, mm1
-    pfadd       mm4, mm2                ; mm4=data3+data4=tmp3
-    pfadd       mm1, mm0                ; mm1=data2+data5=tmp2
-    pfsub       mm3, mm2                ; mm3=data3-data4=tmp4
-    pfsub       mm5, mm0                ; mm5=data2-data5=tmp5
-
-    ; -- Even part
-
-    movq        mm2, mm7
-    movq        mm0, mm6
-    pfsub       mm7, mm4                ; mm7=tmp13
-    pfsub       mm6, mm1                ; mm6=tmp12
-    pfadd       mm2, mm4                ; mm2=tmp10
-    pfadd       mm0, mm1                ; mm0=tmp11
-
-    pfadd       mm6, mm7
-    pfmul       mm6, [GOTOFF(ebx,PD_0_707)]  ; mm6=z1
-
-    movq        mm4, mm2
-    movq        mm1, mm7
-    pfsub       mm2, mm0                ; mm2=data4
-    pfsub       mm7, mm6                ; mm7=data6
-    pfadd       mm4, mm0                ; mm4=data0
-    pfadd       mm1, mm6                ; mm1=data2
-
-    movq        MMWORD [MMBLOCK(0,2,edx,SIZEOF_FAST_FLOAT)], mm2
-    movq        MMWORD [MMBLOCK(0,3,edx,SIZEOF_FAST_FLOAT)], mm7
-    movq        MMWORD [MMBLOCK(0,0,edx,SIZEOF_FAST_FLOAT)], mm4
-    movq        MMWORD [MMBLOCK(0,1,edx,SIZEOF_FAST_FLOAT)], mm1
-
-    ; -- Odd part
-
-    movq        mm0, MMWORD [wk(0)]     ; mm0=tmp6
-    movq        mm6, MMWORD [wk(1)]     ; mm6=tmp7
-
-    pfadd       mm3, mm5                ; mm3=tmp10
-    pfadd       mm5, mm0                ; mm5=tmp11
-    pfadd       mm0, mm6                ; mm0=tmp12, mm6=tmp7
-
-    pfmul       mm5, [GOTOFF(ebx,PD_0_707)]  ; mm5=z3
-
-    movq        mm2, mm3                     ; mm2=tmp10
-    pfsub       mm3, mm0
-    pfmul       mm3, [GOTOFF(ebx,PD_0_382)]  ; mm3=z5
-    pfmul       mm2, [GOTOFF(ebx,PD_0_541)]  ; mm2=MULTIPLY(tmp10,FIX_0_54119610)
-    pfmul       mm0, [GOTOFF(ebx,PD_1_306)]  ; mm0=MULTIPLY(tmp12,FIX_1_30656296)
-    pfadd       mm2, mm3                     ; mm2=z2
-    pfadd       mm0, mm3                     ; mm0=z4
-
-    movq        mm7, mm6
-    pfsub       mm6, mm5                ; mm6=z13
-    pfadd       mm7, mm5                ; mm7=z11
-
-    movq        mm4, mm6
-    movq        mm1, mm7
-    pfsub       mm6, mm2                ; mm6=data3
-    pfsub       mm7, mm0                ; mm7=data7
-    pfadd       mm4, mm2                ; mm4=data5
-    pfadd       mm1, mm0                ; mm1=data1
-
-    movq        MMWORD [MMBLOCK(1,1,edx,SIZEOF_FAST_FLOAT)], mm6
-    movq        MMWORD [MMBLOCK(1,3,edx,SIZEOF_FAST_FLOAT)], mm7
-    movq        MMWORD [MMBLOCK(1,2,edx,SIZEOF_FAST_FLOAT)], mm4
-    movq        MMWORD [MMBLOCK(1,0,edx,SIZEOF_FAST_FLOAT)], mm1
-
-    add         edx, byte 2*DCTSIZE*SIZEOF_FAST_FLOAT
-    dec         ecx
-    jnz         near .rowloop
-
-    ; ---- Pass 2: process columns.
-
-    mov         edx, POINTER [data(eax)]  ; (FAST_FLOAT *)
-    mov         ecx, DCTSIZE/2
-    alignx      16, 7
-.columnloop:
-
-    movq        mm0, MMWORD [MMBLOCK(0,0,edx,SIZEOF_FAST_FLOAT)]
-    movq        mm1, MMWORD [MMBLOCK(1,0,edx,SIZEOF_FAST_FLOAT)]
-    movq        mm2, MMWORD [MMBLOCK(6,0,edx,SIZEOF_FAST_FLOAT)]
-    movq        mm3, MMWORD [MMBLOCK(7,0,edx,SIZEOF_FAST_FLOAT)]
-
-    ; mm0=(00 10), mm1=(01 11), mm2=(60 70), mm3=(61 71)
-
-    movq        mm4, mm0                ; transpose coefficients
-    punpckldq   mm0, mm1                ; mm0=(00 01)=data0
-    punpckhdq   mm4, mm1                ; mm4=(10 11)=data1
-    movq        mm5, mm2                ; transpose coefficients
-    punpckldq   mm2, mm3                ; mm2=(60 61)=data6
-    punpckhdq   mm5, mm3                ; mm5=(70 71)=data7
-
-    movq        mm6, mm4
-    movq        mm7, mm0
-    pfsub       mm4, mm2                ; mm4=data1-data6=tmp6
-    pfsub       mm0, mm5                ; mm0=data0-data7=tmp7
-    pfadd       mm6, mm2                ; mm6=data1+data6=tmp1
-    pfadd       mm7, mm5                ; mm7=data0+data7=tmp0
-
-    movq        mm1, MMWORD [MMBLOCK(2,0,edx,SIZEOF_FAST_FLOAT)]
-    movq        mm3, MMWORD [MMBLOCK(3,0,edx,SIZEOF_FAST_FLOAT)]
-    movq        mm2, MMWORD [MMBLOCK(4,0,edx,SIZEOF_FAST_FLOAT)]
-    movq        mm5, MMWORD [MMBLOCK(5,0,edx,SIZEOF_FAST_FLOAT)]
-
-    ; mm1=(20 30), mm3=(21 31), mm2=(40 50), mm5=(41 51)
-
-    movq        MMWORD [wk(0)], mm4     ; wk(0)=tmp6
-    movq        MMWORD [wk(1)], mm0     ; wk(1)=tmp7
-
-    movq        mm4, mm1                ; transpose coefficients
-    punpckldq   mm1, mm3                ; mm1=(20 21)=data2
-    punpckhdq   mm4, mm3                ; mm4=(30 31)=data3
-    movq        mm0, mm2                ; transpose coefficients
-    punpckldq   mm2, mm5                ; mm2=(40 41)=data4
-    punpckhdq   mm0, mm5                ; mm0=(50 51)=data5
-
-    movq        mm3, mm4
-    movq        mm5, mm1
-    pfadd       mm4, mm2                ; mm4=data3+data4=tmp3
-    pfadd       mm1, mm0                ; mm1=data2+data5=tmp2
-    pfsub       mm3, mm2                ; mm3=data3-data4=tmp4
-    pfsub       mm5, mm0                ; mm5=data2-data5=tmp5
-
-    ; -- Even part
-
-    movq        mm2, mm7
-    movq        mm0, mm6
-    pfsub       mm7, mm4                ; mm7=tmp13
-    pfsub       mm6, mm1                ; mm6=tmp12
-    pfadd       mm2, mm4                ; mm2=tmp10
-    pfadd       mm0, mm1                ; mm0=tmp11
-
-    pfadd       mm6, mm7
-    pfmul       mm6, [GOTOFF(ebx,PD_0_707)]  ; mm6=z1
-
-    movq        mm4, mm2
-    movq        mm1, mm7
-    pfsub       mm2, mm0                ; mm2=data4
-    pfsub       mm7, mm6                ; mm7=data6
-    pfadd       mm4, mm0                ; mm4=data0
-    pfadd       mm1, mm6                ; mm1=data2
-
-    movq        MMWORD [MMBLOCK(4,0,edx,SIZEOF_FAST_FLOAT)], mm2
-    movq        MMWORD [MMBLOCK(6,0,edx,SIZEOF_FAST_FLOAT)], mm7
-    movq        MMWORD [MMBLOCK(0,0,edx,SIZEOF_FAST_FLOAT)], mm4
-    movq        MMWORD [MMBLOCK(2,0,edx,SIZEOF_FAST_FLOAT)], mm1
-
-    ; -- Odd part
-
-    movq        mm0, MMWORD [wk(0)]     ; mm0=tmp6
-    movq        mm6, MMWORD [wk(1)]     ; mm6=tmp7
-
-    pfadd       mm3, mm5                ; mm3=tmp10
-    pfadd       mm5, mm0                ; mm5=tmp11
-    pfadd       mm0, mm6                ; mm0=tmp12, mm6=tmp7
-
-    pfmul       mm5, [GOTOFF(ebx,PD_0_707)]  ; mm5=z3
-
-    movq        mm2, mm3                     ; mm2=tmp10
-    pfsub       mm3, mm0
-    pfmul       mm3, [GOTOFF(ebx,PD_0_382)]  ; mm3=z5
-    pfmul       mm2, [GOTOFF(ebx,PD_0_541)]  ; mm2=MULTIPLY(tmp10,FIX_0_54119610)
-    pfmul       mm0, [GOTOFF(ebx,PD_1_306)]  ; mm0=MULTIPLY(tmp12,FIX_1_30656296)
-    pfadd       mm2, mm3                     ; mm2=z2
-    pfadd       mm0, mm3                     ; mm0=z4
-
-    movq        mm7, mm6
-    pfsub       mm6, mm5                ; mm6=z13
-    pfadd       mm7, mm5                ; mm7=z11
-
-    movq        mm4, mm6
-    movq        mm1, mm7
-    pfsub       mm6, mm2                ; mm6=data3
-    pfsub       mm7, mm0                ; mm7=data7
-    pfadd       mm4, mm2                ; mm4=data5
-    pfadd       mm1, mm0                ; mm1=data1
-
-    movq        MMWORD [MMBLOCK(3,0,edx,SIZEOF_FAST_FLOAT)], mm6
-    movq        MMWORD [MMBLOCK(7,0,edx,SIZEOF_FAST_FLOAT)], mm7
-    movq        MMWORD [MMBLOCK(5,0,edx,SIZEOF_FAST_FLOAT)], mm4
-    movq        MMWORD [MMBLOCK(1,0,edx,SIZEOF_FAST_FLOAT)], mm1
-
-    add         edx, byte 2*SIZEOF_FAST_FLOAT
-    dec         ecx
-    jnz         near .columnloop
-
-    femms                               ; empty MMX/3DNow! state
-
-;   pop         edi                     ; unused
-;   pop         esi                     ; unused
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    poppic      ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctflt-sse.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctflt-sse.asm
deleted file mode 100644
index 86952c6..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctflt-sse.asm
+++ /dev/null
@@ -1,369 +0,0 @@
-;
-; jfdctflt.asm - floating-point FDCT (SSE)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a floating-point implementation of the forward DCT
-; (Discrete Cosine Transform). The following code is based directly on
-; the IJG's original jfdctflt.c; see the jfdctflt.c for more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%macro  unpcklps2 2  ; %1=(0 1 2 3) / %2=(4 5 6 7) => %1=(0 1 4 5)
-    shufps      %1, %2, 0x44
-%endmacro
-
-%macro  unpckhps2 2  ; %1=(0 1 2 3) / %2=(4 5 6 7) => %1=(2 3 6 7)
-    shufps      %1, %2, 0xEE
-%endmacro
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_fdct_float_sse)
-
-EXTN(jconst_fdct_float_sse):
-
-PD_0_382 times 4 dd 0.382683432365089771728460
-PD_0_707 times 4 dd 0.707106781186547524400844
-PD_0_541 times 4 dd 0.541196100146196984399723
-PD_1_306 times 4 dd 1.306562964876376527856643
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Perform the forward DCT on one block of samples.
-;
-; GLOBAL(void)
-; jsimd_fdct_float_sse(FAST_FLOAT *data)
-;
-
-%define data(b)       (b) + 8           ; FAST_FLOAT *data
-
-%define original_ebp  ebp + 0
-%define wk(i)         ebp - (WK_NUM - (i)) * SIZEOF_XMMWORD
-                                        ; xmmword wk[WK_NUM]
-%define WK_NUM        2
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_fdct_float_sse)
-
-EXTN(jsimd_fdct_float_sse):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-;   push        esi                     ; unused
-;   push        edi                     ; unused
-
-    get_GOT     ebx                     ; get GOT address
-
-    ; ---- Pass 1: process rows.
-
-    mov         edx, POINTER [data(eax)]  ; (FAST_FLOAT *)
-    mov         ecx, DCTSIZE/4
-    alignx      16, 7
-.rowloop:
-
-    movaps      xmm0, XMMWORD [XMMBLOCK(2,0,edx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm1, XMMWORD [XMMBLOCK(3,0,edx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm2, XMMWORD [XMMBLOCK(2,1,edx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm3, XMMWORD [XMMBLOCK(3,1,edx,SIZEOF_FAST_FLOAT)]
-
-    ; xmm0=(20 21 22 23), xmm2=(24 25 26 27)
-    ; xmm1=(30 31 32 33), xmm3=(34 35 36 37)
-
-    movaps      xmm4, xmm0              ; transpose coefficients(phase 1)
-    unpcklps    xmm0, xmm1              ; xmm0=(20 30 21 31)
-    unpckhps    xmm4, xmm1              ; xmm4=(22 32 23 33)
-    movaps      xmm5, xmm2              ; transpose coefficients(phase 1)
-    unpcklps    xmm2, xmm3              ; xmm2=(24 34 25 35)
-    unpckhps    xmm5, xmm3              ; xmm5=(26 36 27 37)
-
-    movaps      xmm6, XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm7, XMMWORD [XMMBLOCK(1,0,edx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm1, XMMWORD [XMMBLOCK(0,1,edx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm3, XMMWORD [XMMBLOCK(1,1,edx,SIZEOF_FAST_FLOAT)]
-
-    ; xmm6=(00 01 02 03), xmm1=(04 05 06 07)
-    ; xmm7=(10 11 12 13), xmm3=(14 15 16 17)
-
-    movaps      XMMWORD [wk(0)], xmm4   ; wk(0)=(22 32 23 33)
-    movaps      XMMWORD [wk(1)], xmm2   ; wk(1)=(24 34 25 35)
-
-    movaps      xmm4, xmm6              ; transpose coefficients(phase 1)
-    unpcklps    xmm6, xmm7              ; xmm6=(00 10 01 11)
-    unpckhps    xmm4, xmm7              ; xmm4=(02 12 03 13)
-    movaps      xmm2, xmm1              ; transpose coefficients(phase 1)
-    unpcklps    xmm1, xmm3              ; xmm1=(04 14 05 15)
-    unpckhps    xmm2, xmm3              ; xmm2=(06 16 07 17)
-
-    movaps      xmm7, xmm6              ; transpose coefficients(phase 2)
-    unpcklps2   xmm6, xmm0              ; xmm6=(00 10 20 30)=data0
-    unpckhps2   xmm7, xmm0              ; xmm7=(01 11 21 31)=data1
-    movaps      xmm3, xmm2              ; transpose coefficients(phase 2)
-    unpcklps2   xmm2, xmm5              ; xmm2=(06 16 26 36)=data6
-    unpckhps2   xmm3, xmm5              ; xmm3=(07 17 27 37)=data7
-
-    movaps      xmm0, xmm7
-    movaps      xmm5, xmm6
-    subps       xmm7, xmm2              ; xmm7=data1-data6=tmp6
-    subps       xmm6, xmm3              ; xmm6=data0-data7=tmp7
-    addps       xmm0, xmm2              ; xmm0=data1+data6=tmp1
-    addps       xmm5, xmm3              ; xmm5=data0+data7=tmp0
-
-    movaps      xmm2, XMMWORD [wk(0)]   ; xmm2=(22 32 23 33)
-    movaps      xmm3, XMMWORD [wk(1)]   ; xmm3=(24 34 25 35)
-    movaps      XMMWORD [wk(0)], xmm7   ; wk(0)=tmp6
-    movaps      XMMWORD [wk(1)], xmm6   ; wk(1)=tmp7
-
-    movaps      xmm7, xmm4              ; transpose coefficients(phase 2)
-    unpcklps2   xmm4, xmm2              ; xmm4=(02 12 22 32)=data2
-    unpckhps2   xmm7, xmm2              ; xmm7=(03 13 23 33)=data3
-    movaps      xmm6, xmm1              ; transpose coefficients(phase 2)
-    unpcklps2   xmm1, xmm3              ; xmm1=(04 14 24 34)=data4
-    unpckhps2   xmm6, xmm3              ; xmm6=(05 15 25 35)=data5
-
-    movaps      xmm2, xmm7
-    movaps      xmm3, xmm4
-    addps       xmm7, xmm1              ; xmm7=data3+data4=tmp3
-    addps       xmm4, xmm6              ; xmm4=data2+data5=tmp2
-    subps       xmm2, xmm1              ; xmm2=data3-data4=tmp4
-    subps       xmm3, xmm6              ; xmm3=data2-data5=tmp5
-
-    ; -- Even part
-
-    movaps      xmm1, xmm5
-    movaps      xmm6, xmm0
-    subps       xmm5, xmm7              ; xmm5=tmp13
-    subps       xmm0, xmm4              ; xmm0=tmp12
-    addps       xmm1, xmm7              ; xmm1=tmp10
-    addps       xmm6, xmm4              ; xmm6=tmp11
-
-    addps       xmm0, xmm5
-    mulps       xmm0, [GOTOFF(ebx,PD_0_707)]  ; xmm0=z1
-
-    movaps      xmm7, xmm1
-    movaps      xmm4, xmm5
-    subps       xmm1, xmm6              ; xmm1=data4
-    subps       xmm5, xmm0              ; xmm5=data6
-    addps       xmm7, xmm6              ; xmm7=data0
-    addps       xmm4, xmm0              ; xmm4=data2
-
-    movaps      XMMWORD [XMMBLOCK(0,1,edx,SIZEOF_FAST_FLOAT)], xmm1
-    movaps      XMMWORD [XMMBLOCK(2,1,edx,SIZEOF_FAST_FLOAT)], xmm5
-    movaps      XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_FAST_FLOAT)], xmm7
-    movaps      XMMWORD [XMMBLOCK(2,0,edx,SIZEOF_FAST_FLOAT)], xmm4
-
-    ; -- Odd part
-
-    movaps      xmm6, XMMWORD [wk(0)]   ; xmm6=tmp6
-    movaps      xmm0, XMMWORD [wk(1)]   ; xmm0=tmp7
-
-    addps       xmm2, xmm3              ; xmm2=tmp10
-    addps       xmm3, xmm6              ; xmm3=tmp11
-    addps       xmm6, xmm0              ; xmm6=tmp12, xmm0=tmp7
-
-    mulps       xmm3, [GOTOFF(ebx,PD_0_707)]  ; xmm3=z3
-
-    movaps      xmm1, xmm2                    ; xmm1=tmp10
-    subps       xmm2, xmm6
-    mulps       xmm2, [GOTOFF(ebx,PD_0_382)]  ; xmm2=z5
-    mulps       xmm1, [GOTOFF(ebx,PD_0_541)]  ; xmm1=MULTIPLY(tmp10,FIX_0_541196)
-    mulps       xmm6, [GOTOFF(ebx,PD_1_306)]  ; xmm6=MULTIPLY(tmp12,FIX_1_306562)
-    addps       xmm1, xmm2                    ; xmm1=z2
-    addps       xmm6, xmm2                    ; xmm6=z4
-
-    movaps      xmm5, xmm0
-    subps       xmm0, xmm3              ; xmm0=z13
-    addps       xmm5, xmm3              ; xmm5=z11
-
-    movaps      xmm7, xmm0
-    movaps      xmm4, xmm5
-    subps       xmm0, xmm1              ; xmm0=data3
-    subps       xmm5, xmm6              ; xmm5=data7
-    addps       xmm7, xmm1              ; xmm7=data5
-    addps       xmm4, xmm6              ; xmm4=data1
-
-    movaps      XMMWORD [XMMBLOCK(3,0,edx,SIZEOF_FAST_FLOAT)], xmm0
-    movaps      XMMWORD [XMMBLOCK(3,1,edx,SIZEOF_FAST_FLOAT)], xmm5
-    movaps      XMMWORD [XMMBLOCK(1,1,edx,SIZEOF_FAST_FLOAT)], xmm7
-    movaps      XMMWORD [XMMBLOCK(1,0,edx,SIZEOF_FAST_FLOAT)], xmm4
-
-    add         edx, 4*DCTSIZE*SIZEOF_FAST_FLOAT
-    dec         ecx
-    jnz         near .rowloop
-
-    ; ---- Pass 2: process columns.
-
-    mov         edx, POINTER [data(eax)]  ; (FAST_FLOAT *)
-    mov         ecx, DCTSIZE/4
-    alignx      16, 7
-.columnloop:
-
-    movaps      xmm0, XMMWORD [XMMBLOCK(2,0,edx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm1, XMMWORD [XMMBLOCK(3,0,edx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm2, XMMWORD [XMMBLOCK(6,0,edx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm3, XMMWORD [XMMBLOCK(7,0,edx,SIZEOF_FAST_FLOAT)]
-
-    ; xmm0=(02 12 22 32), xmm2=(42 52 62 72)
-    ; xmm1=(03 13 23 33), xmm3=(43 53 63 73)
-
-    movaps      xmm4, xmm0              ; transpose coefficients(phase 1)
-    unpcklps    xmm0, xmm1              ; xmm0=(02 03 12 13)
-    unpckhps    xmm4, xmm1              ; xmm4=(22 23 32 33)
-    movaps      xmm5, xmm2              ; transpose coefficients(phase 1)
-    unpcklps    xmm2, xmm3              ; xmm2=(42 43 52 53)
-    unpckhps    xmm5, xmm3              ; xmm5=(62 63 72 73)
-
-    movaps      xmm6, XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm7, XMMWORD [XMMBLOCK(1,0,edx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm1, XMMWORD [XMMBLOCK(4,0,edx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm3, XMMWORD [XMMBLOCK(5,0,edx,SIZEOF_FAST_FLOAT)]
-
-    ; xmm6=(00 10 20 30), xmm1=(40 50 60 70)
-    ; xmm7=(01 11 21 31), xmm3=(41 51 61 71)
-
-    movaps      XMMWORD [wk(0)], xmm4   ; wk(0)=(22 23 32 33)
-    movaps      XMMWORD [wk(1)], xmm2   ; wk(1)=(42 43 52 53)
-
-    movaps      xmm4, xmm6              ; transpose coefficients(phase 1)
-    unpcklps    xmm6, xmm7              ; xmm6=(00 01 10 11)
-    unpckhps    xmm4, xmm7              ; xmm4=(20 21 30 31)
-    movaps      xmm2, xmm1              ; transpose coefficients(phase 1)
-    unpcklps    xmm1, xmm3              ; xmm1=(40 41 50 51)
-    unpckhps    xmm2, xmm3              ; xmm2=(60 61 70 71)
-
-    movaps      xmm7, xmm6              ; transpose coefficients(phase 2)
-    unpcklps2   xmm6, xmm0              ; xmm6=(00 01 02 03)=data0
-    unpckhps2   xmm7, xmm0              ; xmm7=(10 11 12 13)=data1
-    movaps      xmm3, xmm2              ; transpose coefficients(phase 2)
-    unpcklps2   xmm2, xmm5              ; xmm2=(60 61 62 63)=data6
-    unpckhps2   xmm3, xmm5              ; xmm3=(70 71 72 73)=data7
-
-    movaps      xmm0, xmm7
-    movaps      xmm5, xmm6
-    subps       xmm7, xmm2              ; xmm7=data1-data6=tmp6
-    subps       xmm6, xmm3              ; xmm6=data0-data7=tmp7
-    addps       xmm0, xmm2              ; xmm0=data1+data6=tmp1
-    addps       xmm5, xmm3              ; xmm5=data0+data7=tmp0
-
-    movaps      xmm2, XMMWORD [wk(0)]   ; xmm2=(22 23 32 33)
-    movaps      xmm3, XMMWORD [wk(1)]   ; xmm3=(42 43 52 53)
-    movaps      XMMWORD [wk(0)], xmm7   ; wk(0)=tmp6
-    movaps      XMMWORD [wk(1)], xmm6   ; wk(1)=tmp7
-
-    movaps      xmm7, xmm4              ; transpose coefficients(phase 2)
-    unpcklps2   xmm4, xmm2              ; xmm4=(20 21 22 23)=data2
-    unpckhps2   xmm7, xmm2              ; xmm7=(30 31 32 33)=data3
-    movaps      xmm6, xmm1              ; transpose coefficients(phase 2)
-    unpcklps2   xmm1, xmm3              ; xmm1=(40 41 42 43)=data4
-    unpckhps2   xmm6, xmm3              ; xmm6=(50 51 52 53)=data5
-
-    movaps      xmm2, xmm7
-    movaps      xmm3, xmm4
-    addps       xmm7, xmm1              ; xmm7=data3+data4=tmp3
-    addps       xmm4, xmm6              ; xmm4=data2+data5=tmp2
-    subps       xmm2, xmm1              ; xmm2=data3-data4=tmp4
-    subps       xmm3, xmm6              ; xmm3=data2-data5=tmp5
-
-    ; -- Even part
-
-    movaps      xmm1, xmm5
-    movaps      xmm6, xmm0
-    subps       xmm5, xmm7              ; xmm5=tmp13
-    subps       xmm0, xmm4              ; xmm0=tmp12
-    addps       xmm1, xmm7              ; xmm1=tmp10
-    addps       xmm6, xmm4              ; xmm6=tmp11
-
-    addps       xmm0, xmm5
-    mulps       xmm0, [GOTOFF(ebx,PD_0_707)]  ; xmm0=z1
-
-    movaps      xmm7, xmm1
-    movaps      xmm4, xmm5
-    subps       xmm1, xmm6              ; xmm1=data4
-    subps       xmm5, xmm0              ; xmm5=data6
-    addps       xmm7, xmm6              ; xmm7=data0
-    addps       xmm4, xmm0              ; xmm4=data2
-
-    movaps      XMMWORD [XMMBLOCK(4,0,edx,SIZEOF_FAST_FLOAT)], xmm1
-    movaps      XMMWORD [XMMBLOCK(6,0,edx,SIZEOF_FAST_FLOAT)], xmm5
-    movaps      XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_FAST_FLOAT)], xmm7
-    movaps      XMMWORD [XMMBLOCK(2,0,edx,SIZEOF_FAST_FLOAT)], xmm4
-
-    ; -- Odd part
-
-    movaps      xmm6, XMMWORD [wk(0)]   ; xmm6=tmp6
-    movaps      xmm0, XMMWORD [wk(1)]   ; xmm0=tmp7
-
-    addps       xmm2, xmm3              ; xmm2=tmp10
-    addps       xmm3, xmm6              ; xmm3=tmp11
-    addps       xmm6, xmm0              ; xmm6=tmp12, xmm0=tmp7
-
-    mulps       xmm3, [GOTOFF(ebx,PD_0_707)]  ; xmm3=z3
-
-    movaps      xmm1, xmm2                    ; xmm1=tmp10
-    subps       xmm2, xmm6
-    mulps       xmm2, [GOTOFF(ebx,PD_0_382)]  ; xmm2=z5
-    mulps       xmm1, [GOTOFF(ebx,PD_0_541)]  ; xmm1=MULTIPLY(tmp10,FIX_0_541196)
-    mulps       xmm6, [GOTOFF(ebx,PD_1_306)]  ; xmm6=MULTIPLY(tmp12,FIX_1_306562)
-    addps       xmm1, xmm2                    ; xmm1=z2
-    addps       xmm6, xmm2                    ; xmm6=z4
-
-    movaps      xmm5, xmm0
-    subps       xmm0, xmm3              ; xmm0=z13
-    addps       xmm5, xmm3              ; xmm5=z11
-
-    movaps      xmm7, xmm0
-    movaps      xmm4, xmm5
-    subps       xmm0, xmm1              ; xmm0=data3
-    subps       xmm5, xmm6              ; xmm5=data7
-    addps       xmm7, xmm1              ; xmm7=data5
-    addps       xmm4, xmm6              ; xmm4=data1
-
-    movaps      XMMWORD [XMMBLOCK(3,0,edx,SIZEOF_FAST_FLOAT)], xmm0
-    movaps      XMMWORD [XMMBLOCK(7,0,edx,SIZEOF_FAST_FLOAT)], xmm5
-    movaps      XMMWORD [XMMBLOCK(5,0,edx,SIZEOF_FAST_FLOAT)], xmm7
-    movaps      XMMWORD [XMMBLOCK(1,0,edx,SIZEOF_FAST_FLOAT)], xmm4
-
-    add         edx, byte 4*SIZEOF_FAST_FLOAT
-    dec         ecx
-    jnz         near .columnloop
-
-;   pop         edi                     ; unused
-;   pop         esi                     ; unused
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    poppic      ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctfst-mmx.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctfst-mmx.asm
deleted file mode 100644
index 80645a5..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctfst-mmx.asm
+++ /dev/null
@@ -1,395 +0,0 @@
-;
-; jfdctfst.asm - fast integer FDCT (MMX)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a fast, not so accurate integer implementation of
-; the forward DCT (Discrete Cosine Transform). The following code is
-; based directly on the IJG's original jfdctfst.c; see the jfdctfst.c
-; for more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%define CONST_BITS  8  ; 14 is also OK.
-
-%if CONST_BITS == 8
-F_0_382 equ  98  ; FIX(0.382683433)
-F_0_541 equ 139  ; FIX(0.541196100)
-F_0_707 equ 181  ; FIX(0.707106781)
-F_1_306 equ 334  ; FIX(1.306562965)
-%else
-; NASM cannot do compile-time arithmetic on floating-point constants.
-%define DESCALE(x, n)  (((x) + (1 << ((n) - 1))) >> (n))
-F_0_382 equ DESCALE( 410903207, 30 - CONST_BITS)  ; FIX(0.382683433)
-F_0_541 equ DESCALE( 581104887, 30 - CONST_BITS)  ; FIX(0.541196100)
-F_0_707 equ DESCALE( 759250124, 30 - CONST_BITS)  ; FIX(0.707106781)
-F_1_306 equ DESCALE(1402911301, 30 - CONST_BITS)  ; FIX(1.306562965)
-%endif
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-; PRE_MULTIPLY_SCALE_BITS <= 2 (to avoid overflow)
-; CONST_BITS + CONST_SHIFT + PRE_MULTIPLY_SCALE_BITS == 16 (for pmulhw)
-
-%define PRE_MULTIPLY_SCALE_BITS  2
-%define CONST_SHIFT              (16 - PRE_MULTIPLY_SCALE_BITS - CONST_BITS)
-
-    alignz      32
-    GLOBAL_DATA(jconst_fdct_ifast_mmx)
-
-EXTN(jconst_fdct_ifast_mmx):
-
-PW_F0707 times 4 dw F_0_707 << CONST_SHIFT
-PW_F0382 times 4 dw F_0_382 << CONST_SHIFT
-PW_F0541 times 4 dw F_0_541 << CONST_SHIFT
-PW_F1306 times 4 dw F_1_306 << CONST_SHIFT
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Perform the forward DCT on one block of samples.
-;
-; GLOBAL(void)
-; jsimd_fdct_ifast_mmx(DCTELEM *data)
-;
-
-%define data(b)       (b) + 8           ; DCTELEM *data
-
-%define original_ebp  ebp + 0
-%define wk(i)         ebp - (WK_NUM - (i)) * SIZEOF_MMWORD  ; mmword wk[WK_NUM]
-%define WK_NUM        2
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_fdct_ifast_mmx)
-
-EXTN(jsimd_fdct_ifast_mmx):
-    push        ebp
-    mov         eax, esp                    ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_MMWORD)  ; align to 64 bits
-    mov         [esp], eax
-    mov         ebp, esp                    ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-;   push        esi                     ; unused
-;   push        edi                     ; unused
-
-    get_GOT     ebx                     ; get GOT address
-
-    ; ---- Pass 1: process rows.
-
-    mov         edx, POINTER [data(eax)]  ; (DCTELEM *)
-    mov         ecx, DCTSIZE/4
-    alignx      16, 7
-.rowloop:
-
-    movq        mm0, MMWORD [MMBLOCK(2,0,edx,SIZEOF_DCTELEM)]
-    movq        mm1, MMWORD [MMBLOCK(3,0,edx,SIZEOF_DCTELEM)]
-    movq        mm2, MMWORD [MMBLOCK(2,1,edx,SIZEOF_DCTELEM)]
-    movq        mm3, MMWORD [MMBLOCK(3,1,edx,SIZEOF_DCTELEM)]
-
-    ; mm0=(20 21 22 23), mm2=(24 25 26 27)
-    ; mm1=(30 31 32 33), mm3=(34 35 36 37)
-
-    movq        mm4, mm0                ; transpose coefficients(phase 1)
-    punpcklwd   mm0, mm1                ; mm0=(20 30 21 31)
-    punpckhwd   mm4, mm1                ; mm4=(22 32 23 33)
-    movq        mm5, mm2                ; transpose coefficients(phase 1)
-    punpcklwd   mm2, mm3                ; mm2=(24 34 25 35)
-    punpckhwd   mm5, mm3                ; mm5=(26 36 27 37)
-
-    movq        mm6, MMWORD [MMBLOCK(0,0,edx,SIZEOF_DCTELEM)]
-    movq        mm7, MMWORD [MMBLOCK(1,0,edx,SIZEOF_DCTELEM)]
-    movq        mm1, MMWORD [MMBLOCK(0,1,edx,SIZEOF_DCTELEM)]
-    movq        mm3, MMWORD [MMBLOCK(1,1,edx,SIZEOF_DCTELEM)]
-
-    ; mm6=(00 01 02 03), mm1=(04 05 06 07)
-    ; mm7=(10 11 12 13), mm3=(14 15 16 17)
-
-    movq        MMWORD [wk(0)], mm4     ; wk(0)=(22 32 23 33)
-    movq        MMWORD [wk(1)], mm2     ; wk(1)=(24 34 25 35)
-
-    movq        mm4, mm6                ; transpose coefficients(phase 1)
-    punpcklwd   mm6, mm7                ; mm6=(00 10 01 11)
-    punpckhwd   mm4, mm7                ; mm4=(02 12 03 13)
-    movq        mm2, mm1                ; transpose coefficients(phase 1)
-    punpcklwd   mm1, mm3                ; mm1=(04 14 05 15)
-    punpckhwd   mm2, mm3                ; mm2=(06 16 07 17)
-
-    movq        mm7, mm6                ; transpose coefficients(phase 2)
-    punpckldq   mm6, mm0                ; mm6=(00 10 20 30)=data0
-    punpckhdq   mm7, mm0                ; mm7=(01 11 21 31)=data1
-    movq        mm3, mm2                ; transpose coefficients(phase 2)
-    punpckldq   mm2, mm5                ; mm2=(06 16 26 36)=data6
-    punpckhdq   mm3, mm5                ; mm3=(07 17 27 37)=data7
-
-    movq        mm0, mm7
-    movq        mm5, mm6
-    psubw       mm7, mm2                ; mm7=data1-data6=tmp6
-    psubw       mm6, mm3                ; mm6=data0-data7=tmp7
-    paddw       mm0, mm2                ; mm0=data1+data6=tmp1
-    paddw       mm5, mm3                ; mm5=data0+data7=tmp0
-
-    movq        mm2, MMWORD [wk(0)]     ; mm2=(22 32 23 33)
-    movq        mm3, MMWORD [wk(1)]     ; mm3=(24 34 25 35)
-    movq        MMWORD [wk(0)], mm7     ; wk(0)=tmp6
-    movq        MMWORD [wk(1)], mm6     ; wk(1)=tmp7
-
-    movq        mm7, mm4                ; transpose coefficients(phase 2)
-    punpckldq   mm4, mm2                ; mm4=(02 12 22 32)=data2
-    punpckhdq   mm7, mm2                ; mm7=(03 13 23 33)=data3
-    movq        mm6, mm1                ; transpose coefficients(phase 2)
-    punpckldq   mm1, mm3                ; mm1=(04 14 24 34)=data4
-    punpckhdq   mm6, mm3                ; mm6=(05 15 25 35)=data5
-
-    movq        mm2, mm7
-    movq        mm3, mm4
-    paddw       mm7, mm1                ; mm7=data3+data4=tmp3
-    paddw       mm4, mm6                ; mm4=data2+data5=tmp2
-    psubw       mm2, mm1                ; mm2=data3-data4=tmp4
-    psubw       mm3, mm6                ; mm3=data2-data5=tmp5
-
-    ; -- Even part
-
-    movq        mm1, mm5
-    movq        mm6, mm0
-    psubw       mm5, mm7                ; mm5=tmp13
-    psubw       mm0, mm4                ; mm0=tmp12
-    paddw       mm1, mm7                ; mm1=tmp10
-    paddw       mm6, mm4                ; mm6=tmp11
-
-    paddw       mm0, mm5
-    psllw       mm0, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      mm0, [GOTOFF(ebx,PW_F0707)]  ; mm0=z1
-
-    movq        mm7, mm1
-    movq        mm4, mm5
-    psubw       mm1, mm6                ; mm1=data4
-    psubw       mm5, mm0                ; mm5=data6
-    paddw       mm7, mm6                ; mm7=data0
-    paddw       mm4, mm0                ; mm4=data2
-
-    movq        MMWORD [MMBLOCK(0,1,edx,SIZEOF_DCTELEM)], mm1
-    movq        MMWORD [MMBLOCK(2,1,edx,SIZEOF_DCTELEM)], mm5
-    movq        MMWORD [MMBLOCK(0,0,edx,SIZEOF_DCTELEM)], mm7
-    movq        MMWORD [MMBLOCK(2,0,edx,SIZEOF_DCTELEM)], mm4
-
-    ; -- Odd part
-
-    movq        mm6, MMWORD [wk(0)]     ; mm6=tmp6
-    movq        mm0, MMWORD [wk(1)]     ; mm0=tmp7
-
-    paddw       mm2, mm3                ; mm2=tmp10
-    paddw       mm3, mm6                ; mm3=tmp11
-    paddw       mm6, mm0                ; mm6=tmp12, mm0=tmp7
-
-    psllw       mm2, PRE_MULTIPLY_SCALE_BITS
-    psllw       mm6, PRE_MULTIPLY_SCALE_BITS
-
-    psllw       mm3, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      mm3, [GOTOFF(ebx,PW_F0707)]  ; mm3=z3
-
-    movq        mm1, mm2                     ; mm1=tmp10
-    psubw       mm2, mm6
-    pmulhw      mm2, [GOTOFF(ebx,PW_F0382)]  ; mm2=z5
-    pmulhw      mm1, [GOTOFF(ebx,PW_F0541)]  ; mm1=MULTIPLY(tmp10,FIX_0_54119610)
-    pmulhw      mm6, [GOTOFF(ebx,PW_F1306)]  ; mm6=MULTIPLY(tmp12,FIX_1_30656296)
-    paddw       mm1, mm2                     ; mm1=z2
-    paddw       mm6, mm2                     ; mm6=z4
-
-    movq        mm5, mm0
-    psubw       mm0, mm3                ; mm0=z13
-    paddw       mm5, mm3                ; mm5=z11
-
-    movq        mm7, mm0
-    movq        mm4, mm5
-    psubw       mm0, mm1                ; mm0=data3
-    psubw       mm5, mm6                ; mm5=data7
-    paddw       mm7, mm1                ; mm7=data5
-    paddw       mm4, mm6                ; mm4=data1
-
-    movq        MMWORD [MMBLOCK(3,0,edx,SIZEOF_DCTELEM)], mm0
-    movq        MMWORD [MMBLOCK(3,1,edx,SIZEOF_DCTELEM)], mm5
-    movq        MMWORD [MMBLOCK(1,1,edx,SIZEOF_DCTELEM)], mm7
-    movq        MMWORD [MMBLOCK(1,0,edx,SIZEOF_DCTELEM)], mm4
-
-    add         edx, byte 4*DCTSIZE*SIZEOF_DCTELEM
-    dec         ecx
-    jnz         near .rowloop
-
-    ; ---- Pass 2: process columns.
-
-    mov         edx, POINTER [data(eax)]  ; (DCTELEM *)
-    mov         ecx, DCTSIZE/4
-    alignx      16, 7
-.columnloop:
-
-    movq        mm0, MMWORD [MMBLOCK(2,0,edx,SIZEOF_DCTELEM)]
-    movq        mm1, MMWORD [MMBLOCK(3,0,edx,SIZEOF_DCTELEM)]
-    movq        mm2, MMWORD [MMBLOCK(6,0,edx,SIZEOF_DCTELEM)]
-    movq        mm3, MMWORD [MMBLOCK(7,0,edx,SIZEOF_DCTELEM)]
-
-    ; mm0=(02 12 22 32), mm2=(42 52 62 72)
-    ; mm1=(03 13 23 33), mm3=(43 53 63 73)
-
-    movq        mm4, mm0                ; transpose coefficients(phase 1)
-    punpcklwd   mm0, mm1                ; mm0=(02 03 12 13)
-    punpckhwd   mm4, mm1                ; mm4=(22 23 32 33)
-    movq        mm5, mm2                ; transpose coefficients(phase 1)
-    punpcklwd   mm2, mm3                ; mm2=(42 43 52 53)
-    punpckhwd   mm5, mm3                ; mm5=(62 63 72 73)
-
-    movq        mm6, MMWORD [MMBLOCK(0,0,edx,SIZEOF_DCTELEM)]
-    movq        mm7, MMWORD [MMBLOCK(1,0,edx,SIZEOF_DCTELEM)]
-    movq        mm1, MMWORD [MMBLOCK(4,0,edx,SIZEOF_DCTELEM)]
-    movq        mm3, MMWORD [MMBLOCK(5,0,edx,SIZEOF_DCTELEM)]
-
-    ; mm6=(00 10 20 30), mm1=(40 50 60 70)
-    ; mm7=(01 11 21 31), mm3=(41 51 61 71)
-
-    movq        MMWORD [wk(0)], mm4     ; wk(0)=(22 23 32 33)
-    movq        MMWORD [wk(1)], mm2     ; wk(1)=(42 43 52 53)
-
-    movq        mm4, mm6                ; transpose coefficients(phase 1)
-    punpcklwd   mm6, mm7                ; mm6=(00 01 10 11)
-    punpckhwd   mm4, mm7                ; mm4=(20 21 30 31)
-    movq        mm2, mm1                ; transpose coefficients(phase 1)
-    punpcklwd   mm1, mm3                ; mm1=(40 41 50 51)
-    punpckhwd   mm2, mm3                ; mm2=(60 61 70 71)
-
-    movq        mm7, mm6                ; transpose coefficients(phase 2)
-    punpckldq   mm6, mm0                ; mm6=(00 01 02 03)=data0
-    punpckhdq   mm7, mm0                ; mm7=(10 11 12 13)=data1
-    movq        mm3, mm2                ; transpose coefficients(phase 2)
-    punpckldq   mm2, mm5                ; mm2=(60 61 62 63)=data6
-    punpckhdq   mm3, mm5                ; mm3=(70 71 72 73)=data7
-
-    movq        mm0, mm7
-    movq        mm5, mm6
-    psubw       mm7, mm2                ; mm7=data1-data6=tmp6
-    psubw       mm6, mm3                ; mm6=data0-data7=tmp7
-    paddw       mm0, mm2                ; mm0=data1+data6=tmp1
-    paddw       mm5, mm3                ; mm5=data0+data7=tmp0
-
-    movq        mm2, MMWORD [wk(0)]     ; mm2=(22 23 32 33)
-    movq        mm3, MMWORD [wk(1)]     ; mm3=(42 43 52 53)
-    movq        MMWORD [wk(0)], mm7     ; wk(0)=tmp6
-    movq        MMWORD [wk(1)], mm6     ; wk(1)=tmp7
-
-    movq        mm7, mm4                ; transpose coefficients(phase 2)
-    punpckldq   mm4, mm2                ; mm4=(20 21 22 23)=data2
-    punpckhdq   mm7, mm2                ; mm7=(30 31 32 33)=data3
-    movq        mm6, mm1                ; transpose coefficients(phase 2)
-    punpckldq   mm1, mm3                ; mm1=(40 41 42 43)=data4
-    punpckhdq   mm6, mm3                ; mm6=(50 51 52 53)=data5
-
-    movq        mm2, mm7
-    movq        mm3, mm4
-    paddw       mm7, mm1                ; mm7=data3+data4=tmp3
-    paddw       mm4, mm6                ; mm4=data2+data5=tmp2
-    psubw       mm2, mm1                ; mm2=data3-data4=tmp4
-    psubw       mm3, mm6                ; mm3=data2-data5=tmp5
-
-    ; -- Even part
-
-    movq        mm1, mm5
-    movq        mm6, mm0
-    psubw       mm5, mm7                ; mm5=tmp13
-    psubw       mm0, mm4                ; mm0=tmp12
-    paddw       mm1, mm7                ; mm1=tmp10
-    paddw       mm6, mm4                ; mm6=tmp11
-
-    paddw       mm0, mm5
-    psllw       mm0, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      mm0, [GOTOFF(ebx,PW_F0707)]  ; mm0=z1
-
-    movq        mm7, mm1
-    movq        mm4, mm5
-    psubw       mm1, mm6                ; mm1=data4
-    psubw       mm5, mm0                ; mm5=data6
-    paddw       mm7, mm6                ; mm7=data0
-    paddw       mm4, mm0                ; mm4=data2
-
-    movq        MMWORD [MMBLOCK(4,0,edx,SIZEOF_DCTELEM)], mm1
-    movq        MMWORD [MMBLOCK(6,0,edx,SIZEOF_DCTELEM)], mm5
-    movq        MMWORD [MMBLOCK(0,0,edx,SIZEOF_DCTELEM)], mm7
-    movq        MMWORD [MMBLOCK(2,0,edx,SIZEOF_DCTELEM)], mm4
-
-    ; -- Odd part
-
-    movq        mm6, MMWORD [wk(0)]     ; mm6=tmp6
-    movq        mm0, MMWORD [wk(1)]     ; mm0=tmp7
-
-    paddw       mm2, mm3                ; mm2=tmp10
-    paddw       mm3, mm6                ; mm3=tmp11
-    paddw       mm6, mm0                ; mm6=tmp12, mm0=tmp7
-
-    psllw       mm2, PRE_MULTIPLY_SCALE_BITS
-    psllw       mm6, PRE_MULTIPLY_SCALE_BITS
-
-    psllw       mm3, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      mm3, [GOTOFF(ebx,PW_F0707)]  ; mm3=z3
-
-    movq        mm1, mm2                     ; mm1=tmp10
-    psubw       mm2, mm6
-    pmulhw      mm2, [GOTOFF(ebx,PW_F0382)]  ; mm2=z5
-    pmulhw      mm1, [GOTOFF(ebx,PW_F0541)]  ; mm1=MULTIPLY(tmp10,FIX_0_54119610)
-    pmulhw      mm6, [GOTOFF(ebx,PW_F1306)]  ; mm6=MULTIPLY(tmp12,FIX_1_30656296)
-    paddw       mm1, mm2                     ; mm1=z2
-    paddw       mm6, mm2                     ; mm6=z4
-
-    movq        mm5, mm0
-    psubw       mm0, mm3                ; mm0=z13
-    paddw       mm5, mm3                ; mm5=z11
-
-    movq        mm7, mm0
-    movq        mm4, mm5
-    psubw       mm0, mm1                ; mm0=data3
-    psubw       mm5, mm6                ; mm5=data7
-    paddw       mm7, mm1                ; mm7=data5
-    paddw       mm4, mm6                ; mm4=data1
-
-    movq        MMWORD [MMBLOCK(3,0,edx,SIZEOF_DCTELEM)], mm0
-    movq        MMWORD [MMBLOCK(7,0,edx,SIZEOF_DCTELEM)], mm5
-    movq        MMWORD [MMBLOCK(5,0,edx,SIZEOF_DCTELEM)], mm7
-    movq        MMWORD [MMBLOCK(1,0,edx,SIZEOF_DCTELEM)], mm4
-
-    add         edx, byte 4*SIZEOF_DCTELEM
-    dec         ecx
-    jnz         near .columnloop
-
-    emms                                ; empty MMX state
-
-;   pop         edi                     ; unused
-;   pop         esi                     ; unused
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    poppic      ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctfst-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctfst-sse2.asm
deleted file mode 100644
index 446fa7a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctfst-sse2.asm
+++ /dev/null
@@ -1,403 +0,0 @@
-;
-; jfdctfst.asm - fast integer FDCT (SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a fast, not so accurate integer implementation of
-; the forward DCT (Discrete Cosine Transform). The following code is
-; based directly on the IJG's original jfdctfst.c; see the jfdctfst.c
-; for more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%define CONST_BITS  8  ; 14 is also OK.
-
-%if CONST_BITS == 8
-F_0_382 equ  98  ; FIX(0.382683433)
-F_0_541 equ 139  ; FIX(0.541196100)
-F_0_707 equ 181  ; FIX(0.707106781)
-F_1_306 equ 334  ; FIX(1.306562965)
-%else
-; NASM cannot do compile-time arithmetic on floating-point constants.
-%define DESCALE(x, n)  (((x) + (1 << ((n) - 1))) >> (n))
-F_0_382 equ DESCALE( 410903207, 30 - CONST_BITS)  ; FIX(0.382683433)
-F_0_541 equ DESCALE( 581104887, 30 - CONST_BITS)  ; FIX(0.541196100)
-F_0_707 equ DESCALE( 759250124, 30 - CONST_BITS)  ; FIX(0.707106781)
-F_1_306 equ DESCALE(1402911301, 30 - CONST_BITS)  ; FIX(1.306562965)
-%endif
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-; PRE_MULTIPLY_SCALE_BITS <= 2 (to avoid overflow)
-; CONST_BITS + CONST_SHIFT + PRE_MULTIPLY_SCALE_BITS == 16 (for pmulhw)
-
-%define PRE_MULTIPLY_SCALE_BITS  2
-%define CONST_SHIFT              (16 - PRE_MULTIPLY_SCALE_BITS - CONST_BITS)
-
-    alignz      32
-    GLOBAL_DATA(jconst_fdct_ifast_sse2)
-
-EXTN(jconst_fdct_ifast_sse2):
-
-PW_F0707 times 8 dw F_0_707 << CONST_SHIFT
-PW_F0382 times 8 dw F_0_382 << CONST_SHIFT
-PW_F0541 times 8 dw F_0_541 << CONST_SHIFT
-PW_F1306 times 8 dw F_1_306 << CONST_SHIFT
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Perform the forward DCT on one block of samples.
-;
-; GLOBAL(void)
-; jsimd_fdct_ifast_sse2(DCTELEM *data)
-;
-
-%define data(b)       (b) + 8           ; DCTELEM *data
-
-%define original_ebp  ebp + 0
-%define wk(i)         ebp - (WK_NUM - (i)) * SIZEOF_XMMWORD
-                                        ; xmmword wk[WK_NUM]
-%define WK_NUM        2
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_fdct_ifast_sse2)
-
-EXTN(jsimd_fdct_ifast_sse2):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     ebx
-;   push        ecx                     ; unused
-;   push        edx                     ; need not be preserved
-;   push        esi                     ; unused
-;   push        edi                     ; unused
-
-    get_GOT     ebx                     ; get GOT address
-
-    ; ---- Pass 1: process rows.
-
-    mov         edx, POINTER [data(eax)]  ; (DCTELEM *)
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_DCTELEM)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(1,0,edx,SIZEOF_DCTELEM)]
-    movdqa      xmm2, XMMWORD [XMMBLOCK(2,0,edx,SIZEOF_DCTELEM)]
-    movdqa      xmm3, XMMWORD [XMMBLOCK(3,0,edx,SIZEOF_DCTELEM)]
-
-    ; xmm0=(00 01 02 03 04 05 06 07), xmm2=(20 21 22 23 24 25 26 27)
-    ; xmm1=(10 11 12 13 14 15 16 17), xmm3=(30 31 32 33 34 35 36 37)
-
-    movdqa      xmm4, xmm0              ; transpose coefficients(phase 1)
-    punpcklwd   xmm0, xmm1              ; xmm0=(00 10 01 11 02 12 03 13)
-    punpckhwd   xmm4, xmm1              ; xmm4=(04 14 05 15 06 16 07 17)
-    movdqa      xmm5, xmm2              ; transpose coefficients(phase 1)
-    punpcklwd   xmm2, xmm3              ; xmm2=(20 30 21 31 22 32 23 33)
-    punpckhwd   xmm5, xmm3              ; xmm5=(24 34 25 35 26 36 27 37)
-
-    movdqa      xmm6, XMMWORD [XMMBLOCK(4,0,edx,SIZEOF_DCTELEM)]
-    movdqa      xmm7, XMMWORD [XMMBLOCK(5,0,edx,SIZEOF_DCTELEM)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(6,0,edx,SIZEOF_DCTELEM)]
-    movdqa      xmm3, XMMWORD [XMMBLOCK(7,0,edx,SIZEOF_DCTELEM)]
-
-    ; xmm6=( 4 12 20 28 36 44 52 60), xmm1=( 6 14 22 30 38 46 54 62)
-    ; xmm7=( 5 13 21 29 37 45 53 61), xmm3=( 7 15 23 31 39 47 55 63)
-
-    movdqa      XMMWORD [wk(0)], xmm2   ; wk(0)=(20 30 21 31 22 32 23 33)
-    movdqa      XMMWORD [wk(1)], xmm5   ; wk(1)=(24 34 25 35 26 36 27 37)
-
-    movdqa      xmm2, xmm6              ; transpose coefficients(phase 1)
-    punpcklwd   xmm6, xmm7              ; xmm6=(40 50 41 51 42 52 43 53)
-    punpckhwd   xmm2, xmm7              ; xmm2=(44 54 45 55 46 56 47 57)
-    movdqa      xmm5, xmm1              ; transpose coefficients(phase 1)
-    punpcklwd   xmm1, xmm3              ; xmm1=(60 70 61 71 62 72 63 73)
-    punpckhwd   xmm5, xmm3              ; xmm5=(64 74 65 75 66 76 67 77)
-
-    movdqa      xmm7, xmm6              ; transpose coefficients(phase 2)
-    punpckldq   xmm6, xmm1              ; xmm6=(40 50 60 70 41 51 61 71)
-    punpckhdq   xmm7, xmm1              ; xmm7=(42 52 62 72 43 53 63 73)
-    movdqa      xmm3, xmm2              ; transpose coefficients(phase 2)
-    punpckldq   xmm2, xmm5              ; xmm2=(44 54 64 74 45 55 65 75)
-    punpckhdq   xmm3, xmm5              ; xmm3=(46 56 66 76 47 57 67 77)
-
-    movdqa      xmm1, XMMWORD [wk(0)]   ; xmm1=(20 30 21 31 22 32 23 33)
-    movdqa      xmm5, XMMWORD [wk(1)]   ; xmm5=(24 34 25 35 26 36 27 37)
-    movdqa      XMMWORD [wk(0)], xmm7   ; wk(0)=(42 52 62 72 43 53 63 73)
-    movdqa      XMMWORD [wk(1)], xmm2   ; wk(1)=(44 54 64 74 45 55 65 75)
-
-    movdqa      xmm7, xmm0              ; transpose coefficients(phase 2)
-    punpckldq   xmm0, xmm1              ; xmm0=(00 10 20 30 01 11 21 31)
-    punpckhdq   xmm7, xmm1              ; xmm7=(02 12 22 32 03 13 23 33)
-    movdqa      xmm2, xmm4              ; transpose coefficients(phase 2)
-    punpckldq   xmm4, xmm5              ; xmm4=(04 14 24 34 05 15 25 35)
-    punpckhdq   xmm2, xmm5              ; xmm2=(06 16 26 36 07 17 27 37)
-
-    movdqa      xmm1, xmm0              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm0, xmm6              ; xmm0=(00 10 20 30 40 50 60 70)=data0
-    punpckhqdq  xmm1, xmm6              ; xmm1=(01 11 21 31 41 51 61 71)=data1
-    movdqa      xmm5, xmm2              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm2, xmm3              ; xmm2=(06 16 26 36 46 56 66 76)=data6
-    punpckhqdq  xmm5, xmm3              ; xmm5=(07 17 27 37 47 57 67 77)=data7
-
-    movdqa      xmm6, xmm1
-    movdqa      xmm3, xmm0
-    psubw       xmm1, xmm2              ; xmm1=data1-data6=tmp6
-    psubw       xmm0, xmm5              ; xmm0=data0-data7=tmp7
-    paddw       xmm6, xmm2              ; xmm6=data1+data6=tmp1
-    paddw       xmm3, xmm5              ; xmm3=data0+data7=tmp0
-
-    movdqa      xmm2, XMMWORD [wk(0)]   ; xmm2=(42 52 62 72 43 53 63 73)
-    movdqa      xmm5, XMMWORD [wk(1)]   ; xmm5=(44 54 64 74 45 55 65 75)
-    movdqa      XMMWORD [wk(0)], xmm1   ; wk(0)=tmp6
-    movdqa      XMMWORD [wk(1)], xmm0   ; wk(1)=tmp7
-
-    movdqa      xmm1, xmm7              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm7, xmm2              ; xmm7=(02 12 22 32 42 52 62 72)=data2
-    punpckhqdq  xmm1, xmm2              ; xmm1=(03 13 23 33 43 53 63 73)=data3
-    movdqa      xmm0, xmm4              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm4, xmm5              ; xmm4=(04 14 24 34 44 54 64 74)=data4
-    punpckhqdq  xmm0, xmm5              ; xmm0=(05 15 25 35 45 55 65 75)=data5
-
-    movdqa      xmm2, xmm1
-    movdqa      xmm5, xmm7
-    paddw       xmm1, xmm4              ; xmm1=data3+data4=tmp3
-    paddw       xmm7, xmm0              ; xmm7=data2+data5=tmp2
-    psubw       xmm2, xmm4              ; xmm2=data3-data4=tmp4
-    psubw       xmm5, xmm0              ; xmm5=data2-data5=tmp5
-
-    ; -- Even part
-
-    movdqa      xmm4, xmm3
-    movdqa      xmm0, xmm6
-    psubw       xmm3, xmm1              ; xmm3=tmp13
-    psubw       xmm6, xmm7              ; xmm6=tmp12
-    paddw       xmm4, xmm1              ; xmm4=tmp10
-    paddw       xmm0, xmm7              ; xmm0=tmp11
-
-    paddw       xmm6, xmm3
-    psllw       xmm6, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      xmm6, [GOTOFF(ebx,PW_F0707)]  ; xmm6=z1
-
-    movdqa      xmm1, xmm4
-    movdqa      xmm7, xmm3
-    psubw       xmm4, xmm0              ; xmm4=data4
-    psubw       xmm3, xmm6              ; xmm3=data6
-    paddw       xmm1, xmm0              ; xmm1=data0
-    paddw       xmm7, xmm6              ; xmm7=data2
-
-    movdqa      xmm0, XMMWORD [wk(0)]   ; xmm0=tmp6
-    movdqa      xmm6, XMMWORD [wk(1)]   ; xmm6=tmp7
-    movdqa      XMMWORD [wk(0)], xmm4   ; wk(0)=data4
-    movdqa      XMMWORD [wk(1)], xmm3   ; wk(1)=data6
-
-    ; -- Odd part
-
-    paddw       xmm2, xmm5              ; xmm2=tmp10
-    paddw       xmm5, xmm0              ; xmm5=tmp11
-    paddw       xmm0, xmm6              ; xmm0=tmp12, xmm6=tmp7
-
-    psllw       xmm2, PRE_MULTIPLY_SCALE_BITS
-    psllw       xmm0, PRE_MULTIPLY_SCALE_BITS
-
-    psllw       xmm5, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      xmm5, [GOTOFF(ebx,PW_F0707)]  ; xmm5=z3
-
-    movdqa      xmm4, xmm2                    ; xmm4=tmp10
-    psubw       xmm2, xmm0
-    pmulhw      xmm2, [GOTOFF(ebx,PW_F0382)]  ; xmm2=z5
-    pmulhw      xmm4, [GOTOFF(ebx,PW_F0541)]  ; xmm4=MULTIPLY(tmp10,FIX_0_541196)
-    pmulhw      xmm0, [GOTOFF(ebx,PW_F1306)]  ; xmm0=MULTIPLY(tmp12,FIX_1_306562)
-    paddw       xmm4, xmm2                    ; xmm4=z2
-    paddw       xmm0, xmm2                    ; xmm0=z4
-
-    movdqa      xmm3, xmm6
-    psubw       xmm6, xmm5              ; xmm6=z13
-    paddw       xmm3, xmm5              ; xmm3=z11
-
-    movdqa      xmm2, xmm6
-    movdqa      xmm5, xmm3
-    psubw       xmm6, xmm4              ; xmm6=data3
-    psubw       xmm3, xmm0              ; xmm3=data7
-    paddw       xmm2, xmm4              ; xmm2=data5
-    paddw       xmm5, xmm0              ; xmm5=data1
-
-    ; ---- Pass 2: process columns.
-
-;   mov         edx, POINTER [data(eax)]  ; (DCTELEM *)
-
-    ; xmm1=(00 10 20 30 40 50 60 70), xmm7=(02 12 22 32 42 52 62 72)
-    ; xmm5=(01 11 21 31 41 51 61 71), xmm6=(03 13 23 33 43 53 63 73)
-
-    movdqa      xmm4, xmm1              ; transpose coefficients(phase 1)
-    punpcklwd   xmm1, xmm5              ; xmm1=(00 01 10 11 20 21 30 31)
-    punpckhwd   xmm4, xmm5              ; xmm4=(40 41 50 51 60 61 70 71)
-    movdqa      xmm0, xmm7              ; transpose coefficients(phase 1)
-    punpcklwd   xmm7, xmm6              ; xmm7=(02 03 12 13 22 23 32 33)
-    punpckhwd   xmm0, xmm6              ; xmm0=(42 43 52 53 62 63 72 73)
-
-    movdqa      xmm5, XMMWORD [wk(0)]   ; xmm5=col4
-    movdqa      xmm6, XMMWORD [wk(1)]   ; xmm6=col6
-
-    ; xmm5=(04 14 24 34 44 54 64 74), xmm6=(06 16 26 36 46 56 66 76)
-    ; xmm2=(05 15 25 35 45 55 65 75), xmm3=(07 17 27 37 47 57 67 77)
-
-    movdqa      XMMWORD [wk(0)], xmm7   ; wk(0)=(02 03 12 13 22 23 32 33)
-    movdqa      XMMWORD [wk(1)], xmm0   ; wk(1)=(42 43 52 53 62 63 72 73)
-
-    movdqa      xmm7, xmm5              ; transpose coefficients(phase 1)
-    punpcklwd   xmm5, xmm2              ; xmm5=(04 05 14 15 24 25 34 35)
-    punpckhwd   xmm7, xmm2              ; xmm7=(44 45 54 55 64 65 74 75)
-    movdqa      xmm0, xmm6              ; transpose coefficients(phase 1)
-    punpcklwd   xmm6, xmm3              ; xmm6=(06 07 16 17 26 27 36 37)
-    punpckhwd   xmm0, xmm3              ; xmm0=(46 47 56 57 66 67 76 77)
-
-    movdqa      xmm2, xmm5              ; transpose coefficients(phase 2)
-    punpckldq   xmm5, xmm6              ; xmm5=(04 05 06 07 14 15 16 17)
-    punpckhdq   xmm2, xmm6              ; xmm2=(24 25 26 27 34 35 36 37)
-    movdqa      xmm3, xmm7              ; transpose coefficients(phase 2)
-    punpckldq   xmm7, xmm0              ; xmm7=(44 45 46 47 54 55 56 57)
-    punpckhdq   xmm3, xmm0              ; xmm3=(64 65 66 67 74 75 76 77)
-
-    movdqa      xmm6, XMMWORD [wk(0)]   ; xmm6=(02 03 12 13 22 23 32 33)
-    movdqa      xmm0, XMMWORD [wk(1)]   ; xmm0=(42 43 52 53 62 63 72 73)
-    movdqa      XMMWORD [wk(0)], xmm2   ; wk(0)=(24 25 26 27 34 35 36 37)
-    movdqa      XMMWORD [wk(1)], xmm7   ; wk(1)=(44 45 46 47 54 55 56 57)
-
-    movdqa      xmm2, xmm1              ; transpose coefficients(phase 2)
-    punpckldq   xmm1, xmm6              ; xmm1=(00 01 02 03 10 11 12 13)
-    punpckhdq   xmm2, xmm6              ; xmm2=(20 21 22 23 30 31 32 33)
-    movdqa      xmm7, xmm4              ; transpose coefficients(phase 2)
-    punpckldq   xmm4, xmm0              ; xmm4=(40 41 42 43 50 51 52 53)
-    punpckhdq   xmm7, xmm0              ; xmm7=(60 61 62 63 70 71 72 73)
-
-    movdqa      xmm6, xmm1              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm1, xmm5              ; xmm1=(00 01 02 03 04 05 06 07)=data0
-    punpckhqdq  xmm6, xmm5              ; xmm6=(10 11 12 13 14 15 16 17)=data1
-    movdqa      xmm0, xmm7              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm7, xmm3              ; xmm7=(60 61 62 63 64 65 66 67)=data6
-    punpckhqdq  xmm0, xmm3              ; xmm0=(70 71 72 73 74 75 76 77)=data7
-
-    movdqa      xmm5, xmm6
-    movdqa      xmm3, xmm1
-    psubw       xmm6, xmm7              ; xmm6=data1-data6=tmp6
-    psubw       xmm1, xmm0              ; xmm1=data0-data7=tmp7
-    paddw       xmm5, xmm7              ; xmm5=data1+data6=tmp1
-    paddw       xmm3, xmm0              ; xmm3=data0+data7=tmp0
-
-    movdqa      xmm7, XMMWORD [wk(0)]   ; xmm7=(24 25 26 27 34 35 36 37)
-    movdqa      xmm0, XMMWORD [wk(1)]   ; xmm0=(44 45 46 47 54 55 56 57)
-    movdqa      XMMWORD [wk(0)], xmm6   ; wk(0)=tmp6
-    movdqa      XMMWORD [wk(1)], xmm1   ; wk(1)=tmp7
-
-    movdqa      xmm6, xmm2              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm2, xmm7              ; xmm2=(20 21 22 23 24 25 26 27)=data2
-    punpckhqdq  xmm6, xmm7              ; xmm6=(30 31 32 33 34 35 36 37)=data3
-    movdqa      xmm1, xmm4              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm4, xmm0              ; xmm4=(40 41 42 43 44 45 46 47)=data4
-    punpckhqdq  xmm1, xmm0              ; xmm1=(50 51 52 53 54 55 56 57)=data5
-
-    movdqa      xmm7, xmm6
-    movdqa      xmm0, xmm2
-    paddw       xmm6, xmm4              ; xmm6=data3+data4=tmp3
-    paddw       xmm2, xmm1              ; xmm2=data2+data5=tmp2
-    psubw       xmm7, xmm4              ; xmm7=data3-data4=tmp4
-    psubw       xmm0, xmm1              ; xmm0=data2-data5=tmp5
-
-    ; -- Even part
-
-    movdqa      xmm4, xmm3
-    movdqa      xmm1, xmm5
-    psubw       xmm3, xmm6              ; xmm3=tmp13
-    psubw       xmm5, xmm2              ; xmm5=tmp12
-    paddw       xmm4, xmm6              ; xmm4=tmp10
-    paddw       xmm1, xmm2              ; xmm1=tmp11
-
-    paddw       xmm5, xmm3
-    psllw       xmm5, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      xmm5, [GOTOFF(ebx,PW_F0707)]  ; xmm5=z1
-
-    movdqa      xmm6, xmm4
-    movdqa      xmm2, xmm3
-    psubw       xmm4, xmm1              ; xmm4=data4
-    psubw       xmm3, xmm5              ; xmm3=data6
-    paddw       xmm6, xmm1              ; xmm6=data0
-    paddw       xmm2, xmm5              ; xmm2=data2
-
-    movdqa      XMMWORD [XMMBLOCK(4,0,edx,SIZEOF_DCTELEM)], xmm4
-    movdqa      XMMWORD [XMMBLOCK(6,0,edx,SIZEOF_DCTELEM)], xmm3
-    movdqa      XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_DCTELEM)], xmm6
-    movdqa      XMMWORD [XMMBLOCK(2,0,edx,SIZEOF_DCTELEM)], xmm2
-
-    ; -- Odd part
-
-    movdqa      xmm1, XMMWORD [wk(0)]   ; xmm1=tmp6
-    movdqa      xmm5, XMMWORD [wk(1)]   ; xmm5=tmp7
-
-    paddw       xmm7, xmm0              ; xmm7=tmp10
-    paddw       xmm0, xmm1              ; xmm0=tmp11
-    paddw       xmm1, xmm5              ; xmm1=tmp12, xmm5=tmp7
-
-    psllw       xmm7, PRE_MULTIPLY_SCALE_BITS
-    psllw       xmm1, PRE_MULTIPLY_SCALE_BITS
-
-    psllw       xmm0, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      xmm0, [GOTOFF(ebx,PW_F0707)]  ; xmm0=z3
-
-    movdqa      xmm4, xmm7                    ; xmm4=tmp10
-    psubw       xmm7, xmm1
-    pmulhw      xmm7, [GOTOFF(ebx,PW_F0382)]  ; xmm7=z5
-    pmulhw      xmm4, [GOTOFF(ebx,PW_F0541)]  ; xmm4=MULTIPLY(tmp10,FIX_0_541196)
-    pmulhw      xmm1, [GOTOFF(ebx,PW_F1306)]  ; xmm1=MULTIPLY(tmp12,FIX_1_306562)
-    paddw       xmm4, xmm7                    ; xmm4=z2
-    paddw       xmm1, xmm7                    ; xmm1=z4
-
-    movdqa      xmm3, xmm5
-    psubw       xmm5, xmm0              ; xmm5=z13
-    paddw       xmm3, xmm0              ; xmm3=z11
-
-    movdqa      xmm6, xmm5
-    movdqa      xmm2, xmm3
-    psubw       xmm5, xmm4              ; xmm5=data3
-    psubw       xmm3, xmm1              ; xmm3=data7
-    paddw       xmm6, xmm4              ; xmm6=data5
-    paddw       xmm2, xmm1              ; xmm2=data1
-
-    movdqa      XMMWORD [XMMBLOCK(3,0,edx,SIZEOF_DCTELEM)], xmm5
-    movdqa      XMMWORD [XMMBLOCK(7,0,edx,SIZEOF_DCTELEM)], xmm3
-    movdqa      XMMWORD [XMMBLOCK(5,0,edx,SIZEOF_DCTELEM)], xmm6
-    movdqa      XMMWORD [XMMBLOCK(1,0,edx,SIZEOF_DCTELEM)], xmm2
-
-;   pop         edi                     ; unused
-;   pop         esi                     ; unused
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; unused
-    poppic      ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctint-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctint-avx2.asm
deleted file mode 100644
index 23cf733..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctint-avx2.asm
+++ /dev/null
@@ -1,331 +0,0 @@
-;
-; jfdctint.asm - accurate integer FDCT (AVX2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, 2018, 2020, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a slower but more accurate integer implementation of the
-; forward DCT (Discrete Cosine Transform). The following code is based
-; directly on the IJG's original jfdctint.c; see the jfdctint.c for
-; more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%define CONST_BITS  13
-%define PASS1_BITS  2
-
-%define DESCALE_P1  (CONST_BITS - PASS1_BITS)
-%define DESCALE_P2  (CONST_BITS + PASS1_BITS)
-
-%if CONST_BITS == 13
-F_0_298 equ  2446  ; FIX(0.298631336)
-F_0_390 equ  3196  ; FIX(0.390180644)
-F_0_541 equ  4433  ; FIX(0.541196100)
-F_0_765 equ  6270  ; FIX(0.765366865)
-F_0_899 equ  7373  ; FIX(0.899976223)
-F_1_175 equ  9633  ; FIX(1.175875602)
-F_1_501 equ 12299  ; FIX(1.501321110)
-F_1_847 equ 15137  ; FIX(1.847759065)
-F_1_961 equ 16069  ; FIX(1.961570560)
-F_2_053 equ 16819  ; FIX(2.053119869)
-F_2_562 equ 20995  ; FIX(2.562915447)
-F_3_072 equ 25172  ; FIX(3.072711026)
-%else
-; NASM cannot do compile-time arithmetic on floating-point constants.
-%define DESCALE(x, n)  (((x) + (1 << ((n) - 1))) >> (n))
-F_0_298 equ DESCALE( 320652955, 30 - CONST_BITS)  ; FIX(0.298631336)
-F_0_390 equ DESCALE( 418953276, 30 - CONST_BITS)  ; FIX(0.390180644)
-F_0_541 equ DESCALE( 581104887, 30 - CONST_BITS)  ; FIX(0.541196100)
-F_0_765 equ DESCALE( 821806413, 30 - CONST_BITS)  ; FIX(0.765366865)
-F_0_899 equ DESCALE( 966342111, 30 - CONST_BITS)  ; FIX(0.899976223)
-F_1_175 equ DESCALE(1262586813, 30 - CONST_BITS)  ; FIX(1.175875602)
-F_1_501 equ DESCALE(1612031267, 30 - CONST_BITS)  ; FIX(1.501321110)
-F_1_847 equ DESCALE(1984016188, 30 - CONST_BITS)  ; FIX(1.847759065)
-F_1_961 equ DESCALE(2106220350, 30 - CONST_BITS)  ; FIX(1.961570560)
-F_2_053 equ DESCALE(2204520673, 30 - CONST_BITS)  ; FIX(2.053119869)
-F_2_562 equ DESCALE(2751909506, 30 - CONST_BITS)  ; FIX(2.562915447)
-F_3_072 equ DESCALE(3299298341, 30 - CONST_BITS)  ; FIX(3.072711026)
-%endif
-
-; --------------------------------------------------------------------------
-; In-place 8x8x16-bit matrix transpose using AVX2 instructions
-; %1-%4: Input/output registers
-; %5-%8: Temp registers
-
-%macro dotranspose 8
-    ; %1=(00 01 02 03 04 05 06 07  40 41 42 43 44 45 46 47)
-    ; %2=(10 11 12 13 14 15 16 17  50 51 52 53 54 55 56 57)
-    ; %3=(20 21 22 23 24 25 26 27  60 61 62 63 64 65 66 67)
-    ; %4=(30 31 32 33 34 35 36 37  70 71 72 73 74 75 76 77)
-
-    vpunpcklwd  %5, %1, %2
-    vpunpckhwd  %6, %1, %2
-    vpunpcklwd  %7, %3, %4
-    vpunpckhwd  %8, %3, %4
-    ; transpose coefficients(phase 1)
-    ; %5=(00 10 01 11 02 12 03 13  40 50 41 51 42 52 43 53)
-    ; %6=(04 14 05 15 06 16 07 17  44 54 45 55 46 56 47 57)
-    ; %7=(20 30 21 31 22 32 23 33  60 70 61 71 62 72 63 73)
-    ; %8=(24 34 25 35 26 36 27 37  64 74 65 75 66 76 67 77)
-
-    vpunpckldq  %1, %5, %7
-    vpunpckhdq  %2, %5, %7
-    vpunpckldq  %3, %6, %8
-    vpunpckhdq  %4, %6, %8
-    ; transpose coefficients(phase 2)
-    ; %1=(00 10 20 30 01 11 21 31  40 50 60 70 41 51 61 71)
-    ; %2=(02 12 22 32 03 13 23 33  42 52 62 72 43 53 63 73)
-    ; %3=(04 14 24 34 05 15 25 35  44 54 64 74 45 55 65 75)
-    ; %4=(06 16 26 36 07 17 27 37  46 56 66 76 47 57 67 77)
-
-    vpermq      %1, %1, 0x8D
-    vpermq      %2, %2, 0x8D
-    vpermq      %3, %3, 0xD8
-    vpermq      %4, %4, 0xD8
-    ; transpose coefficients(phase 3)
-    ; %1=(01 11 21 31 41 51 61 71  00 10 20 30 40 50 60 70)
-    ; %2=(03 13 23 33 43 53 63 73  02 12 22 32 42 52 62 72)
-    ; %3=(04 14 24 34 44 54 64 74  05 15 25 35 45 55 65 75)
-    ; %4=(06 16 26 36 46 56 66 76  07 17 27 37 47 57 67 77)
-%endmacro
-
-; --------------------------------------------------------------------------
-; In-place 8x8x16-bit accurate integer forward DCT using AVX2 instructions
-; %1-%4: Input/output registers
-; %5-%8: Temp registers
-; %9:    Pass (1 or 2)
-
-%macro dodct 9
-    vpsubw      %5, %1, %4              ; %5=data1_0-data6_7=tmp6_7
-    vpaddw      %6, %1, %4              ; %6=data1_0+data6_7=tmp1_0
-    vpaddw      %7, %2, %3              ; %7=data3_2+data4_5=tmp3_2
-    vpsubw      %8, %2, %3              ; %8=data3_2-data4_5=tmp4_5
-
-    ; -- Even part
-
-    vperm2i128  %6, %6, %6, 0x01        ; %6=tmp0_1
-    vpaddw      %1, %6, %7              ; %1=tmp0_1+tmp3_2=tmp10_11
-    vpsubw      %6, %6, %7              ; %6=tmp0_1-tmp3_2=tmp13_12
-
-    vperm2i128  %7, %1, %1, 0x01        ; %7=tmp11_10
-    vpsignw     %1, %1, [GOTOFF(ebx, PW_1_NEG1)]  ; %1=tmp10_neg11
-    vpaddw      %7, %7, %1              ; %7=(tmp10+tmp11)_(tmp10-tmp11)
-%if %9 == 1
-    vpsllw      %1, %7, PASS1_BITS      ; %1=data0_4
-%else
-    vpaddw      %7, %7, [GOTOFF(ebx, PW_DESCALE_P2X)]
-    vpsraw      %1, %7, PASS1_BITS      ; %1=data0_4
-%endif
-
-    ; (Original)
-    ; z1 = (tmp12 + tmp13) * 0.541196100;
-    ; data2 = z1 + tmp13 * 0.765366865;
-    ; data6 = z1 + tmp12 * -1.847759065;
-    ;
-    ; (This implementation)
-    ; data2 = tmp13 * (0.541196100 + 0.765366865) + tmp12 * 0.541196100;
-    ; data6 = tmp13 * 0.541196100 + tmp12 * (0.541196100 - 1.847759065);
-
-    vperm2i128  %7, %6, %6, 0x01        ; %7=tmp12_13
-    vpunpcklwd  %2, %6, %7
-    vpunpckhwd  %6, %6, %7
-    vpmaddwd    %2, %2, [GOTOFF(ebx, PW_F130_F054_MF130_F054)]  ; %2=data2_6L
-    vpmaddwd    %6, %6, [GOTOFF(ebx, PW_F130_F054_MF130_F054)]  ; %6=data2_6H
-
-    vpaddd      %2, %2, [GOTOFF(ebx, PD_DESCALE_P %+ %9)]
-    vpaddd      %6, %6, [GOTOFF(ebx, PD_DESCALE_P %+ %9)]
-    vpsrad      %2, %2, DESCALE_P %+ %9
-    vpsrad      %6, %6, DESCALE_P %+ %9
-
-    vpackssdw   %3, %2, %6              ; %6=data2_6
-
-    ; -- Odd part
-
-    vpaddw      %7, %8, %5              ; %7=tmp4_5+tmp6_7=z3_4
-
-    ; (Original)
-    ; z5 = (z3 + z4) * 1.175875602;
-    ; z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644;
-    ; z3 += z5;  z4 += z5;
-    ;
-    ; (This implementation)
-    ; z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602;
-    ; z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644);
-
-    vperm2i128  %2, %7, %7, 0x01        ; %2=z4_3
-    vpunpcklwd  %6, %7, %2
-    vpunpckhwd  %7, %7, %2
-    vpmaddwd    %6, %6, [GOTOFF(ebx, PW_MF078_F117_F078_F117)]  ; %6=z3_4L
-    vpmaddwd    %7, %7, [GOTOFF(ebx, PW_MF078_F117_F078_F117)]  ; %7=z3_4H
-
-    ; (Original)
-    ; z1 = tmp4 + tmp7;  z2 = tmp5 + tmp6;
-    ; tmp4 = tmp4 * 0.298631336;  tmp5 = tmp5 * 2.053119869;
-    ; tmp6 = tmp6 * 3.072711026;  tmp7 = tmp7 * 1.501321110;
-    ; z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447;
-    ; data7 = tmp4 + z1 + z3;  data5 = tmp5 + z2 + z4;
-    ; data3 = tmp6 + z2 + z3;  data1 = tmp7 + z1 + z4;
-    ;
-    ; (This implementation)
-    ; tmp4 = tmp4 * (0.298631336 - 0.899976223) + tmp7 * -0.899976223;
-    ; tmp5 = tmp5 * (2.053119869 - 2.562915447) + tmp6 * -2.562915447;
-    ; tmp6 = tmp5 * -2.562915447 + tmp6 * (3.072711026 - 2.562915447);
-    ; tmp7 = tmp4 * -0.899976223 + tmp7 * (1.501321110 - 0.899976223);
-    ; data7 = tmp4 + z3;  data5 = tmp5 + z4;
-    ; data3 = tmp6 + z3;  data1 = tmp7 + z4;
-
-    vperm2i128  %4, %5, %5, 0x01        ; %4=tmp7_6
-    vpunpcklwd  %2, %8, %4
-    vpunpckhwd  %4, %8, %4
-    vpmaddwd    %2, %2, [GOTOFF(ebx, PW_MF060_MF089_MF050_MF256)]  ; %2=tmp4_5L
-    vpmaddwd    %4, %4, [GOTOFF(ebx, PW_MF060_MF089_MF050_MF256)]  ; %4=tmp4_5H
-
-    vpaddd      %2, %2, %6              ; %2=data7_5L
-    vpaddd      %4, %4, %7              ; %4=data7_5H
-
-    vpaddd      %2, %2, [GOTOFF(ebx, PD_DESCALE_P %+ %9)]
-    vpaddd      %4, %4, [GOTOFF(ebx, PD_DESCALE_P %+ %9)]
-    vpsrad      %2, %2, DESCALE_P %+ %9
-    vpsrad      %4, %4, DESCALE_P %+ %9
-
-    vpackssdw   %4, %2, %4              ; %4=data7_5
-
-    vperm2i128  %2, %8, %8, 0x01        ; %2=tmp5_4
-    vpunpcklwd  %8, %5, %2
-    vpunpckhwd  %5, %5, %2
-    vpmaddwd    %8, %8, [GOTOFF(ebx, PW_F050_MF256_F060_MF089)]  ; %8=tmp6_7L
-    vpmaddwd    %5, %5, [GOTOFF(ebx, PW_F050_MF256_F060_MF089)]  ; %5=tmp6_7H
-
-    vpaddd      %8, %8, %6              ; %8=data3_1L
-    vpaddd      %5, %5, %7              ; %5=data3_1H
-
-    vpaddd      %8, %8, [GOTOFF(ebx, PD_DESCALE_P %+ %9)]
-    vpaddd      %5, %5, [GOTOFF(ebx, PD_DESCALE_P %+ %9)]
-    vpsrad      %8, %8, DESCALE_P %+ %9
-    vpsrad      %5, %5, DESCALE_P %+ %9
-
-    vpackssdw   %2, %8, %5              ; %2=data3_1
-%endmacro
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_fdct_islow_avx2)
-
-EXTN(jconst_fdct_islow_avx2):
-
-PW_F130_F054_MF130_F054    times 4  dw  (F_0_541 + F_0_765),  F_0_541
-                           times 4  dw  (F_0_541 - F_1_847),  F_0_541
-PW_MF078_F117_F078_F117    times 4  dw  (F_1_175 - F_1_961),  F_1_175
-                           times 4  dw  (F_1_175 - F_0_390),  F_1_175
-PW_MF060_MF089_MF050_MF256 times 4  dw  (F_0_298 - F_0_899), -F_0_899
-                           times 4  dw  (F_2_053 - F_2_562), -F_2_562
-PW_F050_MF256_F060_MF089   times 4  dw  (F_3_072 - F_2_562), -F_2_562
-                           times 4  dw  (F_1_501 - F_0_899), -F_0_899
-PD_DESCALE_P1              times 8  dd  1 << (DESCALE_P1 - 1)
-PD_DESCALE_P2              times 8  dd  1 << (DESCALE_P2 - 1)
-PW_DESCALE_P2X             times 16 dw  1 << (PASS1_BITS - 1)
-PW_1_NEG1                  times 8  dw  1
-                           times 8  dw -1
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Perform the forward DCT on one block of samples.
-;
-; GLOBAL(void)
-; jsimd_fdct_islow_avx2(DCTELEM *data)
-;
-
-%define data(b)       (b) + 8           ; DCTELEM *data
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_fdct_islow_avx2)
-
-EXTN(jsimd_fdct_islow_avx2):
-    push        ebp
-    mov         ebp, esp
-    pushpic     ebx
-;   push        ecx                     ; unused
-;   push        edx                     ; need not be preserved
-;   push        esi                     ; unused
-;   push        edi                     ; unused
-
-    get_GOT     ebx                     ; get GOT address
-
-    ; ---- Pass 1: process rows.
-
-    mov         edx, POINTER [data(ebp)]  ; (DCTELEM *)
-
-    vmovdqu     ymm4, YMMWORD [YMMBLOCK(0,0,edx,SIZEOF_DCTELEM)]
-    vmovdqu     ymm5, YMMWORD [YMMBLOCK(2,0,edx,SIZEOF_DCTELEM)]
-    vmovdqu     ymm6, YMMWORD [YMMBLOCK(4,0,edx,SIZEOF_DCTELEM)]
-    vmovdqu     ymm7, YMMWORD [YMMBLOCK(6,0,edx,SIZEOF_DCTELEM)]
-    ; ymm4=(00 01 02 03 04 05 06 07  10 11 12 13 14 15 16 17)
-    ; ymm5=(20 21 22 23 24 25 26 27  30 31 32 33 34 35 36 37)
-    ; ymm6=(40 41 42 43 44 45 46 47  50 51 52 53 54 55 56 57)
-    ; ymm7=(60 61 62 63 64 65 66 67  70 71 72 73 74 75 76 77)
-
-    vperm2i128  ymm0, ymm4, ymm6, 0x20
-    vperm2i128  ymm1, ymm4, ymm6, 0x31
-    vperm2i128  ymm2, ymm5, ymm7, 0x20
-    vperm2i128  ymm3, ymm5, ymm7, 0x31
-    ; ymm0=(00 01 02 03 04 05 06 07  40 41 42 43 44 45 46 47)
-    ; ymm1=(10 11 12 13 14 15 16 17  50 51 52 53 54 55 56 57)
-    ; ymm2=(20 21 22 23 24 25 26 27  60 61 62 63 64 65 66 67)
-    ; ymm3=(30 31 32 33 34 35 36 37  70 71 72 73 74 75 76 77)
-
-    dotranspose ymm0, ymm1, ymm2, ymm3, ymm4, ymm5, ymm6, ymm7
-
-    dodct       ymm0, ymm1, ymm2, ymm3, ymm4, ymm5, ymm6, ymm7, 1
-    ; ymm0=data0_4, ymm1=data3_1, ymm2=data2_6, ymm3=data7_5
-
-    ; ---- Pass 2: process columns.
-
-    vperm2i128  ymm4, ymm1, ymm3, 0x20  ; ymm4=data3_7
-    vperm2i128  ymm1, ymm1, ymm3, 0x31  ; ymm1=data1_5
-
-    dotranspose ymm0, ymm1, ymm2, ymm4, ymm3, ymm5, ymm6, ymm7
-
-    dodct       ymm0, ymm1, ymm2, ymm4, ymm3, ymm5, ymm6, ymm7, 2
-    ; ymm0=data0_4, ymm1=data3_1, ymm2=data2_6, ymm4=data7_5
-
-    vperm2i128 ymm3, ymm0, ymm1, 0x30   ; ymm3=data0_1
-    vperm2i128 ymm5, ymm2, ymm1, 0x20   ; ymm5=data2_3
-    vperm2i128 ymm6, ymm0, ymm4, 0x31   ; ymm6=data4_5
-    vperm2i128 ymm7, ymm2, ymm4, 0x21   ; ymm7=data6_7
-
-    vmovdqu     YMMWORD [YMMBLOCK(0,0,edx,SIZEOF_DCTELEM)], ymm3
-    vmovdqu     YMMWORD [YMMBLOCK(2,0,edx,SIZEOF_DCTELEM)], ymm5
-    vmovdqu     YMMWORD [YMMBLOCK(4,0,edx,SIZEOF_DCTELEM)], ymm6
-    vmovdqu     YMMWORD [YMMBLOCK(6,0,edx,SIZEOF_DCTELEM)], ymm7
-
-    vzeroupper
-;   pop         edi                     ; unused
-;   pop         esi                     ; unused
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; unused
-    poppic      ebx
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctint-mmx.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctint-mmx.asm
deleted file mode 100644
index 34a43b9..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctint-mmx.asm
+++ /dev/null
@@ -1,620 +0,0 @@
-;
-; jfdctint.asm - accurate integer FDCT (MMX)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, 2020, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a slower but more accurate integer implementation of the
-; forward DCT (Discrete Cosine Transform). The following code is based
-; directly on the IJG's original jfdctint.c; see the jfdctint.c for
-; more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%define CONST_BITS  13
-%define PASS1_BITS  2
-
-%define DESCALE_P1  (CONST_BITS - PASS1_BITS)
-%define DESCALE_P2  (CONST_BITS + PASS1_BITS)
-
-%if CONST_BITS == 13
-F_0_298 equ  2446  ; FIX(0.298631336)
-F_0_390 equ  3196  ; FIX(0.390180644)
-F_0_541 equ  4433  ; FIX(0.541196100)
-F_0_765 equ  6270  ; FIX(0.765366865)
-F_0_899 equ  7373  ; FIX(0.899976223)
-F_1_175 equ  9633  ; FIX(1.175875602)
-F_1_501 equ 12299  ; FIX(1.501321110)
-F_1_847 equ 15137  ; FIX(1.847759065)
-F_1_961 equ 16069  ; FIX(1.961570560)
-F_2_053 equ 16819  ; FIX(2.053119869)
-F_2_562 equ 20995  ; FIX(2.562915447)
-F_3_072 equ 25172  ; FIX(3.072711026)
-%else
-; NASM cannot do compile-time arithmetic on floating-point constants.
-%define DESCALE(x, n)  (((x) + (1 << ((n) - 1))) >> (n))
-F_0_298 equ DESCALE( 320652955, 30 - CONST_BITS)  ; FIX(0.298631336)
-F_0_390 equ DESCALE( 418953276, 30 - CONST_BITS)  ; FIX(0.390180644)
-F_0_541 equ DESCALE( 581104887, 30 - CONST_BITS)  ; FIX(0.541196100)
-F_0_765 equ DESCALE( 821806413, 30 - CONST_BITS)  ; FIX(0.765366865)
-F_0_899 equ DESCALE( 966342111, 30 - CONST_BITS)  ; FIX(0.899976223)
-F_1_175 equ DESCALE(1262586813, 30 - CONST_BITS)  ; FIX(1.175875602)
-F_1_501 equ DESCALE(1612031267, 30 - CONST_BITS)  ; FIX(1.501321110)
-F_1_847 equ DESCALE(1984016188, 30 - CONST_BITS)  ; FIX(1.847759065)
-F_1_961 equ DESCALE(2106220350, 30 - CONST_BITS)  ; FIX(1.961570560)
-F_2_053 equ DESCALE(2204520673, 30 - CONST_BITS)  ; FIX(2.053119869)
-F_2_562 equ DESCALE(2751909506, 30 - CONST_BITS)  ; FIX(2.562915447)
-F_3_072 equ DESCALE(3299298341, 30 - CONST_BITS)  ; FIX(3.072711026)
-%endif
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_fdct_islow_mmx)
-
-EXTN(jconst_fdct_islow_mmx):
-
-PW_F130_F054   times 2 dw  (F_0_541 + F_0_765),  F_0_541
-PW_F054_MF130  times 2 dw  F_0_541, (F_0_541 - F_1_847)
-PW_MF078_F117  times 2 dw  (F_1_175 - F_1_961),  F_1_175
-PW_F117_F078   times 2 dw  F_1_175, (F_1_175 - F_0_390)
-PW_MF060_MF089 times 2 dw  (F_0_298 - F_0_899), -F_0_899
-PW_MF089_F060  times 2 dw -F_0_899, (F_1_501 - F_0_899)
-PW_MF050_MF256 times 2 dw  (F_2_053 - F_2_562), -F_2_562
-PW_MF256_F050  times 2 dw -F_2_562, (F_3_072 - F_2_562)
-PD_DESCALE_P1  times 2 dd  1 << (DESCALE_P1 - 1)
-PD_DESCALE_P2  times 2 dd  1 << (DESCALE_P2 - 1)
-PW_DESCALE_P2X times 4 dw  1 << (PASS1_BITS - 1)
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Perform the forward DCT on one block of samples.
-;
-; GLOBAL(void)
-; jsimd_fdct_islow_mmx(DCTELEM *data)
-;
-
-%define data(b)       (b) + 8           ; DCTELEM *data
-
-%define original_ebp  ebp + 0
-%define wk(i)         ebp - (WK_NUM - (i)) * SIZEOF_MMWORD  ; mmword wk[WK_NUM]
-%define WK_NUM        2
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_fdct_islow_mmx)
-
-EXTN(jsimd_fdct_islow_mmx):
-    push        ebp
-    mov         eax, esp                    ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_MMWORD)  ; align to 64 bits
-    mov         [esp], eax
-    mov         ebp, esp                    ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-;   push        esi                     ; unused
-;   push        edi                     ; unused
-
-    get_GOT     ebx                     ; get GOT address
-
-    ; ---- Pass 1: process rows.
-
-    mov         edx, POINTER [data(eax)]  ; (DCTELEM *)
-    mov         ecx, DCTSIZE/4
-    alignx      16, 7
-.rowloop:
-
-    movq        mm0, MMWORD [MMBLOCK(2,0,edx,SIZEOF_DCTELEM)]
-    movq        mm1, MMWORD [MMBLOCK(3,0,edx,SIZEOF_DCTELEM)]
-    movq        mm2, MMWORD [MMBLOCK(2,1,edx,SIZEOF_DCTELEM)]
-    movq        mm3, MMWORD [MMBLOCK(3,1,edx,SIZEOF_DCTELEM)]
-
-    ; mm0=(20 21 22 23), mm2=(24 25 26 27)
-    ; mm1=(30 31 32 33), mm3=(34 35 36 37)
-
-    movq        mm4, mm0                ; transpose coefficients(phase 1)
-    punpcklwd   mm0, mm1                ; mm0=(20 30 21 31)
-    punpckhwd   mm4, mm1                ; mm4=(22 32 23 33)
-    movq        mm5, mm2                ; transpose coefficients(phase 1)
-    punpcklwd   mm2, mm3                ; mm2=(24 34 25 35)
-    punpckhwd   mm5, mm3                ; mm5=(26 36 27 37)
-
-    movq        mm6, MMWORD [MMBLOCK(0,0,edx,SIZEOF_DCTELEM)]
-    movq        mm7, MMWORD [MMBLOCK(1,0,edx,SIZEOF_DCTELEM)]
-    movq        mm1, MMWORD [MMBLOCK(0,1,edx,SIZEOF_DCTELEM)]
-    movq        mm3, MMWORD [MMBLOCK(1,1,edx,SIZEOF_DCTELEM)]
-
-    ; mm6=(00 01 02 03), mm1=(04 05 06 07)
-    ; mm7=(10 11 12 13), mm3=(14 15 16 17)
-
-    movq        MMWORD [wk(0)], mm4     ; wk(0)=(22 32 23 33)
-    movq        MMWORD [wk(1)], mm2     ; wk(1)=(24 34 25 35)
-
-    movq        mm4, mm6                ; transpose coefficients(phase 1)
-    punpcklwd   mm6, mm7                ; mm6=(00 10 01 11)
-    punpckhwd   mm4, mm7                ; mm4=(02 12 03 13)
-    movq        mm2, mm1                ; transpose coefficients(phase 1)
-    punpcklwd   mm1, mm3                ; mm1=(04 14 05 15)
-    punpckhwd   mm2, mm3                ; mm2=(06 16 07 17)
-
-    movq        mm7, mm6                ; transpose coefficients(phase 2)
-    punpckldq   mm6, mm0                ; mm6=(00 10 20 30)=data0
-    punpckhdq   mm7, mm0                ; mm7=(01 11 21 31)=data1
-    movq        mm3, mm2                ; transpose coefficients(phase 2)
-    punpckldq   mm2, mm5                ; mm2=(06 16 26 36)=data6
-    punpckhdq   mm3, mm5                ; mm3=(07 17 27 37)=data7
-
-    movq        mm0, mm7
-    movq        mm5, mm6
-    psubw       mm7, mm2                ; mm7=data1-data6=tmp6
-    psubw       mm6, mm3                ; mm6=data0-data7=tmp7
-    paddw       mm0, mm2                ; mm0=data1+data6=tmp1
-    paddw       mm5, mm3                ; mm5=data0+data7=tmp0
-
-    movq        mm2, MMWORD [wk(0)]     ; mm2=(22 32 23 33)
-    movq        mm3, MMWORD [wk(1)]     ; mm3=(24 34 25 35)
-    movq        MMWORD [wk(0)], mm7     ; wk(0)=tmp6
-    movq        MMWORD [wk(1)], mm6     ; wk(1)=tmp7
-
-    movq        mm7, mm4                ; transpose coefficients(phase 2)
-    punpckldq   mm4, mm2                ; mm4=(02 12 22 32)=data2
-    punpckhdq   mm7, mm2                ; mm7=(03 13 23 33)=data3
-    movq        mm6, mm1                ; transpose coefficients(phase 2)
-    punpckldq   mm1, mm3                ; mm1=(04 14 24 34)=data4
-    punpckhdq   mm6, mm3                ; mm6=(05 15 25 35)=data5
-
-    movq        mm2, mm7
-    movq        mm3, mm4
-    paddw       mm7, mm1                ; mm7=data3+data4=tmp3
-    paddw       mm4, mm6                ; mm4=data2+data5=tmp2
-    psubw       mm2, mm1                ; mm2=data3-data4=tmp4
-    psubw       mm3, mm6                ; mm3=data2-data5=tmp5
-
-    ; -- Even part
-
-    movq        mm1, mm5
-    movq        mm6, mm0
-    paddw       mm5, mm7                ; mm5=tmp10
-    paddw       mm0, mm4                ; mm0=tmp11
-    psubw       mm1, mm7                ; mm1=tmp13
-    psubw       mm6, mm4                ; mm6=tmp12
-
-    movq        mm7, mm5
-    paddw       mm5, mm0                ; mm5=tmp10+tmp11
-    psubw       mm7, mm0                ; mm7=tmp10-tmp11
-
-    psllw       mm5, PASS1_BITS         ; mm5=data0
-    psllw       mm7, PASS1_BITS         ; mm7=data4
-
-    movq        MMWORD [MMBLOCK(0,0,edx,SIZEOF_DCTELEM)], mm5
-    movq        MMWORD [MMBLOCK(0,1,edx,SIZEOF_DCTELEM)], mm7
-
-    ; (Original)
-    ; z1 = (tmp12 + tmp13) * 0.541196100;
-    ; data2 = z1 + tmp13 * 0.765366865;
-    ; data6 = z1 + tmp12 * -1.847759065;
-    ;
-    ; (This implementation)
-    ; data2 = tmp13 * (0.541196100 + 0.765366865) + tmp12 * 0.541196100;
-    ; data6 = tmp13 * 0.541196100 + tmp12 * (0.541196100 - 1.847759065);
-
-    movq        mm4, mm1                ; mm1=tmp13
-    movq        mm0, mm1
-    punpcklwd   mm4, mm6                ; mm6=tmp12
-    punpckhwd   mm0, mm6
-    movq        mm1, mm4
-    movq        mm6, mm0
-    pmaddwd     mm4, [GOTOFF(ebx,PW_F130_F054)]   ; mm4=data2L
-    pmaddwd     mm0, [GOTOFF(ebx,PW_F130_F054)]   ; mm0=data2H
-    pmaddwd     mm1, [GOTOFF(ebx,PW_F054_MF130)]  ; mm1=data6L
-    pmaddwd     mm6, [GOTOFF(ebx,PW_F054_MF130)]  ; mm6=data6H
-
-    paddd       mm4, [GOTOFF(ebx,PD_DESCALE_P1)]
-    paddd       mm0, [GOTOFF(ebx,PD_DESCALE_P1)]
-    psrad       mm4, DESCALE_P1
-    psrad       mm0, DESCALE_P1
-    paddd       mm1, [GOTOFF(ebx,PD_DESCALE_P1)]
-    paddd       mm6, [GOTOFF(ebx,PD_DESCALE_P1)]
-    psrad       mm1, DESCALE_P1
-    psrad       mm6, DESCALE_P1
-
-    packssdw    mm4, mm0                ; mm4=data2
-    packssdw    mm1, mm6                ; mm1=data6
-
-    movq        MMWORD [MMBLOCK(2,0,edx,SIZEOF_DCTELEM)], mm4
-    movq        MMWORD [MMBLOCK(2,1,edx,SIZEOF_DCTELEM)], mm1
-
-    ; -- Odd part
-
-    movq        mm5, MMWORD [wk(0)]     ; mm5=tmp6
-    movq        mm7, MMWORD [wk(1)]     ; mm7=tmp7
-
-    movq        mm0, mm2                ; mm2=tmp4
-    movq        mm6, mm3                ; mm3=tmp5
-    paddw       mm0, mm5                ; mm0=z3
-    paddw       mm6, mm7                ; mm6=z4
-
-    ; (Original)
-    ; z5 = (z3 + z4) * 1.175875602;
-    ; z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644;
-    ; z3 += z5;  z4 += z5;
-    ;
-    ; (This implementation)
-    ; z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602;
-    ; z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644);
-
-    movq        mm4, mm0
-    movq        mm1, mm0
-    punpcklwd   mm4, mm6
-    punpckhwd   mm1, mm6
-    movq        mm0, mm4
-    movq        mm6, mm1
-    pmaddwd     mm4, [GOTOFF(ebx,PW_MF078_F117)]  ; mm4=z3L
-    pmaddwd     mm1, [GOTOFF(ebx,PW_MF078_F117)]  ; mm1=z3H
-    pmaddwd     mm0, [GOTOFF(ebx,PW_F117_F078)]   ; mm0=z4L
-    pmaddwd     mm6, [GOTOFF(ebx,PW_F117_F078)]   ; mm6=z4H
-
-    movq        MMWORD [wk(0)], mm4     ; wk(0)=z3L
-    movq        MMWORD [wk(1)], mm1     ; wk(1)=z3H
-
-    ; (Original)
-    ; z1 = tmp4 + tmp7;  z2 = tmp5 + tmp6;
-    ; tmp4 = tmp4 * 0.298631336;  tmp5 = tmp5 * 2.053119869;
-    ; tmp6 = tmp6 * 3.072711026;  tmp7 = tmp7 * 1.501321110;
-    ; z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447;
-    ; data7 = tmp4 + z1 + z3;  data5 = tmp5 + z2 + z4;
-    ; data3 = tmp6 + z2 + z3;  data1 = tmp7 + z1 + z4;
-    ;
-    ; (This implementation)
-    ; tmp4 = tmp4 * (0.298631336 - 0.899976223) + tmp7 * -0.899976223;
-    ; tmp5 = tmp5 * (2.053119869 - 2.562915447) + tmp6 * -2.562915447;
-    ; tmp6 = tmp5 * -2.562915447 + tmp6 * (3.072711026 - 2.562915447);
-    ; tmp7 = tmp4 * -0.899976223 + tmp7 * (1.501321110 - 0.899976223);
-    ; data7 = tmp4 + z3;  data5 = tmp5 + z4;
-    ; data3 = tmp6 + z3;  data1 = tmp7 + z4;
-
-    movq        mm4, mm2
-    movq        mm1, mm2
-    punpcklwd   mm4, mm7
-    punpckhwd   mm1, mm7
-    movq        mm2, mm4
-    movq        mm7, mm1
-    pmaddwd     mm4, [GOTOFF(ebx,PW_MF060_MF089)]  ; mm4=tmp4L
-    pmaddwd     mm1, [GOTOFF(ebx,PW_MF060_MF089)]  ; mm1=tmp4H
-    pmaddwd     mm2, [GOTOFF(ebx,PW_MF089_F060)]   ; mm2=tmp7L
-    pmaddwd     mm7, [GOTOFF(ebx,PW_MF089_F060)]   ; mm7=tmp7H
-
-    paddd       mm4, MMWORD [wk(0)]     ; mm4=data7L
-    paddd       mm1, MMWORD [wk(1)]     ; mm1=data7H
-    paddd       mm2, mm0                ; mm2=data1L
-    paddd       mm7, mm6                ; mm7=data1H
-
-    paddd       mm4, [GOTOFF(ebx,PD_DESCALE_P1)]
-    paddd       mm1, [GOTOFF(ebx,PD_DESCALE_P1)]
-    psrad       mm4, DESCALE_P1
-    psrad       mm1, DESCALE_P1
-    paddd       mm2, [GOTOFF(ebx,PD_DESCALE_P1)]
-    paddd       mm7, [GOTOFF(ebx,PD_DESCALE_P1)]
-    psrad       mm2, DESCALE_P1
-    psrad       mm7, DESCALE_P1
-
-    packssdw    mm4, mm1                ; mm4=data7
-    packssdw    mm2, mm7                ; mm2=data1
-
-    movq        MMWORD [MMBLOCK(3,1,edx,SIZEOF_DCTELEM)], mm4
-    movq        MMWORD [MMBLOCK(1,0,edx,SIZEOF_DCTELEM)], mm2
-
-    movq        mm1, mm3
-    movq        mm7, mm3
-    punpcklwd   mm1, mm5
-    punpckhwd   mm7, mm5
-    movq        mm3, mm1
-    movq        mm5, mm7
-    pmaddwd     mm1, [GOTOFF(ebx,PW_MF050_MF256)]  ; mm1=tmp5L
-    pmaddwd     mm7, [GOTOFF(ebx,PW_MF050_MF256)]  ; mm7=tmp5H
-    pmaddwd     mm3, [GOTOFF(ebx,PW_MF256_F050)]   ; mm3=tmp6L
-    pmaddwd     mm5, [GOTOFF(ebx,PW_MF256_F050)]   ; mm5=tmp6H
-
-    paddd       mm1, mm0                ; mm1=data5L
-    paddd       mm7, mm6                ; mm7=data5H
-    paddd       mm3, MMWORD [wk(0)]     ; mm3=data3L
-    paddd       mm5, MMWORD [wk(1)]     ; mm5=data3H
-
-    paddd       mm1, [GOTOFF(ebx,PD_DESCALE_P1)]
-    paddd       mm7, [GOTOFF(ebx,PD_DESCALE_P1)]
-    psrad       mm1, DESCALE_P1
-    psrad       mm7, DESCALE_P1
-    paddd       mm3, [GOTOFF(ebx,PD_DESCALE_P1)]
-    paddd       mm5, [GOTOFF(ebx,PD_DESCALE_P1)]
-    psrad       mm3, DESCALE_P1
-    psrad       mm5, DESCALE_P1
-
-    packssdw    mm1, mm7                ; mm1=data5
-    packssdw    mm3, mm5                ; mm3=data3
-
-    movq        MMWORD [MMBLOCK(1,1,edx,SIZEOF_DCTELEM)], mm1
-    movq        MMWORD [MMBLOCK(3,0,edx,SIZEOF_DCTELEM)], mm3
-
-    add         edx, byte 4*DCTSIZE*SIZEOF_DCTELEM
-    dec         ecx
-    jnz         near .rowloop
-
-    ; ---- Pass 2: process columns.
-
-    mov         edx, POINTER [data(eax)]  ; (DCTELEM *)
-    mov         ecx, DCTSIZE/4
-    alignx      16, 7
-.columnloop:
-
-    movq        mm0, MMWORD [MMBLOCK(2,0,edx,SIZEOF_DCTELEM)]
-    movq        mm1, MMWORD [MMBLOCK(3,0,edx,SIZEOF_DCTELEM)]
-    movq        mm2, MMWORD [MMBLOCK(6,0,edx,SIZEOF_DCTELEM)]
-    movq        mm3, MMWORD [MMBLOCK(7,0,edx,SIZEOF_DCTELEM)]
-
-    ; mm0=(02 12 22 32), mm2=(42 52 62 72)
-    ; mm1=(03 13 23 33), mm3=(43 53 63 73)
-
-    movq        mm4, mm0                ; transpose coefficients(phase 1)
-    punpcklwd   mm0, mm1                ; mm0=(02 03 12 13)
-    punpckhwd   mm4, mm1                ; mm4=(22 23 32 33)
-    movq        mm5, mm2                ; transpose coefficients(phase 1)
-    punpcklwd   mm2, mm3                ; mm2=(42 43 52 53)
-    punpckhwd   mm5, mm3                ; mm5=(62 63 72 73)
-
-    movq        mm6, MMWORD [MMBLOCK(0,0,edx,SIZEOF_DCTELEM)]
-    movq        mm7, MMWORD [MMBLOCK(1,0,edx,SIZEOF_DCTELEM)]
-    movq        mm1, MMWORD [MMBLOCK(4,0,edx,SIZEOF_DCTELEM)]
-    movq        mm3, MMWORD [MMBLOCK(5,0,edx,SIZEOF_DCTELEM)]
-
-    ; mm6=(00 10 20 30), mm1=(40 50 60 70)
-    ; mm7=(01 11 21 31), mm3=(41 51 61 71)
-
-    movq        MMWORD [wk(0)], mm4     ; wk(0)=(22 23 32 33)
-    movq        MMWORD [wk(1)], mm2     ; wk(1)=(42 43 52 53)
-
-    movq        mm4, mm6                ; transpose coefficients(phase 1)
-    punpcklwd   mm6, mm7                ; mm6=(00 01 10 11)
-    punpckhwd   mm4, mm7                ; mm4=(20 21 30 31)
-    movq        mm2, mm1                ; transpose coefficients(phase 1)
-    punpcklwd   mm1, mm3                ; mm1=(40 41 50 51)
-    punpckhwd   mm2, mm3                ; mm2=(60 61 70 71)
-
-    movq        mm7, mm6                ; transpose coefficients(phase 2)
-    punpckldq   mm6, mm0                ; mm6=(00 01 02 03)=data0
-    punpckhdq   mm7, mm0                ; mm7=(10 11 12 13)=data1
-    movq        mm3, mm2                ; transpose coefficients(phase 2)
-    punpckldq   mm2, mm5                ; mm2=(60 61 62 63)=data6
-    punpckhdq   mm3, mm5                ; mm3=(70 71 72 73)=data7
-
-    movq        mm0, mm7
-    movq        mm5, mm6
-    psubw       mm7, mm2                ; mm7=data1-data6=tmp6
-    psubw       mm6, mm3                ; mm6=data0-data7=tmp7
-    paddw       mm0, mm2                ; mm0=data1+data6=tmp1
-    paddw       mm5, mm3                ; mm5=data0+data7=tmp0
-
-    movq        mm2, MMWORD [wk(0)]     ; mm2=(22 23 32 33)
-    movq        mm3, MMWORD [wk(1)]     ; mm3=(42 43 52 53)
-    movq        MMWORD [wk(0)], mm7     ; wk(0)=tmp6
-    movq        MMWORD [wk(1)], mm6     ; wk(1)=tmp7
-
-    movq        mm7, mm4                ; transpose coefficients(phase 2)
-    punpckldq   mm4, mm2                ; mm4=(20 21 22 23)=data2
-    punpckhdq   mm7, mm2                ; mm7=(30 31 32 33)=data3
-    movq        mm6, mm1                ; transpose coefficients(phase 2)
-    punpckldq   mm1, mm3                ; mm1=(40 41 42 43)=data4
-    punpckhdq   mm6, mm3                ; mm6=(50 51 52 53)=data5
-
-    movq        mm2, mm7
-    movq        mm3, mm4
-    paddw       mm7, mm1                ; mm7=data3+data4=tmp3
-    paddw       mm4, mm6                ; mm4=data2+data5=tmp2
-    psubw       mm2, mm1                ; mm2=data3-data4=tmp4
-    psubw       mm3, mm6                ; mm3=data2-data5=tmp5
-
-    ; -- Even part
-
-    movq        mm1, mm5
-    movq        mm6, mm0
-    paddw       mm5, mm7                ; mm5=tmp10
-    paddw       mm0, mm4                ; mm0=tmp11
-    psubw       mm1, mm7                ; mm1=tmp13
-    psubw       mm6, mm4                ; mm6=tmp12
-
-    movq        mm7, mm5
-    paddw       mm5, mm0                ; mm5=tmp10+tmp11
-    psubw       mm7, mm0                ; mm7=tmp10-tmp11
-
-    paddw       mm5, [GOTOFF(ebx,PW_DESCALE_P2X)]
-    paddw       mm7, [GOTOFF(ebx,PW_DESCALE_P2X)]
-    psraw       mm5, PASS1_BITS         ; mm5=data0
-    psraw       mm7, PASS1_BITS         ; mm7=data4
-
-    movq        MMWORD [MMBLOCK(0,0,edx,SIZEOF_DCTELEM)], mm5
-    movq        MMWORD [MMBLOCK(4,0,edx,SIZEOF_DCTELEM)], mm7
-
-    ; (Original)
-    ; z1 = (tmp12 + tmp13) * 0.541196100;
-    ; data2 = z1 + tmp13 * 0.765366865;
-    ; data6 = z1 + tmp12 * -1.847759065;
-    ;
-    ; (This implementation)
-    ; data2 = tmp13 * (0.541196100 + 0.765366865) + tmp12 * 0.541196100;
-    ; data6 = tmp13 * 0.541196100 + tmp12 * (0.541196100 - 1.847759065);
-
-    movq        mm4, mm1                ; mm1=tmp13
-    movq        mm0, mm1
-    punpcklwd   mm4, mm6                ; mm6=tmp12
-    punpckhwd   mm0, mm6
-    movq        mm1, mm4
-    movq        mm6, mm0
-    pmaddwd     mm4, [GOTOFF(ebx,PW_F130_F054)]   ; mm4=data2L
-    pmaddwd     mm0, [GOTOFF(ebx,PW_F130_F054)]   ; mm0=data2H
-    pmaddwd     mm1, [GOTOFF(ebx,PW_F054_MF130)]  ; mm1=data6L
-    pmaddwd     mm6, [GOTOFF(ebx,PW_F054_MF130)]  ; mm6=data6H
-
-    paddd       mm4, [GOTOFF(ebx,PD_DESCALE_P2)]
-    paddd       mm0, [GOTOFF(ebx,PD_DESCALE_P2)]
-    psrad       mm4, DESCALE_P2
-    psrad       mm0, DESCALE_P2
-    paddd       mm1, [GOTOFF(ebx,PD_DESCALE_P2)]
-    paddd       mm6, [GOTOFF(ebx,PD_DESCALE_P2)]
-    psrad       mm1, DESCALE_P2
-    psrad       mm6, DESCALE_P2
-
-    packssdw    mm4, mm0                ; mm4=data2
-    packssdw    mm1, mm6                ; mm1=data6
-
-    movq        MMWORD [MMBLOCK(2,0,edx,SIZEOF_DCTELEM)], mm4
-    movq        MMWORD [MMBLOCK(6,0,edx,SIZEOF_DCTELEM)], mm1
-
-    ; -- Odd part
-
-    movq        mm5, MMWORD [wk(0)]     ; mm5=tmp6
-    movq        mm7, MMWORD [wk(1)]     ; mm7=tmp7
-
-    movq        mm0, mm2                ; mm2=tmp4
-    movq        mm6, mm3                ; mm3=tmp5
-    paddw       mm0, mm5                ; mm0=z3
-    paddw       mm6, mm7                ; mm6=z4
-
-    ; (Original)
-    ; z5 = (z3 + z4) * 1.175875602;
-    ; z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644;
-    ; z3 += z5;  z4 += z5;
-    ;
-    ; (This implementation)
-    ; z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602;
-    ; z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644);
-
-    movq        mm4, mm0
-    movq        mm1, mm0
-    punpcklwd   mm4, mm6
-    punpckhwd   mm1, mm6
-    movq        mm0, mm4
-    movq        mm6, mm1
-    pmaddwd     mm4, [GOTOFF(ebx,PW_MF078_F117)]  ; mm4=z3L
-    pmaddwd     mm1, [GOTOFF(ebx,PW_MF078_F117)]  ; mm1=z3H
-    pmaddwd     mm0, [GOTOFF(ebx,PW_F117_F078)]   ; mm0=z4L
-    pmaddwd     mm6, [GOTOFF(ebx,PW_F117_F078)]   ; mm6=z4H
-
-    movq        MMWORD [wk(0)], mm4     ; wk(0)=z3L
-    movq        MMWORD [wk(1)], mm1     ; wk(1)=z3H
-
-    ; (Original)
-    ; z1 = tmp4 + tmp7;  z2 = tmp5 + tmp6;
-    ; tmp4 = tmp4 * 0.298631336;  tmp5 = tmp5 * 2.053119869;
-    ; tmp6 = tmp6 * 3.072711026;  tmp7 = tmp7 * 1.501321110;
-    ; z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447;
-    ; data7 = tmp4 + z1 + z3;  data5 = tmp5 + z2 + z4;
-    ; data3 = tmp6 + z2 + z3;  data1 = tmp7 + z1 + z4;
-    ;
-    ; (This implementation)
-    ; tmp4 = tmp4 * (0.298631336 - 0.899976223) + tmp7 * -0.899976223;
-    ; tmp5 = tmp5 * (2.053119869 - 2.562915447) + tmp6 * -2.562915447;
-    ; tmp6 = tmp5 * -2.562915447 + tmp6 * (3.072711026 - 2.562915447);
-    ; tmp7 = tmp4 * -0.899976223 + tmp7 * (1.501321110 - 0.899976223);
-    ; data7 = tmp4 + z3;  data5 = tmp5 + z4;
-    ; data3 = tmp6 + z3;  data1 = tmp7 + z4;
-
-    movq        mm4, mm2
-    movq        mm1, mm2
-    punpcklwd   mm4, mm7
-    punpckhwd   mm1, mm7
-    movq        mm2, mm4
-    movq        mm7, mm1
-    pmaddwd     mm4, [GOTOFF(ebx,PW_MF060_MF089)]  ; mm4=tmp4L
-    pmaddwd     mm1, [GOTOFF(ebx,PW_MF060_MF089)]  ; mm1=tmp4H
-    pmaddwd     mm2, [GOTOFF(ebx,PW_MF089_F060)]   ; mm2=tmp7L
-    pmaddwd     mm7, [GOTOFF(ebx,PW_MF089_F060)]   ; mm7=tmp7H
-
-    paddd       mm4, MMWORD [wk(0)]     ; mm4=data7L
-    paddd       mm1, MMWORD [wk(1)]     ; mm1=data7H
-    paddd       mm2, mm0                ; mm2=data1L
-    paddd       mm7, mm6                ; mm7=data1H
-
-    paddd       mm4, [GOTOFF(ebx,PD_DESCALE_P2)]
-    paddd       mm1, [GOTOFF(ebx,PD_DESCALE_P2)]
-    psrad       mm4, DESCALE_P2
-    psrad       mm1, DESCALE_P2
-    paddd       mm2, [GOTOFF(ebx,PD_DESCALE_P2)]
-    paddd       mm7, [GOTOFF(ebx,PD_DESCALE_P2)]
-    psrad       mm2, DESCALE_P2
-    psrad       mm7, DESCALE_P2
-
-    packssdw    mm4, mm1                ; mm4=data7
-    packssdw    mm2, mm7                ; mm2=data1
-
-    movq        MMWORD [MMBLOCK(7,0,edx,SIZEOF_DCTELEM)], mm4
-    movq        MMWORD [MMBLOCK(1,0,edx,SIZEOF_DCTELEM)], mm2
-
-    movq        mm1, mm3
-    movq        mm7, mm3
-    punpcklwd   mm1, mm5
-    punpckhwd   mm7, mm5
-    movq        mm3, mm1
-    movq        mm5, mm7
-    pmaddwd     mm1, [GOTOFF(ebx,PW_MF050_MF256)]  ; mm1=tmp5L
-    pmaddwd     mm7, [GOTOFF(ebx,PW_MF050_MF256)]  ; mm7=tmp5H
-    pmaddwd     mm3, [GOTOFF(ebx,PW_MF256_F050)]   ; mm3=tmp6L
-    pmaddwd     mm5, [GOTOFF(ebx,PW_MF256_F050)]   ; mm5=tmp6H
-
-    paddd       mm1, mm0                ; mm1=data5L
-    paddd       mm7, mm6                ; mm7=data5H
-    paddd       mm3, MMWORD [wk(0)]     ; mm3=data3L
-    paddd       mm5, MMWORD [wk(1)]     ; mm5=data3H
-
-    paddd       mm1, [GOTOFF(ebx,PD_DESCALE_P2)]
-    paddd       mm7, [GOTOFF(ebx,PD_DESCALE_P2)]
-    psrad       mm1, DESCALE_P2
-    psrad       mm7, DESCALE_P2
-    paddd       mm3, [GOTOFF(ebx,PD_DESCALE_P2)]
-    paddd       mm5, [GOTOFF(ebx,PD_DESCALE_P2)]
-    psrad       mm3, DESCALE_P2
-    psrad       mm5, DESCALE_P2
-
-    packssdw    mm1, mm7                ; mm1=data5
-    packssdw    mm3, mm5                ; mm3=data3
-
-    movq        MMWORD [MMBLOCK(5,0,edx,SIZEOF_DCTELEM)], mm1
-    movq        MMWORD [MMBLOCK(3,0,edx,SIZEOF_DCTELEM)], mm3
-
-    add         edx, byte 4*SIZEOF_DCTELEM
-    dec         ecx
-    jnz         near .columnloop
-
-    emms                                ; empty MMX state
-
-;   pop         edi                     ; unused
-;   pop         esi                     ; unused
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    poppic      ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctint-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctint-sse2.asm
deleted file mode 100644
index 6f8e18c..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jfdctint-sse2.asm
+++ /dev/null
@@ -1,633 +0,0 @@
-;
-; jfdctint.asm - accurate integer FDCT (SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, 2020, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a slower but more accurate integer implementation of the
-; forward DCT (Discrete Cosine Transform). The following code is based
-; directly on the IJG's original jfdctint.c; see the jfdctint.c for
-; more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%define CONST_BITS  13
-%define PASS1_BITS  2
-
-%define DESCALE_P1  (CONST_BITS - PASS1_BITS)
-%define DESCALE_P2  (CONST_BITS + PASS1_BITS)
-
-%if CONST_BITS == 13
-F_0_298 equ  2446  ; FIX(0.298631336)
-F_0_390 equ  3196  ; FIX(0.390180644)
-F_0_541 equ  4433  ; FIX(0.541196100)
-F_0_765 equ  6270  ; FIX(0.765366865)
-F_0_899 equ  7373  ; FIX(0.899976223)
-F_1_175 equ  9633  ; FIX(1.175875602)
-F_1_501 equ 12299  ; FIX(1.501321110)
-F_1_847 equ 15137  ; FIX(1.847759065)
-F_1_961 equ 16069  ; FIX(1.961570560)
-F_2_053 equ 16819  ; FIX(2.053119869)
-F_2_562 equ 20995  ; FIX(2.562915447)
-F_3_072 equ 25172  ; FIX(3.072711026)
-%else
-; NASM cannot do compile-time arithmetic on floating-point constants.
-%define DESCALE(x, n)  (((x) + (1 << ((n) - 1))) >> (n))
-F_0_298 equ DESCALE( 320652955, 30 - CONST_BITS)  ; FIX(0.298631336)
-F_0_390 equ DESCALE( 418953276, 30 - CONST_BITS)  ; FIX(0.390180644)
-F_0_541 equ DESCALE( 581104887, 30 - CONST_BITS)  ; FIX(0.541196100)
-F_0_765 equ DESCALE( 821806413, 30 - CONST_BITS)  ; FIX(0.765366865)
-F_0_899 equ DESCALE( 966342111, 30 - CONST_BITS)  ; FIX(0.899976223)
-F_1_175 equ DESCALE(1262586813, 30 - CONST_BITS)  ; FIX(1.175875602)
-F_1_501 equ DESCALE(1612031267, 30 - CONST_BITS)  ; FIX(1.501321110)
-F_1_847 equ DESCALE(1984016188, 30 - CONST_BITS)  ; FIX(1.847759065)
-F_1_961 equ DESCALE(2106220350, 30 - CONST_BITS)  ; FIX(1.961570560)
-F_2_053 equ DESCALE(2204520673, 30 - CONST_BITS)  ; FIX(2.053119869)
-F_2_562 equ DESCALE(2751909506, 30 - CONST_BITS)  ; FIX(2.562915447)
-F_3_072 equ DESCALE(3299298341, 30 - CONST_BITS)  ; FIX(3.072711026)
-%endif
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_fdct_islow_sse2)
-
-EXTN(jconst_fdct_islow_sse2):
-
-PW_F130_F054   times 4 dw  (F_0_541 + F_0_765),  F_0_541
-PW_F054_MF130  times 4 dw  F_0_541, (F_0_541 - F_1_847)
-PW_MF078_F117  times 4 dw  (F_1_175 - F_1_961),  F_1_175
-PW_F117_F078   times 4 dw  F_1_175, (F_1_175 - F_0_390)
-PW_MF060_MF089 times 4 dw  (F_0_298 - F_0_899), -F_0_899
-PW_MF089_F060  times 4 dw -F_0_899, (F_1_501 - F_0_899)
-PW_MF050_MF256 times 4 dw  (F_2_053 - F_2_562), -F_2_562
-PW_MF256_F050  times 4 dw -F_2_562, (F_3_072 - F_2_562)
-PD_DESCALE_P1  times 4 dd  1 << (DESCALE_P1 - 1)
-PD_DESCALE_P2  times 4 dd  1 << (DESCALE_P2 - 1)
-PW_DESCALE_P2X times 8 dw  1 << (PASS1_BITS - 1)
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Perform the forward DCT on one block of samples.
-;
-; GLOBAL(void)
-; jsimd_fdct_islow_sse2(DCTELEM *data)
-;
-
-%define data(b)       (b) + 8           ; DCTELEM *data
-
-%define original_ebp  ebp + 0
-%define wk(i)         ebp - (WK_NUM - (i)) * SIZEOF_XMMWORD
-                                        ; xmmword wk[WK_NUM]
-%define WK_NUM        6
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_fdct_islow_sse2)
-
-EXTN(jsimd_fdct_islow_sse2):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     ebx
-;   push        ecx                     ; unused
-;   push        edx                     ; need not be preserved
-;   push        esi                     ; unused
-;   push        edi                     ; unused
-
-    get_GOT     ebx                     ; get GOT address
-
-    ; ---- Pass 1: process rows.
-
-    mov         edx, POINTER [data(eax)]  ; (DCTELEM *)
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_DCTELEM)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(1,0,edx,SIZEOF_DCTELEM)]
-    movdqa      xmm2, XMMWORD [XMMBLOCK(2,0,edx,SIZEOF_DCTELEM)]
-    movdqa      xmm3, XMMWORD [XMMBLOCK(3,0,edx,SIZEOF_DCTELEM)]
-
-    ; xmm0=(00 01 02 03 04 05 06 07), xmm2=(20 21 22 23 24 25 26 27)
-    ; xmm1=(10 11 12 13 14 15 16 17), xmm3=(30 31 32 33 34 35 36 37)
-
-    movdqa      xmm4, xmm0              ; transpose coefficients(phase 1)
-    punpcklwd   xmm0, xmm1              ; xmm0=(00 10 01 11 02 12 03 13)
-    punpckhwd   xmm4, xmm1              ; xmm4=(04 14 05 15 06 16 07 17)
-    movdqa      xmm5, xmm2              ; transpose coefficients(phase 1)
-    punpcklwd   xmm2, xmm3              ; xmm2=(20 30 21 31 22 32 23 33)
-    punpckhwd   xmm5, xmm3              ; xmm5=(24 34 25 35 26 36 27 37)
-
-    movdqa      xmm6, XMMWORD [XMMBLOCK(4,0,edx,SIZEOF_DCTELEM)]
-    movdqa      xmm7, XMMWORD [XMMBLOCK(5,0,edx,SIZEOF_DCTELEM)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(6,0,edx,SIZEOF_DCTELEM)]
-    movdqa      xmm3, XMMWORD [XMMBLOCK(7,0,edx,SIZEOF_DCTELEM)]
-
-    ; xmm6=( 4 12 20 28 36 44 52 60), xmm1=( 6 14 22 30 38 46 54 62)
-    ; xmm7=( 5 13 21 29 37 45 53 61), xmm3=( 7 15 23 31 39 47 55 63)
-
-    movdqa      XMMWORD [wk(0)], xmm2   ; wk(0)=(20 30 21 31 22 32 23 33)
-    movdqa      XMMWORD [wk(1)], xmm5   ; wk(1)=(24 34 25 35 26 36 27 37)
-
-    movdqa      xmm2, xmm6              ; transpose coefficients(phase 1)
-    punpcklwd   xmm6, xmm7              ; xmm6=(40 50 41 51 42 52 43 53)
-    punpckhwd   xmm2, xmm7              ; xmm2=(44 54 45 55 46 56 47 57)
-    movdqa      xmm5, xmm1              ; transpose coefficients(phase 1)
-    punpcklwd   xmm1, xmm3              ; xmm1=(60 70 61 71 62 72 63 73)
-    punpckhwd   xmm5, xmm3              ; xmm5=(64 74 65 75 66 76 67 77)
-
-    movdqa      xmm7, xmm6              ; transpose coefficients(phase 2)
-    punpckldq   xmm6, xmm1              ; xmm6=(40 50 60 70 41 51 61 71)
-    punpckhdq   xmm7, xmm1              ; xmm7=(42 52 62 72 43 53 63 73)
-    movdqa      xmm3, xmm2              ; transpose coefficients(phase 2)
-    punpckldq   xmm2, xmm5              ; xmm2=(44 54 64 74 45 55 65 75)
-    punpckhdq   xmm3, xmm5              ; xmm3=(46 56 66 76 47 57 67 77)
-
-    movdqa      xmm1, XMMWORD [wk(0)]   ; xmm1=(20 30 21 31 22 32 23 33)
-    movdqa      xmm5, XMMWORD [wk(1)]   ; xmm5=(24 34 25 35 26 36 27 37)
-    movdqa      XMMWORD [wk(2)], xmm7   ; wk(2)=(42 52 62 72 43 53 63 73)
-    movdqa      XMMWORD [wk(3)], xmm2   ; wk(3)=(44 54 64 74 45 55 65 75)
-
-    movdqa      xmm7, xmm0              ; transpose coefficients(phase 2)
-    punpckldq   xmm0, xmm1              ; xmm0=(00 10 20 30 01 11 21 31)
-    punpckhdq   xmm7, xmm1              ; xmm7=(02 12 22 32 03 13 23 33)
-    movdqa      xmm2, xmm4              ; transpose coefficients(phase 2)
-    punpckldq   xmm4, xmm5              ; xmm4=(04 14 24 34 05 15 25 35)
-    punpckhdq   xmm2, xmm5              ; xmm2=(06 16 26 36 07 17 27 37)
-
-    movdqa      xmm1, xmm0              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm0, xmm6              ; xmm0=(00 10 20 30 40 50 60 70)=data0
-    punpckhqdq  xmm1, xmm6              ; xmm1=(01 11 21 31 41 51 61 71)=data1
-    movdqa      xmm5, xmm2              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm2, xmm3              ; xmm2=(06 16 26 36 46 56 66 76)=data6
-    punpckhqdq  xmm5, xmm3              ; xmm5=(07 17 27 37 47 57 67 77)=data7
-
-    movdqa      xmm6, xmm1
-    movdqa      xmm3, xmm0
-    psubw       xmm1, xmm2              ; xmm1=data1-data6=tmp6
-    psubw       xmm0, xmm5              ; xmm0=data0-data7=tmp7
-    paddw       xmm6, xmm2              ; xmm6=data1+data6=tmp1
-    paddw       xmm3, xmm5              ; xmm3=data0+data7=tmp0
-
-    movdqa      xmm2, XMMWORD [wk(2)]   ; xmm2=(42 52 62 72 43 53 63 73)
-    movdqa      xmm5, XMMWORD [wk(3)]   ; xmm5=(44 54 64 74 45 55 65 75)
-    movdqa      XMMWORD [wk(0)], xmm1   ; wk(0)=tmp6
-    movdqa      XMMWORD [wk(1)], xmm0   ; wk(1)=tmp7
-
-    movdqa      xmm1, xmm7              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm7, xmm2              ; xmm7=(02 12 22 32 42 52 62 72)=data2
-    punpckhqdq  xmm1, xmm2              ; xmm1=(03 13 23 33 43 53 63 73)=data3
-    movdqa      xmm0, xmm4              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm4, xmm5              ; xmm4=(04 14 24 34 44 54 64 74)=data4
-    punpckhqdq  xmm0, xmm5              ; xmm0=(05 15 25 35 45 55 65 75)=data5
-
-    movdqa      xmm2, xmm1
-    movdqa      xmm5, xmm7
-    paddw       xmm1, xmm4              ; xmm1=data3+data4=tmp3
-    paddw       xmm7, xmm0              ; xmm7=data2+data5=tmp2
-    psubw       xmm2, xmm4              ; xmm2=data3-data4=tmp4
-    psubw       xmm5, xmm0              ; xmm5=data2-data5=tmp5
-
-    ; -- Even part
-
-    movdqa      xmm4, xmm3
-    movdqa      xmm0, xmm6
-    paddw       xmm3, xmm1              ; xmm3=tmp10
-    paddw       xmm6, xmm7              ; xmm6=tmp11
-    psubw       xmm4, xmm1              ; xmm4=tmp13
-    psubw       xmm0, xmm7              ; xmm0=tmp12
-
-    movdqa      xmm1, xmm3
-    paddw       xmm3, xmm6              ; xmm3=tmp10+tmp11
-    psubw       xmm1, xmm6              ; xmm1=tmp10-tmp11
-
-    psllw       xmm3, PASS1_BITS        ; xmm3=data0
-    psllw       xmm1, PASS1_BITS        ; xmm1=data4
-
-    movdqa      XMMWORD [wk(2)], xmm3   ; wk(2)=data0
-    movdqa      XMMWORD [wk(3)], xmm1   ; wk(3)=data4
-
-    ; (Original)
-    ; z1 = (tmp12 + tmp13) * 0.541196100;
-    ; data2 = z1 + tmp13 * 0.765366865;
-    ; data6 = z1 + tmp12 * -1.847759065;
-    ;
-    ; (This implementation)
-    ; data2 = tmp13 * (0.541196100 + 0.765366865) + tmp12 * 0.541196100;
-    ; data6 = tmp13 * 0.541196100 + tmp12 * (0.541196100 - 1.847759065);
-
-    movdqa      xmm7, xmm4              ; xmm4=tmp13
-    movdqa      xmm6, xmm4
-    punpcklwd   xmm7, xmm0              ; xmm0=tmp12
-    punpckhwd   xmm6, xmm0
-    movdqa      xmm4, xmm7
-    movdqa      xmm0, xmm6
-    pmaddwd     xmm7, [GOTOFF(ebx,PW_F130_F054)]   ; xmm7=data2L
-    pmaddwd     xmm6, [GOTOFF(ebx,PW_F130_F054)]   ; xmm6=data2H
-    pmaddwd     xmm4, [GOTOFF(ebx,PW_F054_MF130)]  ; xmm4=data6L
-    pmaddwd     xmm0, [GOTOFF(ebx,PW_F054_MF130)]  ; xmm0=data6H
-
-    paddd       xmm7, [GOTOFF(ebx,PD_DESCALE_P1)]
-    paddd       xmm6, [GOTOFF(ebx,PD_DESCALE_P1)]
-    psrad       xmm7, DESCALE_P1
-    psrad       xmm6, DESCALE_P1
-    paddd       xmm4, [GOTOFF(ebx,PD_DESCALE_P1)]
-    paddd       xmm0, [GOTOFF(ebx,PD_DESCALE_P1)]
-    psrad       xmm4, DESCALE_P1
-    psrad       xmm0, DESCALE_P1
-
-    packssdw    xmm7, xmm6              ; xmm7=data2
-    packssdw    xmm4, xmm0              ; xmm4=data6
-
-    movdqa      XMMWORD [wk(4)], xmm7   ; wk(4)=data2
-    movdqa      XMMWORD [wk(5)], xmm4   ; wk(5)=data6
-
-    ; -- Odd part
-
-    movdqa      xmm3, XMMWORD [wk(0)]   ; xmm3=tmp6
-    movdqa      xmm1, XMMWORD [wk(1)]   ; xmm1=tmp7
-
-    movdqa      xmm6, xmm2              ; xmm2=tmp4
-    movdqa      xmm0, xmm5              ; xmm5=tmp5
-    paddw       xmm6, xmm3              ; xmm6=z3
-    paddw       xmm0, xmm1              ; xmm0=z4
-
-    ; (Original)
-    ; z5 = (z3 + z4) * 1.175875602;
-    ; z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644;
-    ; z3 += z5;  z4 += z5;
-    ;
-    ; (This implementation)
-    ; z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602;
-    ; z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644);
-
-    movdqa      xmm7, xmm6
-    movdqa      xmm4, xmm6
-    punpcklwd   xmm7, xmm0
-    punpckhwd   xmm4, xmm0
-    movdqa      xmm6, xmm7
-    movdqa      xmm0, xmm4
-    pmaddwd     xmm7, [GOTOFF(ebx,PW_MF078_F117)]  ; xmm7=z3L
-    pmaddwd     xmm4, [GOTOFF(ebx,PW_MF078_F117)]  ; xmm4=z3H
-    pmaddwd     xmm6, [GOTOFF(ebx,PW_F117_F078)]   ; xmm6=z4L
-    pmaddwd     xmm0, [GOTOFF(ebx,PW_F117_F078)]   ; xmm0=z4H
-
-    movdqa      XMMWORD [wk(0)], xmm7   ; wk(0)=z3L
-    movdqa      XMMWORD [wk(1)], xmm4   ; wk(1)=z3H
-
-    ; (Original)
-    ; z1 = tmp4 + tmp7;  z2 = tmp5 + tmp6;
-    ; tmp4 = tmp4 * 0.298631336;  tmp5 = tmp5 * 2.053119869;
-    ; tmp6 = tmp6 * 3.072711026;  tmp7 = tmp7 * 1.501321110;
-    ; z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447;
-    ; data7 = tmp4 + z1 + z3;  data5 = tmp5 + z2 + z4;
-    ; data3 = tmp6 + z2 + z3;  data1 = tmp7 + z1 + z4;
-    ;
-    ; (This implementation)
-    ; tmp4 = tmp4 * (0.298631336 - 0.899976223) + tmp7 * -0.899976223;
-    ; tmp5 = tmp5 * (2.053119869 - 2.562915447) + tmp6 * -2.562915447;
-    ; tmp6 = tmp5 * -2.562915447 + tmp6 * (3.072711026 - 2.562915447);
-    ; tmp7 = tmp4 * -0.899976223 + tmp7 * (1.501321110 - 0.899976223);
-    ; data7 = tmp4 + z3;  data5 = tmp5 + z4;
-    ; data3 = tmp6 + z3;  data1 = tmp7 + z4;
-
-    movdqa      xmm7, xmm2
-    movdqa      xmm4, xmm2
-    punpcklwd   xmm7, xmm1
-    punpckhwd   xmm4, xmm1
-    movdqa      xmm2, xmm7
-    movdqa      xmm1, xmm4
-    pmaddwd     xmm7, [GOTOFF(ebx,PW_MF060_MF089)]  ; xmm7=tmp4L
-    pmaddwd     xmm4, [GOTOFF(ebx,PW_MF060_MF089)]  ; xmm4=tmp4H
-    pmaddwd     xmm2, [GOTOFF(ebx,PW_MF089_F060)]   ; xmm2=tmp7L
-    pmaddwd     xmm1, [GOTOFF(ebx,PW_MF089_F060)]   ; xmm1=tmp7H
-
-    paddd       xmm7, XMMWORD [wk(0)]   ; xmm7=data7L
-    paddd       xmm4, XMMWORD [wk(1)]   ; xmm4=data7H
-    paddd       xmm2, xmm6              ; xmm2=data1L
-    paddd       xmm1, xmm0              ; xmm1=data1H
-
-    paddd       xmm7, [GOTOFF(ebx,PD_DESCALE_P1)]
-    paddd       xmm4, [GOTOFF(ebx,PD_DESCALE_P1)]
-    psrad       xmm7, DESCALE_P1
-    psrad       xmm4, DESCALE_P1
-    paddd       xmm2, [GOTOFF(ebx,PD_DESCALE_P1)]
-    paddd       xmm1, [GOTOFF(ebx,PD_DESCALE_P1)]
-    psrad       xmm2, DESCALE_P1
-    psrad       xmm1, DESCALE_P1
-
-    packssdw    xmm7, xmm4              ; xmm7=data7
-    packssdw    xmm2, xmm1              ; xmm2=data1
-
-    movdqa      xmm4, xmm5
-    movdqa      xmm1, xmm5
-    punpcklwd   xmm4, xmm3
-    punpckhwd   xmm1, xmm3
-    movdqa      xmm5, xmm4
-    movdqa      xmm3, xmm1
-    pmaddwd     xmm4, [GOTOFF(ebx,PW_MF050_MF256)]  ; xmm4=tmp5L
-    pmaddwd     xmm1, [GOTOFF(ebx,PW_MF050_MF256)]  ; xmm1=tmp5H
-    pmaddwd     xmm5, [GOTOFF(ebx,PW_MF256_F050)]   ; xmm5=tmp6L
-    pmaddwd     xmm3, [GOTOFF(ebx,PW_MF256_F050)]   ; xmm3=tmp6H
-
-    paddd       xmm4, xmm6              ; xmm4=data5L
-    paddd       xmm1, xmm0              ; xmm1=data5H
-    paddd       xmm5, XMMWORD [wk(0)]   ; xmm5=data3L
-    paddd       xmm3, XMMWORD [wk(1)]   ; xmm3=data3H
-
-    paddd       xmm4, [GOTOFF(ebx,PD_DESCALE_P1)]
-    paddd       xmm1, [GOTOFF(ebx,PD_DESCALE_P1)]
-    psrad       xmm4, DESCALE_P1
-    psrad       xmm1, DESCALE_P1
-    paddd       xmm5, [GOTOFF(ebx,PD_DESCALE_P1)]
-    paddd       xmm3, [GOTOFF(ebx,PD_DESCALE_P1)]
-    psrad       xmm5, DESCALE_P1
-    psrad       xmm3, DESCALE_P1
-
-    packssdw    xmm4, xmm1              ; xmm4=data5
-    packssdw    xmm5, xmm3              ; xmm5=data3
-
-    ; ---- Pass 2: process columns.
-
-;   mov         edx, POINTER [data(eax)]  ; (DCTELEM *)
-
-    movdqa      xmm6, XMMWORD [wk(2)]   ; xmm6=col0
-    movdqa      xmm0, XMMWORD [wk(4)]   ; xmm0=col2
-
-    ; xmm6=(00 10 20 30 40 50 60 70), xmm0=(02 12 22 32 42 52 62 72)
-    ; xmm2=(01 11 21 31 41 51 61 71), xmm5=(03 13 23 33 43 53 63 73)
-
-    movdqa      xmm1, xmm6              ; transpose coefficients(phase 1)
-    punpcklwd   xmm6, xmm2              ; xmm6=(00 01 10 11 20 21 30 31)
-    punpckhwd   xmm1, xmm2              ; xmm1=(40 41 50 51 60 61 70 71)
-    movdqa      xmm3, xmm0              ; transpose coefficients(phase 1)
-    punpcklwd   xmm0, xmm5              ; xmm0=(02 03 12 13 22 23 32 33)
-    punpckhwd   xmm3, xmm5              ; xmm3=(42 43 52 53 62 63 72 73)
-
-    movdqa      xmm2, XMMWORD [wk(3)]   ; xmm2=col4
-    movdqa      xmm5, XMMWORD [wk(5)]   ; xmm5=col6
-
-    ; xmm2=(04 14 24 34 44 54 64 74), xmm5=(06 16 26 36 46 56 66 76)
-    ; xmm4=(05 15 25 35 45 55 65 75), xmm7=(07 17 27 37 47 57 67 77)
-
-    movdqa      XMMWORD [wk(0)], xmm0   ; wk(0)=(02 03 12 13 22 23 32 33)
-    movdqa      XMMWORD [wk(1)], xmm3   ; wk(1)=(42 43 52 53 62 63 72 73)
-
-    movdqa      xmm0, xmm2              ; transpose coefficients(phase 1)
-    punpcklwd   xmm2, xmm4              ; xmm2=(04 05 14 15 24 25 34 35)
-    punpckhwd   xmm0, xmm4              ; xmm0=(44 45 54 55 64 65 74 75)
-    movdqa      xmm3, xmm5              ; transpose coefficients(phase 1)
-    punpcklwd   xmm5, xmm7              ; xmm5=(06 07 16 17 26 27 36 37)
-    punpckhwd   xmm3, xmm7              ; xmm3=(46 47 56 57 66 67 76 77)
-
-    movdqa      xmm4, xmm2              ; transpose coefficients(phase 2)
-    punpckldq   xmm2, xmm5              ; xmm2=(04 05 06 07 14 15 16 17)
-    punpckhdq   xmm4, xmm5              ; xmm4=(24 25 26 27 34 35 36 37)
-    movdqa      xmm7, xmm0              ; transpose coefficients(phase 2)
-    punpckldq   xmm0, xmm3              ; xmm0=(44 45 46 47 54 55 56 57)
-    punpckhdq   xmm7, xmm3              ; xmm7=(64 65 66 67 74 75 76 77)
-
-    movdqa      xmm5, XMMWORD [wk(0)]   ; xmm5=(02 03 12 13 22 23 32 33)
-    movdqa      xmm3, XMMWORD [wk(1)]   ; xmm3=(42 43 52 53 62 63 72 73)
-    movdqa      XMMWORD [wk(2)], xmm4   ; wk(2)=(24 25 26 27 34 35 36 37)
-    movdqa      XMMWORD [wk(3)], xmm0   ; wk(3)=(44 45 46 47 54 55 56 57)
-
-    movdqa      xmm4, xmm6              ; transpose coefficients(phase 2)
-    punpckldq   xmm6, xmm5              ; xmm6=(00 01 02 03 10 11 12 13)
-    punpckhdq   xmm4, xmm5              ; xmm4=(20 21 22 23 30 31 32 33)
-    movdqa      xmm0, xmm1              ; transpose coefficients(phase 2)
-    punpckldq   xmm1, xmm3              ; xmm1=(40 41 42 43 50 51 52 53)
-    punpckhdq   xmm0, xmm3              ; xmm0=(60 61 62 63 70 71 72 73)
-
-    movdqa      xmm5, xmm6              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm6, xmm2              ; xmm6=(00 01 02 03 04 05 06 07)=data0
-    punpckhqdq  xmm5, xmm2              ; xmm5=(10 11 12 13 14 15 16 17)=data1
-    movdqa      xmm3, xmm0              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm0, xmm7              ; xmm0=(60 61 62 63 64 65 66 67)=data6
-    punpckhqdq  xmm3, xmm7              ; xmm3=(70 71 72 73 74 75 76 77)=data7
-
-    movdqa      xmm2, xmm5
-    movdqa      xmm7, xmm6
-    psubw       xmm5, xmm0              ; xmm5=data1-data6=tmp6
-    psubw       xmm6, xmm3              ; xmm6=data0-data7=tmp7
-    paddw       xmm2, xmm0              ; xmm2=data1+data6=tmp1
-    paddw       xmm7, xmm3              ; xmm7=data0+data7=tmp0
-
-    movdqa      xmm0, XMMWORD [wk(2)]   ; xmm0=(24 25 26 27 34 35 36 37)
-    movdqa      xmm3, XMMWORD [wk(3)]   ; xmm3=(44 45 46 47 54 55 56 57)
-    movdqa      XMMWORD [wk(0)], xmm5   ; wk(0)=tmp6
-    movdqa      XMMWORD [wk(1)], xmm6   ; wk(1)=tmp7
-
-    movdqa      xmm5, xmm4              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm4, xmm0              ; xmm4=(20 21 22 23 24 25 26 27)=data2
-    punpckhqdq  xmm5, xmm0              ; xmm5=(30 31 32 33 34 35 36 37)=data3
-    movdqa      xmm6, xmm1              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm1, xmm3              ; xmm1=(40 41 42 43 44 45 46 47)=data4
-    punpckhqdq  xmm6, xmm3              ; xmm6=(50 51 52 53 54 55 56 57)=data5
-
-    movdqa      xmm0, xmm5
-    movdqa      xmm3, xmm4
-    paddw       xmm5, xmm1              ; xmm5=data3+data4=tmp3
-    paddw       xmm4, xmm6              ; xmm4=data2+data5=tmp2
-    psubw       xmm0, xmm1              ; xmm0=data3-data4=tmp4
-    psubw       xmm3, xmm6              ; xmm3=data2-data5=tmp5
-
-    ; -- Even part
-
-    movdqa      xmm1, xmm7
-    movdqa      xmm6, xmm2
-    paddw       xmm7, xmm5              ; xmm7=tmp10
-    paddw       xmm2, xmm4              ; xmm2=tmp11
-    psubw       xmm1, xmm5              ; xmm1=tmp13
-    psubw       xmm6, xmm4              ; xmm6=tmp12
-
-    movdqa      xmm5, xmm7
-    paddw       xmm7, xmm2              ; xmm7=tmp10+tmp11
-    psubw       xmm5, xmm2              ; xmm5=tmp10-tmp11
-
-    paddw       xmm7, [GOTOFF(ebx,PW_DESCALE_P2X)]
-    paddw       xmm5, [GOTOFF(ebx,PW_DESCALE_P2X)]
-    psraw       xmm7, PASS1_BITS        ; xmm7=data0
-    psraw       xmm5, PASS1_BITS        ; xmm5=data4
-
-    movdqa      XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_DCTELEM)], xmm7
-    movdqa      XMMWORD [XMMBLOCK(4,0,edx,SIZEOF_DCTELEM)], xmm5
-
-    ; (Original)
-    ; z1 = (tmp12 + tmp13) * 0.541196100;
-    ; data2 = z1 + tmp13 * 0.765366865;
-    ; data6 = z1 + tmp12 * -1.847759065;
-    ;
-    ; (This implementation)
-    ; data2 = tmp13 * (0.541196100 + 0.765366865) + tmp12 * 0.541196100;
-    ; data6 = tmp13 * 0.541196100 + tmp12 * (0.541196100 - 1.847759065);
-
-    movdqa      xmm4, xmm1              ; xmm1=tmp13
-    movdqa      xmm2, xmm1
-    punpcklwd   xmm4, xmm6              ; xmm6=tmp12
-    punpckhwd   xmm2, xmm6
-    movdqa      xmm1, xmm4
-    movdqa      xmm6, xmm2
-    pmaddwd     xmm4, [GOTOFF(ebx,PW_F130_F054)]   ; xmm4=data2L
-    pmaddwd     xmm2, [GOTOFF(ebx,PW_F130_F054)]   ; xmm2=data2H
-    pmaddwd     xmm1, [GOTOFF(ebx,PW_F054_MF130)]  ; xmm1=data6L
-    pmaddwd     xmm6, [GOTOFF(ebx,PW_F054_MF130)]  ; xmm6=data6H
-
-    paddd       xmm4, [GOTOFF(ebx,PD_DESCALE_P2)]
-    paddd       xmm2, [GOTOFF(ebx,PD_DESCALE_P2)]
-    psrad       xmm4, DESCALE_P2
-    psrad       xmm2, DESCALE_P2
-    paddd       xmm1, [GOTOFF(ebx,PD_DESCALE_P2)]
-    paddd       xmm6, [GOTOFF(ebx,PD_DESCALE_P2)]
-    psrad       xmm1, DESCALE_P2
-    psrad       xmm6, DESCALE_P2
-
-    packssdw    xmm4, xmm2              ; xmm4=data2
-    packssdw    xmm1, xmm6              ; xmm1=data6
-
-    movdqa      XMMWORD [XMMBLOCK(2,0,edx,SIZEOF_DCTELEM)], xmm4
-    movdqa      XMMWORD [XMMBLOCK(6,0,edx,SIZEOF_DCTELEM)], xmm1
-
-    ; -- Odd part
-
-    movdqa      xmm7, XMMWORD [wk(0)]   ; xmm7=tmp6
-    movdqa      xmm5, XMMWORD [wk(1)]   ; xmm5=tmp7
-
-    movdqa      xmm2, xmm0              ; xmm0=tmp4
-    movdqa      xmm6, xmm3              ; xmm3=tmp5
-    paddw       xmm2, xmm7              ; xmm2=z3
-    paddw       xmm6, xmm5              ; xmm6=z4
-
-    ; (Original)
-    ; z5 = (z3 + z4) * 1.175875602;
-    ; z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644;
-    ; z3 += z5;  z4 += z5;
-    ;
-    ; (This implementation)
-    ; z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602;
-    ; z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644);
-
-    movdqa      xmm4, xmm2
-    movdqa      xmm1, xmm2
-    punpcklwd   xmm4, xmm6
-    punpckhwd   xmm1, xmm6
-    movdqa      xmm2, xmm4
-    movdqa      xmm6, xmm1
-    pmaddwd     xmm4, [GOTOFF(ebx,PW_MF078_F117)]  ; xmm4=z3L
-    pmaddwd     xmm1, [GOTOFF(ebx,PW_MF078_F117)]  ; xmm1=z3H
-    pmaddwd     xmm2, [GOTOFF(ebx,PW_F117_F078)]   ; xmm2=z4L
-    pmaddwd     xmm6, [GOTOFF(ebx,PW_F117_F078)]   ; xmm6=z4H
-
-    movdqa      XMMWORD [wk(0)], xmm4   ; wk(0)=z3L
-    movdqa      XMMWORD [wk(1)], xmm1   ; wk(1)=z3H
-
-    ; (Original)
-    ; z1 = tmp4 + tmp7;  z2 = tmp5 + tmp6;
-    ; tmp4 = tmp4 * 0.298631336;  tmp5 = tmp5 * 2.053119869;
-    ; tmp6 = tmp6 * 3.072711026;  tmp7 = tmp7 * 1.501321110;
-    ; z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447;
-    ; data7 = tmp4 + z1 + z3;  data5 = tmp5 + z2 + z4;
-    ; data3 = tmp6 + z2 + z3;  data1 = tmp7 + z1 + z4;
-    ;
-    ; (This implementation)
-    ; tmp4 = tmp4 * (0.298631336 - 0.899976223) + tmp7 * -0.899976223;
-    ; tmp5 = tmp5 * (2.053119869 - 2.562915447) + tmp6 * -2.562915447;
-    ; tmp6 = tmp5 * -2.562915447 + tmp6 * (3.072711026 - 2.562915447);
-    ; tmp7 = tmp4 * -0.899976223 + tmp7 * (1.501321110 - 0.899976223);
-    ; data7 = tmp4 + z3;  data5 = tmp5 + z4;
-    ; data3 = tmp6 + z3;  data1 = tmp7 + z4;
-
-    movdqa      xmm4, xmm0
-    movdqa      xmm1, xmm0
-    punpcklwd   xmm4, xmm5
-    punpckhwd   xmm1, xmm5
-    movdqa      xmm0, xmm4
-    movdqa      xmm5, xmm1
-    pmaddwd     xmm4, [GOTOFF(ebx,PW_MF060_MF089)]  ; xmm4=tmp4L
-    pmaddwd     xmm1, [GOTOFF(ebx,PW_MF060_MF089)]  ; xmm1=tmp4H
-    pmaddwd     xmm0, [GOTOFF(ebx,PW_MF089_F060)]   ; xmm0=tmp7L
-    pmaddwd     xmm5, [GOTOFF(ebx,PW_MF089_F060)]   ; xmm5=tmp7H
-
-    paddd       xmm4,  XMMWORD [wk(0)]  ; xmm4=data7L
-    paddd       xmm1,  XMMWORD [wk(1)]  ; xmm1=data7H
-    paddd       xmm0, xmm2              ; xmm0=data1L
-    paddd       xmm5, xmm6              ; xmm5=data1H
-
-    paddd       xmm4, [GOTOFF(ebx,PD_DESCALE_P2)]
-    paddd       xmm1, [GOTOFF(ebx,PD_DESCALE_P2)]
-    psrad       xmm4, DESCALE_P2
-    psrad       xmm1, DESCALE_P2
-    paddd       xmm0, [GOTOFF(ebx,PD_DESCALE_P2)]
-    paddd       xmm5, [GOTOFF(ebx,PD_DESCALE_P2)]
-    psrad       xmm0, DESCALE_P2
-    psrad       xmm5, DESCALE_P2
-
-    packssdw    xmm4, xmm1              ; xmm4=data7
-    packssdw    xmm0, xmm5              ; xmm0=data1
-
-    movdqa      XMMWORD [XMMBLOCK(7,0,edx,SIZEOF_DCTELEM)], xmm4
-    movdqa      XMMWORD [XMMBLOCK(1,0,edx,SIZEOF_DCTELEM)], xmm0
-
-    movdqa      xmm1, xmm3
-    movdqa      xmm5, xmm3
-    punpcklwd   xmm1, xmm7
-    punpckhwd   xmm5, xmm7
-    movdqa      xmm3, xmm1
-    movdqa      xmm7, xmm5
-    pmaddwd     xmm1, [GOTOFF(ebx,PW_MF050_MF256)]  ; xmm1=tmp5L
-    pmaddwd     xmm5, [GOTOFF(ebx,PW_MF050_MF256)]  ; xmm5=tmp5H
-    pmaddwd     xmm3, [GOTOFF(ebx,PW_MF256_F050)]   ; xmm3=tmp6L
-    pmaddwd     xmm7, [GOTOFF(ebx,PW_MF256_F050)]   ; xmm7=tmp6H
-
-    paddd       xmm1, xmm2              ; xmm1=data5L
-    paddd       xmm5, xmm6              ; xmm5=data5H
-    paddd       xmm3, XMMWORD [wk(0)]   ; xmm3=data3L
-    paddd       xmm7, XMMWORD [wk(1)]   ; xmm7=data3H
-
-    paddd       xmm1, [GOTOFF(ebx,PD_DESCALE_P2)]
-    paddd       xmm5, [GOTOFF(ebx,PD_DESCALE_P2)]
-    psrad       xmm1, DESCALE_P2
-    psrad       xmm5, DESCALE_P2
-    paddd       xmm3, [GOTOFF(ebx,PD_DESCALE_P2)]
-    paddd       xmm7, [GOTOFF(ebx,PD_DESCALE_P2)]
-    psrad       xmm3, DESCALE_P2
-    psrad       xmm7, DESCALE_P2
-
-    packssdw    xmm1, xmm5              ; xmm1=data5
-    packssdw    xmm3, xmm7              ; xmm3=data3
-
-    movdqa      XMMWORD [XMMBLOCK(5,0,edx,SIZEOF_DCTELEM)], xmm1
-    movdqa      XMMWORD [XMMBLOCK(3,0,edx,SIZEOF_DCTELEM)], xmm3
-
-;   pop         edi                     ; unused
-;   pop         esi                     ; unused
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; unused
-    poppic      ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctflt-3dn.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctflt-3dn.asm
deleted file mode 100644
index 8795191..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctflt-3dn.asm
+++ /dev/null
@@ -1,451 +0,0 @@
-;
-; jidctflt.asm - floating-point IDCT (3DNow! & MMX)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a floating-point implementation of the inverse DCT
-; (Discrete Cosine Transform). The following code is based directly on
-; the IJG's original jidctflt.c; see the jidctflt.c for more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_idct_float_3dnow)
-
-EXTN(jconst_idct_float_3dnow):
-
-PD_1_414        times 2 dd 1.414213562373095048801689
-PD_1_847        times 2 dd 1.847759065022573512256366
-PD_1_082        times 2 dd 1.082392200292393968799446
-PD_2_613        times 2 dd 2.613125929752753055713286
-PD_RNDINT_MAGIC times 2 dd 100663296.0  ; (float)(0x00C00000 << 3)
-PB_CENTERJSAMP  times 8 db CENTERJSAMPLE
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Perform dequantization and inverse DCT on one block of coefficients.
-;
-; GLOBAL(void)
-; jsimd_idct_float_3dnow(void *dct_table, JCOEFPTR coef_block,
-;                        JSAMPARRAY output_buf, JDIMENSION output_col)
-;
-
-%define dct_table(b)   (b) + 8          ; void *dct_table
-%define coef_block(b)  (b) + 12         ; JCOEFPTR coef_block
-%define output_buf(b)  (b) + 16         ; JSAMPARRAY output_buf
-%define output_col(b)  (b) + 20         ; JDIMENSION output_col
-
-%define original_ebp   ebp + 0
-%define wk(i)          ebp - (WK_NUM - (i)) * SIZEOF_MMWORD
-                                        ; mmword wk[WK_NUM]
-%define WK_NUM         2
-%define workspace      wk(0) - DCTSIZE2 * SIZEOF_FAST_FLOAT
-                                        ; FAST_FLOAT workspace[DCTSIZE2]
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_idct_float_3dnow)
-
-EXTN(jsimd_idct_float_3dnow):
-    push        ebp
-    mov         eax, esp                    ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_MMWORD)  ; align to 64 bits
-    mov         [esp], eax
-    mov         ebp, esp                    ; ebp = aligned ebp
-    lea         esp, [workspace]
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-
-    ; ---- Pass 1: process columns from input, store into work array.
-
-;   mov         eax, [original_ebp]
-    mov         edx, POINTER [dct_table(eax)]    ; quantptr
-    mov         esi, JCOEFPTR [coef_block(eax)]  ; inptr
-    lea         edi, [workspace]                 ; FAST_FLOAT *wsptr
-    mov         ecx, DCTSIZE/2                   ; ctr
-    alignx      16, 7
-.columnloop:
-%ifndef NO_ZERO_COLUMN_TEST_FLOAT_3DNOW
-    mov         eax, dword [DWBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    or          eax, dword [DWBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    jnz         short .columnDCT
-
-    pushpic     ebx                     ; save GOT address
-    mov         ebx, dword [DWBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    mov         eax, dword [DWBLOCK(4,0,esi,SIZEOF_JCOEF)]
-    or          ebx, dword [DWBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    or          eax, dword [DWBLOCK(6,0,esi,SIZEOF_JCOEF)]
-    or          ebx, dword [DWBLOCK(7,0,esi,SIZEOF_JCOEF)]
-    or          eax, ebx
-    poppic      ebx                     ; restore GOT address
-    jnz         short .columnDCT
-
-    ; -- AC terms all zero
-
-    movd        mm0, dword [DWBLOCK(0,0,esi,SIZEOF_JCOEF)]
-
-    punpcklwd   mm0, mm0
-    psrad       mm0, (DWORD_BIT-WORD_BIT)
-    pi2fd       mm0, mm0
-
-    pfmul       mm0, MMWORD [MMBLOCK(0,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-
-    movq        mm1, mm0
-    punpckldq   mm0, mm0
-    punpckhdq   mm1, mm1
-
-    movq        MMWORD [MMBLOCK(0,0,edi,SIZEOF_FAST_FLOAT)], mm0
-    movq        MMWORD [MMBLOCK(0,1,edi,SIZEOF_FAST_FLOAT)], mm0
-    movq        MMWORD [MMBLOCK(0,2,edi,SIZEOF_FAST_FLOAT)], mm0
-    movq        MMWORD [MMBLOCK(0,3,edi,SIZEOF_FAST_FLOAT)], mm0
-    movq        MMWORD [MMBLOCK(1,0,edi,SIZEOF_FAST_FLOAT)], mm1
-    movq        MMWORD [MMBLOCK(1,1,edi,SIZEOF_FAST_FLOAT)], mm1
-    movq        MMWORD [MMBLOCK(1,2,edi,SIZEOF_FAST_FLOAT)], mm1
-    movq        MMWORD [MMBLOCK(1,3,edi,SIZEOF_FAST_FLOAT)], mm1
-    jmp         near .nextcolumn
-    alignx      16, 7
-%endif
-.columnDCT:
-
-    ; -- Even part
-
-    movd        mm0, dword [DWBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    movd        mm1, dword [DWBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    movd        mm2, dword [DWBLOCK(4,0,esi,SIZEOF_JCOEF)]
-    movd        mm3, dword [DWBLOCK(6,0,esi,SIZEOF_JCOEF)]
-
-    punpcklwd   mm0, mm0
-    punpcklwd   mm1, mm1
-    psrad       mm0, (DWORD_BIT-WORD_BIT)
-    psrad       mm1, (DWORD_BIT-WORD_BIT)
-    pi2fd       mm0, mm0
-    pi2fd       mm1, mm1
-
-    pfmul       mm0, MMWORD [MMBLOCK(0,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-    pfmul       mm1, MMWORD [MMBLOCK(2,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-
-    punpcklwd   mm2, mm2
-    punpcklwd   mm3, mm3
-    psrad       mm2, (DWORD_BIT-WORD_BIT)
-    psrad       mm3, (DWORD_BIT-WORD_BIT)
-    pi2fd       mm2, mm2
-    pi2fd       mm3, mm3
-
-    pfmul       mm2, MMWORD [MMBLOCK(4,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-    pfmul       mm3, MMWORD [MMBLOCK(6,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-
-    movq        mm4, mm0
-    movq        mm5, mm1
-    pfsub       mm0, mm2                ; mm0=tmp11
-    pfsub       mm1, mm3
-    pfadd       mm4, mm2                ; mm4=tmp10
-    pfadd       mm5, mm3                ; mm5=tmp13
-
-    pfmul       mm1, [GOTOFF(ebx,PD_1_414)]
-    pfsub       mm1, mm5                ; mm1=tmp12
-
-    movq        mm6, mm4
-    movq        mm7, mm0
-    pfsub       mm4, mm5                ; mm4=tmp3
-    pfsub       mm0, mm1                ; mm0=tmp2
-    pfadd       mm6, mm5                ; mm6=tmp0
-    pfadd       mm7, mm1                ; mm7=tmp1
-
-    movq        MMWORD [wk(1)], mm4     ; tmp3
-    movq        MMWORD [wk(0)], mm0     ; tmp2
-
-    ; -- Odd part
-
-    movd        mm2, dword [DWBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movd        mm3, dword [DWBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    movd        mm5, dword [DWBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    movd        mm1, dword [DWBLOCK(7,0,esi,SIZEOF_JCOEF)]
-
-    punpcklwd   mm2, mm2
-    punpcklwd   mm3, mm3
-    psrad       mm2, (DWORD_BIT-WORD_BIT)
-    psrad       mm3, (DWORD_BIT-WORD_BIT)
-    pi2fd       mm2, mm2
-    pi2fd       mm3, mm3
-
-    pfmul       mm2, MMWORD [MMBLOCK(1,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-    pfmul       mm3, MMWORD [MMBLOCK(3,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-
-    punpcklwd   mm5, mm5
-    punpcklwd   mm1, mm1
-    psrad       mm5, (DWORD_BIT-WORD_BIT)
-    psrad       mm1, (DWORD_BIT-WORD_BIT)
-    pi2fd       mm5, mm5
-    pi2fd       mm1, mm1
-
-    pfmul       mm5, MMWORD [MMBLOCK(5,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-    pfmul       mm1, MMWORD [MMBLOCK(7,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-
-    movq        mm4, mm2
-    movq        mm0, mm5
-    pfadd       mm2, mm1                ; mm2=z11
-    pfadd       mm5, mm3                ; mm5=z13
-    pfsub       mm4, mm1                ; mm4=z12
-    pfsub       mm0, mm3                ; mm0=z10
-
-    movq        mm1, mm2
-    pfsub       mm2, mm5
-    pfadd       mm1, mm5                ; mm1=tmp7
-
-    pfmul       mm2, [GOTOFF(ebx,PD_1_414)]  ; mm2=tmp11
-
-    movq        mm3, mm0
-    pfadd       mm0, mm4
-    pfmul       mm0, [GOTOFF(ebx,PD_1_847)]  ; mm0=z5
-    pfmul       mm3, [GOTOFF(ebx,PD_2_613)]  ; mm3=(z10 * 2.613125930)
-    pfmul       mm4, [GOTOFF(ebx,PD_1_082)]  ; mm4=(z12 * 1.082392200)
-    pfsubr      mm3, mm0                     ; mm3=tmp12
-    pfsub       mm4, mm0                     ; mm4=tmp10
-
-    ; -- Final output stage
-
-    pfsub       mm3, mm1                ; mm3=tmp6
-    movq        mm5, mm6
-    movq        mm0, mm7
-    pfadd       mm6, mm1                ; mm6=data0=(00 01)
-    pfadd       mm7, mm3                ; mm7=data1=(10 11)
-    pfsub       mm5, mm1                ; mm5=data7=(70 71)
-    pfsub       mm0, mm3                ; mm0=data6=(60 61)
-    pfsub       mm2, mm3                ; mm2=tmp5
-
-    movq        mm1, mm6                ; transpose coefficients
-    punpckldq   mm6, mm7                ; mm6=(00 10)
-    punpckhdq   mm1, mm7                ; mm1=(01 11)
-    movq        mm3, mm0                ; transpose coefficients
-    punpckldq   mm0, mm5                ; mm0=(60 70)
-    punpckhdq   mm3, mm5                ; mm3=(61 71)
-
-    movq        MMWORD [MMBLOCK(0,0,edi,SIZEOF_FAST_FLOAT)], mm6
-    movq        MMWORD [MMBLOCK(1,0,edi,SIZEOF_FAST_FLOAT)], mm1
-    movq        MMWORD [MMBLOCK(0,3,edi,SIZEOF_FAST_FLOAT)], mm0
-    movq        MMWORD [MMBLOCK(1,3,edi,SIZEOF_FAST_FLOAT)], mm3
-
-    movq        mm7, MMWORD [wk(0)]     ; mm7=tmp2
-    movq        mm5, MMWORD [wk(1)]     ; mm5=tmp3
-
-    pfadd       mm4, mm2                ; mm4=tmp4
-    movq        mm6, mm7
-    movq        mm1, mm5
-    pfadd       mm7, mm2                ; mm7=data2=(20 21)
-    pfadd       mm5, mm4                ; mm5=data4=(40 41)
-    pfsub       mm6, mm2                ; mm6=data5=(50 51)
-    pfsub       mm1, mm4                ; mm1=data3=(30 31)
-
-    movq        mm0, mm7                ; transpose coefficients
-    punpckldq   mm7, mm1                ; mm7=(20 30)
-    punpckhdq   mm0, mm1                ; mm0=(21 31)
-    movq        mm3, mm5                ; transpose coefficients
-    punpckldq   mm5, mm6                ; mm5=(40 50)
-    punpckhdq   mm3, mm6                ; mm3=(41 51)
-
-    movq        MMWORD [MMBLOCK(0,1,edi,SIZEOF_FAST_FLOAT)], mm7
-    movq        MMWORD [MMBLOCK(1,1,edi,SIZEOF_FAST_FLOAT)], mm0
-    movq        MMWORD [MMBLOCK(0,2,edi,SIZEOF_FAST_FLOAT)], mm5
-    movq        MMWORD [MMBLOCK(1,2,edi,SIZEOF_FAST_FLOAT)], mm3
-
-.nextcolumn:
-    add         esi, byte 2*SIZEOF_JCOEF               ; coef_block
-    add         edx, byte 2*SIZEOF_FLOAT_MULT_TYPE     ; quantptr
-    add         edi, byte 2*DCTSIZE*SIZEOF_FAST_FLOAT  ; wsptr
-    dec         ecx                                    ; ctr
-    jnz         near .columnloop
-
-    ; -- Prefetch the next coefficient block
-
-    prefetch [esi + (DCTSIZE2-8)*SIZEOF_JCOEF + 0*32]
-    prefetch [esi + (DCTSIZE2-8)*SIZEOF_JCOEF + 1*32]
-    prefetch [esi + (DCTSIZE2-8)*SIZEOF_JCOEF + 2*32]
-    prefetch [esi + (DCTSIZE2-8)*SIZEOF_JCOEF + 3*32]
-
-    ; ---- Pass 2: process rows from work array, store into output array.
-
-    mov         eax, [original_ebp]
-    lea         esi, [workspace]                   ; FAST_FLOAT *wsptr
-    mov         edi, JSAMPARRAY [output_buf(eax)]  ; (JSAMPROW *)
-    mov         eax, JDIMENSION [output_col(eax)]
-    mov         ecx, DCTSIZE/2                     ; ctr
-    alignx      16, 7
-.rowloop:
-
-    ; -- Even part
-
-    movq        mm0, MMWORD [MMBLOCK(0,0,esi,SIZEOF_FAST_FLOAT)]
-    movq        mm1, MMWORD [MMBLOCK(2,0,esi,SIZEOF_FAST_FLOAT)]
-    movq        mm2, MMWORD [MMBLOCK(4,0,esi,SIZEOF_FAST_FLOAT)]
-    movq        mm3, MMWORD [MMBLOCK(6,0,esi,SIZEOF_FAST_FLOAT)]
-
-    movq        mm4, mm0
-    movq        mm5, mm1
-    pfsub       mm0, mm2                ; mm0=tmp11
-    pfsub       mm1, mm3
-    pfadd       mm4, mm2                ; mm4=tmp10
-    pfadd       mm5, mm3                ; mm5=tmp13
-
-    pfmul       mm1, [GOTOFF(ebx,PD_1_414)]
-    pfsub       mm1, mm5                ; mm1=tmp12
-
-    movq        mm6, mm4
-    movq        mm7, mm0
-    pfsub       mm4, mm5                ; mm4=tmp3
-    pfsub       mm0, mm1                ; mm0=tmp2
-    pfadd       mm6, mm5                ; mm6=tmp0
-    pfadd       mm7, mm1                ; mm7=tmp1
-
-    movq        MMWORD [wk(1)], mm4     ; tmp3
-    movq        MMWORD [wk(0)], mm0     ; tmp2
-
-    ; -- Odd part
-
-    movq        mm2, MMWORD [MMBLOCK(1,0,esi,SIZEOF_FAST_FLOAT)]
-    movq        mm3, MMWORD [MMBLOCK(3,0,esi,SIZEOF_FAST_FLOAT)]
-    movq        mm5, MMWORD [MMBLOCK(5,0,esi,SIZEOF_FAST_FLOAT)]
-    movq        mm1, MMWORD [MMBLOCK(7,0,esi,SIZEOF_FAST_FLOAT)]
-
-    movq        mm4, mm2
-    movq        mm0, mm5
-    pfadd       mm2, mm1                ; mm2=z11
-    pfadd       mm5, mm3                ; mm5=z13
-    pfsub       mm4, mm1                ; mm4=z12
-    pfsub       mm0, mm3                ; mm0=z10
-
-    movq        mm1, mm2
-    pfsub       mm2, mm5
-    pfadd       mm1, mm5                ; mm1=tmp7
-
-    pfmul       mm2, [GOTOFF(ebx,PD_1_414)]  ; mm2=tmp11
-
-    movq        mm3, mm0
-    pfadd       mm0, mm4
-    pfmul       mm0, [GOTOFF(ebx,PD_1_847)]  ; mm0=z5
-    pfmul       mm3, [GOTOFF(ebx,PD_2_613)]  ; mm3=(z10 * 2.613125930)
-    pfmul       mm4, [GOTOFF(ebx,PD_1_082)]  ; mm4=(z12 * 1.082392200)
-    pfsubr      mm3, mm0                     ; mm3=tmp12
-    pfsub       mm4, mm0                     ; mm4=tmp10
-
-    ; -- Final output stage
-
-    pfsub       mm3, mm1                ; mm3=tmp6
-    movq        mm5, mm6
-    movq        mm0, mm7
-    pfadd       mm6, mm1                ; mm6=data0=(00 10)
-    pfadd       mm7, mm3                ; mm7=data1=(01 11)
-    pfsub       mm5, mm1                ; mm5=data7=(07 17)
-    pfsub       mm0, mm3                ; mm0=data6=(06 16)
-    pfsub       mm2, mm3                ; mm2=tmp5
-
-    movq        mm1, [GOTOFF(ebx,PD_RNDINT_MAGIC)]  ; mm1=[PD_RNDINT_MAGIC]
-    pcmpeqd     mm3, mm3
-    psrld       mm3, WORD_BIT           ; mm3={0xFFFF 0x0000 0xFFFF 0x0000}
-
-    pfadd       mm6, mm1                ; mm6=roundint(data0/8)=(00 ** 10 **)
-    pfadd       mm7, mm1                ; mm7=roundint(data1/8)=(01 ** 11 **)
-    pfadd       mm0, mm1                ; mm0=roundint(data6/8)=(06 ** 16 **)
-    pfadd       mm5, mm1                ; mm5=roundint(data7/8)=(07 ** 17 **)
-
-    pand        mm6, mm3                ; mm6=(00 -- 10 --)
-    pslld       mm7, WORD_BIT           ; mm7=(-- 01 -- 11)
-    pand        mm0, mm3                ; mm0=(06 -- 16 --)
-    pslld       mm5, WORD_BIT           ; mm5=(-- 07 -- 17)
-    por         mm6, mm7                ; mm6=(00 01 10 11)
-    por         mm0, mm5                ; mm0=(06 07 16 17)
-
-    movq        mm1, MMWORD [wk(0)]     ; mm1=tmp2
-    movq        mm3, MMWORD [wk(1)]     ; mm3=tmp3
-
-    pfadd       mm4, mm2                ; mm4=tmp4
-    movq        mm7, mm1
-    movq        mm5, mm3
-    pfadd       mm1, mm2                ; mm1=data2=(02 12)
-    pfadd       mm3, mm4                ; mm3=data4=(04 14)
-    pfsub       mm7, mm2                ; mm7=data5=(05 15)
-    pfsub       mm5, mm4                ; mm5=data3=(03 13)
-
-    movq        mm2, [GOTOFF(ebx,PD_RNDINT_MAGIC)]  ; mm2=[PD_RNDINT_MAGIC]
-    pcmpeqd     mm4, mm4
-    psrld       mm4, WORD_BIT           ; mm4={0xFFFF 0x0000 0xFFFF 0x0000}
-
-    pfadd       mm3, mm2                ; mm3=roundint(data4/8)=(04 ** 14 **)
-    pfadd       mm7, mm2                ; mm7=roundint(data5/8)=(05 ** 15 **)
-    pfadd       mm1, mm2                ; mm1=roundint(data2/8)=(02 ** 12 **)
-    pfadd       mm5, mm2                ; mm5=roundint(data3/8)=(03 ** 13 **)
-
-    pand        mm3, mm4                ; mm3=(04 -- 14 --)
-    pslld       mm7, WORD_BIT           ; mm7=(-- 05 -- 15)
-    pand        mm1, mm4                ; mm1=(02 -- 12 --)
-    pslld       mm5, WORD_BIT           ; mm5=(-- 03 -- 13)
-    por         mm3, mm7                ; mm3=(04 05 14 15)
-    por         mm1, mm5                ; mm1=(02 03 12 13)
-
-    movq        mm2, [GOTOFF(ebx,PB_CENTERJSAMP)]  ; mm2=[PB_CENTERJSAMP]
-
-    packsswb    mm6, mm3                ; mm6=(00 01 10 11 04 05 14 15)
-    packsswb    mm1, mm0                ; mm1=(02 03 12 13 06 07 16 17)
-    paddb       mm6, mm2
-    paddb       mm1, mm2
-
-    movq        mm4, mm6                ; transpose coefficients(phase 2)
-    punpcklwd   mm6, mm1                ; mm6=(00 01 02 03 10 11 12 13)
-    punpckhwd   mm4, mm1                ; mm4=(04 05 06 07 14 15 16 17)
-
-    movq        mm7, mm6                ; transpose coefficients(phase 3)
-    punpckldq   mm6, mm4                ; mm6=(00 01 02 03 04 05 06 07)
-    punpckhdq   mm7, mm4                ; mm7=(10 11 12 13 14 15 16 17)
-
-    pushpic     ebx                     ; save GOT address
-
-    mov         edx, JSAMPROW [edi+0*SIZEOF_JSAMPROW]
-    mov         ebx, JSAMPROW [edi+1*SIZEOF_JSAMPROW]
-    movq        MMWORD [edx+eax*SIZEOF_JSAMPLE], mm6
-    movq        MMWORD [ebx+eax*SIZEOF_JSAMPLE], mm7
-
-    poppic      ebx                     ; restore GOT address
-
-    add         esi, byte 2*SIZEOF_FAST_FLOAT  ; wsptr
-    add         edi, byte 2*SIZEOF_JSAMPROW
-    dec         ecx                            ; ctr
-    jnz         near .rowloop
-
-    femms                               ; empty MMX/3DNow! state
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctflt-sse.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctflt-sse.asm
deleted file mode 100644
index b27ecfd..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctflt-sse.asm
+++ /dev/null
@@ -1,571 +0,0 @@
-;
-; jidctflt.asm - floating-point IDCT (SSE & MMX)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a floating-point implementation of the inverse DCT
-; (Discrete Cosine Transform). The following code is based directly on
-; the IJG's original jidctflt.c; see the jidctflt.c for more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%macro unpcklps2 2  ; %1=(0 1 2 3) / %2=(4 5 6 7) => %1=(0 1 4 5)
-    shufps      %1, %2, 0x44
-%endmacro
-
-%macro unpckhps2 2  ; %1=(0 1 2 3) / %2=(4 5 6 7) => %1=(2 3 6 7)
-    shufps      %1, %2, 0xEE
-%endmacro
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_idct_float_sse)
-
-EXTN(jconst_idct_float_sse):
-
-PD_1_414       times 4 dd  1.414213562373095048801689
-PD_1_847       times 4 dd  1.847759065022573512256366
-PD_1_082       times 4 dd  1.082392200292393968799446
-PD_M2_613      times 4 dd -2.613125929752753055713286
-PD_0_125       times 4 dd  0.125        ; 1/8
-PB_CENTERJSAMP times 8 db  CENTERJSAMPLE
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Perform dequantization and inverse DCT on one block of coefficients.
-;
-; GLOBAL(void)
-; jsimd_idct_float_sse(void *dct_table, JCOEFPTR coef_block,
-;                      JSAMPARRAY output_buf, JDIMENSION output_col)
-;
-
-%define dct_table(b)   (b) + 8          ; void *dct_table
-%define coef_block(b)  (b) + 12         ; JCOEFPTR coef_block
-%define output_buf(b)  (b) + 16         ; JSAMPARRAY output_buf
-%define output_col(b)  (b) + 20         ; JDIMENSION output_col
-
-%define original_ebp   ebp + 0
-%define wk(i)          ebp - (WK_NUM - (i)) * SIZEOF_XMMWORD
-                                        ; xmmword wk[WK_NUM]
-%define WK_NUM         2
-%define workspace      wk(0) - DCTSIZE2 * SIZEOF_FAST_FLOAT
-                                        ; FAST_FLOAT workspace[DCTSIZE2]
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_idct_float_sse)
-
-EXTN(jsimd_idct_float_sse):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    lea         esp, [workspace]
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-
-    ; ---- Pass 1: process columns from input, store into work array.
-
-;   mov         eax, [original_ebp]
-    mov         edx, POINTER [dct_table(eax)]    ; quantptr
-    mov         esi, JCOEFPTR [coef_block(eax)]  ; inptr
-    lea         edi, [workspace]                 ; FAST_FLOAT *wsptr
-    mov         ecx, DCTSIZE/4                   ; ctr
-    alignx      16, 7
-.columnloop:
-%ifndef NO_ZERO_COLUMN_TEST_FLOAT_SSE
-    mov         eax, dword [DWBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    or          eax, dword [DWBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    jnz         near .columnDCT
-
-    movq        mm0, MMWORD [MMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movq        mm1, MMWORD [MMBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    por         mm0, MMWORD [MMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    por         mm1, MMWORD [MMBLOCK(4,0,esi,SIZEOF_JCOEF)]
-    por         mm0, MMWORD [MMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    por         mm1, MMWORD [MMBLOCK(6,0,esi,SIZEOF_JCOEF)]
-    por         mm0, MMWORD [MMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-    por         mm1, mm0
-    packsswb    mm1, mm1
-    movd        eax, mm1
-    test        eax, eax
-    jnz         short .columnDCT
-
-    ; -- AC terms all zero
-
-    movq        mm0, MMWORD [MMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-
-    punpckhwd   mm1, mm0                   ; mm1=(** 02 ** 03)
-    punpcklwd   mm0, mm0                   ; mm0=(00 00 01 01)
-    psrad       mm1, (DWORD_BIT-WORD_BIT)  ; mm1=in0H=(02 03)
-    psrad       mm0, (DWORD_BIT-WORD_BIT)  ; mm0=in0L=(00 01)
-    cvtpi2ps    xmm3, mm1                  ; xmm3=(02 03 ** **)
-    cvtpi2ps    xmm0, mm0                  ; xmm0=(00 01 ** **)
-    movlhps     xmm0, xmm3                 ; xmm0=in0=(00 01 02 03)
-
-    mulps       xmm0, XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-
-    movaps      xmm1, xmm0
-    movaps      xmm2, xmm0
-    movaps      xmm3, xmm0
-
-    shufps      xmm0, xmm0, 0x00        ; xmm0=(00 00 00 00)
-    shufps      xmm1, xmm1, 0x55        ; xmm1=(01 01 01 01)
-    shufps      xmm2, xmm2, 0xAA        ; xmm2=(02 02 02 02)
-    shufps      xmm3, xmm3, 0xFF        ; xmm3=(03 03 03 03)
-
-    movaps      XMMWORD [XMMBLOCK(0,0,edi,SIZEOF_FAST_FLOAT)], xmm0
-    movaps      XMMWORD [XMMBLOCK(0,1,edi,SIZEOF_FAST_FLOAT)], xmm0
-    movaps      XMMWORD [XMMBLOCK(1,0,edi,SIZEOF_FAST_FLOAT)], xmm1
-    movaps      XMMWORD [XMMBLOCK(1,1,edi,SIZEOF_FAST_FLOAT)], xmm1
-    movaps      XMMWORD [XMMBLOCK(2,0,edi,SIZEOF_FAST_FLOAT)], xmm2
-    movaps      XMMWORD [XMMBLOCK(2,1,edi,SIZEOF_FAST_FLOAT)], xmm2
-    movaps      XMMWORD [XMMBLOCK(3,0,edi,SIZEOF_FAST_FLOAT)], xmm3
-    movaps      XMMWORD [XMMBLOCK(3,1,edi,SIZEOF_FAST_FLOAT)], xmm3
-    jmp         near .nextcolumn
-    alignx      16, 7
-%endif
-.columnDCT:
-
-    ; -- Even part
-
-    movq        mm0, MMWORD [MMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    movq        mm1, MMWORD [MMBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    movq        mm2, MMWORD [MMBLOCK(4,0,esi,SIZEOF_JCOEF)]
-    movq        mm3, MMWORD [MMBLOCK(6,0,esi,SIZEOF_JCOEF)]
-
-    punpckhwd   mm4, mm0                ; mm4=(** 02 ** 03)
-    punpcklwd   mm0, mm0                ; mm0=(00 00 01 01)
-    punpckhwd   mm5, mm1                ; mm5=(** 22 ** 23)
-    punpcklwd   mm1, mm1                ; mm1=(20 20 21 21)
-
-    psrad       mm4, (DWORD_BIT-WORD_BIT)  ; mm4=in0H=(02 03)
-    psrad       mm0, (DWORD_BIT-WORD_BIT)  ; mm0=in0L=(00 01)
-    cvtpi2ps    xmm4, mm4                  ; xmm4=(02 03 ** **)
-    cvtpi2ps    xmm0, mm0                  ; xmm0=(00 01 ** **)
-    psrad       mm5, (DWORD_BIT-WORD_BIT)  ; mm5=in2H=(22 23)
-    psrad       mm1, (DWORD_BIT-WORD_BIT)  ; mm1=in2L=(20 21)
-    cvtpi2ps    xmm5, mm5                  ; xmm5=(22 23 ** **)
-    cvtpi2ps    xmm1, mm1                  ; xmm1=(20 21 ** **)
-
-    punpckhwd   mm6, mm2                ; mm6=(** 42 ** 43)
-    punpcklwd   mm2, mm2                ; mm2=(40 40 41 41)
-    punpckhwd   mm7, mm3                ; mm7=(** 62 ** 63)
-    punpcklwd   mm3, mm3                ; mm3=(60 60 61 61)
-
-    psrad       mm6, (DWORD_BIT-WORD_BIT)  ; mm6=in4H=(42 43)
-    psrad       mm2, (DWORD_BIT-WORD_BIT)  ; mm2=in4L=(40 41)
-    cvtpi2ps    xmm6, mm6                  ; xmm6=(42 43 ** **)
-    cvtpi2ps    xmm2, mm2                  ; xmm2=(40 41 ** **)
-    psrad       mm7, (DWORD_BIT-WORD_BIT)  ; mm7=in6H=(62 63)
-    psrad       mm3, (DWORD_BIT-WORD_BIT)  ; mm3=in6L=(60 61)
-    cvtpi2ps    xmm7, mm7                  ; xmm7=(62 63 ** **)
-    cvtpi2ps    xmm3, mm3                  ; xmm3=(60 61 ** **)
-
-    movlhps     xmm0, xmm4              ; xmm0=in0=(00 01 02 03)
-    movlhps     xmm1, xmm5              ; xmm1=in2=(20 21 22 23)
-    mulps       xmm0, XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-    mulps       xmm1, XMMWORD [XMMBLOCK(2,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-
-    movlhps     xmm2, xmm6              ; xmm2=in4=(40 41 42 43)
-    movlhps     xmm3, xmm7              ; xmm3=in6=(60 61 62 63)
-    mulps       xmm2, XMMWORD [XMMBLOCK(4,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-    mulps       xmm3, XMMWORD [XMMBLOCK(6,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-
-    movaps      xmm4, xmm0
-    movaps      xmm5, xmm1
-    subps       xmm0, xmm2              ; xmm0=tmp11
-    subps       xmm1, xmm3
-    addps       xmm4, xmm2              ; xmm4=tmp10
-    addps       xmm5, xmm3              ; xmm5=tmp13
-
-    mulps       xmm1, [GOTOFF(ebx,PD_1_414)]
-    subps       xmm1, xmm5              ; xmm1=tmp12
-
-    movaps      xmm6, xmm4
-    movaps      xmm7, xmm0
-    subps       xmm4, xmm5              ; xmm4=tmp3
-    subps       xmm0, xmm1              ; xmm0=tmp2
-    addps       xmm6, xmm5              ; xmm6=tmp0
-    addps       xmm7, xmm1              ; xmm7=tmp1
-
-    movaps      XMMWORD [wk(1)], xmm4   ; tmp3
-    movaps      XMMWORD [wk(0)], xmm0   ; tmp2
-
-    ; -- Odd part
-
-    movq        mm4, MMWORD [MMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movq        mm0, MMWORD [MMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    movq        mm5, MMWORD [MMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    movq        mm1, MMWORD [MMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-
-    punpckhwd   mm6, mm4                ; mm6=(** 12 ** 13)
-    punpcklwd   mm4, mm4                ; mm4=(10 10 11 11)
-    punpckhwd   mm2, mm0                ; mm2=(** 32 ** 33)
-    punpcklwd   mm0, mm0                ; mm0=(30 30 31 31)
-
-    psrad       mm6, (DWORD_BIT-WORD_BIT)  ; mm6=in1H=(12 13)
-    psrad       mm4, (DWORD_BIT-WORD_BIT)  ; mm4=in1L=(10 11)
-    cvtpi2ps    xmm4, mm6                  ; xmm4=(12 13 ** **)
-    cvtpi2ps    xmm2, mm4                  ; xmm2=(10 11 ** **)
-    psrad       mm2, (DWORD_BIT-WORD_BIT)  ; mm2=in3H=(32 33)
-    psrad       mm0, (DWORD_BIT-WORD_BIT)  ; mm0=in3L=(30 31)
-    cvtpi2ps    xmm0, mm2                  ; xmm0=(32 33 ** **)
-    cvtpi2ps    xmm3, mm0                  ; xmm3=(30 31 ** **)
-
-    punpckhwd   mm7, mm5                ; mm7=(** 52 ** 53)
-    punpcklwd   mm5, mm5                ; mm5=(50 50 51 51)
-    punpckhwd   mm3, mm1                ; mm3=(** 72 ** 73)
-    punpcklwd   mm1, mm1                ; mm1=(70 70 71 71)
-
-    movlhps     xmm2, xmm4              ; xmm2=in1=(10 11 12 13)
-    movlhps     xmm3, xmm0              ; xmm3=in3=(30 31 32 33)
-
-    psrad       mm7, (DWORD_BIT-WORD_BIT)  ; mm7=in5H=(52 53)
-    psrad       mm5, (DWORD_BIT-WORD_BIT)  ; mm5=in5L=(50 51)
-    cvtpi2ps    xmm4, mm7                  ; xmm4=(52 53 ** **)
-    cvtpi2ps    xmm5, mm5                  ; xmm5=(50 51 ** **)
-    psrad       mm3, (DWORD_BIT-WORD_BIT)  ; mm3=in7H=(72 73)
-    psrad       mm1, (DWORD_BIT-WORD_BIT)  ; mm1=in7L=(70 71)
-    cvtpi2ps    xmm0, mm3                  ; xmm0=(72 73 ** **)
-    cvtpi2ps    xmm1, mm1                  ; xmm1=(70 71 ** **)
-
-    mulps       xmm2, XMMWORD [XMMBLOCK(1,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-    mulps       xmm3, XMMWORD [XMMBLOCK(3,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-
-    movlhps     xmm5, xmm4              ; xmm5=in5=(50 51 52 53)
-    movlhps     xmm1, xmm0              ; xmm1=in7=(70 71 72 73)
-    mulps       xmm5, XMMWORD [XMMBLOCK(5,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-    mulps       xmm1, XMMWORD [XMMBLOCK(7,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-
-    movaps      xmm4, xmm2
-    movaps      xmm0, xmm5
-    addps       xmm2, xmm1              ; xmm2=z11
-    addps       xmm5, xmm3              ; xmm5=z13
-    subps       xmm4, xmm1              ; xmm4=z12
-    subps       xmm0, xmm3              ; xmm0=z10
-
-    movaps      xmm1, xmm2
-    subps       xmm2, xmm5
-    addps       xmm1, xmm5              ; xmm1=tmp7
-
-    mulps       xmm2, [GOTOFF(ebx,PD_1_414)]  ; xmm2=tmp11
-
-    movaps      xmm3, xmm0
-    addps       xmm0, xmm4
-    mulps       xmm0, [GOTOFF(ebx,PD_1_847)]   ; xmm0=z5
-    mulps       xmm3, [GOTOFF(ebx,PD_M2_613)]  ; xmm3=(z10 * -2.613125930)
-    mulps       xmm4, [GOTOFF(ebx,PD_1_082)]   ; xmm4=(z12 * 1.082392200)
-    addps       xmm3, xmm0                     ; xmm3=tmp12
-    subps       xmm4, xmm0                     ; xmm4=tmp10
-
-    ; -- Final output stage
-
-    subps       xmm3, xmm1              ; xmm3=tmp6
-    movaps      xmm5, xmm6
-    movaps      xmm0, xmm7
-    addps       xmm6, xmm1              ; xmm6=data0=(00 01 02 03)
-    addps       xmm7, xmm3              ; xmm7=data1=(10 11 12 13)
-    subps       xmm5, xmm1              ; xmm5=data7=(70 71 72 73)
-    subps       xmm0, xmm3              ; xmm0=data6=(60 61 62 63)
-    subps       xmm2, xmm3              ; xmm2=tmp5
-
-    movaps      xmm1, xmm6              ; transpose coefficients(phase 1)
-    unpcklps    xmm6, xmm7              ; xmm6=(00 10 01 11)
-    unpckhps    xmm1, xmm7              ; xmm1=(02 12 03 13)
-    movaps      xmm3, xmm0              ; transpose coefficients(phase 1)
-    unpcklps    xmm0, xmm5              ; xmm0=(60 70 61 71)
-    unpckhps    xmm3, xmm5              ; xmm3=(62 72 63 73)
-
-    movaps      xmm7, XMMWORD [wk(0)]   ; xmm7=tmp2
-    movaps      xmm5, XMMWORD [wk(1)]   ; xmm5=tmp3
-
-    movaps      XMMWORD [wk(0)], xmm0   ; wk(0)=(60 70 61 71)
-    movaps      XMMWORD [wk(1)], xmm3   ; wk(1)=(62 72 63 73)
-
-    addps       xmm4, xmm2              ; xmm4=tmp4
-    movaps      xmm0, xmm7
-    movaps      xmm3, xmm5
-    addps       xmm7, xmm2              ; xmm7=data2=(20 21 22 23)
-    addps       xmm5, xmm4              ; xmm5=data4=(40 41 42 43)
-    subps       xmm0, xmm2              ; xmm0=data5=(50 51 52 53)
-    subps       xmm3, xmm4              ; xmm3=data3=(30 31 32 33)
-
-    movaps      xmm2, xmm7              ; transpose coefficients(phase 1)
-    unpcklps    xmm7, xmm3              ; xmm7=(20 30 21 31)
-    unpckhps    xmm2, xmm3              ; xmm2=(22 32 23 33)
-    movaps      xmm4, xmm5              ; transpose coefficients(phase 1)
-    unpcklps    xmm5, xmm0              ; xmm5=(40 50 41 51)
-    unpckhps    xmm4, xmm0              ; xmm4=(42 52 43 53)
-
-    movaps      xmm3, xmm6              ; transpose coefficients(phase 2)
-    unpcklps2   xmm6, xmm7              ; xmm6=(00 10 20 30)
-    unpckhps2   xmm3, xmm7              ; xmm3=(01 11 21 31)
-    movaps      xmm0, xmm1              ; transpose coefficients(phase 2)
-    unpcklps2   xmm1, xmm2              ; xmm1=(02 12 22 32)
-    unpckhps2   xmm0, xmm2              ; xmm0=(03 13 23 33)
-
-    movaps      xmm7, XMMWORD [wk(0)]   ; xmm7=(60 70 61 71)
-    movaps      xmm2, XMMWORD [wk(1)]   ; xmm2=(62 72 63 73)
-
-    movaps      XMMWORD [XMMBLOCK(0,0,edi,SIZEOF_FAST_FLOAT)], xmm6
-    movaps      XMMWORD [XMMBLOCK(1,0,edi,SIZEOF_FAST_FLOAT)], xmm3
-    movaps      XMMWORD [XMMBLOCK(2,0,edi,SIZEOF_FAST_FLOAT)], xmm1
-    movaps      XMMWORD [XMMBLOCK(3,0,edi,SIZEOF_FAST_FLOAT)], xmm0
-
-    movaps      xmm6, xmm5              ; transpose coefficients(phase 2)
-    unpcklps2   xmm5, xmm7              ; xmm5=(40 50 60 70)
-    unpckhps2   xmm6, xmm7              ; xmm6=(41 51 61 71)
-    movaps      xmm3, xmm4              ; transpose coefficients(phase 2)
-    unpcklps2   xmm4, xmm2              ; xmm4=(42 52 62 72)
-    unpckhps2   xmm3, xmm2              ; xmm3=(43 53 63 73)
-
-    movaps      XMMWORD [XMMBLOCK(0,1,edi,SIZEOF_FAST_FLOAT)], xmm5
-    movaps      XMMWORD [XMMBLOCK(1,1,edi,SIZEOF_FAST_FLOAT)], xmm6
-    movaps      XMMWORD [XMMBLOCK(2,1,edi,SIZEOF_FAST_FLOAT)], xmm4
-    movaps      XMMWORD [XMMBLOCK(3,1,edi,SIZEOF_FAST_FLOAT)], xmm3
-
-.nextcolumn:
-    add         esi, byte 4*SIZEOF_JCOEF               ; coef_block
-    add         edx, byte 4*SIZEOF_FLOAT_MULT_TYPE     ; quantptr
-    add         edi,      4*DCTSIZE*SIZEOF_FAST_FLOAT  ; wsptr
-    dec         ecx                                    ; ctr
-    jnz         near .columnloop
-
-    ; -- Prefetch the next coefficient block
-
-    prefetchnta [esi + (DCTSIZE2-8)*SIZEOF_JCOEF + 0*32]
-    prefetchnta [esi + (DCTSIZE2-8)*SIZEOF_JCOEF + 1*32]
-    prefetchnta [esi + (DCTSIZE2-8)*SIZEOF_JCOEF + 2*32]
-    prefetchnta [esi + (DCTSIZE2-8)*SIZEOF_JCOEF + 3*32]
-
-    ; ---- Pass 2: process rows from work array, store into output array.
-
-    mov         eax, [original_ebp]
-    lea         esi, [workspace]                   ; FAST_FLOAT *wsptr
-    mov         edi, JSAMPARRAY [output_buf(eax)]  ; (JSAMPROW *)
-    mov         eax, JDIMENSION [output_col(eax)]
-    mov         ecx, DCTSIZE/4                     ; ctr
-    alignx      16, 7
-.rowloop:
-
-    ; -- Even part
-
-    movaps      xmm0, XMMWORD [XMMBLOCK(0,0,esi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm1, XMMWORD [XMMBLOCK(2,0,esi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm2, XMMWORD [XMMBLOCK(4,0,esi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm3, XMMWORD [XMMBLOCK(6,0,esi,SIZEOF_FAST_FLOAT)]
-
-    movaps      xmm4, xmm0
-    movaps      xmm5, xmm1
-    subps       xmm0, xmm2              ; xmm0=tmp11
-    subps       xmm1, xmm3
-    addps       xmm4, xmm2              ; xmm4=tmp10
-    addps       xmm5, xmm3              ; xmm5=tmp13
-
-    mulps       xmm1, [GOTOFF(ebx,PD_1_414)]
-    subps       xmm1, xmm5              ; xmm1=tmp12
-
-    movaps      xmm6, xmm4
-    movaps      xmm7, xmm0
-    subps       xmm4, xmm5              ; xmm4=tmp3
-    subps       xmm0, xmm1              ; xmm0=tmp2
-    addps       xmm6, xmm5              ; xmm6=tmp0
-    addps       xmm7, xmm1              ; xmm7=tmp1
-
-    movaps      XMMWORD [wk(1)], xmm4   ; tmp3
-    movaps      XMMWORD [wk(0)], xmm0   ; tmp2
-
-    ; -- Odd part
-
-    movaps      xmm2, XMMWORD [XMMBLOCK(1,0,esi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm3, XMMWORD [XMMBLOCK(3,0,esi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm5, XMMWORD [XMMBLOCK(5,0,esi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm1, XMMWORD [XMMBLOCK(7,0,esi,SIZEOF_FAST_FLOAT)]
-
-    movaps      xmm4, xmm2
-    movaps      xmm0, xmm5
-    addps       xmm2, xmm1              ; xmm2=z11
-    addps       xmm5, xmm3              ; xmm5=z13
-    subps       xmm4, xmm1              ; xmm4=z12
-    subps       xmm0, xmm3              ; xmm0=z10
-
-    movaps      xmm1, xmm2
-    subps       xmm2, xmm5
-    addps       xmm1, xmm5              ; xmm1=tmp7
-
-    mulps       xmm2, [GOTOFF(ebx,PD_1_414)]  ; xmm2=tmp11
-
-    movaps      xmm3, xmm0
-    addps       xmm0, xmm4
-    mulps       xmm0, [GOTOFF(ebx,PD_1_847)]   ; xmm0=z5
-    mulps       xmm3, [GOTOFF(ebx,PD_M2_613)]  ; xmm3=(z10 * -2.613125930)
-    mulps       xmm4, [GOTOFF(ebx,PD_1_082)]   ; xmm4=(z12 * 1.082392200)
-    addps       xmm3, xmm0                     ; xmm3=tmp12
-    subps       xmm4, xmm0                     ; xmm4=tmp10
-
-    ; -- Final output stage
-
-    subps       xmm3, xmm1              ; xmm3=tmp6
-    movaps      xmm5, xmm6
-    movaps      xmm0, xmm7
-    addps       xmm6, xmm1              ; xmm6=data0=(00 10 20 30)
-    addps       xmm7, xmm3              ; xmm7=data1=(01 11 21 31)
-    subps       xmm5, xmm1              ; xmm5=data7=(07 17 27 37)
-    subps       xmm0, xmm3              ; xmm0=data6=(06 16 26 36)
-    subps       xmm2, xmm3              ; xmm2=tmp5
-
-    movaps      xmm1, [GOTOFF(ebx,PD_0_125)]  ; xmm1=[PD_0_125]
-
-    mulps       xmm6, xmm1              ; descale(1/8)
-    mulps       xmm7, xmm1              ; descale(1/8)
-    mulps       xmm5, xmm1              ; descale(1/8)
-    mulps       xmm0, xmm1              ; descale(1/8)
-
-    movhlps     xmm3, xmm6
-    movhlps     xmm1, xmm7
-    cvtps2pi    mm0, xmm6               ; round to int32, mm0=data0L=(00 10)
-    cvtps2pi    mm1, xmm7               ; round to int32, mm1=data1L=(01 11)
-    cvtps2pi    mm2, xmm3               ; round to int32, mm2=data0H=(20 30)
-    cvtps2pi    mm3, xmm1               ; round to int32, mm3=data1H=(21 31)
-    packssdw    mm0, mm2                ; mm0=data0=(00 10 20 30)
-    packssdw    mm1, mm3                ; mm1=data1=(01 11 21 31)
-
-    movhlps     xmm6, xmm5
-    movhlps     xmm7, xmm0
-    cvtps2pi    mm4, xmm5               ; round to int32, mm4=data7L=(07 17)
-    cvtps2pi    mm5, xmm0               ; round to int32, mm5=data6L=(06 16)
-    cvtps2pi    mm6, xmm6               ; round to int32, mm6=data7H=(27 37)
-    cvtps2pi    mm7, xmm7               ; round to int32, mm7=data6H=(26 36)
-    packssdw    mm4, mm6                ; mm4=data7=(07 17 27 37)
-    packssdw    mm5, mm7                ; mm5=data6=(06 16 26 36)
-
-    packsswb    mm0, mm5                ; mm0=(00 10 20 30 06 16 26 36)
-    packsswb    mm1, mm4                ; mm1=(01 11 21 31 07 17 27 37)
-
-    movaps      xmm3, XMMWORD [wk(0)]   ; xmm3=tmp2
-    movaps      xmm1, XMMWORD [wk(1)]   ; xmm1=tmp3
-
-    movaps      xmm6, [GOTOFF(ebx,PD_0_125)]  ; xmm6=[PD_0_125]
-
-    addps       xmm4, xmm2              ; xmm4=tmp4
-    movaps      xmm5, xmm3
-    movaps      xmm0, xmm1
-    addps       xmm3, xmm2              ; xmm3=data2=(02 12 22 32)
-    addps       xmm1, xmm4              ; xmm1=data4=(04 14 24 34)
-    subps       xmm5, xmm2              ; xmm5=data5=(05 15 25 35)
-    subps       xmm0, xmm4              ; xmm0=data3=(03 13 23 33)
-
-    mulps       xmm3, xmm6              ; descale(1/8)
-    mulps       xmm1, xmm6              ; descale(1/8)
-    mulps       xmm5, xmm6              ; descale(1/8)
-    mulps       xmm0, xmm6              ; descale(1/8)
-
-    movhlps     xmm7, xmm3
-    movhlps     xmm2, xmm1
-    cvtps2pi    mm2, xmm3               ; round to int32, mm2=data2L=(02 12)
-    cvtps2pi    mm3, xmm1               ; round to int32, mm3=data4L=(04 14)
-    cvtps2pi    mm6, xmm7               ; round to int32, mm6=data2H=(22 32)
-    cvtps2pi    mm7, xmm2               ; round to int32, mm7=data4H=(24 34)
-    packssdw    mm2, mm6                ; mm2=data2=(02 12 22 32)
-    packssdw    mm3, mm7                ; mm3=data4=(04 14 24 34)
-
-    movhlps     xmm4, xmm5
-    movhlps     xmm6, xmm0
-    cvtps2pi    mm5, xmm5               ; round to int32, mm5=data5L=(05 15)
-    cvtps2pi    mm4, xmm0               ; round to int32, mm4=data3L=(03 13)
-    cvtps2pi    mm6, xmm4               ; round to int32, mm6=data5H=(25 35)
-    cvtps2pi    mm7, xmm6               ; round to int32, mm7=data3H=(23 33)
-    packssdw    mm5, mm6                ; mm5=data5=(05 15 25 35)
-    packssdw    mm4, mm7                ; mm4=data3=(03 13 23 33)
-
-    movq        mm6, [GOTOFF(ebx,PB_CENTERJSAMP)]  ; mm6=[PB_CENTERJSAMP]
-
-    packsswb    mm2, mm3                ; mm2=(02 12 22 32 04 14 24 34)
-    packsswb    mm4, mm5                ; mm4=(03 13 23 33 05 15 25 35)
-
-    paddb       mm0, mm6
-    paddb       mm1, mm6
-    paddb       mm2, mm6
-    paddb       mm4, mm6
-
-    movq        mm7, mm0                ; transpose coefficients(phase 1)
-    punpcklbw   mm0, mm1                ; mm0=(00 01 10 11 20 21 30 31)
-    punpckhbw   mm7, mm1                ; mm7=(06 07 16 17 26 27 36 37)
-    movq        mm3, mm2                ; transpose coefficients(phase 1)
-    punpcklbw   mm2, mm4                ; mm2=(02 03 12 13 22 23 32 33)
-    punpckhbw   mm3, mm4                ; mm3=(04 05 14 15 24 25 34 35)
-
-    movq        mm5, mm0                ; transpose coefficients(phase 2)
-    punpcklwd   mm0, mm2                ; mm0=(00 01 02 03 10 11 12 13)
-    punpckhwd   mm5, mm2                ; mm5=(20 21 22 23 30 31 32 33)
-    movq        mm6, mm3                ; transpose coefficients(phase 2)
-    punpcklwd   mm3, mm7                ; mm3=(04 05 06 07 14 15 16 17)
-    punpckhwd   mm6, mm7                ; mm6=(24 25 26 27 34 35 36 37)
-
-    movq        mm1, mm0                ; transpose coefficients(phase 3)
-    punpckldq   mm0, mm3                ; mm0=(00 01 02 03 04 05 06 07)
-    punpckhdq   mm1, mm3                ; mm1=(10 11 12 13 14 15 16 17)
-    movq        mm4, mm5                ; transpose coefficients(phase 3)
-    punpckldq   mm5, mm6                ; mm5=(20 21 22 23 24 25 26 27)
-    punpckhdq   mm4, mm6                ; mm4=(30 31 32 33 34 35 36 37)
-
-    pushpic     ebx                     ; save GOT address
-
-    mov         edx, JSAMPROW [edi+0*SIZEOF_JSAMPROW]
-    mov         ebx, JSAMPROW [edi+1*SIZEOF_JSAMPROW]
-    movq        MMWORD [edx+eax*SIZEOF_JSAMPLE], mm0
-    movq        MMWORD [ebx+eax*SIZEOF_JSAMPLE], mm1
-    mov         edx, JSAMPROW [edi+2*SIZEOF_JSAMPROW]
-    mov         ebx, JSAMPROW [edi+3*SIZEOF_JSAMPROW]
-    movq        MMWORD [edx+eax*SIZEOF_JSAMPLE], mm5
-    movq        MMWORD [ebx+eax*SIZEOF_JSAMPLE], mm4
-
-    poppic      ebx                     ; restore GOT address
-
-    add         esi, byte 4*SIZEOF_FAST_FLOAT  ; wsptr
-    add         edi, byte 4*SIZEOF_JSAMPROW
-    dec         ecx                            ; ctr
-    jnz         near .rowloop
-
-    emms                                ; empty MMX state
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctflt-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctflt-sse2.asm
deleted file mode 100644
index c646eae..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctflt-sse2.asm
+++ /dev/null
@@ -1,497 +0,0 @@
-;
-; jidctflt.asm - floating-point IDCT (SSE & SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a floating-point implementation of the inverse DCT
-; (Discrete Cosine Transform). The following code is based directly on
-; the IJG's original jidctflt.c; see the jidctflt.c for more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%macro unpcklps2 2  ; %1=(0 1 2 3) / %2=(4 5 6 7) => %1=(0 1 4 5)
-    shufps      %1, %2, 0x44
-%endmacro
-
-%macro unpckhps2 2  ; %1=(0 1 2 3) / %2=(4 5 6 7) => %1=(2 3 6 7)
-    shufps      %1, %2, 0xEE
-%endmacro
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_idct_float_sse2)
-
-EXTN(jconst_idct_float_sse2):
-
-PD_1_414        times 4  dd  1.414213562373095048801689
-PD_1_847        times 4  dd  1.847759065022573512256366
-PD_1_082        times 4  dd  1.082392200292393968799446
-PD_M2_613       times 4  dd -2.613125929752753055713286
-PD_RNDINT_MAGIC times 4  dd  100663296.0  ; (float)(0x00C00000 << 3)
-PB_CENTERJSAMP  times 16 db  CENTERJSAMPLE
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Perform dequantization and inverse DCT on one block of coefficients.
-;
-; GLOBAL(void)
-; jsimd_idct_float_sse2(void *dct_table, JCOEFPTR coef_block,
-;                       JSAMPARRAY output_buf, JDIMENSION output_col)
-;
-
-%define dct_table(b)   (b) + 8          ; void *dct_table
-%define coef_block(b)  (b) + 12         ; JCOEFPTR coef_block
-%define output_buf(b)  (b) + 16         ; JSAMPARRAY output_buf
-%define output_col(b)  (b) + 20         ; JDIMENSION output_col
-
-%define original_ebp   ebp + 0
-%define wk(i)          ebp - (WK_NUM - (i)) * SIZEOF_XMMWORD
-                                        ; xmmword wk[WK_NUM]
-%define WK_NUM         2
-%define workspace      wk(0) - DCTSIZE2 * SIZEOF_FAST_FLOAT
-                                        ; FAST_FLOAT workspace[DCTSIZE2]
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_idct_float_sse2)
-
-EXTN(jsimd_idct_float_sse2):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    lea         esp, [workspace]
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-
-    ; ---- Pass 1: process columns from input, store into work array.
-
-;   mov         eax, [original_ebp]
-    mov         edx, POINTER [dct_table(eax)]    ; quantptr
-    mov         esi, JCOEFPTR [coef_block(eax)]  ; inptr
-    lea         edi, [workspace]                 ; FAST_FLOAT *wsptr
-    mov         ecx, DCTSIZE/4                   ; ctr
-    alignx      16, 7
-.columnloop:
-%ifndef NO_ZERO_COLUMN_TEST_FLOAT_SSE
-    mov         eax, dword [DWBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    or          eax, dword [DWBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    jnz         near .columnDCT
-
-    movq        xmm1, XMM_MMWORD [MMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movq        xmm2, XMM_MMWORD [MMBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    movq        xmm3, XMM_MMWORD [MMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    movq        xmm4, XMM_MMWORD [MMBLOCK(4,0,esi,SIZEOF_JCOEF)]
-    movq        xmm5, XMM_MMWORD [MMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    movq        xmm6, XMM_MMWORD [MMBLOCK(6,0,esi,SIZEOF_JCOEF)]
-    movq        xmm7, XMM_MMWORD [MMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-    por         xmm1, xmm2
-    por         xmm3, xmm4
-    por         xmm5, xmm6
-    por         xmm1, xmm3
-    por         xmm5, xmm7
-    por         xmm1, xmm5
-    packsswb    xmm1, xmm1
-    movd        eax, xmm1
-    test        eax, eax
-    jnz         short .columnDCT
-
-    ; -- AC terms all zero
-
-    movq        xmm0, XMM_MMWORD [MMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-
-    punpcklwd   xmm0, xmm0                  ; xmm0=(00 00 01 01 02 02 03 03)
-    psrad       xmm0, (DWORD_BIT-WORD_BIT)  ; xmm0=in0=(00 01 02 03)
-    cvtdq2ps    xmm0, xmm0                  ; xmm0=in0=(00 01 02 03)
-
-    mulps       xmm0, XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-
-    movaps      xmm1, xmm0
-    movaps      xmm2, xmm0
-    movaps      xmm3, xmm0
-
-    shufps      xmm0, xmm0, 0x00        ; xmm0=(00 00 00 00)
-    shufps      xmm1, xmm1, 0x55        ; xmm1=(01 01 01 01)
-    shufps      xmm2, xmm2, 0xAA        ; xmm2=(02 02 02 02)
-    shufps      xmm3, xmm3, 0xFF        ; xmm3=(03 03 03 03)
-
-    movaps      XMMWORD [XMMBLOCK(0,0,edi,SIZEOF_FAST_FLOAT)], xmm0
-    movaps      XMMWORD [XMMBLOCK(0,1,edi,SIZEOF_FAST_FLOAT)], xmm0
-    movaps      XMMWORD [XMMBLOCK(1,0,edi,SIZEOF_FAST_FLOAT)], xmm1
-    movaps      XMMWORD [XMMBLOCK(1,1,edi,SIZEOF_FAST_FLOAT)], xmm1
-    movaps      XMMWORD [XMMBLOCK(2,0,edi,SIZEOF_FAST_FLOAT)], xmm2
-    movaps      XMMWORD [XMMBLOCK(2,1,edi,SIZEOF_FAST_FLOAT)], xmm2
-    movaps      XMMWORD [XMMBLOCK(3,0,edi,SIZEOF_FAST_FLOAT)], xmm3
-    movaps      XMMWORD [XMMBLOCK(3,1,edi,SIZEOF_FAST_FLOAT)], xmm3
-    jmp         near .nextcolumn
-    alignx      16, 7
-%endif
-.columnDCT:
-
-    ; -- Even part
-
-    movq        xmm0, XMM_MMWORD [MMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    movq        xmm1, XMM_MMWORD [MMBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    movq        xmm2, XMM_MMWORD [MMBLOCK(4,0,esi,SIZEOF_JCOEF)]
-    movq        xmm3, XMM_MMWORD [MMBLOCK(6,0,esi,SIZEOF_JCOEF)]
-
-    punpcklwd   xmm0, xmm0                  ; xmm0=(00 00 01 01 02 02 03 03)
-    punpcklwd   xmm1, xmm1                  ; xmm1=(20 20 21 21 22 22 23 23)
-    psrad       xmm0, (DWORD_BIT-WORD_BIT)  ; xmm0=in0=(00 01 02 03)
-    psrad       xmm1, (DWORD_BIT-WORD_BIT)  ; xmm1=in2=(20 21 22 23)
-    cvtdq2ps    xmm0, xmm0                  ; xmm0=in0=(00 01 02 03)
-    cvtdq2ps    xmm1, xmm1                  ; xmm1=in2=(20 21 22 23)
-
-    punpcklwd   xmm2, xmm2                  ; xmm2=(40 40 41 41 42 42 43 43)
-    punpcklwd   xmm3, xmm3                  ; xmm3=(60 60 61 61 62 62 63 63)
-    psrad       xmm2, (DWORD_BIT-WORD_BIT)  ; xmm2=in4=(40 41 42 43)
-    psrad       xmm3, (DWORD_BIT-WORD_BIT)  ; xmm3=in6=(60 61 62 63)
-    cvtdq2ps    xmm2, xmm2                  ; xmm2=in4=(40 41 42 43)
-    cvtdq2ps    xmm3, xmm3                  ; xmm3=in6=(60 61 62 63)
-
-    mulps       xmm0, XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-    mulps       xmm1, XMMWORD [XMMBLOCK(2,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-    mulps       xmm2, XMMWORD [XMMBLOCK(4,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-    mulps       xmm3, XMMWORD [XMMBLOCK(6,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-
-    movaps      xmm4, xmm0
-    movaps      xmm5, xmm1
-    subps       xmm0, xmm2              ; xmm0=tmp11
-    subps       xmm1, xmm3
-    addps       xmm4, xmm2              ; xmm4=tmp10
-    addps       xmm5, xmm3              ; xmm5=tmp13
-
-    mulps       xmm1, [GOTOFF(ebx,PD_1_414)]
-    subps       xmm1, xmm5              ; xmm1=tmp12
-
-    movaps      xmm6, xmm4
-    movaps      xmm7, xmm0
-    subps       xmm4, xmm5              ; xmm4=tmp3
-    subps       xmm0, xmm1              ; xmm0=tmp2
-    addps       xmm6, xmm5              ; xmm6=tmp0
-    addps       xmm7, xmm1              ; xmm7=tmp1
-
-    movaps      XMMWORD [wk(1)], xmm4   ; tmp3
-    movaps      XMMWORD [wk(0)], xmm0   ; tmp2
-
-    ; -- Odd part
-
-    movq        xmm2, XMM_MMWORD [MMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movq        xmm3, XMM_MMWORD [MMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    movq        xmm5, XMM_MMWORD [MMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    movq        xmm1, XMM_MMWORD [MMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-
-    punpcklwd   xmm2, xmm2                  ; xmm2=(10 10 11 11 12 12 13 13)
-    punpcklwd   xmm3, xmm3                  ; xmm3=(30 30 31 31 32 32 33 33)
-    psrad       xmm2, (DWORD_BIT-WORD_BIT)  ; xmm2=in1=(10 11 12 13)
-    psrad       xmm3, (DWORD_BIT-WORD_BIT)  ; xmm3=in3=(30 31 32 33)
-    cvtdq2ps    xmm2, xmm2                  ; xmm2=in1=(10 11 12 13)
-    cvtdq2ps    xmm3, xmm3                  ; xmm3=in3=(30 31 32 33)
-
-    punpcklwd   xmm5, xmm5                  ; xmm5=(50 50 51 51 52 52 53 53)
-    punpcklwd   xmm1, xmm1                  ; xmm1=(70 70 71 71 72 72 73 73)
-    psrad       xmm5, (DWORD_BIT-WORD_BIT)  ; xmm5=in5=(50 51 52 53)
-    psrad       xmm1, (DWORD_BIT-WORD_BIT)  ; xmm1=in7=(70 71 72 73)
-    cvtdq2ps    xmm5, xmm5                  ; xmm5=in5=(50 51 52 53)
-    cvtdq2ps    xmm1, xmm1                  ; xmm1=in7=(70 71 72 73)
-
-    mulps       xmm2, XMMWORD [XMMBLOCK(1,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-    mulps       xmm3, XMMWORD [XMMBLOCK(3,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-    mulps       xmm5, XMMWORD [XMMBLOCK(5,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-    mulps       xmm1, XMMWORD [XMMBLOCK(7,0,edx,SIZEOF_FLOAT_MULT_TYPE)]
-
-    movaps      xmm4, xmm2
-    movaps      xmm0, xmm5
-    addps       xmm2, xmm1              ; xmm2=z11
-    addps       xmm5, xmm3              ; xmm5=z13
-    subps       xmm4, xmm1              ; xmm4=z12
-    subps       xmm0, xmm3              ; xmm0=z10
-
-    movaps      xmm1, xmm2
-    subps       xmm2, xmm5
-    addps       xmm1, xmm5              ; xmm1=tmp7
-
-    mulps       xmm2, [GOTOFF(ebx,PD_1_414)]  ; xmm2=tmp11
-
-    movaps      xmm3, xmm0
-    addps       xmm0, xmm4
-    mulps       xmm0, [GOTOFF(ebx,PD_1_847)]   ; xmm0=z5
-    mulps       xmm3, [GOTOFF(ebx,PD_M2_613)]  ; xmm3=(z10 * -2.613125930)
-    mulps       xmm4, [GOTOFF(ebx,PD_1_082)]   ; xmm4=(z12 * 1.082392200)
-    addps       xmm3, xmm0                     ; xmm3=tmp12
-    subps       xmm4, xmm0                     ; xmm4=tmp10
-
-    ; -- Final output stage
-
-    subps       xmm3, xmm1              ; xmm3=tmp6
-    movaps      xmm5, xmm6
-    movaps      xmm0, xmm7
-    addps       xmm6, xmm1              ; xmm6=data0=(00 01 02 03)
-    addps       xmm7, xmm3              ; xmm7=data1=(10 11 12 13)
-    subps       xmm5, xmm1              ; xmm5=data7=(70 71 72 73)
-    subps       xmm0, xmm3              ; xmm0=data6=(60 61 62 63)
-    subps       xmm2, xmm3              ; xmm2=tmp5
-
-    movaps      xmm1, xmm6              ; transpose coefficients(phase 1)
-    unpcklps    xmm6, xmm7              ; xmm6=(00 10 01 11)
-    unpckhps    xmm1, xmm7              ; xmm1=(02 12 03 13)
-    movaps      xmm3, xmm0              ; transpose coefficients(phase 1)
-    unpcklps    xmm0, xmm5              ; xmm0=(60 70 61 71)
-    unpckhps    xmm3, xmm5              ; xmm3=(62 72 63 73)
-
-    movaps      xmm7, XMMWORD [wk(0)]   ; xmm7=tmp2
-    movaps      xmm5, XMMWORD [wk(1)]   ; xmm5=tmp3
-
-    movaps      XMMWORD [wk(0)], xmm0   ; wk(0)=(60 70 61 71)
-    movaps      XMMWORD [wk(1)], xmm3   ; wk(1)=(62 72 63 73)
-
-    addps       xmm4, xmm2              ; xmm4=tmp4
-    movaps      xmm0, xmm7
-    movaps      xmm3, xmm5
-    addps       xmm7, xmm2              ; xmm7=data2=(20 21 22 23)
-    addps       xmm5, xmm4              ; xmm5=data4=(40 41 42 43)
-    subps       xmm0, xmm2              ; xmm0=data5=(50 51 52 53)
-    subps       xmm3, xmm4              ; xmm3=data3=(30 31 32 33)
-
-    movaps      xmm2, xmm7              ; transpose coefficients(phase 1)
-    unpcklps    xmm7, xmm3              ; xmm7=(20 30 21 31)
-    unpckhps    xmm2, xmm3              ; xmm2=(22 32 23 33)
-    movaps      xmm4, xmm5              ; transpose coefficients(phase 1)
-    unpcklps    xmm5, xmm0              ; xmm5=(40 50 41 51)
-    unpckhps    xmm4, xmm0              ; xmm4=(42 52 43 53)
-
-    movaps      xmm3, xmm6              ; transpose coefficients(phase 2)
-    unpcklps2   xmm6, xmm7              ; xmm6=(00 10 20 30)
-    unpckhps2   xmm3, xmm7              ; xmm3=(01 11 21 31)
-    movaps      xmm0, xmm1              ; transpose coefficients(phase 2)
-    unpcklps2   xmm1, xmm2              ; xmm1=(02 12 22 32)
-    unpckhps2   xmm0, xmm2              ; xmm0=(03 13 23 33)
-
-    movaps      xmm7, XMMWORD [wk(0)]   ; xmm7=(60 70 61 71)
-    movaps      xmm2, XMMWORD [wk(1)]   ; xmm2=(62 72 63 73)
-
-    movaps      XMMWORD [XMMBLOCK(0,0,edi,SIZEOF_FAST_FLOAT)], xmm6
-    movaps      XMMWORD [XMMBLOCK(1,0,edi,SIZEOF_FAST_FLOAT)], xmm3
-    movaps      XMMWORD [XMMBLOCK(2,0,edi,SIZEOF_FAST_FLOAT)], xmm1
-    movaps      XMMWORD [XMMBLOCK(3,0,edi,SIZEOF_FAST_FLOAT)], xmm0
-
-    movaps      xmm6, xmm5              ; transpose coefficients(phase 2)
-    unpcklps2   xmm5, xmm7              ; xmm5=(40 50 60 70)
-    unpckhps2   xmm6, xmm7              ; xmm6=(41 51 61 71)
-    movaps      xmm3, xmm4              ; transpose coefficients(phase 2)
-    unpcklps2   xmm4, xmm2              ; xmm4=(42 52 62 72)
-    unpckhps2   xmm3, xmm2              ; xmm3=(43 53 63 73)
-
-    movaps      XMMWORD [XMMBLOCK(0,1,edi,SIZEOF_FAST_FLOAT)], xmm5
-    movaps      XMMWORD [XMMBLOCK(1,1,edi,SIZEOF_FAST_FLOAT)], xmm6
-    movaps      XMMWORD [XMMBLOCK(2,1,edi,SIZEOF_FAST_FLOAT)], xmm4
-    movaps      XMMWORD [XMMBLOCK(3,1,edi,SIZEOF_FAST_FLOAT)], xmm3
-
-.nextcolumn:
-    add         esi, byte 4*SIZEOF_JCOEF               ; coef_block
-    add         edx, byte 4*SIZEOF_FLOAT_MULT_TYPE     ; quantptr
-    add         edi,      4*DCTSIZE*SIZEOF_FAST_FLOAT  ; wsptr
-    dec         ecx                                    ; ctr
-    jnz         near .columnloop
-
-    ; -- Prefetch the next coefficient block
-
-    prefetchnta [esi + (DCTSIZE2-8)*SIZEOF_JCOEF + 0*32]
-    prefetchnta [esi + (DCTSIZE2-8)*SIZEOF_JCOEF + 1*32]
-    prefetchnta [esi + (DCTSIZE2-8)*SIZEOF_JCOEF + 2*32]
-    prefetchnta [esi + (DCTSIZE2-8)*SIZEOF_JCOEF + 3*32]
-
-    ; ---- Pass 2: process rows from work array, store into output array.
-
-    mov         eax, [original_ebp]
-    lea         esi, [workspace]                   ; FAST_FLOAT *wsptr
-    mov         edi, JSAMPARRAY [output_buf(eax)]  ; (JSAMPROW *)
-    mov         eax, JDIMENSION [output_col(eax)]
-    mov         ecx, DCTSIZE/4                     ; ctr
-    alignx      16, 7
-.rowloop:
-
-    ; -- Even part
-
-    movaps      xmm0, XMMWORD [XMMBLOCK(0,0,esi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm1, XMMWORD [XMMBLOCK(2,0,esi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm2, XMMWORD [XMMBLOCK(4,0,esi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm3, XMMWORD [XMMBLOCK(6,0,esi,SIZEOF_FAST_FLOAT)]
-
-    movaps      xmm4, xmm0
-    movaps      xmm5, xmm1
-    subps       xmm0, xmm2              ; xmm0=tmp11
-    subps       xmm1, xmm3
-    addps       xmm4, xmm2              ; xmm4=tmp10
-    addps       xmm5, xmm3              ; xmm5=tmp13
-
-    mulps       xmm1, [GOTOFF(ebx,PD_1_414)]
-    subps       xmm1, xmm5              ; xmm1=tmp12
-
-    movaps      xmm6, xmm4
-    movaps      xmm7, xmm0
-    subps       xmm4, xmm5              ; xmm4=tmp3
-    subps       xmm0, xmm1              ; xmm0=tmp2
-    addps       xmm6, xmm5              ; xmm6=tmp0
-    addps       xmm7, xmm1              ; xmm7=tmp1
-
-    movaps      XMMWORD [wk(1)], xmm4   ; tmp3
-    movaps      XMMWORD [wk(0)], xmm0   ; tmp2
-
-    ; -- Odd part
-
-    movaps      xmm2, XMMWORD [XMMBLOCK(1,0,esi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm3, XMMWORD [XMMBLOCK(3,0,esi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm5, XMMWORD [XMMBLOCK(5,0,esi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm1, XMMWORD [XMMBLOCK(7,0,esi,SIZEOF_FAST_FLOAT)]
-
-    movaps      xmm4, xmm2
-    movaps      xmm0, xmm5
-    addps       xmm2, xmm1              ; xmm2=z11
-    addps       xmm5, xmm3              ; xmm5=z13
-    subps       xmm4, xmm1              ; xmm4=z12
-    subps       xmm0, xmm3              ; xmm0=z10
-
-    movaps      xmm1, xmm2
-    subps       xmm2, xmm5
-    addps       xmm1, xmm5              ; xmm1=tmp7
-
-    mulps       xmm2, [GOTOFF(ebx,PD_1_414)]  ; xmm2=tmp11
-
-    movaps      xmm3, xmm0
-    addps       xmm0, xmm4
-    mulps       xmm0, [GOTOFF(ebx,PD_1_847)]   ; xmm0=z5
-    mulps       xmm3, [GOTOFF(ebx,PD_M2_613)]  ; xmm3=(z10 * -2.613125930)
-    mulps       xmm4, [GOTOFF(ebx,PD_1_082)]   ; xmm4=(z12 * 1.082392200)
-    addps       xmm3, xmm0                     ; xmm3=tmp12
-    subps       xmm4, xmm0                     ; xmm4=tmp10
-
-    ; -- Final output stage
-
-    subps       xmm3, xmm1              ; xmm3=tmp6
-    movaps      xmm5, xmm6
-    movaps      xmm0, xmm7
-    addps       xmm6, xmm1              ; xmm6=data0=(00 10 20 30)
-    addps       xmm7, xmm3              ; xmm7=data1=(01 11 21 31)
-    subps       xmm5, xmm1              ; xmm5=data7=(07 17 27 37)
-    subps       xmm0, xmm3              ; xmm0=data6=(06 16 26 36)
-    subps       xmm2, xmm3              ; xmm2=tmp5
-
-    movaps      xmm1, [GOTOFF(ebx,PD_RNDINT_MAGIC)]  ; xmm1=[PD_RNDINT_MAGIC]
-    pcmpeqd     xmm3, xmm3
-    psrld       xmm3, WORD_BIT          ; xmm3={0xFFFF 0x0000 0xFFFF 0x0000 ..}
-
-    addps       xmm6, xmm1              ; xmm6=roundint(data0/8)=(00 ** 10 ** 20 ** 30 **)
-    addps       xmm7, xmm1              ; xmm7=roundint(data1/8)=(01 ** 11 ** 21 ** 31 **)
-    addps       xmm0, xmm1              ; xmm0=roundint(data6/8)=(06 ** 16 ** 26 ** 36 **)
-    addps       xmm5, xmm1              ; xmm5=roundint(data7/8)=(07 ** 17 ** 27 ** 37 **)
-
-    pand        xmm6, xmm3              ; xmm6=(00 -- 10 -- 20 -- 30 --)
-    pslld       xmm7, WORD_BIT          ; xmm7=(-- 01 -- 11 -- 21 -- 31)
-    pand        xmm0, xmm3              ; xmm0=(06 -- 16 -- 26 -- 36 --)
-    pslld       xmm5, WORD_BIT          ; xmm5=(-- 07 -- 17 -- 27 -- 37)
-    por         xmm6, xmm7              ; xmm6=(00 01 10 11 20 21 30 31)
-    por         xmm0, xmm5              ; xmm0=(06 07 16 17 26 27 36 37)
-
-    movaps      xmm1, XMMWORD [wk(0)]   ; xmm1=tmp2
-    movaps      xmm3, XMMWORD [wk(1)]   ; xmm3=tmp3
-
-    addps       xmm4, xmm2              ; xmm4=tmp4
-    movaps      xmm7, xmm1
-    movaps      xmm5, xmm3
-    addps       xmm1, xmm2              ; xmm1=data2=(02 12 22 32)
-    addps       xmm3, xmm4              ; xmm3=data4=(04 14 24 34)
-    subps       xmm7, xmm2              ; xmm7=data5=(05 15 25 35)
-    subps       xmm5, xmm4              ; xmm5=data3=(03 13 23 33)
-
-    movaps      xmm2, [GOTOFF(ebx,PD_RNDINT_MAGIC)]  ; xmm2=[PD_RNDINT_MAGIC]
-    pcmpeqd     xmm4, xmm4
-    psrld       xmm4, WORD_BIT          ; xmm4={0xFFFF 0x0000 0xFFFF 0x0000 ..}
-
-    addps       xmm3, xmm2              ; xmm3=roundint(data4/8)=(04 ** 14 ** 24 ** 34 **)
-    addps       xmm7, xmm2              ; xmm7=roundint(data5/8)=(05 ** 15 ** 25 ** 35 **)
-    addps       xmm1, xmm2              ; xmm1=roundint(data2/8)=(02 ** 12 ** 22 ** 32 **)
-    addps       xmm5, xmm2              ; xmm5=roundint(data3/8)=(03 ** 13 ** 23 ** 33 **)
-
-    pand        xmm3, xmm4              ; xmm3=(04 -- 14 -- 24 -- 34 --)
-    pslld       xmm7, WORD_BIT          ; xmm7=(-- 05 -- 15 -- 25 -- 35)
-    pand        xmm1, xmm4              ; xmm1=(02 -- 12 -- 22 -- 32 --)
-    pslld       xmm5, WORD_BIT          ; xmm5=(-- 03 -- 13 -- 23 -- 33)
-    por         xmm3, xmm7              ; xmm3=(04 05 14 15 24 25 34 35)
-    por         xmm1, xmm5              ; xmm1=(02 03 12 13 22 23 32 33)
-
-    movdqa      xmm2, [GOTOFF(ebx,PB_CENTERJSAMP)]  ; xmm2=[PB_CENTERJSAMP]
-
-    packsswb    xmm6, xmm3        ; xmm6=(00 01 10 11 20 21 30 31 04 05 14 15 24 25 34 35)
-    packsswb    xmm1, xmm0        ; xmm1=(02 03 12 13 22 23 32 33 06 07 16 17 26 27 36 37)
-    paddb       xmm6, xmm2
-    paddb       xmm1, xmm2
-
-    movdqa      xmm4, xmm6        ; transpose coefficients(phase 2)
-    punpcklwd   xmm6, xmm1        ; xmm6=(00 01 02 03 10 11 12 13 20 21 22 23 30 31 32 33)
-    punpckhwd   xmm4, xmm1        ; xmm4=(04 05 06 07 14 15 16 17 24 25 26 27 34 35 36 37)
-
-    movdqa      xmm7, xmm6        ; transpose coefficients(phase 3)
-    punpckldq   xmm6, xmm4        ; xmm6=(00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17)
-    punpckhdq   xmm7, xmm4        ; xmm7=(20 21 22 23 24 25 26 27 30 31 32 33 34 35 36 37)
-
-    pshufd      xmm5, xmm6, 0x4E  ; xmm5=(10 11 12 13 14 15 16 17 00 01 02 03 04 05 06 07)
-    pshufd      xmm3, xmm7, 0x4E  ; xmm3=(30 31 32 33 34 35 36 37 20 21 22 23 24 25 26 27)
-
-    pushpic     ebx                     ; save GOT address
-
-    mov         edx, JSAMPROW [edi+0*SIZEOF_JSAMPROW]
-    mov         ebx, JSAMPROW [edi+2*SIZEOF_JSAMPROW]
-    movq        XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE], xmm6
-    movq        XMM_MMWORD [ebx+eax*SIZEOF_JSAMPLE], xmm7
-    mov         edx, JSAMPROW [edi+1*SIZEOF_JSAMPROW]
-    mov         ebx, JSAMPROW [edi+3*SIZEOF_JSAMPROW]
-    movq        XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE], xmm5
-    movq        XMM_MMWORD [ebx+eax*SIZEOF_JSAMPLE], xmm3
-
-    poppic      ebx                     ; restore GOT address
-
-    add         esi, byte 4*SIZEOF_FAST_FLOAT  ; wsptr
-    add         edi, byte 4*SIZEOF_JSAMPROW
-    dec         ecx                            ; ctr
-    jnz         near .rowloop
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctfst-mmx.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctfst-mmx.asm
deleted file mode 100644
index 24622d4..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctfst-mmx.asm
+++ /dev/null
@@ -1,499 +0,0 @@
-;
-; jidctfst.asm - fast integer IDCT (MMX)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a fast, not so accurate integer implementation of
-; the inverse DCT (Discrete Cosine Transform). The following code is
-; based directly on the IJG's original jidctfst.c; see the jidctfst.c
-; for more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%define CONST_BITS  8  ; 14 is also OK.
-%define PASS1_BITS  2
-
-%if IFAST_SCALE_BITS != PASS1_BITS
-%error "'IFAST_SCALE_BITS' must be equal to 'PASS1_BITS'."
-%endif
-
-%if CONST_BITS == 8
-F_1_082 equ 277              ; FIX(1.082392200)
-F_1_414 equ 362              ; FIX(1.414213562)
-F_1_847 equ 473              ; FIX(1.847759065)
-F_2_613 equ 669              ; FIX(2.613125930)
-F_1_613 equ (F_2_613 - 256)  ; FIX(2.613125930) - FIX(1)
-%else
-; NASM cannot do compile-time arithmetic on floating-point constants.
-%define DESCALE(x, n)  (((x) + (1 << ((n) - 1))) >> (n))
-F_1_082 equ DESCALE(1162209775, 30 - CONST_BITS)  ; FIX(1.082392200)
-F_1_414 equ DESCALE(1518500249, 30 - CONST_BITS)  ; FIX(1.414213562)
-F_1_847 equ DESCALE(1984016188, 30 - CONST_BITS)  ; FIX(1.847759065)
-F_2_613 equ DESCALE(2805822602, 30 - CONST_BITS)  ; FIX(2.613125930)
-F_1_613 equ (F_2_613 - (1 << CONST_BITS))       ; FIX(2.613125930) - FIX(1)
-%endif
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-; PRE_MULTIPLY_SCALE_BITS <= 2 (to avoid overflow)
-; CONST_BITS + CONST_SHIFT + PRE_MULTIPLY_SCALE_BITS == 16 (for pmulhw)
-
-%define PRE_MULTIPLY_SCALE_BITS  2
-%define CONST_SHIFT              (16 - PRE_MULTIPLY_SCALE_BITS - CONST_BITS)
-
-    alignz      32
-    GLOBAL_DATA(jconst_idct_ifast_mmx)
-
-EXTN(jconst_idct_ifast_mmx):
-
-PW_F1414       times 4 dw  F_1_414 << CONST_SHIFT
-PW_F1847       times 4 dw  F_1_847 << CONST_SHIFT
-PW_MF1613      times 4 dw -F_1_613 << CONST_SHIFT
-PW_F1082       times 4 dw  F_1_082 << CONST_SHIFT
-PB_CENTERJSAMP times 8 db  CENTERJSAMPLE
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Perform dequantization and inverse DCT on one block of coefficients.
-;
-; GLOBAL(void)
-; jsimd_idct_ifast_mmx(void *dct_table, JCOEFPTR coef_block,
-;                      JSAMPARRAY output_buf, JDIMENSION output_col)
-;
-
-%define dct_table(b)   (b) + 8          ; jpeg_component_info *compptr
-%define coef_block(b)  (b) + 12         ; JCOEFPTR coef_block
-%define output_buf(b)  (b) + 16         ; JSAMPARRAY output_buf
-%define output_col(b)  (b) + 20         ; JDIMENSION output_col
-
-%define original_ebp   ebp + 0
-%define wk(i)          ebp - (WK_NUM - (i)) * SIZEOF_MMWORD
-                                        ; mmword wk[WK_NUM]
-%define WK_NUM         2
-%define workspace      wk(0) - DCTSIZE2 * SIZEOF_JCOEF
-                                        ; JCOEF workspace[DCTSIZE2]
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_idct_ifast_mmx)
-
-EXTN(jsimd_idct_ifast_mmx):
-    push        ebp
-    mov         eax, esp                    ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_MMWORD)  ; align to 64 bits
-    mov         [esp], eax
-    mov         ebp, esp                    ; ebp = aligned ebp
-    lea         esp, [workspace]
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-
-    ; ---- Pass 1: process columns from input, store into work array.
-
-;   mov         eax, [original_ebp]
-    mov         edx, POINTER [dct_table(eax)]    ; quantptr
-    mov         esi, JCOEFPTR [coef_block(eax)]  ; inptr
-    lea         edi, [workspace]                 ; JCOEF *wsptr
-    mov         ecx, DCTSIZE/4                   ; ctr
-    alignx      16, 7
-.columnloop:
-%ifndef NO_ZERO_COLUMN_TEST_IFAST_MMX
-    mov         eax, dword [DWBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    or          eax, dword [DWBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    jnz         short .columnDCT
-
-    movq        mm0, MMWORD [MMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movq        mm1, MMWORD [MMBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    por         mm0, MMWORD [MMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    por         mm1, MMWORD [MMBLOCK(4,0,esi,SIZEOF_JCOEF)]
-    por         mm0, MMWORD [MMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    por         mm1, MMWORD [MMBLOCK(6,0,esi,SIZEOF_JCOEF)]
-    por         mm0, MMWORD [MMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-    por         mm1, mm0
-    packsswb    mm1, mm1
-    movd        eax, mm1
-    test        eax, eax
-    jnz         short .columnDCT
-
-    ; -- AC terms all zero
-
-    movq        mm0, MMWORD [MMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    pmullw      mm0, MMWORD [MMBLOCK(0,0,edx,SIZEOF_IFAST_MULT_TYPE)]
-
-    movq        mm2, mm0                ; mm0=in0=(00 01 02 03)
-    punpcklwd   mm0, mm0                ; mm0=(00 00 01 01)
-    punpckhwd   mm2, mm2                ; mm2=(02 02 03 03)
-
-    movq        mm1, mm0
-    punpckldq   mm0, mm0                ; mm0=(00 00 00 00)
-    punpckhdq   mm1, mm1                ; mm1=(01 01 01 01)
-    movq        mm3, mm2
-    punpckldq   mm2, mm2                ; mm2=(02 02 02 02)
-    punpckhdq   mm3, mm3                ; mm3=(03 03 03 03)
-
-    movq        MMWORD [MMBLOCK(0,0,edi,SIZEOF_JCOEF)], mm0
-    movq        MMWORD [MMBLOCK(0,1,edi,SIZEOF_JCOEF)], mm0
-    movq        MMWORD [MMBLOCK(1,0,edi,SIZEOF_JCOEF)], mm1
-    movq        MMWORD [MMBLOCK(1,1,edi,SIZEOF_JCOEF)], mm1
-    movq        MMWORD [MMBLOCK(2,0,edi,SIZEOF_JCOEF)], mm2
-    movq        MMWORD [MMBLOCK(2,1,edi,SIZEOF_JCOEF)], mm2
-    movq        MMWORD [MMBLOCK(3,0,edi,SIZEOF_JCOEF)], mm3
-    movq        MMWORD [MMBLOCK(3,1,edi,SIZEOF_JCOEF)], mm3
-    jmp         near .nextcolumn
-    alignx      16, 7
-%endif
-.columnDCT:
-
-    ; -- Even part
-
-    movq        mm0, MMWORD [MMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    movq        mm1, MMWORD [MMBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    pmullw      mm0, MMWORD [MMBLOCK(0,0,edx,SIZEOF_IFAST_MULT_TYPE)]
-    pmullw      mm1, MMWORD [MMBLOCK(2,0,edx,SIZEOF_IFAST_MULT_TYPE)]
-    movq        mm2, MMWORD [MMBLOCK(4,0,esi,SIZEOF_JCOEF)]
-    movq        mm3, MMWORD [MMBLOCK(6,0,esi,SIZEOF_JCOEF)]
-    pmullw      mm2, MMWORD [MMBLOCK(4,0,edx,SIZEOF_IFAST_MULT_TYPE)]
-    pmullw      mm3, MMWORD [MMBLOCK(6,0,edx,SIZEOF_IFAST_MULT_TYPE)]
-
-    movq        mm4, mm0
-    movq        mm5, mm1
-    psubw       mm0, mm2                ; mm0=tmp11
-    psubw       mm1, mm3
-    paddw       mm4, mm2                ; mm4=tmp10
-    paddw       mm5, mm3                ; mm5=tmp13
-
-    psllw       mm1, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      mm1, [GOTOFF(ebx,PW_F1414)]
-    psubw       mm1, mm5                ; mm1=tmp12
-
-    movq        mm6, mm4
-    movq        mm7, mm0
-    psubw       mm4, mm5                ; mm4=tmp3
-    psubw       mm0, mm1                ; mm0=tmp2
-    paddw       mm6, mm5                ; mm6=tmp0
-    paddw       mm7, mm1                ; mm7=tmp1
-
-    movq        MMWORD [wk(1)], mm4     ; wk(1)=tmp3
-    movq        MMWORD [wk(0)], mm0     ; wk(0)=tmp2
-
-    ; -- Odd part
-
-    movq        mm2, MMWORD [MMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movq        mm3, MMWORD [MMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    pmullw      mm2, MMWORD [MMBLOCK(1,0,edx,SIZEOF_IFAST_MULT_TYPE)]
-    pmullw      mm3, MMWORD [MMBLOCK(3,0,edx,SIZEOF_IFAST_MULT_TYPE)]
-    movq        mm5, MMWORD [MMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    movq        mm1, MMWORD [MMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-    pmullw      mm5, MMWORD [MMBLOCK(5,0,edx,SIZEOF_IFAST_MULT_TYPE)]
-    pmullw      mm1, MMWORD [MMBLOCK(7,0,edx,SIZEOF_IFAST_MULT_TYPE)]
-
-    movq        mm4, mm2
-    movq        mm0, mm5
-    psubw       mm2, mm1                ; mm2=z12
-    psubw       mm5, mm3                ; mm5=z10
-    paddw       mm4, mm1                ; mm4=z11
-    paddw       mm0, mm3                ; mm0=z13
-
-    movq        mm1, mm5                ; mm1=z10(unscaled)
-    psllw       mm2, PRE_MULTIPLY_SCALE_BITS
-    psllw       mm5, PRE_MULTIPLY_SCALE_BITS
-
-    movq        mm3, mm4
-    psubw       mm4, mm0
-    paddw       mm3, mm0                ; mm3=tmp7
-
-    psllw       mm4, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      mm4, [GOTOFF(ebx,PW_F1414)]  ; mm4=tmp11
-
-    ; To avoid overflow...
-    ;
-    ; (Original)
-    ; tmp12 = -2.613125930 * z10 + z5;
-    ;
-    ; (This implementation)
-    ; tmp12 = (-1.613125930 - 1) * z10 + z5;
-    ;       = -1.613125930 * z10 - z10 + z5;
-
-    movq        mm0, mm5
-    paddw       mm5, mm2
-    pmulhw      mm5, [GOTOFF(ebx,PW_F1847)]   ; mm5=z5
-    pmulhw      mm0, [GOTOFF(ebx,PW_MF1613)]
-    pmulhw      mm2, [GOTOFF(ebx,PW_F1082)]
-    psubw       mm0, mm1
-    psubw       mm2, mm5                ; mm2=tmp10
-    paddw       mm0, mm5                ; mm0=tmp12
-
-    ; -- Final output stage
-
-    psubw       mm0, mm3                ; mm0=tmp6
-    movq        mm1, mm6
-    movq        mm5, mm7
-    paddw       mm6, mm3                ; mm6=data0=(00 01 02 03)
-    paddw       mm7, mm0                ; mm7=data1=(10 11 12 13)
-    psubw       mm1, mm3                ; mm1=data7=(70 71 72 73)
-    psubw       mm5, mm0                ; mm5=data6=(60 61 62 63)
-    psubw       mm4, mm0                ; mm4=tmp5
-
-    movq        mm3, mm6                ; transpose coefficients(phase 1)
-    punpcklwd   mm6, mm7                ; mm6=(00 10 01 11)
-    punpckhwd   mm3, mm7                ; mm3=(02 12 03 13)
-    movq        mm0, mm5                ; transpose coefficients(phase 1)
-    punpcklwd   mm5, mm1                ; mm5=(60 70 61 71)
-    punpckhwd   mm0, mm1                ; mm0=(62 72 63 73)
-
-    movq        mm7, MMWORD [wk(0)]     ; mm7=tmp2
-    movq        mm1, MMWORD [wk(1)]     ; mm1=tmp3
-
-    movq        MMWORD [wk(0)], mm5     ; wk(0)=(60 70 61 71)
-    movq        MMWORD [wk(1)], mm0     ; wk(1)=(62 72 63 73)
-
-    paddw       mm2, mm4                ; mm2=tmp4
-    movq        mm5, mm7
-    movq        mm0, mm1
-    paddw       mm7, mm4                ; mm7=data2=(20 21 22 23)
-    paddw       mm1, mm2                ; mm1=data4=(40 41 42 43)
-    psubw       mm5, mm4                ; mm5=data5=(50 51 52 53)
-    psubw       mm0, mm2                ; mm0=data3=(30 31 32 33)
-
-    movq        mm4, mm7                ; transpose coefficients(phase 1)
-    punpcklwd   mm7, mm0                ; mm7=(20 30 21 31)
-    punpckhwd   mm4, mm0                ; mm4=(22 32 23 33)
-    movq        mm2, mm1                ; transpose coefficients(phase 1)
-    punpcklwd   mm1, mm5                ; mm1=(40 50 41 51)
-    punpckhwd   mm2, mm5                ; mm2=(42 52 43 53)
-
-    movq        mm0, mm6                ; transpose coefficients(phase 2)
-    punpckldq   mm6, mm7                ; mm6=(00 10 20 30)
-    punpckhdq   mm0, mm7                ; mm0=(01 11 21 31)
-    movq        mm5, mm3                ; transpose coefficients(phase 2)
-    punpckldq   mm3, mm4                ; mm3=(02 12 22 32)
-    punpckhdq   mm5, mm4                ; mm5=(03 13 23 33)
-
-    movq        mm7, MMWORD [wk(0)]     ; mm7=(60 70 61 71)
-    movq        mm4, MMWORD [wk(1)]     ; mm4=(62 72 63 73)
-
-    movq        MMWORD [MMBLOCK(0,0,edi,SIZEOF_JCOEF)], mm6
-    movq        MMWORD [MMBLOCK(1,0,edi,SIZEOF_JCOEF)], mm0
-    movq        MMWORD [MMBLOCK(2,0,edi,SIZEOF_JCOEF)], mm3
-    movq        MMWORD [MMBLOCK(3,0,edi,SIZEOF_JCOEF)], mm5
-
-    movq        mm6, mm1                ; transpose coefficients(phase 2)
-    punpckldq   mm1, mm7                ; mm1=(40 50 60 70)
-    punpckhdq   mm6, mm7                ; mm6=(41 51 61 71)
-    movq        mm0, mm2                ; transpose coefficients(phase 2)
-    punpckldq   mm2, mm4                ; mm2=(42 52 62 72)
-    punpckhdq   mm0, mm4                ; mm0=(43 53 63 73)
-
-    movq        MMWORD [MMBLOCK(0,1,edi,SIZEOF_JCOEF)], mm1
-    movq        MMWORD [MMBLOCK(1,1,edi,SIZEOF_JCOEF)], mm6
-    movq        MMWORD [MMBLOCK(2,1,edi,SIZEOF_JCOEF)], mm2
-    movq        MMWORD [MMBLOCK(3,1,edi,SIZEOF_JCOEF)], mm0
-
-.nextcolumn:
-    add         esi, byte 4*SIZEOF_JCOEF            ; coef_block
-    add         edx, byte 4*SIZEOF_IFAST_MULT_TYPE  ; quantptr
-    add         edi, byte 4*DCTSIZE*SIZEOF_JCOEF    ; wsptr
-    dec         ecx                                 ; ctr
-    jnz         near .columnloop
-
-    ; ---- Pass 2: process rows from work array, store into output array.
-
-    mov         eax, [original_ebp]
-    lea         esi, [workspace]                   ; JCOEF *wsptr
-    mov         edi, JSAMPARRAY [output_buf(eax)]  ; (JSAMPROW *)
-    mov         eax, JDIMENSION [output_col(eax)]
-    mov         ecx, DCTSIZE/4                     ; ctr
-    alignx      16, 7
-.rowloop:
-
-    ; -- Even part
-
-    movq        mm0, MMWORD [MMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    movq        mm1, MMWORD [MMBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    movq        mm2, MMWORD [MMBLOCK(4,0,esi,SIZEOF_JCOEF)]
-    movq        mm3, MMWORD [MMBLOCK(6,0,esi,SIZEOF_JCOEF)]
-
-    movq        mm4, mm0
-    movq        mm5, mm1
-    psubw       mm0, mm2                ; mm0=tmp11
-    psubw       mm1, mm3
-    paddw       mm4, mm2                ; mm4=tmp10
-    paddw       mm5, mm3                ; mm5=tmp13
-
-    psllw       mm1, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      mm1, [GOTOFF(ebx,PW_F1414)]
-    psubw       mm1, mm5                ; mm1=tmp12
-
-    movq        mm6, mm4
-    movq        mm7, mm0
-    psubw       mm4, mm5                ; mm4=tmp3
-    psubw       mm0, mm1                ; mm0=tmp2
-    paddw       mm6, mm5                ; mm6=tmp0
-    paddw       mm7, mm1                ; mm7=tmp1
-
-    movq        MMWORD [wk(1)], mm4     ; wk(1)=tmp3
-    movq        MMWORD [wk(0)], mm0     ; wk(0)=tmp2
-
-    ; -- Odd part
-
-    movq        mm2, MMWORD [MMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movq        mm3, MMWORD [MMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    movq        mm5, MMWORD [MMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    movq        mm1, MMWORD [MMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-
-    movq        mm4, mm2
-    movq        mm0, mm5
-    psubw       mm2, mm1                ; mm2=z12
-    psubw       mm5, mm3                ; mm5=z10
-    paddw       mm4, mm1                ; mm4=z11
-    paddw       mm0, mm3                ; mm0=z13
-
-    movq        mm1, mm5                ; mm1=z10(unscaled)
-    psllw       mm2, PRE_MULTIPLY_SCALE_BITS
-    psllw       mm5, PRE_MULTIPLY_SCALE_BITS
-
-    movq        mm3, mm4
-    psubw       mm4, mm0
-    paddw       mm3, mm0                ; mm3=tmp7
-
-    psllw       mm4, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      mm4, [GOTOFF(ebx,PW_F1414)]  ; mm4=tmp11
-
-    ; To avoid overflow...
-    ;
-    ; (Original)
-    ; tmp12 = -2.613125930 * z10 + z5;
-    ;
-    ; (This implementation)
-    ; tmp12 = (-1.613125930 - 1) * z10 + z5;
-    ;       = -1.613125930 * z10 - z10 + z5;
-
-    movq        mm0, mm5
-    paddw       mm5, mm2
-    pmulhw      mm5, [GOTOFF(ebx,PW_F1847)]   ; mm5=z5
-    pmulhw      mm0, [GOTOFF(ebx,PW_MF1613)]
-    pmulhw      mm2, [GOTOFF(ebx,PW_F1082)]
-    psubw       mm0, mm1
-    psubw       mm2, mm5                ; mm2=tmp10
-    paddw       mm0, mm5                ; mm0=tmp12
-
-    ; -- Final output stage
-
-    psubw       mm0, mm3                ; mm0=tmp6
-    movq        mm1, mm6
-    movq        mm5, mm7
-    paddw       mm6, mm3                ; mm6=data0=(00 10 20 30)
-    paddw       mm7, mm0                ; mm7=data1=(01 11 21 31)
-    psraw       mm6, (PASS1_BITS+3)     ; descale
-    psraw       mm7, (PASS1_BITS+3)     ; descale
-    psubw       mm1, mm3                ; mm1=data7=(07 17 27 37)
-    psubw       mm5, mm0                ; mm5=data6=(06 16 26 36)
-    psraw       mm1, (PASS1_BITS+3)     ; descale
-    psraw       mm5, (PASS1_BITS+3)     ; descale
-    psubw       mm4, mm0                ; mm4=tmp5
-
-    packsswb    mm6, mm5                ; mm6=(00 10 20 30 06 16 26 36)
-    packsswb    mm7, mm1                ; mm7=(01 11 21 31 07 17 27 37)
-
-    movq        mm3, MMWORD [wk(0)]     ; mm3=tmp2
-    movq        mm0, MMWORD [wk(1)]     ; mm0=tmp3
-
-    paddw       mm2, mm4                ; mm2=tmp4
-    movq        mm5, mm3
-    movq        mm1, mm0
-    paddw       mm3, mm4                ; mm3=data2=(02 12 22 32)
-    paddw       mm0, mm2                ; mm0=data4=(04 14 24 34)
-    psraw       mm3, (PASS1_BITS+3)     ; descale
-    psraw       mm0, (PASS1_BITS+3)     ; descale
-    psubw       mm5, mm4                ; mm5=data5=(05 15 25 35)
-    psubw       mm1, mm2                ; mm1=data3=(03 13 23 33)
-    psraw       mm5, (PASS1_BITS+3)     ; descale
-    psraw       mm1, (PASS1_BITS+3)     ; descale
-
-    movq        mm4, [GOTOFF(ebx,PB_CENTERJSAMP)]  ; mm4=[PB_CENTERJSAMP]
-
-    packsswb    mm3, mm0                ; mm3=(02 12 22 32 04 14 24 34)
-    packsswb    mm1, mm5                ; mm1=(03 13 23 33 05 15 25 35)
-
-    paddb       mm6, mm4
-    paddb       mm7, mm4
-    paddb       mm3, mm4
-    paddb       mm1, mm4
-
-    movq        mm2, mm6                ; transpose coefficients(phase 1)
-    punpcklbw   mm6, mm7                ; mm6=(00 01 10 11 20 21 30 31)
-    punpckhbw   mm2, mm7                ; mm2=(06 07 16 17 26 27 36 37)
-    movq        mm0, mm3                ; transpose coefficients(phase 1)
-    punpcklbw   mm3, mm1                ; mm3=(02 03 12 13 22 23 32 33)
-    punpckhbw   mm0, mm1                ; mm0=(04 05 14 15 24 25 34 35)
-
-    movq        mm5, mm6                ; transpose coefficients(phase 2)
-    punpcklwd   mm6, mm3                ; mm6=(00 01 02 03 10 11 12 13)
-    punpckhwd   mm5, mm3                ; mm5=(20 21 22 23 30 31 32 33)
-    movq        mm4, mm0                ; transpose coefficients(phase 2)
-    punpcklwd   mm0, mm2                ; mm0=(04 05 06 07 14 15 16 17)
-    punpckhwd   mm4, mm2                ; mm4=(24 25 26 27 34 35 36 37)
-
-    movq        mm7, mm6                ; transpose coefficients(phase 3)
-    punpckldq   mm6, mm0                ; mm6=(00 01 02 03 04 05 06 07)
-    punpckhdq   mm7, mm0                ; mm7=(10 11 12 13 14 15 16 17)
-    movq        mm1, mm5                ; transpose coefficients(phase 3)
-    punpckldq   mm5, mm4                ; mm5=(20 21 22 23 24 25 26 27)
-    punpckhdq   mm1, mm4                ; mm1=(30 31 32 33 34 35 36 37)
-
-    pushpic     ebx                     ; save GOT address
-
-    mov         edx, JSAMPROW [edi+0*SIZEOF_JSAMPROW]
-    mov         ebx, JSAMPROW [edi+1*SIZEOF_JSAMPROW]
-    movq        MMWORD [edx+eax*SIZEOF_JSAMPLE], mm6
-    movq        MMWORD [ebx+eax*SIZEOF_JSAMPLE], mm7
-    mov         edx, JSAMPROW [edi+2*SIZEOF_JSAMPROW]
-    mov         ebx, JSAMPROW [edi+3*SIZEOF_JSAMPROW]
-    movq        MMWORD [edx+eax*SIZEOF_JSAMPLE], mm5
-    movq        MMWORD [ebx+eax*SIZEOF_JSAMPLE], mm1
-
-    poppic      ebx                     ; restore GOT address
-
-    add         esi, byte 4*SIZEOF_JCOEF     ; wsptr
-    add         edi, byte 4*SIZEOF_JSAMPROW
-    dec         ecx                          ; ctr
-    jnz         near .rowloop
-
-    emms                                ; empty MMX state
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctfst-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctfst-sse2.asm
deleted file mode 100644
index 19704ff..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctfst-sse2.asm
+++ /dev/null
@@ -1,501 +0,0 @@
-;
-; jidctfst.asm - fast integer IDCT (SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a fast, not so accurate integer implementation of
-; the inverse DCT (Discrete Cosine Transform). The following code is
-; based directly on the IJG's original jidctfst.c; see the jidctfst.c
-; for more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%define CONST_BITS  8  ; 14 is also OK.
-%define PASS1_BITS  2
-
-%if IFAST_SCALE_BITS != PASS1_BITS
-%error "'IFAST_SCALE_BITS' must be equal to 'PASS1_BITS'."
-%endif
-
-%if CONST_BITS == 8
-F_1_082 equ 277              ; FIX(1.082392200)
-F_1_414 equ 362              ; FIX(1.414213562)
-F_1_847 equ 473              ; FIX(1.847759065)
-F_2_613 equ 669              ; FIX(2.613125930)
-F_1_613 equ (F_2_613 - 256)  ; FIX(2.613125930) - FIX(1)
-%else
-; NASM cannot do compile-time arithmetic on floating-point constants.
-%define DESCALE(x, n)  (((x) + (1 << ((n) - 1))) >> (n))
-F_1_082 equ DESCALE(1162209775, 30 - CONST_BITS)  ; FIX(1.082392200)
-F_1_414 equ DESCALE(1518500249, 30 - CONST_BITS)  ; FIX(1.414213562)
-F_1_847 equ DESCALE(1984016188, 30 - CONST_BITS)  ; FIX(1.847759065)
-F_2_613 equ DESCALE(2805822602, 30 - CONST_BITS)  ; FIX(2.613125930)
-F_1_613 equ (F_2_613 - (1 << CONST_BITS))       ; FIX(2.613125930) - FIX(1)
-%endif
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-; PRE_MULTIPLY_SCALE_BITS <= 2 (to avoid overflow)
-; CONST_BITS + CONST_SHIFT + PRE_MULTIPLY_SCALE_BITS == 16 (for pmulhw)
-
-%define PRE_MULTIPLY_SCALE_BITS  2
-%define CONST_SHIFT              (16 - PRE_MULTIPLY_SCALE_BITS - CONST_BITS)
-
-    alignz      32
-    GLOBAL_DATA(jconst_idct_ifast_sse2)
-
-EXTN(jconst_idct_ifast_sse2):
-
-PW_F1414       times 8  dw  F_1_414 << CONST_SHIFT
-PW_F1847       times 8  dw  F_1_847 << CONST_SHIFT
-PW_MF1613      times 8  dw -F_1_613 << CONST_SHIFT
-PW_F1082       times 8  dw  F_1_082 << CONST_SHIFT
-PB_CENTERJSAMP times 16 db  CENTERJSAMPLE
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Perform dequantization and inverse DCT on one block of coefficients.
-;
-; GLOBAL(void)
-; jsimd_idct_ifast_sse2(void *dct_table, JCOEFPTR coef_block,
-;                       JSAMPARRAY output_buf, JDIMENSION output_col)
-;
-
-%define dct_table(b)   (b) + 8          ; jpeg_component_info *compptr
-%define coef_block(b)  (b) + 12         ; JCOEFPTR coef_block
-%define output_buf(b)  (b) + 16         ; JSAMPARRAY output_buf
-%define output_col(b)  (b) + 20         ; JDIMENSION output_col
-
-%define original_ebp   ebp + 0
-%define wk(i)          ebp - (WK_NUM - (i)) * SIZEOF_XMMWORD
-                                        ; xmmword wk[WK_NUM]
-%define WK_NUM         2
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_idct_ifast_sse2)
-
-EXTN(jsimd_idct_ifast_sse2):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     ebx
-;   push        ecx                     ; unused
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-
-    ; ---- Pass 1: process columns from input.
-
-;   mov         eax, [original_ebp]
-    mov         edx, POINTER [dct_table(eax)]    ; quantptr
-    mov         esi, JCOEFPTR [coef_block(eax)]  ; inptr
-
-%ifndef NO_ZERO_COLUMN_TEST_IFAST_SSE2
-    mov         eax, dword [DWBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    or          eax, dword [DWBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    jnz         near .columnDCT
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    por         xmm0, XMMWORD [XMMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    por         xmm1, XMMWORD [XMMBLOCK(4,0,esi,SIZEOF_JCOEF)]
-    por         xmm0, XMMWORD [XMMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    por         xmm1, XMMWORD [XMMBLOCK(6,0,esi,SIZEOF_JCOEF)]
-    por         xmm0, XMMWORD [XMMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-    por         xmm1, xmm0
-    packsswb    xmm1, xmm1
-    packsswb    xmm1, xmm1
-    movd        eax, xmm1
-    test        eax, eax
-    jnz         short .columnDCT
-
-    ; -- AC terms all zero
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    pmullw      xmm0, XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    movdqa      xmm7, xmm0              ; xmm0=in0=(00 01 02 03 04 05 06 07)
-    punpcklwd   xmm0, xmm0              ; xmm0=(00 00 01 01 02 02 03 03)
-    punpckhwd   xmm7, xmm7              ; xmm7=(04 04 05 05 06 06 07 07)
-
-    pshufd      xmm6, xmm0, 0x00        ; xmm6=col0=(00 00 00 00 00 00 00 00)
-    pshufd      xmm2, xmm0, 0x55        ; xmm2=col1=(01 01 01 01 01 01 01 01)
-    pshufd      xmm5, xmm0, 0xAA        ; xmm5=col2=(02 02 02 02 02 02 02 02)
-    pshufd      xmm0, xmm0, 0xFF        ; xmm0=col3=(03 03 03 03 03 03 03 03)
-    pshufd      xmm1, xmm7, 0x00        ; xmm1=col4=(04 04 04 04 04 04 04 04)
-    pshufd      xmm4, xmm7, 0x55        ; xmm4=col5=(05 05 05 05 05 05 05 05)
-    pshufd      xmm3, xmm7, 0xAA        ; xmm3=col6=(06 06 06 06 06 06 06 06)
-    pshufd      xmm7, xmm7, 0xFF        ; xmm7=col7=(07 07 07 07 07 07 07 07)
-
-    movdqa      XMMWORD [wk(0)], xmm2   ; wk(0)=col1
-    movdqa      XMMWORD [wk(1)], xmm0   ; wk(1)=col3
-    jmp         near .column_end
-    alignx      16, 7
-%endif
-.columnDCT:
-
-    ; -- Even part
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    pmullw      xmm0, XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_IFAST_MULT_TYPE)]
-    pmullw      xmm1, XMMWORD [XMMBLOCK(2,0,edx,SIZEOF_IFAST_MULT_TYPE)]
-    movdqa      xmm2, XMMWORD [XMMBLOCK(4,0,esi,SIZEOF_JCOEF)]
-    movdqa      xmm3, XMMWORD [XMMBLOCK(6,0,esi,SIZEOF_JCOEF)]
-    pmullw      xmm2, XMMWORD [XMMBLOCK(4,0,edx,SIZEOF_IFAST_MULT_TYPE)]
-    pmullw      xmm3, XMMWORD [XMMBLOCK(6,0,edx,SIZEOF_IFAST_MULT_TYPE)]
-
-    movdqa      xmm4, xmm0
-    movdqa      xmm5, xmm1
-    psubw       xmm0, xmm2              ; xmm0=tmp11
-    psubw       xmm1, xmm3
-    paddw       xmm4, xmm2              ; xmm4=tmp10
-    paddw       xmm5, xmm3              ; xmm5=tmp13
-
-    psllw       xmm1, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      xmm1, [GOTOFF(ebx,PW_F1414)]
-    psubw       xmm1, xmm5              ; xmm1=tmp12
-
-    movdqa      xmm6, xmm4
-    movdqa      xmm7, xmm0
-    psubw       xmm4, xmm5              ; xmm4=tmp3
-    psubw       xmm0, xmm1              ; xmm0=tmp2
-    paddw       xmm6, xmm5              ; xmm6=tmp0
-    paddw       xmm7, xmm1              ; xmm7=tmp1
-
-    movdqa      XMMWORD [wk(1)], xmm4   ; wk(1)=tmp3
-    movdqa      XMMWORD [wk(0)], xmm0   ; wk(0)=tmp2
-
-    ; -- Odd part
-
-    movdqa      xmm2, XMMWORD [XMMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movdqa      xmm3, XMMWORD [XMMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    pmullw      xmm2, XMMWORD [XMMBLOCK(1,0,edx,SIZEOF_IFAST_MULT_TYPE)]
-    pmullw      xmm3, XMMWORD [XMMBLOCK(3,0,edx,SIZEOF_IFAST_MULT_TYPE)]
-    movdqa      xmm5, XMMWORD [XMMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-    pmullw      xmm5, XMMWORD [XMMBLOCK(5,0,edx,SIZEOF_IFAST_MULT_TYPE)]
-    pmullw      xmm1, XMMWORD [XMMBLOCK(7,0,edx,SIZEOF_IFAST_MULT_TYPE)]
-
-    movdqa      xmm4, xmm2
-    movdqa      xmm0, xmm5
-    psubw       xmm2, xmm1              ; xmm2=z12
-    psubw       xmm5, xmm3              ; xmm5=z10
-    paddw       xmm4, xmm1              ; xmm4=z11
-    paddw       xmm0, xmm3              ; xmm0=z13
-
-    movdqa      xmm1, xmm5              ; xmm1=z10(unscaled)
-    psllw       xmm2, PRE_MULTIPLY_SCALE_BITS
-    psllw       xmm5, PRE_MULTIPLY_SCALE_BITS
-
-    movdqa      xmm3, xmm4
-    psubw       xmm4, xmm0
-    paddw       xmm3, xmm0              ; xmm3=tmp7
-
-    psllw       xmm4, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      xmm4, [GOTOFF(ebx,PW_F1414)]  ; xmm4=tmp11
-
-    ; To avoid overflow...
-    ;
-    ; (Original)
-    ; tmp12 = -2.613125930 * z10 + z5;
-    ;
-    ; (This implementation)
-    ; tmp12 = (-1.613125930 - 1) * z10 + z5;
-    ;       = -1.613125930 * z10 - z10 + z5;
-
-    movdqa      xmm0, xmm5
-    paddw       xmm5, xmm2
-    pmulhw      xmm5, [GOTOFF(ebx,PW_F1847)]   ; xmm5=z5
-    pmulhw      xmm0, [GOTOFF(ebx,PW_MF1613)]
-    pmulhw      xmm2, [GOTOFF(ebx,PW_F1082)]
-    psubw       xmm0, xmm1
-    psubw       xmm2, xmm5              ; xmm2=tmp10
-    paddw       xmm0, xmm5              ; xmm0=tmp12
-
-    ; -- Final output stage
-
-    psubw       xmm0, xmm3              ; xmm0=tmp6
-    movdqa      xmm1, xmm6
-    movdqa      xmm5, xmm7
-    paddw       xmm6, xmm3              ; xmm6=data0=(00 01 02 03 04 05 06 07)
-    paddw       xmm7, xmm0              ; xmm7=data1=(10 11 12 13 14 15 16 17)
-    psubw       xmm1, xmm3              ; xmm1=data7=(70 71 72 73 74 75 76 77)
-    psubw       xmm5, xmm0              ; xmm5=data6=(60 61 62 63 64 65 66 67)
-    psubw       xmm4, xmm0              ; xmm4=tmp5
-
-    movdqa      xmm3, xmm6              ; transpose coefficients(phase 1)
-    punpcklwd   xmm6, xmm7              ; xmm6=(00 10 01 11 02 12 03 13)
-    punpckhwd   xmm3, xmm7              ; xmm3=(04 14 05 15 06 16 07 17)
-    movdqa      xmm0, xmm5              ; transpose coefficients(phase 1)
-    punpcklwd   xmm5, xmm1              ; xmm5=(60 70 61 71 62 72 63 73)
-    punpckhwd   xmm0, xmm1              ; xmm0=(64 74 65 75 66 76 67 77)
-
-    movdqa      xmm7, XMMWORD [wk(0)]   ; xmm7=tmp2
-    movdqa      xmm1, XMMWORD [wk(1)]   ; xmm1=tmp3
-
-    movdqa      XMMWORD [wk(0)], xmm5   ; wk(0)=(60 70 61 71 62 72 63 73)
-    movdqa      XMMWORD [wk(1)], xmm0   ; wk(1)=(64 74 65 75 66 76 67 77)
-
-    paddw       xmm2, xmm4              ; xmm2=tmp4
-    movdqa      xmm5, xmm7
-    movdqa      xmm0, xmm1
-    paddw       xmm7, xmm4              ; xmm7=data2=(20 21 22 23 24 25 26 27)
-    paddw       xmm1, xmm2              ; xmm1=data4=(40 41 42 43 44 45 46 47)
-    psubw       xmm5, xmm4              ; xmm5=data5=(50 51 52 53 54 55 56 57)
-    psubw       xmm0, xmm2              ; xmm0=data3=(30 31 32 33 34 35 36 37)
-
-    movdqa      xmm4, xmm7              ; transpose coefficients(phase 1)
-    punpcklwd   xmm7, xmm0              ; xmm7=(20 30 21 31 22 32 23 33)
-    punpckhwd   xmm4, xmm0              ; xmm4=(24 34 25 35 26 36 27 37)
-    movdqa      xmm2, xmm1              ; transpose coefficients(phase 1)
-    punpcklwd   xmm1, xmm5              ; xmm1=(40 50 41 51 42 52 43 53)
-    punpckhwd   xmm2, xmm5              ; xmm2=(44 54 45 55 46 56 47 57)
-
-    movdqa      xmm0, xmm3              ; transpose coefficients(phase 2)
-    punpckldq   xmm3, xmm4              ; xmm3=(04 14 24 34 05 15 25 35)
-    punpckhdq   xmm0, xmm4              ; xmm0=(06 16 26 36 07 17 27 37)
-    movdqa      xmm5, xmm6              ; transpose coefficients(phase 2)
-    punpckldq   xmm6, xmm7              ; xmm6=(00 10 20 30 01 11 21 31)
-    punpckhdq   xmm5, xmm7              ; xmm5=(02 12 22 32 03 13 23 33)
-
-    movdqa      xmm4, XMMWORD [wk(0)]   ; xmm4=(60 70 61 71 62 72 63 73)
-    movdqa      xmm7, XMMWORD [wk(1)]   ; xmm7=(64 74 65 75 66 76 67 77)
-
-    movdqa      XMMWORD [wk(0)], xmm3   ; wk(0)=(04 14 24 34 05 15 25 35)
-    movdqa      XMMWORD [wk(1)], xmm0   ; wk(1)=(06 16 26 36 07 17 27 37)
-
-    movdqa      xmm3, xmm1              ; transpose coefficients(phase 2)
-    punpckldq   xmm1, xmm4              ; xmm1=(40 50 60 70 41 51 61 71)
-    punpckhdq   xmm3, xmm4              ; xmm3=(42 52 62 72 43 53 63 73)
-    movdqa      xmm0, xmm2              ; transpose coefficients(phase 2)
-    punpckldq   xmm2, xmm7              ; xmm2=(44 54 64 74 45 55 65 75)
-    punpckhdq   xmm0, xmm7              ; xmm0=(46 56 66 76 47 57 67 77)
-
-    movdqa      xmm4, xmm6              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm6, xmm1              ; xmm6=col0=(00 10 20 30 40 50 60 70)
-    punpckhqdq  xmm4, xmm1              ; xmm4=col1=(01 11 21 31 41 51 61 71)
-    movdqa      xmm7, xmm5              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm5, xmm3              ; xmm5=col2=(02 12 22 32 42 52 62 72)
-    punpckhqdq  xmm7, xmm3              ; xmm7=col3=(03 13 23 33 43 53 63 73)
-
-    movdqa      xmm1, XMMWORD [wk(0)]   ; xmm1=(04 14 24 34 05 15 25 35)
-    movdqa      xmm3, XMMWORD [wk(1)]   ; xmm3=(06 16 26 36 07 17 27 37)
-
-    movdqa      XMMWORD [wk(0)], xmm4   ; wk(0)=col1
-    movdqa      XMMWORD [wk(1)], xmm7   ; wk(1)=col3
-
-    movdqa      xmm4, xmm1              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm1, xmm2              ; xmm1=col4=(04 14 24 34 44 54 64 74)
-    punpckhqdq  xmm4, xmm2              ; xmm4=col5=(05 15 25 35 45 55 65 75)
-    movdqa      xmm7, xmm3              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm3, xmm0              ; xmm3=col6=(06 16 26 36 46 56 66 76)
-    punpckhqdq  xmm7, xmm0              ; xmm7=col7=(07 17 27 37 47 57 67 77)
-.column_end:
-
-    ; -- Prefetch the next coefficient block
-
-    prefetchnta [esi + DCTSIZE2*SIZEOF_JCOEF + 0*32]
-    prefetchnta [esi + DCTSIZE2*SIZEOF_JCOEF + 1*32]
-    prefetchnta [esi + DCTSIZE2*SIZEOF_JCOEF + 2*32]
-    prefetchnta [esi + DCTSIZE2*SIZEOF_JCOEF + 3*32]
-
-    ; ---- Pass 2: process rows from work array, store into output array.
-
-    mov         eax, [original_ebp]
-    mov         edi, JSAMPARRAY [output_buf(eax)]  ; (JSAMPROW *)
-    mov         eax, JDIMENSION [output_col(eax)]
-
-    ; -- Even part
-
-    ; xmm6=col0, xmm5=col2, xmm1=col4, xmm3=col6
-
-    movdqa      xmm2, xmm6
-    movdqa      xmm0, xmm5
-    psubw       xmm6, xmm1              ; xmm6=tmp11
-    psubw       xmm5, xmm3
-    paddw       xmm2, xmm1              ; xmm2=tmp10
-    paddw       xmm0, xmm3              ; xmm0=tmp13
-
-    psllw       xmm5, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      xmm5, [GOTOFF(ebx,PW_F1414)]
-    psubw       xmm5, xmm0              ; xmm5=tmp12
-
-    movdqa      xmm1, xmm2
-    movdqa      xmm3, xmm6
-    psubw       xmm2, xmm0              ; xmm2=tmp3
-    psubw       xmm6, xmm5              ; xmm6=tmp2
-    paddw       xmm1, xmm0              ; xmm1=tmp0
-    paddw       xmm3, xmm5              ; xmm3=tmp1
-
-    movdqa      xmm0, XMMWORD [wk(0)]   ; xmm0=col1
-    movdqa      xmm5, XMMWORD [wk(1)]   ; xmm5=col3
-
-    movdqa      XMMWORD [wk(0)], xmm2   ; wk(0)=tmp3
-    movdqa      XMMWORD [wk(1)], xmm6   ; wk(1)=tmp2
-
-    ; -- Odd part
-
-    ; xmm0=col1, xmm5=col3, xmm4=col5, xmm7=col7
-
-    movdqa      xmm2, xmm0
-    movdqa      xmm6, xmm4
-    psubw       xmm0, xmm7              ; xmm0=z12
-    psubw       xmm4, xmm5              ; xmm4=z10
-    paddw       xmm2, xmm7              ; xmm2=z11
-    paddw       xmm6, xmm5              ; xmm6=z13
-
-    movdqa      xmm7, xmm4              ; xmm7=z10(unscaled)
-    psllw       xmm0, PRE_MULTIPLY_SCALE_BITS
-    psllw       xmm4, PRE_MULTIPLY_SCALE_BITS
-
-    movdqa      xmm5, xmm2
-    psubw       xmm2, xmm6
-    paddw       xmm5, xmm6              ; xmm5=tmp7
-
-    psllw       xmm2, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      xmm2, [GOTOFF(ebx,PW_F1414)]  ; xmm2=tmp11
-
-    ; To avoid overflow...
-    ;
-    ; (Original)
-    ; tmp12 = -2.613125930 * z10 + z5;
-    ;
-    ; (This implementation)
-    ; tmp12 = (-1.613125930 - 1) * z10 + z5;
-    ;       = -1.613125930 * z10 - z10 + z5;
-
-    movdqa      xmm6, xmm4
-    paddw       xmm4, xmm0
-    pmulhw      xmm4, [GOTOFF(ebx,PW_F1847)]   ; xmm4=z5
-    pmulhw      xmm6, [GOTOFF(ebx,PW_MF1613)]
-    pmulhw      xmm0, [GOTOFF(ebx,PW_F1082)]
-    psubw       xmm6, xmm7
-    psubw       xmm0, xmm4              ; xmm0=tmp10
-    paddw       xmm6, xmm4              ; xmm6=tmp12
-
-    ; -- Final output stage
-
-    psubw       xmm6, xmm5              ; xmm6=tmp6
-    movdqa      xmm7, xmm1
-    movdqa      xmm4, xmm3
-    paddw       xmm1, xmm5              ; xmm1=data0=(00 10 20 30 40 50 60 70)
-    paddw       xmm3, xmm6              ; xmm3=data1=(01 11 21 31 41 51 61 71)
-    psraw       xmm1, (PASS1_BITS+3)    ; descale
-    psraw       xmm3, (PASS1_BITS+3)    ; descale
-    psubw       xmm7, xmm5              ; xmm7=data7=(07 17 27 37 47 57 67 77)
-    psubw       xmm4, xmm6              ; xmm4=data6=(06 16 26 36 46 56 66 76)
-    psraw       xmm7, (PASS1_BITS+3)    ; descale
-    psraw       xmm4, (PASS1_BITS+3)    ; descale
-    psubw       xmm2, xmm6              ; xmm2=tmp5
-
-    packsswb    xmm1, xmm4        ; xmm1=(00 10 20 30 40 50 60 70 06 16 26 36 46 56 66 76)
-    packsswb    xmm3, xmm7        ; xmm3=(01 11 21 31 41 51 61 71 07 17 27 37 47 57 67 77)
-
-    movdqa      xmm5, XMMWORD [wk(1)]   ; xmm5=tmp2
-    movdqa      xmm6, XMMWORD [wk(0)]   ; xmm6=tmp3
-
-    paddw       xmm0, xmm2              ; xmm0=tmp4
-    movdqa      xmm4, xmm5
-    movdqa      xmm7, xmm6
-    paddw       xmm5, xmm2              ; xmm5=data2=(02 12 22 32 42 52 62 72)
-    paddw       xmm6, xmm0              ; xmm6=data4=(04 14 24 34 44 54 64 74)
-    psraw       xmm5, (PASS1_BITS+3)    ; descale
-    psraw       xmm6, (PASS1_BITS+3)    ; descale
-    psubw       xmm4, xmm2              ; xmm4=data5=(05 15 25 35 45 55 65 75)
-    psubw       xmm7, xmm0              ; xmm7=data3=(03 13 23 33 43 53 63 73)
-    psraw       xmm4, (PASS1_BITS+3)    ; descale
-    psraw       xmm7, (PASS1_BITS+3)    ; descale
-
-    movdqa      xmm2, [GOTOFF(ebx,PB_CENTERJSAMP)]  ; xmm2=[PB_CENTERJSAMP]
-
-    packsswb    xmm5, xmm6        ; xmm5=(02 12 22 32 42 52 62 72 04 14 24 34 44 54 64 74)
-    packsswb    xmm7, xmm4        ; xmm7=(03 13 23 33 43 53 63 73 05 15 25 35 45 55 65 75)
-
-    paddb       xmm1, xmm2
-    paddb       xmm3, xmm2
-    paddb       xmm5, xmm2
-    paddb       xmm7, xmm2
-
-    movdqa      xmm0, xmm1        ; transpose coefficients(phase 1)
-    punpcklbw   xmm1, xmm3        ; xmm1=(00 01 10 11 20 21 30 31 40 41 50 51 60 61 70 71)
-    punpckhbw   xmm0, xmm3        ; xmm0=(06 07 16 17 26 27 36 37 46 47 56 57 66 67 76 77)
-    movdqa      xmm6, xmm5        ; transpose coefficients(phase 1)
-    punpcklbw   xmm5, xmm7        ; xmm5=(02 03 12 13 22 23 32 33 42 43 52 53 62 63 72 73)
-    punpckhbw   xmm6, xmm7        ; xmm6=(04 05 14 15 24 25 34 35 44 45 54 55 64 65 74 75)
-
-    movdqa      xmm4, xmm1        ; transpose coefficients(phase 2)
-    punpcklwd   xmm1, xmm5        ; xmm1=(00 01 02 03 10 11 12 13 20 21 22 23 30 31 32 33)
-    punpckhwd   xmm4, xmm5        ; xmm4=(40 41 42 43 50 51 52 53 60 61 62 63 70 71 72 73)
-    movdqa      xmm2, xmm6        ; transpose coefficients(phase 2)
-    punpcklwd   xmm6, xmm0        ; xmm6=(04 05 06 07 14 15 16 17 24 25 26 27 34 35 36 37)
-    punpckhwd   xmm2, xmm0        ; xmm2=(44 45 46 47 54 55 56 57 64 65 66 67 74 75 76 77)
-
-    movdqa      xmm3, xmm1        ; transpose coefficients(phase 3)
-    punpckldq   xmm1, xmm6        ; xmm1=(00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17)
-    punpckhdq   xmm3, xmm6        ; xmm3=(20 21 22 23 24 25 26 27 30 31 32 33 34 35 36 37)
-    movdqa      xmm7, xmm4        ; transpose coefficients(phase 3)
-    punpckldq   xmm4, xmm2        ; xmm4=(40 41 42 43 44 45 46 47 50 51 52 53 54 55 56 57)
-    punpckhdq   xmm7, xmm2        ; xmm7=(60 61 62 63 64 65 66 67 70 71 72 73 74 75 76 77)
-
-    pshufd      xmm5, xmm1, 0x4E  ; xmm5=(10 11 12 13 14 15 16 17 00 01 02 03 04 05 06 07)
-    pshufd      xmm0, xmm3, 0x4E  ; xmm0=(30 31 32 33 34 35 36 37 20 21 22 23 24 25 26 27)
-    pshufd      xmm6, xmm4, 0x4E  ; xmm6=(50 51 52 53 54 55 56 57 40 41 42 43 44 45 46 47)
-    pshufd      xmm2, xmm7, 0x4E  ; xmm2=(70 71 72 73 74 75 76 77 60 61 62 63 64 65 66 67)
-
-    mov         edx, JSAMPROW [edi+0*SIZEOF_JSAMPROW]
-    mov         esi, JSAMPROW [edi+2*SIZEOF_JSAMPROW]
-    movq        XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE], xmm1
-    movq        XMM_MMWORD [esi+eax*SIZEOF_JSAMPLE], xmm3
-    mov         edx, JSAMPROW [edi+4*SIZEOF_JSAMPROW]
-    mov         esi, JSAMPROW [edi+6*SIZEOF_JSAMPROW]
-    movq        XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE], xmm4
-    movq        XMM_MMWORD [esi+eax*SIZEOF_JSAMPLE], xmm7
-
-    mov         edx, JSAMPROW [edi+1*SIZEOF_JSAMPROW]
-    mov         esi, JSAMPROW [edi+3*SIZEOF_JSAMPROW]
-    movq        XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE], xmm5
-    movq        XMM_MMWORD [esi+eax*SIZEOF_JSAMPLE], xmm0
-    mov         edx, JSAMPROW [edi+5*SIZEOF_JSAMPROW]
-    mov         esi, JSAMPROW [edi+7*SIZEOF_JSAMPROW]
-    movq        XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE], xmm6
-    movq        XMM_MMWORD [esi+eax*SIZEOF_JSAMPLE], xmm2
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; unused
-    poppic      ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctint-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctint-avx2.asm
deleted file mode 100644
index 199c7df..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctint-avx2.asm
+++ /dev/null
@@ -1,453 +0,0 @@
-;
-; jidctint.asm - accurate integer IDCT (AVX2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, 2018, 2020, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a slower but more accurate integer implementation of the
-; inverse DCT (Discrete Cosine Transform). The following code is based
-; directly on the IJG's original jidctint.c; see the jidctint.c for
-; more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%define CONST_BITS  13
-%define PASS1_BITS  2
-
-%define DESCALE_P1  (CONST_BITS - PASS1_BITS)
-%define DESCALE_P2  (CONST_BITS + PASS1_BITS + 3)
-
-%if CONST_BITS == 13
-F_0_298 equ  2446  ; FIX(0.298631336)
-F_0_390 equ  3196  ; FIX(0.390180644)
-F_0_541 equ  4433  ; FIX(0.541196100)
-F_0_765 equ  6270  ; FIX(0.765366865)
-F_0_899 equ  7373  ; FIX(0.899976223)
-F_1_175 equ  9633  ; FIX(1.175875602)
-F_1_501 equ 12299  ; FIX(1.501321110)
-F_1_847 equ 15137  ; FIX(1.847759065)
-F_1_961 equ 16069  ; FIX(1.961570560)
-F_2_053 equ 16819  ; FIX(2.053119869)
-F_2_562 equ 20995  ; FIX(2.562915447)
-F_3_072 equ 25172  ; FIX(3.072711026)
-%else
-; NASM cannot do compile-time arithmetic on floating-point constants.
-%define DESCALE(x, n)  (((x) + (1 << ((n) - 1))) >> (n))
-F_0_298 equ DESCALE( 320652955, 30 - CONST_BITS)  ; FIX(0.298631336)
-F_0_390 equ DESCALE( 418953276, 30 - CONST_BITS)  ; FIX(0.390180644)
-F_0_541 equ DESCALE( 581104887, 30 - CONST_BITS)  ; FIX(0.541196100)
-F_0_765 equ DESCALE( 821806413, 30 - CONST_BITS)  ; FIX(0.765366865)
-F_0_899 equ DESCALE( 966342111, 30 - CONST_BITS)  ; FIX(0.899976223)
-F_1_175 equ DESCALE(1262586813, 30 - CONST_BITS)  ; FIX(1.175875602)
-F_1_501 equ DESCALE(1612031267, 30 - CONST_BITS)  ; FIX(1.501321110)
-F_1_847 equ DESCALE(1984016188, 30 - CONST_BITS)  ; FIX(1.847759065)
-F_1_961 equ DESCALE(2106220350, 30 - CONST_BITS)  ; FIX(1.961570560)
-F_2_053 equ DESCALE(2204520673, 30 - CONST_BITS)  ; FIX(2.053119869)
-F_2_562 equ DESCALE(2751909506, 30 - CONST_BITS)  ; FIX(2.562915447)
-F_3_072 equ DESCALE(3299298341, 30 - CONST_BITS)  ; FIX(3.072711026)
-%endif
-
-; --------------------------------------------------------------------------
-; In-place 8x8x16-bit inverse matrix transpose using AVX2 instructions
-; %1-%4: Input/output registers
-; %5-%8: Temp registers
-
-%macro dotranspose 8
-    ; %5=(00 10 20 30 40 50 60 70  01 11 21 31 41 51 61 71)
-    ; %6=(03 13 23 33 43 53 63 73  02 12 22 32 42 52 62 72)
-    ; %7=(04 14 24 34 44 54 64 74  05 15 25 35 45 55 65 75)
-    ; %8=(07 17 27 37 47 57 67 77  06 16 26 36 46 56 66 76)
-
-    vpermq      %5, %1, 0xD8
-    vpermq      %6, %2, 0x72
-    vpermq      %7, %3, 0xD8
-    vpermq      %8, %4, 0x72
-    ; transpose coefficients(phase 1)
-    ; %5=(00 10 20 30 01 11 21 31  40 50 60 70 41 51 61 71)
-    ; %6=(02 12 22 32 03 13 23 33  42 52 62 72 43 53 63 73)
-    ; %7=(04 14 24 34 05 15 25 35  44 54 64 74 45 55 65 75)
-    ; %8=(06 16 26 36 07 17 27 37  46 56 66 76 47 57 67 77)
-
-    vpunpcklwd  %1, %5, %6
-    vpunpckhwd  %2, %5, %6
-    vpunpcklwd  %3, %7, %8
-    vpunpckhwd  %4, %7, %8
-    ; transpose coefficients(phase 2)
-    ; %1=(00 02 10 12 20 22 30 32  40 42 50 52 60 62 70 72)
-    ; %2=(01 03 11 13 21 23 31 33  41 43 51 53 61 63 71 73)
-    ; %3=(04 06 14 16 24 26 34 36  44 46 54 56 64 66 74 76)
-    ; %4=(05 07 15 17 25 27 35 37  45 47 55 57 65 67 75 77)
-
-    vpunpcklwd  %5, %1, %2
-    vpunpcklwd  %6, %3, %4
-    vpunpckhwd  %7, %1, %2
-    vpunpckhwd  %8, %3, %4
-    ; transpose coefficients(phase 3)
-    ; %5=(00 01 02 03 10 11 12 13  40 41 42 43 50 51 52 53)
-    ; %6=(04 05 06 07 14 15 16 17  44 45 46 47 54 55 56 57)
-    ; %7=(20 21 22 23 30 31 32 33  60 61 62 63 70 71 72 73)
-    ; %8=(24 25 26 27 34 35 36 37  64 65 66 67 74 75 76 77)
-
-    vpunpcklqdq %1, %5, %6
-    vpunpckhqdq %2, %5, %6
-    vpunpcklqdq %3, %7, %8
-    vpunpckhqdq %4, %7, %8
-    ; transpose coefficients(phase 4)
-    ; %1=(00 01 02 03 04 05 06 07  40 41 42 43 44 45 46 47)
-    ; %2=(10 11 12 13 14 15 16 17  50 51 52 53 54 55 56 57)
-    ; %3=(20 21 22 23 24 25 26 27  60 61 62 63 64 65 66 67)
-    ; %4=(30 31 32 33 34 35 36 37  70 71 72 73 74 75 76 77)
-%endmacro
-
-; --------------------------------------------------------------------------
-; In-place 8x8x16-bit accurate integer inverse DCT using AVX2 instructions
-; %1-%4:  Input/output registers
-; %5-%12: Temp registers
-; %9:     Pass (1 or 2)
-
-%macro dodct 13
-    ; -- Even part
-
-    ; (Original)
-    ; z1 = (z2 + z3) * 0.541196100;
-    ; tmp2 = z1 + z3 * -1.847759065;
-    ; tmp3 = z1 + z2 * 0.765366865;
-    ;
-    ; (This implementation)
-    ; tmp2 = z2 * 0.541196100 + z3 * (0.541196100 - 1.847759065);
-    ; tmp3 = z2 * (0.541196100 + 0.765366865) + z3 * 0.541196100;
-
-    vperm2i128  %6, %3, %3, 0x01        ; %6=in6_2
-    vpunpcklwd  %5, %3, %6              ; %5=in26_62L
-    vpunpckhwd  %6, %3, %6              ; %6=in26_62H
-    vpmaddwd    %5, %5, [GOTOFF(ebx,PW_F130_F054_MF130_F054)]  ; %5=tmp3_2L
-    vpmaddwd    %6, %6, [GOTOFF(ebx,PW_F130_F054_MF130_F054)]  ; %6=tmp3_2H
-
-    vperm2i128  %7, %1, %1, 0x01        ; %7=in4_0
-    vpsignw     %1, %1, [GOTOFF(ebx,PW_1_NEG1)]
-    vpaddw      %7, %7, %1              ; %7=(in0+in4)_(in0-in4)
-
-    vpxor       %1, %1, %1
-    vpunpcklwd  %8, %1, %7              ; %8=tmp0_1L
-    vpunpckhwd  %1, %1, %7              ; %1=tmp0_1H
-    vpsrad      %8, %8, (16-CONST_BITS)  ; vpsrad %8,16 & vpslld %8,CONST_BITS
-    vpsrad      %1, %1, (16-CONST_BITS)  ; vpsrad %1,16 & vpslld %1,CONST_BITS
-
-    vpsubd      %3, %8, %5
-    vmovdqu     %11, %3                 ; %11=tmp0_1L-tmp3_2L=tmp13_12L
-    vpaddd      %3, %8, %5
-    vmovdqu     %9, %3                  ; %9=tmp0_1L+tmp3_2L=tmp10_11L
-    vpsubd      %3, %1, %6
-    vmovdqu     %12, %3                 ; %12=tmp0_1H-tmp3_2H=tmp13_12H
-    vpaddd      %3, %1, %6
-    vmovdqu     %10, %3                 ; %10=tmp0_1H+tmp3_2H=tmp10_11H
-
-    ; -- Odd part
-
-    vpaddw      %1, %4, %2              ; %1=in7_5+in3_1=z3_4
-
-    ; (Original)
-    ; z5 = (z3 + z4) * 1.175875602;
-    ; z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644;
-    ; z3 += z5;  z4 += z5;
-    ;
-    ; (This implementation)
-    ; z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602;
-    ; z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644);
-
-    vperm2i128  %8, %1, %1, 0x01        ; %8=z4_3
-    vpunpcklwd  %7, %1, %8              ; %7=z34_43L
-    vpunpckhwd  %8, %1, %8              ; %8=z34_43H
-    vpmaddwd    %7, %7, [GOTOFF(ebx,PW_MF078_F117_F078_F117)]  ; %7=z3_4L
-    vpmaddwd    %8, %8, [GOTOFF(ebx,PW_MF078_F117_F078_F117)]  ; %8=z3_4H
-
-    ; (Original)
-    ; z1 = tmp0 + tmp3;  z2 = tmp1 + tmp2;
-    ; tmp0 = tmp0 * 0.298631336;  tmp1 = tmp1 * 2.053119869;
-    ; tmp2 = tmp2 * 3.072711026;  tmp3 = tmp3 * 1.501321110;
-    ; z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447;
-    ; tmp0 += z1 + z3;  tmp1 += z2 + z4;
-    ; tmp2 += z2 + z3;  tmp3 += z1 + z4;
-    ;
-    ; (This implementation)
-    ; tmp0 = tmp0 * (0.298631336 - 0.899976223) + tmp3 * -0.899976223;
-    ; tmp1 = tmp1 * (2.053119869 - 2.562915447) + tmp2 * -2.562915447;
-    ; tmp2 = tmp1 * -2.562915447 + tmp2 * (3.072711026 - 2.562915447);
-    ; tmp3 = tmp0 * -0.899976223 + tmp3 * (1.501321110 - 0.899976223);
-    ; tmp0 += z3;  tmp1 += z4;
-    ; tmp2 += z3;  tmp3 += z4;
-
-    vperm2i128  %2, %2, %2, 0x01        ; %2=in1_3
-    vpunpcklwd  %3, %4, %2              ; %3=in71_53L
-    vpunpckhwd  %4, %4, %2              ; %4=in71_53H
-
-    vpmaddwd    %5, %3, [GOTOFF(ebx,PW_MF060_MF089_MF050_MF256)]  ; %5=tmp0_1L
-    vpmaddwd    %6, %4, [GOTOFF(ebx,PW_MF060_MF089_MF050_MF256)]  ; %6=tmp0_1H
-    vpaddd      %5, %5, %7              ; %5=tmp0_1L+z3_4L=tmp0_1L
-    vpaddd      %6, %6, %8              ; %6=tmp0_1H+z3_4H=tmp0_1H
-
-    vpmaddwd    %3, %3, [GOTOFF(ebx,PW_MF089_F060_MF256_F050)]  ; %3=tmp3_2L
-    vpmaddwd    %4, %4, [GOTOFF(ebx,PW_MF089_F060_MF256_F050)]  ; %4=tmp3_2H
-    vperm2i128  %7, %7, %7, 0x01        ; %7=z4_3L
-    vperm2i128  %8, %8, %8, 0x01        ; %8=z4_3H
-    vpaddd      %7, %3, %7              ; %7=tmp3_2L+z4_3L=tmp3_2L
-    vpaddd      %8, %4, %8              ; %8=tmp3_2H+z4_3H=tmp3_2H
-
-    ; -- Final output stage
-
-    vmovdqu     %3, %9
-    vmovdqu     %4, %10
-
-    vpaddd      %1, %3, %7              ; %1=tmp10_11L+tmp3_2L=data0_1L
-    vpaddd      %2, %4, %8              ; %2=tmp10_11H+tmp3_2H=data0_1H
-    vpaddd      %1, %1, [GOTOFF(ebx,PD_DESCALE_P %+ %13)]
-    vpaddd      %2, %2, [GOTOFF(ebx,PD_DESCALE_P %+ %13)]
-    vpsrad      %1, %1, DESCALE_P %+ %13
-    vpsrad      %2, %2, DESCALE_P %+ %13
-    vpackssdw   %1, %1, %2              ; %1=data0_1
-
-    vpsubd      %3, %3, %7              ; %3=tmp10_11L-tmp3_2L=data7_6L
-    vpsubd      %4, %4, %8              ; %4=tmp10_11H-tmp3_2H=data7_6H
-    vpaddd      %3, %3, [GOTOFF(ebx,PD_DESCALE_P %+ %13)]
-    vpaddd      %4, %4, [GOTOFF(ebx,PD_DESCALE_P %+ %13)]
-    vpsrad      %3, %3, DESCALE_P %+ %13
-    vpsrad      %4, %4, DESCALE_P %+ %13
-    vpackssdw   %4, %3, %4              ; %4=data7_6
-
-    vmovdqu     %7, %11
-    vmovdqu     %8, %12
-
-    vpaddd      %2, %7, %5              ; %7=tmp13_12L+tmp0_1L=data3_2L
-    vpaddd      %3, %8, %6              ; %8=tmp13_12H+tmp0_1H=data3_2H
-    vpaddd      %2, %2, [GOTOFF(ebx,PD_DESCALE_P %+ %13)]
-    vpaddd      %3, %3, [GOTOFF(ebx,PD_DESCALE_P %+ %13)]
-    vpsrad      %2, %2, DESCALE_P %+ %13
-    vpsrad      %3, %3, DESCALE_P %+ %13
-    vpackssdw   %2, %2, %3              ; %2=data3_2
-
-    vpsubd      %3, %7, %5              ; %7=tmp13_12L-tmp0_1L=data4_5L
-    vpsubd      %6, %8, %6              ; %8=tmp13_12H-tmp0_1H=data4_5H
-    vpaddd      %3, %3, [GOTOFF(ebx,PD_DESCALE_P %+ %13)]
-    vpaddd      %6, %6, [GOTOFF(ebx,PD_DESCALE_P %+ %13)]
-    vpsrad      %3, %3, DESCALE_P %+ %13
-    vpsrad      %6, %6, DESCALE_P %+ %13
-    vpackssdw   %3, %3, %6              ; %3=data4_5
-%endmacro
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_idct_islow_avx2)
-
-EXTN(jconst_idct_islow_avx2):
-
-PW_F130_F054_MF130_F054    times 4  dw  (F_0_541 + F_0_765),  F_0_541
-                           times 4  dw  (F_0_541 - F_1_847),  F_0_541
-PW_MF078_F117_F078_F117    times 4  dw  (F_1_175 - F_1_961),  F_1_175
-                           times 4  dw  (F_1_175 - F_0_390),  F_1_175
-PW_MF060_MF089_MF050_MF256 times 4  dw  (F_0_298 - F_0_899), -F_0_899
-                           times 4  dw  (F_2_053 - F_2_562), -F_2_562
-PW_MF089_F060_MF256_F050   times 4  dw -F_0_899, (F_1_501 - F_0_899)
-                           times 4  dw -F_2_562, (F_3_072 - F_2_562)
-PD_DESCALE_P1              times 8  dd  1 << (DESCALE_P1 - 1)
-PD_DESCALE_P2              times 8  dd  1 << (DESCALE_P2 - 1)
-PB_CENTERJSAMP             times 32 db  CENTERJSAMPLE
-PW_1_NEG1                  times 8  dw  1
-                           times 8  dw -1
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Perform dequantization and inverse DCT on one block of coefficients.
-;
-; GLOBAL(void)
-; jsimd_idct_islow_avx2(void *dct_table, JCOEFPTR coef_block,
-;                       JSAMPARRAY output_buf, JDIMENSION output_col)
-;
-
-%define dct_table(b)   (b) + 8          ; jpeg_component_info *compptr
-%define coef_block(b)  (b) + 12         ; JCOEFPTR coef_block
-%define output_buf(b)  (b) + 16         ; JSAMPARRAY output_buf
-%define output_col(b)  (b) + 20         ; JDIMENSION output_col
-
-%define original_ebp   ebp + 0
-%define wk(i)          ebp - (WK_NUM - (i)) * SIZEOF_YMMWORD
-                                        ; ymmword wk[WK_NUM]
-%define WK_NUM         4
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_idct_islow_avx2)
-
-EXTN(jsimd_idct_islow_avx2):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     ebx
-;   push        ecx                     ; unused
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-
-    ; ---- Pass 1: process columns.
-
-;   mov         eax, [original_ebp]
-    mov         edx, POINTER [dct_table(eax)]    ; quantptr
-    mov         esi, JCOEFPTR [coef_block(eax)]  ; inptr
-
-%ifndef NO_ZERO_COLUMN_TEST_ISLOW_AVX2
-    mov         eax, dword [DWBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    or          eax, dword [DWBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    jnz         near .columnDCT
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    vpor        xmm0, xmm0, XMMWORD [XMMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    vpor        xmm1, xmm1, XMMWORD [XMMBLOCK(4,0,esi,SIZEOF_JCOEF)]
-    vpor        xmm0, xmm0, XMMWORD [XMMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    vpor        xmm1, xmm1, XMMWORD [XMMBLOCK(6,0,esi,SIZEOF_JCOEF)]
-    vpor        xmm0, xmm0, XMMWORD [XMMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-    vpor        xmm1, xmm1, xmm0
-    vpacksswb   xmm1, xmm1, xmm1
-    vpacksswb   xmm1, xmm1, xmm1
-    movd        eax, xmm1
-    test        eax, eax
-    jnz         short .columnDCT
-
-    ; -- AC terms all zero
-
-    movdqa      xmm5, XMMWORD [XMMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    vpmullw     xmm5, xmm5, XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    vpsllw      xmm5, xmm5, PASS1_BITS
-
-    vpunpcklwd  xmm4, xmm5, xmm5        ; xmm4=(00 00 01 01 02 02 03 03)
-    vpunpckhwd  xmm5, xmm5, xmm5        ; xmm5=(04 04 05 05 06 06 07 07)
-    vinserti128 ymm4, ymm4, xmm5, 1
-
-    vpshufd     ymm0, ymm4, 0x00        ; ymm0=col0_4=(00 00 00 00 00 00 00 00  04 04 04 04 04 04 04 04)
-    vpshufd     ymm1, ymm4, 0x55        ; ymm1=col1_5=(01 01 01 01 01 01 01 01  05 05 05 05 05 05 05 05)
-    vpshufd     ymm2, ymm4, 0xAA        ; ymm2=col2_6=(02 02 02 02 02 02 02 02  06 06 06 06 06 06 06 06)
-    vpshufd     ymm3, ymm4, 0xFF        ; ymm3=col3_7=(03 03 03 03 03 03 03 03  07 07 07 07 07 07 07 07)
-
-    jmp         near .column_end
-    alignx      16, 7
-%endif
-.columnDCT:
-
-    vmovdqu     ymm4, YMMWORD [YMMBLOCK(0,0,esi,SIZEOF_JCOEF)]  ; ymm4=in0_1
-    vmovdqu     ymm5, YMMWORD [YMMBLOCK(2,0,esi,SIZEOF_JCOEF)]  ; ymm5=in2_3
-    vmovdqu     ymm6, YMMWORD [YMMBLOCK(4,0,esi,SIZEOF_JCOEF)]  ; ymm6=in4_5
-    vmovdqu     ymm7, YMMWORD [YMMBLOCK(6,0,esi,SIZEOF_JCOEF)]  ; ymm7=in6_7
-    vpmullw     ymm4, ymm4, YMMWORD [YMMBLOCK(0,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    vpmullw     ymm5, ymm5, YMMWORD [YMMBLOCK(2,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    vpmullw     ymm6, ymm6, YMMWORD [YMMBLOCK(4,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    vpmullw     ymm7, ymm7, YMMWORD [YMMBLOCK(6,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    vperm2i128  ymm0, ymm4, ymm6, 0x20  ; ymm0=in0_4
-    vperm2i128  ymm1, ymm5, ymm4, 0x31  ; ymm1=in3_1
-    vperm2i128  ymm2, ymm5, ymm7, 0x20  ; ymm2=in2_6
-    vperm2i128  ymm3, ymm7, ymm6, 0x31  ; ymm3=in7_5
-
-    dodct ymm0, ymm1, ymm2, ymm3, ymm4, ymm5, ymm6, ymm7, XMMWORD [wk(0)], XMMWORD [wk(1)], XMMWORD [wk(2)], XMMWORD [wk(3)], 1
-    ; ymm0=data0_1, ymm1=data3_2, ymm2=data4_5, ymm3=data7_6
-
-    dotranspose ymm0, ymm1, ymm2, ymm3, ymm4, ymm5, ymm6, ymm7
-    ; ymm0=data0_4, ymm1=data1_5, ymm2=data2_6, ymm3=data3_7
-
-.column_end:
-
-    ; -- Prefetch the next coefficient block
-
-    prefetchnta [esi + DCTSIZE2*SIZEOF_JCOEF + 0*32]
-    prefetchnta [esi + DCTSIZE2*SIZEOF_JCOEF + 1*32]
-    prefetchnta [esi + DCTSIZE2*SIZEOF_JCOEF + 2*32]
-    prefetchnta [esi + DCTSIZE2*SIZEOF_JCOEF + 3*32]
-
-    ; ---- Pass 2: process rows.
-
-    mov         eax, [original_ebp]
-    mov         edi, JSAMPARRAY [output_buf(eax)]  ; (JSAMPROW *)
-    mov         eax, JDIMENSION [output_col(eax)]
-
-    vperm2i128  ymm4, ymm3, ymm1, 0x31  ; ymm3=in7_5
-    vperm2i128  ymm1, ymm3, ymm1, 0x20  ; ymm1=in3_1
-
-    dodct ymm0, ymm1, ymm2, ymm4, ymm3, ymm5, ymm6, ymm7, XMMWORD [wk(0)], XMMWORD [wk(1)], XMMWORD [wk(2)], XMMWORD [wk(3)], 2
-    ; ymm0=data0_1, ymm1=data3_2, ymm2=data4_5, ymm4=data7_6
-
-    dotranspose ymm0, ymm1, ymm2, ymm4, ymm3, ymm5, ymm6, ymm7
-    ; ymm0=data0_4, ymm1=data1_5, ymm2=data2_6, ymm4=data3_7
-
-    vpacksswb   ymm0, ymm0, ymm1        ; ymm0=data01_45
-    vpacksswb   ymm1, ymm2, ymm4        ; ymm1=data23_67
-    vpaddb      ymm0, ymm0, [GOTOFF(ebx,PB_CENTERJSAMP)]
-    vpaddb      ymm1, ymm1, [GOTOFF(ebx,PB_CENTERJSAMP)]
-
-    vextracti128 xmm6, ymm1, 1          ; xmm3=data67
-    vextracti128 xmm4, ymm0, 1          ; xmm2=data45
-    vextracti128 xmm2, ymm1, 0          ; xmm1=data23
-    vextracti128 xmm0, ymm0, 0          ; xmm0=data01
-
-    vpshufd     xmm1, xmm0, 0x4E  ; xmm1=(10 11 12 13 14 15 16 17 00 01 02 03 04 05 06 07)
-    vpshufd     xmm3, xmm2, 0x4E  ; xmm3=(30 31 32 33 34 35 36 37 20 21 22 23 24 25 26 27)
-    vpshufd     xmm5, xmm4, 0x4E  ; xmm5=(50 51 52 53 54 55 56 57 40 41 42 43 44 45 46 47)
-    vpshufd     xmm7, xmm6, 0x4E  ; xmm7=(70 71 72 73 74 75 76 77 60 61 62 63 64 65 66 67)
-
-    vzeroupper
-
-    mov         edx, JSAMPROW [edi+0*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         esi, JSAMPROW [edi+1*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    movq        XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE], xmm0
-    movq        XMM_MMWORD [esi+eax*SIZEOF_JSAMPLE], xmm1
-
-    mov         edx, JSAMPROW [edi+2*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         esi, JSAMPROW [edi+3*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    movq        XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE], xmm2
-    movq        XMM_MMWORD [esi+eax*SIZEOF_JSAMPLE], xmm3
-
-    mov         edx, JSAMPROW [edi+4*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         esi, JSAMPROW [edi+5*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    movq        XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE], xmm4
-    movq        XMM_MMWORD [esi+eax*SIZEOF_JSAMPLE], xmm5
-
-    mov         edx, JSAMPROW [edi+6*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         esi, JSAMPROW [edi+7*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    movq        XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE], xmm6
-    movq        XMM_MMWORD [esi+eax*SIZEOF_JSAMPLE], xmm7
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; unused
-    poppic      ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctint-mmx.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctint-mmx.asm
deleted file mode 100644
index f15c8d3..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctint-mmx.asm
+++ /dev/null
@@ -1,851 +0,0 @@
-;
-; jidctint.asm - accurate integer IDCT (MMX)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, 2020, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a slower but more accurate integer implementation of the
-; inverse DCT (Discrete Cosine Transform). The following code is based
-; directly on the IJG's original jidctint.c; see the jidctint.c for
-; more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%define CONST_BITS  13
-%define PASS1_BITS  2
-
-%define DESCALE_P1  (CONST_BITS - PASS1_BITS)
-%define DESCALE_P2  (CONST_BITS + PASS1_BITS + 3)
-
-%if CONST_BITS == 13
-F_0_298 equ  2446  ; FIX(0.298631336)
-F_0_390 equ  3196  ; FIX(0.390180644)
-F_0_541 equ  4433  ; FIX(0.541196100)
-F_0_765 equ  6270  ; FIX(0.765366865)
-F_0_899 equ  7373  ; FIX(0.899976223)
-F_1_175 equ  9633  ; FIX(1.175875602)
-F_1_501 equ 12299  ; FIX(1.501321110)
-F_1_847 equ 15137  ; FIX(1.847759065)
-F_1_961 equ 16069  ; FIX(1.961570560)
-F_2_053 equ 16819  ; FIX(2.053119869)
-F_2_562 equ 20995  ; FIX(2.562915447)
-F_3_072 equ 25172  ; FIX(3.072711026)
-%else
-; NASM cannot do compile-time arithmetic on floating-point constants.
-%define DESCALE(x, n)  (((x) + (1 << ((n) - 1))) >> (n))
-F_0_298 equ DESCALE( 320652955, 30 - CONST_BITS)  ; FIX(0.298631336)
-F_0_390 equ DESCALE( 418953276, 30 - CONST_BITS)  ; FIX(0.390180644)
-F_0_541 equ DESCALE( 581104887, 30 - CONST_BITS)  ; FIX(0.541196100)
-F_0_765 equ DESCALE( 821806413, 30 - CONST_BITS)  ; FIX(0.765366865)
-F_0_899 equ DESCALE( 966342111, 30 - CONST_BITS)  ; FIX(0.899976223)
-F_1_175 equ DESCALE(1262586813, 30 - CONST_BITS)  ; FIX(1.175875602)
-F_1_501 equ DESCALE(1612031267, 30 - CONST_BITS)  ; FIX(1.501321110)
-F_1_847 equ DESCALE(1984016188, 30 - CONST_BITS)  ; FIX(1.847759065)
-F_1_961 equ DESCALE(2106220350, 30 - CONST_BITS)  ; FIX(1.961570560)
-F_2_053 equ DESCALE(2204520673, 30 - CONST_BITS)  ; FIX(2.053119869)
-F_2_562 equ DESCALE(2751909506, 30 - CONST_BITS)  ; FIX(2.562915447)
-F_3_072 equ DESCALE(3299298341, 30 - CONST_BITS)  ; FIX(3.072711026)
-%endif
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_idct_islow_mmx)
-
-EXTN(jconst_idct_islow_mmx):
-
-PW_F130_F054   times 2 dw  (F_0_541 + F_0_765),  F_0_541
-PW_F054_MF130  times 2 dw  F_0_541, (F_0_541 - F_1_847)
-PW_MF078_F117  times 2 dw  (F_1_175 - F_1_961),  F_1_175
-PW_F117_F078   times 2 dw  F_1_175, (F_1_175 - F_0_390)
-PW_MF060_MF089 times 2 dw  (F_0_298 - F_0_899), -F_0_899
-PW_MF089_F060  times 2 dw -F_0_899, (F_1_501 - F_0_899)
-PW_MF050_MF256 times 2 dw  (F_2_053 - F_2_562), -F_2_562
-PW_MF256_F050  times 2 dw -F_2_562, (F_3_072 - F_2_562)
-PD_DESCALE_P1  times 2 dd  1 << (DESCALE_P1 - 1)
-PD_DESCALE_P2  times 2 dd  1 << (DESCALE_P2 - 1)
-PB_CENTERJSAMP times 8 db  CENTERJSAMPLE
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Perform dequantization and inverse DCT on one block of coefficients.
-;
-; GLOBAL(void)
-; jsimd_idct_islow_mmx(void *dct_table, JCOEFPTR coef_block,
-;                      JSAMPARRAY output_buf, JDIMENSION output_col)
-;
-
-%define dct_table(b)   (b) + 8          ; jpeg_component_info *compptr
-%define coef_block(b)  (b) + 12         ; JCOEFPTR coef_block
-%define output_buf(b)  (b) + 16         ; JSAMPARRAY output_buf
-%define output_col(b)  (b) + 20         ; JDIMENSION output_col
-
-%define original_ebp   ebp + 0
-%define wk(i)          ebp - (WK_NUM - (i)) * SIZEOF_MMWORD
-                                        ; mmword wk[WK_NUM]
-%define WK_NUM         12
-%define workspace      wk(0) - DCTSIZE2 * SIZEOF_JCOEF
-                                        ; JCOEF workspace[DCTSIZE2]
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_idct_islow_mmx)
-
-EXTN(jsimd_idct_islow_mmx):
-    push        ebp
-    mov         eax, esp                    ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_MMWORD)  ; align to 64 bits
-    mov         [esp], eax
-    mov         ebp, esp                    ; ebp = aligned ebp
-    lea         esp, [workspace]
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-
-    ; ---- Pass 1: process columns from input, store into work array.
-
-;   mov         eax, [original_ebp]
-    mov         edx, POINTER [dct_table(eax)]    ; quantptr
-    mov         esi, JCOEFPTR [coef_block(eax)]  ; inptr
-    lea         edi, [workspace]                 ; JCOEF *wsptr
-    mov         ecx, DCTSIZE/4                   ; ctr
-    alignx      16, 7
-.columnloop:
-%ifndef NO_ZERO_COLUMN_TEST_ISLOW_MMX
-    mov         eax, dword [DWBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    or          eax, dword [DWBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    jnz         short .columnDCT
-
-    movq        mm0, MMWORD [MMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movq        mm1, MMWORD [MMBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    por         mm0, MMWORD [MMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    por         mm1, MMWORD [MMBLOCK(4,0,esi,SIZEOF_JCOEF)]
-    por         mm0, MMWORD [MMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    por         mm1, MMWORD [MMBLOCK(6,0,esi,SIZEOF_JCOEF)]
-    por         mm0, MMWORD [MMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-    por         mm1, mm0
-    packsswb    mm1, mm1
-    movd        eax, mm1
-    test        eax, eax
-    jnz         short .columnDCT
-
-    ; -- AC terms all zero
-
-    movq        mm0, MMWORD [MMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    pmullw      mm0, MMWORD [MMBLOCK(0,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    psllw       mm0, PASS1_BITS
-
-    movq        mm2, mm0                ; mm0=in0=(00 01 02 03)
-    punpcklwd   mm0, mm0                ; mm0=(00 00 01 01)
-    punpckhwd   mm2, mm2                ; mm2=(02 02 03 03)
-
-    movq        mm1, mm0
-    punpckldq   mm0, mm0                ; mm0=(00 00 00 00)
-    punpckhdq   mm1, mm1                ; mm1=(01 01 01 01)
-    movq        mm3, mm2
-    punpckldq   mm2, mm2                ; mm2=(02 02 02 02)
-    punpckhdq   mm3, mm3                ; mm3=(03 03 03 03)
-
-    movq        MMWORD [MMBLOCK(0,0,edi,SIZEOF_JCOEF)], mm0
-    movq        MMWORD [MMBLOCK(0,1,edi,SIZEOF_JCOEF)], mm0
-    movq        MMWORD [MMBLOCK(1,0,edi,SIZEOF_JCOEF)], mm1
-    movq        MMWORD [MMBLOCK(1,1,edi,SIZEOF_JCOEF)], mm1
-    movq        MMWORD [MMBLOCK(2,0,edi,SIZEOF_JCOEF)], mm2
-    movq        MMWORD [MMBLOCK(2,1,edi,SIZEOF_JCOEF)], mm2
-    movq        MMWORD [MMBLOCK(3,0,edi,SIZEOF_JCOEF)], mm3
-    movq        MMWORD [MMBLOCK(3,1,edi,SIZEOF_JCOEF)], mm3
-    jmp         near .nextcolumn
-    alignx      16, 7
-%endif
-.columnDCT:
-
-    ; -- Even part
-
-    movq        mm0, MMWORD [MMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    movq        mm1, MMWORD [MMBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    pmullw      mm0, MMWORD [MMBLOCK(0,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      mm1, MMWORD [MMBLOCK(2,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    movq        mm2, MMWORD [MMBLOCK(4,0,esi,SIZEOF_JCOEF)]
-    movq        mm3, MMWORD [MMBLOCK(6,0,esi,SIZEOF_JCOEF)]
-    pmullw      mm2, MMWORD [MMBLOCK(4,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      mm3, MMWORD [MMBLOCK(6,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    ; (Original)
-    ; z1 = (z2 + z3) * 0.541196100;
-    ; tmp2 = z1 + z3 * -1.847759065;
-    ; tmp3 = z1 + z2 * 0.765366865;
-    ;
-    ; (This implementation)
-    ; tmp2 = z2 * 0.541196100 + z3 * (0.541196100 - 1.847759065);
-    ; tmp3 = z2 * (0.541196100 + 0.765366865) + z3 * 0.541196100;
-
-    movq        mm4, mm1                ; mm1=in2=z2
-    movq        mm5, mm1
-    punpcklwd   mm4, mm3                ; mm3=in6=z3
-    punpckhwd   mm5, mm3
-    movq        mm1, mm4
-    movq        mm3, mm5
-    pmaddwd     mm4, [GOTOFF(ebx,PW_F130_F054)]   ; mm4=tmp3L
-    pmaddwd     mm5, [GOTOFF(ebx,PW_F130_F054)]   ; mm5=tmp3H
-    pmaddwd     mm1, [GOTOFF(ebx,PW_F054_MF130)]  ; mm1=tmp2L
-    pmaddwd     mm3, [GOTOFF(ebx,PW_F054_MF130)]  ; mm3=tmp2H
-
-    movq        mm6, mm0
-    paddw       mm0, mm2                ; mm0=in0+in4
-    psubw       mm6, mm2                ; mm6=in0-in4
-
-    pxor        mm7, mm7
-    pxor        mm2, mm2
-    punpcklwd   mm7, mm0                ; mm7=tmp0L
-    punpckhwd   mm2, mm0                ; mm2=tmp0H
-    psrad       mm7, (16-CONST_BITS)    ; psrad mm7,16 & pslld mm7,CONST_BITS
-    psrad       mm2, (16-CONST_BITS)    ; psrad mm2,16 & pslld mm2,CONST_BITS
-
-    movq        mm0, mm7
-    paddd       mm7, mm4                ; mm7=tmp10L
-    psubd       mm0, mm4                ; mm0=tmp13L
-    movq        mm4, mm2
-    paddd       mm2, mm5                ; mm2=tmp10H
-    psubd       mm4, mm5                ; mm4=tmp13H
-
-    movq        MMWORD [wk(0)], mm7     ; wk(0)=tmp10L
-    movq        MMWORD [wk(1)], mm2     ; wk(1)=tmp10H
-    movq        MMWORD [wk(2)], mm0     ; wk(2)=tmp13L
-    movq        MMWORD [wk(3)], mm4     ; wk(3)=tmp13H
-
-    pxor        mm5, mm5
-    pxor        mm7, mm7
-    punpcklwd   mm5, mm6                ; mm5=tmp1L
-    punpckhwd   mm7, mm6                ; mm7=tmp1H
-    psrad       mm5, (16-CONST_BITS)    ; psrad mm5,16 & pslld mm5,CONST_BITS
-    psrad       mm7, (16-CONST_BITS)    ; psrad mm7,16 & pslld mm7,CONST_BITS
-
-    movq        mm2, mm5
-    paddd       mm5, mm1                ; mm5=tmp11L
-    psubd       mm2, mm1                ; mm2=tmp12L
-    movq        mm0, mm7
-    paddd       mm7, mm3                ; mm7=tmp11H
-    psubd       mm0, mm3                ; mm0=tmp12H
-
-    movq        MMWORD [wk(4)], mm5     ; wk(4)=tmp11L
-    movq        MMWORD [wk(5)], mm7     ; wk(5)=tmp11H
-    movq        MMWORD [wk(6)], mm2     ; wk(6)=tmp12L
-    movq        MMWORD [wk(7)], mm0     ; wk(7)=tmp12H
-
-    ; -- Odd part
-
-    movq        mm4, MMWORD [MMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movq        mm6, MMWORD [MMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    pmullw      mm4, MMWORD [MMBLOCK(1,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      mm6, MMWORD [MMBLOCK(3,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    movq        mm1, MMWORD [MMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    movq        mm3, MMWORD [MMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-    pmullw      mm1, MMWORD [MMBLOCK(5,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      mm3, MMWORD [MMBLOCK(7,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    movq        mm5, mm6
-    movq        mm7, mm4
-    paddw       mm5, mm3                ; mm5=z3
-    paddw       mm7, mm1                ; mm7=z4
-
-    ; (Original)
-    ; z5 = (z3 + z4) * 1.175875602;
-    ; z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644;
-    ; z3 += z5;  z4 += z5;
-    ;
-    ; (This implementation)
-    ; z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602;
-    ; z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644);
-
-    movq        mm2, mm5
-    movq        mm0, mm5
-    punpcklwd   mm2, mm7
-    punpckhwd   mm0, mm7
-    movq        mm5, mm2
-    movq        mm7, mm0
-    pmaddwd     mm2, [GOTOFF(ebx,PW_MF078_F117)]  ; mm2=z3L
-    pmaddwd     mm0, [GOTOFF(ebx,PW_MF078_F117)]  ; mm0=z3H
-    pmaddwd     mm5, [GOTOFF(ebx,PW_F117_F078)]   ; mm5=z4L
-    pmaddwd     mm7, [GOTOFF(ebx,PW_F117_F078)]   ; mm7=z4H
-
-    movq        MMWORD [wk(10)], mm2    ; wk(10)=z3L
-    movq        MMWORD [wk(11)], mm0    ; wk(11)=z3H
-
-    ; (Original)
-    ; z1 = tmp0 + tmp3;  z2 = tmp1 + tmp2;
-    ; tmp0 = tmp0 * 0.298631336;  tmp1 = tmp1 * 2.053119869;
-    ; tmp2 = tmp2 * 3.072711026;  tmp3 = tmp3 * 1.501321110;
-    ; z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447;
-    ; tmp0 += z1 + z3;  tmp1 += z2 + z4;
-    ; tmp2 += z2 + z3;  tmp3 += z1 + z4;
-    ;
-    ; (This implementation)
-    ; tmp0 = tmp0 * (0.298631336 - 0.899976223) + tmp3 * -0.899976223;
-    ; tmp1 = tmp1 * (2.053119869 - 2.562915447) + tmp2 * -2.562915447;
-    ; tmp2 = tmp1 * -2.562915447 + tmp2 * (3.072711026 - 2.562915447);
-    ; tmp3 = tmp0 * -0.899976223 + tmp3 * (1.501321110 - 0.899976223);
-    ; tmp0 += z3;  tmp1 += z4;
-    ; tmp2 += z3;  tmp3 += z4;
-
-    movq        mm2, mm3
-    movq        mm0, mm3
-    punpcklwd   mm2, mm4
-    punpckhwd   mm0, mm4
-    movq        mm3, mm2
-    movq        mm4, mm0
-    pmaddwd     mm2, [GOTOFF(ebx,PW_MF060_MF089)]  ; mm2=tmp0L
-    pmaddwd     mm0, [GOTOFF(ebx,PW_MF060_MF089)]  ; mm0=tmp0H
-    pmaddwd     mm3, [GOTOFF(ebx,PW_MF089_F060)]   ; mm3=tmp3L
-    pmaddwd     mm4, [GOTOFF(ebx,PW_MF089_F060)]   ; mm4=tmp3H
-
-    paddd       mm2, MMWORD [wk(10)]    ; mm2=tmp0L
-    paddd       mm0, MMWORD [wk(11)]    ; mm0=tmp0H
-    paddd       mm3, mm5                ; mm3=tmp3L
-    paddd       mm4, mm7                ; mm4=tmp3H
-
-    movq        MMWORD [wk(8)], mm2     ; wk(8)=tmp0L
-    movq        MMWORD [wk(9)], mm0     ; wk(9)=tmp0H
-
-    movq        mm2, mm1
-    movq        mm0, mm1
-    punpcklwd   mm2, mm6
-    punpckhwd   mm0, mm6
-    movq        mm1, mm2
-    movq        mm6, mm0
-    pmaddwd     mm2, [GOTOFF(ebx,PW_MF050_MF256)]  ; mm2=tmp1L
-    pmaddwd     mm0, [GOTOFF(ebx,PW_MF050_MF256)]  ; mm0=tmp1H
-    pmaddwd     mm1, [GOTOFF(ebx,PW_MF256_F050)]   ; mm1=tmp2L
-    pmaddwd     mm6, [GOTOFF(ebx,PW_MF256_F050)]   ; mm6=tmp2H
-
-    paddd       mm2, mm5                ; mm2=tmp1L
-    paddd       mm0, mm7                ; mm0=tmp1H
-    paddd       mm1, MMWORD [wk(10)]    ; mm1=tmp2L
-    paddd       mm6, MMWORD [wk(11)]    ; mm6=tmp2H
-
-    movq        MMWORD [wk(10)], mm2    ; wk(10)=tmp1L
-    movq        MMWORD [wk(11)], mm0    ; wk(11)=tmp1H
-
-    ; -- Final output stage
-
-    movq        mm5, MMWORD [wk(0)]     ; mm5=tmp10L
-    movq        mm7, MMWORD [wk(1)]     ; mm7=tmp10H
-
-    movq        mm2, mm5
-    movq        mm0, mm7
-    paddd       mm5, mm3                ; mm5=data0L
-    paddd       mm7, mm4                ; mm7=data0H
-    psubd       mm2, mm3                ; mm2=data7L
-    psubd       mm0, mm4                ; mm0=data7H
-
-    movq        mm3, [GOTOFF(ebx,PD_DESCALE_P1)]  ; mm3=[PD_DESCALE_P1]
-
-    paddd       mm5, mm3
-    paddd       mm7, mm3
-    psrad       mm5, DESCALE_P1
-    psrad       mm7, DESCALE_P1
-    paddd       mm2, mm3
-    paddd       mm0, mm3
-    psrad       mm2, DESCALE_P1
-    psrad       mm0, DESCALE_P1
-
-    packssdw    mm5, mm7                ; mm5=data0=(00 01 02 03)
-    packssdw    mm2, mm0                ; mm2=data7=(70 71 72 73)
-
-    movq        mm4, MMWORD [wk(4)]     ; mm4=tmp11L
-    movq        mm3, MMWORD [wk(5)]     ; mm3=tmp11H
-
-    movq        mm7, mm4
-    movq        mm0, mm3
-    paddd       mm4, mm1                ; mm4=data1L
-    paddd       mm3, mm6                ; mm3=data1H
-    psubd       mm7, mm1                ; mm7=data6L
-    psubd       mm0, mm6                ; mm0=data6H
-
-    movq        mm1, [GOTOFF(ebx,PD_DESCALE_P1)]  ; mm1=[PD_DESCALE_P1]
-
-    paddd       mm4, mm1
-    paddd       mm3, mm1
-    psrad       mm4, DESCALE_P1
-    psrad       mm3, DESCALE_P1
-    paddd       mm7, mm1
-    paddd       mm0, mm1
-    psrad       mm7, DESCALE_P1
-    psrad       mm0, DESCALE_P1
-
-    packssdw    mm4, mm3                ; mm4=data1=(10 11 12 13)
-    packssdw    mm7, mm0                ; mm7=data6=(60 61 62 63)
-
-    movq        mm6, mm5                ; transpose coefficients(phase 1)
-    punpcklwd   mm5, mm4                ; mm5=(00 10 01 11)
-    punpckhwd   mm6, mm4                ; mm6=(02 12 03 13)
-    movq        mm1, mm7                ; transpose coefficients(phase 1)
-    punpcklwd   mm7, mm2                ; mm7=(60 70 61 71)
-    punpckhwd   mm1, mm2                ; mm1=(62 72 63 73)
-
-    movq        mm3, MMWORD [wk(6)]     ; mm3=tmp12L
-    movq        mm0, MMWORD [wk(7)]     ; mm0=tmp12H
-    movq        mm4, MMWORD [wk(10)]    ; mm4=tmp1L
-    movq        mm2, MMWORD [wk(11)]    ; mm2=tmp1H
-
-    movq        MMWORD [wk(0)], mm5     ; wk(0)=(00 10 01 11)
-    movq        MMWORD [wk(1)], mm6     ; wk(1)=(02 12 03 13)
-    movq        MMWORD [wk(4)], mm7     ; wk(4)=(60 70 61 71)
-    movq        MMWORD [wk(5)], mm1     ; wk(5)=(62 72 63 73)
-
-    movq        mm5, mm3
-    movq        mm6, mm0
-    paddd       mm3, mm4                ; mm3=data2L
-    paddd       mm0, mm2                ; mm0=data2H
-    psubd       mm5, mm4                ; mm5=data5L
-    psubd       mm6, mm2                ; mm6=data5H
-
-    movq        mm7, [GOTOFF(ebx,PD_DESCALE_P1)]  ; mm7=[PD_DESCALE_P1]
-
-    paddd       mm3, mm7
-    paddd       mm0, mm7
-    psrad       mm3, DESCALE_P1
-    psrad       mm0, DESCALE_P1
-    paddd       mm5, mm7
-    paddd       mm6, mm7
-    psrad       mm5, DESCALE_P1
-    psrad       mm6, DESCALE_P1
-
-    packssdw    mm3, mm0                ; mm3=data2=(20 21 22 23)
-    packssdw    mm5, mm6                ; mm5=data5=(50 51 52 53)
-
-    movq        mm1, MMWORD [wk(2)]     ; mm1=tmp13L
-    movq        mm4, MMWORD [wk(3)]     ; mm4=tmp13H
-    movq        mm2, MMWORD [wk(8)]     ; mm2=tmp0L
-    movq        mm7, MMWORD [wk(9)]     ; mm7=tmp0H
-
-    movq        mm0, mm1
-    movq        mm6, mm4
-    paddd       mm1, mm2                ; mm1=data3L
-    paddd       mm4, mm7                ; mm4=data3H
-    psubd       mm0, mm2                ; mm0=data4L
-    psubd       mm6, mm7                ; mm6=data4H
-
-    movq        mm2, [GOTOFF(ebx,PD_DESCALE_P1)]  ; mm2=[PD_DESCALE_P1]
-
-    paddd       mm1, mm2
-    paddd       mm4, mm2
-    psrad       mm1, DESCALE_P1
-    psrad       mm4, DESCALE_P1
-    paddd       mm0, mm2
-    paddd       mm6, mm2
-    psrad       mm0, DESCALE_P1
-    psrad       mm6, DESCALE_P1
-
-    packssdw    mm1, mm4                ; mm1=data3=(30 31 32 33)
-    packssdw    mm0, mm6                ; mm0=data4=(40 41 42 43)
-
-    movq        mm7, MMWORD [wk(0)]     ; mm7=(00 10 01 11)
-    movq        mm2, MMWORD [wk(1)]     ; mm2=(02 12 03 13)
-
-    movq        mm4, mm3                ; transpose coefficients(phase 1)
-    punpcklwd   mm3, mm1                ; mm3=(20 30 21 31)
-    punpckhwd   mm4, mm1                ; mm4=(22 32 23 33)
-    movq        mm6, mm0                ; transpose coefficients(phase 1)
-    punpcklwd   mm0, mm5                ; mm0=(40 50 41 51)
-    punpckhwd   mm6, mm5                ; mm6=(42 52 43 53)
-
-    movq        mm1, mm7                ; transpose coefficients(phase 2)
-    punpckldq   mm7, mm3                ; mm7=(00 10 20 30)
-    punpckhdq   mm1, mm3                ; mm1=(01 11 21 31)
-    movq        mm5, mm2                ; transpose coefficients(phase 2)
-    punpckldq   mm2, mm4                ; mm2=(02 12 22 32)
-    punpckhdq   mm5, mm4                ; mm5=(03 13 23 33)
-
-    movq        mm3, MMWORD [wk(4)]     ; mm3=(60 70 61 71)
-    movq        mm4, MMWORD [wk(5)]     ; mm4=(62 72 63 73)
-
-    movq        MMWORD [MMBLOCK(0,0,edi,SIZEOF_JCOEF)], mm7
-    movq        MMWORD [MMBLOCK(1,0,edi,SIZEOF_JCOEF)], mm1
-    movq        MMWORD [MMBLOCK(2,0,edi,SIZEOF_JCOEF)], mm2
-    movq        MMWORD [MMBLOCK(3,0,edi,SIZEOF_JCOEF)], mm5
-
-    movq        mm7, mm0                ; transpose coefficients(phase 2)
-    punpckldq   mm0, mm3                ; mm0=(40 50 60 70)
-    punpckhdq   mm7, mm3                ; mm7=(41 51 61 71)
-    movq        mm1, mm6                ; transpose coefficients(phase 2)
-    punpckldq   mm6, mm4                ; mm6=(42 52 62 72)
-    punpckhdq   mm1, mm4                ; mm1=(43 53 63 73)
-
-    movq        MMWORD [MMBLOCK(0,1,edi,SIZEOF_JCOEF)], mm0
-    movq        MMWORD [MMBLOCK(1,1,edi,SIZEOF_JCOEF)], mm7
-    movq        MMWORD [MMBLOCK(2,1,edi,SIZEOF_JCOEF)], mm6
-    movq        MMWORD [MMBLOCK(3,1,edi,SIZEOF_JCOEF)], mm1
-
-.nextcolumn:
-    add         esi, byte 4*SIZEOF_JCOEF            ; coef_block
-    add         edx, byte 4*SIZEOF_ISLOW_MULT_TYPE  ; quantptr
-    add         edi, byte 4*DCTSIZE*SIZEOF_JCOEF    ; wsptr
-    dec         ecx                                 ; ctr
-    jnz         near .columnloop
-
-    ; ---- Pass 2: process rows from work array, store into output array.
-
-    mov         eax, [original_ebp]
-    lea         esi, [workspace]                   ; JCOEF *wsptr
-    mov         edi, JSAMPARRAY [output_buf(eax)]  ; (JSAMPROW *)
-    mov         eax, JDIMENSION [output_col(eax)]
-    mov         ecx, DCTSIZE/4                     ; ctr
-    alignx      16, 7
-.rowloop:
-
-    ; -- Even part
-
-    movq        mm0, MMWORD [MMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    movq        mm1, MMWORD [MMBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    movq        mm2, MMWORD [MMBLOCK(4,0,esi,SIZEOF_JCOEF)]
-    movq        mm3, MMWORD [MMBLOCK(6,0,esi,SIZEOF_JCOEF)]
-
-    ; (Original)
-    ; z1 = (z2 + z3) * 0.541196100;
-    ; tmp2 = z1 + z3 * -1.847759065;
-    ; tmp3 = z1 + z2 * 0.765366865;
-    ;
-    ; (This implementation)
-    ; tmp2 = z2 * 0.541196100 + z3 * (0.541196100 - 1.847759065);
-    ; tmp3 = z2 * (0.541196100 + 0.765366865) + z3 * 0.541196100;
-
-    movq        mm4, mm1                ; mm1=in2=z2
-    movq        mm5, mm1
-    punpcklwd   mm4, mm3                ; mm3=in6=z3
-    punpckhwd   mm5, mm3
-    movq        mm1, mm4
-    movq        mm3, mm5
-    pmaddwd     mm4, [GOTOFF(ebx,PW_F130_F054)]   ; mm4=tmp3L
-    pmaddwd     mm5, [GOTOFF(ebx,PW_F130_F054)]   ; mm5=tmp3H
-    pmaddwd     mm1, [GOTOFF(ebx,PW_F054_MF130)]  ; mm1=tmp2L
-    pmaddwd     mm3, [GOTOFF(ebx,PW_F054_MF130)]  ; mm3=tmp2H
-
-    movq        mm6, mm0
-    paddw       mm0, mm2                ; mm0=in0+in4
-    psubw       mm6, mm2                ; mm6=in0-in4
-
-    pxor        mm7, mm7
-    pxor        mm2, mm2
-    punpcklwd   mm7, mm0                ; mm7=tmp0L
-    punpckhwd   mm2, mm0                ; mm2=tmp0H
-    psrad       mm7, (16-CONST_BITS)    ; psrad mm7,16 & pslld mm7,CONST_BITS
-    psrad       mm2, (16-CONST_BITS)    ; psrad mm2,16 & pslld mm2,CONST_BITS
-
-    movq        mm0, mm7
-    paddd       mm7, mm4                ; mm7=tmp10L
-    psubd       mm0, mm4                ; mm0=tmp13L
-    movq        mm4, mm2
-    paddd       mm2, mm5                ; mm2=tmp10H
-    psubd       mm4, mm5                ; mm4=tmp13H
-
-    movq        MMWORD [wk(0)], mm7     ; wk(0)=tmp10L
-    movq        MMWORD [wk(1)], mm2     ; wk(1)=tmp10H
-    movq        MMWORD [wk(2)], mm0     ; wk(2)=tmp13L
-    movq        MMWORD [wk(3)], mm4     ; wk(3)=tmp13H
-
-    pxor        mm5, mm5
-    pxor        mm7, mm7
-    punpcklwd   mm5, mm6                ; mm5=tmp1L
-    punpckhwd   mm7, mm6                ; mm7=tmp1H
-    psrad       mm5, (16-CONST_BITS)    ; psrad mm5,16 & pslld mm5,CONST_BITS
-    psrad       mm7, (16-CONST_BITS)    ; psrad mm7,16 & pslld mm7,CONST_BITS
-
-    movq        mm2, mm5
-    paddd       mm5, mm1                ; mm5=tmp11L
-    psubd       mm2, mm1                ; mm2=tmp12L
-    movq        mm0, mm7
-    paddd       mm7, mm3                ; mm7=tmp11H
-    psubd       mm0, mm3                ; mm0=tmp12H
-
-    movq        MMWORD [wk(4)], mm5     ; wk(4)=tmp11L
-    movq        MMWORD [wk(5)], mm7     ; wk(5)=tmp11H
-    movq        MMWORD [wk(6)], mm2     ; wk(6)=tmp12L
-    movq        MMWORD [wk(7)], mm0     ; wk(7)=tmp12H
-
-    ; -- Odd part
-
-    movq        mm4, MMWORD [MMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movq        mm6, MMWORD [MMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    movq        mm1, MMWORD [MMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    movq        mm3, MMWORD [MMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-
-    movq        mm5, mm6
-    movq        mm7, mm4
-    paddw       mm5, mm3                ; mm5=z3
-    paddw       mm7, mm1                ; mm7=z4
-
-    ; (Original)
-    ; z5 = (z3 + z4) * 1.175875602;
-    ; z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644;
-    ; z3 += z5;  z4 += z5;
-    ;
-    ; (This implementation)
-    ; z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602;
-    ; z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644);
-
-    movq        mm2, mm5
-    movq        mm0, mm5
-    punpcklwd   mm2, mm7
-    punpckhwd   mm0, mm7
-    movq        mm5, mm2
-    movq        mm7, mm0
-    pmaddwd     mm2, [GOTOFF(ebx,PW_MF078_F117)]  ; mm2=z3L
-    pmaddwd     mm0, [GOTOFF(ebx,PW_MF078_F117)]  ; mm0=z3H
-    pmaddwd     mm5, [GOTOFF(ebx,PW_F117_F078)]   ; mm5=z4L
-    pmaddwd     mm7, [GOTOFF(ebx,PW_F117_F078)]   ; mm7=z4H
-
-    movq        MMWORD [wk(10)], mm2    ; wk(10)=z3L
-    movq        MMWORD [wk(11)], mm0    ; wk(11)=z3H
-
-    ; (Original)
-    ; z1 = tmp0 + tmp3;  z2 = tmp1 + tmp2;
-    ; tmp0 = tmp0 * 0.298631336;  tmp1 = tmp1 * 2.053119869;
-    ; tmp2 = tmp2 * 3.072711026;  tmp3 = tmp3 * 1.501321110;
-    ; z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447;
-    ; tmp0 += z1 + z3;  tmp1 += z2 + z4;
-    ; tmp2 += z2 + z3;  tmp3 += z1 + z4;
-    ;
-    ; (This implementation)
-    ; tmp0 = tmp0 * (0.298631336 - 0.899976223) + tmp3 * -0.899976223;
-    ; tmp1 = tmp1 * (2.053119869 - 2.562915447) + tmp2 * -2.562915447;
-    ; tmp2 = tmp1 * -2.562915447 + tmp2 * (3.072711026 - 2.562915447);
-    ; tmp3 = tmp0 * -0.899976223 + tmp3 * (1.501321110 - 0.899976223);
-    ; tmp0 += z3;  tmp1 += z4;
-    ; tmp2 += z3;  tmp3 += z4;
-
-    movq        mm2, mm3
-    movq        mm0, mm3
-    punpcklwd   mm2, mm4
-    punpckhwd   mm0, mm4
-    movq        mm3, mm2
-    movq        mm4, mm0
-    pmaddwd     mm2, [GOTOFF(ebx,PW_MF060_MF089)]  ; mm2=tmp0L
-    pmaddwd     mm0, [GOTOFF(ebx,PW_MF060_MF089)]  ; mm0=tmp0H
-    pmaddwd     mm3, [GOTOFF(ebx,PW_MF089_F060)]   ; mm3=tmp3L
-    pmaddwd     mm4, [GOTOFF(ebx,PW_MF089_F060)]   ; mm4=tmp3H
-
-    paddd       mm2, MMWORD [wk(10)]    ; mm2=tmp0L
-    paddd       mm0, MMWORD [wk(11)]    ; mm0=tmp0H
-    paddd       mm3, mm5                ; mm3=tmp3L
-    paddd       mm4, mm7                ; mm4=tmp3H
-
-    movq        MMWORD [wk(8)], mm2     ; wk(8)=tmp0L
-    movq        MMWORD [wk(9)], mm0     ; wk(9)=tmp0H
-
-    movq        mm2, mm1
-    movq        mm0, mm1
-    punpcklwd   mm2, mm6
-    punpckhwd   mm0, mm6
-    movq        mm1, mm2
-    movq        mm6, mm0
-    pmaddwd     mm2, [GOTOFF(ebx,PW_MF050_MF256)]  ; mm2=tmp1L
-    pmaddwd     mm0, [GOTOFF(ebx,PW_MF050_MF256)]  ; mm0=tmp1H
-    pmaddwd     mm1, [GOTOFF(ebx,PW_MF256_F050)]   ; mm1=tmp2L
-    pmaddwd     mm6, [GOTOFF(ebx,PW_MF256_F050)]   ; mm6=tmp2H
-
-    paddd       mm2, mm5                ; mm2=tmp1L
-    paddd       mm0, mm7                ; mm0=tmp1H
-    paddd       mm1, MMWORD [wk(10)]    ; mm1=tmp2L
-    paddd       mm6, MMWORD [wk(11)]    ; mm6=tmp2H
-
-    movq        MMWORD [wk(10)], mm2    ; wk(10)=tmp1L
-    movq        MMWORD [wk(11)], mm0    ; wk(11)=tmp1H
-
-    ; -- Final output stage
-
-    movq        mm5, MMWORD [wk(0)]     ; mm5=tmp10L
-    movq        mm7, MMWORD [wk(1)]     ; mm7=tmp10H
-
-    movq        mm2, mm5
-    movq        mm0, mm7
-    paddd       mm5, mm3                ; mm5=data0L
-    paddd       mm7, mm4                ; mm7=data0H
-    psubd       mm2, mm3                ; mm2=data7L
-    psubd       mm0, mm4                ; mm0=data7H
-
-    movq        mm3, [GOTOFF(ebx,PD_DESCALE_P2)]  ; mm3=[PD_DESCALE_P2]
-
-    paddd       mm5, mm3
-    paddd       mm7, mm3
-    psrad       mm5, DESCALE_P2
-    psrad       mm7, DESCALE_P2
-    paddd       mm2, mm3
-    paddd       mm0, mm3
-    psrad       mm2, DESCALE_P2
-    psrad       mm0, DESCALE_P2
-
-    packssdw    mm5, mm7                ; mm5=data0=(00 10 20 30)
-    packssdw    mm2, mm0                ; mm2=data7=(07 17 27 37)
-
-    movq        mm4, MMWORD [wk(4)]     ; mm4=tmp11L
-    movq        mm3, MMWORD [wk(5)]     ; mm3=tmp11H
-
-    movq        mm7, mm4
-    movq        mm0, mm3
-    paddd       mm4, mm1                ; mm4=data1L
-    paddd       mm3, mm6                ; mm3=data1H
-    psubd       mm7, mm1                ; mm7=data6L
-    psubd       mm0, mm6                ; mm0=data6H
-
-    movq        mm1, [GOTOFF(ebx,PD_DESCALE_P2)]  ; mm1=[PD_DESCALE_P2]
-
-    paddd       mm4, mm1
-    paddd       mm3, mm1
-    psrad       mm4, DESCALE_P2
-    psrad       mm3, DESCALE_P2
-    paddd       mm7, mm1
-    paddd       mm0, mm1
-    psrad       mm7, DESCALE_P2
-    psrad       mm0, DESCALE_P2
-
-    packssdw    mm4, mm3                ; mm4=data1=(01 11 21 31)
-    packssdw    mm7, mm0                ; mm7=data6=(06 16 26 36)
-
-    packsswb    mm5, mm7                ; mm5=(00 10 20 30 06 16 26 36)
-    packsswb    mm4, mm2                ; mm4=(01 11 21 31 07 17 27 37)
-
-    movq        mm6, MMWORD [wk(6)]     ; mm6=tmp12L
-    movq        mm1, MMWORD [wk(7)]     ; mm1=tmp12H
-    movq        mm3, MMWORD [wk(10)]    ; mm3=tmp1L
-    movq        mm0, MMWORD [wk(11)]    ; mm0=tmp1H
-
-    movq        MMWORD [wk(0)], mm5     ; wk(0)=(00 10 20 30 06 16 26 36)
-    movq        MMWORD [wk(1)], mm4     ; wk(1)=(01 11 21 31 07 17 27 37)
-
-    movq        mm7, mm6
-    movq        mm2, mm1
-    paddd       mm6, mm3                ; mm6=data2L
-    paddd       mm1, mm0                ; mm1=data2H
-    psubd       mm7, mm3                ; mm7=data5L
-    psubd       mm2, mm0                ; mm2=data5H
-
-    movq        mm5, [GOTOFF(ebx,PD_DESCALE_P2)]  ; mm5=[PD_DESCALE_P2]
-
-    paddd       mm6, mm5
-    paddd       mm1, mm5
-    psrad       mm6, DESCALE_P2
-    psrad       mm1, DESCALE_P2
-    paddd       mm7, mm5
-    paddd       mm2, mm5
-    psrad       mm7, DESCALE_P2
-    psrad       mm2, DESCALE_P2
-
-    packssdw    mm6, mm1                ; mm6=data2=(02 12 22 32)
-    packssdw    mm7, mm2                ; mm7=data5=(05 15 25 35)
-
-    movq        mm4, MMWORD [wk(2)]     ; mm4=tmp13L
-    movq        mm3, MMWORD [wk(3)]     ; mm3=tmp13H
-    movq        mm0, MMWORD [wk(8)]     ; mm0=tmp0L
-    movq        mm5, MMWORD [wk(9)]     ; mm5=tmp0H
-
-    movq        mm1, mm4
-    movq        mm2, mm3
-    paddd       mm4, mm0                ; mm4=data3L
-    paddd       mm3, mm5                ; mm3=data3H
-    psubd       mm1, mm0                ; mm1=data4L
-    psubd       mm2, mm5                ; mm2=data4H
-
-    movq        mm0, [GOTOFF(ebx,PD_DESCALE_P2)]  ; mm0=[PD_DESCALE_P2]
-
-    paddd       mm4, mm0
-    paddd       mm3, mm0
-    psrad       mm4, DESCALE_P2
-    psrad       mm3, DESCALE_P2
-    paddd       mm1, mm0
-    paddd       mm2, mm0
-    psrad       mm1, DESCALE_P2
-    psrad       mm2, DESCALE_P2
-
-    movq        mm5, [GOTOFF(ebx,PB_CENTERJSAMP)]  ; mm5=[PB_CENTERJSAMP]
-
-    packssdw    mm4, mm3                ; mm4=data3=(03 13 23 33)
-    packssdw    mm1, mm2                ; mm1=data4=(04 14 24 34)
-
-    movq        mm0, MMWORD [wk(0)]     ; mm0=(00 10 20 30 06 16 26 36)
-    movq        mm3, MMWORD [wk(1)]     ; mm3=(01 11 21 31 07 17 27 37)
-
-    packsswb    mm6, mm1                ; mm6=(02 12 22 32 04 14 24 34)
-    packsswb    mm4, mm7                ; mm4=(03 13 23 33 05 15 25 35)
-
-    paddb       mm0, mm5
-    paddb       mm3, mm5
-    paddb       mm6, mm5
-    paddb       mm4, mm5
-
-    movq        mm2, mm0                ; transpose coefficients(phase 1)
-    punpcklbw   mm0, mm3                ; mm0=(00 01 10 11 20 21 30 31)
-    punpckhbw   mm2, mm3                ; mm2=(06 07 16 17 26 27 36 37)
-    movq        mm1, mm6                ; transpose coefficients(phase 1)
-    punpcklbw   mm6, mm4                ; mm6=(02 03 12 13 22 23 32 33)
-    punpckhbw   mm1, mm4                ; mm1=(04 05 14 15 24 25 34 35)
-
-    movq        mm7, mm0                ; transpose coefficients(phase 2)
-    punpcklwd   mm0, mm6                ; mm0=(00 01 02 03 10 11 12 13)
-    punpckhwd   mm7, mm6                ; mm7=(20 21 22 23 30 31 32 33)
-    movq        mm5, mm1                ; transpose coefficients(phase 2)
-    punpcklwd   mm1, mm2                ; mm1=(04 05 06 07 14 15 16 17)
-    punpckhwd   mm5, mm2                ; mm5=(24 25 26 27 34 35 36 37)
-
-    movq        mm3, mm0                ; transpose coefficients(phase 3)
-    punpckldq   mm0, mm1                ; mm0=(00 01 02 03 04 05 06 07)
-    punpckhdq   mm3, mm1                ; mm3=(10 11 12 13 14 15 16 17)
-    movq        mm4, mm7                ; transpose coefficients(phase 3)
-    punpckldq   mm7, mm5                ; mm7=(20 21 22 23 24 25 26 27)
-    punpckhdq   mm4, mm5                ; mm4=(30 31 32 33 34 35 36 37)
-
-    pushpic     ebx                     ; save GOT address
-
-    mov         edx, JSAMPROW [edi+0*SIZEOF_JSAMPROW]
-    mov         ebx, JSAMPROW [edi+1*SIZEOF_JSAMPROW]
-    movq        MMWORD [edx+eax*SIZEOF_JSAMPLE], mm0
-    movq        MMWORD [ebx+eax*SIZEOF_JSAMPLE], mm3
-    mov         edx, JSAMPROW [edi+2*SIZEOF_JSAMPROW]
-    mov         ebx, JSAMPROW [edi+3*SIZEOF_JSAMPROW]
-    movq        MMWORD [edx+eax*SIZEOF_JSAMPLE], mm7
-    movq        MMWORD [ebx+eax*SIZEOF_JSAMPLE], mm4
-
-    poppic      ebx                     ; restore GOT address
-
-    add         esi, byte 4*SIZEOF_JCOEF     ; wsptr
-    add         edi, byte 4*SIZEOF_JSAMPROW
-    dec         ecx                          ; ctr
-    jnz         near .rowloop
-
-    emms                                ; empty MMX state
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctint-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctint-sse2.asm
deleted file mode 100644
index 43e3201..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctint-sse2.asm
+++ /dev/null
@@ -1,858 +0,0 @@
-;
-; jidctint.asm - accurate integer IDCT (SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, 2020, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a slower but more accurate integer implementation of the
-; inverse DCT (Discrete Cosine Transform). The following code is based
-; directly on the IJG's original jidctint.c; see the jidctint.c for
-; more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%define CONST_BITS  13
-%define PASS1_BITS  2
-
-%define DESCALE_P1  (CONST_BITS - PASS1_BITS)
-%define DESCALE_P2  (CONST_BITS + PASS1_BITS + 3)
-
-%if CONST_BITS == 13
-F_0_298 equ  2446  ; FIX(0.298631336)
-F_0_390 equ  3196  ; FIX(0.390180644)
-F_0_541 equ  4433  ; FIX(0.541196100)
-F_0_765 equ  6270  ; FIX(0.765366865)
-F_0_899 equ  7373  ; FIX(0.899976223)
-F_1_175 equ  9633  ; FIX(1.175875602)
-F_1_501 equ 12299  ; FIX(1.501321110)
-F_1_847 equ 15137  ; FIX(1.847759065)
-F_1_961 equ 16069  ; FIX(1.961570560)
-F_2_053 equ 16819  ; FIX(2.053119869)
-F_2_562 equ 20995  ; FIX(2.562915447)
-F_3_072 equ 25172  ; FIX(3.072711026)
-%else
-; NASM cannot do compile-time arithmetic on floating-point constants.
-%define DESCALE(x, n)  (((x) + (1 << ((n) - 1))) >> (n))
-F_0_298 equ DESCALE( 320652955, 30 - CONST_BITS)  ; FIX(0.298631336)
-F_0_390 equ DESCALE( 418953276, 30 - CONST_BITS)  ; FIX(0.390180644)
-F_0_541 equ DESCALE( 581104887, 30 - CONST_BITS)  ; FIX(0.541196100)
-F_0_765 equ DESCALE( 821806413, 30 - CONST_BITS)  ; FIX(0.765366865)
-F_0_899 equ DESCALE( 966342111, 30 - CONST_BITS)  ; FIX(0.899976223)
-F_1_175 equ DESCALE(1262586813, 30 - CONST_BITS)  ; FIX(1.175875602)
-F_1_501 equ DESCALE(1612031267, 30 - CONST_BITS)  ; FIX(1.501321110)
-F_1_847 equ DESCALE(1984016188, 30 - CONST_BITS)  ; FIX(1.847759065)
-F_1_961 equ DESCALE(2106220350, 30 - CONST_BITS)  ; FIX(1.961570560)
-F_2_053 equ DESCALE(2204520673, 30 - CONST_BITS)  ; FIX(2.053119869)
-F_2_562 equ DESCALE(2751909506, 30 - CONST_BITS)  ; FIX(2.562915447)
-F_3_072 equ DESCALE(3299298341, 30 - CONST_BITS)  ; FIX(3.072711026)
-%endif
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_idct_islow_sse2)
-
-EXTN(jconst_idct_islow_sse2):
-
-PW_F130_F054   times 4  dw  (F_0_541 + F_0_765),  F_0_541
-PW_F054_MF130  times 4  dw  F_0_541, (F_0_541 - F_1_847)
-PW_MF078_F117  times 4  dw  (F_1_175 - F_1_961),  F_1_175
-PW_F117_F078   times 4  dw  F_1_175, (F_1_175 - F_0_390)
-PW_MF060_MF089 times 4  dw  (F_0_298 - F_0_899), -F_0_899
-PW_MF089_F060  times 4  dw -F_0_899, (F_1_501 - F_0_899)
-PW_MF050_MF256 times 4  dw  (F_2_053 - F_2_562), -F_2_562
-PW_MF256_F050  times 4  dw -F_2_562, (F_3_072 - F_2_562)
-PD_DESCALE_P1  times 4  dd  1 << (DESCALE_P1 - 1)
-PD_DESCALE_P2  times 4  dd  1 << (DESCALE_P2 - 1)
-PB_CENTERJSAMP times 16 db  CENTERJSAMPLE
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Perform dequantization and inverse DCT on one block of coefficients.
-;
-; GLOBAL(void)
-; jsimd_idct_islow_sse2(void *dct_table, JCOEFPTR coef_block,
-;                       JSAMPARRAY output_buf, JDIMENSION output_col)
-;
-
-%define dct_table(b)   (b) + 8          ; jpeg_component_info *compptr
-%define coef_block(b)  (b) + 12         ; JCOEFPTR coef_block
-%define output_buf(b)  (b) + 16         ; JSAMPARRAY output_buf
-%define output_col(b)  (b) + 20         ; JDIMENSION output_col
-
-%define original_ebp   ebp + 0
-%define wk(i)          ebp - (WK_NUM - (i)) * SIZEOF_XMMWORD
-                                        ; xmmword wk[WK_NUM]
-%define WK_NUM         12
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_idct_islow_sse2)
-
-EXTN(jsimd_idct_islow_sse2):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     ebx
-;   push        ecx                     ; unused
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-
-    ; ---- Pass 1: process columns from input.
-
-;   mov         eax, [original_ebp]
-    mov         edx, POINTER [dct_table(eax)]    ; quantptr
-    mov         esi, JCOEFPTR [coef_block(eax)]  ; inptr
-
-%ifndef NO_ZERO_COLUMN_TEST_ISLOW_SSE2
-    mov         eax, dword [DWBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    or          eax, dword [DWBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    jnz         near .columnDCT
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    por         xmm0, XMMWORD [XMMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    por         xmm1, XMMWORD [XMMBLOCK(4,0,esi,SIZEOF_JCOEF)]
-    por         xmm0, XMMWORD [XMMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    por         xmm1, XMMWORD [XMMBLOCK(6,0,esi,SIZEOF_JCOEF)]
-    por         xmm0, XMMWORD [XMMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-    por         xmm1, xmm0
-    packsswb    xmm1, xmm1
-    packsswb    xmm1, xmm1
-    movd        eax, xmm1
-    test        eax, eax
-    jnz         short .columnDCT
-
-    ; -- AC terms all zero
-
-    movdqa      xmm5, XMMWORD [XMMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    pmullw      xmm5, XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    psllw       xmm5, PASS1_BITS
-
-    movdqa      xmm4, xmm5              ; xmm5=in0=(00 01 02 03 04 05 06 07)
-    punpcklwd   xmm5, xmm5              ; xmm5=(00 00 01 01 02 02 03 03)
-    punpckhwd   xmm4, xmm4              ; xmm4=(04 04 05 05 06 06 07 07)
-
-    pshufd      xmm7, xmm5, 0x00        ; xmm7=col0=(00 00 00 00 00 00 00 00)
-    pshufd      xmm6, xmm5, 0x55        ; xmm6=col1=(01 01 01 01 01 01 01 01)
-    pshufd      xmm1, xmm5, 0xAA        ; xmm1=col2=(02 02 02 02 02 02 02 02)
-    pshufd      xmm5, xmm5, 0xFF        ; xmm5=col3=(03 03 03 03 03 03 03 03)
-    pshufd      xmm0, xmm4, 0x00        ; xmm0=col4=(04 04 04 04 04 04 04 04)
-    pshufd      xmm3, xmm4, 0x55        ; xmm3=col5=(05 05 05 05 05 05 05 05)
-    pshufd      xmm2, xmm4, 0xAA        ; xmm2=col6=(06 06 06 06 06 06 06 06)
-    pshufd      xmm4, xmm4, 0xFF        ; xmm4=col7=(07 07 07 07 07 07 07 07)
-
-    movdqa      XMMWORD [wk(8)], xmm6   ; wk(8)=col1
-    movdqa      XMMWORD [wk(9)], xmm5   ; wk(9)=col3
-    movdqa      XMMWORD [wk(10)], xmm3  ; wk(10)=col5
-    movdqa      XMMWORD [wk(11)], xmm4  ; wk(11)=col7
-    jmp         near .column_end
-    alignx      16, 7
-%endif
-.columnDCT:
-
-    ; -- Even part
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    pmullw      xmm0, XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      xmm1, XMMWORD [XMMBLOCK(2,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    movdqa      xmm2, XMMWORD [XMMBLOCK(4,0,esi,SIZEOF_JCOEF)]
-    movdqa      xmm3, XMMWORD [XMMBLOCK(6,0,esi,SIZEOF_JCOEF)]
-    pmullw      xmm2, XMMWORD [XMMBLOCK(4,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      xmm3, XMMWORD [XMMBLOCK(6,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    ; (Original)
-    ; z1 = (z2 + z3) * 0.541196100;
-    ; tmp2 = z1 + z3 * -1.847759065;
-    ; tmp3 = z1 + z2 * 0.765366865;
-    ;
-    ; (This implementation)
-    ; tmp2 = z2 * 0.541196100 + z3 * (0.541196100 - 1.847759065);
-    ; tmp3 = z2 * (0.541196100 + 0.765366865) + z3 * 0.541196100;
-
-    movdqa      xmm4, xmm1              ; xmm1=in2=z2
-    movdqa      xmm5, xmm1
-    punpcklwd   xmm4, xmm3              ; xmm3=in6=z3
-    punpckhwd   xmm5, xmm3
-    movdqa      xmm1, xmm4
-    movdqa      xmm3, xmm5
-    pmaddwd     xmm4, [GOTOFF(ebx,PW_F130_F054)]   ; xmm4=tmp3L
-    pmaddwd     xmm5, [GOTOFF(ebx,PW_F130_F054)]   ; xmm5=tmp3H
-    pmaddwd     xmm1, [GOTOFF(ebx,PW_F054_MF130)]  ; xmm1=tmp2L
-    pmaddwd     xmm3, [GOTOFF(ebx,PW_F054_MF130)]  ; xmm3=tmp2H
-
-    movdqa      xmm6, xmm0
-    paddw       xmm0, xmm2              ; xmm0=in0+in4
-    psubw       xmm6, xmm2              ; xmm6=in0-in4
-
-    pxor        xmm7, xmm7
-    pxor        xmm2, xmm2
-    punpcklwd   xmm7, xmm0              ; xmm7=tmp0L
-    punpckhwd   xmm2, xmm0              ; xmm2=tmp0H
-    psrad       xmm7, (16-CONST_BITS)   ; psrad xmm7,16 & pslld xmm7,CONST_BITS
-    psrad       xmm2, (16-CONST_BITS)   ; psrad xmm2,16 & pslld xmm2,CONST_BITS
-
-    movdqa      xmm0, xmm7
-    paddd       xmm7, xmm4              ; xmm7=tmp10L
-    psubd       xmm0, xmm4              ; xmm0=tmp13L
-    movdqa      xmm4, xmm2
-    paddd       xmm2, xmm5              ; xmm2=tmp10H
-    psubd       xmm4, xmm5              ; xmm4=tmp13H
-
-    movdqa      XMMWORD [wk(0)], xmm7   ; wk(0)=tmp10L
-    movdqa      XMMWORD [wk(1)], xmm2   ; wk(1)=tmp10H
-    movdqa      XMMWORD [wk(2)], xmm0   ; wk(2)=tmp13L
-    movdqa      XMMWORD [wk(3)], xmm4   ; wk(3)=tmp13H
-
-    pxor        xmm5, xmm5
-    pxor        xmm7, xmm7
-    punpcklwd   xmm5, xmm6              ; xmm5=tmp1L
-    punpckhwd   xmm7, xmm6              ; xmm7=tmp1H
-    psrad       xmm5, (16-CONST_BITS)   ; psrad xmm5,16 & pslld xmm5,CONST_BITS
-    psrad       xmm7, (16-CONST_BITS)   ; psrad xmm7,16 & pslld xmm7,CONST_BITS
-
-    movdqa      xmm2, xmm5
-    paddd       xmm5, xmm1              ; xmm5=tmp11L
-    psubd       xmm2, xmm1              ; xmm2=tmp12L
-    movdqa      xmm0, xmm7
-    paddd       xmm7, xmm3              ; xmm7=tmp11H
-    psubd       xmm0, xmm3              ; xmm0=tmp12H
-
-    movdqa      XMMWORD [wk(4)], xmm5   ; wk(4)=tmp11L
-    movdqa      XMMWORD [wk(5)], xmm7   ; wk(5)=tmp11H
-    movdqa      XMMWORD [wk(6)], xmm2   ; wk(6)=tmp12L
-    movdqa      XMMWORD [wk(7)], xmm0   ; wk(7)=tmp12H
-
-    ; -- Odd part
-
-    movdqa      xmm4, XMMWORD [XMMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movdqa      xmm6, XMMWORD [XMMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    pmullw      xmm4, XMMWORD [XMMBLOCK(1,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      xmm6, XMMWORD [XMMBLOCK(3,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    movdqa      xmm3, XMMWORD [XMMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-    pmullw      xmm1, XMMWORD [XMMBLOCK(5,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      xmm3, XMMWORD [XMMBLOCK(7,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    movdqa      xmm5, xmm6
-    movdqa      xmm7, xmm4
-    paddw       xmm5, xmm3              ; xmm5=z3
-    paddw       xmm7, xmm1              ; xmm7=z4
-
-    ; (Original)
-    ; z5 = (z3 + z4) * 1.175875602;
-    ; z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644;
-    ; z3 += z5;  z4 += z5;
-    ;
-    ; (This implementation)
-    ; z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602;
-    ; z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644);
-
-    movdqa      xmm2, xmm5
-    movdqa      xmm0, xmm5
-    punpcklwd   xmm2, xmm7
-    punpckhwd   xmm0, xmm7
-    movdqa      xmm5, xmm2
-    movdqa      xmm7, xmm0
-    pmaddwd     xmm2, [GOTOFF(ebx,PW_MF078_F117)]  ; xmm2=z3L
-    pmaddwd     xmm0, [GOTOFF(ebx,PW_MF078_F117)]  ; xmm0=z3H
-    pmaddwd     xmm5, [GOTOFF(ebx,PW_F117_F078)]   ; xmm5=z4L
-    pmaddwd     xmm7, [GOTOFF(ebx,PW_F117_F078)]   ; xmm7=z4H
-
-    movdqa      XMMWORD [wk(10)], xmm2  ; wk(10)=z3L
-    movdqa      XMMWORD [wk(11)], xmm0  ; wk(11)=z3H
-
-    ; (Original)
-    ; z1 = tmp0 + tmp3;  z2 = tmp1 + tmp2;
-    ; tmp0 = tmp0 * 0.298631336;  tmp1 = tmp1 * 2.053119869;
-    ; tmp2 = tmp2 * 3.072711026;  tmp3 = tmp3 * 1.501321110;
-    ; z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447;
-    ; tmp0 += z1 + z3;  tmp1 += z2 + z4;
-    ; tmp2 += z2 + z3;  tmp3 += z1 + z4;
-    ;
-    ; (This implementation)
-    ; tmp0 = tmp0 * (0.298631336 - 0.899976223) + tmp3 * -0.899976223;
-    ; tmp1 = tmp1 * (2.053119869 - 2.562915447) + tmp2 * -2.562915447;
-    ; tmp2 = tmp1 * -2.562915447 + tmp2 * (3.072711026 - 2.562915447);
-    ; tmp3 = tmp0 * -0.899976223 + tmp3 * (1.501321110 - 0.899976223);
-    ; tmp0 += z3;  tmp1 += z4;
-    ; tmp2 += z3;  tmp3 += z4;
-
-    movdqa      xmm2, xmm3
-    movdqa      xmm0, xmm3
-    punpcklwd   xmm2, xmm4
-    punpckhwd   xmm0, xmm4
-    movdqa      xmm3, xmm2
-    movdqa      xmm4, xmm0
-    pmaddwd     xmm2, [GOTOFF(ebx,PW_MF060_MF089)]  ; xmm2=tmp0L
-    pmaddwd     xmm0, [GOTOFF(ebx,PW_MF060_MF089)]  ; xmm0=tmp0H
-    pmaddwd     xmm3, [GOTOFF(ebx,PW_MF089_F060)]   ; xmm3=tmp3L
-    pmaddwd     xmm4, [GOTOFF(ebx,PW_MF089_F060)]   ; xmm4=tmp3H
-
-    paddd       xmm2, XMMWORD [wk(10)]  ; xmm2=tmp0L
-    paddd       xmm0, XMMWORD [wk(11)]  ; xmm0=tmp0H
-    paddd       xmm3, xmm5              ; xmm3=tmp3L
-    paddd       xmm4, xmm7              ; xmm4=tmp3H
-
-    movdqa      XMMWORD [wk(8)], xmm2   ; wk(8)=tmp0L
-    movdqa      XMMWORD [wk(9)], xmm0   ; wk(9)=tmp0H
-
-    movdqa      xmm2, xmm1
-    movdqa      xmm0, xmm1
-    punpcklwd   xmm2, xmm6
-    punpckhwd   xmm0, xmm6
-    movdqa      xmm1, xmm2
-    movdqa      xmm6, xmm0
-    pmaddwd     xmm2, [GOTOFF(ebx,PW_MF050_MF256)]  ; xmm2=tmp1L
-    pmaddwd     xmm0, [GOTOFF(ebx,PW_MF050_MF256)]  ; xmm0=tmp1H
-    pmaddwd     xmm1, [GOTOFF(ebx,PW_MF256_F050)]   ; xmm1=tmp2L
-    pmaddwd     xmm6, [GOTOFF(ebx,PW_MF256_F050)]   ; xmm6=tmp2H
-
-    paddd       xmm2, xmm5              ; xmm2=tmp1L
-    paddd       xmm0, xmm7              ; xmm0=tmp1H
-    paddd       xmm1, XMMWORD [wk(10)]  ; xmm1=tmp2L
-    paddd       xmm6, XMMWORD [wk(11)]  ; xmm6=tmp2H
-
-    movdqa      XMMWORD [wk(10)], xmm2  ; wk(10)=tmp1L
-    movdqa      XMMWORD [wk(11)], xmm0  ; wk(11)=tmp1H
-
-    ; -- Final output stage
-
-    movdqa      xmm5, XMMWORD [wk(0)]   ; xmm5=tmp10L
-    movdqa      xmm7, XMMWORD [wk(1)]   ; xmm7=tmp10H
-
-    movdqa      xmm2, xmm5
-    movdqa      xmm0, xmm7
-    paddd       xmm5, xmm3              ; xmm5=data0L
-    paddd       xmm7, xmm4              ; xmm7=data0H
-    psubd       xmm2, xmm3              ; xmm2=data7L
-    psubd       xmm0, xmm4              ; xmm0=data7H
-
-    movdqa      xmm3, [GOTOFF(ebx,PD_DESCALE_P1)]  ; xmm3=[PD_DESCALE_P1]
-
-    paddd       xmm5, xmm3
-    paddd       xmm7, xmm3
-    psrad       xmm5, DESCALE_P1
-    psrad       xmm7, DESCALE_P1
-    paddd       xmm2, xmm3
-    paddd       xmm0, xmm3
-    psrad       xmm2, DESCALE_P1
-    psrad       xmm0, DESCALE_P1
-
-    packssdw    xmm5, xmm7              ; xmm5=data0=(00 01 02 03 04 05 06 07)
-    packssdw    xmm2, xmm0              ; xmm2=data7=(70 71 72 73 74 75 76 77)
-
-    movdqa      xmm4, XMMWORD [wk(4)]   ; xmm4=tmp11L
-    movdqa      xmm3, XMMWORD [wk(5)]   ; xmm3=tmp11H
-
-    movdqa      xmm7, xmm4
-    movdqa      xmm0, xmm3
-    paddd       xmm4, xmm1              ; xmm4=data1L
-    paddd       xmm3, xmm6              ; xmm3=data1H
-    psubd       xmm7, xmm1              ; xmm7=data6L
-    psubd       xmm0, xmm6              ; xmm0=data6H
-
-    movdqa      xmm1, [GOTOFF(ebx,PD_DESCALE_P1)]  ; xmm1=[PD_DESCALE_P1]
-
-    paddd       xmm4, xmm1
-    paddd       xmm3, xmm1
-    psrad       xmm4, DESCALE_P1
-    psrad       xmm3, DESCALE_P1
-    paddd       xmm7, xmm1
-    paddd       xmm0, xmm1
-    psrad       xmm7, DESCALE_P1
-    psrad       xmm0, DESCALE_P1
-
-    packssdw    xmm4, xmm3              ; xmm4=data1=(10 11 12 13 14 15 16 17)
-    packssdw    xmm7, xmm0              ; xmm7=data6=(60 61 62 63 64 65 66 67)
-
-    movdqa      xmm6, xmm5              ; transpose coefficients(phase 1)
-    punpcklwd   xmm5, xmm4              ; xmm5=(00 10 01 11 02 12 03 13)
-    punpckhwd   xmm6, xmm4              ; xmm6=(04 14 05 15 06 16 07 17)
-    movdqa      xmm1, xmm7              ; transpose coefficients(phase 1)
-    punpcklwd   xmm7, xmm2              ; xmm7=(60 70 61 71 62 72 63 73)
-    punpckhwd   xmm1, xmm2              ; xmm1=(64 74 65 75 66 76 67 77)
-
-    movdqa      xmm3, XMMWORD [wk(6)]   ; xmm3=tmp12L
-    movdqa      xmm0, XMMWORD [wk(7)]   ; xmm0=tmp12H
-    movdqa      xmm4, XMMWORD [wk(10)]  ; xmm4=tmp1L
-    movdqa      xmm2, XMMWORD [wk(11)]  ; xmm2=tmp1H
-
-    movdqa      XMMWORD [wk(0)], xmm5   ; wk(0)=(00 10 01 11 02 12 03 13)
-    movdqa      XMMWORD [wk(1)], xmm6   ; wk(1)=(04 14 05 15 06 16 07 17)
-    movdqa      XMMWORD [wk(4)], xmm7   ; wk(4)=(60 70 61 71 62 72 63 73)
-    movdqa      XMMWORD [wk(5)], xmm1   ; wk(5)=(64 74 65 75 66 76 67 77)
-
-    movdqa      xmm5, xmm3
-    movdqa      xmm6, xmm0
-    paddd       xmm3, xmm4              ; xmm3=data2L
-    paddd       xmm0, xmm2              ; xmm0=data2H
-    psubd       xmm5, xmm4              ; xmm5=data5L
-    psubd       xmm6, xmm2              ; xmm6=data5H
-
-    movdqa      xmm7, [GOTOFF(ebx,PD_DESCALE_P1)]  ; xmm7=[PD_DESCALE_P1]
-
-    paddd       xmm3, xmm7
-    paddd       xmm0, xmm7
-    psrad       xmm3, DESCALE_P1
-    psrad       xmm0, DESCALE_P1
-    paddd       xmm5, xmm7
-    paddd       xmm6, xmm7
-    psrad       xmm5, DESCALE_P1
-    psrad       xmm6, DESCALE_P1
-
-    packssdw    xmm3, xmm0              ; xmm3=data2=(20 21 22 23 24 25 26 27)
-    packssdw    xmm5, xmm6              ; xmm5=data5=(50 51 52 53 54 55 56 57)
-
-    movdqa      xmm1, XMMWORD [wk(2)]   ; xmm1=tmp13L
-    movdqa      xmm4, XMMWORD [wk(3)]   ; xmm4=tmp13H
-    movdqa      xmm2, XMMWORD [wk(8)]   ; xmm2=tmp0L
-    movdqa      xmm7, XMMWORD [wk(9)]   ; xmm7=tmp0H
-
-    movdqa      xmm0, xmm1
-    movdqa      xmm6, xmm4
-    paddd       xmm1, xmm2              ; xmm1=data3L
-    paddd       xmm4, xmm7              ; xmm4=data3H
-    psubd       xmm0, xmm2              ; xmm0=data4L
-    psubd       xmm6, xmm7              ; xmm6=data4H
-
-    movdqa      xmm2, [GOTOFF(ebx,PD_DESCALE_P1)]  ; xmm2=[PD_DESCALE_P1]
-
-    paddd       xmm1, xmm2
-    paddd       xmm4, xmm2
-    psrad       xmm1, DESCALE_P1
-    psrad       xmm4, DESCALE_P1
-    paddd       xmm0, xmm2
-    paddd       xmm6, xmm2
-    psrad       xmm0, DESCALE_P1
-    psrad       xmm6, DESCALE_P1
-
-    packssdw    xmm1, xmm4              ; xmm1=data3=(30 31 32 33 34 35 36 37)
-    packssdw    xmm0, xmm6              ; xmm0=data4=(40 41 42 43 44 45 46 47)
-
-    movdqa      xmm7, XMMWORD [wk(0)]   ; xmm7=(00 10 01 11 02 12 03 13)
-    movdqa      xmm2, XMMWORD [wk(1)]   ; xmm2=(04 14 05 15 06 16 07 17)
-
-    movdqa      xmm4, xmm3              ; transpose coefficients(phase 1)
-    punpcklwd   xmm3, xmm1              ; xmm3=(20 30 21 31 22 32 23 33)
-    punpckhwd   xmm4, xmm1              ; xmm4=(24 34 25 35 26 36 27 37)
-    movdqa      xmm6, xmm0              ; transpose coefficients(phase 1)
-    punpcklwd   xmm0, xmm5              ; xmm0=(40 50 41 51 42 52 43 53)
-    punpckhwd   xmm6, xmm5              ; xmm6=(44 54 45 55 46 56 47 57)
-
-    movdqa      xmm1, xmm7              ; transpose coefficients(phase 2)
-    punpckldq   xmm7, xmm3              ; xmm7=(00 10 20 30 01 11 21 31)
-    punpckhdq   xmm1, xmm3              ; xmm1=(02 12 22 32 03 13 23 33)
-    movdqa      xmm5, xmm2              ; transpose coefficients(phase 2)
-    punpckldq   xmm2, xmm4              ; xmm2=(04 14 24 34 05 15 25 35)
-    punpckhdq   xmm5, xmm4              ; xmm5=(06 16 26 36 07 17 27 37)
-
-    movdqa      xmm3, XMMWORD [wk(4)]   ; xmm3=(60 70 61 71 62 72 63 73)
-    movdqa      xmm4, XMMWORD [wk(5)]   ; xmm4=(64 74 65 75 66 76 67 77)
-
-    movdqa      XMMWORD [wk(6)], xmm2   ; wk(6)=(04 14 24 34 05 15 25 35)
-    movdqa      XMMWORD [wk(7)], xmm5   ; wk(7)=(06 16 26 36 07 17 27 37)
-
-    movdqa      xmm2, xmm0              ; transpose coefficients(phase 2)
-    punpckldq   xmm0, xmm3              ; xmm0=(40 50 60 70 41 51 61 71)
-    punpckhdq   xmm2, xmm3              ; xmm2=(42 52 62 72 43 53 63 73)
-    movdqa      xmm5, xmm6              ; transpose coefficients(phase 2)
-    punpckldq   xmm6, xmm4              ; xmm6=(44 54 64 74 45 55 65 75)
-    punpckhdq   xmm5, xmm4              ; xmm5=(46 56 66 76 47 57 67 77)
-
-    movdqa      xmm3, xmm7              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm7, xmm0              ; xmm7=col0=(00 10 20 30 40 50 60 70)
-    punpckhqdq  xmm3, xmm0              ; xmm3=col1=(01 11 21 31 41 51 61 71)
-    movdqa      xmm4, xmm1              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm1, xmm2              ; xmm1=col2=(02 12 22 32 42 52 62 72)
-    punpckhqdq  xmm4, xmm2              ; xmm4=col3=(03 13 23 33 43 53 63 73)
-
-    movdqa      xmm0, XMMWORD [wk(6)]   ; xmm0=(04 14 24 34 05 15 25 35)
-    movdqa      xmm2, XMMWORD [wk(7)]   ; xmm2=(06 16 26 36 07 17 27 37)
-
-    movdqa      XMMWORD [wk(8)], xmm3   ; wk(8)=col1
-    movdqa      XMMWORD [wk(9)], xmm4   ; wk(9)=col3
-
-    movdqa      xmm3, xmm0              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm0, xmm6              ; xmm0=col4=(04 14 24 34 44 54 64 74)
-    punpckhqdq  xmm3, xmm6              ; xmm3=col5=(05 15 25 35 45 55 65 75)
-    movdqa      xmm4, xmm2              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm2, xmm5              ; xmm2=col6=(06 16 26 36 46 56 66 76)
-    punpckhqdq  xmm4, xmm5              ; xmm4=col7=(07 17 27 37 47 57 67 77)
-
-    movdqa      XMMWORD [wk(10)], xmm3  ; wk(10)=col5
-    movdqa      XMMWORD [wk(11)], xmm4  ; wk(11)=col7
-.column_end:
-
-    ; -- Prefetch the next coefficient block
-
-    prefetchnta [esi + DCTSIZE2*SIZEOF_JCOEF + 0*32]
-    prefetchnta [esi + DCTSIZE2*SIZEOF_JCOEF + 1*32]
-    prefetchnta [esi + DCTSIZE2*SIZEOF_JCOEF + 2*32]
-    prefetchnta [esi + DCTSIZE2*SIZEOF_JCOEF + 3*32]
-
-    ; ---- Pass 2: process rows from work array, store into output array.
-
-    mov         eax, [original_ebp]
-    mov         edi, JSAMPARRAY [output_buf(eax)]  ; (JSAMPROW *)
-    mov         eax, JDIMENSION [output_col(eax)]
-
-    ; -- Even part
-
-    ; xmm7=col0, xmm1=col2, xmm0=col4, xmm2=col6
-
-    ; (Original)
-    ; z1 = (z2 + z3) * 0.541196100;
-    ; tmp2 = z1 + z3 * -1.847759065;
-    ; tmp3 = z1 + z2 * 0.765366865;
-    ;
-    ; (This implementation)
-    ; tmp2 = z2 * 0.541196100 + z3 * (0.541196100 - 1.847759065);
-    ; tmp3 = z2 * (0.541196100 + 0.765366865) + z3 * 0.541196100;
-
-    movdqa      xmm6, xmm1              ; xmm1=in2=z2
-    movdqa      xmm5, xmm1
-    punpcklwd   xmm6, xmm2              ; xmm2=in6=z3
-    punpckhwd   xmm5, xmm2
-    movdqa      xmm1, xmm6
-    movdqa      xmm2, xmm5
-    pmaddwd     xmm6, [GOTOFF(ebx,PW_F130_F054)]   ; xmm6=tmp3L
-    pmaddwd     xmm5, [GOTOFF(ebx,PW_F130_F054)]   ; xmm5=tmp3H
-    pmaddwd     xmm1, [GOTOFF(ebx,PW_F054_MF130)]  ; xmm1=tmp2L
-    pmaddwd     xmm2, [GOTOFF(ebx,PW_F054_MF130)]  ; xmm2=tmp2H
-
-    movdqa      xmm3, xmm7
-    paddw       xmm7, xmm0              ; xmm7=in0+in4
-    psubw       xmm3, xmm0              ; xmm3=in0-in4
-
-    pxor        xmm4, xmm4
-    pxor        xmm0, xmm0
-    punpcklwd   xmm4, xmm7              ; xmm4=tmp0L
-    punpckhwd   xmm0, xmm7              ; xmm0=tmp0H
-    psrad       xmm4, (16-CONST_BITS)   ; psrad xmm4,16 & pslld xmm4,CONST_BITS
-    psrad       xmm0, (16-CONST_BITS)   ; psrad xmm0,16 & pslld xmm0,CONST_BITS
-
-    movdqa      xmm7, xmm4
-    paddd       xmm4, xmm6              ; xmm4=tmp10L
-    psubd       xmm7, xmm6              ; xmm7=tmp13L
-    movdqa      xmm6, xmm0
-    paddd       xmm0, xmm5              ; xmm0=tmp10H
-    psubd       xmm6, xmm5              ; xmm6=tmp13H
-
-    movdqa      XMMWORD [wk(0)], xmm4   ; wk(0)=tmp10L
-    movdqa      XMMWORD [wk(1)], xmm0   ; wk(1)=tmp10H
-    movdqa      XMMWORD [wk(2)], xmm7   ; wk(2)=tmp13L
-    movdqa      XMMWORD [wk(3)], xmm6   ; wk(3)=tmp13H
-
-    pxor        xmm5, xmm5
-    pxor        xmm4, xmm4
-    punpcklwd   xmm5, xmm3              ; xmm5=tmp1L
-    punpckhwd   xmm4, xmm3              ; xmm4=tmp1H
-    psrad       xmm5, (16-CONST_BITS)   ; psrad xmm5,16 & pslld xmm5,CONST_BITS
-    psrad       xmm4, (16-CONST_BITS)   ; psrad xmm4,16 & pslld xmm4,CONST_BITS
-
-    movdqa      xmm0, xmm5
-    paddd       xmm5, xmm1              ; xmm5=tmp11L
-    psubd       xmm0, xmm1              ; xmm0=tmp12L
-    movdqa      xmm7, xmm4
-    paddd       xmm4, xmm2              ; xmm4=tmp11H
-    psubd       xmm7, xmm2              ; xmm7=tmp12H
-
-    movdqa      XMMWORD [wk(4)], xmm5   ; wk(4)=tmp11L
-    movdqa      XMMWORD [wk(5)], xmm4   ; wk(5)=tmp11H
-    movdqa      XMMWORD [wk(6)], xmm0   ; wk(6)=tmp12L
-    movdqa      XMMWORD [wk(7)], xmm7   ; wk(7)=tmp12H
-
-    ; -- Odd part
-
-    movdqa      xmm6, XMMWORD [wk(9)]   ; xmm6=col3
-    movdqa      xmm3, XMMWORD [wk(8)]   ; xmm3=col1
-    movdqa      xmm1, XMMWORD [wk(11)]  ; xmm1=col7
-    movdqa      xmm2, XMMWORD [wk(10)]  ; xmm2=col5
-
-    movdqa      xmm5, xmm6
-    movdqa      xmm4, xmm3
-    paddw       xmm5, xmm1              ; xmm5=z3
-    paddw       xmm4, xmm2              ; xmm4=z4
-
-    ; (Original)
-    ; z5 = (z3 + z4) * 1.175875602;
-    ; z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644;
-    ; z3 += z5;  z4 += z5;
-    ;
-    ; (This implementation)
-    ; z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602;
-    ; z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644);
-
-    movdqa      xmm0, xmm5
-    movdqa      xmm7, xmm5
-    punpcklwd   xmm0, xmm4
-    punpckhwd   xmm7, xmm4
-    movdqa      xmm5, xmm0
-    movdqa      xmm4, xmm7
-    pmaddwd     xmm0, [GOTOFF(ebx,PW_MF078_F117)]  ; xmm0=z3L
-    pmaddwd     xmm7, [GOTOFF(ebx,PW_MF078_F117)]  ; xmm7=z3H
-    pmaddwd     xmm5, [GOTOFF(ebx,PW_F117_F078)]   ; xmm5=z4L
-    pmaddwd     xmm4, [GOTOFF(ebx,PW_F117_F078)]   ; xmm4=z4H
-
-    movdqa      XMMWORD [wk(10)], xmm0  ; wk(10)=z3L
-    movdqa      XMMWORD [wk(11)], xmm7  ; wk(11)=z3H
-
-    ; (Original)
-    ; z1 = tmp0 + tmp3;  z2 = tmp1 + tmp2;
-    ; tmp0 = tmp0 * 0.298631336;  tmp1 = tmp1 * 2.053119869;
-    ; tmp2 = tmp2 * 3.072711026;  tmp3 = tmp3 * 1.501321110;
-    ; z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447;
-    ; tmp0 += z1 + z3;  tmp1 += z2 + z4;
-    ; tmp2 += z2 + z3;  tmp3 += z1 + z4;
-    ;
-    ; (This implementation)
-    ; tmp0 = tmp0 * (0.298631336 - 0.899976223) + tmp3 * -0.899976223;
-    ; tmp1 = tmp1 * (2.053119869 - 2.562915447) + tmp2 * -2.562915447;
-    ; tmp2 = tmp1 * -2.562915447 + tmp2 * (3.072711026 - 2.562915447);
-    ; tmp3 = tmp0 * -0.899976223 + tmp3 * (1.501321110 - 0.899976223);
-    ; tmp0 += z3;  tmp1 += z4;
-    ; tmp2 += z3;  tmp3 += z4;
-
-    movdqa      xmm0, xmm1
-    movdqa      xmm7, xmm1
-    punpcklwd   xmm0, xmm3
-    punpckhwd   xmm7, xmm3
-    movdqa      xmm1, xmm0
-    movdqa      xmm3, xmm7
-    pmaddwd     xmm0, [GOTOFF(ebx,PW_MF060_MF089)]  ; xmm0=tmp0L
-    pmaddwd     xmm7, [GOTOFF(ebx,PW_MF060_MF089)]  ; xmm7=tmp0H
-    pmaddwd     xmm1, [GOTOFF(ebx,PW_MF089_F060)]   ; xmm1=tmp3L
-    pmaddwd     xmm3, [GOTOFF(ebx,PW_MF089_F060)]   ; xmm3=tmp3H
-
-    paddd       xmm0, XMMWORD [wk(10)]  ; xmm0=tmp0L
-    paddd       xmm7, XMMWORD [wk(11)]  ; xmm7=tmp0H
-    paddd       xmm1, xmm5              ; xmm1=tmp3L
-    paddd       xmm3, xmm4              ; xmm3=tmp3H
-
-    movdqa      XMMWORD [wk(8)], xmm0   ; wk(8)=tmp0L
-    movdqa      XMMWORD [wk(9)], xmm7   ; wk(9)=tmp0H
-
-    movdqa      xmm0, xmm2
-    movdqa      xmm7, xmm2
-    punpcklwd   xmm0, xmm6
-    punpckhwd   xmm7, xmm6
-    movdqa      xmm2, xmm0
-    movdqa      xmm6, xmm7
-    pmaddwd     xmm0, [GOTOFF(ebx,PW_MF050_MF256)]  ; xmm0=tmp1L
-    pmaddwd     xmm7, [GOTOFF(ebx,PW_MF050_MF256)]  ; xmm7=tmp1H
-    pmaddwd     xmm2, [GOTOFF(ebx,PW_MF256_F050)]   ; xmm2=tmp2L
-    pmaddwd     xmm6, [GOTOFF(ebx,PW_MF256_F050)]   ; xmm6=tmp2H
-
-    paddd       xmm0, xmm5              ; xmm0=tmp1L
-    paddd       xmm7, xmm4              ; xmm7=tmp1H
-    paddd       xmm2, XMMWORD [wk(10)]  ; xmm2=tmp2L
-    paddd       xmm6, XMMWORD [wk(11)]  ; xmm6=tmp2H
-
-    movdqa      XMMWORD [wk(10)], xmm0  ; wk(10)=tmp1L
-    movdqa      XMMWORD [wk(11)], xmm7  ; wk(11)=tmp1H
-
-    ; -- Final output stage
-
-    movdqa      xmm5, XMMWORD [wk(0)]   ; xmm5=tmp10L
-    movdqa      xmm4, XMMWORD [wk(1)]   ; xmm4=tmp10H
-
-    movdqa      xmm0, xmm5
-    movdqa      xmm7, xmm4
-    paddd       xmm5, xmm1              ; xmm5=data0L
-    paddd       xmm4, xmm3              ; xmm4=data0H
-    psubd       xmm0, xmm1              ; xmm0=data7L
-    psubd       xmm7, xmm3              ; xmm7=data7H
-
-    movdqa      xmm1, [GOTOFF(ebx,PD_DESCALE_P2)]  ; xmm1=[PD_DESCALE_P2]
-
-    paddd       xmm5, xmm1
-    paddd       xmm4, xmm1
-    psrad       xmm5, DESCALE_P2
-    psrad       xmm4, DESCALE_P2
-    paddd       xmm0, xmm1
-    paddd       xmm7, xmm1
-    psrad       xmm0, DESCALE_P2
-    psrad       xmm7, DESCALE_P2
-
-    packssdw    xmm5, xmm4              ; xmm5=data0=(00 10 20 30 40 50 60 70)
-    packssdw    xmm0, xmm7              ; xmm0=data7=(07 17 27 37 47 57 67 77)
-
-    movdqa      xmm3, XMMWORD [wk(4)]   ; xmm3=tmp11L
-    movdqa      xmm1, XMMWORD [wk(5)]   ; xmm1=tmp11H
-
-    movdqa      xmm4, xmm3
-    movdqa      xmm7, xmm1
-    paddd       xmm3, xmm2              ; xmm3=data1L
-    paddd       xmm1, xmm6              ; xmm1=data1H
-    psubd       xmm4, xmm2              ; xmm4=data6L
-    psubd       xmm7, xmm6              ; xmm7=data6H
-
-    movdqa      xmm2, [GOTOFF(ebx,PD_DESCALE_P2)]  ; xmm2=[PD_DESCALE_P2]
-
-    paddd       xmm3, xmm2
-    paddd       xmm1, xmm2
-    psrad       xmm3, DESCALE_P2
-    psrad       xmm1, DESCALE_P2
-    paddd       xmm4, xmm2
-    paddd       xmm7, xmm2
-    psrad       xmm4, DESCALE_P2
-    psrad       xmm7, DESCALE_P2
-
-    packssdw    xmm3, xmm1              ; xmm3=data1=(01 11 21 31 41 51 61 71)
-    packssdw    xmm4, xmm7              ; xmm4=data6=(06 16 26 36 46 56 66 76)
-
-    packsswb    xmm5, xmm4              ; xmm5=(00 10 20 30 40 50 60 70 06 16 26 36 46 56 66 76)
-    packsswb    xmm3, xmm0              ; xmm3=(01 11 21 31 41 51 61 71 07 17 27 37 47 57 67 77)
-
-    movdqa      xmm6, XMMWORD [wk(6)]   ; xmm6=tmp12L
-    movdqa      xmm2, XMMWORD [wk(7)]   ; xmm2=tmp12H
-    movdqa      xmm1, XMMWORD [wk(10)]  ; xmm1=tmp1L
-    movdqa      xmm7, XMMWORD [wk(11)]  ; xmm7=tmp1H
-
-    movdqa      XMMWORD [wk(0)], xmm5   ; wk(0)=(00 10 20 30 40 50 60 70 06 16 26 36 46 56 66 76)
-    movdqa      XMMWORD [wk(1)], xmm3   ; wk(1)=(01 11 21 31 41 51 61 71 07 17 27 37 47 57 67 77)
-
-    movdqa      xmm4, xmm6
-    movdqa      xmm0, xmm2
-    paddd       xmm6, xmm1              ; xmm6=data2L
-    paddd       xmm2, xmm7              ; xmm2=data2H
-    psubd       xmm4, xmm1              ; xmm4=data5L
-    psubd       xmm0, xmm7              ; xmm0=data5H
-
-    movdqa      xmm5, [GOTOFF(ebx,PD_DESCALE_P2)]  ; xmm5=[PD_DESCALE_P2]
-
-    paddd       xmm6, xmm5
-    paddd       xmm2, xmm5
-    psrad       xmm6, DESCALE_P2
-    psrad       xmm2, DESCALE_P2
-    paddd       xmm4, xmm5
-    paddd       xmm0, xmm5
-    psrad       xmm4, DESCALE_P2
-    psrad       xmm0, DESCALE_P2
-
-    packssdw    xmm6, xmm2              ; xmm6=data2=(02 12 22 32 42 52 62 72)
-    packssdw    xmm4, xmm0              ; xmm4=data5=(05 15 25 35 45 55 65 75)
-
-    movdqa      xmm3, XMMWORD [wk(2)]   ; xmm3=tmp13L
-    movdqa      xmm1, XMMWORD [wk(3)]   ; xmm1=tmp13H
-    movdqa      xmm7, XMMWORD [wk(8)]   ; xmm7=tmp0L
-    movdqa      xmm5, XMMWORD [wk(9)]   ; xmm5=tmp0H
-
-    movdqa      xmm2, xmm3
-    movdqa      xmm0, xmm1
-    paddd       xmm3, xmm7              ; xmm3=data3L
-    paddd       xmm1, xmm5              ; xmm1=data3H
-    psubd       xmm2, xmm7              ; xmm2=data4L
-    psubd       xmm0, xmm5              ; xmm0=data4H
-
-    movdqa      xmm7, [GOTOFF(ebx,PD_DESCALE_P2)]  ; xmm7=[PD_DESCALE_P2]
-
-    paddd       xmm3, xmm7
-    paddd       xmm1, xmm7
-    psrad       xmm3, DESCALE_P2
-    psrad       xmm1, DESCALE_P2
-    paddd       xmm2, xmm7
-    paddd       xmm0, xmm7
-    psrad       xmm2, DESCALE_P2
-    psrad       xmm0, DESCALE_P2
-
-    movdqa      xmm5, [GOTOFF(ebx,PB_CENTERJSAMP)]  ; xmm5=[PB_CENTERJSAMP]
-
-    packssdw    xmm3, xmm1             ; xmm3=data3=(03 13 23 33 43 53 63 73)
-    packssdw    xmm2, xmm0             ; xmm2=data4=(04 14 24 34 44 54 64 74)
-
-    movdqa      xmm7, XMMWORD [wk(0)]  ; xmm7=(00 10 20 30 40 50 60 70 06 16 26 36 46 56 66 76)
-    movdqa      xmm1, XMMWORD [wk(1)]  ; xmm1=(01 11 21 31 41 51 61 71 07 17 27 37 47 57 67 77)
-
-    packsswb    xmm6, xmm2             ; xmm6=(02 12 22 32 42 52 62 72 04 14 24 34 44 54 64 74)
-    packsswb    xmm3, xmm4             ; xmm3=(03 13 23 33 43 53 63 73 05 15 25 35 45 55 65 75)
-
-    paddb       xmm7, xmm5
-    paddb       xmm1, xmm5
-    paddb       xmm6, xmm5
-    paddb       xmm3, xmm5
-
-    movdqa      xmm0, xmm7        ; transpose coefficients(phase 1)
-    punpcklbw   xmm7, xmm1        ; xmm7=(00 01 10 11 20 21 30 31 40 41 50 51 60 61 70 71)
-    punpckhbw   xmm0, xmm1        ; xmm0=(06 07 16 17 26 27 36 37 46 47 56 57 66 67 76 77)
-    movdqa      xmm2, xmm6        ; transpose coefficients(phase 1)
-    punpcklbw   xmm6, xmm3        ; xmm6=(02 03 12 13 22 23 32 33 42 43 52 53 62 63 72 73)
-    punpckhbw   xmm2, xmm3        ; xmm2=(04 05 14 15 24 25 34 35 44 45 54 55 64 65 74 75)
-
-    movdqa      xmm4, xmm7        ; transpose coefficients(phase 2)
-    punpcklwd   xmm7, xmm6        ; xmm7=(00 01 02 03 10 11 12 13 20 21 22 23 30 31 32 33)
-    punpckhwd   xmm4, xmm6        ; xmm4=(40 41 42 43 50 51 52 53 60 61 62 63 70 71 72 73)
-    movdqa      xmm5, xmm2        ; transpose coefficients(phase 2)
-    punpcklwd   xmm2, xmm0        ; xmm2=(04 05 06 07 14 15 16 17 24 25 26 27 34 35 36 37)
-    punpckhwd   xmm5, xmm0        ; xmm5=(44 45 46 47 54 55 56 57 64 65 66 67 74 75 76 77)
-
-    movdqa      xmm1, xmm7        ; transpose coefficients(phase 3)
-    punpckldq   xmm7, xmm2        ; xmm7=(00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17)
-    punpckhdq   xmm1, xmm2        ; xmm1=(20 21 22 23 24 25 26 27 30 31 32 33 34 35 36 37)
-    movdqa      xmm3, xmm4        ; transpose coefficients(phase 3)
-    punpckldq   xmm4, xmm5        ; xmm4=(40 41 42 43 44 45 46 47 50 51 52 53 54 55 56 57)
-    punpckhdq   xmm3, xmm5        ; xmm3=(60 61 62 63 64 65 66 67 70 71 72 73 74 75 76 77)
-
-    pshufd      xmm6, xmm7, 0x4E  ; xmm6=(10 11 12 13 14 15 16 17 00 01 02 03 04 05 06 07)
-    pshufd      xmm0, xmm1, 0x4E  ; xmm0=(30 31 32 33 34 35 36 37 20 21 22 23 24 25 26 27)
-    pshufd      xmm2, xmm4, 0x4E  ; xmm2=(50 51 52 53 54 55 56 57 40 41 42 43 44 45 46 47)
-    pshufd      xmm5, xmm3, 0x4E  ; xmm5=(70 71 72 73 74 75 76 77 60 61 62 63 64 65 66 67)
-
-    mov         edx, JSAMPROW [edi+0*SIZEOF_JSAMPROW]
-    mov         esi, JSAMPROW [edi+2*SIZEOF_JSAMPROW]
-    movq        XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE], xmm7
-    movq        XMM_MMWORD [esi+eax*SIZEOF_JSAMPLE], xmm1
-    mov         edx, JSAMPROW [edi+4*SIZEOF_JSAMPROW]
-    mov         esi, JSAMPROW [edi+6*SIZEOF_JSAMPROW]
-    movq        XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE], xmm4
-    movq        XMM_MMWORD [esi+eax*SIZEOF_JSAMPLE], xmm3
-
-    mov         edx, JSAMPROW [edi+1*SIZEOF_JSAMPROW]
-    mov         esi, JSAMPROW [edi+3*SIZEOF_JSAMPROW]
-    movq        XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE], xmm6
-    movq        XMM_MMWORD [esi+eax*SIZEOF_JSAMPLE], xmm0
-    mov         edx, JSAMPROW [edi+5*SIZEOF_JSAMPROW]
-    mov         esi, JSAMPROW [edi+7*SIZEOF_JSAMPROW]
-    movq        XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE], xmm2
-    movq        XMM_MMWORD [esi+eax*SIZEOF_JSAMPLE], xmm5
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; unused
-    poppic      ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctred-mmx.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctred-mmx.asm
deleted file mode 100644
index e2307e1..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctred-mmx.asm
+++ /dev/null
@@ -1,704 +0,0 @@
-;
-; jidctred.asm - reduced-size IDCT (MMX)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains inverse-DCT routines that produce reduced-size
-; output: either 4x4 or 2x2 pixels from an 8x8 DCT block.
-; The following code is based directly on the IJG's original jidctred.c;
-; see the jidctred.c for more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%define CONST_BITS    13
-%define PASS1_BITS    2
-
-%define DESCALE_P1_4  (CONST_BITS - PASS1_BITS + 1)
-%define DESCALE_P2_4  (CONST_BITS + PASS1_BITS + 3 + 1)
-%define DESCALE_P1_2  (CONST_BITS - PASS1_BITS + 2)
-%define DESCALE_P2_2  (CONST_BITS + PASS1_BITS + 3 + 2)
-
-%if CONST_BITS == 13
-F_0_211 equ  1730  ; FIX(0.211164243)
-F_0_509 equ  4176  ; FIX(0.509795579)
-F_0_601 equ  4926  ; FIX(0.601344887)
-F_0_720 equ  5906  ; FIX(0.720959822)
-F_0_765 equ  6270  ; FIX(0.765366865)
-F_0_850 equ  6967  ; FIX(0.850430095)
-F_0_899 equ  7373  ; FIX(0.899976223)
-F_1_061 equ  8697  ; FIX(1.061594337)
-F_1_272 equ 10426  ; FIX(1.272758580)
-F_1_451 equ 11893  ; FIX(1.451774981)
-F_1_847 equ 15137  ; FIX(1.847759065)
-F_2_172 equ 17799  ; FIX(2.172734803)
-F_2_562 equ 20995  ; FIX(2.562915447)
-F_3_624 equ 29692  ; FIX(3.624509785)
-%else
-; NASM cannot do compile-time arithmetic on floating-point constants.
-%define DESCALE(x, n)  (((x) + (1 << ((n) - 1))) >> (n))
-F_0_211 equ DESCALE( 226735879, 30 - CONST_BITS)  ; FIX(0.211164243)
-F_0_509 equ DESCALE( 547388834, 30 - CONST_BITS)  ; FIX(0.509795579)
-F_0_601 equ DESCALE( 645689155, 30 - CONST_BITS)  ; FIX(0.601344887)
-F_0_720 equ DESCALE( 774124714, 30 - CONST_BITS)  ; FIX(0.720959822)
-F_0_765 equ DESCALE( 821806413, 30 - CONST_BITS)  ; FIX(0.765366865)
-F_0_850 equ DESCALE( 913142361, 30 - CONST_BITS)  ; FIX(0.850430095)
-F_0_899 equ DESCALE( 966342111, 30 - CONST_BITS)  ; FIX(0.899976223)
-F_1_061 equ DESCALE(1139878239, 30 - CONST_BITS)  ; FIX(1.061594337)
-F_1_272 equ DESCALE(1366614119, 30 - CONST_BITS)  ; FIX(1.272758580)
-F_1_451 equ DESCALE(1558831516, 30 - CONST_BITS)  ; FIX(1.451774981)
-F_1_847 equ DESCALE(1984016188, 30 - CONST_BITS)  ; FIX(1.847759065)
-F_2_172 equ DESCALE(2332956230, 30 - CONST_BITS)  ; FIX(2.172734803)
-F_2_562 equ DESCALE(2751909506, 30 - CONST_BITS)  ; FIX(2.562915447)
-F_3_624 equ DESCALE(3891787747, 30 - CONST_BITS)  ; FIX(3.624509785)
-%endif
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_idct_red_mmx)
-
-EXTN(jconst_idct_red_mmx):
-
-PW_F184_MF076   times 2 dw  F_1_847, -F_0_765
-PW_F256_F089    times 2 dw  F_2_562,  F_0_899
-PW_F106_MF217   times 2 dw  F_1_061, -F_2_172
-PW_MF060_MF050  times 2 dw -F_0_601, -F_0_509
-PW_F145_MF021   times 2 dw  F_1_451, -F_0_211
-PW_F362_MF127   times 2 dw  F_3_624, -F_1_272
-PW_F085_MF072   times 2 dw  F_0_850, -F_0_720
-PD_DESCALE_P1_4 times 2 dd  1 << (DESCALE_P1_4 - 1)
-PD_DESCALE_P2_4 times 2 dd  1 << (DESCALE_P2_4 - 1)
-PD_DESCALE_P1_2 times 2 dd  1 << (DESCALE_P1_2 - 1)
-PD_DESCALE_P2_2 times 2 dd  1 << (DESCALE_P2_2 - 1)
-PB_CENTERJSAMP  times 8 db  CENTERJSAMPLE
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Perform dequantization and inverse DCT on one block of coefficients,
-; producing a reduced-size 4x4 output block.
-;
-; GLOBAL(void)
-; jsimd_idct_4x4_mmx(void *dct_table, JCOEFPTR coef_block,
-;                    JSAMPARRAY output_buf, JDIMENSION output_col)
-;
-
-%define dct_table(b)   (b) + 8          ; void *dct_table
-%define coef_block(b)  (b) + 12         ; JCOEFPTR coef_block
-%define output_buf(b)  (b) + 16         ; JSAMPARRAY output_buf
-%define output_col(b)  (b) + 20         ; JDIMENSION output_col
-
-%define original_ebp   ebp + 0
-%define wk(i)          ebp - (WK_NUM - (i)) * SIZEOF_MMWORD
-                                        ; mmword wk[WK_NUM]
-%define WK_NUM         2
-%define workspace      wk(0) - DCTSIZE2 * SIZEOF_JCOEF
-                                        ; JCOEF workspace[DCTSIZE2]
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_idct_4x4_mmx)
-
-EXTN(jsimd_idct_4x4_mmx):
-    push        ebp
-    mov         eax, esp                    ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_MMWORD)  ; align to 64 bits
-    mov         [esp], eax
-    mov         ebp, esp                    ; ebp = aligned ebp
-    lea         esp, [workspace]
-    pushpic     ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-
-    ; ---- Pass 1: process columns from input, store into work array.
-
-;   mov         eax, [original_ebp]
-    mov         edx, POINTER [dct_table(eax)]    ; quantptr
-    mov         esi, JCOEFPTR [coef_block(eax)]  ; inptr
-    lea         edi, [workspace]                 ; JCOEF *wsptr
-    mov         ecx, DCTSIZE/4                   ; ctr
-    alignx      16, 7
-.columnloop:
-%ifndef NO_ZERO_COLUMN_TEST_4X4_MMX
-    mov         eax, dword [DWBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    or          eax, dword [DWBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    jnz         short .columnDCT
-
-    movq        mm0, MMWORD [MMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movq        mm1, MMWORD [MMBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    por         mm0, MMWORD [MMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    por         mm1, MMWORD [MMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    por         mm0, MMWORD [MMBLOCK(6,0,esi,SIZEOF_JCOEF)]
-    por         mm1, MMWORD [MMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-    por         mm0, mm1
-    packsswb    mm0, mm0
-    movd        eax, mm0
-    test        eax, eax
-    jnz         short .columnDCT
-
-    ; -- AC terms all zero
-
-    movq        mm0, MMWORD [MMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    pmullw      mm0, MMWORD [MMBLOCK(0,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    psllw       mm0, PASS1_BITS
-
-    movq        mm2, mm0                ; mm0=in0=(00 01 02 03)
-    punpcklwd   mm0, mm0                ; mm0=(00 00 01 01)
-    punpckhwd   mm2, mm2                ; mm2=(02 02 03 03)
-
-    movq        mm1, mm0
-    punpckldq   mm0, mm0                ; mm0=(00 00 00 00)
-    punpckhdq   mm1, mm1                ; mm1=(01 01 01 01)
-    movq        mm3, mm2
-    punpckldq   mm2, mm2                ; mm2=(02 02 02 02)
-    punpckhdq   mm3, mm3                ; mm3=(03 03 03 03)
-
-    movq        MMWORD [MMBLOCK(0,0,edi,SIZEOF_JCOEF)], mm0
-    movq        MMWORD [MMBLOCK(1,0,edi,SIZEOF_JCOEF)], mm1
-    movq        MMWORD [MMBLOCK(2,0,edi,SIZEOF_JCOEF)], mm2
-    movq        MMWORD [MMBLOCK(3,0,edi,SIZEOF_JCOEF)], mm3
-    jmp         near .nextcolumn
-    alignx      16, 7
-%endif
-.columnDCT:
-
-    ; -- Odd part
-
-    movq        mm0, MMWORD [MMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movq        mm1, MMWORD [MMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    pmullw      mm0, MMWORD [MMBLOCK(1,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      mm1, MMWORD [MMBLOCK(3,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    movq        mm2, MMWORD [MMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    movq        mm3, MMWORD [MMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-    pmullw      mm2, MMWORD [MMBLOCK(5,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      mm3, MMWORD [MMBLOCK(7,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    movq        mm4, mm0
-    movq        mm5, mm0
-    punpcklwd   mm4, mm1
-    punpckhwd   mm5, mm1
-    movq        mm0, mm4
-    movq        mm1, mm5
-    pmaddwd     mm4, [GOTOFF(ebx,PW_F256_F089)]   ; mm4=(tmp2L)
-    pmaddwd     mm5, [GOTOFF(ebx,PW_F256_F089)]   ; mm5=(tmp2H)
-    pmaddwd     mm0, [GOTOFF(ebx,PW_F106_MF217)]  ; mm0=(tmp0L)
-    pmaddwd     mm1, [GOTOFF(ebx,PW_F106_MF217)]  ; mm1=(tmp0H)
-
-    movq        mm6, mm2
-    movq        mm7, mm2
-    punpcklwd   mm6, mm3
-    punpckhwd   mm7, mm3
-    movq        mm2, mm6
-    movq        mm3, mm7
-    pmaddwd     mm6, [GOTOFF(ebx,PW_MF060_MF050)]  ; mm6=(tmp2L)
-    pmaddwd     mm7, [GOTOFF(ebx,PW_MF060_MF050)]  ; mm7=(tmp2H)
-    pmaddwd     mm2, [GOTOFF(ebx,PW_F145_MF021)]   ; mm2=(tmp0L)
-    pmaddwd     mm3, [GOTOFF(ebx,PW_F145_MF021)]   ; mm3=(tmp0H)
-
-    paddd       mm6, mm4                ; mm6=tmp2L
-    paddd       mm7, mm5                ; mm7=tmp2H
-    paddd       mm2, mm0                ; mm2=tmp0L
-    paddd       mm3, mm1                ; mm3=tmp0H
-
-    movq        MMWORD [wk(0)], mm2     ; wk(0)=tmp0L
-    movq        MMWORD [wk(1)], mm3     ; wk(1)=tmp0H
-
-    ; -- Even part
-
-    movq        mm4, MMWORD [MMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    movq        mm5, MMWORD [MMBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    movq        mm0, MMWORD [MMBLOCK(6,0,esi,SIZEOF_JCOEF)]
-    pmullw      mm4, MMWORD [MMBLOCK(0,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      mm5, MMWORD [MMBLOCK(2,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      mm0, MMWORD [MMBLOCK(6,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    pxor        mm1, mm1
-    pxor        mm2, mm2
-    punpcklwd   mm1, mm4                ; mm1=tmp0L
-    punpckhwd   mm2, mm4                ; mm2=tmp0H
-    psrad       mm1, (16-CONST_BITS-1)  ; psrad mm1,16 & pslld mm1,CONST_BITS+1
-    psrad       mm2, (16-CONST_BITS-1)  ; psrad mm2,16 & pslld mm2,CONST_BITS+1
-
-    movq        mm3, mm5                ; mm5=in2=z2
-    punpcklwd   mm5, mm0                ; mm0=in6=z3
-    punpckhwd   mm3, mm0
-    pmaddwd     mm5, [GOTOFF(ebx,PW_F184_MF076)]  ; mm5=tmp2L
-    pmaddwd     mm3, [GOTOFF(ebx,PW_F184_MF076)]  ; mm3=tmp2H
-
-    movq        mm4, mm1
-    movq        mm0, mm2
-    paddd       mm1, mm5                ; mm1=tmp10L
-    paddd       mm2, mm3                ; mm2=tmp10H
-    psubd       mm4, mm5                ; mm4=tmp12L
-    psubd       mm0, mm3                ; mm0=tmp12H
-
-    ; -- Final output stage
-
-    movq        mm5, mm1
-    movq        mm3, mm2
-    paddd       mm1, mm6                ; mm1=data0L
-    paddd       mm2, mm7                ; mm2=data0H
-    psubd       mm5, mm6                ; mm5=data3L
-    psubd       mm3, mm7                ; mm3=data3H
-
-    movq        mm6, [GOTOFF(ebx,PD_DESCALE_P1_4)]  ; mm6=[PD_DESCALE_P1_4]
-
-    paddd       mm1, mm6
-    paddd       mm2, mm6
-    psrad       mm1, DESCALE_P1_4
-    psrad       mm2, DESCALE_P1_4
-    paddd       mm5, mm6
-    paddd       mm3, mm6
-    psrad       mm5, DESCALE_P1_4
-    psrad       mm3, DESCALE_P1_4
-
-    packssdw    mm1, mm2                ; mm1=data0=(00 01 02 03)
-    packssdw    mm5, mm3                ; mm5=data3=(30 31 32 33)
-
-    movq        mm7, MMWORD [wk(0)]     ; mm7=tmp0L
-    movq        mm6, MMWORD [wk(1)]     ; mm6=tmp0H
-
-    movq        mm2, mm4
-    movq        mm3, mm0
-    paddd       mm4, mm7                ; mm4=data1L
-    paddd       mm0, mm6                ; mm0=data1H
-    psubd       mm2, mm7                ; mm2=data2L
-    psubd       mm3, mm6                ; mm3=data2H
-
-    movq        mm7, [GOTOFF(ebx,PD_DESCALE_P1_4)]  ; mm7=[PD_DESCALE_P1_4]
-
-    paddd       mm4, mm7
-    paddd       mm0, mm7
-    psrad       mm4, DESCALE_P1_4
-    psrad       mm0, DESCALE_P1_4
-    paddd       mm2, mm7
-    paddd       mm3, mm7
-    psrad       mm2, DESCALE_P1_4
-    psrad       mm3, DESCALE_P1_4
-
-    packssdw    mm4, mm0                ; mm4=data1=(10 11 12 13)
-    packssdw    mm2, mm3                ; mm2=data2=(20 21 22 23)
-
-    movq        mm6, mm1                ; transpose coefficients(phase 1)
-    punpcklwd   mm1, mm4                ; mm1=(00 10 01 11)
-    punpckhwd   mm6, mm4                ; mm6=(02 12 03 13)
-    movq        mm7, mm2                ; transpose coefficients(phase 1)
-    punpcklwd   mm2, mm5                ; mm2=(20 30 21 31)
-    punpckhwd   mm7, mm5                ; mm7=(22 32 23 33)
-
-    movq        mm0, mm1                ; transpose coefficients(phase 2)
-    punpckldq   mm1, mm2                ; mm1=(00 10 20 30)
-    punpckhdq   mm0, mm2                ; mm0=(01 11 21 31)
-    movq        mm3, mm6                ; transpose coefficients(phase 2)
-    punpckldq   mm6, mm7                ; mm6=(02 12 22 32)
-    punpckhdq   mm3, mm7                ; mm3=(03 13 23 33)
-
-    movq        MMWORD [MMBLOCK(0,0,edi,SIZEOF_JCOEF)], mm1
-    movq        MMWORD [MMBLOCK(1,0,edi,SIZEOF_JCOEF)], mm0
-    movq        MMWORD [MMBLOCK(2,0,edi,SIZEOF_JCOEF)], mm6
-    movq        MMWORD [MMBLOCK(3,0,edi,SIZEOF_JCOEF)], mm3
-
-.nextcolumn:
-    add         esi, byte 4*SIZEOF_JCOEF            ; coef_block
-    add         edx, byte 4*SIZEOF_ISLOW_MULT_TYPE  ; quantptr
-    add         edi, byte 4*DCTSIZE*SIZEOF_JCOEF    ; wsptr
-    dec         ecx                                 ; ctr
-    jnz         near .columnloop
-
-    ; ---- Pass 2: process rows from work array, store into output array.
-
-    mov         eax, [original_ebp]
-    lea         esi, [workspace]                   ; JCOEF *wsptr
-    mov         edi, JSAMPARRAY [output_buf(eax)]  ; (JSAMPROW *)
-    mov         eax, JDIMENSION [output_col(eax)]
-
-    ; -- Odd part
-
-    movq        mm0, MMWORD [MMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movq        mm1, MMWORD [MMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    movq        mm2, MMWORD [MMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    movq        mm3, MMWORD [MMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-
-    movq        mm4, mm0
-    movq        mm5, mm0
-    punpcklwd   mm4, mm1
-    punpckhwd   mm5, mm1
-    movq        mm0, mm4
-    movq        mm1, mm5
-    pmaddwd     mm4, [GOTOFF(ebx,PW_F256_F089)]   ; mm4=(tmp2L)
-    pmaddwd     mm5, [GOTOFF(ebx,PW_F256_F089)]   ; mm5=(tmp2H)
-    pmaddwd     mm0, [GOTOFF(ebx,PW_F106_MF217)]  ; mm0=(tmp0L)
-    pmaddwd     mm1, [GOTOFF(ebx,PW_F106_MF217)]  ; mm1=(tmp0H)
-
-    movq        mm6, mm2
-    movq        mm7, mm2
-    punpcklwd   mm6, mm3
-    punpckhwd   mm7, mm3
-    movq        mm2, mm6
-    movq        mm3, mm7
-    pmaddwd     mm6, [GOTOFF(ebx,PW_MF060_MF050)]  ; mm6=(tmp2L)
-    pmaddwd     mm7, [GOTOFF(ebx,PW_MF060_MF050)]  ; mm7=(tmp2H)
-    pmaddwd     mm2, [GOTOFF(ebx,PW_F145_MF021)]   ; mm2=(tmp0L)
-    pmaddwd     mm3, [GOTOFF(ebx,PW_F145_MF021)]   ; mm3=(tmp0H)
-
-    paddd       mm6, mm4                ; mm6=tmp2L
-    paddd       mm7, mm5                ; mm7=tmp2H
-    paddd       mm2, mm0                ; mm2=tmp0L
-    paddd       mm3, mm1                ; mm3=tmp0H
-
-    movq        MMWORD [wk(0)], mm2     ; wk(0)=tmp0L
-    movq        MMWORD [wk(1)], mm3     ; wk(1)=tmp0H
-
-    ; -- Even part
-
-    movq        mm4, MMWORD [MMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    movq        mm5, MMWORD [MMBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    movq        mm0, MMWORD [MMBLOCK(6,0,esi,SIZEOF_JCOEF)]
-
-    pxor        mm1, mm1
-    pxor        mm2, mm2
-    punpcklwd   mm1, mm4                ; mm1=tmp0L
-    punpckhwd   mm2, mm4                ; mm2=tmp0H
-    psrad       mm1, (16-CONST_BITS-1)  ; psrad mm1,16 & pslld mm1,CONST_BITS+1
-    psrad       mm2, (16-CONST_BITS-1)  ; psrad mm2,16 & pslld mm2,CONST_BITS+1
-
-    movq        mm3, mm5                ; mm5=in2=z2
-    punpcklwd   mm5, mm0                ; mm0=in6=z3
-    punpckhwd   mm3, mm0
-    pmaddwd     mm5, [GOTOFF(ebx,PW_F184_MF076)]  ; mm5=tmp2L
-    pmaddwd     mm3, [GOTOFF(ebx,PW_F184_MF076)]  ; mm3=tmp2H
-
-    movq        mm4, mm1
-    movq        mm0, mm2
-    paddd       mm1, mm5                ; mm1=tmp10L
-    paddd       mm2, mm3                ; mm2=tmp10H
-    psubd       mm4, mm5                ; mm4=tmp12L
-    psubd       mm0, mm3                ; mm0=tmp12H
-
-    ; -- Final output stage
-
-    movq        mm5, mm1
-    movq        mm3, mm2
-    paddd       mm1, mm6                ; mm1=data0L
-    paddd       mm2, mm7                ; mm2=data0H
-    psubd       mm5, mm6                ; mm5=data3L
-    psubd       mm3, mm7                ; mm3=data3H
-
-    movq        mm6, [GOTOFF(ebx,PD_DESCALE_P2_4)]  ; mm6=[PD_DESCALE_P2_4]
-
-    paddd       mm1, mm6
-    paddd       mm2, mm6
-    psrad       mm1, DESCALE_P2_4
-    psrad       mm2, DESCALE_P2_4
-    paddd       mm5, mm6
-    paddd       mm3, mm6
-    psrad       mm5, DESCALE_P2_4
-    psrad       mm3, DESCALE_P2_4
-
-    packssdw    mm1, mm2                ; mm1=data0=(00 10 20 30)
-    packssdw    mm5, mm3                ; mm5=data3=(03 13 23 33)
-
-    movq        mm7, MMWORD [wk(0)]     ; mm7=tmp0L
-    movq        mm6, MMWORD [wk(1)]     ; mm6=tmp0H
-
-    movq        mm2, mm4
-    movq        mm3, mm0
-    paddd       mm4, mm7                ; mm4=data1L
-    paddd       mm0, mm6                ; mm0=data1H
-    psubd       mm2, mm7                ; mm2=data2L
-    psubd       mm3, mm6                ; mm3=data2H
-
-    movq        mm7, [GOTOFF(ebx,PD_DESCALE_P2_4)]  ; mm7=[PD_DESCALE_P2_4]
-
-    paddd       mm4, mm7
-    paddd       mm0, mm7
-    psrad       mm4, DESCALE_P2_4
-    psrad       mm0, DESCALE_P2_4
-    paddd       mm2, mm7
-    paddd       mm3, mm7
-    psrad       mm2, DESCALE_P2_4
-    psrad       mm3, DESCALE_P2_4
-
-    packssdw    mm4, mm0                ; mm4=data1=(01 11 21 31)
-    packssdw    mm2, mm3                ; mm2=data2=(02 12 22 32)
-
-    movq        mm6, [GOTOFF(ebx,PB_CENTERJSAMP)]  ; mm6=[PB_CENTERJSAMP]
-
-    packsswb    mm1, mm2                ; mm1=(00 10 20 30 02 12 22 32)
-    packsswb    mm4, mm5                ; mm4=(01 11 21 31 03 13 23 33)
-    paddb       mm1, mm6
-    paddb       mm4, mm6
-
-    movq        mm7, mm1                ; transpose coefficients(phase 1)
-    punpcklbw   mm1, mm4                ; mm1=(00 01 10 11 20 21 30 31)
-    punpckhbw   mm7, mm4                ; mm7=(02 03 12 13 22 23 32 33)
-
-    movq        mm0, mm1                ; transpose coefficients(phase 2)
-    punpcklwd   mm1, mm7                ; mm1=(00 01 02 03 10 11 12 13)
-    punpckhwd   mm0, mm7                ; mm0=(20 21 22 23 30 31 32 33)
-
-    mov         edx, JSAMPROW [edi+0*SIZEOF_JSAMPROW]
-    mov         esi, JSAMPROW [edi+2*SIZEOF_JSAMPROW]
-    movd        dword [edx+eax*SIZEOF_JSAMPLE], mm1
-    movd        dword [esi+eax*SIZEOF_JSAMPLE], mm0
-
-    psrlq       mm1, 4*BYTE_BIT
-    psrlq       mm0, 4*BYTE_BIT
-
-    mov         edx, JSAMPROW [edi+1*SIZEOF_JSAMPROW]
-    mov         esi, JSAMPROW [edi+3*SIZEOF_JSAMPROW]
-    movd        dword [edx+eax*SIZEOF_JSAMPLE], mm1
-    movd        dword [esi+eax*SIZEOF_JSAMPLE], mm0
-
-    emms                                ; empty MMX state
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    poppic      ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Perform dequantization and inverse DCT on one block of coefficients,
-; producing a reduced-size 2x2 output block.
-;
-; GLOBAL(void)
-; jsimd_idct_2x2_mmx(void *dct_table, JCOEFPTR coef_block,
-;                    JSAMPARRAY output_buf, JDIMENSION output_col)
-;
-
-%define dct_table(b)   (b) + 8          ; void *dct_table
-%define coef_block(b)  (b) + 12         ; JCOEFPTR coef_block
-%define output_buf(b)  (b) + 16         ; JSAMPARRAY output_buf
-%define output_col(b)  (b) + 20         ; JDIMENSION output_col
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_idct_2x2_mmx)
-
-EXTN(jsimd_idct_2x2_mmx):
-    push        ebp
-    mov         ebp, esp
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-
-    ; ---- Pass 1: process columns from input.
-
-    mov         edx, POINTER [dct_table(ebp)]    ; quantptr
-    mov         esi, JCOEFPTR [coef_block(ebp)]  ; inptr
-
-    ; | input:                  | result:        |
-    ; | 00 01 ** 03 ** 05 ** 07 |                |
-    ; | 10 11 ** 13 ** 15 ** 17 |                |
-    ; | ** ** ** ** ** ** ** ** |                |
-    ; | 30 31 ** 33 ** 35 ** 37 | A0 A1 A3 A5 A7 |
-    ; | ** ** ** ** ** ** ** ** | B0 B1 B3 B5 B7 |
-    ; | 50 51 ** 53 ** 55 ** 57 |                |
-    ; | ** ** ** ** ** ** ** ** |                |
-    ; | 70 71 ** 73 ** 75 ** 77 |                |
-
-    ; -- Odd part
-
-    movq        mm0, MMWORD [MMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movq        mm1, MMWORD [MMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    pmullw      mm0, MMWORD [MMBLOCK(1,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      mm1, MMWORD [MMBLOCK(3,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    movq        mm2, MMWORD [MMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    movq        mm3, MMWORD [MMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-    pmullw      mm2, MMWORD [MMBLOCK(5,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      mm3, MMWORD [MMBLOCK(7,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    ; mm0=(10 11 ** 13), mm1=(30 31 ** 33)
-    ; mm2=(50 51 ** 53), mm3=(70 71 ** 73)
-
-    pcmpeqd     mm7, mm7
-    pslld       mm7, WORD_BIT           ; mm7={0x0000 0xFFFF 0x0000 0xFFFF}
-
-    movq        mm4, mm0                ; mm4=(10 11 ** 13)
-    movq        mm5, mm2                ; mm5=(50 51 ** 53)
-    punpcklwd   mm4, mm1                ; mm4=(10 30 11 31)
-    punpcklwd   mm5, mm3                ; mm5=(50 70 51 71)
-    pmaddwd     mm4, [GOTOFF(ebx,PW_F362_MF127)]
-    pmaddwd     mm5, [GOTOFF(ebx,PW_F085_MF072)]
-
-    psrld       mm0, WORD_BIT           ; mm0=(11 -- 13 --)
-    pand        mm1, mm7                ; mm1=(-- 31 -- 33)
-    psrld       mm2, WORD_BIT           ; mm2=(51 -- 53 --)
-    pand        mm3, mm7                ; mm3=(-- 71 -- 73)
-    por         mm0, mm1                ; mm0=(11 31 13 33)
-    por         mm2, mm3                ; mm2=(51 71 53 73)
-    pmaddwd     mm0, [GOTOFF(ebx,PW_F362_MF127)]
-    pmaddwd     mm2, [GOTOFF(ebx,PW_F085_MF072)]
-
-    paddd       mm4, mm5                ; mm4=tmp0[col0 col1]
-
-    movq        mm6, MMWORD [MMBLOCK(1,1,esi,SIZEOF_JCOEF)]
-    movq        mm1, MMWORD [MMBLOCK(3,1,esi,SIZEOF_JCOEF)]
-    pmullw      mm6, MMWORD [MMBLOCK(1,1,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      mm1, MMWORD [MMBLOCK(3,1,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    movq        mm3, MMWORD [MMBLOCK(5,1,esi,SIZEOF_JCOEF)]
-    movq        mm5, MMWORD [MMBLOCK(7,1,esi,SIZEOF_JCOEF)]
-    pmullw      mm3, MMWORD [MMBLOCK(5,1,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      mm5, MMWORD [MMBLOCK(7,1,edx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    ; mm6=(** 15 ** 17), mm1=(** 35 ** 37)
-    ; mm3=(** 55 ** 57), mm5=(** 75 ** 77)
-
-    psrld       mm6, WORD_BIT           ; mm6=(15 -- 17 --)
-    pand        mm1, mm7                ; mm1=(-- 35 -- 37)
-    psrld       mm3, WORD_BIT           ; mm3=(55 -- 57 --)
-    pand        mm5, mm7                ; mm5=(-- 75 -- 77)
-    por         mm6, mm1                ; mm6=(15 35 17 37)
-    por         mm3, mm5                ; mm3=(55 75 57 77)
-    pmaddwd     mm6, [GOTOFF(ebx,PW_F362_MF127)]
-    pmaddwd     mm3, [GOTOFF(ebx,PW_F085_MF072)]
-
-    paddd       mm0, mm2                ; mm0=tmp0[col1 col3]
-    paddd       mm6, mm3                ; mm6=tmp0[col5 col7]
-
-    ; -- Even part
-
-    movq        mm1, MMWORD [MMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    movq        mm5, MMWORD [MMBLOCK(0,1,esi,SIZEOF_JCOEF)]
-    pmullw      mm1, MMWORD [MMBLOCK(0,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      mm5, MMWORD [MMBLOCK(0,1,edx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    ; mm1=(00 01 ** 03), mm5=(** 05 ** 07)
-
-    movq        mm2, mm1                      ; mm2=(00 01 ** 03)
-    pslld       mm1, WORD_BIT                 ; mm1=(-- 00 -- **)
-    psrad       mm1, (WORD_BIT-CONST_BITS-2)  ; mm1=tmp10[col0 ****]
-
-    pand        mm2, mm7                      ; mm2=(-- 01 -- 03)
-    pand        mm5, mm7                      ; mm5=(-- 05 -- 07)
-    psrad       mm2, (WORD_BIT-CONST_BITS-2)  ; mm2=tmp10[col1 col3]
-    psrad       mm5, (WORD_BIT-CONST_BITS-2)  ; mm5=tmp10[col5 col7]
-
-    ; -- Final output stage
-
-    movq        mm3, mm1
-    paddd       mm1, mm4                ; mm1=data0[col0 ****]=(A0 **)
-    psubd       mm3, mm4                ; mm3=data1[col0 ****]=(B0 **)
-    punpckldq   mm1, mm3                ; mm1=(A0 B0)
-
-    movq        mm7, [GOTOFF(ebx,PD_DESCALE_P1_2)]  ; mm7=[PD_DESCALE_P1_2]
-
-    movq        mm4, mm2
-    movq        mm3, mm5
-    paddd       mm2, mm0                ; mm2=data0[col1 col3]=(A1 A3)
-    paddd       mm5, mm6                ; mm5=data0[col5 col7]=(A5 A7)
-    psubd       mm4, mm0                ; mm4=data1[col1 col3]=(B1 B3)
-    psubd       mm3, mm6                ; mm3=data1[col5 col7]=(B5 B7)
-
-    paddd       mm1, mm7
-    psrad       mm1, DESCALE_P1_2
-
-    paddd       mm2, mm7
-    paddd       mm5, mm7
-    psrad       mm2, DESCALE_P1_2
-    psrad       mm5, DESCALE_P1_2
-    paddd       mm4, mm7
-    paddd       mm3, mm7
-    psrad       mm4, DESCALE_P1_2
-    psrad       mm3, DESCALE_P1_2
-
-    ; ---- Pass 2: process rows, store into output array.
-
-    mov         edi, JSAMPARRAY [output_buf(ebp)]  ; (JSAMPROW *)
-    mov         eax, JDIMENSION [output_col(ebp)]
-
-    ; | input:| result:|
-    ; | A0 B0 |        |
-    ; | A1 B1 | C0 C1  |
-    ; | A3 B3 | D0 D1  |
-    ; | A5 B5 |        |
-    ; | A7 B7 |        |
-
-    ; -- Odd part
-
-    packssdw    mm2, mm4                ; mm2=(A1 A3 B1 B3)
-    packssdw    mm5, mm3                ; mm5=(A5 A7 B5 B7)
-    pmaddwd     mm2, [GOTOFF(ebx,PW_F362_MF127)]
-    pmaddwd     mm5, [GOTOFF(ebx,PW_F085_MF072)]
-
-    paddd       mm2, mm5                ; mm2=tmp0[row0 row1]
-
-    ; -- Even part
-
-    pslld       mm1, (CONST_BITS+2)     ; mm1=tmp10[row0 row1]
-
-    ; -- Final output stage
-
-    movq        mm0, [GOTOFF(ebx,PD_DESCALE_P2_2)]  ; mm0=[PD_DESCALE_P2_2]
-
-    movq        mm6, mm1
-    paddd       mm1, mm2                ; mm1=data0[row0 row1]=(C0 C1)
-    psubd       mm6, mm2                ; mm6=data1[row0 row1]=(D0 D1)
-
-    paddd       mm1, mm0
-    paddd       mm6, mm0
-    psrad       mm1, DESCALE_P2_2
-    psrad       mm6, DESCALE_P2_2
-
-    movq        mm7, mm1                ; transpose coefficients
-    punpckldq   mm1, mm6                ; mm1=(C0 D0)
-    punpckhdq   mm7, mm6                ; mm7=(C1 D1)
-
-    packssdw    mm1, mm7                ; mm1=(C0 D0 C1 D1)
-    packsswb    mm1, mm1                ; mm1=(C0 D0 C1 D1 C0 D0 C1 D1)
-    paddb       mm1, [GOTOFF(ebx,PB_CENTERJSAMP)]
-
-    movd        ecx, mm1
-    movd        ebx, mm1                ; ebx=(C0 D0 C1 D1)
-    shr         ecx, 2*BYTE_BIT         ; ecx=(C1 D1 -- --)
-
-    mov         edx, JSAMPROW [edi+0*SIZEOF_JSAMPROW]
-    mov         esi, JSAMPROW [edi+1*SIZEOF_JSAMPROW]
-    mov         word [edx+eax*SIZEOF_JSAMPLE], bx
-    mov         word [esi+eax*SIZEOF_JSAMPLE], cx
-
-    emms                                ; empty MMX state
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctred-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctred-sse2.asm
deleted file mode 100644
index 6e56494..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jidctred-sse2.asm
+++ /dev/null
@@ -1,592 +0,0 @@
-;
-; jidctred.asm - reduced-size IDCT (SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains inverse-DCT routines that produce reduced-size
-; output: either 4x4 or 2x2 pixels from an 8x8 DCT block.
-; The following code is based directly on the IJG's original jidctred.c;
-; see the jidctred.c for more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%define CONST_BITS    13
-%define PASS1_BITS    2
-
-%define DESCALE_P1_4  (CONST_BITS - PASS1_BITS + 1)
-%define DESCALE_P2_4  (CONST_BITS + PASS1_BITS + 3 + 1)
-%define DESCALE_P1_2  (CONST_BITS - PASS1_BITS + 2)
-%define DESCALE_P2_2  (CONST_BITS + PASS1_BITS + 3 + 2)
-
-%if CONST_BITS == 13
-F_0_211 equ  1730  ; FIX(0.211164243)
-F_0_509 equ  4176  ; FIX(0.509795579)
-F_0_601 equ  4926  ; FIX(0.601344887)
-F_0_720 equ  5906  ; FIX(0.720959822)
-F_0_765 equ  6270  ; FIX(0.765366865)
-F_0_850 equ  6967  ; FIX(0.850430095)
-F_0_899 equ  7373  ; FIX(0.899976223)
-F_1_061 equ  8697  ; FIX(1.061594337)
-F_1_272 equ 10426  ; FIX(1.272758580)
-F_1_451 equ 11893  ; FIX(1.451774981)
-F_1_847 equ 15137  ; FIX(1.847759065)
-F_2_172 equ 17799  ; FIX(2.172734803)
-F_2_562 equ 20995  ; FIX(2.562915447)
-F_3_624 equ 29692  ; FIX(3.624509785)
-%else
-; NASM cannot do compile-time arithmetic on floating-point constants.
-%define DESCALE(x, n)  (((x) + (1 << ((n) - 1))) >> (n))
-F_0_211 equ DESCALE( 226735879, 30 - CONST_BITS)  ; FIX(0.211164243)
-F_0_509 equ DESCALE( 547388834, 30 - CONST_BITS)  ; FIX(0.509795579)
-F_0_601 equ DESCALE( 645689155, 30 - CONST_BITS)  ; FIX(0.601344887)
-F_0_720 equ DESCALE( 774124714, 30 - CONST_BITS)  ; FIX(0.720959822)
-F_0_765 equ DESCALE( 821806413, 30 - CONST_BITS)  ; FIX(0.765366865)
-F_0_850 equ DESCALE( 913142361, 30 - CONST_BITS)  ; FIX(0.850430095)
-F_0_899 equ DESCALE( 966342111, 30 - CONST_BITS)  ; FIX(0.899976223)
-F_1_061 equ DESCALE(1139878239, 30 - CONST_BITS)  ; FIX(1.061594337)
-F_1_272 equ DESCALE(1366614119, 30 - CONST_BITS)  ; FIX(1.272758580)
-F_1_451 equ DESCALE(1558831516, 30 - CONST_BITS)  ; FIX(1.451774981)
-F_1_847 equ DESCALE(1984016188, 30 - CONST_BITS)  ; FIX(1.847759065)
-F_2_172 equ DESCALE(2332956230, 30 - CONST_BITS)  ; FIX(2.172734803)
-F_2_562 equ DESCALE(2751909506, 30 - CONST_BITS)  ; FIX(2.562915447)
-F_3_624 equ DESCALE(3891787747, 30 - CONST_BITS)  ; FIX(3.624509785)
-%endif
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_idct_red_sse2)
-
-EXTN(jconst_idct_red_sse2):
-
-PW_F184_MF076   times 4  dw  F_1_847, -F_0_765
-PW_F256_F089    times 4  dw  F_2_562,  F_0_899
-PW_F106_MF217   times 4  dw  F_1_061, -F_2_172
-PW_MF060_MF050  times 4  dw -F_0_601, -F_0_509
-PW_F145_MF021   times 4  dw  F_1_451, -F_0_211
-PW_F362_MF127   times 4  dw  F_3_624, -F_1_272
-PW_F085_MF072   times 4  dw  F_0_850, -F_0_720
-PD_DESCALE_P1_4 times 4  dd  1 << (DESCALE_P1_4 - 1)
-PD_DESCALE_P2_4 times 4  dd  1 << (DESCALE_P2_4 - 1)
-PD_DESCALE_P1_2 times 4  dd  1 << (DESCALE_P1_2 - 1)
-PD_DESCALE_P2_2 times 4  dd  1 << (DESCALE_P2_2 - 1)
-PB_CENTERJSAMP  times 16 db  CENTERJSAMPLE
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Perform dequantization and inverse DCT on one block of coefficients,
-; producing a reduced-size 4x4 output block.
-;
-; GLOBAL(void)
-; jsimd_idct_4x4_sse2(void *dct_table, JCOEFPTR coef_block,
-;                     JSAMPARRAY output_buf, JDIMENSION output_col)
-;
-
-%define dct_table(b)   (b) + 8          ; void *dct_table
-%define coef_block(b)  (b) + 12         ; JCOEFPTR coef_block
-%define output_buf(b)  (b) + 16         ; JSAMPARRAY output_buf
-%define output_col(b)  (b) + 20         ; JDIMENSION output_col
-
-%define original_ebp   ebp + 0
-%define wk(i)          ebp - (WK_NUM - (i)) * SIZEOF_XMMWORD
-                                        ; xmmword wk[WK_NUM]
-%define WK_NUM         2
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_idct_4x4_sse2)
-
-EXTN(jsimd_idct_4x4_sse2):
-    push        ebp
-    mov         eax, esp                     ; eax = original ebp
-    sub         esp, byte 4
-    and         esp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [esp], eax
-    mov         ebp, esp                     ; ebp = aligned ebp
-    lea         esp, [wk(0)]
-    pushpic     ebx
-;   push        ecx                     ; unused
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-
-    ; ---- Pass 1: process columns from input.
-
-;   mov         eax, [original_ebp]
-    mov         edx, POINTER [dct_table(eax)]    ; quantptr
-    mov         esi, JCOEFPTR [coef_block(eax)]  ; inptr
-
-%ifndef NO_ZERO_COLUMN_TEST_4X4_SSE2
-    mov         eax, dword [DWBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    or          eax, dword [DWBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    jnz         short .columnDCT
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    por         xmm0, XMMWORD [XMMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    por         xmm1, XMMWORD [XMMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    por         xmm0, XMMWORD [XMMBLOCK(6,0,esi,SIZEOF_JCOEF)]
-    por         xmm1, XMMWORD [XMMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-    por         xmm0, xmm1
-    packsswb    xmm0, xmm0
-    packsswb    xmm0, xmm0
-    movd        eax, xmm0
-    test        eax, eax
-    jnz         short .columnDCT
-
-    ; -- AC terms all zero
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    pmullw      xmm0, XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    psllw       xmm0, PASS1_BITS
-
-    movdqa      xmm3, xmm0        ; xmm0=in0=(00 01 02 03 04 05 06 07)
-    punpcklwd   xmm0, xmm0        ; xmm0=(00 00 01 01 02 02 03 03)
-    punpckhwd   xmm3, xmm3        ; xmm3=(04 04 05 05 06 06 07 07)
-
-    pshufd      xmm1, xmm0, 0x50  ; xmm1=[col0 col1]=(00 00 00 00 01 01 01 01)
-    pshufd      xmm0, xmm0, 0xFA  ; xmm0=[col2 col3]=(02 02 02 02 03 03 03 03)
-    pshufd      xmm6, xmm3, 0x50  ; xmm6=[col4 col5]=(04 04 04 04 05 05 05 05)
-    pshufd      xmm3, xmm3, 0xFA  ; xmm3=[col6 col7]=(06 06 06 06 07 07 07 07)
-
-    jmp         near .column_end
-    alignx      16, 7
-%endif
-.columnDCT:
-
-    ; -- Odd part
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    pmullw      xmm0, XMMWORD [XMMBLOCK(1,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      xmm1, XMMWORD [XMMBLOCK(3,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    movdqa      xmm2, XMMWORD [XMMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    movdqa      xmm3, XMMWORD [XMMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-    pmullw      xmm2, XMMWORD [XMMBLOCK(5,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      xmm3, XMMWORD [XMMBLOCK(7,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    movdqa      xmm4, xmm0
-    movdqa      xmm5, xmm0
-    punpcklwd   xmm4, xmm1
-    punpckhwd   xmm5, xmm1
-    movdqa      xmm0, xmm4
-    movdqa      xmm1, xmm5
-    pmaddwd     xmm4, [GOTOFF(ebx,PW_F256_F089)]   ; xmm4=(tmp2L)
-    pmaddwd     xmm5, [GOTOFF(ebx,PW_F256_F089)]   ; xmm5=(tmp2H)
-    pmaddwd     xmm0, [GOTOFF(ebx,PW_F106_MF217)]  ; xmm0=(tmp0L)
-    pmaddwd     xmm1, [GOTOFF(ebx,PW_F106_MF217)]  ; xmm1=(tmp0H)
-
-    movdqa      xmm6, xmm2
-    movdqa      xmm7, xmm2
-    punpcklwd   xmm6, xmm3
-    punpckhwd   xmm7, xmm3
-    movdqa      xmm2, xmm6
-    movdqa      xmm3, xmm7
-    pmaddwd     xmm6, [GOTOFF(ebx,PW_MF060_MF050)]  ; xmm6=(tmp2L)
-    pmaddwd     xmm7, [GOTOFF(ebx,PW_MF060_MF050)]  ; xmm7=(tmp2H)
-    pmaddwd     xmm2, [GOTOFF(ebx,PW_F145_MF021)]   ; xmm2=(tmp0L)
-    pmaddwd     xmm3, [GOTOFF(ebx,PW_F145_MF021)]   ; xmm3=(tmp0H)
-
-    paddd       xmm6, xmm4              ; xmm6=tmp2L
-    paddd       xmm7, xmm5              ; xmm7=tmp2H
-    paddd       xmm2, xmm0              ; xmm2=tmp0L
-    paddd       xmm3, xmm1              ; xmm3=tmp0H
-
-    movdqa      XMMWORD [wk(0)], xmm2   ; wk(0)=tmp0L
-    movdqa      XMMWORD [wk(1)], xmm3   ; wk(1)=tmp0H
-
-    ; -- Even part
-
-    movdqa      xmm4, XMMWORD [XMMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    movdqa      xmm5, XMMWORD [XMMBLOCK(2,0,esi,SIZEOF_JCOEF)]
-    movdqa      xmm0, XMMWORD [XMMBLOCK(6,0,esi,SIZEOF_JCOEF)]
-    pmullw      xmm4, XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      xmm5, XMMWORD [XMMBLOCK(2,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      xmm0, XMMWORD [XMMBLOCK(6,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    pxor        xmm1, xmm1
-    pxor        xmm2, xmm2
-    punpcklwd   xmm1, xmm4               ; xmm1=tmp0L
-    punpckhwd   xmm2, xmm4               ; xmm2=tmp0H
-    psrad       xmm1, (16-CONST_BITS-1)  ; psrad xmm1,16 & pslld xmm1,CONST_BITS+1
-    psrad       xmm2, (16-CONST_BITS-1)  ; psrad xmm2,16 & pslld xmm2,CONST_BITS+1
-
-    movdqa      xmm3, xmm5              ; xmm5=in2=z2
-    punpcklwd   xmm5, xmm0              ; xmm0=in6=z3
-    punpckhwd   xmm3, xmm0
-    pmaddwd     xmm5, [GOTOFF(ebx,PW_F184_MF076)]  ; xmm5=tmp2L
-    pmaddwd     xmm3, [GOTOFF(ebx,PW_F184_MF076)]  ; xmm3=tmp2H
-
-    movdqa      xmm4, xmm1
-    movdqa      xmm0, xmm2
-    paddd       xmm1, xmm5              ; xmm1=tmp10L
-    paddd       xmm2, xmm3              ; xmm2=tmp10H
-    psubd       xmm4, xmm5              ; xmm4=tmp12L
-    psubd       xmm0, xmm3              ; xmm0=tmp12H
-
-    ; -- Final output stage
-
-    movdqa      xmm5, xmm1
-    movdqa      xmm3, xmm2
-    paddd       xmm1, xmm6              ; xmm1=data0L
-    paddd       xmm2, xmm7              ; xmm2=data0H
-    psubd       xmm5, xmm6              ; xmm5=data3L
-    psubd       xmm3, xmm7              ; xmm3=data3H
-
-    movdqa      xmm6, [GOTOFF(ebx,PD_DESCALE_P1_4)]  ; xmm6=[PD_DESCALE_P1_4]
-
-    paddd       xmm1, xmm6
-    paddd       xmm2, xmm6
-    psrad       xmm1, DESCALE_P1_4
-    psrad       xmm2, DESCALE_P1_4
-    paddd       xmm5, xmm6
-    paddd       xmm3, xmm6
-    psrad       xmm5, DESCALE_P1_4
-    psrad       xmm3, DESCALE_P1_4
-
-    packssdw    xmm1, xmm2              ; xmm1=data0=(00 01 02 03 04 05 06 07)
-    packssdw    xmm5, xmm3              ; xmm5=data3=(30 31 32 33 34 35 36 37)
-
-    movdqa      xmm7, XMMWORD [wk(0)]   ; xmm7=tmp0L
-    movdqa      xmm6, XMMWORD [wk(1)]   ; xmm6=tmp0H
-
-    movdqa      xmm2, xmm4
-    movdqa      xmm3, xmm0
-    paddd       xmm4, xmm7              ; xmm4=data1L
-    paddd       xmm0, xmm6              ; xmm0=data1H
-    psubd       xmm2, xmm7              ; xmm2=data2L
-    psubd       xmm3, xmm6              ; xmm3=data2H
-
-    movdqa      xmm7, [GOTOFF(ebx,PD_DESCALE_P1_4)]  ; xmm7=[PD_DESCALE_P1_4]
-
-    paddd       xmm4, xmm7
-    paddd       xmm0, xmm7
-    psrad       xmm4, DESCALE_P1_4
-    psrad       xmm0, DESCALE_P1_4
-    paddd       xmm2, xmm7
-    paddd       xmm3, xmm7
-    psrad       xmm2, DESCALE_P1_4
-    psrad       xmm3, DESCALE_P1_4
-
-    packssdw    xmm4, xmm0        ; xmm4=data1=(10 11 12 13 14 15 16 17)
-    packssdw    xmm2, xmm3        ; xmm2=data2=(20 21 22 23 24 25 26 27)
-
-    movdqa      xmm6, xmm1        ; transpose coefficients(phase 1)
-    punpcklwd   xmm1, xmm4        ; xmm1=(00 10 01 11 02 12 03 13)
-    punpckhwd   xmm6, xmm4        ; xmm6=(04 14 05 15 06 16 07 17)
-    movdqa      xmm7, xmm2        ; transpose coefficients(phase 1)
-    punpcklwd   xmm2, xmm5        ; xmm2=(20 30 21 31 22 32 23 33)
-    punpckhwd   xmm7, xmm5        ; xmm7=(24 34 25 35 26 36 27 37)
-
-    movdqa      xmm0, xmm1        ; transpose coefficients(phase 2)
-    punpckldq   xmm1, xmm2        ; xmm1=[col0 col1]=(00 10 20 30 01 11 21 31)
-    punpckhdq   xmm0, xmm2        ; xmm0=[col2 col3]=(02 12 22 32 03 13 23 33)
-    movdqa      xmm3, xmm6        ; transpose coefficients(phase 2)
-    punpckldq   xmm6, xmm7        ; xmm6=[col4 col5]=(04 14 24 34 05 15 25 35)
-    punpckhdq   xmm3, xmm7        ; xmm3=[col6 col7]=(06 16 26 36 07 17 27 37)
-.column_end:
-
-    ; -- Prefetch the next coefficient block
-
-    prefetchnta [esi + DCTSIZE2*SIZEOF_JCOEF + 0*32]
-    prefetchnta [esi + DCTSIZE2*SIZEOF_JCOEF + 1*32]
-    prefetchnta [esi + DCTSIZE2*SIZEOF_JCOEF + 2*32]
-    prefetchnta [esi + DCTSIZE2*SIZEOF_JCOEF + 3*32]
-
-    ; ---- Pass 2: process rows, store into output array.
-
-    mov         eax, [original_ebp]
-    mov         edi, JSAMPARRAY [output_buf(eax)]  ; (JSAMPROW *)
-    mov         eax, JDIMENSION [output_col(eax)]
-
-    ; -- Even part
-
-    pxor        xmm4, xmm4
-    punpcklwd   xmm4, xmm1               ; xmm4=tmp0
-    psrad       xmm4, (16-CONST_BITS-1)  ; psrad xmm4,16 & pslld xmm4,CONST_BITS+1
-
-    ; -- Odd part
-
-    punpckhwd   xmm1, xmm0
-    punpckhwd   xmm6, xmm3
-    movdqa      xmm5, xmm1
-    movdqa      xmm2, xmm6
-    pmaddwd     xmm1, [GOTOFF(ebx,PW_F256_F089)]    ; xmm1=(tmp2)
-    pmaddwd     xmm6, [GOTOFF(ebx,PW_MF060_MF050)]  ; xmm6=(tmp2)
-    pmaddwd     xmm5, [GOTOFF(ebx,PW_F106_MF217)]   ; xmm5=(tmp0)
-    pmaddwd     xmm2, [GOTOFF(ebx,PW_F145_MF021)]   ; xmm2=(tmp0)
-
-    paddd       xmm6, xmm1              ; xmm6=tmp2
-    paddd       xmm2, xmm5              ; xmm2=tmp0
-
-    ; -- Even part
-
-    punpcklwd   xmm0, xmm3
-    pmaddwd     xmm0, [GOTOFF(ebx,PW_F184_MF076)]  ; xmm0=tmp2
-
-    movdqa      xmm7, xmm4
-    paddd       xmm4, xmm0              ; xmm4=tmp10
-    psubd       xmm7, xmm0              ; xmm7=tmp12
-
-    ; -- Final output stage
-
-    movdqa      xmm1, [GOTOFF(ebx,PD_DESCALE_P2_4)]  ; xmm1=[PD_DESCALE_P2_4]
-
-    movdqa      xmm5, xmm4
-    movdqa      xmm3, xmm7
-    paddd       xmm4, xmm6              ; xmm4=data0=(00 10 20 30)
-    paddd       xmm7, xmm2              ; xmm7=data1=(01 11 21 31)
-    psubd       xmm5, xmm6              ; xmm5=data3=(03 13 23 33)
-    psubd       xmm3, xmm2              ; xmm3=data2=(02 12 22 32)
-
-    paddd       xmm4, xmm1
-    paddd       xmm7, xmm1
-    psrad       xmm4, DESCALE_P2_4
-    psrad       xmm7, DESCALE_P2_4
-    paddd       xmm5, xmm1
-    paddd       xmm3, xmm1
-    psrad       xmm5, DESCALE_P2_4
-    psrad       xmm3, DESCALE_P2_4
-
-    packssdw    xmm4, xmm3              ; xmm4=(00 10 20 30 02 12 22 32)
-    packssdw    xmm7, xmm5              ; xmm7=(01 11 21 31 03 13 23 33)
-
-    movdqa      xmm0, xmm4              ; transpose coefficients(phase 1)
-    punpcklwd   xmm4, xmm7              ; xmm4=(00 01 10 11 20 21 30 31)
-    punpckhwd   xmm0, xmm7              ; xmm0=(02 03 12 13 22 23 32 33)
-
-    movdqa      xmm6, xmm4              ; transpose coefficients(phase 2)
-    punpckldq   xmm4, xmm0              ; xmm4=(00 01 02 03 10 11 12 13)
-    punpckhdq   xmm6, xmm0              ; xmm6=(20 21 22 23 30 31 32 33)
-
-    packsswb    xmm4, xmm6              ; xmm4=(00 01 02 03 10 11 12 13 20 ..)
-    paddb       xmm4, [GOTOFF(ebx,PB_CENTERJSAMP)]
-
-    pshufd      xmm2, xmm4, 0x39        ; xmm2=(10 11 12 13 20 21 22 23 30 ..)
-    pshufd      xmm1, xmm4, 0x4E        ; xmm1=(20 21 22 23 30 31 32 33 00 ..)
-    pshufd      xmm3, xmm4, 0x93        ; xmm3=(30 31 32 33 00 01 02 03 10 ..)
-
-    mov         edx, JSAMPROW [edi+0*SIZEOF_JSAMPROW]
-    mov         esi, JSAMPROW [edi+1*SIZEOF_JSAMPROW]
-    movd        XMM_DWORD [edx+eax*SIZEOF_JSAMPLE], xmm4
-    movd        XMM_DWORD [esi+eax*SIZEOF_JSAMPLE], xmm2
-    mov         edx, JSAMPROW [edi+2*SIZEOF_JSAMPROW]
-    mov         esi, JSAMPROW [edi+3*SIZEOF_JSAMPROW]
-    movd        XMM_DWORD [edx+eax*SIZEOF_JSAMPLE], xmm1
-    movd        XMM_DWORD [esi+eax*SIZEOF_JSAMPLE], xmm3
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; unused
-    poppic      ebx
-    mov         esp, ebp                ; esp <- aligned ebp
-    pop         esp                     ; esp <- original ebp
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Perform dequantization and inverse DCT on one block of coefficients,
-; producing a reduced-size 2x2 output block.
-;
-; GLOBAL(void)
-; jsimd_idct_2x2_sse2(void *dct_table, JCOEFPTR coef_block,
-;                     JSAMPARRAY output_buf, JDIMENSION output_col)
-;
-
-%define dct_table(b)   (b) + 8          ; void *dct_table
-%define coef_block(b)  (b) + 12         ; JCOEFPTR coef_block
-%define output_buf(b)  (b) + 16         ; JSAMPARRAY output_buf
-%define output_col(b)  (b) + 20         ; JDIMENSION output_col
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_idct_2x2_sse2)
-
-EXTN(jsimd_idct_2x2_sse2):
-    push        ebp
-    mov         ebp, esp
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    get_GOT     ebx                     ; get GOT address
-
-    ; ---- Pass 1: process columns from input.
-
-    mov         edx, POINTER [dct_table(ebp)]    ; quantptr
-    mov         esi, JCOEFPTR [coef_block(ebp)]  ; inptr
-
-    ; | input:                  | result:        |
-    ; | 00 01 ** 03 ** 05 ** 07 |                |
-    ; | 10 11 ** 13 ** 15 ** 17 |                |
-    ; | ** ** ** ** ** ** ** ** |                |
-    ; | 30 31 ** 33 ** 35 ** 37 | A0 A1 A3 A5 A7 |
-    ; | ** ** ** ** ** ** ** ** | B0 B1 B3 B5 B7 |
-    ; | 50 51 ** 53 ** 55 ** 57 |                |
-    ; | ** ** ** ** ** ** ** ** |                |
-    ; | 70 71 ** 73 ** 75 ** 77 |                |
-
-    ; -- Odd part
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(1,0,esi,SIZEOF_JCOEF)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(3,0,esi,SIZEOF_JCOEF)]
-    pmullw      xmm0, XMMWORD [XMMBLOCK(1,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      xmm1, XMMWORD [XMMBLOCK(3,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    movdqa      xmm2, XMMWORD [XMMBLOCK(5,0,esi,SIZEOF_JCOEF)]
-    movdqa      xmm3, XMMWORD [XMMBLOCK(7,0,esi,SIZEOF_JCOEF)]
-    pmullw      xmm2, XMMWORD [XMMBLOCK(5,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      xmm3, XMMWORD [XMMBLOCK(7,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    ; xmm0=(10 11 ** 13 ** 15 ** 17), xmm1=(30 31 ** 33 ** 35 ** 37)
-    ; xmm2=(50 51 ** 53 ** 55 ** 57), xmm3=(70 71 ** 73 ** 75 ** 77)
-
-    pcmpeqd     xmm7, xmm7
-    pslld       xmm7, WORD_BIT          ; xmm7={0x0000 0xFFFF 0x0000 0xFFFF ..}
-
-    movdqa      xmm4, xmm0              ; xmm4=(10 11 ** 13 ** 15 ** 17)
-    movdqa      xmm5, xmm2              ; xmm5=(50 51 ** 53 ** 55 ** 57)
-    punpcklwd   xmm4, xmm1              ; xmm4=(10 30 11 31 ** ** 13 33)
-    punpcklwd   xmm5, xmm3              ; xmm5=(50 70 51 71 ** ** 53 73)
-    pmaddwd     xmm4, [GOTOFF(ebx,PW_F362_MF127)]
-    pmaddwd     xmm5, [GOTOFF(ebx,PW_F085_MF072)]
-
-    psrld       xmm0, WORD_BIT          ; xmm0=(11 -- 13 -- 15 -- 17 --)
-    pand        xmm1, xmm7              ; xmm1=(-- 31 -- 33 -- 35 -- 37)
-    psrld       xmm2, WORD_BIT          ; xmm2=(51 -- 53 -- 55 -- 57 --)
-    pand        xmm3, xmm7              ; xmm3=(-- 71 -- 73 -- 75 -- 77)
-    por         xmm0, xmm1              ; xmm0=(11 31 13 33 15 35 17 37)
-    por         xmm2, xmm3              ; xmm2=(51 71 53 73 55 75 57 77)
-    pmaddwd     xmm0, [GOTOFF(ebx,PW_F362_MF127)]
-    pmaddwd     xmm2, [GOTOFF(ebx,PW_F085_MF072)]
-
-    paddd       xmm4, xmm5              ; xmm4=tmp0[col0 col1 **** col3]
-    paddd       xmm0, xmm2              ; xmm0=tmp0[col1 col3 col5 col7]
-
-    ; -- Even part
-
-    movdqa      xmm6, XMMWORD [XMMBLOCK(0,0,esi,SIZEOF_JCOEF)]
-    pmullw      xmm6, XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    ; xmm6=(00 01 ** 03 ** 05 ** 07)
-
-    movdqa      xmm1, xmm6              ; xmm1=(00 01 ** 03 ** 05 ** 07)
-    pslld       xmm6, WORD_BIT          ; xmm6=(-- 00 -- ** -- ** -- **)
-    pand        xmm1, xmm7              ; xmm1=(-- 01 -- 03 -- 05 -- 07)
-    psrad       xmm6, (WORD_BIT-CONST_BITS-2)  ; xmm6=tmp10[col0 **** **** ****]
-    psrad       xmm1, (WORD_BIT-CONST_BITS-2)  ; xmm1=tmp10[col1 col3 col5 col7]
-
-    ; -- Final output stage
-
-    movdqa      xmm3, xmm6
-    movdqa      xmm5, xmm1
-    paddd       xmm6, xmm4      ; xmm6=data0[col0 **** **** ****]=(A0 ** ** **)
-    paddd       xmm1, xmm0      ; xmm1=data0[col1 col3 col5 col7]=(A1 A3 A5 A7)
-    psubd       xmm3, xmm4      ; xmm3=data1[col0 **** **** ****]=(B0 ** ** **)
-    psubd       xmm5, xmm0      ; xmm5=data1[col1 col3 col5 col7]=(B1 B3 B5 B7)
-
-    movdqa      xmm2, [GOTOFF(ebx,PD_DESCALE_P1_2)]  ; xmm2=[PD_DESCALE_P1_2]
-
-    punpckldq   xmm6, xmm3              ; xmm6=(A0 B0 ** **)
-
-    movdqa      xmm7, xmm1
-    punpcklqdq  xmm1, xmm5              ; xmm1=(A1 A3 B1 B3)
-    punpckhqdq  xmm7, xmm5              ; xmm7=(A5 A7 B5 B7)
-
-    paddd       xmm6, xmm2
-    psrad       xmm6, DESCALE_P1_2
-
-    paddd       xmm1, xmm2
-    paddd       xmm7, xmm2
-    psrad       xmm1, DESCALE_P1_2
-    psrad       xmm7, DESCALE_P1_2
-
-    ; -- Prefetch the next coefficient block
-
-    prefetchnta [esi + DCTSIZE2*SIZEOF_JCOEF + 0*32]
-    prefetchnta [esi + DCTSIZE2*SIZEOF_JCOEF + 1*32]
-    prefetchnta [esi + DCTSIZE2*SIZEOF_JCOEF + 2*32]
-    prefetchnta [esi + DCTSIZE2*SIZEOF_JCOEF + 3*32]
-
-    ; ---- Pass 2: process rows, store into output array.
-
-    mov         edi, JSAMPARRAY [output_buf(ebp)]  ; (JSAMPROW *)
-    mov         eax, JDIMENSION [output_col(ebp)]
-
-    ; | input:| result:|
-    ; | A0 B0 |        |
-    ; | A1 B1 | C0 C1  |
-    ; | A3 B3 | D0 D1  |
-    ; | A5 B5 |        |
-    ; | A7 B7 |        |
-
-    ; -- Odd part
-
-    packssdw    xmm1, xmm1              ; xmm1=(A1 A3 B1 B3 A1 A3 B1 B3)
-    packssdw    xmm7, xmm7              ; xmm7=(A5 A7 B5 B7 A5 A7 B5 B7)
-    pmaddwd     xmm1, [GOTOFF(ebx,PW_F362_MF127)]
-    pmaddwd     xmm7, [GOTOFF(ebx,PW_F085_MF072)]
-
-    paddd       xmm1, xmm7              ; xmm1=tmp0[row0 row1 row0 row1]
-
-    ; -- Even part
-
-    pslld       xmm6, (CONST_BITS+2)    ; xmm6=tmp10[row0 row1 **** ****]
-
-    ; -- Final output stage
-
-    movdqa      xmm4, xmm6
-    paddd       xmm6, xmm1     ; xmm6=data0[row0 row1 **** ****]=(C0 C1 ** **)
-    psubd       xmm4, xmm1     ; xmm4=data1[row0 row1 **** ****]=(D0 D1 ** **)
-
-    punpckldq   xmm6, xmm4     ; xmm6=(C0 D0 C1 D1)
-
-    paddd       xmm6, [GOTOFF(ebx,PD_DESCALE_P2_2)]
-    psrad       xmm6, DESCALE_P2_2
-
-    packssdw    xmm6, xmm6              ; xmm6=(C0 D0 C1 D1 C0 D0 C1 D1)
-    packsswb    xmm6, xmm6              ; xmm6=(C0 D0 C1 D1 C0 D0 C1 D1 ..)
-    paddb       xmm6, [GOTOFF(ebx,PB_CENTERJSAMP)]
-
-    pextrw      ebx, xmm6, 0x00         ; ebx=(C0 D0 -- --)
-    pextrw      ecx, xmm6, 0x01         ; ecx=(C1 D1 -- --)
-
-    mov         edx, JSAMPROW [edi+0*SIZEOF_JSAMPROW]
-    mov         esi, JSAMPROW [edi+1*SIZEOF_JSAMPROW]
-    mov         word [edx+eax*SIZEOF_JSAMPLE], bx
-    mov         word [esi+eax*SIZEOF_JSAMPLE], cx
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jquant-3dn.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jquant-3dn.asm
deleted file mode 100644
index 5cb60ca..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jquant-3dn.asm
+++ /dev/null
@@ -1,230 +0,0 @@
-;
-; jquant.asm - sample data conversion and quantization (3DNow! & MMX)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Load data into workspace, applying unsigned->signed conversion
-;
-; GLOBAL(void)
-; jsimd_convsamp_float_3dnow(JSAMPARRAY sample_data, JDIMENSION start_col,
-;                            FAST_FLOAT *workspace);
-;
-
-%define sample_data  ebp + 8            ; JSAMPARRAY sample_data
-%define start_col    ebp + 12           ; JDIMENSION start_col
-%define workspace    ebp + 16           ; FAST_FLOAT *workspace
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_convsamp_float_3dnow)
-
-EXTN(jsimd_convsamp_float_3dnow):
-    push        ebp
-    mov         ebp, esp
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    pcmpeqw     mm7, mm7
-    psllw       mm7, 7
-    packsswb    mm7, mm7                ; mm7 = PB_CENTERJSAMPLE (0x808080..)
-
-    mov         esi, JSAMPARRAY [sample_data]  ; (JSAMPROW *)
-    mov         eax, JDIMENSION [start_col]
-    mov         edi, POINTER [workspace]       ; (DCTELEM *)
-    mov         ecx, DCTSIZE/2
-    alignx      16, 7
-.convloop:
-    mov         ebx, JSAMPROW [esi+0*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         edx, JSAMPROW [esi+1*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-
-    movq        mm0, MMWORD [ebx+eax*SIZEOF_JSAMPLE]
-    movq        mm1, MMWORD [edx+eax*SIZEOF_JSAMPLE]
-
-    psubb       mm0, mm7                ; mm0=(01234567)
-    psubb       mm1, mm7                ; mm1=(89ABCDEF)
-
-    punpcklbw   mm2, mm0                ; mm2=(*0*1*2*3)
-    punpckhbw   mm0, mm0                ; mm0=(*4*5*6*7)
-    punpcklbw   mm3, mm1                ; mm3=(*8*9*A*B)
-    punpckhbw   mm1, mm1                ; mm1=(*C*D*E*F)
-
-    punpcklwd   mm4, mm2                ; mm4=(***0***1)
-    punpckhwd   mm2, mm2                ; mm2=(***2***3)
-    punpcklwd   mm5, mm0                ; mm5=(***4***5)
-    punpckhwd   mm0, mm0                ; mm0=(***6***7)
-
-    psrad       mm4, (DWORD_BIT-BYTE_BIT)  ; mm4=(01)
-    psrad       mm2, (DWORD_BIT-BYTE_BIT)  ; mm2=(23)
-    pi2fd       mm4, mm4
-    pi2fd       mm2, mm2
-    psrad       mm5, (DWORD_BIT-BYTE_BIT)  ; mm5=(45)
-    psrad       mm0, (DWORD_BIT-BYTE_BIT)  ; mm0=(67)
-    pi2fd       mm5, mm5
-    pi2fd       mm0, mm0
-
-    movq        MMWORD [MMBLOCK(0,0,edi,SIZEOF_FAST_FLOAT)], mm4
-    movq        MMWORD [MMBLOCK(0,1,edi,SIZEOF_FAST_FLOAT)], mm2
-    movq        MMWORD [MMBLOCK(0,2,edi,SIZEOF_FAST_FLOAT)], mm5
-    movq        MMWORD [MMBLOCK(0,3,edi,SIZEOF_FAST_FLOAT)], mm0
-
-    punpcklwd   mm6, mm3                ; mm6=(***8***9)
-    punpckhwd   mm3, mm3                ; mm3=(***A***B)
-    punpcklwd   mm4, mm1                ; mm4=(***C***D)
-    punpckhwd   mm1, mm1                ; mm1=(***E***F)
-
-    psrad       mm6, (DWORD_BIT-BYTE_BIT)  ; mm6=(89)
-    psrad       mm3, (DWORD_BIT-BYTE_BIT)  ; mm3=(AB)
-    pi2fd       mm6, mm6
-    pi2fd       mm3, mm3
-    psrad       mm4, (DWORD_BIT-BYTE_BIT)  ; mm4=(CD)
-    psrad       mm1, (DWORD_BIT-BYTE_BIT)  ; mm1=(EF)
-    pi2fd       mm4, mm4
-    pi2fd       mm1, mm1
-
-    movq        MMWORD [MMBLOCK(1,0,edi,SIZEOF_FAST_FLOAT)], mm6
-    movq        MMWORD [MMBLOCK(1,1,edi,SIZEOF_FAST_FLOAT)], mm3
-    movq        MMWORD [MMBLOCK(1,2,edi,SIZEOF_FAST_FLOAT)], mm4
-    movq        MMWORD [MMBLOCK(1,3,edi,SIZEOF_FAST_FLOAT)], mm1
-
-    add         esi, byte 2*SIZEOF_JSAMPROW
-    add         edi, byte 2*DCTSIZE*SIZEOF_FAST_FLOAT
-    dec         ecx
-    jnz         near .convloop
-
-    femms                               ; empty MMX/3DNow! state
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Quantize/descale the coefficients, and store into coef_block
-;
-; GLOBAL(void)
-; jsimd_quantize_float_3dnow(JCOEFPTR coef_block, FAST_FLOAT *divisors,
-;                            FAST_FLOAT *workspace);
-;
-
-%define coef_block  ebp + 8             ; JCOEFPTR coef_block
-%define divisors    ebp + 12            ; FAST_FLOAT *divisors
-%define workspace   ebp + 16            ; FAST_FLOAT *workspace
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_quantize_float_3dnow)
-
-EXTN(jsimd_quantize_float_3dnow):
-    push        ebp
-    mov         ebp, esp
-;   push        ebx                     ; unused
-;   push        ecx                     ; unused
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         eax, 0x4B400000         ; (float)0x00C00000 (rndint_magic)
-    movd        mm7, eax
-    punpckldq   mm7, mm7                ; mm7={12582912.0F 12582912.0F}
-
-    mov         esi, POINTER [workspace]
-    mov         edx, POINTER [divisors]
-    mov         edi, JCOEFPTR [coef_block]
-    mov         eax, DCTSIZE2/16
-    alignx      16, 7
-.quantloop:
-    movq        mm0, MMWORD [MMBLOCK(0,0,esi,SIZEOF_FAST_FLOAT)]
-    movq        mm1, MMWORD [MMBLOCK(0,1,esi,SIZEOF_FAST_FLOAT)]
-    pfmul       mm0, MMWORD [MMBLOCK(0,0,edx,SIZEOF_FAST_FLOAT)]
-    pfmul       mm1, MMWORD [MMBLOCK(0,1,edx,SIZEOF_FAST_FLOAT)]
-    movq        mm2, MMWORD [MMBLOCK(0,2,esi,SIZEOF_FAST_FLOAT)]
-    movq        mm3, MMWORD [MMBLOCK(0,3,esi,SIZEOF_FAST_FLOAT)]
-    pfmul       mm2, MMWORD [MMBLOCK(0,2,edx,SIZEOF_FAST_FLOAT)]
-    pfmul       mm3, MMWORD [MMBLOCK(0,3,edx,SIZEOF_FAST_FLOAT)]
-
-    pfadd       mm0, mm7                ; mm0=(00 ** 01 **)
-    pfadd       mm1, mm7                ; mm1=(02 ** 03 **)
-    pfadd       mm2, mm7                ; mm0=(04 ** 05 **)
-    pfadd       mm3, mm7                ; mm1=(06 ** 07 **)
-
-    movq        mm4, mm0
-    punpcklwd   mm0, mm1                ; mm0=(00 02 ** **)
-    punpckhwd   mm4, mm1                ; mm4=(01 03 ** **)
-    movq        mm5, mm2
-    punpcklwd   mm2, mm3                ; mm2=(04 06 ** **)
-    punpckhwd   mm5, mm3                ; mm5=(05 07 ** **)
-
-    punpcklwd   mm0, mm4                ; mm0=(00 01 02 03)
-    punpcklwd   mm2, mm5                ; mm2=(04 05 06 07)
-
-    movq        mm6, MMWORD [MMBLOCK(1,0,esi,SIZEOF_FAST_FLOAT)]
-    movq        mm1, MMWORD [MMBLOCK(1,1,esi,SIZEOF_FAST_FLOAT)]
-    pfmul       mm6, MMWORD [MMBLOCK(1,0,edx,SIZEOF_FAST_FLOAT)]
-    pfmul       mm1, MMWORD [MMBLOCK(1,1,edx,SIZEOF_FAST_FLOAT)]
-    movq        mm3, MMWORD [MMBLOCK(1,2,esi,SIZEOF_FAST_FLOAT)]
-    movq        mm4, MMWORD [MMBLOCK(1,3,esi,SIZEOF_FAST_FLOAT)]
-    pfmul       mm3, MMWORD [MMBLOCK(1,2,edx,SIZEOF_FAST_FLOAT)]
-    pfmul       mm4, MMWORD [MMBLOCK(1,3,edx,SIZEOF_FAST_FLOAT)]
-
-    pfadd       mm6, mm7                ; mm0=(10 ** 11 **)
-    pfadd       mm1, mm7                ; mm4=(12 ** 13 **)
-    pfadd       mm3, mm7                ; mm0=(14 ** 15 **)
-    pfadd       mm4, mm7                ; mm4=(16 ** 17 **)
-
-    movq        mm5, mm6
-    punpcklwd   mm6, mm1                ; mm6=(10 12 ** **)
-    punpckhwd   mm5, mm1                ; mm5=(11 13 ** **)
-    movq        mm1, mm3
-    punpcklwd   mm3, mm4                ; mm3=(14 16 ** **)
-    punpckhwd   mm1, mm4                ; mm1=(15 17 ** **)
-
-    punpcklwd   mm6, mm5                ; mm6=(10 11 12 13)
-    punpcklwd   mm3, mm1                ; mm3=(14 15 16 17)
-
-    movq        MMWORD [MMBLOCK(0,0,edi,SIZEOF_JCOEF)], mm0
-    movq        MMWORD [MMBLOCK(0,1,edi,SIZEOF_JCOEF)], mm2
-    movq        MMWORD [MMBLOCK(1,0,edi,SIZEOF_JCOEF)], mm6
-    movq        MMWORD [MMBLOCK(1,1,edi,SIZEOF_JCOEF)], mm3
-
-    add         esi, byte 16*SIZEOF_FAST_FLOAT
-    add         edx, byte 16*SIZEOF_FAST_FLOAT
-    add         edi, byte 16*SIZEOF_JCOEF
-    dec         eax
-    jnz         near .quantloop
-
-    femms                               ; empty MMX/3DNow! state
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; unused
-;   pop         ebx                     ; unused
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jquant-mmx.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jquant-mmx.asm
deleted file mode 100644
index 61305c6..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jquant-mmx.asm
+++ /dev/null
@@ -1,276 +0,0 @@
-;
-; jquant.asm - sample data conversion and quantization (MMX)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Load data into workspace, applying unsigned->signed conversion
-;
-; GLOBAL(void)
-; jsimd_convsamp_mmx(JSAMPARRAY sample_data, JDIMENSION start_col,
-;                    DCTELEM *workspace);
-;
-
-%define sample_data  ebp + 8            ; JSAMPARRAY sample_data
-%define start_col    ebp + 12           ; JDIMENSION start_col
-%define workspace    ebp + 16           ; DCTELEM *workspace
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_convsamp_mmx)
-
-EXTN(jsimd_convsamp_mmx):
-    push        ebp
-    mov         ebp, esp
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    pxor        mm6, mm6                ; mm6=(all 0's)
-    pcmpeqw     mm7, mm7
-    psllw       mm7, 7                  ; mm7={0xFF80 0xFF80 0xFF80 0xFF80}
-
-    mov         esi, JSAMPARRAY [sample_data]  ; (JSAMPROW *)
-    mov         eax, JDIMENSION [start_col]
-    mov         edi, POINTER [workspace]       ; (DCTELEM *)
-    mov         ecx, DCTSIZE/4
-    alignx      16, 7
-.convloop:
-    mov         ebx, JSAMPROW [esi+0*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         edx, JSAMPROW [esi+1*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-
-    movq        mm0, MMWORD [ebx+eax*SIZEOF_JSAMPLE]   ; mm0=(01234567)
-    movq        mm1, MMWORD [edx+eax*SIZEOF_JSAMPLE]   ; mm1=(89ABCDEF)
-
-    mov         ebx, JSAMPROW [esi+2*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         edx, JSAMPROW [esi+3*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-
-    movq        mm2, MMWORD [ebx+eax*SIZEOF_JSAMPLE]   ; mm2=(GHIJKLMN)
-    movq        mm3, MMWORD [edx+eax*SIZEOF_JSAMPLE]   ; mm3=(OPQRSTUV)
-
-    movq        mm4, mm0
-    punpcklbw   mm0, mm6                ; mm0=(0123)
-    punpckhbw   mm4, mm6                ; mm4=(4567)
-    movq        mm5, mm1
-    punpcklbw   mm1, mm6                ; mm1=(89AB)
-    punpckhbw   mm5, mm6                ; mm5=(CDEF)
-
-    paddw       mm0, mm7
-    paddw       mm4, mm7
-    paddw       mm1, mm7
-    paddw       mm5, mm7
-
-    movq        MMWORD [MMBLOCK(0,0,edi,SIZEOF_DCTELEM)], mm0
-    movq        MMWORD [MMBLOCK(0,1,edi,SIZEOF_DCTELEM)], mm4
-    movq        MMWORD [MMBLOCK(1,0,edi,SIZEOF_DCTELEM)], mm1
-    movq        MMWORD [MMBLOCK(1,1,edi,SIZEOF_DCTELEM)], mm5
-
-    movq        mm0, mm2
-    punpcklbw   mm2, mm6                ; mm2=(GHIJ)
-    punpckhbw   mm0, mm6                ; mm0=(KLMN)
-    movq        mm4, mm3
-    punpcklbw   mm3, mm6                ; mm3=(OPQR)
-    punpckhbw   mm4, mm6                ; mm4=(STUV)
-
-    paddw       mm2, mm7
-    paddw       mm0, mm7
-    paddw       mm3, mm7
-    paddw       mm4, mm7
-
-    movq        MMWORD [MMBLOCK(2,0,edi,SIZEOF_DCTELEM)], mm2
-    movq        MMWORD [MMBLOCK(2,1,edi,SIZEOF_DCTELEM)], mm0
-    movq        MMWORD [MMBLOCK(3,0,edi,SIZEOF_DCTELEM)], mm3
-    movq        MMWORD [MMBLOCK(3,1,edi,SIZEOF_DCTELEM)], mm4
-
-    add         esi, byte 4*SIZEOF_JSAMPROW
-    add         edi, byte 4*DCTSIZE*SIZEOF_DCTELEM
-    dec         ecx
-    jnz         short .convloop
-
-    emms                                ; empty MMX state
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Quantize/descale the coefficients, and store into coef_block
-;
-; This implementation is based on an algorithm described in
-;   "How to optimize for the Pentium family of microprocessors"
-;   (http://www.agner.org/assem/).
-;
-; GLOBAL(void)
-; jsimd_quantize_mmx(JCOEFPTR coef_block, DCTELEM *divisors,
-;                    DCTELEM *workspace);
-;
-
-%define RECIPROCAL(m, n, b) \
-  MMBLOCK(DCTSIZE * 0 + (m), (n), (b), SIZEOF_DCTELEM)
-%define CORRECTION(m, n, b) \
-  MMBLOCK(DCTSIZE * 1 + (m), (n), (b), SIZEOF_DCTELEM)
-%define SCALE(m, n, b) \
-  MMBLOCK(DCTSIZE * 2 + (m), (n), (b), SIZEOF_DCTELEM)
-%define SHIFT(m, n, b) \
-  MMBLOCK(DCTSIZE * 3 + (m), (n), (b), SIZEOF_DCTELEM)
-
-%define coef_block  ebp + 8             ; JCOEFPTR coef_block
-%define divisors    ebp + 12            ; DCTELEM *divisors
-%define workspace   ebp + 16            ; DCTELEM *workspace
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_quantize_mmx)
-
-EXTN(jsimd_quantize_mmx):
-    push        ebp
-    mov         ebp, esp
-;   push        ebx                     ; unused
-;   push        ecx                     ; unused
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         esi, POINTER [workspace]
-    mov         edx, POINTER [divisors]
-    mov         edi, JCOEFPTR [coef_block]
-    mov         ah, 2
-    alignx      16, 7
-.quantloop1:
-    mov         al, DCTSIZE2/8/2
-    alignx      16, 7
-.quantloop2:
-    movq        mm2, MMWORD [MMBLOCK(0,0,esi,SIZEOF_DCTELEM)]
-    movq        mm3, MMWORD [MMBLOCK(0,1,esi,SIZEOF_DCTELEM)]
-
-    movq        mm0, mm2
-    movq        mm1, mm3
-
-    psraw       mm2, (WORD_BIT-1)       ; -1 if value < 0, 0 otherwise
-    psraw       mm3, (WORD_BIT-1)
-
-    pxor        mm0, mm2                ; val = -val
-    pxor        mm1, mm3
-    psubw       mm0, mm2
-    psubw       mm1, mm3
-
-    ;
-    ; MMX is an annoyingly crappy instruction set. It has two
-    ; misfeatures that are causing problems here:
-    ;
-    ; - All multiplications are signed.
-    ;
-    ; - The second operand for the shifts is not treated as packed.
-    ;
-    ;
-    ; We work around the first problem by implementing this algorithm:
-    ;
-    ; unsigned long unsigned_multiply(unsigned short x, unsigned short y)
-    ; {
-    ;   enum { SHORT_BIT = 16 };
-    ;   signed short sx = (signed short)x;
-    ;   signed short sy = (signed short)y;
-    ;   signed long sz;
-    ;
-    ;   sz = (long)sx * (long)sy;    /* signed multiply */
-    ;
-    ;   if (sx < 0) sz += (long)sy << SHORT_BIT;
-    ;   if (sy < 0) sz += (long)sx << SHORT_BIT;
-    ;
-    ;   return (unsigned long)sz;
-    ; }
-    ;
-    ; (note that a negative sx adds _sy_ and vice versa)
-    ;
-    ; For the second problem, we replace the shift by a multiplication.
-    ; Unfortunately that means we have to deal with the signed issue again.
-    ;
-
-    paddw       mm0, MMWORD [CORRECTION(0,0,edx)]  ; correction + roundfactor
-    paddw       mm1, MMWORD [CORRECTION(0,1,edx)]
-
-    movq        mm4, mm0                ; store current value for later
-    movq        mm5, mm1
-    pmulhw      mm0, MMWORD [RECIPROCAL(0,0,edx)]  ; reciprocal
-    pmulhw      mm1, MMWORD [RECIPROCAL(0,1,edx)]
-    paddw       mm0, mm4  ; reciprocal is always negative (MSB=1),
-    paddw       mm1, mm5  ; so we always need to add the initial value
-                          ; (input value is never negative as we
-                          ; inverted it at the start of this routine)
-
-    ; here it gets a bit tricky as both scale
-    ; and mm0/mm1 can be negative
-    movq        mm6, MMWORD [SCALE(0,0,edx)]  ; scale
-    movq        mm7, MMWORD [SCALE(0,1,edx)]
-    movq        mm4, mm0
-    movq        mm5, mm1
-    pmulhw      mm0, mm6
-    pmulhw      mm1, mm7
-
-    psraw       mm6, (WORD_BIT-1)       ; determine if scale is negative
-    psraw       mm7, (WORD_BIT-1)
-
-    pand        mm6, mm4                ; and add input if it is
-    pand        mm7, mm5
-    paddw       mm0, mm6
-    paddw       mm1, mm7
-
-    psraw       mm4, (WORD_BIT-1)       ; then check if negative input
-    psraw       mm5, (WORD_BIT-1)
-
-    pand        mm4, MMWORD [SCALE(0,0,edx)]  ; and add scale if it is
-    pand        mm5, MMWORD [SCALE(0,1,edx)]
-    paddw       mm0, mm4
-    paddw       mm1, mm5
-
-    pxor        mm0, mm2                ; val = -val
-    pxor        mm1, mm3
-    psubw       mm0, mm2
-    psubw       mm1, mm3
-
-    movq        MMWORD [MMBLOCK(0,0,edi,SIZEOF_DCTELEM)], mm0
-    movq        MMWORD [MMBLOCK(0,1,edi,SIZEOF_DCTELEM)], mm1
-
-    add         esi, byte 8*SIZEOF_DCTELEM
-    add         edx, byte 8*SIZEOF_DCTELEM
-    add         edi, byte 8*SIZEOF_JCOEF
-    dec         al
-    jnz         near .quantloop2
-    dec         ah
-    jnz         near .quantloop1        ; to avoid branch misprediction
-
-    emms                                ; empty MMX state
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; unused
-;   pop         ebx                     ; unused
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jquant-sse.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jquant-sse.asm
deleted file mode 100644
index 218adc9..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jquant-sse.asm
+++ /dev/null
@@ -1,208 +0,0 @@
-;
-; jquant.asm - sample data conversion and quantization (SSE & MMX)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Load data into workspace, applying unsigned->signed conversion
-;
-; GLOBAL(void)
-; jsimd_convsamp_float_sse(JSAMPARRAY sample_data, JDIMENSION start_col,
-;                          FAST_FLOAT *workspace);
-;
-
-%define sample_data  ebp + 8            ; JSAMPARRAY sample_data
-%define start_col    ebp + 12           ; JDIMENSION start_col
-%define workspace    ebp + 16           ; FAST_FLOAT *workspace
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_convsamp_float_sse)
-
-EXTN(jsimd_convsamp_float_sse):
-    push        ebp
-    mov         ebp, esp
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    pcmpeqw     mm7, mm7
-    psllw       mm7, 7
-    packsswb    mm7, mm7                ; mm7 = PB_CENTERJSAMPLE (0x808080..)
-
-    mov         esi, JSAMPARRAY [sample_data]  ; (JSAMPROW *)
-    mov         eax, JDIMENSION [start_col]
-    mov         edi, POINTER [workspace]       ; (DCTELEM *)
-    mov         ecx, DCTSIZE/2
-    alignx      16, 7
-.convloop:
-    mov         ebx, JSAMPROW [esi+0*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         edx, JSAMPROW [esi+1*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-
-    movq        mm0, MMWORD [ebx+eax*SIZEOF_JSAMPLE]
-    movq        mm1, MMWORD [edx+eax*SIZEOF_JSAMPLE]
-
-    psubb       mm0, mm7                ; mm0=(01234567)
-    psubb       mm1, mm7                ; mm1=(89ABCDEF)
-
-    punpcklbw   mm2, mm0                ; mm2=(*0*1*2*3)
-    punpckhbw   mm0, mm0                ; mm0=(*4*5*6*7)
-    punpcklbw   mm3, mm1                ; mm3=(*8*9*A*B)
-    punpckhbw   mm1, mm1                ; mm1=(*C*D*E*F)
-
-    punpcklwd   mm4, mm2                ; mm4=(***0***1)
-    punpckhwd   mm2, mm2                ; mm2=(***2***3)
-    punpcklwd   mm5, mm0                ; mm5=(***4***5)
-    punpckhwd   mm0, mm0                ; mm0=(***6***7)
-
-    psrad       mm4, (DWORD_BIT-BYTE_BIT)  ; mm4=(01)
-    psrad       mm2, (DWORD_BIT-BYTE_BIT)  ; mm2=(23)
-    cvtpi2ps    xmm0, mm4                  ; xmm0=(01**)
-    cvtpi2ps    xmm1, mm2                  ; xmm1=(23**)
-    psrad       mm5, (DWORD_BIT-BYTE_BIT)  ; mm5=(45)
-    psrad       mm0, (DWORD_BIT-BYTE_BIT)  ; mm0=(67)
-    cvtpi2ps    xmm2, mm5                  ; xmm2=(45**)
-    cvtpi2ps    xmm3, mm0                  ; xmm3=(67**)
-
-    punpcklwd   mm6, mm3                ; mm6=(***8***9)
-    punpckhwd   mm3, mm3                ; mm3=(***A***B)
-    punpcklwd   mm4, mm1                ; mm4=(***C***D)
-    punpckhwd   mm1, mm1                ; mm1=(***E***F)
-
-    psrad       mm6, (DWORD_BIT-BYTE_BIT)  ; mm6=(89)
-    psrad       mm3, (DWORD_BIT-BYTE_BIT)  ; mm3=(AB)
-    cvtpi2ps    xmm4, mm6                  ; xmm4=(89**)
-    cvtpi2ps    xmm5, mm3                  ; xmm5=(AB**)
-    psrad       mm4, (DWORD_BIT-BYTE_BIT)  ; mm4=(CD)
-    psrad       mm1, (DWORD_BIT-BYTE_BIT)  ; mm1=(EF)
-    cvtpi2ps    xmm6, mm4                  ; xmm6=(CD**)
-    cvtpi2ps    xmm7, mm1                  ; xmm7=(EF**)
-
-    movlhps     xmm0, xmm1              ; xmm0=(0123)
-    movlhps     xmm2, xmm3              ; xmm2=(4567)
-    movlhps     xmm4, xmm5              ; xmm4=(89AB)
-    movlhps     xmm6, xmm7              ; xmm6=(CDEF)
-
-    movaps      XMMWORD [XMMBLOCK(0,0,edi,SIZEOF_FAST_FLOAT)], xmm0
-    movaps      XMMWORD [XMMBLOCK(0,1,edi,SIZEOF_FAST_FLOAT)], xmm2
-    movaps      XMMWORD [XMMBLOCK(1,0,edi,SIZEOF_FAST_FLOAT)], xmm4
-    movaps      XMMWORD [XMMBLOCK(1,1,edi,SIZEOF_FAST_FLOAT)], xmm6
-
-    add         esi, byte 2*SIZEOF_JSAMPROW
-    add         edi, byte 2*DCTSIZE*SIZEOF_FAST_FLOAT
-    dec         ecx
-    jnz         near .convloop
-
-    emms                                ; empty MMX state
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Quantize/descale the coefficients, and store into coef_block
-;
-; GLOBAL(void)
-; jsimd_quantize_float_sse(JCOEFPTR coef_block, FAST_FLOAT *divisors,
-;                          FAST_FLOAT *workspace);
-;
-
-%define coef_block  ebp + 8             ; JCOEFPTR coef_block
-%define divisors    ebp + 12            ; FAST_FLOAT *divisors
-%define workspace   ebp + 16            ; FAST_FLOAT *workspace
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_quantize_float_sse)
-
-EXTN(jsimd_quantize_float_sse):
-    push        ebp
-    mov         ebp, esp
-;   push        ebx                     ; unused
-;   push        ecx                     ; unused
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         esi, POINTER [workspace]
-    mov         edx, POINTER [divisors]
-    mov         edi, JCOEFPTR [coef_block]
-    mov         eax, DCTSIZE2/16
-    alignx      16, 7
-.quantloop:
-    movaps      xmm0, XMMWORD [XMMBLOCK(0,0,esi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm1, XMMWORD [XMMBLOCK(0,1,esi,SIZEOF_FAST_FLOAT)]
-    mulps       xmm0, XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_FAST_FLOAT)]
-    mulps       xmm1, XMMWORD [XMMBLOCK(0,1,edx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm2, XMMWORD [XMMBLOCK(1,0,esi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm3, XMMWORD [XMMBLOCK(1,1,esi,SIZEOF_FAST_FLOAT)]
-    mulps       xmm2, XMMWORD [XMMBLOCK(1,0,edx,SIZEOF_FAST_FLOAT)]
-    mulps       xmm3, XMMWORD [XMMBLOCK(1,1,edx,SIZEOF_FAST_FLOAT)]
-
-    movhlps     xmm4, xmm0
-    movhlps     xmm5, xmm1
-
-    cvtps2pi    mm0, xmm0
-    cvtps2pi    mm1, xmm1
-    cvtps2pi    mm4, xmm4
-    cvtps2pi    mm5, xmm5
-
-    movhlps     xmm6, xmm2
-    movhlps     xmm7, xmm3
-
-    cvtps2pi    mm2, xmm2
-    cvtps2pi    mm3, xmm3
-    cvtps2pi    mm6, xmm6
-    cvtps2pi    mm7, xmm7
-
-    packssdw    mm0, mm4
-    packssdw    mm1, mm5
-    packssdw    mm2, mm6
-    packssdw    mm3, mm7
-
-    movq        MMWORD [MMBLOCK(0,0,edi,SIZEOF_JCOEF)], mm0
-    movq        MMWORD [MMBLOCK(0,1,edi,SIZEOF_JCOEF)], mm1
-    movq        MMWORD [MMBLOCK(1,0,edi,SIZEOF_JCOEF)], mm2
-    movq        MMWORD [MMBLOCK(1,1,edi,SIZEOF_JCOEF)], mm3
-
-    add         esi, byte 16*SIZEOF_FAST_FLOAT
-    add         edx, byte 16*SIZEOF_FAST_FLOAT
-    add         edi, byte 16*SIZEOF_JCOEF
-    dec         eax
-    jnz         short .quantloop
-
-    emms                                ; empty MMX state
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; unused
-;   pop         ebx                     ; unused
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jquantf-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jquantf-sse2.asm
deleted file mode 100644
index a881ab5..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jquantf-sse2.asm
+++ /dev/null
@@ -1,168 +0,0 @@
-;
-; jquantf.asm - sample data conversion and quantization (SSE & SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Load data into workspace, applying unsigned->signed conversion
-;
-; GLOBAL(void)
-; jsimd_convsamp_float_sse2(JSAMPARRAY sample_data, JDIMENSION start_col,
-;                           FAST_FLOAT *workspace);
-;
-
-%define sample_data  ebp + 8            ; JSAMPARRAY sample_data
-%define start_col    ebp + 12           ; JDIMENSION start_col
-%define workspace    ebp + 16           ; FAST_FLOAT *workspace
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_convsamp_float_sse2)
-
-EXTN(jsimd_convsamp_float_sse2):
-    push        ebp
-    mov         ebp, esp
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    pcmpeqw     xmm7, xmm7
-    psllw       xmm7, 7
-    packsswb    xmm7, xmm7              ; xmm7 = PB_CENTERJSAMPLE (0x808080..)
-
-    mov         esi, JSAMPARRAY [sample_data]  ; (JSAMPROW *)
-    mov         eax, JDIMENSION [start_col]
-    mov         edi, POINTER [workspace]       ; (DCTELEM *)
-    mov         ecx, DCTSIZE/2
-    alignx      16, 7
-.convloop:
-    mov         ebx, JSAMPROW [esi+0*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         edx, JSAMPROW [esi+1*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-
-    movq        xmm0, XMM_MMWORD [ebx+eax*SIZEOF_JSAMPLE]
-    movq        xmm1, XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE]
-
-    psubb       xmm0, xmm7              ; xmm0=(01234567)
-    psubb       xmm1, xmm7              ; xmm1=(89ABCDEF)
-
-    punpcklbw   xmm0, xmm0              ; xmm0=(*0*1*2*3*4*5*6*7)
-    punpcklbw   xmm1, xmm1              ; xmm1=(*8*9*A*B*C*D*E*F)
-
-    punpcklwd   xmm2, xmm0              ; xmm2=(***0***1***2***3)
-    punpckhwd   xmm0, xmm0              ; xmm0=(***4***5***6***7)
-    punpcklwd   xmm3, xmm1              ; xmm3=(***8***9***A***B)
-    punpckhwd   xmm1, xmm1              ; xmm1=(***C***D***E***F)
-
-    psrad       xmm2, (DWORD_BIT-BYTE_BIT)  ; xmm2=(0123)
-    psrad       xmm0, (DWORD_BIT-BYTE_BIT)  ; xmm0=(4567)
-    cvtdq2ps    xmm2, xmm2                  ; xmm2=(0123)
-    cvtdq2ps    xmm0, xmm0                  ; xmm0=(4567)
-    psrad       xmm3, (DWORD_BIT-BYTE_BIT)  ; xmm3=(89AB)
-    psrad       xmm1, (DWORD_BIT-BYTE_BIT)  ; xmm1=(CDEF)
-    cvtdq2ps    xmm3, xmm3                  ; xmm3=(89AB)
-    cvtdq2ps    xmm1, xmm1                  ; xmm1=(CDEF)
-
-    movaps      XMMWORD [XMMBLOCK(0,0,edi,SIZEOF_FAST_FLOAT)], xmm2
-    movaps      XMMWORD [XMMBLOCK(0,1,edi,SIZEOF_FAST_FLOAT)], xmm0
-    movaps      XMMWORD [XMMBLOCK(1,0,edi,SIZEOF_FAST_FLOAT)], xmm3
-    movaps      XMMWORD [XMMBLOCK(1,1,edi,SIZEOF_FAST_FLOAT)], xmm1
-
-    add         esi, byte 2*SIZEOF_JSAMPROW
-    add         edi, byte 2*DCTSIZE*SIZEOF_FAST_FLOAT
-    dec         ecx
-    jnz         short .convloop
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Quantize/descale the coefficients, and store into coef_block
-;
-; GLOBAL(void)
-; jsimd_quantize_float_sse2(JCOEFPTR coef_block, FAST_FLOAT *divisors,
-;                           FAST_FLOAT *workspace);
-;
-
-%define coef_block  ebp + 8             ; JCOEFPTR coef_block
-%define divisors    ebp + 12            ; FAST_FLOAT *divisors
-%define workspace   ebp + 16            ; FAST_FLOAT *workspace
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_quantize_float_sse2)
-
-EXTN(jsimd_quantize_float_sse2):
-    push        ebp
-    mov         ebp, esp
-;   push        ebx                     ; unused
-;   push        ecx                     ; unused
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         esi, POINTER [workspace]
-    mov         edx, POINTER [divisors]
-    mov         edi, JCOEFPTR [coef_block]
-    mov         eax, DCTSIZE2/16
-    alignx      16, 7
-.quantloop:
-    movaps      xmm0, XMMWORD [XMMBLOCK(0,0,esi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm1, XMMWORD [XMMBLOCK(0,1,esi,SIZEOF_FAST_FLOAT)]
-    mulps       xmm0, XMMWORD [XMMBLOCK(0,0,edx,SIZEOF_FAST_FLOAT)]
-    mulps       xmm1, XMMWORD [XMMBLOCK(0,1,edx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm2, XMMWORD [XMMBLOCK(1,0,esi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm3, XMMWORD [XMMBLOCK(1,1,esi,SIZEOF_FAST_FLOAT)]
-    mulps       xmm2, XMMWORD [XMMBLOCK(1,0,edx,SIZEOF_FAST_FLOAT)]
-    mulps       xmm3, XMMWORD [XMMBLOCK(1,1,edx,SIZEOF_FAST_FLOAT)]
-
-    cvtps2dq    xmm0, xmm0
-    cvtps2dq    xmm1, xmm1
-    cvtps2dq    xmm2, xmm2
-    cvtps2dq    xmm3, xmm3
-
-    packssdw    xmm0, xmm1
-    packssdw    xmm2, xmm3
-
-    movdqa      XMMWORD [XMMBLOCK(0,0,edi,SIZEOF_JCOEF)], xmm0
-    movdqa      XMMWORD [XMMBLOCK(1,0,edi,SIZEOF_JCOEF)], xmm2
-
-    add         esi, byte 16*SIZEOF_FAST_FLOAT
-    add         edx, byte 16*SIZEOF_FAST_FLOAT
-    add         edi, byte 16*SIZEOF_JCOEF
-    dec         eax
-    jnz         short .quantloop
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; unused
-;   pop         ebx                     ; unused
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jquanti-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jquanti-avx2.asm
deleted file mode 100644
index 5ed6bec..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jquanti-avx2.asm
+++ /dev/null
@@ -1,188 +0,0 @@
-;
-; jquanti.asm - sample data conversion and quantization (AVX2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, 2018, D. R. Commander.
-; Copyright (C) 2016, Matthieu Darbois.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Load data into workspace, applying unsigned->signed conversion
-;
-; GLOBAL(void)
-; jsimd_convsamp_avx2(JSAMPARRAY sample_data, JDIMENSION start_col,
-;                     DCTELEM *workspace);
-;
-
-%define sample_data  ebp + 8            ; JSAMPARRAY sample_data
-%define start_col    ebp + 12           ; JDIMENSION start_col
-%define workspace    ebp + 16           ; DCTELEM *workspace
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_convsamp_avx2)
-
-EXTN(jsimd_convsamp_avx2):
-    push        ebp
-    mov         ebp, esp
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         esi, JSAMPARRAY [sample_data]  ; (JSAMPROW *)
-    mov         eax, JDIMENSION [start_col]
-    mov         edi, POINTER [workspace]       ; (DCTELEM *)
-
-    mov         ebx, JSAMPROW [esi+0*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         edx, JSAMPROW [esi+1*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    movq        xmm0, XMM_MMWORD [ebx+eax*SIZEOF_JSAMPLE]
-    movq        xmm1, XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE]
-
-    mov         ebx, JSAMPROW [esi+2*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         edx, JSAMPROW [esi+3*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    movq        xmm2, XMM_MMWORD [ebx+eax*SIZEOF_JSAMPLE]
-    movq        xmm3, XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE]
-
-    mov         ebx, JSAMPROW [esi+4*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         edx, JSAMPROW [esi+5*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    movq        xmm4, XMM_MMWORD [ebx+eax*SIZEOF_JSAMPLE]
-    movq        xmm5, XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE]
-
-    mov         ebx, JSAMPROW [esi+6*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         edx, JSAMPROW [esi+7*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    movq        xmm6, XMM_MMWORD [ebx+eax*SIZEOF_JSAMPLE]
-    movq        xmm7, XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE]
-
-    vinserti128 ymm0, ymm0, xmm1, 1
-    vinserti128 ymm2, ymm2, xmm3, 1
-    vinserti128 ymm4, ymm4, xmm5, 1
-    vinserti128 ymm6, ymm6, xmm7, 1
-
-    vpxor       ymm1, ymm1, ymm1        ; ymm1=(all 0's)
-    vpunpcklbw  ymm0, ymm0, ymm1
-    vpunpcklbw  ymm2, ymm2, ymm1
-    vpunpcklbw  ymm4, ymm4, ymm1
-    vpunpcklbw  ymm6, ymm6, ymm1
-
-    vpcmpeqw    ymm7, ymm7, ymm7
-    vpsllw      ymm7, ymm7, 7           ; ymm7={0xFF80 0xFF80 0xFF80 0xFF80 ..}
-
-    vpaddw      ymm0, ymm0, ymm7
-    vpaddw      ymm2, ymm2, ymm7
-    vpaddw      ymm4, ymm4, ymm7
-    vpaddw      ymm6, ymm6, ymm7
-
-    vmovdqu     YMMWORD [YMMBLOCK(0,0,edi,SIZEOF_DCTELEM)], ymm0
-    vmovdqu     YMMWORD [YMMBLOCK(2,0,edi,SIZEOF_DCTELEM)], ymm2
-    vmovdqu     YMMWORD [YMMBLOCK(4,0,edi,SIZEOF_DCTELEM)], ymm4
-    vmovdqu     YMMWORD [YMMBLOCK(6,0,edi,SIZEOF_DCTELEM)], ymm6
-
-    vzeroupper
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Quantize/descale the coefficients, and store into coef_block
-;
-; This implementation is based on an algorithm described in
-;   "How to optimize for the Pentium family of microprocessors"
-;   (http://www.agner.org/assem/).
-;
-; GLOBAL(void)
-; jsimd_quantize_avx2(JCOEFPTR coef_block, DCTELEM *divisors,
-;                     DCTELEM *workspace);
-;
-
-%define RECIPROCAL(m, n, b) \
-  YMMBLOCK(DCTSIZE * 0 + (m), (n), (b), SIZEOF_DCTELEM)
-%define CORRECTION(m, n, b) \
-  YMMBLOCK(DCTSIZE * 1 + (m), (n), (b), SIZEOF_DCTELEM)
-%define SCALE(m, n, b) \
-  YMMBLOCK(DCTSIZE * 2 + (m), (n), (b), SIZEOF_DCTELEM)
-
-%define coef_block  ebp + 8             ; JCOEFPTR coef_block
-%define divisors    ebp + 12            ; DCTELEM *divisors
-%define workspace   ebp + 16            ; DCTELEM *workspace
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_quantize_avx2)
-
-EXTN(jsimd_quantize_avx2):
-    push        ebp
-    mov         ebp, esp
-;   push        ebx                     ; unused
-;   push        ecx                     ; unused
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         esi, POINTER [workspace]
-    mov         edx, POINTER [divisors]
-    mov         edi, JCOEFPTR [coef_block]
-
-    vmovdqu     ymm4, [YMMBLOCK(0,0,esi,SIZEOF_DCTELEM)]
-    vmovdqu     ymm5, [YMMBLOCK(2,0,esi,SIZEOF_DCTELEM)]
-    vmovdqu     ymm6, [YMMBLOCK(4,0,esi,SIZEOF_DCTELEM)]
-    vmovdqu     ymm7, [YMMBLOCK(6,0,esi,SIZEOF_DCTELEM)]
-    vpabsw      ymm0, ymm4
-    vpabsw      ymm1, ymm5
-    vpabsw      ymm2, ymm6
-    vpabsw      ymm3, ymm7
-
-    vpaddw      ymm0, YMMWORD [CORRECTION(0,0,edx)]  ; correction + roundfactor
-    vpaddw      ymm1, YMMWORD [CORRECTION(2,0,edx)]
-    vpaddw      ymm2, YMMWORD [CORRECTION(4,0,edx)]
-    vpaddw      ymm3, YMMWORD [CORRECTION(6,0,edx)]
-    vpmulhuw    ymm0, YMMWORD [RECIPROCAL(0,0,edx)]  ; reciprocal
-    vpmulhuw    ymm1, YMMWORD [RECIPROCAL(2,0,edx)]
-    vpmulhuw    ymm2, YMMWORD [RECIPROCAL(4,0,edx)]
-    vpmulhuw    ymm3, YMMWORD [RECIPROCAL(6,0,edx)]
-    vpmulhuw    ymm0, YMMWORD [SCALE(0,0,edx)]       ; scale
-    vpmulhuw    ymm1, YMMWORD [SCALE(2,0,edx)]
-    vpmulhuw    ymm2, YMMWORD [SCALE(4,0,edx)]
-    vpmulhuw    ymm3, YMMWORD [SCALE(6,0,edx)]
-
-    vpsignw     ymm0, ymm0, ymm4
-    vpsignw     ymm1, ymm1, ymm5
-    vpsignw     ymm2, ymm2, ymm6
-    vpsignw     ymm3, ymm3, ymm7
-
-    vmovdqu     [YMMBLOCK(0,0,edi,SIZEOF_DCTELEM)], ymm0
-    vmovdqu     [YMMBLOCK(2,0,edi,SIZEOF_DCTELEM)], ymm1
-    vmovdqu     [YMMBLOCK(4,0,edi,SIZEOF_DCTELEM)], ymm2
-    vmovdqu     [YMMBLOCK(6,0,edi,SIZEOF_DCTELEM)], ymm3
-
-    vzeroupper
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; unused
-;   pop         ebx                     ; unused
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jquanti-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jquanti-sse2.asm
deleted file mode 100644
index 0a50940..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jquanti-sse2.asm
+++ /dev/null
@@ -1,201 +0,0 @@
-;
-; jquanti.asm - sample data conversion and quantization (SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Load data into workspace, applying unsigned->signed conversion
-;
-; GLOBAL(void)
-; jsimd_convsamp_sse2(JSAMPARRAY sample_data, JDIMENSION start_col,
-;                     DCTELEM *workspace);
-;
-
-%define sample_data  ebp + 8            ; JSAMPARRAY sample_data
-%define start_col    ebp + 12           ; JDIMENSION start_col
-%define workspace    ebp + 16           ; DCTELEM *workspace
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_convsamp_sse2)
-
-EXTN(jsimd_convsamp_sse2):
-    push        ebp
-    mov         ebp, esp
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    pxor        xmm6, xmm6              ; xmm6=(all 0's)
-    pcmpeqw     xmm7, xmm7
-    psllw       xmm7, 7                 ; xmm7={0xFF80 0xFF80 0xFF80 0xFF80 ..}
-
-    mov         esi, JSAMPARRAY [sample_data]  ; (JSAMPROW *)
-    mov         eax, JDIMENSION [start_col]
-    mov         edi, POINTER [workspace]       ; (DCTELEM *)
-    mov         ecx, DCTSIZE/4
-    alignx      16, 7
-.convloop:
-    mov         ebx, JSAMPROW [esi+0*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         edx, JSAMPROW [esi+1*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-
-    movq        xmm0, XMM_MMWORD [ebx+eax*SIZEOF_JSAMPLE]  ; xmm0=(01234567)
-    movq        xmm1, XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE]  ; xmm1=(89ABCDEF)
-
-    mov         ebx, JSAMPROW [esi+2*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         edx, JSAMPROW [esi+3*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-
-    movq        xmm2, XMM_MMWORD [ebx+eax*SIZEOF_JSAMPLE]  ; xmm2=(GHIJKLMN)
-    movq        xmm3, XMM_MMWORD [edx+eax*SIZEOF_JSAMPLE]  ; xmm3=(OPQRSTUV)
-
-    punpcklbw   xmm0, xmm6              ; xmm0=(01234567)
-    punpcklbw   xmm1, xmm6              ; xmm1=(89ABCDEF)
-    paddw       xmm0, xmm7
-    paddw       xmm1, xmm7
-    punpcklbw   xmm2, xmm6              ; xmm2=(GHIJKLMN)
-    punpcklbw   xmm3, xmm6              ; xmm3=(OPQRSTUV)
-    paddw       xmm2, xmm7
-    paddw       xmm3, xmm7
-
-    movdqa      XMMWORD [XMMBLOCK(0,0,edi,SIZEOF_DCTELEM)], xmm0
-    movdqa      XMMWORD [XMMBLOCK(1,0,edi,SIZEOF_DCTELEM)], xmm1
-    movdqa      XMMWORD [XMMBLOCK(2,0,edi,SIZEOF_DCTELEM)], xmm2
-    movdqa      XMMWORD [XMMBLOCK(3,0,edi,SIZEOF_DCTELEM)], xmm3
-
-    add         esi, byte 4*SIZEOF_JSAMPROW
-    add         edi, byte 4*DCTSIZE*SIZEOF_DCTELEM
-    dec         ecx
-    jnz         short .convloop
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    pop         ebp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Quantize/descale the coefficients, and store into coef_block
-;
-; This implementation is based on an algorithm described in
-;   "How to optimize for the Pentium family of microprocessors"
-;   (http://www.agner.org/assem/).
-;
-; GLOBAL(void)
-; jsimd_quantize_sse2(JCOEFPTR coef_block, DCTELEM *divisors,
-;                     DCTELEM *workspace);
-;
-
-%define RECIPROCAL(m, n, b) \
-  XMMBLOCK(DCTSIZE * 0 + (m), (n), (b), SIZEOF_DCTELEM)
-%define CORRECTION(m, n, b) \
-  XMMBLOCK(DCTSIZE * 1 + (m), (n), (b), SIZEOF_DCTELEM)
-%define SCALE(m, n, b) \
-  XMMBLOCK(DCTSIZE * 2 + (m), (n), (b), SIZEOF_DCTELEM)
-
-%define coef_block  ebp + 8             ; JCOEFPTR coef_block
-%define divisors    ebp + 12            ; DCTELEM *divisors
-%define workspace   ebp + 16            ; DCTELEM *workspace
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_quantize_sse2)
-
-EXTN(jsimd_quantize_sse2):
-    push        ebp
-    mov         ebp, esp
-;   push        ebx                     ; unused
-;   push        ecx                     ; unused
-;   push        edx                     ; need not be preserved
-    push        esi
-    push        edi
-
-    mov         esi, POINTER [workspace]
-    mov         edx, POINTER [divisors]
-    mov         edi, JCOEFPTR [coef_block]
-    mov         eax, DCTSIZE2/32
-    alignx      16, 7
-.quantloop:
-    movdqa      xmm4, XMMWORD [XMMBLOCK(0,0,esi,SIZEOF_DCTELEM)]
-    movdqa      xmm5, XMMWORD [XMMBLOCK(1,0,esi,SIZEOF_DCTELEM)]
-    movdqa      xmm6, XMMWORD [XMMBLOCK(2,0,esi,SIZEOF_DCTELEM)]
-    movdqa      xmm7, XMMWORD [XMMBLOCK(3,0,esi,SIZEOF_DCTELEM)]
-    movdqa      xmm0, xmm4
-    movdqa      xmm1, xmm5
-    movdqa      xmm2, xmm6
-    movdqa      xmm3, xmm7
-    psraw       xmm4, (WORD_BIT-1)
-    psraw       xmm5, (WORD_BIT-1)
-    psraw       xmm6, (WORD_BIT-1)
-    psraw       xmm7, (WORD_BIT-1)
-    pxor        xmm0, xmm4
-    pxor        xmm1, xmm5
-    pxor        xmm2, xmm6
-    pxor        xmm3, xmm7
-    psubw       xmm0, xmm4              ; if (xmm0 < 0) xmm0 = -xmm0;
-    psubw       xmm1, xmm5              ; if (xmm1 < 0) xmm1 = -xmm1;
-    psubw       xmm2, xmm6              ; if (xmm2 < 0) xmm2 = -xmm2;
-    psubw       xmm3, xmm7              ; if (xmm3 < 0) xmm3 = -xmm3;
-
-    paddw       xmm0, XMMWORD [CORRECTION(0,0,edx)]  ; correction + roundfactor
-    paddw       xmm1, XMMWORD [CORRECTION(1,0,edx)]
-    paddw       xmm2, XMMWORD [CORRECTION(2,0,edx)]
-    paddw       xmm3, XMMWORD [CORRECTION(3,0,edx)]
-    pmulhuw     xmm0, XMMWORD [RECIPROCAL(0,0,edx)]  ; reciprocal
-    pmulhuw     xmm1, XMMWORD [RECIPROCAL(1,0,edx)]
-    pmulhuw     xmm2, XMMWORD [RECIPROCAL(2,0,edx)]
-    pmulhuw     xmm3, XMMWORD [RECIPROCAL(3,0,edx)]
-    pmulhuw     xmm0, XMMWORD [SCALE(0,0,edx)]       ; scale
-    pmulhuw     xmm1, XMMWORD [SCALE(1,0,edx)]
-    pmulhuw     xmm2, XMMWORD [SCALE(2,0,edx)]
-    pmulhuw     xmm3, XMMWORD [SCALE(3,0,edx)]
-
-    pxor        xmm0, xmm4
-    pxor        xmm1, xmm5
-    pxor        xmm2, xmm6
-    pxor        xmm3, xmm7
-    psubw       xmm0, xmm4
-    psubw       xmm1, xmm5
-    psubw       xmm2, xmm6
-    psubw       xmm3, xmm7
-    movdqa      XMMWORD [XMMBLOCK(0,0,edi,SIZEOF_DCTELEM)], xmm0
-    movdqa      XMMWORD [XMMBLOCK(1,0,edi,SIZEOF_DCTELEM)], xmm1
-    movdqa      XMMWORD [XMMBLOCK(2,0,edi,SIZEOF_DCTELEM)], xmm2
-    movdqa      XMMWORD [XMMBLOCK(3,0,edi,SIZEOF_DCTELEM)], xmm3
-
-    add         esi, byte 32*SIZEOF_DCTELEM
-    add         edx, byte 32*SIZEOF_DCTELEM
-    add         edi, byte 32*SIZEOF_JCOEF
-    dec         eax
-    jnz         near .quantloop
-
-    pop         edi
-    pop         esi
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; unused
-;   pop         ebx                     ; unused
-    pop         ebp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jsimd.c b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jsimd.c
deleted file mode 100644
index 563949a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jsimd.c
+++ /dev/null
@@ -1,1253 +0,0 @@
-/*
- * jsimd_i386.c
- *
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2009-2011, 2013-2014, 2016, 2018, D. R. Commander.
- * Copyright (C) 2015-2016, 2018, Matthieu Darbois.
- *
- * Based on the x86 SIMD extension for IJG JPEG library,
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- * For conditions of distribution and use, see copyright notice in jsimdext.inc
- *
- * This file contains the interface between the "normal" portions
- * of the library and the SIMD implementations when running on a
- * 32-bit x86 architecture.
- */
-
-#define JPEG_INTERNALS
-#include "../../jinclude.h"
-#include "../../jpeglib.h"
-#include "../../jsimd.h"
-#include "../../jdct.h"
-#include "../../jsimddct.h"
-#include "../jsimd.h"
-#include "jconfigint.h"
-
-/*
- * In the PIC cases, we have no guarantee that constants will keep
- * their alignment. This macro allows us to verify it at runtime.
- */
-#define IS_ALIGNED(ptr, order)  (((unsigned)ptr & ((1 << order) - 1)) == 0)
-
-#define IS_ALIGNED_SSE(ptr)  (IS_ALIGNED(ptr, 4)) /* 16 byte alignment */
-#define IS_ALIGNED_AVX(ptr)  (IS_ALIGNED(ptr, 5)) /* 32 byte alignment */
-
-static unsigned int simd_support = (unsigned int)(~0);
-static unsigned int simd_huffman = 1;
-
-/*
- * Check what SIMD accelerations are supported.
- *
- * FIXME: This code is racy under a multi-threaded environment.
- */
-LOCAL(void)
-init_simd(void)
-{
-#ifndef NO_GETENV
-  char *env = NULL;
-#endif
-
-  if (simd_support != ~0U)
-    return;
-
-  simd_support = jpeg_simd_cpu_support();
-
-#ifndef NO_GETENV
-  /* Force different settings through environment variables */
-  env = getenv("JSIMD_FORCEMMX");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_support &= JSIMD_MMX;
-  env = getenv("JSIMD_FORCE3DNOW");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_support &= JSIMD_3DNOW | JSIMD_MMX;
-  env = getenv("JSIMD_FORCESSE");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_support &= JSIMD_SSE | JSIMD_MMX;
-  env = getenv("JSIMD_FORCESSE2");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_support &= JSIMD_SSE2;
-  env = getenv("JSIMD_FORCEAVX2");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_support &= JSIMD_AVX2;
-  env = getenv("JSIMD_FORCENONE");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_support = 0;
-  env = getenv("JSIMD_NOHUFFENC");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_huffman = 0;
-#endif
-}
-
-GLOBAL(int)
-jsimd_can_rgb_ycc(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if ((simd_support & JSIMD_AVX2) &&
-      IS_ALIGNED_AVX(jconst_rgb_ycc_convert_avx2))
-    return 1;
-  if ((simd_support & JSIMD_SSE2) &&
-      IS_ALIGNED_SSE(jconst_rgb_ycc_convert_sse2))
-    return 1;
-  if (simd_support & JSIMD_MMX)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_rgb_gray(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if ((simd_support & JSIMD_AVX2) &&
-      IS_ALIGNED_AVX(jconst_rgb_gray_convert_avx2))
-    return 1;
-  if ((simd_support & JSIMD_SSE2) &&
-      IS_ALIGNED_SSE(jconst_rgb_gray_convert_sse2))
-    return 1;
-  if (simd_support & JSIMD_MMX)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_ycc_rgb(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if ((simd_support & JSIMD_AVX2) &&
-      IS_ALIGNED_AVX(jconst_ycc_rgb_convert_avx2))
-    return 1;
-  if ((simd_support & JSIMD_SSE2) &&
-      IS_ALIGNED_SSE(jconst_ycc_rgb_convert_sse2))
-    return 1;
-  if (simd_support & JSIMD_MMX)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_ycc_rgb565(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_rgb_ycc_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                      JSAMPIMAGE output_buf, JDIMENSION output_row,
-                      int num_rows)
-{
-  void (*avx2fct) (JDIMENSION, JSAMPARRAY, JSAMPIMAGE, JDIMENSION, int);
-  void (*sse2fct) (JDIMENSION, JSAMPARRAY, JSAMPIMAGE, JDIMENSION, int);
-  void (*mmxfct) (JDIMENSION, JSAMPARRAY, JSAMPIMAGE, JDIMENSION, int);
-
-  switch (cinfo->in_color_space) {
-  case JCS_EXT_RGB:
-    avx2fct = jsimd_extrgb_ycc_convert_avx2;
-    sse2fct = jsimd_extrgb_ycc_convert_sse2;
-    mmxfct = jsimd_extrgb_ycc_convert_mmx;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    avx2fct = jsimd_extrgbx_ycc_convert_avx2;
-    sse2fct = jsimd_extrgbx_ycc_convert_sse2;
-    mmxfct = jsimd_extrgbx_ycc_convert_mmx;
-    break;
-  case JCS_EXT_BGR:
-    avx2fct = jsimd_extbgr_ycc_convert_avx2;
-    sse2fct = jsimd_extbgr_ycc_convert_sse2;
-    mmxfct = jsimd_extbgr_ycc_convert_mmx;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    avx2fct = jsimd_extbgrx_ycc_convert_avx2;
-    sse2fct = jsimd_extbgrx_ycc_convert_sse2;
-    mmxfct = jsimd_extbgrx_ycc_convert_mmx;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    avx2fct = jsimd_extxbgr_ycc_convert_avx2;
-    sse2fct = jsimd_extxbgr_ycc_convert_sse2;
-    mmxfct = jsimd_extxbgr_ycc_convert_mmx;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    avx2fct = jsimd_extxrgb_ycc_convert_avx2;
-    sse2fct = jsimd_extxrgb_ycc_convert_sse2;
-    mmxfct = jsimd_extxrgb_ycc_convert_mmx;
-    break;
-  default:
-    avx2fct = jsimd_rgb_ycc_convert_avx2;
-    sse2fct = jsimd_rgb_ycc_convert_sse2;
-    mmxfct = jsimd_rgb_ycc_convert_mmx;
-    break;
-  }
-
-  if (simd_support & JSIMD_AVX2)
-    avx2fct(cinfo->image_width, input_buf, output_buf, output_row, num_rows);
-  else if (simd_support & JSIMD_SSE2)
-    sse2fct(cinfo->image_width, input_buf, output_buf, output_row, num_rows);
-  else
-    mmxfct(cinfo->image_width, input_buf, output_buf, output_row, num_rows);
-}
-
-GLOBAL(void)
-jsimd_rgb_gray_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                       JSAMPIMAGE output_buf, JDIMENSION output_row,
-                       int num_rows)
-{
-  void (*avx2fct) (JDIMENSION, JSAMPARRAY, JSAMPIMAGE, JDIMENSION, int);
-  void (*sse2fct) (JDIMENSION, JSAMPARRAY, JSAMPIMAGE, JDIMENSION, int);
-  void (*mmxfct) (JDIMENSION, JSAMPARRAY, JSAMPIMAGE, JDIMENSION, int);
-
-  switch (cinfo->in_color_space) {
-  case JCS_EXT_RGB:
-    avx2fct = jsimd_extrgb_gray_convert_avx2;
-    sse2fct = jsimd_extrgb_gray_convert_sse2;
-    mmxfct = jsimd_extrgb_gray_convert_mmx;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    avx2fct = jsimd_extrgbx_gray_convert_avx2;
-    sse2fct = jsimd_extrgbx_gray_convert_sse2;
-    mmxfct = jsimd_extrgbx_gray_convert_mmx;
-    break;
-  case JCS_EXT_BGR:
-    avx2fct = jsimd_extbgr_gray_convert_avx2;
-    sse2fct = jsimd_extbgr_gray_convert_sse2;
-    mmxfct = jsimd_extbgr_gray_convert_mmx;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    avx2fct = jsimd_extbgrx_gray_convert_avx2;
-    sse2fct = jsimd_extbgrx_gray_convert_sse2;
-    mmxfct = jsimd_extbgrx_gray_convert_mmx;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    avx2fct = jsimd_extxbgr_gray_convert_avx2;
-    sse2fct = jsimd_extxbgr_gray_convert_sse2;
-    mmxfct = jsimd_extxbgr_gray_convert_mmx;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    avx2fct = jsimd_extxrgb_gray_convert_avx2;
-    sse2fct = jsimd_extxrgb_gray_convert_sse2;
-    mmxfct = jsimd_extxrgb_gray_convert_mmx;
-    break;
-  default:
-    avx2fct = jsimd_rgb_gray_convert_avx2;
-    sse2fct = jsimd_rgb_gray_convert_sse2;
-    mmxfct = jsimd_rgb_gray_convert_mmx;
-    break;
-  }
-
-  if (simd_support & JSIMD_AVX2)
-    avx2fct(cinfo->image_width, input_buf, output_buf, output_row, num_rows);
-  else if (simd_support & JSIMD_SSE2)
-    sse2fct(cinfo->image_width, input_buf, output_buf, output_row, num_rows);
-  else
-    mmxfct(cinfo->image_width, input_buf, output_buf, output_row, num_rows);
-}
-
-GLOBAL(void)
-jsimd_ycc_rgb_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                      JDIMENSION input_row, JSAMPARRAY output_buf,
-                      int num_rows)
-{
-  void (*avx2fct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY, int);
-  void (*sse2fct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY, int);
-  void (*mmxfct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY, int);
-
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    avx2fct = jsimd_ycc_extrgb_convert_avx2;
-    sse2fct = jsimd_ycc_extrgb_convert_sse2;
-    mmxfct = jsimd_ycc_extrgb_convert_mmx;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    avx2fct = jsimd_ycc_extrgbx_convert_avx2;
-    sse2fct = jsimd_ycc_extrgbx_convert_sse2;
-    mmxfct = jsimd_ycc_extrgbx_convert_mmx;
-    break;
-  case JCS_EXT_BGR:
-    avx2fct = jsimd_ycc_extbgr_convert_avx2;
-    sse2fct = jsimd_ycc_extbgr_convert_sse2;
-    mmxfct = jsimd_ycc_extbgr_convert_mmx;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    avx2fct = jsimd_ycc_extbgrx_convert_avx2;
-    sse2fct = jsimd_ycc_extbgrx_convert_sse2;
-    mmxfct = jsimd_ycc_extbgrx_convert_mmx;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    avx2fct = jsimd_ycc_extxbgr_convert_avx2;
-    sse2fct = jsimd_ycc_extxbgr_convert_sse2;
-    mmxfct = jsimd_ycc_extxbgr_convert_mmx;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    avx2fct = jsimd_ycc_extxrgb_convert_avx2;
-    sse2fct = jsimd_ycc_extxrgb_convert_sse2;
-    mmxfct = jsimd_ycc_extxrgb_convert_mmx;
-    break;
-  default:
-    avx2fct = jsimd_ycc_rgb_convert_avx2;
-    sse2fct = jsimd_ycc_rgb_convert_sse2;
-    mmxfct = jsimd_ycc_rgb_convert_mmx;
-    break;
-  }
-
-  if (simd_support & JSIMD_AVX2)
-    avx2fct(cinfo->output_width, input_buf, input_row, output_buf, num_rows);
-  else if (simd_support & JSIMD_SSE2)
-    sse2fct(cinfo->output_width, input_buf, input_row, output_buf, num_rows);
-  else
-    mmxfct(cinfo->output_width, input_buf, input_row, output_buf, num_rows);
-}
-
-GLOBAL(void)
-jsimd_ycc_rgb565_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                         JDIMENSION input_row, JSAMPARRAY output_buf,
-                         int num_rows)
-{
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_downsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_AVX2)
-    return 1;
-  if (simd_support & JSIMD_SSE2)
-    return 1;
-  if (simd_support & JSIMD_MMX)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_downsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_AVX2)
-    return 1;
-  if (simd_support & JSIMD_SSE2)
-    return 1;
-  if (simd_support & JSIMD_MMX)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                      JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  if (simd_support & JSIMD_AVX2)
-    jsimd_h2v2_downsample_avx2(cinfo->image_width, cinfo->max_v_samp_factor,
-                               compptr->v_samp_factor,
-                               compptr->width_in_blocks, input_data,
-                               output_data);
-  else if (simd_support & JSIMD_SSE2)
-    jsimd_h2v2_downsample_sse2(cinfo->image_width, cinfo->max_v_samp_factor,
-                               compptr->v_samp_factor,
-                               compptr->width_in_blocks, input_data,
-                               output_data);
-  else
-    jsimd_h2v2_downsample_mmx(cinfo->image_width, cinfo->max_v_samp_factor,
-                              compptr->v_samp_factor, compptr->width_in_blocks,
-                              input_data, output_data);
-}
-
-GLOBAL(void)
-jsimd_h2v1_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                      JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  if (simd_support & JSIMD_AVX2)
-    jsimd_h2v1_downsample_avx2(cinfo->image_width, cinfo->max_v_samp_factor,
-                               compptr->v_samp_factor,
-                               compptr->width_in_blocks, input_data,
-                               output_data);
-  else if (simd_support & JSIMD_SSE2)
-    jsimd_h2v1_downsample_sse2(cinfo->image_width, cinfo->max_v_samp_factor,
-                               compptr->v_samp_factor,
-                               compptr->width_in_blocks, input_data,
-                               output_data);
-  else
-    jsimd_h2v1_downsample_mmx(cinfo->image_width, cinfo->max_v_samp_factor,
-                              compptr->v_samp_factor, compptr->width_in_blocks,
-                              input_data, output_data);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_AVX2)
-    return 1;
-  if (simd_support & JSIMD_SSE2)
-    return 1;
-  if (simd_support & JSIMD_MMX)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_AVX2)
-    return 1;
-  if (simd_support & JSIMD_SSE2)
-    return 1;
-  if (simd_support & JSIMD_MMX)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                    JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  if (simd_support & JSIMD_AVX2)
-    jsimd_h2v2_upsample_avx2(cinfo->max_v_samp_factor, cinfo->output_width,
-                             input_data, output_data_ptr);
-  else if (simd_support & JSIMD_SSE2)
-    jsimd_h2v2_upsample_sse2(cinfo->max_v_samp_factor, cinfo->output_width,
-                             input_data, output_data_ptr);
-  else
-    jsimd_h2v2_upsample_mmx(cinfo->max_v_samp_factor, cinfo->output_width,
-                            input_data, output_data_ptr);
-}
-
-GLOBAL(void)
-jsimd_h2v1_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                    JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  if (simd_support & JSIMD_AVX2)
-    jsimd_h2v1_upsample_avx2(cinfo->max_v_samp_factor, cinfo->output_width,
-                             input_data, output_data_ptr);
-  else if (simd_support & JSIMD_SSE2)
-    jsimd_h2v1_upsample_sse2(cinfo->max_v_samp_factor, cinfo->output_width,
-                             input_data, output_data_ptr);
-  else
-    jsimd_h2v1_upsample_mmx(cinfo->max_v_samp_factor, cinfo->output_width,
-                            input_data, output_data_ptr);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_fancy_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if ((simd_support & JSIMD_AVX2) &&
-      IS_ALIGNED_AVX(jconst_fancy_upsample_avx2))
-    return 1;
-  if ((simd_support & JSIMD_SSE2) &&
-      IS_ALIGNED_SSE(jconst_fancy_upsample_sse2))
-    return 1;
-  if (simd_support & JSIMD_MMX)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_fancy_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if ((simd_support & JSIMD_AVX2) &&
-      IS_ALIGNED_AVX(jconst_fancy_upsample_avx2))
-    return 1;
-  if ((simd_support & JSIMD_SSE2) &&
-      IS_ALIGNED_SSE(jconst_fancy_upsample_sse2))
-    return 1;
-  if (simd_support & JSIMD_MMX)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  if (simd_support & JSIMD_AVX2)
-    jsimd_h2v2_fancy_upsample_avx2(cinfo->max_v_samp_factor,
-                                   compptr->downsampled_width, input_data,
-                                   output_data_ptr);
-  else if (simd_support & JSIMD_SSE2)
-    jsimd_h2v2_fancy_upsample_sse2(cinfo->max_v_samp_factor,
-                                   compptr->downsampled_width, input_data,
-                                   output_data_ptr);
-  else
-    jsimd_h2v2_fancy_upsample_mmx(cinfo->max_v_samp_factor,
-                                  compptr->downsampled_width, input_data,
-                                  output_data_ptr);
-}
-
-GLOBAL(void)
-jsimd_h2v1_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  if (simd_support & JSIMD_AVX2)
-    jsimd_h2v1_fancy_upsample_avx2(cinfo->max_v_samp_factor,
-                                   compptr->downsampled_width, input_data,
-                                   output_data_ptr);
-  else if (simd_support & JSIMD_SSE2)
-    jsimd_h2v1_fancy_upsample_sse2(cinfo->max_v_samp_factor,
-                                   compptr->downsampled_width, input_data,
-                                   output_data_ptr);
-  else
-    jsimd_h2v1_fancy_upsample_mmx(cinfo->max_v_samp_factor,
-                                  compptr->downsampled_width, input_data,
-                                  output_data_ptr);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_merged_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if ((simd_support & JSIMD_AVX2) &&
-      IS_ALIGNED_AVX(jconst_merged_upsample_avx2))
-    return 1;
-  if ((simd_support & JSIMD_SSE2) &&
-      IS_ALIGNED_SSE(jconst_merged_upsample_sse2))
-    return 1;
-  if (simd_support & JSIMD_MMX)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_merged_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if ((simd_support & JSIMD_AVX2) &&
-      IS_ALIGNED_AVX(jconst_merged_upsample_avx2))
-    return 1;
-  if ((simd_support & JSIMD_SSE2) &&
-      IS_ALIGNED_SSE(jconst_merged_upsample_sse2))
-    return 1;
-  if (simd_support & JSIMD_MMX)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_merged_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                           JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-  void (*avx2fct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY);
-  void (*sse2fct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY);
-  void (*mmxfct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY);
-
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    avx2fct = jsimd_h2v2_extrgb_merged_upsample_avx2;
-    sse2fct = jsimd_h2v2_extrgb_merged_upsample_sse2;
-    mmxfct = jsimd_h2v2_extrgb_merged_upsample_mmx;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    avx2fct = jsimd_h2v2_extrgbx_merged_upsample_avx2;
-    sse2fct = jsimd_h2v2_extrgbx_merged_upsample_sse2;
-    mmxfct = jsimd_h2v2_extrgbx_merged_upsample_mmx;
-    break;
-  case JCS_EXT_BGR:
-    avx2fct = jsimd_h2v2_extbgr_merged_upsample_avx2;
-    sse2fct = jsimd_h2v2_extbgr_merged_upsample_sse2;
-    mmxfct = jsimd_h2v2_extbgr_merged_upsample_mmx;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    avx2fct = jsimd_h2v2_extbgrx_merged_upsample_avx2;
-    sse2fct = jsimd_h2v2_extbgrx_merged_upsample_sse2;
-    mmxfct = jsimd_h2v2_extbgrx_merged_upsample_mmx;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    avx2fct = jsimd_h2v2_extxbgr_merged_upsample_avx2;
-    sse2fct = jsimd_h2v2_extxbgr_merged_upsample_sse2;
-    mmxfct = jsimd_h2v2_extxbgr_merged_upsample_mmx;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    avx2fct = jsimd_h2v2_extxrgb_merged_upsample_avx2;
-    sse2fct = jsimd_h2v2_extxrgb_merged_upsample_sse2;
-    mmxfct = jsimd_h2v2_extxrgb_merged_upsample_mmx;
-    break;
-  default:
-    avx2fct = jsimd_h2v2_merged_upsample_avx2;
-    sse2fct = jsimd_h2v2_merged_upsample_sse2;
-    mmxfct = jsimd_h2v2_merged_upsample_mmx;
-    break;
-  }
-
-  if (simd_support & JSIMD_AVX2)
-    avx2fct(cinfo->output_width, input_buf, in_row_group_ctr, output_buf);
-  else if (simd_support & JSIMD_SSE2)
-    sse2fct(cinfo->output_width, input_buf, in_row_group_ctr, output_buf);
-  else
-    mmxfct(cinfo->output_width, input_buf, in_row_group_ctr, output_buf);
-}
-
-GLOBAL(void)
-jsimd_h2v1_merged_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                           JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-  void (*avx2fct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY);
-  void (*sse2fct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY);
-  void (*mmxfct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY);
-
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    avx2fct = jsimd_h2v1_extrgb_merged_upsample_avx2;
-    sse2fct = jsimd_h2v1_extrgb_merged_upsample_sse2;
-    mmxfct = jsimd_h2v1_extrgb_merged_upsample_mmx;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    avx2fct = jsimd_h2v1_extrgbx_merged_upsample_avx2;
-    sse2fct = jsimd_h2v1_extrgbx_merged_upsample_sse2;
-    mmxfct = jsimd_h2v1_extrgbx_merged_upsample_mmx;
-    break;
-  case JCS_EXT_BGR:
-    avx2fct = jsimd_h2v1_extbgr_merged_upsample_avx2;
-    sse2fct = jsimd_h2v1_extbgr_merged_upsample_sse2;
-    mmxfct = jsimd_h2v1_extbgr_merged_upsample_mmx;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    avx2fct = jsimd_h2v1_extbgrx_merged_upsample_avx2;
-    sse2fct = jsimd_h2v1_extbgrx_merged_upsample_sse2;
-    mmxfct = jsimd_h2v1_extbgrx_merged_upsample_mmx;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    avx2fct = jsimd_h2v1_extxbgr_merged_upsample_avx2;
-    sse2fct = jsimd_h2v1_extxbgr_merged_upsample_sse2;
-    mmxfct = jsimd_h2v1_extxbgr_merged_upsample_mmx;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    avx2fct = jsimd_h2v1_extxrgb_merged_upsample_avx2;
-    sse2fct = jsimd_h2v1_extxrgb_merged_upsample_sse2;
-    mmxfct = jsimd_h2v1_extxrgb_merged_upsample_mmx;
-    break;
-  default:
-    avx2fct = jsimd_h2v1_merged_upsample_avx2;
-    sse2fct = jsimd_h2v1_merged_upsample_sse2;
-    mmxfct = jsimd_h2v1_merged_upsample_mmx;
-    break;
-  }
-
-  if (simd_support & JSIMD_AVX2)
-    avx2fct(cinfo->output_width, input_buf, in_row_group_ctr, output_buf);
-  else if (simd_support & JSIMD_SSE2)
-    sse2fct(cinfo->output_width, input_buf, in_row_group_ctr, output_buf);
-  else
-    mmxfct(cinfo->output_width, input_buf, in_row_group_ctr, output_buf);
-}
-
-GLOBAL(int)
-jsimd_can_convsamp(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_AVX2)
-    return 1;
-  if (simd_support & JSIMD_SSE2)
-    return 1;
-  if (simd_support & JSIMD_MMX)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_convsamp_float(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(FAST_FLOAT) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_SSE2)
-    return 1;
-  if (simd_support & JSIMD_SSE)
-    return 1;
-  if (simd_support & JSIMD_3DNOW)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_convsamp(JSAMPARRAY sample_data, JDIMENSION start_col,
-               DCTELEM *workspace)
-{
-  if (simd_support & JSIMD_AVX2)
-    jsimd_convsamp_avx2(sample_data, start_col, workspace);
-  else if (simd_support & JSIMD_SSE2)
-    jsimd_convsamp_sse2(sample_data, start_col, workspace);
-  else
-    jsimd_convsamp_mmx(sample_data, start_col, workspace);
-}
-
-GLOBAL(void)
-jsimd_convsamp_float(JSAMPARRAY sample_data, JDIMENSION start_col,
-                     FAST_FLOAT *workspace)
-{
-  if (simd_support & JSIMD_SSE2)
-    jsimd_convsamp_float_sse2(sample_data, start_col, workspace);
-  else if (simd_support & JSIMD_SSE)
-    jsimd_convsamp_float_sse(sample_data, start_col, workspace);
-  else
-    jsimd_convsamp_float_3dnow(sample_data, start_col, workspace);
-}
-
-GLOBAL(int)
-jsimd_can_fdct_islow(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if ((simd_support & JSIMD_AVX2) && IS_ALIGNED_AVX(jconst_fdct_islow_avx2))
-    return 1;
-  if ((simd_support & JSIMD_SSE2) && IS_ALIGNED_SSE(jconst_fdct_islow_sse2))
-    return 1;
-  if (simd_support & JSIMD_MMX)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_fdct_ifast(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if ((simd_support & JSIMD_SSE2) && IS_ALIGNED_SSE(jconst_fdct_ifast_sse2))
-    return 1;
-  if (simd_support & JSIMD_MMX)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_fdct_float(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(FAST_FLOAT) != 4)
-    return 0;
-
-  if ((simd_support & JSIMD_SSE) && IS_ALIGNED_SSE(jconst_fdct_float_sse))
-    return 1;
-  if (simd_support & JSIMD_3DNOW)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_fdct_islow(DCTELEM *data)
-{
-  if (simd_support & JSIMD_AVX2)
-    jsimd_fdct_islow_avx2(data);
-  else if (simd_support & JSIMD_SSE2)
-    jsimd_fdct_islow_sse2(data);
-  else
-    jsimd_fdct_islow_mmx(data);
-}
-
-GLOBAL(void)
-jsimd_fdct_ifast(DCTELEM *data)
-{
-  if ((simd_support & JSIMD_SSE2) && IS_ALIGNED_SSE(jconst_fdct_islow_sse2))
-    jsimd_fdct_ifast_sse2(data);
-  else
-    jsimd_fdct_ifast_mmx(data);
-}
-
-GLOBAL(void)
-jsimd_fdct_float(FAST_FLOAT *data)
-{
-  if ((simd_support & JSIMD_SSE) && IS_ALIGNED_SSE(jconst_fdct_float_sse))
-    jsimd_fdct_float_sse(data);
-  else if (simd_support & JSIMD_3DNOW)
-    jsimd_fdct_float_3dnow(data);
-}
-
-GLOBAL(int)
-jsimd_can_quantize(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_AVX2)
-    return 1;
-  if (simd_support & JSIMD_SSE2)
-    return 1;
-  if (simd_support & JSIMD_MMX)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_quantize_float(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (sizeof(FAST_FLOAT) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_SSE2)
-    return 1;
-  if (simd_support & JSIMD_SSE)
-    return 1;
-  if (simd_support & JSIMD_3DNOW)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_quantize(JCOEFPTR coef_block, DCTELEM *divisors, DCTELEM *workspace)
-{
-  if (simd_support & JSIMD_AVX2)
-    jsimd_quantize_avx2(coef_block, divisors, workspace);
-  else if (simd_support & JSIMD_SSE2)
-    jsimd_quantize_sse2(coef_block, divisors, workspace);
-  else
-    jsimd_quantize_mmx(coef_block, divisors, workspace);
-}
-
-GLOBAL(void)
-jsimd_quantize_float(JCOEFPTR coef_block, FAST_FLOAT *divisors,
-                     FAST_FLOAT *workspace)
-{
-  if (simd_support & JSIMD_SSE2)
-    jsimd_quantize_float_sse2(coef_block, divisors, workspace);
-  else if (simd_support & JSIMD_SSE)
-    jsimd_quantize_float_sse(coef_block, divisors, workspace);
-  else
-    jsimd_quantize_float_3dnow(coef_block, divisors, workspace);
-}
-
-GLOBAL(int)
-jsimd_can_idct_2x2(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(ISLOW_MULT_TYPE) != 2)
-    return 0;
-
-  if ((simd_support & JSIMD_SSE2) && IS_ALIGNED_SSE(jconst_idct_red_sse2))
-    return 1;
-  if (simd_support & JSIMD_MMX)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_4x4(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(ISLOW_MULT_TYPE) != 2)
-    return 0;
-
-  if ((simd_support & JSIMD_SSE2) && IS_ALIGNED_SSE(jconst_idct_red_sse2))
-    return 1;
-  if (simd_support & JSIMD_MMX)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_idct_2x2(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-               JCOEFPTR coef_block, JSAMPARRAY output_buf,
-               JDIMENSION output_col)
-{
-  if ((simd_support & JSIMD_SSE2) && IS_ALIGNED_SSE(jconst_idct_red_sse2))
-    jsimd_idct_2x2_sse2(compptr->dct_table, coef_block, output_buf,
-                        output_col);
-  else
-    jsimd_idct_2x2_mmx(compptr->dct_table, coef_block, output_buf, output_col);
-}
-
-GLOBAL(void)
-jsimd_idct_4x4(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-               JCOEFPTR coef_block, JSAMPARRAY output_buf,
-               JDIMENSION output_col)
-{
-  if ((simd_support & JSIMD_SSE2) && IS_ALIGNED_SSE(jconst_idct_red_sse2))
-    jsimd_idct_4x4_sse2(compptr->dct_table, coef_block, output_buf,
-                        output_col);
-  else
-    jsimd_idct_4x4_mmx(compptr->dct_table, coef_block, output_buf, output_col);
-}
-
-GLOBAL(int)
-jsimd_can_idct_islow(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(ISLOW_MULT_TYPE) != 2)
-    return 0;
-
-  if ((simd_support & JSIMD_AVX2) && IS_ALIGNED_AVX(jconst_idct_islow_avx2))
-    return 1;
-  if ((simd_support & JSIMD_SSE2) && IS_ALIGNED_SSE(jconst_idct_islow_sse2))
-    return 1;
-  if (simd_support & JSIMD_MMX)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_ifast(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(IFAST_MULT_TYPE) != 2)
-    return 0;
-  if (IFAST_SCALE_BITS != 2)
-    return 0;
-
-  if ((simd_support & JSIMD_SSE2) && IS_ALIGNED_SSE(jconst_idct_ifast_sse2))
-    return 1;
-  if (simd_support & JSIMD_MMX)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_float(void)
-{
-  init_simd();
-
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(FAST_FLOAT) != 4)
-    return 0;
-  if (sizeof(FLOAT_MULT_TYPE) != 4)
-    return 0;
-
-  if ((simd_support & JSIMD_SSE2) && IS_ALIGNED_SSE(jconst_idct_float_sse2))
-    return 1;
-  if ((simd_support & JSIMD_SSE) && IS_ALIGNED_SSE(jconst_idct_float_sse))
-    return 1;
-  if (simd_support & JSIMD_3DNOW)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_idct_islow(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-  if (simd_support & JSIMD_AVX2)
-    jsimd_idct_islow_avx2(compptr->dct_table, coef_block, output_buf,
-                          output_col);
-  else if (simd_support & JSIMD_SSE2)
-    jsimd_idct_islow_sse2(compptr->dct_table, coef_block, output_buf,
-                          output_col);
-  else
-    jsimd_idct_islow_mmx(compptr->dct_table, coef_block, output_buf,
-                         output_col);
-}
-
-GLOBAL(void)
-jsimd_idct_ifast(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-  if ((simd_support & JSIMD_SSE2) && IS_ALIGNED_SSE(jconst_idct_ifast_sse2))
-    jsimd_idct_ifast_sse2(compptr->dct_table, coef_block, output_buf,
-                          output_col);
-  else
-    jsimd_idct_ifast_mmx(compptr->dct_table, coef_block, output_buf,
-                         output_col);
-}
-
-GLOBAL(void)
-jsimd_idct_float(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-  if ((simd_support & JSIMD_SSE2) && IS_ALIGNED_SSE(jconst_idct_float_sse2))
-    jsimd_idct_float_sse2(compptr->dct_table, coef_block, output_buf,
-                          output_col);
-  else if ((simd_support & JSIMD_SSE) && IS_ALIGNED_SSE(jconst_idct_float_sse))
-    jsimd_idct_float_sse(compptr->dct_table, coef_block, output_buf,
-                         output_col);
-  else
-    jsimd_idct_float_3dnow(compptr->dct_table, coef_block, output_buf,
-                           output_col);
-}
-
-GLOBAL(int)
-jsimd_can_huff_encode_one_block(void)
-{
-  init_simd();
-
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-
-  if ((simd_support & JSIMD_SSE2) && simd_huffman &&
-      IS_ALIGNED_SSE(jconst_huff_encode_one_block))
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(JOCTET *)
-jsimd_huff_encode_one_block(void *state, JOCTET *buffer, JCOEFPTR block,
-                            int last_dc_val, c_derived_tbl *dctbl,
-                            c_derived_tbl *actbl)
-{
-  return jsimd_huff_encode_one_block_sse2(state, buffer, block, last_dc_val,
-                                          dctbl, actbl);
-}
-
-GLOBAL(int)
-jsimd_can_encode_mcu_AC_first_prepare(void)
-{
-  init_simd();
-
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (SIZEOF_SIZE_T != 4)
-    return 0;
-  if (simd_support & JSIMD_SSE2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_encode_mcu_AC_first_prepare(const JCOEF *block,
-                                  const int *jpeg_natural_order_start, int Sl,
-                                  int Al, JCOEF *values, size_t *zerobits)
-{
-  jsimd_encode_mcu_AC_first_prepare_sse2(block, jpeg_natural_order_start,
-                                         Sl, Al, values, zerobits);
-}
-
-GLOBAL(int)
-jsimd_can_encode_mcu_AC_refine_prepare(void)
-{
-  init_simd();
-
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (SIZEOF_SIZE_T != 4)
-    return 0;
-  if (simd_support & JSIMD_SSE2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_encode_mcu_AC_refine_prepare(const JCOEF *block,
-                                   const int *jpeg_natural_order_start, int Sl,
-                                   int Al, JCOEF *absvalues, size_t *bits)
-{
-  return jsimd_encode_mcu_AC_refine_prepare_sse2(block,
-                                                 jpeg_natural_order_start,
-                                                 Sl, Al, absvalues, bits);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jsimdcpu.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jsimdcpu.asm
deleted file mode 100644
index ddcafa9..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/i386/jsimdcpu.asm
+++ /dev/null
@@ -1,135 +0,0 @@
-;
-; jsimdcpu.asm - SIMD instruction support check
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        32
-;
-; Check if the CPU supports SIMD instructions
-;
-; GLOBAL(unsigned int)
-; jpeg_simd_cpu_support(void)
-;
-
-    align       32
-    GLOBAL_FUNCTION(jpeg_simd_cpu_support)
-
-EXTN(jpeg_simd_cpu_support):
-    push        ebx
-;   push        ecx                     ; need not be preserved
-;   push        edx                     ; need not be preserved
-;   push        esi                     ; unused
-    push        edi
-
-    xor         edi, edi                ; simd support flag
-
-    pushfd
-    pop         eax
-    mov         edx, eax
-    xor         eax, 1<<21              ; flip ID bit in EFLAGS
-    push        eax
-    popfd
-    pushfd
-    pop         eax
-    xor         eax, edx
-    jz          near .return            ; CPUID is not supported
-
-    ; Check whether CPUID leaf 07H is supported
-    ; (leaf 07H is used to check for AVX2 instruction support)
-    xor         eax, eax
-    cpuid
-    test        eax, eax
-    jz          near .return
-    cmp         eax, 7
-    jl          short .no_avx2          ; Maximum leaf < 07H
-
-    ; Check for AVX2 instruction support
-    mov         eax, 7
-    xor         ecx, ecx
-    cpuid
-    mov         eax, ebx
-    test        eax, 1<<5               ; bit5:AVX2
-    jz          short .no_avx2
-
-    ; Check for AVX2 O/S support
-    mov         eax, 1
-    xor         ecx, ecx
-    cpuid
-    test        ecx, 1<<27
-    jz          short .no_avx2          ; O/S does not support XSAVE
-    test        ecx, 1<<28
-    jz          short .no_avx2          ; CPU does not support AVX2
-
-    xor         ecx, ecx
-    xgetbv
-    and         eax, 6
-    cmp         eax, 6                  ; O/S does not manage XMM/YMM state
-                                        ; using XSAVE
-    jnz         short .no_avx2
-
-    or          edi, JSIMD_AVX2
-.no_avx2:
-
-    ; Check CPUID leaf 01H for MMX, SSE, and SSE2 support
-    xor         eax, eax
-    inc         eax
-    cpuid
-    mov         eax, edx                ; eax = Standard feature flags
-
-    ; Check for MMX instruction support
-    test        eax, 1<<23              ; bit23:MMX
-    jz          short .no_mmx
-    or          edi, byte JSIMD_MMX
-.no_mmx:
-    test        eax, 1<<25              ; bit25:SSE
-    jz          short .no_sse
-    or          edi, byte JSIMD_SSE
-.no_sse:
-    test        eax, 1<<26              ; bit26:SSE2
-    jz          short .no_sse2
-    or          edi, byte JSIMD_SSE2
-.no_sse2:
-
-    ; Check for 3DNow! instruction support
-    mov         eax, 0x80000000
-    cpuid
-    cmp         eax, 0x80000000
-    jbe         short .return
-
-    mov         eax, 0x80000001
-    cpuid
-    mov         eax, edx                ; eax = Extended feature flags
-
-    test        eax, 1<<31              ; bit31:3DNow!(vendor independent)
-    jz          short .no_3dnow
-    or          edi, byte JSIMD_3DNOW
-.no_3dnow:
-
-.return:
-    mov         eax, edi
-
-    pop         edi
-;   pop         esi                     ; unused
-;   pop         edx                     ; need not be preserved
-;   pop         ecx                     ; need not be preserved
-    pop         ebx
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/jsimd.h b/3rdparty/libjpeg-turbo_2_1_0/simd/jsimd.h
deleted file mode 100644
index 64747c6..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/jsimd.h
+++ /dev/null
@@ -1,1258 +0,0 @@
-/*
- * simd/jsimd.h
- *
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2011, 2014-2016, 2018, 2020, D. R. Commander.
- * Copyright (C) 2013-2014, MIPS Technologies, Inc., California.
- * Copyright (C) 2014, Linaro Limited.
- * Copyright (C) 2015-2016, 2018, Matthieu Darbois.
- * Copyright (C) 2016-2018, Loongson Technology Corporation Limited, BeiJing.
- * Copyright (C) 2020, Arm Limited.
- *
- * Based on the x86 SIMD extension for IJG JPEG library,
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- * For conditions of distribution and use, see copyright notice in jsimdext.inc
- *
- */
-
-/* Bitmask for supported acceleration methods */
-
-#define JSIMD_NONE     0x00
-#define JSIMD_MMX      0x01
-#define JSIMD_3DNOW    0x02
-#define JSIMD_SSE      0x04
-#define JSIMD_SSE2     0x08
-#define JSIMD_NEON     0x10
-#define JSIMD_DSPR2    0x20
-#define JSIMD_ALTIVEC  0x40
-#define JSIMD_AVX2     0x80
-#define JSIMD_MMI      0x100
-
-/* SIMD Ext: retrieve SIMD/CPU information */
-EXTERN(unsigned int) jpeg_simd_cpu_support(void);
-
-/* RGB & extended RGB --> YCC Colorspace Conversion */
-EXTERN(void) jsimd_rgb_ycc_convert_mmx
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgb_ycc_convert_mmx
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgbx_ycc_convert_mmx
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgr_ycc_convert_mmx
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgrx_ycc_convert_mmx
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxbgr_ycc_convert_mmx
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxrgb_ycc_convert_mmx
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-
-extern const int jconst_rgb_ycc_convert_sse2[];
-EXTERN(void) jsimd_rgb_ycc_convert_sse2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgb_ycc_convert_sse2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgbx_ycc_convert_sse2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgr_ycc_convert_sse2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgrx_ycc_convert_sse2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxbgr_ycc_convert_sse2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxrgb_ycc_convert_sse2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-
-extern const int jconst_rgb_ycc_convert_avx2[];
-EXTERN(void) jsimd_rgb_ycc_convert_avx2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgb_ycc_convert_avx2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgbx_ycc_convert_avx2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgr_ycc_convert_avx2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgrx_ycc_convert_avx2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxbgr_ycc_convert_avx2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxrgb_ycc_convert_avx2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-
-EXTERN(void) jsimd_rgb_ycc_convert_neon
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgb_ycc_convert_neon
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgbx_ycc_convert_neon
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgr_ycc_convert_neon
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgrx_ycc_convert_neon
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxbgr_ycc_convert_neon
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxrgb_ycc_convert_neon
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-
-#ifndef NEON_INTRINSICS
-
-EXTERN(void) jsimd_extrgb_ycc_convert_neon_slowld3
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgr_ycc_convert_neon_slowld3
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-
-#endif
-
-EXTERN(void) jsimd_rgb_ycc_convert_dspr2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgb_ycc_convert_dspr2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgbx_ycc_convert_dspr2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgr_ycc_convert_dspr2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgrx_ycc_convert_dspr2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxbgr_ycc_convert_dspr2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxrgb_ycc_convert_dspr2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-
-EXTERN(void) jsimd_rgb_ycc_convert_mmi
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgb_ycc_convert_mmi
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgbx_ycc_convert_mmi
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgr_ycc_convert_mmi
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgrx_ycc_convert_mmi
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxbgr_ycc_convert_mmi
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxrgb_ycc_convert_mmi
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-
-EXTERN(void) jsimd_rgb_ycc_convert_altivec
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgb_ycc_convert_altivec
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgbx_ycc_convert_altivec
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgr_ycc_convert_altivec
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgrx_ycc_convert_altivec
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxbgr_ycc_convert_altivec
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxrgb_ycc_convert_altivec
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-
-/* RGB & extended RGB --> Grayscale Colorspace Conversion */
-EXTERN(void) jsimd_rgb_gray_convert_mmx
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgb_gray_convert_mmx
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgbx_gray_convert_mmx
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgr_gray_convert_mmx
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgrx_gray_convert_mmx
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxbgr_gray_convert_mmx
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxrgb_gray_convert_mmx
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-
-extern const int jconst_rgb_gray_convert_sse2[];
-EXTERN(void) jsimd_rgb_gray_convert_sse2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgb_gray_convert_sse2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgbx_gray_convert_sse2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgr_gray_convert_sse2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgrx_gray_convert_sse2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxbgr_gray_convert_sse2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxrgb_gray_convert_sse2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-
-extern const int jconst_rgb_gray_convert_avx2[];
-EXTERN(void) jsimd_rgb_gray_convert_avx2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgb_gray_convert_avx2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgbx_gray_convert_avx2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgr_gray_convert_avx2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgrx_gray_convert_avx2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxbgr_gray_convert_avx2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxrgb_gray_convert_avx2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-
-EXTERN(void) jsimd_rgb_gray_convert_neon
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgb_gray_convert_neon
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgbx_gray_convert_neon
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgr_gray_convert_neon
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgrx_gray_convert_neon
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxbgr_gray_convert_neon
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxrgb_gray_convert_neon
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-
-EXTERN(void) jsimd_rgb_gray_convert_dspr2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgb_gray_convert_dspr2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgbx_gray_convert_dspr2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgr_gray_convert_dspr2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgrx_gray_convert_dspr2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxbgr_gray_convert_dspr2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxrgb_gray_convert_dspr2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-
-EXTERN(void) jsimd_rgb_gray_convert_mmi
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgb_gray_convert_mmi
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgbx_gray_convert_mmi
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgr_gray_convert_mmi
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgrx_gray_convert_mmi
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxbgr_gray_convert_mmi
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxrgb_gray_convert_mmi
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-
-EXTERN(void) jsimd_rgb_gray_convert_altivec
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgb_gray_convert_altivec
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extrgbx_gray_convert_altivec
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgr_gray_convert_altivec
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extbgrx_gray_convert_altivec
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxbgr_gray_convert_altivec
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-EXTERN(void) jsimd_extxrgb_gray_convert_altivec
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows);
-
-/* YCC --> RGB & extended RGB Colorspace Conversion */
-EXTERN(void) jsimd_ycc_rgb_convert_mmx
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extrgb_convert_mmx
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extrgbx_convert_mmx
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extbgr_convert_mmx
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extbgrx_convert_mmx
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extxbgr_convert_mmx
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extxrgb_convert_mmx
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-
-extern const int jconst_ycc_rgb_convert_sse2[];
-EXTERN(void) jsimd_ycc_rgb_convert_sse2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extrgb_convert_sse2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extrgbx_convert_sse2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extbgr_convert_sse2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extbgrx_convert_sse2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extxbgr_convert_sse2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extxrgb_convert_sse2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-
-extern const int jconst_ycc_rgb_convert_avx2[];
-EXTERN(void) jsimd_ycc_rgb_convert_avx2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extrgb_convert_avx2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extrgbx_convert_avx2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extbgr_convert_avx2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extbgrx_convert_avx2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extxbgr_convert_avx2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extxrgb_convert_avx2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-
-EXTERN(void) jsimd_ycc_rgb_convert_neon
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extrgb_convert_neon
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extrgbx_convert_neon
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extbgr_convert_neon
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extbgrx_convert_neon
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extxbgr_convert_neon
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extxrgb_convert_neon
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_rgb565_convert_neon
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-
-#ifndef NEON_INTRINSICS
-
-EXTERN(void) jsimd_ycc_extrgb_convert_neon_slowst3
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extbgr_convert_neon_slowst3
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-
-#endif
-
-EXTERN(void) jsimd_ycc_rgb_convert_dspr2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extrgb_convert_dspr2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extrgbx_convert_dspr2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extbgr_convert_dspr2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extbgrx_convert_dspr2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extxbgr_convert_dspr2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extxrgb_convert_dspr2
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-
-EXTERN(void) jsimd_ycc_rgb_convert_mmi
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extrgb_convert_mmi
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extrgbx_convert_mmi
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extbgr_convert_mmi
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extbgrx_convert_mmi
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extxbgr_convert_mmi
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extxrgb_convert_mmi
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-
-EXTERN(void) jsimd_ycc_rgb_convert_altivec
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extrgb_convert_altivec
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extrgbx_convert_altivec
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extbgr_convert_altivec
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extbgrx_convert_altivec
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extxbgr_convert_altivec
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-EXTERN(void) jsimd_ycc_extxrgb_convert_altivec
-  (JDIMENSION out_width, JSAMPIMAGE input_buf, JDIMENSION input_row,
-   JSAMPARRAY output_buf, int num_rows);
-
-/* NULL Colorspace Conversion */
-EXTERN(void) jsimd_c_null_convert_dspr2
-  (JDIMENSION img_width, JSAMPARRAY input_buf, JSAMPIMAGE output_buf,
-   JDIMENSION output_row, int num_rows, int num_components);
-
-/* h2v1 Downsampling */
-EXTERN(void) jsimd_h2v1_downsample_mmx
-  (JDIMENSION image_width, int max_v_samp_factor, JDIMENSION v_samp_factor,
-   JDIMENSION width_in_blocks, JSAMPARRAY input_data, JSAMPARRAY output_data);
-
-EXTERN(void) jsimd_h2v1_downsample_sse2
-  (JDIMENSION image_width, int max_v_samp_factor, JDIMENSION v_samp_factor,
-   JDIMENSION width_in_blocks, JSAMPARRAY input_data, JSAMPARRAY output_data);
-
-EXTERN(void) jsimd_h2v1_downsample_avx2
-  (JDIMENSION image_width, int max_v_samp_factor, JDIMENSION v_samp_factor,
-   JDIMENSION width_in_blocks, JSAMPARRAY input_data, JSAMPARRAY output_data);
-
-EXTERN(void) jsimd_h2v1_downsample_neon
-  (JDIMENSION image_width, int max_v_samp_factor, JDIMENSION v_samp_factor,
-   JDIMENSION width_in_blocks, JSAMPARRAY input_data, JSAMPARRAY output_data);
-
-EXTERN(void) jsimd_h2v1_downsample_dspr2
-  (JDIMENSION image_width, int max_v_samp_factor, JDIMENSION v_samp_factor,
-   JDIMENSION width_in_blocks, JSAMPARRAY input_data, JSAMPARRAY output_data);
-
-EXTERN(void) jsimd_h2v1_downsample_altivec
-  (JDIMENSION image_width, int max_v_samp_factor, JDIMENSION v_samp_factor,
-   JDIMENSION width_in_blocks, JSAMPARRAY input_data, JSAMPARRAY output_data);
-
-/* h2v2 Downsampling */
-EXTERN(void) jsimd_h2v2_downsample_mmx
-  (JDIMENSION image_width, int max_v_samp_factor, JDIMENSION v_samp_factor,
-   JDIMENSION width_in_blocks, JSAMPARRAY input_data, JSAMPARRAY output_data);
-
-EXTERN(void) jsimd_h2v2_downsample_sse2
-  (JDIMENSION image_width, int max_v_samp_factor, JDIMENSION v_samp_factor,
-   JDIMENSION width_in_blocks, JSAMPARRAY input_data, JSAMPARRAY output_data);
-
-EXTERN(void) jsimd_h2v2_downsample_avx2
-  (JDIMENSION image_width, int max_v_samp_factor, JDIMENSION v_samp_factor,
-   JDIMENSION width_in_blocks, JSAMPARRAY input_data, JSAMPARRAY output_data);
-
-EXTERN(void) jsimd_h2v2_downsample_neon
-  (JDIMENSION image_width, int max_v_samp_factor, JDIMENSION v_samp_factor,
-   JDIMENSION width_in_blocks, JSAMPARRAY input_data, JSAMPARRAY output_data);
-
-EXTERN(void) jsimd_h2v2_downsample_dspr2
-  (JDIMENSION image_width, int max_v_samp_factor, JDIMENSION v_samp_factor,
-   JDIMENSION width_in_blocks, JSAMPARRAY input_data, JSAMPARRAY output_data);
-
-EXTERN(void) jsimd_h2v2_downsample_mmi
-  (JDIMENSION image_width, int max_v_samp_factor, JDIMENSION v_samp_factor,
-   JDIMENSION width_in_blocks, JSAMPARRAY input_data, JSAMPARRAY output_data);
-
-EXTERN(void) jsimd_h2v2_downsample_altivec
-  (JDIMENSION image_width, int max_v_samp_factor, JDIMENSION v_samp_factor,
-   JDIMENSION width_in_blocks, JSAMPARRAY input_data, JSAMPARRAY output_data);
-
-/* h2v2 Smooth Downsampling */
-EXTERN(void) jsimd_h2v2_smooth_downsample_dspr2
-  (JSAMPARRAY input_data, JSAMPARRAY output_data, JDIMENSION v_samp_factor,
-   int max_v_samp_factor, int smoothing_factor, JDIMENSION width_in_blocks,
-   JDIMENSION image_width);
-
-
-/* Upsampling */
-EXTERN(void) jsimd_h2v1_upsample_mmx
-  (int max_v_samp_factor, JDIMENSION output_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-EXTERN(void) jsimd_h2v2_upsample_mmx
-  (int max_v_samp_factor, JDIMENSION output_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-
-EXTERN(void) jsimd_h2v1_upsample_sse2
-  (int max_v_samp_factor, JDIMENSION output_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-EXTERN(void) jsimd_h2v2_upsample_sse2
-  (int max_v_samp_factor, JDIMENSION output_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-
-EXTERN(void) jsimd_h2v1_upsample_avx2
-  (int max_v_samp_factor, JDIMENSION output_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-EXTERN(void) jsimd_h2v2_upsample_avx2
-  (int max_v_samp_factor, JDIMENSION output_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-
-EXTERN(void) jsimd_h2v1_upsample_neon
-  (int max_v_samp_factor, JDIMENSION output_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-EXTERN(void) jsimd_h2v2_upsample_neon
-  (int max_v_samp_factor, JDIMENSION output_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-
-EXTERN(void) jsimd_h2v1_upsample_dspr2
-  (int max_v_samp_factor, JDIMENSION output_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-EXTERN(void) jsimd_h2v2_upsample_dspr2
-  (int max_v_samp_factor, JDIMENSION output_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-
-EXTERN(void) jsimd_int_upsample_dspr2
-  (UINT8 h_expand, UINT8 v_expand, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr, JDIMENSION output_width,
-   int max_v_samp_factor);
-
-EXTERN(void) jsimd_h2v1_upsample_altivec
-  (int max_v_samp_factor, JDIMENSION output_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-EXTERN(void) jsimd_h2v2_upsample_altivec
-  (int max_v_samp_factor, JDIMENSION output_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-
-/* Fancy Upsampling */
-EXTERN(void) jsimd_h2v1_fancy_upsample_mmx
-  (int max_v_samp_factor, JDIMENSION downsampled_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-EXTERN(void) jsimd_h2v2_fancy_upsample_mmx
-  (int max_v_samp_factor, JDIMENSION downsampled_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-
-extern const int jconst_fancy_upsample_sse2[];
-EXTERN(void) jsimd_h2v1_fancy_upsample_sse2
-  (int max_v_samp_factor, JDIMENSION downsampled_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-EXTERN(void) jsimd_h2v2_fancy_upsample_sse2
-  (int max_v_samp_factor, JDIMENSION downsampled_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-
-extern const int jconst_fancy_upsample_avx2[];
-EXTERN(void) jsimd_h2v1_fancy_upsample_avx2
-  (int max_v_samp_factor, JDIMENSION downsampled_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-EXTERN(void) jsimd_h2v2_fancy_upsample_avx2
-  (int max_v_samp_factor, JDIMENSION downsampled_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-
-EXTERN(void) jsimd_h2v1_fancy_upsample_neon
-  (int max_v_samp_factor, JDIMENSION downsampled_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-EXTERN(void) jsimd_h2v2_fancy_upsample_neon
-  (int max_v_samp_factor, JDIMENSION downsampled_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-EXTERN(void) jsimd_h1v2_fancy_upsample_neon
-  (int max_v_samp_factor, JDIMENSION downsampled_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-
-EXTERN(void) jsimd_h2v1_fancy_upsample_dspr2
-  (int max_v_samp_factor, JDIMENSION downsampled_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-EXTERN(void) jsimd_h2v2_fancy_upsample_dspr2
-  (int max_v_samp_factor, JDIMENSION downsampled_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-
-EXTERN(void) jsimd_h2v1_fancy_upsample_mmi
-  (int max_v_samp_factor, JDIMENSION downsampled_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-EXTERN(void) jsimd_h2v2_fancy_upsample_mmi
-  (int max_v_samp_factor, JDIMENSION downsampled_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-
-EXTERN(void) jsimd_h2v1_fancy_upsample_altivec
-  (int max_v_samp_factor, JDIMENSION downsampled_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-EXTERN(void) jsimd_h2v2_fancy_upsample_altivec
-  (int max_v_samp_factor, JDIMENSION downsampled_width, JSAMPARRAY input_data,
-   JSAMPARRAY *output_data_ptr);
-
-/* Merged Upsampling */
-EXTERN(void) jsimd_h2v1_merged_upsample_mmx
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extrgb_merged_upsample_mmx
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extrgbx_merged_upsample_mmx
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extbgr_merged_upsample_mmx
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extbgrx_merged_upsample_mmx
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extxbgr_merged_upsample_mmx
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extxrgb_merged_upsample_mmx
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-
-EXTERN(void) jsimd_h2v2_merged_upsample_mmx
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extrgb_merged_upsample_mmx
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extrgbx_merged_upsample_mmx
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extbgr_merged_upsample_mmx
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extbgrx_merged_upsample_mmx
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extxbgr_merged_upsample_mmx
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extxrgb_merged_upsample_mmx
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-
-extern const int jconst_merged_upsample_sse2[];
-EXTERN(void) jsimd_h2v1_merged_upsample_sse2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extrgb_merged_upsample_sse2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extrgbx_merged_upsample_sse2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extbgr_merged_upsample_sse2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extbgrx_merged_upsample_sse2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extxbgr_merged_upsample_sse2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extxrgb_merged_upsample_sse2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-
-EXTERN(void) jsimd_h2v2_merged_upsample_sse2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extrgb_merged_upsample_sse2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extrgbx_merged_upsample_sse2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extbgr_merged_upsample_sse2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extbgrx_merged_upsample_sse2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extxbgr_merged_upsample_sse2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extxrgb_merged_upsample_sse2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-
-extern const int jconst_merged_upsample_avx2[];
-EXTERN(void) jsimd_h2v1_merged_upsample_avx2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extrgb_merged_upsample_avx2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extrgbx_merged_upsample_avx2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extbgr_merged_upsample_avx2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extbgrx_merged_upsample_avx2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extxbgr_merged_upsample_avx2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extxrgb_merged_upsample_avx2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-
-EXTERN(void) jsimd_h2v2_merged_upsample_avx2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extrgb_merged_upsample_avx2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extrgbx_merged_upsample_avx2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extbgr_merged_upsample_avx2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extbgrx_merged_upsample_avx2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extxbgr_merged_upsample_avx2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extxrgb_merged_upsample_avx2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-
-EXTERN(void) jsimd_h2v1_merged_upsample_neon
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extrgb_merged_upsample_neon
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extrgbx_merged_upsample_neon
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extbgr_merged_upsample_neon
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extbgrx_merged_upsample_neon
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extxbgr_merged_upsample_neon
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extxrgb_merged_upsample_neon
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-
-EXTERN(void) jsimd_h2v2_merged_upsample_neon
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extrgb_merged_upsample_neon
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extrgbx_merged_upsample_neon
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extbgr_merged_upsample_neon
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extbgrx_merged_upsample_neon
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extxbgr_merged_upsample_neon
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extxrgb_merged_upsample_neon
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-
-EXTERN(void) jsimd_h2v1_merged_upsample_dspr2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf, JSAMPLE *range);
-EXTERN(void) jsimd_h2v1_extrgb_merged_upsample_dspr2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf, JSAMPLE *range);
-EXTERN(void) jsimd_h2v1_extrgbx_merged_upsample_dspr2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf, JSAMPLE *range);
-EXTERN(void) jsimd_h2v1_extbgr_merged_upsample_dspr2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf, JSAMPLE *range);
-EXTERN(void) jsimd_h2v1_extbgrx_merged_upsample_dspr2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf, JSAMPLE *range);
-EXTERN(void) jsimd_h2v1_extxbgr_merged_upsample_dspr2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf, JSAMPLE *range);
-EXTERN(void) jsimd_h2v1_extxrgb_merged_upsample_dspr2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf, JSAMPLE *range);
-
-EXTERN(void) jsimd_h2v2_merged_upsample_dspr2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf, JSAMPLE *range);
-EXTERN(void) jsimd_h2v2_extrgb_merged_upsample_dspr2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf, JSAMPLE *range);
-EXTERN(void) jsimd_h2v2_extrgbx_merged_upsample_dspr2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf, JSAMPLE *range);
-EXTERN(void) jsimd_h2v2_extbgr_merged_upsample_dspr2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf, JSAMPLE *range);
-EXTERN(void) jsimd_h2v2_extbgrx_merged_upsample_dspr2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf, JSAMPLE *range);
-EXTERN(void) jsimd_h2v2_extxbgr_merged_upsample_dspr2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf, JSAMPLE *range);
-EXTERN(void) jsimd_h2v2_extxrgb_merged_upsample_dspr2
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf, JSAMPLE *range);
-
-EXTERN(void) jsimd_h2v1_merged_upsample_mmi
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extrgb_merged_upsample_mmi
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extrgbx_merged_upsample_mmi
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extbgr_merged_upsample_mmi
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extbgrx_merged_upsample_mmi
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extxbgr_merged_upsample_mmi
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extxrgb_merged_upsample_mmi
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-
-EXTERN(void) jsimd_h2v2_merged_upsample_mmi
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extrgb_merged_upsample_mmi
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extrgbx_merged_upsample_mmi
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extbgr_merged_upsample_mmi
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extbgrx_merged_upsample_mmi
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extxbgr_merged_upsample_mmi
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extxrgb_merged_upsample_mmi
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-
-EXTERN(void) jsimd_h2v1_merged_upsample_altivec
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extrgb_merged_upsample_altivec
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extrgbx_merged_upsample_altivec
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extbgr_merged_upsample_altivec
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extbgrx_merged_upsample_altivec
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extxbgr_merged_upsample_altivec
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v1_extxrgb_merged_upsample_altivec
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-
-EXTERN(void) jsimd_h2v2_merged_upsample_altivec
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extrgb_merged_upsample_altivec
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extrgbx_merged_upsample_altivec
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extbgr_merged_upsample_altivec
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extbgrx_merged_upsample_altivec
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extxbgr_merged_upsample_altivec
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-EXTERN(void) jsimd_h2v2_extxrgb_merged_upsample_altivec
-  (JDIMENSION output_width, JSAMPIMAGE input_buf, JDIMENSION in_row_group_ctr,
-   JSAMPARRAY output_buf);
-
-/* Sample Conversion */
-EXTERN(void) jsimd_convsamp_mmx
-  (JSAMPARRAY sample_data, JDIMENSION start_col, DCTELEM *workspace);
-
-EXTERN(void) jsimd_convsamp_sse2
-  (JSAMPARRAY sample_data, JDIMENSION start_col, DCTELEM *workspace);
-
-EXTERN(void) jsimd_convsamp_avx2
-  (JSAMPARRAY sample_data, JDIMENSION start_col, DCTELEM *workspace);
-
-EXTERN(void) jsimd_convsamp_neon
-  (JSAMPARRAY sample_data, JDIMENSION start_col, DCTELEM *workspace);
-
-EXTERN(void) jsimd_convsamp_dspr2
-  (JSAMPARRAY sample_data, JDIMENSION start_col, DCTELEM *workspace);
-
-EXTERN(void) jsimd_convsamp_altivec
-  (JSAMPARRAY sample_data, JDIMENSION start_col, DCTELEM *workspace);
-
-/* Floating Point Sample Conversion */
-EXTERN(void) jsimd_convsamp_float_3dnow
-  (JSAMPARRAY sample_data, JDIMENSION start_col, FAST_FLOAT *workspace);
-
-EXTERN(void) jsimd_convsamp_float_sse
-  (JSAMPARRAY sample_data, JDIMENSION start_col, FAST_FLOAT *workspace);
-
-EXTERN(void) jsimd_convsamp_float_sse2
-  (JSAMPARRAY sample_data, JDIMENSION start_col, FAST_FLOAT *workspace);
-
-EXTERN(void) jsimd_convsamp_float_dspr2
-  (JSAMPARRAY sample_data, JDIMENSION start_col, FAST_FLOAT *workspace);
-
-/* Accurate Integer Forward DCT */
-EXTERN(void) jsimd_fdct_islow_mmx(DCTELEM *data);
-
-extern const int jconst_fdct_islow_sse2[];
-EXTERN(void) jsimd_fdct_islow_sse2(DCTELEM *data);
-
-extern const int jconst_fdct_islow_avx2[];
-EXTERN(void) jsimd_fdct_islow_avx2(DCTELEM *data);
-
-EXTERN(void) jsimd_fdct_islow_neon(DCTELEM *data);
-
-EXTERN(void) jsimd_fdct_islow_dspr2(DCTELEM *data);
-
-EXTERN(void) jsimd_fdct_islow_mmi(DCTELEM *data);
-
-EXTERN(void) jsimd_fdct_islow_altivec(DCTELEM *data);
-
-/* Fast Integer Forward DCT */
-EXTERN(void) jsimd_fdct_ifast_mmx(DCTELEM *data);
-
-extern const int jconst_fdct_ifast_sse2[];
-EXTERN(void) jsimd_fdct_ifast_sse2(DCTELEM *data);
-
-EXTERN(void) jsimd_fdct_ifast_neon(DCTELEM *data);
-
-EXTERN(void) jsimd_fdct_ifast_dspr2(DCTELEM *data);
-
-EXTERN(void) jsimd_fdct_ifast_mmi(DCTELEM *data);
-
-EXTERN(void) jsimd_fdct_ifast_altivec(DCTELEM *data);
-
-/* Floating Point Forward DCT */
-EXTERN(void) jsimd_fdct_float_3dnow(FAST_FLOAT *data);
-
-extern const int jconst_fdct_float_sse[];
-EXTERN(void) jsimd_fdct_float_sse(FAST_FLOAT *data);
-
-/* Quantization */
-EXTERN(void) jsimd_quantize_mmx
-  (JCOEFPTR coef_block, DCTELEM *divisors, DCTELEM *workspace);
-
-EXTERN(void) jsimd_quantize_sse2
-  (JCOEFPTR coef_block, DCTELEM *divisors, DCTELEM *workspace);
-
-EXTERN(void) jsimd_quantize_avx2
-  (JCOEFPTR coef_block, DCTELEM *divisors, DCTELEM *workspace);
-
-EXTERN(void) jsimd_quantize_neon
-  (JCOEFPTR coef_block, DCTELEM *divisors, DCTELEM *workspace);
-
-EXTERN(void) jsimd_quantize_dspr2
-  (JCOEFPTR coef_block, DCTELEM *divisors, DCTELEM *workspace);
-
-EXTERN(void) jsimd_quantize_mmi
-  (JCOEFPTR coef_block, DCTELEM *divisors, DCTELEM *workspace);
-
-EXTERN(void) jsimd_quantize_altivec
-  (JCOEFPTR coef_block, DCTELEM *divisors, DCTELEM *workspace);
-
-/* Floating Point Quantization */
-EXTERN(void) jsimd_quantize_float_3dnow
-  (JCOEFPTR coef_block, FAST_FLOAT *divisors, FAST_FLOAT *workspace);
-
-EXTERN(void) jsimd_quantize_float_sse
-  (JCOEFPTR coef_block, FAST_FLOAT *divisors, FAST_FLOAT *workspace);
-
-EXTERN(void) jsimd_quantize_float_sse2
-  (JCOEFPTR coef_block, FAST_FLOAT *divisors, FAST_FLOAT *workspace);
-
-EXTERN(void) jsimd_quantize_float_dspr2
-  (JCOEFPTR coef_block, FAST_FLOAT *divisors, FAST_FLOAT *workspace);
-
-/* Scaled Inverse DCT */
-EXTERN(void) jsimd_idct_2x2_mmx
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-EXTERN(void) jsimd_idct_4x4_mmx
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-
-extern const int jconst_idct_red_sse2[];
-EXTERN(void) jsimd_idct_2x2_sse2
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-EXTERN(void) jsimd_idct_4x4_sse2
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-
-EXTERN(void) jsimd_idct_2x2_neon
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-EXTERN(void) jsimd_idct_4x4_neon
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-
-EXTERN(void) jsimd_idct_2x2_dspr2
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-EXTERN(void) jsimd_idct_4x4_dspr2
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col, int *workspace);
-EXTERN(void) jsimd_idct_6x6_dspr2
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-EXTERN(void) jsimd_idct_12x12_pass1_dspr2
-  (JCOEFPTR coef_block, void *dct_table, int *workspace);
-EXTERN(void) jsimd_idct_12x12_pass2_dspr2
-  (int *workspace, int *output);
-
-/* Accurate Integer Inverse DCT */
-EXTERN(void) jsimd_idct_islow_mmx
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-
-extern const int jconst_idct_islow_sse2[];
-EXTERN(void) jsimd_idct_islow_sse2
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-
-extern const int jconst_idct_islow_avx2[];
-EXTERN(void) jsimd_idct_islow_avx2
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-
-EXTERN(void) jsimd_idct_islow_neon
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-
-EXTERN(void) jsimd_idct_islow_dspr2
-  (void *dct_table, JCOEFPTR coef_block, int *output_buf, JSAMPLE *output_col);
-
-EXTERN(void) jsimd_idct_islow_mmi
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-
-EXTERN(void) jsimd_idct_islow_altivec
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-
-/* Fast Integer Inverse DCT */
-EXTERN(void) jsimd_idct_ifast_mmx
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-
-extern const int jconst_idct_ifast_sse2[];
-EXTERN(void) jsimd_idct_ifast_sse2
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-
-EXTERN(void) jsimd_idct_ifast_neon
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-
-EXTERN(void) jsimd_idct_ifast_cols_dspr2
-  (JCOEF *inptr, IFAST_MULT_TYPE *quantptr, DCTELEM *wsptr,
-   const int *idct_coefs);
-EXTERN(void) jsimd_idct_ifast_rows_dspr2
-  (DCTELEM *wsptr, JSAMPARRAY output_buf, JDIMENSION output_col,
-   const int *idct_coefs);
-
-EXTERN(void) jsimd_idct_ifast_mmi
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-
-EXTERN(void) jsimd_idct_ifast_altivec
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-
-/* Floating Point Inverse DCT */
-EXTERN(void) jsimd_idct_float_3dnow
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-
-extern const int jconst_idct_float_sse[];
-EXTERN(void) jsimd_idct_float_sse
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-
-extern const int jconst_idct_float_sse2[];
-EXTERN(void) jsimd_idct_float_sse2
-  (void *dct_table, JCOEFPTR coef_block, JSAMPARRAY output_buf,
-   JDIMENSION output_col);
-
-/* Huffman coding */
-extern const int jconst_huff_encode_one_block[];
-EXTERN(JOCTET *) jsimd_huff_encode_one_block_sse2
-  (void *state, JOCTET *buffer, JCOEFPTR block, int last_dc_val,
-   c_derived_tbl *dctbl, c_derived_tbl *actbl);
-
-EXTERN(JOCTET *) jsimd_huff_encode_one_block_neon
-  (void *state, JOCTET *buffer, JCOEFPTR block, int last_dc_val,
-   c_derived_tbl *dctbl, c_derived_tbl *actbl);
-
-#ifndef NEON_INTRINSICS
-
-EXTERN(JOCTET *) jsimd_huff_encode_one_block_neon_slowtbl
-  (void *state, JOCTET *buffer, JCOEFPTR block, int last_dc_val,
-   c_derived_tbl *dctbl, c_derived_tbl *actbl);
-
-#endif
-
-/* Progressive Huffman encoding */
-EXTERN(void) jsimd_encode_mcu_AC_first_prepare_sse2
-  (const JCOEF *block, const int *jpeg_natural_order_start, int Sl, int Al,
-   JCOEF *values, size_t *zerobits);
-
-EXTERN(void) jsimd_encode_mcu_AC_first_prepare_neon
-  (const JCOEF *block, const int *jpeg_natural_order_start, int Sl, int Al,
-   JCOEF *values, size_t *zerobits);
-
-EXTERN(int) jsimd_encode_mcu_AC_refine_prepare_sse2
-  (const JCOEF *block, const int *jpeg_natural_order_start, int Sl, int Al,
-   JCOEF *absvalues, size_t *bits);
-
-EXTERN(int) jsimd_encode_mcu_AC_refine_prepare_neon
-  (const JCOEF *block, const int *jpeg_natural_order_start, int Sl, int Al,
-   JCOEF *absvalues, size_t *bits);
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips/jsimd.c b/3rdparty/libjpeg-turbo_2_1_0/simd/mips/jsimd.c
deleted file mode 100644
index d2546ee..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips/jsimd.c
+++ /dev/null
@@ -1,1147 +0,0 @@
-/*
- * jsimd_mips.c
- *
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2009-2011, 2014, 2016, 2018, 2020, D. R. Commander.
- * Copyright (C) 2013-2014, MIPS Technologies, Inc., California.
- * Copyright (C) 2015-2016, 2018, Matthieu Darbois.
- *
- * Based on the x86 SIMD extension for IJG JPEG library,
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- * For conditions of distribution and use, see copyright notice in jsimdext.inc
- *
- * This file contains the interface between the "normal" portions
- * of the library and the SIMD implementations when running on a
- * MIPS architecture.
- */
-
-#define JPEG_INTERNALS
-#include "../../jinclude.h"
-#include "../../jpeglib.h"
-#include "../../jsimd.h"
-#include "../../jdct.h"
-#include "../../jsimddct.h"
-#include "../jsimd.h"
-
-#include <stdio.h>
-#include <string.h>
-#include <ctype.h>
-
-static unsigned int simd_support = ~0;
-
-#if !(defined(__mips_dsp) && (__mips_dsp_rev >= 2)) && defined(__linux__)
-
-LOCAL(void)
-parse_proc_cpuinfo(const char *search_string)
-{
-  const char *file_name = "/proc/cpuinfo";
-  char cpuinfo_line[256];
-  FILE *f = NULL;
-
-  simd_support = 0;
-
-  if ((f = fopen(file_name, "r")) != NULL) {
-    while (fgets(cpuinfo_line, sizeof(cpuinfo_line), f) != NULL) {
-      if (strstr(cpuinfo_line, search_string) != NULL) {
-        fclose(f);
-        simd_support |= JSIMD_DSPR2;
-        return;
-      }
-    }
-    fclose(f);
-  }
-  /* Did not find string in the proc file, or not Linux ELF. */
-}
-
-#endif
-
-/*
- * Check what SIMD accelerations are supported.
- *
- * FIXME: This code is racy under a multi-threaded environment.
- */
-LOCAL(void)
-init_simd(void)
-{
-#ifndef NO_GETENV
-  char *env = NULL;
-#endif
-
-  if (simd_support != ~0U)
-    return;
-
-  simd_support = 0;
-
-#if defined(__mips_dsp) && (__mips_dsp_rev >= 2)
-  simd_support |= JSIMD_DSPR2;
-#elif defined(__linux__)
-  /* We still have a chance to use MIPS DSPR2 regardless of globally used
-   * -mdspr2 options passed to gcc by performing runtime detection via
-   * /proc/cpuinfo parsing on linux */
-  parse_proc_cpuinfo("MIPS 74K");
-#endif
-
-#ifndef NO_GETENV
-  /* Force different settings through environment variables */
-  env = getenv("JSIMD_FORCEDSPR2");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_support = JSIMD_DSPR2;
-  env = getenv("JSIMD_FORCENONE");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_support = 0;
-#endif
-}
-
-static const int mips_idct_ifast_coefs[4] = {
-  0x45404540,           /* FIX( 1.082392200 / 2) =  17734 = 0x4546 */
-  0x5A805A80,           /* FIX( 1.414213562 / 2) =  23170 = 0x5A82 */
-  0x76407640,           /* FIX( 1.847759065 / 2) =  30274 = 0x7642 */
-  0xAC60AC60            /* FIX(-2.613125930 / 4) = -21407 = 0xAC61 */
-};
-
-/* The following struct is borrowed from jdsample.c */
-typedef void (*upsample1_ptr) (j_decompress_ptr cinfo,
-                               jpeg_component_info *compptr,
-                               JSAMPARRAY input_data,
-                               JSAMPARRAY *output_data_ptr);
-typedef struct {
-  struct jpeg_upsampler pub;
-  JSAMPARRAY color_buf[MAX_COMPONENTS];
-  upsample1_ptr methods[MAX_COMPONENTS];
-  int next_row_out;
-  JDIMENSION rows_to_go;
-  int rowgroup_height[MAX_COMPONENTS];
-  UINT8 h_expand[MAX_COMPONENTS];
-  UINT8 v_expand[MAX_COMPONENTS];
-} my_upsampler;
-
-typedef my_upsampler *my_upsample_ptr;
-
-GLOBAL(int)
-jsimd_can_rgb_ycc(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_rgb_gray(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_ycc_rgb(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_ycc_rgb565(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_c_can_null_convert(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_rgb_ycc_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                      JSAMPIMAGE output_buf, JDIMENSION output_row,
-                      int num_rows)
-{
-  void (*dspr2fct) (JDIMENSION, JSAMPARRAY, JSAMPIMAGE, JDIMENSION, int);
-
-  switch (cinfo->in_color_space) {
-  case JCS_EXT_RGB:
-    dspr2fct = jsimd_extrgb_ycc_convert_dspr2;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    dspr2fct = jsimd_extrgbx_ycc_convert_dspr2;
-    break;
-  case JCS_EXT_BGR:
-    dspr2fct = jsimd_extbgr_ycc_convert_dspr2;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    dspr2fct = jsimd_extbgrx_ycc_convert_dspr2;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    dspr2fct = jsimd_extxbgr_ycc_convert_dspr2;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    dspr2fct = jsimd_extxrgb_ycc_convert_dspr2;
-    break;
-  default:
-    dspr2fct = jsimd_extrgb_ycc_convert_dspr2;
-    break;
-  }
-
-  dspr2fct(cinfo->image_width, input_buf, output_buf, output_row, num_rows);
-}
-
-GLOBAL(void)
-jsimd_rgb_gray_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                       JSAMPIMAGE output_buf, JDIMENSION output_row,
-                       int num_rows)
-{
-  void (*dspr2fct) (JDIMENSION, JSAMPARRAY, JSAMPIMAGE, JDIMENSION, int);
-
-  switch (cinfo->in_color_space) {
-  case JCS_EXT_RGB:
-    dspr2fct = jsimd_extrgb_gray_convert_dspr2;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    dspr2fct = jsimd_extrgbx_gray_convert_dspr2;
-    break;
-  case JCS_EXT_BGR:
-    dspr2fct = jsimd_extbgr_gray_convert_dspr2;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    dspr2fct = jsimd_extbgrx_gray_convert_dspr2;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    dspr2fct = jsimd_extxbgr_gray_convert_dspr2;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    dspr2fct = jsimd_extxrgb_gray_convert_dspr2;
-    break;
-  default:
-    dspr2fct = jsimd_extrgb_gray_convert_dspr2;
-    break;
-  }
-
-  dspr2fct(cinfo->image_width, input_buf, output_buf, output_row, num_rows);
-}
-
-GLOBAL(void)
-jsimd_ycc_rgb_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                      JDIMENSION input_row, JSAMPARRAY output_buf,
-                      int num_rows)
-{
-  void (*dspr2fct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY, int);
-
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    dspr2fct = jsimd_ycc_extrgb_convert_dspr2;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    dspr2fct = jsimd_ycc_extrgbx_convert_dspr2;
-    break;
-  case JCS_EXT_BGR:
-    dspr2fct = jsimd_ycc_extbgr_convert_dspr2;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    dspr2fct = jsimd_ycc_extbgrx_convert_dspr2;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    dspr2fct = jsimd_ycc_extxbgr_convert_dspr2;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    dspr2fct = jsimd_ycc_extxrgb_convert_dspr2;
-    break;
-  default:
-    dspr2fct = jsimd_ycc_extrgb_convert_dspr2;
-    break;
-  }
-
-  dspr2fct(cinfo->output_width, input_buf, input_row, output_buf, num_rows);
-}
-
-GLOBAL(void)
-jsimd_ycc_rgb565_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                         JDIMENSION input_row, JSAMPARRAY output_buf,
-                         int num_rows)
-{
-}
-
-GLOBAL(void)
-jsimd_c_null_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                     JSAMPIMAGE output_buf, JDIMENSION output_row,
-                     int num_rows)
-{
-  jsimd_c_null_convert_dspr2(cinfo->image_width, input_buf, output_buf,
-                             output_row, num_rows, cinfo->num_components);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_downsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  /* FIXME: jsimd_h2v2_downsample_dspr2() fails some of the TJBench tiling
-   * regression tests, probably because the DSPr2 SIMD implementation predates
-   * those tests. */
-#if 0
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-#endif
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_smooth_downsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (DCTSIZE != 8)
-    return 0;
-
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_downsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  /* FIXME: jsimd_h2v1_downsample_dspr2() fails some of the TJBench tiling
-   * regression tests, probably because the DSPr2 SIMD implementation predates
-   * those tests. */
-#if 0
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-#endif
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                      JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  jsimd_h2v2_downsample_dspr2(cinfo->image_width, cinfo->max_v_samp_factor,
-                              compptr->v_samp_factor, compptr->width_in_blocks,
-                              input_data, output_data);
-}
-
-GLOBAL(void)
-jsimd_h2v2_smooth_downsample(j_compress_ptr cinfo,
-                             jpeg_component_info *compptr,
-                             JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  jsimd_h2v2_smooth_downsample_dspr2(input_data, output_data,
-                                     compptr->v_samp_factor,
-                                     cinfo->max_v_samp_factor,
-                                     cinfo->smoothing_factor,
-                                     compptr->width_in_blocks,
-                                     cinfo->image_width);
-}
-
-GLOBAL(void)
-jsimd_h2v1_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                      JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  jsimd_h2v1_downsample_dspr2(cinfo->image_width, cinfo->max_v_samp_factor,
-                              compptr->v_samp_factor, compptr->width_in_blocks,
-                              input_data, output_data);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-#if defined(__MIPSEL__)
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-#endif
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_int_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                    JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  jsimd_h2v2_upsample_dspr2(cinfo->max_v_samp_factor, cinfo->output_width,
-                            input_data, output_data_ptr);
-}
-
-GLOBAL(void)
-jsimd_h2v1_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                    JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  jsimd_h2v1_upsample_dspr2(cinfo->max_v_samp_factor, cinfo->output_width,
-                            input_data, output_data_ptr);
-}
-
-GLOBAL(void)
-jsimd_int_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                   JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  my_upsample_ptr upsample = (my_upsample_ptr)cinfo->upsample;
-
-  jsimd_int_upsample_dspr2(upsample->h_expand[compptr->component_index],
-                           upsample->v_expand[compptr->component_index],
-                           input_data, output_data_ptr, cinfo->output_width,
-                           cinfo->max_v_samp_factor);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_fancy_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-#if defined(__MIPSEL__)
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-#endif
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_fancy_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-#if defined(__MIPSEL__)
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-#endif
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  jsimd_h2v2_fancy_upsample_dspr2(cinfo->max_v_samp_factor,
-                                  compptr->downsampled_width, input_data,
-                                  output_data_ptr);
-}
-
-GLOBAL(void)
-jsimd_h2v1_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  jsimd_h2v1_fancy_upsample_dspr2(cinfo->max_v_samp_factor,
-                                  compptr->downsampled_width, input_data,
-                                  output_data_ptr);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_merged_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_merged_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_merged_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                           JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-  void (*dspr2fct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY, JSAMPLE *);
-
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    dspr2fct = jsimd_h2v2_extrgb_merged_upsample_dspr2;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    dspr2fct = jsimd_h2v2_extrgbx_merged_upsample_dspr2;
-    break;
-  case JCS_EXT_BGR:
-    dspr2fct = jsimd_h2v2_extbgr_merged_upsample_dspr2;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    dspr2fct = jsimd_h2v2_extbgrx_merged_upsample_dspr2;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    dspr2fct = jsimd_h2v2_extxbgr_merged_upsample_dspr2;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    dspr2fct = jsimd_h2v2_extxrgb_merged_upsample_dspr2;
-    break;
-  default:
-    dspr2fct = jsimd_h2v2_extrgb_merged_upsample_dspr2;
-    break;
-  }
-
-  dspr2fct(cinfo->output_width, input_buf, in_row_group_ctr, output_buf,
-           cinfo->sample_range_limit);
-}
-
-GLOBAL(void)
-jsimd_h2v1_merged_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                           JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-  void (*dspr2fct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY, JSAMPLE *);
-
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    dspr2fct = jsimd_h2v1_extrgb_merged_upsample_dspr2;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    dspr2fct = jsimd_h2v1_extrgbx_merged_upsample_dspr2;
-    break;
-  case JCS_EXT_BGR:
-    dspr2fct = jsimd_h2v1_extbgr_merged_upsample_dspr2;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    dspr2fct = jsimd_h2v1_extbgrx_merged_upsample_dspr2;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    dspr2fct = jsimd_h2v1_extxbgr_merged_upsample_dspr2;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    dspr2fct = jsimd_h2v1_extxrgb_merged_upsample_dspr2;
-    break;
-  default:
-    dspr2fct = jsimd_h2v1_extrgb_merged_upsample_dspr2;
-    break;
-  }
-
-  dspr2fct(cinfo->output_width, input_buf, in_row_group_ctr, output_buf,
-           cinfo->sample_range_limit);
-}
-
-GLOBAL(int)
-jsimd_can_convsamp(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-#if defined(__MIPSEL__)
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-#endif
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_convsamp_float(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(ISLOW_MULT_TYPE) != 2)
-    return 0;
-
-#ifndef __mips_soft_float
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-#endif
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_convsamp(JSAMPARRAY sample_data, JDIMENSION start_col,
-               DCTELEM *workspace)
-{
-  jsimd_convsamp_dspr2(sample_data, start_col, workspace);
-}
-
-GLOBAL(void)
-jsimd_convsamp_float(JSAMPARRAY sample_data, JDIMENSION start_col,
-                     FAST_FLOAT *workspace)
-{
-#ifndef __mips_soft_float
-  jsimd_convsamp_float_dspr2(sample_data, start_col, workspace);
-#endif
-}
-
-GLOBAL(int)
-jsimd_can_fdct_islow(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-#if defined(__MIPSEL__)
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-#endif
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_fdct_ifast(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-#if defined(__MIPSEL__)
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-#endif
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_fdct_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_fdct_islow(DCTELEM *data)
-{
-  jsimd_fdct_islow_dspr2(data);
-}
-
-GLOBAL(void)
-jsimd_fdct_ifast(DCTELEM *data)
-{
-  jsimd_fdct_ifast_dspr2(data);
-}
-
-GLOBAL(void)
-jsimd_fdct_float(FAST_FLOAT *data)
-{
-}
-
-GLOBAL(int)
-jsimd_can_quantize(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_quantize_float(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(ISLOW_MULT_TYPE) != 2)
-    return 0;
-
-#ifndef __mips_soft_float
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-#endif
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_quantize(JCOEFPTR coef_block, DCTELEM *divisors, DCTELEM *workspace)
-{
-  jsimd_quantize_dspr2(coef_block, divisors, workspace);
-}
-
-GLOBAL(void)
-jsimd_quantize_float(JCOEFPTR coef_block, FAST_FLOAT *divisors,
-                     FAST_FLOAT *workspace)
-{
-#ifndef __mips_soft_float
-  jsimd_quantize_float_dspr2(coef_block, divisors, workspace);
-#endif
-}
-
-GLOBAL(int)
-jsimd_can_idct_2x2(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(ISLOW_MULT_TYPE) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_4x4(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(ISLOW_MULT_TYPE) != 2)
-    return 0;
-
-#if defined(__MIPSEL__)
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-#endif
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_6x6(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(ISLOW_MULT_TYPE) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_12x12(void)
-{
-  init_simd();
-
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(ISLOW_MULT_TYPE) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_idct_2x2(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-               JCOEFPTR coef_block, JSAMPARRAY output_buf,
-               JDIMENSION output_col)
-{
-  jsimd_idct_2x2_dspr2(compptr->dct_table, coef_block, output_buf, output_col);
-}
-
-GLOBAL(void)
-jsimd_idct_4x4(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-               JCOEFPTR coef_block, JSAMPARRAY output_buf,
-               JDIMENSION output_col)
-{
-  int workspace[DCTSIZE * 4]; /* buffers data between passes */
-
-  jsimd_idct_4x4_dspr2(compptr->dct_table, coef_block, output_buf, output_col,
-                       workspace);
-}
-
-GLOBAL(void)
-jsimd_idct_6x6(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-               JCOEFPTR coef_block, JSAMPARRAY output_buf,
-               JDIMENSION output_col)
-{
-  jsimd_idct_6x6_dspr2(compptr->dct_table, coef_block, output_buf, output_col);
-}
-
-GLOBAL(void)
-jsimd_idct_12x12(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-  int workspace[96];
-  int output[12] = {
-    (int)(output_buf[0] + output_col),
-    (int)(output_buf[1] + output_col),
-    (int)(output_buf[2] + output_col),
-    (int)(output_buf[3] + output_col),
-    (int)(output_buf[4] + output_col),
-    (int)(output_buf[5] + output_col),
-    (int)(output_buf[6] + output_col),
-    (int)(output_buf[7] + output_col),
-    (int)(output_buf[8] + output_col),
-    (int)(output_buf[9] + output_col),
-    (int)(output_buf[10] + output_col),
-    (int)(output_buf[11] + output_col)
-  };
-
-  jsimd_idct_12x12_pass1_dspr2(coef_block, compptr->dct_table, workspace);
-  jsimd_idct_12x12_pass2_dspr2(workspace, output);
-}
-
-GLOBAL(int)
-jsimd_can_idct_islow(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(ISLOW_MULT_TYPE) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_ifast(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(IFAST_MULT_TYPE) != 2)
-    return 0;
-  if (IFAST_SCALE_BITS != 2)
-    return 0;
-
-#if defined(__MIPSEL__)
-  if (simd_support & JSIMD_DSPR2)
-    return 1;
-#endif
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_idct_islow(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-  int output[8] = {
-    (int)(output_buf[0] + output_col),
-    (int)(output_buf[1] + output_col),
-    (int)(output_buf[2] + output_col),
-    (int)(output_buf[3] + output_col),
-    (int)(output_buf[4] + output_col),
-    (int)(output_buf[5] + output_col),
-    (int)(output_buf[6] + output_col),
-    (int)(output_buf[7] + output_col)
-  };
-
-  jsimd_idct_islow_dspr2(coef_block, compptr->dct_table, output,
-                         IDCT_range_limit(cinfo));
-}
-
-GLOBAL(void)
-jsimd_idct_ifast(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-  JCOEFPTR inptr;
-  IFAST_MULT_TYPE *quantptr;
-  DCTELEM workspace[DCTSIZE2];  /* buffers data between passes */
-
-  /* Pass 1: process columns from input, store into work array. */
-
-  inptr = coef_block;
-  quantptr = (IFAST_MULT_TYPE *)compptr->dct_table;
-
-  jsimd_idct_ifast_cols_dspr2(inptr, quantptr, workspace,
-                              mips_idct_ifast_coefs);
-
-  /* Pass 2: process rows from work array, store into output array. */
-  /* Note that we must descale the results by a factor of 8 == 2**3, */
-  /* and also undo the PASS1_BITS scaling. */
-
-  jsimd_idct_ifast_rows_dspr2(workspace, output_buf, output_col,
-                              mips_idct_ifast_coefs);
-}
-
-GLOBAL(void)
-jsimd_idct_float(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-}
-
-GLOBAL(int)
-jsimd_can_huff_encode_one_block(void)
-{
-  return 0;
-}
-
-GLOBAL(JOCTET *)
-jsimd_huff_encode_one_block(void *state, JOCTET *buffer, JCOEFPTR block,
-                            int last_dc_val, c_derived_tbl *dctbl,
-                            c_derived_tbl *actbl)
-{
-  return NULL;
-}
-
-GLOBAL(int)
-jsimd_can_encode_mcu_AC_first_prepare(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_encode_mcu_AC_first_prepare(const JCOEF *block,
-                                  const int *jpeg_natural_order_start, int Sl,
-                                  int Al, JCOEF *values, size_t *zerobits)
-{
-}
-
-GLOBAL(int)
-jsimd_can_encode_mcu_AC_refine_prepare(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_encode_mcu_AC_refine_prepare(const JCOEF *block,
-                                   const int *jpeg_natural_order_start, int Sl,
-                                   int Al, JCOEF *absvalues, size_t *bits)
-{
-  return 0;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips/jsimd_dspr2.S b/3rdparty/libjpeg-turbo_2_1_0/simd/mips/jsimd_dspr2.S
deleted file mode 100644
index c99288a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips/jsimd_dspr2.S
+++ /dev/null
@@ -1,4543 +0,0 @@
-/*
- * MIPS DSPr2 optimizations for libjpeg-turbo
- *
- * Copyright (C) 2013-2014, MIPS Technologies, Inc., California.
- *                          All Rights Reserved.
- * Authors:  Teodora Novkovic <teodora.novkovic@imgtec.com>
- *           Darko Laus       <darko.laus@imgtec.com>
- * Copyright (C) 2015, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#include "jsimd_dspr2_asm.h"
-
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_c_null_convert_dspr2)
-/*
- * a0     = cinfo->image_width
- * a1     = input_buf
- * a2     = output_buf
- * a3     = output_row
- * 16(sp) = num_rows
- * 20(sp) = cinfo->num_components
- *
- * Null conversion for compression
- */
-    SAVE_REGS_ON_STACK 8, s0, s1
-
-    lw          t9, 24(sp)      /* t9 = num_rows */
-    lw          s0, 28(sp)      /* s0 = cinfo->num_components */
-    andi        t0, a0, 3       /* t0 = cinfo->image_width & 3 */
-    beqz        t0, 4f          /* no residual */
-     nop
-0:
-    addiu       t9, t9, -1
-    bltz        t9, 7f
-     li         t1, 0
-1:
-    sll         t3, t1, 2
-    lwx         t5, t3(a2)      /* t5 = outptr = output_buf[ci] */
-    lw          t2, 0(a1)       /* t2 = inptr = *input_buf */
-    sll         t4, a3, 2
-    lwx         t5, t4(t5)      /* t5 = outptr = output_buf[ci][output_row] */
-    addu        t2, t2, t1
-    addu        s1, t5, a0
-    addu        t6, t5, t0
-2:
-    lbu         t3, 0(t2)
-    addiu       t5, t5, 1
-    sb          t3, -1(t5)
-    bne         t6, t5, 2b
-     addu       t2, t2, s0
-3:
-    lbu         t3, 0(t2)
-    addu        t4, t2, s0
-    addu        t7, t4, s0
-    addu        t8, t7, s0
-    addu        t2, t8, s0
-    lbu         t4, 0(t4)
-    lbu         t7, 0(t7)
-    lbu         t8, 0(t8)
-    addiu       t5, t5, 4
-    sb          t3, -4(t5)
-    sb          t4, -3(t5)
-    sb          t7, -2(t5)
-    bne         s1, t5, 3b
-     sb         t8, -1(t5)
-    addiu       t1, t1, 1
-    bne         t1, s0, 1b
-     nop
-    addiu       a1, a1, 4
-    bgez        t9, 0b
-     addiu      a3, a3, 1
-    b           7f
-     nop
-4:
-    addiu       t9, t9, -1
-    bltz        t9, 7f
-     li         t1, 0
-5:
-    sll         t3, t1, 2
-    lwx         t5, t3(a2)      /* t5 = outptr = output_buf[ci] */
-    lw          t2, 0(a1)       /* t2 = inptr = *input_buf */
-    sll         t4, a3, 2
-    lwx         t5, t4(t5)      /* t5 = outptr = output_buf[ci][output_row] */
-    addu        t2, t2, t1
-    addu        s1, t5, a0
-    addu        t6, t5, t0
-6:
-    lbu         t3, 0(t2)
-    addu        t4, t2, s0
-    addu        t7, t4, s0
-    addu        t8, t7, s0
-    addu        t2, t8, s0
-    lbu         t4, 0(t4)
-    lbu         t7, 0(t7)
-    lbu         t8, 0(t8)
-    addiu       t5, t5, 4
-    sb          t3, -4(t5)
-    sb          t4, -3(t5)
-    sb          t7, -2(t5)
-    bne         s1, t5, 6b
-     sb         t8, -1(t5)
-    addiu       t1, t1, 1
-    bne         t1, s0, 5b
-     nop
-    addiu       a1, a1, 4
-    bgez        t9, 4b
-     addiu      a3, a3, 1
-7:
-    RESTORE_REGS_FROM_STACK 8, s0, s1
-
-    j           ra
-     nop
-
-END(jsimd_c_null_convert_dspr2)
-
-
-/*****************************************************************************/
-/*
- * jsimd_extrgb_ycc_convert_dspr2
- * jsimd_extbgr_ycc_convert_dspr2
- * jsimd_extrgbx_ycc_convert_dspr2
- * jsimd_extbgrx_ycc_convert_dspr2
- * jsimd_extxbgr_ycc_convert_dspr2
- * jsimd_extxrgb_ycc_convert_dspr2
- *
- * Colorspace conversion RGB -> YCbCr
- */
-
-.macro GENERATE_JSIMD_RGB_YCC_CONVERT_DSPR2  colorid, pixel_size, \
-                                             r_offs, g_offs, b_offs
-
-.macro DO_RGB_TO_YCC  r, g, b, inptr
-    lbu         \r, \r_offs(\inptr)
-    lbu         \g, \g_offs(\inptr)
-    lbu         \b, \b_offs(\inptr)
-    addiu       \inptr, \pixel_size
-.endm
-
-LEAF_DSPR2(jsimd_\colorid\()_ycc_convert_dspr2)
-/*
- * a0     = cinfo->image_width
- * a1     = input_buf
- * a2     = output_buf
- * a3     = output_row
- * 16(sp) = num_rows
- */
-    SAVE_REGS_ON_STACK 32, s0, s1, s2, s3, s4, s5, s6, s7
-
-    lw          t7, 48(sp)      /* t7 = num_rows */
-    li          s0, 0x4c8b      /* FIX(0.29900) */
-    li          s1, 0x9646      /* FIX(0.58700) */
-    li          s2, 0x1d2f      /* FIX(0.11400) */
-    li          s3, 0xffffd4cd  /* -FIX(0.16874) */
-    li          s4, 0xffffab33  /* -FIX(0.33126) */
-    li          s5, 0x8000      /* FIX(0.50000) */
-    li          s6, 0xffff94d1  /* -FIX(0.41869) */
-    li          s7, 0xffffeb2f  /* -FIX(0.08131) */
-    li          t8, 0x807fff    /* CBCR_OFFSET + ONE_HALF-1 */
-
-0:
-    addiu       t7, -1          /* --num_rows */
-    lw          t6, 0(a1)       /* t6 = input_buf[0] */
-    lw          t0, 0(a2)
-    lw          t1, 4(a2)
-    lw          t2, 8(a2)
-    sll         t3, a3, 2
-    lwx         t0, t3(t0)      /* t0 = output_buf[0][output_row] */
-    lwx         t1, t3(t1)      /* t1 = output_buf[1][output_row] */
-    lwx         t2, t3(t2)      /* t2 = output_buf[2][output_row] */
-
-    addu        t9, t2, a0      /* t9 = end address */
-    addiu       a3, 1
-
-1:
-    DO_RGB_TO_YCC t3, t4, t5, t6
-
-    mtlo        s5, $ac0
-    mtlo        t8, $ac1
-    mtlo        t8, $ac2
-    maddu       $ac0, s2, t5
-    maddu       $ac1, s5, t5
-    maddu       $ac2, s5, t3
-    maddu       $ac0, s0, t3
-    maddu       $ac1, s3, t3
-    maddu       $ac2, s6, t4
-    maddu       $ac0, s1, t4
-    maddu       $ac1, s4, t4
-    maddu       $ac2, s7, t5
-    extr.w      t3, $ac0, 16
-    extr.w      t4, $ac1, 16
-    extr.w      t5, $ac2, 16
-    sb          t3, 0(t0)
-    sb          t4, 0(t1)
-    sb          t5, 0(t2)
-    addiu       t0, 1
-    addiu       t2, 1
-    bne         t2, t9, 1b
-     addiu      t1, 1
-    bgtz        t7, 0b
-     addiu      a1, 4
-
-    RESTORE_REGS_FROM_STACK 32, s0, s1, s2, s3, s4, s5, s6, s7
-
-    j           ra
-     nop
-END(jsimd_\colorid\()_ycc_convert_dspr2)
-
-.purgem DO_RGB_TO_YCC
-
-.endm
-
-/*-------------------------------------id -- pix R  G  B */
-GENERATE_JSIMD_RGB_YCC_CONVERT_DSPR2 extrgb,  3, 0, 1, 2
-GENERATE_JSIMD_RGB_YCC_CONVERT_DSPR2 extbgr,  3, 2, 1, 0
-GENERATE_JSIMD_RGB_YCC_CONVERT_DSPR2 extrgbx, 4, 0, 1, 2
-GENERATE_JSIMD_RGB_YCC_CONVERT_DSPR2 extbgrx, 4, 2, 1, 0
-GENERATE_JSIMD_RGB_YCC_CONVERT_DSPR2 extxbgr, 4, 3, 2, 1
-GENERATE_JSIMD_RGB_YCC_CONVERT_DSPR2 extxrgb, 4, 1, 2, 3
-
-
-/*****************************************************************************/
-/*
- * jsimd_ycc_extrgb_convert_dspr2
- * jsimd_ycc_extbgr_convert_dspr2
- * jsimd_ycc_extrgbx_convert_dspr2
- * jsimd_ycc_extbgrx_convert_dspr2
- * jsimd_ycc_extxbgr_convert_dspr2
- * jsimd_ycc_extxrgb_convert_dspr2
- *
- * Colorspace conversion YCbCr -> RGB
- */
-
-.macro GENERATE_JSIMD_YCC_RGB_CONVERT_DSPR2  colorid, pixel_size, \
-                                             r_offs, g_offs, b_offs, a_offs
-
-.macro STORE_YCC_TO_RGB  scratch0 scratch1 scratch2 outptr
-    sb          \scratch0, \r_offs(\outptr)
-    sb          \scratch1, \g_offs(\outptr)
-    sb          \scratch2, \b_offs(\outptr)
-.if (\pixel_size == 4)
-    li          t0, 0xFF
-    sb          t0, \a_offs(\outptr)
-.endif
-    addiu       \outptr, \pixel_size
-.endm
-
-LEAF_DSPR2(jsimd_ycc_\colorid\()_convert_dspr2)
-/*
- * a0     = cinfo->image_width
- * a1     = input_buf
- * a2     = input_row
- * a3     = output_buf
- * 16(sp) = num_rows
- */
-    SAVE_REGS_ON_STACK 32, s0, s1, s2, s3, s4, s5, s6, s7
-
-    lw          s1, 48(sp)
-    li          t3, 0x8000
-    li          t4, 0x166e9     /* FIX(1.40200) */
-    li          t5, 0x1c5a2     /* FIX(1.77200) */
-    li          t6, 0xffff492e  /* -FIX(0.71414) */
-    li          t7, 0xffffa7e6  /* -FIX(0.34414) */
-    repl.ph     t8, 128
-
-0:
-    lw          s0, 0(a3)
-    lw          t0, 0(a1)
-    lw          t1, 4(a1)
-    lw          t2, 8(a1)
-    sll         s5, a2, 2
-    addiu       s1, -1
-    lwx         s2, s5(t0)
-    lwx         s3, s5(t1)
-    lwx         s4, s5(t2)
-    addu        t9, s2, a0
-    addiu       a2, 1
-
-1:
-    lbu         s7, 0(s4)       /* cr */
-    lbu         s6, 0(s3)       /* cb */
-    lbu         s5, 0(s2)       /* y */
-    addiu       s2, 1
-    addiu       s4, 1
-    addiu       s7, -128
-    addiu       s6, -128
-    mul         t2, t7, s6
-    mul         t0, t6, s7      /* Crgtab[cr] */
-    sll         s7, 15
-    mulq_rs.w   t1, t4, s7      /* Crrtab[cr] */
-    sll         s6, 15
-    addu        t2, t3          /* Cbgtab[cb] */
-    addu        t2, t0
-
-    mulq_rs.w   t0, t5, s6      /* Cbbtab[cb] */
-    sra         t2, 16
-    addu        t1, s5
-    addu        t2, s5          /* add y */
-    ins         t2, t1, 16, 16
-    subu.ph     t2, t2, t8
-    addu        t0, s5
-    shll_s.ph   t2, t2, 8
-    subu        t0, 128
-    shra.ph     t2, t2, 8
-    shll_s.w    t0, t0, 24
-    addu.ph     t2, t2, t8      /* clip & store */
-    sra         t0, t0, 24
-    sra         t1, t2, 16
-    addiu       t0, 128
-
-    STORE_YCC_TO_RGB t1, t2, t0, s0
-
-    bne         s2, t9, 1b
-     addiu      s3, 1
-    bgtz        s1, 0b
-     addiu      a3, 4
-
-    RESTORE_REGS_FROM_STACK 32, s0, s1, s2, s3, s4, s5, s6, s7
-
-    j           ra
-     nop
-END(jsimd_ycc_\colorid\()_convert_dspr2)
-
-.purgem STORE_YCC_TO_RGB
-
-.endm
-
-/*-------------------------------------id -- pix R  G  B  A */
-GENERATE_JSIMD_YCC_RGB_CONVERT_DSPR2 extrgb,  3, 0, 1, 2, 3
-GENERATE_JSIMD_YCC_RGB_CONVERT_DSPR2 extbgr,  3, 2, 1, 0, 3
-GENERATE_JSIMD_YCC_RGB_CONVERT_DSPR2 extrgbx, 4, 0, 1, 2, 3
-GENERATE_JSIMD_YCC_RGB_CONVERT_DSPR2 extbgrx, 4, 2, 1, 0, 3
-GENERATE_JSIMD_YCC_RGB_CONVERT_DSPR2 extxbgr, 4, 3, 2, 1, 0
-GENERATE_JSIMD_YCC_RGB_CONVERT_DSPR2 extxrgb, 4, 1, 2, 3, 0
-
-
-/*****************************************************************************/
-/*
- * jsimd_extrgb_gray_convert_dspr2
- * jsimd_extbgr_gray_convert_dspr2
- * jsimd_extrgbx_gray_convert_dspr2
- * jsimd_extbgrx_gray_convert_dspr2
- * jsimd_extxbgr_gray_convert_dspr2
- * jsimd_extxrgb_gray_convert_dspr2
- *
- * Colorspace conversion RGB -> GRAY
- */
-
-.macro GENERATE_JSIMD_RGB_GRAY_CONVERT_DSPR2  colorid, pixel_size, \
-                                              r_offs, g_offs, b_offs
-
-.macro DO_RGB_TO_GRAY  r, g, b, inptr
-    lbu         \r, \r_offs(\inptr)
-    lbu         \g, \g_offs(\inptr)
-    lbu         \b, \b_offs(\inptr)
-    addiu       \inptr, \pixel_size
-.endm
-
-LEAF_DSPR2(jsimd_\colorid\()_gray_convert_dspr2)
-/*
- * a0     = cinfo->image_width
- * a1     = input_buf
- * a2     = output_buf
- * a3     = output_row
- * 16(sp) = num_rows
- */
-    SAVE_REGS_ON_STACK 32, s0, s1, s2, s3, s4, s5, s6, s7
-
-    li          s0, 0x4c8b      /* s0 = FIX(0.29900) */
-    li          s1, 0x9646      /* s1 = FIX(0.58700) */
-    li          s2, 0x1d2f      /* s2 = FIX(0.11400) */
-    li          s7, 0x8000      /* s7 = FIX(0.50000) */
-    lw          s6, 48(sp)
-    andi        t7, a0, 3
-
-0:
-    addiu       s6, -1          /* s6 = num_rows */
-    lw          t0, 0(a1)
-    lw          t1, 0(a2)
-    sll         t3, a3, 2
-    lwx         t1, t3(t1)
-    addiu       a3, 1
-    addu        t9, t1, a0
-    subu        t8, t9, t7
-    beq         t1, t8, 2f
-     nop
-
-1:
-    DO_RGB_TO_GRAY t3, t4, t5, t0
-    DO_RGB_TO_GRAY s3, s4, s5, t0
-
-    mtlo        s7, $ac0
-    maddu       $ac0, s2, t5
-    maddu       $ac0, s1, t4
-    maddu       $ac0, s0, t3
-    mtlo        s7, $ac1
-    maddu       $ac1, s2, s5
-    maddu       $ac1, s1, s4
-    maddu       $ac1, s0, s3
-    extr.w      t6, $ac0, 16
-
-    DO_RGB_TO_GRAY t3, t4, t5, t0
-    DO_RGB_TO_GRAY s3, s4, s5, t0
-
-    mtlo        s7, $ac0
-    maddu       $ac0, s2, t5
-    maddu       $ac0, s1, t4
-    extr.w      t2, $ac1, 16
-    maddu       $ac0, s0, t3
-    mtlo        s7, $ac1
-    maddu       $ac1, s2, s5
-    maddu       $ac1, s1, s4
-    maddu       $ac1, s0, s3
-    extr.w      t5, $ac0, 16
-    sb          t6, 0(t1)
-    sb          t2, 1(t1)
-    extr.w      t3, $ac1, 16
-    addiu       t1, 4
-    sb          t5, -2(t1)
-    sb          t3, -1(t1)
-    bne         t1, t8, 1b
-     nop
-
-2:
-    beqz        t7, 4f
-     nop
-
-3:
-    DO_RGB_TO_GRAY t3, t4, t5, t0
-
-    mtlo        s7, $ac0
-    maddu       $ac0, s2, t5
-    maddu       $ac0, s1, t4
-    maddu       $ac0, s0, t3
-    extr.w      t6, $ac0, 16
-    sb          t6, 0(t1)
-    addiu       t1, 1
-    bne         t1, t9, 3b
-     nop
-
-4:
-    bgtz        s6, 0b
-     addiu      a1, 4
-
-    RESTORE_REGS_FROM_STACK 32, s0, s1, s2, s3, s4, s5, s6, s7
-
-    j           ra
-     nop
-END(jsimd_\colorid\()_gray_convert_dspr2)
-
-.purgem DO_RGB_TO_GRAY
-
-.endm
-
-/*-------------------------------------id --  pix R  G  B */
-GENERATE_JSIMD_RGB_GRAY_CONVERT_DSPR2 extrgb,  3, 0, 1, 2
-GENERATE_JSIMD_RGB_GRAY_CONVERT_DSPR2 extbgr,  3, 2, 1, 0
-GENERATE_JSIMD_RGB_GRAY_CONVERT_DSPR2 extrgbx, 4, 0, 1, 2
-GENERATE_JSIMD_RGB_GRAY_CONVERT_DSPR2 extbgrx, 4, 2, 1, 0
-GENERATE_JSIMD_RGB_GRAY_CONVERT_DSPR2 extxbgr, 4, 3, 2, 1
-GENERATE_JSIMD_RGB_GRAY_CONVERT_DSPR2 extxrgb, 4, 1, 2, 3
-
-
-/*****************************************************************************/
-/*
- * jsimd_h2v2_merged_upsample_dspr2
- * jsimd_h2v2_extrgb_merged_upsample_dspr2
- * jsimd_h2v2_extrgbx_merged_upsample_dspr2
- * jsimd_h2v2_extbgr_merged_upsample_dspr2
- * jsimd_h2v2_extbgrx_merged_upsample_dspr2
- * jsimd_h2v2_extxbgr_merged_upsample_dspr2
- * jsimd_h2v2_extxrgb_merged_upsample_dspr2
- *
- * Merged h2v2 upsample routines
- */
-.macro GENERATE_H2V2_MERGED_UPSAMPLE_DSPR2  colorid, pixel_size, \
-                                            r1_offs, g1_offs, \
-                                            b1_offs, a1_offs, \
-                                            r2_offs, g2_offs, \
-                                            b2_offs, a2_offs
-
-.macro STORE_H2V2_2_PIXELS  scratch0 scratch1 scratch2 scratch3 scratch4 \
-                            scratch5 outptr
-    sb          \scratch0, \r1_offs(\outptr)
-    sb          \scratch1, \g1_offs(\outptr)
-    sb          \scratch2, \b1_offs(\outptr)
-    sb          \scratch3, \r2_offs(\outptr)
-    sb          \scratch4, \g2_offs(\outptr)
-    sb          \scratch5, \b2_offs(\outptr)
-.if (\pixel_size == 8)
-    li          \scratch0, 0xFF
-    sb          \scratch0, \a1_offs(\outptr)
-    sb          \scratch0, \a2_offs(\outptr)
-.endif
-    addiu       \outptr, \pixel_size
-.endm
-
-.macro STORE_H2V2_1_PIXEL  scratch0 scratch1 scratch2 outptr
-    sb          \scratch0, \r1_offs(\outptr)
-    sb          \scratch1, \g1_offs(\outptr)
-    sb          \scratch2, \b1_offs(\outptr)
-
-.if (\pixel_size == 8)
-    li          t0, 0xFF
-    sb          t0, \a1_offs(\outptr)
-.endif
-.endm
-
-LEAF_DSPR2(jsimd_h2v2_\colorid\()_merged_upsample_dspr2)
-/*
- * a0     = cinfo->output_width
- * a1     = input_buf
- * a2     = in_row_group_ctr
- * a3     = output_buf
- * 16(sp) = cinfo->sample_range_limit
- */
-    SAVE_REGS_ON_STACK 40, s0, s1, s2, s3, s4, s5, s6, s7, ra
-
-    lw          t9, 56(sp)      /* cinfo->sample_range_limit */
-    lw          v0, 0(a1)
-    lw          v1, 4(a1)
-    lw          t0, 8(a1)
-    sll         t1, a2, 3
-    addiu       t2, t1, 4
-    sll         t3, a2, 2
-    lw          t4, 0(a3)       /* t4 = output_buf[0] */
-    lwx         t1, t1(v0)      /* t1 = input_buf[0][in_row_group_ctr*2] */
-    lwx         t2, t2(v0)      /* t2 = input_buf[0][in_row_group_ctr*2 + 1] */
-    lwx         t5, t3(v1)      /* t5 = input_buf[1][in_row_group_ctr] */
-    lwx         t6, t3(t0)      /* t6 = input_buf[2][in_row_group_ctr] */
-    lw          t7, 4(a3)       /* t7 = output_buf[1] */
-    li          s1, 0xe6ea
-    addiu       t8, s1, 0x7fff    /* t8 = 0x166e9 [FIX(1.40200)] */
-    addiu       s0, t8, 0x5eb9    /* s0 = 0x1c5a2 [FIX(1.77200)] */
-    addiu       s1, zero, 0xa7e6  /* s4 = 0xffffa7e6 [-FIX(0.34414)] */
-    xori        s2, s1, 0xeec8    /* s3 = 0xffff492e [-FIX(0.71414)] */
-    srl         t3, a0, 1
-    blez        t3, 2f
-     addu       t0, t5, t3      /* t0 = end address */
- 1:
-    lbu         t3, 0(t5)
-    lbu         s3, 0(t6)
-    addiu       t5, t5, 1
-    addiu       t3, t3, -128    /* (cb - 128) */
-    addiu       s3, s3, -128    /* (cr - 128) */
-    mult        $ac1, s1, t3
-    madd        $ac1, s2, s3
-    sll         s3, s3, 15
-    sll         t3, t3, 15
-    mulq_rs.w   s4, t8, s3      /* s4 = (C1 * cr + ONE_HALF)>> SCALEBITS */
-    extr_r.w    s5, $ac1, 16
-    mulq_rs.w   s6, s0, t3      /* s6 = (C2 * cb + ONE_HALF)>> SCALEBITS */
-    lbu         v0, 0(t1)
-    addiu       t6, t6, 1
-    addiu       t1, t1, 2
-    addu        t3, v0, s4      /* y+cred */
-    addu        s3, v0, s5      /* y+cgreen */
-    addu        v1, v0, s6      /* y+cblue */
-    addu        t3, t9, t3      /* y+cred */
-    addu        s3, t9, s3      /* y+cgreen */
-    addu        v1, t9, v1      /* y+cblue */
-    lbu         AT, 0(t3)
-    lbu         s7, 0(s3)
-    lbu         ra, 0(v1)
-    lbu         v0, -1(t1)
-    addu        t3, v0, s4      /* y+cred */
-    addu        s3, v0, s5      /* y+cgreen */
-    addu        v1, v0, s6      /* y+cblue */
-    addu        t3, t9, t3      /* y+cred */
-    addu        s3, t9, s3      /* y+cgreen */
-    addu        v1, t9, v1      /* y+cblue */
-    lbu         t3, 0(t3)
-    lbu         s3, 0(s3)
-    lbu         v1, 0(v1)
-    lbu         v0, 0(t2)
-
-    STORE_H2V2_2_PIXELS AT, s7, ra, t3, s3, v1, t4
-
-    addu        t3, v0, s4      /* y+cred */
-    addu        s3, v0, s5      /* y+cgreen */
-    addu        v1, v0, s6      /* y+cblue */
-    addu        t3, t9, t3      /* y+cred */
-    addu        s3, t9, s3      /* y+cgreen */
-    addu        v1, t9, v1      /* y+cblue */
-    lbu         AT, 0(t3)
-    lbu         s7, 0(s3)
-    lbu         ra, 0(v1)
-    lbu         v0, 1(t2)
-    addiu       t2, t2, 2
-    addu        t3, v0, s4      /* y+cred */
-    addu        s3, v0, s5      /* y+cgreen */
-    addu        v1, v0, s6      /* y+cblue */
-    addu        t3, t9, t3      /* y+cred */
-    addu        s3, t9, s3      /* y+cgreen */
-    addu        v1, t9, v1      /* y+cblue */
-    lbu         t3, 0(t3)
-    lbu         s3, 0(s3)
-    lbu         v1, 0(v1)
-
-    STORE_H2V2_2_PIXELS AT, s7, ra, t3, s3, v1, t7
-
-    bne         t0, t5, 1b
-     nop
-2:
-    andi        t0, a0, 1
-    beqz        t0, 4f
-     lbu        t3, 0(t5)
-    lbu         s3, 0(t6)
-    addiu       t3, t3, -128    /* (cb - 128) */
-    addiu       s3, s3, -128    /* (cr - 128) */
-    mult        $ac1, s1, t3
-    madd        $ac1, s2, s3
-    sll         s3, s3, 15
-    sll         t3, t3, 15
-    lbu         v0, 0(t1)
-    extr_r.w    s5, $ac1, 16
-    mulq_rs.w   s4, t8, s3      /* s4 = (C1 * cr + ONE_HALF)>> SCALEBITS */
-    mulq_rs.w   s6, s0, t3      /* s6 = (C2 * cb + ONE_HALF)>> SCALEBITS */
-    addu        t3, v0, s4      /* y+cred */
-    addu        s3, v0, s5      /* y+cgreen */
-    addu        v1, v0, s6      /* y+cblue */
-    addu        t3, t9, t3      /* y+cred */
-    addu        s3, t9, s3      /* y+cgreen */
-    addu        v1, t9, v1      /* y+cblue */
-    lbu         t3, 0(t3)
-    lbu         s3, 0(s3)
-    lbu         v1, 0(v1)
-    lbu         v0, 0(t2)
-
-    STORE_H2V2_1_PIXEL t3, s3, v1, t4
-
-    addu        t3, v0, s4      /* y+cred */
-    addu        s3, v0, s5      /* y+cgreen */
-    addu        v1, v0, s6      /* y+cblue */
-    addu        t3, t9, t3      /* y+cred */
-    addu        s3, t9, s3      /* y+cgreen */
-    addu        v1, t9, v1      /* y+cblue */
-    lbu         t3, 0(t3)
-    lbu         s3, 0(s3)
-    lbu         v1, 0(v1)
-
-    STORE_H2V2_1_PIXEL t3, s3, v1, t7
-4:
-    RESTORE_REGS_FROM_STACK 40, s0, s1, s2, s3, s4, s5, s6, s7, ra
-
-    j           ra
-     nop
-
-END(jsimd_h2v2_\colorid\()_merged_upsample_dspr2)
-
-.purgem STORE_H2V2_1_PIXEL
-.purgem STORE_H2V2_2_PIXELS
-.endm
-
-/*------------------------------------id -- pix R1 G1 B1 A1 R2 G2 B2 A2 */
-GENERATE_H2V2_MERGED_UPSAMPLE_DSPR2 extrgb,  6, 0, 1, 2, 6, 3, 4, 5, 6
-GENERATE_H2V2_MERGED_UPSAMPLE_DSPR2 extbgr,  6, 2, 1, 0, 3, 5, 4, 3, 6
-GENERATE_H2V2_MERGED_UPSAMPLE_DSPR2 extrgbx, 8, 0, 1, 2, 3, 4, 5, 6, 7
-GENERATE_H2V2_MERGED_UPSAMPLE_DSPR2 extbgrx, 8, 2, 1, 0, 3, 6, 5, 4, 7
-GENERATE_H2V2_MERGED_UPSAMPLE_DSPR2 extxbgr, 8, 3, 2, 1, 0, 7, 6, 5, 4
-GENERATE_H2V2_MERGED_UPSAMPLE_DSPR2 extxrgb, 8, 1, 2, 3, 0, 5, 6, 7, 4
-
-
-/*****************************************************************************/
-/*
- * jsimd_h2v1_merged_upsample_dspr2
- * jsimd_h2v1_extrgb_merged_upsample_dspr2
- * jsimd_h2v1_extrgbx_merged_upsample_dspr2
- * jsimd_h2v1_extbgr_merged_upsample_dspr2
- * jsimd_h2v1_extbgrx_merged_upsample_dspr2
- * jsimd_h2v1_extxbgr_merged_upsample_dspr2
- * jsimd_h2v1_extxrgb_merged_upsample_dspr2
- *
- * Merged h2v1 upsample routines
- */
-
-.macro GENERATE_H2V1_MERGED_UPSAMPLE_DSPR2  colorid, pixel_size, \
-                                            r1_offs, g1_offs, \
-                                            b1_offs, a1_offs, \
-                                            r2_offs, g2_offs, \
-                                            b2_offs, a2_offs
-
-.macro STORE_H2V1_2_PIXELS  scratch0 scratch1 scratch2 scratch3 scratch4 \
-                            scratch5 outptr
-    sb          \scratch0, \r1_offs(\outptr)
-    sb          \scratch1, \g1_offs(\outptr)
-    sb          \scratch2, \b1_offs(\outptr)
-    sb          \scratch3, \r2_offs(\outptr)
-    sb          \scratch4, \g2_offs(\outptr)
-    sb          \scratch5, \b2_offs(\outptr)
-.if (\pixel_size == 8)
-    li          t0, 0xFF
-    sb          t0, \a1_offs(\outptr)
-    sb          t0, \a2_offs(\outptr)
-.endif
-    addiu       \outptr, \pixel_size
-.endm
-
-.macro STORE_H2V1_1_PIXEL  scratch0 scratch1 scratch2 outptr
-    sb          \scratch0, \r1_offs(\outptr)
-    sb          \scratch1, \g1_offs(\outptr)
-    sb          \scratch2, \b1_offs(\outptr)
-.if (\pixel_size == 8)
-    li          t0, 0xFF
-    sb          t0, \a1_offs(\outptr)
-.endif
-.endm
-
-LEAF_DSPR2(jsimd_h2v1_\colorid\()_merged_upsample_dspr2)
-/*
- * a0     = cinfo->output_width
- * a1     = input_buf
- * a2     = in_row_group_ctr
- * a3     = output_buf
- * 16(sp) = range_limit
- */
-    SAVE_REGS_ON_STACK 40, s0, s1, s2, s3, s4, s5, s6, s7, ra
-
-    li          t0, 0xe6ea
-    lw          t1, 0(a1)         /* t1 = input_buf[0] */
-    lw          t2, 4(a1)         /* t2 = input_buf[1] */
-    lw          t3, 8(a1)         /* t3 = input_buf[2] */
-    lw          t8, 56(sp)        /* t8 = range_limit */
-    addiu       s1, t0, 0x7fff    /* s1 = 0x166e9 [FIX(1.40200)] */
-    addiu       s2, s1, 0x5eb9    /* s2 = 0x1c5a2 [FIX(1.77200)] */
-    addiu       s0, t0, 0x9916    /* s0 = 0x8000 */
-    addiu       s4, zero, 0xa7e6  /* s4 = 0xffffa7e6 [-FIX(0.34414)] */
-    xori        s3, s4, 0xeec8    /* s3 = 0xffff492e [-FIX(0.71414)] */
-    srl         t0, a0, 1
-    sll         t4, a2, 2
-    lwx         s5, t4(t1)      /* s5 = inptr0 */
-    lwx         s6, t4(t2)      /* s6 = inptr1 */
-    lwx         s7, t4(t3)      /* s7 = inptr2 */
-    lw          t7, 0(a3)       /* t7 = outptr */
-    blez        t0, 2f
-     addu       t9, s6, t0      /* t9 = end address */
-1:
-    lbu         t2, 0(s6)       /* t2 = cb */
-    lbu         t0, 0(s7)       /* t0 = cr */
-    lbu         t1, 0(s5)       /* t1 = y */
-    addiu       t2, t2, -128    /* t2 = cb - 128 */
-    addiu       t0, t0, -128    /* t0 = cr - 128 */
-    mult        $ac1, s4, t2
-    madd        $ac1, s3, t0
-    sll         t0, t0, 15
-    sll         t2, t2, 15
-    mulq_rs.w   t0, s1, t0      /* t0 = (C1*cr + ONE_HALF)>> SCALEBITS */
-    extr_r.w    t5, $ac1, 16
-    mulq_rs.w   t6, s2, t2      /* t6 = (C2*cb + ONE_HALF)>> SCALEBITS */
-    addiu       s7, s7, 1
-    addiu       s6, s6, 1
-    addu        t2, t1, t0      /* t2 = y + cred */
-    addu        t3, t1, t5      /* t3 = y + cgreen */
-    addu        t4, t1, t6      /* t4 = y + cblue */
-    addu        t2, t8, t2
-    addu        t3, t8, t3
-    addu        t4, t8, t4
-    lbu         t1, 1(s5)
-    lbu         v0, 0(t2)
-    lbu         v1, 0(t3)
-    lbu         ra, 0(t4)
-    addu        t2, t1, t0
-    addu        t3, t1, t5
-    addu        t4, t1, t6
-    addu        t2, t8, t2
-    addu        t3, t8, t3
-    addu        t4, t8, t4
-    lbu         t2, 0(t2)
-    lbu         t3, 0(t3)
-    lbu         t4, 0(t4)
-
-    STORE_H2V1_2_PIXELS v0, v1, ra, t2, t3, t4, t7
-
-    bne         t9, s6, 1b
-     addiu      s5, s5, 2
-2:
-    andi        t0, a0, 1
-    beqz        t0, 4f
-     nop
-3:
-    lbu         t2, 0(s6)
-    lbu         t0, 0(s7)
-    lbu         t1, 0(s5)
-    addiu       t2, t2, -128    /* (cb - 128) */
-    addiu       t0, t0, -128    /* (cr - 128) */
-    mul         t3, s4, t2
-    mul         t4, s3, t0
-    sll         t0, t0, 15
-    sll         t2, t2, 15
-    mulq_rs.w   t0, s1, t0      /* (C1*cr + ONE_HALF)>> SCALEBITS */
-    mulq_rs.w   t6, s2, t2      /* (C2*cb + ONE_HALF)>> SCALEBITS */
-    addu        t3, t3, s0
-    addu        t3, t4, t3
-    sra         t5, t3, 16      /* (C4*cb + ONE_HALF + C3*cr)>> SCALEBITS */
-    addu        t2, t1, t0      /* y + cred */
-    addu        t3, t1, t5      /* y + cgreen */
-    addu        t4, t1, t6      /* y + cblue */
-    addu        t2, t8, t2
-    addu        t3, t8, t3
-    addu        t4, t8, t4
-    lbu         t2, 0(t2)
-    lbu         t3, 0(t3)
-    lbu         t4, 0(t4)
-
-    STORE_H2V1_1_PIXEL t2, t3, t4, t7
-4:
-    RESTORE_REGS_FROM_STACK 40, s0, s1, s2, s3, s4, s5, s6, s7, ra
-
-    j           ra
-     nop
-
-END(jsimd_h2v1_\colorid\()_merged_upsample_dspr2)
-
-.purgem STORE_H2V1_1_PIXEL
-.purgem STORE_H2V1_2_PIXELS
-.endm
-
-/*------------------------------------id -- pix R1 G1 B1 A1 R2 G2 B2 A2 */
-GENERATE_H2V1_MERGED_UPSAMPLE_DSPR2 extrgb,  6, 0, 1, 2, 6, 3, 4, 5, 6
-GENERATE_H2V1_MERGED_UPSAMPLE_DSPR2 extbgr,  6, 2, 1, 0, 3, 5, 4, 3, 6
-GENERATE_H2V1_MERGED_UPSAMPLE_DSPR2 extrgbx, 8, 0, 1, 2, 3, 4, 5, 6, 7
-GENERATE_H2V1_MERGED_UPSAMPLE_DSPR2 extbgrx, 8, 2, 1, 0, 3, 6, 5, 4, 7
-GENERATE_H2V1_MERGED_UPSAMPLE_DSPR2 extxbgr, 8, 3, 2, 1, 0, 7, 6, 5, 4
-GENERATE_H2V1_MERGED_UPSAMPLE_DSPR2 extxrgb, 8, 1, 2, 3, 0, 5, 6, 7, 4
-
-
-/*****************************************************************************/
-/*
- * jsimd_h2v2_fancy_upsample_dspr2
- *
- * Fancy processing for the common case of 2:1 horizontal and 2:1 vertical.
- */
-LEAF_DSPR2(jsimd_h2v2_fancy_upsample_dspr2)
-/*
- * a0 = cinfo->max_v_samp_factor
- * a1 = downsampled_width
- * a2 = input_data
- * a3 = output_data_ptr
- */
-    SAVE_REGS_ON_STACK 24, s0, s1, s2, s3, s4, s5
-
-    li            s4, 0
-    lw            s2, 0(a3)       /* s2 = *output_data_ptr */
-0:
-    li            t9, 2
-    lw            s1, -4(a2)      /* s1 = inptr1 */
-
-1:
-    lw            s0, 0(a2)       /* s0 = inptr0 */
-    lwx           s3, s4(s2)
-    addiu         s5, a1, -2      /* s5 = downsampled_width - 2 */
-    srl           t4, s5, 1
-    sll           t4, t4, 1
-    lbu           t0, 0(s0)
-    lbu           t1, 1(s0)
-    lbu           t2, 0(s1)
-    lbu           t3, 1(s1)
-    addiu         s0, 2
-    addiu         s1, 2
-    addu          t8, s0, t4      /* t8 = end address */
-    andi          s5, s5, 1       /* s5 = residual */
-    sll           t4, t0, 1
-    sll           t6, t1, 1
-    addu          t0, t0, t4      /* t0 = (*inptr0++) * 3 */
-    addu          t1, t1, t6      /* t1 = (*inptr0++) * 3 */
-    addu          t7, t0, t2      /* t7 = thiscolsum */
-    addu          t6, t1, t3      /* t5 = nextcolsum */
-    sll           t0, t7, 2       /* t0 = thiscolsum * 4 */
-    subu          t1, t0, t7      /* t1 = thiscolsum * 3 */
-    shra_r.w      t0, t0, 4
-    addiu         t1, 7
-    addu          t1, t1, t6
-    srl           t1, t1, 4
-    sb            t0, 0(s3)
-    sb            t1, 1(s3)
-    beq           t8, s0, 22f     /* skip to final iteration if width == 3 */
-     addiu        s3, 2
-2:
-    lh            t0, 0(s0)       /* t0 = A3|A2 */
-    lh            t2, 0(s1)       /* t2 = B3|B2 */
-    addiu         s0, 2
-    addiu         s1, 2
-    preceu.ph.qbr t0, t0          /* t0 = 0|A3|0|A2 */
-    preceu.ph.qbr t2, t2          /* t2 = 0|B3|0|B2 */
-    shll.ph       t1, t0, 1
-    sll           t3, t6, 1
-    addu.ph       t0, t1, t0      /* t0 = A3*3|A2*3 */
-    addu          t3, t3, t6      /* t3 = this * 3 */
-    addu.ph       t0, t0, t2      /* t0 = next2|next1 */
-    addu          t1, t3, t7
-    andi          t7, t0, 0xFFFF  /* t7 = next1 */
-    sll           t2, t7, 1
-    addu          t2, t7, t2      /* t2 = next1*3 */
-    addu          t4, t2, t6
-    srl           t6, t0, 16      /* t6 = next2 */
-    shra_r.w      t1, t1, 4       /* t1 = (this*3 + last + 8) >> 4 */
-    addu          t0, t3, t7
-    addiu         t0, 7
-    srl           t0, t0, 4       /* t0 = (this*3 + next1 + 7) >> 4 */
-    shra_r.w      t4, t4, 4       /* t3 = (next1*3 + this + 8) >> 4 */
-    addu          t2, t2, t6
-    addiu         t2, 7
-    srl           t2, t2, 4       /* t2 = (next1*3 + next2 + 7) >> 4 */
-    sb            t1, 0(s3)
-    sb            t0, 1(s3)
-    sb            t4, 2(s3)
-    sb            t2, 3(s3)
-    bne           t8, s0, 2b
-     addiu        s3, 4
-22:
-    beqz          s5, 4f
-     addu         t8, s0, s5
-3:
-    lbu           t0, 0(s0)
-    lbu           t2, 0(s1)
-    addiu         s0, 1
-    addiu         s1, 1
-    sll           t3, t6, 1
-    sll           t1, t0, 1
-    addu          t1, t0, t1      /* t1 = inptr0 * 3 */
-    addu          t3, t3, t6      /* t3 = thiscolsum * 3 */
-    addu          t5, t1, t2
-    addu          t1, t3, t7
-    shra_r.w      t1, t1, 4
-    addu          t0, t3, t5
-    addiu         t0, 7
-    srl           t0, t0, 4
-    sb            t1, 0(s3)
-    sb            t0, 1(s3)
-    addiu         s3, 2
-    move          t7, t6
-    bne           t8, s0, 3b
-     move         t6, t5
-4:
-    sll           t0, t6, 2       /* t0 = thiscolsum * 4 */
-    subu          t1, t0, t6      /* t1 = thiscolsum * 3 */
-    addu          t1, t1, t7
-    addiu         s4, 4
-    shra_r.w      t1, t1, 4
-    addiu         t0, 7
-    srl           t0, t0, 4
-    sb            t1, 0(s3)
-    sb            t0, 1(s3)
-    addiu         t9, -1
-    addiu         s3, 2
-    bnez          t9, 1b
-     lw           s1, 4(a2)
-    srl           t0, s4, 2
-    subu          t0, a0, t0
-    bgtz          t0, 0b
-     addiu        a2, 4
-
-    RESTORE_REGS_FROM_STACK 24, s0, s1, s2, s3, s4, s5
-
-    j             ra
-     nop
-END(jsimd_h2v2_fancy_upsample_dspr2)
-
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_h2v1_fancy_upsample_dspr2)
-/*
- * a0 = cinfo->max_v_samp_factor
- * a1 = downsampled_width
- * a2 = input_data
- * a3 = output_data_ptr
- */
-    SAVE_REGS_ON_STACK 16, s0, s1, s2, s3
-
-    .set at
-
-    beqz          a0, 3f
-     sll          t0, a0, 2
-    lw            s1, 0(a3)
-    li            s3, 0x10001
-    addu          s0, s1, t0
-0:
-    addiu         t8, a1, -2
-    srl           t9, t8, 2
-    lw            t7, 0(a2)
-    lw            s2, 0(s1)
-    lbu           t0, 0(t7)
-    lbu           t1, 1(t7)       /* t1 = inptr[1] */
-    sll           t2, t0, 1
-    addu          t2, t2, t0      /* t2 = invalue*3 */
-    addu          t2, t2, t1
-    shra_r.w      t2, t2, 2
-    sb            t0, 0(s2)
-    sb            t2, 1(s2)
-    beqz          t9, 11f
-     addiu        s2, 2
-1:
-    ulw           t0, 0(t7)       /* t0 = |P3|P2|P1|P0| */
-    ulw           t1, 1(t7)
-    ulh           t2, 4(t7)       /* t2 = |0|0|P5|P4| */
-    preceu.ph.qbl t3, t0          /* t3 = |0|P3|0|P2| */
-    preceu.ph.qbr t0, t0          /* t0 = |0|P1|0|P0| */
-    preceu.ph.qbr t2, t2          /* t2 = |0|P5|0|P4| */
-    preceu.ph.qbl t4, t1          /* t4 = |0|P4|0|P3| */
-    preceu.ph.qbr t1, t1          /* t1 = |0|P2|0|P1| */
-    shll.ph       t5, t4, 1
-    shll.ph       t6, t1, 1
-    addu.ph       t5, t5, t4      /* t5 = |P4*3|P3*3| */
-    addu.ph       t6, t6, t1      /* t6 = |P2*3|P1*3| */
-    addu.ph       t4, t3, s3
-    addu.ph       t0, t0, s3
-    addu.ph       t4, t4, t5
-    addu.ph       t0, t0, t6
-    shrl.ph       t4, t4, 2       /* t4 = |0|P3|0|P2| */
-    shrl.ph       t0, t0, 2       /* t0 = |0|P1|0|P0| */
-    addu.ph       t2, t2, t5
-    addu.ph       t3, t3, t6
-    shra_r.ph     t2, t2, 2       /* t2 = |0|P5|0|P4| */
-    shra_r.ph     t3, t3, 2       /* t3 = |0|P3|0|P2| */
-    shll.ph       t2, t2, 8
-    shll.ph       t3, t3, 8
-    or            t2, t4, t2
-    or            t3, t3, t0
-    addiu         t9, -1
-    usw           t3, 0(s2)
-    usw           t2, 4(s2)
-    addiu         s2, 8
-    bgtz          t9, 1b
-     addiu        t7, 4
-11:
-    andi          t8, 3
-    beqz          t8, 22f
-     addiu        t7, 1
-
-2:
-    lbu           t0, 0(t7)
-    addiu         t7, 1
-    sll           t1, t0, 1
-    addu          t2, t0, t1      /* t2 = invalue */
-    lbu           t3, -2(t7)
-    lbu           t4, 0(t7)
-    addiu         t3, 1
-    addiu         t4, 2
-    addu          t3, t3, t2
-    addu          t4, t4, t2
-    srl           t3, 2
-    srl           t4, 2
-    sb            t3, 0(s2)
-    sb            t4, 1(s2)
-    addiu         t8, -1
-    bgtz          t8, 2b
-     addiu        s2, 2
-
-22:
-    lbu           t0, 0(t7)
-    lbu           t2, -1(t7)
-    sll           t1, t0, 1
-    addu          t1, t1, t0      /* t1 = invalue * 3 */
-    addu          t1, t1, t2
-    addiu         t1, 1
-    srl           t1, t1, 2
-    sb            t1, 0(s2)
-    sb            t0, 1(s2)
-    addiu         s1, 4
-    bne           s1, s0, 0b
-     addiu        a2, 4
-3:
-    RESTORE_REGS_FROM_STACK 16, s0, s1, s2, s3
-
-    j             ra
-     nop
-END(jsimd_h2v1_fancy_upsample_dspr2)
-
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_h2v1_downsample_dspr2)
-/*
- * a0     = cinfo->image_width
- * a1     = cinfo->max_v_samp_factor
- * a2     = compptr->v_samp_factor
- * a3     = compptr->width_in_blocks
- * 16(sp) = input_data
- * 20(sp) = output_data
- */
-    .set at
-
-    SAVE_REGS_ON_STACK 24, s0, s1, s2, s3, s4
-
-    beqz        a2, 7f
-     lw         s1, 44(sp)      /* s1 = output_data */
-    lw          s0, 40(sp)      /* s0 = input_data */
-    srl         s2, a0, 2
-    andi        t9, a0, 2
-    srl         t7, t9, 1
-    addu        s2, t7, s2
-    sll         t0, a3, 3       /* t0 = width_in_blocks*DCT */
-    srl         t7, t0, 1
-    subu        s2, t7, s2
-0:
-    andi        t6, a0, 1       /* t6 = temp_index */
-    addiu       t6, -1
-    lw          t4, 0(s1)       /* t4 = outptr */
-    lw          t5, 0(s0)       /* t5 = inptr0 */
-    li          s3, 0           /* s3 = bias */
-    srl         t7, a0, 1       /* t7 = image_width1 */
-    srl         s4, t7, 2
-    andi        t8, t7, 3
-1:
-    ulhu        t0, 0(t5)
-    ulhu        t1, 2(t5)
-    ulhu        t2, 4(t5)
-    ulhu        t3, 6(t5)
-    raddu.w.qb  t0, t0
-    raddu.w.qb  t1, t1
-    raddu.w.qb  t2, t2
-    raddu.w.qb  t3, t3
-    shra.ph     t0, t0, 1
-    shra_r.ph   t1, t1, 1
-    shra.ph     t2, t2, 1
-    shra_r.ph   t3, t3, 1
-    sb          t0, 0(t4)
-    sb          t1, 1(t4)
-    sb          t2, 2(t4)
-    sb          t3, 3(t4)
-    addiu       s4, -1
-    addiu       t4, 4
-    bgtz        s4, 1b
-     addiu      t5, 8
-    beqz        t8, 3f
-     addu       s4, t4, t8
-2:
-    ulhu        t0, 0(t5)
-    raddu.w.qb  t0, t0
-    addqh.w     t0, t0, s3
-    xori        s3, s3, 1
-    sb          t0, 0(t4)
-    addiu       t4, 1
-    bne         t4, s4, 2b
-     addiu      t5, 2
-3:
-    lbux        t1, t6(t5)
-    sll         t1, 1
-    addqh.w     t2, t1, s3      /* t2 = pixval1 */
-    xori        s3, s3, 1
-    addqh.w     t3, t1, s3      /* t3 = pixval2 */
-    blez        s2, 5f
-     append     t3, t2,  8
-    addu        t5, t4, s2      /* t5 = loop_end2 */
-4:
-    ush         t3, 0(t4)
-    addiu       s2, -1
-    bgtz        s2, 4b
-     addiu      t4,  2
-5:
-    beqz        t9, 6f
-     nop
-    sb          t2, 0(t4)
-6:
-    addiu       s1, 4
-    addiu       a2, -1
-    bnez        a2, 0b
-     addiu      s0, 4
-7:
-    RESTORE_REGS_FROM_STACK 24, s0, s1, s2, s3, s4
-
-    j           ra
-    nop
-END(jsimd_h2v1_downsample_dspr2)
-
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_h2v2_downsample_dspr2)
-/*
- * a0     = cinfo->image_width
- * a1     = cinfo->max_v_samp_factor
- * a2     = compptr->v_samp_factor
- * a3     = compptr->width_in_blocks
- * 16(sp) = input_data
- * 20(sp) = output_data
- */
-    .set at
-
-    SAVE_REGS_ON_STACK 32, s0, s1, s2, s3, s4, s5, s6, s7
-
-    beqz        a2, 8f
-     lw         s1, 52(sp)      /* s1 = output_data */
-    lw          s0, 48(sp)      /* s0 = input_data */
-
-    andi        t6, a0, 1       /* t6 = temp_index */
-    addiu       t6, -1
-    srl         t7, a0, 1       /* t7 = image_width1 */
-    srl         s4, t7, 2
-    andi        t8, t7, 3
-    andi        t9, a0, 2
-    srl         s2, a0, 2
-    srl         t7, t9, 1
-    addu        s2, t7, s2
-    sll         t0, a3, 3       /* s2 = width_in_blocks*DCT */
-    srl         t7, t0, 1
-    subu        s2, t7, s2
-0:
-    lw          t4, 0(s1)       /* t4 = outptr */
-    lw          t5, 0(s0)       /* t5 = inptr0 */
-    lw          s7, 4(s0)       /* s7 = inptr1 */
-    li          s6, 1           /* s6 = bias */
-2:
-    ulw         t0, 0(t5)       /* t0 = |P3|P2|P1|P0| */
-    ulw         t1, 0(s7)       /* t1 = |Q3|Q2|Q1|Q0| */
-    ulw         t2, 4(t5)
-    ulw         t3, 4(s7)
-    precrq.ph.w t7, t0, t1      /* t2 = |P3|P2|Q3|Q2| */
-    ins         t0, t1, 16, 16  /* t0 = |Q1|Q0|P1|P0| */
-    raddu.w.qb  t1, t7
-    raddu.w.qb  t0, t0
-    shra_r.w    t1, t1, 2
-    addiu       t0, 1
-    srl         t0, 2
-    precrq.ph.w t7, t2, t3
-    ins         t2, t3, 16, 16
-    raddu.w.qb  t7, t7
-    raddu.w.qb  t2, t2
-    shra_r.w    t7, t7, 2
-    addiu       t2, 1
-    srl         t2, 2
-    sb          t0, 0(t4)
-    sb          t1, 1(t4)
-    sb          t2, 2(t4)
-    sb          t7, 3(t4)
-    addiu       t4, 4
-    addiu       t5, 8
-    addiu       s4, s4, -1
-    bgtz        s4, 2b
-     addiu      s7, 8
-    beqz        t8, 4f
-     addu       t8, t4, t8
-3:
-    ulhu        t0, 0(t5)
-    ulhu        t1, 0(s7)
-    ins         t0, t1, 16, 16
-    raddu.w.qb  t0, t0
-    addu        t0, t0, s6
-    srl         t0, 2
-    xori        s6, s6, 3
-    sb          t0, 0(t4)
-    addiu       t5, 2
-    addiu       t4, 1
-    bne         t8, t4, 3b
-     addiu      s7, 2
-4:
-    lbux        t1, t6(t5)
-    sll         t1, 1
-    lbux        t0, t6(s7)
-    sll         t0, 1
-    addu        t1, t1, t0
-    addu        t3, t1, s6
-    srl         t0, t3, 2       /* t2 = pixval1 */
-    xori        s6, s6, 3
-    addu        t2, t1, s6
-    srl         t1, t2, 2       /* t3 = pixval2 */
-    blez        s2, 6f
-     append     t1, t0, 8
-5:
-    ush         t1, 0(t4)
-    addiu       s2, -1
-    bgtz        s2, 5b
-     addiu      t4, 2
-6:
-    beqz        t9, 7f
-     nop
-    sb          t0, 0(t4)
-7:
-    addiu       s1, 4
-    addiu       a2, -1
-    bnez        a2, 0b
-     addiu      s0, 8
-8:
-    RESTORE_REGS_FROM_STACK 32, s0, s1, s2, s3, s4, s5, s6, s7
-
-    j           ra
-     nop
-END(jsimd_h2v2_downsample_dspr2)
-
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_h2v2_smooth_downsample_dspr2)
-/*
- * a0     = input_data
- * a1     = output_data
- * a2     = compptr->v_samp_factor
- * a3     = cinfo->max_v_samp_factor
- * 16(sp) = cinfo->smoothing_factor
- * 20(sp) = compptr->width_in_blocks
- * 24(sp) = cinfo->image_width
- */
-    .set at
-
-    SAVE_REGS_ON_STACK 32, s0, s1, s2, s3, s4, s5, s6, s7
-
-    lw          s7, 52(sp)      /* compptr->width_in_blocks */
-    lw          s0, 56(sp)      /* cinfo->image_width */
-    lw          s6, 48(sp)      /* cinfo->smoothing_factor */
-    sll         s7, 3           /* output_cols = width_in_blocks * DCTSIZE */
-    sll         v0, s7, 1
-    subu        v0, v0, s0
-    blez        v0, 2f
-    move        v1, zero
-    addiu       t0, a3, 2       /* t0 = cinfo->max_v_samp_factor + 2 */
-0:
-    addiu       t1, a0, -4
-    sll         t2, v1, 2
-    lwx         t1, t2(t1)
-    move        t3, v0
-    addu        t1, t1, s0
-    lbu         t2, -1(t1)
-1:
-    addiu       t3, t3, -1
-    sb          t2, 0(t1)
-    bgtz        t3, 1b
-    addiu       t1, t1, 1
-    addiu       v1, v1, 1
-    bne         v1, t0, 0b
-    nop
-2:
-    li          v0, 80
-    mul         v0, s6, v0
-    li          v1, 16384
-    move        t4, zero
-    move        t5, zero
-    subu        t6, v1, v0      /* t6 = 16384 - tmp_smoot_f * 80 */
-    sll         t7, s6, 4       /* t7 = tmp_smoot_f * 16 */
-3:
-/* Special case for first column: pretend column -1 is same as column 0 */
-    sll         v0, t4, 2
-    lwx         t8, v0(a1)      /*  outptr = output_data[outrow] */
-    sll         v1, t5, 2
-    addiu       t9, v1, 4
-    addiu       s0, v1, -4
-    addiu       s1, v1, 8
-    lwx         s2, v1(a0)      /* inptr0 = input_data[inrow] */
-    lwx         t9, t9(a0)      /* inptr1 = input_data[inrow+1] */
-    lwx         s0, s0(a0)      /* above_ptr = input_data[inrow-1] */
-    lwx         s1, s1(a0)      /* below_ptr = input_data[inrow+2] */
-    lh          v0, 0(s2)
-    lh          v1, 0(t9)
-    lh          t0, 0(s0)
-    lh          t1, 0(s1)
-    ins         v0, v1, 16, 16
-    ins         t0, t1, 16, 16
-    raddu.w.qb  t2, v0
-    raddu.w.qb  s3, t0
-    lbu         v0, 0(s2)
-    lbu         v1, 2(s2)
-    lbu         t0, 0(t9)
-    lbu         t1, 2(t9)
-    addu        v0, v0, v1
-    mult        $ac1, t2, t6
-    addu        t0, t0, t1
-    lbu         t2, 2(s0)
-    addu        t0, t0, v0
-    lbu         t3, 2(s1)
-    addu        s3, t0, s3
-    lbu         v0, 0(s0)
-    lbu         t0, 0(s1)
-    sll         s3, s3, 1
-    addu        v0, v0, t2
-    addu        t0, t0, t3
-    addu        t0, t0, v0
-    addu        s3, t0, s3
-    madd        $ac1, s3, t7
-    extr_r.w    v0, $ac1, 16
-    addiu       t8, t8, 1
-    addiu       s2, s2, 2
-    addiu       t9, t9, 2
-    addiu       s0, s0, 2
-    addiu       s1, s1, 2
-    sb          v0, -1(t8)
-    addiu       s4, s7, -2
-    and         s4, s4, 3
-    addu        s5, s4, t8      /* end address */
-4:
-    lh          v0, 0(s2)
-    lh          v1, 0(t9)
-    lh          t0, 0(s0)
-    lh          t1, 0(s1)
-    ins         v0, v1, 16, 16
-    ins         t0, t1, 16, 16
-    raddu.w.qb  t2, v0
-    raddu.w.qb  s3, t0
-    lbu         v0, -1(s2)
-    lbu         v1, 2(s2)
-    lbu         t0, -1(t9)
-    lbu         t1, 2(t9)
-    addu        v0, v0, v1
-    mult        $ac1, t2, t6
-    addu        t0, t0, t1
-    lbu         t2, 2(s0)
-    addu        t0, t0, v0
-    lbu         t3, 2(s1)
-    addu        s3, t0, s3
-    lbu         v0, -1(s0)
-    lbu         t0, -1(s1)
-    sll         s3, s3, 1
-    addu        v0, v0, t2
-    addu        t0, t0, t3
-    addu        t0, t0, v0
-    addu        s3, t0, s3
-    madd        $ac1, s3, t7
-    extr_r.w    t2, $ac1, 16
-    addiu       t8, t8, 1
-    addiu       s2, s2, 2
-    addiu       t9, t9, 2
-    addiu       s0, s0, 2
-    sb          t2, -1(t8)
-    bne         s5, t8, 4b
-    addiu       s1, s1, 2
-    addiu       s5, s7, -2
-    subu        s5, s5, s4
-    addu        s5, s5, t8      /* end address */
-5:
-    lh          v0, 0(s2)
-    lh          v1, 0(t9)
-    lh          t0, 0(s0)
-    lh          t1, 0(s1)
-    ins         v0, v1, 16, 16
-    ins         t0, t1, 16, 16
-    raddu.w.qb  t2, v0
-    raddu.w.qb  s3, t0
-    lbu         v0, -1(s2)
-    lbu         v1, 2(s2)
-    lbu         t0, -1(t9)
-    lbu         t1, 2(t9)
-    addu        v0, v0, v1
-    mult        $ac1, t2, t6
-    addu        t0, t0, t1
-    lbu         t2, 2(s0)
-    addu        t0, t0, v0
-    lbu         t3, 2(s1)
-    addu        s3, t0, s3
-    lbu         v0, -1(s0)
-    lbu         t0, -1(s1)
-    sll         s3, s3, 1
-    addu        v0, v0, t2
-    addu        t0, t0, t3
-    lh          v1, 2(t9)
-    addu        t0, t0, v0
-    lh          v0, 2(s2)
-    addu        s3, t0, s3
-    lh          t0, 2(s0)
-    lh          t1, 2(s1)
-    madd        $ac1, s3, t7
-    extr_r.w    t2, $ac1, 16
-    ins         t0, t1, 16, 16
-    ins         v0, v1, 16, 16
-    raddu.w.qb  s3, t0
-    lbu         v1, 4(s2)
-    lbu         t0, 1(t9)
-    lbu         t1, 4(t9)
-    sb          t2, 0(t8)
-    raddu.w.qb  t3, v0
-    lbu         v0, 1(s2)
-    addu        t0, t0, t1
-    mult        $ac1, t3, t6
-    addu        v0, v0, v1
-    lbu         t2, 4(s0)
-    addu        t0, t0, v0
-    lbu         v0, 1(s0)
-    addu        s3, t0, s3
-    lbu         t0, 1(s1)
-    lbu         t3, 4(s1)
-    addu        v0, v0, t2
-    sll         s3, s3, 1
-    addu        t0, t0, t3
-    lh          v1, 4(t9)
-    addu        t0, t0, v0
-    lh          v0, 4(s2)
-    addu        s3, t0, s3
-    lh          t0, 4(s0)
-    lh          t1, 4(s1)
-    madd        $ac1, s3, t7
-    extr_r.w    t2, $ac1, 16
-    ins         t0, t1, 16, 16
-    ins         v0, v1, 16, 16
-    raddu.w.qb  s3, t0
-    lbu         v1, 6(s2)
-    lbu         t0, 3(t9)
-    lbu         t1, 6(t9)
-    sb          t2, 1(t8)
-    raddu.w.qb  t3, v0
-    lbu         v0, 3(s2)
-    addu        t0, t0, t1
-    mult        $ac1, t3, t6
-    addu        v0, v0, v1
-    lbu         t2, 6(s0)
-    addu        t0, t0, v0
-    lbu         v0, 3(s0)
-    addu        s3, t0, s3
-    lbu         t0, 3(s1)
-    lbu         t3, 6(s1)
-    addu        v0, v0, t2
-    sll         s3, s3, 1
-    addu        t0, t0, t3
-    lh          v1, 6(t9)
-    addu        t0, t0, v0
-    lh          v0, 6(s2)
-    addu        s3, t0, s3
-    lh          t0, 6(s0)
-    lh          t1, 6(s1)
-    madd        $ac1, s3, t7
-    extr_r.w    t3, $ac1, 16
-    ins         t0, t1, 16, 16
-    ins         v0, v1, 16, 16
-    raddu.w.qb  s3, t0
-    lbu         v1, 8(s2)
-    lbu         t0, 5(t9)
-    lbu         t1, 8(t9)
-    sb          t3, 2(t8)
-    raddu.w.qb  t2, v0
-    lbu         v0, 5(s2)
-    addu        t0, t0, t1
-    mult        $ac1, t2, t6
-    addu        v0, v0, v1
-    lbu         t2, 8(s0)
-    addu        t0, t0, v0
-    lbu         v0, 5(s0)
-    addu        s3, t0, s3
-    lbu         t0, 5(s1)
-    lbu         t3, 8(s1)
-    addu        v0, v0, t2
-    sll         s3, s3, 1
-    addu        t0, t0, t3
-    addiu       t8, t8, 4
-    addu        t0, t0, v0
-    addiu       s2, s2, 8
-    addu        s3, t0, s3
-    addiu       t9, t9, 8
-    madd        $ac1, s3, t7
-    extr_r.w    t1, $ac1, 16
-    addiu       s0, s0, 8
-    addiu       s1, s1, 8
-    bne         s5, t8, 5b
-    sb          t1, -1(t8)
-/* Special case for last column */
-    lh          v0, 0(s2)
-    lh          v1, 0(t9)
-    lh          t0, 0(s0)
-    lh          t1, 0(s1)
-    ins         v0, v1, 16, 16
-    ins         t0, t1, 16, 16
-    raddu.w.qb  t2, v0
-    raddu.w.qb  s3, t0
-    lbu         v0, -1(s2)
-    lbu         v1, 1(s2)
-    lbu         t0, -1(t9)
-    lbu         t1, 1(t9)
-    addu        v0, v0, v1
-    mult        $ac1, t2, t6
-    addu        t0, t0, t1
-    lbu         t2, 1(s0)
-    addu        t0, t0, v0
-    lbu         t3, 1(s1)
-    addu        s3, t0, s3
-    lbu         v0, -1(s0)
-    lbu         t0, -1(s1)
-    sll         s3, s3, 1
-    addu        v0, v0, t2
-    addu        t0, t0, t3
-    addu        t0, t0, v0
-    addu        s3, t0, s3
-    madd        $ac1, s3, t7
-    extr_r.w    t0, $ac1, 16
-    addiu       t5, t5, 2
-    sb          t0, 0(t8)
-    addiu       t4, t4, 1
-    bne         t4, a2, 3b
-    addiu       t5, t5, 2
-
-    RESTORE_REGS_FROM_STACK 32, s0, s1, s2, s3, s4, s5, s6, s7
-
-    j           ra
-     nop
-
-END(jsimd_h2v2_smooth_downsample_dspr2)
-
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_int_upsample_dspr2)
-/*
- * a0     = upsample->h_expand[compptr->component_index]
- * a1     = upsample->v_expand[compptr->component_index]
- * a2     = input_data
- * a3     = output_data_ptr
- * 16(sp) = cinfo->output_width
- * 20(sp) = cinfo->max_v_samp_factor
- */
-    .set at
-
-    SAVE_REGS_ON_STACK 16, s0, s1, s2, s3
-
-    lw          s0, 0(a3)       /* s0 = output_data */
-    lw          s1, 32(sp)      /* s1 = cinfo->output_width */
-    lw          s2, 36(sp)      /* s2 = cinfo->max_v_samp_factor */
-    li          t6, 0           /* t6 = inrow */
-    beqz        s2, 10f
-     li         s3, 0           /* s3 = outrow */
-0:
-    addu        t0, a2, t6
-    addu        t7, s0, s3
-    lw          t3, 0(t0)       /* t3 = inptr */
-    lw          t8, 0(t7)       /* t8 = outptr */
-    beqz        s1, 4f
-     addu       t5, t8, s1      /* t5 = outend */
-1:
-    lb          t2, 0(t3)       /* t2 = invalue = *inptr++ */
-    addiu       t3, 1
-    beqz        a0, 3f
-     move       t0, a0          /* t0 = h_expand */
-2:
-    sb          t2, 0(t8)
-    addiu       t0, -1
-    bgtz        t0, 2b
-     addiu      t8, 1
-3:
-    bgt         t5, t8, 1b
-     nop
-4:
-    addiu       t9, a1, -1      /* t9 = v_expand - 1 */
-    blez        t9, 9f
-     nop
-5:
-    lw          t3, 0(s0)
-    lw          t4, 4(s0)
-    subu        t0, s1, 0xF
-    blez        t0, 7f
-     addu       t5, t3, s1      /* t5 = end address */
-    andi        t7, s1, 0xF     /* t7 = residual */
-    subu        t8, t5, t7
-6:
-    ulw         t0, 0(t3)
-    ulw         t1, 4(t3)
-    ulw         t2, 8(t3)
-    usw         t0, 0(t4)
-    ulw         t0, 12(t3)
-    usw         t1, 4(t4)
-    usw         t2, 8(t4)
-    usw         t0, 12(t4)
-    addiu       t3, 16
-    bne         t3, t8, 6b
-     addiu      t4, 16
-    beqz        t7, 8f
-     nop
-7:
-    lbu         t0, 0(t3)
-    sb          t0, 0(t4)
-    addiu       t3, 1
-    bne         t3, t5, 7b
-     addiu      t4, 1
-8:
-    addiu       t9, -1
-    bgtz        t9, 5b
-     addiu      s0, 8
-9:
-    addu        s3, s3, a1
-    bne         s3, s2, 0b
-     addiu      t6, 1
-10:
-    RESTORE_REGS_FROM_STACK 16, s0, s1, s2, s3
-
-    j           ra
-     nop
-END(jsimd_int_upsample_dspr2)
-
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_h2v1_upsample_dspr2)
-/*
- * a0 = cinfo->max_v_samp_factor
- * a1 = cinfo->output_width
- * a2 = input_data
- * a3 = output_data_ptr
- */
-    lw          t7, 0(a3)       /* t7 = output_data */
-    andi        t8, a1, 0xf     /* t8 = residual */
-    sll         t0, a0, 2
-    blez        a0, 4f
-     addu       t9, t7, t0      /* t9 = output_data end address */
-0:
-    lw          t5, 0(t7)       /* t5 = outptr */
-    lw          t6, 0(a2)       /* t6 = inptr */
-    addu        t3, t5, a1      /* t3 = outptr + output_width (end address) */
-    subu        t3, t8          /* t3 = end address - residual */
-    beq         t5, t3, 2f
-     move       t4, t8
-1:
-    ulw         t0, 0(t6)       /* t0 = |P3|P2|P1|P0| */
-    ulw         t2, 4(t6)       /* t2 = |P7|P6|P5|P4| */
-    srl         t1, t0, 16      /* t1 = |X|X|P3|P2| */
-    ins         t0, t0, 16, 16  /* t0 = |P1|P0|P1|P0| */
-    ins         t1, t1, 16, 16  /* t1 = |P3|P2|P3|P2| */
-    ins         t0, t0, 8, 16   /* t0 = |P1|P1|P0|P0| */
-    ins         t1, t1, 8, 16   /* t1 = |P3|P3|P2|P2| */
-    usw         t0, 0(t5)
-    usw         t1, 4(t5)
-    srl         t0, t2, 16      /* t0 = |X|X|P7|P6| */
-    ins         t2, t2, 16, 16  /* t2 = |P5|P4|P5|P4| */
-    ins         t0, t0, 16, 16  /* t0 = |P7|P6|P7|P6| */
-    ins         t2, t2, 8, 16   /* t2 = |P5|P5|P4|P4| */
-    ins         t0, t0, 8, 16   /* t0 = |P7|P7|P6|P6| */
-    usw         t2, 8(t5)
-    usw         t0, 12(t5)
-    addiu       t5, 16
-    bne         t5, t3, 1b
-     addiu      t6, 8
-    beqz        t8, 3f
-     move       t4, t8
-2:
-    lbu         t1, 0(t6)
-    sb          t1, 0(t5)
-    sb          t1, 1(t5)
-    addiu       t4, -2
-    addiu       t6, 1
-    bgtz        t4, 2b
-     addiu      t5, 2
-3:
-    addiu       t7, 4
-    bne         t9, t7, 0b
-     addiu      a2, 4
-4:
-    j           ra
-     nop
-END(jsimd_h2v1_upsample_dspr2)
-
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_h2v2_upsample_dspr2)
-/*
- * a0 = cinfo->max_v_samp_factor
- * a1 = cinfo->output_width
- * a2 = input_data
- * a3 = output_data_ptr
- */
-    lw          t7, 0(a3)
-    blez        a0, 7f
-     andi       t9, a1, 0xf     /* t9 = residual */
-0:
-    lw          t6, 0(a2)       /* t6 = inptr */
-    lw          t5, 0(t7)       /* t5 = outptr */
-    addu        t8, t5, a1      /* t8 = outptr end address */
-    subu        t8, t9          /* t8 = end address - residual */
-    beq         t5, t8, 2f
-     move       t4, t9
-1:
-    ulw         t0, 0(t6)
-    srl         t1, t0, 16
-    ins         t0, t0, 16, 16
-    ins         t0, t0, 8, 16
-    ins         t1, t1, 16, 16
-    ins         t1, t1, 8, 16
-    ulw         t2, 4(t6)
-    usw         t0, 0(t5)
-    usw         t1, 4(t5)
-    srl         t3, t2, 16
-    ins         t2, t2, 16, 16
-    ins         t2, t2, 8, 16
-    ins         t3, t3, 16, 16
-    ins         t3, t3, 8, 16
-    usw         t2, 8(t5)
-    usw         t3, 12(t5)
-    addiu       t5, 16
-    bne         t5, t8, 1b
-     addiu      t6, 8
-    beqz        t9, 3f
-     move       t4, t9
-2:
-    lbu         t0, 0(t6)
-    sb          t0, 0(t5)
-    sb          t0, 1(t5)
-    addiu       t4, -2
-    addiu       t6, 1
-    bgtz        t4, 2b
-     addiu      t5, 2
-3:
-    lw          t6, 0(t7)       /* t6 = outptr[0] */
-    lw          t5, 4(t7)       /* t5 = outptr[1] */
-    addu        t4, t6, a1      /* t4 = new end address */
-    beq         a1, t9, 5f
-     subu       t8, t4, t9
-4:
-    ulw         t0, 0(t6)
-    ulw         t1, 4(t6)
-    ulw         t2, 8(t6)
-    usw         t0, 0(t5)
-    ulw         t0, 12(t6)
-    usw         t1, 4(t5)
-    usw         t2, 8(t5)
-    usw         t0, 12(t5)
-    addiu       t6, 16
-    bne         t6, t8, 4b
-     addiu      t5, 16
-    beqz        t9, 6f
-     nop
-5:
-    lbu         t0, 0(t6)
-    sb          t0, 0(t5)
-    addiu       t6, 1
-    bne         t6, t4, 5b
-     addiu      t5, 1
-6:
-    addiu       t7, 8
-    addiu       a0, -2
-    bgtz        a0, 0b
-     addiu      a2, 4
-7:
-    j           ra
-     nop
-END(jsimd_h2v2_upsample_dspr2)
-
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_idct_islow_dspr2)
-/*
- * a0 = coef_block
- * a1 = compptr->dcttable
- * a2 = output
- * a3 = range_limit
- */
-    SAVE_REGS_ON_STACK 32, s0, s1, s2, s3, s4, s5, s6, s7
-
-    addiu       sp, sp, -256
-    move        v0, sp
-    addiu       v1, zero, 8     /* v1 = DCTSIZE = 8 */
-1:
-    lh          s4, 32(a0)      /* s4 = inptr[16] */
-    lh          s5, 64(a0)      /* s5 = inptr[32] */
-    lh          s6, 96(a0)      /* s6 = inptr[48] */
-    lh          t1, 112(a0)     /* t1 = inptr[56] */
-    lh          t7, 16(a0)      /* t7 = inptr[8] */
-    lh          t5, 80(a0)      /* t5 = inptr[40] */
-    lh          t3, 48(a0)      /* t3 = inptr[24] */
-    or          s4, s4, t1
-    or          s4, s4, t3
-    or          s4, s4, t5
-    or          s4, s4, t7
-    or          s4, s4, s5
-    or          s4, s4, s6
-    bnez        s4, 2f
-     addiu      v1, v1, -1
-    lh          s5, 0(a1)       /* quantptr[DCTSIZE*0] */
-    lh          s6, 0(a0)       /* inptr[DCTSIZE*0] */
-    mul         s5, s5, s6      /* DEQUANTIZE(inptr[0], quantptr[0]) */
-    sll         s5, s5, 2
-    sw          s5, 0(v0)
-    sw          s5, 32(v0)
-    sw          s5, 64(v0)
-    sw          s5, 96(v0)
-    sw          s5, 128(v0)
-    sw          s5, 160(v0)
-    sw          s5, 192(v0)
-    b           3f
-     sw         s5, 224(v0)
-2:
-    lh          t0, 112(a1)
-    lh          t2, 48(a1)
-    lh          t4, 80(a1)
-    lh          t6, 16(a1)
-    mul         t0, t0, t1      /* DEQUANTIZE(inptr[DCTSIZE*7],
-                                              quantptr[DCTSIZE*7]) */
-    mul         t1, t2, t3      /* DEQUANTIZE(inptr[DCTSIZE*3],
-                                              quantptr[DCTSIZE*3]) */
-    mul         t2, t4, t5      /* DEQUANTIZE(inptr[DCTSIZE*5],
-                                              quantptr[DCTSIZE*5]) */
-    mul         t3, t6, t7      /* DEQUANTIZE(inptr[DCTSIZE*1],
-                                              quantptr[DCTSIZE*1]) */
-    lh          t4, 32(a1)
-    lh          t5, 32(a0)
-    lh          t6, 96(a1)
-    lh          t7, 96(a0)
-    addu        s0, t0, t1       /* z3 = tmp0 + tmp2 */
-    addu        s1, t1, t2       /* z2 = tmp1 + tmp2 */
-    addu        s2, t2, t3       /* z4 = tmp1 + tmp3 */
-    addu        s3, s0, s2       /* z3 + z4 */
-    addiu       t9, zero, 9633   /* FIX_1_175875602 */
-    mul         s3, s3, t9       /* z5 = MULTIPLY(z3 + z4, FIX_1_175875602) */
-    addu        t8, t0, t3       /* z1 = tmp0 + tmp3 */
-    addiu       t9, zero, 2446   /* FIX_0_298631336 */
-    mul         t0, t0, t9       /* tmp0 = MULTIPLY(tmp0, FIX_0_298631336) */
-    addiu       t9, zero, 16819  /* FIX_2_053119869 */
-    mul         t2, t2, t9       /* tmp1 = MULTIPLY(tmp1, FIX_2_053119869) */
-    addiu       t9, zero, 25172  /* FIX_3_072711026 */
-    mul         t1, t1, t9       /* tmp2 = MULTIPLY(tmp2, FIX_3_072711026) */
-    addiu       t9, zero, 12299  /* FIX_1_501321110 */
-    mul         t3, t3, t9       /* tmp3 = MULTIPLY(tmp3, FIX_1_501321110) */
-    addiu       t9, zero, 16069  /* FIX_1_961570560 */
-    mul         s0, s0, t9       /* -z3 = MULTIPLY(z3, FIX_1_961570560) */
-    addiu       t9, zero, 3196   /* FIX_0_390180644 */
-    mul         s2, s2, t9       /* -z4 = MULTIPLY(z4, FIX_0_390180644) */
-    addiu       t9, zero, 7373   /* FIX_0_899976223 */
-    mul         t8, t8, t9       /* -z1 = MULTIPLY(z1, FIX_0_899976223) */
-    addiu       t9, zero, 20995  /* FIX_2_562915447 */
-    mul         s1, s1, t9       /* -z2 = MULTIPLY(z2, FIX_2_562915447) */
-    subu        s0, s3, s0       /* z3 += z5 */
-    addu        t0, t0, s0       /* tmp0 += z3 */
-    addu        t1, t1, s0       /* tmp2 += z3 */
-    subu        s2, s3, s2       /* z4 += z5 */
-    addu        t2, t2, s2       /* tmp1 += z4 */
-    addu        t3, t3, s2       /* tmp3 += z4 */
-    subu        t0, t0, t8       /* tmp0 += z1 */
-    subu        t1, t1, s1       /* tmp2 += z2 */
-    subu        t2, t2, s1       /* tmp1 += z2 */
-    subu        t3, t3, t8       /* tmp3 += z1 */
-    mul         s0, t4, t5       /* DEQUANTIZE(inptr[DCTSIZE*2],
-                                               quantptr[DCTSIZE*2]) */
-    addiu       t9, zero, 6270   /* FIX_0_765366865 */
-    mul         s1, t6, t7       /* DEQUANTIZE(inptr[DCTSIZE*6],
-                                               quantptr[DCTSIZE*6]) */
-    lh          t4, 0(a1)
-    lh          t5, 0(a0)
-    lh          t6, 64(a1)
-    lh          t7, 64(a0)
-    mul         s2, t9, s0       /* MULTIPLY(z2, FIX_0_765366865) */
-    mul         t5, t4, t5       /* DEQUANTIZE(inptr[DCTSIZE*0],
-                                               quantptr[DCTSIZE*0]) */
-    mul         t6, t6, t7       /* DEQUANTIZE(inptr[DCTSIZE*4],
-                                               quantptr[DCTSIZE*4]) */
-    addiu       t9, zero, 4433   /* FIX_0_541196100 */
-    addu        s3, s0, s1       /* z2 + z3 */
-    mul         s3, s3, t9       /* z1 = MULTIPLY(z2 + z3, FIX_0_541196100) */
-    addiu       t9, zero, 15137  /* FIX_1_847759065 */
-    mul         t8, s1, t9       /* MULTIPLY(z3, FIX_1_847759065) */
-    addu        t4, t5, t6
-    subu        t5, t5, t6
-    sll         t4, t4, 13      /* tmp0 = (z2 + z3) << CONST_BITS */
-    sll         t5, t5, 13      /* tmp1 = (z2 - z3) << CONST_BITS */
-    addu        t7, s3, s2      /* tmp3 = z1 + MULTIPLY(z2, FIX_0_765366865) */
-    subu        t6, s3, t8      /* tmp2 =
-                                     z1 + MULTIPLY(z3, -FIX_1_847759065) */
-    addu        s0, t4, t7
-    subu        s1, t4, t7
-    addu        s2, t5, t6
-    subu        s3, t5, t6
-    addu        t4, s0, t3
-    subu        s0, s0, t3
-    addu        t3, s2, t1
-    subu        s2, s2, t1
-    addu        t1, s3, t2
-    subu        s3, s3, t2
-    addu        t2, s1, t0
-    subu        s1, s1, t0
-    shra_r.w    t4, t4, 11
-    shra_r.w    t3, t3, 11
-    shra_r.w    t1, t1, 11
-    shra_r.w    t2, t2, 11
-    shra_r.w    s1, s1, 11
-    shra_r.w    s3, s3, 11
-    shra_r.w    s2, s2, 11
-    shra_r.w    s0, s0, 11
-    sw          t4, 0(v0)
-    sw          t3, 32(v0)
-    sw          t1, 64(v0)
-    sw          t2, 96(v0)
-    sw          s1, 128(v0)
-    sw          s3, 160(v0)
-    sw          s2, 192(v0)
-    sw          s0, 224(v0)
-3:
-    addiu       a1, a1, 2
-    addiu       a0, a0, 2
-    bgtz        v1, 1b
-     addiu      v0, v0, 4
-    move        v0, sp
-    addiu       v1, zero, 8
-4:
-    lw          t0, 8(v0)       /* z2 = (JLONG)wsptr[2] */
-    lw          t1, 24(v0)      /* z3 = (JLONG)wsptr[6] */
-    lw          t2, 0(v0)       /* (JLONG)wsptr[0] */
-    lw          t3, 16(v0)      /* (JLONG)wsptr[4] */
-    lw          s4, 4(v0)       /* (JLONG)wsptr[1] */
-    lw          s5, 12(v0)      /* (JLONG)wsptr[3] */
-    lw          s6, 20(v0)      /* (JLONG)wsptr[5] */
-    lw          s7, 28(v0)      /* (JLONG)wsptr[7] */
-    or          s4, s4, t0
-    or          s4, s4, t1
-    or          s4, s4, t3
-    or          s4, s4, s7
-    or          s4, s4, s5
-    or          s4, s4, s6
-    bnez        s4, 5f
-     addiu      v1, v1, -1
-    shra_r.w    s5, t2, 5
-    andi        s5, s5, 0x3ff
-    lbux        s5, s5(a3)
-    lw          s1, 0(a2)
-    replv.qb    s5, s5
-    usw         s5, 0(s1)
-    usw         s5, 4(s1)
-    b           6f
-     nop
-5:
-    addu        t4, t0, t1       /* z2 + z3 */
-    addiu       t8, zero, 4433   /* FIX_0_541196100 */
-    mul         t5, t4, t8       /* z1 = MULTIPLY(z2 + z3, FIX_0_541196100) */
-    addiu       t8, zero, 15137  /* FIX_1_847759065 */
-    mul         t1, t1, t8       /* MULTIPLY(z3, FIX_1_847759065) */
-    addiu       t8, zero, 6270   /* FIX_0_765366865 */
-    mul         t0, t0, t8       /* MULTIPLY(z2, FIX_0_765366865) */
-    addu        t4, t2, t3       /* (JLONG)wsptr[0] + (JLONG)wsptr[4] */
-    subu        t2, t2, t3       /* (JLONG)wsptr[0] - (JLONG)wsptr[4] */
-    sll         t4, t4, 13       /* tmp0 =
-                                      (wsptr[0] + wsptr[4]) << CONST_BITS */
-    sll         t2, t2, 13       /* tmp1 =
-                                      (wsptr[0] - wsptr[4]) << CONST_BITS */
-    subu        t1, t5, t1       /* tmp2 =
-                                      z1 + MULTIPLY(z3, -FIX_1_847759065) */
-    subu        t3, t2, t1       /* tmp12 = tmp1 - tmp2 */
-    addu        t2, t2, t1       /* tmp11 = tmp1 + tmp2 */
-    addu        t5, t5, t0       /* tmp3 =
-                                      z1 + MULTIPLY(z2, FIX_0_765366865) */
-    subu        t1, t4, t5       /* tmp13 = tmp0 - tmp3 */
-    addu        t0, t4, t5       /* tmp10 = tmp0 + tmp3 */
-    lw          t4, 28(v0)       /* tmp0 = (JLONG)wsptr[7] */
-    lw          t6, 12(v0)       /* tmp2 = (JLONG)wsptr[3] */
-    lw          t5, 20(v0)       /* tmp1 = (JLONG)wsptr[5] */
-    lw          t7, 4(v0)        /* tmp3 = (JLONG)wsptr[1] */
-    addu        s0, t4, t6       /* z3 = tmp0 + tmp2 */
-    addiu       t8, zero, 9633   /* FIX_1_175875602 */
-    addu        s1, t5, t7       /* z4 = tmp1 + tmp3 */
-    addu        s2, s0, s1       /* z3 + z4 */
-    mul         s2, s2, t8       /* z5 = MULTIPLY(z3 + z4, FIX_1_175875602) */
-    addu        s3, t4, t7       /* z1 = tmp0 + tmp3 */
-    addu        t9, t5, t6       /* z2 = tmp1 + tmp2 */
-    addiu       t8, zero, 16069  /* FIX_1_961570560 */
-    mul         s0, s0, t8       /* -z3 = MULTIPLY(z3, FIX_1_961570560) */
-    addiu       t8, zero, 3196   /* FIX_0_390180644 */
-    mul         s1, s1, t8       /* -z4 = MULTIPLY(z4, FIX_0_390180644) */
-    addiu       t8, zero, 2446   /* FIX_0_298631336 */
-    mul         t4, t4, t8       /* tmp0 = MULTIPLY(tmp0, FIX_0_298631336) */
-    addiu       t8, zero, 7373   /* FIX_0_899976223 */
-    mul         s3, s3, t8       /* -z1 = MULTIPLY(z1, FIX_0_899976223) */
-    addiu       t8, zero, 16819  /* FIX_2_053119869 */
-    mul         t5, t5, t8       /* tmp1 = MULTIPLY(tmp1, FIX_2_053119869) */
-    addiu       t8, zero, 20995  /* FIX_2_562915447 */
-    mul         t9, t9, t8       /* -z2 = MULTIPLY(z2, FIX_2_562915447) */
-    addiu       t8, zero, 25172  /* FIX_3_072711026 */
-    mul         t6, t6, t8       /* tmp2 = MULTIPLY(tmp2, FIX_3_072711026) */
-    addiu       t8, zero, 12299  /* FIX_1_501321110 */
-    mul         t7, t7, t8       /* tmp3 = MULTIPLY(tmp3, FIX_1_501321110) */
-    subu        s0, s2, s0       /* z3 += z5 */
-    subu        s1, s2, s1       /* z4 += z5 */
-    addu        t4, t4, s0
-    subu        t4, t4, s3      /* tmp0 */
-    addu        t5, t5, s1
-    subu        t5, t5, t9      /* tmp1 */
-    addu        t6, t6, s0
-    subu        t6, t6, t9      /* tmp2 */
-    addu        t7, t7, s1
-    subu        t7, t7, s3      /* tmp3 */
-    addu        s0, t0, t7
-    subu        t0, t0, t7
-    addu        t7, t2, t6
-    subu        t2, t2, t6
-    addu        t6, t3, t5
-    subu        t3, t3, t5
-    addu        t5, t1, t4
-    subu        t1, t1, t4
-    shra_r.w    s0, s0, 18
-    shra_r.w    t7, t7, 18
-    shra_r.w    t6, t6, 18
-    shra_r.w    t5, t5, 18
-    shra_r.w    t1, t1, 18
-    shra_r.w    t3, t3, 18
-    shra_r.w    t2, t2, 18
-    shra_r.w    t0, t0, 18
-    andi        s0, s0, 0x3ff
-    andi        t7, t7, 0x3ff
-    andi        t6, t6, 0x3ff
-    andi        t5, t5, 0x3ff
-    andi        t1, t1, 0x3ff
-    andi        t3, t3, 0x3ff
-    andi        t2, t2, 0x3ff
-    andi        t0, t0, 0x3ff
-    lw          s1, 0(a2)
-    lbux        s0, s0(a3)
-    lbux        t7, t7(a3)
-    lbux        t6, t6(a3)
-    lbux        t5, t5(a3)
-    lbux        t1, t1(a3)
-    lbux        t3, t3(a3)
-    lbux        t2, t2(a3)
-    lbux        t0, t0(a3)
-    sb          s0, 0(s1)
-    sb          t7, 1(s1)
-    sb          t6, 2(s1)
-    sb          t5, 3(s1)
-    sb          t1, 4(s1)
-    sb          t3, 5(s1)
-    sb          t2, 6(s1)
-    sb          t0, 7(s1)
-6:
-    addiu       v0, v0, 32
-    bgtz        v1, 4b
-     addiu      a2, a2, 4
-    addiu       sp, sp, 256
-
-    RESTORE_REGS_FROM_STACK 32, s0, s1, s2, s3, s4, s5, s6, s7
-
-    j           ra
-     nop
-
-END(jsimd_idct_islow_dspr2)
-
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_idct_ifast_cols_dspr2)
-/*
- * a0 = inptr
- * a1 = quantptr
- * a2 = wsptr
- * a3 = mips_idct_ifast_coefs
- */
-    SAVE_REGS_ON_STACK 32, s0, s1, s2, s3, s4, s5, s6, s7
-
-    addiu         t9, a0, 16      /* end address */
-    or            AT, a3, zero
-
-0:
-    lw            s0, 0(a1)       /* quantptr[DCTSIZE*0] */
-    lw            t0, 0(a0)       /* inptr[DCTSIZE*0] */
-    lw            t1, 16(a0)      /* inptr[DCTSIZE*1] */
-    muleq_s.w.phl v0, t0, s0      /* tmp0 ... */
-    lw            t2, 32(a0)      /* inptr[DCTSIZE*2] */
-    lw            t3, 48(a0)      /* inptr[DCTSIZE*3] */
-    lw            t4, 64(a0)      /* inptr[DCTSIZE*4] */
-    lw            t5, 80(a0)      /* inptr[DCTSIZE*5] */
-    muleq_s.w.phr t0, t0, s0      /* ... tmp0 ... */
-    lw            t6, 96(a0)      /* inptr[DCTSIZE*6] */
-    lw            t7, 112(a0)     /* inptr[DCTSIZE*7] */
-    or            s4, t1, t2
-    or            s5, t3, t4
-    bnez          s4, 1f
-     ins          t0, v0, 16, 16  /* ... tmp0 */
-    bnez          s5, 1f
-     or           s6, t5, t6
-    or            s6, s6, t7
-    bnez          s6, 1f
-     sw           t0, 0(a2)       /* wsptr[DCTSIZE*0] */
-    sw            t0, 16(a2)      /* wsptr[DCTSIZE*1] */
-    sw            t0, 32(a2)      /* wsptr[DCTSIZE*2] */
-    sw            t0, 48(a2)      /* wsptr[DCTSIZE*3] */
-    sw            t0, 64(a2)      /* wsptr[DCTSIZE*4] */
-    sw            t0, 80(a2)      /* wsptr[DCTSIZE*5] */
-    sw            t0, 96(a2)      /* wsptr[DCTSIZE*6] */
-    sw            t0, 112(a2)     /* wsptr[DCTSIZE*7] */
-    addiu         a0, a0, 4
-    b             2f
-     addiu        a1, a1, 4
-
-1:
-    lw            s1, 32(a1)      /* quantptr[DCTSIZE*2] */
-    lw            s2, 64(a1)      /* quantptr[DCTSIZE*4] */
-    muleq_s.w.phl v0, t2, s1      /* tmp1 ... */
-    muleq_s.w.phr t2, t2, s1      /* ... tmp1 ... */
-    lw            s0, 16(a1)      /* quantptr[DCTSIZE*1] */
-    lw            s1, 48(a1)      /* quantptr[DCTSIZE*3] */
-    lw            s3, 96(a1)      /* quantptr[DCTSIZE*6] */
-    muleq_s.w.phl v1, t4, s2      /* tmp2 ... */
-    muleq_s.w.phr t4, t4, s2      /* ... tmp2 ... */
-    lw            s2, 80(a1)      /* quantptr[DCTSIZE*5] */
-    lw            t8, 4(AT)       /* FIX(1.414213562) */
-    ins           t2, v0, 16, 16  /* ... tmp1 */
-    muleq_s.w.phl v0, t6, s3      /* tmp3 ... */
-    muleq_s.w.phr t6, t6, s3      /* ... tmp3 ... */
-    ins           t4, v1, 16, 16  /* ... tmp2 */
-    addq.ph       s4, t0, t4      /* tmp10 */
-    subq.ph       s5, t0, t4      /* tmp11 */
-    ins           t6, v0, 16, 16  /* ... tmp3 */
-    subq.ph       s6, t2, t6      /* tmp12 ... */
-    addq.ph       s7, t2, t6      /* tmp13 */
-    mulq_s.ph     s6, s6, t8      /* ... tmp12 ... */
-    addq.ph       t0, s4, s7      /* tmp0 */
-    subq.ph       t6, s4, s7      /* tmp3 */
-    muleq_s.w.phl v0, t1, s0      /* tmp4 ... */
-    muleq_s.w.phr t1, t1, s0      /* ... tmp4 ... */
-    shll_s.ph     s6, s6, 1       /* x2 */
-    lw            s3, 112(a1)     /* quantptr[DCTSIZE*7] */
-    subq.ph       s6, s6, s7      /* ... tmp12 */
-    muleq_s.w.phl v1, t7, s3      /* tmp7 ... */
-    muleq_s.w.phr t7, t7, s3      /* ... tmp7 ... */
-    ins           t1, v0, 16, 16  /* ... tmp4 */
-    addq.ph       t2, s5, s6      /* tmp1 */
-    subq.ph       t4, s5, s6      /* tmp2 */
-    muleq_s.w.phl v0, t5, s2      /* tmp6 ... */
-    muleq_s.w.phr t5, t5, s2      /* ... tmp6 ... */
-    ins           t7, v1, 16, 16  /* ... tmp7 */
-    addq.ph       s5, t1, t7      /* z11 */
-    subq.ph       s6, t1, t7      /* z12 */
-    muleq_s.w.phl v1, t3, s1      /* tmp5 ... */
-    muleq_s.w.phr t3, t3, s1      /* ... tmp5 ... */
-    ins           t5, v0, 16, 16  /* ... tmp6 */
-    ins           t3, v1, 16, 16  /* ... tmp5 */
-    addq.ph       s7, t5, t3      /* z13 */
-    subq.ph       v0, t5, t3      /* z10 */
-    addq.ph       t7, s5, s7      /* tmp7 */
-    subq.ph       s5, s5, s7      /* tmp11 ... */
-    addq.ph       v1, v0, s6      /* z5 ... */
-    mulq_s.ph     s5, s5, t8      /* ... tmp11 */
-    lw            t8, 8(AT)       /* FIX(1.847759065) */
-    lw            s4, 0(AT)       /* FIX(1.082392200) */
-    addq.ph       s0, t0, t7
-    subq.ph       s1, t0, t7
-    mulq_s.ph     v1, v1, t8      /* ... z5 */
-    shll_s.ph     s5, s5, 1       /* x2 */
-    lw            t8, 12(AT)      /* FIX(-2.613125930) */
-    sw            s0, 0(a2)       /* wsptr[DCTSIZE*0] */
-    shll_s.ph     v0, v0, 1       /* x4 */
-    mulq_s.ph     v0, v0, t8      /* tmp12 ... */
-    mulq_s.ph     s4, s6, s4      /* tmp10 ... */
-    shll_s.ph     v1, v1, 1       /* x2 */
-    addiu         a0, a0, 4
-    addiu         a1, a1, 4
-    sw            s1, 112(a2)     /* wsptr[DCTSIZE*7] */
-    shll_s.ph     s6, v0, 1       /* x4 */
-    shll_s.ph     s4, s4, 1       /* x2 */
-    addq.ph       s6, s6, v1      /* ... tmp12 */
-    subq.ph       t5, s6, t7      /* tmp6 */
-    subq.ph       s4, s4, v1      /* ... tmp10 */
-    subq.ph       t3, s5, t5      /* tmp5 */
-    addq.ph       s2, t2, t5
-    addq.ph       t1, s4, t3      /* tmp4 */
-    subq.ph       s3, t2, t5
-    sw            s2, 16(a2)      /* wsptr[DCTSIZE*1] */
-    sw            s3, 96(a2)      /* wsptr[DCTSIZE*6] */
-    addq.ph       v0, t4, t3
-    subq.ph       v1, t4, t3
-    sw            v0, 32(a2)      /* wsptr[DCTSIZE*2] */
-    sw            v1, 80(a2)      /* wsptr[DCTSIZE*5] */
-    addq.ph       v0, t6, t1
-    subq.ph       v1, t6, t1
-    sw            v0, 64(a2)      /* wsptr[DCTSIZE*4] */
-    sw            v1, 48(a2)      /* wsptr[DCTSIZE*3] */
-
-2:
-    bne           a0, t9, 0b
-     addiu        a2, a2, 4
-
-    RESTORE_REGS_FROM_STACK 32, s0, s1, s2, s3, s4, s5, s6, s7
-
-    j             ra
-     nop
-
-END(jsimd_idct_ifast_cols_dspr2)
-
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_idct_ifast_rows_dspr2)
-/*
- * a0 = wsptr
- * a1 = output_buf
- * a2 = output_col
- * a3 = mips_idct_ifast_coefs
- */
-    SAVE_REGS_ON_STACK 40, s0, s1, s2, s3, s4, s5, s6, s7, s8, a3
-
-    addiu         t9, a0, 128     /* end address */
-    lui           s8, 0x8080
-    ori           s8, s8, 0x8080
-
-0:
-    lw            AT, 36(sp)      /* restore $a3 (mips_idct_ifast_coefs) */
-    lw            t0, 0(a0)       /* wsptr[DCTSIZE*0+0/1]  b a */
-    lw            s0, 16(a0)      /* wsptr[DCTSIZE*1+0/1]  B A */
-    lw            t2, 4(a0)       /* wsptr[DCTSIZE*0+2/3]  d c */
-    lw            s2, 20(a0)      /* wsptr[DCTSIZE*1+2/3]  D C */
-    lw            t4, 8(a0)       /* wsptr[DCTSIZE*0+4/5]  f e */
-    lw            s4, 24(a0)      /* wsptr[DCTSIZE*1+4/5]  F E */
-    lw            t6, 12(a0)      /* wsptr[DCTSIZE*0+6/7]  h g */
-    lw            s6, 28(a0)      /* wsptr[DCTSIZE*1+6/7]  H G */
-    precrq.ph.w   t1, s0, t0      /* B b */
-    ins           t0, s0, 16, 16  /* A a */
-    bnez          t1, 1f
-     or           s0, t2, s2
-    bnez          s0, 1f
-     or           s0, t4, s4
-    bnez          s0, 1f
-     or           s0, t6, s6
-    bnez          s0, 1f
-     shll_s.ph    s0, t0, 2       /* A a */
-    lw            a3, 0(a1)
-    lw            AT, 4(a1)
-    precrq.ph.w   t0, s0, s0      /* A A */
-    ins           s0, s0, 16, 16  /* a a */
-    addu          a3, a3, a2
-    addu          AT, AT, a2
-    precrq.qb.ph  t0, t0, t0      /* A A A A */
-    precrq.qb.ph  s0, s0, s0      /* a a a a */
-    addu.qb       s0, s0, s8
-    addu.qb       t0, t0, s8
-    sw            s0, 0(a3)
-    sw            s0, 4(a3)
-    sw            t0, 0(AT)
-    sw            t0, 4(AT)
-    addiu         a0, a0, 32
-    bne           a0, t9, 0b
-     addiu        a1, a1, 8
-    b             2f
-     nop
-
-1:
-    precrq.ph.w   t3, s2, t2
-    ins           t2, s2, 16, 16
-    precrq.ph.w   t5, s4, t4
-    ins           t4, s4, 16, 16
-    precrq.ph.w   t7, s6, t6
-    ins           t6, s6, 16, 16
-    lw            t8, 4(AT)       /* FIX(1.414213562) */
-    addq.ph       s4, t0, t4      /* tmp10 */
-    subq.ph       s5, t0, t4      /* tmp11 */
-    subq.ph       s6, t2, t6      /* tmp12 ... */
-    addq.ph       s7, t2, t6      /* tmp13 */
-    mulq_s.ph     s6, s6, t8      /* ... tmp12 ... */
-    addq.ph       t0, s4, s7      /* tmp0 */
-    subq.ph       t6, s4, s7      /* tmp3 */
-    shll_s.ph     s6, s6, 1       /* x2 */
-    subq.ph       s6, s6, s7      /* ... tmp12 */
-    addq.ph       t2, s5, s6      /* tmp1 */
-    subq.ph       t4, s5, s6      /* tmp2 */
-    addq.ph       s5, t1, t7      /* z11 */
-    subq.ph       s6, t1, t7      /* z12 */
-    addq.ph       s7, t5, t3      /* z13 */
-    subq.ph       v0, t5, t3      /* z10 */
-    addq.ph       t7, s5, s7      /* tmp7 */
-    subq.ph       s5, s5, s7      /* tmp11 ... */
-    addq.ph       v1, v0, s6      /* z5 ... */
-    mulq_s.ph     s5, s5, t8      /* ... tmp11 */
-    lw            t8, 8(AT)       /* FIX(1.847759065) */
-    lw            s4, 0(AT)       /* FIX(1.082392200) */
-    addq.ph       s0, t0, t7      /* tmp0 + tmp7 */
-    subq.ph       s7, t0, t7      /* tmp0 - tmp7 */
-    mulq_s.ph     v1, v1, t8      /* ... z5 */
-    lw            a3, 0(a1)
-    lw            t8, 12(AT)      /* FIX(-2.613125930) */
-    shll_s.ph     s5, s5, 1       /* x2 */
-    addu          a3, a3, a2
-    shll_s.ph     v0, v0, 1       /* x4 */
-    mulq_s.ph     v0, v0, t8      /* tmp12 ... */
-    mulq_s.ph     s4, s6, s4      /* tmp10 ... */
-    shll_s.ph     v1, v1, 1       /* x2 */
-    addiu         a0, a0, 32
-    addiu         a1, a1, 8
-    shll_s.ph     s6, v0, 1       /* x4 */
-    shll_s.ph     s4, s4, 1       /* x2 */
-    addq.ph       s6, s6, v1      /* ... tmp12 */
-    shll_s.ph     s0, s0, 2
-    subq.ph       t5, s6, t7      /* tmp6 */
-    subq.ph       s4, s4, v1      /* ... tmp10 */
-    subq.ph       t3, s5, t5      /* tmp5 */
-    shll_s.ph     s7, s7, 2
-    addq.ph       t1, s4, t3      /* tmp4 */
-    addq.ph       s1, t2, t5      /* tmp1 + tmp6 */
-    subq.ph       s6, t2, t5      /* tmp1 - tmp6 */
-    addq.ph       s2, t4, t3      /* tmp2 + tmp5 */
-    subq.ph       s5, t4, t3      /* tmp2 - tmp5 */
-    addq.ph       s4, t6, t1      /* tmp3 + tmp4 */
-    subq.ph       s3, t6, t1      /* tmp3 - tmp4 */
-    shll_s.ph     s1, s1, 2
-    shll_s.ph     s2, s2, 2
-    shll_s.ph     s3, s3, 2
-    shll_s.ph     s4, s4, 2
-    shll_s.ph     s5, s5, 2
-    shll_s.ph     s6, s6, 2
-    precrq.ph.w   t0, s1, s0      /* B A */
-    ins           s0, s1, 16, 16  /* b a */
-    precrq.ph.w   t2, s3, s2      /* D C */
-    ins           s2, s3, 16, 16  /* d c */
-    precrq.ph.w   t4, s5, s4      /* F E */
-    ins           s4, s5, 16, 16  /* f e */
-    precrq.ph.w   t6, s7, s6      /* H G */
-    ins           s6, s7, 16, 16  /* h g */
-    precrq.qb.ph  t0, t2, t0      /* D C B A */
-    precrq.qb.ph  s0, s2, s0      /* d c b a */
-    precrq.qb.ph  t4, t6, t4      /* H G F E */
-    precrq.qb.ph  s4, s6, s4      /* h g f e */
-    addu.qb       s0, s0, s8
-    addu.qb       s4, s4, s8
-    sw            s0, 0(a3)       /* outptr[0/1/2/3]       d c b a */
-    sw            s4, 4(a3)       /* outptr[4/5/6/7]       h g f e */
-    lw            a3, -4(a1)
-    addu.qb       t0, t0, s8
-    addu          a3, a3, a2
-    addu.qb       t4, t4, s8
-    sw            t0, 0(a3)       /* outptr[0/1/2/3]       D C B A */
-    bne           a0, t9, 0b
-     sw           t4, 4(a3)       /* outptr[4/5/6/7]       H G F E */
-
-2:
-
-    RESTORE_REGS_FROM_STACK 40, s0, s1, s2, s3, s4, s5, s6, s7, s8, a3
-
-    j             ra
-     nop
-
-END(jsimd_idct_ifast_rows_dspr2)
-
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_fdct_islow_dspr2)
-/*
- * a0 = data
- */
-    SAVE_REGS_ON_STACK 40, s0, s1, s2, s3, s4, s5, s6, s7, s8
-
-    lui         t0, 6437
-    ori         t0, 2260
-    lui         t1, 9633
-    ori         t1, 11363
-    lui         t2, 0xd39e
-    ori         t2, 0xe6dc
-    lui         t3, 0xf72d
-    ori         t3, 9633
-    lui         t4, 2261
-    ori         t4, 9633
-    lui         t5, 0xd39e
-    ori         t5, 6437
-    lui         t6, 9633
-    ori         t6, 0xd39d
-    lui         t7, 0xe6dc
-    ori         t7, 2260
-    lui         t8, 4433
-    ori         t8, 10703
-    lui         t9, 0xd630
-    ori         t9, 4433
-    li          s8, 8
-    move        a1, a0
-1:
-    lw          s0, 0(a1)       /* tmp0 = 1|0 */
-    lw          s1, 4(a1)       /* tmp1 = 3|2 */
-    lw          s2, 8(a1)       /* tmp2 = 5|4 */
-    lw          s3, 12(a1)      /* tmp3 = 7|6 */
-    packrl.ph   s1, s1, s1      /* tmp1 = 2|3 */
-    packrl.ph   s3, s3, s3      /* tmp3 = 6|7 */
-    subq.ph     s7, s1, s2      /* tmp7 = 2-5|3-4 = t5|t4 */
-    subq.ph     s5, s0, s3      /* tmp5 = 1-6|0-7 = t6|t7 */
-    mult        $0, $0          /* ac0  = 0 */
-    dpa.w.ph    $ac0, s7, t0    /* ac0 += t5*  6437 + t4*  2260 */
-    dpa.w.ph    $ac0, s5, t1    /* ac0 += t6*  9633 + t7* 11363 */
-    mult        $ac1, $0, $0    /* ac1  = 0 */
-    dpa.w.ph    $ac1, s7, t2    /* ac1 += t5*-11362 + t4* -6436 */
-    dpa.w.ph    $ac1, s5, t3    /* ac1 += t6* -2259 + t7*  9633 */
-    mult        $ac2, $0, $0    /* ac2  = 0 */
-    dpa.w.ph    $ac2, s7, t4    /* ac2 += t5*  2261 + t4*  9633 */
-    dpa.w.ph    $ac2, s5, t5    /* ac2 += t6*-11362 + t7*  6437 */
-    mult        $ac3, $0, $0    /* ac3  = 0 */
-    dpa.w.ph    $ac3, s7, t6    /* ac3 += t5*  9633 + t4*-11363 */
-    dpa.w.ph    $ac3, s5, t7    /* ac3 += t6* -6436 + t7*  2260 */
-    addq.ph     s6, s1, s2      /* tmp6 = 2+5|3+4 = t2|t3 */
-    addq.ph     s4, s0, s3      /* tmp4 = 1+6|0+7 = t1|t0 */
-    extr_r.w    s0, $ac0, 11    /* tmp0 = (ac0 + 1024) >> 11 */
-    extr_r.w    s1, $ac1, 11    /* tmp1 = (ac1 + 1024) >> 11 */
-    extr_r.w    s2, $ac2, 11    /* tmp2 = (ac2 + 1024) >> 11 */
-    extr_r.w    s3, $ac3, 11    /* tmp3 = (ac3 + 1024) >> 11 */
-    addq.ph     s5, s4, s6      /* tmp5 = t1+t2|t0+t3 = t11|t10 */
-    subq.ph     s7, s4, s6      /* tmp7 = t1-t2|t0-t3 = t12|t13 */
-    sh          s0, 2(a1)
-    sh          s1, 6(a1)
-    sh          s2, 10(a1)
-    sh          s3, 14(a1)
-    mult        $0, $0          /* ac0  = 0 */
-    dpa.w.ph    $ac0, s7, t8    /* ac0 += t12*  4433 + t13* 10703 */
-    mult        $ac1, $0, $0    /* ac1  = 0 */
-    dpa.w.ph    $ac1, s7, t9    /* ac1 += t12*-10704 + t13*  4433 */
-    sra         s4, s5, 16      /* tmp4 = t11 */
-    addiu       a1, a1, 16
-    addiu       s8, s8, -1
-    extr_r.w    s0, $ac0, 11    /* tmp0 = (ac0 + 1024) >> 11 */
-    extr_r.w    s1, $ac1, 11    /* tmp1 = (ac1 + 1024) >> 11 */
-    addu        s2, s5, s4      /* tmp2 = t10 + t11 */
-    subu        s3, s5, s4      /* tmp3 = t10 - t11 */
-    sll         s2, s2, 2       /* tmp2 = (t10 + t11) << 2 */
-    sll         s3, s3, 2       /* tmp3 = (t10 - t11) << 2 */
-    sh          s2, -16(a1)
-    sh          s3, -8(a1)
-    sh          s0, -12(a1)
-    bgtz        s8, 1b
-     sh         s1, -4(a1)
-    li          t0, 2260
-    li          t1, 11363
-    li          t2, 9633
-    li          t3, 6436
-    li          t4, 6437
-    li          t5, 2261
-    li          t6, 11362
-    li          t7, 2259
-    li          t8, 4433
-    li          t9, 10703
-    li          a1, 10704
-    li          s8, 8
-
-2:
-    lh          a2, 0(a0)       /* 0 */
-    lh          a3, 16(a0)      /* 8 */
-    lh          v0, 32(a0)      /* 16 */
-    lh          v1, 48(a0)      /* 24 */
-    lh          s4, 64(a0)      /* 32 */
-    lh          s5, 80(a0)      /* 40 */
-    lh          s6, 96(a0)      /* 48 */
-    lh          s7, 112(a0)     /* 56 */
-    addu        s2, v0, s5      /* tmp2 = 16 + 40 */
-    subu        s5, v0, s5      /* tmp5 = 16 - 40 */
-    addu        s3, v1, s4      /* tmp3 = 24 + 32 */
-    subu        s4, v1, s4      /* tmp4 = 24 - 32 */
-    addu        s0, a2, s7      /* tmp0 =  0 + 56 */
-    subu        s7, a2, s7      /* tmp7 =  0 - 56 */
-    addu        s1, a3, s6      /* tmp1 =  8 + 48 */
-    subu        s6, a3, s6      /* tmp6 =  8 - 48 */
-    addu        a2, s0, s3      /* tmp10 = tmp0 + tmp3 */
-    subu        v1, s0, s3      /* tmp13 = tmp0 - tmp3 */
-    addu        a3, s1, s2      /* tmp11 = tmp1 + tmp2 */
-    subu        v0, s1, s2      /* tmp12 = tmp1 - tmp2 */
-    mult        s7, t1          /* ac0  = tmp7 * c1 */
-    madd        s4, t0          /* ac0 += tmp4 * c0 */
-    madd        s5, t4          /* ac0 += tmp5 * c4 */
-    madd        s6, t2          /* ac0 += tmp6 * c2 */
-    mult        $ac1, s7, t2    /* ac1  = tmp7 * c2 */
-    msub        $ac1, s4, t3    /* ac1 -= tmp4 * c3 */
-    msub        $ac1, s5, t6    /* ac1 -= tmp5 * c6 */
-    msub        $ac1, s6, t7    /* ac1 -= tmp6 * c7 */
-    mult        $ac2, s7, t4    /* ac2  = tmp7 * c4 */
-    madd        $ac2, s4, t2    /* ac2 += tmp4 * c2 */
-    madd        $ac2, s5, t5    /* ac2 += tmp5 * c5 */
-    msub        $ac2, s6, t6    /* ac2 -= tmp6 * c6 */
-    mult        $ac3, s7, t0    /* ac3  = tmp7 * c0 */
-    msub        $ac3, s4, t1    /* ac3 -= tmp4 * c1 */
-    madd        $ac3, s5, t2    /* ac3 += tmp5 * c2 */
-    msub        $ac3, s6, t3    /* ac3 -= tmp6 * c3 */
-    extr_r.w    s0, $ac0, 15    /* tmp0 = (ac0 + 16384) >> 15 */
-    extr_r.w    s1, $ac1, 15    /* tmp1 = (ac1 + 16384) >> 15 */
-    extr_r.w    s2, $ac2, 15    /* tmp2 = (ac2 + 16384) >> 15 */
-    extr_r.w    s3, $ac3, 15    /* tmp3 = (ac3 + 16384) >> 15 */
-    addiu       s8, s8, -1
-    addu        s4, a2, a3      /* tmp4 = tmp10 + tmp11 */
-    subu        s5, a2, a3      /* tmp5 = tmp10 - tmp11 */
-    sh          s0, 16(a0)
-    sh          s1, 48(a0)
-    sh          s2, 80(a0)
-    sh          s3, 112(a0)
-    mult        v0, t8          /* ac0  = tmp12 * c8 */
-    madd        v1, t9          /* ac0 += tmp13 * c9 */
-    mult        $ac1, v1, t8    /* ac1  = tmp13 * c8 */
-    msub        $ac1, v0, a1    /* ac1 -= tmp12 * c10 */
-    addiu       a0, a0, 2
-    extr_r.w    s6, $ac0, 15    /* tmp6 = (ac0 + 16384) >> 15 */
-    extr_r.w    s7, $ac1, 15    /* tmp7 = (ac1 + 16384) >> 15 */
-    shra_r.w    s4, s4, 2       /* tmp4 = (tmp4 + 2) >> 2 */
-    shra_r.w    s5, s5, 2       /* tmp5 = (tmp5 + 2) >> 2 */
-    sh          s4, -2(a0)
-    sh          s5, 62(a0)
-    sh          s6, 30(a0)
-    bgtz        s8, 2b
-     sh         s7, 94(a0)
-
-    RESTORE_REGS_FROM_STACK 40, s0, s1, s2, s3, s4, s5, s6, s7, s8
-
-    jr          ra
-     nop
-
-END(jsimd_fdct_islow_dspr2)
-
-
-/**************************************************************************/
-LEAF_DSPR2(jsimd_fdct_ifast_dspr2)
-/*
- * a0 = data
- */
-    .set at
-
-    SAVE_REGS_ON_STACK 8, s0, s1
-
-    li          a1, 0x014e014e  /* FIX_1_306562965 (334 << 16) |
-                                                   (334 & 0xffff) */
-    li          a2, 0x008b008b  /* FIX_0_541196100 (139 << 16) |
-                                                   (139 & 0xffff) */
-    li          a3, 0x00620062  /* FIX_0_382683433 (98 << 16) |
-                                                   (98 & 0xffff) */
-    li          s1, 0x00b500b5  /* FIX_0_707106781 (181 << 16) |
-                                                   (181 & 0xffff) */
-
-    move        v0, a0
-    addiu       v1, v0, 128     /* end address */
-
-0:
-    lw          t0, 0(v0)       /* tmp0 = 1|0 */
-    lw          t1, 4(v0)       /* tmp1 = 3|2 */
-    lw          t2, 8(v0)       /* tmp2 = 5|4 */
-    lw          t3, 12(v0)      /* tmp3 = 7|6 */
-    packrl.ph   t1, t1, t1      /* tmp1 = 2|3 */
-    packrl.ph   t3, t3, t3      /* tmp3 = 6|7 */
-    subq.ph     t7, t1, t2      /* tmp7 = 2-5|3-4 = t5|t4 */
-    subq.ph     t5, t0, t3      /* tmp5 = 1-6|0-7 = t6|t7 */
-    addq.ph     t6, t1, t2      /* tmp6 = 2+5|3+4 = t2|t3 */
-    addq.ph     t4, t0, t3      /* tmp4 = 1+6|0+7 = t1|t0 */
-    addq.ph     t8, t4, t6      /* tmp5 = t1+t2|t0+t3 = t11|t10 */
-    subq.ph     t9, t4, t6      /* tmp7 = t1-t2|t0-t3 = t12|t13 */
-    sra         t4, t8, 16      /* tmp4 = t11 */
-    mult        $0, $0          /* ac0  = 0 */
-    dpa.w.ph    $ac0, t9, s1
-    mult        $ac1, $0, $0    /* ac1  = 0 */
-    dpa.w.ph    $ac1, t7, a3    /* ac1 += t4*98 + t5*98 */
-    dpsx.w.ph   $ac1, t5, a3    /* ac1 += t6*98 + t7*98 */
-    mult        $ac2, $0, $0    /* ac2  = 0 */
-    dpa.w.ph    $ac2, t7, a2    /* ac2 += t4*139 + t5*139 */
-    mult        $ac3, $0, $0    /* ac3  = 0 */
-    dpa.w.ph    $ac3, t5, a1    /* ac3 += t6*334 + t7*334 */
-    precrq.ph.w t0, t5, t7      /* t0 = t5|t6 */
-    addq.ph     t2, t8, t4      /* tmp2 = t10 + t11 */
-    subq.ph     t3, t8, t4      /* tmp3 = t10 - t11 */
-    extr.w      t4, $ac0, 8
-    mult        $0, $0          /* ac0  = 0 */
-    dpa.w.ph    $ac0, t0, s1    /* ac0 += t5*181 + t6*181 */
-    extr.w      t0, $ac1, 8     /* t0 = z5 */
-    extr.w      t1, $ac2, 8     /* t1 = MULTIPLY(tmp10, 139) */
-    extr.w      t7, $ac3, 8     /* t2 = MULTIPLY(tmp12, 334) */
-    extr.w      t8, $ac0, 8     /* t8 = z3 = MULTIPLY(tmp11, 181) */
-    add         t6, t1, t0      /* t6 = z2 */
-    add         t7, t7, t0      /* t7 = z4 */
-    subq.ph     t0, t5, t8      /* t0 = z13 = tmp7 - z3 */
-    addq.ph     t8, t5, t8      /* t9 = z11 = tmp7 + z3 */
-    addq.ph     t1, t0, t6      /* t1 = z13 + z2 */
-    subq.ph     t6, t0, t6      /* t6 = z13 - z2 */
-    addq.ph     t0, t8, t7      /* t0 = z11 + z4 */
-    subq.ph     t7, t8, t7      /* t7 = z11 - z4 */
-    addq.ph     t5, t4, t9
-    subq.ph     t4, t9, t4
-    sh          t2, 0(v0)
-    sh          t5, 4(v0)
-    sh          t3, 8(v0)
-    sh          t4, 12(v0)
-    sh          t1, 10(v0)
-    sh          t6, 6(v0)
-    sh          t0, 2(v0)
-    sh          t7, 14(v0)
-    addiu       v0, 16
-    bne         v1, v0, 0b
-     nop
-    move        v0, a0
-    addiu       v1, v0, 16
-
-1:
-    lh          t0, 0(v0)       /* 0 */
-    lh          t1, 16(v0)      /* 8 */
-    lh          t2, 32(v0)      /* 16 */
-    lh          t3, 48(v0)      /* 24 */
-    lh          t4, 64(v0)      /* 32 */
-    lh          t5, 80(v0)      /* 40 */
-    lh          t6, 96(v0)      /* 48 */
-    lh          t7, 112(v0)     /* 56 */
-    add         t8, t0, t7      /* t8 = tmp0 */
-    sub         t7, t0, t7      /* t7 = tmp7 */
-    add         t0, t1, t6      /* t0 = tmp1 */
-    sub         t1, t1, t6      /* t1 = tmp6 */
-    add         t6, t2, t5      /* t6 = tmp2 */
-    sub         t5, t2, t5      /* t5 = tmp5 */
-    add         t2, t3, t4      /* t2 = tmp3 */
-    sub         t3, t3, t4      /* t3 = tmp4 */
-    add         t4, t8, t2      /* t4 = tmp10 = tmp0 + tmp3 */
-    sub         t8, t8, t2      /* t8 = tmp13 = tmp0 - tmp3 */
-    sub         s0, t0, t6      /* s0 = tmp12 = tmp1 - tmp2 */
-    ins         t8, s0, 16, 16  /* t8 = tmp12|tmp13 */
-    add         t2, t0, t6      /* t2 = tmp11 = tmp1 + tmp2 */
-    mult        $0, $0          /* ac0  = 0 */
-    dpa.w.ph    $ac0, t8, s1    /* ac0 += t12*181 + t13*181 */
-    add         s0, t4, t2      /* t8 = tmp10+tmp11 */
-    sub         t4, t4, t2      /* t4 = tmp10-tmp11 */
-    sh          s0, 0(v0)
-    sh          t4, 64(v0)
-    extr.w      t2, $ac0, 8     /* z1 = MULTIPLY(tmp12+tmp13,
-                                                 FIX_0_707106781) */
-    addq.ph     t4, t8, t2      /* t9 = tmp13 + z1 */
-    subq.ph     t8, t8, t2      /* t2 = tmp13 - z1 */
-    sh          t4, 32(v0)
-    sh          t8, 96(v0)
-    add         t3, t3, t5      /* t3 = tmp10 = tmp4 + tmp5 */
-    add         t0, t5, t1      /* t0 = tmp11 = tmp5 + tmp6 */
-    add         t1, t1, t7      /* t1 = tmp12 = tmp6 + tmp7 */
-    andi        t4, a1, 0xffff
-    mul         s0, t1, t4
-    sra         s0, s0, 8       /* s0 = z4 =
-                                     MULTIPLY(tmp12, FIX_1_306562965) */
-    ins         t1, t3, 16, 16  /* t1 = tmp10|tmp12 */
-    mult        $0, $0          /* ac0  = 0 */
-    mulsa.w.ph  $ac0, t1, a3    /* ac0 += t10*98 - t12*98 */
-    extr.w      t8, $ac0, 8     /* z5 = MULTIPLY(tmp10-tmp12,
-                                                 FIX_0_382683433) */
-    add         t2, t7, t8      /* t2 = tmp7 + z5 */
-    sub         t7, t7, t8      /* t7 = tmp7 - z5 */
-    andi        t4, a2, 0xffff
-    mul         t8, t3, t4
-    sra         t8, t8, 8       /* t8 = z2 =
-                                     MULTIPLY(tmp10, FIX_0_541196100) */
-    andi        t4, s1, 0xffff
-    mul         t6, t0, t4
-    sra         t6, t6, 8       /* t6 = z3 =
-                                     MULTIPLY(tmp11, FIX_0_707106781) */
-    add         t0, t6, t8      /* t0 = z3 + z2 */
-    sub         t1, t6, t8      /* t1 = z3 - z2 */
-    add         t3, t6, s0      /* t3 = z3 + z4 */
-    sub         t4, t6, s0      /* t4 = z3 - z4 */
-    sub         t5, t2, t1      /* t5 = dataptr[5] */
-    sub         t6, t7, t0      /* t6 = dataptr[3] */
-    add         t3, t2, t3      /* t3 = dataptr[1] */
-    add         t4, t7, t4      /* t4 = dataptr[7] */
-    sh          t5, 80(v0)
-    sh          t6, 48(v0)
-    sh          t3, 16(v0)
-    sh          t4, 112(v0)
-    addiu       v0, 2
-    bne         v0, v1, 1b
-     nop
-
-    RESTORE_REGS_FROM_STACK 8, s0, s1
-
-    j           ra
-     nop
-END(jsimd_fdct_ifast_dspr2)
-
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_quantize_dspr2)
-/*
- * a0 = coef_block
- * a1 = divisors
- * a2 = workspace
- */
-    .set at
-
-    SAVE_REGS_ON_STACK 16, s0, s1, s2
-
-    addiu       v0, a2, 124     /* v0 = workspace_end */
-    lh          t0, 0(a2)
-    lh          t1, 0(a1)
-    lh          t2, 128(a1)
-    sra         t3, t0, 15
-    sll         t3, t3, 1
-    addiu       t3, t3, 1
-    mul         t0, t0, t3
-    lh          t4, 384(a1)
-    lh          t5, 130(a1)
-    lh          t6, 2(a2)
-    lh          t7, 2(a1)
-    lh          t8, 386(a1)
-
-1:
-    andi        t1, 0xffff
-    add         t9, t0, t2
-    andi        t9, 0xffff
-    mul         v1, t9, t1
-    sra         s0, t6, 15
-    sll         s0, s0, 1
-    addiu       s0, s0, 1
-    addiu       t9, t4, 16
-    srav        v1, v1, t9
-    mul         v1, v1, t3
-    mul         t6, t6, s0
-    andi        t7, 0xffff
-    addiu       a2, a2, 4
-    addiu       a1, a1, 4
-    add         s1, t6, t5
-    andi        s1, 0xffff
-    sh          v1, 0(a0)
-
-    mul         s2, s1, t7
-    addiu       s1, t8, 16
-    srav        s2, s2, s1
-    mul         s2, s2, s0
-    lh          t0, 0(a2)
-    lh          t1, 0(a1)
-    sra         t3, t0, 15
-    sll         t3, t3, 1
-    addiu       t3, t3, 1
-    mul         t0, t0, t3
-    lh          t2, 128(a1)
-    lh          t4, 384(a1)
-    lh          t5, 130(a1)
-    lh          t8, 386(a1)
-    lh          t6, 2(a2)
-    lh          t7, 2(a1)
-    sh          s2, 2(a0)
-    lh          t0, 0(a2)
-    sra         t3, t0, 15
-    sll         t3, t3, 1
-    addiu       t3, t3, 1
-    mul         t0, t0, t3
-    bne         a2, v0, 1b
-     addiu      a0, a0, 4
-
-    andi        t1, 0xffff
-    add         t9, t0, t2
-    andi        t9, 0xffff
-    mul         v1, t9, t1
-    sra         s0, t6, 15
-    sll         s0, s0, 1
-    addiu       s0, s0, 1
-    addiu       t9, t4, 16
-    srav        v1, v1, t9
-    mul         v1, v1, t3
-    mul         t6, t6, s0
-    andi        t7, 0xffff
-    sh          v1, 0(a0)
-    add         s1, t6, t5
-    andi        s1, 0xffff
-    mul         s2, s1, t7
-    addiu       s1, t8, 16
-    addiu       a2, a2, 4
-    addiu       a1, a1, 4
-    srav        s2, s2, s1
-    mul         s2, s2, s0
-    sh          s2, 2(a0)
-
-    RESTORE_REGS_FROM_STACK 16, s0, s1, s2
-
-    j           ra
-     nop
-
-END(jsimd_quantize_dspr2)
-
-
-#ifndef __mips_soft_float
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_quantize_float_dspr2)
-/*
- * a0 = coef_block
- * a1 = divisors
- * a2 = workspace
- */
-    .set at
-
-    li          t1, 0x46800100  /* integer representation 16384.5 */
-    mtc1        t1, f0
-    li          t0, 63
-0:
-    lwc1        f2, 0(a2)
-    lwc1        f10, 0(a1)
-    lwc1        f4, 4(a2)
-    lwc1        f12, 4(a1)
-    lwc1        f6, 8(a2)
-    lwc1        f14, 8(a1)
-    lwc1        f8, 12(a2)
-    lwc1        f16, 12(a1)
-    madd.s      f2, f0, f2, f10
-    madd.s      f4, f0, f4, f12
-    madd.s      f6, f0, f6, f14
-    madd.s      f8, f0, f8, f16
-    lwc1        f10, 16(a1)
-    lwc1        f12, 20(a1)
-    trunc.w.s   f2, f2
-    trunc.w.s   f4, f4
-    trunc.w.s   f6, f6
-    trunc.w.s   f8, f8
-    lwc1        f14, 24(a1)
-    lwc1        f16, 28(a1)
-    mfc1        t1, f2
-    mfc1        t2, f4
-    mfc1        t3, f6
-    mfc1        t4, f8
-    lwc1        f2, 16(a2)
-    lwc1        f4, 20(a2)
-    lwc1        f6, 24(a2)
-    lwc1        f8, 28(a2)
-    madd.s      f2, f0, f2, f10
-    madd.s      f4, f0, f4, f12
-    madd.s      f6, f0, f6, f14
-    madd.s      f8, f0, f8, f16
-    addiu       t1, t1, -16384
-    addiu       t2, t2, -16384
-    addiu       t3, t3, -16384
-    addiu       t4, t4, -16384
-    trunc.w.s   f2, f2
-    trunc.w.s   f4, f4
-    trunc.w.s   f6, f6
-    trunc.w.s   f8, f8
-    sh          t1, 0(a0)
-    sh          t2, 2(a0)
-    sh          t3, 4(a0)
-    sh          t4, 6(a0)
-    mfc1        t1, f2
-    mfc1        t2, f4
-    mfc1        t3, f6
-    mfc1        t4, f8
-    addiu       t0, t0, -8
-    addiu       a2, a2, 32
-    addiu       a1, a1, 32
-    addiu       t1, t1, -16384
-    addiu       t2, t2, -16384
-    addiu       t3, t3, -16384
-    addiu       t4, t4, -16384
-    sh          t1, 8(a0)
-    sh          t2, 10(a0)
-    sh          t3, 12(a0)
-    sh          t4, 14(a0)
-    bgez        t0, 0b
-     addiu      a0, a0, 16
-
-    j           ra
-     nop
-
-END(jsimd_quantize_float_dspr2)
-
-#endif
-
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_idct_2x2_dspr2)
-/*
- * a0 = compptr->dct_table
- * a1 = coef_block
- * a2 = output_buf
- * a3 = output_col
- */
-    .set at
-
-    SAVE_REGS_ON_STACK 24, s0, s1, s2, s3, s4, s5
-
-    addiu       sp, sp, -40
-    move        v0, sp
-    addiu       s2, zero, 29692
-    addiu       s3, zero, -10426
-    addiu       s4, zero, 6967
-    addiu       s5, zero, -5906
-    lh          t0, 0(a1)       /* t0 = inptr[DCTSIZE*0] */
-    lh          t5, 0(a0)       /* t5 = quantptr[DCTSIZE*0] */
-    lh          t1, 48(a1)      /* t1 = inptr[DCTSIZE*3] */
-    lh          t6, 48(a0)      /* t6 = quantptr[DCTSIZE*3] */
-    mul         t4, t5, t0
-    lh          t0, 16(a1)      /* t0 = inptr[DCTSIZE*1] */
-    lh          t5, 16(a0)      /* t5 = quantptr[DCTSIZE*1] */
-    mul         t6, t6, t1
-    mul         t5, t5, t0
-    lh          t2, 80(a1)      /* t2 = inptr[DCTSIZE*5] */
-    lh          t7, 80(a0)      /* t7 = quantptr[DCTSIZE*5] */
-    lh          t3, 112(a1)     /* t3 = inptr[DCTSIZE*7] */
-    lh          t8, 112(a0)     /* t8 = quantptr[DCTSIZE*7] */
-    mul         t7, t7, t2
-    mult        zero, zero
-    mul         t8, t8, t3
-    li          s0, 0x73FCD746  /* s0 = (29692 << 16) | (-10426 & 0xffff) */
-    li          s1, 0x1B37E8EE  /* s1 = (6967 << 16) | (-5906 & 0xffff) */
-    ins         t6, t5, 16, 16  /* t6 = t5|t6 */
-    sll         t4, t4, 15
-    dpa.w.ph    $ac0, t6, s0
-    lh          t1, 2(a1)
-    lh          t6, 2(a0)
-    ins         t8, t7, 16, 16  /* t8 = t7|t8 */
-    dpa.w.ph    $ac0, t8, s1
-    mflo        t0, $ac0
-    mul         t5, t6, t1
-    lh          t1, 18(a1)
-    lh          t6, 18(a0)
-    lh          t2, 50(a1)
-    lh          t7, 50(a0)
-    mul         t6, t6, t1
-    subu        t8, t4, t0
-    mul         t7, t7, t2
-    addu        t0, t4, t0
-    shra_r.w    t0, t0, 13
-    lh          t1, 82(a1)
-    lh          t2, 82(a0)
-    lh          t3, 114(a1)
-    lh          t4, 114(a0)
-    shra_r.w    t8, t8, 13
-    mul         t1, t1, t2
-    mul         t3, t3, t4
-    sw          t0, 0(v0)
-    sw          t8, 20(v0)
-    sll         t4, t5, 15
-    ins         t7, t6, 16, 16
-    mult        zero, zero
-    dpa.w.ph    $ac0, t7, s0
-    ins         t3, t1, 16, 16
-    lh          t1, 6(a1)
-    lh          t6, 6(a0)
-    dpa.w.ph    $ac0, t3, s1
-    mflo        t0, $ac0
-    mul         t5, t6, t1
-    lh          t1, 22(a1)
-    lh          t6, 22(a0)
-    lh          t2, 54(a1)
-    lh          t7, 54(a0)
-    mul         t6, t6, t1
-    subu        t8, t4, t0
-    mul         t7, t7, t2
-    addu        t0, t4, t0
-    shra_r.w    t0, t0, 13
-    lh          t1, 86(a1)
-    lh          t2, 86(a0)
-    lh          t3, 118(a1)
-    lh          t4, 118(a0)
-    shra_r.w    t8, t8, 13
-    mul         t1, t1, t2
-    mul         t3, t3, t4
-    sw          t0, 4(v0)
-    sw          t8, 24(v0)
-    sll         t4, t5, 15
-    ins         t7, t6, 16, 16
-    mult        zero, zero
-    dpa.w.ph    $ac0, t7, s0
-    ins         t3, t1, 16, 16
-    lh          t1, 10(a1)
-    lh          t6, 10(a0)
-    dpa.w.ph    $ac0, t3, s1
-    mflo        t0, $ac0
-    mul         t5, t6, t1
-    lh          t1, 26(a1)
-    lh          t6, 26(a0)
-    lh          t2, 58(a1)
-    lh          t7, 58(a0)
-    mul         t6, t6, t1
-    subu        t8, t4, t0
-    mul         t7, t7, t2
-    addu        t0, t4, t0
-    shra_r.w    t0, t0, 13
-    lh          t1, 90(a1)
-    lh          t2, 90(a0)
-    lh          t3, 122(a1)
-    lh          t4, 122(a0)
-    shra_r.w    t8, t8, 13
-    mul         t1, t1, t2
-    mul         t3, t3, t4
-    sw          t0, 8(v0)
-    sw          t8, 28(v0)
-    sll         t4, t5, 15
-    ins         t7, t6, 16, 16
-    mult        zero, zero
-    dpa.w.ph    $ac0, t7, s0
-    ins         t3, t1, 16, 16
-    lh          t1, 14(a1)
-    lh          t6, 14(a0)
-    dpa.w.ph    $ac0, t3, s1
-    mflo        t0, $ac0
-    mul         t5, t6, t1
-    lh          t1, 30(a1)
-    lh          t6, 30(a0)
-    lh          t2, 62(a1)
-    lh          t7, 62(a0)
-    mul         t6, t6, t1
-    subu        t8, t4, t0
-    mul         t7, t7, t2
-    addu        t0, t4, t0
-    shra_r.w    t0, t0, 13
-    lh          t1, 94(a1)
-    lh          t2, 94(a0)
-    lh          t3, 126(a1)
-    lh          t4, 126(a0)
-    shra_r.w    t8, t8, 13
-    mul         t1, t1, t2
-    mul         t3, t3, t4
-    sw          t0, 12(v0)
-    sw          t8, 32(v0)
-    sll         t4, t5, 15
-    ins         t7, t6, 16, 16
-    mult        zero, zero
-    dpa.w.ph    $ac0, t7, s0
-    ins         t3, t1, 16, 16
-    dpa.w.ph    $ac0, t3, s1
-    mflo        t0, $ac0
-    lw          t9, 0(a2)
-    lw          t3, 0(v0)
-    lw          t7, 4(v0)
-    lw          t1, 8(v0)
-    addu        t9, t9, a3
-    sll         t3, t3, 15
-    subu        t8, t4, t0
-    addu        t0, t4, t0
-    shra_r.w    t0, t0, 13
-    shra_r.w    t8, t8, 13
-    sw          t0, 16(v0)
-    sw          t8, 36(v0)
-    lw          t5, 12(v0)
-    lw          t6, 16(v0)
-    mult        t7, s2
-    madd        t1, s3
-    madd        t5, s4
-    madd        t6, s5
-    lw          t5, 24(v0)
-    lw          t7, 28(v0)
-    mflo        t0, $ac0
-    lw          t8, 32(v0)
-    lw          t2, 36(v0)
-    mult        $ac1, t5, s2
-    madd        $ac1, t7, s3
-    madd        $ac1, t8, s4
-    madd        $ac1, t2, s5
-    addu        t1, t3, t0
-    subu        t6, t3, t0
-    shra_r.w    t1, t1, 20
-    shra_r.w    t6, t6, 20
-    mflo        t4, $ac1
-    shll_s.w    t1, t1, 24
-    shll_s.w    t6, t6, 24
-    sra         t1, t1, 24
-    sra         t6, t6, 24
-    addiu       t1, t1, 128
-    addiu       t6, t6, 128
-    lw          t0, 20(v0)
-    sb          t1, 0(t9)
-    sb          t6, 1(t9)
-    sll         t0, t0, 15
-    lw          t9, 4(a2)
-    addu        t1, t0, t4
-    subu        t6, t0, t4
-    addu        t9, t9, a3
-    shra_r.w    t1, t1, 20
-    shra_r.w    t6, t6, 20
-    shll_s.w    t1, t1, 24
-    shll_s.w    t6, t6, 24
-    sra         t1, t1, 24
-    sra         t6, t6, 24
-    addiu       t1, t1, 128
-    addiu       t6, t6, 128
-    sb          t1, 0(t9)
-    sb          t6, 1(t9)
-    addiu       sp, sp, 40
-
-    RESTORE_REGS_FROM_STACK 24, s0, s1, s2, s3, s4, s5
-
-    j           ra
-     nop
-
-END(jsimd_idct_2x2_dspr2)
-
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_idct_4x4_dspr2)
-/*
- * a0     = compptr->dct_table
- * a1     = coef_block
- * a2     = output_buf
- * a3     = output_col
- * 16(sp) = workspace[DCTSIZE*4]  (buffers data between passes)
- */
-    .set at
-
-    SAVE_REGS_ON_STACK 32, s0, s1, s2, s3, s4, s5, s6, s7
-
-    lw          v1, 48(sp)
-    move        t0, a1
-    move        t1, v1
-    li          t9, 4
-    li          s0, 0x2e75f93e
-    li          s1, 0x21f9ba79
-    li          s2, 0xecc2efb0
-    li          s3, 0x52031ccd
-
-0:
-    lh          s6, 32(t0)      /* inptr[DCTSIZE*2] */
-    lh          t6, 32(a0)      /* quantptr[DCTSIZE*2] */
-    lh          s7, 96(t0)      /* inptr[DCTSIZE*6] */
-    lh          t7, 96(a0)      /* quantptr[DCTSIZE*6] */
-    mul         t6, s6, t6      /* z2 = (inptr[DCTSIZE*2] *
-                                         quantptr[DCTSIZE*2]) */
-    lh          s4, 0(t0)       /* inptr[DCTSIZE*0] */
-    mul         t7, s7, t7      /* z3 = (inptr[DCTSIZE*6] *
-                                         quantptr[DCTSIZE*6]) */
-    lh          s5, 0(a0)       /* quantptr[0] */
-    li          s6, 15137
-    li          s7, 6270
-    mul         t2, s4, s5      /* tmp0 = (inptr[0] * quantptr[0]) */
-    mul         t6, s6, t6      /* z2 = (inptr[DCTSIZE*2] *
-                                         quantptr[DCTSIZE*2]) */
-    lh          t5, 112(t0)     /* inptr[DCTSIZE*7] */
-    mul         t7, s7, t7      /* z3 = (inptr[DCTSIZE*6] *
-                                         quantptr[DCTSIZE*6]) */
-    lh          s4, 112(a0)     /* quantptr[DCTSIZE*7] */
-    lh          v0, 80(t0)      /* inptr[DCTSIZE*5] */
-    lh          s5, 80(a0)      /* quantptr[DCTSIZE*5] */
-    lh          s6, 48(a0)      /* quantptr[DCTSIZE*3] */
-    sll         t2, t2, 14      /* tmp0 <<= (CONST_BITS+1) */
-    lh          s7, 16(a0)      /* quantptr[DCTSIZE*1] */
-    lh          t8, 16(t0)      /* inptr[DCTSIZE*1] */
-    subu        t6, t6, t7      /* tmp2 =
-                                     MULTIPLY(z2, t5) - MULTIPLY(z3, t6) */
-    lh          t7, 48(t0)      /* inptr[DCTSIZE*3] */
-    mul         t5, s4, t5      /* z1 = (inptr[DCTSIZE*7] *
-                                         quantptr[DCTSIZE*7]) */
-    mul         v0, s5, v0      /* z2 = (inptr[DCTSIZE*5] *
-                                         quantptr[DCTSIZE*5]) */
-    mul         t7, s6, t7      /* z3 = (inptr[DCTSIZE*3] *
-                                         quantptr[DCTSIZE*3]) */
-    mul         t8, s7, t8      /* z4 = (inptr[DCTSIZE*1] *
-                                         quantptr[DCTSIZE*1]) */
-    addu        t3, t2, t6      /* tmp10 = tmp0 + z2 */
-    subu        t4, t2, t6      /* tmp10 = tmp0 - z2 */
-    mult        $ac0, zero, zero
-    mult        $ac1, zero, zero
-    ins         t5, v0, 16, 16
-    ins         t7, t8, 16, 16
-    addiu       t9, t9, -1
-    dpa.w.ph    $ac0, t5, s0
-    dpa.w.ph    $ac0, t7, s1
-    dpa.w.ph    $ac1, t5, s2
-    dpa.w.ph    $ac1, t7, s3
-    mflo        s4, $ac0
-    mflo        s5, $ac1
-    addiu       a0, a0, 2
-    addiu       t1, t1, 4
-    addiu       t0, t0, 2
-    addu        t6, t4, s4
-    subu        t5, t4, s4
-    addu        s6, t3, s5
-    subu        s7, t3, s5
-    shra_r.w    t6, t6, 12      /* DESCALE(tmp12 + temp1, 12) */
-    shra_r.w    t5, t5, 12      /* DESCALE(tmp12 - temp1, 12) */
-    shra_r.w    s6, s6, 12      /* DESCALE(tmp10 + temp2, 12) */
-    shra_r.w    s7, s7, 12      /* DESCALE(tmp10 - temp2, 12) */
-    sw          t6, 28(t1)
-    sw          t5, 60(t1)
-    sw          s6, -4(t1)
-    bgtz        t9, 0b
-     sw         s7, 92(t1)
-    /* second loop three pass */
-    li          t9, 3
-1:
-    lh          s6, 34(t0)      /* inptr[DCTSIZE*2] */
-    lh          t6, 34(a0)      /* quantptr[DCTSIZE*2] */
-    lh          s7, 98(t0)      /* inptr[DCTSIZE*6] */
-    lh          t7, 98(a0)      /* quantptr[DCTSIZE*6] */
-    mul         t6, s6, t6      /* z2 = (inptr[DCTSIZE*2] *
-                                         quantptr[DCTSIZE*2]) */
-    lh          s4, 2(t0)       /* inptr[DCTSIZE*0] */
-    mul         t7, s7, t7      /* z3 = (inptr[DCTSIZE*6] *
-                                         quantptr[DCTSIZE*6]) */
-    lh          s5, 2(a0)       /* quantptr[DCTSIZE*0] */
-    li          s6, 15137
-    li          s7, 6270
-    mul         t2, s4, s5      /* tmp0 = (inptr[0] * quantptr[0]) */
-    mul         v0, s6, t6      /* z2 = (inptr[DCTSIZE*2] *
-                                         quantptr[DCTSIZE*2]) */
-    lh          t5, 114(t0)     /* inptr[DCTSIZE*7] */
-    mul         t7, s7, t7      /* z3 = (inptr[DCTSIZE*6] *
-                                         quantptr[DCTSIZE*6]) */
-    lh          s4, 114(a0)     /* quantptr[DCTSIZE*7] */
-    lh          s5, 82(a0)      /* quantptr[DCTSIZE*5] */
-    lh          t6, 82(t0)      /* inptr[DCTSIZE*5] */
-    sll         t2, t2, 14      /* tmp0 <<= (CONST_BITS+1) */
-    lh          s6, 50(a0)      /* quantptr[DCTSIZE*3] */
-    lh          t8, 18(t0)      /* inptr[DCTSIZE*1] */
-    subu        v0, v0, t7      /* tmp2 =
-                                     MULTIPLY(z2, t5) - MULTIPLY(z3, t6) */
-    lh          t7, 50(t0)      /* inptr[DCTSIZE*3] */
-    lh          s7, 18(a0)      /* quantptr[DCTSIZE*1] */
-    mul         t5, s4, t5      /* z1 = (inptr[DCTSIZE*7] *
-                                         quantptr[DCTSIZE*7]) */
-    mul         t6, s5, t6      /* z2 = (inptr[DCTSIZE*5] *
-                                         quantptr[DCTSIZE*5]) */
-    mul         t7, s6, t7      /* z3 = (inptr[DCTSIZE*3] *
-                                         quantptr[DCTSIZE*3]) */
-    mul         t8, s7, t8      /* z4 = (inptr[DCTSIZE*1] *
-                                         quantptr[DCTSIZE*1]) */
-    addu        t3, t2, v0      /* tmp10 = tmp0 + z2 */
-    subu        t4, t2, v0      /* tmp10 = tmp0 - z2 */
-    mult        $ac0, zero, zero
-    mult        $ac1, zero, zero
-    ins         t5, t6, 16, 16
-    ins         t7, t8, 16, 16
-    dpa.w.ph    $ac0, t5, s0
-    dpa.w.ph    $ac0, t7, s1
-    dpa.w.ph    $ac1, t5, s2
-    dpa.w.ph    $ac1, t7, s3
-    mflo        t5, $ac0
-    mflo        t6, $ac1
-    addiu       t9, t9, -1
-    addiu       t0, t0, 2
-    addiu       a0, a0, 2
-    addiu       t1, t1, 4
-    addu        s5, t4, t5
-    subu        s4, t4, t5
-    addu        s6, t3, t6
-    subu        s7, t3, t6
-    shra_r.w    s5, s5, 12      /* DESCALE(tmp12 + temp1, 12) */
-    shra_r.w    s4, s4, 12      /* DESCALE(tmp12 - temp1, 12) */
-    shra_r.w    s6, s6, 12      /* DESCALE(tmp10 + temp2, 12) */
-    shra_r.w    s7, s7, 12      /* DESCALE(tmp10 - temp2, 12) */
-    sw          s5, 32(t1)
-    sw          s4, 64(t1)
-    sw          s6, 0(t1)
-    bgtz        t9, 1b
-     sw         s7, 96(t1)
-    move        t1, v1
-    li          s4, 15137
-    lw          s6, 8(t1)       /* wsptr[2] */
-    li          s5, 6270
-    lw          s7, 24(t1)      /* wsptr[6] */
-    mul         s4, s4, s6      /* MULTIPLY((JLONG)wsptr[2],
-                                            FIX_1_847759065) */
-    lw          t2, 0(t1)       /* wsptr[0] */
-    mul         s5, s5, s7      /* MULTIPLY((JLONG)wsptr[6],
-                                            -FIX_0_765366865) */
-    lh          t5, 28(t1)      /* wsptr[7] */
-    lh          t6, 20(t1)      /* wsptr[5] */
-    lh          t7, 12(t1)      /* wsptr[3] */
-    lh          t8, 4(t1)       /* wsptr[1] */
-    ins         t5, t6, 16, 16
-    ins         t7, t8, 16, 16
-    mult        $ac0, zero, zero
-    dpa.w.ph    $ac0, t5, s0
-    dpa.w.ph    $ac0, t7, s1
-    mult        $ac1, zero, zero
-    dpa.w.ph    $ac1, t5, s2
-    dpa.w.ph    $ac1, t7, s3
-    sll         t2, t2, 14      /* tmp0 =
-                                     ((JLONG)wsptr[0]) << (CONST_BITS+1) */
-    mflo        s6, $ac0
-    /* MULTIPLY(wsptr[2], FIX_1_847759065) +
-       MULTIPLY(wsptr[6], -FIX_0_765366865) */
-    subu        s4, s4, s5
-    addu        t3, t2, s4      /* tmp10 = tmp0 + z2 */
-    mflo        s7, $ac1
-    subu        t4, t2, s4      /* tmp10 = tmp0 - z2 */
-    addu        t7, t4, s6
-    subu        t8, t4, s6
-    addu        t5, t3, s7
-    subu        t6, t3, s7
-    shra_r.w    t5, t5, 19      /* DESCALE(tmp10 + temp2, 19) */
-    shra_r.w    t6, t6, 19      /* DESCALE(tmp10 - temp2, 19) */
-    shra_r.w    t7, t7, 19      /* DESCALE(tmp12 + temp1, 19) */
-    shra_r.w    t8, t8, 19      /* DESCALE(tmp12 - temp1, 19) */
-    sll         s4, t9, 2
-    lw          v0, 0(a2)       /* output_buf[ctr] */
-    shll_s.w    t5, t5, 24
-    shll_s.w    t6, t6, 24
-    shll_s.w    t7, t7, 24
-    shll_s.w    t8, t8, 24
-    sra         t5, t5, 24
-    sra         t6, t6, 24
-    sra         t7, t7, 24
-    sra         t8, t8, 24
-    addu        v0, v0, a3      /* outptr = output_buf[ctr] + output_col */
-    addiu       t5, t5, 128
-    addiu       t6, t6, 128
-    addiu       t7, t7, 128
-    addiu       t8, t8, 128
-    sb          t5, 0(v0)
-    sb          t7, 1(v0)
-    sb          t8, 2(v0)
-    sb          t6, 3(v0)
-    /* 2 */
-    li          s4, 15137
-    lw          s6, 40(t1)      /* wsptr[2] */
-    li          s5, 6270
-    lw          s7, 56(t1)      /* wsptr[6] */
-    mul         s4, s4, s6      /* MULTIPLY((JLONG)wsptr[2],
-                                            FIX_1_847759065) */
-    lw          t2, 32(t1)      /* wsptr[0] */
-    mul         s5, s5, s7      /* MULTIPLY((JLONG)wsptr[6],
-                                            -FIX_0_765366865) */
-    lh          t5, 60(t1)      /* wsptr[7] */
-    lh          t6, 52(t1)      /* wsptr[5] */
-    lh          t7, 44(t1)      /* wsptr[3] */
-    lh          t8, 36(t1)      /* wsptr[1] */
-    ins         t5, t6, 16, 16
-    ins         t7, t8, 16, 16
-    mult        $ac0, zero, zero
-    dpa.w.ph    $ac0, t5, s0
-    dpa.w.ph    $ac0, t7, s1
-    mult        $ac1, zero, zero
-    dpa.w.ph    $ac1, t5, s2
-    dpa.w.ph    $ac1, t7, s3
-    sll         t2, t2, 14      /* tmp0 =
-                                     ((JLONG)wsptr[0]) << (CONST_BITS+1) */
-    mflo        s6, $ac0
-    /* MULTIPLY(wsptr[2], FIX_1_847759065) +
-       MULTIPLY(wsptr[6], -FIX_0_765366865) */
-    subu        s4, s4, s5
-    addu        t3, t2, s4      /* tmp10 = tmp0 + z2 */
-    mflo        s7, $ac1
-    subu        t4, t2, s4      /* tmp10 = tmp0 - z2 */
-    addu        t7, t4, s6
-    subu        t8, t4, s6
-    addu        t5, t3, s7
-    subu        t6, t3, s7
-    shra_r.w    t5, t5, 19      /* DESCALE(tmp10 + temp2,
-                                           CONST_BITS-PASS1_BITS+1) */
-    shra_r.w    t6, t6, 19      /* DESCALE(tmp10 - temp2,
-                                           CONST_BITS-PASS1_BITS+1) */
-    shra_r.w    t7, t7, 19      /* DESCALE(tmp12 + temp1,
-                                           CONST_BITS-PASS1_BITS+1) */
-    shra_r.w    t8, t8, 19      /* DESCALE(tmp12 - temp1,
-                                           CONST_BITS-PASS1_BITS+1) */
-    sll         s4, t9, 2
-    lw          v0, 4(a2)       /* output_buf[ctr] */
-    shll_s.w    t5, t5, 24
-    shll_s.w    t6, t6, 24
-    shll_s.w    t7, t7, 24
-    shll_s.w    t8, t8, 24
-    sra         t5, t5, 24
-    sra         t6, t6, 24
-    sra         t7, t7, 24
-    sra         t8, t8, 24
-    addu        v0, v0, a3      /* outptr = output_buf[ctr] + output_col */
-    addiu       t5, t5, 128
-    addiu       t6, t6, 128
-    addiu       t7, t7, 128
-    addiu       t8, t8, 128
-    sb          t5, 0(v0)
-    sb          t7, 1(v0)
-    sb          t8, 2(v0)
-    sb          t6, 3(v0)
-    /* 3 */
-    li          s4, 15137
-    lw          s6, 72(t1)      /* wsptr[2] */
-    li          s5, 6270
-    lw          s7, 88(t1)      /* wsptr[6] */
-    mul         s4, s4, s6      /* MULTIPLY((JLONG)wsptr[2],
-                                            FIX_1_847759065) */
-    lw          t2, 64(t1)      /* wsptr[0] */
-    mul         s5, s5, s7      /* MULTIPLY((JLONG)wsptr[6],
-                                            -FIX_0_765366865) */
-    lh          t5, 92(t1)      /* wsptr[7] */
-    lh          t6, 84(t1)      /* wsptr[5] */
-    lh          t7, 76(t1)      /* wsptr[3] */
-    lh          t8, 68(t1)      /* wsptr[1] */
-    ins         t5, t6, 16, 16
-    ins         t7, t8, 16, 16
-    mult        $ac0, zero, zero
-    dpa.w.ph    $ac0, t5, s0
-    dpa.w.ph    $ac0, t7, s1
-    mult        $ac1, zero, zero
-    dpa.w.ph    $ac1, t5, s2
-    dpa.w.ph    $ac1, t7, s3
-    sll         t2, t2, 14      /* tmp0 =
-                                     ((JLONG)wsptr[0]) << (CONST_BITS+1) */
-    mflo        s6, $ac0
-    /* MULTIPLY(wsptr[2], FIX_1_847759065) +
-       MULTIPLY(wsptr[6], -FIX_0_765366865) */
-    subu        s4, s4, s5
-    addu        t3, t2, s4      /* tmp10 = tmp0 + z2 */
-    mflo        s7, $ac1
-    subu        t4, t2, s4      /* tmp10 = tmp0 - z2 */
-    addu        t7, t4, s6
-    subu        t8, t4, s6
-    addu        t5, t3, s7
-    subu        t6, t3, s7
-    shra_r.w    t5, t5, 19      /* DESCALE(tmp10 + temp2, 19) */
-    shra_r.w    t6, t6, 19      /* DESCALE(tmp10 - temp2, 19) */
-    shra_r.w    t7, t7, 19      /* DESCALE(tmp12 + temp1, 19) */
-    shra_r.w    t8, t8, 19      /* DESCALE(tmp12 - temp1, 19) */
-    sll         s4, t9, 2
-    lw          v0, 8(a2)       /* output_buf[ctr] */
-    shll_s.w    t5, t5, 24
-    shll_s.w    t6, t6, 24
-    shll_s.w    t7, t7, 24
-    shll_s.w    t8, t8, 24
-    sra         t5, t5, 24
-    sra         t6, t6, 24
-    sra         t7, t7, 24
-    sra         t8, t8, 24
-    addu        v0, v0, a3      /* outptr = output_buf[ctr] + output_col */
-    addiu       t5, t5, 128
-    addiu       t6, t6, 128
-    addiu       t7, t7, 128
-    addiu       t8, t8, 128
-    sb          t5, 0(v0)
-    sb          t7, 1(v0)
-    sb          t8, 2(v0)
-    sb          t6, 3(v0)
-    li          s4, 15137
-    lw          s6, 104(t1)     /* wsptr[2] */
-    li          s5, 6270
-    lw          s7, 120(t1)     /* wsptr[6] */
-    mul         s4, s4, s6      /* MULTIPLY((JLONG)wsptr[2],
-                                            FIX_1_847759065) */
-    lw          t2, 96(t1)      /* wsptr[0] */
-    mul         s5, s5, s7      /* MULTIPLY((JLONG)wsptr[6],
-                                            -FIX_0_765366865) */
-    lh          t5, 124(t1)     /* wsptr[7] */
-    lh          t6, 116(t1)     /* wsptr[5] */
-    lh          t7, 108(t1)     /* wsptr[3] */
-    lh          t8, 100(t1)     /* wsptr[1] */
-    ins         t5, t6, 16, 16
-    ins         t7, t8, 16, 16
-    mult        $ac0, zero, zero
-    dpa.w.ph    $ac0, t5, s0
-    dpa.w.ph    $ac0, t7, s1
-    mult        $ac1, zero, zero
-    dpa.w.ph    $ac1, t5, s2
-    dpa.w.ph    $ac1, t7, s3
-    sll         t2, t2, 14      /* tmp0 =
-                                     ((JLONG)wsptr[0]) << (CONST_BITS+1) */
-    mflo        s6, $ac0
-    /* MULTIPLY(wsptr[2], FIX_1_847759065) +
-       MULTIPLY(wsptr[6], -FIX_0_765366865) */
-    subu        s4, s4, s5
-    addu        t3, t2, s4      /* tmp10 = tmp0 + z2; */
-    mflo        s7, $ac1
-    subu        t4, t2, s4      /* tmp10 = tmp0 - z2; */
-    addu        t7, t4, s6
-    subu        t8, t4, s6
-    addu        t5, t3, s7
-    subu        t6, t3, s7
-    shra_r.w    t5, t5, 19      /* DESCALE(tmp10 + temp2, 19) */
-    shra_r.w    t6, t6, 19      /* DESCALE(tmp10 - temp2, 19) */
-    shra_r.w    t7, t7, 19      /* DESCALE(tmp12 + temp1, 19) */
-    shra_r.w    t8, t8, 19      /* DESCALE(tmp12 - temp1, 19) */
-    sll         s4, t9, 2
-    lw          v0, 12(a2)      /* output_buf[ctr] */
-    shll_s.w    t5, t5, 24
-    shll_s.w    t6, t6, 24
-    shll_s.w    t7, t7, 24
-    shll_s.w    t8, t8, 24
-    sra         t5, t5, 24
-    sra         t6, t6, 24
-    sra         t7, t7, 24
-    sra         t8, t8, 24
-    addu        v0, v0, a3      /* outptr = output_buf[ctr] + output_col */
-    addiu       t5, t5, 128
-    addiu       t6, t6, 128
-    addiu       t7, t7, 128
-    addiu       t8, t8, 128
-    sb          t5, 0(v0)
-    sb          t7, 1(v0)
-    sb          t8, 2(v0)
-    sb          t6, 3(v0)
-
-    RESTORE_REGS_FROM_STACK 32, s0, s1, s2, s3, s4, s5, s6, s7
-
-    j           ra
-     nop
-END(jsimd_idct_4x4_dspr2)
-
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_idct_6x6_dspr2)
-/*
- * a0 = compptr->dct_table
- * a1 = coef_block
- * a2 = output_buf
- * a3 = output_col
- */
-    .set at
-
-    SAVE_REGS_ON_STACK 32, s0, s1, s2, s3, s4, s5, s6, s7
-
-    addiu       sp, sp, -144
-    move        v0, sp
-    addiu       v1, v0, 24
-    addiu       t9, zero, 5793
-    addiu       s0, zero, 10033
-    addiu       s1, zero, 2998
-
-1:
-    lh          s2, 0(a0)       /* q0 = quantptr[ 0] */
-    lh          s3, 32(a0)      /* q1 = quantptr[16] */
-    lh          s4, 64(a0)      /* q2 = quantptr[32] */
-    lh          t2, 64(a1)      /* tmp2 = inptr[32] */
-    lh          t1, 32(a1)      /* tmp1 = inptr[16] */
-    lh          t0, 0(a1)       /* tmp0 = inptr[ 0] */
-    mul         t2, t2, s4      /* tmp2 = tmp2 * q2 */
-    mul         t1, t1, s3      /* tmp1 = tmp1 * q1 */
-    mul         t0, t0, s2      /* tmp0 = tmp0 * q0 */
-    lh          t6, 16(a1)      /* z1 = inptr[ 8] */
-    lh          t8, 80(a1)      /* z3 = inptr[40] */
-    lh          t7, 48(a1)      /* z2 = inptr[24] */
-    lh          s2, 16(a0)      /* q0 = quantptr[ 8] */
-    lh          s4, 80(a0)      /* q2 = quantptr[40] */
-    lh          s3, 48(a0)      /* q1 = quantptr[24] */
-    mul         t2, t2, t9      /* tmp2 = tmp2 * 5793 */
-    mul         t1, t1, s0      /* tmp1 = tmp1 * 10033 */
-    sll         t0, t0, 13      /* tmp0 = tmp0 << 13 */
-    mul         t6, t6, s2      /* z1 = z1 * q0 */
-    mul         t8, t8, s4      /* z3 = z3 * q2 */
-    mul         t7, t7, s3      /* z2 = z2 * q1 */
-    addu        t3, t0, t2      /* tmp10 = tmp0 + tmp2 */
-    sll         t2, t2, 1       /* tmp2 = tmp2 << 2 */
-    subu        t4, t0, t2      /* tmp11 = tmp0 - tmp2; */
-    subu        t5, t3, t1      /* tmp12 = tmp10 - tmp1 */
-    addu        t3, t3, t1      /* tmp10 = tmp10 + tmp1 */
-    addu        t1, t6, t8      /* tmp1 = z1 + z3 */
-    mul         t1, t1, s1      /* tmp1 = tmp1 * 2998 */
-    shra_r.w    t4, t4, 11      /* tmp11 = (tmp11 + 1024) >> 11 */
-    subu        t2, t6, t8      /* tmp2 = z1 - z3 */
-    subu        t2, t2, t7      /* tmp2 = tmp2 - z2 */
-    sll         t2, t2, 2       /* tmp2 = tmp2 << 2 */
-    addu        t0, t6, t7      /* tmp0 = z1 + z2 */
-    sll         t0, t0, 13      /* tmp0 = tmp0 << 13 */
-    subu        s2, t8, t7      /* q0 = z3 - z2 */
-    sll         s2, s2, 13      /* q0 = q0 << 13 */
-    addu        t0, t0, t1      /* tmp0 = tmp0 + tmp1 */
-    addu        t1, s2, t1      /* tmp1 = q0 + tmp1 */
-    addu        s2, t4, t2      /* q0 = tmp11 + tmp2 */
-    subu        s3, t4, t2      /* q1 = tmp11 - tmp2 */
-    addu        t6, t3, t0      /* z1 = tmp10 + tmp0 */
-    subu        t7, t3, t0      /* z2 = tmp10 - tmp0 */
-    addu        t4, t5, t1      /* tmp11 = tmp12 + tmp1 */
-    subu        t5, t5, t1      /* tmp12 = tmp12 - tmp1 */
-    shra_r.w    t6, t6, 11      /* z1 = (z1 + 1024) >> 11 */
-    shra_r.w    t7, t7, 11      /* z2 = (z2 + 1024) >> 11 */
-    shra_r.w    t4, t4, 11      /* tmp11 = (tmp11 + 1024) >> 11 */
-    shra_r.w    t5, t5, 11      /* tmp12 = (tmp12 + 1024) >> 11 */
-    sw          s2, 24(v0)
-    sw          s3, 96(v0)
-    sw          t6, 0(v0)
-    sw          t7, 120(v0)
-    sw          t4, 48(v0)
-    sw          t5, 72(v0)
-    addiu       v0, v0, 4
-    addiu       a1, a1, 2
-    bne         v0, v1, 1b
-     addiu      a0, a0, 2
-
-    /* Pass 2: process 6 rows from work array, store into output array. */
-    move        v0, sp
-    addiu       v1, v0, 144
-
-2:
-    lw          t0, 0(v0)
-    lw          t2, 16(v0)
-    lw          s5, 0(a2)
-    addiu       t0, t0, 16
-    sll         t0, t0, 13
-    mul         t3, t2, t9
-    lw          t6, 4(v0)
-    lw          t8, 20(v0)
-    lw          t7, 12(v0)
-    addu        s5, s5, a3
-    addu        s6, t6, t8
-    mul         s6, s6, s1
-    addu        t1, t0, t3
-    subu        t4, t0, t3
-    subu        t4, t4, t3
-    lw          t3, 8(v0)
-    mul         t0, t3, s0
-    addu        s7, t6, t7
-    sll         s7, s7, 13
-    addu        s7, s6, s7
-    subu        t2, t8, t7
-    sll         t2, t2, 13
-    addu        t2, s6, t2
-    subu        s6, t6, t7
-    subu        s6, s6, t8
-    sll         s6, s6, 13
-    addu        t3, t1, t0
-    subu        t5, t1, t0
-    addu        t6, t3, s7
-    subu        t3, t3, s7
-    addu        t7, t4, s6
-    subu        t4, t4, s6
-    addu        t8, t5, t2
-    subu        t5, t5, t2
-    shll_s.w    t6, t6, 6
-    shll_s.w    t3, t3, 6
-    shll_s.w    t7, t7, 6
-    shll_s.w    t4, t4, 6
-    shll_s.w    t8, t8, 6
-    shll_s.w    t5, t5, 6
-    sra         t6, t6, 24
-    addiu       t6, t6, 128
-    sra         t3, t3, 24
-    addiu       t3, t3, 128
-    sb          t6, 0(s5)
-    sra         t7, t7, 24
-    addiu       t7, t7, 128
-    sb          t3, 5(s5)
-    sra         t4, t4, 24
-    addiu       t4, t4, 128
-    sb          t7, 1(s5)
-    sra         t8, t8, 24
-    addiu       t8, t8, 128
-    sb          t4, 4(s5)
-    addiu       v0, v0, 24
-    sra         t5, t5, 24
-    addiu       t5, t5, 128
-    sb          t8, 2(s5)
-    addiu       a2, a2,  4
-    bne         v0, v1, 2b
-     sb         t5, 3(s5)
-
-    addiu       sp, sp, 144
-
-    RESTORE_REGS_FROM_STACK 32, s0, s1, s2, s3, s4, s5, s6, s7
-
-    j           ra
-     nop
-
-END(jsimd_idct_6x6_dspr2)
-
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_idct_12x12_pass1_dspr2)
-/*
- * a0 = compptr->dct_table
- * a1 = coef_block
- * a2 = workspace
- */
-    SAVE_REGS_ON_STACK 16, s0, s1, s2, s3
-
-    li          a3, 8
-
-1:
-    /* odd part */
-    lh          t0, 48(a1)
-    lh          t1, 48(a0)
-    lh          t2, 16(a1)
-    lh          t3, 16(a0)
-    lh          t4, 80(a1)
-    lh          t5, 80(a0)
-    lh          t6, 112(a1)
-    lh          t7, 112(a0)
-    mul         t0, t0, t1      /* z2 */
-    mul         t1, t2, t3      /* z1 */
-    mul         t2, t4, t5      /* z3 */
-    mul         t3, t6, t7      /* z4 */
-    li          t4, 10703       /* FIX(1.306562965) */
-    li          t5, 4433        /* FIX_0_541196100 */
-    li          t6, 7053        /* FIX(0.860918669) */
-    mul         t4, t0, t4      /* tmp11 */
-    mul         t5, t0, t5      /* -tmp14 */
-    addu        t7, t1, t2      /* tmp10 */
-    addu        t8, t7, t3      /* tmp10 + z4 */
-    mul         t6, t6, t8      /* tmp15 */
-    li          t8, 2139        /* FIX(0.261052384) */
-    mul         t8, t7, t8      /* MULTIPLY(tmp10, FIX(0.261052384)) */
-    li          t7, 2295        /* FIX(0.280143716) */
-    mul         t7, t1, t7      /* MULTIPLY(z1, FIX(0.280143716)) */
-    addu        t9, t2, t3      /* z3 + z4 */
-    li          s0, 8565        /* FIX(1.045510580) */
-    mul         t9, t9, s0      /* -tmp13 */
-    li          s0, 12112       /* FIX(1.478575242) */
-    mul         s0, t2, s0      /* MULTIPLY(z3, FIX(1.478575242) */
-    li          s1, 12998       /* FIX(1.586706681) */
-    mul         s1, t3, s1      /* MULTIPLY(z4, FIX(1.586706681)) */
-    li          s2, 5540        /* FIX(0.676326758) */
-    mul         s2, t1, s2      /* MULTIPLY(z1, FIX(0.676326758)) */
-    li          s3, 16244       /* FIX(1.982889723) */
-    mul         s3, t3, s3      /* MULTIPLY(z4, FIX(1.982889723)) */
-    subu        t1, t1, t3      /* z1-=z4 */
-    subu        t0, t0, t2      /* z2-=z3 */
-    addu        t2, t0, t1      /* z1+z2 */
-    li          t3, 4433        /* FIX_0_541196100 */
-    mul         t2, t2, t3      /* z3 */
-    li          t3, 6270        /* FIX_0_765366865 */
-    mul         t1, t1, t3      /* MULTIPLY(z1, FIX_0_765366865) */
-    li          t3, 15137       /* FIX_0_765366865 */
-    mul         t0, t0, t3      /* MULTIPLY(z2, FIX_1_847759065) */
-    addu        t8, t6, t8      /* tmp12 */
-    addu        t3, t8, t4      /* tmp12 + tmp11 */
-    addu        t3, t3, t7      /* tmp10 */
-    subu        t8, t8, t9      /* tmp12 + tmp13 */
-    addu        s0, t5, s0
-    subu        t8, t8, s0      /* tmp12 */
-    subu        t9, t6, t9
-    subu        s1, s1, t4
-    addu        t9, t9, s1      /* tmp13 */
-    subu        t6, t6, t5
-    subu        t6, t6, s2
-    subu        t6, t6, s3      /* tmp15 */
-    /* even part start */
-    lh          t4, 64(a1)
-    lh          t5, 64(a0)
-    lh          t7, 32(a1)
-    lh          s0, 32(a0)
-    lh          s1, 0(a1)
-    lh          s2, 0(a0)
-    lh          s3, 96(a1)
-    lh          v0, 96(a0)
-    mul         t4, t4, t5      /* DEQUANTIZE(inptr[DCTSIZE*4],
-                                              quantptr[DCTSIZE*4]) */
-    mul         t5, t7, s0      /* DEQUANTIZE(inptr[DCTSIZE*2],
-                                              quantptr[DCTSIZE*2]) */
-    mul         t7, s1, s2      /* DEQUANTIZE(inptr[DCTSIZE*0],
-                                              quantptr[DCTSIZE*0]) */
-    mul         s0, s3, v0      /* DEQUANTIZE(inptr[DCTSIZE*6],
-                                              quantptr[DCTSIZE*6]) */
-    /* odd part end */
-    addu        t1, t2, t1      /* tmp11 */
-    subu        t0, t2, t0      /* tmp14 */
-    /* update counter and pointers */
-    addiu       a3, a3, -1
-    addiu       a0, a0, 2
-    addiu       a1, a1, 2
-    /* even part rest */
-    li          s1, 10033
-    li          s2, 11190
-    mul         t4, t4, s1      /* z4 */
-    mul         s1, t5, s2      /* z4 */
-    sll         t5, t5, 13      /* z1 */
-    sll         t7, t7, 13
-    addiu       t7, t7, 1024    /* z3 */
-    sll         s0, s0, 13      /* z2 */
-    addu        s2, t7, t4      /* tmp10 */
-    subu        t4, t7, t4      /* tmp11 */
-    subu        s3, t5, s0      /* tmp12 */
-    addu        t2, t7, s3      /* tmp21 */
-    subu        s3, t7, s3      /* tmp24 */
-    addu        t7, s1, s0      /* tmp12 */
-    addu        v0, s2, t7      /* tmp20 */
-    subu        s2, s2, t7      /* tmp25 */
-    subu        s1, s1, t5      /* z4 - z1 */
-    subu        s1, s1, s0      /* tmp12 */
-    addu        s0, t4, s1      /* tmp22 */
-    subu        t4, t4, s1      /* tmp23 */
-    /* final output stage */
-    addu        t5, v0, t3
-    subu        v0, v0, t3
-    addu        t3, t2, t1
-    subu        t2, t2, t1
-    addu        t1, s0, t8
-    subu        s0, s0, t8
-    addu        t8, t4, t9
-    subu        t4, t4, t9
-    addu        t9, s3, t0
-    subu        s3, s3, t0
-    addu        t0, s2, t6
-    subu        s2, s2, t6
-    sra         t5, t5, 11
-    sra         t3, t3, 11
-    sra         t1, t1, 11
-    sra         t8, t8, 11
-    sra         t9, t9, 11
-    sra         t0, t0, 11
-    sra         s2, s2, 11
-    sra         s3, s3, 11
-    sra         t4, t4, 11
-    sra         s0, s0, 11
-    sra         t2, t2, 11
-    sra         v0, v0, 11
-    sw          t5, 0(a2)
-    sw          t3, 32(a2)
-    sw          t1, 64(a2)
-    sw          t8, 96(a2)
-    sw          t9, 128(a2)
-    sw          t0, 160(a2)
-    sw          s2, 192(a2)
-    sw          s3, 224(a2)
-    sw          t4, 256(a2)
-    sw          s0, 288(a2)
-    sw          t2, 320(a2)
-    sw          v0, 352(a2)
-    bgtz        a3, 1b
-     addiu      a2, a2, 4
-
-    RESTORE_REGS_FROM_STACK 16, s0, s1, s2, s3
-
-    j           ra
-     nop
-
-END(jsimd_idct_12x12_pass1_dspr2)
-
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_idct_12x12_pass2_dspr2)
-/*
- * a0 = workspace
- * a1 = output
- */
-    SAVE_REGS_ON_STACK 16, s0, s1, s2, s3
-
-    li          a3, 12
-
-1:
-    /* Odd part */
-    lw          t0, 12(a0)
-    lw          t1, 4(a0)
-    lw          t2, 20(a0)
-    lw          t3, 28(a0)
-    li          t4, 10703       /* FIX(1.306562965) */
-    li          t5, 4433        /* FIX_0_541196100 */
-    mul         t4, t0, t4      /* tmp11 */
-    mul         t5, t0, t5      /* -tmp14 */
-    addu        t6, t1, t2      /* tmp10 */
-    li          t7, 2139        /* FIX(0.261052384) */
-    mul         t7, t6, t7      /* MULTIPLY(tmp10, FIX(0.261052384)) */
-    addu        t6, t6, t3      /* tmp10 + z4 */
-    li          t8, 7053        /* FIX(0.860918669) */
-    mul         t6, t6, t8      /* tmp15 */
-    li          t8, 2295        /* FIX(0.280143716) */
-    mul         t8, t1, t8      /* MULTIPLY(z1, FIX(0.280143716)) */
-    addu        t9, t2, t3      /* z3 + z4 */
-    li          s0, 8565        /* FIX(1.045510580) */
-    mul         t9, t9, s0      /* -tmp13 */
-    li          s0, 12112       /* FIX(1.478575242) */
-    mul         s0, t2, s0      /* MULTIPLY(z3, FIX(1.478575242)) */
-    li          s1, 12998       /* FIX(1.586706681) */
-    mul         s1, t3, s1      /* MULTIPLY(z4, FIX(1.586706681)) */
-    li          s2, 5540        /* FIX(0.676326758) */
-    mul         s2, t1, s2      /* MULTIPLY(z1, FIX(0.676326758)) */
-    li          s3, 16244       /* FIX(1.982889723) */
-    mul         s3, t3, s3      /* MULTIPLY(z4, FIX(1.982889723)) */
-    subu        t1, t1, t3      /* z1 -= z4 */
-    subu        t0, t0, t2      /* z2 -= z3 */
-    addu        t2, t1, t0      /* z1 + z2 */
-    li          t3, 4433        /* FIX_0_541196100 */
-    mul         t2, t2, t3      /* z3 */
-    li          t3, 6270        /* FIX_0_765366865 */
-    mul         t1, t1, t3      /* MULTIPLY(z1, FIX_0_765366865) */
-    li          t3, 15137       /* FIX_1_847759065 */
-    mul         t0, t0, t3      /* MULTIPLY(z2, FIX_1_847759065) */
-    addu        t3, t6, t7      /* tmp12 */
-    addu        t7, t3, t4
-    addu        t7, t7, t8      /* tmp10 */
-    subu        t3, t3, t9
-    subu        t3, t3, t5
-    subu        t3, t3, s0      /* tmp12 */
-    subu        t9, t6, t9
-    subu        t9, t9, t4
-    addu        t9, t9, s1      /* tmp13 */
-    subu        t6, t6, t5
-    subu        t6, t6, s2
-    subu        t6, t6, s3      /* tmp15 */
-    addu        t1, t2, t1      /* tmp11 */
-    subu        t0, t2, t0      /* tmp14 */
-    /* even part */
-    lw          t2, 16(a0)      /* z4 */
-    lw          t4, 8(a0)       /* z1 */
-    lw          t5, 0(a0)       /* z3 */
-    lw          t8, 24(a0)      /* z2 */
-    li          s0, 10033       /* FIX(1.224744871) */
-    li          s1, 11190       /* FIX(1.366025404) */
-    mul         t2, t2, s0      /* z4 */
-    mul         s0, t4, s1      /* z4 */
-    addiu       t5, t5, 0x10
-    sll         t5, t5, 13      /* z3 */
-    sll         t4, t4, 13      /* z1 */
-    sll         t8, t8, 13      /* z2 */
-    subu        s1, t4, t8      /* tmp12 */
-    addu        s2, t5, t2      /* tmp10 */
-    subu        t2, t5, t2      /* tmp11 */
-    addu        s3, t5, s1      /* tmp21 */
-    subu        s1, t5, s1      /* tmp24 */
-    addu        t5, s0, t8      /* tmp12 */
-    addu        v0, s2, t5      /* tmp20 */
-    subu        t5, s2, t5      /* tmp25 */
-    subu        t4, s0, t4
-    subu        t4, t4, t8      /* tmp12 */
-    addu        t8, t2, t4      /* tmp22 */
-    subu        t2, t2, t4      /* tmp23 */
-    /* increment counter and pointers */
-    addiu       a3, a3, -1
-    addiu       a0, a0, 32
-    /* Final stage */
-    addu        t4, v0, t7
-    subu        v0, v0, t7
-    addu        t7, s3, t1
-    subu        s3, s3, t1
-    addu        t1, t8, t3
-    subu        t8, t8, t3
-    addu        t3, t2, t9
-    subu        t2, t2, t9
-    addu        t9, s1, t0
-    subu        s1, s1, t0
-    addu        t0, t5, t6
-    subu        t5, t5, t6
-    sll         t4, t4, 4
-    sll         t7, t7, 4
-    sll         t1, t1, 4
-    sll         t3, t3, 4
-    sll         t9, t9, 4
-    sll         t0, t0, 4
-    sll         t5, t5, 4
-    sll         s1, s1, 4
-    sll         t2, t2, 4
-    sll         t8, t8, 4
-    sll         s3, s3, 4
-    sll         v0, v0, 4
-    shll_s.w    t4, t4, 2
-    shll_s.w    t7, t7, 2
-    shll_s.w    t1, t1, 2
-    shll_s.w    t3, t3, 2
-    shll_s.w    t9, t9, 2
-    shll_s.w    t0, t0, 2
-    shll_s.w    t5, t5, 2
-    shll_s.w    s1, s1, 2
-    shll_s.w    t2, t2, 2
-    shll_s.w    t8, t8, 2
-    shll_s.w    s3, s3, 2
-    shll_s.w    v0, v0, 2
-    srl         t4, t4, 24
-    srl         t7, t7, 24
-    srl         t1, t1, 24
-    srl         t3, t3, 24
-    srl         t9, t9, 24
-    srl         t0, t0, 24
-    srl         t5, t5, 24
-    srl         s1, s1, 24
-    srl         t2, t2, 24
-    srl         t8, t8, 24
-    srl         s3, s3, 24
-    srl         v0, v0, 24
-    lw          t6, 0(a1)
-    addiu       t4, t4, 0x80
-    addiu       t7, t7, 0x80
-    addiu       t1, t1, 0x80
-    addiu       t3, t3, 0x80
-    addiu       t9, t9, 0x80
-    addiu       t0, t0, 0x80
-    addiu       t5, t5, 0x80
-    addiu       s1, s1, 0x80
-    addiu       t2, t2, 0x80
-    addiu       t8, t8, 0x80
-    addiu       s3, s3, 0x80
-    addiu       v0, v0, 0x80
-    sb          t4, 0(t6)
-    sb          t7, 1(t6)
-    sb          t1, 2(t6)
-    sb          t3, 3(t6)
-    sb          t9, 4(t6)
-    sb          t0, 5(t6)
-    sb          t5, 6(t6)
-    sb          s1, 7(t6)
-    sb          t2, 8(t6)
-    sb          t8, 9(t6)
-    sb          s3, 10(t6)
-    sb          v0, 11(t6)
-    bgtz        a3, 1b
-     addiu      a1, a1, 4
-
-    RESTORE_REGS_FROM_STACK 16, s0, s1, s2, s3
-
-    jr          ra
-     nop
-
-END(jsimd_idct_12x12_pass2_dspr2)
-
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_convsamp_dspr2)
-/*
- * a0 = sample_data
- * a1 = start_col
- * a2 = workspace
- */
-    lw            t0, 0(a0)
-    li            t7, 0xff80ff80
-    addu          t0, t0, a1
-    ulw           t1, 0(t0)
-    ulw           t2, 4(t0)
-    preceu.ph.qbr t3, t1
-    preceu.ph.qbl t4, t1
-    lw            t0, 4(a0)
-    preceu.ph.qbr t5, t2
-    preceu.ph.qbl t6, t2
-    addu          t0, t0, a1
-    addu.ph       t3, t3, t7
-    addu.ph       t4, t4, t7
-    ulw           t1, 0(t0)
-    ulw           t2, 4(t0)
-    addu.ph       t5, t5, t7
-    addu.ph       t6, t6, t7
-    usw           t3, 0(a2)
-    usw           t4, 4(a2)
-    preceu.ph.qbr t3, t1
-    preceu.ph.qbl t4, t1
-    usw           t5, 8(a2)
-    usw           t6, 12(a2)
-
-    lw            t0, 8(a0)
-    preceu.ph.qbr t5, t2
-    preceu.ph.qbl t6, t2
-    addu          t0, t0, a1
-    addu.ph       t3, t3, t7
-    addu.ph       t4, t4, t7
-    ulw           t1, 0(t0)
-    ulw           t2, 4(t0)
-    addu.ph       t5, t5, t7
-    addu.ph       t6, t6, t7
-    usw           t3, 16(a2)
-    usw           t4, 20(a2)
-    preceu.ph.qbr t3, t1
-    preceu.ph.qbl t4, t1
-    usw           t5, 24(a2)
-    usw           t6, 28(a2)
-
-    lw            t0, 12(a0)
-    preceu.ph.qbr t5, t2
-    preceu.ph.qbl t6, t2
-    addu          t0, t0, a1
-    addu.ph       t3, t3, t7
-    addu.ph       t4, t4, t7
-    ulw           t1, 0(t0)
-    ulw           t2, 4(t0)
-    addu.ph       t5, t5, t7
-    addu.ph       t6, t6, t7
-    usw           t3, 32(a2)
-    usw           t4, 36(a2)
-    preceu.ph.qbr t3, t1
-    preceu.ph.qbl t4, t1
-    usw           t5, 40(a2)
-    usw           t6, 44(a2)
-
-    lw            t0, 16(a0)
-    preceu.ph.qbr t5, t2
-    preceu.ph.qbl t6, t2
-    addu          t0, t0, a1
-    addu.ph       t3, t3, t7
-    addu.ph       t4, t4, t7
-    ulw           t1, 0(t0)
-    ulw           t2, 4(t0)
-    addu.ph       t5, t5, t7
-    addu.ph       t6, t6, t7
-    usw           t3, 48(a2)
-    usw           t4, 52(a2)
-    preceu.ph.qbr t3, t1
-    preceu.ph.qbl t4, t1
-    usw           t5, 56(a2)
-    usw           t6, 60(a2)
-
-    lw            t0, 20(a0)
-    preceu.ph.qbr t5, t2
-    preceu.ph.qbl t6, t2
-    addu          t0, t0, a1
-    addu.ph       t3, t3, t7
-    addu.ph       t4, t4, t7
-    ulw           t1, 0(t0)
-    ulw           t2, 4(t0)
-    addu.ph       t5, t5, t7
-    addu.ph       t6, t6, t7
-    usw           t3, 64(a2)
-    usw           t4, 68(a2)
-    preceu.ph.qbr t3, t1
-    preceu.ph.qbl t4, t1
-    usw           t5, 72(a2)
-    usw           t6, 76(a2)
-
-    lw            t0, 24(a0)
-    preceu.ph.qbr t5, t2
-    preceu.ph.qbl t6, t2
-    addu          t0, t0, a1
-    addu.ph       t3, t3, t7
-    addu.ph       t4, t4, t7
-    ulw           t1, 0(t0)
-    ulw           t2, 4(t0)
-    addu.ph       t5, t5, t7
-    addu.ph       t6, t6, t7
-    usw           t3, 80(a2)
-    usw           t4, 84(a2)
-    preceu.ph.qbr t3, t1
-    preceu.ph.qbl t4, t1
-    usw           t5, 88(a2)
-    usw           t6, 92(a2)
-
-    lw            t0, 28(a0)
-    preceu.ph.qbr t5, t2
-    preceu.ph.qbl t6, t2
-    addu          t0, t0, a1
-    addu.ph       t3, t3, t7
-    addu.ph       t4, t4, t7
-    ulw           t1, 0(t0)
-    ulw           t2, 4(t0)
-    addu.ph       t5, t5, t7
-    addu.ph       t6, t6, t7
-    usw           t3, 96(a2)
-    usw           t4, 100(a2)
-    preceu.ph.qbr t3, t1
-    preceu.ph.qbl t4, t1
-    usw           t5, 104(a2)
-    usw           t6, 108(a2)
-    preceu.ph.qbr t5, t2
-    preceu.ph.qbl t6, t2
-    addu.ph       t3, t3, t7
-    addu.ph       t4, t4, t7
-    addu.ph       t5, t5, t7
-    addu.ph       t6, t6, t7
-    usw           t3, 112(a2)
-    usw           t4, 116(a2)
-    usw           t5, 120(a2)
-    usw           t6, 124(a2)
-
-    j             ra
-     nop
-
-END(jsimd_convsamp_dspr2)
-
-
-#ifndef __mips_soft_float
-
-/*****************************************************************************/
-LEAF_DSPR2(jsimd_convsamp_float_dspr2)
-/*
- * a0 = sample_data
- * a1 = start_col
- * a2 = workspace
- */
-    .set at
-
-    lw          t0, 0(a0)
-    addu        t0, t0, a1
-    lbu         t1, 0(t0)
-    lbu         t2, 1(t0)
-    lbu         t3, 2(t0)
-    lbu         t4, 3(t0)
-    lbu         t5, 4(t0)
-    lbu         t6, 5(t0)
-    lbu         t7, 6(t0)
-    lbu         t8, 7(t0)
-    addiu       t1, t1, -128
-    addiu       t2, t2, -128
-    addiu       t3, t3, -128
-    addiu       t4, t4, -128
-    addiu       t5, t5, -128
-    addiu       t6, t6, -128
-    addiu       t7, t7, -128
-    addiu       t8, t8, -128
-    mtc1        t1, f2
-    mtc1        t2, f4
-    mtc1        t3, f6
-    mtc1        t4, f8
-    mtc1        t5, f10
-    mtc1        t6, f12
-    mtc1        t7, f14
-    mtc1        t8, f16
-    cvt.s.w     f2, f2
-    cvt.s.w     f4, f4
-    cvt.s.w     f6, f6
-    cvt.s.w     f8, f8
-    cvt.s.w     f10, f10
-    cvt.s.w     f12, f12
-    cvt.s.w     f14, f14
-    cvt.s.w     f16, f16
-    lw          t0, 4(a0)
-    swc1        f2, 0(a2)
-    swc1        f4, 4(a2)
-    swc1        f6, 8(a2)
-    addu        t0, t0, a1
-    swc1        f8, 12(a2)
-    swc1        f10, 16(a2)
-    swc1        f12, 20(a2)
-    swc1        f14, 24(a2)
-    swc1        f16, 28(a2)
-    /* elemr 1 */
-    lbu         t1, 0(t0)
-    lbu         t2, 1(t0)
-    lbu         t3, 2(t0)
-    lbu         t4, 3(t0)
-    lbu         t5, 4(t0)
-    lbu         t6, 5(t0)
-    lbu         t7, 6(t0)
-    lbu         t8, 7(t0)
-    addiu       t1, t1, -128
-    addiu       t2, t2, -128
-    addiu       t3, t3, -128
-    addiu       t4, t4, -128
-    addiu       t5, t5, -128
-    addiu       t6, t6, -128
-    addiu       t7, t7, -128
-    addiu       t8, t8, -128
-    mtc1        t1, f2
-    mtc1        t2, f4
-    mtc1        t3, f6
-    mtc1        t4, f8
-    mtc1        t5, f10
-    mtc1        t6, f12
-    mtc1        t7, f14
-    mtc1        t8, f16
-    cvt.s.w     f2, f2
-    cvt.s.w     f4, f4
-    cvt.s.w     f6, f6
-    cvt.s.w     f8, f8
-    cvt.s.w     f10, f10
-    cvt.s.w     f12, f12
-    cvt.s.w     f14, f14
-    cvt.s.w     f16, f16
-    lw          t0, 8(a0)
-    swc1        f2, 32(a2)
-    swc1        f4, 36(a2)
-    swc1        f6, 40(a2)
-    addu        t0, t0, a1
-    swc1        f8, 44(a2)
-    swc1        f10, 48(a2)
-    swc1        f12, 52(a2)
-    swc1        f14, 56(a2)
-    swc1        f16, 60(a2)
-    /* elemr 2 */
-    lbu         t1, 0(t0)
-    lbu         t2, 1(t0)
-    lbu         t3, 2(t0)
-    lbu         t4, 3(t0)
-    lbu         t5, 4(t0)
-    lbu         t6, 5(t0)
-    lbu         t7, 6(t0)
-    lbu         t8, 7(t0)
-    addiu       t1, t1, -128
-    addiu       t2, t2, -128
-    addiu       t3, t3, -128
-    addiu       t4, t4, -128
-    addiu       t5, t5, -128
-    addiu       t6, t6, -128
-    addiu       t7, t7, -128
-    addiu       t8, t8, -128
-    mtc1        t1, f2
-    mtc1        t2, f4
-    mtc1        t3, f6
-    mtc1        t4, f8
-    mtc1        t5, f10
-    mtc1        t6, f12
-    mtc1        t7, f14
-    mtc1        t8, f16
-    cvt.s.w     f2, f2
-    cvt.s.w     f4, f4
-    cvt.s.w     f6, f6
-    cvt.s.w     f8, f8
-    cvt.s.w     f10, f10
-    cvt.s.w     f12, f12
-    cvt.s.w     f14, f14
-    cvt.s.w     f16, f16
-    lw          t0, 12(a0)
-    swc1        f2, 64(a2)
-    swc1        f4, 68(a2)
-    swc1        f6, 72(a2)
-    addu        t0, t0, a1
-    swc1        f8, 76(a2)
-    swc1        f10, 80(a2)
-    swc1        f12, 84(a2)
-    swc1        f14, 88(a2)
-    swc1        f16, 92(a2)
-    /*  elemr 3 */
-    lbu         t1, 0(t0)
-    lbu         t2, 1(t0)
-    lbu         t3, 2(t0)
-    lbu         t4, 3(t0)
-    lbu         t5, 4(t0)
-    lbu         t6, 5(t0)
-    lbu         t7, 6(t0)
-    lbu         t8, 7(t0)
-    addiu       t1, t1, -128
-    addiu       t2, t2, -128
-    addiu       t3, t3, -128
-    addiu       t4, t4, -128
-    addiu       t5, t5, -128
-    addiu       t6, t6, -128
-    addiu       t7, t7, -128
-    addiu       t8, t8, -128
-    mtc1        t1, f2
-    mtc1        t2, f4
-    mtc1        t3, f6
-    mtc1        t4, f8
-    mtc1        t5, f10
-    mtc1        t6, f12
-    mtc1        t7, f14
-    mtc1        t8, f16
-    cvt.s.w     f2, f2
-    cvt.s.w     f4, f4
-    cvt.s.w     f6, f6
-    cvt.s.w     f8, f8
-    cvt.s.w     f10, f10
-    cvt.s.w     f12, f12
-    cvt.s.w     f14, f14
-    cvt.s.w     f16, f16
-    lw          t0, 16(a0)
-    swc1        f2, 96(a2)
-    swc1        f4, 100(a2)
-    swc1        f6, 104(a2)
-    addu        t0, t0, a1
-    swc1        f8, 108(a2)
-    swc1        f10, 112(a2)
-    swc1        f12, 116(a2)
-    swc1        f14, 120(a2)
-    swc1        f16, 124(a2)
-    /* elemr 4 */
-    lbu         t1, 0(t0)
-    lbu         t2, 1(t0)
-    lbu         t3, 2(t0)
-    lbu         t4, 3(t0)
-    lbu         t5, 4(t0)
-    lbu         t6, 5(t0)
-    lbu         t7, 6(t0)
-    lbu         t8, 7(t0)
-    addiu       t1, t1, -128
-    addiu       t2, t2, -128
-    addiu       t3, t3, -128
-    addiu       t4, t4, -128
-    addiu       t5, t5, -128
-    addiu       t6, t6, -128
-    addiu       t7, t7, -128
-    addiu       t8, t8, -128
-    mtc1        t1, f2
-    mtc1        t2, f4
-    mtc1        t3, f6
-    mtc1        t4, f8
-    mtc1        t5, f10
-    mtc1        t6, f12
-    mtc1        t7, f14
-    mtc1        t8, f16
-    cvt.s.w     f2, f2
-    cvt.s.w     f4, f4
-    cvt.s.w     f6, f6
-    cvt.s.w     f8, f8
-    cvt.s.w     f10, f10
-    cvt.s.w     f12, f12
-    cvt.s.w     f14, f14
-    cvt.s.w     f16, f16
-    lw          t0, 20(a0)
-    swc1        f2, 128(a2)
-    swc1        f4, 132(a2)
-    swc1        f6, 136(a2)
-    addu        t0, t0, a1
-    swc1        f8, 140(a2)
-    swc1        f10, 144(a2)
-    swc1        f12, 148(a2)
-    swc1        f14, 152(a2)
-    swc1        f16, 156(a2)
-    /* elemr 5 */
-    lbu         t1, 0(t0)
-    lbu         t2, 1(t0)
-    lbu         t3, 2(t0)
-    lbu         t4, 3(t0)
-    lbu         t5, 4(t0)
-    lbu         t6, 5(t0)
-    lbu         t7, 6(t0)
-    lbu         t8, 7(t0)
-    addiu       t1, t1, -128
-    addiu       t2, t2, -128
-    addiu       t3, t3, -128
-    addiu       t4, t4, -128
-    addiu       t5, t5, -128
-    addiu       t6, t6, -128
-    addiu       t7, t7, -128
-    addiu       t8, t8, -128
-    mtc1        t1, f2
-    mtc1        t2, f4
-    mtc1        t3, f6
-    mtc1        t4, f8
-    mtc1        t5, f10
-    mtc1        t6, f12
-    mtc1        t7, f14
-    mtc1        t8, f16
-    cvt.s.w     f2, f2
-    cvt.s.w     f4, f4
-    cvt.s.w     f6, f6
-    cvt.s.w     f8, f8
-    cvt.s.w     f10, f10
-    cvt.s.w     f12, f12
-    cvt.s.w     f14, f14
-    cvt.s.w     f16, f16
-    lw          t0, 24(a0)
-    swc1        f2, 160(a2)
-    swc1        f4, 164(a2)
-    swc1        f6, 168(a2)
-    addu        t0, t0, a1
-    swc1        f8, 172(a2)
-    swc1        f10, 176(a2)
-    swc1        f12, 180(a2)
-    swc1        f14, 184(a2)
-    swc1        f16, 188(a2)
-    /* elemr 6 */
-    lbu         t1, 0(t0)
-    lbu         t2, 1(t0)
-    lbu         t3, 2(t0)
-    lbu         t4, 3(t0)
-    lbu         t5, 4(t0)
-    lbu         t6, 5(t0)
-    lbu         t7, 6(t0)
-    lbu         t8, 7(t0)
-    addiu       t1, t1, -128
-    addiu       t2, t2, -128
-    addiu       t3, t3, -128
-    addiu       t4, t4, -128
-    addiu       t5, t5, -128
-    addiu       t6, t6, -128
-    addiu       t7, t7, -128
-    addiu       t8, t8, -128
-    mtc1        t1, f2
-    mtc1        t2, f4
-    mtc1        t3, f6
-    mtc1        t4, f8
-    mtc1        t5, f10
-    mtc1        t6, f12
-    mtc1        t7, f14
-    mtc1        t8, f16
-    cvt.s.w     f2, f2
-    cvt.s.w     f4, f4
-    cvt.s.w     f6, f6
-    cvt.s.w     f8, f8
-    cvt.s.w     f10, f10
-    cvt.s.w     f12, f12
-    cvt.s.w     f14, f14
-    cvt.s.w     f16, f16
-    lw          t0, 28(a0)
-    swc1        f2, 192(a2)
-    swc1        f4, 196(a2)
-    swc1        f6, 200(a2)
-    addu        t0, t0, a1
-    swc1        f8, 204(a2)
-    swc1        f10, 208(a2)
-    swc1        f12, 212(a2)
-    swc1        f14, 216(a2)
-    swc1        f16, 220(a2)
-    /* elemr 7 */
-    lbu         t1, 0(t0)
-    lbu         t2, 1(t0)
-    lbu         t3, 2(t0)
-    lbu         t4, 3(t0)
-    lbu         t5, 4(t0)
-    lbu         t6, 5(t0)
-    lbu         t7, 6(t0)
-    lbu         t8, 7(t0)
-    addiu       t1, t1, -128
-    addiu       t2, t2, -128
-    addiu       t3, t3, -128
-    addiu       t4, t4, -128
-    addiu       t5, t5, -128
-    addiu       t6, t6, -128
-    addiu       t7, t7, -128
-    addiu       t8, t8, -128
-    mtc1        t1, f2
-    mtc1        t2, f4
-    mtc1        t3, f6
-    mtc1        t4, f8
-    mtc1        t5, f10
-    mtc1        t6, f12
-    mtc1        t7, f14
-    mtc1        t8, f16
-    cvt.s.w     f2, f2
-    cvt.s.w     f4, f4
-    cvt.s.w     f6, f6
-    cvt.s.w     f8, f8
-    cvt.s.w     f10, f10
-    cvt.s.w     f12, f12
-    cvt.s.w     f14, f14
-    cvt.s.w     f16, f16
-    swc1        f2, 224(a2)
-    swc1        f4, 228(a2)
-    swc1        f6, 232(a2)
-    swc1        f8, 236(a2)
-    swc1        f10, 240(a2)
-    swc1        f12, 244(a2)
-    swc1        f14, 248(a2)
-    swc1        f16, 252(a2)
-
-    j           ra
-     nop
-
-END(jsimd_convsamp_float_dspr2)
-
-#endif
-
-/*****************************************************************************/
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips/jsimd_dspr2_asm.h b/3rdparty/libjpeg-turbo_2_1_0/simd/mips/jsimd_dspr2_asm.h
deleted file mode 100644
index 12cfda4..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips/jsimd_dspr2_asm.h
+++ /dev/null
@@ -1,292 +0,0 @@
-/*
- * MIPS DSPr2 optimizations for libjpeg-turbo
- *
- * Copyright (C) 2013, MIPS Technologies, Inc., California.
- * Copyright (C) 2018, Matthieu Darbois.
- * All Rights Reserved.
- * Authors:  Teodora Novkovic (teodora.novkovic@imgtec.com)
- *           Darko Laus       (darko.laus@imgtec.com)
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#define zero  $0
-#define AT    $1
-#define v0    $2
-#define v1    $3
-#define a0    $4
-#define a1    $5
-#define a2    $6
-#define a3    $7
-#define t0    $8
-#define t1    $9
-#define t2    $10
-#define t3    $11
-#define t4    $12
-#define t5    $13
-#define t6    $14
-#define t7    $15
-#define s0    $16
-#define s1    $17
-#define s2    $18
-#define s3    $19
-#define s4    $20
-#define s5    $21
-#define s6    $22
-#define s7    $23
-#define t8    $24
-#define t9    $25
-#define k0    $26
-#define k1    $27
-#define gp    $28
-#define sp    $29
-#define fp    $30
-#define s8    $30
-#define ra    $31
-
-#define f0    $f0
-#define f1    $f1
-#define f2    $f2
-#define f3    $f3
-#define f4    $f4
-#define f5    $f5
-#define f6    $f6
-#define f7    $f7
-#define f8    $f8
-#define f9    $f9
-#define f10   $f10
-#define f11   $f11
-#define f12   $f12
-#define f13   $f13
-#define f14   $f14
-#define f15   $f15
-#define f16   $f16
-#define f17   $f17
-#define f18   $f18
-#define f19   $f19
-#define f20   $f20
-#define f21   $f21
-#define f22   $f22
-#define f23   $f23
-#define f24   $f24
-#define f25   $f25
-#define f26   $f26
-#define f27   $f27
-#define f28   $f28
-#define f29   $f29
-#define f30   $f30
-#define f31   $f31
-
-#ifdef __ELF__
-#define HIDDEN_SYMBOL(symbol)  .hidden symbol;
-#else
-#define HIDDEN_SYMBOL(symbol)
-#endif
-
-/*
- * LEAF_MIPS32R2 - declare leaf routine for MIPS32r2
- */
-#define LEAF_MIPS32R2(symbol) \
-    .globl      symbol; \
-    HIDDEN_SYMBOL(symbol) \
-    .align      2; \
-    .type       symbol, @function; \
-    .ent        symbol, 0; \
-symbol: \
-    .frame      sp, 0, ra; \
-    .set        push; \
-    .set        arch = mips32r2; \
-    .set        noreorder; \
-    .set        noat;
-
-/*
- * LEAF_DSPR2 - declare leaf routine for MIPS DSPr2
- */
-#define LEAF_DSPR2(symbol) \
-LEAF_MIPS32R2(symbol) \
-    .set        dspr2;
-
-/*
- * END - mark end of function
- */
-#define END(function) \
-    .set        pop; \
-    .end        function; \
-    .size       function, .-function
-
-/*
- * Checks if stack offset is big enough for storing/restoring regs_num
- * number of register to/from stack. Stack offset must be greater than
- * or equal to the number of bytes needed for storing registers (regs_num*4).
- * Since MIPS ABI allows usage of first 16 bytes of stack frame (this is
- * preserved for input arguments of the functions, already stored in a0-a3),
- * stack size can be further optimized by utilizing this space.
- */
-.macro CHECK_STACK_OFFSET regs_num, stack_offset
-.if \stack_offset < \regs_num * 4 - 16
-.error "Stack offset too small."
-.endif
-.endm
-
-/*
- * Saves set of registers on stack. Maximum number of registers that
- * can be saved on stack is limitted to 14 (a0-a3, v0-v1 and s0-s7).
- * Stack offset is number of bytes that are added to stack pointer (sp)
- * before registers are pushed in order to provide enough space on stack
- * (offset must be multiple of 4, and must be big enough, as described by
- * CHECK_STACK_OFFSET macro). This macro is intended to be used in
- * combination with RESTORE_REGS_FROM_STACK macro. Example:
- *  SAVE_REGS_ON_STACK      4, v0, v1, s0, s1
- *  RESTORE_REGS_FROM_STACK 4, v0, v1, s0, s1
- */
-.macro SAVE_REGS_ON_STACK  stack_offset = 0, r1, \
-                           r2  = 0, r3  = 0, r4  = 0, \
-                           r5  = 0, r6  = 0, r7  = 0, \
-                           r8  = 0, r9  = 0, r10 = 0, \
-                           r11 = 0, r12 = 0, r13 = 0, \
-                           r14 = 0
-.if (\stack_offset < 0) || (\stack_offset - (\stack_offset / 4) * 4)
-    .error "Stack offset must be pozitive and multiple of 4."
-.endif
-.if \stack_offset != 0
-    addiu       sp, sp, -\stack_offset
-.endif
-    sw          \r1, 0(sp)
-.if \r2 != 0
-    sw          \r2, 4(sp)
-.endif
-.if \r3 != 0
-    sw          \r3, 8(sp)
-.endif
-.if \r4 != 0
-    sw          \r4, 12(sp)
-.endif
-.if \r5 != 0
-    CHECK_STACK_OFFSET 5, \stack_offset
-    sw          \r5, 16(sp)
-.endif
-.if \r6 != 0
-    CHECK_STACK_OFFSET 6, \stack_offset
-    sw          \r6, 20(sp)
-.endif
-.if \r7 != 0
-    CHECK_STACK_OFFSET 7, \stack_offset
-    sw          \r7, 24(sp)
-.endif
-.if \r8 != 0
-    CHECK_STACK_OFFSET 8, \stack_offset
-    sw          \r8, 28(sp)
-.endif
-.if \r9 != 0
-    CHECK_STACK_OFFSET 9, \stack_offset
-    sw          \r9, 32(sp)
-.endif
-.if \r10 != 0
-    CHECK_STACK_OFFSET 10, \stack_offset
-    sw          \r10, 36(sp)
-.endif
-.if \r11 != 0
-    CHECK_STACK_OFFSET 11, \stack_offset
-    sw          \r11, 40(sp)
-.endif
-.if \r12 != 0
-    CHECK_STACK_OFFSET 12, \stack_offset
-    sw          \r12, 44(sp)
-.endif
-.if \r13 != 0
-    CHECK_STACK_OFFSET 13, \stack_offset
-    sw          \r13, 48(sp)
-.endif
-.if \r14 != 0
-    CHECK_STACK_OFFSET 14, \stack_offset
-    sw          \r14, 52(sp)
-.endif
-.endm
-
-/*
- * Restores set of registers from stack. Maximum number of registers that
- * can be restored from stack is limitted to 14 (a0-a3, v0-v1 and s0-s7).
- * Stack offset is number of bytes that are added to stack pointer (sp)
- * after registers are restored (offset must be multiple of 4, and must
- * be big enough, as described by CHECK_STACK_OFFSET macro). This macro is
- * intended to be used in combination with RESTORE_REGS_FROM_STACK macro.
- * Example:
- *  SAVE_REGS_ON_STACK      4, v0, v1, s0, s1
- *  RESTORE_REGS_FROM_STACK 4, v0, v1, s0, s1
- */
-.macro RESTORE_REGS_FROM_STACK  stack_offset = 0, r1, \
-                                r2  = 0, r3  = 0, r4  = 0, \
-                                r5  = 0, r6  = 0, r7  = 0, \
-                                r8  = 0, r9  = 0, r10 = 0, \
-                                r11 = 0, r12 = 0, r13 = 0, \
-                                r14 = 0
-.if (\stack_offset < 0) || (\stack_offset - (\stack_offset / 4) * 4)
-    .error "Stack offset must be pozitive and multiple of 4."
-.endif
-    lw          \r1, 0(sp)
-.if \r2 != 0
-    lw          \r2, 4(sp)
-.endif
-.if \r3 != 0
-    lw          \r3, 8(sp)
-.endif
-.if \r4 != 0
-    lw          \r4, 12(sp)
-.endif
-.if \r5 != 0
-    CHECK_STACK_OFFSET 5, \stack_offset
-    lw          \r5, 16(sp)
-.endif
-.if \r6 != 0
-    CHECK_STACK_OFFSET 6, \stack_offset
-    lw          \r6, 20(sp)
-.endif
-.if \r7 != 0
-    CHECK_STACK_OFFSET 7, \stack_offset
-    lw          \r7, 24(sp)
-.endif
-.if \r8 != 0
-    CHECK_STACK_OFFSET 8, \stack_offset
-    lw          \r8, 28(sp)
-.endif
-.if \r9 != 0
-    CHECK_STACK_OFFSET 9, \stack_offset
-    lw          \r9, 32(sp)
-.endif
-.if \r10 != 0
-    CHECK_STACK_OFFSET 10, \stack_offset
-    lw          \r10, 36(sp)
-.endif
-.if \r11 != 0
-    CHECK_STACK_OFFSET 11, \stack_offset
-    lw          \r11, 40(sp)
-.endif
-.if \r12 != 0
-    CHECK_STACK_OFFSET 12, \stack_offset
-    lw          \r12, 44(sp)
-.endif
-.if \r13 != 0
-    CHECK_STACK_OFFSET 13, \stack_offset
-    lw          \r13, 48(sp)
-.endif
-.if \r14 != 0
-    CHECK_STACK_OFFSET 14, \stack_offset
-    lw          \r14, 52(sp)
-.endif
-.if \stack_offset != 0
-    addiu       sp, sp, \stack_offset
-.endif
-.endm
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jccolext-mmi.c b/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jccolext-mmi.c
deleted file mode 100644
index 558eb2a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jccolext-mmi.c
+++ /dev/null
@@ -1,455 +0,0 @@
-/*
- * Loongson MMI optimizations for libjpeg-turbo
- *
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2014-2015, 2019, D. R. Commander.  All Rights Reserved.
- * Copyright (C) 2016-2018, Loongson Technology Corporation Limited, BeiJing.
- *                          All Rights Reserved.
- * Authors:  ZhuChen     <zhuchen@loongson.cn>
- *           SunZhangzhi <sunzhangzhi-cq@loongson.cn>
- *           CaiWanwei   <caiwanwei@loongson.cn>
- *           ZhangLixia  <zhanglixia-hf@loongson.cn>
- *
- * Based on the x86 SIMD extension for IJG JPEG library
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* This file is included by jccolor-mmi.c */
-
-
-#if RGB_RED == 0
-#define mmA  re
-#define mmB  ro
-#elif RGB_GREEN == 0
-#define mmA  ge
-#define mmB  go
-#elif RGB_BLUE == 0
-#define mmA  be
-#define mmB  bo
-#else
-#define mmA  xe
-#define mmB  xo
-#endif
-
-#if RGB_RED == 1
-#define mmC  re
-#define mmD  ro
-#elif RGB_GREEN == 1
-#define mmC  ge
-#define mmD  go
-#elif RGB_BLUE == 1
-#define mmC  be
-#define mmD  bo
-#else
-#define mmC  xe
-#define mmD  xo
-#endif
-
-#if RGB_RED == 2
-#define mmE  re
-#define mmF  ro
-#elif RGB_GREEN == 2
-#define mmE  ge
-#define mmF  go
-#elif RGB_BLUE == 2
-#define mmE  be
-#define mmF  bo
-#else
-#define mmE  xe
-#define mmF  xo
-#endif
-
-#if RGB_RED == 3
-#define mmG  re
-#define mmH  ro
-#elif RGB_GREEN == 3
-#define mmG  ge
-#define mmH  go
-#elif RGB_BLUE == 3
-#define mmG  be
-#define mmH  bo
-#else
-#define mmG  xe
-#define mmH  xo
-#endif
-
-
-void jsimd_rgb_ycc_convert_mmi(JDIMENSION image_width, JSAMPARRAY input_buf,
-                               JSAMPIMAGE output_buf, JDIMENSION output_row,
-                               int num_rows)
-{
-  JSAMPROW inptr, outptr0, outptr1, outptr2;
-  int num_cols, col;
-  __m64 re, ro, ge, go, be, bo, xe;
-#if RGB_PIXELSIZE == 4
-  __m64 xo;
-#endif
-  __m64 rgle, rghe, rglo, rgho, bgle, bghe, bglo, bgho;
-  __m64 ble, halfble, bhe, halfbhe, blo, halfblo, bho, halfbho;
-  __m64 rle, halfrle, rhe, halfrhe, rlo, halfrlo, rho, halfrho;
-  __m64 yle_rg, yhe_rg, yle_bg, yhe_bg, yle, yhe, ye;
-  __m64 ylo_rg, yho_rg, ylo_bg, yho_bg, ylo, yho, yo, y;
-  __m64 cble, cbhe, cbe, cblo, cbho, cbo, cb;
-  __m64 crle, crhe, cre, crlo, crho, cro, cr;
-
-  while (--num_rows >= 0) {
-    inptr = *input_buf++;
-    outptr0 = output_buf[0][output_row];
-    outptr1 = output_buf[1][output_row];
-    outptr2 = output_buf[2][output_row];
-    output_row++;
-
-    for (num_cols = image_width; num_cols > 0; num_cols -= 8,
-         outptr0 += 8, outptr1 += 8, outptr2 += 8) {
-
-#if RGB_PIXELSIZE == 3
-
-      if (num_cols < 8) {
-        col = num_cols * 3;
-        asm(".set noreorder\r\n"
-
-            "li       $8, 1\r\n"
-            "move     $9, %3\r\n"
-            "and      $10, $9, $8\r\n"
-            "beqz     $10, 1f\r\n"
-            "nop      \r\n"
-            "subu     $9, $9, 1\r\n"
-            "xor      $12, $12, $12\r\n"
-            "move     $13, %5\r\n"
-            PTR_ADDU  "$13, $13, $9\r\n"
-            "lbu      $12, 0($13)\r\n"
-
-            "1:       \r\n"
-            "li       $8, 2\r\n"
-            "and      $10, $9, $8\r\n"
-            "beqz     $10, 2f\r\n"
-            "nop      \r\n"
-            "subu     $9, $9, 2\r\n"
-            "xor      $11, $11, $11\r\n"
-            "move     $13, %5\r\n"
-            PTR_ADDU  "$13, $13, $9\r\n"
-            "lhu      $11, 0($13)\r\n"
-            "sll      $12, $12, 16\r\n"
-            "or       $12, $12, $11\r\n"
-
-            "2:       \r\n"
-            "dmtc1    $12, %0\r\n"
-            "li       $8, 4\r\n"
-            "and      $10, $9, $8\r\n"
-            "beqz     $10, 3f\r\n"
-            "nop      \r\n"
-            "subu     $9, $9, 4\r\n"
-            "move     $13, %5\r\n"
-            PTR_ADDU  "$13, $13, $9\r\n"
-            "lwu      $14, 0($13)\r\n"
-            "dmtc1    $14, %1\r\n"
-            "dsll32   $12, $12, 0\r\n"
-            "or       $12, $12, $14\r\n"
-            "dmtc1    $12, %0\r\n"
-
-            "3:       \r\n"
-            "li       $8, 8\r\n"
-            "and      $10, $9, $8\r\n"
-            "beqz     $10, 4f\r\n"
-            "nop      \r\n"
-            "mov.s    %1, %0\r\n"
-            "ldc1     %0, 0(%5)\r\n"
-            "li       $9, 8\r\n"
-            "j        5f\r\n"
-            "nop      \r\n"
-
-            "4:       \r\n"
-            "li       $8, 16\r\n"
-            "and      $10, $9, $8\r\n"
-            "beqz     $10, 5f\r\n"
-            "nop      \r\n"
-            "mov.s    %2, %0\r\n"
-            "ldc1     %0, 0(%5)\r\n"
-            "ldc1     %1, 8(%5)\r\n"
-
-            "5:       \r\n"
-            "nop      \r\n"
-            ".set reorder\r\n"
-
-            : "=f" (mmA), "=f" (mmG), "=f" (mmF)
-            : "r" (col), "r" (num_rows), "r" (inptr)
-            : "$f0", "$f2", "$f4", "$8", "$9", "$10", "$11", "$12", "$13",
-              "$14", "memory"
-           );
-      } else {
-        if (!(((long)inptr) & 7)) {
-          mmA = _mm_load_si64((__m64 *)&inptr[0]);
-          mmG = _mm_load_si64((__m64 *)&inptr[8]);
-          mmF = _mm_load_si64((__m64 *)&inptr[16]);
-        } else {
-          mmA = _mm_loadu_si64((__m64 *)&inptr[0]);
-          mmG = _mm_loadu_si64((__m64 *)&inptr[8]);
-          mmF = _mm_loadu_si64((__m64 *)&inptr[16]);
-        }
-        inptr += RGB_PIXELSIZE * 8;
-      }
-      mmD = _mm_srli_si64(mmA, 4 * BYTE_BIT);
-      mmA = _mm_slli_si64(mmA, 4 * BYTE_BIT);
-
-      mmA = _mm_unpackhi_pi8(mmA, mmG);
-      mmG = _mm_slli_si64(mmG, 4 * BYTE_BIT);
-
-      mmD = _mm_unpacklo_pi8(mmD, mmF);
-      mmG = _mm_unpackhi_pi8(mmG, mmF);
-
-      mmE = _mm_srli_si64(mmA, 4 * BYTE_BIT);
-      mmA = _mm_slli_si64(mmA, 4 * BYTE_BIT);
-
-      mmA = _mm_unpackhi_pi8(mmA, mmD);
-      mmD = _mm_slli_si64(mmD, 4 * BYTE_BIT);
-
-      mmE = _mm_unpacklo_pi8(mmE, mmG);
-      mmD = _mm_unpackhi_pi8(mmD, mmG);
-      mmC = _mm_loadhi_pi8_f(mmA);
-      mmA = _mm_loadlo_pi8_f(mmA);
-
-      mmB = _mm_loadhi_pi8_f(mmE);
-      mmE = _mm_loadlo_pi8_f(mmE);
-
-      mmF = _mm_loadhi_pi8_f(mmD);
-      mmD = _mm_loadlo_pi8_f(mmD);
-
-#else  /* RGB_PIXELSIZE == 4 */
-
-      if (num_cols < 8) {
-        col = num_cols;
-        asm(".set noreorder\r\n"
-
-            "li       $8, 1\r\n"
-            "move     $9, %4\r\n"
-            "and      $10, $9, $8\r\n"
-            "beqz     $10, 1f\r\n"
-            "nop      \r\n"
-            "subu     $9, $9, 1\r\n"
-            PTR_SLL   "$11, $9, 2\r\n"
-            "move     $13, %5\r\n"
-            PTR_ADDU  "$13, $13, $11\r\n"
-            "lwc1     %0, 0($13)\r\n"
-
-            "1:       \r\n"
-            "li       $8, 2\r\n"
-            "and      $10, $9, $8\r\n"
-            "beqz     $10, 2f\r\n"
-            "nop      \r\n"
-            "subu     $9, $9, 2\r\n"
-            PTR_SLL   "$11, $9, 2\r\n"
-            "move     $13, %5\r\n"
-            PTR_ADDU  "$13, $13, $11\r\n"
-            "mov.s    %1, %0\r\n"
-            "ldc1     %0, 0($13)\r\n"
-
-            "2:       \r\n"
-            "li       $8, 4\r\n"
-            "and      $10, $9, $8\r\n"
-            "beqz     $10, 3f\r\n"
-            "nop      \r\n"
-            "mov.s    %2, %0\r\n"
-            "mov.s    %3, %1\r\n"
-            "ldc1     %0, 0(%5)\r\n"
-            "ldc1     %1, 8(%5)\r\n"
-
-            "3:       \r\n"
-            "nop      \r\n"
-            ".set reorder\r\n"
-
-            : "=f" (mmA), "=f" (mmF), "=f" (mmD), "=f" (mmC)
-            : "r" (col), "r" (inptr)
-            : "$f0", "$f2", "$8", "$9", "$10", "$11", "$13", "memory"
-           );
-      } else {
-        if (!(((long)inptr) & 7)) {
-          mmA = _mm_load_si64((__m64 *)&inptr[0]);
-          mmF = _mm_load_si64((__m64 *)&inptr[8]);
-          mmD = _mm_load_si64((__m64 *)&inptr[16]);
-          mmC = _mm_load_si64((__m64 *)&inptr[24]);
-        } else {
-          mmA = _mm_loadu_si64((__m64 *)&inptr[0]);
-          mmF = _mm_loadu_si64((__m64 *)&inptr[8]);
-          mmD = _mm_loadu_si64((__m64 *)&inptr[16]);
-          mmC = _mm_loadu_si64((__m64 *)&inptr[24]);
-        }
-        inptr += RGB_PIXELSIZE * 8;
-      }
-      mmB = _mm_unpackhi_pi8(mmA, mmF);
-      mmA = _mm_unpacklo_pi8(mmA, mmF);
-
-      mmG = _mm_unpackhi_pi8(mmD, mmC);
-      mmD = _mm_unpacklo_pi8(mmD, mmC);
-
-      mmE = _mm_unpackhi_pi16(mmA, mmD);
-      mmA = _mm_unpacklo_pi16(mmA, mmD);
-
-      mmH = _mm_unpackhi_pi16(mmB, mmG);
-      mmB = _mm_unpacklo_pi16(mmB, mmG);
-
-      mmC = _mm_loadhi_pi8_f(mmA);
-      mmA = _mm_loadlo_pi8_f(mmA);
-
-      mmD = _mm_loadhi_pi8_f(mmB);
-      mmB = _mm_loadlo_pi8_f(mmB);
-
-      mmG = _mm_loadhi_pi8_f(mmE);
-      mmE = _mm_loadlo_pi8_f(mmE);
-
-      mmF = _mm_unpacklo_pi8(mmH, mmH);
-      mmH = _mm_unpackhi_pi8(mmH, mmH);
-      mmF = _mm_srli_pi16(mmF, BYTE_BIT);
-      mmH = _mm_srli_pi16(mmH, BYTE_BIT);
-
-#endif
-
-      /* re=(R0 R2 R4 R6), ge=(G0 G2 G4 G6), be=(B0 B2 B4 B6)
-       * ro=(R1 R3 R5 R7), go=(G1 G3 G5 G7), bo=(B1 B3 B5 B7)
-       *
-       * (Original)
-       * Y  =  0.29900 * R + 0.58700 * G + 0.11400 * B
-       * Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B + CENTERJSAMPLE
-       * Cr =  0.50000 * R - 0.41869 * G - 0.08131 * B + CENTERJSAMPLE
-       *
-       * (This implementation)
-       * Y  =  0.29900 * R + 0.33700 * G + 0.11400 * B + 0.25000 * G
-       * Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B + CENTERJSAMPLE
-       * Cr =  0.50000 * R - 0.41869 * G - 0.08131 * B + CENTERJSAMPLE
-       */
-
-      rglo = _mm_unpacklo_pi16(ro, go);
-      rgho = _mm_unpackhi_pi16(ro, go);
-      ylo_rg = _mm_madd_pi16(rglo, PW_F0299_F0337);
-      yho_rg = _mm_madd_pi16(rgho, PW_F0299_F0337);
-      cblo = _mm_madd_pi16(rglo, PW_MF016_MF033);
-      cbho = _mm_madd_pi16(rgho, PW_MF016_MF033);
-
-      blo = _mm_loadlo_pi16_f(bo);
-      bho = _mm_loadhi_pi16_f(bo);
-      halfblo = _mm_srli_pi32(blo, 1);
-      halfbho = _mm_srli_pi32(bho, 1);
-
-      cblo = _mm_add_pi32(cblo, halfblo);
-      cbho = _mm_add_pi32(cbho, halfbho);
-      cblo = _mm_add_pi32(cblo, PD_ONEHALFM1_CJ);
-      cbho = _mm_add_pi32(cbho, PD_ONEHALFM1_CJ);
-      cblo = _mm_srli_pi32(cblo, SCALEBITS);
-      cbho = _mm_srli_pi32(cbho, SCALEBITS);
-      cbo = _mm_packs_pi32(cblo, cbho);
-
-      rgle = _mm_unpacklo_pi16(re, ge);
-      rghe = _mm_unpackhi_pi16(re, ge);
-      yle_rg = _mm_madd_pi16(rgle, PW_F0299_F0337);
-      yhe_rg = _mm_madd_pi16(rghe, PW_F0299_F0337);
-      cble = _mm_madd_pi16(rgle, PW_MF016_MF033);
-      cbhe = _mm_madd_pi16(rghe, PW_MF016_MF033);
-
-      ble = _mm_loadlo_pi16_f(be);
-      bhe = _mm_loadhi_pi16_f(be);
-      halfble = _mm_srli_pi32(ble, 1);
-      halfbhe = _mm_srli_pi32(bhe, 1);
-
-      cble = _mm_add_pi32(cble, halfble);
-      cbhe = _mm_add_pi32(cbhe, halfbhe);
-      cble = _mm_add_pi32(cble, PD_ONEHALFM1_CJ);
-      cbhe = _mm_add_pi32(cbhe, PD_ONEHALFM1_CJ);
-      cble = _mm_srli_pi32(cble, SCALEBITS);
-      cbhe = _mm_srli_pi32(cbhe, SCALEBITS);
-      cbe = _mm_packs_pi32(cble, cbhe);
-
-      cbo = _mm_slli_pi16(cbo, BYTE_BIT);
-      cb = _mm_or_si64(cbe, cbo);
-
-      bglo = _mm_unpacklo_pi16(bo, go);
-      bgho = _mm_unpackhi_pi16(bo, go);
-      ylo_bg = _mm_madd_pi16(bglo, PW_F0114_F0250);
-      yho_bg = _mm_madd_pi16(bgho, PW_F0114_F0250);
-      crlo = _mm_madd_pi16(bglo, PW_MF008_MF041);
-      crho = _mm_madd_pi16(bgho, PW_MF008_MF041);
-
-      ylo = _mm_add_pi32(ylo_bg, ylo_rg);
-      yho = _mm_add_pi32(yho_bg, yho_rg);
-      ylo = _mm_add_pi32(ylo, PD_ONEHALF);
-      yho = _mm_add_pi32(yho, PD_ONEHALF);
-      ylo = _mm_srli_pi32(ylo, SCALEBITS);
-      yho = _mm_srli_pi32(yho, SCALEBITS);
-      yo = _mm_packs_pi32(ylo, yho);
-
-      rlo = _mm_loadlo_pi16_f(ro);
-      rho = _mm_loadhi_pi16_f(ro);
-      halfrlo = _mm_srli_pi32(rlo, 1);
-      halfrho = _mm_srli_pi32(rho, 1);
-
-      crlo = _mm_add_pi32(crlo, halfrlo);
-      crho = _mm_add_pi32(crho, halfrho);
-      crlo = _mm_add_pi32(crlo, PD_ONEHALFM1_CJ);
-      crho = _mm_add_pi32(crho, PD_ONEHALFM1_CJ);
-      crlo = _mm_srli_pi32(crlo, SCALEBITS);
-      crho = _mm_srli_pi32(crho, SCALEBITS);
-      cro = _mm_packs_pi32(crlo, crho);
-
-      bgle = _mm_unpacklo_pi16(be, ge);
-      bghe = _mm_unpackhi_pi16(be, ge);
-      yle_bg = _mm_madd_pi16(bgle, PW_F0114_F0250);
-      yhe_bg = _mm_madd_pi16(bghe, PW_F0114_F0250);
-      crle = _mm_madd_pi16(bgle, PW_MF008_MF041);
-      crhe = _mm_madd_pi16(bghe, PW_MF008_MF041);
-
-      yle = _mm_add_pi32(yle_bg, yle_rg);
-      yhe = _mm_add_pi32(yhe_bg, yhe_rg);
-      yle = _mm_add_pi32(yle, PD_ONEHALF);
-      yhe = _mm_add_pi32(yhe, PD_ONEHALF);
-      yle = _mm_srli_pi32(yle, SCALEBITS);
-      yhe = _mm_srli_pi32(yhe, SCALEBITS);
-      ye = _mm_packs_pi32(yle, yhe);
-
-      yo = _mm_slli_pi16(yo, BYTE_BIT);
-      y = _mm_or_si64(ye, yo);
-
-      rle = _mm_loadlo_pi16_f(re);
-      rhe = _mm_loadhi_pi16_f(re);
-      halfrle = _mm_srli_pi32(rle, 1);
-      halfrhe = _mm_srli_pi32(rhe, 1);
-
-      crle = _mm_add_pi32(crle, halfrle);
-      crhe = _mm_add_pi32(crhe, halfrhe);
-      crle = _mm_add_pi32(crle, PD_ONEHALFM1_CJ);
-      crhe = _mm_add_pi32(crhe, PD_ONEHALFM1_CJ);
-      crle = _mm_srli_pi32(crle, SCALEBITS);
-      crhe = _mm_srli_pi32(crhe, SCALEBITS);
-      cre = _mm_packs_pi32(crle, crhe);
-
-      cro = _mm_slli_pi16(cro, BYTE_BIT);
-      cr = _mm_or_si64(cre, cro);
-
-      _mm_store_si64((__m64 *)&outptr0[0], y);
-      _mm_store_si64((__m64 *)&outptr1[0], cb);
-      _mm_store_si64((__m64 *)&outptr2[0], cr);
-    }
-  }
-}
-
-#undef mmA
-#undef mmB
-#undef mmC
-#undef mmD
-#undef mmE
-#undef mmF
-#undef mmG
-#undef mmH
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jccolor-mmi.c b/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jccolor-mmi.c
deleted file mode 100644
index 93ef5c7..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jccolor-mmi.c
+++ /dev/null
@@ -1,148 +0,0 @@
-/*
- * Loongson MMI optimizations for libjpeg-turbo
- *
- * Copyright (C) 2011, 2014, D. R. Commander.  All Rights Reserved.
- * Copyright (C) 2016-2017, Loongson Technology Corporation Limited, BeiJing.
- *                          All Rights Reserved.
- * Authors:  ZhuChen     <zhuchen@loongson.cn>
- *           CaiWanwei   <caiwanwei@loongson.cn>
- *           SunZhangzhi <sunzhangzhi-cq@loongson.cn>
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* RGB --> YCC CONVERSION */
-
-#include "jsimd_mmi.h"
-
-
-#define F_0_081  ((short)5329)                /* FIX(0.08131) */
-#define F_0_114  ((short)7471)                /* FIX(0.11400) */
-#define F_0_168  ((short)11059)               /* FIX(0.16874) */
-#define F_0_250  ((short)16384)               /* FIX(0.25000) */
-#define F_0_299  ((short)19595)               /* FIX(0.29900) */
-#define F_0_331  ((short)21709)               /* FIX(0.33126) */
-#define F_0_418  ((short)27439)               /* FIX(0.41869) */
-#define F_0_587  ((short)38470)               /* FIX(0.58700) */
-#define F_0_337  ((short)(F_0_587 - F_0_250)) /* FIX(0.58700) - FIX(0.25000) */
-
-enum const_index {
-  index_PD_ONEHALF,
-  index_PW_F0299_F0337,
-  index_PW_F0114_F0250,
-  index_PW_MF016_MF033,
-  index_PW_MF008_MF041,
-  index_PD_ONEHALFM1_CJ
-};
-
-static uint64_t const_value[] = {
-  _uint64_set_pi32((int)(1 << (SCALEBITS - 1)), (int)(1 << (SCALEBITS - 1))),
-  _uint64_set_pi16(F_0_337, F_0_299, F_0_337, F_0_299),
-  _uint64_set_pi16(F_0_250, F_0_114, F_0_250, F_0_114),
-  _uint64_set_pi16(-F_0_331, -F_0_168, -F_0_331, -F_0_168),
-  _uint64_set_pi16(-F_0_418, -F_0_081, -F_0_418, -F_0_081),
-  _uint64_set_pi32(((1 << (SCALEBITS - 1)) - 1 + (CENTERJSAMPLE << SCALEBITS)),
-                   ((1 << (SCALEBITS - 1)) - 1 + (CENTERJSAMPLE << SCALEBITS)))
-};
-
-#define get_const_value(index)  (*(__m64 *)&const_value[index])
-
-#define PD_ONEHALF       get_const_value(index_PD_ONEHALF)
-#define PW_F0299_F0337   get_const_value(index_PW_F0299_F0337)
-#define PW_F0114_F0250   get_const_value(index_PW_F0114_F0250)
-#define PW_MF016_MF033   get_const_value(index_PW_MF016_MF033)
-#define PW_MF008_MF041   get_const_value(index_PW_MF008_MF041)
-#define PD_ONEHALFM1_CJ  get_const_value(index_PD_ONEHALFM1_CJ)
-
-
-#include "jccolext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-
-#define RGB_RED  EXT_RGB_RED
-#define RGB_GREEN  EXT_RGB_GREEN
-#define RGB_BLUE  EXT_RGB_BLUE
-#define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-#define jsimd_rgb_ycc_convert_mmi  jsimd_extrgb_ycc_convert_mmi
-#include "jccolext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_ycc_convert_mmi
-
-#define RGB_RED  EXT_RGBX_RED
-#define RGB_GREEN  EXT_RGBX_GREEN
-#define RGB_BLUE  EXT_RGBX_BLUE
-#define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-#define jsimd_rgb_ycc_convert_mmi  jsimd_extrgbx_ycc_convert_mmi
-#include "jccolext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_ycc_convert_mmi
-
-#define RGB_RED  EXT_BGR_RED
-#define RGB_GREEN  EXT_BGR_GREEN
-#define RGB_BLUE  EXT_BGR_BLUE
-#define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-#define jsimd_rgb_ycc_convert_mmi  jsimd_extbgr_ycc_convert_mmi
-#include "jccolext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_ycc_convert_mmi
-
-#define RGB_RED  EXT_BGRX_RED
-#define RGB_GREEN  EXT_BGRX_GREEN
-#define RGB_BLUE  EXT_BGRX_BLUE
-#define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-#define jsimd_rgb_ycc_convert_mmi  jsimd_extbgrx_ycc_convert_mmi
-#include "jccolext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_ycc_convert_mmi
-
-#define RGB_RED  EXT_XBGR_RED
-#define RGB_GREEN  EXT_XBGR_GREEN
-#define RGB_BLUE  EXT_XBGR_BLUE
-#define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-#define jsimd_rgb_ycc_convert_mmi  jsimd_extxbgr_ycc_convert_mmi
-#include "jccolext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_ycc_convert_mmi
-
-#define RGB_RED  EXT_XRGB_RED
-#define RGB_GREEN  EXT_XRGB_GREEN
-#define RGB_BLUE  EXT_XRGB_BLUE
-#define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-#define jsimd_rgb_ycc_convert_mmi  jsimd_extxrgb_ycc_convert_mmi
-#include "jccolext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_ycc_convert_mmi
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jcgray-mmi.c b/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jcgray-mmi.c
deleted file mode 100644
index 9c7b833..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jcgray-mmi.c
+++ /dev/null
@@ -1,132 +0,0 @@
-/*
- * Loongson MMI optimizations for libjpeg-turbo
- *
- * Copyright (C) 2011, 2014, D. R. Commander.  All Rights Reserved.
- * Copyright (C) 2016-2018, Loongson Technology Corporation Limited, BeiJing.
- *                          All Rights Reserved.
- * Authors:  ZhangLixia <zhanglixia-hf@loongson.cn>
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* RGB --> GRAYSCALE CONVERSION */
-
-#include "jsimd_mmi.h"
-
-
-#define F_0_114  ((short)7471)                /* FIX(0.11400) */
-#define F_0_250  ((short)16384)               /* FIX(0.25000) */
-#define F_0_299  ((short)19595)               /* FIX(0.29900) */
-#define F_0_587  ((short)38470)               /* FIX(0.58700) */
-#define F_0_337  ((short)(F_0_587 - F_0_250)) /* FIX(0.58700) - FIX(0.25000) */
-
-enum const_index {
-  index_PD_ONEHALF,
-  index_PW_F0299_F0337,
-  index_PW_F0114_F0250
-};
-
-static uint64_t const_value[] = {
-  _uint64_set_pi32((int)(1 << (SCALEBITS - 1)), (int)(1 << (SCALEBITS - 1))),
-  _uint64_set_pi16(F_0_337, F_0_299, F_0_337, F_0_299),
-  _uint64_set_pi16(F_0_250, F_0_114, F_0_250, F_0_114)
-};
-
-#define get_const_value(index)  (*(__m64 *)&const_value[index])
-
-#define PD_ONEHALF       get_const_value(index_PD_ONEHALF)
-#define PW_F0299_F0337   get_const_value(index_PW_F0299_F0337)
-#define PW_F0114_F0250   get_const_value(index_PW_F0114_F0250)
-
-
-#include "jcgryext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-
-#define RGB_RED  EXT_RGB_RED
-#define RGB_GREEN  EXT_RGB_GREEN
-#define RGB_BLUE  EXT_RGB_BLUE
-#define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-#define jsimd_rgb_gray_convert_mmi  jsimd_extrgb_gray_convert_mmi
-#include "jcgryext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_gray_convert_mmi
-
-#define RGB_RED  EXT_RGBX_RED
-#define RGB_GREEN  EXT_RGBX_GREEN
-#define RGB_BLUE  EXT_RGBX_BLUE
-#define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-#define jsimd_rgb_gray_convert_mmi  jsimd_extrgbx_gray_convert_mmi
-#include "jcgryext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_gray_convert_mmi
-
-#define RGB_RED  EXT_BGR_RED
-#define RGB_GREEN  EXT_BGR_GREEN
-#define RGB_BLUE  EXT_BGR_BLUE
-#define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-#define jsimd_rgb_gray_convert_mmi  jsimd_extbgr_gray_convert_mmi
-#include "jcgryext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_gray_convert_mmi
-
-#define RGB_RED  EXT_BGRX_RED
-#define RGB_GREEN  EXT_BGRX_GREEN
-#define RGB_BLUE  EXT_BGRX_BLUE
-#define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-#define jsimd_rgb_gray_convert_mmi  jsimd_extbgrx_gray_convert_mmi
-#include "jcgryext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_gray_convert_mmi
-
-#define RGB_RED  EXT_XBGR_RED
-#define RGB_GREEN  EXT_XBGR_GREEN
-#define RGB_BLUE  EXT_XBGR_BLUE
-#define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-#define jsimd_rgb_gray_convert_mmi  jsimd_extxbgr_gray_convert_mmi
-#include "jcgryext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_gray_convert_mmi
-
-#define RGB_RED  EXT_XRGB_RED
-#define RGB_GREEN  EXT_XRGB_GREEN
-#define RGB_BLUE  EXT_XRGB_BLUE
-#define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-#define jsimd_rgb_gray_convert_mmi  jsimd_extxrgb_gray_convert_mmi
-#include "jcgryext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_rgb_gray_convert_mmi
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jcgryext-mmi.c b/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jcgryext-mmi.c
deleted file mode 100644
index 08a83d6..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jcgryext-mmi.c
+++ /dev/null
@@ -1,374 +0,0 @@
-/*
- * Loongson MMI optimizations for libjpeg-turbo
- *
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2014-2015, 2019, D. R. Commander.  All Rights Reserved.
- * Copyright (C) 2016-2018, Loongson Technology Corporation Limited, BeiJing.
- *                          All Rights Reserved.
- * Authors:  ZhangLixia <zhanglixia-hf@loongson.cn>
- *
- * Based on the x86 SIMD extension for IJG JPEG library
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* This file is included by jcgray-mmi.c */
-
-
-#if RGB_RED == 0
-#define mmA  re
-#define mmB  ro
-#elif RGB_GREEN == 0
-#define mmA  ge
-#define mmB  go
-#elif RGB_BLUE == 0
-#define mmA  be
-#define mmB  bo
-#else
-#define mmA  xe
-#define mmB  xo
-#endif
-
-#if RGB_RED == 1
-#define mmC  re
-#define mmD  ro
-#elif RGB_GREEN == 1
-#define mmC  ge
-#define mmD  go
-#elif RGB_BLUE == 1
-#define mmC  be
-#define mmD  bo
-#else
-#define mmC  xe
-#define mmD  xo
-#endif
-
-#if RGB_RED == 2
-#define mmE  re
-#define mmF  ro
-#elif RGB_GREEN == 2
-#define mmE  ge
-#define mmF  go
-#elif RGB_BLUE == 2
-#define mmE  be
-#define mmF  bo
-#else
-#define mmE  xe
-#define mmF  xo
-#endif
-
-#if RGB_RED == 3
-#define mmG  re
-#define mmH  ro
-#elif RGB_GREEN == 3
-#define mmG  ge
-#define mmH  go
-#elif RGB_BLUE == 3
-#define mmG  be
-#define mmH  bo
-#else
-#define mmG  xe
-#define mmH  xo
-#endif
-
-
-void jsimd_rgb_gray_convert_mmi(JDIMENSION image_width, JSAMPARRAY input_buf,
-                                JSAMPIMAGE output_buf, JDIMENSION output_row,
-                                int num_rows)
-{
-  JSAMPROW inptr, outptr;
-  int num_cols, col;
-  __m64 re, ro, ge, go, be, bo, xe;
-#if RGB_PIXELSIZE == 4
-  __m64 xo;
-#endif
-  __m64 rgle, rghe, rglo, rgho, bgle, bghe, bglo, bgho;
-  __m64 yle_rg, yhe_rg, yle_bg, yhe_bg, yle, yhe, ye;
-  __m64 ylo_rg, yho_rg, ylo_bg, yho_bg, ylo, yho, yo, y;
-
-  while (--num_rows >= 0) {
-    inptr = *input_buf++;
-    outptr = output_buf[0][output_row];
-    output_row++;
-
-    for (num_cols = image_width; num_cols > 0; num_cols -= 8,
-         outptr += 8) {
-
-#if RGB_PIXELSIZE == 3
-
-      if (num_cols < 8) {
-        col = num_cols * 3;
-        asm(".set noreorder\r\n"
-
-            "li       $8, 1\r\n"
-            "move     $9, %3\r\n"
-            "and      $10, $9, $8\r\n"
-            "beqz     $10, 1f\r\n"
-            "nop      \r\n"
-            "subu     $9, $9, 1\r\n"
-            "xor      $12, $12, $12\r\n"
-            "move     $13, %5\r\n"
-            PTR_ADDU  "$13, $13, $9\r\n"
-            "lbu      $12, 0($13)\r\n"
-
-            "1:       \r\n"
-            "li       $8, 2\r\n"
-            "and      $10, $9, $8\r\n"
-            "beqz     $10, 2f\r\n"
-            "nop      \r\n"
-            "subu     $9, $9, 2\r\n"
-            "xor      $11, $11, $11\r\n"
-            "move     $13, %5\r\n"
-            PTR_ADDU  "$13, $13, $9\r\n"
-            "lhu      $11, 0($13)\r\n"
-            "sll      $12, $12, 16\r\n"
-            "or       $12, $12, $11\r\n"
-
-            "2:       \r\n"
-            "dmtc1    $12, %0\r\n"
-            "li       $8, 4\r\n"
-            "and      $10, $9, $8\r\n"
-            "beqz     $10, 3f\r\n"
-            "nop      \r\n"
-            "subu     $9, $9, 4\r\n"
-            "move     $13, %5\r\n"
-            PTR_ADDU  "$13, $13, $9\r\n"
-            "lwu      $14, 0($13)\r\n"
-            "dmtc1    $14, %1\r\n"
-            "dsll32   $12, $12, 0\r\n"
-            "or       $12, $12, $14\r\n"
-            "dmtc1    $12, %0\r\n"
-
-            "3:       \r\n"
-            "li       $8, 8\r\n"
-            "and      $10, $9, $8\r\n"
-            "beqz     $10, 4f\r\n"
-            "nop      \r\n"
-            "mov.s    %1, %0\r\n"
-            "ldc1     %0, 0(%5)\r\n"
-            "li       $9, 8\r\n"
-            "j        5f\r\n"
-            "nop      \r\n"
-
-            "4:       \r\n"
-            "li       $8, 16\r\n"
-            "and      $10, $9, $8\r\n"
-            "beqz     $10, 5f\r\n"
-            "nop      \r\n"
-            "mov.s    %2, %0\r\n"
-            "ldc1     %0, 0(%5)\r\n"
-            "ldc1     %1, 8(%5)\r\n"
-
-            "5:       \r\n"
-            "nop      \r\n"
-            ".set reorder\r\n"
-
-            : "=f" (mmA), "=f" (mmG), "=f" (mmF)
-            : "r" (col), "r" (num_rows), "r" (inptr)
-            : "$f0", "$f2", "$f4", "$8", "$9", "$10", "$11", "$12", "$13",
-              "$14", "memory"
-           );
-      } else {
-        if (!(((long)inptr) & 7)) {
-          mmA = _mm_load_si64((__m64 *)&inptr[0]);
-          mmG = _mm_load_si64((__m64 *)&inptr[8]);
-          mmF = _mm_load_si64((__m64 *)&inptr[16]);
-        } else {
-          mmA = _mm_loadu_si64((__m64 *)&inptr[0]);
-          mmG = _mm_loadu_si64((__m64 *)&inptr[8]);
-          mmF = _mm_loadu_si64((__m64 *)&inptr[16]);
-        }
-        inptr += RGB_PIXELSIZE * 8;
-      }
-      mmD = _mm_srli_si64(mmA, 4 * BYTE_BIT);
-      mmA = _mm_slli_si64(mmA, 4 * BYTE_BIT);
-
-      mmA = _mm_unpackhi_pi8(mmA, mmG);
-      mmG = _mm_slli_si64(mmG, 4 * BYTE_BIT);
-
-      mmD = _mm_unpacklo_pi8(mmD, mmF);
-      mmG = _mm_unpackhi_pi8(mmG, mmF);
-
-      mmE = _mm_srli_si64(mmA, 4 * BYTE_BIT);
-      mmA = _mm_slli_si64(mmA, 4 * BYTE_BIT);
-
-      mmA = _mm_unpackhi_pi8(mmA, mmD);
-      mmD = _mm_slli_si64(mmD, 4 * BYTE_BIT);
-
-      mmE = _mm_unpacklo_pi8(mmE, mmG);
-      mmD = _mm_unpackhi_pi8(mmD, mmG);
-      mmC = _mm_loadhi_pi8_f(mmA);
-      mmA = _mm_loadlo_pi8_f(mmA);
-
-      mmB = _mm_loadhi_pi8_f(mmE);
-      mmE = _mm_loadlo_pi8_f(mmE);
-
-      mmF = _mm_loadhi_pi8_f(mmD);
-      mmD = _mm_loadlo_pi8_f(mmD);
-
-#else  /* RGB_PIXELSIZE == 4 */
-
-      if (num_cols < 8) {
-        col = num_cols;
-        asm(".set noreorder\r\n"
-
-            "li       $8, 1\r\n"
-            "move     $9, %4\r\n"
-            "and      $10, $9, $8\r\n"
-            "beqz     $10, 1f\r\n"
-            "nop      \r\n"
-            "subu     $9, $9, 1\r\n"
-            PTR_SLL   "$11, $9, 2\r\n"
-            "move     $13, %5\r\n"
-            PTR_ADDU  "$13, $13, $11\r\n"
-            "lwc1     %0, 0($13)\r\n"
-
-            "1:       \r\n"
-            "li       $8, 2\r\n"
-            "and      $10, $9, $8\r\n"
-            "beqz     $10, 2f\r\n"
-            "nop      \r\n"
-            "subu     $9, $9, 2\r\n"
-            PTR_SLL   "$11, $9, 2\r\n"
-            "move     $13, %5\r\n"
-            PTR_ADDU  "$13, $13, $11\r\n"
-            "mov.s    %1, %0\r\n"
-            "ldc1     %0, 0($13)\r\n"
-
-            "2:       \r\n"
-            "li       $8, 4\r\n"
-            "and      $10, $9, $8\r\n"
-            "beqz     $10, 3f\r\n"
-            "nop      \r\n"
-            "mov.s    %2, %0\r\n"
-            "mov.s    %3, %1\r\n"
-            "ldc1     %0, 0(%5)\r\n"
-            "ldc1     %1, 8(%5)\r\n"
-
-            "3:       \r\n"
-            "nop      \r\n"
-            ".set reorder\r\n"
-
-            : "=f" (mmA), "=f" (mmF), "=f" (mmD), "=f" (mmC)
-            : "r" (col), "r" (inptr)
-            : "$f0", "$f2", "$8", "$9", "$10", "$11", "$13", "memory"
-           );
-      } else {
-        if (!(((long)inptr) & 7)) {
-          mmA = _mm_load_si64((__m64 *)&inptr[0]);
-          mmF = _mm_load_si64((__m64 *)&inptr[8]);
-          mmD = _mm_load_si64((__m64 *)&inptr[16]);
-          mmC = _mm_load_si64((__m64 *)&inptr[24]);
-        } else {
-          mmA = _mm_loadu_si64((__m64 *)&inptr[0]);
-          mmF = _mm_loadu_si64((__m64 *)&inptr[8]);
-          mmD = _mm_loadu_si64((__m64 *)&inptr[16]);
-          mmC = _mm_loadu_si64((__m64 *)&inptr[24]);
-        }
-        inptr += RGB_PIXELSIZE * 8;
-      }
-      mmB = _mm_unpackhi_pi8(mmA, mmF);
-      mmA = _mm_unpacklo_pi8(mmA, mmF);
-
-      mmG = _mm_unpackhi_pi8(mmD, mmC);
-      mmD = _mm_unpacklo_pi8(mmD, mmC);
-
-      mmE = _mm_unpackhi_pi16(mmA, mmD);
-      mmA = _mm_unpacklo_pi16(mmA, mmD);
-
-      mmH = _mm_unpackhi_pi16(mmB, mmG);
-      mmB = _mm_unpacklo_pi16(mmB, mmG);
-
-      mmC = _mm_loadhi_pi8_f(mmA);
-      mmA = _mm_loadlo_pi8_f(mmA);
-
-      mmD = _mm_loadhi_pi8_f(mmB);
-      mmB = _mm_loadlo_pi8_f(mmB);
-
-      mmG = _mm_loadhi_pi8_f(mmE);
-      mmE = _mm_loadlo_pi8_f(mmE);
-
-      mmF = _mm_unpacklo_pi8(mmH, mmH);
-      mmH = _mm_unpackhi_pi8(mmH, mmH);
-      mmF = _mm_srli_pi16(mmF, BYTE_BIT);
-      mmH = _mm_srli_pi16(mmH, BYTE_BIT);
-
-#endif
-
-      /* re=(R0 R2 R4 R6), ge=(G0 G2 G4 G6), be=(B0 B2 B4 B6)
-       * ro=(R1 R3 R5 R7), go=(G1 G3 G5 G7), bo=(B1 B3 B5 B7)
-       *
-       * (Original)
-       * Y  =  0.29900 * R + 0.58700 * G + 0.11400 * B
-       *
-       * (This implementation)
-       * Y  =  0.29900 * R + 0.33700 * G + 0.11400 * B + 0.25000 * G
-       */
-
-      rglo = _mm_unpacklo_pi16(ro, go);
-      rgho = _mm_unpackhi_pi16(ro, go);
-      ylo_rg = _mm_madd_pi16(rglo, PW_F0299_F0337);
-      yho_rg = _mm_madd_pi16(rgho, PW_F0299_F0337);
-
-      rgle = _mm_unpacklo_pi16(re, ge);
-      rghe = _mm_unpackhi_pi16(re, ge);
-      yle_rg = _mm_madd_pi16(rgle, PW_F0299_F0337);
-      yhe_rg = _mm_madd_pi16(rghe, PW_F0299_F0337);
-
-      bglo = _mm_unpacklo_pi16(bo, go);
-      bgho = _mm_unpackhi_pi16(bo, go);
-      ylo_bg = _mm_madd_pi16(bglo, PW_F0114_F0250);
-      yho_bg = _mm_madd_pi16(bgho, PW_F0114_F0250);
-
-      ylo = _mm_add_pi32(ylo_bg, ylo_rg);
-      yho = _mm_add_pi32(yho_bg, yho_rg);
-      ylo = _mm_add_pi32(ylo, PD_ONEHALF);
-      yho = _mm_add_pi32(yho, PD_ONEHALF);
-      ylo = _mm_srli_pi32(ylo, SCALEBITS);
-      yho = _mm_srli_pi32(yho, SCALEBITS);
-      yo = _mm_packs_pi32(ylo, yho);
-
-      bgle = _mm_unpacklo_pi16(be, ge);
-      bghe = _mm_unpackhi_pi16(be, ge);
-      yle_bg = _mm_madd_pi16(bgle, PW_F0114_F0250);
-      yhe_bg = _mm_madd_pi16(bghe, PW_F0114_F0250);
-
-      yle = _mm_add_pi32(yle_bg, yle_rg);
-      yhe = _mm_add_pi32(yhe_bg, yhe_rg);
-      yle = _mm_add_pi32(yle, PD_ONEHALF);
-      yhe = _mm_add_pi32(yhe, PD_ONEHALF);
-      yle = _mm_srli_pi32(yle, SCALEBITS);
-      yhe = _mm_srli_pi32(yhe, SCALEBITS);
-      ye = _mm_packs_pi32(yle, yhe);
-
-      yo = _mm_slli_pi16(yo, BYTE_BIT);
-      y = _mm_or_si64(ye, yo);
-
-      _mm_store_si64((__m64 *)&outptr[0], y);
-    }
-  }
-}
-
-#undef mmA
-#undef mmB
-#undef mmC
-#undef mmD
-#undef mmE
-#undef mmF
-#undef mmG
-#undef mmH
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jcsample-mmi.c b/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jcsample-mmi.c
deleted file mode 100644
index 0354dac..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jcsample-mmi.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * Loongson MMI optimizations for libjpeg-turbo
- *
- * Copyright (C) 2015, 2018-2019, D. R. Commander.  All Rights Reserved.
- * Copyright (C) 2016-2017, Loongson Technology Corporation Limited, BeiJing.
- *                          All Rights Reserved.
- * Authors:  ZhuChen     <zhuchen@loongson.cn>
- *           CaiWanwei   <caiwanwei@loongson.cn>
- *           SunZhangzhi <sunzhangzhi-cq@loongson.cn>
- *
- * Based on the x86 SIMD extension for IJG JPEG library
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* CHROMA DOWNSAMPLING */
-
-#include "jsimd_mmi.h"
-#include "jcsample.h"
-
-
-void jsimd_h2v2_downsample_mmi(JDIMENSION image_width, int max_v_samp_factor,
-                               JDIMENSION v_samp_factor,
-                               JDIMENSION width_in_blocks,
-                               JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  int inrow, outrow, outcol;
-  JDIMENSION output_cols = width_in_blocks * DCTSIZE;
-  JSAMPROW inptr0, inptr1, outptr;
-  __m64 bias, mask = 0.0, thisavg, nextavg, avg;
-  __m64 this0o, this0e, this0, this0sum, next0o, next0e, next0, next0sum;
-  __m64 this1o, this1e, this1, this1sum, next1o, next1e, next1, next1sum;
-
-  expand_right_edge(input_data, max_v_samp_factor, image_width,
-                    output_cols * 2);
-
-  bias = _mm_set1_pi32((1 << 17) + 1);   /* 0x00020001 (32-bit bias pattern) */
-                                         /* bias={1, 2, 1, 2} (16-bit) */
-  mask = _mm_cmpeq_pi16(mask, mask);
-  mask = _mm_srli_pi16(mask, BYTE_BIT);  /* {0xFF 0x00 0xFF 0x00 ..} */
-
-  for (inrow = 0, outrow = 0; outrow < v_samp_factor;
-       inrow += 2, outrow++) {
-
-    inptr0 = input_data[inrow];
-    inptr1 = input_data[inrow + 1];
-    outptr = output_data[outrow];
-
-    for (outcol = output_cols; outcol > 0;
-         outcol -= 8, inptr0 += 16, inptr1 += 16, outptr += 8) {
-
-      this0 = _mm_load_si64((__m64 *)&inptr0[0]);
-      this1 = _mm_load_si64((__m64 *)&inptr1[0]);
-      next0 = _mm_load_si64((__m64 *)&inptr0[8]);
-      next1 = _mm_load_si64((__m64 *)&inptr1[8]);
-
-      this0o = _mm_and_si64(this0, mask);
-      this0e = _mm_srli_pi16(this0, BYTE_BIT);
-      this1o = _mm_and_si64(this1, mask);
-      this1e = _mm_srli_pi16(this1, BYTE_BIT);
-      this0sum = _mm_add_pi16(this0o, this0e);
-      this1sum = _mm_add_pi16(this1o, this1e);
-
-      next0o = _mm_and_si64(next0, mask);
-      next0e = _mm_srli_pi16(next0, BYTE_BIT);
-      next1o = _mm_and_si64(next1, mask);
-      next1e = _mm_srli_pi16(next1, BYTE_BIT);
-      next0sum = _mm_add_pi16(next0o, next0e);
-      next1sum = _mm_add_pi16(next1o, next1e);
-
-      thisavg = _mm_add_pi16(this0sum, this1sum);
-      nextavg = _mm_add_pi16(next0sum, next1sum);
-      thisavg = _mm_add_pi16(thisavg, bias);
-      nextavg = _mm_add_pi16(nextavg, bias);
-      thisavg = _mm_srli_pi16(thisavg, 2);
-      nextavg = _mm_srli_pi16(nextavg, 2);
-
-      avg = _mm_packs_pu16(thisavg, nextavg);
-
-      _mm_store_si64((__m64 *)&outptr[0], avg);
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jcsample.h b/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jcsample.h
deleted file mode 100644
index bd07fcc..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jcsample.h
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * jcsample.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1996, Thomas G. Lane.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- */
-
-LOCAL(void)
-expand_right_edge(JSAMPARRAY image_data, int num_rows, JDIMENSION input_cols,
-                  JDIMENSION output_cols)
-{
-  register JSAMPROW ptr;
-  register JSAMPLE pixval;
-  register int count;
-  int row;
-  int numcols = (int)(output_cols - input_cols);
-
-  if (numcols > 0) {
-    for (row = 0; row < num_rows; row++) {
-      ptr = image_data[row] + input_cols;
-      pixval = ptr[-1];
-      for (count = numcols; count > 0; count--)
-        *ptr++ = pixval;
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jdcolext-mmi.c b/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jdcolext-mmi.c
deleted file mode 100644
index 3b5b2f2..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jdcolext-mmi.c
+++ /dev/null
@@ -1,415 +0,0 @@
-/*
- * Loongson MMI optimizations for libjpeg-turbo
- *
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2015, 2019, D. R. Commander.  All Rights Reserved.
- * Copyright (C) 2016-2018, Loongson Technology Corporation Limited, BeiJing.
- *                          All Rights Reserved.
- * Authors:  ZhuChen     <zhuchen@loongson.cn>
- *           SunZhangzhi <sunzhangzhi-cq@loongson.cn>
- *           CaiWanwei   <caiwanwei@loongson.cn>
- *
- * Based on the x86 SIMD extension for IJG JPEG library
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* This file is included by jdcolor-mmi.c */
-
-
-#if RGB_RED == 0
-#define mmA  re
-#define mmB  ro
-#elif RGB_GREEN == 0
-#define mmA  ge
-#define mmB  go
-#elif RGB_BLUE == 0
-#define mmA  be
-#define mmB  bo
-#else
-#define mmA  xe
-#define mmB  xo
-#endif
-
-#if RGB_RED == 1
-#define mmC  re
-#define mmD  ro
-#elif RGB_GREEN == 1
-#define mmC  ge
-#define mmD  go
-#elif RGB_BLUE == 1
-#define mmC  be
-#define mmD  bo
-#else
-#define mmC  xe
-#define mmD  xo
-#endif
-
-#if RGB_RED == 2
-#define mmE  re
-#define mmF  ro
-#elif RGB_GREEN == 2
-#define mmE  ge
-#define mmF  go
-#elif RGB_BLUE == 2
-#define mmE  be
-#define mmF  bo
-#else
-#define mmE  xe
-#define mmF  xo
-#endif
-
-#if RGB_RED == 3
-#define mmG  re
-#define mmH  ro
-#elif RGB_GREEN == 3
-#define mmG  ge
-#define mmH  go
-#elif RGB_BLUE == 3
-#define mmG  be
-#define mmH  bo
-#else
-#define mmG  xe
-#define mmH  xo
-#endif
-
-
-void jsimd_ycc_rgb_convert_mmi(JDIMENSION out_width, JSAMPIMAGE input_buf,
-                               JDIMENSION input_row, JSAMPARRAY output_buf,
-                               int num_rows)
-{
-  JSAMPROW outptr, inptr0, inptr1, inptr2;
-  int num_cols, col;
-  __m64 ye, yo, y, cbe, cbe2, cbo, cbo2, cb, cre, cre2, cro, cro2, cr;
-  __m64 re, ro, gle, ghe, ge, glo, gho, go, be, bo, xe = 0.0, xo = 0.0;
-  __m64 decenter, mask;
-
-  while (--num_rows >= 0) {
-    inptr0 = input_buf[0][input_row];
-    inptr1 = input_buf[1][input_row];
-    inptr2 = input_buf[2][input_row];
-    input_row++;
-    outptr = *output_buf++;
-
-    for (num_cols = out_width; num_cols > 0; num_cols -= 8,
-         inptr0 += 8, inptr1 += 8, inptr2 += 8) {
-
-      cb = _mm_load_si64((__m64 *)inptr1);
-      cr = _mm_load_si64((__m64 *)inptr2);
-      y = _mm_load_si64((__m64 *)inptr0);
-
-      mask = decenter = 0.0;
-      mask = _mm_cmpeq_pi16(mask, mask);
-      decenter = _mm_cmpeq_pi16(decenter, decenter);
-      mask = _mm_srli_pi16(mask, BYTE_BIT);   /* {0xFF 0x00 0xFF 0x00 ..} */
-      decenter = _mm_slli_pi16(decenter, 7);  /* {0xFF80 0xFF80 0xFF80 0xFF80} */
-
-      cbe = _mm_and_si64(mask, cb);           /* Cb(0246) */
-      cbo = _mm_srli_pi16(cb, BYTE_BIT);      /* Cb(1357) */
-      cre = _mm_and_si64(mask, cr);           /* Cr(0246) */
-      cro = _mm_srli_pi16(cr, BYTE_BIT);      /* Cr(1357) */
-      cbe = _mm_add_pi16(cbe, decenter);
-      cbo = _mm_add_pi16(cbo, decenter);
-      cre = _mm_add_pi16(cre, decenter);
-      cro = _mm_add_pi16(cro, decenter);
-
-      /* (Original)
-       * R = Y                + 1.40200 * Cr
-       * G = Y - 0.34414 * Cb - 0.71414 * Cr
-       * B = Y + 1.77200 * Cb
-       *
-       * (This implementation)
-       * R = Y                + 0.40200 * Cr + Cr
-       * G = Y - 0.34414 * Cb + 0.28586 * Cr - Cr
-       * B = Y - 0.22800 * Cb + Cb + Cb
-       */
-
-      cbe2 = _mm_add_pi16(cbe, cbe);          /* 2*CbE */
-      cbo2 = _mm_add_pi16(cbo, cbo);          /* 2*CbO */
-      cre2 = _mm_add_pi16(cre, cre);          /* 2*CrE */
-      cro2 = _mm_add_pi16(cro, cro);          /* 2*CrO */
-
-      be = _mm_mulhi_pi16(cbe2, PW_MF0228);   /* (2*CbE * -FIX(0.22800) */
-      bo = _mm_mulhi_pi16(cbo2, PW_MF0228);   /* (2*CbO * -FIX(0.22800) */
-      re = _mm_mulhi_pi16(cre2, PW_F0402);    /* (2*CrE * FIX(0.40200)) */
-      ro = _mm_mulhi_pi16(cro2, PW_F0402);    /* (2*CrO * FIX(0.40200)) */
-
-      be = _mm_add_pi16(be, PW_ONE);
-      bo = _mm_add_pi16(bo, PW_ONE);
-      be = _mm_srai_pi16(be, 1);              /* (CbE * -FIX(0.22800)) */
-      bo = _mm_srai_pi16(bo, 1);              /* (CbO * -FIX(0.22800)) */
-      re = _mm_add_pi16(re, PW_ONE);
-      ro = _mm_add_pi16(ro, PW_ONE);
-      re = _mm_srai_pi16(re, 1);              /* (CrE * FIX(0.40200)) */
-      ro = _mm_srai_pi16(ro, 1);              /* (CrO * FIX(0.40200)) */
-
-      be = _mm_add_pi16(be, cbe);
-      bo = _mm_add_pi16(bo, cbo);
-      be = _mm_add_pi16(be, cbe);             /* (CbE * FIX(1.77200))=(B-Y)E */
-      bo = _mm_add_pi16(bo, cbo);             /* (CbO * FIX(1.77200))=(B-Y)O */
-      re = _mm_add_pi16(re, cre);             /* (CrE * FIX(1.40200))=(R-Y)E */
-      ro = _mm_add_pi16(ro, cro);             /* (CrO * FIX(1.40200))=(R-Y)O */
-
-      gle = _mm_unpacklo_pi16(cbe, cre);
-      ghe = _mm_unpackhi_pi16(cbe, cre);
-      gle = _mm_madd_pi16(gle, PW_MF0344_F0285);
-      ghe = _mm_madd_pi16(ghe, PW_MF0344_F0285);
-      glo = _mm_unpacklo_pi16(cbo, cro);
-      gho = _mm_unpackhi_pi16(cbo, cro);
-      glo = _mm_madd_pi16(glo, PW_MF0344_F0285);
-      gho = _mm_madd_pi16(gho, PW_MF0344_F0285);
-
-      gle = _mm_add_pi32(gle, PD_ONEHALF);
-      ghe = _mm_add_pi32(ghe, PD_ONEHALF);
-      gle = _mm_srai_pi32(gle, SCALEBITS);
-      ghe = _mm_srai_pi32(ghe, SCALEBITS);
-      glo = _mm_add_pi32(glo, PD_ONEHALF);
-      gho = _mm_add_pi32(gho, PD_ONEHALF);
-      glo = _mm_srai_pi32(glo, SCALEBITS);
-      gho = _mm_srai_pi32(gho, SCALEBITS);
-
-      ge = _mm_packs_pi32(gle, ghe);       /* CbE*-FIX(0.344)+CrE*FIX(0.285) */
-      go = _mm_packs_pi32(glo, gho);       /* CbO*-FIX(0.344)+CrO*FIX(0.285) */
-      ge = _mm_sub_pi16(ge, cre);  /* CbE*-FIX(0.344)+CrE*-FIX(0.714)=(G-Y)E */
-      go = _mm_sub_pi16(go, cro);  /* CbO*-FIX(0.344)+CrO*-FIX(0.714)=(G-Y)O */
-
-      ye = _mm_and_si64(mask, y);             /* Y(0246) */
-      yo = _mm_srli_pi16(y, BYTE_BIT);        /* Y(1357) */
-
-      re = _mm_add_pi16(re, ye);              /* ((R-Y)E+YE)=(R0 R2 R4 R6) */
-      ro = _mm_add_pi16(ro, yo);              /* ((R-Y)O+YO)=(R1 R3 R5 R7) */
-      re = _mm_packs_pu16(re, re);            /* (R0 R2 R4 R6 ** ** ** **) */
-      ro = _mm_packs_pu16(ro, ro);            /* (R1 R3 R5 R7 ** ** ** **) */
-
-      ge = _mm_add_pi16(ge, ye);              /* ((G-Y)E+YE)=(G0 G2 G4 G6) */
-      go = _mm_add_pi16(go, yo);              /* ((G-Y)O+YO)=(G1 G3 G5 G7) */
-      ge = _mm_packs_pu16(ge, ge);            /* (G0 G2 G4 G6 ** ** ** **) */
-      go = _mm_packs_pu16(go, go);            /* (G1 G3 G5 G7 ** ** ** **) */
-
-      be = _mm_add_pi16(be, ye);              /* (YE+(B-Y)E)=(B0 B2 B4 B6) */
-      bo = _mm_add_pi16(bo, yo);              /* (YO+(B-Y)O)=(B1 B3 B5 B7) */
-      be = _mm_packs_pu16(be, be);            /* (B0 B2 B4 B6 ** ** ** **) */
-      bo = _mm_packs_pu16(bo, bo);            /* (B1 B3 B5 B7 ** ** ** **) */
-
-#if RGB_PIXELSIZE == 3
-
-      /* mmA=(00 02 04 06 ** ** ** **), mmB=(01 03 05 07 ** ** ** **) */
-      /* mmC=(10 12 14 16 ** ** ** **), mmD=(11 13 15 17 ** ** ** **) */
-      mmA = _mm_unpacklo_pi8(mmA, mmC);       /* (00 10 02 12 04 14 06 16) */
-      mmE = _mm_unpacklo_pi8(mmE, mmB);       /* (20 01 22 03 24 05 26 07) */
-      mmD = _mm_unpacklo_pi8(mmD, mmF);       /* (11 21 13 23 15 25 17 27) */
-
-      mmH = _mm_srli_si64(mmA, 2 * BYTE_BIT);
-
-      mmG = _mm_unpackhi_pi16(mmA, mmE);      /* (04 14 24 05 06 16 26 07) */
-      mmA = _mm_unpacklo_pi16(mmA, mmE);      /* (00 10 20 01 02 12 22 03) */
-
-      mmE = _mm_srli_si64(mmE, 2 * BYTE_BIT);
-      mmB = _mm_srli_si64(mmD, 2 * BYTE_BIT);  /* (13 23 15 25 17 27 -- --) */
-
-      mmC = _mm_unpackhi_pi16(mmD, mmH);      /* (15 25 06 16 17 27 -- --) */
-      mmD = _mm_unpacklo_pi16(mmD, mmH);      /* (11 21 02 12 13 23 04 14) */
-
-      mmF = _mm_unpackhi_pi16(mmE, mmB);      /* (26 07 17 27 -- -- -- --) */
-      mmE = _mm_unpacklo_pi16(mmE, mmB);      /* (22 03 13 23 24 05 15 25) */
-
-      mmA = _mm_unpacklo_pi32(mmA, mmD);      /* (00 10 20 01 11 21 02 12) */
-      mmE = _mm_unpacklo_pi32(mmE, mmG);      /* (22 03 13 23 04 14 24 05) */
-      mmC = _mm_unpacklo_pi32(mmC, mmF);      /* (15 25 06 16 26 07 17 27) */
-
-      if (num_cols >= 8) {
-        if (!(((long)outptr) & 7)) {
-          _mm_store_si64((__m64 *)outptr, mmA);
-          _mm_store_si64((__m64 *)(outptr + 8), mmE);
-          _mm_store_si64((__m64 *)(outptr + 16), mmC);
-        } else {
-          _mm_storeu_si64((__m64 *)outptr, mmA);
-          _mm_storeu_si64((__m64 *)(outptr + 8), mmE);
-          _mm_storeu_si64((__m64 *)(outptr + 16), mmC);
-        }
-        outptr += RGB_PIXELSIZE * 8;
-      } else {
-        col = num_cols * 3;
-        asm(".set noreorder\r\n"
-
-            "li       $8, 16\r\n"
-            "move     $9, %4\r\n"
-            "mov.s    $f4, %1\r\n"
-            "mov.s    $f6, %3\r\n"
-            "move     $10, %5\r\n"
-            "bltu     $9, $8, 1f\r\n"
-            "nop      \r\n"
-            "gssdlc1  $f4, 7($10)\r\n"
-            "gssdrc1  $f4, 0($10)\r\n"
-            "gssdlc1  $f6, 7+8($10)\r\n"
-            "gssdrc1  $f6, 8($10)\r\n"
-            "mov.s    $f4, %2\r\n"
-            "subu     $9, $9, 16\r\n"
-            PTR_ADDU  "$10, $10, 16\r\n"
-            "b        2f\r\n"
-            "nop      \r\n"
-
-            "1:       \r\n"
-            "li       $8, 8\r\n"              /* st8 */
-            "bltu     $9, $8, 2f\r\n"
-            "nop      \r\n"
-            "gssdlc1  $f4, 7($10)\r\n"
-            "gssdrc1  $f4, 0($10)\r\n"
-            "mov.s    $f4, %3\r\n"
-            "subu     $9, $9, 8\r\n"
-            PTR_ADDU  "$10, $10, 8\r\n"
-
-            "2:       \r\n"
-            "li       $8, 4\r\n"              /* st4 */
-            "mfc1     $11, $f4\r\n"
-            "bltu     $9, $8, 3f\r\n"
-            "nop      \r\n"
-            "swl      $11, 3($10)\r\n"
-            "swr      $11, 0($10)\r\n"
-            "li       $8, 32\r\n"
-            "mtc1     $8, $f6\r\n"
-            "dsrl     $f4, $f4, $f6\r\n"
-            "mfc1     $11, $f4\r\n"
-            "subu     $9, $9, 4\r\n"
-            PTR_ADDU  "$10, $10, 4\r\n"
-
-            "3:       \r\n"
-            "li       $8, 2\r\n"              /* st2 */
-            "bltu     $9, $8, 4f\r\n"
-            "nop      \r\n"
-            "ush      $11, 0($10)\r\n"
-            "srl      $11, 16\r\n"
-            "subu     $9, $9, 2\r\n"
-            PTR_ADDU  "$10, $10, 2\r\n"
-
-            "4:       \r\n"
-            "li       $8, 1\r\n"              /* st1 */
-            "bltu     $9, $8, 5f\r\n"
-            "nop      \r\n"
-            "sb       $11, 0($10)\r\n"
-
-            "5:       \r\n"
-            "nop      \r\n"                   /* end */
-            : "=m" (*outptr)
-            : "f" (mmA), "f" (mmC), "f" (mmE), "r" (col), "r" (outptr)
-            : "$f4", "$f6", "$8", "$9", "$10", "$11", "memory"
-           );
-      }
-
-#else  /* RGB_PIXELSIZE == 4 */
-
-#ifdef RGBX_FILLER_0XFF
-      xe = _mm_cmpeq_pi8(xe, xe);
-      xo = _mm_cmpeq_pi8(xo, xo);
-#else
-      xe = _mm_xor_si64(xe, xe);
-      xo = _mm_xor_si64(xo, xo);
-#endif
-      /* mmA=(00 02 04 06 ** ** ** **), mmB=(01 03 05 07 ** ** ** **) */
-      /* mmC=(10 12 14 16 ** ** ** **), mmD=(11 13 15 17 ** ** ** **) */
-      /* mmE=(20 22 24 26 ** ** ** **), mmF=(21 23 25 27 ** ** ** **) */
-      /* mmG=(30 32 34 36 ** ** ** **), mmH=(31 33 35 37 ** ** ** **) */
-
-      mmA = _mm_unpacklo_pi8(mmA, mmC);       /* (00 10 02 12 04 14 06 16) */
-      mmE = _mm_unpacklo_pi8(mmE, mmG);       /* (20 30 22 32 24 34 26 36) */
-      mmB = _mm_unpacklo_pi8(mmB, mmD);       /* (01 11 03 13 05 15 07 17) */
-      mmF = _mm_unpacklo_pi8(mmF, mmH);       /* (21 31 23 33 25 35 27 37) */
-
-      mmC = _mm_unpackhi_pi16(mmA, mmE);      /* (04 14 24 34 06 16 26 36) */
-      mmA = _mm_unpacklo_pi16(mmA, mmE);      /* (00 10 20 30 02 12 22 32) */
-      mmG = _mm_unpackhi_pi16(mmB, mmF);      /* (05 15 25 35 07 17 27 37) */
-      mmB = _mm_unpacklo_pi16(mmB, mmF);      /* (01 11 21 31 03 13 23 33) */
-
-      mmD = _mm_unpackhi_pi32(mmA, mmB);      /* (02 12 22 32 03 13 23 33) */
-      mmA = _mm_unpacklo_pi32(mmA, mmB);      /* (00 10 20 30 01 11 21 31) */
-      mmH = _mm_unpackhi_pi32(mmC, mmG);      /* (06 16 26 36 07 17 27 37) */
-      mmC = _mm_unpacklo_pi32(mmC, mmG);      /* (04 14 24 34 05 15 25 35) */
-
-      if (num_cols >= 8) {
-        if (!(((long)outptr) & 7)) {
-          _mm_store_si64((__m64 *)outptr, mmA);
-          _mm_store_si64((__m64 *)(outptr + 8), mmD);
-          _mm_store_si64((__m64 *)(outptr + 16), mmC);
-          _mm_store_si64((__m64 *)(outptr + 24), mmH);
-        } else {
-          _mm_storeu_si64((__m64 *)outptr, mmA);
-          _mm_storeu_si64((__m64 *)(outptr + 8), mmD);
-          _mm_storeu_si64((__m64 *)(outptr + 16), mmC);
-          _mm_storeu_si64((__m64 *)(outptr + 24), mmH);
-        }
-        outptr += RGB_PIXELSIZE * 8;
-      } else {
-        col = num_cols;
-        asm(".set noreorder\r\n"              /* st16 */
-
-            "li       $8, 4\r\n"
-            "move     $9, %6\r\n"
-            "move     $10, %7\r\n"
-            "mov.s    $f4, %2\r\n"
-            "mov.s    $f6, %4\r\n"
-            "bltu     $9, $8, 1f\r\n"
-            "nop      \r\n"
-            "gssdlc1  $f4, 7($10)\r\n"
-            "gssdrc1  $f4, 0($10)\r\n"
-            "gssdlc1  $f6, 7+8($10)\r\n"
-            "gssdrc1  $f6, 8($10)\r\n"
-            "mov.s    $f4, %3\r\n"
-            "mov.s    $f6, %5\r\n"
-            "subu     $9, $9, 4\r\n"
-            PTR_ADDU  "$10, $10, 16\r\n"
-
-            "1:       \r\n"
-            "li       $8, 2\r\n"              /* st8 */
-            "bltu     $9, $8, 2f\r\n"
-            "nop      \r\n"
-            "gssdlc1  $f4, 7($10)\r\n"
-            "gssdrc1  $f4, 0($10)\r\n"
-            "mov.s    $f4, $f6\r\n"
-            "subu     $9, $9, 2\r\n"
-            PTR_ADDU  "$10, $10, 8\r\n"
-
-            "2:       \r\n"
-            "li       $8, 1\r\n"              /* st4 */
-            "bltu     $9, $8, 3f\r\n"
-            "nop      \r\n"
-            "gsswlc1  $f4, 3($10)\r\n"
-            "gsswrc1  $f4, 0($10)\r\n"
-
-            "3:       \r\n"
-            "li       %1, 0\r\n"              /* end */
-            : "=m" (*outptr), "=r" (col)
-            : "f" (mmA), "f" (mmC), "f" (mmD), "f" (mmH), "r" (col),
-              "r" (outptr)
-            : "$f4", "$f6", "$8", "$9", "$10", "memory"
-           );
-      }
-
-#endif
-
-    }
-  }
-}
-
-#undef mmA
-#undef mmB
-#undef mmC
-#undef mmD
-#undef mmE
-#undef mmF
-#undef mmG
-#undef mmH
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jdcolor-mmi.c b/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jdcolor-mmi.c
deleted file mode 100644
index 2c58263..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jdcolor-mmi.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/*
- * Loongson MMI optimizations for libjpeg-turbo
- *
- * Copyright (C) 2011, 2015, D. R. Commander.  All Rights Reserved.
- * Copyright (C) 2016-2017, Loongson Technology Corporation Limited, BeiJing.
- *                          All Rights Reserved.
- * Authors:  ZhuChen     <zhuchen@loongson.cn>
- *           CaiWanwei   <caiwanwei@loongson.cn>
- *           SunZhangzhi <sunzhangzhi-cq@loongson.cn>
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* YCC --> RGB CONVERSION */
-
-#include "jsimd_mmi.h"
-
-
-#define F_0_344  ((short)22554)  /* FIX(0.34414) */
-#define F_0_402  ((short)26345)  /* FIX(1.40200) - FIX(1) */
-#define F_0_285  ((short)18734)  /* FIX(1) - FIX(0.71414) */
-#define F_0_228  ((short)14942)  /* FIX(2) - FIX(1.77200) */
-
-enum const_index {
-  index_PW_ONE,
-  index_PW_F0402,
-  index_PW_MF0228,
-  index_PW_MF0344_F0285,
-  index_PD_ONEHALF
-};
-
-static uint64_t const_value[] = {
-  _uint64_set_pi16(1, 1, 1, 1),
-  _uint64_set_pi16(F_0_402, F_0_402, F_0_402, F_0_402),
-  _uint64_set_pi16(-F_0_228, -F_0_228, -F_0_228, -F_0_228),
-  _uint64_set_pi16(F_0_285, -F_0_344, F_0_285, -F_0_344),
-  _uint64_set_pi32((int)(1 << (SCALEBITS - 1)), (int)(1 << (SCALEBITS - 1)))
-};
-
-#define PW_ONE           get_const_value(index_PW_ONE)
-#define PW_F0402         get_const_value(index_PW_F0402)
-#define PW_MF0228        get_const_value(index_PW_MF0228)
-#define PW_MF0344_F0285  get_const_value(index_PW_MF0344_F0285)
-#define PD_ONEHALF       get_const_value(index_PD_ONEHALF)
-
-#define RGBX_FILLER_0XFF  1
-
-
-#include "jdcolext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-
-#define RGB_RED  EXT_RGB_RED
-#define RGB_GREEN  EXT_RGB_GREEN
-#define RGB_BLUE  EXT_RGB_BLUE
-#define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-#define jsimd_ycc_rgb_convert_mmi  jsimd_ycc_extrgb_convert_mmi
-#include "jdcolext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_ycc_rgb_convert_mmi
-
-#define RGB_RED  EXT_RGBX_RED
-#define RGB_GREEN  EXT_RGBX_GREEN
-#define RGB_BLUE  EXT_RGBX_BLUE
-#define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-#define jsimd_ycc_rgb_convert_mmi  jsimd_ycc_extrgbx_convert_mmi
-#include "jdcolext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_ycc_rgb_convert_mmi
-
-#define RGB_RED  EXT_BGR_RED
-#define RGB_GREEN  EXT_BGR_GREEN
-#define RGB_BLUE  EXT_BGR_BLUE
-#define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-#define jsimd_ycc_rgb_convert_mmi  jsimd_ycc_extbgr_convert_mmi
-#include "jdcolext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_ycc_rgb_convert_mmi
-
-#define RGB_RED  EXT_BGRX_RED
-#define RGB_GREEN  EXT_BGRX_GREEN
-#define RGB_BLUE  EXT_BGRX_BLUE
-#define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-#define jsimd_ycc_rgb_convert_mmi  jsimd_ycc_extbgrx_convert_mmi
-#include "jdcolext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_ycc_rgb_convert_mmi
-
-#define RGB_RED  EXT_XBGR_RED
-#define RGB_GREEN  EXT_XBGR_GREEN
-#define RGB_BLUE  EXT_XBGR_BLUE
-#define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-#define jsimd_ycc_rgb_convert_mmi  jsimd_ycc_extxbgr_convert_mmi
-#include "jdcolext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_ycc_rgb_convert_mmi
-
-#define RGB_RED  EXT_XRGB_RED
-#define RGB_GREEN  EXT_XRGB_GREEN
-#define RGB_BLUE  EXT_XRGB_BLUE
-#define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-#define jsimd_ycc_rgb_convert_mmi  jsimd_ycc_extxrgb_convert_mmi
-#include "jdcolext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_ycc_rgb_convert_mmi
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jdmerge-mmi.c b/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jdmerge-mmi.c
deleted file mode 100644
index 0a39bd5..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jdmerge-mmi.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/*
- * Loongson MMI optimizations for libjpeg-turbo
- *
- * Copyright (C) 2011, 2015, D. R. Commander.  All Rights Reserved.
- * Copyright (C) 2016-2018, Loongson Technology Corporation Limited, BeiJing.
- *                          All Rights Reserved.
- * Authors:  ZhangLixia <zhanglixia-hf@loongson.cn>
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* YCC --> RGB CONVERSION */
-
-#include "jsimd_mmi.h"
-
-
-#define F_0_344  ((short)22554)  /* FIX(0.34414) */
-#define F_0_402  ((short)26345)  /* FIX(1.40200) - FIX(1) */
-#define F_0_285  ((short)18734)  /* FIX(1) - FIX(0.71414) */
-#define F_0_228  ((short)14942)  /* FIX(2) - FIX(1.77200) */
-
-enum const_index {
-  index_PW_ONE,
-  index_PW_F0402,
-  index_PW_MF0228,
-  index_PW_MF0344_F0285,
-  index_PD_ONEHALF
-};
-
-static uint64_t const_value[] = {
-  _uint64_set_pi16(1, 1, 1, 1),
-  _uint64_set_pi16(F_0_402, F_0_402, F_0_402, F_0_402),
-  _uint64_set_pi16(-F_0_228, -F_0_228, -F_0_228, -F_0_228),
-  _uint64_set_pi16(F_0_285, -F_0_344, F_0_285, -F_0_344),
-  _uint64_set_pi32((int)(1 << (SCALEBITS - 1)), (int)(1 << (SCALEBITS - 1)))
-};
-
-#define PW_ONE           get_const_value(index_PW_ONE)
-#define PW_F0402         get_const_value(index_PW_F0402)
-#define PW_MF0228        get_const_value(index_PW_MF0228)
-#define PW_MF0344_F0285  get_const_value(index_PW_MF0344_F0285)
-#define PD_ONEHALF       get_const_value(index_PD_ONEHALF)
-
-#define RGBX_FILLER_0XFF  1
-
-
-#include "jdmrgext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-
-#define RGB_RED  EXT_RGB_RED
-#define RGB_GREEN  EXT_RGB_GREEN
-#define RGB_BLUE  EXT_RGB_BLUE
-#define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-#define jsimd_h2v1_merged_upsample_mmi  jsimd_h2v1_extrgb_merged_upsample_mmi
-#define jsimd_h2v2_merged_upsample_mmi  jsimd_h2v2_extrgb_merged_upsample_mmi
-#include "jdmrgext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_h2v1_merged_upsample_mmi
-#undef jsimd_h2v2_merged_upsample_mmi
-
-#define RGB_RED  EXT_RGBX_RED
-#define RGB_GREEN  EXT_RGBX_GREEN
-#define RGB_BLUE  EXT_RGBX_BLUE
-#define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-#define jsimd_h2v1_merged_upsample_mmi  jsimd_h2v1_extrgbx_merged_upsample_mmi
-#define jsimd_h2v2_merged_upsample_mmi  jsimd_h2v2_extrgbx_merged_upsample_mmi
-#include "jdmrgext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_h2v1_merged_upsample_mmi
-#undef jsimd_h2v2_merged_upsample_mmi
-
-#define RGB_RED  EXT_BGR_RED
-#define RGB_GREEN  EXT_BGR_GREEN
-#define RGB_BLUE  EXT_BGR_BLUE
-#define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-#define jsimd_h2v1_merged_upsample_mmi  jsimd_h2v1_extbgr_merged_upsample_mmi
-#define jsimd_h2v2_merged_upsample_mmi  jsimd_h2v2_extbgr_merged_upsample_mmi
-#include "jdmrgext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_h2v1_merged_upsample_mmi
-#undef jsimd_h2v2_merged_upsample_mmi
-
-#define RGB_RED  EXT_BGRX_RED
-#define RGB_GREEN  EXT_BGRX_GREEN
-#define RGB_BLUE  EXT_BGRX_BLUE
-#define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-#define jsimd_h2v1_merged_upsample_mmi  jsimd_h2v1_extbgrx_merged_upsample_mmi
-#define jsimd_h2v2_merged_upsample_mmi  jsimd_h2v2_extbgrx_merged_upsample_mmi
-#include "jdmrgext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_h2v1_merged_upsample_mmi
-#undef jsimd_h2v2_merged_upsample_mmi
-
-#define RGB_RED  EXT_XBGR_RED
-#define RGB_GREEN  EXT_XBGR_GREEN
-#define RGB_BLUE  EXT_XBGR_BLUE
-#define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-#define jsimd_h2v1_merged_upsample_mmi  jsimd_h2v1_extxbgr_merged_upsample_mmi
-#define jsimd_h2v2_merged_upsample_mmi  jsimd_h2v2_extxbgr_merged_upsample_mmi
-#include "jdmrgext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_h2v1_merged_upsample_mmi
-#undef jsimd_h2v2_merged_upsample_mmi
-
-#define RGB_RED  EXT_XRGB_RED
-#define RGB_GREEN  EXT_XRGB_GREEN
-#define RGB_BLUE  EXT_XRGB_BLUE
-#define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-#define jsimd_h2v1_merged_upsample_mmi  jsimd_h2v1_extxrgb_merged_upsample_mmi
-#define jsimd_h2v2_merged_upsample_mmi  jsimd_h2v2_extxrgb_merged_upsample_mmi
-#include "jdmrgext-mmi.c"
-#undef RGB_RED
-#undef RGB_GREEN
-#undef RGB_BLUE
-#undef RGB_PIXELSIZE
-#undef jsimd_h2v1_merged_upsample_mmi
-#undef jsimd_h2v2_merged_upsample_mmi
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jdmrgext-mmi.c b/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jdmrgext-mmi.c
deleted file mode 100644
index be09ff2..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jdmrgext-mmi.c
+++ /dev/null
@@ -1,615 +0,0 @@
-/*
- * Loongson MMI optimizations for libjpeg-turbo
- *
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2015, 2019, D. R. Commander.  All Rights Reserved.
- * Copyright (C) 2016-2018, Loongson Technology Corporation Limited, BeiJing.
- *                          All Rights Reserved.
- * Authors:  ZhangLixia <zhanglixia-hf@loongson.cn>
- *
- * Based on the x86 SIMD extension for IJG JPEG library
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* This file is included by jdmerge-mmi.c */
-
-
-#if RGB_RED == 0
-#define mmA  re
-#define mmB  ro
-#elif RGB_GREEN == 0
-#define mmA  ge
-#define mmB  go
-#elif RGB_BLUE == 0
-#define mmA  be
-#define mmB  bo
-#else
-#define mmA  xe
-#define mmB  xo
-#endif
-
-#if RGB_RED == 1
-#define mmC  re
-#define mmD  ro
-#elif RGB_GREEN == 1
-#define mmC  ge
-#define mmD  go
-#elif RGB_BLUE == 1
-#define mmC  be
-#define mmD  bo
-#else
-#define mmC  xe
-#define mmD  xo
-#endif
-
-#if RGB_RED == 2
-#define mmE  re
-#define mmF  ro
-#elif RGB_GREEN == 2
-#define mmE  ge
-#define mmF  go
-#elif RGB_BLUE == 2
-#define mmE  be
-#define mmF  bo
-#else
-#define mmE  xe
-#define mmF  xo
-#endif
-
-#if RGB_RED == 3
-#define mmG  re
-#define mmH  ro
-#elif RGB_GREEN == 3
-#define mmG  ge
-#define mmH  go
-#elif RGB_BLUE == 3
-#define mmG  be
-#define mmH  bo
-#else
-#define mmG  xe
-#define mmH  xo
-#endif
-
-
-void jsimd_h2v1_merged_upsample_mmi(JDIMENSION output_width,
-                                    JSAMPIMAGE input_buf,
-                                    JDIMENSION in_row_group_ctr,
-                                    JSAMPARRAY output_buf)
-{
-  JSAMPROW outptr, inptr0, inptr1, inptr2;
-  int num_cols, col;
-  __m64 ythise, ythiso, ythis, ynexte, ynexto, ynext, yl, y;
-  __m64 cbl, cbl2, cbh, cbh2, cb, crl, crl2, crh, crh2, cr;
-  __m64 rle, rlo, rl, rhe, rho, rh, re, ro;
-  __m64 ga, gb, gle, glo, gl, gc, gd, ghe, gho, gh, ge, go;
-  __m64 ble, blo, bl, bhe, bho, bh, be, bo, xe = 0.0, xo = 0.0;
-  __m64 decenter, mask, zero = 0.0;
-#if RGB_PIXELSIZE == 4
-  __m64 mm8, mm9;
-#endif
-
-  inptr0 = input_buf[0][in_row_group_ctr];
-  inptr1 = input_buf[1][in_row_group_ctr];
-  inptr2 = input_buf[2][in_row_group_ctr];
-  outptr = output_buf[0];
-
-  for (num_cols = output_width >> 1; num_cols > 0; num_cols -= 8,
-       inptr0 += 16, inptr1 += 8, inptr2 += 8) {
-
-    cb = _mm_load_si64((__m64 *)inptr1);
-    cr = _mm_load_si64((__m64 *)inptr2);
-    ythis = _mm_load_si64((__m64 *)inptr0);
-    ynext = _mm_load_si64((__m64 *)inptr0 + 1);
-
-    mask = decenter = 0.0;
-    mask = _mm_cmpeq_pi16(mask, mask);
-    decenter = _mm_cmpeq_pi16(decenter, decenter);
-    mask = _mm_srli_pi16(mask, BYTE_BIT);   /* {0xFF 0x00 0xFF 0x00 ..} */
-    decenter = _mm_slli_pi16(decenter, 7);  /* {0xFF80 0xFF80 0xFF80 0xFF80} */
-
-    cbl = _mm_unpacklo_pi8(cb, zero);         /* Cb(0123) */
-    cbh = _mm_unpackhi_pi8(cb, zero);         /* Cb(4567) */
-    crl = _mm_unpacklo_pi8(cr, zero);         /* Cr(0123) */
-    crh = _mm_unpackhi_pi8(cr, zero);         /* Cr(4567) */
-    cbl = _mm_add_pi16(cbl, decenter);
-    cbh = _mm_add_pi16(cbh, decenter);
-    crl = _mm_add_pi16(crl, decenter);
-    crh = _mm_add_pi16(crh, decenter);
-
-    /* (Original)
-     * R = Y                + 1.40200 * Cr
-     * G = Y - 0.34414 * Cb - 0.71414 * Cr
-     * B = Y + 1.77200 * Cb
-     *
-     * (This implementation)
-     * R = Y                + 0.40200 * Cr + Cr
-     * G = Y - 0.34414 * Cb + 0.28586 * Cr - Cr
-     * B = Y - 0.22800 * Cb + Cb + Cb
-     */
-
-    cbl2 = _mm_add_pi16(cbl, cbl);            /* 2*CbL */
-    cbh2 = _mm_add_pi16(cbh, cbh);            /* 2*CbH */
-    crl2 = _mm_add_pi16(crl, crl);            /* 2*CrL */
-    crh2 = _mm_add_pi16(crh, crh);            /* 2*CrH */
-
-    bl = _mm_mulhi_pi16(cbl2, PW_MF0228);     /* (2*CbL * -FIX(0.22800) */
-    bh = _mm_mulhi_pi16(cbh2, PW_MF0228);     /* (2*CbH * -FIX(0.22800) */
-    rl = _mm_mulhi_pi16(crl2, PW_F0402);      /* (2*CrL * FIX(0.40200)) */
-    rh = _mm_mulhi_pi16(crh2, PW_F0402);      /* (2*CrH * FIX(0.40200)) */
-
-    bl = _mm_add_pi16(bl, PW_ONE);
-    bh = _mm_add_pi16(bh, PW_ONE);
-    bl = _mm_srai_pi16(bl, 1);                /* (CbL * -FIX(0.22800)) */
-    bh = _mm_srai_pi16(bh, 1);                /* (CbH * -FIX(0.22800)) */
-    rl = _mm_add_pi16(rl, PW_ONE);
-    rh = _mm_add_pi16(rh, PW_ONE);
-    rl = _mm_srai_pi16(rl, 1);                /* (CrL * FIX(0.40200)) */
-    rh = _mm_srai_pi16(rh, 1);                /* (CrH * FIX(0.40200)) */
-
-    bl = _mm_add_pi16(bl, cbl);
-    bh = _mm_add_pi16(bh, cbh);
-    bl = _mm_add_pi16(bl, cbl);               /* (CbL * FIX(1.77200))=(B-Y)L */
-    bh = _mm_add_pi16(bh, cbh);               /* (CbH * FIX(1.77200))=(B-Y)H */
-    rl = _mm_add_pi16(rl, crl);               /* (CrL * FIX(1.40200))=(R-Y)L */
-    rh = _mm_add_pi16(rh, crh);               /* (CrH * FIX(1.40200))=(R-Y)H */
-
-    ga = _mm_unpacklo_pi16(cbl, crl);
-    gb = _mm_unpackhi_pi16(cbl, crl);
-    ga = _mm_madd_pi16(ga, PW_MF0344_F0285);
-    gb = _mm_madd_pi16(gb, PW_MF0344_F0285);
-    gc = _mm_unpacklo_pi16(cbh, crh);
-    gd = _mm_unpackhi_pi16(cbh, crh);
-    gc = _mm_madd_pi16(gc, PW_MF0344_F0285);
-    gd = _mm_madd_pi16(gd, PW_MF0344_F0285);
-
-    ga = _mm_add_pi32(ga, PD_ONEHALF);
-    gb = _mm_add_pi32(gb, PD_ONEHALF);
-    ga = _mm_srai_pi32(ga, SCALEBITS);
-    gb = _mm_srai_pi32(gb, SCALEBITS);
-    gc = _mm_add_pi32(gc, PD_ONEHALF);
-    gd = _mm_add_pi32(gd, PD_ONEHALF);
-    gc = _mm_srai_pi32(gc, SCALEBITS);
-    gd = _mm_srai_pi32(gd, SCALEBITS);
-
-    gl = _mm_packs_pi32(ga, gb);           /* CbL*-FIX(0.344)+CrL*FIX(0.285) */
-    gh = _mm_packs_pi32(gc, gd);           /* CbH*-FIX(0.344)+CrH*FIX(0.285) */
-    gl = _mm_sub_pi16(gl, crl);    /* CbL*-FIX(0.344)+CrL*-FIX(0.714)=(G-Y)L */
-    gh = _mm_sub_pi16(gh, crh);    /* CbH*-FIX(0.344)+CrH*-FIX(0.714)=(G-Y)H */
-
-    ythise = _mm_and_si64(mask, ythis);       /* Y(0246) */
-    ythiso = _mm_srli_pi16(ythis, BYTE_BIT);  /* Y(1357) */
-    ynexte = _mm_and_si64(mask, ynext);       /* Y(8ACE) */
-    ynexto = _mm_srli_pi16(ynext, BYTE_BIT);  /* Y(9BDF) */
-
-    rle = _mm_add_pi16(rl, ythise);           /* (R0 R2 R4 R6) */
-    rlo = _mm_add_pi16(rl, ythiso);           /* (R1 R3 R5 R7) */
-    rhe = _mm_add_pi16(rh, ynexte);           /* (R8 RA RC RE) */
-    rho = _mm_add_pi16(rh, ynexto);           /* (R9 RB RD RF) */
-    re = _mm_packs_pu16(rle, rhe);            /* (R0 R2 R4 R6 R8 RA RC RE) */
-    ro = _mm_packs_pu16(rlo, rho);            /* (R1 R3 R5 R7 R9 RB RD RF) */
-
-    gle = _mm_add_pi16(gl, ythise);           /* (G0 G2 G4 G6) */
-    glo = _mm_add_pi16(gl, ythiso);           /* (G1 G3 G5 G7) */
-    ghe = _mm_add_pi16(gh, ynexte);           /* (G8 GA GC GE) */
-    gho = _mm_add_pi16(gh, ynexto);           /* (G9 GB GD GF) */
-    ge = _mm_packs_pu16(gle, ghe);            /* (G0 G2 G4 G6 G8 GA GC GE) */
-    go = _mm_packs_pu16(glo, gho);            /* (G1 G3 G5 G7 G9 GB GD GF) */
-
-    ble = _mm_add_pi16(bl, ythise);           /* (B0 B2 B4 B6) */
-    blo = _mm_add_pi16(bl, ythiso);           /* (B1 B3 B5 B7) */
-    bhe = _mm_add_pi16(bh, ynexte);           /* (B8 BA BC BE) */
-    bho = _mm_add_pi16(bh, ynexto);           /* (B9 BB BD BF) */
-    be = _mm_packs_pu16(ble, bhe);            /* (B0 B2 B4 B6 B8 BA BC BE) */
-    bo = _mm_packs_pu16(blo, bho);            /* (B1 B3 B5 B7 B9 BB BD BF) */
-
-#if RGB_PIXELSIZE == 3
-
-    /* mmA=(00 02 04 06 08 0A 0C 0E), mmB=(01 03 05 07 09 0B 0D 0F) */
-    /* mmC=(10 12 14 16 18 1A 1C 1E), mmD=(11 13 15 17 19 1B 1D 1F) */
-    /* mmE=(20 22 24 26 28 2A 2C 2E), mmF=(21 23 25 27 29 2B 2D 2F) */
-    mmG = _mm_unpacklo_pi8(mmA, mmC);         /* (00 10 02 12 04 14 06 16) */
-    mmA = _mm_unpackhi_pi8(mmA, mmC);         /* (08 18 0A 1A 0C 1C 0E 1E) */
-    mmH = _mm_unpacklo_pi8(mmE, mmB);         /* (20 01 22 03 24 05 26 07) */
-    mmE = _mm_unpackhi_pi8(mmE, mmB);         /* (28 09 2A 0B 2C 0D 2E 0F) */
-    mmC = _mm_unpacklo_pi8(mmD, mmF);         /* (11 21 13 23 15 25 17 27) */
-    mmD = _mm_unpackhi_pi8(mmD, mmF);         /* (19 29 1B 2B 1D 2D 1F 2F) */
-
-    mmB = _mm_unpacklo_pi16(mmG, mmA);        /* (00 10 08 18 02 12 0A 1A) */
-    mmA = _mm_unpackhi_pi16(mmG, mmA);        /* (04 14 0C 1C 06 16 0E 1E) */
-    mmF = _mm_unpacklo_pi16(mmH, mmE);        /* (20 01 28 09 22 03 2A 0B) */
-    mmE = _mm_unpackhi_pi16(mmH, mmE);        /* (24 05 2C 0D 26 07 2E 0F) */
-    mmH = _mm_unpacklo_pi16(mmC, mmD);        /* (11 21 19 29 13 23 1B 2B) */
-    mmG = _mm_unpackhi_pi16(mmC, mmD);        /* (15 25 1D 2D 17 27 1F 2F) */
-
-    mmC = _mm_unpacklo_pi16(mmB, mmF);        /* (00 10 20 01 08 18 28 09) */
-    mmB = _mm_srli_si64(mmB, 4 * BYTE_BIT);
-    mmB = _mm_unpacklo_pi16(mmH, mmB);        /* (11 21 02 12 19 29 0A 1A) */
-    mmD = _mm_unpackhi_pi16(mmF, mmH);        /* (22 03 13 23 2A 0B 1B 2B) */
-    mmF = _mm_unpacklo_pi16(mmA, mmE);        /* (04 14 24 05 0C 1C 2C 0D) */
-    mmA = _mm_srli_si64(mmA, 4 * BYTE_BIT);
-    mmH = _mm_unpacklo_pi16(mmG, mmA);        /* (15 25 06 16 1D 2D 0E 1E) */
-    mmG = _mm_unpackhi_pi16(mmE, mmG);        /* (26 07 17 27 2E 0F 1F 2F) */
-
-    mmA = _mm_unpacklo_pi32(mmC, mmB);        /* (00 10 20 01 11 21 02 12) */
-    mmE = _mm_unpackhi_pi32(mmC, mmB);        /* (08 18 28 09 19 29 0A 1A) */
-    mmB = _mm_unpacklo_pi32(mmD, mmF);        /* (22 03 13 23 04 14 24 05) */
-    mmF = _mm_unpackhi_pi32(mmD, mmF);        /* (2A 0B 1B 2B 0C 1C 2C 0D) */
-    mmC = _mm_unpacklo_pi32(mmH, mmG);        /* (15 25 06 16 26 07 17 27) */
-    mmG = _mm_unpackhi_pi32(mmH, mmG);        /* (1D 2D 0E 1E 2E 0F 1F 2F) */
-
-    if (num_cols >= 8) {
-      if (!(((long)outptr) & 7)) {
-        _mm_store_si64((__m64 *)outptr, mmA);
-        _mm_store_si64((__m64 *)(outptr + 8), mmB);
-        _mm_store_si64((__m64 *)(outptr + 16), mmC);
-        _mm_store_si64((__m64 *)(outptr + 24), mmE);
-        _mm_store_si64((__m64 *)(outptr + 32), mmF);
-        _mm_store_si64((__m64 *)(outptr + 40), mmG);
-      } else {
-        _mm_storeu_si64((__m64 *)outptr, mmA);
-        _mm_storeu_si64((__m64 *)(outptr + 8), mmB);
-        _mm_storeu_si64((__m64 *)(outptr + 16), mmC);
-        _mm_storeu_si64((__m64 *)(outptr + 24), mmE);
-        _mm_storeu_si64((__m64 *)(outptr + 32), mmF);
-        _mm_storeu_si64((__m64 *)(outptr + 40), mmG);
-      }
-      outptr += RGB_PIXELSIZE * 16;
-    } else {
-      if (output_width & 1)
-        col = num_cols * 6 + 3;
-      else
-        col = num_cols * 6;
-
-      asm(".set noreorder\r\n"                /* st24 */
-
-          "li       $8, 24\r\n"
-          "move     $9, %7\r\n"
-          "mov.s    $f4, %1\r\n"
-          "mov.s    $f6, %2\r\n"
-          "mov.s    $f8, %3\r\n"
-          "move     $10, %8\r\n"
-          "bltu     $9, $8, 1f\r\n"
-          "nop      \r\n"
-          "gssdlc1  $f4, 7($10)\r\n"
-          "gssdrc1  $f4, 0($10)\r\n"
-          "gssdlc1  $f6, 7+8($10)\r\n"
-          "gssdrc1  $f6, 8($10)\r\n"
-          "gssdlc1  $f8, 7+16($10)\r\n"
-          "gssdrc1  $f8, 16($10)\r\n"
-          "mov.s    $f4, %4\r\n"
-          "mov.s    $f6, %5\r\n"
-          "mov.s    $f8, %6\r\n"
-          "subu     $9, $9, 24\r\n"
-          PTR_ADDU  "$10, $10, 24\r\n"
-
-          "1:       \r\n"
-          "li       $8, 16\r\n"               /* st16 */
-          "bltu     $9, $8, 2f\r\n"
-          "nop      \r\n"
-          "gssdlc1  $f4, 7($10)\r\n"
-          "gssdrc1  $f4, 0($10)\r\n"
-          "gssdlc1  $f6, 7+8($10)\r\n"
-          "gssdrc1  $f6, 8($10)\r\n"
-          "mov.s    $f4, $f8\r\n"
-          "subu     $9, $9, 16\r\n"
-          PTR_ADDU  "$10, $10, 16\r\n"
-
-          "2:       \r\n"
-          "li       $8,  8\r\n"               /* st8 */
-          "bltu     $9, $8, 3f\r\n"
-          "nop      \r\n"
-          "gssdlc1  $f4, 7($10)\r\n"
-          "gssdrc1  $f4, 0($10)\r\n"
-          "mov.s    $f4, $f6\r\n"
-          "subu     $9, $9, 8\r\n"
-          PTR_ADDU  "$10, $10, 8\r\n"
-
-          "3:       \r\n"
-          "li       $8,  4\r\n"               /* st4 */
-          "mfc1     $11, $f4\r\n"
-          "bltu     $9, $8, 4f\r\n"
-          "nop      \r\n"
-          "swl      $11, 3($10)\r\n"
-          "swr      $11, 0($10)\r\n"
-          "li       $8, 32\r\n"
-          "mtc1     $8, $f6\r\n"
-          "dsrl     $f4, $f4, $f6\r\n"
-          "mfc1     $11, $f4\r\n"
-          "subu     $9, $9, 4\r\n"
-          PTR_ADDU  "$10, $10, 4\r\n"
-
-          "4:       \r\n"
-          "li       $8, 2\r\n"                /* st2 */
-          "bltu     $9, $8, 5f\r\n"
-          "nop      \r\n"
-          "ush      $11, 0($10)\r\n"
-          "srl      $11, 16\r\n"
-          "subu     $9, $9, 2\r\n"
-          PTR_ADDU  "$10, $10, 2\r\n"
-
-          "5:       \r\n"
-          "li       $8, 1\r\n"                /* st1 */
-          "bltu     $9, $8, 6f\r\n"
-          "nop      \r\n"
-          "sb       $11, 0($10)\r\n"
-
-          "6:       \r\n"
-          "nop      \r\n"                     /* end */
-          : "=m" (*outptr)
-          : "f" (mmA), "f" (mmB), "f" (mmC), "f" (mmE), "f" (mmF),
-            "f" (mmG), "r" (col), "r" (outptr)
-          : "$f4", "$f6", "$f8", "$8", "$9", "$10", "$11", "memory"
-         );
-    }
-
-#else  /* RGB_PIXELSIZE == 4 */
-
-#ifdef RGBX_FILLER_0XFF
-    xe = _mm_cmpeq_pi8(xe, xe);
-    xo = _mm_cmpeq_pi8(xo, xo);
-#else
-    xe = _mm_xor_si64(xe, xe);
-    xo = _mm_xor_si64(xo, xo);
-#endif
-    /* mmA=(00 02 04 06 08 0A 0C 0E), mmB=(01 03 05 07 09 0B 0D 0F) */
-    /* mmC=(10 12 14 16 18 1A 1C 1E), mmD=(11 13 15 17 19 1B 1D 1F) */
-    /* mmE=(20 22 24 26 28 2A 2C 2E), mmF=(21 23 25 27 29 2B 2D 2F) */
-    /* mmG=(30 32 34 36 38 3A 3C 3E), mmH=(31 33 35 37 39 3B 3D 3F) */
-
-    mm8 = _mm_unpacklo_pi8(mmA, mmC);         /* (00 10 02 12 04 14 06 16) */
-    mm9 = _mm_unpackhi_pi8(mmA, mmC);         /* (08 18 0A 1A 0C 1C 0E 1E) */
-    mmA = _mm_unpacklo_pi8(mmE, mmG);         /* (20 30 22 32 24 34 26 36) */
-    mmE = _mm_unpackhi_pi8(mmE, mmG);         /* (28 38 2A 3A 2C 3C 2E 3E) */
-
-    mmG = _mm_unpacklo_pi8(mmB, mmD);         /* (01 11 03 13 05 15 07 17) */
-    mmB = _mm_unpackhi_pi8(mmB, mmD);         /* (09 19 0B 1B 0D 1D 0F 1F) */
-    mmD = _mm_unpacklo_pi8(mmF, mmH);         /* (21 31 23 33 25 35 27 37) */
-    mmF = _mm_unpackhi_pi8(mmF, mmH);         /* (29 39 2B 3B 2D 3D 2F 3F) */
-
-    mmH = _mm_unpacklo_pi16(mm8, mmA);        /* (00 10 20 30 02 12 22 32) */
-    mm8 = _mm_unpackhi_pi16(mm8, mmA);        /* (04 14 24 34 06 16 26 36) */
-    mmA = _mm_unpacklo_pi16(mmG, mmD);        /* (01 11 21 31 03 13 23 33) */
-    mmD = _mm_unpackhi_pi16(mmG, mmD);        /* (05 15 25 35 07 17 27 37) */
-
-    mmG = _mm_unpackhi_pi16(mm9, mmE);        /* (0C 1C 2C 3C 0E 1E 2E 3E) */
-    mm9 = _mm_unpacklo_pi16(mm9, mmE);        /* (08 18 28 38 0A 1A 2A 3A) */
-    mmE = _mm_unpacklo_pi16(mmB, mmF);        /* (09 19 29 39 0B 1B 2B 3B) */
-    mmF = _mm_unpackhi_pi16(mmB, mmF);        /* (0D 1D 2D 3D 0F 1F 2F 3F) */
-
-    mmB = _mm_unpackhi_pi32(mmH, mmA);        /* (02 12 22 32 03 13 23 33) */
-    mmA = _mm_unpacklo_pi32(mmH, mmA);        /* (00 10 20 30 01 11 21 31) */
-    mmC = _mm_unpacklo_pi32(mm8, mmD);        /* (04 14 24 34 05 15 25 35) */
-    mmD = _mm_unpackhi_pi32(mm8, mmD);        /* (06 16 26 36 07 17 27 37) */
-
-    mmH = _mm_unpackhi_pi32(mmG, mmF);        /* (0E 1E 2E 3E 0F 1F 2F 3F) */
-    mmG = _mm_unpacklo_pi32(mmG, mmF);        /* (0C 1C 2C 3C 0D 1D 2D 3D) */
-    mmF = _mm_unpackhi_pi32(mm9, mmE);        /* (0A 1A 2A 3A 0B 1B 2B 3B) */
-    mmE = _mm_unpacklo_pi32(mm9, mmE);        /* (08 18 28 38 09 19 29 39) */
-
-    if (num_cols >= 8) {
-      if (!(((long)outptr) & 7)) {
-        _mm_store_si64((__m64 *)outptr, mmA);
-        _mm_store_si64((__m64 *)(outptr + 8), mmB);
-        _mm_store_si64((__m64 *)(outptr + 16), mmC);
-        _mm_store_si64((__m64 *)(outptr + 24), mmD);
-        _mm_store_si64((__m64 *)(outptr + 32), mmE);
-        _mm_store_si64((__m64 *)(outptr + 40), mmF);
-        _mm_store_si64((__m64 *)(outptr + 48), mmG);
-        _mm_store_si64((__m64 *)(outptr + 56), mmH);
-      } else {
-        _mm_storeu_si64((__m64 *)outptr, mmA);
-        _mm_storeu_si64((__m64 *)(outptr + 8), mmB);
-        _mm_storeu_si64((__m64 *)(outptr + 16), mmC);
-        _mm_storeu_si64((__m64 *)(outptr + 24), mmD);
-        _mm_storeu_si64((__m64 *)(outptr + 32), mmE);
-        _mm_storeu_si64((__m64 *)(outptr + 40), mmF);
-        _mm_storeu_si64((__m64 *)(outptr + 48), mmG);
-        _mm_storeu_si64((__m64 *)(outptr + 56), mmH);
-      }
-      outptr += RGB_PIXELSIZE * 16;
-    } else {
-      if (output_width & 1)
-        col = num_cols * 2 + 1;
-      else
-        col = num_cols * 2;
-      asm(".set noreorder\r\n"                /* st32 */
-
-          "li       $8, 8\r\n"
-          "move     $9, %10\r\n"
-          "move     $10, %11\r\n"
-          "mov.s    $f4, %2\r\n"
-          "mov.s    $f6, %3\r\n"
-          "mov.s    $f8, %4\r\n"
-          "mov.s    $f10, %5\r\n"
-          "bltu     $9, $8, 1f\r\n"
-          "nop      \r\n"
-          "gssdlc1  $f4, 7($10)\r\n"
-          "gssdrc1  $f4, 0($10)\r\n"
-          "gssdlc1  $f6, 7+8($10)\r\n"
-          "gssdrc1  $f6, 8($10)\r\n"
-          "gssdlc1  $f8, 7+16($10)\r\n"
-          "gssdrc1  $f8, 16($10)\r\n"
-          "gssdlc1  $f10, 7+24($10)\r\n"
-          "gssdrc1  $f10, 24($10)\r\n"
-          "mov.s    $f4, %6\r\n"
-          "mov.s    $f6, %7\r\n"
-          "mov.s    $f8, %8\r\n"
-          "mov.s    $f10, %9\r\n"
-          "subu     $9, $9, 8\r\n"
-          PTR_ADDU  "$10, $10, 32\r\n"
-
-          "1:       \r\n"
-          "li       $8, 4\r\n"                /* st16 */
-          "bltu     $9, $8, 2f\r\n"
-          "nop      \r\n"
-          "gssdlc1  $f4, 7($10)\r\n"
-          "gssdrc1  $f4, 0($10)\r\n"
-          "gssdlc1  $f6, 7+8($10)\r\n"
-          "gssdrc1  $f6, 8($10)\r\n"
-          "mov.s    $f4, $f8\r\n"
-          "mov.s    $f6, $f10\r\n"
-          "subu     $9, $9, 4\r\n"
-          PTR_ADDU  "$10, $10, 16\r\n"
-
-          "2:       \r\n"
-          "li       $8, 2\r\n"                /* st8 */
-          "bltu     $9, $8, 3f\r\n"
-          "nop      \r\n"
-          "gssdlc1  $f4, 7($10)\r\n"
-          "gssdrc1  $f4, 0($10)\r\n"
-          "mov.s    $f4, $f6\r\n"
-          "subu     $9, $9, 2\r\n"
-          PTR_ADDU  "$10, $10, 8\r\n"
-
-          "3:       \r\n"
-          "li       $8, 1\r\n"                /* st4 */
-          "bltu     $9, $8, 4f\r\n"
-          "nop      \r\n"
-          "gsswlc1  $f4, 3($10)\r\n"
-          "gsswrc1  $f4, 0($10)\r\n"
-
-          "4:       \r\n"
-          "li       %1, 0\r\n"                /* end */
-          : "=m" (*outptr), "=r" (col)
-          : "f" (mmA), "f" (mmB), "f" (mmC), "f" (mmD), "f" (mmE), "f" (mmF),
-            "f" (mmG), "f" (mmH), "r" (col), "r" (outptr)
-          : "$f4", "$f6", "$f8", "$f10", "$8", "$9", "$10", "memory"
-         );
-    }
-
-#endif
-
-  }
-
-  if (!((output_width >> 1) & 7)) {
-    if (output_width & 1) {
-      cb = _mm_load_si64((__m64 *)inptr1);
-      cr = _mm_load_si64((__m64 *)inptr2);
-      y = _mm_load_si64((__m64 *)inptr0);
-
-      decenter = 0.0;
-      decenter = _mm_cmpeq_pi16(decenter, decenter);
-      decenter = _mm_slli_pi16(decenter, 7);  /* {0xFF80 0xFF80 0xFF80 0xFF80} */
-
-      cbl = _mm_unpacklo_pi8(cb, zero);       /* Cb(0123) */
-      crl = _mm_unpacklo_pi8(cr, zero);       /* Cr(0123) */
-      cbl = _mm_add_pi16(cbl, decenter);
-      crl = _mm_add_pi16(crl, decenter);
-
-      cbl2 = _mm_add_pi16(cbl, cbl);          /* 2*CbL */
-      crl2 = _mm_add_pi16(crl, crl);          /* 2*CrL */
-      bl = _mm_mulhi_pi16(cbl2, PW_MF0228);   /* (2*CbL * -FIX(0.22800) */
-      rl = _mm_mulhi_pi16(crl2, PW_F0402);    /* (2*CrL * FIX(0.40200)) */
-
-      bl = _mm_add_pi16(bl, PW_ONE);
-      bl = _mm_srai_pi16(bl, 1);              /* (CbL * -FIX(0.22800)) */
-      rl = _mm_add_pi16(rl, PW_ONE);
-      rl = _mm_srai_pi16(rl, 1);              /* (CrL * FIX(0.40200)) */
-
-      bl = _mm_add_pi16(bl, cbl);
-      bl = _mm_add_pi16(bl, cbl);             /* (CbL * FIX(1.77200))=(B-Y)L */
-      rl = _mm_add_pi16(rl, crl);             /* (CrL * FIX(1.40200))=(R-Y)L */
-
-      gl = _mm_unpacklo_pi16(cbl, crl);
-      gl = _mm_madd_pi16(gl, PW_MF0344_F0285);
-      gl = _mm_add_pi32(gl, PD_ONEHALF);
-      gl = _mm_srai_pi32(gl, SCALEBITS);
-      gl = _mm_packs_pi32(gl, zero);       /* CbL*-FIX(0.344)+CrL*FIX(0.285) */
-      gl = _mm_sub_pi16(gl, crl);  /* CbL*-FIX(0.344)+CrL*-FIX(0.714)=(G-Y)L */
-
-      yl = _mm_unpacklo_pi8(y, zero);         /* Y(0123) */
-      rl = _mm_add_pi16(rl, yl);              /* (R0 R1 R2 R3) */
-      gl = _mm_add_pi16(gl, yl);              /* (G0 G1 G2 G3) */
-      bl = _mm_add_pi16(bl, yl);              /* (B0 B1 B2 B3) */
-      re = _mm_packs_pu16(rl, rl);
-      ge = _mm_packs_pu16(gl, gl);
-      be = _mm_packs_pu16(bl, bl);
-#if RGB_PIXELSIZE == 3
-      mmA = _mm_unpacklo_pi8(mmA, mmC);
-      mmA = _mm_unpacklo_pi16(mmA, mmE);
-      asm(".set noreorder\r\n"
-
-          "move    $8, %2\r\n"
-          "mov.s   $f4, %1\r\n"
-          "mfc1    $9, $f4\r\n"
-          "ush     $9, 0($8)\r\n"
-          "srl     $9, 16\r\n"
-          "sb      $9, 2($8)\r\n"
-          : "=m" (*outptr)
-          : "f" (mmA), "r" (outptr)
-          : "$f4", "$8", "$9", "memory"
-         );
-#else  /* RGB_PIXELSIZE == 4 */
-
-#ifdef RGBX_FILLER_0XFF
-      xe = _mm_cmpeq_pi8(xe, xe);
-#else
-      xe = _mm_xor_si64(xe, xe);
-#endif
-      mmA = _mm_unpacklo_pi8(mmA, mmC);
-      mmE = _mm_unpacklo_pi8(mmE, mmG);
-      mmA = _mm_unpacklo_pi16(mmA, mmE);
-      asm(".set noreorder\r\n"
-
-          "move    $8, %2\r\n"
-          "mov.s   $f4, %1\r\n"
-          "gsswlc1 $f4, 3($8)\r\n"
-          "gsswrc1 $f4, 0($8)\r\n"
-          : "=m" (*outptr)
-          : "f" (mmA), "r" (outptr)
-          : "$f4", "$8", "memory"
-         );
-#endif
-    }
-  }
-}
-
-
-void jsimd_h2v2_merged_upsample_mmi(JDIMENSION output_width,
-                                    JSAMPIMAGE input_buf,
-                                    JDIMENSION in_row_group_ctr,
-                                    JSAMPARRAY output_buf)
-{
-  JSAMPROW inptr, outptr;
-
-  inptr = input_buf[0][in_row_group_ctr];
-  outptr = output_buf[0];
-
-  input_buf[0][in_row_group_ctr] = input_buf[0][in_row_group_ctr * 2];
-  jsimd_h2v1_merged_upsample_mmi(output_width, input_buf, in_row_group_ctr,
-                                 output_buf);
-
-  input_buf[0][in_row_group_ctr] = input_buf[0][in_row_group_ctr * 2 + 1];
-  output_buf[0] = output_buf[1];
-  jsimd_h2v1_merged_upsample_mmi(output_width, input_buf, in_row_group_ctr,
-                                 output_buf);
-
-  input_buf[0][in_row_group_ctr] = inptr;
-  output_buf[0] = outptr;
-}
-
-
-#undef mmA
-#undef mmB
-#undef mmC
-#undef mmD
-#undef mmE
-#undef mmF
-#undef mmG
-#undef mmH
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jdsample-mmi.c b/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jdsample-mmi.c
deleted file mode 100644
index 8ae94e7..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jdsample-mmi.c
+++ /dev/null
@@ -1,304 +0,0 @@
-/*
- * Loongson MMI optimizations for libjpeg-turbo
- *
- * Copyright (C) 2015, 2018-2019, D. R. Commander.  All Rights Reserved.
- * Copyright (C) 2016-2018, Loongson Technology Corporation Limited, BeiJing.
- *                          All Rights Reserved.
- * Authors:  ZhuChen     <zhuchen@loongson.cn>
- *           CaiWanwei   <caiwanwei@loongson.cn>
- *           SunZhangzhi <sunzhangzhi-cq@loongson.cn>
- *           ZhangLixia  <zhanglixia-hf@loongson.cn>
- *
- * Based on the x86 SIMD extension for IJG JPEG library
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* CHROMA UPSAMPLING */
-
-#include "jsimd_mmi.h"
-
-
-enum const_index {
-  index_PW_ONE,
-  index_PW_TWO,
-  index_PW_THREE,
-  index_PW_SEVEN,
-  index_PW_EIGHT,
-};
-
-static uint64_t const_value[] = {
-  _uint64_set_pi16(1, 1, 1, 1),
-  _uint64_set_pi16(2, 2, 2, 2),
-  _uint64_set_pi16(3, 3, 3, 3),
-  _uint64_set_pi16(7, 7, 7, 7),
-  _uint64_set_pi16(8, 8, 8, 8),
-};
-
-#define PW_ONE    get_const_value(index_PW_ONE)
-#define PW_TWO    get_const_value(index_PW_TWO)
-#define PW_THREE  get_const_value(index_PW_THREE)
-#define PW_SEVEN  get_const_value(index_PW_SEVEN)
-#define PW_EIGHT  get_const_value(index_PW_EIGHT)
-
-
-#define PROCESS_ROW(row, wkoffset, bias1, bias2, shift) { \
-  __m64 samp123X, samp3XXX, samp1234, sampX012, samp_1012; \
-  __m64 sampXXX4, sampX456, samp3456, samp567X, samp7XXX, samp5678; \
-  __m64 outle, outhe, outlo, outho, outl, outh; \
-  \
-  samp123X = _mm_srli_si64(samp0123, 2 * BYTE_BIT);  /* ( 1 2 3 -) */ \
-  sampXXX4 = _mm_slli_si64(samp4567, (SIZEOF_MMWORD - 2) * BYTE_BIT);  /* ( - - - 4) */ \
-  samp3XXX = _mm_srli_si64(samp0123, (SIZEOF_MMWORD - 2) * BYTE_BIT);  /* ( 3 - - -) */ \
-  sampX456 = _mm_slli_si64(samp4567, 2 * BYTE_BIT);  /* ( - 4 5 6) */ \
-  \
-  samp1234 = _mm_or_si64(samp123X, sampXXX4);  /* ( 1 2 3 4) */ \
-  samp3456 = _mm_or_si64(samp3XXX, sampX456);  /* ( 3 4 5 6) */ \
-  \
-  sampX012 = _mm_slli_si64(samp0123, 2 * BYTE_BIT);  /* ( - 0 1 2) */ \
-  samp567X = _mm_srli_si64(samp4567, 2 * BYTE_BIT);  /* ( 5 6 7 -) */ \
-  samp7XXX = _mm_srli_si64(samp4567, (SIZEOF_MMWORD - 2) * BYTE_BIT);  /* ( 7 - - -) */ \
-  \
-  samp_1012 = _mm_or_si64(sampX012, wk[row]);            /* (-1 0 1 2) */ \
-  samp5678 = _mm_or_si64(samp567X, wk[row + wkoffset]);  /* ( 5 6 7 8) */ \
-  \
-  wk[row] = samp7XXX; \
-  \
-  samp0123 = _mm_mullo_pi16(samp0123, PW_THREE); \
-  samp4567 = _mm_mullo_pi16(samp4567, PW_THREE); \
-  samp_1012 = _mm_add_pi16(samp_1012, bias1); \
-  samp3456 = _mm_add_pi16(samp3456, bias1); \
-  samp1234 = _mm_add_pi16(samp1234, bias2); \
-  samp5678 = _mm_add_pi16(samp5678, bias2); \
-  \
-  outle = _mm_add_pi16(samp_1012, samp0123); \
-  outhe = _mm_add_pi16(samp3456, samp4567); \
-  outle = _mm_srli_pi16(outle, shift);        /* ( 0  2  4  6) */ \
-  outhe = _mm_srli_pi16(outhe, shift);        /* ( 8 10 12 14) */ \
-  outlo = _mm_add_pi16(samp1234, samp0123); \
-  outho = _mm_add_pi16(samp5678, samp4567); \
-  outlo = _mm_srli_pi16(outlo, shift);        /* ( 1  3  5  7) */ \
-  outho = _mm_srli_pi16(outho, shift);        /* ( 9 11 13 15) */ \
-  \
-  outlo = _mm_slli_pi16(outlo, BYTE_BIT); \
-  outho = _mm_slli_pi16(outho, BYTE_BIT); \
-  outl = _mm_or_si64(outle, outlo);           /* ( 0  1  2  3  4  5  6  7) */ \
-  outh = _mm_or_si64(outhe, outho);           /* ( 8  9 10 11 12 13 14 15) */ \
-  \
-  _mm_store_si64((__m64 *)outptr##row, outl); \
-  _mm_store_si64((__m64 *)outptr##row + 1, outh); \
-}
-
-void jsimd_h2v2_fancy_upsample_mmi(int max_v_samp_factor,
-                                   JDIMENSION downsampled_width,
-                                   JSAMPARRAY input_data,
-                                   JSAMPARRAY *output_data_ptr)
-{
-  JSAMPARRAY output_data = *output_data_ptr;
-  JSAMPROW inptr_1, inptr0, inptr1, outptr0, outptr1;
-  int inrow, outrow, incol, tmp, tmp1;
-  __m64 this_1l, this_1h, this_1, thiscolsum_1l, thiscolsum_1h;
-  __m64 this0l, this0h, this0;
-  __m64 this1l, this1h, this1, thiscolsum1l, thiscolsum1h;
-  __m64 next_1l, next_1h, next_1, nextcolsum_1l, nextcolsum_1h;
-  __m64 next0l, next0h, next0;
-  __m64 next1l, next1h, next1, nextcolsum1l, nextcolsum1h;
-  __m64 mask0 = 0.0, masklast, samp0123, samp4567, wk[4], zero = 0.0;
-
-  mask0 = _mm_cmpeq_pi8(mask0, mask0);
-  masklast = _mm_slli_si64(mask0, (SIZEOF_MMWORD - 2) * BYTE_BIT);
-  mask0 = _mm_srli_si64(mask0, (SIZEOF_MMWORD - 2) * BYTE_BIT);
-
-  for (inrow = 0, outrow = 0; outrow < max_v_samp_factor; inrow++) {
-
-    inptr_1 = input_data[inrow - 1];
-    inptr0 = input_data[inrow];
-    inptr1 = input_data[inrow + 1];
-    outptr0 = output_data[outrow++];
-    outptr1 = output_data[outrow++];
-
-    if (downsampled_width & 7) {
-      tmp = (downsampled_width - 1) * sizeof(JSAMPLE);
-      tmp1 = downsampled_width * sizeof(JSAMPLE);
-      asm(PTR_ADDU  "$8, %3, %6\r\n"
-          "lb       $9, ($8)\r\n"
-          PTR_ADDU  "$8, %3, %7\r\n"
-          "sb       $9, ($8)\r\n"
-          PTR_ADDU  "$8, %4, %6\r\n"
-          "lb       $9, ($8)\r\n"
-          PTR_ADDU  "$8, %4, %7\r\n"
-          "sb       $9, ($8)\r\n"
-          PTR_ADDU  "$8, %5, %6\r\n"
-          "lb       $9, ($8)\r\n"
-          PTR_ADDU  "$8, %5, %7\r\n"
-          "sb       $9, ($8)\r\n"
-          : "=m" (*inptr_1), "=m" (*inptr0), "=m" (*inptr1)
-          : "r" (inptr_1), "r" (inptr0), "r" (inptr1), "r" (tmp), "r" (tmp1)
-          : "$8", "$9"
-         );
-    }
-
-    /* process the first column block */
-    this0 = _mm_load_si64((__m64 *)inptr0);    /* row[ 0][0] */
-    this_1 = _mm_load_si64((__m64 *)inptr_1);  /* row[-1][0] */
-    this1 = _mm_load_si64((__m64 *)inptr1);    /* row[ 1][0] */
-
-    this0l = _mm_unpacklo_pi8(this0, zero);    /* row[ 0][0]( 0 1 2 3) */
-    this0h = _mm_unpackhi_pi8(this0, zero);    /* row[ 0][0]( 4 5 6 7) */
-    this_1l = _mm_unpacklo_pi8(this_1, zero);  /* row[-1][0]( 0 1 2 3) */
-    this_1h = _mm_unpackhi_pi8(this_1, zero);  /* row[-1][0]( 4 5 6 7) */
-    this1l = _mm_unpacklo_pi8(this1, zero);    /* row[+1][0]( 0 1 2 3) */
-    this1h = _mm_unpackhi_pi8(this1, zero);    /* row[+1][0]( 4 5 6 7) */
-
-    this0l = _mm_mullo_pi16(this0l, PW_THREE);
-    this0h = _mm_mullo_pi16(this0h, PW_THREE);
-
-    thiscolsum_1l = _mm_add_pi16(this_1l, this0l);  /* ( 0 1 2 3) */
-    thiscolsum_1h = _mm_add_pi16(this_1h, this0h);  /* ( 4 5 6 7) */
-    thiscolsum1l = _mm_add_pi16(this0l, this1l);    /* ( 0 1 2 3) */
-    thiscolsum1h = _mm_add_pi16(this0h, this1h);    /* ( 4 5 6 7) */
-
-    /* temporarily save the intermediate data */
-    _mm_store_si64((__m64 *)outptr0, thiscolsum_1l);
-    _mm_store_si64((__m64 *)outptr0 + 1, thiscolsum_1h);
-    _mm_store_si64((__m64 *)outptr1, thiscolsum1l);
-    _mm_store_si64((__m64 *)outptr1 + 1, thiscolsum1h);
-
-    wk[0] = _mm_and_si64(thiscolsum_1l, mask0);  /* ( 0 - - -) */
-    wk[1] = _mm_and_si64(thiscolsum1l, mask0);   /* ( 0 - - -) */
-
-    for (incol = downsampled_width; incol > 0;
-         incol -= 8, inptr_1 += 8, inptr0 += 8, inptr1 += 8,
-         outptr0 += 16, outptr1 += 16) {
-
-      if (incol > 8) {
-        /* process the next column block */
-        next0 = _mm_load_si64((__m64 *)inptr0 + 1);    /* row[ 0][1] */
-        next_1 = _mm_load_si64((__m64 *)inptr_1 + 1);  /* row[-1][1] */
-        next1 = _mm_load_si64((__m64 *)inptr1 + 1);    /* row[+1][1] */
-
-        next0l = _mm_unpacklo_pi8(next0, zero);    /* row[ 0][1]( 0 1 2 3) */
-        next0h = _mm_unpackhi_pi8(next0, zero);    /* row[ 0][1]( 4 5 6 7) */
-        next_1l = _mm_unpacklo_pi8(next_1, zero);  /* row[-1][1]( 0 1 2 3) */
-        next_1h = _mm_unpackhi_pi8(next_1, zero);  /* row[-1][1]( 4 5 6 7) */
-        next1l = _mm_unpacklo_pi8(next1, zero);    /* row[+1][1]( 0 1 2 3) */
-        next1h = _mm_unpackhi_pi8(next1, zero);    /* row[+1][1]( 4 5 6 7) */
-
-        next0l = _mm_mullo_pi16(next0l, PW_THREE);
-        next0h = _mm_mullo_pi16(next0h, PW_THREE);
-
-        nextcolsum_1l = _mm_add_pi16(next_1l, next0l);  /* ( 0 1 2 3) */
-        nextcolsum_1h = _mm_add_pi16(next_1h, next0h);  /* ( 4 5 6 7) */
-        nextcolsum1l = _mm_add_pi16(next0l, next1l);    /* ( 0 1 2 3) */
-        nextcolsum1h = _mm_add_pi16(next0h, next1h);    /* ( 4 5 6 7) */
-
-        /* temporarily save the intermediate data */
-        _mm_store_si64((__m64 *)outptr0 + 2, nextcolsum_1l);
-        _mm_store_si64((__m64 *)outptr0 + 3, nextcolsum_1h);
-        _mm_store_si64((__m64 *)outptr1 + 2, nextcolsum1l);
-        _mm_store_si64((__m64 *)outptr1 + 3, nextcolsum1h);
-
-        wk[2] = _mm_slli_si64(nextcolsum_1l, (SIZEOF_MMWORD - 2) * BYTE_BIT);  /* ( - - - 0) */
-        wk[3] = _mm_slli_si64(nextcolsum1l, (SIZEOF_MMWORD - 2) * BYTE_BIT);   /* ( - - - 0) */
-      } else {
-        __m64 tmp;
-
-        /* process the last column block */
-        tmp = _mm_load_si64((__m64 *)outptr0 + 1);
-        wk[2] = _mm_and_si64(masklast, tmp);        /* ( - - - 7) */
-        tmp = _mm_load_si64((__m64 *)outptr1 + 1);
-        wk[3] = _mm_and_si64(masklast, tmp);        /* ( - - - 7) */
-      }
-
-      /* process the upper row */
-      samp0123 = _mm_load_si64((__m64 *)outptr0);      /* ( 0 1 2 3) */ \
-      samp4567 = _mm_load_si64((__m64 *)outptr0 + 1);  /* ( 4 5 6 7) */ \
-      PROCESS_ROW(0, 2, PW_EIGHT, PW_SEVEN, 4)
-
-      /* process the lower row */
-      samp0123 = _mm_load_si64((__m64 *)outptr1);      /* ( 0 1 2 3) */ \
-      samp4567 = _mm_load_si64((__m64 *)outptr1 + 1);  /* ( 4 5 6 7) */ \
-      PROCESS_ROW(1, 2, PW_EIGHT, PW_SEVEN, 4)
-    }
-  }
-}
-
-
-void jsimd_h2v1_fancy_upsample_mmi(int max_v_samp_factor,
-                                   JDIMENSION downsampled_width,
-                                   JSAMPARRAY input_data,
-                                   JSAMPARRAY *output_data_ptr)
-{
-  JSAMPARRAY output_data = *output_data_ptr;
-  JSAMPROW inptr0, outptr0;
-  int inrow, incol, tmp, tmp1;
-  __m64 thisl, this, nextl, next;
-  __m64 mask0 = 0.0, masklast, samp0123, samp4567, wk[2], zero = 0.0;
-
-  mask0 = _mm_cmpeq_pi8(mask0, mask0);
-  masklast = _mm_slli_si64(mask0, (SIZEOF_MMWORD - 2) * BYTE_BIT);
-  mask0 = _mm_srli_si64(mask0, (SIZEOF_MMWORD - 2) * BYTE_BIT);
-
-  for (inrow = 0; inrow < max_v_samp_factor; inrow++) {
-
-    inptr0 = input_data[inrow];
-    outptr0 = output_data[inrow];
-
-    if (downsampled_width & 7) {
-      tmp = (downsampled_width - 1) * sizeof(JSAMPLE);
-      tmp1 = downsampled_width * sizeof(JSAMPLE);
-      asm(PTR_ADDU  "$8, %1, %2\r\n"
-          "lb       $9, ($8)\r\n"
-          PTR_ADDU  "$8, %1, %3\r\n"
-          "sb       $9, ($8)\r\n"
-          : "=m" (*inptr0)
-          : "r" (inptr0), "r" (tmp), "r" (tmp1)
-          : "$8", "$9"
-         );
-    }
-
-    /* process the first column block */
-    this = _mm_load_si64((__m64 *)inptr0);    /* row[ 0][0] */
-    thisl = _mm_unpacklo_pi8(this, zero);     /* row[ 0][0]( 0 1 2 3) */
-    wk[0] = _mm_and_si64(thisl, mask0);       /* ( 0 - - -) */
-
-    for (incol = downsampled_width; incol > 0;
-         incol -= 8, inptr0 += 8, outptr0 += 16) {
-
-      if (incol > 8) {
-        /* process the next column block */
-        next = _mm_load_si64((__m64 *)inptr0 + 1);  /* row[ 0][1] */
-        nextl = _mm_unpacklo_pi8(next, zero);       /* row[ 0][1]( 0 1 2 3) */
-        wk[1] = _mm_slli_si64(nextl, (SIZEOF_MMWORD - 2) * BYTE_BIT);  /* ( - - - 0) */
-      } else {
-        __m64 thish;
-
-        /* process the last column block */
-        this = _mm_load_si64((__m64 *)inptr0);  /* row[ 0][0] */
-        thish = _mm_unpackhi_pi8(this, zero);   /* row[ 0][1]( 4 5 6 7) */
-        wk[1] = _mm_and_si64(masklast, thish);  /* ( - - - 7) */
-      }
-
-      /* process the row */
-      this = _mm_load_si64((__m64 *)inptr0);    /* row[ 0][0] */
-      samp0123 = _mm_unpacklo_pi8(this, zero);  /* ( 0 1 2 3) */
-      samp4567 = _mm_unpackhi_pi8(this, zero);  /* ( 4 5 6 7) */
-      PROCESS_ROW(0, 1, PW_ONE, PW_TWO, 2)
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jfdctfst-mmi.c b/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jfdctfst-mmi.c
deleted file mode 100644
index f7caf09..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jfdctfst-mmi.c
+++ /dev/null
@@ -1,255 +0,0 @@
-/*
- * Loongson MMI optimizations for libjpeg-turbo
- *
- * Copyright (C) 2014, 2018-2019, D. R. Commander.  All Rights Reserved.
- * Copyright (C) 2016-2018, Loongson Technology Corporation Limited, BeiJing.
- *                          All Rights Reserved.
- * Authors:  LiuQingfa <liuqingfa-hf@loongson.cn>
- *
- * Based on the x86 SIMD extension for IJG JPEG library
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* FAST INTEGER FORWARD DCT */
-
-#include "jsimd_mmi.h"
-
-
-#define CONST_BITS  8
-
-#define F_0_382  ((short)98)   /* FIX(0.382683433) */
-#define F_0_541  ((short)139)  /* FIX(0.541196100) */
-#define F_0_707  ((short)181)  /* FIX(0.707106781) */
-#define F_1_306  ((short)334)  /* FIX(1.306562965) */
-
-#define PRE_MULTIPLY_SCALE_BITS  2
-#define CONST_SHIFT  (16 - PRE_MULTIPLY_SCALE_BITS - CONST_BITS)
-
-enum const_index {
-  index_PW_F0707,
-  index_PW_F0382,
-  index_PW_F0541,
-  index_PW_F1306
-};
-
-static uint64_t const_value[] = {
-  _uint64_set1_pi16(F_0_707),
-  _uint64_set1_pi16(F_0_382),
-  _uint64_set1_pi16(F_0_541),
-  _uint64_set1_pi16(F_1_306)
-};
-
-#define PW_F0707  get_const_value(index_PW_F0707)
-#define PW_F0382  get_const_value(index_PW_F0382)
-#define PW_F0541  get_const_value(index_PW_F0541)
-#define PW_F1306  get_const_value(index_PW_F1306)
-
-
-#define DO_FDCT_MULTIPLY(out, in, multiplier) { \
-  __m64 mulhi, mullo, mul12, mul34; \
-  \
-  mullo = _mm_mullo_pi16(in, multiplier); \
-  mulhi = _mm_mulhi_pi16(in, multiplier); \
-  mul12 = _mm_unpacklo_pi16(mullo, mulhi); \
-  mul34 = _mm_unpackhi_pi16(mullo, mulhi); \
-  mul12 = _mm_srai_pi32(mul12, CONST_BITS); \
-  mul34 = _mm_srai_pi32(mul34, CONST_BITS); \
-  out = _mm_packs_pi32(mul12, mul34); \
-}
-
-#define DO_FDCT_COMMON() { \
-  \
-  /* Even part */ \
-  \
-  tmp10 = _mm_add_pi16(tmp0, tmp3); \
-  tmp13 = _mm_sub_pi16(tmp0, tmp3); \
-  tmp11 = _mm_add_pi16(tmp1, tmp2); \
-  tmp12 = _mm_sub_pi16(tmp1, tmp2); \
-  \
-  out0 = _mm_add_pi16(tmp10, tmp11); \
-  out4 = _mm_sub_pi16(tmp10, tmp11); \
-  \
-  z1 = _mm_add_pi16(tmp12, tmp13); \
-  DO_FDCT_MULTIPLY(z1, z1, PW_F0707) \
-  \
-  out2 = _mm_add_pi16(tmp13, z1); \
-  out6 = _mm_sub_pi16(tmp13, z1); \
-  \
-  /* Odd part */ \
-  \
-  tmp10 = _mm_add_pi16(tmp4, tmp5); \
-  tmp11 = _mm_add_pi16(tmp5, tmp6); \
-  tmp12 = _mm_add_pi16(tmp6, tmp7); \
-  \
-  z5 = _mm_sub_pi16(tmp10, tmp12); \
-  DO_FDCT_MULTIPLY(z5, z5, PW_F0382) \
-  \
-  DO_FDCT_MULTIPLY(z2, tmp10, PW_F0541) \
-  z2 = _mm_add_pi16(z2, z5); \
-  \
-  DO_FDCT_MULTIPLY(z4, tmp12, PW_F1306) \
-  z4 = _mm_add_pi16(z4, z5); \
-  \
-  DO_FDCT_MULTIPLY(z3, tmp11, PW_F0707) \
-  \
-  z11 = _mm_add_pi16(tmp7, z3); \
-  z13 = _mm_sub_pi16(tmp7, z3); \
-  \
-  out5 = _mm_add_pi16(z13, z2); \
-  out3 = _mm_sub_pi16(z13, z2); \
-  out1 = _mm_add_pi16(z11, z4); \
-  out7 = _mm_sub_pi16(z11, z4); \
-}
-
-#define DO_FDCT_PASS1() { \
-  __m64 row0l, row0h, row1l, row1h, row2l, row2h, row3l, row3h; \
-  __m64 row01a, row01b, row01c, row01d, row23a, row23b, row23c, row23d; \
-  __m64 col0, col1, col2, col3, col4, col5, col6, col7; \
-  \
-  row0l = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 0]);     /* (00 01 02 03) */ \
-  row0h = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 0 + 4]); /* (04 05 06 07) */ \
-  row1l = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 1]);     /* (10 11 12 13) */ \
-  row1h = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 1 + 4]); /* (14 15 16 17) */ \
-  row2l = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 2]);     /* (20 21 22 23) */ \
-  row2h = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 2 + 4]); /* (24 25 26 27) */ \
-  row3l = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 3]);     /* (30 31 32 33) */ \
-  row3h = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 3 + 4]); /* (34 35 36 37) */ \
-  \
-  /* Transpose coefficients */ \
-  \
-  row23a = _mm_unpacklo_pi16(row2l, row3l);   /* row23a=(20 30 21 31) */ \
-  row23b = _mm_unpackhi_pi16(row2l, row3l);   /* row23b=(22 32 23 33) */ \
-  row23c = _mm_unpacklo_pi16(row2h, row3h);   /* row23c=(24 34 25 35) */ \
-  row23d = _mm_unpackhi_pi16(row2h, row3h);   /* row23d=(26 36 27 37) */ \
-  \
-  row01a = _mm_unpacklo_pi16(row0l, row1l);   /* row01a=(00 10 01 11) */ \
-  row01b = _mm_unpackhi_pi16(row0l, row1l);   /* row01b=(02 12 03 13) */ \
-  row01c = _mm_unpacklo_pi16(row0h, row1h);   /* row01c=(04 14 05 15) */ \
-  row01d = _mm_unpackhi_pi16(row0h, row1h);   /* row01d=(06 16 07 17) */ \
-  \
-  col0 = _mm_unpacklo_pi32(row01a, row23a);   /* col0=(00 10 20 30) */ \
-  col1 = _mm_unpackhi_pi32(row01a, row23a);   /* col1=(01 11 21 31) */ \
-  col6 = _mm_unpacklo_pi32(row01d, row23d);   /* col6=(06 16 26 36) */ \
-  col7 = _mm_unpackhi_pi32(row01d, row23d);   /* col7=(07 17 27 37) */ \
-  \
-  tmp6 = _mm_sub_pi16(col1, col6);            /* tmp6=col1-col6 */ \
-  tmp7 = _mm_sub_pi16(col0, col7);            /* tmp7=col0-col7 */ \
-  tmp1 = _mm_add_pi16(col1, col6);            /* tmp1=col1+col6 */ \
-  tmp0 = _mm_add_pi16(col0, col7);            /* tmp0=col0+col7 */ \
-  \
-  col2 = _mm_unpacklo_pi32(row01b, row23b);   /* col2=(02 12 22 32) */ \
-  col3 = _mm_unpackhi_pi32(row01b, row23b);   /* col3=(03 13 23 33) */ \
-  col4 = _mm_unpacklo_pi32(row01c, row23c);   /* col4=(04 14 24 34) */ \
-  col5 = _mm_unpackhi_pi32(row01c, row23c);   /* col5=(05 15 25 35) */ \
-  \
-  tmp3 = _mm_add_pi16(col3, col4);            /* tmp3=col3+col4 */ \
-  tmp2 = _mm_add_pi16(col2, col5);            /* tmp2=col2+col5 */ \
-  tmp4 = _mm_sub_pi16(col3, col4);            /* tmp4=col3-col4 */ \
-  tmp5 = _mm_sub_pi16(col2, col5);            /* tmp5=col2-col5 */ \
-  \
-  DO_FDCT_COMMON() \
-  \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 0], out0); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 0 + 4], out4); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 1], out1); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 1 + 4], out5); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 2], out2); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 2 + 4], out6); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 3], out3); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 3 + 4], out7); \
-}
-
-#define DO_FDCT_PASS2() { \
-  __m64 col0l, col0h, col1l, col1h, col2l, col2h, col3l, col3h; \
-  __m64 col01a, col01b, col01c, col01d, col23a, col23b, col23c, col23d; \
-  __m64 row0, row1, row2, row3, row4, row5, row6, row7; \
-  \
-  col0l = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 0]);  /* (00 10 20 30) */ \
-  col1l = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 1]);  /* (01 11 21 31) */ \
-  col2l = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 2]);  /* (02 12 22 32) */ \
-  col3l = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 3]);  /* (03 13 23 33) */ \
-  col0h = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 4]);  /* (40 50 60 70) */ \
-  col1h = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 5]);  /* (41 51 61 71) */ \
-  col2h = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 6]);  /* (42 52 62 72) */ \
-  col3h = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 7]);  /* (43 53 63 73) */ \
-  \
-  /* Transpose coefficients */ \
-  \
-  col23a = _mm_unpacklo_pi16(col2l, col3l);   /* col23a=(02 03 12 13) */ \
-  col23b = _mm_unpackhi_pi16(col2l, col3l);   /* col23b=(22 23 32 33) */ \
-  col23c = _mm_unpacklo_pi16(col2h, col3h);   /* col23c=(42 43 52 53) */ \
-  col23d = _mm_unpackhi_pi16(col2h, col3h);   /* col23d=(62 63 72 73) */ \
-  \
-  col01a = _mm_unpacklo_pi16(col0l, col1l);   /* col01a=(00 01 10 11) */ \
-  col01b = _mm_unpackhi_pi16(col0l, col1l);   /* col01b=(20 21 30 31) */ \
-  col01c = _mm_unpacklo_pi16(col0h, col1h);   /* col01c=(40 41 50 51) */ \
-  col01d = _mm_unpackhi_pi16(col0h, col1h);   /* col01d=(60 61 70 71) */ \
-  \
-  row0 = _mm_unpacklo_pi32(col01a, col23a);   /* row0=(00 01 02 03) */ \
-  row1 = _mm_unpackhi_pi32(col01a, col23a);   /* row1=(10 11 12 13) */ \
-  row6 = _mm_unpacklo_pi32(col01d, col23d);   /* row6=(60 61 62 63) */ \
-  row7 = _mm_unpackhi_pi32(col01d, col23d);   /* row7=(70 71 72 73) */ \
-  \
-  tmp6 = _mm_sub_pi16(row1, row6);            /* tmp6=row1-row6 */ \
-  tmp7 = _mm_sub_pi16(row0, row7);            /* tmp7=row0-row7 */ \
-  tmp1 = _mm_add_pi16(row1, row6);            /* tmp1=row1+row6 */ \
-  tmp0 = _mm_add_pi16(row0, row7);            /* tmp0=row0+row7 */ \
-  \
-  row2 = _mm_unpacklo_pi32(col01b, col23b);   /* row2=(20 21 22 23) */ \
-  row3 = _mm_unpackhi_pi32(col01b, col23b);   /* row3=(30 31 32 33) */ \
-  row4 = _mm_unpacklo_pi32(col01c, col23c);   /* row4=(40 41 42 43) */ \
-  row5 = _mm_unpackhi_pi32(col01c, col23c);   /* row5=(50 51 52 53) */ \
-  \
-  tmp3 = _mm_add_pi16(row3, row4);            /* tmp3=row3+row4 */ \
-  tmp2 = _mm_add_pi16(row2, row5);            /* tmp2=row2+row5 */ \
-  tmp4 = _mm_sub_pi16(row3, row4);            /* tmp4=row3-row4 */ \
-  tmp5 = _mm_sub_pi16(row2, row5);            /* tmp5=row2-row5 */ \
-  \
-  DO_FDCT_COMMON() \
-  \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 0], out0); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 1], out1); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 2], out2); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 3], out3); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 4], out4); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 5], out5); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 6], out6); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 7], out7); \
-}
-
-void jsimd_fdct_ifast_mmi(DCTELEM *data)
-{
-  __m64 tmp0, tmp1, tmp2, tmp3, tmp4, tmp5, tmp6, tmp7;
-  __m64 out0, out1, out2, out3, out4, out5, out6, out7;
-  __m64 tmp10, tmp11, tmp12, tmp13, z1, z2, z3, z4, z5, z11, z13;
-  DCTELEM *dataptr = data;
-
-  /* Pass 1: process rows. */
-
-  DO_FDCT_PASS1()
-  dataptr += DCTSIZE * 4;
-  DO_FDCT_PASS1()
-
-  /* Pass 2: process columns. */
-
-  dataptr = data;
-  DO_FDCT_PASS2()
-  dataptr += 4;
-  DO_FDCT_PASS2()
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jfdctint-mmi.c b/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jfdctint-mmi.c
deleted file mode 100644
index 7f4dfe9..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jfdctint-mmi.c
+++ /dev/null
@@ -1,398 +0,0 @@
-/*
- * Loongson MMI optimizations for libjpeg-turbo
- *
- * Copyright (C) 2014, 2018, 2020, D. R. Commander.  All Rights Reserved.
- * Copyright (C) 2016-2017, Loongson Technology Corporation Limited, BeiJing.
- *                          All Rights Reserved.
- * Authors:  ZhuChen     <zhuchen@loongson.cn>
- *           CaiWanwei   <caiwanwei@loongson.cn>
- *           SunZhangzhi <sunzhangzhi-cq@loongson.cn>
- *
- * Based on the x86 SIMD extension for IJG JPEG library
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* ACCURATE INTEGER FORWARD DCT */
-
-#include "jsimd_mmi.h"
-
-
-#define CONST_BITS  13
-#define PASS1_BITS  2
-#define DESCALE_P1  (CONST_BITS - PASS1_BITS)
-#define DESCALE_P2  (CONST_BITS + PASS1_BITS)
-
-#define FIX_0_298  ((short)2446)   /* FIX(0.298631336) */
-#define FIX_0_390  ((short)3196)   /* FIX(0.390180644) */
-#define FIX_0_541  ((short)4433)   /* FIX(0.541196100) */
-#define FIX_0_765  ((short)6270)   /* FIX(0.765366865) */
-#define FIX_0_899  ((short)7373)   /* FIX(0.899976223) */
-#define FIX_1_175  ((short)9633)   /* FIX(1.175875602) */
-#define FIX_1_501  ((short)12299)  /* FIX(1.501321110) */
-#define FIX_1_847  ((short)15137)  /* FIX(1.847759065) */
-#define FIX_1_961  ((short)16069)  /* FIX(1.961570560) */
-#define FIX_2_053  ((short)16819)  /* FIX(2.053119869) */
-#define FIX_2_562  ((short)20995)  /* FIX(2.562915447) */
-#define FIX_3_072  ((short)25172)  /* FIX(3.072711026) */
-
-enum const_index {
-  index_PW_F130_F054,
-  index_PW_F054_MF130,
-  index_PW_MF078_F117,
-  index_PW_F117_F078,
-  index_PW_MF060_MF089,
-  index_PW_MF089_F060,
-  index_PW_MF050_MF256,
-  index_PW_MF256_F050,
-  index_PD_DESCALE_P1,
-  index_PD_DESCALE_P2,
-  index_PW_DESCALE_P2X
-};
-
-static uint64_t const_value[] = {
-  _uint64_set_pi16(FIX_0_541, (FIX_0_541 + FIX_0_765),
-                   FIX_0_541, (FIX_0_541 + FIX_0_765)),
-  _uint64_set_pi16((FIX_0_541 - FIX_1_847), FIX_0_541,
-                   (FIX_0_541 - FIX_1_847), FIX_0_541),
-  _uint64_set_pi16(FIX_1_175, (FIX_1_175 - FIX_1_961),
-                   FIX_1_175, (FIX_1_175 - FIX_1_961)),
-  _uint64_set_pi16((FIX_1_175 - FIX_0_390), FIX_1_175,
-                   (FIX_1_175 - FIX_0_390), FIX_1_175),
-  _uint64_set_pi16(-FIX_0_899, (FIX_0_298 - FIX_0_899),
-                   -FIX_0_899, (FIX_0_298 - FIX_0_899)),
-  _uint64_set_pi16((FIX_1_501 - FIX_0_899), -FIX_0_899,
-                   (FIX_1_501 - FIX_0_899), -FIX_0_899),
-  _uint64_set_pi16(-FIX_2_562, (FIX_2_053 - FIX_2_562),
-                   -FIX_2_562, (FIX_2_053 - FIX_2_562)),
-  _uint64_set_pi16((FIX_3_072 - FIX_2_562), -FIX_2_562,
-                   (FIX_3_072 - FIX_2_562), -FIX_2_562),
-  _uint64_set_pi32((1 << (DESCALE_P1 - 1)), (1 << (DESCALE_P1 - 1))),
-  _uint64_set_pi32((1 << (DESCALE_P2 - 1)), (1 << (DESCALE_P2 - 1))),
-  _uint64_set_pi16((1 << (PASS1_BITS - 1)), (1 << (PASS1_BITS - 1)),
-                   (1 << (PASS1_BITS - 1)), (1 << (PASS1_BITS - 1)))
-};
-
-#define PW_F130_F054    get_const_value(index_PW_F130_F054)
-#define PW_F054_MF130   get_const_value(index_PW_F054_MF130)
-#define PW_MF078_F117   get_const_value(index_PW_MF078_F117)
-#define PW_F117_F078    get_const_value(index_PW_F117_F078)
-#define PW_MF060_MF089  get_const_value(index_PW_MF060_MF089)
-#define PW_MF089_F060   get_const_value(index_PW_MF089_F060)
-#define PW_MF050_MF256  get_const_value(index_PW_MF050_MF256)
-#define PW_MF256_F050   get_const_value(index_PW_MF256_F050)
-#define PD_DESCALE_P1   get_const_value(index_PD_DESCALE_P1)
-#define PD_DESCALE_P2   get_const_value(index_PD_DESCALE_P2)
-#define PW_DESCALE_P2X  get_const_value(index_PW_DESCALE_P2X)
-
-
-#define DO_FDCT_COMMON(PASS) { \
-  __m64 tmp1312l, tmp1312h, tmp47l, tmp47h, tmp4l, tmp4h, tmp7l, tmp7h; \
-  __m64 tmp56l, tmp56h, tmp5l, tmp5h, tmp6l, tmp6h; \
-  __m64 out1l, out1h, out2l, out2h, out3l, out3h; \
-  __m64 out5l, out5h, out6l, out6h, out7l, out7h; \
-  __m64 z34l, z34h, z3l, z3h, z4l, z4h, z3, z4; \
-  \
-  /* (Original) \
-   * z1 = (tmp12 + tmp13) * 0.541196100; \
-   * out2 = z1 + tmp13 * 0.765366865; \
-   * out6 = z1 + tmp12 * -1.847759065; \
-   * \
-   * (This implementation) \
-   * out2 = tmp13 * (0.541196100 + 0.765366865) + tmp12 * 0.541196100; \
-   * out6 = tmp13 * 0.541196100 + tmp12 * (0.541196100 - 1.847759065); \
-   */ \
-  \
-  tmp1312l = _mm_unpacklo_pi16(tmp13, tmp12); \
-  tmp1312h = _mm_unpackhi_pi16(tmp13, tmp12); \
-  \
-  out2l = _mm_madd_pi16(tmp1312l, PW_F130_F054); \
-  out2h = _mm_madd_pi16(tmp1312h, PW_F130_F054); \
-  out6l = _mm_madd_pi16(tmp1312l, PW_F054_MF130); \
-  out6h = _mm_madd_pi16(tmp1312h, PW_F054_MF130); \
-  \
-  out2l = _mm_add_pi32(out2l, PD_DESCALE_P##PASS); \
-  out2h = _mm_add_pi32(out2h, PD_DESCALE_P##PASS); \
-  out2l = _mm_srai_pi32(out2l, DESCALE_P##PASS); \
-  out2h = _mm_srai_pi32(out2h, DESCALE_P##PASS); \
-  \
-  out6l = _mm_add_pi32(out6l, PD_DESCALE_P##PASS); \
-  out6h = _mm_add_pi32(out6h, PD_DESCALE_P##PASS); \
-  out6l = _mm_srai_pi32(out6l, DESCALE_P##PASS); \
-  out6h = _mm_srai_pi32(out6h, DESCALE_P##PASS); \
-  \
-  out2 = _mm_packs_pi32(out2l, out2h); \
-  out6 = _mm_packs_pi32(out6l, out6h); \
-  \
-  /* Odd part */ \
-  \
-  z3 = _mm_add_pi16(tmp4, tmp6); \
-  z4 = _mm_add_pi16(tmp5, tmp7); \
-  \
-  /* (Original) \
-   * z5 = (z3 + z4) * 1.175875602; \
-   * z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644; \
-   * z3 += z5;  z4 += z5; \
-   * \
-   * (This implementation) \
-   * z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602; \
-   * z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644); \
-   */ \
-  \
-  z34l = _mm_unpacklo_pi16(z3, z4); \
-  z34h = _mm_unpackhi_pi16(z3, z4); \
-  z3l = _mm_madd_pi16(z34l, PW_MF078_F117); \
-  z3h = _mm_madd_pi16(z34h, PW_MF078_F117); \
-  z4l = _mm_madd_pi16(z34l, PW_F117_F078); \
-  z4h = _mm_madd_pi16(z34h, PW_F117_F078); \
-  \
-  /* (Original) \
-   * z1 = tmp4 + tmp7;  z2 = tmp5 + tmp6; \
-   * tmp4 = tmp4 * 0.298631336;  tmp5 = tmp5 * 2.053119869; \
-   * tmp6 = tmp6 * 3.072711026;  tmp7 = tmp7 * 1.501321110; \
-   * z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447; \
-   * out7 = tmp4 + z1 + z3;  out5 = tmp5 + z2 + z4; \
-   * out3 = tmp6 + z2 + z3;  out1 = tmp7 + z1 + z4; \
-   * \
-   * (This implementation) \
-   * tmp4 = tmp4 * (0.298631336 - 0.899976223) + tmp7 * -0.899976223; \
-   * tmp5 = tmp5 * (2.053119869 - 2.562915447) + tmp6 * -2.562915447; \
-   * tmp6 = tmp5 * -2.562915447 + tmp6 * (3.072711026 - 2.562915447); \
-   * tmp7 = tmp4 * -0.899976223 + tmp7 * (1.501321110 - 0.899976223); \
-   * out7 = tmp4 + z3;  out5 = tmp5 + z4; \
-   * out3 = tmp6 + z3;  out1 = tmp7 + z4; \
-   */ \
-  \
-  tmp47l = _mm_unpacklo_pi16(tmp4, tmp7); \
-  tmp47h = _mm_unpackhi_pi16(tmp4, tmp7); \
-  \
-  tmp4l = _mm_madd_pi16(tmp47l, PW_MF060_MF089); \
-  tmp4h = _mm_madd_pi16(tmp47h, PW_MF060_MF089); \
-  tmp7l = _mm_madd_pi16(tmp47l, PW_MF089_F060); \
-  tmp7h = _mm_madd_pi16(tmp47h, PW_MF089_F060); \
-  \
-  out7l = _mm_add_pi32(tmp4l, z3l); \
-  out7h = _mm_add_pi32(tmp4h, z3h); \
-  out1l = _mm_add_pi32(tmp7l, z4l); \
-  out1h = _mm_add_pi32(tmp7h, z4h); \
-  \
-  out7l = _mm_add_pi32(out7l, PD_DESCALE_P##PASS); \
-  out7h = _mm_add_pi32(out7h, PD_DESCALE_P##PASS); \
-  out7l = _mm_srai_pi32(out7l, DESCALE_P##PASS); \
-  out7h = _mm_srai_pi32(out7h, DESCALE_P##PASS); \
-  \
-  out1l = _mm_add_pi32(out1l, PD_DESCALE_P##PASS); \
-  out1h = _mm_add_pi32(out1h, PD_DESCALE_P##PASS); \
-  out1l = _mm_srai_pi32(out1l, DESCALE_P##PASS); \
-  out1h = _mm_srai_pi32(out1h, DESCALE_P##PASS); \
-  \
-  out7 = _mm_packs_pi32(out7l, out7h); \
-  out1 = _mm_packs_pi32(out1l, out1h); \
-  \
-  tmp56l = _mm_unpacklo_pi16(tmp5, tmp6); \
-  tmp56h = _mm_unpackhi_pi16(tmp5, tmp6); \
-  \
-  tmp5l = _mm_madd_pi16(tmp56l, PW_MF050_MF256); \
-  tmp5h = _mm_madd_pi16(tmp56h, PW_MF050_MF256); \
-  tmp6l = _mm_madd_pi16(tmp56l, PW_MF256_F050); \
-  tmp6h = _mm_madd_pi16(tmp56h, PW_MF256_F050); \
-  \
-  out5l = _mm_add_pi32(tmp5l, z4l); \
-  out5h = _mm_add_pi32(tmp5h, z4h); \
-  out3l = _mm_add_pi32(tmp6l, z3l); \
-  out3h = _mm_add_pi32(tmp6h, z3h); \
-  \
-  out5l = _mm_add_pi32(out5l, PD_DESCALE_P##PASS); \
-  out5h = _mm_add_pi32(out5h, PD_DESCALE_P##PASS); \
-  out5l = _mm_srai_pi32(out5l, DESCALE_P##PASS); \
-  out5h = _mm_srai_pi32(out5h, DESCALE_P##PASS); \
-  \
-  out3l = _mm_add_pi32(out3l, PD_DESCALE_P##PASS); \
-  out3h = _mm_add_pi32(out3h, PD_DESCALE_P##PASS); \
-  out3l = _mm_srai_pi32(out3l, DESCALE_P##PASS); \
-  out3h = _mm_srai_pi32(out3h, DESCALE_P##PASS); \
-  \
-  out5 = _mm_packs_pi32(out5l, out5h); \
-  out3 = _mm_packs_pi32(out3l, out3h); \
-}
-
-#define DO_FDCT_PASS1() { \
-  __m64 row0l, row0h, row1l, row1h, row2l, row2h, row3l, row3h; \
-  __m64 row01a, row01b, row01c, row01d, row23a, row23b, row23c, row23d; \
-  __m64 col0, col1, col2, col3, col4, col5, col6, col7; \
-  __m64 tmp10, tmp11; \
-  \
-  row0l = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 0]);     /* (00 01 02 03) */ \
-  row0h = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 0 + 4]); /* (04 05 06 07) */ \
-  row1l = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 1]);     /* (10 11 12 13) */ \
-  row1h = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 1 + 4]); /* (14 15 16 17) */ \
-  row2l = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 2]);     /* (20 21 22 23) */ \
-  row2h = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 2 + 4]); /* (24 25 26 27) */ \
-  row3l = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 3]);     /* (30 31 32 33) */ \
-  row3h = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 3 + 4]); /* (34 35 36 37) */ \
-  \
-  /* Transpose coefficients */ \
-  \
-  row23a = _mm_unpacklo_pi16(row2l, row3l);   /* row23a=(20 30 21 31) */ \
-  row23b = _mm_unpackhi_pi16(row2l, row3l);   /* row23b=(22 32 23 33) */ \
-  row23c = _mm_unpacklo_pi16(row2h, row3h);   /* row23c=(24 34 25 35) */ \
-  row23d = _mm_unpackhi_pi16(row2h, row3h);   /* row23d=(26 36 27 37) */ \
-  \
-  row01a = _mm_unpacklo_pi16(row0l, row1l);   /* row01a=(00 10 01 11) */ \
-  row01b = _mm_unpackhi_pi16(row0l, row1l);   /* row01b=(02 12 03 13) */ \
-  row01c = _mm_unpacklo_pi16(row0h, row1h);   /* row01c=(04 14 05 15) */ \
-  row01d = _mm_unpackhi_pi16(row0h, row1h);   /* row01d=(06 16 07 17) */ \
-  \
-  col0 = _mm_unpacklo_pi32(row01a, row23a);   /* col0=(00 10 20 30) */ \
-  col1 = _mm_unpackhi_pi32(row01a, row23a);   /* col1=(01 11 21 31) */ \
-  col6 = _mm_unpacklo_pi32(row01d, row23d);   /* col6=(06 16 26 36) */ \
-  col7 = _mm_unpackhi_pi32(row01d, row23d);   /* col7=(07 17 27 37) */ \
-  \
-  tmp6 = _mm_sub_pi16(col1, col6);            /* tmp6=col1-col6 */ \
-  tmp7 = _mm_sub_pi16(col0, col7);            /* tmp7=col0-col7 */ \
-  tmp1 = _mm_add_pi16(col1, col6);            /* tmp1=col1+col6 */ \
-  tmp0 = _mm_add_pi16(col0, col7);            /* tmp0=col0+col7 */ \
-  \
-  col2 = _mm_unpacklo_pi32(row01b, row23b);   /* col2=(02 12 22 32) */ \
-  col3 = _mm_unpackhi_pi32(row01b, row23b);   /* col3=(03 13 23 33) */ \
-  col4 = _mm_unpacklo_pi32(row01c, row23c);   /* col4=(04 14 24 34) */ \
-  col5 = _mm_unpackhi_pi32(row01c, row23c);   /* col5=(05 15 25 35) */ \
-  \
-  tmp3 = _mm_add_pi16(col3, col4);            /* tmp3=col3+col4 */ \
-  tmp2 = _mm_add_pi16(col2, col5);            /* tmp2=col2+col5 */ \
-  tmp4 = _mm_sub_pi16(col3, col4);            /* tmp4=col3-col4 */ \
-  tmp5 = _mm_sub_pi16(col2, col5);            /* tmp5=col2-col5 */ \
-  \
-  /* Even part */ \
-  \
-  tmp10 = _mm_add_pi16(tmp0, tmp3);           /* tmp10=tmp0+tmp3 */ \
-  tmp13 = _mm_sub_pi16(tmp0, tmp3);           /* tmp13=tmp0-tmp3 */ \
-  tmp11 = _mm_add_pi16(tmp1, tmp2);           /* tmp11=tmp1+tmp2 */ \
-  tmp12 = _mm_sub_pi16(tmp1, tmp2);           /* tmp12=tmp1-tmp2 */ \
-  \
-  out0 = _mm_add_pi16(tmp10, tmp11);          /* out0=tmp10+tmp11 */ \
-  out4 = _mm_sub_pi16(tmp10, tmp11);          /* out4=tmp10-tmp11 */ \
-  out0 = _mm_slli_pi16(out0, PASS1_BITS); \
-  out4 = _mm_slli_pi16(out4, PASS1_BITS); \
-  \
-  DO_FDCT_COMMON(1) \
-  \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 0], out0); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 0 + 4], out4); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 1], out1); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 1 + 4], out5); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 2], out2); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 2 + 4], out6); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 3], out3); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 3 + 4], out7); \
-}
-
-#define DO_FDCT_PASS2() { \
-  __m64 col0l, col0h, col1l, col1h, col2l, col2h, col3l, col3h; \
-  __m64 col01a, col01b, col01c, col01d, col23a, col23b, col23c, col23d; \
-  __m64 row0, row1, row2, row3, row4, row5, row6, row7; \
-  __m64 tmp10, tmp11; \
-  \
-  col0l = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 0]);  /* (00 10 20 30) */ \
-  col1l = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 1]);  /* (01 11 21 31) */ \
-  col2l = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 2]);  /* (02 12 22 32) */ \
-  col3l = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 3]);  /* (03 13 23 33) */ \
-  col0h = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 4]);  /* (40 50 60 70) */ \
-  col1h = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 5]);  /* (41 51 61 71) */ \
-  col2h = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 6]);  /* (42 52 62 72) */ \
-  col3h = _mm_load_si64((__m64 *)&dataptr[DCTSIZE * 7]);  /* (43 53 63 73) */ \
-  \
-  /* Transpose coefficients */ \
-  \
-  col23a = _mm_unpacklo_pi16(col2l, col3l);   /* col23a=(02 03 12 13) */ \
-  col23b = _mm_unpackhi_pi16(col2l, col3l);   /* col23b=(22 23 32 33) */ \
-  col23c = _mm_unpacklo_pi16(col2h, col3h);   /* col23c=(42 43 52 53) */ \
-  col23d = _mm_unpackhi_pi16(col2h, col3h);   /* col23d=(62 63 72 73) */ \
-  \
-  col01a = _mm_unpacklo_pi16(col0l, col1l);   /* col01a=(00 01 10 11) */ \
-  col01b = _mm_unpackhi_pi16(col0l, col1l);   /* col01b=(20 21 30 31) */ \
-  col01c = _mm_unpacklo_pi16(col0h, col1h);   /* col01c=(40 41 50 51) */ \
-  col01d = _mm_unpackhi_pi16(col0h, col1h);   /* col01d=(60 61 70 71) */ \
-  \
-  row0 = _mm_unpacklo_pi32(col01a, col23a);   /* row0=(00 01 02 03) */ \
-  row1 = _mm_unpackhi_pi32(col01a, col23a);   /* row1=(10 11 12 13) */ \
-  row6 = _mm_unpacklo_pi32(col01d, col23d);   /* row6=(60 61 62 63) */ \
-  row7 = _mm_unpackhi_pi32(col01d, col23d);   /* row7=(70 71 72 73) */ \
-  \
-  tmp6 = _mm_sub_pi16(row1, row6);            /* tmp6=row1-row6 */ \
-  tmp7 = _mm_sub_pi16(row0, row7);            /* tmp7=row0-row7 */ \
-  tmp1 = _mm_add_pi16(row1, row6);            /* tmp1=row1+row6 */ \
-  tmp0 = _mm_add_pi16(row0, row7);            /* tmp0=row0+row7 */ \
-  \
-  row2 = _mm_unpacklo_pi32(col01b, col23b);   /* row2=(20 21 22 23) */ \
-  row3 = _mm_unpackhi_pi32(col01b, col23b);   /* row3=(30 31 32 33) */ \
-  row4 = _mm_unpacklo_pi32(col01c, col23c);   /* row4=(40 41 42 43) */ \
-  row5 = _mm_unpackhi_pi32(col01c, col23c);   /* row5=(50 51 52 53) */ \
-  \
-  tmp3 = _mm_add_pi16(row3, row4);            /* tmp3=row3+row4 */ \
-  tmp2 = _mm_add_pi16(row2, row5);            /* tmp2=row2+row5 */ \
-  tmp4 = _mm_sub_pi16(row3, row4);            /* tmp4=row3-row4 */ \
-  tmp5 = _mm_sub_pi16(row2, row5);            /* tmp5=row2-row5 */ \
-  \
-  /* Even part */ \
-  \
-  tmp10 = _mm_add_pi16(tmp0, tmp3);           /* tmp10=tmp0+tmp3 */ \
-  tmp13 = _mm_sub_pi16(tmp0, tmp3);           /* tmp13=tmp0-tmp3 */ \
-  tmp11 = _mm_add_pi16(tmp1, tmp2);           /* tmp11=tmp1+tmp2 */ \
-  tmp12 = _mm_sub_pi16(tmp1, tmp2);           /* tmp12=tmp1-tmp2 */ \
-  \
-  out0 = _mm_add_pi16(tmp10, tmp11);          /* out0=tmp10+tmp11 */ \
-  out4 = _mm_sub_pi16(tmp10, tmp11);          /* out4=tmp10-tmp11 */ \
-  \
-  out0 = _mm_add_pi16(out0, PW_DESCALE_P2X); \
-  out4 = _mm_add_pi16(out4, PW_DESCALE_P2X); \
-  out0 = _mm_srai_pi16(out0, PASS1_BITS); \
-  out4 = _mm_srai_pi16(out4, PASS1_BITS); \
-  \
-  DO_FDCT_COMMON(2) \
-  \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 0], out0); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 1], out1); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 2], out2); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 3], out3); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 4], out4); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 5], out5); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 6], out6); \
-  _mm_store_si64((__m64 *)&dataptr[DCTSIZE * 7], out7); \
-}
-
-void jsimd_fdct_islow_mmi(DCTELEM *data)
-{
-  __m64 tmp0, tmp1, tmp2, tmp3, tmp4, tmp5, tmp6, tmp7;
-  __m64 out0, out1, out2, out3, out4, out5, out6, out7;
-  __m64 tmp12, tmp13;
-  DCTELEM *dataptr = data;
-
-  /* Pass 1: process rows. */
-
-  DO_FDCT_PASS1()
-  dataptr += DCTSIZE * 4;
-  DO_FDCT_PASS1()
-
-  /* Pass 2: process columns. */
-
-  dataptr = data;
-  DO_FDCT_PASS2()
-  dataptr += 4;
-  DO_FDCT_PASS2()
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jidctfst-mmi.c b/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jidctfst-mmi.c
deleted file mode 100644
index 503bb35..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jidctfst-mmi.c
+++ /dev/null
@@ -1,395 +0,0 @@
-/*
- * Loongson MMI optimizations for libjpeg-turbo
- *
- * Copyright (C) 2014-2015, 2018-2019, D. R. Commander.  All Rights Reserved.
- * Copyright (C) 2016-2018, Loongson Technology Corporation Limited, BeiJing.
- *                          All Rights Reserved.
- * Authors:  LiuQingfa <liuqingfa-hf@loongson.cn>
- *
- * Based on the x86 SIMD extension for IJG JPEG library
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* FAST INTEGER INVERSE DCT */
-
-#include "jsimd_mmi.h"
-
-
-#define CONST_BITS  8
-#define PASS1_BITS  2
-
-#define FIX_1_082  ((short)277)                   /* FIX(1.082392200) */
-#define FIX_1_414  ((short)362)                   /* FIX(1.414213562) */
-#define FIX_1_847  ((short)473)                   /* FIX(1.847759065) */
-#define FIX_2_613  ((short)669)                   /* FIX(2.613125930) */
-#define FIX_1_613  ((short)(FIX_2_613 - 256 * 3)) /* FIX(2.613125930) - FIX(1) */
-
-#define PRE_MULTIPLY_SCALE_BITS  2
-#define CONST_SHIFT  (16 - PRE_MULTIPLY_SCALE_BITS - CONST_BITS)
-
-enum const_index {
-  index_PW_F1082,
-  index_PW_F1414,
-  index_PW_F1847,
-  index_PW_MF1613,
-  index_PB_CENTERJSAMP
-};
-
-static uint64_t const_value[] = {
-  _uint64_set1_pi16(FIX_1_082 << CONST_SHIFT),
-  _uint64_set1_pi16(FIX_1_414 << CONST_SHIFT),
-  _uint64_set1_pi16(FIX_1_847 << CONST_SHIFT),
-  _uint64_set1_pi16(-FIX_1_613 << CONST_SHIFT),
-  _uint64_set1_pi8(CENTERJSAMPLE)
-};
-
-#define PW_F1414        get_const_value(index_PW_F1414)
-#define PW_F1847        get_const_value(index_PW_F1847)
-#define PW_MF1613       get_const_value(index_PW_MF1613)
-#define PW_F1082        get_const_value(index_PW_F1082)
-#define PB_CENTERJSAMP  get_const_value(index_PB_CENTERJSAMP)
-
-
-#define test_m32_zero(mm32)  (!(*(uint32_t *)&mm32))
-#define test_m64_zero(mm64)  (!(*(uint64_t *)&mm64))
-
-
-#define DO_IDCT_COMMON() { \
-  tmp7 = _mm_add_pi16(z11, z13); \
-  \
-  tmp11 = _mm_sub_pi16(z11, z13); \
-  tmp11 = _mm_slli_pi16(tmp11, PRE_MULTIPLY_SCALE_BITS); \
-  tmp11 = _mm_mulhi_pi16(tmp11, PW_F1414); \
-  \
-  tmp10 = _mm_slli_pi16(z12, PRE_MULTIPLY_SCALE_BITS); \
-  tmp12 = _mm_slli_pi16(z10, PRE_MULTIPLY_SCALE_BITS); \
-  \
-  /* To avoid overflow... \
-   * \
-   * (Original) \
-   * tmp12 = -2.613125930 * z10 + z5; \
-   * \
-   * (This implementation) \
-   * tmp12 = (-1.613125930 - 1) * z10 + z5; \
-   *       = -1.613125930 * z10 - z10 + z5; \
-   */ \
-  \
-  z5 = _mm_add_pi16(tmp10, tmp12); \
-  z5 = _mm_mulhi_pi16(z5, PW_F1847); \
-  \
-  tmp10 = _mm_mulhi_pi16(tmp10, PW_F1082); \
-  tmp10 = _mm_sub_pi16(tmp10, z5); \
-  tmp12 = _mm_mulhi_pi16(tmp12, PW_MF1613); \
-  tmp12 = _mm_sub_pi16(tmp12, z10); \
-  tmp12 = _mm_sub_pi16(tmp12, z10); \
-  tmp12 = _mm_sub_pi16(tmp12, z10); \
-  tmp12 = _mm_add_pi16(tmp12, z5); \
-  \
-  /* Final output stage */ \
-  \
-  tmp6 = _mm_sub_pi16(tmp12, tmp7); \
-  tmp5 = _mm_sub_pi16(tmp11, tmp6); \
-  tmp4 = _mm_add_pi16(tmp10, tmp5); \
-  \
-  out0 = _mm_add_pi16(tmp0, tmp7); \
-  out7 = _mm_sub_pi16(tmp0, tmp7); \
-  out1 = _mm_add_pi16(tmp1, tmp6); \
-  out6 = _mm_sub_pi16(tmp1, tmp6); \
-  \
-  out2 = _mm_add_pi16(tmp2, tmp5); \
-  out5 = _mm_sub_pi16(tmp2, tmp5); \
-  out4 = _mm_add_pi16(tmp3, tmp4); \
-  out3 = _mm_sub_pi16(tmp3, tmp4); \
-}
-
-#define DO_IDCT_PASS1(iter) { \
-  __m64 col0l, col1l, col2l, col3l, col4l, col5l, col6l, col7l; \
-  __m64 quant0l, quant1l, quant2l, quant3l; \
-  __m64 quant4l, quant5l, quant6l, quant7l; \
-  __m64 row01a, row01b, row01c, row01d, row23a, row23b, row23c, row23d; \
-  __m64 row0l, row0h, row1l, row1h, row2l, row2h, row3l, row3h; \
-  __m32 col0a, col1a, mm0; \
-  \
-  col0a = _mm_load_si32((__m32 *)&inptr[DCTSIZE * 1]); \
-  col1a = _mm_load_si32((__m32 *)&inptr[DCTSIZE * 2]); \
-  mm0 = _mm_or_si32(col0a, col1a); \
-  \
-  if (test_m32_zero(mm0)) { \
-    __m64 mm1, mm2; \
-    \
-    col0l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 0]); \
-    col1l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 1]); \
-    col2l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 2]); \
-    col3l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 3]); \
-    col4l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 4]); \
-    col5l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 5]); \
-    col6l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 6]); \
-    col7l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 7]); \
-    \
-    mm1 = _mm_or_si64(col1l, col3l); \
-    mm2 = _mm_or_si64(col2l, col4l); \
-    mm1 = _mm_or_si64(mm1, col5l); \
-    mm2 = _mm_or_si64(mm2, col6l); \
-    mm1 = _mm_or_si64(mm1, col7l); \
-    mm1 = _mm_or_si64(mm1, mm2); \
-    \
-    if (test_m64_zero(mm1)) { \
-      __m64 dcval, dcvall, dcvalh, row0, row1, row2, row3; \
-      \
-      /* AC terms all zero */ \
-      \
-      quant0l = _mm_load_si64((__m64 *)&quantptr[DCTSIZE * 0]); \
-      \
-      dcval = _mm_mullo_pi16(col0l, quant0l);    /* dcval=(00 10 20 30) */ \
-      \
-      dcvall = _mm_unpacklo_pi16(dcval, dcval);  /* dcvall=(00 00 10 10) */ \
-      dcvalh = _mm_unpackhi_pi16(dcval, dcval);  /* dcvalh=(20 20 30 30) */ \
-      \
-      row0 = _mm_unpacklo_pi32(dcvall, dcvall);  /* row0=(00 00 00 00) */ \
-      row1 = _mm_unpackhi_pi32(dcvall, dcvall);  /* row1=(10 10 10 10) */ \
-      row2 = _mm_unpacklo_pi32(dcvalh, dcvalh);  /* row2=(20 20 20 20) */ \
-      row3 = _mm_unpackhi_pi32(dcvalh, dcvalh);  /* row3=(30 30 30 30) */ \
-      \
-      _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 0], row0); \
-      _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 0 + 4], row0); \
-      _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 1], row1); \
-      _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 1 + 4], row1); \
-      _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 2], row2); \
-      _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 2 + 4], row2); \
-      _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 3], row3); \
-      _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 3 + 4], row3); \
-      \
-      goto nextcolumn##iter; \
-    } \
-  } \
-  \
-  /* Even part */ \
-  \
-  col0l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 0]);  /* (00 10 20 30) */ \
-  col2l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 2]);  /* (02 12 22 32) */ \
-  col4l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 4]);  /* (04 14 24 34) */ \
-  col6l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 6]);  /* (06 16 26 36) */ \
-  \
-  quant0l = _mm_load_si64((__m64 *)&quantptr[DCTSIZE * 0]); \
-  quant2l = _mm_load_si64((__m64 *)&quantptr[DCTSIZE * 2]); \
-  quant4l = _mm_load_si64((__m64 *)&quantptr[DCTSIZE * 4]); \
-  quant6l = _mm_load_si64((__m64 *)&quantptr[DCTSIZE * 6]); \
-  \
-  tmp0 = _mm_mullo_pi16(col0l, quant0l); \
-  tmp1 = _mm_mullo_pi16(col2l, quant2l); \
-  tmp2 = _mm_mullo_pi16(col4l, quant4l); \
-  tmp3 = _mm_mullo_pi16(col6l, quant6l); \
-  \
-  tmp10 = _mm_add_pi16(tmp0, tmp2); \
-  tmp11 = _mm_sub_pi16(tmp0, tmp2); \
-  tmp13 = _mm_add_pi16(tmp1, tmp3); \
-  \
-  tmp12 = _mm_sub_pi16(tmp1, tmp3); \
-  tmp12 = _mm_slli_pi16(tmp12, PRE_MULTIPLY_SCALE_BITS); \
-  tmp12 = _mm_mulhi_pi16(tmp12, PW_F1414); \
-  tmp12 = _mm_sub_pi16(tmp12, tmp13); \
-  \
-  tmp0 = _mm_add_pi16(tmp10, tmp13); \
-  tmp3 = _mm_sub_pi16(tmp10, tmp13); \
-  tmp1 = _mm_add_pi16(tmp11, tmp12); \
-  tmp2 = _mm_sub_pi16(tmp11, tmp12); \
-  \
-  /* Odd part */ \
-  \
-  col1l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 1]);  /* (01 11 21 31) */ \
-  col3l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 3]);  /* (03 13 23 33) */ \
-  col5l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 5]);  /* (05 15 25 35) */ \
-  col7l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 7]);  /* (07 17 27 37) */ \
-  \
-  quant1l = _mm_load_si64((__m64 *)&quantptr[DCTSIZE * 1]); \
-  quant3l = _mm_load_si64((__m64 *)&quantptr[DCTSIZE * 3]); \
-  quant5l = _mm_load_si64((__m64 *)&quantptr[DCTSIZE * 5]); \
-  quant7l = _mm_load_si64((__m64 *)&quantptr[DCTSIZE * 7]); \
-  \
-  tmp4 = _mm_mullo_pi16(col1l, quant1l); \
-  tmp5 = _mm_mullo_pi16(col3l, quant3l); \
-  tmp6 = _mm_mullo_pi16(col5l, quant5l); \
-  tmp7 = _mm_mullo_pi16(col7l, quant7l); \
-  \
-  z13 = _mm_add_pi16(tmp6, tmp5); \
-  z10 = _mm_sub_pi16(tmp6, tmp5); \
-  z11 = _mm_add_pi16(tmp4, tmp7); \
-  z12 = _mm_sub_pi16(tmp4, tmp7); \
-  \
-  DO_IDCT_COMMON() \
-  \
-  /* out0=(00 10 20 30), out1=(01 11 21 31) */ \
-  /* out2=(02 12 22 32), out3=(03 13 23 33) */ \
-  /* out4=(04 14 24 34), out5=(05 15 25 35) */ \
-  /* out6=(06 16 26 36), out7=(07 17 27 37) */ \
-  \
-  /* Transpose coefficients */ \
-  \
-  row01a = _mm_unpacklo_pi16(out0, out1);     /* row01a=(00 01 10 11) */ \
-  row23a = _mm_unpackhi_pi16(out0, out1);     /* row23a=(20 21 30 31) */ \
-  row01d = _mm_unpacklo_pi16(out6, out7);     /* row01d=(06 07 16 17) */ \
-  row23d = _mm_unpackhi_pi16(out6, out7);     /* row23d=(26 27 36 37) */ \
-  \
-  row01b = _mm_unpacklo_pi16(out2, out3);     /* row01b=(02 03 12 13) */ \
-  row23b = _mm_unpackhi_pi16(out2, out3);     /* row23b=(22 23 32 33) */ \
-  row01c = _mm_unpacklo_pi16(out4, out5);     /* row01c=(04 05 14 15) */ \
-  row23c = _mm_unpackhi_pi16(out4, out5);     /* row23c=(24 25 34 35) */ \
-  \
-  row0l = _mm_unpacklo_pi32(row01a, row01b);  /* row0l=(00 01 02 03) */ \
-  row1l = _mm_unpackhi_pi32(row01a, row01b);  /* row1l=(10 11 12 13) */ \
-  row2l = _mm_unpacklo_pi32(row23a, row23b);  /* row2l=(20 21 22 23) */ \
-  row3l = _mm_unpackhi_pi32(row23a, row23b);  /* row3l=(30 31 32 33) */ \
-  \
-  row0h = _mm_unpacklo_pi32(row01c, row01d);  /* row0h=(04 05 06 07) */ \
-  row1h = _mm_unpackhi_pi32(row01c, row01d);  /* row1h=(14 15 16 17) */ \
-  row2h = _mm_unpacklo_pi32(row23c, row23d);  /* row2h=(24 25 26 27) */ \
-  row3h = _mm_unpackhi_pi32(row23c, row23d);  /* row3h=(34 35 36 37) */ \
-  \
-  _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 0], row0l); \
-  _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 0 + 4], row0h); \
-  _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 1], row1l); \
-  _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 1 + 4], row1h); \
-  _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 2], row2l); \
-  _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 2 + 4], row2h); \
-  _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 3], row3l); \
-  _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 3 + 4], row3h); \
-}
-
-#define DO_IDCT_PASS2(ctr) { \
-  __m64 row0l, row1l, row2l, row3l, row4l, row5l, row6l, row7l; \
-  __m64 col0123a, col0123b, col0123c, col0123d; \
-  __m64 col01l, col01h, col23l, col23h; \
-  __m64 col0, col1, col2, col3; \
-  __m64 row06, row17, row24, row35; \
-  \
-  row0l = _mm_load_si64((__m64 *)&wsptr[DCTSIZE * 0]);  /* (00 01 02 03) */ \
-  row1l = _mm_load_si64((__m64 *)&wsptr[DCTSIZE * 1]);  /* (10 11 12 13) */ \
-  row2l = _mm_load_si64((__m64 *)&wsptr[DCTSIZE * 2]);  /* (20 21 22 23) */ \
-  row3l = _mm_load_si64((__m64 *)&wsptr[DCTSIZE * 3]);  /* (30 31 32 33) */ \
-  row4l = _mm_load_si64((__m64 *)&wsptr[DCTSIZE * 4]);  /* (40 41 42 43) */ \
-  row5l = _mm_load_si64((__m64 *)&wsptr[DCTSIZE * 5]);  /* (50 51 52 53) */ \
-  row6l = _mm_load_si64((__m64 *)&wsptr[DCTSIZE * 6]);  /* (60 61 62 63) */ \
-  row7l = _mm_load_si64((__m64 *)&wsptr[DCTSIZE * 7]);  /* (70 71 72 73) */ \
-  \
-  /* Even part */ \
-  \
-  tmp10 = _mm_add_pi16(row0l, row4l); \
-  tmp11 = _mm_sub_pi16(row0l, row4l); \
-  tmp13 = _mm_add_pi16(row2l, row6l); \
-  \
-  tmp12 = _mm_sub_pi16(row2l, row6l); \
-  tmp12 = _mm_slli_pi16(tmp12, PRE_MULTIPLY_SCALE_BITS); \
-  tmp12 = _mm_mulhi_pi16(tmp12, PW_F1414); \
-  tmp12 = _mm_sub_pi16(tmp12, tmp13); \
-  \
-  tmp0 = _mm_add_pi16(tmp10, tmp13); \
-  tmp3 = _mm_sub_pi16(tmp10, tmp13); \
-  tmp1 = _mm_add_pi16(tmp11, tmp12); \
-  tmp2 = _mm_sub_pi16(tmp11, tmp12); \
-  \
-  /* Odd part */ \
-  \
-  z13 = _mm_add_pi16(row5l, row3l); \
-  z10 = _mm_sub_pi16(row5l, row3l); \
-  z11 = _mm_add_pi16(row1l, row7l); \
-  z12 = _mm_sub_pi16(row1l, row7l); \
-  \
-  DO_IDCT_COMMON() \
-  \
-  /* out0=(00 01 02 03), out1=(10 11 12 13) */ \
-  /* out2=(20 21 22 23), out3=(30 31 32 33) */ \
-  /* out4=(40 41 42 43), out5=(50 51 52 53) */ \
-  /* out6=(60 61 62 63), out7=(70 71 72 73) */ \
-  \
-  out0 = _mm_srai_pi16(out0, PASS1_BITS + 3); \
-  out1 = _mm_srai_pi16(out1, PASS1_BITS + 3); \
-  out2 = _mm_srai_pi16(out2, PASS1_BITS + 3); \
-  out3 = _mm_srai_pi16(out3, PASS1_BITS + 3); \
-  out4 = _mm_srai_pi16(out4, PASS1_BITS + 3); \
-  out5 = _mm_srai_pi16(out5, PASS1_BITS + 3); \
-  out6 = _mm_srai_pi16(out6, PASS1_BITS + 3); \
-  out7 = _mm_srai_pi16(out7, PASS1_BITS + 3); \
-  \
-  row06 = _mm_packs_pi16(out0, out6);  /* row06=(00 01 02 03 60 61 62 63) */ \
-  row17 = _mm_packs_pi16(out1, out7);  /* row17=(10 11 12 13 70 71 72 73) */ \
-  row24 = _mm_packs_pi16(out2, out4);  /* row24=(20 21 22 23 40 41 42 43) */ \
-  row35 = _mm_packs_pi16(out3, out5);  /* row35=(30 31 32 33 50 51 52 53) */ \
-  \
-  row06 = _mm_add_pi8(row06, PB_CENTERJSAMP); \
-  row17 = _mm_add_pi8(row17, PB_CENTERJSAMP); \
-  row24 = _mm_add_pi8(row24, PB_CENTERJSAMP); \
-  row35 = _mm_add_pi8(row35, PB_CENTERJSAMP); \
-  \
-  /* Transpose coefficients */ \
-  \
-  col0123a = _mm_unpacklo_pi8(row06, row17);  /* col0123a=(00 10 01 11 02 12 03 13) */ \
-  col0123d = _mm_unpackhi_pi8(row06, row17);  /* col0123d=(60 70 61 71 62 72 63 73) */ \
-  col0123b = _mm_unpacklo_pi8(row24, row35);  /* col0123b=(20 30 21 31 22 32 23 33) */ \
-  col0123c = _mm_unpackhi_pi8(row24, row35);  /* col0123c=(40 50 41 51 42 52 43 53) */ \
-  \
-  col01l = _mm_unpacklo_pi16(col0123a, col0123b);  /* col01l=(00 10 20 30 01 11 21 31) */ \
-  col23l = _mm_unpackhi_pi16(col0123a, col0123b);  /* col23l=(02 12 22 32 03 13 23 33) */ \
-  col01h = _mm_unpacklo_pi16(col0123c, col0123d);  /* col01h=(40 50 60 70 41 51 61 71) */ \
-  col23h = _mm_unpackhi_pi16(col0123c, col0123d);  /* col23h=(42 52 62 72 43 53 63 73) */ \
-  \
-  col0 = _mm_unpacklo_pi32(col01l, col01h);   /* col0=(00 10 20 30 40 50 60 70) */ \
-  col1 = _mm_unpackhi_pi32(col01l, col01h);   /* col1=(01 11 21 31 41 51 61 71) */ \
-  col2 = _mm_unpacklo_pi32(col23l, col23h);   /* col2=(02 12 22 32 42 52 62 72) */ \
-  col3 = _mm_unpackhi_pi32(col23l, col23h);   /* col3=(03 13 23 33 43 53 63 73) */ \
-  \
-  _mm_store_si64((__m64 *)(output_buf[ctr + 0] + output_col), col0); \
-  _mm_store_si64((__m64 *)(output_buf[ctr + 1] + output_col), col1); \
-  _mm_store_si64((__m64 *)(output_buf[ctr + 2] + output_col), col2); \
-  _mm_store_si64((__m64 *)(output_buf[ctr + 3] + output_col), col3); \
-}
-
-void jsimd_idct_ifast_mmi(void *dct_table, JCOEFPTR coef_block,
-                          JSAMPARRAY output_buf, JDIMENSION output_col)
-{
-  __m64 tmp0, tmp1, tmp2, tmp3, tmp4, tmp5, tmp6, tmp7;
-  __m64 tmp10, tmp11, tmp12, tmp13;
-  __m64 out0, out1, out2, out3, out4, out5, out6, out7;
-  __m64 z5, z10, z11, z12, z13;
-  JCOEFPTR inptr;
-  ISLOW_MULT_TYPE *quantptr;
-  JCOEF *wsptr;
-  JCOEF workspace[DCTSIZE2];  /* buffers data between passes */
-
-  /* Pass 1: process columns. */
-
-  inptr = coef_block;
-  quantptr = (ISLOW_MULT_TYPE *)dct_table;
-  wsptr = workspace;
-
-  DO_IDCT_PASS1(1)
-nextcolumn1:
-  inptr += 4;
-  quantptr += 4;
-  wsptr += DCTSIZE * 4;
-  DO_IDCT_PASS1(2)
-nextcolumn2:
-
-  /* Pass 2: process rows. */
-
-  wsptr = workspace;
-
-  DO_IDCT_PASS2(0)
-  wsptr += 4;
-  DO_IDCT_PASS2(4)
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jidctint-mmi.c b/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jidctint-mmi.c
deleted file mode 100644
index cd3db98..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jidctint-mmi.c
+++ /dev/null
@@ -1,571 +0,0 @@
-/*
- * Loongson MMI optimizations for libjpeg-turbo
- *
- * Copyright (C) 2014-2015, 2018, 2020, D. R. Commander.  All Rights Reserved.
- * Copyright (C) 2016-2017, Loongson Technology Corporation Limited, BeiJing.
- *                          All Rights Reserved.
- * Authors:  ZhuChen     <zhuchen@loongson.cn>
- *           CaiWanwei   <caiwanwei@loongson.cn>
- *           SunZhangzhi <sunzhangzhi-cq@loongson.cn>
- *
- * Based on the x86 SIMD extension for IJG JPEG library
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* ACCUATE INTEGER INVERSE DCT */
-
-#include "jsimd_mmi.h"
-
-
-#define CONST_BITS  13
-#define PASS1_BITS  2
-#define DESCALE_P1  (CONST_BITS - PASS1_BITS)
-#define DESCALE_P2  (CONST_BITS + PASS1_BITS + 3)
-#define CENTERJSAMPLE  128
-
-#define FIX_0_298  ((short)2446)  /* FIX(0.298631336) */
-#define FIX_0_390  ((short)3196)  /* FIX(0.390180644) */
-#define FIX_0_899  ((short)7373)  /* FIX(0.899976223) */
-#define FIX_0_541  ((short)4433)  /* FIX(0.541196100) */
-#define FIX_0_765  ((short)6270)  /* FIX(0.765366865) */
-#define FIX_1_175  ((short)9633)  /* FIX(1.175875602) */
-#define FIX_1_501  ((short)12299) /* FIX(1.501321110) */
-#define FIX_1_847  ((short)15137) /* FIX(1.847759065) */
-#define FIX_1_961  ((short)16069) /* FIX(1.961570560) */
-#define FIX_2_053  ((short)16819) /* FIX(2.053119869) */
-#define FIX_2_562  ((short)20995) /* FIX(2.562915447) */
-#define FIX_3_072  ((short)25172) /* FIX(3.072711026) */
-
-enum const_index {
-  index_PW_F130_F054,
-  index_PW_F054_MF130,
-  index_PW_MF078_F117,
-  index_PW_F117_F078,
-  index_PW_MF060_MF089,
-  index_PW_MF089_F060,
-  index_PW_MF050_MF256,
-  index_PW_MF256_F050,
-  index_PD_DESCALE_P1,
-  index_PD_DESCALE_P2,
-  index_PB_CENTERJSAMP
-};
-
-static uint64_t const_value[] = {
-  _uint64_set_pi16(FIX_0_541, (FIX_0_541 + FIX_0_765),
-                   FIX_0_541, (FIX_0_541 + FIX_0_765)),
-  _uint64_set_pi16((FIX_0_541 - FIX_1_847), FIX_0_541,
-                   (FIX_0_541 - FIX_1_847), FIX_0_541),
-  _uint64_set_pi16(FIX_1_175, (FIX_1_175 - FIX_1_961),
-                   FIX_1_175, (FIX_1_175 - FIX_1_961)),
-  _uint64_set_pi16((FIX_1_175 - FIX_0_390), FIX_1_175,
-                   (FIX_1_175 - FIX_0_390), FIX_1_175),
-  _uint64_set_pi16(-FIX_0_899, (FIX_0_298 - FIX_0_899),
-                   -FIX_0_899, (FIX_0_298 - FIX_0_899)),
-  _uint64_set_pi16((FIX_1_501 - FIX_0_899), -FIX_0_899,
-                   (FIX_1_501 - FIX_0_899), -FIX_0_899),
-  _uint64_set_pi16(-FIX_2_562, (FIX_2_053 - FIX_2_562),
-                   -FIX_2_562, (FIX_2_053 - FIX_2_562)),
-  _uint64_set_pi16((FIX_3_072 - FIX_2_562), -FIX_2_562,
-                   (FIX_3_072 - FIX_2_562), -FIX_2_562),
-  _uint64_set_pi32((1 << (DESCALE_P1 - 1)), (1 << (DESCALE_P1 - 1))),
-  _uint64_set_pi32((1 << (DESCALE_P2 - 1)), (1 << (DESCALE_P2 - 1))),
-  _uint64_set_pi8(CENTERJSAMPLE, CENTERJSAMPLE, CENTERJSAMPLE, CENTERJSAMPLE,
-                  CENTERJSAMPLE, CENTERJSAMPLE, CENTERJSAMPLE, CENTERJSAMPLE)
-};
-
-#define PW_F130_F054    get_const_value(index_PW_F130_F054)
-#define PW_F054_MF130   get_const_value(index_PW_F054_MF130)
-#define PW_MF078_F117   get_const_value(index_PW_MF078_F117)
-#define PW_F117_F078    get_const_value(index_PW_F117_F078)
-#define PW_MF060_MF089  get_const_value(index_PW_MF060_MF089)
-#define PW_MF089_F060   get_const_value(index_PW_MF089_F060)
-#define PW_MF050_MF256  get_const_value(index_PW_MF050_MF256)
-#define PW_MF256_F050   get_const_value(index_PW_MF256_F050)
-#define PD_DESCALE_P1   get_const_value(index_PD_DESCALE_P1)
-#define PD_DESCALE_P2   get_const_value(index_PD_DESCALE_P2)
-#define PB_CENTERJSAMP  get_const_value(index_PB_CENTERJSAMP)
-
-
-#define test_m32_zero(mm32)  (!(*(uint32_t *)&mm32))
-#define test_m64_zero(mm64)  (!(*(uint64_t *)&mm64))
-
-
-#define DO_IDCT_COMMON(PASS) { \
-  __m64 tmp0_3l, tmp0_3h, tmp1_2l, tmp1_2h; \
-  __m64 tmp0l, tmp0h, tmp1l, tmp1h, tmp2l, tmp2h, tmp3l, tmp3h; \
-  __m64 z34l, z34h, z3l, z3h, z4l, z4h, z3, z4; \
-  __m64 out0l, out0h, out1l, out1h, out2l, out2h, out3l, out3h; \
-  __m64 out4l, out4h, out5l, out5h, out6l, out6h, out7l, out7h; \
-  \
-  z3 = _mm_add_pi16(tmp0, tmp2); \
-  z4 = _mm_add_pi16(tmp1, tmp3); \
-  \
-  /* (Original) \
-   * z5 = (z3 + z4) * 1.175875602; \
-   * z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644; \
-   * z3 += z5;  z4 += z5; \
-   * \
-   * (This implementation) \
-   * z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602; \
-   * z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644); \
-   */ \
-  \
-  z34l = _mm_unpacklo_pi16(z3, z4); \
-  z34h = _mm_unpackhi_pi16(z3, z4); \
-  z3l = _mm_madd_pi16(z34l, PW_MF078_F117); \
-  z3h = _mm_madd_pi16(z34h, PW_MF078_F117); \
-  z4l = _mm_madd_pi16(z34l, PW_F117_F078); \
-  z4h = _mm_madd_pi16(z34h, PW_F117_F078); \
-  \
-  /* (Original) \
-   * z1 = tmp0 + tmp3;  z2 = tmp1 + tmp2; \
-   * tmp0 = tmp0 * 0.298631336;  tmp1 = tmp1 * 2.053119869; \
-   * tmp2 = tmp2 * 3.072711026;  tmp3 = tmp3 * 1.501321110; \
-   * z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447; \
-   * tmp0 += z1 + z3;  tmp1 += z2 + z4; \
-   * tmp2 += z2 + z3;  tmp3 += z1 + z4; \
-   * \
-   * (This implementation) \
-   * tmp0 = tmp0 * (0.298631336 - 0.899976223) + tmp3 * -0.899976223; \
-   * tmp1 = tmp1 * (2.053119869 - 2.562915447) + tmp2 * -2.562915447; \
-   * tmp2 = tmp1 * -2.562915447 + tmp2 * (3.072711026 - 2.562915447); \
-   * tmp3 = tmp0 * -0.899976223 + tmp3 * (1.501321110 - 0.899976223); \
-   * tmp0 += z3;  tmp1 += z4; \
-   * tmp2 += z3;  tmp3 += z4; \
-   */ \
-  \
-  tmp0_3l = _mm_unpacklo_pi16(tmp0, tmp3); \
-  tmp0_3h = _mm_unpackhi_pi16(tmp0, tmp3); \
-  \
-  tmp0l = _mm_madd_pi16(tmp0_3l, PW_MF060_MF089); \
-  tmp0h = _mm_madd_pi16(tmp0_3h, PW_MF060_MF089); \
-  tmp3l = _mm_madd_pi16(tmp0_3l, PW_MF089_F060); \
-  tmp3h = _mm_madd_pi16(tmp0_3h, PW_MF089_F060); \
-  \
-  tmp0l = _mm_add_pi32(tmp0l, z3l); \
-  tmp0h = _mm_add_pi32(tmp0h, z3h); \
-  tmp3l = _mm_add_pi32(tmp3l, z4l); \
-  tmp3h = _mm_add_pi32(tmp3h, z4h); \
-  \
-  tmp1_2l = _mm_unpacklo_pi16(tmp1, tmp2); \
-  tmp1_2h = _mm_unpackhi_pi16(tmp1, tmp2); \
-  \
-  tmp1l = _mm_madd_pi16(tmp1_2l, PW_MF050_MF256); \
-  tmp1h = _mm_madd_pi16(tmp1_2h, PW_MF050_MF256); \
-  tmp2l = _mm_madd_pi16(tmp1_2l, PW_MF256_F050); \
-  tmp2h = _mm_madd_pi16(tmp1_2h, PW_MF256_F050); \
-  \
-  tmp1l = _mm_add_pi32(tmp1l, z4l); \
-  tmp1h = _mm_add_pi32(tmp1h, z4h); \
-  tmp2l = _mm_add_pi32(tmp2l, z3l); \
-  tmp2h = _mm_add_pi32(tmp2h, z3h); \
-  \
-  /* Final output stage */ \
-  \
-  out0l = _mm_add_pi32(tmp10l, tmp3l); \
-  out0h = _mm_add_pi32(tmp10h, tmp3h); \
-  out7l = _mm_sub_pi32(tmp10l, tmp3l); \
-  out7h = _mm_sub_pi32(tmp10h, tmp3h); \
-  \
-  out0l = _mm_add_pi32(out0l, PD_DESCALE_P##PASS); \
-  out0h = _mm_add_pi32(out0h, PD_DESCALE_P##PASS); \
-  out0l = _mm_srai_pi32(out0l, DESCALE_P##PASS); \
-  out0h = _mm_srai_pi32(out0h, DESCALE_P##PASS); \
-  \
-  out7l = _mm_add_pi32(out7l, PD_DESCALE_P##PASS); \
-  out7h = _mm_add_pi32(out7h, PD_DESCALE_P##PASS); \
-  out7l = _mm_srai_pi32(out7l, DESCALE_P##PASS); \
-  out7h = _mm_srai_pi32(out7h, DESCALE_P##PASS); \
-  \
-  out0 = _mm_packs_pi32(out0l, out0h); \
-  out7 = _mm_packs_pi32(out7l, out7h); \
-  \
-  out1l = _mm_add_pi32(tmp11l, tmp2l); \
-  out1h = _mm_add_pi32(tmp11h, tmp2h); \
-  out6l = _mm_sub_pi32(tmp11l, tmp2l); \
-  out6h = _mm_sub_pi32(tmp11h, tmp2h); \
-  \
-  out1l = _mm_add_pi32(out1l, PD_DESCALE_P##PASS); \
-  out1h = _mm_add_pi32(out1h, PD_DESCALE_P##PASS); \
-  out1l = _mm_srai_pi32(out1l, DESCALE_P##PASS); \
-  out1h = _mm_srai_pi32(out1h, DESCALE_P##PASS); \
-  \
-  out6l = _mm_add_pi32(out6l, PD_DESCALE_P##PASS); \
-  out6h = _mm_add_pi32(out6h, PD_DESCALE_P##PASS); \
-  out6l = _mm_srai_pi32(out6l, DESCALE_P##PASS); \
-  out6h = _mm_srai_pi32(out6h, DESCALE_P##PASS); \
-  \
-  out1 = _mm_packs_pi32(out1l, out1h); \
-  out6 = _mm_packs_pi32(out6l, out6h); \
-  \
-  out2l = _mm_add_pi32(tmp12l, tmp1l); \
-  out2h = _mm_add_pi32(tmp12h, tmp1h); \
-  out5l = _mm_sub_pi32(tmp12l, tmp1l); \
-  out5h = _mm_sub_pi32(tmp12h, tmp1h); \
-  \
-  out2l = _mm_add_pi32(out2l, PD_DESCALE_P##PASS); \
-  out2h = _mm_add_pi32(out2h, PD_DESCALE_P##PASS); \
-  out2l = _mm_srai_pi32(out2l, DESCALE_P##PASS); \
-  out2h = _mm_srai_pi32(out2h, DESCALE_P##PASS); \
-  \
-  out5l = _mm_add_pi32(out5l, PD_DESCALE_P##PASS); \
-  out5h = _mm_add_pi32(out5h, PD_DESCALE_P##PASS); \
-  out5l = _mm_srai_pi32(out5l, DESCALE_P##PASS); \
-  out5h = _mm_srai_pi32(out5h, DESCALE_P##PASS); \
-  \
-  out2 = _mm_packs_pi32(out2l, out2h); \
-  out5 = _mm_packs_pi32(out5l, out5h); \
-  \
-  out3l = _mm_add_pi32(tmp13l, tmp0l); \
-  out3h = _mm_add_pi32(tmp13h, tmp0h); \
-  \
-  out4l = _mm_sub_pi32(tmp13l, tmp0l); \
-  out4h = _mm_sub_pi32(tmp13h, tmp0h); \
-  \
-  out3l = _mm_add_pi32(out3l, PD_DESCALE_P##PASS); \
-  out3h = _mm_add_pi32(out3h, PD_DESCALE_P##PASS); \
-  out3l = _mm_srai_pi32(out3l, DESCALE_P##PASS); \
-  out3h = _mm_srai_pi32(out3h, DESCALE_P##PASS); \
-  \
-  out4l = _mm_add_pi32(out4l, PD_DESCALE_P##PASS); \
-  out4h = _mm_add_pi32(out4h, PD_DESCALE_P##PASS); \
-  out4l = _mm_srai_pi32(out4l, DESCALE_P##PASS); \
-  out4h = _mm_srai_pi32(out4h, DESCALE_P##PASS); \
-  \
-  out3 = _mm_packs_pi32(out3l, out3h); \
-  out4 = _mm_packs_pi32(out4l, out4h); \
-}
-
-#define DO_IDCT_PASS1(iter) { \
-  __m64 col0l, col1l, col2l, col3l, col4l, col5l, col6l, col7l; \
-  __m64 quant0l, quant1l, quant2l, quant3l; \
-  __m64 quant4l, quant5l, quant6l, quant7l; \
-  __m64 z23, z2, z3, z23l, z23h; \
-  __m64 row01a, row01b, row01c, row01d, row23a, row23b, row23c, row23d; \
-  __m64 row0l, row0h, row1l, row1h, row2l, row2h, row3l, row3h; \
-  __m64 tmp0l, tmp0h, tmp1l, tmp1h, tmp2l, tmp2h, tmp3l, tmp3h; \
-  __m64 tmp10l, tmp10h, tmp11l, tmp11h, tmp12l, tmp12h, tmp13l, tmp13h; \
-  __m32 col0a, col1a, mm0; \
-  \
-  col0a = _mm_load_si32((__m32 *)&inptr[DCTSIZE * 1]); \
-  col1a = _mm_load_si32((__m32 *)&inptr[DCTSIZE * 2]); \
-  mm0 = _mm_or_si32(col0a, col1a); \
-  \
-  if (test_m32_zero(mm0)) { \
-    __m64 mm1, mm2; \
-    \
-    col0l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 0]); \
-    col1l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 1]); \
-    col2l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 2]); \
-    col3l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 3]); \
-    col4l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 4]); \
-    col5l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 5]); \
-    col6l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 6]); \
-    col7l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 7]); \
-    \
-    mm1 = _mm_or_si64(col1l, col3l); \
-    mm2 = _mm_or_si64(col2l, col4l); \
-    mm1 = _mm_or_si64(mm1, col5l); \
-    mm2 = _mm_or_si64(mm2, col6l); \
-    mm1 = _mm_or_si64(mm1, col7l); \
-    mm1 = _mm_or_si64(mm1, mm2); \
-    \
-    if (test_m64_zero(mm1)) { \
-      __m64 dcval, dcvall, dcvalh, row0, row1, row2, row3; \
-      \
-      /* AC terms all zero */ \
-      \
-      quant0l = _mm_load_si64((__m64 *)&quantptr[DCTSIZE * 0]); \
-      \
-      dcval = _mm_mullo_pi16(col0l, quant0l); \
-      dcval = _mm_slli_pi16(dcval, PASS1_BITS);  /* dcval=(00 10 20 30) */ \
-      \
-      dcvall = _mm_unpacklo_pi16(dcval, dcval);  /* dcvall=(00 00 10 10) */ \
-      dcvalh = _mm_unpackhi_pi16(dcval, dcval);  /* dcvalh=(20 20 30 30) */ \
-      \
-      row0 = _mm_unpacklo_pi32(dcvall, dcvall);  /* row0=(00 00 00 00) */ \
-      row1 = _mm_unpackhi_pi32(dcvall, dcvall);  /* row1=(10 10 10 10) */ \
-      row2 = _mm_unpacklo_pi32(dcvalh, dcvalh);  /* row2=(20 20 20 20) */ \
-      row3 = _mm_unpackhi_pi32(dcvalh, dcvalh);  /* row3=(30 30 30 30) */ \
-      \
-      _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 0], row0); \
-      _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 0 + 4], row0); \
-      _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 1], row1); \
-      _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 1 + 4], row1); \
-      _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 2], row2); \
-      _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 2 + 4], row2); \
-      _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 3], row3); \
-      _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 3 + 4], row3); \
-      \
-      goto nextcolumn##iter; \
-    } \
-  } \
-  \
-  /* Even part \
-   * \
-   * (Original) \
-   * z1 = (z2 + z3) * 0.541196100; \
-   * tmp2 = z1 + z3 * -1.847759065; \
-   * tmp3 = z1 + z2 * 0.765366865; \
-   * \
-   * (This implementation) \
-   * tmp2 = z2 * 0.541196100 + z3 * (0.541196100 - 1.847759065); \
-   * tmp3 = z2 * (0.541196100 + 0.765366865) + z3 * 0.541196100; \
-   */ \
-  \
-  col0l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 0]);  /* (00 10 20 30) */ \
-  col2l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 2]);  /* (02 12 22 32) */ \
-  col4l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 4]);  /* (04 14 24 34) */ \
-  col6l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 6]);  /* (06 16 26 36) */ \
-  \
-  quant0l = _mm_load_si64((__m64 *)&quantptr[DCTSIZE * 0]); \
-  quant2l = _mm_load_si64((__m64 *)&quantptr[DCTSIZE * 2]); \
-  quant4l = _mm_load_si64((__m64 *)&quantptr[DCTSIZE * 4]); \
-  quant6l = _mm_load_si64((__m64 *)&quantptr[DCTSIZE * 6]); \
-  \
-  z2 = _mm_mullo_pi16(col2l, quant2l); \
-  z3 = _mm_mullo_pi16(col6l, quant6l); \
-  \
-  z23l = _mm_unpacklo_pi16(z2, z3); \
-  z23h = _mm_unpackhi_pi16(z2, z3); \
-  tmp3l = _mm_madd_pi16(z23l, PW_F130_F054); \
-  tmp3h = _mm_madd_pi16(z23h, PW_F130_F054); \
-  tmp2l = _mm_madd_pi16(z23l, PW_F054_MF130); \
-  tmp2h = _mm_madd_pi16(z23h, PW_F054_MF130); \
-  \
-  z2 = _mm_mullo_pi16(col0l, quant0l); \
-  z3 = _mm_mullo_pi16(col4l, quant4l); \
-  \
-  z23 = _mm_add_pi16(z2, z3); \
-  tmp0l = _mm_loadlo_pi16_f(z23); \
-  tmp0h = _mm_loadhi_pi16_f(z23); \
-  tmp0l = _mm_srai_pi32(tmp0l, (16 - CONST_BITS)); \
-  tmp0h = _mm_srai_pi32(tmp0h, (16 - CONST_BITS)); \
-  \
-  tmp10l = _mm_add_pi32(tmp0l, tmp3l); \
-  tmp10h = _mm_add_pi32(tmp0h, tmp3h); \
-  tmp13l = _mm_sub_pi32(tmp0l, tmp3l); \
-  tmp13h = _mm_sub_pi32(tmp0h, tmp3h); \
-  \
-  z23 = _mm_sub_pi16(z2, z3); \
-  tmp1l = _mm_loadlo_pi16_f(z23); \
-  tmp1h = _mm_loadhi_pi16_f(z23); \
-  tmp1l = _mm_srai_pi32(tmp1l, (16 - CONST_BITS)); \
-  tmp1h = _mm_srai_pi32(tmp1h, (16 - CONST_BITS)); \
-  \
-  tmp11l = _mm_add_pi32(tmp1l, tmp2l); \
-  tmp11h = _mm_add_pi32(tmp1h, tmp2h); \
-  tmp12l = _mm_sub_pi32(tmp1l, tmp2l); \
-  tmp12h = _mm_sub_pi32(tmp1h, tmp2h); \
-  \
-  /* Odd part */ \
-  \
-  col1l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 1]);  /* (01 11 21 31) */ \
-  col3l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 3]);  /* (03 13 23 33) */ \
-  col5l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 5]);  /* (05 15 25 35) */ \
-  col7l = _mm_load_si64((__m64 *)&inptr[DCTSIZE * 7]);  /* (07 17 27 37) */ \
-  \
-  quant1l = _mm_load_si64((__m64 *)&quantptr[DCTSIZE * 1]); \
-  quant3l = _mm_load_si64((__m64 *)&quantptr[DCTSIZE * 3]); \
-  quant5l = _mm_load_si64((__m64 *)&quantptr[DCTSIZE * 5]); \
-  quant7l = _mm_load_si64((__m64 *)&quantptr[DCTSIZE * 7]); \
-  \
-  tmp0 = _mm_mullo_pi16(col7l, quant7l); \
-  tmp1 = _mm_mullo_pi16(col5l, quant5l); \
-  tmp2 = _mm_mullo_pi16(col3l, quant3l); \
-  tmp3 = _mm_mullo_pi16(col1l, quant1l); \
-  \
-  DO_IDCT_COMMON(1) \
-  \
-  /* out0=(00 10 20 30), out1=(01 11 21 31) */ \
-  /* out2=(02 12 22 32), out3=(03 13 23 33) */ \
-  /* out4=(04 14 24 34), out5=(05 15 25 35) */ \
-  /* out6=(06 16 26 36), out7=(07 17 27 37) */ \
-  \
-  /* Transpose coefficients */ \
-  \
-  row01a = _mm_unpacklo_pi16(out0, out1);     /* row01a=(00 01 10 11) */ \
-  row23a = _mm_unpackhi_pi16(out0, out1);     /* row23a=(20 21 30 31) */ \
-  row01d = _mm_unpacklo_pi16(out6, out7);     /* row01d=(06 07 16 17) */ \
-  row23d = _mm_unpackhi_pi16(out6, out7);     /* row23d=(26 27 36 37) */ \
-  \
-  row01b = _mm_unpacklo_pi16(out2, out3);     /* row01b=(02 03 12 13) */ \
-  row23b = _mm_unpackhi_pi16(out2, out3);     /* row23b=(22 23 32 33) */ \
-  row01c = _mm_unpacklo_pi16(out4, out5);     /* row01c=(04 05 14 15) */ \
-  row23c = _mm_unpackhi_pi16(out4, out5);     /* row23c=(24 25 34 35) */ \
-  \
-  row0l = _mm_unpacklo_pi32(row01a, row01b);  /* row0l=(00 01 02 03) */ \
-  row1l = _mm_unpackhi_pi32(row01a, row01b);  /* row1l=(10 11 12 13) */ \
-  row2l = _mm_unpacklo_pi32(row23a, row23b);  /* row2l=(20 21 22 23) */ \
-  row3l = _mm_unpackhi_pi32(row23a, row23b);  /* row3l=(30 31 32 33) */ \
-  \
-  row0h = _mm_unpacklo_pi32(row01c, row01d);  /* row0h=(04 05 06 07) */ \
-  row1h = _mm_unpackhi_pi32(row01c, row01d);  /* row1h=(14 15 16 17) */ \
-  row2h = _mm_unpacklo_pi32(row23c, row23d);  /* row2h=(24 25 26 27) */ \
-  row3h = _mm_unpackhi_pi32(row23c, row23d);  /* row3h=(34 35 36 37) */ \
-  \
-  _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 0], row0l); \
-  _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 0 + 4], row0h); \
-  _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 1], row1l); \
-  _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 1 + 4], row1h); \
-  _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 2], row2l); \
-  _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 2 + 4], row2h); \
-  _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 3], row3l); \
-  _mm_store_si64((__m64 *)&wsptr[DCTSIZE * 3 + 4], row3h); \
-}
-
-#define DO_IDCT_PASS2(ctr) { \
-  __m64 row0l, row1l, row2l, row3l, row4l, row5l, row6l, row7l; \
-  __m64 z23, z23l, z23h; \
-  __m64 col0123a, col0123b, col0123c, col0123d; \
-  __m64 col01l, col01h, col23l, col23h, row06, row17, row24, row35; \
-  __m64 col0, col1, col2, col3; \
-  __m64 tmp0l, tmp0h, tmp1l, tmp1h, tmp2l, tmp2h, tmp3l, tmp3h; \
-  __m64 tmp10l, tmp10h, tmp11l, tmp11h, tmp12l, tmp12h, tmp13l, tmp13h; \
-  \
-  row0l = _mm_load_si64((__m64 *)&wsptr[DCTSIZE * 0]);  /* (00 01 02 03) */ \
-  row1l = _mm_load_si64((__m64 *)&wsptr[DCTSIZE * 1]);  /* (10 11 12 13) */ \
-  row2l = _mm_load_si64((__m64 *)&wsptr[DCTSIZE * 2]);  /* (20 21 22 23) */ \
-  row3l = _mm_load_si64((__m64 *)&wsptr[DCTSIZE * 3]);  /* (30 31 32 33) */ \
-  row4l = _mm_load_si64((__m64 *)&wsptr[DCTSIZE * 4]);  /* (40 41 42 43) */ \
-  row5l = _mm_load_si64((__m64 *)&wsptr[DCTSIZE * 5]);  /* (50 51 52 53) */ \
-  row6l = _mm_load_si64((__m64 *)&wsptr[DCTSIZE * 6]);  /* (60 61 62 63) */ \
-  row7l = _mm_load_si64((__m64 *)&wsptr[DCTSIZE * 7]);  /* (70 71 72 73) */ \
-  \
-  /* Even part \
-   * \
-   * (Original) \
-   * z1 = (z2 + z3) * 0.541196100; \
-   * tmp2 = z1 + z3 * -1.847759065; \
-   * tmp3 = z1 + z2 * 0.765366865; \
-   * \
-   * (This implementation) \
-   * tmp2 = z2 * 0.541196100 + z3 * (0.541196100 - 1.847759065); \
-   * tmp3 = z2 * (0.541196100 + 0.765366865) + z3 * 0.541196100; \
-   */ \
-  \
-  z23l = _mm_unpacklo_pi16(row2l, row6l); \
-  z23h = _mm_unpackhi_pi16(row2l, row6l); \
-  \
-  tmp3l = _mm_madd_pi16(z23l, PW_F130_F054); \
-  tmp3h = _mm_madd_pi16(z23h, PW_F130_F054); \
-  tmp2l = _mm_madd_pi16(z23l, PW_F054_MF130); \
-  tmp2h = _mm_madd_pi16(z23h, PW_F054_MF130); \
-  \
-  z23 = _mm_add_pi16(row0l, row4l); \
-  tmp0l = _mm_loadlo_pi16_f(z23); \
-  tmp0h = _mm_loadhi_pi16_f(z23); \
-  tmp0l = _mm_srai_pi32(tmp0l, (16 - CONST_BITS)); \
-  tmp0h = _mm_srai_pi32(tmp0h, (16 - CONST_BITS)); \
-  \
-  tmp10l = _mm_add_pi32(tmp0l, tmp3l); \
-  tmp10h = _mm_add_pi32(tmp0h, tmp3h); \
-  tmp13l = _mm_sub_pi32(tmp0l, tmp3l); \
-  tmp13h = _mm_sub_pi32(tmp0h, tmp3h); \
-  \
-  z23 = _mm_sub_pi16(row0l, row4l); \
-  tmp1l = _mm_loadlo_pi16_f(z23); \
-  tmp1h = _mm_loadhi_pi16_f(z23); \
-  tmp1l = _mm_srai_pi32(tmp1l, (16 - CONST_BITS)); \
-  tmp1h = _mm_srai_pi32(tmp1h, (16 - CONST_BITS)); \
-  \
-  tmp11l = _mm_add_pi32(tmp1l, tmp2l); \
-  tmp11h = _mm_add_pi32(tmp1h, tmp2h); \
-  tmp12l = _mm_sub_pi32(tmp1l, tmp2l); \
-  tmp12h = _mm_sub_pi32(tmp1h, tmp2h); \
-  \
-  /* Odd part */ \
-  \
-  tmp0 = row7l; \
-  tmp1 = row5l; \
-  tmp2 = row3l; \
-  tmp3 = row1l; \
-  \
-  DO_IDCT_COMMON(2) \
-  \
-  /* out0=(00 01 02 03), out1=(10 11 12 13) */ \
-  /* out2=(20 21 22 23), out3=(30 31 32 33) */ \
-  /* out4=(40 41 42 43), out5=(50 51 52 53) */ \
-  /* out6=(60 61 62 63), out7=(70 71 72 73) */ \
-  \
-  row06 = _mm_packs_pi16(out0, out6);  /* row06=(00 01 02 03 60 61 62 63) */ \
-  row17 = _mm_packs_pi16(out1, out7);  /* row17=(10 11 12 13 70 71 72 73) */ \
-  row24 = _mm_packs_pi16(out2, out4);  /* row24=(20 21 22 23 40 41 42 43) */ \
-  row35 = _mm_packs_pi16(out3, out5);  /* row35=(30 31 32 33 50 51 52 53) */ \
-  \
-  row06 = _mm_add_pi8(row06, PB_CENTERJSAMP); \
-  row17 = _mm_add_pi8(row17, PB_CENTERJSAMP); \
-  row24 = _mm_add_pi8(row24, PB_CENTERJSAMP); \
-  row35 = _mm_add_pi8(row35, PB_CENTERJSAMP); \
-  \
-  /* Transpose coefficients */ \
-  \
-  col0123a = _mm_unpacklo_pi8(row06, row17);  /* col0123a=(00 10 01 11 02 12 03 13) */ \
-  col0123d = _mm_unpackhi_pi8(row06, row17);  /* col0123d=(60 70 61 71 62 72 63 73) */ \
-  col0123b = _mm_unpacklo_pi8(row24, row35);  /* col0123b=(20 30 21 31 22 32 23 33) */ \
-  col0123c = _mm_unpackhi_pi8(row24, row35);  /* col0123c=(40 50 41 51 42 52 43 53) */ \
-  \
-  col01l = _mm_unpacklo_pi16(col0123a, col0123b);  /* col01l=(00 10 20 30 01 11 21 31) */ \
-  col23l = _mm_unpackhi_pi16(col0123a, col0123b);  /* col23l=(02 12 22 32 03 13 23 33) */ \
-  col01h = _mm_unpacklo_pi16(col0123c, col0123d);  /* col01h=(40 50 60 70 41 51 61 71) */ \
-  col23h = _mm_unpackhi_pi16(col0123c, col0123d);  /* col23h=(42 52 62 72 43 53 63 73) */ \
-  \
-  col0 = _mm_unpacklo_pi32(col01l, col01h);   /* col0=(00 10 20 30 40 50 60 70) */ \
-  col1 = _mm_unpackhi_pi32(col01l, col01h);   /* col1=(01 11 21 31 41 51 61 71) */ \
-  col2 = _mm_unpacklo_pi32(col23l, col23h);   /* col2=(02 12 22 32 42 52 62 72) */ \
-  col3 = _mm_unpackhi_pi32(col23l, col23h);   /* col3=(03 13 23 33 43 53 63 73) */ \
-  \
-  _mm_store_si64((__m64 *)(output_buf[ctr + 0] + output_col), col0); \
-  _mm_store_si64((__m64 *)(output_buf[ctr + 1] + output_col), col1); \
-  _mm_store_si64((__m64 *)(output_buf[ctr + 2] + output_col), col2); \
-  _mm_store_si64((__m64 *)(output_buf[ctr + 3] + output_col), col3); \
-}
-
-void jsimd_idct_islow_mmi(void *dct_table, JCOEFPTR coef_block,
-                          JSAMPARRAY output_buf, JDIMENSION output_col)
-{
-  __m64 tmp0, tmp1, tmp2, tmp3;
-  __m64 out0, out1, out2, out3, out4, out5, out6, out7;
-  JCOEFPTR inptr;
-  ISLOW_MULT_TYPE *quantptr;
-  JCOEF *wsptr;
-  JCOEF workspace[DCTSIZE2];  /* buffers data between passes */
-
-  /* Pass 1: process columns. */
-
-  inptr = coef_block;
-  quantptr = (ISLOW_MULT_TYPE *)dct_table;
-  wsptr = workspace;
-
-  DO_IDCT_PASS1(1)
-nextcolumn1:
-  inptr += 4;
-  quantptr += 4;
-  wsptr += DCTSIZE * 4;
-  DO_IDCT_PASS1(2)
-nextcolumn2:
-
-  /* Pass 2: process rows. */
-
-  wsptr = workspace;
-
-  DO_IDCT_PASS2(0)
-  wsptr += 4;
-  DO_IDCT_PASS2(4)
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jquanti-mmi.c b/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jquanti-mmi.c
deleted file mode 100644
index 339002f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jquanti-mmi.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/*
- * Loongson MMI optimizations for libjpeg-turbo
- *
- * Copyright (C) 2016-2017, Loongson Technology Corporation Limited, BeiJing.
- *                          All Rights Reserved.
- * Authors:  ZhuChen     <zhuchen@loongson.cn>
- *           CaiWanwei   <caiwanwei@loongson.cn>
- *           SunZhangzhi <sunzhangzhi-cq@loongson.cn>
- * Copyright (C) 2018-2019, D. R. Commander.  All Rights Reserved.
- *
- * Based on the x86 SIMD extension for IJG JPEG library
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* INTEGER QUANTIZATION AND SAMPLE CONVERSION */
-
-#include "jsimd_mmi.h"
-
-
-#define DO_QUANT() { \
-  __m64 rowl, rowh, rowls, rowhs, rowlsave, rowhsave; \
-  __m64 corrl, corrh, recipl, reciph, scalel, scaleh; \
-  \
-  rowl = _mm_load_si64((__m64 *)&workspace[0]); \
-  rowh = _mm_load_si64((__m64 *)&workspace[4]); \
-  \
-  /* Branch-less absolute value */ \
-  rowls = _mm_srai_pi16(rowl, (WORD_BIT - 1));  /* -1 if value < 0, */ \
-                                                /* 0 otherwise */ \
-  rowhs = _mm_srai_pi16(rowh, (WORD_BIT - 1)); \
-  \
-  rowl = _mm_xor_si64(rowl, rowls);           /* val = -val */ \
-  rowh = _mm_xor_si64(rowh, rowhs); \
-  rowl = _mm_sub_pi16(rowl, rowls); \
-  rowh = _mm_sub_pi16(rowh, rowhs); \
-  \
-  corrl = _mm_load_si64((__m64 *)&divisors[DCTSIZE2 * 1]);  /* correction */ \
-  corrh = _mm_load_si64((__m64 *)&divisors[DCTSIZE2 * 1 + 4]); \
-  \
-  rowlsave = rowl = _mm_add_pi16(rowl, corrl);  /* correction + roundfactor */ \
-  rowhsave = rowh = _mm_add_pi16(rowh, corrh); \
-  \
-  recipl = _mm_load_si64((__m64 *)&divisors[DCTSIZE2 * 0]);  /* reciprocal */ \
-  reciph = _mm_load_si64((__m64 *)&divisors[DCTSIZE2 * 0 + 4]); \
-  \
-  rowl = _mm_mulhi_pi16(rowl, recipl); \
-  rowh = _mm_mulhi_pi16(rowh, reciph); \
-  \
-  /* reciprocal is always negative (MSB=1), so we always need to add the */ \
-  /* initial value (input value is never negative as we inverted it at the */ \
-  /* start of this routine) */ \
-  rowlsave = rowl = _mm_add_pi16(rowl, rowlsave); \
-  rowhsave = rowh = _mm_add_pi16(rowh, rowhsave); \
-  \
-  scalel = _mm_load_si64((__m64 *)&divisors[DCTSIZE2 * 2]);  /* scale */ \
-  scaleh = _mm_load_si64((__m64 *)&divisors[DCTSIZE2 * 2 + 4]); \
-  \
-  rowl = _mm_mulhi_pi16(rowl, scalel); \
-  rowh = _mm_mulhi_pi16(rowh, scaleh); \
-  \
-  /* determine if scale is negative */ \
-  scalel = _mm_srai_pi16(scalel, (WORD_BIT - 1)); \
-  scaleh = _mm_srai_pi16(scaleh, (WORD_BIT - 1)); \
-  \
-  /* and add input if it is */ \
-  scalel = _mm_and_si64(scalel, rowlsave); \
-  scaleh = _mm_and_si64(scaleh, rowhsave); \
-  rowl = _mm_add_pi16(rowl, scalel); \
-  rowh = _mm_add_pi16(rowh, scaleh); \
-  \
-  /* then check if negative input */ \
-  rowlsave = _mm_srai_pi16(rowlsave, (WORD_BIT - 1)); \
-  rowhsave = _mm_srai_pi16(rowhsave, (WORD_BIT - 1)); \
-  \
-  /* and add scale if it is */ \
-  rowlsave = _mm_and_si64(rowlsave, scalel); \
-  rowhsave = _mm_and_si64(rowhsave, scaleh); \
-  rowl = _mm_add_pi16(rowl, rowlsave); \
-  rowh = _mm_add_pi16(rowh, rowhsave); \
-  \
-  rowl = _mm_xor_si64(rowl, rowls);           /* val = -val */ \
-  rowh = _mm_xor_si64(rowh, rowhs); \
-  rowl = _mm_sub_pi16(rowl, rowls); \
-  rowh = _mm_sub_pi16(rowh, rowhs); \
-  \
-  _mm_store_si64((__m64 *)&output_ptr[0], rowl); \
-  _mm_store_si64((__m64 *)&output_ptr[4], rowh); \
-  \
-  workspace += DCTSIZE; \
-  divisors += DCTSIZE; \
-  output_ptr += DCTSIZE; \
-}
-
-
-void jsimd_quantize_mmi(JCOEFPTR coef_block, DCTELEM *divisors,
-                        DCTELEM *workspace)
-{
-  JCOEFPTR output_ptr = coef_block;
-
-  DO_QUANT()
-  DO_QUANT()
-  DO_QUANT()
-  DO_QUANT()
-  DO_QUANT()
-  DO_QUANT()
-  DO_QUANT()
-  DO_QUANT()
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jsimd.c b/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jsimd.c
deleted file mode 100644
index e8f1af5..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jsimd.c
+++ /dev/null
@@ -1,870 +0,0 @@
-/*
- * jsimd_mips64.c
- *
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2009-2011, 2014, 2016, 2018, D. R. Commander.
- * Copyright (C) 2013-2014, MIPS Technologies, Inc., California.
- * Copyright (C) 2015, 2018, Matthieu Darbois.
- * Copyright (C) 2016-2018, Loongson Technology Corporation Limited, BeiJing.
- *
- * Based on the x86 SIMD extension for IJG JPEG library,
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- * For conditions of distribution and use, see copyright notice in jsimdext.inc
- *
- * This file contains the interface between the "normal" portions
- * of the library and the SIMD implementations when running on a
- * 64-bit MIPS architecture.
- */
-
-#define JPEG_INTERNALS
-#include "../../jinclude.h"
-#include "../../jpeglib.h"
-#include "../../jsimd.h"
-#include "../../jdct.h"
-#include "../../jsimddct.h"
-#include "../jsimd.h"
-
-#include <stdio.h>
-#include <string.h>
-#include <ctype.h>
-
-static unsigned int simd_support = ~0;
-
-#if defined(__linux__)
-
-#define SOMEWHAT_SANE_PROC_CPUINFO_SIZE_LIMIT  (1024 * 1024)
-
-LOCAL(int)
-check_feature(char *buffer, char *feature)
-{
-  char *p;
-
-  if (*feature == 0)
-    return 0;
-  if (strncmp(buffer, "ASEs implemented", 16) != 0)
-    return 0;
-  buffer += 16;
-  while (isspace(*buffer))
-    buffer++;
-
-  /* Check if 'feature' is present in the buffer as a separate word */
-  while ((p = strstr(buffer, feature))) {
-    if (p > buffer && !isspace(*(p - 1))) {
-      buffer++;
-      continue;
-    }
-    p += strlen(feature);
-    if (*p != 0 && !isspace(*p)) {
-      buffer++;
-      continue;
-    }
-    return 1;
-  }
-  return 0;
-}
-
-LOCAL(int)
-parse_proc_cpuinfo(int bufsize)
-{
-  char *buffer = (char *)malloc(bufsize);
-  FILE *fd;
-
-  simd_support = 0;
-
-  if (!buffer)
-    return 0;
-
-  fd = fopen("/proc/cpuinfo", "r");
-  if (fd) {
-    while (fgets(buffer, bufsize, fd)) {
-      if (!strchr(buffer, '\n') && !feof(fd)) {
-        /* "impossible" happened - insufficient size of the buffer! */
-        fclose(fd);
-        free(buffer);
-        return 0;
-      }
-      if (check_feature(buffer, "loongson-mmi"))
-        simd_support |= JSIMD_MMI;
-    }
-    fclose(fd);
-  }
-  free(buffer);
-  return 1;
-}
-
-#endif
-
-/*
- * Check what SIMD accelerations are supported.
- *
- * FIXME: This code is racy under a multi-threaded environment.
- */
-LOCAL(void)
-init_simd(void)
-{
-#ifndef NO_GETENV
-  char *env = NULL;
-#endif
-#if defined(__linux__)
-  int bufsize = 1024; /* an initial guess for the line buffer size limit */
-#endif
-
-  if (simd_support != ~0U)
-    return;
-
-  simd_support = 0;
-
-#if defined(__linux__)
-  while (!parse_proc_cpuinfo(bufsize)) {
-    bufsize *= 2;
-    if (bufsize > SOMEWHAT_SANE_PROC_CPUINFO_SIZE_LIMIT)
-      break;
-  }
-#elif defined(__mips_loongson_vector_rev)
-  /* Only enable MMI by default on non-Linux platforms when the compiler flags
-   * support it. */
-  simd_support |= JSIMD_MMI;
-#endif
-
-#ifndef NO_GETENV
-  /* Force different settings through environment variables */
-  env = getenv("JSIMD_FORCEMMI");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_support = JSIMD_MMI;
-  env = getenv("JSIMD_FORCENONE");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_support = 0;
-#endif
-}
-
-GLOBAL(int)
-jsimd_can_rgb_ycc(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if (simd_support & JSIMD_MMI)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_rgb_gray(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if (simd_support & JSIMD_MMI)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_ycc_rgb(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if (simd_support & JSIMD_MMI)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_ycc_rgb565(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_c_can_null_convert(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_rgb_ycc_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                      JSAMPIMAGE output_buf, JDIMENSION output_row,
-                      int num_rows)
-{
-  void (*mmifct) (JDIMENSION, JSAMPARRAY, JSAMPIMAGE, JDIMENSION, int);
-
-  switch (cinfo->in_color_space) {
-  case JCS_EXT_RGB:
-    mmifct = jsimd_extrgb_ycc_convert_mmi;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    mmifct = jsimd_extrgbx_ycc_convert_mmi;
-    break;
-  case JCS_EXT_BGR:
-    mmifct = jsimd_extbgr_ycc_convert_mmi;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    mmifct = jsimd_extbgrx_ycc_convert_mmi;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    mmifct = jsimd_extxbgr_ycc_convert_mmi;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    mmifct = jsimd_extxrgb_ycc_convert_mmi;
-    break;
-  default:
-    mmifct = jsimd_rgb_ycc_convert_mmi;
-    break;
-  }
-
-  mmifct(cinfo->image_width, input_buf, output_buf, output_row, num_rows);
-}
-
-GLOBAL(void)
-jsimd_rgb_gray_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                       JSAMPIMAGE output_buf, JDIMENSION output_row,
-                       int num_rows)
-{
-  void (*mmifct) (JDIMENSION, JSAMPARRAY, JSAMPIMAGE, JDIMENSION, int);
-
-  switch (cinfo->in_color_space) {
-  case JCS_EXT_RGB:
-    mmifct = jsimd_extrgb_gray_convert_mmi;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    mmifct = jsimd_extrgbx_gray_convert_mmi;
-    break;
-  case JCS_EXT_BGR:
-    mmifct = jsimd_extbgr_gray_convert_mmi;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    mmifct = jsimd_extbgrx_gray_convert_mmi;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    mmifct = jsimd_extxbgr_gray_convert_mmi;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    mmifct = jsimd_extxrgb_gray_convert_mmi;
-    break;
-  default:
-    mmifct = jsimd_rgb_gray_convert_mmi;
-    break;
-  }
-
-  mmifct(cinfo->image_width, input_buf, output_buf, output_row, num_rows);
-}
-
-GLOBAL(void)
-jsimd_ycc_rgb_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                      JDIMENSION input_row, JSAMPARRAY output_buf,
-                      int num_rows)
-{
-  void (*mmifct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY, int);
-
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    mmifct = jsimd_ycc_extrgb_convert_mmi;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    mmifct = jsimd_ycc_extrgbx_convert_mmi;
-    break;
-  case JCS_EXT_BGR:
-    mmifct = jsimd_ycc_extbgr_convert_mmi;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    mmifct = jsimd_ycc_extbgrx_convert_mmi;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    mmifct = jsimd_ycc_extxbgr_convert_mmi;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    mmifct = jsimd_ycc_extxrgb_convert_mmi;
-    break;
-  default:
-    mmifct = jsimd_ycc_rgb_convert_mmi;
-    break;
-  }
-
-  mmifct(cinfo->output_width, input_buf, input_row, output_buf, num_rows);
-}
-
-GLOBAL(void)
-jsimd_ycc_rgb565_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                         JDIMENSION input_row, JSAMPARRAY output_buf,
-                         int num_rows)
-{
-}
-
-GLOBAL(void)
-jsimd_c_null_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                     JSAMPIMAGE output_buf, JDIMENSION output_row,
-                     int num_rows)
-{
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_downsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_MMI)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_smooth_downsample(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_downsample(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                      JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  jsimd_h2v2_downsample_mmi(cinfo->image_width, cinfo->max_v_samp_factor,
-                            compptr->v_samp_factor, compptr->width_in_blocks,
-                            input_data, output_data);
-}
-
-GLOBAL(void)
-jsimd_h2v2_smooth_downsample(j_compress_ptr cinfo,
-                             jpeg_component_info *compptr,
-                             JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-}
-
-GLOBAL(void)
-jsimd_h2v1_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                      JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_upsample(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_upsample(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_int_upsample(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                    JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-}
-
-GLOBAL(void)
-jsimd_h2v1_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                    JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-}
-
-GLOBAL(void)
-jsimd_int_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                   JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_fancy_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_MMI)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_fancy_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_MMI)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  jsimd_h2v2_fancy_upsample_mmi(cinfo->max_v_samp_factor,
-                                compptr->downsampled_width, input_data,
-                                output_data_ptr);
-}
-
-GLOBAL(void)
-jsimd_h2v1_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  jsimd_h2v1_fancy_upsample_mmi(cinfo->max_v_samp_factor,
-                                compptr->downsampled_width, input_data,
-                                output_data_ptr);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_merged_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_MMI)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_merged_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_MMI)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_merged_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                           JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-  void (*mmifct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY);
-
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    mmifct = jsimd_h2v2_extrgb_merged_upsample_mmi;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    mmifct = jsimd_h2v2_extrgbx_merged_upsample_mmi;
-    break;
-  case JCS_EXT_BGR:
-    mmifct = jsimd_h2v2_extbgr_merged_upsample_mmi;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    mmifct = jsimd_h2v2_extbgrx_merged_upsample_mmi;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    mmifct = jsimd_h2v2_extxbgr_merged_upsample_mmi;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    mmifct = jsimd_h2v2_extxrgb_merged_upsample_mmi;
-    break;
-  default:
-    mmifct = jsimd_h2v2_merged_upsample_mmi;
-    break;
-  }
-
-  mmifct(cinfo->output_width, input_buf, in_row_group_ctr, output_buf);
-}
-
-GLOBAL(void)
-jsimd_h2v1_merged_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                           JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-  void (*mmifct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY);
-
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    mmifct = jsimd_h2v1_extrgb_merged_upsample_mmi;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    mmifct = jsimd_h2v1_extrgbx_merged_upsample_mmi;
-    break;
-  case JCS_EXT_BGR:
-    mmifct = jsimd_h2v1_extbgr_merged_upsample_mmi;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    mmifct = jsimd_h2v1_extbgrx_merged_upsample_mmi;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    mmifct = jsimd_h2v1_extxbgr_merged_upsample_mmi;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    mmifct = jsimd_h2v1_extxrgb_merged_upsample_mmi;
-    break;
-  default:
-    mmifct = jsimd_h2v1_merged_upsample_mmi;
-    break;
-  }
-
-  mmifct(cinfo->output_width, input_buf, in_row_group_ctr, output_buf);
-}
-
-GLOBAL(int)
-jsimd_can_convsamp(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_convsamp_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_convsamp(JSAMPARRAY sample_data, JDIMENSION start_col,
-               DCTELEM *workspace)
-{
-}
-
-GLOBAL(void)
-jsimd_convsamp_float(JSAMPARRAY sample_data, JDIMENSION start_col,
-                     FAST_FLOAT *workspace)
-{
-}
-
-GLOBAL(int)
-jsimd_can_fdct_islow(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_MMI)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_fdct_ifast(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_MMI)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_fdct_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_fdct_islow(DCTELEM *data)
-{
-  jsimd_fdct_islow_mmi(data);
-}
-
-GLOBAL(void)
-jsimd_fdct_ifast(DCTELEM *data)
-{
-  jsimd_fdct_ifast_mmi(data);
-}
-
-GLOBAL(void)
-jsimd_fdct_float(FAST_FLOAT *data)
-{
-}
-
-GLOBAL(int)
-jsimd_can_quantize(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_MMI)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_quantize_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_quantize(JCOEFPTR coef_block, DCTELEM *divisors, DCTELEM *workspace)
-{
-  jsimd_quantize_mmi(coef_block, divisors, workspace);
-}
-
-GLOBAL(void)
-jsimd_quantize_float(JCOEFPTR coef_block, FAST_FLOAT *divisors,
-                     FAST_FLOAT *workspace)
-{
-}
-
-GLOBAL(int)
-jsimd_can_idct_2x2(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_4x4(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_6x6(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_12x12(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_idct_2x2(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-               JCOEFPTR coef_block, JSAMPARRAY output_buf,
-               JDIMENSION output_col)
-{
-}
-
-GLOBAL(void)
-jsimd_idct_4x4(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-               JCOEFPTR coef_block, JSAMPARRAY output_buf,
-               JDIMENSION output_col)
-{
-}
-
-GLOBAL(void)
-jsimd_idct_6x6(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-               JCOEFPTR coef_block, JSAMPARRAY output_buf,
-               JDIMENSION output_col)
-{
-}
-
-GLOBAL(void)
-jsimd_idct_12x12(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-}
-
-GLOBAL(int)
-jsimd_can_idct_islow(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(ISLOW_MULT_TYPE) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_MMI)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_ifast(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(IFAST_MULT_TYPE) != 2)
-    return 0;
-  if (IFAST_SCALE_BITS != 2)
-    return 0;
-
-  if (simd_support & JSIMD_MMI)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_idct_islow(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-  jsimd_idct_islow_mmi(compptr->dct_table, coef_block, output_buf, output_col);
-}
-
-GLOBAL(void)
-jsimd_idct_ifast(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-  jsimd_idct_ifast_mmi(compptr->dct_table, coef_block, output_buf, output_col);
-}
-
-GLOBAL(void)
-jsimd_idct_float(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-}
-
-GLOBAL(int)
-jsimd_can_huff_encode_one_block(void)
-{
-  return 0;
-}
-
-GLOBAL(JOCTET *)
-jsimd_huff_encode_one_block(void *state, JOCTET *buffer, JCOEFPTR block,
-                            int last_dc_val, c_derived_tbl *dctbl,
-                            c_derived_tbl *actbl)
-{
-  return NULL;
-}
-
-GLOBAL(int)
-jsimd_can_encode_mcu_AC_first_prepare(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_encode_mcu_AC_first_prepare(const JCOEF *block,
-                                  const int *jpeg_natural_order_start, int Sl,
-                                  int Al, JCOEF *values, size_t *zerobits)
-{
-}
-
-GLOBAL(int)
-jsimd_can_encode_mcu_AC_refine_prepare(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_encode_mcu_AC_refine_prepare(const JCOEF *block,
-                                   const int *jpeg_natural_order_start, int Sl,
-                                   int Al, JCOEF *absvalues, size_t *bits)
-{
-  return 0;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jsimd_mmi.h b/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jsimd_mmi.h
deleted file mode 100644
index 5e4261c..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/jsimd_mmi.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * Loongson MMI optimizations for libjpeg-turbo
- *
- * Copyright (C) 2016-2018, Loongson Technology Corporation Limited, BeiJing.
- *                          All Rights Reserved.
- * Authors:  ZhuChen     <zhuchen@loongson.cn>
- *           CaiWanwei   <caiwanwei@loongson.cn>
- *           SunZhangzhi <sunzhangzhi-cq@loongson.cn>
- *           QingfaLiu   <liuqingfa-hf@loongson.cn>
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#define JPEG_INTERNALS
-#include "../../jinclude.h"
-#include "../../jpeglib.h"
-#include "../../jdct.h"
-#include "loongson-mmintrin.h"
-
-
-/* Common code */
-#if defined(_ABI64) && _MIPS_SIM == _ABI64
-# define PTR_ADDU  "daddu "
-# define PTR_SLL   "dsll "
-#else
-# define PTR_ADDU  "addu "
-# define PTR_SLL   "sll "
-#endif
-
-#define SIZEOF_MMWORD  8
-#define BYTE_BIT  8
-#define WORD_BIT  16
-#define SCALEBITS  16
-
-#define _uint64_set_pi8(a, b, c, d, e, f, g, h) \
-  (((uint64_t)(uint8_t)a << 56) | \
-   ((uint64_t)(uint8_t)b << 48) | \
-   ((uint64_t)(uint8_t)c << 40) | \
-   ((uint64_t)(uint8_t)d << 32) | \
-   ((uint64_t)(uint8_t)e << 24) | \
-   ((uint64_t)(uint8_t)f << 16) | \
-   ((uint64_t)(uint8_t)g << 8)  | \
-   ((uint64_t)(uint8_t)h))
-#define _uint64_set1_pi8(a)  _uint64_set_pi8(a, a, a, a, a, a, a, a)
-#define _uint64_set_pi16(a, b, c, d) \
-  (((uint64_t)(uint16_t)a << 48) | \
-   ((uint64_t)(uint16_t)b << 32) | \
-   ((uint64_t)(uint16_t)c << 16) | \
-   ((uint64_t)(uint16_t)d))
-#define _uint64_set1_pi16(a)  _uint64_set_pi16(a, a, a, a)
-#define _uint64_set_pi32(a, b) \
-  (((uint64_t)(uint32_t)a << 32) | \
-   ((uint64_t)(uint32_t)b))
-
-#define get_const_value(index)  (*(__m64 *)&const_value[index])
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/loongson-mmintrin.h b/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/loongson-mmintrin.h
deleted file mode 100644
index db9b35a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/mips64/loongson-mmintrin.h
+++ /dev/null
@@ -1,1334 +0,0 @@
-/*
- * Loongson MMI optimizations for libjpeg-turbo
- *
- * Copyright (C) 2016-2018, Loongson Technology Corporation Limited, BeiJing.
- *                          All Rights Reserved.
- * Copyright (C) 2019, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#ifndef __LOONGSON_MMINTRIN_H__
-#define __LOONGSON_MMINTRIN_H__
-
-#include <stdint.h>
-
-
-#define FUNCTION_ATTRIBS \
-  __attribute__((__gnu_inline__, __always_inline__, __artificial__))
-
-
-/* Vectors are stored in 64-bit floating-point registers. */
-typedef double __m64;
-
-/* Having a 32-bit datatype allows us to use 32-bit loads in places like
-   load8888. */
-typedef float __m32;
-
-
-/********** Set Operations **********/
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_setzero_si64(void)
-{
-  return 0.0;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_set_pi8(uint8_t __b7, uint8_t __b6, uint8_t __b5, uint8_t __b4,
-            uint8_t __b3, uint8_t __b2, uint8_t __b1, uint8_t __b0)
-{
-  __m64 ret;
-  uint32_t lo = ((uint32_t)__b6 << 24) |
-                ((uint32_t)__b4 << 16) |
-                ((uint32_t)__b2 << 8) |
-                (uint32_t)__b0;
-  uint32_t hi = ((uint32_t)__b7 << 24) |
-                ((uint32_t)__b5 << 16) |
-                ((uint32_t)__b3 << 8) |
-                (uint32_t)__b1;
-
-  asm("mtc1      %1, %0\n\t"
-      "mtc1      %2, $f0\n\t"
-      "punpcklbh %0, %0, $f0\n\t"
-      : "=f" (ret)
-      : "r" (lo), "r" (hi)
-      : "$f0"
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_set_pi16(uint16_t __h3, uint16_t __h2, uint16_t __h1, uint16_t __h0)
-{
-  __m64 ret;
-  uint32_t lo = ((uint32_t)__h2 << 16) | (uint32_t)__h0;
-  uint32_t hi = ((uint32_t)__h3 << 16) | (uint32_t)__h1;
-
-  asm("mtc1      %1, %0\n\t"
-      "mtc1      %2, $f0\n\t"
-      "punpcklhw %0, %0, $f0\n\t"
-      : "=f" (ret)
-      : "r" (lo), "r" (hi)
-      : "$f0"
-     );
-
-  return ret;
-}
-
-#define _MM_SHUFFLE(fp3, fp2, fp1, fp0) \
-  (((fp3) << 6) | ((fp2) << 4) | ((fp1) << 2) | (fp0))
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_set_pi32(uint32_t __i1, uint32_t __i0)
-{
-  if (__builtin_constant_p(__i1) && __builtin_constant_p(__i0)) {
-    uint64_t val = ((uint64_t)__i1 << 32) |
-                   ((uint64_t)__i0 <<  0);
-
-    return *(__m64 *)&val;
-  } else if (__i1 == __i0) {
-    uint64_t imm = _MM_SHUFFLE(1, 0, 1, 0);
-    __m64 ret;
-
-    asm("pshufh %0, %1, %2\n\t"
-        : "=f" (ret)
-        : "f" (*(__m32 *)&__i1), "f" (*(__m64 *)&imm)
-       );
-
-    return ret;
-  } else {
-    uint64_t val = ((uint64_t)__i1 << 32) |
-                   ((uint64_t)__i0 <<  0);
-
-    return *(__m64 *)&val;
-  }
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_set1_pi8(uint8_t __b0)
-{
-  __m64 ret;
-
-  asm("sll    $8, %1, 8\n\t"
-      "or     %1, %1, $8\n\t"
-      "mtc1   %1, %0\n\t"
-      "mtc1   $0, $f0\n\t"
-      "pshufh %0, %0, $f0\n\t"
-      : "=f" (ret)
-      : "r" (__b0)
-      : "$8", "$f0"
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_set1_pi16(uint16_t __h0)
-{
-  __m64 ret;
-
-  asm("mtc1   %1, %0\n\t"
-      "mtc1   $0, $f0\n\t"
-      "pshufh %0, %0, $f0\n\t"
-      : "=f" (ret)
-      : "r" (__h0)
-      : "$8", "$f0"
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_set1_pi32(unsigned __i0)
-{
-  return _mm_set_pi32(__i0, __i0);
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_setr_pi8(uint8_t __h0, uint8_t __h1, uint8_t __h2, uint8_t __h3,
-             uint8_t __h4, uint8_t __h5, uint8_t __h6, uint8_t __h7)
-{
-  return _mm_set_pi8(__h7, __h6, __h5, __h4,
-                     __h3, __h2, __h1, __h0);
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_setr_pi16(uint16_t __w0, uint16_t __w1, uint16_t __w2, uint16_t __w3)
-{
-  return _mm_set_pi16(__w3, __w2, __w1, __w0);
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_setr_pi32(uint32_t __i0, uint32_t __i1)
-{
-  return _mm_set_pi32(__i1, __i0);
-}
-
-
-/********** Arithmetic Operations **********/
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_add_pi8(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("paddb %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_add_pi16(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("paddh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_add_pi32(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("paddw %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_add_si64(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("paddd %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_adds_pi8(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("paddsb %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_adds_pi16(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("paddsh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_adds_pu8(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("paddusb %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_adds_pu16(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("paddush %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_avg_pu8(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pavgb %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_avg_pu16(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pavgh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_madd_pi16(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pmaddhw %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_max_pi16(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pmaxsh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_max_pu8(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pmaxub %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_min_pi16(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pminsh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_min_pu8(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pminub %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline int FUNCTION_ATTRIBS
-_mm_movemask_pi8(__m64 __m1)
-{
-  int ret;
-
-  asm("pmovmskb %0, %1\n\t"
-      : "=r" (ret)
-      : "y" (__m1)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_mulhi_pi16(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pmulhh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_mulhi_pu16(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pmulhuh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_mullo_pi16(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pmullh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_mul_pu32(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pmuluw %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_sad_pu8(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("psadbh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_asub_pu8(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pasubub %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_biadd_pu8(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("biadd %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_sub_pi8(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("psubb %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_sub_pi16(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("psubh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_sub_pi32(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("psubw %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_sub_si64(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("psubd %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_subs_pi8(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("psubsb %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_subs_pi16(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("psubsh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_subs_pu8(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("psubusb %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_subs_pu16(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("psubush %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-
-/********** Logical Operations **********/
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_and_si64(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("and %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_andnot_si64(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("andn %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_or_si32(__m32 __m1, __m32 __m2)
-{
-  __m32 ret;
-
-  asm("or %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_or_si64(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("or %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_xor_si64(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("xor %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-
-/********** Shift Operations **********/
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_slli_pi16(__m64 __m, int64_t __count)
-{
-  __m64 ret;
-
-  asm("psllh  %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m), "f" (*(__m64 *)&__count)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_slli_pi32(__m64 __m, int64_t __count)
-{
-  __m64 ret;
-
-  asm("psllw %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m), "f" (*(__m64 *)&__count)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_slli_si64(__m64 __m, int64_t __count)
-{
-  __m64 ret;
-
-  asm("dsll  %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m), "f" (*(__m64 *)&__count)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_srli_pi16(__m64 __m, int64_t __count)
-{
-  __m64 ret;
-
-  asm("psrlh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m), "f" (*(__m64 *)&__count)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_srli_pi32(__m64 __m, int64_t __count)
-{
-  __m64 ret;
-
-  asm("psrlw %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m), "f" (*(__m64 *)&__count)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_srli_si64(__m64 __m, int64_t __count)
-{
-  __m64 ret;
-
-  asm("dsrl  %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m), "f" (*(__m64 *)&__count)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_srai_pi16(__m64 __m, int64_t __count)
-{
-  __m64 ret;
-
-  asm("psrah %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m), "f" (*(__m64 *)&__count)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_srai_pi32(__m64 __m, int64_t __count)
-{
-  __m64 ret;
-
-  asm("psraw %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m), "f" (*(__m64 *)&__count)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_srai_si64(__m64 __m, int64_t __count)
-{
-  __m64 ret;
-
-  asm("dsra %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m), "f" (*(__m64 *)&__count)
-     );
-
-  return ret;
-}
-
-
-/********** Conversion Intrinsics **********/
-
-extern __inline __m64 FUNCTION_ATTRIBS
-to_m64(uint64_t x)
-{
-  return *(__m64 *)&x;
-}
-
-extern __inline uint64_t FUNCTION_ATTRIBS
-to_uint64(__m64 x)
-{
-  return *(uint64_t *)&x;
-}
-
-
-/********** Comparison Intrinsics **********/
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_cmpeq_pi8(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pcmpeqb %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_cmpeq_pi16(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pcmpeqh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_cmpeq_pi32(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pcmpeqw %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_cmpgt_pi8(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pcmpgtb %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_cmpgt_pi16(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pcmpgth %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_cmpgt_pi32(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pcmpgtw %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_cmplt_pi8(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pcmpltb %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_cmplt_pi16(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pcmplth %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_cmplt_pi32(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("pcmpltw %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-
-/********** Miscellaneous Operations **********/
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_packs_pi16(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("packsshb %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_packs_pi32(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("packsswh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_packs_pi32_f(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("packsswh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_packs_pu16(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("packushb %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_extract_pi16(__m64 __m, int64_t __pos)
-{
-  __m64 ret;
-
-  asm("pextrh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m), "f" (*(__m64 *)&__pos)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_insert_pi16(__m64 __m1, __m64 __m2, int64_t __pos)
-{
-  __m64 ret;
-
-  switch (__pos) {
-  case 0:
-
-    asm("pinsrh_0 %0, %1, %2\n\t"
-        : "=f" (ret)
-        : "f" (__m1), "f" (__m2), "i" (__pos)
-       );
-
-    break;
-
-  case 1:
-
-    asm("pinsrh_1 %0, %1, %2\n\t"
-        : "=f" (ret)
-        : "f" (__m1), "f" (__m2), "i" (__pos)
-       );
-
-    break;
-  case 2:
-
-    asm("pinsrh_2 %0, %1, %2\n\t"
-        : "=f" (ret)
-        : "f" (__m1), "f" (__m2), "i" (__pos)
-       );
-
-    break;
-
-  case 3:
-
-    asm("pinsrh_3 %0, %1, %2\n\t"
-        : "=f" (ret)
-        : "f" (__m1), "f" (__m2), "i" (__pos)
-       );
-
-    break;
-  }
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_shuffle_pi16(__m64 __m, int64_t __n)
-{
-  __m64 ret;
-
-  asm("pshufh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m), "f" (*(__m64 *)&__n)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_unpackhi_pi8(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("punpckhbh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_unpackhi_pi8_f(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("punpckhbh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_unpackhi_pi16(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("punpckhhw %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_unpackhi_pi16_f(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("punpckhhw %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_unpackhi_pi32(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("punpckhwd %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_unpacklo_pi8(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("punpcklbh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-/* Since punpcklbh cares about the high 32-bits, we use the __m64 datatype,
-   which preserves the data. */
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_unpacklo_pi8_f64(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("punpcklbh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-/* Since punpcklbh doesn't care about the high 32-bits, we use the __m32,
-   datatype, which allows load8888 to use 32-bit loads. */
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_unpacklo_pi8_f(__m32 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("punpcklbh %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_unpacklo_pi16(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("punpcklhw %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_unpacklo_pi16_f(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("punpcklhw %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_unpacklo_pi32(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("punpcklwd %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_unpacklo_pi32_f(__m64 __m1, __m64 __m2)
-{
-  __m64 ret;
-
-  asm("punpcklwd %0, %1, %2\n\t"
-      : "=f" (ret)
-      : "f" (__m1), "f" (__m2)
-     );
-
-  return ret;
-}
-
-extern __inline void FUNCTION_ATTRIBS
-_mm_store_pi32(__m32 *dest, __m64 src)
-{
-  src = _mm_packs_pu16(src, _mm_setzero_si64());
-
-  asm("swc1 %1, %0\n\t"
-      : "=m" (*dest)
-      : "f" (src)
-      : "memory"
-     );
-}
-
-extern __inline void FUNCTION_ATTRIBS
-_mm_store_si64(__m64 *dest, __m64 src)
-{
-  asm("sdc1 %1, %0 \n\t"
-      : "=m" (*dest)
-      : "f" (src)
-      : "memory"
-     );
-}
-
-extern __inline void FUNCTION_ATTRIBS
-_mm_storeu_si64(__m64 *dest, __m64 src)
-{
-  asm("gssdlc1 %1, 7(%0) \n\t"
-      "gssdrc1 %1, 0(%0) \n\t"
-      :
-      : "r" (dest), "f" (src)
-      : "memory"
-     );
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_load_si32(const __m32 *src)
-{
-  __m32 ret;
-
-  asm("lwc1 %0, %1\n\t"
-      : "=f" (ret)
-      : "m" (*src)
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_load_si64(const __m64 *src)
-{
-  __m64 ret;
-
-  asm("ldc1 %0, %1\n\t"
-      : "=f" (ret)
-      : "m" (*src)
-      : "memory"
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_loadu_si64(const __m64 *src)
-{
-  __m64 ret;
-
-  asm("gsldlc1 %0,  7(%1)\n\t"
-      "gsldrc1 %0,  0(%1)\n\t"
-      : "=f" (ret)
-      : "r" (src)
-      : "memory"
-     );
-
-  return ret;
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_loadlo_pi8(const uint32_t *src)
-{
-  return _mm_unpacklo_pi8_f(*(__m32 *)src, _mm_setzero_si64());
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_loadlo_pi8_f(__m64 src)
-{
-  return _mm_unpacklo_pi8_f64(src, _mm_setzero_si64());
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_loadhi_pi8_f(__m64 src)
-{
-  return _mm_unpackhi_pi8_f(src, _mm_setzero_si64());
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_loadlo_pi16(__m64 src)
-{
-  return _mm_unpacklo_pi16(src, _mm_setzero_si64());
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_loadlo_pi16_f(__m64 src)
-{
-  return _mm_unpacklo_pi16_f(_mm_setzero_si64(), src);
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_loadhi_pi16(__m64 src)
-{
-  return _mm_unpackhi_pi16(src, _mm_setzero_si64());
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_loadhi_pi16_f(__m64 src)
-{
-  return _mm_unpackhi_pi16_f(_mm_setzero_si64(), src);
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_expand_alpha(__m64 pixel)
-{
-  return _mm_shuffle_pi16(pixel, _MM_SHUFFLE(3, 3, 3, 3));
-}
-
-extern __inline __m64 FUNCTION_ATTRIBS
-_mm_expand_alpha_rev(__m64 pixel)
-{
-  return _mm_shuffle_pi16(pixel, _MM_SHUFFLE(0, 0, 0, 0));
-}
-
-#endif  /* __LOONGSON_MMINTRIN_H__ */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/nasm/jcolsamp.inc b/3rdparty/libjpeg-turbo_2_1_0/simd/nasm/jcolsamp.inc
deleted file mode 100644
index 6f6d7f2..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/nasm/jcolsamp.inc
+++ /dev/null
@@ -1,135 +0,0 @@
-;
-; jcolsamp.inc - private declarations for color conversion & up/downsampling
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2015, Intel Corporation.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-
-; --------------------------------------------------------------------------
-
-; pseudo-resisters to make ordering of RGB configurable
-;
-%if RGB_RED == 0
-%define mmA  mm0
-%define mmB  mm1
-%define xmmA  xmm0
-%define xmmB  xmm1
-%define ymmA  ymm0
-%define ymmB  ymm1
-%elif RGB_GREEN == 0
-%define mmA  mm2
-%define mmB  mm3
-%define xmmA  xmm2
-%define xmmB  xmm3
-%define ymmA  ymm2
-%define ymmB  ymm3
-%elif RGB_BLUE == 0
-%define mmA  mm4
-%define mmB  mm5
-%define xmmA  xmm4
-%define xmmB  xmm5
-%define ymmA  ymm4
-%define ymmB  ymm5
-%else
-%define mmA  mm6
-%define mmB  mm7
-%define xmmA  xmm6
-%define xmmB  xmm7
-%define ymmA  ymm6
-%define ymmB  ymm7
-%endif
-
-%if RGB_RED == 1
-%define mmC  mm0
-%define mmD  mm1
-%define xmmC  xmm0
-%define xmmD  xmm1
-%define ymmC  ymm0
-%define ymmD  ymm1
-%elif RGB_GREEN == 1
-%define mmC  mm2
-%define mmD  mm3
-%define xmmC  xmm2
-%define xmmD  xmm3
-%define ymmC  ymm2
-%define ymmD  ymm3
-%elif RGB_BLUE == 1
-%define mmC  mm4
-%define mmD  mm5
-%define xmmC  xmm4
-%define xmmD  xmm5
-%define ymmC  ymm4
-%define ymmD  ymm5
-%else
-%define mmC  mm6
-%define mmD  mm7
-%define xmmC  xmm6
-%define xmmD  xmm7
-%define ymmC  ymm6
-%define ymmD  ymm7
-%endif
-
-%if RGB_RED == 2
-%define mmE  mm0
-%define mmF  mm1
-%define xmmE  xmm0
-%define xmmF  xmm1
-%define ymmE  ymm0
-%define ymmF  ymm1
-%elif RGB_GREEN == 2
-%define mmE  mm2
-%define mmF  mm3
-%define xmmE  xmm2
-%define xmmF  xmm3
-%define ymmE  ymm2
-%define ymmF  ymm3
-%elif RGB_BLUE == 2
-%define mmE  mm4
-%define mmF  mm5
-%define xmmE  xmm4
-%define xmmF  xmm5
-%define ymmE  ymm4
-%define ymmF  ymm5
-%else
-%define mmE  mm6
-%define mmF  mm7
-%define xmmE  xmm6
-%define xmmF  xmm7
-%define ymmE  ymm6
-%define ymmF  ymm7
-%endif
-
-%if RGB_RED == 3
-%define mmG  mm0
-%define mmH  mm1
-%define xmmG  xmm0
-%define xmmH  xmm1
-%define ymmG  ymm0
-%define ymmH  ymm1
-%elif RGB_GREEN == 3
-%define mmG  mm2
-%define mmH  mm3
-%define xmmG  xmm2
-%define xmmH  xmm3
-%define ymmG  ymm2
-%define ymmH  ymm3
-%elif RGB_BLUE == 3
-%define mmG  mm4
-%define mmH  mm5
-%define xmmG  xmm4
-%define xmmH  xmm5
-%define ymmG  ymm4
-%define ymmH  ymm5
-%else
-%define mmG  mm6
-%define mmH  mm7
-%define xmmG  xmm6
-%define xmmH  xmm7
-%define ymmG  ymm6
-%define ymmH  ymm7
-%endif
-
-; --------------------------------------------------------------------------
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/nasm/jdct.inc b/3rdparty/libjpeg-turbo_2_1_0/simd/nasm/jdct.inc
deleted file mode 100644
index 9192f66..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/nasm/jdct.inc
+++ /dev/null
@@ -1,31 +0,0 @@
-;
-; jdct.inc - private declarations for forward & reverse DCT subsystems
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2018, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-
-; Each IDCT routine is responsible for range-limiting its results and
-; converting them to unsigned form (0..MAXJSAMPLE).  The raw outputs could
-; be quite far out of range if the input data is corrupt, so a bulletproof
-; range-limiting step is required.  We use a mask-and-table-lookup method
-; to do the combined operations quickly.
-;
-%define RANGE_MASK  (MAXJSAMPLE * 4 + 3)  ; 2 bits wider than legal samples
-
-%define ROW(n, b, s)  ((b) + (n) * (s))
-%define COL(n, b, s)  ((b) + (n) * (s) * DCTSIZE)
-
-%define DWBLOCK(m, n, b, s) \
-  ((b) + (m) * DCTSIZE * (s) + (n) * SIZEOF_DWORD)
-%define MMBLOCK(m, n, b, s) \
-  ((b) + (m) * DCTSIZE * (s) + (n) * SIZEOF_MMWORD)
-%define XMMBLOCK(m, n, b, s) \
-  ((b) + (m) * DCTSIZE * (s) + (n) * SIZEOF_XMMWORD)
-%define YMMBLOCK(m, n, b, s) \
-  ((b) + (m) * DCTSIZE * (s) + (n) * SIZEOF_YMMWORD)
-
-; --------------------------------------------------------------------------
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/nasm/jsimdcfg.inc b/3rdparty/libjpeg-turbo_2_1_0/simd/nasm/jsimdcfg.inc
deleted file mode 100644
index 667024a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/nasm/jsimdcfg.inc
+++ /dev/null
@@ -1,93 +0,0 @@
-;
-; Automatically generated include file from jsimdcfg.inc.h
-;
-;
-; -- jpeglib.h
-;
-%define DCTSIZE 8
-%define DCTSIZE2 64
-;
-; -- jmorecfg.h
-;
-%define RGB_RED 0
-%define RGB_GREEN 1
-%define RGB_BLUE 2
-%define RGB_PIXELSIZE 3
-%define EXT_RGB_RED 0
-%define EXT_RGB_GREEN 1
-%define EXT_RGB_BLUE 2
-%define EXT_RGB_PIXELSIZE 3
-%define EXT_RGBX_RED 0
-%define EXT_RGBX_GREEN 1
-%define EXT_RGBX_BLUE 2
-%define EXT_RGBX_PIXELSIZE 4
-%define EXT_BGR_RED 2
-%define EXT_BGR_GREEN 1
-%define EXT_BGR_BLUE 0
-%define EXT_BGR_PIXELSIZE 3
-%define EXT_BGRX_RED 2
-%define EXT_BGRX_GREEN 1
-%define EXT_BGRX_BLUE 0
-%define EXT_BGRX_PIXELSIZE 4
-%define EXT_XBGR_RED 3
-%define EXT_XBGR_GREEN 2
-%define EXT_XBGR_BLUE 1
-%define EXT_XBGR_PIXELSIZE 4
-%define EXT_XRGB_RED 1
-%define EXT_XRGB_GREEN 2
-%define EXT_XRGB_BLUE 3
-%define EXT_XRGB_PIXELSIZE 4
-%define RGBX_FILLER_0XFF 1
-; Representation of a single sample (pixel element value).
-; On this SIMD implementation, this must be 'unsigned char'.
-;
-%define JSAMPLE byte ; unsigned char
-%define SIZEOF_JSAMPLE SIZEOF_BYTE ; sizeof(JSAMPLE)
-%define CENTERJSAMPLE 128
-; Representation of a DCT frequency coefficient.
-; On this SIMD implementation, this must be 'short'.
-;
-%define JCOEF word ; short
-%define SIZEOF_JCOEF SIZEOF_WORD ; sizeof(JCOEF)
-; Datatype used for image dimensions.
-; On this SIMD implementation, this must be 'unsigned int'.
-;
-%define JDIMENSION dword ; unsigned int
-%define SIZEOF_JDIMENSION SIZEOF_DWORD ; sizeof(JDIMENSION)
-%define JSAMPROW POINTER ; JSAMPLE * (jpeglib.h)
-%define JSAMPARRAY POINTER ; JSAMPROW * (jpeglib.h)
-%define JSAMPIMAGE POINTER ; JSAMPARRAY * (jpeglib.h)
-%define JCOEFPTR POINTER ; JCOEF * (jpeglib.h)
-%define SIZEOF_JSAMPROW SIZEOF_POINTER ; sizeof(JSAMPROW)
-%define SIZEOF_JSAMPARRAY SIZEOF_POINTER ; sizeof(JSAMPARRAY)
-%define SIZEOF_JSAMPIMAGE SIZEOF_POINTER ; sizeof(JSAMPIMAGE)
-%define SIZEOF_JCOEFPTR SIZEOF_POINTER ; sizeof(JCOEFPTR)
-;
-; -- jdct.h
-;
-; A forward DCT routine is given a pointer to a work area of type DCTELEM[];
-; the DCT is to be performed in-place in that buffer.
-; To maximize parallelism, Type DCTELEM is changed to short (originally, int).
-;
-%define DCTELEM word ; short
-%define SIZEOF_DCTELEM SIZEOF_WORD ; sizeof(DCTELEM)
-%define float FP32 ; float
-%define SIZEOF_FAST_FLOAT SIZEOF_FP32 ; sizeof(float)
-; To maximize parallelism, Type short is changed to short.
-;
-%define ISLOW_MULT_TYPE word ; must be short
-%define SIZEOF_ISLOW_MULT_TYPE SIZEOF_WORD ; sizeof(ISLOW_MULT_TYPE)
-%define IFAST_MULT_TYPE word ; must be short
-%define SIZEOF_IFAST_MULT_TYPE SIZEOF_WORD ; sizeof(IFAST_MULT_TYPE)
-%define IFAST_SCALE_BITS 2 ; fractional bits in scale factors
-%define FLOAT_MULT_TYPE FP32 ; must be float
-%define SIZEOF_FLOAT_MULT_TYPE SIZEOF_FP32 ; sizeof(FLOAT_MULT_TYPE)
-;
-; -- jsimd.h
-;
-%define JSIMD_NONE 0x00
-%define JSIMD_MMX 0x01
-%define JSIMD_3DNOW 0x02
-%define JSIMD_SSE 0x04
-%define JSIMD_SSE2 0x08
-%define JSIMD_AVX2 0x80
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/nasm/jsimdcfg.inc.h b/3rdparty/libjpeg-turbo_2_1_0/simd/nasm/jsimdcfg.inc.h
deleted file mode 100644
index bf2a45a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/nasm/jsimdcfg.inc.h
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * This file generates the include file for the assembly
- * implementations by abusing the C preprocessor.
- *
- * Note: Some things are manually defined as they need to
- * be mapped to NASM types.
- */
-
-;
-; Automatically generated include file from jsimdcfg.inc.h
-;
-
-#define JPEG_INTERNALS
-
-#include "../jpeglib.h"
-#include "../jconfig.h"
-#include "../jmorecfg.h"
-#include "jsimd.h"
-
-;
-; -- jpeglib.h
-;
-
-%define _cpp_protection_DCTSIZE   DCTSIZE
-%define _cpp_protection_DCTSIZE2  DCTSIZE2
-
-;
-; -- jmorecfg.h
-;
-
-%define _cpp_protection_RGB_RED             RGB_RED
-%define _cpp_protection_RGB_GREEN           RGB_GREEN
-%define _cpp_protection_RGB_BLUE            RGB_BLUE
-%define _cpp_protection_RGB_PIXELSIZE       RGB_PIXELSIZE
-
-%define _cpp_protection_EXT_RGB_RED         EXT_RGB_RED
-%define _cpp_protection_EXT_RGB_GREEN       EXT_RGB_GREEN
-%define _cpp_protection_EXT_RGB_BLUE        EXT_RGB_BLUE
-%define _cpp_protection_EXT_RGB_PIXELSIZE   EXT_RGB_PIXELSIZE
-
-%define _cpp_protection_EXT_RGBX_RED        EXT_RGBX_RED
-%define _cpp_protection_EXT_RGBX_GREEN      EXT_RGBX_GREEN
-%define _cpp_protection_EXT_RGBX_BLUE       EXT_RGBX_BLUE
-%define _cpp_protection_EXT_RGBX_PIXELSIZE  EXT_RGBX_PIXELSIZE
-
-%define _cpp_protection_EXT_BGR_RED         EXT_BGR_RED
-%define _cpp_protection_EXT_BGR_GREEN       EXT_BGR_GREEN
-%define _cpp_protection_EXT_BGR_BLUE        EXT_BGR_BLUE
-%define _cpp_protection_EXT_BGR_PIXELSIZE   EXT_BGR_PIXELSIZE
-
-%define _cpp_protection_EXT_BGRX_RED        EXT_BGRX_RED
-%define _cpp_protection_EXT_BGRX_GREEN      EXT_BGRX_GREEN
-%define _cpp_protection_EXT_BGRX_BLUE       EXT_BGRX_BLUE
-%define _cpp_protection_EXT_BGRX_PIXELSIZE  EXT_BGRX_PIXELSIZE
-
-%define _cpp_protection_EXT_XBGR_RED        EXT_XBGR_RED
-%define _cpp_protection_EXT_XBGR_GREEN      EXT_XBGR_GREEN
-%define _cpp_protection_EXT_XBGR_BLUE       EXT_XBGR_BLUE
-%define _cpp_protection_EXT_XBGR_PIXELSIZE  EXT_XBGR_PIXELSIZE
-
-%define _cpp_protection_EXT_XRGB_RED        EXT_XRGB_RED
-%define _cpp_protection_EXT_XRGB_GREEN      EXT_XRGB_GREEN
-%define _cpp_protection_EXT_XRGB_BLUE       EXT_XRGB_BLUE
-%define _cpp_protection_EXT_XRGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-
-%define RGBX_FILLER_0XFF  1
-
-; Representation of a single sample (pixel element value).
-; On this SIMD implementation, this must be 'unsigned char'.
-;
-
-%define JSAMPLE            byte            ; unsigned char
-%define SIZEOF_JSAMPLE     SIZEOF_BYTE     ; sizeof(JSAMPLE)
-
-%define _cpp_protection_CENTERJSAMPLE  CENTERJSAMPLE
-
-; Representation of a DCT frequency coefficient.
-; On this SIMD implementation, this must be 'short'.
-;
-%define JCOEF              word            ; short
-%define SIZEOF_JCOEF       SIZEOF_WORD     ; sizeof(JCOEF)
-
-; Datatype used for image dimensions.
-; On this SIMD implementation, this must be 'unsigned int'.
-;
-%define JDIMENSION         dword           ; unsigned int
-%define SIZEOF_JDIMENSION  SIZEOF_DWORD    ; sizeof(JDIMENSION)
-
-%define JSAMPROW           POINTER         ; JSAMPLE *     (jpeglib.h)
-%define JSAMPARRAY         POINTER         ; JSAMPROW *    (jpeglib.h)
-%define JSAMPIMAGE         POINTER         ; JSAMPARRAY *  (jpeglib.h)
-%define JCOEFPTR           POINTER         ; JCOEF *       (jpeglib.h)
-%define SIZEOF_JSAMPROW    SIZEOF_POINTER  ; sizeof(JSAMPROW)
-%define SIZEOF_JSAMPARRAY  SIZEOF_POINTER  ; sizeof(JSAMPARRAY)
-%define SIZEOF_JSAMPIMAGE  SIZEOF_POINTER  ; sizeof(JSAMPIMAGE)
-%define SIZEOF_JCOEFPTR    SIZEOF_POINTER  ; sizeof(JCOEFPTR)
-
-;
-; -- jdct.h
-;
-
-; A forward DCT routine is given a pointer to a work area of type DCTELEM[];
-; the DCT is to be performed in-place in that buffer.
-; To maximize parallelism, Type DCTELEM is changed to short (originally, int).
-;
-%define DCTELEM                 word         ; short
-%define SIZEOF_DCTELEM          SIZEOF_WORD  ; sizeof(DCTELEM)
-
-%define FAST_FLOAT              FP32         ; float
-%define SIZEOF_FAST_FLOAT       SIZEOF_FP32  ; sizeof(FAST_FLOAT)
-
-; To maximize parallelism, Type MULTIPLIER is changed to short.
-;
-%define ISLOW_MULT_TYPE         word         ; must be short
-%define SIZEOF_ISLOW_MULT_TYPE  SIZEOF_WORD  ; sizeof(ISLOW_MULT_TYPE)
-
-%define IFAST_MULT_TYPE         word         ; must be short
-%define SIZEOF_IFAST_MULT_TYPE  SIZEOF_WORD  ; sizeof(IFAST_MULT_TYPE)
-%define IFAST_SCALE_BITS        2            ; fractional bits in scale factors
-
-%define FLOAT_MULT_TYPE         FP32         ; must be float
-%define SIZEOF_FLOAT_MULT_TYPE  SIZEOF_FP32  ; sizeof(FLOAT_MULT_TYPE)
-
-;
-; -- jsimd.h
-;
-
-%define _cpp_protection_JSIMD_NONE   JSIMD_NONE
-%define _cpp_protection_JSIMD_MMX    JSIMD_MMX
-%define _cpp_protection_JSIMD_3DNOW  JSIMD_3DNOW
-%define _cpp_protection_JSIMD_SSE    JSIMD_SSE
-%define _cpp_protection_JSIMD_SSE2   JSIMD_SSE2
-%define _cpp_protection_JSIMD_AVX2   JSIMD_AVX2
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/nasm/jsimdext.inc b/3rdparty/libjpeg-turbo_2_1_0/simd/nasm/jsimdext.inc
deleted file mode 100644
index e8d50b0..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/nasm/jsimdext.inc
+++ /dev/null
@@ -1,520 +0,0 @@
-;
-; jsimdext.inc - common declarations
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2010, 2016, 2018-2019, D. R. Commander.
-; Copyright (C) 2018, Matthieu Darbois.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library - version 1.02
-;
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-;
-; This software is provided 'as-is', without any express or implied
-; warranty.  In no event will the authors be held liable for any damages
-; arising from the use of this software.
-;
-; Permission is granted to anyone to use this software for any purpose,
-; including commercial applications, and to alter it and redistribute it
-; freely, subject to the following restrictions:
-;
-; 1. The origin of this software must not be misrepresented; you must not
-;    claim that you wrote the original software. If you use this software
-;    in a product, an acknowledgment in the product documentation would be
-;    appreciated but is not required.
-; 2. Altered source versions must be plainly marked as such, and must not be
-;    misrepresented as being the original software.
-; 3. This notice may not be removed or altered from any source distribution.
-
-; ==========================================================================
-;  System-dependent configurations
-
-%ifdef WIN32    ; ----(nasm -fwin32 -DWIN32 ...)--------
-; * Microsoft Visual C++
-; * MinGW (Minimalist GNU for Windows)
-; * CygWin
-; * LCC-Win32
-
-; -- segment definition --
-;
-%ifdef __YASM_VER__
-%define SEG_TEXT   .text  align=32
-%define SEG_CONST  .rdata align=32
-%else
-%define SEG_TEXT   .text  align=32 public use32 class=CODE
-%define SEG_CONST  .rdata align=32 public use32 class=CONST
-%endif
-
-%elifdef WIN64  ; ----(nasm -fwin64 -DWIN64 ...)--------
-; * Microsoft Visual C++
-
-; -- segment definition --
-;
-%ifdef __YASM_VER__
-%define SEG_TEXT    .text  align=32
-%define SEG_CONST   .rdata align=32
-%else
-%define SEG_TEXT    .text  align=32 public use64 class=CODE
-%define SEG_CONST   .rdata align=32 public use64 class=CONST
-%endif
-%define EXTN(name)  name                ; foo() -> foo
-
-%elifdef OBJ32  ; ----(nasm -fobj -DOBJ32 ...)----------
-; * Borland C++ (Win32)
-
-; -- segment definition --
-;
-%define SEG_TEXT   _text align=32 public use32 class=CODE
-%define SEG_CONST  _data align=32 public use32 class=DATA
-
-%elifdef ELF    ; ----(nasm -felf[64] -DELF ...)------------
-; * Linux
-; * *BSD family Unix using elf format
-; * Unix System V, including Solaris x86, UnixWare and SCO Unix
-
-; mark stack as non-executable
-section .note.GNU-stack noalloc noexec nowrite progbits
-
-; -- segment definition --
-;
-%ifdef __x86_64__
-%define SEG_TEXT   .text   progbits align=32
-%define SEG_CONST  .rodata progbits align=32
-%else
-%define SEG_TEXT   .text   progbits alloc exec   nowrite align=32
-%define SEG_CONST  .rodata progbits alloc noexec nowrite align=32
-%endif
-
-; To make the code position-independent, append -DPIC to the commandline
-;
-%define GOT_SYMBOL  _GLOBAL_OFFSET_TABLE_  ; ELF supports PIC
-%define EXTN(name)  name                   ; foo() -> foo
-
-%elifdef AOUT   ; ----(nasm -faoutb/aout -DAOUT ...)----
-; * Older Linux using a.out format  (nasm -f aout -DAOUT ...)
-; * *BSD family Unix using a.out format  (nasm -f aoutb -DAOUT ...)
-
-; -- segment definition --
-;
-%define SEG_TEXT   .text
-%define SEG_CONST  .data
-
-; To make the code position-independent, append -DPIC to the commandline
-;
-%define GOT_SYMBOL  __GLOBAL_OFFSET_TABLE_  ; BSD-style a.out supports PIC
-
-%elifdef MACHO  ; ----(nasm -fmacho -DMACHO ...)--------
-; * NeXTstep/OpenStep/Rhapsody/Darwin/MacOS X (Mach-O format)
-
-; -- segment definition --
-;
-%define SEG_TEXT   .text  ;align=32     ; nasm doesn't accept align=32. why?
-%define SEG_CONST  .rodata align=32
-
-; The generation of position-independent code (PIC) is the default on Darwin.
-;
-%define PIC
-%define GOT_SYMBOL  _MACHO_PIC_         ; Mach-O style code-relative addressing
-
-%else           ; ----(Other case)----------------------
-
-; -- segment definition --
-;
-%define SEG_TEXT   .text
-%define SEG_CONST  .data
-
-%endif          ; ----------------------------------------------
-
-; ==========================================================================
-
-; --------------------------------------------------------------------------
-;  Common types
-;
-%ifdef __x86_64__
-%ifnidn __OUTPUT_FORMAT__, elfx32
-%define POINTER         qword           ; general pointer type
-%define SIZEOF_POINTER  SIZEOF_QWORD    ; sizeof(POINTER)
-%define POINTER_BIT     QWORD_BIT       ; sizeof(POINTER)*BYTE_BIT
-%define resp            resq
-%define dp              dq
-%define raxp            rax
-%define rbxp            rbx
-%define rcxp            rcx
-%define rdxp            rdx
-%define rsip            rsi
-%define rdip            rdi
-%define rbpp            rbp
-%define rspp            rsp
-%define r8p             r8
-%define r9p             r9
-%define r10p            r10
-%define r11p            r11
-%define r12p            r12
-%define r13p            r13
-%define r14p            r14
-%define r15p            r15
-%endif
-%endif
-%ifndef raxp
-%define POINTER         dword           ; general pointer type
-%define SIZEOF_POINTER  SIZEOF_DWORD    ; sizeof(POINTER)
-%define POINTER_BIT     DWORD_BIT       ; sizeof(POINTER)*BYTE_BIT
-%define resp            resd
-%define dp              dd
-; x86_64 ILP32 ABI (x32)
-%define raxp            eax
-%define rbxp            ebx
-%define rcxp            ecx
-%define rdxp            edx
-%define rsip            esi
-%define rdip            edi
-%define rbpp            ebp
-%define rspp            esp
-%define r8p             r8d
-%define r9p             r9d
-%define r10p            r10d
-%define r11p            r11d
-%define r12p            r12d
-%define r13p            r13d
-%define r14p            r14d
-%define r15p            r15d
-%endif
-
-%define INT             dword           ; signed integer type
-%define SIZEOF_INT      SIZEOF_DWORD    ; sizeof(INT)
-%define INT_BIT         DWORD_BIT       ; sizeof(INT)*BYTE_BIT
-
-%define FP32            dword           ; IEEE754 single
-%define SIZEOF_FP32     SIZEOF_DWORD    ; sizeof(FP32)
-%define FP32_BIT        DWORD_BIT       ; sizeof(FP32)*BYTE_BIT
-
-%define MMWORD          qword           ; int64  (MMX register)
-%define SIZEOF_MMWORD   SIZEOF_QWORD    ; sizeof(MMWORD)
-%define MMWORD_BIT      QWORD_BIT       ; sizeof(MMWORD)*BYTE_BIT
-
-; NASM is buggy and doesn't properly handle operand sizes for SSE
-; instructions, so for now we have to define XMMWORD as blank.
-%define XMMWORD                         ; int128 (SSE register)
-%define SIZEOF_XMMWORD  SIZEOF_OWORD    ; sizeof(XMMWORD)
-%define XMMWORD_BIT     OWORD_BIT       ; sizeof(XMMWORD)*BYTE_BIT
-
-%define YMMWORD                         ; int256 (AVX register)
-%define SIZEOF_YMMWORD  SIZEOF_YWORD    ; sizeof(YMMWORD)
-%define YMMWORD_BIT     YWORD_BIT       ; sizeof(YMMWORD)*BYTE_BIT
-
-; Similar hacks for when we load a dword or MMWORD into an xmm# register
-%define XMM_DWORD
-%define XMM_MMWORD
-
-%define SIZEOF_BYTE   1                 ; sizeof(byte)
-%define SIZEOF_WORD   2                 ; sizeof(word)
-%define SIZEOF_DWORD  4                 ; sizeof(dword)
-%define SIZEOF_QWORD  8                 ; sizeof(qword)
-%define SIZEOF_OWORD  16                ; sizeof(oword)
-%define SIZEOF_YWORD  32                ; sizeof(yword)
-
-%define BYTE_BIT      8                 ; CHAR_BIT in C
-%define WORD_BIT      16                ; sizeof(word)*BYTE_BIT
-%define DWORD_BIT     32                ; sizeof(dword)*BYTE_BIT
-%define QWORD_BIT     64                ; sizeof(qword)*BYTE_BIT
-%define OWORD_BIT     128               ; sizeof(oword)*BYTE_BIT
-%define YWORD_BIT     256               ; sizeof(yword)*BYTE_BIT
-
-; --------------------------------------------------------------------------
-;  External Symbol Name
-;
-%ifndef EXTN
-%define EXTN(name)  _ %+ name           ; foo() -> _foo
-%endif
-
-; --------------------------------------------------------------------------
-;  Hidden symbols
-;
-%ifdef ELF      ; ----(nasm -felf[64] -DELF ...)--------
-%define GLOBAL_FUNCTION(name)  global EXTN(name):function hidden
-%define GLOBAL_DATA(name)      global EXTN(name):data hidden
-%elifdef MACHO  ; ----(nasm -fmacho -DMACHO ...)--------
-%ifdef __YASM_VER__
-%define GLOBAL_FUNCTION(name)  global EXTN(name):private_extern
-%define GLOBAL_DATA(name)      global EXTN(name):private_extern
-%else
-%if __NASM_VERSION_ID__ >= 0x020E0000
-%define GLOBAL_FUNCTION(name)  global EXTN(name):private_extern
-%define GLOBAL_DATA(name)      global EXTN(name):private_extern
-%endif
-%endif
-%endif
-
-%ifndef GLOBAL_FUNCTION
-%define GLOBAL_FUNCTION(name)  global EXTN(name)
-%endif
-%ifndef GLOBAL_DATA
-%define GLOBAL_DATA(name)      global EXTN(name)
-%endif
-
-; --------------------------------------------------------------------------
-;  Macros for position-independent code (PIC) support
-;
-%ifndef GOT_SYMBOL
-%undef PIC
-%endif
-
-%ifdef PIC  ; -------------------------------------------
-
-%ifidn GOT_SYMBOL, _MACHO_PIC_  ; --------------------
-
-; At present, nasm doesn't seem to support PIC generation for Mach-O.
-; The PIC support code below is a little tricky.
-
-    SECTION     SEG_CONST
-const_base:
-
-%define GOTOFF(got, sym)  (got) + (sym) - const_base
-
-%imacro get_GOT 1
-    ; NOTE: this macro destroys ecx resister.
-    call        %%geteip
-    add         ecx, byte (%%ref - $)
-    jmp         short %%adjust
-%%geteip:
-    mov         ecx, POINTER [esp]
-    ret
-%%adjust:
-    push        ebp
-    xor         ebp, ebp                ; ebp = 0
-%ifidni %1, ebx  ; (%1 == ebx)
-    ; db 0x8D,0x9C + jmp near const_base =
-    ;   lea ebx, [ecx+ebp*8+(const_base-%%ref)] ; 8D,9C,E9,(offset32)
-    db          0x8D, 0x9C              ; 8D,9C
-    jmp         near const_base         ; E9,(const_base-%%ref)
-%%ref:
-%else  ; (%1 != ebx)
-    ; db 0x8D,0x8C + jmp near const_base =
-    ;   lea ecx, [ecx+ebp*8+(const_base-%%ref)] ; 8D,8C,E9,(offset32)
-    db          0x8D, 0x8C              ; 8D,8C
-    jmp         near const_base         ; E9,(const_base-%%ref)
-%%ref:
-    mov         %1, ecx
-%endif  ; (%1 == ebx)
-    pop         ebp
-%endmacro
-
-%else     ; GOT_SYMBOL != _MACHO_PIC_ ----------------
-
-%define GOTOFF(got, sym)  (got) + (sym) wrt ..gotoff
-
-%imacro get_GOT 1
-    extern      GOT_SYMBOL
-    call        %%geteip
-    add         %1, GOT_SYMBOL + $$ - $ wrt ..gotpc
-    jmp         short %%done
-%%geteip:
-    mov         %1, POINTER [esp]
-    ret
-%%done:
-%endmacro
-
-%endif    ; GOT_SYMBOL == _MACHO_PIC_ ----------------
-
-%imacro pushpic 1.nolist
-    push        %1
-%endmacro
-%imacro poppic  1.nolist
-    pop         %1
-%endmacro
-%imacro movpic  2.nolist
-    mov         %1, %2
-%endmacro
-
-%else    ; !PIC -----------------------------------------
-
-%define GOTOFF(got, sym)  (sym)
-
-%imacro get_GOT 1.nolist
-%endmacro
-%imacro pushpic 1.nolist
-%endmacro
-%imacro poppic  1.nolist
-%endmacro
-%imacro movpic  2.nolist
-%endmacro
-
-%endif   ;  PIC -----------------------------------------
-
-; --------------------------------------------------------------------------
-;  Align the next instruction on {2,4,8,16,..}-byte boundary.
-;  ".balign n,,m" in GNU as
-;
-%define MSKLE(x, y)  (~(((y) & 0xFFFF) - ((x) & 0xFFFF)) >> 16)
-%define FILLB(b, n)  (($$-(b)) & ((n)-1))
-
-%imacro alignx 1-2.nolist 0xFFFF
-%%bs: \
-  times MSKLE(FILLB(%%bs, %1), %2) & MSKLE(16, FILLB($, %1)) & FILLB($, %1) \
-        db 0x90                                      ; nop
-  times MSKLE(FILLB(%%bs, %1), %2) & FILLB($, %1) / 9 \
-        db 0x8D, 0x9C, 0x23, 0x00, 0x00, 0x00, 0x00  ; lea ebx,[ebx+0x00000000]
-  times MSKLE(FILLB(%%bs, %1), %2) & FILLB($, %1) / 7 \
-        db 0x8D, 0xAC, 0x25, 0x00, 0x00, 0x00, 0x00  ; lea ebp,[ebp+0x00000000]
-  times MSKLE(FILLB(%%bs, %1), %2) & FILLB($, %1) / 6 \
-        db 0x8D, 0xAD, 0x00, 0x00, 0x00, 0x00        ; lea ebp,[ebp+0x00000000]
-  times MSKLE(FILLB(%%bs, %1), %2) & FILLB($, %1) / 4 \
-        db 0x8D, 0x6C, 0x25, 0x00                    ; lea ebp,[ebp+0x00]
-  times MSKLE(FILLB(%%bs, %1), %2) & FILLB($, %1) / 3 \
-        db 0x8D, 0x6D, 0x00                          ; lea ebp,[ebp+0x00]
-  times MSKLE(FILLB(%%bs, %1), %2) & FILLB($, %1) / 2 \
-        db 0x8B, 0xED                                ; mov ebp,ebp
-  times MSKLE(FILLB(%%bs, %1), %2) & FILLB($, %1) / 1 \
-        db 0x90                                      ; nop
-%endmacro
-
-; Align the next data on {2,4,8,16,..}-byte boundary.
-;
-%imacro alignz 1.nolist
-    align       %1, db 0                ; filling zeros
-%endmacro
-
-%ifdef __x86_64__
-
-%ifdef WIN64
-
-%imacro collect_args 1
-    sub         rsp, SIZEOF_XMMWORD
-    movaps      XMMWORD [rsp], xmm6
-    sub         rsp, SIZEOF_XMMWORD
-    movaps      XMMWORD [rsp], xmm7
-    mov         r10, rcx
-%if %1 > 1
-    mov         r11, rdx
-%endif
-%if %1 > 2
-    push        r12
-    mov         r12, r8
-%endif
-%if %1 > 3
-    push        r13
-    mov         r13, r9
-%endif
-%if %1 > 4
-    push        r14
-    mov         r14, [rax+48]
-%endif
-%if %1 > 5
-    push        r15
-    mov         r15, [rax+56]
-%endif
-    push        rsi
-    push        rdi
-%endmacro
-
-%imacro uncollect_args 1
-    pop         rdi
-    pop         rsi
-%if %1 > 5
-    pop         r15
-%endif
-%if %1 > 4
-    pop         r14
-%endif
-%if %1 > 3
-    pop         r13
-%endif
-%if %1 > 2
-    pop         r12
-%endif
-    movaps      xmm7, XMMWORD [rsp]
-    add         rsp, SIZEOF_XMMWORD
-    movaps      xmm6, XMMWORD [rsp]
-    add         rsp, SIZEOF_XMMWORD
-%endmacro
-
-%imacro push_xmm 1
-    sub         rsp, %1 * SIZEOF_XMMWORD
-    movaps      XMMWORD [rsp+0*SIZEOF_XMMWORD], xmm8
-%if %1 > 1
-    movaps      XMMWORD [rsp+1*SIZEOF_XMMWORD], xmm9
-%endif
-%if %1 > 2
-    movaps      XMMWORD [rsp+2*SIZEOF_XMMWORD], xmm10
-%endif
-%if %1 > 3
-    movaps      XMMWORD [rsp+3*SIZEOF_XMMWORD], xmm11
-%endif
-%endmacro
-
-%imacro pop_xmm 1
-    movaps      xmm8, XMMWORD [rsp+0*SIZEOF_XMMWORD]
-%if %1 > 1
-    movaps      xmm9, XMMWORD [rsp+1*SIZEOF_XMMWORD]
-%endif
-%if %1 > 2
-    movaps      xmm10, XMMWORD [rsp+2*SIZEOF_XMMWORD]
-%endif
-%if %1 > 3
-    movaps      xmm11, XMMWORD [rsp+3*SIZEOF_XMMWORD]
-%endif
-    add         rsp, %1 * SIZEOF_XMMWORD
-%endmacro
-
-%else
-
-%imacro collect_args 1
-    push        r10
-    mov         r10, rdi
-%if %1 > 1
-    push        r11
-    mov         r11, rsi
-%endif
-%if %1 > 2
-    push        r12
-    mov         r12, rdx
-%endif
-%if %1 > 3
-    push        r13
-    mov         r13, rcx
-%endif
-%if %1 > 4
-    push        r14
-    mov         r14, r8
-%endif
-%if %1 > 5
-    push        r15
-    mov         r15, r9
-%endif
-%endmacro
-
-%imacro uncollect_args 1
-%if %1 > 5
-    pop         r15
-%endif
-%if %1 > 4
-    pop         r14
-%endif
-%if %1 > 3
-    pop         r13
-%endif
-%if %1 > 2
-    pop         r12
-%endif
-%if %1 > 1
-    pop         r11
-%endif
-    pop         r10
-%endmacro
-
-%imacro push_xmm 1
-%endmacro
-
-%imacro pop_xmm 1
-%endmacro
-
-%endif
-
-%endif
-
-; --------------------------------------------------------------------------
-;  Defines picked up from the C headers
-;
-%include "jsimdcfg.inc"
-
-; --------------------------------------------------------------------------
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jccolext-altivec.c b/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jccolext-altivec.c
deleted file mode 100644
index 170f90f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jccolext-altivec.c
+++ /dev/null
@@ -1,269 +0,0 @@
-/*
- * AltiVec optimizations for libjpeg-turbo
- *
- * Copyright (C) 2014-2015, D. R. Commander.  All Rights Reserved.
- * Copyright (C) 2014, Jay Foad.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* This file is included by jccolor-altivec.c */
-
-
-void jsimd_rgb_ycc_convert_altivec(JDIMENSION img_width, JSAMPARRAY input_buf,
-                                   JSAMPIMAGE output_buf,
-                                   JDIMENSION output_row, int num_rows)
-{
-  JSAMPROW inptr, outptr0, outptr1, outptr2;
-  int pitch = img_width * RGB_PIXELSIZE, num_cols;
-#if __BIG_ENDIAN__
-  int offset;
-#endif
-  unsigned char __attribute__((aligned(16))) tmpbuf[RGB_PIXELSIZE * 16];
-
-  __vector unsigned char rgb0, rgb1 = { 0 }, rgb2 = { 0 },
-    rgbg0, rgbg1, rgbg2, rgbg3, y, cb, cr;
-#if __BIG_ENDIAN__ || RGB_PIXELSIZE == 4
-  __vector unsigned char rgb3 = { 0 };
-#endif
-#if __BIG_ENDIAN__ && RGB_PIXELSIZE == 4
-  __vector unsigned char rgb4 = { 0 };
-#endif
-  __vector short rg0, rg1, rg2, rg3, bg0, bg1, bg2, bg3;
-  __vector unsigned short yl, yh, crl, crh, cbl, cbh;
-  __vector int y0, y1, y2, y3, cr0, cr1, cr2, cr3, cb0, cb1, cb2, cb3;
-
-  /* Constants */
-  __vector short pw_f0299_f0337 = { __4X2(F_0_299, F_0_337) },
-    pw_f0114_f0250 = { __4X2(F_0_114, F_0_250) },
-    pw_mf016_mf033 = { __4X2(-F_0_168, -F_0_331) },
-    pw_mf008_mf041 = { __4X2(-F_0_081, -F_0_418) };
-  __vector unsigned short pw_f050_f000 = { __4X2(F_0_500, 0) };
-  __vector int pd_onehalf = { __4X(ONE_HALF) },
-    pd_onehalfm1_cj = { __4X(ONE_HALF - 1 + (CENTERJSAMPLE << SCALEBITS)) };
-  __vector unsigned char pb_zero = { __16X(0) },
-#if __BIG_ENDIAN__
-    shift_pack_index =
-      {  0,  1,  4,  5,  8,  9, 12, 13, 16, 17, 20, 21, 24, 25, 28, 29 };
-#else
-    shift_pack_index =
-      {  2,  3,  6,  7, 10, 11, 14, 15, 18, 19, 22, 23, 26, 27, 30, 31 };
-#endif
-
-  while (--num_rows >= 0) {
-    inptr = *input_buf++;
-    outptr0 = output_buf[0][output_row];
-    outptr1 = output_buf[1][output_row];
-    outptr2 = output_buf[2][output_row];
-    output_row++;
-
-    for (num_cols = pitch; num_cols > 0;
-         num_cols -= RGB_PIXELSIZE * 16, inptr += RGB_PIXELSIZE * 16,
-         outptr0 += 16, outptr1 += 16, outptr2 += 16) {
-
-#if __BIG_ENDIAN__
-      /* Load 16 pixels == 48 or 64 bytes */
-      offset = (size_t)inptr & 15;
-      if (offset) {
-        __vector unsigned char unaligned_shift_index;
-        int bytes = num_cols + offset;
-
-        if (bytes < (RGB_PIXELSIZE + 1) * 16 && (bytes & 15)) {
-          /* Slow path to prevent buffer overread.  Since there is no way to
-           * read a partial AltiVec register, overread would occur on the last
-           * chunk of the last image row if the right edge is not on a 16-byte
-           * boundary.  It could also occur on other rows if the bytes per row
-           * is low enough.  Since we can't determine whether we're on the last
-           * image row, we have to assume every row is the last.
-           */
-          memcpy(tmpbuf, inptr, min(num_cols, RGB_PIXELSIZE * 16));
-          rgb0 = vec_ld(0, tmpbuf);
-          rgb1 = vec_ld(16, tmpbuf);
-          rgb2 = vec_ld(32, tmpbuf);
-#if RGB_PIXELSIZE == 4
-          rgb3 = vec_ld(48, tmpbuf);
-#endif
-        } else {
-          /* Fast path */
-          rgb0 = vec_ld(0, inptr);
-          if (bytes > 16)
-            rgb1 = vec_ld(16, inptr);
-          if (bytes > 32)
-            rgb2 = vec_ld(32, inptr);
-          if (bytes > 48)
-            rgb3 = vec_ld(48, inptr);
-#if RGB_PIXELSIZE == 4
-          if (bytes > 64)
-            rgb4 = vec_ld(64, inptr);
-#endif
-          unaligned_shift_index = vec_lvsl(0, inptr);
-          rgb0 = vec_perm(rgb0, rgb1, unaligned_shift_index);
-          rgb1 = vec_perm(rgb1, rgb2, unaligned_shift_index);
-          rgb2 = vec_perm(rgb2, rgb3, unaligned_shift_index);
-#if RGB_PIXELSIZE == 4
-          rgb3 = vec_perm(rgb3, rgb4, unaligned_shift_index);
-#endif
-        }
-      } else {
-#endif /* __BIG_ENDIAN__ */
-        if (num_cols < RGB_PIXELSIZE * 16 && (num_cols & 15)) {
-          /* Slow path */
-          memcpy(tmpbuf, inptr, min(num_cols, RGB_PIXELSIZE * 16));
-          rgb0 = VEC_LD(0, tmpbuf);
-          rgb1 = VEC_LD(16, tmpbuf);
-          rgb2 = VEC_LD(32, tmpbuf);
-#if RGB_PIXELSIZE == 4
-          rgb3 = VEC_LD(48, tmpbuf);
-#endif
-        } else {
-          /* Fast path */
-          rgb0 = VEC_LD(0, inptr);
-          if (num_cols > 16)
-            rgb1 = VEC_LD(16, inptr);
-          if (num_cols > 32)
-            rgb2 = VEC_LD(32, inptr);
-#if RGB_PIXELSIZE == 4
-          if (num_cols > 48)
-            rgb3 = VEC_LD(48, inptr);
-#endif
-        }
-#if __BIG_ENDIAN__
-      }
-#endif
-
-#if RGB_PIXELSIZE == 3
-      /* rgb0 = R0 G0 B0 R1 G1 B1 R2 G2 B2 R3 G3 B3 R4 G4 B4 R5
-       * rgb1 = G5 B5 R6 G6 B6 R7 G7 B7 R8 G8 B8 R9 G9 B9 Ra Ga
-       * rgb2 = Ba Rb Gb Bb Rc Gc Bc Rd Gd Bd Re Ge Be Rf Gf Bf
-       *
-       * rgbg0 = R0 G0 R1 G1 R2 G2 R3 G3 B0 G0 B1 G1 B2 G2 B3 G3
-       * rgbg1 = R4 G4 R5 G5 R6 G6 R7 G7 B4 G4 B5 G5 B6 G6 B7 G7
-       * rgbg2 = R8 G8 R9 G9 Ra Ga Rb Gb B8 G8 B9 G9 Ba Ga Bb Gb
-       * rgbg3 = Rc Gc Rd Gd Re Ge Rf Gf Bc Gc Bd Gd Be Ge Bf Gf
-       */
-      rgbg0 = vec_perm(rgb0, rgb0, (__vector unsigned char)RGBG_INDEX0);
-      rgbg1 = vec_perm(rgb0, rgb1, (__vector unsigned char)RGBG_INDEX1);
-      rgbg2 = vec_perm(rgb1, rgb2, (__vector unsigned char)RGBG_INDEX2);
-      rgbg3 = vec_perm(rgb2, rgb2, (__vector unsigned char)RGBG_INDEX3);
-#else
-      /* rgb0 = R0 G0 B0 X0 R1 G1 B1 X1 R2 G2 B2 X2 R3 G3 B3 X3
-       * rgb1 = R4 G4 B4 X4 R5 G5 B5 X5 R6 G6 B6 X6 R7 G7 B7 X7
-       * rgb2 = R8 G8 B8 X8 R9 G9 B9 X9 Ra Ga Ba Xa Rb Gb Bb Xb
-       * rgb3 = Rc Gc Bc Xc Rd Gd Bd Xd Re Ge Be Xe Rf Gf Bf Xf
-       *
-       * rgbg0 = R0 G0 R1 G1 R2 G2 R3 G3 B0 G0 B1 G1 B2 G2 B3 G3
-       * rgbg1 = R4 G4 R5 G5 R6 G6 R7 G7 B4 G4 B5 G5 B6 G6 B7 G7
-       * rgbg2 = R8 G8 R9 G9 Ra Ga Rb Gb B8 G8 B9 G9 Ba Ga Bb Gb
-       * rgbg3 = Rc Gc Rd Gd Re Ge Rf Gf Bc Gc Bd Gd Be Ge Bf Gf
-       */
-      rgbg0 = vec_perm(rgb0, rgb0, (__vector unsigned char)RGBG_INDEX);
-      rgbg1 = vec_perm(rgb1, rgb1, (__vector unsigned char)RGBG_INDEX);
-      rgbg2 = vec_perm(rgb2, rgb2, (__vector unsigned char)RGBG_INDEX);
-      rgbg3 = vec_perm(rgb3, rgb3, (__vector unsigned char)RGBG_INDEX);
-#endif
-
-      /* rg0 = R0 G0 R1 G1 R2 G2 R3 G3
-       * bg0 = B0 G0 B1 G1 B2 G2 B3 G3
-       * ...
-       *
-       * NOTE: We have to use vec_merge*() here because vec_unpack*() doesn't
-       * support unsigned vectors.
-       */
-      rg0 = (__vector signed short)VEC_UNPACKHU(rgbg0);
-      bg0 = (__vector signed short)VEC_UNPACKLU(rgbg0);
-      rg1 = (__vector signed short)VEC_UNPACKHU(rgbg1);
-      bg1 = (__vector signed short)VEC_UNPACKLU(rgbg1);
-      rg2 = (__vector signed short)VEC_UNPACKHU(rgbg2);
-      bg2 = (__vector signed short)VEC_UNPACKLU(rgbg2);
-      rg3 = (__vector signed short)VEC_UNPACKHU(rgbg3);
-      bg3 = (__vector signed short)VEC_UNPACKLU(rgbg3);
-
-      /* (Original)
-       * Y  =  0.29900 * R + 0.58700 * G + 0.11400 * B
-       * Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B + CENTERJSAMPLE
-       * Cr =  0.50000 * R - 0.41869 * G - 0.08131 * B + CENTERJSAMPLE
-       *
-       * (This implementation)
-       * Y  =  0.29900 * R + 0.33700 * G + 0.11400 * B + 0.25000 * G
-       * Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B + CENTERJSAMPLE
-       * Cr =  0.50000 * R - 0.41869 * G - 0.08131 * B + CENTERJSAMPLE
-       */
-
-      /* Calculate Y values */
-
-      y0 = vec_msums(rg0, pw_f0299_f0337, pd_onehalf);
-      y1 = vec_msums(rg1, pw_f0299_f0337, pd_onehalf);
-      y2 = vec_msums(rg2, pw_f0299_f0337, pd_onehalf);
-      y3 = vec_msums(rg3, pw_f0299_f0337, pd_onehalf);
-      y0 = vec_msums(bg0, pw_f0114_f0250, y0);
-      y1 = vec_msums(bg1, pw_f0114_f0250, y1);
-      y2 = vec_msums(bg2, pw_f0114_f0250, y2);
-      y3 = vec_msums(bg3, pw_f0114_f0250, y3);
-      /* Clever way to avoid 4 shifts + 2 packs.  This packs the high word from
-       * each dword into a new 16-bit vector, which is the equivalent of
-       * descaling the 32-bit results (right-shifting by 16 bits) and then
-       * packing them.
-       */
-      yl = vec_perm((__vector unsigned short)y0, (__vector unsigned short)y1,
-                    shift_pack_index);
-      yh = vec_perm((__vector unsigned short)y2, (__vector unsigned short)y3,
-                    shift_pack_index);
-      y = vec_pack(yl, yh);
-      vec_st(y, 0, outptr0);
-
-      /* Calculate Cb values */
-      cb0 = vec_msums(rg0, pw_mf016_mf033, pd_onehalfm1_cj);
-      cb1 = vec_msums(rg1, pw_mf016_mf033, pd_onehalfm1_cj);
-      cb2 = vec_msums(rg2, pw_mf016_mf033, pd_onehalfm1_cj);
-      cb3 = vec_msums(rg3, pw_mf016_mf033, pd_onehalfm1_cj);
-      cb0 = (__vector int)vec_msum((__vector unsigned short)bg0, pw_f050_f000,
-                                   (__vector unsigned int)cb0);
-      cb1 = (__vector int)vec_msum((__vector unsigned short)bg1, pw_f050_f000,
-                                   (__vector unsigned int)cb1);
-      cb2 = (__vector int)vec_msum((__vector unsigned short)bg2, pw_f050_f000,
-                                   (__vector unsigned int)cb2);
-      cb3 = (__vector int)vec_msum((__vector unsigned short)bg3, pw_f050_f000,
-                                   (__vector unsigned int)cb3);
-      cbl = vec_perm((__vector unsigned short)cb0,
-                     (__vector unsigned short)cb1, shift_pack_index);
-      cbh = vec_perm((__vector unsigned short)cb2,
-                     (__vector unsigned short)cb3, shift_pack_index);
-      cb = vec_pack(cbl, cbh);
-      vec_st(cb, 0, outptr1);
-
-      /* Calculate Cr values */
-      cr0 = vec_msums(bg0, pw_mf008_mf041, pd_onehalfm1_cj);
-      cr1 = vec_msums(bg1, pw_mf008_mf041, pd_onehalfm1_cj);
-      cr2 = vec_msums(bg2, pw_mf008_mf041, pd_onehalfm1_cj);
-      cr3 = vec_msums(bg3, pw_mf008_mf041, pd_onehalfm1_cj);
-      cr0 = (__vector int)vec_msum((__vector unsigned short)rg0, pw_f050_f000,
-                                   (__vector unsigned int)cr0);
-      cr1 = (__vector int)vec_msum((__vector unsigned short)rg1, pw_f050_f000,
-                                   (__vector unsigned int)cr1);
-      cr2 = (__vector int)vec_msum((__vector unsigned short)rg2, pw_f050_f000,
-                                   (__vector unsigned int)cr2);
-      cr3 = (__vector int)vec_msum((__vector unsigned short)rg3, pw_f050_f000,
-                                   (__vector unsigned int)cr3);
-      crl = vec_perm((__vector unsigned short)cr0,
-                     (__vector unsigned short)cr1, shift_pack_index);
-      crh = vec_perm((__vector unsigned short)cr2,
-                     (__vector unsigned short)cr3, shift_pack_index);
-      cr = vec_pack(crl, crh);
-      vec_st(cr, 0, outptr2);
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jccolor-altivec.c b/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jccolor-altivec.c
deleted file mode 100644
index d670dbc..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jccolor-altivec.c
+++ /dev/null
@@ -1,116 +0,0 @@
-/*
- * AltiVec optimizations for libjpeg-turbo
- *
- * Copyright (C) 2014, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* RGB --> YCC CONVERSION */
-
-#include "jsimd_altivec.h"
-
-
-#define F_0_081  5329                 /* FIX(0.08131) */
-#define F_0_114  7471                 /* FIX(0.11400) */
-#define F_0_168  11059                /* FIX(0.16874) */
-#define F_0_250  16384                /* FIX(0.25000) */
-#define F_0_299  19595                /* FIX(0.29900) */
-#define F_0_331  21709                /* FIX(0.33126) */
-#define F_0_418  27439                /* FIX(0.41869) */
-#define F_0_500  32768                /* FIX(0.50000) */
-#define F_0_587  38470                /* FIX(0.58700) */
-#define F_0_337  (F_0_587 - F_0_250)  /* FIX(0.58700) - FIX(0.25000) */
-
-#define SCALEBITS  16
-#define ONE_HALF  (1 << (SCALEBITS - 1))
-
-
-#define RGBG_INDEX0 \
-  {  0,  1,  3,  4,  6,  7,  9, 10,  2,  1,  5,  4,  8,  7, 11, 10 }
-#define RGBG_INDEX1 \
-  { 12, 13, 15, 16, 18, 19, 21, 22, 14, 13, 17, 16, 20, 19, 23, 22 }
-#define RGBG_INDEX2 \
-  {  8,  9, 11, 12, 14, 15, 17, 18, 10,  9, 13, 12, 16, 15, 19, 18 }
-#define RGBG_INDEX3 \
-  {  4,  5,  7,  8, 10, 11, 13, 14,  6,  5,  9,  8, 12, 11, 15, 14 }
-#include "jccolext-altivec.c"
-#undef RGB_PIXELSIZE
-
-#define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-#define jsimd_rgb_ycc_convert_altivec  jsimd_extrgb_ycc_convert_altivec
-#include "jccolext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGBG_INDEX0
-#undef RGBG_INDEX1
-#undef RGBG_INDEX2
-#undef RGBG_INDEX3
-#undef jsimd_rgb_ycc_convert_altivec
-
-#define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-#define RGBG_INDEX \
-  {  0,  1,  4,  5,  8,  9, 12, 13,  2,  1,  6,  5, 10,  9, 14, 13 }
-#define jsimd_rgb_ycc_convert_altivec  jsimd_extrgbx_ycc_convert_altivec
-#include "jccolext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGBG_INDEX
-#undef jsimd_rgb_ycc_convert_altivec
-
-#define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-#define RGBG_INDEX0 \
-  {  2,  1,  5,  4,  8,  7, 11, 10,  0,  1,  3,  4,  6,  7,  9, 10 }
-#define RGBG_INDEX1 \
-  { 14, 13, 17, 16, 20, 19, 23, 22, 12, 13, 15, 16, 18, 19, 21, 22 }
-#define RGBG_INDEX2 \
-  { 10,  9, 13, 12, 16, 15, 19, 18,  8,  9, 11, 12, 14, 15, 17, 18 }
-#define RGBG_INDEX3 \
-  {  6,  5,  9,  8, 12, 11, 15, 14,  4,  5,  7,  8, 10, 11, 13, 14 }
-#define jsimd_rgb_ycc_convert_altivec  jsimd_extbgr_ycc_convert_altivec
-#include "jccolext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGBG_INDEX0
-#undef RGBG_INDEX1
-#undef RGBG_INDEX2
-#undef RGBG_INDEX3
-#undef jsimd_rgb_ycc_convert_altivec
-
-#define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-#define RGBG_INDEX \
-  {  2,  1,  6,  5, 10,  9, 14, 13,  0,  1,  4,  5,  8,  9, 12, 13 }
-#define jsimd_rgb_ycc_convert_altivec  jsimd_extbgrx_ycc_convert_altivec
-#include "jccolext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGBG_INDEX
-#undef jsimd_rgb_ycc_convert_altivec
-
-#define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-#define RGBG_INDEX \
-  {  3,  2,  7,  6, 11, 10, 15, 14,  1,  2,  5,  6,  9, 10, 13, 14 }
-#define jsimd_rgb_ycc_convert_altivec  jsimd_extxbgr_ycc_convert_altivec
-#include "jccolext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGBG_INDEX
-#undef jsimd_rgb_ycc_convert_altivec
-
-#define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-#define RGBG_INDEX \
-  {  1,  2,  5,  6,  9, 10, 13, 14,  3,  2,  7,  6, 11, 10, 15, 14 }
-#define jsimd_rgb_ycc_convert_altivec  jsimd_extxrgb_ycc_convert_altivec
-#include "jccolext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGBG_INDEX
-#undef jsimd_rgb_ycc_convert_altivec
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jcgray-altivec.c b/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jcgray-altivec.c
deleted file mode 100644
index a11a7e7..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jcgray-altivec.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/*
- * AltiVec optimizations for libjpeg-turbo
- *
- * Copyright (C) 2014, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* RGB --> GRAYSCALE CONVERSION */
-
-#include "jsimd_altivec.h"
-
-
-#define F_0_114  7471                 /* FIX(0.11400) */
-#define F_0_250  16384                /* FIX(0.25000) */
-#define F_0_299  19595                /* FIX(0.29900) */
-#define F_0_587  38470                /* FIX(0.58700) */
-#define F_0_337  (F_0_587 - F_0_250)  /* FIX(0.58700) - FIX(0.25000) */
-
-#define SCALEBITS  16
-#define ONE_HALF  (1 << (SCALEBITS - 1))
-
-
-#define RGBG_INDEX0 \
-  {  0,  1,  3,  4,  6,  7,  9, 10,  2,  1,  5,  4,  8,  7, 11, 10 }
-#define RGBG_INDEX1 \
-  { 12, 13, 15, 16, 18, 19, 21, 22, 14, 13, 17, 16, 20, 19, 23, 22 }
-#define RGBG_INDEX2 \
-  {  8,  9, 11, 12, 14, 15, 17, 18, 10,  9, 13, 12, 16, 15, 19, 18 }
-#define RGBG_INDEX3 \
-  {  4,  5,  7,  8, 10, 11, 13, 14,  6,  5,  9,  8, 12, 11, 15, 14 }
-#include "jcgryext-altivec.c"
-#undef RGB_PIXELSIZE
-
-#define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-#define jsimd_rgb_gray_convert_altivec  jsimd_extrgb_gray_convert_altivec
-#include "jcgryext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGBG_INDEX0
-#undef RGBG_INDEX1
-#undef RGBG_INDEX2
-#undef RGBG_INDEX3
-#undef jsimd_rgb_gray_convert_altivec
-
-#define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-#define RGBG_INDEX \
-  {  0,  1,  4,  5,  8,  9, 12, 13,  2,  1,  6,  5, 10,  9, 14, 13 }
-#define jsimd_rgb_gray_convert_altivec  jsimd_extrgbx_gray_convert_altivec
-#include "jcgryext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGBG_INDEX
-#undef jsimd_rgb_gray_convert_altivec
-
-#define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-#define RGBG_INDEX0 \
-  {  2,  1,  5,  4,  8,  7, 11, 10,  0,  1,  3,  4,  6,  7,  9, 10 }
-#define RGBG_INDEX1 \
-  { 14, 13, 17, 16, 20, 19, 23, 22, 12, 13, 15, 16, 18, 19, 21, 22 }
-#define RGBG_INDEX2 \
-  { 10,  9, 13, 12, 16, 15, 19, 18,  8,  9, 11, 12, 14, 15, 17, 18 }
-#define RGBG_INDEX3 \
-  {  6,  5,  9,  8, 12, 11, 15, 14,  4,  5,  7,  8, 10, 11, 13, 14 }
-#define jsimd_rgb_gray_convert_altivec  jsimd_extbgr_gray_convert_altivec
-#include "jcgryext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGBG_INDEX0
-#undef RGBG_INDEX1
-#undef RGBG_INDEX2
-#undef RGBG_INDEX3
-#undef jsimd_rgb_gray_convert_altivec
-
-#define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-#define RGBG_INDEX \
-  {  2,  1,  6,  5, 10,  9, 14, 13,  0,  1,  4,  5,  8,  9, 12, 13 }
-#define jsimd_rgb_gray_convert_altivec  jsimd_extbgrx_gray_convert_altivec
-#include "jcgryext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGBG_INDEX
-#undef jsimd_rgb_gray_convert_altivec
-
-#define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-#define RGBG_INDEX \
-  {  3,  2,  7,  6, 11, 10, 15, 14,  1,  2,  5,  6,  9, 10, 13, 14 }
-#define jsimd_rgb_gray_convert_altivec  jsimd_extxbgr_gray_convert_altivec
-#include "jcgryext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGBG_INDEX
-#undef jsimd_rgb_gray_convert_altivec
-
-#define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-#define RGBG_INDEX \
-  {  1,  2,  5,  6,  9, 10, 13, 14,  3,  2,  7,  6, 11, 10, 15, 14 }
-#define jsimd_rgb_gray_convert_altivec  jsimd_extxrgb_gray_convert_altivec
-#include "jcgryext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGBG_INDEX
-#undef jsimd_rgb_gray_convert_altivec
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jcgryext-altivec.c b/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jcgryext-altivec.c
deleted file mode 100644
index b280cbb..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jcgryext-altivec.c
+++ /dev/null
@@ -1,228 +0,0 @@
-/*
- * AltiVec optimizations for libjpeg-turbo
- *
- * Copyright (C) 2014-2015, D. R. Commander.  All Rights Reserved.
- * Copyright (C) 2014, Jay Foad.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* This file is included by jcgray-altivec.c */
-
-
-void jsimd_rgb_gray_convert_altivec(JDIMENSION img_width, JSAMPARRAY input_buf,
-                                    JSAMPIMAGE output_buf,
-                                    JDIMENSION output_row, int num_rows)
-{
-  JSAMPROW inptr, outptr;
-  int pitch = img_width * RGB_PIXELSIZE, num_cols;
-#if __BIG_ENDIAN__
-  int offset;
-  unsigned char __attribute__((aligned(16))) tmpbuf[RGB_PIXELSIZE * 16];
-#endif
-
-  __vector unsigned char rgb0, rgb1 = { 0 }, rgb2 = { 0 },
-    rgbg0, rgbg1, rgbg2, rgbg3, y;
-#if __BIG_ENDIAN__ || RGB_PIXELSIZE == 4
-  __vector unsigned char rgb3 = { 0 };
-#endif
-#if __BIG_ENDIAN__ && RGB_PIXELSIZE == 4
-  __vector unsigned char rgb4 = { 0 };
-#endif
-  __vector short rg0, rg1, rg2, rg3, bg0, bg1, bg2, bg3;
-  __vector unsigned short yl, yh;
-  __vector int y0, y1, y2, y3;
-
-  /* Constants */
-  __vector short pw_f0299_f0337 = { __4X2(F_0_299, F_0_337) },
-    pw_f0114_f0250 = { __4X2(F_0_114, F_0_250) };
-  __vector int pd_onehalf = { __4X(ONE_HALF) };
-  __vector unsigned char pb_zero = { __16X(0) },
-#if __BIG_ENDIAN__
-    shift_pack_index =
-      { 0, 1, 4, 5,  8,  9, 12, 13, 16, 17, 20, 21, 24, 25, 28, 29 };
-#else
-    shift_pack_index =
-      { 2, 3, 6, 7, 10, 11, 14, 15, 18, 19, 22, 23, 26, 27, 30, 31 };
-#endif
-
-  while (--num_rows >= 0) {
-    inptr = *input_buf++;
-    outptr = output_buf[0][output_row];
-    output_row++;
-
-    for (num_cols = pitch; num_cols > 0;
-         num_cols -= RGB_PIXELSIZE * 16, inptr += RGB_PIXELSIZE * 16,
-         outptr += 16) {
-
-#if __BIG_ENDIAN__
-      /* Load 16 pixels == 48 or 64 bytes */
-      offset = (size_t)inptr & 15;
-      if (offset) {
-        __vector unsigned char unaligned_shift_index;
-        int bytes = num_cols + offset;
-
-        if (bytes < (RGB_PIXELSIZE + 1) * 16 && (bytes & 15)) {
-          /* Slow path to prevent buffer overread.  Since there is no way to
-           * read a partial AltiVec register, overread would occur on the last
-           * chunk of the last image row if the right edge is not on a 16-byte
-           * boundary.  It could also occur on other rows if the bytes per row
-           * is low enough.  Since we can't determine whether we're on the last
-           * image row, we have to assume every row is the last.
-           */
-          memcpy(tmpbuf, inptr, min(num_cols, RGB_PIXELSIZE * 16));
-          rgb0 = vec_ld(0, tmpbuf);
-          rgb1 = vec_ld(16, tmpbuf);
-          rgb2 = vec_ld(32, tmpbuf);
-#if RGB_PIXELSIZE == 4
-          rgb3 = vec_ld(48, tmpbuf);
-#endif
-        } else {
-          /* Fast path */
-          rgb0 = vec_ld(0, inptr);
-          if (bytes > 16)
-            rgb1 = vec_ld(16, inptr);
-          if (bytes > 32)
-            rgb2 = vec_ld(32, inptr);
-          if (bytes > 48)
-            rgb3 = vec_ld(48, inptr);
-#if RGB_PIXELSIZE == 4
-          if (bytes > 64)
-            rgb4 = vec_ld(64, inptr);
-#endif
-          unaligned_shift_index = vec_lvsl(0, inptr);
-          rgb0 = vec_perm(rgb0, rgb1, unaligned_shift_index);
-          rgb1 = vec_perm(rgb1, rgb2, unaligned_shift_index);
-          rgb2 = vec_perm(rgb2, rgb3, unaligned_shift_index);
-#if RGB_PIXELSIZE == 4
-          rgb3 = vec_perm(rgb3, rgb4, unaligned_shift_index);
-#endif
-        }
-      } else {
-        if (num_cols < RGB_PIXELSIZE * 16 && (num_cols & 15)) {
-          /* Slow path */
-          memcpy(tmpbuf, inptr, min(num_cols, RGB_PIXELSIZE * 16));
-          rgb0 = vec_ld(0, tmpbuf);
-          rgb1 = vec_ld(16, tmpbuf);
-          rgb2 = vec_ld(32, tmpbuf);
-#if RGB_PIXELSIZE == 4
-          rgb3 = vec_ld(48, tmpbuf);
-#endif
-        } else {
-          /* Fast path */
-          rgb0 = vec_ld(0, inptr);
-          if (num_cols > 16)
-            rgb1 = vec_ld(16, inptr);
-          if (num_cols > 32)
-            rgb2 = vec_ld(32, inptr);
-#if RGB_PIXELSIZE == 4
-          if (num_cols > 48)
-            rgb3 = vec_ld(48, inptr);
-#endif
-        }
-      }
-#else
-      /* Little endian */
-      rgb0 = vec_vsx_ld(0, inptr);
-      if (num_cols > 16)
-        rgb1 = vec_vsx_ld(16, inptr);
-      if (num_cols > 32)
-        rgb2 = vec_vsx_ld(32, inptr);
-#if RGB_PIXELSIZE == 4
-      if (num_cols > 48)
-        rgb3 = vec_vsx_ld(48, inptr);
-#endif
-#endif
-
-#if RGB_PIXELSIZE == 3
-      /* rgb0 = R0 G0 B0 R1 G1 B1 R2 G2 B2 R3 G3 B3 R4 G4 B4 R5
-       * rgb1 = G5 B5 R6 G6 B6 R7 G7 B7 R8 G8 B8 R9 G9 B9 Ra Ga
-       * rgb2 = Ba Rb Gb Bb Rc Gc Bc Rd Gd Bd Re Ge Be Rf Gf Bf
-       *
-       * rgbg0 = R0 G0 R1 G1 R2 G2 R3 G3 B0 G0 B1 G1 B2 G2 B3 G3
-       * rgbg1 = R4 G4 R5 G5 R6 G6 R7 G7 B4 G4 B5 G5 B6 G6 B7 G7
-       * rgbg2 = R8 G8 R9 G9 Ra Ga Rb Gb B8 G8 B9 G9 Ba Ga Bb Gb
-       * rgbg3 = Rc Gc Rd Gd Re Ge Rf Gf Bc Gc Bd Gd Be Ge Bf Gf
-       */
-      rgbg0 = vec_perm(rgb0, rgb0, (__vector unsigned char)RGBG_INDEX0);
-      rgbg1 = vec_perm(rgb0, rgb1, (__vector unsigned char)RGBG_INDEX1);
-      rgbg2 = vec_perm(rgb1, rgb2, (__vector unsigned char)RGBG_INDEX2);
-      rgbg3 = vec_perm(rgb2, rgb2, (__vector unsigned char)RGBG_INDEX3);
-#else
-      /* rgb0 = R0 G0 B0 X0 R1 G1 B1 X1 R2 G2 B2 X2 R3 G3 B3 X3
-       * rgb1 = R4 G4 B4 X4 R5 G5 B5 X5 R6 G6 B6 X6 R7 G7 B7 X7
-       * rgb2 = R8 G8 B8 X8 R9 G9 B9 X9 Ra Ga Ba Xa Rb Gb Bb Xb
-       * rgb3 = Rc Gc Bc Xc Rd Gd Bd Xd Re Ge Be Xe Rf Gf Bf Xf
-       *
-       * rgbg0 = R0 G0 R1 G1 R2 G2 R3 G3 B0 G0 B1 G1 B2 G2 B3 G3
-       * rgbg1 = R4 G4 R5 G5 R6 G6 R7 G7 B4 G4 B5 G5 B6 G6 B7 G7
-       * rgbg2 = R8 G8 R9 G9 Ra Ga Rb Gb B8 G8 B9 G9 Ba Ga Bb Gb
-       * rgbg3 = Rc Gc Rd Gd Re Ge Rf Gf Bc Gc Bd Gd Be Ge Bf Gf
-       */
-      rgbg0 = vec_perm(rgb0, rgb0, (__vector unsigned char)RGBG_INDEX);
-      rgbg1 = vec_perm(rgb1, rgb1, (__vector unsigned char)RGBG_INDEX);
-      rgbg2 = vec_perm(rgb2, rgb2, (__vector unsigned char)RGBG_INDEX);
-      rgbg3 = vec_perm(rgb3, rgb3, (__vector unsigned char)RGBG_INDEX);
-#endif
-
-      /* rg0 = R0 G0 R1 G1 R2 G2 R3 G3
-       * bg0 = B0 G0 B1 G1 B2 G2 B3 G3
-       * ...
-       *
-       * NOTE: We have to use vec_merge*() here because vec_unpack*() doesn't
-       * support unsigned vectors.
-       */
-      rg0 = (__vector signed short)VEC_UNPACKHU(rgbg0);
-      bg0 = (__vector signed short)VEC_UNPACKLU(rgbg0);
-      rg1 = (__vector signed short)VEC_UNPACKHU(rgbg1);
-      bg1 = (__vector signed short)VEC_UNPACKLU(rgbg1);
-      rg2 = (__vector signed short)VEC_UNPACKHU(rgbg2);
-      bg2 = (__vector signed short)VEC_UNPACKLU(rgbg2);
-      rg3 = (__vector signed short)VEC_UNPACKHU(rgbg3);
-      bg3 = (__vector signed short)VEC_UNPACKLU(rgbg3);
-
-      /* (Original)
-       * Y  =  0.29900 * R + 0.58700 * G + 0.11400 * B
-       *
-       * (This implementation)
-       * Y  =  0.29900 * R + 0.33700 * G + 0.11400 * B + 0.25000 * G
-       */
-
-      /* Calculate Y values */
-
-      y0 = vec_msums(rg0, pw_f0299_f0337, pd_onehalf);
-      y1 = vec_msums(rg1, pw_f0299_f0337, pd_onehalf);
-      y2 = vec_msums(rg2, pw_f0299_f0337, pd_onehalf);
-      y3 = vec_msums(rg3, pw_f0299_f0337, pd_onehalf);
-      y0 = vec_msums(bg0, pw_f0114_f0250, y0);
-      y1 = vec_msums(bg1, pw_f0114_f0250, y1);
-      y2 = vec_msums(bg2, pw_f0114_f0250, y2);
-      y3 = vec_msums(bg3, pw_f0114_f0250, y3);
-      /* Clever way to avoid 4 shifts + 2 packs.  This packs the high word from
-       * each dword into a new 16-bit vector, which is the equivalent of
-       * descaling the 32-bit results (right-shifting by 16 bits) and then
-       * packing them.
-       */
-      yl = vec_perm((__vector unsigned short)y0, (__vector unsigned short)y1,
-                    shift_pack_index);
-      yh = vec_perm((__vector unsigned short)y2, (__vector unsigned short)y3,
-                    shift_pack_index);
-      y = vec_pack(yl, yh);
-      vec_st(y, 0, outptr);
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jcsample-altivec.c b/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jcsample-altivec.c
deleted file mode 100644
index 6e25b8d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jcsample-altivec.c
+++ /dev/null
@@ -1,159 +0,0 @@
-/*
- * AltiVec optimizations for libjpeg-turbo
- *
- * Copyright (C) 2015, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* CHROMA DOWNSAMPLING */
-
-#include "jsimd_altivec.h"
-#include "jcsample.h"
-
-
-void jsimd_h2v1_downsample_altivec(JDIMENSION image_width,
-                                   int max_v_samp_factor,
-                                   JDIMENSION v_samp_factor,
-                                   JDIMENSION width_in_blocks,
-                                   JSAMPARRAY input_data,
-                                   JSAMPARRAY output_data)
-{
-  int outrow, outcol;
-  JDIMENSION output_cols = width_in_blocks * DCTSIZE;
-  JSAMPROW inptr, outptr;
-
-  __vector unsigned char this0, next0, out;
-  __vector unsigned short this0e, this0o, next0e, next0o, outl, outh;
-
-  /* Constants */
-  __vector unsigned short pw_bias = { __4X2(0, 1) },
-    pw_one = { __8X(1) };
-  __vector unsigned char even_odd_index =
-    {  0,  2,  4,  6,  8, 10, 12, 14,  1,  3,  5,  7,  9, 11, 13, 15 },
-    pb_zero = { __16X(0) };
-
-  expand_right_edge(input_data, max_v_samp_factor, image_width,
-                    output_cols * 2);
-
-  for (outrow = 0; outrow < v_samp_factor; outrow++) {
-    outptr = output_data[outrow];
-    inptr = input_data[outrow];
-
-    for (outcol = output_cols; outcol > 0;
-         outcol -= 16, inptr += 32, outptr += 16) {
-
-      this0 = vec_ld(0, inptr);
-      this0 = vec_perm(this0, this0, even_odd_index);
-      this0e = (__vector unsigned short)VEC_UNPACKHU(this0);
-      this0o = (__vector unsigned short)VEC_UNPACKLU(this0);
-      outl = vec_add(this0e, this0o);
-      outl = vec_add(outl, pw_bias);
-      outl = vec_sr(outl, pw_one);
-
-      if (outcol > 8) {
-        next0 = vec_ld(16, inptr);
-        next0 = vec_perm(next0, next0, even_odd_index);
-        next0e = (__vector unsigned short)VEC_UNPACKHU(next0);
-        next0o = (__vector unsigned short)VEC_UNPACKLU(next0);
-        outh = vec_add(next0e, next0o);
-        outh = vec_add(outh, pw_bias);
-        outh = vec_sr(outh, pw_one);
-      } else
-        outh = vec_splat_u16(0);
-
-      out = vec_pack(outl, outh);
-      vec_st(out, 0, outptr);
-    }
-  }
-}
-
-
-void
-jsimd_h2v2_downsample_altivec(JDIMENSION image_width, int max_v_samp_factor,
-                              JDIMENSION v_samp_factor,
-                              JDIMENSION width_in_blocks,
-                              JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  int inrow, outrow, outcol;
-  JDIMENSION output_cols = width_in_blocks * DCTSIZE;
-  JSAMPROW inptr0, inptr1, outptr;
-
-  __vector unsigned char this0, next0, this1, next1, out;
-  __vector unsigned short this0e, this0o, next0e, next0o, this1e, this1o,
-    next1e, next1o, out0l, out0h, out1l, out1h, outl, outh;
-
-  /* Constants */
-  __vector unsigned short pw_bias = { __4X2(1, 2) },
-    pw_two = { __8X(2) };
-  __vector unsigned char even_odd_index =
-    {  0,  2,  4,  6,  8, 10, 12, 14,  1,  3,  5,  7,  9, 11, 13, 15 },
-    pb_zero = { __16X(0) };
-
-  expand_right_edge(input_data, max_v_samp_factor, image_width,
-                    output_cols * 2);
-
-  for (inrow = 0, outrow = 0; outrow < v_samp_factor;
-       inrow += 2, outrow++) {
-
-    inptr0 = input_data[inrow];
-    inptr1 = input_data[inrow + 1];
-    outptr = output_data[outrow];
-
-    for (outcol = output_cols; outcol > 0;
-         outcol -= 16, inptr0 += 32, inptr1 += 32, outptr += 16) {
-
-      this0 = vec_ld(0, inptr0);
-      this0 = vec_perm(this0, this0, even_odd_index);
-      this0e = (__vector unsigned short)VEC_UNPACKHU(this0);
-      this0o = (__vector unsigned short)VEC_UNPACKLU(this0);
-      out0l = vec_add(this0e, this0o);
-
-      this1 = vec_ld(0, inptr1);
-      this1 = vec_perm(this1, this1, even_odd_index);
-      this1e = (__vector unsigned short)VEC_UNPACKHU(this1);
-      this1o = (__vector unsigned short)VEC_UNPACKLU(this1);
-      out1l = vec_add(this1e, this1o);
-
-      outl = vec_add(out0l, out1l);
-      outl = vec_add(outl, pw_bias);
-      outl = vec_sr(outl, pw_two);
-
-      if (outcol > 8) {
-        next0 = vec_ld(16, inptr0);
-        next0 = vec_perm(next0, next0, even_odd_index);
-        next0e = (__vector unsigned short)VEC_UNPACKHU(next0);
-        next0o = (__vector unsigned short)VEC_UNPACKLU(next0);
-        out0h = vec_add(next0e, next0o);
-
-        next1 = vec_ld(16, inptr1);
-        next1 = vec_perm(next1, next1, even_odd_index);
-        next1e = (__vector unsigned short)VEC_UNPACKHU(next1);
-        next1o = (__vector unsigned short)VEC_UNPACKLU(next1);
-        out1h = vec_add(next1e, next1o);
-
-        outh = vec_add(out0h, out1h);
-        outh = vec_add(outh, pw_bias);
-        outh = vec_sr(outh, pw_two);
-      } else
-        outh = vec_splat_u16(0);
-
-      out = vec_pack(outl, outh);
-      vec_st(out, 0, outptr);
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jcsample.h b/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jcsample.h
deleted file mode 100644
index bd07fcc..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jcsample.h
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * jcsample.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1996, Thomas G. Lane.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- */
-
-LOCAL(void)
-expand_right_edge(JSAMPARRAY image_data, int num_rows, JDIMENSION input_cols,
-                  JDIMENSION output_cols)
-{
-  register JSAMPROW ptr;
-  register JSAMPLE pixval;
-  register int count;
-  int row;
-  int numcols = (int)(output_cols - input_cols);
-
-  if (numcols > 0) {
-    for (row = 0; row < num_rows; row++) {
-      ptr = image_data[row] + input_cols;
-      pixval = ptr[-1];
-      for (count = numcols; count > 0; count--)
-        *ptr++ = pixval;
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jdcolext-altivec.c b/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jdcolext-altivec.c
deleted file mode 100644
index 68d52bd..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jdcolext-altivec.c
+++ /dev/null
@@ -1,276 +0,0 @@
-/*
- * AltiVec optimizations for libjpeg-turbo
- *
- * Copyright (C) 2015, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* This file is included by jdcolor-altivec.c */
-
-
-void jsimd_ycc_rgb_convert_altivec(JDIMENSION out_width, JSAMPIMAGE input_buf,
-                                   JDIMENSION input_row, JSAMPARRAY output_buf,
-                                   int num_rows)
-{
-  JSAMPROW outptr, inptr0, inptr1, inptr2;
-  int pitch = out_width * RGB_PIXELSIZE, num_cols;
-#if __BIG_ENDIAN__
-  int offset;
-#endif
-  unsigned char __attribute__((aligned(16))) tmpbuf[RGB_PIXELSIZE * 16];
-
-  __vector unsigned char rgb0, rgb1, rgb2, rgbx0, rgbx1, rgbx2, rgbx3,
-    y, cb, cr;
-#if __BIG_ENDIAN__
-  __vector unsigned char edgel, edgeh, edges, out0, out1, out2, out3;
-#if RGB_PIXELSIZE == 4
-  __vector unsigned char out4;
-#endif
-#endif
-#if RGB_PIXELSIZE == 4
-  __vector unsigned char rgb3;
-#endif
-  __vector short rg0, rg1, rg2, rg3, bx0, bx1, bx2, bx3, yl, yh, cbl, cbh,
-    crl, crh, rl, rh, gl, gh, bl, bh, g0w, g1w, g2w, g3w;
-  __vector int g0, g1, g2, g3;
-
-  /* Constants
-   * NOTE: The >> 1 is to compensate for the fact that vec_madds() returns 17
-   * high-order bits, not 16.
-   */
-  __vector short pw_f0402 = { __8X(F_0_402 >> 1) },
-    pw_mf0228 = { __8X(-F_0_228 >> 1) },
-    pw_mf0344_f0285 = { __4X2(-F_0_344, F_0_285) },
-    pw_one = { __8X(1) }, pw_255 = { __8X(255) },
-    pw_cj = { __8X(CENTERJSAMPLE) };
-  __vector int pd_onehalf = { __4X(ONE_HALF) };
-  __vector unsigned char pb_zero = { __16X(0) },
-#if __BIG_ENDIAN__
-    shift_pack_index =
-      {  0,  1,  4,  5,  8,  9, 12, 13, 16, 17, 20, 21, 24, 25, 28, 29 };
-#else
-    shift_pack_index =
-      {  2,  3,  6,  7, 10, 11, 14, 15, 18, 19, 22, 23, 26, 27, 30, 31 };
-#endif
-
-  while (--num_rows >= 0) {
-    inptr0 = input_buf[0][input_row];
-    inptr1 = input_buf[1][input_row];
-    inptr2 = input_buf[2][input_row];
-    input_row++;
-    outptr = *output_buf++;
-
-    for (num_cols = pitch; num_cols > 0;
-         num_cols -= RGB_PIXELSIZE * 16, outptr += RGB_PIXELSIZE * 16,
-         inptr0 += 16, inptr1 += 16, inptr2 += 16) {
-
-      y = vec_ld(0, inptr0);
-      /* NOTE: We have to use vec_merge*() here because vec_unpack*() doesn't
-       * support unsigned vectors.
-       */
-      yl = (__vector signed short)VEC_UNPACKHU(y);
-      yh = (__vector signed short)VEC_UNPACKLU(y);
-
-      cb = vec_ld(0, inptr1);
-      cbl = (__vector signed short)VEC_UNPACKHU(cb);
-      cbh = (__vector signed short)VEC_UNPACKLU(cb);
-      cbl = vec_sub(cbl, pw_cj);
-      cbh = vec_sub(cbh, pw_cj);
-
-      cr = vec_ld(0, inptr2);
-      crl = (__vector signed short)VEC_UNPACKHU(cr);
-      crh = (__vector signed short)VEC_UNPACKLU(cr);
-      crl = vec_sub(crl, pw_cj);
-      crh = vec_sub(crh, pw_cj);
-
-      /* (Original)
-       * R = Y                + 1.40200 * Cr
-       * G = Y - 0.34414 * Cb - 0.71414 * Cr
-       * B = Y + 1.77200 * Cb
-       *
-       * (This implementation)
-       * R = Y                + 0.40200 * Cr + Cr
-       * G = Y - 0.34414 * Cb + 0.28586 * Cr - Cr
-       * B = Y - 0.22800 * Cb + Cb + Cb
-       */
-      bl = vec_add(cbl, cbl);
-      bh = vec_add(cbh, cbh);
-      bl = vec_madds(bl, pw_mf0228, pw_one);
-      bh = vec_madds(bh, pw_mf0228, pw_one);
-      bl = vec_sra(bl, (__vector unsigned short)pw_one);
-      bh = vec_sra(bh, (__vector unsigned short)pw_one);
-      bl = vec_add(bl, cbl);
-      bh = vec_add(bh, cbh);
-      bl = vec_add(bl, cbl);
-      bh = vec_add(bh, cbh);
-      bl = vec_add(bl, yl);
-      bh = vec_add(bh, yh);
-
-      rl = vec_add(crl, crl);
-      rh = vec_add(crh, crh);
-      rl = vec_madds(rl, pw_f0402, pw_one);
-      rh = vec_madds(rh, pw_f0402, pw_one);
-      rl = vec_sra(rl, (__vector unsigned short)pw_one);
-      rh = vec_sra(rh, (__vector unsigned short)pw_one);
-      rl = vec_add(rl, crl);
-      rh = vec_add(rh, crh);
-      rl = vec_add(rl, yl);
-      rh = vec_add(rh, yh);
-
-      g0w = vec_mergeh(cbl, crl);
-      g1w = vec_mergel(cbl, crl);
-      g0 = vec_msums(g0w, pw_mf0344_f0285, pd_onehalf);
-      g1 = vec_msums(g1w, pw_mf0344_f0285, pd_onehalf);
-      g2w = vec_mergeh(cbh, crh);
-      g3w = vec_mergel(cbh, crh);
-      g2 = vec_msums(g2w, pw_mf0344_f0285, pd_onehalf);
-      g3 = vec_msums(g3w, pw_mf0344_f0285, pd_onehalf);
-      /* Clever way to avoid 4 shifts + 2 packs.  This packs the high word from
-       * each dword into a new 16-bit vector, which is the equivalent of
-       * descaling the 32-bit results (right-shifting by 16 bits) and then
-       * packing them.
-       */
-      gl = vec_perm((__vector short)g0, (__vector short)g1, shift_pack_index);
-      gh = vec_perm((__vector short)g2, (__vector short)g3, shift_pack_index);
-      gl = vec_sub(gl, crl);
-      gh = vec_sub(gh, crh);
-      gl = vec_add(gl, yl);
-      gh = vec_add(gh, yh);
-
-      rg0 = vec_mergeh(rl, gl);
-      bx0 = vec_mergeh(bl, pw_255);
-      rg1 = vec_mergel(rl, gl);
-      bx1 = vec_mergel(bl, pw_255);
-      rg2 = vec_mergeh(rh, gh);
-      bx2 = vec_mergeh(bh, pw_255);
-      rg3 = vec_mergel(rh, gh);
-      bx3 = vec_mergel(bh, pw_255);
-
-      rgbx0 = vec_packsu(rg0, bx0);
-      rgbx1 = vec_packsu(rg1, bx1);
-      rgbx2 = vec_packsu(rg2, bx2);
-      rgbx3 = vec_packsu(rg3, bx3);
-
-#if RGB_PIXELSIZE == 3
-      /* rgbx0 = R0 G0 R1 G1 R2 G2 R3 G3 B0 X0 B1 X1 B2 X2 B3 X3
-       * rgbx1 = R4 G4 R5 G5 R6 G6 R7 G7 B4 X4 B5 X5 B6 X6 B7 X7
-       * rgbx2 = R8 G8 R9 G9 Ra Ga Rb Gb B8 X8 B9 X9 Ba Xa Bb Xb
-       * rgbx3 = Rc Gc Rd Gd Re Ge Rf Gf Bc Xc Bd Xd Be Xe Bf Xf
-       *
-       * rgb0 = R0 G0 B0 R1 G1 B1 R2 G2 B2 R3 G3 B3 R4 G4 B4 R5
-       * rgb1 = G5 B5 R6 G6 B6 R7 G7 B7 R8 G8 B8 R9 G9 B9 Ra Ga
-       * rgb2 = Ba Rb Gb Bb Rc Gc Bc Rd Gd Bd Re Ge Be Rf Gf Bf
-       */
-      rgb0 = vec_perm(rgbx0, rgbx1, (__vector unsigned char)RGB_INDEX0);
-      rgb1 = vec_perm(rgbx1, rgbx2, (__vector unsigned char)RGB_INDEX1);
-      rgb2 = vec_perm(rgbx2, rgbx3, (__vector unsigned char)RGB_INDEX2);
-#else
-      /* rgbx0 = R0 G0 R1 G1 R2 G2 R3 G3 B0 X0 B1 X1 B2 X2 B3 X3
-       * rgbx1 = R4 G4 R5 G5 R6 G6 R7 G7 B4 X4 B5 X5 B6 X6 B7 X7
-       * rgbx2 = R8 G8 R9 G9 Ra Ga Rb Gb B8 X8 B9 X9 Ba Xa Bb Xb
-       * rgbx3 = Rc Gc Rd Gd Re Ge Rf Gf Bc Xc Bd Xd Be Xe Bf Xf
-       *
-       * rgb0 = R0 G0 B0 X0 R1 G1 B1 X1 R2 G2 B2 X2 R3 G3 B3 X3
-       * rgb1 = R4 G4 B4 X4 R5 G5 B5 X5 R6 G6 B6 X6 R7 G7 B7 X7
-       * rgb2 = R8 G8 B8 X8 R9 G9 B9 X9 Ra Ga Ba Xa Rb Gb Bb Xb
-       * rgb3 = Rc Gc Bc Xc Rd Gd Bd Xd Re Ge Be Xe Rf Gf Bf Xf
-       */
-      rgb0 = vec_perm(rgbx0, rgbx0, (__vector unsigned char)RGB_INDEX);
-      rgb1 = vec_perm(rgbx1, rgbx1, (__vector unsigned char)RGB_INDEX);
-      rgb2 = vec_perm(rgbx2, rgbx2, (__vector unsigned char)RGB_INDEX);
-      rgb3 = vec_perm(rgbx3, rgbx3, (__vector unsigned char)RGB_INDEX);
-#endif
-
-#if __BIG_ENDIAN__
-      offset = (size_t)outptr & 15;
-      if (offset) {
-        __vector unsigned char unaligned_shift_index;
-        int bytes = num_cols + offset;
-
-        if (bytes < (RGB_PIXELSIZE + 1) * 16 && (bytes & 15)) {
-          /* Slow path to prevent buffer overwrite.  Since there is no way to
-           * write a partial AltiVec register, overwrite would occur on the
-           * last chunk of the last image row if the right edge is not on a
-           * 16-byte boundary.  It could also occur on other rows if the bytes
-           * per row is low enough.  Since we can't determine whether we're on
-           * the last image row, we have to assume every row is the last.
-           */
-          vec_st(rgb0, 0, tmpbuf);
-          vec_st(rgb1, 16, tmpbuf);
-          vec_st(rgb2, 32, tmpbuf);
-#if RGB_PIXELSIZE == 4
-          vec_st(rgb3, 48, tmpbuf);
-#endif
-          memcpy(outptr, tmpbuf, min(num_cols, RGB_PIXELSIZE * 16));
-        } else {
-          /* Fast path */
-          unaligned_shift_index = vec_lvsl(0, outptr);
-          edgel = vec_ld(0, outptr);
-          edgeh = vec_ld(min(num_cols - 1, RGB_PIXELSIZE * 16), outptr);
-          edges = vec_perm(edgeh, edgel, unaligned_shift_index);
-          unaligned_shift_index = vec_lvsr(0, outptr);
-          out0 = vec_perm(edges, rgb0, unaligned_shift_index);
-          out1 = vec_perm(rgb0, rgb1, unaligned_shift_index);
-          out2 = vec_perm(rgb1, rgb2, unaligned_shift_index);
-#if RGB_PIXELSIZE == 4
-          out3 = vec_perm(rgb2, rgb3, unaligned_shift_index);
-          out4 = vec_perm(rgb3, edges, unaligned_shift_index);
-#else
-          out3 = vec_perm(rgb2, edges, unaligned_shift_index);
-#endif
-          vec_st(out0, 0, outptr);
-          if (bytes > 16)
-            vec_st(out1, 16, outptr);
-          if (bytes > 32)
-            vec_st(out2, 32, outptr);
-          if (bytes > 48)
-            vec_st(out3, 48, outptr);
-#if RGB_PIXELSIZE == 4
-          if (bytes > 64)
-            vec_st(out4, 64, outptr);
-#endif
-        }
-      } else {
-#endif /* __BIG_ENDIAN__ */
-        if (num_cols < RGB_PIXELSIZE * 16 && (num_cols & 15)) {
-          /* Slow path */
-          VEC_ST(rgb0, 0, tmpbuf);
-          VEC_ST(rgb1, 16, tmpbuf);
-          VEC_ST(rgb2, 32, tmpbuf);
-#if RGB_PIXELSIZE == 4
-          VEC_ST(rgb3, 48, tmpbuf);
-#endif
-          memcpy(outptr, tmpbuf, min(num_cols, RGB_PIXELSIZE * 16));
-        } else {
-          /* Fast path */
-          VEC_ST(rgb0, 0, outptr);
-          if (num_cols > 16)
-            VEC_ST(rgb1, 16, outptr);
-          if (num_cols > 32)
-            VEC_ST(rgb2, 32, outptr);
-#if RGB_PIXELSIZE == 4
-          if (num_cols > 48)
-            VEC_ST(rgb3, 48, outptr);
-#endif
-        }
-#if __BIG_ENDIAN__
-      }
-#endif
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jdcolor-altivec.c b/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jdcolor-altivec.c
deleted file mode 100644
index eb35b67..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jdcolor-altivec.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/*
- * AltiVec optimizations for libjpeg-turbo
- *
- * Copyright (C) 2015, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* YCC --> RGB CONVERSION */
-
-#include "jsimd_altivec.h"
-
-
-#define F_0_344  22554              /* FIX(0.34414) */
-#define F_0_714  46802              /* FIX(0.71414) */
-#define F_1_402  91881              /* FIX(1.40200) */
-#define F_1_772  116130             /* FIX(1.77200) */
-#define F_0_402  (F_1_402 - 65536)  /* FIX(1.40200) - FIX(1) */
-#define F_0_285  (65536 - F_0_714)  /* FIX(1) - FIX(0.71414) */
-#define F_0_228  (131072 - F_1_772) /* FIX(2) - FIX(1.77200) */
-
-#define SCALEBITS  16
-#define ONE_HALF  (1 << (SCALEBITS - 1))
-
-#define RGB_INDEX0 \
-  {  0,  1,  8,  2,  3, 10,  4,  5, 12,  6,  7, 14, 16, 17, 24, 18 }
-#define RGB_INDEX1 \
-  {  3, 10,  4,  5, 12,  6,  7, 14, 16, 17, 24, 18, 19, 26, 20, 21 }
-#define RGB_INDEX2 \
-  { 12,  6,  7, 14, 16, 17, 24, 18, 19, 26, 20, 21, 28, 22, 23, 30 }
-#include "jdcolext-altivec.c"
-#undef RGB_PIXELSIZE
-
-#define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-#define jsimd_ycc_rgb_convert_altivec  jsimd_ycc_extrgb_convert_altivec
-#include "jdcolext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGB_INDEX0
-#undef RGB_INDEX1
-#undef RGB_INDEX2
-#undef jsimd_ycc_rgb_convert_altivec
-
-#define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-#define RGB_INDEX \
-  {  0,  1,  8,  9,  2,  3, 10, 11,  4,  5, 12, 13,  6,  7, 14, 15 }
-#define jsimd_ycc_rgb_convert_altivec  jsimd_ycc_extrgbx_convert_altivec
-#include "jdcolext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGB_INDEX
-#undef jsimd_ycc_rgb_convert_altivec
-
-#define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-#define RGB_INDEX0 \
-  {  8,  1,  0, 10,  3,  2, 12,  5,  4, 14,  7,  6, 24, 17, 16, 26 }
-#define RGB_INDEX1 \
-  {  3,  2, 12,  5,  4, 14,  7,  6, 24, 17, 16, 26, 19, 18, 28, 21 }
-#define RGB_INDEX2 \
-  {  4, 14,  7,  6, 24, 17, 16, 26, 19, 18, 28, 21, 20, 30, 23, 22 }
-#define jsimd_ycc_rgb_convert_altivec  jsimd_ycc_extbgr_convert_altivec
-#include "jdcolext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGB_INDEX0
-#undef RGB_INDEX1
-#undef RGB_INDEX2
-#undef jsimd_ycc_rgb_convert_altivec
-
-#define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-#define RGB_INDEX \
-  {  8,  1,  0,  9, 10,  3,  2, 11, 12,  5,  4, 13, 14,  7,  6, 15 }
-#define jsimd_ycc_rgb_convert_altivec  jsimd_ycc_extbgrx_convert_altivec
-#include "jdcolext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGB_INDEX
-#undef jsimd_ycc_rgb_convert_altivec
-
-#define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-#define RGB_INDEX \
-  {  9,  8,  1,  0, 11, 10,  3,  2, 13, 12,  5,  4, 15, 14,  7,  6 }
-#define jsimd_ycc_rgb_convert_altivec  jsimd_ycc_extxbgr_convert_altivec
-#include "jdcolext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGB_INDEX
-#undef jsimd_ycc_rgb_convert_altivec
-
-#define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-#define RGB_INDEX \
-  {  9,  0,  1,  8, 11,  2,  3, 10, 13,  4,  5, 12, 15,  6,  7, 14 }
-#define jsimd_ycc_rgb_convert_altivec  jsimd_ycc_extxrgb_convert_altivec
-#include "jdcolext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGB_INDEX
-#undef jsimd_ycc_rgb_convert_altivec
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jdmerge-altivec.c b/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jdmerge-altivec.c
deleted file mode 100644
index 79c577f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jdmerge-altivec.c
+++ /dev/null
@@ -1,130 +0,0 @@
-/*
- * AltiVec optimizations for libjpeg-turbo
- *
- * Copyright (C) 2015, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* MERGED YCC --> RGB CONVERSION AND UPSAMPLING */
-
-#include "jsimd_altivec.h"
-
-
-#define F_0_344  22554              /* FIX(0.34414) */
-#define F_0_714  46802              /* FIX(0.71414) */
-#define F_1_402  91881              /* FIX(1.40200) */
-#define F_1_772  116130             /* FIX(1.77200) */
-#define F_0_402  (F_1_402 - 65536)  /* FIX(1.40200) - FIX(1) */
-#define F_0_285  (65536 - F_0_714)  /* FIX(1) - FIX(0.71414) */
-#define F_0_228  (131072 - F_1_772) /* FIX(2) - FIX(1.77200) */
-
-#define SCALEBITS  16
-#define ONE_HALF  (1 << (SCALEBITS - 1))
-
-#define RGB_INDEX0 \
-  {  0,  1,  8,  2,  3, 10,  4,  5, 12,  6,  7, 14, 16, 17, 24, 18 }
-#define RGB_INDEX1 \
-  {  3, 10,  4,  5, 12,  6,  7, 14, 16, 17, 24, 18, 19, 26, 20, 21 }
-#define RGB_INDEX2 \
-  { 12,  6,  7, 14, 16, 17, 24, 18, 19, 26, 20, 21, 28, 22, 23, 30 }
-#include "jdmrgext-altivec.c"
-#undef RGB_PIXELSIZE
-
-#define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-#define jsimd_h2v1_merged_upsample_altivec \
-  jsimd_h2v1_extrgb_merged_upsample_altivec
-#define jsimd_h2v2_merged_upsample_altivec \
-  jsimd_h2v2_extrgb_merged_upsample_altivec
-#include "jdmrgext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGB_INDEX0
-#undef RGB_INDEX1
-#undef RGB_INDEX2
-#undef jsimd_h2v1_merged_upsample_altivec
-#undef jsimd_h2v2_merged_upsample_altivec
-
-#define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-#define RGB_INDEX \
-  {  0,  1,  8,  9,  2,  3, 10, 11,  4,  5, 12, 13,  6,  7, 14, 15 }
-#define jsimd_h2v1_merged_upsample_altivec \
-  jsimd_h2v1_extrgbx_merged_upsample_altivec
-#define jsimd_h2v2_merged_upsample_altivec \
-  jsimd_h2v2_extrgbx_merged_upsample_altivec
-#include "jdmrgext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGB_INDEX
-#undef jsimd_h2v1_merged_upsample_altivec
-#undef jsimd_h2v2_merged_upsample_altivec
-
-#define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-#define RGB_INDEX0 \
-  {  8,  1,  0, 10,  3,  2, 12,  5,  4, 14,  7,  6, 24, 17, 16, 26 }
-#define RGB_INDEX1 \
-  {  3,  2, 12,  5,  4, 14,  7,  6, 24, 17, 16, 26, 19, 18, 28, 21 }
-#define RGB_INDEX2 \
-  {  4, 14,  7,  6, 24, 17, 16, 26, 19, 18, 28, 21, 20, 30, 23, 22 }
-#define jsimd_h2v1_merged_upsample_altivec \
-  jsimd_h2v1_extbgr_merged_upsample_altivec
-#define jsimd_h2v2_merged_upsample_altivec \
-  jsimd_h2v2_extbgr_merged_upsample_altivec
-#include "jdmrgext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGB_INDEX0
-#undef RGB_INDEX1
-#undef RGB_INDEX2
-#undef jsimd_h2v1_merged_upsample_altivec
-#undef jsimd_h2v2_merged_upsample_altivec
-
-#define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-#define RGB_INDEX \
-  {  8,  1,  0,  9, 10,  3,  2, 11, 12,  5,  4, 13, 14,  7,  6, 15 }
-#define jsimd_h2v1_merged_upsample_altivec \
-  jsimd_h2v1_extbgrx_merged_upsample_altivec
-#define jsimd_h2v2_merged_upsample_altivec \
-  jsimd_h2v2_extbgrx_merged_upsample_altivec
-#include "jdmrgext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGB_INDEX
-#undef jsimd_h2v1_merged_upsample_altivec
-#undef jsimd_h2v2_merged_upsample_altivec
-
-#define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-#define RGB_INDEX \
-  {  9,  8,  1,  0, 11, 10,  3,  2, 13, 12,  5,  4, 15, 14,  7,  6 }
-#define jsimd_h2v1_merged_upsample_altivec \
-  jsimd_h2v1_extxbgr_merged_upsample_altivec
-#define jsimd_h2v2_merged_upsample_altivec \
-  jsimd_h2v2_extxbgr_merged_upsample_altivec
-#include "jdmrgext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGB_INDEX
-#undef jsimd_h2v1_merged_upsample_altivec
-#undef jsimd_h2v2_merged_upsample_altivec
-
-#define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-#define RGB_INDEX \
-  {  9,  0,  1,  8, 11,  2,  3, 10, 13,  4,  5, 12, 15,  6,  7, 14 }
-#define jsimd_h2v1_merged_upsample_altivec \
-  jsimd_h2v1_extxrgb_merged_upsample_altivec
-#define jsimd_h2v2_merged_upsample_altivec \
-  jsimd_h2v2_extxrgb_merged_upsample_altivec
-#include "jdmrgext-altivec.c"
-#undef RGB_PIXELSIZE
-#undef RGB_INDEX
-#undef jsimd_h2v1_merged_upsample_altivec
-#undef jsimd_h2v2_merged_upsample_altivec
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jdmrgext-altivec.c b/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jdmrgext-altivec.c
deleted file mode 100644
index 40f02c3..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jdmrgext-altivec.c
+++ /dev/null
@@ -1,329 +0,0 @@
-/*
- * AltiVec optimizations for libjpeg-turbo
- *
- * Copyright (C) 2015, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* This file is included by jdmerge-altivec.c */
-
-
-void jsimd_h2v1_merged_upsample_altivec(JDIMENSION output_width,
-                                        JSAMPIMAGE input_buf,
-                                        JDIMENSION in_row_group_ctr,
-                                        JSAMPARRAY output_buf)
-{
-  JSAMPROW outptr, inptr0, inptr1, inptr2;
-  int pitch = output_width * RGB_PIXELSIZE, num_cols, yloop;
-#if __BIG_ENDIAN__
-  int offset;
-#endif
-  unsigned char __attribute__((aligned(16))) tmpbuf[RGB_PIXELSIZE * 16];
-
-  __vector unsigned char rgb0, rgb1, rgb2, rgbx0, rgbx1, rgbx2, rgbx3,
-    y, cb, cr;
-#if __BIG_ENDIAN__
-  __vector unsigned char edgel, edgeh, edges, out0, out1, out2, out3;
-#if RGB_PIXELSIZE == 4
-  __vector unsigned char out4;
-#endif
-#endif
-#if RGB_PIXELSIZE == 4
-  __vector unsigned char rgb3;
-#endif
-  __vector short rg0, rg1, rg2, rg3, bx0, bx1, bx2, bx3, ye, yo, cbl, cbh,
-    crl, crh, r_yl, r_yh, g_yl, g_yh, b_yl, b_yh, g_y0w, g_y1w, g_y2w, g_y3w,
-    rl, rh, gl, gh, bl, bh, re, ro, ge, go, be, bo;
-  __vector int g_y0, g_y1, g_y2, g_y3;
-
-  /* Constants
-   * NOTE: The >> 1 is to compensate for the fact that vec_madds() returns 17
-   * high-order bits, not 16.
-   */
-  __vector short pw_f0402 = { __8X(F_0_402 >> 1) },
-    pw_mf0228 = { __8X(-F_0_228 >> 1) },
-    pw_mf0344_f0285 = { __4X2(-F_0_344, F_0_285) },
-    pw_one = { __8X(1) }, pw_255 = { __8X(255) },
-    pw_cj = { __8X(CENTERJSAMPLE) };
-  __vector int pd_onehalf = { __4X(ONE_HALF) };
-  __vector unsigned char pb_zero = { __16X(0) },
-#if __BIG_ENDIAN__
-    shift_pack_index =
-      {  0,  1,  4,  5,  8,  9, 12, 13, 16, 17, 20, 21, 24, 25, 28, 29 },
-    even_index =
-      {  0, 16,  0, 18,  0, 20,  0, 22,  0, 24,  0, 26,  0, 28,  0, 30 },
-    odd_index =
-      {  0, 17,  0, 19,  0, 21,  0, 23,  0, 25,  0, 27,  0, 29,  0, 31 };
-#else
-    shift_pack_index =
-      {  2,  3,  6,  7, 10, 11, 14, 15, 18, 19, 22, 23, 26, 27, 30, 31 },
-    even_index =
-      { 16,  0, 18,  0, 20,  0, 22,  0, 24,  0, 26,  0, 28,  0, 30,  0 },
-    odd_index =
-      { 17,  0, 19,  0, 21,  0, 23,  0, 25,  0, 27,  0, 29,  0, 31,  0 };
-#endif
-
-  inptr0 = input_buf[0][in_row_group_ctr];
-  inptr1 = input_buf[1][in_row_group_ctr];
-  inptr2 = input_buf[2][in_row_group_ctr];
-  outptr = output_buf[0];
-
-  for (num_cols = pitch; num_cols > 0; inptr1 += 16, inptr2 += 16) {
-
-    cb = vec_ld(0, inptr1);
-    /* NOTE: We have to use vec_merge*() here because vec_unpack*() doesn't
-     * support unsigned vectors.
-     */
-    cbl = (__vector signed short)VEC_UNPACKHU(cb);
-    cbh = (__vector signed short)VEC_UNPACKLU(cb);
-    cbl = vec_sub(cbl, pw_cj);
-    cbh = vec_sub(cbh, pw_cj);
-
-    cr = vec_ld(0, inptr2);
-    crl = (__vector signed short)VEC_UNPACKHU(cr);
-    crh = (__vector signed short)VEC_UNPACKLU(cr);
-    crl = vec_sub(crl, pw_cj);
-    crh = vec_sub(crh, pw_cj);
-
-    /* (Original)
-     * R = Y                + 1.40200 * Cr
-     * G = Y - 0.34414 * Cb - 0.71414 * Cr
-     * B = Y + 1.77200 * Cb
-     *
-     * (This implementation)
-     * R = Y                + 0.40200 * Cr + Cr
-     * G = Y - 0.34414 * Cb + 0.28586 * Cr - Cr
-     * B = Y - 0.22800 * Cb + Cb + Cb
-     */
-    b_yl = vec_add(cbl, cbl);
-    b_yh = vec_add(cbh, cbh);
-    b_yl = vec_madds(b_yl, pw_mf0228, pw_one);
-    b_yh = vec_madds(b_yh, pw_mf0228, pw_one);
-    b_yl = vec_sra(b_yl, (__vector unsigned short)pw_one);
-    b_yh = vec_sra(b_yh, (__vector unsigned short)pw_one);
-    b_yl = vec_add(b_yl, cbl);
-    b_yh = vec_add(b_yh, cbh);
-    b_yl = vec_add(b_yl, cbl);
-    b_yh = vec_add(b_yh, cbh);
-
-    r_yl = vec_add(crl, crl);
-    r_yh = vec_add(crh, crh);
-    r_yl = vec_madds(r_yl, pw_f0402, pw_one);
-    r_yh = vec_madds(r_yh, pw_f0402, pw_one);
-    r_yl = vec_sra(r_yl, (__vector unsigned short)pw_one);
-    r_yh = vec_sra(r_yh, (__vector unsigned short)pw_one);
-    r_yl = vec_add(r_yl, crl);
-    r_yh = vec_add(r_yh, crh);
-
-    g_y0w = vec_mergeh(cbl, crl);
-    g_y1w = vec_mergel(cbl, crl);
-    g_y0 = vec_msums(g_y0w, pw_mf0344_f0285, pd_onehalf);
-    g_y1 = vec_msums(g_y1w, pw_mf0344_f0285, pd_onehalf);
-    g_y2w = vec_mergeh(cbh, crh);
-    g_y3w = vec_mergel(cbh, crh);
-    g_y2 = vec_msums(g_y2w, pw_mf0344_f0285, pd_onehalf);
-    g_y3 = vec_msums(g_y3w, pw_mf0344_f0285, pd_onehalf);
-    /* Clever way to avoid 4 shifts + 2 packs.  This packs the high word from
-     * each dword into a new 16-bit vector, which is the equivalent of
-     * descaling the 32-bit results (right-shifting by 16 bits) and then
-     * packing them.
-     */
-    g_yl = vec_perm((__vector short)g_y0, (__vector short)g_y1,
-                    shift_pack_index);
-    g_yh = vec_perm((__vector short)g_y2, (__vector short)g_y3,
-                    shift_pack_index);
-    g_yl = vec_sub(g_yl, crl);
-    g_yh = vec_sub(g_yh, crh);
-
-    for (yloop = 0; yloop < 2 && num_cols > 0; yloop++,
-         num_cols -= RGB_PIXELSIZE * 16,
-         outptr += RGB_PIXELSIZE * 16, inptr0 += 16) {
-
-      y = vec_ld(0, inptr0);
-      ye = (__vector signed short)vec_perm(pb_zero, y, even_index);
-      yo = (__vector signed short)vec_perm(pb_zero, y, odd_index);
-
-      if (yloop == 0) {
-        be = vec_add(b_yl, ye);
-        bo = vec_add(b_yl, yo);
-        re = vec_add(r_yl, ye);
-        ro = vec_add(r_yl, yo);
-        ge = vec_add(g_yl, ye);
-        go = vec_add(g_yl, yo);
-      } else {
-        be = vec_add(b_yh, ye);
-        bo = vec_add(b_yh, yo);
-        re = vec_add(r_yh, ye);
-        ro = vec_add(r_yh, yo);
-        ge = vec_add(g_yh, ye);
-        go = vec_add(g_yh, yo);
-      }
-
-      rl = vec_mergeh(re, ro);
-      rh = vec_mergel(re, ro);
-      gl = vec_mergeh(ge, go);
-      gh = vec_mergel(ge, go);
-      bl = vec_mergeh(be, bo);
-      bh = vec_mergel(be, bo);
-
-      rg0 = vec_mergeh(rl, gl);
-      bx0 = vec_mergeh(bl, pw_255);
-      rg1 = vec_mergel(rl, gl);
-      bx1 = vec_mergel(bl, pw_255);
-      rg2 = vec_mergeh(rh, gh);
-      bx2 = vec_mergeh(bh, pw_255);
-      rg3 = vec_mergel(rh, gh);
-      bx3 = vec_mergel(bh, pw_255);
-
-      rgbx0 = vec_packsu(rg0, bx0);
-      rgbx1 = vec_packsu(rg1, bx1);
-      rgbx2 = vec_packsu(rg2, bx2);
-      rgbx3 = vec_packsu(rg3, bx3);
-
-#if RGB_PIXELSIZE == 3
-      /* rgbx0 = R0 G0 R1 G1 R2 G2 R3 G3 B0 X0 B1 X1 B2 X2 B3 X3
-       * rgbx1 = R4 G4 R5 G5 R6 G6 R7 G7 B4 X4 B5 X5 B6 X6 B7 X7
-       * rgbx2 = R8 G8 R9 G9 Ra Ga Rb Gb B8 X8 B9 X9 Ba Xa Bb Xb
-       * rgbx3 = Rc Gc Rd Gd Re Ge Rf Gf Bc Xc Bd Xd Be Xe Bf Xf
-       *
-       * rgb0 = R0 G0 B0 R1 G1 B1 R2 G2 B2 R3 G3 B3 R4 G4 B4 R5
-       * rgb1 = G5 B5 R6 G6 B6 R7 G7 B7 R8 G8 B8 R9 G9 B9 Ra Ga
-       * rgb2 = Ba Rb Gb Bb Rc Gc Bc Rd Gd Bd Re Ge Be Rf Gf Bf
-       */
-      rgb0 = vec_perm(rgbx0, rgbx1, (__vector unsigned char)RGB_INDEX0);
-      rgb1 = vec_perm(rgbx1, rgbx2, (__vector unsigned char)RGB_INDEX1);
-      rgb2 = vec_perm(rgbx2, rgbx3, (__vector unsigned char)RGB_INDEX2);
-#else
-      /* rgbx0 = R0 G0 R1 G1 R2 G2 R3 G3 B0 X0 B1 X1 B2 X2 B3 X3
-       * rgbx1 = R4 G4 R5 G5 R6 G6 R7 G7 B4 X4 B5 X5 B6 X6 B7 X7
-       * rgbx2 = R8 G8 R9 G9 Ra Ga Rb Gb B8 X8 B9 X9 Ba Xa Bb Xb
-       * rgbx3 = Rc Gc Rd Gd Re Ge Rf Gf Bc Xc Bd Xd Be Xe Bf Xf
-       *
-       * rgb0 = R0 G0 B0 X0 R1 G1 B1 X1 R2 G2 B2 X2 R3 G3 B3 X3
-       * rgb1 = R4 G4 B4 X4 R5 G5 B5 X5 R6 G6 B6 X6 R7 G7 B7 X7
-       * rgb2 = R8 G8 B8 X8 R9 G9 B9 X9 Ra Ga Ba Xa Rb Gb Bb Xb
-       * rgb3 = Rc Gc Bc Xc Rd Gd Bd Xd Re Ge Be Xe Rf Gf Bf Xf
-       */
-      rgb0 = vec_perm(rgbx0, rgbx0, (__vector unsigned char)RGB_INDEX);
-      rgb1 = vec_perm(rgbx1, rgbx1, (__vector unsigned char)RGB_INDEX);
-      rgb2 = vec_perm(rgbx2, rgbx2, (__vector unsigned char)RGB_INDEX);
-      rgb3 = vec_perm(rgbx3, rgbx3, (__vector unsigned char)RGB_INDEX);
-#endif
-
-#if __BIG_ENDIAN__
-      offset = (size_t)outptr & 15;
-      if (offset) {
-        __vector unsigned char unaligned_shift_index;
-        int bytes = num_cols + offset;
-
-        if (bytes < (RGB_PIXELSIZE + 1) * 16 && (bytes & 15)) {
-          /* Slow path to prevent buffer overwrite.  Since there is no way to
-           * write a partial AltiVec register, overwrite would occur on the
-           * last chunk of the last image row if the right edge is not on a
-           * 16-byte boundary.  It could also occur on other rows if the bytes
-           * per row is low enough.  Since we can't determine whether we're on
-           * the last image row, we have to assume every row is the last.
-           */
-          vec_st(rgb0, 0, tmpbuf);
-          vec_st(rgb1, 16, tmpbuf);
-          vec_st(rgb2, 32, tmpbuf);
-#if RGB_PIXELSIZE == 4
-          vec_st(rgb3, 48, tmpbuf);
-#endif
-          memcpy(outptr, tmpbuf, min(num_cols, RGB_PIXELSIZE * 16));
-        } else {
-          /* Fast path */
-          unaligned_shift_index = vec_lvsl(0, outptr);
-          edgel = vec_ld(0, outptr);
-          edgeh = vec_ld(min(num_cols - 1, RGB_PIXELSIZE * 16), outptr);
-          edges = vec_perm(edgeh, edgel, unaligned_shift_index);
-          unaligned_shift_index = vec_lvsr(0, outptr);
-          out0 = vec_perm(edges, rgb0, unaligned_shift_index);
-          out1 = vec_perm(rgb0, rgb1, unaligned_shift_index);
-          out2 = vec_perm(rgb1, rgb2, unaligned_shift_index);
-#if RGB_PIXELSIZE == 4
-          out3 = vec_perm(rgb2, rgb3, unaligned_shift_index);
-          out4 = vec_perm(rgb3, edges, unaligned_shift_index);
-#else
-          out3 = vec_perm(rgb2, edges, unaligned_shift_index);
-#endif
-          vec_st(out0, 0, outptr);
-          if (bytes > 16)
-            vec_st(out1, 16, outptr);
-          if (bytes > 32)
-            vec_st(out2, 32, outptr);
-          if (bytes > 48)
-            vec_st(out3, 48, outptr);
-#if RGB_PIXELSIZE == 4
-          if (bytes > 64)
-            vec_st(out4, 64, outptr);
-#endif
-        }
-      } else {
-#endif /* __BIG_ENDIAN__ */
-        if (num_cols < RGB_PIXELSIZE * 16 && (num_cols & 15)) {
-          /* Slow path */
-          VEC_ST(rgb0, 0, tmpbuf);
-          VEC_ST(rgb1, 16, tmpbuf);
-          VEC_ST(rgb2, 32, tmpbuf);
-#if RGB_PIXELSIZE == 4
-          VEC_ST(rgb3, 48, tmpbuf);
-#endif
-          memcpy(outptr, tmpbuf, min(num_cols, RGB_PIXELSIZE * 16));
-        } else {
-          /* Fast path */
-          VEC_ST(rgb0, 0, outptr);
-          if (num_cols > 16)
-            VEC_ST(rgb1, 16, outptr);
-          if (num_cols > 32)
-            VEC_ST(rgb2, 32, outptr);
-#if RGB_PIXELSIZE == 4
-          if (num_cols > 48)
-            VEC_ST(rgb3, 48, outptr);
-#endif
-        }
-#if __BIG_ENDIAN__
-      }
-#endif
-    }
-  }
-}
-
-
-void jsimd_h2v2_merged_upsample_altivec(JDIMENSION output_width,
-                                        JSAMPIMAGE input_buf,
-                                        JDIMENSION in_row_group_ctr,
-                                        JSAMPARRAY output_buf)
-{
-  JSAMPROW inptr, outptr;
-
-  inptr = input_buf[0][in_row_group_ctr];
-  outptr = output_buf[0];
-
-  input_buf[0][in_row_group_ctr] = input_buf[0][in_row_group_ctr * 2];
-  jsimd_h2v1_merged_upsample_altivec(output_width, input_buf, in_row_group_ctr,
-                                     output_buf);
-
-  input_buf[0][in_row_group_ctr] = input_buf[0][in_row_group_ctr * 2 + 1];
-  output_buf[0] = output_buf[1];
-  jsimd_h2v1_merged_upsample_altivec(output_width, input_buf, in_row_group_ctr,
-                                     output_buf);
-
-  input_buf[0][in_row_group_ctr] = inptr;
-  output_buf[0] = outptr;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jdsample-altivec.c b/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jdsample-altivec.c
deleted file mode 100644
index 04df0cf..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jdsample-altivec.c
+++ /dev/null
@@ -1,400 +0,0 @@
-/*
- * AltiVec optimizations for libjpeg-turbo
- *
- * Copyright (C) 2015, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* CHROMA UPSAMPLING */
-
-#include "jsimd_altivec.h"
-
-
-void jsimd_h2v1_fancy_upsample_altivec(int max_v_samp_factor,
-                                       JDIMENSION downsampled_width,
-                                       JSAMPARRAY input_data,
-                                       JSAMPARRAY *output_data_ptr)
-{
-  JSAMPARRAY output_data = *output_data_ptr;
-  JSAMPROW inptr, outptr;
-  int inrow, incol;
-
-  __vector unsigned char this0, last0, p_last0, next0 = { 0 }, p_next0,
-    out;
-  __vector short this0e, this0o, this0l, this0h, last0l, last0h,
-    next0l, next0h, outle, outhe, outlo, outho;
-
-  /* Constants */
-  __vector unsigned char pb_zero = { __16X(0) }, pb_three = { __16X(3) },
-    last_index_col0 =
-      {  0,  0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14 },
-    last_index =
-      { 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30 },
-    next_index =
-      {  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15, 16 },
-    next_index_lastcol =
-      {  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15, 15 },
-#if __BIG_ENDIAN__
-    merge_pack_index =
-      {  1, 17,  3, 19,  5, 21,  7, 23,  9, 25, 11, 27, 13, 29, 15, 31 };
-#else
-    merge_pack_index =
-      {  0, 16,  2, 18,  4, 20,  6, 22,  8, 24, 10, 26, 12, 28, 14, 30 };
-#endif
-  __vector short pw_one = { __8X(1) }, pw_two = { __8X(2) };
-
-  for (inrow = 0; inrow < max_v_samp_factor; inrow++) {
-    inptr = input_data[inrow];
-    outptr = output_data[inrow];
-
-    if (downsampled_width & 15)
-      inptr[downsampled_width] = inptr[downsampled_width - 1];
-
-    this0 = vec_ld(0, inptr);
-    p_last0 = vec_perm(this0, this0, last_index_col0);
-    last0 = this0;
-
-    for (incol = downsampled_width; incol > 0;
-         incol -= 16, inptr += 16, outptr += 32) {
-
-      if (downsampled_width - incol > 0) {
-        p_last0 = vec_perm(last0, this0, last_index);
-        last0 = this0;
-      }
-
-      if (incol <= 16)
-        p_next0 = vec_perm(this0, this0, next_index_lastcol);
-      else {
-        next0 = vec_ld(16, inptr);
-        p_next0 = vec_perm(this0, next0, next_index);
-      }
-
-      this0e = (__vector short)vec_mule(this0, pb_three);
-      this0o = (__vector short)vec_mulo(this0, pb_three);
-      this0l = vec_mergeh(this0e, this0o);
-      this0h = vec_mergel(this0e, this0o);
-
-      last0l = (__vector short)VEC_UNPACKHU(p_last0);
-      last0h = (__vector short)VEC_UNPACKLU(p_last0);
-      last0l = vec_add(last0l, pw_one);
-
-      next0l = (__vector short)VEC_UNPACKHU(p_next0);
-      next0h = (__vector short)VEC_UNPACKLU(p_next0);
-      next0l = vec_add(next0l, pw_two);
-
-      outle = vec_add(this0l, last0l);
-      outlo = vec_add(this0l, next0l);
-      outle = vec_sr(outle, (__vector unsigned short)pw_two);
-      outlo = vec_sr(outlo, (__vector unsigned short)pw_two);
-
-      out = vec_perm((__vector unsigned char)outle,
-                     (__vector unsigned char)outlo, merge_pack_index);
-      vec_st(out, 0, outptr);
-
-      if (incol > 8) {
-        last0h = vec_add(last0h, pw_one);
-        next0h = vec_add(next0h, pw_two);
-
-        outhe = vec_add(this0h, last0h);
-        outho = vec_add(this0h, next0h);
-        outhe = vec_sr(outhe, (__vector unsigned short)pw_two);
-        outho = vec_sr(outho, (__vector unsigned short)pw_two);
-
-        out = vec_perm((__vector unsigned char)outhe,
-                       (__vector unsigned char)outho, merge_pack_index);
-        vec_st(out, 16, outptr);
-      }
-
-      this0 = next0;
-    }
-  }
-}
-
-
-void jsimd_h2v2_fancy_upsample_altivec(int max_v_samp_factor,
-                                       JDIMENSION downsampled_width,
-                                       JSAMPARRAY input_data,
-                                       JSAMPARRAY *output_data_ptr)
-{
-  JSAMPARRAY output_data = *output_data_ptr;
-  JSAMPROW inptr_1, inptr0, inptr1, outptr0, outptr1;
-  int inrow, outrow, incol;
-
-  __vector unsigned char this_1, this0, this1, out;
-  __vector short this_1l, this_1h, this0l, this0h, this1l, this1h,
-    lastcolsum_1h, lastcolsum1h,
-    p_lastcolsum_1l, p_lastcolsum_1h, p_lastcolsum1l, p_lastcolsum1h,
-    thiscolsum_1l, thiscolsum_1h, thiscolsum1l, thiscolsum1h,
-    nextcolsum_1l = { 0 }, nextcolsum_1h = { 0 },
-    nextcolsum1l = { 0 }, nextcolsum1h = { 0 },
-    p_nextcolsum_1l, p_nextcolsum_1h, p_nextcolsum1l, p_nextcolsum1h,
-    tmpl, tmph, outle, outhe, outlo, outho;
-
-  /* Constants */
-  __vector unsigned char pb_zero = { __16X(0) },
-    last_index_col0 =
-      {  0,  1,  0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13 },
-    last_index =
-      { 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29 },
-    next_index =
-      {  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15, 16, 17 },
-    next_index_lastcol =
-      {  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15, 14, 15 },
-#if __BIG_ENDIAN__
-    merge_pack_index =
-      {  1, 17,  3, 19,  5, 21,  7, 23,  9, 25, 11, 27, 13, 29, 15, 31 };
-#else
-    merge_pack_index =
-      {  0, 16,  2, 18,  4, 20,  6, 22,  8, 24, 10, 26, 12, 28, 14, 30 };
-#endif
-  __vector short pw_zero = { __8X(0) }, pw_three = { __8X(3) },
-    pw_seven = { __8X(7) }, pw_eight = { __8X(8) };
-  __vector unsigned short pw_four = { __8X(4) };
-
-  for (inrow = 0, outrow = 0; outrow < max_v_samp_factor; inrow++) {
-
-    inptr_1 = input_data[inrow - 1];
-    inptr0 = input_data[inrow];
-    inptr1 = input_data[inrow + 1];
-    outptr0 = output_data[outrow++];
-    outptr1 = output_data[outrow++];
-
-    if (downsampled_width & 15) {
-      inptr_1[downsampled_width] = inptr_1[downsampled_width - 1];
-      inptr0[downsampled_width] = inptr0[downsampled_width - 1];
-      inptr1[downsampled_width] = inptr1[downsampled_width - 1];
-    }
-
-    this0 = vec_ld(0, inptr0);
-    this0l = (__vector short)VEC_UNPACKHU(this0);
-    this0h = (__vector short)VEC_UNPACKLU(this0);
-    this0l = vec_mladd(this0l, pw_three, pw_zero);
-    this0h = vec_mladd(this0h, pw_three, pw_zero);
-
-    this_1 = vec_ld(0, inptr_1);
-    this_1l = (__vector short)VEC_UNPACKHU(this_1);
-    this_1h = (__vector short)VEC_UNPACKLU(this_1);
-    thiscolsum_1l = vec_add(this0l, this_1l);
-    thiscolsum_1h = vec_add(this0h, this_1h);
-    lastcolsum_1h = thiscolsum_1h;
-    p_lastcolsum_1l = vec_perm(thiscolsum_1l, thiscolsum_1l, last_index_col0);
-    p_lastcolsum_1h = vec_perm(thiscolsum_1l, thiscolsum_1h, last_index);
-
-    this1 = vec_ld(0, inptr1);
-    this1l = (__vector short)VEC_UNPACKHU(this1);
-    this1h = (__vector short)VEC_UNPACKLU(this1);
-    thiscolsum1l = vec_add(this0l, this1l);
-    thiscolsum1h = vec_add(this0h, this1h);
-    lastcolsum1h = thiscolsum1h;
-    p_lastcolsum1l = vec_perm(thiscolsum1l, thiscolsum1l, last_index_col0);
-    p_lastcolsum1h = vec_perm(thiscolsum1l, thiscolsum1h, last_index);
-
-    for (incol = downsampled_width; incol > 0;
-         incol -= 16, inptr_1 += 16, inptr0 += 16, inptr1 += 16,
-         outptr0 += 32, outptr1 += 32) {
-
-      if (downsampled_width - incol > 0) {
-        p_lastcolsum_1l = vec_perm(lastcolsum_1h, thiscolsum_1l, last_index);
-        p_lastcolsum_1h = vec_perm(thiscolsum_1l, thiscolsum_1h, last_index);
-        p_lastcolsum1l = vec_perm(lastcolsum1h, thiscolsum1l, last_index);
-        p_lastcolsum1h = vec_perm(thiscolsum1l, thiscolsum1h, last_index);
-        lastcolsum_1h = thiscolsum_1h;  lastcolsum1h = thiscolsum1h;
-      }
-
-      if (incol <= 16) {
-        p_nextcolsum_1l = vec_perm(thiscolsum_1l, thiscolsum_1h, next_index);
-        p_nextcolsum_1h = vec_perm(thiscolsum_1h, thiscolsum_1h,
-                                   next_index_lastcol);
-        p_nextcolsum1l = vec_perm(thiscolsum1l, thiscolsum1h, next_index);
-        p_nextcolsum1h = vec_perm(thiscolsum1h, thiscolsum1h,
-                                  next_index_lastcol);
-      } else {
-        this0 = vec_ld(16, inptr0);
-        this0l = (__vector short)VEC_UNPACKHU(this0);
-        this0h = (__vector short)VEC_UNPACKLU(this0);
-        this0l = vec_mladd(this0l, pw_three, pw_zero);
-        this0h = vec_mladd(this0h, pw_three, pw_zero);
-
-        this_1 = vec_ld(16, inptr_1);
-        this_1l = (__vector short)VEC_UNPACKHU(this_1);
-        this_1h = (__vector short)VEC_UNPACKLU(this_1);
-        nextcolsum_1l = vec_add(this0l, this_1l);
-        nextcolsum_1h = vec_add(this0h, this_1h);
-        p_nextcolsum_1l = vec_perm(thiscolsum_1l, thiscolsum_1h, next_index);
-        p_nextcolsum_1h = vec_perm(thiscolsum_1h, nextcolsum_1l, next_index);
-
-        this1 = vec_ld(16, inptr1);
-        this1l = (__vector short)VEC_UNPACKHU(this1);
-        this1h = (__vector short)VEC_UNPACKLU(this1);
-        nextcolsum1l = vec_add(this0l, this1l);
-        nextcolsum1h = vec_add(this0h, this1h);
-        p_nextcolsum1l = vec_perm(thiscolsum1l, thiscolsum1h, next_index);
-        p_nextcolsum1h = vec_perm(thiscolsum1h, nextcolsum1l, next_index);
-      }
-
-      /* Process the upper row */
-
-      tmpl = vec_mladd(thiscolsum_1l, pw_three, pw_zero);
-      outle = vec_add(tmpl, p_lastcolsum_1l);
-      outle = vec_add(outle, pw_eight);
-      outle = vec_sr(outle, pw_four);
-
-      outlo = vec_add(tmpl, p_nextcolsum_1l);
-      outlo = vec_add(outlo, pw_seven);
-      outlo = vec_sr(outlo, pw_four);
-
-      out = vec_perm((__vector unsigned char)outle,
-                     (__vector unsigned char)outlo, merge_pack_index);
-      vec_st(out, 0, outptr0);
-
-      if (incol > 8) {
-        tmph = vec_mladd(thiscolsum_1h, pw_three, pw_zero);
-        outhe = vec_add(tmph, p_lastcolsum_1h);
-        outhe = vec_add(outhe, pw_eight);
-        outhe = vec_sr(outhe, pw_four);
-
-        outho = vec_add(tmph, p_nextcolsum_1h);
-        outho = vec_add(outho, pw_seven);
-        outho = vec_sr(outho, pw_four);
-
-        out = vec_perm((__vector unsigned char)outhe,
-                       (__vector unsigned char)outho, merge_pack_index);
-        vec_st(out, 16, outptr0);
-      }
-
-      /* Process the lower row */
-
-      tmpl = vec_mladd(thiscolsum1l, pw_three, pw_zero);
-      outle = vec_add(tmpl, p_lastcolsum1l);
-      outle = vec_add(outle, pw_eight);
-      outle = vec_sr(outle, pw_four);
-
-      outlo = vec_add(tmpl, p_nextcolsum1l);
-      outlo = vec_add(outlo, pw_seven);
-      outlo = vec_sr(outlo, pw_four);
-
-      out = vec_perm((__vector unsigned char)outle,
-                     (__vector unsigned char)outlo, merge_pack_index);
-      vec_st(out, 0, outptr1);
-
-      if (incol > 8) {
-        tmph = vec_mladd(thiscolsum1h, pw_three, pw_zero);
-        outhe = vec_add(tmph, p_lastcolsum1h);
-        outhe = vec_add(outhe, pw_eight);
-        outhe = vec_sr(outhe, pw_four);
-
-        outho = vec_add(tmph, p_nextcolsum1h);
-        outho = vec_add(outho, pw_seven);
-        outho = vec_sr(outho, pw_four);
-
-        out = vec_perm((__vector unsigned char)outhe,
-                       (__vector unsigned char)outho, merge_pack_index);
-        vec_st(out, 16, outptr1);
-      }
-
-      thiscolsum_1l = nextcolsum_1l;  thiscolsum_1h = nextcolsum_1h;
-      thiscolsum1l = nextcolsum1l;  thiscolsum1h = nextcolsum1h;
-    }
-  }
-}
-
-
-/* These are rarely used (mainly just for decompressing YCCK images) */
-
-void jsimd_h2v1_upsample_altivec(int max_v_samp_factor,
-                                 JDIMENSION output_width,
-                                 JSAMPARRAY input_data,
-                                 JSAMPARRAY *output_data_ptr)
-{
-  JSAMPARRAY output_data = *output_data_ptr;
-  JSAMPROW inptr, outptr;
-  int inrow, incol;
-
-  __vector unsigned char in, inl, inh;
-
-  for (inrow = 0; inrow < max_v_samp_factor; inrow++) {
-    inptr = input_data[inrow];
-    outptr = output_data[inrow];
-
-    for (incol = (output_width + 31) & (~31); incol > 0;
-         incol -= 64, inptr += 32, outptr += 64) {
-
-      in = vec_ld(0, inptr);
-      inl = vec_mergeh(in, in);
-      inh = vec_mergel(in, in);
-
-      vec_st(inl, 0, outptr);
-      vec_st(inh, 16, outptr);
-
-      if (incol > 32) {
-        in = vec_ld(16, inptr);
-        inl = vec_mergeh(in, in);
-        inh = vec_mergel(in, in);
-
-        vec_st(inl, 32, outptr);
-        vec_st(inh, 48, outptr);
-      }
-    }
-  }
-}
-
-
-void jsimd_h2v2_upsample_altivec(int max_v_samp_factor,
-                                 JDIMENSION output_width,
-                                 JSAMPARRAY input_data,
-                                 JSAMPARRAY *output_data_ptr)
-{
-  JSAMPARRAY output_data = *output_data_ptr;
-  JSAMPROW inptr, outptr0, outptr1;
-  int inrow, outrow, incol;
-
-  __vector unsigned char in, inl, inh;
-
-  for (inrow = 0, outrow = 0; outrow < max_v_samp_factor; inrow++) {
-
-    inptr = input_data[inrow];
-    outptr0 = output_data[outrow++];
-    outptr1 = output_data[outrow++];
-
-    for (incol = (output_width + 31) & (~31); incol > 0;
-         incol -= 64, inptr += 32, outptr0 += 64, outptr1 += 64) {
-
-      in = vec_ld(0, inptr);
-      inl = vec_mergeh(in, in);
-      inh = vec_mergel(in, in);
-
-      vec_st(inl, 0, outptr0);
-      vec_st(inl, 0, outptr1);
-
-      vec_st(inh, 16, outptr0);
-      vec_st(inh, 16, outptr1);
-
-      if (incol > 32) {
-        in = vec_ld(16, inptr);
-        inl = vec_mergeh(in, in);
-        inh = vec_mergel(in, in);
-
-        vec_st(inl, 32, outptr0);
-        vec_st(inl, 32, outptr1);
-
-        vec_st(inh, 48, outptr0);
-        vec_st(inh, 48, outptr1);
-      }
-    }
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jfdctfst-altivec.c b/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jfdctfst-altivec.c
deleted file mode 100644
index ad9af81..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jfdctfst-altivec.c
+++ /dev/null
@@ -1,154 +0,0 @@
-/*
- * AltiVec optimizations for libjpeg-turbo
- *
- * Copyright (C) 2014, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* FAST INTEGER FORWARD DCT
- *
- * This is similar to the SSE2 implementation, except that we left-shift the
- * constants by 1 less bit (the -1 in CONST_SHIFT.)  This is because
- * vec_madds(arg1, arg2, arg3) generates the 16-bit saturated sum of:
- *   the elements in arg3 + the most significant 17 bits of
- *     (the elements in arg1 * the elements in arg2).
- */
-
-#include "jsimd_altivec.h"
-
-
-#define F_0_382  98   /* FIX(0.382683433) */
-#define F_0_541  139  /* FIX(0.541196100) */
-#define F_0_707  181  /* FIX(0.707106781) */
-#define F_1_306  334  /* FIX(1.306562965) */
-
-#define CONST_BITS  8
-#define PRE_MULTIPLY_SCALE_BITS  2
-#define CONST_SHIFT  (16 - PRE_MULTIPLY_SCALE_BITS - CONST_BITS - 1)
-
-
-#define DO_FDCT() { \
-  /* Even part */ \
-  \
-  tmp10 = vec_add(tmp0, tmp3); \
-  tmp13 = vec_sub(tmp0, tmp3); \
-  tmp11 = vec_add(tmp1, tmp2); \
-  tmp12 = vec_sub(tmp1, tmp2); \
-  \
-  out0  = vec_add(tmp10, tmp11); \
-  out4  = vec_sub(tmp10, tmp11); \
-  \
-  z1 = vec_add(tmp12, tmp13); \
-  z1 = vec_sl(z1, pre_multiply_scale_bits); \
-  z1 = vec_madds(z1, pw_0707, pw_zero); \
-  \
-  out2 = vec_add(tmp13, z1); \
-  out6 = vec_sub(tmp13, z1); \
-  \
-  /* Odd part */ \
-  \
-  tmp10 = vec_add(tmp4, tmp5); \
-  tmp11 = vec_add(tmp5, tmp6); \
-  tmp12 = vec_add(tmp6, tmp7); \
-  \
-  tmp10 = vec_sl(tmp10, pre_multiply_scale_bits); \
-  tmp12 = vec_sl(tmp12, pre_multiply_scale_bits); \
-  z5 = vec_sub(tmp10, tmp12); \
-  z5 = vec_madds(z5, pw_0382, pw_zero); \
-  \
-  z2 = vec_madds(tmp10, pw_0541, z5); \
-  z4 = vec_madds(tmp12, pw_1306, z5); \
-  \
-  tmp11 = vec_sl(tmp11, pre_multiply_scale_bits); \
-  z3 = vec_madds(tmp11, pw_0707, pw_zero); \
-  \
-  z11 = vec_add(tmp7, z3); \
-  z13 = vec_sub(tmp7, z3); \
-  \
-  out5 = vec_add(z13, z2); \
-  out3 = vec_sub(z13, z2); \
-  out1 = vec_add(z11, z4); \
-  out7 = vec_sub(z11, z4); \
-}
-
-
-void jsimd_fdct_ifast_altivec(DCTELEM *data)
-{
-  __vector short row0, row1, row2, row3, row4, row5, row6, row7,
-    col0, col1, col2, col3, col4, col5, col6, col7,
-    tmp0, tmp1, tmp2, tmp3, tmp4, tmp5, tmp6, tmp7, tmp10, tmp11, tmp12, tmp13,
-    z1, z2, z3, z4, z5, z11, z13,
-    out0, out1, out2, out3, out4, out5, out6, out7;
-
-  /* Constants */
-  __vector short pw_zero = { __8X(0) },
-    pw_0382 = { __8X(F_0_382 << CONST_SHIFT) },
-    pw_0541 = { __8X(F_0_541 << CONST_SHIFT) },
-    pw_0707 = { __8X(F_0_707 << CONST_SHIFT) },
-    pw_1306 = { __8X(F_1_306 << CONST_SHIFT) };
-  __vector unsigned short
-    pre_multiply_scale_bits = { __8X(PRE_MULTIPLY_SCALE_BITS) };
-
-  /* Pass 1: process rows */
-
-  row0 = vec_ld(0, data);
-  row1 = vec_ld(16, data);
-  row2 = vec_ld(32, data);
-  row3 = vec_ld(48, data);
-  row4 = vec_ld(64, data);
-  row5 = vec_ld(80, data);
-  row6 = vec_ld(96, data);
-  row7 = vec_ld(112, data);
-
-  TRANSPOSE(row, col);
-
-  tmp0 = vec_add(col0, col7);
-  tmp7 = vec_sub(col0, col7);
-  tmp1 = vec_add(col1, col6);
-  tmp6 = vec_sub(col1, col6);
-  tmp2 = vec_add(col2, col5);
-  tmp5 = vec_sub(col2, col5);
-  tmp3 = vec_add(col3, col4);
-  tmp4 = vec_sub(col3, col4);
-
-  DO_FDCT();
-
-  /* Pass 2: process columns */
-
-  TRANSPOSE(out, row);
-
-  tmp0 = vec_add(row0, row7);
-  tmp7 = vec_sub(row0, row7);
-  tmp1 = vec_add(row1, row6);
-  tmp6 = vec_sub(row1, row6);
-  tmp2 = vec_add(row2, row5);
-  tmp5 = vec_sub(row2, row5);
-  tmp3 = vec_add(row3, row4);
-  tmp4 = vec_sub(row3, row4);
-
-  DO_FDCT();
-
-  vec_st(out0, 0, data);
-  vec_st(out1, 16, data);
-  vec_st(out2, 32, data);
-  vec_st(out3, 48, data);
-  vec_st(out4, 64, data);
-  vec_st(out5, 80, data);
-  vec_st(out6, 96, data);
-  vec_st(out7, 112, data);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jfdctint-altivec.c b/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jfdctint-altivec.c
deleted file mode 100644
index 3d4f017..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jfdctint-altivec.c
+++ /dev/null
@@ -1,258 +0,0 @@
-/*
- * AltiVec optimizations for libjpeg-turbo
- *
- * Copyright (C) 2014, 2020, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* ACCURATE INTEGER FORWARD DCT */
-
-#include "jsimd_altivec.h"
-
-
-#define F_0_298  2446   /* FIX(0.298631336) */
-#define F_0_390  3196   /* FIX(0.390180644) */
-#define F_0_541  4433   /* FIX(0.541196100) */
-#define F_0_765  6270   /* FIX(0.765366865) */
-#define F_0_899  7373   /* FIX(0.899976223) */
-#define F_1_175  9633   /* FIX(1.175875602) */
-#define F_1_501  12299  /* FIX(1.501321110) */
-#define F_1_847  15137  /* FIX(1.847759065) */
-#define F_1_961  16069  /* FIX(1.961570560) */
-#define F_2_053  16819  /* FIX(2.053119869) */
-#define F_2_562  20995  /* FIX(2.562915447) */
-#define F_3_072  25172  /* FIX(3.072711026) */
-
-#define CONST_BITS  13
-#define PASS1_BITS  2
-#define DESCALE_P1  (CONST_BITS - PASS1_BITS)
-#define DESCALE_P2  (CONST_BITS + PASS1_BITS)
-
-
-#define DO_FDCT_COMMON(PASS) { \
-  /* (Original) \
-   * z1 = (tmp12 + tmp13) * 0.541196100; \
-   * data2 = z1 + tmp13 * 0.765366865; \
-   * data6 = z1 + tmp12 * -1.847759065; \
-   * \
-   * (This implementation) \
-   * data2 = tmp13 * (0.541196100 + 0.765366865) + tmp12 * 0.541196100; \
-   * data6 = tmp13 * 0.541196100 + tmp12 * (0.541196100 - 1.847759065); \
-   */ \
-  \
-  tmp1312l = vec_mergeh(tmp13, tmp12); \
-  tmp1312h = vec_mergel(tmp13, tmp12); \
-  \
-  out2l = vec_msums(tmp1312l, pw_f130_f054, pd_descale_p##PASS); \
-  out2h = vec_msums(tmp1312h, pw_f130_f054, pd_descale_p##PASS); \
-  out6l = vec_msums(tmp1312l, pw_f054_mf130, pd_descale_p##PASS); \
-  out6h = vec_msums(tmp1312h, pw_f054_mf130, pd_descale_p##PASS); \
-  \
-  out2l = vec_sra(out2l, descale_p##PASS); \
-  out2h = vec_sra(out2h, descale_p##PASS); \
-  out6l = vec_sra(out6l, descale_p##PASS); \
-  out6h = vec_sra(out6h, descale_p##PASS); \
-  \
-  out2 = vec_pack(out2l, out2h); \
-  out6 = vec_pack(out6l, out6h); \
-  \
-  /* Odd part */ \
-  \
-  z3 = vec_add(tmp4, tmp6); \
-  z4 = vec_add(tmp5, tmp7); \
-  \
-  /* (Original) \
-   * z5 = (z3 + z4) * 1.175875602; \
-   * z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644; \
-   * z3 += z5;  z4 += z5; \
-   * \
-   * (This implementation) \
-   * z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602; \
-   * z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644); \
-   */ \
-  \
-  z34l = vec_mergeh(z3, z4); \
-  z34h = vec_mergel(z3, z4); \
-  \
-  z3l = vec_msums(z34l, pw_mf078_f117, pd_descale_p##PASS); \
-  z3h = vec_msums(z34h, pw_mf078_f117, pd_descale_p##PASS); \
-  z4l = vec_msums(z34l, pw_f117_f078, pd_descale_p##PASS); \
-  z4h = vec_msums(z34h, pw_f117_f078, pd_descale_p##PASS); \
-  \
-  /* (Original) \
-   * z1 = tmp4 + tmp7;  z2 = tmp5 + tmp6; \
-   * tmp4 = tmp4 * 0.298631336;  tmp5 = tmp5 * 2.053119869; \
-   * tmp6 = tmp6 * 3.072711026;  tmp7 = tmp7 * 1.501321110; \
-   * z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447; \
-   * data7 = tmp4 + z1 + z3;  data5 = tmp5 + z2 + z4; \
-   * data3 = tmp6 + z2 + z3;  data1 = tmp7 + z1 + z4; \
-   * \
-   * (This implementation) \
-   * tmp4 = tmp4 * (0.298631336 - 0.899976223) + tmp7 * -0.899976223; \
-   * tmp5 = tmp5 * (2.053119869 - 2.562915447) + tmp6 * -2.562915447; \
-   * tmp6 = tmp5 * -2.562915447 + tmp6 * (3.072711026 - 2.562915447); \
-   * tmp7 = tmp4 * -0.899976223 + tmp7 * (1.501321110 - 0.899976223); \
-   * data7 = tmp4 + z3;  data5 = tmp5 + z4; \
-   * data3 = tmp6 + z3;  data1 = tmp7 + z4; \
-   */ \
-  \
-  tmp47l = vec_mergeh(tmp4, tmp7); \
-  tmp47h = vec_mergel(tmp4, tmp7); \
-  \
-  out7l = vec_msums(tmp47l, pw_mf060_mf089, z3l); \
-  out7h = vec_msums(tmp47h, pw_mf060_mf089, z3h); \
-  out1l = vec_msums(tmp47l, pw_mf089_f060, z4l); \
-  out1h = vec_msums(tmp47h, pw_mf089_f060, z4h); \
-  \
-  out7l = vec_sra(out7l, descale_p##PASS); \
-  out7h = vec_sra(out7h, descale_p##PASS); \
-  out1l = vec_sra(out1l, descale_p##PASS); \
-  out1h = vec_sra(out1h, descale_p##PASS); \
-  \
-  out7 = vec_pack(out7l, out7h); \
-  out1 = vec_pack(out1l, out1h); \
-  \
-  tmp56l = vec_mergeh(tmp5, tmp6); \
-  tmp56h = vec_mergel(tmp5, tmp6); \
-  \
-  out5l = vec_msums(tmp56l, pw_mf050_mf256, z4l); \
-  out5h = vec_msums(tmp56h, pw_mf050_mf256, z4h); \
-  out3l = vec_msums(tmp56l, pw_mf256_f050, z3l); \
-  out3h = vec_msums(tmp56h, pw_mf256_f050, z3h); \
-  \
-  out5l = vec_sra(out5l, descale_p##PASS); \
-  out5h = vec_sra(out5h, descale_p##PASS); \
-  out3l = vec_sra(out3l, descale_p##PASS); \
-  out3h = vec_sra(out3h, descale_p##PASS); \
-  \
-  out5 = vec_pack(out5l, out5h); \
-  out3 = vec_pack(out3l, out3h); \
-}
-
-#define DO_FDCT_PASS1() { \
-  /* Even part */ \
-  \
-  tmp10 = vec_add(tmp0, tmp3); \
-  tmp13 = vec_sub(tmp0, tmp3); \
-  tmp11 = vec_add(tmp1, tmp2); \
-  tmp12 = vec_sub(tmp1, tmp2); \
-  \
-  out0  = vec_add(tmp10, tmp11); \
-  out0  = vec_sl(out0, pass1_bits); \
-  out4  = vec_sub(tmp10, tmp11); \
-  out4  = vec_sl(out4, pass1_bits); \
-  \
-  DO_FDCT_COMMON(1); \
-}
-
-#define DO_FDCT_PASS2() { \
-  /* Even part */ \
-  \
-  tmp10 = vec_add(tmp0, tmp3); \
-  tmp13 = vec_sub(tmp0, tmp3); \
-  tmp11 = vec_add(tmp1, tmp2); \
-  tmp12 = vec_sub(tmp1, tmp2); \
-  \
-  out0  = vec_add(tmp10, tmp11); \
-  out0  = vec_add(out0, pw_descale_p2x); \
-  out0  = vec_sra(out0, pass1_bits); \
-  out4  = vec_sub(tmp10, tmp11); \
-  out4  = vec_add(out4, pw_descale_p2x); \
-  out4  = vec_sra(out4, pass1_bits); \
-  \
-  DO_FDCT_COMMON(2); \
-}
-
-
-void jsimd_fdct_islow_altivec(DCTELEM *data)
-{
-  __vector short row0, row1, row2, row3, row4, row5, row6, row7,
-    col0, col1, col2, col3, col4, col5, col6, col7,
-    tmp0, tmp1, tmp2, tmp3, tmp4, tmp5, tmp6, tmp7, tmp10, tmp11, tmp12, tmp13,
-    tmp47l, tmp47h, tmp56l, tmp56h, tmp1312l, tmp1312h,
-    z3, z4, z34l, z34h,
-    out0, out1, out2, out3, out4, out5, out6, out7;
-  __vector int z3l, z3h, z4l, z4h,
-    out1l, out1h, out2l, out2h, out3l, out3h, out5l, out5h, out6l, out6h,
-    out7l, out7h;
-
-  /* Constants */
-  __vector short
-    pw_f130_f054 = { __4X2(F_0_541 + F_0_765, F_0_541) },
-    pw_f054_mf130 = { __4X2(F_0_541, F_0_541 - F_1_847) },
-    pw_mf078_f117 = { __4X2(F_1_175 - F_1_961, F_1_175) },
-    pw_f117_f078 = { __4X2(F_1_175, F_1_175 - F_0_390) },
-    pw_mf060_mf089 = { __4X2(F_0_298 - F_0_899, -F_0_899) },
-    pw_mf089_f060 = { __4X2(-F_0_899, F_1_501 - F_0_899) },
-    pw_mf050_mf256 = { __4X2(F_2_053 - F_2_562, -F_2_562) },
-    pw_mf256_f050 = { __4X2(-F_2_562, F_3_072 - F_2_562) },
-    pw_descale_p2x = { __8X(1 << (PASS1_BITS - 1)) };
-  __vector unsigned short pass1_bits = { __8X(PASS1_BITS) };
-  __vector int pd_descale_p1 = { __4X(1 << (DESCALE_P1 - 1)) },
-    pd_descale_p2 = { __4X(1 << (DESCALE_P2 - 1)) };
-  __vector unsigned int descale_p1 = { __4X(DESCALE_P1) },
-    descale_p2 = { __4X(DESCALE_P2) };
-
-  /* Pass 1: process rows */
-
-  row0 = vec_ld(0, data);
-  row1 = vec_ld(16, data);
-  row2 = vec_ld(32, data);
-  row3 = vec_ld(48, data);
-  row4 = vec_ld(64, data);
-  row5 = vec_ld(80, data);
-  row6 = vec_ld(96, data);
-  row7 = vec_ld(112, data);
-
-  TRANSPOSE(row, col);
-
-  tmp0 = vec_add(col0, col7);
-  tmp7 = vec_sub(col0, col7);
-  tmp1 = vec_add(col1, col6);
-  tmp6 = vec_sub(col1, col6);
-  tmp2 = vec_add(col2, col5);
-  tmp5 = vec_sub(col2, col5);
-  tmp3 = vec_add(col3, col4);
-  tmp4 = vec_sub(col3, col4);
-
-  DO_FDCT_PASS1();
-
-  /* Pass 2: process columns */
-
-  TRANSPOSE(out, row);
-
-  tmp0 = vec_add(row0, row7);
-  tmp7 = vec_sub(row0, row7);
-  tmp1 = vec_add(row1, row6);
-  tmp6 = vec_sub(row1, row6);
-  tmp2 = vec_add(row2, row5);
-  tmp5 = vec_sub(row2, row5);
-  tmp3 = vec_add(row3, row4);
-  tmp4 = vec_sub(row3, row4);
-
-  DO_FDCT_PASS2();
-
-  vec_st(out0, 0, data);
-  vec_st(out1, 16, data);
-  vec_st(out2, 32, data);
-  vec_st(out3, 48, data);
-  vec_st(out4, 64, data);
-  vec_st(out5, 80, data);
-  vec_st(out6, 96, data);
-  vec_st(out7, 112, data);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jidctfst-altivec.c b/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jidctfst-altivec.c
deleted file mode 100644
index 456c6c6..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jidctfst-altivec.c
+++ /dev/null
@@ -1,255 +0,0 @@
-/*
- * AltiVec optimizations for libjpeg-turbo
- *
- * Copyright (C) 2014-2015, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* FAST INTEGER INVERSE DCT
- *
- * This is similar to the SSE2 implementation, except that we left-shift the
- * constants by 1 less bit (the -1 in CONST_SHIFT.)  This is because
- * vec_madds(arg1, arg2, arg3) generates the 16-bit saturated sum of:
- *   the elements in arg3 + the most significant 17 bits of
- *     (the elements in arg1 * the elements in arg2).
- */
-
-#include "jsimd_altivec.h"
-
-
-#define F_1_082  277              /* FIX(1.082392200) */
-#define F_1_414  362              /* FIX(1.414213562) */
-#define F_1_847  473              /* FIX(1.847759065) */
-#define F_2_613  669              /* FIX(2.613125930) */
-#define F_1_613  (F_2_613 - 256)  /* FIX(2.613125930) - FIX(1) */
-
-#define CONST_BITS  8
-#define PASS1_BITS  2
-#define PRE_MULTIPLY_SCALE_BITS  2
-#define CONST_SHIFT  (16 - PRE_MULTIPLY_SCALE_BITS - CONST_BITS - 1)
-
-
-#define DO_IDCT(in) { \
-  /* Even part */ \
-  \
-  tmp10 = vec_add(in##0, in##4); \
-  tmp11 = vec_sub(in##0, in##4); \
-  tmp13 = vec_add(in##2, in##6); \
-  \
-  tmp12 = vec_sub(in##2, in##6); \
-  tmp12 = vec_sl(tmp12, pre_multiply_scale_bits); \
-  tmp12 = vec_madds(tmp12, pw_F1414, pw_zero); \
-  tmp12 = vec_sub(tmp12, tmp13); \
-  \
-  tmp0 = vec_add(tmp10, tmp13); \
-  tmp3 = vec_sub(tmp10, tmp13); \
-  tmp1 = vec_add(tmp11, tmp12); \
-  tmp2 = vec_sub(tmp11, tmp12); \
-  \
-  /* Odd part */ \
-  \
-  z13 = vec_add(in##5, in##3); \
-  z10 = vec_sub(in##5, in##3); \
-  z10s = vec_sl(z10, pre_multiply_scale_bits); \
-  z11 = vec_add(in##1, in##7); \
-  z12s = vec_sub(in##1, in##7); \
-  z12s = vec_sl(z12s, pre_multiply_scale_bits); \
-  \
-  tmp11 = vec_sub(z11, z13); \
-  tmp11 = vec_sl(tmp11, pre_multiply_scale_bits); \
-  tmp11 = vec_madds(tmp11, pw_F1414, pw_zero); \
-  \
-  tmp7 = vec_add(z11, z13); \
-  \
-  /* To avoid overflow... \
-   * \
-   * (Original) \
-   * tmp12 = -2.613125930 * z10 + z5; \
-   * \
-   * (This implementation) \
-   * tmp12 = (-1.613125930 - 1) * z10 + z5; \
-   *       = -1.613125930 * z10 - z10 + z5; \
-   */ \
-  \
-  z5 = vec_add(z10s, z12s); \
-  z5 = vec_madds(z5, pw_F1847, pw_zero); \
-  \
-  tmp10 = vec_madds(z12s, pw_F1082, pw_zero); \
-  tmp10 = vec_sub(tmp10, z5); \
-  tmp12 = vec_madds(z10s, pw_MF1613, z5); \
-  tmp12 = vec_sub(tmp12, z10); \
-  \
-  tmp6 = vec_sub(tmp12, tmp7); \
-  tmp5 = vec_sub(tmp11, tmp6); \
-  tmp4 = vec_add(tmp10, tmp5); \
-  \
-  out0 = vec_add(tmp0, tmp7); \
-  out1 = vec_add(tmp1, tmp6); \
-  out2 = vec_add(tmp2, tmp5); \
-  out3 = vec_sub(tmp3, tmp4); \
-  out4 = vec_add(tmp3, tmp4); \
-  out5 = vec_sub(tmp2, tmp5); \
-  out6 = vec_sub(tmp1, tmp6); \
-  out7 = vec_sub(tmp0, tmp7); \
-}
-
-
-void jsimd_idct_ifast_altivec(void *dct_table_, JCOEFPTR coef_block,
-                              JSAMPARRAY output_buf, JDIMENSION output_col)
-{
-  short *dct_table = (short *)dct_table_;
-  int *outptr;
-
-  __vector short row0, row1, row2, row3, row4, row5, row6, row7,
-    col0, col1, col2, col3, col4, col5, col6, col7,
-    quant0, quant1, quant2, quant3, quant4, quant5, quant6, quant7,
-    tmp0, tmp1, tmp2, tmp3, tmp4, tmp5, tmp6, tmp7, tmp10, tmp11, tmp12, tmp13,
-    z5, z10, z10s, z11, z12s, z13,
-    out0, out1, out2, out3, out4, out5, out6, out7;
-  __vector signed char outb;
-
-  /* Constants */
-  __vector short pw_zero = { __8X(0) },
-    pw_F1414 = { __8X(F_1_414 << CONST_SHIFT) },
-    pw_F1847 = { __8X(F_1_847 << CONST_SHIFT) },
-    pw_MF1613 = { __8X(-F_1_613 << CONST_SHIFT) },
-    pw_F1082 = { __8X(F_1_082 << CONST_SHIFT) };
-  __vector unsigned short
-    pre_multiply_scale_bits = { __8X(PRE_MULTIPLY_SCALE_BITS) },
-    pass1_bits3 = { __8X(PASS1_BITS + 3) };
-  __vector signed char pb_centerjsamp = { __16X(CENTERJSAMPLE) };
-
-  /* Pass 1: process columns */
-
-  col0 = vec_ld(0, coef_block);
-  col1 = vec_ld(16, coef_block);
-  col2 = vec_ld(32, coef_block);
-  col3 = vec_ld(48, coef_block);
-  col4 = vec_ld(64, coef_block);
-  col5 = vec_ld(80, coef_block);
-  col6 = vec_ld(96, coef_block);
-  col7 = vec_ld(112, coef_block);
-
-  tmp1 = vec_or(col1, col2);
-  tmp2 = vec_or(col3, col4);
-  tmp1 = vec_or(tmp1, tmp2);
-  tmp3 = vec_or(col5, col6);
-  tmp3 = vec_or(tmp3, col7);
-  tmp1 = vec_or(tmp1, tmp3);
-
-  quant0 = vec_ld(0, dct_table);
-  col0 = vec_mladd(col0, quant0, pw_zero);
-
-  if (vec_all_eq(tmp1, pw_zero)) {
-    /* AC terms all zero */
-
-    row0 = vec_splat(col0, 0);
-    row1 = vec_splat(col0, 1);
-    row2 = vec_splat(col0, 2);
-    row3 = vec_splat(col0, 3);
-    row4 = vec_splat(col0, 4);
-    row5 = vec_splat(col0, 5);
-    row6 = vec_splat(col0, 6);
-    row7 = vec_splat(col0, 7);
-
-  } else {
-
-    quant1 = vec_ld(16, dct_table);
-    quant2 = vec_ld(32, dct_table);
-    quant3 = vec_ld(48, dct_table);
-    quant4 = vec_ld(64, dct_table);
-    quant5 = vec_ld(80, dct_table);
-    quant6 = vec_ld(96, dct_table);
-    quant7 = vec_ld(112, dct_table);
-
-    col1 = vec_mladd(col1, quant1, pw_zero);
-    col2 = vec_mladd(col2, quant2, pw_zero);
-    col3 = vec_mladd(col3, quant3, pw_zero);
-    col4 = vec_mladd(col4, quant4, pw_zero);
-    col5 = vec_mladd(col5, quant5, pw_zero);
-    col6 = vec_mladd(col6, quant6, pw_zero);
-    col7 = vec_mladd(col7, quant7, pw_zero);
-
-    DO_IDCT(col);
-
-    TRANSPOSE(out, row);
-  }
-
-  /* Pass 2: process rows */
-
-  DO_IDCT(row);
-
-  out0 = vec_sra(out0, pass1_bits3);
-  out1 = vec_sra(out1, pass1_bits3);
-  out2 = vec_sra(out2, pass1_bits3);
-  out3 = vec_sra(out3, pass1_bits3);
-  out4 = vec_sra(out4, pass1_bits3);
-  out5 = vec_sra(out5, pass1_bits3);
-  out6 = vec_sra(out6, pass1_bits3);
-  out7 = vec_sra(out7, pass1_bits3);
-
-  TRANSPOSE(out, col);
-
-  outb = vec_packs(col0, col0);
-  outb = vec_add(outb, pb_centerjsamp);
-  outptr = (int *)(output_buf[0] + output_col);
-  vec_ste((__vector int)outb, 0, outptr);
-  vec_ste((__vector int)outb, 4, outptr);
-
-  outb = vec_packs(col1, col1);
-  outb = vec_add(outb, pb_centerjsamp);
-  outptr = (int *)(output_buf[1] + output_col);
-  vec_ste((__vector int)outb, 0, outptr);
-  vec_ste((__vector int)outb, 4, outptr);
-
-  outb = vec_packs(col2, col2);
-  outb = vec_add(outb, pb_centerjsamp);
-  outptr = (int *)(output_buf[2] + output_col);
-  vec_ste((__vector int)outb, 0, outptr);
-  vec_ste((__vector int)outb, 4, outptr);
-
-  outb = vec_packs(col3, col3);
-  outb = vec_add(outb, pb_centerjsamp);
-  outptr = (int *)(output_buf[3] + output_col);
-  vec_ste((__vector int)outb, 0, outptr);
-  vec_ste((__vector int)outb, 4, outptr);
-
-  outb = vec_packs(col4, col4);
-  outb = vec_add(outb, pb_centerjsamp);
-  outptr = (int *)(output_buf[4] + output_col);
-  vec_ste((__vector int)outb, 0, outptr);
-  vec_ste((__vector int)outb, 4, outptr);
-
-  outb = vec_packs(col5, col5);
-  outb = vec_add(outb, pb_centerjsamp);
-  outptr = (int *)(output_buf[5] + output_col);
-  vec_ste((__vector int)outb, 0, outptr);
-  vec_ste((__vector int)outb, 4, outptr);
-
-  outb = vec_packs(col6, col6);
-  outb = vec_add(outb, pb_centerjsamp);
-  outptr = (int *)(output_buf[6] + output_col);
-  vec_ste((__vector int)outb, 0, outptr);
-  vec_ste((__vector int)outb, 4, outptr);
-
-  outb = vec_packs(col7, col7);
-  outb = vec_add(outb, pb_centerjsamp);
-  outptr = (int *)(output_buf[7] + output_col);
-  vec_ste((__vector int)outb, 0, outptr);
-  vec_ste((__vector int)outb, 4, outptr);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jidctint-altivec.c b/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jidctint-altivec.c
deleted file mode 100644
index 60e619f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jidctint-altivec.c
+++ /dev/null
@@ -1,357 +0,0 @@
-/*
- * AltiVec optimizations for libjpeg-turbo
- *
- * Copyright (C) 2014-2015, 2020, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* ACCURATE INTEGER INVERSE DCT */
-
-#include "jsimd_altivec.h"
-
-
-#define F_0_298  2446   /* FIX(0.298631336) */
-#define F_0_390  3196   /* FIX(0.390180644) */
-#define F_0_541  4433   /* FIX(0.541196100) */
-#define F_0_765  6270   /* FIX(0.765366865) */
-#define F_0_899  7373   /* FIX(0.899976223) */
-#define F_1_175  9633   /* FIX(1.175875602) */
-#define F_1_501  12299  /* FIX(1.501321110) */
-#define F_1_847  15137  /* FIX(1.847759065) */
-#define F_1_961  16069  /* FIX(1.961570560) */
-#define F_2_053  16819  /* FIX(2.053119869) */
-#define F_2_562  20995  /* FIX(2.562915447) */
-#define F_3_072  25172  /* FIX(3.072711026) */
-
-#define CONST_BITS  13
-#define PASS1_BITS  2
-#define DESCALE_P1  (CONST_BITS - PASS1_BITS)
-#define DESCALE_P2  (CONST_BITS + PASS1_BITS + 3)
-
-
-#define DO_IDCT(in, PASS) { \
-  /* Even part \
-   * \
-   * (Original) \
-   * z1 = (z2 + z3) * 0.541196100; \
-   * tmp2 = z1 + z3 * -1.847759065; \
-   * tmp3 = z1 + z2 * 0.765366865; \
-   * \
-   * (This implementation) \
-   * tmp2 = z2 * 0.541196100 + z3 * (0.541196100 - 1.847759065); \
-   * tmp3 = z2 * (0.541196100 + 0.765366865) + z3 * 0.541196100; \
-   */ \
-  \
-  in##26l = vec_mergeh(in##2, in##6); \
-  in##26h = vec_mergel(in##2, in##6); \
-  \
-  tmp3l = vec_msums(in##26l, pw_f130_f054, pd_zero); \
-  tmp3h = vec_msums(in##26h, pw_f130_f054, pd_zero); \
-  tmp2l = vec_msums(in##26l, pw_f054_mf130, pd_zero); \
-  tmp2h = vec_msums(in##26h, pw_f054_mf130, pd_zero); \
-  \
-  tmp0 = vec_add(in##0, in##4); \
-  tmp1 = vec_sub(in##0, in##4); \
-  \
-  tmp0l = vec_unpackh(tmp0); \
-  tmp0h = vec_unpackl(tmp0); \
-  tmp0l = vec_sl(tmp0l, const_bits); \
-  tmp0h = vec_sl(tmp0h, const_bits); \
-  tmp0l = vec_add(tmp0l, pd_descale_p##PASS); \
-  tmp0h = vec_add(tmp0h, pd_descale_p##PASS); \
-  \
-  tmp10l = vec_add(tmp0l, tmp3l); \
-  tmp10h = vec_add(tmp0h, tmp3h); \
-  tmp13l = vec_sub(tmp0l, tmp3l); \
-  tmp13h = vec_sub(tmp0h, tmp3h); \
-  \
-  tmp1l = vec_unpackh(tmp1); \
-  tmp1h = vec_unpackl(tmp1); \
-  tmp1l = vec_sl(tmp1l, const_bits); \
-  tmp1h = vec_sl(tmp1h, const_bits); \
-  tmp1l = vec_add(tmp1l, pd_descale_p##PASS); \
-  tmp1h = vec_add(tmp1h, pd_descale_p##PASS); \
-  \
-  tmp11l = vec_add(tmp1l, tmp2l); \
-  tmp11h = vec_add(tmp1h, tmp2h); \
-  tmp12l = vec_sub(tmp1l, tmp2l); \
-  tmp12h = vec_sub(tmp1h, tmp2h); \
-  \
-  /* Odd part */ \
-  \
-  z3 = vec_add(in##3, in##7); \
-  z4 = vec_add(in##1, in##5); \
-  \
-  /* (Original) \
-   * z5 = (z3 + z4) * 1.175875602; \
-   * z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644; \
-   * z3 += z5;  z4 += z5; \
-   * \
-   * (This implementation) \
-   * z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602; \
-   * z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644); \
-   */ \
-  \
-  z34l = vec_mergeh(z3, z4); \
-  z34h = vec_mergel(z3, z4); \
-  \
-  z3l = vec_msums(z34l, pw_mf078_f117, pd_zero); \
-  z3h = vec_msums(z34h, pw_mf078_f117, pd_zero); \
-  z4l = vec_msums(z34l, pw_f117_f078, pd_zero); \
-  z4h = vec_msums(z34h, pw_f117_f078, pd_zero); \
-  \
-  /* (Original) \
-   * z1 = tmp0 + tmp3;  z2 = tmp1 + tmp2; \
-   * tmp0 = tmp0 * 0.298631336;  tmp1 = tmp1 * 2.053119869; \
-   * tmp2 = tmp2 * 3.072711026;  tmp3 = tmp3 * 1.501321110; \
-   * z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447; \
-   * tmp0 += z1 + z3;  tmp1 += z2 + z4; \
-   * tmp2 += z2 + z3;  tmp3 += z1 + z4; \
-   * \
-   * (This implementation) \
-   * tmp0 = tmp0 * (0.298631336 - 0.899976223) + tmp3 * -0.899976223; \
-   * tmp1 = tmp1 * (2.053119869 - 2.562915447) + tmp2 * -2.562915447; \
-   * tmp2 = tmp1 * -2.562915447 + tmp2 * (3.072711026 - 2.562915447); \
-   * tmp3 = tmp0 * -0.899976223 + tmp3 * (1.501321110 - 0.899976223); \
-   * tmp0 += z3;  tmp1 += z4; \
-   * tmp2 += z3;  tmp3 += z4; \
-   */ \
-  \
-  in##71l = vec_mergeh(in##7, in##1); \
-  in##71h = vec_mergel(in##7, in##1); \
-  \
-  tmp0l = vec_msums(in##71l, pw_mf060_mf089, z3l); \
-  tmp0h = vec_msums(in##71h, pw_mf060_mf089, z3h); \
-  tmp3l = vec_msums(in##71l, pw_mf089_f060, z4l); \
-  tmp3h = vec_msums(in##71h, pw_mf089_f060, z4h); \
-  \
-  in##53l = vec_mergeh(in##5, in##3); \
-  in##53h = vec_mergel(in##5, in##3); \
-  \
-  tmp1l = vec_msums(in##53l, pw_mf050_mf256, z4l); \
-  tmp1h = vec_msums(in##53h, pw_mf050_mf256, z4h); \
-  tmp2l = vec_msums(in##53l, pw_mf256_f050, z3l); \
-  tmp2h = vec_msums(in##53h, pw_mf256_f050, z3h); \
-  \
-  /* Final output stage */ \
-  \
-  out0l = vec_add(tmp10l, tmp3l); \
-  out0h = vec_add(tmp10h, tmp3h); \
-  out7l = vec_sub(tmp10l, tmp3l); \
-  out7h = vec_sub(tmp10h, tmp3h); \
-  \
-  out0l = vec_sra(out0l, descale_p##PASS); \
-  out0h = vec_sra(out0h, descale_p##PASS); \
-  out7l = vec_sra(out7l, descale_p##PASS); \
-  out7h = vec_sra(out7h, descale_p##PASS); \
-  \
-  out0 = vec_pack(out0l, out0h); \
-  out7 = vec_pack(out7l, out7h); \
-  \
-  out1l = vec_add(tmp11l, tmp2l); \
-  out1h = vec_add(tmp11h, tmp2h); \
-  out6l = vec_sub(tmp11l, tmp2l); \
-  out6h = vec_sub(tmp11h, tmp2h); \
-  \
-  out1l = vec_sra(out1l, descale_p##PASS); \
-  out1h = vec_sra(out1h, descale_p##PASS); \
-  out6l = vec_sra(out6l, descale_p##PASS); \
-  out6h = vec_sra(out6h, descale_p##PASS); \
-  \
-  out1 = vec_pack(out1l, out1h); \
-  out6 = vec_pack(out6l, out6h); \
-  \
-  out2l = vec_add(tmp12l, tmp1l); \
-  out2h = vec_add(tmp12h, tmp1h); \
-  out5l = vec_sub(tmp12l, tmp1l); \
-  out5h = vec_sub(tmp12h, tmp1h); \
-  \
-  out2l = vec_sra(out2l, descale_p##PASS); \
-  out2h = vec_sra(out2h, descale_p##PASS); \
-  out5l = vec_sra(out5l, descale_p##PASS); \
-  out5h = vec_sra(out5h, descale_p##PASS); \
-  \
-  out2 = vec_pack(out2l, out2h); \
-  out5 = vec_pack(out5l, out5h); \
-  \
-  out3l = vec_add(tmp13l, tmp0l); \
-  out3h = vec_add(tmp13h, tmp0h); \
-  out4l = vec_sub(tmp13l, tmp0l); \
-  out4h = vec_sub(tmp13h, tmp0h); \
-  \
-  out3l = vec_sra(out3l, descale_p##PASS); \
-  out3h = vec_sra(out3h, descale_p##PASS); \
-  out4l = vec_sra(out4l, descale_p##PASS); \
-  out4h = vec_sra(out4h, descale_p##PASS); \
-  \
-  out3 = vec_pack(out3l, out3h); \
-  out4 = vec_pack(out4l, out4h); \
-}
-
-
-void jsimd_idct_islow_altivec(void *dct_table_, JCOEFPTR coef_block,
-                              JSAMPARRAY output_buf, JDIMENSION output_col)
-{
-  short *dct_table = (short *)dct_table_;
-  int *outptr;
-
-  __vector short row0, row1, row2, row3, row4, row5, row6, row7,
-    col0, col1, col2, col3, col4, col5, col6, col7,
-    quant0, quant1, quant2, quant3, quant4, quant5, quant6, quant7,
-    tmp0, tmp1, tmp2, tmp3, z3, z4,
-    z34l, z34h, col71l, col71h, col26l, col26h, col53l, col53h,
-    row71l, row71h, row26l, row26h, row53l, row53h,
-    out0, out1, out2, out3, out4, out5, out6, out7;
-  __vector int tmp0l, tmp0h, tmp1l, tmp1h, tmp2l, tmp2h, tmp3l, tmp3h,
-    tmp10l, tmp10h, tmp11l, tmp11h, tmp12l, tmp12h, tmp13l, tmp13h,
-    z3l, z3h, z4l, z4h,
-    out0l, out0h, out1l, out1h, out2l, out2h, out3l, out3h, out4l, out4h,
-    out5l, out5h, out6l, out6h, out7l, out7h;
-  __vector signed char outb;
-
-  /* Constants */
-  __vector short pw_zero = { __8X(0) },
-    pw_f130_f054 = { __4X2(F_0_541 + F_0_765, F_0_541) },
-    pw_f054_mf130 = { __4X2(F_0_541, F_0_541 - F_1_847) },
-    pw_mf078_f117 = { __4X2(F_1_175 - F_1_961, F_1_175) },
-    pw_f117_f078 = { __4X2(F_1_175, F_1_175 - F_0_390) },
-    pw_mf060_mf089 = { __4X2(F_0_298 - F_0_899, -F_0_899) },
-    pw_mf089_f060 = { __4X2(-F_0_899, F_1_501 - F_0_899) },
-    pw_mf050_mf256 = { __4X2(F_2_053 - F_2_562, -F_2_562) },
-    pw_mf256_f050 = { __4X2(-F_2_562, F_3_072 - F_2_562) };
-  __vector unsigned short pass1_bits = { __8X(PASS1_BITS) };
-  __vector int pd_zero = { __4X(0) },
-    pd_descale_p1 = { __4X(1 << (DESCALE_P1 - 1)) },
-    pd_descale_p2 = { __4X(1 << (DESCALE_P2 - 1)) };
-  __vector unsigned int descale_p1 = { __4X(DESCALE_P1) },
-    descale_p2 = { __4X(DESCALE_P2) },
-    const_bits = { __4X(CONST_BITS) };
-  __vector signed char pb_centerjsamp = { __16X(CENTERJSAMPLE) };
-
-  /* Pass 1: process columns */
-
-  col0 = vec_ld(0, coef_block);
-  col1 = vec_ld(16, coef_block);
-  col2 = vec_ld(32, coef_block);
-  col3 = vec_ld(48, coef_block);
-  col4 = vec_ld(64, coef_block);
-  col5 = vec_ld(80, coef_block);
-  col6 = vec_ld(96, coef_block);
-  col7 = vec_ld(112, coef_block);
-
-  tmp1 = vec_or(col1, col2);
-  tmp2 = vec_or(col3, col4);
-  tmp1 = vec_or(tmp1, tmp2);
-  tmp3 = vec_or(col5, col6);
-  tmp3 = vec_or(tmp3, col7);
-  tmp1 = vec_or(tmp1, tmp3);
-
-  quant0 = vec_ld(0, dct_table);
-  col0 = vec_mladd(col0, quant0, pw_zero);
-
-  if (vec_all_eq(tmp1, pw_zero)) {
-    /* AC terms all zero */
-
-    col0 = vec_sl(col0, pass1_bits);
-
-    row0 = vec_splat(col0, 0);
-    row1 = vec_splat(col0, 1);
-    row2 = vec_splat(col0, 2);
-    row3 = vec_splat(col0, 3);
-    row4 = vec_splat(col0, 4);
-    row5 = vec_splat(col0, 5);
-    row6 = vec_splat(col0, 6);
-    row7 = vec_splat(col0, 7);
-
-  } else {
-
-    quant1 = vec_ld(16, dct_table);
-    quant2 = vec_ld(32, dct_table);
-    quant3 = vec_ld(48, dct_table);
-    quant4 = vec_ld(64, dct_table);
-    quant5 = vec_ld(80, dct_table);
-    quant6 = vec_ld(96, dct_table);
-    quant7 = vec_ld(112, dct_table);
-
-    col1 = vec_mladd(col1, quant1, pw_zero);
-    col2 = vec_mladd(col2, quant2, pw_zero);
-    col3 = vec_mladd(col3, quant3, pw_zero);
-    col4 = vec_mladd(col4, quant4, pw_zero);
-    col5 = vec_mladd(col5, quant5, pw_zero);
-    col6 = vec_mladd(col6, quant6, pw_zero);
-    col7 = vec_mladd(col7, quant7, pw_zero);
-
-    DO_IDCT(col, 1);
-
-    TRANSPOSE(out, row);
-  }
-
-  /* Pass 2: process rows */
-
-  DO_IDCT(row, 2);
-
-  TRANSPOSE(out, col);
-
-  outb = vec_packs(col0, col0);
-  outb = vec_add(outb, pb_centerjsamp);
-  outptr = (int *)(output_buf[0] + output_col);
-  vec_ste((__vector int)outb, 0, outptr);
-  vec_ste((__vector int)outb, 4, outptr);
-
-  outb = vec_packs(col1, col1);
-  outb = vec_add(outb, pb_centerjsamp);
-  outptr = (int *)(output_buf[1] + output_col);
-  vec_ste((__vector int)outb, 0, outptr);
-  vec_ste((__vector int)outb, 4, outptr);
-
-  outb = vec_packs(col2, col2);
-  outb = vec_add(outb, pb_centerjsamp);
-  outptr = (int *)(output_buf[2] + output_col);
-  vec_ste((__vector int)outb, 0, outptr);
-  vec_ste((__vector int)outb, 4, outptr);
-
-  outb = vec_packs(col3, col3);
-  outb = vec_add(outb, pb_centerjsamp);
-  outptr = (int *)(output_buf[3] + output_col);
-  vec_ste((__vector int)outb, 0, outptr);
-  vec_ste((__vector int)outb, 4, outptr);
-
-  outb = vec_packs(col4, col4);
-  outb = vec_add(outb, pb_centerjsamp);
-  outptr = (int *)(output_buf[4] + output_col);
-  vec_ste((__vector int)outb, 0, outptr);
-  vec_ste((__vector int)outb, 4, outptr);
-
-  outb = vec_packs(col5, col5);
-  outb = vec_add(outb, pb_centerjsamp);
-  outptr = (int *)(output_buf[5] + output_col);
-  vec_ste((__vector int)outb, 0, outptr);
-  vec_ste((__vector int)outb, 4, outptr);
-
-  outb = vec_packs(col6, col6);
-  outb = vec_add(outb, pb_centerjsamp);
-  outptr = (int *)(output_buf[6] + output_col);
-  vec_ste((__vector int)outb, 0, outptr);
-  vec_ste((__vector int)outb, 4, outptr);
-
-  outb = vec_packs(col7, col7);
-  outb = vec_add(outb, pb_centerjsamp);
-  outptr = (int *)(output_buf[7] + output_col);
-  vec_ste((__vector int)outb, 0, outptr);
-  vec_ste((__vector int)outb, 4, outptr);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jquanti-altivec.c b/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jquanti-altivec.c
deleted file mode 100644
index 7d6e325..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jquanti-altivec.c
+++ /dev/null
@@ -1,250 +0,0 @@
-/*
- * AltiVec optimizations for libjpeg-turbo
- *
- * Copyright (C) 2014-2015, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-/* INTEGER QUANTIZATION AND SAMPLE CONVERSION */
-
-#include "jsimd_altivec.h"
-
-
-/* NOTE: The address will either be aligned or offset by 8 bytes, so we can
- * always get the data we want by using a single vector load (although we may
- * have to permute the result.)
- */
-#if __BIG_ENDIAN__
-
-#define LOAD_ROW(row) { \
-  elemptr = sample_data[row] + start_col; \
-  in##row = vec_ld(0, elemptr); \
-  if ((size_t)elemptr & 15) \
-    in##row = vec_perm(in##row, in##row, vec_lvsl(0, elemptr)); \
-}
-
-#else
-
-#define LOAD_ROW(row) { \
-  elemptr = sample_data[row] + start_col; \
-  in##row = vec_vsx_ld(0, elemptr); \
-}
-
-#endif
-
-
-void jsimd_convsamp_altivec(JSAMPARRAY sample_data, JDIMENSION start_col,
-                            DCTELEM *workspace)
-{
-  JSAMPROW elemptr;
-
-  __vector unsigned char in0, in1, in2, in3, in4, in5, in6, in7;
-  __vector short out0, out1, out2, out3, out4, out5, out6, out7;
-
-  /* Constants */
-  __vector short pw_centerjsamp = { __8X(CENTERJSAMPLE) };
-  __vector unsigned char pb_zero = { __16X(0) };
-
-  LOAD_ROW(0);
-  LOAD_ROW(1);
-  LOAD_ROW(2);
-  LOAD_ROW(3);
-  LOAD_ROW(4);
-  LOAD_ROW(5);
-  LOAD_ROW(6);
-  LOAD_ROW(7);
-
-  out0 = (__vector short)VEC_UNPACKHU(in0);
-  out1 = (__vector short)VEC_UNPACKHU(in1);
-  out2 = (__vector short)VEC_UNPACKHU(in2);
-  out3 = (__vector short)VEC_UNPACKHU(in3);
-  out4 = (__vector short)VEC_UNPACKHU(in4);
-  out5 = (__vector short)VEC_UNPACKHU(in5);
-  out6 = (__vector short)VEC_UNPACKHU(in6);
-  out7 = (__vector short)VEC_UNPACKHU(in7);
-
-  out0 = vec_sub(out0, pw_centerjsamp);
-  out1 = vec_sub(out1, pw_centerjsamp);
-  out2 = vec_sub(out2, pw_centerjsamp);
-  out3 = vec_sub(out3, pw_centerjsamp);
-  out4 = vec_sub(out4, pw_centerjsamp);
-  out5 = vec_sub(out5, pw_centerjsamp);
-  out6 = vec_sub(out6, pw_centerjsamp);
-  out7 = vec_sub(out7, pw_centerjsamp);
-
-  vec_st(out0, 0, workspace);
-  vec_st(out1, 16, workspace);
-  vec_st(out2, 32, workspace);
-  vec_st(out3, 48, workspace);
-  vec_st(out4, 64, workspace);
-  vec_st(out5, 80, workspace);
-  vec_st(out6, 96, workspace);
-  vec_st(out7, 112, workspace);
-}
-
-
-#define WORD_BIT  16
-
-/* There is no AltiVec 16-bit unsigned multiply instruction, hence this.
-   We basically need an unsigned equivalent of vec_madds(). */
-
-#define MULTIPLY(vs0, vs1, out) { \
-  tmpe = vec_mule((__vector unsigned short)vs0, \
-                  (__vector unsigned short)vs1); \
-  tmpo = vec_mulo((__vector unsigned short)vs0, \
-                  (__vector unsigned short)vs1); \
-  out = (__vector short)vec_perm((__vector unsigned short)tmpe, \
-                                 (__vector unsigned short)tmpo, \
-                                 shift_pack_index); \
-}
-
-void jsimd_quantize_altivec(JCOEFPTR coef_block, DCTELEM *divisors,
-                            DCTELEM *workspace)
-{
-  __vector short row0, row1, row2, row3, row4, row5, row6, row7,
-    row0s, row1s, row2s, row3s, row4s, row5s, row6s, row7s,
-    corr0, corr1, corr2, corr3, corr4, corr5, corr6, corr7,
-    recip0, recip1, recip2, recip3, recip4, recip5, recip6, recip7,
-    scale0, scale1, scale2, scale3, scale4, scale5, scale6, scale7;
-  __vector unsigned int tmpe, tmpo;
-
-  /* Constants */
-  __vector unsigned short pw_word_bit_m1 = { __8X(WORD_BIT - 1) };
-#if __BIG_ENDIAN__
-  __vector unsigned char shift_pack_index =
-    {  0,  1, 16, 17,  4,  5, 20, 21,  8,  9, 24, 25, 12, 13, 28, 29 };
-#else
-  __vector unsigned char shift_pack_index =
-    {  2,  3, 18, 19,  6,  7, 22, 23, 10, 11, 26, 27, 14, 15, 30, 31 };
-#endif
-
-  row0 = vec_ld(0, workspace);
-  row1 = vec_ld(16, workspace);
-  row2 = vec_ld(32, workspace);
-  row3 = vec_ld(48, workspace);
-  row4 = vec_ld(64, workspace);
-  row5 = vec_ld(80, workspace);
-  row6 = vec_ld(96, workspace);
-  row7 = vec_ld(112, workspace);
-
-  /* Branch-less absolute value */
-  row0s = vec_sra(row0, pw_word_bit_m1);
-  row1s = vec_sra(row1, pw_word_bit_m1);
-  row2s = vec_sra(row2, pw_word_bit_m1);
-  row3s = vec_sra(row3, pw_word_bit_m1);
-  row4s = vec_sra(row4, pw_word_bit_m1);
-  row5s = vec_sra(row5, pw_word_bit_m1);
-  row6s = vec_sra(row6, pw_word_bit_m1);
-  row7s = vec_sra(row7, pw_word_bit_m1);
-  row0 = vec_xor(row0, row0s);
-  row1 = vec_xor(row1, row1s);
-  row2 = vec_xor(row2, row2s);
-  row3 = vec_xor(row3, row3s);
-  row4 = vec_xor(row4, row4s);
-  row5 = vec_xor(row5, row5s);
-  row6 = vec_xor(row6, row6s);
-  row7 = vec_xor(row7, row7s);
-  row0 = vec_sub(row0, row0s);
-  row1 = vec_sub(row1, row1s);
-  row2 = vec_sub(row2, row2s);
-  row3 = vec_sub(row3, row3s);
-  row4 = vec_sub(row4, row4s);
-  row5 = vec_sub(row5, row5s);
-  row6 = vec_sub(row6, row6s);
-  row7 = vec_sub(row7, row7s);
-
-  corr0 = vec_ld(DCTSIZE2 * 2, divisors);
-  corr1 = vec_ld(DCTSIZE2 * 2 + 16, divisors);
-  corr2 = vec_ld(DCTSIZE2 * 2 + 32, divisors);
-  corr3 = vec_ld(DCTSIZE2 * 2 + 48, divisors);
-  corr4 = vec_ld(DCTSIZE2 * 2 + 64, divisors);
-  corr5 = vec_ld(DCTSIZE2 * 2 + 80, divisors);
-  corr6 = vec_ld(DCTSIZE2 * 2 + 96, divisors);
-  corr7 = vec_ld(DCTSIZE2 * 2 + 112, divisors);
-
-  row0 = vec_add(row0, corr0);
-  row1 = vec_add(row1, corr1);
-  row2 = vec_add(row2, corr2);
-  row3 = vec_add(row3, corr3);
-  row4 = vec_add(row4, corr4);
-  row5 = vec_add(row5, corr5);
-  row6 = vec_add(row6, corr6);
-  row7 = vec_add(row7, corr7);
-
-  recip0 = vec_ld(0, divisors);
-  recip1 = vec_ld(16, divisors);
-  recip2 = vec_ld(32, divisors);
-  recip3 = vec_ld(48, divisors);
-  recip4 = vec_ld(64, divisors);
-  recip5 = vec_ld(80, divisors);
-  recip6 = vec_ld(96, divisors);
-  recip7 = vec_ld(112, divisors);
-
-  MULTIPLY(row0, recip0, row0);
-  MULTIPLY(row1, recip1, row1);
-  MULTIPLY(row2, recip2, row2);
-  MULTIPLY(row3, recip3, row3);
-  MULTIPLY(row4, recip4, row4);
-  MULTIPLY(row5, recip5, row5);
-  MULTIPLY(row6, recip6, row6);
-  MULTIPLY(row7, recip7, row7);
-
-  scale0 = vec_ld(DCTSIZE2 * 4, divisors);
-  scale1 = vec_ld(DCTSIZE2 * 4 + 16, divisors);
-  scale2 = vec_ld(DCTSIZE2 * 4 + 32, divisors);
-  scale3 = vec_ld(DCTSIZE2 * 4 + 48, divisors);
-  scale4 = vec_ld(DCTSIZE2 * 4 + 64, divisors);
-  scale5 = vec_ld(DCTSIZE2 * 4 + 80, divisors);
-  scale6 = vec_ld(DCTSIZE2 * 4 + 96, divisors);
-  scale7 = vec_ld(DCTSIZE2 * 4 + 112, divisors);
-
-  MULTIPLY(row0, scale0, row0);
-  MULTIPLY(row1, scale1, row1);
-  MULTIPLY(row2, scale2, row2);
-  MULTIPLY(row3, scale3, row3);
-  MULTIPLY(row4, scale4, row4);
-  MULTIPLY(row5, scale5, row5);
-  MULTIPLY(row6, scale6, row6);
-  MULTIPLY(row7, scale7, row7);
-
-  row0 = vec_xor(row0, row0s);
-  row1 = vec_xor(row1, row1s);
-  row2 = vec_xor(row2, row2s);
-  row3 = vec_xor(row3, row3s);
-  row4 = vec_xor(row4, row4s);
-  row5 = vec_xor(row5, row5s);
-  row6 = vec_xor(row6, row6s);
-  row7 = vec_xor(row7, row7s);
-  row0 = vec_sub(row0, row0s);
-  row1 = vec_sub(row1, row1s);
-  row2 = vec_sub(row2, row2s);
-  row3 = vec_sub(row3, row3s);
-  row4 = vec_sub(row4, row4s);
-  row5 = vec_sub(row5, row5s);
-  row6 = vec_sub(row6, row6s);
-  row7 = vec_sub(row7, row7s);
-
-  vec_st(row0, 0, coef_block);
-  vec_st(row1, 16, coef_block);
-  vec_st(row2, 32, coef_block);
-  vec_st(row3, 48, coef_block);
-  vec_st(row4, 64, coef_block);
-  vec_st(row5, 80, coef_block);
-  vec_st(row6, 96, coef_block);
-  vec_st(row7, 112, coef_block);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jsimd.c b/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jsimd.c
deleted file mode 100644
index d0d3981..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jsimd.c
+++ /dev/null
@@ -1,872 +0,0 @@
-/*
- * jsimd_powerpc.c
- *
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2009-2011, 2014-2016, 2018, D. R. Commander.
- * Copyright (C) 2015-2016, 2018, Matthieu Darbois.
- *
- * Based on the x86 SIMD extension for IJG JPEG library,
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- * For conditions of distribution and use, see copyright notice in jsimdext.inc
- *
- * This file contains the interface between the "normal" portions
- * of the library and the SIMD implementations when running on a
- * PowerPC architecture.
- */
-
-#ifdef __amigaos4__
-/* This must be defined first as it re-defines GLOBAL otherwise */
-#include <proto/exec.h>
-#endif
-
-#define JPEG_INTERNALS
-#include "../../jinclude.h"
-#include "../../jpeglib.h"
-#include "../../jsimd.h"
-#include "../../jdct.h"
-#include "../../jsimddct.h"
-#include "../jsimd.h"
-
-#include <stdio.h>
-#include <string.h>
-#include <ctype.h>
-
-#if defined(__OpenBSD__)
-#include <sys/param.h>
-#include <sys/sysctl.h>
-#include <machine/cpu.h>
-#endif
-
-static unsigned int simd_support = ~0;
-
-#if !defined(__ALTIVEC__) && (defined(__linux__) || defined(ANDROID) || defined(__ANDROID__))
-
-#define SOMEWHAT_SANE_PROC_CPUINFO_SIZE_LIMIT  (1024 * 1024)
-
-LOCAL(int)
-check_feature(char *buffer, char *feature)
-{
-  char *p;
-
-  if (*feature == 0)
-    return 0;
-  if (strncmp(buffer, "cpu", 3) != 0)
-    return 0;
-  buffer += 3;
-  while (isspace(*buffer))
-    buffer++;
-
-  /* Check if 'feature' is present in the buffer as a separate word */
-  while ((p = strstr(buffer, feature))) {
-    if (p > buffer && !isspace(*(p - 1))) {
-      buffer++;
-      continue;
-    }
-    p += strlen(feature);
-    if (*p != 0 && !isspace(*p)) {
-      buffer++;
-      continue;
-    }
-    return 1;
-  }
-  return 0;
-}
-
-LOCAL(int)
-parse_proc_cpuinfo(int bufsize)
-{
-  char *buffer = (char *)malloc(bufsize);
-  FILE *fd;
-
-  simd_support = 0;
-
-  if (!buffer)
-    return 0;
-
-  fd = fopen("/proc/cpuinfo", "r");
-  if (fd) {
-    while (fgets(buffer, bufsize, fd)) {
-      if (!strchr(buffer, '\n') && !feof(fd)) {
-        /* "impossible" happened - insufficient size of the buffer! */
-        fclose(fd);
-        free(buffer);
-        return 0;
-      }
-      if (check_feature(buffer, "altivec"))
-        simd_support |= JSIMD_ALTIVEC;
-    }
-    fclose(fd);
-  }
-  free(buffer);
-  return 1;
-}
-
-#endif
-
-/*
- * Check what SIMD accelerations are supported.
- *
- * FIXME: This code is racy under a multi-threaded environment.
- */
-LOCAL(void)
-init_simd(void)
-{
-#ifndef NO_GETENV
-  char *env = NULL;
-#endif
-#if !defined(__ALTIVEC__) && (defined(__linux__) || defined(ANDROID) || defined(__ANDROID__))
-  int bufsize = 1024; /* an initial guess for the line buffer size limit */
-#elif defined(__amigaos4__)
-  uint32 altivec = 0;
-#elif defined(__OpenBSD__)
-  int mib[2] = { CTL_MACHDEP, CPU_ALTIVEC };
-  int altivec;
-  size_t len = sizeof(altivec);
-#endif
-
-  if (simd_support != ~0U)
-    return;
-
-  simd_support = 0;
-
-#if defined(__ALTIVEC__) || defined(__APPLE__)
-  simd_support |= JSIMD_ALTIVEC;
-#elif defined(__linux__) || defined(ANDROID) || defined(__ANDROID__)
-  while (!parse_proc_cpuinfo(bufsize)) {
-    bufsize *= 2;
-    if (bufsize > SOMEWHAT_SANE_PROC_CPUINFO_SIZE_LIMIT)
-      break;
-  }
-#elif defined(__amigaos4__)
-  IExec->GetCPUInfoTags(GCIT_VectorUnit, &altivec, TAG_DONE);
-  if (altivec == VECTORTYPE_ALTIVEC)
-    simd_support |= JSIMD_ALTIVEC;
-#elif defined(__OpenBSD__)
-  if (sysctl(mib, 2, &altivec, &len, NULL, 0) == 0 && altivec != 0)
-    simd_support |= JSIMD_ALTIVEC;
-#endif
-
-#ifndef NO_GETENV
-  /* Force different settings through environment variables */
-  env = getenv("JSIMD_FORCEALTIVEC");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_support = JSIMD_ALTIVEC;
-  env = getenv("JSIMD_FORCENONE");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_support = 0;
-#endif
-}
-
-GLOBAL(int)
-jsimd_can_rgb_ycc(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if (simd_support & JSIMD_ALTIVEC)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_rgb_gray(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if (simd_support & JSIMD_ALTIVEC)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_ycc_rgb(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if (simd_support & JSIMD_ALTIVEC)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_ycc_rgb565(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_rgb_ycc_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                      JSAMPIMAGE output_buf, JDIMENSION output_row,
-                      int num_rows)
-{
-  void (*altivecfct) (JDIMENSION, JSAMPARRAY, JSAMPIMAGE, JDIMENSION, int);
-
-  switch (cinfo->in_color_space) {
-  case JCS_EXT_RGB:
-    altivecfct = jsimd_extrgb_ycc_convert_altivec;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    altivecfct = jsimd_extrgbx_ycc_convert_altivec;
-    break;
-  case JCS_EXT_BGR:
-    altivecfct = jsimd_extbgr_ycc_convert_altivec;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    altivecfct = jsimd_extbgrx_ycc_convert_altivec;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    altivecfct = jsimd_extxbgr_ycc_convert_altivec;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    altivecfct = jsimd_extxrgb_ycc_convert_altivec;
-    break;
-  default:
-    altivecfct = jsimd_rgb_ycc_convert_altivec;
-    break;
-  }
-
-  altivecfct(cinfo->image_width, input_buf, output_buf, output_row, num_rows);
-}
-
-GLOBAL(void)
-jsimd_rgb_gray_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                       JSAMPIMAGE output_buf, JDIMENSION output_row,
-                       int num_rows)
-{
-  void (*altivecfct) (JDIMENSION, JSAMPARRAY, JSAMPIMAGE, JDIMENSION, int);
-
-  switch (cinfo->in_color_space) {
-  case JCS_EXT_RGB:
-    altivecfct = jsimd_extrgb_gray_convert_altivec;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    altivecfct = jsimd_extrgbx_gray_convert_altivec;
-    break;
-  case JCS_EXT_BGR:
-    altivecfct = jsimd_extbgr_gray_convert_altivec;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    altivecfct = jsimd_extbgrx_gray_convert_altivec;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    altivecfct = jsimd_extxbgr_gray_convert_altivec;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    altivecfct = jsimd_extxrgb_gray_convert_altivec;
-    break;
-  default:
-    altivecfct = jsimd_rgb_gray_convert_altivec;
-    break;
-  }
-
-  altivecfct(cinfo->image_width, input_buf, output_buf, output_row, num_rows);
-}
-
-GLOBAL(void)
-jsimd_ycc_rgb_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                      JDIMENSION input_row, JSAMPARRAY output_buf,
-                      int num_rows)
-{
-  void (*altivecfct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY, int);
-
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    altivecfct = jsimd_ycc_extrgb_convert_altivec;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    altivecfct = jsimd_ycc_extrgbx_convert_altivec;
-    break;
-  case JCS_EXT_BGR:
-    altivecfct = jsimd_ycc_extbgr_convert_altivec;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    altivecfct = jsimd_ycc_extbgrx_convert_altivec;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    altivecfct = jsimd_ycc_extxbgr_convert_altivec;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    altivecfct = jsimd_ycc_extxrgb_convert_altivec;
-    break;
-  default:
-    altivecfct = jsimd_ycc_rgb_convert_altivec;
-    break;
-  }
-
-  altivecfct(cinfo->output_width, input_buf, input_row, output_buf, num_rows);
-}
-
-GLOBAL(void)
-jsimd_ycc_rgb565_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                         JDIMENSION input_row, JSAMPARRAY output_buf,
-                         int num_rows)
-{
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_downsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_ALTIVEC)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_downsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_ALTIVEC)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                      JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  jsimd_h2v2_downsample_altivec(cinfo->image_width, cinfo->max_v_samp_factor,
-                                compptr->v_samp_factor,
-                                compptr->width_in_blocks, input_data,
-                                output_data);
-}
-
-GLOBAL(void)
-jsimd_h2v1_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                      JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  jsimd_h2v1_downsample_altivec(cinfo->image_width, cinfo->max_v_samp_factor,
-                                compptr->v_samp_factor,
-                                compptr->width_in_blocks, input_data,
-                                output_data);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_ALTIVEC)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_ALTIVEC)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                    JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  jsimd_h2v2_upsample_altivec(cinfo->max_v_samp_factor, cinfo->output_width,
-                              input_data, output_data_ptr);
-}
-
-GLOBAL(void)
-jsimd_h2v1_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                    JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  jsimd_h2v1_upsample_altivec(cinfo->max_v_samp_factor, cinfo->output_width,
-                              input_data, output_data_ptr);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_fancy_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_ALTIVEC)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_fancy_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_ALTIVEC)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  jsimd_h2v2_fancy_upsample_altivec(cinfo->max_v_samp_factor,
-                                    compptr->downsampled_width, input_data,
-                                    output_data_ptr);
-}
-
-GLOBAL(void)
-jsimd_h2v1_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  jsimd_h2v1_fancy_upsample_altivec(cinfo->max_v_samp_factor,
-                                    compptr->downsampled_width, input_data,
-                                    output_data_ptr);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_merged_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_ALTIVEC)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_merged_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_ALTIVEC)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_merged_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                           JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-  void (*altivecfct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY);
-
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    altivecfct = jsimd_h2v2_extrgb_merged_upsample_altivec;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    altivecfct = jsimd_h2v2_extrgbx_merged_upsample_altivec;
-    break;
-  case JCS_EXT_BGR:
-    altivecfct = jsimd_h2v2_extbgr_merged_upsample_altivec;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    altivecfct = jsimd_h2v2_extbgrx_merged_upsample_altivec;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    altivecfct = jsimd_h2v2_extxbgr_merged_upsample_altivec;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    altivecfct = jsimd_h2v2_extxrgb_merged_upsample_altivec;
-    break;
-  default:
-    altivecfct = jsimd_h2v2_merged_upsample_altivec;
-    break;
-  }
-
-  altivecfct(cinfo->output_width, input_buf, in_row_group_ctr, output_buf);
-}
-
-GLOBAL(void)
-jsimd_h2v1_merged_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                           JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-  void (*altivecfct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY);
-
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    altivecfct = jsimd_h2v1_extrgb_merged_upsample_altivec;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    altivecfct = jsimd_h2v1_extrgbx_merged_upsample_altivec;
-    break;
-  case JCS_EXT_BGR:
-    altivecfct = jsimd_h2v1_extbgr_merged_upsample_altivec;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    altivecfct = jsimd_h2v1_extbgrx_merged_upsample_altivec;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    altivecfct = jsimd_h2v1_extxbgr_merged_upsample_altivec;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    altivecfct = jsimd_h2v1_extxrgb_merged_upsample_altivec;
-    break;
-  default:
-    altivecfct = jsimd_h2v1_merged_upsample_altivec;
-    break;
-  }
-
-  altivecfct(cinfo->output_width, input_buf, in_row_group_ctr, output_buf);
-}
-
-GLOBAL(int)
-jsimd_can_convsamp(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_ALTIVEC)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_convsamp_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_convsamp(JSAMPARRAY sample_data, JDIMENSION start_col,
-               DCTELEM *workspace)
-{
-  jsimd_convsamp_altivec(sample_data, start_col, workspace);
-}
-
-GLOBAL(void)
-jsimd_convsamp_float(JSAMPARRAY sample_data, JDIMENSION start_col,
-                     FAST_FLOAT *workspace)
-{
-}
-
-GLOBAL(int)
-jsimd_can_fdct_islow(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_ALTIVEC)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_fdct_ifast(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_ALTIVEC)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_fdct_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_fdct_islow(DCTELEM *data)
-{
-  jsimd_fdct_islow_altivec(data);
-}
-
-GLOBAL(void)
-jsimd_fdct_ifast(DCTELEM *data)
-{
-  jsimd_fdct_ifast_altivec(data);
-}
-
-GLOBAL(void)
-jsimd_fdct_float(FAST_FLOAT *data)
-{
-}
-
-GLOBAL(int)
-jsimd_can_quantize(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_ALTIVEC)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_quantize_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_quantize(JCOEFPTR coef_block, DCTELEM *divisors, DCTELEM *workspace)
-{
-  jsimd_quantize_altivec(coef_block, divisors, workspace);
-}
-
-GLOBAL(void)
-jsimd_quantize_float(JCOEFPTR coef_block, FAST_FLOAT *divisors,
-                     FAST_FLOAT *workspace)
-{
-}
-
-GLOBAL(int)
-jsimd_can_idct_2x2(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_4x4(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_idct_2x2(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-               JCOEFPTR coef_block, JSAMPARRAY output_buf,
-               JDIMENSION output_col)
-{
-}
-
-GLOBAL(void)
-jsimd_idct_4x4(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-               JCOEFPTR coef_block, JSAMPARRAY output_buf,
-               JDIMENSION output_col)
-{
-}
-
-GLOBAL(int)
-jsimd_can_idct_islow(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_ALTIVEC)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_ifast(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_ALTIVEC)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_float(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_idct_islow(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-  jsimd_idct_islow_altivec(compptr->dct_table, coef_block, output_buf,
-                           output_col);
-}
-
-GLOBAL(void)
-jsimd_idct_ifast(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-  jsimd_idct_ifast_altivec(compptr->dct_table, coef_block, output_buf,
-                           output_col);
-}
-
-GLOBAL(void)
-jsimd_idct_float(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-}
-
-GLOBAL(int)
-jsimd_can_huff_encode_one_block(void)
-{
-  return 0;
-}
-
-GLOBAL(JOCTET *)
-jsimd_huff_encode_one_block(void *state, JOCTET *buffer, JCOEFPTR block,
-                            int last_dc_val, c_derived_tbl *dctbl,
-                            c_derived_tbl *actbl)
-{
-  return NULL;
-}
-
-GLOBAL(int)
-jsimd_can_encode_mcu_AC_first_prepare(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_encode_mcu_AC_first_prepare(const JCOEF *block,
-                                  const int *jpeg_natural_order_start, int Sl,
-                                  int Al, JCOEF *values, size_t *zerobits)
-{
-}
-
-GLOBAL(int)
-jsimd_can_encode_mcu_AC_refine_prepare(void)
-{
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_encode_mcu_AC_refine_prepare(const JCOEF *block,
-                                   const int *jpeg_natural_order_start, int Sl,
-                                   int Al, JCOEF *absvalues, size_t *bits)
-{
-  return 0;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jsimd_altivec.h b/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jsimd_altivec.h
deleted file mode 100644
index e8bdb06..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/powerpc/jsimd_altivec.h
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * AltiVec optimizations for libjpeg-turbo
- *
- * Copyright (C) 2014-2015, D. R. Commander.  All Rights Reserved.
- *
- * This software is provided 'as-is', without any express or implied
- * warranty.  In no event will the authors be held liable for any damages
- * arising from the use of this software.
- *
- * Permission is granted to anyone to use this software for any purpose,
- * including commercial applications, and to alter it and redistribute it
- * freely, subject to the following restrictions:
- *
- * 1. The origin of this software must not be misrepresented; you must not
- *    claim that you wrote the original software. If you use this software
- *    in a product, an acknowledgment in the product documentation would be
- *    appreciated but is not required.
- * 2. Altered source versions must be plainly marked as such, and must not be
- *    misrepresented as being the original software.
- * 3. This notice may not be removed or altered from any source distribution.
- */
-
-#define JPEG_INTERNALS
-#include "../../jinclude.h"
-#include "../../jpeglib.h"
-#include "../../jsimd.h"
-#include "../../jdct.h"
-#include "../../jsimddct.h"
-#include "../jsimd.h"
-#include <altivec.h>
-
-
-/* Common code */
-
-#define __4X(a)      a, a, a, a
-#define __4X2(a, b)  a, b, a, b, a, b, a, b
-#define __8X(a)      __4X(a), __4X(a)
-#define __16X(a)     __8X(a), __8X(a)
-
-#define TRANSPOSE(row, col) { \
-  __vector short row04l, row04h, row15l, row15h, \
-                 row26l, row26h, row37l, row37h; \
-  __vector short col01e, col01o, col23e, col23o, \
-                 col45e, col45o, col67e, col67o; \
-  \
-                                       /* transpose coefficients (phase 1) */ \
-  row04l = vec_mergeh(row##0, row##4); /* row04l=(00 40 01 41 02 42 03 43) */ \
-  row04h = vec_mergel(row##0, row##4); /* row04h=(04 44 05 45 06 46 07 47) */ \
-  row15l = vec_mergeh(row##1, row##5); /* row15l=(10 50 11 51 12 52 13 53) */ \
-  row15h = vec_mergel(row##1, row##5); /* row15h=(14 54 15 55 16 56 17 57) */ \
-  row26l = vec_mergeh(row##2, row##6); /* row26l=(20 60 21 61 22 62 23 63) */ \
-  row26h = vec_mergel(row##2, row##6); /* row26h=(24 64 25 65 26 66 27 67) */ \
-  row37l = vec_mergeh(row##3, row##7); /* row37l=(30 70 31 71 32 72 33 73) */ \
-  row37h = vec_mergel(row##3, row##7); /* row37h=(34 74 35 75 36 76 37 77) */ \
-  \
-                                       /* transpose coefficients (phase 2) */ \
-  col01e = vec_mergeh(row04l, row26l); /* col01e=(00 20 40 60 01 21 41 61) */ \
-  col23e = vec_mergel(row04l, row26l); /* col23e=(02 22 42 62 03 23 43 63) */ \
-  col45e = vec_mergeh(row04h, row26h); /* col45e=(04 24 44 64 05 25 45 65) */ \
-  col67e = vec_mergel(row04h, row26h); /* col67e=(06 26 46 66 07 27 47 67) */ \
-  col01o = vec_mergeh(row15l, row37l); /* col01o=(10 30 50 70 11 31 51 71) */ \
-  col23o = vec_mergel(row15l, row37l); /* col23o=(12 32 52 72 13 33 53 73) */ \
-  col45o = vec_mergeh(row15h, row37h); /* col45o=(14 34 54 74 15 35 55 75) */ \
-  col67o = vec_mergel(row15h, row37h); /* col67o=(16 36 56 76 17 37 57 77) */ \
-  \
-                                       /* transpose coefficients (phase 3) */ \
-  col##0 = vec_mergeh(col01e, col01o); /* col0=(00 10 20 30 40 50 60 70) */ \
-  col##1 = vec_mergel(col01e, col01o); /* col1=(01 11 21 31 41 51 61 71) */ \
-  col##2 = vec_mergeh(col23e, col23o); /* col2=(02 12 22 32 42 52 62 72) */ \
-  col##3 = vec_mergel(col23e, col23o); /* col3=(03 13 23 33 43 53 63 73) */ \
-  col##4 = vec_mergeh(col45e, col45o); /* col4=(04 14 24 34 44 54 64 74) */ \
-  col##5 = vec_mergel(col45e, col45o); /* col5=(05 15 25 35 45 55 65 75) */ \
-  col##6 = vec_mergeh(col67e, col67o); /* col6=(06 16 26 36 46 56 66 76) */ \
-  col##7 = vec_mergel(col67e, col67o); /* col7=(07 17 27 37 47 57 67 77) */ \
-}
-
-#ifndef min
-#define min(a, b)  ((a) < (b) ? (a) : (b))
-#endif
-
-
-/* Macros to abstract big/little endian bit twiddling */
-
-#if __BIG_ENDIAN__
-
-#define VEC_LD(a, b)     vec_ld(a, b)
-#define VEC_ST(a, b, c)  vec_st(a, b, c)
-#define VEC_UNPACKHU(a)  vec_mergeh(pb_zero, a)
-#define VEC_UNPACKLU(a)  vec_mergel(pb_zero, a)
-
-#else
-
-#define VEC_LD(a, b)     vec_vsx_ld(a, b)
-#define VEC_ST(a, b, c)  vec_vsx_st(a, b, c)
-#define VEC_UNPACKHU(a)  vec_mergeh(a, pb_zero)
-#define VEC_UNPACKLU(a)  vec_mergel(a, pb_zero)
-
-#endif
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jccolext-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jccolext-avx2.asm
deleted file mode 100644
index ffb527d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jccolext-avx2.asm
+++ /dev/null
@@ -1,559 +0,0 @@
-;
-; jccolext.asm - colorspace conversion (64-bit AVX2)
-;
-; Copyright (C) 2009, 2016, D. R. Commander.
-; Copyright (C) 2015, Intel Corporation.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jcolsamp.inc"
-
-; --------------------------------------------------------------------------
-;
-; Convert some rows of samples to the output colorspace.
-;
-; GLOBAL(void)
-; jsimd_rgb_ycc_convert_avx2(JDIMENSION img_width, JSAMPARRAY input_buf,
-;                            JSAMPIMAGE output_buf, JDIMENSION output_row,
-;                            int num_rows);
-;
-
-; r10d = JDIMENSION img_width
-; r11 = JSAMPARRAY input_buf
-; r12 = JSAMPIMAGE output_buf
-; r13d = JDIMENSION output_row
-; r14d = int num_rows
-
-%define wk(i)   rbp - (WK_NUM - (i)) * SIZEOF_YMMWORD  ; ymmword wk[WK_NUM]
-%define WK_NUM  8
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_rgb_ycc_convert_avx2)
-
-EXTN(jsimd_rgb_ycc_convert_avx2):
-    push        rbp
-    mov         rax, rsp                     ; rax = original rbp
-    sub         rsp, byte 4
-    and         rsp, byte (-SIZEOF_YMMWORD)  ; align to 256 bits
-    mov         [rsp], rax
-    mov         rbp, rsp                     ; rbp = aligned rbp
-    lea         rsp, [wk(0)]
-    collect_args 5
-    push        rbx
-
-    mov         ecx, r10d
-    test        rcx, rcx
-    jz          near .return
-
-    push        rcx
-
-    mov         rsi, r12
-    mov         ecx, r13d
-    mov         rdip, JSAMPARRAY [rsi+0*SIZEOF_JSAMPARRAY]
-    mov         rbxp, JSAMPARRAY [rsi+1*SIZEOF_JSAMPARRAY]
-    mov         rdxp, JSAMPARRAY [rsi+2*SIZEOF_JSAMPARRAY]
-    lea         rdi, [rdi+rcx*SIZEOF_JSAMPROW]
-    lea         rbx, [rbx+rcx*SIZEOF_JSAMPROW]
-    lea         rdx, [rdx+rcx*SIZEOF_JSAMPROW]
-
-    pop         rcx
-
-    mov         rsi, r11
-    mov         eax, r14d
-    test        rax, rax
-    jle         near .return
-.rowloop:
-    push        rdx
-    push        rbx
-    push        rdi
-    push        rsi
-    push        rcx                     ; col
-
-    mov         rsip, JSAMPROW [rsi]    ; inptr
-    mov         rdip, JSAMPROW [rdi]    ; outptr0
-    mov         rbxp, JSAMPROW [rbx]    ; outptr1
-    mov         rdxp, JSAMPROW [rdx]    ; outptr2
-
-    cmp         rcx, byte SIZEOF_YMMWORD
-    jae         near .columnloop
-
-%if RGB_PIXELSIZE == 3  ; ---------------
-
-.column_ld1:
-    push        rax
-    push        rdx
-    lea         rcx, [rcx+rcx*2]        ; imul ecx,RGB_PIXELSIZE
-    test        cl, SIZEOF_BYTE
-    jz          short .column_ld2
-    sub         rcx, byte SIZEOF_BYTE
-    movzx       rax, byte [rsi+rcx]
-.column_ld2:
-    test        cl, SIZEOF_WORD
-    jz          short .column_ld4
-    sub         rcx, byte SIZEOF_WORD
-    movzx       rdx, word [rsi+rcx]
-    shl         rax, WORD_BIT
-    or          rax, rdx
-.column_ld4:
-    vmovd       xmmA, eax
-    pop         rdx
-    pop         rax
-    test        cl, SIZEOF_DWORD
-    jz          short .column_ld8
-    sub         rcx, byte SIZEOF_DWORD
-    vmovd       xmmF, XMM_DWORD [rsi+rcx]
-    vpslldq     xmmA, xmmA, SIZEOF_DWORD
-    vpor        xmmA, xmmA, xmmF
-.column_ld8:
-    test        cl, SIZEOF_MMWORD
-    jz          short .column_ld16
-    sub         rcx, byte SIZEOF_MMWORD
-    vmovq       xmmB, XMM_MMWORD [rsi+rcx]
-    vpslldq     xmmA, xmmA, SIZEOF_MMWORD
-    vpor        xmmA, xmmA, xmmB
-.column_ld16:
-    test        cl, SIZEOF_XMMWORD
-    jz          short .column_ld32
-    sub         rcx, byte SIZEOF_XMMWORD
-    vmovdqu     xmmB, XMM_MMWORD [rsi+rcx]
-    vperm2i128  ymmA, ymmA, ymmA, 1
-    vpor        ymmA, ymmB
-.column_ld32:
-    test        cl, SIZEOF_YMMWORD
-    jz          short .column_ld64
-    sub         rcx, byte SIZEOF_YMMWORD
-    vmovdqa     ymmF, ymmA
-    vmovdqu     ymmA, YMMWORD [rsi+0*SIZEOF_YMMWORD]
-.column_ld64:
-    test        cl, 2*SIZEOF_YMMWORD
-    mov         rcx, SIZEOF_YMMWORD
-    jz          short .rgb_ycc_cnv
-    vmovdqa     ymmB, ymmA
-    vmovdqu     ymmA, YMMWORD [rsi+0*SIZEOF_YMMWORD]
-    vmovdqu     ymmF, YMMWORD [rsi+1*SIZEOF_YMMWORD]
-    jmp         short .rgb_ycc_cnv
-
-.columnloop:
-    vmovdqu     ymmA, YMMWORD [rsi+0*SIZEOF_YMMWORD]
-    vmovdqu     ymmF, YMMWORD [rsi+1*SIZEOF_YMMWORD]
-    vmovdqu     ymmB, YMMWORD [rsi+2*SIZEOF_YMMWORD]
-
-.rgb_ycc_cnv:
-    ; ymmA=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05
-    ;       15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A)
-    ; ymmF=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F
-    ;       0G 1G 2G 0H 1H 2H 0I 1I 2I 0J 1J 2J 0K 1K 2K 0L)
-    ; ymmB=(1L 2L 0M 1M 2M 0N 1N 2N 0O 1O 2O 0P 1P 2P 0Q 1Q
-    ;       2Q 0R 1R 2R 0S 1S 2S 0T 1T 2T 0U 1U 2U 0V 1V 2V)
-
-    vmovdqu     ymmC, ymmA
-    vinserti128 ymmA, ymmF, xmmA, 0  ; ymmA=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05
-                                     ;       0G 1G 2G 0H 1H 2H 0I 1I 2I 0J 1J 2J 0K 1K 2K 0L)
-    vinserti128 ymmC, ymmC, xmmB, 0  ; ymmC=(1L 2L 0M 1M 2M 0N 1N 2N 0O 1O 2O 0P 1P 2P 0Q 1Q
-                                     ;       15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A)
-    vinserti128 ymmB, ymmB, xmmF, 0  ; ymmB=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F
-                                     ;       2Q 0R 1R 2R 0S 1S 2S 0T 1T 2T 0U 1U 2U 0V 1V 2V)
-    vperm2i128  ymmF, ymmC, ymmC, 1  ; ymmF=(15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A
-                                     ;       1L 2L 0M 1M 2M 0N 1N 2N 0O 1O 2O 0P 1P 2P 0Q 1Q)
-
-    vmovdqa     ymmG, ymmA
-    vpslldq     ymmA, ymmA, 8     ; ymmA=(-- -- -- -- -- -- -- -- 00 10 20 01 11 21 02 12
-                                  ;       22 03 13 23 04 14 24 05 0G 1G 2G 0H 1H 2H 0I 1I)
-    vpsrldq     ymmG, ymmG, 8     ; ymmG=(22 03 13 23 04 14 24 05 0G 1G 2G 0H 1H 2H 0I 1I
-                                  ;       2I 0J 1J 2J 0K 1K 2K 0L -- -- -- -- -- -- -- --)
-
-    vpunpckhbw  ymmA, ymmA, ymmF  ; ymmA=(00 08 10 18 20 28 01 09 11 19 21 29 02 0A 12 1A
-                                  ;       0G 0O 1G 1O 2G 2O 0H 0P 1H 1P 2H 2P 0I 0Q 1I 1Q)
-    vpslldq     ymmF, ymmF, 8     ; ymmF=(-- -- -- -- -- -- -- -- 15 25 06 16 26 07 17 27
-                                  ;       08 18 28 09 19 29 0A 1A 1L 2L 0M 1M 2M 0N 1N 2N)
-
-    vpunpcklbw  ymmG, ymmG, ymmB  ; ymmG=(22 2A 03 0B 13 1B 23 2B 04 0C 14 1C 24 2C 05 0D
-                                  ;       2I 2Q 0J 0R 1J 1R 2J 2R 0K 0S 1K 1S 2K 2S 0L 0T)
-    vpunpckhbw  ymmF, ymmF, ymmB  ; ymmF=(15 1D 25 2D 06 0E 16 1E 26 2E 07 0F 17 1F 27 2F
-                                  ;       1L 1T 2L 2T 0M 0U 1M 1U 2M 2U 0N 0V 1N 1V 2N 2V)
-
-    vmovdqa     ymmD, ymmA
-    vpslldq     ymmA, ymmA, 8     ; ymmA=(-- -- -- -- -- -- -- -- 00 08 10 18 20 28 01 09
-                                  ;       11 19 21 29 02 0A 12 1A 0G 0O 1G 1O 2G 2O 0H 0P)
-    vpsrldq     ymmD, ymmD, 8     ; ymmD=(11 19 21 29 02 0A 12 1A 0G 0O 1G 1O 2G 2O 0H 0P
-                                  ;       1H 1P 2H 2P 0I 0Q 1I 1Q -- -- -- -- -- -- -- --)
-
-    vpunpckhbw  ymmA, ymmA, ymmG  ; ymmA=(00 04 08 0C 10 14 18 1C 20 24 28 2C 01 05 09 0D
-                                  ;       0G 0K 0O 0S 1G 1K 1O 1S 2G 2K 2O 2S 0H 0L 0P 0T)
-    vpslldq     ymmG, ymmG, 8     ; ymmG=(-- -- -- -- -- -- -- -- 22 2A 03 0B 13 1B 23 2B
-                                  ;       04 0C 14 1C 24 2C 05 0D 2I 2Q 0J 0R 1J 1R 2J 2R)
-
-    vpunpcklbw  ymmD, ymmD, ymmF  ; ymmD=(11 15 19 1D 21 25 29 2D 02 06 0A 0E 12 16 1A 1E
-                                  ;       1H 1L 1P 1T 2H 2L 2P 2T 0I 0M 0Q 0U 1I 1M 1Q 1U)
-    vpunpckhbw  ymmG, ymmG, ymmF  ; ymmG=(22 26 2A 2E 03 07 0B 0F 13 17 1B 1F 23 27 2B 2F
-                                  ;       2I 2M 2Q 2U 0J 0N 0R 0V 1J 1N 1R 1V 2J 2N 2R 2V)
-
-    vmovdqa     ymmE, ymmA
-    vpslldq     ymmA, ymmA, 8     ; ymmA=(-- -- -- -- -- -- -- -- 00 04 08 0C 10 14 18 1C
-                                  ;       20 24 28 2C 01 05 09 0D 0G 0K 0O 0S 1G 1K 1O 1S)
-    vpsrldq     ymmE, ymmE, 8     ; ymmE=(20 24 28 2C 01 05 09 0D 0G 0K 0O 0S 1G 1K 1O 1S
-                                  ;       2G 2K 2O 2S 0H 0L 0P 0T -- -- -- -- -- -- -- --)
-
-    vpunpckhbw  ymmA, ymmA, ymmD  ; ymmA=(00 02 04 06 08 0A 0C 0E 10 12 14 16 18 1A 1C 1E
-                                  ;       0G 0I 0K 0M 0O 0Q 0S 0U 1G 1I 1K 1M 1O 1Q 1S 1U)
-    vpslldq     ymmD, ymmD, 8     ; ymmD=(-- -- -- -- -- -- -- -- 11 15 19 1D 21 25 29 2D
-                                  ;       02 06 0A 0E 12 16 1A 1E 1H 1L 1P 1T 2H 2L 2P 2T)
-
-    vpunpcklbw  ymmE, ymmE, ymmG  ; ymmE=(20 22 24 26 28 2A 2C 2E 01 03 05 07 09 0B 0D 0F
-                                  ;       2G 2I 2K 2M 2O 2Q 2S 2U 0H 0J 0L 0N 0P 0R 0T 0V)
-    vpunpckhbw  ymmD, ymmD, ymmG  ; ymmD=(11 13 15 17 19 1B 1D 1F 21 23 25 27 29 2B 2D 2F
-                                  ;       1H 1J 1L 1N 1P 1R 1T 1V 2H 2J 2L 2N 2P 2R 2T 2V)
-
-    vpxor       ymmH, ymmH, ymmH
-
-    vmovdqa     ymmC, ymmA
-    vpunpcklbw  ymmA, ymmA, ymmH  ; ymmA=(00 02 04 06 08 0A 0C 0E 0G 0I 0K 0M 0O 0Q 0S 0U)
-    vpunpckhbw  ymmC, ymmC, ymmH  ; ymmC=(10 12 14 16 18 1A 1C 1E 1G 1I 1K 1M 1O 1Q 1S 1U)
-
-    vmovdqa     ymmB, ymmE
-    vpunpcklbw  ymmE, ymmE, ymmH  ; ymmE=(20 22 24 26 28 2A 2C 2E 2G 2I 2K 2M 2O 2Q 2S 2U)
-    vpunpckhbw  ymmB, ymmB, ymmH  ; ymmB=(01 03 05 07 09 0B 0D 0F 0H 0J 0L 0N 0P 0R 0T 0V)
-
-    vmovdqa     ymmF, ymmD
-    vpunpcklbw  ymmD, ymmD, ymmH  ; ymmD=(11 13 15 17 19 1B 1D 1F 1H 1J 1L 1N 1P 1R 1T 1V)
-    vpunpckhbw  ymmF, ymmF, ymmH  ; ymmF=(21 23 25 27 29 2B 2D 2F 2H 2J 2L 2N 2P 2R 2T 2V)
-
-%else  ; RGB_PIXELSIZE == 4 ; -----------
-
-.column_ld1:
-    test        cl, SIZEOF_XMMWORD/16
-    jz          short .column_ld2
-    sub         rcx, byte SIZEOF_XMMWORD/16
-    vmovd       xmmA, XMM_DWORD [rsi+rcx*RGB_PIXELSIZE]
-.column_ld2:
-    test        cl, SIZEOF_XMMWORD/8
-    jz          short .column_ld4
-    sub         rcx, byte SIZEOF_XMMWORD/8
-    vmovq       xmmF, XMM_MMWORD [rsi+rcx*RGB_PIXELSIZE]
-    vpslldq     xmmA, xmmA, SIZEOF_MMWORD
-    vpor        xmmA, xmmA, xmmF
-.column_ld4:
-    test        cl, SIZEOF_XMMWORD/4
-    jz          short .column_ld8
-    sub         rcx, byte SIZEOF_XMMWORD/4
-    vmovdqa     xmmF, xmmA
-    vperm2i128  ymmF, ymmF, ymmF, 1
-    vmovdqu     xmmA, XMMWORD [rsi+rcx*RGB_PIXELSIZE]
-    vpor        ymmA, ymmA, ymmF
-.column_ld8:
-    test        cl, SIZEOF_XMMWORD/2
-    jz          short .column_ld16
-    sub         rcx, byte SIZEOF_XMMWORD/2
-    vmovdqa     ymmF, ymmA
-    vmovdqu     ymmA, YMMWORD [rsi+rcx*RGB_PIXELSIZE]
-.column_ld16:
-    test        cl, SIZEOF_XMMWORD
-    mov         rcx, SIZEOF_YMMWORD
-    jz          short .rgb_ycc_cnv
-    vmovdqa     ymmE, ymmA
-    vmovdqa     ymmH, ymmF
-    vmovdqu     ymmA, YMMWORD [rsi+0*SIZEOF_YMMWORD]
-    vmovdqu     ymmF, YMMWORD [rsi+1*SIZEOF_YMMWORD]
-    jmp         short .rgb_ycc_cnv
-
-.columnloop:
-    vmovdqu     ymmA, YMMWORD [rsi+0*SIZEOF_YMMWORD]
-    vmovdqu     ymmF, YMMWORD [rsi+1*SIZEOF_YMMWORD]
-    vmovdqu     ymmE, YMMWORD [rsi+2*SIZEOF_YMMWORD]
-    vmovdqu     ymmH, YMMWORD [rsi+3*SIZEOF_YMMWORD]
-
-.rgb_ycc_cnv:
-    ; ymmA=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33
-    ;       04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37)
-    ; ymmF=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B
-    ;       0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F)
-    ; ymmE=(0G 1G 2G 3G 0H 1H 2H 3H 0I 1I 2I 3I 0J 1J 2J 3J
-    ;       0K 1K 2K 3K 0L 1L 2L 3L 0M 1M 2M 3M 0N 1N 2N 3N)
-    ; ymmH=(0O 1O 2O 3O 0P 1P 2P 3P 0Q 1Q 2Q 3Q 0R 1R 2R 3R
-    ;       0S 1S 2S 3S 0T 1T 2T 3T 0U 1U 2U 3U 0V 1V 2V 3V)
-
-    vmovdqa     ymmB, ymmA
-    vinserti128 ymmA, ymmA, xmmE, 1     ; ymmA=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33
-                                        ;       0G 1G 2G 3G 0H 1H 2H 3H 0I 1I 2I 3I 0J 1J 2J 3J)
-    vperm2i128  ymmE, ymmB, ymmE, 0x31  ; ymmE=(04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37
-                                        ;       0K 1K 2K 3K 0L 1L 2L 3L 0M 1M 2M 3M 0N 1N 2N 3N)
-
-    vmovdqa     ymmB, ymmF
-    vinserti128 ymmF, ymmF, xmmH, 1     ; ymmF=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B
-                                        ;       0O 1O 2O 3O 0P 1P 2P 3P 0Q 1Q 2Q 3Q 0R 1R 2R 3R)
-    vperm2i128  ymmH, ymmB, ymmH, 0x31  ; ymmH=(0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F
-                                        ;       0S 1S 2S 3S 0T 1T 2T 3T 0U 1U 2U 3U 0V 1V 2V 3V)
-
-    vmovdqa     ymmD, ymmA
-    vpunpcklbw  ymmA, ymmA, ymmE      ; ymmA=(00 04 10 14 20 24 30 34 01 05 11 15 21 25 31 35
-                                      ;       0G 0K 1G 1K 2G 2K 3G 3K 0H 0L 1H 1L 2H 2L 3H 3L)
-    vpunpckhbw  ymmD, ymmD, ymmE      ; ymmD=(02 06 12 16 22 26 32 36 03 07 13 17 23 27 33 37
-                                      ;       0I 0M 1I 1M 2I 2M 3I 3M 0J 0N 1J 1N 2J 2N 3J 3N)
-
-    vmovdqa     ymmC, ymmF
-    vpunpcklbw  ymmF, ymmF, ymmH      ; ymmF=(08 0C 18 1C 28 2C 38 3C 09 0D 19 1D 29 2D 39 3D
-                                      ;       0O 0S 1O 1S 2O 2S 3O 3S 0P 0T 1P 1T 2P 2T 3P 3T)
-    vpunpckhbw  ymmC, ymmC, ymmH      ; ymmC=(0A 0E 1A 1E 2A 2E 3A 3E 0B 0F 1B 1F 2B 2F 3B 3F
-                                      ;       0Q 0U 1Q 1U 2Q 2U 3Q 3U 0R 0V 1R 1V 2R 2V 3R 3V)
-
-    vmovdqa     ymmB, ymmA
-    vpunpcklwd  ymmA, ymmA, ymmF      ; ymmA=(00 04 08 0C 10 14 18 1C 20 24 28 2C 30 34 38 3C
-                                      ;       0G 0K 0O 0S 1G 1K 1O 1S 2G 2K 2O 2S 3G 3K 3O 3S)
-    vpunpckhwd  ymmB, ymmB, ymmF      ; ymmB=(01 05 09 0D 11 15 19 1D 21 25 29 2D 31 35 39 3D
-                                      ;       0H 0L 0P 0T 1H 1L 1P 1T 2H 2L 2P 2T 3H 3L 3P 3T)
-
-    vmovdqa     ymmG, ymmD
-    vpunpcklwd  ymmD, ymmD, ymmC      ; ymmD=(02 06 0A 0E 12 16 1A 1E 22 26 2A 2E 32 36 3A 3E
-                                      ;       0I 0M 0Q 0U 1I 1M 1Q 1U 2I 2M 2Q 2U 3I 3M 3Q 3U)
-    vpunpckhwd  ymmG, ymmG, ymmC      ; ymmG=(03 07 0B 0F 13 17 1B 1F 23 27 2B 2F 33 37 3B 3F
-                                      ;       0J 0N 0R 0V 1J 1N 1R 1V 2J 2N 2R 2V 3J 3N 3R 3V)
-
-    vmovdqa     ymmE, ymmA
-    vpunpcklbw  ymmA, ymmA, ymmD      ; ymmA=(00 02 04 06 08 0A 0C 0E 10 12 14 16 18 1A 1C 1E
-                                      ;       0G 0I 0K 0M 0O 0Q 0S 0U 1G 1I 1K 1M 1O 1Q 1S 1U)
-    vpunpckhbw  ymmE, ymmE, ymmD      ; ymmE=(20 22 24 26 28 2A 2C 2E 30 32 34 36 38 3A 3C 3E
-                                      ;       2G 2I 2K 2M 2O 2Q 2S 2U 3G 3I 3K 3M 3O 3Q 3S 3U)
-
-    vmovdqa     ymmH, ymmB
-    vpunpcklbw  ymmB, ymmB, ymmG      ; ymmB=(01 03 05 07 09 0B 0D 0F 11 13 15 17 19 1B 1D 1F
-                                      ;       0H 0J 0L 0N 0P 0R 0T 0V 1H 1J 1L 1N 1P 1R 1T 1V)
-    vpunpckhbw  ymmH, ymmH, ymmG      ; ymmH=(21 23 25 27 29 2B 2D 2F 31 33 35 37 39 3B 3D 3F
-                                      ;       2H 2J 2L 2N 2P 2R 2T 2V 3H 3J 3L 3N 3P 3R 3T 3V)
-
-    vpxor       ymmF, ymmF, ymmF
-
-    vmovdqa     ymmC, ymmA
-    vpunpcklbw  ymmA, ymmA, ymmF      ; ymmA=(00 02 04 06 08 0A 0C 0E 0G 0I 0K 0M 0O 0Q 0S 0U)
-    vpunpckhbw  ymmC, ymmC, ymmF      ; ymmC=(10 12 14 16 18 1A 1C 1E 1G 1I 1K 1M 1O 1Q 1S 1U)
-
-    vmovdqa     ymmD, ymmB
-    vpunpcklbw  ymmB, ymmB, ymmF      ; ymmB=(01 03 05 07 09 0B 0D 0F 0H 0J 0L 0N 0P 0R 0T 0V)
-    vpunpckhbw  ymmD, ymmD, ymmF      ; ymmD=(11 13 15 17 19 1B 1D 1F 1H 1J 1L 1N 1P 1R 1T 1V)
-
-    vmovdqa     ymmG, ymmE
-    vpunpcklbw  ymmE, ymmE, ymmF      ; ymmE=(20 22 24 26 28 2A 2C 2E 2G 2I 2K 2M 2O 2Q 2S 2U)
-    vpunpckhbw  ymmG, ymmG, ymmF      ; ymmG=(30 32 34 36 38 3A 3C 3E 3G 3I 3K 3M 3O 3Q 3S 3U)
-
-    vpunpcklbw  ymmF, ymmF, ymmH
-    vpunpckhbw  ymmH, ymmH, ymmH
-    vpsrlw      ymmF, ymmF, BYTE_BIT  ; ymmF=(21 23 25 27 29 2B 2D 2F 2H 2J 2L 2N 2P 2R 2T 2V)
-    vpsrlw      ymmH, ymmH, BYTE_BIT  ; ymmH=(31 33 35 37 39 3B 3D 3F 3H 3J 3L 3N 3P 3R 3T 3V)
-
-%endif  ; RGB_PIXELSIZE ; ---------------
-
-    ; ymm0=R(02468ACEGIKMOQSU)=RE, ymm2=G(02468ACEGIKMOQSU)=GE, ymm4=B(02468ACEGIKMOQSU)=BE
-    ; ymm1=R(13579BDFHJLNPRTV)=RO, ymm3=G(13579BDFHJLNPRTV)=GO, ymm5=B(13579BDFHJLNPRTV)=BO
-
-    ; (Original)
-    ; Y  =  0.29900 * R + 0.58700 * G + 0.11400 * B
-    ; Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B + CENTERJSAMPLE
-    ; Cr =  0.50000 * R - 0.41869 * G - 0.08131 * B + CENTERJSAMPLE
-    ;
-    ; (This implementation)
-    ; Y  =  0.29900 * R + 0.33700 * G + 0.11400 * B + 0.25000 * G
-    ; Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B + CENTERJSAMPLE
-    ; Cr =  0.50000 * R - 0.41869 * G - 0.08131 * B + CENTERJSAMPLE
-
-    vmovdqa     YMMWORD [wk(0)], ymm0   ; wk(0)=RE
-    vmovdqa     YMMWORD [wk(1)], ymm1   ; wk(1)=RO
-    vmovdqa     YMMWORD [wk(2)], ymm4   ; wk(2)=BE
-    vmovdqa     YMMWORD [wk(3)], ymm5   ; wk(3)=BO
-
-    vmovdqa     ymm6, ymm1
-    vpunpcklwd  ymm1, ymm1, ymm3
-    vpunpckhwd  ymm6, ymm6, ymm3
-    vmovdqa     ymm7, ymm1
-    vmovdqa     ymm4, ymm6
-    vpmaddwd    ymm1, ymm1, [rel PW_F0299_F0337]  ; ymm1=ROL*FIX(0.299)+GOL*FIX(0.337)
-    vpmaddwd    ymm6, ymm6, [rel PW_F0299_F0337]  ; ymm6=ROH*FIX(0.299)+GOH*FIX(0.337)
-    vpmaddwd    ymm7, ymm7, [rel PW_MF016_MF033]  ; ymm7=ROL*-FIX(0.168)+GOL*-FIX(0.331)
-    vpmaddwd    ymm4, ymm4, [rel PW_MF016_MF033]  ; ymm4=ROH*-FIX(0.168)+GOH*-FIX(0.331)
-
-    vmovdqa     YMMWORD [wk(4)], ymm1   ; wk(4)=ROL*FIX(0.299)+GOL*FIX(0.337)
-    vmovdqa     YMMWORD [wk(5)], ymm6   ; wk(5)=ROH*FIX(0.299)+GOH*FIX(0.337)
-
-    vpxor       ymm1, ymm1, ymm1
-    vpxor       ymm6, ymm6, ymm6
-    vpunpcklwd  ymm1, ymm1, ymm5        ; ymm1=BOL
-    vpunpckhwd  ymm6, ymm6, ymm5        ; ymm6=BOH
-    vpsrld      ymm1, ymm1, 1           ; ymm1=BOL*FIX(0.500)
-    vpsrld      ymm6, ymm6, 1           ; ymm6=BOH*FIX(0.500)
-
-    vmovdqa     ymm5, [rel PD_ONEHALFM1_CJ]  ; ymm5=[PD_ONEHALFM1_CJ]
-
-    vpaddd      ymm7, ymm7, ymm1
-    vpaddd      ymm4, ymm4, ymm6
-    vpaddd      ymm7, ymm7, ymm5
-    vpaddd      ymm4, ymm4, ymm5
-    vpsrld      ymm7, ymm7, SCALEBITS   ; ymm7=CbOL
-    vpsrld      ymm4, ymm4, SCALEBITS   ; ymm4=CbOH
-    vpackssdw   ymm7, ymm7, ymm4        ; ymm7=CbO
-
-    vmovdqa     ymm1, YMMWORD [wk(2)]   ; ymm1=BE
-
-    vmovdqa     ymm6, ymm0
-    vpunpcklwd  ymm0, ymm0, ymm2
-    vpunpckhwd  ymm6, ymm6, ymm2
-    vmovdqa     ymm5, ymm0
-    vmovdqa     ymm4, ymm6
-    vpmaddwd    ymm0, ymm0, [rel PW_F0299_F0337]  ; ymm0=REL*FIX(0.299)+GEL*FIX(0.337)
-    vpmaddwd    ymm6, ymm6, [rel PW_F0299_F0337]  ; ymm6=REH*FIX(0.299)+GEH*FIX(0.337)
-    vpmaddwd    ymm5, ymm5, [rel PW_MF016_MF033]  ; ymm5=REL*-FIX(0.168)+GEL*-FIX(0.331)
-    vpmaddwd    ymm4, ymm4, [rel PW_MF016_MF033]  ; ymm4=REH*-FIX(0.168)+GEH*-FIX(0.331)
-
-    vmovdqa     YMMWORD [wk(6)], ymm0   ; wk(6)=REL*FIX(0.299)+GEL*FIX(0.337)
-    vmovdqa     YMMWORD [wk(7)], ymm6   ; wk(7)=REH*FIX(0.299)+GEH*FIX(0.337)
-
-    vpxor       ymm0, ymm0, ymm0
-    vpxor       ymm6, ymm6, ymm6
-    vpunpcklwd  ymm0, ymm0, ymm1        ; ymm0=BEL
-    vpunpckhwd  ymm6, ymm6, ymm1        ; ymm6=BEH
-    vpsrld      ymm0, ymm0, 1           ; ymm0=BEL*FIX(0.500)
-    vpsrld      ymm6, ymm6, 1           ; ymm6=BEH*FIX(0.500)
-
-    vmovdqa     ymm1, [rel PD_ONEHALFM1_CJ]  ; ymm1=[PD_ONEHALFM1_CJ]
-
-    vpaddd      ymm5, ymm5, ymm0
-    vpaddd      ymm4, ymm4, ymm6
-    vpaddd      ymm5, ymm5, ymm1
-    vpaddd      ymm4, ymm4, ymm1
-    vpsrld      ymm5, ymm5, SCALEBITS   ; ymm5=CbEL
-    vpsrld      ymm4, ymm4, SCALEBITS   ; ymm4=CbEH
-    vpackssdw   ymm5, ymm5, ymm4        ; ymm5=CbE
-
-    vpsllw      ymm7, ymm7, BYTE_BIT
-    vpor        ymm5, ymm5, ymm7        ; ymm5=Cb
-    vmovdqu     YMMWORD [rbx], ymm5     ; Save Cb
-
-    vmovdqa     ymm0, YMMWORD [wk(3)]   ; ymm0=BO
-    vmovdqa     ymm6, YMMWORD [wk(2)]   ; ymm6=BE
-    vmovdqa     ymm1, YMMWORD [wk(1)]   ; ymm1=RO
-
-    vmovdqa     ymm4, ymm0
-    vpunpcklwd  ymm0, ymm0, ymm3
-    vpunpckhwd  ymm4, ymm4, ymm3
-    vmovdqa     ymm7, ymm0
-    vmovdqa     ymm5, ymm4
-    vpmaddwd    ymm0, ymm0, [rel PW_F0114_F0250]  ; ymm0=BOL*FIX(0.114)+GOL*FIX(0.250)
-    vpmaddwd    ymm4, ymm4, [rel PW_F0114_F0250]  ; ymm4=BOH*FIX(0.114)+GOH*FIX(0.250)
-    vpmaddwd    ymm7, ymm7, [rel PW_MF008_MF041]  ; ymm7=BOL*-FIX(0.081)+GOL*-FIX(0.418)
-    vpmaddwd    ymm5, ymm5, [rel PW_MF008_MF041]  ; ymm5=BOH*-FIX(0.081)+GOH*-FIX(0.418)
-
-    vmovdqa     ymm3, [rel PD_ONEHALF]            ; ymm3=[PD_ONEHALF]
-
-    vpaddd      ymm0, ymm0, YMMWORD [wk(4)]
-    vpaddd      ymm4, ymm4, YMMWORD [wk(5)]
-    vpaddd      ymm0, ymm0, ymm3
-    vpaddd      ymm4, ymm4, ymm3
-    vpsrld      ymm0, ymm0, SCALEBITS   ; ymm0=YOL
-    vpsrld      ymm4, ymm4, SCALEBITS   ; ymm4=YOH
-    vpackssdw   ymm0, ymm0, ymm4        ; ymm0=YO
-
-    vpxor       ymm3, ymm3, ymm3
-    vpxor       ymm4, ymm4, ymm4
-    vpunpcklwd  ymm3, ymm3, ymm1        ; ymm3=ROL
-    vpunpckhwd  ymm4, ymm4, ymm1        ; ymm4=ROH
-    vpsrld      ymm3, ymm3, 1           ; ymm3=ROL*FIX(0.500)
-    vpsrld      ymm4, ymm4, 1           ; ymm4=ROH*FIX(0.500)
-
-    vmovdqa     ymm1, [rel PD_ONEHALFM1_CJ]  ; ymm1=[PD_ONEHALFM1_CJ]
-
-    vpaddd      ymm7, ymm7, ymm3
-    vpaddd      ymm5, ymm5, ymm4
-    vpaddd      ymm7, ymm7, ymm1
-    vpaddd      ymm5, ymm5, ymm1
-    vpsrld      ymm7, ymm7, SCALEBITS   ; ymm7=CrOL
-    vpsrld      ymm5, ymm5, SCALEBITS   ; ymm5=CrOH
-    vpackssdw   ymm7, ymm7, ymm5        ; ymm7=CrO
-
-    vmovdqa     ymm3, YMMWORD [wk(0)]   ; ymm3=RE
-
-    vmovdqa     ymm4, ymm6
-    vpunpcklwd  ymm6, ymm6, ymm2
-    vpunpckhwd  ymm4, ymm4, ymm2
-    vmovdqa     ymm1, ymm6
-    vmovdqa     ymm5, ymm4
-    vpmaddwd    ymm6, ymm6, [rel PW_F0114_F0250]  ; ymm6=BEL*FIX(0.114)+GEL*FIX(0.250)
-    vpmaddwd    ymm4, ymm4, [rel PW_F0114_F0250]  ; ymm4=BEH*FIX(0.114)+GEH*FIX(0.250)
-    vpmaddwd    ymm1, ymm1, [rel PW_MF008_MF041]  ; ymm1=BEL*-FIX(0.081)+GEL*-FIX(0.418)
-    vpmaddwd    ymm5, ymm5, [rel PW_MF008_MF041]  ; ymm5=BEH*-FIX(0.081)+GEH*-FIX(0.418)
-
-    vmovdqa     ymm2, [rel PD_ONEHALF]            ; ymm2=[PD_ONEHALF]
-
-    vpaddd      ymm6, ymm6, YMMWORD [wk(6)]
-    vpaddd      ymm4, ymm4, YMMWORD [wk(7)]
-    vpaddd      ymm6, ymm6, ymm2
-    vpaddd      ymm4, ymm4, ymm2
-    vpsrld      ymm6, ymm6, SCALEBITS   ; ymm6=YEL
-    vpsrld      ymm4, ymm4, SCALEBITS   ; ymm4=YEH
-    vpackssdw   ymm6, ymm6, ymm4        ; ymm6=YE
-
-    vpsllw      ymm0, ymm0, BYTE_BIT
-    vpor        ymm6, ymm6, ymm0        ; ymm6=Y
-    vmovdqu     YMMWORD [rdi], ymm6     ; Save Y
-
-    vpxor       ymm2, ymm2, ymm2
-    vpxor       ymm4, ymm4, ymm4
-    vpunpcklwd  ymm2, ymm2, ymm3        ; ymm2=REL
-    vpunpckhwd  ymm4, ymm4, ymm3        ; ymm4=REH
-    vpsrld      ymm2, ymm2, 1           ; ymm2=REL*FIX(0.500)
-    vpsrld      ymm4, ymm4, 1           ; ymm4=REH*FIX(0.500)
-
-    vmovdqa     ymm0, [rel PD_ONEHALFM1_CJ]  ; ymm0=[PD_ONEHALFM1_CJ]
-
-    vpaddd      ymm1, ymm1, ymm2
-    vpaddd      ymm5, ymm5, ymm4
-    vpaddd      ymm1, ymm1, ymm0
-    vpaddd      ymm5, ymm5, ymm0
-    vpsrld      ymm1, ymm1, SCALEBITS   ; ymm1=CrEL
-    vpsrld      ymm5, ymm5, SCALEBITS   ; ymm5=CrEH
-    vpackssdw   ymm1, ymm1, ymm5        ; ymm1=CrE
-
-    vpsllw      ymm7, ymm7, BYTE_BIT
-    vpor        ymm1, ymm1, ymm7        ; ymm1=Cr
-    vmovdqu     YMMWORD [rdx], ymm1     ; Save Cr
-
-    sub         rcx, byte SIZEOF_YMMWORD
-    add         rsi, RGB_PIXELSIZE*SIZEOF_YMMWORD  ; inptr
-    add         rdi, byte SIZEOF_YMMWORD           ; outptr0
-    add         rbx, byte SIZEOF_YMMWORD           ; outptr1
-    add         rdx, byte SIZEOF_YMMWORD           ; outptr2
-    cmp         rcx, byte SIZEOF_YMMWORD
-    jae         near .columnloop
-    test        rcx, rcx
-    jnz         near .column_ld1
-
-    pop         rcx                     ; col
-    pop         rsi
-    pop         rdi
-    pop         rbx
-    pop         rdx
-
-    add         rsi, byte SIZEOF_JSAMPROW  ; input_buf
-    add         rdi, byte SIZEOF_JSAMPROW
-    add         rbx, byte SIZEOF_JSAMPROW
-    add         rdx, byte SIZEOF_JSAMPROW
-    dec         rax                        ; num_rows
-    jg          near .rowloop
-
-.return:
-    pop         rbx
-    vzeroupper
-    uncollect_args 5
-    mov         rsp, rbp                ; rsp <- aligned rbp
-    pop         rsp                     ; rsp <- original rbp
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jccolext-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jccolext-sse2.asm
deleted file mode 100644
index af70ed6..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jccolext-sse2.asm
+++ /dev/null
@@ -1,484 +0,0 @@
-;
-; jccolext.asm - colorspace conversion (64-bit SSE2)
-;
-; Copyright (C) 2009, 2016, D. R. Commander.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jcolsamp.inc"
-
-; --------------------------------------------------------------------------
-;
-; Convert some rows of samples to the output colorspace.
-;
-; GLOBAL(void)
-; jsimd_rgb_ycc_convert_sse2(JDIMENSION img_width, JSAMPARRAY input_buf,
-;                            JSAMPIMAGE output_buf, JDIMENSION output_row,
-;                            int num_rows);
-;
-
-; r10d = JDIMENSION img_width
-; r11 = JSAMPARRAY input_buf
-; r12 = JSAMPIMAGE output_buf
-; r13d = JDIMENSION output_row
-; r14d = int num_rows
-
-%define wk(i)   rbp - (WK_NUM - (i)) * SIZEOF_XMMWORD  ; xmmword wk[WK_NUM]
-%define WK_NUM  8
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_rgb_ycc_convert_sse2)
-
-EXTN(jsimd_rgb_ycc_convert_sse2):
-    push        rbp
-    mov         rax, rsp                     ; rax = original rbp
-    sub         rsp, byte 4
-    and         rsp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [rsp], rax
-    mov         rbp, rsp                     ; rbp = aligned rbp
-    lea         rsp, [wk(0)]
-    collect_args 5
-    push        rbx
-
-    mov         ecx, r10d
-    test        rcx, rcx
-    jz          near .return
-
-    push        rcx
-
-    mov         rsi, r12
-    mov         ecx, r13d
-    mov         rdip, JSAMPARRAY [rsi+0*SIZEOF_JSAMPARRAY]
-    mov         rbxp, JSAMPARRAY [rsi+1*SIZEOF_JSAMPARRAY]
-    mov         rdxp, JSAMPARRAY [rsi+2*SIZEOF_JSAMPARRAY]
-    lea         rdi, [rdi+rcx*SIZEOF_JSAMPROW]
-    lea         rbx, [rbx+rcx*SIZEOF_JSAMPROW]
-    lea         rdx, [rdx+rcx*SIZEOF_JSAMPROW]
-
-    pop         rcx
-
-    mov         rsi, r11
-    mov         eax, r14d
-    test        rax, rax
-    jle         near .return
-.rowloop:
-    push        rdx
-    push        rbx
-    push        rdi
-    push        rsi
-    push        rcx                     ; col
-
-    mov         rsip, JSAMPROW [rsi]    ; inptr
-    mov         rdip, JSAMPROW [rdi]    ; outptr0
-    mov         rbxp, JSAMPROW [rbx]    ; outptr1
-    mov         rdxp, JSAMPROW [rdx]    ; outptr2
-
-    cmp         rcx, byte SIZEOF_XMMWORD
-    jae         near .columnloop
-
-%if RGB_PIXELSIZE == 3  ; ---------------
-
-.column_ld1:
-    push        rax
-    push        rdx
-    lea         rcx, [rcx+rcx*2]        ; imul ecx,RGB_PIXELSIZE
-    test        cl, SIZEOF_BYTE
-    jz          short .column_ld2
-    sub         rcx, byte SIZEOF_BYTE
-    movzx       rax, byte [rsi+rcx]
-.column_ld2:
-    test        cl, SIZEOF_WORD
-    jz          short .column_ld4
-    sub         rcx, byte SIZEOF_WORD
-    movzx       rdx, word [rsi+rcx]
-    shl         rax, WORD_BIT
-    or          rax, rdx
-.column_ld4:
-    movd        xmmA, eax
-    pop         rdx
-    pop         rax
-    test        cl, SIZEOF_DWORD
-    jz          short .column_ld8
-    sub         rcx, byte SIZEOF_DWORD
-    movd        xmmF, XMM_DWORD [rsi+rcx]
-    pslldq      xmmA, SIZEOF_DWORD
-    por         xmmA, xmmF
-.column_ld8:
-    test        cl, SIZEOF_MMWORD
-    jz          short .column_ld16
-    sub         rcx, byte SIZEOF_MMWORD
-    movq        xmmB, XMM_MMWORD [rsi+rcx]
-    pslldq      xmmA, SIZEOF_MMWORD
-    por         xmmA, xmmB
-.column_ld16:
-    test        cl, SIZEOF_XMMWORD
-    jz          short .column_ld32
-    movdqa      xmmF, xmmA
-    movdqu      xmmA, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-    mov         rcx, SIZEOF_XMMWORD
-    jmp         short .rgb_ycc_cnv
-.column_ld32:
-    test        cl, 2*SIZEOF_XMMWORD
-    mov         rcx, SIZEOF_XMMWORD
-    jz          short .rgb_ycc_cnv
-    movdqa      xmmB, xmmA
-    movdqu      xmmA, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-    movdqu      xmmF, XMMWORD [rsi+1*SIZEOF_XMMWORD]
-    jmp         short .rgb_ycc_cnv
-
-.columnloop:
-    movdqu      xmmA, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-    movdqu      xmmF, XMMWORD [rsi+1*SIZEOF_XMMWORD]
-    movdqu      xmmB, XMMWORD [rsi+2*SIZEOF_XMMWORD]
-
-.rgb_ycc_cnv:
-    ; xmmA=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05)
-    ; xmmF=(15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A)
-    ; xmmB=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F)
-
-    movdqa      xmmG, xmmA
-    pslldq      xmmA, 8     ; xmmA=(-- -- -- -- -- -- -- -- 00 10 20 01 11 21 02 12)
-    psrldq      xmmG, 8     ; xmmG=(22 03 13 23 04 14 24 05 -- -- -- -- -- -- -- --)
-
-    punpckhbw   xmmA, xmmF  ; xmmA=(00 08 10 18 20 28 01 09 11 19 21 29 02 0A 12 1A)
-    pslldq      xmmF, 8     ; xmmF=(-- -- -- -- -- -- -- -- 15 25 06 16 26 07 17 27)
-
-    punpcklbw   xmmG, xmmB  ; xmmG=(22 2A 03 0B 13 1B 23 2B 04 0C 14 1C 24 2C 05 0D)
-    punpckhbw   xmmF, xmmB  ; xmmF=(15 1D 25 2D 06 0E 16 1E 26 2E 07 0F 17 1F 27 2F)
-
-    movdqa      xmmD, xmmA
-    pslldq      xmmA, 8     ; xmmA=(-- -- -- -- -- -- -- -- 00 08 10 18 20 28 01 09)
-    psrldq      xmmD, 8     ; xmmD=(11 19 21 29 02 0A 12 1A -- -- -- -- -- -- -- --)
-
-    punpckhbw   xmmA, xmmG  ; xmmA=(00 04 08 0C 10 14 18 1C 20 24 28 2C 01 05 09 0D)
-    pslldq      xmmG, 8     ; xmmG=(-- -- -- -- -- -- -- -- 22 2A 03 0B 13 1B 23 2B)
-
-    punpcklbw   xmmD, xmmF  ; xmmD=(11 15 19 1D 21 25 29 2D 02 06 0A 0E 12 16 1A 1E)
-    punpckhbw   xmmG, xmmF  ; xmmG=(22 26 2A 2E 03 07 0B 0F 13 17 1B 1F 23 27 2B 2F)
-
-    movdqa      xmmE, xmmA
-    pslldq      xmmA, 8     ; xmmA=(-- -- -- -- -- -- -- -- 00 04 08 0C 10 14 18 1C)
-    psrldq      xmmE, 8     ; xmmE=(20 24 28 2C 01 05 09 0D -- -- -- -- -- -- -- --)
-
-    punpckhbw   xmmA, xmmD  ; xmmA=(00 02 04 06 08 0A 0C 0E 10 12 14 16 18 1A 1C 1E)
-    pslldq      xmmD, 8     ; xmmD=(-- -- -- -- -- -- -- -- 11 15 19 1D 21 25 29 2D)
-
-    punpcklbw   xmmE, xmmG  ; xmmE=(20 22 24 26 28 2A 2C 2E 01 03 05 07 09 0B 0D 0F)
-    punpckhbw   xmmD, xmmG  ; xmmD=(11 13 15 17 19 1B 1D 1F 21 23 25 27 29 2B 2D 2F)
-
-    pxor        xmmH, xmmH
-
-    movdqa      xmmC, xmmA
-    punpcklbw   xmmA, xmmH  ; xmmA=(00 02 04 06 08 0A 0C 0E)
-    punpckhbw   xmmC, xmmH  ; xmmC=(10 12 14 16 18 1A 1C 1E)
-
-    movdqa      xmmB, xmmE
-    punpcklbw   xmmE, xmmH  ; xmmE=(20 22 24 26 28 2A 2C 2E)
-    punpckhbw   xmmB, xmmH  ; xmmB=(01 03 05 07 09 0B 0D 0F)
-
-    movdqa      xmmF, xmmD
-    punpcklbw   xmmD, xmmH  ; xmmD=(11 13 15 17 19 1B 1D 1F)
-    punpckhbw   xmmF, xmmH  ; xmmF=(21 23 25 27 29 2B 2D 2F)
-
-%else  ; RGB_PIXELSIZE == 4 ; -----------
-
-.column_ld1:
-    test        cl, SIZEOF_XMMWORD/16
-    jz          short .column_ld2
-    sub         rcx, byte SIZEOF_XMMWORD/16
-    movd        xmmA, XMM_DWORD [rsi+rcx*RGB_PIXELSIZE]
-.column_ld2:
-    test        cl, SIZEOF_XMMWORD/8
-    jz          short .column_ld4
-    sub         rcx, byte SIZEOF_XMMWORD/8
-    movq        xmmE, XMM_MMWORD [rsi+rcx*RGB_PIXELSIZE]
-    pslldq      xmmA, SIZEOF_MMWORD
-    por         xmmA, xmmE
-.column_ld4:
-    test        cl, SIZEOF_XMMWORD/4
-    jz          short .column_ld8
-    sub         rcx, byte SIZEOF_XMMWORD/4
-    movdqa      xmmE, xmmA
-    movdqu      xmmA, XMMWORD [rsi+rcx*RGB_PIXELSIZE]
-.column_ld8:
-    test        cl, SIZEOF_XMMWORD/2
-    mov         rcx, SIZEOF_XMMWORD
-    jz          short .rgb_ycc_cnv
-    movdqa      xmmF, xmmA
-    movdqa      xmmH, xmmE
-    movdqu      xmmA, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-    movdqu      xmmE, XMMWORD [rsi+1*SIZEOF_XMMWORD]
-    jmp         short .rgb_ycc_cnv
-
-.columnloop:
-    movdqu      xmmA, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-    movdqu      xmmE, XMMWORD [rsi+1*SIZEOF_XMMWORD]
-    movdqu      xmmF, XMMWORD [rsi+2*SIZEOF_XMMWORD]
-    movdqu      xmmH, XMMWORD [rsi+3*SIZEOF_XMMWORD]
-
-.rgb_ycc_cnv:
-    ; xmmA=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33)
-    ; xmmE=(04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37)
-    ; xmmF=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B)
-    ; xmmH=(0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F)
-
-    movdqa      xmmD, xmmA
-    punpcklbw   xmmA, xmmE      ; xmmA=(00 04 10 14 20 24 30 34 01 05 11 15 21 25 31 35)
-    punpckhbw   xmmD, xmmE      ; xmmD=(02 06 12 16 22 26 32 36 03 07 13 17 23 27 33 37)
-
-    movdqa      xmmC, xmmF
-    punpcklbw   xmmF, xmmH      ; xmmF=(08 0C 18 1C 28 2C 38 3C 09 0D 19 1D 29 2D 39 3D)
-    punpckhbw   xmmC, xmmH      ; xmmC=(0A 0E 1A 1E 2A 2E 3A 3E 0B 0F 1B 1F 2B 2F 3B 3F)
-
-    movdqa      xmmB, xmmA
-    punpcklwd   xmmA, xmmF      ; xmmA=(00 04 08 0C 10 14 18 1C 20 24 28 2C 30 34 38 3C)
-    punpckhwd   xmmB, xmmF      ; xmmB=(01 05 09 0D 11 15 19 1D 21 25 29 2D 31 35 39 3D)
-
-    movdqa      xmmG, xmmD
-    punpcklwd   xmmD, xmmC      ; xmmD=(02 06 0A 0E 12 16 1A 1E 22 26 2A 2E 32 36 3A 3E)
-    punpckhwd   xmmG, xmmC      ; xmmG=(03 07 0B 0F 13 17 1B 1F 23 27 2B 2F 33 37 3B 3F)
-
-    movdqa      xmmE, xmmA
-    punpcklbw   xmmA, xmmD      ; xmmA=(00 02 04 06 08 0A 0C 0E 10 12 14 16 18 1A 1C 1E)
-    punpckhbw   xmmE, xmmD      ; xmmE=(20 22 24 26 28 2A 2C 2E 30 32 34 36 38 3A 3C 3E)
-
-    movdqa      xmmH, xmmB
-    punpcklbw   xmmB, xmmG      ; xmmB=(01 03 05 07 09 0B 0D 0F 11 13 15 17 19 1B 1D 1F)
-    punpckhbw   xmmH, xmmG      ; xmmH=(21 23 25 27 29 2B 2D 2F 31 33 35 37 39 3B 3D 3F)
-
-    pxor        xmmF, xmmF
-
-    movdqa      xmmC, xmmA
-    punpcklbw   xmmA, xmmF      ; xmmA=(00 02 04 06 08 0A 0C 0E)
-    punpckhbw   xmmC, xmmF      ; xmmC=(10 12 14 16 18 1A 1C 1E)
-
-    movdqa      xmmD, xmmB
-    punpcklbw   xmmB, xmmF      ; xmmB=(01 03 05 07 09 0B 0D 0F)
-    punpckhbw   xmmD, xmmF      ; xmmD=(11 13 15 17 19 1B 1D 1F)
-
-    movdqa      xmmG, xmmE
-    punpcklbw   xmmE, xmmF      ; xmmE=(20 22 24 26 28 2A 2C 2E)
-    punpckhbw   xmmG, xmmF      ; xmmG=(30 32 34 36 38 3A 3C 3E)
-
-    punpcklbw   xmmF, xmmH
-    punpckhbw   xmmH, xmmH
-    psrlw       xmmF, BYTE_BIT  ; xmmF=(21 23 25 27 29 2B 2D 2F)
-    psrlw       xmmH, BYTE_BIT  ; xmmH=(31 33 35 37 39 3B 3D 3F)
-
-%endif  ; RGB_PIXELSIZE ; ---------------
-
-    ; xmm0=R(02468ACE)=RE, xmm2=G(02468ACE)=GE, xmm4=B(02468ACE)=BE
-    ; xmm1=R(13579BDF)=RO, xmm3=G(13579BDF)=GO, xmm5=B(13579BDF)=BO
-
-    ; (Original)
-    ; Y  =  0.29900 * R + 0.58700 * G + 0.11400 * B
-    ; Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B + CENTERJSAMPLE
-    ; Cr =  0.50000 * R - 0.41869 * G - 0.08131 * B + CENTERJSAMPLE
-    ;
-    ; (This implementation)
-    ; Y  =  0.29900 * R + 0.33700 * G + 0.11400 * B + 0.25000 * G
-    ; Cb = -0.16874 * R - 0.33126 * G + 0.50000 * B + CENTERJSAMPLE
-    ; Cr =  0.50000 * R - 0.41869 * G - 0.08131 * B + CENTERJSAMPLE
-
-    movdqa      XMMWORD [wk(0)], xmm0   ; wk(0)=RE
-    movdqa      XMMWORD [wk(1)], xmm1   ; wk(1)=RO
-    movdqa      XMMWORD [wk(2)], xmm4   ; wk(2)=BE
-    movdqa      XMMWORD [wk(3)], xmm5   ; wk(3)=BO
-
-    movdqa      xmm6, xmm1
-    punpcklwd   xmm1, xmm3
-    punpckhwd   xmm6, xmm3
-    movdqa      xmm7, xmm1
-    movdqa      xmm4, xmm6
-    pmaddwd     xmm1, [rel PW_F0299_F0337]  ; xmm1=ROL*FIX(0.299)+GOL*FIX(0.337)
-    pmaddwd     xmm6, [rel PW_F0299_F0337]  ; xmm6=ROH*FIX(0.299)+GOH*FIX(0.337)
-    pmaddwd     xmm7, [rel PW_MF016_MF033]  ; xmm7=ROL*-FIX(0.168)+GOL*-FIX(0.331)
-    pmaddwd     xmm4, [rel PW_MF016_MF033]  ; xmm4=ROH*-FIX(0.168)+GOH*-FIX(0.331)
-
-    movdqa      XMMWORD [wk(4)], xmm1   ; wk(4)=ROL*FIX(0.299)+GOL*FIX(0.337)
-    movdqa      XMMWORD [wk(5)], xmm6   ; wk(5)=ROH*FIX(0.299)+GOH*FIX(0.337)
-
-    pxor        xmm1, xmm1
-    pxor        xmm6, xmm6
-    punpcklwd   xmm1, xmm5              ; xmm1=BOL
-    punpckhwd   xmm6, xmm5              ; xmm6=BOH
-    psrld       xmm1, 1                 ; xmm1=BOL*FIX(0.500)
-    psrld       xmm6, 1                 ; xmm6=BOH*FIX(0.500)
-
-    movdqa      xmm5, [rel PD_ONEHALFM1_CJ]  ; xmm5=[PD_ONEHALFM1_CJ]
-
-    paddd       xmm7, xmm1
-    paddd       xmm4, xmm6
-    paddd       xmm7, xmm5
-    paddd       xmm4, xmm5
-    psrld       xmm7, SCALEBITS         ; xmm7=CbOL
-    psrld       xmm4, SCALEBITS         ; xmm4=CbOH
-    packssdw    xmm7, xmm4              ; xmm7=CbO
-
-    movdqa      xmm1, XMMWORD [wk(2)]   ; xmm1=BE
-
-    movdqa      xmm6, xmm0
-    punpcklwd   xmm0, xmm2
-    punpckhwd   xmm6, xmm2
-    movdqa      xmm5, xmm0
-    movdqa      xmm4, xmm6
-    pmaddwd     xmm0, [rel PW_F0299_F0337]  ; xmm0=REL*FIX(0.299)+GEL*FIX(0.337)
-    pmaddwd     xmm6, [rel PW_F0299_F0337]  ; xmm6=REH*FIX(0.299)+GEH*FIX(0.337)
-    pmaddwd     xmm5, [rel PW_MF016_MF033]  ; xmm5=REL*-FIX(0.168)+GEL*-FIX(0.331)
-    pmaddwd     xmm4, [rel PW_MF016_MF033]  ; xmm4=REH*-FIX(0.168)+GEH*-FIX(0.331)
-
-    movdqa      XMMWORD [wk(6)], xmm0   ; wk(6)=REL*FIX(0.299)+GEL*FIX(0.337)
-    movdqa      XMMWORD [wk(7)], xmm6   ; wk(7)=REH*FIX(0.299)+GEH*FIX(0.337)
-
-    pxor        xmm0, xmm0
-    pxor        xmm6, xmm6
-    punpcklwd   xmm0, xmm1              ; xmm0=BEL
-    punpckhwd   xmm6, xmm1              ; xmm6=BEH
-    psrld       xmm0, 1                 ; xmm0=BEL*FIX(0.500)
-    psrld       xmm6, 1                 ; xmm6=BEH*FIX(0.500)
-
-    movdqa      xmm1, [rel PD_ONEHALFM1_CJ]  ; xmm1=[PD_ONEHALFM1_CJ]
-
-    paddd       xmm5, xmm0
-    paddd       xmm4, xmm6
-    paddd       xmm5, xmm1
-    paddd       xmm4, xmm1
-    psrld       xmm5, SCALEBITS         ; xmm5=CbEL
-    psrld       xmm4, SCALEBITS         ; xmm4=CbEH
-    packssdw    xmm5, xmm4              ; xmm5=CbE
-
-    psllw       xmm7, BYTE_BIT
-    por         xmm5, xmm7              ; xmm5=Cb
-    movdqa      XMMWORD [rbx], xmm5     ; Save Cb
-
-    movdqa      xmm0, XMMWORD [wk(3)]   ; xmm0=BO
-    movdqa      xmm6, XMMWORD [wk(2)]   ; xmm6=BE
-    movdqa      xmm1, XMMWORD [wk(1)]   ; xmm1=RO
-
-    movdqa      xmm4, xmm0
-    punpcklwd   xmm0, xmm3
-    punpckhwd   xmm4, xmm3
-    movdqa      xmm7, xmm0
-    movdqa      xmm5, xmm4
-    pmaddwd     xmm0, [rel PW_F0114_F0250]  ; xmm0=BOL*FIX(0.114)+GOL*FIX(0.250)
-    pmaddwd     xmm4, [rel PW_F0114_F0250]  ; xmm4=BOH*FIX(0.114)+GOH*FIX(0.250)
-    pmaddwd     xmm7, [rel PW_MF008_MF041]  ; xmm7=BOL*-FIX(0.081)+GOL*-FIX(0.418)
-    pmaddwd     xmm5, [rel PW_MF008_MF041]  ; xmm5=BOH*-FIX(0.081)+GOH*-FIX(0.418)
-
-    movdqa      xmm3, [rel PD_ONEHALF]      ; xmm3=[PD_ONEHALF]
-
-    paddd       xmm0, XMMWORD [wk(4)]
-    paddd       xmm4, XMMWORD [wk(5)]
-    paddd       xmm0, xmm3
-    paddd       xmm4, xmm3
-    psrld       xmm0, SCALEBITS         ; xmm0=YOL
-    psrld       xmm4, SCALEBITS         ; xmm4=YOH
-    packssdw    xmm0, xmm4              ; xmm0=YO
-
-    pxor        xmm3, xmm3
-    pxor        xmm4, xmm4
-    punpcklwd   xmm3, xmm1              ; xmm3=ROL
-    punpckhwd   xmm4, xmm1              ; xmm4=ROH
-    psrld       xmm3, 1                 ; xmm3=ROL*FIX(0.500)
-    psrld       xmm4, 1                 ; xmm4=ROH*FIX(0.500)
-
-    movdqa      xmm1, [rel PD_ONEHALFM1_CJ]  ; xmm1=[PD_ONEHALFM1_CJ]
-
-    paddd       xmm7, xmm3
-    paddd       xmm5, xmm4
-    paddd       xmm7, xmm1
-    paddd       xmm5, xmm1
-    psrld       xmm7, SCALEBITS         ; xmm7=CrOL
-    psrld       xmm5, SCALEBITS         ; xmm5=CrOH
-    packssdw    xmm7, xmm5              ; xmm7=CrO
-
-    movdqa      xmm3, XMMWORD [wk(0)]   ; xmm3=RE
-
-    movdqa      xmm4, xmm6
-    punpcklwd   xmm6, xmm2
-    punpckhwd   xmm4, xmm2
-    movdqa      xmm1, xmm6
-    movdqa      xmm5, xmm4
-    pmaddwd     xmm6, [rel PW_F0114_F0250]  ; xmm6=BEL*FIX(0.114)+GEL*FIX(0.250)
-    pmaddwd     xmm4, [rel PW_F0114_F0250]  ; xmm4=BEH*FIX(0.114)+GEH*FIX(0.250)
-    pmaddwd     xmm1, [rel PW_MF008_MF041]  ; xmm1=BEL*-FIX(0.081)+GEL*-FIX(0.418)
-    pmaddwd     xmm5, [rel PW_MF008_MF041]  ; xmm5=BEH*-FIX(0.081)+GEH*-FIX(0.418)
-
-    movdqa      xmm2, [rel PD_ONEHALF]      ; xmm2=[PD_ONEHALF]
-
-    paddd       xmm6, XMMWORD [wk(6)]
-    paddd       xmm4, XMMWORD [wk(7)]
-    paddd       xmm6, xmm2
-    paddd       xmm4, xmm2
-    psrld       xmm6, SCALEBITS         ; xmm6=YEL
-    psrld       xmm4, SCALEBITS         ; xmm4=YEH
-    packssdw    xmm6, xmm4              ; xmm6=YE
-
-    psllw       xmm0, BYTE_BIT
-    por         xmm6, xmm0              ; xmm6=Y
-    movdqa      XMMWORD [rdi], xmm6     ; Save Y
-
-    pxor        xmm2, xmm2
-    pxor        xmm4, xmm4
-    punpcklwd   xmm2, xmm3              ; xmm2=REL
-    punpckhwd   xmm4, xmm3              ; xmm4=REH
-    psrld       xmm2, 1                 ; xmm2=REL*FIX(0.500)
-    psrld       xmm4, 1                 ; xmm4=REH*FIX(0.500)
-
-    movdqa      xmm0, [rel PD_ONEHALFM1_CJ]  ; xmm0=[PD_ONEHALFM1_CJ]
-
-    paddd       xmm1, xmm2
-    paddd       xmm5, xmm4
-    paddd       xmm1, xmm0
-    paddd       xmm5, xmm0
-    psrld       xmm1, SCALEBITS         ; xmm1=CrEL
-    psrld       xmm5, SCALEBITS         ; xmm5=CrEH
-    packssdw    xmm1, xmm5              ; xmm1=CrE
-
-    psllw       xmm7, BYTE_BIT
-    por         xmm1, xmm7              ; xmm1=Cr
-    movdqa      XMMWORD [rdx], xmm1     ; Save Cr
-
-    sub         rcx, byte SIZEOF_XMMWORD
-    add         rsi, byte RGB_PIXELSIZE*SIZEOF_XMMWORD  ; inptr
-    add         rdi, byte SIZEOF_XMMWORD                ; outptr0
-    add         rbx, byte SIZEOF_XMMWORD                ; outptr1
-    add         rdx, byte SIZEOF_XMMWORD                ; outptr2
-    cmp         rcx, byte SIZEOF_XMMWORD
-    jae         near .columnloop
-    test        rcx, rcx
-    jnz         near .column_ld1
-
-    pop         rcx                     ; col
-    pop         rsi
-    pop         rdi
-    pop         rbx
-    pop         rdx
-
-    add         rsi, byte SIZEOF_JSAMPROW  ; input_buf
-    add         rdi, byte SIZEOF_JSAMPROW
-    add         rbx, byte SIZEOF_JSAMPROW
-    add         rdx, byte SIZEOF_JSAMPROW
-    dec         rax                        ; num_rows
-    jg          near .rowloop
-
-.return:
-    pop         rbx
-    uncollect_args 5
-    mov         rsp, rbp                ; rsp <- aligned rbp
-    pop         rsp                     ; rsp <- original rbp
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jccolor-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jccolor-avx2.asm
deleted file mode 100644
index 16b7829..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jccolor-avx2.asm
+++ /dev/null
@@ -1,121 +0,0 @@
-;
-; jccolor.asm - colorspace conversion (64-bit AVX2)
-;
-; Copyright (C) 2009, 2016, D. R. Commander.
-; Copyright (C) 2015, Intel Corporation.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-
-%define SCALEBITS  16
-
-F_0_081 equ  5329                ; FIX(0.08131)
-F_0_114 equ  7471                ; FIX(0.11400)
-F_0_168 equ 11059                ; FIX(0.16874)
-F_0_250 equ 16384                ; FIX(0.25000)
-F_0_299 equ 19595                ; FIX(0.29900)
-F_0_331 equ 21709                ; FIX(0.33126)
-F_0_418 equ 27439                ; FIX(0.41869)
-F_0_587 equ 38470                ; FIX(0.58700)
-F_0_337 equ (F_0_587 - F_0_250)  ; FIX(0.58700) - FIX(0.25000)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_rgb_ycc_convert_avx2)
-
-EXTN(jconst_rgb_ycc_convert_avx2):
-
-PW_F0299_F0337  times 8 dw  F_0_299,  F_0_337
-PW_F0114_F0250  times 8 dw  F_0_114,  F_0_250
-PW_MF016_MF033  times 8 dw -F_0_168, -F_0_331
-PW_MF008_MF041  times 8 dw -F_0_081, -F_0_418
-PD_ONEHALFM1_CJ times 8 dd  (1 << (SCALEBITS - 1)) - 1 + \
-                            (CENTERJSAMPLE << SCALEBITS)
-PD_ONEHALF      times 8 dd  (1 << (SCALEBITS - 1))
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-
-%include "jccolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGB_RED
-%define RGB_GREEN  EXT_RGB_GREEN
-%define RGB_BLUE  EXT_RGB_BLUE
-%define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-%define jsimd_rgb_ycc_convert_avx2  jsimd_extrgb_ycc_convert_avx2
-%include "jccolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGBX_RED
-%define RGB_GREEN  EXT_RGBX_GREEN
-%define RGB_BLUE  EXT_RGBX_BLUE
-%define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-%define jsimd_rgb_ycc_convert_avx2  jsimd_extrgbx_ycc_convert_avx2
-%include "jccolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGR_RED
-%define RGB_GREEN  EXT_BGR_GREEN
-%define RGB_BLUE  EXT_BGR_BLUE
-%define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-%define jsimd_rgb_ycc_convert_avx2  jsimd_extbgr_ycc_convert_avx2
-%include "jccolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGRX_RED
-%define RGB_GREEN  EXT_BGRX_GREEN
-%define RGB_BLUE  EXT_BGRX_BLUE
-%define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-%define jsimd_rgb_ycc_convert_avx2  jsimd_extbgrx_ycc_convert_avx2
-%include "jccolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XBGR_RED
-%define RGB_GREEN  EXT_XBGR_GREEN
-%define RGB_BLUE  EXT_XBGR_BLUE
-%define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-%define jsimd_rgb_ycc_convert_avx2  jsimd_extxbgr_ycc_convert_avx2
-%include "jccolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XRGB_RED
-%define RGB_GREEN  EXT_XRGB_GREEN
-%define RGB_BLUE  EXT_XRGB_BLUE
-%define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-%define jsimd_rgb_ycc_convert_avx2  jsimd_extxrgb_ycc_convert_avx2
-%include "jccolext-avx2.asm"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jccolor-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jccolor-sse2.asm
deleted file mode 100644
index e2955c2..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jccolor-sse2.asm
+++ /dev/null
@@ -1,120 +0,0 @@
-;
-; jccolor.asm - colorspace conversion (64-bit SSE2)
-;
-; Copyright (C) 2009, 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-
-%define SCALEBITS  16
-
-F_0_081 equ  5329                ; FIX(0.08131)
-F_0_114 equ  7471                ; FIX(0.11400)
-F_0_168 equ 11059                ; FIX(0.16874)
-F_0_250 equ 16384                ; FIX(0.25000)
-F_0_299 equ 19595                ; FIX(0.29900)
-F_0_331 equ 21709                ; FIX(0.33126)
-F_0_418 equ 27439                ; FIX(0.41869)
-F_0_587 equ 38470                ; FIX(0.58700)
-F_0_337 equ (F_0_587 - F_0_250)  ; FIX(0.58700) - FIX(0.25000)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_rgb_ycc_convert_sse2)
-
-EXTN(jconst_rgb_ycc_convert_sse2):
-
-PW_F0299_F0337  times 4 dw  F_0_299,  F_0_337
-PW_F0114_F0250  times 4 dw  F_0_114,  F_0_250
-PW_MF016_MF033  times 4 dw -F_0_168, -F_0_331
-PW_MF008_MF041  times 4 dw -F_0_081, -F_0_418
-PD_ONEHALFM1_CJ times 4 dd  (1 << (SCALEBITS - 1)) - 1 + \
-                            (CENTERJSAMPLE << SCALEBITS)
-PD_ONEHALF      times 4 dd  (1 << (SCALEBITS - 1))
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-
-%include "jccolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGB_RED
-%define RGB_GREEN  EXT_RGB_GREEN
-%define RGB_BLUE  EXT_RGB_BLUE
-%define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-%define jsimd_rgb_ycc_convert_sse2  jsimd_extrgb_ycc_convert_sse2
-%include "jccolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGBX_RED
-%define RGB_GREEN  EXT_RGBX_GREEN
-%define RGB_BLUE  EXT_RGBX_BLUE
-%define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-%define jsimd_rgb_ycc_convert_sse2  jsimd_extrgbx_ycc_convert_sse2
-%include "jccolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGR_RED
-%define RGB_GREEN  EXT_BGR_GREEN
-%define RGB_BLUE  EXT_BGR_BLUE
-%define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-%define jsimd_rgb_ycc_convert_sse2  jsimd_extbgr_ycc_convert_sse2
-%include "jccolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGRX_RED
-%define RGB_GREEN  EXT_BGRX_GREEN
-%define RGB_BLUE  EXT_BGRX_BLUE
-%define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-%define jsimd_rgb_ycc_convert_sse2  jsimd_extbgrx_ycc_convert_sse2
-%include "jccolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XBGR_RED
-%define RGB_GREEN  EXT_XBGR_GREEN
-%define RGB_BLUE  EXT_XBGR_BLUE
-%define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-%define jsimd_rgb_ycc_convert_sse2  jsimd_extxbgr_ycc_convert_sse2
-%include "jccolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XRGB_RED
-%define RGB_GREEN  EXT_XRGB_GREEN
-%define RGB_BLUE  EXT_XRGB_BLUE
-%define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-%define jsimd_rgb_ycc_convert_sse2  jsimd_extxrgb_ycc_convert_sse2
-%include "jccolext-sse2.asm"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcgray-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcgray-avx2.asm
deleted file mode 100644
index 591255b..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcgray-avx2.asm
+++ /dev/null
@@ -1,113 +0,0 @@
-;
-; jcgray.asm - grayscale colorspace conversion (64-bit AVX2)
-;
-; Copyright (C) 2011, 2016, D. R. Commander.
-; Copyright (C) 2015, Intel Corporation.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-
-%define SCALEBITS  16
-
-F_0_114 equ  7471                ; FIX(0.11400)
-F_0_250 equ 16384                ; FIX(0.25000)
-F_0_299 equ 19595                ; FIX(0.29900)
-F_0_587 equ 38470                ; FIX(0.58700)
-F_0_337 equ (F_0_587 - F_0_250)  ; FIX(0.58700) - FIX(0.25000)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_rgb_gray_convert_avx2)
-
-EXTN(jconst_rgb_gray_convert_avx2):
-
-PW_F0299_F0337 times 8 dw F_0_299, F_0_337
-PW_F0114_F0250 times 8 dw F_0_114, F_0_250
-PD_ONEHALF     times 8 dd (1 << (SCALEBITS - 1))
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-
-%include "jcgryext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGB_RED
-%define RGB_GREEN  EXT_RGB_GREEN
-%define RGB_BLUE  EXT_RGB_BLUE
-%define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-%define jsimd_rgb_gray_convert_avx2  jsimd_extrgb_gray_convert_avx2
-%include "jcgryext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGBX_RED
-%define RGB_GREEN  EXT_RGBX_GREEN
-%define RGB_BLUE  EXT_RGBX_BLUE
-%define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-%define jsimd_rgb_gray_convert_avx2  jsimd_extrgbx_gray_convert_avx2
-%include "jcgryext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGR_RED
-%define RGB_GREEN  EXT_BGR_GREEN
-%define RGB_BLUE  EXT_BGR_BLUE
-%define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-%define jsimd_rgb_gray_convert_avx2  jsimd_extbgr_gray_convert_avx2
-%include "jcgryext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGRX_RED
-%define RGB_GREEN  EXT_BGRX_GREEN
-%define RGB_BLUE  EXT_BGRX_BLUE
-%define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-%define jsimd_rgb_gray_convert_avx2  jsimd_extbgrx_gray_convert_avx2
-%include "jcgryext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XBGR_RED
-%define RGB_GREEN  EXT_XBGR_GREEN
-%define RGB_BLUE  EXT_XBGR_BLUE
-%define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-%define jsimd_rgb_gray_convert_avx2  jsimd_extxbgr_gray_convert_avx2
-%include "jcgryext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XRGB_RED
-%define RGB_GREEN  EXT_XRGB_GREEN
-%define RGB_BLUE  EXT_XRGB_BLUE
-%define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-%define jsimd_rgb_gray_convert_avx2  jsimd_extxrgb_gray_convert_avx2
-%include "jcgryext-avx2.asm"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcgray-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcgray-sse2.asm
deleted file mode 100644
index e389904..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcgray-sse2.asm
+++ /dev/null
@@ -1,112 +0,0 @@
-;
-; jcgray.asm - grayscale colorspace conversion (64-bit SSE2)
-;
-; Copyright (C) 2011, 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-
-%define SCALEBITS  16
-
-F_0_114 equ  7471                ; FIX(0.11400)
-F_0_250 equ 16384                ; FIX(0.25000)
-F_0_299 equ 19595                ; FIX(0.29900)
-F_0_587 equ 38470                ; FIX(0.58700)
-F_0_337 equ (F_0_587 - F_0_250)  ; FIX(0.58700) - FIX(0.25000)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_rgb_gray_convert_sse2)
-
-EXTN(jconst_rgb_gray_convert_sse2):
-
-PW_F0299_F0337 times 4 dw F_0_299, F_0_337
-PW_F0114_F0250 times 4 dw F_0_114, F_0_250
-PD_ONEHALF     times 4 dd (1 << (SCALEBITS - 1))
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-
-%include "jcgryext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGB_RED
-%define RGB_GREEN  EXT_RGB_GREEN
-%define RGB_BLUE  EXT_RGB_BLUE
-%define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-%define jsimd_rgb_gray_convert_sse2  jsimd_extrgb_gray_convert_sse2
-%include "jcgryext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGBX_RED
-%define RGB_GREEN  EXT_RGBX_GREEN
-%define RGB_BLUE  EXT_RGBX_BLUE
-%define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-%define jsimd_rgb_gray_convert_sse2  jsimd_extrgbx_gray_convert_sse2
-%include "jcgryext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGR_RED
-%define RGB_GREEN  EXT_BGR_GREEN
-%define RGB_BLUE  EXT_BGR_BLUE
-%define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-%define jsimd_rgb_gray_convert_sse2  jsimd_extbgr_gray_convert_sse2
-%include "jcgryext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGRX_RED
-%define RGB_GREEN  EXT_BGRX_GREEN
-%define RGB_BLUE  EXT_BGRX_BLUE
-%define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-%define jsimd_rgb_gray_convert_sse2  jsimd_extbgrx_gray_convert_sse2
-%include "jcgryext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XBGR_RED
-%define RGB_GREEN  EXT_XBGR_GREEN
-%define RGB_BLUE  EXT_XBGR_BLUE
-%define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-%define jsimd_rgb_gray_convert_sse2  jsimd_extxbgr_gray_convert_sse2
-%include "jcgryext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XRGB_RED
-%define RGB_GREEN  EXT_XRGB_GREEN
-%define RGB_BLUE  EXT_XRGB_BLUE
-%define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-%define jsimd_rgb_gray_convert_sse2  jsimd_extxrgb_gray_convert_sse2
-%include "jcgryext-sse2.asm"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcgryext-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcgryext-avx2.asm
deleted file mode 100644
index ddcc2c0..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcgryext-avx2.asm
+++ /dev/null
@@ -1,438 +0,0 @@
-;
-; jcgryext.asm - grayscale colorspace conversion (64-bit AVX2)
-;
-; Copyright (C) 2011, 2016, D. R. Commander.
-; Copyright (C) 2015, Intel Corporation.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jcolsamp.inc"
-
-; --------------------------------------------------------------------------
-;
-; Convert some rows of samples to the output colorspace.
-;
-; GLOBAL(void)
-; jsimd_rgb_gray_convert_avx2(JDIMENSION img_width, JSAMPARRAY input_buf,
-;                             JSAMPIMAGE output_buf, JDIMENSION output_row,
-;                             int num_rows);
-;
-
-; r10d = JDIMENSION img_width
-; r11 = JSAMPARRAY input_buf
-; r12 = JSAMPIMAGE output_buf
-; r13d = JDIMENSION output_row
-; r14d = int num_rows
-
-%define wk(i)   rbp - (WK_NUM - (i)) * SIZEOF_YMMWORD  ; ymmword wk[WK_NUM]
-%define WK_NUM  2
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_rgb_gray_convert_avx2)
-
-EXTN(jsimd_rgb_gray_convert_avx2):
-    push        rbp
-    mov         rax, rsp                     ; rax = original rbp
-    sub         rsp, byte 4
-    and         rsp, byte (-SIZEOF_YMMWORD)  ; align to 256 bits
-    mov         [rsp], rax
-    mov         rbp, rsp                     ; rbp = aligned rbp
-    lea         rsp, [wk(0)]
-    collect_args 5
-    push        rbx
-
-    mov         ecx, r10d
-    test        rcx, rcx
-    jz          near .return
-
-    push        rcx
-
-    mov         rsi, r12
-    mov         ecx, r13d
-    mov         rdip, JSAMPARRAY [rsi+0*SIZEOF_JSAMPARRAY]
-    lea         rdi, [rdi+rcx*SIZEOF_JSAMPROW]
-
-    pop         rcx
-
-    mov         rsi, r11
-    mov         eax, r14d
-    test        rax, rax
-    jle         near .return
-.rowloop:
-    push        rdi
-    push        rsi
-    push        rcx                     ; col
-
-    mov         rsip, JSAMPROW [rsi]    ; inptr
-    mov         rdip, JSAMPROW [rdi]    ; outptr0
-
-    cmp         rcx, byte SIZEOF_YMMWORD
-    jae         near .columnloop
-
-%if RGB_PIXELSIZE == 3  ; ---------------
-
-.column_ld1:
-    push        rax
-    push        rdx
-    lea         rcx, [rcx+rcx*2]        ; imul ecx,RGB_PIXELSIZE
-    test        cl, SIZEOF_BYTE
-    jz          short .column_ld2
-    sub         rcx, byte SIZEOF_BYTE
-    movzx       rax, byte [rsi+rcx]
-.column_ld2:
-    test        cl, SIZEOF_WORD
-    jz          short .column_ld4
-    sub         rcx, byte SIZEOF_WORD
-    movzx       rdx, word [rsi+rcx]
-    shl         rax, WORD_BIT
-    or          rax, rdx
-.column_ld4:
-    vmovd       xmmA, eax
-    pop         rdx
-    pop         rax
-    test        cl, SIZEOF_DWORD
-    jz          short .column_ld8
-    sub         rcx, byte SIZEOF_DWORD
-    vmovd       xmmF, XMM_DWORD [rsi+rcx]
-    vpslldq     xmmA, xmmA, SIZEOF_DWORD
-    vpor        xmmA, xmmA, xmmF
-.column_ld8:
-    test        cl, SIZEOF_MMWORD
-    jz          short .column_ld16
-    sub         rcx, byte SIZEOF_MMWORD
-    vmovq       xmmB, XMM_MMWORD [rsi+rcx]
-    vpslldq     xmmA, xmmA, SIZEOF_MMWORD
-    vpor        xmmA, xmmA, xmmB
-.column_ld16:
-    test        cl, SIZEOF_XMMWORD
-    jz          short .column_ld32
-    sub         rcx, byte SIZEOF_XMMWORD
-    vmovdqu     xmmB, XMM_MMWORD [rsi+rcx]
-    vperm2i128  ymmA, ymmA, ymmA, 1
-    vpor        ymmA, ymmB
-.column_ld32:
-    test        cl, SIZEOF_YMMWORD
-    jz          short .column_ld64
-    sub         rcx, byte SIZEOF_YMMWORD
-    vmovdqa     ymmF, ymmA
-    vmovdqu     ymmA, YMMWORD [rsi+0*SIZEOF_YMMWORD]
-.column_ld64:
-    test        cl, 2*SIZEOF_YMMWORD
-    mov         rcx, SIZEOF_YMMWORD
-    jz          short .rgb_gray_cnv
-    vmovdqa     ymmB, ymmA
-    vmovdqu     ymmA, YMMWORD [rsi+0*SIZEOF_YMMWORD]
-    vmovdqu     ymmF, YMMWORD [rsi+1*SIZEOF_YMMWORD]
-    jmp         short .rgb_gray_cnv
-
-.columnloop:
-    vmovdqu     ymmA, YMMWORD [rsi+0*SIZEOF_YMMWORD]
-    vmovdqu     ymmF, YMMWORD [rsi+1*SIZEOF_YMMWORD]
-    vmovdqu     ymmB, YMMWORD [rsi+2*SIZEOF_YMMWORD]
-
-.rgb_gray_cnv:
-    ; ymmA=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05
-    ;       15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A)
-    ; ymmF=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F
-    ;       0G 1G 2G 0H 1H 2H 0I 1I 2I 0J 1J 2J 0K 1K 2K 0L)
-    ; ymmB=(1L 2L 0M 1M 2M 0N 1N 2N 0O 1O 2O 0P 1P 2P 0Q 1Q
-    ;       2Q 0R 1R 2R 0S 1S 2S 0T 1T 2T 0U 1U 2U 0V 1V 2V)
-
-    vmovdqu     ymmC, ymmA
-    vinserti128 ymmA, ymmF, xmmA, 0  ; ymmA=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05
-                                     ;       0G 1G 2G 0H 1H 2H 0I 1I 2I 0J 1J 2J 0K 1K 2K 0L)
-    vinserti128 ymmC, ymmC, xmmB, 0  ; ymmC=(1L 2L 0M 1M 2M 0N 1N 2N 0O 1O 2O 0P 1P 2P 0Q 1Q
-                                     ;       15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A)
-    vinserti128 ymmB, ymmB, xmmF, 0  ; ymmB=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F
-                                     ;       2Q 0R 1R 2R 0S 1S 2S 0T 1T 2T 0U 1U 2U 0V 1V 2V)
-    vperm2i128  ymmF, ymmC, ymmC, 1  ; ymmF=(15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A
-                                     ;       1L 2L 0M 1M 2M 0N 1N 2N 0O 1O 2O 0P 1P 2P 0Q 1Q)
-
-    vmovdqa     ymmG, ymmA
-    vpslldq     ymmA, ymmA, 8     ; ymmA=(-- -- -- -- -- -- -- -- 00 10 20 01 11 21 02 12
-                                  ;       22 03 13 23 04 14 24 05 0G 1G 2G 0H 1H 2H 0I 1I)
-    vpsrldq     ymmG, ymmG, 8     ; ymmG=(22 03 13 23 04 14 24 05 0G 1G 2G 0H 1H 2H 0I 1I
-                                  ;       2I 0J 1J 2J 0K 1K 2K 0L -- -- -- -- -- -- -- --)
-
-    vpunpckhbw  ymmA, ymmA, ymmF  ; ymmA=(00 08 10 18 20 28 01 09 11 19 21 29 02 0A 12 1A
-                                  ;       0G 0O 1G 1O 2G 2O 0H 0P 1H 1P 2H 2P 0I 0Q 1I 1Q)
-    vpslldq     ymmF, ymmF, 8     ; ymmF=(-- -- -- -- -- -- -- -- 15 25 06 16 26 07 17 27
-                                  ;       08 18 28 09 19 29 0A 1A 1L 2L 0M 1M 2M 0N 1N 2N)
-
-    vpunpcklbw  ymmG, ymmG, ymmB  ; ymmG=(22 2A 03 0B 13 1B 23 2B 04 0C 14 1C 24 2C 05 0D
-                                  ;       2I 2Q 0J 0R 1J 1R 2J 2R 0K 0S 1K 1S 2K 2S 0L 0T)
-    vpunpckhbw  ymmF, ymmF, ymmB  ; ymmF=(15 1D 25 2D 06 0E 16 1E 26 2E 07 0F 17 1F 27 2F
-                                  ;       1L 1T 2L 2T 0M 0U 1M 1U 2M 2U 0N 0V 1N 1V 2N 2V)
-
-    vmovdqa     ymmD, ymmA
-    vpslldq     ymmA, ymmA, 8     ; ymmA=(-- -- -- -- -- -- -- -- 00 08 10 18 20 28 01 09
-                                  ;       11 19 21 29 02 0A 12 1A 0G 0O 1G 1O 2G 2O 0H 0P)
-    vpsrldq     ymmD, ymmD, 8     ; ymmD=(11 19 21 29 02 0A 12 1A 0G 0O 1G 1O 2G 2O 0H 0P
-                                  ;       1H 1P 2H 2P 0I 0Q 1I 1Q -- -- -- -- -- -- -- --)
-
-    vpunpckhbw  ymmA, ymmA, ymmG  ; ymmA=(00 04 08 0C 10 14 18 1C 20 24 28 2C 01 05 09 0D
-                                  ;       0G 0K 0O 0S 1G 1K 1O 1S 2G 2K 2O 2S 0H 0L 0P 0T)
-    vpslldq     ymmG, ymmG, 8     ; ymmG=(-- -- -- -- -- -- -- -- 22 2A 03 0B 13 1B 23 2B
-                                  ;       04 0C 14 1C 24 2C 05 0D 2I 2Q 0J 0R 1J 1R 2J 2R)
-
-    vpunpcklbw  ymmD, ymmD, ymmF  ; ymmD=(11 15 19 1D 21 25 29 2D 02 06 0A 0E 12 16 1A 1E
-                                  ;       1H 1L 1P 1T 2H 2L 2P 2T 0I 0M 0Q 0U 1I 1M 1Q 1U)
-    vpunpckhbw  ymmG, ymmG, ymmF  ; ymmG=(22 26 2A 2E 03 07 0B 0F 13 17 1B 1F 23 27 2B 2F
-                                  ;       2I 2M 2Q 2U 0J 0N 0R 0V 1J 1N 1R 1V 2J 2N 2R 2V)
-
-    vmovdqa     ymmE, ymmA
-    vpslldq     ymmA, ymmA, 8     ; ymmA=(-- -- -- -- -- -- -- -- 00 04 08 0C 10 14 18 1C
-                                  ;       20 24 28 2C 01 05 09 0D 0G 0K 0O 0S 1G 1K 1O 1S)
-    vpsrldq     ymmE, ymmE, 8     ; ymmE=(20 24 28 2C 01 05 09 0D 0G 0K 0O 0S 1G 1K 1O 1S
-                                  ;       2G 2K 2O 2S 0H 0L 0P 0T -- -- -- -- -- -- -- --)
-
-    vpunpckhbw  ymmA, ymmA, ymmD  ; ymmA=(00 02 04 06 08 0A 0C 0E 10 12 14 16 18 1A 1C 1E
-                                  ;       0G 0I 0K 0M 0O 0Q 0S 0U 1G 1I 1K 1M 1O 1Q 1S 1U)
-    vpslldq     ymmD, ymmD, 8     ; ymmD=(-- -- -- -- -- -- -- -- 11 15 19 1D 21 25 29 2D
-                                  ;       02 06 0A 0E 12 16 1A 1E 1H 1L 1P 1T 2H 2L 2P 2T)
-
-    vpunpcklbw  ymmE, ymmE, ymmG  ; ymmE=(20 22 24 26 28 2A 2C 2E 01 03 05 07 09 0B 0D 0F
-                                  ;       2G 2I 2K 2M 2O 2Q 2S 2U 0H 0J 0L 0N 0P 0R 0T 0V)
-    vpunpckhbw  ymmD, ymmD, ymmG  ; ymmD=(11 13 15 17 19 1B 1D 1F 21 23 25 27 29 2B 2D 2F
-                                  ;       1H 1J 1L 1N 1P 1R 1T 1V 2H 2J 2L 2N 2P 2R 2T 2V)
-
-    vpxor       ymmH, ymmH, ymmH
-
-    vmovdqa     ymmC, ymmA
-    vpunpcklbw  ymmA, ymmA, ymmH  ; ymmA=(00 02 04 06 08 0A 0C 0E 0G 0I 0K 0M 0O 0Q 0S 0U)
-    vpunpckhbw  ymmC, ymmC, ymmH  ; ymmC=(10 12 14 16 18 1A 1C 1E 1G 1I 1K 1M 1O 1Q 1S 1U)
-
-    vmovdqa     ymmB, ymmE
-    vpunpcklbw  ymmE, ymmE, ymmH  ; ymmE=(20 22 24 26 28 2A 2C 2E 2G 2I 2K 2M 2O 2Q 2S 2U)
-    vpunpckhbw  ymmB, ymmB, ymmH  ; ymmB=(01 03 05 07 09 0B 0D 0F 0H 0J 0L 0N 0P 0R 0T 0V)
-
-    vmovdqa     ymmF, ymmD
-    vpunpcklbw  ymmD, ymmD, ymmH  ; ymmD=(11 13 15 17 19 1B 1D 1F 1H 1J 1L 1N 1P 1R 1T 1V)
-    vpunpckhbw  ymmF, ymmF, ymmH  ; ymmF=(21 23 25 27 29 2B 2D 2F 2H 2J 2L 2N 2P 2R 2T 2V)
-
-%else  ; RGB_PIXELSIZE == 4 ; -----------
-
-.column_ld1:
-    test        cl, SIZEOF_XMMWORD/16
-    jz          short .column_ld2
-    sub         rcx, byte SIZEOF_XMMWORD/16
-    vmovd       xmmA, XMM_DWORD [rsi+rcx*RGB_PIXELSIZE]
-.column_ld2:
-    test        cl, SIZEOF_XMMWORD/8
-    jz          short .column_ld4
-    sub         rcx, byte SIZEOF_XMMWORD/8
-    vmovq       xmmF, XMM_MMWORD [rsi+rcx*RGB_PIXELSIZE]
-    vpslldq     xmmA, xmmA, SIZEOF_MMWORD
-    vpor        xmmA, xmmA, xmmF
-.column_ld4:
-    test        cl, SIZEOF_XMMWORD/4
-    jz          short .column_ld8
-    sub         rcx, byte SIZEOF_XMMWORD/4
-    vmovdqa     xmmF, xmmA
-    vperm2i128  ymmF, ymmF, ymmF, 1
-    vmovdqu     xmmA, XMMWORD [rsi+rcx*RGB_PIXELSIZE]
-    vpor        ymmA, ymmA, ymmF
-.column_ld8:
-    test        cl, SIZEOF_XMMWORD/2
-    jz          short .column_ld16
-    sub         rcx, byte SIZEOF_XMMWORD/2
-    vmovdqa     ymmF, ymmA
-    vmovdqu     ymmA, YMMWORD [rsi+rcx*RGB_PIXELSIZE]
-.column_ld16:
-    test        cl, SIZEOF_XMMWORD
-    mov         rcx, SIZEOF_YMMWORD
-    jz          short .rgb_gray_cnv
-    vmovdqa     ymmE, ymmA
-    vmovdqa     ymmH, ymmF
-    vmovdqu     ymmA, YMMWORD [rsi+0*SIZEOF_YMMWORD]
-    vmovdqu     ymmF, YMMWORD [rsi+1*SIZEOF_YMMWORD]
-    jmp         short .rgb_gray_cnv
-
-.columnloop:
-    vmovdqu     ymmA, YMMWORD [rsi+0*SIZEOF_YMMWORD]
-    vmovdqu     ymmF, YMMWORD [rsi+1*SIZEOF_YMMWORD]
-    vmovdqu     ymmE, YMMWORD [rsi+2*SIZEOF_YMMWORD]
-    vmovdqu     ymmH, YMMWORD [rsi+3*SIZEOF_YMMWORD]
-
-.rgb_gray_cnv:
-    ; ymmA=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33
-    ;       04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37)
-    ; ymmF=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B
-    ;       0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F)
-    ; ymmE=(0G 1G 2G 3G 0H 1H 2H 3H 0I 1I 2I 3I 0J 1J 2J 3J
-    ;       0K 1K 2K 3K 0L 1L 2L 3L 0M 1M 2M 3M 0N 1N 2N 3N)
-    ; ymmH=(0O 1O 2O 3O 0P 1P 2P 3P 0Q 1Q 2Q 3Q 0R 1R 2R 3R
-    ;       0S 1S 2S 3S 0T 1T 2T 3T 0U 1U 2U 3U 0V 1V 2V 3V)
-
-    vmovdqa     ymmB, ymmA
-    vinserti128 ymmA, ymmA, xmmE, 1     ; ymmA=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33
-                                        ;       0G 1G 2G 3G 0H 1H 2H 3H 0I 1I 2I 3I 0J 1J 2J 3J)
-    vperm2i128  ymmE, ymmB, ymmE, 0x31  ; ymmE=(04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37
-                                        ;       0K 1K 2K 3K 0L 1L 2L 3L 0M 1M 2M 3M 0N 1N 2N 3N)
-
-    vmovdqa     ymmB, ymmF
-    vinserti128 ymmF, ymmF, xmmH, 1     ; ymmF=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B
-                                        ;       0O 1O 2O 3O 0P 1P 2P 3P 0Q 1Q 2Q 3Q 0R 1R 2R 3R)
-    vperm2i128  ymmH, ymmB, ymmH, 0x31  ; ymmH=(0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F
-                                        ;       0S 1S 2S 3S 0T 1T 2T 3T 0U 1U 2U 3U 0V 1V 2V 3V)
-
-    vmovdqa     ymmD, ymmA
-    vpunpcklbw  ymmA, ymmA, ymmE      ; ymmA=(00 04 10 14 20 24 30 34 01 05 11 15 21 25 31 35
-                                      ;       0G 0K 1G 1K 2G 2K 3G 3K 0H 0L 1H 1L 2H 2L 3H 3L)
-    vpunpckhbw  ymmD, ymmD, ymmE      ; ymmD=(02 06 12 16 22 26 32 36 03 07 13 17 23 27 33 37
-                                      ;       0I 0M 1I 1M 2I 2M 3I 3M 0J 0N 1J 1N 2J 2N 3J 3N)
-
-    vmovdqa     ymmC, ymmF
-    vpunpcklbw  ymmF, ymmF, ymmH      ; ymmF=(08 0C 18 1C 28 2C 38 3C 09 0D 19 1D 29 2D 39 3D
-                                      ;       0O 0S 1O 1S 2O 2S 3O 3S 0P 0T 1P 1T 2P 2T 3P 3T)
-    vpunpckhbw  ymmC, ymmC, ymmH      ; ymmC=(0A 0E 1A 1E 2A 2E 3A 3E 0B 0F 1B 1F 2B 2F 3B 3F
-                                      ;       0Q 0U 1Q 1U 2Q 2U 3Q 3U 0R 0V 1R 1V 2R 2V 3R 3V)
-
-    vmovdqa     ymmB, ymmA
-    vpunpcklwd  ymmA, ymmA, ymmF      ; ymmA=(00 04 08 0C 10 14 18 1C 20 24 28 2C 30 34 38 3C
-                                      ;       0G 0K 0O 0S 1G 1K 1O 1S 2G 2K 2O 2S 3G 3K 3O 3S)
-    vpunpckhwd  ymmB, ymmB, ymmF      ; ymmB=(01 05 09 0D 11 15 19 1D 21 25 29 2D 31 35 39 3D
-                                      ;       0H 0L 0P 0T 1H 1L 1P 1T 2H 2L 2P 2T 3H 3L 3P 3T)
-
-    vmovdqa     ymmG, ymmD
-    vpunpcklwd  ymmD, ymmD, ymmC      ; ymmD=(02 06 0A 0E 12 16 1A 1E 22 26 2A 2E 32 36 3A 3E
-                                      ;       0I 0M 0Q 0U 1I 1M 1Q 1U 2I 2M 2Q 2U 3I 3M 3Q 3U)
-    vpunpckhwd  ymmG, ymmG, ymmC      ; ymmG=(03 07 0B 0F 13 17 1B 1F 23 27 2B 2F 33 37 3B 3F
-                                      ;       0J 0N 0R 0V 1J 1N 1R 1V 2J 2N 2R 2V 3J 3N 3R 3V)
-
-    vmovdqa     ymmE, ymmA
-    vpunpcklbw  ymmA, ymmA, ymmD      ; ymmA=(00 02 04 06 08 0A 0C 0E 10 12 14 16 18 1A 1C 1E
-                                      ;       0G 0I 0K 0M 0O 0Q 0S 0U 1G 1I 1K 1M 1O 1Q 1S 1U)
-    vpunpckhbw  ymmE, ymmE, ymmD      ; ymmE=(20 22 24 26 28 2A 2C 2E 30 32 34 36 38 3A 3C 3E
-                                      ;       2G 2I 2K 2M 2O 2Q 2S 2U 3G 3I 3K 3M 3O 3Q 3S 3U)
-
-    vmovdqa     ymmH, ymmB
-    vpunpcklbw  ymmB, ymmB, ymmG      ; ymmB=(01 03 05 07 09 0B 0D 0F 11 13 15 17 19 1B 1D 1F
-                                      ;       0H 0J 0L 0N 0P 0R 0T 0V 1H 1J 1L 1N 1P 1R 1T 1V)
-    vpunpckhbw  ymmH, ymmH, ymmG      ; ymmH=(21 23 25 27 29 2B 2D 2F 31 33 35 37 39 3B 3D 3F
-                                      ;       2H 2J 2L 2N 2P 2R 2T 2V 3H 3J 3L 3N 3P 3R 3T 3V)
-
-    vpxor       ymmF, ymmF, ymmF
-
-    vmovdqa     ymmC, ymmA
-    vpunpcklbw  ymmA, ymmA, ymmF      ; ymmA=(00 02 04 06 08 0A 0C 0E 0G 0I 0K 0M 0O 0Q 0S 0U)
-    vpunpckhbw  ymmC, ymmC, ymmF      ; ymmC=(10 12 14 16 18 1A 1C 1E 1G 1I 1K 1M 1O 1Q 1S 1U)
-
-    vmovdqa     ymmD, ymmB
-    vpunpcklbw  ymmB, ymmB, ymmF      ; ymmB=(01 03 05 07 09 0B 0D 0F 0H 0J 0L 0N 0P 0R 0T 0V)
-    vpunpckhbw  ymmD, ymmD, ymmF      ; ymmD=(11 13 15 17 19 1B 1D 1F 1H 1J 1L 1N 1P 1R 1T 1V)
-
-    vmovdqa     ymmG, ymmE
-    vpunpcklbw  ymmE, ymmE, ymmF      ; ymmE=(20 22 24 26 28 2A 2C 2E 2G 2I 2K 2M 2O 2Q 2S 2U)
-    vpunpckhbw  ymmG, ymmG, ymmF      ; ymmG=(30 32 34 36 38 3A 3C 3E 3G 3I 3K 3M 3O 3Q 3S 3U)
-
-    vpunpcklbw  ymmF, ymmF, ymmH
-    vpunpckhbw  ymmH, ymmH, ymmH
-    vpsrlw      ymmF, ymmF, BYTE_BIT  ; ymmF=(21 23 25 27 29 2B 2D 2F 2H 2J 2L 2N 2P 2R 2T 2V)
-    vpsrlw      ymmH, ymmH, BYTE_BIT  ; ymmH=(31 33 35 37 39 3B 3D 3F 3H 3J 3L 3N 3P 3R 3T 3V)
-
-%endif  ; RGB_PIXELSIZE ; ---------------
-
-    ; ymm0=R(02468ACEGIKMOQSU)=RE, ymm2=G(02468ACEGIKMOQSU)=GE, ymm4=B(02468ACEGIKMOQSU)=BE
-    ; ymm1=R(13579BDFHJLNPRTV)=RO, ymm3=G(13579BDFHJLNPRTV)=GO, ymm5=B(13579BDFHJLNPRTV)=BO
-
-    ; (Original)
-    ; Y  =  0.29900 * R + 0.58700 * G + 0.11400 * B
-    ;
-    ; (This implementation)
-    ; Y  =  0.29900 * R + 0.33700 * G + 0.11400 * B + 0.25000 * G
-
-    vmovdqa     ymm6, ymm1
-    vpunpcklwd  ymm1, ymm1, ymm3
-    vpunpckhwd  ymm6, ymm6, ymm3
-    vpmaddwd    ymm1, ymm1, [rel PW_F0299_F0337]  ; ymm1=ROL*FIX(0.299)+GOL*FIX(0.337)
-    vpmaddwd    ymm6, ymm6, [rel PW_F0299_F0337]  ; ymm6=ROH*FIX(0.299)+GOH*FIX(0.337)
-
-    vmovdqa     ymm7, ymm6              ; ymm7=ROH*FIX(0.299)+GOH*FIX(0.337)
-
-    vmovdqa     ymm6, ymm0
-    vpunpcklwd  ymm0, ymm0, ymm2
-    vpunpckhwd  ymm6, ymm6, ymm2
-    vpmaddwd    ymm0, ymm0, [rel PW_F0299_F0337]  ; ymm0=REL*FIX(0.299)+GEL*FIX(0.337)
-    vpmaddwd    ymm6, ymm6, [rel PW_F0299_F0337]  ; ymm6=REH*FIX(0.299)+GEH*FIX(0.337)
-
-    vmovdqa     YMMWORD [wk(0)], ymm0   ; wk(0)=REL*FIX(0.299)+GEL*FIX(0.337)
-    vmovdqa     YMMWORD [wk(1)], ymm6   ; wk(1)=REH*FIX(0.299)+GEH*FIX(0.337)
-
-    vmovdqa     ymm0, ymm5              ; ymm0=BO
-    vmovdqa     ymm6, ymm4              ; ymm6=BE
-
-    vmovdqa     ymm4, ymm0
-    vpunpcklwd  ymm0, ymm0, ymm3
-    vpunpckhwd  ymm4, ymm4, ymm3
-    vpmaddwd    ymm0, ymm0, [rel PW_F0114_F0250]  ; ymm0=BOL*FIX(0.114)+GOL*FIX(0.250)
-    vpmaddwd    ymm4, ymm4, [rel PW_F0114_F0250]  ; ymm4=BOH*FIX(0.114)+GOH*FIX(0.250)
-
-    vmovdqa     ymm3, [rel PD_ONEHALF]            ; ymm3=[PD_ONEHALF]
-
-    vpaddd      ymm0, ymm0, ymm1
-    vpaddd      ymm4, ymm4, ymm7
-    vpaddd      ymm0, ymm0, ymm3
-    vpaddd      ymm4, ymm4, ymm3
-    vpsrld      ymm0, ymm0, SCALEBITS   ; ymm0=YOL
-    vpsrld      ymm4, ymm4, SCALEBITS   ; ymm4=YOH
-    vpackssdw   ymm0, ymm0, ymm4        ; ymm0=YO
-
-    vmovdqa     ymm4, ymm6
-    vpunpcklwd  ymm6, ymm6, ymm2
-    vpunpckhwd  ymm4, ymm4, ymm2
-    vpmaddwd    ymm6, ymm6, [rel PW_F0114_F0250]  ; ymm6=BEL*FIX(0.114)+GEL*FIX(0.250)
-    vpmaddwd    ymm4, ymm4, [rel PW_F0114_F0250]  ; ymm4=BEH*FIX(0.114)+GEH*FIX(0.250)
-
-    vmovdqa     ymm2, [rel PD_ONEHALF]            ; ymm2=[PD_ONEHALF]
-
-    vpaddd      ymm6, ymm6, YMMWORD [wk(0)]
-    vpaddd      ymm4, ymm4, YMMWORD [wk(1)]
-    vpaddd      ymm6, ymm6, ymm2
-    vpaddd      ymm4, ymm4, ymm2
-    vpsrld      ymm6, ymm6, SCALEBITS   ; ymm6=YEL
-    vpsrld      ymm4, ymm4, SCALEBITS   ; ymm4=YEH
-    vpackssdw   ymm6, ymm6, ymm4        ; ymm6=YE
-
-    vpsllw      ymm0, ymm0, BYTE_BIT
-    vpor        ymm6, ymm6, ymm0        ; ymm6=Y
-    vmovdqu     YMMWORD [rdi], ymm6     ; Save Y
-
-    sub         rcx, byte SIZEOF_YMMWORD
-    add         rsi, RGB_PIXELSIZE*SIZEOF_YMMWORD  ; inptr
-    add         rdi, byte SIZEOF_YMMWORD           ; outptr0
-    cmp         rcx, byte SIZEOF_YMMWORD
-    jae         near .columnloop
-    test        rcx, rcx
-    jnz         near .column_ld1
-
-    pop         rcx                     ; col
-    pop         rsi
-    pop         rdi
-
-    add         rsi, byte SIZEOF_JSAMPROW  ; input_buf
-    add         rdi, byte SIZEOF_JSAMPROW
-    dec         rax                        ; num_rows
-    jg          near .rowloop
-
-.return:
-    pop         rbx
-    vzeroupper
-    uncollect_args 5
-    mov         rsp, rbp                ; rsp <- aligned rbp
-    pop         rsp                     ; rsp <- original rbp
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcgryext-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcgryext-sse2.asm
deleted file mode 100644
index f1d399a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcgryext-sse2.asm
+++ /dev/null
@@ -1,363 +0,0 @@
-;
-; jcgryext.asm - grayscale colorspace conversion (64-bit SSE2)
-;
-; Copyright (C) 2011, 2016, D. R. Commander.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jcolsamp.inc"
-
-; --------------------------------------------------------------------------
-;
-; Convert some rows of samples to the output colorspace.
-;
-; GLOBAL(void)
-; jsimd_rgb_gray_convert_sse2(JDIMENSION img_width, JSAMPARRAY input_buf,
-;                             JSAMPIMAGE output_buf, JDIMENSION output_row,
-;                             int num_rows);
-;
-
-; r10d = JDIMENSION img_width
-; r11 = JSAMPARRAY input_buf
-; r12 = JSAMPIMAGE output_buf
-; r13d = JDIMENSION output_row
-; r14d = int num_rows
-
-%define wk(i)   rbp - (WK_NUM - (i)) * SIZEOF_XMMWORD  ; xmmword wk[WK_NUM]
-%define WK_NUM  2
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_rgb_gray_convert_sse2)
-
-EXTN(jsimd_rgb_gray_convert_sse2):
-    push        rbp
-    mov         rax, rsp                     ; rax = original rbp
-    sub         rsp, byte 4
-    and         rsp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [rsp], rax
-    mov         rbp, rsp                     ; rbp = aligned rbp
-    lea         rsp, [wk(0)]
-    collect_args 5
-    push        rbx
-
-    mov         ecx, r10d
-    test        rcx, rcx
-    jz          near .return
-
-    push        rcx
-
-    mov         rsi, r12
-    mov         ecx, r13d
-    mov         rdip, JSAMPARRAY [rsi+0*SIZEOF_JSAMPARRAY]
-    lea         rdi, [rdi+rcx*SIZEOF_JSAMPROW]
-
-    pop         rcx
-
-    mov         rsi, r11
-    mov         eax, r14d
-    test        rax, rax
-    jle         near .return
-.rowloop:
-    push        rdi
-    push        rsi
-    push        rcx                     ; col
-
-    mov         rsip, JSAMPROW [rsi]    ; inptr
-    mov         rdip, JSAMPROW [rdi]    ; outptr0
-
-    cmp         rcx, byte SIZEOF_XMMWORD
-    jae         near .columnloop
-
-%if RGB_PIXELSIZE == 3  ; ---------------
-
-.column_ld1:
-    push        rax
-    push        rdx
-    lea         rcx, [rcx+rcx*2]        ; imul ecx,RGB_PIXELSIZE
-    test        cl, SIZEOF_BYTE
-    jz          short .column_ld2
-    sub         rcx, byte SIZEOF_BYTE
-    movzx       rax, byte [rsi+rcx]
-.column_ld2:
-    test        cl, SIZEOF_WORD
-    jz          short .column_ld4
-    sub         rcx, byte SIZEOF_WORD
-    movzx       rdx, word [rsi+rcx]
-    shl         rax, WORD_BIT
-    or          rax, rdx
-.column_ld4:
-    movd        xmmA, eax
-    pop         rdx
-    pop         rax
-    test        cl, SIZEOF_DWORD
-    jz          short .column_ld8
-    sub         rcx, byte SIZEOF_DWORD
-    movd        xmmF, XMM_DWORD [rsi+rcx]
-    pslldq      xmmA, SIZEOF_DWORD
-    por         xmmA, xmmF
-.column_ld8:
-    test        cl, SIZEOF_MMWORD
-    jz          short .column_ld16
-    sub         rcx, byte SIZEOF_MMWORD
-    movq        xmmB, XMM_MMWORD [rsi+rcx]
-    pslldq      xmmA, SIZEOF_MMWORD
-    por         xmmA, xmmB
-.column_ld16:
-    test        cl, SIZEOF_XMMWORD
-    jz          short .column_ld32
-    movdqa      xmmF, xmmA
-    movdqu      xmmA, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-    mov         rcx, SIZEOF_XMMWORD
-    jmp         short .rgb_gray_cnv
-.column_ld32:
-    test        cl, 2*SIZEOF_XMMWORD
-    mov         rcx, SIZEOF_XMMWORD
-    jz          short .rgb_gray_cnv
-    movdqa      xmmB, xmmA
-    movdqu      xmmA, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-    movdqu      xmmF, XMMWORD [rsi+1*SIZEOF_XMMWORD]
-    jmp         short .rgb_gray_cnv
-
-.columnloop:
-    movdqu      xmmA, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-    movdqu      xmmF, XMMWORD [rsi+1*SIZEOF_XMMWORD]
-    movdqu      xmmB, XMMWORD [rsi+2*SIZEOF_XMMWORD]
-
-.rgb_gray_cnv:
-    ; xmmA=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05)
-    ; xmmF=(15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A)
-    ; xmmB=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F)
-
-    movdqa      xmmG, xmmA
-    pslldq      xmmA, 8     ; xmmA=(-- -- -- -- -- -- -- -- 00 10 20 01 11 21 02 12)
-    psrldq      xmmG, 8     ; xmmG=(22 03 13 23 04 14 24 05 -- -- -- -- -- -- -- --)
-
-    punpckhbw   xmmA, xmmF  ; xmmA=(00 08 10 18 20 28 01 09 11 19 21 29 02 0A 12 1A)
-    pslldq      xmmF, 8     ; xmmF=(-- -- -- -- -- -- -- -- 15 25 06 16 26 07 17 27)
-
-    punpcklbw   xmmG, xmmB  ; xmmG=(22 2A 03 0B 13 1B 23 2B 04 0C 14 1C 24 2C 05 0D)
-    punpckhbw   xmmF, xmmB  ; xmmF=(15 1D 25 2D 06 0E 16 1E 26 2E 07 0F 17 1F 27 2F)
-
-    movdqa      xmmD, xmmA
-    pslldq      xmmA, 8     ; xmmA=(-- -- -- -- -- -- -- -- 00 08 10 18 20 28 01 09)
-    psrldq      xmmD, 8     ; xmmD=(11 19 21 29 02 0A 12 1A -- -- -- -- -- -- -- --)
-
-    punpckhbw   xmmA, xmmG  ; xmmA=(00 04 08 0C 10 14 18 1C 20 24 28 2C 01 05 09 0D)
-    pslldq      xmmG, 8     ; xmmG=(-- -- -- -- -- -- -- -- 22 2A 03 0B 13 1B 23 2B)
-
-    punpcklbw   xmmD, xmmF  ; xmmD=(11 15 19 1D 21 25 29 2D 02 06 0A 0E 12 16 1A 1E)
-    punpckhbw   xmmG, xmmF  ; xmmG=(22 26 2A 2E 03 07 0B 0F 13 17 1B 1F 23 27 2B 2F)
-
-    movdqa      xmmE, xmmA
-    pslldq      xmmA, 8     ; xmmA=(-- -- -- -- -- -- -- -- 00 04 08 0C 10 14 18 1C)
-    psrldq      xmmE, 8     ; xmmE=(20 24 28 2C 01 05 09 0D -- -- -- -- -- -- -- --)
-
-    punpckhbw   xmmA, xmmD  ; xmmA=(00 02 04 06 08 0A 0C 0E 10 12 14 16 18 1A 1C 1E)
-    pslldq      xmmD, 8     ; xmmD=(-- -- -- -- -- -- -- -- 11 15 19 1D 21 25 29 2D)
-
-    punpcklbw   xmmE, xmmG  ; xmmE=(20 22 24 26 28 2A 2C 2E 01 03 05 07 09 0B 0D 0F)
-    punpckhbw   xmmD, xmmG  ; xmmD=(11 13 15 17 19 1B 1D 1F 21 23 25 27 29 2B 2D 2F)
-
-    pxor        xmmH, xmmH
-
-    movdqa      xmmC, xmmA
-    punpcklbw   xmmA, xmmH  ; xmmA=(00 02 04 06 08 0A 0C 0E)
-    punpckhbw   xmmC, xmmH  ; xmmC=(10 12 14 16 18 1A 1C 1E)
-
-    movdqa      xmmB, xmmE
-    punpcklbw   xmmE, xmmH  ; xmmE=(20 22 24 26 28 2A 2C 2E)
-    punpckhbw   xmmB, xmmH  ; xmmB=(01 03 05 07 09 0B 0D 0F)
-
-    movdqa      xmmF, xmmD
-    punpcklbw   xmmD, xmmH  ; xmmD=(11 13 15 17 19 1B 1D 1F)
-    punpckhbw   xmmF, xmmH  ; xmmF=(21 23 25 27 29 2B 2D 2F)
-
-%else  ; RGB_PIXELSIZE == 4 ; -----------
-
-.column_ld1:
-    test        cl, SIZEOF_XMMWORD/16
-    jz          short .column_ld2
-    sub         rcx, byte SIZEOF_XMMWORD/16
-    movd        xmmA, XMM_DWORD [rsi+rcx*RGB_PIXELSIZE]
-.column_ld2:
-    test        cl, SIZEOF_XMMWORD/8
-    jz          short .column_ld4
-    sub         rcx, byte SIZEOF_XMMWORD/8
-    movq        xmmE, XMM_MMWORD [rsi+rcx*RGB_PIXELSIZE]
-    pslldq      xmmA, SIZEOF_MMWORD
-    por         xmmA, xmmE
-.column_ld4:
-    test        cl, SIZEOF_XMMWORD/4
-    jz          short .column_ld8
-    sub         rcx, byte SIZEOF_XMMWORD/4
-    movdqa      xmmE, xmmA
-    movdqu      xmmA, XMMWORD [rsi+rcx*RGB_PIXELSIZE]
-.column_ld8:
-    test        cl, SIZEOF_XMMWORD/2
-    mov         rcx, SIZEOF_XMMWORD
-    jz          short .rgb_gray_cnv
-    movdqa      xmmF, xmmA
-    movdqa      xmmH, xmmE
-    movdqu      xmmA, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-    movdqu      xmmE, XMMWORD [rsi+1*SIZEOF_XMMWORD]
-    jmp         short .rgb_gray_cnv
-
-.columnloop:
-    movdqu      xmmA, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-    movdqu      xmmE, XMMWORD [rsi+1*SIZEOF_XMMWORD]
-    movdqu      xmmF, XMMWORD [rsi+2*SIZEOF_XMMWORD]
-    movdqu      xmmH, XMMWORD [rsi+3*SIZEOF_XMMWORD]
-
-.rgb_gray_cnv:
-    ; xmmA=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33)
-    ; xmmE=(04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37)
-    ; xmmF=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B)
-    ; xmmH=(0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F)
-
-    movdqa      xmmD, xmmA
-    punpcklbw   xmmA, xmmE      ; xmmA=(00 04 10 14 20 24 30 34 01 05 11 15 21 25 31 35)
-    punpckhbw   xmmD, xmmE      ; xmmD=(02 06 12 16 22 26 32 36 03 07 13 17 23 27 33 37)
-
-    movdqa      xmmC, xmmF
-    punpcklbw   xmmF, xmmH      ; xmmF=(08 0C 18 1C 28 2C 38 3C 09 0D 19 1D 29 2D 39 3D)
-    punpckhbw   xmmC, xmmH      ; xmmC=(0A 0E 1A 1E 2A 2E 3A 3E 0B 0F 1B 1F 2B 2F 3B 3F)
-
-    movdqa      xmmB, xmmA
-    punpcklwd   xmmA, xmmF      ; xmmA=(00 04 08 0C 10 14 18 1C 20 24 28 2C 30 34 38 3C)
-    punpckhwd   xmmB, xmmF      ; xmmB=(01 05 09 0D 11 15 19 1D 21 25 29 2D 31 35 39 3D)
-
-    movdqa      xmmG, xmmD
-    punpcklwd   xmmD, xmmC      ; xmmD=(02 06 0A 0E 12 16 1A 1E 22 26 2A 2E 32 36 3A 3E)
-    punpckhwd   xmmG, xmmC      ; xmmG=(03 07 0B 0F 13 17 1B 1F 23 27 2B 2F 33 37 3B 3F)
-
-    movdqa      xmmE, xmmA
-    punpcklbw   xmmA, xmmD      ; xmmA=(00 02 04 06 08 0A 0C 0E 10 12 14 16 18 1A 1C 1E)
-    punpckhbw   xmmE, xmmD      ; xmmE=(20 22 24 26 28 2A 2C 2E 30 32 34 36 38 3A 3C 3E)
-
-    movdqa      xmmH, xmmB
-    punpcklbw   xmmB, xmmG      ; xmmB=(01 03 05 07 09 0B 0D 0F 11 13 15 17 19 1B 1D 1F)
-    punpckhbw   xmmH, xmmG      ; xmmH=(21 23 25 27 29 2B 2D 2F 31 33 35 37 39 3B 3D 3F)
-
-    pxor        xmmF, xmmF
-
-    movdqa      xmmC, xmmA
-    punpcklbw   xmmA, xmmF      ; xmmA=(00 02 04 06 08 0A 0C 0E)
-    punpckhbw   xmmC, xmmF      ; xmmC=(10 12 14 16 18 1A 1C 1E)
-
-    movdqa      xmmD, xmmB
-    punpcklbw   xmmB, xmmF      ; xmmB=(01 03 05 07 09 0B 0D 0F)
-    punpckhbw   xmmD, xmmF      ; xmmD=(11 13 15 17 19 1B 1D 1F)
-
-    movdqa      xmmG, xmmE
-    punpcklbw   xmmE, xmmF      ; xmmE=(20 22 24 26 28 2A 2C 2E)
-    punpckhbw   xmmG, xmmF      ; xmmG=(30 32 34 36 38 3A 3C 3E)
-
-    punpcklbw   xmmF, xmmH
-    punpckhbw   xmmH, xmmH
-    psrlw       xmmF, BYTE_BIT  ; xmmF=(21 23 25 27 29 2B 2D 2F)
-    psrlw       xmmH, BYTE_BIT  ; xmmH=(31 33 35 37 39 3B 3D 3F)
-
-%endif  ; RGB_PIXELSIZE ; ---------------
-
-    ; xmm0=R(02468ACE)=RE, xmm2=G(02468ACE)=GE, xmm4=B(02468ACE)=BE
-    ; xmm1=R(13579BDF)=RO, xmm3=G(13579BDF)=GO, xmm5=B(13579BDF)=BO
-
-    ; (Original)
-    ; Y  =  0.29900 * R + 0.58700 * G + 0.11400 * B
-    ;
-    ; (This implementation)
-    ; Y  =  0.29900 * R + 0.33700 * G + 0.11400 * B + 0.25000 * G
-
-    movdqa      xmm6, xmm1
-    punpcklwd   xmm1, xmm3
-    punpckhwd   xmm6, xmm3
-    pmaddwd     xmm1, [rel PW_F0299_F0337]  ; xmm1=ROL*FIX(0.299)+GOL*FIX(0.337)
-    pmaddwd     xmm6, [rel PW_F0299_F0337]  ; xmm6=ROH*FIX(0.299)+GOH*FIX(0.337)
-
-    movdqa      xmm7, xmm6              ; xmm7=ROH*FIX(0.299)+GOH*FIX(0.337)
-
-    movdqa      xmm6, xmm0
-    punpcklwd   xmm0, xmm2
-    punpckhwd   xmm6, xmm2
-    pmaddwd     xmm0, [rel PW_F0299_F0337]  ; xmm0=REL*FIX(0.299)+GEL*FIX(0.337)
-    pmaddwd     xmm6, [rel PW_F0299_F0337]  ; xmm6=REH*FIX(0.299)+GEH*FIX(0.337)
-
-    movdqa      XMMWORD [wk(0)], xmm0   ; wk(0)=REL*FIX(0.299)+GEL*FIX(0.337)
-    movdqa      XMMWORD [wk(1)], xmm6   ; wk(1)=REH*FIX(0.299)+GEH*FIX(0.337)
-
-    movdqa      xmm0, xmm5              ; xmm0=BO
-    movdqa      xmm6, xmm4              ; xmm6=BE
-
-    movdqa      xmm4, xmm0
-    punpcklwd   xmm0, xmm3
-    punpckhwd   xmm4, xmm3
-    pmaddwd     xmm0, [rel PW_F0114_F0250]  ; xmm0=BOL*FIX(0.114)+GOL*FIX(0.250)
-    pmaddwd     xmm4, [rel PW_F0114_F0250]  ; xmm4=BOH*FIX(0.114)+GOH*FIX(0.250)
-
-    movdqa      xmm3, [rel PD_ONEHALF]      ; xmm3=[PD_ONEHALF]
-
-    paddd       xmm0, xmm1
-    paddd       xmm4, xmm7
-    paddd       xmm0, xmm3
-    paddd       xmm4, xmm3
-    psrld       xmm0, SCALEBITS         ; xmm0=YOL
-    psrld       xmm4, SCALEBITS         ; xmm4=YOH
-    packssdw    xmm0, xmm4              ; xmm0=YO
-
-    movdqa      xmm4, xmm6
-    punpcklwd   xmm6, xmm2
-    punpckhwd   xmm4, xmm2
-    pmaddwd     xmm6, [rel PW_F0114_F0250]  ; xmm6=BEL*FIX(0.114)+GEL*FIX(0.250)
-    pmaddwd     xmm4, [rel PW_F0114_F0250]  ; xmm4=BEH*FIX(0.114)+GEH*FIX(0.250)
-
-    movdqa      xmm2, [rel PD_ONEHALF]      ; xmm2=[PD_ONEHALF]
-
-    paddd       xmm6, XMMWORD [wk(0)]
-    paddd       xmm4, XMMWORD [wk(1)]
-    paddd       xmm6, xmm2
-    paddd       xmm4, xmm2
-    psrld       xmm6, SCALEBITS         ; xmm6=YEL
-    psrld       xmm4, SCALEBITS         ; xmm4=YEH
-    packssdw    xmm6, xmm4              ; xmm6=YE
-
-    psllw       xmm0, BYTE_BIT
-    por         xmm6, xmm0              ; xmm6=Y
-    movdqa      XMMWORD [rdi], xmm6     ; Save Y
-
-    sub         rcx, byte SIZEOF_XMMWORD
-    add         rsi, byte RGB_PIXELSIZE*SIZEOF_XMMWORD  ; inptr
-    add         rdi, byte SIZEOF_XMMWORD                ; outptr0
-    cmp         rcx, byte SIZEOF_XMMWORD
-    jae         near .columnloop
-    test        rcx, rcx
-    jnz         near .column_ld1
-
-    pop         rcx                     ; col
-    pop         rsi
-    pop         rdi
-
-    add         rsi, byte SIZEOF_JSAMPROW  ; input_buf
-    add         rdi, byte SIZEOF_JSAMPROW
-    dec         rax                        ; num_rows
-    jg          near .rowloop
-
-.return:
-    pop         rbx
-    uncollect_args 5
-    mov         rsp, rbp                ; rsp <- aligned rbp
-    pop         rsp                     ; rsp <- original rbp
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jchuff-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jchuff-sse2.asm
deleted file mode 100644
index 0072028..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jchuff-sse2.asm
+++ /dev/null
@@ -1,582 +0,0 @@
-;
-; jchuff-sse2.asm - Huffman entropy encoding (64-bit SSE2)
-;
-; Copyright (C) 2009-2011, 2014-2016, 2019, D. R. Commander.
-; Copyright (C) 2015, Matthieu Darbois.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains an SSE2 implementation for Huffman coding of one block.
-; The following code is based on jchuff.c; see jchuff.c for more details.
-
-%include "jsimdext.inc"
-
-struc working_state
-.next_output_byte:   resp 1     ; => next byte to write in buffer
-.free_in_buffer:     resp 1     ; # of byte spaces remaining in buffer
-.cur.put_buffer.simd resq 1     ; current bit accumulation buffer
-.cur.free_bits       resd 1     ; # of bits available in it
-.cur.last_dc_val     resd 4     ; last DC coef for each component
-.cinfo:              resp 1     ; dump_buffer needs access to this
-endstruc
-
-struc c_derived_tbl
-.ehufco:             resd 256   ; code for each symbol
-.ehufsi:             resb 256   ; length of code for each symbol
-; If no code has been allocated for a symbol S, ehufsi[S] contains 0
-endstruc
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_huff_encode_one_block)
-
-EXTN(jconst_huff_encode_one_block):
-
-jpeg_mask_bits dd 0x0000, 0x0001, 0x0003, 0x0007
-               dd 0x000f, 0x001f, 0x003f, 0x007f
-               dd 0x00ff, 0x01ff, 0x03ff, 0x07ff
-               dd 0x0fff, 0x1fff, 0x3fff, 0x7fff
-
-    alignz      32
-
-times 1 << 14 db 15
-times 1 << 13 db 14
-times 1 << 12 db 13
-times 1 << 11 db 12
-times 1 << 10 db 11
-times 1 <<  9 db 10
-times 1 <<  8 db  9
-times 1 <<  7 db  8
-times 1 <<  6 db  7
-times 1 <<  5 db  6
-times 1 <<  4 db  5
-times 1 <<  3 db  4
-times 1 <<  2 db  3
-times 1 <<  1 db  2
-times 1 <<  0 db  1
-times 1       db  0
-jpeg_nbits_table:
-times 1       db  0
-times 1 <<  0 db  1
-times 1 <<  1 db  2
-times 1 <<  2 db  3
-times 1 <<  3 db  4
-times 1 <<  4 db  5
-times 1 <<  5 db  6
-times 1 <<  6 db  7
-times 1 <<  7 db  8
-times 1 <<  8 db  9
-times 1 <<  9 db 10
-times 1 << 10 db 11
-times 1 << 11 db 12
-times 1 << 12 db 13
-times 1 << 13 db 14
-times 1 << 14 db 15
-
-    alignz      32
-
-%define NBITS(x)      nbits_base + x
-%define MASK_BITS(x)  NBITS((x) * 4) + (jpeg_mask_bits - jpeg_nbits_table)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-
-; Shorthand used to describe SIMD operations:
-; wN:  xmmN treated as eight signed 16-bit values
-; wN[i]:  perform the same operation on all eight signed 16-bit values, i=0..7
-; bN:  xmmN treated as 16 unsigned 8-bit values
-; bN[i]:  perform the same operation on all 16 unsigned 8-bit values, i=0..15
-; Contents of SIMD registers are shown in memory order.
-
-; Fill the bit buffer to capacity with the leading bits from code, then output
-; the bit buffer and put the remaining bits from code into the bit buffer.
-;
-; Usage:
-; code - contains the bits to shift into the bit buffer (LSB-aligned)
-; %1 - the label to which to jump when the macro completes
-; %2 (optional) - extra instructions to execute after nbits has been set
-;
-; Upon completion, free_bits will be set to the number of remaining bits from
-; code, and put_buffer will contain those remaining bits.  temp and code will
-; be clobbered.
-;
-; This macro encodes any 0xFF bytes as 0xFF 0x00, as does the EMIT_BYTE()
-; macro in jchuff.c.
-
-%macro EMIT_QWORD 1-2
-    add         nbitsb, free_bitsb      ; nbits += free_bits;
-    neg         free_bitsb              ; free_bits = -free_bits;
-    mov         tempd, code             ; temp = code;
-    shl         put_buffer, nbitsb      ; put_buffer <<= nbits;
-    mov         nbitsb, free_bitsb      ; nbits = free_bits;
-    neg         free_bitsb              ; free_bits = -free_bits;
-    shr         tempd, nbitsb           ; temp >>= nbits;
-    or          tempq, put_buffer       ; temp |= put_buffer;
-    movq        xmm0, tempq             ; xmm0.u64 = { temp, 0 };
-    bswap       tempq                   ; temp = htonl(temp);
-    mov         put_buffer, codeq       ; put_buffer = code;
-    pcmpeqb     xmm0, xmm1              ; b0[i] = (b0[i] == 0xFF ? 0xFF : 0);
-    %2
-    pmovmskb    code, xmm0              ; code = 0;  code |= ((b0[i] >> 7) << i);
-    mov         qword [buffer], tempq   ; memcpy(buffer, &temp, 8);
-                                        ; (speculative; will be overwritten if
-                                        ; code contains any 0xFF bytes)
-    add         free_bitsb, 64          ; free_bits += 64;
-    add         bufferp, 8              ; buffer += 8;
-    test        code, code              ; if (code == 0)  /* No 0xFF bytes */
-    jz          %1                      ;   return;
-    ; Execute the equivalent of the EMIT_BYTE() macro in jchuff.c for all 8
-    ; bytes in the qword.
-    cmp         tempb, 0xFF             ; Set CF if temp[0] < 0xFF
-    mov         byte [buffer-7], 0      ; buffer[-7] = 0;
-    sbb         bufferp, 6              ; buffer -= (6 + (temp[0] < 0xFF ? 1 : 0));
-    mov         byte [buffer], temph    ; buffer[0] = temp[1];
-    cmp         temph, 0xFF             ; Set CF if temp[1] < 0xFF
-    mov         byte [buffer+1], 0      ; buffer[1] = 0;
-    sbb         bufferp, -2             ; buffer -= (-2 + (temp[1] < 0xFF ? 1 : 0));
-    shr         tempq, 16               ; temp >>= 16;
-    mov         byte [buffer], tempb    ; buffer[0] = temp[0];
-    cmp         tempb, 0xFF             ; Set CF if temp[0] < 0xFF
-    mov         byte [buffer+1], 0      ; buffer[1] = 0;
-    sbb         bufferp, -2             ; buffer -= (-2 + (temp[0] < 0xFF ? 1 : 0));
-    mov         byte [buffer], temph    ; buffer[0] = temp[1];
-    cmp         temph, 0xFF             ; Set CF if temp[1] < 0xFF
-    mov         byte [buffer+1], 0      ; buffer[1] = 0;
-    sbb         bufferp, -2             ; buffer -= (-2 + (temp[1] < 0xFF ? 1 : 0));
-    shr         tempq, 16               ; temp >>= 16;
-    mov         byte [buffer], tempb    ; buffer[0] = temp[0];
-    cmp         tempb, 0xFF             ; Set CF if temp[0] < 0xFF
-    mov         byte [buffer+1], 0      ; buffer[1] = 0;
-    sbb         bufferp, -2             ; buffer -= (-2 + (temp[0] < 0xFF ? 1 : 0));
-    mov         byte [buffer], temph    ; buffer[0] = temp[1];
-    cmp         temph, 0xFF             ; Set CF if temp[1] < 0xFF
-    mov         byte [buffer+1], 0      ; buffer[1] = 0;
-    sbb         bufferp, -2             ; buffer -= (-2 + (temp[1] < 0xFF ? 1 : 0));
-    shr         tempd, 16               ; temp >>= 16;
-    mov         byte [buffer], tempb    ; buffer[0] = temp[0];
-    cmp         tempb, 0xFF             ; Set CF if temp[0] < 0xFF
-    mov         byte [buffer+1], 0      ; buffer[1] = 0;
-    sbb         bufferp, -2             ; buffer -= (-2 + (temp[0] < 0xFF ? 1 : 0));
-    mov         byte [buffer], temph    ; buffer[0] = temp[1];
-    cmp         temph, 0xFF             ; Set CF if temp[1] < 0xFF
-    mov         byte [buffer+1], 0      ; buffer[1] = 0;
-    sbb         bufferp, -2             ; buffer -= (-2 + (temp[1] < 0xFF ? 1 : 0));
-    jmp         %1                      ; return;
-%endmacro
-
-;
-; Encode a single block's worth of coefficients.
-;
-; GLOBAL(JOCTET *)
-; jsimd_huff_encode_one_block_sse2(working_state *state, JOCTET *buffer,
-;                                  JCOEFPTR block, int last_dc_val,
-;                                  c_derived_tbl *dctbl, c_derived_tbl *actbl)
-;
-; NOTES:
-; When shuffling data, we try to avoid pinsrw as much as possible, since it is
-; slow on many CPUs.  Its reciprocal throughput (issue latency) is 1 even on
-; modern CPUs, so chains of pinsrw instructions (even with different outputs)
-; can limit performance.  pinsrw is a VectorPath instruction on AMD K8 and
-; requires 2 µops (with memory operand) on Intel.  In either case, only one
-; pinsrw instruction can be decoded per cycle (and nothing else if they are
-; back-to-back), so out-of-order execution cannot be used to work around long
-; pinsrw chains (though for Sandy Bridge and later, this may be less of a
-; problem if the code runs from the µop cache.)
-;
-; We use tzcnt instead of bsf without checking for support.  The instruction is
-; executed as bsf on CPUs that don't support tzcnt (encoding is equivalent to
-; rep bsf.)  The destination (first) operand of bsf (and tzcnt on some CPUs) is
-; an input dependency (although the behavior is not formally defined, Intel
-; CPUs usually leave the destination unmodified if the source is zero.)  This
-; can prevent out-of-order execution, so we clear the destination before
-; invoking tzcnt.
-;
-; Initial register allocation
-; rax - buffer
-; rbx - temp
-; rcx - nbits
-; rdx - block --> free_bits
-; rsi - nbits_base
-; rdi - t
-; rbp - code
-; r8  - dctbl --> code_temp
-; r9  - actbl
-; r10 - state
-; r11 - index
-; r12 - put_buffer
-
-%define buffer       rax
-%ifdef WIN64
-%define bufferp      rax
-%else
-%define bufferp      raxp
-%endif
-%define tempq        rbx
-%define tempd        ebx
-%define tempb        bl
-%define temph        bh
-%define nbitsq       rcx
-%define nbits        ecx
-%define nbitsb       cl
-%define block        rdx
-%define nbits_base   rsi
-%define t            rdi
-%define td           edi
-%define codeq        rbp
-%define code         ebp
-%define dctbl        r8
-%define actbl        r9
-%define state        r10
-%define index        r11
-%define indexd       r11d
-%define put_buffer   r12
-%define put_bufferd  r12d
-
-; Step 1: Re-arrange input data according to jpeg_natural_order
-; xx 01 02 03 04 05 06 07      xx 01 08 16 09 02 03 10
-; 08 09 10 11 12 13 14 15      17 24 32 25 18 11 04 05
-; 16 17 18 19 20 21 22 23      12 19 26 33 40 48 41 34
-; 24 25 26 27 28 29 30 31 ==>  27 20 13 06 07 14 21 28
-; 32 33 34 35 36 37 38 39      35 42 49 56 57 50 43 36
-; 40 41 42 43 44 45 46 47      29 22 15 23 30 37 44 51
-; 48 49 50 51 52 53 54 55      58 59 52 45 38 31 39 46
-; 56 57 58 59 60 61 62 63      53 60 61 54 47 55 62 63
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_huff_encode_one_block_sse2)
-
-EXTN(jsimd_huff_encode_one_block_sse2):
-
-%ifdef WIN64
-
-; rcx = working_state *state
-; rdx = JOCTET *buffer
-; r8 = JCOEFPTR block
-; r9 = int last_dc_val
-; [rax+48] = c_derived_tbl *dctbl
-; [rax+56] = c_derived_tbl *actbl
-
-                                                          ;X: X = code stream
-    mov         buffer, rdx
-    mov         block, r8
-    movups      xmm3, XMMWORD [block + 0 * SIZEOF_WORD]   ;D: w3 = xx 01 02 03 04 05 06 07
-    push        rbx
-    push        rbp
-    movdqa      xmm0, xmm3                                ;A: w0 = xx 01 02 03 04 05 06 07
-    push        rsi
-    push        rdi
-    push        r12
-    movups      xmm1, XMMWORD [block + 8 * SIZEOF_WORD]   ;B: w1 = 08 09 10 11 12 13 14 15
-    mov         state, rcx
-    movsx       code, word [block]                        ;Z:     code = block[0];
-    pxor        xmm4, xmm4                                ;A: w4[i] = 0;
-    sub         code, r9d                                 ;Z:     code -= last_dc_val;
-    mov         dctbl, POINTER [rsp+6*8+4*8]
-    mov         actbl, POINTER [rsp+6*8+5*8]
-    punpckldq   xmm0, xmm1                                ;A: w0 = xx 01 08 09 02 03 10 11
-    lea         nbits_base, [rel jpeg_nbits_table]
-    add         rsp, -DCTSIZE2 * SIZEOF_WORD
-    mov         t, rsp
-
-%else
-
-; rdi = working_state *state
-; rsi = JOCTET *buffer
-; rdx = JCOEFPTR block
-; rcx = int last_dc_val
-; r8 = c_derived_tbl *dctbl
-; r9 = c_derived_tbl *actbl
-
-                                                          ;X: X = code stream
-    movups      xmm3, XMMWORD [block + 0 * SIZEOF_WORD]   ;D: w3 = xx 01 02 03 04 05 06 07
-    push        rbx
-    push        rbp
-    movdqa      xmm0, xmm3                                ;A: w0 = xx 01 02 03 04 05 06 07
-    push        r12
-    mov         state, rdi
-    mov         buffer, rsi
-    movups      xmm1, XMMWORD [block + 8 * SIZEOF_WORD]   ;B: w1 = 08 09 10 11 12 13 14 15
-    movsx       codeq, word [block]                       ;Z:     code = block[0];
-    lea         nbits_base, [rel jpeg_nbits_table]
-    pxor        xmm4, xmm4                                ;A: w4[i] = 0;
-    sub         codeq, rcx                                ;Z:     code -= last_dc_val;
-    punpckldq   xmm0, xmm1                                ;A: w0 = xx 01 08 09 02 03 10 11
-    lea         t, [rsp - DCTSIZE2 * SIZEOF_WORD]         ;   use red zone for t_
-
-%endif
-
-    pshuflw     xmm0, xmm0, 11001001b                     ;A: w0 = 01 08 xx 09 02 03 10 11
-    pinsrw      xmm0, word [block + 16 * SIZEOF_WORD], 2  ;A: w0 = 01 08 16 09 02 03 10 11
-    punpckhdq   xmm3, xmm1                                ;D: w3 = 04 05 12 13 06 07 14 15
-    punpcklqdq  xmm1, xmm3                                ;B: w1 = 08 09 10 11 04 05 12 13
-    pinsrw      xmm0, word [block + 17 * SIZEOF_WORD], 7  ;A: w0 = 01 08 16 09 02 03 10 17
-                                                          ;A:      (Row 0, offset 1)
-    pcmpgtw     xmm4, xmm0                                ;A: w4[i] = (w0[i] < 0 ? -1 : 0);
-    paddw       xmm0, xmm4                                ;A: w0[i] += w4[i];
-    movaps      XMMWORD [t + 0 * SIZEOF_WORD], xmm0       ;A: t[i] = w0[i];
-
-    movq        xmm2, qword [block + 24 * SIZEOF_WORD]    ;B: w2 = 24 25 26 27 -- -- -- --
-    pshuflw     xmm2, xmm2, 11011000b                     ;B: w2 = 24 26 25 27 -- -- -- --
-    pslldq      xmm1, 1 * SIZEOF_WORD                     ;B: w1 = -- 08 09 10 11 04 05 12
-    movups      xmm5, XMMWORD [block + 48 * SIZEOF_WORD]  ;H: w5 = 48 49 50 51 52 53 54 55
-    movsd       xmm1, xmm2                                ;B: w1 = 24 26 25 27 11 04 05 12
-    punpcklqdq  xmm2, xmm5                                ;C: w2 = 24 26 25 27 48 49 50 51
-    pinsrw      xmm1, word [block + 32 * SIZEOF_WORD], 1  ;B: w1 = 24 32 25 27 11 04 05 12
-    pxor        xmm4, xmm4                                ;A: w4[i] = 0;
-    psrldq      xmm3, 2 * SIZEOF_WORD                     ;D: w3 = 12 13 06 07 14 15 -- --
-    pcmpeqw     xmm0, xmm4                                ;A: w0[i] = (w0[i] == 0 ? -1 : 0);
-    pinsrw      xmm1, word [block + 18 * SIZEOF_WORD], 3  ;B: w1 = 24 32 25 18 11 04 05 12
-                                                          ;        (Row 1, offset 1)
-    pcmpgtw     xmm4, xmm1                                ;B: w4[i] = (w1[i] < 0 ? -1 : 0);
-    paddw       xmm1, xmm4                                ;B: w1[i] += w4[i];
-    movaps      XMMWORD [t + 8 * SIZEOF_WORD], xmm1       ;B: t[i+8] = w1[i];
-    pxor        xmm4, xmm4                                ;B: w4[i] = 0;
-    pcmpeqw     xmm1, xmm4                                ;B: w1[i] = (w1[i] == 0 ? -1 : 0);
-
-    packsswb    xmm0, xmm1                                ;AB: b0[i] = w0[i], b0[i+8] = w1[i]
-                                                          ;    w/ signed saturation
-
-    pinsrw      xmm3, word [block + 20 * SIZEOF_WORD], 0  ;D: w3 = 20 13 06 07 14 15 -- --
-    pinsrw      xmm3, word [block + 21 * SIZEOF_WORD], 5  ;D: w3 = 20 13 06 07 14 21 -- --
-    pinsrw      xmm3, word [block + 28 * SIZEOF_WORD], 6  ;D: w3 = 20 13 06 07 14 21 28 --
-    pinsrw      xmm3, word [block + 35 * SIZEOF_WORD], 7  ;D: w3 = 20 13 06 07 14 21 28 35
-                                                          ;        (Row 3, offset 1)
-    pcmpgtw     xmm4, xmm3                                ;D: w4[i] = (w3[i] < 0 ? -1 : 0);
-    paddw       xmm3, xmm4                                ;D: w3[i] += w4[i];
-    movaps      XMMWORD [t + 24 * SIZEOF_WORD], xmm3      ;D: t[i+24] = w3[i];
-    pxor        xmm4, xmm4                                ;D: w4[i] = 0;
-    pcmpeqw     xmm3, xmm4                                ;D: w3[i] = (w3[i] == 0 ? -1 : 0);
-
-    pinsrw      xmm2, word [block + 19 * SIZEOF_WORD], 0  ;C: w2 = 19 26 25 27 48 49 50 51
-    cmp         code, 1 << 31                             ;Z:     Set CF if code < 0x80000000,
-                                                          ;Z:     i.e. if code is positive
-    pinsrw      xmm2, word [block + 33 * SIZEOF_WORD], 2  ;C: w2 = 19 26 33 27 48 49 50 51
-    pinsrw      xmm2, word [block + 40 * SIZEOF_WORD], 3  ;C: w2 = 19 26 33 40 48 49 50 51
-    adc         code, -1                                  ;Z:     code += -1 + (code >= 0 ? 1 : 0);
-    pinsrw      xmm2, word [block + 41 * SIZEOF_WORD], 5  ;C: w2 = 19 26 33 40 48 41 50 51
-    pinsrw      xmm2, word [block + 34 * SIZEOF_WORD], 6  ;C: w2 = 19 26 33 40 48 41 34 51
-    movsxd      codeq, code                               ;Z:     sign extend code
-    pinsrw      xmm2, word [block + 27 * SIZEOF_WORD], 7  ;C: w2 = 19 26 33 40 48 41 34 27
-                                                          ;        (Row 2, offset 1)
-    pcmpgtw     xmm4, xmm2                                ;C: w4[i] = (w2[i] < 0 ? -1 : 0);
-    paddw       xmm2, xmm4                                ;C: w2[i] += w4[i];
-    movaps      XMMWORD [t + 16 * SIZEOF_WORD], xmm2      ;C: t[i+16] = w2[i];
-    pxor        xmm4, xmm4                                ;C: w4[i] = 0;
-    pcmpeqw     xmm2, xmm4                                ;C: w2[i] = (w2[i] == 0 ? -1 : 0);
-
-    packsswb    xmm2, xmm3                                ;CD: b2[i] = w2[i], b2[i+8] = w3[i]
-                                                          ;    w/ signed saturation
-
-    movzx       nbitsq, byte [NBITS(codeq)]               ;Z:     nbits = JPEG_NBITS(code);
-    movdqa      xmm3, xmm5                                ;H: w3 = 48 49 50 51 52 53 54 55
-    pmovmskb    tempd, xmm2                               ;Z:     temp = 0;  temp |= ((b2[i] >> 7) << i);
-    pmovmskb    put_bufferd, xmm0                         ;Z:     put_buffer = 0;  put_buffer |= ((b0[i] >> 7) << i);
-    movups      xmm0, XMMWORD [block + 56 * SIZEOF_WORD]  ;H: w0 = 56 57 58 59 60 61 62 63
-    punpckhdq   xmm3, xmm0                                ;H: w3 = 52 53 60 61 54 55 62 63
-    shl         tempd, 16                                 ;Z:     temp <<= 16;
-    psrldq      xmm3, 1 * SIZEOF_WORD                     ;H: w3 = 53 60 61 54 55 62 63 --
-    pxor        xmm2, xmm2                                ;H: w2[i] = 0;
-    or          put_bufferd, tempd                        ;Z:     put_buffer |= temp;
-    pshuflw     xmm3, xmm3, 00111001b                     ;H: w3 = 60 61 54 53 55 62 63 --
-    movq        xmm1, qword [block + 44 * SIZEOF_WORD]    ;G: w1 = 44 45 46 47 -- -- -- --
-    unpcklps    xmm5, xmm0                                ;E: w5 = 48 49 56 57 50 51 58 59
-    pxor        xmm0, xmm0                                ;H: w0[i] = 0;
-    pinsrw      xmm3, word [block + 47 * SIZEOF_WORD], 3  ;H: w3 = 60 61 54 47 55 62 63 --
-                                                          ;        (Row 7, offset 1)
-    pcmpgtw     xmm2, xmm3                                ;H: w2[i] = (w3[i] < 0 ? -1 : 0);
-    paddw       xmm3, xmm2                                ;H: w3[i] += w2[i];
-    movaps      XMMWORD [t + 56 * SIZEOF_WORD], xmm3      ;H: t[i+56] = w3[i];
-    movq        xmm4, qword [block + 36 * SIZEOF_WORD]    ;G: w4 = 36 37 38 39 -- -- -- --
-    pcmpeqw     xmm3, xmm0                                ;H: w3[i] = (w3[i] == 0 ? -1 : 0);
-    punpckldq   xmm4, xmm1                                ;G: w4 = 36 37 44 45 38 39 46 47
-    mov         tempd, [dctbl + c_derived_tbl.ehufco + nbitsq * 4]
-                                                          ;Z:     temp = dctbl->ehufco[nbits];
-    movdqa      xmm1, xmm4                                ;F: w1 = 36 37 44 45 38 39 46 47
-    psrldq      xmm4, 1 * SIZEOF_WORD                     ;G: w4 = 37 44 45 38 39 46 47 --
-    shufpd      xmm1, xmm5, 10b                           ;F: w1 = 36 37 44 45 50 51 58 59
-    and         code, dword [MASK_BITS(nbitsq)]           ;Z:     code &= (1 << nbits) - 1;
-    pshufhw     xmm4, xmm4, 11010011b                     ;G: w4 = 37 44 45 38 -- 39 46 --
-    pslldq      xmm1, 1 * SIZEOF_WORD                     ;F: w1 = -- 36 37 44 45 50 51 58
-    shl         tempq, nbitsb                             ;Z:     temp <<= nbits;
-    pinsrw      xmm4, word [block + 59 * SIZEOF_WORD], 0  ;G: w4 = 59 44 45 38 -- 39 46 --
-    pshufd      xmm1, xmm1, 11011000b                     ;F: w1 = -- 36 45 50 37 44 51 58
-    pinsrw      xmm4, word [block + 52 * SIZEOF_WORD], 1  ;G: w4 = 59 52 45 38 -- 39 46 --
-    or          code, tempd                               ;Z:     code |= temp;
-    movlps      xmm1, qword [block + 20 * SIZEOF_WORD]    ;F: w1 = 20 21 22 23 37 44 51 58
-    pinsrw      xmm4, word [block + 31 * SIZEOF_WORD], 4  ;G: w4 = 59 52 45 38 31 39 46 --
-    pshuflw     xmm1, xmm1, 01110010b                     ;F: w1 = 22 20 23 21 37 44 51 58
-    pinsrw      xmm4, word [block + 53 * SIZEOF_WORD], 7  ;G: w4 = 59 52 45 38 31 39 46 53
-                                                          ;        (Row 6, offset 1)
-    pxor        xmm2, xmm2                                ;G: w2[i] = 0;
-    pcmpgtw     xmm0, xmm4                                ;G: w0[i] = (w4[i] < 0 ? -1 : 0);
-    pinsrw      xmm1, word [block + 15 * SIZEOF_WORD], 1  ;F: w1 = 22 15 23 21 37 44 51 58
-    paddw       xmm4, xmm0                                ;G: w4[i] += w0[i];
-    movaps      XMMWORD [t + 48 * SIZEOF_WORD], xmm4      ;G: t[48+i] = w4[i];
-    pinsrw      xmm1, word [block + 30 * SIZEOF_WORD], 3  ;F: w1 = 22 15 23 30 37 44 51 58
-                                                          ;        (Row 5, offset 1)
-    pcmpeqw     xmm4, xmm2                                ;G: w4[i] = (w4[i] == 0 ? -1 : 0);
-    pinsrw      xmm5, word [block + 42 * SIZEOF_WORD], 0  ;E: w5 = 42 49 56 57 50 51 58 59
-
-    packsswb    xmm4, xmm3                                ;GH: b4[i] = w4[i], b4[i+8] = w3[i]
-                                                          ;    w/ signed saturation
-
-    pxor        xmm0, xmm0                                ;F: w0[i] = 0;
-    pinsrw      xmm5, word [block + 43 * SIZEOF_WORD], 5  ;E: w5 = 42 49 56 57 50 43 58 59
-    pcmpgtw     xmm2, xmm1                                ;F: w2[i] = (w1[i] < 0 ? -1 : 0);
-    pmovmskb    tempd, xmm4                               ;Z:     temp = 0;  temp |= ((b4[i] >> 7) << i);
-    pinsrw      xmm5, word [block + 36 * SIZEOF_WORD], 6  ;E: w5 = 42 49 56 57 50 43 36 59
-    paddw       xmm1, xmm2                                ;F: w1[i] += w2[i];
-    movaps      XMMWORD [t + 40 * SIZEOF_WORD], xmm1      ;F: t[40+i] = w1[i];
-    pinsrw      xmm5, word [block + 29 * SIZEOF_WORD], 7  ;E: w5 = 42 49 56 57 50 43 36 29
-                                                          ;        (Row 4, offset 1)
-%undef block
-%define free_bitsq  rdx
-%define free_bitsd  edx
-%define free_bitsb  dl
-    pcmpeqw     xmm1, xmm0                                ;F: w1[i] = (w1[i] == 0 ? -1 : 0);
-    shl         tempq, 48                                 ;Z:     temp <<= 48;
-    pxor        xmm2, xmm2                                ;E: w2[i] = 0;
-    pcmpgtw     xmm0, xmm5                                ;E: w0[i] = (w5[i] < 0 ? -1 : 0);
-    paddw       xmm5, xmm0                                ;E: w5[i] += w0[i];
-    or          tempq, put_buffer                         ;Z:     temp |= put_buffer;
-    movaps      XMMWORD [t + 32 * SIZEOF_WORD], xmm5      ;E: t[32+i] = w5[i];
-    lea         t, [dword t - 2]                          ;Z:     t = &t[-1];
-    pcmpeqw     xmm5, xmm2                                ;E: w5[i] = (w5[i] == 0 ? -1 : 0);
-
-    packsswb    xmm5, xmm1                                ;EF: b5[i] = w5[i], b5[i+8] = w1[i]
-                                                          ;    w/ signed saturation
-
-    add         nbitsb, byte [dctbl + c_derived_tbl.ehufsi + nbitsq]
-                                                          ;Z:     nbits += dctbl->ehufsi[nbits];
-%undef dctbl
-%define code_temp  r8d
-    pmovmskb    indexd, xmm5                              ;Z:     index = 0;  index |= ((b5[i] >> 7) << i);
-    mov         free_bitsd, [state+working_state.cur.free_bits]
-                                                          ;Z:     free_bits = state->cur.free_bits;
-    pcmpeqw     xmm1, xmm1                                ;Z:     b1[i] = 0xFF;
-    shl         index, 32                                 ;Z:     index <<= 32;
-    mov         put_buffer, [state+working_state.cur.put_buffer.simd]
-                                                          ;Z:     put_buffer = state->cur.put_buffer.simd;
-    or          index, tempq                              ;Z:     index |= temp;
-    not         index                                     ;Z:     index = ~index;
-    sub         free_bitsb, nbitsb                        ;Z:     if ((free_bits -= nbits) >= 0)
-    jnl         .ENTRY_SKIP_EMIT_CODE                     ;Z:       goto .ENTRY_SKIP_EMIT_CODE;
-    align       16
-.EMIT_CODE:                                               ;Z:     .EMIT_CODE:
-    EMIT_QWORD  .BLOOP_COND                               ;Z:     insert code, flush buffer, goto .BLOOP_COND
-
-; ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-    align       16
-.BRLOOP:                                                  ; do {
-    lea         code_temp, [nbitsq - 16]                  ;   code_temp = nbits - 16;
-    movzx       nbits, byte [actbl + c_derived_tbl.ehufsi + 0xf0]
-                                                          ;   nbits = actbl->ehufsi[0xf0];
-    mov         code, [actbl + c_derived_tbl.ehufco + 0xf0 * 4]
-                                                          ;   code = actbl->ehufco[0xf0];
-    sub         free_bitsb, nbitsb                        ;   if ((free_bits -= nbits) <= 0)
-    jle         .EMIT_BRLOOP_CODE                         ;     goto .EMIT_BRLOOP_CODE;
-    shl         put_buffer, nbitsb                        ;   put_buffer <<= nbits;
-    mov         nbits, code_temp                          ;   nbits = code_temp;
-    or          put_buffer, codeq                         ;   put_buffer |= code;
-    cmp         nbits, 16                                 ;   if (nbits <= 16)
-    jle         .ERLOOP                                   ;     break;
-    jmp         .BRLOOP                                   ; } while (1);
-
-; ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-    align       16
-    times 5     nop
-.ENTRY_SKIP_EMIT_CODE:                                    ; .ENTRY_SKIP_EMIT_CODE:
-    shl         put_buffer, nbitsb                        ; put_buffer <<= nbits;
-    or          put_buffer, codeq                         ; put_buffer |= code;
-.BLOOP_COND:                                              ; .BLOOP_COND:
-    test        index, index                              ; if (index != 0)
-    jz          .ELOOP                                    ; {
-.BLOOP:                                                   ;   do {
-    xor         nbits, nbits                              ;     nbits = 0;  /* kill tzcnt input dependency */
-    tzcnt       nbitsq, index                             ;     nbits = # of trailing 0 bits in index
-    inc         nbits                                     ;     ++nbits;
-    lea         t, [t + nbitsq * 2]                       ;     t = &t[nbits];
-    shr         index, nbitsb                             ;     index >>= nbits;
-.EMIT_BRLOOP_CODE_END:                                    ; .EMIT_BRLOOP_CODE_END:
-    cmp         nbits, 16                                 ;     if (nbits > 16)
-    jg          .BRLOOP                                   ;       goto .BRLOOP;
-.ERLOOP:                                                  ; .ERLOOP:
-    movsx       codeq, word [t]                           ;     code = *t;
-    lea         tempd, [nbitsq * 2]                       ;     temp = nbits * 2;
-    movzx       nbits, byte [NBITS(codeq)]                ;     nbits = JPEG_NBITS(code);
-    lea         tempd, [nbitsq + tempq * 8]               ;     temp = temp * 8 + nbits;
-    mov         code_temp, [actbl + c_derived_tbl.ehufco + (tempq - 16) * 4]
-                                                          ;     code_temp = actbl->ehufco[temp-16];
-    shl         code_temp, nbitsb                         ;     code_temp <<= nbits;
-    and         code, dword [MASK_BITS(nbitsq)]           ;     code &= (1 << nbits) - 1;
-    add         nbitsb, [actbl + c_derived_tbl.ehufsi + (tempq - 16)]
-                                                          ;     free_bits -= actbl->ehufsi[temp-16];
-    or          code, code_temp                           ;     code |= code_temp;
-    sub         free_bitsb, nbitsb                        ;     if ((free_bits -= nbits) <= 0)
-    jle         .EMIT_CODE                                ;       goto .EMIT_CODE;
-    shl         put_buffer, nbitsb                        ;     put_buffer <<= nbits;
-    or          put_buffer, codeq                         ;     put_buffer |= code;
-    test        index, index
-    jnz         .BLOOP                                    ;   } while (index != 0);
-.ELOOP:                                                   ; }  /* index != 0 */
-    sub         td, esp                                   ; t -= (WIN64: &t_[0], UNIX: &t_[64]);
-%ifdef WIN64
-    cmp         td, (DCTSIZE2 - 2) * SIZEOF_WORD          ; if (t != 62)
-%else
-    cmp         td, -2 * SIZEOF_WORD                      ; if (t != -2)
-%endif
-    je          .EFN                                      ; {
-    movzx       nbits, byte [actbl + c_derived_tbl.ehufsi + 0]
-                                                          ;   nbits = actbl->ehufsi[0];
-    mov         code, [actbl + c_derived_tbl.ehufco + 0]  ;   code = actbl->ehufco[0];
-    sub         free_bitsb, nbitsb                        ;   if ((free_bits -= nbits) <= 0)
-    jg          .EFN_SKIP_EMIT_CODE                       ;   {
-    EMIT_QWORD  .EFN                                      ;     insert code, flush buffer
-    align       16
-.EFN_SKIP_EMIT_CODE:                                      ;   } else {
-    shl         put_buffer, nbitsb                        ;     put_buffer <<= nbits;
-    or          put_buffer, codeq                         ;     put_buffer |= code;
-.EFN:                                                     ; } }
-    mov         [state + working_state.cur.put_buffer.simd], put_buffer
-                                                          ; state->cur.put_buffer.simd = put_buffer;
-    mov         byte [state + working_state.cur.free_bits], free_bitsb
-                                                          ; state->cur.free_bits = free_bits;
-%ifdef WIN64
-    sub         rsp, -DCTSIZE2 * SIZEOF_WORD
-    pop         r12
-    pop         rdi
-    pop         rsi
-    pop         rbp
-    pop         rbx
-%else
-    pop         r12
-    pop         rbp
-    pop         rbx
-%endif
-    ret
-
-; ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-    align       16
-.EMIT_BRLOOP_CODE:
-    EMIT_QWORD  .EMIT_BRLOOP_CODE_END, { mov nbits, code_temp }
-                                                          ; insert code, flush buffer,
-                                                          ; nbits = code_temp, goto .EMIT_BRLOOP_CODE_END
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcphuff-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcphuff-sse2.asm
deleted file mode 100644
index 01b5c02..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcphuff-sse2.asm
+++ /dev/null
@@ -1,639 +0,0 @@
-;
-; jcphuff-sse2.asm - prepare data for progressive Huffman encoding
-; (64-bit SSE2)
-;
-; Copyright (C) 2016, 2018, Matthieu Darbois
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains an SSE2 implementation of data preparation for progressive
-; Huffman encoding.  See jcphuff.c for more details.
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-
-; --------------------------------------------------------------------------
-; Macros to load data for jsimd_encode_mcu_AC_first_prepare_sse2() and
-; jsimd_encode_mcu_AC_refine_prepare_sse2()
-
-%macro LOAD16 0
-    pxor        N0, N0
-    pxor        N1, N1
-
-    mov         T0d, INT [LUT +  0*SIZEOF_INT]
-    mov         T1d, INT [LUT +  8*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 0
-    pinsrw      X1, word [BLOCK + T1 * 2], 0
-
-    mov         T0d, INT [LUT +  1*SIZEOF_INT]
-    mov         T1d, INT [LUT +  9*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 1
-    pinsrw      X1, word [BLOCK + T1 * 2], 1
-
-    mov         T0d, INT [LUT +  2*SIZEOF_INT]
-    mov         T1d, INT [LUT + 10*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 2
-    pinsrw      X1, word [BLOCK + T1 * 2], 2
-
-    mov         T0d, INT [LUT +  3*SIZEOF_INT]
-    mov         T1d, INT [LUT + 11*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 3
-    pinsrw      X1, word [BLOCK + T1 * 2], 3
-
-    mov         T0d, INT [LUT +  4*SIZEOF_INT]
-    mov         T1d, INT [LUT + 12*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 4
-    pinsrw      X1, word [BLOCK + T1 * 2], 4
-
-    mov         T0d, INT [LUT +  5*SIZEOF_INT]
-    mov         T1d, INT [LUT + 13*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 5
-    pinsrw      X1, word [BLOCK + T1 * 2], 5
-
-    mov         T0d, INT [LUT +  6*SIZEOF_INT]
-    mov         T1d, INT [LUT + 14*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 6
-    pinsrw      X1, word [BLOCK + T1 * 2], 6
-
-    mov         T0d, INT [LUT +  7*SIZEOF_INT]
-    mov         T1d, INT [LUT + 15*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 7
-    pinsrw      X1, word [BLOCK + T1 * 2], 7
-%endmacro
-
-%macro LOAD15 0
-    pxor        N0, N0
-    pxor        N1, N1
-    pxor        X1, X1
-
-    mov         T0d, INT [LUT +  0*SIZEOF_INT]
-    mov         T1d, INT [LUT +  8*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 0
-    pinsrw      X1, word [BLOCK + T1 * 2], 0
-
-    mov         T0d, INT [LUT +  1*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 1
-
-    mov         T0d, INT [LUT +  2*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 2
-
-    mov         T0d, INT [LUT +  3*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 3
-
-    mov         T0d, INT [LUT +  4*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 4
-
-    mov         T0d, INT [LUT +  5*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 5
-
-    mov         T0d, INT [LUT +  6*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 6
-
-    mov         T0d, INT [LUT +  7*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 7
-
-    cmp         LENEND, 2
-    jl          %%.ELOAD15
-    mov         T1d, INT [LUT +  9*SIZEOF_INT]
-    pinsrw      X1, word [BLOCK + T1 * 2], 1
-
-    cmp         LENEND, 3
-    jl          %%.ELOAD15
-    mov         T1d, INT [LUT + 10*SIZEOF_INT]
-    pinsrw      X1, word [BLOCK + T1 * 2], 2
-
-    cmp         LENEND, 4
-    jl          %%.ELOAD15
-    mov         T1d, INT [LUT + 11*SIZEOF_INT]
-    pinsrw      X1, word [BLOCK + T1 * 2], 3
-
-    cmp         LENEND, 5
-    jl          %%.ELOAD15
-    mov         T1d, INT [LUT + 12*SIZEOF_INT]
-    pinsrw      X1, word [BLOCK + T1 * 2], 4
-
-    cmp         LENEND, 6
-    jl          %%.ELOAD15
-    mov         T1d, INT [LUT + 13*SIZEOF_INT]
-    pinsrw      X1, word [BLOCK + T1 * 2], 5
-
-    cmp         LENEND, 7
-    jl          %%.ELOAD15
-    mov         T1d, INT [LUT + 14*SIZEOF_INT]
-    pinsrw      X1, word [BLOCK + T1 * 2], 6
-%%.ELOAD15:
-%endmacro
-
-%macro LOAD8 0
-    pxor        N0, N0
-
-    mov         T0d, INT [LUT +  0*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 0
-
-    mov         T0d, INT [LUT +  1*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 1
-
-    mov         T0d, INT [LUT +  2*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 2
-
-    mov         T0d, INT [LUT +  3*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 3
-
-    mov         T0d, INT [LUT +  4*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 4
-
-    mov         T0d, INT [LUT +  5*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 5
-
-    mov         T0d, INT [LUT +  6*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 6
-
-    mov         T0d, INT [LUT +  7*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T0 * 2], 7
-%endmacro
-
-%macro LOAD7 0
-    pxor        N0, N0
-    pxor        X0, X0
-
-    mov         T1d, INT [LUT +  0*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T1 * 2], 0
-
-    cmp         LENEND, 2
-    jl          %%.ELOAD7
-    mov         T1d, INT [LUT +  1*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T1 * 2], 1
-
-    cmp         LENEND, 3
-    jl          %%.ELOAD7
-    mov         T1d, INT [LUT +  2*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T1 * 2], 2
-
-    cmp         LENEND, 4
-    jl          %%.ELOAD7
-    mov         T1d, INT [LUT +  3*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T1 * 2], 3
-
-    cmp         LENEND, 5
-    jl          %%.ELOAD7
-    mov         T1d, INT [LUT +  4*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T1 * 2], 4
-
-    cmp         LENEND, 6
-    jl          %%.ELOAD7
-    mov         T1d, INT [LUT +  5*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T1 * 2], 5
-
-    cmp         LENEND, 7
-    jl          %%.ELOAD7
-    mov         T1d, INT [LUT +  6*SIZEOF_INT]
-    pinsrw      X0, word [BLOCK + T1 * 2], 6
-%%.ELOAD7:
-%endmacro
-
-%macro REDUCE0 0
-    movdqa      xmm0, XMMWORD [VALUES + ( 0*2)]
-    movdqa      xmm1, XMMWORD [VALUES + ( 8*2)]
-    movdqa      xmm2, XMMWORD [VALUES + (16*2)]
-    movdqa      xmm3, XMMWORD [VALUES + (24*2)]
-    movdqa      xmm4, XMMWORD [VALUES + (32*2)]
-    movdqa      xmm5, XMMWORD [VALUES + (40*2)]
-    movdqa      xmm6, XMMWORD [VALUES + (48*2)]
-    movdqa      xmm7, XMMWORD [VALUES + (56*2)]
-
-    pcmpeqw     xmm0, ZERO
-    pcmpeqw     xmm1, ZERO
-    pcmpeqw     xmm2, ZERO
-    pcmpeqw     xmm3, ZERO
-    pcmpeqw     xmm4, ZERO
-    pcmpeqw     xmm5, ZERO
-    pcmpeqw     xmm6, ZERO
-    pcmpeqw     xmm7, ZERO
-
-    packsswb    xmm0, xmm1
-    packsswb    xmm2, xmm3
-    packsswb    xmm4, xmm5
-    packsswb    xmm6, xmm7
-
-    pmovmskb    eax, xmm0
-    pmovmskb    ecx, xmm2
-    pmovmskb    edx, xmm4
-    pmovmskb    esi, xmm6
-
-    shl         rcx, 16
-    shl         rdx, 32
-    shl         rsi, 48
-
-    or          rax, rcx
-    or          rdx, rsi
-    or          rax, rdx
-
-    not         rax
-
-    mov         MMWORD [r15], rax
-%endmacro
-
-;
-; Prepare data for jsimd_encode_mcu_AC_first().
-;
-; GLOBAL(void)
-; jsimd_encode_mcu_AC_first_prepare_sse2(const JCOEF *block,
-;                                        const int *jpeg_natural_order_start,
-;                                        int Sl, int Al, JCOEF *values,
-;                                        size_t *zerobits)
-;
-; r10 = const JCOEF *block
-; r11 = const int *jpeg_natural_order_start
-; r12 = int Sl
-; r13 = int Al
-; r14 = JCOEF *values
-; r15 = size_t *zerobits
-
-%define ZERO    xmm9
-%define X0      xmm0
-%define X1      xmm1
-%define N0      xmm2
-%define N1      xmm3
-%define AL      xmm4
-%define K       eax
-%define LUT     r11
-%define T0      rcx
-%define T0d     ecx
-%define T1      rdx
-%define T1d     edx
-%define BLOCK   r10
-%define VALUES  r14
-%define LEN     r12d
-%define LENEND  r13d
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_encode_mcu_AC_first_prepare_sse2)
-
-EXTN(jsimd_encode_mcu_AC_first_prepare_sse2):
-    push        rbp
-    mov         rax, rsp                     ; rax = original rbp
-    sub         rsp, byte 4
-    and         rsp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [rsp], rax
-    mov         rbp, rsp                     ; rbp = aligned rbp
-    lea         rsp, [rbp - 16]
-    collect_args 6
-
-    movdqa      XMMWORD [rbp - 16], ZERO
-
-    movd        AL, r13d
-    pxor        ZERO, ZERO
-    mov         K, LEN
-    mov         LENEND, LEN
-    and         K, -16
-    and         LENEND, 7
-    shr         K, 4
-    jz          .ELOOP16
-.BLOOP16:
-    LOAD16
-    pcmpgtw     N0, X0
-    pcmpgtw     N1, X1
-    paddw       X0, N0
-    paddw       X1, N1
-    pxor        X0, N0
-    pxor        X1, N1
-    psrlw       X0, AL
-    psrlw       X1, AL
-    pxor        N0, X0
-    pxor        N1, X1
-    movdqa      XMMWORD [VALUES + (0) * 2], X0
-    movdqa      XMMWORD [VALUES + (8) * 2], X1
-    movdqa      XMMWORD [VALUES + (0 + DCTSIZE2) * 2], N0
-    movdqa      XMMWORD [VALUES + (8 + DCTSIZE2) * 2], N1
-    add         VALUES, 16*2
-    add         LUT, 16*SIZEOF_INT
-    dec         K
-    jnz         .BLOOP16
-    test        LEN, 15
-    je          .PADDING
-.ELOOP16:
-    test        LEN, 8
-    jz          .TRY7
-    test        LEN, 7
-    jz          .TRY8
-
-    LOAD15
-    pcmpgtw     N0, X0
-    pcmpgtw     N1, X1
-    paddw       X0, N0
-    paddw       X1, N1
-    pxor        X0, N0
-    pxor        X1, N1
-    psrlw       X0, AL
-    psrlw       X1, AL
-    pxor        N0, X0
-    pxor        N1, X1
-    movdqa      XMMWORD [VALUES + (0) * 2], X0
-    movdqa      XMMWORD [VALUES + (8) * 2], X1
-    movdqa      XMMWORD [VALUES + (0 + DCTSIZE2) * 2], N0
-    movdqa      XMMWORD [VALUES + (8 + DCTSIZE2) * 2], N1
-    add         VALUES, 16*2
-    jmp         .PADDING
-.TRY8:
-    LOAD8
-    pcmpgtw     N0, X0
-    paddw       X0, N0
-    pxor        X0, N0
-    psrlw       X0, AL
-    pxor        N0, X0
-    movdqa      XMMWORD [VALUES + (0) * 2], X0
-    movdqa      XMMWORD [VALUES + (0 + DCTSIZE2) * 2], N0
-    add         VALUES, 8*2
-    jmp         .PADDING
-.TRY7:
-    LOAD7
-    pcmpgtw     N0, X0
-    paddw       X0, N0
-    pxor        X0, N0
-    psrlw       X0, AL
-    pxor        N0, X0
-    movdqa      XMMWORD [VALUES + (0) * 2], X0
-    movdqa      XMMWORD [VALUES + (0 + DCTSIZE2) * 2], N0
-    add         VALUES, 8*2
-.PADDING:
-    mov         K, LEN
-    add         K, 7
-    and         K, -8
-    shr         K, 3
-    sub         K, DCTSIZE2/8
-    jz          .EPADDING
-    align       16
-.ZEROLOOP:
-    movdqa      XMMWORD [VALUES + 0], ZERO
-    add         VALUES, 8*2
-    inc         K
-    jnz         .ZEROLOOP
-.EPADDING:
-    sub         VALUES, DCTSIZE2*2
-
-    REDUCE0
-
-    movdqa      ZERO, XMMWORD [rbp - 16]
-    uncollect_args 6
-    mov         rsp, rbp                ; rsp <- aligned rbp
-    pop         rsp                     ; rsp <- original rbp
-    pop         rbp
-    ret
-
-%undef ZERO
-%undef X0
-%undef X1
-%undef N0
-%undef N1
-%undef AL
-%undef K
-%undef LUT
-%undef T0
-%undef T0d
-%undef T1
-%undef T1d
-%undef BLOCK
-%undef VALUES
-%undef LEN
-%undef LENEND
-
-;
-; Prepare data for jsimd_encode_mcu_AC_refine().
-;
-; GLOBAL(int)
-; jsimd_encode_mcu_AC_refine_prepare_sse2(const JCOEF *block,
-;                                         const int *jpeg_natural_order_start,
-;                                         int Sl, int Al, JCOEF *absvalues,
-;                                         size_t *bits)
-;
-; r10 = const JCOEF *block
-; r11 = const int *jpeg_natural_order_start
-; r12 = int Sl
-; r13 = int Al
-; r14 = JCOEF *values
-; r15 = size_t *bits
-
-%define ZERO    xmm9
-%define ONE     xmm5
-%define X0      xmm0
-%define X1      xmm1
-%define N0      xmm2
-%define N1      xmm3
-%define AL      xmm4
-%define K       eax
-%define KK      r9d
-%define EOB     r8d
-%define SIGN    rdi
-%define LUT     r11
-%define T0      rcx
-%define T0d     ecx
-%define T1      rdx
-%define T1d     edx
-%define BLOCK   r10
-%define VALUES  r14
-%define LEN     r12d
-%define LENEND  r13d
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_encode_mcu_AC_refine_prepare_sse2)
-
-EXTN(jsimd_encode_mcu_AC_refine_prepare_sse2):
-    push        rbp
-    mov         rax, rsp                     ; rax = original rbp
-    sub         rsp, byte 4
-    and         rsp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [rsp], rax
-    mov         rbp, rsp                     ; rbp = aligned rbp
-    lea         rsp, [rbp - 16]
-    collect_args 6
-
-    movdqa      XMMWORD [rbp - 16], ZERO
-
-    xor         SIGN, SIGN
-    xor         EOB, EOB
-    xor         KK, KK
-    movd        AL, r13d
-    pxor        ZERO, ZERO
-    pcmpeqw     ONE, ONE
-    psrlw       ONE, 15
-    mov         K, LEN
-    mov         LENEND, LEN
-    and         K, -16
-    and         LENEND, 7
-    shr         K, 4
-    jz          .ELOOPR16
-.BLOOPR16:
-    LOAD16
-    pcmpgtw     N0, X0
-    pcmpgtw     N1, X1
-    paddw       X0, N0
-    paddw       X1, N1
-    pxor        X0, N0
-    pxor        X1, N1
-    psrlw       X0, AL
-    psrlw       X1, AL
-    movdqa      XMMWORD [VALUES + (0) * 2], X0
-    movdqa      XMMWORD [VALUES + (8) * 2], X1
-    pcmpeqw     X0, ONE
-    pcmpeqw     X1, ONE
-    packsswb    N0, N1
-    packsswb    X0, X1
-    pmovmskb    T0d, N0                 ; lsignbits.val16u[k>>4] = _mm_movemask_epi8(neg);
-    pmovmskb    T1d, X0                 ; idx = _mm_movemask_epi8(x1);
-    shr         SIGN, 16                ; make room for sizebits
-    shl         T0, 48
-    or          SIGN, T0
-    bsr         T1d, T1d                ;  idx = 16 - (__builtin_clz(idx)>>1);
-    jz          .CONTINUER16            ; if (idx) {
-    mov         EOB, KK
-    add         EOB, T1d                ; EOB = k + idx;
-.CONTINUER16:
-    add         VALUES, 16*2
-    add         LUT, 16*SIZEOF_INT
-    add         KK, 16
-    dec         K
-    jnz         .BLOOPR16
-    test        LEN, 15
-    je          .PADDINGR
-.ELOOPR16:
-    test        LEN, 8
-    jz          .TRYR7
-    test        LEN, 7
-    jz          .TRYR8
-
-    LOAD15
-    pcmpgtw     N0, X0
-    pcmpgtw     N1, X1
-    paddw       X0, N0
-    paddw       X1, N1
-    pxor        X0, N0
-    pxor        X1, N1
-    psrlw       X0, AL
-    psrlw       X1, AL
-    movdqa      XMMWORD [VALUES + (0) * 2], X0
-    movdqa      XMMWORD [VALUES + (8) * 2], X1
-    pcmpeqw     X0, ONE
-    pcmpeqw     X1, ONE
-    packsswb    N0, N1
-    packsswb    X0, X1
-    pmovmskb    T0d, N0                 ; lsignbits.val16u[k>>4] = _mm_movemask_epi8(neg);
-    pmovmskb    T1d, X0                 ; idx = _mm_movemask_epi8(x1);
-    shr         SIGN, 16                ; make room for sizebits
-    shl         T0, 48
-    or          SIGN, T0
-    bsr         T1d, T1d                ;  idx = 16 - (__builtin_clz(idx)>>1);
-    jz          .CONTINUER15            ; if (idx) {
-    mov         EOB, KK
-    add         EOB, T1d                ; EOB = k + idx;
-.CONTINUER15:
-    add         VALUES, 16*2
-    jmp         .PADDINGR
-.TRYR8:
-    LOAD8
-
-    pcmpgtw     N0, X0
-    paddw       X0, N0
-    pxor        X0, N0
-    psrlw       X0, AL
-    movdqa      XMMWORD [VALUES + (0) * 2], X0
-    pcmpeqw     X0, ONE
-    packsswb    N0, ZERO
-    packsswb    X0, ZERO
-    pmovmskb    T0d, N0                 ; lsignbits.val16u[k>>4] = _mm_movemask_epi8(neg);
-    pmovmskb    T1d, X0                 ; idx = _mm_movemask_epi8(x1);
-    shr         SIGN, 8                 ; make room for sizebits
-    shl         T0, 56
-    or          SIGN, T0
-    bsr         T1d, T1d                ;  idx = 16 - (__builtin_clz(idx)>>1);
-    jz          .CONTINUER8             ; if (idx) {
-    mov         EOB, KK
-    add         EOB, T1d                ; EOB = k + idx;
-.CONTINUER8:
-    add         VALUES, 8*2
-    jmp         .PADDINGR
-.TRYR7:
-    LOAD7
-
-    pcmpgtw     N0, X0
-    paddw       X0, N0
-    pxor        X0, N0
-    psrlw       X0, AL
-    movdqa      XMMWORD [VALUES + (0) * 2], X0
-    pcmpeqw     X0, ONE
-    packsswb    N0, ZERO
-    packsswb    X0, ZERO
-    pmovmskb    T0d, N0                 ; lsignbits.val16u[k>>4] = _mm_movemask_epi8(neg);
-    pmovmskb    T1d, X0                 ; idx = _mm_movemask_epi8(x1);
-    shr         SIGN, 8                 ; make room for sizebits
-    shl         T0, 56
-    or          SIGN, T0
-    bsr         T1d, T1d                ; idx = 16 - (__builtin_clz(idx)>>1);
-    jz          .CONTINUER7             ; if (idx) {
-    mov         EOB, KK
-    add         EOB, T1d                ; EOB = k + idx;
-.CONTINUER7:
-    add         VALUES, 8*2
-.PADDINGR:
-    mov         K, LEN
-    add         K, 7
-    and         K, -8
-    shr         K, 3
-    sub         K, DCTSIZE2/8
-    jz          .EPADDINGR
-    align       16
-.ZEROLOOPR:
-    movdqa      XMMWORD [VALUES + 0], ZERO
-    shr         SIGN, 8
-    add         VALUES, 8*2
-    inc         K
-    jnz         .ZEROLOOPR
-.EPADDINGR:
-    not         SIGN
-    sub         VALUES, DCTSIZE2*2
-    mov         MMWORD [r15+SIZEOF_MMWORD], SIGN
-
-    REDUCE0
-
-    mov         eax, EOB
-    movdqa      ZERO, XMMWORD [rbp - 16]
-    uncollect_args 6
-    mov         rsp, rbp                ; rsp <- aligned rbp
-    pop         rsp                     ; rsp <- original rbp
-    pop         rbp
-    ret
-
-%undef ZERO
-%undef ONE
-%undef X0
-%undef X1
-%undef N0
-%undef N1
-%undef AL
-%undef K
-%undef KK
-%undef EOB
-%undef SIGN
-%undef LUT
-%undef T0
-%undef T0d
-%undef T1
-%undef T1d
-%undef BLOCK
-%undef VALUES
-%undef LEN
-%undef LENEND
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcsample-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcsample-avx2.asm
deleted file mode 100644
index b32527a..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcsample-avx2.asm
+++ /dev/null
@@ -1,367 +0,0 @@
-;
-; jcsample.asm - downsampling (64-bit AVX2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-; Copyright (C) 2015, Intel Corporation.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-;
-; Downsample pixel values of a single component.
-; This version handles the common case of 2:1 horizontal and 1:1 vertical,
-; without smoothing.
-;
-; GLOBAL(void)
-; jsimd_h2v1_downsample_avx2(JDIMENSION image_width, int max_v_samp_factor,
-;                            JDIMENSION v_samp_factor,
-;                            JDIMENSION width_in_blocks, JSAMPARRAY input_data,
-;                            JSAMPARRAY output_data);
-;
-
-; r10d = JDIMENSION image_width
-; r11 = int max_v_samp_factor
-; r12d = JDIMENSION v_samp_factor
-; r13d = JDIMENSION width_in_blocks
-; r14 = JSAMPARRAY input_data
-; r15 = JSAMPARRAY output_data
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v1_downsample_avx2)
-
-EXTN(jsimd_h2v1_downsample_avx2):
-    push        rbp
-    mov         rax, rsp
-    mov         rbp, rsp
-    collect_args 6
-
-    mov         ecx, r13d
-    shl         rcx, 3                  ; imul rcx,DCTSIZE (rcx = output_cols)
-    jz          near .return
-
-    mov         edx, r10d
-
-    ; -- expand_right_edge
-
-    push        rcx
-    shl         rcx, 1                  ; output_cols * 2
-    sub         rcx, rdx
-    jle         short .expand_end
-
-    mov         rax, r11
-    test        rax, rax
-    jle         short .expand_end
-
-    cld
-    mov         rsi, r14                ; input_data
-.expandloop:
-    push        rax
-    push        rcx
-
-    mov         rdip, JSAMPROW [rsi]
-    add         rdi, rdx
-    mov         al, JSAMPLE [rdi-1]
-
-    rep stosb
-
-    pop         rcx
-    pop         rax
-
-    add         rsi, byte SIZEOF_JSAMPROW
-    dec         rax
-    jg          short .expandloop
-
-.expand_end:
-    pop         rcx                     ; output_cols
-
-    ; -- h2v1_downsample
-
-    mov         eax, r12d               ; rowctr
-    test        eax, eax
-    jle         near .return
-
-    mov         rdx, 0x00010000         ; bias pattern
-    vmovd       xmm7, edx
-    vpshufd     xmm7, xmm7, 0x00        ; xmm7={0, 1, 0, 1, 0, 1, 0, 1}
-    vperm2i128  ymm7, ymm7, ymm7, 0     ; ymm7={xmm7, xmm7}
-    vpcmpeqw    ymm6, ymm6, ymm6
-    vpsrlw      ymm6, ymm6, BYTE_BIT    ; ymm6={0xFF 0x00 0xFF 0x00 ..}
-
-    mov         rsi, r14                ; input_data
-    mov         rdi, r15                ; output_data
-.rowloop:
-    push        rcx
-    push        rdi
-    push        rsi
-
-    mov         rsip, JSAMPROW [rsi]    ; inptr
-    mov         rdip, JSAMPROW [rdi]    ; outptr
-
-    cmp         rcx, byte SIZEOF_YMMWORD
-    jae         short .columnloop
-
-.columnloop_r24:
-    ; rcx can possibly be 8, 16, 24
-    cmp         rcx, 24
-    jne         .columnloop_r16
-    vmovdqu     ymm0, YMMWORD [rsi+0*SIZEOF_YMMWORD]
-    vmovdqu     xmm1, XMMWORD [rsi+1*SIZEOF_YMMWORD]
-    mov         rcx, SIZEOF_YMMWORD
-    jmp         short .downsample
-
-.columnloop_r16:
-    cmp         rcx, 16
-    jne         .columnloop_r8
-    vmovdqu     ymm0, YMMWORD [rsi+0*SIZEOF_YMMWORD]
-    vpxor       ymm1, ymm1, ymm1
-    mov         rcx, SIZEOF_YMMWORD
-    jmp         short .downsample
-
-.columnloop_r8:
-    vmovdqu     xmm0, XMMWORD[rsi+0*SIZEOF_YMMWORD]
-    vpxor       ymm1, ymm1, ymm1
-    mov         rcx, SIZEOF_YMMWORD
-    jmp         short .downsample
-
-.columnloop:
-    vmovdqu     ymm0, YMMWORD [rsi+0*SIZEOF_YMMWORD]
-    vmovdqu     ymm1, YMMWORD [rsi+1*SIZEOF_YMMWORD]
-
-.downsample:
-    vpsrlw      ymm2, ymm0, BYTE_BIT
-    vpand       ymm0, ymm0, ymm6
-    vpsrlw      ymm3, ymm1, BYTE_BIT
-    vpand       ymm1, ymm1, ymm6
-
-    vpaddw      ymm0, ymm0, ymm2
-    vpaddw      ymm1, ymm1, ymm3
-    vpaddw      ymm0, ymm0, ymm7
-    vpaddw      ymm1, ymm1, ymm7
-    vpsrlw      ymm0, ymm0, 1
-    vpsrlw      ymm1, ymm1, 1
-
-    vpackuswb   ymm0, ymm0, ymm1
-    vpermq      ymm0, ymm0, 0xd8
-
-    vmovdqu     YMMWORD [rdi+0*SIZEOF_YMMWORD], ymm0
-
-    sub         rcx, byte SIZEOF_YMMWORD    ; outcol
-    add         rsi, byte 2*SIZEOF_YMMWORD  ; inptr
-    add         rdi, byte 1*SIZEOF_YMMWORD  ; outptr
-    cmp         rcx, byte SIZEOF_YMMWORD
-    jae         short .columnloop
-    test        rcx, rcx
-    jnz         near .columnloop_r24
-
-    pop         rsi
-    pop         rdi
-    pop         rcx
-
-    add         rsi, byte SIZEOF_JSAMPROW  ; input_data
-    add         rdi, byte SIZEOF_JSAMPROW  ; output_data
-    dec         rax                        ; rowctr
-    jg          near .rowloop
-
-.return:
-    vzeroupper
-    uncollect_args 6
-    pop         rbp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Downsample pixel values of a single component.
-; This version handles the standard case of 2:1 horizontal and 2:1 vertical,
-; without smoothing.
-;
-; GLOBAL(void)
-; jsimd_h2v2_downsample_avx2(JDIMENSION image_width, int max_v_samp_factor,
-;                            JDIMENSION v_samp_factor,
-;                            JDIMENSION width_in_blocks, JSAMPARRAY input_data,
-;                            JSAMPARRAY output_data);
-;
-
-; r10d = JDIMENSION image_width
-; r11 = int max_v_samp_factor
-; r12d = JDIMENSION v_samp_factor
-; r13d = JDIMENSION width_in_blocks
-; r14 = JSAMPARRAY input_data
-; r15 = JSAMPARRAY output_data
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v2_downsample_avx2)
-
-EXTN(jsimd_h2v2_downsample_avx2):
-    push        rbp
-    mov         rax, rsp
-    mov         rbp, rsp
-    collect_args 6
-
-    mov         ecx, r13d
-    shl         rcx, 3                  ; imul rcx,DCTSIZE (rcx = output_cols)
-    jz          near .return
-
-    mov         edx, r10d
-
-    ; -- expand_right_edge
-
-    push        rcx
-    shl         rcx, 1                  ; output_cols * 2
-    sub         rcx, rdx
-    jle         short .expand_end
-
-    mov         rax, r11
-    test        rax, rax
-    jle         short .expand_end
-
-    cld
-    mov         rsi, r14                ; input_data
-.expandloop:
-    push        rax
-    push        rcx
-
-    mov         rdip, JSAMPROW [rsi]
-    add         rdi, rdx
-    mov         al, JSAMPLE [rdi-1]
-
-    rep stosb
-
-    pop         rcx
-    pop         rax
-
-    add         rsi, byte SIZEOF_JSAMPROW
-    dec         rax
-    jg          short .expandloop
-
-.expand_end:
-    pop         rcx                     ; output_cols
-
-    ; -- h2v2_downsample
-
-    mov         eax, r12d               ; rowctr
-    test        rax, rax
-    jle         near .return
-
-    mov         rdx, 0x00020001         ; bias pattern
-    vmovd       xmm7, edx
-    vpcmpeqw    ymm6, ymm6, ymm6
-    vpshufd     xmm7, xmm7, 0x00        ; ymm7={1, 2, 1, 2, 1, 2, 1, 2}
-    vperm2i128  ymm7, ymm7, ymm7, 0
-    vpsrlw      ymm6, ymm6, BYTE_BIT    ; ymm6={0xFF 0x00 0xFF 0x00 ..}
-
-    mov         rsi, r14                ; input_data
-    mov         rdi, r15                ; output_data
-.rowloop:
-    push        rcx
-    push        rdi
-    push        rsi
-
-    mov         rdxp, JSAMPROW [rsi+0*SIZEOF_JSAMPROW]  ; inptr0
-    mov         rsip, JSAMPROW [rsi+1*SIZEOF_JSAMPROW]  ; inptr1
-    mov         rdip, JSAMPROW [rdi]                    ; outptr
-
-    cmp         rcx, byte SIZEOF_YMMWORD
-    jae         short .columnloop
-
-.columnloop_r24:
-    cmp         rcx, 24
-    jne         .columnloop_r16
-    vmovdqu     ymm0, YMMWORD [rdx+0*SIZEOF_YMMWORD]
-    vmovdqu     ymm1, YMMWORD [rsi+0*SIZEOF_YMMWORD]
-    vmovdqu     xmm2, XMMWORD [rdx+1*SIZEOF_YMMWORD]
-    vmovdqu     xmm3, XMMWORD [rsi+1*SIZEOF_YMMWORD]
-    mov         rcx, SIZEOF_YMMWORD
-    jmp         short .downsample
-
-.columnloop_r16:
-    cmp         rcx, 16
-    jne         .columnloop_r8
-    vmovdqu     ymm0, YMMWORD [rdx+0*SIZEOF_YMMWORD]
-    vmovdqu     ymm1, YMMWORD [rsi+0*SIZEOF_YMMWORD]
-    vpxor       ymm2, ymm2, ymm2
-    vpxor       ymm3, ymm3, ymm3
-    mov         rcx, SIZEOF_YMMWORD
-    jmp         short .downsample
-
-.columnloop_r8:
-    vmovdqu     xmm0, XMMWORD [rdx+0*SIZEOF_XMMWORD]
-    vmovdqu     xmm1, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-    vpxor       ymm2, ymm2, ymm2
-    vpxor       ymm3, ymm3, ymm3
-    mov         rcx, SIZEOF_YMMWORD
-    jmp         short .downsample
-
-.columnloop:
-    vmovdqu     ymm0, YMMWORD [rdx+0*SIZEOF_YMMWORD]
-    vmovdqu     ymm1, YMMWORD [rsi+0*SIZEOF_YMMWORD]
-    vmovdqu     ymm2, YMMWORD [rdx+1*SIZEOF_YMMWORD]
-    vmovdqu     ymm3, YMMWORD [rsi+1*SIZEOF_YMMWORD]
-
-.downsample:
-    vpand       ymm4, ymm0, ymm6
-    vpsrlw      ymm0, ymm0, BYTE_BIT
-    vpand       ymm5, ymm1, ymm6
-    vpsrlw      ymm1, ymm1, BYTE_BIT
-    vpaddw      ymm0, ymm0, ymm4
-    vpaddw      ymm1, ymm1, ymm5
-
-    vpand       ymm4, ymm2, ymm6
-    vpsrlw      ymm2, ymm2, BYTE_BIT
-    vpand       ymm5, ymm3, ymm6
-    vpsrlw      ymm3, ymm3, BYTE_BIT
-    vpaddw      ymm2, ymm2, ymm4
-    vpaddw      ymm3, ymm3, ymm5
-
-    vpaddw      ymm0, ymm0, ymm1
-    vpaddw      ymm2, ymm2, ymm3
-    vpaddw      ymm0, ymm0, ymm7
-    vpaddw      ymm2, ymm2, ymm7
-    vpsrlw      ymm0, ymm0, 2
-    vpsrlw      ymm2, ymm2, 2
-
-    vpackuswb   ymm0, ymm0, ymm2
-    vpermq      ymm0, ymm0, 0xd8
-
-    vmovdqu     YMMWORD [rdi+0*SIZEOF_YMMWORD], ymm0
-
-    sub         rcx, byte SIZEOF_YMMWORD    ; outcol
-    add         rdx, byte 2*SIZEOF_YMMWORD  ; inptr0
-    add         rsi, byte 2*SIZEOF_YMMWORD  ; inptr1
-    add         rdi, byte 1*SIZEOF_YMMWORD  ; outptr
-    cmp         rcx, byte SIZEOF_YMMWORD
-    jae         near .columnloop
-    test        rcx, rcx
-    jnz         near .columnloop_r24
-
-    pop         rsi
-    pop         rdi
-    pop         rcx
-
-    add         rsi, byte 2*SIZEOF_JSAMPROW  ; input_data
-    add         rdi, byte 1*SIZEOF_JSAMPROW  ; output_data
-    dec         rax                          ; rowctr
-    jg          near .rowloop
-
-.return:
-    vzeroupper
-    uncollect_args 6
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcsample-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcsample-sse2.asm
deleted file mode 100644
index 2fcfe45..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jcsample-sse2.asm
+++ /dev/null
@@ -1,330 +0,0 @@
-;
-; jcsample.asm - downsampling (64-bit SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-;
-; Downsample pixel values of a single component.
-; This version handles the common case of 2:1 horizontal and 1:1 vertical,
-; without smoothing.
-;
-; GLOBAL(void)
-; jsimd_h2v1_downsample_sse2(JDIMENSION image_width, int max_v_samp_factor,
-;                            JDIMENSION v_samp_factor,
-;                            JDIMENSION width_in_blocks, JSAMPARRAY input_data,
-;                            JSAMPARRAY output_data);
-;
-
-; r10d = JDIMENSION image_width
-; r11 = int max_v_samp_factor
-; r12d = JDIMENSION v_samp_factor
-; r13d = JDIMENSION width_in_blocks
-; r14 = JSAMPARRAY input_data
-; r15 = JSAMPARRAY output_data
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v1_downsample_sse2)
-
-EXTN(jsimd_h2v1_downsample_sse2):
-    push        rbp
-    mov         rax, rsp
-    mov         rbp, rsp
-    collect_args 6
-
-    mov         ecx, r13d
-    shl         rcx, 3                  ; imul rcx,DCTSIZE (rcx = output_cols)
-    jz          near .return
-
-    mov         edx, r10d
-
-    ; -- expand_right_edge
-
-    push        rcx
-    shl         rcx, 1                  ; output_cols * 2
-    sub         rcx, rdx
-    jle         short .expand_end
-
-    mov         rax, r11
-    test        rax, rax
-    jle         short .expand_end
-
-    cld
-    mov         rsi, r14                ; input_data
-.expandloop:
-    push        rax
-    push        rcx
-
-    mov         rdip, JSAMPROW [rsi]
-    add         rdi, rdx
-    mov         al, JSAMPLE [rdi-1]
-
-    rep stosb
-
-    pop         rcx
-    pop         rax
-
-    add         rsi, byte SIZEOF_JSAMPROW
-    dec         rax
-    jg          short .expandloop
-
-.expand_end:
-    pop         rcx                     ; output_cols
-
-    ; -- h2v1_downsample
-
-    mov         eax, r12d               ; rowctr
-    test        eax, eax
-    jle         near .return
-
-    mov         rdx, 0x00010000         ; bias pattern
-    movd        xmm7, edx
-    pcmpeqw     xmm6, xmm6
-    pshufd      xmm7, xmm7, 0x00        ; xmm7={0, 1, 0, 1, 0, 1, 0, 1}
-    psrlw       xmm6, BYTE_BIT          ; xmm6={0xFF 0x00 0xFF 0x00 ..}
-
-    mov         rsi, r14                ; input_data
-    mov         rdi, r15                ; output_data
-.rowloop:
-    push        rcx
-    push        rdi
-    push        rsi
-
-    mov         rsip, JSAMPROW [rsi]    ; inptr
-    mov         rdip, JSAMPROW [rdi]    ; outptr
-
-    cmp         rcx, byte SIZEOF_XMMWORD
-    jae         short .columnloop
-
-.columnloop_r8:
-    movdqa      xmm0, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-    pxor        xmm1, xmm1
-    mov         rcx, SIZEOF_XMMWORD
-    jmp         short .downsample
-
-.columnloop:
-    movdqa      xmm0, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-    movdqa      xmm1, XMMWORD [rsi+1*SIZEOF_XMMWORD]
-
-.downsample:
-    movdqa      xmm2, xmm0
-    movdqa      xmm3, xmm1
-
-    pand        xmm0, xmm6
-    psrlw       xmm2, BYTE_BIT
-    pand        xmm1, xmm6
-    psrlw       xmm3, BYTE_BIT
-
-    paddw       xmm0, xmm2
-    paddw       xmm1, xmm3
-    paddw       xmm0, xmm7
-    paddw       xmm1, xmm7
-    psrlw       xmm0, 1
-    psrlw       xmm1, 1
-
-    packuswb    xmm0, xmm1
-
-    movdqa      XMMWORD [rdi+0*SIZEOF_XMMWORD], xmm0
-
-    sub         rcx, byte SIZEOF_XMMWORD    ; outcol
-    add         rsi, byte 2*SIZEOF_XMMWORD  ; inptr
-    add         rdi, byte 1*SIZEOF_XMMWORD  ; outptr
-    cmp         rcx, byte SIZEOF_XMMWORD
-    jae         short .columnloop
-    test        rcx, rcx
-    jnz         short .columnloop_r8
-
-    pop         rsi
-    pop         rdi
-    pop         rcx
-
-    add         rsi, byte SIZEOF_JSAMPROW  ; input_data
-    add         rdi, byte SIZEOF_JSAMPROW  ; output_data
-    dec         rax                        ; rowctr
-    jg          near .rowloop
-
-.return:
-    uncollect_args 6
-    pop         rbp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Downsample pixel values of a single component.
-; This version handles the standard case of 2:1 horizontal and 2:1 vertical,
-; without smoothing.
-;
-; GLOBAL(void)
-; jsimd_h2v2_downsample_sse2(JDIMENSION image_width, int max_v_samp_factor,
-;                            JDIMENSION v_samp_factor,
-;                            JDIMENSION width_in_blocks, JSAMPARRAY input_data,
-;                            JSAMPARRAY output_data);
-;
-
-; r10d = JDIMENSION image_width
-; r11 = int max_v_samp_factor
-; r12d = JDIMENSION v_samp_factor
-; r13d = JDIMENSION width_in_blocks
-; r14 = JSAMPARRAY input_data
-; r15 = JSAMPARRAY output_data
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v2_downsample_sse2)
-
-EXTN(jsimd_h2v2_downsample_sse2):
-    push        rbp
-    mov         rax, rsp
-    mov         rbp, rsp
-    collect_args 6
-
-    mov         ecx, r13d
-    shl         rcx, 3                  ; imul rcx,DCTSIZE (rcx = output_cols)
-    jz          near .return
-
-    mov         edx, r10d
-
-    ; -- expand_right_edge
-
-    push        rcx
-    shl         rcx, 1                  ; output_cols * 2
-    sub         rcx, rdx
-    jle         short .expand_end
-
-    mov         rax, r11
-    test        rax, rax
-    jle         short .expand_end
-
-    cld
-    mov         rsi, r14                ; input_data
-.expandloop:
-    push        rax
-    push        rcx
-
-    mov         rdip, JSAMPROW [rsi]
-    add         rdi, rdx
-    mov         al, JSAMPLE [rdi-1]
-
-    rep stosb
-
-    pop         rcx
-    pop         rax
-
-    add         rsi, byte SIZEOF_JSAMPROW
-    dec         rax
-    jg          short .expandloop
-
-.expand_end:
-    pop         rcx                     ; output_cols
-
-    ; -- h2v2_downsample
-
-    mov         eax, r12d               ; rowctr
-    test        rax, rax
-    jle         near .return
-
-    mov         rdx, 0x00020001         ; bias pattern
-    movd        xmm7, edx
-    pcmpeqw     xmm6, xmm6
-    pshufd      xmm7, xmm7, 0x00        ; xmm7={1, 2, 1, 2, 1, 2, 1, 2}
-    psrlw       xmm6, BYTE_BIT          ; xmm6={0xFF 0x00 0xFF 0x00 ..}
-
-    mov         rsi, r14                ; input_data
-    mov         rdi, r15                ; output_data
-.rowloop:
-    push        rcx
-    push        rdi
-    push        rsi
-
-    mov         rdxp, JSAMPROW [rsi+0*SIZEOF_JSAMPROW]  ; inptr0
-    mov         rsip, JSAMPROW [rsi+1*SIZEOF_JSAMPROW]  ; inptr1
-    mov         rdip, JSAMPROW [rdi]                    ; outptr
-
-    cmp         rcx, byte SIZEOF_XMMWORD
-    jae         short .columnloop
-
-.columnloop_r8:
-    movdqa      xmm0, XMMWORD [rdx+0*SIZEOF_XMMWORD]
-    movdqa      xmm1, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-    pxor        xmm2, xmm2
-    pxor        xmm3, xmm3
-    mov         rcx, SIZEOF_XMMWORD
-    jmp         short .downsample
-
-.columnloop:
-    movdqa      xmm0, XMMWORD [rdx+0*SIZEOF_XMMWORD]
-    movdqa      xmm1, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-    movdqa      xmm2, XMMWORD [rdx+1*SIZEOF_XMMWORD]
-    movdqa      xmm3, XMMWORD [rsi+1*SIZEOF_XMMWORD]
-
-.downsample:
-    movdqa      xmm4, xmm0
-    movdqa      xmm5, xmm1
-    pand        xmm0, xmm6
-    psrlw       xmm4, BYTE_BIT
-    pand        xmm1, xmm6
-    psrlw       xmm5, BYTE_BIT
-    paddw       xmm0, xmm4
-    paddw       xmm1, xmm5
-
-    movdqa      xmm4, xmm2
-    movdqa      xmm5, xmm3
-    pand        xmm2, xmm6
-    psrlw       xmm4, BYTE_BIT
-    pand        xmm3, xmm6
-    psrlw       xmm5, BYTE_BIT
-    paddw       xmm2, xmm4
-    paddw       xmm3, xmm5
-
-    paddw       xmm0, xmm1
-    paddw       xmm2, xmm3
-    paddw       xmm0, xmm7
-    paddw       xmm2, xmm7
-    psrlw       xmm0, 2
-    psrlw       xmm2, 2
-
-    packuswb    xmm0, xmm2
-
-    movdqa      XMMWORD [rdi+0*SIZEOF_XMMWORD], xmm0
-
-    sub         rcx, byte SIZEOF_XMMWORD    ; outcol
-    add         rdx, byte 2*SIZEOF_XMMWORD  ; inptr0
-    add         rsi, byte 2*SIZEOF_XMMWORD  ; inptr1
-    add         rdi, byte 1*SIZEOF_XMMWORD  ; outptr
-    cmp         rcx, byte SIZEOF_XMMWORD
-    jae         near .columnloop
-    test        rcx, rcx
-    jnz         near .columnloop_r8
-
-    pop         rsi
-    pop         rdi
-    pop         rcx
-
-    add         rsi, byte 2*SIZEOF_JSAMPROW  ; input_data
-    add         rdi, byte 1*SIZEOF_JSAMPROW  ; output_data
-    dec         rax                          ; rowctr
-    jg          near .rowloop
-
-.return:
-    uncollect_args 6
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdcolext-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdcolext-avx2.asm
deleted file mode 100644
index 2370fda..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdcolext-avx2.asm
+++ /dev/null
@@ -1,496 +0,0 @@
-;
-; jdcolext.asm - colorspace conversion (64-bit AVX2)
-;
-; Copyright 2009, 2012 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2012, 2016, D. R. Commander.
-; Copyright (C) 2015, Intel Corporation.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jcolsamp.inc"
-
-; --------------------------------------------------------------------------
-;
-; Convert some rows of samples to the output colorspace.
-;
-; GLOBAL(void)
-; jsimd_ycc_rgb_convert_avx2(JDIMENSION out_width, JSAMPIMAGE input_buf,
-;                            JDIMENSION input_row, JSAMPARRAY output_buf,
-;                            int num_rows)
-;
-
-; r10d = JDIMENSION out_width
-; r11 = JSAMPIMAGE input_buf
-; r12d = JDIMENSION input_row
-; r13 = JSAMPARRAY output_buf
-; r14d = int num_rows
-
-%define wk(i)   rbp - (WK_NUM - (i)) * SIZEOF_YMMWORD  ; ymmword wk[WK_NUM]
-%define WK_NUM  2
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_ycc_rgb_convert_avx2)
-
-EXTN(jsimd_ycc_rgb_convert_avx2):
-    push        rbp
-    mov         rax, rsp                     ; rax = original rbp
-    sub         rsp, byte 4
-    and         rsp, byte (-SIZEOF_YMMWORD)  ; align to 256 bits
-    mov         [rsp], rax
-    mov         rbp, rsp                     ; rbp = aligned rbp
-    lea         rsp, [wk(0)]
-    collect_args 5
-    push        rbx
-
-    mov         ecx, r10d               ; num_cols
-    test        rcx, rcx
-    jz          near .return
-
-    push        rcx
-
-    mov         rdi, r11
-    mov         ecx, r12d
-    mov         rsip, JSAMPARRAY [rdi+0*SIZEOF_JSAMPARRAY]
-    mov         rbxp, JSAMPARRAY [rdi+1*SIZEOF_JSAMPARRAY]
-    mov         rdxp, JSAMPARRAY [rdi+2*SIZEOF_JSAMPARRAY]
-    lea         rsi, [rsi+rcx*SIZEOF_JSAMPROW]
-    lea         rbx, [rbx+rcx*SIZEOF_JSAMPROW]
-    lea         rdx, [rdx+rcx*SIZEOF_JSAMPROW]
-
-    pop         rcx
-
-    mov         rdi, r13
-    mov         eax, r14d
-    test        rax, rax
-    jle         near .return
-.rowloop:
-    push        rax
-    push        rdi
-    push        rdx
-    push        rbx
-    push        rsi
-    push        rcx                     ; col
-
-    mov         rsip, JSAMPROW [rsi]    ; inptr0
-    mov         rbxp, JSAMPROW [rbx]    ; inptr1
-    mov         rdxp, JSAMPROW [rdx]    ; inptr2
-    mov         rdip, JSAMPROW [rdi]    ; outptr
-.columnloop:
-
-    vmovdqu     ymm5, YMMWORD [rbx]     ; ymm5=Cb(0123456789ABCDEFGHIJKLMNOPQRSTUV)
-    vmovdqu     ymm1, YMMWORD [rdx]     ; ymm1=Cr(0123456789ABCDEFGHIJKLMNOPQRSTUV)
-
-    vpcmpeqw    ymm0, ymm0, ymm0
-    vpcmpeqw    ymm7, ymm7, ymm7
-    vpsrlw      ymm0, ymm0, BYTE_BIT    ; ymm0={0xFF 0x00 0xFF 0x00 ..}
-    vpsllw      ymm7, ymm7, 7           ; ymm7={0xFF80 0xFF80 0xFF80 0xFF80 ..}
-
-    vpand       ymm4, ymm0, ymm5        ; ymm4=Cb(02468ACEGIKMOQSU)=CbE
-    vpsrlw      ymm5, ymm5, BYTE_BIT    ; ymm5=Cb(13579BDFHJLNPRTV)=CbO
-    vpand       ymm0, ymm0, ymm1        ; ymm0=Cr(02468ACEGIKMOQSU)=CrE
-    vpsrlw      ymm1, ymm1, BYTE_BIT    ; ymm1=Cr(13579BDFHJLNPRTV)=CrO
-
-    vpaddw      ymm2, ymm4, ymm7
-    vpaddw      ymm3, ymm5, ymm7
-    vpaddw      ymm6, ymm0, ymm7
-    vpaddw      ymm7, ymm1, ymm7
-
-    ; (Original)
-    ; R = Y                + 1.40200 * Cr
-    ; G = Y - 0.34414 * Cb - 0.71414 * Cr
-    ; B = Y + 1.77200 * Cb
-    ;
-    ; (This implementation)
-    ; R = Y                + 0.40200 * Cr + Cr
-    ; G = Y - 0.34414 * Cb + 0.28586 * Cr - Cr
-    ; B = Y - 0.22800 * Cb + Cb + Cb
-
-    vpaddw      ymm4, ymm2, ymm2             ; ymm4=2*CbE
-    vpaddw      ymm5, ymm3, ymm3             ; ymm5=2*CbO
-    vpaddw      ymm0, ymm6, ymm6             ; ymm0=2*CrE
-    vpaddw      ymm1, ymm7, ymm7             ; ymm1=2*CrO
-
-    vpmulhw     ymm4, ymm4, [rel PW_MF0228]  ; ymm4=(2*CbE * -FIX(0.22800))
-    vpmulhw     ymm5, ymm5, [rel PW_MF0228]  ; ymm5=(2*CbO * -FIX(0.22800))
-    vpmulhw     ymm0, ymm0, [rel PW_F0402]   ; ymm0=(2*CrE * FIX(0.40200))
-    vpmulhw     ymm1, ymm1, [rel PW_F0402]   ; ymm1=(2*CrO * FIX(0.40200))
-
-    vpaddw      ymm4, ymm4, [rel PW_ONE]
-    vpaddw      ymm5, ymm5, [rel PW_ONE]
-    vpsraw      ymm4, ymm4, 1                ; ymm4=(CbE * -FIX(0.22800))
-    vpsraw      ymm5, ymm5, 1                ; ymm5=(CbO * -FIX(0.22800))
-    vpaddw      ymm0, ymm0, [rel PW_ONE]
-    vpaddw      ymm1, ymm1, [rel PW_ONE]
-    vpsraw      ymm0, ymm0, 1                ; ymm0=(CrE * FIX(0.40200))
-    vpsraw      ymm1, ymm1, 1                ; ymm1=(CrO * FIX(0.40200))
-
-    vpaddw      ymm4, ymm4, ymm2
-    vpaddw      ymm5, ymm5, ymm3
-    vpaddw      ymm4, ymm4, ymm2             ; ymm4=(CbE * FIX(1.77200))=(B-Y)E
-    vpaddw      ymm5, ymm5, ymm3             ; ymm5=(CbO * FIX(1.77200))=(B-Y)O
-    vpaddw      ymm0, ymm0, ymm6             ; ymm0=(CrE * FIX(1.40200))=(R-Y)E
-    vpaddw      ymm1, ymm1, ymm7             ; ymm1=(CrO * FIX(1.40200))=(R-Y)O
-
-    vmovdqa     YMMWORD [wk(0)], ymm4        ; wk(0)=(B-Y)E
-    vmovdqa     YMMWORD [wk(1)], ymm5        ; wk(1)=(B-Y)O
-
-    vpunpckhwd  ymm4, ymm2, ymm6
-    vpunpcklwd  ymm2, ymm2, ymm6
-    vpmaddwd    ymm2, ymm2, [rel PW_MF0344_F0285]
-    vpmaddwd    ymm4, ymm4, [rel PW_MF0344_F0285]
-    vpunpckhwd  ymm5, ymm3, ymm7
-    vpunpcklwd  ymm3, ymm3, ymm7
-    vpmaddwd    ymm3, ymm3, [rel PW_MF0344_F0285]
-    vpmaddwd    ymm5, ymm5, [rel PW_MF0344_F0285]
-
-    vpaddd      ymm2, ymm2, [rel PD_ONEHALF]
-    vpaddd      ymm4, ymm4, [rel PD_ONEHALF]
-    vpsrad      ymm2, ymm2, SCALEBITS
-    vpsrad      ymm4, ymm4, SCALEBITS
-    vpaddd      ymm3, ymm3, [rel PD_ONEHALF]
-    vpaddd      ymm5, ymm5, [rel PD_ONEHALF]
-    vpsrad      ymm3, ymm3, SCALEBITS
-    vpsrad      ymm5, ymm5, SCALEBITS
-
-    vpackssdw   ymm2, ymm2, ymm4             ; ymm2=CbE*-FIX(0.344)+CrE*FIX(0.285)
-    vpackssdw   ymm3, ymm3, ymm5             ; ymm3=CbO*-FIX(0.344)+CrO*FIX(0.285)
-    vpsubw      ymm2, ymm2, ymm6             ; ymm2=CbE*-FIX(0.344)+CrE*-FIX(0.714)=(G-Y)E
-    vpsubw      ymm3, ymm3, ymm7             ; ymm3=CbO*-FIX(0.344)+CrO*-FIX(0.714)=(G-Y)O
-
-    vmovdqu     ymm5, YMMWORD [rsi]          ; ymm5=Y(0123456789ABCDEFGHIJKLMNOPQRSTUV)
-
-    vpcmpeqw    ymm4, ymm4, ymm4
-    vpsrlw      ymm4, ymm4, BYTE_BIT         ; ymm4={0xFF 0x00 0xFF 0x00 ..}
-    vpand       ymm4, ymm4, ymm5             ; ymm4=Y(02468ACEGIKMOQSU)=YE
-    vpsrlw      ymm5, ymm5, BYTE_BIT         ; ymm5=Y(13579BDFHJLNPRTV)=YO
-
-    vpaddw      ymm0, ymm0, ymm4             ; ymm0=((R-Y)E+YE)=RE=R(02468ACEGIKMOQSU)
-    vpaddw      ymm1, ymm1, ymm5             ; ymm1=((R-Y)O+YO)=RO=R(13579BDFHJLNPRTV)
-    vpackuswb   ymm0, ymm0, ymm0             ; ymm0=R(02468ACE********GIKMOQSU********)
-    vpackuswb   ymm1, ymm1, ymm1             ; ymm1=R(13579BDF********HJLNPRTV********)
-
-    vpaddw      ymm2, ymm2, ymm4             ; ymm2=((G-Y)E+YE)=GE=G(02468ACEGIKMOQSU)
-    vpaddw      ymm3, ymm3, ymm5             ; ymm3=((G-Y)O+YO)=GO=G(13579BDFHJLNPRTV)
-    vpackuswb   ymm2, ymm2, ymm2             ; ymm2=G(02468ACE********GIKMOQSU********)
-    vpackuswb   ymm3, ymm3, ymm3             ; ymm3=G(13579BDF********HJLNPRTV********)
-
-    vpaddw      ymm4, ymm4, YMMWORD [wk(0)]  ; ymm4=(YE+(B-Y)E)=BE=B(02468ACEGIKMOQSU)
-    vpaddw      ymm5, ymm5, YMMWORD [wk(1)]  ; ymm5=(YO+(B-Y)O)=BO=B(13579BDFHJLNPRTV)
-    vpackuswb   ymm4, ymm4, ymm4             ; ymm4=B(02468ACE********GIKMOQSU********)
-    vpackuswb   ymm5, ymm5, ymm5             ; ymm5=B(13579BDF********HJLNPRTV********)
-
-%if RGB_PIXELSIZE == 3  ; ---------------
-
-    ; ymmA=(00 02 04 06 08 0A 0C 0E ** 0G 0I 0K 0M 0O 0Q 0S 0U **)
-    ; ymmB=(01 03 05 07 09 0B 0D 0F ** 0H 0J 0L 0N 0P 0R 0T 0V **)
-    ; ymmC=(10 12 14 16 18 1A 1C 1E ** 1G 1I 1K 1M 1O 1Q 1S 1U **)
-    ; ymmD=(11 13 15 17 19 1B 1D 1F ** 1H 1J 1L 1N 1P 1R 1T 1V **)
-    ; ymmE=(20 22 24 26 28 2A 2C 2E ** 2G 2I 2K 2M 2O 2Q 2S 2U **)
-    ; ymmF=(21 23 25 27 29 2B 2D 2F ** 2H 2J 2L 2N 2P 2R 2T 2V **)
-    ; ymmG=(** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** **)
-    ; ymmH=(** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** **)
-
-    vpunpcklbw  ymmA, ymmA, ymmC        ; ymmA=(00 10 02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E
-                                        ;       0G 1G 0I 1I 0K 1K 0M 1M 0O 1O 0Q 1Q 0S 1S 0U 1U)
-    vpunpcklbw  ymmE, ymmE, ymmB        ; ymmE=(20 01 22 03 24 05 26 07 28 09 2A 0B 2C 0D 2E 0F
-                                        ;       2G 0H 2I 0J 2K 0L 2M 0N 2O 0P 2Q 0R 2S 0T 2U 0V)
-    vpunpcklbw  ymmD, ymmD, ymmF        ; ymmD=(11 21 13 23 15 25 17 27 19 29 1B 2B 1D 2D 1F 2F
-                                        ;       1H 2H 1J 2J 1L 2L 1N 2N 1P 2P 1R 2R 1T 2T 1V 2V)
-
-    vpsrldq     ymmH, ymmA, 2           ; ymmH=(02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E 0G 1G
-                                        ;       0I 1I 0K 1K 0M 1M 0O 1O 0Q 1Q 0S 1S 0U 1U -- --)
-    vpunpckhwd  ymmG, ymmA, ymmE        ; ymmG=(08 18 28 09 0A 1A 2A 0B 0C 1C 2C 0D 0E 1E 2E 0F
-                                        ;       0O 1O 2O 0P 0Q 1Q 2Q 0R 0S 1S 2S 0T 0U 1U 2U 0V)
-    vpunpcklwd  ymmA, ymmA, ymmE        ; ymmA=(00 10 20 01 02 12 22 03 04 14 24 05 06 16 26 07
-                                        ;       0G 1G 2G 0H 0I 1I 2I 0J 0K 1K 2K 0L 0M 1M 2M 0N)
-
-    vpsrldq     ymmE, ymmE, 2           ; ymmE=(22 03 24 05 26 07 28 09 2A 0B 2C 0D 2E 0F 2G 0H
-                                        ;       2I 0J 2K 0L 2M 0N 2O 0P 2Q 0R 2S 0T 2U 0V -- --)
-
-    vpsrldq     ymmB, ymmD, 2           ; ymmB=(13 23 15 25 17 27 19 29 1B 2B 1D 2D 1F 2F 1H 2H
-                                        ;       1J 2J 1L 2L 1N 2N 1P 2P 1R 2R 1T 2T 1V 2V -- --)
-    vpunpckhwd  ymmC, ymmD, ymmH        ; ymmC=(19 29 0A 1A 1B 2B 0C 1C 1D 2D 0E 1E 1F 2F 0G 1G
-                                        ;       1P 2P 0Q 1Q 1R 2R 0S 1S 1T 2T 0U 1U 1V 2V -- --)
-    vpunpcklwd  ymmD, ymmD, ymmH        ; ymmD=(11 21 02 12 13 23 04 14 15 25 06 16 17 27 08 18
-                                        ;       1H 2H 0I 1I 1J 2J 0K 1K 1L 2L 0M 1M 1N 2N 0O 1O)
-
-    vpunpckhwd  ymmF, ymmE, ymmB        ; ymmF=(2A 0B 1B 2B 2C 0D 1D 2D 2E 0F 1F 2F 2G 0H 1H 2H
-                                        ;       2Q 0R 1R 2R 2S 0T 1T 2T 2U 0V 1V 2V -- -- -- --)
-    vpunpcklwd  ymmE, ymmE, ymmB        ; ymmE=(22 03 13 23 24 05 15 25 26 07 17 27 28 09 19 29
-                                        ;       2I 0J 1J 2J 2K 0L 1L 2L 2M 0N 1N 2N 2O 0P 1P 2P)
-
-    vpshufd     ymmH, ymmA, 0x4E        ; ymmH=(04 14 24 05 06 16 26 07 00 10 20 01 02 12 22 03
-                                        ;       0K 1K 2K 0L 0M 1M 2M 0N 0G 1G 2G 0H 0I 1I 2I 0J)
-    vpunpckldq  ymmA, ymmA, ymmD        ; ymmA=(00 10 20 01 11 21 02 12 02 12 22 03 13 23 04 14
-                                        ;       0G 1G 2G 0H 1H 2H 0I 1I 0I 1I 2I 0J 1J 2J 0K 1K)
-    vpunpckhdq  ymmD, ymmD, ymmE        ; ymmD=(15 25 06 16 26 07 17 27 17 27 08 18 28 09 19 29
-                                        ;       1L 2L 0M 1M 2M 0N 1N 2N 1N 2N 0O 1O 2O 0P 1P 2P)
-    vpunpckldq  ymmE, ymmE, ymmH        ; ymmE=(22 03 13 23 04 14 24 05 24 05 15 25 06 16 26 07
-                                        ;       2I 0J 1J 2J 0K 1K 2K 0L 2K 0L 1L 2L 0M 1M 2M 0N)
-
-    vpshufd     ymmH, ymmG, 0x4E        ; ymmH=(0C 1C 2C 0D 0E 1E 2E 0F 08 18 28 09 0A 1A 2A 0B
-                                        ;       0S 1S 2S 0T 0U 1U 2U 0V 0O 1O 2O 0P 0Q 1Q 2Q 0R)
-    vpunpckldq  ymmG, ymmG, ymmC        ; ymmG=(08 18 28 09 19 29 0A 1A 0A 1A 2A 0B 1B 2B 0C 1C
-                                        ;       0O 1O 2O 0P 1P 2P 0Q 1Q 0Q 1Q 2Q 0R 1R 2R 0S 1S)
-    vpunpckhdq  ymmC, ymmC, ymmF        ; ymmC=(1D 2D 0E 1E 2E 0F 1F 2F 1F 2F 0G 1G 2G 0H 1H 2H
-                                        ;       1T 2T 0U 1U 2U 0V 1V 2V 1V 2V -- -- -- -- -- --)
-    vpunpckldq  ymmF, ymmF, ymmH        ; ymmF=(2A 0B 1B 2B 0C 1C 2C 0D 2C 0D 1D 2D 0E 1E 2E 0F
-                                        ;       2Q 0R 1R 2R 0S 1S 2S 0T 2S 0T 1T 2T 0U 1U 2U 0V)
-
-    vpunpcklqdq ymmH, ymmA, ymmE        ; ymmH=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05
-                                        ;       0G 1G 2G 0H 1H 2H 0I 1I 2I 0J 1J 2J 0K 1K 2K 0L)
-    vpunpcklqdq ymmG, ymmD, ymmG        ; ymmG=(15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A
-                                        ;       1L 2L 0M 1M 2M 0N 1N 2N 0O 1O 2O 0P 1P 2P 0Q 1Q)
-    vpunpcklqdq ymmC, ymmF, ymmC        ; ymmC=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F
-                                        ;       2Q 0R 1R 2R 0S 1S 2S 0T 1T 2T 0U 1U 2U 0V 1V 2V)
-
-    vperm2i128  ymmA, ymmH, ymmG, 0x20  ; ymmA=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05
-                                        ;       15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A)
-    vperm2i128  ymmD, ymmC, ymmH, 0x30  ; ymmD=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F
-                                        ;       0G 1G 2G 0H 1H 2H 0I 1I 2I 0J 1J 2J 0K 1K 2K 0L)
-    vperm2i128  ymmF, ymmG, ymmC, 0x31  ; ymmF=(1L 2L 0M 1M 2M 0N 1N 2N 0O 1O 2O 0P 1P 2P 0Q 1Q
-                                        ;       2Q 0R 1R 2R 0S 1S 2S 0T 1T 2T 0U 1U 2U 0V 1V 2V)
-
-    cmp         rcx, byte SIZEOF_YMMWORD
-    jb          short .column_st64
-
-    test        rdi, SIZEOF_YMMWORD-1
-    jnz         short .out1
-    ; --(aligned)-------------------
-    vmovntdq    YMMWORD [rdi+0*SIZEOF_YMMWORD], ymmA
-    vmovntdq    YMMWORD [rdi+1*SIZEOF_YMMWORD], ymmD
-    vmovntdq    YMMWORD [rdi+2*SIZEOF_YMMWORD], ymmF
-    jmp         short .out0
-.out1:  ; --(unaligned)-----------------
-    vmovdqu     YMMWORD [rdi+0*SIZEOF_YMMWORD], ymmA
-    vmovdqu     YMMWORD [rdi+1*SIZEOF_YMMWORD], ymmD
-    vmovdqu     YMMWORD [rdi+2*SIZEOF_YMMWORD], ymmF
-.out0:
-    add         rdi, byte RGB_PIXELSIZE*SIZEOF_YMMWORD  ; outptr
-    sub         rcx, byte SIZEOF_YMMWORD
-    jz          near .nextrow
-
-    add         rsi, byte SIZEOF_YMMWORD  ; inptr0
-    add         rbx, byte SIZEOF_YMMWORD  ; inptr1
-    add         rdx, byte SIZEOF_YMMWORD  ; inptr2
-    jmp         near .columnloop
-
-.column_st64:
-    lea         rcx, [rcx+rcx*2]            ; imul ecx, RGB_PIXELSIZE
-    cmp         rcx, byte 2*SIZEOF_YMMWORD
-    jb          short .column_st32
-    vmovdqu     YMMWORD [rdi+0*SIZEOF_YMMWORD], ymmA
-    vmovdqu     YMMWORD [rdi+1*SIZEOF_YMMWORD], ymmD
-    add         rdi, byte 2*SIZEOF_YMMWORD  ; outptr
-    vmovdqa     ymmA, ymmF
-    sub         rcx, byte 2*SIZEOF_YMMWORD
-    jmp         short .column_st31
-.column_st32:
-    cmp         rcx, byte SIZEOF_YMMWORD
-    jb          short .column_st31
-    vmovdqu     YMMWORD [rdi+0*SIZEOF_YMMWORD], ymmA
-    add         rdi, byte SIZEOF_YMMWORD    ; outptr
-    vmovdqa     ymmA, ymmD
-    sub         rcx, byte SIZEOF_YMMWORD
-    jmp         short .column_st31
-.column_st31:
-    cmp         rcx, byte SIZEOF_XMMWORD
-    jb          short .column_st15
-    vmovdqu     XMMWORD [rdi+0*SIZEOF_XMMWORD], xmmA
-    add         rdi, byte SIZEOF_XMMWORD    ; outptr
-    vperm2i128  ymmA, ymmA, ymmA, 1
-    sub         rcx, byte SIZEOF_XMMWORD
-.column_st15:
-    ; Store the lower 8 bytes of xmmA to the output when it has enough
-    ; space.
-    cmp         rcx, byte SIZEOF_MMWORD
-    jb          short .column_st7
-    vmovq       XMM_MMWORD [rdi], xmmA
-    add         rdi, byte SIZEOF_MMWORD
-    sub         rcx, byte SIZEOF_MMWORD
-    vpsrldq     xmmA, xmmA, SIZEOF_MMWORD
-.column_st7:
-    ; Store the lower 4 bytes of xmmA to the output when it has enough
-    ; space.
-    cmp         rcx, byte SIZEOF_DWORD
-    jb          short .column_st3
-    vmovd       XMM_DWORD [rdi], xmmA
-    add         rdi, byte SIZEOF_DWORD
-    sub         rcx, byte SIZEOF_DWORD
-    vpsrldq     xmmA, xmmA, SIZEOF_DWORD
-.column_st3:
-    ; Store the lower 2 bytes of rax to the output when it has enough
-    ; space.
-    vmovd       eax, xmmA
-    cmp         rcx, byte SIZEOF_WORD
-    jb          short .column_st1
-    mov         word [rdi], ax
-    add         rdi, byte SIZEOF_WORD
-    sub         rcx, byte SIZEOF_WORD
-    shr         rax, 16
-.column_st1:
-    ; Store the lower 1 byte of rax to the output when it has enough
-    ; space.
-    test        rcx, rcx
-    jz          short .nextrow
-    mov         byte [rdi], al
-
-%else  ; RGB_PIXELSIZE == 4 ; -----------
-
-%ifdef RGBX_FILLER_0XFF
-    vpcmpeqb    ymm6, ymm6, ymm6        ; ymm6=XE=X(02468ACE********GIKMOQSU********)
-    vpcmpeqb    ymm7, ymm7, ymm7        ; ymm7=XO=X(13579BDF********HJLNPRTV********)
-%else
-    vpxor       ymm6, ymm6, ymm6        ; ymm6=XE=X(02468ACE********GIKMOQSU********)
-    vpxor       ymm7, ymm7, ymm7        ; ymm7=XO=X(13579BDF********HJLNPRTV********)
-%endif
-    ; ymmA=(00 02 04 06 08 0A 0C 0E ** 0G 0I 0K 0M 0O 0Q 0S 0U **)
-    ; ymmB=(01 03 05 07 09 0B 0D 0F ** 0H 0J 0L 0N 0P 0R 0T 0V **)
-    ; ymmC=(10 12 14 16 18 1A 1C 1E ** 1G 1I 1K 1M 1O 1Q 1S 1U **)
-    ; ymmD=(11 13 15 17 19 1B 1D 1F ** 1H 1J 1L 1N 1P 1R 1T 1V **)
-    ; ymmE=(20 22 24 26 28 2A 2C 2E ** 2G 2I 2K 2M 2O 2Q 2S 2U **)
-    ; ymmF=(21 23 25 27 29 2B 2D 2F ** 2H 2J 2L 2N 2P 2R 2T 2V **)
-    ; ymmG=(30 32 34 36 38 3A 3C 3E ** 3G 3I 3K 3M 3O 3Q 3S 3U **)
-    ; ymmH=(31 33 35 37 39 3B 3D 3F ** 3H 3J 3L 3N 3P 3R 3T 3V **)
-
-    vpunpcklbw  ymmA, ymmA, ymmC        ; ymmA=(00 10 02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E
-                                        ;       0G 1G 0I 1I 0K 1K 0M 1M 0O 1O 0Q 1Q 0S 1S 0U 1U)
-    vpunpcklbw  ymmE, ymmE, ymmG        ; ymmE=(20 30 22 32 24 34 26 36 28 38 2A 3A 2C 3C 2E 3E
-                                        ;       2G 3G 2I 3I 2K 3K 2M 3M 2O 3O 2Q 3Q 2S 3S 2U 3U)
-    vpunpcklbw  ymmB, ymmB, ymmD        ; ymmB=(01 11 03 13 05 15 07 17 09 19 0B 1B 0D 1D 0F 1F
-                                        ;       0H 1H 0J 1J 0L 1L 0N 1N 0P 1P 0R 1R 0T 1T 0V 1V)
-    vpunpcklbw  ymmF, ymmF, ymmH        ; ymmF=(21 31 23 33 25 35 27 37 29 39 2B 3B 2D 3D 2F 3F
-                                        ;       2H 3H 2J 3J 2L 3L 2N 3N 2P 3P 2R 3R 2T 3T 2V 3V)
-
-    vpunpckhwd  ymmC, ymmA, ymmE        ; ymmC=(08 18 28 38 0A 1A 2A 3A 0C 1C 2C 3C 0E 1E 2E 3E
-                                        ;       0O 1O 2O 3O 0Q 1Q 2Q 3Q 0S 1S 2S 3S 0U 1U 2U 3U)
-    vpunpcklwd  ymmA, ymmA, ymmE        ; ymmA=(00 10 20 30 02 12 22 32 04 14 24 34 06 16 26 36
-                                        ;       0G 1G 2G 3G 0I 1I 2I 3I 0K 1K 2K 3K 0M 1M 2M 3M)
-    vpunpckhwd  ymmG, ymmB, ymmF        ; ymmG=(09 19 29 39 0B 1B 2B 3B 0D 1D 2D 3D 0F 1F 2F 3F
-                                        ;       0P 1P 2P 3P 0R 1R 2R 3R 0T 1T 2T 3T 0V 1V 2V 3V)
-    vpunpcklwd  ymmB, ymmB, ymmF        ; ymmB=(01 11 21 31 03 13 23 33 05 15 25 35 07 17 27 37
-                                        ;       0H 1H 2H 3H 0J 1J 2J 3J 0L 1L 2L 3L 0N 1N 2N 3N)
-
-    vpunpckhdq  ymmE, ymmA, ymmB        ; ymmE=(04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37
-                                        ;       0K 1K 2K 3K 0L 1L 2L 3L 0M 1M 2M 3M 0N 1N 2N 3N)
-    vpunpckldq  ymmB, ymmA, ymmB        ; ymmB=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33
-                                        ;       0G 1G 2G 3G 0H 1H 2H 3H 0I 1I 2I 3I 0J 1J 2J 3J)
-    vpunpckhdq  ymmF, ymmC, ymmG        ; ymmF=(0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F
-                                        ;       0S 1S 2S 3S 0T 1T 2T 3T 0U 1U 2U 3U 0V 1V 2V 3V)
-    vpunpckldq  ymmG, ymmC, ymmG        ; ymmG=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B
-                                        ;       0O 1O 2O 3O 0P 1P 2P 3P 0Q 1Q 2Q 3Q 0R 1R 2R 3R)
-
-    vperm2i128  ymmA, ymmB, ymmE, 0x20  ; ymmA=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33
-                                        ;       04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37)
-    vperm2i128  ymmD, ymmG, ymmF, 0x20  ; ymmD=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B
-                                        ;       0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F)
-    vperm2i128  ymmC, ymmB, ymmE, 0x31  ; ymmC=(0G 1G 2G 3G 0H 1H 2H 3H 0I 1I 2I 3I 0J 1J 2J 3J
-                                        ;       0K 1K 2K 3K 0L 1L 2L 3L 0M 1M 2M 3M 0N 1N 2N 3N)
-    vperm2i128  ymmH, ymmG, ymmF, 0x31  ; ymmH=(0O 1O 2O 3O 0P 1P 2P 3P 0Q 1Q 2Q 3Q 0R 1R 2R 3R
-                                        ;       0S 1S 2S 3S 0T 1T 2T 3T 0U 1U 2U 3U 0V 1V 2V 3V)
-
-    cmp         rcx, byte SIZEOF_YMMWORD
-    jb          short .column_st64
-
-    test        rdi, SIZEOF_YMMWORD-1
-    jnz         short .out1
-    ; --(aligned)-------------------
-    vmovntdq    YMMWORD [rdi+0*SIZEOF_YMMWORD], ymmA
-    vmovntdq    YMMWORD [rdi+1*SIZEOF_YMMWORD], ymmD
-    vmovntdq    YMMWORD [rdi+2*SIZEOF_YMMWORD], ymmC
-    vmovntdq    YMMWORD [rdi+3*SIZEOF_YMMWORD], ymmH
-    jmp         short .out0
-.out1:  ; --(unaligned)-----------------
-    vmovdqu     YMMWORD [rdi+0*SIZEOF_YMMWORD], ymmA
-    vmovdqu     YMMWORD [rdi+1*SIZEOF_YMMWORD], ymmD
-    vmovdqu     YMMWORD [rdi+2*SIZEOF_YMMWORD], ymmC
-    vmovdqu     YMMWORD [rdi+3*SIZEOF_YMMWORD], ymmH
-.out0:
-    add         rdi, RGB_PIXELSIZE*SIZEOF_YMMWORD  ; outptr
-    sub         rcx, byte SIZEOF_YMMWORD
-    jz          near .nextrow
-
-    add         rsi, byte SIZEOF_YMMWORD  ; inptr0
-    add         rbx, byte SIZEOF_YMMWORD  ; inptr1
-    add         rdx, byte SIZEOF_YMMWORD  ; inptr2
-    jmp         near .columnloop
-
-.column_st64:
-    cmp         rcx, byte SIZEOF_YMMWORD/2
-    jb          short .column_st32
-    vmovdqu     YMMWORD [rdi+0*SIZEOF_YMMWORD], ymmA
-    vmovdqu     YMMWORD [rdi+1*SIZEOF_YMMWORD], ymmD
-    add         rdi, byte 2*SIZEOF_YMMWORD  ; outptr
-    vmovdqa     ymmA, ymmC
-    vmovdqa     ymmD, ymmH
-    sub         rcx, byte SIZEOF_YMMWORD/2
-.column_st32:
-    cmp         rcx, byte SIZEOF_YMMWORD/4
-    jb          short .column_st16
-    vmovdqu     YMMWORD [rdi+0*SIZEOF_YMMWORD], ymmA
-    add         rdi, byte SIZEOF_YMMWORD    ; outptr
-    vmovdqa     ymmA, ymmD
-    sub         rcx, byte SIZEOF_YMMWORD/4
-.column_st16:
-    cmp         rcx, byte SIZEOF_YMMWORD/8
-    jb          short .column_st15
-    vmovdqu     XMMWORD [rdi+0*SIZEOF_XMMWORD], xmmA
-    vperm2i128  ymmA, ymmA, ymmA, 1
-    add         rdi, byte SIZEOF_XMMWORD    ; outptr
-    sub         rcx, byte SIZEOF_YMMWORD/8
-.column_st15:
-    ; Store two pixels (8 bytes) of ymmA to the output when it has enough
-    ; space.
-    cmp         rcx, byte SIZEOF_YMMWORD/16
-    jb          short .column_st7
-    vmovq       MMWORD [rdi], xmmA
-    add         rdi, byte SIZEOF_YMMWORD/16*4
-    sub         rcx, byte SIZEOF_YMMWORD/16
-    vpsrldq     xmmA, SIZEOF_YMMWORD/16*4
-.column_st7:
-    ; Store one pixel (4 bytes) of ymmA to the output when it has enough
-    ; space.
-    test        rcx, rcx
-    jz          short .nextrow
-    vmovd       XMM_DWORD [rdi], xmmA
-
-%endif  ; RGB_PIXELSIZE ; ---------------
-
-.nextrow:
-    pop         rcx
-    pop         rsi
-    pop         rbx
-    pop         rdx
-    pop         rdi
-    pop         rax
-
-    add         rsi, byte SIZEOF_JSAMPROW
-    add         rbx, byte SIZEOF_JSAMPROW
-    add         rdx, byte SIZEOF_JSAMPROW
-    add         rdi, byte SIZEOF_JSAMPROW  ; output_buf
-    dec         rax                        ; num_rows
-    jg          near .rowloop
-
-    sfence                              ; flush the write buffer
-
-.return:
-    pop         rbx
-    vzeroupper
-    uncollect_args 5
-    mov         rsp, rbp                ; rsp <- aligned rbp
-    pop         rsp                     ; rsp <- original rbp
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdcolext-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdcolext-sse2.asm
deleted file mode 100644
index e07c8d7..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdcolext-sse2.asm
+++ /dev/null
@@ -1,439 +0,0 @@
-;
-; jdcolext.asm - colorspace conversion (64-bit SSE2)
-;
-; Copyright 2009, 2012 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2012, 2016, D. R. Commander.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jcolsamp.inc"
-
-; --------------------------------------------------------------------------
-;
-; Convert some rows of samples to the output colorspace.
-;
-; GLOBAL(void)
-; jsimd_ycc_rgb_convert_sse2(JDIMENSION out_width, JSAMPIMAGE input_buf,
-;                            JDIMENSION input_row, JSAMPARRAY output_buf,
-;                            int num_rows)
-;
-
-; r10d = JDIMENSION out_width
-; r11 = JSAMPIMAGE input_buf
-; r12d = JDIMENSION input_row
-; r13 = JSAMPARRAY output_buf
-; r14d = int num_rows
-
-%define wk(i)   rbp - (WK_NUM - (i)) * SIZEOF_XMMWORD  ; xmmword wk[WK_NUM]
-%define WK_NUM  2
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_ycc_rgb_convert_sse2)
-
-EXTN(jsimd_ycc_rgb_convert_sse2):
-    push        rbp
-    mov         rax, rsp                     ; rax = original rbp
-    sub         rsp, byte 4
-    and         rsp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [rsp], rax
-    mov         rbp, rsp                     ; rbp = aligned rbp
-    lea         rsp, [wk(0)]
-    collect_args 5
-    push        rbx
-
-    mov         ecx, r10d               ; num_cols
-    test        rcx, rcx
-    jz          near .return
-
-    push        rcx
-
-    mov         rdi, r11
-    mov         ecx, r12d
-    mov         rsip, JSAMPARRAY [rdi+0*SIZEOF_JSAMPARRAY]
-    mov         rbxp, JSAMPARRAY [rdi+1*SIZEOF_JSAMPARRAY]
-    mov         rdxp, JSAMPARRAY [rdi+2*SIZEOF_JSAMPARRAY]
-    lea         rsi, [rsi+rcx*SIZEOF_JSAMPROW]
-    lea         rbx, [rbx+rcx*SIZEOF_JSAMPROW]
-    lea         rdx, [rdx+rcx*SIZEOF_JSAMPROW]
-
-    pop         rcx
-
-    mov         rdi, r13
-    mov         eax, r14d
-    test        rax, rax
-    jle         near .return
-.rowloop:
-    push        rax
-    push        rdi
-    push        rdx
-    push        rbx
-    push        rsi
-    push        rcx                     ; col
-
-    mov         rsip, JSAMPROW [rsi]    ; inptr0
-    mov         rbxp, JSAMPROW [rbx]    ; inptr1
-    mov         rdxp, JSAMPROW [rdx]    ; inptr2
-    mov         rdip, JSAMPROW [rdi]    ; outptr
-.columnloop:
-
-    movdqa      xmm5, XMMWORD [rbx]     ; xmm5=Cb(0123456789ABCDEF)
-    movdqa      xmm1, XMMWORD [rdx]     ; xmm1=Cr(0123456789ABCDEF)
-
-    pcmpeqw     xmm4, xmm4
-    pcmpeqw     xmm7, xmm7
-    psrlw       xmm4, BYTE_BIT
-    psllw       xmm7, 7                 ; xmm7={0xFF80 0xFF80 0xFF80 0xFF80 ..}
-    movdqa      xmm0, xmm4              ; xmm0=xmm4={0xFF 0x00 0xFF 0x00 ..}
-
-    pand        xmm4, xmm5              ; xmm4=Cb(02468ACE)=CbE
-    psrlw       xmm5, BYTE_BIT          ; xmm5=Cb(13579BDF)=CbO
-    pand        xmm0, xmm1              ; xmm0=Cr(02468ACE)=CrE
-    psrlw       xmm1, BYTE_BIT          ; xmm1=Cr(13579BDF)=CrO
-
-    paddw       xmm4, xmm7
-    paddw       xmm5, xmm7
-    paddw       xmm0, xmm7
-    paddw       xmm1, xmm7
-
-    ; (Original)
-    ; R = Y                + 1.40200 * Cr
-    ; G = Y - 0.34414 * Cb - 0.71414 * Cr
-    ; B = Y + 1.77200 * Cb
-    ;
-    ; (This implementation)
-    ; R = Y                + 0.40200 * Cr + Cr
-    ; G = Y - 0.34414 * Cb + 0.28586 * Cr - Cr
-    ; B = Y - 0.22800 * Cb + Cb + Cb
-
-    movdqa      xmm2, xmm4              ; xmm2=CbE
-    movdqa      xmm3, xmm5              ; xmm3=CbO
-    paddw       xmm4, xmm4              ; xmm4=2*CbE
-    paddw       xmm5, xmm5              ; xmm5=2*CbO
-    movdqa      xmm6, xmm0              ; xmm6=CrE
-    movdqa      xmm7, xmm1              ; xmm7=CrO
-    paddw       xmm0, xmm0              ; xmm0=2*CrE
-    paddw       xmm1, xmm1              ; xmm1=2*CrO
-
-    pmulhw      xmm4, [rel PW_MF0228]   ; xmm4=(2*CbE * -FIX(0.22800))
-    pmulhw      xmm5, [rel PW_MF0228]   ; xmm5=(2*CbO * -FIX(0.22800))
-    pmulhw      xmm0, [rel PW_F0402]    ; xmm0=(2*CrE * FIX(0.40200))
-    pmulhw      xmm1, [rel PW_F0402]    ; xmm1=(2*CrO * FIX(0.40200))
-
-    paddw       xmm4, [rel PW_ONE]
-    paddw       xmm5, [rel PW_ONE]
-    psraw       xmm4, 1                 ; xmm4=(CbE * -FIX(0.22800))
-    psraw       xmm5, 1                 ; xmm5=(CbO * -FIX(0.22800))
-    paddw       xmm0, [rel PW_ONE]
-    paddw       xmm1, [rel PW_ONE]
-    psraw       xmm0, 1                 ; xmm0=(CrE * FIX(0.40200))
-    psraw       xmm1, 1                 ; xmm1=(CrO * FIX(0.40200))
-
-    paddw       xmm4, xmm2
-    paddw       xmm5, xmm3
-    paddw       xmm4, xmm2              ; xmm4=(CbE * FIX(1.77200))=(B-Y)E
-    paddw       xmm5, xmm3              ; xmm5=(CbO * FIX(1.77200))=(B-Y)O
-    paddw       xmm0, xmm6              ; xmm0=(CrE * FIX(1.40200))=(R-Y)E
-    paddw       xmm1, xmm7              ; xmm1=(CrO * FIX(1.40200))=(R-Y)O
-
-    movdqa      XMMWORD [wk(0)], xmm4   ; wk(0)=(B-Y)E
-    movdqa      XMMWORD [wk(1)], xmm5   ; wk(1)=(B-Y)O
-
-    movdqa      xmm4, xmm2
-    movdqa      xmm5, xmm3
-    punpcklwd   xmm2, xmm6
-    punpckhwd   xmm4, xmm6
-    pmaddwd     xmm2, [rel PW_MF0344_F0285]
-    pmaddwd     xmm4, [rel PW_MF0344_F0285]
-    punpcklwd   xmm3, xmm7
-    punpckhwd   xmm5, xmm7
-    pmaddwd     xmm3, [rel PW_MF0344_F0285]
-    pmaddwd     xmm5, [rel PW_MF0344_F0285]
-
-    paddd       xmm2, [rel PD_ONEHALF]
-    paddd       xmm4, [rel PD_ONEHALF]
-    psrad       xmm2, SCALEBITS
-    psrad       xmm4, SCALEBITS
-    paddd       xmm3, [rel PD_ONEHALF]
-    paddd       xmm5, [rel PD_ONEHALF]
-    psrad       xmm3, SCALEBITS
-    psrad       xmm5, SCALEBITS
-
-    packssdw    xmm2, xmm4              ; xmm2=CbE*-FIX(0.344)+CrE*FIX(0.285)
-    packssdw    xmm3, xmm5              ; xmm3=CbO*-FIX(0.344)+CrO*FIX(0.285)
-    psubw       xmm2, xmm6              ; xmm2=CbE*-FIX(0.344)+CrE*-FIX(0.714)=(G-Y)E
-    psubw       xmm3, xmm7              ; xmm3=CbO*-FIX(0.344)+CrO*-FIX(0.714)=(G-Y)O
-
-    movdqa      xmm5, XMMWORD [rsi]     ; xmm5=Y(0123456789ABCDEF)
-
-    pcmpeqw     xmm4, xmm4
-    psrlw       xmm4, BYTE_BIT          ; xmm4={0xFF 0x00 0xFF 0x00 ..}
-    pand        xmm4, xmm5              ; xmm4=Y(02468ACE)=YE
-    psrlw       xmm5, BYTE_BIT          ; xmm5=Y(13579BDF)=YO
-
-    paddw       xmm0, xmm4              ; xmm0=((R-Y)E+YE)=RE=R(02468ACE)
-    paddw       xmm1, xmm5              ; xmm1=((R-Y)O+YO)=RO=R(13579BDF)
-    packuswb    xmm0, xmm0              ; xmm0=R(02468ACE********)
-    packuswb    xmm1, xmm1              ; xmm1=R(13579BDF********)
-
-    paddw       xmm2, xmm4              ; xmm2=((G-Y)E+YE)=GE=G(02468ACE)
-    paddw       xmm3, xmm5              ; xmm3=((G-Y)O+YO)=GO=G(13579BDF)
-    packuswb    xmm2, xmm2              ; xmm2=G(02468ACE********)
-    packuswb    xmm3, xmm3              ; xmm3=G(13579BDF********)
-
-    paddw       xmm4, XMMWORD [wk(0)]   ; xmm4=(YE+(B-Y)E)=BE=B(02468ACE)
-    paddw       xmm5, XMMWORD [wk(1)]   ; xmm5=(YO+(B-Y)O)=BO=B(13579BDF)
-    packuswb    xmm4, xmm4              ; xmm4=B(02468ACE********)
-    packuswb    xmm5, xmm5              ; xmm5=B(13579BDF********)
-
-%if RGB_PIXELSIZE == 3  ; ---------------
-
-    ; xmmA=(00 02 04 06 08 0A 0C 0E **), xmmB=(01 03 05 07 09 0B 0D 0F **)
-    ; xmmC=(10 12 14 16 18 1A 1C 1E **), xmmD=(11 13 15 17 19 1B 1D 1F **)
-    ; xmmE=(20 22 24 26 28 2A 2C 2E **), xmmF=(21 23 25 27 29 2B 2D 2F **)
-    ; xmmG=(** ** ** ** ** ** ** ** **), xmmH=(** ** ** ** ** ** ** ** **)
-
-    punpcklbw   xmmA, xmmC        ; xmmA=(00 10 02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E)
-    punpcklbw   xmmE, xmmB        ; xmmE=(20 01 22 03 24 05 26 07 28 09 2A 0B 2C 0D 2E 0F)
-    punpcklbw   xmmD, xmmF        ; xmmD=(11 21 13 23 15 25 17 27 19 29 1B 2B 1D 2D 1F 2F)
-
-    movdqa      xmmG, xmmA
-    movdqa      xmmH, xmmA
-    punpcklwd   xmmA, xmmE        ; xmmA=(00 10 20 01 02 12 22 03 04 14 24 05 06 16 26 07)
-    punpckhwd   xmmG, xmmE        ; xmmG=(08 18 28 09 0A 1A 2A 0B 0C 1C 2C 0D 0E 1E 2E 0F)
-
-    psrldq      xmmH, 2           ; xmmH=(02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E -- --)
-    psrldq      xmmE, 2           ; xmmE=(22 03 24 05 26 07 28 09 2A 0B 2C 0D 2E 0F -- --)
-
-    movdqa      xmmC, xmmD
-    movdqa      xmmB, xmmD
-    punpcklwd   xmmD, xmmH        ; xmmD=(11 21 02 12 13 23 04 14 15 25 06 16 17 27 08 18)
-    punpckhwd   xmmC, xmmH        ; xmmC=(19 29 0A 1A 1B 2B 0C 1C 1D 2D 0E 1E 1F 2F -- --)
-
-    psrldq      xmmB, 2           ; xmmB=(13 23 15 25 17 27 19 29 1B 2B 1D 2D 1F 2F -- --)
-
-    movdqa      xmmF, xmmE
-    punpcklwd   xmmE, xmmB        ; xmmE=(22 03 13 23 24 05 15 25 26 07 17 27 28 09 19 29)
-    punpckhwd   xmmF, xmmB        ; xmmF=(2A 0B 1B 2B 2C 0D 1D 2D 2E 0F 1F 2F -- -- -- --)
-
-    pshufd      xmmH, xmmA, 0x4E  ; xmmH=(04 14 24 05 06 16 26 07 00 10 20 01 02 12 22 03)
-    movdqa      xmmB, xmmE
-    punpckldq   xmmA, xmmD        ; xmmA=(00 10 20 01 11 21 02 12 02 12 22 03 13 23 04 14)
-    punpckldq   xmmE, xmmH        ; xmmE=(22 03 13 23 04 14 24 05 24 05 15 25 06 16 26 07)
-    punpckhdq   xmmD, xmmB        ; xmmD=(15 25 06 16 26 07 17 27 17 27 08 18 28 09 19 29)
-
-    pshufd      xmmH, xmmG, 0x4E  ; xmmH=(0C 1C 2C 0D 0E 1E 2E 0F 08 18 28 09 0A 1A 2A 0B)
-    movdqa      xmmB, xmmF
-    punpckldq   xmmG, xmmC        ; xmmG=(08 18 28 09 19 29 0A 1A 0A 1A 2A 0B 1B 2B 0C 1C)
-    punpckldq   xmmF, xmmH        ; xmmF=(2A 0B 1B 2B 0C 1C 2C 0D 2C 0D 1D 2D 0E 1E 2E 0F)
-    punpckhdq   xmmC, xmmB        ; xmmC=(1D 2D 0E 1E 2E 0F 1F 2F 1F 2F -- -- -- -- -- --)
-
-    punpcklqdq  xmmA, xmmE        ; xmmA=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05)
-    punpcklqdq  xmmD, xmmG        ; xmmD=(15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A)
-    punpcklqdq  xmmF, xmmC        ; xmmF=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F)
-
-    cmp         rcx, byte SIZEOF_XMMWORD
-    jb          short .column_st32
-
-    test        rdi, SIZEOF_XMMWORD-1
-    jnz         short .out1
-    ; --(aligned)-------------------
-    movntdq     XMMWORD [rdi+0*SIZEOF_XMMWORD], xmmA
-    movntdq     XMMWORD [rdi+1*SIZEOF_XMMWORD], xmmD
-    movntdq     XMMWORD [rdi+2*SIZEOF_XMMWORD], xmmF
-    jmp         short .out0
-.out1:  ; --(unaligned)-----------------
-    movdqu      XMMWORD [rdi+0*SIZEOF_XMMWORD], xmmA
-    movdqu      XMMWORD [rdi+1*SIZEOF_XMMWORD], xmmD
-    movdqu      XMMWORD [rdi+2*SIZEOF_XMMWORD], xmmF
-.out0:
-    add         rdi, byte RGB_PIXELSIZE*SIZEOF_XMMWORD  ; outptr
-    sub         rcx, byte SIZEOF_XMMWORD
-    jz          near .nextrow
-
-    add         rsi, byte SIZEOF_XMMWORD  ; inptr0
-    add         rbx, byte SIZEOF_XMMWORD  ; inptr1
-    add         rdx, byte SIZEOF_XMMWORD  ; inptr2
-    jmp         near .columnloop
-
-.column_st32:
-    lea         rcx, [rcx+rcx*2]            ; imul ecx, RGB_PIXELSIZE
-    cmp         rcx, byte 2*SIZEOF_XMMWORD
-    jb          short .column_st16
-    movdqu      XMMWORD [rdi+0*SIZEOF_XMMWORD], xmmA
-    movdqu      XMMWORD [rdi+1*SIZEOF_XMMWORD], xmmD
-    add         rdi, byte 2*SIZEOF_XMMWORD  ; outptr
-    movdqa      xmmA, xmmF
-    sub         rcx, byte 2*SIZEOF_XMMWORD
-    jmp         short .column_st15
-.column_st16:
-    cmp         rcx, byte SIZEOF_XMMWORD
-    jb          short .column_st15
-    movdqu      XMMWORD [rdi+0*SIZEOF_XMMWORD], xmmA
-    add         rdi, byte SIZEOF_XMMWORD    ; outptr
-    movdqa      xmmA, xmmD
-    sub         rcx, byte SIZEOF_XMMWORD
-.column_st15:
-    ; Store the lower 8 bytes of xmmA to the output when it has enough
-    ; space.
-    cmp         rcx, byte SIZEOF_MMWORD
-    jb          short .column_st7
-    movq        XMM_MMWORD [rdi], xmmA
-    add         rdi, byte SIZEOF_MMWORD
-    sub         rcx, byte SIZEOF_MMWORD
-    psrldq      xmmA, SIZEOF_MMWORD
-.column_st7:
-    ; Store the lower 4 bytes of xmmA to the output when it has enough
-    ; space.
-    cmp         rcx, byte SIZEOF_DWORD
-    jb          short .column_st3
-    movd        XMM_DWORD [rdi], xmmA
-    add         rdi, byte SIZEOF_DWORD
-    sub         rcx, byte SIZEOF_DWORD
-    psrldq      xmmA, SIZEOF_DWORD
-.column_st3:
-    ; Store the lower 2 bytes of rax to the output when it has enough
-    ; space.
-    movd        eax, xmmA
-    cmp         rcx, byte SIZEOF_WORD
-    jb          short .column_st1
-    mov         word [rdi], ax
-    add         rdi, byte SIZEOF_WORD
-    sub         rcx, byte SIZEOF_WORD
-    shr         rax, 16
-.column_st1:
-    ; Store the lower 1 byte of rax to the output when it has enough
-    ; space.
-    test        rcx, rcx
-    jz          short .nextrow
-    mov         byte [rdi], al
-
-%else  ; RGB_PIXELSIZE == 4 ; -----------
-
-%ifdef RGBX_FILLER_0XFF
-    pcmpeqb     xmm6, xmm6              ; xmm6=XE=X(02468ACE********)
-    pcmpeqb     xmm7, xmm7              ; xmm7=XO=X(13579BDF********)
-%else
-    pxor        xmm6, xmm6              ; xmm6=XE=X(02468ACE********)
-    pxor        xmm7, xmm7              ; xmm7=XO=X(13579BDF********)
-%endif
-    ; xmmA=(00 02 04 06 08 0A 0C 0E **), xmmB=(01 03 05 07 09 0B 0D 0F **)
-    ; xmmC=(10 12 14 16 18 1A 1C 1E **), xmmD=(11 13 15 17 19 1B 1D 1F **)
-    ; xmmE=(20 22 24 26 28 2A 2C 2E **), xmmF=(21 23 25 27 29 2B 2D 2F **)
-    ; xmmG=(30 32 34 36 38 3A 3C 3E **), xmmH=(31 33 35 37 39 3B 3D 3F **)
-
-    punpcklbw   xmmA, xmmC  ; xmmA=(00 10 02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E)
-    punpcklbw   xmmE, xmmG  ; xmmE=(20 30 22 32 24 34 26 36 28 38 2A 3A 2C 3C 2E 3E)
-    punpcklbw   xmmB, xmmD  ; xmmB=(01 11 03 13 05 15 07 17 09 19 0B 1B 0D 1D 0F 1F)
-    punpcklbw   xmmF, xmmH  ; xmmF=(21 31 23 33 25 35 27 37 29 39 2B 3B 2D 3D 2F 3F)
-
-    movdqa      xmmC, xmmA
-    punpcklwd   xmmA, xmmE  ; xmmA=(00 10 20 30 02 12 22 32 04 14 24 34 06 16 26 36)
-    punpckhwd   xmmC, xmmE  ; xmmC=(08 18 28 38 0A 1A 2A 3A 0C 1C 2C 3C 0E 1E 2E 3E)
-    movdqa      xmmG, xmmB
-    punpcklwd   xmmB, xmmF  ; xmmB=(01 11 21 31 03 13 23 33 05 15 25 35 07 17 27 37)
-    punpckhwd   xmmG, xmmF  ; xmmG=(09 19 29 39 0B 1B 2B 3B 0D 1D 2D 3D 0F 1F 2F 3F)
-
-    movdqa      xmmD, xmmA
-    punpckldq   xmmA, xmmB  ; xmmA=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33)
-    punpckhdq   xmmD, xmmB  ; xmmD=(04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37)
-    movdqa      xmmH, xmmC
-    punpckldq   xmmC, xmmG  ; xmmC=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B)
-    punpckhdq   xmmH, xmmG  ; xmmH=(0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F)
-
-    cmp         rcx, byte SIZEOF_XMMWORD
-    jb          short .column_st32
-
-    test        rdi, SIZEOF_XMMWORD-1
-    jnz         short .out1
-    ; --(aligned)-------------------
-    movntdq     XMMWORD [rdi+0*SIZEOF_XMMWORD], xmmA
-    movntdq     XMMWORD [rdi+1*SIZEOF_XMMWORD], xmmD
-    movntdq     XMMWORD [rdi+2*SIZEOF_XMMWORD], xmmC
-    movntdq     XMMWORD [rdi+3*SIZEOF_XMMWORD], xmmH
-    jmp         short .out0
-.out1:  ; --(unaligned)-----------------
-    movdqu      XMMWORD [rdi+0*SIZEOF_XMMWORD], xmmA
-    movdqu      XMMWORD [rdi+1*SIZEOF_XMMWORD], xmmD
-    movdqu      XMMWORD [rdi+2*SIZEOF_XMMWORD], xmmC
-    movdqu      XMMWORD [rdi+3*SIZEOF_XMMWORD], xmmH
-.out0:
-    add         rdi, byte RGB_PIXELSIZE*SIZEOF_XMMWORD  ; outptr
-    sub         rcx, byte SIZEOF_XMMWORD
-    jz          near .nextrow
-
-    add         rsi, byte SIZEOF_XMMWORD  ; inptr0
-    add         rbx, byte SIZEOF_XMMWORD  ; inptr1
-    add         rdx, byte SIZEOF_XMMWORD  ; inptr2
-    jmp         near .columnloop
-
-.column_st32:
-    cmp         rcx, byte SIZEOF_XMMWORD/2
-    jb          short .column_st16
-    movdqu      XMMWORD [rdi+0*SIZEOF_XMMWORD], xmmA
-    movdqu      XMMWORD [rdi+1*SIZEOF_XMMWORD], xmmD
-    add         rdi, byte 2*SIZEOF_XMMWORD  ; outptr
-    movdqa      xmmA, xmmC
-    movdqa      xmmD, xmmH
-    sub         rcx, byte SIZEOF_XMMWORD/2
-.column_st16:
-    cmp         rcx, byte SIZEOF_XMMWORD/4
-    jb          short .column_st15
-    movdqu      XMMWORD [rdi+0*SIZEOF_XMMWORD], xmmA
-    add         rdi, byte SIZEOF_XMMWORD    ; outptr
-    movdqa      xmmA, xmmD
-    sub         rcx, byte SIZEOF_XMMWORD/4
-.column_st15:
-    ; Store two pixels (8 bytes) of xmmA to the output when it has enough
-    ; space.
-    cmp         rcx, byte SIZEOF_XMMWORD/8
-    jb          short .column_st7
-    movq        MMWORD [rdi], xmmA
-    add         rdi, byte SIZEOF_XMMWORD/8*4
-    sub         rcx, byte SIZEOF_XMMWORD/8
-    psrldq      xmmA, SIZEOF_XMMWORD/8*4
-.column_st7:
-    ; Store one pixel (4 bytes) of xmmA to the output when it has enough
-    ; space.
-    test        rcx, rcx
-    jz          short .nextrow
-    movd        XMM_DWORD [rdi], xmmA
-
-%endif  ; RGB_PIXELSIZE ; ---------------
-
-.nextrow:
-    pop         rcx
-    pop         rsi
-    pop         rbx
-    pop         rdx
-    pop         rdi
-    pop         rax
-
-    add         rsi, byte SIZEOF_JSAMPROW
-    add         rbx, byte SIZEOF_JSAMPROW
-    add         rdx, byte SIZEOF_JSAMPROW
-    add         rdi, byte SIZEOF_JSAMPROW  ; output_buf
-    dec         rax                        ; num_rows
-    jg          near .rowloop
-
-    sfence                              ; flush the write buffer
-
-.return:
-    pop         rbx
-    uncollect_args 5
-    mov         rsp, rbp                ; rsp <- aligned rbp
-    pop         rsp                     ; rsp <- original rbp
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdcolor-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdcolor-avx2.asm
deleted file mode 100644
index 43de9db..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdcolor-avx2.asm
+++ /dev/null
@@ -1,118 +0,0 @@
-;
-; jdcolor.asm - colorspace conversion (64-bit AVX2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-; Copyright (C) 2015, Intel Corporation.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-
-%define SCALEBITS  16
-
-F_0_344 equ  22554              ; FIX(0.34414)
-F_0_714 equ  46802              ; FIX(0.71414)
-F_1_402 equ  91881              ; FIX(1.40200)
-F_1_772 equ 116130              ; FIX(1.77200)
-F_0_402 equ (F_1_402 - 65536)   ; FIX(1.40200) - FIX(1)
-F_0_285 equ ( 65536 - F_0_714)  ; FIX(1) - FIX(0.71414)
-F_0_228 equ (131072 - F_1_772)  ; FIX(2) - FIX(1.77200)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_ycc_rgb_convert_avx2)
-
-EXTN(jconst_ycc_rgb_convert_avx2):
-
-PW_F0402        times 16 dw  F_0_402
-PW_MF0228       times 16 dw -F_0_228
-PW_MF0344_F0285 times 8  dw -F_0_344, F_0_285
-PW_ONE          times 16 dw  1
-PD_ONEHALF      times 8  dd  1 << (SCALEBITS - 1)
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-
-%include "jdcolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGB_RED
-%define RGB_GREEN  EXT_RGB_GREEN
-%define RGB_BLUE  EXT_RGB_BLUE
-%define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-%define jsimd_ycc_rgb_convert_avx2  jsimd_ycc_extrgb_convert_avx2
-%include "jdcolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGBX_RED
-%define RGB_GREEN  EXT_RGBX_GREEN
-%define RGB_BLUE  EXT_RGBX_BLUE
-%define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-%define jsimd_ycc_rgb_convert_avx2  jsimd_ycc_extrgbx_convert_avx2
-%include "jdcolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGR_RED
-%define RGB_GREEN  EXT_BGR_GREEN
-%define RGB_BLUE  EXT_BGR_BLUE
-%define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-%define jsimd_ycc_rgb_convert_avx2  jsimd_ycc_extbgr_convert_avx2
-%include "jdcolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGRX_RED
-%define RGB_GREEN  EXT_BGRX_GREEN
-%define RGB_BLUE  EXT_BGRX_BLUE
-%define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-%define jsimd_ycc_rgb_convert_avx2  jsimd_ycc_extbgrx_convert_avx2
-%include "jdcolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XBGR_RED
-%define RGB_GREEN  EXT_XBGR_GREEN
-%define RGB_BLUE  EXT_XBGR_BLUE
-%define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-%define jsimd_ycc_rgb_convert_avx2  jsimd_ycc_extxbgr_convert_avx2
-%include "jdcolext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XRGB_RED
-%define RGB_GREEN  EXT_XRGB_GREEN
-%define RGB_BLUE  EXT_XRGB_BLUE
-%define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-%define jsimd_ycc_rgb_convert_avx2  jsimd_ycc_extxrgb_convert_avx2
-%include "jdcolext-avx2.asm"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdcolor-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdcolor-sse2.asm
deleted file mode 100644
index b3f1fec..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdcolor-sse2.asm
+++ /dev/null
@@ -1,117 +0,0 @@
-;
-; jdcolor.asm - colorspace conversion (64-bit SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-
-%define SCALEBITS  16
-
-F_0_344 equ  22554              ; FIX(0.34414)
-F_0_714 equ  46802              ; FIX(0.71414)
-F_1_402 equ  91881              ; FIX(1.40200)
-F_1_772 equ 116130              ; FIX(1.77200)
-F_0_402 equ (F_1_402 - 65536)   ; FIX(1.40200) - FIX(1)
-F_0_285 equ ( 65536 - F_0_714)  ; FIX(1) - FIX(0.71414)
-F_0_228 equ (131072 - F_1_772)  ; FIX(2) - FIX(1.77200)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_ycc_rgb_convert_sse2)
-
-EXTN(jconst_ycc_rgb_convert_sse2):
-
-PW_F0402        times 8 dw  F_0_402
-PW_MF0228       times 8 dw -F_0_228
-PW_MF0344_F0285 times 4 dw -F_0_344, F_0_285
-PW_ONE          times 8 dw  1
-PD_ONEHALF      times 4 dd  1 << (SCALEBITS - 1)
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-
-%include "jdcolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGB_RED
-%define RGB_GREEN  EXT_RGB_GREEN
-%define RGB_BLUE  EXT_RGB_BLUE
-%define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-%define jsimd_ycc_rgb_convert_sse2  jsimd_ycc_extrgb_convert_sse2
-%include "jdcolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGBX_RED
-%define RGB_GREEN  EXT_RGBX_GREEN
-%define RGB_BLUE  EXT_RGBX_BLUE
-%define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-%define jsimd_ycc_rgb_convert_sse2  jsimd_ycc_extrgbx_convert_sse2
-%include "jdcolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGR_RED
-%define RGB_GREEN  EXT_BGR_GREEN
-%define RGB_BLUE  EXT_BGR_BLUE
-%define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-%define jsimd_ycc_rgb_convert_sse2  jsimd_ycc_extbgr_convert_sse2
-%include "jdcolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGRX_RED
-%define RGB_GREEN  EXT_BGRX_GREEN
-%define RGB_BLUE  EXT_BGRX_BLUE
-%define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-%define jsimd_ycc_rgb_convert_sse2  jsimd_ycc_extbgrx_convert_sse2
-%include "jdcolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XBGR_RED
-%define RGB_GREEN  EXT_XBGR_GREEN
-%define RGB_BLUE  EXT_XBGR_BLUE
-%define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-%define jsimd_ycc_rgb_convert_sse2  jsimd_ycc_extxbgr_convert_sse2
-%include "jdcolext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XRGB_RED
-%define RGB_GREEN  EXT_XRGB_GREEN
-%define RGB_BLUE  EXT_XRGB_BLUE
-%define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-%define jsimd_ycc_rgb_convert_sse2  jsimd_ycc_extxrgb_convert_sse2
-%include "jdcolext-sse2.asm"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdmerge-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdmerge-avx2.asm
deleted file mode 100644
index 9515a17..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdmerge-avx2.asm
+++ /dev/null
@@ -1,136 +0,0 @@
-;
-; jdmerge.asm - merged upsampling/color conversion (64-bit AVX2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-; Copyright (C) 2015, Intel Corporation.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-
-%define SCALEBITS  16
-
-F_0_344 equ  22554              ; FIX(0.34414)
-F_0_714 equ  46802              ; FIX(0.71414)
-F_1_402 equ  91881              ; FIX(1.40200)
-F_1_772 equ 116130              ; FIX(1.77200)
-F_0_402 equ (F_1_402 - 65536)   ; FIX(1.40200) - FIX(1)
-F_0_285 equ ( 65536 - F_0_714)  ; FIX(1) - FIX(0.71414)
-F_0_228 equ (131072 - F_1_772)  ; FIX(2) - FIX(1.77200)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_merged_upsample_avx2)
-
-EXTN(jconst_merged_upsample_avx2):
-
-PW_F0402        times 16 dw  F_0_402
-PW_MF0228       times 16 dw -F_0_228
-PW_MF0344_F0285 times 8  dw -F_0_344, F_0_285
-PW_ONE          times 16 dw  1
-PD_ONEHALF      times 8  dd  1 << (SCALEBITS - 1)
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-
-%include "jdmrgext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGB_RED
-%define RGB_GREEN  EXT_RGB_GREEN
-%define RGB_BLUE  EXT_RGB_BLUE
-%define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_avx2 \
-  jsimd_h2v1_extrgb_merged_upsample_avx2
-%define jsimd_h2v2_merged_upsample_avx2 \
-  jsimd_h2v2_extrgb_merged_upsample_avx2
-%include "jdmrgext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGBX_RED
-%define RGB_GREEN  EXT_RGBX_GREEN
-%define RGB_BLUE  EXT_RGBX_BLUE
-%define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_avx2 \
-  jsimd_h2v1_extrgbx_merged_upsample_avx2
-%define jsimd_h2v2_merged_upsample_avx2 \
-  jsimd_h2v2_extrgbx_merged_upsample_avx2
-%include "jdmrgext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGR_RED
-%define RGB_GREEN  EXT_BGR_GREEN
-%define RGB_BLUE  EXT_BGR_BLUE
-%define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_avx2 \
-  jsimd_h2v1_extbgr_merged_upsample_avx2
-%define jsimd_h2v2_merged_upsample_avx2 \
-  jsimd_h2v2_extbgr_merged_upsample_avx2
-%include "jdmrgext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGRX_RED
-%define RGB_GREEN  EXT_BGRX_GREEN
-%define RGB_BLUE  EXT_BGRX_BLUE
-%define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_avx2 \
-  jsimd_h2v1_extbgrx_merged_upsample_avx2
-%define jsimd_h2v2_merged_upsample_avx2 \
-  jsimd_h2v2_extbgrx_merged_upsample_avx2
-%include "jdmrgext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XBGR_RED
-%define RGB_GREEN  EXT_XBGR_GREEN
-%define RGB_BLUE  EXT_XBGR_BLUE
-%define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_avx2 \
-  jsimd_h2v1_extxbgr_merged_upsample_avx2
-%define jsimd_h2v2_merged_upsample_avx2 \
-  jsimd_h2v2_extxbgr_merged_upsample_avx2
-%include "jdmrgext-avx2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XRGB_RED
-%define RGB_GREEN  EXT_XRGB_GREEN
-%define RGB_BLUE  EXT_XRGB_BLUE
-%define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_avx2 \
-  jsimd_h2v1_extxrgb_merged_upsample_avx2
-%define jsimd_h2v2_merged_upsample_avx2 \
-  jsimd_h2v2_extxrgb_merged_upsample_avx2
-%include "jdmrgext-avx2.asm"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdmerge-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdmerge-sse2.asm
deleted file mode 100644
index aedccc2..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdmerge-sse2.asm
+++ /dev/null
@@ -1,135 +0,0 @@
-;
-; jdmerge.asm - merged upsampling/color conversion (64-bit SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-
-%define SCALEBITS  16
-
-F_0_344 equ  22554              ; FIX(0.34414)
-F_0_714 equ  46802              ; FIX(0.71414)
-F_1_402 equ  91881              ; FIX(1.40200)
-F_1_772 equ 116130              ; FIX(1.77200)
-F_0_402 equ (F_1_402 - 65536)   ; FIX(1.40200) - FIX(1)
-F_0_285 equ ( 65536 - F_0_714)  ; FIX(1) - FIX(0.71414)
-F_0_228 equ (131072 - F_1_772)  ; FIX(2) - FIX(1.77200)
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_merged_upsample_sse2)
-
-EXTN(jconst_merged_upsample_sse2):
-
-PW_F0402        times 8 dw  F_0_402
-PW_MF0228       times 8 dw -F_0_228
-PW_MF0344_F0285 times 4 dw -F_0_344, F_0_285
-PW_ONE          times 8 dw  1
-PD_ONEHALF      times 4 dd  1 << (SCALEBITS - 1)
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-
-%include "jdmrgext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGB_RED
-%define RGB_GREEN  EXT_RGB_GREEN
-%define RGB_BLUE  EXT_RGB_BLUE
-%define RGB_PIXELSIZE  EXT_RGB_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_sse2 \
-  jsimd_h2v1_extrgb_merged_upsample_sse2
-%define jsimd_h2v2_merged_upsample_sse2 \
-  jsimd_h2v2_extrgb_merged_upsample_sse2
-%include "jdmrgext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_RGBX_RED
-%define RGB_GREEN  EXT_RGBX_GREEN
-%define RGB_BLUE  EXT_RGBX_BLUE
-%define RGB_PIXELSIZE  EXT_RGBX_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_sse2 \
-  jsimd_h2v1_extrgbx_merged_upsample_sse2
-%define jsimd_h2v2_merged_upsample_sse2 \
-  jsimd_h2v2_extrgbx_merged_upsample_sse2
-%include "jdmrgext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGR_RED
-%define RGB_GREEN  EXT_BGR_GREEN
-%define RGB_BLUE  EXT_BGR_BLUE
-%define RGB_PIXELSIZE  EXT_BGR_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_sse2 \
-  jsimd_h2v1_extbgr_merged_upsample_sse2
-%define jsimd_h2v2_merged_upsample_sse2 \
-  jsimd_h2v2_extbgr_merged_upsample_sse2
-%include "jdmrgext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_BGRX_RED
-%define RGB_GREEN  EXT_BGRX_GREEN
-%define RGB_BLUE  EXT_BGRX_BLUE
-%define RGB_PIXELSIZE  EXT_BGRX_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_sse2 \
-  jsimd_h2v1_extbgrx_merged_upsample_sse2
-%define jsimd_h2v2_merged_upsample_sse2 \
-  jsimd_h2v2_extbgrx_merged_upsample_sse2
-%include "jdmrgext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XBGR_RED
-%define RGB_GREEN  EXT_XBGR_GREEN
-%define RGB_BLUE  EXT_XBGR_BLUE
-%define RGB_PIXELSIZE  EXT_XBGR_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_sse2 \
-  jsimd_h2v1_extxbgr_merged_upsample_sse2
-%define jsimd_h2v2_merged_upsample_sse2 \
-  jsimd_h2v2_extxbgr_merged_upsample_sse2
-%include "jdmrgext-sse2.asm"
-
-%undef RGB_RED
-%undef RGB_GREEN
-%undef RGB_BLUE
-%undef RGB_PIXELSIZE
-%define RGB_RED  EXT_XRGB_RED
-%define RGB_GREEN  EXT_XRGB_GREEN
-%define RGB_BLUE  EXT_XRGB_BLUE
-%define RGB_PIXELSIZE  EXT_XRGB_PIXELSIZE
-%define jsimd_h2v1_merged_upsample_sse2 \
-  jsimd_h2v1_extxrgb_merged_upsample_sse2
-%define jsimd_h2v2_merged_upsample_sse2 \
-  jsimd_h2v2_extxrgb_merged_upsample_sse2
-%include "jdmrgext-sse2.asm"
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdmrgext-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdmrgext-avx2.asm
deleted file mode 100644
index 8b264b4..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdmrgext-avx2.asm
+++ /dev/null
@@ -1,596 +0,0 @@
-;
-; jdmrgext.asm - merged upsampling/color conversion (64-bit AVX2)
-;
-; Copyright 2009, 2012 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2012, 2016, D. R. Commander.
-; Copyright (C) 2015, Intel Corporation.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jcolsamp.inc"
-
-; --------------------------------------------------------------------------
-;
-; Upsample and color convert for the case of 2:1 horizontal and 1:1 vertical.
-;
-; GLOBAL(void)
-; jsimd_h2v1_merged_upsample_avx2(JDIMENSION output_width,
-;                                 JSAMPIMAGE input_buf,
-;                                 JDIMENSION in_row_group_ctr,
-;                                 JSAMPARRAY output_buf);
-;
-
-; r10d = JDIMENSION output_width
-; r11 = JSAMPIMAGE input_buf
-; r12d = JDIMENSION in_row_group_ctr
-; r13 = JSAMPARRAY output_buf
-
-%define wk(i)   rbp - (WK_NUM - (i)) * SIZEOF_YMMWORD  ; ymmword wk[WK_NUM]
-%define WK_NUM  3
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v1_merged_upsample_avx2)
-
-EXTN(jsimd_h2v1_merged_upsample_avx2):
-    push        rbp
-    mov         rax, rsp                     ; rax = original rbp
-    sub         rsp, byte 4
-    and         rsp, byte (-SIZEOF_YMMWORD)  ; align to 256 bits
-    mov         [rsp], rax
-    mov         rbp, rsp                     ; rbp = aligned rbp
-    lea         rsp, [wk(0)]
-    collect_args 4
-    push        rbx
-
-    mov         ecx, r10d               ; col
-    test        rcx, rcx
-    jz          near .return
-
-    push        rcx
-
-    mov         rdi, r11
-    mov         ecx, r12d
-    mov         rsip, JSAMPARRAY [rdi+0*SIZEOF_JSAMPARRAY]
-    mov         rbxp, JSAMPARRAY [rdi+1*SIZEOF_JSAMPARRAY]
-    mov         rdxp, JSAMPARRAY [rdi+2*SIZEOF_JSAMPARRAY]
-    mov         rdi, r13
-    mov         rsip, JSAMPROW [rsi+rcx*SIZEOF_JSAMPROW]  ; inptr0
-    mov         rbxp, JSAMPROW [rbx+rcx*SIZEOF_JSAMPROW]  ; inptr1
-    mov         rdxp, JSAMPROW [rdx+rcx*SIZEOF_JSAMPROW]  ; inptr2
-    mov         rdip, JSAMPROW [rdi]                      ; outptr
-
-    pop         rcx                     ; col
-
-.columnloop:
-
-    vmovdqu     ymm6, YMMWORD [rbx]     ; ymm6=Cb(0123456789ABCDEFGHIJKLMNOPQRSTUV)
-    vmovdqu     ymm7, YMMWORD [rdx]     ; ymm7=Cr(0123456789ABCDEFGHIJKLMNOPQRSTUV)
-
-    vpxor       ymm1, ymm1, ymm1        ; ymm1=(all 0's)
-    vpcmpeqw    ymm3, ymm3, ymm3
-    vpsllw      ymm3, ymm3, 7           ; ymm3={0xFF80 0xFF80 0xFF80 0xFF80 ..}
-
-    vpermq      ymm6, ymm6, 0xd8        ; ymm6=Cb(01234567GHIJKLMN89ABCDEFOPQRSTUV)
-    vpermq      ymm7, ymm7, 0xd8        ; ymm7=Cr(01234567GHIJKLMN89ABCDEFOPQRSTUV)
-    vpunpcklbw  ymm4, ymm6, ymm1        ; ymm4=Cb(0123456789ABCDEF)=CbL
-    vpunpckhbw  ymm6, ymm6, ymm1        ; ymm6=Cb(GHIJKLMNOPQRSTUV)=CbH
-    vpunpcklbw  ymm0, ymm7, ymm1        ; ymm0=Cr(0123456789ABCDEF)=CrL
-    vpunpckhbw  ymm7, ymm7, ymm1        ; ymm7=Cr(GHIJKLMNOPQRSTUV)=CrH
-
-    vpaddw      ymm5, ymm6, ymm3
-    vpaddw      ymm2, ymm4, ymm3
-    vpaddw      ymm1, ymm7, ymm3
-    vpaddw      ymm3, ymm0, ymm3
-
-    ; (Original)
-    ; R = Y                + 1.40200 * Cr
-    ; G = Y - 0.34414 * Cb - 0.71414 * Cr
-    ; B = Y + 1.77200 * Cb
-    ;
-    ; (This implementation)
-    ; R = Y                + 0.40200 * Cr + Cr
-    ; G = Y - 0.34414 * Cb + 0.28586 * Cr - Cr
-    ; B = Y - 0.22800 * Cb + Cb + Cb
-
-    vpaddw      ymm6, ymm5, ymm5             ; ymm6=2*CbH
-    vpaddw      ymm4, ymm2, ymm2             ; ymm4=2*CbL
-    vpaddw      ymm7, ymm1, ymm1             ; ymm7=2*CrH
-    vpaddw      ymm0, ymm3, ymm3             ; ymm0=2*CrL
-
-    vpmulhw     ymm6, ymm6, [rel PW_MF0228]  ; ymm6=(2*CbH * -FIX(0.22800))
-    vpmulhw     ymm4, ymm4, [rel PW_MF0228]  ; ymm4=(2*CbL * -FIX(0.22800))
-    vpmulhw     ymm7, ymm7, [rel PW_F0402]   ; ymm7=(2*CrH * FIX(0.40200))
-    vpmulhw     ymm0, ymm0, [rel PW_F0402]   ; ymm0=(2*CrL * FIX(0.40200))
-
-    vpaddw      ymm6, ymm6, [rel PW_ONE]
-    vpaddw      ymm4, ymm4, [rel PW_ONE]
-    vpsraw      ymm6, ymm6, 1                ; ymm6=(CbH * -FIX(0.22800))
-    vpsraw      ymm4, ymm4, 1                ; ymm4=(CbL * -FIX(0.22800))
-    vpaddw      ymm7, ymm7, [rel PW_ONE]
-    vpaddw      ymm0, ymm0, [rel PW_ONE]
-    vpsraw      ymm7, ymm7, 1                ; ymm7=(CrH * FIX(0.40200))
-    vpsraw      ymm0, ymm0, 1                ; ymm0=(CrL * FIX(0.40200))
-
-    vpaddw      ymm6, ymm6, ymm5
-    vpaddw      ymm4, ymm4, ymm2
-    vpaddw      ymm6, ymm6, ymm5             ; ymm6=(CbH * FIX(1.77200))=(B-Y)H
-    vpaddw      ymm4, ymm4, ymm2             ; ymm4=(CbL * FIX(1.77200))=(B-Y)L
-    vpaddw      ymm7, ymm7, ymm1             ; ymm7=(CrH * FIX(1.40200))=(R-Y)H
-    vpaddw      ymm0, ymm0, ymm3             ; ymm0=(CrL * FIX(1.40200))=(R-Y)L
-
-    vmovdqa     YMMWORD [wk(0)], ymm6        ; wk(0)=(B-Y)H
-    vmovdqa     YMMWORD [wk(1)], ymm7        ; wk(1)=(R-Y)H
-
-    vpunpckhwd  ymm6, ymm5, ymm1
-    vpunpcklwd  ymm5, ymm5, ymm1
-    vpmaddwd    ymm5, ymm5, [rel PW_MF0344_F0285]
-    vpmaddwd    ymm6, ymm6, [rel PW_MF0344_F0285]
-    vpunpckhwd  ymm7, ymm2, ymm3
-    vpunpcklwd  ymm2, ymm2, ymm3
-    vpmaddwd    ymm2, ymm2, [rel PW_MF0344_F0285]
-    vpmaddwd    ymm7, ymm7, [rel PW_MF0344_F0285]
-
-    vpaddd      ymm5, ymm5, [rel PD_ONEHALF]
-    vpaddd      ymm6, ymm6, [rel PD_ONEHALF]
-    vpsrad      ymm5, ymm5, SCALEBITS
-    vpsrad      ymm6, ymm6, SCALEBITS
-    vpaddd      ymm2, ymm2, [rel PD_ONEHALF]
-    vpaddd      ymm7, ymm7, [rel PD_ONEHALF]
-    vpsrad      ymm2, ymm2, SCALEBITS
-    vpsrad      ymm7, ymm7, SCALEBITS
-
-    vpackssdw   ymm5, ymm5, ymm6        ; ymm5=CbH*-FIX(0.344)+CrH*FIX(0.285)
-    vpackssdw   ymm2, ymm2, ymm7        ; ymm2=CbL*-FIX(0.344)+CrL*FIX(0.285)
-    vpsubw      ymm5, ymm5, ymm1        ; ymm5=CbH*-FIX(0.344)+CrH*-FIX(0.714)=(G-Y)H
-    vpsubw      ymm2, ymm2, ymm3        ; ymm2=CbL*-FIX(0.344)+CrL*-FIX(0.714)=(G-Y)L
-
-    vmovdqa     YMMWORD [wk(2)], ymm5   ; wk(2)=(G-Y)H
-
-    mov         al, 2                   ; Yctr
-    jmp         short .Yloop_1st
-
-.Yloop_2nd:
-    vmovdqa     ymm0, YMMWORD [wk(1)]   ; ymm0=(R-Y)H
-    vmovdqa     ymm2, YMMWORD [wk(2)]   ; ymm2=(G-Y)H
-    vmovdqa     ymm4, YMMWORD [wk(0)]   ; ymm4=(B-Y)H
-
-.Yloop_1st:
-    vmovdqu     ymm7, YMMWORD [rsi]     ; ymm7=Y(0123456789ABCDEFGHIJKLMNOPQRSTUV)
-
-    vpcmpeqw    ymm6, ymm6, ymm6
-    vpsrlw      ymm6, ymm6, BYTE_BIT    ; ymm6={0xFF 0x00 0xFF 0x00 ..}
-    vpand       ymm6, ymm6, ymm7        ; ymm6=Y(02468ACEGIKMOQSU)=YE
-    vpsrlw      ymm7, ymm7, BYTE_BIT    ; ymm7=Y(13579BDFHJLNPRTV)=YO
-
-    vmovdqa     ymm1, ymm0              ; ymm1=ymm0=(R-Y)(L/H)
-    vmovdqa     ymm3, ymm2              ; ymm3=ymm2=(G-Y)(L/H)
-    vmovdqa     ymm5, ymm4              ; ymm5=ymm4=(B-Y)(L/H)
-
-    vpaddw      ymm0, ymm0, ymm6        ; ymm0=((R-Y)+YE)=RE=R(02468ACEGIKMOQSU)
-    vpaddw      ymm1, ymm1, ymm7        ; ymm1=((R-Y)+YO)=RO=R(13579BDFHJLNPRTV)
-    vpackuswb   ymm0, ymm0, ymm0        ; ymm0=R(02468ACE********GIKMOQSU********)
-    vpackuswb   ymm1, ymm1, ymm1        ; ymm1=R(13579BDF********HJLNPRTV********)
-
-    vpaddw      ymm2, ymm2, ymm6        ; ymm2=((G-Y)+YE)=GE=G(02468ACEGIKMOQSU)
-    vpaddw      ymm3, ymm3, ymm7        ; ymm3=((G-Y)+YO)=GO=G(13579BDFHJLNPRTV)
-    vpackuswb   ymm2, ymm2, ymm2        ; ymm2=G(02468ACE********GIKMOQSU********)
-    vpackuswb   ymm3, ymm3, ymm3        ; ymm3=G(13579BDF********HJLNPRTV********)
-
-    vpaddw      ymm4, ymm4, ymm6        ; ymm4=((B-Y)+YE)=BE=B(02468ACEGIKMOQSU)
-    vpaddw      ymm5, ymm5, ymm7        ; ymm5=((B-Y)+YO)=BO=B(13579BDFHJLNPRTV)
-    vpackuswb   ymm4, ymm4, ymm4        ; ymm4=B(02468ACE********GIKMOQSU********)
-    vpackuswb   ymm5, ymm5, ymm5        ; ymm5=B(13579BDF********HJLNPRTV********)
-
-%if RGB_PIXELSIZE == 3  ; ---------------
-
-    ; ymmA=(00 02 04 06 08 0A 0C 0E ** 0G 0I 0K 0M 0O 0Q 0S 0U **)
-    ; ymmB=(01 03 05 07 09 0B 0D 0F ** 0H 0J 0L 0N 0P 0R 0T 0V **)
-    ; ymmC=(10 12 14 16 18 1A 1C 1E ** 1G 1I 1K 1M 1O 1Q 1S 1U **)
-    ; ymmD=(11 13 15 17 19 1B 1D 1F ** 1H 1J 1L 1N 1P 1R 1T 1V **)
-    ; ymmE=(20 22 24 26 28 2A 2C 2E ** 2G 2I 2K 2M 2O 2Q 2S 2U **)
-    ; ymmF=(21 23 25 27 29 2B 2D 2F ** 2H 2J 2L 2N 2P 2R 2T 2V **)
-    ; ymmG=(** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** **)
-    ; ymmH=(** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** **)
-
-    vpunpcklbw  ymmA, ymmA, ymmC        ; ymmA=(00 10 02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E
-                                        ;       0G 1G 0I 1I 0K 1K 0M 1M 0O 1O 0Q 1Q 0S 1S 0U 1U)
-    vpunpcklbw  ymmE, ymmE, ymmB        ; ymmE=(20 01 22 03 24 05 26 07 28 09 2A 0B 2C 0D 2E 0F
-                                        ;       2G 0H 2I 0J 2K 0L 2M 0N 2O 0P 2Q 0R 2S 0T 2U 0V)
-    vpunpcklbw  ymmD, ymmD, ymmF        ; ymmD=(11 21 13 23 15 25 17 27 19 29 1B 2B 1D 2D 1F 2F
-                                        ;       1H 2H 1J 2J 1L 2L 1N 2N 1P 2P 1R 2R 1T 2T 1V 2V)
-
-    vpsrldq     ymmH, ymmA, 2           ; ymmH=(02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E 0G 1G
-                                        ;       0I 1I 0K 1K 0M 1M 0O 1O 0Q 1Q 0S 1S 0U 1U -- --)
-    vpunpckhwd  ymmG, ymmA, ymmE        ; ymmG=(08 18 28 09 0A 1A 2A 0B 0C 1C 2C 0D 0E 1E 2E 0F
-                                        ;       0O 1O 2O 0P 0Q 1Q 2Q 0R 0S 1S 2S 0T 0U 1U 2U 0V)
-    vpunpcklwd  ymmA, ymmA, ymmE        ; ymmA=(00 10 20 01 02 12 22 03 04 14 24 05 06 16 26 07
-                                        ;       0G 1G 2G 0H 0I 1I 2I 0J 0K 1K 2K 0L 0M 1M 2M 0N)
-
-    vpsrldq     ymmE, ymmE, 2           ; ymmE=(22 03 24 05 26 07 28 09 2A 0B 2C 0D 2E 0F 2G 0H
-                                        ;       2I 0J 2K 0L 2M 0N 2O 0P 2Q 0R 2S 0T 2U 0V -- --)
-
-    vpsrldq     ymmB, ymmD, 2           ; ymmB=(13 23 15 25 17 27 19 29 1B 2B 1D 2D 1F 2F 1H 2H
-                                        ;       1J 2J 1L 2L 1N 2N 1P 2P 1R 2R 1T 2T 1V 2V -- --)
-    vpunpckhwd  ymmC, ymmD, ymmH        ; ymmC=(19 29 0A 1A 1B 2B 0C 1C 1D 2D 0E 1E 1F 2F 0G 1G
-                                        ;       1P 2P 0Q 1Q 1R 2R 0S 1S 1T 2T 0U 1U 1V 2V -- --)
-    vpunpcklwd  ymmD, ymmD, ymmH        ; ymmD=(11 21 02 12 13 23 04 14 15 25 06 16 17 27 08 18
-                                        ;       1H 2H 0I 1I 1J 2J 0K 1K 1L 2L 0M 1M 1N 2N 0O 1O)
-
-    vpunpckhwd  ymmF, ymmE, ymmB        ; ymmF=(2A 0B 1B 2B 2C 0D 1D 2D 2E 0F 1F 2F 2G 0H 1H 2H
-                                        ;       2Q 0R 1R 2R 2S 0T 1T 2T 2U 0V 1V 2V -- -- -- --)
-    vpunpcklwd  ymmE, ymmE, ymmB        ; ymmE=(22 03 13 23 24 05 15 25 26 07 17 27 28 09 19 29
-                                        ;       2I 0J 1J 2J 2K 0L 1L 2L 2M 0N 1N 2N 2O 0P 1P 2P)
-
-    vpshufd     ymmH, ymmA, 0x4E        ; ymmH=(04 14 24 05 06 16 26 07 00 10 20 01 02 12 22 03
-                                        ;       0K 1K 2K 0L 0M 1M 2M 0N 0G 1G 2G 0H 0I 1I 2I 0J)
-    vpunpckldq  ymmA, ymmA, ymmD        ; ymmA=(00 10 20 01 11 21 02 12 02 12 22 03 13 23 04 14
-                                        ;       0G 1G 2G 0H 1H 2H 0I 1I 0I 1I 2I 0J 1J 2J 0K 1K)
-    vpunpckhdq  ymmD, ymmD, ymmE        ; ymmD=(15 25 06 16 26 07 17 27 17 27 08 18 28 09 19 29
-                                        ;       1L 2L 0M 1M 2M 0N 1N 2N 1N 2N 0O 1O 2O 0P 1P 2P)
-    vpunpckldq  ymmE, ymmE, ymmH        ; ymmE=(22 03 13 23 04 14 24 05 24 05 15 25 06 16 26 07
-                                        ;       2I 0J 1J 2J 0K 1K 2K 0L 2K 0L 1L 2L 0M 1M 2M 0N)
-
-    vpshufd     ymmH, ymmG, 0x4E        ; ymmH=(0C 1C 2C 0D 0E 1E 2E 0F 08 18 28 09 0A 1A 2A 0B
-                                        ;       0S 1S 2S 0T 0U 1U 2U 0V 0O 1O 2O 0P 0Q 1Q 2Q 0R)
-    vpunpckldq  ymmG, ymmG, ymmC        ; ymmG=(08 18 28 09 19 29 0A 1A 0A 1A 2A 0B 1B 2B 0C 1C
-                                        ;       0O 1O 2O 0P 1P 2P 0Q 1Q 0Q 1Q 2Q 0R 1R 2R 0S 1S)
-    vpunpckhdq  ymmC, ymmC, ymmF        ; ymmC=(1D 2D 0E 1E 2E 0F 1F 2F 1F 2F 0G 1G 2G 0H 1H 2H
-                                        ;       1T 2T 0U 1U 2U 0V 1V 2V 1V 2V -- -- -- -- -- --)
-    vpunpckldq  ymmF, ymmF, ymmH        ; ymmF=(2A 0B 1B 2B 0C 1C 2C 0D 2C 0D 1D 2D 0E 1E 2E 0F
-                                        ;       2Q 0R 1R 2R 0S 1S 2S 0T 2S 0T 1T 2T 0U 1U 2U 0V)
-
-    vpunpcklqdq ymmH, ymmA, ymmE        ; ymmH=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05
-                                        ;       0G 1G 2G 0H 1H 2H 0I 1I 2I 0J 1J 2J 0K 1K 2K 0L)
-    vpunpcklqdq ymmG, ymmD, ymmG        ; ymmG=(15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A
-                                        ;       1L 2L 0M 1M 2M 0N 1N 2N 0O 1O 2O 0P 1P 2P 0Q 1Q)
-    vpunpcklqdq ymmC, ymmF, ymmC        ; ymmC=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F
-                                        ;       2Q 0R 1R 2R 0S 1S 2S 0T 1T 2T 0U 1U 2U 0V 1V 2V)
-
-    vperm2i128  ymmA, ymmH, ymmG, 0x20  ; ymmA=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05
-                                        ;       15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A)
-    vperm2i128  ymmD, ymmC, ymmH, 0x30  ; ymmD=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F
-                                        ;       0G 1G 2G 0H 1H 2H 0I 1I 2I 0J 1J 2J 0K 1K 2K 0L)
-    vperm2i128  ymmF, ymmG, ymmC, 0x31  ; ymmF=(1L 2L 0M 1M 2M 0N 1N 2N 0O 1O 2O 0P 1P 2P 0Q 1Q
-                                        ;       2Q 0R 1R 2R 0S 1S 2S 0T 1T 2T 0U 1U 2U 0V 1V 2V)
-
-    cmp         rcx, byte SIZEOF_YMMWORD
-    jb          short .column_st64
-
-    test        rdi, SIZEOF_YMMWORD-1
-    jnz         short .out1
-    ; --(aligned)-------------------
-    vmovntdq    YMMWORD [rdi+0*SIZEOF_YMMWORD], ymmA
-    vmovntdq    YMMWORD [rdi+1*SIZEOF_YMMWORD], ymmD
-    vmovntdq    YMMWORD [rdi+2*SIZEOF_YMMWORD], ymmF
-    jmp         short .out0
-.out1:  ; --(unaligned)-----------------
-    vmovdqu     YMMWORD [rdi+0*SIZEOF_YMMWORD], ymmA
-    vmovdqu     YMMWORD [rdi+1*SIZEOF_YMMWORD], ymmD
-    vmovdqu     YMMWORD [rdi+2*SIZEOF_YMMWORD], ymmF
-.out0:
-    add         rdi, byte RGB_PIXELSIZE*SIZEOF_YMMWORD  ; outptr
-    sub         rcx, byte SIZEOF_YMMWORD
-    jz          near .endcolumn
-
-    add         rsi, byte SIZEOF_YMMWORD  ; inptr0
-    dec         al                        ; Yctr
-    jnz         near .Yloop_2nd
-
-    add         rbx, byte SIZEOF_YMMWORD  ; inptr1
-    add         rdx, byte SIZEOF_YMMWORD  ; inptr2
-    jmp         near .columnloop
-
-.column_st64:
-    lea         rcx, [rcx+rcx*2]            ; imul ecx, RGB_PIXELSIZE
-    cmp         rcx, byte 2*SIZEOF_YMMWORD
-    jb          short .column_st32
-    vmovdqu     YMMWORD [rdi+0*SIZEOF_YMMWORD], ymmA
-    vmovdqu     YMMWORD [rdi+1*SIZEOF_YMMWORD], ymmD
-    add         rdi, byte 2*SIZEOF_YMMWORD  ; outptr
-    vmovdqa     ymmA, ymmF
-    sub         rcx, byte 2*SIZEOF_YMMWORD
-    jmp         short .column_st31
-.column_st32:
-    cmp         rcx, byte SIZEOF_YMMWORD
-    jb          short .column_st31
-    vmovdqu     YMMWORD [rdi+0*SIZEOF_YMMWORD], ymmA
-    add         rdi, byte SIZEOF_YMMWORD    ; outptr
-    vmovdqa     ymmA, ymmD
-    sub         rcx, byte SIZEOF_YMMWORD
-    jmp         short .column_st31
-.column_st31:
-    cmp         rcx, byte SIZEOF_XMMWORD
-    jb          short .column_st15
-    vmovdqu     XMMWORD [rdi+0*SIZEOF_XMMWORD], xmmA
-    add         rdi, byte SIZEOF_XMMWORD    ; outptr
-    vperm2i128  ymmA, ymmA, ymmA, 1
-    sub         rcx, byte SIZEOF_XMMWORD
-.column_st15:
-    ; Store the lower 8 bytes of xmmA to the output when it has enough
-    ; space.
-    cmp         rcx, byte SIZEOF_MMWORD
-    jb          short .column_st7
-    vmovq       XMM_MMWORD [rdi], xmmA
-    add         rdi, byte SIZEOF_MMWORD
-    sub         rcx, byte SIZEOF_MMWORD
-    vpsrldq     xmmA, xmmA, SIZEOF_MMWORD
-.column_st7:
-    ; Store the lower 4 bytes of xmmA to the output when it has enough
-    ; space.
-    cmp         rcx, byte SIZEOF_DWORD
-    jb          short .column_st3
-    vmovd       XMM_DWORD [rdi], xmmA
-    add         rdi, byte SIZEOF_DWORD
-    sub         rcx, byte SIZEOF_DWORD
-    vpsrldq     xmmA, xmmA, SIZEOF_DWORD
-.column_st3:
-    ; Store the lower 2 bytes of rax to the output when it has enough
-    ; space.
-    vmovd       eax, xmmA
-    cmp         rcx, byte SIZEOF_WORD
-    jb          short .column_st1
-    mov         word [rdi], ax
-    add         rdi, byte SIZEOF_WORD
-    sub         rcx, byte SIZEOF_WORD
-    shr         rax, 16
-.column_st1:
-    ; Store the lower 1 byte of rax to the output when it has enough
-    ; space.
-    test        rcx, rcx
-    jz          short .endcolumn
-    mov         byte [rdi], al
-
-%else  ; RGB_PIXELSIZE == 4 ; -----------
-
-%ifdef RGBX_FILLER_0XFF
-    vpcmpeqb    ymm6, ymm6, ymm6        ; ymm6=XE=X(02468ACE********GIKMOQSU********)
-    vpcmpeqb    ymm7, ymm7, ymm7        ; ymm7=XO=X(13579BDF********HJLNPRTV********)
-%else
-    vpxor       ymm6, ymm6, ymm6        ; ymm6=XE=X(02468ACE********GIKMOQSU********)
-    vpxor       ymm7, ymm7, ymm7        ; ymm7=XO=X(13579BDF********HJLNPRTV********)
-%endif
-    ; ymmA=(00 02 04 06 08 0A 0C 0E ** 0G 0I 0K 0M 0O 0Q 0S 0U **)
-    ; ymmB=(01 03 05 07 09 0B 0D 0F ** 0H 0J 0L 0N 0P 0R 0T 0V **)
-    ; ymmC=(10 12 14 16 18 1A 1C 1E ** 1G 1I 1K 1M 1O 1Q 1S 1U **)
-    ; ymmD=(11 13 15 17 19 1B 1D 1F ** 1H 1J 1L 1N 1P 1R 1T 1V **)
-    ; ymmE=(20 22 24 26 28 2A 2C 2E ** 2G 2I 2K 2M 2O 2Q 2S 2U **)
-    ; ymmF=(21 23 25 27 29 2B 2D 2F ** 2H 2J 2L 2N 2P 2R 2T 2V **)
-    ; ymmG=(30 32 34 36 38 3A 3C 3E ** 3G 3I 3K 3M 3O 3Q 3S 3U **)
-    ; ymmH=(31 33 35 37 39 3B 3D 3F ** 3H 3J 3L 3N 3P 3R 3T 3V **)
-
-    vpunpcklbw  ymmA, ymmA, ymmC        ; ymmA=(00 10 02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E
-                                        ;       0G 1G 0I 1I 0K 1K 0M 1M 0O 1O 0Q 1Q 0S 1S 0U 1U)
-    vpunpcklbw  ymmE, ymmE, ymmG        ; ymmE=(20 30 22 32 24 34 26 36 28 38 2A 3A 2C 3C 2E 3E
-                                        ;       2G 3G 2I 3I 2K 3K 2M 3M 2O 3O 2Q 3Q 2S 3S 2U 3U)
-    vpunpcklbw  ymmB, ymmB, ymmD        ; ymmB=(01 11 03 13 05 15 07 17 09 19 0B 1B 0D 1D 0F 1F
-                                        ;       0H 1H 0J 1J 0L 1L 0N 1N 0P 1P 0R 1R 0T 1T 0V 1V)
-    vpunpcklbw  ymmF, ymmF, ymmH        ; ymmF=(21 31 23 33 25 35 27 37 29 39 2B 3B 2D 3D 2F 3F
-                                        ;       2H 3H 2J 3J 2L 3L 2N 3N 2P 3P 2R 3R 2T 3T 2V 3V)
-
-    vpunpckhwd  ymmC, ymmA, ymmE        ; ymmC=(08 18 28 38 0A 1A 2A 3A 0C 1C 2C 3C 0E 1E 2E 3E
-                                        ;       0O 1O 2O 3O 0Q 1Q 2Q 3Q 0S 1S 2S 3S 0U 1U 2U 3U)
-    vpunpcklwd  ymmA, ymmA, ymmE        ; ymmA=(00 10 20 30 02 12 22 32 04 14 24 34 06 16 26 36
-                                        ;       0G 1G 2G 3G 0I 1I 2I 3I 0K 1K 2K 3K 0M 1M 2M 3M)
-    vpunpckhwd  ymmG, ymmB, ymmF        ; ymmG=(09 19 29 39 0B 1B 2B 3B 0D 1D 2D 3D 0F 1F 2F 3F
-                                        ;       0P 1P 2P 3P 0R 1R 2R 3R 0T 1T 2T 3T 0V 1V 2V 3V)
-    vpunpcklwd  ymmB, ymmB, ymmF        ; ymmB=(01 11 21 31 03 13 23 33 05 15 25 35 07 17 27 37
-                                        ;       0H 1H 2H 3H 0J 1J 2J 3J 0L 1L 2L 3L 0N 1N 2N 3N)
-
-    vpunpckhdq  ymmE, ymmA, ymmB        ; ymmE=(04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37
-                                        ;       0K 1K 2K 3K 0L 1L 2L 3L 0M 1M 2M 3M 0N 1N 2N 3N)
-    vpunpckldq  ymmB, ymmA, ymmB        ; ymmB=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33
-                                        ;       0G 1G 2G 3G 0H 1H 2H 3H 0I 1I 2I 3I 0J 1J 2J 3J)
-    vpunpckhdq  ymmF, ymmC, ymmG        ; ymmF=(0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F
-                                        ;       0S 1S 2S 3S 0T 1T 2T 3T 0U 1U 2U 3U 0V 1V 2V 3V)
-    vpunpckldq  ymmG, ymmC, ymmG        ; ymmG=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B
-                                        ;       0O 1O 2O 3O 0P 1P 2P 3P 0Q 1Q 2Q 3Q 0R 1R 2R 3R)
-
-    vperm2i128  ymmA, ymmB, ymmE, 0x20  ; ymmA=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33
-                                        ;       04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37)
-    vperm2i128  ymmD, ymmG, ymmF, 0x20  ; ymmD=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B
-                                        ;       0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F)
-    vperm2i128  ymmC, ymmB, ymmE, 0x31  ; ymmC=(0G 1G 2G 3G 0H 1H 2H 3H 0I 1I 2I 3I 0J 1J 2J 3J
-                                        ;       0K 1K 2K 3K 0L 1L 2L 3L 0M 1M 2M 3M 0N 1N 2N 3N)
-    vperm2i128  ymmH, ymmG, ymmF, 0x31  ; ymmH=(0O 1O 2O 3O 0P 1P 2P 3P 0Q 1Q 2Q 3Q 0R 1R 2R 3R
-                                        ;       0S 1S 2S 3S 0T 1T 2T 3T 0U 1U 2U 3U 0V 1V 2V 3V)
-
-    cmp         rcx, byte SIZEOF_YMMWORD
-    jb          short .column_st64
-
-    test        rdi, SIZEOF_YMMWORD-1
-    jnz         short .out1
-    ; --(aligned)-------------------
-    vmovntdq    YMMWORD [rdi+0*SIZEOF_YMMWORD], ymmA
-    vmovntdq    YMMWORD [rdi+1*SIZEOF_YMMWORD], ymmD
-    vmovntdq    YMMWORD [rdi+2*SIZEOF_YMMWORD], ymmC
-    vmovntdq    YMMWORD [rdi+3*SIZEOF_YMMWORD], ymmH
-    jmp         short .out0
-.out1:  ; --(unaligned)-----------------
-    vmovdqu     YMMWORD [rdi+0*SIZEOF_YMMWORD], ymmA
-    vmovdqu     YMMWORD [rdi+1*SIZEOF_YMMWORD], ymmD
-    vmovdqu     YMMWORD [rdi+2*SIZEOF_YMMWORD], ymmC
-    vmovdqu     YMMWORD [rdi+3*SIZEOF_YMMWORD], ymmH
-.out0:
-    add         rdi, RGB_PIXELSIZE*SIZEOF_YMMWORD  ; outptr
-    sub         rcx, byte SIZEOF_YMMWORD
-    jz          near .endcolumn
-
-    add         rsi, byte SIZEOF_YMMWORD  ; inptr0
-    dec         al
-    jnz         near .Yloop_2nd
-
-    add         rbx, byte SIZEOF_YMMWORD  ; inptr1
-    add         rdx, byte SIZEOF_YMMWORD  ; inptr2
-    jmp         near .columnloop
-
-.column_st64:
-    cmp         rcx, byte SIZEOF_YMMWORD/2
-    jb          short .column_st32
-    vmovdqu     YMMWORD [rdi+0*SIZEOF_YMMWORD], ymmA
-    vmovdqu     YMMWORD [rdi+1*SIZEOF_YMMWORD], ymmD
-    add         rdi, byte 2*SIZEOF_YMMWORD  ; outptr
-    vmovdqa     ymmA, ymmC
-    vmovdqa     ymmD, ymmH
-    sub         rcx, byte SIZEOF_YMMWORD/2
-.column_st32:
-    cmp         rcx, byte SIZEOF_YMMWORD/4
-    jb          short .column_st16
-    vmovdqu     YMMWORD [rdi+0*SIZEOF_YMMWORD], ymmA
-    add         rdi, byte SIZEOF_YMMWORD    ; outptr
-    vmovdqa     ymmA, ymmD
-    sub         rcx, byte SIZEOF_YMMWORD/4
-.column_st16:
-    cmp         rcx, byte SIZEOF_YMMWORD/8
-    jb          short .column_st15
-    vmovdqu     XMMWORD [rdi+0*SIZEOF_XMMWORD], xmmA
-    add         rdi, byte SIZEOF_XMMWORD    ; outptr
-    vperm2i128  ymmA, ymmA, ymmA, 1
-    sub         rcx, byte SIZEOF_YMMWORD/8
-.column_st15:
-    ; Store two pixels (8 bytes) of ymmA to the output when it has enough
-    ; space.
-    cmp         rcx, byte SIZEOF_YMMWORD/16
-    jb          short .column_st7
-    vmovq       MMWORD [rdi], xmmA
-    add         rdi, byte SIZEOF_YMMWORD/16*4
-    sub         rcx, byte SIZEOF_YMMWORD/16
-    vpsrldq     xmmA, SIZEOF_YMMWORD/16*4
-.column_st7:
-    ; Store one pixel (4 bytes) of ymmA to the output when it has enough
-    ; space.
-    test        rcx, rcx
-    jz          short .endcolumn
-    vmovd       XMM_DWORD [rdi], xmmA
-
-%endif  ; RGB_PIXELSIZE ; ---------------
-
-.endcolumn:
-    sfence                              ; flush the write buffer
-
-.return:
-    pop         rbx
-    vzeroupper
-    uncollect_args 4
-    mov         rsp, rbp                ; rsp <- aligned rbp
-    pop         rsp                     ; rsp <- original rbp
-    pop         rbp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Upsample and color convert for the case of 2:1 horizontal and 2:1 vertical.
-;
-; GLOBAL(void)
-; jsimd_h2v2_merged_upsample_avx2(JDIMENSION output_width,
-;                                 JSAMPIMAGE input_buf,
-;                                 JDIMENSION in_row_group_ctr,
-;                                 JSAMPARRAY output_buf);
-;
-
-; r10d = JDIMENSION output_width
-; r11 = JSAMPIMAGE input_buf
-; r12d = JDIMENSION in_row_group_ctr
-; r13 = JSAMPARRAY output_buf
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v2_merged_upsample_avx2)
-
-EXTN(jsimd_h2v2_merged_upsample_avx2):
-    push        rbp
-    mov         rax, rsp
-    mov         rbp, rsp
-    collect_args 4
-    push        rbx
-
-    mov         eax, r10d
-
-    mov         rdi, r11
-    mov         ecx, r12d
-    mov         rsip, JSAMPARRAY [rdi+0*SIZEOF_JSAMPARRAY]
-    mov         rbxp, JSAMPARRAY [rdi+1*SIZEOF_JSAMPARRAY]
-    mov         rdxp, JSAMPARRAY [rdi+2*SIZEOF_JSAMPARRAY]
-    mov         rdi, r13
-    lea         rsi, [rsi+rcx*SIZEOF_JSAMPROW]
-
-    sub         rsp, SIZEOF_JSAMPARRAY*4
-    mov         JSAMPARRAY [rsp+0*SIZEOF_JSAMPARRAY], rsip  ; intpr00
-    mov         JSAMPARRAY [rsp+1*SIZEOF_JSAMPARRAY], rbxp  ; intpr1
-    mov         JSAMPARRAY [rsp+2*SIZEOF_JSAMPARRAY], rdxp  ; intpr2
-    mov         rbx, rsp
-
-    push        rdi
-    push        rcx
-    push        rax
-
-    %ifdef WIN64
-    mov         r8, rcx
-    mov         r9, rdi
-    mov         rcx, rax
-    mov         rdx, rbx
-    %else
-    mov         rdx, rcx
-    mov         rcx, rdi
-    mov         rdi, rax
-    mov         rsi, rbx
-    %endif
-
-    call        EXTN(jsimd_h2v1_merged_upsample_avx2)
-
-    pop         rax
-    pop         rcx
-    pop         rdi
-    mov         rsip, JSAMPARRAY [rsp+0*SIZEOF_JSAMPARRAY]
-    mov         rbxp, JSAMPARRAY [rsp+1*SIZEOF_JSAMPARRAY]
-    mov         rdxp, JSAMPARRAY [rsp+2*SIZEOF_JSAMPARRAY]
-
-    add         rdi, byte SIZEOF_JSAMPROW  ; outptr1
-    add         rsi, byte SIZEOF_JSAMPROW  ; inptr01
-
-    mov         JSAMPARRAY [rsp+0*SIZEOF_JSAMPARRAY], rsip  ; intpr00
-    mov         JSAMPARRAY [rsp+1*SIZEOF_JSAMPARRAY], rbxp  ; intpr1
-    mov         JSAMPARRAY [rsp+2*SIZEOF_JSAMPARRAY], rdxp  ; intpr2
-    mov         rbx, rsp
-
-    push        rdi
-    push        rcx
-    push        rax
-
-    %ifdef WIN64
-    mov         r8, rcx
-    mov         r9, rdi
-    mov         rcx, rax
-    mov         rdx, rbx
-    %else
-    mov         rdx, rcx
-    mov         rcx, rdi
-    mov         rdi, rax
-    mov         rsi, rbx
-    %endif
-
-    call        EXTN(jsimd_h2v1_merged_upsample_avx2)
-
-    pop         rax
-    pop         rcx
-    pop         rdi
-    mov         rsip, JSAMPARRAY [rsp+0*SIZEOF_JSAMPARRAY]
-    mov         rbxp, JSAMPARRAY [rsp+1*SIZEOF_JSAMPARRAY]
-    mov         rdxp, JSAMPARRAY [rsp+2*SIZEOF_JSAMPARRAY]
-    add         rsp, SIZEOF_JSAMPARRAY*4
-
-    pop         rbx
-    uncollect_args 4
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdmrgext-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdmrgext-sse2.asm
deleted file mode 100644
index eb3ab9d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdmrgext-sse2.asm
+++ /dev/null
@@ -1,538 +0,0 @@
-;
-; jdmrgext.asm - merged upsampling/color conversion (64-bit SSE2)
-;
-; Copyright 2009, 2012 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2012, 2016, D. R. Commander.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jcolsamp.inc"
-
-; --------------------------------------------------------------------------
-;
-; Upsample and color convert for the case of 2:1 horizontal and 1:1 vertical.
-;
-; GLOBAL(void)
-; jsimd_h2v1_merged_upsample_sse2(JDIMENSION output_width,
-;                                 JSAMPIMAGE input_buf,
-;                                 JDIMENSION in_row_group_ctr,
-;                                 JSAMPARRAY output_buf);
-;
-
-; r10d = JDIMENSION output_width
-; r11 = JSAMPIMAGE input_buf
-; r12d = JDIMENSION in_row_group_ctr
-; r13 = JSAMPARRAY output_buf
-
-%define wk(i)   rbp - (WK_NUM - (i)) * SIZEOF_XMMWORD  ; xmmword wk[WK_NUM]
-%define WK_NUM  3
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v1_merged_upsample_sse2)
-
-EXTN(jsimd_h2v1_merged_upsample_sse2):
-    push        rbp
-    mov         rax, rsp                     ; rax = original rbp
-    sub         rsp, byte 4
-    and         rsp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [rsp], rax
-    mov         rbp, rsp                     ; rbp = aligned rbp
-    lea         rsp, [wk(0)]
-    collect_args 4
-    push        rbx
-
-    mov         ecx, r10d               ; col
-    test        rcx, rcx
-    jz          near .return
-
-    push        rcx
-
-    mov         rdi, r11
-    mov         ecx, r12d
-    mov         rsip, JSAMPARRAY [rdi+0*SIZEOF_JSAMPARRAY]
-    mov         rbxp, JSAMPARRAY [rdi+1*SIZEOF_JSAMPARRAY]
-    mov         rdxp, JSAMPARRAY [rdi+2*SIZEOF_JSAMPARRAY]
-    mov         rdi, r13
-    mov         rsip, JSAMPROW [rsi+rcx*SIZEOF_JSAMPROW]  ; inptr0
-    mov         rbxp, JSAMPROW [rbx+rcx*SIZEOF_JSAMPROW]  ; inptr1
-    mov         rdxp, JSAMPROW [rdx+rcx*SIZEOF_JSAMPROW]  ; inptr2
-    mov         rdip, JSAMPROW [rdi]                      ; outptr
-
-    pop         rcx                     ; col
-
-.columnloop:
-
-    movdqa      xmm6, XMMWORD [rbx]     ; xmm6=Cb(0123456789ABCDEF)
-    movdqa      xmm7, XMMWORD [rdx]     ; xmm7=Cr(0123456789ABCDEF)
-
-    pxor        xmm1, xmm1              ; xmm1=(all 0's)
-    pcmpeqw     xmm3, xmm3
-    psllw       xmm3, 7                 ; xmm3={0xFF80 0xFF80 0xFF80 0xFF80 ..}
-
-    movdqa      xmm4, xmm6
-    punpckhbw   xmm6, xmm1              ; xmm6=Cb(89ABCDEF)=CbH
-    punpcklbw   xmm4, xmm1              ; xmm4=Cb(01234567)=CbL
-    movdqa      xmm0, xmm7
-    punpckhbw   xmm7, xmm1              ; xmm7=Cr(89ABCDEF)=CrH
-    punpcklbw   xmm0, xmm1              ; xmm0=Cr(01234567)=CrL
-
-    paddw       xmm6, xmm3
-    paddw       xmm4, xmm3
-    paddw       xmm7, xmm3
-    paddw       xmm0, xmm3
-
-    ; (Original)
-    ; R = Y                + 1.40200 * Cr
-    ; G = Y - 0.34414 * Cb - 0.71414 * Cr
-    ; B = Y + 1.77200 * Cb
-    ;
-    ; (This implementation)
-    ; R = Y                + 0.40200 * Cr + Cr
-    ; G = Y - 0.34414 * Cb + 0.28586 * Cr - Cr
-    ; B = Y - 0.22800 * Cb + Cb + Cb
-
-    movdqa      xmm5, xmm6              ; xmm5=CbH
-    movdqa      xmm2, xmm4              ; xmm2=CbL
-    paddw       xmm6, xmm6              ; xmm6=2*CbH
-    paddw       xmm4, xmm4              ; xmm4=2*CbL
-    movdqa      xmm1, xmm7              ; xmm1=CrH
-    movdqa      xmm3, xmm0              ; xmm3=CrL
-    paddw       xmm7, xmm7              ; xmm7=2*CrH
-    paddw       xmm0, xmm0              ; xmm0=2*CrL
-
-    pmulhw      xmm6, [rel PW_MF0228]   ; xmm6=(2*CbH * -FIX(0.22800))
-    pmulhw      xmm4, [rel PW_MF0228]   ; xmm4=(2*CbL * -FIX(0.22800))
-    pmulhw      xmm7, [rel PW_F0402]    ; xmm7=(2*CrH * FIX(0.40200))
-    pmulhw      xmm0, [rel PW_F0402]    ; xmm0=(2*CrL * FIX(0.40200))
-
-    paddw       xmm6, [rel PW_ONE]
-    paddw       xmm4, [rel PW_ONE]
-    psraw       xmm6, 1                 ; xmm6=(CbH * -FIX(0.22800))
-    psraw       xmm4, 1                 ; xmm4=(CbL * -FIX(0.22800))
-    paddw       xmm7, [rel PW_ONE]
-    paddw       xmm0, [rel PW_ONE]
-    psraw       xmm7, 1                 ; xmm7=(CrH * FIX(0.40200))
-    psraw       xmm0, 1                 ; xmm0=(CrL * FIX(0.40200))
-
-    paddw       xmm6, xmm5
-    paddw       xmm4, xmm2
-    paddw       xmm6, xmm5              ; xmm6=(CbH * FIX(1.77200))=(B-Y)H
-    paddw       xmm4, xmm2              ; xmm4=(CbL * FIX(1.77200))=(B-Y)L
-    paddw       xmm7, xmm1              ; xmm7=(CrH * FIX(1.40200))=(R-Y)H
-    paddw       xmm0, xmm3              ; xmm0=(CrL * FIX(1.40200))=(R-Y)L
-
-    movdqa      XMMWORD [wk(0)], xmm6   ; wk(0)=(B-Y)H
-    movdqa      XMMWORD [wk(1)], xmm7   ; wk(1)=(R-Y)H
-
-    movdqa      xmm6, xmm5
-    movdqa      xmm7, xmm2
-    punpcklwd   xmm5, xmm1
-    punpckhwd   xmm6, xmm1
-    pmaddwd     xmm5, [rel PW_MF0344_F0285]
-    pmaddwd     xmm6, [rel PW_MF0344_F0285]
-    punpcklwd   xmm2, xmm3
-    punpckhwd   xmm7, xmm3
-    pmaddwd     xmm2, [rel PW_MF0344_F0285]
-    pmaddwd     xmm7, [rel PW_MF0344_F0285]
-
-    paddd       xmm5, [rel PD_ONEHALF]
-    paddd       xmm6, [rel PD_ONEHALF]
-    psrad       xmm5, SCALEBITS
-    psrad       xmm6, SCALEBITS
-    paddd       xmm2, [rel PD_ONEHALF]
-    paddd       xmm7, [rel PD_ONEHALF]
-    psrad       xmm2, SCALEBITS
-    psrad       xmm7, SCALEBITS
-
-    packssdw    xmm5, xmm6              ; xmm5=CbH*-FIX(0.344)+CrH*FIX(0.285)
-    packssdw    xmm2, xmm7              ; xmm2=CbL*-FIX(0.344)+CrL*FIX(0.285)
-    psubw       xmm5, xmm1              ; xmm5=CbH*-FIX(0.344)+CrH*-FIX(0.714)=(G-Y)H
-    psubw       xmm2, xmm3              ; xmm2=CbL*-FIX(0.344)+CrL*-FIX(0.714)=(G-Y)L
-
-    movdqa      XMMWORD [wk(2)], xmm5   ; wk(2)=(G-Y)H
-
-    mov         al, 2                   ; Yctr
-    jmp         short .Yloop_1st
-
-.Yloop_2nd:
-    movdqa      xmm0, XMMWORD [wk(1)]   ; xmm0=(R-Y)H
-    movdqa      xmm2, XMMWORD [wk(2)]   ; xmm2=(G-Y)H
-    movdqa      xmm4, XMMWORD [wk(0)]   ; xmm4=(B-Y)H
-
-.Yloop_1st:
-    movdqa      xmm7, XMMWORD [rsi]     ; xmm7=Y(0123456789ABCDEF)
-
-    pcmpeqw     xmm6, xmm6
-    psrlw       xmm6, BYTE_BIT          ; xmm6={0xFF 0x00 0xFF 0x00 ..}
-    pand        xmm6, xmm7              ; xmm6=Y(02468ACE)=YE
-    psrlw       xmm7, BYTE_BIT          ; xmm7=Y(13579BDF)=YO
-
-    movdqa      xmm1, xmm0              ; xmm1=xmm0=(R-Y)(L/H)
-    movdqa      xmm3, xmm2              ; xmm3=xmm2=(G-Y)(L/H)
-    movdqa      xmm5, xmm4              ; xmm5=xmm4=(B-Y)(L/H)
-
-    paddw       xmm0, xmm6              ; xmm0=((R-Y)+YE)=RE=R(02468ACE)
-    paddw       xmm1, xmm7              ; xmm1=((R-Y)+YO)=RO=R(13579BDF)
-    packuswb    xmm0, xmm0              ; xmm0=R(02468ACE********)
-    packuswb    xmm1, xmm1              ; xmm1=R(13579BDF********)
-
-    paddw       xmm2, xmm6              ; xmm2=((G-Y)+YE)=GE=G(02468ACE)
-    paddw       xmm3, xmm7              ; xmm3=((G-Y)+YO)=GO=G(13579BDF)
-    packuswb    xmm2, xmm2              ; xmm2=G(02468ACE********)
-    packuswb    xmm3, xmm3              ; xmm3=G(13579BDF********)
-
-    paddw       xmm4, xmm6              ; xmm4=((B-Y)+YE)=BE=B(02468ACE)
-    paddw       xmm5, xmm7              ; xmm5=((B-Y)+YO)=BO=B(13579BDF)
-    packuswb    xmm4, xmm4              ; xmm4=B(02468ACE********)
-    packuswb    xmm5, xmm5              ; xmm5=B(13579BDF********)
-
-%if RGB_PIXELSIZE == 3  ; ---------------
-
-    ; xmmA=(00 02 04 06 08 0A 0C 0E **), xmmB=(01 03 05 07 09 0B 0D 0F **)
-    ; xmmC=(10 12 14 16 18 1A 1C 1E **), xmmD=(11 13 15 17 19 1B 1D 1F **)
-    ; xmmE=(20 22 24 26 28 2A 2C 2E **), xmmF=(21 23 25 27 29 2B 2D 2F **)
-    ; xmmG=(** ** ** ** ** ** ** ** **), xmmH=(** ** ** ** ** ** ** ** **)
-
-    punpcklbw   xmmA, xmmC        ; xmmA=(00 10 02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E)
-    punpcklbw   xmmE, xmmB        ; xmmE=(20 01 22 03 24 05 26 07 28 09 2A 0B 2C 0D 2E 0F)
-    punpcklbw   xmmD, xmmF        ; xmmD=(11 21 13 23 15 25 17 27 19 29 1B 2B 1D 2D 1F 2F)
-
-    movdqa      xmmG, xmmA
-    movdqa      xmmH, xmmA
-    punpcklwd   xmmA, xmmE        ; xmmA=(00 10 20 01 02 12 22 03 04 14 24 05 06 16 26 07)
-    punpckhwd   xmmG, xmmE        ; xmmG=(08 18 28 09 0A 1A 2A 0B 0C 1C 2C 0D 0E 1E 2E 0F)
-
-    psrldq      xmmH, 2           ; xmmH=(02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E -- --)
-    psrldq      xmmE, 2           ; xmmE=(22 03 24 05 26 07 28 09 2A 0B 2C 0D 2E 0F -- --)
-
-    movdqa      xmmC, xmmD
-    movdqa      xmmB, xmmD
-    punpcklwd   xmmD, xmmH        ; xmmD=(11 21 02 12 13 23 04 14 15 25 06 16 17 27 08 18)
-    punpckhwd   xmmC, xmmH        ; xmmC=(19 29 0A 1A 1B 2B 0C 1C 1D 2D 0E 1E 1F 2F -- --)
-
-    psrldq      xmmB, 2           ; xmmB=(13 23 15 25 17 27 19 29 1B 2B 1D 2D 1F 2F -- --)
-
-    movdqa      xmmF, xmmE
-    punpcklwd   xmmE, xmmB        ; xmmE=(22 03 13 23 24 05 15 25 26 07 17 27 28 09 19 29)
-    punpckhwd   xmmF, xmmB        ; xmmF=(2A 0B 1B 2B 2C 0D 1D 2D 2E 0F 1F 2F -- -- -- --)
-
-    pshufd      xmmH, xmmA, 0x4E  ; xmmH=(04 14 24 05 06 16 26 07 00 10 20 01 02 12 22 03)
-    movdqa      xmmB, xmmE
-    punpckldq   xmmA, xmmD        ; xmmA=(00 10 20 01 11 21 02 12 02 12 22 03 13 23 04 14)
-    punpckldq   xmmE, xmmH        ; xmmE=(22 03 13 23 04 14 24 05 24 05 15 25 06 16 26 07)
-    punpckhdq   xmmD, xmmB        ; xmmD=(15 25 06 16 26 07 17 27 17 27 08 18 28 09 19 29)
-
-    pshufd      xmmH, xmmG, 0x4E  ; xmmH=(0C 1C 2C 0D 0E 1E 2E 0F 08 18 28 09 0A 1A 2A 0B)
-    movdqa      xmmB, xmmF
-    punpckldq   xmmG, xmmC        ; xmmG=(08 18 28 09 19 29 0A 1A 0A 1A 2A 0B 1B 2B 0C 1C)
-    punpckldq   xmmF, xmmH        ; xmmF=(2A 0B 1B 2B 0C 1C 2C 0D 2C 0D 1D 2D 0E 1E 2E 0F)
-    punpckhdq   xmmC, xmmB        ; xmmC=(1D 2D 0E 1E 2E 0F 1F 2F 1F 2F -- -- -- -- -- --)
-
-    punpcklqdq  xmmA, xmmE        ; xmmA=(00 10 20 01 11 21 02 12 22 03 13 23 04 14 24 05)
-    punpcklqdq  xmmD, xmmG        ; xmmD=(15 25 06 16 26 07 17 27 08 18 28 09 19 29 0A 1A)
-    punpcklqdq  xmmF, xmmC        ; xmmF=(2A 0B 1B 2B 0C 1C 2C 0D 1D 2D 0E 1E 2E 0F 1F 2F)
-
-    cmp         rcx, byte SIZEOF_XMMWORD
-    jb          short .column_st32
-
-    test        rdi, SIZEOF_XMMWORD-1
-    jnz         short .out1
-    ; --(aligned)-------------------
-    movntdq     XMMWORD [rdi+0*SIZEOF_XMMWORD], xmmA
-    movntdq     XMMWORD [rdi+1*SIZEOF_XMMWORD], xmmD
-    movntdq     XMMWORD [rdi+2*SIZEOF_XMMWORD], xmmF
-    jmp         short .out0
-.out1:  ; --(unaligned)-----------------
-    movdqu      XMMWORD [rdi+0*SIZEOF_XMMWORD], xmmA
-    movdqu      XMMWORD [rdi+1*SIZEOF_XMMWORD], xmmD
-    movdqu      XMMWORD [rdi+2*SIZEOF_XMMWORD], xmmF
-.out0:
-    add         rdi, byte RGB_PIXELSIZE*SIZEOF_XMMWORD  ; outptr
-    sub         rcx, byte SIZEOF_XMMWORD
-    jz          near .endcolumn
-
-    add         rsi, byte SIZEOF_XMMWORD  ; inptr0
-    dec         al                        ; Yctr
-    jnz         near .Yloop_2nd
-
-    add         rbx, byte SIZEOF_XMMWORD  ; inptr1
-    add         rdx, byte SIZEOF_XMMWORD  ; inptr2
-    jmp         near .columnloop
-
-.column_st32:
-    lea         rcx, [rcx+rcx*2]            ; imul ecx, RGB_PIXELSIZE
-    cmp         rcx, byte 2*SIZEOF_XMMWORD
-    jb          short .column_st16
-    movdqu      XMMWORD [rdi+0*SIZEOF_XMMWORD], xmmA
-    movdqu      XMMWORD [rdi+1*SIZEOF_XMMWORD], xmmD
-    add         rdi, byte 2*SIZEOF_XMMWORD  ; outptr
-    movdqa      xmmA, xmmF
-    sub         rcx, byte 2*SIZEOF_XMMWORD
-    jmp         short .column_st15
-.column_st16:
-    cmp         rcx, byte SIZEOF_XMMWORD
-    jb          short .column_st15
-    movdqu      XMMWORD [rdi+0*SIZEOF_XMMWORD], xmmA
-    add         rdi, byte SIZEOF_XMMWORD    ; outptr
-    movdqa      xmmA, xmmD
-    sub         rcx, byte SIZEOF_XMMWORD
-.column_st15:
-    ; Store the lower 8 bytes of xmmA to the output when it has enough
-    ; space.
-    cmp         rcx, byte SIZEOF_MMWORD
-    jb          short .column_st7
-    movq        XMM_MMWORD [rdi], xmmA
-    add         rdi, byte SIZEOF_MMWORD
-    sub         rcx, byte SIZEOF_MMWORD
-    psrldq      xmmA, SIZEOF_MMWORD
-.column_st7:
-    ; Store the lower 4 bytes of xmmA to the output when it has enough
-    ; space.
-    cmp         rcx, byte SIZEOF_DWORD
-    jb          short .column_st3
-    movd        XMM_DWORD [rdi], xmmA
-    add         rdi, byte SIZEOF_DWORD
-    sub         rcx, byte SIZEOF_DWORD
-    psrldq      xmmA, SIZEOF_DWORD
-.column_st3:
-    ; Store the lower 2 bytes of rax to the output when it has enough
-    ; space.
-    movd        eax, xmmA
-    cmp         rcx, byte SIZEOF_WORD
-    jb          short .column_st1
-    mov         word [rdi], ax
-    add         rdi, byte SIZEOF_WORD
-    sub         rcx, byte SIZEOF_WORD
-    shr         rax, 16
-.column_st1:
-    ; Store the lower 1 byte of rax to the output when it has enough
-    ; space.
-    test        rcx, rcx
-    jz          short .endcolumn
-    mov         byte [rdi], al
-
-%else  ; RGB_PIXELSIZE == 4 ; -----------
-
-%ifdef RGBX_FILLER_0XFF
-    pcmpeqb     xmm6, xmm6              ; xmm6=XE=X(02468ACE********)
-    pcmpeqb     xmm7, xmm7              ; xmm7=XO=X(13579BDF********)
-%else
-    pxor        xmm6, xmm6              ; xmm6=XE=X(02468ACE********)
-    pxor        xmm7, xmm7              ; xmm7=XO=X(13579BDF********)
-%endif
-    ; xmmA=(00 02 04 06 08 0A 0C 0E **), xmmB=(01 03 05 07 09 0B 0D 0F **)
-    ; xmmC=(10 12 14 16 18 1A 1C 1E **), xmmD=(11 13 15 17 19 1B 1D 1F **)
-    ; xmmE=(20 22 24 26 28 2A 2C 2E **), xmmF=(21 23 25 27 29 2B 2D 2F **)
-    ; xmmG=(30 32 34 36 38 3A 3C 3E **), xmmH=(31 33 35 37 39 3B 3D 3F **)
-
-    punpcklbw   xmmA, xmmC  ; xmmA=(00 10 02 12 04 14 06 16 08 18 0A 1A 0C 1C 0E 1E)
-    punpcklbw   xmmE, xmmG  ; xmmE=(20 30 22 32 24 34 26 36 28 38 2A 3A 2C 3C 2E 3E)
-    punpcklbw   xmmB, xmmD  ; xmmB=(01 11 03 13 05 15 07 17 09 19 0B 1B 0D 1D 0F 1F)
-    punpcklbw   xmmF, xmmH  ; xmmF=(21 31 23 33 25 35 27 37 29 39 2B 3B 2D 3D 2F 3F)
-
-    movdqa      xmmC, xmmA
-    punpcklwd   xmmA, xmmE  ; xmmA=(00 10 20 30 02 12 22 32 04 14 24 34 06 16 26 36)
-    punpckhwd   xmmC, xmmE  ; xmmC=(08 18 28 38 0A 1A 2A 3A 0C 1C 2C 3C 0E 1E 2E 3E)
-    movdqa      xmmG, xmmB
-    punpcklwd   xmmB, xmmF  ; xmmB=(01 11 21 31 03 13 23 33 05 15 25 35 07 17 27 37)
-    punpckhwd   xmmG, xmmF  ; xmmG=(09 19 29 39 0B 1B 2B 3B 0D 1D 2D 3D 0F 1F 2F 3F)
-
-    movdqa      xmmD, xmmA
-    punpckldq   xmmA, xmmB  ; xmmA=(00 10 20 30 01 11 21 31 02 12 22 32 03 13 23 33)
-    punpckhdq   xmmD, xmmB  ; xmmD=(04 14 24 34 05 15 25 35 06 16 26 36 07 17 27 37)
-    movdqa      xmmH, xmmC
-    punpckldq   xmmC, xmmG  ; xmmC=(08 18 28 38 09 19 29 39 0A 1A 2A 3A 0B 1B 2B 3B)
-    punpckhdq   xmmH, xmmG  ; xmmH=(0C 1C 2C 3C 0D 1D 2D 3D 0E 1E 2E 3E 0F 1F 2F 3F)
-
-    cmp         rcx, byte SIZEOF_XMMWORD
-    jb          short .column_st32
-
-    test        rdi, SIZEOF_XMMWORD-1
-    jnz         short .out1
-    ; --(aligned)-------------------
-    movntdq     XMMWORD [rdi+0*SIZEOF_XMMWORD], xmmA
-    movntdq     XMMWORD [rdi+1*SIZEOF_XMMWORD], xmmD
-    movntdq     XMMWORD [rdi+2*SIZEOF_XMMWORD], xmmC
-    movntdq     XMMWORD [rdi+3*SIZEOF_XMMWORD], xmmH
-    jmp         short .out0
-.out1:  ; --(unaligned)-----------------
-    movdqu      XMMWORD [rdi+0*SIZEOF_XMMWORD], xmmA
-    movdqu      XMMWORD [rdi+1*SIZEOF_XMMWORD], xmmD
-    movdqu      XMMWORD [rdi+2*SIZEOF_XMMWORD], xmmC
-    movdqu      XMMWORD [rdi+3*SIZEOF_XMMWORD], xmmH
-.out0:
-    add         rdi, byte RGB_PIXELSIZE*SIZEOF_XMMWORD  ; outptr
-    sub         rcx, byte SIZEOF_XMMWORD
-    jz          near .endcolumn
-
-    add         rsi, byte SIZEOF_XMMWORD  ; inptr0
-    dec         al                        ; Yctr
-    jnz         near .Yloop_2nd
-
-    add         rbx, byte SIZEOF_XMMWORD  ; inptr1
-    add         rdx, byte SIZEOF_XMMWORD  ; inptr2
-    jmp         near .columnloop
-
-.column_st32:
-    cmp         rcx, byte SIZEOF_XMMWORD/2
-    jb          short .column_st16
-    movdqu      XMMWORD [rdi+0*SIZEOF_XMMWORD], xmmA
-    movdqu      XMMWORD [rdi+1*SIZEOF_XMMWORD], xmmD
-    add         rdi, byte 2*SIZEOF_XMMWORD  ; outptr
-    movdqa      xmmA, xmmC
-    movdqa      xmmD, xmmH
-    sub         rcx, byte SIZEOF_XMMWORD/2
-.column_st16:
-    cmp         rcx, byte SIZEOF_XMMWORD/4
-    jb          short .column_st15
-    movdqu      XMMWORD [rdi+0*SIZEOF_XMMWORD], xmmA
-    add         rdi, byte SIZEOF_XMMWORD    ; outptr
-    movdqa      xmmA, xmmD
-    sub         rcx, byte SIZEOF_XMMWORD/4
-.column_st15:
-    ; Store two pixels (8 bytes) of xmmA to the output when it has enough
-    ; space.
-    cmp         rcx, byte SIZEOF_XMMWORD/8
-    jb          short .column_st7
-    movq        XMM_MMWORD [rdi], xmmA
-    add         rdi, byte SIZEOF_XMMWORD/8*4
-    sub         rcx, byte SIZEOF_XMMWORD/8
-    psrldq      xmmA, SIZEOF_XMMWORD/8*4
-.column_st7:
-    ; Store one pixel (4 bytes) of xmmA to the output when it has enough
-    ; space.
-    test        rcx, rcx
-    jz          short .endcolumn
-    movd        XMM_DWORD [rdi], xmmA
-
-%endif  ; RGB_PIXELSIZE ; ---------------
-
-.endcolumn:
-    sfence                              ; flush the write buffer
-
-.return:
-    pop         rbx
-    uncollect_args 4
-    mov         rsp, rbp                ; rsp <- aligned rbp
-    pop         rsp                     ; rsp <- original rbp
-    pop         rbp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Upsample and color convert for the case of 2:1 horizontal and 2:1 vertical.
-;
-; GLOBAL(void)
-; jsimd_h2v2_merged_upsample_sse2(JDIMENSION output_width,
-;                                 JSAMPIMAGE input_buf,
-;                                 JDIMENSION in_row_group_ctr,
-;                                 JSAMPARRAY output_buf);
-;
-
-; r10d = JDIMENSION output_width
-; r11 = JSAMPIMAGE input_buf
-; r12d = JDIMENSION in_row_group_ctr
-; r13 = JSAMPARRAY output_buf
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v2_merged_upsample_sse2)
-
-EXTN(jsimd_h2v2_merged_upsample_sse2):
-    push        rbp
-    mov         rax, rsp
-    mov         rbp, rsp
-    collect_args 4
-    push        rbx
-
-    mov         eax, r10d
-
-    mov         rdi, r11
-    mov         ecx, r12d
-    mov         rsip, JSAMPARRAY [rdi+0*SIZEOF_JSAMPARRAY]
-    mov         rbxp, JSAMPARRAY [rdi+1*SIZEOF_JSAMPARRAY]
-    mov         rdxp, JSAMPARRAY [rdi+2*SIZEOF_JSAMPARRAY]
-    mov         rdi, r13
-    lea         rsi, [rsi+rcx*SIZEOF_JSAMPROW]
-
-    sub         rsp, SIZEOF_JSAMPARRAY*4
-    mov         JSAMPARRAY [rsp+0*SIZEOF_JSAMPARRAY], rsip  ; intpr00
-    mov         JSAMPARRAY [rsp+1*SIZEOF_JSAMPARRAY], rbxp  ; intpr1
-    mov         JSAMPARRAY [rsp+2*SIZEOF_JSAMPARRAY], rdxp  ; intpr2
-    mov         rbx, rsp
-
-    push        rdi
-    push        rcx
-    push        rax
-
-    %ifdef WIN64
-    mov         r8, rcx
-    mov         r9, rdi
-    mov         rcx, rax
-    mov         rdx, rbx
-    %else
-    mov         rdx, rcx
-    mov         rcx, rdi
-    mov         rdi, rax
-    mov         rsi, rbx
-    %endif
-
-    call        EXTN(jsimd_h2v1_merged_upsample_sse2)
-
-    pop         rax
-    pop         rcx
-    pop         rdi
-    mov         rsip, JSAMPARRAY [rsp+0*SIZEOF_JSAMPARRAY]
-    mov         rbxp, JSAMPARRAY [rsp+1*SIZEOF_JSAMPARRAY]
-    mov         rdxp, JSAMPARRAY [rsp+2*SIZEOF_JSAMPARRAY]
-
-    add         rdi, byte SIZEOF_JSAMPROW  ; outptr1
-    add         rsi, byte SIZEOF_JSAMPROW  ; inptr01
-
-    mov         JSAMPARRAY [rsp+0*SIZEOF_JSAMPARRAY], rsip  ; intpr00
-    mov         JSAMPARRAY [rsp+1*SIZEOF_JSAMPARRAY], rbxp  ; intpr1
-    mov         JSAMPARRAY [rsp+2*SIZEOF_JSAMPARRAY], rdxp  ; intpr2
-    mov         rbx, rsp
-
-    push        rdi
-    push        rcx
-    push        rax
-
-    %ifdef WIN64
-    mov         r8, rcx
-    mov         r9, rdi
-    mov         rcx, rax
-    mov         rdx, rbx
-    %else
-    mov         rdx, rcx
-    mov         rcx, rdi
-    mov         rdi, rax
-    mov         rsi, rbx
-    %endif
-
-    call        EXTN(jsimd_h2v1_merged_upsample_sse2)
-
-    pop         rax
-    pop         rcx
-    pop         rdi
-    mov         rsip, JSAMPARRAY [rsp+0*SIZEOF_JSAMPARRAY]
-    mov         rbxp, JSAMPARRAY [rsp+1*SIZEOF_JSAMPARRAY]
-    mov         rdxp, JSAMPARRAY [rsp+2*SIZEOF_JSAMPARRAY]
-    add         rsp, SIZEOF_JSAMPARRAY*4
-
-    pop         rbx
-    uncollect_args 4
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdsample-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdsample-avx2.asm
deleted file mode 100644
index 1e4979f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdsample-avx2.asm
+++ /dev/null
@@ -1,696 +0,0 @@
-;
-; jdsample.asm - upsampling (64-bit AVX2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-; Copyright (C) 2015, Intel Corporation.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_fancy_upsample_avx2)
-
-EXTN(jconst_fancy_upsample_avx2):
-
-PW_ONE   times 16 dw 1
-PW_TWO   times 16 dw 2
-PW_THREE times 16 dw 3
-PW_SEVEN times 16 dw 7
-PW_EIGHT times 16 dw 8
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-;
-; Fancy processing for the common case of 2:1 horizontal and 1:1 vertical.
-;
-; The upsampling algorithm is linear interpolation between pixel centers,
-; also known as a "triangle filter".  This is a good compromise between
-; speed and visual quality.  The centers of the output pixels are 1/4 and 3/4
-; of the way between input pixel centers.
-;
-; GLOBAL(void)
-; jsimd_h2v1_fancy_upsample_avx2(int max_v_samp_factor,
-;                                JDIMENSION downsampled_width,
-;                                JSAMPARRAY input_data,
-;                                JSAMPARRAY *output_data_ptr);
-;
-
-; r10 = int max_v_samp_factor
-; r11d = JDIMENSION downsampled_width
-; r12 = JSAMPARRAY input_data
-; r13 = JSAMPARRAY *output_data_ptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v1_fancy_upsample_avx2)
-
-EXTN(jsimd_h2v1_fancy_upsample_avx2):
-    push        rbp
-    mov         rax, rsp
-    mov         rbp, rsp
-    push_xmm    3
-    collect_args 4
-
-    mov         eax, r11d               ; colctr
-    test        rax, rax
-    jz          near .return
-
-    mov         rcx, r10                ; rowctr
-    test        rcx, rcx
-    jz          near .return
-
-    mov         rsi, r12                ; input_data
-    mov         rdi, r13
-    mov         rdip, JSAMPARRAY [rdi]  ; output_data
-
-    vpxor       ymm0, ymm0, ymm0                 ; ymm0=(all 0's)
-    vpcmpeqb    xmm9, xmm9, xmm9
-    vpsrldq     xmm10, xmm9, (SIZEOF_XMMWORD-1)  ; (ff -- -- -- ... -- --) LSB is ff
-
-    vpslldq     xmm9, xmm9, (SIZEOF_XMMWORD-1)
-    vperm2i128  ymm9, ymm9, ymm9, 1              ; (---- ---- ... ---- ---- ff) MSB is ff
-
-.rowloop:
-    push        rax                     ; colctr
-    push        rdi
-    push        rsi
-
-    mov         rsip, JSAMPROW [rsi]    ; inptr
-    mov         rdip, JSAMPROW [rdi]    ; outptr
-
-    test        rax, SIZEOF_YMMWORD-1
-    jz          short .skip
-    mov         dl, JSAMPLE [rsi+(rax-1)*SIZEOF_JSAMPLE]
-    mov         JSAMPLE [rsi+rax*SIZEOF_JSAMPLE], dl    ; insert a dummy sample
-.skip:
-    vpand       ymm7, ymm10, YMMWORD [rsi+0*SIZEOF_YMMWORD]
-
-    add         rax, byte SIZEOF_YMMWORD-1
-    and         rax, byte -SIZEOF_YMMWORD
-    cmp         rax, byte SIZEOF_YMMWORD
-    ja          short .columnloop
-
-.columnloop_last:
-    vpand       ymm6, ymm9, YMMWORD [rsi+0*SIZEOF_YMMWORD]
-    jmp         short .upsample
-
-.columnloop:
-    vmovdqu     ymm6, YMMWORD [rsi+1*SIZEOF_YMMWORD]
-    vperm2i128  ymm6, ymm0, ymm6, 0x20
-    vpslldq     ymm6, ymm6, 15
-
-.upsample:
-    vmovdqu     ymm1, YMMWORD [rsi+0*SIZEOF_YMMWORD]  ; ymm1=( 0  1  2 ... 29 30 31)
-
-    vperm2i128  ymm2, ymm0, ymm1, 0x20
-    vpalignr    ymm2, ymm1, ymm2, 15            ; ymm2=(--  0  1 ... 28 29 30)
-    vperm2i128  ymm4, ymm0, ymm1, 0x03
-    vpalignr    ymm3, ymm4, ymm1, 1             ; ymm3=( 1  2  3 ... 30 31 --)
-
-    vpor        ymm2, ymm2, ymm7                ; ymm2=(-1  0  1 ... 28 29 30)
-    vpor        ymm3, ymm3, ymm6                ; ymm3=( 1  2  3 ... 30 31 32)
-
-    vpsrldq     ymm7, ymm4, (SIZEOF_XMMWORD-1)  ; ymm7=(31 -- -- ... -- -- --)
-
-    vpunpckhbw  ymm4, ymm1, ymm0                ; ymm4=( 8  9 10 11 12 13 14 15 24 25 26 27 28 29 30 31)
-    vpunpcklbw  ymm5, ymm1, ymm0                ; ymm5=( 0  1  2  3  4  5  6  7 16 17 18 19 20 21 22 23)
-    vperm2i128  ymm1, ymm5, ymm4, 0x20          ; ymm1=( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vperm2i128  ymm4, ymm5, ymm4, 0x31          ; ymm4=(16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vpunpckhbw  ymm5, ymm2, ymm0                ; ymm5=( 7  8  9 10 11 12 13 14 23 24 25 26 27 28 29 30)
-    vpunpcklbw  ymm6, ymm2, ymm0                ; ymm6=(-1  0  1  2  3  4  5  6 15 16 17 18 19 20 21 22)
-    vperm2i128  ymm2, ymm6, ymm5, 0x20          ; ymm2=(-1  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14)
-    vperm2i128  ymm5, ymm6, ymm5, 0x31          ; ymm5=(15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30)
-
-    vpunpckhbw  ymm6, ymm3, ymm0                ; ymm6=( 1  2  3  4  5  6  7  8 17 18 19 20 21 22 23 24)
-    vpunpcklbw  ymm8, ymm3, ymm0                ; ymm8=( 9 10 11 12 13 14 15 16 25 26 27 28 29 30 31 32)
-    vperm2i128  ymm3, ymm8, ymm6, 0x20          ; ymm3=( 1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16)
-    vperm2i128  ymm6, ymm8, ymm6, 0x31          ; ymm6=(17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32)
-
-    vpmullw     ymm1, ymm1, [rel PW_THREE]
-    vpmullw     ymm4, ymm4, [rel PW_THREE]
-    vpaddw      ymm2, ymm2, [rel PW_ONE]
-    vpaddw      ymm5, ymm5, [rel PW_ONE]
-    vpaddw      ymm3, ymm3, [rel PW_TWO]
-    vpaddw      ymm6, ymm6, [rel PW_TWO]
-
-    vpaddw      ymm2, ymm2, ymm1
-    vpaddw      ymm5, ymm5, ymm4
-    vpsrlw      ymm2, ymm2, 2                   ; ymm2=OutLE=( 0  2  4  6  8 10 12 14 16 18 20 22 24 26 28 30)
-    vpsrlw      ymm5, ymm5, 2                   ; ymm5=OutHE=(32 34 36 38 40 42 44 46 48 50 52 54 56 58 60 62)
-    vpaddw      ymm3, ymm3, ymm1
-    vpaddw      ymm6, ymm6, ymm4
-    vpsrlw      ymm3, ymm3, 2                   ; ymm3=OutLO=( 1  3  5  7  9 11 13 15 17 19 21 23 25 27 29 31)
-    vpsrlw      ymm6, ymm6, 2                   ; ymm6=OutHO=(33 35 37 39 41 43 45 47 49 51 53 55 57 59 61 63)
-
-    vpsllw      ymm3, ymm3, BYTE_BIT
-    vpsllw      ymm6, ymm6, BYTE_BIT
-    vpor        ymm2, ymm2, ymm3                ; ymm2=OutL=( 0  1  2 ... 29 30 31)
-    vpor        ymm5, ymm5, ymm6                ; ymm5=OutH=(32 33 34 ... 61 62 63)
-
-    vmovdqu     YMMWORD [rdi+0*SIZEOF_YMMWORD], ymm2
-    vmovdqu     YMMWORD [rdi+1*SIZEOF_YMMWORD], ymm5
-
-    sub         rax, byte SIZEOF_YMMWORD
-    add         rsi, byte 1*SIZEOF_YMMWORD  ; inptr
-    add         rdi, byte 2*SIZEOF_YMMWORD  ; outptr
-    cmp         rax, byte SIZEOF_YMMWORD
-    ja          near .columnloop
-    test        eax, eax
-    jnz         near .columnloop_last
-
-    pop         rsi
-    pop         rdi
-    pop         rax
-
-    add         rsi, byte SIZEOF_JSAMPROW  ; input_data
-    add         rdi, byte SIZEOF_JSAMPROW  ; output_data
-    dec         rcx                        ; rowctr
-    jg          near .rowloop
-
-.return:
-    vzeroupper
-    uncollect_args 4
-    pop_xmm     3
-    pop         rbp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Fancy processing for the common case of 2:1 horizontal and 2:1 vertical.
-; Again a triangle filter; see comments for h2v1 case, above.
-;
-; GLOBAL(void)
-; jsimd_h2v2_fancy_upsample_avx2(int max_v_samp_factor,
-;                                JDIMENSION downsampled_width,
-;                                JSAMPARRAY input_data,
-;                                JSAMPARRAY *output_data_ptr);
-;
-
-; r10 = int max_v_samp_factor
-; r11d = JDIMENSION downsampled_width
-; r12 = JSAMPARRAY input_data
-; r13 = JSAMPARRAY *output_data_ptr
-
-%define wk(i)   rbp - (WK_NUM - (i)) * SIZEOF_YMMWORD  ; ymmword wk[WK_NUM]
-%define WK_NUM  4
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v2_fancy_upsample_avx2)
-
-EXTN(jsimd_h2v2_fancy_upsample_avx2):
-    push        rbp
-    mov         rax, rsp                     ; rax = original rbp
-    sub         rsp, byte 4
-    and         rsp, byte (-SIZEOF_YMMWORD)  ; align to 256 bits
-    mov         [rsp], rax
-    mov         rbp, rsp                     ; rbp = aligned rbp
-    lea         rsp, [wk(0)]
-    push_xmm    3
-    collect_args 4
-    push        rbx
-
-    mov         eax, r11d               ; colctr
-    test        rax, rax
-    jz          near .return
-
-    mov         rcx, r10                ; rowctr
-    test        rcx, rcx
-    jz          near .return
-
-    mov         rsi, r12                ; input_data
-    mov         rdi, r13
-    mov         rdip, JSAMPARRAY [rdi]  ; output_data
-.rowloop:
-    push        rax                     ; colctr
-    push        rcx
-    push        rdi
-    push        rsi
-
-    mov         rcxp, JSAMPROW [rsi-1*SIZEOF_JSAMPROW]  ; inptr1(above)
-    mov         rbxp, JSAMPROW [rsi+0*SIZEOF_JSAMPROW]  ; inptr0
-    mov         rsip, JSAMPROW [rsi+1*SIZEOF_JSAMPROW]  ; inptr1(below)
-    mov         rdxp, JSAMPROW [rdi+0*SIZEOF_JSAMPROW]  ; outptr0
-    mov         rdip, JSAMPROW [rdi+1*SIZEOF_JSAMPROW]  ; outptr1
-
-    vpxor       ymm8, ymm8, ymm8                 ; ymm8=(all 0's)
-    vpcmpeqb    xmm9, xmm9, xmm9
-    vpsrldq     xmm10, xmm9, (SIZEOF_XMMWORD-2)  ; (ffff ---- ---- ... ---- ----) LSB is ffff
-    vpslldq     xmm9, xmm9, (SIZEOF_XMMWORD-2)
-    vperm2i128  ymm9, ymm9, ymm9, 1              ; (---- ---- ... ---- ---- ffff) MSB is ffff
-
-    test        rax, SIZEOF_YMMWORD-1
-    jz          short .skip
-    push        rdx
-    mov         dl, JSAMPLE [rcx+(rax-1)*SIZEOF_JSAMPLE]
-    mov         JSAMPLE [rcx+rax*SIZEOF_JSAMPLE], dl
-    mov         dl, JSAMPLE [rbx+(rax-1)*SIZEOF_JSAMPLE]
-    mov         JSAMPLE [rbx+rax*SIZEOF_JSAMPLE], dl
-    mov         dl, JSAMPLE [rsi+(rax-1)*SIZEOF_JSAMPLE]
-    mov         JSAMPLE [rsi+rax*SIZEOF_JSAMPLE], dl    ; insert a dummy sample
-    pop         rdx
-.skip:
-    ; -- process the first column block
-
-    vmovdqu     ymm0, YMMWORD [rbx+0*SIZEOF_YMMWORD]  ; ymm0=row[ 0][0]
-    vmovdqu     ymm1, YMMWORD [rcx+0*SIZEOF_YMMWORD]  ; ymm1=row[-1][0]
-    vmovdqu     ymm2, YMMWORD [rsi+0*SIZEOF_YMMWORD]  ; ymm2=row[+1][0]
-
-    vpunpckhbw  ymm4, ymm0, ymm8        ; ymm4=row[ 0]( 8  9 10 11 12 13 14 15 24 25 26 27 28 29 30 31)
-    vpunpcklbw  ymm5, ymm0, ymm8        ; ymm5=row[ 0]( 0  1  2  3  4  5  6  7 16 17 18 19 20 21 22 23)
-    vperm2i128  ymm0, ymm5, ymm4, 0x20  ; ymm0=row[ 0]( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vperm2i128  ymm4, ymm5, ymm4, 0x31  ; ymm4=row[ 0](16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vpunpckhbw  ymm5, ymm1, ymm8        ; ymm5=row[-1]( 8  9 10 11 12 13 14 15 24 25 26 27 28 29 30 31)
-    vpunpcklbw  ymm6, ymm1, ymm8        ; ymm6=row[-1]( 0  1  2  3  4  5  6  7 16 17 18 19 20 21 22 23)
-    vperm2i128  ymm1, ymm6, ymm5, 0x20  ; ymm1=row[-1]( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vperm2i128  ymm5, ymm6, ymm5, 0x31  ; ymm5=row[-1](16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vpunpckhbw  ymm6, ymm2, ymm8        ; ymm6=row[+1]( 8  9 10 11 12 13 14 15 24 25 26 27 28 29 30 31)
-    vpunpcklbw  ymm3, ymm2, ymm8        ; ymm3=row[+1]( 0  1  2  3  4  5  6  7 16 17 18 19 20 21 22 23)
-    vperm2i128  ymm2, ymm3, ymm6, 0x20  ; ymm2=row[+1]( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vperm2i128  ymm6, ymm3, ymm6, 0x31  ; ymm6=row[+1](16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vpmullw     ymm0, ymm0, [rel PW_THREE]
-    vpmullw     ymm4, ymm4, [rel PW_THREE]
-
-    vpaddw      ymm1, ymm1, ymm0        ; ymm1=Int0L=( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vpaddw      ymm5, ymm5, ymm4        ; ymm5=Int0H=(16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-    vpaddw      ymm2, ymm2, ymm0        ; ymm2=Int1L=( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vpaddw      ymm6, ymm6, ymm4        ; ymm6=Int1H=(16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vmovdqu     YMMWORD [rdx+0*SIZEOF_YMMWORD], ymm1  ; temporarily save
-    vmovdqu     YMMWORD [rdx+1*SIZEOF_YMMWORD], ymm5  ; the intermediate data
-    vmovdqu     YMMWORD [rdi+0*SIZEOF_YMMWORD], ymm2
-    vmovdqu     YMMWORD [rdi+1*SIZEOF_YMMWORD], ymm6
-
-    vpand       ymm1, ymm1, ymm10       ; ymm1=( 0 -- -- -- -- -- -- -- -- -- -- -- -- -- -- --)
-    vpand       ymm2, ymm2, ymm10       ; ymm2=( 0 -- -- -- -- -- -- -- -- -- -- -- -- -- -- --)
-
-    vmovdqa     YMMWORD [wk(0)], ymm1
-    vmovdqa     YMMWORD [wk(1)], ymm2
-
-    add         rax, byte SIZEOF_YMMWORD-1
-    and         rax, byte -SIZEOF_YMMWORD
-    cmp         rax, byte SIZEOF_YMMWORD
-    ja          short .columnloop
-
-.columnloop_last:
-    ; -- process the last column block
-
-    vpand       ymm1, ymm9, YMMWORD [rdx+1*SIZEOF_YMMWORD]
-    vpand       ymm2, ymm9, YMMWORD [rdi+1*SIZEOF_YMMWORD]
-
-    vmovdqa     YMMWORD [wk(2)], ymm1   ; ymm1=(-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- 31)
-    vmovdqa     YMMWORD [wk(3)], ymm2   ; ymm2=(-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- 31)
-
-    jmp         near .upsample
-
-.columnloop:
-    ; -- process the next column block
-
-    vmovdqu     ymm0, YMMWORD [rbx+1*SIZEOF_YMMWORD]  ; ymm0=row[ 0][1]
-    vmovdqu     ymm1, YMMWORD [rcx+1*SIZEOF_YMMWORD]  ; ymm1=row[-1][1]
-    vmovdqu     ymm2, YMMWORD [rsi+1*SIZEOF_YMMWORD]  ; ymm2=row[+1][1]
-
-    vpunpckhbw  ymm4, ymm0, ymm8        ; ymm4=row[ 0]( 8  9 10 11 12 13 14 15 24 25 26 27 28 29 30 31)
-    vpunpcklbw  ymm5, ymm0, ymm8        ; ymm5=row[ 0]( 0  1  2  3  4  5  6  7 16 17 18 19 20 21 22 23)
-    vperm2i128  ymm0, ymm5, ymm4, 0x20  ; ymm0=row[ 0]( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vperm2i128  ymm4, ymm5, ymm4, 0x31  ; ymm4=row[ 0](16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vpunpckhbw  ymm5, ymm1, ymm8        ; ymm5=row[-1]( 8  9 10 11 12 13 14 15 24 25 26 27 28 29 30 31)
-    vpunpcklbw  ymm6, ymm1, ymm8        ; ymm6=row[-1]( 0  1  2  3  4  5  6  7 16 17 18 19 20 21 22 23)
-    vperm2i128  ymm1, ymm6, ymm5, 0x20  ; ymm1=row[-1]( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vperm2i128  ymm5, ymm6, ymm5, 0x31  ; ymm5=row[-1](16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vpunpckhbw  ymm6, ymm2, ymm8        ; ymm6=row[+1]( 8  9 10 11 12 13 14 15 24 25 26 27 28 29 30 31)
-    vpunpcklbw  ymm7, ymm2, ymm8        ; ymm7=row[+1]( 0  1  2  3  4  5  6  7 16 17 18 19 20 21 22 23)
-    vperm2i128  ymm2, ymm7, ymm6, 0x20  ; ymm2=row[+1]( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vperm2i128  ymm6, ymm7, ymm6, 0x31  ; ymm6=row[+1](16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vpmullw     ymm0, ymm0, [rel PW_THREE]
-    vpmullw     ymm4, ymm4, [rel PW_THREE]
-
-    vpaddw      ymm1, ymm1, ymm0        ; ymm1=Int0L=( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vpaddw      ymm5, ymm5, ymm4        ; ymm5=Int0H=(16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-    vpaddw      ymm2, ymm2, ymm0        ; ymm2=Int1L=( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vpaddw      ymm6, ymm6, ymm4        ; ymm6=Int1H=(16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vmovdqu     YMMWORD [rdx+2*SIZEOF_YMMWORD], ymm1  ; temporarily save
-    vmovdqu     YMMWORD [rdx+3*SIZEOF_YMMWORD], ymm5  ; the intermediate data
-    vmovdqu     YMMWORD [rdi+2*SIZEOF_YMMWORD], ymm2
-    vmovdqu     YMMWORD [rdi+3*SIZEOF_YMMWORD], ymm6
-
-    vperm2i128  ymm1, ymm8, ymm1, 0x20
-    vpslldq     ymm1, ymm1, 14          ; ymm1=(-- -- -- -- -- -- -- -- -- -- -- -- -- -- --  0)
-    vperm2i128  ymm2, ymm8, ymm2, 0x20
-    vpslldq     ymm2, ymm2, 14          ; ymm2=(-- -- -- -- -- -- -- -- -- -- -- -- -- -- --  0)
-
-    vmovdqa     YMMWORD [wk(2)], ymm1
-    vmovdqa     YMMWORD [wk(3)], ymm2
-
-.upsample:
-    ; -- process the upper row
-
-    vmovdqu     ymm7, YMMWORD [rdx+0*SIZEOF_YMMWORD]  ; ymm7=Int0L=( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vmovdqu     ymm3, YMMWORD [rdx+1*SIZEOF_YMMWORD]  ; ymm3=Int0H=(16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vperm2i128  ymm0, ymm8, ymm7, 0x03
-    vpalignr    ymm0, ymm0, ymm7, 2     ; ymm0=( 1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 --)
-    vperm2i128  ymm4, ymm8, ymm3, 0x20
-    vpslldq     ymm4, ymm4, 14          ; ymm4=(-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- 16)
-
-    vperm2i128  ymm5, ymm8, ymm7, 0x03
-    vpsrldq     ymm5, ymm5, 14          ; ymm5=(15 -- -- -- -- -- -- -- -- -- -- -- -- -- -- --)
-    vperm2i128  ymm6, ymm8, ymm3, 0x20
-    vpalignr    ymm6, ymm3, ymm6, 14    ; ymm6=(-- 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30)
-
-    vpor        ymm0, ymm0, ymm4        ; ymm0=( 1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16)
-    vpor        ymm5, ymm5, ymm6        ; ymm5=(15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30)
-
-    vperm2i128  ymm2, ymm8, ymm3, 0x03
-    vpalignr    ymm2, ymm2, ymm3, 2     ; ymm2=(17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 --)
-    vperm2i128  ymm4, ymm8, ymm3, 0x03
-    vpsrldq     ymm4, ymm4, 14          ; ymm4=(31 -- -- -- -- -- -- -- -- -- -- -- -- -- -- --)
-    vperm2i128  ymm1, ymm8, ymm7, 0x20
-    vpalignr    ymm1, ymm7, ymm1, 14    ; ymm1=(--  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14)
-
-    vpor        ymm1, ymm1, YMMWORD [wk(0)]  ; ymm1=(-1  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14)
-    vpor        ymm2, ymm2, YMMWORD [wk(2)]  ; ymm2=(17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32)
-
-    vmovdqa     YMMWORD [wk(0)], ymm4
-
-    vpmullw     ymm7, ymm7, [rel PW_THREE]
-    vpmullw     ymm3, ymm3, [rel PW_THREE]
-    vpaddw      ymm1, ymm1, [rel PW_EIGHT]
-    vpaddw      ymm5, ymm5, [rel PW_EIGHT]
-    vpaddw      ymm0, ymm0, [rel PW_SEVEN]
-    vpaddw      ymm2, [rel PW_SEVEN]
-
-    vpaddw      ymm1, ymm1, ymm7
-    vpaddw      ymm5, ymm5, ymm3
-    vpsrlw      ymm1, ymm1, 4           ; ymm1=Out0LE=( 0  2  4  6  8 10 12 14 16 18 20 22 24 26 28 30)
-    vpsrlw      ymm5, ymm5, 4           ; ymm5=Out0HE=(32 34 36 38 40 42 44 46 48 50 52 54 56 58 60 62)
-    vpaddw      ymm0, ymm0, ymm7
-    vpaddw      ymm2, ymm2, ymm3
-    vpsrlw      ymm0, ymm0, 4           ; ymm0=Out0LO=( 1  3  5  7  9 11 13 15 17 19 21 23 25 27 29 31)
-    vpsrlw      ymm2, ymm2, 4           ; ymm2=Out0HO=(33 35 37 39 41 43 45 47 49 51 53 55 57 59 61 63)
-
-    vpsllw      ymm0, ymm0, BYTE_BIT
-    vpsllw      ymm2, ymm2, BYTE_BIT
-    vpor        ymm1, ymm1, ymm0        ; ymm1=Out0L=( 0  1  2 ... 29 30 31)
-    vpor        ymm5, ymm5, ymm2        ; ymm5=Out0H=(32 33 34 ... 61 62 63)
-
-    vmovdqu     YMMWORD [rdx+0*SIZEOF_YMMWORD], ymm1
-    vmovdqu     YMMWORD [rdx+1*SIZEOF_YMMWORD], ymm5
-
-    ; -- process the lower row
-
-    vmovdqu     ymm6, YMMWORD [rdi+0*SIZEOF_YMMWORD]  ; ymm6=Int1L=( 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15)
-    vmovdqu     ymm4, YMMWORD [rdi+1*SIZEOF_YMMWORD]  ; ymm4=Int1H=(16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31)
-
-    vperm2i128  ymm7, ymm8, ymm6, 0x03
-    vpalignr    ymm7, ymm7, ymm6, 2     ; ymm7=( 1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 --)
-    vperm2i128  ymm3, ymm8, ymm4, 0x20
-    vpslldq     ymm3, ymm3, 14          ; ymm3=(-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- 16)
-
-    vperm2i128  ymm0, ymm8, ymm6, 0x03
-    vpsrldq     ymm0, ymm0, 14          ; ymm0=(15 -- -- -- -- -- -- -- -- -- -- -- -- -- -- --)
-    vperm2i128  ymm2, ymm8, ymm4, 0x20
-    vpalignr    ymm2, ymm4, ymm2, 14    ; ymm2=(-- 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30)
-
-    vpor        ymm7, ymm7, ymm3        ; ymm7=( 1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16)
-    vpor        ymm0, ymm0, ymm2        ; ymm0=(15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30)
-
-    vperm2i128  ymm5, ymm8, ymm4, 0x03
-    vpalignr    ymm5, ymm5, ymm4, 2     ; ymm5=(17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 --)
-    vperm2i128  ymm3, ymm8, ymm4, 0x03
-    vpsrldq     ymm3, ymm3, 14          ; ymm3=(31 -- -- -- -- -- -- -- -- -- -- -- -- -- -- --)
-    vperm2i128  ymm1, ymm8, ymm6, 0x20
-    vpalignr    ymm1, ymm6, ymm1, 14    ; ymm1=(--  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14)
-
-    vpor        ymm1, ymm1, YMMWORD [wk(1)]  ; ymm1=(-1  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14)
-    vpor        ymm5, ymm5, YMMWORD [wk(3)]  ; ymm5=(17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32)
-
-    vmovdqa     YMMWORD [wk(1)], ymm3
-
-    vpmullw     ymm6, ymm6, [rel PW_THREE]
-    vpmullw     ymm4, ymm4, [rel PW_THREE]
-    vpaddw      ymm1, ymm1, [rel PW_EIGHT]
-    vpaddw      ymm0, ymm0, [rel PW_EIGHT]
-    vpaddw      ymm7, ymm7, [rel PW_SEVEN]
-    vpaddw      ymm5, ymm5, [rel PW_SEVEN]
-
-    vpaddw      ymm1, ymm1, ymm6
-    vpaddw      ymm0, ymm0, ymm4
-    vpsrlw      ymm1, ymm1, 4           ; ymm1=Out1LE=( 0  2  4  6  8 10 12 14 16 18 20 22 24 26 28 30)
-    vpsrlw      ymm0, ymm0, 4           ; ymm0=Out1HE=(32 34 36 38 40 42 44 46 48 50 52 54 56 58 60 62)
-    vpaddw      ymm7, ymm7, ymm6
-    vpaddw      ymm5, ymm5, ymm4
-    vpsrlw      ymm7, ymm7, 4           ; ymm7=Out1LO=( 1  3  5  7  9 11 13 15 17 19 21 23 25 27 29 31)
-    vpsrlw      ymm5, ymm5, 4           ; ymm5=Out1HO=(33 35 37 39 41 43 45 47 49 51 53 55 57 59 61 63)
-
-    vpsllw      ymm7, ymm7, BYTE_BIT
-    vpsllw      ymm5, ymm5, BYTE_BIT
-    vpor        ymm1, ymm1, ymm7        ; ymm1=Out1L=( 0  1  2 ... 29 30 31)
-    vpor        ymm0, ymm0, ymm5        ; ymm0=Out1H=(32 33 34 ... 61 62 63)
-
-    vmovdqu     YMMWORD [rdi+0*SIZEOF_YMMWORD], ymm1
-    vmovdqu     YMMWORD [rdi+1*SIZEOF_YMMWORD], ymm0
-
-    sub         rax, byte SIZEOF_YMMWORD
-    add         rcx, byte 1*SIZEOF_YMMWORD  ; inptr1(above)
-    add         rbx, byte 1*SIZEOF_YMMWORD  ; inptr0
-    add         rsi, byte 1*SIZEOF_YMMWORD  ; inptr1(below)
-    add         rdx, byte 2*SIZEOF_YMMWORD  ; outptr0
-    add         rdi, byte 2*SIZEOF_YMMWORD  ; outptr1
-    cmp         rax, byte SIZEOF_YMMWORD
-    ja          near .columnloop
-    test        rax, rax
-    jnz         near .columnloop_last
-
-    pop         rsi
-    pop         rdi
-    pop         rcx
-    pop         rax
-
-    add         rsi, byte 1*SIZEOF_JSAMPROW  ; input_data
-    add         rdi, byte 2*SIZEOF_JSAMPROW  ; output_data
-    sub         rcx, byte 2                  ; rowctr
-    jg          near .rowloop
-
-.return:
-    pop         rbx
-    vzeroupper
-    uncollect_args 4
-    pop_xmm     3
-    mov         rsp, rbp                ; rsp <- aligned rbp
-    pop         rsp                     ; rsp <- original rbp
-    pop         rbp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Fast processing for the common case of 2:1 horizontal and 1:1 vertical.
-; It's still a box filter.
-;
-; GLOBAL(void)
-; jsimd_h2v1_upsample_avx2(int max_v_samp_factor, JDIMENSION output_width,
-;                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr);
-;
-
-; r10 = int max_v_samp_factor
-; r11d = JDIMENSION output_width
-; r12 = JSAMPARRAY input_data
-; r13 = JSAMPARRAY *output_data_ptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v1_upsample_avx2)
-
-EXTN(jsimd_h2v1_upsample_avx2):
-    push        rbp
-    mov         rax, rsp
-    mov         rbp, rsp
-    collect_args 4
-
-    mov         edx, r11d
-    add         rdx, byte (SIZEOF_YMMWORD-1)
-    and         rdx, -SIZEOF_YMMWORD
-    jz          near .return
-
-    mov         rcx, r10                ; rowctr
-    test        rcx, rcx
-    jz          short .return
-
-    mov         rsi, r12                ; input_data
-    mov         rdi, r13
-    mov         rdip, JSAMPARRAY [rdi]  ; output_data
-.rowloop:
-    push        rdi
-    push        rsi
-
-    mov         rsip, JSAMPROW [rsi]    ; inptr
-    mov         rdip, JSAMPROW [rdi]    ; outptr
-    mov         rax, rdx                ; colctr
-.columnloop:
-
-    cmp         rax, byte SIZEOF_YMMWORD
-    ja          near .above_16
-
-    vmovdqu     xmm0, XMMWORD [rsi+0*SIZEOF_YMMWORD]
-    vpunpckhbw  xmm1, xmm0, xmm0
-    vpunpcklbw  xmm0, xmm0, xmm0
-
-    vmovdqu     XMMWORD [rdi+0*SIZEOF_XMMWORD], xmm0
-    vmovdqu     XMMWORD [rdi+1*SIZEOF_XMMWORD], xmm1
-
-    jmp         short .nextrow
-
-.above_16:
-    vmovdqu     ymm0, YMMWORD [rsi+0*SIZEOF_YMMWORD]
-
-    vpermq      ymm0, ymm0, 0xd8
-    vpunpckhbw  ymm1, ymm0, ymm0
-    vpunpcklbw  ymm0, ymm0, ymm0
-
-    vmovdqu     YMMWORD [rdi+0*SIZEOF_YMMWORD], ymm0
-    vmovdqu     YMMWORD [rdi+1*SIZEOF_YMMWORD], ymm1
-
-    sub         rax, byte 2*SIZEOF_YMMWORD
-    jz          short .nextrow
-
-    add         rsi, byte SIZEOF_YMMWORD    ; inptr
-    add         rdi, byte 2*SIZEOF_YMMWORD  ; outptr
-    jmp         short .columnloop
-
-.nextrow:
-    pop         rsi
-    pop         rdi
-
-    add         rsi, byte SIZEOF_JSAMPROW  ; input_data
-    add         rdi, byte SIZEOF_JSAMPROW  ; output_data
-    dec         rcx                        ; rowctr
-    jg          short .rowloop
-
-.return:
-    vzeroupper
-    uncollect_args 4
-    pop         rbp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Fast processing for the common case of 2:1 horizontal and 2:1 vertical.
-; It's still a box filter.
-;
-; GLOBAL(void)
-; jsimd_h2v2_upsample_avx2(int max_v_samp_factor, JDIMENSION output_width,
-;                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr);
-;
-
-; r10 = int max_v_samp_factor
-; r11d = JDIMENSION output_width
-; r12 = JSAMPARRAY input_data
-; r13 = JSAMPARRAY *output_data_ptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v2_upsample_avx2)
-
-EXTN(jsimd_h2v2_upsample_avx2):
-    push        rbp
-    mov         rax, rsp
-    mov         rbp, rsp
-    collect_args 4
-    push        rbx
-
-    mov         edx, r11d
-    add         rdx, byte (SIZEOF_YMMWORD-1)
-    and         rdx, -SIZEOF_YMMWORD
-    jz          near .return
-
-    mov         rcx, r10                ; rowctr
-    test        rcx, rcx
-    jz          near .return
-
-    mov         rsi, r12                ; input_data
-    mov         rdi, r13
-    mov         rdip, JSAMPARRAY [rdi]  ; output_data
-.rowloop:
-    push        rdi
-    push        rsi
-
-    mov         rsip, JSAMPROW [rsi]                   ; inptr
-    mov         rbxp, JSAMPROW [rdi+0*SIZEOF_JSAMPROW] ; outptr0
-    mov         rdip, JSAMPROW [rdi+1*SIZEOF_JSAMPROW] ; outptr1
-    mov         rax, rdx                               ; colctr
-.columnloop:
-
-    cmp         rax, byte SIZEOF_YMMWORD
-    ja          short .above_16
-
-    vmovdqu     xmm0, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-    vpunpckhbw  xmm1, xmm0, xmm0
-    vpunpcklbw  xmm0, xmm0, xmm0
-
-    vmovdqu     XMMWORD [rbx+0*SIZEOF_XMMWORD], xmm0
-    vmovdqu     XMMWORD [rbx+1*SIZEOF_XMMWORD], xmm1
-    vmovdqu     XMMWORD [rdi+0*SIZEOF_XMMWORD], xmm0
-    vmovdqu     XMMWORD [rdi+1*SIZEOF_XMMWORD], xmm1
-
-    jmp         near .nextrow
-
-.above_16:
-    vmovdqu     ymm0, YMMWORD [rsi+0*SIZEOF_YMMWORD]
-
-    vpermq      ymm0, ymm0, 0xd8
-    vpunpckhbw  ymm1, ymm0, ymm0
-    vpunpcklbw  ymm0, ymm0, ymm0
-
-    vmovdqu     YMMWORD [rbx+0*SIZEOF_YMMWORD], ymm0
-    vmovdqu     YMMWORD [rbx+1*SIZEOF_YMMWORD], ymm1
-    vmovdqu     YMMWORD [rdi+0*SIZEOF_YMMWORD], ymm0
-    vmovdqu     YMMWORD [rdi+1*SIZEOF_YMMWORD], ymm1
-
-    sub         rax, byte 2*SIZEOF_YMMWORD
-    jz          short .nextrow
-
-    add         rsi, byte SIZEOF_YMMWORD  ; inptr
-    add         rbx, 2*SIZEOF_YMMWORD     ; outptr0
-    add         rdi, 2*SIZEOF_YMMWORD     ; outptr1
-    jmp         short .columnloop
-
-.nextrow:
-    pop         rsi
-    pop         rdi
-
-    add         rsi, byte 1*SIZEOF_JSAMPROW  ; input_data
-    add         rdi, byte 2*SIZEOF_JSAMPROW  ; output_data
-    sub         rcx, byte 2                  ; rowctr
-    jg          near .rowloop
-
-.return:
-    pop         rbx
-    vzeroupper
-    uncollect_args 4
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdsample-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdsample-sse2.asm
deleted file mode 100644
index 38dbcee..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jdsample-sse2.asm
+++ /dev/null
@@ -1,665 +0,0 @@
-;
-; jdsample.asm - upsampling (64-bit SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_fancy_upsample_sse2)
-
-EXTN(jconst_fancy_upsample_sse2):
-
-PW_ONE   times 8 dw 1
-PW_TWO   times 8 dw 2
-PW_THREE times 8 dw 3
-PW_SEVEN times 8 dw 7
-PW_EIGHT times 8 dw 8
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-;
-; Fancy processing for the common case of 2:1 horizontal and 1:1 vertical.
-;
-; The upsampling algorithm is linear interpolation between pixel centers,
-; also known as a "triangle filter".  This is a good compromise between
-; speed and visual quality.  The centers of the output pixels are 1/4 and 3/4
-; of the way between input pixel centers.
-;
-; GLOBAL(void)
-; jsimd_h2v1_fancy_upsample_sse2(int max_v_samp_factor,
-;                                JDIMENSION downsampled_width,
-;                                JSAMPARRAY input_data,
-;                                JSAMPARRAY *output_data_ptr);
-;
-
-; r10 = int max_v_samp_factor
-; r11d = JDIMENSION downsampled_width
-; r12 = JSAMPARRAY input_data
-; r13 = JSAMPARRAY *output_data_ptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v1_fancy_upsample_sse2)
-
-EXTN(jsimd_h2v1_fancy_upsample_sse2):
-    push        rbp
-    mov         rax, rsp
-    mov         rbp, rsp
-    collect_args 4
-
-    mov         eax, r11d               ; colctr
-    test        rax, rax
-    jz          near .return
-
-    mov         rcx, r10                ; rowctr
-    test        rcx, rcx
-    jz          near .return
-
-    mov         rsi, r12                ; input_data
-    mov         rdi, r13
-    mov         rdip, JSAMPARRAY [rdi]  ; output_data
-.rowloop:
-    push        rax                     ; colctr
-    push        rdi
-    push        rsi
-
-    mov         rsip, JSAMPROW [rsi]    ; inptr
-    mov         rdip, JSAMPROW [rdi]    ; outptr
-
-    test        rax, SIZEOF_XMMWORD-1
-    jz          short .skip
-    mov         dl, JSAMPLE [rsi+(rax-1)*SIZEOF_JSAMPLE]
-    mov         JSAMPLE [rsi+rax*SIZEOF_JSAMPLE], dl    ; insert a dummy sample
-.skip:
-    pxor        xmm0, xmm0              ; xmm0=(all 0's)
-    pcmpeqb     xmm7, xmm7
-    psrldq      xmm7, (SIZEOF_XMMWORD-1)
-    pand        xmm7, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-
-    add         rax, byte SIZEOF_XMMWORD-1
-    and         rax, byte -SIZEOF_XMMWORD
-    cmp         rax, byte SIZEOF_XMMWORD
-    ja          short .columnloop
-
-.columnloop_last:
-    pcmpeqb     xmm6, xmm6
-    pslldq      xmm6, (SIZEOF_XMMWORD-1)
-    pand        xmm6, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-    jmp         short .upsample
-
-.columnloop:
-    movdqa      xmm6, XMMWORD [rsi+1*SIZEOF_XMMWORD]
-    pslldq      xmm6, (SIZEOF_XMMWORD-1)
-
-.upsample:
-    movdqa      xmm1, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-    movdqa      xmm2, xmm1
-    movdqa      xmm3, xmm1                ; xmm1=( 0  1  2 ... 13 14 15)
-    pslldq      xmm2, 1                   ; xmm2=(--  0  1 ... 12 13 14)
-    psrldq      xmm3, 1                   ; xmm3=( 1  2  3 ... 14 15 --)
-
-    por         xmm2, xmm7                ; xmm2=(-1  0  1 ... 12 13 14)
-    por         xmm3, xmm6                ; xmm3=( 1  2  3 ... 14 15 16)
-
-    movdqa      xmm7, xmm1
-    psrldq      xmm7, (SIZEOF_XMMWORD-1)  ; xmm7=(15 -- -- ... -- -- --)
-
-    movdqa      xmm4, xmm1
-    punpcklbw   xmm1, xmm0                ; xmm1=( 0  1  2  3  4  5  6  7)
-    punpckhbw   xmm4, xmm0                ; xmm4=( 8  9 10 11 12 13 14 15)
-    movdqa      xmm5, xmm2
-    punpcklbw   xmm2, xmm0                ; xmm2=(-1  0  1  2  3  4  5  6)
-    punpckhbw   xmm5, xmm0                ; xmm5=( 7  8  9 10 11 12 13 14)
-    movdqa      xmm6, xmm3
-    punpcklbw   xmm3, xmm0                ; xmm3=( 1  2  3  4  5  6  7  8)
-    punpckhbw   xmm6, xmm0                ; xmm6=( 9 10 11 12 13 14 15 16)
-
-    pmullw      xmm1, [rel PW_THREE]
-    pmullw      xmm4, [rel PW_THREE]
-    paddw       xmm2, [rel PW_ONE]
-    paddw       xmm5, [rel PW_ONE]
-    paddw       xmm3, [rel PW_TWO]
-    paddw       xmm6, [rel PW_TWO]
-
-    paddw       xmm2, xmm1
-    paddw       xmm5, xmm4
-    psrlw       xmm2, 2                 ; xmm2=OutLE=( 0  2  4  6  8 10 12 14)
-    psrlw       xmm5, 2                 ; xmm5=OutHE=(16 18 20 22 24 26 28 30)
-    paddw       xmm3, xmm1
-    paddw       xmm6, xmm4
-    psrlw       xmm3, 2                 ; xmm3=OutLO=( 1  3  5  7  9 11 13 15)
-    psrlw       xmm6, 2                 ; xmm6=OutHO=(17 19 21 23 25 27 29 31)
-
-    psllw       xmm3, BYTE_BIT
-    psllw       xmm6, BYTE_BIT
-    por         xmm2, xmm3              ; xmm2=OutL=( 0  1  2 ... 13 14 15)
-    por         xmm5, xmm6              ; xmm5=OutH=(16 17 18 ... 29 30 31)
-
-    movdqa      XMMWORD [rdi+0*SIZEOF_XMMWORD], xmm2
-    movdqa      XMMWORD [rdi+1*SIZEOF_XMMWORD], xmm5
-
-    sub         rax, byte SIZEOF_XMMWORD
-    add         rsi, byte 1*SIZEOF_XMMWORD  ; inptr
-    add         rdi, byte 2*SIZEOF_XMMWORD  ; outptr
-    cmp         rax, byte SIZEOF_XMMWORD
-    ja          near .columnloop
-    test        eax, eax
-    jnz         near .columnloop_last
-
-    pop         rsi
-    pop         rdi
-    pop         rax
-
-    add         rsi, byte SIZEOF_JSAMPROW  ; input_data
-    add         rdi, byte SIZEOF_JSAMPROW  ; output_data
-    dec         rcx                        ; rowctr
-    jg          near .rowloop
-
-.return:
-    uncollect_args 4
-    pop         rbp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Fancy processing for the common case of 2:1 horizontal and 2:1 vertical.
-; Again a triangle filter; see comments for h2v1 case, above.
-;
-; GLOBAL(void)
-; jsimd_h2v2_fancy_upsample_sse2(int max_v_samp_factor,
-;                                JDIMENSION downsampled_width,
-;                                JSAMPARRAY input_data,
-;                                JSAMPARRAY *output_data_ptr);
-;
-
-; r10 = int max_v_samp_factor
-; r11d = JDIMENSION downsampled_width
-; r12 = JSAMPARRAY input_data
-; r13 = JSAMPARRAY *output_data_ptr
-
-%define wk(i)   rbp - (WK_NUM - (i)) * SIZEOF_XMMWORD  ; xmmword wk[WK_NUM]
-%define WK_NUM  4
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v2_fancy_upsample_sse2)
-
-EXTN(jsimd_h2v2_fancy_upsample_sse2):
-    push        rbp
-    mov         rax, rsp                     ; rax = original rbp
-    sub         rsp, byte 4
-    and         rsp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [rsp], rax
-    mov         rbp, rsp                     ; rbp = aligned rbp
-    lea         rsp, [wk(0)]
-    collect_args 4
-    push        rbx
-
-    mov         eax, r11d               ; colctr
-    test        rax, rax
-    jz          near .return
-
-    mov         rcx, r10                ; rowctr
-    test        rcx, rcx
-    jz          near .return
-
-    mov         rsi, r12                ; input_data
-    mov         rdi, r13
-    mov         rdip, JSAMPARRAY [rdi]  ; output_data
-.rowloop:
-    push        rax                     ; colctr
-    push        rcx
-    push        rdi
-    push        rsi
-
-    mov         rcxp, JSAMPROW [rsi-1*SIZEOF_JSAMPROW]  ; inptr1(above)
-    mov         rbxp, JSAMPROW [rsi+0*SIZEOF_JSAMPROW]  ; inptr0
-    mov         rsip, JSAMPROW [rsi+1*SIZEOF_JSAMPROW]  ; inptr1(below)
-    mov         rdxp, JSAMPROW [rdi+0*SIZEOF_JSAMPROW]  ; outptr0
-    mov         rdip, JSAMPROW [rdi+1*SIZEOF_JSAMPROW]  ; outptr1
-
-    test        rax, SIZEOF_XMMWORD-1
-    jz          short .skip
-    push        rdx
-    mov         dl, JSAMPLE [rcx+(rax-1)*SIZEOF_JSAMPLE]
-    mov         JSAMPLE [rcx+rax*SIZEOF_JSAMPLE], dl
-    mov         dl, JSAMPLE [rbx+(rax-1)*SIZEOF_JSAMPLE]
-    mov         JSAMPLE [rbx+rax*SIZEOF_JSAMPLE], dl
-    mov         dl, JSAMPLE [rsi+(rax-1)*SIZEOF_JSAMPLE]
-    mov         JSAMPLE [rsi+rax*SIZEOF_JSAMPLE], dl    ; insert a dummy sample
-    pop         rdx
-.skip:
-    ; -- process the first column block
-
-    movdqa      xmm0, XMMWORD [rbx+0*SIZEOF_XMMWORD]  ; xmm0=row[ 0][0]
-    movdqa      xmm1, XMMWORD [rcx+0*SIZEOF_XMMWORD]  ; xmm1=row[-1][0]
-    movdqa      xmm2, XMMWORD [rsi+0*SIZEOF_XMMWORD]  ; xmm2=row[+1][0]
-
-    pxor        xmm3, xmm3              ; xmm3=(all 0's)
-    movdqa      xmm4, xmm0
-    punpcklbw   xmm0, xmm3              ; xmm0=row[ 0]( 0  1  2  3  4  5  6  7)
-    punpckhbw   xmm4, xmm3              ; xmm4=row[ 0]( 8  9 10 11 12 13 14 15)
-    movdqa      xmm5, xmm1
-    punpcklbw   xmm1, xmm3              ; xmm1=row[-1]( 0  1  2  3  4  5  6  7)
-    punpckhbw   xmm5, xmm3              ; xmm5=row[-1]( 8  9 10 11 12 13 14 15)
-    movdqa      xmm6, xmm2
-    punpcklbw   xmm2, xmm3              ; xmm2=row[+1]( 0  1  2  3  4  5  6  7)
-    punpckhbw   xmm6, xmm3              ; xmm6=row[+1]( 8  9 10 11 12 13 14 15)
-
-    pmullw      xmm0, [rel PW_THREE]
-    pmullw      xmm4, [rel PW_THREE]
-
-    pcmpeqb     xmm7, xmm7
-    psrldq      xmm7, (SIZEOF_XMMWORD-2)
-
-    paddw       xmm1, xmm0              ; xmm1=Int0L=( 0  1  2  3  4  5  6  7)
-    paddw       xmm5, xmm4              ; xmm5=Int0H=( 8  9 10 11 12 13 14 15)
-    paddw       xmm2, xmm0              ; xmm2=Int1L=( 0  1  2  3  4  5  6  7)
-    paddw       xmm6, xmm4              ; xmm6=Int1H=( 8  9 10 11 12 13 14 15)
-
-    movdqa      XMMWORD [rdx+0*SIZEOF_XMMWORD], xmm1  ; temporarily save
-    movdqa      XMMWORD [rdx+1*SIZEOF_XMMWORD], xmm5  ; the intermediate data
-    movdqa      XMMWORD [rdi+0*SIZEOF_XMMWORD], xmm2
-    movdqa      XMMWORD [rdi+1*SIZEOF_XMMWORD], xmm6
-
-    pand        xmm1, xmm7              ; xmm1=( 0 -- -- -- -- -- -- --)
-    pand        xmm2, xmm7              ; xmm2=( 0 -- -- -- -- -- -- --)
-
-    movdqa      XMMWORD [wk(0)], xmm1
-    movdqa      XMMWORD [wk(1)], xmm2
-
-    add         rax, byte SIZEOF_XMMWORD-1
-    and         rax, byte -SIZEOF_XMMWORD
-    cmp         rax, byte SIZEOF_XMMWORD
-    ja          short .columnloop
-
-.columnloop_last:
-    ; -- process the last column block
-
-    pcmpeqb     xmm1, xmm1
-    pslldq      xmm1, (SIZEOF_XMMWORD-2)
-    movdqa      xmm2, xmm1
-
-    pand        xmm1, XMMWORD [rdx+1*SIZEOF_XMMWORD]
-    pand        xmm2, XMMWORD [rdi+1*SIZEOF_XMMWORD]
-
-    movdqa      XMMWORD [wk(2)], xmm1   ; xmm1=(-- -- -- -- -- -- -- 15)
-    movdqa      XMMWORD [wk(3)], xmm2   ; xmm2=(-- -- -- -- -- -- -- 15)
-
-    jmp         near .upsample
-
-.columnloop:
-    ; -- process the next column block
-
-    movdqa      xmm0, XMMWORD [rbx+1*SIZEOF_XMMWORD]  ; xmm0=row[ 0][1]
-    movdqa      xmm1, XMMWORD [rcx+1*SIZEOF_XMMWORD]  ; xmm1=row[-1][1]
-    movdqa      xmm2, XMMWORD [rsi+1*SIZEOF_XMMWORD]  ; xmm2=row[+1][1]
-
-    pxor        xmm3, xmm3              ; xmm3=(all 0's)
-    movdqa      xmm4, xmm0
-    punpcklbw   xmm0, xmm3              ; xmm0=row[ 0]( 0  1  2  3  4  5  6  7)
-    punpckhbw   xmm4, xmm3              ; xmm4=row[ 0]( 8  9 10 11 12 13 14 15)
-    movdqa      xmm5, xmm1
-    punpcklbw   xmm1, xmm3              ; xmm1=row[-1]( 0  1  2  3  4  5  6  7)
-    punpckhbw   xmm5, xmm3              ; xmm5=row[-1]( 8  9 10 11 12 13 14 15)
-    movdqa      xmm6, xmm2
-    punpcklbw   xmm2, xmm3              ; xmm2=row[+1]( 0  1  2  3  4  5  6  7)
-    punpckhbw   xmm6, xmm3              ; xmm6=row[+1]( 8  9 10 11 12 13 14 15)
-
-    pmullw      xmm0, [rel PW_THREE]
-    pmullw      xmm4, [rel PW_THREE]
-
-    paddw       xmm1, xmm0              ; xmm1=Int0L=( 0  1  2  3  4  5  6  7)
-    paddw       xmm5, xmm4              ; xmm5=Int0H=( 8  9 10 11 12 13 14 15)
-    paddw       xmm2, xmm0              ; xmm2=Int1L=( 0  1  2  3  4  5  6  7)
-    paddw       xmm6, xmm4              ; xmm6=Int1H=( 8  9 10 11 12 13 14 15)
-
-    movdqa      XMMWORD [rdx+2*SIZEOF_XMMWORD], xmm1  ; temporarily save
-    movdqa      XMMWORD [rdx+3*SIZEOF_XMMWORD], xmm5  ; the intermediate data
-    movdqa      XMMWORD [rdi+2*SIZEOF_XMMWORD], xmm2
-    movdqa      XMMWORD [rdi+3*SIZEOF_XMMWORD], xmm6
-
-    pslldq      xmm1, (SIZEOF_XMMWORD-2)  ; xmm1=(-- -- -- -- -- -- --  0)
-    pslldq      xmm2, (SIZEOF_XMMWORD-2)  ; xmm2=(-- -- -- -- -- -- --  0)
-
-    movdqa      XMMWORD [wk(2)], xmm1
-    movdqa      XMMWORD [wk(3)], xmm2
-
-.upsample:
-    ; -- process the upper row
-
-    movdqa      xmm7, XMMWORD [rdx+0*SIZEOF_XMMWORD]
-    movdqa      xmm3, XMMWORD [rdx+1*SIZEOF_XMMWORD]
-
-    movdqa      xmm0, xmm7                ; xmm7=Int0L=( 0  1  2  3  4  5  6  7)
-    movdqa      xmm4, xmm3                ; xmm3=Int0H=( 8  9 10 11 12 13 14 15)
-    psrldq      xmm0, 2                   ; xmm0=( 1  2  3  4  5  6  7 --)
-    pslldq      xmm4, (SIZEOF_XMMWORD-2)  ; xmm4=(-- -- -- -- -- -- --  8)
-    movdqa      xmm5, xmm7
-    movdqa      xmm6, xmm3
-    psrldq      xmm5, (SIZEOF_XMMWORD-2)  ; xmm5=( 7 -- -- -- -- -- -- --)
-    pslldq      xmm6, 2                   ; xmm6=(--  8  9 10 11 12 13 14)
-
-    por         xmm0, xmm4                ; xmm0=( 1  2  3  4  5  6  7  8)
-    por         xmm5, xmm6                ; xmm5=( 7  8  9 10 11 12 13 14)
-
-    movdqa      xmm1, xmm7
-    movdqa      xmm2, xmm3
-    pslldq      xmm1, 2                   ; xmm1=(--  0  1  2  3  4  5  6)
-    psrldq      xmm2, 2                   ; xmm2=( 9 10 11 12 13 14 15 --)
-    movdqa      xmm4, xmm3
-    psrldq      xmm4, (SIZEOF_XMMWORD-2)  ; xmm4=(15 -- -- -- -- -- -- --)
-
-    por         xmm1, XMMWORD [wk(0)]     ; xmm1=(-1  0  1  2  3  4  5  6)
-    por         xmm2, XMMWORD [wk(2)]     ; xmm2=( 9 10 11 12 13 14 15 16)
-
-    movdqa      XMMWORD [wk(0)], xmm4
-
-    pmullw      xmm7, [rel PW_THREE]
-    pmullw      xmm3, [rel PW_THREE]
-    paddw       xmm1, [rel PW_EIGHT]
-    paddw       xmm5, [rel PW_EIGHT]
-    paddw       xmm0, [rel PW_SEVEN]
-    paddw       xmm2, [rel PW_SEVEN]
-
-    paddw       xmm1, xmm7
-    paddw       xmm5, xmm3
-    psrlw       xmm1, 4                 ; xmm1=Out0LE=( 0  2  4  6  8 10 12 14)
-    psrlw       xmm5, 4                 ; xmm5=Out0HE=(16 18 20 22 24 26 28 30)
-    paddw       xmm0, xmm7
-    paddw       xmm2, xmm3
-    psrlw       xmm0, 4                 ; xmm0=Out0LO=( 1  3  5  7  9 11 13 15)
-    psrlw       xmm2, 4                 ; xmm2=Out0HO=(17 19 21 23 25 27 29 31)
-
-    psllw       xmm0, BYTE_BIT
-    psllw       xmm2, BYTE_BIT
-    por         xmm1, xmm0              ; xmm1=Out0L=( 0  1  2 ... 13 14 15)
-    por         xmm5, xmm2              ; xmm5=Out0H=(16 17 18 ... 29 30 31)
-
-    movdqa      XMMWORD [rdx+0*SIZEOF_XMMWORD], xmm1
-    movdqa      XMMWORD [rdx+1*SIZEOF_XMMWORD], xmm5
-
-    ; -- process the lower row
-
-    movdqa      xmm6, XMMWORD [rdi+0*SIZEOF_XMMWORD]
-    movdqa      xmm4, XMMWORD [rdi+1*SIZEOF_XMMWORD]
-
-    movdqa      xmm7, xmm6                ; xmm6=Int1L=( 0  1  2  3  4  5  6  7)
-    movdqa      xmm3, xmm4                ; xmm4=Int1H=( 8  9 10 11 12 13 14 15)
-    psrldq      xmm7, 2                   ; xmm7=( 1  2  3  4  5  6  7 --)
-    pslldq      xmm3, (SIZEOF_XMMWORD-2)  ; xmm3=(-- -- -- -- -- -- --  8)
-    movdqa      xmm0, xmm6
-    movdqa      xmm2, xmm4
-    psrldq      xmm0, (SIZEOF_XMMWORD-2)  ; xmm0=( 7 -- -- -- -- -- -- --)
-    pslldq      xmm2, 2                   ; xmm2=(--  8  9 10 11 12 13 14)
-
-    por         xmm7, xmm3                ; xmm7=( 1  2  3  4  5  6  7  8)
-    por         xmm0, xmm2                ; xmm0=( 7  8  9 10 11 12 13 14)
-
-    movdqa      xmm1, xmm6
-    movdqa      xmm5, xmm4
-    pslldq      xmm1, 2                   ; xmm1=(--  0  1  2  3  4  5  6)
-    psrldq      xmm5, 2                   ; xmm5=( 9 10 11 12 13 14 15 --)
-    movdqa      xmm3, xmm4
-    psrldq      xmm3, (SIZEOF_XMMWORD-2)  ; xmm3=(15 -- -- -- -- -- -- --)
-
-    por         xmm1, XMMWORD [wk(1)]     ; xmm1=(-1  0  1  2  3  4  5  6)
-    por         xmm5, XMMWORD [wk(3)]     ; xmm5=( 9 10 11 12 13 14 15 16)
-
-    movdqa      XMMWORD [wk(1)], xmm3
-
-    pmullw      xmm6, [rel PW_THREE]
-    pmullw      xmm4, [rel PW_THREE]
-    paddw       xmm1, [rel PW_EIGHT]
-    paddw       xmm0, [rel PW_EIGHT]
-    paddw       xmm7, [rel PW_SEVEN]
-    paddw       xmm5, [rel PW_SEVEN]
-
-    paddw       xmm1, xmm6
-    paddw       xmm0, xmm4
-    psrlw       xmm1, 4                 ; xmm1=Out1LE=( 0  2  4  6  8 10 12 14)
-    psrlw       xmm0, 4                 ; xmm0=Out1HE=(16 18 20 22 24 26 28 30)
-    paddw       xmm7, xmm6
-    paddw       xmm5, xmm4
-    psrlw       xmm7, 4                 ; xmm7=Out1LO=( 1  3  5  7  9 11 13 15)
-    psrlw       xmm5, 4                 ; xmm5=Out1HO=(17 19 21 23 25 27 29 31)
-
-    psllw       xmm7, BYTE_BIT
-    psllw       xmm5, BYTE_BIT
-    por         xmm1, xmm7              ; xmm1=Out1L=( 0  1  2 ... 13 14 15)
-    por         xmm0, xmm5              ; xmm0=Out1H=(16 17 18 ... 29 30 31)
-
-    movdqa      XMMWORD [rdi+0*SIZEOF_XMMWORD], xmm1
-    movdqa      XMMWORD [rdi+1*SIZEOF_XMMWORD], xmm0
-
-    sub         rax, byte SIZEOF_XMMWORD
-    add         rcx, byte 1*SIZEOF_XMMWORD  ; inptr1(above)
-    add         rbx, byte 1*SIZEOF_XMMWORD  ; inptr0
-    add         rsi, byte 1*SIZEOF_XMMWORD  ; inptr1(below)
-    add         rdx, byte 2*SIZEOF_XMMWORD  ; outptr0
-    add         rdi, byte 2*SIZEOF_XMMWORD  ; outptr1
-    cmp         rax, byte SIZEOF_XMMWORD
-    ja          near .columnloop
-    test        rax, rax
-    jnz         near .columnloop_last
-
-    pop         rsi
-    pop         rdi
-    pop         rcx
-    pop         rax
-
-    add         rsi, byte 1*SIZEOF_JSAMPROW  ; input_data
-    add         rdi, byte 2*SIZEOF_JSAMPROW  ; output_data
-    sub         rcx, byte 2                  ; rowctr
-    jg          near .rowloop
-
-.return:
-    pop         rbx
-    uncollect_args 4
-    mov         rsp, rbp                ; rsp <- aligned rbp
-    pop         rsp                     ; rsp <- original rbp
-    pop         rbp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Fast processing for the common case of 2:1 horizontal and 1:1 vertical.
-; It's still a box filter.
-;
-; GLOBAL(void)
-; jsimd_h2v1_upsample_sse2(int max_v_samp_factor, JDIMENSION output_width,
-;                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr);
-;
-
-; r10 = int max_v_samp_factor
-; r11d = JDIMENSION output_width
-; r12 = JSAMPARRAY input_data
-; r13 = JSAMPARRAY *output_data_ptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v1_upsample_sse2)
-
-EXTN(jsimd_h2v1_upsample_sse2):
-    push        rbp
-    mov         rax, rsp
-    mov         rbp, rsp
-    collect_args 4
-
-    mov         edx, r11d
-    add         rdx, byte (2*SIZEOF_XMMWORD)-1
-    and         rdx, byte -(2*SIZEOF_XMMWORD)
-    jz          near .return
-
-    mov         rcx, r10                ; rowctr
-    test        rcx, rcx
-    jz          short .return
-
-    mov         rsi, r12                ; input_data
-    mov         rdi, r13
-    mov         rdip, JSAMPARRAY [rdi]  ; output_data
-.rowloop:
-    push        rdi
-    push        rsi
-
-    mov         rsip, JSAMPROW [rsi]    ; inptr
-    mov         rdip, JSAMPROW [rdi]    ; outptr
-    mov         rax, rdx                ; colctr
-.columnloop:
-
-    movdqa      xmm0, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-
-    movdqa      xmm1, xmm0
-    punpcklbw   xmm0, xmm0
-    punpckhbw   xmm1, xmm1
-
-    movdqa      XMMWORD [rdi+0*SIZEOF_XMMWORD], xmm0
-    movdqa      XMMWORD [rdi+1*SIZEOF_XMMWORD], xmm1
-
-    sub         rax, byte 2*SIZEOF_XMMWORD
-    jz          short .nextrow
-
-    movdqa      xmm2, XMMWORD [rsi+1*SIZEOF_XMMWORD]
-
-    movdqa      xmm3, xmm2
-    punpcklbw   xmm2, xmm2
-    punpckhbw   xmm3, xmm3
-
-    movdqa      XMMWORD [rdi+2*SIZEOF_XMMWORD], xmm2
-    movdqa      XMMWORD [rdi+3*SIZEOF_XMMWORD], xmm3
-
-    sub         rax, byte 2*SIZEOF_XMMWORD
-    jz          short .nextrow
-
-    add         rsi, byte 2*SIZEOF_XMMWORD  ; inptr
-    add         rdi, byte 4*SIZEOF_XMMWORD  ; outptr
-    jmp         short .columnloop
-
-.nextrow:
-    pop         rsi
-    pop         rdi
-
-    add         rsi, byte SIZEOF_JSAMPROW  ; input_data
-    add         rdi, byte SIZEOF_JSAMPROW  ; output_data
-    dec         rcx                        ; rowctr
-    jg          short .rowloop
-
-.return:
-    uncollect_args 4
-    pop         rbp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Fast processing for the common case of 2:1 horizontal and 2:1 vertical.
-; It's still a box filter.
-;
-; GLOBAL(void)
-; jsimd_h2v2_upsample_sse2(int max_v_samp_factor, JDIMENSION output_width,
-;                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr);
-;
-
-; r10 = int max_v_samp_factor
-; r11d = JDIMENSION output_width
-; r12 = JSAMPARRAY input_data
-; r13 = JSAMPARRAY *output_data_ptr
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_h2v2_upsample_sse2)
-
-EXTN(jsimd_h2v2_upsample_sse2):
-    push        rbp
-    mov         rax, rsp
-    mov         rbp, rsp
-    collect_args 4
-    push        rbx
-
-    mov         edx, r11d
-    add         rdx, byte (2*SIZEOF_XMMWORD)-1
-    and         rdx, byte -(2*SIZEOF_XMMWORD)
-    jz          near .return
-
-    mov         rcx, r10                ; rowctr
-    test        rcx, rcx
-    jz          near .return
-
-    mov         rsi, r12                ; input_data
-    mov         rdi, r13
-    mov         rdip, JSAMPARRAY [rdi]  ; output_data
-.rowloop:
-    push        rdi
-    push        rsi
-
-    mov         rsip, JSAMPROW [rsi]                   ; inptr
-    mov         rbxp, JSAMPROW [rdi+0*SIZEOF_JSAMPROW] ; outptr0
-    mov         rdip, JSAMPROW [rdi+1*SIZEOF_JSAMPROW] ; outptr1
-    mov         rax, rdx                               ; colctr
-.columnloop:
-
-    movdqa      xmm0, XMMWORD [rsi+0*SIZEOF_XMMWORD]
-
-    movdqa      xmm1, xmm0
-    punpcklbw   xmm0, xmm0
-    punpckhbw   xmm1, xmm1
-
-    movdqa      XMMWORD [rbx+0*SIZEOF_XMMWORD], xmm0
-    movdqa      XMMWORD [rbx+1*SIZEOF_XMMWORD], xmm1
-    movdqa      XMMWORD [rdi+0*SIZEOF_XMMWORD], xmm0
-    movdqa      XMMWORD [rdi+1*SIZEOF_XMMWORD], xmm1
-
-    sub         rax, byte 2*SIZEOF_XMMWORD
-    jz          short .nextrow
-
-    movdqa      xmm2, XMMWORD [rsi+1*SIZEOF_XMMWORD]
-
-    movdqa      xmm3, xmm2
-    punpcklbw   xmm2, xmm2
-    punpckhbw   xmm3, xmm3
-
-    movdqa      XMMWORD [rbx+2*SIZEOF_XMMWORD], xmm2
-    movdqa      XMMWORD [rbx+3*SIZEOF_XMMWORD], xmm3
-    movdqa      XMMWORD [rdi+2*SIZEOF_XMMWORD], xmm2
-    movdqa      XMMWORD [rdi+3*SIZEOF_XMMWORD], xmm3
-
-    sub         rax, byte 2*SIZEOF_XMMWORD
-    jz          short .nextrow
-
-    add         rsi, byte 2*SIZEOF_XMMWORD  ; inptr
-    add         rbx, byte 4*SIZEOF_XMMWORD  ; outptr0
-    add         rdi, byte 4*SIZEOF_XMMWORD  ; outptr1
-    jmp         short .columnloop
-
-.nextrow:
-    pop         rsi
-    pop         rdi
-
-    add         rsi, byte 1*SIZEOF_JSAMPROW  ; input_data
-    add         rdi, byte 2*SIZEOF_JSAMPROW  ; output_data
-    sub         rcx, byte 2                  ; rowctr
-    jg          near .rowloop
-
-.return:
-    pop         rbx
-    uncollect_args 4
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jfdctflt-sse.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jfdctflt-sse.asm
deleted file mode 100644
index ef27966..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jfdctflt-sse.asm
+++ /dev/null
@@ -1,355 +0,0 @@
-;
-; jfdctflt.asm - floating-point FDCT (64-bit SSE)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a floating-point implementation of the forward DCT
-; (Discrete Cosine Transform). The following code is based directly on
-; the IJG's original jfdctflt.c; see the jfdctflt.c for more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%macro  unpcklps2 2  ; %1=(0 1 2 3) / %2=(4 5 6 7) => %1=(0 1 4 5)
-    shufps      %1, %2, 0x44
-%endmacro
-
-%macro  unpckhps2 2  ; %1=(0 1 2 3) / %2=(4 5 6 7) => %1=(2 3 6 7)
-    shufps      %1, %2, 0xEE
-%endmacro
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_fdct_float_sse)
-
-EXTN(jconst_fdct_float_sse):
-
-PD_0_382 times 4 dd 0.382683432365089771728460
-PD_0_707 times 4 dd 0.707106781186547524400844
-PD_0_541 times 4 dd 0.541196100146196984399723
-PD_1_306 times 4 dd 1.306562964876376527856643
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-;
-; Perform the forward DCT on one block of samples.
-;
-; GLOBAL(void)
-; jsimd_fdct_float_sse(FAST_FLOAT *data)
-;
-
-; r10 = FAST_FLOAT *data
-
-%define wk(i)   rbp - (WK_NUM - (i)) * SIZEOF_XMMWORD  ; xmmword wk[WK_NUM]
-%define WK_NUM  2
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_fdct_float_sse)
-
-EXTN(jsimd_fdct_float_sse):
-    push        rbp
-    mov         rax, rsp                     ; rax = original rbp
-    sub         rsp, byte 4
-    and         rsp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [rsp], rax
-    mov         rbp, rsp                     ; rbp = aligned rbp
-    lea         rsp, [wk(0)]
-    collect_args 1
-
-    ; ---- Pass 1: process rows.
-
-    mov         rdx, r10                ; (FAST_FLOAT *)
-    mov         rcx, DCTSIZE/4
-.rowloop:
-
-    movaps      xmm0, XMMWORD [XMMBLOCK(2,0,rdx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm1, XMMWORD [XMMBLOCK(3,0,rdx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm2, XMMWORD [XMMBLOCK(2,1,rdx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm3, XMMWORD [XMMBLOCK(3,1,rdx,SIZEOF_FAST_FLOAT)]
-
-    ; xmm0=(20 21 22 23), xmm2=(24 25 26 27)
-    ; xmm1=(30 31 32 33), xmm3=(34 35 36 37)
-
-    movaps      xmm4, xmm0              ; transpose coefficients(phase 1)
-    unpcklps    xmm0, xmm1              ; xmm0=(20 30 21 31)
-    unpckhps    xmm4, xmm1              ; xmm4=(22 32 23 33)
-    movaps      xmm5, xmm2              ; transpose coefficients(phase 1)
-    unpcklps    xmm2, xmm3              ; xmm2=(24 34 25 35)
-    unpckhps    xmm5, xmm3              ; xmm5=(26 36 27 37)
-
-    movaps      xmm6, XMMWORD [XMMBLOCK(0,0,rdx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm7, XMMWORD [XMMBLOCK(1,0,rdx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm1, XMMWORD [XMMBLOCK(0,1,rdx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm3, XMMWORD [XMMBLOCK(1,1,rdx,SIZEOF_FAST_FLOAT)]
-
-    ; xmm6=(00 01 02 03), xmm1=(04 05 06 07)
-    ; xmm7=(10 11 12 13), xmm3=(14 15 16 17)
-
-    movaps      XMMWORD [wk(0)], xmm4   ; wk(0)=(22 32 23 33)
-    movaps      XMMWORD [wk(1)], xmm2   ; wk(1)=(24 34 25 35)
-
-    movaps      xmm4, xmm6              ; transpose coefficients(phase 1)
-    unpcklps    xmm6, xmm7              ; xmm6=(00 10 01 11)
-    unpckhps    xmm4, xmm7              ; xmm4=(02 12 03 13)
-    movaps      xmm2, xmm1              ; transpose coefficients(phase 1)
-    unpcklps    xmm1, xmm3              ; xmm1=(04 14 05 15)
-    unpckhps    xmm2, xmm3              ; xmm2=(06 16 07 17)
-
-    movaps      xmm7, xmm6              ; transpose coefficients(phase 2)
-    unpcklps2   xmm6, xmm0              ; xmm6=(00 10 20 30)=data0
-    unpckhps2   xmm7, xmm0              ; xmm7=(01 11 21 31)=data1
-    movaps      xmm3, xmm2              ; transpose coefficients(phase 2)
-    unpcklps2   xmm2, xmm5              ; xmm2=(06 16 26 36)=data6
-    unpckhps2   xmm3, xmm5              ; xmm3=(07 17 27 37)=data7
-
-    movaps      xmm0, xmm7
-    movaps      xmm5, xmm6
-    subps       xmm7, xmm2              ; xmm7=data1-data6=tmp6
-    subps       xmm6, xmm3              ; xmm6=data0-data7=tmp7
-    addps       xmm0, xmm2              ; xmm0=data1+data6=tmp1
-    addps       xmm5, xmm3              ; xmm5=data0+data7=tmp0
-
-    movaps      xmm2, XMMWORD [wk(0)]   ; xmm2=(22 32 23 33)
-    movaps      xmm3, XMMWORD [wk(1)]   ; xmm3=(24 34 25 35)
-    movaps      XMMWORD [wk(0)], xmm7   ; wk(0)=tmp6
-    movaps      XMMWORD [wk(1)], xmm6   ; wk(1)=tmp7
-
-    movaps      xmm7, xmm4              ; transpose coefficients(phase 2)
-    unpcklps2   xmm4, xmm2              ; xmm4=(02 12 22 32)=data2
-    unpckhps2   xmm7, xmm2              ; xmm7=(03 13 23 33)=data3
-    movaps      xmm6, xmm1              ; transpose coefficients(phase 2)
-    unpcklps2   xmm1, xmm3              ; xmm1=(04 14 24 34)=data4
-    unpckhps2   xmm6, xmm3              ; xmm6=(05 15 25 35)=data5
-
-    movaps      xmm2, xmm7
-    movaps      xmm3, xmm4
-    addps       xmm7, xmm1              ; xmm7=data3+data4=tmp3
-    addps       xmm4, xmm6              ; xmm4=data2+data5=tmp2
-    subps       xmm2, xmm1              ; xmm2=data3-data4=tmp4
-    subps       xmm3, xmm6              ; xmm3=data2-data5=tmp5
-
-    ; -- Even part
-
-    movaps      xmm1, xmm5
-    movaps      xmm6, xmm0
-    subps       xmm5, xmm7              ; xmm5=tmp13
-    subps       xmm0, xmm4              ; xmm0=tmp12
-    addps       xmm1, xmm7              ; xmm1=tmp10
-    addps       xmm6, xmm4              ; xmm6=tmp11
-
-    addps       xmm0, xmm5
-    mulps       xmm0, [rel PD_0_707]    ; xmm0=z1
-
-    movaps      xmm7, xmm1
-    movaps      xmm4, xmm5
-    subps       xmm1, xmm6              ; xmm1=data4
-    subps       xmm5, xmm0              ; xmm5=data6
-    addps       xmm7, xmm6              ; xmm7=data0
-    addps       xmm4, xmm0              ; xmm4=data2
-
-    movaps      XMMWORD [XMMBLOCK(0,1,rdx,SIZEOF_FAST_FLOAT)], xmm1
-    movaps      XMMWORD [XMMBLOCK(2,1,rdx,SIZEOF_FAST_FLOAT)], xmm5
-    movaps      XMMWORD [XMMBLOCK(0,0,rdx,SIZEOF_FAST_FLOAT)], xmm7
-    movaps      XMMWORD [XMMBLOCK(2,0,rdx,SIZEOF_FAST_FLOAT)], xmm4
-
-    ; -- Odd part
-
-    movaps      xmm6, XMMWORD [wk(0)]   ; xmm6=tmp6
-    movaps      xmm0, XMMWORD [wk(1)]   ; xmm0=tmp7
-
-    addps       xmm2, xmm3              ; xmm2=tmp10
-    addps       xmm3, xmm6              ; xmm3=tmp11
-    addps       xmm6, xmm0              ; xmm6=tmp12, xmm0=tmp7
-
-    mulps       xmm3, [rel PD_0_707]    ; xmm3=z3
-
-    movaps      xmm1, xmm2              ; xmm1=tmp10
-    subps       xmm2, xmm6
-    mulps       xmm2, [rel PD_0_382]    ; xmm2=z5
-    mulps       xmm1, [rel PD_0_541]    ; xmm1=MULTIPLY(tmp10,FIX_0_541196)
-    mulps       xmm6, [rel PD_1_306]    ; xmm6=MULTIPLY(tmp12,FIX_1_306562)
-    addps       xmm1, xmm2              ; xmm1=z2
-    addps       xmm6, xmm2              ; xmm6=z4
-
-    movaps      xmm5, xmm0
-    subps       xmm0, xmm3              ; xmm0=z13
-    addps       xmm5, xmm3              ; xmm5=z11
-
-    movaps      xmm7, xmm0
-    movaps      xmm4, xmm5
-    subps       xmm0, xmm1              ; xmm0=data3
-    subps       xmm5, xmm6              ; xmm5=data7
-    addps       xmm7, xmm1              ; xmm7=data5
-    addps       xmm4, xmm6              ; xmm4=data1
-
-    movaps      XMMWORD [XMMBLOCK(3,0,rdx,SIZEOF_FAST_FLOAT)], xmm0
-    movaps      XMMWORD [XMMBLOCK(3,1,rdx,SIZEOF_FAST_FLOAT)], xmm5
-    movaps      XMMWORD [XMMBLOCK(1,1,rdx,SIZEOF_FAST_FLOAT)], xmm7
-    movaps      XMMWORD [XMMBLOCK(1,0,rdx,SIZEOF_FAST_FLOAT)], xmm4
-
-    add         rdx, 4*DCTSIZE*SIZEOF_FAST_FLOAT
-    dec         rcx
-    jnz         near .rowloop
-
-    ; ---- Pass 2: process columns.
-
-    mov         rdx, r10                ; (FAST_FLOAT *)
-    mov         rcx, DCTSIZE/4
-.columnloop:
-
-    movaps      xmm0, XMMWORD [XMMBLOCK(2,0,rdx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm1, XMMWORD [XMMBLOCK(3,0,rdx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm2, XMMWORD [XMMBLOCK(6,0,rdx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm3, XMMWORD [XMMBLOCK(7,0,rdx,SIZEOF_FAST_FLOAT)]
-
-    ; xmm0=(02 12 22 32), xmm2=(42 52 62 72)
-    ; xmm1=(03 13 23 33), xmm3=(43 53 63 73)
-
-    movaps      xmm4, xmm0              ; transpose coefficients(phase 1)
-    unpcklps    xmm0, xmm1              ; xmm0=(02 03 12 13)
-    unpckhps    xmm4, xmm1              ; xmm4=(22 23 32 33)
-    movaps      xmm5, xmm2              ; transpose coefficients(phase 1)
-    unpcklps    xmm2, xmm3              ; xmm2=(42 43 52 53)
-    unpckhps    xmm5, xmm3              ; xmm5=(62 63 72 73)
-
-    movaps      xmm6, XMMWORD [XMMBLOCK(0,0,rdx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm7, XMMWORD [XMMBLOCK(1,0,rdx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm1, XMMWORD [XMMBLOCK(4,0,rdx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm3, XMMWORD [XMMBLOCK(5,0,rdx,SIZEOF_FAST_FLOAT)]
-
-    ; xmm6=(00 10 20 30), xmm1=(40 50 60 70)
-    ; xmm7=(01 11 21 31), xmm3=(41 51 61 71)
-
-    movaps      XMMWORD [wk(0)], xmm4   ; wk(0)=(22 23 32 33)
-    movaps      XMMWORD [wk(1)], xmm2   ; wk(1)=(42 43 52 53)
-
-    movaps      xmm4, xmm6              ; transpose coefficients(phase 1)
-    unpcklps    xmm6, xmm7              ; xmm6=(00 01 10 11)
-    unpckhps    xmm4, xmm7              ; xmm4=(20 21 30 31)
-    movaps      xmm2, xmm1              ; transpose coefficients(phase 1)
-    unpcklps    xmm1, xmm3              ; xmm1=(40 41 50 51)
-    unpckhps    xmm2, xmm3              ; xmm2=(60 61 70 71)
-
-    movaps      xmm7, xmm6              ; transpose coefficients(phase 2)
-    unpcklps2   xmm6, xmm0              ; xmm6=(00 01 02 03)=data0
-    unpckhps2   xmm7, xmm0              ; xmm7=(10 11 12 13)=data1
-    movaps      xmm3, xmm2              ; transpose coefficients(phase 2)
-    unpcklps2   xmm2, xmm5              ; xmm2=(60 61 62 63)=data6
-    unpckhps2   xmm3, xmm5              ; xmm3=(70 71 72 73)=data7
-
-    movaps      xmm0, xmm7
-    movaps      xmm5, xmm6
-    subps       xmm7, xmm2              ; xmm7=data1-data6=tmp6
-    subps       xmm6, xmm3              ; xmm6=data0-data7=tmp7
-    addps       xmm0, xmm2              ; xmm0=data1+data6=tmp1
-    addps       xmm5, xmm3              ; xmm5=data0+data7=tmp0
-
-    movaps      xmm2, XMMWORD [wk(0)]   ; xmm2=(22 23 32 33)
-    movaps      xmm3, XMMWORD [wk(1)]   ; xmm3=(42 43 52 53)
-    movaps      XMMWORD [wk(0)], xmm7   ; wk(0)=tmp6
-    movaps      XMMWORD [wk(1)], xmm6   ; wk(1)=tmp7
-
-    movaps      xmm7, xmm4              ; transpose coefficients(phase 2)
-    unpcklps2   xmm4, xmm2              ; xmm4=(20 21 22 23)=data2
-    unpckhps2   xmm7, xmm2              ; xmm7=(30 31 32 33)=data3
-    movaps      xmm6, xmm1              ; transpose coefficients(phase 2)
-    unpcklps2   xmm1, xmm3              ; xmm1=(40 41 42 43)=data4
-    unpckhps2   xmm6, xmm3              ; xmm6=(50 51 52 53)=data5
-
-    movaps      xmm2, xmm7
-    movaps      xmm3, xmm4
-    addps       xmm7, xmm1              ; xmm7=data3+data4=tmp3
-    addps       xmm4, xmm6              ; xmm4=data2+data5=tmp2
-    subps       xmm2, xmm1              ; xmm2=data3-data4=tmp4
-    subps       xmm3, xmm6              ; xmm3=data2-data5=tmp5
-
-    ; -- Even part
-
-    movaps      xmm1, xmm5
-    movaps      xmm6, xmm0
-    subps       xmm5, xmm7              ; xmm5=tmp13
-    subps       xmm0, xmm4              ; xmm0=tmp12
-    addps       xmm1, xmm7              ; xmm1=tmp10
-    addps       xmm6, xmm4              ; xmm6=tmp11
-
-    addps       xmm0, xmm5
-    mulps       xmm0, [rel PD_0_707]    ; xmm0=z1
-
-    movaps      xmm7, xmm1
-    movaps      xmm4, xmm5
-    subps       xmm1, xmm6              ; xmm1=data4
-    subps       xmm5, xmm0              ; xmm5=data6
-    addps       xmm7, xmm6              ; xmm7=data0
-    addps       xmm4, xmm0              ; xmm4=data2
-
-    movaps      XMMWORD [XMMBLOCK(4,0,rdx,SIZEOF_FAST_FLOAT)], xmm1
-    movaps      XMMWORD [XMMBLOCK(6,0,rdx,SIZEOF_FAST_FLOAT)], xmm5
-    movaps      XMMWORD [XMMBLOCK(0,0,rdx,SIZEOF_FAST_FLOAT)], xmm7
-    movaps      XMMWORD [XMMBLOCK(2,0,rdx,SIZEOF_FAST_FLOAT)], xmm4
-
-    ; -- Odd part
-
-    movaps      xmm6, XMMWORD [wk(0)]   ; xmm6=tmp6
-    movaps      xmm0, XMMWORD [wk(1)]   ; xmm0=tmp7
-
-    addps       xmm2, xmm3              ; xmm2=tmp10
-    addps       xmm3, xmm6              ; xmm3=tmp11
-    addps       xmm6, xmm0              ; xmm6=tmp12, xmm0=tmp7
-
-    mulps       xmm3, [rel PD_0_707]    ; xmm3=z3
-
-    movaps      xmm1, xmm2              ; xmm1=tmp10
-    subps       xmm2, xmm6
-    mulps       xmm2, [rel PD_0_382]    ; xmm2=z5
-    mulps       xmm1, [rel PD_0_541]    ; xmm1=MULTIPLY(tmp10,FIX_0_541196)
-    mulps       xmm6, [rel PD_1_306]    ; xmm6=MULTIPLY(tmp12,FIX_1_306562)
-    addps       xmm1, xmm2              ; xmm1=z2
-    addps       xmm6, xmm2              ; xmm6=z4
-
-    movaps      xmm5, xmm0
-    subps       xmm0, xmm3              ; xmm0=z13
-    addps       xmm5, xmm3              ; xmm5=z11
-
-    movaps      xmm7, xmm0
-    movaps      xmm4, xmm5
-    subps       xmm0, xmm1              ; xmm0=data3
-    subps       xmm5, xmm6              ; xmm5=data7
-    addps       xmm7, xmm1              ; xmm7=data5
-    addps       xmm4, xmm6              ; xmm4=data1
-
-    movaps      XMMWORD [XMMBLOCK(3,0,rdx,SIZEOF_FAST_FLOAT)], xmm0
-    movaps      XMMWORD [XMMBLOCK(7,0,rdx,SIZEOF_FAST_FLOAT)], xmm5
-    movaps      XMMWORD [XMMBLOCK(5,0,rdx,SIZEOF_FAST_FLOAT)], xmm7
-    movaps      XMMWORD [XMMBLOCK(1,0,rdx,SIZEOF_FAST_FLOAT)], xmm4
-
-    add         rdx, byte 4*SIZEOF_FAST_FLOAT
-    dec         rcx
-    jnz         near .columnloop
-
-    uncollect_args 1
-    mov         rsp, rbp                ; rsp <- aligned rbp
-    pop         rsp                     ; rsp <- original rbp
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jfdctfst-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jfdctfst-sse2.asm
deleted file mode 100644
index 2e1bfe6..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jfdctfst-sse2.asm
+++ /dev/null
@@ -1,389 +0,0 @@
-;
-; jfdctfst.asm - fast integer FDCT (64-bit SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a fast, not so accurate integer implementation of
-; the forward DCT (Discrete Cosine Transform). The following code is
-; based directly on the IJG's original jfdctfst.c; see the jfdctfst.c
-; for more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%define CONST_BITS  8  ; 14 is also OK.
-
-%if CONST_BITS == 8
-F_0_382 equ  98  ; FIX(0.382683433)
-F_0_541 equ 139  ; FIX(0.541196100)
-F_0_707 equ 181  ; FIX(0.707106781)
-F_1_306 equ 334  ; FIX(1.306562965)
-%else
-; NASM cannot do compile-time arithmetic on floating-point constants.
-%define DESCALE(x, n)  (((x) + (1 << ((n) - 1))) >> (n))
-F_0_382 equ DESCALE( 410903207, 30 - CONST_BITS)  ; FIX(0.382683433)
-F_0_541 equ DESCALE( 581104887, 30 - CONST_BITS)  ; FIX(0.541196100)
-F_0_707 equ DESCALE( 759250124, 30 - CONST_BITS)  ; FIX(0.707106781)
-F_1_306 equ DESCALE(1402911301, 30 - CONST_BITS)  ; FIX(1.306562965)
-%endif
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-; PRE_MULTIPLY_SCALE_BITS <= 2 (to avoid overflow)
-; CONST_BITS + CONST_SHIFT + PRE_MULTIPLY_SCALE_BITS == 16 (for pmulhw)
-
-%define PRE_MULTIPLY_SCALE_BITS  2
-%define CONST_SHIFT              (16 - PRE_MULTIPLY_SCALE_BITS - CONST_BITS)
-
-    alignz      32
-    GLOBAL_DATA(jconst_fdct_ifast_sse2)
-
-EXTN(jconst_fdct_ifast_sse2):
-
-PW_F0707 times 8 dw F_0_707 << CONST_SHIFT
-PW_F0382 times 8 dw F_0_382 << CONST_SHIFT
-PW_F0541 times 8 dw F_0_541 << CONST_SHIFT
-PW_F1306 times 8 dw F_1_306 << CONST_SHIFT
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-;
-; Perform the forward DCT on one block of samples.
-;
-; GLOBAL(void)
-; jsimd_fdct_ifast_sse2(DCTELEM *data)
-;
-
-; r10 = DCTELEM *data
-
-%define wk(i)   rbp - (WK_NUM - (i)) * SIZEOF_XMMWORD  ; xmmword wk[WK_NUM]
-%define WK_NUM  2
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_fdct_ifast_sse2)
-
-EXTN(jsimd_fdct_ifast_sse2):
-    push        rbp
-    mov         rax, rsp                     ; rax = original rbp
-    sub         rsp, byte 4
-    and         rsp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [rsp], rax
-    mov         rbp, rsp                     ; rbp = aligned rbp
-    lea         rsp, [wk(0)]
-    collect_args 1
-
-    ; ---- Pass 1: process rows.
-
-    mov         rdx, r10                ; (DCTELEM *)
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(0,0,rdx,SIZEOF_DCTELEM)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(1,0,rdx,SIZEOF_DCTELEM)]
-    movdqa      xmm2, XMMWORD [XMMBLOCK(2,0,rdx,SIZEOF_DCTELEM)]
-    movdqa      xmm3, XMMWORD [XMMBLOCK(3,0,rdx,SIZEOF_DCTELEM)]
-
-    ; xmm0=(00 01 02 03 04 05 06 07), xmm2=(20 21 22 23 24 25 26 27)
-    ; xmm1=(10 11 12 13 14 15 16 17), xmm3=(30 31 32 33 34 35 36 37)
-
-    movdqa      xmm4, xmm0              ; transpose coefficients(phase 1)
-    punpcklwd   xmm0, xmm1              ; xmm0=(00 10 01 11 02 12 03 13)
-    punpckhwd   xmm4, xmm1              ; xmm4=(04 14 05 15 06 16 07 17)
-    movdqa      xmm5, xmm2              ; transpose coefficients(phase 1)
-    punpcklwd   xmm2, xmm3              ; xmm2=(20 30 21 31 22 32 23 33)
-    punpckhwd   xmm5, xmm3              ; xmm5=(24 34 25 35 26 36 27 37)
-
-    movdqa      xmm6, XMMWORD [XMMBLOCK(4,0,rdx,SIZEOF_DCTELEM)]
-    movdqa      xmm7, XMMWORD [XMMBLOCK(5,0,rdx,SIZEOF_DCTELEM)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(6,0,rdx,SIZEOF_DCTELEM)]
-    movdqa      xmm3, XMMWORD [XMMBLOCK(7,0,rdx,SIZEOF_DCTELEM)]
-
-    ; xmm6=( 4 12 20 28 36 44 52 60), xmm1=( 6 14 22 30 38 46 54 62)
-    ; xmm7=( 5 13 21 29 37 45 53 61), xmm3=( 7 15 23 31 39 47 55 63)
-
-    movdqa      XMMWORD [wk(0)], xmm2   ; wk(0)=(20 30 21 31 22 32 23 33)
-    movdqa      XMMWORD [wk(1)], xmm5   ; wk(1)=(24 34 25 35 26 36 27 37)
-
-    movdqa      xmm2, xmm6              ; transpose coefficients(phase 1)
-    punpcklwd   xmm6, xmm7              ; xmm6=(40 50 41 51 42 52 43 53)
-    punpckhwd   xmm2, xmm7              ; xmm2=(44 54 45 55 46 56 47 57)
-    movdqa      xmm5, xmm1              ; transpose coefficients(phase 1)
-    punpcklwd   xmm1, xmm3              ; xmm1=(60 70 61 71 62 72 63 73)
-    punpckhwd   xmm5, xmm3              ; xmm5=(64 74 65 75 66 76 67 77)
-
-    movdqa      xmm7, xmm6              ; transpose coefficients(phase 2)
-    punpckldq   xmm6, xmm1              ; xmm6=(40 50 60 70 41 51 61 71)
-    punpckhdq   xmm7, xmm1              ; xmm7=(42 52 62 72 43 53 63 73)
-    movdqa      xmm3, xmm2              ; transpose coefficients(phase 2)
-    punpckldq   xmm2, xmm5              ; xmm2=(44 54 64 74 45 55 65 75)
-    punpckhdq   xmm3, xmm5              ; xmm3=(46 56 66 76 47 57 67 77)
-
-    movdqa      xmm1, XMMWORD [wk(0)]   ; xmm1=(20 30 21 31 22 32 23 33)
-    movdqa      xmm5, XMMWORD [wk(1)]   ; xmm5=(24 34 25 35 26 36 27 37)
-    movdqa      XMMWORD [wk(0)], xmm7   ; wk(0)=(42 52 62 72 43 53 63 73)
-    movdqa      XMMWORD [wk(1)], xmm2   ; wk(1)=(44 54 64 74 45 55 65 75)
-
-    movdqa      xmm7, xmm0              ; transpose coefficients(phase 2)
-    punpckldq   xmm0, xmm1              ; xmm0=(00 10 20 30 01 11 21 31)
-    punpckhdq   xmm7, xmm1              ; xmm7=(02 12 22 32 03 13 23 33)
-    movdqa      xmm2, xmm4              ; transpose coefficients(phase 2)
-    punpckldq   xmm4, xmm5              ; xmm4=(04 14 24 34 05 15 25 35)
-    punpckhdq   xmm2, xmm5              ; xmm2=(06 16 26 36 07 17 27 37)
-
-    movdqa      xmm1, xmm0              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm0, xmm6              ; xmm0=(00 10 20 30 40 50 60 70)=data0
-    punpckhqdq  xmm1, xmm6              ; xmm1=(01 11 21 31 41 51 61 71)=data1
-    movdqa      xmm5, xmm2              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm2, xmm3              ; xmm2=(06 16 26 36 46 56 66 76)=data6
-    punpckhqdq  xmm5, xmm3              ; xmm5=(07 17 27 37 47 57 67 77)=data7
-
-    movdqa      xmm6, xmm1
-    movdqa      xmm3, xmm0
-    psubw       xmm1, xmm2              ; xmm1=data1-data6=tmp6
-    psubw       xmm0, xmm5              ; xmm0=data0-data7=tmp7
-    paddw       xmm6, xmm2              ; xmm6=data1+data6=tmp1
-    paddw       xmm3, xmm5              ; xmm3=data0+data7=tmp0
-
-    movdqa      xmm2, XMMWORD [wk(0)]   ; xmm2=(42 52 62 72 43 53 63 73)
-    movdqa      xmm5, XMMWORD [wk(1)]   ; xmm5=(44 54 64 74 45 55 65 75)
-    movdqa      XMMWORD [wk(0)], xmm1   ; wk(0)=tmp6
-    movdqa      XMMWORD [wk(1)], xmm0   ; wk(1)=tmp7
-
-    movdqa      xmm1, xmm7              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm7, xmm2              ; xmm7=(02 12 22 32 42 52 62 72)=data2
-    punpckhqdq  xmm1, xmm2              ; xmm1=(03 13 23 33 43 53 63 73)=data3
-    movdqa      xmm0, xmm4              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm4, xmm5              ; xmm4=(04 14 24 34 44 54 64 74)=data4
-    punpckhqdq  xmm0, xmm5              ; xmm0=(05 15 25 35 45 55 65 75)=data5
-
-    movdqa      xmm2, xmm1
-    movdqa      xmm5, xmm7
-    paddw       xmm1, xmm4              ; xmm1=data3+data4=tmp3
-    paddw       xmm7, xmm0              ; xmm7=data2+data5=tmp2
-    psubw       xmm2, xmm4              ; xmm2=data3-data4=tmp4
-    psubw       xmm5, xmm0              ; xmm5=data2-data5=tmp5
-
-    ; -- Even part
-
-    movdqa      xmm4, xmm3
-    movdqa      xmm0, xmm6
-    psubw       xmm3, xmm1              ; xmm3=tmp13
-    psubw       xmm6, xmm7              ; xmm6=tmp12
-    paddw       xmm4, xmm1              ; xmm4=tmp10
-    paddw       xmm0, xmm7              ; xmm0=tmp11
-
-    paddw       xmm6, xmm3
-    psllw       xmm6, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      xmm6, [rel PW_F0707]    ; xmm6=z1
-
-    movdqa      xmm1, xmm4
-    movdqa      xmm7, xmm3
-    psubw       xmm4, xmm0              ; xmm4=data4
-    psubw       xmm3, xmm6              ; xmm3=data6
-    paddw       xmm1, xmm0              ; xmm1=data0
-    paddw       xmm7, xmm6              ; xmm7=data2
-
-    movdqa      xmm0, XMMWORD [wk(0)]   ; xmm0=tmp6
-    movdqa      xmm6, XMMWORD [wk(1)]   ; xmm6=tmp7
-    movdqa      XMMWORD [wk(0)], xmm4   ; wk(0)=data4
-    movdqa      XMMWORD [wk(1)], xmm3   ; wk(1)=data6
-
-    ; -- Odd part
-
-    paddw       xmm2, xmm5              ; xmm2=tmp10
-    paddw       xmm5, xmm0              ; xmm5=tmp11
-    paddw       xmm0, xmm6              ; xmm0=tmp12, xmm6=tmp7
-
-    psllw       xmm2, PRE_MULTIPLY_SCALE_BITS
-    psllw       xmm0, PRE_MULTIPLY_SCALE_BITS
-
-    psllw       xmm5, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      xmm5, [rel PW_F0707]    ; xmm5=z3
-
-    movdqa      xmm4, xmm2              ; xmm4=tmp10
-    psubw       xmm2, xmm0
-    pmulhw      xmm2, [rel PW_F0382]    ; xmm2=z5
-    pmulhw      xmm4, [rel PW_F0541]    ; xmm4=MULTIPLY(tmp10,FIX_0_541196)
-    pmulhw      xmm0, [rel PW_F1306]    ; xmm0=MULTIPLY(tmp12,FIX_1_306562)
-    paddw       xmm4, xmm2              ; xmm4=z2
-    paddw       xmm0, xmm2              ; xmm0=z4
-
-    movdqa      xmm3, xmm6
-    psubw       xmm6, xmm5              ; xmm6=z13
-    paddw       xmm3, xmm5              ; xmm3=z11
-
-    movdqa      xmm2, xmm6
-    movdqa      xmm5, xmm3
-    psubw       xmm6, xmm4              ; xmm6=data3
-    psubw       xmm3, xmm0              ; xmm3=data7
-    paddw       xmm2, xmm4              ; xmm2=data5
-    paddw       xmm5, xmm0              ; xmm5=data1
-
-    ; ---- Pass 2: process columns.
-
-    ; xmm1=(00 10 20 30 40 50 60 70), xmm7=(02 12 22 32 42 52 62 72)
-    ; xmm5=(01 11 21 31 41 51 61 71), xmm6=(03 13 23 33 43 53 63 73)
-
-    movdqa      xmm4, xmm1              ; transpose coefficients(phase 1)
-    punpcklwd   xmm1, xmm5              ; xmm1=(00 01 10 11 20 21 30 31)
-    punpckhwd   xmm4, xmm5              ; xmm4=(40 41 50 51 60 61 70 71)
-    movdqa      xmm0, xmm7              ; transpose coefficients(phase 1)
-    punpcklwd   xmm7, xmm6              ; xmm7=(02 03 12 13 22 23 32 33)
-    punpckhwd   xmm0, xmm6              ; xmm0=(42 43 52 53 62 63 72 73)
-
-    movdqa      xmm5, XMMWORD [wk(0)]   ; xmm5=col4
-    movdqa      xmm6, XMMWORD [wk(1)]   ; xmm6=col6
-
-    ; xmm5=(04 14 24 34 44 54 64 74), xmm6=(06 16 26 36 46 56 66 76)
-    ; xmm2=(05 15 25 35 45 55 65 75), xmm3=(07 17 27 37 47 57 67 77)
-
-    movdqa      XMMWORD [wk(0)], xmm7   ; wk(0)=(02 03 12 13 22 23 32 33)
-    movdqa      XMMWORD [wk(1)], xmm0   ; wk(1)=(42 43 52 53 62 63 72 73)
-
-    movdqa      xmm7, xmm5              ; transpose coefficients(phase 1)
-    punpcklwd   xmm5, xmm2              ; xmm5=(04 05 14 15 24 25 34 35)
-    punpckhwd   xmm7, xmm2              ; xmm7=(44 45 54 55 64 65 74 75)
-    movdqa      xmm0, xmm6              ; transpose coefficients(phase 1)
-    punpcklwd   xmm6, xmm3              ; xmm6=(06 07 16 17 26 27 36 37)
-    punpckhwd   xmm0, xmm3              ; xmm0=(46 47 56 57 66 67 76 77)
-
-    movdqa      xmm2, xmm5              ; transpose coefficients(phase 2)
-    punpckldq   xmm5, xmm6              ; xmm5=(04 05 06 07 14 15 16 17)
-    punpckhdq   xmm2, xmm6              ; xmm2=(24 25 26 27 34 35 36 37)
-    movdqa      xmm3, xmm7              ; transpose coefficients(phase 2)
-    punpckldq   xmm7, xmm0              ; xmm7=(44 45 46 47 54 55 56 57)
-    punpckhdq   xmm3, xmm0              ; xmm3=(64 65 66 67 74 75 76 77)
-
-    movdqa      xmm6, XMMWORD [wk(0)]   ; xmm6=(02 03 12 13 22 23 32 33)
-    movdqa      xmm0, XMMWORD [wk(1)]   ; xmm0=(42 43 52 53 62 63 72 73)
-    movdqa      XMMWORD [wk(0)], xmm2   ; wk(0)=(24 25 26 27 34 35 36 37)
-    movdqa      XMMWORD [wk(1)], xmm7   ; wk(1)=(44 45 46 47 54 55 56 57)
-
-    movdqa      xmm2, xmm1              ; transpose coefficients(phase 2)
-    punpckldq   xmm1, xmm6              ; xmm1=(00 01 02 03 10 11 12 13)
-    punpckhdq   xmm2, xmm6              ; xmm2=(20 21 22 23 30 31 32 33)
-    movdqa      xmm7, xmm4              ; transpose coefficients(phase 2)
-    punpckldq   xmm4, xmm0              ; xmm4=(40 41 42 43 50 51 52 53)
-    punpckhdq   xmm7, xmm0              ; xmm7=(60 61 62 63 70 71 72 73)
-
-    movdqa      xmm6, xmm1              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm1, xmm5              ; xmm1=(00 01 02 03 04 05 06 07)=data0
-    punpckhqdq  xmm6, xmm5              ; xmm6=(10 11 12 13 14 15 16 17)=data1
-    movdqa      xmm0, xmm7              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm7, xmm3              ; xmm7=(60 61 62 63 64 65 66 67)=data6
-    punpckhqdq  xmm0, xmm3              ; xmm0=(70 71 72 73 74 75 76 77)=data7
-
-    movdqa      xmm5, xmm6
-    movdqa      xmm3, xmm1
-    psubw       xmm6, xmm7              ; xmm6=data1-data6=tmp6
-    psubw       xmm1, xmm0              ; xmm1=data0-data7=tmp7
-    paddw       xmm5, xmm7              ; xmm5=data1+data6=tmp1
-    paddw       xmm3, xmm0              ; xmm3=data0+data7=tmp0
-
-    movdqa      xmm7, XMMWORD [wk(0)]   ; xmm7=(24 25 26 27 34 35 36 37)
-    movdqa      xmm0, XMMWORD [wk(1)]   ; xmm0=(44 45 46 47 54 55 56 57)
-    movdqa      XMMWORD [wk(0)], xmm6   ; wk(0)=tmp6
-    movdqa      XMMWORD [wk(1)], xmm1   ; wk(1)=tmp7
-
-    movdqa      xmm6, xmm2              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm2, xmm7              ; xmm2=(20 21 22 23 24 25 26 27)=data2
-    punpckhqdq  xmm6, xmm7              ; xmm6=(30 31 32 33 34 35 36 37)=data3
-    movdqa      xmm1, xmm4              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm4, xmm0              ; xmm4=(40 41 42 43 44 45 46 47)=data4
-    punpckhqdq  xmm1, xmm0              ; xmm1=(50 51 52 53 54 55 56 57)=data5
-
-    movdqa      xmm7, xmm6
-    movdqa      xmm0, xmm2
-    paddw       xmm6, xmm4              ; xmm6=data3+data4=tmp3
-    paddw       xmm2, xmm1              ; xmm2=data2+data5=tmp2
-    psubw       xmm7, xmm4              ; xmm7=data3-data4=tmp4
-    psubw       xmm0, xmm1              ; xmm0=data2-data5=tmp5
-
-    ; -- Even part
-
-    movdqa      xmm4, xmm3
-    movdqa      xmm1, xmm5
-    psubw       xmm3, xmm6              ; xmm3=tmp13
-    psubw       xmm5, xmm2              ; xmm5=tmp12
-    paddw       xmm4, xmm6              ; xmm4=tmp10
-    paddw       xmm1, xmm2              ; xmm1=tmp11
-
-    paddw       xmm5, xmm3
-    psllw       xmm5, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      xmm5, [rel PW_F0707]    ; xmm5=z1
-
-    movdqa      xmm6, xmm4
-    movdqa      xmm2, xmm3
-    psubw       xmm4, xmm1              ; xmm4=data4
-    psubw       xmm3, xmm5              ; xmm3=data6
-    paddw       xmm6, xmm1              ; xmm6=data0
-    paddw       xmm2, xmm5              ; xmm2=data2
-
-    movdqa      XMMWORD [XMMBLOCK(4,0,rdx,SIZEOF_DCTELEM)], xmm4
-    movdqa      XMMWORD [XMMBLOCK(6,0,rdx,SIZEOF_DCTELEM)], xmm3
-    movdqa      XMMWORD [XMMBLOCK(0,0,rdx,SIZEOF_DCTELEM)], xmm6
-    movdqa      XMMWORD [XMMBLOCK(2,0,rdx,SIZEOF_DCTELEM)], xmm2
-
-    ; -- Odd part
-
-    movdqa      xmm1, XMMWORD [wk(0)]   ; xmm1=tmp6
-    movdqa      xmm5, XMMWORD [wk(1)]   ; xmm5=tmp7
-
-    paddw       xmm7, xmm0              ; xmm7=tmp10
-    paddw       xmm0, xmm1              ; xmm0=tmp11
-    paddw       xmm1, xmm5              ; xmm1=tmp12, xmm5=tmp7
-
-    psllw       xmm7, PRE_MULTIPLY_SCALE_BITS
-    psllw       xmm1, PRE_MULTIPLY_SCALE_BITS
-
-    psllw       xmm0, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      xmm0, [rel PW_F0707]    ; xmm0=z3
-
-    movdqa      xmm4, xmm7              ; xmm4=tmp10
-    psubw       xmm7, xmm1
-    pmulhw      xmm7, [rel PW_F0382]    ; xmm7=z5
-    pmulhw      xmm4, [rel PW_F0541]    ; xmm4=MULTIPLY(tmp10,FIX_0_541196)
-    pmulhw      xmm1, [rel PW_F1306]    ; xmm1=MULTIPLY(tmp12,FIX_1_306562)
-    paddw       xmm4, xmm7              ; xmm4=z2
-    paddw       xmm1, xmm7              ; xmm1=z4
-
-    movdqa      xmm3, xmm5
-    psubw       xmm5, xmm0              ; xmm5=z13
-    paddw       xmm3, xmm0              ; xmm3=z11
-
-    movdqa      xmm6, xmm5
-    movdqa      xmm2, xmm3
-    psubw       xmm5, xmm4              ; xmm5=data3
-    psubw       xmm3, xmm1              ; xmm3=data7
-    paddw       xmm6, xmm4              ; xmm6=data5
-    paddw       xmm2, xmm1              ; xmm2=data1
-
-    movdqa      XMMWORD [XMMBLOCK(3,0,rdx,SIZEOF_DCTELEM)], xmm5
-    movdqa      XMMWORD [XMMBLOCK(7,0,rdx,SIZEOF_DCTELEM)], xmm3
-    movdqa      XMMWORD [XMMBLOCK(5,0,rdx,SIZEOF_DCTELEM)], xmm6
-    movdqa      XMMWORD [XMMBLOCK(1,0,rdx,SIZEOF_DCTELEM)], xmm2
-
-    uncollect_args 1
-    mov         rsp, rbp                ; rsp <- aligned rbp
-    pop         rsp                     ; rsp <- original rbp
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jfdctint-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jfdctint-avx2.asm
deleted file mode 100644
index e56258b..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jfdctint-avx2.asm
+++ /dev/null
@@ -1,320 +0,0 @@
-;
-; jfdctint.asm - accurate integer FDCT (64-bit AVX2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, 2018, 2020, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a slower but more accurate integer implementation of the
-; forward DCT (Discrete Cosine Transform). The following code is based
-; directly on the IJG's original jfdctint.c; see the jfdctint.c for
-; more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%define CONST_BITS  13
-%define PASS1_BITS  2
-
-%define DESCALE_P1  (CONST_BITS - PASS1_BITS)
-%define DESCALE_P2  (CONST_BITS + PASS1_BITS)
-
-%if CONST_BITS == 13
-F_0_298 equ  2446  ; FIX(0.298631336)
-F_0_390 equ  3196  ; FIX(0.390180644)
-F_0_541 equ  4433  ; FIX(0.541196100)
-F_0_765 equ  6270  ; FIX(0.765366865)
-F_0_899 equ  7373  ; FIX(0.899976223)
-F_1_175 equ  9633  ; FIX(1.175875602)
-F_1_501 equ 12299  ; FIX(1.501321110)
-F_1_847 equ 15137  ; FIX(1.847759065)
-F_1_961 equ 16069  ; FIX(1.961570560)
-F_2_053 equ 16819  ; FIX(2.053119869)
-F_2_562 equ 20995  ; FIX(2.562915447)
-F_3_072 equ 25172  ; FIX(3.072711026)
-%else
-; NASM cannot do compile-time arithmetic on floating-point constants.
-%define DESCALE(x, n)  (((x) + (1 << ((n) - 1))) >> (n))
-F_0_298 equ DESCALE( 320652955, 30 - CONST_BITS)  ; FIX(0.298631336)
-F_0_390 equ DESCALE( 418953276, 30 - CONST_BITS)  ; FIX(0.390180644)
-F_0_541 equ DESCALE( 581104887, 30 - CONST_BITS)  ; FIX(0.541196100)
-F_0_765 equ DESCALE( 821806413, 30 - CONST_BITS)  ; FIX(0.765366865)
-F_0_899 equ DESCALE( 966342111, 30 - CONST_BITS)  ; FIX(0.899976223)
-F_1_175 equ DESCALE(1262586813, 30 - CONST_BITS)  ; FIX(1.175875602)
-F_1_501 equ DESCALE(1612031267, 30 - CONST_BITS)  ; FIX(1.501321110)
-F_1_847 equ DESCALE(1984016188, 30 - CONST_BITS)  ; FIX(1.847759065)
-F_1_961 equ DESCALE(2106220350, 30 - CONST_BITS)  ; FIX(1.961570560)
-F_2_053 equ DESCALE(2204520673, 30 - CONST_BITS)  ; FIX(2.053119869)
-F_2_562 equ DESCALE(2751909506, 30 - CONST_BITS)  ; FIX(2.562915447)
-F_3_072 equ DESCALE(3299298341, 30 - CONST_BITS)  ; FIX(3.072711026)
-%endif
-
-; --------------------------------------------------------------------------
-; In-place 8x8x16-bit matrix transpose using AVX2 instructions
-; %1-%4: Input/output registers
-; %5-%8: Temp registers
-
-%macro dotranspose 8
-    ; %1=(00 01 02 03 04 05 06 07  40 41 42 43 44 45 46 47)
-    ; %2=(10 11 12 13 14 15 16 17  50 51 52 53 54 55 56 57)
-    ; %3=(20 21 22 23 24 25 26 27  60 61 62 63 64 65 66 67)
-    ; %4=(30 31 32 33 34 35 36 37  70 71 72 73 74 75 76 77)
-
-    vpunpcklwd  %5, %1, %2
-    vpunpckhwd  %6, %1, %2
-    vpunpcklwd  %7, %3, %4
-    vpunpckhwd  %8, %3, %4
-    ; transpose coefficients(phase 1)
-    ; %5=(00 10 01 11 02 12 03 13  40 50 41 51 42 52 43 53)
-    ; %6=(04 14 05 15 06 16 07 17  44 54 45 55 46 56 47 57)
-    ; %7=(20 30 21 31 22 32 23 33  60 70 61 71 62 72 63 73)
-    ; %8=(24 34 25 35 26 36 27 37  64 74 65 75 66 76 67 77)
-
-    vpunpckldq  %1, %5, %7
-    vpunpckhdq  %2, %5, %7
-    vpunpckldq  %3, %6, %8
-    vpunpckhdq  %4, %6, %8
-    ; transpose coefficients(phase 2)
-    ; %1=(00 10 20 30 01 11 21 31  40 50 60 70 41 51 61 71)
-    ; %2=(02 12 22 32 03 13 23 33  42 52 62 72 43 53 63 73)
-    ; %3=(04 14 24 34 05 15 25 35  44 54 64 74 45 55 65 75)
-    ; %4=(06 16 26 36 07 17 27 37  46 56 66 76 47 57 67 77)
-
-    vpermq      %1, %1, 0x8D
-    vpermq      %2, %2, 0x8D
-    vpermq      %3, %3, 0xD8
-    vpermq      %4, %4, 0xD8
-    ; transpose coefficients(phase 3)
-    ; %1=(01 11 21 31 41 51 61 71  00 10 20 30 40 50 60 70)
-    ; %2=(03 13 23 33 43 53 63 73  02 12 22 32 42 52 62 72)
-    ; %3=(04 14 24 34 44 54 64 74  05 15 25 35 45 55 65 75)
-    ; %4=(06 16 26 36 46 56 66 76  07 17 27 37 47 57 67 77)
-%endmacro
-
-; --------------------------------------------------------------------------
-; In-place 8x8x16-bit accurate integer forward DCT using AVX2 instructions
-; %1-%4: Input/output registers
-; %5-%8: Temp registers
-; %9:    Pass (1 or 2)
-
-%macro dodct 9
-    vpsubw      %5, %1, %4              ; %5=data1_0-data6_7=tmp6_7
-    vpaddw      %6, %1, %4              ; %6=data1_0+data6_7=tmp1_0
-    vpaddw      %7, %2, %3              ; %7=data3_2+data4_5=tmp3_2
-    vpsubw      %8, %2, %3              ; %8=data3_2-data4_5=tmp4_5
-
-    ; -- Even part
-
-    vperm2i128  %6, %6, %6, 0x01        ; %6=tmp0_1
-    vpaddw      %1, %6, %7              ; %1=tmp0_1+tmp3_2=tmp10_11
-    vpsubw      %6, %6, %7              ; %6=tmp0_1-tmp3_2=tmp13_12
-
-    vperm2i128  %7, %1, %1, 0x01        ; %7=tmp11_10
-    vpsignw     %1, %1, [rel PW_1_NEG1]  ; %1=tmp10_neg11
-    vpaddw      %7, %7, %1              ; %7=(tmp10+tmp11)_(tmp10-tmp11)
-%if %9 == 1
-    vpsllw      %1, %7, PASS1_BITS      ; %1=data0_4
-%else
-    vpaddw      %7, %7, [rel PW_DESCALE_P2X]
-    vpsraw      %1, %7, PASS1_BITS      ; %1=data0_4
-%endif
-
-    ; (Original)
-    ; z1 = (tmp12 + tmp13) * 0.541196100;
-    ; data2 = z1 + tmp13 * 0.765366865;
-    ; data6 = z1 + tmp12 * -1.847759065;
-    ;
-    ; (This implementation)
-    ; data2 = tmp13 * (0.541196100 + 0.765366865) + tmp12 * 0.541196100;
-    ; data6 = tmp13 * 0.541196100 + tmp12 * (0.541196100 - 1.847759065);
-
-    vperm2i128  %7, %6, %6, 0x01        ; %7=tmp12_13
-    vpunpcklwd  %2, %6, %7
-    vpunpckhwd  %6, %6, %7
-    vpmaddwd    %2, %2, [rel PW_F130_F054_MF130_F054]  ; %2=data2_6L
-    vpmaddwd    %6, %6, [rel PW_F130_F054_MF130_F054]  ; %6=data2_6H
-
-    vpaddd      %2, %2, [rel PD_DESCALE_P %+ %9]
-    vpaddd      %6, %6, [rel PD_DESCALE_P %+ %9]
-    vpsrad      %2, %2, DESCALE_P %+ %9
-    vpsrad      %6, %6, DESCALE_P %+ %9
-
-    vpackssdw   %3, %2, %6              ; %6=data2_6
-
-    ; -- Odd part
-
-    vpaddw      %7, %8, %5              ; %7=tmp4_5+tmp6_7=z3_4
-
-    ; (Original)
-    ; z5 = (z3 + z4) * 1.175875602;
-    ; z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644;
-    ; z3 += z5;  z4 += z5;
-    ;
-    ; (This implementation)
-    ; z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602;
-    ; z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644);
-
-    vperm2i128  %2, %7, %7, 0x01        ; %2=z4_3
-    vpunpcklwd  %6, %7, %2
-    vpunpckhwd  %7, %7, %2
-    vpmaddwd    %6, %6, [rel PW_MF078_F117_F078_F117]  ; %6=z3_4L
-    vpmaddwd    %7, %7, [rel PW_MF078_F117_F078_F117]  ; %7=z3_4H
-
-    ; (Original)
-    ; z1 = tmp4 + tmp7;  z2 = tmp5 + tmp6;
-    ; tmp4 = tmp4 * 0.298631336;  tmp5 = tmp5 * 2.053119869;
-    ; tmp6 = tmp6 * 3.072711026;  tmp7 = tmp7 * 1.501321110;
-    ; z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447;
-    ; data7 = tmp4 + z1 + z3;  data5 = tmp5 + z2 + z4;
-    ; data3 = tmp6 + z2 + z3;  data1 = tmp7 + z1 + z4;
-    ;
-    ; (This implementation)
-    ; tmp4 = tmp4 * (0.298631336 - 0.899976223) + tmp7 * -0.899976223;
-    ; tmp5 = tmp5 * (2.053119869 - 2.562915447) + tmp6 * -2.562915447;
-    ; tmp6 = tmp5 * -2.562915447 + tmp6 * (3.072711026 - 2.562915447);
-    ; tmp7 = tmp4 * -0.899976223 + tmp7 * (1.501321110 - 0.899976223);
-    ; data7 = tmp4 + z3;  data5 = tmp5 + z4;
-    ; data3 = tmp6 + z3;  data1 = tmp7 + z4;
-
-    vperm2i128  %4, %5, %5, 0x01        ; %4=tmp7_6
-    vpunpcklwd  %2, %8, %4
-    vpunpckhwd  %4, %8, %4
-    vpmaddwd    %2, %2, [rel PW_MF060_MF089_MF050_MF256]  ; %2=tmp4_5L
-    vpmaddwd    %4, %4, [rel PW_MF060_MF089_MF050_MF256]  ; %4=tmp4_5H
-
-    vpaddd      %2, %2, %6              ; %2=data7_5L
-    vpaddd      %4, %4, %7              ; %4=data7_5H
-
-    vpaddd      %2, %2, [rel PD_DESCALE_P %+ %9]
-    vpaddd      %4, %4, [rel PD_DESCALE_P %+ %9]
-    vpsrad      %2, %2, DESCALE_P %+ %9
-    vpsrad      %4, %4, DESCALE_P %+ %9
-
-    vpackssdw   %4, %2, %4              ; %4=data7_5
-
-    vperm2i128  %2, %8, %8, 0x01        ; %2=tmp5_4
-    vpunpcklwd  %8, %5, %2
-    vpunpckhwd  %5, %5, %2
-    vpmaddwd    %8, %8, [rel PW_F050_MF256_F060_MF089]  ; %8=tmp6_7L
-    vpmaddwd    %5, %5, [rel PW_F050_MF256_F060_MF089]  ; %5=tmp6_7H
-
-    vpaddd      %8, %8, %6              ; %8=data3_1L
-    vpaddd      %5, %5, %7              ; %5=data3_1H
-
-    vpaddd      %8, %8, [rel PD_DESCALE_P %+ %9]
-    vpaddd      %5, %5, [rel PD_DESCALE_P %+ %9]
-    vpsrad      %8, %8, DESCALE_P %+ %9
-    vpsrad      %5, %5, DESCALE_P %+ %9
-
-    vpackssdw   %2, %8, %5              ; %2=data3_1
-%endmacro
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_fdct_islow_avx2)
-
-EXTN(jconst_fdct_islow_avx2):
-
-PW_F130_F054_MF130_F054    times 4  dw  (F_0_541 + F_0_765),  F_0_541
-                           times 4  dw  (F_0_541 - F_1_847),  F_0_541
-PW_MF078_F117_F078_F117    times 4  dw  (F_1_175 - F_1_961),  F_1_175
-                           times 4  dw  (F_1_175 - F_0_390),  F_1_175
-PW_MF060_MF089_MF050_MF256 times 4  dw  (F_0_298 - F_0_899), -F_0_899
-                           times 4  dw  (F_2_053 - F_2_562), -F_2_562
-PW_F050_MF256_F060_MF089   times 4  dw  (F_3_072 - F_2_562), -F_2_562
-                           times 4  dw  (F_1_501 - F_0_899), -F_0_899
-PD_DESCALE_P1              times 8  dd  1 << (DESCALE_P1 - 1)
-PD_DESCALE_P2              times 8  dd  1 << (DESCALE_P2 - 1)
-PW_DESCALE_P2X             times 16 dw  1 << (PASS1_BITS - 1)
-PW_1_NEG1                  times 8  dw  1
-                           times 8  dw -1
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-;
-; Perform the forward DCT on one block of samples.
-;
-; GLOBAL(void)
-; jsimd_fdct_islow_avx2(DCTELEM *data)
-;
-
-; r10 = DCTELEM *data
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_fdct_islow_avx2)
-
-EXTN(jsimd_fdct_islow_avx2):
-    push        rbp
-    mov         rax, rsp
-    mov         rbp, rsp
-    collect_args 1
-
-    ; ---- Pass 1: process rows.
-
-    vmovdqu     ymm4, YMMWORD [YMMBLOCK(0,0,r10,SIZEOF_DCTELEM)]
-    vmovdqu     ymm5, YMMWORD [YMMBLOCK(2,0,r10,SIZEOF_DCTELEM)]
-    vmovdqu     ymm6, YMMWORD [YMMBLOCK(4,0,r10,SIZEOF_DCTELEM)]
-    vmovdqu     ymm7, YMMWORD [YMMBLOCK(6,0,r10,SIZEOF_DCTELEM)]
-    ; ymm4=(00 01 02 03 04 05 06 07  10 11 12 13 14 15 16 17)
-    ; ymm5=(20 21 22 23 24 25 26 27  30 31 32 33 34 35 36 37)
-    ; ymm6=(40 41 42 43 44 45 46 47  50 51 52 53 54 55 56 57)
-    ; ymm7=(60 61 62 63 64 65 66 67  70 71 72 73 74 75 76 77)
-
-    vperm2i128  ymm0, ymm4, ymm6, 0x20
-    vperm2i128  ymm1, ymm4, ymm6, 0x31
-    vperm2i128  ymm2, ymm5, ymm7, 0x20
-    vperm2i128  ymm3, ymm5, ymm7, 0x31
-    ; ymm0=(00 01 02 03 04 05 06 07  40 41 42 43 44 45 46 47)
-    ; ymm1=(10 11 12 13 14 15 16 17  50 51 52 53 54 55 56 57)
-    ; ymm2=(20 21 22 23 24 25 26 27  60 61 62 63 64 65 66 67)
-    ; ymm3=(30 31 32 33 34 35 36 37  70 71 72 73 74 75 76 77)
-
-    dotranspose ymm0, ymm1, ymm2, ymm3, ymm4, ymm5, ymm6, ymm7
-
-    dodct       ymm0, ymm1, ymm2, ymm3, ymm4, ymm5, ymm6, ymm7, 1
-    ; ymm0=data0_4, ymm1=data3_1, ymm2=data2_6, ymm3=data7_5
-
-    ; ---- Pass 2: process columns.
-
-    vperm2i128  ymm4, ymm1, ymm3, 0x20  ; ymm4=data3_7
-    vperm2i128  ymm1, ymm1, ymm3, 0x31  ; ymm1=data1_5
-
-    dotranspose ymm0, ymm1, ymm2, ymm4, ymm3, ymm5, ymm6, ymm7
-
-    dodct       ymm0, ymm1, ymm2, ymm4, ymm3, ymm5, ymm6, ymm7, 2
-    ; ymm0=data0_4, ymm1=data3_1, ymm2=data2_6, ymm4=data7_5
-
-    vperm2i128 ymm3, ymm0, ymm1, 0x30   ; ymm3=data0_1
-    vperm2i128 ymm5, ymm2, ymm1, 0x20   ; ymm5=data2_3
-    vperm2i128 ymm6, ymm0, ymm4, 0x31   ; ymm6=data4_5
-    vperm2i128 ymm7, ymm2, ymm4, 0x21   ; ymm7=data6_7
-
-    vmovdqu     YMMWORD [YMMBLOCK(0,0,r10,SIZEOF_DCTELEM)], ymm3
-    vmovdqu     YMMWORD [YMMBLOCK(2,0,r10,SIZEOF_DCTELEM)], ymm5
-    vmovdqu     YMMWORD [YMMBLOCK(4,0,r10,SIZEOF_DCTELEM)], ymm6
-    vmovdqu     YMMWORD [YMMBLOCK(6,0,r10,SIZEOF_DCTELEM)], ymm7
-
-    vzeroupper
-    uncollect_args 1
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jfdctint-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jfdctint-sse2.asm
deleted file mode 100644
index ec1f383..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jfdctint-sse2.asm
+++ /dev/null
@@ -1,619 +0,0 @@
-;
-; jfdctint.asm - accurate integer FDCT (64-bit SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, 2020, D. R. Commander.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a slower but more accurate integer implementation of the
-; forward DCT (Discrete Cosine Transform). The following code is based
-; directly on the IJG's original jfdctint.c; see the jfdctint.c for
-; more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%define CONST_BITS  13
-%define PASS1_BITS  2
-
-%define DESCALE_P1  (CONST_BITS - PASS1_BITS)
-%define DESCALE_P2  (CONST_BITS + PASS1_BITS)
-
-%if CONST_BITS == 13
-F_0_298 equ  2446  ; FIX(0.298631336)
-F_0_390 equ  3196  ; FIX(0.390180644)
-F_0_541 equ  4433  ; FIX(0.541196100)
-F_0_765 equ  6270  ; FIX(0.765366865)
-F_0_899 equ  7373  ; FIX(0.899976223)
-F_1_175 equ  9633  ; FIX(1.175875602)
-F_1_501 equ 12299  ; FIX(1.501321110)
-F_1_847 equ 15137  ; FIX(1.847759065)
-F_1_961 equ 16069  ; FIX(1.961570560)
-F_2_053 equ 16819  ; FIX(2.053119869)
-F_2_562 equ 20995  ; FIX(2.562915447)
-F_3_072 equ 25172  ; FIX(3.072711026)
-%else
-; NASM cannot do compile-time arithmetic on floating-point constants.
-%define DESCALE(x, n)  (((x) + (1 << ((n) - 1))) >> (n))
-F_0_298 equ DESCALE( 320652955, 30 - CONST_BITS)  ; FIX(0.298631336)
-F_0_390 equ DESCALE( 418953276, 30 - CONST_BITS)  ; FIX(0.390180644)
-F_0_541 equ DESCALE( 581104887, 30 - CONST_BITS)  ; FIX(0.541196100)
-F_0_765 equ DESCALE( 821806413, 30 - CONST_BITS)  ; FIX(0.765366865)
-F_0_899 equ DESCALE( 966342111, 30 - CONST_BITS)  ; FIX(0.899976223)
-F_1_175 equ DESCALE(1262586813, 30 - CONST_BITS)  ; FIX(1.175875602)
-F_1_501 equ DESCALE(1612031267, 30 - CONST_BITS)  ; FIX(1.501321110)
-F_1_847 equ DESCALE(1984016188, 30 - CONST_BITS)  ; FIX(1.847759065)
-F_1_961 equ DESCALE(2106220350, 30 - CONST_BITS)  ; FIX(1.961570560)
-F_2_053 equ DESCALE(2204520673, 30 - CONST_BITS)  ; FIX(2.053119869)
-F_2_562 equ DESCALE(2751909506, 30 - CONST_BITS)  ; FIX(2.562915447)
-F_3_072 equ DESCALE(3299298341, 30 - CONST_BITS)  ; FIX(3.072711026)
-%endif
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_fdct_islow_sse2)
-
-EXTN(jconst_fdct_islow_sse2):
-
-PW_F130_F054   times 4 dw  (F_0_541 + F_0_765),  F_0_541
-PW_F054_MF130  times 4 dw  F_0_541, (F_0_541 - F_1_847)
-PW_MF078_F117  times 4 dw  (F_1_175 - F_1_961),  F_1_175
-PW_F117_F078   times 4 dw  F_1_175, (F_1_175 - F_0_390)
-PW_MF060_MF089 times 4 dw  (F_0_298 - F_0_899), -F_0_899
-PW_MF089_F060  times 4 dw -F_0_899, (F_1_501 - F_0_899)
-PW_MF050_MF256 times 4 dw  (F_2_053 - F_2_562), -F_2_562
-PW_MF256_F050  times 4 dw -F_2_562, (F_3_072 - F_2_562)
-PD_DESCALE_P1  times 4 dd  1 << (DESCALE_P1 - 1)
-PD_DESCALE_P2  times 4 dd  1 << (DESCALE_P2 - 1)
-PW_DESCALE_P2X times 8 dw  1 << (PASS1_BITS - 1)
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-;
-; Perform the forward DCT on one block of samples.
-;
-; GLOBAL(void)
-; jsimd_fdct_islow_sse2(DCTELEM *data)
-;
-
-; r10 = DCTELEM *data
-
-%define wk(i)   rbp - (WK_NUM - (i)) * SIZEOF_XMMWORD  ; xmmword wk[WK_NUM]
-%define WK_NUM  6
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_fdct_islow_sse2)
-
-EXTN(jsimd_fdct_islow_sse2):
-    push        rbp
-    mov         rax, rsp                     ; rax = original rbp
-    sub         rsp, byte 4
-    and         rsp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [rsp], rax
-    mov         rbp, rsp                     ; rbp = aligned rbp
-    lea         rsp, [wk(0)]
-    collect_args 1
-
-    ; ---- Pass 1: process rows.
-
-    mov         rdx, r10                ; (DCTELEM *)
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(0,0,rdx,SIZEOF_DCTELEM)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(1,0,rdx,SIZEOF_DCTELEM)]
-    movdqa      xmm2, XMMWORD [XMMBLOCK(2,0,rdx,SIZEOF_DCTELEM)]
-    movdqa      xmm3, XMMWORD [XMMBLOCK(3,0,rdx,SIZEOF_DCTELEM)]
-
-    ; xmm0=(00 01 02 03 04 05 06 07), xmm2=(20 21 22 23 24 25 26 27)
-    ; xmm1=(10 11 12 13 14 15 16 17), xmm3=(30 31 32 33 34 35 36 37)
-
-    movdqa      xmm4, xmm0              ; transpose coefficients(phase 1)
-    punpcklwd   xmm0, xmm1              ; xmm0=(00 10 01 11 02 12 03 13)
-    punpckhwd   xmm4, xmm1              ; xmm4=(04 14 05 15 06 16 07 17)
-    movdqa      xmm5, xmm2              ; transpose coefficients(phase 1)
-    punpcklwd   xmm2, xmm3              ; xmm2=(20 30 21 31 22 32 23 33)
-    punpckhwd   xmm5, xmm3              ; xmm5=(24 34 25 35 26 36 27 37)
-
-    movdqa      xmm6, XMMWORD [XMMBLOCK(4,0,rdx,SIZEOF_DCTELEM)]
-    movdqa      xmm7, XMMWORD [XMMBLOCK(5,0,rdx,SIZEOF_DCTELEM)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(6,0,rdx,SIZEOF_DCTELEM)]
-    movdqa      xmm3, XMMWORD [XMMBLOCK(7,0,rdx,SIZEOF_DCTELEM)]
-
-    ; xmm6=( 4 12 20 28 36 44 52 60), xmm1=( 6 14 22 30 38 46 54 62)
-    ; xmm7=( 5 13 21 29 37 45 53 61), xmm3=( 7 15 23 31 39 47 55 63)
-
-    movdqa      XMMWORD [wk(0)], xmm2   ; wk(0)=(20 30 21 31 22 32 23 33)
-    movdqa      XMMWORD [wk(1)], xmm5   ; wk(1)=(24 34 25 35 26 36 27 37)
-
-    movdqa      xmm2, xmm6              ; transpose coefficients(phase 1)
-    punpcklwd   xmm6, xmm7              ; xmm6=(40 50 41 51 42 52 43 53)
-    punpckhwd   xmm2, xmm7              ; xmm2=(44 54 45 55 46 56 47 57)
-    movdqa      xmm5, xmm1              ; transpose coefficients(phase 1)
-    punpcklwd   xmm1, xmm3              ; xmm1=(60 70 61 71 62 72 63 73)
-    punpckhwd   xmm5, xmm3              ; xmm5=(64 74 65 75 66 76 67 77)
-
-    movdqa      xmm7, xmm6              ; transpose coefficients(phase 2)
-    punpckldq   xmm6, xmm1              ; xmm6=(40 50 60 70 41 51 61 71)
-    punpckhdq   xmm7, xmm1              ; xmm7=(42 52 62 72 43 53 63 73)
-    movdqa      xmm3, xmm2              ; transpose coefficients(phase 2)
-    punpckldq   xmm2, xmm5              ; xmm2=(44 54 64 74 45 55 65 75)
-    punpckhdq   xmm3, xmm5              ; xmm3=(46 56 66 76 47 57 67 77)
-
-    movdqa      xmm1, XMMWORD [wk(0)]   ; xmm1=(20 30 21 31 22 32 23 33)
-    movdqa      xmm5, XMMWORD [wk(1)]   ; xmm5=(24 34 25 35 26 36 27 37)
-    movdqa      XMMWORD [wk(2)], xmm7   ; wk(2)=(42 52 62 72 43 53 63 73)
-    movdqa      XMMWORD [wk(3)], xmm2   ; wk(3)=(44 54 64 74 45 55 65 75)
-
-    movdqa      xmm7, xmm0              ; transpose coefficients(phase 2)
-    punpckldq   xmm0, xmm1              ; xmm0=(00 10 20 30 01 11 21 31)
-    punpckhdq   xmm7, xmm1              ; xmm7=(02 12 22 32 03 13 23 33)
-    movdqa      xmm2, xmm4              ; transpose coefficients(phase 2)
-    punpckldq   xmm4, xmm5              ; xmm4=(04 14 24 34 05 15 25 35)
-    punpckhdq   xmm2, xmm5              ; xmm2=(06 16 26 36 07 17 27 37)
-
-    movdqa      xmm1, xmm0              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm0, xmm6              ; xmm0=(00 10 20 30 40 50 60 70)=data0
-    punpckhqdq  xmm1, xmm6              ; xmm1=(01 11 21 31 41 51 61 71)=data1
-    movdqa      xmm5, xmm2              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm2, xmm3              ; xmm2=(06 16 26 36 46 56 66 76)=data6
-    punpckhqdq  xmm5, xmm3              ; xmm5=(07 17 27 37 47 57 67 77)=data7
-
-    movdqa      xmm6, xmm1
-    movdqa      xmm3, xmm0
-    psubw       xmm1, xmm2              ; xmm1=data1-data6=tmp6
-    psubw       xmm0, xmm5              ; xmm0=data0-data7=tmp7
-    paddw       xmm6, xmm2              ; xmm6=data1+data6=tmp1
-    paddw       xmm3, xmm5              ; xmm3=data0+data7=tmp0
-
-    movdqa      xmm2, XMMWORD [wk(2)]   ; xmm2=(42 52 62 72 43 53 63 73)
-    movdqa      xmm5, XMMWORD [wk(3)]   ; xmm5=(44 54 64 74 45 55 65 75)
-    movdqa      XMMWORD [wk(0)], xmm1   ; wk(0)=tmp6
-    movdqa      XMMWORD [wk(1)], xmm0   ; wk(1)=tmp7
-
-    movdqa      xmm1, xmm7              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm7, xmm2              ; xmm7=(02 12 22 32 42 52 62 72)=data2
-    punpckhqdq  xmm1, xmm2              ; xmm1=(03 13 23 33 43 53 63 73)=data3
-    movdqa      xmm0, xmm4              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm4, xmm5              ; xmm4=(04 14 24 34 44 54 64 74)=data4
-    punpckhqdq  xmm0, xmm5              ; xmm0=(05 15 25 35 45 55 65 75)=data5
-
-    movdqa      xmm2, xmm1
-    movdqa      xmm5, xmm7
-    paddw       xmm1, xmm4              ; xmm1=data3+data4=tmp3
-    paddw       xmm7, xmm0              ; xmm7=data2+data5=tmp2
-    psubw       xmm2, xmm4              ; xmm2=data3-data4=tmp4
-    psubw       xmm5, xmm0              ; xmm5=data2-data5=tmp5
-
-    ; -- Even part
-
-    movdqa      xmm4, xmm3
-    movdqa      xmm0, xmm6
-    paddw       xmm3, xmm1              ; xmm3=tmp10
-    paddw       xmm6, xmm7              ; xmm6=tmp11
-    psubw       xmm4, xmm1              ; xmm4=tmp13
-    psubw       xmm0, xmm7              ; xmm0=tmp12
-
-    movdqa      xmm1, xmm3
-    paddw       xmm3, xmm6              ; xmm3=tmp10+tmp11
-    psubw       xmm1, xmm6              ; xmm1=tmp10-tmp11
-
-    psllw       xmm3, PASS1_BITS        ; xmm3=data0
-    psllw       xmm1, PASS1_BITS        ; xmm1=data4
-
-    movdqa      XMMWORD [wk(2)], xmm3   ; wk(2)=data0
-    movdqa      XMMWORD [wk(3)], xmm1   ; wk(3)=data4
-
-    ; (Original)
-    ; z1 = (tmp12 + tmp13) * 0.541196100;
-    ; data2 = z1 + tmp13 * 0.765366865;
-    ; data6 = z1 + tmp12 * -1.847759065;
-    ;
-    ; (This implementation)
-    ; data2 = tmp13 * (0.541196100 + 0.765366865) + tmp12 * 0.541196100;
-    ; data6 = tmp13 * 0.541196100 + tmp12 * (0.541196100 - 1.847759065);
-
-    movdqa      xmm7, xmm4              ; xmm4=tmp13
-    movdqa      xmm6, xmm4
-    punpcklwd   xmm7, xmm0              ; xmm0=tmp12
-    punpckhwd   xmm6, xmm0
-    movdqa      xmm4, xmm7
-    movdqa      xmm0, xmm6
-    pmaddwd     xmm7, [rel PW_F130_F054]   ; xmm7=data2L
-    pmaddwd     xmm6, [rel PW_F130_F054]   ; xmm6=data2H
-    pmaddwd     xmm4, [rel PW_F054_MF130]  ; xmm4=data6L
-    pmaddwd     xmm0, [rel PW_F054_MF130]  ; xmm0=data6H
-
-    paddd       xmm7, [rel PD_DESCALE_P1]
-    paddd       xmm6, [rel PD_DESCALE_P1]
-    psrad       xmm7, DESCALE_P1
-    psrad       xmm6, DESCALE_P1
-    paddd       xmm4, [rel PD_DESCALE_P1]
-    paddd       xmm0, [rel PD_DESCALE_P1]
-    psrad       xmm4, DESCALE_P1
-    psrad       xmm0, DESCALE_P1
-
-    packssdw    xmm7, xmm6              ; xmm7=data2
-    packssdw    xmm4, xmm0              ; xmm4=data6
-
-    movdqa      XMMWORD [wk(4)], xmm7   ; wk(4)=data2
-    movdqa      XMMWORD [wk(5)], xmm4   ; wk(5)=data6
-
-    ; -- Odd part
-
-    movdqa      xmm3, XMMWORD [wk(0)]   ; xmm3=tmp6
-    movdqa      xmm1, XMMWORD [wk(1)]   ; xmm1=tmp7
-
-    movdqa      xmm6, xmm2              ; xmm2=tmp4
-    movdqa      xmm0, xmm5              ; xmm5=tmp5
-    paddw       xmm6, xmm3              ; xmm6=z3
-    paddw       xmm0, xmm1              ; xmm0=z4
-
-    ; (Original)
-    ; z5 = (z3 + z4) * 1.175875602;
-    ; z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644;
-    ; z3 += z5;  z4 += z5;
-    ;
-    ; (This implementation)
-    ; z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602;
-    ; z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644);
-
-    movdqa      xmm7, xmm6
-    movdqa      xmm4, xmm6
-    punpcklwd   xmm7, xmm0
-    punpckhwd   xmm4, xmm0
-    movdqa      xmm6, xmm7
-    movdqa      xmm0, xmm4
-    pmaddwd     xmm7, [rel PW_MF078_F117]  ; xmm7=z3L
-    pmaddwd     xmm4, [rel PW_MF078_F117]  ; xmm4=z3H
-    pmaddwd     xmm6, [rel PW_F117_F078]   ; xmm6=z4L
-    pmaddwd     xmm0, [rel PW_F117_F078]   ; xmm0=z4H
-
-    movdqa      XMMWORD [wk(0)], xmm7   ; wk(0)=z3L
-    movdqa      XMMWORD [wk(1)], xmm4   ; wk(1)=z3H
-
-    ; (Original)
-    ; z1 = tmp4 + tmp7;  z2 = tmp5 + tmp6;
-    ; tmp4 = tmp4 * 0.298631336;  tmp5 = tmp5 * 2.053119869;
-    ; tmp6 = tmp6 * 3.072711026;  tmp7 = tmp7 * 1.501321110;
-    ; z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447;
-    ; data7 = tmp4 + z1 + z3;  data5 = tmp5 + z2 + z4;
-    ; data3 = tmp6 + z2 + z3;  data1 = tmp7 + z1 + z4;
-    ;
-    ; (This implementation)
-    ; tmp4 = tmp4 * (0.298631336 - 0.899976223) + tmp7 * -0.899976223;
-    ; tmp5 = tmp5 * (2.053119869 - 2.562915447) + tmp6 * -2.562915447;
-    ; tmp6 = tmp5 * -2.562915447 + tmp6 * (3.072711026 - 2.562915447);
-    ; tmp7 = tmp4 * -0.899976223 + tmp7 * (1.501321110 - 0.899976223);
-    ; data7 = tmp4 + z3;  data5 = tmp5 + z4;
-    ; data3 = tmp6 + z3;  data1 = tmp7 + z4;
-
-    movdqa      xmm7, xmm2
-    movdqa      xmm4, xmm2
-    punpcklwd   xmm7, xmm1
-    punpckhwd   xmm4, xmm1
-    movdqa      xmm2, xmm7
-    movdqa      xmm1, xmm4
-    pmaddwd     xmm7, [rel PW_MF060_MF089]  ; xmm7=tmp4L
-    pmaddwd     xmm4, [rel PW_MF060_MF089]  ; xmm4=tmp4H
-    pmaddwd     xmm2, [rel PW_MF089_F060]   ; xmm2=tmp7L
-    pmaddwd     xmm1, [rel PW_MF089_F060]   ; xmm1=tmp7H
-
-    paddd       xmm7, XMMWORD [wk(0)]   ; xmm7=data7L
-    paddd       xmm4, XMMWORD [wk(1)]   ; xmm4=data7H
-    paddd       xmm2, xmm6              ; xmm2=data1L
-    paddd       xmm1, xmm0              ; xmm1=data1H
-
-    paddd       xmm7, [rel PD_DESCALE_P1]
-    paddd       xmm4, [rel PD_DESCALE_P1]
-    psrad       xmm7, DESCALE_P1
-    psrad       xmm4, DESCALE_P1
-    paddd       xmm2, [rel PD_DESCALE_P1]
-    paddd       xmm1, [rel PD_DESCALE_P1]
-    psrad       xmm2, DESCALE_P1
-    psrad       xmm1, DESCALE_P1
-
-    packssdw    xmm7, xmm4              ; xmm7=data7
-    packssdw    xmm2, xmm1              ; xmm2=data1
-
-    movdqa      xmm4, xmm5
-    movdqa      xmm1, xmm5
-    punpcklwd   xmm4, xmm3
-    punpckhwd   xmm1, xmm3
-    movdqa      xmm5, xmm4
-    movdqa      xmm3, xmm1
-    pmaddwd     xmm4, [rel PW_MF050_MF256]  ; xmm4=tmp5L
-    pmaddwd     xmm1, [rel PW_MF050_MF256]  ; xmm1=tmp5H
-    pmaddwd     xmm5, [rel PW_MF256_F050]   ; xmm5=tmp6L
-    pmaddwd     xmm3, [rel PW_MF256_F050]   ; xmm3=tmp6H
-
-    paddd       xmm4, xmm6              ; xmm4=data5L
-    paddd       xmm1, xmm0              ; xmm1=data5H
-    paddd       xmm5, XMMWORD [wk(0)]   ; xmm5=data3L
-    paddd       xmm3, XMMWORD [wk(1)]   ; xmm3=data3H
-
-    paddd       xmm4, [rel PD_DESCALE_P1]
-    paddd       xmm1, [rel PD_DESCALE_P1]
-    psrad       xmm4, DESCALE_P1
-    psrad       xmm1, DESCALE_P1
-    paddd       xmm5, [rel PD_DESCALE_P1]
-    paddd       xmm3, [rel PD_DESCALE_P1]
-    psrad       xmm5, DESCALE_P1
-    psrad       xmm3, DESCALE_P1
-
-    packssdw    xmm4, xmm1              ; xmm4=data5
-    packssdw    xmm5, xmm3              ; xmm5=data3
-
-    ; ---- Pass 2: process columns.
-
-    movdqa      xmm6, XMMWORD [wk(2)]   ; xmm6=col0
-    movdqa      xmm0, XMMWORD [wk(4)]   ; xmm0=col2
-
-    ; xmm6=(00 10 20 30 40 50 60 70), xmm0=(02 12 22 32 42 52 62 72)
-    ; xmm2=(01 11 21 31 41 51 61 71), xmm5=(03 13 23 33 43 53 63 73)
-
-    movdqa      xmm1, xmm6              ; transpose coefficients(phase 1)
-    punpcklwd   xmm6, xmm2              ; xmm6=(00 01 10 11 20 21 30 31)
-    punpckhwd   xmm1, xmm2              ; xmm1=(40 41 50 51 60 61 70 71)
-    movdqa      xmm3, xmm0              ; transpose coefficients(phase 1)
-    punpcklwd   xmm0, xmm5              ; xmm0=(02 03 12 13 22 23 32 33)
-    punpckhwd   xmm3, xmm5              ; xmm3=(42 43 52 53 62 63 72 73)
-
-    movdqa      xmm2, XMMWORD [wk(3)]   ; xmm2=col4
-    movdqa      xmm5, XMMWORD [wk(5)]   ; xmm5=col6
-
-    ; xmm2=(04 14 24 34 44 54 64 74), xmm5=(06 16 26 36 46 56 66 76)
-    ; xmm4=(05 15 25 35 45 55 65 75), xmm7=(07 17 27 37 47 57 67 77)
-
-    movdqa      XMMWORD [wk(0)], xmm0   ; wk(0)=(02 03 12 13 22 23 32 33)
-    movdqa      XMMWORD [wk(1)], xmm3   ; wk(1)=(42 43 52 53 62 63 72 73)
-
-    movdqa      xmm0, xmm2              ; transpose coefficients(phase 1)
-    punpcklwd   xmm2, xmm4              ; xmm2=(04 05 14 15 24 25 34 35)
-    punpckhwd   xmm0, xmm4              ; xmm0=(44 45 54 55 64 65 74 75)
-    movdqa      xmm3, xmm5              ; transpose coefficients(phase 1)
-    punpcklwd   xmm5, xmm7              ; xmm5=(06 07 16 17 26 27 36 37)
-    punpckhwd   xmm3, xmm7              ; xmm3=(46 47 56 57 66 67 76 77)
-
-    movdqa      xmm4, xmm2              ; transpose coefficients(phase 2)
-    punpckldq   xmm2, xmm5              ; xmm2=(04 05 06 07 14 15 16 17)
-    punpckhdq   xmm4, xmm5              ; xmm4=(24 25 26 27 34 35 36 37)
-    movdqa      xmm7, xmm0              ; transpose coefficients(phase 2)
-    punpckldq   xmm0, xmm3              ; xmm0=(44 45 46 47 54 55 56 57)
-    punpckhdq   xmm7, xmm3              ; xmm7=(64 65 66 67 74 75 76 77)
-
-    movdqa      xmm5, XMMWORD [wk(0)]   ; xmm5=(02 03 12 13 22 23 32 33)
-    movdqa      xmm3, XMMWORD [wk(1)]   ; xmm3=(42 43 52 53 62 63 72 73)
-    movdqa      XMMWORD [wk(2)], xmm4   ; wk(2)=(24 25 26 27 34 35 36 37)
-    movdqa      XMMWORD [wk(3)], xmm0   ; wk(3)=(44 45 46 47 54 55 56 57)
-
-    movdqa      xmm4, xmm6              ; transpose coefficients(phase 2)
-    punpckldq   xmm6, xmm5              ; xmm6=(00 01 02 03 10 11 12 13)
-    punpckhdq   xmm4, xmm5              ; xmm4=(20 21 22 23 30 31 32 33)
-    movdqa      xmm0, xmm1              ; transpose coefficients(phase 2)
-    punpckldq   xmm1, xmm3              ; xmm1=(40 41 42 43 50 51 52 53)
-    punpckhdq   xmm0, xmm3              ; xmm0=(60 61 62 63 70 71 72 73)
-
-    movdqa      xmm5, xmm6              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm6, xmm2              ; xmm6=(00 01 02 03 04 05 06 07)=data0
-    punpckhqdq  xmm5, xmm2              ; xmm5=(10 11 12 13 14 15 16 17)=data1
-    movdqa      xmm3, xmm0              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm0, xmm7              ; xmm0=(60 61 62 63 64 65 66 67)=data6
-    punpckhqdq  xmm3, xmm7              ; xmm3=(70 71 72 73 74 75 76 77)=data7
-
-    movdqa      xmm2, xmm5
-    movdqa      xmm7, xmm6
-    psubw       xmm5, xmm0              ; xmm5=data1-data6=tmp6
-    psubw       xmm6, xmm3              ; xmm6=data0-data7=tmp7
-    paddw       xmm2, xmm0              ; xmm2=data1+data6=tmp1
-    paddw       xmm7, xmm3              ; xmm7=data0+data7=tmp0
-
-    movdqa      xmm0, XMMWORD [wk(2)]   ; xmm0=(24 25 26 27 34 35 36 37)
-    movdqa      xmm3, XMMWORD [wk(3)]   ; xmm3=(44 45 46 47 54 55 56 57)
-    movdqa      XMMWORD [wk(0)], xmm5   ; wk(0)=tmp6
-    movdqa      XMMWORD [wk(1)], xmm6   ; wk(1)=tmp7
-
-    movdqa      xmm5, xmm4              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm4, xmm0              ; xmm4=(20 21 22 23 24 25 26 27)=data2
-    punpckhqdq  xmm5, xmm0              ; xmm5=(30 31 32 33 34 35 36 37)=data3
-    movdqa      xmm6, xmm1              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm1, xmm3              ; xmm1=(40 41 42 43 44 45 46 47)=data4
-    punpckhqdq  xmm6, xmm3              ; xmm6=(50 51 52 53 54 55 56 57)=data5
-
-    movdqa      xmm0, xmm5
-    movdqa      xmm3, xmm4
-    paddw       xmm5, xmm1              ; xmm5=data3+data4=tmp3
-    paddw       xmm4, xmm6              ; xmm4=data2+data5=tmp2
-    psubw       xmm0, xmm1              ; xmm0=data3-data4=tmp4
-    psubw       xmm3, xmm6              ; xmm3=data2-data5=tmp5
-
-    ; -- Even part
-
-    movdqa      xmm1, xmm7
-    movdqa      xmm6, xmm2
-    paddw       xmm7, xmm5              ; xmm7=tmp10
-    paddw       xmm2, xmm4              ; xmm2=tmp11
-    psubw       xmm1, xmm5              ; xmm1=tmp13
-    psubw       xmm6, xmm4              ; xmm6=tmp12
-
-    movdqa      xmm5, xmm7
-    paddw       xmm7, xmm2              ; xmm7=tmp10+tmp11
-    psubw       xmm5, xmm2              ; xmm5=tmp10-tmp11
-
-    paddw       xmm7, [rel PW_DESCALE_P2X]
-    paddw       xmm5, [rel PW_DESCALE_P2X]
-    psraw       xmm7, PASS1_BITS        ; xmm7=data0
-    psraw       xmm5, PASS1_BITS        ; xmm5=data4
-
-    movdqa      XMMWORD [XMMBLOCK(0,0,rdx,SIZEOF_DCTELEM)], xmm7
-    movdqa      XMMWORD [XMMBLOCK(4,0,rdx,SIZEOF_DCTELEM)], xmm5
-
-    ; (Original)
-    ; z1 = (tmp12 + tmp13) * 0.541196100;
-    ; data2 = z1 + tmp13 * 0.765366865;
-    ; data6 = z1 + tmp12 * -1.847759065;
-    ;
-    ; (This implementation)
-    ; data2 = tmp13 * (0.541196100 + 0.765366865) + tmp12 * 0.541196100;
-    ; data6 = tmp13 * 0.541196100 + tmp12 * (0.541196100 - 1.847759065);
-
-    movdqa      xmm4, xmm1              ; xmm1=tmp13
-    movdqa      xmm2, xmm1
-    punpcklwd   xmm4, xmm6              ; xmm6=tmp12
-    punpckhwd   xmm2, xmm6
-    movdqa      xmm1, xmm4
-    movdqa      xmm6, xmm2
-    pmaddwd     xmm4, [rel PW_F130_F054]   ; xmm4=data2L
-    pmaddwd     xmm2, [rel PW_F130_F054]   ; xmm2=data2H
-    pmaddwd     xmm1, [rel PW_F054_MF130]  ; xmm1=data6L
-    pmaddwd     xmm6, [rel PW_F054_MF130]  ; xmm6=data6H
-
-    paddd       xmm4, [rel PD_DESCALE_P2]
-    paddd       xmm2, [rel PD_DESCALE_P2]
-    psrad       xmm4, DESCALE_P2
-    psrad       xmm2, DESCALE_P2
-    paddd       xmm1, [rel PD_DESCALE_P2]
-    paddd       xmm6, [rel PD_DESCALE_P2]
-    psrad       xmm1, DESCALE_P2
-    psrad       xmm6, DESCALE_P2
-
-    packssdw    xmm4, xmm2              ; xmm4=data2
-    packssdw    xmm1, xmm6              ; xmm1=data6
-
-    movdqa      XMMWORD [XMMBLOCK(2,0,rdx,SIZEOF_DCTELEM)], xmm4
-    movdqa      XMMWORD [XMMBLOCK(6,0,rdx,SIZEOF_DCTELEM)], xmm1
-
-    ; -- Odd part
-
-    movdqa      xmm7, XMMWORD [wk(0)]   ; xmm7=tmp6
-    movdqa      xmm5, XMMWORD [wk(1)]   ; xmm5=tmp7
-
-    movdqa      xmm2, xmm0              ; xmm0=tmp4
-    movdqa      xmm6, xmm3              ; xmm3=tmp5
-    paddw       xmm2, xmm7              ; xmm2=z3
-    paddw       xmm6, xmm5              ; xmm6=z4
-
-    ; (Original)
-    ; z5 = (z3 + z4) * 1.175875602;
-    ; z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644;
-    ; z3 += z5;  z4 += z5;
-    ;
-    ; (This implementation)
-    ; z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602;
-    ; z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644);
-
-    movdqa      xmm4, xmm2
-    movdqa      xmm1, xmm2
-    punpcklwd   xmm4, xmm6
-    punpckhwd   xmm1, xmm6
-    movdqa      xmm2, xmm4
-    movdqa      xmm6, xmm1
-    pmaddwd     xmm4, [rel PW_MF078_F117]  ; xmm4=z3L
-    pmaddwd     xmm1, [rel PW_MF078_F117]  ; xmm1=z3H
-    pmaddwd     xmm2, [rel PW_F117_F078]   ; xmm2=z4L
-    pmaddwd     xmm6, [rel PW_F117_F078]   ; xmm6=z4H
-
-    movdqa      XMMWORD [wk(0)], xmm4   ; wk(0)=z3L
-    movdqa      XMMWORD [wk(1)], xmm1   ; wk(1)=z3H
-
-    ; (Original)
-    ; z1 = tmp4 + tmp7;  z2 = tmp5 + tmp6;
-    ; tmp4 = tmp4 * 0.298631336;  tmp5 = tmp5 * 2.053119869;
-    ; tmp6 = tmp6 * 3.072711026;  tmp7 = tmp7 * 1.501321110;
-    ; z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447;
-    ; data7 = tmp4 + z1 + z3;  data5 = tmp5 + z2 + z4;
-    ; data3 = tmp6 + z2 + z3;  data1 = tmp7 + z1 + z4;
-    ;
-    ; (This implementation)
-    ; tmp4 = tmp4 * (0.298631336 - 0.899976223) + tmp7 * -0.899976223;
-    ; tmp5 = tmp5 * (2.053119869 - 2.562915447) + tmp6 * -2.562915447;
-    ; tmp6 = tmp5 * -2.562915447 + tmp6 * (3.072711026 - 2.562915447);
-    ; tmp7 = tmp4 * -0.899976223 + tmp7 * (1.501321110 - 0.899976223);
-    ; data7 = tmp4 + z3;  data5 = tmp5 + z4;
-    ; data3 = tmp6 + z3;  data1 = tmp7 + z4;
-
-    movdqa      xmm4, xmm0
-    movdqa      xmm1, xmm0
-    punpcklwd   xmm4, xmm5
-    punpckhwd   xmm1, xmm5
-    movdqa      xmm0, xmm4
-    movdqa      xmm5, xmm1
-    pmaddwd     xmm4, [rel PW_MF060_MF089]  ; xmm4=tmp4L
-    pmaddwd     xmm1, [rel PW_MF060_MF089]  ; xmm1=tmp4H
-    pmaddwd     xmm0, [rel PW_MF089_F060]   ; xmm0=tmp7L
-    pmaddwd     xmm5, [rel PW_MF089_F060]   ; xmm5=tmp7H
-
-    paddd       xmm4,  XMMWORD [wk(0)]  ; xmm4=data7L
-    paddd       xmm1,  XMMWORD [wk(1)]  ; xmm1=data7H
-    paddd       xmm0, xmm2              ; xmm0=data1L
-    paddd       xmm5, xmm6              ; xmm5=data1H
-
-    paddd       xmm4, [rel PD_DESCALE_P2]
-    paddd       xmm1, [rel PD_DESCALE_P2]
-    psrad       xmm4, DESCALE_P2
-    psrad       xmm1, DESCALE_P2
-    paddd       xmm0, [rel PD_DESCALE_P2]
-    paddd       xmm5, [rel PD_DESCALE_P2]
-    psrad       xmm0, DESCALE_P2
-    psrad       xmm5, DESCALE_P2
-
-    packssdw    xmm4, xmm1              ; xmm4=data7
-    packssdw    xmm0, xmm5              ; xmm0=data1
-
-    movdqa      XMMWORD [XMMBLOCK(7,0,rdx,SIZEOF_DCTELEM)], xmm4
-    movdqa      XMMWORD [XMMBLOCK(1,0,rdx,SIZEOF_DCTELEM)], xmm0
-
-    movdqa      xmm1, xmm3
-    movdqa      xmm5, xmm3
-    punpcklwd   xmm1, xmm7
-    punpckhwd   xmm5, xmm7
-    movdqa      xmm3, xmm1
-    movdqa      xmm7, xmm5
-    pmaddwd     xmm1, [rel PW_MF050_MF256]  ; xmm1=tmp5L
-    pmaddwd     xmm5, [rel PW_MF050_MF256]  ; xmm5=tmp5H
-    pmaddwd     xmm3, [rel PW_MF256_F050]   ; xmm3=tmp6L
-    pmaddwd     xmm7, [rel PW_MF256_F050]   ; xmm7=tmp6H
-
-    paddd       xmm1, xmm2              ; xmm1=data5L
-    paddd       xmm5, xmm6              ; xmm5=data5H
-    paddd       xmm3, XMMWORD [wk(0)]   ; xmm3=data3L
-    paddd       xmm7, XMMWORD [wk(1)]   ; xmm7=data3H
-
-    paddd       xmm1, [rel PD_DESCALE_P2]
-    paddd       xmm5, [rel PD_DESCALE_P2]
-    psrad       xmm1, DESCALE_P2
-    psrad       xmm5, DESCALE_P2
-    paddd       xmm3, [rel PD_DESCALE_P2]
-    paddd       xmm7, [rel PD_DESCALE_P2]
-    psrad       xmm3, DESCALE_P2
-    psrad       xmm7, DESCALE_P2
-
-    packssdw    xmm1, xmm5              ; xmm1=data5
-    packssdw    xmm3, xmm7              ; xmm3=data3
-
-    movdqa      XMMWORD [XMMBLOCK(5,0,rdx,SIZEOF_DCTELEM)], xmm1
-    movdqa      XMMWORD [XMMBLOCK(3,0,rdx,SIZEOF_DCTELEM)], xmm3
-
-    uncollect_args 1
-    mov         rsp, rbp                ; rsp <- aligned rbp
-    pop         rsp                     ; rsp <- original rbp
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jidctflt-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jidctflt-sse2.asm
deleted file mode 100644
index 60bf961..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jidctflt-sse2.asm
+++ /dev/null
@@ -1,482 +0,0 @@
-;
-; jidctflt.asm - floating-point IDCT (64-bit SSE & SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a floating-point implementation of the inverse DCT
-; (Discrete Cosine Transform). The following code is based directly on
-; the IJG's original jidctflt.c; see the jidctflt.c for more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%macro unpcklps2 2  ; %1=(0 1 2 3) / %2=(4 5 6 7) => %1=(0 1 4 5)
-    shufps      %1, %2, 0x44
-%endmacro
-
-%macro unpckhps2 2  ; %1=(0 1 2 3) / %2=(4 5 6 7) => %1=(2 3 6 7)
-    shufps      %1, %2, 0xEE
-%endmacro
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_idct_float_sse2)
-
-EXTN(jconst_idct_float_sse2):
-
-PD_1_414        times 4  dd  1.414213562373095048801689
-PD_1_847        times 4  dd  1.847759065022573512256366
-PD_1_082        times 4  dd  1.082392200292393968799446
-PD_M2_613       times 4  dd -2.613125929752753055713286
-PD_RNDINT_MAGIC times 4  dd  100663296.0  ; (float)(0x00C00000 << 3)
-PB_CENTERJSAMP  times 16 db  CENTERJSAMPLE
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-;
-; Perform dequantization and inverse DCT on one block of coefficients.
-;
-; GLOBAL(void)
-; jsimd_idct_float_sse2(void *dct_table, JCOEFPTR coef_block,
-;                       JSAMPARRAY output_buf, JDIMENSION output_col)
-;
-
-; r10 = void *dct_table
-; r11 = JCOEFPTR coef_block
-; r12 = JSAMPARRAY output_buf
-; r13d = JDIMENSION output_col
-
-%define original_rbp  rbp + 0
-%define wk(i)         rbp - (WK_NUM - (i)) * SIZEOF_XMMWORD
-                                        ; xmmword wk[WK_NUM]
-%define WK_NUM        2
-%define workspace     wk(0) - DCTSIZE2 * SIZEOF_FAST_FLOAT
-                                        ; FAST_FLOAT workspace[DCTSIZE2]
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_idct_float_sse2)
-
-EXTN(jsimd_idct_float_sse2):
-    push        rbp
-    mov         rax, rsp                     ; rax = original rbp
-    sub         rsp, byte 4
-    and         rsp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [rsp], rax
-    mov         rbp, rsp                     ; rbp = aligned rbp
-    lea         rsp, [workspace]
-    collect_args 4
-    push        rbx
-
-    ; ---- Pass 1: process columns from input, store into work array.
-
-    mov         rdx, r10                ; quantptr
-    mov         rsi, r11                ; inptr
-    lea         rdi, [workspace]        ; FAST_FLOAT *wsptr
-    mov         rcx, DCTSIZE/4          ; ctr
-.columnloop:
-%ifndef NO_ZERO_COLUMN_TEST_FLOAT_SSE
-    mov         eax, dword [DWBLOCK(1,0,rsi,SIZEOF_JCOEF)]
-    or          eax, dword [DWBLOCK(2,0,rsi,SIZEOF_JCOEF)]
-    jnz         near .columnDCT
-
-    movq        xmm1, XMM_MMWORD [MMBLOCK(1,0,rsi,SIZEOF_JCOEF)]
-    movq        xmm2, XMM_MMWORD [MMBLOCK(2,0,rsi,SIZEOF_JCOEF)]
-    movq        xmm3, XMM_MMWORD [MMBLOCK(3,0,rsi,SIZEOF_JCOEF)]
-    movq        xmm4, XMM_MMWORD [MMBLOCK(4,0,rsi,SIZEOF_JCOEF)]
-    movq        xmm5, XMM_MMWORD [MMBLOCK(5,0,rsi,SIZEOF_JCOEF)]
-    movq        xmm6, XMM_MMWORD [MMBLOCK(6,0,rsi,SIZEOF_JCOEF)]
-    movq        xmm7, XMM_MMWORD [MMBLOCK(7,0,rsi,SIZEOF_JCOEF)]
-    por         xmm1, xmm2
-    por         xmm3, xmm4
-    por         xmm5, xmm6
-    por         xmm1, xmm3
-    por         xmm5, xmm7
-    por         xmm1, xmm5
-    packsswb    xmm1, xmm1
-    movd        eax, xmm1
-    test        rax, rax
-    jnz         short .columnDCT
-
-    ; -- AC terms all zero
-
-    movq        xmm0, XMM_MMWORD [MMBLOCK(0,0,rsi,SIZEOF_JCOEF)]
-
-    punpcklwd   xmm0, xmm0                  ; xmm0=(00 00 01 01 02 02 03 03)
-    psrad       xmm0, (DWORD_BIT-WORD_BIT)  ; xmm0=in0=(00 01 02 03)
-    cvtdq2ps    xmm0, xmm0                  ; xmm0=in0=(00 01 02 03)
-
-    mulps       xmm0, XMMWORD [XMMBLOCK(0,0,rdx,SIZEOF_FLOAT_MULT_TYPE)]
-
-    movaps      xmm1, xmm0
-    movaps      xmm2, xmm0
-    movaps      xmm3, xmm0
-
-    shufps      xmm0, xmm0, 0x00        ; xmm0=(00 00 00 00)
-    shufps      xmm1, xmm1, 0x55        ; xmm1=(01 01 01 01)
-    shufps      xmm2, xmm2, 0xAA        ; xmm2=(02 02 02 02)
-    shufps      xmm3, xmm3, 0xFF        ; xmm3=(03 03 03 03)
-
-    movaps      XMMWORD [XMMBLOCK(0,0,rdi,SIZEOF_FAST_FLOAT)], xmm0
-    movaps      XMMWORD [XMMBLOCK(0,1,rdi,SIZEOF_FAST_FLOAT)], xmm0
-    movaps      XMMWORD [XMMBLOCK(1,0,rdi,SIZEOF_FAST_FLOAT)], xmm1
-    movaps      XMMWORD [XMMBLOCK(1,1,rdi,SIZEOF_FAST_FLOAT)], xmm1
-    movaps      XMMWORD [XMMBLOCK(2,0,rdi,SIZEOF_FAST_FLOAT)], xmm2
-    movaps      XMMWORD [XMMBLOCK(2,1,rdi,SIZEOF_FAST_FLOAT)], xmm2
-    movaps      XMMWORD [XMMBLOCK(3,0,rdi,SIZEOF_FAST_FLOAT)], xmm3
-    movaps      XMMWORD [XMMBLOCK(3,1,rdi,SIZEOF_FAST_FLOAT)], xmm3
-    jmp         near .nextcolumn
-%endif
-.columnDCT:
-
-    ; -- Even part
-
-    movq        xmm0, XMM_MMWORD [MMBLOCK(0,0,rsi,SIZEOF_JCOEF)]
-    movq        xmm1, XMM_MMWORD [MMBLOCK(2,0,rsi,SIZEOF_JCOEF)]
-    movq        xmm2, XMM_MMWORD [MMBLOCK(4,0,rsi,SIZEOF_JCOEF)]
-    movq        xmm3, XMM_MMWORD [MMBLOCK(6,0,rsi,SIZEOF_JCOEF)]
-
-    punpcklwd   xmm0, xmm0                  ; xmm0=(00 00 01 01 02 02 03 03)
-    punpcklwd   xmm1, xmm1                  ; xmm1=(20 20 21 21 22 22 23 23)
-    psrad       xmm0, (DWORD_BIT-WORD_BIT)  ; xmm0=in0=(00 01 02 03)
-    psrad       xmm1, (DWORD_BIT-WORD_BIT)  ; xmm1=in2=(20 21 22 23)
-    cvtdq2ps    xmm0, xmm0                  ; xmm0=in0=(00 01 02 03)
-    cvtdq2ps    xmm1, xmm1                  ; xmm1=in2=(20 21 22 23)
-
-    punpcklwd   xmm2, xmm2                  ; xmm2=(40 40 41 41 42 42 43 43)
-    punpcklwd   xmm3, xmm3                  ; xmm3=(60 60 61 61 62 62 63 63)
-    psrad       xmm2, (DWORD_BIT-WORD_BIT)  ; xmm2=in4=(40 41 42 43)
-    psrad       xmm3, (DWORD_BIT-WORD_BIT)  ; xmm3=in6=(60 61 62 63)
-    cvtdq2ps    xmm2, xmm2                  ; xmm2=in4=(40 41 42 43)
-    cvtdq2ps    xmm3, xmm3                  ; xmm3=in6=(60 61 62 63)
-
-    mulps       xmm0, XMMWORD [XMMBLOCK(0,0,rdx,SIZEOF_FLOAT_MULT_TYPE)]
-    mulps       xmm1, XMMWORD [XMMBLOCK(2,0,rdx,SIZEOF_FLOAT_MULT_TYPE)]
-    mulps       xmm2, XMMWORD [XMMBLOCK(4,0,rdx,SIZEOF_FLOAT_MULT_TYPE)]
-    mulps       xmm3, XMMWORD [XMMBLOCK(6,0,rdx,SIZEOF_FLOAT_MULT_TYPE)]
-
-    movaps      xmm4, xmm0
-    movaps      xmm5, xmm1
-    subps       xmm0, xmm2              ; xmm0=tmp11
-    subps       xmm1, xmm3
-    addps       xmm4, xmm2              ; xmm4=tmp10
-    addps       xmm5, xmm3              ; xmm5=tmp13
-
-    mulps       xmm1, [rel PD_1_414]
-    subps       xmm1, xmm5              ; xmm1=tmp12
-
-    movaps      xmm6, xmm4
-    movaps      xmm7, xmm0
-    subps       xmm4, xmm5              ; xmm4=tmp3
-    subps       xmm0, xmm1              ; xmm0=tmp2
-    addps       xmm6, xmm5              ; xmm6=tmp0
-    addps       xmm7, xmm1              ; xmm7=tmp1
-
-    movaps      XMMWORD [wk(1)], xmm4   ; tmp3
-    movaps      XMMWORD [wk(0)], xmm0   ; tmp2
-
-    ; -- Odd part
-
-    movq        xmm2, XMM_MMWORD [MMBLOCK(1,0,rsi,SIZEOF_JCOEF)]
-    movq        xmm3, XMM_MMWORD [MMBLOCK(3,0,rsi,SIZEOF_JCOEF)]
-    movq        xmm5, XMM_MMWORD [MMBLOCK(5,0,rsi,SIZEOF_JCOEF)]
-    movq        xmm1, XMM_MMWORD [MMBLOCK(7,0,rsi,SIZEOF_JCOEF)]
-
-    punpcklwd   xmm2, xmm2                  ; xmm2=(10 10 11 11 12 12 13 13)
-    punpcklwd   xmm3, xmm3                  ; xmm3=(30 30 31 31 32 32 33 33)
-    psrad       xmm2, (DWORD_BIT-WORD_BIT)  ; xmm2=in1=(10 11 12 13)
-    psrad       xmm3, (DWORD_BIT-WORD_BIT)  ; xmm3=in3=(30 31 32 33)
-    cvtdq2ps    xmm2, xmm2                  ; xmm2=in1=(10 11 12 13)
-    cvtdq2ps    xmm3, xmm3                  ; xmm3=in3=(30 31 32 33)
-
-    punpcklwd   xmm5, xmm5                  ; xmm5=(50 50 51 51 52 52 53 53)
-    punpcklwd   xmm1, xmm1                  ; xmm1=(70 70 71 71 72 72 73 73)
-    psrad       xmm5, (DWORD_BIT-WORD_BIT)  ; xmm5=in5=(50 51 52 53)
-    psrad       xmm1, (DWORD_BIT-WORD_BIT)  ; xmm1=in7=(70 71 72 73)
-    cvtdq2ps    xmm5, xmm5                  ; xmm5=in5=(50 51 52 53)
-    cvtdq2ps    xmm1, xmm1                  ; xmm1=in7=(70 71 72 73)
-
-    mulps       xmm2, XMMWORD [XMMBLOCK(1,0,rdx,SIZEOF_FLOAT_MULT_TYPE)]
-    mulps       xmm3, XMMWORD [XMMBLOCK(3,0,rdx,SIZEOF_FLOAT_MULT_TYPE)]
-    mulps       xmm5, XMMWORD [XMMBLOCK(5,0,rdx,SIZEOF_FLOAT_MULT_TYPE)]
-    mulps       xmm1, XMMWORD [XMMBLOCK(7,0,rdx,SIZEOF_FLOAT_MULT_TYPE)]
-
-    movaps      xmm4, xmm2
-    movaps      xmm0, xmm5
-    addps       xmm2, xmm1              ; xmm2=z11
-    addps       xmm5, xmm3              ; xmm5=z13
-    subps       xmm4, xmm1              ; xmm4=z12
-    subps       xmm0, xmm3              ; xmm0=z10
-
-    movaps      xmm1, xmm2
-    subps       xmm2, xmm5
-    addps       xmm1, xmm5              ; xmm1=tmp7
-
-    mulps       xmm2, [rel PD_1_414]    ; xmm2=tmp11
-
-    movaps      xmm3, xmm0
-    addps       xmm0, xmm4
-    mulps       xmm0, [rel PD_1_847]    ; xmm0=z5
-    mulps       xmm3, [rel PD_M2_613]   ; xmm3=(z10 * -2.613125930)
-    mulps       xmm4, [rel PD_1_082]    ; xmm4=(z12 * 1.082392200)
-    addps       xmm3, xmm0              ; xmm3=tmp12
-    subps       xmm4, xmm0              ; xmm4=tmp10
-
-    ; -- Final output stage
-
-    subps       xmm3, xmm1              ; xmm3=tmp6
-    movaps      xmm5, xmm6
-    movaps      xmm0, xmm7
-    addps       xmm6, xmm1              ; xmm6=data0=(00 01 02 03)
-    addps       xmm7, xmm3              ; xmm7=data1=(10 11 12 13)
-    subps       xmm5, xmm1              ; xmm5=data7=(70 71 72 73)
-    subps       xmm0, xmm3              ; xmm0=data6=(60 61 62 63)
-    subps       xmm2, xmm3              ; xmm2=tmp5
-
-    movaps      xmm1, xmm6              ; transpose coefficients(phase 1)
-    unpcklps    xmm6, xmm7              ; xmm6=(00 10 01 11)
-    unpckhps    xmm1, xmm7              ; xmm1=(02 12 03 13)
-    movaps      xmm3, xmm0              ; transpose coefficients(phase 1)
-    unpcklps    xmm0, xmm5              ; xmm0=(60 70 61 71)
-    unpckhps    xmm3, xmm5              ; xmm3=(62 72 63 73)
-
-    movaps      xmm7, XMMWORD [wk(0)]   ; xmm7=tmp2
-    movaps      xmm5, XMMWORD [wk(1)]   ; xmm5=tmp3
-
-    movaps      XMMWORD [wk(0)], xmm0   ; wk(0)=(60 70 61 71)
-    movaps      XMMWORD [wk(1)], xmm3   ; wk(1)=(62 72 63 73)
-
-    addps       xmm4, xmm2              ; xmm4=tmp4
-    movaps      xmm0, xmm7
-    movaps      xmm3, xmm5
-    addps       xmm7, xmm2              ; xmm7=data2=(20 21 22 23)
-    addps       xmm5, xmm4              ; xmm5=data4=(40 41 42 43)
-    subps       xmm0, xmm2              ; xmm0=data5=(50 51 52 53)
-    subps       xmm3, xmm4              ; xmm3=data3=(30 31 32 33)
-
-    movaps      xmm2, xmm7              ; transpose coefficients(phase 1)
-    unpcklps    xmm7, xmm3              ; xmm7=(20 30 21 31)
-    unpckhps    xmm2, xmm3              ; xmm2=(22 32 23 33)
-    movaps      xmm4, xmm5              ; transpose coefficients(phase 1)
-    unpcklps    xmm5, xmm0              ; xmm5=(40 50 41 51)
-    unpckhps    xmm4, xmm0              ; xmm4=(42 52 43 53)
-
-    movaps      xmm3, xmm6              ; transpose coefficients(phase 2)
-    unpcklps2   xmm6, xmm7              ; xmm6=(00 10 20 30)
-    unpckhps2   xmm3, xmm7              ; xmm3=(01 11 21 31)
-    movaps      xmm0, xmm1              ; transpose coefficients(phase 2)
-    unpcklps2   xmm1, xmm2              ; xmm1=(02 12 22 32)
-    unpckhps2   xmm0, xmm2              ; xmm0=(03 13 23 33)
-
-    movaps      xmm7, XMMWORD [wk(0)]   ; xmm7=(60 70 61 71)
-    movaps      xmm2, XMMWORD [wk(1)]   ; xmm2=(62 72 63 73)
-
-    movaps      XMMWORD [XMMBLOCK(0,0,rdi,SIZEOF_FAST_FLOAT)], xmm6
-    movaps      XMMWORD [XMMBLOCK(1,0,rdi,SIZEOF_FAST_FLOAT)], xmm3
-    movaps      XMMWORD [XMMBLOCK(2,0,rdi,SIZEOF_FAST_FLOAT)], xmm1
-    movaps      XMMWORD [XMMBLOCK(3,0,rdi,SIZEOF_FAST_FLOAT)], xmm0
-
-    movaps      xmm6, xmm5              ; transpose coefficients(phase 2)
-    unpcklps2   xmm5, xmm7              ; xmm5=(40 50 60 70)
-    unpckhps2   xmm6, xmm7              ; xmm6=(41 51 61 71)
-    movaps      xmm3, xmm4              ; transpose coefficients(phase 2)
-    unpcklps2   xmm4, xmm2              ; xmm4=(42 52 62 72)
-    unpckhps2   xmm3, xmm2              ; xmm3=(43 53 63 73)
-
-    movaps      XMMWORD [XMMBLOCK(0,1,rdi,SIZEOF_FAST_FLOAT)], xmm5
-    movaps      XMMWORD [XMMBLOCK(1,1,rdi,SIZEOF_FAST_FLOAT)], xmm6
-    movaps      XMMWORD [XMMBLOCK(2,1,rdi,SIZEOF_FAST_FLOAT)], xmm4
-    movaps      XMMWORD [XMMBLOCK(3,1,rdi,SIZEOF_FAST_FLOAT)], xmm3
-
-.nextcolumn:
-    add         rsi, byte 4*SIZEOF_JCOEF               ; coef_block
-    add         rdx, byte 4*SIZEOF_FLOAT_MULT_TYPE     ; quantptr
-    add         rdi,      4*DCTSIZE*SIZEOF_FAST_FLOAT  ; wsptr
-    dec         rcx                                    ; ctr
-    jnz         near .columnloop
-
-    ; -- Prefetch the next coefficient block
-
-    prefetchnta [rsi + (DCTSIZE2-8)*SIZEOF_JCOEF + 0*32]
-    prefetchnta [rsi + (DCTSIZE2-8)*SIZEOF_JCOEF + 1*32]
-    prefetchnta [rsi + (DCTSIZE2-8)*SIZEOF_JCOEF + 2*32]
-    prefetchnta [rsi + (DCTSIZE2-8)*SIZEOF_JCOEF + 3*32]
-
-    ; ---- Pass 2: process rows from work array, store into output array.
-
-    mov         rax, [original_rbp]
-    lea         rsi, [workspace]        ; FAST_FLOAT *wsptr
-    mov         rdi, r12                ; (JSAMPROW *)
-    mov         eax, r13d
-    mov         rcx, DCTSIZE/4          ; ctr
-.rowloop:
-
-    ; -- Even part
-
-    movaps      xmm0, XMMWORD [XMMBLOCK(0,0,rsi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm1, XMMWORD [XMMBLOCK(2,0,rsi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm2, XMMWORD [XMMBLOCK(4,0,rsi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm3, XMMWORD [XMMBLOCK(6,0,rsi,SIZEOF_FAST_FLOAT)]
-
-    movaps      xmm4, xmm0
-    movaps      xmm5, xmm1
-    subps       xmm0, xmm2              ; xmm0=tmp11
-    subps       xmm1, xmm3
-    addps       xmm4, xmm2              ; xmm4=tmp10
-    addps       xmm5, xmm3              ; xmm5=tmp13
-
-    mulps       xmm1, [rel PD_1_414]
-    subps       xmm1, xmm5              ; xmm1=tmp12
-
-    movaps      xmm6, xmm4
-    movaps      xmm7, xmm0
-    subps       xmm4, xmm5              ; xmm4=tmp3
-    subps       xmm0, xmm1              ; xmm0=tmp2
-    addps       xmm6, xmm5              ; xmm6=tmp0
-    addps       xmm7, xmm1              ; xmm7=tmp1
-
-    movaps      XMMWORD [wk(1)], xmm4   ; tmp3
-    movaps      XMMWORD [wk(0)], xmm0   ; tmp2
-
-    ; -- Odd part
-
-    movaps      xmm2, XMMWORD [XMMBLOCK(1,0,rsi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm3, XMMWORD [XMMBLOCK(3,0,rsi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm5, XMMWORD [XMMBLOCK(5,0,rsi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm1, XMMWORD [XMMBLOCK(7,0,rsi,SIZEOF_FAST_FLOAT)]
-
-    movaps      xmm4, xmm2
-    movaps      xmm0, xmm5
-    addps       xmm2, xmm1              ; xmm2=z11
-    addps       xmm5, xmm3              ; xmm5=z13
-    subps       xmm4, xmm1              ; xmm4=z12
-    subps       xmm0, xmm3              ; xmm0=z10
-
-    movaps      xmm1, xmm2
-    subps       xmm2, xmm5
-    addps       xmm1, xmm5              ; xmm1=tmp7
-
-    mulps       xmm2, [rel PD_1_414]    ; xmm2=tmp11
-
-    movaps      xmm3, xmm0
-    addps       xmm0, xmm4
-    mulps       xmm0, [rel PD_1_847]    ; xmm0=z5
-    mulps       xmm3, [rel PD_M2_613]   ; xmm3=(z10 * -2.613125930)
-    mulps       xmm4, [rel PD_1_082]    ; xmm4=(z12 * 1.082392200)
-    addps       xmm3, xmm0              ; xmm3=tmp12
-    subps       xmm4, xmm0              ; xmm4=tmp10
-
-    ; -- Final output stage
-
-    subps       xmm3, xmm1              ; xmm3=tmp6
-    movaps      xmm5, xmm6
-    movaps      xmm0, xmm7
-    addps       xmm6, xmm1              ; xmm6=data0=(00 10 20 30)
-    addps       xmm7, xmm3              ; xmm7=data1=(01 11 21 31)
-    subps       xmm5, xmm1              ; xmm5=data7=(07 17 27 37)
-    subps       xmm0, xmm3              ; xmm0=data6=(06 16 26 36)
-    subps       xmm2, xmm3              ; xmm2=tmp5
-
-    movaps      xmm1, [rel PD_RNDINT_MAGIC]  ; xmm1=[rel PD_RNDINT_MAGIC]
-    pcmpeqd     xmm3, xmm3
-    psrld       xmm3, WORD_BIT          ; xmm3={0xFFFF 0x0000 0xFFFF 0x0000 ..}
-
-    addps       xmm6, xmm1              ; xmm6=roundint(data0/8)=(00 ** 10 ** 20 ** 30 **)
-    addps       xmm7, xmm1              ; xmm7=roundint(data1/8)=(01 ** 11 ** 21 ** 31 **)
-    addps       xmm0, xmm1              ; xmm0=roundint(data6/8)=(06 ** 16 ** 26 ** 36 **)
-    addps       xmm5, xmm1              ; xmm5=roundint(data7/8)=(07 ** 17 ** 27 ** 37 **)
-
-    pand        xmm6, xmm3              ; xmm6=(00 -- 10 -- 20 -- 30 --)
-    pslld       xmm7, WORD_BIT          ; xmm7=(-- 01 -- 11 -- 21 -- 31)
-    pand        xmm0, xmm3              ; xmm0=(06 -- 16 -- 26 -- 36 --)
-    pslld       xmm5, WORD_BIT          ; xmm5=(-- 07 -- 17 -- 27 -- 37)
-    por         xmm6, xmm7              ; xmm6=(00 01 10 11 20 21 30 31)
-    por         xmm0, xmm5              ; xmm0=(06 07 16 17 26 27 36 37)
-
-    movaps      xmm1,  XMMWORD [wk(0)]  ; xmm1=tmp2
-    movaps      xmm3,  XMMWORD [wk(1)]  ; xmm3=tmp3
-
-    addps       xmm4, xmm2              ; xmm4=tmp4
-    movaps      xmm7, xmm1
-    movaps      xmm5, xmm3
-    addps       xmm1, xmm2              ; xmm1=data2=(02 12 22 32)
-    addps       xmm3, xmm4              ; xmm3=data4=(04 14 24 34)
-    subps       xmm7, xmm2              ; xmm7=data5=(05 15 25 35)
-    subps       xmm5, xmm4              ; xmm5=data3=(03 13 23 33)
-
-    movaps      xmm2, [rel PD_RNDINT_MAGIC]  ; xmm2=[rel PD_RNDINT_MAGIC]
-    pcmpeqd     xmm4, xmm4
-    psrld       xmm4, WORD_BIT          ; xmm4={0xFFFF 0x0000 0xFFFF 0x0000 ..}
-
-    addps       xmm3, xmm2              ; xmm3=roundint(data4/8)=(04 ** 14 ** 24 ** 34 **)
-    addps       xmm7, xmm2              ; xmm7=roundint(data5/8)=(05 ** 15 ** 25 ** 35 **)
-    addps       xmm1, xmm2              ; xmm1=roundint(data2/8)=(02 ** 12 ** 22 ** 32 **)
-    addps       xmm5, xmm2              ; xmm5=roundint(data3/8)=(03 ** 13 ** 23 ** 33 **)
-
-    pand        xmm3, xmm4              ; xmm3=(04 -- 14 -- 24 -- 34 --)
-    pslld       xmm7, WORD_BIT          ; xmm7=(-- 05 -- 15 -- 25 -- 35)
-    pand        xmm1, xmm4              ; xmm1=(02 -- 12 -- 22 -- 32 --)
-    pslld       xmm5, WORD_BIT          ; xmm5=(-- 03 -- 13 -- 23 -- 33)
-    por         xmm3, xmm7              ; xmm3=(04 05 14 15 24 25 34 35)
-    por         xmm1, xmm5              ; xmm1=(02 03 12 13 22 23 32 33)
-
-    movdqa      xmm2, [rel PB_CENTERJSAMP]  ; xmm2=[rel PB_CENTERJSAMP]
-
-    packsswb    xmm6, xmm3        ; xmm6=(00 01 10 11 20 21 30 31 04 05 14 15 24 25 34 35)
-    packsswb    xmm1, xmm0        ; xmm1=(02 03 12 13 22 23 32 33 06 07 16 17 26 27 36 37)
-    paddb       xmm6, xmm2
-    paddb       xmm1, xmm2
-
-    movdqa      xmm4, xmm6        ; transpose coefficients(phase 2)
-    punpcklwd   xmm6, xmm1        ; xmm6=(00 01 02 03 10 11 12 13 20 21 22 23 30 31 32 33)
-    punpckhwd   xmm4, xmm1        ; xmm4=(04 05 06 07 14 15 16 17 24 25 26 27 34 35 36 37)
-
-    movdqa      xmm7, xmm6        ; transpose coefficients(phase 3)
-    punpckldq   xmm6, xmm4        ; xmm6=(00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17)
-    punpckhdq   xmm7, xmm4        ; xmm7=(20 21 22 23 24 25 26 27 30 31 32 33 34 35 36 37)
-
-    pshufd      xmm5, xmm6, 0x4E  ; xmm5=(10 11 12 13 14 15 16 17 00 01 02 03 04 05 06 07)
-    pshufd      xmm3, xmm7, 0x4E  ; xmm3=(30 31 32 33 34 35 36 37 20 21 22 23 24 25 26 27)
-
-    mov         rdxp, JSAMPROW [rdi+0*SIZEOF_JSAMPROW]
-    mov         rbxp, JSAMPROW [rdi+2*SIZEOF_JSAMPROW]
-    movq        XMM_MMWORD [rdx+rax*SIZEOF_JSAMPLE], xmm6
-    movq        XMM_MMWORD [rbx+rax*SIZEOF_JSAMPLE], xmm7
-    mov         rdxp, JSAMPROW [rdi+1*SIZEOF_JSAMPROW]
-    mov         rbxp, JSAMPROW [rdi+3*SIZEOF_JSAMPROW]
-    movq        XMM_MMWORD [rdx+rax*SIZEOF_JSAMPLE], xmm5
-    movq        XMM_MMWORD [rbx+rax*SIZEOF_JSAMPLE], xmm3
-
-    add         rsi, byte 4*SIZEOF_FAST_FLOAT  ; wsptr
-    add         rdi, byte 4*SIZEOF_JSAMPROW
-    dec         rcx                            ; ctr
-    jnz         near .rowloop
-
-    pop         rbx
-    uncollect_args 4
-    mov         rsp, rbp                ; rsp <- aligned rbp
-    pop         rsp                     ; rsp <- original rbp
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jidctfst-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jidctfst-sse2.asm
deleted file mode 100644
index cb97fdf..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jidctfst-sse2.asm
+++ /dev/null
@@ -1,491 +0,0 @@
-;
-; jidctfst.asm - fast integer IDCT (64-bit SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a fast, not so accurate integer implementation of
-; the inverse DCT (Discrete Cosine Transform). The following code is
-; based directly on the IJG's original jidctfst.c; see the jidctfst.c
-; for more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%define CONST_BITS  8  ; 14 is also OK.
-%define PASS1_BITS  2
-
-%if IFAST_SCALE_BITS != PASS1_BITS
-%error "'IFAST_SCALE_BITS' must be equal to 'PASS1_BITS'."
-%endif
-
-%if CONST_BITS == 8
-F_1_082 equ 277              ; FIX(1.082392200)
-F_1_414 equ 362              ; FIX(1.414213562)
-F_1_847 equ 473              ; FIX(1.847759065)
-F_2_613 equ 669              ; FIX(2.613125930)
-F_1_613 equ (F_2_613 - 256)  ; FIX(2.613125930) - FIX(1)
-%else
-; NASM cannot do compile-time arithmetic on floating-point constants.
-%define DESCALE(x, n)  (((x) + (1 << ((n) - 1))) >> (n))
-F_1_082 equ DESCALE(1162209775, 30 - CONST_BITS)  ; FIX(1.082392200)
-F_1_414 equ DESCALE(1518500249, 30 - CONST_BITS)  ; FIX(1.414213562)
-F_1_847 equ DESCALE(1984016188, 30 - CONST_BITS)  ; FIX(1.847759065)
-F_2_613 equ DESCALE(2805822602, 30 - CONST_BITS)  ; FIX(2.613125930)
-F_1_613 equ (F_2_613 - (1 << CONST_BITS))         ; FIX(2.613125930) - FIX(1)
-%endif
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-; PRE_MULTIPLY_SCALE_BITS <= 2 (to avoid overflow)
-; CONST_BITS + CONST_SHIFT + PRE_MULTIPLY_SCALE_BITS == 16 (for pmulhw)
-
-%define PRE_MULTIPLY_SCALE_BITS  2
-%define CONST_SHIFT              (16 - PRE_MULTIPLY_SCALE_BITS - CONST_BITS)
-
-    alignz      32
-    GLOBAL_DATA(jconst_idct_ifast_sse2)
-
-EXTN(jconst_idct_ifast_sse2):
-
-PW_F1414       times 8  dw  F_1_414 << CONST_SHIFT
-PW_F1847       times 8  dw  F_1_847 << CONST_SHIFT
-PW_MF1613      times 8  dw -F_1_613 << CONST_SHIFT
-PW_F1082       times 8  dw  F_1_082 << CONST_SHIFT
-PB_CENTERJSAMP times 16 db  CENTERJSAMPLE
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-;
-; Perform dequantization and inverse DCT on one block of coefficients.
-;
-; GLOBAL(void)
-; jsimd_idct_ifast_sse2(void *dct_table, JCOEFPTR coef_block,
-;                      JSAMPARRAY output_buf, JDIMENSION output_col)
-;
-
-; r10 = jpeg_component_info *compptr
-; r11 = JCOEFPTR coef_block
-; r12 = JSAMPARRAY output_buf
-; r13d = JDIMENSION output_col
-
-%define original_rbp  rbp + 0
-%define wk(i)         rbp - (WK_NUM - (i)) * SIZEOF_XMMWORD
-                                        ; xmmword wk[WK_NUM]
-%define WK_NUM        2
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_idct_ifast_sse2)
-
-EXTN(jsimd_idct_ifast_sse2):
-    push        rbp
-    mov         rax, rsp                     ; rax = original rbp
-    sub         rsp, byte 4
-    and         rsp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [rsp], rax
-    mov         rbp, rsp                     ; rbp = aligned rbp
-    lea         rsp, [wk(0)]
-    collect_args 4
-
-    ; ---- Pass 1: process columns from input.
-
-    mov         rdx, r10                ; quantptr
-    mov         rsi, r11                ; inptr
-
-%ifndef NO_ZERO_COLUMN_TEST_IFAST_SSE2
-    mov         eax, dword [DWBLOCK(1,0,rsi,SIZEOF_JCOEF)]
-    or          eax, dword [DWBLOCK(2,0,rsi,SIZEOF_JCOEF)]
-    jnz         near .columnDCT
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(1,0,rsi,SIZEOF_JCOEF)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(2,0,rsi,SIZEOF_JCOEF)]
-    por         xmm0, XMMWORD [XMMBLOCK(3,0,rsi,SIZEOF_JCOEF)]
-    por         xmm1, XMMWORD [XMMBLOCK(4,0,rsi,SIZEOF_JCOEF)]
-    por         xmm0, XMMWORD [XMMBLOCK(5,0,rsi,SIZEOF_JCOEF)]
-    por         xmm1, XMMWORD [XMMBLOCK(6,0,rsi,SIZEOF_JCOEF)]
-    por         xmm0, XMMWORD [XMMBLOCK(7,0,rsi,SIZEOF_JCOEF)]
-    por         xmm1, xmm0
-    packsswb    xmm1, xmm1
-    packsswb    xmm1, xmm1
-    movd        eax, xmm1
-    test        rax, rax
-    jnz         short .columnDCT
-
-    ; -- AC terms all zero
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(0,0,rsi,SIZEOF_JCOEF)]
-    pmullw      xmm0, XMMWORD [XMMBLOCK(0,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    movdqa      xmm7, xmm0              ; xmm0=in0=(00 01 02 03 04 05 06 07)
-    punpcklwd   xmm0, xmm0              ; xmm0=(00 00 01 01 02 02 03 03)
-    punpckhwd   xmm7, xmm7              ; xmm7=(04 04 05 05 06 06 07 07)
-
-    pshufd      xmm6, xmm0, 0x00        ; xmm6=col0=(00 00 00 00 00 00 00 00)
-    pshufd      xmm2, xmm0, 0x55        ; xmm2=col1=(01 01 01 01 01 01 01 01)
-    pshufd      xmm5, xmm0, 0xAA        ; xmm5=col2=(02 02 02 02 02 02 02 02)
-    pshufd      xmm0, xmm0, 0xFF        ; xmm0=col3=(03 03 03 03 03 03 03 03)
-    pshufd      xmm1, xmm7, 0x00        ; xmm1=col4=(04 04 04 04 04 04 04 04)
-    pshufd      xmm4, xmm7, 0x55        ; xmm4=col5=(05 05 05 05 05 05 05 05)
-    pshufd      xmm3, xmm7, 0xAA        ; xmm3=col6=(06 06 06 06 06 06 06 06)
-    pshufd      xmm7, xmm7, 0xFF        ; xmm7=col7=(07 07 07 07 07 07 07 07)
-
-    movdqa      XMMWORD [wk(0)], xmm2   ; wk(0)=col1
-    movdqa      XMMWORD [wk(1)], xmm0   ; wk(1)=col3
-    jmp         near .column_end
-%endif
-.columnDCT:
-
-    ; -- Even part
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(0,0,rsi,SIZEOF_JCOEF)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(2,0,rsi,SIZEOF_JCOEF)]
-    pmullw      xmm0, XMMWORD [XMMBLOCK(0,0,rdx,SIZEOF_IFAST_MULT_TYPE)]
-    pmullw      xmm1, XMMWORD [XMMBLOCK(2,0,rdx,SIZEOF_IFAST_MULT_TYPE)]
-    movdqa      xmm2, XMMWORD [XMMBLOCK(4,0,rsi,SIZEOF_JCOEF)]
-    movdqa      xmm3, XMMWORD [XMMBLOCK(6,0,rsi,SIZEOF_JCOEF)]
-    pmullw      xmm2, XMMWORD [XMMBLOCK(4,0,rdx,SIZEOF_IFAST_MULT_TYPE)]
-    pmullw      xmm3, XMMWORD [XMMBLOCK(6,0,rdx,SIZEOF_IFAST_MULT_TYPE)]
-
-    movdqa      xmm4, xmm0
-    movdqa      xmm5, xmm1
-    psubw       xmm0, xmm2              ; xmm0=tmp11
-    psubw       xmm1, xmm3
-    paddw       xmm4, xmm2              ; xmm4=tmp10
-    paddw       xmm5, xmm3              ; xmm5=tmp13
-
-    psllw       xmm1, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      xmm1, [rel PW_F1414]
-    psubw       xmm1, xmm5              ; xmm1=tmp12
-
-    movdqa      xmm6, xmm4
-    movdqa      xmm7, xmm0
-    psubw       xmm4, xmm5              ; xmm4=tmp3
-    psubw       xmm0, xmm1              ; xmm0=tmp2
-    paddw       xmm6, xmm5              ; xmm6=tmp0
-    paddw       xmm7, xmm1              ; xmm7=tmp1
-
-    movdqa      XMMWORD [wk(1)], xmm4   ; wk(1)=tmp3
-    movdqa      XMMWORD [wk(0)], xmm0   ; wk(0)=tmp2
-
-    ; -- Odd part
-
-    movdqa      xmm2, XMMWORD [XMMBLOCK(1,0,rsi,SIZEOF_JCOEF)]
-    movdqa      xmm3, XMMWORD [XMMBLOCK(3,0,rsi,SIZEOF_JCOEF)]
-    pmullw      xmm2, XMMWORD [XMMBLOCK(1,0,rdx,SIZEOF_IFAST_MULT_TYPE)]
-    pmullw      xmm3, XMMWORD [XMMBLOCK(3,0,rdx,SIZEOF_IFAST_MULT_TYPE)]
-    movdqa      xmm5, XMMWORD [XMMBLOCK(5,0,rsi,SIZEOF_JCOEF)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(7,0,rsi,SIZEOF_JCOEF)]
-    pmullw      xmm5, XMMWORD [XMMBLOCK(5,0,rdx,SIZEOF_IFAST_MULT_TYPE)]
-    pmullw      xmm1, XMMWORD [XMMBLOCK(7,0,rdx,SIZEOF_IFAST_MULT_TYPE)]
-
-    movdqa      xmm4, xmm2
-    movdqa      xmm0, xmm5
-    psubw       xmm2, xmm1              ; xmm2=z12
-    psubw       xmm5, xmm3              ; xmm5=z10
-    paddw       xmm4, xmm1              ; xmm4=z11
-    paddw       xmm0, xmm3              ; xmm0=z13
-
-    movdqa      xmm1, xmm5              ; xmm1=z10(unscaled)
-    psllw       xmm2, PRE_MULTIPLY_SCALE_BITS
-    psllw       xmm5, PRE_MULTIPLY_SCALE_BITS
-
-    movdqa      xmm3, xmm4
-    psubw       xmm4, xmm0
-    paddw       xmm3, xmm0              ; xmm3=tmp7
-
-    psllw       xmm4, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      xmm4, [rel PW_F1414]    ; xmm4=tmp11
-
-    ; To avoid overflow...
-    ;
-    ; (Original)
-    ; tmp12 = -2.613125930 * z10 + z5;
-    ;
-    ; (This implementation)
-    ; tmp12 = (-1.613125930 - 1) * z10 + z5;
-    ;       = -1.613125930 * z10 - z10 + z5;
-
-    movdqa      xmm0, xmm5
-    paddw       xmm5, xmm2
-    pmulhw      xmm5, [rel PW_F1847]    ; xmm5=z5
-    pmulhw      xmm0, [rel PW_MF1613]
-    pmulhw      xmm2, [rel PW_F1082]
-    psubw       xmm0, xmm1
-    psubw       xmm2, xmm5              ; xmm2=tmp10
-    paddw       xmm0, xmm5              ; xmm0=tmp12
-
-    ; -- Final output stage
-
-    psubw       xmm0, xmm3              ; xmm0=tmp6
-    movdqa      xmm1, xmm6
-    movdqa      xmm5, xmm7
-    paddw       xmm6, xmm3              ; xmm6=data0=(00 01 02 03 04 05 06 07)
-    paddw       xmm7, xmm0              ; xmm7=data1=(10 11 12 13 14 15 16 17)
-    psubw       xmm1, xmm3              ; xmm1=data7=(70 71 72 73 74 75 76 77)
-    psubw       xmm5, xmm0              ; xmm5=data6=(60 61 62 63 64 65 66 67)
-    psubw       xmm4, xmm0              ; xmm4=tmp5
-
-    movdqa      xmm3, xmm6              ; transpose coefficients(phase 1)
-    punpcklwd   xmm6, xmm7              ; xmm6=(00 10 01 11 02 12 03 13)
-    punpckhwd   xmm3, xmm7              ; xmm3=(04 14 05 15 06 16 07 17)
-    movdqa      xmm0, xmm5              ; transpose coefficients(phase 1)
-    punpcklwd   xmm5, xmm1              ; xmm5=(60 70 61 71 62 72 63 73)
-    punpckhwd   xmm0, xmm1              ; xmm0=(64 74 65 75 66 76 67 77)
-
-    movdqa      xmm7, XMMWORD [wk(0)]   ; xmm7=tmp2
-    movdqa      xmm1, XMMWORD [wk(1)]   ; xmm1=tmp3
-
-    movdqa      XMMWORD [wk(0)], xmm5   ; wk(0)=(60 70 61 71 62 72 63 73)
-    movdqa      XMMWORD [wk(1)], xmm0   ; wk(1)=(64 74 65 75 66 76 67 77)
-
-    paddw       xmm2, xmm4              ; xmm2=tmp4
-    movdqa      xmm5, xmm7
-    movdqa      xmm0, xmm1
-    paddw       xmm7, xmm4              ; xmm7=data2=(20 21 22 23 24 25 26 27)
-    paddw       xmm1, xmm2              ; xmm1=data4=(40 41 42 43 44 45 46 47)
-    psubw       xmm5, xmm4              ; xmm5=data5=(50 51 52 53 54 55 56 57)
-    psubw       xmm0, xmm2              ; xmm0=data3=(30 31 32 33 34 35 36 37)
-
-    movdqa      xmm4, xmm7              ; transpose coefficients(phase 1)
-    punpcklwd   xmm7, xmm0              ; xmm7=(20 30 21 31 22 32 23 33)
-    punpckhwd   xmm4, xmm0              ; xmm4=(24 34 25 35 26 36 27 37)
-    movdqa      xmm2, xmm1              ; transpose coefficients(phase 1)
-    punpcklwd   xmm1, xmm5              ; xmm1=(40 50 41 51 42 52 43 53)
-    punpckhwd   xmm2, xmm5              ; xmm2=(44 54 45 55 46 56 47 57)
-
-    movdqa      xmm0, xmm3              ; transpose coefficients(phase 2)
-    punpckldq   xmm3, xmm4              ; xmm3=(04 14 24 34 05 15 25 35)
-    punpckhdq   xmm0, xmm4              ; xmm0=(06 16 26 36 07 17 27 37)
-    movdqa      xmm5, xmm6              ; transpose coefficients(phase 2)
-    punpckldq   xmm6, xmm7              ; xmm6=(00 10 20 30 01 11 21 31)
-    punpckhdq   xmm5, xmm7              ; xmm5=(02 12 22 32 03 13 23 33)
-
-    movdqa      xmm4, XMMWORD [wk(0)]   ; xmm4=(60 70 61 71 62 72 63 73)
-    movdqa      xmm7, XMMWORD [wk(1)]   ; xmm7=(64 74 65 75 66 76 67 77)
-
-    movdqa      XMMWORD [wk(0)], xmm3   ; wk(0)=(04 14 24 34 05 15 25 35)
-    movdqa      XMMWORD [wk(1)], xmm0   ; wk(1)=(06 16 26 36 07 17 27 37)
-
-    movdqa      xmm3, xmm1              ; transpose coefficients(phase 2)
-    punpckldq   xmm1, xmm4              ; xmm1=(40 50 60 70 41 51 61 71)
-    punpckhdq   xmm3, xmm4              ; xmm3=(42 52 62 72 43 53 63 73)
-    movdqa      xmm0, xmm2              ; transpose coefficients(phase 2)
-    punpckldq   xmm2, xmm7              ; xmm2=(44 54 64 74 45 55 65 75)
-    punpckhdq   xmm0, xmm7              ; xmm0=(46 56 66 76 47 57 67 77)
-
-    movdqa      xmm4, xmm6              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm6, xmm1              ; xmm6=col0=(00 10 20 30 40 50 60 70)
-    punpckhqdq  xmm4, xmm1              ; xmm4=col1=(01 11 21 31 41 51 61 71)
-    movdqa      xmm7, xmm5              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm5, xmm3              ; xmm5=col2=(02 12 22 32 42 52 62 72)
-    punpckhqdq  xmm7, xmm3              ; xmm7=col3=(03 13 23 33 43 53 63 73)
-
-    movdqa      xmm1, XMMWORD [wk(0)]   ; xmm1=(04 14 24 34 05 15 25 35)
-    movdqa      xmm3, XMMWORD [wk(1)]   ; xmm3=(06 16 26 36 07 17 27 37)
-
-    movdqa      XMMWORD [wk(0)], xmm4   ; wk(0)=col1
-    movdqa      XMMWORD [wk(1)], xmm7   ; wk(1)=col3
-
-    movdqa      xmm4, xmm1              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm1, xmm2              ; xmm1=col4=(04 14 24 34 44 54 64 74)
-    punpckhqdq  xmm4, xmm2              ; xmm4=col5=(05 15 25 35 45 55 65 75)
-    movdqa      xmm7, xmm3              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm3, xmm0              ; xmm3=col6=(06 16 26 36 46 56 66 76)
-    punpckhqdq  xmm7, xmm0              ; xmm7=col7=(07 17 27 37 47 57 67 77)
-.column_end:
-
-    ; -- Prefetch the next coefficient block
-
-    prefetchnta [rsi + DCTSIZE2*SIZEOF_JCOEF + 0*32]
-    prefetchnta [rsi + DCTSIZE2*SIZEOF_JCOEF + 1*32]
-    prefetchnta [rsi + DCTSIZE2*SIZEOF_JCOEF + 2*32]
-    prefetchnta [rsi + DCTSIZE2*SIZEOF_JCOEF + 3*32]
-
-    ; ---- Pass 2: process rows from work array, store into output array.
-
-    mov         rax, [original_rbp]
-    mov         rdi, r12                ; (JSAMPROW *)
-    mov         eax, r13d
-
-    ; -- Even part
-
-    ; xmm6=col0, xmm5=col2, xmm1=col4, xmm3=col6
-
-    movdqa      xmm2, xmm6
-    movdqa      xmm0, xmm5
-    psubw       xmm6, xmm1              ; xmm6=tmp11
-    psubw       xmm5, xmm3
-    paddw       xmm2, xmm1              ; xmm2=tmp10
-    paddw       xmm0, xmm3              ; xmm0=tmp13
-
-    psllw       xmm5, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      xmm5, [rel PW_F1414]
-    psubw       xmm5, xmm0              ; xmm5=tmp12
-
-    movdqa      xmm1, xmm2
-    movdqa      xmm3, xmm6
-    psubw       xmm2, xmm0              ; xmm2=tmp3
-    psubw       xmm6, xmm5              ; xmm6=tmp2
-    paddw       xmm1, xmm0              ; xmm1=tmp0
-    paddw       xmm3, xmm5              ; xmm3=tmp1
-
-    movdqa      xmm0, XMMWORD [wk(0)]   ; xmm0=col1
-    movdqa      xmm5, XMMWORD [wk(1)]   ; xmm5=col3
-
-    movdqa      XMMWORD [wk(0)], xmm2   ; wk(0)=tmp3
-    movdqa      XMMWORD [wk(1)], xmm6   ; wk(1)=tmp2
-
-    ; -- Odd part
-
-    ; xmm0=col1, xmm5=col3, xmm4=col5, xmm7=col7
-
-    movdqa      xmm2, xmm0
-    movdqa      xmm6, xmm4
-    psubw       xmm0, xmm7              ; xmm0=z12
-    psubw       xmm4, xmm5              ; xmm4=z10
-    paddw       xmm2, xmm7              ; xmm2=z11
-    paddw       xmm6, xmm5              ; xmm6=z13
-
-    movdqa      xmm7, xmm4              ; xmm7=z10(unscaled)
-    psllw       xmm0, PRE_MULTIPLY_SCALE_BITS
-    psllw       xmm4, PRE_MULTIPLY_SCALE_BITS
-
-    movdqa      xmm5, xmm2
-    psubw       xmm2, xmm6
-    paddw       xmm5, xmm6              ; xmm5=tmp7
-
-    psllw       xmm2, PRE_MULTIPLY_SCALE_BITS
-    pmulhw      xmm2, [rel PW_F1414]    ; xmm2=tmp11
-
-    ; To avoid overflow...
-    ;
-    ; (Original)
-    ; tmp12 = -2.613125930 * z10 + z5;
-    ;
-    ; (This implementation)
-    ; tmp12 = (-1.613125930 - 1) * z10 + z5;
-    ;       = -1.613125930 * z10 - z10 + z5;
-
-    movdqa      xmm6, xmm4
-    paddw       xmm4, xmm0
-    pmulhw      xmm4, [rel PW_F1847]    ; xmm4=z5
-    pmulhw      xmm6, [rel PW_MF1613]
-    pmulhw      xmm0, [rel PW_F1082]
-    psubw       xmm6, xmm7
-    psubw       xmm0, xmm4              ; xmm0=tmp10
-    paddw       xmm6, xmm4              ; xmm6=tmp12
-
-    ; -- Final output stage
-
-    psubw       xmm6, xmm5              ; xmm6=tmp6
-    movdqa      xmm7, xmm1
-    movdqa      xmm4, xmm3
-    paddw       xmm1, xmm5              ; xmm1=data0=(00 10 20 30 40 50 60 70)
-    paddw       xmm3, xmm6              ; xmm3=data1=(01 11 21 31 41 51 61 71)
-    psraw       xmm1, (PASS1_BITS+3)    ; descale
-    psraw       xmm3, (PASS1_BITS+3)    ; descale
-    psubw       xmm7, xmm5              ; xmm7=data7=(07 17 27 37 47 57 67 77)
-    psubw       xmm4, xmm6              ; xmm4=data6=(06 16 26 36 46 56 66 76)
-    psraw       xmm7, (PASS1_BITS+3)    ; descale
-    psraw       xmm4, (PASS1_BITS+3)    ; descale
-    psubw       xmm2, xmm6              ; xmm2=tmp5
-
-    packsswb    xmm1, xmm4        ; xmm1=(00 10 20 30 40 50 60 70 06 16 26 36 46 56 66 76)
-    packsswb    xmm3, xmm7        ; xmm3=(01 11 21 31 41 51 61 71 07 17 27 37 47 57 67 77)
-
-    movdqa      xmm5, XMMWORD [wk(1)]   ; xmm5=tmp2
-    movdqa      xmm6, XMMWORD [wk(0)]   ; xmm6=tmp3
-
-    paddw       xmm0, xmm2              ; xmm0=tmp4
-    movdqa      xmm4, xmm5
-    movdqa      xmm7, xmm6
-    paddw       xmm5, xmm2              ; xmm5=data2=(02 12 22 32 42 52 62 72)
-    paddw       xmm6, xmm0              ; xmm6=data4=(04 14 24 34 44 54 64 74)
-    psraw       xmm5, (PASS1_BITS+3)    ; descale
-    psraw       xmm6, (PASS1_BITS+3)    ; descale
-    psubw       xmm4, xmm2              ; xmm4=data5=(05 15 25 35 45 55 65 75)
-    psubw       xmm7, xmm0              ; xmm7=data3=(03 13 23 33 43 53 63 73)
-    psraw       xmm4, (PASS1_BITS+3)    ; descale
-    psraw       xmm7, (PASS1_BITS+3)    ; descale
-
-    movdqa      xmm2, [rel PB_CENTERJSAMP]  ; xmm2=[rel PB_CENTERJSAMP]
-
-    packsswb    xmm5, xmm6        ; xmm5=(02 12 22 32 42 52 62 72 04 14 24 34 44 54 64 74)
-    packsswb    xmm7, xmm4        ; xmm7=(03 13 23 33 43 53 63 73 05 15 25 35 45 55 65 75)
-
-    paddb       xmm1, xmm2
-    paddb       xmm3, xmm2
-    paddb       xmm5, xmm2
-    paddb       xmm7, xmm2
-
-    movdqa      xmm0, xmm1        ; transpose coefficients(phase 1)
-    punpcklbw   xmm1, xmm3        ; xmm1=(00 01 10 11 20 21 30 31 40 41 50 51 60 61 70 71)
-    punpckhbw   xmm0, xmm3        ; xmm0=(06 07 16 17 26 27 36 37 46 47 56 57 66 67 76 77)
-    movdqa      xmm6, xmm5        ; transpose coefficients(phase 1)
-    punpcklbw   xmm5, xmm7        ; xmm5=(02 03 12 13 22 23 32 33 42 43 52 53 62 63 72 73)
-    punpckhbw   xmm6, xmm7        ; xmm6=(04 05 14 15 24 25 34 35 44 45 54 55 64 65 74 75)
-
-    movdqa      xmm4, xmm1        ; transpose coefficients(phase 2)
-    punpcklwd   xmm1, xmm5        ; xmm1=(00 01 02 03 10 11 12 13 20 21 22 23 30 31 32 33)
-    punpckhwd   xmm4, xmm5        ; xmm4=(40 41 42 43 50 51 52 53 60 61 62 63 70 71 72 73)
-    movdqa      xmm2, xmm6        ; transpose coefficients(phase 2)
-    punpcklwd   xmm6, xmm0        ; xmm6=(04 05 06 07 14 15 16 17 24 25 26 27 34 35 36 37)
-    punpckhwd   xmm2, xmm0        ; xmm2=(44 45 46 47 54 55 56 57 64 65 66 67 74 75 76 77)
-
-    movdqa      xmm3, xmm1        ; transpose coefficients(phase 3)
-    punpckldq   xmm1, xmm6        ; xmm1=(00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17)
-    punpckhdq   xmm3, xmm6        ; xmm3=(20 21 22 23 24 25 26 27 30 31 32 33 34 35 36 37)
-    movdqa      xmm7, xmm4        ; transpose coefficients(phase 3)
-    punpckldq   xmm4, xmm2        ; xmm4=(40 41 42 43 44 45 46 47 50 51 52 53 54 55 56 57)
-    punpckhdq   xmm7, xmm2        ; xmm7=(60 61 62 63 64 65 66 67 70 71 72 73 74 75 76 77)
-
-    pshufd      xmm5, xmm1, 0x4E  ; xmm5=(10 11 12 13 14 15 16 17 00 01 02 03 04 05 06 07)
-    pshufd      xmm0, xmm3, 0x4E  ; xmm0=(30 31 32 33 34 35 36 37 20 21 22 23 24 25 26 27)
-    pshufd      xmm6, xmm4, 0x4E  ; xmm6=(50 51 52 53 54 55 56 57 40 41 42 43 44 45 46 47)
-    pshufd      xmm2, xmm7, 0x4E  ; xmm2=(70 71 72 73 74 75 76 77 60 61 62 63 64 65 66 67)
-
-    mov         rdxp, JSAMPROW [rdi+0*SIZEOF_JSAMPROW]
-    mov         rsip, JSAMPROW [rdi+2*SIZEOF_JSAMPROW]
-    movq        XMM_MMWORD [rdx+rax*SIZEOF_JSAMPLE], xmm1
-    movq        XMM_MMWORD [rsi+rax*SIZEOF_JSAMPLE], xmm3
-    mov         rdxp, JSAMPROW [rdi+4*SIZEOF_JSAMPROW]
-    mov         rsip, JSAMPROW [rdi+6*SIZEOF_JSAMPROW]
-    movq        XMM_MMWORD [rdx+rax*SIZEOF_JSAMPLE], xmm4
-    movq        XMM_MMWORD [rsi+rax*SIZEOF_JSAMPLE], xmm7
-
-    mov         rdxp, JSAMPROW [rdi+1*SIZEOF_JSAMPROW]
-    mov         rsip, JSAMPROW [rdi+3*SIZEOF_JSAMPROW]
-    movq        XMM_MMWORD [rdx+rax*SIZEOF_JSAMPLE], xmm5
-    movq        XMM_MMWORD [rsi+rax*SIZEOF_JSAMPLE], xmm0
-    mov         rdxp, JSAMPROW [rdi+5*SIZEOF_JSAMPROW]
-    mov         rsip, JSAMPROW [rdi+7*SIZEOF_JSAMPROW]
-    movq        XMM_MMWORD [rdx+rax*SIZEOF_JSAMPLE], xmm6
-    movq        XMM_MMWORD [rsi+rax*SIZEOF_JSAMPLE], xmm2
-
-    uncollect_args 4
-    mov         rsp, rbp                ; rsp <- aligned rbp
-    pop         rsp                     ; rsp <- original rbp
-    pop         rbp
-    ret
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jidctint-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jidctint-avx2.asm
deleted file mode 100644
index ca7e317..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jidctint-avx2.asm
+++ /dev/null
@@ -1,418 +0,0 @@
-;
-; jidctint.asm - accurate integer IDCT (64-bit AVX2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, 2018, 2020, D. R. Commander.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a slower but more accurate integer implementation of the
-; inverse DCT (Discrete Cosine Transform). The following code is based
-; directly on the IJG's original jidctint.c; see the jidctint.c for
-; more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%define CONST_BITS  13
-%define PASS1_BITS  2
-
-%define DESCALE_P1  (CONST_BITS - PASS1_BITS)
-%define DESCALE_P2  (CONST_BITS + PASS1_BITS + 3)
-
-%if CONST_BITS == 13
-F_0_298 equ  2446  ; FIX(0.298631336)
-F_0_390 equ  3196  ; FIX(0.390180644)
-F_0_541 equ  4433  ; FIX(0.541196100)
-F_0_765 equ  6270  ; FIX(0.765366865)
-F_0_899 equ  7373  ; FIX(0.899976223)
-F_1_175 equ  9633  ; FIX(1.175875602)
-F_1_501 equ 12299  ; FIX(1.501321110)
-F_1_847 equ 15137  ; FIX(1.847759065)
-F_1_961 equ 16069  ; FIX(1.961570560)
-F_2_053 equ 16819  ; FIX(2.053119869)
-F_2_562 equ 20995  ; FIX(2.562915447)
-F_3_072 equ 25172  ; FIX(3.072711026)
-%else
-; NASM cannot do compile-time arithmetic on floating-point constants.
-%define DESCALE(x, n)  (((x) + (1 << ((n) - 1))) >> (n))
-F_0_298 equ DESCALE( 320652955, 30 - CONST_BITS)  ; FIX(0.298631336)
-F_0_390 equ DESCALE( 418953276, 30 - CONST_BITS)  ; FIX(0.390180644)
-F_0_541 equ DESCALE( 581104887, 30 - CONST_BITS)  ; FIX(0.541196100)
-F_0_765 equ DESCALE( 821806413, 30 - CONST_BITS)  ; FIX(0.765366865)
-F_0_899 equ DESCALE( 966342111, 30 - CONST_BITS)  ; FIX(0.899976223)
-F_1_175 equ DESCALE(1262586813, 30 - CONST_BITS)  ; FIX(1.175875602)
-F_1_501 equ DESCALE(1612031267, 30 - CONST_BITS)  ; FIX(1.501321110)
-F_1_847 equ DESCALE(1984016188, 30 - CONST_BITS)  ; FIX(1.847759065)
-F_1_961 equ DESCALE(2106220350, 30 - CONST_BITS)  ; FIX(1.961570560)
-F_2_053 equ DESCALE(2204520673, 30 - CONST_BITS)  ; FIX(2.053119869)
-F_2_562 equ DESCALE(2751909506, 30 - CONST_BITS)  ; FIX(2.562915447)
-F_3_072 equ DESCALE(3299298341, 30 - CONST_BITS)  ; FIX(3.072711026)
-%endif
-
-; --------------------------------------------------------------------------
-; In-place 8x8x16-bit inverse matrix transpose using AVX2 instructions
-; %1-%4: Input/output registers
-; %5-%8: Temp registers
-
-%macro dotranspose 8
-    ; %5=(00 10 20 30 40 50 60 70  01 11 21 31 41 51 61 71)
-    ; %6=(03 13 23 33 43 53 63 73  02 12 22 32 42 52 62 72)
-    ; %7=(04 14 24 34 44 54 64 74  05 15 25 35 45 55 65 75)
-    ; %8=(07 17 27 37 47 57 67 77  06 16 26 36 46 56 66 76)
-
-    vpermq      %5, %1, 0xD8
-    vpermq      %6, %2, 0x72
-    vpermq      %7, %3, 0xD8
-    vpermq      %8, %4, 0x72
-    ; transpose coefficients(phase 1)
-    ; %5=(00 10 20 30 01 11 21 31  40 50 60 70 41 51 61 71)
-    ; %6=(02 12 22 32 03 13 23 33  42 52 62 72 43 53 63 73)
-    ; %7=(04 14 24 34 05 15 25 35  44 54 64 74 45 55 65 75)
-    ; %8=(06 16 26 36 07 17 27 37  46 56 66 76 47 57 67 77)
-
-    vpunpcklwd  %1, %5, %6
-    vpunpckhwd  %2, %5, %6
-    vpunpcklwd  %3, %7, %8
-    vpunpckhwd  %4, %7, %8
-    ; transpose coefficients(phase 2)
-    ; %1=(00 02 10 12 20 22 30 32  40 42 50 52 60 62 70 72)
-    ; %2=(01 03 11 13 21 23 31 33  41 43 51 53 61 63 71 73)
-    ; %3=(04 06 14 16 24 26 34 36  44 46 54 56 64 66 74 76)
-    ; %4=(05 07 15 17 25 27 35 37  45 47 55 57 65 67 75 77)
-
-    vpunpcklwd  %5, %1, %2
-    vpunpcklwd  %6, %3, %4
-    vpunpckhwd  %7, %1, %2
-    vpunpckhwd  %8, %3, %4
-    ; transpose coefficients(phase 3)
-    ; %5=(00 01 02 03 10 11 12 13  40 41 42 43 50 51 52 53)
-    ; %6=(04 05 06 07 14 15 16 17  44 45 46 47 54 55 56 57)
-    ; %7=(20 21 22 23 30 31 32 33  60 61 62 63 70 71 72 73)
-    ; %8=(24 25 26 27 34 35 36 37  64 65 66 67 74 75 76 77)
-
-    vpunpcklqdq %1, %5, %6
-    vpunpckhqdq %2, %5, %6
-    vpunpcklqdq %3, %7, %8
-    vpunpckhqdq %4, %7, %8
-    ; transpose coefficients(phase 4)
-    ; %1=(00 01 02 03 04 05 06 07  40 41 42 43 44 45 46 47)
-    ; %2=(10 11 12 13 14 15 16 17  50 51 52 53 54 55 56 57)
-    ; %3=(20 21 22 23 24 25 26 27  60 61 62 63 64 65 66 67)
-    ; %4=(30 31 32 33 34 35 36 37  70 71 72 73 74 75 76 77)
-%endmacro
-
-; --------------------------------------------------------------------------
-; In-place 8x8x16-bit accurate integer inverse DCT using AVX2 instructions
-; %1-%4:  Input/output registers
-; %5-%12: Temp registers
-; %9:     Pass (1 or 2)
-
-%macro dodct 13
-    ; -- Even part
-
-    ; (Original)
-    ; z1 = (z2 + z3) * 0.541196100;
-    ; tmp2 = z1 + z3 * -1.847759065;
-    ; tmp3 = z1 + z2 * 0.765366865;
-    ;
-    ; (This implementation)
-    ; tmp2 = z2 * 0.541196100 + z3 * (0.541196100 - 1.847759065);
-    ; tmp3 = z2 * (0.541196100 + 0.765366865) + z3 * 0.541196100;
-
-    vperm2i128  %6, %3, %3, 0x01        ; %6=in6_2
-    vpunpcklwd  %5, %3, %6              ; %5=in26_62L
-    vpunpckhwd  %6, %3, %6              ; %6=in26_62H
-    vpmaddwd    %5, %5, [rel PW_F130_F054_MF130_F054]  ; %5=tmp3_2L
-    vpmaddwd    %6, %6, [rel PW_F130_F054_MF130_F054]  ; %6=tmp3_2H
-
-    vperm2i128  %7, %1, %1, 0x01        ; %7=in4_0
-    vpsignw     %1, %1, [rel PW_1_NEG1]
-    vpaddw      %7, %7, %1              ; %7=(in0+in4)_(in0-in4)
-
-    vpxor       %1, %1, %1
-    vpunpcklwd  %8, %1, %7              ; %8=tmp0_1L
-    vpunpckhwd  %1, %1, %7              ; %1=tmp0_1H
-    vpsrad      %8, %8, (16-CONST_BITS)  ; vpsrad %8,16 & vpslld %8,CONST_BITS
-    vpsrad      %1, %1, (16-CONST_BITS)  ; vpsrad %1,16 & vpslld %1,CONST_BITS
-
-    vpsubd      %11, %8, %5             ; %11=tmp0_1L-tmp3_2L=tmp13_12L
-    vpaddd      %9, %8, %5              ; %9=tmp0_1L+tmp3_2L=tmp10_11L
-    vpsubd      %12, %1, %6             ; %12=tmp0_1H-tmp3_2H=tmp13_12H
-    vpaddd      %10, %1, %6             ; %10=tmp0_1H+tmp3_2H=tmp10_11H
-
-    ; -- Odd part
-
-    vpaddw      %1, %4, %2              ; %1=in7_5+in3_1=z3_4
-
-    ; (Original)
-    ; z5 = (z3 + z4) * 1.175875602;
-    ; z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644;
-    ; z3 += z5;  z4 += z5;
-    ;
-    ; (This implementation)
-    ; z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602;
-    ; z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644);
-
-    vperm2i128  %8, %1, %1, 0x01        ; %8=z4_3
-    vpunpcklwd  %7, %1, %8              ; %7=z34_43L
-    vpunpckhwd  %8, %1, %8              ; %8=z34_43H
-    vpmaddwd    %7, %7, [rel PW_MF078_F117_F078_F117]  ; %7=z3_4L
-    vpmaddwd    %8, %8, [rel PW_MF078_F117_F078_F117]  ; %8=z3_4H
-
-    ; (Original)
-    ; z1 = tmp0 + tmp3;  z2 = tmp1 + tmp2;
-    ; tmp0 = tmp0 * 0.298631336;  tmp1 = tmp1 * 2.053119869;
-    ; tmp2 = tmp2 * 3.072711026;  tmp3 = tmp3 * 1.501321110;
-    ; z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447;
-    ; tmp0 += z1 + z3;  tmp1 += z2 + z4;
-    ; tmp2 += z2 + z3;  tmp3 += z1 + z4;
-    ;
-    ; (This implementation)
-    ; tmp0 = tmp0 * (0.298631336 - 0.899976223) + tmp3 * -0.899976223;
-    ; tmp1 = tmp1 * (2.053119869 - 2.562915447) + tmp2 * -2.562915447;
-    ; tmp2 = tmp1 * -2.562915447 + tmp2 * (3.072711026 - 2.562915447);
-    ; tmp3 = tmp0 * -0.899976223 + tmp3 * (1.501321110 - 0.899976223);
-    ; tmp0 += z3;  tmp1 += z4;
-    ; tmp2 += z3;  tmp3 += z4;
-
-    vperm2i128  %2, %2, %2, 0x01        ; %2=in1_3
-    vpunpcklwd  %3, %4, %2              ; %3=in71_53L
-    vpunpckhwd  %4, %4, %2              ; %4=in71_53H
-
-    vpmaddwd    %5, %3, [rel PW_MF060_MF089_MF050_MF256]  ; %5=tmp0_1L
-    vpmaddwd    %6, %4, [rel PW_MF060_MF089_MF050_MF256]  ; %6=tmp0_1H
-    vpaddd      %5, %5, %7              ; %5=tmp0_1L+z3_4L=tmp0_1L
-    vpaddd      %6, %6, %8              ; %6=tmp0_1H+z3_4H=tmp0_1H
-
-    vpmaddwd    %3, %3, [rel PW_MF089_F060_MF256_F050]  ; %3=tmp3_2L
-    vpmaddwd    %4, %4, [rel PW_MF089_F060_MF256_F050]  ; %4=tmp3_2H
-    vperm2i128  %7, %7, %7, 0x01        ; %7=z4_3L
-    vperm2i128  %8, %8, %8, 0x01        ; %8=z4_3H
-    vpaddd      %7, %3, %7              ; %7=tmp3_2L+z4_3L=tmp3_2L
-    vpaddd      %8, %4, %8              ; %8=tmp3_2H+z4_3H=tmp3_2H
-
-    ; -- Final output stage
-
-    vpaddd      %1, %9, %7              ; %1=tmp10_11L+tmp3_2L=data0_1L
-    vpaddd      %2, %10, %8             ; %2=tmp10_11H+tmp3_2H=data0_1H
-    vpaddd      %1, %1, [rel PD_DESCALE_P %+ %13]
-    vpaddd      %2, %2, [rel PD_DESCALE_P %+ %13]
-    vpsrad      %1, %1, DESCALE_P %+ %13
-    vpsrad      %2, %2, DESCALE_P %+ %13
-    vpackssdw   %1, %1, %2              ; %1=data0_1
-
-    vpsubd      %3, %9, %7              ; %3=tmp10_11L-tmp3_2L=data7_6L
-    vpsubd      %4, %10, %8             ; %4=tmp10_11H-tmp3_2H=data7_6H
-    vpaddd      %3, %3, [rel PD_DESCALE_P %+ %13]
-    vpaddd      %4, %4, [rel PD_DESCALE_P %+ %13]
-    vpsrad      %3, %3, DESCALE_P %+ %13
-    vpsrad      %4, %4, DESCALE_P %+ %13
-    vpackssdw   %4, %3, %4              ; %4=data7_6
-
-    vpaddd      %7, %11, %5             ; %7=tmp13_12L+tmp0_1L=data3_2L
-    vpaddd      %8, %12, %6             ; %8=tmp13_12H+tmp0_1H=data3_2H
-    vpaddd      %7, %7, [rel PD_DESCALE_P %+ %13]
-    vpaddd      %8, %8, [rel PD_DESCALE_P %+ %13]
-    vpsrad      %7, %7, DESCALE_P %+ %13
-    vpsrad      %8, %8, DESCALE_P %+ %13
-    vpackssdw   %2, %7, %8              ; %2=data3_2
-
-    vpsubd      %7, %11, %5             ; %7=tmp13_12L-tmp0_1L=data4_5L
-    vpsubd      %8, %12, %6             ; %8=tmp13_12H-tmp0_1H=data4_5H
-    vpaddd      %7, %7, [rel PD_DESCALE_P %+ %13]
-    vpaddd      %8, %8, [rel PD_DESCALE_P %+ %13]
-    vpsrad      %7, %7, DESCALE_P %+ %13
-    vpsrad      %8, %8, DESCALE_P %+ %13
-    vpackssdw   %3, %7, %8              ; %3=data4_5
-%endmacro
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_idct_islow_avx2)
-
-EXTN(jconst_idct_islow_avx2):
-
-PW_F130_F054_MF130_F054    times 4  dw  (F_0_541 + F_0_765),  F_0_541
-                           times 4  dw  (F_0_541 - F_1_847),  F_0_541
-PW_MF078_F117_F078_F117    times 4  dw  (F_1_175 - F_1_961),  F_1_175
-                           times 4  dw  (F_1_175 - F_0_390),  F_1_175
-PW_MF060_MF089_MF050_MF256 times 4  dw  (F_0_298 - F_0_899), -F_0_899
-                           times 4  dw  (F_2_053 - F_2_562), -F_2_562
-PW_MF089_F060_MF256_F050   times 4  dw -F_0_899, (F_1_501 - F_0_899)
-                           times 4  dw -F_2_562, (F_3_072 - F_2_562)
-PD_DESCALE_P1              times 8  dd  1 << (DESCALE_P1 - 1)
-PD_DESCALE_P2              times 8  dd  1 << (DESCALE_P2 - 1)
-PB_CENTERJSAMP             times 32 db  CENTERJSAMPLE
-PW_1_NEG1                  times 8  dw  1
-                           times 8  dw -1
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-;
-; Perform dequantization and inverse DCT on one block of coefficients.
-;
-; GLOBAL(void)
-; jsimd_idct_islow_avx2(void *dct_table, JCOEFPTR coef_block,
-;                       JSAMPARRAY output_buf, JDIMENSION output_col)
-;
-
-; r10 = jpeg_component_info *compptr
-; r11 = JCOEFPTR coef_block
-; r12 = JSAMPARRAY output_buf
-; r13d = JDIMENSION output_col
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_idct_islow_avx2)
-
-EXTN(jsimd_idct_islow_avx2):
-    push        rbp
-    mov         rax, rsp                     ; rax = original rbp
-    mov         rbp, rsp                     ; rbp = aligned rbp
-    push_xmm    4
-    collect_args 4
-
-    ; ---- Pass 1: process columns.
-
-%ifndef NO_ZERO_COLUMN_TEST_ISLOW_AVX2
-    mov         eax, dword [DWBLOCK(1,0,r11,SIZEOF_JCOEF)]
-    or          eax, dword [DWBLOCK(2,0,r11,SIZEOF_JCOEF)]
-    jnz         near .columnDCT
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(1,0,r11,SIZEOF_JCOEF)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(2,0,r11,SIZEOF_JCOEF)]
-    vpor        xmm0, xmm0, XMMWORD [XMMBLOCK(3,0,r11,SIZEOF_JCOEF)]
-    vpor        xmm1, xmm1, XMMWORD [XMMBLOCK(4,0,r11,SIZEOF_JCOEF)]
-    vpor        xmm0, xmm0, XMMWORD [XMMBLOCK(5,0,r11,SIZEOF_JCOEF)]
-    vpor        xmm1, xmm1, XMMWORD [XMMBLOCK(6,0,r11,SIZEOF_JCOEF)]
-    vpor        xmm0, xmm0, XMMWORD [XMMBLOCK(7,0,r11,SIZEOF_JCOEF)]
-    vpor        xmm1, xmm1, xmm0
-    vpacksswb   xmm1, xmm1, xmm1
-    vpacksswb   xmm1, xmm1, xmm1
-    movd        eax, xmm1
-    test        rax, rax
-    jnz         short .columnDCT
-
-    ; -- AC terms all zero
-
-    movdqa      xmm5, XMMWORD [XMMBLOCK(0,0,r11,SIZEOF_JCOEF)]
-    vpmullw     xmm5, xmm5, XMMWORD [XMMBLOCK(0,0,r10,SIZEOF_ISLOW_MULT_TYPE)]
-
-    vpsllw      xmm5, xmm5, PASS1_BITS
-
-    vpunpcklwd  xmm4, xmm5, xmm5        ; xmm4=(00 00 01 01 02 02 03 03)
-    vpunpckhwd  xmm5, xmm5, xmm5        ; xmm5=(04 04 05 05 06 06 07 07)
-    vinserti128 ymm4, ymm4, xmm5, 1
-
-    vpshufd     ymm0, ymm4, 0x00        ; ymm0=col0_4=(00 00 00 00 00 00 00 00  04 04 04 04 04 04 04 04)
-    vpshufd     ymm1, ymm4, 0x55        ; ymm1=col1_5=(01 01 01 01 01 01 01 01  05 05 05 05 05 05 05 05)
-    vpshufd     ymm2, ymm4, 0xAA        ; ymm2=col2_6=(02 02 02 02 02 02 02 02  06 06 06 06 06 06 06 06)
-    vpshufd     ymm3, ymm4, 0xFF        ; ymm3=col3_7=(03 03 03 03 03 03 03 03  07 07 07 07 07 07 07 07)
-
-    jmp         near .column_end
-%endif
-.columnDCT:
-
-    vmovdqu     ymm4, YMMWORD [YMMBLOCK(0,0,r11,SIZEOF_JCOEF)]  ; ymm4=in0_1
-    vmovdqu     ymm5, YMMWORD [YMMBLOCK(2,0,r11,SIZEOF_JCOEF)]  ; ymm5=in2_3
-    vmovdqu     ymm6, YMMWORD [YMMBLOCK(4,0,r11,SIZEOF_JCOEF)]  ; ymm6=in4_5
-    vmovdqu     ymm7, YMMWORD [YMMBLOCK(6,0,r11,SIZEOF_JCOEF)]  ; ymm7=in6_7
-    vpmullw     ymm4, ymm4, YMMWORD [YMMBLOCK(0,0,r10,SIZEOF_ISLOW_MULT_TYPE)]
-    vpmullw     ymm5, ymm5, YMMWORD [YMMBLOCK(2,0,r10,SIZEOF_ISLOW_MULT_TYPE)]
-    vpmullw     ymm6, ymm6, YMMWORD [YMMBLOCK(4,0,r10,SIZEOF_ISLOW_MULT_TYPE)]
-    vpmullw     ymm7, ymm7, YMMWORD [YMMBLOCK(6,0,r10,SIZEOF_ISLOW_MULT_TYPE)]
-
-    vperm2i128  ymm0, ymm4, ymm6, 0x20  ; ymm0=in0_4
-    vperm2i128  ymm1, ymm5, ymm4, 0x31  ; ymm1=in3_1
-    vperm2i128  ymm2, ymm5, ymm7, 0x20  ; ymm2=in2_6
-    vperm2i128  ymm3, ymm7, ymm6, 0x31  ; ymm3=in7_5
-
-    dodct ymm0, ymm1, ymm2, ymm3, ymm4, ymm5, ymm6, ymm7, ymm8, ymm9, ymm10, ymm11, 1
-    ; ymm0=data0_1, ymm1=data3_2, ymm2=data4_5, ymm3=data7_6
-
-    dotranspose ymm0, ymm1, ymm2, ymm3, ymm4, ymm5, ymm6, ymm7
-    ; ymm0=data0_4, ymm1=data1_5, ymm2=data2_6, ymm3=data3_7
-
-.column_end:
-
-    ; -- Prefetch the next coefficient block
-
-    prefetchnta [r11 + DCTSIZE2*SIZEOF_JCOEF + 0*32]
-    prefetchnta [r11 + DCTSIZE2*SIZEOF_JCOEF + 1*32]
-    prefetchnta [r11 + DCTSIZE2*SIZEOF_JCOEF + 2*32]
-    prefetchnta [r11 + DCTSIZE2*SIZEOF_JCOEF + 3*32]
-
-    ; ---- Pass 2: process rows.
-
-    vperm2i128  ymm4, ymm3, ymm1, 0x31  ; ymm3=in7_5
-    vperm2i128  ymm1, ymm3, ymm1, 0x20  ; ymm1=in3_1
-
-    dodct ymm0, ymm1, ymm2, ymm4, ymm3, ymm5, ymm6, ymm7, ymm8, ymm9, ymm10, ymm11, 2
-    ; ymm0=data0_1, ymm1=data3_2, ymm2=data4_5, ymm4=data7_6
-
-    dotranspose ymm0, ymm1, ymm2, ymm4, ymm3, ymm5, ymm6, ymm7
-    ; ymm0=data0_4, ymm1=data1_5, ymm2=data2_6, ymm4=data3_7
-
-    vpacksswb   ymm0, ymm0, ymm1        ; ymm0=data01_45
-    vpacksswb   ymm1, ymm2, ymm4        ; ymm1=data23_67
-    vpaddb      ymm0, ymm0, [rel PB_CENTERJSAMP]
-    vpaddb      ymm1, ymm1, [rel PB_CENTERJSAMP]
-
-    vextracti128 xmm6, ymm1, 1          ; xmm3=data67
-    vextracti128 xmm4, ymm0, 1          ; xmm2=data45
-    vextracti128 xmm2, ymm1, 0          ; xmm1=data23
-    vextracti128 xmm0, ymm0, 0          ; xmm0=data01
-
-    vpshufd     xmm1, xmm0, 0x4E  ; xmm1=(10 11 12 13 14 15 16 17 00 01 02 03 04 05 06 07)
-    vpshufd     xmm3, xmm2, 0x4E  ; xmm3=(30 31 32 33 34 35 36 37 20 21 22 23 24 25 26 27)
-    vpshufd     xmm5, xmm4, 0x4E  ; xmm5=(50 51 52 53 54 55 56 57 40 41 42 43 44 45 46 47)
-    vpshufd     xmm7, xmm6, 0x4E  ; xmm7=(70 71 72 73 74 75 76 77 60 61 62 63 64 65 66 67)
-
-    vzeroupper
-
-    mov         eax, r13d
-
-    mov         rdxp, JSAMPROW [r12+0*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         rsip, JSAMPROW [r12+1*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    movq        XMM_MMWORD [rdx+rax*SIZEOF_JSAMPLE], xmm0
-    movq        XMM_MMWORD [rsi+rax*SIZEOF_JSAMPLE], xmm1
-
-    mov         rdxp, JSAMPROW [r12+2*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         rsip, JSAMPROW [r12+3*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    movq        XMM_MMWORD [rdx+rax*SIZEOF_JSAMPLE], xmm2
-    movq        XMM_MMWORD [rsi+rax*SIZEOF_JSAMPLE], xmm3
-
-    mov         rdxp, JSAMPROW [r12+4*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         rsip, JSAMPROW [r12+5*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    movq        XMM_MMWORD [rdx+rax*SIZEOF_JSAMPLE], xmm4
-    movq        XMM_MMWORD [rsi+rax*SIZEOF_JSAMPLE], xmm5
-
-    mov         rdxp, JSAMPROW [r12+6*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         rsip, JSAMPROW [r12+7*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    movq        XMM_MMWORD [rdx+rax*SIZEOF_JSAMPLE], xmm6
-    movq        XMM_MMWORD [rsi+rax*SIZEOF_JSAMPLE], xmm7
-
-    uncollect_args 4
-    pop_xmm     4
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jidctint-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jidctint-sse2.asm
deleted file mode 100644
index 7aa869b..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jidctint-sse2.asm
+++ /dev/null
@@ -1,847 +0,0 @@
-;
-; jidctint.asm - accurate integer IDCT (64-bit SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, 2020, D. R. Commander.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains a slower but more accurate integer implementation of the
-; inverse DCT (Discrete Cosine Transform). The following code is based
-; directly on the IJG's original jidctint.c; see the jidctint.c for
-; more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%define CONST_BITS  13
-%define PASS1_BITS  2
-
-%define DESCALE_P1  (CONST_BITS - PASS1_BITS)
-%define DESCALE_P2  (CONST_BITS + PASS1_BITS + 3)
-
-%if CONST_BITS == 13
-F_0_298 equ  2446  ; FIX(0.298631336)
-F_0_390 equ  3196  ; FIX(0.390180644)
-F_0_541 equ  4433  ; FIX(0.541196100)
-F_0_765 equ  6270  ; FIX(0.765366865)
-F_0_899 equ  7373  ; FIX(0.899976223)
-F_1_175 equ  9633  ; FIX(1.175875602)
-F_1_501 equ 12299  ; FIX(1.501321110)
-F_1_847 equ 15137  ; FIX(1.847759065)
-F_1_961 equ 16069  ; FIX(1.961570560)
-F_2_053 equ 16819  ; FIX(2.053119869)
-F_2_562 equ 20995  ; FIX(2.562915447)
-F_3_072 equ 25172  ; FIX(3.072711026)
-%else
-; NASM cannot do compile-time arithmetic on floating-point constants.
-%define DESCALE(x, n)  (((x) + (1 << ((n) - 1))) >> (n))
-F_0_298 equ DESCALE( 320652955, 30 - CONST_BITS)  ; FIX(0.298631336)
-F_0_390 equ DESCALE( 418953276, 30 - CONST_BITS)  ; FIX(0.390180644)
-F_0_541 equ DESCALE( 581104887, 30 - CONST_BITS)  ; FIX(0.541196100)
-F_0_765 equ DESCALE( 821806413, 30 - CONST_BITS)  ; FIX(0.765366865)
-F_0_899 equ DESCALE( 966342111, 30 - CONST_BITS)  ; FIX(0.899976223)
-F_1_175 equ DESCALE(1262586813, 30 - CONST_BITS)  ; FIX(1.175875602)
-F_1_501 equ DESCALE(1612031267, 30 - CONST_BITS)  ; FIX(1.501321110)
-F_1_847 equ DESCALE(1984016188, 30 - CONST_BITS)  ; FIX(1.847759065)
-F_1_961 equ DESCALE(2106220350, 30 - CONST_BITS)  ; FIX(1.961570560)
-F_2_053 equ DESCALE(2204520673, 30 - CONST_BITS)  ; FIX(2.053119869)
-F_2_562 equ DESCALE(2751909506, 30 - CONST_BITS)  ; FIX(2.562915447)
-F_3_072 equ DESCALE(3299298341, 30 - CONST_BITS)  ; FIX(3.072711026)
-%endif
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_idct_islow_sse2)
-
-EXTN(jconst_idct_islow_sse2):
-
-PW_F130_F054   times 4  dw  (F_0_541 + F_0_765),  F_0_541
-PW_F054_MF130  times 4  dw  F_0_541, (F_0_541 - F_1_847)
-PW_MF078_F117  times 4  dw  (F_1_175 - F_1_961),  F_1_175
-PW_F117_F078   times 4  dw  F_1_175, (F_1_175 - F_0_390)
-PW_MF060_MF089 times 4  dw  (F_0_298 - F_0_899), -F_0_899
-PW_MF089_F060  times 4  dw -F_0_899, (F_1_501 - F_0_899)
-PW_MF050_MF256 times 4  dw  (F_2_053 - F_2_562), -F_2_562
-PW_MF256_F050  times 4  dw -F_2_562, (F_3_072 - F_2_562)
-PD_DESCALE_P1  times 4  dd  1 << (DESCALE_P1 - 1)
-PD_DESCALE_P2  times 4  dd  1 << (DESCALE_P2 - 1)
-PB_CENTERJSAMP times 16 db  CENTERJSAMPLE
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-;
-; Perform dequantization and inverse DCT on one block of coefficients.
-;
-; GLOBAL(void)
-; jsimd_idct_islow_sse2(void *dct_table, JCOEFPTR coef_block,
-;                       JSAMPARRAY output_buf, JDIMENSION output_col)
-;
-
-; r10 = jpeg_component_info *compptr
-; r11 = JCOEFPTR coef_block
-; r12 = JSAMPARRAY output_buf
-; r13d = JDIMENSION output_col
-
-%define original_rbp  rbp + 0
-%define wk(i)         rbp - (WK_NUM - (i)) * SIZEOF_XMMWORD
-                                        ; xmmword wk[WK_NUM]
-%define WK_NUM        12
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_idct_islow_sse2)
-
-EXTN(jsimd_idct_islow_sse2):
-    push        rbp
-    mov         rax, rsp                     ; rax = original rbp
-    sub         rsp, byte 4
-    and         rsp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [rsp], rax
-    mov         rbp, rsp                     ; rbp = aligned rbp
-    lea         rsp, [wk(0)]
-    collect_args 4
-
-    ; ---- Pass 1: process columns from input.
-
-    mov         rdx, r10                ; quantptr
-    mov         rsi, r11                ; inptr
-
-%ifndef NO_ZERO_COLUMN_TEST_ISLOW_SSE2
-    mov         eax, dword [DWBLOCK(1,0,rsi,SIZEOF_JCOEF)]
-    or          eax, dword [DWBLOCK(2,0,rsi,SIZEOF_JCOEF)]
-    jnz         near .columnDCT
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(1,0,rsi,SIZEOF_JCOEF)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(2,0,rsi,SIZEOF_JCOEF)]
-    por         xmm0, XMMWORD [XMMBLOCK(3,0,rsi,SIZEOF_JCOEF)]
-    por         xmm1, XMMWORD [XMMBLOCK(4,0,rsi,SIZEOF_JCOEF)]
-    por         xmm0, XMMWORD [XMMBLOCK(5,0,rsi,SIZEOF_JCOEF)]
-    por         xmm1, XMMWORD [XMMBLOCK(6,0,rsi,SIZEOF_JCOEF)]
-    por         xmm0, XMMWORD [XMMBLOCK(7,0,rsi,SIZEOF_JCOEF)]
-    por         xmm1, xmm0
-    packsswb    xmm1, xmm1
-    packsswb    xmm1, xmm1
-    movd        eax, xmm1
-    test        rax, rax
-    jnz         short .columnDCT
-
-    ; -- AC terms all zero
-
-    movdqa      xmm5, XMMWORD [XMMBLOCK(0,0,rsi,SIZEOF_JCOEF)]
-    pmullw      xmm5, XMMWORD [XMMBLOCK(0,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    psllw       xmm5, PASS1_BITS
-
-    movdqa      xmm4, xmm5              ; xmm5=in0=(00 01 02 03 04 05 06 07)
-    punpcklwd   xmm5, xmm5              ; xmm5=(00 00 01 01 02 02 03 03)
-    punpckhwd   xmm4, xmm4              ; xmm4=(04 04 05 05 06 06 07 07)
-
-    pshufd      xmm7, xmm5, 0x00        ; xmm7=col0=(00 00 00 00 00 00 00 00)
-    pshufd      xmm6, xmm5, 0x55        ; xmm6=col1=(01 01 01 01 01 01 01 01)
-    pshufd      xmm1, xmm5, 0xAA        ; xmm1=col2=(02 02 02 02 02 02 02 02)
-    pshufd      xmm5, xmm5, 0xFF        ; xmm5=col3=(03 03 03 03 03 03 03 03)
-    pshufd      xmm0, xmm4, 0x00        ; xmm0=col4=(04 04 04 04 04 04 04 04)
-    pshufd      xmm3, xmm4, 0x55        ; xmm3=col5=(05 05 05 05 05 05 05 05)
-    pshufd      xmm2, xmm4, 0xAA        ; xmm2=col6=(06 06 06 06 06 06 06 06)
-    pshufd      xmm4, xmm4, 0xFF        ; xmm4=col7=(07 07 07 07 07 07 07 07)
-
-    movdqa      XMMWORD [wk(8)], xmm6   ; wk(8)=col1
-    movdqa      XMMWORD [wk(9)], xmm5   ; wk(9)=col3
-    movdqa      XMMWORD [wk(10)], xmm3  ; wk(10)=col5
-    movdqa      XMMWORD [wk(11)], xmm4  ; wk(11)=col7
-    jmp         near .column_end
-%endif
-.columnDCT:
-
-    ; -- Even part
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(0,0,rsi,SIZEOF_JCOEF)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(2,0,rsi,SIZEOF_JCOEF)]
-    pmullw      xmm0, XMMWORD [XMMBLOCK(0,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      xmm1, XMMWORD [XMMBLOCK(2,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-    movdqa      xmm2, XMMWORD [XMMBLOCK(4,0,rsi,SIZEOF_JCOEF)]
-    movdqa      xmm3, XMMWORD [XMMBLOCK(6,0,rsi,SIZEOF_JCOEF)]
-    pmullw      xmm2, XMMWORD [XMMBLOCK(4,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      xmm3, XMMWORD [XMMBLOCK(6,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    ; (Original)
-    ; z1 = (z2 + z3) * 0.541196100;
-    ; tmp2 = z1 + z3 * -1.847759065;
-    ; tmp3 = z1 + z2 * 0.765366865;
-    ;
-    ; (This implementation)
-    ; tmp2 = z2 * 0.541196100 + z3 * (0.541196100 - 1.847759065);
-    ; tmp3 = z2 * (0.541196100 + 0.765366865) + z3 * 0.541196100;
-
-    movdqa      xmm4, xmm1              ; xmm1=in2=z2
-    movdqa      xmm5, xmm1
-    punpcklwd   xmm4, xmm3              ; xmm3=in6=z3
-    punpckhwd   xmm5, xmm3
-    movdqa      xmm1, xmm4
-    movdqa      xmm3, xmm5
-    pmaddwd     xmm4, [rel PW_F130_F054]   ; xmm4=tmp3L
-    pmaddwd     xmm5, [rel PW_F130_F054]   ; xmm5=tmp3H
-    pmaddwd     xmm1, [rel PW_F054_MF130]  ; xmm1=tmp2L
-    pmaddwd     xmm3, [rel PW_F054_MF130]  ; xmm3=tmp2H
-
-    movdqa      xmm6, xmm0
-    paddw       xmm0, xmm2              ; xmm0=in0+in4
-    psubw       xmm6, xmm2              ; xmm6=in0-in4
-
-    pxor        xmm7, xmm7
-    pxor        xmm2, xmm2
-    punpcklwd   xmm7, xmm0              ; xmm7=tmp0L
-    punpckhwd   xmm2, xmm0              ; xmm2=tmp0H
-    psrad       xmm7, (16-CONST_BITS)   ; psrad xmm7,16 & pslld xmm7,CONST_BITS
-    psrad       xmm2, (16-CONST_BITS)   ; psrad xmm2,16 & pslld xmm2,CONST_BITS
-
-    movdqa      xmm0, xmm7
-    paddd       xmm7, xmm4              ; xmm7=tmp10L
-    psubd       xmm0, xmm4              ; xmm0=tmp13L
-    movdqa      xmm4, xmm2
-    paddd       xmm2, xmm5              ; xmm2=tmp10H
-    psubd       xmm4, xmm5              ; xmm4=tmp13H
-
-    movdqa      XMMWORD [wk(0)], xmm7   ; wk(0)=tmp10L
-    movdqa      XMMWORD [wk(1)], xmm2   ; wk(1)=tmp10H
-    movdqa      XMMWORD [wk(2)], xmm0   ; wk(2)=tmp13L
-    movdqa      XMMWORD [wk(3)], xmm4   ; wk(3)=tmp13H
-
-    pxor        xmm5, xmm5
-    pxor        xmm7, xmm7
-    punpcklwd   xmm5, xmm6              ; xmm5=tmp1L
-    punpckhwd   xmm7, xmm6              ; xmm7=tmp1H
-    psrad       xmm5, (16-CONST_BITS)   ; psrad xmm5,16 & pslld xmm5,CONST_BITS
-    psrad       xmm7, (16-CONST_BITS)   ; psrad xmm7,16 & pslld xmm7,CONST_BITS
-
-    movdqa      xmm2, xmm5
-    paddd       xmm5, xmm1              ; xmm5=tmp11L
-    psubd       xmm2, xmm1              ; xmm2=tmp12L
-    movdqa      xmm0, xmm7
-    paddd       xmm7, xmm3              ; xmm7=tmp11H
-    psubd       xmm0, xmm3              ; xmm0=tmp12H
-
-    movdqa      XMMWORD [wk(4)], xmm5   ; wk(4)=tmp11L
-    movdqa      XMMWORD [wk(5)], xmm7   ; wk(5)=tmp11H
-    movdqa      XMMWORD [wk(6)], xmm2   ; wk(6)=tmp12L
-    movdqa      XMMWORD [wk(7)], xmm0   ; wk(7)=tmp12H
-
-    ; -- Odd part
-
-    movdqa      xmm4, XMMWORD [XMMBLOCK(1,0,rsi,SIZEOF_JCOEF)]
-    movdqa      xmm6, XMMWORD [XMMBLOCK(3,0,rsi,SIZEOF_JCOEF)]
-    pmullw      xmm4, XMMWORD [XMMBLOCK(1,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      xmm6, XMMWORD [XMMBLOCK(3,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(5,0,rsi,SIZEOF_JCOEF)]
-    movdqa      xmm3, XMMWORD [XMMBLOCK(7,0,rsi,SIZEOF_JCOEF)]
-    pmullw      xmm1, XMMWORD [XMMBLOCK(5,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      xmm3, XMMWORD [XMMBLOCK(7,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    movdqa      xmm5, xmm6
-    movdqa      xmm7, xmm4
-    paddw       xmm5, xmm3              ; xmm5=z3
-    paddw       xmm7, xmm1              ; xmm7=z4
-
-    ; (Original)
-    ; z5 = (z3 + z4) * 1.175875602;
-    ; z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644;
-    ; z3 += z5;  z4 += z5;
-    ;
-    ; (This implementation)
-    ; z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602;
-    ; z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644);
-
-    movdqa      xmm2, xmm5
-    movdqa      xmm0, xmm5
-    punpcklwd   xmm2, xmm7
-    punpckhwd   xmm0, xmm7
-    movdqa      xmm5, xmm2
-    movdqa      xmm7, xmm0
-    pmaddwd     xmm2, [rel PW_MF078_F117]  ; xmm2=z3L
-    pmaddwd     xmm0, [rel PW_MF078_F117]  ; xmm0=z3H
-    pmaddwd     xmm5, [rel PW_F117_F078]   ; xmm5=z4L
-    pmaddwd     xmm7, [rel PW_F117_F078]   ; xmm7=z4H
-
-    movdqa      XMMWORD [wk(10)], xmm2  ; wk(10)=z3L
-    movdqa      XMMWORD [wk(11)], xmm0  ; wk(11)=z3H
-
-    ; (Original)
-    ; z1 = tmp0 + tmp3;  z2 = tmp1 + tmp2;
-    ; tmp0 = tmp0 * 0.298631336;  tmp1 = tmp1 * 2.053119869;
-    ; tmp2 = tmp2 * 3.072711026;  tmp3 = tmp3 * 1.501321110;
-    ; z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447;
-    ; tmp0 += z1 + z3;  tmp1 += z2 + z4;
-    ; tmp2 += z2 + z3;  tmp3 += z1 + z4;
-    ;
-    ; (This implementation)
-    ; tmp0 = tmp0 * (0.298631336 - 0.899976223) + tmp3 * -0.899976223;
-    ; tmp1 = tmp1 * (2.053119869 - 2.562915447) + tmp2 * -2.562915447;
-    ; tmp2 = tmp1 * -2.562915447 + tmp2 * (3.072711026 - 2.562915447);
-    ; tmp3 = tmp0 * -0.899976223 + tmp3 * (1.501321110 - 0.899976223);
-    ; tmp0 += z3;  tmp1 += z4;
-    ; tmp2 += z3;  tmp3 += z4;
-
-    movdqa      xmm2, xmm3
-    movdqa      xmm0, xmm3
-    punpcklwd   xmm2, xmm4
-    punpckhwd   xmm0, xmm4
-    movdqa      xmm3, xmm2
-    movdqa      xmm4, xmm0
-    pmaddwd     xmm2, [rel PW_MF060_MF089]  ; xmm2=tmp0L
-    pmaddwd     xmm0, [rel PW_MF060_MF089]  ; xmm0=tmp0H
-    pmaddwd     xmm3, [rel PW_MF089_F060]   ; xmm3=tmp3L
-    pmaddwd     xmm4, [rel PW_MF089_F060]   ; xmm4=tmp3H
-
-    paddd       xmm2, XMMWORD [wk(10)]  ; xmm2=tmp0L
-    paddd       xmm0, XMMWORD [wk(11)]  ; xmm0=tmp0H
-    paddd       xmm3, xmm5              ; xmm3=tmp3L
-    paddd       xmm4, xmm7              ; xmm4=tmp3H
-
-    movdqa      XMMWORD [wk(8)], xmm2   ; wk(8)=tmp0L
-    movdqa      XMMWORD [wk(9)], xmm0   ; wk(9)=tmp0H
-
-    movdqa      xmm2, xmm1
-    movdqa      xmm0, xmm1
-    punpcklwd   xmm2, xmm6
-    punpckhwd   xmm0, xmm6
-    movdqa      xmm1, xmm2
-    movdqa      xmm6, xmm0
-    pmaddwd     xmm2, [rel PW_MF050_MF256]  ; xmm2=tmp1L
-    pmaddwd     xmm0, [rel PW_MF050_MF256]  ; xmm0=tmp1H
-    pmaddwd     xmm1, [rel PW_MF256_F050]   ; xmm1=tmp2L
-    pmaddwd     xmm6, [rel PW_MF256_F050]   ; xmm6=tmp2H
-
-    paddd       xmm2, xmm5              ; xmm2=tmp1L
-    paddd       xmm0, xmm7              ; xmm0=tmp1H
-    paddd       xmm1, XMMWORD [wk(10)]  ; xmm1=tmp2L
-    paddd       xmm6, XMMWORD [wk(11)]  ; xmm6=tmp2H
-
-    movdqa      XMMWORD [wk(10)], xmm2  ; wk(10)=tmp1L
-    movdqa      XMMWORD [wk(11)], xmm0  ; wk(11)=tmp1H
-
-    ; -- Final output stage
-
-    movdqa      xmm5, XMMWORD [wk(0)]   ; xmm5=tmp10L
-    movdqa      xmm7, XMMWORD [wk(1)]   ; xmm7=tmp10H
-
-    movdqa      xmm2, xmm5
-    movdqa      xmm0, xmm7
-    paddd       xmm5, xmm3              ; xmm5=data0L
-    paddd       xmm7, xmm4              ; xmm7=data0H
-    psubd       xmm2, xmm3              ; xmm2=data7L
-    psubd       xmm0, xmm4              ; xmm0=data7H
-
-    movdqa      xmm3, [rel PD_DESCALE_P1]  ; xmm3=[rel PD_DESCALE_P1]
-
-    paddd       xmm5, xmm3
-    paddd       xmm7, xmm3
-    psrad       xmm5, DESCALE_P1
-    psrad       xmm7, DESCALE_P1
-    paddd       xmm2, xmm3
-    paddd       xmm0, xmm3
-    psrad       xmm2, DESCALE_P1
-    psrad       xmm0, DESCALE_P1
-
-    packssdw    xmm5, xmm7              ; xmm5=data0=(00 01 02 03 04 05 06 07)
-    packssdw    xmm2, xmm0              ; xmm2=data7=(70 71 72 73 74 75 76 77)
-
-    movdqa      xmm4, XMMWORD [wk(4)]   ; xmm4=tmp11L
-    movdqa      xmm3, XMMWORD [wk(5)]   ; xmm3=tmp11H
-
-    movdqa      xmm7, xmm4
-    movdqa      xmm0, xmm3
-    paddd       xmm4, xmm1              ; xmm4=data1L
-    paddd       xmm3, xmm6              ; xmm3=data1H
-    psubd       xmm7, xmm1              ; xmm7=data6L
-    psubd       xmm0, xmm6              ; xmm0=data6H
-
-    movdqa      xmm1, [rel PD_DESCALE_P1]  ; xmm1=[rel PD_DESCALE_P1]
-
-    paddd       xmm4, xmm1
-    paddd       xmm3, xmm1
-    psrad       xmm4, DESCALE_P1
-    psrad       xmm3, DESCALE_P1
-    paddd       xmm7, xmm1
-    paddd       xmm0, xmm1
-    psrad       xmm7, DESCALE_P1
-    psrad       xmm0, DESCALE_P1
-
-    packssdw    xmm4, xmm3              ; xmm4=data1=(10 11 12 13 14 15 16 17)
-    packssdw    xmm7, xmm0              ; xmm7=data6=(60 61 62 63 64 65 66 67)
-
-    movdqa      xmm6, xmm5              ; transpose coefficients(phase 1)
-    punpcklwd   xmm5, xmm4              ; xmm5=(00 10 01 11 02 12 03 13)
-    punpckhwd   xmm6, xmm4              ; xmm6=(04 14 05 15 06 16 07 17)
-    movdqa      xmm1, xmm7              ; transpose coefficients(phase 1)
-    punpcklwd   xmm7, xmm2              ; xmm7=(60 70 61 71 62 72 63 73)
-    punpckhwd   xmm1, xmm2              ; xmm1=(64 74 65 75 66 76 67 77)
-
-    movdqa      xmm3, XMMWORD [wk(6)]   ; xmm3=tmp12L
-    movdqa      xmm0, XMMWORD [wk(7)]   ; xmm0=tmp12H
-    movdqa      xmm4, XMMWORD [wk(10)]  ; xmm4=tmp1L
-    movdqa      xmm2, XMMWORD [wk(11)]  ; xmm2=tmp1H
-
-    movdqa      XMMWORD [wk(0)], xmm5   ; wk(0)=(00 10 01 11 02 12 03 13)
-    movdqa      XMMWORD [wk(1)], xmm6   ; wk(1)=(04 14 05 15 06 16 07 17)
-    movdqa      XMMWORD [wk(4)], xmm7   ; wk(4)=(60 70 61 71 62 72 63 73)
-    movdqa      XMMWORD [wk(5)], xmm1   ; wk(5)=(64 74 65 75 66 76 67 77)
-
-    movdqa      xmm5, xmm3
-    movdqa      xmm6, xmm0
-    paddd       xmm3, xmm4              ; xmm3=data2L
-    paddd       xmm0, xmm2              ; xmm0=data2H
-    psubd       xmm5, xmm4              ; xmm5=data5L
-    psubd       xmm6, xmm2              ; xmm6=data5H
-
-    movdqa      xmm7, [rel PD_DESCALE_P1]  ; xmm7=[rel PD_DESCALE_P1]
-
-    paddd       xmm3, xmm7
-    paddd       xmm0, xmm7
-    psrad       xmm3, DESCALE_P1
-    psrad       xmm0, DESCALE_P1
-    paddd       xmm5, xmm7
-    paddd       xmm6, xmm7
-    psrad       xmm5, DESCALE_P1
-    psrad       xmm6, DESCALE_P1
-
-    packssdw    xmm3, xmm0              ; xmm3=data2=(20 21 22 23 24 25 26 27)
-    packssdw    xmm5, xmm6              ; xmm5=data5=(50 51 52 53 54 55 56 57)
-
-    movdqa      xmm1, XMMWORD [wk(2)]   ; xmm1=tmp13L
-    movdqa      xmm4, XMMWORD [wk(3)]   ; xmm4=tmp13H
-    movdqa      xmm2, XMMWORD [wk(8)]   ; xmm2=tmp0L
-    movdqa      xmm7, XMMWORD [wk(9)]   ; xmm7=tmp0H
-
-    movdqa      xmm0, xmm1
-    movdqa      xmm6, xmm4
-    paddd       xmm1, xmm2              ; xmm1=data3L
-    paddd       xmm4, xmm7              ; xmm4=data3H
-    psubd       xmm0, xmm2              ; xmm0=data4L
-    psubd       xmm6, xmm7              ; xmm6=data4H
-
-    movdqa      xmm2, [rel PD_DESCALE_P1]  ; xmm2=[rel PD_DESCALE_P1]
-
-    paddd       xmm1, xmm2
-    paddd       xmm4, xmm2
-    psrad       xmm1, DESCALE_P1
-    psrad       xmm4, DESCALE_P1
-    paddd       xmm0, xmm2
-    paddd       xmm6, xmm2
-    psrad       xmm0, DESCALE_P1
-    psrad       xmm6, DESCALE_P1
-
-    packssdw    xmm1, xmm4              ; xmm1=data3=(30 31 32 33 34 35 36 37)
-    packssdw    xmm0, xmm6              ; xmm0=data4=(40 41 42 43 44 45 46 47)
-
-    movdqa      xmm7, XMMWORD [wk(0)]   ; xmm7=(00 10 01 11 02 12 03 13)
-    movdqa      xmm2, XMMWORD [wk(1)]   ; xmm2=(04 14 05 15 06 16 07 17)
-
-    movdqa      xmm4, xmm3              ; transpose coefficients(phase 1)
-    punpcklwd   xmm3, xmm1              ; xmm3=(20 30 21 31 22 32 23 33)
-    punpckhwd   xmm4, xmm1              ; xmm4=(24 34 25 35 26 36 27 37)
-    movdqa      xmm6, xmm0              ; transpose coefficients(phase 1)
-    punpcklwd   xmm0, xmm5              ; xmm0=(40 50 41 51 42 52 43 53)
-    punpckhwd   xmm6, xmm5              ; xmm6=(44 54 45 55 46 56 47 57)
-
-    movdqa      xmm1, xmm7              ; transpose coefficients(phase 2)
-    punpckldq   xmm7, xmm3              ; xmm7=(00 10 20 30 01 11 21 31)
-    punpckhdq   xmm1, xmm3              ; xmm1=(02 12 22 32 03 13 23 33)
-    movdqa      xmm5, xmm2              ; transpose coefficients(phase 2)
-    punpckldq   xmm2, xmm4              ; xmm2=(04 14 24 34 05 15 25 35)
-    punpckhdq   xmm5, xmm4              ; xmm5=(06 16 26 36 07 17 27 37)
-
-    movdqa      xmm3, XMMWORD [wk(4)]   ; xmm3=(60 70 61 71 62 72 63 73)
-    movdqa      xmm4, XMMWORD [wk(5)]   ; xmm4=(64 74 65 75 66 76 67 77)
-
-    movdqa      XMMWORD [wk(6)], xmm2   ; wk(6)=(04 14 24 34 05 15 25 35)
-    movdqa      XMMWORD [wk(7)], xmm5   ; wk(7)=(06 16 26 36 07 17 27 37)
-
-    movdqa      xmm2, xmm0              ; transpose coefficients(phase 2)
-    punpckldq   xmm0, xmm3              ; xmm0=(40 50 60 70 41 51 61 71)
-    punpckhdq   xmm2, xmm3              ; xmm2=(42 52 62 72 43 53 63 73)
-    movdqa      xmm5, xmm6              ; transpose coefficients(phase 2)
-    punpckldq   xmm6, xmm4              ; xmm6=(44 54 64 74 45 55 65 75)
-    punpckhdq   xmm5, xmm4              ; xmm5=(46 56 66 76 47 57 67 77)
-
-    movdqa      xmm3, xmm7              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm7, xmm0              ; xmm7=col0=(00 10 20 30 40 50 60 70)
-    punpckhqdq  xmm3, xmm0              ; xmm3=col1=(01 11 21 31 41 51 61 71)
-    movdqa      xmm4, xmm1              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm1, xmm2              ; xmm1=col2=(02 12 22 32 42 52 62 72)
-    punpckhqdq  xmm4, xmm2              ; xmm4=col3=(03 13 23 33 43 53 63 73)
-
-    movdqa      xmm0, XMMWORD [wk(6)]   ; xmm0=(04 14 24 34 05 15 25 35)
-    movdqa      xmm2, XMMWORD [wk(7)]   ; xmm2=(06 16 26 36 07 17 27 37)
-
-    movdqa      XMMWORD [wk(8)], xmm3   ; wk(8)=col1
-    movdqa      XMMWORD [wk(9)], xmm4   ; wk(9)=col3
-
-    movdqa      xmm3, xmm0              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm0, xmm6              ; xmm0=col4=(04 14 24 34 44 54 64 74)
-    punpckhqdq  xmm3, xmm6              ; xmm3=col5=(05 15 25 35 45 55 65 75)
-    movdqa      xmm4, xmm2              ; transpose coefficients(phase 3)
-    punpcklqdq  xmm2, xmm5              ; xmm2=col6=(06 16 26 36 46 56 66 76)
-    punpckhqdq  xmm4, xmm5              ; xmm4=col7=(07 17 27 37 47 57 67 77)
-
-    movdqa      XMMWORD [wk(10)], xmm3  ; wk(10)=col5
-    movdqa      XMMWORD [wk(11)], xmm4  ; wk(11)=col7
-.column_end:
-
-    ; -- Prefetch the next coefficient block
-
-    prefetchnta [rsi + DCTSIZE2*SIZEOF_JCOEF + 0*32]
-    prefetchnta [rsi + DCTSIZE2*SIZEOF_JCOEF + 1*32]
-    prefetchnta [rsi + DCTSIZE2*SIZEOF_JCOEF + 2*32]
-    prefetchnta [rsi + DCTSIZE2*SIZEOF_JCOEF + 3*32]
-
-    ; ---- Pass 2: process rows from work array, store into output array.
-
-    mov         rax, [original_rbp]
-    mov         rdi, r12                ; (JSAMPROW *)
-    mov         eax, r13d
-
-    ; -- Even part
-
-    ; xmm7=col0, xmm1=col2, xmm0=col4, xmm2=col6
-
-    ; (Original)
-    ; z1 = (z2 + z3) * 0.541196100;
-    ; tmp2 = z1 + z3 * -1.847759065;
-    ; tmp3 = z1 + z2 * 0.765366865;
-    ;
-    ; (This implementation)
-    ; tmp2 = z2 * 0.541196100 + z3 * (0.541196100 - 1.847759065);
-    ; tmp3 = z2 * (0.541196100 + 0.765366865) + z3 * 0.541196100;
-
-    movdqa      xmm6, xmm1              ; xmm1=in2=z2
-    movdqa      xmm5, xmm1
-    punpcklwd   xmm6, xmm2              ; xmm2=in6=z3
-    punpckhwd   xmm5, xmm2
-    movdqa      xmm1, xmm6
-    movdqa      xmm2, xmm5
-    pmaddwd     xmm6, [rel PW_F130_F054]   ; xmm6=tmp3L
-    pmaddwd     xmm5, [rel PW_F130_F054]   ; xmm5=tmp3H
-    pmaddwd     xmm1, [rel PW_F054_MF130]  ; xmm1=tmp2L
-    pmaddwd     xmm2, [rel PW_F054_MF130]  ; xmm2=tmp2H
-
-    movdqa      xmm3, xmm7
-    paddw       xmm7, xmm0              ; xmm7=in0+in4
-    psubw       xmm3, xmm0              ; xmm3=in0-in4
-
-    pxor        xmm4, xmm4
-    pxor        xmm0, xmm0
-    punpcklwd   xmm4, xmm7              ; xmm4=tmp0L
-    punpckhwd   xmm0, xmm7              ; xmm0=tmp0H
-    psrad       xmm4, (16-CONST_BITS)   ; psrad xmm4,16 & pslld xmm4,CONST_BITS
-    psrad       xmm0, (16-CONST_BITS)   ; psrad xmm0,16 & pslld xmm0,CONST_BITS
-
-    movdqa      xmm7, xmm4
-    paddd       xmm4, xmm6              ; xmm4=tmp10L
-    psubd       xmm7, xmm6              ; xmm7=tmp13L
-    movdqa      xmm6, xmm0
-    paddd       xmm0, xmm5              ; xmm0=tmp10H
-    psubd       xmm6, xmm5              ; xmm6=tmp13H
-
-    movdqa      XMMWORD [wk(0)], xmm4   ; wk(0)=tmp10L
-    movdqa      XMMWORD [wk(1)], xmm0   ; wk(1)=tmp10H
-    movdqa      XMMWORD [wk(2)], xmm7   ; wk(2)=tmp13L
-    movdqa      XMMWORD [wk(3)], xmm6   ; wk(3)=tmp13H
-
-    pxor        xmm5, xmm5
-    pxor        xmm4, xmm4
-    punpcklwd   xmm5, xmm3              ; xmm5=tmp1L
-    punpckhwd   xmm4, xmm3              ; xmm4=tmp1H
-    psrad       xmm5, (16-CONST_BITS)   ; psrad xmm5,16 & pslld xmm5,CONST_BITS
-    psrad       xmm4, (16-CONST_BITS)   ; psrad xmm4,16 & pslld xmm4,CONST_BITS
-
-    movdqa      xmm0, xmm5
-    paddd       xmm5, xmm1              ; xmm5=tmp11L
-    psubd       xmm0, xmm1              ; xmm0=tmp12L
-    movdqa      xmm7, xmm4
-    paddd       xmm4, xmm2              ; xmm4=tmp11H
-    psubd       xmm7, xmm2              ; xmm7=tmp12H
-
-    movdqa      XMMWORD [wk(4)], xmm5   ; wk(4)=tmp11L
-    movdqa      XMMWORD [wk(5)], xmm4   ; wk(5)=tmp11H
-    movdqa      XMMWORD [wk(6)], xmm0   ; wk(6)=tmp12L
-    movdqa      XMMWORD [wk(7)], xmm7   ; wk(7)=tmp12H
-
-    ; -- Odd part
-
-    movdqa      xmm6, XMMWORD [wk(9)]   ; xmm6=col3
-    movdqa      xmm3, XMMWORD [wk(8)]   ; xmm3=col1
-    movdqa      xmm1, XMMWORD [wk(11)]  ; xmm1=col7
-    movdqa      xmm2, XMMWORD [wk(10)]  ; xmm2=col5
-
-    movdqa      xmm5, xmm6
-    movdqa      xmm4, xmm3
-    paddw       xmm5, xmm1              ; xmm5=z3
-    paddw       xmm4, xmm2              ; xmm4=z4
-
-    ; (Original)
-    ; z5 = (z3 + z4) * 1.175875602;
-    ; z3 = z3 * -1.961570560;  z4 = z4 * -0.390180644;
-    ; z3 += z5;  z4 += z5;
-    ;
-    ; (This implementation)
-    ; z3 = z3 * (1.175875602 - 1.961570560) + z4 * 1.175875602;
-    ; z4 = z3 * 1.175875602 + z4 * (1.175875602 - 0.390180644);
-
-    movdqa      xmm0, xmm5
-    movdqa      xmm7, xmm5
-    punpcklwd   xmm0, xmm4
-    punpckhwd   xmm7, xmm4
-    movdqa      xmm5, xmm0
-    movdqa      xmm4, xmm7
-    pmaddwd     xmm0, [rel PW_MF078_F117]  ; xmm0=z3L
-    pmaddwd     xmm7, [rel PW_MF078_F117]  ; xmm7=z3H
-    pmaddwd     xmm5, [rel PW_F117_F078]   ; xmm5=z4L
-    pmaddwd     xmm4, [rel PW_F117_F078]   ; xmm4=z4H
-
-    movdqa      XMMWORD [wk(10)], xmm0  ; wk(10)=z3L
-    movdqa      XMMWORD [wk(11)], xmm7  ; wk(11)=z3H
-
-    ; (Original)
-    ; z1 = tmp0 + tmp3;  z2 = tmp1 + tmp2;
-    ; tmp0 = tmp0 * 0.298631336;  tmp1 = tmp1 * 2.053119869;
-    ; tmp2 = tmp2 * 3.072711026;  tmp3 = tmp3 * 1.501321110;
-    ; z1 = z1 * -0.899976223;  z2 = z2 * -2.562915447;
-    ; tmp0 += z1 + z3;  tmp1 += z2 + z4;
-    ; tmp2 += z2 + z3;  tmp3 += z1 + z4;
-    ;
-    ; (This implementation)
-    ; tmp0 = tmp0 * (0.298631336 - 0.899976223) + tmp3 * -0.899976223;
-    ; tmp1 = tmp1 * (2.053119869 - 2.562915447) + tmp2 * -2.562915447;
-    ; tmp2 = tmp1 * -2.562915447 + tmp2 * (3.072711026 - 2.562915447);
-    ; tmp3 = tmp0 * -0.899976223 + tmp3 * (1.501321110 - 0.899976223);
-    ; tmp0 += z3;  tmp1 += z4;
-    ; tmp2 += z3;  tmp3 += z4;
-
-    movdqa      xmm0, xmm1
-    movdqa      xmm7, xmm1
-    punpcklwd   xmm0, xmm3
-    punpckhwd   xmm7, xmm3
-    movdqa      xmm1, xmm0
-    movdqa      xmm3, xmm7
-    pmaddwd     xmm0, [rel PW_MF060_MF089]  ; xmm0=tmp0L
-    pmaddwd     xmm7, [rel PW_MF060_MF089]  ; xmm7=tmp0H
-    pmaddwd     xmm1, [rel PW_MF089_F060]   ; xmm1=tmp3L
-    pmaddwd     xmm3, [rel PW_MF089_F060]   ; xmm3=tmp3H
-
-    paddd       xmm0, XMMWORD [wk(10)]  ; xmm0=tmp0L
-    paddd       xmm7, XMMWORD [wk(11)]  ; xmm7=tmp0H
-    paddd       xmm1, xmm5              ; xmm1=tmp3L
-    paddd       xmm3, xmm4              ; xmm3=tmp3H
-
-    movdqa      XMMWORD [wk(8)], xmm0   ; wk(8)=tmp0L
-    movdqa      XMMWORD [wk(9)], xmm7   ; wk(9)=tmp0H
-
-    movdqa      xmm0, xmm2
-    movdqa      xmm7, xmm2
-    punpcklwd   xmm0, xmm6
-    punpckhwd   xmm7, xmm6
-    movdqa      xmm2, xmm0
-    movdqa      xmm6, xmm7
-    pmaddwd     xmm0, [rel PW_MF050_MF256]  ; xmm0=tmp1L
-    pmaddwd     xmm7, [rel PW_MF050_MF256]  ; xmm7=tmp1H
-    pmaddwd     xmm2, [rel PW_MF256_F050]   ; xmm2=tmp2L
-    pmaddwd     xmm6, [rel PW_MF256_F050]   ; xmm6=tmp2H
-
-    paddd       xmm0, xmm5              ; xmm0=tmp1L
-    paddd       xmm7, xmm4              ; xmm7=tmp1H
-    paddd       xmm2, XMMWORD [wk(10)]  ; xmm2=tmp2L
-    paddd       xmm6, XMMWORD [wk(11)]  ; xmm6=tmp2H
-
-    movdqa      XMMWORD [wk(10)], xmm0  ; wk(10)=tmp1L
-    movdqa      XMMWORD [wk(11)], xmm7  ; wk(11)=tmp1H
-
-    ; -- Final output stage
-
-    movdqa      xmm5, XMMWORD [wk(0)]   ; xmm5=tmp10L
-    movdqa      xmm4, XMMWORD [wk(1)]   ; xmm4=tmp10H
-
-    movdqa      xmm0, xmm5
-    movdqa      xmm7, xmm4
-    paddd       xmm5, xmm1              ; xmm5=data0L
-    paddd       xmm4, xmm3              ; xmm4=data0H
-    psubd       xmm0, xmm1              ; xmm0=data7L
-    psubd       xmm7, xmm3              ; xmm7=data7H
-
-    movdqa      xmm1, [rel PD_DESCALE_P2]  ; xmm1=[rel PD_DESCALE_P2]
-
-    paddd       xmm5, xmm1
-    paddd       xmm4, xmm1
-    psrad       xmm5, DESCALE_P2
-    psrad       xmm4, DESCALE_P2
-    paddd       xmm0, xmm1
-    paddd       xmm7, xmm1
-    psrad       xmm0, DESCALE_P2
-    psrad       xmm7, DESCALE_P2
-
-    packssdw    xmm5, xmm4              ; xmm5=data0=(00 10 20 30 40 50 60 70)
-    packssdw    xmm0, xmm7              ; xmm0=data7=(07 17 27 37 47 57 67 77)
-
-    movdqa      xmm3, XMMWORD [wk(4)]   ; xmm3=tmp11L
-    movdqa      xmm1, XMMWORD [wk(5)]   ; xmm1=tmp11H
-
-    movdqa      xmm4, xmm3
-    movdqa      xmm7, xmm1
-    paddd       xmm3, xmm2              ; xmm3=data1L
-    paddd       xmm1, xmm6              ; xmm1=data1H
-    psubd       xmm4, xmm2              ; xmm4=data6L
-    psubd       xmm7, xmm6              ; xmm7=data6H
-
-    movdqa      xmm2, [rel PD_DESCALE_P2]  ; xmm2=[rel PD_DESCALE_P2]
-
-    paddd       xmm3, xmm2
-    paddd       xmm1, xmm2
-    psrad       xmm3, DESCALE_P2
-    psrad       xmm1, DESCALE_P2
-    paddd       xmm4, xmm2
-    paddd       xmm7, xmm2
-    psrad       xmm4, DESCALE_P2
-    psrad       xmm7, DESCALE_P2
-
-    packssdw    xmm3, xmm1              ; xmm3=data1=(01 11 21 31 41 51 61 71)
-    packssdw    xmm4, xmm7              ; xmm4=data6=(06 16 26 36 46 56 66 76)
-
-    packsswb    xmm5, xmm4              ; xmm5=(00 10 20 30 40 50 60 70 06 16 26 36 46 56 66 76)
-    packsswb    xmm3, xmm0              ; xmm3=(01 11 21 31 41 51 61 71 07 17 27 37 47 57 67 77)
-
-    movdqa      xmm6, XMMWORD [wk(6)]   ; xmm6=tmp12L
-    movdqa      xmm2, XMMWORD [wk(7)]   ; xmm2=tmp12H
-    movdqa      xmm1, XMMWORD [wk(10)]  ; xmm1=tmp1L
-    movdqa      xmm7, XMMWORD [wk(11)]  ; xmm7=tmp1H
-
-    movdqa      XMMWORD [wk(0)], xmm5   ; wk(0)=(00 10 20 30 40 50 60 70 06 16 26 36 46 56 66 76)
-    movdqa      XMMWORD [wk(1)], xmm3   ; wk(1)=(01 11 21 31 41 51 61 71 07 17 27 37 47 57 67 77)
-
-    movdqa      xmm4, xmm6
-    movdqa      xmm0, xmm2
-    paddd       xmm6, xmm1              ; xmm6=data2L
-    paddd       xmm2, xmm7              ; xmm2=data2H
-    psubd       xmm4, xmm1              ; xmm4=data5L
-    psubd       xmm0, xmm7              ; xmm0=data5H
-
-    movdqa      xmm5, [rel PD_DESCALE_P2]  ; xmm5=[rel PD_DESCALE_P2]
-
-    paddd       xmm6, xmm5
-    paddd       xmm2, xmm5
-    psrad       xmm6, DESCALE_P2
-    psrad       xmm2, DESCALE_P2
-    paddd       xmm4, xmm5
-    paddd       xmm0, xmm5
-    psrad       xmm4, DESCALE_P2
-    psrad       xmm0, DESCALE_P2
-
-    packssdw    xmm6, xmm2              ; xmm6=data2=(02 12 22 32 42 52 62 72)
-    packssdw    xmm4, xmm0              ; xmm4=data5=(05 15 25 35 45 55 65 75)
-
-    movdqa      xmm3, XMMWORD [wk(2)]   ; xmm3=tmp13L
-    movdqa      xmm1, XMMWORD [wk(3)]   ; xmm1=tmp13H
-    movdqa      xmm7, XMMWORD [wk(8)]   ; xmm7=tmp0L
-    movdqa      xmm5, XMMWORD [wk(9)]   ; xmm5=tmp0H
-
-    movdqa      xmm2, xmm3
-    movdqa      xmm0, xmm1
-    paddd       xmm3, xmm7              ; xmm3=data3L
-    paddd       xmm1, xmm5              ; xmm1=data3H
-    psubd       xmm2, xmm7              ; xmm2=data4L
-    psubd       xmm0, xmm5              ; xmm0=data4H
-
-    movdqa      xmm7, [rel PD_DESCALE_P2]  ; xmm7=[rel PD_DESCALE_P2]
-
-    paddd       xmm3, xmm7
-    paddd       xmm1, xmm7
-    psrad       xmm3, DESCALE_P2
-    psrad       xmm1, DESCALE_P2
-    paddd       xmm2, xmm7
-    paddd       xmm0, xmm7
-    psrad       xmm2, DESCALE_P2
-    psrad       xmm0, DESCALE_P2
-
-    movdqa      xmm5, [rel PB_CENTERJSAMP]  ; xmm5=[rel PB_CENTERJSAMP]
-
-    packssdw    xmm3, xmm1             ; xmm3=data3=(03 13 23 33 43 53 63 73)
-    packssdw    xmm2, xmm0             ; xmm2=data4=(04 14 24 34 44 54 64 74)
-
-    movdqa      xmm7, XMMWORD [wk(0)]  ; xmm7=(00 10 20 30 40 50 60 70 06 16 26 36 46 56 66 76)
-    movdqa      xmm1, XMMWORD [wk(1)]  ; xmm1=(01 11 21 31 41 51 61 71 07 17 27 37 47 57 67 77)
-
-    packsswb    xmm6, xmm2             ; xmm6=(02 12 22 32 42 52 62 72 04 14 24 34 44 54 64 74)
-    packsswb    xmm3, xmm4             ; xmm3=(03 13 23 33 43 53 63 73 05 15 25 35 45 55 65 75)
-
-    paddb       xmm7, xmm5
-    paddb       xmm1, xmm5
-    paddb       xmm6, xmm5
-    paddb       xmm3, xmm5
-
-    movdqa      xmm0, xmm7        ; transpose coefficients(phase 1)
-    punpcklbw   xmm7, xmm1        ; xmm7=(00 01 10 11 20 21 30 31 40 41 50 51 60 61 70 71)
-    punpckhbw   xmm0, xmm1        ; xmm0=(06 07 16 17 26 27 36 37 46 47 56 57 66 67 76 77)
-    movdqa      xmm2, xmm6        ; transpose coefficients(phase 1)
-    punpcklbw   xmm6, xmm3        ; xmm6=(02 03 12 13 22 23 32 33 42 43 52 53 62 63 72 73)
-    punpckhbw   xmm2, xmm3        ; xmm2=(04 05 14 15 24 25 34 35 44 45 54 55 64 65 74 75)
-
-    movdqa      xmm4, xmm7        ; transpose coefficients(phase 2)
-    punpcklwd   xmm7, xmm6        ; xmm7=(00 01 02 03 10 11 12 13 20 21 22 23 30 31 32 33)
-    punpckhwd   xmm4, xmm6        ; xmm4=(40 41 42 43 50 51 52 53 60 61 62 63 70 71 72 73)
-    movdqa      xmm5, xmm2        ; transpose coefficients(phase 2)
-    punpcklwd   xmm2, xmm0        ; xmm2=(04 05 06 07 14 15 16 17 24 25 26 27 34 35 36 37)
-    punpckhwd   xmm5, xmm0        ; xmm5=(44 45 46 47 54 55 56 57 64 65 66 67 74 75 76 77)
-
-    movdqa      xmm1, xmm7        ; transpose coefficients(phase 3)
-    punpckldq   xmm7, xmm2        ; xmm7=(00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17)
-    punpckhdq   xmm1, xmm2        ; xmm1=(20 21 22 23 24 25 26 27 30 31 32 33 34 35 36 37)
-    movdqa      xmm3, xmm4        ; transpose coefficients(phase 3)
-    punpckldq   xmm4, xmm5        ; xmm4=(40 41 42 43 44 45 46 47 50 51 52 53 54 55 56 57)
-    punpckhdq   xmm3, xmm5        ; xmm3=(60 61 62 63 64 65 66 67 70 71 72 73 74 75 76 77)
-
-    pshufd      xmm6, xmm7, 0x4E  ; xmm6=(10 11 12 13 14 15 16 17 00 01 02 03 04 05 06 07)
-    pshufd      xmm0, xmm1, 0x4E  ; xmm0=(30 31 32 33 34 35 36 37 20 21 22 23 24 25 26 27)
-    pshufd      xmm2, xmm4, 0x4E  ; xmm2=(50 51 52 53 54 55 56 57 40 41 42 43 44 45 46 47)
-    pshufd      xmm5, xmm3, 0x4E  ; xmm5=(70 71 72 73 74 75 76 77 60 61 62 63 64 65 66 67)
-
-    mov         rdxp, JSAMPROW [rdi+0*SIZEOF_JSAMPROW]
-    mov         rsip, JSAMPROW [rdi+2*SIZEOF_JSAMPROW]
-    movq        XMM_MMWORD [rdx+rax*SIZEOF_JSAMPLE], xmm7
-    movq        XMM_MMWORD [rsi+rax*SIZEOF_JSAMPLE], xmm1
-    mov         rdxp, JSAMPROW [rdi+4*SIZEOF_JSAMPROW]
-    mov         rsip, JSAMPROW [rdi+6*SIZEOF_JSAMPROW]
-    movq        XMM_MMWORD [rdx+rax*SIZEOF_JSAMPLE], xmm4
-    movq        XMM_MMWORD [rsi+rax*SIZEOF_JSAMPLE], xmm3
-
-    mov         rdxp, JSAMPROW [rdi+1*SIZEOF_JSAMPROW]
-    mov         rsip, JSAMPROW [rdi+3*SIZEOF_JSAMPROW]
-    movq        XMM_MMWORD [rdx+rax*SIZEOF_JSAMPLE], xmm6
-    movq        XMM_MMWORD [rsi+rax*SIZEOF_JSAMPLE], xmm0
-    mov         rdxp, JSAMPROW [rdi+5*SIZEOF_JSAMPROW]
-    mov         rsip, JSAMPROW [rdi+7*SIZEOF_JSAMPROW]
-    movq        XMM_MMWORD [rdx+rax*SIZEOF_JSAMPLE], xmm2
-    movq        XMM_MMWORD [rsi+rax*SIZEOF_JSAMPLE], xmm5
-
-    uncollect_args 4
-    mov         rsp, rbp                ; rsp <- aligned rbp
-    pop         rsp                     ; rsp <- original rbp
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jidctred-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jidctred-sse2.asm
deleted file mode 100644
index 4ece9d8..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jidctred-sse2.asm
+++ /dev/null
@@ -1,574 +0,0 @@
-;
-; jidctred.asm - reduced-size IDCT (64-bit SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-;
-; This file contains inverse-DCT routines that produce reduced-size
-; output: either 4x4 or 2x2 pixels from an 8x8 DCT block.
-; The following code is based directly on the IJG's original jidctred.c;
-; see the jidctred.c for more details.
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-
-%define CONST_BITS    13
-%define PASS1_BITS    2
-
-%define DESCALE_P1_4  (CONST_BITS - PASS1_BITS + 1)
-%define DESCALE_P2_4  (CONST_BITS + PASS1_BITS + 3 + 1)
-%define DESCALE_P1_2  (CONST_BITS - PASS1_BITS + 2)
-%define DESCALE_P2_2  (CONST_BITS + PASS1_BITS + 3 + 2)
-
-%if CONST_BITS == 13
-F_0_211 equ  1730  ; FIX(0.211164243)
-F_0_509 equ  4176  ; FIX(0.509795579)
-F_0_601 equ  4926  ; FIX(0.601344887)
-F_0_720 equ  5906  ; FIX(0.720959822)
-F_0_765 equ  6270  ; FIX(0.765366865)
-F_0_850 equ  6967  ; FIX(0.850430095)
-F_0_899 equ  7373  ; FIX(0.899976223)
-F_1_061 equ  8697  ; FIX(1.061594337)
-F_1_272 equ 10426  ; FIX(1.272758580)
-F_1_451 equ 11893  ; FIX(1.451774981)
-F_1_847 equ 15137  ; FIX(1.847759065)
-F_2_172 equ 17799  ; FIX(2.172734803)
-F_2_562 equ 20995  ; FIX(2.562915447)
-F_3_624 equ 29692  ; FIX(3.624509785)
-%else
-; NASM cannot do compile-time arithmetic on floating-point constants.
-%define DESCALE(x, n)  (((x) + (1 << ((n) - 1))) >> (n))
-F_0_211 equ DESCALE( 226735879, 30 - CONST_BITS)  ; FIX(0.211164243)
-F_0_509 equ DESCALE( 547388834, 30 - CONST_BITS)  ; FIX(0.509795579)
-F_0_601 equ DESCALE( 645689155, 30 - CONST_BITS)  ; FIX(0.601344887)
-F_0_720 equ DESCALE( 774124714, 30 - CONST_BITS)  ; FIX(0.720959822)
-F_0_765 equ DESCALE( 821806413, 30 - CONST_BITS)  ; FIX(0.765366865)
-F_0_850 equ DESCALE( 913142361, 30 - CONST_BITS)  ; FIX(0.850430095)
-F_0_899 equ DESCALE( 966342111, 30 - CONST_BITS)  ; FIX(0.899976223)
-F_1_061 equ DESCALE(1139878239, 30 - CONST_BITS)  ; FIX(1.061594337)
-F_1_272 equ DESCALE(1366614119, 30 - CONST_BITS)  ; FIX(1.272758580)
-F_1_451 equ DESCALE(1558831516, 30 - CONST_BITS)  ; FIX(1.451774981)
-F_1_847 equ DESCALE(1984016188, 30 - CONST_BITS)  ; FIX(1.847759065)
-F_2_172 equ DESCALE(2332956230, 30 - CONST_BITS)  ; FIX(2.172734803)
-F_2_562 equ DESCALE(2751909506, 30 - CONST_BITS)  ; FIX(2.562915447)
-F_3_624 equ DESCALE(3891787747, 30 - CONST_BITS)  ; FIX(3.624509785)
-%endif
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_CONST
-
-    alignz      32
-    GLOBAL_DATA(jconst_idct_red_sse2)
-
-EXTN(jconst_idct_red_sse2):
-
-PW_F184_MF076   times 4  dw  F_1_847, -F_0_765
-PW_F256_F089    times 4  dw  F_2_562,  F_0_899
-PW_F106_MF217   times 4  dw  F_1_061, -F_2_172
-PW_MF060_MF050  times 4  dw -F_0_601, -F_0_509
-PW_F145_MF021   times 4  dw  F_1_451, -F_0_211
-PW_F362_MF127   times 4  dw  F_3_624, -F_1_272
-PW_F085_MF072   times 4  dw  F_0_850, -F_0_720
-PD_DESCALE_P1_4 times 4  dd  1 << (DESCALE_P1_4 - 1)
-PD_DESCALE_P2_4 times 4  dd  1 << (DESCALE_P2_4 - 1)
-PD_DESCALE_P1_2 times 4  dd  1 << (DESCALE_P1_2 - 1)
-PD_DESCALE_P2_2 times 4  dd  1 << (DESCALE_P2_2 - 1)
-PB_CENTERJSAMP  times 16 db  CENTERJSAMPLE
-
-    alignz      32
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-;
-; Perform dequantization and inverse DCT on one block of coefficients,
-; producing a reduced-size 4x4 output block.
-;
-; GLOBAL(void)
-; jsimd_idct_4x4_sse2(void *dct_table, JCOEFPTR coef_block,
-;                     JSAMPARRAY output_buf, JDIMENSION output_col)
-;
-
-; r10 = void *dct_table
-; r11 = JCOEFPTR coef_block
-; r12 = JSAMPARRAY output_buf
-; r13d = JDIMENSION output_col
-
-%define original_rbp  rbp + 0
-%define wk(i)         rbp - (WK_NUM - (i)) * SIZEOF_XMMWORD
-                                        ; xmmword wk[WK_NUM]
-%define WK_NUM        2
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_idct_4x4_sse2)
-
-EXTN(jsimd_idct_4x4_sse2):
-    push        rbp
-    mov         rax, rsp                     ; rax = original rbp
-    sub         rsp, byte 4
-    and         rsp, byte (-SIZEOF_XMMWORD)  ; align to 128 bits
-    mov         [rsp], rax
-    mov         rbp, rsp                     ; rbp = aligned rbp
-    lea         rsp, [wk(0)]
-    collect_args 4
-
-    ; ---- Pass 1: process columns from input.
-
-    mov         rdx, r10                ; quantptr
-    mov         rsi, r11                ; inptr
-
-%ifndef NO_ZERO_COLUMN_TEST_4X4_SSE2
-    mov         eax, dword [DWBLOCK(1,0,rsi,SIZEOF_JCOEF)]
-    or          eax, dword [DWBLOCK(2,0,rsi,SIZEOF_JCOEF)]
-    jnz         short .columnDCT
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(1,0,rsi,SIZEOF_JCOEF)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(2,0,rsi,SIZEOF_JCOEF)]
-    por         xmm0, XMMWORD [XMMBLOCK(3,0,rsi,SIZEOF_JCOEF)]
-    por         xmm1, XMMWORD [XMMBLOCK(5,0,rsi,SIZEOF_JCOEF)]
-    por         xmm0, XMMWORD [XMMBLOCK(6,0,rsi,SIZEOF_JCOEF)]
-    por         xmm1, XMMWORD [XMMBLOCK(7,0,rsi,SIZEOF_JCOEF)]
-    por         xmm0, xmm1
-    packsswb    xmm0, xmm0
-    packsswb    xmm0, xmm0
-    movd        eax, xmm0
-    test        rax, rax
-    jnz         short .columnDCT
-
-    ; -- AC terms all zero
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(0,0,rsi,SIZEOF_JCOEF)]
-    pmullw      xmm0, XMMWORD [XMMBLOCK(0,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    psllw       xmm0, PASS1_BITS
-
-    movdqa      xmm3, xmm0        ; xmm0=in0=(00 01 02 03 04 05 06 07)
-    punpcklwd   xmm0, xmm0        ; xmm0=(00 00 01 01 02 02 03 03)
-    punpckhwd   xmm3, xmm3        ; xmm3=(04 04 05 05 06 06 07 07)
-
-    pshufd      xmm1, xmm0, 0x50  ; xmm1=[col0 col1]=(00 00 00 00 01 01 01 01)
-    pshufd      xmm0, xmm0, 0xFA  ; xmm0=[col2 col3]=(02 02 02 02 03 03 03 03)
-    pshufd      xmm6, xmm3, 0x50  ; xmm6=[col4 col5]=(04 04 04 04 05 05 05 05)
-    pshufd      xmm3, xmm3, 0xFA  ; xmm3=[col6 col7]=(06 06 06 06 07 07 07 07)
-
-    jmp         near .column_end
-%endif
-.columnDCT:
-
-    ; -- Odd part
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(1,0,rsi,SIZEOF_JCOEF)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(3,0,rsi,SIZEOF_JCOEF)]
-    pmullw      xmm0, XMMWORD [XMMBLOCK(1,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      xmm1, XMMWORD [XMMBLOCK(3,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-    movdqa      xmm2, XMMWORD [XMMBLOCK(5,0,rsi,SIZEOF_JCOEF)]
-    movdqa      xmm3, XMMWORD [XMMBLOCK(7,0,rsi,SIZEOF_JCOEF)]
-    pmullw      xmm2, XMMWORD [XMMBLOCK(5,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      xmm3, XMMWORD [XMMBLOCK(7,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    movdqa      xmm4, xmm0
-    movdqa      xmm5, xmm0
-    punpcklwd   xmm4, xmm1
-    punpckhwd   xmm5, xmm1
-    movdqa      xmm0, xmm4
-    movdqa      xmm1, xmm5
-    pmaddwd     xmm4, [rel PW_F256_F089]   ; xmm4=(tmp2L)
-    pmaddwd     xmm5, [rel PW_F256_F089]   ; xmm5=(tmp2H)
-    pmaddwd     xmm0, [rel PW_F106_MF217]  ; xmm0=(tmp0L)
-    pmaddwd     xmm1, [rel PW_F106_MF217]  ; xmm1=(tmp0H)
-
-    movdqa      xmm6, xmm2
-    movdqa      xmm7, xmm2
-    punpcklwd   xmm6, xmm3
-    punpckhwd   xmm7, xmm3
-    movdqa      xmm2, xmm6
-    movdqa      xmm3, xmm7
-    pmaddwd     xmm6, [rel PW_MF060_MF050]  ; xmm6=(tmp2L)
-    pmaddwd     xmm7, [rel PW_MF060_MF050]  ; xmm7=(tmp2H)
-    pmaddwd     xmm2, [rel PW_F145_MF021]   ; xmm2=(tmp0L)
-    pmaddwd     xmm3, [rel PW_F145_MF021]   ; xmm3=(tmp0H)
-
-    paddd       xmm6, xmm4              ; xmm6=tmp2L
-    paddd       xmm7, xmm5              ; xmm7=tmp2H
-    paddd       xmm2, xmm0              ; xmm2=tmp0L
-    paddd       xmm3, xmm1              ; xmm3=tmp0H
-
-    movdqa      XMMWORD [wk(0)], xmm2   ; wk(0)=tmp0L
-    movdqa      XMMWORD [wk(1)], xmm3   ; wk(1)=tmp0H
-
-    ; -- Even part
-
-    movdqa      xmm4, XMMWORD [XMMBLOCK(0,0,rsi,SIZEOF_JCOEF)]
-    movdqa      xmm5, XMMWORD [XMMBLOCK(2,0,rsi,SIZEOF_JCOEF)]
-    movdqa      xmm0, XMMWORD [XMMBLOCK(6,0,rsi,SIZEOF_JCOEF)]
-    pmullw      xmm4, XMMWORD [XMMBLOCK(0,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      xmm5, XMMWORD [XMMBLOCK(2,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      xmm0, XMMWORD [XMMBLOCK(6,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    pxor        xmm1, xmm1
-    pxor        xmm2, xmm2
-    punpcklwd   xmm1, xmm4               ; xmm1=tmp0L
-    punpckhwd   xmm2, xmm4               ; xmm2=tmp0H
-    psrad       xmm1, (16-CONST_BITS-1)  ; psrad xmm1,16 & pslld xmm1,CONST_BITS+1
-    psrad       xmm2, (16-CONST_BITS-1)  ; psrad xmm2,16 & pslld xmm2,CONST_BITS+1
-
-    movdqa      xmm3, xmm5              ; xmm5=in2=z2
-    punpcklwd   xmm5, xmm0              ; xmm0=in6=z3
-    punpckhwd   xmm3, xmm0
-    pmaddwd     xmm5, [rel PW_F184_MF076]  ; xmm5=tmp2L
-    pmaddwd     xmm3, [rel PW_F184_MF076]  ; xmm3=tmp2H
-
-    movdqa      xmm4, xmm1
-    movdqa      xmm0, xmm2
-    paddd       xmm1, xmm5              ; xmm1=tmp10L
-    paddd       xmm2, xmm3              ; xmm2=tmp10H
-    psubd       xmm4, xmm5              ; xmm4=tmp12L
-    psubd       xmm0, xmm3              ; xmm0=tmp12H
-
-    ; -- Final output stage
-
-    movdqa      xmm5, xmm1
-    movdqa      xmm3, xmm2
-    paddd       xmm1, xmm6              ; xmm1=data0L
-    paddd       xmm2, xmm7              ; xmm2=data0H
-    psubd       xmm5, xmm6              ; xmm5=data3L
-    psubd       xmm3, xmm7              ; xmm3=data3H
-
-    movdqa      xmm6, [rel PD_DESCALE_P1_4]  ; xmm6=[rel PD_DESCALE_P1_4]
-
-    paddd       xmm1, xmm6
-    paddd       xmm2, xmm6
-    psrad       xmm1, DESCALE_P1_4
-    psrad       xmm2, DESCALE_P1_4
-    paddd       xmm5, xmm6
-    paddd       xmm3, xmm6
-    psrad       xmm5, DESCALE_P1_4
-    psrad       xmm3, DESCALE_P1_4
-
-    packssdw    xmm1, xmm2              ; xmm1=data0=(00 01 02 03 04 05 06 07)
-    packssdw    xmm5, xmm3              ; xmm5=data3=(30 31 32 33 34 35 36 37)
-
-    movdqa      xmm7, XMMWORD [wk(0)]   ; xmm7=tmp0L
-    movdqa      xmm6, XMMWORD [wk(1)]   ; xmm6=tmp0H
-
-    movdqa      xmm2, xmm4
-    movdqa      xmm3, xmm0
-    paddd       xmm4, xmm7              ; xmm4=data1L
-    paddd       xmm0, xmm6              ; xmm0=data1H
-    psubd       xmm2, xmm7              ; xmm2=data2L
-    psubd       xmm3, xmm6              ; xmm3=data2H
-
-    movdqa      xmm7, [rel PD_DESCALE_P1_4]  ; xmm7=[rel PD_DESCALE_P1_4]
-
-    paddd       xmm4, xmm7
-    paddd       xmm0, xmm7
-    psrad       xmm4, DESCALE_P1_4
-    psrad       xmm0, DESCALE_P1_4
-    paddd       xmm2, xmm7
-    paddd       xmm3, xmm7
-    psrad       xmm2, DESCALE_P1_4
-    psrad       xmm3, DESCALE_P1_4
-
-    packssdw    xmm4, xmm0        ; xmm4=data1=(10 11 12 13 14 15 16 17)
-    packssdw    xmm2, xmm3        ; xmm2=data2=(20 21 22 23 24 25 26 27)
-
-    movdqa      xmm6, xmm1        ; transpose coefficients(phase 1)
-    punpcklwd   xmm1, xmm4        ; xmm1=(00 10 01 11 02 12 03 13)
-    punpckhwd   xmm6, xmm4        ; xmm6=(04 14 05 15 06 16 07 17)
-    movdqa      xmm7, xmm2        ; transpose coefficients(phase 1)
-    punpcklwd   xmm2, xmm5        ; xmm2=(20 30 21 31 22 32 23 33)
-    punpckhwd   xmm7, xmm5        ; xmm7=(24 34 25 35 26 36 27 37)
-
-    movdqa      xmm0, xmm1        ; transpose coefficients(phase 2)
-    punpckldq   xmm1, xmm2        ; xmm1=[col0 col1]=(00 10 20 30 01 11 21 31)
-    punpckhdq   xmm0, xmm2        ; xmm0=[col2 col3]=(02 12 22 32 03 13 23 33)
-    movdqa      xmm3, xmm6        ; transpose coefficients(phase 2)
-    punpckldq   xmm6, xmm7        ; xmm6=[col4 col5]=(04 14 24 34 05 15 25 35)
-    punpckhdq   xmm3, xmm7        ; xmm3=[col6 col7]=(06 16 26 36 07 17 27 37)
-.column_end:
-
-    ; -- Prefetch the next coefficient block
-
-    prefetchnta [rsi + DCTSIZE2*SIZEOF_JCOEF + 0*32]
-    prefetchnta [rsi + DCTSIZE2*SIZEOF_JCOEF + 1*32]
-    prefetchnta [rsi + DCTSIZE2*SIZEOF_JCOEF + 2*32]
-    prefetchnta [rsi + DCTSIZE2*SIZEOF_JCOEF + 3*32]
-
-    ; ---- Pass 2: process rows, store into output array.
-
-    mov         rax, [original_rbp]
-    mov         rdi, r12                ; (JSAMPROW *)
-    mov         eax, r13d
-
-    ; -- Even part
-
-    pxor        xmm4, xmm4
-    punpcklwd   xmm4, xmm1               ; xmm4=tmp0
-    psrad       xmm4, (16-CONST_BITS-1)  ; psrad xmm4,16 & pslld xmm4,CONST_BITS+1
-
-    ; -- Odd part
-
-    punpckhwd   xmm1, xmm0
-    punpckhwd   xmm6, xmm3
-    movdqa      xmm5, xmm1
-    movdqa      xmm2, xmm6
-    pmaddwd     xmm1, [rel PW_F256_F089]    ; xmm1=(tmp2)
-    pmaddwd     xmm6, [rel PW_MF060_MF050]  ; xmm6=(tmp2)
-    pmaddwd     xmm5, [rel PW_F106_MF217]   ; xmm5=(tmp0)
-    pmaddwd     xmm2, [rel PW_F145_MF021]   ; xmm2=(tmp0)
-
-    paddd       xmm6, xmm1              ; xmm6=tmp2
-    paddd       xmm2, xmm5              ; xmm2=tmp0
-
-    ; -- Even part
-
-    punpcklwd   xmm0, xmm3
-    pmaddwd     xmm0, [rel PW_F184_MF076]  ; xmm0=tmp2
-
-    movdqa      xmm7, xmm4
-    paddd       xmm4, xmm0              ; xmm4=tmp10
-    psubd       xmm7, xmm0              ; xmm7=tmp12
-
-    ; -- Final output stage
-
-    movdqa      xmm1, [rel PD_DESCALE_P2_4]  ; xmm1=[rel PD_DESCALE_P2_4]
-
-    movdqa      xmm5, xmm4
-    movdqa      xmm3, xmm7
-    paddd       xmm4, xmm6              ; xmm4=data0=(00 10 20 30)
-    paddd       xmm7, xmm2              ; xmm7=data1=(01 11 21 31)
-    psubd       xmm5, xmm6              ; xmm5=data3=(03 13 23 33)
-    psubd       xmm3, xmm2              ; xmm3=data2=(02 12 22 32)
-
-    paddd       xmm4, xmm1
-    paddd       xmm7, xmm1
-    psrad       xmm4, DESCALE_P2_4
-    psrad       xmm7, DESCALE_P2_4
-    paddd       xmm5, xmm1
-    paddd       xmm3, xmm1
-    psrad       xmm5, DESCALE_P2_4
-    psrad       xmm3, DESCALE_P2_4
-
-    packssdw    xmm4, xmm3              ; xmm4=(00 10 20 30 02 12 22 32)
-    packssdw    xmm7, xmm5              ; xmm7=(01 11 21 31 03 13 23 33)
-
-    movdqa      xmm0, xmm4              ; transpose coefficients(phase 1)
-    punpcklwd   xmm4, xmm7              ; xmm4=(00 01 10 11 20 21 30 31)
-    punpckhwd   xmm0, xmm7              ; xmm0=(02 03 12 13 22 23 32 33)
-
-    movdqa      xmm6, xmm4              ; transpose coefficients(phase 2)
-    punpckldq   xmm4, xmm0              ; xmm4=(00 01 02 03 10 11 12 13)
-    punpckhdq   xmm6, xmm0              ; xmm6=(20 21 22 23 30 31 32 33)
-
-    packsswb    xmm4, xmm6              ; xmm4=(00 01 02 03 10 11 12 13 20 ..)
-    paddb       xmm4, [rel PB_CENTERJSAMP]
-
-    pshufd      xmm2, xmm4, 0x39        ; xmm2=(10 11 12 13 20 21 22 23 30 ..)
-    pshufd      xmm1, xmm4, 0x4E        ; xmm1=(20 21 22 23 30 31 32 33 00 ..)
-    pshufd      xmm3, xmm4, 0x93        ; xmm3=(30 31 32 33 00 01 02 03 10 ..)
-
-    mov         rdxp, JSAMPROW [rdi+0*SIZEOF_JSAMPROW]
-    mov         rsip, JSAMPROW [rdi+1*SIZEOF_JSAMPROW]
-    movd        XMM_DWORD [rdx+rax*SIZEOF_JSAMPLE], xmm4
-    movd        XMM_DWORD [rsi+rax*SIZEOF_JSAMPLE], xmm2
-    mov         rdxp, JSAMPROW [rdi+2*SIZEOF_JSAMPROW]
-    mov         rsip, JSAMPROW [rdi+3*SIZEOF_JSAMPROW]
-    movd        XMM_DWORD [rdx+rax*SIZEOF_JSAMPLE], xmm1
-    movd        XMM_DWORD [rsi+rax*SIZEOF_JSAMPLE], xmm3
-
-    uncollect_args 4
-    mov         rsp, rbp                ; rsp <- aligned rbp
-    pop         rsp                     ; rsp <- original rbp
-    pop         rbp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Perform dequantization and inverse DCT on one block of coefficients,
-; producing a reduced-size 2x2 output block.
-;
-; GLOBAL(void)
-; jsimd_idct_2x2_sse2(void *dct_table, JCOEFPTR coef_block,
-;                     JSAMPARRAY output_buf, JDIMENSION output_col)
-;
-
-; r10 = void *dct_table
-; r11 = JCOEFPTR coef_block
-; r12 = JSAMPARRAY output_buf
-; r13d = JDIMENSION output_col
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_idct_2x2_sse2)
-
-EXTN(jsimd_idct_2x2_sse2):
-    push        rbp
-    mov         rax, rsp
-    mov         rbp, rsp
-    collect_args 4
-    push        rbx
-
-    ; ---- Pass 1: process columns from input.
-
-    mov         rdx, r10                ; quantptr
-    mov         rsi, r11                ; inptr
-
-    ; | input:                  | result:        |
-    ; | 00 01 ** 03 ** 05 ** 07 |                |
-    ; | 10 11 ** 13 ** 15 ** 17 |                |
-    ; | ** ** ** ** ** ** ** ** |                |
-    ; | 30 31 ** 33 ** 35 ** 37 | A0 A1 A3 A5 A7 |
-    ; | ** ** ** ** ** ** ** ** | B0 B1 B3 B5 B7 |
-    ; | 50 51 ** 53 ** 55 ** 57 |                |
-    ; | ** ** ** ** ** ** ** ** |                |
-    ; | 70 71 ** 73 ** 75 ** 77 |                |
-
-    ; -- Odd part
-
-    movdqa      xmm0, XMMWORD [XMMBLOCK(1,0,rsi,SIZEOF_JCOEF)]
-    movdqa      xmm1, XMMWORD [XMMBLOCK(3,0,rsi,SIZEOF_JCOEF)]
-    pmullw      xmm0, XMMWORD [XMMBLOCK(1,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      xmm1, XMMWORD [XMMBLOCK(3,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-    movdqa      xmm2, XMMWORD [XMMBLOCK(5,0,rsi,SIZEOF_JCOEF)]
-    movdqa      xmm3, XMMWORD [XMMBLOCK(7,0,rsi,SIZEOF_JCOEF)]
-    pmullw      xmm2, XMMWORD [XMMBLOCK(5,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-    pmullw      xmm3, XMMWORD [XMMBLOCK(7,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    ; xmm0=(10 11 ** 13 ** 15 ** 17), xmm1=(30 31 ** 33 ** 35 ** 37)
-    ; xmm2=(50 51 ** 53 ** 55 ** 57), xmm3=(70 71 ** 73 ** 75 ** 77)
-
-    pcmpeqd     xmm7, xmm7
-    pslld       xmm7, WORD_BIT          ; xmm7={0x0000 0xFFFF 0x0000 0xFFFF ..}
-
-    movdqa      xmm4, xmm0              ; xmm4=(10 11 ** 13 ** 15 ** 17)
-    movdqa      xmm5, xmm2              ; xmm5=(50 51 ** 53 ** 55 ** 57)
-    punpcklwd   xmm4, xmm1              ; xmm4=(10 30 11 31 ** ** 13 33)
-    punpcklwd   xmm5, xmm3              ; xmm5=(50 70 51 71 ** ** 53 73)
-    pmaddwd     xmm4, [rel PW_F362_MF127]
-    pmaddwd     xmm5, [rel PW_F085_MF072]
-
-    psrld       xmm0, WORD_BIT          ; xmm0=(11 -- 13 -- 15 -- 17 --)
-    pand        xmm1, xmm7              ; xmm1=(-- 31 -- 33 -- 35 -- 37)
-    psrld       xmm2, WORD_BIT          ; xmm2=(51 -- 53 -- 55 -- 57 --)
-    pand        xmm3, xmm7              ; xmm3=(-- 71 -- 73 -- 75 -- 77)
-    por         xmm0, xmm1              ; xmm0=(11 31 13 33 15 35 17 37)
-    por         xmm2, xmm3              ; xmm2=(51 71 53 73 55 75 57 77)
-    pmaddwd     xmm0, [rel PW_F362_MF127]
-    pmaddwd     xmm2, [rel PW_F085_MF072]
-
-    paddd       xmm4, xmm5              ; xmm4=tmp0[col0 col1 **** col3]
-    paddd       xmm0, xmm2              ; xmm0=tmp0[col1 col3 col5 col7]
-
-    ; -- Even part
-
-    movdqa      xmm6, XMMWORD [XMMBLOCK(0,0,rsi,SIZEOF_JCOEF)]
-    pmullw      xmm6, XMMWORD [XMMBLOCK(0,0,rdx,SIZEOF_ISLOW_MULT_TYPE)]
-
-    ; xmm6=(00 01 ** 03 ** 05 ** 07)
-
-    movdqa      xmm1, xmm6              ; xmm1=(00 01 ** 03 ** 05 ** 07)
-    pslld       xmm6, WORD_BIT          ; xmm6=(-- 00 -- ** -- ** -- **)
-    pand        xmm1, xmm7              ; xmm1=(-- 01 -- 03 -- 05 -- 07)
-    psrad       xmm6, (WORD_BIT-CONST_BITS-2)  ; xmm6=tmp10[col0 **** **** ****]
-    psrad       xmm1, (WORD_BIT-CONST_BITS-2)  ; xmm1=tmp10[col1 col3 col5 col7]
-
-    ; -- Final output stage
-
-    movdqa      xmm3, xmm6
-    movdqa      xmm5, xmm1
-    paddd       xmm6, xmm4      ; xmm6=data0[col0 **** **** ****]=(A0 ** ** **)
-    paddd       xmm1, xmm0      ; xmm1=data0[col1 col3 col5 col7]=(A1 A3 A5 A7)
-    psubd       xmm3, xmm4      ; xmm3=data1[col0 **** **** ****]=(B0 ** ** **)
-    psubd       xmm5, xmm0      ; xmm5=data1[col1 col3 col5 col7]=(B1 B3 B5 B7)
-
-    movdqa      xmm2, [rel PD_DESCALE_P1_2]  ; xmm2=[rel PD_DESCALE_P1_2]
-
-    punpckldq   xmm6, xmm3              ; xmm6=(A0 B0 ** **)
-
-    movdqa      xmm7, xmm1
-    punpcklqdq  xmm1, xmm5              ; xmm1=(A1 A3 B1 B3)
-    punpckhqdq  xmm7, xmm5              ; xmm7=(A5 A7 B5 B7)
-
-    paddd       xmm6, xmm2
-    psrad       xmm6, DESCALE_P1_2
-
-    paddd       xmm1, xmm2
-    paddd       xmm7, xmm2
-    psrad       xmm1, DESCALE_P1_2
-    psrad       xmm7, DESCALE_P1_2
-
-    ; -- Prefetch the next coefficient block
-
-    prefetchnta [rsi + DCTSIZE2*SIZEOF_JCOEF + 0*32]
-    prefetchnta [rsi + DCTSIZE2*SIZEOF_JCOEF + 1*32]
-    prefetchnta [rsi + DCTSIZE2*SIZEOF_JCOEF + 2*32]
-    prefetchnta [rsi + DCTSIZE2*SIZEOF_JCOEF + 3*32]
-
-    ; ---- Pass 2: process rows, store into output array.
-
-    mov         rdi, r12                ; (JSAMPROW *)
-    mov         eax, r13d
-
-    ; | input:| result:|
-    ; | A0 B0 |        |
-    ; | A1 B1 | C0 C1  |
-    ; | A3 B3 | D0 D1  |
-    ; | A5 B5 |        |
-    ; | A7 B7 |        |
-
-    ; -- Odd part
-
-    packssdw    xmm1, xmm1              ; xmm1=(A1 A3 B1 B3 A1 A3 B1 B3)
-    packssdw    xmm7, xmm7              ; xmm7=(A5 A7 B5 B7 A5 A7 B5 B7)
-    pmaddwd     xmm1, [rel PW_F362_MF127]
-    pmaddwd     xmm7, [rel PW_F085_MF072]
-
-    paddd       xmm1, xmm7              ; xmm1=tmp0[row0 row1 row0 row1]
-
-    ; -- Even part
-
-    pslld       xmm6, (CONST_BITS+2)    ; xmm6=tmp10[row0 row1 **** ****]
-
-    ; -- Final output stage
-
-    movdqa      xmm4, xmm6
-    paddd       xmm6, xmm1     ; xmm6=data0[row0 row1 **** ****]=(C0 C1 ** **)
-    psubd       xmm4, xmm1     ; xmm4=data1[row0 row1 **** ****]=(D0 D1 ** **)
-
-    punpckldq   xmm6, xmm4     ; xmm6=(C0 D0 C1 D1)
-
-    paddd       xmm6, [rel PD_DESCALE_P2_2]
-    psrad       xmm6, DESCALE_P2_2
-
-    packssdw    xmm6, xmm6              ; xmm6=(C0 D0 C1 D1 C0 D0 C1 D1)
-    packsswb    xmm6, xmm6              ; xmm6=(C0 D0 C1 D1 C0 D0 C1 D1 ..)
-    paddb       xmm6, [rel PB_CENTERJSAMP]
-
-    pextrw      ebx, xmm6, 0x00         ; ebx=(C0 D0 -- --)
-    pextrw      ecx, xmm6, 0x01         ; ecx=(C1 D1 -- --)
-
-    mov         rdxp, JSAMPROW [rdi+0*SIZEOF_JSAMPROW]
-    mov         rsip, JSAMPROW [rdi+1*SIZEOF_JSAMPROW]
-    mov         word [rdx+rax*SIZEOF_JSAMPLE], bx
-    mov         word [rsi+rax*SIZEOF_JSAMPLE], cx
-
-    pop         rbx
-    uncollect_args 4
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jquantf-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jquantf-sse2.asm
deleted file mode 100644
index ab2e395..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jquantf-sse2.asm
+++ /dev/null
@@ -1,155 +0,0 @@
-;
-; jquantf.asm - sample data conversion and quantization (64-bit SSE & SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-;
-; Load data into workspace, applying unsigned->signed conversion
-;
-; GLOBAL(void)
-; jsimd_convsamp_float_sse2(JSAMPARRAY sample_data, JDIMENSION start_col,
-;                           FAST_FLOAT *workspace);
-;
-
-; r10 = JSAMPARRAY sample_data
-; r11d = JDIMENSION start_col
-; r12 = FAST_FLOAT *workspace
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_convsamp_float_sse2)
-
-EXTN(jsimd_convsamp_float_sse2):
-    push        rbp
-    mov         rax, rsp
-    mov         rbp, rsp
-    collect_args 3
-    push        rbx
-
-    pcmpeqw     xmm7, xmm7
-    psllw       xmm7, 7
-    packsswb    xmm7, xmm7              ; xmm7 = PB_CENTERJSAMPLE (0x808080..)
-
-    mov         rsi, r10
-    mov         eax, r11d
-    mov         rdi, r12
-    mov         rcx, DCTSIZE/2
-.convloop:
-    mov         rbxp, JSAMPROW [rsi+0*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         rdxp, JSAMPROW [rsi+1*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-
-    movq        xmm0, XMM_MMWORD [rbx+rax*SIZEOF_JSAMPLE]
-    movq        xmm1, XMM_MMWORD [rdx+rax*SIZEOF_JSAMPLE]
-
-    psubb       xmm0, xmm7              ; xmm0=(01234567)
-    psubb       xmm1, xmm7              ; xmm1=(89ABCDEF)
-
-    punpcklbw   xmm0, xmm0              ; xmm0=(*0*1*2*3*4*5*6*7)
-    punpcklbw   xmm1, xmm1              ; xmm1=(*8*9*A*B*C*D*E*F)
-
-    punpcklwd   xmm2, xmm0              ; xmm2=(***0***1***2***3)
-    punpckhwd   xmm0, xmm0              ; xmm0=(***4***5***6***7)
-    punpcklwd   xmm3, xmm1              ; xmm3=(***8***9***A***B)
-    punpckhwd   xmm1, xmm1              ; xmm1=(***C***D***E***F)
-
-    psrad       xmm2, (DWORD_BIT-BYTE_BIT)  ; xmm2=(0123)
-    psrad       xmm0, (DWORD_BIT-BYTE_BIT)  ; xmm0=(4567)
-    cvtdq2ps    xmm2, xmm2                  ; xmm2=(0123)
-    cvtdq2ps    xmm0, xmm0                  ; xmm0=(4567)
-    psrad       xmm3, (DWORD_BIT-BYTE_BIT)  ; xmm3=(89AB)
-    psrad       xmm1, (DWORD_BIT-BYTE_BIT)  ; xmm1=(CDEF)
-    cvtdq2ps    xmm3, xmm3                  ; xmm3=(89AB)
-    cvtdq2ps    xmm1, xmm1                  ; xmm1=(CDEF)
-
-    movaps      XMMWORD [XMMBLOCK(0,0,rdi,SIZEOF_FAST_FLOAT)], xmm2
-    movaps      XMMWORD [XMMBLOCK(0,1,rdi,SIZEOF_FAST_FLOAT)], xmm0
-    movaps      XMMWORD [XMMBLOCK(1,0,rdi,SIZEOF_FAST_FLOAT)], xmm3
-    movaps      XMMWORD [XMMBLOCK(1,1,rdi,SIZEOF_FAST_FLOAT)], xmm1
-
-    add         rsi, byte 2*SIZEOF_JSAMPROW
-    add         rdi, byte 2*DCTSIZE*SIZEOF_FAST_FLOAT
-    dec         rcx
-    jnz         short .convloop
-
-    pop         rbx
-    uncollect_args 3
-    pop         rbp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Quantize/descale the coefficients, and store into coef_block
-;
-; GLOBAL(void)
-; jsimd_quantize_float_sse2(JCOEFPTR coef_block, FAST_FLOAT *divisors,
-;                           FAST_FLOAT *workspace);
-;
-
-; r10 = JCOEFPTR coef_block
-; r11 = FAST_FLOAT *divisors
-; r12 = FAST_FLOAT *workspace
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_quantize_float_sse2)
-
-EXTN(jsimd_quantize_float_sse2):
-    push        rbp
-    mov         rax, rsp
-    mov         rbp, rsp
-    collect_args 3
-
-    mov         rsi, r12
-    mov         rdx, r11
-    mov         rdi, r10
-    mov         rax, DCTSIZE2/16
-.quantloop:
-    movaps      xmm0, XMMWORD [XMMBLOCK(0,0,rsi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm1, XMMWORD [XMMBLOCK(0,1,rsi,SIZEOF_FAST_FLOAT)]
-    mulps       xmm0, XMMWORD [XMMBLOCK(0,0,rdx,SIZEOF_FAST_FLOAT)]
-    mulps       xmm1, XMMWORD [XMMBLOCK(0,1,rdx,SIZEOF_FAST_FLOAT)]
-    movaps      xmm2, XMMWORD [XMMBLOCK(1,0,rsi,SIZEOF_FAST_FLOAT)]
-    movaps      xmm3, XMMWORD [XMMBLOCK(1,1,rsi,SIZEOF_FAST_FLOAT)]
-    mulps       xmm2, XMMWORD [XMMBLOCK(1,0,rdx,SIZEOF_FAST_FLOAT)]
-    mulps       xmm3, XMMWORD [XMMBLOCK(1,1,rdx,SIZEOF_FAST_FLOAT)]
-
-    cvtps2dq    xmm0, xmm0
-    cvtps2dq    xmm1, xmm1
-    cvtps2dq    xmm2, xmm2
-    cvtps2dq    xmm3, xmm3
-
-    packssdw    xmm0, xmm1
-    packssdw    xmm2, xmm3
-
-    movdqa      XMMWORD [XMMBLOCK(0,0,rdi,SIZEOF_JCOEF)], xmm0
-    movdqa      XMMWORD [XMMBLOCK(1,0,rdi,SIZEOF_JCOEF)], xmm2
-
-    add         rsi, byte 16*SIZEOF_FAST_FLOAT
-    add         rdx, byte 16*SIZEOF_FAST_FLOAT
-    add         rdi, byte 16*SIZEOF_JCOEF
-    dec         rax
-    jnz         short .quantloop
-
-    uncollect_args 3
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jquanti-avx2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jquanti-avx2.asm
deleted file mode 100644
index 70fe811..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jquanti-avx2.asm
+++ /dev/null
@@ -1,163 +0,0 @@
-;
-; jquanti.asm - sample data conversion and quantization (64-bit AVX2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, 2018, D. R. Commander.
-; Copyright (C) 2016, Matthieu Darbois.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-;
-; Load data into workspace, applying unsigned->signed conversion
-;
-; GLOBAL(void)
-; jsimd_convsamp_avx2(JSAMPARRAY sample_data, JDIMENSION start_col,
-;                     DCTELEM *workspace);
-;
-
-; r10 = JSAMPARRAY sample_data
-; r11d = JDIMENSION start_col
-; r12 = DCTELEM *workspace
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_convsamp_avx2)
-
-EXTN(jsimd_convsamp_avx2):
-    push        rbp
-    mov         rax, rsp
-    mov         rbp, rsp
-    collect_args 3
-
-    mov         eax, r11d
-
-    mov         rsip, JSAMPROW [r10+0*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         rdip, JSAMPROW [r10+1*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    movq        xmm0, XMM_MMWORD [rsi+rax*SIZEOF_JSAMPLE]
-    pinsrq      xmm0, XMM_MMWORD [rdi+rax*SIZEOF_JSAMPLE], 1
-
-    mov         rsip, JSAMPROW [r10+2*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         rdip, JSAMPROW [r10+3*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    movq        xmm1, XMM_MMWORD [rsi+rax*SIZEOF_JSAMPLE]
-    pinsrq      xmm1, XMM_MMWORD [rdi+rax*SIZEOF_JSAMPLE], 1
-
-    mov         rsip, JSAMPROW [r10+4*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         rdip, JSAMPROW [r10+5*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    movq        xmm2, XMM_MMWORD [rsi+rax*SIZEOF_JSAMPLE]
-    pinsrq      xmm2, XMM_MMWORD [rdi+rax*SIZEOF_JSAMPLE], 1
-
-    mov         rsip, JSAMPROW [r10+6*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         rdip, JSAMPROW [r10+7*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    movq        xmm3, XMM_MMWORD [rsi+rax*SIZEOF_JSAMPLE]
-    pinsrq      xmm3, XMM_MMWORD [rdi+rax*SIZEOF_JSAMPLE], 1
-
-    vpmovzxbw   ymm0, xmm0              ; ymm0=(00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17)
-    vpmovzxbw   ymm1, xmm1              ; ymm1=(20 21 22 23 24 25 26 27 30 31 32 33 34 35 36 37)
-    vpmovzxbw   ymm2, xmm2              ; ymm2=(40 41 42 43 44 45 46 47 50 51 52 53 54 55 56 57)
-    vpmovzxbw   ymm3, xmm3              ; ymm3=(60 61 62 63 64 65 66 67 70 71 72 73 74 75 76 77)
-
-    vpcmpeqw    ymm7, ymm7, ymm7
-    vpsllw      ymm7, ymm7, 7           ; ymm7={0xFF80 0xFF80 0xFF80 0xFF80 ..}
-
-    vpaddw      ymm0, ymm0, ymm7
-    vpaddw      ymm1, ymm1, ymm7
-    vpaddw      ymm2, ymm2, ymm7
-    vpaddw      ymm3, ymm3, ymm7
-
-    vmovdqu     YMMWORD [YMMBLOCK(0,0,r12,SIZEOF_DCTELEM)], ymm0
-    vmovdqu     YMMWORD [YMMBLOCK(2,0,r12,SIZEOF_DCTELEM)], ymm1
-    vmovdqu     YMMWORD [YMMBLOCK(4,0,r12,SIZEOF_DCTELEM)], ymm2
-    vmovdqu     YMMWORD [YMMBLOCK(6,0,r12,SIZEOF_DCTELEM)], ymm3
-
-    vzeroupper
-    uncollect_args 3
-    pop         rbp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Quantize/descale the coefficients, and store into coef_block
-;
-; This implementation is based on an algorithm described in
-;   "How to optimize for the Pentium family of microprocessors"
-;   (http://www.agner.org/assem/).
-;
-; GLOBAL(void)
-; jsimd_quantize_avx2(JCOEFPTR coef_block, DCTELEM *divisors,
-;                     DCTELEM *workspace);
-;
-
-%define RECIPROCAL(m, n, b) \
-  YMMBLOCK(DCTSIZE * 0 + (m), (n), (b), SIZEOF_DCTELEM)
-%define CORRECTION(m, n, b) \
-  YMMBLOCK(DCTSIZE * 1 + (m), (n), (b), SIZEOF_DCTELEM)
-%define SCALE(m, n, b) \
-  YMMBLOCK(DCTSIZE * 2 + (m), (n), (b), SIZEOF_DCTELEM)
-
-; r10 = JCOEFPTR coef_block
-; r11 = DCTELEM *divisors
-; r12 = DCTELEM *workspace
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_quantize_avx2)
-
-EXTN(jsimd_quantize_avx2):
-    push        rbp
-    mov         rax, rsp
-    mov         rbp, rsp
-    collect_args 3
-
-    vmovdqu     ymm4, [YMMBLOCK(0,0,r12,SIZEOF_DCTELEM)]
-    vmovdqu     ymm5, [YMMBLOCK(2,0,r12,SIZEOF_DCTELEM)]
-    vmovdqu     ymm6, [YMMBLOCK(4,0,r12,SIZEOF_DCTELEM)]
-    vmovdqu     ymm7, [YMMBLOCK(6,0,r12,SIZEOF_DCTELEM)]
-    vpabsw      ymm0, ymm4
-    vpabsw      ymm1, ymm5
-    vpabsw      ymm2, ymm6
-    vpabsw      ymm3, ymm7
-
-    vpaddw      ymm0, YMMWORD [CORRECTION(0,0,r11)]  ; correction + roundfactor
-    vpaddw      ymm1, YMMWORD [CORRECTION(2,0,r11)]
-    vpaddw      ymm2, YMMWORD [CORRECTION(4,0,r11)]
-    vpaddw      ymm3, YMMWORD [CORRECTION(6,0,r11)]
-    vpmulhuw    ymm0, YMMWORD [RECIPROCAL(0,0,r11)]  ; reciprocal
-    vpmulhuw    ymm1, YMMWORD [RECIPROCAL(2,0,r11)]
-    vpmulhuw    ymm2, YMMWORD [RECIPROCAL(4,0,r11)]
-    vpmulhuw    ymm3, YMMWORD [RECIPROCAL(6,0,r11)]
-    vpmulhuw    ymm0, YMMWORD [SCALE(0,0,r11)]       ; scale
-    vpmulhuw    ymm1, YMMWORD [SCALE(2,0,r11)]
-    vpmulhuw    ymm2, YMMWORD [SCALE(4,0,r11)]
-    vpmulhuw    ymm3, YMMWORD [SCALE(6,0,r11)]
-
-    vpsignw     ymm0, ymm0, ymm4
-    vpsignw     ymm1, ymm1, ymm5
-    vpsignw     ymm2, ymm2, ymm6
-    vpsignw     ymm3, ymm3, ymm7
-
-    vmovdqu     [YMMBLOCK(0,0,r10,SIZEOF_DCTELEM)], ymm0
-    vmovdqu     [YMMBLOCK(2,0,r10,SIZEOF_DCTELEM)], ymm1
-    vmovdqu     [YMMBLOCK(4,0,r10,SIZEOF_DCTELEM)], ymm2
-    vmovdqu     [YMMBLOCK(6,0,r10,SIZEOF_DCTELEM)], ymm3
-
-    vzeroupper
-    uncollect_args 3
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jquanti-sse2.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jquanti-sse2.asm
deleted file mode 100644
index 3ee4420..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jquanti-sse2.asm
+++ /dev/null
@@ -1,188 +0,0 @@
-;
-; jquanti.asm - sample data conversion and quantization (64-bit SSE2)
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2009, 2016, D. R. Commander.
-; Copyright (C) 2018, Matthias Räncker.
-;
-; Based on the x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-%include "jdct.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-;
-; Load data into workspace, applying unsigned->signed conversion
-;
-; GLOBAL(void)
-; jsimd_convsamp_sse2(JSAMPARRAY sample_data, JDIMENSION start_col,
-;                     DCTELEM *workspace);
-;
-
-; r10 = JSAMPARRAY sample_data
-; r11d = JDIMENSION start_col
-; r12 = DCTELEM *workspace
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_convsamp_sse2)
-
-EXTN(jsimd_convsamp_sse2):
-    push        rbp
-    mov         rax, rsp
-    mov         rbp, rsp
-    collect_args 3
-    push        rbx
-
-    pxor        xmm6, xmm6              ; xmm6=(all 0's)
-    pcmpeqw     xmm7, xmm7
-    psllw       xmm7, 7                 ; xmm7={0xFF80 0xFF80 0xFF80 0xFF80 ..}
-
-    mov         rsi, r10
-    mov         eax, r11d
-    mov         rdi, r12
-    mov         rcx, DCTSIZE/4
-.convloop:
-    mov         rbxp, JSAMPROW [rsi+0*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         rdxp, JSAMPROW [rsi+1*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-
-    movq        xmm0, XMM_MMWORD [rbx+rax*SIZEOF_JSAMPLE]  ; xmm0=(01234567)
-    movq        xmm1, XMM_MMWORD [rdx+rax*SIZEOF_JSAMPLE]  ; xmm1=(89ABCDEF)
-
-    mov         rbxp, JSAMPROW [rsi+2*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-    mov         rdxp, JSAMPROW [rsi+3*SIZEOF_JSAMPROW]  ; (JSAMPLE *)
-
-    movq        xmm2, XMM_MMWORD [rbx+rax*SIZEOF_JSAMPLE]  ; xmm2=(GHIJKLMN)
-    movq        xmm3, XMM_MMWORD [rdx+rax*SIZEOF_JSAMPLE]  ; xmm3=(OPQRSTUV)
-
-    punpcklbw   xmm0, xmm6              ; xmm0=(01234567)
-    punpcklbw   xmm1, xmm6              ; xmm1=(89ABCDEF)
-    paddw       xmm0, xmm7
-    paddw       xmm1, xmm7
-    punpcklbw   xmm2, xmm6              ; xmm2=(GHIJKLMN)
-    punpcklbw   xmm3, xmm6              ; xmm3=(OPQRSTUV)
-    paddw       xmm2, xmm7
-    paddw       xmm3, xmm7
-
-    movdqa      XMMWORD [XMMBLOCK(0,0,rdi,SIZEOF_DCTELEM)], xmm0
-    movdqa      XMMWORD [XMMBLOCK(1,0,rdi,SIZEOF_DCTELEM)], xmm1
-    movdqa      XMMWORD [XMMBLOCK(2,0,rdi,SIZEOF_DCTELEM)], xmm2
-    movdqa      XMMWORD [XMMBLOCK(3,0,rdi,SIZEOF_DCTELEM)], xmm3
-
-    add         rsi, byte 4*SIZEOF_JSAMPROW
-    add         rdi, byte 4*DCTSIZE*SIZEOF_DCTELEM
-    dec         rcx
-    jnz         short .convloop
-
-    pop         rbx
-    uncollect_args 3
-    pop         rbp
-    ret
-
-; --------------------------------------------------------------------------
-;
-; Quantize/descale the coefficients, and store into coef_block
-;
-; This implementation is based on an algorithm described in
-;   "How to optimize for the Pentium family of microprocessors"
-;   (http://www.agner.org/assem/).
-;
-; GLOBAL(void)
-; jsimd_quantize_sse2(JCOEFPTR coef_block, DCTELEM *divisors,
-;                     DCTELEM *workspace);
-;
-
-%define RECIPROCAL(m, n, b) \
-  XMMBLOCK(DCTSIZE * 0 + (m), (n), (b), SIZEOF_DCTELEM)
-%define CORRECTION(m, n, b) \
-  XMMBLOCK(DCTSIZE * 1 + (m), (n), (b), SIZEOF_DCTELEM)
-%define SCALE(m, n, b) \
-  XMMBLOCK(DCTSIZE * 2 + (m), (n), (b), SIZEOF_DCTELEM)
-
-; r10 = JCOEFPTR coef_block
-; r11 = DCTELEM *divisors
-; r12 = DCTELEM *workspace
-
-    align       32
-    GLOBAL_FUNCTION(jsimd_quantize_sse2)
-
-EXTN(jsimd_quantize_sse2):
-    push        rbp
-    mov         rax, rsp
-    mov         rbp, rsp
-    collect_args 3
-
-    mov         rsi, r12
-    mov         rdx, r11
-    mov         rdi, r10
-    mov         rax, DCTSIZE2/32
-.quantloop:
-    movdqa      xmm4, XMMWORD [XMMBLOCK(0,0,rsi,SIZEOF_DCTELEM)]
-    movdqa      xmm5, XMMWORD [XMMBLOCK(1,0,rsi,SIZEOF_DCTELEM)]
-    movdqa      xmm6, XMMWORD [XMMBLOCK(2,0,rsi,SIZEOF_DCTELEM)]
-    movdqa      xmm7, XMMWORD [XMMBLOCK(3,0,rsi,SIZEOF_DCTELEM)]
-    movdqa      xmm0, xmm4
-    movdqa      xmm1, xmm5
-    movdqa      xmm2, xmm6
-    movdqa      xmm3, xmm7
-    psraw       xmm4, (WORD_BIT-1)
-    psraw       xmm5, (WORD_BIT-1)
-    psraw       xmm6, (WORD_BIT-1)
-    psraw       xmm7, (WORD_BIT-1)
-    pxor        xmm0, xmm4
-    pxor        xmm1, xmm5
-    pxor        xmm2, xmm6
-    pxor        xmm3, xmm7
-    psubw       xmm0, xmm4              ; if (xmm0 < 0) xmm0 = -xmm0;
-    psubw       xmm1, xmm5              ; if (xmm1 < 0) xmm1 = -xmm1;
-    psubw       xmm2, xmm6              ; if (xmm2 < 0) xmm2 = -xmm2;
-    psubw       xmm3, xmm7              ; if (xmm3 < 0) xmm3 = -xmm3;
-
-    paddw       xmm0, XMMWORD [CORRECTION(0,0,rdx)]  ; correction + roundfactor
-    paddw       xmm1, XMMWORD [CORRECTION(1,0,rdx)]
-    paddw       xmm2, XMMWORD [CORRECTION(2,0,rdx)]
-    paddw       xmm3, XMMWORD [CORRECTION(3,0,rdx)]
-    pmulhuw     xmm0, XMMWORD [RECIPROCAL(0,0,rdx)]  ; reciprocal
-    pmulhuw     xmm1, XMMWORD [RECIPROCAL(1,0,rdx)]
-    pmulhuw     xmm2, XMMWORD [RECIPROCAL(2,0,rdx)]
-    pmulhuw     xmm3, XMMWORD [RECIPROCAL(3,0,rdx)]
-    pmulhuw     xmm0, XMMWORD [SCALE(0,0,rdx)]       ; scale
-    pmulhuw     xmm1, XMMWORD [SCALE(1,0,rdx)]
-    pmulhuw     xmm2, XMMWORD [SCALE(2,0,rdx)]
-    pmulhuw     xmm3, XMMWORD [SCALE(3,0,rdx)]
-
-    pxor        xmm0, xmm4
-    pxor        xmm1, xmm5
-    pxor        xmm2, xmm6
-    pxor        xmm3, xmm7
-    psubw       xmm0, xmm4
-    psubw       xmm1, xmm5
-    psubw       xmm2, xmm6
-    psubw       xmm3, xmm7
-    movdqa      XMMWORD [XMMBLOCK(0,0,rdi,SIZEOF_DCTELEM)], xmm0
-    movdqa      XMMWORD [XMMBLOCK(1,0,rdi,SIZEOF_DCTELEM)], xmm1
-    movdqa      XMMWORD [XMMBLOCK(2,0,rdi,SIZEOF_DCTELEM)], xmm2
-    movdqa      XMMWORD [XMMBLOCK(3,0,rdi,SIZEOF_DCTELEM)], xmm3
-
-    add         rsi, byte 32*SIZEOF_DCTELEM
-    add         rdx, byte 32*SIZEOF_DCTELEM
-    add         rdi, byte 32*SIZEOF_JCOEF
-    dec         rax
-    jnz         near .quantloop
-
-    uncollect_args 3
-    pop         rbp
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jsimd.c b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jsimd.c
deleted file mode 100644
index eb76679..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jsimd.c
+++ /dev/null
@@ -1,1072 +0,0 @@
-/*
- * jsimd_x86_64.c
- *
- * Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
- * Copyright (C) 2009-2011, 2014, 2016, 2018, D. R. Commander.
- * Copyright (C) 2015-2016, 2018, Matthieu Darbois.
- *
- * Based on the x86 SIMD extension for IJG JPEG library,
- * Copyright (C) 1999-2006, MIYASAKA Masaru.
- * For conditions of distribution and use, see copyright notice in jsimdext.inc
- *
- * This file contains the interface between the "normal" portions
- * of the library and the SIMD implementations when running on a
- * 64-bit x86 architecture.
- */
-
-#define JPEG_INTERNALS
-#include "../../jinclude.h"
-#include "../../jpeglib.h"
-#include "../../jsimd.h"
-#include "../../jdct.h"
-#include "../../jsimddct.h"
-#include "../jsimd.h"
-#include "jconfigint.h"
-
-/*
- * In the PIC cases, we have no guarantee that constants will keep
- * their alignment. This macro allows us to verify it at runtime.
- */
-#define IS_ALIGNED(ptr, order)  (((size_t)ptr & ((1 << order) - 1)) == 0)
-
-#define IS_ALIGNED_SSE(ptr)  (IS_ALIGNED(ptr, 4)) /* 16 byte alignment */
-#define IS_ALIGNED_AVX(ptr)  (IS_ALIGNED(ptr, 5)) /* 32 byte alignment */
-
-static unsigned int simd_support = (unsigned int)(~0);
-static unsigned int simd_huffman = 1;
-
-/*
- * Check what SIMD accelerations are supported.
- *
- * FIXME: This code is racy under a multi-threaded environment.
- */
-LOCAL(void)
-init_simd(void)
-{
-#ifndef NO_GETENV
-  char *env = NULL;
-#endif
-
-  if (simd_support != ~0U)
-    return;
-
-  simd_support = jpeg_simd_cpu_support();
-
-#ifndef NO_GETENV
-  /* Force different settings through environment variables */
-  env = getenv("JSIMD_FORCESSE2");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_support &= JSIMD_SSE2;
-  env = getenv("JSIMD_FORCEAVX2");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_support &= JSIMD_AVX2;
-  env = getenv("JSIMD_FORCENONE");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_support = 0;
-  env = getenv("JSIMD_NOHUFFENC");
-  if ((env != NULL) && (strcmp(env, "1") == 0))
-    simd_huffman = 0;
-#endif
-}
-
-GLOBAL(int)
-jsimd_can_rgb_ycc(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if ((simd_support & JSIMD_AVX2) &&
-      IS_ALIGNED_AVX(jconst_rgb_ycc_convert_avx2))
-    return 1;
-  if ((simd_support & JSIMD_SSE2) &&
-      IS_ALIGNED_SSE(jconst_rgb_ycc_convert_sse2))
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_rgb_gray(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if ((simd_support & JSIMD_AVX2) &&
-      IS_ALIGNED_AVX(jconst_rgb_gray_convert_avx2))
-    return 1;
-  if ((simd_support & JSIMD_SSE2) &&
-      IS_ALIGNED_SSE(jconst_rgb_gray_convert_sse2))
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_ycc_rgb(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if ((RGB_PIXELSIZE != 3) && (RGB_PIXELSIZE != 4))
-    return 0;
-
-  if ((simd_support & JSIMD_AVX2) &&
-      IS_ALIGNED_AVX(jconst_ycc_rgb_convert_avx2))
-    return 1;
-  if ((simd_support & JSIMD_SSE2) &&
-      IS_ALIGNED_SSE(jconst_ycc_rgb_convert_sse2))
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_ycc_rgb565(void)
-{
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_rgb_ycc_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                      JSAMPIMAGE output_buf, JDIMENSION output_row,
-                      int num_rows)
-{
-  void (*avx2fct) (JDIMENSION, JSAMPARRAY, JSAMPIMAGE, JDIMENSION, int);
-  void (*sse2fct) (JDIMENSION, JSAMPARRAY, JSAMPIMAGE, JDIMENSION, int);
-
-  switch (cinfo->in_color_space) {
-  case JCS_EXT_RGB:
-    avx2fct = jsimd_extrgb_ycc_convert_avx2;
-    sse2fct = jsimd_extrgb_ycc_convert_sse2;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    avx2fct = jsimd_extrgbx_ycc_convert_avx2;
-    sse2fct = jsimd_extrgbx_ycc_convert_sse2;
-    break;
-  case JCS_EXT_BGR:
-    avx2fct = jsimd_extbgr_ycc_convert_avx2;
-    sse2fct = jsimd_extbgr_ycc_convert_sse2;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    avx2fct = jsimd_extbgrx_ycc_convert_avx2;
-    sse2fct = jsimd_extbgrx_ycc_convert_sse2;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    avx2fct = jsimd_extxbgr_ycc_convert_avx2;
-    sse2fct = jsimd_extxbgr_ycc_convert_sse2;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    avx2fct = jsimd_extxrgb_ycc_convert_avx2;
-    sse2fct = jsimd_extxrgb_ycc_convert_sse2;
-    break;
-  default:
-    avx2fct = jsimd_rgb_ycc_convert_avx2;
-    sse2fct = jsimd_rgb_ycc_convert_sse2;
-    break;
-  }
-
-  if (simd_support & JSIMD_AVX2)
-    avx2fct(cinfo->image_width, input_buf, output_buf, output_row, num_rows);
-  else
-    sse2fct(cinfo->image_width, input_buf, output_buf, output_row, num_rows);
-}
-
-GLOBAL(void)
-jsimd_rgb_gray_convert(j_compress_ptr cinfo, JSAMPARRAY input_buf,
-                       JSAMPIMAGE output_buf, JDIMENSION output_row,
-                       int num_rows)
-{
-  void (*avx2fct) (JDIMENSION, JSAMPARRAY, JSAMPIMAGE, JDIMENSION, int);
-  void (*sse2fct) (JDIMENSION, JSAMPARRAY, JSAMPIMAGE, JDIMENSION, int);
-
-  switch (cinfo->in_color_space) {
-  case JCS_EXT_RGB:
-    avx2fct = jsimd_extrgb_gray_convert_avx2;
-    sse2fct = jsimd_extrgb_gray_convert_sse2;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    avx2fct = jsimd_extrgbx_gray_convert_avx2;
-    sse2fct = jsimd_extrgbx_gray_convert_sse2;
-    break;
-  case JCS_EXT_BGR:
-    avx2fct = jsimd_extbgr_gray_convert_avx2;
-    sse2fct = jsimd_extbgr_gray_convert_sse2;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    avx2fct = jsimd_extbgrx_gray_convert_avx2;
-    sse2fct = jsimd_extbgrx_gray_convert_sse2;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    avx2fct = jsimd_extxbgr_gray_convert_avx2;
-    sse2fct = jsimd_extxbgr_gray_convert_sse2;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    avx2fct = jsimd_extxrgb_gray_convert_avx2;
-    sse2fct = jsimd_extxrgb_gray_convert_sse2;
-    break;
-  default:
-    avx2fct = jsimd_rgb_gray_convert_avx2;
-    sse2fct = jsimd_rgb_gray_convert_sse2;
-    break;
-  }
-
-  if (simd_support & JSIMD_AVX2)
-    avx2fct(cinfo->image_width, input_buf, output_buf, output_row, num_rows);
-  else
-    sse2fct(cinfo->image_width, input_buf, output_buf, output_row, num_rows);
-}
-
-GLOBAL(void)
-jsimd_ycc_rgb_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                      JDIMENSION input_row, JSAMPARRAY output_buf,
-                      int num_rows)
-{
-  void (*avx2fct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY, int);
-  void (*sse2fct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY, int);
-
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    avx2fct = jsimd_ycc_extrgb_convert_avx2;
-    sse2fct = jsimd_ycc_extrgb_convert_sse2;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    avx2fct = jsimd_ycc_extrgbx_convert_avx2;
-    sse2fct = jsimd_ycc_extrgbx_convert_sse2;
-    break;
-  case JCS_EXT_BGR:
-    avx2fct = jsimd_ycc_extbgr_convert_avx2;
-    sse2fct = jsimd_ycc_extbgr_convert_sse2;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    avx2fct = jsimd_ycc_extbgrx_convert_avx2;
-    sse2fct = jsimd_ycc_extbgrx_convert_sse2;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    avx2fct = jsimd_ycc_extxbgr_convert_avx2;
-    sse2fct = jsimd_ycc_extxbgr_convert_sse2;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    avx2fct = jsimd_ycc_extxrgb_convert_avx2;
-    sse2fct = jsimd_ycc_extxrgb_convert_sse2;
-    break;
-  default:
-    avx2fct = jsimd_ycc_rgb_convert_avx2;
-    sse2fct = jsimd_ycc_rgb_convert_sse2;
-    break;
-  }
-
-  if (simd_support & JSIMD_AVX2)
-    avx2fct(cinfo->output_width, input_buf, input_row, output_buf, num_rows);
-  else
-    sse2fct(cinfo->output_width, input_buf, input_row, output_buf, num_rows);
-}
-
-GLOBAL(void)
-jsimd_ycc_rgb565_convert(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                         JDIMENSION input_row, JSAMPARRAY output_buf,
-                         int num_rows)
-{
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_downsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_AVX2)
-    return 1;
-  if (simd_support & JSIMD_SSE2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_downsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_AVX2)
-    return 1;
-  if (simd_support & JSIMD_SSE2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                      JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  if (simd_support & JSIMD_AVX2)
-    jsimd_h2v2_downsample_avx2(cinfo->image_width, cinfo->max_v_samp_factor,
-                               compptr->v_samp_factor,
-                               compptr->width_in_blocks, input_data,
-                               output_data);
-  else
-    jsimd_h2v2_downsample_sse2(cinfo->image_width, cinfo->max_v_samp_factor,
-                               compptr->v_samp_factor,
-                               compptr->width_in_blocks, input_data,
-                               output_data);
-}
-
-GLOBAL(void)
-jsimd_h2v1_downsample(j_compress_ptr cinfo, jpeg_component_info *compptr,
-                      JSAMPARRAY input_data, JSAMPARRAY output_data)
-{
-  if (simd_support & JSIMD_AVX2)
-    jsimd_h2v1_downsample_avx2(cinfo->image_width, cinfo->max_v_samp_factor,
-                               compptr->v_samp_factor,
-                               compptr->width_in_blocks, input_data,
-                               output_data);
-  else
-    jsimd_h2v1_downsample_sse2(cinfo->image_width, cinfo->max_v_samp_factor,
-                               compptr->v_samp_factor,
-                               compptr->width_in_blocks, input_data,
-                               output_data);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_AVX2)
-    return 1;
-  if (simd_support & JSIMD_SSE2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_AVX2)
-    return 1;
-  if (simd_support & JSIMD_SSE2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                    JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  if (simd_support & JSIMD_AVX2)
-    jsimd_h2v2_upsample_avx2(cinfo->max_v_samp_factor, cinfo->output_width,
-                             input_data, output_data_ptr);
-  else
-    jsimd_h2v2_upsample_sse2(cinfo->max_v_samp_factor, cinfo->output_width,
-                             input_data, output_data_ptr);
-}
-
-GLOBAL(void)
-jsimd_h2v1_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                    JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  if (simd_support & JSIMD_AVX2)
-    jsimd_h2v1_upsample_avx2(cinfo->max_v_samp_factor, cinfo->output_width,
-                             input_data, output_data_ptr);
-  else
-    jsimd_h2v1_upsample_sse2(cinfo->max_v_samp_factor, cinfo->output_width,
-                             input_data, output_data_ptr);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_fancy_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if ((simd_support & JSIMD_AVX2) &&
-      IS_ALIGNED_AVX(jconst_fancy_upsample_avx2))
-    return 1;
-  if ((simd_support & JSIMD_SSE2) &&
-      IS_ALIGNED_SSE(jconst_fancy_upsample_sse2))
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_fancy_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if ((simd_support & JSIMD_AVX2) &&
-      IS_ALIGNED_AVX(jconst_fancy_upsample_avx2))
-    return 1;
-  if ((simd_support & JSIMD_SSE2) &&
-      IS_ALIGNED_SSE(jconst_fancy_upsample_sse2))
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  if (simd_support & JSIMD_AVX2)
-    jsimd_h2v2_fancy_upsample_avx2(cinfo->max_v_samp_factor,
-                                   compptr->downsampled_width, input_data,
-                                   output_data_ptr);
-  else
-    jsimd_h2v2_fancy_upsample_sse2(cinfo->max_v_samp_factor,
-                                   compptr->downsampled_width, input_data,
-                                   output_data_ptr);
-}
-
-GLOBAL(void)
-jsimd_h2v1_fancy_upsample(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                          JSAMPARRAY input_data, JSAMPARRAY *output_data_ptr)
-{
-  if (simd_support & JSIMD_AVX2)
-    jsimd_h2v1_fancy_upsample_avx2(cinfo->max_v_samp_factor,
-                                   compptr->downsampled_width, input_data,
-                                   output_data_ptr);
-  else
-    jsimd_h2v1_fancy_upsample_sse2(cinfo->max_v_samp_factor,
-                                   compptr->downsampled_width, input_data,
-                                   output_data_ptr);
-}
-
-GLOBAL(int)
-jsimd_can_h2v2_merged_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if ((simd_support & JSIMD_AVX2) &&
-      IS_ALIGNED_AVX(jconst_merged_upsample_avx2))
-    return 1;
-  if ((simd_support & JSIMD_SSE2) &&
-      IS_ALIGNED_SSE(jconst_merged_upsample_sse2))
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_h2v1_merged_upsample(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-
-  if ((simd_support & JSIMD_AVX2) &&
-      IS_ALIGNED_AVX(jconst_merged_upsample_avx2))
-    return 1;
-  if ((simd_support & JSIMD_SSE2) &&
-      IS_ALIGNED_SSE(jconst_merged_upsample_sse2))
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_h2v2_merged_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                           JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-  void (*avx2fct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY);
-  void (*sse2fct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY);
-
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    avx2fct = jsimd_h2v2_extrgb_merged_upsample_avx2;
-    sse2fct = jsimd_h2v2_extrgb_merged_upsample_sse2;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    avx2fct = jsimd_h2v2_extrgbx_merged_upsample_avx2;
-    sse2fct = jsimd_h2v2_extrgbx_merged_upsample_sse2;
-    break;
-  case JCS_EXT_BGR:
-    avx2fct = jsimd_h2v2_extbgr_merged_upsample_avx2;
-    sse2fct = jsimd_h2v2_extbgr_merged_upsample_sse2;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    avx2fct = jsimd_h2v2_extbgrx_merged_upsample_avx2;
-    sse2fct = jsimd_h2v2_extbgrx_merged_upsample_sse2;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    avx2fct = jsimd_h2v2_extxbgr_merged_upsample_avx2;
-    sse2fct = jsimd_h2v2_extxbgr_merged_upsample_sse2;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    avx2fct = jsimd_h2v2_extxrgb_merged_upsample_avx2;
-    sse2fct = jsimd_h2v2_extxrgb_merged_upsample_sse2;
-    break;
-  default:
-    avx2fct = jsimd_h2v2_merged_upsample_avx2;
-    sse2fct = jsimd_h2v2_merged_upsample_sse2;
-    break;
-  }
-
-  if (simd_support & JSIMD_AVX2)
-    avx2fct(cinfo->output_width, input_buf, in_row_group_ctr, output_buf);
-  else
-    sse2fct(cinfo->output_width, input_buf, in_row_group_ctr, output_buf);
-}
-
-GLOBAL(void)
-jsimd_h2v1_merged_upsample(j_decompress_ptr cinfo, JSAMPIMAGE input_buf,
-                           JDIMENSION in_row_group_ctr, JSAMPARRAY output_buf)
-{
-  void (*avx2fct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY);
-  void (*sse2fct) (JDIMENSION, JSAMPIMAGE, JDIMENSION, JSAMPARRAY);
-
-  switch (cinfo->out_color_space) {
-  case JCS_EXT_RGB:
-    avx2fct = jsimd_h2v1_extrgb_merged_upsample_avx2;
-    sse2fct = jsimd_h2v1_extrgb_merged_upsample_sse2;
-    break;
-  case JCS_EXT_RGBX:
-  case JCS_EXT_RGBA:
-    avx2fct = jsimd_h2v1_extrgbx_merged_upsample_avx2;
-    sse2fct = jsimd_h2v1_extrgbx_merged_upsample_sse2;
-    break;
-  case JCS_EXT_BGR:
-    avx2fct = jsimd_h2v1_extbgr_merged_upsample_avx2;
-    sse2fct = jsimd_h2v1_extbgr_merged_upsample_sse2;
-    break;
-  case JCS_EXT_BGRX:
-  case JCS_EXT_BGRA:
-    avx2fct = jsimd_h2v1_extbgrx_merged_upsample_avx2;
-    sse2fct = jsimd_h2v1_extbgrx_merged_upsample_sse2;
-    break;
-  case JCS_EXT_XBGR:
-  case JCS_EXT_ABGR:
-    avx2fct = jsimd_h2v1_extxbgr_merged_upsample_avx2;
-    sse2fct = jsimd_h2v1_extxbgr_merged_upsample_sse2;
-    break;
-  case JCS_EXT_XRGB:
-  case JCS_EXT_ARGB:
-    avx2fct = jsimd_h2v1_extxrgb_merged_upsample_avx2;
-    sse2fct = jsimd_h2v1_extxrgb_merged_upsample_sse2;
-    break;
-  default:
-    avx2fct = jsimd_h2v1_merged_upsample_avx2;
-    sse2fct = jsimd_h2v1_merged_upsample_sse2;
-    break;
-  }
-
-  if (simd_support & JSIMD_AVX2)
-    avx2fct(cinfo->output_width, input_buf, in_row_group_ctr, output_buf);
-  else
-    sse2fct(cinfo->output_width, input_buf, in_row_group_ctr, output_buf);
-}
-
-GLOBAL(int)
-jsimd_can_convsamp(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_AVX2)
-    return 1;
-  if (simd_support & JSIMD_SSE2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_convsamp_float(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(FAST_FLOAT) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_SSE2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_convsamp(JSAMPARRAY sample_data, JDIMENSION start_col,
-               DCTELEM *workspace)
-{
-  if (simd_support & JSIMD_AVX2)
-    jsimd_convsamp_avx2(sample_data, start_col, workspace);
-  else
-    jsimd_convsamp_sse2(sample_data, start_col, workspace);
-}
-
-GLOBAL(void)
-jsimd_convsamp_float(JSAMPARRAY sample_data, JDIMENSION start_col,
-                     FAST_FLOAT *workspace)
-{
-  jsimd_convsamp_float_sse2(sample_data, start_col, workspace);
-}
-
-GLOBAL(int)
-jsimd_can_fdct_islow(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if ((simd_support & JSIMD_AVX2) && IS_ALIGNED_AVX(jconst_fdct_islow_avx2))
-    return 1;
-  if ((simd_support & JSIMD_SSE2) && IS_ALIGNED_SSE(jconst_fdct_islow_sse2))
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_fdct_ifast(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if ((simd_support & JSIMD_SSE2) && IS_ALIGNED_SSE(jconst_fdct_ifast_sse2))
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_fdct_float(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(FAST_FLOAT) != 4)
-    return 0;
-
-  if ((simd_support & JSIMD_SSE) && IS_ALIGNED_SSE(jconst_fdct_float_sse))
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_fdct_islow(DCTELEM *data)
-{
-  if (simd_support & JSIMD_AVX2)
-    jsimd_fdct_islow_avx2(data);
-  else
-    jsimd_fdct_islow_sse2(data);
-}
-
-GLOBAL(void)
-jsimd_fdct_ifast(DCTELEM *data)
-{
-  jsimd_fdct_ifast_sse2(data);
-}
-
-GLOBAL(void)
-jsimd_fdct_float(FAST_FLOAT *data)
-{
-  jsimd_fdct_float_sse(data);
-}
-
-GLOBAL(int)
-jsimd_can_quantize(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (sizeof(DCTELEM) != 2)
-    return 0;
-
-  if (simd_support & JSIMD_AVX2)
-    return 1;
-  if (simd_support & JSIMD_SSE2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_quantize_float(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (sizeof(FAST_FLOAT) != 4)
-    return 0;
-
-  if (simd_support & JSIMD_SSE2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_quantize(JCOEFPTR coef_block, DCTELEM *divisors, DCTELEM *workspace)
-{
-  if (simd_support & JSIMD_AVX2)
-    jsimd_quantize_avx2(coef_block, divisors, workspace);
-  else
-    jsimd_quantize_sse2(coef_block, divisors, workspace);
-}
-
-GLOBAL(void)
-jsimd_quantize_float(JCOEFPTR coef_block, FAST_FLOAT *divisors,
-                     FAST_FLOAT *workspace)
-{
-  jsimd_quantize_float_sse2(coef_block, divisors, workspace);
-}
-
-GLOBAL(int)
-jsimd_can_idct_2x2(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(ISLOW_MULT_TYPE) != 2)
-    return 0;
-
-  if ((simd_support & JSIMD_SSE2) && IS_ALIGNED_SSE(jconst_idct_red_sse2))
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_4x4(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(ISLOW_MULT_TYPE) != 2)
-    return 0;
-
-  if ((simd_support & JSIMD_SSE2) && IS_ALIGNED_SSE(jconst_idct_red_sse2))
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_idct_2x2(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-               JCOEFPTR coef_block, JSAMPARRAY output_buf,
-               JDIMENSION output_col)
-{
-  jsimd_idct_2x2_sse2(compptr->dct_table, coef_block, output_buf, output_col);
-}
-
-GLOBAL(void)
-jsimd_idct_4x4(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-               JCOEFPTR coef_block, JSAMPARRAY output_buf,
-               JDIMENSION output_col)
-{
-  jsimd_idct_4x4_sse2(compptr->dct_table, coef_block, output_buf, output_col);
-}
-
-GLOBAL(int)
-jsimd_can_idct_islow(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(ISLOW_MULT_TYPE) != 2)
-    return 0;
-
-  if ((simd_support & JSIMD_AVX2) && IS_ALIGNED_AVX(jconst_idct_islow_avx2))
-    return 1;
-  if ((simd_support & JSIMD_SSE2) && IS_ALIGNED_SSE(jconst_idct_islow_sse2))
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_ifast(void)
-{
-  init_simd();
-
-  /* The code is optimised for these values only */
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(IFAST_MULT_TYPE) != 2)
-    return 0;
-  if (IFAST_SCALE_BITS != 2)
-    return 0;
-
-  if ((simd_support & JSIMD_SSE2) && IS_ALIGNED_SSE(jconst_idct_ifast_sse2))
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_can_idct_float(void)
-{
-  init_simd();
-
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (BITS_IN_JSAMPLE != 8)
-    return 0;
-  if (sizeof(JDIMENSION) != 4)
-    return 0;
-  if (sizeof(FAST_FLOAT) != 4)
-    return 0;
-  if (sizeof(FLOAT_MULT_TYPE) != 4)
-    return 0;
-
-  if ((simd_support & JSIMD_SSE2) && IS_ALIGNED_SSE(jconst_idct_float_sse2))
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_idct_islow(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-  if (simd_support & JSIMD_AVX2)
-    jsimd_idct_islow_avx2(compptr->dct_table, coef_block, output_buf,
-                          output_col);
-  else
-    jsimd_idct_islow_sse2(compptr->dct_table, coef_block, output_buf,
-                          output_col);
-}
-
-GLOBAL(void)
-jsimd_idct_ifast(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-  jsimd_idct_ifast_sse2(compptr->dct_table, coef_block, output_buf,
-                        output_col);
-}
-
-GLOBAL(void)
-jsimd_idct_float(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-                 JCOEFPTR coef_block, JSAMPARRAY output_buf,
-                 JDIMENSION output_col)
-{
-  jsimd_idct_float_sse2(compptr->dct_table, coef_block, output_buf,
-                        output_col);
-}
-
-GLOBAL(int)
-jsimd_can_huff_encode_one_block(void)
-{
-  init_simd();
-
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-
-  if ((simd_support & JSIMD_SSE2) && simd_huffman &&
-      IS_ALIGNED_SSE(jconst_huff_encode_one_block))
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(JOCTET *)
-jsimd_huff_encode_one_block(void *state, JOCTET *buffer, JCOEFPTR block,
-                            int last_dc_val, c_derived_tbl *dctbl,
-                            c_derived_tbl *actbl)
-{
-  return jsimd_huff_encode_one_block_sse2(state, buffer, block, last_dc_val,
-                                          dctbl, actbl);
-}
-
-GLOBAL(int)
-jsimd_can_encode_mcu_AC_first_prepare(void)
-{
-  init_simd();
-
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (simd_support & JSIMD_SSE2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(void)
-jsimd_encode_mcu_AC_first_prepare(const JCOEF *block,
-                                  const int *jpeg_natural_order_start, int Sl,
-                                  int Al, JCOEF *values, size_t *zerobits)
-{
-  jsimd_encode_mcu_AC_first_prepare_sse2(block, jpeg_natural_order_start,
-                                         Sl, Al, values, zerobits);
-}
-
-GLOBAL(int)
-jsimd_can_encode_mcu_AC_refine_prepare(void)
-{
-  init_simd();
-
-  if (DCTSIZE != 8)
-    return 0;
-  if (sizeof(JCOEF) != 2)
-    return 0;
-  if (simd_support & JSIMD_SSE2)
-    return 1;
-
-  return 0;
-}
-
-GLOBAL(int)
-jsimd_encode_mcu_AC_refine_prepare(const JCOEF *block,
-                                   const int *jpeg_natural_order_start, int Sl,
-                                   int Al, JCOEF *absvalues, size_t *bits)
-{
-  return jsimd_encode_mcu_AC_refine_prepare_sse2(block,
-                                                 jpeg_natural_order_start,
-                                                 Sl, Al, absvalues, bits);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jsimdcpu.asm b/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jsimdcpu.asm
deleted file mode 100644
index 705f813..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/simd/x86_64/jsimdcpu.asm
+++ /dev/null
@@ -1,86 +0,0 @@
-;
-; jsimdcpu.asm - SIMD instruction support check
-;
-; Copyright 2009 Pierre Ossman <ossman@cendio.se> for Cendio AB
-; Copyright (C) 2016, D. R. Commander.
-;
-; Based on
-; x86 SIMD extension for IJG JPEG library
-; Copyright (C) 1999-2006, MIYASAKA Masaru.
-; For conditions of distribution and use, see copyright notice in jsimdext.inc
-;
-; This file should be assembled with NASM (Netwide Assembler),
-; can *not* be assembled with Microsoft's MASM or any compatible
-; assembler (including Borland's Turbo Assembler).
-; NASM is available from http://nasm.sourceforge.net/ or
-; http://sourceforge.net/project/showfiles.php?group_id=6208
-
-%include "jsimdext.inc"
-
-; --------------------------------------------------------------------------
-    SECTION     SEG_TEXT
-    BITS        64
-;
-; Check if the CPU supports SIMD instructions
-;
-; GLOBAL(unsigned int)
-; jpeg_simd_cpu_support(void)
-;
-
-    align       32
-    GLOBAL_FUNCTION(jpeg_simd_cpu_support)
-
-EXTN(jpeg_simd_cpu_support):
-    push        rbx
-    push        rdi
-
-    xor         rdi, rdi                ; simd support flag
-
-    ; Assume that all x86-64 processors support SSE & SSE2 instructions
-    or          rdi, JSIMD_SSE2
-    or          rdi, JSIMD_SSE
-
-    ; Check whether CPUID leaf 07H is supported
-    ; (leaf 07H is used to check for AVX2 instruction support)
-    mov         rax, 0
-    cpuid
-    cmp         rax, 7
-    jl          short .return           ; Maximum leaf < 07H
-
-    ; Check for AVX2 instruction support
-    mov         rax, 7
-    xor         rcx, rcx
-    cpuid
-    mov         rax, rbx                ; rax = Extended feature flags
-
-    test        rax, 1<<5               ; bit5:AVX2
-    jz          short .return
-
-    ; Check for AVX2 O/S support
-    mov         rax, 1
-    xor         rcx, rcx
-    cpuid
-    test        rcx, 1<<27
-    jz          short .return           ; O/S does not support XSAVE
-    test        rcx, 1<<28
-    jz          short .return           ; CPU does not support AVX2
-
-    xor         rcx, rcx
-    xgetbv
-    and         rax, 6
-    cmp         rax, 6                  ; O/S does not manage XMM/YMM state
-                                        ; using XSAVE
-    jnz         short .return
-
-    or          rdi, JSIMD_AVX2
-
-.return:
-    mov         rax, rdi
-
-    pop         rdi
-    pop         rbx
-    ret
-
-; For some reason, the OS X linker does not honor the request to align the
-; segment unless we do this.
-    align       32
diff --git a/3rdparty/libjpeg-turbo_2_1_0/structure.txt b/3rdparty/libjpeg-turbo_2_1_0/structure.txt
deleted file mode 100644
index 15b8d37..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/structure.txt
+++ /dev/null
@@ -1,900 +0,0 @@
-IJG JPEG LIBRARY:  SYSTEM ARCHITECTURE
-
-This file was part of the Independent JPEG Group's software:
-Copyright (C) 1991-2012, Thomas G. Lane, Guido Vollbeding.
-It was modified by The libjpeg-turbo Project to include only information
-relevant to libjpeg-turbo.
-For conditions of distribution and use, see the accompanying README.ijg file.
-
-
-This file provides an overview of the architecture of the IJG JPEG software;
-that is, the functions of the various modules in the system and the interfaces
-between modules.  For more precise details about any data structure or calling
-convention, see the include files and comments in the source code.
-
-We assume that the reader is already somewhat familiar with the JPEG standard.
-The README.ijg file includes references for learning about JPEG.  The file
-libjpeg.txt describes the library from the viewpoint of an application
-programmer using the library; it's best to read that file before this one.
-Also, the file coderules.txt describes the coding style conventions we use.
-
-In this document, JPEG-specific terminology follows the JPEG standard:
-  A "component" means a color channel, e.g., Red or Luminance.
-  A "sample" is a single component value (i.e., one number in the image data).
-  A "coefficient" is a frequency coefficient (a DCT transform output number).
-  A "block" is an 8x8 group of samples or coefficients.
-  An "MCU" (minimum coded unit) is an interleaved set of blocks of size
-        determined by the sampling factors, or a single block in a
-        noninterleaved scan.
-We do not use the terms "pixel" and "sample" interchangeably.  When we say
-pixel, we mean an element of the full-size image, while a sample is an element
-of the downsampled image.  Thus the number of samples may vary across
-components while the number of pixels does not.  (This terminology is not used
-rigorously throughout the code, but it is used in places where confusion would
-otherwise result.)
-
-
-*** System features ***
-
-The IJG distribution contains two parts:
-  * A subroutine library for JPEG compression and decompression.
-  * cjpeg/djpeg, two sample applications that use the library to transform
-    JFIF JPEG files to and from several other image formats.
-cjpeg/djpeg are of no great intellectual complexity: they merely add a simple
-command-line user interface and I/O routines for several uncompressed image
-formats.  This document concentrates on the library itself.
-
-We desire the library to be capable of supporting all JPEG baseline, extended
-sequential, and progressive DCT processes.  Hierarchical processes are not
-supported.
-
-The library does not support the lossless (spatial) JPEG process.  Lossless
-JPEG shares little or no code with lossy JPEG, and would normally be used
-without the extensive pre- and post-processing provided by this library.
-We feel that lossless JPEG is better handled by a separate library.
-
-Within these limits, any set of compression parameters allowed by the JPEG
-spec should be readable for decompression.  (We can be more restrictive about
-what formats we can generate.)  Although the system design allows for all
-parameter values, some uncommon settings are not yet implemented and may
-never be; nonintegral sampling ratios are the prime example.  Furthermore,
-we treat 8-bit vs. 12-bit data precision as a compile-time switch, not a
-run-time option, because most machines can store 8-bit pixels much more
-compactly than 12-bit.
-
-By itself, the library handles only interchange JPEG datastreams --- in
-particular the widely used JFIF file format.  The library can be used by
-surrounding code to process interchange or abbreviated JPEG datastreams that
-are embedded in more complex file formats.  (For example, libtiff uses this
-library to implement JPEG compression within the TIFF file format.)
-
-The library includes a substantial amount of code that is not covered by the
-JPEG standard but is necessary for typical applications of JPEG.  These
-functions preprocess the image before JPEG compression or postprocess it after
-decompression.  They include colorspace conversion, downsampling/upsampling,
-and color quantization.  This code can be omitted if not needed.
-
-A wide range of quality vs. speed tradeoffs are possible in JPEG processing,
-and even more so in decompression postprocessing.  The decompression library
-provides multiple implementations that cover most of the useful tradeoffs,
-ranging from very-high-quality down to fast-preview operation.  On the
-compression side we have generally not provided low-quality choices, since
-compression is normally less time-critical.  It should be understood that the
-low-quality modes may not meet the JPEG standard's accuracy requirements;
-nonetheless, they are useful for viewers.
-
-
-*** System overview ***
-
-The compressor and decompressor are each divided into two main sections:
-the JPEG compressor or decompressor proper, and the preprocessing or
-postprocessing functions.  The interface between these two sections is the
-image data that Rec. ITU-T T.81 | ISO/IEC 10918-1 regards as its input or
-output: this data is in the colorspace to be used for compression, and it is
-downsampled to the sampling factors to be used.  The preprocessing and
-postprocessing steps are responsible for converting a normal image
-representation to or from this form.  (Those few applications that want to deal
-with YCbCr downsampled data can skip the preprocessing or postprocessing step.)
-
-Looking more closely, the compressor library contains the following main
-elements:
-
-  Preprocessing:
-    * Color space conversion (e.g., RGB to YCbCr).
-    * Edge expansion and downsampling.  Optionally, this step can do simple
-      smoothing --- this is often helpful for low-quality source data.
-  JPEG proper:
-    * MCU assembly, DCT, quantization.
-    * Entropy coding (sequential or progressive, Huffman or arithmetic).
-
-In addition to these modules we need overall control, marker generation,
-and support code (memory management & error handling).  There is also a
-module responsible for physically writing the output data --- typically
-this is just an interface to fwrite(), but some applications may need to
-do something else with the data.
-
-The decompressor library contains the following main elements:
-
-  JPEG proper:
-    * Entropy decoding (sequential or progressive, Huffman or arithmetic).
-    * Dequantization, inverse DCT, MCU disassembly.
-  Postprocessing:
-    * Upsampling.  Optionally, this step may be able to do more general
-      rescaling of the image.
-    * Color space conversion (e.g., YCbCr to RGB).  This step may also
-      provide gamma adjustment [ currently it does not ].
-    * Optional color quantization (e.g., reduction to 256 colors).
-    * Optional color precision reduction (e.g., 24-bit to 15-bit color).
-      [This feature is not currently implemented.]
-
-We also need overall control, marker parsing, and a data source module.
-The support code (memory management & error handling) can be shared with
-the compression half of the library.
-
-There may be several implementations of each of these elements, particularly
-in the decompressor, where a wide range of speed/quality tradeoffs is very
-useful.  It must be understood that some of the best speedups involve
-merging adjacent steps in the pipeline.  For example, upsampling, color space
-conversion, and color quantization might all be done at once when using a
-low-quality ordered-dither technique.  The system architecture is designed to
-allow such merging where appropriate.
-
-
-Note: it is convenient to regard edge expansion (padding to block boundaries)
-as a preprocessing/postprocessing function, even though
-Rec. ITU-T T.81 | ISO/IEC 10918-1 includes it in compression/decompression.  We
-do this because downsampling/upsampling can be simplified a little if they work
-on padded data: it's not necessary to have special cases at the right and
-bottom edges.  Therefore the interface buffer is always an integral number of
-blocks wide and high, and we expect compression preprocessing to pad the source
-data properly.  Padding will occur only to the next block (8-sample) boundary.
-In an interleaved-scan situation, additional dummy blocks may be used to fill
-out MCUs, but the MCU assembly and disassembly logic will create or discard
-these blocks internally.  (This is advantageous for speed reasons, since we
-avoid DCTing the dummy blocks.  It also permits a small reduction in file size,
-because the compressor can choose dummy block contents so as to minimize their
-size in compressed form.  Finally, it makes the interface buffer specification
-independent of whether the file is actually interleaved or not.)  Applications
-that wish to deal directly with the downsampled data must provide similar
-buffering and padding for odd-sized images.
-
-
-*** Poor man's object-oriented programming ***
-
-It should be clear by now that we have a lot of quasi-independent processing
-steps, many of which have several possible behaviors.  To avoid cluttering the
-code with lots of switch statements, we use a simple form of object-style
-programming to separate out the different possibilities.
-
-For example, two different color quantization algorithms could be implemented
-as two separate modules that present the same external interface; at runtime,
-the calling code will access the proper module indirectly through an "object".
-
-We can get the limited features we need while staying within portable C.
-The basic tool is a function pointer.  An "object" is just a struct
-containing one or more function pointer fields, each of which corresponds to
-a method name in real object-oriented languages.  During initialization we
-fill in the function pointers with references to whichever module we have
-determined we need to use in this run.  Then invocation of the module is done
-by indirecting through a function pointer; on most machines this is no more
-expensive than a switch statement, which would be the only other way of
-making the required run-time choice.  The really significant benefit, of
-course, is keeping the source code clean and well structured.
-
-We can also arrange to have private storage that varies between different
-implementations of the same kind of object.  We do this by making all the
-module-specific object structs be separately allocated entities, which will
-be accessed via pointers in the master compression or decompression struct.
-The "public" fields or methods for a given kind of object are specified by
-a commonly known struct.  But a module's initialization code can allocate
-a larger struct that contains the common struct as its first member, plus
-additional private fields.  With appropriate pointer casting, the module's
-internal functions can access these private fields.  (For a simple example,
-see jdatadst.c, which implements the external interface specified by struct
-jpeg_destination_mgr, but adds extra fields.)
-
-(Of course this would all be a lot easier if we were using C++, but we are
-not yet prepared to assume that everyone has a C++ compiler.)
-
-An important benefit of this scheme is that it is easy to provide multiple
-versions of any method, each tuned to a particular case.  While a lot of
-precalculation might be done to select an optimal implementation of a method,
-the cost per invocation is constant.  For example, the upsampling step might
-have a "generic" method, plus one or more "hardwired" methods for the most
-popular sampling factors; the hardwired methods would be faster because they'd
-use straight-line code instead of for-loops.  The cost to determine which
-method to use is paid only once, at startup, and the selection criteria are
-hidden from the callers of the method.
-
-This plan differs a little bit from usual object-oriented structures, in that
-only one instance of each object class will exist during execution.  The
-reason for having the class structure is that on different runs we may create
-different instances (choose to execute different modules).  You can think of
-the term "method" as denoting the common interface presented by a particular
-set of interchangeable functions, and "object" as denoting a group of related
-methods, or the total shared interface behavior of a group of modules.
-
-
-*** Overall control structure ***
-
-We previously mentioned the need for overall control logic in the compression
-and decompression libraries.  In IJG implementations prior to v5, overall
-control was mostly provided by "pipeline control" modules, which proved to be
-large, unwieldy, and hard to understand.  To improve the situation, the
-control logic has been subdivided into multiple modules.  The control modules
-consist of:
-
-1. Master control for module selection and initialization.  This has two
-responsibilities:
-
-   1A.  Startup initialization at the beginning of image processing.
-        The individual processing modules to be used in this run are selected
-        and given initialization calls.
-
-   1B.  Per-pass control.  This determines how many passes will be performed
-        and calls each active processing module to configure itself
-        appropriately at the beginning of each pass.  End-of-pass processing,
-        where necessary, is also invoked from the master control module.
-
-   Method selection is partially distributed, in that a particular processing
-   module may contain several possible implementations of a particular method,
-   which it will select among when given its initialization call.  The master
-   control code need only be concerned with decisions that affect more than
-   one module.
-
-2. Data buffering control.  A separate control module exists for each
-   inter-processing-step data buffer.  This module is responsible for
-   invoking the processing steps that write or read that data buffer.
-
-Each buffer controller sees the world as follows:
-
-input data => processing step A => buffer => processing step B => output data
-                      |              |               |
-              ------------------ controller ------------------
-
-The controller knows the dataflow requirements of steps A and B: how much data
-they want to accept in one chunk and how much they output in one chunk.  Its
-function is to manage its buffer and call A and B at the proper times.
-
-A data buffer control module may itself be viewed as a processing step by a
-higher-level control module; thus the control modules form a binary tree with
-elementary processing steps at the leaves of the tree.
-
-The control modules are objects.  A considerable amount of flexibility can
-be had by replacing implementations of a control module.  For example:
-* Merging of adjacent steps in the pipeline is done by replacing a control
-  module and its pair of processing-step modules with a single processing-
-  step module.  (Hence the possible merges are determined by the tree of
-  control modules.)
-* In some processing modes, a given interstep buffer need only be a "strip"
-  buffer large enough to accommodate the desired data chunk sizes.  In other
-  modes, a full-image buffer is needed and several passes are required.
-  The control module determines which kind of buffer is used and manipulates
-  virtual array buffers as needed.  One or both processing steps may be
-  unaware of the multi-pass behavior.
-
-In theory, we might be able to make all of the data buffer controllers
-interchangeable and provide just one set of implementations for all.  In
-practice, each one contains considerable special-case processing for its
-particular job.  The buffer controller concept should be regarded as an
-overall system structuring principle, not as a complete description of the
-task performed by any one controller.
-
-
-*** Compression object structure ***
-
-Here is a sketch of the logical structure of the JPEG compression library:
-
-                                                 |-- Colorspace conversion
-                  |-- Preprocessing controller --|
-                  |                              |-- Downsampling
-Main controller --|
-                  |                            |-- Forward DCT, quantize
-                  |-- Coefficient controller --|
-                                               |-- Entropy encoding
-
-This sketch also describes the flow of control (subroutine calls) during
-typical image data processing.  Each of the components shown in the diagram is
-an "object" which may have several different implementations available.  One
-or more source code files contain the actual implementation(s) of each object.
-
-The objects shown above are:
-
-* Main controller: buffer controller for the subsampled-data buffer, which
-  holds the preprocessed input data.  This controller invokes preprocessing to
-  fill the subsampled-data buffer, and JPEG compression to empty it.  There is
-  usually no need for a full-image buffer here; a strip buffer is adequate.
-
-* Preprocessing controller: buffer controller for the downsampling input data
-  buffer, which lies between colorspace conversion and downsampling.  Note
-  that a unified conversion/downsampling module would probably replace this
-  controller entirely.
-
-* Colorspace conversion: converts application image data into the desired
-  JPEG color space; also changes the data from pixel-interleaved layout to
-  separate component planes.  Processes one pixel row at a time.
-
-* Downsampling: performs reduction of chroma components as required.
-  Optionally may perform pixel-level smoothing as well.  Processes a "row
-  group" at a time, where a row group is defined as Vmax pixel rows of each
-  component before downsampling, and Vk sample rows afterwards (remember Vk
-  differs across components).  Some downsampling or smoothing algorithms may
-  require context rows above and below the current row group; the
-  preprocessing controller is responsible for supplying these rows via proper
-  buffering.  The downsampler is responsible for edge expansion at the right
-  edge (i.e., extending each sample row to a multiple of 8 samples); but the
-  preprocessing controller is responsible for vertical edge expansion (i.e.,
-  duplicating the bottom sample row as needed to make a multiple of 8 rows).
-
-* Coefficient controller: buffer controller for the DCT-coefficient data.
-  This controller handles MCU assembly, including insertion of dummy DCT
-  blocks when needed at the right or bottom edge.  When performing
-  Huffman-code optimization or emitting a multiscan JPEG file, this
-  controller is responsible for buffering the full image.  The equivalent of
-  one fully interleaved MCU row of subsampled data is processed per call,
-  even when the JPEG file is noninterleaved.
-
-* Forward DCT and quantization: Perform DCT, quantize, and emit coefficients.
-  Works on one or more DCT blocks at a time.  (Note: the coefficients are now
-  emitted in normal array order, which the entropy encoder is expected to
-  convert to zigzag order as necessary.  Prior versions of the IJG code did
-  the conversion to zigzag order within the quantization step.)
-
-* Entropy encoding: Perform Huffman or arithmetic entropy coding and emit the
-  coded data to the data destination module.  Works on one MCU per call.
-  For progressive JPEG, the same DCT blocks are fed to the entropy coder
-  during each pass, and the coder must emit the appropriate subset of
-  coefficients.
-
-In addition to the above objects, the compression library includes these
-objects:
-
-* Master control: determines the number of passes required, controls overall
-  and per-pass initialization of the other modules.
-
-* Marker writing: generates JPEG markers (except for RSTn, which is emitted
-  by the entropy encoder when needed).
-
-* Data destination manager: writes the output JPEG datastream to its final
-  destination (e.g., a file).  The destination manager supplied with the
-  library knows how to write to a stdio stream or to a memory buffer;
-  for other behaviors, the surrounding application may provide its own
-  destination manager.
-
-* Memory manager: allocates and releases memory, controls virtual arrays
-  (with backing store management, where required).
-
-* Error handler: performs formatting and output of error and trace messages;
-  determines handling of nonfatal errors.  The surrounding application may
-  override some or all of this object's methods to change error handling.
-
-* Progress monitor: supports output of "percent-done" progress reports.
-  This object represents an optional callback to the surrounding application:
-  if wanted, it must be supplied by the application.
-
-The error handler, destination manager, and progress monitor objects are
-defined as separate objects in order to simplify application-specific
-customization of the JPEG library.  A surrounding application may override
-individual methods or supply its own all-new implementation of one of these
-objects.  The object interfaces for these objects are therefore treated as
-part of the application interface of the library, whereas the other objects
-are internal to the library.
-
-The error handler and memory manager are shared by JPEG compression and
-decompression; the progress monitor, if used, may be shared as well.
-
-
-*** Decompression object structure ***
-
-Here is a sketch of the logical structure of the JPEG decompression library:
-
-                                               |-- Entropy decoding
-                  |-- Coefficient controller --|
-                  |                            |-- Dequantize, Inverse DCT
-Main controller --|
-                  |                               |-- Upsampling
-                  |-- Postprocessing controller --|   |-- Colorspace conversion
-                                                  |-- Color quantization
-                                                  |-- Color precision reduction
-
-As before, this diagram also represents typical control flow.  The objects
-shown are:
-
-* Main controller: buffer controller for the subsampled-data buffer, which
-  holds the output of JPEG decompression proper.  This controller's primary
-  task is to feed the postprocessing procedure.  Some upsampling algorithms
-  may require context rows above and below the current row group; when this
-  is true, the main controller is responsible for managing its buffer so as
-  to make context rows available.  In the current design, the main buffer is
-  always a strip buffer; a full-image buffer is never required.
-
-* Coefficient controller: buffer controller for the DCT-coefficient data.
-  This controller handles MCU disassembly, including deletion of any dummy
-  DCT blocks at the right or bottom edge.  When reading a multiscan JPEG
-  file, this controller is responsible for buffering the full image.
-  (Buffering DCT coefficients, rather than samples, is necessary to support
-  progressive JPEG.)  The equivalent of one fully interleaved MCU row of
-  subsampled data is processed per call, even when the source JPEG file is
-  noninterleaved.
-
-* Entropy decoding: Read coded data from the data source module and perform
-  Huffman or arithmetic entropy decoding.  Works on one MCU per call.
-  For progressive JPEG decoding, the coefficient controller supplies the prior
-  coefficients of each MCU (initially all zeroes), which the entropy decoder
-  modifies in each scan.
-
-* Dequantization and inverse DCT: like it says.  Note that the coefficients
-  buffered by the coefficient controller have NOT been dequantized; we
-  merge dequantization and inverse DCT into a single step for speed reasons.
-  When scaled-down output is asked for, simplified DCT algorithms may be used
-  that emit fewer samples per DCT block, not the full 8x8.  Works on one DCT
-  block at a time.
-
-* Postprocessing controller: buffer controller for the color quantization
-  input buffer, when quantization is in use.  (Without quantization, this
-  controller just calls the upsampler.)  For two-pass quantization, this
-  controller is responsible for buffering the full-image data.
-
-* Upsampling: restores chroma components to full size.  (May support more
-  general output rescaling, too.  Note that if undersized DCT outputs have
-  been emitted by the DCT module, this module must adjust so that properly
-  sized outputs are created.)  Works on one row group at a time.  This module
-  also calls the color conversion module, so its top level is effectively a
-  buffer controller for the upsampling->color conversion buffer.  However, in
-  all but the highest-quality operating modes, upsampling and color
-  conversion are likely to be merged into a single step.
-
-* Colorspace conversion: convert from JPEG color space to output color space,
-  and change data layout from separate component planes to pixel-interleaved.
-  Works on one pixel row at a time.
-
-* Color quantization: reduce the data to colormapped form, using either an
-  externally specified colormap or an internally generated one.  This module
-  is not used for full-color output.  Works on one pixel row at a time; may
-  require two passes to generate a color map.  Note that the output will
-  always be a single component representing colormap indexes.  In the current
-  design, the output values are JSAMPLEs, so an 8-bit compilation cannot
-  quantize to more than 256 colors.  This is unlikely to be a problem in
-  practice.
-
-* Color reduction: this module handles color precision reduction, e.g.,
-  generating 15-bit color (5 bits/primary) from JPEG's 24-bit output.
-  Not quite clear yet how this should be handled... should we merge it with
-  colorspace conversion???
-
-Note that some high-speed operating modes might condense the entire
-postprocessing sequence to a single module (upsample, color convert, and
-quantize in one step).
-
-In addition to the above objects, the decompression library includes these
-objects:
-
-* Master control: determines the number of passes required, controls overall
-  and per-pass initialization of the other modules.  This is subdivided into
-  input and output control: jdinput.c controls only input-side processing,
-  while jdmaster.c handles overall initialization and output-side control.
-
-* Marker reading: decodes JPEG markers (except for RSTn).
-
-* Data source manager: supplies the input JPEG datastream.  The source
-  manager supplied with the library knows how to read from a stdio stream
-  or from a memory buffer;  for other behaviors, the surrounding application
-  may provide its own source manager.
-
-* Memory manager: same as for compression library.
-
-* Error handler: same as for compression library.
-
-* Progress monitor: same as for compression library.
-
-As with compression, the data source manager, error handler, and progress
-monitor are candidates for replacement by a surrounding application.
-
-
-*** Decompression input and output separation ***
-
-To support efficient incremental display of progressive JPEG files, the
-decompressor is divided into two sections that can run independently:
-
-1. Data input includes marker parsing, entropy decoding, and input into the
-   coefficient controller's DCT coefficient buffer.  Note that this
-   processing is relatively cheap and fast.
-
-2. Data output reads from the DCT coefficient buffer and performs the IDCT
-   and all postprocessing steps.
-
-For a progressive JPEG file, the data input processing is allowed to get
-arbitrarily far ahead of the data output processing.  (This occurs only
-if the application calls jpeg_consume_input(); otherwise input and output
-run in lockstep, since the input section is called only when the output
-section needs more data.)  In this way the application can avoid making
-extra display passes when data is arriving faster than the display pass
-can run.  Furthermore, it is possible to abort an output pass without
-losing anything, since the coefficient buffer is read-only as far as the
-output section is concerned.  See libjpeg.txt for more detail.
-
-A full-image coefficient array is only created if the JPEG file has multiple
-scans (or if the application specifies buffered-image mode anyway).  When
-reading a single-scan file, the coefficient controller normally creates only
-a one-MCU buffer, so input and output processing must run in lockstep in this
-case.  jpeg_consume_input() is effectively a no-op in this situation.
-
-The main impact of dividing the decompressor in this fashion is that we must
-be very careful with shared variables in the cinfo data structure.  Each
-variable that can change during the course of decompression must be
-classified as belonging to data input or data output, and each section must
-look only at its own variables.  For example, the data output section may not
-depend on any of the variables that describe the current scan in the JPEG
-file, because these may change as the data input section advances into a new
-scan.
-
-The progress monitor is (somewhat arbitrarily) defined to treat input of the
-file as one pass when buffered-image mode is not used, and to ignore data
-input work completely when buffered-image mode is used.  Note that the
-library has no reliable way to predict the number of passes when dealing
-with a progressive JPEG file, nor can it predict the number of output passes
-in buffered-image mode.  So the work estimate is inherently bogus anyway.
-
-No comparable division is currently made in the compression library, because
-there isn't any real need for it.
-
-
-*** Data formats ***
-
-Arrays of pixel sample values use the following data structure:
-
-    typedef something JSAMPLE;          a pixel component value, 0..MAXJSAMPLE
-    typedef JSAMPLE *JSAMPROW;          ptr to a row of samples
-    typedef JSAMPROW *JSAMPARRAY;       ptr to a list of rows
-    typedef JSAMPARRAY *JSAMPIMAGE;     ptr to a list of color-component arrays
-
-The basic element type JSAMPLE will be one of unsigned char or short.  Short
-will be used if samples wider than 8 bits are to be supported (this is a
-compile-time option).  Otherwise, unsigned char is used.
-
-With these conventions, JSAMPLE values can be assumed to be >= 0.  This helps
-simplify correct rounding during downsampling, etc.  The JPEG standard's
-specification that sample values run from -128..127 is accommodated by
-subtracting 128 from the sample value in the DCT step.  Similarly, during
-decompression the output of the IDCT step will be immediately shifted back to
-0..255.  (NB: different values are required when 12-bit samples are in use.
-The code is written in terms of MAXJSAMPLE and CENTERJSAMPLE, which will be
-defined as 255 and 128 respectively in an 8-bit implementation, and as 4095
-and 2048 in a 12-bit implementation.)
-
-We use a pointer per row, rather than a two-dimensional JSAMPLE array.  This
-choice costs only a small amount of memory and has several benefits:
-* Code using the data structure doesn't need to know the allocated width of
-  the rows.  This simplifies edge expansion/compression, since we can work
-  in an array that's wider than the logical picture width.
-* Indexing doesn't require multiplication; this is a performance win on many
-  machines.
-* Arrays with more than 64K total elements can be supported even on machines
-  where malloc() cannot allocate chunks larger than 64K.
-* The rows forming a component array may be allocated at different times
-  without extra copying.  This trick allows some speedups in smoothing steps
-  that need access to the previous and next rows.
-
-Note that each color component is stored in a separate array; we don't use the
-traditional layout in which the components of a pixel are stored together.
-This simplifies coding of modules that work on each component independently,
-because they don't need to know how many components there are.  Furthermore,
-we can read or write each component to a temporary file independently, which
-is helpful when dealing with noninterleaved JPEG files.
-
-In general, a specific sample value is accessed by code such as
-        image[colorcomponent][row][col]
-where col is measured from the image left edge, but row is measured from the
-first sample row currently in memory.  Either of the first two indexings can
-be precomputed by copying the relevant pointer.
-
-
-Since most image-processing applications prefer to work on images in which
-the components of a pixel are stored together, the data passed to or from the
-surrounding application uses the traditional convention: a single pixel is
-represented by N consecutive JSAMPLE values, and an image row is an array of
-(# of color components)*(image width) JSAMPLEs.  One or more rows of data can
-be represented by a pointer of type JSAMPARRAY in this scheme.  This scheme is
-converted to component-wise storage inside the JPEG library.  (Applications
-that want to skip JPEG preprocessing or postprocessing will have to contend
-with component-wise storage.)
-
-
-Arrays of DCT-coefficient values use the following data structure:
-
-    typedef short JCOEF;                a 16-bit signed integer
-    typedef JCOEF JBLOCK[DCTSIZE2];     an 8x8 block of coefficients
-    typedef JBLOCK *JBLOCKROW;          ptr to one horizontal row of 8x8 blocks
-    typedef JBLOCKROW *JBLOCKARRAY;     ptr to a list of such rows
-    typedef JBLOCKARRAY *JBLOCKIMAGE;   ptr to a list of color component arrays
-
-The underlying type is at least a 16-bit signed integer; while "short" is big
-enough on all machines of interest, on some machines it is preferable to use
-"int" for speed reasons, despite the storage cost.  Coefficients are grouped
-into 8x8 blocks (but we always use #defines DCTSIZE and DCTSIZE2 rather than
-"8" and "64").
-
-The contents of a coefficient block may be in either "natural" or zigzagged
-order, and may be true values or divided by the quantization coefficients,
-depending on where the block is in the processing pipeline.  In the current
-library, coefficient blocks are kept in natural order everywhere; the entropy
-codecs zigzag or dezigzag the data as it is written or read.  The blocks
-contain quantized coefficients everywhere outside the DCT/IDCT subsystems.
-(This latter decision may need to be revisited to support variable
-quantization a la JPEG Part 3.)
-
-Notice that the allocation unit is now a row of 8x8 blocks, corresponding to
-eight rows of samples.  Otherwise the structure is much the same as for
-samples, and for the same reasons.
-
-
-*** Suspendable processing ***
-
-In some applications it is desirable to use the JPEG library as an
-incremental, memory-to-memory filter.  In this situation the data source or
-destination may be a limited-size buffer, and we can't rely on being able to
-empty or refill the buffer at arbitrary times.  Instead the application would
-like to have control return from the library at buffer overflow/underrun, and
-then resume compression or decompression at a later time.
-
-This scenario is supported for simple cases.  (For anything more complex, we
-recommend that the application "bite the bullet" and develop real multitasking
-capability.)  The libjpeg.txt file goes into more detail about the usage and
-limitations of this capability; here we address the implications for library
-structure.
-
-The essence of the problem is that the entropy codec (coder or decoder) must
-be prepared to stop at arbitrary times.  In turn, the controllers that call
-the entropy codec must be able to stop before having produced or consumed all
-the data that they normally would handle in one call.  That part is reasonably
-straightforward: we make the controller call interfaces include "progress
-counters" which indicate the number of data chunks successfully processed, and
-we require callers to test the counter rather than just assume all of the data
-was processed.
-
-Rather than trying to restart at an arbitrary point, the current Huffman
-codecs are designed to restart at the beginning of the current MCU after a
-suspension due to buffer overflow/underrun.  At the start of each call, the
-codec's internal state is loaded from permanent storage (in the JPEG object
-structures) into local variables.  On successful completion of the MCU, the
-permanent state is updated.  (This copying is not very expensive, and may even
-lead to *improved* performance if the local variables can be registerized.)
-If a suspension occurs, the codec simply returns without updating the state,
-thus effectively reverting to the start of the MCU.  Note that this implies
-leaving some data unprocessed in the source/destination buffer (ie, the
-compressed partial MCU).  The data source/destination module interfaces are
-specified so as to make this possible.  This also implies that the data buffer
-must be large enough to hold a worst-case compressed MCU; a couple thousand
-bytes should be enough.
-
-In a successive-approximation AC refinement scan, the progressive Huffman
-decoder has to be able to undo assignments of newly nonzero coefficients if it
-suspends before the MCU is complete, since decoding requires distinguishing
-previously-zero and previously-nonzero coefficients.  This is a bit tedious
-but probably won't have much effect on performance.  Other variants of Huffman
-decoding need not worry about this, since they will just store the same values
-again if forced to repeat the MCU.
-
-This approach would probably not work for an arithmetic codec, since its
-modifiable state is quite large and couldn't be copied cheaply.  Instead it
-would have to suspend and resume exactly at the point of the buffer end.
-
-The JPEG marker reader is designed to cope with suspension at an arbitrary
-point.  It does so by backing up to the start of the marker parameter segment,
-so the data buffer must be big enough to hold the largest marker of interest.
-Again, a couple KB should be adequate.  (A special "skip" convention is used
-to bypass COM and APPn markers, so these can be larger than the buffer size
-without causing problems; otherwise a 64K buffer would be needed in the worst
-case.)
-
-The JPEG marker writer currently does *not* cope with suspension.
-We feel that this is not necessary; it is much easier simply to require
-the application to ensure there is enough buffer space before starting.  (An
-empty 2K buffer is more than sufficient for the header markers; and ensuring
-there are a dozen or two bytes available before calling jpeg_finish_compress()
-will suffice for the trailer.)  This would not work for writing multi-scan
-JPEG files, but we simply do not intend to support that capability with
-suspension.
-
-
-*** Memory manager services ***
-
-The JPEG library's memory manager controls allocation and deallocation of
-memory, and it manages large "virtual" data arrays on machines where the
-operating system does not provide virtual memory.  Note that the same
-memory manager serves both compression and decompression operations.
-
-In all cases, allocated objects are tied to a particular compression or
-decompression master record, and they will be released when that master
-record is destroyed.
-
-The memory manager does not provide explicit deallocation of objects.
-Instead, objects are created in "pools" of free storage, and a whole pool
-can be freed at once.  This approach helps prevent storage-leak bugs, and
-it speeds up operations whenever malloc/free are slow (as they often are).
-The pools can be regarded as lifetime identifiers for objects.  Two
-pools/lifetimes are defined:
-  * JPOOL_PERMANENT     lasts until master record is destroyed
-  * JPOOL_IMAGE         lasts until done with image (JPEG datastream)
-Permanent lifetime is used for parameters and tables that should be carried
-across from one datastream to another; this includes all application-visible
-parameters.  Image lifetime is used for everything else.  (A third lifetime,
-JPOOL_PASS = one processing pass, was originally planned.  However it was
-dropped as not being worthwhile.  The actual usage patterns are such that the
-peak memory usage would be about the same anyway; and having per-pass storage
-substantially complicates the virtual memory allocation rules --- see below.)
-
-The memory manager deals with three kinds of object:
-1. "Small" objects.  Typically these require no more than 10K-20K total.
-2. "Large" objects.  These may require tens to hundreds of K depending on
-   image size.  Semantically they behave the same as small objects, but we
-   distinguish them because pool allocation heuristics may differ for large and
-   small objects (historically, large objects were also referenced by far
-   pointers on MS-DOS machines.)  Note that individual "large" objects cannot
-   exceed the size allowed by type size_t, which may be 64K or less on some
-   machines.
-3. "Virtual" objects.  These are large 2-D arrays of JSAMPLEs or JBLOCKs
-   (typically large enough for the entire image being processed).  The
-   memory manager provides stripwise access to these arrays.  On machines
-   without virtual memory, the rest of the array may be swapped out to a
-   temporary file.
-
-(Note: JSAMPARRAY and JBLOCKARRAY data structures are a combination of large
-objects for the data proper and small objects for the row pointers.  For
-convenience and speed, the memory manager provides single routines to create
-these structures.  Similarly, virtual arrays include a small control block
-and a JSAMPARRAY or JBLOCKARRAY working buffer, all created with one call.)
-
-In the present implementation, virtual arrays are only permitted to have image
-lifespan.  (Permanent lifespan would not be reasonable, and pass lifespan is
-not very useful since a virtual array's raison d'etre is to store data for
-multiple passes through the image.)  We also expect that only "small" objects
-will be given permanent lifespan, though this restriction is not required by
-the memory manager.
-
-In a non-virtual-memory machine, some performance benefit can be gained by
-making the in-memory buffers for virtual arrays be as large as possible.
-(For small images, the buffers might fit entirely in memory, so blind
-swapping would be very wasteful.)  The memory manager will adjust the height
-of the buffers to fit within a prespecified maximum memory usage.  In order
-to do this in a reasonably optimal fashion, the manager needs to allocate all
-of the virtual arrays at once.  Therefore, there isn't a one-step allocation
-routine for virtual arrays; instead, there is a "request" routine that simply
-allocates the control block, and a "realize" routine (called just once) that
-determines space allocation and creates all of the actual buffers.  The
-realize routine must allow for space occupied by non-virtual large objects.
-(We don't bother to factor in the space needed for small objects, on the
-grounds that it isn't worth the trouble.)
-
-To support all this, we establish the following protocol for doing business
-with the memory manager:
-  1. Modules must request virtual arrays (which may have only image lifespan)
-     during the initial setup phase, i.e., in their jinit_xxx routines.
-  2. All "large" objects (including JSAMPARRAYs and JBLOCKARRAYs) must also be
-     allocated during initial setup.
-  3. realize_virt_arrays will be called at the completion of initial setup.
-     The above conventions ensure that sufficient information is available
-     for it to choose a good size for virtual array buffers.
-Small objects of any lifespan may be allocated at any time.  We expect that
-the total space used for small objects will be small enough to be negligible
-in the realize_virt_arrays computation.
-
-In a virtual-memory machine, we simply pretend that the available space is
-infinite, thus causing realize_virt_arrays to decide that it can allocate all
-the virtual arrays as full-size in-memory buffers.  The overhead of the
-virtual-array access protocol is very small when no swapping occurs.
-
-A virtual array can be specified to be "pre-zeroed"; when this flag is set,
-never-yet-written sections of the array are set to zero before being made
-available to the caller.  If this flag is not set, never-written sections
-of the array contain garbage.  (This feature exists primarily because the
-equivalent logic would otherwise be needed in jdcoefct.c for progressive
-JPEG mode; we may as well make it available for possible other uses.)
-
-The first write pass on a virtual array is required to occur in top-to-bottom
-order; read passes, as well as any write passes after the first one, may
-access the array in any order.  This restriction exists partly to simplify
-the virtual array control logic, and partly because some file systems may not
-support seeking beyond the current end-of-file in a temporary file.  The main
-implication of this restriction is that rearrangement of rows (such as
-converting top-to-bottom data order to bottom-to-top) must be handled while
-reading data out of the virtual array, not while putting it in.
-
-
-*** Memory manager internal structure ***
-
-To isolate system dependencies as much as possible, we have broken the
-memory manager into two parts.  There is a reasonably system-independent
-"front end" (jmemmgr.c) and a "back end" that contains only the code
-likely to change across systems.  All of the memory management methods
-outlined above are implemented by the front end.  The back end provides
-the following routines for use by the front end (none of these routines
-are known to the rest of the JPEG code):
-
-jpeg_mem_init, jpeg_mem_term    system-dependent initialization/shutdown
-
-jpeg_get_small, jpeg_free_small interface to malloc and free library routines
-                                (or their equivalents)
-
-jpeg_get_large, jpeg_free_large historically was used to interface with
-                                FAR malloc/free on MS-DOS machines;  now the
-                                same as jpeg_get_small/jpeg_free_small
-
-jpeg_mem_available              estimate available memory
-
-jpeg_open_backing_store         create a backing-store object
-
-read_backing_store,             manipulate a backing-store object
-write_backing_store,
-close_backing_store
-
-On some systems there will be more than one type of backing-store object.
-jpeg_open_backing_store is responsible for choosing how to implement a given
-object.  The read/write/close routines are method pointers in the structure
-that describes a given object; this lets them be different for different object
-types.
-
-It may be necessary to ensure that backing store objects are explicitly
-released upon abnormal program termination.  To support this, we will expect
-the main program or surrounding application to arrange to call self_destruct
-(typically via jpeg_destroy) upon abnormal termination.  This may require a
-SIGINT signal handler or equivalent.  We don't want to have the back end module
-install its own signal handler, because that would pre-empt the surrounding
-application's ability to control signal handling.
-
-The IJG distribution includes several memory manager back end implementations.
-Usually the same back end should be suitable for all applications on a given
-system, but it is possible for an application to supply its own back end at
-need.
-
-
-*** Implications of DNL marker ***
-
-Some JPEG files may use a DNL marker to postpone definition of the image
-height (this would be useful for a fax-like scanner's output, for instance).
-In these files the SOF marker claims the image height is 0, and you only
-find out the true image height at the end of the first scan.
-
-We could read these files as follows:
-1. Upon seeing zero image height, replace it by 65535 (the maximum allowed).
-2. When the DNL is found, update the image height in the global image
-   descriptor.
-This implies that control modules must avoid making copies of the image
-height, and must re-test for termination after each MCU row.  This would
-be easy enough to do.
-
-In cases where image-size data structures are allocated, this approach will
-result in very inefficient use of virtual memory or much-larger-than-necessary
-temporary files.  This seems acceptable for something that probably won't be a
-mainstream usage.  People might have to forgo use of memory-hogging options
-(such as two-pass color quantization or noninterleaved JPEG files) if they
-want efficient conversion of such files.  (One could improve efficiency by
-demanding a user-supplied upper bound for the height, less than 65536; in most
-cases it could be much less.)
-
-The standard also permits the SOF marker to overestimate the image height,
-with a DNL to give the true, smaller height at the end of the first scan.
-This would solve the space problems if the overestimate wasn't too great.
-However, it implies that you don't even know whether DNL will be used.
-
-This leads to a couple of very serious objections:
-1. Testing for a DNL marker must occur in the inner loop of the decompressor's
-   Huffman decoder; this implies a speed penalty whether the feature is used
-   or not.
-2. There is no way to hide the last-minute change in image height from an
-   application using the decoder.  Thus *every* application using the IJG
-   library would suffer a complexity penalty whether it cared about DNL or
-   not.
-We currently do not support DNL because of these problems.
-
-A different approach is to insist that DNL-using files be preprocessed by a
-separate program that reads ahead to the DNL, then goes back and fixes the SOF
-marker.  This is a much simpler solution and is probably far more efficient.
-Even if one wants piped input, buffering the first scan of the JPEG file needs
-a lot smaller temp file than is implied by the maximum-height method.  For
-this approach we'd simply treat DNL as a no-op in the decompressor (at most,
-check that it matches the SOF image height).
-
-We will not worry about making the compressor capable of outputting DNL.
-Something similar to the first scheme above could be applied if anyone ever
-wants to make that work.
diff --git a/3rdparty/libjpeg-turbo_2_1_0/testimages/nightshot_iso_100.bmp b/3rdparty/libjpeg-turbo_2_1_0/testimages/nightshot_iso_100.bmp
deleted file mode 100644
index 5a27151..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/testimages/nightshot_iso_100.bmp and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/testimages/nightshot_iso_100.txt b/3rdparty/libjpeg-turbo_2_1_0/testimages/nightshot_iso_100.txt
deleted file mode 100644
index 9320886..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/testimages/nightshot_iso_100.txt
+++ /dev/null
@@ -1,25 +0,0 @@
-libjpeg-turbo note:  This image was extracted from the 8-bit nightshot_iso_100
-image.  The original can be downloaded at the link below.
-
-The New Image Compression Test Set - Jan 2008
-http://www.imagecompression.info/test_images
-
-The images historically used for compression research (lena, barbra, pepper etc...) have outlived their useful life and its about time they become a part of history only. They are too small, come from data sources too old and are available in only 8-bit precision.
-
-These images have been carefully selected to aid in image compression algorithm research and evaluation. These are photographic images chosen to come from a wide variety of sources and each one picked to stress different aspects of algorithms. Images are available in 8-bit, 16-bit and 16-bit linear variations, RGB and gray.
-
-Images are available without any prohibitive copyright restrictions.
-
-These images are (c) there respective owners. You are granted full redistribution and publication rights on these images provided:
-
-1. The origin of the pictures must not be misrepresented; you must not claim that you took the original pictures. If you use, publish or redistribute them, an acknowledgment would be appreciated but is not required.
-2. Altered versions must be plainly marked as such, and must not be misinterpreted as being the originals.
-3. No payment is required for distribution this material, it must be available freely under the conditions stated here. That is, it is prohibited to sell the material.
-4. This notice may not be removed or altered from any distribution.
-
-Acknowledgments: A lot of people contributed a lot of time and effort in making this test set possible. Thanks to everyone who voiced their opinion in any of the discussions online. Thanks to Axel Becker, Thomas Richter and Niels Fröhling for their extensive help in picking images, running all the various tests etc... Thanks to Pete Fraser, Tony Story, Wayne J. Cosshall, David Coffin, Bruce Lindbloom and raw.fotosite.pl for the images which make up this set.
-
-Sachin Garg [India]
-sachingarg@c10n.info
-
-www.sachingarg.com | www.c10n.info | www.imagecompression.info
diff --git a/3rdparty/libjpeg-turbo_2_1_0/testimages/test.scan b/3rdparty/libjpeg-turbo_2_1_0/testimages/test.scan
deleted file mode 100644
index 2a8ea7f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/testimages/test.scan
+++ /dev/null
@@ -1,8 +0,0 @@
-0 1 2: 0 0 0 0;
-0: 1 9 0 0;
-0: 10 41 0 2;
-0: 10 41 2 1;
-0: 10 41 1 0;
-0: 42 63 0 0;
-1: 1 63 0 0;
-2: 1 63 0 0;
diff --git a/3rdparty/libjpeg-turbo_2_1_0/testimages/test1.icc b/3rdparty/libjpeg-turbo_2_1_0/testimages/test1.icc
deleted file mode 100644
index d0245c8..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/testimages/test1.icc and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/testimages/test1.icc.txt b/3rdparty/libjpeg-turbo_2_1_0/testimages/test1.icc.txt
deleted file mode 100644
index 57fc52f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/testimages/test1.icc.txt
+++ /dev/null
@@ -1,20 +0,0 @@
-Little CMS
-Copyright (c) 1998-2011 Marti Maria Saguer
-
-Permission is hereby granted, free of charge, to any person obtaining a copy of
-this software and associated documentation files (the "Software"), to deal in
-the Software without restriction, including without limitation the rights to
-use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
-of the Software, and to permit persons to whom the Software is furnished to do
-so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
diff --git a/3rdparty/libjpeg-turbo_2_1_0/testimages/test2.icc b/3rdparty/libjpeg-turbo_2_1_0/testimages/test2.icc
deleted file mode 100644
index 73f1b5a..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/testimages/test2.icc and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/testimages/test2.icc.txt b/3rdparty/libjpeg-turbo_2_1_0/testimages/test2.icc.txt
deleted file mode 100644
index 57fc52f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/testimages/test2.icc.txt
+++ /dev/null
@@ -1,20 +0,0 @@
-Little CMS
-Copyright (c) 1998-2011 Marti Maria Saguer
-
-Permission is hereby granted, free of charge, to any person obtaining a copy of
-this software and associated documentation files (the "Software"), to deal in
-the Software without restriction, including without limitation the rights to
-use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
-of the Software, and to permit persons to whom the Software is furnished to do
-so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
diff --git a/3rdparty/libjpeg-turbo_2_1_0/testimages/testimgari.jpg b/3rdparty/libjpeg-turbo_2_1_0/testimages/testimgari.jpg
deleted file mode 100644
index 8966487..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/testimages/testimgari.jpg and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/testimages/testimgint.jpg b/3rdparty/libjpeg-turbo_2_1_0/testimages/testimgint.jpg
deleted file mode 100644
index 2501c61..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/testimages/testimgint.jpg and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/testimages/testorig.jpg b/3rdparty/libjpeg-turbo_2_1_0/testimages/testorig.jpg
deleted file mode 100644
index 9816a0c..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/testimages/testorig.jpg and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/testimages/testorig.ppm b/3rdparty/libjpeg-turbo_2_1_0/testimages/testorig.ppm
deleted file mode 100644
index 2a5d1e9..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/testimages/testorig.ppm
+++ /dev/null
@@ -1,4 +0,0 @@
-P6
-227 149
-255
-0/-0/-10.21/51.51.62/62/83/83/:2/:2/:3-:3-:3-:3-:2/:2/91.80-80-91.:2/:2/80-80-80-80-80-80-80-80-6.+6.+6.+5-*5-*5-*4,)4,)4,)4,)4,)4,)4,)4,)4,)2-)/*$/,%0-&0-&1.'2/(30)30)63,63,74-85.96/96/:70:7.A:0B<0D>2F@4IA4JB5KC6KC6NE6MD5OC3NB2OC3OC3PD4RE5R?1Y?2b@4nB5}E6�H8�G9�F7�H;�F;�F;�F=�G>�H@�H@�EB�FL�CL�EM�EI�CI�BD�?C�=A�;A�:@�:?�<?�?B�?@�?<�A7�=/�@.�@.�?-�?-�@-�?-�@-�?.�A.�A-�B,�A-�@+�A+�A,�>-�?/�?/�>.�>,�>,�<+�<+�>-�>-�=*�=*�>+�>+�?,�@/�?6�>5�=4�?3�B3�D3�D4�D4�?0�B3�F:�H;�G;oA2U9+C3&=52:659548437116005//5//72/72/72/61.61-61-50,41,//-.0-//-//-0/-0/-2.-2.-5,-4+,4*+3)*7(+=.1E69P:<jAE|HJ�NO�OQ�W[�dn�o��t��{������~��tz�`a�TKvQEiSJgPH_MH^TQbfdo|}�������������������{|lfgWYXFQNEUR[UQbUQb0/-0/-10.10.40-51.62/62/83/83/:2/:2/:3-:3-:3-:3-:2/91.80-80-80-80-91.:2/80-80-80-80-80-80-80-80-6.+6.+6.+5-*5-*4,)4,)4,)5-*5-*5-*5-*5-*5-*5-*3.*1,(0-&0-&1.'2/(30)41*41*63,63,74-85.85.96/:70:7.@9/B<0C=1E?3H@3IA4JB5JB5LC4LC4MA3MA1MA1NB2OC3QD4P>0U?1^A3jC4xD6�F5�E5�C3�C4�A4�@6�B7�D:�E<�F=�C@�EI�BI�CI�DH�DG�CE�@C�?C�;A�:@�:?�<?�?@�@@�@<�@6�>/�@.�?-�?-�?-�?,�?-�@-�?.�A.�A-�B,�@,�@+�@*�A,�>-�?/�?/�>.�>,�=+�<+�<+�>-�=,�=*�=*�=*�>+�?,�@1�A6�?6�>5�?4�A3�D4�C4�D5�A2�C6�F:�H=�G:l@3S9*B4)>63:65:6584382271160060072/72/72/61.61-61-50,41,//-.0-//-//-0/-0/-2.-2.-4..5,-5+,3)*5)+<-0C47N8:d=>vDC�JI�MN�TV�aj�l}�r��{������{��ou�[[�RIvOCiOFePH`PH_RN_[Yfnot������������������~qjk[][LVSJXSZVRaXQa/.,0/-0/-10.40/40/51.51.72.72.72.72.92,92,92,92,91.80.80.7/-7/-80.80.91/80.80.80.80.80.80.80.80.6.,6.,5-+5-+5-+4,*4,*4,*6.,6.,6.,6.,6.,6.,6.,4/+2-)1.)2/*30+30+41,52-52-63.63.74/74/850961961:70?8.@:.B<0D>2G?4H@5H@3H@3J@4I@1K?1K?1K?1L@2MA1NB2MA3QA2YB4dC4qC4|C2�B2�A0�<-�;,�;.�=2�@6�D:�F=�D>�CE�@F�BG�CG�DF�CE�AD�?D�;@�:?�;@�=@�@@�B>�@;�@5�=.�@-�@-�@-�?-�?-�>,�@,�?-�@-�@.�@-�A,�@+�@*�@+�>-�?/�>.�>.�>.�=-�=+�=+�>,�>,�<+�<+�=,�>-�?.�?0�A6�?5�>3�?3�A4�C5�D5�C5�D8�G<�I=�J=�G;h@4Q:,B5,?74=77<66;5594183072/72/62/62/62/51.52-52-41,21,/1.-2./1./1.00.00.10.3/.5//4..5,-4*+4*+9-/>24I56[97l?:}FA�ID�OM�[`�fv�n��w��}�}��u~�gl�UU�MEvLAkMAeOFcQHcNI_NK\[[esty��������������|xzlfhZZ[MVSLZU[ZT`[S`.-+/.,/.,0/-3/.40/40-51.61-61-61-61-81+81+81+80-80.7/-6.,6.,6.,6.,7/-80.80.80.80.80.80.80.80.80.5-+5-+5-+5-+4,*4,*3+)3+)6.,6.,6.,6.,6.,6.,6.,4/,30+30+30+41,41,52-52-52-52-63.63.74/85096196196/>7-?9-A;/B<0E=2E=2F>3F>1G=1G=1H<.I=/I=/J>0L@0JA0LE5NE4VE5^D3iD2sB1~A/�?-�9)�9'�9*�=.�@3�E8�H<�F>�DC�AC�BE�DE�DE�BC�@C�?A�;@�:?�<A�>@�A@�B=�@9�@3�>.�@,�@,�@,�>,�?,�?,�?+�@-�?,�@-�?,�@+�@*�@)�?*�>,�>.�>.�>.�=-�=-�<*�<*�=+�=+�=+�=+�<+�>,�>-�?/�A6�@6�>2�@4�B6�C8�C7�B7�F<�J?�KB�J@|F:b@4L:.A7-@85>88=77<66:5294183083062/62/62/32.52-32-21,12--2.-2./1./1.00.00.10.10.5106005//5,-4+,6,-:01D22T71c;3rB8{E;�IE�RU�_l�i��s�}y�x}�ow�ae�SR�MDyL@pL@hPEgQFfLC^HCWNLZ^^fjnquyxy~xz�vwzokoa`bUWYLTTL]WY]V]]V^------/.,/.,0/-10.3/,40-40-40-50,50,50,50,7/,7/,4/,4/,3.+3.+3.+3.+4/,4/,50-50-50-50-50-50-50-50-3.+3.+3.+2-*2-*1,)1,)1,)4/,4/,4/,4/,4/,4/,4/,4/,41,41,41,41,52-52-52-52-52-52-63.74/74/85096196/<5-=6,?8.@9/B90C;0C;0C;0E;/D:.F:.G;/H<.I=/J>0I@1JG6MH5RG5YF5bE3jD1uB/|?,�;)�:)�:*�=,�B2�F8�J=�J@�GB�DC�DD�ED�CC�AA�=@�<>�:?�;=�<>�?>�B>�C:�A5�?0�?-�@-�?,�?,�?.�>-�>-�?-�>.�?-�?,�?+�?,�?+�>*�?+�>,�?.�?.�>-�>-�=,�=,�=,�=,�=,�=,�=,�<,�>-�>.�@/�B4�A4�@4�@3�A7�C9�B:�A9�C;�H?�LC�KCtE;Z>2E9-=6,A96@86?75>64=53<4294183062/43/43/23.32.23.12-02--2.,2.-2.-2./1./1.00.10.3205105104..2,,5,-7./>0/N5.Y9.e=1oA4tC<yKK�Ze�h�p�zx�u{�lt�_d�TT�OG�LBwNAmNBhMAeJA`GBYHEXKKWMPU^bc`fbbia`f\Z`VWZOUXMXXP^YV`WX`WZ,,,,,,.-+/.,/.,0/-3/.3/,2.+2.+3.*3.*3.*3.*5-*5-*3.+3.+2-*2-*2-*2-*3.+3.+3.+3.+3.+3.+3.+3.+3.+3.+3.+2-*2-*2-*1,)1,)1,)0+(4/,4/,4/,4/,4/,4/,4/,4/,40-41,41,41,41,41,41,41,41,52-52-63.74/85085096/;4,<5+=6,?8.@7.A8/A8/A9.C9/C9-E9-F:.G;/I=/J>0HA1JG6JI7NG5VF6\E3dC2lA0t?-|=,�<*�;*�=,�@1�F5�J:�J=�H@�EA�FA�E@�CA�A?�>?�;=�;<�:;�<=�@=�C=�C8�@2�?-�?,�@,�@,�?+�?-�>,�>,�?,�>-�@-�?,�?-�?+�>*�>)�?*�?,�>-�>-�>-�=,�=,�=,�<+�=,�<+�<+�<+�<-�=,�>/�?0�B4�B3�A3�B5�C9�C:�B:�B<�B:�HB�NG�NEpH>T@5A;/96-@85A75?75>63=5394194173043/43/34/23.23.13.02-.3--3/-3/.3/.3/02/02/11/11/21/32032040/2.-1-,4..8.,G4-O4)X8+`<0e?6mGFyYd�k��u�||�w|�nu�dh�[[�SL�LB~OArL@hI=cH>`HB^ECX@BO<AGCHKDMJJQJJQIIPHKQGOUKVWO^YS`YS`XU+++,,,,,,---/-.0/-0/-0/-1-*1-*1-*1-*2-)2-)2-)2-)2-*2,,1++1++1++1++2,,2,,1++1++1++1++1++1++1++1++2,,2,,2,,1++1++1++0**0**3--3--3--3--3--3--3--3.+40-40-40-40-3/,3/,3/,3/,40-40-51.62/730730841850:3-;4,<5-=6.?6/?6-?6-?6-C90C9/E8/F90G:1I=1J>2H@3HE6GE6KE5QD4YD3_B2g@/n=,v=,|:*�9+�:,�=.�B2�F7�F8�G=�F>�F>�E>�D@�C?�@@�>>�::�;:�<<�A<�C;�D6�@/�=)�?-�@-�@-�@-�>.�>.�=-�>-�=.�?.�?-�?-�?,�?+�?*�>)�>+�>-�>-�=,�=.�=.�<-�<-�<-�=-�;,�<,�</�>.�>1�?/�C4�B3�A3�B6�C:�D=�C=�C=�GB�QK�YS�XQsRIWI>CC7<?6>93@72>63=60:5194083/63.43.43.34/23.13.13.02-.3--3/-3/.3/.3/.3/.3/02/02/00.11/22021/10./.,2.-4/,?0+D0)K3)T8-Z<4eGGu]j�s�������~��tz�mp�ee�VS�LC�K?qJ=hG;cE>_FB]DBW?AN;?H:BE>HGDMHGQIGQHJRGNVKUXM^ZOaYNaXO++++++,,,---.,-/-.0/-0/-1-,1-*1-*1-*2-)2-)2-)2-*2,,1++1++0**0**1++1++2,,0**0**0**0**0**0**0**0**2,,2,,2,,1++1++0**0**0**2,,2,,2,,2,,2,,2,,2,,2,,3/,3/,3/,3/,3/,3/,3/,3/,40-40-51.62/62/73084185092,:3+;4,<5->5.>5.>5.>5,B8/B8/E80F90G:1I<3J=4I?5FB6FB6JB5OA4UB3\@2c?1j<-q<.w9*}8)�7*�:,�>0�B4�B5�F:�E;�F>�G?�G@�FA�CA�B@�;;�;;�>;�B;�D:�D4�A.�>(�A-�A-�A-�@.�@.�?-�?-�>/�>.�@.�?.�?-�>+�?*�>)�>+�>-�>-�>-�=,�=.�<-�<-�=-�=-�=/�<.�<.�</�=0�>1�?1�D4�C3�B4�C6�C;�D>�D@�EA�PL�[T�f]�f]u_T[UIHNBCI?<92?82>71;6094.74-63.43.43.43.34/23.13.13..3-.3-.3/-3/.3/.3/.3/.3/02/02///-11/22022010.0/-0/-3/,8,,<-*C0*K70S<6^HJtbn�z������Ƅ��z��tw�jl�YW�ID�E=nG<dD<aC>^CAY@CV@DP>EKGQRKWUQ^WU`XT`VS]TT^SY_S^[LaZJaZJ,-/,-/--/--/------.,-.-+/.,/.,1-*0,)0,)0,)/+(/+(/+*/+*/+*/+*/+*/+*0,+0,+/+*/+*/+*/+*/+*/+*/+*/+*/+*/+*/+*0,+0,+1-,1-,2.-2.-2.-1-,1-,1-,1-,1-,1-,0,)1-*2.+3/,3/,3/,3/,3/,3/,3/,3/,3/,40-51.62/73080-92,:3-;4.=4/>5.>5.>5.@5/@6-B5-C6.D7/F91H;3G=4G>5H@5J@6P?5T>3X<1^90c7,m9.t8-|8-�9.�;/�=0�?1�>0�A3�A4�C8�E:�G=�G>�E?�C@�@?�BA�DA�E>�D8�B1�A.�B,�A.�@-�?,�>.�=-�=-�>.�?/�<,�=,�<-�>-�=,�=+�=*�=,�<+�<+�=-�<,�<,�<,�:-�;-�=/�=0�=0�=0�>3�@4�A5�A4�E5�D4�E9�I>�G@�D>�EA�MG�[S�f_�qf�sh~rdjj^V^SJRGLLBJF=B>5=90:6-74+63,33+54/34.34/23.02-/1,.0-,1--2.-2.-2.-2./1./1./1./1.02/02/11/11/11/11/11/40/4+0;/3A32C41J;8]NQym{��������ϐ�ك��tz�jn�`c�Z[�LItHBdA>]>>X?BUAIVLU\U`bbqno~yv�|s�vlyohth_k_W_P^]Ib\Fc]G,-/,-/--/--/------.,-.,-/.,/.,0,+0,)0,)/+(/+(/+(.*).*).*)/+*/+*/+*/+*/+*/+*/+*/+*/+*/+*/+*/+*/+*/+*/+*/+*0,+0,+1-,1-,1-,1-,1-,1-,1-,1-,1-,1-,1-,0,+1-*2.+2.+3/,3/,3/,2.+2.+2.+2.+2.+3/,40-62/62/80.91.:2/;4.=4/>50>50>5.?4.?4.B5/B5-D7/E80G:2H;3H>5H>5L=6O>6R>5V;2Z90_7/i81p7.x8.�8/�:/�<1�<1�=1�@3�A3�C6�D8�E:�F<�E=�C>�D@�EA�GB�G>�F:�D3�B/�B-�C.�A/�@.�?-�?-�?-�>.�?/�=,�>,�=-�=,�=+�>+�=,�=,�<+�=+�<,�<,�<,�;+�;-�<-�</�=/�=1�=1�?3�@6�B8�B6�G9�F8�G<�JB�HD�GC�KH�TN�d\�qf�~o�o|mmseZfZNXMLNCKI=EC7A>5=:188.44,11)23-23-12-01,/1,/1,.0-.0-/1.-2./1./1./1./1./1./1.02/02/11/11/11/11/11/2015+49-7<15?54I?=^UVys}��������ʐ�Ԅ��y��qy�kt�hn�]`�XZqSUjRWjT^hZgmfvvr�t�~�����~��w�zr�qftgZeT[ZE`ZBb\D-.0-.0-.0-.0-.0-.0.......,-.-+.-+-,*/+*.*).*'.*',+),*+,*+,*+,*+,*++)*+)*-+,-+,-+,-+,-+,-+,-+,-+,,*+-+,-+,-+,-+,.,-.,-.,-.,-/-./-./-./-./-./-./.,0,+0,+1-,2.-2.-2.-2.-1-,1-,1-,1-,1-,2.-3/.40/51.80.91/:20<41=31>42=31=4/?40?4.A4.A4.C60D71F93G:4H;5J;6K<7N=6P;6S:5W83[6.c60k6.t5,}7/�9/�;0�<2�=2�@6�@4�@3�@3�C6�D8�E<�D<�F@�HB�IB�I?�E:�C3�B0�A.�B/�A/�?.�>-�>-�>-�>/�?0�<-�=-�<.�=.�>-�=,�=.�=-�<,�<,�<,�<,�;-�<-�:-�;-�<0�<0�<2�>3�?4�A8�C:�D9�J=�H;�H>�KD�KF�LG�SM�`V�sg��q��z��{��ws�ocqbXcUNRDMN@HI;DD8@@4:</46+/1&12*01+/0+/0+./*/0+//-//-//-.0-//-//-//-//-//-//-00.00.00.00.00.00.00.1/26+98,:8/4;63HE@_^Yzy~�����������DŽ��}��{��|��}��}��y��q~�o~�n~~p�y��������������������|�{j{k\hTXX@]Y>_[@-.0-.0-.0-.0-.0-.0.......,-.,--,*-,*/+*.*).*'.*),*+,*++)*+)*+)*+)**()*(),*+,*+,*+,*+,*+,*+,*+,*+,*+,*+,*+,*+-+,-+,-+,-+,.,-.,-.,-.,-.,-/-./-./-./+*0,+1-,1-,1-,1-,0,+0,+0,+0,+0,+0,+1-,2.-3/.40/91/:20;31<42=31=31=31=31>3/>3/@2/@3-A4.C60D71E82F93H94I:5J;6L:6N94Q83T50^72e60o6/x8/�90�;2�<2�=3�@7�?4�?2�?1�A2�B5�C9�E:�H?�H@�JA�H@�F:�B5�A0�@.�A/�@.�?-�>,�>,�>,�=.�?/�=-�=,�=.�=-�=,�=+�=-�<,�<,�;+�;+�;+�;,�;,�;-�;,�;/�<1�=2�>5�@7�C:�D<�E<�KB�H>�G@�JE�LI�QL�]V�j^��o��y���������z�xm{lbm_SZJQUFKO@EI:@D6;=057,13(01)/0(./*.-).-)/.*0/-0/-0/-0/-0/-0/-0/-//-0/-//-10.00.10.00.00.00.00.3.27,:6*83-1961HJ?bfX{�z������������������������������������������}�����������������������~�}k|iXfOSU=ZV;^Z?+/2+/2-.2-.2-.0-.0..0..0------.-+-,*-,*-,*,+),+),*+,*+,*++)*+)**()*()*(),*+,*+,*+,*+,*+,*+,*+,*+,*+,*+,*+,*+,*+,*++)*+)*-+,-+,-+,.,-.,-/-./-./-./+*0,+0,+1-,0,+0,+/+*/+*0,+/+*/+*0,+0,+2.-3/.40/:12:12;31<42=32=32<20<20>31=2.?1.?1.@2/A30B41C52D63C84D95E:6G96H94K84N50X72_60i70s80}:1�<1�>2�>2�@6�?5�?5�?3�@3�C5�C6�E8�E;�G=�H>�G=�D8�A5�@1�@/�@-�@-�?.�>-�=,�=-�=/�=/�<.�;-�</�<.�<-�=-�;.�<.�;+�;+�:*�:*�;,�:+�:,�:.�:0�<1�=4?6�B9�D=�F@�H?�KC�H?�GA�KG�PL�YR�f]�vh��w������������~�}t�qjue\eTV_LNUCEL:?F6<@27:/58-12*/0(.-)/+(/+*0,+1-,2.-1-,1-,1-,1-,1-,/.,1-,/.,2.-0/-2.-0/-0/-0/-0/-2-18,:5)51++66,GL8aiRz�p������������������������������������������������������������������{�xgzdTbIQT9VU9YX<,03,03./3./3./1./1//1//1....../.,.-+.-+.-+-,*-,*.,--+,-+,,*++)*+)**()*(),*+,*+,*+,*+,*+,*+,*+,*+,*+,*++)*+)*+)**()*()*(),*+,*+,*+-+,.,-/-./-./-./+*/+*0,+0,+0,+/+*.*)-)(0,+0,+0,+0,+1-,2.-3/.40/:12;23;31<42=32=32<21<20=20=20>0->0-?1.@2/A30?40@51@72@93A:4B94C84F74H5/Q51X5/a6/l8-v:/�</�>0�=1�?5�>5�?5�?4�B4�B4�C4�D4�B5�D8�E:�E;�B7�@5�>1�>0�?.�@,�>-�=,�<+�<+�<.�<.�;-�<-�<.�;-�<-�<,�;-�;-�:*�:*�:*�:)�:+�9+9-9-�<1<3?6�A8�C<�F?�IB�IC�IB�G@�HD�OK�VS�`Z�pe��r��}������������~�~z�uq|kdp\]iUR^JJS@BK:>E5<@29<134,22*1-*/+(/))0**1++2,,1++1++1++1++1++0,+0,+0,+1-,1-,1-,1-,/.,/.,/.,2,.8*75(13+(56&EK1\gGu�d��y�������������������ť�έ�ɭ�ɰ�˱�Ȭ��������������������������{w�rdx]R`FNR7QQ5SR6,03,03,03,03./1./1./1./1000//////////.,/.,/.,.-+/-./-..,--+,,*++)*+)**()+)*+)*+)*+)*+)*+)*+)*+)*,*++)*+)*+)**()*())'()'(+)*+)*,*+-+,.,-/-./-.0.//+*/+*/+*/+*/+*.*)-)(,('0,+0,+0,+0,+1-,3/.40/510:12;23<34<34=34<21<21;10<1/<1/>0/=/.>0-?1.@2/>3/=52;62;83<94=:5>93@72C60G4.O4-Y4,d5+n8,x:-;.�;.�<4�<5�>3�@3�A2�B1�A2�A1�>1�@4�B7�B9�A7�>5�>3�?2�?-�?-�>,�=+�;,�<-�<-�<-�;.�;.�<.�;-�;.�:-�;-�;,�9)�9)�:)�:)�9*�9+~8,~8,�=2�=4�@7�B9�E>�HC�KF�MF�IC�GA�JH�SO�]Z�hb�{n��y������������������~�wx�njwcdr[ZgSQ]IKTCEL<@D6<?467/44,3/,1,)1()1()3*+4+,2)*2)*2)*2)*2)*0**0**0**1++1++0,+0,+0,+0,+0,+1+-6)25)-4-%46!BI'Wc;q�W��m��}����������������Ȕ�Н�ӫ�Ү�ѭ�˥�����������������������{{�tq�k_sWM]BIO3JM0KK/./1,01./1./1.0/.0/.0////00.00.00.10.0/-0/+/.,1-,2.-1-,1-,0,+/+,,*++)*+)*+)*+)*+)*+)*+)*+)*+),+)*+),+)*-(,*(),())'()'()'(+)*+)*,*+-,*.,-.-+/.,0/--,*-,*/+*/+*/+*.*),(',('1-,2-*2-*2-*3.+4/,50-61.;31;31<42<42=32<21;10;1/<1/<1/=/.=/.=/,>0-?1.=2.=4/=60;81::29:49:4;81?61C2+J1,T1+^3,g7-o9-u=.{=0�=4�=3�?2�@2�@3�@1�?1�=/�</�>2�B6�C7�B7�?4�>2�?2�>/�=.�=-�<,�<.�=.�=.�>/�<.�<.�</�;.�;.�:-�:,�;,�:+�:+�;+~;+~;+|:,}9,|:.�>2�>5�@7�C:�G?�KC�OH�OG�HE�HF�OL�[V�g`�ui��u������������������~�|�yt�oj~ccz^]qXWfOO\HIRAAH8>@399/85.7/,3+)2()2()3)*4*+0*,/+*0*,0**0*,0*,2),2),3*-1+-1+-1+-0,-0,-0,-1+/5*05+,4-%46!?F%T`8n}R��g��t��z��~��z��{����Ĉ�ː�ə�ǝ�ƚ�����������������������~�xv�ol�fZnSJZ@GM3FJ1DF./0+.0+/0+01,01,12-12-21-43/43/43/62/51.41,3/,4/,50-50-4/,3.+3--1-,0,+0,+.,-.,-..0--/,,.++-*).))+.)/.)-/(/.)-/)-.)-.*+.*+/+*/+*-,*.-)--+./*./*./*------.,-/-./.,0/-2.+2.+2-*4,)5-*6.+90+:1,;2+;2+=4-=4->50>50>50=4/<3.<3.=2.<1-<1/;0.=/.>0/>0/@1.A0)@1*;4*77-39/39/560:3-?-+F*'L)'S*&Z/(`5,d<0k@0yA2�A0�A2�B3�@3�=0�;/�8-�;/�>/�A1�B2�C2�A0�>.�;.�:2�:2�;1�>1�?0�?/�?.�>.�@1�?0�>1�<0�;/�:.�:-�;-{9+~@3w<.q7)w=/w=/v;-}?2{;/�@4�E<�JA�LB�MB�PE�NE�KI�SR�b[�oc�}j��q��|������������������~��u�{o�ui�ib�_[zXZsU[mSWeNPWEJK=C?6@93;0.6**4(*3'+3'+1&*,*-)+***,*(),'+.(,1(-2'-3(.3(.3(02(00)00)0/*1/*0/)-1++0-(//#<?,V\BpzX�g��u��s��v��w��v��u��{�����������������}��|��{��~��}��~��|y�ur�mh|cYkUN[GIP>CH4?B/01+01+01+01+12,12,21,32-43.43.74/74/63.52-50,50,7/,7/,6.,6.,3.+2-*1-,0,+/-./-./-0..0-,1+*/)*.)(-.)//(//(//(//)-/)-.*+.*+/+*0,+.-).-)./*./*./)/0+.....0....../.,/.,2.+3.+5-*5-*7.)8/(:/)<1+<2)=3*>5,>5,>5.?6/>5.=4-=4/<3.=2.<1-<1/;0.=/.>0/>00@1.C0*C0)A2+>3-:5/94.:2/<1/?-+D*)I*(N+'T/)Z5-`;2e=1pA1x@/�A0�@2�?4�>4�;3�;1�9.�</�=0�@0�A1�A1�B2�@2�;2�;2�<2�=0�?1�@/�?/�?.�@1�>/�=0�<.�;.�;,�;-�;,x8,x<1t:.n9+t?/s>.r8*u:,}=1�A5�E<�H?�KB�MB�PC�OF�JH�SR�f]�wi��p��w�����������������������w�}o�ve�ia�aZ�[Y{X\wXZnSSaJNUCFH;C@7<737/-3*+2)*1(+.(*,*-**,+),+),-(,/)-2(02(04)13)13)21*20+2.+2.+4.+22-13/.0,)--%8:-SXDox]��i��o��l��n��p��p��p��w��������������|��x��w��y��|��|���{x�uq�nh{eYjWN[IEL<@D5;=/12,12,12,23-23-23-43.43.54/65085085085074/72.72.80-80-7/,7/,4/,3.+1-,1-,1-.0./0.1/-0..0,,.+*/+)./(/1'//)-/)-/)-/)-.*+.*+0,+0,+/.*/.*0/*0/*/0*/0+//-///0./0./0/-/.,1-*2-*6.+7/,90+:1*<1+=3*>4+?5,?6-@7.@7.@7.?6/>5.=4/=4/=2.<1-<1/;0.;0.<1/<1/?1.C2+E0+H/+K--L,/K+.I*/E+.A-,@.*A.(F/)N/*X1*b3-g5.j:,o;-x<1�=4�<6�<5�:4�:4�;4�=2�>2�?3�@4�B6�B5�C6�?2�=/�>1�>.�>/�?-�=.�<,�;.�<,�:-�;+�;,<)~=+{<+}=1z<1v:/v<0x@1x@1v<.v;-?5�C9�F=�H?�JA�LB�NE�NF�KI�TQ�f\�wh��n��t�{�����������������������}y�xi�ma�e\�a\�`^�a[|]UrVQgPHYGBPA:D93:2.3,+0**,)**(1(+1&*1&*1&*0'*1(+2).1+//*.-+.,+0+,0)-0(-0(-1)-01/23/./+(**"57*QVBmu]|�i��k~�j�l��o��o~�m��q��x��|��z��x��v��v��u��w��y��y��}}�yw�tp�mh{eYkUN[IDH9>@399-23-23-34.34.45/45/54/54/761761:72:72:72961:51940:2/:2/91.80-50-50-3/.3/.3/03/01/01/20.1..0--/-+.0)02).0*.0*.0*.0*,/+,/+*1-,2.-0/+0/+10+10+01+12-11/1111/010.10.2.+3.+3.*91.92,;2+<3,?5,@6-A7.A7.B8/A8/B90A8/A81@70>50>50=2.=2.<1/<1/<1/<1/=20=2.B3.E2.M//R+0W(0U&.P'/I).C/.<1+;2+?2)H1)S0*_.*d/)i9/k;/u<3}<6�<9�;9�;7�:6�>9�?9�B9�B9�B9�B9�A7�B6�@1�A/�A/�@.�>-�<,�<,�:+�9+�9*�:*�:)<){=(x>(x>*�>3{7.z7.z<1v;-w=/|A3{@2�B7�E:�H=�I@�KA�MB�OF�QH�SK�\Q�h[�tb�g��m~�v�|��������������������~}�yq�oj�if�gf�eg�gd�e_~_\v[PhRK^KBPA8D62:/.4*,/(+*%2&(5%(4%(2&(1&*/)+/+,.,-++-*+-*+-(,-(,/',/',/*+-/+,1++0+(/,%99-PTCiqYv�e{�hy�h|�k�n}�oy�k{�m��r��t��q}�p}�p~�s~�v~�x}�x|�x}�zz�wu�qn�je|bXlSN[GDF9?=1:8,45/45/45/560560671761761872983;83<94<94<94<73<73<41<41;30;3083072/61.61.5106216213123121/00./1-.2,04+.4+.4+.2,.2,,2,,2,,3/.3/,3/,40-21,21,32-32.22022032032051051.61.61-;30<5/>5.?6-A7.B8/E8/C9/E;2E;2E;2D:1C90B8/A60@5/>3/>3/=2.=2.=20=20>31>31@51F42M02T,4X)3W(2R)1K,1B30:6-77-:6*B4)M2)X/)^/)f:1j;3s<7z=:�<:�<;�;;�::�;7�>8�@:�C<�C:�C:�@9�@7�C2�C1�B0�?/�>/�<.�:-�9-�8,�8+�9+�:+~=+x>*v?*x=+�9-|/'�8/�>4w4+t6+}A6}C7E:�G<�I>�KB�KB�MD�RH�WJ}`N{iQ�pY�u]�|b��i��u��|��~��������������{�}z�wz�p{�ly�lw�ku�ms�mm�gkd`rZ[hTR[JIM>@@4;7,70&5*$6('5''3''1'&.((,+)++)+-*(,+(,+*,+*,+++-,*-,*-.*+,#$3+(50*85,BC5UZFfpWn}^t�eq�bu�ex�iv�js�ht�iw�kz�nx�lw�mx�n{�s{�u{�w|�wy�uz�ww�ts�om�hd{_WkPN[GCC7>:195,560671671671782782872983983:94=:5>;6>;6>;6>95>95?74?74>63>63;63:5294194184195495484384343151240/6-06-.6-06-.4..4..4..4/,40-40-40-51.32-32-43.43.43/442542540841850:51:5/>71>7/@7.A8/C90D:0G:1H;2G=4G=4F<3F<3E;2C90B71A60@51@51?40?40?42?42@53?53@72D63I35P16T/6S.5P05J22C52=90<:.=9-C7)I6(Q3)W2)]2+d3,l50v64}77�87�77�77~75}:4}<6~?8�?9�@8�?;�A8�C4�C1�B1�@0�=/�;.�:.�9-�9,�9,�:,<,|=,y>,x?,|=,�4,�2,�LE�XQ�A8|90�F;�K=yH:zJ<{M@|NA}OB�QE�UJ�_LrkOptS|uX�w]�yb�i��s��z��z��|����������~{�y~�v��p��o��p��p�r{�pw�mt�lj~cfv\_hSV[GOM>GA3A7+=0';,'9+(6+)3+(/,',-'+-().().(+-(-,*/+*3)*4(*7'*7'(3($<3,E>4IG:QR@^cMgqVjyZo�^k�\l�]p�bq�eo�do�er�fu�mr�jq�it�nx�rz�vy�vy�vv�tw�vu�ro�kk�fc|^UlON\ECC7@91;4,782782782782893893:94:94:94;:5>;6?<7@=8@=8@;7@;7B:7B:7A96@85=84=84<73<73<73<74<74<74;639529338308/09/.8/080.80.80.61.61-61-61-52-63.63.63.74/54/540651841952;74<94=84@93@70A8/C90D:0G:1H<0I=1J>2J=4J=4J=4I<3F<3D:1C90B8/A81A81@72?61?61@72A83A83?74@85B86E:8G96I:7H96H94E80E8/E9-E9+G9,I9*K9+Q7*Z/&d/'n3-z63�98�;9�;:�=;�A>�@:�>7<4:3�<4�=8�@9�A5�B3�@2�?2�=1�<0�;/�</=/}>/|>/|>/|>/}>/=/�9/�1+�;8�kf�~y�ZT�D=�LAN@tJ<rN>pQ?qR@tSB{WG�[J~eOmsOpzU�y[�u_�oc�mf�qk�wo��w��z��~��������~��y��v��r��r��r��r��t}�sx�pt�pm�ii�edx]]kRV^GMP;ED0B;+@3+?2,;0,70*30)00(./)./)01+30+7-,;+,?),D',F%,D'+F5-LC4VP@[XE`bLgmSjxWj{Wl�[g�Wg�Zl�^o�cn�an�br�fs�kp�jo�ir�nv�sy�xx�wv�vs�su�vs�rn�lk�db{[UmMN\CGH:E<5@707827828938938939:4:94:94;:5<;6?<7@=8@=8@=8A<8A<8D<9C;8C;8B:7?:6>95>95=84>95>95>95>95=85<73:52<41:0/:0.91/91.91/91.91.72.61-61-63.63.63.74/74/74/540651952;83<94?:4B;5C<4A8/B:/D:0E;/H<0I=1J>2J>2K>5K>5K>5J=4F<3E;2C90B8/B92B92A83A83A83A83B94A:4@85A96B;5D=7F=8G<6K<5N;4M6.O7-Q6+Q6+R8+P9+P9)W7(f6*r6,~;3�@9�D@�HD�JG�LF�QJ�LD�D;�<1�7-�8.�91�=6�>5�>7�=6�<5�<5�=4}=3z>3x@3vA3x@3z>3<3�:3�84�42�(&�=;�{z����hc�G@�K@xH:nM<jQ=fT>hV@lWBt[E`L�hP{rQ�vU�t\�l^�__�V\�Q[�T\�ou�zx̆~��������}��x��v��r��t��u��u��u��u��s��r|�ny�ju{anpZgbN_TBUE5R</O4-N2.I0,D/*>/(9/&7.'6/'92*;0*>/,B-,G*,I),L'.I)*TB6YQ<d^HgeLilOnuVm{Xl~Xn�[h�Vg�Xm�]p�bq�br�dv�it�lq�ko�jr�mw�vz�xx�yt�uu�uu�us�ro�kj�eb{[UmMM]BMN@KB;F=69:49:49:49:4:;5;<6=<7=<7=<7=<7@=8@=8A>9B?:D?;D?;E@<E@<E@<D?;D?9C>8E>8E>8B;5B;5B;5B;5B:7B;5B:7A:4A75A83A75@72@64>71>71>71<71<71;60:5/96185074/74/961961961:72<73>93A:2B;1C:1D<1F<2J>2L@4L@2N@3N@5N@7N@7L?6K>5J=4H;2F<3E;2B90B90@91?80?82?82@93@93<5/MD?M@:K:3T?:S73O0+a<6\3-`5.`4+^/'^/%f6,m=1q=0�J>�G;�I?�KA�F>�>7�>7�D;�ND�QF�WK�YK�OB�A5�;0�>6�98�:9�65�52�84�?8|@6r>1rB4oA2q=0w;1�72�43�-1�',�HI�ba�ED�WU�yv�VO�F<�VFnS>i[AibFjeHj`En^D|dL�jT�bL�l]�nh�X]�;L�-E�+H�0L�@Y�I\�[e�nr�{|ۀ}ۃ؉��~w��w��x��x��x��y��y��x��o�~m�xi�oc�bY�UM{IBxA>u:<i.2d04b14P&'G%#L0-M51G4.E2,D1-F1.F.,G+*K-/Q51YH6`V;f_CgdEkoNu|Zu�]o�Yl�Wl�Zp�_r�at�cu�dw�fx�hq�is�ot�qr�ou�ty�x{�|y�zx�ys�rm�lk�gi�dazZTmMO_DNOASJAQH?9:49:49:49:4:;5;<6>=8?>9>=8>=8A>9A>9B?:C@;D?;D?;FA=FA=E@<E@<D?9D?9E>8E>8E>8E>8E>8D=5D=7C<4D;4C:3B92B92B92B92B94A83@93@93>71<71<71;6096185085074/961961961:70<71>:1A:0B<0C;0E;/I=1J>0L@2L@2N@3N@3N@5N@7M?6K>5I<3H;2E;2E;2C:1B90A:2@91@93@93A:4B94E:4J71L.,V..j68u9;{;;�EC�E@�IA�IA�H?�IB�NH�PL�OG�D7�B4�B6�D9�>3�7-�7-�=2�C5�@1�@0�D5�G6�F6�H:�NE�LM�HL�@D�9;�98�>:�@8x>3o>0zI;�LA�?8�-,�).�9D�LW�KN�MM�>=�@?�`\�YQ�@5�UEyaIe[@_^@ihIslOvgJ~dK�cN�dX�_[�UZ�AN�,E�&E�&H�'I�.N�3N�<R�I[�P^�Q]�S]�Xb�bk�fl�io�mq�qr�ut�xw�yw�||�yz�vx�qt�kr�fn�ak�_k�`n�Sa�LX�GQ�EL�EIm69HT1-M0*I2,J6/L92K:2O>7UE8[O7cZ;hbBifEnrO{�^z�bt�^r�_p�_p�`r�`u�dw�dw�dw�fs�kx�t|�x{�x�}������������z�|r�qm�jh�d`y[TmMP`ERSCVPDUOC8938938939:4;<6=>8?>9@?:@?:@?:C@;C@;C@;C@;E@<E@<FA;FA;FA;FA;E@:E@:G@8G@8JA:I@9I@9H?6F=6E<3F<3E;2D:1D:1D:1D:1D;4D;4D;4C<4?80?80<71;60;60:5/94.94.96/96/:5/;7.>7/@9/C:1C;0E;1F<0I=1K?1M?2NA1P@1P@3P?5M?4L>3K=2I<3H;2E;1E;1D;2C:1B;1A:0?;2@<3A=4D;4VE>U4/j25�AG�LW�Ub�]f�_c�B>�I?�LA�ND�QL�UR�OS�LM�@6�B0�@0�?1�;.�7+�8+�=/�E6�=-�7$�:'�>-�A1�C2�E;�02�:B�DL�LR�MR�KL�A>�71{8/v6,x2*�1-�37�=G�GW�M[�FI�53�:9�31�NK�c]�K@�[J}cLk`DgdEtoOpS�gL�hN�hY�bb�QZ�DQ�7I�2K�2N�/M�+I�2O�0K�1J�5N�5N�2K�3L�8Q�@Z�C[�F_�Ia�Nc�Qf�Tj�Vk�Sj�Ri�Pj�Ni�Nl�Po�Ss�Vu�g��`}�[u�Ul�Zm�dr�R]r-2^&'Y0,W:4Q?5C;.:8)>B3LN9VO3aV6e_?heDquT�e��ix�dx�iu�et�dr�cv�ey�hz�iz�j��v��������������������������z�yp�mhc_vYTmMPcGTWDYVGYVG7827828939:4;<6=>8@?:A@;BA<BA<DA<DA<DA<DA<E@<E@<GB<GB<GB<GB<FA;FA;HA9HA9LC<KB9JA8I@7H>5G=3F<2E;1D:0D:0E;1E;2D;2E<3E<5E<5@91?80=82<71;60;60:5/:5/:70:70;7.;7.?8.@9/C;0D</F<0G>/J>0K?/M@0NA1P@1O?0O?2O>4L>3K=2J<3H;2E;1D:0D;2D;2B;1@<1@<3A=4B>5G=4S81[*&�;@�T`�Te�Tg�Uc�JO�41�;0�?1�A3�F=�IG�BH�?C�B7�F5�B3�@3�?3�>3�B4�E7�G7�B1�<)�;(�;*�:*�6&�3(�97�9=�7>�7<�<B�JL�TS�XS�?7�4*�,%�61�HK�OW�BR�3@�:9�.*�84�74�E@�]U�WK�XGwW@veI~pS�qR�fL�cL�o[�ui�SW�DP�;J�:J�=N�@Q�;O�4H�?S�9P�4K�3K�1J�/I�0N�6S�3T�4V�6W�7W�:[�=\�>`�@a�Cf�Ag�?e�?g�?h�Cm�Er�Is�Ow�Qu�Uv�Sq�Tp�ax�fv�Wb~17j0/Y2+P8,G>/>A.;D/?G/QL/_T8g`CokN||`��r��v~�q|�q|�t|�sz�qz�m}�o��u��|���������������������������������s�qh|c]tXSlNQdHRZCWYDYZH671671782893:;5<=7?>9@?:BA<BA<DA<DA<EB=EB=FA=FA=FC<GD=HC=HC=HD;HD;JC;JC;LC:KB9KA8J@6K>5I=1H<0H<0E;/E;/E;/E;1E;1E;1D;2D;2A:2@91@91?80<71;60;60:5/;7.;7.;7.<8/?8.A:0C;0D</G=1G>/K?1M@0NA1NA0P@0O?0O?2O>4N=3K=2I;0G;/D:0D:0D<1D<1B;1@<1A=2A?3B?6K=4\50w32�LS�]i�M_�?S�6E�&+�1+�7(�;'�<)�@3�D=�>?�;<�?5�B4�@3�>3�@5�C9�G=�I>�>/�?/�=+�;)�9)�:,�;/�<1�FA�EB�>?�79�7<�BE�LN�SP�C>�LD�TL�SM�KJ�@C�5>�27�4.�7.�1+�:4�84�@9�[P�TD{N9�bI�kP�aG�[F�gU�rd�mh�EK�:D�9C�<D�BH�FK�GM�FM�KT�AO�8I�5H�2G�0G�3M�8R�9V�9X�:X�:Z�;]�=_�?d�Ae�Ci�Dk�Dm�Cm�Co�Co�Cr�Cp�Gp�@h�Gm�Mp�Ij�Ok�[r�cs�Ye�?D`&$Q+"V@3VO=IL7@D-RJ3eYCvkW�{g��y����������������������������������������������þ�����þ�����������y�vi{e\sYTmORfJQ[BUZCW\F560671671782893:;5=<7>=8@?:@?:C@;DA<EB=EB=GB>GB>GD=GD=HC=ID>IE<IE<LE=LE;LC:LD9LB8KA5L@4K?3J>2J>2G=1G=1F<0F<0E;1E;1D;2C:1A:2A:2@91@91=82<71<71;60;7.;7.<8/<8-@9/A;/D</E=0H?0J>0L?/M@0NA0NA0O?/O?/O?2N=3M<2L;1I;0G;/F90C9/C;0B<0B;1@<1@>2A?3B?6N;4n95�FE�Y_�Wb�CQ�8F�3;�++�1'�8%�:!�9 �;&�>.�:2�71�7,�:-�9/�7,�:1�A9�E<�E:�>2�?0�<,�6'�6)�>0�D;�G=�8-�@6�E@�BB�=A�9>�27�.0�75�GB�SL�NG�=9�10�/2�67�1(�</�,"�71�3,�7/�g\�l^�WC�ZC�V?�R=�\L�la�gb�UU�EK�=F�;@�=>�A>�GD�OM�WW�NS�DM�9G�5F�1F�.D�1G�7N�8S�8T�9W�:X�;\�>a�Ae�Ck�<f�<h�>j�?m�>n�>o�=m�:j�Hr�;a�?d�Jp�Kn�Nm�Uo�Yp�r��`j�INt:8\6-P9+PC2UM:^QAreU�|n��������������������������������������������������������������ʿ����������~m~kau\XoSVjNS`FV`EX`H560560560671782893:94;:5>=8>=8A>9C@;DA<FC>HC?HC?HE>HE>ID>JE?JF=JF=MF<MF<MD;ME:MC9MC7NB6NB4N@3MA3JA2JA2I@1H?0G=1F<0D<1D<1C:1C:1A:2@91?82?82<71<71<8/<8-<8-=9.@9/A;/D</E=0H?0K?1M@0NA1P@0P@0O@-O?/O=1O=1M<2L;1I;0F:.F90C9/B:/A;/A:0?;0?=1@>2@@4Q:2r1/�KL�RX�>D�06�03�//�1)�2"�9#�>"�;�< �=#�;%�6%�6)�8-�6/�4,�92�@:�C<�@6�B7�A4�</�8+�:0�C8�E>�@7�>-�>-�5+�*&�"%�%+�+2�.4�)*�.+�3,�4,�3,�3-�0-�2+�2%�6&�2&�7,�6.�>7�`U�q�eS�VB�M:�WI�f[�d_�RT�CI�FM�AE�??�@<�@8�?9�FA�ML�JP�@K�9H�7H�5H�3E�6G�;M�9Q�7R�6R�6U�6X�9]�;a�<g�>k�?m�@q�Bt�Bu�Bu�Bt�Bp�Fm�Aa�Ee�Jl�Kk�Vt�_z�]v�j~�p~�mx�]a�CAg6/hB7sUJye\�}v�����������������������ž�������������������������������������������˺��������t�qexb\sY[oS[jM\iK]gL561561561560561671983983<;6=<7@=8B?:DA<FC<GD?HE>HE>HE>HE<JF=KG<KG;KG;NH:MG;MG;NF;MD;MD;MD=NC?NC=MC7MD5LC4JA2H>2G=1E=2D;2C:1C:3A:2A:4@93?74<73<71>7/>7/<8/=90>:1B;3C<2D=3H@5I?3L@2MA1NA1P@0O@-O@-L?/L>1M<2L;1J91I81E80C90@9/>:/;;/<<0=>0>?1A?0S8-�<7�\[�ZY�86�.*�1+�/&�2#�9&�B*�F,�D)�A&�A&�=$�9#�:+�;0�:0�7.�<4�C<�E;�A6�=0�=0�;.�=1�E9�MB�E<�8,�6$�;)�;.�3,�+*�(+�&+�%'�**�.+�2,�4,�3*�3)�2(�3%�:*�2�?0�7*�8-�?5�A6�l`�gY�RB�NC�cZ�hb�RR�AF�CK�>D�;=�<<�@9�>4�8,�6.�94�HH�@E�:F�;I�:I�8G�;I�?N�AU�?V�<T�9T�8U�9Z�:^�;c�>i�?m�>o�>p�?r�@r�@t�Aq�Cj�Mm�Ss�Jh�Aa�Ts�g��e��]w�_x�g{�p�qx�gg�^X{ZQ�~w������ļ������������������������������������������������������������������«�����z�xlzibu_`rZcqWcpTcmT21/320542651875984984984;:5<;6==5??7AA9CC9EE=EE=HH@HH>HH<JH;KJ8LK7ML8OL9NK:JF:HE<JFCNIMNIPICOE>ENE>LC4J@4KA5MC9LB8F=4B90E<5C:5@93@85@85@86<74<42C97B94A96>95?:7>:7?;8@<9B?:D@7G@6J@4L@0O@-O@+L?,G@.G@0I;0K81M53L76J88F;9C@;6904</9D4:A/69$?=(bC1�j^�JA�7,�5)�7+�5'�7&�=+�8$�<&�@*�@+�=)�:'�6%�6%�6'�7)�9+�<.�@2�B4�B2�A1�>.�=.�<,�=/�D7�G;�?2�2&�9+�8*�8+�8-�8.�5.�3/�1-�/-�.-�0,�1,�5,�8,�:)�:(�9&�3�3"�8'�7'�6(�B5�SI�ME�TL�[X�\\�PR�>C�9?�?G�AF�CD�BB�?9�<3�;/�</�<0�KB�KC�FE�>?�<A�?G�?I�;G�DQ�CQ�DR�DU�@V�<U�<Z�Bd�Fk�Aj�;g�:g�=n�Ct�H{�K{�My�Mt�Ps�Op�Mi�Mj�Yx�g��_��Gl�Vx�_{�^n�z��a^�xp�������Ļ��������������������������������������������������������������������ʻ��������y�xr}op{k}�sx�lv}k0./1/0320542653873873984;:5;:5==5??7AA7CC9DD:EE;HH@HH>HH<JH9KJ6LK6ML7NM8LK9KI=KJEPPRWU`YXjVTjSO`QHKMD?H?:F=8G>9H?:F=8B;5D:8A96?74?74@85@85=85<73=31=31=52=85=96>:9>=;>=9B?:D?9G@6J@4M@0O@-P?+L@*B?,B?.F<0H:1J65I56F35@65A=::=6;>5@@4E<-J9)^B4�L>�QB�;-�2#�6&�:'�7$�9%�>*�;%�<(�?,�@.�=,�9*�7)�8*�9)�:*�:*�<,�?/�A1�B/�@.�?.�:*�=,�F7�H:�?2�8+�6)�7+�7,�9.�;-�</�:.�8/�4-�1-�.-�/,�1,�3+�7*�:'�:&�;(�6#�8%�=,�;*�5&�:/�F<�F?�IF�OO�PQ�GK�<A�:A�CH�BE�ED�BA�>8�;1�:-�<-�=.�E5�L?�NE�GC�@A�?B�@I�@J�DM�CL�DP�FT�CT�?T�>X�Ba�Gi�Ci�?i�@j�Bp�Fv�Jz�K|�Jz�Ht�Kp�Qs�\z�_{�Wv�Nq�Ek�Dl�Ej�Ki�^r�nukLI�~t���̲���������������������������������������������������������������������������Ŵ����������������������~/.,0/-10.21/43/651762761:94:94<<4>>6@@6BB8CC9DD:IF=JH<JH;LI:MJ7NK8OL9OL9KI:NKBTRS_^fihxmm�lk�kh�`YiYQ\OGRH@KH>GG=EE<AA;=D;<?:7=85<73=82>93>:1>:194.:5/;60<92>;4?<5?<5@<3E>4G?4I?3L@2O?0P?/P?-L?,<;&:=(?<+A;-B71A62>42;30=84B;5H94N2.Y,)l/.�<>�GF�;0�2$�1"�9)�<)�8%�7$�;(�;&�>*�A-�A/�>.�=.�:-�</�<.�<.�:,�9+�<+�>-�>-�<,�?-�8(�>/�K>�G:�6*�2&�9.�6,�6+�8,�:.�:/�9/�6/�4-�0-�.+�.+�0+�2'�6&�7$�7#�8%�5#�9'�>/�=.�6)�9,�A7�<5�?9�EA�KI�JJ�CC�@B�CC�CA�D?�B=�=4�:.�8*�:*�;+�8)�D8�NH�JH�?B�=A�BK�HR�@I�@I�CO�GT�EU�@U�?X�A_�Eg�Ci�Ck�Fp�Iw�K{�L|�Jz�Fx�Hw�Kt�Ou�Z|�a��Uv�Cd�Ik�Tv�?\�I`�{��||aC;�{p���ճ���������������������������������������������������������������������������ξ�����������������������/.,/.,0/-10,21-43/54/650983983;;3==5??5AA7BB8CC9IF=JF;LI:MJ9PK8OL9QL9OL=LJ>QPL^]bmlzzz����������{u�rk�e_{YSmTLdMEZG@PB<HD?F@;?<87;63<71=90=90;8/:70991;;3>;2?=1@<1?;/A;-F?/H?0K?1M@0O?0O?/P>0L?/@=*?>,@=.?;/?;2>93=:5:94<94E:6M51V-+j)-�18�8C�=C�8/�7(�:*�?/�?,�9&�8%�;&�:&�<)�?-�@/�?0�=0�=1�>2�?3�=2�9.�8*�9+�:,�:,�9*�;,�<.�B5�E9�>3�2(�2(�9/�5+�5+�6-�7-�7.�7-�4-�1*�0,�/,�.+�0(�2&�4$�5"�5!�2�0�4&�<.�=/�:/�=2�D:�5-�60�;5�EA�NJ�KI�C?�=8�@9�A8�?5�=0�9-�9+�9+�;-�4&�?3�HB�HE�AB�@D�GM�NU�?G�?G�BM�HU�HW�BW�@X�A^�Ac�Cf�Fm�Ir�My�O|�L{�Iy�Dv�N~�R}�Kr�Mo�Vu�Uu�Mj�Gd�Lg�>V�dt���ӏ�d92lJ@�ypХ������������������������������������������������������������������������������º��������������������10,10,0/+0/+10,21,43.54/77/880::2;;3>>4??5AA7DA8IE:LF:NH:PJ:RK9RM:SL<RL@OJDVTUfdqwx���������Ï�Ǝ�����{w�pm�id�_[~UPnNJaKGXFCN?=B<8995296/85,85.671783891;;1></@=,B=*C<)G?,J?-K@.L@0M@0M?2L@4K>5M@7K>5F<3B92=82:946;47<59<5>:1H4-Y2-x89�?D�>E�8<�;0�=,�@.�A/�@-�<)�;'�>*�8%�;(�=,�=.�<-�;.�<0�=3�?6�>3�:/�7,�8-�8+�8+�8+�7+�A5�C8�9/�1(�3)�8.�5+�4+�3)�4-�6,�6-�4-�2-�/*�/,�/*�/)�1(�3&�4!�5�4�2�/�2$�6)�9-�;1�?6�E=�F>�@7�<5�@9�KD�NG�E>�;1�=1�=1�</�;,�9+�:+�<-�?0�9-�<2�@:�C?�BD�DH�JO�OV�@F�>E�BL�IU�JY�FX�CY�C]�@_�Bd�El�Js�Nz�O|�Ly�Iv�Jw�T��T}�Jq�Im�St�Vt�Ni�D^�F]�Xk������󝞎HFk.)�ke͖�����������������������������������������������������������������������������������ɿ��������Ⱦȿ�¹65154/32.21,10+21,32-43.66.77/880::2<<2>>4@@6CA5JD8ME8OH8RK;TK:TM=SK>RKAQLIZW^li|~������̙�ؚ�ޙ�ڔ�Ԍ�Ɇ���~�xv�nk�fe�^[xWTiMKYDAJ><?;:8;76875557457664872<:.?<+C>*F@*G?*H@+IA.IB0IA4HB6HA9G@:K=<I;;C9:=77875384/83/917<574+C1']80~C=�GC�>?�52�<0�<+�?-�?-�?-�>*�?+�?-�8%�9(�:+�9-�9,�:.�:0�<4�>5�;4�91�8.�8.�9/�8.�6,�8.�C9�A8�0&�,#�7/�<4�2*�3,�1*�2+�3,�3-�2+�/*�-*�/*�/*�/)�1(�4$�5"�6 �5�7#�3#�3$�3&�5)�8,�<1�?6�YQ�RJ�IB�C;�F=�J@�E;�>1�:*�;+�:*�:)�9*�;,�>0�A3�A6�=4�=7�A=�EE�GH�IM�MQ�BF�@C�BK�KT�N[�JZ�F\�F_�A_�Ba�Ei�Jp�Nw�Oz�Nx�Lv�Q{�R{�Ov�Ot�Vy�]{�So�D^�Tl�Qd�dt��������`d�MM�jgΏ�Ｘ������������������������������������������������������������������������������������������������=:5;8185063,41*41*52+63,74-85.:70;81>;2?<3A>5C?4KC8MC7PG8SJ;WK;UL=UK?SJCSJK]Wcom������ś�ڟ�ꢩ�뙛啘ݔ�֐�ʉ�����zy�rq�fc~ZWlPN\IGRFCNCAL??K==G;:@;9:=:5?;/C=-E@,F@*FA+EB/EC4CC7BC;AC>@ACB<FD>LD@NEEOCHNAIL?IJ?HECHAA=2L:.gF7�OA�J=�?4�8+�>/�>,�=,�>-�@,�@-�?-�=+�8'�8)�9*�9,�8-�8.�91�;5�:4�:3�81�81�92�:2�70�6/�=6�>5�91�2(�4*�<3�<3�4+�1*�1)�1*�1+�0+�/)�-(�,(�.*�/*�0)�2(�5'�6%�6#�7"�9%�8%�6%�5&�4(�7+�8.�7/�NG�XP�ZS�QI�G>�D9�@7�>/�<*�<(�<(�:'�9(�;*�>0�A4�D;�@7�@:�FC�IH�HG�GJ�IK�FH�BD�DK�LS�P\�O]�L]�K`�D^�Da�Ff�Il�Nu�Ox�Ox�Py�Uz�Ux�Tv�Yx�]{�Zw�Qk�I`�Wk�Ug�M^�^m�KZ�Ta�Tc�Xc�efȃ~嫧������������������������������������������������������������������������������������������������@=6>;4:7074-52+52+52+63,74-85.96/;81=:1?<3@=4B>3JB7MC7SG9VJ<WK;XL>WK?TICSJM^Xfpm������˜�㤬�������������ꝡᙛ֕�̒�ĉ��zx�ji�`]|XUpRPhOMeOKdKG^FBS@=H?:>?:6@<1A>/C@/CB0BC3BD7?D=>D@<ED;BJ>CVDHaMRhV[n\br`dobbje`dfXWaJDlG>�TF�XF�J7�@-�>+�A0�@/�@/�@-�A.�A/�=+�8'�7(�8+�8+�8-�6-�7/�81�;4�72�83�72�93�94�94�83�6/�A:�8/�3*�8/�>5�=5�91�6.�2+�0)�/*�0+�/)�-)�,(�,(�-)�/)�1)�4)�5'�7&�7$�8#�7"�8%�8'�6&�7)�9+�7+�5+�5,�NG�d\�`Y�OF�A7�;2�9-�>)�>'�='�;%�9&�9*�</�>2�D;�A9�E?�KH�MJ�GD�EE�HG�II�CD�FI�MS�SZ�R\�O^�Oa�H^�G`�Gd�Ii�Nr�Qx�Ry�Tz�Uu�Zx�^}�^|�Tr�Mg�Oi�Yn�[m�ct�M^�Uf�O`�Ug�L_�R_�^_�vqל�������������������������������������������������������������������������������������������������B>5A=4@<3>:1<8/:6-84+84+62)62)72,83-;60>93A<6E>6I@7MC7RF8UI;WJ:XK;ZLA[NHTIMXR`gd�|~���ʗ�㠩����������������������쩫蟡ڙ�ҍ����ur�he�]Z�XR~XQ{YQxVOpNI`C?M?:@?;:B?8>>4AC6BE:?D=<B>:CB>FH?LUEWoSf�bq�is�tv��x��o��_m�[c�XZ�WU�VM�M?�@.�:%�:$�=)�=*�?,�@.�@.�?-�=,�;,�6'�7)�6*�7-�7-�8/�91�83�84�95�:6�93�61�61�83�;4�D=�=6�70�@7�[R�lc�]T�?6�3)�2)�2*�/)�*&�(%�((�**�-+�0,�2+�1'�0#�1"�4$�:(�;&�<(�<)�<*�:,�9+�8,�7-�@8�81�GA�c^�XQ�B<�A<�4*�:&�<$�<&�<&�:(�:+�<0�>2�>6�C;�PJ�XT�NK�?;�?:�HD�IH�GE�JK�PT�RW�NV�LY�L\�Rf�Of�Jf�Jh�Mn�Qu�Rv�Rv�Wv�Xu�Xw�[w�\x�Zs�Wn�Vk�bu�Vg�\m�[l�FX�DX�Qe�Ve�fg�ieʏ�網���������������������������������������������������������������������������������������������C?6B>3A=4?;2=90;7.:6-95,73*73*72,83-:5/>93A<6D=5H?6LB8OE9TH8VI8WJ:YK@ZMGUJNXP_fay{���ɔ�⛦������������������������������뢣㘘،�ɀ�uq�jf�d_�`W�`V�]TVPtMIbFCTBAIAAC<<:AB=FEACD?A?@DBEOMRWVdch�qu�}��}��|��|��p��`u�Yi�Va�QU�HF�@4�;)�<&�>(�8$�7%�9'�9(�9(�9(�7(�6(�3%�4(�7-�:2�<3�=5�<5�<5�>9�<7�<7�>9�B=�C=�C=�A;�@:�B9�@7�8/�1(�5,�H?�ZQ�@6�6,�,$�)#�-)�//�,-�((�0.�4/�61�6.�3)�2&�2%�6&�:'�;'�<(�:(�9*�7)�5)�5)�:0�5-�=6�PJ�TQ�LH�B?�1(�;(�=&�<'�;'�9(�9+�:.�:/�>4�B:�NH�XQ�RL�D=�C;�HC�LH�JF�ML�SR�TW�PV�NV�OZ�Vf�Uh�Sk�Rl�Qo�Rs�St�Ru�Mm�Ut�\|�_}�\v�Uo�Ri�Re�Ug�Rb�Zj�Zj�N^�Sc�Yi�S^�`_�^W��}٩����������������������������������������������������������������������������������������������FB7EA5C?4A=2?;0=9.<8-;7,84+84+83-83-:5/=82?:4A=4F?5JB7ND8RF6TG6WG7WI<XKCWKKXP]b^ysu����ܘ�����������������������������������뙗���Ӄ��xu�sm�k`�i]�cZ�]W�VRwNKhEDV@@L85<A<@KABL@BQ>B[FKpW]�cu�s��{����{��v��p��c��Sp�F^�K\�HR�<<�5.�9*�<'�<%�;)�;*�:)�;*�<,�<-�<-�<.�6*�8.�<1�?5�A8�>7�=4�:4�84�40�40�93�B<�E?�B<�=5�<4�5-�4+�7-�2'�, �6*�G:�K>�@6�4-�-)�,*�-/�+.�*,�*)�/+�3/�5.�4+�2)�1'�3'�7(�:)�:(�:)�;*�:*�8+�8,�4+�<4�:5�<7�ON�YW�EE�3/�<-�<(�;*�;*�9+�9+�8,�8,�=3�A6�JA�UK�SJ�G>�D:�G>�KD�JD�LI�SP�ST�PS�MS�NW�Xd�Zh�[p�Zr�Uo�Qn�Pn�Qr�Gm�Pv�Z}�[{�Vr�Sm�Vm�\m�Xi�Zh�`n�`l�]g�fn�fm�\_�]W{OF�mf���ݺ�������������������������������������������������������������������������������������������IE9HD8FB6EA5B>3A=2?;0>:/:6-:6-94.94.:5/<71?:4@;5C?6HA7LD7OF5SF5UE5UH8VJ>YNLXNW^Zqpp������ԕ�革����������������������������������ꗖ⌋׃��}y�um�pg�f`�_Z�YX�QQuGGcB?R=5DH8BT=C`@EnCJ�OU�^g�gx�k��n��o��i��`��Wx�Ig�;U�2H�AP�DO�;=�82�?0�@,�:$�5$�5%�6%�5&�7(�9,�;-�</�@6�@7�@6�@7�=5�93�6.�4,�.(�-'�.(�3-�:4�<4�81�5-�5-�,"�* �7,�B6�>2�5&�.�F7�I<�H?�<9�,,�#%�')�/2�-.�0/�2.�3,�1*�0*�/)�0'�7+�9+�:-�<-�>/�?0�@3�@3�6*�LB�JE�50�GF�Z\�IK�A?�</�;+�:*�:*�:,�:,�9-�8,�<1�>2�F9�OB�PD�H<�C7�C7�H?�F?�JE�PK�RO�ML�KM�LQ�X`�[g�aq�au�Wo�Nh�Mg�Mm�Ou�Ry�Uw�Tq�Tm�[p�cu�iz�gu�bo�am�dn�fl�hj�gh�fa�^TeG<^U���ͫ�������������������������������������������������������������������������������������������NH:MG9LF8JD6HB6F@4D=3D=3?80>7/=60=60=60?82@85?:4C>8EA8LD9NE6RE4RE2VF6VH;ZMGVMR[Whlk�~����Δ�㜦���������������������������������铕⌋ن�у�|v�mk�de�_a�Y[�RQsNHbWFY_CQmBL�FP�LV�U^�[d�Zh�Rp�Ru�Tu�Pl�Jb�BW�8J�.?�8E�CM�GL�>>�>8�F:�H6�@,�>-�=-�<-�>/�?0�B4�D7�E:�E9�B7�>5�;2�6-�5,�3+�2*�0*�4-�60�90�80�7/�6.�6-�/&�6,�8,�2#�2#�9)�>-�;+�<-�D8�JA�DA�56�*-�*-�/2�67�55�41�1,�0*�/,�0-�1.�81�91�;2�;2�=1�=0�?0�>1�7+�WL�aZ�;6�;:�PQ�FH�PQ�<4�:/�8,�9,�:-�<.�<0�:.�:-�<.�A3�H9�I;�D6�@2�>0�F<�E<�IB�PI�RM�NK�LL�LO�Z`�^h�et�hz�]q�Og�Me�Nk�Vz�Tx�Rr�Tm�]q�hx�jw�er�et�_m�`k�kt�ru�jf�d\�la}fVYI:kXJ�{t���������������������������������������������������������������������������������������������QK=PJ<OI;MG9KE9IC7G@6G@6B;3A:2@93?82?82@93A96@;7B?8EB9KE9MF6PE3RE2VG4UH7YLDUKLZScii�|����ȓ�ޚ�리��������������������������������훟閘㒔ޒ�ډ��|��ty�ou�mp�ig�j_}y_x�Wj�P_�O\�S^�T]�PW�HR�@Q�?R�CR�DP�CK�@D�9<�46�JL�IJ�AA�87�95�A8�D8�>1�E6�E6�F7�E8�F8�G:�G<�G=�>3�;1�8/�5-�3*�4+�4,�7.�81�;4�=4�<3�90�5-�5,�7-�.$�;0�=.�1"�.�7&�<+�:(�8'�8)�:1�=9�@@�<>�37�,/�,.�+*�*)�+(�/,�44�88�9;�88�75�73�71�7-�6*�5(�5&�5(�PE�mc�HA�42�CC�?C�VV�A<�>4�80�7,�:-�</�=1�=0�:,�<-�?0�A2�A2�@.�=.�<-�D7�D9�H?�PG�RL�PJ�NL�ON�_c�ai�it�m|�dw�Vj�Qi�Uo�Wv�Vt�Xp�^p�ny�w��ks�Xa�`m�`m�bo�s}숊́|�th�yjskXON<_VG�rh���������������������������������������������������������������������������������������������SM=SM=QK=OI;MG;KE9JC9IB8E>6D=5B;5A:4@93A:4B:7@;7A@;CC;IE:MG7OG4RF0VG2UH5WJASIHXR^jg�}����Ē�ژ�礧��������������������������������ퟤ蝢晞┙ۋ�҆�ʃ�„������y��m��cz�Xi�Q_�NZ�IR�AI�=A�=;�?9�C9�H:�I8�G4�C0�@1�TI�G?�;7�64�88�;<�98�74�:/�<.�;.�:.�8+�7*�3)�2(�5+�3*�3(�3)�3*�5,�6.�8/�>4�<2�;1�8/�7.�6-�4*�3)�3&�3%�4%�7'�=)�>*�9$�2�:&�4%�1(�51�<<�=@�8>�37�-1�-.�--�0/�43�9:�;=�9=�26�03�01�1/�2+�2(�1%�3$�1$�=1�j_�TL�95�@?�:=�RS�JH�C=�94�6.�9/�;0�<0�=/�;*�?-�A/�?-�;*�;(�;+�<,�>0�>2�D:�LB�PH�NF�LI�NL�`d�ah�hr�o{�hx�Zk�Uj�Zr�Ys�]t�ar�jt�}���wy�_d�gt�m|�eu�lw���좟Ĕ���|ikVHQ<WUFtg^���۾����������������������������������������������������������������������������������������VO?TN>SK>PJ<OG<MG;LD9JC9H?6F?5E<5B;3B92A:2C:5A<6C@9DD:JF;MG7OG2QF0TH2UH5UH?QGFWQ]jh�~����œ�ؙ�矠��������������������������뤩������薠唟ߔ�ו�͚���������e�]p�Rd�IW�BN�>F�<A�<<�@9�A4�E4�I4�I3�F.�B,�?-�SE�D<�97�>>�DF�@D�8=�65�B;�E9�C8�A5�>2�9.�5+�2'�2(�3(�4*�5,�5.�4.�4.�4,�A8�>2�7,�6,�8/�:.�5)�1%�8(�2 �1!�9(�9(�4"�7%�C0�7&�8*�7-�5.�40�53�:9�?>�LK�HF�BB�>?�<=�8;�26�+2�+1�)/�,.�/.�1+�4*�5)�7(�0!�.�dY�]S�@:�DC�;;�MM�RQ�HE�<9�6/�8.�9/�;/�:+�<,�@-�A.�=*�8%�9&�<)�?.�7)�8,�>3�G<�K@�IA�JB�JE�a_�^`�dj�nw�ku�]i�Xe�]m�^s�bt�dq�lr�~�������qs�ry�y��aq�Xf������Ю����]jPDR9QTAjbU���������������������������������������������������������������������������������������������XNBWOBWMAUM@TJ>RJ=RH<PH=MC9KC8KA7H@5H>4G?4H>4F?5GC:GE9JF:NI6RJ5UJ4VK5VK9XNEULMZTbkh�{~���Ñ�ט�磤����������������������������쥨���ﭩ�����������▟֦�ζ������gz�L]�ER�>M�;G�<D�=B�@@�@@�>?�<=�EB�:4�D;�E<�1)�KF�JI�CE�>B�<@�<?�=>�<=�<;�B;�?7�D;�MA�K>�=0�6)�9,�7+�6,�5-�2*�/*�0,�2/�50�@7�9-�2%�3&�9+�;-�8(�2�2�4�5!�4"�4"�4%�5(�5)�0&�3)�5)�6*�5)�3&�3'�4)�2)�3.�52�33�/2�-2�-4�.5�-3�+/�+,�0.�5.�9,�7(�4%�-�3"�XH�YN�;3�NI�41�HH�OP�JJ�BB�<7�80�8.�:.�<-�=+�;(�9&�;(�<)�>,�=+�<,�8,�;0�=1�?3�?3�@4�@5�A7�ja�pi�c_�mj�qq�ad�gm�py�lz�hx�do�bi�dj�ln�qo�qo�y{�}��Zl�cw�bp������}�u]rQJY:LR8snZ���˷����������������������������������������������������������������������������������������YOCYOCXNBVL@UK?TJ>SI=RH<ND8ND8LB6KA5J@4J@4J@4IA6GC8HD9LF8OH6RJ5SK4VK7TK:XNEULMYUckh�{}������Ӗ�៞젞����������������������ퟧ袥襤ꩣ�������ᣜб������q��Tb�CO�<F�8A�7?�:=�<?�@A�AC�<C�:@�AD�<<�CA�@>�31�OP�DG�@E�;B�8?�8;�9:�:8�;7�E?�=5�=5�G>�LA�D6�:,�9+�7*�7+�6-�5.�3/�3/�55�84�>5�;-�6)�5&�6(�5'�6#�4�9$�9"�9%�:&�<+�<,�8.�4,�4.�5-�6-�7)�5&�5#�4!�4"�2$�2(�0+�.,�,-�,/�-2�/4�+.�,-�0/�2.�5+�5'�8'�9'�?.�*�D5�?2�F>�VP�B?�BA�UV�RR�JJ�C@�>6�:/�8-�8*�<+�;(�:'�<)�>-�?-�@/�>.�:,�;0�=0�>1�>2�?1�A4�C5�i\�md�b[�kf�ol�ba�kl�tx�q~�o|�ht�]f�Y`�bf�qp�zx�vw�x~�Rd�[p�]n������j�k[sOO_;SZ;us\����ĺ���������������������������������������������������������������������������������������\PB[OA[OAZN@XL>WK=WK=VJ<SG9RF8QE7PD6OC5OC5OC5MC7KD:JF;MG9PI7SK6VK5VK7TK:WMCVMNZWbki�z|������ˑ�֘�ޙ�㚙隝������������蜤㜢������៙㜘▛ߚ�ڤ�б������r��Yq�CT�AL�>D�=?�==�<?�=?�>C�=D�<C�8=�@B�A@�C?�<8�96�WW�BC�>B�;A�8>�68�66�96�<7�HA�;1�5+�A5�K>�H:�=/�8)�6)�7)�7,�6.�50�71�87�=9�3*�5*�6,�6*�5*�7)�:*�>,�4!�4�4!�7#�8)�9*�4*�-%�?=�>8�>6�<.�8)�7$�7"�8$�7%�3&�/&�.'�/+�/.�//�./�,)�0+�5.�5,�3&�4%�9&�>*�A/�1 �SE�;0�A;�C?�KJ�TU�TV�TT�OM�IE�C<�<2�7-�6(�8'�7%�7&�:'�=+�>-�=-�=,�:,�;/�<1�=/�=0�?0�C4�E7�\Q�g]�aY�lg�po�ab�fg�jq�R^�^k�gs�em�`g�fj�qq�xw�tu�nu�J]�Rh�[m񜡣��b`VoHRd>W`Axx^���������������������������������������������������������������������������������������������\PB\PB[OA[OAZN@YM?XL>XL>UI;TH:SG9RF8RF8RF8RF8QG;LE;KG<OI;RK9TL7WL6WL8WK;VLBUMK\V`jh~yy�������Γ�ҕ�֕�ۖ�㘛蘞욢훣뜥虡ߖ�ڕ�Ք�Օ�֒�֑�҅������}��s��f��W{�Ga�<K�AJ�BC�CA�B?�AA�?C�=F�=F�?F�:>�?@�ED�A<�61�>:�ZY�AB�@C�=B�:?�89�97�<8�A8�E;�:.�2(�</�E8�E6�>/�9(�8)�9)�9/�:/�91�91�;7�>8�2,�2*�3,�5,�5-�7.�:/�=/�7(�:)�<+�<,�;/�;0�<6�95�CB�A=�@7�<1�9*�8%�:&�;%�=)�7'�1%�1%�1(�3,�1,�/*�2*�5,�7+�6*�5'�7%�;(�>*�;(�<,�^P�F<�3/�/-�@@�WX�tu�rq�jg�^Y�PI�A7�5(�. �8'�8(�8&�;)�<,�=-�=,�<-�;.�=/�</�</�;-�>0�B3�F9�MA�`W�a[�pl�st�_c�]a�]d�HT�Ye�gr�go�el�kp�sv�vv�ps�en�DX�Kb�Xk뒖���_zYRkCSh?\gEy|_���������������������������������������������������������������������������������������������\PB\PB[OA[OAZN@YM?YM?YM?WK=VJ<VJ<UI;UI;UI;UI;TJ>OG<OI=QI<SL:UM:XM9YL9XL<UKAVLJ\U]hexut�|~������Ž�Ï�Ȑ�ϒ�Ԓ�ܔ����ߕ�ޗ�ܔ�֎�Ή�Dž�Ł��}��~�}t��p��g��\��Nv�Ac�:U�9K�AG�EC�GA�GC�EE�AG�<J�=J�BI�>A�@?�IE�?9�3-�C<�UP�DC�AC�@A�>?�?=�@<�D;�F<�=2�8*�5)�9*�>0�=-�;+�<)�:*�;*�;/�;/�8/�90�83�:5�:6�63�20�21�43�40�2+�0'�2(�7-�;1�8/�3/�40�;<�?@�8;�76�71�5,�4&�5"�7#�:%�=)�8&�4&�5'�8,�;1�9/�8-�>1�;-�8'�8'�:(�<)�<)�;)�>-�:*�>2�C:�/-�::�24�67�53�;7�C?�KF�QI�TI�TH�UG�?0�?.�<,�=-�=.�>0�?/�>0�<.�<0�=/�<.�<,�=.�A3�D6�MB�bZ�c]�ol�rr�`c�`e�`g�kv�oz�kv�`h�_f�lq�y|�y|�ms�^j�AW�D^�Uh懍���h�^[tJ_vJhwP��f��������������������������������������ǻ伺޺�޼���������������������������������������������[OA[OA[OAZN@ZN@YM?YM?YM?XL>XL>WK=VJ<VJ<WK=WK=XL>QI>RJ?SK>UL;XM;YN:ZM:YL;XL@ULGYSWe^nnj�ut�~}���������������Ȏ�ώ�ԏ�Տ�Ӑ�Ӌ�ʄ��|��u|�ov�io�lj��k��dz�Yv�Po�Bd�7V�4L�9I�@E�FB�JC�JE�GG�CJ�=N�>N�CI�BD�A>�ID�<5�4,�JA�LF�BA�>?�;;�=<�A>�E?�G<�G:�8*�7*�8*�9(�8)�9'�:(�;(�;)�=,�<.�;.�8.�6.�6/�50�32�./�-1�02�47�79�45�21�.,�4/�63�32�/1�/4�7>�:D�06�02�21�3,�5)�7'�9(�<(�8$�6$�7)�;-�>2�A5�@7�B7�G8�A1�<)�:'�<)�=*�<*�8&�:+�8*�0'�C<�2/�?A�.3�*,�1/�6/�83�92�8.�5*�2&�1#�E5�A2�=.�:+�9+�9+�:,�:,�<0�=0�>/�<.�<+�=-�?0�A4�SI�g_�d_�ki�no�ch�jq�ox�p}�s}�mw�bk�dn�rz�x~�qu�ip�Wf�AY�@[�Qf�}����z�kn�]o�Zy�`��r�������������������������������������կ�Ӧ�Ч�ӫ�Ԯ�ֱ�ں������������������������������������[N>[N>[N>[N>ZM=ZM=ZM=ZM=ZM=YL<YL<XK;XK;YL<YL<YM?SI?TJ>UL=XL<YN<ZM:ZM:ZM<ZN@VKEXOR_Wbd_sjf�so�zz�|~�~����������ƈ�ˉ�̉�ʈ�ȃ��|}�vw�qr�kl�fg�l`��_s�V_�N^�J^�@X�7L�3F�9C�?B�D@�HB�IC�FI�BJ�=N�>N�AE�FD�A=�HB�:/�7,�PG�C=�>9�64�21�53�>8�E<�G:�D5�8*�:*�:*�:'�8'�9&�:'�:&�:'�:)�:,�9+�7+�5+�4,�3-�*+�*-�-3�/4�17�39�49�58�8;�8<�9?�9A�9D�8G�6H�5G�+5�-2�12�4/�6-�8+�:,�=,�5&�8*�;/�>3�>4�=4�>6�A6�J<�H8�A1�<,�:*�9'�8*�9)�2'�9/�@8�D>�0/�..�59�58�3/�7.�82�:1�;1�;0�:0�;/�L?�F:�@1�9*�6)�6*�7*�8*�;-�=/�>0�=/�=,�<+�<.�=0�LB�c[�c^�ki�os�in�rz�v��fr�oy�q{�js�lv�w�u|�ho�cn�Rb�B[�<Y�Ka�t{�����z}�k{�f��h��u����̭����������������������շ�ˮ�Ǥ����‘�Ó�ș�˝�ˡ�ͧ�Ұ�ٻ����������������������������Ǿ[N>[N>ZM=ZM=ZM=ZM=YL<YL<ZM=YL<YL<XK;XK;YL<ZM=ZL?VJ>VJ>XL>YN<ZM<[N;ZM:ZM<[OAWMDWML\RZ^Xfb]qjfsp�wv�xx�|{��~�����ň�ȉ�ǂ}�y�zu�xq�vo�tk�pg�za��P\�HG�EH�HO�BN�:F�6A�:A�==�A=�DA�EB�CH�AK�=M�?M�?B�GD�A<�H@�9.�:/�UK�>7�83�/,�*(�/*�;4�C9�C6�>/�<-�;+�<)�:'�;(�<)�;'�8%�5$�7%�8)�7*�6+�3*�3)�3+�33�58�8<�4:�-2�(-�(/�+1�-3�)0�&1�)6�,?�*A�!:�/�"1�'0�,1�0/�2-�3+�4+�6*�6+�90�=6�>7�:4�71�51�92�H=�K<�E7�=/�6(�3%�5+�8-�4,�6-�C<�93�21�  �89�55�0*�4+�4+�5+�6+�6*�5+�7+�YN�RF�H;�@4�;/�;0�<1�<1�9-�;/�>1�=.�;,�9*�9,�:-�<2�YQ�b]�pp�vy�mr�q|�r}�z����x��hq�ep�q|�u�kv�^j�Oa�A^�8W�G^�nt��������n}�f��g��q�������ͭ�ܽ�ٻ�Դ�̩�Ÿ�������������������������Ñ�ř�ȡ�Ϊ�ѵ���������������������ν�ȷ�ZM=ZM=ZM=ZM=ZM=ZM=ZM=ZM=XK;XK;YL<YL<YL<ZM=ZM=ZL?ZLAZLA[M@[N=]M=^O<\O<\O>YM=YLCXMIXNO[QY]Ub`Yia\rjf�ok�sp�vq�{u��}���Ɍ�Lj��~��y��r��s��t��l��\��GN�B9�@<�C@�@?�:;�=?�DE�><�>=�?@�@C�BI�CM�AN�AL�??�@9�?6�>3�</�<0�D8�MD�72�:8�2.�3.�C<�?4�6'�>,�6%�:'�<)�;(�9%�9&�;(�:(�:'�9(�6(�2$�."�0&�7.�=5�82�40�0-�**�&(�%'�%'�$)�&,�!)�".�'7�(>�!;�7�1�'8�#.�#+�+-�--�+(�.*�41�64�64�77�65�23�./�,,�/,�92�:1�91�SK�#�+#�F@�.&�.*�<7�E@�:7�/*�.*�51�<7�>4�;/�5)�3&�5*�;.�;0�8.�bX�ZO�C:�6,�:/�8-�3'�6*�1&�2&�2&�5&�6'�:*�<.�=1�:0�C;�\W�pp�sv�x|�y��q|�|��w��t}�s{�r~�r~�my�gt�`n�I\�>\�>]�@X�el�����|��m}�f~�c��j��w�������������|��vz�qy�o|�r��v��u��w��y������������������������§�̹���������Կ�̺�������ZM=ZM=ZM=ZM=ZM=ZM=ZM=ZM=XK;XK;YL<YL<YL<ZM=ZM=ZM=ZL?ZL?]M>]M=]N;^O<\O<\O>]P@[OC[NFYNJZPQ\SX_U^_Wfd\tib�ng�qj�xp��y��ċ�ď���~��t��n��q��u��k��W}�<C�5+�6,�<3�@8�>8�?:�A=�=;�;<�;@�>D�@I�AI�@K�BG�<9�=4�<1�;/�:,�:-�A5�JA�FB�A=�63�51�A:�C8�:,�5#�8'�;(�=*�=*�;(�;(�;)�:)�9(�6&�2%�2%�5*�8.�91�91�1&�0&�.%�,&�+'�+)�,+�-.�)/�$,�$0�'7�$;�8�3�0�0�.9�3<�+2�(,�.0�02�+.�:>�7=�4:�26�05�03�25�87�2-�;5�82�E?�EA�/+�2.�"�51�?<�E@�=8�3-�2,�60�:1�:.�9*�5'�5(�9+�<0�<2�9/�cY�XN�@8�4+�91�:0�6,�9/�5+�5+�4*�5)�6)�5(�7(�6)�;0�C:�YT�lj�qt�x|�|��v��|��y��v~�u�s�p}�kw�dq�_n�I]�>\�>\�DZ�dj��y��qz�du�\x�]�c��k��p��p��mr�`m�]i�]g�^l�bq�ey�iz�k��t��v��|��}������������������������Ʒ�ǿ���ϼ�Ʒ�������\L<\L<\L<\L<\L<\L<\L<\L<ZJ:ZJ:[K;[K;[K;\L<\L<\L=\L=\L=^L>]M=]N;^O<^O<\O<_RA]QA\PD[NFZOK[PN]QS]RZ_SgcXvh]�kb�sk�v��|��}��������v��p��u��v��i��Rv�<D�5/�4+�<0�C7�E9�C8�?9�=<�:>�:A�=E�@G�AH�@E�@B�;6�90�8-�9,�9)�9*�?3�F>�D>�:7�75�;7�C=�PF�H<�3#�9(�:'�;)�=+�=,�<+�:)�9)�7)�3$�/#�5+�=5�@9�:2�4+�4&�5&�2%�/$�-%�+%�+(�,)�+-�(+�&/�(6�%:�7�3�3�%7�0;�5A�8C�<E�<E�6?�,6�2<�/;�.9�-7�.3�.1�/1�42�0,�=9�64�;9�mk�CA�0.�/,�;8�@<�A;�<6�7.�5-�5+�6*�6'�7&�6'�8)�;.�<1�<1�;1�`Y�TM�<3�0(�;3�>6�;3�=6�=8�<7�>7�=3�<2�:.�7*�6)�;/�@6�TM�ge�or�z~����|��|��y��x��w��s��n}�gv�`p�[m�G^�<Z�>\�FZ�`c�~gy�]i�Qh�Om�Rt�X|�^}�`x�\q�XazP_Pa�Uf�Zn�au�g}�j~�m��r��t��x��y��y��z��~�����������������ǹ�˸�ȶ����������[K;[K;[K;[K;[K;[K;[K;[K;ZJ:ZJ:[K;[K;[K;\L<\L<\L<]K=]K=^M=^M=^M;^O<^O<^O<^Q@^Q@]OB[OC\NE\OG]PJ]OO^P_bTmdY{i^�pg�}u��{��{�����������z��x��u��d��Ml�FR�A@�A=�E;�H;�G;�E9�A:�@A�<A�=D�?G�BI�BG�@A�?<�?6�<1�:.�;-�9)�9+�>2�D:�<7�31�;9�A?�D?�SL�UJ�:+�:*�8%�7%�;)�=,�=,�9*�8)�5'�2&�2)�9/�>7�>8�50�/&�5+�6)�4*�1'�.)�-)�+)�++�),�',�'1�)9�'=�"<�>�%A�6H�(6�.<�P\�`l�P\�<I�9G�)8�*8�.:�0:�27�01�+*�)&�0-�72�2/�C@�sp�VS�==�GF�=<�<9�:5�80�7-�6*�4&�3#�5#�6$�8&�;,�</�9.�:/�<4�XQ�MG�70�0)�<7�A:�<6�<5�>9�=9�?9�@8�?5�<2�:.�9-�9,�<3�OI�c_�no�|����~��y��y��y��x��t��n}�et�^n�Vh�E\�8V�<Z�H\�YZ�mScrG]uC\yCdzIm~Qt�Vv�Xs�Yo�Wm�Zl�\o�bu�h{�n��q��q��p��q��t��u��v��v��v��x��|��~��{��~���������ȷ�Ǹ����������[K;[K;[K;[K;[K;[K;[K;[K;ZJ:ZJ:[K;[K;[K;\L<\L<\L<]K=^K=_L=^M=^M;_N<^O<^O<^O<^N>^N>\O?_OB]OB^PE^OJbNYcRecTqdZ}le�xr�w��v��}����‰�΂��w��l��Xw�D_�CU�EQ�JP�IH�F?�E<�E>�EA�CC�@C�@G�BH�DI�CD�A?�@8�@7�=/�:+�:*�9)�8*�;.�?6�FB�=;�BB�AA�;6�KC�XL�K>�A3�8(�3#�8(�<-�:*�7)�8+�0%�3)�8/�;4�:5�62�/-�,)�0,�1-�10�31�25�37�48�6;�-5�,6�.=�0C�-F�)H�+N�3R�9L�3?�@M�_l�ky�Wf�CS�>P�3D�3A�3@�7=�99�83�4*�/$�2*�.(�72�YT�\Z�XV�AA�HF�B@�<7�70�6-�9.�9+�7'�5#�8%�8&�:(�>.�;-�6+�7.�>6�NG�EA�50�1-�>9�@:�81�51�20�21�52�83�:2�:/�9.�:.�5+�7-�IB�_Y�nl�}�������v}�w~�y��x��s��k}�dv�^p�Rg�F_�8V�=Z�L]�TR{`CWh<Yq?[vCfyKn~Qt�Vx�Zy�_w�ay�ex�hz�m|�q��r��r��p��o��r��t��t��t��t��r��v��w��{��x��x������������������������[K;[K;[K;[K;[K;[K;[K;[K;ZJ:ZJ:[K;[K;[K;\L<\L<]L<^K=^K=_L=_L=^M;_N<^O<^O<]N;]N;^O<_O?`P@`P@aQAbPFbNPcN]_Pe`Usga�to�{t�~r��v����̋�ۂ��r��du�Pd�;R�3L�<Q�ER�DK�?@�@>�CA�EB�EF�BD�AE�CF�DG�DC�B<�@5�?3�;-�8(�:)�9)�8*�:-�;3�IE�@@�=>�78�2/�B;�ZP�h[�QD�A3�4'�6'�:,�9+�7+�8,�0&�6-�;4�;4�40�/,�-+�--�49�3;�3=�3=�1>�1>�1=�1>�0A�1D�4K�5N�/P�-Q�2Y�>_�3H�O\�an�_n�Wf�P`�DX�8J�AQ�:G�2;�/2�2-�8-�;+�;+�:/�2(�JB�kc�LG�PK�;9�;9�LJ�@<�81�7-�</�=,�:)�;(�;&�;&�<)�>-�9+�3'�:1�C=�GA�D>�72�2.�;7�:6�2.�2-�,-�,,�/0�31�71�:1�<1�>2�6,�4)�B:�YS�jh�|}�������v}�x�z��x��q��i{�bt�]o�Pe�Ib�:X�@\�O_�QNqX:Sf8]uEa|In�Sv�Y{�]~�`��g��l��l}�m|�o}�p��o��n��l��l��q��q��r��r��o��p��r��t��v��t��w�������ï��������̫�����ZK8ZK8ZK8ZK8ZK8ZK8ZK8ZK8ZK8ZK8[L9[L9[L9\M:\M:]L:^K<`J<_L=_L=^M=_N>^O<^O<^O<_P=aP>aP>aP>aP>aP>bOAeMMdMW`O_aUmgb�uq�|v��s��u����Ά��~��qy�cl�P[�;M�*F�2Q�<S�<M�<E�@E�CD�BC�CE�BC�AD�CE�DB�C>�@8�>3�>1�9+�7'�:)�<*�<,�=1�?7�>;�99�03�/2�42�94�NF�la�h]�QC�</�:-�:.�7*�6+�8/�4,�7/�93�73�1/�/-�1/�15�2C�0E�-F�*B�&A�#=� :� :�&C�*G�.M�/P�+R�)T�2`�Ah�CX�`m�hu�Ve�KZ�L\�BU�2C�@R�7C�,3�((�.$�8&�?&�@'�?.�:,�YM�]Q�G>�D>�63�;7�UQ�F@�91�8-�;-�:)�9(�=)�>)�<&�;'�=*�7(�3(�=4�LF�GA�E@�96�30�73�62�0+�1-�,/�+-�./�1/�4/�81�;1�>2�9.�3(�;2�NH�a^�yz�������z��|��{��x��n~�ew�^p�Zl�L`�Ia�9W�=Y�M]�KHhQ1Qd6\tDf~Nv�[�c��h��j��n��s��t��t�r}�p�n��m��l��l��n��n��o��o��l��k��n��r��t��t��w�������Ư�ο��̻�ʤ�����[J8ZK8[J8ZK8[J8ZK8[J8ZK8[J8ZK8\K9[L9\K9\M:]L:]L:^K<^K<_L=^M=^M=^N>^N>\O<aR?aR?aR?bQ?bQ?aP>aN=bL?hOKgNRbP\cWkjfwv�}|��x��z����Ƅ��}��uz�kl�Y[�DL�0J�5T�<U�=Q�?L�CM�BH�=@�AC�@C�@A�A?�C?�A9�>4�=0�?1�;+�8(�<,�?.�@1�A7�C=�74�85�//�30�;7�0'�5)�UG�vl�[P�C7�<0�;0�8+�6+�:0�70�82�63�32�01�12�36�4<�&7�#9�"9�"9�!8�8�6�6�4�9�%B�)H�&J�'M�3^�Eh�bu�`l�Wc�Q]�P]�MZ�@M�2=�=F�7;�/.�/(�5'�;(�@'�>%�9'�8+�VJ�;2�?8�41�2/�C@�WS�HA�91�6,�7)�5%�5$�:(�<(�:&�7%�9*�4&�1%�?5�RJ�ID�HC�;6�2.�41�1/�-+�22�,/�+.�+-�++�-*�1*�4,�8,�=1�2(�7.�IB�\X�ww������������}��v��j|�_s�Xl�Ti�E]�D^�6U�:V�LZ�HC^K-Mc5Wo?b}Ju�\��g��l��n��r��v��z��w��r~�m|�i}�g��h��i��k��m��m��l�h~�i��j��o��s��r��x�������ũ�ʵ��¶�Ş�����]K7\K7]K7\K7]K7\K7]K7\K7^L8]L8^L8]L8^L8]L8^L8]L:]J<]K=^L>]M>\L=[N=]P?^SA`SB_RA`P@bQAcRBdQBdNAdLBjMIhKMdPYf[lnk�x{����������������Ђ��y~�sq�jb�a^�JW�>Q�:L�?P�CQ�@M�=H�>F�=C�<A�<=�<:�>9�=4�;0�;-�7'�A0�<,�6(�A5�F=�>6�72�85�71�5.�6-�8*�<*�:'�6%�;2�SL�YQ�E9�8*�>.�B3�:-�3+�GB�//�5:�6=�,7�BM�'3�&2�)2�(2�'�!+�'0�(0�'�)�+7� .�&7�-C�#;�Xs�.E�]l�_i�Zc�U\�PW�HM�?@�95�>7�A7�?1�7&�3"�6#�;'�<)�8-�80�E?�;7�31�75�54�DC�LH�KE�D;�:0�4)�5(�5*�5*�</�9,�/#�(�-$�9/�C;�H?�OH�E=�70�0*�/-�21�24�14�/2�/2�01�0.�0.�3.�5-�9/�=0�2%�>1�=3�_Y�sq�������������x��h}�_w�[u�Uo�Lf�Ec�:Y�;[�?Y�]i�@;VF-L^6ZuBh�Nw�]}�c�g��j��p��q��n�m~�l}�i}�h�f�f�f~�k�m��n�k~�g�f��g��i��m��r��v��|������������������z��]K7]K7]K7]K7]K7]K7]K7]K7^L8^L8^L8^L8^L8^L8^L8^K:]K=^L>`N@^N?[N>[N>\P@^RB_SC]QC]OB_NDaOEbPFcOHeNHiMJgNQeS_h_ton�y~���������ʣ�����x��y��|{�vj�i`�]a�OZ�FR�HU�JY�FS�?J�;E�9A�:>�::�=8�?7�?5�</�<,�<+�?-�9)�:,�A6�=5�72�<7�50�5-�5*�5)�7&�:&�;%�9'�6.�A;�MD�J=�?0�8(�9*�</�;4�JF�12�6;�6A�.<�@N�'4�$,�%(�),�+.�+.�((�(*�+,�$'�%(�&-�<E�)�4C�AT�&6�ju�bj�Za�W]�OS�BC�=9�>6�8,�D5�H6�>,�/�)�(�(�-%�;7�TR�HG�54�56�==�WU�GB�GA�A9�9/�3)�6,�7/�81�=3�91�5.�3.�4.�83�?9�F@�JB�A8�6-�0*�/-�12�03�03�04�12�02�/0�0.�2.�4-�9-�=1�3$�</�=2�^W�vs�������������t��f|�\v�Xt�Qo�Ih�Ab�:Z�?_�Ja�S\|@8SG1M_9[vCg�Ks�Yx�_w�b{�f}�k}�l|�i|�i|�h{�g{�d}�d~�c~�e|�j}�n}�l}�i|�e}�c�c��e��h��k��p��s��|���������x��dppR^^]L:]L:]L:]L:]L:]L:]L:]L:^M;^M;^M;^M;^M;^M;^M;^M;^K<_N>aP@`P@]P?\O?\P@[RC\RF[QG\OG\OI_PMcQOfTTgUUhVVhW]h]nmh�sv�|����ˊ�Ԙ�נ�ʪ���}�π�䄆�v�sj�fh�S\�GQ�FQ�GT�EQ�@L�=G�8>�7:�99�<7�@7�A4�?0�>-�>-�<+�:,�B6�H?�;2�1*�:2�6/�6.�7,�8,�7(�8&�9&�:*�4-�4.�A9�OC�H:�5%�3$�@2�>5�HD�13�5;�7@�4@�ES�2?�)0�#&�$'�13�-/�''�&'�12�)*�8:�+1�)1�4@�R^�=M�\i�^f�V\�OT�NS�EI�:;�74�?9�6,�?2�B5�=1�7-�3)�,%�' �%�0+�EC�::�--�35�AB�^]�@;�C=�A9�=3�9/�=4�A9�@;�@<�=;�==�@A�>>�::�?=�JG�A;�<4�5,�2+�1-�31�12�02�04�02�02�/0�0.�2.�4-�9-�>2�4%�8+�;0�[T�zw����������~��r��dy�[t�Tq�Nm�Fg�=a�<^�Fc�Tg�AHp;3SH2Qa<^yFh�Nr�Zu�^t�_x�c{�g|�hy�fy�fy�cx�by�b{�b}�b|�cz�h{�j{�h{�e{�a{�`}�`�b��j��n��s��t��w��uy�np�mTdYCOM4@>^M;^M;^M;^M;^M;^M;^M;^M;^M;^M;^M;^M;^M;^M;^M;^M;^L8`N:aP<`Q>]P?ZN>YOCXPEXOH[QO_UTbXYeX_iYcl\fk^glaimerok�tt�y~��ʆ�ڍ�ᎇן�ӭ�ij���y��{�ށz�w�sr�cg�U\�MT�GQ�CM�>I�;D�6;�88�97�<7�@6�B5�A1�?.�:*�>-�=0�F:�SH�H?�5.�1)�91�81�<1�=1�;-�6'�6&�8+�5-�2+�>5�NB�L>�:,�8*�B6�7.�>:�/0�16�4<�8B�NZ�LU�>E�38�$&�/1�,,�22�**�/.�::��37�,2�8B�EN�Xc�NW�=C�BE�BG�>C�:>�8<�88�97�83�91�:2�A:�NH�VS�NN�CB�72�95�KI�ML�RS�YZ�SR�YV�51�>6�B9�@7�?5�B9�C<�A>�?@�8=�9?�?C�;@�58�>?�MJ�93�60�3+�3,�4.�41�21�01�02�/2�/2�/0�/.�1.�4-�8-�?3�6'�5(�:/�VO�|y����������z��o�cw�Xq�Ol�Fh�@c�9^�?`�Kd�Zh�35g;0WO8XhDa{Kj�Ps�Yt�\u�^w�by�ez�fw�dv�aw�av�`x�ax�a{�a|�cz�fz�g|�fz�dz�`z�]|�]~�_��g��n��t��s��u��qt�ii�dRbUFSL:G@_N<_N<_N<_N<_N<_N<_N<_N<^M;^M;^M;^M;^M;^M;^M;^M9]K5_M5`P9_P;\O?ZNBXOFXQKYPQ`W\g`hnfsshysg{sg}ri~pm~pq�sv�x|�|����҅����敍㝌ڠ���u��l��nq�vl�vi�sm�ll�gi�^`�RY�FM�;D�7=�6<�89�98�=7�A7�B5�B0�@/�7)�A4�;1�;1�RH�\S�ME�;2�90�7-�9/�?4�=1�6*�4'�6*�3,�70�=5�E9�F9�B3�A2�>2�0&�72�0/�.1�.4�7?�PX�]d�Z_�OS�.1�03�,/�DG�66�,,�-.�>@�36�37�bh�<C�*2�-4�&*�;=�@E�6:�37�9=�7;�/0�43�;;�GF�RS�`c�hn�ek�]c�@>�E@�^[�hg�op�jj�KK�=;�40�>7�E=�C;�>5�<4�93�43�6<�-9�,6�.8�,6�,3�9>�JK�3/�3.�3+�3,�5.�40�4/�21�02�/2�/2�.0�/.�1.�3-�7-�?3�8*�2%�8-�NG�|y���������w��l|�at�Tn�Hg�>b�:_�6\�Bb�Ne�Waq0,_?0[W>^lIf~Nk�St�\u�_v�_x�cy�ex�dv�`v�`u�_v�_w�_x�`{�a|�bz�d{�e|�d|�by�^y�\{�\}�^��a��g��m��p��s��r{�nr�jfwe[k^RbU_N<_N<_N<_N<_N<_N<_N<_N<_N<_N<_N<_N<_N<_N<_N<_N:^L4_N4`N8^O<[N>YOEZSMZTT_Zahbprm�zu�}t�{q�zp�vp�qt�rx�u|�y��{���φ�ڍ�ޖ�ܙ�͛���������~y�l[�R?�MB�QI�WR�WU�ST�KO�>C�5;�9<�9;�;9�>9�@8�B6�B1�?/�:-�A6�5+�.$�I?�g\�dZ�UK�=3�5+�3)�:0�;0�6,�3)�6-�1*�82�;2�9/�>0�F7�B5�9-�1(�5.�31�./�*.�17�EJ�V[�]b�\a�9<�9<�+.�JM�89�00�57�()�'+�W\�>C�:>�7=�#�),�<>�BF�49�,2�17�16�(.�37�KN�ae�hn�cl�_k�`l�bk�LL�NJ�\Z�VT�MM�HF�42�3/�A<�KD�OH�JC�@8�:3�50�.-�1;�,<�*7�'4�)4�0:�>C�JL�1.�3,�3,�5,�4-�4/�4/�42�02�/2�.2�-0�..�0.�2-�7-�=1�;-�2%�7,�D>�yv�������|��q��hx�_r�Rl�Dc�9^�6]�8]�Gd�N`�IMe5+VD0[Y@^lIe|Nk�Rt�[w�_x�`{�dz�ev�`s�]s�\s�\t�]v�^w�_{�az�bz�b{�b|�b{�_x�[x�Yz�Y{�Z~�_��e��k��m��s��u��u|�rv�pnlfwe_O?_O?_O?_O?_O?_O?_O?_O?^N>^N>^N>^N>^N>^N>^N>_N:aO7aP6aO9^O<[OC[RK\VV_Zakgvso�}z��~��|�}w�{u�xv�sy�s}�z��}����ą�ɍ�Δ�͚�Ǡ��������ɭ�Ŧ���m�fJ�E2�A4�A5�C:�IE�OO�JK�?C�=?�;=�<;�=:�@:�@7�>1�=0�:2�@8�4,�1'�J@�bW�g\�eY�OB�>2�4)�7.�90�5,�2+�60�1-�50�7/�8/�>1�D7�>0�4'�4*�0+�3/�..�-.�14�78�BE�MR�Y^�FK�QW�48�FJ�8<�AE�7:�/1�05�HK�8<�7:�#%�:>�8;�;>�<A�7=�-6�)2�1;�<D�LS�]e�ks�js�`l�Zh�Xh�[h�dd�ZV�WT�@=�10�44�33�C@�JE�RK�SL�JA�?7�93�81�33�.8�0>�0>�*8�.:�;E�CH�AD�1/�4-�4-�5,�4-�3,�4/�53�02�/2�.2�-0�..�0.�2-�7-�:/�>0�1%�7,�;5�sq�������v��i}�at�[p�Pj�Cb�8`�8a�;a�Lh�O[~86]=0NF1VX@ZeEcxMj�Rr�[v�^y�a{�dx�at�]p�Zp�Yq�Zq�Xt�\u�]y�_x�`y�_y�^z�^y�\x�Yx�Wy�V{�X�_��d��h��l��o��q��ox�jr�il~ddv^_O?_O?_O?_O?_O?_O?_O?_O?^N>^N>^N>^N>^N>^N>^N>_N<cQ9cQ9aP<]P@ZPG\TR_Zaa_mtr�zy�������}�{x�zv�ww�w|�x��}�Ă�ć��������������������ȸ�о����ѻ�Ь��oT�]H�H6�>0�G?�WQ�WV�NO�@C�=?�<=�><�=:�=8�:1�90�80�<7�:3�>5�PF�XM�]P�eX�cU�M?�9/�8.�91�4-�2,�60�40�3.�5.�<3�C7�B6�:-�3'�5,�.&�0-�0-�31�54�-.�35�BF�X]�W\�ou�DJ�HM�=D�[`�ou�>C�}��mq�QT�>@�02�:=�IL�9@�8@�=F�7B�-8�>J�]h�mw�jr�cn�]g�^k�ap�]n�Ye�\]�OK�JG�74�01�54�0.�95�D?�JD�JB�@8�6/�4/�71�77�'/�0<�2>�,7�0:�>E�>C�44�3.�5.�6-�4,�3*�3,�4/�43�/2�/2�.2�-0�..�0.�2-�7-�9.�?2�0%�6,�61�on�������p��cx�\p�Xn�Oi�Bb�9a�<d�Ad�Ri�QWd/'WD3GG/RT<U^?cuMi�Qq�[v�_z�b|�dx�_r�Zn�Wn�Un�Uo�Vr�Zt�\w�]w�]w�[x�[y�[w�Xv�Wv�Uw�Ty�Xz�Z~�_��c�d~�f{�fr�_k�Z`vR[nPSfH\L<^N>`P@`P@_O?_O?`P@aQAbRB_O?]M=^N>aQAcSCbRB`Q>dS?aP>]P@^QI[QPZSZeapsq�yx�z|�~�����~~�yy�sr�nn�tw�v{̀�ʋ�Ɩ�ä���������Ƴ�̰�Ϭ�ϧ�ϣ�У�˜�˜Ѩ���g�_I�zg�tg�H?�QN�cc�KL�?A�89�:;�:9�75�53�;6�73�50�B;�=3�I?�XK�OA�dV�cT�XI�G;�:/�6-�7/�6/�4/�0-�2,�70�=4�=1�7+�5(�7,�0'�/(�/+�1-�20�40�51�75�79�JN�Y]�OT�8=�6<�X`�~��~��ou�go�ip�fl�\a�X[�Z_�U\�DL�8B�7C�3A�,:�0>�=I�S_�`i�gr�ep�bm�bp�`o�]g�SS�FA�85�41�11�/.�31�94�D=�B:�?7�<4�90�81�93�66�7<�5<�4<�4<�5=�59�35�1/�3,�5.�7.�6.�3+�2,�2,�31�03�03�/3�.1�//�1/�3.�7.�?5�8,�6,�/&�;7�XW����{��m��e|�\t�Pj�Hf�Ce�;d�9`�Nl�Rd�=?R,!C;&CG.KM5Z`DZjEcxMq�Zx�bx�`t�\r�Yq�Yl�Sm�Rn�So�Tr�Xt�Zu�]u�[t�Xt�Wv�Xw�Wv�Wv�Uu�Tt�S{�[{�]z�^u�[m�Ub~MXrCSj>AW0?U/<R,\L<^N>`P@aQA`P@_O?`P@aQAcSC`P@_O?`P@bRBcSCbRB`P@fVG_QF]PH^TSaZad`omk�vw�xz�{}�}�x|�rv�lo�mp�oq�uv�|~Չ�Ә�Ψ�ǹ���ź�α�ת�ۥ�ޥ�ݢ�ۤ�أ�Ѡ�ǛӼ�����|eŋw�}m�VJ�a[�rp�Z[�KL�?@�>?�>@�<<�66�55�=8�83�?8�6.�>3�LA�H;�]M�o`�`Q�H:�5)�1'�6-�5-�0)�51�95�=7�<3�8.�5)�4*�5*�7.�5-�2-�0+�0,�2,�4.�52�87�>@�JN�W[�]d�\d�]e�ai�S[�NV�Q[�_g�jq�fl�Z`�NT�4:�,5�*6�-9�'5�!/�'6�7D�O\�Zd�bl�dm�en�cm�[h�QZ�EE�<7�64�63�55�30�2/�62�>9�>7�<5�:3�81�82�95�:6�8;�7:�6:�6;�79�57�31�2,�4-�6-�7.�6,�2+�1,�1,�20�03�03�/3�.1�//�1/�3.�7.�<3�=2�8.�1*�74�Z[����s}�fz�^v�Vq�Nk�Gg�@c�<c�Ad�Oh�LWy<9L2#<:#<B(EG/PT9VdA`rJn�Xu�_v�_t�Zq�Wp�Tk�Ok�Pl�Qm�Rp�Vr�Xs�[s�Yu�Yu�Wu�Wu�Wt�Tr�Qq�Rq�Qo�Pl�Ni�Lb�FXu?Ni6F]/@W+@W-AX.AX.YL<[N>^QA^QA^QA^QA_RB`SCaTD`SC_RB`SCbUEbUE`SC^PCbUM\QM[QRcYbkdtqm�vu�z|�y{�y~�x|�ot�ei�bf�jn�ru�}}ׇ�ݗ�۩�ػ������ؿ�������������ۧ�ϡ�Þ��������l��p�o`�RG�]U�mi�uu�__�JL�AE�AD�>@�8;�68�=;�;6�A:�81�7,�>3�=/�G9�j\�i[�\N�B6�3)�4+�6-�2,�52�A>�GC�=6�2)�1'�3(�0'�4-�1+�.)�/)�2,�80�=4�B9�-(�43�CE�VX�^b�Za�S[�Q[�GR�HS�O[�\f�mv�nt�Y_�>D�.5�-4�2<�2>�+9�'6�6E�KW�IS�PW�W_�^f�ck�`i�RY�BI�97�71�75�<8�<<�95�51�60�:3�;2�90�90�71�94�;7�<8�99�99�87�88�88�66�40�2+�6-�7-�7.�6,�2+�0)�0,�10�13�13�03�/1�//�1/�3.�6.�:1�D9�91�4.�/.�_b����lw�bx�Ws�Pm�Ll�Bh�:`�<`�If�Sg�DJm<5O>,=<':?(ED/FH0Q\<YkEg|Qr�[t�\q�Wm�Rl�Pi�Mi�Kj�Mk�Pn�To�Up�Xq�Yu�Yu�Wt�Vr�Tp�Rm�Mk�Mj�Lf�Ha�E\~AUt;Li3E`-AX*>U'D[/E_2Ic6WJ:ZM=]P@^QA^QA^QA_RBaTD`SC`SCaTDaTDaTDaTD_RB]QEZOM[RWbXcjcsqm�vu�xz�z|�w|�sy�mr�dh�]d�ag�lr�x{ʉ�ߕ�夡䷴���������������������۪�ө�¡�����������v��q�rc�bW�i`�rm����ut�[]�LN�DH�@D�;A�;=�:8�<8�F@�C;�:0�:/�6)�1#�I;�aR�j]�SG�:/�4)�6+�4-�42�MK�ZX�KF�91�4+�4+�2(�.&�-&�,%�-%�1)�6,�;0�?4�/'�4,�:8�CB�FH�EI�GN�MV�Q]�Vb�Xd�\g�gr�mu�Ya�;@�28�.4�.7�*4�%2�)5�<K�S_�?I�AI�GL�QV�Y`�X]�GM�79�53�84�<9�@>�@?�=;�95�72�82�91�80�80�71�84�96�;8�:7�;9�:7�:8�98�84�5.�3+�6,�8.�8,�6,�2)�0)�/+�0/�23�23�03�01�0/�1/�3.�6.�8/�F<�91�4/�,,�fj�y��gt�by�Tq�Kk�Gj�=e�6\�=^�Qh�Xe�BBgC7[N;GF1AC-JH3EE-LU6Sc>btLl�Up�Xo�Tm�Pi�Ki�Ih�Jh�Kj�Ml�Rn�To�Xp�Xt�Xs�Uq�So�Qk�Nh�Ke�Hd�G`�D]�AWy=Rq8Mi6Lf6Oe7Of8Ne7Oi9Sm>UH8XK;[N>\O?]P@]P@_RBaTD_RB`SCaTDaTD`SC`SC_RB^QIVMR_Xhnf{uq�xt�xw�xz�y{�tx�lq�bf�\c�`f�kq�v|ƀ�Γ����䮭罼������������������߹�׶�е�Ʊ��������������y�|q�vk�si�me�oi扄�~�sr�ed�WY�MN�DG�?A�:7�;7�B=�E?�<3�=3�B5�2$�0"�J<�XK�N@�=/�7,�7+�3*�42�UU�kh�]X�D>�;3�;2�80�4-�2,�1+�0)�0'�/$�/$�0#�9,�4'�2*�;6�CA�EG�BG�@H�DO�P[�Vc�Va�^i�go�Ya�BG�:<�57�28�28�2=�9C�HU�Va�7@�4;�6;�AD�JO�IM�<B�13�54�95�=9�=:�;9�:7�73�81�;2�;1�:2�92�82�73�64�75�:8�;8�:8�:9�;7�95�6/�3,�7-�8.�9-�6,�3)�1)�0)�1-�23�33�23�01�1/�1/�3.�6.�7/�C:�70�1-�13�kq�qz�ft�]t�Pm�Bh�>g�9c�8^�Ed�Zm�V[wE>dJ=aYFTO;KI4PI7GE0GP3M]9ZlFf{Pm�Sm�Rl�Mh�Ji�Ig�Hg�Ji�Lk�Rl�Sn�Wo�Wt�Xs�Un�Rk�Of�Kc�Ha�F_�F[�CY}@St;Pn8Ok:Rl=Xn@ZqCWo?Vq>WqARE5UH8XK;ZM=[N>\O?^QA`SC`SCaTDaTDaTD`SC`SCbUEbWQ^Vckf}yu�~z�zy�xy�vy�tx�lq�cj�\c�^d�io�w}ǁ�ш�ә�ݣ�ల㼾��������������������������þŹ����������yztyvqulele�ph�a[�`[�sm�yu�~}�|y�rq�cc�ST�HH�DB�>:�<6�B<�:3�C:�UK�>2�6)�9,�=.�?/�B4�C5�@1�7-�30�LM�_]�WS�D?�:4�81�81�93�92�92�:1�:0�9,�8+�9*�)�3"�@2�I>�D@�;:�7;�:@�8B�HR�Ua�Xd�^g�`i�U[�AE�@>�?;�@C�GJ�LT�QY�T]�V`�3<�/5�04�8;�>B�;?�48�04�42�96�97�53�20�20�40�4.�<4�=4�<5�;4�83�73�43�43�99�98�88�99�97�75�5/�3,�8.�9-�9-�7*�3)�1)�0(�1,�33�43�23�11�1/�2/�3.�6.�91�<3�71�0-�@C�nu�ku�bq�Ri�Hf�;c�5a�6b�?e�Ni�]j�GFjF:^M=^WDYR?RJ7OF5ID0DJ.GU2Sc>^sHgMj�Oj�Kg�Gg�Ff�Gf�Ih�Ki�Nk�Rm�Vm�Uq�Up�Rk�Og�Kc�H`�E_�F_�G^�E[~DYwAVr?Uo@YpB]rG^uG[sCYtAXs@NB2QE5UI9WK;XL<ZN>\P@^RBaUEbVFbVFaUE`TDaUEfZJi^Zngwup�|x�{y�wx�vw�pu�jo�ch�`g�`f�em�qx�~�͉�؏�ؙ�֡�֪�۴�ߺ�����������������ºɼ�Ļ��������������qqquqppfewhe�nj�_Y�d_�ZT�f`�so�zv�{y�vu�hh�ZX�RN�HB�=8�E>�<5�G=�\R�;0�<0�7+�7)�>.�C5�B3�A1�B4�86�>>�CC�B@�=7�81�7/�7/�:3�93�:3�;3�>5�B6�E8�G6�-�;%�J8�L=�=5�0+�00�9>�AJ�LW�U`�Ze�]e�Ya�LT�>@�4/�7/�;9�@@�CH�DJ�BI�?F�5;�26�36�8<�8:�14�/2�14�20�95�85�0.�,*�0,�3/�4.�=5�>5�=4�<3�:5�95�65�65�57�57�57�68�66�54�2.�1+�7.�9-�9-�7*�3(�1&�1(�1,�43�53�33�21�1/�2/�3.�6.�;3�4+�:5�20�VY�px�cn�Zi�I`�Ef�8b�0^�5b�Bh�Le�PYk60^G7XK:UN;[O?VI9M@0JC0@F,AO.L\7Xj@bxGf�Jh�If�Fe�Dc�Bd�Fe�Hg�Lh�Oj�Sk�Sn�Rm�Qh�Ne�Kb�Ha�G`�H`�Ha�H_�H_}I]yH]wH`wKcxOczN]uC[vA[vAJC3MF6RI:TK<WK=YM?\O?^QAdWFeXGdXHbVF_UIbXNg^Ulcfwr�zv�zu�ts�ss�tu�lp�bg�\`�ae�fl�nt�x{ȃ�ӏ�ݗ�ޛ�ՠ�ө�ڮ�ݱ�ݲ�۴�ڶ�۵�ֳ�Ѯ�ɫ�Ī�¥������~�|x�dbgiefdZ[j[X{c_yVP�c]�NF�UM�`Y�ke�wr�{�zw�nj�a\�TO�GD�OK�B=�G@�WO�,"�1'�4'�?/�E6�>-�2"�7'�E7�E?�97�3.�61�;5�=5�<4�=4�;4�92�5.�4+�5)�8+�<,�?-�T?�G2�<)�;.�=2�;5�74�35�KP�MR�PU�TY�Y]�VX�MQ�CB�5+�7+�80�52�24�26�18�/9�4>�3;�5?�9B�4>�+5�(3�0:�-3�59�59�./�*+�1/�43�51�<6�=4�=4�=4�;6�:6�87�77�46�35�25�34�55�41�1-�0(�8,�:+�:+�8(�4&�3$�3&�4,�52�53�42�3/�2/�3-�3.�6.�=4�/&�>9�35�bg�oy�[i�Nc�C]�Eh�:e�0]�6a�Fj�J]�BHS-$WJ9SL:OH6[O?UI9F?/HF1>B'@J(IU1Sd:_rEe}Kg�Je�Hc�Ca�Bc�Dc�Ee�Jg�Mh�Pi�Ql�Pk�Mf�Jc�Ia�Gb�Fb�Hc�J_�G^H_}I`|Ka{Kd{Mf|Nf~N]xC]z@^{CDB6FD8KG<PG>RH>XJ?]M>`P@`Q>aR?`SB_VGcZSgb_ojnso~wq�zt�~x�yw�pp�gg�`a�\_�`b�fh�op�yz̄�֎�ߖ�眙栞ݡ�ף�٤�ڦ�ئ�ץ�Ԧ�ӥ�Ѥ�͢�ɢ�ȟ�Ù������|�rn}igld^`g[[kYUrWP}WN�WO�RI�[Q�XP�ZS�kd�yr��|����uq�us�_]�QM�EC�ZT�71�2*�7+�7(�7'�7&�9(�;+�=/�?1�8.�<2�@5�<1�5(�4(�:/�A6�90�90�7.�7+�7)�:*�?,�A/�=.�@4�E:�G<�C;�<4�3-�+&�<9�EB�PM�VS�YV�XR�NK�C:�;*�:(�8,�5.�./�*2�(3�'8�->�,@�*?�)?�(?�&?�%=�%=�#:�':�+<�,9�,6�.5�45�;9�84�:3�;4�;5�:5�95�73�54�35�46�54�54�53�5/�5,�5)�8,�9*�9(�9&�8&�7%�6%�4&�5/�41�50�4.�4.�5+�6-�7,�90�7/�:6�?B�mw�bs�Sj�Ic�Kj�6[�6_�<g�>c�Nj�IV^$#E-!?:'HE4PM<PI9EB1>B1?G/BH&EK%KS.S]8[kDavKd~Nd�Jc�F`�Ba�@c�Be�Fj�Jl�Pn�Rl�Lj�Ig�Gf�Hf�Jf�Ic�Ha�Ge�Kd�IbIdJgKg�Ie~Ga}C\|=\=_�B=?4@B7FC<JE?PE?TG>[K>^N>aP>`Q<^SA^VIc[Xhcinlyso�uo�vp�tp�pm�gf�aa�]^�]]�ed�kj�us�}{φ�َ����易囖ٜ�՝�֞�מ�֝�՞�ԝ�ў�ќ�͜�ʛ�ǚ�ē�����x�tk|mdif]^f[YiZSoWM{UJ�VK�VK�]S�ZS�XR�fa�qj�vo�~w�������uu�gd�US�ZU�2,�/%�7)�7&�8&�8&�8'�;*�;-�=/�9,�9,�:,�:,�9+�9+�8+�8,�;1�90�8.�8,�9*�9(�:&�9&�6*�80�=5�@8�A9�?7�<4�:2�4-�>6�IA�OG�QI�NF�C;�7*�8&�8$�7)�4,�//�+3�)7�);�+B�*A�)A�'B�#@�!<�=�;�:� ;�%;�);�-9�19�7:�;;�94�:5�;4�;5�:5�95�73�54�46�46�65�64�71�6/�5,�5)�9*�9*�9(�9&�9&�8%�8%�6&�5+�3-�4,�4,�5*�5*�7)�8+�<2�3.�54�TY�es�[p�Hc�Ih�Ad�;`�4\�<b�Mm�Lb�8?S*&A5)7:);<,B@1F@0@?-=B.?H-=CKP'\b<fpKhvRf{Rf}Qe�Na�Fa�Aa�@c�@g�Fj�Jk�Mm�Om�Lj�Gh�Hg�Gg�Jg�Jf�Je�If�Kd�IdHdHg�Gg�GfEb~A^�?_�?b�B7:/;=2@@8EB;KB=OE<VH=YL<^N>]P?\SD^WMc]]ifmom{sq�so�qk�jf�c`�\[�ZZ�\]�\_�hj�no�wxʁ҇�؋�ܐ����ݓ�ӓ�Г�Г�Д�ѓ�Г�ϒ�Ε�͓�ǔ�Ĕ���������z��r�|ewu^fi[[e\Wd[RgYLrVH�TH�ZQ�`Y�\Y�ZX�cb�ki�ok�vq����������}y�nh�aX�5,�2&�9*�:'�9&�9%�9'�:)�:+�:,�:-�6*�5'�8*�>/�>/�7)�/"�:.�8-�7,�8,�:+�:)�9&�7$�6*�6,�8.�;1�=3�@6�A7�B8�:1�A7�E;�F<�H>�G=�@6�7+�6%�6&�7,�50�03�-7�+9�*<�'=�'=�%=�#;�!:�7�7�6�8�6�$8�*;�2<�6=�8;�::�94�:5�;6�;7�95�85�75�54�36�47�55�65�72�6/�5,�5)�8)�9)�9'�8%�8%�7$�7$�6%�5)�4)�5*�6(�7)�7(�7*�7+�<2�1+�88�kr�]n�Pi�<[�Hl�7]�>e�5[�>b�Vq�?Qa#(L/+;7+18(37&:;)B=*A<(@>)BB&?FXa4s~T��dw�`i�Tb|MaI`�E`�@a�@d�Ah�Gj�Jk�Ml�Nn�Mk�Hi�Ig�Gh�Kh�Kh�Lg�Kf�Ke�Jc�Hd�If�Hf�He�Fb�Bc�De�Eh�H25*69.;<4A>7G@:KB=SF>VJ>XL>YM?YQD^WOc^bigron�ro�rm�jg�a_�WW�TU�WX�\_�ac�ln�rs�{|΂�Ո�ً�ی�܍�א�ҏ�Ώ�ώ�Ώ�ώ�Ў�ύ�Ώ�ʎ�Ə������������x�o��_p|Y`lXYd[T^_Q_\IjWF}SE�UL�\Y�Z\�X\�cg�kk�pl�xs�|x�zu��~�����{�ka�<2�8)�;(�;(�;&�:%�:'�9(�9)�8*�;/�6*�5'�9*�>.�>.�8(�/!�6)�5)�5)�7*�9+�<+�=*�;)�:-�:/�90�9/�:1�;1�<3�=3�E=�E;�A9�=3�=5�A7�@8�;1�6(�5)�6/�31�/5�+6�*:�)<�&9�&;�'<�'<�&<�%:�$:�#:�#8�#7�&8�,;�5>�9?�8:�87�94�:5�;6�;7�95�85�75�54�47�58�66�65�72�6/�5,�5*�9+�9)�9)�9'�8'�8%�7%�7%�5%�6(�7'�9(�9(�:(�9)�:+�:1�4/�IL�oy�Vj�E`�<_�Ag�3\�8b�>c�Ml�Oe�0=J C1-11'/7(5<,>A.B@+B<$E>$IF%U\0p~M��r��|��mj�W_{J]~E_�Ca�Ac�Bf�Ck�Jm�Mm�Om�Oo�Nl�Ki�Ih�Hi�Li�Lj�Ni�Mg�Le�Jd�Ie�Hg�Ih�Ig�Hd�Dg�Hi�Il�L.4(36+891<;6B=9H@=MD=QG=SI=SK>UNDZUQa^eigumk�lk�ki�b`�XV�PP�QQ�XY�`c�fj�or�ux�|Ѓ�ֆ�ى�؊�ً�֌�ϋ�̊�͉�Љ�ш�ъ�щ�Ќ�ϋ�ȍ�����������~w�m��Yj�SZnVTc\RZaOZ_HeZDxUB�ME�TR�SW�RY�^d�ej�kl�uq�un�oh�~v��{��~�l`�?2�8(�;(�<(�='�<'�;'�:'�9)�7)�:/�8.�8,�9+�:+�:*�9)�7(�9+�7+�8,�7+�7*�8*�<,�>-�<0�=0�<2�;/�:0�9-�7-�5*�@7�@5�=4�9.�80�;1�:2�5,�/%�0)�20�25�/8�-9�+;�+>�-?�/@�/@�/@�/A�/?�.@�.@�)9�)8�,8�0:�6=�8=�77�43�86�:7�;6�:7�97�77�65�44�48�48�67�76�74�6/�6,�5*�8*�9(�9(�9&�9&�8&�7&�8&�8%�:&�;'�=(�=(�=*�=,�<.�7/�<9�^e�aq�Pi�<[�Ai�4_�5a�1Y�Kl�Yq�>NZ%-C),:20.1*08-8A0=B,<<"A<UH(`[5|�T��n��������wo�[aK^F`�Dc�Bg�Dl�Go�Np�Po�So�So�Ol�Ki�Ig�Gi�Li�Li�Oh�Ng�Ke�Id�He�Ih�Jh�Hg�Ge�Fi�Ki�Kl�N+1%.4*470894>:7B=:HA;KD<NG=NG=PKEWSR_^ffeugggf�ba�[Y�RR�NO�RS�[^�ei�lo�uw�z|��փ�؆�ن�׈�Չ�Ӈ�ˆ�Ȇ�˅�΅�Ѕ�҇҇�Ѝ�Ҍ�ˍ����������{v�}k{�Vc�PVnUQd^P[eMYcJb^EsXC�OE�WR�UZ�T[�\c�ag�gj�po�yr�qh�|t�sj�xm�\Q�;+�5#�<)�=(�=(�<(�;(�;)�9*�7*�6,�7-�:.�:,�:)�8'�;*�=,�=.�@2�A4�>1�8*�5'�8)�<,�:,�:,�;/�<.�:/�9+�5+�5(�6,�;/�>4�?3�?6�>3�7.�,#�+%�-*�02�39�1;�0>�0A�1B�1A�1@�1@�0=�/<�-9�,9�*7�0<�/;�0:�4;�6;�69�55�53�86�97�:6�:7�97�77�65�44�59�59�67�76�74�72�6-�6*�7+�8)�8)�9'�8'�8%�7'�9%�9$�<%�=&�?'�@(�@*�?.�<1�61�HI�fr�Od�Hf�7[�Am�/]�7a�4X�Qk�Ufm19E(,E697325426926=-5:#38CCja:��T��w����͙�Ǖ��}v�be�Q`�F`�Bc�Bi�Fo�Jr�Or�Rq�Up�To�Ol�Kh�Hf�Fh�Ki�Lj�Oi�Og�Kf�Je�If�Ii�Ij�Ji�Ig�Fj�Jk�Mn�P(0#+1'14-561764<87@<9C>8IE<HE<KHCRPQ\Zecbtbb|``�_^�ZX�TT�TT�\]�gi�ps�vx�{�~�ۃ�ބ�݄�؃�օ�Ԇ�у�˂�ȃ�˂�̓�х�Ԉ�Ո�Ӎ�ҋ�ȋ���������|�wp�wfp~U[|PQnUNf_O^fNZdIaaGq]E�TF�]T�Z[�VZ�[a�]d�ae�ll�zs�rj�xo�YP�[P�D8�5'�:)�9(�;(�<)�=(�;*�;+�9,�6+�0'�4*�8,�;,�;*�;(�;(�<)�;*�C4�K=�H:�=/�5'�6(�;,�9)�9)�9+�9)�8+�9*�8,�7)�6+�<.�?4�@3�A7�A5�:1�1)�0.�14�5:�6>�4>�2?�0@�0@�.<�/<�/9�07�-5�,2�+2�+2�3;�4;�5;�6:�57�55�65�75�86�97�:8�99�87�77�67�46�5:�5:�7:�79�85�72�6-�6+�7+�8*�8*�9(�9(�9&�8(�9&�9"�:"�=&�?'�@(�@*�=-�;1�96�U\�^q�Gc�?a�;b�7g�3b�8`�Fd�Na�@IT15A55@:<:46?56>6389+6<"9CSZ.��Q��q�Ŋ�ˎ�˔�Í��}{�eh�R_�E^�@c�@i�Do�Js�Ps�Sq�Uo�So�Nl�Jh�Gf�Eg�Ji�Li�Ni�Nf�Kd�Id�Ie�Ji�Jj�Ii�Hf�Ej�Ll�No�Q&.!)/%-2+13.333764:97=<7GD=DD<HGCPPRZZd_ap``z\\~`_�][�YX�]]�gg�rt�z|��܁�ႅ䅆ㄅჃہ�Ճ�҃�΄�̃�Ʉ�̃�΅�Ӈ�֊�׌�ԍ�Ќ�ċ��������x�snuqbewXVtSLjVKg`NbfO_eIcaHp^F{R@�\N�ZS�TS�VZ�W\�Y`�ce�qn�me�qh�D;�A7�1%�4&�C2�8'�:(�;'�<)�;,�:,�7-�6-�,#�1&�6)�<,�@-�?+�;'�7$�4#�B2�OA�OA�B4�7)�7)�>/�;+�:*�8(�7'�6'�6(�8*�8+�;.�;/�9-�6*�7,�<1�<2�71�88�8=�;B�9B�4A�0=�,;�,:�/;�19�2:�48�49�48�36�57�37�6;�9<�69�45�44�76�;9�86�97�98�99�87�77�67�46�5:�5:�7:�89�95�82�7/�7+�8+�9+�9+�;*�:*�:(�:*�;(�9"�;#�=$�>'�?(�?,�<.�92�<?�\f�Qh�If�9]�=h�.]�<h�;\�\p�LV^-0G85BC><89?48F37C41=:)>D(GV-bs?��a���ˌ�ɋ�Ë�����z{�ef�PZ|@^�?a�>i�Do�Jr�Or�Rp�Tn�Ro�Nl�Jg�Fe�Df�Ih�Ki�Ni�Nf�Ke�Jd�Ie�Hg�Hh�Gj�Gg�Ek�Lm�Op�R)/#)/%(-&+-(///3317759:4==5?@8DE@KKKQQYVXe[[s^]}YX�[Y�^]�ee�nn�wx��؄�⌌���솇䂂܀�ւ�Ӄ�΂�ȃ�ǃ�˄�Ά�Ј�Ӌ�Ҍ�ϊ�Ŋ������}��x�wozkegf]Xm[Qm[Mi\Lf^Kd_IeaHh`Io_FoP;�UA�^P�bZ�YX�QT�S[�\`�gg�YR�D<�70�7/�:1�<0�;-�9*�:(�:)�:)�8+�8,�5,�5-�/%�3)�8,�>/�@/�A.�=*�:(�9)�0"�WJ�L@�/#�=1�</�8(�;+�:)�9(�8'�7&�6&�5&�4&�7)�;.�>2�<0�7,�8-�>4�C<�BE�9?�3=�4?�2@�-;�-:�2=�7@�5;�5:�78�8;�9;�89�77�;=�<<�::�87�77�76�75�75�97�98�99�::�9;�9<�9<�8<�7;�6:�8:�9:�;9�;5�90�7,�8+�9+�9+�:)�:)�;)�;*�<)�9#�='�:#�4�9%�D3�?6�0.�^e�Vg�Ib�<\�1X�0Y�6c�Bi�Yo�FQo33N3,B?6>C<A89@-1L/3K2.B9(DI)Zm?~�_��w�ł�ɋ��������~��nf�RYwCY{?^�?c�Ai�Fn�Im�Ll�Nk�Ql�Pj�If�Dc�Bc�Bf�Ih�Kg�Lf�Kh�Nh�Ng�Kf�He�Gg�Gk�Im�Lq�Sr�Ut�W*0$)/#).',.)//-220561782;<4>?7CD>IIGOPTSUaXYk[[u\Z^]�db�kj�ut�~·�ߋ�鍍���년 ؀~Ҁρ�˅�Ɇ�ȇ�ˉ�΋�ό�΍�̎�Ȋ�����|��x�{s�tknlb`e]Re_Oe^Lf^Kf^Kh]Ij^Hk_Io_Fw_G[C�YF�ZL�VP�RS�QX�X_�US�KF�>9�60�6/�90�9.�9*�7(�8(�9)�8)�7+�5,�4,�4-�0'�5)�9+�>.�A/�@-�<*�9(�8)�<.�RE�H<�4(�:-�:,�4&�=,�<+�;*�;*�:)�9)�8)�7)�7*�8,�7,�4*�1'�1(�7.�<5�DG�8>�/9�/:�0=�.;�1<�6?�6=�36�24�:8�DD�II�DC�?>�:7�98�97�96�77�87�98�98�87�88�99�9:�9;�9<�9<�8<�6:�59�68�88�;8�:5�9/�7+�8*�:*�:*�;*�<+�<)�<+�<)�9$�@*�:%�5�;(�;/�94�<?�]i�Pd�A[�8W�6[�;`�>d�Ie�?L�?>`;3G;/:>08>2F<:R>=N0.S8/VK7ciEx�[��p��}�Ɓ��}��������xr�^YuETp=\{B_@b�@i�Em�Hl�Kk�Mj�Pi�Og�Ge�Cc�Bd�Eg�Ji�Li�Nh�Mi�Oi�Mi�Kh�Hg�Gh�Gl�Im�Lp�Sq�Tt�W-1#-1#,/&,.)//-11/34/56.:<1<>1@B7FGAKMLQRWVVbXWi\Yt^]fd�pn�zx���΍�ߐ�ꐎ튉燄߁�|�}Ȁņ�Lj�Ɗ�ʌ�Ɏ�ɍ�Ō���������|��v�{p�ujpoeci_Vc]M_aL_aKc^Jg\Jl[In\Ho]Ir^FwaIxX?�S=�VD�XO�US�OT�MS�>=�<7�84�71�6/�7/�7+�7(�7&�8&�9'�8'�6)�5*�3,�4-�3(�6*�8+�<-�>/�>/�<-�8*�5)�I?�F<�A7�<2�6*�:-�6&�:)�:)�;*�:*�9*�7)�6(�4(�9-�7,�4+�3*�3+�6/�:3�<8�<=�49�07�29�3<�4<�7@�=C�7;�AA�NM�YU�YW�QN�B>�84�62�72�74�74�85�96�::�::�77�88�8:�9<�8<�9=�8<�8;�58�58�57�77�:7�:4�8/�7,�8+�:+�;+�<+�<+�<)�<+�<)�9&�@*�9$�6$�;+�0'�40�PT�[i�J`�:U�7V�@]�Hf�Hd�Na�89e?6R@2DA09=,57)?7,L:0F.$R=,g]B��_��t��{��z��{��z��������m]vLHb5Nh8\wB_}?c�@h�Dl�Gk�Ji�Jg�Lg�Nd�Dd�Cc�De�Fh�Kk�Nk�Ok�Ok�Ok�Oi�Mh�Jg�Hi�Hl�Ko�Mu�Vt�Wv�Y24&04&12*01+12-23.34.46+9;-;>-?A3DF9JKENPORQWTT^XVd\Zoda~nl�zw���Ì�֑�㔑ꓐ뎋≅ق�|�|��~����������Ì��������}��{��v�yn~rgmmaak^Vi[Pc\J^aL]aJc^Jh[JmZKqZJtZIv[FsWAxR;�Q=�ZG�[P�TP�FI�>A�2/�5/�51�60�5.�5+�6)�8)�6&�8&�9'�9'�6)�6*�3,�6-�7*�8*�7(�9*�=-�>/�;-�8+�3)�UK�=4�8.�A6�4'�<-�<-�8(�8'�9(�:)�9)�7)�6(�3'�6*�3)�2)�5-�:3�>7�?9�=:�45�59�6<�5;�2:�39�7=�<@�UV�bb�mj�id�VQ�A<�63�50�61�71�63�74�85�96�99�::�78�89�8;�9<�8<�8<�8<�7<�6;�68�67�97�<7�<4�9/�9,�9*�;*�<*�<)�<+�=)�<+�<(�:'�@,�8&�8'�;-�+"�54�`i�Td�G]�<U�=X�H`�Od�O_�SZvGAXH9KD2FE1BE0=?*:8#;3?3PG*nkH��f��v��t��s��x��������l�[K_:BW0Mb7Yq?`|Ad�@i�Cl�Fi�Hg�Ie�Ke�Jb�Bc�Bd�Eg�Hj�Ml�Om�Qn�Rl�Pj�Nj�Li�Ji�Hi�Gm�Kp�Ov�Yw�Zy�\78(68*77-56056167267/68+;>-=@-@C.DG4IK>MNFQPNRRRVUSYX]a_lki�us��}���nj�ӕ�ᔑ␍܋�ӄ�ā}�|�|��~����������������z��x��t�znzrfjm_^j[Ti[PjZKfZJb_Lb_Le^Li\Kn[Lr[Kw\K|[HVB�S>�RA�VF�SI�G@�88�33�1-�3/�51�4/�3,�3)�6)�9(�8$�9$�;'�:'�8)�7*�5,�7-�:+�9)�6%�8'�;+�>/�;.�7,�90�\T�=5�5+�A5�4%�:(�?-�;*�:*�:+�:,�;-�:-�8-�7-�3*�1)�1+�71�<7�>:�<8�74�77�;<�<?�6;�28�5:�BF�MO�xw�qn�`[�JC�83�2.�75�?<�93�93�72�72�64�75�76�76�79�79�7;�8<�8>�8>�7=�7;�8<�7;�7:�::�=:�=7�;2�;/�8*�:*�;*�<)�<*�<(�;)�;)�<)�>+�9(�9*�8-�/)�@C�hr�M^�H[�EZ�H[�O^�T]�TW�XUdM?PM:LG4KF2FD-@C(>E$?I$KV.\g<x�T��h��m��n��r��}������u�dRcC?P0BS1Oa9Wm>b{Be�Bi�Ck�Ei�Hf�Hb�Hc�Gb�Bf�Cg�Hi�Jk�Nm�Pn�Ro�Sk�Ok�Ok�Mi�Ki�Ik�Io�Mr�Qv�Yv�Zw�[?=.=>0==3==5=<7<=7;=2;=/?B/@D-CG.FJ3KL:NOAQQIRRHYWJZZN`_]gerqn�{y������ď�я�Ӎ�ϊ�ǃ�~y�zw�yv�{v�|y��|��}��}�x�|t�zr�vksrffn`]j\Sk[NlZLl[Kk[Ki]Mg^Mi]Mj]Mo^Ns^Mz]M�[J�`O�VG�N@�J=�@7�60�1+�1+�51�70�5/�4-�2)�4'�6&�;(�9$�;$�<'�;'�:)�9*�7,�9-�=,�:(�5#�6$�9)�<.�;/�7-�?7�[T�IA�:0�@3�6&�3 �<)�:(�7'�7'�7(�7)�7*�7,�7-�<3�;3�:4�<7�>:�>:�85�41�96�;;�::�8:�>@�OR�be�pp�he�UQ�=6�1+�40�;7�=;�;9�;5�;5�94�83�75�65�55�66�69�7:�7;�8<�8>�8>�7=�7=�8=�8;�8:�;:�>:�>7�=3�</�8)�:)�;)�<)�<(�;'�;'�:(�<)�9(�;)�9*�6*�>8�TX�ep�K\�I]�J^�M[�QZ�VV�ZR�`RPI7IN:NI5H@+;578>O%Lf6l�Tw�\��e��d��f��l��t��|��mn}\Q`C<J09F,AP1O_;Wj=d{Ef�Ck�Dl�Fi�He�Fa�Fc�Gc�Ci�Fj�Kl�Ml�Ol�Om�Qn�Rm�Qm�Om�Pl�Ll�Ln�Lr�Os�R{�]{�_z�^EB1DB3DB6CC;CC;CC;BB6BC3DF0EH-GJ-JM2ON9RQ?TREUSD\ZC\\D\]Oaaaihxrq�{z��~������È�����{�ys�to�ql�qm�rn�vp�wr�wr�to�skzrinmb`l_Wj\Qk[Lm\Lo\Mp]Lq[Mq[No[Pm]Nl_Om`Os`O{`O�ZM�_S�QG�A:�;4�6.�1*�2)�5,�70�6/�4.�4-�4*�5(�8&�9%�:"�="�>%�>'�<)�;*�9,�;-�@-�<(�5!�3!�8(�<.�:/�5-�93�NI�TM�B9�B5�?.�1�=)�=-�9+�7*�7*�7+�9.�;1�<4�E>�A<�?;�>;�=;�;:�88�85�96�95�66�;<�JK�\]�de�ba�=9�82�4.�92�A=�E@�=;�42�;5�;3�94�94�84�84�77�88�69�7:�7<�8<�8>�7=�7?�6<�6;�7:�89�;9�>9�>6�<2�</�8)�;)�;(�;'�;(�:'�:'�:&�>+�7%�=+�9)�2'�PK�km�\f�P^�J\�HY�LV�RS�[R�cQ�jUJM8DL7JB/H9$B7FH#Up=g�V~�p��q��h}�Y��Y��c��d|�_XfCHU9:F.7C+:D,=J0JX7Wh>e|Fi�Dl�Em�Gi�Gd�Ga�Ga�Gf�Fl�Im�Nn�Ol�Ok�Nk�Om�Qp�Tq�Sp�Sp�Po�Pq�Pv�Sw�V|�^z�^y�]IC3JD6IE9JF;IF=IG;HF9HG5IH3JJ2LL2NN4RP;TQ>XRDYTA]Y>[Z>\YH_\Udahnk~xs�}x��{��}����|�}w�vo�oi�lf�ie�jf�mh�mi�mh|lfrkbgj`^g]Th\Nh[Kk\Io^Lq_Kq^Mq^Mp]Op]Op]Os]Ow]N~]N�\L�XL�VI�F<�9/�7/�7/�7.�6-�6-�6/�5.�4,�5-�7,�8*�6'�6$�:$�<$�='�='�;)�;*�:,�<-�A/�<'�4"�3 �9'�=.�;/�8.�3+�A;�[T�I@�D7�F7�2�>,�F7�B5�@5�?2�@4�A7�E<�F?�@;�=9�:7�75�54�65�:8�<9�?9�=8�:5�@<�LI�QL�?;�)#�-&�6.�>7�@;�>9�;8�;;�==�96�96�96�86�95�:6�99�::�88�88�8;�8;�9<�8;�6<�6<�6:�68�89�:8�=8�>6�<1�;-�8*�;*�;)�;(�;'�<)�;(�;'�?-�5"�=.�8*�/&�\X�y|�X_�Xd�Q^�KT�LO�VR�`U�hV�nVPW8?J*<;C=UQ+lvD��f��~��v��s|�bn�MvR��^u}V[b@;D)4<%5=(=D2<E29C+CP2Vf?g{Hi�Fm�Hm�Gj�Gf�Gb�Gc�Gh�Jl�Mo�Po�Pl�Mi�Kj�Jj�Ls�Us�Us�Sr�Qr�Qs�Ry�V{�Zv�Zu�[s�YRK;RK;RJ=RJ=RJ=RJ=RJ=RK;UN<VO=WP>XQ?YR@[TD\UE\UEc\Ib[IaYLbYRe][kaiqftuj{zn�|p�s�s�|p�uj{mbrf^kc`k`_g_\c_Z^^ZY^YUaZRbZOe[Og[Ki\Kk\Il]Hm]Fm\Hj^HibOqfTqZJuOB�WJ�\P�ZM�ZL�M?�E5�<,�7(�8-�80�41�1-�6/�7.�7.�7.�7.�7+�7*�7)�8)�8)�9)�9)�9+�9+�8+�;,�;+�>-�9(�1 �2!�:+�</�9.�6,�5-�:2�B:�K>�H9�=,�2#�PF�KA�E=�E<�G?�G@�C>�=;�74�87�;;�::�77�75�85�=7�F>�B9�:0�3)�1&�6*�;/�@4�:0�=4�@8�@;�=;�;;�8;�9<�7:�8:�8:�99�97�97�95�95�51�51�65�76�89�9:�9;�9;�;>�9;�9;�=:�A=�B;�A6�?1�9+�<+�=*�<(�:&�9'�8&�9&�A0�<-�/#�0'�LJ�mo�lo�VZ�LN�NO�PO�UO�XP�]R�aT�jSWZ/:M7FTa)~�P��o��y��y��s~�ah�N\mCYdBT]BHP9?D0:=,@C2=A2;?1<C3:C0AN2Rd>]sBg�Hp�Ko�Kl�Gj�Ii�Kg�Ll�Pm�So�Sn�Pm�Mk�Jm�Jm�Iq�Mq�Nr�Nr�Pt�Rv�Vz�Y{�^y�cm�Zc�PWN?WN?WN?WN?WN?WN?WN?WN?XO@YPAZQB[RC\SD]TE^UF_VGd[Jd[LcYMcYOf[Uj_]nbdpdhreltgpvirvirsfmm`gg[_bXY^[VZZRZWPXULXTIXTH\VH^WGcZKcZIf[Ig\Hi]Gj^Fk_IiaJcbMngTv\M�SF�WN�VO�RJ�RF�G:�B2�=,�9)�8,�80�62�40�6.�8.�8.�8.�8.�8-�7,�7+�7+�7+�7+�7+�8+�8+�8+�:,�<.�>.�9(�1 �2 �:)�>.�<.�:-�5+�4+�;2�E:�OB�QC�OC�F?�@;�;6�:5�=7�=8�86�44�8:�78�79�78�77�97�=9�B<�A7�@5�:,�6'�5&�8)�=-�@1�A4�@6�@7�=8�:7�77�58�7<�6<�6<�7:�89�87�95�95�:5�92�:3�:5�;6�;8�;8�::�8:�:=�:=�<=�?=�A;�@7�=2�<.�;+�=*�=+�<)�;(�:&�8&�9'�9'�8)�5*�<5�QP�ee�^a�NN�NL�SO�XQ�\R�^S�_T�_V�fQ`_/Sg*^r3z�O��n��|��p��bj�HbvCTe;KY8FP7@I69?158-:</AB4=?4:=2>B4:C0@M3Rd>^tEh�Iq�Mp�Ln�Hm�Jk�Lj�Nm�Sn�To�So�Ql�Mk�Hl�Hm�Hp�Jp�Jp�Ls�Qu�Tx�Xx�Xx�^m�Xb�QY�H]TE]TE]TE]TE]TE]TE]TE]TE\SD\SD]TE^UF_VG`WHaXIaXGe]Je]Jd[Je[Oe[Qf[Uh]Yi^\j^^j^`k_ak__i^\f[YbWU_VQZUOWTKUQHRNCQMBSOCWQCXRB^WG_XFaYFc[Fg\Hi^Hk`LicMbaMngUy_P�XN�[U�VQ�IE�E@�@8�>3�;/�8+�8+�9.�;/�:/�8.�7-�8.�9.�8-�8-�7,�7+�7+�7+�7+�8+�8+�8+�9+�;,�>0�?/�:(�2 �2 �9'�>,�?/�?0�8+�2(�4*�<0�F9�N@�ND�:6�43�20�42�97�=<�<=�;<�9<�5:�27�37�58�99�<:�@:�8-�:+�6'�4%�5%�8(�<+�=.�D7�C9�B8�>8�96�66�66�79�6;�7;�7:�88�88�:6�:6�;4�:3�;4�;6�<6�;8�:9�99�88�9:�<<�@>�B=�?9�;2�7+�7(�;,�<+�<+�;)�:(�9&�8%�9&z6#y6%�9,�F=�SO�WT�PO�IF�MH�SL�ZQ�^S�aW�aW�_V�ePsrFz�V��n��������{|�[[o<@S%AS+BQ0?L2:C06<.69058/9;.@A3=?4:=2=A3:C0@M3Qc=`vGi�Js�Or�Np�Jo�Lm�Nl�Pp�Tq�Uo�Sn�Pl�Ml�Il�Hn�Ip�Lp�Lp�Nu�Sx�Xy�[u�Wq�X_�JVGOx@aXIaXIaXIaXIaXIaXIaXIaXI_VG`WH`WHaXIbYJcZKd[Ld[Je]Hf^If^Kg^Mg^Of\Pf\Rf\Sh]Wh]Wh]Wh]Wg]Tf\RdZPc[P]YNZVKVRFRNBPL@PM>TN@UO?XRBYTA[VC]XDaZGd]Jf_LfaMdcQleUv\O�[Q�b\�ZX�FD�<:�<9�;6�92�8-�8,�;+�?.�?/�9-�7,�8-�9-�8-�9-�8,�7+�7+�8+�8+�8+�8+�8+�9+�;,�?1�?/�:(�3 �3�7#�=)�@.�?-�:+�7*�5*�7+�:.�</�:2�66�24�12�34�88�<=�=?�<?�7<�38�06�25�58�77�65�61�5(�7'�6&�7&�7&�9(�:)�:*�A3�B6�A7�?8�;8�87�76�79�6:�7:�78�86�86�94�:4�;4�92�:2�:4�;7�:8�;9�:8�99�<:�A=�C?�A;�<3�6+�6'�7(�;*�;)�;)�;(�:&�9%�7#�9%�=*w6$�5'�E:�PH�MG�LG�QL�PJ�UL�ZO�^R�aV�bW�aW�gT��_��z��������ts�YN`8/A->4C&:F.=F3;A3:=2:=4<=5::.?@2<>39<1<@29B/?L2Qc=awHj�Kt�Ps�Or�Lq�No�Pn�Pr�Ts�Up�Ro�Pm�Lm�Jn�Jp�Kq�Mr�Ot�Sy�X|�]w�[m�Se�M[�HS|DNw?d[Ld[Ld[Ld[Ld[Ld[Ld[Ld[LcZKcZKd[Ld[Le\Mf]Nf]Ng^Mf^Ig_Hh`IiaLiaNi`Oh_Ph_Pj`Tj`Ti`Qh_Ph_Nh_Nh`MhaOd^N`ZL[UGVPBPM>NK:NK:NK:QN=RO>TQ@VS@XWC[ZF]\H^]Kb`Qf^QmWJ�[R�jd�c`�MM�BC�;=�89�84�70�9-�=+�B-�B+�;+�7)�8*�:+�9+�9*�9*�8)�8)�8)�8)�9)�9)�9)�9)�;,�?1�>0�:(�6"�4�7 �=&�B-�;*�;,�:,�9-�8.�:0�=3�;5�9<�4<�39�28�38�59�38�17�6<�49�4:�7:�9<�76�21�/*�6*�9*�:(�:(�:(�:(�9&�7&�:+�;/�>3�?7�>9�;8�96�87�68�66�66�74�84�:3�:3�<3�:2�;2�<5�=7�=:�><�=;�>=�@<�C=�A<�>6�7-�5(�7(�:*�;)�<)�;*�:(�9&�8%�7$�8%�@-u4"{3%�G:�RJ�NF�NG�WN�VM�YM�ZN�]O�]R�`U�`Y�hW��h��|�����j]kHDS42@&$2-:&0;*5=.9?3<?4=>6;<4::099-?@2;=28;0;?18A.>K1Pb<bxIk�Lu�Qt�Ps�Ms�Pq�Rp�Rr�Sr�Sr�Sp�Om�Mm�Kp�Ls�Ot�Qv�Uz�Y{�^z�_q�Vd�JZ�D]�JW~GRyBe\Me\Me\Me\Me\Me\Me\Me\Me\Mf]Nf]Nf]Ng^Og^Oh_Ph_Nh`Kh`IiaLjbMjbOjbOjaPjaPjaPiaNh`Mh`Kh`Kh`IiaJjbKf_Mc^K^XHXRBSM=MJ9KH7IH6LK9LK9LM;NO=PQ?QTCSVETUE[YL^VIcQEzXN�ha�ea�VU�RS�@C�:>�87�83�;.�?-�C*�A(�;*�8)�8)�9*�:+�9*�9*�9*�8)�9)�9)�9)�9)�9)�9)�;,�?1�>0�<)�:%�6�5�;#�A*�B.�@/�;,�7*�2(�4+�;2�=:�5:�3<�6=�8>�:>�;>�:=�9<�58�7:�9>�=>�=>�96�2/�0'�9+�=,�=,�>*�=)�<(�:'�8%�6%�7)�;0�=3�<5�<7�;8�:7�87�75�75�85�:4�;4�<4�=4�>5�?7�A:�B<�A>�A?�A>�B?�@:�@8�=3�8-�5(�5'�9)�<*�;*�<)�<(�;'�9'�7%�6$�7&}:)t3!~9*�OA�YN�RG�OE�WK�YN�[M�ZM�[M�\Q�_T�`Y�gY~wZy�`r|ZVaC;E,/;%0;*0<.3=25=27=3<?6@A9?A6<<277+89+>?1:<17:/;?17@->K1Oa;bxIk�Lu�Qu�Qt�Ns�Pr�Sq�Rs�Rs�Pr�Op�Mn�Lp�Ns�Ov�Ty�X{�\|�]z�]q�Wg�O]�EX�Ba�OY�ISzCg^Og^Og^Og^Og^Og^Og^Og^Og^Og^Og^Oh_Ph_Ph_Pi`Qi`OjaPjbOjbOjbOi`Oi`OiaNiaNiaNh`Kh`Kh`Ih`IhaGhaGhaGg`Me^Kb[I\WDWR?PM:MJ9IH6IG8GH8GJ9GK:HL;IM>JN?KM?PPDXRF[OCiRD�ZN�VL�SL�ZY�IJ�?B�99�75�;1�@.�B*�<$�:)�7(�8)�:*�9*�:*�:*�:*�9)�:)�:)�:)�:)�:)�:)�;,�=0�=/�=,�<)�8"�4�9 �A)�C-�A/�=/�6+�/%�0'�6.�:8�59�6>�;C�?E�AE�BC�@A�@@�12�66�:<�=;�;9�82�4.�4)�<-�>+�?,�@,�>+�?)�<(�:'�7%�7'�8+�8.�70�94�<9�>;�97�95�95�:4�;4�;4�=4�>4�B7�C9�C<�B;�A=�?<�=;�>9�<3�:/�8+�6(�7'�8)�:)�:(�<+�<*�<)�:'�9(�7&6%}6$x3#x5%�C3�UE�WK�PC�PD�ZL�YM�ZN�\Q�\Q�[T�\U�\W�bUkbEWa>JS4=G,6?*3>-4>35?66=69@9=B;CF=EG<DE7@>/;9*78*=>0:<17:/:>07@-=J0N`:awHk�Lu�Qu�Qt�Nt�Qr�Sq�Rq�Or�Nq�Mp�Lo�Kr�Nu�Ty�X�`~�az�^q�Wf�L_�G]�E^�Ib�PY�KSzEh_Ph_Ph_Ph_Ph_Ph_Ph_Ph_Ph_Ph_Ph_Ph_Ph_Pi`Qi`Qi`QmdUlcTj`Ti`Qh_Pg^Oh_Nh`MiaNiaLiaLiaLiaJh`IhaGh`IgaKg`Me^Kb[H\WDUR?QN=ML:EF6EH7DH7DH7CJ:CJ:CI;EI;IK>SQDSPAYM=eK:tD6�I?�YS�QQ�DE�::�86�<4�>/�=)�8"�:)�9(�:)�;*�;*�;*�;*�;*�:)�:)�:)�:)�:)�:)�:)�;,�;0�:.�<,�>+�9#�3�7�?'�9$�<)�>0�=2�8.�7/�<5�?=�=B�?D�DH�DE�@?�;7�50�1.�/,�51�:6�<6�:2�8.�8,�;,�=-�>+�?,�@-�@-�A+�?+�=*�;*�:(�7(�5)�5+�90�>9�C>�<7�;5�;5�<4�<5�=4�>5�@5�D9�D:�C;�B:�?:�<7�85�93�7-�8(�5'�6'�:)�<,�:)�8&�=*�<+�<*�<)~9)}9&{6&{6&z2$�8*�G8�SC�QC�L=�RE�_S�WL�YN�[R�]T�^W�\V�ZU�_RaX;EM(6@8A&>G2=F53=2-7.1817>6CF?GJ?HI;BC1?>*;:&78(=>09;069.:>06?,=J0N`:awHj�Ku�Qt�Pt�Nt�Qr�Sq�Rq�Mq�Lq�Lp�Kp�Ls�Qw�V{�\��e��dx�^j�P]�EY�A^�He�Pc�SZ�LSzEi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`Qi_Sj`Wj`Wj_Yj`Wj`Vj`Vj`TjaRjaRjaPjaPjbOjbOjbOjbMjbMg_Jg_Jf^Ie_Ib]IZXCSP=ML:HI9EH7AE6@D5?E7?G8?G:?E9GK=IK=BF5KJ6\Q;aE0�J9�j]�g`�US�FE�A@�A=�>5�=0�=-�4%�5&�6'�7(�7(�9*�;,�=.�<-�<-�<-�<-�<-�;,�;,�<-�2(�7.�;/�:+�7"�5�7!�9"�A-�=,�6)�4*�6/�<7�C?�HE�DE�FI�CE�98�61�80�8.�4+�9/�9.�9/�8-�9,�:+�<+�<+�=+�=*�>+�?,�@-�@.�A/�@-�;*�:(�7(�6)�7,�8-�;3�<4�=6�=6�?8�A7�A9�B6�@6�@5�H=�E;�A8�;2�5/�3-�0,�2+�9-�;*�9+�:*�:)�;+�;+�<+�:(~9)|9(|9(|9){8'y6&x3$w- �A6�PD�MA�MA�RF�UJ�RG�\R�\R�UM�TL�ZU�XS�WT�gZ]T5IQ*BL)BK,>H/7@+2=-4?14<1HPCZ]RX\MMO:DF.AA'==%:;)>?1;=2:=2<@24=*;H.Pb<cyJl�Mu�Qs�Or�Lr�Or�Sr�Sr�Nq�Kr�Nr�Ns�Pv�U{�\�b��fx�^j�O`�G^�Ga�Jf�Pi�Ud�S[�LTyEi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`Qi_Sj_Yj_]j_]j_[j_Yj`Wj`Vj`Tj`TjaRjaRjaRjaRjaRjaPjaPh`Mh`Kg_Jg_Jd]J^YEUR?ON<IJ:FI8BD6@D5?E7?G8>F9=E6@F8>E5>F1HL5MI0U?(P<�sd�cX�_Z�UT�GG�@>�A>�?9�:0�9-�<-�=.�=.�;-�:,�:,�:,�:,�:,�:,�:,�:,�:,�:,�;.�?5�B:�B7�=/�7$�2�1�2�5#�7(�:0�A8�F@�ID�JF�KH�CA�ED�B@�;5�9/�=0�?1�=0�?1�>2�?1�>/�=/�>.�@.�?,�=*�;*�<+�=,�>-�?,�>,�?-�@.�=-�:,�8,�8+�8-�:0�9/�;3�;4�?5�B8�C9�C9�D9�E8�B6�A4�=3�:0�6/�5.�5/�7.�</�=,�;,�;+�:*�;*�;,�<,~;*|:*{9)y:)x9(w8'v7(w3&�3)�C9�NC�L@�K?�QD�TI�RG�SJ�XO�UO�WQ�]X�WR�SO�cT]W5Xc9_jBZfBIT66C)4@*<H4OXGYbQ_fTW\HJN7BE*??#<<"9:(=>0:<1:=2<@25>+;H.Pb<dzKl�Mu�Qt�Pr�Ls�Pr�Sq�Qs�Pr�Lp�Lq�Nt�Sx�Y|�_�c{�ao�Uc�J]�Da�Je�Ne�Nc�Od�S[�LTyEi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`QjaRjaRjaRjaRjaRjaRjaRj`Vk`\k__k__k`^k`\k`ZkaXkaWkaWkaUkaUkaUkaUkaUkaWkaUlaOk`LiaNiaNf_Ma\IYVESR@NL=IJ:DF8AE6AE6?F6>D6<D5=F57@-@H1IK3F?%W?'�ZE�rb�VJ�bZ�eb�TS�FH�GH�CD�:7�7-�:,�:,�:,�9,�8+�7*�6)�8+�7+�7+�8,�8,�8,�8,�8.�3-�5/�6-�3(�0"�. �2!�3$�@4�C7�G?�LF�MI�JG�FB�D@�CA�DA�@:�;1�</�A1�E4�E3�D3�D4�B2�A0�@0�A/~A.@.�:*�9+�:)�;*�<+�<+�=,�<*�?.�>.�;+�9*�8+�9-�:/�9/�90�90�;0�>3�?4�A5�B4�A4�:.�9.�8-�7+�6+�8-�8/�;1�</�=-�;-�;,�:+�;+�;,<,};+{<-z;,w9*v8)u7(t6)v4&�<2�G=�MD�J?�H<�OB�TI�RI�OI�TO�SQ�WS�]Z�YU�[T�l[�}X~�^��alxRLX46D#=J.LZ@eqYeoW]eMPU>EI0?C(=@#:<$89';<.9;09<1=A36?,<I/Pb<dzKm�Nv�Rt�Ps�Ms�Pr�Sp�Pu�Rp�Ln�Lp�Ow�V{�\}�a|�bp�Uf�M\�E\�Ee�Mj�Rf�N`�Ic�RZLSxEi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`QjaRjaRjaRjaRjaRjaRjaRj`Vk`\k__k`^k`\k`\kaXkaXkaWkaUkaUkaUkaUkaWkaWkaXkaWnbRmbPjbOjbOibPe^L_YIYVERO@NL=GH:DF8CE7BD6@D5<C3<H4:C.FJ3MG1P;&qL9�bQ�^P�A5�SL�c_�^^�SU�JO�DJ�AC�92�9-�7-�7+�8/�:/�;2�:0�>6�>4�=6�>4�>7�?5�>7�>7�@<�B>�D>�F=�F<�I>�M@�QE�SJ�QJ�MG�IE�FC�C@�A=�B=�FB�D?�?7�=0�?/�C2�H4�I6�G5�E3�C3�B2�A0~A/zA0}@.�:,�8,�9+�:,�:,�;-�;+�;+�:+�9+�9*�9+�9,�;/�=1�<0�:/�9/�:0�:.�:.�:.�9+�8*�7)�7*�6)�6*�7+�8-�9/�<0�<.�<-�;,�:+:+~9*~;+};+|:,z;,y;,w9,s8*q6(r7)u5)�C:�I>�KA�H<�I<�OD�TK�TL�QL�TP�QO�SO�\X�_X�h^�~j��p��fu�WYh?CR+?O*P`<crQetU\iKOY>CL1?E+?C*=A(;='78(:;-79.9<1=A37@-<I/Oa;bxIl�Mv�Ru�Qt�Nt�Qr�Sp�Rs�Po�Mo�Ms�R|�]~�ay�_t�Zc�J^�E[�D_�Hg�Oj�Pf�L`�Hb�QY~KRwDi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`QjaRjaRjaRjaRjaRjaRjaRj`Tk`Zk`\k`ZkaXkaXkaUkaUkbSkbSkbSkbSkaUkaWkaWkaXkaWocUnbRkbQlcRkbShaQd]M`ZJXRBSP?NK<IG8GE6DE5BC3>B1=I1?G/LG1S>+g=-�ZL�_S�>6�3+�?9�XU�ig�de�RU�JN�OQ�ID�F<�@7�>4�?7�D:�F>�G>�JB�JA�JC�JB�KD�KC�KE�KE�SR�TT�SR�SP�SL�SL�TN�UP�LH�IF�EB�C@�B@�C@�EB�GE�IH�DA�?8�=2�?2�B1�E3�G6�E3�D4�B3�A1�?1~?0z?1|>/�:.�9.�9.�:/�;-�;-�;-�;-�9*�:+�9+�9,�;,�;-�<.�;/�:1�9/�9-�:.�9,�9,�8*�8*�8)�8)�8(�8)�9*�:,�:-�;-�:-�:,�9+�8*}7+}7+|8+{9+{9-y9-x:-v8-q5*o5)q7+u:,�H=�J?�I=�I;�L@�RF�WM�XO�QM�UQ�SP�VQ�`Y�bW�g[�{enrQZi@JY0BS)IZ0WiAdvNj|VXiEL[:?L.:D)<D,>C-<A-:=,89+:;-79.9<1>B47@-;H.L^8_uFi�Jt�Pt�Pt�Nt�Qs�Tq�Sn�Mm�Lp�Pw�Y|�az�`r�Xj�RZ�C\�Ea�Ie�Mg�Mg�Kh�Jg�Mc�PZ|JRtBi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`QkbSkbSkbSkbSkbSkbSkbSkaUlbYlbYlbYlbVlbVlcRlcRldQldQldQlcRlcTlbVlbXlbXlbXocUnbRkbQlcRlcTkbSg`Pd]M^WGYSCTN@MJ;KH9GE6FC4@C0;H.@I.OC-a=-�F;�YS�NJ�,+�:9�=;�SR�pn�vv�eh�X^�^_�UQ�PF�G@�C:�D=�G>�GA�G?�HC�JB�HD�JC�JF�KD�KG�KG�HH�GI�HH�GG�HD�HD�GD�ED�BA�AB�BA�BB�CB�B@�A>�A?�II�C@�<6�>3�@3�@2�B3�D3�A2�@1�?1�=1�<2�<1=1=1�;1�;1�:3�;1�;1�</�<1=/�</�=-�;/�;,�:,�9*�8+�7*�:/�8.�9-�:/�;.�=.�</�>.�9+�:+�:*�:+�;,�;+�;,�:+�:,�9+�8*~6(|6*{5){5){7*x6*x8,x:/s7,p4)o5)r:-w=1�M@�K>�J<�M=�QC�VH�XM�WN�NI�TO�VR�]V�e\|_QgWGa_HEO->N)?O(J\4_qGk}SewMXj@N`8@Q-6E&7D*=F1=D4:>07;-8:,:;-68-9<1?C57@-9F,I[5[qBe�Fr�Ns�Ot�Nt�Qs�Tq�Sm�Lo�Os�Ux�\z�`s�[i�Q`�HY�B^�Ge�Mg�Mg�Ke�Gg�Gh�La�NXzHQsAi`Qi`Qi`Qi`Qi`Qi`Qi`Qi`QkbSkbSkbSkbSkbSkbSkbSkbSlbXlbVlbVlcRlcRldOldOldMldMldMldOldQlcTlbVlbVlbVocUnbTkbSlcTmdUlcTjaRf_Ob[K^WGXQARL<OI9JG6IC3AC.:G+AG+U@+xG9�PL�II�8<�39�AE�?@�JI�b`�qp�np�be�Z\�QN�LD�E@�B;�D?�E>�B>�A:�C?�C=�C@�D?�DB�D@�EC�DC�AD�AD�DF�GH�IH�JI�II�GH�AC�AD�BE�BE�AA�@>�=:�=:�FF�=<�83�<3�@4�?1�>0�A1�=0�<0�;1�:0�81�93�:4�;4�;3�<3�:4�<3<3}=1}=3}=1|<0|=.|<0|=.};-{9)z8*{7*�:.�9.�9-�9.�9.�;.�<.�=-�9+�9+�;+�;*�;+�<*�;+<+�8*�8,~6*}5)|3*z4*z4*y5*u2)v6,w9.s7,p4*o5*s:/x@3�QC�N?�N=�Q@�VF�XI�UJ�SJ�PJ�SP�TR�\V�e\n[LPK7EK1AN0KZ9WgC`rLgyQdyNWm?G\1AV-7H$1@!6B*=F5<D98=67:3:</;<.79.9<1?C57@-7D*FX2Vl=b~Co�Kq�Ms�Mt�Qt�Ur�To�Pq�Qu�Wv�Zs�Yj�Rb�J[�E^�H`�Id�Lf�Lh�Jh�Hf�Fe�Ia�NXzHPr@i`Qi`Qi`Qi`Qi`Qi`Qi`Qi`QkbSkbSkbSkbSkbSkbSkbSkbSlbVlcTlcTlcRldQldOldOldMldMldOldOldQlcRlcTlbVlcTnbTmaSmaSmaSmdUlcTjaRg`Pd]M_YIZSCTN>PK8MH5ID1DC.@F*DD([B,�TG�\X�>A�/5�HO�?E�;>�;<�FG�Z[�ef�Y[�GH�JG�EB�B?�B>�FB�FB�B>�?8�D?�D?�D@�EA�EB�EC�DE�DF�@D�@D�BE�EG�GG�FF�BC�>?�BD�@C�>A�=>�>>�A?�C@�EC�CC�98�50�;4�?6�>3�=/�?2�</�:0�:0�81�83�94�94�;5�:3�;3�:2;2~<0~<0|<0|<0x8,y9-z:.z:.{<-{<-{<-z;,};/9/�7.�7,�6*�5*�7*�8)�8,�9*�:-�<-�<-�=,~<,~<,}9,}7-|6,z6+z4*x4)y5,x5,r2(u5+v8-r6+n4)n5*t;0xB6�UG�PB�O@�SD�WI�VJ�RG�NG�TN�UP�RK�XOcUf[GGK2=J,IX9ZkIhyUcxQZoFSh?Pb:L^6;M'0?,95>)=C5<B8:<79<5;=2;=079.9<1?C58?-8B)EU1Uh;azCn�Mr�Nr�Pt�Qt�Ur�Tt�Uu�Xv�[t�Zo�Uf�N^�H[�Dd�Na�K`�Hc�Ih�Ji�Ke�Ea�E`�MWyGPr@i`Qi`QjaRjaRjaRkbSkbSkbSjaRjaRjaRjaRjaRjaRjaRjaRkbSkbSkbSkbSkbQkbQkbQkbQlcRlcRlcRlcRlcTlcTlcTnbTk]PqaRtdWrdWnbVj`TiaThbTgaSebQc]M[VCVQ=TO9NH2GA)KG,I?$bI3�gW�wn�lg�YW�PR�BE�BE�DG�FH�HK�JK�LM�KM�EE�DE�ED�FE�FB�C?�D=�F<�C:�D;�E<�E?�D@�CC�AD�@D�BF�BD�CD�DE�DE�EF�ED�EE�CC�B@�@?�@?�?>�@=�A>�C?�B?�?;�93�70�:0�=2�>3�>2�?4�?3�=2�<4�93�83�92�92�;0�<.�<.�;-�;/�;/�:.�:.~:-~:-~:/~:/};/};/};/};/}90}90~80~8.�7.�7.�8/9-�7.~8,}9.|8-{9-z8,x8,x8,x8.x8.w7-v8-v6,t6+s4+q5+m1'r6,n4)m3(o6+m4)q8-I=�SH�SJ�RJ�QJ�QI�QJ�QK�RL�TM�TK�[N�cQo_HYU:MV7O_;j~YbxQZpIUjCRg@Pa=IY5DR17D&4>#2:#6;'<>0@B5@@6<>358-39-4:.7:/9=/;?.=B,=F)S_;arFo�Rt�Ut�St�Ss�Ss�Uu�Z~�e~�ep�Yb�K^�G^�H^�G`�Ib�Kd�Mf�Ne�Mc�K`�H^�G_�LTvDKm;i`Qi`QjaRjaRjaRkbSkbSkbSjaRjaRjaRjaRjaRjaRjaRjaRkbSkbSkbSkbSkbSkbSkbSkbSlcTlcTlcTlcTlcTlcTlcTnbTrbSqaRrbUrdWrfZogZmeXjdVgcWliZmjYjgThcOc^H[U=RL4PJ0I?&Q?)kP=XI�ND�E=�EA�WV�TT�QQ�PO�NM�MM�MK�KJ�TT�HI�=>�=:�B@�EA�B;�>4�D9�F:�F=�H?�FB�DD�AE�AE�BF�CD�CD�DE�DE�EF�FD�FD�EA�D@�B?�A>�A=�A=�A=�C?�E?�C<�>6�;1�90�:/�<0�=1�@4~@5~>4�=4�:3�91�92�90�;.�<-�<-�;,�;-�:,�:,�:,9-9-9/9/~:/~:/~:/~:/}90}90}90}90}90}90|90|90|90z:0z:0z:0y9/y9/x:/w9.w8/w8/t8.s7-r6,r6,p6+p6+l2'q7,m4)l3(o6+l3(p7,~H>�SJ�SL�QL�QM�QL�PM�QN�SO�OG�SH�[K{ePsiPilMfqQgxT^tMXnGPf@Ma<M^<L[:HU7CP4<F-8@)6;'7:)<=/?@2>>2;=04:04<15;16<0:</<?.>A,>D*Q[9^mDn�Ss�Ur�Ss�Ss�Ss�Vx�^|�ex�ak�T`�I]�F]�F\�E`�Ia�Jd�Me�Ne�Nb�K`�I^�I]LRtBIk9i`Qi`QjaRjaRjaRkbSkbSkbSjaRjaRjaRjaRjaRjaRjaRjaRkbSkbSkbSkbSkbSkbSkbSkbSlcTlcTlcTlcTlcTlcTlcTnbTqcVo_Rm\Rm_Tqd[og\ldYhbVfbWqma{xi~{j�zj{vcqjWe`JTT<FF.C>(MB.S@/U8*]7*m>4n70u91~;5�@:�IB�PJ�XP�ZT�^Y�RO�GE�B?�DB�ED�D@�@:�A;�C<�E>�G@�GC�FF�EF�DF�CD�CD�CD�DE�DE�EE�EC�FD�EC�DB�D?�C>�C>�C>�C=�C>�E@�F@�B<�>5�:1�8-�9.�;/�@2?3~>2�>2�:1�91�92�90�;.�<-�:-�:-�;-�:,�:.�:.9-9-~:/~:/~:/~:/~:/~:/}90}90}90}90|90|90|90{8/{;1{;1z:0y;0y;0x:/x:/x:/t8.t8.s7-s7-r6,q5+p6+o5*j1&p7,m4)k2'l6*i3'm7+}G=�PI�QJ�QK�QL�RM�TO�UP�VP�WO�[P~^OtbNoiQorUlwYfwUQeBK_:EY6DU3EV6GV9GT8ER8@J2<D/9>*7;*:<.<>0;=/9;.6<25=26<26<0:</<>0=@-=C)MW5Zi@h{Mn�Pp�Qs�Ru�Ut�Wz�`w�`n�Wc�L\�E\�E\�E[�D_�Ha�Jc�Ld�Mc�La�J_�H]�H[}JPr@Gh9i`Qi`QjaRjaRjaRkbSkbSkbSjaRjaRjaRjaRjaRjaRjaRjaRkbSkbSkbSkbSkbSkbSkbSkbSlcTlcTlcTlcTlcTlcTlcTnbTrdWpbUm_Tl_VkaWlcZle[jf]jf]yuj��x��������~��r}zg`cNOT>DG2GF2HC0F=,L<,VC4P9+R6*V4*Y4+\6+a9/e=3n>4�KB�RL�UQ�OL�FF�AB�DC�GG�@>�A?�B>�E@�EC�FD�ED�ED�DD�CD�CD�DD�DD�ED�FC�FC�FB�FB�E?�E>�D=�D=�D=�E>�D<�F?�F>�A8�;1�8,�8-�;.�@0@1~?0�>0�:1�:/�:0�:.�:-�;,�:-�:-�:,�:,�9-9-9-9-~:/~:/~:/~:/~:/~:/}90|90}90{8/{8/{8/{8/y9/{;1z<1y;0y;0x:/x:/x:/v:/t8.s7-s7-r6,q5+o5*o5*m4)j1&o6+l3(h2&k5)h2&l6*|F<�OG�OJ�PK�RM�TO�VP�WP�ZQ�]R�aUy_Pj[Hd_IdhO\fKN]@EU8AQ4>M0=L/?M3DQ7FR:GS;BK6>G2:A/9=,9=.9=.8<-7;-7=36=56;47=3:<1;=/<?,<A*JS4Ve>dwIl�Lp�Qu�Tw�Wx�Z{�ar�[e�N\�EZ�C\�E\�EZ�C_�H`�Ia�Jb�Ka�J`�I^�G]�HZ|INp>Ef7haQhaQibRibRibRjcSjcSjcSibRibRibRibRibRibRibRibRkbSkbSkbSkbSkbSkbSkbSkbSlcTlcTlcTlcTlcTlcTlcTlcTrfZth\sf]ndZjaXle]snh{xq�~w���������������������z{kdgTOR?GJ7EH5BE2BE2EH5KL<JH9GD5D>0B:-A7+@6*G5)S5*qB8�PH�PK�HI�GI�EI�BE�@B�@B�BA�DC�EA�FB�EB�DA�DD�DF�DF�DF�DD�ED�ED�ED�FB�FA�F>�E=�E=�F=�E=�F>�A:�C;�E=�B9�>3�:.�;.�=0�?0�?/�>.�>.�;/�:-�;.�;.�:-�;-�;-�:,�:,�9+9-9-9/~:/~:/~:/}:1}:1}:1}:1|91z:1|91y90y90x8/x8/w8/y:1y:1x90v:0v:0u9/u9/t:/r7/q6.q6.p5-o4,o4,n3+m4+j1(m7-j4*h2(j4*f2'j6+}D;�NG�NH�QJ�TL�UO�WP�YR�\R{YMw]PkZJ]UBYXDY^HOYA?K3:H/7E.5A+5A+8D.?H3CL7EN9BK8@I6<E4:A19@07>.5<,4:,5<45<56;56;49;0:</;>-;@)GP1Sb;buGk�Kq�Rw�Vy�Yy�[x�`n�W`�IZ}C\E^�G^�G]�F`�Ia�Jb�Kb�Kb�K`�I_�H^�IY{INo@Ef9haQhaQibRibRibRjcSjcSjcSibRibRibRibRibRibRibRibRkbSkbSkbSkbSkbSkbSkbSkbSlcTlcTlcTlcTlcTlcTlcTlcTkaUoe[pf\lcZkd\rmg��|����������������ľ��������������rgdUPQ?FI8>E3;D1:F28E38E38C3:B3<B6@C8CD<HE<>4*P:/e?6�EA�PO�X[�RW�CI�FJ�EF�FF�FE�FC�DB�E@�CA�DD�DF�DF�DF�DC�DC�DC�DC�EA�FA�F@�F=�F=�G=�G=�E=�?8�@9�C:�C9�A7�=0�=/�=.�>/�?/�>.�>.�<-�;-�;.�;.�;-�:,�:,�:,�9+:+9-~8,~:/~:/~:/~:/}:1}:1}:1}:1z:1z:1z:1y90x8/v7.v7.t8.w8/u9/u9/t:/t8.s9.s9.r8-q6.q6.p5-o4,o4,m4+l3*j4*h2(m7-i3)f2'i5*e1&i5*{B9�MG�MH�PJ�TL�VO�XN�ZP|\Qs\Nl\M`WFVSBQRBJQ?@I64@,3<+2;*09(09(2;*5>-9B1<E4?H7?H7>G6;F5:C25@/3>-1<,3:33954954928919;.;>-;@*CL/O^7`sEk�Mr�Sy�Yy�Yw�Yq�Yf�OZ}CX{A\E^�G^�G^�G`�I`�I`�I`�I`�I_�H^�G^�KXzHLm@Cd7haQhaQibRibRibRjcSjcSjcSibRibRibRibRibRibRibRibRkbSkbSkbSkbSkbSkbSkbSkbSlcTlcTlcTlcTlcTlcTlcTlbVj`VjaXkdZlh_upl���������������������������������μ������zym]_YIKL:AF2<E0?K7>I8>F7;C6;>5:;3983872==3C<2N71a84�HH�]_�`d�WZ�QS�NO�MK�KJ�HG�FD�DA�BB�CF�CG�DF�CE�CE�CE�BB�CB�DC�D@�D?�F?�E>�E>�G=�E=�@:�@:�B:�D;�C:�@4�;/�9+�=/�>.�>-�>-�<,�;,�<-�<-�:,�:,�:.�9-9-9-~8.}9.~:/~:/}:1}:1}:1}:1}:2}:2{;2y:1y:1x90w8/t8.s7-r8-t8.s9.r8-q8-r8-p7,p7,p7,o6-o6-o6-n5,m4+l3*l3*i3)h2(k7,h4)f2'h4)b0%f4)zA8�MG�NI�PJ�UL�XN�YOxZOr\Nk^N_XHRPAKN=EI:9B13;,08)17+17-06,06,06*17+2:+4<-9D4;F5=H7<I7;F56C13@,1>-.800621622717829;0:<.:?)?H+LZ6]pCj�Ls�Vy�[w�Ys�Vg�P^�IVyAX{C[~F[~F[~F]�H_�J_�J_�J_�J_�J^�I]�H]�JUvIJk@Ab7haQhaQibRibRibRjcSjcSjcSibRibRibRibRibRibRibRibRkbSkbSkbSkbSkbSkbSkbSkbSlcTlcTlcTlcTlcTlcTlcTlbVqh_ng_mhbtqj������������������������������������������������}ub^\GKM7CH2AI2AH6@G7BD9BB:B=9C97?:6:=6>?7C82J.+e77�QR�hj�nm�\\�ZW�VS�QN�ML�HH�CD�BE�DG�DG�DF�CE�CE�BD�BB�BB�DC�CB�C?�D>�E>�E>�G=�E=�C=�A9�B:�D;�E:�A6�:-�6'�</�=.�=-�>-�<,�<,�<-�<-�:,�:,�:.9-9-~8,}9.}9.~:/~:/}:1}:1}:1}:1}:2{;2z;2w;1x90v:0u9/s9.r8-r8-r8-q8-p7,n8,p7,m7+o6+o6+o6-o6-n5,m4+m4+j4*i3)h4)f2'k7,h4)c1&f4)b0%e3(xB8�NH�OI�RM�VN�XOzZOq[Mj]MZTDIJ:@D5>D69A219,/7*6<247058157247025.06,08-2:-6A3:E5=J9>K9<I77F33B-1>-,6..400511606718:/:<.:?+<E*IW4[nAi�Mr�Vx�\u�Xp�U`�IX{CSv>WzB[~FZ}EY|D\G_�J_�J_�J^�I^�I]�H]�H]LStIHhA@^8icSicSicSicSicSicSicSicSicSicSicSicSicSicSicSjcSkbSkbSlcTlcTlcTmdUmdUmdUmdUmdUmdUmdUmdUmdUmdUldWjc[gd]vsn����������������������������������������������ɷƵ������ibbFEH-EI0CG0FE3GC7F<3C60G53I;:>=9>?:B:7I75cGF�jjœ�譩ҋ��tn�]X�SP�ON�KM�FK�FK�DH�IK�EG�<?�>@�GI�DG�:=�@@�@@�A@�B@�C>�C=�A;�A9�C>�A9�@9�A9�B8�@5�:.�8*�=0�>/�>.�>-�=,�=,�<,�<,:+9-9-~8,~8.}9.|8-|8-|90|90|90|90z:1z:1z:1z:1y=5w<4w;3u:2t91q8/p7.p7.o6-m7-m7-l8-m7-l8-m7-m7-i2+m6/p92p92l5.g2*g2*h3+e0(i7.d2)^.$`0&_/%b2(s>6�OJ�QL�QL�RJ}XOx]RhXITN>DE5@D5:B37?24</3;04:049279478366457246116//6./7,.9+2=-6C2:G6:I68G44C.1?.*4+,2.-2./4.45/79.:</:?+6>&ES2YkCj�Ru�]y�_r�Yk�R[~DXyDTu@Tu@XyDZ{F[|GZ{F^Jb�Nb�N^J\}H_�K`�L_NTsJFd@<W6icSicSicSicSicSicSicSicSicSicSicSicSicSicSicSicSkbSkbSlcTlcTlcTmdUmdUmdUmdUmdUmdUmdUmdUmdUmdUldYgd]onj����������������������������������������������������Ͳ��������cgjKLQ3GJ/EC.GA1H>4I:3L95K<9?:7CB@NIF]RPyjg���β��ſ���벩͂|�c^�VV�RS�HM�AD�DE�EE�HH�JK�EF�<>�<>�AC�??�??�A@�A@�B>�B=�A<�A:�A<�@;�A:�B:�C;�A6�;1�8-�=0�>/�>.�>-�=,�=,�<,�<-9-9-9-~8,}9.}9.|8-|8-|90|90|90|90{;2{;2{;2z;2w<4u<3u:2s:1r90n8.p7.m7-m7-l8-l8-l8-l8-j8-l8-l8-k6.n70p92n91l7/i4,g2*e3*c1(d4*_/%^.$b2(^.$`0&p>7�KF�RN�XR~XOrVKdRFRI:A?0<@18@15@23>04<14<15:37:379677577557246116/07//7,.9+1<.5B19F59H58G44E24B1.8//6/.3--2+23+46+8:-9=,7?(DQ3YkEj�Uv�`y�bp�Zg�QY|DWxCTtBTu@VvDYzEYyGYzE[{I_�K`�N\}H[{I^J^~L^{MSnKF_A9R5icSicSicSicSicSicSicSicSicSicSicSicSicSicSicSicSkbSkbSlcTlcTlcTmdUmdUmdUmdUmdUmdUmdUneVneVneVlfZed_y{x�������������������������������������������������������ش�Š�����l`gEQX9EH-DC.JD4LD9KA8J?;C;9SJKia_�wv�����������������������ec�BE�DI�RV�UT�MK�DA�CA�FE�EF�DD�CD�=?�>@�@?�@?�B@�B?�B?�A=�@;�@:�C;�E<�D<�B7�<2�9.�<0�=0�>/�>.=-=-�=-�=-9-9/~:/}9.}9.}9.{8/{8/}:1}:1{;2{;2{;2{;2z;4x<4t;2q;1r90o9/n8.l8-l6,k7,l8-j8-j8-j8-j8-i9-j8-j8-n91m82m82m82m82i70f4-c1*e3,a0)],%_0(c4,\-%_0(sD<}PK�VP~YQpSK^J?OC7@=.46(3:*1<,1<.2=/5=26<27:37:379679668368357227018008-.9+0;-2?.6C27E48G49H59F54>33:205.,2(/0(13(57*7;*6>'ER6[lJm�Zy�fy�fl�Z`�NWwEWuCUrBUsAWtDXvDYvFYwEZwG^|J_|L]{I]zJ_}K^{KZwKPgJAW@3I2icSicSicSicSicSicSicSicSicSicSicSicSicSicSicSicSjcSkbSlcTlcTlcTmdUmdUmdUmdUmdUmdUneVneVneVofWmg[jkf�������������������������������������������������������������ڴ��������efmLNR7FH0JI7KI<HD9D@7OGDj`_���������������������������������収�cf�@?�PK�TM�PH�GA�GB�MJ�KH�@?�>>�??�?>�A?�A?�C@�B?�B=�>9�@:�C=�E?�E>�A9�=5�;2�<1�=0�>/�>.=/=-�=-�</9/9/~:/}9.}9.}9.{8/{8/~;2~;2|<3|<3{;2{;2z;4x<4r90o9/o9/m9.l8-k7,j6+h6+i7,i7,i7,h8,h8,h8,h8,h8.m;4l71j5/i70j81j81f4-a0)e4-a2*].&a2*b3+Y*"a2*yNG�\VvWRjOHXD;I<3@:.:;-8<.08)/:*3;.4</6<26<27:169279479468349238139/19.19..9+/:,1<,2?.5B17E4;H6<I89C87?428.-3'./'/1&24'48'4<'ER8_pPt�d}�ny�if�XU|GSsBTqASp@Sp@TqAUrBVsCVsCXuE[xH]zJ]zJ^{K_|L\yIWrIK_F<M;.?-gdSgdSgdSgdSgdSgdSgdSgdSgdSgdSgdSgdSgdSgdSgdSicSjcSkbSlcTlcTlcTmdUmdUmdUmdUmdUneVneVofWofWofWng]qqo����������������������������������������������������������������ѯ������}�bY]BIM6GJ9FJ;CF;AB:c^X�}z������������������������������������騤�id�MB�PD�YN�\R�QH�D=�A<�DA�A>�@>�@?�A@�C?�C?�C?�C?�?;�A<�E@�E@�C>�@9�=7�<4�<1�<2�=1�=0=1=/=/=/~:/~:/~:/}9.|90|90{8/{8/|<3|<3|<3{;2z;4y:3y:3w;3n70m80m80l7/k6.i7.h6-h6-i7.h8.h8.g8.g8.g8.g8.h8.k92h6/f4-g5.i70h70e4-b1*c2+c4,_0(]1(]1(W+"c7.{ULtXTaNHN?8A7.=6,;9-9;.9<139-3;.5;/6<06<07:/68-47.69049238139/39/2:/19.19,08+.9+/:,1<.3>.6C2:E5<G7=E8:B55;/06(02'02%13%26%2:%GS;dtWy�k~�rs�g]�RJp?Oo>Qn>Qn>Qn>Qn>Ro?Sp@TqAWtD[xH]zJ]zJ_|L`}MZwGSmFCU?6D7(6)gdSgdSgdSgdSgdSgdSgdSgdSgdSgdSgdSgdSgdSgdSgdSicSjcSkbSlcTlcTlcTmdUmdUmdUmdUmdUneVneVofWpgXpgXoh^lnmz���������������������������������������������������������������׹�Ħ�����rggONP;GK:FL>HPEKQG{{s���ž����������������������������������������ؓ��eS�K;�TF�WI�F;�@8�KE�C>�C?�C@�C@�C>�C>�D>�B=�B<�C?�DA�D?�A=�=8�;6�<6�;3�<4�=3�=2=1=1=1=/~:/~:/~:/}9.|90|90{8/{8/|<3|<3{;2z:1y:3x92w81u91n70m80l7/j8/i7.i7.h6-g7-h8.h8.g8.g8.g8.g8.g8.g8.h70h6/g5.g5.h70h70g6/f5.a2*e6.^2)\0'`4+a5,i=4uSJXG@E>6<5/:6-;8199/57,36+7:/5;/7:/7:/69.58-57,36+28,19,28.19,19.19,19,19,08+08+.9+/:,0;+3>.6A18C3<D5:C28>05;-57*35(13%04%18&HT>gw\w�mv�lh�_RwKBh9Kk<Nk;Pm=Pm=Ol<Nk;Pm=Qn>WtDZwG]zJ^{K`}M_|LVsCNg@<J90;3%/'gdSgdSgdSgdSgdSgdSgdSgdSgdSgdSgdSgdSgdSgdSgdSicSjcSkbSlcTlcTlcTmdUmdUmdUmdUmdUneVofWofWpgXqhYoh^hikmtz����������������������������������������������������������������Ư�����}vn[ZWFPQCSVK\c[fme���������������������������������������������������񪔼o[�VD�RC�PD�LA�JA�G@�E@�E@�E@�E>�D=�C<�B<�C?�E@�EA�C=�=9�;5�;5�<6�<5�<6�<5�=4<3=1=1=1~:/~:/~:/}9.|90|90{80{80{;2{;2y:3x92w81v70v70t80n70k90j8/j8/j8/h8.h8.h8.g7-f7-f7-f7-d8-d8-d8-f7-g6/h70i81i81h70i81j;3l=5g80l=5c7.a5,oC:xLCtI@nMDD:167/45/891:;556.14+25,58/58/57,46+46+46+46)48*08).9)08+08)08+08)08)08)19,08+08+08+08+2:-3;.4<-9B1:C0;B2:A1:<.68*35'/3$29'IU?eu[o�gh�bYyTInE?d8Hg;Li;Ol>Nk=Mj<Li;Mj<Ol>UrDYvH[xJ]zL^{M\yKQn@G_;6B4+4/#)%gdSgdSgdSgdSgdSgdSgdSgdSgdSgdSgdSgdSgdSgdSgdSicSjcSjcSkcVlbVlbVmcWmdUmdUmdUleUmfVngWogZoi]oh^mjekormtz����������������������������������������������������������������η������|ubb_NXZL^dXmwn|�}�������������������������������������������������������̻�p�RE�SF�TI�C:�IA�H@�F@�F>�F>�E=�C;�C;�G>�G>�G>�C;�>5�;3�;4�>6�=5�=6�=5�=4�<3�<1�;1�;1~:/~:/~:1}90|90|90{80{80z:1z:1x92w81v70v70u6/q6.m80k90k90j8/i9/i9/i9/i9/g7-f7-g7-f7-f7-f7-f7-f7-f5.j81m;4k:3j92j:0m>4oC8mA6oD;e=3d>3zVJ�dZyWMbLA>:13814927<569214-25,9<336-25,24)03(13(25*46+47,/7*-8*/7*/7*/7*/7*/7*/7*19.08-08-/7,/7,/7,08-08+7?09B1<E4=D4;A38<.26'-4$2;*JVBcr[i{a^uXRmLGeAAa:Hd;Kh<Nk?Nk?Kh<Jg9Li=Nk=TqEXuIZwK[xL]zNZvMNjAC[;2>4*00!''heVheVheVheVheVheVheVheVheVheVheVheVheVheVheVheVjdVjdVkeYldYlcZmeZmeXmfVg`NkfSnkXol]he\feasqr�������������������������������������������������������������������������Զ�����|qtY_dMdkYr}l������������������������������������������������������������������ا��`X�E>�NG�MC�F>�D9�F=�I@�KA�H@�G<�G8�H8�J8�H8�E5�B4�B5�C5�B7�B6�A5�>3�<2�:1�91�91�:2~:1|91|91{80z7/w7.w7.w7.w7.w8/w8/v7.u6-q5+o4,l7/i81i81h70h70g6/g6/g6/f5.g6/i70i81i81g6/f5.e3,h3-j5/m80k90j:0i;.j>1kA3gB2jI:dH:v_O~k\�xj�oRJ=79.4:04:039/39/39/28.28.17-17-36-06,25,06,14+/5+/4-.5-/4-/4-/4-/4-/4-/4-05.05./4-.3,.3,/4-05./6.1;23=26@59C89D67B45@03>-4?.DQ=XfO[kQRbHEX<BU9BW6Jd?Ke>Ke>Ke>Je<Je:Mh?Oj?UpGYtK\vO]wP]wRWqNHaA;N8&1+&+.$),heVheVheVheVheVheVheVheVheVheVheVheVheVheVheVheVheVheVkdZkdZlc\md[meZmfVidQjhSmjWjk[gg_lll~��������������������������������������������������������������������������ϰ�����vkqUZbJbkVu�o�����������������������������������������������������������������������~u�KA�MB�J?�L@�K>�E9�=4�?6�E9�F7�J7�L:�I9�F6�C4�C6�E7�C7�B8�A7�>5�<4�:3�91�93:3}:2{;2z:1y90x8/v7.v7.v7.v7.u9/u9/t8.r6,p6+m4+l7/i81j81h70i70h70g6/g6/e3,f4-g5.h6/j81j81k92k92k60l71k90k;1l<0j>1j@0iD2gH6lQ>gRAvgT�ue��s��rKL<69.39/39/39/28.28.28.28.17-17-17-06,06,06,/5+/5+/4./4./4./4./4./4./4./4.05//4./4..3-.3-/4./4./6/.80/:22>44@66B66B66B45B16C1CP>P]IR`IIW@AO6BP7FV;Jb@Ke@LfAKe@Ic<Hc:Id;Je<SnEXrK\vQ]wT\uUTmOC\?6I5&1-',0%*.heVheVheVheVheVheVheVheVheVheVheVheVheVheVheVheVheVheVkdZkdZlc\md[meZmfVmhUljUmjWjk[kkcwww�������������������������������������������������������������������������ۿ�ʫ�����yuy`kpZt{i������������������������������������������������������������������������������؞��M?�RD�L=�@1�G;�YM�UJ�@4�D7�H:�K@�I=�C8�?5�@7�D=�@9�B:�@:>8~>5}=4<4}=4z;4x<4x<4w;3u:2t91t91t91r90r90r90r90o9/n8.l6,k5+m80j81l71j81k60i70i70h6/g5.g5.f5.g6/h70i81k:3l;4l;4j;3i:0h<1k?2jC4iD2fE2gJ8lVAjYGujV�m��{�mDG658-39/28.28.17-17-17-17-17-17-17-06,06,06,/5+/5+/4./4./4./4./4./4./4./4./4./4..3--2,-2,.3-/4..5.+5-+6.-9//;12>25A56B47D38E3?L:ER>CQ:;I28F->L3DT9J_@Jb@LdBKc?Ia=G`9F_8G`9RkDXpL]uS^vVZqTPgK=T8.A.&1-',0%*.heVheVheVheVheVheVheVheVheVheVheVheVheVheVheVheVheVheVkdZkdZlc\md[meZmfVniVljUlkWlm]pqi����������������������������������������������������������������������������ؼ�ǫ��������}�������������ſ�������������������������������������������������������������������������²��p�P@�O?�XJ�M?�E9�G<�A6�E;�IA�F>�@9�;6�=8�B?�?;�@<�@<}@;z?9y@9y@9y@9v=4v=4v=4u<3s=3r<2r<2r<2o;0o;0o;0n:/k9.k9.j8-i7.m82n72n72l71l71k60i70i70l:3j92h70f7/f7/g80h91g;2j?6f>4e=1f>2hC3iE5fG3cG2cJ6hV@i\IskV��o��zor_9=,28,28.28.17-17-06,06,06,17-17-17-06,06,06,/5+/5+.3-.3-.3-.3-.3-.3-.3-.3-.3-.3--2,-2,-2,-2,.3--4-*4,)4,*6,+7-.:01=14@46B46C2:G5<I78E12?+2@)8F/>N4DX<E]=K`AJb@K`?G_;H^:F^:ShGXpN`uV^uX[oTLcI9M4):(%.+%*.$)-heVheVheVheVheVheVheVheVheVheVheVheVheVheVheVheVheVheVkdZkdZlc\md[meZmfVlgTljUnmYop`tum����������������������������������������������������������������������������ؿ�ʱ½����������������������������������������������������������������������������������������������������Ŝ��bP�J:�L<�QA�L>�@7�C;�F@�D?�>;�:8�::�>=�=;�?<�@=}@=xA<tB;rC;rC;q?6s>6s>6r=5r=5r=5p>5p>5n>4m=3l<2k;1j;1i:0i:0j:0n72p62p62n72m61l71i70i70l;4k:3h91e90e90e90f;2d<2fB6dB6cC4dD5dG5dI6bI3_I2^L6eV?jbMrmW��o��r\aM3:(28,28.28.17-17-06,06,06,17-17-17-06,06,06,/5+/5+.3-.3-.3-.3-.3-.3-.3-.3-.3--2,,1+,1+,1+,1+-2,-4-,6.+5-*4,*4+,6-.8-0:/2=/2=-5@/7B15A-2>*1=)5A-8F/=O7@T9FX>H\@J]?I^=K^>K`?TgI[oScvZauZZlTJ]G6G4'5&$-*$),"'*heVheVheVheVheVheVheVheVheVheVheVheVheVheVheVheVheVheVkdZkdZlc\md[meZlfVjgTkjUlnYorasvm�������������������������������������������������������������������������������θ�κ�ƶ�ø������������������������������������������������������������������������������������������������ͧ��kX�[G�WE�L;�D:�D<�E>�E?�A>�=:�:9�:;�=<�?=�?=~A<wB<sD<oD;oD;p?8q?6q?8q?6q?8q?6p?8o?5o@8n?5m>6k<2i=4h<1h<3l;4o83r73p62p62n72l71j81i81h70g80e90e:1d<2e?4f@5dB6_C5aG8cL:dM;cM8`K6^L4]M4^R:bX?mhRss[��nv{eFO:4=*39-39/28.28.17-17-17-17-17-17-17-06,06,06,/5+/5+.3-.3-.3-.3-.3-.3-.3-.3--2,,1+,1++0*+0*,1+,1+,3,/6/,6.+5-*4,*4++5,-7,.8--8*0;+4?/5@/4?.3?+4?.3@,7F19K3@O8CU;GW<H[?M]BM`DUeJ\nTdtZ`rZXgRGXE4B1$2%$-*$),"'*heVheVheVheVheVheVheVheVheVheVheVheVheVheVheVheVjdVjdVkdZkdZlc\md[lfZlfVliVlkVkmXlo^lrhz�~����������������������������������������������������������������������������о�������������������������������������������������������������������������������������������������������������λ�wb�Q:�\H�N>�J=�I>�I@�G@�D>�=:�:7�=9�>:�?9�A:yB;tD:pF:pE<p?8q?8q>:q?8q>:q?8p?:p?8qB<pA9n?9l=5j=7j>5j=7n=6o83r73q73p62n72l71j81i81d8/d90d<2d>3d@4cA5cA5_C5ZE4_N<gVBhWCcS<^O8[O5\R7]V<]Y>nlUtv^|�kcmU2>(6B.3;.39/39/39/28.28.28.28.17-17-17-06,06,06,/5+/5+-2,-2,-2,-2,-2,-2,-2,-2,,1+,1++0*+0*+0*+0*,1++2+-4-+5-*4,*4,+5,+5,,6--7,,6+/:,2=/6A17B27B15@04?.2?-4C.:G3=L5AO8DT:JX?L\BTbI\kTcp\^mZUbQDRC2>0#/%'0-&,,$**heVheVheVheVheVheVheVheVheVheVheVheVheVheVheVheVjdVjdVkdZkdZlc\md[lfZlfVolYmlWjlWgkZgmcr{x������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������׭��oY�WD�Q@�O>�OA�OB�K@�C<�<5�>7�?6�@9�A7{B7uD6qE8qE:p?8q>:s>:q>:q>:q>:r?;q@;sB=qB<p?:m>8l=7k>8m>8o>9o83q73o83m82m82j92h91f:1f;2d>3d@4bB5`C5]A3\@2WB1TG4\T?f^Gj_IbX?ZS9ZS7\W:[W<XW;kmUsw^u}fUaI&28D03;.4:04:039/39/39/28.28.17-17-17-06,06,06,/5+/5+-2,-2,-2,-2,-2,-2,-2,-2,,1++0*+0**/)*/)+0*+0*,1++2+)3+*4,+5-,6-,6--7.-7.-7./9.2<16A39D69D47B46A10;+2?-6C19F2<I5AO8FT=JX?R`I[hTan\]jYQ]OBN@0<0",#+1/(..&,,ifWheVheVheVheVheVheVheVifWifWifWifWifWifWifWifWkeWkeWle[le[md]ne\mg[mgWqn[kmWknYkr`kshpyv�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������Ѻ�i�bK�O9�T?�ZF�RA�K;�M?�<0�=0�>2=/x=/t?/sB3uE7r=7s>:t=:t?;u@<u@<t?;q>:s@<rA<r?;q@;p?:o@:o>9o>9k92m82l:3l;4l;4h<3g<3d>3c?3^>1dG9cG9T=-N9(M8'@1XR<PN7KI0OK2]Y>ieJeaDVU7XX<^aDpt[z�fdlU>J2-9#2>*4</5;15;14:04:039/39/39/39/39/39/28.28.17-17-06,16016005/05/05//4./4./4.,1+,1+,1+,1+,1+,1+,1++0*.5..5.-4--4--4--4-.5./6.+2*-4,1805=29A6=E8@H=?J<7B26A03>-1=)3?+9E/BN8IU?O[GWcO]hWZeULWI<F;/90)3+)/+(.,'-+heVheVheVheVheVheVheVheVifWifWifWifWifWifWifWifWkeWkeWle[le[md]ne\mg[khWonZjlVknYlsajtiq|x���������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������౗�u\�\D�ZB�YC�VC�SA�G5�F6�E4�D3|C2wB0s@/o>/u@8t?9u>;u@:t?;p>7p=9tB;q>:p?8p?:o>7o>9m>6n=8m>6k<4l=5m>6k?6j?6gA6eA5bB5dG9[A2^G7_J9O>,F7$G8%?7"LL4HL3DG,CF+MM1[[?baC`aBZZ>dgJsw^sy_X`I:D,/;%7C/6>17=36<26<26<25;15;15;15;15;15;14:04:04:039/39/27127127116016016005/05/.3-.3--2,-2,,1+,1++0*+0**1**1*)0))0)*1**1*+2+,3,.5..5-.5-07/4;3:B7?F>BJ?;F8:E57B14?.3?+6B.<H2@L6LXDS_KYdTWbRLVK=G<1;2+5-+1-*0,)/-heVheVheVheVheVheVheVheVifWifWifWifWifWifWifWifWkeWkeWmd[md[md]ne\mg[khWnmYimVjoYktaiuiq}y���������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������㿧��j�YB�R<�[F�]I�S?F2u>)r>)tA,tD0vE6q?4n<3q<6tB9tB;o?5q@9xH>n=6m>4m>6m>4l=5j>3l=5j>5g?5gA6hB7gC7eC7cC6aD6^D5bK;UB1ZI7`S@RG3D<'E=(FA+BF-BH.AE*<@%?B%LO2_`AijKaaEnqTvzagmSJO95=&5=(=F39?38>48>48>47=37=37=37=38>48>48>47=37=37=36<26<25:45:449349338238238238205/05//4..3--2,,1++0*+0*).*).*).*).*).**/++0,,1-162/4.,1+,1+05/6;4=B<AH@@K=>K:<I78E34A-2?+3A*5C,DQ=KXDQ^MQ^MHTH<H<2>4.8/-4--4-,2.gdUgdUheVheVheVifWifWifWifWifWifWifWifWifWifWifWkeWkeWmd[md[md]mf\mg[jiWkmXimVjoYjs`hthn}x����������������������������������������������������������ڻ�ּ�������������������������������������������������������������������������������������������������������������������������������������������������������ҽ��zyS>tJ4uH3vI4zM8~O;yL7nA.e7'{M@tE;qB8sD:oC8g;0d8-g=1i?3i?3i?3g?3g?3f>2f>2e?2cA5bB5`C5`D6_C5[D4ZE4WD3XI6OB/\T?oiSc^HMK4IG0IK3>D*?H-@F*<B&<A#EJ,XY:deFmmQxx\tv^[_FAD/6;%:?+>B19?39?59?58>48>48>47=37=39?59?58>48>48>48>48>48>47<67<67<66;56;56;55:45:438238227105//4.-2,,1+,1++0,+0,+0,+0,+0,,1--2.-2.051.3/+0,+0*-2.3828=9;B:AL>@M;@M;=J68E14A-1?(1?(=J6BO;IVDJWFDPB;G;2>4.:0,6..5.-4-gdUgdUgdUheVheVifWifWifWifWifWifWifWifWifWifWifWkeWldWmd[md[md]mf\mg[jiWlnYinWiqZgs_drejyt�������������������������������������������������������ܿ�չ�й�Ѿ������������������������������������������������������������������������������������������������������������������������������������������������������������ϴ�����uawVClI6mH6rM=uP@mF7jC4gB2kF6nI9nJ:oK;pL<eA1cB1cB1cB1cB1cB1bC1`C3]F6\G6]H7ZG6ZG6WH5TG4RG3PH3OI3fdM~~frrZVX@JL4GM3<E*<F+?H+AG+AF(CH*MN/TU6xw[{z^nnVUU=CB.?A,?@.;>-;>39?59?58>48>47=37=37=38>48>48>48>48>48>48>48>49>89>89>89>88=78=77<67<66;56;55:438227105//4./4.-2.-2.,1-,1-,1-,1--2.-2.-10,0/,0/-2..211623764;4;G9=L9@O<@O:<K67F/4C,2A*6E.:I4@O<BP??M>8F71?2-9-,6--4,,3+fcTgdUgdUheVheVifWjgXjgXifWifWifWifWifWifWifWifWldWldWmd[md[md]mf\mg[jiWkmXinWiqZgs_bpcgxr�������������������������������������������������������ڽ�ѵ�˴�˺����������������������������������������������������������������������������������������������������������������������������������������������������������������������ҿԺ������u�rd|]K}^LtUCbE3X;)Y<*[>,X=*`E2`E2`E2`G3`G3`G3`G3^I4\K7\M:\M:ZM:XM9UM8SM7QL6NL5QQ9jlT|�gmqXSY?FL2>G,<F+<F+?H+DJ.EJ,DG*HI*LM.yx\tsWfdMTR;LI6KJ6FE3<=-<?4:@69?59?58>48>48>48>47=37=38>48>48>49?59?59?5;@::?9:?9:?99>89>89>89>89>88=77<66;55:4493382382/40.3/-2.,1-+0,+0,+0,+0,+/.,0/-10.21/32/32/32.5.4@27F3=L7@O:?N7<K49H18G05D-8G0<K6>M:<J97E61?2-9-+5,-4,,3+fcTfcTgdUheVifWifWjgXjgXifWifWifWifWifWifWifWifWldWldWmd[md[md]mf\mg[jiWjlWhmVhrZfs_cqdhys�������������������������������������������������������չ�̳�İ�Ĵ�ɿ����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������ʴ��xt^GeO8cM6\H0^J2\J2\J2]K3]K3^L4^L4\M6YN8XP;XP;VP:UO9SN8PN7NN6MO7PT;`fLfoTU^CEO4AK0<F+?I.?I.CL/HN2HM/GJ-OP1YX:qmRkgLa\F[V@YTATQ>MJ9BC3>A6;A7;A7;A7:@6:@6:@69?58>48>48>49?59?5:@6:@6:@6;@:;@:;@::?9:?99>89>89>8:?9:?9:?99>88=78=78=77<6495384162/40-2.,1-,0/+/.,0/-10-10.21.23.23-12,2.+9*/@-6H2<N8=O7<N6:L2:L25G/7I1:L6<M:;L:6G70@3-;.,6--4,,3+cdTcdRdeUgfThfWigXigXjhYhfWifWifWifWifWifWifWkeWkeWkeWmeZle[md]mf\kg[jiWikVhmWis[gt`dqgk|v�������������������������������������������������������Ѹ�DZž�ƾ��ü�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������Þ�u`P7RB)XH/XH.[M3[M3ZN4ZN4[O5[O5\P6[Q8UO7TO9TO9QO8PN7NN6KM5IM4JN5LR8S\APY>@I,<E(AL.?J,DM0EN1JP4MR4KN1LL0YY=kjNhdIb^E^ZA_ZD`[GZUAQO:KJ8AB4@B5@B5>A6>A6>A6=@7=@79?59?59?5:@6:@6:B7:B7;C8;@9;@9;@::?8:?9:?89>89>7;@:;@9;@:;@9:?9:?8:?9:?98?87=94;4382160/4..3/.3/.21.21-2.,2.,3,,3+,3+)6%$6*>"2F+8L3;O6<N6;M5;M58J29K3;M5=O7<N87H51B0.<--7..5--4,]eP^fO_gRbgQdiUfiVgjWijXfgUhgUheVheVjdVkeWlfZlfXlfXkhYmg[kg\mf^jf]ieZgeVghVfkUenYbo]dqht������������������������������������������������������Ҿ�ϼ���������·������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������Ə�nUN2WM2TK.SJ+WN1WN1UN1UN1TO2TO2TN4SO4QM4RN5QO6PP6MO7KO6HM6GL5JP6FO4AJ-=F)@G(DK*FM+EL*PV4PS4KN/IL/TT8bbFccIZZ@[Y@\ZA][B][B[Y@XV=US:SQ8HF1GD1EB1B@1A?2>>2??5>@5;>59?59?59A69A48C58C59C8:B79A69@88@58?79A69@8:B7:A9:B7:A9:B7;B:<D9=D<>E=8B:8B:8B98@56>14</39/271.40/51070.8-.;)0@&6F)7M';V+:W+;U0;T4;R8=P<>O<>O<:L6@R8EW=FY=DX=@T;5H2+<*,6+-4,+2*ZfN[gO^hP_iQbjSckTglXhkXhiWghVifWifWkeWlfXmeZmgYmgYkhYkg[kg\je_jf]hfZfgWhiWglVfo\erajwnz������������������������������������������������������˹ʿ������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������Nj�lRM0SN1RK.QK+UO/UO/TO1TO1SO2SO2QP4QO6QM2PO3PN5NQ6MO7JP6HM6EM5HQ6FO4BK.?H)CH(GM+JP,KQ-OS0PT1VZ9^aB_bCZ]@VV<UU=VV>WU>XV=YW>YW>XW;WV:XT9QK3PJ4LG4ID1DA2B@3A?3>@5<=59?59?59A67B48C57C57C5:B7:B79A68@58@59A6:B7:B7:B7:B7:B7:B7;C8<D9=E:<F;=G?<H><F;;F6<D5:B39?38=67>76=63=52>04C,9L,BY/Ga1Qo;Mm;Li=Fa>BY?<R=<M=:K9=O9DV<K^BNaCL`DH\A:Q71D0+5*+2*)0(ZfN[gO\hP`jRbjSdlUglXilYijXijXkhYkhYmgYmgYog\nhZmgYkhYkg[jf[je_jf]hfZfgWhiWejTdmZgtco|s���������������������������������������������������˸������������ö���������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������Ɖ�jPK.RM0QJ-QJ-UO/UO/UP2UP2TP3SO2QP4PO3QM2ON2PN5MP5MO7JP6IN7GO7HQ6FO4CL/CL-GL,KQ/OU1SY5QY2X`9jpLy]qvVY^@LO4MP5QQ9QQ9RP9SQ8TR9VT;YU<ZV=XR<VP:RM:NI6HE6DB5CA5?A6<=59?5:@69A67B48C57C57C5:B7:B79A69A69A69A6:B7:B7:B7:B7:B7:B7;C8<D9>F;<F;?IA>J@?I>?J:@H9>F7>D8=B;>E><C<7A95A39H1BU5Pg=XrB`~J\|JXuINiFD[A9O:6G74E3<N8EW=NaESfHSgKNbG@W=6I5/9./6.-4,ZfN[gO\hP^jRblTemVhmYinZklZklZlj[liZnhZnhZph]oi[liZkhYkg[jf[id^ie\hfZghXfgUbgQajWerao|s~���������������������������������������������˸�Ƴþ����÷�ǹ���������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������Ɋ�mPJ0RM0SL/SL/UO/UO/UP2VQ3TP3SO2PO3ON2PL1ON2OM4LO4MO7KQ7JO8HP8JS8GP5GP3IR3NS3PV4W]9\d=grHt�U��j��u��lnuTZaBSW<MO7NN6MM5NL5OM6RP9WR<YT>ZT>XR<TO<QL9KH9GE8EC7AC8=>6:@6:@69A67B47B46B46B4;C8:B7:B79A69A6:B7:B7;C8;C8:B7:B7;C8<D9=E:>F;=G<=G?=I?>H=>I9?G8>F7>D8=B;=D=;B;6@85A3:I2DW7Ri?[uE\zFXxFTqEIdA>U;2H3/@0.?-6H2@R8L_CReGSgKOcH@W=6I51;007/-4,YgNZhO\hP^jRblTemVinZjo[mn\lm[mk\mj[oi[oi[oi]oi[liZkhYjfZieZid^ie\ig[ghXghVchRajWerao|s{���������������������������������������ѿ�ɸ�ıþ�������ʾ��Ÿ��������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������̌�oRL2TO2TM0UN1UO/UO/VQ3VQ3UQ4SO2ON2NM1PL1NM1NL3KN3LN6KQ7LQ:JR:LU:IR7JS6OX9TY9U[9]c?fnG��c��s�������z��pr{\\bFLP7LN6LK6LJ5LJ5QL8TM:VP:WQ;VP:SN;QL9MJ;IG:GE9CE:=>6:@6:@69A67B47B46B46B4;C8;C8:B7:B7:B7:B7;C8;C8;C8;C8;C8;C8<D9=E:>F;=G<=G?<H>=G<=H8?G8=E6=C7=B;:A:9@96@85A39H1BU5Ne;Vp@Vt@SsAPmAE`=9P6-C.+<,+<*1C-<N4H[?PcERfJNbG@W=5H4,6++2*'.&
\ No newline at end of file
diff --git a/3rdparty/libjpeg-turbo_2_1_0/testimages/testorig12.jpg b/3rdparty/libjpeg-turbo_2_1_0/testimages/testorig12.jpg
deleted file mode 100644
index 861aff9..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/testimages/testorig12.jpg and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/testimages/vgl_5674_0098.bmp b/3rdparty/libjpeg-turbo_2_1_0/testimages/vgl_5674_0098.bmp
deleted file mode 100644
index d74ea64..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/testimages/vgl_5674_0098.bmp and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/testimages/vgl_6434_0018a.bmp b/3rdparty/libjpeg-turbo_2_1_0/testimages/vgl_6434_0018a.bmp
deleted file mode 100644
index 25e77b7..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/testimages/vgl_6434_0018a.bmp and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/testimages/vgl_6548_0026a.bmp b/3rdparty/libjpeg-turbo_2_1_0/testimages/vgl_6548_0026a.bmp
deleted file mode 100644
index 41e35b5..0000000
Binary files a/3rdparty/libjpeg-turbo_2_1_0/testimages/vgl_6548_0026a.bmp and /dev/null differ
diff --git a/3rdparty/libjpeg-turbo_2_1_0/tjbench.c b/3rdparty/libjpeg-turbo_2_1_0/tjbench.c
deleted file mode 100644
index 156c906..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/tjbench.c
+++ /dev/null
@@ -1,1031 +0,0 @@
-/*
- * Copyright (C)2009-2019, 2021 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <math.h>
-#include <errno.h>
-#include <limits.h>
-#include <cdjpeg.h>
-#include "./tjutil.h"
-#include "./turbojpeg.h"
-
-
-#define THROW(op, err) { \
-  printf("ERROR in line %d while %s:\n%s\n", __LINE__, op, err); \
-  retval = -1;  goto bailout; \
-}
-#define THROW_UNIX(m)  THROW(m, strerror(errno))
-
-char tjErrorStr[JMSG_LENGTH_MAX] = "\0", tjErrorMsg[JMSG_LENGTH_MAX] = "\0";
-int tjErrorLine = -1, tjErrorCode = -1;
-
-#define THROW_TJG(m) { \
-  printf("ERROR in line %d while %s:\n%s\n", __LINE__, m, \
-         tjGetErrorStr2(NULL)); \
-  retval = -1;  goto bailout; \
-}
-
-#define THROW_TJ(m) { \
-  int _tjErrorCode = tjGetErrorCode(handle); \
-  char *_tjErrorStr = tjGetErrorStr2(handle); \
-  \
-  if (!(flags & TJFLAG_STOPONWARNING) && _tjErrorCode == TJERR_WARNING) { \
-    if (strncmp(tjErrorStr, _tjErrorStr, JMSG_LENGTH_MAX) || \
-        strncmp(tjErrorMsg, m, JMSG_LENGTH_MAX) || \
-        tjErrorCode != _tjErrorCode || tjErrorLine != __LINE__) { \
-      strncpy(tjErrorStr, _tjErrorStr, JMSG_LENGTH_MAX - 1); \
-      strncpy(tjErrorMsg, m, JMSG_LENGTH_MAX - 1); \
-      tjErrorCode = _tjErrorCode; \
-      tjErrorLine = __LINE__; \
-      printf("WARNING in line %d while %s:\n%s\n", __LINE__, m, _tjErrorStr); \
-    } \
-  } else { \
-    printf("%s in line %d while %s:\n%s\n", \
-           _tjErrorCode == TJERR_WARNING ? "WARNING" : "ERROR", __LINE__, m, \
-           _tjErrorStr); \
-    retval = -1;  goto bailout; \
-  } \
-}
-
-int flags = TJFLAG_NOREALLOC, compOnly = 0, decompOnly = 0, doYUV = 0,
-  quiet = 0, doTile = 0, pf = TJPF_BGR, yuvPad = 1, doWrite = 1;
-char *ext = "ppm";
-const char *pixFormatStr[TJ_NUMPF] = {
-  "RGB", "BGR", "RGBX", "BGRX", "XBGR", "XRGB", "GRAY", "", "", "", "", "CMYK"
-};
-const char *subNameLong[TJ_NUMSAMP] = {
-  "4:4:4", "4:2:2", "4:2:0", "GRAY", "4:4:0", "4:1:1"
-};
-const char *csName[TJ_NUMCS] = {
-  "RGB", "YCbCr", "GRAY", "CMYK", "YCCK"
-};
-const char *subName[TJ_NUMSAMP] = {
-  "444", "422", "420", "GRAY", "440", "411"
-};
-tjscalingfactor *scalingFactors = NULL, sf = { 1, 1 };
-int nsf = 0, xformOp = TJXOP_NONE, xformOpt = 0;
-int (*customFilter) (short *, tjregion, tjregion, int, int, tjtransform *);
-double benchTime = 5.0, warmup = 1.0;
-
-
-static char *formatName(int subsamp, int cs, char *buf)
-{
-  if (cs == TJCS_YCbCr)
-    return (char *)subNameLong[subsamp];
-  else if (cs == TJCS_YCCK || cs == TJCS_CMYK) {
-    snprintf(buf, 80, "%s %s", csName[cs], subNameLong[subsamp]);
-    return buf;
-  } else
-    return (char *)csName[cs];
-}
-
-
-static char *sigfig(double val, int figs, char *buf, int len)
-{
-  char format[80];
-  int digitsAfterDecimal = figs - (int)ceil(log10(fabs(val)));
-
-  if (digitsAfterDecimal < 1)
-    snprintf(format, 80, "%%.0f");
-  else
-    snprintf(format, 80, "%%.%df", digitsAfterDecimal);
-  snprintf(buf, len, format, val);
-  return buf;
-}
-
-
-/* Custom DCT filter which produces a negative of the image */
-static int dummyDCTFilter(short *coeffs, tjregion arrayRegion,
-                          tjregion planeRegion, int componentIndex,
-                          int transformIndex, tjtransform *transform)
-{
-  int i;
-
-  for (i = 0; i < arrayRegion.w * arrayRegion.h; i++)
-    coeffs[i] = -coeffs[i];
-  return 0;
-}
-
-
-/* Decompression test */
-static int decomp(unsigned char *srcBuf, unsigned char **jpegBuf,
-                  unsigned long *jpegSize, unsigned char *dstBuf, int w, int h,
-                  int subsamp, int jpegQual, char *fileName, int tilew,
-                  int tileh)
-{
-  char tempStr[1024], sizeStr[24] = "\0", qualStr[13] = "\0", *ptr;
-  FILE *file = NULL;
-  tjhandle handle = NULL;
-  int row, col, iter = 0, dstBufAlloc = 0, retval = 0;
-  double elapsed, elapsedDecode;
-  int ps = tjPixelSize[pf];
-  int scaledw = TJSCALED(w, sf);
-  int scaledh = TJSCALED(h, sf);
-  int pitch = scaledw * ps;
-  int ntilesw = (w + tilew - 1) / tilew, ntilesh = (h + tileh - 1) / tileh;
-  unsigned char *dstPtr, *dstPtr2, *yuvBuf = NULL;
-
-  if (jpegQual > 0) {
-    snprintf(qualStr, 13, "_Q%d", jpegQual);
-    qualStr[12] = 0;
-  }
-
-  if ((handle = tjInitDecompress()) == NULL)
-    THROW_TJ("executing tjInitDecompress()");
-
-  if (dstBuf == NULL) {
-    if ((unsigned long long)pitch * (unsigned long long)scaledh >
-        (unsigned long long)((size_t)-1))
-      THROW("allocating destination buffer", "Image is too large");
-    if ((dstBuf = (unsigned char *)malloc((size_t)pitch * scaledh)) == NULL)
-      THROW_UNIX("allocating destination buffer");
-    dstBufAlloc = 1;
-  }
-  /* Set the destination buffer to gray so we know whether the decompressor
-     attempted to write to it */
-  memset(dstBuf, 127, (size_t)pitch * scaledh);
-
-  if (doYUV) {
-    int width = doTile ? tilew : scaledw;
-    int height = doTile ? tileh : scaledh;
-    unsigned long yuvSize = tjBufSizeYUV2(width, yuvPad, height, subsamp);
-
-    if (yuvSize == (unsigned long)-1)
-      THROW_TJ("allocating YUV buffer");
-    if ((yuvBuf = (unsigned char *)malloc(yuvSize)) == NULL)
-      THROW_UNIX("allocating YUV buffer");
-    memset(yuvBuf, 127, yuvSize);
-  }
-
-  /* Benchmark */
-  iter = -1;
-  elapsed = elapsedDecode = 0.;
-  while (1) {
-    int tile = 0;
-    double start = getTime();
-
-    for (row = 0, dstPtr = dstBuf; row < ntilesh;
-         row++, dstPtr += (size_t)pitch * tileh) {
-      for (col = 0, dstPtr2 = dstPtr; col < ntilesw;
-           col++, tile++, dstPtr2 += ps * tilew) {
-        int width = doTile ? min(tilew, w - col * tilew) : scaledw;
-        int height = doTile ? min(tileh, h - row * tileh) : scaledh;
-
-        if (doYUV) {
-          double startDecode;
-
-          if (tjDecompressToYUV2(handle, jpegBuf[tile], jpegSize[tile], yuvBuf,
-                                 width, yuvPad, height, flags) == -1)
-            THROW_TJ("executing tjDecompressToYUV2()");
-          startDecode = getTime();
-          if (tjDecodeYUV(handle, yuvBuf, yuvPad, subsamp, dstPtr2, width,
-                          pitch, height, pf, flags) == -1)
-            THROW_TJ("executing tjDecodeYUV()");
-          if (iter >= 0) elapsedDecode += getTime() - startDecode;
-        } else if (tjDecompress2(handle, jpegBuf[tile], jpegSize[tile],
-                                 dstPtr2, width, pitch, height, pf,
-                                 flags) == -1)
-          THROW_TJ("executing tjDecompress2()");
-      }
-    }
-    elapsed += getTime() - start;
-    if (iter >= 0) {
-      iter++;
-      if (elapsed >= benchTime) break;
-    } else if (elapsed >= warmup) {
-      iter = 0;
-      elapsed = elapsedDecode = 0.;
-    }
-  }
-  if (doYUV) elapsed -= elapsedDecode;
-
-  if (tjDestroy(handle) == -1) THROW_TJ("executing tjDestroy()");
-  handle = NULL;
-
-  if (quiet) {
-    printf("%-6s%s",
-           sigfig((double)(w * h) / 1000000. * (double)iter / elapsed, 4,
-                  tempStr, 1024),
-           quiet == 2 ? "\n" : "  ");
-    if (doYUV)
-      printf("%s\n",
-             sigfig((double)(w * h) / 1000000. * (double)iter / elapsedDecode,
-                    4, tempStr, 1024));
-    else if (quiet != 2) printf("\n");
-  } else {
-    printf("%s --> Frame rate:         %f fps\n",
-           doYUV ? "Decomp to YUV" : "Decompress   ", (double)iter / elapsed);
-    printf("                  Throughput:         %f Megapixels/sec\n",
-           (double)(w * h) / 1000000. * (double)iter / elapsed);
-    if (doYUV) {
-      printf("YUV Decode    --> Frame rate:         %f fps\n",
-             (double)iter / elapsedDecode);
-      printf("                  Throughput:         %f Megapixels/sec\n",
-             (double)(w * h) / 1000000. * (double)iter / elapsedDecode);
-    }
-  }
-
-  if (!doWrite) goto bailout;
-
-  if (sf.num != 1 || sf.denom != 1)
-    snprintf(sizeStr, 24, "%d_%d", sf.num, sf.denom);
-  else if (tilew != w || tileh != h)
-    snprintf(sizeStr, 24, "%dx%d", tilew, tileh);
-  else snprintf(sizeStr, 24, "full");
-  if (decompOnly)
-    snprintf(tempStr, 1024, "%s_%s.%s", fileName, sizeStr, ext);
-  else
-    snprintf(tempStr, 1024, "%s_%s%s_%s.%s", fileName, subName[subsamp],
-             qualStr, sizeStr, ext);
-
-  if (tjSaveImage(tempStr, dstBuf, scaledw, 0, scaledh, pf, flags) == -1)
-    THROW_TJG("saving bitmap");
-  ptr = strrchr(tempStr, '.');
-  snprintf(ptr, 1024 - (ptr - tempStr), "-err.%s", ext);
-  if (srcBuf && sf.num == 1 && sf.denom == 1) {
-    if (!quiet) printf("Compression error written to %s.\n", tempStr);
-    if (subsamp == TJ_GRAYSCALE) {
-      unsigned long index, index2;
-
-      for (row = 0, index = 0; row < h; row++, index += pitch) {
-        for (col = 0, index2 = index; col < w; col++, index2 += ps) {
-          unsigned long rindex = index2 + tjRedOffset[pf];
-          unsigned long gindex = index2 + tjGreenOffset[pf];
-          unsigned long bindex = index2 + tjBlueOffset[pf];
-          int y = (int)((double)srcBuf[rindex] * 0.299 +
-                        (double)srcBuf[gindex] * 0.587 +
-                        (double)srcBuf[bindex] * 0.114 + 0.5);
-
-          if (y > 255) y = 255;
-          if (y < 0) y = 0;
-          dstBuf[rindex] = abs(dstBuf[rindex] - y);
-          dstBuf[gindex] = abs(dstBuf[gindex] - y);
-          dstBuf[bindex] = abs(dstBuf[bindex] - y);
-        }
-      }
-    } else {
-      for (row = 0; row < h; row++)
-        for (col = 0; col < w * ps; col++)
-          dstBuf[pitch * row + col] =
-            abs(dstBuf[pitch * row + col] - srcBuf[pitch * row + col]);
-    }
-    if (tjSaveImage(tempStr, dstBuf, w, 0, h, pf, flags) == -1)
-      THROW_TJG("saving bitmap");
-  }
-
-bailout:
-  if (file) fclose(file);
-  if (handle) tjDestroy(handle);
-  if (dstBufAlloc) free(dstBuf);
-  free(yuvBuf);
-  return retval;
-}
-
-
-static int fullTest(unsigned char *srcBuf, int w, int h, int subsamp,
-                    int jpegQual, char *fileName)
-{
-  char tempStr[1024], tempStr2[80];
-  FILE *file = NULL;
-  tjhandle handle = NULL;
-  unsigned char **jpegBuf = NULL, *yuvBuf = NULL, *tmpBuf = NULL, *srcPtr,
-    *srcPtr2;
-  double start, elapsed, elapsedEncode;
-  int totalJpegSize = 0, row, col, i, tilew = w, tileh = h, retval = 0;
-  int iter;
-  unsigned long *jpegSize = NULL, yuvSize = 0;
-  int ps = tjPixelSize[pf];
-  int ntilesw = 1, ntilesh = 1, pitch = w * ps;
-  const char *pfStr = pixFormatStr[pf];
-
-  if ((unsigned long long)pitch * (unsigned long long)h >
-      (unsigned long long)((size_t)-1))
-    THROW("allocating temporary image buffer", "Image is too large");
-  if ((tmpBuf = (unsigned char *)malloc((size_t)pitch * h)) == NULL)
-    THROW_UNIX("allocating temporary image buffer");
-
-  if (!quiet)
-    printf(">>>>>  %s (%s) <--> JPEG %s Q%d  <<<<<\n", pfStr,
-           (flags & TJFLAG_BOTTOMUP) ? "Bottom-up" : "Top-down",
-           subNameLong[subsamp], jpegQual);
-
-  for (tilew = doTile ? 8 : w, tileh = doTile ? 8 : h; ;
-       tilew *= 2, tileh *= 2) {
-    if (tilew > w) tilew = w;
-    if (tileh > h) tileh = h;
-    ntilesw = (w + tilew - 1) / tilew;
-    ntilesh = (h + tileh - 1) / tileh;
-
-    if ((jpegBuf = (unsigned char **)malloc(sizeof(unsigned char *) *
-                                            ntilesw * ntilesh)) == NULL)
-      THROW_UNIX("allocating JPEG tile array");
-    memset(jpegBuf, 0, sizeof(unsigned char *) * ntilesw * ntilesh);
-    if ((jpegSize = (unsigned long *)malloc(sizeof(unsigned long) *
-                                            ntilesw * ntilesh)) == NULL)
-      THROW_UNIX("allocating JPEG size array");
-    memset(jpegSize, 0, sizeof(unsigned long) * ntilesw * ntilesh);
-
-    if ((flags & TJFLAG_NOREALLOC) != 0)
-      for (i = 0; i < ntilesw * ntilesh; i++) {
-        if (tjBufSize(tilew, tileh, subsamp) > (unsigned long)INT_MAX)
-          THROW("getting buffer size", "Image is too large");
-        if ((jpegBuf[i] = (unsigned char *)
-                          tjAlloc(tjBufSize(tilew, tileh, subsamp))) == NULL)
-          THROW_UNIX("allocating JPEG tiles");
-      }
-
-    /* Compression test */
-    if (quiet == 1)
-      printf("%-4s (%s)  %-5s    %-3d   ", pfStr,
-             (flags & TJFLAG_BOTTOMUP) ? "BU" : "TD", subNameLong[subsamp],
-             jpegQual);
-    for (i = 0; i < h; i++)
-      memcpy(&tmpBuf[pitch * i], &srcBuf[w * ps * i], w * ps);
-    if ((handle = tjInitCompress()) == NULL)
-      THROW_TJ("executing tjInitCompress()");
-
-    if (doYUV) {
-      yuvSize = tjBufSizeYUV2(tilew, yuvPad, tileh, subsamp);
-      if (yuvSize == (unsigned long)-1)
-        THROW_TJ("allocating YUV buffer");
-      if ((yuvBuf = (unsigned char *)malloc(yuvSize)) == NULL)
-        THROW_UNIX("allocating YUV buffer");
-      memset(yuvBuf, 127, yuvSize);
-    }
-
-    /* Benchmark */
-    iter = -1;
-    elapsed = elapsedEncode = 0.;
-    while (1) {
-      int tile = 0;
-
-      totalJpegSize = 0;
-      start = getTime();
-      for (row = 0, srcPtr = srcBuf; row < ntilesh;
-           row++, srcPtr += pitch * tileh) {
-        for (col = 0, srcPtr2 = srcPtr; col < ntilesw;
-             col++, tile++, srcPtr2 += ps * tilew) {
-          int width = min(tilew, w - col * tilew);
-          int height = min(tileh, h - row * tileh);
-
-          if (doYUV) {
-            double startEncode = getTime();
-
-            if (tjEncodeYUV3(handle, srcPtr2, width, pitch, height, pf, yuvBuf,
-                             yuvPad, subsamp, flags) == -1)
-              THROW_TJ("executing tjEncodeYUV3()");
-            if (iter >= 0) elapsedEncode += getTime() - startEncode;
-            if (tjCompressFromYUV(handle, yuvBuf, width, yuvPad, height,
-                                  subsamp, &jpegBuf[tile], &jpegSize[tile],
-                                  jpegQual, flags) == -1)
-              THROW_TJ("executing tjCompressFromYUV()");
-          } else {
-            if (tjCompress2(handle, srcPtr2, width, pitch, height, pf,
-                            &jpegBuf[tile], &jpegSize[tile], subsamp, jpegQual,
-                            flags) == -1)
-              THROW_TJ("executing tjCompress2()");
-          }
-          totalJpegSize += jpegSize[tile];
-        }
-      }
-      elapsed += getTime() - start;
-      if (iter >= 0) {
-        iter++;
-        if (elapsed >= benchTime) break;
-      } else if (elapsed >= warmup) {
-        iter = 0;
-        elapsed = elapsedEncode = 0.;
-      }
-    }
-    if (doYUV) elapsed -= elapsedEncode;
-
-    if (tjDestroy(handle) == -1) THROW_TJ("executing tjDestroy()");
-    handle = NULL;
-
-    if (quiet == 1) printf("%-5d  %-5d   ", tilew, tileh);
-    if (quiet) {
-      if (doYUV)
-        printf("%-6s%s",
-               sigfig((double)(w * h) / 1000000. *
-                      (double)iter / elapsedEncode, 4, tempStr, 1024),
-               quiet == 2 ? "\n" : "  ");
-      printf("%-6s%s",
-             sigfig((double)(w * h) / 1000000. * (double)iter / elapsed, 4,
-                    tempStr, 1024),
-             quiet == 2 ? "\n" : "  ");
-      printf("%-6s%s",
-             sigfig((double)(w * h * ps) / (double)totalJpegSize, 4, tempStr2,
-                    80),
-             quiet == 2 ? "\n" : "  ");
-    } else {
-      printf("\n%s size: %d x %d\n", doTile ? "Tile" : "Image", tilew, tileh);
-      if (doYUV) {
-        printf("Encode YUV    --> Frame rate:         %f fps\n",
-               (double)iter / elapsedEncode);
-        printf("                  Output image size:  %lu bytes\n", yuvSize);
-        printf("                  Compression ratio:  %f:1\n",
-               (double)(w * h * ps) / (double)yuvSize);
-        printf("                  Throughput:         %f Megapixels/sec\n",
-               (double)(w * h) / 1000000. * (double)iter / elapsedEncode);
-        printf("                  Output bit stream:  %f Megabits/sec\n",
-               (double)yuvSize * 8. / 1000000. * (double)iter / elapsedEncode);
-      }
-      printf("%s --> Frame rate:         %f fps\n",
-             doYUV ? "Comp from YUV" : "Compress     ",
-             (double)iter / elapsed);
-      printf("                  Output image size:  %d bytes\n",
-             totalJpegSize);
-      printf("                  Compression ratio:  %f:1\n",
-             (double)(w * h * ps) / (double)totalJpegSize);
-      printf("                  Throughput:         %f Megapixels/sec\n",
-             (double)(w * h) / 1000000. * (double)iter / elapsed);
-      printf("                  Output bit stream:  %f Megabits/sec\n",
-             (double)totalJpegSize * 8. / 1000000. * (double)iter / elapsed);
-    }
-    if (tilew == w && tileh == h && doWrite) {
-      snprintf(tempStr, 1024, "%s_%s_Q%d.jpg", fileName, subName[subsamp],
-               jpegQual);
-      if ((file = fopen(tempStr, "wb")) == NULL)
-        THROW_UNIX("opening reference image");
-      if (fwrite(jpegBuf[0], jpegSize[0], 1, file) != 1)
-        THROW_UNIX("writing reference image");
-      fclose(file);  file = NULL;
-      if (!quiet) printf("Reference image written to %s\n", tempStr);
-    }
-
-    /* Decompression test */
-    if (!compOnly) {
-      if (decomp(srcBuf, jpegBuf, jpegSize, tmpBuf, w, h, subsamp, jpegQual,
-                 fileName, tilew, tileh) == -1)
-        goto bailout;
-    } else if (quiet == 1) printf("N/A\n");
-
-    for (i = 0; i < ntilesw * ntilesh; i++) {
-      tjFree(jpegBuf[i]);
-      jpegBuf[i] = NULL;
-    }
-    free(jpegBuf);  jpegBuf = NULL;
-    free(jpegSize);  jpegSize = NULL;
-    if (doYUV) {
-      free(yuvBuf);  yuvBuf = NULL;
-    }
-
-    if (tilew == w && tileh == h) break;
-  }
-
-bailout:
-  if (file) fclose(file);
-  if (jpegBuf) {
-    for (i = 0; i < ntilesw * ntilesh; i++)
-      tjFree(jpegBuf[i]);
-  }
-  free(jpegBuf);
-  free(yuvBuf);
-  free(jpegSize);
-  free(tmpBuf);
-  if (handle) tjDestroy(handle);
-  return retval;
-}
-
-
-static int decompTest(char *fileName)
-{
-  FILE *file = NULL;
-  tjhandle handle = NULL;
-  unsigned char **jpegBuf = NULL, *srcBuf = NULL;
-  unsigned long *jpegSize = NULL, srcSize, totalJpegSize;
-  tjtransform *t = NULL;
-  double start, elapsed;
-  int ps = tjPixelSize[pf], tile, row, col, i, iter, retval = 0, decompsrc = 0;
-  char *temp = NULL, tempStr[80], tempStr2[80];
-  /* Original image */
-  int w = 0, h = 0, tilew, tileh, ntilesw = 1, ntilesh = 1, subsamp = -1,
-    cs = -1;
-  /* Transformed image */
-  int tw, th, ttilew, ttileh, tntilesw, tntilesh, tsubsamp;
-
-  if ((file = fopen(fileName, "rb")) == NULL)
-    THROW_UNIX("opening file");
-  if (fseek(file, 0, SEEK_END) < 0 ||
-      (srcSize = ftell(file)) == (unsigned long)-1)
-    THROW_UNIX("determining file size");
-  if ((srcBuf = (unsigned char *)malloc(srcSize)) == NULL)
-    THROW_UNIX("allocating memory");
-  if (fseek(file, 0, SEEK_SET) < 0)
-    THROW_UNIX("setting file position");
-  if (fread(srcBuf, srcSize, 1, file) < 1)
-    THROW_UNIX("reading JPEG data");
-  fclose(file);  file = NULL;
-
-  temp = strrchr(fileName, '.');
-  if (temp != NULL) *temp = '\0';
-
-  if ((handle = tjInitTransform()) == NULL)
-    THROW_TJ("executing tjInitTransform()");
-  if (tjDecompressHeader3(handle, srcBuf, srcSize, &w, &h, &subsamp,
-                          &cs) == -1)
-    THROW_TJ("executing tjDecompressHeader3()");
-  if (w < 1 || h < 1)
-    THROW("reading JPEG header", "Invalid image dimensions");
-  if (cs == TJCS_YCCK || cs == TJCS_CMYK) {
-    pf = TJPF_CMYK;  ps = tjPixelSize[pf];
-  }
-
-  if (quiet == 1) {
-    printf("All performance values in Mpixels/sec\n\n");
-    printf("Bitmap     JPEG   JPEG     %s  %s   Xform   Comp    Decomp  ",
-           doTile ? "Tile " : "Image", doTile ? "Tile " : "Image");
-    if (doYUV) printf("Decode");
-    printf("\n");
-    printf("Format     CS     Subsamp  Width  Height  Perf    Ratio   Perf    ");
-    if (doYUV) printf("Perf");
-    printf("\n\n");
-  } else if (!quiet)
-    printf(">>>>>  JPEG %s --> %s (%s)  <<<<<\n",
-           formatName(subsamp, cs, tempStr), pixFormatStr[pf],
-           (flags & TJFLAG_BOTTOMUP) ? "Bottom-up" : "Top-down");
-
-  for (tilew = doTile ? 16 : w, tileh = doTile ? 16 : h; ;
-       tilew *= 2, tileh *= 2) {
-    if (tilew > w) tilew = w;
-    if (tileh > h) tileh = h;
-    ntilesw = (w + tilew - 1) / tilew;
-    ntilesh = (h + tileh - 1) / tileh;
-
-    if ((jpegBuf = (unsigned char **)malloc(sizeof(unsigned char *) *
-                                            ntilesw * ntilesh)) == NULL)
-      THROW_UNIX("allocating JPEG tile array");
-    memset(jpegBuf, 0, sizeof(unsigned char *) * ntilesw * ntilesh);
-    if ((jpegSize = (unsigned long *)malloc(sizeof(unsigned long) *
-                                            ntilesw * ntilesh)) == NULL)
-      THROW_UNIX("allocating JPEG size array");
-    memset(jpegSize, 0, sizeof(unsigned long) * ntilesw * ntilesh);
-
-    if ((flags & TJFLAG_NOREALLOC) != 0 &&
-        (doTile || xformOp != TJXOP_NONE || xformOpt != 0 || customFilter))
-      for (i = 0; i < ntilesw * ntilesh; i++) {
-        if (tjBufSize(tilew, tileh, subsamp) > (unsigned long)INT_MAX)
-          THROW("getting buffer size", "Image is too large");
-        if ((jpegBuf[i] = (unsigned char *)
-                          tjAlloc(tjBufSize(tilew, tileh, subsamp))) == NULL)
-          THROW_UNIX("allocating JPEG tiles");
-      }
-
-    tw = w;  th = h;  ttilew = tilew;  ttileh = tileh;
-    if (!quiet) {
-      printf("\n%s size: %d x %d", doTile ? "Tile" : "Image", ttilew, ttileh);
-      if (sf.num != 1 || sf.denom != 1)
-        printf(" --> %d x %d", TJSCALED(tw, sf), TJSCALED(th, sf));
-      printf("\n");
-    } else if (quiet == 1) {
-      printf("%-4s (%s)  %-5s  %-5s    ", pixFormatStr[pf],
-             (flags & TJFLAG_BOTTOMUP) ? "BU" : "TD", csName[cs],
-             subNameLong[subsamp]);
-      printf("%-5d  %-5d   ", tilew, tileh);
-    }
-
-    tsubsamp = subsamp;
-    if (doTile || xformOp != TJXOP_NONE || xformOpt != 0 || customFilter) {
-      if ((t = (tjtransform *)malloc(sizeof(tjtransform) * ntilesw *
-                                     ntilesh)) == NULL)
-        THROW_UNIX("allocating image transform array");
-
-      if (xformOp == TJXOP_TRANSPOSE || xformOp == TJXOP_TRANSVERSE ||
-          xformOp == TJXOP_ROT90 || xformOp == TJXOP_ROT270) {
-        tw = h;  th = w;  ttilew = tileh;  ttileh = tilew;
-      }
-
-      if (xformOpt & TJXOPT_GRAY) tsubsamp = TJ_GRAYSCALE;
-      if (xformOp == TJXOP_HFLIP || xformOp == TJXOP_ROT180)
-        tw = tw - (tw % tjMCUWidth[tsubsamp]);
-      if (xformOp == TJXOP_VFLIP || xformOp == TJXOP_ROT180)
-        th = th - (th % tjMCUHeight[tsubsamp]);
-      if (xformOp == TJXOP_TRANSVERSE || xformOp == TJXOP_ROT90)
-        tw = tw - (tw % tjMCUHeight[tsubsamp]);
-      if (xformOp == TJXOP_TRANSVERSE || xformOp == TJXOP_ROT270)
-        th = th - (th % tjMCUWidth[tsubsamp]);
-      tntilesw = (tw + ttilew - 1) / ttilew;
-      tntilesh = (th + ttileh - 1) / ttileh;
-
-      if (xformOp == TJXOP_TRANSPOSE || xformOp == TJXOP_TRANSVERSE ||
-          xformOp == TJXOP_ROT90 || xformOp == TJXOP_ROT270) {
-        if (tsubsamp == TJSAMP_422) tsubsamp = TJSAMP_440;
-        else if (tsubsamp == TJSAMP_440) tsubsamp = TJSAMP_422;
-      }
-
-      for (row = 0, tile = 0; row < tntilesh; row++) {
-        for (col = 0; col < tntilesw; col++, tile++) {
-          t[tile].r.w = min(ttilew, tw - col * ttilew);
-          t[tile].r.h = min(ttileh, th - row * ttileh);
-          t[tile].r.x = col * ttilew;
-          t[tile].r.y = row * ttileh;
-          t[tile].op = xformOp;
-          t[tile].options = xformOpt | TJXOPT_TRIM;
-          t[tile].customFilter = customFilter;
-          if (t[tile].options & TJXOPT_NOOUTPUT && jpegBuf[tile]) {
-            tjFree(jpegBuf[tile]);  jpegBuf[tile] = NULL;
-          }
-        }
-      }
-
-      iter = -1;
-      elapsed = 0.;
-      while (1) {
-        start = getTime();
-        if (tjTransform(handle, srcBuf, srcSize, tntilesw * tntilesh, jpegBuf,
-                        jpegSize, t, flags) == -1)
-          THROW_TJ("executing tjTransform()");
-        elapsed += getTime() - start;
-        if (iter >= 0) {
-          iter++;
-          if (elapsed >= benchTime) break;
-        } else if (elapsed >= warmup) {
-          iter = 0;
-          elapsed = 0.;
-        }
-      }
-
-      free(t);  t = NULL;
-
-      for (tile = 0, totalJpegSize = 0; tile < tntilesw * tntilesh; tile++)
-        totalJpegSize += jpegSize[tile];
-
-      if (quiet) {
-        printf("%-6s%s%-6s%s",
-               sigfig((double)(w * h) / 1000000. / elapsed, 4, tempStr, 80),
-               quiet == 2 ? "\n" : "  ",
-               sigfig((double)(w * h * ps) / (double)totalJpegSize, 4,
-                      tempStr2, 80),
-               quiet == 2 ? "\n" : "  ");
-      } else if (!quiet) {
-        printf("Transform     --> Frame rate:         %f fps\n",
-               1.0 / elapsed);
-        printf("                  Output image size:  %lu bytes\n",
-               totalJpegSize);
-        printf("                  Compression ratio:  %f:1\n",
-               (double)(w * h * ps) / (double)totalJpegSize);
-        printf("                  Throughput:         %f Megapixels/sec\n",
-               (double)(w * h) / 1000000. / elapsed);
-        printf("                  Output bit stream:  %f Megabits/sec\n",
-               (double)totalJpegSize * 8. / 1000000. / elapsed);
-      }
-    } else {
-      if (quiet == 1) printf("N/A     N/A     ");
-      tjFree(jpegBuf[0]);
-      jpegBuf[0] = NULL;
-      decompsrc = 1;
-    }
-
-    if (w == tilew) ttilew = tw;
-    if (h == tileh) ttileh = th;
-    if (!(xformOpt & TJXOPT_NOOUTPUT)) {
-      if (decomp(NULL, decompsrc ? &srcBuf : jpegBuf,
-                 decompsrc ? &srcSize : jpegSize, NULL, tw, th, tsubsamp, 0,
-                 fileName, ttilew, ttileh) == -1)
-        goto bailout;
-    } else if (quiet == 1) printf("N/A\n");
-
-    for (i = 0; i < ntilesw * ntilesh; i++) {
-      tjFree(jpegBuf[i]);
-      jpegBuf[i] = NULL;
-    }
-    free(jpegBuf);  jpegBuf = NULL;
-    free(jpegSize);  jpegSize = NULL;
-
-    if (tilew == w && tileh == h) break;
-  }
-
-bailout:
-  if (file) fclose(file);
-  if (jpegBuf) {
-    for (i = 0; i < ntilesw * ntilesh; i++)
-      tjFree(jpegBuf[i]);
-  }
-  free(jpegBuf);
-  free(jpegSize);
-  free(srcBuf);
-  free(t);
-  if (handle) { tjDestroy(handle);  handle = NULL; }
-  return retval;
-}
-
-
-static void usage(char *progName)
-{
-  int i;
-
-  printf("USAGE: %s\n", progName);
-  printf("       <Inputfile (BMP|PPM)> <Quality> [options]\n\n");
-  printf("       %s\n", progName);
-  printf("       <Inputfile (JPG)> [options]\n\n");
-  printf("Options:\n\n");
-  printf("-alloc = Dynamically allocate JPEG image buffers\n");
-  printf("-bmp = Generate output images in Windows Bitmap format (default = PPM)\n");
-  printf("-bottomup = Test bottom-up compression/decompression\n");
-  printf("-tile = Test performance of the codec when the image is encoded as separate\n");
-  printf("     tiles of varying sizes.\n");
-  printf("-rgb, -bgr, -rgbx, -bgrx, -xbgr, -xrgb =\n");
-  printf("     Test the specified color conversion path in the codec (default = BGR)\n");
-  printf("-cmyk = Indirectly test YCCK JPEG compression/decompression (the source\n");
-  printf("     and destination bitmaps are still RGB.  The conversion is done\n");
-  printf("     internally prior to compression or after decompression.)\n");
-  printf("-fastupsample = Use the fastest chrominance upsampling algorithm available in\n");
-  printf("     the underlying codec\n");
-  printf("-fastdct = Use the fastest DCT/IDCT algorithms available in the underlying\n");
-  printf("     codec\n");
-  printf("-accuratedct = Use the most accurate DCT/IDCT algorithms available in the\n");
-  printf("     underlying codec\n");
-  printf("-progressive = Use progressive entropy coding in JPEG images generated by\n");
-  printf("     compression and transform operations.\n");
-  printf("-subsamp <s> = When testing JPEG compression, this option specifies the level\n");
-  printf("     of chrominance subsampling to use (<s> = 444, 422, 440, 420, 411, or\n");
-  printf("     GRAY).  The default is to test Grayscale, 4:2:0, 4:2:2, and 4:4:4 in\n");
-  printf("     sequence.\n");
-  printf("-quiet = Output results in tabular rather than verbose format\n");
-  printf("-yuv = Test YUV encoding/decoding functions\n");
-  printf("-yuvpad <p> = If testing YUV encoding/decoding, this specifies the number of\n");
-  printf("     bytes to which each row of each plane in the intermediate YUV image is\n");
-  printf("     padded (default = 1)\n");
-  printf("-scale M/N = Scale down the width/height of the decompressed JPEG image by a\n");
-  printf("     factor of M/N (M/N = ");
-  for (i = 0; i < nsf; i++) {
-    printf("%d/%d", scalingFactors[i].num, scalingFactors[i].denom);
-    if (nsf == 2 && i != nsf - 1) printf(" or ");
-    else if (nsf > 2) {
-      if (i != nsf - 1) printf(", ");
-      if (i == nsf - 2) printf("or ");
-    }
-    if (i % 8 == 0 && i != 0) printf("\n     ");
-  }
-  printf(")\n");
-  printf("-hflip, -vflip, -transpose, -transverse, -rot90, -rot180, -rot270 =\n");
-  printf("     Perform the corresponding lossless transform prior to\n");
-  printf("     decompression (these options are mutually exclusive)\n");
-  printf("-grayscale = Perform lossless grayscale conversion prior to decompression\n");
-  printf("     test (can be combined with the other transforms above)\n");
-  printf("-copynone = Do not copy any extra markers (including EXIF and ICC profile data)\n");
-  printf("     when transforming the image.\n");
-  printf("-benchtime <t> = Run each benchmark for at least <t> seconds (default = 5.0)\n");
-  printf("-warmup <t> = Run each benchmark for <t> seconds (default = 1.0) prior to\n");
-  printf("     starting the timer, in order to prime the caches and thus improve the\n");
-  printf("     consistency of the results.\n");
-  printf("-componly = Stop after running compression tests.  Do not test decompression.\n");
-  printf("-nowrite = Do not write reference or output images (improves consistency of\n");
-  printf("     performance measurements.)\n");
-  printf("-limitscans = Refuse to decompress or transform progressive JPEG images that\n");
-  printf("     have an unreasonably large number of scans\n");
-  printf("-stoponwarning = Immediately discontinue the current\n");
-  printf("     compression/decompression/transform operation if the underlying codec\n");
-  printf("     throws a warning (non-fatal error)\n\n");
-  printf("NOTE:  If the quality is specified as a range (e.g. 90-100), a separate\n");
-  printf("test will be performed for all quality values in the range.\n\n");
-  exit(1);
-}
-
-
-int main(int argc, char *argv[])
-{
-  unsigned char *srcBuf = NULL;
-  int w = 0, h = 0, i, j, minQual = -1, maxQual = -1;
-  char *temp;
-  int minArg = 2, retval = 0, subsamp = -1;
-
-  if ((scalingFactors = tjGetScalingFactors(&nsf)) == NULL || nsf == 0)
-    THROW("executing tjGetScalingFactors()", tjGetErrorStr());
-
-  if (argc < minArg) usage(argv[0]);
-
-  temp = strrchr(argv[1], '.');
-  if (temp != NULL) {
-    if (!strcasecmp(temp, ".bmp")) ext = "bmp";
-    if (!strcasecmp(temp, ".jpg") || !strcasecmp(temp, ".jpeg"))
-      decompOnly = 1;
-  }
-
-  printf("\n");
-
-  if (!decompOnly) {
-    minArg = 3;
-    if (argc < minArg) usage(argv[0]);
-    if ((minQual = atoi(argv[2])) < 1 || minQual > 100) {
-      puts("ERROR: Quality must be between 1 and 100.");
-      exit(1);
-    }
-    if ((temp = strchr(argv[2], '-')) != NULL && strlen(temp) > 1 &&
-        sscanf(&temp[1], "%d", &maxQual) == 1 && maxQual > minQual &&
-        maxQual >= 1 && maxQual <= 100) {}
-    else maxQual = minQual;
-  }
-
-  if (argc > minArg) {
-    for (i = minArg; i < argc; i++) {
-      if (!strcasecmp(argv[i], "-tile")) {
-        doTile = 1;  xformOpt |= TJXOPT_CROP;
-      } else if (!strcasecmp(argv[i], "-fastupsample")) {
-        printf("Using fast upsampling code\n\n");
-        flags |= TJFLAG_FASTUPSAMPLE;
-      } else if (!strcasecmp(argv[i], "-fastdct")) {
-        printf("Using fastest DCT/IDCT algorithm\n\n");
-        flags |= TJFLAG_FASTDCT;
-      } else if (!strcasecmp(argv[i], "-accuratedct")) {
-        printf("Using most accurate DCT/IDCT algorithm\n\n");
-        flags |= TJFLAG_ACCURATEDCT;
-      } else if (!strcasecmp(argv[i], "-progressive")) {
-        printf("Using progressive entropy coding\n\n");
-        flags |= TJFLAG_PROGRESSIVE;
-      } else if (!strcasecmp(argv[i], "-rgb"))
-        pf = TJPF_RGB;
-      else if (!strcasecmp(argv[i], "-rgbx"))
-        pf = TJPF_RGBX;
-      else if (!strcasecmp(argv[i], "-bgr"))
-        pf = TJPF_BGR;
-      else if (!strcasecmp(argv[i], "-bgrx"))
-        pf = TJPF_BGRX;
-      else if (!strcasecmp(argv[i], "-xbgr"))
-        pf = TJPF_XBGR;
-      else if (!strcasecmp(argv[i], "-xrgb"))
-        pf = TJPF_XRGB;
-      else if (!strcasecmp(argv[i], "-cmyk"))
-        pf = TJPF_CMYK;
-      else if (!strcasecmp(argv[i], "-bottomup"))
-        flags |= TJFLAG_BOTTOMUP;
-      else if (!strcasecmp(argv[i], "-quiet"))
-        quiet = 1;
-      else if (!strcasecmp(argv[i], "-qq"))
-        quiet = 2;
-      else if (!strcasecmp(argv[i], "-scale") && i < argc - 1) {
-        int temp1 = 0, temp2 = 0, match = 0;
-
-        if (sscanf(argv[++i], "%d/%d", &temp1, &temp2) == 2) {
-          for (j = 0; j < nsf; j++) {
-            if ((double)temp1 / (double)temp2 ==
-                (double)scalingFactors[j].num /
-                (double)scalingFactors[j].denom) {
-              sf = scalingFactors[j];
-              match = 1;  break;
-            }
-          }
-          if (!match) usage(argv[0]);
-        } else usage(argv[0]);
-      } else if (!strcasecmp(argv[i], "-hflip"))
-        xformOp = TJXOP_HFLIP;
-      else if (!strcasecmp(argv[i], "-vflip"))
-        xformOp = TJXOP_VFLIP;
-      else if (!strcasecmp(argv[i], "-transpose"))
-        xformOp = TJXOP_TRANSPOSE;
-      else if (!strcasecmp(argv[i], "-transverse"))
-        xformOp = TJXOP_TRANSVERSE;
-      else if (!strcasecmp(argv[i], "-rot90"))
-        xformOp = TJXOP_ROT90;
-      else if (!strcasecmp(argv[i], "-rot180"))
-        xformOp = TJXOP_ROT180;
-      else if (!strcasecmp(argv[i], "-rot270"))
-        xformOp = TJXOP_ROT270;
-      else if (!strcasecmp(argv[i], "-grayscale"))
-        xformOpt |= TJXOPT_GRAY;
-      else if (!strcasecmp(argv[i], "-custom"))
-        customFilter = dummyDCTFilter;
-      else if (!strcasecmp(argv[i], "-nooutput"))
-        xformOpt |= TJXOPT_NOOUTPUT;
-      else if (!strcasecmp(argv[i], "-copynone"))
-        xformOpt |= TJXOPT_COPYNONE;
-      else if (!strcasecmp(argv[i], "-benchtime") && i < argc - 1) {
-        double tempd = atof(argv[++i]);
-
-        if (tempd > 0.0) benchTime = tempd;
-        else usage(argv[0]);
-      } else if (!strcasecmp(argv[i], "-warmup") && i < argc - 1) {
-        double tempd = atof(argv[++i]);
-
-        if (tempd >= 0.0) warmup = tempd;
-        else usage(argv[0]);
-        printf("Warmup time = %.1f seconds\n\n", warmup);
-      } else if (!strcasecmp(argv[i], "-alloc"))
-        flags &= (~TJFLAG_NOREALLOC);
-      else if (!strcasecmp(argv[i], "-bmp"))
-        ext = "bmp";
-      else if (!strcasecmp(argv[i], "-yuv")) {
-        printf("Testing YUV planar encoding/decoding\n\n");
-        doYUV = 1;
-      } else if (!strcasecmp(argv[i], "-yuvpad") && i < argc - 1) {
-        int tempi = atoi(argv[++i]);
-
-        if (tempi >= 1) yuvPad = tempi;
-      } else if (!strcasecmp(argv[i], "-subsamp") && i < argc - 1) {
-        i++;
-        if (toupper(argv[i][0]) == 'G') subsamp = TJSAMP_GRAY;
-        else {
-          int tempi = atoi(argv[i]);
-
-          switch (tempi) {
-          case 444:  subsamp = TJSAMP_444;  break;
-          case 422:  subsamp = TJSAMP_422;  break;
-          case 440:  subsamp = TJSAMP_440;  break;
-          case 420:  subsamp = TJSAMP_420;  break;
-          case 411:  subsamp = TJSAMP_411;  break;
-          }
-        }
-      } else if (!strcasecmp(argv[i], "-componly"))
-        compOnly = 1;
-      else if (!strcasecmp(argv[i], "-nowrite"))
-        doWrite = 0;
-      else if (!strcasecmp(argv[i], "-limitscans"))
-        flags |= TJFLAG_LIMITSCANS;
-      else if (!strcasecmp(argv[i], "-stoponwarning"))
-        flags |= TJFLAG_STOPONWARNING;
-      else usage(argv[0]);
-    }
-  }
-
-  if ((sf.num != 1 || sf.denom != 1) && doTile) {
-    printf("Disabling tiled compression/decompression tests, because those tests do not\n");
-    printf("work when scaled decompression is enabled.\n");
-    doTile = 0;
-  }
-
-  if ((flags & TJFLAG_NOREALLOC) == 0 && doTile) {
-    printf("Disabling tiled compression/decompression tests, because those tests do not\n");
-    printf("work when dynamic JPEG buffer allocation is enabled.\n\n");
-    doTile = 0;
-  }
-
-  if (!decompOnly) {
-    if ((srcBuf = tjLoadImage(argv[1], &w, 1, &h, &pf, flags)) == NULL)
-      THROW_TJG("loading bitmap");
-    temp = strrchr(argv[1], '.');
-    if (temp != NULL) *temp = '\0';
-  }
-
-  if (quiet == 1 && !decompOnly) {
-    printf("All performance values in Mpixels/sec\n\n");
-    printf("Bitmap     JPEG     JPEG  %s  %s   ",
-           doTile ? "Tile " : "Image", doTile ? "Tile " : "Image");
-    if (doYUV) printf("Encode  ");
-    printf("Comp    Comp    Decomp  ");
-    if (doYUV) printf("Decode");
-    printf("\n");
-    printf("Format     Subsamp  Qual  Width  Height  ");
-    if (doYUV) printf("Perf    ");
-    printf("Perf    Ratio   Perf    ");
-    if (doYUV) printf("Perf");
-    printf("\n\n");
-  }
-
-  if (decompOnly) {
-    decompTest(argv[1]);
-    printf("\n");
-    goto bailout;
-  }
-  if (subsamp >= 0 && subsamp < TJ_NUMSAMP) {
-    for (i = maxQual; i >= minQual; i--)
-      fullTest(srcBuf, w, h, subsamp, i, argv[1]);
-    printf("\n");
-  } else {
-    if (pf != TJPF_CMYK) {
-      for (i = maxQual; i >= minQual; i--)
-        fullTest(srcBuf, w, h, TJSAMP_GRAY, i, argv[1]);
-      printf("\n");
-    }
-    for (i = maxQual; i >= minQual; i--)
-      fullTest(srcBuf, w, h, TJSAMP_420, i, argv[1]);
-    printf("\n");
-    for (i = maxQual; i >= minQual; i--)
-      fullTest(srcBuf, w, h, TJSAMP_422, i, argv[1]);
-    printf("\n");
-    for (i = maxQual; i >= minQual; i--)
-      fullTest(srcBuf, w, h, TJSAMP_444, i, argv[1]);
-    printf("\n");
-  }
-
-bailout:
-  tjFree(srcBuf);
-  return retval;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/tjbenchtest.in b/3rdparty/libjpeg-turbo_2_1_0/tjbenchtest.in
deleted file mode 100644
index 1c08b37..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/tjbenchtest.in
+++ /dev/null
@@ -1,256 +0,0 @@
-#!/bin/bash
-
-set -u
-set -e
-trap onexit INT
-trap onexit TERM
-trap onexit EXIT
-
-onexit()
-{
-	if [ -d $OUTDIR ]; then
-		rm -rf $OUTDIR
-	fi
-}
-
-runme()
-{
-	echo \*\*\* $*
-	$*
-}
-
-EXT=bmp
-IMAGES="vgl_5674_0098.${EXT} vgl_6434_0018a.${EXT} vgl_6548_0026a.${EXT} nightshot_iso_100.${EXT}"
-IMGDIR=@CMAKE_CURRENT_SOURCE_DIR@/testimages
-OUTDIR=`mktemp -d /tmp/__tjbenchtest_output.XXXXXX`
-EXEDIR=@CMAKE_CURRENT_BINARY_DIR@
-BMPARG=
-NSARG=
-YUVARG=
-ALLOC=0
-ALLOCARG=
-PROGARG=
-if [ "$EXT" = "bmp" ]; then BMPARG=-bmp; fi
-
-if [ -d $OUTDIR ]; then
-	rm -rf $OUTDIR
-fi
-mkdir -p $OUTDIR
-
-while [ $# -gt 0 ]; do
-	case "$1" in
-	-yuv)
-		NSARG=-nosmooth
-		YUVARG=-yuv
-
-# NOTE: The combination of tjEncodeYUV*() and tjCompressFromYUV*() does not
-# always produce bitwise-identical results to tjCompress*() if subsampling is
-# enabled.  In both cases, if the image width or height are not evenly
-# divisible by the MCU width/height, then the bottom and/or right edge are
-# expanded.  However, the libjpeg code performs this expansion prior to
-# downsampling, and TurboJPEG performs it in tjCompressFromYUV*(), which is
-# after downsampling.  Thus, the two will agree only if the width/height along
-# each downsampled dimension is an odd number or is evenly divisible by the MCU
-# width/height.  This disagreement basically amounts to a round-off error, but
-# there is no easy way around it, so for now, we just test the only image that
-# works.  (NOTE: nightshot_iso_100 does not suffer from the above issue, but
-# it suffers from an unrelated problem whereby the combination of
-# tjDecompressToYUV*() and tjDecodeYUV*() do not produce bitwise-identical
-# results to tjDecompress*() if decompression scaling is enabled.  This latter
-# phenomenon is not yet fully understood but is also believed to be some sort
-# of round-off error.)
-		IMAGES="vgl_6548_0026a.${EXT}"
-		;;
-	-alloc)
-		ALLOCARG=-alloc
-		ALLOC=1
-		;;
-	-progressive)
-		PROGARG=-progressive
-		;;
-	esac
-	shift
-done
-
-exec >$EXEDIR/tjbenchtest$YUVARG$ALLOCARG$PROGARG.log
-
-# Standard tests
-for image in $IMAGES; do
-
-	cp $IMGDIR/$image $OUTDIR
-	basename=`basename $image .${EXT}`
-	runme $EXEDIR/cjpeg -quality 95 -dct fast $PROGARG -grayscale -outfile $OUTDIR/${basename}_GRAY_fast_cjpeg.jpg $IMGDIR/${basename}.${EXT}
-	runme $EXEDIR/cjpeg -quality 95 -dct fast $PROGARG -sample 2x2 -outfile $OUTDIR/${basename}_420_fast_cjpeg.jpg $IMGDIR/${basename}.${EXT}
-	runme $EXEDIR/cjpeg -quality 95 -dct fast $PROGARG -sample 2x1 -outfile $OUTDIR/${basename}_422_fast_cjpeg.jpg $IMGDIR/${basename}.${EXT}
-	runme $EXEDIR/cjpeg -quality 95 -dct fast $PROGARG -sample 1x1 -outfile $OUTDIR/${basename}_444_fast_cjpeg.jpg $IMGDIR/${basename}.${EXT}
-	runme $EXEDIR/cjpeg -quality 95 -dct int $PROGARG -grayscale -outfile $OUTDIR/${basename}_GRAY_accurate_cjpeg.jpg $IMGDIR/${basename}.${EXT}
-	runme $EXEDIR/cjpeg -quality 95 -dct int $PROGARG -sample 2x2 -outfile $OUTDIR/${basename}_420_accurate_cjpeg.jpg $IMGDIR/${basename}.${EXT}
-	runme $EXEDIR/cjpeg -quality 95 -dct int $PROGARG -sample 2x1 -outfile $OUTDIR/${basename}_422_accurate_cjpeg.jpg $IMGDIR/${basename}.${EXT}
-	runme $EXEDIR/cjpeg -quality 95 -dct int $PROGARG -sample 1x1 -outfile $OUTDIR/${basename}_444_accurate_cjpeg.jpg $IMGDIR/${basename}.${EXT}
-	for samp in GRAY 420 422 444; do
-		runme $EXEDIR/djpeg -rgb $NSARG $BMPARG -outfile $OUTDIR/${basename}_${samp}_default_djpeg.${EXT} $OUTDIR/${basename}_${samp}_fast_cjpeg.jpg
-		runme $EXEDIR/djpeg -dct fast -rgb $NSARG $BMPARG -outfile $OUTDIR/${basename}_${samp}_fast_djpeg.${EXT} $OUTDIR/${basename}_${samp}_fast_cjpeg.jpg
-		runme $EXEDIR/djpeg -dct int -rgb $NSARG $BMPARG -outfile $OUTDIR/${basename}_${samp}_accurate_djpeg.${EXT} $OUTDIR/${basename}_${samp}_accurate_cjpeg.jpg
-	done
-	for samp in 420 422; do
-		runme $EXEDIR/djpeg -nosmooth $BMPARG -outfile $OUTDIR/${basename}_${samp}_default_nosmooth_djpeg.${EXT} $OUTDIR/${basename}_${samp}_fast_cjpeg.jpg
-		runme $EXEDIR/djpeg -dct fast -nosmooth $BMPARG -outfile $OUTDIR/${basename}_${samp}_fast_nosmooth_djpeg.${EXT} $OUTDIR/${basename}_${samp}_fast_cjpeg.jpg
-		runme $EXEDIR/djpeg -dct int -nosmooth $BMPARG -outfile $OUTDIR/${basename}_${samp}_accurate_nosmooth_djpeg.${EXT} $OUTDIR/${basename}_${samp}_accurate_cjpeg.jpg
-	done
-
-	# Compression
-	for dct in accurate fast; do
-		runme $EXEDIR/tjbench $OUTDIR/$image 95 -rgb -quiet -benchtime 0.01 -warmup 0 -${dct}dct $YUVARG $ALLOCARG $PROGARG
-		for samp in GRAY 420 422 444; do
-			runme cmp $OUTDIR/${basename}_${samp}_Q95.jpg $OUTDIR/${basename}_${samp}_${dct}_cjpeg.jpg
-		done
-	done
-
-	for dct in fast accurate default; do
-		dctarg=-${dct}dct
-		if [ "${dct}" = "default" ]; then
-			dctarg=
-		fi
-
-		# Tiled compression & decompression
-		runme $EXEDIR/tjbench $OUTDIR/$image 95 -rgb -tile -quiet -benchtime 0.01 -warmup 0 ${dctarg} $YUVARG $ALLOCARG $PROGARG
-		for samp in GRAY 444; do
-			if [ $ALLOC = 1 ]; then
-				runme cmp $OUTDIR/${basename}_${samp}_Q95_full.${EXT} $OUTDIR/${basename}_${samp}_${dct}_djpeg.${EXT}
-				rm $OUTDIR/${basename}_${samp}_Q95_full.${EXT}
-			else
-				for i in $OUTDIR/${basename}_${samp}_Q95_[0-9]*[0-9]x[0-9]*[0-9].${EXT} \
-					$OUTDIR/${basename}_${samp}_Q95_full.${EXT}; do
-					runme cmp $i $OUTDIR/${basename}_${samp}_${dct}_djpeg.${EXT}
-					rm $i
-				done
-			fi
-		done
-		runme $EXEDIR/tjbench $OUTDIR/$image 95 -rgb -tile -quiet -benchtime 0.01 -warmup 0 -fastupsample ${dctarg} $YUVARG $ALLOCARG $PROGARG
-		for samp in 420 422; do
-			if [ $ALLOC = 1 ]; then
-				runme cmp $OUTDIR/${basename}_${samp}_Q95_full.${EXT} $OUTDIR/${basename}_${samp}_${dct}_nosmooth_djpeg.${EXT}
-				rm $OUTDIR/${basename}_${samp}_Q95_full.${EXT}
-			else
-				for i in $OUTDIR/${basename}_${samp}_Q95_[0-9]*[0-9]x[0-9]*[0-9].${EXT} \
-					$OUTDIR/${basename}_${samp}_Q95_full.${EXT}; do
-					runme cmp $i $OUTDIR/${basename}_${samp}_${dct}_nosmooth_djpeg.${EXT}
-					rm $i
-				done
-			fi
-		done
-
-		# Tiled decompression
-		for samp in GRAY 444; do
-			runme $EXEDIR/tjbench $OUTDIR/${basename}_${samp}_Q95.jpg $BMPARG -tile -quiet -benchtime 0.01 -warmup 0 ${dctarg} $YUVARG $ALLOCARG $PROGARG
-			if [ $ALLOC = 1 ]; then
-				runme cmp $OUTDIR/${basename}_${samp}_Q95_full.${EXT} $OUTDIR/${basename}_${samp}_${dct}_djpeg.${EXT}
-				rm $OUTDIR/${basename}_${samp}_Q95_full.${EXT}
-			else
-				for i in $OUTDIR/${basename}_${samp}_Q95_[0-9]*[0-9]x[0-9]*[0-9].${EXT} \
-					$OUTDIR/${basename}_${samp}_Q95_full.${EXT}; do
-					runme cmp $i $OUTDIR/${basename}_${samp}_${dct}_djpeg.${EXT}
-					rm $i
-				done
-			fi
-		done
-		for samp in 420 422; do
-			runme $EXEDIR/tjbench $OUTDIR/${basename}_${samp}_Q95.jpg $BMPARG -tile -quiet -benchtime 0.01 -warmup 0 -fastupsample ${dctarg} $YUVARG $ALLOCARG $PROGARG
-			if [ $ALLOC = 1 ]; then
-				runme cmp $OUTDIR/${basename}_${samp}_Q95_full.${EXT} $OUTDIR/${basename}_${samp}_${dct}_nosmooth_djpeg.${EXT}
-				rm $OUTDIR/${basename}_${samp}_Q95_full.${EXT}
-			else
-				for i in $OUTDIR/${basename}_${samp}_Q95_[0-9]*[0-9]x[0-9]*[0-9].${EXT} \
-					$OUTDIR/${basename}_${samp}_Q95_full.${EXT}; do
-					runme cmp $i $OUTDIR/${basename}_${samp}_${dct}_nosmooth_djpeg.${EXT}
-					rm $i
-				done
-			fi
-		done
-	done
-
-	# Scaled decompression
-	for scale in 2_1 15_8 7_4 13_8 3_2 11_8 5_4 9_8 7_8 3_4 5_8 1_2 3_8 1_4 1_8; do
-		scalearg=`echo $scale | sed 's/\_/\//g'`
-		for samp in GRAY 420 422 444; do
-			runme $EXEDIR/djpeg -rgb -scale ${scalearg} $NSARG $BMPARG -outfile $OUTDIR/${basename}_${samp}_${scale}_djpeg.${EXT} $OUTDIR/${basename}_${samp}_fast_cjpeg.jpg
-			runme $EXEDIR/tjbench $OUTDIR/${basename}_${samp}_Q95.jpg $BMPARG -scale ${scalearg} -quiet -benchtime 0.01 -warmup 0 $YUVARG $ALLOCARG $PROGARG
-			runme cmp $OUTDIR/${basename}_${samp}_Q95_${scale}.${EXT} $OUTDIR/${basename}_${samp}_${scale}_djpeg.${EXT}
-			rm $OUTDIR/${basename}_${samp}_Q95_${scale}.${EXT}
-		done
-	done
-
-	# Transforms
-	for samp in GRAY 420 422 444; do
-		runme $EXEDIR/jpegtran -flip horizontal -trim -outfile $OUTDIR/${basename}_${samp}_hflip_jpegtran.jpg $OUTDIR/${basename}_${samp}_Q95.jpg
-		runme $EXEDIR/jpegtran -flip vertical -trim -outfile $OUTDIR/${basename}_${samp}_vflip_jpegtran.jpg $OUTDIR/${basename}_${samp}_Q95.jpg
-		runme $EXEDIR/jpegtran -transpose -trim -outfile $OUTDIR/${basename}_${samp}_transpose_jpegtran.jpg $OUTDIR/${basename}_${samp}_Q95.jpg
-		runme $EXEDIR/jpegtran -transverse -trim -outfile $OUTDIR/${basename}_${samp}_transverse_jpegtran.jpg $OUTDIR/${basename}_${samp}_Q95.jpg
-		runme $EXEDIR/jpegtran -rotate 90 -trim -outfile $OUTDIR/${basename}_${samp}_rot90_jpegtran.jpg $OUTDIR/${basename}_${samp}_Q95.jpg
-		runme $EXEDIR/jpegtran -rotate 180 -trim -outfile $OUTDIR/${basename}_${samp}_rot180_jpegtran.jpg $OUTDIR/${basename}_${samp}_Q95.jpg
-		runme $EXEDIR/jpegtran -rotate 270 -trim -outfile $OUTDIR/${basename}_${samp}_rot270_jpegtran.jpg $OUTDIR/${basename}_${samp}_Q95.jpg
-	done
-	for xform in hflip vflip transpose transverse rot90 rot180 rot270; do
-		for samp in GRAY 444; do
-			runme $EXEDIR/djpeg -rgb $BMPARG -outfile $OUTDIR/${basename}_${samp}_${xform}_jpegtran.${EXT} $OUTDIR/${basename}_${samp}_${xform}_jpegtran.jpg
-			runme $EXEDIR/tjbench $OUTDIR/${basename}_${samp}_Q95.jpg $BMPARG -$xform -tile -quiet -benchtime 0.01 -warmup 0 $YUVARG $ALLOCARG $PROGARG
-			if [ $ALLOC = 1 ]; then
-				runme cmp $OUTDIR/${basename}_${samp}_Q95_full.${EXT} $OUTDIR/${basename}_${samp}_${xform}_jpegtran.${EXT}
-				rm $OUTDIR/${basename}_${samp}_Q95_full.${EXT}
-			else
-				for i in $OUTDIR/${basename}_${samp}_Q95_[0-9]*[0-9]x[0-9]*[0-9].${EXT} \
-					$OUTDIR/${basename}_${samp}_Q95_full.${EXT}; do
-					runme cmp $i $OUTDIR/${basename}_${samp}_${xform}_jpegtran.${EXT}
-					rm $i
-				done
-			fi
-		done
-		for samp in 420 422; do
-			runme $EXEDIR/djpeg -nosmooth -rgb $BMPARG -outfile $OUTDIR/${basename}_${samp}_${xform}_jpegtran.${EXT} $OUTDIR/${basename}_${samp}_${xform}_jpegtran.jpg
-			runme $EXEDIR/tjbench $OUTDIR/${basename}_${samp}_Q95.jpg $BMPARG -$xform -tile -quiet -benchtime 0.01 -warmup 0 -fastupsample $YUVARG $ALLOCARG $PROGARG
-			if [ $ALLOC = 1 ]; then
-				runme cmp $OUTDIR/${basename}_${samp}_Q95_full.${EXT} $OUTDIR/${basename}_${samp}_${xform}_jpegtran.${EXT}
-				rm $OUTDIR/${basename}_${samp}_Q95_full.${EXT}
-			else
-				for i in $OUTDIR/${basename}_${samp}_Q95_[0-9]*[0-9]x[0-9]*[0-9].${EXT} \
-					$OUTDIR/${basename}_${samp}_Q95_full.${EXT}; do
-					runme cmp $i $OUTDIR/${basename}_${samp}_${xform}_jpegtran.${EXT}
-					rm $i
-				done
-			fi
-		done
-	done
-
-	# Grayscale transform
-	for xform in hflip vflip transpose transverse rot90 rot180 rot270; do
-		for samp in GRAY 444 422 420; do
-			runme $EXEDIR/tjbench $OUTDIR/${basename}_${samp}_Q95.jpg $BMPARG -$xform -tile -quiet -benchtime 0.01 -warmup 0 -grayscale $YUVARG $ALLOCARG $PROGARG
-			if [ $ALLOC = 1 ]; then
-				runme cmp $OUTDIR/${basename}_${samp}_Q95_full.${EXT} $OUTDIR/${basename}_GRAY_${xform}_jpegtran.${EXT}
-				rm $OUTDIR/${basename}_${samp}_Q95_full.${EXT}
-			else
-				for i in $OUTDIR/${basename}_${samp}_Q95_[0-9]*[0-9]x[0-9]*[0-9].${EXT} \
-					$OUTDIR/${basename}_${samp}_Q95_full.${EXT}; do
-					runme cmp $i $OUTDIR/${basename}_GRAY_${xform}_jpegtran.${EXT}
-					rm $i
-				done
-			fi
-		done
-	done
-
-	# Transforms with scaling
-	for xform in hflip vflip transpose transverse rot90 rot180 rot270; do
-		for samp in GRAY 444 422 420; do
-			for scale in 2_1 15_8 7_4 13_8 3_2 11_8 5_4 9_8 7_8 3_4 5_8 1_2 3_8 1_4 1_8; do
-				scalearg=`echo $scale | sed 's/\_/\//g'`
-				runme $EXEDIR/djpeg -rgb -scale ${scalearg} $NSARG $BMPARG -outfile $OUTDIR/${basename}_${samp}_${xform}_${scale}_jpegtran.${EXT} $OUTDIR/${basename}_${samp}_${xform}_jpegtran.jpg
-				runme $EXEDIR/tjbench $OUTDIR/${basename}_${samp}_Q95.jpg $BMPARG -$xform -scale ${scalearg} -quiet -benchtime 0.01 -warmup 0 $YUVARG $ALLOCARG $PROGARG
-				runme cmp $OUTDIR/${basename}_${samp}_Q95_${scale}.${EXT} $OUTDIR/${basename}_${samp}_${xform}_${scale}_jpegtran.${EXT}
-				rm $OUTDIR/${basename}_${samp}_Q95_${scale}.${EXT}
-			done
-		done
-	done
-
-done
-
-echo SUCCESS!
diff --git a/3rdparty/libjpeg-turbo_2_1_0/tjbenchtest.java.in b/3rdparty/libjpeg-turbo_2_1_0/tjbenchtest.java.in
deleted file mode 100644
index 689561d..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/tjbenchtest.java.in
+++ /dev/null
@@ -1,215 +0,0 @@
-#!/bin/bash
-
-set -u
-set -e
-trap onexit INT
-trap onexit TERM
-trap onexit EXIT
-
-onexit()
-{
-	if [ -d $OUTDIR ]; then
-		rm -rf $OUTDIR
-	fi
-}
-
-runme()
-{
-	echo \*\*\* $*
-	"$@"
-}
-
-IMAGES="vgl_5674_0098.bmp vgl_6434_0018a.bmp vgl_6548_0026a.bmp nightshot_iso_100.bmp"
-IMGDIR=@CMAKE_CURRENT_SOURCE_DIR@/testimages
-OUTDIR=`mktemp -d /tmp/__tjbenchtest_java_output.XXXXXX`
-EXEDIR=@CMAKE_CURRENT_BINARY_DIR@
-JAVA="@Java_JAVA_EXECUTABLE@"
-JAVAARGS="-cp $EXEDIR/java/turbojpeg.jar -Djava.library.path=$EXEDIR"
-BMPARG=
-NSARG=
-YUVARG=
-PROGARG=
-
-if [ -d $OUTDIR ]; then
-	rm -rf $OUTDIR
-fi
-mkdir -p $OUTDIR
-
-while [ $# -gt 0 ]; do
-	case "$1" in
-	-yuv)
-		NSARG=-nosmooth
-		YUVARG=-yuv
-
-# NOTE: The combination of tjEncodeYUV*() and tjCompressFromYUV*() does not
-# always produce bitwise-identical results to tjCompress*() if subsampling is
-# enabled.  In both cases, if the image width or height are not evenly
-# divisible by the MCU width/height, then the bottom and/or right edge are
-# expanded.  However, the libjpeg code performs this expansion prior to
-# downsampling, and TurboJPEG performs it in tjCompressFromYUV*(), which is
-# after downsampling.  Thus, the two will agree only if the width/height along
-# each downsampled dimension is an odd number or is evenly divisible by the MCU
-# width/height.  This disagreement basically amounts to a round-off error, but
-# there is no easy way around it, so for now, we just test the only image that
-# works.  (NOTE: nightshot_iso_100 does not suffer from the above issue, but
-# it suffers from an unrelated problem whereby the combination of
-# tjDecompressToYUV*() and tjDecodeYUV*() do not produce bitwise-identical
-# results to tjDecompress*() if decompression scaling is enabled.  This latter
-# phenomenon is not yet fully understood but is also believed to be some sort
-# of round-off error.)
-		IMAGES="vgl_6548_0026a.bmp"
-		;;
-	-progressive)
-		PROGARG=-progressive
-		;;
-	esac
-	shift
-done
-
-exec >$EXEDIR/tjbenchtest-java$YUVARG$PROGARG.log
-
-# Standard tests
-for image in $IMAGES; do
-
-	cp $IMGDIR/$image $OUTDIR
-	basename=`basename $image .bmp`
-	runme $EXEDIR/cjpeg -quality 95 -dct fast $PROGARG -grayscale -outfile $OUTDIR/${basename}_GRAY_fast_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct fast $PROGARG -sample 2x2 -outfile $OUTDIR/${basename}_420_fast_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct fast $PROGARG -sample 2x1 -outfile $OUTDIR/${basename}_422_fast_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct fast $PROGARG -sample 1x1 -outfile $OUTDIR/${basename}_444_fast_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct int $PROGARG -grayscale -outfile $OUTDIR/${basename}_GRAY_accurate_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct int $PROGARG -sample 2x2 -outfile $OUTDIR/${basename}_420_accurate_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct int $PROGARG -sample 2x1 -outfile $OUTDIR/${basename}_422_accurate_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct int $PROGARG -sample 1x1 -outfile $OUTDIR/${basename}_444_accurate_cjpeg.jpg $IMGDIR/${basename}.bmp
-	for samp in GRAY 420 422 444; do
-		runme $EXEDIR/djpeg -rgb -bmp -outfile $OUTDIR/${basename}_${samp}_default_djpeg.bmp $OUTDIR/${basename}_${samp}_fast_cjpeg.jpg
-		runme $EXEDIR/djpeg -dct fast -rgb -bmp -outfile $OUTDIR/${basename}_${samp}_fast_djpeg.bmp $OUTDIR/${basename}_${samp}_fast_cjpeg.jpg
-		runme $EXEDIR/djpeg -dct int -rgb -bmp -outfile $OUTDIR/${basename}_${samp}_accurate_djpeg.bmp $OUTDIR/${basename}_${samp}_accurate_cjpeg.jpg
-	done
-	for samp in 420 422; do
-		runme $EXEDIR/djpeg -nosmooth -bmp -outfile $OUTDIR/${basename}_${samp}_default_nosmooth_djpeg.bmp $OUTDIR/${basename}_${samp}_fast_cjpeg.jpg
-		runme $EXEDIR/djpeg -dct fast -nosmooth -bmp -outfile $OUTDIR/${basename}_${samp}_fast_nosmooth_djpeg.bmp $OUTDIR/${basename}_${samp}_fast_cjpeg.jpg
-		runme $EXEDIR/djpeg -dct int -nosmooth -bmp -outfile $OUTDIR/${basename}_${samp}_accurate_nosmooth_djpeg.bmp $OUTDIR/${basename}_${samp}_accurate_cjpeg.jpg
-	done
-
-	# Compression
-	for dct in accurate fast; do
-		runme "$JAVA" $JAVAARGS TJBench $OUTDIR/$image 95 -rgb -quiet -benchtime 0.01 -warmup 0 -${dct}dct $YUVARG $PROGARG
-		for samp in GRAY 420 422 444; do
-			runme cmp $OUTDIR/${basename}_${samp}_Q95.jpg $OUTDIR/${basename}_${samp}_${dct}_cjpeg.jpg
-		done
-	done
-
-	for dct in fast accurate default; do
-		dctarg=-${dct}dct
-		if [ "${dct}" = "default" ]; then
-			dctarg=
-		fi
-
-		# Tiled compression & decompression
-		runme "$JAVA" $JAVAARGS TJBench $OUTDIR/$image 95 -rgb -tile -quiet -benchtime 0.01 -warmup 0 ${dctarg} $YUVARG $PROGARG
-		for samp in GRAY 444; do
-			for i in $OUTDIR/${basename}_${samp}_Q95_[0-9]*[0-9]x[0-9]*[0-9].bmp \
-				$OUTDIR/${basename}_${samp}_Q95_full.bmp; do
-				runme cmp -i 54:54 $i $OUTDIR/${basename}_${samp}_${dct}_djpeg.bmp
-				rm $i
-			done
-		done
-		runme "$JAVA" $JAVAARGS TJBench $OUTDIR/$image 95 -rgb -tile -quiet -benchtime 0.01 -warmup 0 -fastupsample ${dctarg} $YUVARG $PROGARG
-		for samp in 420 422; do
-			for i in $OUTDIR/${basename}_${samp}_Q95_[0-9]*[0-9]x[0-9]*[0-9].bmp \
-				$OUTDIR/${basename}_${samp}_Q95_full.bmp; do
-				runme cmp -i 54:54 $i $OUTDIR/${basename}_${samp}_${dct}_nosmooth_djpeg.bmp
-				rm $i
-			done
-		done
-
-		# Tiled decompression
-		for samp in GRAY 444; do
-			runme "$JAVA" $JAVAARGS TJBench $OUTDIR/${basename}_${samp}_Q95.jpg -tile -quiet -benchtime 0.01 -warmup 0 ${dctarg} $YUVARG $PROGARG
-			for i in $OUTDIR/${basename}_${samp}_Q95_[0-9]*[0-9]x[0-9]*[0-9].bmp \
-				$OUTDIR/${basename}_${samp}_Q95_full.bmp; do
-				runme cmp -i 54:54 $i $OUTDIR/${basename}_${samp}_${dct}_djpeg.bmp
-				rm $i
-			done
-		done
-		for samp in 420 422; do
-			runme "$JAVA" $JAVAARGS TJBench $OUTDIR/${basename}_${samp}_Q95.jpg -tile -quiet -benchtime 0.01 -warmup 0 -fastupsample ${dctarg} $YUVARG $PROGARG
-			for i in $OUTDIR/${basename}_${samp}_Q95_[0-9]*[0-9]x[0-9]*[0-9].bmp \
-				$OUTDIR/${basename}_${samp}_Q95_full.bmp; do
-				runme cmp $i -i 54:54 $OUTDIR/${basename}_${samp}_${dct}_nosmooth_djpeg.bmp
-				rm $i
-			done
-		done
-	done
-
-	# Scaled decompression
-	for scale in 2_1 15_8 7_4 13_8 3_2 11_8 5_4 9_8 7_8 3_4 5_8 1_2 3_8 1_4 1_8; do
-		scalearg=`echo $scale | sed 's/\_/\//g'`
-		for samp in GRAY 420 422 444; do
-			runme $EXEDIR/djpeg -rgb -scale ${scalearg} $NSARG -bmp -outfile $OUTDIR/${basename}_${samp}_${scale}_djpeg.bmp $OUTDIR/${basename}_${samp}_fast_cjpeg.jpg
-			runme "$JAVA" $JAVAARGS TJBench $OUTDIR/${basename}_${samp}_Q95.jpg -scale ${scalearg} -quiet -benchtime 0.01 -warmup 0 $YUVARG $PROGARG
-			runme cmp -i 54:54 $OUTDIR/${basename}_${samp}_Q95_${scale}.bmp $OUTDIR/${basename}_${samp}_${scale}_djpeg.bmp
-			rm $OUTDIR/${basename}_${samp}_Q95_${scale}.bmp
-		done
-	done
-
-	# Transforms
-	for samp in GRAY 420 422 444; do
-		runme $EXEDIR/jpegtran -flip horizontal -trim -outfile $OUTDIR/${basename}_${samp}_hflip_jpegtran.jpg $OUTDIR/${basename}_${samp}_Q95.jpg
-		runme $EXEDIR/jpegtran -flip vertical -trim -outfile $OUTDIR/${basename}_${samp}_vflip_jpegtran.jpg $OUTDIR/${basename}_${samp}_Q95.jpg
-		runme $EXEDIR/jpegtran -transpose -trim -outfile $OUTDIR/${basename}_${samp}_transpose_jpegtran.jpg $OUTDIR/${basename}_${samp}_Q95.jpg
-		runme $EXEDIR/jpegtran -transverse -trim -outfile $OUTDIR/${basename}_${samp}_transverse_jpegtran.jpg $OUTDIR/${basename}_${samp}_Q95.jpg
-		runme $EXEDIR/jpegtran -rotate 90 -trim -outfile $OUTDIR/${basename}_${samp}_rot90_jpegtran.jpg $OUTDIR/${basename}_${samp}_Q95.jpg
-		runme $EXEDIR/jpegtran -rotate 180 -trim -outfile $OUTDIR/${basename}_${samp}_rot180_jpegtran.jpg $OUTDIR/${basename}_${samp}_Q95.jpg
-		runme $EXEDIR/jpegtran -rotate 270 -trim -outfile $OUTDIR/${basename}_${samp}_rot270_jpegtran.jpg $OUTDIR/${basename}_${samp}_Q95.jpg
-	done
-	for xform in hflip vflip transpose transverse rot90 rot180 rot270; do
-		for samp in GRAY 444; do
-			runme $EXEDIR/djpeg -rgb -bmp -outfile $OUTDIR/${basename}_${samp}_${xform}_jpegtran.bmp $OUTDIR/${basename}_${samp}_${xform}_jpegtran.jpg
-			runme "$JAVA" $JAVAARGS TJBench $OUTDIR/${basename}_${samp}_Q95.jpg -$xform -tile -quiet -benchtime 0.01 -warmup 0 $YUVARG $PROGARG
-			for i in $OUTDIR/${basename}_${samp}_Q95_[0-9]*[0-9]x[0-9]*[0-9].bmp \
-				$OUTDIR/${basename}_${samp}_Q95_full.bmp; do
-				runme cmp -i 54:54 $i $OUTDIR/${basename}_${samp}_${xform}_jpegtran.bmp
-				rm $i
-			done
-		done
-		for samp in 420 422; do
-			runme $EXEDIR/djpeg -nosmooth -rgb -bmp -outfile $OUTDIR/${basename}_${samp}_${xform}_jpegtran.bmp $OUTDIR/${basename}_${samp}_${xform}_jpegtran.jpg
-			runme "$JAVA" $JAVAARGS TJBench $OUTDIR/${basename}_${samp}_Q95.jpg -$xform -tile -quiet -benchtime 0.01 -warmup 0 -fastupsample $YUVARG $PROGARG
-			for i in $OUTDIR/${basename}_${samp}_Q95_[0-9]*[0-9]x[0-9]*[0-9].bmp \
-				$OUTDIR/${basename}_${samp}_Q95_full.bmp; do
-				runme cmp -i 54:54 $i $OUTDIR/${basename}_${samp}_${xform}_jpegtran.bmp
-				rm $i
-			done
-		done
-	done
-
-	# Grayscale transform
-	for xform in hflip vflip transpose transverse rot90 rot180 rot270; do
-		for samp in GRAY 444 422 420; do
-			runme "$JAVA" $JAVAARGS TJBench $OUTDIR/${basename}_${samp}_Q95.jpg -$xform -tile -quiet -benchtime 0.01 -warmup 0 -grayscale $YUVARG $PROGARG
-			for i in $OUTDIR/${basename}_${samp}_Q95_[0-9]*[0-9]x[0-9]*[0-9].bmp \
-				$OUTDIR/${basename}_${samp}_Q95_full.bmp; do
-				runme cmp -i 54:54 $i $OUTDIR/${basename}_GRAY_${xform}_jpegtran.bmp
-				rm $i
-			done
-		done
-	done
-
-	# Transforms with scaling
-	for xform in hflip vflip transpose transverse rot90 rot180 rot270; do
-		for samp in GRAY 444 422 420; do
-			for scale in 2_1 15_8 7_4 13_8 3_2 11_8 5_4 9_8 7_8 3_4 5_8 1_2 3_8 1_4 1_8; do
-				scalearg=`echo $scale | sed 's/\_/\//g'`
-				runme $EXEDIR/djpeg -rgb -scale ${scalearg} $NSARG -bmp -outfile $OUTDIR/${basename}_${samp}_${xform}_${scale}_jpegtran.bmp $OUTDIR/${basename}_${samp}_${xform}_jpegtran.jpg
-				runme "$JAVA" $JAVAARGS TJBench $OUTDIR/${basename}_${samp}_Q95.jpg -$xform -scale ${scalearg} -quiet -benchtime 0.01 -warmup 0 $YUVARG $PROGARG
-				runme cmp -i 54:54 $OUTDIR/${basename}_${samp}_Q95_${scale}.bmp $OUTDIR/${basename}_${samp}_${xform}_${scale}_jpegtran.bmp
-				rm $OUTDIR/${basename}_${samp}_Q95_${scale}.bmp
-			done
-		done
-	done
-
-done
-
-echo SUCCESS!
diff --git a/3rdparty/libjpeg-turbo_2_1_0/tjexample.c b/3rdparty/libjpeg-turbo_2_1_0/tjexample.c
deleted file mode 100644
index a9cd865..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/tjexample.c
+++ /dev/null
@@ -1,398 +0,0 @@
-/*
- * Copyright (C)2011-2012, 2014-2015, 2017, 2019, 2021 D. R. Commander.
- *                                                     All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-/*
- * This program demonstrates how to compress, decompress, and transform JPEG
- * images using the TurboJPEG C API
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <turbojpeg.h>
-
-
-#ifdef _WIN32
-#define strcasecmp  stricmp
-#define strncasecmp  strnicmp
-#endif
-
-#define THROW(action, message) { \
-  printf("ERROR in line %d while %s:\n%s\n", __LINE__, action, message); \
-  retval = -1;  goto bailout; \
-}
-
-#define THROW_TJ(action)  THROW(action, tjGetErrorStr2(tjInstance))
-
-#define THROW_UNIX(action)  THROW(action, strerror(errno))
-
-#define DEFAULT_SUBSAMP  TJSAMP_444
-#define DEFAULT_QUALITY  95
-
-
-const char *subsampName[TJ_NUMSAMP] = {
-  "4:4:4", "4:2:2", "4:2:0", "Grayscale", "4:4:0", "4:1:1"
-};
-
-const char *colorspaceName[TJ_NUMCS] = {
-  "RGB", "YCbCr", "GRAY", "CMYK", "YCCK"
-};
-
-tjscalingfactor *scalingFactors = NULL;
-int numScalingFactors = 0;
-
-
-/* DCT filter example.  This produces a negative of the image. */
-
-static int customFilter(short *coeffs, tjregion arrayRegion,
-                        tjregion planeRegion, int componentIndex,
-                        int transformIndex, tjtransform *transform)
-{
-  int i;
-
-  for (i = 0; i < arrayRegion.w * arrayRegion.h; i++)
-    coeffs[i] = -coeffs[i];
-
-  return 0;
-}
-
-
-static void usage(char *programName)
-{
-  int i;
-
-  printf("\nUSAGE: %s <Input image> <Output image> [options]\n\n",
-         programName);
-
-  printf("Input and output images can be in Windows BMP or PBMPLUS (PPM/PGM) format.  If\n");
-  printf("either filename ends in a .jpg extension, then the TurboJPEG API will be used\n");
-  printf("to compress or decompress the image.\n\n");
-
-  printf("Compression Options (used if the output image is a JPEG image)\n");
-  printf("--------------------------------------------------------------\n\n");
-
-  printf("-subsamp <444|422|420|gray> = Apply this level of chrominance subsampling when\n");
-  printf("     compressing the output image.  The default is to use the same level of\n");
-  printf("     subsampling as in the input image, if the input image is also a JPEG\n");
-  printf("     image, or to use grayscale if the input image is a grayscale non-JPEG\n");
-  printf("     image, or to use %s subsampling otherwise.\n\n",
-         subsampName[DEFAULT_SUBSAMP]);
-
-  printf("-q <1-100> = Compress the output image with this JPEG quality level\n");
-  printf("     (default = %d).\n\n", DEFAULT_QUALITY);
-
-  printf("Decompression Options (used if the input image is a JPEG image)\n");
-  printf("---------------------------------------------------------------\n\n");
-
-  printf("-scale M/N = Scale the input image by a factor of M/N when decompressing it.\n");
-  printf("(M/N = ");
-  for (i = 0; i < numScalingFactors; i++) {
-    printf("%d/%d", scalingFactors[i].num, scalingFactors[i].denom);
-    if (numScalingFactors == 2 && i != numScalingFactors - 1)
-      printf(" or ");
-    else if (numScalingFactors > 2) {
-      if (i != numScalingFactors - 1)
-        printf(", ");
-      if (i == numScalingFactors - 2)
-        printf("or ");
-    }
-  }
-  printf(")\n\n");
-
-  printf("-hflip, -vflip, -transpose, -transverse, -rot90, -rot180, -rot270 =\n");
-  printf("     Perform one of these lossless transform operations on the input image\n");
-  printf("     prior to decompressing it (these options are mutually exclusive.)\n\n");
-
-  printf("-grayscale = Perform lossless grayscale conversion on the input image prior\n");
-  printf("     to decompressing it (can be combined with the other transform operations\n");
-  printf("     above.)\n\n");
-
-  printf("-crop WxH+X+Y = Perform lossless cropping on the input image prior to\n");
-  printf("     decompressing it.  X and Y specify the upper left corner of the cropping\n");
-  printf("     region, and W and H specify the width and height of the cropping region.\n");
-  printf("     X and Y must be evenly divible by the MCU block size (8x8 if the input\n");
-  printf("     image was compressed using no subsampling or grayscale, 16x8 if it was\n");
-  printf("     compressed using 4:2:2 subsampling, or 16x16 if it was compressed using\n");
-  printf("     4:2:0 subsampling.)\n\n");
-
-  printf("General Options\n");
-  printf("---------------\n\n");
-
-  printf("-fastupsample = Use the fastest chrominance upsampling algorithm available in\n");
-  printf("     the underlying codec.\n\n");
-
-  printf("-fastdct = Use the fastest DCT/IDCT algorithms available in the underlying\n");
-  printf("     codec.\n\n");
-
-  printf("-accuratedct = Use the most accurate DCT/IDCT algorithms available in the\n");
-  printf("     underlying codec.\n\n");
-
-  exit(1);
-}
-
-
-int main(int argc, char **argv)
-{
-  tjscalingfactor scalingFactor = { 1, 1 };
-  int outSubsamp = -1, outQual = -1;
-  tjtransform xform;
-  int flags = 0;
-  int width, height;
-  char *inFormat, *outFormat;
-  FILE *jpegFile = NULL;
-  unsigned char *imgBuf = NULL, *jpegBuf = NULL;
-  int retval = 0, i, pixelFormat = TJPF_UNKNOWN;
-  tjhandle tjInstance = NULL;
-
-  if ((scalingFactors = tjGetScalingFactors(&numScalingFactors)) == NULL)
-    THROW_TJ("getting scaling factors");
-  memset(&xform, 0, sizeof(tjtransform));
-
-  if (argc < 3)
-    usage(argv[0]);
-
-  /* Parse arguments. */
-  for (i = 3; i < argc; i++) {
-    if (!strncasecmp(argv[i], "-sc", 3) && i < argc - 1) {
-      int match = 0, temp1 = 0, temp2 = 0, j;
-
-      if (sscanf(argv[++i], "%d/%d", &temp1, &temp2) < 2)
-        usage(argv[0]);
-      for (j = 0; j < numScalingFactors; j++) {
-        if ((double)temp1 / (double)temp2 == (double)scalingFactors[j].num /
-                                             (double)scalingFactors[j].denom) {
-          scalingFactor = scalingFactors[j];
-          match = 1;
-          break;
-        }
-      }
-      if (match != 1)
-        usage(argv[0]);
-    } else if (!strncasecmp(argv[i], "-su", 3) && i < argc - 1) {
-      i++;
-      if (!strncasecmp(argv[i], "g", 1))
-        outSubsamp = TJSAMP_GRAY;
-      else if (!strcasecmp(argv[i], "444"))
-        outSubsamp = TJSAMP_444;
-      else if (!strcasecmp(argv[i], "422"))
-        outSubsamp = TJSAMP_422;
-      else if (!strcasecmp(argv[i], "420"))
-        outSubsamp = TJSAMP_420;
-      else
-        usage(argv[0]);
-    } else if (!strncasecmp(argv[i], "-q", 2) && i < argc - 1) {
-      outQual = atoi(argv[++i]);
-      if (outQual < 1 || outQual > 100)
-        usage(argv[0]);
-    } else if (!strncasecmp(argv[i], "-g", 2))
-      xform.options |= TJXOPT_GRAY;
-    else if (!strcasecmp(argv[i], "-hflip"))
-      xform.op = TJXOP_HFLIP;
-    else if (!strcasecmp(argv[i], "-vflip"))
-      xform.op = TJXOP_VFLIP;
-    else if (!strcasecmp(argv[i], "-transpose"))
-      xform.op = TJXOP_TRANSPOSE;
-    else if (!strcasecmp(argv[i], "-transverse"))
-      xform.op = TJXOP_TRANSVERSE;
-    else if (!strcasecmp(argv[i], "-rot90"))
-      xform.op = TJXOP_ROT90;
-    else if (!strcasecmp(argv[i], "-rot180"))
-      xform.op = TJXOP_ROT180;
-    else if (!strcasecmp(argv[i], "-rot270"))
-      xform.op = TJXOP_ROT270;
-    else if (!strcasecmp(argv[i], "-custom"))
-      xform.customFilter = customFilter;
-    else if (!strncasecmp(argv[i], "-c", 2) && i < argc - 1) {
-      if (sscanf(argv[++i], "%dx%d+%d+%d", &xform.r.w, &xform.r.h, &xform.r.x,
-                 &xform.r.y) < 4 ||
-          xform.r.x < 0 || xform.r.y < 0 || xform.r.w < 1 || xform.r.h < 1)
-        usage(argv[0]);
-      xform.options |= TJXOPT_CROP;
-    } else if (!strcasecmp(argv[i], "-fastupsample")) {
-      printf("Using fast upsampling code\n");
-      flags |= TJFLAG_FASTUPSAMPLE;
-    } else if (!strcasecmp(argv[i], "-fastdct")) {
-      printf("Using fastest DCT/IDCT algorithm\n");
-      flags |= TJFLAG_FASTDCT;
-    } else if (!strcasecmp(argv[i], "-accuratedct")) {
-      printf("Using most accurate DCT/IDCT algorithm\n");
-      flags |= TJFLAG_ACCURATEDCT;
-    } else usage(argv[0]);
-  }
-
-  /* Determine input and output image formats based on file extensions. */
-  inFormat = strrchr(argv[1], '.');
-  outFormat = strrchr(argv[2], '.');
-  if (inFormat == NULL || outFormat == NULL || strlen(inFormat) < 2 ||
-      strlen(outFormat) < 2)
-    usage(argv[0]);
-  inFormat = &inFormat[1];
-  outFormat = &outFormat[1];
-
-  if (!strcasecmp(inFormat, "jpg")) {
-    /* Input image is a JPEG image.  Decompress and/or transform it. */
-    long size;
-    int inSubsamp, inColorspace;
-    int doTransform = (xform.op != TJXOP_NONE || xform.options != 0 ||
-                       xform.customFilter != NULL);
-    unsigned long jpegSize;
-
-    /* Read the JPEG file into memory. */
-    if ((jpegFile = fopen(argv[1], "rb")) == NULL)
-      THROW_UNIX("opening input file");
-    if (fseek(jpegFile, 0, SEEK_END) < 0 || ((size = ftell(jpegFile)) < 0) ||
-        fseek(jpegFile, 0, SEEK_SET) < 0)
-      THROW_UNIX("determining input file size");
-    if (size == 0)
-      THROW("determining input file size", "Input file contains no data");
-    jpegSize = (unsigned long)size;
-    if ((jpegBuf = (unsigned char *)tjAlloc(jpegSize)) == NULL)
-      THROW_UNIX("allocating JPEG buffer");
-    if (fread(jpegBuf, jpegSize, 1, jpegFile) < 1)
-      THROW_UNIX("reading input file");
-    fclose(jpegFile);  jpegFile = NULL;
-
-    if (doTransform) {
-      /* Transform it. */
-      unsigned char *dstBuf = NULL;  /* Dynamically allocate the JPEG buffer */
-      unsigned long dstSize = 0;
-
-      if ((tjInstance = tjInitTransform()) == NULL)
-        THROW_TJ("initializing transformer");
-      xform.options |= TJXOPT_TRIM;
-      if (tjTransform(tjInstance, jpegBuf, jpegSize, 1, &dstBuf, &dstSize,
-                      &xform, flags) < 0) {
-        tjFree(dstBuf);
-        THROW_TJ("transforming input image");
-      }
-      tjFree(jpegBuf);
-      jpegBuf = dstBuf;
-      jpegSize = dstSize;
-    } else {
-      if ((tjInstance = tjInitDecompress()) == NULL)
-        THROW_TJ("initializing decompressor");
-    }
-
-    if (tjDecompressHeader3(tjInstance, jpegBuf, jpegSize, &width, &height,
-                            &inSubsamp, &inColorspace) < 0)
-      THROW_TJ("reading JPEG header");
-
-    printf("%s Image:  %d x %d pixels, %s subsampling, %s colorspace\n",
-           (doTransform ? "Transformed" : "Input"), width, height,
-           subsampName[inSubsamp], colorspaceName[inColorspace]);
-
-    if (!strcasecmp(outFormat, "jpg") && doTransform &&
-        scalingFactor.num == 1 && scalingFactor.denom == 1 && outSubsamp < 0 &&
-        outQual < 0) {
-      /* Input image has been transformed, and no re-compression options
-         have been selected.  Write the transformed image to disk and exit. */
-      if ((jpegFile = fopen(argv[2], "wb")) == NULL)
-        THROW_UNIX("opening output file");
-      if (fwrite(jpegBuf, jpegSize, 1, jpegFile) < 1)
-        THROW_UNIX("writing output file");
-      fclose(jpegFile);  jpegFile = NULL;
-      goto bailout;
-    }
-
-    /* Scaling and/or a non-JPEG output image format and/or compression options
-       have been selected, so we need to decompress the input/transformed
-       image. */
-    width = TJSCALED(width, scalingFactor);
-    height = TJSCALED(height, scalingFactor);
-    if (outSubsamp < 0)
-      outSubsamp = inSubsamp;
-
-    pixelFormat = TJPF_BGRX;
-    if ((imgBuf = (unsigned char *)tjAlloc(width * height *
-                                           tjPixelSize[pixelFormat])) == NULL)
-      THROW_UNIX("allocating uncompressed image buffer");
-
-    if (tjDecompress2(tjInstance, jpegBuf, jpegSize, imgBuf, width, 0, height,
-                      pixelFormat, flags) < 0)
-      THROW_TJ("decompressing JPEG image");
-    tjFree(jpegBuf);  jpegBuf = NULL;
-    tjDestroy(tjInstance);  tjInstance = NULL;
-  } else {
-    /* Input image is not a JPEG image.  Load it into memory. */
-    if ((imgBuf = tjLoadImage(argv[1], &width, 1, &height, &pixelFormat,
-                              0)) == NULL)
-      THROW_TJ("loading input image");
-    if (outSubsamp < 0) {
-      if (pixelFormat == TJPF_GRAY)
-        outSubsamp = TJSAMP_GRAY;
-      else
-        outSubsamp = TJSAMP_444;
-    }
-    printf("Input Image:  %d x %d pixels\n", width, height);
-  }
-
-  printf("Output Image (%s):  %d x %d pixels", outFormat, width, height);
-
-  if (!strcasecmp(outFormat, "jpg")) {
-    /* Output image format is JPEG.  Compress the uncompressed image. */
-    unsigned long jpegSize = 0;
-
-    jpegBuf = NULL;  /* Dynamically allocate the JPEG buffer */
-
-    if (outQual < 0)
-      outQual = DEFAULT_QUALITY;
-    printf(", %s subsampling, quality = %d\n", subsampName[outSubsamp],
-           outQual);
-
-    if ((tjInstance = tjInitCompress()) == NULL)
-      THROW_TJ("initializing compressor");
-    if (tjCompress2(tjInstance, imgBuf, width, 0, height, pixelFormat,
-                    &jpegBuf, &jpegSize, outSubsamp, outQual, flags) < 0)
-      THROW_TJ("compressing image");
-    tjDestroy(tjInstance);  tjInstance = NULL;
-
-    /* Write the JPEG image to disk. */
-    if ((jpegFile = fopen(argv[2], "wb")) == NULL)
-      THROW_UNIX("opening output file");
-    if (fwrite(jpegBuf, jpegSize, 1, jpegFile) < 1)
-      THROW_UNIX("writing output file");
-    tjDestroy(tjInstance);  tjInstance = NULL;
-    fclose(jpegFile);  jpegFile = NULL;
-    tjFree(jpegBuf);  jpegBuf = NULL;
-  } else {
-    /* Output image format is not JPEG.  Save the uncompressed image
-       directly to disk. */
-    printf("\n");
-    if (tjSaveImage(argv[2], imgBuf, width, 0, height, pixelFormat, 0) < 0)
-      THROW_TJ("saving output image");
-  }
-
-bailout:
-  tjFree(imgBuf);
-  if (tjInstance) tjDestroy(tjInstance);
-  tjFree(jpegBuf);
-  if (jpegFile) fclose(jpegFile);
-  return retval;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/tjexampletest.in b/3rdparty/libjpeg-turbo_2_1_0/tjexampletest.in
deleted file mode 100644
index 0d3047e..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/tjexampletest.in
+++ /dev/null
@@ -1,149 +0,0 @@
-#!/bin/bash
-
-set -u
-set -e
-trap onexit INT
-trap onexit TERM
-trap onexit EXIT
-
-onexit()
-{
-	if [ -d $OUTDIR ]; then
-		rm -rf $OUTDIR
-	fi
-}
-
-runme()
-{
-	echo \*\*\* $*
-	$*
-}
-
-IMAGES="vgl_5674_0098.bmp vgl_6434_0018a.bmp vgl_6548_0026a.bmp nightshot_iso_100.bmp"
-IMGDIR=@CMAKE_CURRENT_SOURCE_DIR@/testimages
-OUTDIR=`mktemp -d /tmp/__tjexampletest_output.XXXXXX`
-EXEDIR=@CMAKE_CURRENT_BINARY_DIR@
-
-if [ -d $OUTDIR ]; then
-	rm -rf $OUTDIR
-fi
-mkdir -p $OUTDIR
-
-exec >$EXEDIR/tjexampletest.log
-
-for image in $IMAGES; do
-
-	cp $IMGDIR/$image $OUTDIR
-	basename=`basename $image .bmp`
-	runme $EXEDIR/cjpeg -quality 95 -dct fast -grayscale -outfile $OUTDIR/${basename}_GRAY_fast_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct fast -sample 2x2 -outfile $OUTDIR/${basename}_420_fast_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct fast -sample 2x1 -outfile $OUTDIR/${basename}_422_fast_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct fast -sample 1x1 -outfile $OUTDIR/${basename}_444_fast_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct int -grayscale -outfile $OUTDIR/${basename}_GRAY_accurate_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct int -sample 2x2 -outfile $OUTDIR/${basename}_420_accurate_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct int -sample 2x1 -outfile $OUTDIR/${basename}_422_accurate_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct int -sample 1x1 -outfile $OUTDIR/${basename}_444_accurate_cjpeg.jpg $IMGDIR/${basename}.bmp
-	for samp in GRAY 420 422 444; do
-		runme $EXEDIR/djpeg -rgb -bmp -outfile $OUTDIR/${basename}_${samp}_default_djpeg.bmp $OUTDIR/${basename}_${samp}_fast_cjpeg.jpg
-		runme $EXEDIR/djpeg -dct fast -rgb -bmp -outfile $OUTDIR/${basename}_${samp}_fast_djpeg.bmp $OUTDIR/${basename}_${samp}_fast_cjpeg.jpg
-		runme $EXEDIR/djpeg -dct int -rgb -bmp -outfile $OUTDIR/${basename}_${samp}_accurate_djpeg.bmp $OUTDIR/${basename}_${samp}_accurate_cjpeg.jpg
-	done
-	for samp in 420 422; do
-		runme $EXEDIR/djpeg -nosmooth -bmp -outfile $OUTDIR/${basename}_${samp}_default_nosmooth_djpeg.bmp $OUTDIR/${basename}_${samp}_fast_cjpeg.jpg
-		runme $EXEDIR/djpeg -dct fast -nosmooth -bmp -outfile $OUTDIR/${basename}_${samp}_fast_nosmooth_djpeg.bmp $OUTDIR/${basename}_${samp}_fast_cjpeg.jpg
-		runme $EXEDIR/djpeg -dct int -nosmooth -bmp -outfile $OUTDIR/${basename}_${samp}_accurate_nosmooth_djpeg.bmp $OUTDIR/${basename}_${samp}_accurate_cjpeg.jpg
-	done
-
-	# Compression
-	for dct in fast accurate; do
-		for samp in GRAY 420 422 444; do
-			runme $EXEDIR/tjexample $OUTDIR/$image $OUTDIR/${basename}_${samp}_${dct}.jpg -q 95 -subsamp ${samp} -${dct}dct
-			runme cmp $OUTDIR/${basename}_${samp}_${dct}.jpg $OUTDIR/${basename}_${samp}_${dct}_cjpeg.jpg
-		done
-	done
-
-	# Decompression
-	for dct in fast accurate default; do
-		srcdct=${dct}
-		dctarg=-${dct}dct
-		if [ "${dct}" = "default" ]; then
-			srcdct=fast
-			dctarg=
-		fi
-		for samp in GRAY 420 422 444; do
-			runme $EXEDIR/tjexample $OUTDIR/${basename}_${samp}_${srcdct}.jpg $OUTDIR/${basename}_${samp}_${dct}.bmp ${dctarg}
-			runme cmp -i 54:54 $OUTDIR/${basename}_${samp}_${dct}.bmp $OUTDIR/${basename}_${samp}_${dct}_djpeg.bmp
-			rm $OUTDIR/${basename}_${samp}_${dct}.bmp
-		done
-		for samp in 420 422; do
-			runme $EXEDIR/tjexample $OUTDIR/${basename}_${samp}_${srcdct}.jpg $OUTDIR/${basename}_${samp}_${dct}_nosmooth.bmp -fastupsample ${dctarg}
-			runme cmp -i 54:54 $OUTDIR/${basename}_${samp}_${dct}_nosmooth.bmp $OUTDIR/${basename}_${samp}_${dct}_nosmooth_djpeg.bmp
-			rm $OUTDIR/${basename}_${samp}_${dct}_nosmooth.bmp
-		done
-	done
-
-	# Scaled decompression
-	for scale in 2_1 15_8 7_4 13_8 3_2 11_8 5_4 9_8 7_8 3_4 5_8 1_2 3_8 1_4 1_8; do
-		scalearg=`echo $scale | sed 's/\_/\//g'`
-		for samp in GRAY 420 422 444; do
-			runme $EXEDIR/djpeg -rgb -bmp -scale ${scalearg} -outfile $OUTDIR/${basename}_${samp}_${scale}_djpeg.bmp $OUTDIR/${basename}_${samp}_fast_cjpeg.jpg
-			runme $EXEDIR/tjexample $OUTDIR/${basename}_${samp}_fast.jpg $OUTDIR/${basename}_${samp}_${scale}.bmp -scale ${scalearg}
-			runme cmp -i 54:54 $OUTDIR/${basename}_${samp}_${scale}.bmp $OUTDIR/${basename}_${samp}_${scale}_djpeg.bmp
-			rm $OUTDIR/${basename}_${samp}_${scale}.bmp
-		done
-	done
-
-	# Transforms
-	for samp in GRAY 420 422 444; do
-		runme $EXEDIR/jpegtran -crop 70x60+16+16 -flip horizontal -trim -outfile $OUTDIR/${basename}_${samp}_hflip_jpegtran.jpg $OUTDIR/${basename}_${samp}_fast.jpg
-		runme $EXEDIR/jpegtran -crop 70x60+16+16 -flip vertical -trim -outfile $OUTDIR/${basename}_${samp}_vflip_jpegtran.jpg $OUTDIR/${basename}_${samp}_fast.jpg
-		runme $EXEDIR/jpegtran -crop 70x60+16+16 -transpose -trim -outfile $OUTDIR/${basename}_${samp}_transpose_jpegtran.jpg $OUTDIR/${basename}_${samp}_fast.jpg
-		runme $EXEDIR/jpegtran -crop 70x60+16+16 -transverse -trim -outfile $OUTDIR/${basename}_${samp}_transverse_jpegtran.jpg $OUTDIR/${basename}_${samp}_fast.jpg
-		runme $EXEDIR/jpegtran -crop 70x60+16+16 -rotate 90 -trim -outfile $OUTDIR/${basename}_${samp}_rot90_jpegtran.jpg $OUTDIR/${basename}_${samp}_fast.jpg
-		runme $EXEDIR/jpegtran -crop 70x60+16+16 -rotate 180 -trim -outfile $OUTDIR/${basename}_${samp}_rot180_jpegtran.jpg $OUTDIR/${basename}_${samp}_fast.jpg
-		runme $EXEDIR/jpegtran -crop 70x60+16+16 -rotate 270 -trim -outfile $OUTDIR/${basename}_${samp}_rot270_jpegtran.jpg $OUTDIR/${basename}_${samp}_fast.jpg
-	done
-	for xform in hflip vflip transpose transverse rot90 rot180 rot270; do
-		for samp in GRAY 420 422 444; do
-			runme $EXEDIR/tjexample $OUTDIR/${basename}_${samp}_fast.jpg $OUTDIR/${basename}_${samp}_${xform}.jpg -$xform -crop 70x60+16+16
-			runme cmp $OUTDIR/${basename}_${samp}_${xform}.jpg $OUTDIR/${basename}_${samp}_${xform}_jpegtran.jpg
-			runme $EXEDIR/djpeg -rgb -bmp -outfile $OUTDIR/${basename}_${samp}_${xform}_jpegtran.bmp $OUTDIR/${basename}_${samp}_${xform}_jpegtran.jpg
-			runme $EXEDIR/tjexample $OUTDIR/${basename}_${samp}_fast.jpg $OUTDIR/${basename}_${samp}_${xform}.bmp -$xform -crop 70x60+16+16
-			runme cmp -i 54:54 $OUTDIR/${basename}_${samp}_${xform}.bmp $OUTDIR/${basename}_${samp}_${xform}_jpegtran.bmp
-			rm $OUTDIR/${basename}_${samp}_${xform}.bmp
-		done
-		for samp in 420 422; do
-			runme $EXEDIR/djpeg -nosmooth -rgb -bmp -outfile $OUTDIR/${basename}_${samp}_${xform}_jpegtran.bmp $OUTDIR/${basename}_${samp}_${xform}_jpegtran.jpg
-			runme $EXEDIR/tjexample $OUTDIR/${basename}_${samp}_fast.jpg $OUTDIR/${basename}_${samp}_${xform}.bmp -$xform -crop 70x60+16+16 -fastupsample
-			runme cmp -i 54:54 $OUTDIR/${basename}_${samp}_${xform}.bmp $OUTDIR/${basename}_${samp}_${xform}_jpegtran.bmp
-			rm $OUTDIR/${basename}_${samp}_${xform}.bmp
-		done
-	done
-
-	# Grayscale transform
-	for xform in hflip vflip transpose transverse rot90 rot180 rot270; do
-		for samp in GRAY 444 422 420; do
-			runme $EXEDIR/tjexample $OUTDIR/${basename}_${samp}_fast.jpg $OUTDIR/${basename}_${samp}_${xform}.jpg -$xform -grayscale -crop 70x60+16+16
-			runme cmp $OUTDIR/${basename}_${samp}_${xform}.jpg $OUTDIR/${basename}_GRAY_${xform}_jpegtran.jpg
-			runme $EXEDIR/tjexample $OUTDIR/${basename}_${samp}_fast.jpg $OUTDIR/${basename}_${samp}_${xform}.bmp -$xform -grayscale -crop 70x60+16+16
-			runme cmp -i 54:54 $OUTDIR/${basename}_${samp}_${xform}.bmp $OUTDIR/${basename}_GRAY_${xform}_jpegtran.bmp
-			rm $OUTDIR/${basename}_${samp}_${xform}.bmp
-		done
-	done
-
-	# Transforms with scaling
-	for xform in hflip vflip transpose transverse rot90 rot180 rot270; do
-		for samp in GRAY 444 422 420; do
-			for scale in 2_1 15_8 7_4 13_8 3_2 11_8 5_4 9_8 7_8 3_4 5_8 1_2 3_8 1_4 1_8; do
-				scalearg=`echo $scale | sed 's/\_/\//g'`
-				runme $EXEDIR/djpeg -rgb -bmp -scale ${scalearg} -outfile $OUTDIR/${basename}_${samp}_${xform}_${scale}_jpegtran.bmp $OUTDIR/${basename}_${samp}_${xform}_jpegtran.jpg
-				runme $EXEDIR/tjexample $OUTDIR/${basename}_${samp}_fast.jpg $OUTDIR/${basename}_${samp}_${xform}_${scale}.bmp -$xform -scale ${scalearg} -crop 70x60+16+16
-				runme cmp -i 54:54 $OUTDIR/${basename}_${samp}_${xform}_${scale}.bmp $OUTDIR/${basename}_${samp}_${xform}_${scale}_jpegtran.bmp
-				rm $OUTDIR/${basename}_${samp}_${xform}_${scale}.bmp
-			done
-		done
-	done
-
-done
-
-echo SUCCESS!
diff --git a/3rdparty/libjpeg-turbo_2_1_0/tjexampletest.java.in b/3rdparty/libjpeg-turbo_2_1_0/tjexampletest.java.in
deleted file mode 100644
index d4b63bc..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/tjexampletest.java.in
+++ /dev/null
@@ -1,151 +0,0 @@
-#!/bin/bash
-
-set -u
-set -e
-trap onexit INT
-trap onexit TERM
-trap onexit EXIT
-
-onexit()
-{
-	if [ -d $OUTDIR ]; then
-		rm -rf $OUTDIR
-	fi
-}
-
-runme()
-{
-	echo \*\*\* $*
-	"$@"
-}
-
-IMAGES="vgl_5674_0098.bmp vgl_6434_0018a.bmp vgl_6548_0026a.bmp nightshot_iso_100.bmp"
-IMGDIR=@CMAKE_CURRENT_SOURCE_DIR@/testimages
-OUTDIR=`mktemp -d /tmp/__tjexampletest_java_output.XXXXXX`
-EXEDIR=@CMAKE_CURRENT_BINARY_DIR@
-JAVA="@Java_JAVA_EXECUTABLE@"
-JAVAARGS="-cp $EXEDIR/java/turbojpeg.jar -Djava.library.path=$EXEDIR"
-
-if [ -d $OUTDIR ]; then
-	rm -rf $OUTDIR
-fi
-mkdir -p $OUTDIR
-
-exec >$EXEDIR/tjexampletest-java.log
-
-for image in $IMAGES; do
-
-	cp $IMGDIR/$image $OUTDIR
-	basename=`basename $image .bmp`
-	runme $EXEDIR/cjpeg -quality 95 -dct fast -grayscale -outfile $OUTDIR/${basename}_GRAY_fast_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct fast -sample 2x2 -outfile $OUTDIR/${basename}_420_fast_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct fast -sample 2x1 -outfile $OUTDIR/${basename}_422_fast_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct fast -sample 1x1 -outfile $OUTDIR/${basename}_444_fast_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct int -grayscale -outfile $OUTDIR/${basename}_GRAY_accurate_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct int -sample 2x2 -outfile $OUTDIR/${basename}_420_accurate_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct int -sample 2x1 -outfile $OUTDIR/${basename}_422_accurate_cjpeg.jpg $IMGDIR/${basename}.bmp
-	runme $EXEDIR/cjpeg -quality 95 -dct int -sample 1x1 -outfile $OUTDIR/${basename}_444_accurate_cjpeg.jpg $IMGDIR/${basename}.bmp
-	for samp in GRAY 420 422 444; do
-		runme $EXEDIR/djpeg -rgb -bmp -outfile $OUTDIR/${basename}_${samp}_default_djpeg.bmp $OUTDIR/${basename}_${samp}_fast_cjpeg.jpg
-		runme $EXEDIR/djpeg -dct fast -rgb -bmp -outfile $OUTDIR/${basename}_${samp}_fast_djpeg.bmp $OUTDIR/${basename}_${samp}_fast_cjpeg.jpg
-		runme $EXEDIR/djpeg -dct int -rgb -bmp -outfile $OUTDIR/${basename}_${samp}_accurate_djpeg.bmp $OUTDIR/${basename}_${samp}_accurate_cjpeg.jpg
-	done
-	for samp in 420 422; do
-		runme $EXEDIR/djpeg -nosmooth -bmp -outfile $OUTDIR/${basename}_${samp}_default_nosmooth_djpeg.bmp $OUTDIR/${basename}_${samp}_fast_cjpeg.jpg
-		runme $EXEDIR/djpeg -dct fast -nosmooth -bmp -outfile $OUTDIR/${basename}_${samp}_fast_nosmooth_djpeg.bmp $OUTDIR/${basename}_${samp}_fast_cjpeg.jpg
-		runme $EXEDIR/djpeg -dct int -nosmooth -bmp -outfile $OUTDIR/${basename}_${samp}_accurate_nosmooth_djpeg.bmp $OUTDIR/${basename}_${samp}_accurate_cjpeg.jpg
-	done
-
-	# Compression
-	for dct in fast accurate; do
-		for samp in GRAY 420 422 444; do
-			runme "$JAVA" $JAVAARGS TJExample $OUTDIR/$image $OUTDIR/${basename}_${samp}_${dct}.jpg -q 95 -subsamp ${samp} -${dct}dct
-			runme cmp $OUTDIR/${basename}_${samp}_${dct}.jpg $OUTDIR/${basename}_${samp}_${dct}_cjpeg.jpg
-		done
-	done
-
-	# Decompression
-	for dct in fast accurate default; do
-		srcdct=${dct}
-		dctarg=-${dct}dct
-		if [ "${dct}" = "default" ]; then
-			srcdct=fast
-			dctarg=
-		fi
-		for samp in GRAY 420 422 444; do
-			runme "$JAVA" $JAVAARGS TJExample $OUTDIR/${basename}_${samp}_${srcdct}.jpg $OUTDIR/${basename}_${samp}_${dct}.bmp ${dctarg}
-			runme cmp -i 54:54 $OUTDIR/${basename}_${samp}_${dct}.bmp $OUTDIR/${basename}_${samp}_${dct}_djpeg.bmp
-			rm $OUTDIR/${basename}_${samp}_${dct}.bmp
-		done
-		for samp in 420 422; do
-			runme "$JAVA" $JAVAARGS TJExample $OUTDIR/${basename}_${samp}_${srcdct}.jpg $OUTDIR/${basename}_${samp}_${dct}_nosmooth.bmp -fastupsample ${dctarg}
-			runme cmp -i 54:54 $OUTDIR/${basename}_${samp}_${dct}_nosmooth.bmp $OUTDIR/${basename}_${samp}_${dct}_nosmooth_djpeg.bmp
-			rm $OUTDIR/${basename}_${samp}_${dct}_nosmooth.bmp
-		done
-	done
-
-	# Scaled decompression
-	for scale in 2_1 15_8 7_4 13_8 3_2 11_8 5_4 9_8 7_8 3_4 5_8 1_2 3_8 1_4 1_8; do
-		scalearg=`echo $scale | sed 's/\_/\//g'`
-		for samp in GRAY 420 422 444; do
-			runme $EXEDIR/djpeg -rgb -bmp -scale ${scalearg} -outfile $OUTDIR/${basename}_${samp}_${scale}_djpeg.bmp $OUTDIR/${basename}_${samp}_fast_cjpeg.jpg
-			runme "$JAVA" $JAVAARGS TJExample $OUTDIR/${basename}_${samp}_fast.jpg $OUTDIR/${basename}_${samp}_${scale}.bmp -scale ${scalearg}
-			runme cmp -i 54:54 $OUTDIR/${basename}_${samp}_${scale}.bmp $OUTDIR/${basename}_${samp}_${scale}_djpeg.bmp
-			rm $OUTDIR/${basename}_${samp}_${scale}.bmp
-		done
-	done
-
-	# Transforms
-	for samp in GRAY 420 422 444; do
-		runme $EXEDIR/jpegtran -crop 70x60+16+16 -flip horizontal -trim -outfile $OUTDIR/${basename}_${samp}_hflip_jpegtran.jpg $OUTDIR/${basename}_${samp}_fast.jpg
-		runme $EXEDIR/jpegtran -crop 70x60+16+16 -flip vertical -trim -outfile $OUTDIR/${basename}_${samp}_vflip_jpegtran.jpg $OUTDIR/${basename}_${samp}_fast.jpg
-		runme $EXEDIR/jpegtran -crop 70x60+16+16 -transpose -trim -outfile $OUTDIR/${basename}_${samp}_transpose_jpegtran.jpg $OUTDIR/${basename}_${samp}_fast.jpg
-		runme $EXEDIR/jpegtran -crop 70x60+16+16 -transverse -trim -outfile $OUTDIR/${basename}_${samp}_transverse_jpegtran.jpg $OUTDIR/${basename}_${samp}_fast.jpg
-		runme $EXEDIR/jpegtran -crop 70x60+16+16 -rotate 90 -trim -outfile $OUTDIR/${basename}_${samp}_rot90_jpegtran.jpg $OUTDIR/${basename}_${samp}_fast.jpg
-		runme $EXEDIR/jpegtran -crop 70x60+16+16 -rotate 180 -trim -outfile $OUTDIR/${basename}_${samp}_rot180_jpegtran.jpg $OUTDIR/${basename}_${samp}_fast.jpg
-		runme $EXEDIR/jpegtran -crop 70x60+16+16 -rotate 270 -trim -outfile $OUTDIR/${basename}_${samp}_rot270_jpegtran.jpg $OUTDIR/${basename}_${samp}_fast.jpg
-	done
-	for xform in hflip vflip transpose transverse rot90 rot180 rot270; do
-		for samp in GRAY 420 422 444; do
-			runme "$JAVA" $JAVAARGS TJExample $OUTDIR/${basename}_${samp}_fast.jpg $OUTDIR/${basename}_${samp}_${xform}.jpg -$xform -crop 70x60+16+16
-			runme cmp $OUTDIR/${basename}_${samp}_${xform}.jpg $OUTDIR/${basename}_${samp}_${xform}_jpegtran.jpg
-			runme $EXEDIR/djpeg -rgb -bmp -outfile $OUTDIR/${basename}_${samp}_${xform}_jpegtran.bmp $OUTDIR/${basename}_${samp}_${xform}_jpegtran.jpg
-			runme "$JAVA" $JAVAARGS TJExample $OUTDIR/${basename}_${samp}_fast.jpg $OUTDIR/${basename}_${samp}_${xform}.bmp -$xform -crop 70x60+16+16
-			runme cmp -i 54:54 $OUTDIR/${basename}_${samp}_${xform}.bmp $OUTDIR/${basename}_${samp}_${xform}_jpegtran.bmp
-			rm $OUTDIR/${basename}_${samp}_${xform}.bmp
-		done
-		for samp in 420 422; do
-			runme $EXEDIR/djpeg -nosmooth -rgb -bmp -outfile $OUTDIR/${basename}_${samp}_${xform}_jpegtran.bmp $OUTDIR/${basename}_${samp}_${xform}_jpegtran.jpg
-			runme "$JAVA" $JAVAARGS TJExample $OUTDIR/${basename}_${samp}_fast.jpg $OUTDIR/${basename}_${samp}_${xform}.bmp -$xform -crop 70x60+16+16 -fastupsample
-			runme cmp -i 54:54 $OUTDIR/${basename}_${samp}_${xform}.bmp $OUTDIR/${basename}_${samp}_${xform}_jpegtran.bmp
-			rm $OUTDIR/${basename}_${samp}_${xform}.bmp
-		done
-	done
-
-	# Grayscale transform
-	for xform in hflip vflip transpose transverse rot90 rot180 rot270; do
-		for samp in GRAY 444 422 420; do
-			runme "$JAVA" $JAVAARGS TJExample $OUTDIR/${basename}_${samp}_fast.jpg $OUTDIR/${basename}_${samp}_${xform}.jpg -$xform -grayscale -crop 70x60+16+16
-			runme cmp $OUTDIR/${basename}_${samp}_${xform}.jpg $OUTDIR/${basename}_GRAY_${xform}_jpegtran.jpg
-			runme "$JAVA" $JAVAARGS TJExample $OUTDIR/${basename}_${samp}_fast.jpg $OUTDIR/${basename}_${samp}_${xform}.bmp -$xform -grayscale -crop 70x60+16+16
-			runme cmp -i 54:54 $OUTDIR/${basename}_${samp}_${xform}.bmp $OUTDIR/${basename}_GRAY_${xform}_jpegtran.bmp
-			rm $OUTDIR/${basename}_${samp}_${xform}.bmp
-		done
-	done
-
-	# Transforms with scaling
-	for xform in hflip vflip transpose transverse rot90 rot180 rot270; do
-		for samp in GRAY 444 422 420; do
-			for scale in 2_1 15_8 7_4 13_8 3_2 11_8 5_4 9_8 7_8 3_4 5_8 1_2 3_8 1_4 1_8; do
-				scalearg=`echo $scale | sed 's/\_/\//g'`
-				runme $EXEDIR/djpeg -rgb -bmp -scale ${scalearg} -outfile $OUTDIR/${basename}_${samp}_${xform}_${scale}_jpegtran.bmp $OUTDIR/${basename}_${samp}_${xform}_jpegtran.jpg
-				runme "$JAVA" $JAVAARGS TJExample $OUTDIR/${basename}_${samp}_fast.jpg $OUTDIR/${basename}_${samp}_${xform}_${scale}.bmp -$xform -scale ${scalearg} -crop 70x60+16+16
-				runme cmp -i 54:54 $OUTDIR/${basename}_${samp}_${xform}_${scale}.bmp $OUTDIR/${basename}_${samp}_${xform}_${scale}_jpegtran.bmp
-				rm $OUTDIR/${basename}_${samp}_${xform}_${scale}.bmp
-			done
-		done
-	done
-
-done
-
-echo SUCCESS!
diff --git a/3rdparty/libjpeg-turbo_2_1_0/tjunittest.c b/3rdparty/libjpeg-turbo_2_1_0/tjunittest.c
deleted file mode 100644
index f59939f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/tjunittest.c
+++ /dev/null
@@ -1,931 +0,0 @@
-/*
- * Copyright (C)2009-2014, 2017-2019 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-/*
- * This program tests the various code paths in the TurboJPEG C Wrapper
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include "tjutil.h"
-#include "turbojpeg.h"
-#include "md5/md5.h"
-#include "cmyk.h"
-#ifdef _WIN32
-#include <time.h>
-#define random()  rand()
-#else
-#include <unistd.h>
-#endif
-
-
-static void usage(char *progName)
-{
-  printf("\nUSAGE: %s [options]\n\n", progName);
-  printf("Options:\n");
-  printf("-yuv = test YUV encoding/decoding support\n");
-  printf("-noyuvpad = do not pad each line of each Y, U, and V plane to the nearest\n");
-  printf("            4-byte boundary\n");
-  printf("-alloc = test automatic buffer allocation\n");
-  printf("-bmp = tjLoadImage()/tjSaveImage() unit test\n\n");
-  exit(1);
-}
-
-
-#define THROW_TJ() { \
-  printf("TurboJPEG ERROR:\n%s\n", tjGetErrorStr()); \
-  BAILOUT() \
-}
-#define TRY_TJ(f) { if ((f) == -1) THROW_TJ(); }
-#define THROW(m) { printf("ERROR: %s\n", m);  BAILOUT() }
-#define THROW_MD5(filename, md5sum, ref) { \
-  printf("\n%s has an MD5 sum of %s.\n   Should be %s.\n", filename, md5sum, \
-         ref); \
-  BAILOUT() \
-}
-
-const char *subNameLong[TJ_NUMSAMP] = {
-  "4:4:4", "4:2:2", "4:2:0", "GRAY", "4:4:0", "4:1:1"
-};
-const char *subName[TJ_NUMSAMP] = {
-  "444", "422", "420", "GRAY", "440", "411"
-};
-
-const char *pixFormatStr[TJ_NUMPF] = {
-  "RGB", "BGR", "RGBX", "BGRX", "XBGR", "XRGB", "Grayscale",
-  "RGBA", "BGRA", "ABGR", "ARGB", "CMYK"
-};
-
-const int _3byteFormats[] = { TJPF_RGB, TJPF_BGR };
-const int _4byteFormats[] = {
-  TJPF_RGBX, TJPF_BGRX, TJPF_XBGR, TJPF_XRGB, TJPF_CMYK
-};
-const int _onlyGray[] = { TJPF_GRAY };
-const int _onlyRGB[] = { TJPF_RGB };
-
-int doYUV = 0, alloc = 0, pad = 4;
-
-int exitStatus = 0;
-#define BAILOUT() { exitStatus = -1;  goto bailout; }
-
-
-static void initBuf(unsigned char *buf, int w, int h, int pf, int flags)
-{
-  int roffset = tjRedOffset[pf];
-  int goffset = tjGreenOffset[pf];
-  int boffset = tjBlueOffset[pf];
-  int ps = tjPixelSize[pf];
-  int index, row, col, halfway = 16;
-
-  if (pf == TJPF_GRAY) {
-    memset(buf, 0, w * h * ps);
-    for (row = 0; row < h; row++) {
-      for (col = 0; col < w; col++) {
-        if (flags & TJFLAG_BOTTOMUP) index = (h - row - 1) * w + col;
-        else index = row * w + col;
-        if (((row / 8) + (col / 8)) % 2 == 0)
-          buf[index] = (row < halfway) ? 255 : 0;
-        else buf[index] = (row < halfway) ? 76 : 226;
-      }
-    }
-  } else if (pf == TJPF_CMYK) {
-    memset(buf, 255, w * h * ps);
-    for (row = 0; row < h; row++) {
-      for (col = 0; col < w; col++) {
-        if (flags & TJFLAG_BOTTOMUP) index = (h - row - 1) * w + col;
-        else index = row * w + col;
-        if (((row / 8) + (col / 8)) % 2 == 0) {
-          if (row >= halfway) buf[index * ps + 3] = 0;
-        } else {
-          buf[index * ps + 2] = 0;
-          if (row < halfway) buf[index * ps + 1] = 0;
-        }
-      }
-    }
-  } else {
-    memset(buf, 0, w * h * ps);
-    for (row = 0; row < h; row++) {
-      for (col = 0; col < w; col++) {
-        if (flags & TJFLAG_BOTTOMUP) index = (h - row - 1) * w + col;
-        else index = row * w + col;
-        if (((row / 8) + (col / 8)) % 2 == 0) {
-          if (row < halfway) {
-            buf[index * ps + roffset] = 255;
-            buf[index * ps + goffset] = 255;
-            buf[index * ps + boffset] = 255;
-          }
-        } else {
-          buf[index * ps + roffset] = 255;
-          if (row >= halfway) buf[index * ps + goffset] = 255;
-        }
-      }
-    }
-  }
-}
-
-
-#define CHECKVAL(v, cv) { \
-  if (v < cv - 1 || v > cv + 1) { \
-    printf("\nComp. %s at %d,%d should be %d, not %d\n", #v, row, col, cv, \
-           v); \
-    retval = 0;  exitStatus = -1;  goto bailout; \
-  } \
-}
-
-#define CHECKVAL0(v) { \
-  if (v > 1) { \
-    printf("\nComp. %s at %d,%d should be 0, not %d\n", #v, row, col, v); \
-    retval = 0;  exitStatus = -1;  goto bailout; \
-  } \
-}
-
-#define CHECKVAL255(v) { \
-  if (v < 254) { \
-    printf("\nComp. %s at %d,%d should be 255, not %d\n", #v, row, col, v); \
-    retval = 0;  exitStatus = -1;  goto bailout; \
-  } \
-}
-
-
-static int checkBuf(unsigned char *buf, int w, int h, int pf, int subsamp,
-                    tjscalingfactor sf, int flags)
-{
-  int roffset = tjRedOffset[pf];
-  int goffset = tjGreenOffset[pf];
-  int boffset = tjBlueOffset[pf];
-  int aoffset = tjAlphaOffset[pf];
-  int ps = tjPixelSize[pf];
-  int index, row, col, retval = 1;
-  int halfway = 16 * sf.num / sf.denom;
-  int blocksize = 8 * sf.num / sf.denom;
-
-  if (pf == TJPF_GRAY) roffset = goffset = boffset = 0;
-
-  if (pf == TJPF_CMYK) {
-    for (row = 0; row < h; row++) {
-      for (col = 0; col < w; col++) {
-        unsigned char c, m, y, k;
-
-        if (flags & TJFLAG_BOTTOMUP) index = (h - row - 1) * w + col;
-        else index = row * w + col;
-        c = buf[index * ps];
-        m = buf[index * ps + 1];
-        y = buf[index * ps + 2];
-        k = buf[index * ps + 3];
-        if (((row / blocksize) + (col / blocksize)) % 2 == 0) {
-          CHECKVAL255(c);  CHECKVAL255(m);  CHECKVAL255(y);
-          if (row < halfway) CHECKVAL255(k)
-          else CHECKVAL0(k)
-        } else {
-          CHECKVAL255(c);  CHECKVAL0(y);  CHECKVAL255(k);
-          if (row < halfway) CHECKVAL0(m)
-          else CHECKVAL255(m)
-        }
-      }
-    }
-    return 1;
-  }
-
-  for (row = 0; row < h; row++) {
-    for (col = 0; col < w; col++) {
-      unsigned char r, g, b, a;
-
-      if (flags & TJFLAG_BOTTOMUP) index = (h - row - 1) * w + col;
-      else index = row * w + col;
-      r = buf[index * ps + roffset];
-      g = buf[index * ps + goffset];
-      b = buf[index * ps + boffset];
-      a = aoffset >= 0 ? buf[index * ps + aoffset] : 0xFF;
-      if (((row / blocksize) + (col / blocksize)) % 2 == 0) {
-        if (row < halfway) {
-          CHECKVAL255(r);  CHECKVAL255(g);  CHECKVAL255(b);
-        } else {
-          CHECKVAL0(r);  CHECKVAL0(g);  CHECKVAL0(b);
-        }
-      } else {
-        if (subsamp == TJSAMP_GRAY) {
-          if (row < halfway) {
-            CHECKVAL(r, 76);  CHECKVAL(g, 76);  CHECKVAL(b, 76);
-          } else {
-            CHECKVAL(r, 226);  CHECKVAL(g, 226);  CHECKVAL(b, 226);
-          }
-        } else {
-          if (row < halfway) {
-            CHECKVAL255(r);  CHECKVAL0(g);  CHECKVAL0(b);
-          } else {
-            CHECKVAL255(r);  CHECKVAL255(g);  CHECKVAL0(b);
-          }
-        }
-      }
-      CHECKVAL255(a);
-    }
-  }
-
-bailout:
-  if (retval == 0) {
-    for (row = 0; row < h; row++) {
-      for (col = 0; col < w; col++) {
-        if (pf == TJPF_CMYK)
-          printf("%.3d/%.3d/%.3d/%.3d ", buf[(row * w + col) * ps],
-                 buf[(row * w + col) * ps + 1], buf[(row * w + col) * ps + 2],
-                 buf[(row * w + col) * ps + 3]);
-        else
-          printf("%.3d/%.3d/%.3d ", buf[(row * w + col) * ps + roffset],
-                 buf[(row * w + col) * ps + goffset],
-                 buf[(row * w + col) * ps + boffset]);
-      }
-      printf("\n");
-    }
-  }
-  return retval;
-}
-
-
-#define PAD(v, p)  ((v + (p) - 1) & (~((p) - 1)))
-
-static int checkBufYUV(unsigned char *buf, int w, int h, int subsamp,
-                       tjscalingfactor sf)
-{
-  int row, col;
-  int hsf = tjMCUWidth[subsamp] / 8, vsf = tjMCUHeight[subsamp] / 8;
-  int pw = PAD(w, hsf), ph = PAD(h, vsf);
-  int cw = pw / hsf, ch = ph / vsf;
-  int ypitch = PAD(pw, pad), uvpitch = PAD(cw, pad);
-  int retval = 1;
-  int halfway = 16 * sf.num / sf.denom;
-  int blocksize = 8 * sf.num / sf.denom;
-
-  for (row = 0; row < ph; row++) {
-    for (col = 0; col < pw; col++) {
-      unsigned char y = buf[ypitch * row + col];
-
-      if (((row / blocksize) + (col / blocksize)) % 2 == 0) {
-        if (row < halfway) CHECKVAL255(y)
-        else CHECKVAL0(y);
-      } else {
-        if (row < halfway) CHECKVAL(y, 76)
-        else CHECKVAL(y, 226);
-      }
-    }
-  }
-  if (subsamp != TJSAMP_GRAY) {
-    halfway = 16 / vsf * sf.num / sf.denom;
-
-    for (row = 0; row < ch; row++) {
-      for (col = 0; col < cw; col++) {
-        unsigned char u = buf[ypitch * ph + (uvpitch * row + col)],
-          v = buf[ypitch * ph + uvpitch * ch + (uvpitch * row + col)];
-
-        if (((row * vsf / blocksize) + (col * hsf / blocksize)) % 2 == 0) {
-          CHECKVAL(u, 128);  CHECKVAL(v, 128);
-        } else {
-          if (row < halfway) {
-            CHECKVAL(u, 85);  CHECKVAL255(v);
-          } else {
-            CHECKVAL0(u);  CHECKVAL(v, 149);
-          }
-        }
-      }
-    }
-  }
-
-bailout:
-  if (retval == 0) {
-    for (row = 0; row < ph; row++) {
-      for (col = 0; col < pw; col++)
-        printf("%.3d ", buf[ypitch * row + col]);
-      printf("\n");
-    }
-    printf("\n");
-    for (row = 0; row < ch; row++) {
-      for (col = 0; col < cw; col++)
-        printf("%.3d ", buf[ypitch * ph + (uvpitch * row + col)]);
-      printf("\n");
-    }
-    printf("\n");
-    for (row = 0; row < ch; row++) {
-      for (col = 0; col < cw; col++)
-        printf("%.3d ",
-               buf[ypitch * ph + uvpitch * ch + (uvpitch * row + col)]);
-      printf("\n");
-    }
-  }
-
-  return retval;
-}
-
-
-static void writeJPEG(unsigned char *jpegBuf, unsigned long jpegSize,
-                      char *filename)
-{
-  FILE *file = fopen(filename, "wb");
-
-  if (!file || fwrite(jpegBuf, jpegSize, 1, file) != 1) {
-    printf("ERROR: Could not write to %s.\n%s\n", filename, strerror(errno));
-    BAILOUT()
-  }
-
-bailout:
-  if (file) fclose(file);
-}
-
-
-static void compTest(tjhandle handle, unsigned char **dstBuf,
-                     unsigned long *dstSize, int w, int h, int pf,
-                     char *basename, int subsamp, int jpegQual, int flags)
-{
-  char tempStr[1024];
-  unsigned char *srcBuf = NULL, *yuvBuf = NULL;
-  const char *pfStr = pixFormatStr[pf];
-  const char *buStrLong =
-    (flags & TJFLAG_BOTTOMUP) ? "Bottom-Up" : "Top-Down ";
-  const char *buStr = (flags & TJFLAG_BOTTOMUP) ? "BU" : "TD";
-
-  if ((srcBuf = (unsigned char *)malloc(w * h * tjPixelSize[pf])) == NULL)
-    THROW("Memory allocation failure");
-  initBuf(srcBuf, w, h, pf, flags);
-
-  if (*dstBuf && *dstSize > 0) memset(*dstBuf, 0, *dstSize);
-
-  if (!alloc) flags |= TJFLAG_NOREALLOC;
-  if (doYUV) {
-    unsigned long yuvSize = tjBufSizeYUV2(w, pad, h, subsamp);
-    tjscalingfactor sf = { 1, 1 };
-    tjhandle handle2 = tjInitCompress();
-
-    if (!handle2) THROW_TJ();
-
-    if ((yuvBuf = (unsigned char *)malloc(yuvSize)) == NULL)
-      THROW("Memory allocation failure");
-    memset(yuvBuf, 0, yuvSize);
-
-    printf("%s %s -> YUV %s ... ", pfStr, buStrLong, subNameLong[subsamp]);
-    TRY_TJ(tjEncodeYUV3(handle2, srcBuf, w, 0, h, pf, yuvBuf, pad, subsamp,
-                        flags));
-    tjDestroy(handle2);
-    if (checkBufYUV(yuvBuf, w, h, subsamp, sf)) printf("Passed.\n");
-    else printf("FAILED!\n");
-
-    printf("YUV %s %s -> JPEG Q%d ... ", subNameLong[subsamp], buStrLong,
-           jpegQual);
-    TRY_TJ(tjCompressFromYUV(handle, yuvBuf, w, pad, h, subsamp, dstBuf,
-                             dstSize, jpegQual, flags));
-  } else {
-    printf("%s %s -> %s Q%d ... ", pfStr, buStrLong, subNameLong[subsamp],
-           jpegQual);
-    TRY_TJ(tjCompress2(handle, srcBuf, w, 0, h, pf, dstBuf, dstSize, subsamp,
-                       jpegQual, flags));
-  }
-
-  snprintf(tempStr, 1024, "%s_enc_%s_%s_%s_Q%d.jpg", basename, pfStr, buStr,
-           subName[subsamp], jpegQual);
-  writeJPEG(*dstBuf, *dstSize, tempStr);
-  printf("Done.\n  Result in %s\n", tempStr);
-
-bailout:
-  free(yuvBuf);
-  free(srcBuf);
-}
-
-
-static void _decompTest(tjhandle handle, unsigned char *jpegBuf,
-                        unsigned long jpegSize, int w, int h, int pf,
-                        char *basename, int subsamp, int flags,
-                        tjscalingfactor sf)
-{
-  unsigned char *dstBuf = NULL, *yuvBuf = NULL;
-  int _hdrw = 0, _hdrh = 0, _hdrsubsamp = -1;
-  int scaledWidth = TJSCALED(w, sf);
-  int scaledHeight = TJSCALED(h, sf);
-  unsigned long dstSize = 0;
-
-  TRY_TJ(tjDecompressHeader2(handle, jpegBuf, jpegSize, &_hdrw, &_hdrh,
-                             &_hdrsubsamp));
-  if (_hdrw != w || _hdrh != h || _hdrsubsamp != subsamp)
-    THROW("Incorrect JPEG header");
-
-  dstSize = scaledWidth * scaledHeight * tjPixelSize[pf];
-  if ((dstBuf = (unsigned char *)malloc(dstSize)) == NULL)
-    THROW("Memory allocation failure");
-  memset(dstBuf, 0, dstSize);
-
-  if (doYUV) {
-    unsigned long yuvSize = tjBufSizeYUV2(scaledWidth, pad, scaledHeight,
-                                          subsamp);
-    tjhandle handle2 = tjInitDecompress();
-
-    if (!handle2) THROW_TJ();
-
-    if ((yuvBuf = (unsigned char *)malloc(yuvSize)) == NULL)
-      THROW("Memory allocation failure");
-    memset(yuvBuf, 0, yuvSize);
-
-    printf("JPEG -> YUV %s ", subNameLong[subsamp]);
-    if (sf.num != 1 || sf.denom != 1)
-      printf("%d/%d ... ", sf.num, sf.denom);
-    else printf("... ");
-    TRY_TJ(tjDecompressToYUV2(handle, jpegBuf, jpegSize, yuvBuf, scaledWidth,
-                              pad, scaledHeight, flags));
-    if (checkBufYUV(yuvBuf, scaledWidth, scaledHeight, subsamp, sf))
-      printf("Passed.\n");
-    else printf("FAILED!\n");
-
-    printf("YUV %s -> %s %s ... ", subNameLong[subsamp], pixFormatStr[pf],
-           (flags & TJFLAG_BOTTOMUP) ? "Bottom-Up" : "Top-Down ");
-    TRY_TJ(tjDecodeYUV(handle2, yuvBuf, pad, subsamp, dstBuf, scaledWidth, 0,
-                       scaledHeight, pf, flags));
-    tjDestroy(handle2);
-  } else {
-    printf("JPEG -> %s %s ", pixFormatStr[pf],
-           (flags & TJFLAG_BOTTOMUP) ? "Bottom-Up" : "Top-Down ");
-    if (sf.num != 1 || sf.denom != 1)
-      printf("%d/%d ... ", sf.num, sf.denom);
-    else printf("... ");
-    TRY_TJ(tjDecompress2(handle, jpegBuf, jpegSize, dstBuf, scaledWidth, 0,
-                         scaledHeight, pf, flags));
-  }
-
-  if (checkBuf(dstBuf, scaledWidth, scaledHeight, pf, subsamp, sf, flags))
-    printf("Passed.");
-  else printf("FAILED!");
-  printf("\n");
-
-bailout:
-  free(yuvBuf);
-  free(dstBuf);
-}
-
-
-static void decompTest(tjhandle handle, unsigned char *jpegBuf,
-                       unsigned long jpegSize, int w, int h, int pf,
-                       char *basename, int subsamp, int flags)
-{
-  int i, n = 0;
-  tjscalingfactor *sf = tjGetScalingFactors(&n);
-
-  if (!sf || !n) THROW_TJ();
-
-  for (i = 0; i < n; i++) {
-    if (subsamp == TJSAMP_444 || subsamp == TJSAMP_GRAY ||
-        (subsamp == TJSAMP_411 && sf[i].num == 1 &&
-         (sf[i].denom == 2 || sf[i].denom == 1)) ||
-        (subsamp != TJSAMP_411 && sf[i].num == 1 &&
-         (sf[i].denom == 4 || sf[i].denom == 2 || sf[i].denom == 1)))
-      _decompTest(handle, jpegBuf, jpegSize, w, h, pf, basename, subsamp,
-                  flags, sf[i]);
-  }
-
-bailout:
-  return;
-}
-
-
-static void doTest(int w, int h, const int *formats, int nformats, int subsamp,
-                   char *basename)
-{
-  tjhandle chandle = NULL, dhandle = NULL;
-  unsigned char *dstBuf = NULL;
-  unsigned long size = 0;
-  int pfi, pf, i;
-
-  if (!alloc)
-    size = tjBufSize(w, h, subsamp);
-  if (size != 0)
-    if ((dstBuf = (unsigned char *)tjAlloc(size)) == NULL)
-      THROW("Memory allocation failure.");
-
-  if ((chandle = tjInitCompress()) == NULL ||
-      (dhandle = tjInitDecompress()) == NULL)
-    THROW_TJ();
-
-  for (pfi = 0; pfi < nformats; pfi++) {
-    for (i = 0; i < 2; i++) {
-      int flags = 0;
-
-      if (subsamp == TJSAMP_422 || subsamp == TJSAMP_420 ||
-          subsamp == TJSAMP_440 || subsamp == TJSAMP_411)
-        flags |= TJFLAG_FASTUPSAMPLE;
-      if (i == 1) flags |= TJFLAG_BOTTOMUP;
-      pf = formats[pfi];
-      compTest(chandle, &dstBuf, &size, w, h, pf, basename, subsamp, 100,
-               flags);
-      decompTest(dhandle, dstBuf, size, w, h, pf, basename, subsamp, flags);
-      if (pf >= TJPF_RGBX && pf <= TJPF_XRGB) {
-        printf("\n");
-        decompTest(dhandle, dstBuf, size, w, h, pf + (TJPF_RGBA - TJPF_RGBX),
-                   basename, subsamp, flags);
-      }
-      printf("\n");
-    }
-  }
-  printf("--------------------\n\n");
-
-bailout:
-  if (chandle) tjDestroy(chandle);
-  if (dhandle) tjDestroy(dhandle);
-  tjFree(dstBuf);
-}
-
-
-#if SIZEOF_SIZE_T == 8
-#define CHECKSIZE(function) { \
-  if ((unsigned long long)size < (unsigned long long)0xFFFFFFFF) \
-    THROW(#function " overflow"); \
-}
-#else
-#define CHECKSIZE(function) { \
-  if (size != (unsigned long)(-1) || \
-      !strcmp(tjGetErrorStr2(NULL), "No error")) \
-    THROW(#function " overflow"); \
-}
-#endif
-
-static void overflowTest(void)
-{
-  /* Ensure that the various buffer size functions don't overflow */
-  unsigned long size;
-
-  size = tjBufSize(26755, 26755, TJSAMP_444);
-  CHECKSIZE(tjBufSize());
-  size = TJBUFSIZE(26755, 26755);
-  CHECKSIZE(TJBUFSIZE());
-  size = tjBufSizeYUV2(37838, 1, 37838, TJSAMP_444);
-  CHECKSIZE(tjBufSizeYUV2());
-  size = TJBUFSIZEYUV(37838, 37838, TJSAMP_444);
-  CHECKSIZE(TJBUFSIZEYUV());
-  size = tjBufSizeYUV(37838, 37838, TJSAMP_444);
-  CHECKSIZE(tjBufSizeYUV());
-  size = tjPlaneSizeYUV(0, 65536, 0, 65536, TJSAMP_444);
-  CHECKSIZE(tjPlaneSizeYUV());
-
-bailout:
-  return;
-}
-
-
-static void bufSizeTest(void)
-{
-  int w, h, i, subsamp;
-  unsigned char *srcBuf = NULL, *dstBuf = NULL;
-  tjhandle handle = NULL;
-  unsigned long dstSize = 0;
-
-  if ((handle = tjInitCompress()) == NULL) THROW_TJ();
-
-  printf("Buffer size regression test\n");
-  for (subsamp = 0; subsamp < TJ_NUMSAMP; subsamp++) {
-    for (w = 1; w < 48; w++) {
-      int maxh = (w == 1) ? 2048 : 48;
-
-      for (h = 1; h < maxh; h++) {
-        if (h % 100 == 0) printf("%.4d x %.4d\b\b\b\b\b\b\b\b\b\b\b", w, h);
-        if ((srcBuf = (unsigned char *)malloc(w * h * 4)) == NULL)
-          THROW("Memory allocation failure");
-        if (!alloc || doYUV) {
-          if (doYUV) dstSize = tjBufSizeYUV2(w, pad, h, subsamp);
-          else dstSize = tjBufSize(w, h, subsamp);
-          if ((dstBuf = (unsigned char *)tjAlloc(dstSize)) == NULL)
-            THROW("Memory allocation failure");
-        }
-
-        for (i = 0; i < w * h * 4; i++) {
-          if (random() < RAND_MAX / 2) srcBuf[i] = 0;
-          else srcBuf[i] = 255;
-        }
-
-        if (doYUV) {
-          TRY_TJ(tjEncodeYUV3(handle, srcBuf, w, 0, h, TJPF_BGRX, dstBuf, pad,
-                              subsamp, 0));
-        } else {
-          TRY_TJ(tjCompress2(handle, srcBuf, w, 0, h, TJPF_BGRX, &dstBuf,
-                             &dstSize, subsamp, 100,
-                             alloc ? 0 : TJFLAG_NOREALLOC));
-        }
-        free(srcBuf);  srcBuf = NULL;
-        if (!alloc || doYUV) {
-          tjFree(dstBuf);  dstBuf = NULL;
-        }
-
-        if ((srcBuf = (unsigned char *)malloc(h * w * 4)) == NULL)
-          THROW("Memory allocation failure");
-        if (!alloc || doYUV) {
-          if (doYUV) dstSize = tjBufSizeYUV2(h, pad, w, subsamp);
-          else dstSize = tjBufSize(h, w, subsamp);
-          if ((dstBuf = (unsigned char *)tjAlloc(dstSize)) == NULL)
-            THROW("Memory allocation failure");
-        }
-
-        for (i = 0; i < h * w * 4; i++) {
-          if (random() < RAND_MAX / 2) srcBuf[i] = 0;
-          else srcBuf[i] = 255;
-        }
-
-        if (doYUV) {
-          TRY_TJ(tjEncodeYUV3(handle, srcBuf, h, 0, w, TJPF_BGRX, dstBuf, pad,
-                              subsamp, 0));
-        } else {
-          TRY_TJ(tjCompress2(handle, srcBuf, h, 0, w, TJPF_BGRX, &dstBuf,
-                             &dstSize, subsamp, 100,
-                             alloc ? 0 : TJFLAG_NOREALLOC));
-        }
-        free(srcBuf);  srcBuf = NULL;
-        if (!alloc || doYUV) {
-          tjFree(dstBuf);  dstBuf = NULL;
-        }
-      }
-    }
-  }
-  printf("Done.      \n");
-
-bailout:
-  free(srcBuf);
-  tjFree(dstBuf);
-  if (handle) tjDestroy(handle);
-}
-
-
-static void initBitmap(unsigned char *buf, int width, int pitch, int height,
-                       int pf, int flags)
-{
-  int roffset = tjRedOffset[pf];
-  int goffset = tjGreenOffset[pf];
-  int boffset = tjBlueOffset[pf];
-  int ps = tjPixelSize[pf];
-  int i, j;
-
-  for (j = 0; j < height; j++) {
-    int row = (flags & TJFLAG_BOTTOMUP) ? height - j - 1 : j;
-
-    for (i = 0; i < width; i++) {
-      unsigned char r = (i * 256 / width) % 256;
-      unsigned char g = (j * 256 / height) % 256;
-      unsigned char b = (j * 256 / height + i * 256 / width) % 256;
-
-      memset(&buf[row * pitch + i * ps], 0, ps);
-      if (pf == TJPF_GRAY) buf[row * pitch + i * ps] = b;
-      else if (pf == TJPF_CMYK)
-        rgb_to_cmyk(r, g, b, &buf[row * pitch + i * ps + 0],
-                    &buf[row * pitch + i * ps + 1],
-                    &buf[row * pitch + i * ps + 2],
-                    &buf[row * pitch + i * ps + 3]);
-      else {
-        buf[row * pitch + i * ps + roffset] = r;
-        buf[row * pitch + i * ps + goffset] = g;
-        buf[row * pitch + i * ps + boffset] = b;
-      }
-    }
-  }
-}
-
-
-static int cmpBitmap(unsigned char *buf, int width, int pitch, int height,
-                     int pf, int flags, int gray2rgb)
-{
-  int roffset = tjRedOffset[pf];
-  int goffset = tjGreenOffset[pf];
-  int boffset = tjBlueOffset[pf];
-  int aoffset = tjAlphaOffset[pf];
-  int ps = tjPixelSize[pf];
-  int i, j;
-
-  for (j = 0; j < height; j++) {
-    int row = (flags & TJFLAG_BOTTOMUP) ? height - j - 1 : j;
-
-    for (i = 0; i < width; i++) {
-      unsigned char r = (i * 256 / width) % 256;
-      unsigned char g = (j * 256 / height) % 256;
-      unsigned char b = (j * 256 / height + i * 256 / width) % 256;
-
-      if (pf == TJPF_GRAY) {
-        if (buf[row * pitch + i * ps] != b)
-          return 0;
-      } else if (pf == TJPF_CMYK) {
-        unsigned char rf, gf, bf;
-
-        cmyk_to_rgb(buf[row * pitch + i * ps + 0],
-                    buf[row * pitch + i * ps + 1],
-                    buf[row * pitch + i * ps + 2],
-                    buf[row * pitch + i * ps + 3], &rf, &gf, &bf);
-        if (gray2rgb) {
-          if (rf != b || gf != b || bf != b)
-            return 0;
-        } else if (rf != r || gf != g || bf != b) return 0;
-      } else {
-        if (gray2rgb) {
-          if (buf[row * pitch + i * ps + roffset] != b ||
-              buf[row * pitch + i * ps + goffset] != b ||
-              buf[row * pitch + i * ps + boffset] != b)
-            return 0;
-        } else if (buf[row * pitch + i * ps + roffset] != r ||
-                   buf[row * pitch + i * ps + goffset] != g ||
-                   buf[row * pitch + i * ps + boffset] != b)
-          return 0;
-        if (aoffset >= 0 && buf[row * pitch + i * ps + aoffset] != 0xFF)
-          return 0;
-      }
-    }
-  }
-  return 1;
-}
-
-
-static int doBmpTest(const char *ext, int width, int align, int height, int pf,
-                     int flags)
-{
-  char filename[80], *md5sum, md5buf[65];
-  int ps = tjPixelSize[pf], pitch = PAD(width * ps, align), loadWidth = 0,
-    loadHeight = 0, retval = 0, pixelFormat = pf;
-  unsigned char *buf = NULL;
-  char *md5ref;
-
-  if (pf == TJPF_GRAY) {
-    md5ref = !strcasecmp(ext, "ppm") ? "112c682e82ce5de1cca089e20d60000b" :
-                                       "51976530acf75f02beddf5d21149101d";
-  } else {
-    md5ref = !strcasecmp(ext, "ppm") ? "c0c9f772b464d1896326883a5c79c545" :
-                                       "6d659071b9bfcdee2def22cb58ddadca";
-  }
-
-  if ((buf = (unsigned char *)tjAlloc(pitch * height)) == NULL)
-    THROW("Could not allocate memory");
-  initBitmap(buf, width, pitch, height, pf, flags);
-
-  snprintf(filename, 80, "test_bmp_%s_%d_%s.%s", pixFormatStr[pf], align,
-           (flags & TJFLAG_BOTTOMUP) ? "bu" : "td", ext);
-  TRY_TJ(tjSaveImage(filename, buf, width, pitch, height, pf, flags));
-  md5sum = MD5File(filename, md5buf);
-  if (strcasecmp(md5sum, md5ref))
-    THROW_MD5(filename, md5sum, md5ref);
-
-  tjFree(buf);  buf = NULL;
-  if ((buf = tjLoadImage(filename, &loadWidth, align, &loadHeight, &pf,
-                         flags)) == NULL)
-    THROW_TJ();
-  if (width != loadWidth || height != loadHeight) {
-    printf("\n   Image dimensions of %s are bogus\n", filename);
-    retval = -1;  goto bailout;
-  }
-  if (!cmpBitmap(buf, width, pitch, height, pf, flags, 0)) {
-    printf("\n   Pixel data in %s is bogus\n", filename);
-    retval = -1;  goto bailout;
-  }
-  if (pf == TJPF_GRAY) {
-    tjFree(buf);  buf = NULL;
-    pf = TJPF_XBGR;
-    if ((buf = tjLoadImage(filename, &loadWidth, align, &loadHeight, &pf,
-                           flags)) == NULL)
-      THROW_TJ();
-    pitch = PAD(width * tjPixelSize[pf], align);
-    if (!cmpBitmap(buf, width, pitch, height, pf, flags, 1)) {
-      printf("\n   Converting %s to RGB failed\n", filename);
-      retval = -1;  goto bailout;
-    }
-
-    tjFree(buf);  buf = NULL;
-    pf = TJPF_CMYK;
-    if ((buf = tjLoadImage(filename, &loadWidth, align, &loadHeight, &pf,
-                           flags)) == NULL)
-      THROW_TJ();
-    pitch = PAD(width * tjPixelSize[pf], align);
-    if (!cmpBitmap(buf, width, pitch, height, pf, flags, 1)) {
-      printf("\n   Converting %s to CMYK failed\n", filename);
-      retval = -1;  goto bailout;
-    }
-  }
-  /* Verify that tjLoadImage() returns the proper "preferred" pixel format for
-     the file type. */
-  tjFree(buf);  buf = NULL;
-  pf = pixelFormat;
-  pixelFormat = TJPF_UNKNOWN;
-  if ((buf = tjLoadImage(filename, &loadWidth, align, &loadHeight,
-                         &pixelFormat, flags)) == NULL)
-    THROW_TJ();
-  if ((pf == TJPF_GRAY && pixelFormat != TJPF_GRAY) ||
-      (pf != TJPF_GRAY && !strcasecmp(ext, "bmp") &&
-       pixelFormat != TJPF_BGR) ||
-      (pf != TJPF_GRAY && !strcasecmp(ext, "ppm") &&
-       pixelFormat != TJPF_RGB)) {
-    printf("\n   tjLoadImage() returned unexpected pixel format: %s\n",
-           pixFormatStr[pixelFormat]);
-    retval = -1;
-  }
-  unlink(filename);
-
-bailout:
-  tjFree(buf);
-  if (exitStatus < 0) return exitStatus;
-  return retval;
-}
-
-
-static int bmpTest(void)
-{
-  int align, width = 35, height = 39, format;
-
-  for (align = 1; align <= 8; align *= 2) {
-    for (format = 0; format < TJ_NUMPF; format++) {
-      printf("%s Top-Down BMP (row alignment = %d bytes)  ...  ",
-             pixFormatStr[format], align);
-      if (doBmpTest("bmp", width, align, height, format, 0) == -1)
-        return -1;
-      printf("OK.\n");
-
-      printf("%s Top-Down PPM (row alignment = %d bytes)  ...  ",
-             pixFormatStr[format], align);
-      if (doBmpTest("ppm", width, align, height, format,
-                    TJFLAG_BOTTOMUP) == -1)
-        return -1;
-      printf("OK.\n");
-
-      printf("%s Bottom-Up BMP (row alignment = %d bytes)  ...  ",
-             pixFormatStr[format], align);
-      if (doBmpTest("bmp", width, align, height, format, 0) == -1)
-        return -1;
-      printf("OK.\n");
-
-      printf("%s Bottom-Up PPM (row alignment = %d bytes)  ...  ",
-             pixFormatStr[format], align);
-      if (doBmpTest("ppm", width, align, height, format,
-                    TJFLAG_BOTTOMUP) == -1)
-        return -1;
-      printf("OK.\n");
-    }
-  }
-
-  return 0;
-}
-
-
-int main(int argc, char *argv[])
-{
-  int i, num4bf = 5;
-
-#ifdef _WIN32
-  srand((unsigned int)time(NULL));
-#endif
-  if (argc > 1) {
-    for (i = 1; i < argc; i++) {
-      if (!strcasecmp(argv[i], "-yuv")) doYUV = 1;
-      else if (!strcasecmp(argv[i], "-noyuvpad")) pad = 1;
-      else if (!strcasecmp(argv[i], "-alloc")) alloc = 1;
-      else if (!strcasecmp(argv[i], "-bmp")) return bmpTest();
-      else usage(argv[0]);
-    }
-  }
-  if (alloc) printf("Testing automatic buffer allocation\n");
-  if (doYUV) num4bf = 4;
-  overflowTest();
-  doTest(35, 39, _3byteFormats, 2, TJSAMP_444, "test");
-  doTest(39, 41, _4byteFormats, num4bf, TJSAMP_444, "test");
-  doTest(41, 35, _3byteFormats, 2, TJSAMP_422, "test");
-  doTest(35, 39, _4byteFormats, num4bf, TJSAMP_422, "test");
-  doTest(39, 41, _3byteFormats, 2, TJSAMP_420, "test");
-  doTest(41, 35, _4byteFormats, num4bf, TJSAMP_420, "test");
-  doTest(35, 39, _3byteFormats, 2, TJSAMP_440, "test");
-  doTest(39, 41, _4byteFormats, num4bf, TJSAMP_440, "test");
-  doTest(41, 35, _3byteFormats, 2, TJSAMP_411, "test");
-  doTest(35, 39, _4byteFormats, num4bf, TJSAMP_411, "test");
-  doTest(39, 41, _onlyGray, 1, TJSAMP_GRAY, "test");
-  doTest(41, 35, _3byteFormats, 2, TJSAMP_GRAY, "test");
-  doTest(35, 39, _4byteFormats, 4, TJSAMP_GRAY, "test");
-  bufSizeTest();
-  if (doYUV) {
-    printf("\n--------------------\n\n");
-    doTest(48, 48, _onlyRGB, 1, TJSAMP_444, "test_yuv0");
-    doTest(48, 48, _onlyRGB, 1, TJSAMP_422, "test_yuv0");
-    doTest(48, 48, _onlyRGB, 1, TJSAMP_420, "test_yuv0");
-    doTest(48, 48, _onlyRGB, 1, TJSAMP_440, "test_yuv0");
-    doTest(48, 48, _onlyRGB, 1, TJSAMP_411, "test_yuv0");
-    doTest(48, 48, _onlyRGB, 1, TJSAMP_GRAY, "test_yuv0");
-    doTest(48, 48, _onlyGray, 1, TJSAMP_GRAY, "test_yuv0");
-  }
-
-  return exitStatus;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/tjutil.c b/3rdparty/libjpeg-turbo_2_1_0/tjutil.c
deleted file mode 100644
index 2018160..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/tjutil.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * Copyright (C)2011, 2019 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-#ifdef _WIN32
-
-#include <windows.h>
-#include "tjutil.h"
-
-static double getFreq(void)
-{
-  LARGE_INTEGER freq;
-
-  if (!QueryPerformanceFrequency(&freq)) return 0.0;
-  return (double)freq.QuadPart;
-}
-
-static double f = -1.0;
-
-double getTime(void)
-{
-  LARGE_INTEGER t;
-
-  if (f < 0.0) f = getFreq();
-  if (f == 0.0) return (double)GetTickCount() / 1000.;
-  else {
-    QueryPerformanceCounter(&t);
-    return (double)t.QuadPart / f;
-  }
-}
-
-#else
-
-#include <stdlib.h>
-#include <sys/time.h>
-#include "tjutil.h"
-
-double getTime(void)
-{
-  struct timeval tv;
-
-  if (gettimeofday(&tv, NULL) < 0) return 0.0;
-  else return (double)tv.tv_sec + ((double)tv.tv_usec / 1000000.);
-}
-
-#endif
diff --git a/3rdparty/libjpeg-turbo_2_1_0/tjutil.h b/3rdparty/libjpeg-turbo_2_1_0/tjutil.h
deleted file mode 100644
index 8542bab..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/tjutil.h
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Copyright (C)2011 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-#ifdef _WIN32
-#ifndef __MINGW32__
-#include <stdio.h>
-#define snprintf(str, n, format, ...) \
-  _snprintf_s(str, n, _TRUNCATE, format, ##__VA_ARGS__)
-#endif
-#define strcasecmp  stricmp
-#define strncasecmp  strnicmp
-#endif
-
-#ifndef min
-#define min(a, b)  ((a) < (b) ? (a) : (b))
-#endif
-
-#ifndef max
-#define max(a, b)  ((a) > (b) ? (a) : (b))
-#endif
-
-extern double getTime(void);
diff --git a/3rdparty/libjpeg-turbo_2_1_0/transupp.c b/3rdparty/libjpeg-turbo_2_1_0/transupp.c
deleted file mode 100644
index 6e86077..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/transupp.c
+++ /dev/null
@@ -1,2367 +0,0 @@
-/*
- * transupp.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1997-2019, Thomas G. Lane, Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2010, 2017, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains image transformation routines and other utility code
- * used by the jpegtran sample application.  These are NOT part of the core
- * JPEG library.  But we keep these routines separate from jpegtran.c to
- * ease the task of maintaining jpegtran-like programs that have other user
- * interfaces.
- */
-
-/* Although this file really shouldn't have access to the library internals,
- * it's helpful to let it call jround_up() and jcopy_block_row().
- */
-#define JPEG_INTERNALS
-
-#include "jinclude.h"
-#include "jpeglib.h"
-#include "transupp.h"           /* My own external interface */
-#include "jpegcomp.h"
-#include <ctype.h>              /* to declare isdigit() */
-
-
-#if JPEG_LIB_VERSION >= 70
-#define dstinfo_min_DCT_h_scaled_size  dstinfo->min_DCT_h_scaled_size
-#define dstinfo_min_DCT_v_scaled_size  dstinfo->min_DCT_v_scaled_size
-#else
-#define dstinfo_min_DCT_h_scaled_size  DCTSIZE
-#define dstinfo_min_DCT_v_scaled_size  DCTSIZE
-#endif
-
-
-#if TRANSFORMS_SUPPORTED
-
-/*
- * Lossless image transformation routines.  These routines work on DCT
- * coefficient arrays and thus do not require any lossy decompression
- * or recompression of the image.
- * Thanks to Guido Vollbeding for the initial design and code of this feature,
- * and to Ben Jackson for introducing the cropping feature.
- *
- * Horizontal flipping is done in-place, using a single top-to-bottom
- * pass through the virtual source array.  It will thus be much the
- * fastest option for images larger than main memory.
- *
- * The other routines require a set of destination virtual arrays, so they
- * need twice as much memory as jpegtran normally does.  The destination
- * arrays are always written in normal scan order (top to bottom) because
- * the virtual array manager expects this.  The source arrays will be scanned
- * in the corresponding order, which means multiple passes through the source
- * arrays for most of the transforms.  That could result in much thrashing
- * if the image is larger than main memory.
- *
- * If cropping or trimming is involved, the destination arrays may be smaller
- * than the source arrays.  Note it is not possible to do horizontal flip
- * in-place when a nonzero Y crop offset is specified, since we'd have to move
- * data from one block row to another but the virtual array manager doesn't
- * guarantee we can touch more than one row at a time.  So in that case,
- * we have to use a separate destination array.
- *
- * Some notes about the operating environment of the individual transform
- * routines:
- * 1. Both the source and destination virtual arrays are allocated from the
- *    source JPEG object, and therefore should be manipulated by calling the
- *    source's memory manager.
- * 2. The destination's component count should be used.  It may be smaller
- *    than the source's when forcing to grayscale.
- * 3. Likewise the destination's sampling factors should be used.  When
- *    forcing to grayscale the destination's sampling factors will be all 1,
- *    and we may as well take that as the effective iMCU size.
- * 4. When "trim" is in effect, the destination's dimensions will be the
- *    trimmed values but the source's will be untrimmed.
- * 5. When "crop" is in effect, the destination's dimensions will be the
- *    cropped values but the source's will be uncropped.  Each transform
- *    routine is responsible for picking up source data starting at the
- *    correct X and Y offset for the crop region.  (The X and Y offsets
- *    passed to the transform routines are measured in iMCU blocks of the
- *    destination.)
- * 6. All the routines assume that the source and destination buffers are
- *    padded out to a full iMCU boundary.  This is true, although for the
- *    source buffer it is an undocumented property of jdcoefct.c.
- */
-
-
-LOCAL(void)
-dequant_comp(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-             jvirt_barray_ptr coef_array, JQUANT_TBL *qtblptr1)
-{
-  JDIMENSION blk_x, blk_y;
-  int offset_y, k;
-  JQUANT_TBL *qtblptr;
-  JBLOCKARRAY buffer;
-  JBLOCKROW block;
-  JCOEFPTR ptr;
-
-  qtblptr = compptr->quant_table;
-  for (blk_y = 0; blk_y < compptr->height_in_blocks;
-       blk_y += compptr->v_samp_factor) {
-    buffer = (*cinfo->mem->access_virt_barray)
-      ((j_common_ptr)cinfo, coef_array, blk_y,
-       (JDIMENSION)compptr->v_samp_factor, TRUE);
-    for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-      block = buffer[offset_y];
-      for (blk_x = 0; blk_x < compptr->width_in_blocks; blk_x++) {
-        ptr = block[blk_x];
-        for (k = 0; k < DCTSIZE2; k++)
-          if (qtblptr->quantval[k] != qtblptr1->quantval[k])
-            ptr[k] *= qtblptr->quantval[k] / qtblptr1->quantval[k];
-      }
-    }
-  }
-}
-
-
-LOCAL(void)
-requant_comp(j_decompress_ptr cinfo, jpeg_component_info *compptr,
-             jvirt_barray_ptr coef_array, JQUANT_TBL *qtblptr1)
-{
-  JDIMENSION blk_x, blk_y;
-  int offset_y, k;
-  JQUANT_TBL *qtblptr;
-  JBLOCKARRAY buffer;
-  JBLOCKROW block;
-  JCOEFPTR ptr;
-  JCOEF temp, qval;
-
-  qtblptr = compptr->quant_table;
-  for (blk_y = 0; blk_y < compptr->height_in_blocks;
-       blk_y += compptr->v_samp_factor) {
-    buffer = (*cinfo->mem->access_virt_barray)
-      ((j_common_ptr)cinfo, coef_array, blk_y,
-       (JDIMENSION)compptr->v_samp_factor, TRUE);
-    for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-      block = buffer[offset_y];
-      for (blk_x = 0; blk_x < compptr->width_in_blocks; blk_x++) {
-        ptr = block[blk_x];
-        for (k = 0; k < DCTSIZE2; k++) {
-          temp = qtblptr->quantval[k];
-          qval = qtblptr1->quantval[k];
-          if (temp != qval) {
-            temp *= ptr[k];
-            /* The following quantization code is copied from jcdctmgr.c */
-#ifdef FAST_DIVIDE
-#define DIVIDE_BY(a, b)  a /= b
-#else
-#define DIVIDE_BY(a, b)  if (a >= b) a /= b;  else a = 0
-#endif
-            if (temp < 0) {
-              temp = -temp;
-              temp += qval >> 1; /* for rounding */
-              DIVIDE_BY(temp, qval);
-              temp = -temp;
-            } else {
-              temp += qval >> 1; /* for rounding */
-              DIVIDE_BY(temp, qval);
-            }
-            ptr[k] = temp;
-          }
-        }
-      }
-    }
-  }
-}
-
-
-/*
- * Calculate largest common denominator using Euclid's algorithm.
- */
-LOCAL(JCOEF)
-largest_common_denominator(JCOEF a, JCOEF b)
-{
-  JCOEF c;
-
-  do {
-    c = a % b;
-    a = b;
-    b = c;
-  } while (c);
-
-  return a;
-}
-
-
-LOCAL(void)
-adjust_quant(j_decompress_ptr srcinfo, jvirt_barray_ptr *src_coef_arrays,
-             j_decompress_ptr dropinfo, jvirt_barray_ptr *drop_coef_arrays,
-             boolean trim, j_compress_ptr dstinfo)
-{
-  jpeg_component_info *compptr1, *compptr2;
-  JQUANT_TBL *qtblptr1, *qtblptr2, *qtblptr3;
-  int ci, k;
-
-  for (ci = 0; ci < dstinfo->num_components && ci < dropinfo->num_components;
-       ci++) {
-    compptr1 = srcinfo->comp_info + ci;
-    compptr2 = dropinfo->comp_info + ci;
-    qtblptr1 = compptr1->quant_table;
-    qtblptr2 = compptr2->quant_table;
-    for (k = 0; k < DCTSIZE2; k++) {
-      if (qtblptr1->quantval[k] != qtblptr2->quantval[k]) {
-        if (trim)
-          requant_comp(dropinfo, compptr2, drop_coef_arrays[ci], qtblptr1);
-        else {
-          qtblptr3 = dstinfo->quant_tbl_ptrs[compptr1->quant_tbl_no];
-          for (k = 0; k < DCTSIZE2; k++)
-            if (qtblptr1->quantval[k] != qtblptr2->quantval[k])
-              qtblptr3->quantval[k] =
-                largest_common_denominator(qtblptr1->quantval[k],
-                                           qtblptr2->quantval[k]);
-          dequant_comp(srcinfo, compptr1, src_coef_arrays[ci], qtblptr3);
-          dequant_comp(dropinfo, compptr2, drop_coef_arrays[ci], qtblptr3);
-        }
-        break;
-      }
-    }
-  }
-}
-
-
-LOCAL(void)
-do_drop(j_decompress_ptr srcinfo, j_compress_ptr dstinfo,
-        JDIMENSION x_crop_offset, JDIMENSION y_crop_offset,
-        jvirt_barray_ptr *src_coef_arrays,
-        j_decompress_ptr dropinfo, jvirt_barray_ptr *drop_coef_arrays,
-        JDIMENSION drop_width, JDIMENSION drop_height)
-/* Drop (insert) the contents of another image into the source image.  If the
- * number of components in the drop image is smaller than the number of
- * components in the destination image, then we fill in the remaining
- * components with zero.  This allows for dropping the contents of grayscale
- * images into (arbitrarily sampled) color images.
- */
-{
-  JDIMENSION comp_width, comp_height;
-  JDIMENSION blk_y, x_drop_blocks, y_drop_blocks;
-  int ci, offset_y;
-  JBLOCKARRAY src_buffer, dst_buffer;
-  jpeg_component_info *compptr;
-
-  for (ci = 0; ci < dstinfo->num_components; ci++) {
-    compptr = dstinfo->comp_info + ci;
-    comp_width = drop_width * compptr->h_samp_factor;
-    comp_height = drop_height * compptr->v_samp_factor;
-    x_drop_blocks = x_crop_offset * compptr->h_samp_factor;
-    y_drop_blocks = y_crop_offset * compptr->v_samp_factor;
-    for (blk_y = 0; blk_y < comp_height; blk_y += compptr->v_samp_factor) {
-      dst_buffer = (*srcinfo->mem->access_virt_barray)
-        ((j_common_ptr)srcinfo, src_coef_arrays[ci], blk_y + y_drop_blocks,
-         (JDIMENSION)compptr->v_samp_factor, TRUE);
-      if (ci < dropinfo->num_components) {
-        src_buffer = (*dropinfo->mem->access_virt_barray)
-          ((j_common_ptr)dropinfo, drop_coef_arrays[ci], blk_y,
-           (JDIMENSION)compptr->v_samp_factor, FALSE);
-        for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-          jcopy_block_row(src_buffer[offset_y],
-                          dst_buffer[offset_y] + x_drop_blocks, comp_width);
-        }
-      } else {
-        for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-          MEMZERO(dst_buffer[offset_y] + x_drop_blocks,
-                  comp_width * sizeof(JBLOCK));
-        }
-      }
-    }
-  }
-}
-
-
-LOCAL(void)
-do_crop(j_decompress_ptr srcinfo, j_compress_ptr dstinfo,
-        JDIMENSION x_crop_offset, JDIMENSION y_crop_offset,
-        jvirt_barray_ptr *src_coef_arrays,
-        jvirt_barray_ptr *dst_coef_arrays)
-/* Crop.  This is only used when no rotate/flip is requested with the crop. */
-{
-  JDIMENSION dst_blk_y, x_crop_blocks, y_crop_blocks;
-  int ci, offset_y;
-  JBLOCKARRAY src_buffer, dst_buffer;
-  jpeg_component_info *compptr;
-
-  /* We simply have to copy the right amount of data (the destination's
-   * image size) starting at the given X and Y offsets in the source.
-   */
-  for (ci = 0; ci < dstinfo->num_components; ci++) {
-    compptr = dstinfo->comp_info + ci;
-    x_crop_blocks = x_crop_offset * compptr->h_samp_factor;
-    y_crop_blocks = y_crop_offset * compptr->v_samp_factor;
-    for (dst_blk_y = 0; dst_blk_y < compptr->height_in_blocks;
-         dst_blk_y += compptr->v_samp_factor) {
-      dst_buffer = (*srcinfo->mem->access_virt_barray)
-        ((j_common_ptr)srcinfo, dst_coef_arrays[ci], dst_blk_y,
-         (JDIMENSION)compptr->v_samp_factor, TRUE);
-      src_buffer = (*srcinfo->mem->access_virt_barray)
-        ((j_common_ptr)srcinfo, src_coef_arrays[ci], dst_blk_y + y_crop_blocks,
-         (JDIMENSION)compptr->v_samp_factor, FALSE);
-      for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-        jcopy_block_row(src_buffer[offset_y] + x_crop_blocks,
-                        dst_buffer[offset_y], compptr->width_in_blocks);
-      }
-    }
-  }
-}
-
-
-LOCAL(void)
-do_crop_ext_zero(j_decompress_ptr srcinfo, j_compress_ptr dstinfo,
-                 JDIMENSION x_crop_offset, JDIMENSION y_crop_offset,
-                 jvirt_barray_ptr *src_coef_arrays,
-                 jvirt_barray_ptr *dst_coef_arrays)
-/* Crop.  This is only used when no rotate/flip is requested with the crop.
- * Extension: If the destination size is larger than the source, we fill in the
- * expanded region with zero (neutral gray).  Note that we also have to zero
- * partial iMCUs at the right and bottom edge of the source image area in this
- * case.
- */
-{
-  JDIMENSION MCU_cols, MCU_rows, comp_width, comp_height;
-  JDIMENSION dst_blk_y, x_crop_blocks, y_crop_blocks;
-  int ci, offset_y;
-  JBLOCKARRAY src_buffer, dst_buffer;
-  jpeg_component_info *compptr;
-
-  MCU_cols = srcinfo->output_width /
-             (dstinfo->max_h_samp_factor * dstinfo_min_DCT_h_scaled_size);
-  MCU_rows = srcinfo->output_height /
-             (dstinfo->max_v_samp_factor * dstinfo_min_DCT_v_scaled_size);
-
-  for (ci = 0; ci < dstinfo->num_components; ci++) {
-    compptr = dstinfo->comp_info + ci;
-    comp_width = MCU_cols * compptr->h_samp_factor;
-    comp_height = MCU_rows * compptr->v_samp_factor;
-    x_crop_blocks = x_crop_offset * compptr->h_samp_factor;
-    y_crop_blocks = y_crop_offset * compptr->v_samp_factor;
-    for (dst_blk_y = 0; dst_blk_y < compptr->height_in_blocks;
-         dst_blk_y += compptr->v_samp_factor) {
-      dst_buffer = (*srcinfo->mem->access_virt_barray)
-        ((j_common_ptr)srcinfo, dst_coef_arrays[ci], dst_blk_y,
-         (JDIMENSION)compptr->v_samp_factor, TRUE);
-      if (dstinfo->_jpeg_height > srcinfo->output_height) {
-        if (dst_blk_y < y_crop_blocks ||
-            dst_blk_y >= y_crop_blocks + comp_height) {
-          for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-            MEMZERO(dst_buffer[offset_y],
-                    compptr->width_in_blocks * sizeof(JBLOCK));
-          }
-          continue;
-        }
-        src_buffer = (*srcinfo->mem->access_virt_barray)
-          ((j_common_ptr)srcinfo, src_coef_arrays[ci],
-           dst_blk_y - y_crop_blocks, (JDIMENSION)compptr->v_samp_factor,
-           FALSE);
-      } else {
-        src_buffer = (*srcinfo->mem->access_virt_barray)
-          ((j_common_ptr)srcinfo, src_coef_arrays[ci],
-           dst_blk_y + y_crop_blocks, (JDIMENSION)compptr->v_samp_factor,
-           FALSE);
-      }
-      for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-        if (dstinfo->_jpeg_width > srcinfo->output_width) {
-          if (x_crop_blocks > 0) {
-            MEMZERO(dst_buffer[offset_y], x_crop_blocks * sizeof(JBLOCK));
-          }
-          jcopy_block_row(src_buffer[offset_y],
-                          dst_buffer[offset_y] + x_crop_blocks, comp_width);
-          if (compptr->width_in_blocks > x_crop_blocks + comp_width) {
-            MEMZERO(dst_buffer[offset_y] + x_crop_blocks + comp_width,
-                    (compptr->width_in_blocks - x_crop_blocks - comp_width) *
-                    sizeof(JBLOCK));
-          }
-        } else {
-          jcopy_block_row(src_buffer[offset_y] + x_crop_blocks,
-                          dst_buffer[offset_y], compptr->width_in_blocks);
-        }
-      }
-    }
-  }
-}
-
-
-LOCAL(void)
-do_crop_ext_flat(j_decompress_ptr srcinfo, j_compress_ptr dstinfo,
-                 JDIMENSION x_crop_offset, JDIMENSION y_crop_offset,
-                 jvirt_barray_ptr *src_coef_arrays,
-                 jvirt_barray_ptr *dst_coef_arrays)
-/* Crop.  This is only used when no rotate/flip is requested with the crop.
- * Extension: The destination width is larger than the source, and we fill in
- * the expanded region with the DC coefficient of the adjacent block.  Note
- * that we also have to fill partial iMCUs at the right and bottom edge of the
- * source image area in this case.
- */
-{
-  JDIMENSION MCU_cols, MCU_rows, comp_width, comp_height;
-  JDIMENSION dst_blk_x, dst_blk_y, x_crop_blocks, y_crop_blocks;
-  int ci, offset_y;
-  JCOEF dc;
-  JBLOCKARRAY src_buffer, dst_buffer;
-  jpeg_component_info *compptr;
-
-  MCU_cols = srcinfo->output_width /
-             (dstinfo->max_h_samp_factor * dstinfo_min_DCT_h_scaled_size);
-  MCU_rows = srcinfo->output_height /
-             (dstinfo->max_v_samp_factor * dstinfo_min_DCT_v_scaled_size);
-
-  for (ci = 0; ci < dstinfo->num_components; ci++) {
-    compptr = dstinfo->comp_info + ci;
-    comp_width = MCU_cols * compptr->h_samp_factor;
-    comp_height = MCU_rows * compptr->v_samp_factor;
-    x_crop_blocks = x_crop_offset * compptr->h_samp_factor;
-    y_crop_blocks = y_crop_offset * compptr->v_samp_factor;
-    for (dst_blk_y = 0; dst_blk_y < compptr->height_in_blocks;
-         dst_blk_y += compptr->v_samp_factor) {
-      dst_buffer = (*srcinfo->mem->access_virt_barray)
-        ((j_common_ptr)srcinfo, dst_coef_arrays[ci], dst_blk_y,
-         (JDIMENSION)compptr->v_samp_factor, TRUE);
-      if (dstinfo->_jpeg_height > srcinfo->output_height) {
-        if (dst_blk_y < y_crop_blocks ||
-            dst_blk_y >= y_crop_blocks + comp_height) {
-          for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-            MEMZERO(dst_buffer[offset_y],
-                    compptr->width_in_blocks * sizeof(JBLOCK));
-          }
-          continue;
-        }
-        src_buffer = (*srcinfo->mem->access_virt_barray)
-          ((j_common_ptr)srcinfo, src_coef_arrays[ci],
-           dst_blk_y - y_crop_blocks, (JDIMENSION)compptr->v_samp_factor,
-           FALSE);
-      } else {
-        src_buffer = (*srcinfo->mem->access_virt_barray)
-          ((j_common_ptr)srcinfo, src_coef_arrays[ci],
-           dst_blk_y + y_crop_blocks, (JDIMENSION)compptr->v_samp_factor,
-          FALSE);
-      }
-      for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-        if (x_crop_blocks > 0) {
-          MEMZERO(dst_buffer[offset_y], x_crop_blocks * sizeof(JBLOCK));
-          dc = src_buffer[offset_y][0][0];
-          for (dst_blk_x = 0; dst_blk_x < x_crop_blocks; dst_blk_x++) {
-            dst_buffer[offset_y][dst_blk_x][0] = dc;
-          }
-        }
-        jcopy_block_row(src_buffer[offset_y],
-                        dst_buffer[offset_y] + x_crop_blocks, comp_width);
-        if (compptr->width_in_blocks > x_crop_blocks + comp_width) {
-          MEMZERO(dst_buffer[offset_y] + x_crop_blocks + comp_width,
-                  (compptr->width_in_blocks - x_crop_blocks - comp_width) *
-                  sizeof(JBLOCK));
-          dc = src_buffer[offset_y][comp_width - 1][0];
-          for (dst_blk_x = x_crop_blocks + comp_width;
-               dst_blk_x < compptr->width_in_blocks; dst_blk_x++) {
-            dst_buffer[offset_y][dst_blk_x][0] = dc;
-          }
-        }
-      }
-    }
-  }
-}
-
-
-LOCAL(void)
-do_crop_ext_reflect(j_decompress_ptr srcinfo, j_compress_ptr dstinfo,
-                    JDIMENSION x_crop_offset, JDIMENSION y_crop_offset,
-                    jvirt_barray_ptr *src_coef_arrays,
-                    jvirt_barray_ptr *dst_coef_arrays)
-/* Crop.  This is only used when no rotate/flip is requested with the crop.
- * Extension: The destination width is larger than the source, and we fill in
- * the expanded region with repeated reflections of the source image.  Note
- * that we also have to fill partial iMCUs at the right and bottom edge of the
- * source image area in this case.
- */
-{
-  JDIMENSION MCU_cols, MCU_rows, comp_width, comp_height, src_blk_x;
-  JDIMENSION dst_blk_x, dst_blk_y, x_crop_blocks, y_crop_blocks;
-  int ci, k, offset_y;
-  JBLOCKARRAY src_buffer, dst_buffer;
-  JBLOCKROW src_row_ptr, dst_row_ptr;
-  JCOEFPTR src_ptr, dst_ptr;
-  jpeg_component_info *compptr;
-
-  MCU_cols = srcinfo->output_width /
-             (dstinfo->max_h_samp_factor * dstinfo_min_DCT_h_scaled_size);
-  MCU_rows = srcinfo->output_height /
-             (dstinfo->max_v_samp_factor * dstinfo_min_DCT_v_scaled_size);
-
-  for (ci = 0; ci < dstinfo->num_components; ci++) {
-    compptr = dstinfo->comp_info + ci;
-    comp_width = MCU_cols * compptr->h_samp_factor;
-    comp_height = MCU_rows * compptr->v_samp_factor;
-    x_crop_blocks = x_crop_offset * compptr->h_samp_factor;
-    y_crop_blocks = y_crop_offset * compptr->v_samp_factor;
-    for (dst_blk_y = 0; dst_blk_y < compptr->height_in_blocks;
-         dst_blk_y += compptr->v_samp_factor) {
-      dst_buffer = (*srcinfo->mem->access_virt_barray)
-        ((j_common_ptr)srcinfo, dst_coef_arrays[ci], dst_blk_y,
-         (JDIMENSION)compptr->v_samp_factor, TRUE);
-      if (dstinfo->_jpeg_height > srcinfo->output_height) {
-        if (dst_blk_y < y_crop_blocks ||
-            dst_blk_y >= y_crop_blocks + comp_height) {
-          for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-            MEMZERO(dst_buffer[offset_y],
-                    compptr->width_in_blocks * sizeof(JBLOCK));
-          }
-          continue;
-        }
-        src_buffer = (*srcinfo->mem->access_virt_barray)
-          ((j_common_ptr)srcinfo, src_coef_arrays[ci],
-           dst_blk_y - y_crop_blocks, (JDIMENSION)compptr->v_samp_factor,
-           FALSE);
-      } else {
-        src_buffer = (*srcinfo->mem->access_virt_barray)
-          ((j_common_ptr)srcinfo, src_coef_arrays[ci],
-           dst_blk_y + y_crop_blocks, (JDIMENSION)compptr->v_samp_factor,
-           FALSE);
-      }
-      for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-        /* Copy source region */
-        jcopy_block_row(src_buffer[offset_y],
-                        dst_buffer[offset_y] + x_crop_blocks, comp_width);
-        if (x_crop_blocks > 0) {
-          /* Reflect to left */
-          dst_row_ptr = dst_buffer[offset_y] + x_crop_blocks;
-          for (dst_blk_x = x_crop_blocks; dst_blk_x > 0;) {
-            src_row_ptr = dst_row_ptr;      /* (re)set axis of reflection */
-            for (src_blk_x = comp_width; src_blk_x > 0 && dst_blk_x > 0;
-                 src_blk_x--, dst_blk_x--) {
-              dst_ptr = *(--dst_row_ptr);   /* destination goes left */
-              src_ptr = *src_row_ptr++;     /* source goes right */
-              /* This unrolled loop doesn't need to know which row it's on. */
-              for (k = 0; k < DCTSIZE2; k += 2) {
-                *dst_ptr++ = *src_ptr++;    /* copy even column */
-                *dst_ptr++ = -(*src_ptr++); /* copy odd column with sign
-                                               change */
-              }
-            }
-          }
-        }
-        if (compptr->width_in_blocks > x_crop_blocks + comp_width) {
-          /* Reflect to right */
-          dst_row_ptr = dst_buffer[offset_y] + x_crop_blocks + comp_width;
-          for (dst_blk_x = compptr->width_in_blocks - x_crop_blocks - comp_width;
-               dst_blk_x > 0;) {
-            src_row_ptr = dst_row_ptr;      /* (re)set axis of reflection */
-            for (src_blk_x = comp_width; src_blk_x > 0 && dst_blk_x > 0;
-                 src_blk_x--, dst_blk_x--) {
-              dst_ptr = *dst_row_ptr++;     /* destination goes right */
-              src_ptr = *(--src_row_ptr);   /* source goes left */
-              /* This unrolled loop doesn't need to know which row it's on. */
-              for (k = 0; k < DCTSIZE2; k += 2) {
-                *dst_ptr++ = *src_ptr++;    /* copy even column */
-                *dst_ptr++ = -(*src_ptr++); /* copy odd column with sign
-                                               change */
-              }
-            }
-          }
-        }
-      }
-    }
-  }
-}
-
-
-LOCAL(void)
-do_wipe(j_decompress_ptr srcinfo, j_compress_ptr dstinfo,
-        JDIMENSION x_crop_offset, JDIMENSION y_crop_offset,
-        jvirt_barray_ptr *src_coef_arrays,
-        JDIMENSION drop_width, JDIMENSION drop_height)
-/* Wipe - discard image contents of specified region and fill with zero
- * (neutral gray)
- */
-{
-  JDIMENSION x_wipe_blocks, wipe_width;
-  JDIMENSION y_wipe_blocks, wipe_bottom;
-  int ci, offset_y;
-  JBLOCKARRAY buffer;
-  jpeg_component_info *compptr;
-
-  for (ci = 0; ci < dstinfo->num_components; ci++) {
-    compptr = dstinfo->comp_info + ci;
-    x_wipe_blocks = x_crop_offset * compptr->h_samp_factor;
-    wipe_width = drop_width * compptr->h_samp_factor;
-    y_wipe_blocks = y_crop_offset * compptr->v_samp_factor;
-    wipe_bottom = drop_height * compptr->v_samp_factor + y_wipe_blocks;
-    for (; y_wipe_blocks < wipe_bottom;
-         y_wipe_blocks += compptr->v_samp_factor) {
-      buffer = (*srcinfo->mem->access_virt_barray)
-        ((j_common_ptr)srcinfo, src_coef_arrays[ci], y_wipe_blocks,
-         (JDIMENSION)compptr->v_samp_factor, TRUE);
-      for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-        MEMZERO(buffer[offset_y] + x_wipe_blocks, wipe_width * sizeof(JBLOCK));
-      }
-    }
-  }
-}
-
-
-LOCAL(void)
-do_flatten(j_decompress_ptr srcinfo, j_compress_ptr dstinfo,
-           JDIMENSION x_crop_offset, JDIMENSION y_crop_offset,
-           jvirt_barray_ptr *src_coef_arrays,
-           JDIMENSION drop_width, JDIMENSION drop_height)
-/* Flatten - discard image contents of specified region, similarly to wipe,
- * but fill with the average of adjacent blocks instead of zero.
- */
-{
-  JDIMENSION x_wipe_blocks, wipe_width, wipe_right;
-  JDIMENSION y_wipe_blocks, wipe_bottom, blk_x;
-  int ci, offset_y, dc_left_value, dc_right_value, average;
-  JBLOCKARRAY buffer;
-  jpeg_component_info *compptr;
-
-  for (ci = 0; ci < dstinfo->num_components; ci++) {
-    compptr = dstinfo->comp_info + ci;
-    x_wipe_blocks = x_crop_offset * compptr->h_samp_factor;
-    wipe_width = drop_width * compptr->h_samp_factor;
-    wipe_right = wipe_width + x_wipe_blocks;
-    y_wipe_blocks = y_crop_offset * compptr->v_samp_factor;
-    wipe_bottom = drop_height * compptr->v_samp_factor + y_wipe_blocks;
-    for (; y_wipe_blocks < wipe_bottom;
-         y_wipe_blocks += compptr->v_samp_factor) {
-      buffer = (*srcinfo->mem->access_virt_barray)
-        ((j_common_ptr)srcinfo, src_coef_arrays[ci], y_wipe_blocks,
-         (JDIMENSION)compptr->v_samp_factor, TRUE);
-      for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-        MEMZERO(buffer[offset_y] + x_wipe_blocks, wipe_width * sizeof(JBLOCK));
-        if (x_wipe_blocks > 0) {
-          dc_left_value = buffer[offset_y][x_wipe_blocks - 1][0];
-          if (wipe_right < compptr->width_in_blocks) {
-            dc_right_value = buffer[offset_y][wipe_right][0];
-            average = (dc_left_value + dc_right_value) >> 1;
-          } else {
-            average = dc_left_value;
-          }
-        } else if (wipe_right < compptr->width_in_blocks) {
-          average = buffer[offset_y][wipe_right][0];
-        } else continue;
-        for (blk_x = x_wipe_blocks; blk_x < wipe_right; blk_x++) {
-          buffer[offset_y][blk_x][0] = (JCOEF)average;
-        }
-      }
-    }
-  }
-}
-
-
-LOCAL(void)
-do_reflect(j_decompress_ptr srcinfo, j_compress_ptr dstinfo,
-           JDIMENSION x_crop_offset, jvirt_barray_ptr *src_coef_arrays,
-           JDIMENSION drop_width, JDIMENSION drop_height)
-/* Reflect - discard image contents of specified region, similarly to wipe,
- * but fill with repeated reflections of the outside region instead of zero.
- * NB: y_crop_offset is assumed to be zero.
- */
-{
-  JDIMENSION x_wipe_blocks, wipe_width;
-  JDIMENSION y_wipe_blocks, wipe_bottom;
-  JDIMENSION src_blk_x, dst_blk_x;
-  int ci, k, offset_y;
-  JBLOCKARRAY buffer;
-  JBLOCKROW src_row_ptr, dst_row_ptr;
-  JCOEFPTR src_ptr, dst_ptr;
-  jpeg_component_info *compptr;
-
-  for (ci = 0; ci < dstinfo->num_components; ci++) {
-    compptr = dstinfo->comp_info + ci;
-    x_wipe_blocks = x_crop_offset * compptr->h_samp_factor;
-    wipe_width = drop_width * compptr->h_samp_factor;
-    wipe_bottom = drop_height * compptr->v_samp_factor;
-    for (y_wipe_blocks = 0; y_wipe_blocks < wipe_bottom;
-         y_wipe_blocks += compptr->v_samp_factor) {
-      buffer = (*srcinfo->mem->access_virt_barray)
-        ((j_common_ptr)srcinfo, src_coef_arrays[ci], y_wipe_blocks,
-         (JDIMENSION)compptr->v_samp_factor, TRUE);
-      for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-        if (x_wipe_blocks > 0) {
-          /* Reflect from left */
-          dst_row_ptr = buffer[offset_y] + x_wipe_blocks;
-          for (dst_blk_x = wipe_width; dst_blk_x > 0;) {
-            src_row_ptr = dst_row_ptr;     /* (re)set axis of reflection */
-            for (src_blk_x = x_wipe_blocks;
-                 src_blk_x > 0 && dst_blk_x > 0; src_blk_x--, dst_blk_x--) {
-              dst_ptr = *dst_row_ptr++;    /* destination goes right */
-              src_ptr = *(--src_row_ptr);  /* source goes left */
-              /* this unrolled loop doesn't need to know which row it's on... */
-              for (k = 0; k < DCTSIZE2; k += 2) {
-                *dst_ptr++ = *src_ptr++;   /* copy even column */
-                *dst_ptr++ = -(*src_ptr++); /* copy odd column with sign change */
-              }
-            }
-          }
-        } else if (compptr->width_in_blocks > x_wipe_blocks + wipe_width) {
-          /* Reflect from right */
-          dst_row_ptr = buffer[offset_y] + x_wipe_blocks + wipe_width;
-          for (dst_blk_x = wipe_width; dst_blk_x > 0;) {
-            src_row_ptr = dst_row_ptr;     /* (re)set axis of reflection */
-            src_blk_x = compptr->width_in_blocks - x_wipe_blocks - wipe_width;
-            for (; src_blk_x > 0 && dst_blk_x > 0; src_blk_x--, dst_blk_x--) {
-              dst_ptr = *(--dst_row_ptr);  /* destination goes left */
-              src_ptr = *src_row_ptr++;    /* source goes right */
-              /* this unrolled loop doesn't need to know which row it's on... */
-              for (k = 0; k < DCTSIZE2; k += 2) {
-                *dst_ptr++ = *src_ptr++;   /* copy even column */
-                *dst_ptr++ = -(*src_ptr++); /* copy odd column with sign change */
-              }
-            }
-          }
-        } else {
-          MEMZERO(buffer[offset_y] + x_wipe_blocks,
-                  wipe_width * sizeof(JBLOCK));
-        }
-      }
-    }
-  }
-}
-
-
-LOCAL(void)
-do_flip_h_no_crop(j_decompress_ptr srcinfo, j_compress_ptr dstinfo,
-                  JDIMENSION x_crop_offset, jvirt_barray_ptr *src_coef_arrays)
-/* Horizontal flip; done in-place, so no separate dest array is required.
- * NB: this only works when y_crop_offset is zero.
- */
-{
-  JDIMENSION MCU_cols, comp_width, blk_x, blk_y, x_crop_blocks;
-  int ci, k, offset_y;
-  JBLOCKARRAY buffer;
-  JCOEFPTR ptr1, ptr2;
-  JCOEF temp1, temp2;
-  jpeg_component_info *compptr;
-
-  /* Horizontal mirroring of DCT blocks is accomplished by swapping
-   * pairs of blocks in-place.  Within a DCT block, we perform horizontal
-   * mirroring by changing the signs of odd-numbered columns.
-   * Partial iMCUs at the right edge are left untouched.
-   */
-  MCU_cols = srcinfo->output_width /
-             (dstinfo->max_h_samp_factor * dstinfo_min_DCT_h_scaled_size);
-
-  for (ci = 0; ci < dstinfo->num_components; ci++) {
-    compptr = dstinfo->comp_info + ci;
-    comp_width = MCU_cols * compptr->h_samp_factor;
-    x_crop_blocks = x_crop_offset * compptr->h_samp_factor;
-    for (blk_y = 0; blk_y < compptr->height_in_blocks;
-         blk_y += compptr->v_samp_factor) {
-      buffer = (*srcinfo->mem->access_virt_barray)
-        ((j_common_ptr)srcinfo, src_coef_arrays[ci], blk_y,
-         (JDIMENSION)compptr->v_samp_factor, TRUE);
-      for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-        /* Do the mirroring */
-        for (blk_x = 0; blk_x * 2 < comp_width; blk_x++) {
-          ptr1 = buffer[offset_y][blk_x];
-          ptr2 = buffer[offset_y][comp_width - blk_x - 1];
-          /* this unrolled loop doesn't need to know which row it's on... */
-          for (k = 0; k < DCTSIZE2; k += 2) {
-            temp1 = *ptr1;      /* swap even column */
-            temp2 = *ptr2;
-            *ptr1++ = temp2;
-            *ptr2++ = temp1;
-            temp1 = *ptr1;      /* swap odd column with sign change */
-            temp2 = *ptr2;
-            *ptr1++ = -temp2;
-            *ptr2++ = -temp1;
-          }
-        }
-        if (x_crop_blocks > 0) {
-          /* Now left-justify the portion of the data to be kept.
-           * We can't use a single jcopy_block_row() call because that routine
-           * depends on memcpy(), whose behavior is unspecified for overlapping
-           * source and destination areas.  Sigh.
-           */
-          for (blk_x = 0; blk_x < compptr->width_in_blocks; blk_x++) {
-            jcopy_block_row(buffer[offset_y] + blk_x + x_crop_blocks,
-                            buffer[offset_y] + blk_x, (JDIMENSION)1);
-          }
-        }
-      }
-    }
-  }
-}
-
-
-LOCAL(void)
-do_flip_h(j_decompress_ptr srcinfo, j_compress_ptr dstinfo,
-          JDIMENSION x_crop_offset, JDIMENSION y_crop_offset,
-          jvirt_barray_ptr *src_coef_arrays,
-          jvirt_barray_ptr *dst_coef_arrays)
-/* Horizontal flip in general cropping case */
-{
-  JDIMENSION MCU_cols, comp_width, dst_blk_x, dst_blk_y;
-  JDIMENSION x_crop_blocks, y_crop_blocks;
-  int ci, k, offset_y;
-  JBLOCKARRAY src_buffer, dst_buffer;
-  JBLOCKROW src_row_ptr, dst_row_ptr;
-  JCOEFPTR src_ptr, dst_ptr;
-  jpeg_component_info *compptr;
-
-  /* Here we must output into a separate array because we can't touch
-   * different rows of a single virtual array simultaneously.  Otherwise,
-   * this is essentially the same as the routine above.
-   */
-  MCU_cols = srcinfo->output_width /
-             (dstinfo->max_h_samp_factor * dstinfo_min_DCT_h_scaled_size);
-
-  for (ci = 0; ci < dstinfo->num_components; ci++) {
-    compptr = dstinfo->comp_info + ci;
-    comp_width = MCU_cols * compptr->h_samp_factor;
-    x_crop_blocks = x_crop_offset * compptr->h_samp_factor;
-    y_crop_blocks = y_crop_offset * compptr->v_samp_factor;
-    for (dst_blk_y = 0; dst_blk_y < compptr->height_in_blocks;
-         dst_blk_y += compptr->v_samp_factor) {
-      dst_buffer = (*srcinfo->mem->access_virt_barray)
-        ((j_common_ptr)srcinfo, dst_coef_arrays[ci], dst_blk_y,
-         (JDIMENSION)compptr->v_samp_factor, TRUE);
-      src_buffer = (*srcinfo->mem->access_virt_barray)
-        ((j_common_ptr)srcinfo, src_coef_arrays[ci], dst_blk_y + y_crop_blocks,
-         (JDIMENSION)compptr->v_samp_factor, FALSE);
-      for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-        dst_row_ptr = dst_buffer[offset_y];
-        src_row_ptr = src_buffer[offset_y];
-        for (dst_blk_x = 0; dst_blk_x < compptr->width_in_blocks;
-             dst_blk_x++) {
-          if (x_crop_blocks + dst_blk_x < comp_width) {
-            /* Do the mirrorable blocks */
-            dst_ptr = dst_row_ptr[dst_blk_x];
-            src_ptr = src_row_ptr[comp_width - x_crop_blocks - dst_blk_x - 1];
-            /* this unrolled loop doesn't need to know which row it's on... */
-            for (k = 0; k < DCTSIZE2; k += 2) {
-              *dst_ptr++ = *src_ptr++;    /* copy even column */
-              *dst_ptr++ = -(*src_ptr++); /* copy odd column with sign
-                                             change */
-            }
-          } else {
-            /* Copy last partial block(s) verbatim */
-            jcopy_block_row(src_row_ptr + dst_blk_x + x_crop_blocks,
-                            dst_row_ptr + dst_blk_x, (JDIMENSION)1);
-          }
-        }
-      }
-    }
-  }
-}
-
-
-LOCAL(void)
-do_flip_v(j_decompress_ptr srcinfo, j_compress_ptr dstinfo,
-          JDIMENSION x_crop_offset, JDIMENSION y_crop_offset,
-          jvirt_barray_ptr *src_coef_arrays,
-          jvirt_barray_ptr *dst_coef_arrays)
-/* Vertical flip */
-{
-  JDIMENSION MCU_rows, comp_height, dst_blk_x, dst_blk_y;
-  JDIMENSION x_crop_blocks, y_crop_blocks;
-  int ci, i, j, offset_y;
-  JBLOCKARRAY src_buffer, dst_buffer;
-  JBLOCKROW src_row_ptr, dst_row_ptr;
-  JCOEFPTR src_ptr, dst_ptr;
-  jpeg_component_info *compptr;
-
-  /* We output into a separate array because we can't touch different
-   * rows of the source virtual array simultaneously.  Otherwise, this
-   * is a pretty straightforward analog of horizontal flip.
-   * Within a DCT block, vertical mirroring is done by changing the signs
-   * of odd-numbered rows.
-   * Partial iMCUs at the bottom edge are copied verbatim.
-   */
-  MCU_rows = srcinfo->output_height /
-             (dstinfo->max_v_samp_factor * dstinfo_min_DCT_v_scaled_size);
-
-  for (ci = 0; ci < dstinfo->num_components; ci++) {
-    compptr = dstinfo->comp_info + ci;
-    comp_height = MCU_rows * compptr->v_samp_factor;
-    x_crop_blocks = x_crop_offset * compptr->h_samp_factor;
-    y_crop_blocks = y_crop_offset * compptr->v_samp_factor;
-    for (dst_blk_y = 0; dst_blk_y < compptr->height_in_blocks;
-         dst_blk_y += compptr->v_samp_factor) {
-      dst_buffer = (*srcinfo->mem->access_virt_barray)
-        ((j_common_ptr)srcinfo, dst_coef_arrays[ci], dst_blk_y,
-         (JDIMENSION)compptr->v_samp_factor, TRUE);
-      if (y_crop_blocks + dst_blk_y < comp_height) {
-        /* Row is within the mirrorable area. */
-        src_buffer = (*srcinfo->mem->access_virt_barray)
-          ((j_common_ptr)srcinfo, src_coef_arrays[ci],
-           comp_height - y_crop_blocks - dst_blk_y -
-           (JDIMENSION)compptr->v_samp_factor,
-           (JDIMENSION)compptr->v_samp_factor, FALSE);
-      } else {
-        /* Bottom-edge blocks will be copied verbatim. */
-        src_buffer = (*srcinfo->mem->access_virt_barray)
-          ((j_common_ptr)srcinfo, src_coef_arrays[ci],
-           dst_blk_y + y_crop_blocks,
-           (JDIMENSION)compptr->v_samp_factor, FALSE);
-      }
-      for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-        if (y_crop_blocks + dst_blk_y < comp_height) {
-          /* Row is within the mirrorable area. */
-          dst_row_ptr = dst_buffer[offset_y];
-          src_row_ptr = src_buffer[compptr->v_samp_factor - offset_y - 1];
-          src_row_ptr += x_crop_blocks;
-          for (dst_blk_x = 0; dst_blk_x < compptr->width_in_blocks;
-               dst_blk_x++) {
-            dst_ptr = dst_row_ptr[dst_blk_x];
-            src_ptr = src_row_ptr[dst_blk_x];
-            for (i = 0; i < DCTSIZE; i += 2) {
-              /* copy even row */
-              for (j = 0; j < DCTSIZE; j++)
-                *dst_ptr++ = *src_ptr++;
-              /* copy odd row with sign change */
-              for (j = 0; j < DCTSIZE; j++)
-                *dst_ptr++ = -(*src_ptr++);
-            }
-          }
-        } else {
-          /* Just copy row verbatim. */
-          jcopy_block_row(src_buffer[offset_y] + x_crop_blocks,
-                          dst_buffer[offset_y], compptr->width_in_blocks);
-        }
-      }
-    }
-  }
-}
-
-
-LOCAL(void)
-do_transpose(j_decompress_ptr srcinfo, j_compress_ptr dstinfo,
-             JDIMENSION x_crop_offset, JDIMENSION y_crop_offset,
-             jvirt_barray_ptr *src_coef_arrays,
-             jvirt_barray_ptr *dst_coef_arrays)
-/* Transpose source into destination */
-{
-  JDIMENSION dst_blk_x, dst_blk_y, x_crop_blocks, y_crop_blocks;
-  int ci, i, j, offset_x, offset_y;
-  JBLOCKARRAY src_buffer, dst_buffer;
-  JCOEFPTR src_ptr, dst_ptr;
-  jpeg_component_info *compptr;
-
-  /* Transposing pixels within a block just requires transposing the
-   * DCT coefficients.
-   * Partial iMCUs at the edges require no special treatment; we simply
-   * process all the available DCT blocks for every component.
-   */
-  for (ci = 0; ci < dstinfo->num_components; ci++) {
-    compptr = dstinfo->comp_info + ci;
-    x_crop_blocks = x_crop_offset * compptr->h_samp_factor;
-    y_crop_blocks = y_crop_offset * compptr->v_samp_factor;
-    for (dst_blk_y = 0; dst_blk_y < compptr->height_in_blocks;
-         dst_blk_y += compptr->v_samp_factor) {
-      dst_buffer = (*srcinfo->mem->access_virt_barray)
-        ((j_common_ptr)srcinfo, dst_coef_arrays[ci], dst_blk_y,
-         (JDIMENSION)compptr->v_samp_factor, TRUE);
-      for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-        for (dst_blk_x = 0; dst_blk_x < compptr->width_in_blocks;
-             dst_blk_x += compptr->h_samp_factor) {
-          src_buffer = (*srcinfo->mem->access_virt_barray)
-            ((j_common_ptr)srcinfo, src_coef_arrays[ci],
-             dst_blk_x + x_crop_blocks,
-             (JDIMENSION)compptr->h_samp_factor, FALSE);
-          for (offset_x = 0; offset_x < compptr->h_samp_factor; offset_x++) {
-            dst_ptr = dst_buffer[offset_y][dst_blk_x + offset_x];
-            src_ptr =
-              src_buffer[offset_x][dst_blk_y + offset_y + y_crop_blocks];
-            for (i = 0; i < DCTSIZE; i++)
-              for (j = 0; j < DCTSIZE; j++)
-                dst_ptr[j * DCTSIZE + i] = src_ptr[i * DCTSIZE + j];
-          }
-        }
-      }
-    }
-  }
-}
-
-
-LOCAL(void)
-do_rot_90(j_decompress_ptr srcinfo, j_compress_ptr dstinfo,
-          JDIMENSION x_crop_offset, JDIMENSION y_crop_offset,
-          jvirt_barray_ptr *src_coef_arrays,
-          jvirt_barray_ptr *dst_coef_arrays)
-/* 90 degree rotation is equivalent to
- *   1. Transposing the image;
- *   2. Horizontal mirroring.
- * These two steps are merged into a single processing routine.
- */
-{
-  JDIMENSION MCU_cols, comp_width, dst_blk_x, dst_blk_y;
-  JDIMENSION x_crop_blocks, y_crop_blocks;
-  int ci, i, j, offset_x, offset_y;
-  JBLOCKARRAY src_buffer, dst_buffer;
-  JCOEFPTR src_ptr, dst_ptr;
-  jpeg_component_info *compptr;
-
-  /* Because of the horizontal mirror step, we can't process partial iMCUs
-   * at the (output) right edge properly.  They just get transposed and
-   * not mirrored.
-   */
-  MCU_cols = srcinfo->output_height /
-             (dstinfo->max_h_samp_factor * dstinfo_min_DCT_h_scaled_size);
-
-  for (ci = 0; ci < dstinfo->num_components; ci++) {
-    compptr = dstinfo->comp_info + ci;
-    comp_width = MCU_cols * compptr->h_samp_factor;
-    x_crop_blocks = x_crop_offset * compptr->h_samp_factor;
-    y_crop_blocks = y_crop_offset * compptr->v_samp_factor;
-    for (dst_blk_y = 0; dst_blk_y < compptr->height_in_blocks;
-         dst_blk_y += compptr->v_samp_factor) {
-      dst_buffer = (*srcinfo->mem->access_virt_barray)
-        ((j_common_ptr)srcinfo, dst_coef_arrays[ci], dst_blk_y,
-         (JDIMENSION)compptr->v_samp_factor, TRUE);
-      for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-        for (dst_blk_x = 0; dst_blk_x < compptr->width_in_blocks;
-             dst_blk_x += compptr->h_samp_factor) {
-          if (x_crop_blocks + dst_blk_x < comp_width) {
-            /* Block is within the mirrorable area. */
-            src_buffer = (*srcinfo->mem->access_virt_barray)
-              ((j_common_ptr)srcinfo, src_coef_arrays[ci],
-               comp_width - x_crop_blocks - dst_blk_x -
-               (JDIMENSION)compptr->h_samp_factor,
-               (JDIMENSION)compptr->h_samp_factor, FALSE);
-          } else {
-            /* Edge blocks are transposed but not mirrored. */
-            src_buffer = (*srcinfo->mem->access_virt_barray)
-              ((j_common_ptr)srcinfo, src_coef_arrays[ci],
-               dst_blk_x + x_crop_blocks,
-               (JDIMENSION)compptr->h_samp_factor, FALSE);
-          }
-          for (offset_x = 0; offset_x < compptr->h_samp_factor; offset_x++) {
-            dst_ptr = dst_buffer[offset_y][dst_blk_x + offset_x];
-            if (x_crop_blocks + dst_blk_x < comp_width) {
-              /* Block is within the mirrorable area. */
-              src_ptr = src_buffer[compptr->h_samp_factor - offset_x - 1]
-                [dst_blk_y + offset_y + y_crop_blocks];
-              for (i = 0; i < DCTSIZE; i++) {
-                for (j = 0; j < DCTSIZE; j++)
-                  dst_ptr[j * DCTSIZE + i] = src_ptr[i * DCTSIZE + j];
-                i++;
-                for (j = 0; j < DCTSIZE; j++)
-                  dst_ptr[j * DCTSIZE + i] = -src_ptr[i * DCTSIZE + j];
-              }
-            } else {
-              /* Edge blocks are transposed but not mirrored. */
-              src_ptr = src_buffer[offset_x]
-                [dst_blk_y + offset_y + y_crop_blocks];
-              for (i = 0; i < DCTSIZE; i++)
-                for (j = 0; j < DCTSIZE; j++)
-                  dst_ptr[j * DCTSIZE + i] = src_ptr[i * DCTSIZE + j];
-            }
-          }
-        }
-      }
-    }
-  }
-}
-
-
-LOCAL(void)
-do_rot_270(j_decompress_ptr srcinfo, j_compress_ptr dstinfo,
-           JDIMENSION x_crop_offset, JDIMENSION y_crop_offset,
-           jvirt_barray_ptr *src_coef_arrays,
-           jvirt_barray_ptr *dst_coef_arrays)
-/* 270 degree rotation is equivalent to
- *   1. Horizontal mirroring;
- *   2. Transposing the image.
- * These two steps are merged into a single processing routine.
- */
-{
-  JDIMENSION MCU_rows, comp_height, dst_blk_x, dst_blk_y;
-  JDIMENSION x_crop_blocks, y_crop_blocks;
-  int ci, i, j, offset_x, offset_y;
-  JBLOCKARRAY src_buffer, dst_buffer;
-  JCOEFPTR src_ptr, dst_ptr;
-  jpeg_component_info *compptr;
-
-  /* Because of the horizontal mirror step, we can't process partial iMCUs
-   * at the (output) bottom edge properly.  They just get transposed and
-   * not mirrored.
-   */
-  MCU_rows = srcinfo->output_width /
-             (dstinfo->max_v_samp_factor * dstinfo_min_DCT_v_scaled_size);
-
-  for (ci = 0; ci < dstinfo->num_components; ci++) {
-    compptr = dstinfo->comp_info + ci;
-    comp_height = MCU_rows * compptr->v_samp_factor;
-    x_crop_blocks = x_crop_offset * compptr->h_samp_factor;
-    y_crop_blocks = y_crop_offset * compptr->v_samp_factor;
-    for (dst_blk_y = 0; dst_blk_y < compptr->height_in_blocks;
-         dst_blk_y += compptr->v_samp_factor) {
-      dst_buffer = (*srcinfo->mem->access_virt_barray)
-        ((j_common_ptr)srcinfo, dst_coef_arrays[ci], dst_blk_y,
-         (JDIMENSION)compptr->v_samp_factor, TRUE);
-      for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-        for (dst_blk_x = 0; dst_blk_x < compptr->width_in_blocks;
-             dst_blk_x += compptr->h_samp_factor) {
-          src_buffer = (*srcinfo->mem->access_virt_barray)
-            ((j_common_ptr)srcinfo, src_coef_arrays[ci],
-             dst_blk_x + x_crop_blocks,
-             (JDIMENSION)compptr->h_samp_factor, FALSE);
-          for (offset_x = 0; offset_x < compptr->h_samp_factor; offset_x++) {
-            dst_ptr = dst_buffer[offset_y][dst_blk_x + offset_x];
-            if (y_crop_blocks + dst_blk_y < comp_height) {
-              /* Block is within the mirrorable area. */
-              src_ptr = src_buffer[offset_x]
-                [comp_height - y_crop_blocks - dst_blk_y - offset_y - 1];
-              for (i = 0; i < DCTSIZE; i++) {
-                for (j = 0; j < DCTSIZE; j++) {
-                  dst_ptr[j * DCTSIZE + i] = src_ptr[i * DCTSIZE + j];
-                  j++;
-                  dst_ptr[j * DCTSIZE + i] = -src_ptr[i * DCTSIZE + j];
-                }
-              }
-            } else {
-              /* Edge blocks are transposed but not mirrored. */
-              src_ptr = src_buffer[offset_x]
-                [dst_blk_y + offset_y + y_crop_blocks];
-              for (i = 0; i < DCTSIZE; i++)
-                for (j = 0; j < DCTSIZE; j++)
-                  dst_ptr[j * DCTSIZE + i] = src_ptr[i * DCTSIZE + j];
-            }
-          }
-        }
-      }
-    }
-  }
-}
-
-
-LOCAL(void)
-do_rot_180(j_decompress_ptr srcinfo, j_compress_ptr dstinfo,
-           JDIMENSION x_crop_offset, JDIMENSION y_crop_offset,
-           jvirt_barray_ptr *src_coef_arrays,
-           jvirt_barray_ptr *dst_coef_arrays)
-/* 180 degree rotation is equivalent to
- *   1. Vertical mirroring;
- *   2. Horizontal mirroring.
- * These two steps are merged into a single processing routine.
- */
-{
-  JDIMENSION MCU_cols, MCU_rows, comp_width, comp_height, dst_blk_x, dst_blk_y;
-  JDIMENSION x_crop_blocks, y_crop_blocks;
-  int ci, i, j, offset_y;
-  JBLOCKARRAY src_buffer, dst_buffer;
-  JBLOCKROW src_row_ptr, dst_row_ptr;
-  JCOEFPTR src_ptr, dst_ptr;
-  jpeg_component_info *compptr;
-
-  MCU_cols = srcinfo->output_width /
-             (dstinfo->max_h_samp_factor * dstinfo_min_DCT_h_scaled_size);
-  MCU_rows = srcinfo->output_height /
-             (dstinfo->max_v_samp_factor * dstinfo_min_DCT_v_scaled_size);
-
-  for (ci = 0; ci < dstinfo->num_components; ci++) {
-    compptr = dstinfo->comp_info + ci;
-    comp_width = MCU_cols * compptr->h_samp_factor;
-    comp_height = MCU_rows * compptr->v_samp_factor;
-    x_crop_blocks = x_crop_offset * compptr->h_samp_factor;
-    y_crop_blocks = y_crop_offset * compptr->v_samp_factor;
-    for (dst_blk_y = 0; dst_blk_y < compptr->height_in_blocks;
-         dst_blk_y += compptr->v_samp_factor) {
-      dst_buffer = (*srcinfo->mem->access_virt_barray)
-        ((j_common_ptr)srcinfo, dst_coef_arrays[ci], dst_blk_y,
-         (JDIMENSION)compptr->v_samp_factor, TRUE);
-      if (y_crop_blocks + dst_blk_y < comp_height) {
-        /* Row is within the vertically mirrorable area. */
-        src_buffer = (*srcinfo->mem->access_virt_barray)
-          ((j_common_ptr)srcinfo, src_coef_arrays[ci],
-           comp_height - y_crop_blocks - dst_blk_y -
-           (JDIMENSION)compptr->v_samp_factor,
-           (JDIMENSION)compptr->v_samp_factor, FALSE);
-      } else {
-        /* Bottom-edge rows are only mirrored horizontally. */
-        src_buffer = (*srcinfo->mem->access_virt_barray)
-          ((j_common_ptr)srcinfo, src_coef_arrays[ci],
-           dst_blk_y + y_crop_blocks,
-           (JDIMENSION)compptr->v_samp_factor, FALSE);
-      }
-      for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-        dst_row_ptr = dst_buffer[offset_y];
-        if (y_crop_blocks + dst_blk_y < comp_height) {
-          /* Row is within the mirrorable area. */
-          src_row_ptr = src_buffer[compptr->v_samp_factor - offset_y - 1];
-          for (dst_blk_x = 0; dst_blk_x < compptr->width_in_blocks;
-               dst_blk_x++) {
-            dst_ptr = dst_row_ptr[dst_blk_x];
-            if (x_crop_blocks + dst_blk_x < comp_width) {
-              /* Process the blocks that can be mirrored both ways. */
-              src_ptr =
-                src_row_ptr[comp_width - x_crop_blocks - dst_blk_x - 1];
-              for (i = 0; i < DCTSIZE; i += 2) {
-                /* For even row, negate every odd column. */
-                for (j = 0; j < DCTSIZE; j += 2) {
-                  *dst_ptr++ = *src_ptr++;
-                  *dst_ptr++ = -(*src_ptr++);
-                }
-                /* For odd row, negate every even column. */
-                for (j = 0; j < DCTSIZE; j += 2) {
-                  *dst_ptr++ = -(*src_ptr++);
-                  *dst_ptr++ = *src_ptr++;
-                }
-              }
-            } else {
-              /* Any remaining right-edge blocks are only mirrored vertically. */
-              src_ptr = src_row_ptr[x_crop_blocks + dst_blk_x];
-              for (i = 0; i < DCTSIZE; i += 2) {
-                for (j = 0; j < DCTSIZE; j++)
-                  *dst_ptr++ = *src_ptr++;
-                for (j = 0; j < DCTSIZE; j++)
-                  *dst_ptr++ = -(*src_ptr++);
-              }
-            }
-          }
-        } else {
-          /* Remaining rows are just mirrored horizontally. */
-          src_row_ptr = src_buffer[offset_y];
-          for (dst_blk_x = 0; dst_blk_x < compptr->width_in_blocks;
-               dst_blk_x++) {
-            if (x_crop_blocks + dst_blk_x < comp_width) {
-              /* Process the blocks that can be mirrored. */
-              dst_ptr = dst_row_ptr[dst_blk_x];
-              src_ptr =
-                src_row_ptr[comp_width - x_crop_blocks - dst_blk_x - 1];
-              for (i = 0; i < DCTSIZE2; i += 2) {
-                *dst_ptr++ = *src_ptr++;
-                *dst_ptr++ = -(*src_ptr++);
-              }
-            } else {
-              /* Any remaining right-edge blocks are only copied. */
-              jcopy_block_row(src_row_ptr + dst_blk_x + x_crop_blocks,
-                              dst_row_ptr + dst_blk_x, (JDIMENSION)1);
-            }
-          }
-        }
-      }
-    }
-  }
-}
-
-
-LOCAL(void)
-do_transverse(j_decompress_ptr srcinfo, j_compress_ptr dstinfo,
-              JDIMENSION x_crop_offset, JDIMENSION y_crop_offset,
-              jvirt_barray_ptr *src_coef_arrays,
-              jvirt_barray_ptr *dst_coef_arrays)
-/* Transverse transpose is equivalent to
- *   1. 180 degree rotation;
- *   2. Transposition;
- * or
- *   1. Horizontal mirroring;
- *   2. Transposition;
- *   3. Horizontal mirroring.
- * These steps are merged into a single processing routine.
- */
-{
-  JDIMENSION MCU_cols, MCU_rows, comp_width, comp_height, dst_blk_x, dst_blk_y;
-  JDIMENSION x_crop_blocks, y_crop_blocks;
-  int ci, i, j, offset_x, offset_y;
-  JBLOCKARRAY src_buffer, dst_buffer;
-  JCOEFPTR src_ptr, dst_ptr;
-  jpeg_component_info *compptr;
-
-  MCU_cols = srcinfo->output_height /
-             (dstinfo->max_h_samp_factor * dstinfo_min_DCT_h_scaled_size);
-  MCU_rows = srcinfo->output_width /
-             (dstinfo->max_v_samp_factor * dstinfo_min_DCT_v_scaled_size);
-
-  for (ci = 0; ci < dstinfo->num_components; ci++) {
-    compptr = dstinfo->comp_info + ci;
-    comp_width = MCU_cols * compptr->h_samp_factor;
-    comp_height = MCU_rows * compptr->v_samp_factor;
-    x_crop_blocks = x_crop_offset * compptr->h_samp_factor;
-    y_crop_blocks = y_crop_offset * compptr->v_samp_factor;
-    for (dst_blk_y = 0; dst_blk_y < compptr->height_in_blocks;
-         dst_blk_y += compptr->v_samp_factor) {
-      dst_buffer = (*srcinfo->mem->access_virt_barray)
-        ((j_common_ptr)srcinfo, dst_coef_arrays[ci], dst_blk_y,
-         (JDIMENSION)compptr->v_samp_factor, TRUE);
-      for (offset_y = 0; offset_y < compptr->v_samp_factor; offset_y++) {
-        for (dst_blk_x = 0; dst_blk_x < compptr->width_in_blocks;
-             dst_blk_x += compptr->h_samp_factor) {
-          if (x_crop_blocks + dst_blk_x < comp_width) {
-            /* Block is within the mirrorable area. */
-            src_buffer = (*srcinfo->mem->access_virt_barray)
-              ((j_common_ptr)srcinfo, src_coef_arrays[ci],
-               comp_width - x_crop_blocks - dst_blk_x -
-               (JDIMENSION)compptr->h_samp_factor,
-               (JDIMENSION)compptr->h_samp_factor, FALSE);
-          } else {
-            src_buffer = (*srcinfo->mem->access_virt_barray)
-              ((j_common_ptr)srcinfo, src_coef_arrays[ci],
-               dst_blk_x + x_crop_blocks,
-               (JDIMENSION)compptr->h_samp_factor, FALSE);
-          }
-          for (offset_x = 0; offset_x < compptr->h_samp_factor; offset_x++) {
-            dst_ptr = dst_buffer[offset_y][dst_blk_x + offset_x];
-            if (y_crop_blocks + dst_blk_y < comp_height) {
-              if (x_crop_blocks + dst_blk_x < comp_width) {
-                /* Block is within the mirrorable area. */
-                src_ptr = src_buffer[compptr->h_samp_factor - offset_x - 1]
-                  [comp_height - y_crop_blocks - dst_blk_y - offset_y - 1];
-                for (i = 0; i < DCTSIZE; i++) {
-                  for (j = 0; j < DCTSIZE; j++) {
-                    dst_ptr[j * DCTSIZE + i] = src_ptr[i * DCTSIZE + j];
-                    j++;
-                    dst_ptr[j * DCTSIZE + i] = -src_ptr[i * DCTSIZE + j];
-                  }
-                  i++;
-                  for (j = 0; j < DCTSIZE; j++) {
-                    dst_ptr[j * DCTSIZE + i] = -src_ptr[i * DCTSIZE + j];
-                    j++;
-                    dst_ptr[j * DCTSIZE + i] = src_ptr[i * DCTSIZE + j];
-                  }
-                }
-              } else {
-                /* Right-edge blocks are mirrored in y only */
-                src_ptr = src_buffer[offset_x]
-                  [comp_height - y_crop_blocks - dst_blk_y - offset_y - 1];
-                for (i = 0; i < DCTSIZE; i++) {
-                  for (j = 0; j < DCTSIZE; j++) {
-                    dst_ptr[j * DCTSIZE + i] = src_ptr[i * DCTSIZE + j];
-                    j++;
-                    dst_ptr[j * DCTSIZE + i] = -src_ptr[i * DCTSIZE + j];
-                  }
-                }
-              }
-            } else {
-              if (x_crop_blocks + dst_blk_x < comp_width) {
-                /* Bottom-edge blocks are mirrored in x only */
-                src_ptr = src_buffer[compptr->h_samp_factor - offset_x - 1]
-                  [dst_blk_y + offset_y + y_crop_blocks];
-                for (i = 0; i < DCTSIZE; i++) {
-                  for (j = 0; j < DCTSIZE; j++)
-                    dst_ptr[j * DCTSIZE + i] = src_ptr[i * DCTSIZE + j];
-                  i++;
-                  for (j = 0; j < DCTSIZE; j++)
-                    dst_ptr[j * DCTSIZE + i] = -src_ptr[i * DCTSIZE + j];
-                }
-              } else {
-                /* At lower right corner, just transpose, no mirroring */
-                src_ptr = src_buffer[offset_x]
-                  [dst_blk_y + offset_y + y_crop_blocks];
-                for (i = 0; i < DCTSIZE; i++)
-                  for (j = 0; j < DCTSIZE; j++)
-                    dst_ptr[j * DCTSIZE + i] = src_ptr[i * DCTSIZE + j];
-              }
-            }
-          }
-        }
-      }
-    }
-  }
-}
-
-
-/* Parse an unsigned integer: subroutine for jtransform_parse_crop_spec.
- * Returns TRUE if valid integer found, FALSE if not.
- * *strptr is advanced over the digit string, and *result is set to its value.
- */
-
-LOCAL(boolean)
-jt_read_integer(const char **strptr, JDIMENSION *result)
-{
-  const char *ptr = *strptr;
-  JDIMENSION val = 0;
-
-  for (; isdigit(*ptr); ptr++) {
-    val = val * 10 + (JDIMENSION)(*ptr - '0');
-  }
-  *result = val;
-  if (ptr == *strptr)
-    return FALSE;               /* oops, no digits */
-  *strptr = ptr;
-  return TRUE;
-}
-
-
-/* Parse a crop specification (written in X11 geometry style).
- * The routine returns TRUE if the spec string is valid, FALSE if not.
- *
- * The crop spec string should have the format
- *      <width>[{fr}]x<height>[{fr}]{+-}<xoffset>{+-}<yoffset>
- * where width, height, xoffset, and yoffset are unsigned integers.
- * Each of the elements can be omitted to indicate a default value.
- * (A weakness of this style is that it is not possible to omit xoffset
- * while specifying yoffset, since they look alike.)
- *
- * This code is loosely based on XParseGeometry from the X11 distribution.
- */
-
-GLOBAL(boolean)
-jtransform_parse_crop_spec(jpeg_transform_info *info, const char *spec)
-{
-  info->crop = FALSE;
-  info->crop_width_set = JCROP_UNSET;
-  info->crop_height_set = JCROP_UNSET;
-  info->crop_xoffset_set = JCROP_UNSET;
-  info->crop_yoffset_set = JCROP_UNSET;
-
-  if (isdigit(*spec)) {
-    /* fetch width */
-    if (!jt_read_integer(&spec, &info->crop_width))
-      return FALSE;
-    if (*spec == 'f' || *spec == 'F') {
-      spec++;
-      info->crop_width_set = JCROP_FORCE;
-    } else if (*spec == 'r' || *spec == 'R') {
-      spec++;
-      info->crop_width_set = JCROP_REFLECT;
-    } else
-      info->crop_width_set = JCROP_POS;
-  }
-  if (*spec == 'x' || *spec == 'X') {
-    /* fetch height */
-    spec++;
-    if (!jt_read_integer(&spec, &info->crop_height))
-      return FALSE;
-    if (*spec == 'f' || *spec == 'F') {
-      spec++;
-      info->crop_height_set = JCROP_FORCE;
-    } else if (*spec == 'r' || *spec == 'R') {
-      spec++;
-      info->crop_height_set = JCROP_REFLECT;
-    } else
-      info->crop_height_set = JCROP_POS;
-  }
-  if (*spec == '+' || *spec == '-') {
-    /* fetch xoffset */
-    info->crop_xoffset_set = (*spec == '-') ? JCROP_NEG : JCROP_POS;
-    spec++;
-    if (!jt_read_integer(&spec, &info->crop_xoffset))
-      return FALSE;
-  }
-  if (*spec == '+' || *spec == '-') {
-    /* fetch yoffset */
-    info->crop_yoffset_set = (*spec == '-') ? JCROP_NEG : JCROP_POS;
-    spec++;
-    if (!jt_read_integer(&spec, &info->crop_yoffset))
-      return FALSE;
-  }
-  /* We had better have gotten to the end of the string. */
-  if (*spec != '\0')
-    return FALSE;
-  info->crop = TRUE;
-  return TRUE;
-}
-
-
-/* Trim off any partial iMCUs on the indicated destination edge */
-
-LOCAL(void)
-trim_right_edge(jpeg_transform_info *info, JDIMENSION full_width)
-{
-  JDIMENSION MCU_cols;
-
-  MCU_cols = info->output_width / info->iMCU_sample_width;
-  if (MCU_cols > 0 && info->x_crop_offset + MCU_cols ==
-      full_width / info->iMCU_sample_width)
-    info->output_width = MCU_cols * info->iMCU_sample_width;
-}
-
-LOCAL(void)
-trim_bottom_edge(jpeg_transform_info *info, JDIMENSION full_height)
-{
-  JDIMENSION MCU_rows;
-
-  MCU_rows = info->output_height / info->iMCU_sample_height;
-  if (MCU_rows > 0 && info->y_crop_offset + MCU_rows ==
-      full_height / info->iMCU_sample_height)
-    info->output_height = MCU_rows * info->iMCU_sample_height;
-}
-
-
-/* Request any required workspace.
- *
- * This routine figures out the size that the output image will be
- * (which implies that all the transform parameters must be set before
- * it is called).
- *
- * We allocate the workspace virtual arrays from the source decompression
- * object, so that all the arrays (both the original data and the workspace)
- * will be taken into account while making memory management decisions.
- * Hence, this routine must be called after jpeg_read_header (which reads
- * the image dimensions) and before jpeg_read_coefficients (which realizes
- * the source's virtual arrays).
- *
- * This function returns FALSE right away if -perfect is given
- * and transformation is not perfect.  Otherwise returns TRUE.
- */
-
-GLOBAL(boolean)
-jtransform_request_workspace(j_decompress_ptr srcinfo,
-                             jpeg_transform_info *info)
-{
-  jvirt_barray_ptr *coef_arrays;
-  boolean need_workspace, transpose_it;
-  jpeg_component_info *compptr;
-  JDIMENSION xoffset, yoffset, dtemp;
-  JDIMENSION width_in_iMCUs, height_in_iMCUs;
-  JDIMENSION width_in_blocks, height_in_blocks;
-  int itemp, ci, h_samp_factor, v_samp_factor;
-
-  /* Determine number of components in output image */
-  if (info->force_grayscale &&
-      srcinfo->jpeg_color_space == JCS_YCbCr &&
-      srcinfo->num_components == 3)
-    /* We'll only process the first component */
-    info->num_components = 1;
-  else
-    /* Process all the components */
-    info->num_components = srcinfo->num_components;
-
-  /* Compute output image dimensions and related values. */
-#if JPEG_LIB_VERSION >= 80
-  jpeg_core_output_dimensions(srcinfo);
-#else
-  srcinfo->output_width = srcinfo->image_width;
-  srcinfo->output_height = srcinfo->image_height;
-#endif
-
-  /* Return right away if -perfect is given and transformation is not perfect.
-   */
-  if (info->perfect) {
-    if (info->num_components == 1) {
-      if (!jtransform_perfect_transform(srcinfo->output_width,
-          srcinfo->output_height,
-          srcinfo->_min_DCT_h_scaled_size,
-          srcinfo->_min_DCT_v_scaled_size,
-          info->transform))
-        return FALSE;
-    } else {
-      if (!jtransform_perfect_transform(srcinfo->output_width,
-          srcinfo->output_height,
-          srcinfo->max_h_samp_factor * srcinfo->_min_DCT_h_scaled_size,
-          srcinfo->max_v_samp_factor * srcinfo->_min_DCT_v_scaled_size,
-          info->transform))
-        return FALSE;
-    }
-  }
-
-  /* If there is only one output component, force the iMCU size to be 1;
-   * else use the source iMCU size.  (This allows us to do the right thing
-   * when reducing color to grayscale, and also provides a handy way of
-   * cleaning up "funny" grayscale images whose sampling factors are not 1x1.)
-   */
-  switch (info->transform) {
-  case JXFORM_TRANSPOSE:
-  case JXFORM_TRANSVERSE:
-  case JXFORM_ROT_90:
-  case JXFORM_ROT_270:
-    info->output_width = srcinfo->output_height;
-    info->output_height = srcinfo->output_width;
-    if (info->num_components == 1) {
-      info->iMCU_sample_width = srcinfo->_min_DCT_v_scaled_size;
-      info->iMCU_sample_height = srcinfo->_min_DCT_h_scaled_size;
-    } else {
-      info->iMCU_sample_width =
-        srcinfo->max_v_samp_factor * srcinfo->_min_DCT_v_scaled_size;
-      info->iMCU_sample_height =
-        srcinfo->max_h_samp_factor * srcinfo->_min_DCT_h_scaled_size;
-    }
-    break;
-  default:
-    info->output_width = srcinfo->output_width;
-    info->output_height = srcinfo->output_height;
-    if (info->num_components == 1) {
-      info->iMCU_sample_width = srcinfo->_min_DCT_h_scaled_size;
-      info->iMCU_sample_height = srcinfo->_min_DCT_v_scaled_size;
-    } else {
-      info->iMCU_sample_width =
-        srcinfo->max_h_samp_factor * srcinfo->_min_DCT_h_scaled_size;
-      info->iMCU_sample_height =
-        srcinfo->max_v_samp_factor * srcinfo->_min_DCT_v_scaled_size;
-    }
-    break;
-  }
-
-  /* If cropping has been requested, compute the crop area's position and
-   * dimensions, ensuring that its upper left corner falls at an iMCU boundary.
-   */
-  if (info->crop) {
-    /* Insert default values for unset crop parameters */
-    if (info->crop_xoffset_set == JCROP_UNSET)
-      info->crop_xoffset = 0;   /* default to +0 */
-    if (info->crop_yoffset_set == JCROP_UNSET)
-      info->crop_yoffset = 0;   /* default to +0 */
-    if (info->crop_width_set == JCROP_UNSET) {
-      if (info->crop_xoffset >= info->output_width)
-        ERREXIT(srcinfo, JERR_BAD_CROP_SPEC);
-      info->crop_width = info->output_width - info->crop_xoffset;
-    } else {
-      /* Check for crop extension */
-      if (info->crop_width > info->output_width) {
-        /* Crop extension does not work when transforming! */
-        if (info->transform != JXFORM_NONE ||
-            info->crop_xoffset >= info->crop_width ||
-            info->crop_xoffset > info->crop_width - info->output_width)
-          ERREXIT(srcinfo, JERR_BAD_CROP_SPEC);
-      } else {
-        if (info->crop_xoffset >= info->output_width ||
-            info->crop_width <= 0 ||
-            info->crop_xoffset > info->output_width - info->crop_width)
-          ERREXIT(srcinfo, JERR_BAD_CROP_SPEC);
-      }
-    }
-    if (info->crop_height_set == JCROP_UNSET) {
-      if (info->crop_yoffset >= info->output_height)
-        ERREXIT(srcinfo, JERR_BAD_CROP_SPEC);
-      info->crop_height = info->output_height - info->crop_yoffset;
-    } else {
-      /* Check for crop extension */
-      if (info->crop_height > info->output_height) {
-        /* Crop extension does not work when transforming! */
-        if (info->transform != JXFORM_NONE ||
-            info->crop_yoffset >= info->crop_height ||
-            info->crop_yoffset > info->crop_height - info->output_height)
-          ERREXIT(srcinfo, JERR_BAD_CROP_SPEC);
-      } else {
-        if (info->crop_yoffset >= info->output_height ||
-            info->crop_height <= 0 ||
-            info->crop_yoffset > info->output_height - info->crop_height)
-          ERREXIT(srcinfo, JERR_BAD_CROP_SPEC);
-      }
-    }
-    /* Convert negative crop offsets into regular offsets */
-    if (info->crop_xoffset_set != JCROP_NEG)
-      xoffset = info->crop_xoffset;
-    else if (info->crop_width > info->output_width) /* crop extension */
-      xoffset = info->crop_width - info->output_width - info->crop_xoffset;
-    else
-      xoffset = info->output_width - info->crop_width - info->crop_xoffset;
-    if (info->crop_yoffset_set != JCROP_NEG)
-      yoffset = info->crop_yoffset;
-    else if (info->crop_height > info->output_height) /* crop extension */
-      yoffset = info->crop_height - info->output_height - info->crop_yoffset;
-    else
-      yoffset = info->output_height - info->crop_height - info->crop_yoffset;
-    /* Now adjust so that upper left corner falls at an iMCU boundary */
-    switch (info->transform) {
-    case JXFORM_DROP:
-      /* Ensure the effective drop region will not exceed the requested */
-      itemp = info->iMCU_sample_width;
-      dtemp = itemp - 1 - ((xoffset + itemp - 1) % itemp);
-      xoffset += dtemp;
-      if (info->crop_width <= dtemp)
-        info->drop_width = 0;
-      else if (xoffset + info->crop_width - dtemp == info->output_width)
-        /* Matching right edge: include partial iMCU */
-        info->drop_width = (info->crop_width - dtemp + itemp - 1) / itemp;
-      else
-        info->drop_width = (info->crop_width - dtemp) / itemp;
-      itemp = info->iMCU_sample_height;
-      dtemp = itemp - 1 - ((yoffset + itemp - 1) % itemp);
-      yoffset += dtemp;
-      if (info->crop_height <= dtemp)
-        info->drop_height = 0;
-      else if (yoffset + info->crop_height - dtemp == info->output_height)
-        /* Matching bottom edge: include partial iMCU */
-        info->drop_height = (info->crop_height - dtemp + itemp - 1) / itemp;
-      else
-        info->drop_height = (info->crop_height - dtemp) / itemp;
-      /* Check if sampling factors match for dropping */
-      if (info->drop_width != 0 && info->drop_height != 0)
-        for (ci = 0; ci < info->num_components &&
-                     ci < info->drop_ptr->num_components; ci++) {
-          if (info->drop_ptr->comp_info[ci].h_samp_factor *
-              srcinfo->max_h_samp_factor !=
-              srcinfo->comp_info[ci].h_samp_factor *
-              info->drop_ptr->max_h_samp_factor)
-            ERREXIT6(srcinfo, JERR_BAD_DROP_SAMPLING, ci,
-              info->drop_ptr->comp_info[ci].h_samp_factor,
-              info->drop_ptr->max_h_samp_factor,
-              srcinfo->comp_info[ci].h_samp_factor,
-              srcinfo->max_h_samp_factor, 'h');
-          if (info->drop_ptr->comp_info[ci].v_samp_factor *
-              srcinfo->max_v_samp_factor !=
-              srcinfo->comp_info[ci].v_samp_factor *
-              info->drop_ptr->max_v_samp_factor)
-            ERREXIT6(srcinfo, JERR_BAD_DROP_SAMPLING, ci,
-              info->drop_ptr->comp_info[ci].v_samp_factor,
-              info->drop_ptr->max_v_samp_factor,
-              srcinfo->comp_info[ci].v_samp_factor,
-              srcinfo->max_v_samp_factor, 'v');
-        }
-      break;
-    case JXFORM_WIPE:
-      /* Ensure the effective wipe region will cover the requested */
-      info->drop_width = (JDIMENSION)jdiv_round_up
-        ((long)(info->crop_width + (xoffset % info->iMCU_sample_width)),
-         (long)info->iMCU_sample_width);
-      info->drop_height = (JDIMENSION)jdiv_round_up
-        ((long)(info->crop_height + (yoffset % info->iMCU_sample_height)),
-         (long)info->iMCU_sample_height);
-      break;
-    default:
-      /* Ensure the effective crop region will cover the requested */
-      if (info->crop_width_set == JCROP_FORCE ||
-          info->crop_width > info->output_width)
-        info->output_width = info->crop_width;
-      else
-        info->output_width =
-          info->crop_width + (xoffset % info->iMCU_sample_width);
-      if (info->crop_height_set == JCROP_FORCE ||
-          info->crop_height > info->output_height)
-        info->output_height = info->crop_height;
-      else
-        info->output_height =
-          info->crop_height + (yoffset % info->iMCU_sample_height);
-    }
-    /* Save x/y offsets measured in iMCUs */
-    info->x_crop_offset = xoffset / info->iMCU_sample_width;
-    info->y_crop_offset = yoffset / info->iMCU_sample_height;
-  } else {
-    info->x_crop_offset = 0;
-    info->y_crop_offset = 0;
-  }
-
-  /* Figure out whether we need workspace arrays,
-   * and if so whether they are transposed relative to the source.
-   */
-  need_workspace = FALSE;
-  transpose_it = FALSE;
-  switch (info->transform) {
-  case JXFORM_NONE:
-    if (info->x_crop_offset != 0 || info->y_crop_offset != 0 ||
-        info->output_width > srcinfo->output_width ||
-        info->output_height > srcinfo->output_height)
-      need_workspace = TRUE;
-    /* No workspace needed if neither cropping nor transforming */
-    break;
-  case JXFORM_FLIP_H:
-    if (info->trim)
-      trim_right_edge(info, srcinfo->output_width);
-    if (info->y_crop_offset != 0 || info->slow_hflip)
-      need_workspace = TRUE;
-    /* do_flip_h_no_crop doesn't need a workspace array */
-    break;
-  case JXFORM_FLIP_V:
-    if (info->trim)
-      trim_bottom_edge(info, srcinfo->output_height);
-    /* Need workspace arrays having same dimensions as source image. */
-    need_workspace = TRUE;
-    break;
-  case JXFORM_TRANSPOSE:
-    /* transpose does NOT have to trim anything */
-    /* Need workspace arrays having transposed dimensions. */
-    need_workspace = TRUE;
-    transpose_it = TRUE;
-    break;
-  case JXFORM_TRANSVERSE:
-    if (info->trim) {
-      trim_right_edge(info, srcinfo->output_height);
-      trim_bottom_edge(info, srcinfo->output_width);
-    }
-    /* Need workspace arrays having transposed dimensions. */
-    need_workspace = TRUE;
-    transpose_it = TRUE;
-    break;
-  case JXFORM_ROT_90:
-    if (info->trim)
-      trim_right_edge(info, srcinfo->output_height);
-    /* Need workspace arrays having transposed dimensions. */
-    need_workspace = TRUE;
-    transpose_it = TRUE;
-    break;
-  case JXFORM_ROT_180:
-    if (info->trim) {
-      trim_right_edge(info, srcinfo->output_width);
-      trim_bottom_edge(info, srcinfo->output_height);
-    }
-    /* Need workspace arrays having same dimensions as source image. */
-    need_workspace = TRUE;
-    break;
-  case JXFORM_ROT_270:
-    if (info->trim)
-      trim_bottom_edge(info, srcinfo->output_width);
-    /* Need workspace arrays having transposed dimensions. */
-    need_workspace = TRUE;
-    transpose_it = TRUE;
-    break;
-  case JXFORM_WIPE:
-    break;
-  case JXFORM_DROP:
-    break;
-  }
-
-  /* Allocate workspace if needed.
-   * Note that we allocate arrays padded out to the next iMCU boundary,
-   * so that transform routines need not worry about missing edge blocks.
-   */
-  if (need_workspace) {
-    coef_arrays = (jvirt_barray_ptr *)
-      (*srcinfo->mem->alloc_small) ((j_common_ptr)srcinfo, JPOOL_IMAGE,
-                sizeof(jvirt_barray_ptr) * info->num_components);
-    width_in_iMCUs = (JDIMENSION)
-      jdiv_round_up((long)info->output_width, (long)info->iMCU_sample_width);
-    height_in_iMCUs = (JDIMENSION)
-      jdiv_round_up((long)info->output_height, (long)info->iMCU_sample_height);
-    for (ci = 0; ci < info->num_components; ci++) {
-      compptr = srcinfo->comp_info + ci;
-      if (info->num_components == 1) {
-        /* we're going to force samp factors to 1x1 in this case */
-        h_samp_factor = v_samp_factor = 1;
-      } else if (transpose_it) {
-        h_samp_factor = compptr->v_samp_factor;
-        v_samp_factor = compptr->h_samp_factor;
-      } else {
-        h_samp_factor = compptr->h_samp_factor;
-        v_samp_factor = compptr->v_samp_factor;
-      }
-      width_in_blocks = width_in_iMCUs * h_samp_factor;
-      height_in_blocks = height_in_iMCUs * v_samp_factor;
-      coef_arrays[ci] = (*srcinfo->mem->request_virt_barray)
-        ((j_common_ptr)srcinfo, JPOOL_IMAGE, FALSE,
-         width_in_blocks, height_in_blocks, (JDIMENSION)v_samp_factor);
-    }
-    info->workspace_coef_arrays = coef_arrays;
-  } else
-    info->workspace_coef_arrays = NULL;
-
-  return TRUE;
-}
-
-
-/* Transpose destination image parameters */
-
-LOCAL(void)
-transpose_critical_parameters(j_compress_ptr dstinfo)
-{
-  int tblno, i, j, ci, itemp;
-  jpeg_component_info *compptr;
-  JQUANT_TBL *qtblptr;
-  JDIMENSION jtemp;
-  UINT16 qtemp;
-
-  /* Transpose image dimensions */
-  jtemp = dstinfo->image_width;
-  dstinfo->image_width = dstinfo->image_height;
-  dstinfo->image_height = jtemp;
-#if JPEG_LIB_VERSION >= 70
-  itemp = dstinfo->min_DCT_h_scaled_size;
-  dstinfo->min_DCT_h_scaled_size = dstinfo->min_DCT_v_scaled_size;
-  dstinfo->min_DCT_v_scaled_size = itemp;
-#endif
-
-  /* Transpose sampling factors */
-  for (ci = 0; ci < dstinfo->num_components; ci++) {
-    compptr = dstinfo->comp_info + ci;
-    itemp = compptr->h_samp_factor;
-    compptr->h_samp_factor = compptr->v_samp_factor;
-    compptr->v_samp_factor = itemp;
-  }
-
-  /* Transpose quantization tables */
-  for (tblno = 0; tblno < NUM_QUANT_TBLS; tblno++) {
-    qtblptr = dstinfo->quant_tbl_ptrs[tblno];
-    if (qtblptr != NULL) {
-      for (i = 0; i < DCTSIZE; i++) {
-        for (j = 0; j < i; j++) {
-          qtemp = qtblptr->quantval[i * DCTSIZE + j];
-          qtblptr->quantval[i * DCTSIZE + j] =
-            qtblptr->quantval[j * DCTSIZE + i];
-          qtblptr->quantval[j * DCTSIZE + i] = qtemp;
-        }
-      }
-    }
-  }
-}
-
-
-/* Adjust Exif image parameters.
- *
- * We try to adjust the Tags ExifImageWidth and ExifImageHeight if possible.
- */
-
-LOCAL(void)
-adjust_exif_parameters(JOCTET *data, unsigned int length, JDIMENSION new_width,
-                       JDIMENSION new_height)
-{
-  boolean is_motorola; /* Flag for byte order */
-  unsigned int number_of_tags, tagnum;
-  unsigned int firstoffset, offset;
-  JDIMENSION new_value;
-
-  if (length < 12) return; /* Length of an IFD entry */
-
-  /* Discover byte order */
-  if (data[0] == 0x49 && data[1] == 0x49)
-    is_motorola = FALSE;
-  else if (data[0] == 0x4D && data[1] == 0x4D)
-    is_motorola = TRUE;
-  else
-    return;
-
-  /* Check Tag Mark */
-  if (is_motorola) {
-    if (data[2] != 0) return;
-    if (data[3] != 0x2A) return;
-  } else {
-    if (data[3] != 0) return;
-    if (data[2] != 0x2A) return;
-  }
-
-  /* Get first IFD offset (offset to IFD0) */
-  if (is_motorola) {
-    if (data[4] != 0) return;
-    if (data[5] != 0) return;
-    firstoffset = data[6];
-    firstoffset <<= 8;
-    firstoffset += data[7];
-  } else {
-    if (data[7] != 0) return;
-    if (data[6] != 0) return;
-    firstoffset = data[5];
-    firstoffset <<= 8;
-    firstoffset += data[4];
-  }
-  if (firstoffset > length - 2) return; /* check end of data segment */
-
-  /* Get the number of directory entries contained in this IFD */
-  if (is_motorola) {
-    number_of_tags = data[firstoffset];
-    number_of_tags <<= 8;
-    number_of_tags += data[firstoffset + 1];
-  } else {
-    number_of_tags = data[firstoffset + 1];
-    number_of_tags <<= 8;
-    number_of_tags += data[firstoffset];
-  }
-  if (number_of_tags == 0) return;
-  firstoffset += 2;
-
-  /* Search for ExifSubIFD offset Tag in IFD0 */
-  for (;;) {
-    if (firstoffset > length - 12) return; /* check end of data segment */
-    /* Get Tag number */
-    if (is_motorola) {
-      tagnum = data[firstoffset];
-      tagnum <<= 8;
-      tagnum += data[firstoffset + 1];
-    } else {
-      tagnum = data[firstoffset + 1];
-      tagnum <<= 8;
-      tagnum += data[firstoffset];
-    }
-    if (tagnum == 0x8769) break; /* found ExifSubIFD offset Tag */
-    if (--number_of_tags == 0) return;
-    firstoffset += 12;
-  }
-
-  /* Get the ExifSubIFD offset */
-  if (is_motorola) {
-    if (data[firstoffset + 8] != 0) return;
-    if (data[firstoffset + 9] != 0) return;
-    offset = data[firstoffset + 10];
-    offset <<= 8;
-    offset += data[firstoffset + 11];
-  } else {
-    if (data[firstoffset + 11] != 0) return;
-    if (data[firstoffset + 10] != 0) return;
-    offset = data[firstoffset + 9];
-    offset <<= 8;
-    offset += data[firstoffset + 8];
-  }
-  if (offset > length - 2) return; /* check end of data segment */
-
-  /* Get the number of directory entries contained in this SubIFD */
-  if (is_motorola) {
-    number_of_tags = data[offset];
-    number_of_tags <<= 8;
-    number_of_tags += data[offset + 1];
-  } else {
-    number_of_tags = data[offset + 1];
-    number_of_tags <<= 8;
-    number_of_tags += data[offset];
-  }
-  if (number_of_tags < 2) return;
-  offset += 2;
-
-  /* Search for ExifImageWidth and ExifImageHeight Tags in this SubIFD */
-  do {
-    if (offset > length - 12) return; /* check end of data segment */
-    /* Get Tag number */
-    if (is_motorola) {
-      tagnum = data[offset];
-      tagnum <<= 8;
-      tagnum += data[offset + 1];
-    } else {
-      tagnum = data[offset + 1];
-      tagnum <<= 8;
-      tagnum += data[offset];
-    }
-    if (tagnum == 0xA002 || tagnum == 0xA003) {
-      if (tagnum == 0xA002)
-        new_value = new_width; /* ExifImageWidth Tag */
-      else
-        new_value = new_height; /* ExifImageHeight Tag */
-      if (is_motorola) {
-        data[offset + 2] = 0; /* Format = unsigned long (4 octets) */
-        data[offset + 3] = 4;
-        data[offset + 4] = 0; /* Number Of Components = 1 */
-        data[offset + 5] = 0;
-        data[offset + 6] = 0;
-        data[offset + 7] = 1;
-        data[offset + 8] = 0;
-        data[offset + 9] = 0;
-        data[offset + 10] = (JOCTET)((new_value >> 8) & 0xFF);
-        data[offset + 11] = (JOCTET)(new_value & 0xFF);
-      } else {
-        data[offset + 2] = 4; /* Format = unsigned long (4 octets) */
-        data[offset + 3] = 0;
-        data[offset + 4] = 1; /* Number Of Components = 1 */
-        data[offset + 5] = 0;
-        data[offset + 6] = 0;
-        data[offset + 7] = 0;
-        data[offset + 8] = (JOCTET)(new_value & 0xFF);
-        data[offset + 9] = (JOCTET)((new_value >> 8) & 0xFF);
-        data[offset + 10] = 0;
-        data[offset + 11] = 0;
-      }
-    }
-    offset += 12;
-  } while (--number_of_tags);
-}
-
-
-/* Adjust output image parameters as needed.
- *
- * This must be called after jpeg_copy_critical_parameters()
- * and before jpeg_write_coefficients().
- *
- * The return value is the set of virtual coefficient arrays to be written
- * (either the ones allocated by jtransform_request_workspace, or the
- * original source data arrays).  The caller will need to pass this value
- * to jpeg_write_coefficients().
- */
-
-GLOBAL(jvirt_barray_ptr *)
-jtransform_adjust_parameters(j_decompress_ptr srcinfo, j_compress_ptr dstinfo,
-                             jvirt_barray_ptr *src_coef_arrays,
-                             jpeg_transform_info *info)
-{
-  /* If force-to-grayscale is requested, adjust destination parameters */
-  if (info->force_grayscale) {
-    /* First, ensure we have YCbCr or grayscale data, and that the source's
-     * Y channel is full resolution.  (No reasonable person would make Y
-     * be less than full resolution, so actually coping with that case
-     * isn't worth extra code space.  But we check it to avoid crashing.)
-     */
-    if (((dstinfo->jpeg_color_space == JCS_YCbCr &&
-          dstinfo->num_components == 3) ||
-         (dstinfo->jpeg_color_space == JCS_GRAYSCALE &&
-          dstinfo->num_components == 1)) &&
-        srcinfo->comp_info[0].h_samp_factor == srcinfo->max_h_samp_factor &&
-        srcinfo->comp_info[0].v_samp_factor == srcinfo->max_v_samp_factor) {
-      /* We use jpeg_set_colorspace to make sure subsidiary settings get fixed
-       * properly.  Among other things, it sets the target h_samp_factor &
-       * v_samp_factor to 1, which typically won't match the source.
-       * We have to preserve the source's quantization table number, however.
-       */
-      int sv_quant_tbl_no = dstinfo->comp_info[0].quant_tbl_no;
-      jpeg_set_colorspace(dstinfo, JCS_GRAYSCALE);
-      dstinfo->comp_info[0].quant_tbl_no = sv_quant_tbl_no;
-    } else {
-      /* Sorry, can't do it */
-      ERREXIT(dstinfo, JERR_CONVERSION_NOTIMPL);
-    }
-  } else if (info->num_components == 1) {
-    /* For a single-component source, we force the destination sampling factors
-     * to 1x1, with or without force_grayscale.  This is useful because some
-     * decoders choke on grayscale images with other sampling factors.
-     */
-    dstinfo->comp_info[0].h_samp_factor = 1;
-    dstinfo->comp_info[0].v_samp_factor = 1;
-  }
-
-  /* Correct the destination's image dimensions as necessary
-   * for rotate/flip, resize, and crop operations.
-   */
-#if JPEG_LIB_VERSION >= 80
-  dstinfo->jpeg_width = info->output_width;
-  dstinfo->jpeg_height = info->output_height;
-#endif
-
-  /* Transpose destination image parameters, adjust quantization */
-  switch (info->transform) {
-  case JXFORM_TRANSPOSE:
-  case JXFORM_TRANSVERSE:
-  case JXFORM_ROT_90:
-  case JXFORM_ROT_270:
-#if JPEG_LIB_VERSION < 80
-    dstinfo->image_width = info->output_height;
-    dstinfo->image_height = info->output_width;
-#endif
-    transpose_critical_parameters(dstinfo);
-    break;
-  case JXFORM_DROP:
-    if (info->drop_width != 0 && info->drop_height != 0)
-      adjust_quant(srcinfo, src_coef_arrays,
-                   info->drop_ptr, info->drop_coef_arrays,
-                   info->trim, dstinfo);
-    break;
-  default:
-#if JPEG_LIB_VERSION < 80
-    dstinfo->image_width = info->output_width;
-    dstinfo->image_height = info->output_height;
-#endif
-    break;
-  }
-
-  /* Adjust Exif properties */
-  if (srcinfo->marker_list != NULL &&
-      srcinfo->marker_list->marker == JPEG_APP0 + 1 &&
-      srcinfo->marker_list->data_length >= 6 &&
-      srcinfo->marker_list->data[0] == 0x45 &&
-      srcinfo->marker_list->data[1] == 0x78 &&
-      srcinfo->marker_list->data[2] == 0x69 &&
-      srcinfo->marker_list->data[3] == 0x66 &&
-      srcinfo->marker_list->data[4] == 0 &&
-      srcinfo->marker_list->data[5] == 0) {
-    /* Suppress output of JFIF marker */
-    dstinfo->write_JFIF_header = FALSE;
-    /* Adjust Exif image parameters */
-#if JPEG_LIB_VERSION >= 80
-    if (dstinfo->jpeg_width != srcinfo->image_width ||
-        dstinfo->jpeg_height != srcinfo->image_height)
-      /* Align data segment to start of TIFF structure for parsing */
-      adjust_exif_parameters(srcinfo->marker_list->data + 6,
-                             srcinfo->marker_list->data_length - 6,
-                             dstinfo->jpeg_width, dstinfo->jpeg_height);
-#else
-    if (dstinfo->image_width != srcinfo->image_width ||
-        dstinfo->image_height != srcinfo->image_height)
-      /* Align data segment to start of TIFF structure for parsing */
-      adjust_exif_parameters(srcinfo->marker_list->data + 6,
-                             srcinfo->marker_list->data_length - 6,
-                             dstinfo->image_width, dstinfo->image_height);
-#endif
-  }
-
-  /* Return the appropriate output data set */
-  if (info->workspace_coef_arrays != NULL)
-    return info->workspace_coef_arrays;
-  return src_coef_arrays;
-}
-
-
-/* Execute the actual transformation, if any.
- *
- * This must be called *after* jpeg_write_coefficients, because it depends
- * on jpeg_write_coefficients to have computed subsidiary values such as
- * the per-component width and height fields in the destination object.
- *
- * Note that some transformations will modify the source data arrays!
- */
-
-GLOBAL(void)
-jtransform_execute_transform(j_decompress_ptr srcinfo, j_compress_ptr dstinfo,
-                             jvirt_barray_ptr *src_coef_arrays,
-                             jpeg_transform_info *info)
-{
-  jvirt_barray_ptr *dst_coef_arrays = info->workspace_coef_arrays;
-
-  /* Note: conditions tested here should match those in switch statement
-   * in jtransform_request_workspace()
-   */
-  switch (info->transform) {
-  case JXFORM_NONE:
-    if (info->output_width > srcinfo->output_width ||
-        info->output_height > srcinfo->output_height) {
-      if (info->output_width > srcinfo->output_width &&
-          info->crop_width_set == JCROP_REFLECT)
-        do_crop_ext_reflect(srcinfo, dstinfo,
-                            info->x_crop_offset, info->y_crop_offset,
-                            src_coef_arrays, dst_coef_arrays);
-      else if (info->output_width > srcinfo->output_width &&
-               info->crop_width_set == JCROP_FORCE)
-        do_crop_ext_flat(srcinfo, dstinfo,
-                         info->x_crop_offset, info->y_crop_offset,
-                         src_coef_arrays, dst_coef_arrays);
-      else
-        do_crop_ext_zero(srcinfo, dstinfo,
-                         info->x_crop_offset, info->y_crop_offset,
-                         src_coef_arrays, dst_coef_arrays);
-    } else if (info->x_crop_offset != 0 || info->y_crop_offset != 0)
-      do_crop(srcinfo, dstinfo, info->x_crop_offset, info->y_crop_offset,
-              src_coef_arrays, dst_coef_arrays);
-    break;
-  case JXFORM_FLIP_H:
-    if (info->y_crop_offset != 0 || info->slow_hflip)
-      do_flip_h(srcinfo, dstinfo, info->x_crop_offset, info->y_crop_offset,
-                src_coef_arrays, dst_coef_arrays);
-    else
-      do_flip_h_no_crop(srcinfo, dstinfo, info->x_crop_offset,
-                        src_coef_arrays);
-    break;
-  case JXFORM_FLIP_V:
-    do_flip_v(srcinfo, dstinfo, info->x_crop_offset, info->y_crop_offset,
-              src_coef_arrays, dst_coef_arrays);
-    break;
-  case JXFORM_TRANSPOSE:
-    do_transpose(srcinfo, dstinfo, info->x_crop_offset, info->y_crop_offset,
-                 src_coef_arrays, dst_coef_arrays);
-    break;
-  case JXFORM_TRANSVERSE:
-    do_transverse(srcinfo, dstinfo, info->x_crop_offset, info->y_crop_offset,
-                  src_coef_arrays, dst_coef_arrays);
-    break;
-  case JXFORM_ROT_90:
-    do_rot_90(srcinfo, dstinfo, info->x_crop_offset, info->y_crop_offset,
-              src_coef_arrays, dst_coef_arrays);
-    break;
-  case JXFORM_ROT_180:
-    do_rot_180(srcinfo, dstinfo, info->x_crop_offset, info->y_crop_offset,
-               src_coef_arrays, dst_coef_arrays);
-    break;
-  case JXFORM_ROT_270:
-    do_rot_270(srcinfo, dstinfo, info->x_crop_offset, info->y_crop_offset,
-               src_coef_arrays, dst_coef_arrays);
-    break;
-  case JXFORM_WIPE:
-    if (info->crop_width_set == JCROP_REFLECT &&
-        info->y_crop_offset == 0 && info->drop_height ==
-        (JDIMENSION)jdiv_round_up
-          ((long)info->output_height, (long)info->iMCU_sample_height) &&
-        (info->x_crop_offset == 0 ||
-         info->x_crop_offset + info->drop_width ==
-         (JDIMENSION)jdiv_round_up
-           ((long)info->output_width, (long)info->iMCU_sample_width)))
-      do_reflect(srcinfo, dstinfo, info->x_crop_offset,
-                 src_coef_arrays, info->drop_width, info->drop_height);
-    else if (info->crop_width_set == JCROP_FORCE)
-      do_flatten(srcinfo, dstinfo, info->x_crop_offset, info->y_crop_offset,
-                 src_coef_arrays, info->drop_width, info->drop_height);
-    else
-      do_wipe(srcinfo, dstinfo, info->x_crop_offset, info->y_crop_offset,
-              src_coef_arrays, info->drop_width, info->drop_height);
-    break;
-  case JXFORM_DROP:
-    if (info->drop_width != 0 && info->drop_height != 0)
-      do_drop(srcinfo, dstinfo, info->x_crop_offset, info->y_crop_offset,
-              src_coef_arrays, info->drop_ptr, info->drop_coef_arrays,
-              info->drop_width, info->drop_height);
-    break;
-  }
-}
-
-/* jtransform_perfect_transform
- *
- * Determine whether lossless transformation is perfectly
- * possible for a specified image and transformation.
- *
- * Inputs:
- *   image_width, image_height: source image dimensions.
- *   MCU_width, MCU_height: pixel dimensions of MCU.
- *   transform: transformation identifier.
- * Parameter sources from initialized jpeg_struct
- * (after reading source header):
- *   image_width = cinfo.image_width
- *   image_height = cinfo.image_height
- *   MCU_width = cinfo.max_h_samp_factor * cinfo.block_size
- *   MCU_height = cinfo.max_v_samp_factor * cinfo.block_size
- * Result:
- *   TRUE = perfect transformation possible
- *   FALSE = perfect transformation not possible
- *           (may use custom action then)
- */
-
-GLOBAL(boolean)
-jtransform_perfect_transform(JDIMENSION image_width, JDIMENSION image_height,
-                             int MCU_width, int MCU_height,
-                             JXFORM_CODE transform)
-{
-  boolean result = TRUE; /* initialize TRUE */
-
-  switch (transform) {
-  case JXFORM_FLIP_H:
-  case JXFORM_ROT_270:
-    if (image_width % (JDIMENSION)MCU_width)
-      result = FALSE;
-    break;
-  case JXFORM_FLIP_V:
-  case JXFORM_ROT_90:
-    if (image_height % (JDIMENSION)MCU_height)
-      result = FALSE;
-    break;
-  case JXFORM_TRANSVERSE:
-  case JXFORM_ROT_180:
-    if (image_width % (JDIMENSION)MCU_width)
-      result = FALSE;
-    if (image_height % (JDIMENSION)MCU_height)
-      result = FALSE;
-    break;
-  default:
-    break;
-  }
-
-  return result;
-}
-
-#endif /* TRANSFORMS_SUPPORTED */
-
-
-/* Setup decompression object to save desired markers in memory.
- * This must be called before jpeg_read_header() to have the desired effect.
- */
-
-GLOBAL(void)
-jcopy_markers_setup(j_decompress_ptr srcinfo, JCOPY_OPTION option)
-{
-#ifdef SAVE_MARKERS_SUPPORTED
-  int m;
-
-  /* Save comments except under NONE option */
-  if (option != JCOPYOPT_NONE) {
-    jpeg_save_markers(srcinfo, JPEG_COM, 0xFFFF);
-  }
-  /* Save all types of APPn markers iff ALL option */
-  if (option == JCOPYOPT_ALL || option == JCOPYOPT_ALL_EXCEPT_ICC) {
-    for (m = 0; m < 16; m++) {
-      if (option == JCOPYOPT_ALL_EXCEPT_ICC && m == 2)
-        continue;
-      jpeg_save_markers(srcinfo, JPEG_APP0 + m, 0xFFFF);
-    }
-  }
-#endif /* SAVE_MARKERS_SUPPORTED */
-}
-
-/* Copy markers saved in the given source object to the destination object.
- * This should be called just after jpeg_start_compress() or
- * jpeg_write_coefficients().
- * Note that those routines will have written the SOI, and also the
- * JFIF APP0 or Adobe APP14 markers if selected.
- */
-
-GLOBAL(void)
-jcopy_markers_execute(j_decompress_ptr srcinfo, j_compress_ptr dstinfo,
-                      JCOPY_OPTION option)
-{
-  jpeg_saved_marker_ptr marker;
-
-  /* In the current implementation, we don't actually need to examine the
-   * option flag here; we just copy everything that got saved.
-   * But to avoid confusion, we do not output JFIF and Adobe APP14 markers
-   * if the encoder library already wrote one.
-   */
-  for (marker = srcinfo->marker_list; marker != NULL; marker = marker->next) {
-    if (dstinfo->write_JFIF_header &&
-        marker->marker == JPEG_APP0 &&
-        marker->data_length >= 5 &&
-        marker->data[0] == 0x4A &&
-        marker->data[1] == 0x46 &&
-        marker->data[2] == 0x49 &&
-        marker->data[3] == 0x46 &&
-        marker->data[4] == 0)
-      continue;                 /* reject duplicate JFIF */
-    if (dstinfo->write_Adobe_marker &&
-        marker->marker == JPEG_APP0 + 14 &&
-        marker->data_length >= 5 &&
-        marker->data[0] == 0x41 &&
-        marker->data[1] == 0x64 &&
-        marker->data[2] == 0x6F &&
-        marker->data[3] == 0x62 &&
-        marker->data[4] == 0x65)
-      continue;                 /* reject duplicate Adobe */
-    jpeg_write_marker(dstinfo, marker->marker,
-                      marker->data, marker->data_length);
-  }
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/transupp.h b/3rdparty/libjpeg-turbo_2_1_0/transupp.h
deleted file mode 100644
index ea6be1f..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/transupp.h
+++ /dev/null
@@ -1,230 +0,0 @@
-/*
- * transupp.h
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1997-2019, Thomas G. Lane, Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2017, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains declarations for image transformation routines and
- * other utility code used by the jpegtran sample application.  These are
- * NOT part of the core JPEG library.  But we keep these routines separate
- * from jpegtran.c to ease the task of maintaining jpegtran-like programs
- * that have other user interfaces.
- *
- * NOTE: all the routines declared here have very specific requirements
- * about when they are to be executed during the reading and writing of the
- * source and destination files.  See the comments in transupp.c, or see
- * jpegtran.c for an example of correct usage.
- */
-
-/* If you happen not to want the image transform support, disable it here */
-#ifndef TRANSFORMS_SUPPORTED
-#define TRANSFORMS_SUPPORTED  1         /* 0 disables transform code */
-#endif
-
-/*
- * Although rotating and flipping data expressed as DCT coefficients is not
- * hard, there is an asymmetry in the JPEG format specification for images
- * whose dimensions aren't multiples of the iMCU size.  The right and bottom
- * image edges are padded out to the next iMCU boundary with junk data; but
- * no padding is possible at the top and left edges.  If we were to flip
- * the whole image including the pad data, then pad garbage would become
- * visible at the top and/or left, and real pixels would disappear into the
- * pad margins --- perhaps permanently, since encoders & decoders may not
- * bother to preserve DCT blocks that appear to be completely outside the
- * nominal image area.  So, we have to exclude any partial iMCUs from the
- * basic transformation.
- *
- * Transpose is the only transformation that can handle partial iMCUs at the
- * right and bottom edges completely cleanly.  flip_h can flip partial iMCUs
- * at the bottom, but leaves any partial iMCUs at the right edge untouched.
- * Similarly flip_v leaves any partial iMCUs at the bottom edge untouched.
- * The other transforms are defined as combinations of these basic transforms
- * and process edge blocks in a way that preserves the equivalence.
- *
- * The "trim" option causes untransformable partial iMCUs to be dropped;
- * this is not strictly lossless, but it usually gives the best-looking
- * result for odd-size images.  Note that when this option is active,
- * the expected mathematical equivalences between the transforms may not hold.
- * (For example, -rot 270 -trim trims only the bottom edge, but -rot 90 -trim
- * followed by -rot 180 -trim trims both edges.)
- *
- * We also offer a lossless-crop option, which discards data outside a given
- * image region but losslessly preserves what is inside.  Like the rotate and
- * flip transforms, lossless crop is restricted by the JPEG format: the upper
- * left corner of the selected region must fall on an iMCU boundary.  If this
- * does not hold for the given crop parameters, we silently move the upper left
- * corner up and/or left to make it so, simultaneously increasing the region
- * dimensions to keep the lower right crop corner unchanged.  (Thus, the
- * output image covers at least the requested region, but may cover more.)
- * The adjustment of the region dimensions may be optionally disabled.
- *
- * A complementary lossless wipe option is provided to discard (gray out) data
- * inside a given image region while losslessly preserving what is outside.
- * A lossless drop option is also provided, which allows another JPEG image to
- * be inserted ("dropped") into the source image data at a given position,
- * replacing the existing image data at that position.  Both the source image
- * and the drop image must have the same subsampling level.  It is best if they
- * also have the same quantization (quality.)  Otherwise, the quantization of
- * the output image will be adapted to accommodate the higher of the source
- * image quality and the drop image quality.  The trim option can be used with
- * the drop option to requantize the drop image to match the source image.
- *
- * We also provide a lossless-resize option, which is kind of a lossless-crop
- * operation in the DCT coefficient block domain - it discards higher-order
- * coefficients and losslessly preserves lower-order coefficients of a
- * sub-block.
- *
- * Rotate/flip transform, resize, and crop can be requested together in a
- * single invocation.  The crop is applied last --- that is, the crop region
- * is specified in terms of the destination image after transform/resize.
- *
- * We also offer a "force to grayscale" option, which simply discards the
- * chrominance channels of a YCbCr image.  This is lossless in the sense that
- * the luminance channel is preserved exactly.  It's not the same kind of
- * thing as the rotate/flip transformations, but it's convenient to handle it
- * as part of this package, mainly because the transformation routines have to
- * be aware of the option to know how many components to work on.
- */
-
-
-/*
- * Codes for supported types of image transformations.
- */
-
-typedef enum {
-  JXFORM_NONE,            /* no transformation */
-  JXFORM_FLIP_H,          /* horizontal flip */
-  JXFORM_FLIP_V,          /* vertical flip */
-  JXFORM_TRANSPOSE,       /* transpose across UL-to-LR axis */
-  JXFORM_TRANSVERSE,      /* transpose across UR-to-LL axis */
-  JXFORM_ROT_90,          /* 90-degree clockwise rotation */
-  JXFORM_ROT_180,         /* 180-degree rotation */
-  JXFORM_ROT_270,         /* 270-degree clockwise (or 90 ccw) */
-  JXFORM_WIPE,            /* wipe */
-  JXFORM_DROP             /* drop */
-} JXFORM_CODE;
-
-/*
- * Codes for crop parameters, which can individually be unspecified,
- * positive or negative for xoffset or yoffset,
- * positive or force or reflect for width or height.
- */
-
-typedef enum {
-  JCROP_UNSET,
-  JCROP_POS,
-  JCROP_NEG,
-  JCROP_FORCE,
-  JCROP_REFLECT
-} JCROP_CODE;
-
-/*
- * Transform parameters struct.
- * NB: application must not change any elements of this struct after
- * calling jtransform_request_workspace.
- */
-
-typedef struct {
-  /* Options: set by caller */
-  JXFORM_CODE transform;        /* image transform operator */
-  boolean perfect;              /* if TRUE, fail if partial MCUs are requested */
-  boolean trim;                 /* if TRUE, trim partial MCUs as needed */
-  boolean force_grayscale;      /* if TRUE, convert color image to grayscale */
-  boolean crop;                 /* if TRUE, crop or wipe source image, or drop */
-  boolean slow_hflip;  /* For best performance, the JXFORM_FLIP_H transform
-                          normally modifies the source coefficients in place.
-                          Setting this to TRUE will instead use a slower,
-                          double-buffered algorithm, which leaves the source
-                          coefficients in tact (necessary if other transformed
-                          images must be generated from the same set of
-                          coefficients. */
-
-  /* Crop parameters: application need not set these unless crop is TRUE.
-   * These can be filled in by jtransform_parse_crop_spec().
-   */
-  JDIMENSION crop_width;        /* Width of selected region */
-  JCROP_CODE crop_width_set;    /* (force-disables adjustment) */
-  JDIMENSION crop_height;       /* Height of selected region */
-  JCROP_CODE crop_height_set;   /* (force-disables adjustment) */
-  JDIMENSION crop_xoffset;      /* X offset of selected region */
-  JCROP_CODE crop_xoffset_set;  /* (negative measures from right edge) */
-  JDIMENSION crop_yoffset;      /* Y offset of selected region */
-  JCROP_CODE crop_yoffset_set;  /* (negative measures from bottom edge) */
-
-  /* Drop parameters: set by caller for drop request */
-  j_decompress_ptr drop_ptr;
-  jvirt_barray_ptr *drop_coef_arrays;
-
-  /* Internal workspace: caller should not touch these */
-  int num_components;           /* # of components in workspace */
-  jvirt_barray_ptr *workspace_coef_arrays; /* workspace for transformations */
-  JDIMENSION output_width;      /* cropped destination dimensions */
-  JDIMENSION output_height;
-  JDIMENSION x_crop_offset;     /* destination crop offsets measured in iMCUs */
-  JDIMENSION y_crop_offset;
-  JDIMENSION drop_width;        /* drop/wipe dimensions measured in iMCUs */
-  JDIMENSION drop_height;
-  int iMCU_sample_width;        /* destination iMCU size */
-  int iMCU_sample_height;
-} jpeg_transform_info;
-
-
-#if TRANSFORMS_SUPPORTED
-
-/* Parse a crop specification (written in X11 geometry style) */
-EXTERN(boolean) jtransform_parse_crop_spec(jpeg_transform_info *info,
-                                           const char *spec);
-/* Request any required workspace */
-EXTERN(boolean) jtransform_request_workspace(j_decompress_ptr srcinfo,
-                                             jpeg_transform_info *info);
-/* Adjust output image parameters */
-EXTERN(jvirt_barray_ptr *) jtransform_adjust_parameters
-  (j_decompress_ptr srcinfo, j_compress_ptr dstinfo,
-   jvirt_barray_ptr *src_coef_arrays, jpeg_transform_info *info);
-/* Execute the actual transformation, if any */
-EXTERN(void) jtransform_execute_transform(j_decompress_ptr srcinfo,
-                                          j_compress_ptr dstinfo,
-                                          jvirt_barray_ptr *src_coef_arrays,
-                                          jpeg_transform_info *info);
-/* Determine whether lossless transformation is perfectly
- * possible for a specified image and transformation.
- */
-EXTERN(boolean) jtransform_perfect_transform(JDIMENSION image_width,
-                                             JDIMENSION image_height,
-                                             int MCU_width, int MCU_height,
-                                             JXFORM_CODE transform);
-
-/* jtransform_execute_transform used to be called
- * jtransform_execute_transformation, but some compilers complain about
- * routine names that long.  This macro is here to avoid breaking any
- * old source code that uses the original name...
- */
-#define jtransform_execute_transformation       jtransform_execute_transform
-
-#endif /* TRANSFORMS_SUPPORTED */
-
-
-/*
- * Support for copying optional markers from source to destination file.
- */
-
-typedef enum {
-  JCOPYOPT_NONE,          /* copy no optional markers */
-  JCOPYOPT_COMMENTS,      /* copy only comment (COM) markers */
-  JCOPYOPT_ALL,           /* copy all optional markers */
-  JCOPYOPT_ALL_EXCEPT_ICC /* copy all optional markers except APP2 */
-} JCOPY_OPTION;
-
-#define JCOPYOPT_DEFAULT  JCOPYOPT_COMMENTS     /* recommended default */
-
-/* Setup decompression object to save desired markers in memory */
-EXTERN(void) jcopy_markers_setup(j_decompress_ptr srcinfo,
-                                 JCOPY_OPTION option);
-/* Copy markers saved in the given source object to the destination object */
-EXTERN(void) jcopy_markers_execute(j_decompress_ptr srcinfo,
-                                   j_compress_ptr dstinfo,
-                                   JCOPY_OPTION option);
diff --git a/3rdparty/libjpeg-turbo_2_1_0/turbojpeg-jni.c b/3rdparty/libjpeg-turbo_2_1_0/turbojpeg-jni.c
deleted file mode 100644
index 1b728e3..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/turbojpeg-jni.c
+++ /dev/null
@@ -1,1228 +0,0 @@
-/*
- * Copyright (C)2011-2020 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include "turbojpeg.h"
-#ifdef WIN32
-#include "tjutil.h"
-#endif
-#include <jni.h>
-#include "java/org_libjpegturbo_turbojpeg_TJCompressor.h"
-#include "java/org_libjpegturbo_turbojpeg_TJDecompressor.h"
-#include "java/org_libjpegturbo_turbojpeg_TJTransformer.h"
-#include "java/org_libjpegturbo_turbojpeg_TJ.h"
-
-#define BAILIF0(f) { \
-  if (!(f) || (*env)->ExceptionCheck(env)) { \
-    goto bailout; \
-  } \
-}
-
-#define THROW(msg, exceptionClass) { \
-  jclass _exccls = (*env)->FindClass(env, exceptionClass); \
-  \
-  BAILIF0(_exccls); \
-  (*env)->ThrowNew(env, _exccls, msg); \
-  goto bailout; \
-}
-
-#define THROW_TJ() { \
-  jclass _exccls; \
-  jmethodID _excid; \
-  jobject _excobj; \
-  jstring _errstr; \
-  \
-  BAILIF0(_errstr = (*env)->NewStringUTF(env, tjGetErrorStr2(handle))); \
-  BAILIF0(_exccls = (*env)->FindClass(env, \
-    "org/libjpegturbo/turbojpeg/TJException")); \
-  BAILIF0(_excid = (*env)->GetMethodID(env, _exccls, "<init>", \
-                                       "(Ljava/lang/String;I)V")); \
-  BAILIF0(_excobj = (*env)->NewObject(env, _exccls, _excid, _errstr, \
-                                      tjGetErrorCode(handle))); \
-  (*env)->Throw(env, _excobj); \
-  goto bailout; \
-}
-
-#define THROW_ARG(msg)  THROW(msg, "java/lang/IllegalArgumentException")
-
-#define THROW_MEM() \
-  THROW("Memory allocation failure", "java/lang/OutOfMemoryError");
-
-#define GET_HANDLE() \
-  jclass _cls = (*env)->GetObjectClass(env, obj); \
-  jfieldID _fid; \
-  \
-  BAILIF0(_cls); \
-  BAILIF0(_fid = (*env)->GetFieldID(env, _cls, "handle", "J")); \
-  handle = (tjhandle)(size_t)(*env)->GetLongField(env, obj, _fid);
-
-#ifdef _WIN32
-#define setenv(envvar, value, dummy)  _putenv_s(envvar, value)
-#endif
-
-#define PROP2ENV(property, envvar) { \
-  if ((jName = (*env)->NewStringUTF(env, property)) != NULL && \
-      (jValue = (*env)->CallStaticObjectMethod(env, cls, mid, \
-                                               jName)) != NULL) { \
-    if ((value = (*env)->GetStringUTFChars(env, jValue, 0)) != NULL) { \
-      setenv(envvar, value, 1); \
-      (*env)->ReleaseStringUTFChars(env, jValue, value); \
-    } \
-  } \
-}
-
-#define SAFE_RELEASE(javaArray, cArray) { \
-  if (javaArray && cArray) \
-    (*env)->ReleasePrimitiveArrayCritical(env, javaArray, (void *)cArray, 0); \
-  cArray = NULL; \
-}
-
-static int ProcessSystemProperties(JNIEnv *env)
-{
-  jclass cls;
-  jmethodID mid;
-  jstring jName, jValue;
-  const char *value;
-
-  BAILIF0(cls = (*env)->FindClass(env, "java/lang/System"));
-  BAILIF0(mid = (*env)->GetStaticMethodID(env, cls, "getProperty",
-    "(Ljava/lang/String;)Ljava/lang/String;"));
-
-  PROP2ENV("turbojpeg.optimize", "TJ_OPTIMIZE");
-  PROP2ENV("turbojpeg.arithmetic", "TJ_ARITHMETIC");
-  PROP2ENV("turbojpeg.restart", "TJ_RESTART");
-  PROP2ENV("turbojpeg.progressive", "TJ_PROGRESSIVE");
-  return 0;
-
-bailout:
-  return -1;
-}
-
-/* TurboJPEG 1.2.x: TJ::bufSize() */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJ_bufSize
-  (JNIEnv *env, jclass cls, jint width, jint height, jint jpegSubsamp)
-{
-  jint retval = (jint)tjBufSize(width, height, jpegSubsamp);
-
-  if (retval == -1) THROW_ARG(tjGetErrorStr());
-
-bailout:
-  return retval;
-}
-
-/* TurboJPEG 1.4.x: TJ::bufSizeYUV() */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJ_bufSizeYUV__IIII
-  (JNIEnv *env, jclass cls, jint width, jint pad, jint height, jint subsamp)
-{
-  jint retval = (jint)tjBufSizeYUV2(width, pad, height, subsamp);
-
-  if (retval == -1) THROW_ARG(tjGetErrorStr());
-
-bailout:
-  return retval;
-}
-
-/* TurboJPEG 1.2.x: TJ::bufSizeYUV() */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJ_bufSizeYUV__III
-  (JNIEnv *env, jclass cls, jint width, jint height, jint subsamp)
-{
-  return Java_org_libjpegturbo_turbojpeg_TJ_bufSizeYUV__IIII(env, cls, width,
-                                                             4, height,
-                                                             subsamp);
-}
-
-/* TurboJPEG 1.4.x: TJ::planeSizeYUV() */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJ_planeSizeYUV__IIIII
-  (JNIEnv *env, jclass cls, jint componentID, jint width, jint stride,
-   jint height, jint subsamp)
-{
-  jint retval = (jint)tjPlaneSizeYUV(componentID, width, stride, height,
-                                     subsamp);
-
-  if (retval == -1) THROW_ARG(tjGetErrorStr());
-
-bailout:
-  return retval;
-}
-
-/* TurboJPEG 1.4.x: TJ::planeWidth() */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJ_planeWidth__III
-  (JNIEnv *env, jclass cls, jint componentID, jint width, jint subsamp)
-{
-  jint retval = (jint)tjPlaneWidth(componentID, width, subsamp);
-
-  if (retval == -1) THROW_ARG(tjGetErrorStr());
-
-bailout:
-  return retval;
-}
-
-/* TurboJPEG 1.4.x: TJ::planeHeight() */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJ_planeHeight__III
-  (JNIEnv *env, jclass cls, jint componentID, jint height, jint subsamp)
-{
-  jint retval = (jint)tjPlaneHeight(componentID, height, subsamp);
-
-  if (retval == -1) THROW_ARG(tjGetErrorStr());
-
-bailout:
-  return retval;
-}
-
-/* TurboJPEG 1.2.x: TJCompressor::init() */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_init
-  (JNIEnv *env, jobject obj)
-{
-  jclass cls;
-  jfieldID fid;
-  tjhandle handle;
-
-  if ((handle = tjInitCompress()) == NULL)
-    THROW(tjGetErrorStr(), "org/libjpegturbo/turbojpeg/TJException");
-
-  BAILIF0(cls = (*env)->GetObjectClass(env, obj));
-  BAILIF0(fid = (*env)->GetFieldID(env, cls, "handle", "J"));
-  (*env)->SetLongField(env, obj, fid, (size_t)handle);
-
-bailout:
-  return;
-}
-
-static jint TJCompressor_compress
-  (JNIEnv *env, jobject obj, jarray src, jint srcElementSize, jint x, jint y,
-   jint width, jint pitch, jint height, jint pf, jbyteArray dst,
-   jint jpegSubsamp, jint jpegQual, jint flags)
-{
-  tjhandle handle = 0;
-  unsigned long jpegSize = 0;
-  jsize arraySize = 0, actualPitch;
-  unsigned char *srcBuf = NULL, *jpegBuf = NULL;
-
-  GET_HANDLE();
-
-  if (pf < 0 || pf >= org_libjpegturbo_turbojpeg_TJ_NUMPF || width < 1 ||
-      height < 1 || pitch < 0)
-    THROW_ARG("Invalid argument in compress()");
-  if (org_libjpegturbo_turbojpeg_TJ_NUMPF != TJ_NUMPF)
-    THROW_ARG("Mismatch between Java and C API");
-
-  actualPitch = (pitch == 0) ? width * tjPixelSize[pf] : pitch;
-  arraySize = (y + height - 1) * actualPitch + (x + width) * tjPixelSize[pf];
-  if ((*env)->GetArrayLength(env, src) * srcElementSize < arraySize)
-    THROW_ARG("Source buffer is not large enough");
-  jpegSize = tjBufSize(width, height, jpegSubsamp);
-  if ((*env)->GetArrayLength(env, dst) < (jsize)jpegSize)
-    THROW_ARG("Destination buffer is not large enough");
-
-  if (ProcessSystemProperties(env) < 0) goto bailout;
-
-  BAILIF0(srcBuf = (*env)->GetPrimitiveArrayCritical(env, src, 0));
-  BAILIF0(jpegBuf = (*env)->GetPrimitiveArrayCritical(env, dst, 0));
-
-  if (tjCompress2(handle, &srcBuf[y * actualPitch + x * tjPixelSize[pf]],
-                  width, pitch, height, pf, &jpegBuf, &jpegSize, jpegSubsamp,
-                  jpegQual, flags | TJFLAG_NOREALLOC) == -1) {
-    SAFE_RELEASE(dst, jpegBuf);
-    SAFE_RELEASE(src, srcBuf);
-    THROW_TJ();
-  }
-
-bailout:
-  SAFE_RELEASE(dst, jpegBuf);
-  SAFE_RELEASE(src, srcBuf);
-  return (jint)jpegSize;
-}
-
-/* TurboJPEG 1.3.x: TJCompressor::compress() byte source */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_compress___3BIIIIII_3BIII
-  (JNIEnv *env, jobject obj, jbyteArray src, jint x, jint y, jint width,
-   jint pitch, jint height, jint pf, jbyteArray dst, jint jpegSubsamp,
-   jint jpegQual, jint flags)
-{
-  return TJCompressor_compress(env, obj, src, 1, x, y, width, pitch, height,
-                               pf, dst, jpegSubsamp, jpegQual, flags);
-}
-
-/* TurboJPEG 1.2.x: TJCompressor::compress() byte source */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_compress___3BIIII_3BIII
-  (JNIEnv *env, jobject obj, jbyteArray src, jint width, jint pitch,
-   jint height, jint pf, jbyteArray dst, jint jpegSubsamp, jint jpegQual,
-   jint flags)
-{
-  return TJCompressor_compress(env, obj, src, 1, 0, 0, width, pitch, height,
-                               pf, dst, jpegSubsamp, jpegQual, flags);
-}
-
-/* TurboJPEG 1.3.x: TJCompressor::compress() int source */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_compress___3IIIIIII_3BIII
-  (JNIEnv *env, jobject obj, jintArray src, jint x, jint y, jint width,
-   jint stride, jint height, jint pf, jbyteArray dst, jint jpegSubsamp,
-   jint jpegQual, jint flags)
-{
-  if (pf < 0 || pf >= org_libjpegturbo_turbojpeg_TJ_NUMPF)
-    THROW_ARG("Invalid argument in compress()");
-  if (tjPixelSize[pf] != sizeof(jint))
-    THROW_ARG("Pixel format must be 32-bit when compressing from an integer buffer.");
-
-  return TJCompressor_compress(env, obj, src, sizeof(jint), x, y, width,
-                               stride * sizeof(jint), height, pf, dst,
-                               jpegSubsamp, jpegQual, flags);
-
-bailout:
-  return 0;
-}
-
-/* TurboJPEG 1.2.x: TJCompressor::compress() int source */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_compress___3IIIII_3BIII
-  (JNIEnv *env, jobject obj, jintArray src, jint width, jint stride,
-   jint height, jint pf, jbyteArray dst, jint jpegSubsamp, jint jpegQual,
-   jint flags)
-{
-  if (pf < 0 || pf >= org_libjpegturbo_turbojpeg_TJ_NUMPF)
-    THROW_ARG("Invalid argument in compress()");
-  if (tjPixelSize[pf] != sizeof(jint))
-    THROW_ARG("Pixel format must be 32-bit when compressing from an integer buffer.");
-
-  return TJCompressor_compress(env, obj, src, sizeof(jint), 0, 0, width,
-                               stride * sizeof(jint), height, pf, dst,
-                               jpegSubsamp, jpegQual, flags);
-
-bailout:
-  return 0;
-}
-
-/* TurboJPEG 1.4.x: TJCompressor::compressFromYUV() */
-JNIEXPORT jint JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_compressFromYUV___3_3B_3II_3III_3BII
-  (JNIEnv *env, jobject obj, jobjectArray srcobjs, jintArray jSrcOffsets,
-   jint width, jintArray jSrcStrides, jint height, jint subsamp,
-   jbyteArray dst, jint jpegQual, jint flags)
-{
-  tjhandle handle = 0;
-  unsigned long jpegSize = 0;
-  jbyteArray jSrcPlanes[3] = { NULL, NULL, NULL };
-  const unsigned char *srcPlanesTmp[3] = { NULL, NULL, NULL };
-  const unsigned char *srcPlanes[3] = { NULL, NULL, NULL };
-  int *srcOffsetsTmp = NULL, srcOffsets[3] = { 0, 0, 0 };
-  int *srcStridesTmp = NULL, srcStrides[3] = { 0, 0, 0 };
-  unsigned char *jpegBuf = NULL;
-  int nc = (subsamp == org_libjpegturbo_turbojpeg_TJ_SAMP_GRAY ? 1 : 3), i;
-
-  GET_HANDLE();
-
-  if (subsamp < 0 || subsamp >= org_libjpegturbo_turbojpeg_TJ_NUMSAMP)
-    THROW_ARG("Invalid argument in compressFromYUV()");
-  if (org_libjpegturbo_turbojpeg_TJ_NUMSAMP != TJ_NUMSAMP)
-    THROW_ARG("Mismatch between Java and C API");
-
-  if ((*env)->GetArrayLength(env, srcobjs) < nc)
-    THROW_ARG("Planes array is too small for the subsampling type");
-  if ((*env)->GetArrayLength(env, jSrcOffsets) < nc)
-    THROW_ARG("Offsets array is too small for the subsampling type");
-  if ((*env)->GetArrayLength(env, jSrcStrides) < nc)
-    THROW_ARG("Strides array is too small for the subsampling type");
-
-  jpegSize = tjBufSize(width, height, subsamp);
-  if ((*env)->GetArrayLength(env, dst) < (jsize)jpegSize)
-    THROW_ARG("Destination buffer is not large enough");
-
-  if (ProcessSystemProperties(env) < 0) goto bailout;
-
-  BAILIF0(srcOffsetsTmp =
-          (*env)->GetPrimitiveArrayCritical(env, jSrcOffsets, 0));
-  for (i = 0; i < nc; i++) srcOffsets[i] = srcOffsetsTmp[i];
-  SAFE_RELEASE(jSrcOffsets, srcOffsetsTmp);
-
-  BAILIF0(srcStridesTmp =
-          (*env)->GetPrimitiveArrayCritical(env, jSrcStrides, 0));
-  for (i = 0; i < nc; i++) srcStrides[i] = srcStridesTmp[i];
-  SAFE_RELEASE(jSrcStrides, srcStridesTmp);
-
-  for (i = 0; i < nc; i++) {
-    int planeSize = tjPlaneSizeYUV(i, width, srcStrides[i], height, subsamp);
-    int pw = tjPlaneWidth(i, width, subsamp);
-
-    if (planeSize < 0 || pw < 0)
-      THROW_ARG(tjGetErrorStr());
-
-    if (srcOffsets[i] < 0)
-      THROW_ARG("Invalid argument in compressFromYUV()");
-    if (srcStrides[i] < 0 && srcOffsets[i] - planeSize + pw < 0)
-      THROW_ARG("Negative plane stride would cause memory to be accessed below plane boundary");
-
-    BAILIF0(jSrcPlanes[i] = (*env)->GetObjectArrayElement(env, srcobjs, i));
-    if ((*env)->GetArrayLength(env, jSrcPlanes[i]) <
-        srcOffsets[i] + planeSize)
-      THROW_ARG("Source plane is not large enough");
-
-    BAILIF0(srcPlanesTmp[i] =
-            (*env)->GetPrimitiveArrayCritical(env, jSrcPlanes[i], 0));
-    srcPlanes[i] = &srcPlanesTmp[i][srcOffsets[i]];
-    SAFE_RELEASE(jSrcPlanes[i], srcPlanesTmp[i]);
-  }
-  BAILIF0(jpegBuf = (*env)->GetPrimitiveArrayCritical(env, dst, 0));
-
-  if (tjCompressFromYUVPlanes(handle, srcPlanes, width, srcStrides, height,
-                              subsamp, &jpegBuf, &jpegSize, jpegQual,
-                              flags | TJFLAG_NOREALLOC) == -1) {
-    SAFE_RELEASE(dst, jpegBuf);
-    THROW_TJ();
-  }
-
-bailout:
-  SAFE_RELEASE(dst, jpegBuf);
-  return (jint)jpegSize;
-}
-
-static void TJCompressor_encodeYUV
-  (JNIEnv *env, jobject obj, jarray src, jint srcElementSize, jint x, jint y,
-   jint width, jint pitch, jint height, jint pf, jobjectArray dstobjs,
-   jintArray jDstOffsets, jintArray jDstStrides, jint subsamp, jint flags)
-{
-  tjhandle handle = 0;
-  jsize arraySize = 0, actualPitch;
-  unsigned char *srcBuf = NULL;
-  jbyteArray jDstPlanes[3] = { NULL, NULL, NULL };
-  unsigned char *dstPlanesTmp[3] = { NULL, NULL, NULL };
-  unsigned char *dstPlanes[3] = { NULL, NULL, NULL };
-  int *dstOffsetsTmp = NULL, dstOffsets[3] = { 0, 0, 0 };
-  int *dstStridesTmp = NULL, dstStrides[3] = { 0, 0, 0 };
-  int nc = (subsamp == org_libjpegturbo_turbojpeg_TJ_SAMP_GRAY ? 1 : 3), i;
-
-  GET_HANDLE();
-
-  if (pf < 0 || pf >= org_libjpegturbo_turbojpeg_TJ_NUMPF || width < 1 ||
-      height < 1 || pitch < 0 || subsamp < 0 ||
-      subsamp >= org_libjpegturbo_turbojpeg_TJ_NUMSAMP)
-    THROW_ARG("Invalid argument in encodeYUV()");
-  if (org_libjpegturbo_turbojpeg_TJ_NUMPF != TJ_NUMPF ||
-      org_libjpegturbo_turbojpeg_TJ_NUMSAMP != TJ_NUMSAMP)
-    THROW_ARG("Mismatch between Java and C API");
-
-  if ((*env)->GetArrayLength(env, dstobjs) < nc)
-    THROW_ARG("Planes array is too small for the subsampling type");
-  if ((*env)->GetArrayLength(env, jDstOffsets) < nc)
-    THROW_ARG("Offsets array is too small for the subsampling type");
-  if ((*env)->GetArrayLength(env, jDstStrides) < nc)
-    THROW_ARG("Strides array is too small for the subsampling type");
-
-  actualPitch = (pitch == 0) ? width * tjPixelSize[pf] : pitch;
-  arraySize = (y + height - 1) * actualPitch + (x + width) * tjPixelSize[pf];
-  if ((*env)->GetArrayLength(env, src) * srcElementSize < arraySize)
-    THROW_ARG("Source buffer is not large enough");
-
-  BAILIF0(dstOffsetsTmp =
-          (*env)->GetPrimitiveArrayCritical(env, jDstOffsets, 0));
-  for (i = 0; i < nc; i++) dstOffsets[i] = dstOffsetsTmp[i];
-  SAFE_RELEASE(jDstOffsets, dstOffsetsTmp);
-
-  BAILIF0(dstStridesTmp =
-          (*env)->GetPrimitiveArrayCritical(env, jDstStrides, 0));
-  for (i = 0; i < nc; i++) dstStrides[i] = dstStridesTmp[i];
-  SAFE_RELEASE(jDstStrides, dstStridesTmp);
-
-  for (i = 0; i < nc; i++) {
-    int planeSize = tjPlaneSizeYUV(i, width, dstStrides[i], height, subsamp);
-    int pw = tjPlaneWidth(i, width, subsamp);
-
-    if (planeSize < 0 || pw < 0)
-      THROW_ARG(tjGetErrorStr());
-
-    if (dstOffsets[i] < 0)
-      THROW_ARG("Invalid argument in encodeYUV()");
-    if (dstStrides[i] < 0 && dstOffsets[i] - planeSize + pw < 0)
-      THROW_ARG("Negative plane stride would cause memory to be accessed below plane boundary");
-
-    BAILIF0(jDstPlanes[i] = (*env)->GetObjectArrayElement(env, dstobjs, i));
-    if ((*env)->GetArrayLength(env, jDstPlanes[i]) <
-        dstOffsets[i] + planeSize)
-      THROW_ARG("Destination plane is not large enough");
-
-    BAILIF0(dstPlanesTmp[i] =
-            (*env)->GetPrimitiveArrayCritical(env, jDstPlanes[i], 0));
-    dstPlanes[i] = &dstPlanesTmp[i][dstOffsets[i]];
-    SAFE_RELEASE(jDstPlanes[i], dstPlanesTmp[i]);
-  }
-  BAILIF0(srcBuf = (*env)->GetPrimitiveArrayCritical(env, src, 0));
-
-  if (tjEncodeYUVPlanes(handle, &srcBuf[y * actualPitch + x * tjPixelSize[pf]],
-                        width, pitch, height, pf, dstPlanes, dstStrides,
-                        subsamp, flags) == -1) {
-    SAFE_RELEASE(src, srcBuf);
-    THROW_TJ();
-  }
-
-bailout:
-  SAFE_RELEASE(src, srcBuf);
-}
-
-/* TurboJPEG 1.4.x: TJCompressor::encodeYUV() byte source */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_encodeYUV___3BIIIIII_3_3B_3I_3III
-  (JNIEnv *env, jobject obj, jbyteArray src, jint x, jint y, jint width,
-   jint pitch, jint height, jint pf, jobjectArray dstobjs,
-   jintArray jDstOffsets, jintArray jDstStrides, jint subsamp, jint flags)
-{
-  TJCompressor_encodeYUV(env, obj, src, 1, x, y, width, pitch, height, pf,
-                         dstobjs, jDstOffsets, jDstStrides, subsamp, flags);
-}
-
-/* TurboJPEG 1.4.x: TJCompressor::encodeYUV() int source */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_encodeYUV___3IIIIIII_3_3B_3I_3III
-  (JNIEnv *env, jobject obj, jintArray src, jint x, jint y, jint width,
-   jint stride, jint height, jint pf, jobjectArray dstobjs,
-   jintArray jDstOffsets, jintArray jDstStrides, jint subsamp, jint flags)
-{
-  if (pf < 0 || pf >= org_libjpegturbo_turbojpeg_TJ_NUMPF)
-    THROW_ARG("Invalid argument in encodeYUV()");
-  if (tjPixelSize[pf] != sizeof(jint))
-    THROW_ARG("Pixel format must be 32-bit when encoding from an integer buffer.");
-
-  TJCompressor_encodeYUV(env, obj, src, sizeof(jint), x, y, width,
-                         stride * sizeof(jint), height, pf, dstobjs,
-                         jDstOffsets, jDstStrides, subsamp, flags);
-
-bailout:
-  return;
-}
-
-static void JNICALL TJCompressor_encodeYUV_12
-  (JNIEnv *env, jobject obj, jarray src, jint srcElementSize, jint width,
-   jint pitch, jint height, jint pf, jbyteArray dst, jint subsamp, jint flags)
-{
-  tjhandle handle = 0;
-  jsize arraySize = 0;
-  unsigned char *srcBuf = NULL, *dstBuf = NULL;
-
-  GET_HANDLE();
-
-  if (pf < 0 || pf >= org_libjpegturbo_turbojpeg_TJ_NUMPF || width < 1 ||
-      height < 1 || pitch < 0)
-    THROW_ARG("Invalid argument in encodeYUV()");
-  if (org_libjpegturbo_turbojpeg_TJ_NUMPF != TJ_NUMPF)
-    THROW_ARG("Mismatch between Java and C API");
-
-  arraySize = (pitch == 0) ? width * tjPixelSize[pf] * height : pitch * height;
-  if ((*env)->GetArrayLength(env, src) * srcElementSize < arraySize)
-    THROW_ARG("Source buffer is not large enough");
-  if ((*env)->GetArrayLength(env, dst) <
-      (jsize)tjBufSizeYUV(width, height, subsamp))
-    THROW_ARG("Destination buffer is not large enough");
-
-  BAILIF0(srcBuf = (*env)->GetPrimitiveArrayCritical(env, src, 0));
-  BAILIF0(dstBuf = (*env)->GetPrimitiveArrayCritical(env, dst, 0));
-
-  if (tjEncodeYUV2(handle, srcBuf, width, pitch, height, pf, dstBuf, subsamp,
-                   flags) == -1) {
-    SAFE_RELEASE(dst, dstBuf);
-    SAFE_RELEASE(src, srcBuf);
-    THROW_TJ();
-  }
-
-bailout:
-  SAFE_RELEASE(dst, dstBuf);
-  SAFE_RELEASE(src, srcBuf);
-}
-
-/* TurboJPEG 1.2.x: TJCompressor::encodeYUV() byte source */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_encodeYUV___3BIIII_3BII
-  (JNIEnv *env, jobject obj, jbyteArray src, jint width, jint pitch,
-   jint height, jint pf, jbyteArray dst, jint subsamp, jint flags)
-{
-  TJCompressor_encodeYUV_12(env, obj, src, 1, width, pitch, height, pf, dst,
-                            subsamp, flags);
-}
-
-/* TurboJPEG 1.2.x: TJCompressor::encodeYUV() int source */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_encodeYUV___3IIIII_3BII
-  (JNIEnv *env, jobject obj, jintArray src, jint width, jint stride,
-   jint height, jint pf, jbyteArray dst, jint subsamp, jint flags)
-{
-  if (pf < 0 || pf >= org_libjpegturbo_turbojpeg_TJ_NUMPF)
-    THROW_ARG("Invalid argument in encodeYUV()");
-  if (tjPixelSize[pf] != sizeof(jint))
-    THROW_ARG("Pixel format must be 32-bit when encoding from an integer buffer.");
-
-  TJCompressor_encodeYUV_12(env, obj, src, sizeof(jint), width,
-                            stride * sizeof(jint), height, pf, dst, subsamp,
-                            flags);
-
-bailout:
-  return;
-}
-
-/* TurboJPEG 1.2.x: TJCompressor::destroy() */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJCompressor_destroy
-  (JNIEnv *env, jobject obj)
-{
-  tjhandle handle = 0;
-
-  GET_HANDLE();
-
-  if (tjDestroy(handle) == -1) THROW_TJ();
-  (*env)->SetLongField(env, obj, _fid, 0);
-
-bailout:
-  return;
-}
-
-/* TurboJPEG 1.2.x: TJDecompressor::init() */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_init
-  (JNIEnv *env, jobject obj)
-{
-  jclass cls;
-  jfieldID fid;
-  tjhandle handle;
-
-  if ((handle = tjInitDecompress()) == NULL)
-    THROW(tjGetErrorStr(), "org/libjpegturbo/turbojpeg/TJException");
-
-  BAILIF0(cls = (*env)->GetObjectClass(env, obj));
-  BAILIF0(fid = (*env)->GetFieldID(env, cls, "handle", "J"));
-  (*env)->SetLongField(env, obj, fid, (size_t)handle);
-
-bailout:
-  return;
-}
-
-/* TurboJPEG 1.2.x: TJDecompressor::getScalingFactors() */
-JNIEXPORT jobjectArray JNICALL Java_org_libjpegturbo_turbojpeg_TJ_getScalingFactors
-  (JNIEnv *env, jclass cls)
-{
-  jclass sfcls = NULL;
-  jfieldID fid = 0;
-  tjscalingfactor *sf = NULL;
-  int n = 0, i;
-  jobject sfobj = NULL;
-  jobjectArray sfjava = NULL;
-
-  if ((sf = tjGetScalingFactors(&n)) == NULL || n == 0)
-    THROW_ARG(tjGetErrorStr());
-
-  BAILIF0(sfcls = (*env)->FindClass(env,
-    "org/libjpegturbo/turbojpeg/TJScalingFactor"));
-  BAILIF0(sfjava = (jobjectArray)(*env)->NewObjectArray(env, n, sfcls, 0));
-
-  for (i = 0; i < n; i++) {
-    BAILIF0(sfobj = (*env)->AllocObject(env, sfcls));
-    BAILIF0(fid = (*env)->GetFieldID(env, sfcls, "num", "I"));
-    (*env)->SetIntField(env, sfobj, fid, sf[i].num);
-    BAILIF0(fid = (*env)->GetFieldID(env, sfcls, "denom", "I"));
-    (*env)->SetIntField(env, sfobj, fid, sf[i].denom);
-    (*env)->SetObjectArrayElement(env, sfjava, i, sfobj);
-  }
-
-bailout:
-  return sfjava;
-}
-
-/* TurboJPEG 1.2.x: TJDecompressor::decompressHeader() */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompressHeader
-  (JNIEnv *env, jobject obj, jbyteArray src, jint jpegSize)
-{
-  tjhandle handle = 0;
-  unsigned char *jpegBuf = NULL;
-  int width = 0, height = 0, jpegSubsamp = -1, jpegColorspace = -1;
-
-  GET_HANDLE();
-
-  if ((*env)->GetArrayLength(env, src) < jpegSize)
-    THROW_ARG("Source buffer is not large enough");
-
-  BAILIF0(jpegBuf = (*env)->GetPrimitiveArrayCritical(env, src, 0));
-
-  if (tjDecompressHeader3(handle, jpegBuf, (unsigned long)jpegSize, &width,
-                          &height, &jpegSubsamp, &jpegColorspace) == -1) {
-    SAFE_RELEASE(src, jpegBuf);
-    THROW_TJ();
-  }
-
-  SAFE_RELEASE(src, jpegBuf);
-
-  BAILIF0(_fid = (*env)->GetFieldID(env, _cls, "jpegSubsamp", "I"));
-  (*env)->SetIntField(env, obj, _fid, jpegSubsamp);
-  if ((_fid = (*env)->GetFieldID(env, _cls, "jpegColorspace", "I")) == 0)
-    (*env)->ExceptionClear(env);
-  else
-    (*env)->SetIntField(env, obj, _fid, jpegColorspace);
-  BAILIF0(_fid = (*env)->GetFieldID(env, _cls, "jpegWidth", "I"));
-  (*env)->SetIntField(env, obj, _fid, width);
-  BAILIF0(_fid = (*env)->GetFieldID(env, _cls, "jpegHeight", "I"));
-  (*env)->SetIntField(env, obj, _fid, height);
-
-bailout:
-  SAFE_RELEASE(src, jpegBuf);
-}
-
-static void TJDecompressor_decompress
-  (JNIEnv *env, jobject obj, jbyteArray src, jint jpegSize, jarray dst,
-   jint dstElementSize, jint x, jint y, jint width, jint pitch, jint height,
-   jint pf, jint flags)
-{
-  tjhandle handle = 0;
-  jsize arraySize = 0, actualPitch;
-  unsigned char *jpegBuf = NULL, *dstBuf = NULL;
-
-  GET_HANDLE();
-
-  if (pf < 0 || pf >= org_libjpegturbo_turbojpeg_TJ_NUMPF)
-    THROW_ARG("Invalid argument in decompress()");
-  if (org_libjpegturbo_turbojpeg_TJ_NUMPF != TJ_NUMPF)
-    THROW_ARG("Mismatch between Java and C API");
-
-  if ((*env)->GetArrayLength(env, src) < jpegSize)
-    THROW_ARG("Source buffer is not large enough");
-  actualPitch = (pitch == 0) ? width * tjPixelSize[pf] : pitch;
-  arraySize = (y + height - 1) * actualPitch + (x + width) * tjPixelSize[pf];
-  if ((*env)->GetArrayLength(env, dst) * dstElementSize < arraySize)
-    THROW_ARG("Destination buffer is not large enough");
-
-  BAILIF0(jpegBuf = (*env)->GetPrimitiveArrayCritical(env, src, 0));
-  BAILIF0(dstBuf = (*env)->GetPrimitiveArrayCritical(env, dst, 0));
-
-  if (tjDecompress2(handle, jpegBuf, (unsigned long)jpegSize,
-                    &dstBuf[y * actualPitch + x * tjPixelSize[pf]], width,
-                    pitch, height, pf, flags) == -1) {
-    SAFE_RELEASE(dst, dstBuf);
-    SAFE_RELEASE(src, jpegBuf);
-    THROW_TJ();
-  }
-
-bailout:
-  SAFE_RELEASE(dst, dstBuf);
-  SAFE_RELEASE(src, jpegBuf);
-}
-
-/* TurboJPEG 1.3.x: TJDecompressor::decompress() byte destination */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompress___3BI_3BIIIIIII
-  (JNIEnv *env, jobject obj, jbyteArray src, jint jpegSize, jbyteArray dst,
-   jint x, jint y, jint width, jint pitch, jint height, jint pf, jint flags)
-{
-  TJDecompressor_decompress(env, obj, src, jpegSize, dst, 1, x, y, width,
-                            pitch, height, pf, flags);
-}
-
-/* TurboJPEG 1.2.x: TJDecompressor::decompress() byte destination */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompress___3BI_3BIIIII
-  (JNIEnv *env, jobject obj, jbyteArray src, jint jpegSize, jbyteArray dst,
-   jint width, jint pitch, jint height, jint pf, jint flags)
-{
-  TJDecompressor_decompress(env, obj, src, jpegSize, dst, 1, 0, 0, width,
-                            pitch, height, pf, flags);
-}
-
-/* TurboJPEG 1.3.x: TJDecompressor::decompress() int destination */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompress___3BI_3IIIIIIII
-  (JNIEnv *env, jobject obj, jbyteArray src, jint jpegSize, jintArray dst,
-   jint x, jint y, jint width, jint stride, jint height, jint pf, jint flags)
-{
-  if (pf < 0 || pf >= org_libjpegturbo_turbojpeg_TJ_NUMPF)
-    THROW_ARG("Invalid argument in decompress()");
-  if (tjPixelSize[pf] != sizeof(jint))
-    THROW_ARG("Pixel format must be 32-bit when decompressing to an integer buffer.");
-
-  TJDecompressor_decompress(env, obj, src, jpegSize, dst, sizeof(jint), x, y,
-                            width, stride * sizeof(jint), height, pf, flags);
-
-bailout:
-  return;
-}
-
-/* TurboJPEG 1.2.x: TJDecompressor::decompress() int destination */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompress___3BI_3IIIIII
-  (JNIEnv *env, jobject obj, jbyteArray src, jint jpegSize, jintArray dst,
-   jint width, jint stride, jint height, jint pf, jint flags)
-{
-  if (pf < 0 || pf >= org_libjpegturbo_turbojpeg_TJ_NUMPF)
-    THROW_ARG("Invalid argument in decompress()");
-  if (tjPixelSize[pf] != sizeof(jint))
-    THROW_ARG("Pixel format must be 32-bit when decompressing to an integer buffer.");
-
-  TJDecompressor_decompress(env, obj, src, jpegSize, dst, sizeof(jint), 0, 0,
-                            width, stride * sizeof(jint), height, pf, flags);
-
-bailout:
-  return;
-}
-
-/* TurboJPEG 1.4.x: TJDecompressor::decompressToYUV() */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompressToYUV___3BI_3_3B_3II_3III
-  (JNIEnv *env, jobject obj, jbyteArray src, jint jpegSize,
-   jobjectArray dstobjs, jintArray jDstOffsets, jint desiredWidth,
-   jintArray jDstStrides, jint desiredHeight, jint flags)
-{
-  tjhandle handle = 0;
-  unsigned char *jpegBuf = NULL;
-  jbyteArray jDstPlanes[3] = { NULL, NULL, NULL };
-  unsigned char *dstPlanesTmp[3] = { NULL, NULL, NULL };
-  unsigned char *dstPlanes[3] = { NULL, NULL, NULL };
-  int *dstOffsetsTmp = NULL, dstOffsets[3] = { 0, 0, 0 };
-  int *dstStridesTmp = NULL, dstStrides[3] = { 0, 0, 0 };
-  int jpegSubsamp = -1, jpegWidth = 0, jpegHeight = 0;
-  int nc = 0, i, width, height, scaledWidth, scaledHeight, nsf = 0;
-  tjscalingfactor *sf;
-
-  GET_HANDLE();
-
-  if ((*env)->GetArrayLength(env, src) < jpegSize)
-    THROW_ARG("Source buffer is not large enough");
-  BAILIF0(_fid = (*env)->GetFieldID(env, _cls, "jpegSubsamp", "I"));
-  jpegSubsamp = (int)(*env)->GetIntField(env, obj, _fid);
-  BAILIF0(_fid = (*env)->GetFieldID(env, _cls, "jpegWidth", "I"));
-  jpegWidth = (int)(*env)->GetIntField(env, obj, _fid);
-  BAILIF0(_fid = (*env)->GetFieldID(env, _cls, "jpegHeight", "I"));
-  jpegHeight = (int)(*env)->GetIntField(env, obj, _fid);
-
-  nc = (jpegSubsamp == org_libjpegturbo_turbojpeg_TJ_SAMP_GRAY ? 1 : 3);
-
-  width = desiredWidth;
-  height = desiredHeight;
-  if (width == 0) width = jpegWidth;
-  if (height == 0) height = jpegHeight;
-  sf = tjGetScalingFactors(&nsf);
-  if (!sf || nsf < 1)
-    THROW_ARG(tjGetErrorStr());
-  for (i = 0; i < nsf; i++) {
-    scaledWidth = TJSCALED(jpegWidth, sf[i]);
-    scaledHeight = TJSCALED(jpegHeight, sf[i]);
-    if (scaledWidth <= width && scaledHeight <= height)
-      break;
-  }
-  if (i >= nsf)
-    THROW_ARG("Could not scale down to desired image dimensions");
-
-  BAILIF0(dstOffsetsTmp =
-          (*env)->GetPrimitiveArrayCritical(env, jDstOffsets, 0));
-  for (i = 0; i < nc; i++) dstOffsets[i] = dstOffsetsTmp[i];
-  SAFE_RELEASE(jDstOffsets, dstOffsetsTmp);
-
-  BAILIF0(dstStridesTmp =
-          (*env)->GetPrimitiveArrayCritical(env, jDstStrides, 0));
-  for (i = 0; i < nc; i++) dstStrides[i] = dstStridesTmp[i];
-  SAFE_RELEASE(jDstStrides, dstStridesTmp);
-
-  for (i = 0; i < nc; i++) {
-    int planeSize = tjPlaneSizeYUV(i, scaledWidth, dstStrides[i], scaledHeight,
-                                   jpegSubsamp);
-    int pw = tjPlaneWidth(i, scaledWidth, jpegSubsamp);
-
-    if (planeSize < 0 || pw < 0)
-      THROW_ARG(tjGetErrorStr());
-
-    if (dstOffsets[i] < 0)
-      THROW_ARG("Invalid argument in decompressToYUV()");
-    if (dstStrides[i] < 0 && dstOffsets[i] - planeSize + pw < 0)
-      THROW_ARG("Negative plane stride would cause memory to be accessed below plane boundary");
-
-    BAILIF0(jDstPlanes[i] = (*env)->GetObjectArrayElement(env, dstobjs, i));
-    if ((*env)->GetArrayLength(env, jDstPlanes[i]) <
-        dstOffsets[i] + planeSize)
-      THROW_ARG("Destination plane is not large enough");
-
-    BAILIF0(dstPlanesTmp[i] =
-            (*env)->GetPrimitiveArrayCritical(env, jDstPlanes[i], 0));
-    dstPlanes[i] = &dstPlanesTmp[i][dstOffsets[i]];
-    SAFE_RELEASE(jDstPlanes[i], dstPlanesTmp[i]);
-  }
-  BAILIF0(jpegBuf = (*env)->GetPrimitiveArrayCritical(env, src, 0));
-
-  if (tjDecompressToYUVPlanes(handle, jpegBuf, (unsigned long)jpegSize,
-                              dstPlanes, desiredWidth, dstStrides,
-                              desiredHeight, flags) == -1) {
-    SAFE_RELEASE(src, jpegBuf);
-    THROW_TJ();
-  }
-
-bailout:
-  SAFE_RELEASE(src, jpegBuf);
-}
-
-/* TurboJPEG 1.2.x: TJDecompressor::decompressToYUV() */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompressToYUV___3BI_3BI
-  (JNIEnv *env, jobject obj, jbyteArray src, jint jpegSize, jbyteArray dst,
-   jint flags)
-{
-  tjhandle handle = 0;
-  unsigned char *jpegBuf = NULL, *dstBuf = NULL;
-  int jpegSubsamp = -1, jpegWidth = 0, jpegHeight = 0;
-
-  GET_HANDLE();
-
-  if ((*env)->GetArrayLength(env, src) < jpegSize)
-    THROW_ARG("Source buffer is not large enough");
-  BAILIF0(_fid = (*env)->GetFieldID(env, _cls, "jpegSubsamp", "I"));
-  jpegSubsamp = (int)(*env)->GetIntField(env, obj, _fid);
-  BAILIF0(_fid = (*env)->GetFieldID(env, _cls, "jpegWidth", "I"));
-  jpegWidth = (int)(*env)->GetIntField(env, obj, _fid);
-  BAILIF0(_fid = (*env)->GetFieldID(env, _cls, "jpegHeight", "I"));
-  jpegHeight = (int)(*env)->GetIntField(env, obj, _fid);
-  if ((*env)->GetArrayLength(env, dst) <
-      (jsize)tjBufSizeYUV(jpegWidth, jpegHeight, jpegSubsamp))
-    THROW_ARG("Destination buffer is not large enough");
-
-  BAILIF0(jpegBuf = (*env)->GetPrimitiveArrayCritical(env, src, 0));
-  BAILIF0(dstBuf = (*env)->GetPrimitiveArrayCritical(env, dst, 0));
-
-  if (tjDecompressToYUV(handle, jpegBuf, (unsigned long)jpegSize, dstBuf,
-                        flags) == -1) {
-    SAFE_RELEASE(dst, dstBuf);
-    SAFE_RELEASE(src, jpegBuf);
-    THROW_TJ();
-  }
-
-bailout:
-  SAFE_RELEASE(dst, dstBuf);
-  SAFE_RELEASE(src, jpegBuf);
-}
-
-static void TJDecompressor_decodeYUV
-  (JNIEnv *env, jobject obj, jobjectArray srcobjs, jintArray jSrcOffsets,
-   jintArray jSrcStrides, jint subsamp, jarray dst, jint dstElementSize,
-   jint x, jint y, jint width, jint pitch, jint height, jint pf, jint flags)
-{
-  tjhandle handle = 0;
-  jsize arraySize = 0, actualPitch;
-  jbyteArray jSrcPlanes[3] = { NULL, NULL, NULL };
-  const unsigned char *srcPlanesTmp[3] = { NULL, NULL, NULL };
-  const unsigned char *srcPlanes[3] = { NULL, NULL, NULL };
-  int *srcOffsetsTmp = NULL, srcOffsets[3] = { 0, 0, 0 };
-  int *srcStridesTmp = NULL, srcStrides[3] = { 0, 0, 0 };
-  unsigned char *dstBuf = NULL;
-  int nc = (subsamp == org_libjpegturbo_turbojpeg_TJ_SAMP_GRAY ? 1 : 3), i;
-
-  GET_HANDLE();
-
-  if (pf < 0 || pf >= org_libjpegturbo_turbojpeg_TJ_NUMPF || subsamp < 0 ||
-      subsamp >= org_libjpegturbo_turbojpeg_TJ_NUMSAMP)
-    THROW_ARG("Invalid argument in decodeYUV()");
-  if (org_libjpegturbo_turbojpeg_TJ_NUMPF != TJ_NUMPF ||
-      org_libjpegturbo_turbojpeg_TJ_NUMSAMP != TJ_NUMSAMP)
-    THROW_ARG("Mismatch between Java and C API");
-
-  if ((*env)->GetArrayLength(env, srcobjs) < nc)
-    THROW_ARG("Planes array is too small for the subsampling type");
-  if ((*env)->GetArrayLength(env, jSrcOffsets) < nc)
-    THROW_ARG("Offsets array is too small for the subsampling type");
-  if ((*env)->GetArrayLength(env, jSrcStrides) < nc)
-    THROW_ARG("Strides array is too small for the subsampling type");
-
-  actualPitch = (pitch == 0) ? width * tjPixelSize[pf] : pitch;
-  arraySize = (y + height - 1) * actualPitch + (x + width) * tjPixelSize[pf];
-  if ((*env)->GetArrayLength(env, dst) * dstElementSize < arraySize)
-    THROW_ARG("Destination buffer is not large enough");
-
-  BAILIF0(srcOffsetsTmp =
-          (*env)->GetPrimitiveArrayCritical(env, jSrcOffsets, 0));
-  for (i = 0; i < nc; i++) srcOffsets[i] = srcOffsetsTmp[i];
-  SAFE_RELEASE(jSrcOffsets, srcOffsetsTmp);
-
-  BAILIF0(srcStridesTmp =
-          (*env)->GetPrimitiveArrayCritical(env, jSrcStrides, 0));
-  for (i = 0; i < nc; i++) srcStrides[i] = srcStridesTmp[i];
-  SAFE_RELEASE(jSrcStrides, srcStridesTmp);
-
-  for (i = 0; i < nc; i++) {
-    int planeSize = tjPlaneSizeYUV(i, width, srcStrides[i], height, subsamp);
-    int pw = tjPlaneWidth(i, width, subsamp);
-
-    if (planeSize < 0 || pw < 0)
-      THROW_ARG(tjGetErrorStr());
-
-    if (srcOffsets[i] < 0)
-      THROW_ARG("Invalid argument in decodeYUV()");
-    if (srcStrides[i] < 0 && srcOffsets[i] - planeSize + pw < 0)
-      THROW_ARG("Negative plane stride would cause memory to be accessed below plane boundary");
-
-    BAILIF0(jSrcPlanes[i] = (*env)->GetObjectArrayElement(env, srcobjs, i));
-    if ((*env)->GetArrayLength(env, jSrcPlanes[i]) <
-        srcOffsets[i] + planeSize)
-      THROW_ARG("Source plane is not large enough");
-
-    BAILIF0(srcPlanesTmp[i] =
-            (*env)->GetPrimitiveArrayCritical(env, jSrcPlanes[i], 0));
-    srcPlanes[i] = &srcPlanesTmp[i][srcOffsets[i]];
-    SAFE_RELEASE(jSrcPlanes[i], srcPlanesTmp[i]);
-  }
-  BAILIF0(dstBuf = (*env)->GetPrimitiveArrayCritical(env, dst, 0));
-
-  if (tjDecodeYUVPlanes(handle, srcPlanes, srcStrides, subsamp,
-                        &dstBuf[y * actualPitch + x * tjPixelSize[pf]], width,
-                        pitch, height, pf, flags) == -1) {
-    SAFE_RELEASE(dst, dstBuf);
-    THROW_TJ();
-  }
-
-bailout:
-  SAFE_RELEASE(dst, dstBuf);
-}
-
-/* TurboJPEG 1.4.x: TJDecompressor::decodeYUV() byte destination */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_decodeYUV___3_3B_3I_3II_3BIIIIIII
-  (JNIEnv *env, jobject obj, jobjectArray srcobjs, jintArray jSrcOffsets,
-   jintArray jSrcStrides, jint subsamp, jbyteArray dst, jint x, jint y,
-   jint width, jint pitch, jint height, jint pf, jint flags)
-{
-  TJDecompressor_decodeYUV(env, obj, srcobjs, jSrcOffsets, jSrcStrides,
-                           subsamp, dst, 1, x, y, width, pitch, height, pf,
-                           flags);
-}
-
-/* TurboJPEG 1.4.x: TJDecompressor::decodeYUV() int destination */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_decodeYUV___3_3B_3I_3II_3IIIIIIII
-  (JNIEnv *env, jobject obj, jobjectArray srcobjs, jintArray jSrcOffsets,
-   jintArray jSrcStrides, jint subsamp, jintArray dst, jint x, jint y,
-   jint width, jint stride, jint height, jint pf, jint flags)
-{
-  if (pf < 0 || pf >= org_libjpegturbo_turbojpeg_TJ_NUMPF)
-    THROW_ARG("Invalid argument in decodeYUV()");
-  if (tjPixelSize[pf] != sizeof(jint))
-    THROW_ARG("Pixel format must be 32-bit when decoding to an integer buffer.");
-
-  TJDecompressor_decodeYUV(env, obj, srcobjs, jSrcOffsets, jSrcStrides,
-                           subsamp, dst, sizeof(jint), x, y, width,
-                           stride * sizeof(jint), height, pf, flags);
-
-bailout:
-  return;
-}
-
-/* TurboJPEG 1.2.x: TJTransformer::init() */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJTransformer_init
-  (JNIEnv *env, jobject obj)
-{
-  jclass cls;
-  jfieldID fid;
-  tjhandle handle;
-
-  if ((handle = tjInitTransform()) == NULL)
-    THROW(tjGetErrorStr(), "org/libjpegturbo/turbojpeg/TJException");
-
-  BAILIF0(cls = (*env)->GetObjectClass(env, obj));
-  BAILIF0(fid = (*env)->GetFieldID(env, cls, "handle", "J"));
-  (*env)->SetLongField(env, obj, fid, (size_t)handle);
-
-bailout:
-  return;
-}
-
-typedef struct _JNICustomFilterParams {
-  JNIEnv *env;
-  jobject tobj;
-  jobject cfobj;
-} JNICustomFilterParams;
-
-static int JNICustomFilter(short *coeffs, tjregion arrayRegion,
-                           tjregion planeRegion, int componentIndex,
-                           int transformIndex, tjtransform *transform)
-{
-  JNICustomFilterParams *params = (JNICustomFilterParams *)transform->data;
-  JNIEnv *env = params->env;
-  jobject tobj = params->tobj, cfobj = params->cfobj;
-  jobject arrayRegionObj, planeRegionObj, bufobj, borobj;
-  jclass cls;
-  jmethodID mid;
-  jfieldID fid;
-
-  BAILIF0(bufobj = (*env)->NewDirectByteBuffer(env, coeffs,
-    sizeof(short) * arrayRegion.w * arrayRegion.h));
-  BAILIF0(cls = (*env)->FindClass(env, "java/nio/ByteOrder"));
-  BAILIF0(mid = (*env)->GetStaticMethodID(env, cls, "nativeOrder",
-                                          "()Ljava/nio/ByteOrder;"));
-  BAILIF0(borobj = (*env)->CallStaticObjectMethod(env, cls, mid));
-  BAILIF0(cls = (*env)->GetObjectClass(env, bufobj));
-  BAILIF0(mid = (*env)->GetMethodID(env, cls, "order",
-    "(Ljava/nio/ByteOrder;)Ljava/nio/ByteBuffer;"));
-  (*env)->CallObjectMethod(env, bufobj, mid, borobj);
-  BAILIF0(mid = (*env)->GetMethodID(env, cls, "asShortBuffer",
-                                    "()Ljava/nio/ShortBuffer;"));
-  BAILIF0(bufobj = (*env)->CallObjectMethod(env, bufobj, mid));
-
-  BAILIF0(cls = (*env)->FindClass(env, "java/awt/Rectangle"));
-  BAILIF0(arrayRegionObj = (*env)->AllocObject(env, cls));
-  BAILIF0(fid = (*env)->GetFieldID(env, cls, "x", "I"));
-  (*env)->SetIntField(env, arrayRegionObj, fid, arrayRegion.x);
-  BAILIF0(fid = (*env)->GetFieldID(env, cls, "y", "I"));
-  (*env)->SetIntField(env, arrayRegionObj, fid, arrayRegion.y);
-  BAILIF0(fid = (*env)->GetFieldID(env, cls, "width", "I"));
-  (*env)->SetIntField(env, arrayRegionObj, fid, arrayRegion.w);
-  BAILIF0(fid = (*env)->GetFieldID(env, cls, "height", "I"));
-  (*env)->SetIntField(env, arrayRegionObj, fid, arrayRegion.h);
-
-  BAILIF0(planeRegionObj = (*env)->AllocObject(env, cls));
-  BAILIF0(fid = (*env)->GetFieldID(env, cls, "x", "I"));
-  (*env)->SetIntField(env, planeRegionObj, fid, planeRegion.x);
-  BAILIF0(fid = (*env)->GetFieldID(env, cls, "y", "I"));
-  (*env)->SetIntField(env, planeRegionObj, fid, planeRegion.y);
-  BAILIF0(fid = (*env)->GetFieldID(env, cls, "width", "I"));
-  (*env)->SetIntField(env, planeRegionObj, fid, planeRegion.w);
-  BAILIF0(fid = (*env)->GetFieldID(env, cls, "height", "I"));
-  (*env)->SetIntField(env, planeRegionObj, fid, planeRegion.h);
-
-  BAILIF0(cls = (*env)->GetObjectClass(env, cfobj));
-  BAILIF0(mid = (*env)->GetMethodID(env, cls, "customFilter",
-    "(Ljava/nio/ShortBuffer;Ljava/awt/Rectangle;Ljava/awt/Rectangle;IILorg/libjpegturbo/turbojpeg/TJTransform;)V"));
-  (*env)->CallVoidMethod(env, cfobj, mid, bufobj, arrayRegionObj,
-                         planeRegionObj, componentIndex, transformIndex, tobj);
-
-  return 0;
-
-bailout:
-  return -1;
-}
-
-/* TurboJPEG 1.2.x: TJTransformer::transform() */
-JNIEXPORT jintArray JNICALL Java_org_libjpegturbo_turbojpeg_TJTransformer_transform
-  (JNIEnv *env, jobject obj, jbyteArray jsrcBuf, jint jpegSize,
-   jobjectArray dstobjs, jobjectArray tobjs, jint flags)
-{
-  tjhandle handle = 0;
-  unsigned char *jpegBuf = NULL, **dstBufs = NULL;
-  jsize n = 0;
-  unsigned long *dstSizes = NULL;
-  tjtransform *t = NULL;
-  jbyteArray *jdstBufs = NULL;
-  int i, jpegWidth = 0, jpegHeight = 0, jpegSubsamp;
-  jintArray jdstSizes = 0;
-  jint *dstSizesi = NULL;
-  JNICustomFilterParams *params = NULL;
-
-  GET_HANDLE();
-
-  if ((*env)->GetArrayLength(env, jsrcBuf) < jpegSize)
-    THROW_ARG("Source buffer is not large enough");
-  BAILIF0(_fid = (*env)->GetFieldID(env, _cls, "jpegWidth", "I"));
-  jpegWidth = (int)(*env)->GetIntField(env, obj, _fid);
-  BAILIF0(_fid = (*env)->GetFieldID(env, _cls, "jpegHeight", "I"));
-  jpegHeight = (int)(*env)->GetIntField(env, obj, _fid);
-  BAILIF0(_fid = (*env)->GetFieldID(env, _cls, "jpegSubsamp", "I"));
-  jpegSubsamp = (int)(*env)->GetIntField(env, obj, _fid);
-
-  n = (*env)->GetArrayLength(env, dstobjs);
-  if (n != (*env)->GetArrayLength(env, tobjs))
-    THROW_ARG("Mismatch between size of transforms array and destination buffers array");
-
-  if ((dstBufs =
-       (unsigned char **)malloc(sizeof(unsigned char *) * n)) == NULL)
-    THROW_MEM();
-  if ((jdstBufs = (jbyteArray *)malloc(sizeof(jbyteArray) * n)) == NULL)
-    THROW_MEM();
-  if ((dstSizes = (unsigned long *)malloc(sizeof(unsigned long) * n)) == NULL)
-    THROW_MEM();
-  if ((t = (tjtransform *)malloc(sizeof(tjtransform) * n)) == NULL)
-    THROW_MEM();
-  if ((params = (JNICustomFilterParams *)malloc(sizeof(JNICustomFilterParams) *
-                                                n)) == NULL)
-    THROW_MEM();
-  for (i = 0; i < n; i++) {
-    dstBufs[i] = NULL;  jdstBufs[i] = NULL;  dstSizes[i] = 0;
-    memset(&t[i], 0, sizeof(tjtransform));
-    memset(&params[i], 0, sizeof(JNICustomFilterParams));
-  }
-
-  for (i = 0; i < n; i++) {
-    jobject tobj, cfobj;
-
-    BAILIF0(tobj = (*env)->GetObjectArrayElement(env, tobjs, i));
-    BAILIF0(_cls = (*env)->GetObjectClass(env, tobj));
-    BAILIF0(_fid = (*env)->GetFieldID(env, _cls, "op", "I"));
-    t[i].op = (*env)->GetIntField(env, tobj, _fid);
-    BAILIF0(_fid = (*env)->GetFieldID(env, _cls, "options", "I"));
-    t[i].options = (*env)->GetIntField(env, tobj, _fid);
-    BAILIF0(_fid = (*env)->GetFieldID(env, _cls, "x", "I"));
-    t[i].r.x = (*env)->GetIntField(env, tobj, _fid);
-    BAILIF0(_fid = (*env)->GetFieldID(env, _cls, "y", "I"));
-    t[i].r.y = (*env)->GetIntField(env, tobj, _fid);
-    BAILIF0(_fid = (*env)->GetFieldID(env, _cls, "width", "I"));
-    t[i].r.w = (*env)->GetIntField(env, tobj, _fid);
-    BAILIF0(_fid = (*env)->GetFieldID(env, _cls, "height", "I"));
-    t[i].r.h = (*env)->GetIntField(env, tobj, _fid);
-
-    BAILIF0(_fid = (*env)->GetFieldID(env, _cls, "cf",
-      "Lorg/libjpegturbo/turbojpeg/TJCustomFilter;"));
-    cfobj = (*env)->GetObjectField(env, tobj, _fid);
-    if (cfobj) {
-      params[i].env = env;
-      params[i].tobj = tobj;
-      params[i].cfobj = cfobj;
-      t[i].customFilter = JNICustomFilter;
-      t[i].data = (void *)&params[i];
-    }
-  }
-
-  for (i = 0; i < n; i++) {
-    int w = jpegWidth, h = jpegHeight;
-
-    if (t[i].r.w != 0) w = t[i].r.w;
-    if (t[i].r.h != 0) h = t[i].r.h;
-    BAILIF0(jdstBufs[i] = (*env)->GetObjectArrayElement(env, dstobjs, i));
-    if ((unsigned long)(*env)->GetArrayLength(env, jdstBufs[i]) <
-        tjBufSize(w, h, jpegSubsamp))
-      THROW_ARG("Destination buffer is not large enough");
-  }
-  BAILIF0(jpegBuf = (*env)->GetPrimitiveArrayCritical(env, jsrcBuf, 0));
-  for (i = 0; i < n; i++)
-    BAILIF0(dstBufs[i] =
-            (*env)->GetPrimitiveArrayCritical(env, jdstBufs[i], 0));
-
-  if (tjTransform(handle, jpegBuf, jpegSize, n, dstBufs, dstSizes, t,
-                  flags | TJFLAG_NOREALLOC) == -1) {
-    for (i = 0; i < n; i++)
-      SAFE_RELEASE(jdstBufs[i], dstBufs[i]);
-    SAFE_RELEASE(jsrcBuf, jpegBuf);
-    THROW_TJ();
-  }
-
-  for (i = 0; i < n; i++)
-    SAFE_RELEASE(jdstBufs[i], dstBufs[i]);
-  SAFE_RELEASE(jsrcBuf, jpegBuf);
-
-  jdstSizes = (*env)->NewIntArray(env, n);
-  BAILIF0(dstSizesi = (*env)->GetIntArrayElements(env, jdstSizes, 0));
-  for (i = 0; i < n; i++) dstSizesi[i] = (int)dstSizes[i];
-
-bailout:
-  if (dstSizesi) (*env)->ReleaseIntArrayElements(env, jdstSizes, dstSizesi, 0);
-  if (dstBufs) {
-    for (i = 0; i < n; i++) {
-      if (dstBufs[i] && jdstBufs && jdstBufs[i])
-        (*env)->ReleasePrimitiveArrayCritical(env, jdstBufs[i], dstBufs[i], 0);
-    }
-    free(dstBufs);
-  }
-  SAFE_RELEASE(jsrcBuf, jpegBuf);
-  free(jdstBufs);
-  free(dstSizes);
-  free(t);
-  return jdstSizes;
-}
-
-/* TurboJPEG 1.2.x: TJDecompressor::destroy() */
-JNIEXPORT void JNICALL Java_org_libjpegturbo_turbojpeg_TJDecompressor_destroy
-  (JNIEnv *env, jobject obj)
-{
-  Java_org_libjpegturbo_turbojpeg_TJCompressor_destroy(env, obj);
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/turbojpeg-mapfile b/3rdparty/libjpeg-turbo_2_1_0/turbojpeg-mapfile
deleted file mode 100644
index 5477fed..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/turbojpeg-mapfile
+++ /dev/null
@@ -1,65 +0,0 @@
-TURBOJPEG_1.0
-{
-  global:
-    tjInitCompress;
-    tjCompress;
-    TJBUFSIZE;
-    tjInitDecompress;
-    tjDecompressHeader;
-    tjDecompress;
-    tjDestroy;
-    tjGetErrorStr;
-  local:
-    *;
-};
-
-TURBOJPEG_1.1
-{
-  global:
-    TJBUFSIZEYUV;
-    tjDecompressHeader2;
-    tjDecompressToYUV;
-    tjEncodeYUV;
-} TURBOJPEG_1.0;
-
-TURBOJPEG_1.2
-{
-  global:
-    tjAlloc;
-    tjBufSize;
-    tjBufSizeYUV;
-    tjCompress2;
-    tjDecompress2;
-    tjEncodeYUV2;
-    tjFree;
-    tjGetScalingFactors;
-    tjInitTransform;
-    tjTransform;
-} TURBOJPEG_1.1;
-
-TURBOJPEG_1.4
-{
-  global:
-    tjBufSizeYUV2;
-    tjCompressFromYUV;
-    tjCompressFromYUVPlanes;
-    tjDecodeYUV;
-    tjDecodeYUVPlanes;
-    tjDecompressHeader3;
-    tjDecompressToYUV2;
-    tjDecompressToYUVPlanes;
-    tjEncodeYUV3;
-    tjEncodeYUVPlanes;
-    tjPlaneHeight;
-    tjPlaneSizeYUV;
-    tjPlaneWidth;
-} TURBOJPEG_1.2;
-
-TURBOJPEG_2.0
-{
-  global:
-    tjGetErrorCode;
-    tjGetErrorStr2;
-    tjLoadImage;
-    tjSaveImage;
-} TURBOJPEG_1.4;
diff --git a/3rdparty/libjpeg-turbo_2_1_0/turbojpeg-mapfile.jni b/3rdparty/libjpeg-turbo_2_1_0/turbojpeg-mapfile.jni
deleted file mode 100644
index 4432791..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/turbojpeg-mapfile.jni
+++ /dev/null
@@ -1,101 +0,0 @@
-TURBOJPEG_1.0
-{
-  global:
-    tjInitCompress;
-    tjCompress;
-    TJBUFSIZE;
-    tjInitDecompress;
-    tjDecompressHeader;
-    tjDecompress;
-    tjDestroy;
-    tjGetErrorStr;
-  local:
-    *;
-};
-
-TURBOJPEG_1.1
-{
-  global:
-    TJBUFSIZEYUV;
-    tjDecompressHeader2;
-    tjDecompressToYUV;
-    tjEncodeYUV;
-} TURBOJPEG_1.0;
-
-TURBOJPEG_1.2
-{
-  global:
-    tjAlloc;
-    tjBufSize;
-    tjBufSizeYUV;
-    tjCompress2;
-    tjDecompress2;
-    tjEncodeYUV2;
-    tjFree;
-    tjGetScalingFactors;
-    tjInitTransform;
-    tjTransform;
-    Java_org_libjpegturbo_turbojpeg_TJ_bufSize;
-    Java_org_libjpegturbo_turbojpeg_TJ_bufSizeYUV__III;
-    Java_org_libjpegturbo_turbojpeg_TJ_getScalingFactors;
-    Java_org_libjpegturbo_turbojpeg_TJCompressor_init;
-    Java_org_libjpegturbo_turbojpeg_TJCompressor_compress___3BIIII_3BIII;
-    Java_org_libjpegturbo_turbojpeg_TJCompressor_compress___3IIIII_3BIII;
-    Java_org_libjpegturbo_turbojpeg_TJCompressor_encodeYUV___3BIIII_3BII;
-    Java_org_libjpegturbo_turbojpeg_TJCompressor_encodeYUV___3IIIII_3BII;
-    Java_org_libjpegturbo_turbojpeg_TJCompressor_destroy;
-    Java_org_libjpegturbo_turbojpeg_TJDecompressor_init;
-    Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompressHeader;
-    Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompress___3BI_3BIIIII;
-    Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompress___3BI_3IIIIII;
-    Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompressToYUV___3BI_3BI;
-    Java_org_libjpegturbo_turbojpeg_TJDecompressor_destroy;
-    Java_org_libjpegturbo_turbojpeg_TJTransformer_init;
-    Java_org_libjpegturbo_turbojpeg_TJTransformer_transform;
-} TURBOJPEG_1.1;
-
-TURBOJPEG_1.3
-{
-  global:
-    Java_org_libjpegturbo_turbojpeg_TJCompressor_compress___3BIIIIII_3BIII;
-    Java_org_libjpegturbo_turbojpeg_TJCompressor_compress___3IIIIIII_3BIII;
-    Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompress___3BI_3BIIIIIII;
-    Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompress___3BI_3IIIIIIII;
-} TURBOJPEG_1.2;
-
-TURBOJPEG_1.4
-{
-  global:
-    tjBufSizeYUV2;
-    tjCompressFromYUV;
-    tjCompressFromYUVPlanes;
-    tjDecodeYUV;
-    tjDecodeYUVPlanes;
-    tjDecompressHeader3;
-    tjDecompressToYUV2;
-    tjDecompressToYUVPlanes;
-    tjEncodeYUV3;
-    tjEncodeYUVPlanes;
-    tjPlaneHeight;
-    tjPlaneSizeYUV;
-    tjPlaneWidth;
-    Java_org_libjpegturbo_turbojpeg_TJ_bufSizeYUV__IIII;
-    Java_org_libjpegturbo_turbojpeg_TJCompressor_compressFromYUV___3_3B_3II_3III_3BII;
-    Java_org_libjpegturbo_turbojpeg_TJCompressor_encodeYUV___3BIIIIII_3_3B_3I_3III;
-    Java_org_libjpegturbo_turbojpeg_TJCompressor_encodeYUV___3IIIIIII_3_3B_3I_3III;
-    Java_org_libjpegturbo_turbojpeg_TJDecompressor_decompressToYUV___3BI_3_3B_3II_3III;
-    Java_org_libjpegturbo_turbojpeg_TJDecompressor_decodeYUV___3_3B_3I_3II_3BIIIIIII;
-    Java_org_libjpegturbo_turbojpeg_TJDecompressor_decodeYUV___3_3B_3I_3II_3IIIIIIII;
-    Java_org_libjpegturbo_turbojpeg_TJ_planeHeight__III;
-    Java_org_libjpegturbo_turbojpeg_TJ_planeSizeYUV__IIIII;
-    Java_org_libjpegturbo_turbojpeg_TJ_planeWidth__III;
-} TURBOJPEG_1.3;
-
-TURBOJPEG_2.0
-{
-  global:
-    tjGetErrorCode;
-    tjGetErrorStr2;
-    tjLoadImage;
-    tjSaveImage;
-} TURBOJPEG_1.4;
diff --git a/3rdparty/libjpeg-turbo_2_1_0/turbojpeg.c b/3rdparty/libjpeg-turbo_2_1_0/turbojpeg.c
deleted file mode 100644
index 793a3ee..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/turbojpeg.c
+++ /dev/null
@@ -1,2221 +0,0 @@
-/*
- * Copyright (C)2009-2021 D. R. Commander.  All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-/* TurboJPEG/LJT:  this implements the TurboJPEG API using libjpeg or
-   libjpeg-turbo */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <ctype.h>
-#include <jinclude.h>
-#define JPEG_INTERNALS
-#include <jpeglib.h>
-#include <jerror.h>
-#include <setjmp.h>
-#include <errno.h>
-#include "./turbojpeg.h"
-#include "./tjutil.h"
-#include "transupp.h"
-#include "./jpegcomp.h"
-#include "./cdjpeg.h"
-#include "jconfigint.h"
-
-extern void jpeg_mem_dest_tj(j_compress_ptr, unsigned char **, unsigned long *,
-                             boolean);
-extern void jpeg_mem_src_tj(j_decompress_ptr, const unsigned char *,
-                            unsigned long);
-
-#define PAD(v, p)  ((v + (p) - 1) & (~((p) - 1)))
-#define IS_POW2(x)  (((x) & (x - 1)) == 0)
-
-
-/* Error handling (based on example in example.txt) */
-
-static THREAD_LOCAL char errStr[JMSG_LENGTH_MAX] = "No error";
-
-struct my_error_mgr {
-  struct jpeg_error_mgr pub;
-  jmp_buf setjmp_buffer;
-  void (*emit_message) (j_common_ptr, int);
-  boolean warning, stopOnWarning;
-};
-typedef struct my_error_mgr *my_error_ptr;
-
-#define JMESSAGE(code, string)  string,
-static const char *turbojpeg_message_table[] = {
-#include "cderror.h"
-  NULL
-};
-
-static void my_error_exit(j_common_ptr cinfo)
-{
-  my_error_ptr myerr = (my_error_ptr)cinfo->err;
-
-  (*cinfo->err->output_message) (cinfo);
-  longjmp(myerr->setjmp_buffer, 1);
-}
-
-/* Based on output_message() in jerror.c */
-
-static void my_output_message(j_common_ptr cinfo)
-{
-  (*cinfo->err->format_message) (cinfo, errStr);
-}
-
-static void my_emit_message(j_common_ptr cinfo, int msg_level)
-{
-  my_error_ptr myerr = (my_error_ptr)cinfo->err;
-
-  myerr->emit_message(cinfo, msg_level);
-  if (msg_level < 0) {
-    myerr->warning = TRUE;
-    if (myerr->stopOnWarning) longjmp(myerr->setjmp_buffer, 1);
-  }
-}
-
-
-/* Global structures, macros, etc. */
-
-enum { COMPRESS = 1, DECOMPRESS = 2 };
-
-typedef struct _tjinstance {
-  struct jpeg_compress_struct cinfo;
-  struct jpeg_decompress_struct dinfo;
-  struct my_error_mgr jerr;
-  int init, headerRead;
-  char errStr[JMSG_LENGTH_MAX];
-  boolean isInstanceError;
-} tjinstance;
-
-struct my_progress_mgr {
-  struct jpeg_progress_mgr pub;
-  tjinstance *this;
-};
-typedef struct my_progress_mgr *my_progress_ptr;
-
-static void my_progress_monitor(j_common_ptr dinfo)
-{
-  my_error_ptr myerr = (my_error_ptr)dinfo->err;
-  my_progress_ptr myprog = (my_progress_ptr)dinfo->progress;
-
-  if (dinfo->is_decompressor) {
-    int scan_no = ((j_decompress_ptr)dinfo)->input_scan_number;
-
-    if (scan_no > 500) {
-      snprintf(myprog->this->errStr, JMSG_LENGTH_MAX,
-               "Progressive JPEG image has more than 500 scans");
-      snprintf(errStr, JMSG_LENGTH_MAX,
-               "Progressive JPEG image has more than 500 scans");
-      myprog->this->isInstanceError = TRUE;
-      myerr->warning = FALSE;
-      longjmp(myerr->setjmp_buffer, 1);
-    }
-  }
-}
-
-static const int pixelsize[TJ_NUMSAMP] = { 3, 3, 3, 1, 3, 3 };
-
-static const JXFORM_CODE xformtypes[TJ_NUMXOP] = {
-  JXFORM_NONE, JXFORM_FLIP_H, JXFORM_FLIP_V, JXFORM_TRANSPOSE,
-  JXFORM_TRANSVERSE, JXFORM_ROT_90, JXFORM_ROT_180, JXFORM_ROT_270
-};
-
-#define NUMSF  16
-static const tjscalingfactor sf[NUMSF] = {
-  { 2, 1 },
-  { 15, 8 },
-  { 7, 4 },
-  { 13, 8 },
-  { 3, 2 },
-  { 11, 8 },
-  { 5, 4 },
-  { 9, 8 },
-  { 1, 1 },
-  { 7, 8 },
-  { 3, 4 },
-  { 5, 8 },
-  { 1, 2 },
-  { 3, 8 },
-  { 1, 4 },
-  { 1, 8 }
-};
-
-static J_COLOR_SPACE pf2cs[TJ_NUMPF] = {
-  JCS_EXT_RGB, JCS_EXT_BGR, JCS_EXT_RGBX, JCS_EXT_BGRX, JCS_EXT_XBGR,
-  JCS_EXT_XRGB, JCS_GRAYSCALE, JCS_EXT_RGBA, JCS_EXT_BGRA, JCS_EXT_ABGR,
-  JCS_EXT_ARGB, JCS_CMYK
-};
-
-static int cs2pf[JPEG_NUMCS] = {
-  TJPF_UNKNOWN, TJPF_GRAY,
-#if RGB_RED == 0 && RGB_GREEN == 1 && RGB_BLUE == 2 && RGB_PIXELSIZE == 3
-  TJPF_RGB,
-#elif RGB_RED == 2 && RGB_GREEN == 1 && RGB_BLUE == 0 && RGB_PIXELSIZE == 3
-  TJPF_BGR,
-#elif RGB_RED == 0 && RGB_GREEN == 1 && RGB_BLUE == 2 && RGB_PIXELSIZE == 4
-  TJPF_RGBX,
-#elif RGB_RED == 2 && RGB_GREEN == 1 && RGB_BLUE == 0 && RGB_PIXELSIZE == 4
-  TJPF_BGRX,
-#elif RGB_RED == 3 && RGB_GREEN == 2 && RGB_BLUE == 1 && RGB_PIXELSIZE == 4
-  TJPF_XBGR,
-#elif RGB_RED == 1 && RGB_GREEN == 2 && RGB_BLUE == 3 && RGB_PIXELSIZE == 4
-  TJPF_XRGB,
-#endif
-  TJPF_UNKNOWN, TJPF_CMYK, TJPF_UNKNOWN, TJPF_RGB, TJPF_RGBX, TJPF_BGR,
-  TJPF_BGRX, TJPF_XBGR, TJPF_XRGB, TJPF_RGBA, TJPF_BGRA, TJPF_ABGR, TJPF_ARGB,
-  TJPF_UNKNOWN
-};
-
-#define THROWG(m) { \
-  snprintf(errStr, JMSG_LENGTH_MAX, "%s", m); \
-  retval = -1;  goto bailout; \
-}
-#define THROW_UNIX(m) { \
-  snprintf(errStr, JMSG_LENGTH_MAX, "%s\n%s", m, strerror(errno)); \
-  retval = -1;  goto bailout; \
-}
-#define THROW(m) { \
-  snprintf(this->errStr, JMSG_LENGTH_MAX, "%s", m); \
-  this->isInstanceError = TRUE;  THROWG(m) \
-}
-
-#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
-/* Private flag that triggers different TurboJPEG API behavior when fuzzing */
-#define TJFLAG_FUZZING  (1 << 30)
-#endif
-
-#define GET_INSTANCE(handle) \
-  tjinstance *this = (tjinstance *)handle; \
-  j_compress_ptr cinfo = NULL; \
-  j_decompress_ptr dinfo = NULL; \
-  \
-  if (!this) { \
-    snprintf(errStr, JMSG_LENGTH_MAX, "Invalid handle"); \
-    return -1; \
-  } \
-  cinfo = &this->cinfo;  dinfo = &this->dinfo; \
-  this->jerr.warning = FALSE; \
-  this->isInstanceError = FALSE;
-
-#define GET_CINSTANCE(handle) \
-  tjinstance *this = (tjinstance *)handle; \
-  j_compress_ptr cinfo = NULL; \
-  \
-  if (!this) { \
-    snprintf(errStr, JMSG_LENGTH_MAX, "Invalid handle"); \
-    return -1; \
-  } \
-  cinfo = &this->cinfo; \
-  this->jerr.warning = FALSE; \
-  this->isInstanceError = FALSE;
-
-#define GET_DINSTANCE(handle) \
-  tjinstance *this = (tjinstance *)handle; \
-  j_decompress_ptr dinfo = NULL; \
-  \
-  if (!this) { \
-    snprintf(errStr, JMSG_LENGTH_MAX, "Invalid handle"); \
-    return -1; \
-  } \
-  dinfo = &this->dinfo; \
-  this->jerr.warning = FALSE; \
-  this->isInstanceError = FALSE;
-
-static int getPixelFormat(int pixelSize, int flags)
-{
-  if (pixelSize == 1) return TJPF_GRAY;
-  if (pixelSize == 3) {
-    if (flags & TJ_BGR) return TJPF_BGR;
-    else return TJPF_RGB;
-  }
-  if (pixelSize == 4) {
-    if (flags & TJ_ALPHAFIRST) {
-      if (flags & TJ_BGR) return TJPF_XBGR;
-      else return TJPF_XRGB;
-    } else {
-      if (flags & TJ_BGR) return TJPF_BGRX;
-      else return TJPF_RGBX;
-    }
-  }
-  return -1;
-}
-
-static void setCompDefaults(struct jpeg_compress_struct *cinfo,
-                            int pixelFormat, int subsamp, int jpegQual,
-                            int flags)
-{
-#ifndef NO_GETENV
-  char *env = NULL;
-#endif
-
-  cinfo->in_color_space = pf2cs[pixelFormat];
-  cinfo->input_components = tjPixelSize[pixelFormat];
-  jpeg_set_defaults(cinfo);
-
-#ifndef NO_GETENV
-  if ((env = getenv("TJ_OPTIMIZE")) != NULL && strlen(env) > 0 &&
-      !strcmp(env, "1"))
-    cinfo->optimize_coding = TRUE;
-  if ((env = getenv("TJ_ARITHMETIC")) != NULL && strlen(env) > 0 &&
-      !strcmp(env, "1"))
-    cinfo->arith_code = TRUE;
-  if ((env = getenv("TJ_RESTART")) != NULL && strlen(env) > 0) {
-    int temp = -1;
-    char tempc = 0;
-
-    if (sscanf(env, "%d%c", &temp, &tempc) >= 1 && temp >= 0 &&
-        temp <= 65535) {
-      if (toupper(tempc) == 'B') {
-        cinfo->restart_interval = temp;
-        cinfo->restart_in_rows = 0;
-      } else
-        cinfo->restart_in_rows = temp;
-    }
-  }
-#endif
-
-  if (jpegQual >= 0) {
-    jpeg_set_quality(cinfo, jpegQual, TRUE);
-    if (jpegQual >= 96 || flags & TJFLAG_ACCURATEDCT)
-      cinfo->dct_method = JDCT_ISLOW;
-    else
-      cinfo->dct_method = JDCT_FASTEST;
-  }
-  if (subsamp == TJSAMP_GRAY)
-    jpeg_set_colorspace(cinfo, JCS_GRAYSCALE);
-  else if (pixelFormat == TJPF_CMYK)
-    jpeg_set_colorspace(cinfo, JCS_YCCK);
-  else
-    jpeg_set_colorspace(cinfo, JCS_YCbCr);
-
-  if (flags & TJFLAG_PROGRESSIVE)
-    jpeg_simple_progression(cinfo);
-#ifndef NO_GETENV
-  else if ((env = getenv("TJ_PROGRESSIVE")) != NULL && strlen(env) > 0 &&
-           !strcmp(env, "1"))
-    jpeg_simple_progression(cinfo);
-#endif
-
-  cinfo->comp_info[0].h_samp_factor = tjMCUWidth[subsamp] / 8;
-  cinfo->comp_info[1].h_samp_factor = 1;
-  cinfo->comp_info[2].h_samp_factor = 1;
-  if (cinfo->num_components > 3)
-    cinfo->comp_info[3].h_samp_factor = tjMCUWidth[subsamp] / 8;
-  cinfo->comp_info[0].v_samp_factor = tjMCUHeight[subsamp] / 8;
-  cinfo->comp_info[1].v_samp_factor = 1;
-  cinfo->comp_info[2].v_samp_factor = 1;
-  if (cinfo->num_components > 3)
-    cinfo->comp_info[3].v_samp_factor = tjMCUHeight[subsamp] / 8;
-}
-
-
-static int getSubsamp(j_decompress_ptr dinfo)
-{
-  int retval = -1, i, k;
-
-  /* The sampling factors actually have no meaning with grayscale JPEG files,
-     and in fact it's possible to generate grayscale JPEGs with sampling
-     factors > 1 (even though those sampling factors are ignored by the
-     decompressor.)  Thus, we need to treat grayscale as a special case. */
-  if (dinfo->num_components == 1 && dinfo->jpeg_color_space == JCS_GRAYSCALE)
-    return TJSAMP_GRAY;
-
-  for (i = 0; i < NUMSUBOPT; i++) {
-    if (dinfo->num_components == pixelsize[i] ||
-        ((dinfo->jpeg_color_space == JCS_YCCK ||
-          dinfo->jpeg_color_space == JCS_CMYK) &&
-         pixelsize[i] == 3 && dinfo->num_components == 4)) {
-      if (dinfo->comp_info[0].h_samp_factor == tjMCUWidth[i] / 8 &&
-          dinfo->comp_info[0].v_samp_factor == tjMCUHeight[i] / 8) {
-        int match = 0;
-
-        for (k = 1; k < dinfo->num_components; k++) {
-          int href = 1, vref = 1;
-
-          if ((dinfo->jpeg_color_space == JCS_YCCK ||
-               dinfo->jpeg_color_space == JCS_CMYK) && k == 3) {
-            href = tjMCUWidth[i] / 8;  vref = tjMCUHeight[i] / 8;
-          }
-          if (dinfo->comp_info[k].h_samp_factor == href &&
-              dinfo->comp_info[k].v_samp_factor == vref)
-            match++;
-        }
-        if (match == dinfo->num_components - 1) {
-          retval = i;  break;
-        }
-      }
-      /* Handle 4:2:2 and 4:4:0 images whose sampling factors are specified
-         in non-standard ways. */
-      if (dinfo->comp_info[0].h_samp_factor == 2 &&
-          dinfo->comp_info[0].v_samp_factor == 2 &&
-          (i == TJSAMP_422 || i == TJSAMP_440)) {
-        int match = 0;
-
-        for (k = 1; k < dinfo->num_components; k++) {
-          int href = tjMCUHeight[i] / 8, vref = tjMCUWidth[i] / 8;
-
-          if ((dinfo->jpeg_color_space == JCS_YCCK ||
-               dinfo->jpeg_color_space == JCS_CMYK) && k == 3) {
-            href = vref = 2;
-          }
-          if (dinfo->comp_info[k].h_samp_factor == href &&
-              dinfo->comp_info[k].v_samp_factor == vref)
-            match++;
-        }
-        if (match == dinfo->num_components - 1) {
-          retval = i;  break;
-        }
-      }
-      /* Handle 4:4:4 images whose sampling factors are specified in
-         non-standard ways. */
-      if (dinfo->comp_info[0].h_samp_factor *
-          dinfo->comp_info[0].v_samp_factor <=
-          D_MAX_BLOCKS_IN_MCU / pixelsize[i] && i == TJSAMP_444) {
-        int match = 0;
-        for (k = 1; k < dinfo->num_components; k++) {
-          if (dinfo->comp_info[k].h_samp_factor ==
-              dinfo->comp_info[0].h_samp_factor &&
-              dinfo->comp_info[k].v_samp_factor ==
-              dinfo->comp_info[0].v_samp_factor)
-            match++;
-          if (match == dinfo->num_components - 1) {
-            retval = i;  break;
-          }
-        }
-      }
-    }
-  }
-  return retval;
-}
-
-
-/* General API functions */
-
-DLLEXPORT char *tjGetErrorStr2(tjhandle handle)
-{
-  tjinstance *this = (tjinstance *)handle;
-
-  if (this && this->isInstanceError) {
-    this->isInstanceError = FALSE;
-    return this->errStr;
-  } else
-    return errStr;
-}
-
-
-DLLEXPORT char *tjGetErrorStr(void)
-{
-  return errStr;
-}
-
-
-DLLEXPORT int tjGetErrorCode(tjhandle handle)
-{
-  tjinstance *this = (tjinstance *)handle;
-
-  if (this && this->jerr.warning) return TJERR_WARNING;
-  else return TJERR_FATAL;
-}
-
-
-DLLEXPORT int tjDestroy(tjhandle handle)
-{
-  GET_INSTANCE(handle);
-
-  if (setjmp(this->jerr.setjmp_buffer)) return -1;
-  if (this->init & COMPRESS) jpeg_destroy_compress(cinfo);
-  if (this->init & DECOMPRESS) jpeg_destroy_decompress(dinfo);
-  free(this);
-  return 0;
-}
-
-
-/* These are exposed mainly because Windows can't malloc() and free() across
-   DLL boundaries except when the CRT DLL is used, and we don't use the CRT DLL
-   with turbojpeg.dll for compatibility reasons.  However, these functions
-   can potentially be used for other purposes by different implementations. */
-
-DLLEXPORT void tjFree(unsigned char *buf)
-{
-  free(buf);
-}
-
-
-DLLEXPORT unsigned char *tjAlloc(int bytes)
-{
-  return (unsigned char *)malloc(bytes);
-}
-
-
-/* Compressor  */
-
-static tjhandle _tjInitCompress(tjinstance *this)
-{
-  static unsigned char buffer[1];
-  unsigned char *buf = buffer;
-  unsigned long size = 1;
-
-  /* This is also straight out of example.txt */
-  this->cinfo.err = jpeg_std_error(&this->jerr.pub);
-  this->jerr.pub.error_exit = my_error_exit;
-  this->jerr.pub.output_message = my_output_message;
-  this->jerr.emit_message = this->jerr.pub.emit_message;
-  this->jerr.pub.emit_message = my_emit_message;
-  this->jerr.pub.addon_message_table = turbojpeg_message_table;
-  this->jerr.pub.first_addon_message = JMSG_FIRSTADDONCODE;
-  this->jerr.pub.last_addon_message = JMSG_LASTADDONCODE;
-
-  if (setjmp(this->jerr.setjmp_buffer)) {
-    /* If we get here, the JPEG code has signaled an error. */
-    free(this);
-    return NULL;
-  }
-
-  jpeg_create_compress(&this->cinfo);
-  /* Make an initial call so it will create the destination manager */
-  jpeg_mem_dest_tj(&this->cinfo, &buf, &size, 0);
-
-  this->init |= COMPRESS;
-  return (tjhandle)this;
-}
-
-DLLEXPORT tjhandle tjInitCompress(void)
-{
-  tjinstance *this = NULL;
-
-  if ((this = (tjinstance *)malloc(sizeof(tjinstance))) == NULL) {
-    snprintf(errStr, JMSG_LENGTH_MAX,
-             "tjInitCompress(): Memory allocation failure");
-    return NULL;
-  }
-  MEMZERO(this, sizeof(tjinstance));
-  snprintf(this->errStr, JMSG_LENGTH_MAX, "No error");
-  return _tjInitCompress(this);
-}
-
-
-DLLEXPORT unsigned long tjBufSize(int width, int height, int jpegSubsamp)
-{
-  unsigned long long retval = 0;
-  int mcuw, mcuh, chromasf;
-
-  if (width < 1 || height < 1 || jpegSubsamp < 0 || jpegSubsamp >= NUMSUBOPT)
-    THROWG("tjBufSize(): Invalid argument");
-
-  /* This allows for rare corner cases in which a JPEG image can actually be
-     larger than the uncompressed input (we wouldn't mention it if it hadn't
-     happened before.) */
-  mcuw = tjMCUWidth[jpegSubsamp];
-  mcuh = tjMCUHeight[jpegSubsamp];
-  chromasf = jpegSubsamp == TJSAMP_GRAY ? 0 : 4 * 64 / (mcuw * mcuh);
-  retval = PAD(width, mcuw) * PAD(height, mcuh) * (2ULL + chromasf) + 2048ULL;
-  if (retval > (unsigned long long)((unsigned long)-1))
-    THROWG("tjBufSize(): Image is too large");
-
-bailout:
-  return (unsigned long)retval;
-}
-
-DLLEXPORT unsigned long TJBUFSIZE(int width, int height)
-{
-  unsigned long long retval = 0;
-
-  if (width < 1 || height < 1)
-    THROWG("TJBUFSIZE(): Invalid argument");
-
-  /* This allows for rare corner cases in which a JPEG image can actually be
-     larger than the uncompressed input (we wouldn't mention it if it hadn't
-     happened before.) */
-  retval = PAD(width, 16) * PAD(height, 16) * 6ULL + 2048ULL;
-  if (retval > (unsigned long long)((unsigned long)-1))
-    THROWG("TJBUFSIZE(): Image is too large");
-
-bailout:
-  return (unsigned long)retval;
-}
-
-
-DLLEXPORT unsigned long tjBufSizeYUV2(int width, int pad, int height,
-                                      int subsamp)
-{
-  unsigned long long retval = 0;
-  int nc, i;
-
-  if (subsamp < 0 || subsamp >= NUMSUBOPT)
-    THROWG("tjBufSizeYUV2(): Invalid argument");
-
-  nc = (subsamp == TJSAMP_GRAY ? 1 : 3);
-  for (i = 0; i < nc; i++) {
-    int pw = tjPlaneWidth(i, width, subsamp);
-    int stride = PAD(pw, pad);
-    int ph = tjPlaneHeight(i, height, subsamp);
-
-    if (pw < 0 || ph < 0) return -1;
-    else retval += (unsigned long long)stride * ph;
-  }
-  if (retval > (unsigned long long)((unsigned long)-1))
-    THROWG("tjBufSizeYUV2(): Image is too large");
-
-bailout:
-  return (unsigned long)retval;
-}
-
-DLLEXPORT unsigned long tjBufSizeYUV(int width, int height, int subsamp)
-{
-  return tjBufSizeYUV2(width, 4, height, subsamp);
-}
-
-DLLEXPORT unsigned long TJBUFSIZEYUV(int width, int height, int subsamp)
-{
-  return tjBufSizeYUV(width, height, subsamp);
-}
-
-
-DLLEXPORT int tjPlaneWidth(int componentID, int width, int subsamp)
-{
-  int pw, nc, retval = 0;
-
-  if (width < 1 || subsamp < 0 || subsamp >= TJ_NUMSAMP)
-    THROWG("tjPlaneWidth(): Invalid argument");
-  nc = (subsamp == TJSAMP_GRAY ? 1 : 3);
-  if (componentID < 0 || componentID >= nc)
-    THROWG("tjPlaneWidth(): Invalid argument");
-
-  pw = PAD(width, tjMCUWidth[subsamp] / 8);
-  if (componentID == 0)
-    retval = pw;
-  else
-    retval = pw * 8 / tjMCUWidth[subsamp];
-
-bailout:
-  return retval;
-}
-
-
-DLLEXPORT int tjPlaneHeight(int componentID, int height, int subsamp)
-{
-  int ph, nc, retval = 0;
-
-  if (height < 1 || subsamp < 0 || subsamp >= TJ_NUMSAMP)
-    THROWG("tjPlaneHeight(): Invalid argument");
-  nc = (subsamp == TJSAMP_GRAY ? 1 : 3);
-  if (componentID < 0 || componentID >= nc)
-    THROWG("tjPlaneHeight(): Invalid argument");
-
-  ph = PAD(height, tjMCUHeight[subsamp] / 8);
-  if (componentID == 0)
-    retval = ph;
-  else
-    retval = ph * 8 / tjMCUHeight[subsamp];
-
-bailout:
-  return retval;
-}
-
-
-DLLEXPORT unsigned long tjPlaneSizeYUV(int componentID, int width, int stride,
-                                       int height, int subsamp)
-{
-  unsigned long long retval = 0;
-  int pw, ph;
-
-  if (width < 1 || height < 1 || subsamp < 0 || subsamp >= NUMSUBOPT)
-    THROWG("tjPlaneSizeYUV(): Invalid argument");
-
-  pw = tjPlaneWidth(componentID, width, subsamp);
-  ph = tjPlaneHeight(componentID, height, subsamp);
-  if (pw < 0 || ph < 0) return -1;
-
-  if (stride == 0) stride = pw;
-  else stride = abs(stride);
-
-  retval = (unsigned long long)stride * (ph - 1) + pw;
-  if (retval > (unsigned long long)((unsigned long)-1))
-    THROWG("tjPlaneSizeYUV(): Image is too large");
-
-bailout:
-  return (unsigned long)retval;
-}
-
-
-DLLEXPORT int tjCompress2(tjhandle handle, const unsigned char *srcBuf,
-                          int width, int pitch, int height, int pixelFormat,
-                          unsigned char **jpegBuf, unsigned long *jpegSize,
-                          int jpegSubsamp, int jpegQual, int flags)
-{
-  int i, retval = 0, alloc = 1;
-  JSAMPROW *row_pointer = NULL;
-
-  GET_CINSTANCE(handle)
-  this->jerr.stopOnWarning = (flags & TJFLAG_STOPONWARNING) ? TRUE : FALSE;
-  if ((this->init & COMPRESS) == 0)
-    THROW("tjCompress2(): Instance has not been initialized for compression");
-
-  if (srcBuf == NULL || width <= 0 || pitch < 0 || height <= 0 ||
-      pixelFormat < 0 || pixelFormat >= TJ_NUMPF || jpegBuf == NULL ||
-      jpegSize == NULL || jpegSubsamp < 0 || jpegSubsamp >= NUMSUBOPT ||
-      jpegQual < 0 || jpegQual > 100)
-    THROW("tjCompress2(): Invalid argument");
-
-  if (pitch == 0) pitch = width * tjPixelSize[pixelFormat];
-
-  if ((row_pointer = (JSAMPROW *)malloc(sizeof(JSAMPROW) * height)) == NULL)
-    THROW("tjCompress2(): Memory allocation failure");
-
-  if (setjmp(this->jerr.setjmp_buffer)) {
-    /* If we get here, the JPEG code has signaled an error. */
-    retval = -1;  goto bailout;
-  }
-
-  cinfo->image_width = width;
-  cinfo->image_height = height;
-
-#ifndef NO_PUTENV
-  if (flags & TJFLAG_FORCEMMX) putenv("JSIMD_FORCEMMX=1");
-  else if (flags & TJFLAG_FORCESSE) putenv("JSIMD_FORCESSE=1");
-  else if (flags & TJFLAG_FORCESSE2) putenv("JSIMD_FORCESSE2=1");
-#endif
-
-  if (flags & TJFLAG_NOREALLOC) {
-    alloc = 0;  *jpegSize = tjBufSize(width, height, jpegSubsamp);
-  }
-  jpeg_mem_dest_tj(cinfo, jpegBuf, jpegSize, alloc);
-  setCompDefaults(cinfo, pixelFormat, jpegSubsamp, jpegQual, flags);
-
-  jpeg_start_compress(cinfo, TRUE);
-  for (i = 0; i < height; i++) {
-    if (flags & TJFLAG_BOTTOMUP)
-      row_pointer[i] = (JSAMPROW)&srcBuf[(height - i - 1) * (size_t)pitch];
-    else
-      row_pointer[i] = (JSAMPROW)&srcBuf[i * (size_t)pitch];
-  }
-  while (cinfo->next_scanline < cinfo->image_height)
-    jpeg_write_scanlines(cinfo, &row_pointer[cinfo->next_scanline],
-                         cinfo->image_height - cinfo->next_scanline);
-  jpeg_finish_compress(cinfo);
-
-bailout:
-  if (cinfo->global_state > CSTATE_START) {
-    if (alloc) (*cinfo->dest->term_destination) (cinfo);
-    jpeg_abort_compress(cinfo);
-  }
-  free(row_pointer);
-  if (this->jerr.warning) retval = -1;
-  this->jerr.stopOnWarning = FALSE;
-  return retval;
-}
-
-DLLEXPORT int tjCompress(tjhandle handle, unsigned char *srcBuf, int width,
-                         int pitch, int height, int pixelSize,
-                         unsigned char *jpegBuf, unsigned long *jpegSize,
-                         int jpegSubsamp, int jpegQual, int flags)
-{
-  int retval = 0;
-  unsigned long size;
-
-  if (flags & TJ_YUV) {
-    size = tjBufSizeYUV(width, height, jpegSubsamp);
-    retval = tjEncodeYUV2(handle, srcBuf, width, pitch, height,
-                          getPixelFormat(pixelSize, flags), jpegBuf,
-                          jpegSubsamp, flags);
-  } else {
-    retval = tjCompress2(handle, srcBuf, width, pitch, height,
-                         getPixelFormat(pixelSize, flags), &jpegBuf, &size,
-                         jpegSubsamp, jpegQual, flags | TJFLAG_NOREALLOC);
-  }
-  *jpegSize = size;
-  return retval;
-}
-
-
-DLLEXPORT int tjEncodeYUVPlanes(tjhandle handle, const unsigned char *srcBuf,
-                                int width, int pitch, int height,
-                                int pixelFormat, unsigned char **dstPlanes,
-                                int *strides, int subsamp, int flags)
-{
-  JSAMPROW *row_pointer = NULL;
-  JSAMPLE *_tmpbuf[MAX_COMPONENTS], *_tmpbuf2[MAX_COMPONENTS];
-  JSAMPROW *tmpbuf[MAX_COMPONENTS], *tmpbuf2[MAX_COMPONENTS];
-  JSAMPROW *outbuf[MAX_COMPONENTS];
-  int i, retval = 0, row, pw0, ph0, pw[MAX_COMPONENTS], ph[MAX_COMPONENTS];
-  JSAMPLE *ptr;
-  jpeg_component_info *compptr;
-
-  GET_CINSTANCE(handle);
-  this->jerr.stopOnWarning = (flags & TJFLAG_STOPONWARNING) ? TRUE : FALSE;
-
-  for (i = 0; i < MAX_COMPONENTS; i++) {
-    tmpbuf[i] = NULL;  _tmpbuf[i] = NULL;
-    tmpbuf2[i] = NULL;  _tmpbuf2[i] = NULL;  outbuf[i] = NULL;
-  }
-
-  if ((this->init & COMPRESS) == 0)
-    THROW("tjEncodeYUVPlanes(): Instance has not been initialized for compression");
-
-  if (srcBuf == NULL || width <= 0 || pitch < 0 || height <= 0 ||
-      pixelFormat < 0 || pixelFormat >= TJ_NUMPF || !dstPlanes ||
-      !dstPlanes[0] || subsamp < 0 || subsamp >= NUMSUBOPT)
-    THROW("tjEncodeYUVPlanes(): Invalid argument");
-  if (subsamp != TJSAMP_GRAY && (!dstPlanes[1] || !dstPlanes[2]))
-    THROW("tjEncodeYUVPlanes(): Invalid argument");
-
-  if (pixelFormat == TJPF_CMYK)
-    THROW("tjEncodeYUVPlanes(): Cannot generate YUV images from CMYK pixels");
-
-  if (pitch == 0) pitch = width * tjPixelSize[pixelFormat];
-
-  if (setjmp(this->jerr.setjmp_buffer)) {
-    /* If we get here, the JPEG code has signaled an error. */
-    retval = -1;  goto bailout;
-  }
-
-  cinfo->image_width = width;
-  cinfo->image_height = height;
-
-#ifndef NO_PUTENV
-  if (flags & TJFLAG_FORCEMMX) putenv("JSIMD_FORCEMMX=1");
-  else if (flags & TJFLAG_FORCESSE) putenv("JSIMD_FORCESSE=1");
-  else if (flags & TJFLAG_FORCESSE2) putenv("JSIMD_FORCESSE2=1");
-#endif
-
-  setCompDefaults(cinfo, pixelFormat, subsamp, -1, flags);
-
-  /* Execute only the parts of jpeg_start_compress() that we need.  If we
-     were to call the whole jpeg_start_compress() function, then it would try
-     to write the file headers, which could overflow the output buffer if the
-     YUV image were very small. */
-  if (cinfo->global_state != CSTATE_START)
-    THROW("tjEncodeYUVPlanes(): libjpeg API is in the wrong state");
-  (*cinfo->err->reset_error_mgr) ((j_common_ptr)cinfo);
-  jinit_c_master_control(cinfo, FALSE);
-  jinit_color_converter(cinfo);
-  jinit_downsampler(cinfo);
-  (*cinfo->cconvert->start_pass) (cinfo);
-
-  pw0 = PAD(width, cinfo->max_h_samp_factor);
-  ph0 = PAD(height, cinfo->max_v_samp_factor);
-
-  if ((row_pointer = (JSAMPROW *)malloc(sizeof(JSAMPROW) * ph0)) == NULL)
-    THROW("tjEncodeYUVPlanes(): Memory allocation failure");
-  for (i = 0; i < height; i++) {
-    if (flags & TJFLAG_BOTTOMUP)
-      row_pointer[i] = (JSAMPROW)&srcBuf[(height - i - 1) * (size_t)pitch];
-    else
-      row_pointer[i] = (JSAMPROW)&srcBuf[i * (size_t)pitch];
-  }
-  if (height < ph0)
-    for (i = height; i < ph0; i++) row_pointer[i] = row_pointer[height - 1];
-
-  for (i = 0; i < cinfo->num_components; i++) {
-    compptr = &cinfo->comp_info[i];
-    _tmpbuf[i] = (JSAMPLE *)malloc(
-      PAD((compptr->width_in_blocks * cinfo->max_h_samp_factor * DCTSIZE) /
-          compptr->h_samp_factor, 32) *
-      cinfo->max_v_samp_factor + 32);
-    if (!_tmpbuf[i])
-      THROW("tjEncodeYUVPlanes(): Memory allocation failure");
-    tmpbuf[i] =
-      (JSAMPROW *)malloc(sizeof(JSAMPROW) * cinfo->max_v_samp_factor);
-    if (!tmpbuf[i])
-      THROW("tjEncodeYUVPlanes(): Memory allocation failure");
-    for (row = 0; row < cinfo->max_v_samp_factor; row++) {
-      unsigned char *_tmpbuf_aligned =
-        (unsigned char *)PAD((size_t)_tmpbuf[i], 32);
-
-      tmpbuf[i][row] = &_tmpbuf_aligned[
-        PAD((compptr->width_in_blocks * cinfo->max_h_samp_factor * DCTSIZE) /
-            compptr->h_samp_factor, 32) * row];
-    }
-    _tmpbuf2[i] =
-      (JSAMPLE *)malloc(PAD(compptr->width_in_blocks * DCTSIZE, 32) *
-                        compptr->v_samp_factor + 32);
-    if (!_tmpbuf2[i])
-      THROW("tjEncodeYUVPlanes(): Memory allocation failure");
-    tmpbuf2[i] = (JSAMPROW *)malloc(sizeof(JSAMPROW) * compptr->v_samp_factor);
-    if (!tmpbuf2[i])
-      THROW("tjEncodeYUVPlanes(): Memory allocation failure");
-    for (row = 0; row < compptr->v_samp_factor; row++) {
-      unsigned char *_tmpbuf2_aligned =
-        (unsigned char *)PAD((size_t)_tmpbuf2[i], 32);
-
-      tmpbuf2[i][row] =
-        &_tmpbuf2_aligned[PAD(compptr->width_in_blocks * DCTSIZE, 32) * row];
-    }
-    pw[i] = pw0 * compptr->h_samp_factor / cinfo->max_h_samp_factor;
-    ph[i] = ph0 * compptr->v_samp_factor / cinfo->max_v_samp_factor;
-    outbuf[i] = (JSAMPROW *)malloc(sizeof(JSAMPROW) * ph[i]);
-    if (!outbuf[i])
-      THROW("tjEncodeYUVPlanes(): Memory allocation failure");
-    ptr = dstPlanes[i];
-    for (row = 0; row < ph[i]; row++) {
-      outbuf[i][row] = ptr;
-      ptr += (strides && strides[i] != 0) ? strides[i] : pw[i];
-    }
-  }
-
-  if (setjmp(this->jerr.setjmp_buffer)) {
-    /* If we get here, the JPEG code has signaled an error. */
-    retval = -1;  goto bailout;
-  }
-
-  for (row = 0; row < ph0; row += cinfo->max_v_samp_factor) {
-    (*cinfo->cconvert->color_convert) (cinfo, &row_pointer[row], tmpbuf, 0,
-                                       cinfo->max_v_samp_factor);
-    (cinfo->downsample->downsample) (cinfo, tmpbuf, 0, tmpbuf2, 0);
-    for (i = 0, compptr = cinfo->comp_info; i < cinfo->num_components;
-         i++, compptr++)
-      jcopy_sample_rows(tmpbuf2[i], 0, outbuf[i],
-        row * compptr->v_samp_factor / cinfo->max_v_samp_factor,
-        compptr->v_samp_factor, pw[i]);
-  }
-  cinfo->next_scanline += height;
-  jpeg_abort_compress(cinfo);
-
-bailout:
-  if (cinfo->global_state > CSTATE_START) jpeg_abort_compress(cinfo);
-  free(row_pointer);
-  for (i = 0; i < MAX_COMPONENTS; i++) {
-    free(tmpbuf[i]);
-    free(_tmpbuf[i]);
-    free(tmpbuf2[i]);
-    free(_tmpbuf2[i]);
-    free(outbuf[i]);
-  }
-  if (this->jerr.warning) retval = -1;
-  this->jerr.stopOnWarning = FALSE;
-  return retval;
-}
-
-DLLEXPORT int tjEncodeYUV3(tjhandle handle, const unsigned char *srcBuf,
-                           int width, int pitch, int height, int pixelFormat,
-                           unsigned char *dstBuf, int pad, int subsamp,
-                           int flags)
-{
-  unsigned char *dstPlanes[3];
-  int pw0, ph0, strides[3], retval = -1;
-  tjinstance *this = (tjinstance *)handle;
-
-  if (!this) THROWG("tjEncodeYUV3(): Invalid handle");
-  this->isInstanceError = FALSE;
-
-  if (width <= 0 || height <= 0 || dstBuf == NULL || pad < 0 ||
-      !IS_POW2(pad) || subsamp < 0 || subsamp >= NUMSUBOPT)
-    THROW("tjEncodeYUV3(): Invalid argument");
-
-  pw0 = tjPlaneWidth(0, width, subsamp);
-  ph0 = tjPlaneHeight(0, height, subsamp);
-  dstPlanes[0] = dstBuf;
-  strides[0] = PAD(pw0, pad);
-  if (subsamp == TJSAMP_GRAY) {
-    strides[1] = strides[2] = 0;
-    dstPlanes[1] = dstPlanes[2] = NULL;
-  } else {
-    int pw1 = tjPlaneWidth(1, width, subsamp);
-    int ph1 = tjPlaneHeight(1, height, subsamp);
-
-    strides[1] = strides[2] = PAD(pw1, pad);
-    dstPlanes[1] = dstPlanes[0] + strides[0] * ph0;
-    dstPlanes[2] = dstPlanes[1] + strides[1] * ph1;
-  }
-
-  return tjEncodeYUVPlanes(handle, srcBuf, width, pitch, height, pixelFormat,
-                           dstPlanes, strides, subsamp, flags);
-
-bailout:
-  return retval;
-}
-
-DLLEXPORT int tjEncodeYUV2(tjhandle handle, unsigned char *srcBuf, int width,
-                           int pitch, int height, int pixelFormat,
-                           unsigned char *dstBuf, int subsamp, int flags)
-{
-  return tjEncodeYUV3(handle, srcBuf, width, pitch, height, pixelFormat,
-                      dstBuf, 4, subsamp, flags);
-}
-
-DLLEXPORT int tjEncodeYUV(tjhandle handle, unsigned char *srcBuf, int width,
-                          int pitch, int height, int pixelSize,
-                          unsigned char *dstBuf, int subsamp, int flags)
-{
-  return tjEncodeYUV2(handle, srcBuf, width, pitch, height,
-                      getPixelFormat(pixelSize, flags), dstBuf, subsamp,
-                      flags);
-}
-
-
-DLLEXPORT int tjCompressFromYUVPlanes(tjhandle handle,
-                                      const unsigned char **srcPlanes,
-                                      int width, const int *strides,
-                                      int height, int subsamp,
-                                      unsigned char **jpegBuf,
-                                      unsigned long *jpegSize, int jpegQual,
-                                      int flags)
-{
-  int i, row, retval = 0, alloc = 1;
-  int pw[MAX_COMPONENTS], ph[MAX_COMPONENTS], iw[MAX_COMPONENTS],
-    tmpbufsize = 0, usetmpbuf = 0, th[MAX_COMPONENTS];
-  JSAMPLE *_tmpbuf = NULL, *ptr;
-  JSAMPROW *inbuf[MAX_COMPONENTS], *tmpbuf[MAX_COMPONENTS];
-
-  GET_CINSTANCE(handle)
-  this->jerr.stopOnWarning = (flags & TJFLAG_STOPONWARNING) ? TRUE : FALSE;
-
-  for (i = 0; i < MAX_COMPONENTS; i++) {
-    tmpbuf[i] = NULL;  inbuf[i] = NULL;
-  }
-
-  if ((this->init & COMPRESS) == 0)
-    THROW("tjCompressFromYUVPlanes(): Instance has not been initialized for compression");
-
-  if (!srcPlanes || !srcPlanes[0] || width <= 0 || height <= 0 ||
-      subsamp < 0 || subsamp >= NUMSUBOPT || jpegBuf == NULL ||
-      jpegSize == NULL || jpegQual < 0 || jpegQual > 100)
-    THROW("tjCompressFromYUVPlanes(): Invalid argument");
-  if (subsamp != TJSAMP_GRAY && (!srcPlanes[1] || !srcPlanes[2]))
-    THROW("tjCompressFromYUVPlanes(): Invalid argument");
-
-  if (setjmp(this->jerr.setjmp_buffer)) {
-    /* If we get here, the JPEG code has signaled an error. */
-    retval = -1;  goto bailout;
-  }
-
-  cinfo->image_width = width;
-  cinfo->image_height = height;
-
-#ifndef NO_PUTENV
-  if (flags & TJFLAG_FORCEMMX) putenv("JSIMD_FORCEMMX=1");
-  else if (flags & TJFLAG_FORCESSE) putenv("JSIMD_FORCESSE=1");
-  else if (flags & TJFLAG_FORCESSE2) putenv("JSIMD_FORCESSE2=1");
-#endif
-
-  if (flags & TJFLAG_NOREALLOC) {
-    alloc = 0;  *jpegSize = tjBufSize(width, height, subsamp);
-  }
-  jpeg_mem_dest_tj(cinfo, jpegBuf, jpegSize, alloc);
-  setCompDefaults(cinfo, TJPF_RGB, subsamp, jpegQual, flags);
-  cinfo->raw_data_in = TRUE;
-
-  jpeg_start_compress(cinfo, TRUE);
-  for (i = 0; i < cinfo->num_components; i++) {
-    jpeg_component_info *compptr = &cinfo->comp_info[i];
-    int ih;
-
-    iw[i] = compptr->width_in_blocks * DCTSIZE;
-    ih = compptr->height_in_blocks * DCTSIZE;
-    pw[i] = PAD(cinfo->image_width, cinfo->max_h_samp_factor) *
-            compptr->h_samp_factor / cinfo->max_h_samp_factor;
-    ph[i] = PAD(cinfo->image_height, cinfo->max_v_samp_factor) *
-            compptr->v_samp_factor / cinfo->max_v_samp_factor;
-    if (iw[i] != pw[i] || ih != ph[i]) usetmpbuf = 1;
-    th[i] = compptr->v_samp_factor * DCTSIZE;
-    tmpbufsize += iw[i] * th[i];
-    if ((inbuf[i] = (JSAMPROW *)malloc(sizeof(JSAMPROW) * ph[i])) == NULL)
-      THROW("tjCompressFromYUVPlanes(): Memory allocation failure");
-    ptr = (JSAMPLE *)srcPlanes[i];
-    for (row = 0; row < ph[i]; row++) {
-      inbuf[i][row] = ptr;
-      ptr += (strides && strides[i] != 0) ? strides[i] : pw[i];
-    }
-  }
-  if (usetmpbuf) {
-    if ((_tmpbuf = (JSAMPLE *)malloc(sizeof(JSAMPLE) * tmpbufsize)) == NULL)
-      THROW("tjCompressFromYUVPlanes(): Memory allocation failure");
-    ptr = _tmpbuf;
-    for (i = 0; i < cinfo->num_components; i++) {
-      if ((tmpbuf[i] = (JSAMPROW *)malloc(sizeof(JSAMPROW) * th[i])) == NULL)
-        THROW("tjCompressFromYUVPlanes(): Memory allocation failure");
-      for (row = 0; row < th[i]; row++) {
-        tmpbuf[i][row] = ptr;
-        ptr += iw[i];
-      }
-    }
-  }
-
-  if (setjmp(this->jerr.setjmp_buffer)) {
-    /* If we get here, the JPEG code has signaled an error. */
-    retval = -1;  goto bailout;
-  }
-
-  for (row = 0; row < (int)cinfo->image_height;
-       row += cinfo->max_v_samp_factor * DCTSIZE) {
-    JSAMPARRAY yuvptr[MAX_COMPONENTS];
-    int crow[MAX_COMPONENTS];
-
-    for (i = 0; i < cinfo->num_components; i++) {
-      jpeg_component_info *compptr = &cinfo->comp_info[i];
-
-      crow[i] = row * compptr->v_samp_factor / cinfo->max_v_samp_factor;
-      if (usetmpbuf) {
-        int j, k;
-
-        for (j = 0; j < MIN(th[i], ph[i] - crow[i]); j++) {
-          memcpy(tmpbuf[i][j], inbuf[i][crow[i] + j], pw[i]);
-          /* Duplicate last sample in row to fill out MCU */
-          for (k = pw[i]; k < iw[i]; k++)
-            tmpbuf[i][j][k] = tmpbuf[i][j][pw[i] - 1];
-        }
-        /* Duplicate last row to fill out MCU */
-        for (j = ph[i] - crow[i]; j < th[i]; j++)
-          memcpy(tmpbuf[i][j], tmpbuf[i][ph[i] - crow[i] - 1], iw[i]);
-        yuvptr[i] = tmpbuf[i];
-      } else
-        yuvptr[i] = &inbuf[i][crow[i]];
-    }
-    jpeg_write_raw_data(cinfo, yuvptr, cinfo->max_v_samp_factor * DCTSIZE);
-  }
-  jpeg_finish_compress(cinfo);
-
-bailout:
-  if (cinfo->global_state > CSTATE_START) {
-    if (alloc) (*cinfo->dest->term_destination) (cinfo);
-    jpeg_abort_compress(cinfo);
-  }
-  for (i = 0; i < MAX_COMPONENTS; i++) {
-    free(tmpbuf[i]);
-    free(inbuf[i]);
-  }
-  free(_tmpbuf);
-  if (this->jerr.warning) retval = -1;
-  this->jerr.stopOnWarning = FALSE;
-  return retval;
-}
-
-DLLEXPORT int tjCompressFromYUV(tjhandle handle, const unsigned char *srcBuf,
-                                int width, int pad, int height, int subsamp,
-                                unsigned char **jpegBuf,
-                                unsigned long *jpegSize, int jpegQual,
-                                int flags)
-{
-  const unsigned char *srcPlanes[3];
-  int pw0, ph0, strides[3], retval = -1;
-  tjinstance *this = (tjinstance *)handle;
-
-  if (!this) THROWG("tjCompressFromYUV(): Invalid handle");
-  this->isInstanceError = FALSE;
-
-  if (srcBuf == NULL || width <= 0 || pad < 1 || height <= 0 || subsamp < 0 ||
-      subsamp >= NUMSUBOPT)
-    THROW("tjCompressFromYUV(): Invalid argument");
-
-  pw0 = tjPlaneWidth(0, width, subsamp);
-  ph0 = tjPlaneHeight(0, height, subsamp);
-  srcPlanes[0] = srcBuf;
-  strides[0] = PAD(pw0, pad);
-  if (subsamp == TJSAMP_GRAY) {
-    strides[1] = strides[2] = 0;
-    srcPlanes[1] = srcPlanes[2] = NULL;
-  } else {
-    int pw1 = tjPlaneWidth(1, width, subsamp);
-    int ph1 = tjPlaneHeight(1, height, subsamp);
-
-    strides[1] = strides[2] = PAD(pw1, pad);
-    srcPlanes[1] = srcPlanes[0] + strides[0] * ph0;
-    srcPlanes[2] = srcPlanes[1] + strides[1] * ph1;
-  }
-
-  return tjCompressFromYUVPlanes(handle, srcPlanes, width, strides, height,
-                                 subsamp, jpegBuf, jpegSize, jpegQual, flags);
-
-bailout:
-  return retval;
-}
-
-
-/* Decompressor */
-
-static tjhandle _tjInitDecompress(tjinstance *this)
-{
-  static unsigned char buffer[1];
-
-  /* This is also straight out of example.txt */
-  this->dinfo.err = jpeg_std_error(&this->jerr.pub);
-  this->jerr.pub.error_exit = my_error_exit;
-  this->jerr.pub.output_message = my_output_message;
-  this->jerr.emit_message = this->jerr.pub.emit_message;
-  this->jerr.pub.emit_message = my_emit_message;
-  this->jerr.pub.addon_message_table = turbojpeg_message_table;
-  this->jerr.pub.first_addon_message = JMSG_FIRSTADDONCODE;
-  this->jerr.pub.last_addon_message = JMSG_LASTADDONCODE;
-
-  if (setjmp(this->jerr.setjmp_buffer)) {
-    /* If we get here, the JPEG code has signaled an error. */
-    free(this);
-    return NULL;
-  }
-
-  jpeg_create_decompress(&this->dinfo);
-  /* Make an initial call so it will create the source manager */
-  jpeg_mem_src_tj(&this->dinfo, buffer, 1);
-
-  this->init |= DECOMPRESS;
-  return (tjhandle)this;
-}
-
-DLLEXPORT tjhandle tjInitDecompress(void)
-{
-  tjinstance *this;
-
-  if ((this = (tjinstance *)malloc(sizeof(tjinstance))) == NULL) {
-    snprintf(errStr, JMSG_LENGTH_MAX,
-             "tjInitDecompress(): Memory allocation failure");
-    return NULL;
-  }
-  MEMZERO(this, sizeof(tjinstance));
-  snprintf(this->errStr, JMSG_LENGTH_MAX, "No error");
-  return _tjInitDecompress(this);
-}
-
-
-DLLEXPORT int tjDecompressHeader3(tjhandle handle,
-                                  const unsigned char *jpegBuf,
-                                  unsigned long jpegSize, int *width,
-                                  int *height, int *jpegSubsamp,
-                                  int *jpegColorspace)
-{
-  int retval = 0;
-
-  GET_DINSTANCE(handle);
-  if ((this->init & DECOMPRESS) == 0)
-    THROW("tjDecompressHeader3(): Instance has not been initialized for decompression");
-
-  if (jpegBuf == NULL || jpegSize <= 0 || width == NULL || height == NULL ||
-      jpegSubsamp == NULL || jpegColorspace == NULL)
-    THROW("tjDecompressHeader3(): Invalid argument");
-
-  if (setjmp(this->jerr.setjmp_buffer)) {
-    /* If we get here, the JPEG code has signaled an error. */
-    return -1;
-  }
-
-  jpeg_mem_src_tj(dinfo, jpegBuf, jpegSize);
-  jpeg_read_header(dinfo, TRUE);
-
-  *width = dinfo->image_width;
-  *height = dinfo->image_height;
-  *jpegSubsamp = getSubsamp(dinfo);
-  switch (dinfo->jpeg_color_space) {
-  case JCS_GRAYSCALE:  *jpegColorspace = TJCS_GRAY;  break;
-  case JCS_RGB:        *jpegColorspace = TJCS_RGB;  break;
-  case JCS_YCbCr:      *jpegColorspace = TJCS_YCbCr;  break;
-  case JCS_CMYK:       *jpegColorspace = TJCS_CMYK;  break;
-  case JCS_YCCK:       *jpegColorspace = TJCS_YCCK;  break;
-  default:             *jpegColorspace = -1;  break;
-  }
-
-  jpeg_abort_decompress(dinfo);
-
-  if (*jpegSubsamp < 0)
-    THROW("tjDecompressHeader3(): Could not determine subsampling type for JPEG image");
-  if (*jpegColorspace < 0)
-    THROW("tjDecompressHeader3(): Could not determine colorspace of JPEG image");
-  if (*width < 1 || *height < 1)
-    THROW("tjDecompressHeader3(): Invalid data returned in header");
-
-bailout:
-  if (this->jerr.warning) retval = -1;
-  return retval;
-}
-
-DLLEXPORT int tjDecompressHeader2(tjhandle handle, unsigned char *jpegBuf,
-                                  unsigned long jpegSize, int *width,
-                                  int *height, int *jpegSubsamp)
-{
-  int jpegColorspace;
-
-  return tjDecompressHeader3(handle, jpegBuf, jpegSize, width, height,
-                             jpegSubsamp, &jpegColorspace);
-}
-
-DLLEXPORT int tjDecompressHeader(tjhandle handle, unsigned char *jpegBuf,
-                                 unsigned long jpegSize, int *width,
-                                 int *height)
-{
-  int jpegSubsamp;
-
-  return tjDecompressHeader2(handle, jpegBuf, jpegSize, width, height,
-                             &jpegSubsamp);
-}
-
-
-DLLEXPORT tjscalingfactor *tjGetScalingFactors(int *numscalingfactors)
-{
-  if (numscalingfactors == NULL) {
-    snprintf(errStr, JMSG_LENGTH_MAX,
-             "tjGetScalingFactors(): Invalid argument");
-    return NULL;
-  }
-
-  *numscalingfactors = NUMSF;
-  return (tjscalingfactor *)sf;
-}
-
-
-DLLEXPORT int tjDecompress2(tjhandle handle, const unsigned char *jpegBuf,
-                            unsigned long jpegSize, unsigned char *dstBuf,
-                            int width, int pitch, int height, int pixelFormat,
-                            int flags)
-{
-  JSAMPROW *row_pointer = NULL;
-  int i, retval = 0, jpegwidth, jpegheight, scaledw, scaledh;
-  struct my_progress_mgr progress;
-
-  GET_DINSTANCE(handle);
-  this->jerr.stopOnWarning = (flags & TJFLAG_STOPONWARNING) ? TRUE : FALSE;
-  if ((this->init & DECOMPRESS) == 0)
-    THROW("tjDecompress2(): Instance has not been initialized for decompression");
-
-  if (jpegBuf == NULL || jpegSize <= 0 || dstBuf == NULL || width < 0 ||
-      pitch < 0 || height < 0 || pixelFormat < 0 || pixelFormat >= TJ_NUMPF)
-    THROW("tjDecompress2(): Invalid argument");
-
-#ifndef NO_PUTENV
-  if (flags & TJFLAG_FORCEMMX) putenv("JSIMD_FORCEMMX=1");
-  else if (flags & TJFLAG_FORCESSE) putenv("JSIMD_FORCESSE=1");
-  else if (flags & TJFLAG_FORCESSE2) putenv("JSIMD_FORCESSE2=1");
-#endif
-
-  if (flags & TJFLAG_LIMITSCANS) {
-    MEMZERO(&progress, sizeof(struct my_progress_mgr));
-    progress.pub.progress_monitor = my_progress_monitor;
-    progress.this = this;
-    dinfo->progress = &progress.pub;
-  } else
-    dinfo->progress = NULL;
-
-  if (setjmp(this->jerr.setjmp_buffer)) {
-    /* If we get here, the JPEG code has signaled an error. */
-    retval = -1;  goto bailout;
-  }
-
-  jpeg_mem_src_tj(dinfo, jpegBuf, jpegSize);
-  jpeg_read_header(dinfo, TRUE);
-  this->dinfo.out_color_space = pf2cs[pixelFormat];
-  if (flags & TJFLAG_FASTDCT) this->dinfo.dct_method = JDCT_FASTEST;
-  if (flags & TJFLAG_FASTUPSAMPLE) dinfo->do_fancy_upsampling = FALSE;
-
-  jpegwidth = dinfo->image_width;  jpegheight = dinfo->image_height;
-  if (width == 0) width = jpegwidth;
-  if (height == 0) height = jpegheight;
-  for (i = 0; i < NUMSF; i++) {
-    scaledw = TJSCALED(jpegwidth, sf[i]);
-    scaledh = TJSCALED(jpegheight, sf[i]);
-    if (scaledw <= width && scaledh <= height)
-      break;
-  }
-  if (i >= NUMSF)
-    THROW("tjDecompress2(): Could not scale down to desired image dimensions");
-  width = scaledw;  height = scaledh;
-  dinfo->scale_num = sf[i].num;
-  dinfo->scale_denom = sf[i].denom;
-
-  jpeg_start_decompress(dinfo);
-  if (pitch == 0) pitch = dinfo->output_width * tjPixelSize[pixelFormat];
-
-  if ((row_pointer =
-       (JSAMPROW *)malloc(sizeof(JSAMPROW) * dinfo->output_height)) == NULL)
-    THROW("tjDecompress2(): Memory allocation failure");
-  if (setjmp(this->jerr.setjmp_buffer)) {
-    /* If we get here, the JPEG code has signaled an error. */
-    retval = -1;  goto bailout;
-  }
-  for (i = 0; i < (int)dinfo->output_height; i++) {
-    if (flags & TJFLAG_BOTTOMUP)
-      row_pointer[i] = &dstBuf[(dinfo->output_height - i - 1) * (size_t)pitch];
-    else
-      row_pointer[i] = &dstBuf[i * (size_t)pitch];
-  }
-  while (dinfo->output_scanline < dinfo->output_height)
-    jpeg_read_scanlines(dinfo, &row_pointer[dinfo->output_scanline],
-                        dinfo->output_height - dinfo->output_scanline);
-  jpeg_finish_decompress(dinfo);
-
-bailout:
-  if (dinfo->global_state > DSTATE_START) jpeg_abort_decompress(dinfo);
-  free(row_pointer);
-  if (this->jerr.warning) retval = -1;
-  this->jerr.stopOnWarning = FALSE;
-  return retval;
-}
-
-DLLEXPORT int tjDecompress(tjhandle handle, unsigned char *jpegBuf,
-                           unsigned long jpegSize, unsigned char *dstBuf,
-                           int width, int pitch, int height, int pixelSize,
-                           int flags)
-{
-  if (flags & TJ_YUV)
-    return tjDecompressToYUV(handle, jpegBuf, jpegSize, dstBuf, flags);
-  else
-    return tjDecompress2(handle, jpegBuf, jpegSize, dstBuf, width, pitch,
-                         height, getPixelFormat(pixelSize, flags), flags);
-}
-
-
-static int setDecodeDefaults(struct jpeg_decompress_struct *dinfo,
-                             int pixelFormat, int subsamp, int flags)
-{
-  int i;
-
-  dinfo->scale_num = dinfo->scale_denom = 1;
-
-  if (subsamp == TJSAMP_GRAY) {
-    dinfo->num_components = dinfo->comps_in_scan = 1;
-    dinfo->jpeg_color_space = JCS_GRAYSCALE;
-  } else {
-    dinfo->num_components = dinfo->comps_in_scan = 3;
-    dinfo->jpeg_color_space = JCS_YCbCr;
-  }
-
-  dinfo->comp_info = (jpeg_component_info *)
-    (*dinfo->mem->alloc_small) ((j_common_ptr)dinfo, JPOOL_IMAGE,
-                                dinfo->num_components *
-                                sizeof(jpeg_component_info));
-
-  for (i = 0; i < dinfo->num_components; i++) {
-    jpeg_component_info *compptr = &dinfo->comp_info[i];
-
-    compptr->h_samp_factor = (i == 0) ? tjMCUWidth[subsamp] / 8 : 1;
-    compptr->v_samp_factor = (i == 0) ? tjMCUHeight[subsamp] / 8 : 1;
-    compptr->component_index = i;
-    compptr->component_id = i + 1;
-    compptr->quant_tbl_no = compptr->dc_tbl_no =
-      compptr->ac_tbl_no = (i == 0) ? 0 : 1;
-    dinfo->cur_comp_info[i] = compptr;
-  }
-  dinfo->data_precision = 8;
-  for (i = 0; i < 2; i++) {
-    if (dinfo->quant_tbl_ptrs[i] == NULL)
-      dinfo->quant_tbl_ptrs[i] = jpeg_alloc_quant_table((j_common_ptr)dinfo);
-  }
-
-  return 0;
-}
-
-
-static int my_read_markers(j_decompress_ptr dinfo)
-{
-  return JPEG_REACHED_SOS;
-}
-
-static void my_reset_marker_reader(j_decompress_ptr dinfo)
-{
-}
-
-DLLEXPORT int tjDecodeYUVPlanes(tjhandle handle,
-                                const unsigned char **srcPlanes,
-                                const int *strides, int subsamp,
-                                unsigned char *dstBuf, int width, int pitch,
-                                int height, int pixelFormat, int flags)
-{
-  JSAMPROW *row_pointer = NULL;
-  JSAMPLE *_tmpbuf[MAX_COMPONENTS];
-  JSAMPROW *tmpbuf[MAX_COMPONENTS], *inbuf[MAX_COMPONENTS];
-  int i, retval = 0, row, pw0, ph0, pw[MAX_COMPONENTS], ph[MAX_COMPONENTS];
-  JSAMPLE *ptr;
-  jpeg_component_info *compptr;
-  int (*old_read_markers) (j_decompress_ptr);
-  void (*old_reset_marker_reader) (j_decompress_ptr);
-
-  GET_DINSTANCE(handle);
-  this->jerr.stopOnWarning = (flags & TJFLAG_STOPONWARNING) ? TRUE : FALSE;
-
-  for (i = 0; i < MAX_COMPONENTS; i++) {
-    tmpbuf[i] = NULL;  _tmpbuf[i] = NULL;  inbuf[i] = NULL;
-  }
-
-  if ((this->init & DECOMPRESS) == 0)
-    THROW("tjDecodeYUVPlanes(): Instance has not been initialized for decompression");
-
-  if (!srcPlanes || !srcPlanes[0] || subsamp < 0 || subsamp >= NUMSUBOPT ||
-      dstBuf == NULL || width <= 0 || pitch < 0 || height <= 0 ||
-      pixelFormat < 0 || pixelFormat >= TJ_NUMPF)
-    THROW("tjDecodeYUVPlanes(): Invalid argument");
-  if (subsamp != TJSAMP_GRAY && (!srcPlanes[1] || !srcPlanes[2]))
-    THROW("tjDecodeYUVPlanes(): Invalid argument");
-
-  if (setjmp(this->jerr.setjmp_buffer)) {
-    /* If we get here, the JPEG code has signaled an error. */
-    retval = -1;  goto bailout;
-  }
-
-  if (pixelFormat == TJPF_CMYK)
-    THROW("tjDecodeYUVPlanes(): Cannot decode YUV images into CMYK pixels.");
-
-  if (pitch == 0) pitch = width * tjPixelSize[pixelFormat];
-  dinfo->image_width = width;
-  dinfo->image_height = height;
-
-#ifndef NO_PUTENV
-  if (flags & TJFLAG_FORCEMMX) putenv("JSIMD_FORCEMMX=1");
-  else if (flags & TJFLAG_FORCESSE) putenv("JSIMD_FORCESSE=1");
-  else if (flags & TJFLAG_FORCESSE2) putenv("JSIMD_FORCESSE2=1");
-#endif
-
-  dinfo->progressive_mode = dinfo->inputctl->has_multiple_scans = FALSE;
-  dinfo->Ss = dinfo->Ah = dinfo->Al = 0;
-  dinfo->Se = DCTSIZE2 - 1;
-  if (setDecodeDefaults(dinfo, pixelFormat, subsamp, flags) == -1) {
-    retval = -1;  goto bailout;
-  }
-  old_read_markers = dinfo->marker->read_markers;
-  dinfo->marker->read_markers = my_read_markers;
-  old_reset_marker_reader = dinfo->marker->reset_marker_reader;
-  dinfo->marker->reset_marker_reader = my_reset_marker_reader;
-  jpeg_read_header(dinfo, TRUE);
-  dinfo->marker->read_markers = old_read_markers;
-  dinfo->marker->reset_marker_reader = old_reset_marker_reader;
-
-  this->dinfo.out_color_space = pf2cs[pixelFormat];
-  if (flags & TJFLAG_FASTDCT) this->dinfo.dct_method = JDCT_FASTEST;
-  dinfo->do_fancy_upsampling = FALSE;
-  dinfo->Se = DCTSIZE2 - 1;
-  jinit_master_decompress(dinfo);
-  (*dinfo->upsample->start_pass) (dinfo);
-
-  pw0 = PAD(width, dinfo->max_h_samp_factor);
-  ph0 = PAD(height, dinfo->max_v_samp_factor);
-
-  if (pitch == 0) pitch = dinfo->output_width * tjPixelSize[pixelFormat];
-
-  if ((row_pointer = (JSAMPROW *)malloc(sizeof(JSAMPROW) * ph0)) == NULL)
-    THROW("tjDecodeYUVPlanes(): Memory allocation failure");
-  for (i = 0; i < height; i++) {
-    if (flags & TJFLAG_BOTTOMUP)
-      row_pointer[i] = &dstBuf[(height - i - 1) * (size_t)pitch];
-    else
-      row_pointer[i] = &dstBuf[i * (size_t)pitch];
-  }
-  if (height < ph0)
-    for (i = height; i < ph0; i++) row_pointer[i] = row_pointer[height - 1];
-
-  for (i = 0; i < dinfo->num_components; i++) {
-    compptr = &dinfo->comp_info[i];
-    _tmpbuf[i] =
-      (JSAMPLE *)malloc(PAD(compptr->width_in_blocks * DCTSIZE, 32) *
-                        compptr->v_samp_factor + 32);
-    if (!_tmpbuf[i])
-      THROW("tjDecodeYUVPlanes(): Memory allocation failure");
-    tmpbuf[i] = (JSAMPROW *)malloc(sizeof(JSAMPROW) * compptr->v_samp_factor);
-    if (!tmpbuf[i])
-      THROW("tjDecodeYUVPlanes(): Memory allocation failure");
-    for (row = 0; row < compptr->v_samp_factor; row++) {
-      unsigned char *_tmpbuf_aligned =
-        (unsigned char *)PAD((size_t)_tmpbuf[i], 32);
-
-      tmpbuf[i][row] =
-        &_tmpbuf_aligned[PAD(compptr->width_in_blocks * DCTSIZE, 32) * row];
-    }
-    pw[i] = pw0 * compptr->h_samp_factor / dinfo->max_h_samp_factor;
-    ph[i] = ph0 * compptr->v_samp_factor / dinfo->max_v_samp_factor;
-    inbuf[i] = (JSAMPROW *)malloc(sizeof(JSAMPROW) * ph[i]);
-    if (!inbuf[i])
-      THROW("tjDecodeYUVPlanes(): Memory allocation failure");
-    ptr = (JSAMPLE *)srcPlanes[i];
-    for (row = 0; row < ph[i]; row++) {
-      inbuf[i][row] = ptr;
-      ptr += (strides && strides[i] != 0) ? strides[i] : pw[i];
-    }
-  }
-
-  if (setjmp(this->jerr.setjmp_buffer)) {
-    /* If we get here, the JPEG code has signaled an error. */
-    retval = -1;  goto bailout;
-  }
-
-  for (row = 0; row < ph0; row += dinfo->max_v_samp_factor) {
-    JDIMENSION inrow = 0, outrow = 0;
-
-    for (i = 0, compptr = dinfo->comp_info; i < dinfo->num_components;
-         i++, compptr++)
-      jcopy_sample_rows(inbuf[i],
-        row * compptr->v_samp_factor / dinfo->max_v_samp_factor, tmpbuf[i], 0,
-        compptr->v_samp_factor, pw[i]);
-    (dinfo->upsample->upsample) (dinfo, tmpbuf, &inrow,
-                                 dinfo->max_v_samp_factor, &row_pointer[row],
-                                 &outrow, dinfo->max_v_samp_factor);
-  }
-  jpeg_abort_decompress(dinfo);
-
-bailout:
-  if (dinfo->global_state > DSTATE_START) jpeg_abort_decompress(dinfo);
-  free(row_pointer);
-  for (i = 0; i < MAX_COMPONENTS; i++) {
-    free(tmpbuf[i]);
-    free(_tmpbuf[i]);
-    free(inbuf[i]);
-  }
-  if (this->jerr.warning) retval = -1;
-  this->jerr.stopOnWarning = FALSE;
-  return retval;
-}
-
-DLLEXPORT int tjDecodeYUV(tjhandle handle, const unsigned char *srcBuf,
-                          int pad, int subsamp, unsigned char *dstBuf,
-                          int width, int pitch, int height, int pixelFormat,
-                          int flags)
-{
-  const unsigned char *srcPlanes[3];
-  int pw0, ph0, strides[3], retval = -1;
-  tjinstance *this = (tjinstance *)handle;
-
-  if (!this) THROWG("tjDecodeYUV(): Invalid handle");
-  this->isInstanceError = FALSE;
-
-  if (srcBuf == NULL || pad < 0 || !IS_POW2(pad) || subsamp < 0 ||
-      subsamp >= NUMSUBOPT || width <= 0 || height <= 0)
-    THROW("tjDecodeYUV(): Invalid argument");
-
-  pw0 = tjPlaneWidth(0, width, subsamp);
-  ph0 = tjPlaneHeight(0, height, subsamp);
-  srcPlanes[0] = srcBuf;
-  strides[0] = PAD(pw0, pad);
-  if (subsamp == TJSAMP_GRAY) {
-    strides[1] = strides[2] = 0;
-    srcPlanes[1] = srcPlanes[2] = NULL;
-  } else {
-    int pw1 = tjPlaneWidth(1, width, subsamp);
-    int ph1 = tjPlaneHeight(1, height, subsamp);
-
-    strides[1] = strides[2] = PAD(pw1, pad);
-    srcPlanes[1] = srcPlanes[0] + strides[0] * ph0;
-    srcPlanes[2] = srcPlanes[1] + strides[1] * ph1;
-  }
-
-  return tjDecodeYUVPlanes(handle, srcPlanes, strides, subsamp, dstBuf, width,
-                           pitch, height, pixelFormat, flags);
-
-bailout:
-  return retval;
-}
-
-DLLEXPORT int tjDecompressToYUVPlanes(tjhandle handle,
-                                      const unsigned char *jpegBuf,
-                                      unsigned long jpegSize,
-                                      unsigned char **dstPlanes, int width,
-                                      int *strides, int height, int flags)
-{
-  int i, sfi, row, retval = 0;
-  int jpegwidth, jpegheight, jpegSubsamp, scaledw, scaledh;
-  int pw[MAX_COMPONENTS], ph[MAX_COMPONENTS], iw[MAX_COMPONENTS],
-    tmpbufsize = 0, usetmpbuf = 0, th[MAX_COMPONENTS];
-  JSAMPLE *_tmpbuf = NULL, *ptr;
-  JSAMPROW *outbuf[MAX_COMPONENTS], *tmpbuf[MAX_COMPONENTS];
-  int dctsize;
-  struct my_progress_mgr progress;
-
-  GET_DINSTANCE(handle);
-  this->jerr.stopOnWarning = (flags & TJFLAG_STOPONWARNING) ? TRUE : FALSE;
-
-  for (i = 0; i < MAX_COMPONENTS; i++) {
-    tmpbuf[i] = NULL;  outbuf[i] = NULL;
-  }
-
-  if ((this->init & DECOMPRESS) == 0)
-    THROW("tjDecompressToYUVPlanes(): Instance has not been initialized for decompression");
-
-  if (jpegBuf == NULL || jpegSize <= 0 || !dstPlanes || !dstPlanes[0] ||
-      width < 0 || height < 0)
-    THROW("tjDecompressToYUVPlanes(): Invalid argument");
-
-#ifndef NO_PUTENV
-  if (flags & TJFLAG_FORCEMMX) putenv("JSIMD_FORCEMMX=1");
-  else if (flags & TJFLAG_FORCESSE) putenv("JSIMD_FORCESSE=1");
-  else if (flags & TJFLAG_FORCESSE2) putenv("JSIMD_FORCESSE2=1");
-#endif
-
-  if (flags & TJFLAG_LIMITSCANS) {
-    MEMZERO(&progress, sizeof(struct my_progress_mgr));
-    progress.pub.progress_monitor = my_progress_monitor;
-    progress.this = this;
-    dinfo->progress = &progress.pub;
-  } else
-    dinfo->progress = NULL;
-
-  if (setjmp(this->jerr.setjmp_buffer)) {
-    /* If we get here, the JPEG code has signaled an error. */
-    retval = -1;  goto bailout;
-  }
-
-  if (!this->headerRead) {
-    jpeg_mem_src_tj(dinfo, jpegBuf, jpegSize);
-    jpeg_read_header(dinfo, TRUE);
-  }
-  this->headerRead = 0;
-  jpegSubsamp = getSubsamp(dinfo);
-  if (jpegSubsamp < 0)
-    THROW("tjDecompressToYUVPlanes(): Could not determine subsampling type for JPEG image");
-
-  if (jpegSubsamp != TJSAMP_GRAY && (!dstPlanes[1] || !dstPlanes[2]))
-    THROW("tjDecompressToYUVPlanes(): Invalid argument");
-
-  jpegwidth = dinfo->image_width;  jpegheight = dinfo->image_height;
-  if (width == 0) width = jpegwidth;
-  if (height == 0) height = jpegheight;
-  for (i = 0; i < NUMSF; i++) {
-    scaledw = TJSCALED(jpegwidth, sf[i]);
-    scaledh = TJSCALED(jpegheight, sf[i]);
-    if (scaledw <= width && scaledh <= height)
-      break;
-  }
-  if (i >= NUMSF)
-    THROW("tjDecompressToYUVPlanes(): Could not scale down to desired image dimensions");
-  if (dinfo->num_components > 3)
-    THROW("tjDecompressToYUVPlanes(): JPEG image must have 3 or fewer components");
-
-  width = scaledw;  height = scaledh;
-  dinfo->scale_num = sf[i].num;
-  dinfo->scale_denom = sf[i].denom;
-  sfi = i;
-  jpeg_calc_output_dimensions(dinfo);
-
-  dctsize = DCTSIZE * sf[sfi].num / sf[sfi].denom;
-
-  for (i = 0; i < dinfo->num_components; i++) {
-    jpeg_component_info *compptr = &dinfo->comp_info[i];
-    int ih;
-
-    iw[i] = compptr->width_in_blocks * dctsize;
-    ih = compptr->height_in_blocks * dctsize;
-    pw[i] = tjPlaneWidth(i, dinfo->output_width, jpegSubsamp);
-    ph[i] = tjPlaneHeight(i, dinfo->output_height, jpegSubsamp);
-    if (iw[i] != pw[i] || ih != ph[i]) usetmpbuf = 1;
-    th[i] = compptr->v_samp_factor * dctsize;
-    tmpbufsize += iw[i] * th[i];
-    if ((outbuf[i] = (JSAMPROW *)malloc(sizeof(JSAMPROW) * ph[i])) == NULL)
-      THROW("tjDecompressToYUVPlanes(): Memory allocation failure");
-    ptr = dstPlanes[i];
-    for (row = 0; row < ph[i]; row++) {
-      outbuf[i][row] = ptr;
-      ptr += (strides && strides[i] != 0) ? strides[i] : pw[i];
-    }
-  }
-  if (usetmpbuf) {
-    if ((_tmpbuf = (JSAMPLE *)malloc(sizeof(JSAMPLE) * tmpbufsize)) == NULL)
-      THROW("tjDecompressToYUVPlanes(): Memory allocation failure");
-    ptr = _tmpbuf;
-    for (i = 0; i < dinfo->num_components; i++) {
-      if ((tmpbuf[i] = (JSAMPROW *)malloc(sizeof(JSAMPROW) * th[i])) == NULL)
-        THROW("tjDecompressToYUVPlanes(): Memory allocation failure");
-      for (row = 0; row < th[i]; row++) {
-        tmpbuf[i][row] = ptr;
-        ptr += iw[i];
-      }
-    }
-  }
-
-  if (setjmp(this->jerr.setjmp_buffer)) {
-    /* If we get here, the JPEG code has signaled an error. */
-    retval = -1;  goto bailout;
-  }
-
-  if (flags & TJFLAG_FASTUPSAMPLE) dinfo->do_fancy_upsampling = FALSE;
-  if (flags & TJFLAG_FASTDCT) dinfo->dct_method = JDCT_FASTEST;
-  dinfo->raw_data_out = TRUE;
-
-  jpeg_start_decompress(dinfo);
-  for (row = 0; row < (int)dinfo->output_height;
-       row += dinfo->max_v_samp_factor * dinfo->_min_DCT_scaled_size) {
-    JSAMPARRAY yuvptr[MAX_COMPONENTS];
-    int crow[MAX_COMPONENTS];
-
-    for (i = 0; i < dinfo->num_components; i++) {
-      jpeg_component_info *compptr = &dinfo->comp_info[i];
-
-      if (jpegSubsamp == TJ_420) {
-        /* When 4:2:0 subsampling is used with IDCT scaling, libjpeg will try
-           to be clever and use the IDCT to perform upsampling on the U and V
-           planes.  For instance, if the output image is to be scaled by 1/2
-           relative to the JPEG image, then the scaling factor and upsampling
-           effectively cancel each other, so a normal 8x8 IDCT can be used.
-           However, this is not desirable when using the decompress-to-YUV
-           functionality in TurboJPEG, since we want to output the U and V
-           planes in their subsampled form.  Thus, we have to override some
-           internal libjpeg parameters to force it to use the "scaled" IDCT
-           functions on the U and V planes. */
-        compptr->_DCT_scaled_size = dctsize;
-        compptr->MCU_sample_width = tjMCUWidth[jpegSubsamp] *
-          sf[sfi].num / sf[sfi].denom *
-          compptr->v_samp_factor / dinfo->max_v_samp_factor;
-        dinfo->idct->inverse_DCT[i] = dinfo->idct->inverse_DCT[0];
-      }
-      crow[i] = row * compptr->v_samp_factor / dinfo->max_v_samp_factor;
-      if (usetmpbuf) yuvptr[i] = tmpbuf[i];
-      else yuvptr[i] = &outbuf[i][crow[i]];
-    }
-    jpeg_read_raw_data(dinfo, yuvptr,
-                       dinfo->max_v_samp_factor * dinfo->_min_DCT_scaled_size);
-    if (usetmpbuf) {
-      int j;
-
-      for (i = 0; i < dinfo->num_components; i++) {
-        for (j = 0; j < MIN(th[i], ph[i] - crow[i]); j++) {
-          memcpy(outbuf[i][crow[i] + j], tmpbuf[i][j], pw[i]);
-        }
-      }
-    }
-  }
-  jpeg_finish_decompress(dinfo);
-
-bailout:
-  if (dinfo->global_state > DSTATE_START) jpeg_abort_decompress(dinfo);
-  for (i = 0; i < MAX_COMPONENTS; i++) {
-    free(tmpbuf[i]);
-    free(outbuf[i]);
-  }
-  free(_tmpbuf);
-  if (this->jerr.warning) retval = -1;
-  this->jerr.stopOnWarning = FALSE;
-  return retval;
-}
-
-DLLEXPORT int tjDecompressToYUV2(tjhandle handle, const unsigned char *jpegBuf,
-                                 unsigned long jpegSize, unsigned char *dstBuf,
-                                 int width, int pad, int height, int flags)
-{
-  unsigned char *dstPlanes[3];
-  int pw0, ph0, strides[3], retval = -1, jpegSubsamp = -1;
-  int i, jpegwidth, jpegheight, scaledw, scaledh;
-
-  GET_DINSTANCE(handle);
-  this->jerr.stopOnWarning = (flags & TJFLAG_STOPONWARNING) ? TRUE : FALSE;
-
-  if (jpegBuf == NULL || jpegSize <= 0 || dstBuf == NULL || width < 0 ||
-      pad < 1 || !IS_POW2(pad) || height < 0)
-    THROW("tjDecompressToYUV2(): Invalid argument");
-
-  if (setjmp(this->jerr.setjmp_buffer)) {
-    /* If we get here, the JPEG code has signaled an error. */
-    return -1;
-  }
-
-  jpeg_mem_src_tj(dinfo, jpegBuf, jpegSize);
-  jpeg_read_header(dinfo, TRUE);
-  jpegSubsamp = getSubsamp(dinfo);
-  if (jpegSubsamp < 0)
-    THROW("tjDecompressToYUV2(): Could not determine subsampling type for JPEG image");
-
-  jpegwidth = dinfo->image_width;  jpegheight = dinfo->image_height;
-  if (width == 0) width = jpegwidth;
-  if (height == 0) height = jpegheight;
-
-  for (i = 0; i < NUMSF; i++) {
-    scaledw = TJSCALED(jpegwidth, sf[i]);
-    scaledh = TJSCALED(jpegheight, sf[i]);
-    if (scaledw <= width && scaledh <= height)
-      break;
-  }
-  if (i >= NUMSF)
-    THROW("tjDecompressToYUV2(): Could not scale down to desired image dimensions");
-
-  pw0 = tjPlaneWidth(0, width, jpegSubsamp);
-  ph0 = tjPlaneHeight(0, height, jpegSubsamp);
-  dstPlanes[0] = dstBuf;
-  strides[0] = PAD(pw0, pad);
-  if (jpegSubsamp == TJSAMP_GRAY) {
-    strides[1] = strides[2] = 0;
-    dstPlanes[1] = dstPlanes[2] = NULL;
-  } else {
-    int pw1 = tjPlaneWidth(1, width, jpegSubsamp);
-    int ph1 = tjPlaneHeight(1, height, jpegSubsamp);
-
-    strides[1] = strides[2] = PAD(pw1, pad);
-    dstPlanes[1] = dstPlanes[0] + strides[0] * ph0;
-    dstPlanes[2] = dstPlanes[1] + strides[1] * ph1;
-  }
-
-  this->headerRead = 1;
-  return tjDecompressToYUVPlanes(handle, jpegBuf, jpegSize, dstPlanes, width,
-                                 strides, height, flags);
-
-bailout:
-  this->jerr.stopOnWarning = FALSE;
-  return retval;
-}
-
-DLLEXPORT int tjDecompressToYUV(tjhandle handle, unsigned char *jpegBuf,
-                                unsigned long jpegSize, unsigned char *dstBuf,
-                                int flags)
-{
-  return tjDecompressToYUV2(handle, jpegBuf, jpegSize, dstBuf, 0, 4, 0, flags);
-}
-
-
-/* Transformer */
-
-DLLEXPORT tjhandle tjInitTransform(void)
-{
-  tjinstance *this = NULL;
-  tjhandle handle = NULL;
-
-  if ((this = (tjinstance *)malloc(sizeof(tjinstance))) == NULL) {
-    snprintf(errStr, JMSG_LENGTH_MAX,
-             "tjInitTransform(): Memory allocation failure");
-    return NULL;
-  }
-  MEMZERO(this, sizeof(tjinstance));
-  snprintf(this->errStr, JMSG_LENGTH_MAX, "No error");
-  handle = _tjInitCompress(this);
-  if (!handle) return NULL;
-  handle = _tjInitDecompress(this);
-  return handle;
-}
-
-
-DLLEXPORT int tjTransform(tjhandle handle, const unsigned char *jpegBuf,
-                          unsigned long jpegSize, int n,
-                          unsigned char **dstBufs, unsigned long *dstSizes,
-                          tjtransform *t, int flags)
-{
-  jpeg_transform_info *xinfo = NULL;
-  jvirt_barray_ptr *srccoefs, *dstcoefs;
-  int retval = 0, alloc = 1, i, jpegSubsamp, saveMarkers = 0;
-  struct my_progress_mgr progress;
-
-  GET_INSTANCE(handle);
-  this->jerr.stopOnWarning = (flags & TJFLAG_STOPONWARNING) ? TRUE : FALSE;
-  if ((this->init & COMPRESS) == 0 || (this->init & DECOMPRESS) == 0)
-    THROW("tjTransform(): Instance has not been initialized for transformation");
-
-  if (jpegBuf == NULL || jpegSize <= 0 || n < 1 || dstBufs == NULL ||
-      dstSizes == NULL || t == NULL || flags < 0)
-    THROW("tjTransform(): Invalid argument");
-
-#ifndef NO_PUTENV
-  if (flags & TJFLAG_FORCEMMX) putenv("JSIMD_FORCEMMX=1");
-  else if (flags & TJFLAG_FORCESSE) putenv("JSIMD_FORCESSE=1");
-  else if (flags & TJFLAG_FORCESSE2) putenv("JSIMD_FORCESSE2=1");
-#endif
-
-  if (flags & TJFLAG_LIMITSCANS) {
-    MEMZERO(&progress, sizeof(struct my_progress_mgr));
-    progress.pub.progress_monitor = my_progress_monitor;
-    progress.this = this;
-    dinfo->progress = &progress.pub;
-  } else
-    dinfo->progress = NULL;
-
-  if ((xinfo =
-       (jpeg_transform_info *)malloc(sizeof(jpeg_transform_info) * n)) == NULL)
-    THROW("tjTransform(): Memory allocation failure");
-  MEMZERO(xinfo, sizeof(jpeg_transform_info) * n);
-
-  if (setjmp(this->jerr.setjmp_buffer)) {
-    /* If we get here, the JPEG code has signaled an error. */
-    retval = -1;  goto bailout;
-  }
-
-  jpeg_mem_src_tj(dinfo, jpegBuf, jpegSize);
-
-  for (i = 0; i < n; i++) {
-    xinfo[i].transform = xformtypes[t[i].op];
-    xinfo[i].perfect = (t[i].options & TJXOPT_PERFECT) ? 1 : 0;
-    xinfo[i].trim = (t[i].options & TJXOPT_TRIM) ? 1 : 0;
-    xinfo[i].force_grayscale = (t[i].options & TJXOPT_GRAY) ? 1 : 0;
-    xinfo[i].crop = (t[i].options & TJXOPT_CROP) ? 1 : 0;
-    if (n != 1 && t[i].op == TJXOP_HFLIP) xinfo[i].slow_hflip = 1;
-    else xinfo[i].slow_hflip = 0;
-
-    if (xinfo[i].crop) {
-      xinfo[i].crop_xoffset = t[i].r.x;  xinfo[i].crop_xoffset_set = JCROP_POS;
-      xinfo[i].crop_yoffset = t[i].r.y;  xinfo[i].crop_yoffset_set = JCROP_POS;
-      if (t[i].r.w != 0) {
-        xinfo[i].crop_width = t[i].r.w;  xinfo[i].crop_width_set = JCROP_POS;
-      } else
-        xinfo[i].crop_width = JCROP_UNSET;
-      if (t[i].r.h != 0) {
-        xinfo[i].crop_height = t[i].r.h;  xinfo[i].crop_height_set = JCROP_POS;
-      } else
-        xinfo[i].crop_height = JCROP_UNSET;
-    }
-    if (!(t[i].options & TJXOPT_COPYNONE)) saveMarkers = 1;
-  }
-
-  jcopy_markers_setup(dinfo, saveMarkers ? JCOPYOPT_ALL : JCOPYOPT_NONE);
-  jpeg_read_header(dinfo, TRUE);
-  jpegSubsamp = getSubsamp(dinfo);
-  if (jpegSubsamp < 0)
-    THROW("tjTransform(): Could not determine subsampling type for JPEG image");
-
-  for (i = 0; i < n; i++) {
-    if (!jtransform_request_workspace(dinfo, &xinfo[i]))
-      THROW("tjTransform(): Transform is not perfect");
-
-    if (xinfo[i].crop) {
-      if ((t[i].r.x % xinfo[i].iMCU_sample_width) != 0 ||
-          (t[i].r.y % xinfo[i].iMCU_sample_height) != 0) {
-        snprintf(this->errStr, JMSG_LENGTH_MAX,
-                 "To crop this JPEG image, x must be a multiple of %d\n"
-                 "and y must be a multiple of %d.\n",
-                 xinfo[i].iMCU_sample_width, xinfo[i].iMCU_sample_height);
-        this->isInstanceError = TRUE;
-        retval = -1;  goto bailout;
-      }
-    }
-  }
-
-  srccoefs = jpeg_read_coefficients(dinfo);
-
-  for (i = 0; i < n; i++) {
-    int w, h;
-
-    if (!xinfo[i].crop) {
-      w = dinfo->image_width;  h = dinfo->image_height;
-    } else {
-      w = xinfo[i].crop_width;  h = xinfo[i].crop_height;
-    }
-    if (flags & TJFLAG_NOREALLOC) {
-      alloc = 0;  dstSizes[i] = tjBufSize(w, h, jpegSubsamp);
-    }
-    if (!(t[i].options & TJXOPT_NOOUTPUT))
-      jpeg_mem_dest_tj(cinfo, &dstBufs[i], &dstSizes[i], alloc);
-    jpeg_copy_critical_parameters(dinfo, cinfo);
-    dstcoefs = jtransform_adjust_parameters(dinfo, cinfo, srccoefs, &xinfo[i]);
-    if (flags & TJFLAG_PROGRESSIVE || t[i].options & TJXOPT_PROGRESSIVE)
-      jpeg_simple_progression(cinfo);
-    if (!(t[i].options & TJXOPT_NOOUTPUT)) {
-      jpeg_write_coefficients(cinfo, dstcoefs);
-      jcopy_markers_execute(dinfo, cinfo, t[i].options & TJXOPT_COPYNONE ?
-                                          JCOPYOPT_NONE : JCOPYOPT_ALL);
-    } else
-      jinit_c_master_control(cinfo, TRUE);
-    jtransform_execute_transformation(dinfo, cinfo, srccoefs, &xinfo[i]);
-    if (t[i].customFilter) {
-      int ci, y;
-      JDIMENSION by;
-
-      for (ci = 0; ci < cinfo->num_components; ci++) {
-        jpeg_component_info *compptr = &cinfo->comp_info[ci];
-        tjregion arrayRegion = {
-          0, 0, compptr->width_in_blocks * DCTSIZE, DCTSIZE
-        };
-        tjregion planeRegion = {
-          0, 0, compptr->width_in_blocks * DCTSIZE,
-          compptr->height_in_blocks * DCTSIZE
-        };
-
-        for (by = 0; by < compptr->height_in_blocks;
-             by += compptr->v_samp_factor) {
-          JBLOCKARRAY barray = (dinfo->mem->access_virt_barray)
-            ((j_common_ptr)dinfo, dstcoefs[ci], by, compptr->v_samp_factor,
-             TRUE);
-
-          for (y = 0; y < compptr->v_samp_factor; y++) {
-            if (t[i].customFilter(barray[y][0], arrayRegion, planeRegion, ci,
-                                  i, &t[i]) == -1)
-              THROW("tjTransform(): Error in custom filter");
-            arrayRegion.y += DCTSIZE;
-          }
-        }
-      }
-    }
-    if (!(t[i].options & TJXOPT_NOOUTPUT)) jpeg_finish_compress(cinfo);
-  }
-
-  jpeg_finish_decompress(dinfo);
-
-bailout:
-  if (cinfo->global_state > CSTATE_START) {
-    if (alloc) (*cinfo->dest->term_destination) (cinfo);
-    jpeg_abort_compress(cinfo);
-  }
-  if (dinfo->global_state > DSTATE_START) jpeg_abort_decompress(dinfo);
-  free(xinfo);
-  if (this->jerr.warning) retval = -1;
-  this->jerr.stopOnWarning = FALSE;
-  return retval;
-}
-
-
-DLLEXPORT unsigned char *tjLoadImage(const char *filename, int *width,
-                                     int align, int *height, int *pixelFormat,
-                                     int flags)
-{
-  int retval = 0, tempc;
-  size_t pitch;
-  tjhandle handle = NULL;
-  tjinstance *this;
-  j_compress_ptr cinfo = NULL;
-  cjpeg_source_ptr src;
-  unsigned char *dstBuf = NULL;
-  FILE *file = NULL;
-  boolean invert;
-
-  if (!filename || !width || align < 1 || !height || !pixelFormat ||
-      *pixelFormat < TJPF_UNKNOWN || *pixelFormat >= TJ_NUMPF)
-    THROWG("tjLoadImage(): Invalid argument");
-  if ((align & (align - 1)) != 0)
-    THROWG("tjLoadImage(): Alignment must be a power of 2");
-
-  if ((handle = tjInitCompress()) == NULL) return NULL;
-  this = (tjinstance *)handle;
-  cinfo = &this->cinfo;
-
-  if ((file = fopen(filename, "rb")) == NULL)
-    THROW_UNIX("tjLoadImage(): Cannot open input file");
-
-  if ((tempc = getc(file)) < 0 || ungetc(tempc, file) == EOF)
-    THROW_UNIX("tjLoadImage(): Could not read input file")
-  else if (tempc == EOF)
-    THROWG("tjLoadImage(): Input file contains no data");
-
-  if (setjmp(this->jerr.setjmp_buffer)) {
-    /* If we get here, the JPEG code has signaled an error. */
-    retval = -1;  goto bailout;
-  }
-
-  if (*pixelFormat == TJPF_UNKNOWN) cinfo->in_color_space = JCS_UNKNOWN;
-  else cinfo->in_color_space = pf2cs[*pixelFormat];
-  if (tempc == 'B') {
-    if ((src = jinit_read_bmp(cinfo, FALSE)) == NULL)
-      THROWG("tjLoadImage(): Could not initialize bitmap loader");
-    invert = (flags & TJFLAG_BOTTOMUP) == 0;
-  } else if (tempc == 'P') {
-    if ((src = jinit_read_ppm(cinfo)) == NULL)
-      THROWG("tjLoadImage(): Could not initialize bitmap loader");
-    invert = (flags & TJFLAG_BOTTOMUP) != 0;
-  } else
-    THROWG("tjLoadImage(): Unsupported file type");
-
-  src->input_file = file;
-#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
-  /* Refuse to load images larger than 1 Megapixel when fuzzing. */
-  if (flags & TJFLAG_FUZZING)
-    src->max_pixels = 1048576;
-#endif
-  (*src->start_input) (cinfo, src);
-  (*cinfo->mem->realize_virt_arrays) ((j_common_ptr)cinfo);
-
-  *width = cinfo->image_width;  *height = cinfo->image_height;
-  *pixelFormat = cs2pf[cinfo->in_color_space];
-
-  pitch = PAD((*width) * tjPixelSize[*pixelFormat], align);
-  if ((unsigned long long)pitch * (unsigned long long)(*height) >
-      (unsigned long long)((size_t)-1) ||
-      (dstBuf = (unsigned char *)malloc(pitch * (*height))) == NULL)
-    THROWG("tjLoadImage(): Memory allocation failure");
-
-  if (setjmp(this->jerr.setjmp_buffer)) {
-    /* If we get here, the JPEG code has signaled an error. */
-    retval = -1;  goto bailout;
-  }
-
-  while (cinfo->next_scanline < cinfo->image_height) {
-    int i, nlines = (*src->get_pixel_rows) (cinfo, src);
-
-    for (i = 0; i < nlines; i++) {
-      unsigned char *dstptr;
-      int row;
-
-      row = cinfo->next_scanline + i;
-      if (invert) dstptr = &dstBuf[((*height) - row - 1) * pitch];
-      else dstptr = &dstBuf[row * pitch];
-      memcpy(dstptr, src->buffer[i], (*width) * tjPixelSize[*pixelFormat]);
-    }
-    cinfo->next_scanline += nlines;
-  }
-
-  (*src->finish_input) (cinfo, src);
-
-bailout:
-  if (handle) tjDestroy(handle);
-  if (file) fclose(file);
-  if (retval < 0) { free(dstBuf);  dstBuf = NULL; }
-  return dstBuf;
-}
-
-
-DLLEXPORT int tjSaveImage(const char *filename, unsigned char *buffer,
-                          int width, int pitch, int height, int pixelFormat,
-                          int flags)
-{
-  int retval = 0;
-  tjhandle handle = NULL;
-  tjinstance *this;
-  j_decompress_ptr dinfo = NULL;
-  djpeg_dest_ptr dst;
-  FILE *file = NULL;
-  char *ptr = NULL;
-  boolean invert;
-
-  if (!filename || !buffer || width < 1 || pitch < 0 || height < 1 ||
-      pixelFormat < 0 || pixelFormat >= TJ_NUMPF)
-    THROWG("tjSaveImage(): Invalid argument");
-
-  if ((handle = tjInitDecompress()) == NULL)
-    return -1;
-  this = (tjinstance *)handle;
-  dinfo = &this->dinfo;
-
-  if ((file = fopen(filename, "wb")) == NULL)
-    THROW_UNIX("tjSaveImage(): Cannot open output file");
-
-  if (setjmp(this->jerr.setjmp_buffer)) {
-    /* If we get here, the JPEG code has signaled an error. */
-    retval = -1;  goto bailout;
-  }
-
-  this->dinfo.out_color_space = pf2cs[pixelFormat];
-  dinfo->image_width = width;  dinfo->image_height = height;
-  dinfo->global_state = DSTATE_READY;
-  dinfo->scale_num = dinfo->scale_denom = 1;
-
-  ptr = strrchr(filename, '.');
-  if (ptr && !strcasecmp(ptr, ".bmp")) {
-    if ((dst = jinit_write_bmp(dinfo, FALSE, FALSE)) == NULL)
-      THROWG("tjSaveImage(): Could not initialize bitmap writer");
-    invert = (flags & TJFLAG_BOTTOMUP) == 0;
-  } else {
-    if ((dst = jinit_write_ppm(dinfo)) == NULL)
-      THROWG("tjSaveImage(): Could not initialize PPM writer");
-    invert = (flags & TJFLAG_BOTTOMUP) != 0;
-  }
-
-  dst->output_file = file;
-  (*dst->start_output) (dinfo, dst);
-  (*dinfo->mem->realize_virt_arrays) ((j_common_ptr)dinfo);
-
-  if (pitch == 0) pitch = width * tjPixelSize[pixelFormat];
-
-  while (dinfo->output_scanline < dinfo->output_height) {
-    unsigned char *rowptr;
-
-    if (invert)
-      rowptr = &buffer[(height - dinfo->output_scanline - 1) * pitch];
-    else
-      rowptr = &buffer[dinfo->output_scanline * pitch];
-    memcpy(dst->buffer[0], rowptr, width * tjPixelSize[pixelFormat]);
-    (*dst->put_pixel_rows) (dinfo, dst, 1);
-    dinfo->output_scanline++;
-  }
-
-  (*dst->finish_output) (dinfo, dst);
-
-bailout:
-  if (handle) tjDestroy(handle);
-  if (file) fclose(file);
-  return retval;
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/turbojpeg.h b/3rdparty/libjpeg-turbo_2_1_0/turbojpeg.h
deleted file mode 100644
index c2f6b51..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/turbojpeg.h
+++ /dev/null
@@ -1,1756 +0,0 @@
-/*
- * Copyright (C)2009-2015, 2017, 2020-2021 D. R. Commander.
- *                                         All Rights Reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- * - Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- * - Neither the name of the libjpeg-turbo Project nor the names of its
- *   contributors may be used to endorse or promote products derived from this
- *   software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS",
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-#ifndef __TURBOJPEG_H__
-#define __TURBOJPEG_H__
-
-#if defined(_WIN32) && defined(DLLDEFINE)
-#define DLLEXPORT  __declspec(dllexport)
-#else
-#define DLLEXPORT
-#endif
-#define DLLCALL
-
-
-/**
- * @addtogroup TurboJPEG
- * TurboJPEG API.  This API provides an interface for generating, decoding, and
- * transforming planar YUV and JPEG images in memory.
- *
- * @anchor YUVnotes
- * YUV Image Format Notes
- * ----------------------
- * Technically, the JPEG format uses the YCbCr colorspace (which is technically
- * not a colorspace but a color transform), but per the convention of the
- * digital video community, the TurboJPEG API uses "YUV" to refer to an image
- * format consisting of Y, Cb, and Cr image planes.
- *
- * Each plane is simply a 2D array of bytes, each byte representing the value
- * of one of the components (Y, Cb, or Cr) at a particular location in the
- * image.  The width and height of each plane are determined by the image
- * width, height, and level of chrominance subsampling.   The luminance plane
- * width is the image width padded to the nearest multiple of the horizontal
- * subsampling factor (2 in the case of 4:2:0 and 4:2:2, 4 in the case of
- * 4:1:1, 1 in the case of 4:4:4 or grayscale.)  Similarly, the luminance plane
- * height is the image height padded to the nearest multiple of the vertical
- * subsampling factor (2 in the case of 4:2:0 or 4:4:0, 1 in the case of 4:4:4
- * or grayscale.)  This is irrespective of any additional padding that may be
- * specified as an argument to the various YUV functions.  The chrominance
- * plane width is equal to the luminance plane width divided by the horizontal
- * subsampling factor, and the chrominance plane height is equal to the
- * luminance plane height divided by the vertical subsampling factor.
- *
- * For example, if the source image is 35 x 35 pixels and 4:2:2 subsampling is
- * used, then the luminance plane would be 36 x 35 bytes, and each of the
- * chrominance planes would be 18 x 35 bytes.  If you specify a line padding of
- * 4 bytes on top of this, then the luminance plane would be 36 x 35 bytes, and
- * each of the chrominance planes would be 20 x 35 bytes.
- *
- * @{
- */
-
-
-/**
- * The number of chrominance subsampling options
- */
-#define TJ_NUMSAMP  6
-
-/**
- * Chrominance subsampling options.
- * When pixels are converted from RGB to YCbCr (see #TJCS_YCbCr) or from CMYK
- * to YCCK (see #TJCS_YCCK) as part of the JPEG compression process, some of
- * the Cb and Cr (chrominance) components can be discarded or averaged together
- * to produce a smaller image with little perceptible loss of image clarity
- * (the human eye is more sensitive to small changes in brightness than to
- * small changes in color.)  This is called "chrominance subsampling".
- */
-enum TJSAMP {
-  /**
-   * 4:4:4 chrominance subsampling (no chrominance subsampling).  The JPEG or
-   * YUV image will contain one chrominance component for every pixel in the
-   * source image.
-   */
-  TJSAMP_444 = 0,
-  /**
-   * 4:2:2 chrominance subsampling.  The JPEG or YUV image will contain one
-   * chrominance component for every 2x1 block of pixels in the source image.
-   */
-  TJSAMP_422,
-  /**
-   * 4:2:0 chrominance subsampling.  The JPEG or YUV image will contain one
-   * chrominance component for every 2x2 block of pixels in the source image.
-   */
-  TJSAMP_420,
-  /**
-   * Grayscale.  The JPEG or YUV image will contain no chrominance components.
-   */
-  TJSAMP_GRAY,
-  /**
-   * 4:4:0 chrominance subsampling.  The JPEG or YUV image will contain one
-   * chrominance component for every 1x2 block of pixels in the source image.
-   *
-   * @note 4:4:0 subsampling is not fully accelerated in libjpeg-turbo.
-   */
-  TJSAMP_440,
-  /**
-   * 4:1:1 chrominance subsampling.  The JPEG or YUV image will contain one
-   * chrominance component for every 4x1 block of pixels in the source image.
-   * JPEG images compressed with 4:1:1 subsampling will be almost exactly the
-   * same size as those compressed with 4:2:0 subsampling, and in the
-   * aggregate, both subsampling methods produce approximately the same
-   * perceptual quality.  However, 4:1:1 is better able to reproduce sharp
-   * horizontal features.
-   *
-   * @note 4:1:1 subsampling is not fully accelerated in libjpeg-turbo.
-   */
-  TJSAMP_411
-};
-
-/**
- * MCU block width (in pixels) for a given level of chrominance subsampling.
- * MCU block sizes:
- * - 8x8 for no subsampling or grayscale
- * - 16x8 for 4:2:2
- * - 8x16 for 4:4:0
- * - 16x16 for 4:2:0
- * - 32x8 for 4:1:1
- */
-static const int tjMCUWidth[TJ_NUMSAMP]  = { 8, 16, 16, 8, 8, 32 };
-
-/**
- * MCU block height (in pixels) for a given level of chrominance subsampling.
- * MCU block sizes:
- * - 8x8 for no subsampling or grayscale
- * - 16x8 for 4:2:2
- * - 8x16 for 4:4:0
- * - 16x16 for 4:2:0
- * - 32x8 for 4:1:1
- */
-static const int tjMCUHeight[TJ_NUMSAMP] = { 8, 8, 16, 8, 16, 8 };
-
-
-/**
- * The number of pixel formats
- */
-#define TJ_NUMPF  12
-
-/**
- * Pixel formats
- */
-enum TJPF {
-  /**
-   * RGB pixel format.  The red, green, and blue components in the image are
-   * stored in 3-byte pixels in the order R, G, B from lowest to highest byte
-   * address within each pixel.
-   */
-  TJPF_RGB = 0,
-  /**
-   * BGR pixel format.  The red, green, and blue components in the image are
-   * stored in 3-byte pixels in the order B, G, R from lowest to highest byte
-   * address within each pixel.
-   */
-  TJPF_BGR,
-  /**
-   * RGBX pixel format.  The red, green, and blue components in the image are
-   * stored in 4-byte pixels in the order R, G, B from lowest to highest byte
-   * address within each pixel.  The X component is ignored when compressing
-   * and undefined when decompressing.
-   */
-  TJPF_RGBX,
-  /**
-   * BGRX pixel format.  The red, green, and blue components in the image are
-   * stored in 4-byte pixels in the order B, G, R from lowest to highest byte
-   * address within each pixel.  The X component is ignored when compressing
-   * and undefined when decompressing.
-   */
-  TJPF_BGRX,
-  /**
-   * XBGR pixel format.  The red, green, and blue components in the image are
-   * stored in 4-byte pixels in the order R, G, B from highest to lowest byte
-   * address within each pixel.  The X component is ignored when compressing
-   * and undefined when decompressing.
-   */
-  TJPF_XBGR,
-  /**
-   * XRGB pixel format.  The red, green, and blue components in the image are
-   * stored in 4-byte pixels in the order B, G, R from highest to lowest byte
-   * address within each pixel.  The X component is ignored when compressing
-   * and undefined when decompressing.
-   */
-  TJPF_XRGB,
-  /**
-   * Grayscale pixel format.  Each 1-byte pixel represents a luminance
-   * (brightness) level from 0 to 255.
-   */
-  TJPF_GRAY,
-  /**
-   * RGBA pixel format.  This is the same as @ref TJPF_RGBX, except that when
-   * decompressing, the X component is guaranteed to be 0xFF, which can be
-   * interpreted as an opaque alpha channel.
-   */
-  TJPF_RGBA,
-  /**
-   * BGRA pixel format.  This is the same as @ref TJPF_BGRX, except that when
-   * decompressing, the X component is guaranteed to be 0xFF, which can be
-   * interpreted as an opaque alpha channel.
-   */
-  TJPF_BGRA,
-  /**
-   * ABGR pixel format.  This is the same as @ref TJPF_XBGR, except that when
-   * decompressing, the X component is guaranteed to be 0xFF, which can be
-   * interpreted as an opaque alpha channel.
-   */
-  TJPF_ABGR,
-  /**
-   * ARGB pixel format.  This is the same as @ref TJPF_XRGB, except that when
-   * decompressing, the X component is guaranteed to be 0xFF, which can be
-   * interpreted as an opaque alpha channel.
-   */
-  TJPF_ARGB,
-  /**
-   * CMYK pixel format.  Unlike RGB, which is an additive color model used
-   * primarily for display, CMYK (Cyan/Magenta/Yellow/Key) is a subtractive
-   * color model used primarily for printing.  In the CMYK color model, the
-   * value of each color component typically corresponds to an amount of cyan,
-   * magenta, yellow, or black ink that is applied to a white background.  In
-   * order to convert between CMYK and RGB, it is necessary to use a color
-   * management system (CMS.)  A CMS will attempt to map colors within the
-   * printer's gamut to perceptually similar colors in the display's gamut and
-   * vice versa, but the mapping is typically not 1:1 or reversible, nor can it
-   * be defined with a simple formula.  Thus, such a conversion is out of scope
-   * for a codec library.  However, the TurboJPEG API allows for compressing
-   * CMYK pixels into a YCCK JPEG image (see #TJCS_YCCK) and decompressing YCCK
-   * JPEG images into CMYK pixels.
-   */
-  TJPF_CMYK,
-  /**
-   * Unknown pixel format.  Currently this is only used by #tjLoadImage().
-   */
-  TJPF_UNKNOWN = -1
-};
-
-/**
- * Red offset (in bytes) for a given pixel format.  This specifies the number
- * of bytes that the red component is offset from the start of the pixel.  For
- * instance, if a pixel of format TJ_BGRX is stored in <tt>char pixel[]</tt>,
- * then the red component will be <tt>pixel[tjRedOffset[TJ_BGRX]]</tt>.  This
- * will be -1 if the pixel format does not have a red component.
- */
-static const int tjRedOffset[TJ_NUMPF] = {
-  0, 2, 0, 2, 3, 1, -1, 0, 2, 3, 1, -1
-};
-/**
- * Green offset (in bytes) for a given pixel format.  This specifies the number
- * of bytes that the green component is offset from the start of the pixel.
- * For instance, if a pixel of format TJ_BGRX is stored in
- * <tt>char pixel[]</tt>, then the green component will be
- * <tt>pixel[tjGreenOffset[TJ_BGRX]]</tt>.  This will be -1 if the pixel format
- * does not have a green component.
- */
-static const int tjGreenOffset[TJ_NUMPF] = {
-  1, 1, 1, 1, 2, 2, -1, 1, 1, 2, 2, -1
-};
-/**
- * Blue offset (in bytes) for a given pixel format.  This specifies the number
- * of bytes that the Blue component is offset from the start of the pixel.  For
- * instance, if a pixel of format TJ_BGRX is stored in <tt>char pixel[]</tt>,
- * then the blue component will be <tt>pixel[tjBlueOffset[TJ_BGRX]]</tt>.  This
- * will be -1 if the pixel format does not have a blue component.
- */
-static const int tjBlueOffset[TJ_NUMPF] = {
-  2, 0, 2, 0, 1, 3, -1, 2, 0, 1, 3, -1
-};
-/**
- * Alpha offset (in bytes) for a given pixel format.  This specifies the number
- * of bytes that the Alpha component is offset from the start of the pixel.
- * For instance, if a pixel of format TJ_BGRA is stored in
- * <tt>char pixel[]</tt>, then the alpha component will be
- * <tt>pixel[tjAlphaOffset[TJ_BGRA]]</tt>.  This will be -1 if the pixel format
- * does not have an alpha component.
- */
-static const int tjAlphaOffset[TJ_NUMPF] = {
-  -1, -1, -1, -1, -1, -1, -1, 3, 3, 0, 0, -1
-};
-/**
- * Pixel size (in bytes) for a given pixel format
- */
-static const int tjPixelSize[TJ_NUMPF] = {
-  3, 3, 4, 4, 4, 4, 1, 4, 4, 4, 4, 4
-};
-
-
-/**
- * The number of JPEG colorspaces
- */
-#define TJ_NUMCS  5
-
-/**
- * JPEG colorspaces
- */
-enum TJCS {
-  /**
-   * RGB colorspace.  When compressing the JPEG image, the R, G, and B
-   * components in the source image are reordered into image planes, but no
-   * colorspace conversion or subsampling is performed.  RGB JPEG images can be
-   * decompressed to any of the extended RGB pixel formats or grayscale, but
-   * they cannot be decompressed to YUV images.
-   */
-  TJCS_RGB = 0,
-  /**
-   * YCbCr colorspace.  YCbCr is not an absolute colorspace but rather a
-   * mathematical transformation of RGB designed solely for storage and
-   * transmission.  YCbCr images must be converted to RGB before they can
-   * actually be displayed.  In the YCbCr colorspace, the Y (luminance)
-   * component represents the black & white portion of the original image, and
-   * the Cb and Cr (chrominance) components represent the color portion of the
-   * original image.  Originally, the analog equivalent of this transformation
-   * allowed the same signal to drive both black & white and color televisions,
-   * but JPEG images use YCbCr primarily because it allows the color data to be
-   * optionally subsampled for the purposes of reducing bandwidth or disk
-   * space.  YCbCr is the most common JPEG colorspace, and YCbCr JPEG images
-   * can be compressed from and decompressed to any of the extended RGB pixel
-   * formats or grayscale, or they can be decompressed to YUV planar images.
-   */
-  TJCS_YCbCr,
-  /**
-   * Grayscale colorspace.  The JPEG image retains only the luminance data (Y
-   * component), and any color data from the source image is discarded.
-   * Grayscale JPEG images can be compressed from and decompressed to any of
-   * the extended RGB pixel formats or grayscale, or they can be decompressed
-   * to YUV planar images.
-   */
-  TJCS_GRAY,
-  /**
-   * CMYK colorspace.  When compressing the JPEG image, the C, M, Y, and K
-   * components in the source image are reordered into image planes, but no
-   * colorspace conversion or subsampling is performed.  CMYK JPEG images can
-   * only be decompressed to CMYK pixels.
-   */
-  TJCS_CMYK,
-  /**
-   * YCCK colorspace.  YCCK (AKA "YCbCrK") is not an absolute colorspace but
-   * rather a mathematical transformation of CMYK designed solely for storage
-   * and transmission.  It is to CMYK as YCbCr is to RGB.  CMYK pixels can be
-   * reversibly transformed into YCCK, and as with YCbCr, the chrominance
-   * components in the YCCK pixels can be subsampled without incurring major
-   * perceptual loss.  YCCK JPEG images can only be compressed from and
-   * decompressed to CMYK pixels.
-   */
-  TJCS_YCCK
-};
-
-
-/**
- * The uncompressed source/destination image is stored in bottom-up (Windows,
- * OpenGL) order, not top-down (X11) order.
- */
-#define TJFLAG_BOTTOMUP  2
-/**
- * When decompressing an image that was compressed using chrominance
- * subsampling, use the fastest chrominance upsampling algorithm available in
- * the underlying codec.  The default is to use smooth upsampling, which
- * creates a smooth transition between neighboring chrominance components in
- * order to reduce upsampling artifacts in the decompressed image.
- */
-#define TJFLAG_FASTUPSAMPLE  256
-/**
- * Disable buffer (re)allocation.  If passed to one of the JPEG compression or
- * transform functions, this flag will cause those functions to generate an
- * error if the JPEG image buffer is invalid or too small rather than
- * attempting to allocate or reallocate that buffer.  This reproduces the
- * behavior of earlier versions of TurboJPEG.
- */
-#define TJFLAG_NOREALLOC  1024
-/**
- * Use the fastest DCT/IDCT algorithm available in the underlying codec.  The
- * default if this flag is not specified is implementation-specific.  For
- * example, the implementation of TurboJPEG for libjpeg[-turbo] uses the fast
- * algorithm by default when compressing, because this has been shown to have
- * only a very slight effect on accuracy, but it uses the accurate algorithm
- * when decompressing, because this has been shown to have a larger effect.
- */
-#define TJFLAG_FASTDCT  2048
-/**
- * Use the most accurate DCT/IDCT algorithm available in the underlying codec.
- * The default if this flag is not specified is implementation-specific.  For
- * example, the implementation of TurboJPEG for libjpeg[-turbo] uses the fast
- * algorithm by default when compressing, because this has been shown to have
- * only a very slight effect on accuracy, but it uses the accurate algorithm
- * when decompressing, because this has been shown to have a larger effect.
- */
-#define TJFLAG_ACCURATEDCT  4096
-/**
- * Immediately discontinue the current compression/decompression/transform
- * operation if the underlying codec throws a warning (non-fatal error).  The
- * default behavior is to allow the operation to complete unless a fatal error
- * is encountered.
- */
-#define TJFLAG_STOPONWARNING  8192
-/**
- * Use progressive entropy coding in JPEG images generated by the compression
- * and transform functions.  Progressive entropy coding will generally improve
- * compression relative to baseline entropy coding (the default), but it will
- * reduce compression and decompression performance considerably.
- */
-#define TJFLAG_PROGRESSIVE  16384
-/**
- * Limit the number of progressive JPEG scans that the decompression and
- * transform functions will process.  If a progressive JPEG image contains an
- * unreasonably large number of scans, then this flag will cause the
- * decompression and transform functions to return an error.  The primary
- * purpose of this is to allow security-critical applications to guard against
- * an exploit of the progressive JPEG format described in
- * <a href="https://libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf" target="_blank">this report</a>.
- */
-#define TJFLAG_LIMITSCANS  32768
-
-
-/**
- * The number of error codes
- */
-#define TJ_NUMERR  2
-
-/**
- * Error codes
- */
-enum TJERR {
-  /**
-   * The error was non-fatal and recoverable, but the image may still be
-   * corrupt.
-   */
-  TJERR_WARNING = 0,
-  /**
-   * The error was fatal and non-recoverable.
-   */
-  TJERR_FATAL
-};
-
-
-/**
- * The number of transform operations
- */
-#define TJ_NUMXOP  8
-
-/**
- * Transform operations for #tjTransform()
- */
-enum TJXOP {
-  /**
-   * Do not transform the position of the image pixels
-   */
-  TJXOP_NONE = 0,
-  /**
-   * Flip (mirror) image horizontally.  This transform is imperfect if there
-   * are any partial MCU blocks on the right edge (see #TJXOPT_PERFECT.)
-   */
-  TJXOP_HFLIP,
-  /**
-   * Flip (mirror) image vertically.  This transform is imperfect if there are
-   * any partial MCU blocks on the bottom edge (see #TJXOPT_PERFECT.)
-   */
-  TJXOP_VFLIP,
-  /**
-   * Transpose image (flip/mirror along upper left to lower right axis.)  This
-   * transform is always perfect.
-   */
-  TJXOP_TRANSPOSE,
-  /**
-   * Transverse transpose image (flip/mirror along upper right to lower left
-   * axis.)  This transform is imperfect if there are any partial MCU blocks in
-   * the image (see #TJXOPT_PERFECT.)
-   */
-  TJXOP_TRANSVERSE,
-  /**
-   * Rotate image clockwise by 90 degrees.  This transform is imperfect if
-   * there are any partial MCU blocks on the bottom edge (see
-   * #TJXOPT_PERFECT.)
-   */
-  TJXOP_ROT90,
-  /**
-   * Rotate image 180 degrees.  This transform is imperfect if there are any
-   * partial MCU blocks in the image (see #TJXOPT_PERFECT.)
-   */
-  TJXOP_ROT180,
-  /**
-   * Rotate image counter-clockwise by 90 degrees.  This transform is imperfect
-   * if there are any partial MCU blocks on the right edge (see
-   * #TJXOPT_PERFECT.)
-   */
-  TJXOP_ROT270
-};
-
-
-/**
- * This option will cause #tjTransform() to return an error if the transform is
- * not perfect.  Lossless transforms operate on MCU blocks, whose size depends
- * on the level of chrominance subsampling used (see #tjMCUWidth
- * and #tjMCUHeight.)  If the image's width or height is not evenly divisible
- * by the MCU block size, then there will be partial MCU blocks on the right
- * and/or bottom edges.  It is not possible to move these partial MCU blocks to
- * the top or left of the image, so any transform that would require that is
- * "imperfect."  If this option is not specified, then any partial MCU blocks
- * that cannot be transformed will be left in place, which will create
- * odd-looking strips on the right or bottom edge of the image.
- */
-#define TJXOPT_PERFECT  1
-/**
- * This option will cause #tjTransform() to discard any partial MCU blocks that
- * cannot be transformed.
- */
-#define TJXOPT_TRIM  2
-/**
- * This option will enable lossless cropping.  See #tjTransform() for more
- * information.
- */
-#define TJXOPT_CROP  4
-/**
- * This option will discard the color data in the input image and produce
- * a grayscale output image.
- */
-#define TJXOPT_GRAY  8
-/**
- * This option will prevent #tjTransform() from outputting a JPEG image for
- * this particular transform (this can be used in conjunction with a custom
- * filter to capture the transformed DCT coefficients without transcoding
- * them.)
- */
-#define TJXOPT_NOOUTPUT  16
-/**
- * This option will enable progressive entropy coding in the output image
- * generated by this particular transform.  Progressive entropy coding will
- * generally improve compression relative to baseline entropy coding (the
- * default), but it will reduce compression and decompression performance
- * considerably.
- */
-#define TJXOPT_PROGRESSIVE  32
-/**
- * This option will prevent #tjTransform() from copying any extra markers
- * (including EXIF and ICC profile data) from the source image to the output
- * image.
- */
-#define TJXOPT_COPYNONE  64
-
-
-/**
- * Scaling factor
- */
-typedef struct {
-  /**
-   * Numerator
-   */
-  int num;
-  /**
-   * Denominator
-   */
-  int denom;
-} tjscalingfactor;
-
-/**
- * Cropping region
- */
-typedef struct {
-  /**
-   * The left boundary of the cropping region.  This must be evenly divisible
-   * by the MCU block width (see #tjMCUWidth.)
-   */
-  int x;
-  /**
-   * The upper boundary of the cropping region.  This must be evenly divisible
-   * by the MCU block height (see #tjMCUHeight.)
-   */
-  int y;
-  /**
-   * The width of the cropping region. Setting this to 0 is the equivalent of
-   * setting it to the width of the source JPEG image - x.
-   */
-  int w;
-  /**
-   * The height of the cropping region. Setting this to 0 is the equivalent of
-   * setting it to the height of the source JPEG image - y.
-   */
-  int h;
-} tjregion;
-
-/**
- * Lossless transform
- */
-typedef struct tjtransform {
-  /**
-   * Cropping region
-   */
-  tjregion r;
-  /**
-   * One of the @ref TJXOP "transform operations"
-   */
-  int op;
-  /**
-   * The bitwise OR of one of more of the @ref TJXOPT_CROP "transform options"
-   */
-  int options;
-  /**
-   * Arbitrary data that can be accessed within the body of the callback
-   * function
-   */
-  void *data;
-  /**
-   * A callback function that can be used to modify the DCT coefficients
-   * after they are losslessly transformed but before they are transcoded to a
-   * new JPEG image.  This allows for custom filters or other transformations
-   * to be applied in the frequency domain.
-   *
-   * @param coeffs pointer to an array of transformed DCT coefficients.  (NOTE:
-   * this pointer is not guaranteed to be valid once the callback returns, so
-   * applications wishing to hand off the DCT coefficients to another function
-   * or library should make a copy of them within the body of the callback.)
-   *
-   * @param arrayRegion #tjregion structure containing the width and height of
-   * the array pointed to by <tt>coeffs</tt> as well as its offset relative to
-   * the component plane.  TurboJPEG implementations may choose to split each
-   * component plane into multiple DCT coefficient arrays and call the callback
-   * function once for each array.
-   *
-   * @param planeRegion #tjregion structure containing the width and height of
-   * the component plane to which <tt>coeffs</tt> belongs
-   *
-   * @param componentID ID number of the component plane to which
-   * <tt>coeffs</tt> belongs (Y, Cb, and Cr have, respectively, ID's of 0, 1,
-   * and 2 in typical JPEG images.)
-   *
-   * @param transformID ID number of the transformed image to which
-   * <tt>coeffs</tt> belongs.  This is the same as the index of the transform
-   * in the <tt>transforms</tt> array that was passed to #tjTransform().
-   *
-   * @param transform a pointer to a #tjtransform structure that specifies the
-   * parameters and/or cropping region for this transform
-   *
-   * @return 0 if the callback was successful, or -1 if an error occurred.
-   */
-  int (*customFilter) (short *coeffs, tjregion arrayRegion,
-                       tjregion planeRegion, int componentIndex,
-                       int transformIndex, struct tjtransform *transform);
-} tjtransform;
-
-/**
- * TurboJPEG instance handle
- */
-typedef void *tjhandle;
-
-
-/**
- * Pad the given width to the nearest 32-bit boundary
- */
-#define TJPAD(width)  (((width) + 3) & (~3))
-
-/**
- * Compute the scaled value of <tt>dimension</tt> using the given scaling
- * factor.  This macro performs the integer equivalent of <tt>ceil(dimension *
- * scalingFactor)</tt>.
- */
-#define TJSCALED(dimension, scalingFactor) \
-  ((dimension * scalingFactor.num + scalingFactor.denom - 1) / \
-   scalingFactor.denom)
-
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-
-/**
- * Create a TurboJPEG compressor instance.
- *
- * @return a handle to the newly-created instance, or NULL if an error
- * occurred (see #tjGetErrorStr2().)
- */
-DLLEXPORT tjhandle tjInitCompress(void);
-
-
-/**
- * Compress an RGB, grayscale, or CMYK image into a JPEG image.
- *
- * @param handle a handle to a TurboJPEG compressor or transformer instance
- *
- * @param srcBuf pointer to an image buffer containing RGB, grayscale, or
- * CMYK pixels to be compressed
- *
- * @param width width (in pixels) of the source image
- *
- * @param pitch bytes per line in the source image.  Normally, this should be
- * <tt>width * #tjPixelSize[pixelFormat]</tt> if the image is unpadded, or
- * <tt>#TJPAD(width * #tjPixelSize[pixelFormat])</tt> if each line of the image
- * is padded to the nearest 32-bit boundary, as is the case for Windows
- * bitmaps.  You can also be clever and use this parameter to skip lines, etc.
- * Setting this parameter to 0 is the equivalent of setting it to
- * <tt>width * #tjPixelSize[pixelFormat]</tt>.
- *
- * @param height height (in pixels) of the source image
- *
- * @param pixelFormat pixel format of the source image (see @ref TJPF
- * "Pixel formats".)
- *
- * @param jpegBuf address of a pointer to an image buffer that will receive the
- * JPEG image.  TurboJPEG has the ability to reallocate the JPEG buffer
- * to accommodate the size of the JPEG image.  Thus, you can choose to:
- * -# pre-allocate the JPEG buffer with an arbitrary size using #tjAlloc() and
- * let TurboJPEG grow the buffer as needed,
- * -# set <tt>*jpegBuf</tt> to NULL to tell TurboJPEG to allocate the buffer
- * for you, or
- * -# pre-allocate the buffer to a "worst case" size determined by calling
- * #tjBufSize().  This should ensure that the buffer never has to be
- * re-allocated (setting #TJFLAG_NOREALLOC guarantees that it won't be.)
- * .
- * If you choose option 1, <tt>*jpegSize</tt> should be set to the size of your
- * pre-allocated buffer.  In any case, unless you have set #TJFLAG_NOREALLOC,
- * you should always check <tt>*jpegBuf</tt> upon return from this function, as
- * it may have changed.
- *
- * @param jpegSize pointer to an unsigned long variable that holds the size of
- * the JPEG image buffer.  If <tt>*jpegBuf</tt> points to a pre-allocated
- * buffer, then <tt>*jpegSize</tt> should be set to the size of the buffer.
- * Upon return, <tt>*jpegSize</tt> will contain the size of the JPEG image (in
- * bytes.)  If <tt>*jpegBuf</tt> points to a JPEG image buffer that is being
- * reused from a previous call to one of the JPEG compression functions, then
- * <tt>*jpegSize</tt> is ignored.
- *
- * @param jpegSubsamp the level of chrominance subsampling to be used when
- * generating the JPEG image (see @ref TJSAMP
- * "Chrominance subsampling options".)
- *
- * @param jpegQual the image quality of the generated JPEG image (1 = worst,
- * 100 = best)
- *
- * @param flags the bitwise OR of one or more of the @ref TJFLAG_ACCURATEDCT
- * "flags"
- *
- * @return 0 if successful, or -1 if an error occurred (see #tjGetErrorStr2()
- * and #tjGetErrorCode().)
-*/
-DLLEXPORT int tjCompress2(tjhandle handle, const unsigned char *srcBuf,
-                          int width, int pitch, int height, int pixelFormat,
-                          unsigned char **jpegBuf, unsigned long *jpegSize,
-                          int jpegSubsamp, int jpegQual, int flags);
-
-
-/**
- * Compress a YUV planar image into a JPEG image.
- *
- * @param handle a handle to a TurboJPEG compressor or transformer instance
- *
- * @param srcBuf pointer to an image buffer containing a YUV planar image to be
- * compressed.  The size of this buffer should match the value returned by
- * #tjBufSizeYUV2() for the given image width, height, padding, and level of
- * chrominance subsampling.  The Y, U (Cb), and V (Cr) image planes should be
- * stored sequentially in the source buffer (refer to @ref YUVnotes
- * "YUV Image Format Notes".)
- *
- * @param width width (in pixels) of the source image.  If the width is not an
- * even multiple of the MCU block width (see #tjMCUWidth), then an intermediate
- * buffer copy will be performed within TurboJPEG.
- *
- * @param pad the line padding used in the source image.  For instance, if each
- * line in each plane of the YUV image is padded to the nearest multiple of 4
- * bytes, then <tt>pad</tt> should be set to 4.
- *
- * @param height height (in pixels) of the source image.  If the height is not
- * an even multiple of the MCU block height (see #tjMCUHeight), then an
- * intermediate buffer copy will be performed within TurboJPEG.
- *
- * @param subsamp the level of chrominance subsampling used in the source
- * image (see @ref TJSAMP "Chrominance subsampling options".)
- *
- * @param jpegBuf address of a pointer to an image buffer that will receive the
- * JPEG image.  TurboJPEG has the ability to reallocate the JPEG buffer to
- * accommodate the size of the JPEG image.  Thus, you can choose to:
- * -# pre-allocate the JPEG buffer with an arbitrary size using #tjAlloc() and
- * let TurboJPEG grow the buffer as needed,
- * -# set <tt>*jpegBuf</tt> to NULL to tell TurboJPEG to allocate the buffer
- * for you, or
- * -# pre-allocate the buffer to a "worst case" size determined by calling
- * #tjBufSize().  This should ensure that the buffer never has to be
- * re-allocated (setting #TJFLAG_NOREALLOC guarantees that it won't be.)
- * .
- * If you choose option 1, <tt>*jpegSize</tt> should be set to the size of your
- * pre-allocated buffer.  In any case, unless you have set #TJFLAG_NOREALLOC,
- * you should always check <tt>*jpegBuf</tt> upon return from this function, as
- * it may have changed.
- *
- * @param jpegSize pointer to an unsigned long variable that holds the size of
- * the JPEG image buffer.  If <tt>*jpegBuf</tt> points to a pre-allocated
- * buffer, then <tt>*jpegSize</tt> should be set to the size of the buffer.
- * Upon return, <tt>*jpegSize</tt> will contain the size of the JPEG image (in
- * bytes.)  If <tt>*jpegBuf</tt> points to a JPEG image buffer that is being
- * reused from a previous call to one of the JPEG compression functions, then
- * <tt>*jpegSize</tt> is ignored.
- *
- * @param jpegQual the image quality of the generated JPEG image (1 = worst,
- * 100 = best)
- *
- * @param flags the bitwise OR of one or more of the @ref TJFLAG_ACCURATEDCT
- * "flags"
- *
- * @return 0 if successful, or -1 if an error occurred (see #tjGetErrorStr2()
- * and #tjGetErrorCode().)
-*/
-DLLEXPORT int tjCompressFromYUV(tjhandle handle, const unsigned char *srcBuf,
-                                int width, int pad, int height, int subsamp,
-                                unsigned char **jpegBuf,
-                                unsigned long *jpegSize, int jpegQual,
-                                int flags);
-
-
-/**
- * Compress a set of Y, U (Cb), and V (Cr) image planes into a JPEG image.
- *
- * @param handle a handle to a TurboJPEG compressor or transformer instance
- *
- * @param srcPlanes an array of pointers to Y, U (Cb), and V (Cr) image planes
- * (or just a Y plane, if compressing a grayscale image) that contain a YUV
- * image to be compressed.  These planes can be contiguous or non-contiguous in
- * memory.  The size of each plane should match the value returned by
- * #tjPlaneSizeYUV() for the given image width, height, strides, and level of
- * chrominance subsampling.  Refer to @ref YUVnotes "YUV Image Format Notes"
- * for more details.
- *
- * @param width width (in pixels) of the source image.  If the width is not an
- * even multiple of the MCU block width (see #tjMCUWidth), then an intermediate
- * buffer copy will be performed within TurboJPEG.
- *
- * @param strides an array of integers, each specifying the number of bytes per
- * line in the corresponding plane of the YUV source image.  Setting the stride
- * for any plane to 0 is the same as setting it to the plane width (see
- * @ref YUVnotes "YUV Image Format Notes".)  If <tt>strides</tt> is NULL, then
- * the strides for all planes will be set to their respective plane widths.
- * You can adjust the strides in order to specify an arbitrary amount of line
- * padding in each plane or to create a JPEG image from a subregion of a larger
- * YUV planar image.
- *
- * @param height height (in pixels) of the source image.  If the height is not
- * an even multiple of the MCU block height (see #tjMCUHeight), then an
- * intermediate buffer copy will be performed within TurboJPEG.
- *
- * @param subsamp the level of chrominance subsampling used in the source
- * image (see @ref TJSAMP "Chrominance subsampling options".)
- *
- * @param jpegBuf address of a pointer to an image buffer that will receive the
- * JPEG image.  TurboJPEG has the ability to reallocate the JPEG buffer to
- * accommodate the size of the JPEG image.  Thus, you can choose to:
- * -# pre-allocate the JPEG buffer with an arbitrary size using #tjAlloc() and
- * let TurboJPEG grow the buffer as needed,
- * -# set <tt>*jpegBuf</tt> to NULL to tell TurboJPEG to allocate the buffer
- * for you, or
- * -# pre-allocate the buffer to a "worst case" size determined by calling
- * #tjBufSize().  This should ensure that the buffer never has to be
- * re-allocated (setting #TJFLAG_NOREALLOC guarantees that it won't be.)
- * .
- * If you choose option 1, <tt>*jpegSize</tt> should be set to the size of your
- * pre-allocated buffer.  In any case, unless you have set #TJFLAG_NOREALLOC,
- * you should always check <tt>*jpegBuf</tt> upon return from this function, as
- * it may have changed.
- *
- * @param jpegSize pointer to an unsigned long variable that holds the size of
- * the JPEG image buffer.  If <tt>*jpegBuf</tt> points to a pre-allocated
- * buffer, then <tt>*jpegSize</tt> should be set to the size of the buffer.
- * Upon return, <tt>*jpegSize</tt> will contain the size of the JPEG image (in
- * bytes.)  If <tt>*jpegBuf</tt> points to a JPEG image buffer that is being
- * reused from a previous call to one of the JPEG compression functions, then
- * <tt>*jpegSize</tt> is ignored.
- *
- * @param jpegQual the image quality of the generated JPEG image (1 = worst,
- * 100 = best)
- *
- * @param flags the bitwise OR of one or more of the @ref TJFLAG_ACCURATEDCT
- * "flags"
- *
- * @return 0 if successful, or -1 if an error occurred (see #tjGetErrorStr2()
- * and #tjGetErrorCode().)
-*/
-DLLEXPORT int tjCompressFromYUVPlanes(tjhandle handle,
-                                      const unsigned char **srcPlanes,
-                                      int width, const int *strides,
-                                      int height, int subsamp,
-                                      unsigned char **jpegBuf,
-                                      unsigned long *jpegSize, int jpegQual,
-                                      int flags);
-
-
-/**
- * The maximum size of the buffer (in bytes) required to hold a JPEG image with
- * the given parameters.  The number of bytes returned by this function is
- * larger than the size of the uncompressed source image.  The reason for this
- * is that the JPEG format uses 16-bit coefficients, and it is thus possible
- * for a very high-quality JPEG image with very high-frequency content to
- * expand rather than compress when converted to the JPEG format.  Such images
- * represent a very rare corner case, but since there is no way to predict the
- * size of a JPEG image prior to compression, the corner case has to be
- * handled.
- *
- * @param width width (in pixels) of the image
- *
- * @param height height (in pixels) of the image
- *
- * @param jpegSubsamp the level of chrominance subsampling to be used when
- * generating the JPEG image (see @ref TJSAMP
- * "Chrominance subsampling options".)
- *
- * @return the maximum size of the buffer (in bytes) required to hold the
- * image, or -1 if the arguments are out of bounds.
- */
-DLLEXPORT unsigned long tjBufSize(int width, int height, int jpegSubsamp);
-
-
-/**
- * The size of the buffer (in bytes) required to hold a YUV planar image with
- * the given parameters.
- *
- * @param width width (in pixels) of the image
- *
- * @param pad the width of each line in each plane of the image is padded to
- * the nearest multiple of this number of bytes (must be a power of 2.)
- *
- * @param height height (in pixels) of the image
- *
- * @param subsamp level of chrominance subsampling in the image (see
- * @ref TJSAMP "Chrominance subsampling options".)
- *
- * @return the size of the buffer (in bytes) required to hold the image, or
- * -1 if the arguments are out of bounds.
- */
-DLLEXPORT unsigned long tjBufSizeYUV2(int width, int pad, int height,
-                                      int subsamp);
-
-
-/**
- * The size of the buffer (in bytes) required to hold a YUV image plane with
- * the given parameters.
- *
- * @param componentID ID number of the image plane (0 = Y, 1 = U/Cb, 2 = V/Cr)
- *
- * @param width width (in pixels) of the YUV image.  NOTE: this is the width of
- * the whole image, not the plane width.
- *
- * @param stride bytes per line in the image plane.  Setting this to 0 is the
- * equivalent of setting it to the plane width.
- *
- * @param height height (in pixels) of the YUV image.  NOTE: this is the height
- * of the whole image, not the plane height.
- *
- * @param subsamp level of chrominance subsampling in the image (see
- * @ref TJSAMP "Chrominance subsampling options".)
- *
- * @return the size of the buffer (in bytes) required to hold the YUV image
- * plane, or -1 if the arguments are out of bounds.
- */
-DLLEXPORT unsigned long tjPlaneSizeYUV(int componentID, int width, int stride,
-                                       int height, int subsamp);
-
-
-/**
- * The plane width of a YUV image plane with the given parameters.  Refer to
- * @ref YUVnotes "YUV Image Format Notes" for a description of plane width.
- *
- * @param componentID ID number of the image plane (0 = Y, 1 = U/Cb, 2 = V/Cr)
- *
- * @param width width (in pixels) of the YUV image
- *
- * @param subsamp level of chrominance subsampling in the image (see
- * @ref TJSAMP "Chrominance subsampling options".)
- *
- * @return the plane width of a YUV image plane with the given parameters, or
- * -1 if the arguments are out of bounds.
- */
-DLLEXPORT int tjPlaneWidth(int componentID, int width, int subsamp);
-
-
-/**
- * The plane height of a YUV image plane with the given parameters.  Refer to
- * @ref YUVnotes "YUV Image Format Notes" for a description of plane height.
- *
- * @param componentID ID number of the image plane (0 = Y, 1 = U/Cb, 2 = V/Cr)
- *
- * @param height height (in pixels) of the YUV image
- *
- * @param subsamp level of chrominance subsampling in the image (see
- * @ref TJSAMP "Chrominance subsampling options".)
- *
- * @return the plane height of a YUV image plane with the given parameters, or
- * -1 if the arguments are out of bounds.
- */
-DLLEXPORT int tjPlaneHeight(int componentID, int height, int subsamp);
-
-
-/**
- * Encode an RGB or grayscale image into a YUV planar image.  This function
- * uses the accelerated color conversion routines in the underlying
- * codec but does not execute any of the other steps in the JPEG compression
- * process.
- *
- * @param handle a handle to a TurboJPEG compressor or transformer instance
- *
- * @param srcBuf pointer to an image buffer containing RGB or grayscale pixels
- * to be encoded
- *
- * @param width width (in pixels) of the source image
- *
- * @param pitch bytes per line in the source image.  Normally, this should be
- * <tt>width * #tjPixelSize[pixelFormat]</tt> if the image is unpadded, or
- * <tt>#TJPAD(width * #tjPixelSize[pixelFormat])</tt> if each line of the image
- * is padded to the nearest 32-bit boundary, as is the case for Windows
- * bitmaps.  You can also be clever and use this parameter to skip lines, etc.
- * Setting this parameter to 0 is the equivalent of setting it to
- * <tt>width * #tjPixelSize[pixelFormat]</tt>.
- *
- * @param height height (in pixels) of the source image
- *
- * @param pixelFormat pixel format of the source image (see @ref TJPF
- * "Pixel formats".)
- *
- * @param dstBuf pointer to an image buffer that will receive the YUV image.
- * Use #tjBufSizeYUV2() to determine the appropriate size for this buffer based
- * on the image width, height, padding, and level of chrominance subsampling.
- * The Y, U (Cb), and V (Cr) image planes will be stored sequentially in the
- * buffer (refer to @ref YUVnotes "YUV Image Format Notes".)
- *
- * @param pad the width of each line in each plane of the YUV image will be
- * padded to the nearest multiple of this number of bytes (must be a power of
- * 2.)  To generate images suitable for X Video, <tt>pad</tt> should be set to
- * 4.
- *
- * @param subsamp the level of chrominance subsampling to be used when
- * generating the YUV image (see @ref TJSAMP
- * "Chrominance subsampling options".)  To generate images suitable for X
- * Video, <tt>subsamp</tt> should be set to @ref TJSAMP_420.  This produces an
- * image compatible with the I420 (AKA "YUV420P") format.
- *
- * @param flags the bitwise OR of one or more of the @ref TJFLAG_ACCURATEDCT
- * "flags"
- *
- * @return 0 if successful, or -1 if an error occurred (see #tjGetErrorStr2()
- * and #tjGetErrorCode().)
-*/
-DLLEXPORT int tjEncodeYUV3(tjhandle handle, const unsigned char *srcBuf,
-                           int width, int pitch, int height, int pixelFormat,
-                           unsigned char *dstBuf, int pad, int subsamp,
-                           int flags);
-
-
-/**
- * Encode an RGB or grayscale image into separate Y, U (Cb), and V (Cr) image
- * planes.  This function uses the accelerated color conversion routines in the
- * underlying codec but does not execute any of the other steps in the JPEG
- * compression process.
- *
- * @param handle a handle to a TurboJPEG compressor or transformer instance
- *
- * @param srcBuf pointer to an image buffer containing RGB or grayscale pixels
- * to be encoded
- *
- * @param width width (in pixels) of the source image
- *
- * @param pitch bytes per line in the source image.  Normally, this should be
- * <tt>width * #tjPixelSize[pixelFormat]</tt> if the image is unpadded, or
- * <tt>#TJPAD(width * #tjPixelSize[pixelFormat])</tt> if each line of the image
- * is padded to the nearest 32-bit boundary, as is the case for Windows
- * bitmaps.  You can also be clever and use this parameter to skip lines, etc.
- * Setting this parameter to 0 is the equivalent of setting it to
- * <tt>width * #tjPixelSize[pixelFormat]</tt>.
- *
- * @param height height (in pixels) of the source image
- *
- * @param pixelFormat pixel format of the source image (see @ref TJPF
- * "Pixel formats".)
- *
- * @param dstPlanes an array of pointers to Y, U (Cb), and V (Cr) image planes
- * (or just a Y plane, if generating a grayscale image) that will receive the
- * encoded image.  These planes can be contiguous or non-contiguous in memory.
- * Use #tjPlaneSizeYUV() to determine the appropriate size for each plane based
- * on the image width, height, strides, and level of chrominance subsampling.
- * Refer to @ref YUVnotes "YUV Image Format Notes" for more details.
- *
- * @param strides an array of integers, each specifying the number of bytes per
- * line in the corresponding plane of the output image.  Setting the stride for
- * any plane to 0 is the same as setting it to the plane width (see
- * @ref YUVnotes "YUV Image Format Notes".)  If <tt>strides</tt> is NULL, then
- * the strides for all planes will be set to their respective plane widths.
- * You can adjust the strides in order to add an arbitrary amount of line
- * padding to each plane or to encode an RGB or grayscale image into a
- * subregion of a larger YUV planar image.
- *
- * @param subsamp the level of chrominance subsampling to be used when
- * generating the YUV image (see @ref TJSAMP
- * "Chrominance subsampling options".)  To generate images suitable for X
- * Video, <tt>subsamp</tt> should be set to @ref TJSAMP_420.  This produces an
- * image compatible with the I420 (AKA "YUV420P") format.
- *
- * @param flags the bitwise OR of one or more of the @ref TJFLAG_ACCURATEDCT
- * "flags"
- *
- * @return 0 if successful, or -1 if an error occurred (see #tjGetErrorStr2()
- * and #tjGetErrorCode().)
-*/
-DLLEXPORT int tjEncodeYUVPlanes(tjhandle handle, const unsigned char *srcBuf,
-                                int width, int pitch, int height,
-                                int pixelFormat, unsigned char **dstPlanes,
-                                int *strides, int subsamp, int flags);
-
-
-/**
- * Create a TurboJPEG decompressor instance.
- *
- * @return a handle to the newly-created instance, or NULL if an error
- * occurred (see #tjGetErrorStr2().)
-*/
-DLLEXPORT tjhandle tjInitDecompress(void);
-
-
-/**
- * Retrieve information about a JPEG image without decompressing it.
- *
- * @param handle a handle to a TurboJPEG decompressor or transformer instance
- *
- * @param jpegBuf pointer to a buffer containing a JPEG image
- *
- * @param jpegSize size of the JPEG image (in bytes)
- *
- * @param width pointer to an integer variable that will receive the width (in
- * pixels) of the JPEG image
- *
- * @param height pointer to an integer variable that will receive the height
- * (in pixels) of the JPEG image
- *
- * @param jpegSubsamp pointer to an integer variable that will receive the
- * level of chrominance subsampling used when the JPEG image was compressed
- * (see @ref TJSAMP "Chrominance subsampling options".)
- *
- * @param jpegColorspace pointer to an integer variable that will receive one
- * of the JPEG colorspace constants, indicating the colorspace of the JPEG
- * image (see @ref TJCS "JPEG colorspaces".)
- *
- * @return 0 if successful, or -1 if an error occurred (see #tjGetErrorStr2()
- * and #tjGetErrorCode().)
-*/
-DLLEXPORT int tjDecompressHeader3(tjhandle handle,
-                                  const unsigned char *jpegBuf,
-                                  unsigned long jpegSize, int *width,
-                                  int *height, int *jpegSubsamp,
-                                  int *jpegColorspace);
-
-
-/**
- * Returns a list of fractional scaling factors that the JPEG decompressor in
- * this implementation of TurboJPEG supports.
- *
- * @param numscalingfactors pointer to an integer variable that will receive
- * the number of elements in the list
- *
- * @return a pointer to a list of fractional scaling factors, or NULL if an
- * error is encountered (see #tjGetErrorStr2().)
-*/
-DLLEXPORT tjscalingfactor *tjGetScalingFactors(int *numscalingfactors);
-
-
-/**
- * Decompress a JPEG image to an RGB, grayscale, or CMYK image.
- *
- * @param handle a handle to a TurboJPEG decompressor or transformer instance
- *
- * @param jpegBuf pointer to a buffer containing the JPEG image to decompress
- *
- * @param jpegSize size of the JPEG image (in bytes)
- *
- * @param dstBuf pointer to an image buffer that will receive the decompressed
- * image.  This buffer should normally be <tt>pitch * scaledHeight</tt> bytes
- * in size, where <tt>scaledHeight</tt> can be determined by calling
- * #TJSCALED() with the JPEG image height and one of the scaling factors
- * returned by #tjGetScalingFactors().  The <tt>dstBuf</tt> pointer may also be
- * used to decompress into a specific region of a larger buffer.
- *
- * @param width desired width (in pixels) of the destination image.  If this is
- * different than the width of the JPEG image being decompressed, then
- * TurboJPEG will use scaling in the JPEG decompressor to generate the largest
- * possible image that will fit within the desired width.  If <tt>width</tt> is
- * set to 0, then only the height will be considered when determining the
- * scaled image size.
- *
- * @param pitch bytes per line in the destination image.  Normally, this is
- * <tt>scaledWidth * #tjPixelSize[pixelFormat]</tt> if the decompressed image
- * is unpadded, else <tt>#TJPAD(scaledWidth * #tjPixelSize[pixelFormat])</tt>
- * if each line of the decompressed image is padded to the nearest 32-bit
- * boundary, as is the case for Windows bitmaps.  (NOTE: <tt>scaledWidth</tt>
- * can be determined by calling #TJSCALED() with the JPEG image width and one
- * of the scaling factors returned by #tjGetScalingFactors().)  You can also be
- * clever and use the pitch parameter to skip lines, etc.  Setting this
- * parameter to 0 is the equivalent of setting it to
- * <tt>scaledWidth * #tjPixelSize[pixelFormat]</tt>.
- *
- * @param height desired height (in pixels) of the destination image.  If this
- * is different than the height of the JPEG image being decompressed, then
- * TurboJPEG will use scaling in the JPEG decompressor to generate the largest
- * possible image that will fit within the desired height.  If <tt>height</tt>
- * is set to 0, then only the width will be considered when determining the
- * scaled image size.
- *
- * @param pixelFormat pixel format of the destination image (see @ref
- * TJPF "Pixel formats".)
- *
- * @param flags the bitwise OR of one or more of the @ref TJFLAG_ACCURATEDCT
- * "flags"
- *
- * @return 0 if successful, or -1 if an error occurred (see #tjGetErrorStr2()
- * and #tjGetErrorCode().)
- */
-DLLEXPORT int tjDecompress2(tjhandle handle, const unsigned char *jpegBuf,
-                            unsigned long jpegSize, unsigned char *dstBuf,
-                            int width, int pitch, int height, int pixelFormat,
-                            int flags);
-
-
-/**
- * Decompress a JPEG image to a YUV planar image.  This function performs JPEG
- * decompression but leaves out the color conversion step, so a planar YUV
- * image is generated instead of an RGB image.
- *
- * @param handle a handle to a TurboJPEG decompressor or transformer instance
- *
- * @param jpegBuf pointer to a buffer containing the JPEG image to decompress
- *
- * @param jpegSize size of the JPEG image (in bytes)
- *
- * @param dstBuf pointer to an image buffer that will receive the YUV image.
- * Use #tjBufSizeYUV2() to determine the appropriate size for this buffer based
- * on the image width, height, padding, and level of subsampling.  The Y,
- * U (Cb), and V (Cr) image planes will be stored sequentially in the buffer
- * (refer to @ref YUVnotes "YUV Image Format Notes".)
- *
- * @param width desired width (in pixels) of the YUV image.  If this is
- * different than the width of the JPEG image being decompressed, then
- * TurboJPEG will use scaling in the JPEG decompressor to generate the largest
- * possible image that will fit within the desired width.  If <tt>width</tt> is
- * set to 0, then only the height will be considered when determining the
- * scaled image size.  If the scaled width is not an even multiple of the MCU
- * block width (see #tjMCUWidth), then an intermediate buffer copy will be
- * performed within TurboJPEG.
- *
- * @param pad the width of each line in each plane of the YUV image will be
- * padded to the nearest multiple of this number of bytes (must be a power of
- * 2.)  To generate images suitable for X Video, <tt>pad</tt> should be set to
- * 4.
- *
- * @param height desired height (in pixels) of the YUV image.  If this is
- * different than the height of the JPEG image being decompressed, then
- * TurboJPEG will use scaling in the JPEG decompressor to generate the largest
- * possible image that will fit within the desired height.  If <tt>height</tt>
- * is set to 0, then only the width will be considered when determining the
- * scaled image size.  If the scaled height is not an even multiple of the MCU
- * block height (see #tjMCUHeight), then an intermediate buffer copy will be
- * performed within TurboJPEG.
- *
- * @param flags the bitwise OR of one or more of the @ref TJFLAG_ACCURATEDCT
- * "flags"
- *
- * @return 0 if successful, or -1 if an error occurred (see #tjGetErrorStr2()
- * and #tjGetErrorCode().)
- */
-DLLEXPORT int tjDecompressToYUV2(tjhandle handle, const unsigned char *jpegBuf,
-                                 unsigned long jpegSize, unsigned char *dstBuf,
-                                 int width, int pad, int height, int flags);
-
-
-/**
- * Decompress a JPEG image into separate Y, U (Cb), and V (Cr) image
- * planes.  This function performs JPEG decompression but leaves out the color
- * conversion step, so a planar YUV image is generated instead of an RGB image.
- *
- * @param handle a handle to a TurboJPEG decompressor or transformer instance
- *
- * @param jpegBuf pointer to a buffer containing the JPEG image to decompress
- *
- * @param jpegSize size of the JPEG image (in bytes)
- *
- * @param dstPlanes an array of pointers to Y, U (Cb), and V (Cr) image planes
- * (or just a Y plane, if decompressing a grayscale image) that will receive
- * the YUV image.  These planes can be contiguous or non-contiguous in memory.
- * Use #tjPlaneSizeYUV() to determine the appropriate size for each plane based
- * on the scaled image width, scaled image height, strides, and level of
- * chrominance subsampling.  Refer to @ref YUVnotes "YUV Image Format Notes"
- * for more details.
- *
- * @param width desired width (in pixels) of the YUV image.  If this is
- * different than the width of the JPEG image being decompressed, then
- * TurboJPEG will use scaling in the JPEG decompressor to generate the largest
- * possible image that will fit within the desired width.  If <tt>width</tt> is
- * set to 0, then only the height will be considered when determining the
- * scaled image size.  If the scaled width is not an even multiple of the MCU
- * block width (see #tjMCUWidth), then an intermediate buffer copy will be
- * performed within TurboJPEG.
- *
- * @param strides an array of integers, each specifying the number of bytes per
- * line in the corresponding plane of the output image.  Setting the stride for
- * any plane to 0 is the same as setting it to the scaled plane width (see
- * @ref YUVnotes "YUV Image Format Notes".)  If <tt>strides</tt> is NULL, then
- * the strides for all planes will be set to their respective scaled plane
- * widths.  You can adjust the strides in order to add an arbitrary amount of
- * line padding to each plane or to decompress the JPEG image into a subregion
- * of a larger YUV planar image.
- *
- * @param height desired height (in pixels) of the YUV image.  If this is
- * different than the height of the JPEG image being decompressed, then
- * TurboJPEG will use scaling in the JPEG decompressor to generate the largest
- * possible image that will fit within the desired height.  If <tt>height</tt>
- * is set to 0, then only the width will be considered when determining the
- * scaled image size.  If the scaled height is not an even multiple of the MCU
- * block height (see #tjMCUHeight), then an intermediate buffer copy will be
- * performed within TurboJPEG.
- *
- * @param flags the bitwise OR of one or more of the @ref TJFLAG_ACCURATEDCT
- * "flags"
- *
- * @return 0 if successful, or -1 if an error occurred (see #tjGetErrorStr2()
- * and #tjGetErrorCode().)
- */
-DLLEXPORT int tjDecompressToYUVPlanes(tjhandle handle,
-                                      const unsigned char *jpegBuf,
-                                      unsigned long jpegSize,
-                                      unsigned char **dstPlanes, int width,
-                                      int *strides, int height, int flags);
-
-
-/**
- * Decode a YUV planar image into an RGB or grayscale image.  This function
- * uses the accelerated color conversion routines in the underlying
- * codec but does not execute any of the other steps in the JPEG decompression
- * process.
- *
- * @param handle a handle to a TurboJPEG decompressor or transformer instance
- *
- * @param srcBuf pointer to an image buffer containing a YUV planar image to be
- * decoded.  The size of this buffer should match the value returned by
- * #tjBufSizeYUV2() for the given image width, height, padding, and level of
- * chrominance subsampling.  The Y, U (Cb), and V (Cr) image planes should be
- * stored sequentially in the source buffer (refer to @ref YUVnotes
- * "YUV Image Format Notes".)
- *
- * @param pad Use this parameter to specify that the width of each line in each
- * plane of the YUV source image is padded to the nearest multiple of this
- * number of bytes (must be a power of 2.)
- *
- * @param subsamp the level of chrominance subsampling used in the YUV source
- * image (see @ref TJSAMP "Chrominance subsampling options".)
- *
- * @param dstBuf pointer to an image buffer that will receive the decoded
- * image.  This buffer should normally be <tt>pitch * height</tt> bytes in
- * size, but the <tt>dstBuf</tt> pointer can also be used to decode into a
- * specific region of a larger buffer.
- *
- * @param width width (in pixels) of the source and destination images
- *
- * @param pitch bytes per line in the destination image.  Normally, this should
- * be <tt>width * #tjPixelSize[pixelFormat]</tt> if the destination image is
- * unpadded, or <tt>#TJPAD(width * #tjPixelSize[pixelFormat])</tt> if each line
- * of the destination image should be padded to the nearest 32-bit boundary, as
- * is the case for Windows bitmaps.  You can also be clever and use the pitch
- * parameter to skip lines, etc.  Setting this parameter to 0 is the equivalent
- * of setting it to <tt>width * #tjPixelSize[pixelFormat]</tt>.
- *
- * @param height height (in pixels) of the source and destination images
- *
- * @param pixelFormat pixel format of the destination image (see @ref TJPF
- * "Pixel formats".)
- *
- * @param flags the bitwise OR of one or more of the @ref TJFLAG_ACCURATEDCT
- * "flags"
- *
- * @return 0 if successful, or -1 if an error occurred (see #tjGetErrorStr2()
- * and #tjGetErrorCode().)
- */
-DLLEXPORT int tjDecodeYUV(tjhandle handle, const unsigned char *srcBuf,
-                          int pad, int subsamp, unsigned char *dstBuf,
-                          int width, int pitch, int height, int pixelFormat,
-                          int flags);
-
-
-/**
- * Decode a set of Y, U (Cb), and V (Cr) image planes into an RGB or grayscale
- * image.  This function uses the accelerated color conversion routines in the
- * underlying codec but does not execute any of the other steps in the JPEG
- * decompression process.
- *
- * @param handle a handle to a TurboJPEG decompressor or transformer instance
- *
- * @param srcPlanes an array of pointers to Y, U (Cb), and V (Cr) image planes
- * (or just a Y plane, if decoding a grayscale image) that contain a YUV image
- * to be decoded.  These planes can be contiguous or non-contiguous in memory.
- * The size of each plane should match the value returned by #tjPlaneSizeYUV()
- * for the given image width, height, strides, and level of chrominance
- * subsampling.  Refer to @ref YUVnotes "YUV Image Format Notes" for more
- * details.
- *
- * @param strides an array of integers, each specifying the number of bytes per
- * line in the corresponding plane of the YUV source image.  Setting the stride
- * for any plane to 0 is the same as setting it to the plane width (see
- * @ref YUVnotes "YUV Image Format Notes".)  If <tt>strides</tt> is NULL, then
- * the strides for all planes will be set to their respective plane widths.
- * You can adjust the strides in order to specify an arbitrary amount of line
- * padding in each plane or to decode a subregion of a larger YUV planar image.
- *
- * @param subsamp the level of chrominance subsampling used in the YUV source
- * image (see @ref TJSAMP "Chrominance subsampling options".)
- *
- * @param dstBuf pointer to an image buffer that will receive the decoded
- * image.  This buffer should normally be <tt>pitch * height</tt> bytes in
- * size, but the <tt>dstBuf</tt> pointer can also be used to decode into a
- * specific region of a larger buffer.
- *
- * @param width width (in pixels) of the source and destination images
- *
- * @param pitch bytes per line in the destination image.  Normally, this should
- * be <tt>width * #tjPixelSize[pixelFormat]</tt> if the destination image is
- * unpadded, or <tt>#TJPAD(width * #tjPixelSize[pixelFormat])</tt> if each line
- * of the destination image should be padded to the nearest 32-bit boundary, as
- * is the case for Windows bitmaps.  You can also be clever and use the pitch
- * parameter to skip lines, etc.  Setting this parameter to 0 is the equivalent
- * of setting it to <tt>width * #tjPixelSize[pixelFormat]</tt>.
- *
- * @param height height (in pixels) of the source and destination images
- *
- * @param pixelFormat pixel format of the destination image (see @ref TJPF
- * "Pixel formats".)
- *
- * @param flags the bitwise OR of one or more of the @ref TJFLAG_ACCURATEDCT
- * "flags"
- *
- * @return 0 if successful, or -1 if an error occurred (see #tjGetErrorStr2()
- * and #tjGetErrorCode().)
- */
-DLLEXPORT int tjDecodeYUVPlanes(tjhandle handle,
-                                const unsigned char **srcPlanes,
-                                const int *strides, int subsamp,
-                                unsigned char *dstBuf, int width, int pitch,
-                                int height, int pixelFormat, int flags);
-
-
-/**
- * Create a new TurboJPEG transformer instance.
- *
- * @return a handle to the newly-created instance, or NULL if an error
- * occurred (see #tjGetErrorStr2().)
- */
-DLLEXPORT tjhandle tjInitTransform(void);
-
-
-/**
- * Losslessly transform a JPEG image into another JPEG image.  Lossless
- * transforms work by moving the raw DCT coefficients from one JPEG image
- * structure to another without altering the values of the coefficients.  While
- * this is typically faster than decompressing the image, transforming it, and
- * re-compressing it, lossless transforms are not free.  Each lossless
- * transform requires reading and performing Huffman decoding on all of the
- * coefficients in the source image, regardless of the size of the destination
- * image.  Thus, this function provides a means of generating multiple
- * transformed images from the same source or  applying multiple
- * transformations simultaneously, in order to eliminate the need to read the
- * source coefficients multiple times.
- *
- * @param handle a handle to a TurboJPEG transformer instance
- *
- * @param jpegBuf pointer to a buffer containing the JPEG source image to
- * transform
- *
- * @param jpegSize size of the JPEG source image (in bytes)
- *
- * @param n the number of transformed JPEG images to generate
- *
- * @param dstBufs pointer to an array of n image buffers.  <tt>dstBufs[i]</tt>
- * will receive a JPEG image that has been transformed using the parameters in
- * <tt>transforms[i]</tt>.  TurboJPEG has the ability to reallocate the JPEG
- * buffer to accommodate the size of the JPEG image.  Thus, you can choose to:
- * -# pre-allocate the JPEG buffer with an arbitrary size using #tjAlloc() and
- * let TurboJPEG grow the buffer as needed,
- * -# set <tt>dstBufs[i]</tt> to NULL to tell TurboJPEG to allocate the buffer
- * for you, or
- * -# pre-allocate the buffer to a "worst case" size determined by calling
- * #tjBufSize() with the transformed or cropped width and height.  Under normal
- * circumstances, this should ensure that the buffer never has to be
- * re-allocated (setting #TJFLAG_NOREALLOC guarantees that it won't be.)  Note,
- * however, that there are some rare cases (such as transforming images with a
- * large amount of embedded EXIF or ICC profile data) in which the output image
- * will be larger than the worst-case size, and #TJFLAG_NOREALLOC cannot be
- * used in those cases.
- * .
- * If you choose option 1, <tt>dstSizes[i]</tt> should be set to the size of
- * your pre-allocated buffer.  In any case, unless you have set
- * #TJFLAG_NOREALLOC, you should always check <tt>dstBufs[i]</tt> upon return
- * from this function, as it may have changed.
- *
- * @param dstSizes pointer to an array of n unsigned long variables that will
- * receive the actual sizes (in bytes) of each transformed JPEG image.  If
- * <tt>dstBufs[i]</tt> points to a pre-allocated buffer, then
- * <tt>dstSizes[i]</tt> should be set to the size of the buffer.  Upon return,
- * <tt>dstSizes[i]</tt> will contain the size of the JPEG image (in bytes.)
- *
- * @param transforms pointer to an array of n #tjtransform structures, each of
- * which specifies the transform parameters and/or cropping region for the
- * corresponding transformed output image.
- *
- * @param flags the bitwise OR of one or more of the @ref TJFLAG_ACCURATEDCT
- * "flags"
- *
- * @return 0 if successful, or -1 if an error occurred (see #tjGetErrorStr2()
- * and #tjGetErrorCode().)
- */
-DLLEXPORT int tjTransform(tjhandle handle, const unsigned char *jpegBuf,
-                          unsigned long jpegSize, int n,
-                          unsigned char **dstBufs, unsigned long *dstSizes,
-                          tjtransform *transforms, int flags);
-
-
-/**
- * Destroy a TurboJPEG compressor, decompressor, or transformer instance.
- *
- * @param handle a handle to a TurboJPEG compressor, decompressor or
- * transformer instance
- *
- * @return 0 if successful, or -1 if an error occurred (see #tjGetErrorStr2().)
- */
-DLLEXPORT int tjDestroy(tjhandle handle);
-
-
-/**
- * Allocate an image buffer for use with TurboJPEG.  You should always use
- * this function to allocate the JPEG destination buffer(s) for the compression
- * and transform functions unless you are disabling automatic buffer
- * (re)allocation (by setting #TJFLAG_NOREALLOC.)
- *
- * @param bytes the number of bytes to allocate
- *
- * @return a pointer to a newly-allocated buffer with the specified number of
- * bytes.
- *
- * @sa tjFree()
- */
-DLLEXPORT unsigned char *tjAlloc(int bytes);
-
-
-/**
- * Load an uncompressed image from disk into memory.
- *
- * @param filename name of a file containing an uncompressed image in Windows
- * BMP or PBMPLUS (PPM/PGM) format
- *
- * @param width pointer to an integer variable that will receive the width (in
- * pixels) of the uncompressed image
- *
- * @param align row alignment of the image buffer to be returned (must be a
- * power of 2.)  For instance, setting this parameter to 4 will cause all rows
- * in the image buffer to be padded to the nearest 32-bit boundary, and setting
- * this parameter to 1 will cause all rows in the image buffer to be unpadded.
- *
- * @param height pointer to an integer variable that will receive the height
- * (in pixels) of the uncompressed image
- *
- * @param pixelFormat pointer to an integer variable that specifies or will
- * receive the pixel format of the uncompressed image buffer.  The behavior of
- * #tjLoadImage() will vary depending on the value of <tt>*pixelFormat</tt>
- * passed to the function:
- * - @ref TJPF_UNKNOWN : The uncompressed image buffer returned by the function
- * will use the most optimal pixel format for the file type, and
- * <tt>*pixelFormat</tt> will contain the ID of this pixel format upon
- * successful return from the function.
- * - @ref TJPF_GRAY : Only PGM files and 8-bit BMP files with a grayscale
- * colormap can be loaded.
- * - @ref TJPF_CMYK : The RGB or grayscale pixels stored in the file will be
- * converted using a quick & dirty algorithm that is suitable only for testing
- * purposes (proper conversion between CMYK and other formats requires a color
- * management system.)
- * - Other @ref TJPF "pixel formats" : The uncompressed image buffer will use
- * the specified pixel format, and pixel format conversion will be performed if
- * necessary.
- *
- * @param flags the bitwise OR of one or more of the @ref TJFLAG_BOTTOMUP
- * "flags".
- *
- * @return a pointer to a newly-allocated buffer containing the uncompressed
- * image, converted to the chosen pixel format and with the chosen row
- * alignment, or NULL if an error occurred (see #tjGetErrorStr2().)  This
- * buffer should be freed using #tjFree().
- */
-DLLEXPORT unsigned char *tjLoadImage(const char *filename, int *width,
-                                     int align, int *height, int *pixelFormat,
-                                     int flags);
-
-
-/**
- * Save an uncompressed image from memory to disk.
- *
- * @param filename name of a file to which to save the uncompressed image.
- * The image will be stored in Windows BMP or PBMPLUS (PPM/PGM) format,
- * depending on the file extension.
- *
- * @param buffer pointer to an image buffer containing RGB, grayscale, or
- * CMYK pixels to be saved
- *
- * @param width width (in pixels) of the uncompressed image
- *
- * @param pitch bytes per line in the image buffer.  Setting this parameter to
- * 0 is the equivalent of setting it to
- * <tt>width * #tjPixelSize[pixelFormat]</tt>.
- *
- * @param height height (in pixels) of the uncompressed image
- *
- * @param pixelFormat pixel format of the image buffer (see @ref TJPF
- * "Pixel formats".)  If this parameter is set to @ref TJPF_GRAY, then the
- * image will be stored in PGM or 8-bit (indexed color) BMP format.  Otherwise,
- * the image will be stored in PPM or 24-bit BMP format.  If this parameter
- * is set to @ref TJPF_CMYK, then the CMYK pixels will be converted to RGB
- * using a quick & dirty algorithm that is suitable only for testing (proper
- * conversion between CMYK and other formats requires a color management
- * system.)
- *
- * @param flags the bitwise OR of one or more of the @ref TJFLAG_BOTTOMUP
- * "flags".
- *
- * @return 0 if successful, or -1 if an error occurred (see #tjGetErrorStr2().)
- */
-DLLEXPORT int tjSaveImage(const char *filename, unsigned char *buffer,
-                          int width, int pitch, int height, int pixelFormat,
-                          int flags);
-
-
-/**
- * Free an image buffer previously allocated by TurboJPEG.  You should always
- * use this function to free JPEG destination buffer(s) that were automatically
- * (re)allocated by the compression and transform functions or that were
- * manually allocated using #tjAlloc().
- *
- * @param buffer address of the buffer to free.  If the address is NULL, then
- * this function has no effect.
- *
- * @sa tjAlloc()
- */
-DLLEXPORT void tjFree(unsigned char *buffer);
-
-
-/**
- * Returns a descriptive error message explaining why the last command failed.
- *
- * @param handle a handle to a TurboJPEG compressor, decompressor, or
- * transformer instance, or NULL if the error was generated by a global
- * function (but note that retrieving the error message for a global function
- * is thread-safe only on platforms that support thread-local storage.)
- *
- * @return a descriptive error message explaining why the last command failed.
- */
-DLLEXPORT char *tjGetErrorStr2(tjhandle handle);
-
-
-/**
- * Returns a code indicating the severity of the last error.  See
- * @ref TJERR "Error codes".
- *
- * @param handle a handle to a TurboJPEG compressor, decompressor or
- * transformer instance
- *
- * @return a code indicating the severity of the last error.  See
- * @ref TJERR "Error codes".
- */
-DLLEXPORT int tjGetErrorCode(tjhandle handle);
-
-
-/* Deprecated functions and macros */
-#define TJFLAG_FORCEMMX  8
-#define TJFLAG_FORCESSE  16
-#define TJFLAG_FORCESSE2  32
-#define TJFLAG_FORCESSE3  128
-
-
-/* Backward compatibility functions and macros (nothing to see here) */
-#define NUMSUBOPT  TJ_NUMSAMP
-#define TJ_444  TJSAMP_444
-#define TJ_422  TJSAMP_422
-#define TJ_420  TJSAMP_420
-#define TJ_411  TJSAMP_420
-#define TJ_GRAYSCALE  TJSAMP_GRAY
-
-#define TJ_BGR  1
-#define TJ_BOTTOMUP  TJFLAG_BOTTOMUP
-#define TJ_FORCEMMX  TJFLAG_FORCEMMX
-#define TJ_FORCESSE  TJFLAG_FORCESSE
-#define TJ_FORCESSE2  TJFLAG_FORCESSE2
-#define TJ_ALPHAFIRST  64
-#define TJ_FORCESSE3  TJFLAG_FORCESSE3
-#define TJ_FASTUPSAMPLE  TJFLAG_FASTUPSAMPLE
-#define TJ_YUV  512
-
-DLLEXPORT unsigned long TJBUFSIZE(int width, int height);
-
-DLLEXPORT unsigned long TJBUFSIZEYUV(int width, int height, int jpegSubsamp);
-
-DLLEXPORT unsigned long tjBufSizeYUV(int width, int height, int subsamp);
-
-DLLEXPORT int tjCompress(tjhandle handle, unsigned char *srcBuf, int width,
-                         int pitch, int height, int pixelSize,
-                         unsigned char *dstBuf, unsigned long *compressedSize,
-                         int jpegSubsamp, int jpegQual, int flags);
-
-DLLEXPORT int tjEncodeYUV(tjhandle handle, unsigned char *srcBuf, int width,
-                          int pitch, int height, int pixelSize,
-                          unsigned char *dstBuf, int subsamp, int flags);
-
-DLLEXPORT int tjEncodeYUV2(tjhandle handle, unsigned char *srcBuf, int width,
-                           int pitch, int height, int pixelFormat,
-                           unsigned char *dstBuf, int subsamp, int flags);
-
-DLLEXPORT int tjDecompressHeader(tjhandle handle, unsigned char *jpegBuf,
-                                 unsigned long jpegSize, int *width,
-                                 int *height);
-
-DLLEXPORT int tjDecompressHeader2(tjhandle handle, unsigned char *jpegBuf,
-                                  unsigned long jpegSize, int *width,
-                                  int *height, int *jpegSubsamp);
-
-DLLEXPORT int tjDecompress(tjhandle handle, unsigned char *jpegBuf,
-                           unsigned long jpegSize, unsigned char *dstBuf,
-                           int width, int pitch, int height, int pixelSize,
-                           int flags);
-
-DLLEXPORT int tjDecompressToYUV(tjhandle handle, unsigned char *jpegBuf,
-                                unsigned long jpegSize, unsigned char *dstBuf,
-                                int flags);
-
-DLLEXPORT char *tjGetErrorStr(void);
-
-
-/**
- * @}
- */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/3rdparty/libjpeg-turbo_2_1_0/usage.txt b/3rdparty/libjpeg-turbo_2_1_0/usage.txt
deleted file mode 100644
index f7fa3c0..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/usage.txt
+++ /dev/null
@@ -1,683 +0,0 @@
-NOTE:  This file was modified by The libjpeg-turbo Project to include only
-information relevant to libjpeg-turbo and to wordsmith certain sections.
-
-USAGE instructions for the Independent JPEG Group's JPEG software
-=================================================================
-
-This file describes usage of the JPEG conversion programs cjpeg and djpeg,
-as well as the utility programs jpegtran, rdjpgcom and wrjpgcom.  (See
-the other documentation files if you wish to use the JPEG library within
-your own programs.)
-
-If you are on a Unix machine you may prefer to read the Unix-style manual
-pages in files cjpeg.1, djpeg.1, jpegtran.1, rdjpgcom.1, wrjpgcom.1.
-
-
-INTRODUCTION
-
-These programs implement JPEG image encoding, decoding, and transcoding.
-JPEG (pronounced "jay-peg") is a standardized compression method for
-full-color and grayscale images.
-
-
-GENERAL USAGE
-
-We provide two programs, cjpeg to compress an image file into JPEG format,
-and djpeg to decompress a JPEG file back into a conventional image format.
-
-On Unix-like systems, you say:
-        cjpeg [switches] [imagefile] >jpegfile
-or
-        djpeg [switches] [jpegfile]  >imagefile
-The programs read the specified input file, or standard input if none is
-named.  They always write to standard output (with trace/error messages to
-standard error).  These conventions are handy for piping images between
-programs.
-
-On most non-Unix systems, you say:
-        cjpeg [switches] imagefile jpegfile
-or
-        djpeg [switches] jpegfile  imagefile
-i.e., both the input and output files are named on the command line.  This
-style is a little more foolproof, and it loses no functionality if you don't
-have pipes.  (You can get this style on Unix too, if you prefer, by defining
-TWO_FILE_COMMANDLINE when you compile the programs; see install.txt.)
-
-You can also say:
-        cjpeg [switches] -outfile jpegfile  imagefile
-or
-        djpeg [switches] -outfile imagefile  jpegfile
-This syntax works on all systems, so it is useful for scripts.
-
-The currently supported image file formats are: PPM (PBMPLUS color format),
-PGM (PBMPLUS grayscale format), BMP, GIF, and Targa.  cjpeg recognizes the
-input image format automatically, with the exception of some Targa files.  You
-have to tell djpeg which format to generate.
-
-JPEG files are in the defacto standard JFIF file format.  There are other,
-less widely used JPEG-based file formats, but we don't support them.
-
-All switch names may be abbreviated; for example, -grayscale may be written
--gray or -gr.  Most of the "basic" switches can be abbreviated to as little as
-one letter.  Upper and lower case are equivalent (-BMP is the same as -bmp).
-British spellings are also accepted (e.g., -greyscale), though for brevity
-these are not mentioned below.
-
-
-CJPEG DETAILS
-
-The basic command line switches for cjpeg are:
-
-        -quality N[,...]  Scale quantization tables to adjust image quality.
-                          Quality is 0 (worst) to 100 (best); default is 75.
-                          (See below for more info.)
-
-        -grayscale      Create monochrome JPEG file from color input.
-                        Be sure to use this switch when compressing a grayscale
-                        BMP or GIF file, because cjpeg isn't bright enough to
-                        notice whether a BMP or GIF file uses only shades of
-                        gray.  By saying -grayscale, you'll get a smaller JPEG
-                        file that takes less time to process.
-
-        -rgb            Create RGB JPEG file.
-                        Using this switch suppresses the conversion from RGB
-                        colorspace input to the default YCbCr JPEG colorspace.
-
-        -optimize       Perform optimization of entropy encoding parameters.
-                        Without this, default encoding parameters are used.
-                        -optimize usually makes the JPEG file a little smaller,
-                        but cjpeg runs somewhat slower and needs much more
-                        memory.  Image quality and speed of decompression are
-                        unaffected by -optimize.
-
-        -progressive    Create progressive JPEG file (see below).
-
-        -targa          Input file is Targa format.  Targa files that contain
-                        an "identification" field will not be automatically
-                        recognized by cjpeg; for such files you must specify
-                        -targa to make cjpeg treat the input as Targa format.
-                        For most Targa files, you won't need this switch.
-
-The -quality switch lets you trade off compressed file size against quality of
-the reconstructed image: the higher the quality setting, the larger the JPEG
-file, and the closer the output image will be to the original input.  Normally
-you want to use the lowest quality setting (smallest file) that decompresses
-into something visually indistinguishable from the original image.  For this
-purpose the quality setting should generally be between 50 and 95 (the default
-is 75) for photographic images.  If you see defects at -quality 75, then go up
-5 or 10 counts at a time until you are happy with the output image.  (The
-optimal setting will vary from one image to another.)
-
--quality 100 will generate a quantization table of all 1's, minimizing loss
-in the quantization step (but there is still information loss in subsampling,
-as well as roundoff error.)  For most images, specifying a quality value above
-about 95 will increase the size of the compressed file dramatically, and while
-the quality gain from these higher quality values is measurable (using metrics
-such as PSNR or SSIM), it is rarely perceivable by human vision.
-
-In the other direction, quality values below 50 will produce very small files
-of low image quality.  Settings around 5 to 10 might be useful in preparing an
-index of a large image library, for example.  Try -quality 2 (or so) for some
-amusing Cubist effects.  (Note: quality values below about 25 generate 2-byte
-quantization tables, which are considered optional in the JPEG standard.
-cjpeg emits a warning message when you give such a quality value, because some
-other JPEG programs may be unable to decode the resulting file.  Use -baseline
-if you need to ensure compatibility at low quality values.)
-
-The -quality option has been extended in this version of cjpeg to support
-separate quality settings for luminance and chrominance (or, in general,
-separate settings for every quantization table slot.)  The principle is the
-same as chrominance subsampling:  since the human eye is more sensitive to
-spatial changes in brightness than spatial changes in color, the chrominance
-components can be quantized more than the luminance components without
-incurring any visible image quality loss.  However, unlike subsampling, this
-feature reduces data in the frequency domain instead of the spatial domain,
-which allows for more fine-grained control.  This option is useful in
-quality-sensitive applications, for which the artifacts generated by
-subsampling may be unacceptable.
-
-The -quality option accepts a comma-separated list of parameters, which
-respectively refer to the quality levels that should be assigned to the
-quantization table slots.  If there are more q-table slots than parameters,
-then the last parameter is replicated.  Thus, if only one quality parameter is
-given, this is used for both luminance and chrominance (slots 0 and 1,
-respectively), preserving the legacy behavior of cjpeg v6b and prior.  More (or
-customized) quantization tables can be set with the -qtables option and
-assigned to components with the -qslots option (see the "wizard" switches
-below.)
-
-JPEG  files  generated  with separate luminance and chrominance quality are
-fully compliant with standard JPEG decoders.
-
-CAUTION: For this setting to be useful, be sure to pass an argument of
--sample 1x1 to cjpeg to disable chrominance subsampling.  Otherwise, the
-default subsampling level (2x2, AKA "4:2:0") will be used.
-
-The -progressive switch creates a "progressive JPEG" file.  In this type of
-JPEG file, the data is stored in multiple scans of increasing quality.  If the
-file is being transmitted over a slow communications link, the decoder can use
-the first scan to display a low-quality image very quickly, and can then
-improve the display with each subsequent scan.  The final image is exactly
-equivalent to a standard JPEG file of the same quality setting, and the total
-file size is about the same --- often a little smaller.
-
-Switches for advanced users:
-
-        -arithmetic     Use arithmetic coding.  CAUTION: arithmetic coded JPEG
-                        is not yet widely implemented, so many decoders will
-                        be unable to view an arithmetic coded JPEG file at
-                        all.
-
-        -dct int        Use accurate integer DCT method (default).
-        -dct fast       Use less accurate integer DCT method [legacy feature].
-                        When the Independent JPEG Group's software was first
-                        released in 1991, the compression time for a
-                        1-megapixel JPEG image on a mainstream PC was measured
-                        in minutes.  Thus, the fast integer DCT algorithm
-                        provided noticeable performance benefits.  On modern
-                        CPUs running libjpeg-turbo, however, the compression
-                        time for a 1-megapixel JPEG image is measured in
-                        milliseconds, and thus the performance benefits of the
-                        fast algorithm are much less noticeable.  On modern
-                        x86/x86-64 CPUs that support AVX2 instructions, the
-                        fast and int methods have similar performance.  On
-                        other types of CPUs, the fast method is generally about
-                        5-15% faster than the int method.
-
-                        For quality levels of 90 and below, there should be
-                        little or no perceptible quality difference between the
-                        two algorithms.  For quality levels above 90, however,
-                        the difference between the fast and int methods becomes
-                        more pronounced.  With quality=97, for instance, the
-                        fast method incurs generally about a 1-3 dB loss in
-                        PSNR relative to the int method, but this can be larger
-                        for some images.  Do not use the fast method with
-                        quality levels above 97.  The algorithm often
-                        degenerates at quality=98 and above and can actually
-                        produce a more lossy image than if lower quality levels
-                        had been used.  Also, in libjpeg-turbo, the fast method
-                        is not fully accelerated for quality levels above 97,
-                        so it will be slower than the int method.
-        -dct float      Use floating-point DCT method [legacy feature].
-                        The float method does not produce significantly more
-                        accurate results than the int method, and it is much
-                        slower.  The float method may also give different
-                        results on different machines due to varying roundoff
-                        behavior, whereas the integer methods should give the
-                        same results on all machines.
-
-        -restart N      Emit a JPEG restart marker every N MCU rows, or every
-                        N MCU blocks if "B" is attached to the number.
-                        -restart 0 (the default) means no restart markers.
-
-        -smooth N       Smooth the input image to eliminate dithering noise.
-                        N, ranging from 1 to 100, indicates the strength of
-                        smoothing.  0 (the default) means no smoothing.
-
-        -maxmemory N    Set limit for amount of memory to use in processing
-                        large images.  Value is in thousands of bytes, or
-                        millions of bytes if "M" is attached to the number.
-                        For example, -max 4m selects 4000000 bytes.  If more
-                        space is needed, an error will occur.
-
-        -verbose        Enable debug printout.  More -v's give more printout.
-        or  -debug      Also, version information is printed at startup.
-
-The -restart option inserts extra markers that allow a JPEG decoder to
-resynchronize after a transmission error.  Without restart markers, any damage
-to a compressed file will usually ruin the image from the point of the error
-to the end of the image; with restart markers, the damage is usually confined
-to the portion of the image up to the next restart marker.  Of course, the
-restart markers occupy extra space.  We recommend -restart 1 for images that
-will be transmitted across unreliable networks such as Usenet.
-
-The -smooth option filters the input to eliminate fine-scale noise.  This is
-often useful when converting dithered images to JPEG: a moderate smoothing
-factor of 10 to 50 gets rid of dithering patterns in the input file, resulting
-in a smaller JPEG file and a better-looking image.  Too large a smoothing
-factor will visibly blur the image, however.
-
-Switches for wizards:
-
-        -baseline       Force baseline-compatible quantization tables to be
-                        generated.  This clamps quantization values to 8 bits
-                        even at low quality settings.  (This switch is poorly
-                        named, since it does not ensure that the output is
-                        actually baseline JPEG.  For example, you can use
-                        -baseline and -progressive together.)
-
-        -qtables file   Use the quantization tables given in the specified
-                        text file.
-
-        -qslots N[,...] Select which quantization table to use for each color
-                        component.
-
-        -sample HxV[,...]  Set JPEG sampling factors for each color component.
-
-        -scans file     Use the scan script given in the specified text file.
-
-The "wizard" switches are intended for experimentation with JPEG.  If you
-don't know what you are doing, DON'T USE THEM.  These switches are documented
-further in the file wizard.txt.
-
-
-DJPEG DETAILS
-
-The basic command line switches for djpeg are:
-
-        -colors N       Reduce image to at most N colors.  This reduces the
-        or -quantize N  number of colors used in the output image, so that it
-                        can be displayed on a colormapped display or stored in
-                        a colormapped file format.  For example, if you have
-                        an 8-bit display, you'd need to reduce to 256 or fewer
-                        colors.  (-colors is the recommended name, -quantize
-                        is provided only for backwards compatibility.)
-
-        -fast           Select recommended processing options for fast, low
-                        quality output.  (The default options are chosen for
-                        highest quality output.)  Currently, this is equivalent
-                        to "-dct fast -nosmooth -onepass -dither ordered".
-
-        -grayscale      Force grayscale output even if JPEG file is color.
-                        Useful for viewing on monochrome displays; also,
-                        djpeg runs noticeably faster in this mode.
-
-        -rgb            Force RGB output even if JPEG file is grayscale.
-
-        -scale M/N      Scale the output image by a factor M/N.  Currently
-                        the scale factor must be M/8, where M is an integer
-                        between 1 and 16 inclusive, or any reduced fraction
-                        thereof (such as 1/2, 3/4, etc.  Scaling is handy if
-                        the image is larger than your screen; also, djpeg runs
-                        much faster when scaling down the output.
-
-        -bmp            Select BMP output format (Windows flavor).  8-bit
-                        colormapped format is emitted if -colors or -grayscale
-                        is specified, or if the JPEG file is grayscale;
-                        otherwise, 24-bit full-color format is emitted.
-
-        -gif            Select GIF output format (LZW-compressed).  Since GIF
-                        does not support more than 256 colors, -colors 256 is
-                        assumed (unless you specify a smaller number of
-                        colors).  If you specify -fast, the default number of
-                        colors is 216.
-
-        -gif0           Select GIF output format (uncompressed).  Since GIF
-                        does not support more than 256 colors, -colors 256 is
-                        assumed (unless you specify a smaller number of
-                        colors).  If you specify -fast, the default number of
-                        colors is 216.
-
-        -os2            Select BMP output format (OS/2 1.x flavor).  8-bit
-                        colormapped format is emitted if -colors or -grayscale
-                        is specified, or if the JPEG file is grayscale;
-                        otherwise, 24-bit full-color format is emitted.
-
-        -pnm            Select PBMPLUS (PPM/PGM) output format (this is the
-                        default format).  PGM is emitted if the JPEG file is
-                        grayscale or if -grayscale is specified; otherwise
-                        PPM is emitted.
-
-        -targa          Select Targa output format.  Grayscale format is
-                        emitted if the JPEG file is grayscale or if
-                        -grayscale is specified; otherwise, colormapped format
-                        is emitted if -colors is specified; otherwise, 24-bit
-                        full-color format is emitted.
-
-Switches for advanced users:
-
-        -dct int        Use accurate integer DCT method (default).
-        -dct fast       Use less accurate integer DCT method [legacy feature].
-                        When the Independent JPEG Group's software was first
-                        released in 1991, the decompression time for a
-                        1-megapixel JPEG image on a mainstream PC was measured
-                        in minutes.  Thus, the fast integer DCT algorithm
-                        provided noticeable performance benefits.  On modern
-                        CPUs running libjpeg-turbo, however, the decompression
-                        time for a 1-megapixel JPEG image is measured in
-                        milliseconds, and thus the performance benefits of the
-                        fast algorithm are much less noticeable.  On modern
-                        x86/x86-64 CPUs that support AVX2 instructions, the
-                        fast and int methods have similar performance.  On
-                        other types of CPUs, the fast method is generally about
-                        5-15% faster than the int method.
-
-                        If the JPEG image was compressed using a quality level
-                        of 85 or below, then there should be little or no
-                        perceptible quality difference between the two
-                        algorithms.  When decompressing images that were
-                        compressed using quality levels above 85, however, the
-                        difference between the fast and int methods becomes
-                        more pronounced.  With images compressed using
-                        quality=97, for instance, the fast method incurs
-                        generally about a 4-6 dB loss in PSNR relative to the
-                        int method, but this can be larger for some images.  If
-                        you can avoid it, do not use the fast method when
-                        decompressing images that were compressed using quality
-                        levels above 97.  The algorithm often degenerates for
-                        such images and can actually produce a more lossy
-                        output image than if the JPEG image had been compressed
-                        using lower quality levels.
-        -dct float      Use floating-point DCT method [legacy feature].
-                        The float method does not produce significantly more
-                        accurate results than the int method, and it is much
-                        slower.  The float method may also give different
-                        results on different machines due to varying roundoff
-                        behavior, whereas the integer methods should give the
-                        same results on all machines.
-
-        -dither fs      Use Floyd-Steinberg dithering in color quantization.
-        -dither ordered Use ordered dithering in color quantization.
-        -dither none    Do not use dithering in color quantization.
-                        By default, Floyd-Steinberg dithering is applied when
-                        quantizing colors; this is slow but usually produces
-                        the best results.  Ordered dither is a compromise
-                        between speed and quality; no dithering is fast but
-                        usually looks awful.  Note that these switches have
-                        no effect unless color quantization is being done.
-                        Ordered dither is only available in -onepass mode.
-
-        -map FILE       Quantize to the colors used in the specified image
-                        file.  This is useful for producing multiple files
-                        with identical color maps, or for forcing a predefined
-                        set of colors to be used.  The FILE must be a GIF
-                        or PPM file.  This option overrides -colors and
-                        -onepass.
-
-        -nosmooth       Use a faster, lower-quality upsampling routine.
-
-        -onepass        Use one-pass instead of two-pass color quantization.
-                        The one-pass method is faster and needs less memory,
-                        but it produces a lower-quality image.  -onepass is
-                        ignored unless you also say -colors N.  Also,
-                        the one-pass method is always used for grayscale
-                        output (the two-pass method is no improvement then).
-
-        -maxmemory N    Set limit for amount of memory to use in processing
-                        large images.  Value is in thousands of bytes, or
-                        millions of bytes if "M" is attached to the number.
-                        For example, -max 4m selects 4000000 bytes.  If more
-                        space is needed, an error will occur.
-
-        -verbose        Enable debug printout.  More -v's give more printout.
-        or  -debug      Also, version information is printed at startup.
-
-
-HINTS FOR CJPEG
-
-Color GIF files are not the ideal input for JPEG; JPEG is really intended for
-compressing full-color (24-bit) images.  In particular, don't try to convert
-cartoons, line drawings, and other images that have only a few distinct
-colors.  GIF works great on these, JPEG does not.  If you want to convert a
-GIF to JPEG, you should experiment with cjpeg's -quality and -smooth options
-to get a satisfactory conversion.  -smooth 10 or so is often helpful.
-
-Avoid running an image through a series of JPEG compression/decompression
-cycles.  Image quality loss will accumulate; after ten or so cycles the image
-may be noticeably worse than it was after one cycle.  It's best to use a
-lossless format while manipulating an image, then convert to JPEG format when
-you are ready to file the image away.
-
-The -optimize option to cjpeg is worth using when you are making a "final"
-version for posting or archiving.  It's also a win when you are using low
-quality settings to make very small JPEG files; the percentage improvement
-is often a lot more than it is on larger files.  (At present, -optimize
-mode is always selected when generating progressive JPEG files.)
-
-
-HINTS FOR DJPEG
-
-To get a quick preview of an image, use the -grayscale and/or -scale switches.
-"-grayscale -scale 1/8" is the fastest case.
-
-Several options are available that trade off image quality to gain speed.
-"-fast" turns on the recommended settings.
-
-"-dct fast" and/or "-nosmooth" gain speed at a small sacrifice in quality.
-When producing a color-quantized image, "-onepass -dither ordered" is fast but
-much lower quality than the default behavior.  "-dither none" may give
-acceptable results in two-pass mode, but is seldom tolerable in one-pass mode.
-
-
-HINTS FOR BOTH PROGRAMS
-
-If the memory needed by cjpeg or djpeg exceeds the limit specified by
--maxmemory, an error will occur.  You can leave out -progressive and -optimize
-(for cjpeg) or specify -onepass (for djpeg) to reduce memory usage.
-
-On machines that have "environment" variables, you can define the environment
-variable JPEGMEM to set the default memory limit.  The value is specified as
-described for the -maxmemory switch.  JPEGMEM overrides the default value
-specified when the program was compiled, and itself is overridden by an
-explicit -maxmemory switch.
-
-
-JPEGTRAN
-
-jpegtran performs various useful transformations of JPEG files.
-It can translate the coded representation from one variant of JPEG to another,
-for example from baseline JPEG to progressive JPEG or vice versa.  It can also
-perform some rearrangements of the image data, for example turning an image
-from landscape to portrait format by rotation.  For EXIF files and JPEG files
-containing Exif data, you may prefer to use exiftran instead.
-
-jpegtran works by rearranging the compressed data (DCT coefficients), without
-ever fully decoding the image.  Therefore, its transformations are lossless:
-there is no image degradation at all, which would not be true if you used
-djpeg followed by cjpeg to accomplish the same conversion.  But by the same
-token, jpegtran cannot perform lossy operations such as changing the image
-quality.  However, while the image data is losslessly transformed, metadata
-can be removed.  See the -copy option for specifics.
-
-jpegtran uses a command line syntax similar to cjpeg or djpeg.
-On Unix-like systems, you say:
-        jpegtran [switches] [inputfile] >outputfile
-On most non-Unix systems, you say:
-        jpegtran [switches] inputfile outputfile
-where both the input and output files are JPEG files.
-
-To specify the coded JPEG representation used in the output file,
-jpegtran accepts a subset of the switches recognized by cjpeg:
-        -optimize       Perform optimization of entropy encoding parameters.
-        -progressive    Create progressive JPEG file.
-        -arithmetic     Use arithmetic coding.
-        -restart N      Emit a JPEG restart marker every N MCU rows, or every
-                        N MCU blocks if "B" is attached to the number.
-        -scans file     Use the scan script given in the specified text file.
-See the previous discussion of cjpeg for more details about these switches.
-If you specify none of these switches, you get a plain baseline-JPEG output
-file.  The quality setting and so forth are determined by the input file.
-
-The image can be losslessly transformed by giving one of these switches:
-        -flip horizontal        Mirror image horizontally (left-right).
-        -flip vertical          Mirror image vertically (top-bottom).
-        -rotate 90              Rotate image 90 degrees clockwise.
-        -rotate 180             Rotate image 180 degrees.
-        -rotate 270             Rotate image 270 degrees clockwise (or 90 ccw).
-        -transpose              Transpose image (across UL-to-LR axis).
-        -transverse             Transverse transpose (across UR-to-LL axis).
-
-The transpose transformation has no restrictions regarding image dimensions.
-The other transformations operate rather oddly if the image dimensions are not
-a multiple of the iMCU size (usually 8 or 16 pixels), because they can only
-transform complete blocks of DCT coefficient data in the desired way.
-
-jpegtran's default behavior when transforming an odd-size image is designed
-to preserve exact reversibility and mathematical consistency of the
-transformation set.  As stated, transpose is able to flip the entire image
-area.  Horizontal mirroring leaves any partial iMCU column at the right edge
-untouched, but is able to flip all rows of the image.  Similarly, vertical
-mirroring leaves any partial iMCU row at the bottom edge untouched, but is
-able to flip all columns.  The other transforms can be built up as sequences
-of transpose and flip operations; for consistency, their actions on edge
-pixels are defined to be the same as the end result of the corresponding
-transpose-and-flip sequence.
-
-For practical use, you may prefer to discard any untransformable edge pixels
-rather than having a strange-looking strip along the right and/or bottom edges
-of a transformed image.  To do this, add the -trim switch:
-        -trim           Drop non-transformable edge blocks.
-Obviously, a transformation with -trim is not reversible, so strictly speaking
-jpegtran with this switch is not lossless.  Also, the expected mathematical
-equivalences between the transformations no longer hold.  For example,
-"-rot 270 -trim" trims only the bottom edge, but "-rot 90 -trim" followed by
-"-rot 180 -trim" trims both edges.
-
-If you are only interested in perfect transformations, add the -perfect switch:
-        -perfect        Fail with an error if the transformation is not
-                        perfect.
-For example, you may want to do
-  jpegtran -rot 90 -perfect foo.jpg || djpeg foo.jpg | pnmflip -r90 | cjpeg
-to do a perfect rotation, if available, or an approximated one if not.
-
-This version of jpegtran also offers a lossless crop option, which discards
-data outside of a given image region but losslessly preserves what is inside.
-Like the rotate and flip transforms, lossless crop is restricted by the current
-JPEG format; the upper left corner of the selected region must fall on an iMCU
-boundary.  If it doesn't, then it is silently moved up and/or left to the
-nearest iMCU boundary (the lower right corner is unchanged.)  Thus, the output
-image covers at least the requested region, but it may cover more.  The
-adjustment of the region dimensions may be optionally disabled by attaching an
-'f' character ("force") to the width or height number.
-
-The image can be losslessly cropped by giving the switch:
-        -crop WxH+X+Y   Crop to a rectangular region of width W and height H,
-                        starting at point X,Y.
-
-If W or H is larger than the width/height of the input image, then the output
-image is expanded in size, and the expanded region is filled in with zeros
-(neutral gray).  Attaching an 'f' character ("flatten") to the width number
-will cause each block in the expanded region to be filled in with the DC
-coefficient of the nearest block in the input image rather than grayed out.
-Attaching an 'r' character ("reflect") to the width number will cause the
-expanded region to be filled in with repeated reflections of the input image
-rather than grayed out.
-
-A complementary lossless wipe option is provided to discard (gray out) data
-inside a given image region while losslessly preserving what is outside:
-        -wipe WxH+X+Y   Wipe (gray out) a rectangular region of width W and
-                        height H from the input image, starting at point X,Y.
-
-Attaching an 'f' character ("flatten") to the width number will cause the
-region to be filled with the average of adjacent blocks rather than grayed out.
-If the wipe region and the region outside the wipe region, when adjusted to the
-nearest iMCU boundary, form two horizontally adjacent rectangles, then
-attaching an 'r' character ("reflect") to the width number will cause the wipe
-region to be filled with repeated reflections of the outside region rather than
-grayed out.
-
-A lossless drop option is also provided, which allows another JPEG image to be
-inserted ("dropped") into the input image data at a given position, replacing
-the existing image data at that position:
-        -drop +X+Y filename     Drop (insert) another image at point X,Y
-
-Both the input image and the drop image must have the same subsampling level.
-It is best if they also have the same quantization (quality.)  Otherwise, the
-quantization of the output image will be adapted to accommodate the higher of
-the input image quality and the drop image quality.  The trim option can be
-used with the drop option to requantize the drop image to match the input
-image.  Note that a grayscale image can be dropped into a full-color image or
-vice versa, as long as the full-color image has no vertical subsampling.  If
-the input image is grayscale and the drop image is full-color, then the
-chrominance channels from the drop image will be discarded.
-
-Other not-strictly-lossless transformation switches are:
-
-        -grayscale      Force grayscale output.
-This option discards the chrominance channels if the input image is YCbCr
-(ie, a standard color JPEG), resulting in a grayscale JPEG file.  The
-luminance channel is preserved exactly, so this is a better method of reducing
-to grayscale than decompression, conversion, and recompression.  This switch
-is particularly handy for fixing a monochrome picture that was mistakenly
-encoded as a color JPEG.  (In such a case, the space savings from getting rid
-of the near-empty chroma channels won't be large; but the decoding time for
-a grayscale JPEG is substantially less than that for a color JPEG.)
-
-jpegtran also recognizes these switches that control what to do with "extra"
-markers, such as comment blocks:
-        -copy none      Copy no extra markers from source file.  This setting
-                        suppresses all comments and other metadata in the
-                        source file.
-        -copy comments  Copy only comment markers.  This setting copies
-                        comments from the source file but discards any other
-                        metadata.
-        -copy all       Copy all extra markers.  This setting preserves
-                        miscellaneous markers found in the source file, such
-                        as JFIF thumbnails, Exif data, and Photoshop settings.
-                        In some files, these extra markers can be sizable.
-                        Note that this option will copy thumbnails as-is;
-                        they will not be transformed.
-The default behavior is -copy comments.  (Note: in IJG releases v6 and v6a,
-jpegtran always did the equivalent of -copy none.)
-
-Additional switches recognized by jpegtran are:
-        -outfile filename
-        -maxmemory N
-        -verbose
-        -debug
-These work the same as in cjpeg or djpeg.
-
-
-THE COMMENT UTILITIES
-
-The JPEG standard allows "comment" (COM) blocks to occur within a JPEG file.
-Although the standard doesn't actually define what COM blocks are for, they
-are widely used to hold user-supplied text strings.  This lets you add
-annotations, titles, index terms, etc to your JPEG files, and later retrieve
-them as text.  COM blocks do not interfere with the image stored in the JPEG
-file.  The maximum size of a COM block is 64K, but you can have as many of
-them as you like in one JPEG file.
-
-We provide two utility programs to display COM block contents and add COM
-blocks to a JPEG file.
-
-rdjpgcom searches a JPEG file and prints the contents of any COM blocks on
-standard output.  The command line syntax is
-        rdjpgcom [-raw] [-verbose] [inputfilename]
-The switch "-raw" (or just "-r") causes rdjpgcom to output non-printable
-characters in JPEG comments.  These characters are normally escaped for
-security reasons.
-The switch "-verbose" (or just "-v") causes rdjpgcom to also display the JPEG
-image dimensions.  If you omit the input file name from the command line,
-the JPEG file is read from standard input.  (This may not work on some
-operating systems, if binary data can't be read from stdin.)
-
-wrjpgcom adds a COM block, containing text you provide, to a JPEG file.
-Ordinarily, the COM block is added after any existing COM blocks, but you
-can delete the old COM blocks if you wish.  wrjpgcom produces a new JPEG
-file; it does not modify the input file.  DO NOT try to overwrite the input
-file by directing wrjpgcom's output back into it; on most systems this will
-just destroy your file.
-
-The command line syntax for wrjpgcom is similar to cjpeg's.  On Unix-like
-systems, it is
-        wrjpgcom [switches] [inputfilename]
-The output file is written to standard output.  The input file comes from
-the named file, or from standard input if no input file is named.
-
-On most non-Unix systems, the syntax is
-        wrjpgcom [switches] inputfilename outputfilename
-where both input and output file names must be given explicitly.
-
-wrjpgcom understands three switches:
-        -replace                 Delete any existing COM blocks from the file.
-        -comment "Comment text"  Supply new COM text on command line.
-        -cfile name              Read text for new COM block from named file.
-(Switch names can be abbreviated.)  If you have only one line of comment text
-to add, you can provide it on the command line with -comment.  The comment
-text must be surrounded with quotes so that it is treated as a single
-argument.  Longer comments can be read from a text file.
-
-If you give neither -comment nor -cfile, then wrjpgcom will read the comment
-text from standard input.  (In this case an input image file name MUST be
-supplied, so that the source JPEG file comes from somewhere else.)  You can
-enter multiple lines, up to 64KB worth.  Type an end-of-file indicator
-(usually control-D or control-Z) to terminate the comment text entry.
-
-wrjpgcom will not add a COM block if the provided comment string is empty.
-Therefore -replace -comment "" can be used to delete all COM blocks from a
-file.
-
-These utility programs do not depend on the IJG JPEG library.  In
-particular, the source code for rdjpgcom is intended as an illustration of
-the minimum amount of code required to parse a JPEG file header correctly.
diff --git a/3rdparty/libjpeg-turbo_2_1_0/win/gcc/projectTargets-release.cmake.in b/3rdparty/libjpeg-turbo_2_1_0/win/gcc/projectTargets-release.cmake.in
deleted file mode 100644
index 1e1a8a3..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/win/gcc/projectTargets-release.cmake.in
+++ /dev/null
@@ -1,49 +0,0 @@
-#----------------------------------------------------------------
-# Generated CMake target import file for configuration "Release".
-#----------------------------------------------------------------
-
-# Commands may need to know the format version.
-set(CMAKE_IMPORT_FILE_VERSION 1)
-
-# Import target "@CMAKE_PROJECT_NAME@::jpeg" for configuration "Release"
-set_property(TARGET @CMAKE_PROJECT_NAME@::jpeg APPEND PROPERTY IMPORTED_CONFIGURATIONS RELEASE)
-set_target_properties(@CMAKE_PROJECT_NAME@::jpeg PROPERTIES
-  IMPORTED_IMPLIB_RELEASE "${_IMPORT_PREFIX}/lib/libjpeg.dll.a"
-  IMPORTED_LOCATION_RELEASE "${_IMPORT_PREFIX}/bin/libjpeg-62.dll"
-  )
-
-list(APPEND _IMPORT_CHECK_TARGETS @CMAKE_PROJECT_NAME@::jpeg )
-list(APPEND _IMPORT_CHECK_FILES_FOR_@CMAKE_PROJECT_NAME@::jpeg "${_IMPORT_PREFIX}/lib/libjpeg.dll.a" "${_IMPORT_PREFIX}/bin/libjpeg-62.dll" )
-
-# Import target "@CMAKE_PROJECT_NAME@::turbojpeg" for configuration "Release"
-set_property(TARGET @CMAKE_PROJECT_NAME@::turbojpeg APPEND PROPERTY IMPORTED_CONFIGURATIONS RELEASE)
-set_target_properties(@CMAKE_PROJECT_NAME@::turbojpeg PROPERTIES
-  IMPORTED_IMPLIB_RELEASE "${_IMPORT_PREFIX}/lib/libturbojpeg.dll.a"
-  IMPORTED_LOCATION_RELEASE "${_IMPORT_PREFIX}/bin/libturbojpeg.dll"
-  )
-
-list(APPEND _IMPORT_CHECK_TARGETS @CMAKE_PROJECT_NAME@::turbojpeg )
-list(APPEND _IMPORT_CHECK_FILES_FOR_@CMAKE_PROJECT_NAME@::turbojpeg "${_IMPORT_PREFIX}/lib/libturbojpeg.dll.a" "${_IMPORT_PREFIX}/bin/libturbojpeg.dll" )
-
-# Import target "@CMAKE_PROJECT_NAME@::turbojpeg-static" for configuration "Release"
-set_property(TARGET @CMAKE_PROJECT_NAME@::turbojpeg-static APPEND PROPERTY IMPORTED_CONFIGURATIONS RELEASE)
-set_target_properties(@CMAKE_PROJECT_NAME@::turbojpeg-static PROPERTIES
-  IMPORTED_LINK_INTERFACE_LANGUAGES_RELEASE "ASM_NASM;C"
-  IMPORTED_LOCATION_RELEASE "${_IMPORT_PREFIX}/lib/libturbojpeg.a"
-  )
-
-list(APPEND _IMPORT_CHECK_TARGETS @CMAKE_PROJECT_NAME@::turbojpeg-static )
-list(APPEND _IMPORT_CHECK_FILES_FOR_@CMAKE_PROJECT_NAME@::turbojpeg-static "${_IMPORT_PREFIX}/lib/libturbojpeg.a" )
-
-# Import target "@CMAKE_PROJECT_NAME@::jpeg-static" for configuration "Release"
-set_property(TARGET @CMAKE_PROJECT_NAME@::jpeg-static APPEND PROPERTY IMPORTED_CONFIGURATIONS RELEASE)
-set_target_properties(@CMAKE_PROJECT_NAME@::jpeg-static PROPERTIES
-  IMPORTED_LINK_INTERFACE_LANGUAGES_RELEASE "ASM_NASM;C"
-  IMPORTED_LOCATION_RELEASE "${_IMPORT_PREFIX}/lib/libjpeg.a"
-  )
-
-list(APPEND _IMPORT_CHECK_TARGETS @CMAKE_PROJECT_NAME@::jpeg-static )
-list(APPEND _IMPORT_CHECK_FILES_FOR_@CMAKE_PROJECT_NAME@::jpeg-static "${_IMPORT_PREFIX}/lib/libjpeg.a" )
-
-# Commands beyond this point should not need to know the version.
-set(CMAKE_IMPORT_FILE_VERSION)
diff --git a/3rdparty/libjpeg-turbo_2_1_0/win/jconfig.h.in b/3rdparty/libjpeg-turbo_2_1_0/win/jconfig.h.in
deleted file mode 100644
index 13cceef..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/win/jconfig.h.in
+++ /dev/null
@@ -1,33 +0,0 @@
-#define JPEG_LIB_VERSION  @JPEG_LIB_VERSION@
-#define LIBJPEG_TURBO_VERSION  @VERSION@
-#define LIBJPEG_TURBO_VERSION_NUMBER  @LIBJPEG_TURBO_VERSION_NUMBER@
-
-#cmakedefine C_ARITH_CODING_SUPPORTED
-#cmakedefine D_ARITH_CODING_SUPPORTED
-#cmakedefine MEM_SRCDST_SUPPORTED
-#cmakedefine WITH_SIMD
-
-#define BITS_IN_JSAMPLE  @BITS_IN_JSAMPLE@      /* use 8 or 12 */
-
-#define HAVE_STDDEF_H
-#define HAVE_STDLIB_H
-#undef NEED_SYS_TYPES_H
-#undef NEED_BSD_STRINGS
-
-#define HAVE_UNSIGNED_CHAR
-#define HAVE_UNSIGNED_SHORT
-#undef INCOMPLETE_TYPES_BROKEN
-#undef RIGHT_SHIFT_IS_UNSIGNED
-
-/* Define "boolean" as unsigned char, not int, per Windows custom */
-#ifndef __RPCNDR_H__            /* don't conflict if rpcndr.h already read */
-typedef unsigned char boolean;
-#endif
-#define HAVE_BOOLEAN            /* prevent jmorecfg.h from redefining it */
-
-/* Define "INT32" as int, not long, per Windows custom */
-#if !(defined(_BASETSD_H_) || defined(_BASETSD_H))   /* don't conflict if basetsd.h already read */
-typedef short INT16;
-typedef signed int INT32;
-#endif
-#define XMD_H                   /* prevent jmorecfg.h from redefining it */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/win/jpeg62-memsrcdst.def b/3rdparty/libjpeg-turbo_2_1_0/win/jpeg62-memsrcdst.def
deleted file mode 100644
index 4d24a14..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/win/jpeg62-memsrcdst.def
+++ /dev/null
@@ -1,108 +0,0 @@
-EXPORTS
-  jcopy_block_row @ 1 ;
-  jcopy_sample_rows @ 2 ;
-  jdiv_round_up @ 3 ;
-  jinit_1pass_quantizer @ 4 ;
-  jinit_2pass_quantizer @ 5 ;
-  jinit_c_coef_controller @ 6 ;
-  jinit_c_main_controller @ 7 ;
-  jinit_c_master_control @ 8 ;
-  jinit_c_prep_controller @ 9 ;
-  jinit_color_converter @ 10 ;
-  jinit_color_deconverter @ 11 ;
-  jinit_compress_master @ 12 ;
-  jinit_d_coef_controller @ 13 ;
-  jinit_d_main_controller @ 14 ;
-  jinit_d_post_controller @ 15 ;
-  jinit_downsampler @ 16 ;
-  jinit_forward_dct @ 17 ;
-  jinit_huff_decoder @ 18 ;
-  jinit_huff_encoder @ 19 ;
-  jinit_input_controller @ 20 ;
-  jinit_inverse_dct @ 21 ;
-  jinit_marker_reader @ 22 ;
-  jinit_marker_writer @ 23 ;
-  jinit_master_decompress @ 24 ;
-  jinit_memory_mgr @ 25 ;
-  jinit_merged_upsampler @ 26 ;
-  jinit_phuff_decoder @ 27 ;
-  jinit_phuff_encoder @ 28 ;
-  jinit_upsampler @ 29 ;
-  jpeg_CreateCompress @ 30 ;
-  jpeg_CreateDecompress @ 31 ;
-  jpeg_abort @ 32 ;
-  jpeg_abort_compress @ 33 ;
-  jpeg_abort_decompress @ 34 ;
-  jpeg_add_quant_table @ 35 ;
-  jpeg_alloc_huff_table @ 36 ;
-  jpeg_alloc_quant_table @ 37 ;
-  jpeg_calc_output_dimensions @ 38 ;
-  jpeg_consume_input @ 39 ;
-  jpeg_copy_critical_parameters @ 40 ;
-  jpeg_default_colorspace @ 41 ;
-  jpeg_destroy @ 42 ;
-  jpeg_destroy_compress @ 43 ;
-  jpeg_destroy_decompress @ 44 ;
-  jpeg_fdct_float @ 45 ;
-  jpeg_fdct_ifast @ 46 ;
-  jpeg_fdct_islow @ 47 ;
-  jpeg_fill_bit_buffer @ 48 ;
-  jpeg_finish_compress @ 49 ;
-  jpeg_finish_decompress @ 50 ;
-  jpeg_finish_output @ 51 ;
-  jpeg_free_large @ 52 ;
-  jpeg_free_small @ 53 ;
-  jpeg_gen_optimal_table @ 54 ;
-  jpeg_get_large @ 55 ;
-  jpeg_get_small @ 56 ;
-  jpeg_has_multiple_scans @ 57 ;
-  jpeg_huff_decode @ 58 ;
-  jpeg_idct_1x1 @ 59 ;
-  jpeg_idct_2x2 @ 60 ;
-  jpeg_idct_4x4 @ 61 ;
-  jpeg_idct_float @ 62 ;
-  jpeg_idct_ifast @ 63 ;
-  jpeg_idct_islow @ 64 ;
-  jpeg_input_complete @ 65 ;
-  jpeg_make_c_derived_tbl @ 66 ;
-  jpeg_make_d_derived_tbl @ 67 ;
-  jpeg_mem_available @ 68 ;
-  jpeg_mem_init @ 69 ;
-  jpeg_mem_term @ 70 ;
-  jpeg_new_colormap @ 71 ;
-  jpeg_open_backing_store @ 72 ;
-  jpeg_quality_scaling @ 73 ;
-  jpeg_read_coefficients @ 74 ;
-  jpeg_read_header @ 75 ;
-  jpeg_read_raw_data @ 76 ;
-  jpeg_read_scanlines @ 77 ;
-  jpeg_resync_to_restart @ 78 ;
-  jpeg_save_markers @ 79 ;
-  jpeg_set_colorspace @ 80 ;
-  jpeg_set_defaults @ 81 ;
-  jpeg_set_linear_quality @ 82 ;
-  jpeg_set_marker_processor @ 83 ;
-  jpeg_set_quality @ 84 ;
-  jpeg_simple_progression @ 85 ;
-  jpeg_start_compress @ 86 ;
-  jpeg_start_decompress @ 87 ;
-  jpeg_start_output @ 88 ;
-  jpeg_std_error @ 89 ;
-  jpeg_stdio_dest @ 90 ;
-  jpeg_stdio_src @ 91 ;
-  jpeg_suppress_tables @ 92 ;
-  jpeg_write_coefficients @ 93 ;
-  jpeg_write_m_byte @ 94 ;
-  jpeg_write_m_header @ 95 ;
-  jpeg_write_marker @ 96 ;
-  jpeg_write_raw_data @ 97 ;
-  jpeg_write_scanlines @ 98 ;
-  jpeg_write_tables @ 99 ;
-  jround_up @ 100 ;
-  jzero_far @ 101 ;
-  jpeg_mem_dest @ 102 ;
-  jpeg_mem_src @ 103 ;
-  jpeg_skip_scanlines @ 104 ;
-  jpeg_crop_scanline @ 105 ;
-  jpeg_read_icc_profile @ 106 ;
-  jpeg_write_icc_profile @ 107 ;
diff --git a/3rdparty/libjpeg-turbo_2_1_0/win/jpeg62.def b/3rdparty/libjpeg-turbo_2_1_0/win/jpeg62.def
deleted file mode 100644
index f3c69b2..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/win/jpeg62.def
+++ /dev/null
@@ -1,106 +0,0 @@
-EXPORTS
-  jcopy_block_row @ 1 ;
-  jcopy_sample_rows @ 2 ;
-  jdiv_round_up @ 3 ;
-  jinit_1pass_quantizer @ 4 ;
-  jinit_2pass_quantizer @ 5 ;
-  jinit_c_coef_controller @ 6 ;
-  jinit_c_main_controller @ 7 ;
-  jinit_c_master_control @ 8 ;
-  jinit_c_prep_controller @ 9 ;
-  jinit_color_converter @ 10 ;
-  jinit_color_deconverter @ 11 ;
-  jinit_compress_master @ 12 ;
-  jinit_d_coef_controller @ 13 ;
-  jinit_d_main_controller @ 14 ;
-  jinit_d_post_controller @ 15 ;
-  jinit_downsampler @ 16 ;
-  jinit_forward_dct @ 17 ;
-  jinit_huff_decoder @ 18 ;
-  jinit_huff_encoder @ 19 ;
-  jinit_input_controller @ 20 ;
-  jinit_inverse_dct @ 21 ;
-  jinit_marker_reader @ 22 ;
-  jinit_marker_writer @ 23 ;
-  jinit_master_decompress @ 24 ;
-  jinit_memory_mgr @ 25 ;
-  jinit_merged_upsampler @ 26 ;
-  jinit_phuff_decoder @ 27 ;
-  jinit_phuff_encoder @ 28 ;
-  jinit_upsampler @ 29 ;
-  jpeg_CreateCompress @ 30 ;
-  jpeg_CreateDecompress @ 31 ;
-  jpeg_abort @ 32 ;
-  jpeg_abort_compress @ 33 ;
-  jpeg_abort_decompress @ 34 ;
-  jpeg_add_quant_table @ 35 ;
-  jpeg_alloc_huff_table @ 36 ;
-  jpeg_alloc_quant_table @ 37 ;
-  jpeg_calc_output_dimensions @ 38 ;
-  jpeg_consume_input @ 39 ;
-  jpeg_copy_critical_parameters @ 40 ;
-  jpeg_default_colorspace @ 41 ;
-  jpeg_destroy @ 42 ;
-  jpeg_destroy_compress @ 43 ;
-  jpeg_destroy_decompress @ 44 ;
-  jpeg_fdct_float @ 45 ;
-  jpeg_fdct_ifast @ 46 ;
-  jpeg_fdct_islow @ 47 ;
-  jpeg_fill_bit_buffer @ 48 ;
-  jpeg_finish_compress @ 49 ;
-  jpeg_finish_decompress @ 50 ;
-  jpeg_finish_output @ 51 ;
-  jpeg_free_large @ 52 ;
-  jpeg_free_small @ 53 ;
-  jpeg_gen_optimal_table @ 54 ;
-  jpeg_get_large @ 55 ;
-  jpeg_get_small @ 56 ;
-  jpeg_has_multiple_scans @ 57 ;
-  jpeg_huff_decode @ 58 ;
-  jpeg_idct_1x1 @ 59 ;
-  jpeg_idct_2x2 @ 60 ;
-  jpeg_idct_4x4 @ 61 ;
-  jpeg_idct_float @ 62 ;
-  jpeg_idct_ifast @ 63 ;
-  jpeg_idct_islow @ 64 ;
-  jpeg_input_complete @ 65 ;
-  jpeg_make_c_derived_tbl @ 66 ;
-  jpeg_make_d_derived_tbl @ 67 ;
-  jpeg_mem_available @ 68 ;
-  jpeg_mem_init @ 69 ;
-  jpeg_mem_term @ 70 ;
-  jpeg_new_colormap @ 71 ;
-  jpeg_open_backing_store @ 72 ;
-  jpeg_quality_scaling @ 73 ;
-  jpeg_read_coefficients @ 74 ;
-  jpeg_read_header @ 75 ;
-  jpeg_read_raw_data @ 76 ;
-  jpeg_read_scanlines @ 77 ;
-  jpeg_resync_to_restart @ 78 ;
-  jpeg_save_markers @ 79 ;
-  jpeg_set_colorspace @ 80 ;
-  jpeg_set_defaults @ 81 ;
-  jpeg_set_linear_quality @ 82 ;
-  jpeg_set_marker_processor @ 83 ;
-  jpeg_set_quality @ 84 ;
-  jpeg_simple_progression @ 85 ;
-  jpeg_start_compress @ 86 ;
-  jpeg_start_decompress @ 87 ;
-  jpeg_start_output @ 88 ;
-  jpeg_std_error @ 89 ;
-  jpeg_stdio_dest @ 90 ;
-  jpeg_stdio_src @ 91 ;
-  jpeg_suppress_tables @ 92 ;
-  jpeg_write_coefficients @ 93 ;
-  jpeg_write_m_byte @ 94 ;
-  jpeg_write_m_header @ 95 ;
-  jpeg_write_marker @ 96 ;
-  jpeg_write_raw_data @ 97 ;
-  jpeg_write_scanlines @ 98 ;
-  jpeg_write_tables @ 99 ;
-  jround_up @ 100 ;
-  jzero_far @ 101 ;
-  jpeg_skip_scanlines @ 102 ;
-  jpeg_crop_scanline @ 103 ;
-  jpeg_read_icc_profile @ 104 ;
-  jpeg_write_icc_profile @ 105 ;
diff --git a/3rdparty/libjpeg-turbo_2_1_0/win/jpeg7-memsrcdst.def b/3rdparty/libjpeg-turbo_2_1_0/win/jpeg7-memsrcdst.def
deleted file mode 100644
index a005aff..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/win/jpeg7-memsrcdst.def
+++ /dev/null
@@ -1,110 +0,0 @@
-EXPORTS
-  jcopy_block_row @ 1 ;
-  jcopy_sample_rows @ 2 ;
-  jdiv_round_up @ 3 ;
-  jinit_1pass_quantizer @ 4 ;
-  jinit_2pass_quantizer @ 5 ;
-  jinit_c_coef_controller @ 6 ;
-  jinit_c_main_controller @ 7 ;
-  jinit_c_master_control @ 8 ;
-  jinit_c_prep_controller @ 9 ;
-  jinit_color_converter @ 10 ;
-  jinit_color_deconverter @ 11 ;
-  jinit_compress_master @ 12 ;
-  jinit_d_coef_controller @ 13 ;
-  jinit_d_main_controller @ 14 ;
-  jinit_d_post_controller @ 15 ;
-  jinit_downsampler @ 16 ;
-  jinit_forward_dct @ 17 ;
-  jinit_huff_decoder @ 18 ;
-  jinit_huff_encoder @ 19 ;
-  jinit_input_controller @ 20 ;
-  jinit_inverse_dct @ 21 ;
-  jinit_marker_reader @ 22 ;
-  jinit_marker_writer @ 23 ;
-  jinit_master_decompress @ 24 ;
-  jinit_memory_mgr @ 25 ;
-  jinit_merged_upsampler @ 26 ;
-  jinit_phuff_decoder @ 27 ;
-  jinit_phuff_encoder @ 28 ;
-  jinit_upsampler @ 29 ;
-  jpeg_CreateCompress @ 30 ;
-  jpeg_CreateDecompress @ 31 ;
-  jpeg_abort @ 32 ;
-  jpeg_abort_compress @ 33 ;
-  jpeg_abort_decompress @ 34 ;
-  jpeg_add_quant_table @ 35 ;
-  jpeg_alloc_huff_table @ 36 ;
-  jpeg_alloc_quant_table @ 37 ;
-  jpeg_calc_jpeg_dimensions @ 38 ;
-  jpeg_calc_output_dimensions @ 39 ;
-  jpeg_consume_input @ 40 ;
-  jpeg_copy_critical_parameters @ 41 ;
-  jpeg_default_colorspace @ 42 ;
-  jpeg_default_qtables @ 43 ;
-  jpeg_destroy @ 44 ;
-  jpeg_destroy_compress @ 45 ;
-  jpeg_destroy_decompress @ 46 ;
-  jpeg_fdct_float @ 47 ;
-  jpeg_fdct_ifast @ 48 ;
-  jpeg_fdct_islow @ 49 ;
-  jpeg_fill_bit_buffer @ 50 ;
-  jpeg_finish_compress @ 51 ;
-  jpeg_finish_decompress @ 52 ;
-  jpeg_finish_output @ 53 ;
-  jpeg_free_large @ 54 ;
-  jpeg_free_small @ 55 ;
-  jpeg_gen_optimal_table @ 56 ;
-  jpeg_get_large @ 57 ;
-  jpeg_get_small @ 58 ;
-  jpeg_has_multiple_scans @ 59 ;
-  jpeg_huff_decode @ 60 ;
-  jpeg_idct_1x1 @ 61 ;
-  jpeg_idct_2x2 @ 62 ;
-  jpeg_idct_4x4 @ 63 ;
-  jpeg_idct_float @ 64 ;
-  jpeg_idct_ifast @ 65 ;
-  jpeg_idct_islow @ 66 ;
-  jpeg_input_complete @ 67 ;
-  jpeg_make_c_derived_tbl @ 68 ;
-  jpeg_make_d_derived_tbl @ 69 ;
-  jpeg_mem_available @ 70 ;
-  jpeg_mem_init @ 71 ;
-  jpeg_mem_term @ 72 ;
-  jpeg_new_colormap @ 73 ;
-  jpeg_open_backing_store @ 74 ;
-  jpeg_quality_scaling @ 75 ;
-  jpeg_read_coefficients @ 76 ;
-  jpeg_read_header @ 77 ;
-  jpeg_read_raw_data @ 78 ;
-  jpeg_read_scanlines @ 79 ;
-  jpeg_resync_to_restart @ 80 ;
-  jpeg_save_markers @ 81 ;
-  jpeg_set_colorspace @ 82 ;
-  jpeg_set_defaults @ 83 ;
-  jpeg_set_linear_quality @ 84 ;
-  jpeg_set_marker_processor @ 85 ;
-  jpeg_set_quality @ 86 ;
-  jpeg_simple_progression @ 87 ;
-  jpeg_start_compress @ 88 ;
-  jpeg_start_decompress @ 89 ;
-  jpeg_start_output @ 90 ;
-  jpeg_std_error @ 91 ;
-  jpeg_stdio_dest @ 92 ;
-  jpeg_stdio_src @ 93 ;
-  jpeg_suppress_tables @ 94 ;
-  jpeg_write_coefficients @ 95 ;
-  jpeg_write_m_byte @ 96 ;
-  jpeg_write_m_header @ 97 ;
-  jpeg_write_marker @ 98 ;
-  jpeg_write_raw_data @ 99 ;
-  jpeg_write_scanlines @ 100 ;
-  jpeg_write_tables @ 101 ;
-  jround_up @ 102 ;
-  jzero_far @ 103 ;
-  jpeg_mem_dest @ 104 ;
-  jpeg_mem_src @ 105 ;
-  jpeg_skip_scanlines @ 106 ;
-  jpeg_crop_scanline @ 107 ;
-  jpeg_read_icc_profile @ 108 ;
-  jpeg_write_icc_profile @ 109 ;
diff --git a/3rdparty/libjpeg-turbo_2_1_0/win/jpeg7.def b/3rdparty/libjpeg-turbo_2_1_0/win/jpeg7.def
deleted file mode 100644
index 49f4c02..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/win/jpeg7.def
+++ /dev/null
@@ -1,108 +0,0 @@
-EXPORTS
-  jcopy_block_row @ 1 ;
-  jcopy_sample_rows @ 2 ;
-  jdiv_round_up @ 3 ;
-  jinit_1pass_quantizer @ 4 ;
-  jinit_2pass_quantizer @ 5 ;
-  jinit_c_coef_controller @ 6 ;
-  jinit_c_main_controller @ 7 ;
-  jinit_c_master_control @ 8 ;
-  jinit_c_prep_controller @ 9 ;
-  jinit_color_converter @ 10 ;
-  jinit_color_deconverter @ 11 ;
-  jinit_compress_master @ 12 ;
-  jinit_d_coef_controller @ 13 ;
-  jinit_d_main_controller @ 14 ;
-  jinit_d_post_controller @ 15 ;
-  jinit_downsampler @ 16 ;
-  jinit_forward_dct @ 17 ;
-  jinit_huff_decoder @ 18 ;
-  jinit_huff_encoder @ 19 ;
-  jinit_input_controller @ 20 ;
-  jinit_inverse_dct @ 21 ;
-  jinit_marker_reader @ 22 ;
-  jinit_marker_writer @ 23 ;
-  jinit_master_decompress @ 24 ;
-  jinit_memory_mgr @ 25 ;
-  jinit_merged_upsampler @ 26 ;
-  jinit_phuff_decoder @ 27 ;
-  jinit_phuff_encoder @ 28 ;
-  jinit_upsampler @ 29 ;
-  jpeg_CreateCompress @ 30 ;
-  jpeg_CreateDecompress @ 31 ;
-  jpeg_abort @ 32 ;
-  jpeg_abort_compress @ 33 ;
-  jpeg_abort_decompress @ 34 ;
-  jpeg_add_quant_table @ 35 ;
-  jpeg_alloc_huff_table @ 36 ;
-  jpeg_alloc_quant_table @ 37 ;
-  jpeg_calc_jpeg_dimensions @ 38 ;
-  jpeg_calc_output_dimensions @ 39 ;
-  jpeg_consume_input @ 40 ;
-  jpeg_copy_critical_parameters @ 41 ;
-  jpeg_default_colorspace @ 42 ;
-  jpeg_default_qtables @ 43 ;
-  jpeg_destroy @ 44 ;
-  jpeg_destroy_compress @ 45 ;
-  jpeg_destroy_decompress @ 46 ;
-  jpeg_fdct_float @ 47 ;
-  jpeg_fdct_ifast @ 48 ;
-  jpeg_fdct_islow @ 49 ;
-  jpeg_fill_bit_buffer @ 50 ;
-  jpeg_finish_compress @ 51 ;
-  jpeg_finish_decompress @ 52 ;
-  jpeg_finish_output @ 53 ;
-  jpeg_free_large @ 54 ;
-  jpeg_free_small @ 55 ;
-  jpeg_gen_optimal_table @ 56 ;
-  jpeg_get_large @ 57 ;
-  jpeg_get_small @ 58 ;
-  jpeg_has_multiple_scans @ 59 ;
-  jpeg_huff_decode @ 60 ;
-  jpeg_idct_1x1 @ 61 ;
-  jpeg_idct_2x2 @ 62 ;
-  jpeg_idct_4x4 @ 63 ;
-  jpeg_idct_float @ 64 ;
-  jpeg_idct_ifast @ 65 ;
-  jpeg_idct_islow @ 66 ;
-  jpeg_input_complete @ 67 ;
-  jpeg_make_c_derived_tbl @ 68 ;
-  jpeg_make_d_derived_tbl @ 69 ;
-  jpeg_mem_available @ 70 ;
-  jpeg_mem_init @ 71 ;
-  jpeg_mem_term @ 72 ;
-  jpeg_new_colormap @ 73 ;
-  jpeg_open_backing_store @ 74 ;
-  jpeg_quality_scaling @ 75 ;
-  jpeg_read_coefficients @ 76 ;
-  jpeg_read_header @ 77 ;
-  jpeg_read_raw_data @ 78 ;
-  jpeg_read_scanlines @ 79 ;
-  jpeg_resync_to_restart @ 80 ;
-  jpeg_save_markers @ 81 ;
-  jpeg_set_colorspace @ 82 ;
-  jpeg_set_defaults @ 83 ;
-  jpeg_set_linear_quality @ 84 ;
-  jpeg_set_marker_processor @ 85 ;
-  jpeg_set_quality @ 86 ;
-  jpeg_simple_progression @ 87 ;
-  jpeg_start_compress @ 88 ;
-  jpeg_start_decompress @ 89 ;
-  jpeg_start_output @ 90 ;
-  jpeg_std_error @ 91 ;
-  jpeg_stdio_dest @ 92 ;
-  jpeg_stdio_src @ 93 ;
-  jpeg_suppress_tables @ 94 ;
-  jpeg_write_coefficients @ 95 ;
-  jpeg_write_m_byte @ 96 ;
-  jpeg_write_m_header @ 97 ;
-  jpeg_write_marker @ 98 ;
-  jpeg_write_raw_data @ 99 ;
-  jpeg_write_scanlines @ 100 ;
-  jpeg_write_tables @ 101 ;
-  jround_up @ 102 ;
-  jzero_far @ 103 ;
-  jpeg_skip_scanlines @ 104 ;
-  jpeg_crop_scanline @ 105 ;
-  jpeg_read_icc_profile @ 106 ;
-  jpeg_write_icc_profile @ 107 ;
diff --git a/3rdparty/libjpeg-turbo_2_1_0/win/jpeg8.def b/3rdparty/libjpeg-turbo_2_1_0/win/jpeg8.def
deleted file mode 100644
index 0a53125..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/win/jpeg8.def
+++ /dev/null
@@ -1,111 +0,0 @@
-EXPORTS
-  jcopy_block_row @ 1 ;
-  jcopy_sample_rows @ 2 ;
-  jdiv_round_up @ 3 ;
-  jinit_1pass_quantizer @ 4 ;
-  jinit_2pass_quantizer @ 5 ;
-  jinit_c_coef_controller @ 6 ;
-  jinit_c_main_controller @ 7 ;
-  jinit_c_master_control @ 8 ;
-  jinit_c_prep_controller @ 9 ;
-  jinit_color_converter @ 10 ;
-  jinit_color_deconverter @ 11 ;
-  jinit_compress_master @ 12 ;
-  jinit_d_coef_controller @ 13 ;
-  jinit_d_main_controller @ 14 ;
-  jinit_d_post_controller @ 15 ;
-  jinit_downsampler @ 16 ;
-  jinit_forward_dct @ 17 ;
-  jinit_huff_decoder @ 18 ;
-  jinit_huff_encoder @ 19 ;
-  jinit_input_controller @ 20 ;
-  jinit_inverse_dct @ 21 ;
-  jinit_marker_reader @ 22 ;
-  jinit_marker_writer @ 23 ;
-  jinit_master_decompress @ 24 ;
-  jinit_memory_mgr @ 25 ;
-  jinit_merged_upsampler @ 26 ;
-  jinit_phuff_decoder @ 27 ;
-  jinit_phuff_encoder @ 28 ;
-  jinit_upsampler @ 29 ;
-  jpeg_CreateCompress @ 30 ;
-  jpeg_CreateDecompress @ 31 ;
-  jpeg_abort @ 32 ;
-  jpeg_abort_compress @ 33 ;
-  jpeg_abort_decompress @ 34 ;
-  jpeg_add_quant_table @ 35 ;
-  jpeg_alloc_huff_table @ 36 ;
-  jpeg_alloc_quant_table @ 37 ;
-  jpeg_calc_jpeg_dimensions @ 38 ;
-  jpeg_calc_output_dimensions @ 39 ;
-  jpeg_consume_input @ 40 ;
-  jpeg_copy_critical_parameters @ 41 ;
-  jpeg_core_output_dimensions @ 42 ;
-  jpeg_default_colorspace @ 43 ;
-  jpeg_default_qtables @ 44 ;
-  jpeg_destroy @ 45 ;
-  jpeg_destroy_compress @ 46 ;
-  jpeg_destroy_decompress @ 47 ;
-  jpeg_fdct_float @ 48 ;
-  jpeg_fdct_ifast @ 49 ;
-  jpeg_fdct_islow @ 50 ;
-  jpeg_fill_bit_buffer @ 51 ;
-  jpeg_finish_compress @ 52 ;
-  jpeg_finish_decompress @ 53 ;
-  jpeg_finish_output @ 54 ;
-  jpeg_free_large @ 55 ;
-  jpeg_free_small @ 56 ;
-  jpeg_gen_optimal_table @ 57 ;
-  jpeg_get_large @ 58 ;
-  jpeg_get_small @ 59 ;
-  jpeg_has_multiple_scans @ 60 ;
-  jpeg_huff_decode @ 61 ;
-  jpeg_idct_1x1 @ 62 ;
-  jpeg_idct_2x2 @ 63 ;
-  jpeg_idct_4x4 @ 64 ;
-  jpeg_idct_float @ 65 ;
-  jpeg_idct_ifast @ 66 ;
-  jpeg_idct_islow @ 67 ;
-  jpeg_input_complete @ 68 ;
-  jpeg_make_c_derived_tbl @ 69 ;
-  jpeg_make_d_derived_tbl @ 70 ;
-  jpeg_mem_available @ 71 ;
-  jpeg_mem_dest @ 72 ;
-  jpeg_mem_init @ 73 ;
-  jpeg_mem_src @ 74 ;
-  jpeg_mem_term @ 75 ;
-  jpeg_new_colormap @ 76 ;
-  jpeg_open_backing_store @ 77 ;
-  jpeg_quality_scaling @ 78 ;
-  jpeg_read_coefficients @ 79 ;
-  jpeg_read_header @ 80 ;
-  jpeg_read_raw_data @ 81 ;
-  jpeg_read_scanlines @ 82 ;
-  jpeg_resync_to_restart @ 83 ;
-  jpeg_save_markers @ 84 ;
-  jpeg_set_colorspace @ 85 ;
-  jpeg_set_defaults @ 86 ;
-  jpeg_set_linear_quality @ 87 ;
-  jpeg_set_marker_processor @ 88 ;
-  jpeg_set_quality @ 89 ;
-  jpeg_simple_progression @ 90 ;
-  jpeg_start_compress @ 91 ;
-  jpeg_start_decompress @ 92 ;
-  jpeg_start_output @ 93 ;
-  jpeg_std_error @ 94 ;
-  jpeg_stdio_dest @ 95 ;
-  jpeg_stdio_src @ 96 ;
-  jpeg_suppress_tables @ 97 ;
-  jpeg_write_coefficients @ 98 ;
-  jpeg_write_m_byte @ 99 ;
-  jpeg_write_m_header @ 100 ;
-  jpeg_write_marker @ 101 ;
-  jpeg_write_raw_data @ 102 ;
-  jpeg_write_scanlines @ 103 ;
-  jpeg_write_tables @ 104 ;
-  jround_up @ 105 ;
-  jzero_far @ 106 ;
-  jpeg_skip_scanlines @ 107 ;
-  jpeg_crop_scanline @ 108 ;
-  jpeg_read_icc_profile @ 109 ;
-  jpeg_write_icc_profile @ 110 ;
diff --git a/3rdparty/libjpeg-turbo_2_1_0/win/projectTargets.cmake.in b/3rdparty/libjpeg-turbo_2_1_0/win/projectTargets.cmake.in
deleted file mode 100644
index 05ab498..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/win/projectTargets.cmake.in
+++ /dev/null
@@ -1,115 +0,0 @@
-# Generated by CMake
-
-if("${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION}" LESS 2.5)
-   message(FATAL_ERROR "CMake >= 2.6.0 required")
-endif()
-cmake_policy(PUSH)
-cmake_policy(VERSION 2.6)
-#----------------------------------------------------------------
-# Generated CMake target import file.
-#----------------------------------------------------------------
-
-# Commands may need to know the format version.
-set(CMAKE_IMPORT_FILE_VERSION 1)
-
-# Protect against multiple inclusion, which would fail when already imported targets are added once more.
-set(_targetsDefined)
-set(_targetsNotDefined)
-set(_expectedTargets)
-foreach(_expectedTarget @CMAKE_PROJECT_NAME@::jpeg @CMAKE_PROJECT_NAME@::turbojpeg @CMAKE_PROJECT_NAME@::turbojpeg-static @CMAKE_PROJECT_NAME@::jpeg-static)
-  list(APPEND _expectedTargets ${_expectedTarget})
-  if(NOT TARGET ${_expectedTarget})
-    list(APPEND _targetsNotDefined ${_expectedTarget})
-  endif()
-  if(TARGET ${_expectedTarget})
-    list(APPEND _targetsDefined ${_expectedTarget})
-  endif()
-endforeach()
-if("${_targetsDefined}" STREQUAL "${_expectedTargets}")
-  unset(_targetsDefined)
-  unset(_targetsNotDefined)
-  unset(_expectedTargets)
-  set(CMAKE_IMPORT_FILE_VERSION)
-  cmake_policy(POP)
-  return()
-endif()
-if(NOT "${_targetsDefined}" STREQUAL "")
-  message(FATAL_ERROR "Some (but not all) targets in this export set were already defined.\nTargets Defined: ${_targetsDefined}\nTargets not yet defined: ${_targetsNotDefined}\n")
-endif()
-unset(_targetsDefined)
-unset(_targetsNotDefined)
-unset(_expectedTargets)
-
-
-# Compute the installation prefix relative to this file.
-get_filename_component(_IMPORT_PREFIX "${CMAKE_CURRENT_LIST_FILE}" PATH)
-get_filename_component(_IMPORT_PREFIX "${_IMPORT_PREFIX}" PATH)
-get_filename_component(_IMPORT_PREFIX "${_IMPORT_PREFIX}" PATH)
-get_filename_component(_IMPORT_PREFIX "${_IMPORT_PREFIX}" PATH)
-if(_IMPORT_PREFIX STREQUAL "/")
-  set(_IMPORT_PREFIX "")
-endif()
-
-# Create imported target @CMAKE_PROJECT_NAME@::jpeg
-add_library(@CMAKE_PROJECT_NAME@::jpeg SHARED IMPORTED)
-
-set_target_properties(@CMAKE_PROJECT_NAME@::jpeg PROPERTIES
-  INTERFACE_INCLUDE_DIRECTORIES "${_IMPORT_PREFIX}/include"
-)
-
-# Create imported target @CMAKE_PROJECT_NAME@::turbojpeg
-add_library(@CMAKE_PROJECT_NAME@::turbojpeg SHARED IMPORTED)
-
-set_target_properties(@CMAKE_PROJECT_NAME@::turbojpeg PROPERTIES
-  INTERFACE_INCLUDE_DIRECTORIES "${_IMPORT_PREFIX}/include"
-)
-
-# Create imported target @CMAKE_PROJECT_NAME@::turbojpeg-static
-add_library(@CMAKE_PROJECT_NAME@::turbojpeg-static STATIC IMPORTED)
-
-set_target_properties(@CMAKE_PROJECT_NAME@::turbojpeg-static PROPERTIES
-  INTERFACE_INCLUDE_DIRECTORIES "${_IMPORT_PREFIX}/include"
-)
-
-# Create imported target @CMAKE_PROJECT_NAME@::jpeg-static
-add_library(@CMAKE_PROJECT_NAME@::jpeg-static STATIC IMPORTED)
-
-set_target_properties(@CMAKE_PROJECT_NAME@::jpeg-static PROPERTIES
-  INTERFACE_INCLUDE_DIRECTORIES "${_IMPORT_PREFIX}/include"
-)
-
-# Load information for each installed configuration.
-get_filename_component(_DIR "${CMAKE_CURRENT_LIST_FILE}" PATH)
-file(GLOB CONFIG_FILES "${_DIR}/@CMAKE_PROJECT_NAME@Targets-*.cmake")
-foreach(f ${CONFIG_FILES})
-  include(${f})
-endforeach()
-
-# Cleanup temporary variables.
-set(_IMPORT_PREFIX)
-
-# Loop over all imported files and verify that they actually exist
-foreach(target ${_IMPORT_CHECK_TARGETS} )
-  foreach(file ${_IMPORT_CHECK_FILES_FOR_${target}} )
-    if(NOT EXISTS "${file}" )
-      message(FATAL_ERROR "The imported target \"${target}\" references the file
-   \"${file}\"
-but this file does not exist.  Possible reasons include:
-* The file was deleted, renamed, or moved to another location.
-* An install or uninstall procedure did not complete successfully.
-* The installation package was faulty and contained
-   \"${CMAKE_CURRENT_LIST_FILE}\"
-but not all the files it references.
-")
-    endif()
-  endforeach()
-  unset(_IMPORT_CHECK_FILES_FOR_${target})
-endforeach()
-unset(_IMPORT_CHECK_TARGETS)
-
-# This file does not depend on other imported targets which have
-# been exported from the same project but in a separate export set.
-
-# Commands beyond this point should not need to know the version.
-set(CMAKE_IMPORT_FILE_VERSION)
-cmake_policy(POP)
diff --git a/3rdparty/libjpeg-turbo_2_1_0/win/vc/projectTargets-release.cmake.in b/3rdparty/libjpeg-turbo_2_1_0/win/vc/projectTargets-release.cmake.in
deleted file mode 100644
index 7abb281..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/win/vc/projectTargets-release.cmake.in
+++ /dev/null
@@ -1,49 +0,0 @@
-#----------------------------------------------------------------
-# Generated CMake target import file for configuration "Release".
-#----------------------------------------------------------------
-
-# Commands may need to know the format version.
-set(CMAKE_IMPORT_FILE_VERSION 1)
-
-# Import target "@CMAKE_PROJECT_NAME@::jpeg" for configuration "Release"
-set_property(TARGET @CMAKE_PROJECT_NAME@::jpeg APPEND PROPERTY IMPORTED_CONFIGURATIONS RELEASE)
-set_target_properties(@CMAKE_PROJECT_NAME@::jpeg PROPERTIES
-  IMPORTED_IMPLIB_RELEASE "${_IMPORT_PREFIX}/lib/jpeg.lib"
-  IMPORTED_LOCATION_RELEASE "${_IMPORT_PREFIX}/bin/jpeg62.dll"
-  )
-
-list(APPEND _IMPORT_CHECK_TARGETS @CMAKE_PROJECT_NAME@::jpeg )
-list(APPEND _IMPORT_CHECK_FILES_FOR_@CMAKE_PROJECT_NAME@::jpeg "${_IMPORT_PREFIX}/lib/jpeg.lib" "${_IMPORT_PREFIX}/bin/jpeg62.dll" )
-
-# Import target "@CMAKE_PROJECT_NAME@::turbojpeg" for configuration "Release"
-set_property(TARGET @CMAKE_PROJECT_NAME@::turbojpeg APPEND PROPERTY IMPORTED_CONFIGURATIONS RELEASE)
-set_target_properties(@CMAKE_PROJECT_NAME@::turbojpeg PROPERTIES
-  IMPORTED_IMPLIB_RELEASE "${_IMPORT_PREFIX}/lib/turbojpeg.lib"
-  IMPORTED_LOCATION_RELEASE "${_IMPORT_PREFIX}/bin/turbojpeg.dll"
-  )
-
-list(APPEND _IMPORT_CHECK_TARGETS @CMAKE_PROJECT_NAME@::turbojpeg )
-list(APPEND _IMPORT_CHECK_FILES_FOR_@CMAKE_PROJECT_NAME@::turbojpeg "${_IMPORT_PREFIX}/lib/turbojpeg.lib" "${_IMPORT_PREFIX}/bin/turbojpeg.dll" )
-
-# Import target "@CMAKE_PROJECT_NAME@::turbojpeg-static" for configuration "Release"
-set_property(TARGET @CMAKE_PROJECT_NAME@::turbojpeg-static APPEND PROPERTY IMPORTED_CONFIGURATIONS RELEASE)
-set_target_properties(@CMAKE_PROJECT_NAME@::turbojpeg-static PROPERTIES
-  IMPORTED_LINK_INTERFACE_LANGUAGES_RELEASE "ASM_NASM;C"
-  IMPORTED_LOCATION_RELEASE "${_IMPORT_PREFIX}/lib/turbojpeg-static.lib"
-  )
-
-list(APPEND _IMPORT_CHECK_TARGETS @CMAKE_PROJECT_NAME@::turbojpeg-static )
-list(APPEND _IMPORT_CHECK_FILES_FOR_@CMAKE_PROJECT_NAME@::turbojpeg-static "${_IMPORT_PREFIX}/lib/turbojpeg-static.lib" )
-
-# Import target "@CMAKE_PROJECT_NAME@::jpeg-static" for configuration "Release"
-set_property(TARGET @CMAKE_PROJECT_NAME@::jpeg-static APPEND PROPERTY IMPORTED_CONFIGURATIONS RELEASE)
-set_target_properties(@CMAKE_PROJECT_NAME@::jpeg-static PROPERTIES
-  IMPORTED_LINK_INTERFACE_LANGUAGES_RELEASE "ASM_NASM;C"
-  IMPORTED_LOCATION_RELEASE "${_IMPORT_PREFIX}/lib/jpeg-static.lib"
-  )
-
-list(APPEND _IMPORT_CHECK_TARGETS @CMAKE_PROJECT_NAME@::jpeg-static )
-list(APPEND _IMPORT_CHECK_FILES_FOR_@CMAKE_PROJECT_NAME@::jpeg-static "${_IMPORT_PREFIX}/lib/jpeg-static.lib" )
-
-# Commands beyond this point should not need to know the version.
-set(CMAKE_IMPORT_FILE_VERSION)
diff --git a/3rdparty/libjpeg-turbo_2_1_0/wizard.txt b/3rdparty/libjpeg-turbo_2_1_0/wizard.txt
deleted file mode 100644
index c57fe38..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/wizard.txt
+++ /dev/null
@@ -1,212 +0,0 @@
-Advanced usage instructions for the Independent JPEG Group's JPEG software
-==========================================================================
-
-This file describes cjpeg's "switches for wizards".
-
-The "wizard" switches are intended for experimentation with JPEG by persons
-who are reasonably knowledgeable about the JPEG standard.  If you don't know
-what you are doing, DON'T USE THESE SWITCHES.  You'll likely produce files
-with worse image quality and/or poorer compression than you'd get from the
-default settings.  Furthermore, these switches must be used with caution
-when making files intended for general use, because not all JPEG decoders
-will support unusual JPEG parameter settings.
-
-
-Quantization Table Adjustment
------------------------------
-
-Ordinarily, cjpeg starts with a default set of tables (the same ones given
-as examples in the JPEG standard) and scales them up or down according to
-the -quality setting.  The details of the scaling algorithm can be found in
-jcparam.c.  At very low quality settings, some quantization table entries
-can get scaled up to values exceeding 255.  Although 2-byte quantization
-values are supported by the IJG software, this feature is not in baseline
-JPEG and is not supported by all implementations.  If you need to ensure
-wide compatibility of low-quality files, you can constrain the scaled
-quantization values to no more than 255 by giving the -baseline switch.
-Note that use of -baseline will result in poorer quality for the same file
-size, since more bits than necessary are expended on higher AC coefficients.
-
-You can substitute a different set of quantization values by using the
--qtables switch:
-
-        -qtables file   Use the quantization tables given in the named file.
-
-The specified file should be a text file containing decimal quantization
-values.  The file should contain one to four tables, each of 64 elements.
-The tables are implicitly numbered 0,1,etc. in order of appearance.  Table
-entries appear in normal array order (NOT in the zigzag order in which they
-will be stored in the JPEG file).
-
-Quantization table files are free format, in that arbitrary whitespace can
-appear between numbers.  Also, comments can be included: a comment starts
-with '#' and extends to the end of the line.  Here is an example file that
-duplicates the default quantization tables:
-
-        # Quantization tables given in Annex K (Clause K.1) of
-        # Recommendation ITU-T T.81 (1992) | ISO/IEC 10918-1:1994.
-
-        # This is table 0 (the luminance table):
-          16  11  10  16  24  40  51  61
-          12  12  14  19  26  58  60  55
-          14  13  16  24  40  57  69  56
-          14  17  22  29  51  87  80  62
-          18  22  37  56  68 109 103  77
-          24  35  55  64  81 104 113  92
-          49  64  78  87 103 121 120 101
-          72  92  95  98 112 100 103  99
-
-        # This is table 1 (the chrominance table):
-          17  18  24  47  99  99  99  99
-          18  21  26  66  99  99  99  99
-          24  26  56  99  99  99  99  99
-          47  66  99  99  99  99  99  99
-          99  99  99  99  99  99  99  99
-          99  99  99  99  99  99  99  99
-          99  99  99  99  99  99  99  99
-          99  99  99  99  99  99  99  99
-
-If the -qtables switch is used without -quality, then the specified tables
-are used exactly as-is.  If both -qtables and -quality are used, then the
-tables taken from the file are scaled in the same fashion that the default
-tables would be scaled for that quality setting.  If -baseline appears, then
-the quantization values are constrained to the range 1-255.
-
-By default, cjpeg will use quantization table 0 for luminance components and
-table 1 for chrominance components.  To override this choice, use the -qslots
-switch:
-
-        -qslots N[,...]         Select which quantization table to use for
-                                each color component.
-
-The -qslots switch specifies a quantization table number for each color
-component, in the order in which the components appear in the JPEG SOF marker.
-For example, to create a separate table for each of Y,Cb,Cr, you could
-provide a -qtables file that defines three quantization tables and say
-"-qslots 0,1,2".  If -qslots gives fewer table numbers than there are color
-components, then the last table number is repeated as necessary.
-
-
-Sampling Factor Adjustment
---------------------------
-
-By default, cjpeg uses 2:1 horizontal and vertical downsampling when
-compressing YCbCr data, and no downsampling for all other color spaces.
-You can override this default with the -sample switch:
-
-        -sample HxV[,...]       Set JPEG sampling factors for each color
-                                component.
-
-The -sample switch specifies the JPEG sampling factors for each color
-component, in the order in which they appear in the JPEG SOF marker.
-If you specify fewer HxV pairs than there are components, the remaining
-components are set to 1x1 sampling.  For example, the default YCbCr setting
-is equivalent to "-sample 2x2,1x1,1x1", which can be abbreviated to
-"-sample 2x2".
-
-There are still some JPEG decoders in existence that support only 2x1
-sampling (also called 4:2:2 sampling).  Compatibility with such decoders can
-be achieved by specifying "-sample 2x1".  This is not recommended unless
-really necessary, since it increases file size and encoding/decoding time
-with very little quality gain.
-
-
-Multiple Scan / Progression Control
------------------------------------
-
-By default, cjpeg emits a single-scan sequential JPEG file.  The
--progressive switch generates a progressive JPEG file using a default series
-of progression parameters.  You can create multiple-scan sequential JPEG
-files or progressive JPEG files with custom progression parameters by using
-the -scans switch:
-
-        -scans file     Use the scan sequence given in the named file.
-
-The specified file should be a text file containing a "scan script".
-The script specifies the contents and ordering of the scans to be emitted.
-Each entry in the script defines one scan.  A scan definition specifies
-the components to be included in the scan, and for progressive JPEG it also
-specifies the progression parameters Ss,Se,Ah,Al for the scan.  Scan
-definitions are separated by semicolons (';').  A semicolon after the last
-scan definition is optional.
-
-Each scan definition contains one to four component indexes, optionally
-followed by a colon (':') and the four progressive-JPEG parameters.  The
-component indexes denote which color component(s) are to be transmitted in
-the scan.  Components are numbered in the order in which they appear in the
-JPEG SOF marker, with the first component being numbered 0.  (Note that these
-indexes are not the "component ID" codes assigned to the components, just
-positional indexes.)
-
-The progression parameters for each scan are:
-        Ss      Zigzag index of first coefficient included in scan
-        Se      Zigzag index of last coefficient included in scan
-        Ah      Zero for first scan of a coefficient, else Al of prior scan
-        Al      Successive approximation low bit position for scan
-If the progression parameters are omitted, the values 0,63,0,0 are used,
-producing a sequential JPEG file.  cjpeg automatically determines whether
-the script represents a progressive or sequential file, by observing whether
-Ss and Se values other than 0 and 63 appear.  (The -progressive switch is
-not needed to specify this; in fact, it is ignored when -scans appears.)
-The scan script must meet the JPEG restrictions on progression sequences.
-(cjpeg checks that the spec's requirements are obeyed.)
-
-Scan script files are free format, in that arbitrary whitespace can appear
-between numbers and around punctuation.  Also, comments can be included: a
-comment starts with '#' and extends to the end of the line.  For additional
-legibility, commas or dashes can be placed between values.  (Actually, any
-single punctuation character other than ':' or ';' can be inserted.)  For
-example, the following two scan definitions are equivalent:
-        0 1 2: 0 63 0 0;
-        0,1,2 : 0-63, 0,0 ;
-
-Here is an example of a scan script that generates a partially interleaved
-sequential JPEG file:
-
-        0;                      # Y only in first scan
-        1 2;                    # Cb and Cr in second scan
-
-Here is an example of a progressive scan script using only spectral selection
-(no successive approximation):
-
-        # Interleaved DC scan for Y,Cb,Cr:
-        0,1,2: 0-0,   0, 0 ;
-        # AC scans:
-        0:     1-2,   0, 0 ;    # First two Y AC coefficients
-        0:     3-5,   0, 0 ;    # Three more
-        1:     1-63,  0, 0 ;    # All AC coefficients for Cb
-        2:     1-63,  0, 0 ;    # All AC coefficients for Cr
-        0:     6-9,   0, 0 ;    # More Y coefficients
-        0:     10-63, 0, 0 ;    # Remaining Y coefficients
-
-Here is an example of a successive-approximation script.  This is equivalent
-to the default script used by "cjpeg -progressive" for YCbCr images:
-
-        # Initial DC scan for Y,Cb,Cr (lowest bit not sent)
-        0,1,2: 0-0,   0, 1 ;
-        # First AC scan: send first 5 Y AC coefficients, minus 2 lowest bits:
-        0:     1-5,   0, 2 ;
-        # Send all Cr,Cb AC coefficients, minus lowest bit:
-        # (chroma data is usually too small to be worth subdividing further;
-        #  but note we send Cr first since eye is least sensitive to Cb)
-        2:     1-63,  0, 1 ;
-        1:     1-63,  0, 1 ;
-        # Send remaining Y AC coefficients, minus 2 lowest bits:
-        0:     6-63,  0, 2 ;
-        # Send next-to-lowest bit of all Y AC coefficients:
-        0:     1-63,  2, 1 ;
-        # At this point we've sent all but the lowest bit of all coefficients.
-        # Send lowest bit of DC coefficients
-        0,1,2: 0-0,   1, 0 ;
-        # Send lowest bit of AC coefficients
-        2:     1-63,  1, 0 ;
-        1:     1-63,  1, 0 ;
-        # Y AC lowest bit scan is last; it's usually the largest scan
-        0:     1-63,  1, 0 ;
-
-It may be worth pointing out that this script is tuned for quality settings
-of around 50 to 75.  For lower quality settings, you'd probably want to use
-a script with fewer stages of successive approximation (otherwise the
-initial scans will be really bad).  For higher quality settings, you might
-want to use more stages of successive approximation (so that the initial
-scans are not too large).
diff --git a/3rdparty/libjpeg-turbo_2_1_0/wrbmp.c b/3rdparty/libjpeg-turbo_2_1_0/wrbmp.c
deleted file mode 100644
index 408a722..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/wrbmp.c
+++ /dev/null
@@ -1,552 +0,0 @@
-/*
- * wrbmp.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1996, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2013, Linaro Limited.
- * Copyright (C) 2014-2015, 2017, 2019, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains routines to write output images in Microsoft "BMP"
- * format (MS Windows 3.x and OS/2 1.x flavors).
- * Either 8-bit colormapped or 24-bit full-color format can be written.
- * No compression is supported.
- *
- * These routines may need modification for non-Unix environments or
- * specialized applications.  As they stand, they assume output to
- * an ordinary stdio stream.
- *
- * This code contributed by James Arthur Boucher.
- */
-
-#include "cmyk.h"
-#include "cdjpeg.h"             /* Common decls for cjpeg/djpeg applications */
-#include "jconfigint.h"
-
-#ifdef BMP_SUPPORTED
-
-
-/*
- * To support 12-bit JPEG data, we'd have to scale output down to 8 bits.
- * This is not yet implemented.
- */
-
-#if BITS_IN_JSAMPLE != 8
-  Sorry, this code only copes with 8-bit JSAMPLEs. /* deliberate syntax err */
-#endif
-
-/*
- * Since BMP stores scanlines bottom-to-top, we have to invert the image
- * from JPEG's top-to-bottom order.  To do this, we save the outgoing data
- * in a virtual array during put_pixel_row calls, then actually emit the
- * BMP file during finish_output.  The virtual array contains one JSAMPLE per
- * pixel if the output is grayscale or colormapped, three if it is full color.
- */
-
-/* Private version of data destination object */
-
-typedef struct {
-  struct djpeg_dest_struct pub; /* public fields */
-
-  boolean is_os2;               /* saves the OS2 format request flag */
-
-  jvirt_sarray_ptr whole_image; /* needed to reverse row order */
-  JDIMENSION data_width;        /* JSAMPLEs per row */
-  JDIMENSION row_width;         /* physical width of one row in the BMP file */
-  int pad_bytes;                /* number of padding bytes needed per row */
-  JDIMENSION cur_output_row;    /* next row# to write to virtual array */
-
-  boolean use_inversion_array;  /* TRUE = buffer the whole image, which is
-                                   stored to disk in bottom-up order, and
-                                   receive rows from the calling program in
-                                   top-down order
-
-                                   FALSE = the calling program will maintain
-                                   its own image buffer and write the rows in
-                                   bottom-up order */
-
-  JSAMPLE *iobuffer;            /* I/O buffer (used to buffer a single row to
-                                   disk if use_inversion_array == FALSE) */
-} bmp_dest_struct;
-
-typedef bmp_dest_struct *bmp_dest_ptr;
-
-
-/* Forward declarations */
-LOCAL(void) write_colormap(j_decompress_ptr cinfo, bmp_dest_ptr dest,
-                           int map_colors, int map_entry_size);
-
-
-static INLINE boolean is_big_endian(void)
-{
-  int test_value = 1;
-  if (*(char *)&test_value != 1)
-    return TRUE;
-  return FALSE;
-}
-
-
-/*
- * Write some pixel data.
- * In this module rows_supplied will always be 1.
- */
-
-METHODDEF(void)
-put_pixel_rows(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo,
-               JDIMENSION rows_supplied)
-/* This version is for writing 24-bit pixels */
-{
-  bmp_dest_ptr dest = (bmp_dest_ptr)dinfo;
-  JSAMPARRAY image_ptr;
-  register JSAMPROW inptr, outptr;
-  register JDIMENSION col;
-  int pad;
-
-  if (dest->use_inversion_array) {
-    /* Access next row in virtual array */
-    image_ptr = (*cinfo->mem->access_virt_sarray)
-      ((j_common_ptr)cinfo, dest->whole_image,
-       dest->cur_output_row, (JDIMENSION)1, TRUE);
-    dest->cur_output_row++;
-    outptr = image_ptr[0];
-  } else {
-    outptr = dest->iobuffer;
-  }
-
-  /* Transfer data.  Note destination values must be in BGR order
-   * (even though Microsoft's own documents say the opposite).
-   */
-  inptr = dest->pub.buffer[0];
-
-  if (cinfo->out_color_space == JCS_EXT_BGR) {
-    MEMCOPY(outptr, inptr, dest->row_width);
-    outptr += cinfo->output_width * 3;
-  } else if (cinfo->out_color_space == JCS_RGB565) {
-    boolean big_endian = is_big_endian();
-    unsigned short *inptr2 = (unsigned short *)inptr;
-    for (col = cinfo->output_width; col > 0; col--) {
-      if (big_endian) {
-        outptr[0] = (*inptr2 >> 5) & 0xF8;
-        outptr[1] = ((*inptr2 << 5) & 0xE0) | ((*inptr2 >> 11) & 0x1C);
-        outptr[2] = *inptr2 & 0xF8;
-      } else {
-        outptr[0] = (*inptr2 << 3) & 0xF8;
-        outptr[1] = (*inptr2 >> 3) & 0xFC;
-        outptr[2] = (*inptr2 >> 8) & 0xF8;
-      }
-      outptr += 3;
-      inptr2++;
-    }
-  } else if (cinfo->out_color_space == JCS_CMYK) {
-    for (col = cinfo->output_width; col > 0; col--) {
-      JSAMPLE c = *inptr++, m = *inptr++, y = *inptr++, k = *inptr++;
-      cmyk_to_rgb(c, m, y, k, outptr + 2, outptr + 1, outptr);
-      outptr += 3;
-    }
-  } else {
-    register int rindex = rgb_red[cinfo->out_color_space];
-    register int gindex = rgb_green[cinfo->out_color_space];
-    register int bindex = rgb_blue[cinfo->out_color_space];
-    register int ps = rgb_pixelsize[cinfo->out_color_space];
-
-    for (col = cinfo->output_width; col > 0; col--) {
-      outptr[0] = inptr[bindex];
-      outptr[1] = inptr[gindex];
-      outptr[2] = inptr[rindex];
-      outptr += 3;  inptr += ps;
-    }
-  }
-
-  /* Zero out the pad bytes. */
-  pad = dest->pad_bytes;
-  while (--pad >= 0)
-    *outptr++ = 0;
-
-  if (!dest->use_inversion_array)
-    (void)JFWRITE(dest->pub.output_file, dest->iobuffer, dest->row_width);
-}
-
-METHODDEF(void)
-put_gray_rows(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo,
-              JDIMENSION rows_supplied)
-/* This version is for grayscale OR quantized color output */
-{
-  bmp_dest_ptr dest = (bmp_dest_ptr)dinfo;
-  JSAMPARRAY image_ptr;
-  register JSAMPROW inptr, outptr;
-  int pad;
-
-  if (dest->use_inversion_array) {
-    /* Access next row in virtual array */
-    image_ptr = (*cinfo->mem->access_virt_sarray)
-      ((j_common_ptr)cinfo, dest->whole_image,
-       dest->cur_output_row, (JDIMENSION)1, TRUE);
-    dest->cur_output_row++;
-    outptr = image_ptr[0];
-  } else {
-    outptr = dest->iobuffer;
-  }
-
-  /* Transfer data. */
-  inptr = dest->pub.buffer[0];
-  MEMCOPY(outptr, inptr, cinfo->output_width);
-  outptr += cinfo->output_width;
-
-  /* Zero out the pad bytes. */
-  pad = dest->pad_bytes;
-  while (--pad >= 0)
-    *outptr++ = 0;
-
-  if (!dest->use_inversion_array)
-    (void)JFWRITE(dest->pub.output_file, dest->iobuffer, dest->row_width);
-}
-
-
-/*
- * Finish up at the end of the file.
- *
- * Here is where we really output the BMP file.
- *
- * First, routines to write the Windows and OS/2 variants of the file header.
- */
-
-LOCAL(void)
-write_bmp_header(j_decompress_ptr cinfo, bmp_dest_ptr dest)
-/* Write a Windows-style BMP file header, including colormap if needed */
-{
-  char bmpfileheader[14];
-  char bmpinfoheader[40];
-
-#define PUT_2B(array, offset, value) \
-  (array[offset] = (char)((value) & 0xFF), \
-   array[offset + 1] = (char)(((value) >> 8) & 0xFF))
-#define PUT_4B(array, offset, value) \
-  (array[offset] = (char)((value) & 0xFF), \
-   array[offset + 1] = (char)(((value) >> 8) & 0xFF), \
-   array[offset + 2] = (char)(((value) >> 16) & 0xFF), \
-   array[offset + 3] = (char)(((value) >> 24) & 0xFF))
-
-  long headersize, bfSize;
-  int bits_per_pixel, cmap_entries;
-
-  /* Compute colormap size and total file size */
-  if (IsExtRGB(cinfo->out_color_space)) {
-    if (cinfo->quantize_colors) {
-      /* Colormapped RGB */
-      bits_per_pixel = 8;
-      cmap_entries = 256;
-    } else {
-      /* Unquantized, full color RGB */
-      bits_per_pixel = 24;
-      cmap_entries = 0;
-    }
-  } else if (cinfo->out_color_space == JCS_RGB565 ||
-             cinfo->out_color_space == JCS_CMYK) {
-    bits_per_pixel = 24;
-    cmap_entries   = 0;
-  } else {
-    /* Grayscale output.  We need to fake a 256-entry colormap. */
-    bits_per_pixel = 8;
-    cmap_entries = 256;
-  }
-  /* File size */
-  headersize = 14 + 40 + cmap_entries * 4; /* Header and colormap */
-  bfSize = headersize + (long)dest->row_width * (long)cinfo->output_height;
-
-  /* Set unused fields of header to 0 */
-  MEMZERO(bmpfileheader, sizeof(bmpfileheader));
-  MEMZERO(bmpinfoheader, sizeof(bmpinfoheader));
-
-  /* Fill the file header */
-  bmpfileheader[0] = 0x42;      /* first 2 bytes are ASCII 'B', 'M' */
-  bmpfileheader[1] = 0x4D;
-  PUT_4B(bmpfileheader, 2, bfSize); /* bfSize */
-  /* we leave bfReserved1 & bfReserved2 = 0 */
-  PUT_4B(bmpfileheader, 10, headersize); /* bfOffBits */
-
-  /* Fill the info header (Microsoft calls this a BITMAPINFOHEADER) */
-  PUT_2B(bmpinfoheader, 0, 40); /* biSize */
-  PUT_4B(bmpinfoheader, 4, cinfo->output_width); /* biWidth */
-  PUT_4B(bmpinfoheader, 8, cinfo->output_height); /* biHeight */
-  PUT_2B(bmpinfoheader, 12, 1); /* biPlanes - must be 1 */
-  PUT_2B(bmpinfoheader, 14, bits_per_pixel); /* biBitCount */
-  /* we leave biCompression = 0, for none */
-  /* we leave biSizeImage = 0; this is correct for uncompressed data */
-  if (cinfo->density_unit == 2) { /* if have density in dots/cm, then */
-    PUT_4B(bmpinfoheader, 24, (long)(cinfo->X_density * 100)); /* XPels/M */
-    PUT_4B(bmpinfoheader, 28, (long)(cinfo->Y_density * 100)); /* XPels/M */
-  }
-  PUT_2B(bmpinfoheader, 32, cmap_entries); /* biClrUsed */
-  /* we leave biClrImportant = 0 */
-
-  if (JFWRITE(dest->pub.output_file, bmpfileheader, 14) != (size_t)14)
-    ERREXIT(cinfo, JERR_FILE_WRITE);
-  if (JFWRITE(dest->pub.output_file, bmpinfoheader, 40) != (size_t)40)
-    ERREXIT(cinfo, JERR_FILE_WRITE);
-
-  if (cmap_entries > 0)
-    write_colormap(cinfo, dest, cmap_entries, 4);
-}
-
-
-LOCAL(void)
-write_os2_header(j_decompress_ptr cinfo, bmp_dest_ptr dest)
-/* Write an OS2-style BMP file header, including colormap if needed */
-{
-  char bmpfileheader[14];
-  char bmpcoreheader[12];
-  long headersize, bfSize;
-  int bits_per_pixel, cmap_entries;
-
-  /* Compute colormap size and total file size */
-  if (IsExtRGB(cinfo->out_color_space)) {
-    if (cinfo->quantize_colors) {
-      /* Colormapped RGB */
-      bits_per_pixel = 8;
-      cmap_entries = 256;
-    } else {
-      /* Unquantized, full color RGB */
-      bits_per_pixel = 24;
-      cmap_entries = 0;
-    }
-  } else if (cinfo->out_color_space == JCS_RGB565 ||
-             cinfo->out_color_space == JCS_CMYK) {
-    bits_per_pixel = 24;
-    cmap_entries   = 0;
-  } else {
-    /* Grayscale output.  We need to fake a 256-entry colormap. */
-    bits_per_pixel = 8;
-    cmap_entries = 256;
-  }
-  /* File size */
-  headersize = 14 + 12 + cmap_entries * 3; /* Header and colormap */
-  bfSize = headersize + (long)dest->row_width * (long)cinfo->output_height;
-
-  /* Set unused fields of header to 0 */
-  MEMZERO(bmpfileheader, sizeof(bmpfileheader));
-  MEMZERO(bmpcoreheader, sizeof(bmpcoreheader));
-
-  /* Fill the file header */
-  bmpfileheader[0] = 0x42;      /* first 2 bytes are ASCII 'B', 'M' */
-  bmpfileheader[1] = 0x4D;
-  PUT_4B(bmpfileheader, 2, bfSize); /* bfSize */
-  /* we leave bfReserved1 & bfReserved2 = 0 */
-  PUT_4B(bmpfileheader, 10, headersize); /* bfOffBits */
-
-  /* Fill the info header (Microsoft calls this a BITMAPCOREHEADER) */
-  PUT_2B(bmpcoreheader, 0, 12); /* bcSize */
-  PUT_2B(bmpcoreheader, 4, cinfo->output_width); /* bcWidth */
-  PUT_2B(bmpcoreheader, 6, cinfo->output_height); /* bcHeight */
-  PUT_2B(bmpcoreheader, 8, 1);  /* bcPlanes - must be 1 */
-  PUT_2B(bmpcoreheader, 10, bits_per_pixel); /* bcBitCount */
-
-  if (JFWRITE(dest->pub.output_file, bmpfileheader, 14) != (size_t)14)
-    ERREXIT(cinfo, JERR_FILE_WRITE);
-  if (JFWRITE(dest->pub.output_file, bmpcoreheader, 12) != (size_t)12)
-    ERREXIT(cinfo, JERR_FILE_WRITE);
-
-  if (cmap_entries > 0)
-    write_colormap(cinfo, dest, cmap_entries, 3);
-}
-
-
-/*
- * Write the colormap.
- * Windows uses BGR0 map entries; OS/2 uses BGR entries.
- */
-
-LOCAL(void)
-write_colormap(j_decompress_ptr cinfo, bmp_dest_ptr dest, int map_colors,
-               int map_entry_size)
-{
-  JSAMPARRAY colormap = cinfo->colormap;
-  int num_colors = cinfo->actual_number_of_colors;
-  FILE *outfile = dest->pub.output_file;
-  int i;
-
-  if (colormap != NULL) {
-    if (cinfo->out_color_components == 3) {
-      /* Normal case with RGB colormap */
-      for (i = 0; i < num_colors; i++) {
-        putc(colormap[2][i], outfile);
-        putc(colormap[1][i], outfile);
-        putc(colormap[0][i], outfile);
-        if (map_entry_size == 4)
-          putc(0, outfile);
-      }
-    } else {
-      /* Grayscale colormap (only happens with grayscale quantization) */
-      for (i = 0; i < num_colors; i++) {
-        putc(colormap[0][i], outfile);
-        putc(colormap[0][i], outfile);
-        putc(colormap[0][i], outfile);
-        if (map_entry_size == 4)
-          putc(0, outfile);
-      }
-    }
-  } else {
-    /* If no colormap, must be grayscale data.  Generate a linear "map". */
-    for (i = 0; i < 256; i++) {
-      putc(i, outfile);
-      putc(i, outfile);
-      putc(i, outfile);
-      if (map_entry_size == 4)
-        putc(0, outfile);
-    }
-  }
-  /* Pad colormap with zeros to ensure specified number of colormap entries */
-  if (i > map_colors)
-    ERREXIT1(cinfo, JERR_TOO_MANY_COLORS, i);
-  for (; i < map_colors; i++) {
-    putc(0, outfile);
-    putc(0, outfile);
-    putc(0, outfile);
-    if (map_entry_size == 4)
-      putc(0, outfile);
-  }
-}
-
-
-/*
- * Startup: write the file header unless the inversion array is being used.
- */
-
-METHODDEF(void)
-start_output_bmp(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo)
-{
-  bmp_dest_ptr dest = (bmp_dest_ptr)dinfo;
-
-  if (!dest->use_inversion_array) {
-    /* Write the header and colormap */
-    if (dest->is_os2)
-      write_os2_header(cinfo, dest);
-    else
-      write_bmp_header(cinfo, dest);
-  }
-}
-
-
-METHODDEF(void)
-finish_output_bmp(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo)
-{
-  bmp_dest_ptr dest = (bmp_dest_ptr)dinfo;
-  register FILE *outfile = dest->pub.output_file;
-  JSAMPARRAY image_ptr;
-  register JSAMPROW data_ptr;
-  JDIMENSION row;
-  cd_progress_ptr progress = (cd_progress_ptr)cinfo->progress;
-
-  if (dest->use_inversion_array) {
-    /* Write the header and colormap */
-    if (dest->is_os2)
-      write_os2_header(cinfo, dest);
-    else
-      write_bmp_header(cinfo, dest);
-
-    /* Write the file body from our virtual array */
-    for (row = cinfo->output_height; row > 0; row--) {
-      if (progress != NULL) {
-        progress->pub.pass_counter = (long)(cinfo->output_height - row);
-        progress->pub.pass_limit = (long)cinfo->output_height;
-        (*progress->pub.progress_monitor) ((j_common_ptr)cinfo);
-      }
-      image_ptr = (*cinfo->mem->access_virt_sarray)
-        ((j_common_ptr)cinfo, dest->whole_image, row - 1, (JDIMENSION)1,
-         FALSE);
-      data_ptr = image_ptr[0];
-      (void)JFWRITE(outfile, data_ptr, dest->row_width);
-    }
-    if (progress != NULL)
-      progress->completed_extra_passes++;
-  }
-
-  /* Make sure we wrote the output file OK */
-  fflush(outfile);
-  if (ferror(outfile))
-    ERREXIT(cinfo, JERR_FILE_WRITE);
-}
-
-
-/*
- * The module selection routine for BMP format output.
- */
-
-GLOBAL(djpeg_dest_ptr)
-jinit_write_bmp(j_decompress_ptr cinfo, boolean is_os2,
-                boolean use_inversion_array)
-{
-  bmp_dest_ptr dest;
-  JDIMENSION row_width;
-
-  /* Create module interface object, fill in method pointers */
-  dest = (bmp_dest_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(bmp_dest_struct));
-  dest->pub.start_output = start_output_bmp;
-  dest->pub.finish_output = finish_output_bmp;
-  dest->pub.calc_buffer_dimensions = NULL;
-  dest->is_os2 = is_os2;
-
-  if (cinfo->out_color_space == JCS_GRAYSCALE) {
-    dest->pub.put_pixel_rows = put_gray_rows;
-  } else if (IsExtRGB(cinfo->out_color_space)) {
-    if (cinfo->quantize_colors)
-      dest->pub.put_pixel_rows = put_gray_rows;
-    else
-      dest->pub.put_pixel_rows = put_pixel_rows;
-  } else if (!cinfo->quantize_colors &&
-             (cinfo->out_color_space == JCS_RGB565 ||
-              cinfo->out_color_space == JCS_CMYK)) {
-    dest->pub.put_pixel_rows = put_pixel_rows;
-  } else {
-    ERREXIT(cinfo, JERR_BMP_COLORSPACE);
-  }
-
-  /* Calculate output image dimensions so we can allocate space */
-  jpeg_calc_output_dimensions(cinfo);
-
-  /* Determine width of rows in the BMP file (padded to 4-byte boundary). */
-  if (cinfo->out_color_space == JCS_RGB565) {
-    row_width = cinfo->output_width * 2;
-    dest->row_width = dest->data_width = cinfo->output_width * 3;
-    while ((row_width & 3) != 0) row_width++;
-  } else if (!cinfo->quantize_colors &&
-             (IsExtRGB(cinfo->out_color_space) ||
-              cinfo->out_color_space == JCS_CMYK)) {
-    row_width = cinfo->output_width * cinfo->output_components;
-    dest->row_width = dest->data_width = cinfo->output_width * 3;
-  } else {
-    row_width = cinfo->output_width * cinfo->output_components;
-    dest->row_width = dest->data_width = row_width;
-  }
-  while ((dest->row_width & 3) != 0) dest->row_width++;
-  dest->pad_bytes = (int)(dest->row_width - dest->data_width);
-
-
-  if (use_inversion_array) {
-    /* Allocate space for inversion array, prepare for write pass */
-    dest->whole_image = (*cinfo->mem->request_virt_sarray)
-      ((j_common_ptr)cinfo, JPOOL_IMAGE, FALSE,
-       dest->row_width, cinfo->output_height, (JDIMENSION)1);
-    dest->cur_output_row = 0;
-    if (cinfo->progress != NULL) {
-      cd_progress_ptr progress = (cd_progress_ptr)cinfo->progress;
-      progress->total_extra_passes++; /* count file input as separate pass */
-    }
-  } else {
-    dest->iobuffer = (JSAMPLE *)(*cinfo->mem->alloc_small)
-      ((j_common_ptr)cinfo, JPOOL_IMAGE, dest->row_width);
-  }
-  dest->use_inversion_array = use_inversion_array;
-
-  /* Create decompressor output buffer. */
-  dest->pub.buffer = (*cinfo->mem->alloc_sarray)
-    ((j_common_ptr)cinfo, JPOOL_IMAGE, row_width, (JDIMENSION)1);
-  dest->pub.buffer_height = 1;
-
-  return (djpeg_dest_ptr)dest;
-}
-
-#endif /* BMP_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/wrgif.c b/3rdparty/libjpeg-turbo_2_1_0/wrgif.c
deleted file mode 100644
index 82a2429..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/wrgif.c
+++ /dev/null
@@ -1,580 +0,0 @@
-/*
- * wrgif.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1997, Thomas G. Lane.
- * Modified 2015-2019 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2015, 2017, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains routines to write output images in GIF format.
- *
- * These routines may need modification for non-Unix environments or
- * specialized applications.  As they stand, they assume output to
- * an ordinary stdio stream.
- */
-
-/*
- * This code is loosely based on ppmtogif from the PBMPLUS distribution
- * of Feb. 1991.  That file contains the following copyright notice:
- *    Based on GIFENCODE by David Rowley <mgardi@watdscu.waterloo.edu>.
- *    Lempel-Ziv compression based on "compress" by Spencer W. Thomas et al.
- *    Copyright (C) 1989 by Jef Poskanzer.
- *    Permission to use, copy, modify, and distribute this software and its
- *    documentation for any purpose and without fee is hereby granted, provided
- *    that the above copyright notice appear in all copies and that both that
- *    copyright notice and this permission notice appear in supporting
- *    documentation.  This software is provided "as is" without express or
- *    implied warranty.
- */
-
-#include "cdjpeg.h"             /* Common decls for cjpeg/djpeg applications */
-
-#ifdef GIF_SUPPORTED
-
-
-#define MAX_LZW_BITS     12     /* maximum LZW code size (4096 symbols) */
-
-typedef INT16 code_int;         /* must hold -1 .. 2**MAX_LZW_BITS */
-
-#define LZW_TABLE_SIZE   ((code_int)1 << MAX_LZW_BITS)
-
-#define HSIZE            5003   /* hash table size for 80% occupancy */
-
-typedef int hash_int;           /* must hold -2*HSIZE..2*HSIZE */
-
-#define MAXCODE(n_bits)  (((code_int)1 << (n_bits)) - 1)
-
-
-/*
- * The LZW hash table consists of two parallel arrays:
- *   hash_code[i]       code of symbol in slot i, or 0 if empty slot
- *   hash_value[i]      symbol's value; undefined if empty slot
- * where slot values (i) range from 0 to HSIZE-1.  The symbol value is
- * its prefix symbol's code concatenated with its suffix character.
- *
- * Algorithm:  use open addressing double hashing (no chaining) on the
- * prefix code / suffix character combination.  We do a variant of Knuth's
- * algorithm D (vol. 3, sec. 6.4) along with G. Knott's relatively-prime
- * secondary probe.
- */
-
-typedef int hash_entry;         /* must hold (code_int << 8) | byte */
-
-#define HASH_ENTRY(prefix, suffix)  ((((hash_entry)(prefix)) << 8) | (suffix))
-
-
-/* Private version of data destination object */
-
-typedef struct {
-  struct djpeg_dest_struct pub; /* public fields */
-
-  j_decompress_ptr cinfo;       /* back link saves passing separate parm */
-
-  /* State for packing variable-width codes into a bitstream */
-  int n_bits;                   /* current number of bits/code */
-  code_int maxcode;             /* maximum code, given n_bits */
-  int init_bits;                /* initial n_bits ... restored after clear */
-  int cur_accum;                /* holds bits not yet output */
-  int cur_bits;                 /* # of bits in cur_accum */
-
-  /* LZW string construction */
-  code_int waiting_code;        /* symbol not yet output; may be extendable */
-  boolean first_byte;           /* if TRUE, waiting_code is not valid */
-
-  /* State for GIF code assignment */
-  code_int ClearCode;           /* clear code (doesn't change) */
-  code_int EOFCode;             /* EOF code (ditto) */
-  code_int free_code;           /* LZW: first not-yet-used symbol code */
-  code_int code_counter;        /* not LZW: counts output symbols */
-
-  /* LZW hash table */
-  code_int *hash_code;          /* => hash table of symbol codes */
-  hash_entry *hash_value;       /* => hash table of symbol values */
-
-  /* GIF data packet construction buffer */
-  int bytesinpkt;               /* # of bytes in current packet */
-  char packetbuf[256];          /* workspace for accumulating packet */
-
-} gif_dest_struct;
-
-typedef gif_dest_struct *gif_dest_ptr;
-
-
-/*
- * Routines to package finished data bytes into GIF data blocks.
- * A data block consists of a count byte (1..255) and that many data bytes.
- */
-
-LOCAL(void)
-flush_packet(gif_dest_ptr dinfo)
-/* flush any accumulated data */
-{
-  if (dinfo->bytesinpkt > 0) {  /* never write zero-length packet */
-    dinfo->packetbuf[0] = (char)dinfo->bytesinpkt++;
-    if (JFWRITE(dinfo->pub.output_file, dinfo->packetbuf, dinfo->bytesinpkt) !=
-        (size_t)dinfo->bytesinpkt)
-      ERREXIT(dinfo->cinfo, JERR_FILE_WRITE);
-    dinfo->bytesinpkt = 0;
-  }
-}
-
-
-/* Add a character to current packet; flush to disk if necessary */
-#define CHAR_OUT(dinfo, c) { \
-  (dinfo)->packetbuf[++(dinfo)->bytesinpkt] = (char)(c); \
-  if ((dinfo)->bytesinpkt >= 255) \
-    flush_packet(dinfo); \
-}
-
-
-/* Routine to convert variable-width codes into a byte stream */
-
-LOCAL(void)
-output(gif_dest_ptr dinfo, code_int code)
-/* Emit a code of n_bits bits */
-/* Uses cur_accum and cur_bits to reblock into 8-bit bytes */
-{
-  dinfo->cur_accum |= ((long)code) << dinfo->cur_bits;
-  dinfo->cur_bits += dinfo->n_bits;
-
-  while (dinfo->cur_bits >= 8) {
-    CHAR_OUT(dinfo, dinfo->cur_accum & 0xFF);
-    dinfo->cur_accum >>= 8;
-    dinfo->cur_bits -= 8;
-  }
-
-  /*
-   * If the next entry is going to be too big for the code size,
-   * then increase it, if possible.  We do this here to ensure
-   * that it's done in sync with the decoder's codesize increases.
-   */
-  if (dinfo->free_code > dinfo->maxcode) {
-    dinfo->n_bits++;
-    if (dinfo->n_bits == MAX_LZW_BITS)
-      dinfo->maxcode = LZW_TABLE_SIZE; /* free_code will never exceed this */
-    else
-      dinfo->maxcode = MAXCODE(dinfo->n_bits);
-  }
-}
-
-
-/* Compression initialization & termination */
-
-
-LOCAL(void)
-clear_hash(gif_dest_ptr dinfo)
-/* Fill the hash table with empty entries */
-{
-  /* It's sufficient to zero hash_code[] */
-  MEMZERO(dinfo->hash_code, HSIZE * sizeof(code_int));
-}
-
-
-LOCAL(void)
-clear_block(gif_dest_ptr dinfo)
-/* Reset compressor and issue a Clear code */
-{
-  clear_hash(dinfo);                    /* delete all the symbols */
-  dinfo->free_code = dinfo->ClearCode + 2;
-  output(dinfo, dinfo->ClearCode);      /* inform decoder */
-  dinfo->n_bits = dinfo->init_bits;     /* reset code size */
-  dinfo->maxcode = MAXCODE(dinfo->n_bits);
-}
-
-
-LOCAL(void)
-compress_init(gif_dest_ptr dinfo, int i_bits)
-/* Initialize compressor */
-{
-  /* init all the state variables */
-  dinfo->n_bits = dinfo->init_bits = i_bits;
-  dinfo->maxcode = MAXCODE(dinfo->n_bits);
-  dinfo->ClearCode = ((code_int) 1 << (i_bits - 1));
-  dinfo->EOFCode = dinfo->ClearCode + 1;
-  dinfo->code_counter = dinfo->free_code = dinfo->ClearCode + 2;
-  dinfo->first_byte = TRUE;     /* no waiting symbol yet */
-  /* init output buffering vars */
-  dinfo->bytesinpkt = 0;
-  dinfo->cur_accum = 0;
-  dinfo->cur_bits = 0;
-  /* clear hash table */
-  if (dinfo->hash_code != NULL)
-    clear_hash(dinfo);
-  /* GIF specifies an initial Clear code */
-  output(dinfo, dinfo->ClearCode);
-}
-
-
-LOCAL(void)
-compress_term(gif_dest_ptr dinfo)
-/* Clean up at end */
-{
-  /* Flush out the buffered LZW code */
-  if (!dinfo->first_byte)
-    output(dinfo, dinfo->waiting_code);
-  /* Send an EOF code */
-  output(dinfo, dinfo->EOFCode);
-  /* Flush the bit-packing buffer */
-  if (dinfo->cur_bits > 0) {
-    CHAR_OUT(dinfo, dinfo->cur_accum & 0xFF);
-  }
-  /* Flush the packet buffer */
-  flush_packet(dinfo);
-}
-
-
-/* GIF header construction */
-
-
-LOCAL(void)
-put_word(gif_dest_ptr dinfo, unsigned int w)
-/* Emit a 16-bit word, LSB first */
-{
-  putc(w & 0xFF, dinfo->pub.output_file);
-  putc((w >> 8) & 0xFF, dinfo->pub.output_file);
-}
-
-
-LOCAL(void)
-put_3bytes(gif_dest_ptr dinfo, int val)
-/* Emit 3 copies of same byte value --- handy subr for colormap construction */
-{
-  putc(val, dinfo->pub.output_file);
-  putc(val, dinfo->pub.output_file);
-  putc(val, dinfo->pub.output_file);
-}
-
-
-LOCAL(void)
-emit_header(gif_dest_ptr dinfo, int num_colors, JSAMPARRAY colormap)
-/* Output the GIF file header, including color map */
-/* If colormap == NULL, synthesize a grayscale colormap */
-{
-  int BitsPerPixel, ColorMapSize, InitCodeSize, FlagByte;
-  int cshift = dinfo->cinfo->data_precision - 8;
-  int i;
-
-  if (num_colors > 256)
-    ERREXIT1(dinfo->cinfo, JERR_TOO_MANY_COLORS, num_colors);
-  /* Compute bits/pixel and related values */
-  BitsPerPixel = 1;
-  while (num_colors > (1 << BitsPerPixel))
-    BitsPerPixel++;
-  ColorMapSize = 1 << BitsPerPixel;
-  if (BitsPerPixel <= 1)
-    InitCodeSize = 2;
-  else
-    InitCodeSize = BitsPerPixel;
-  /*
-   * Write the GIF header.
-   * Note that we generate a plain GIF87 header for maximum compatibility.
-   */
-  putc('G', dinfo->pub.output_file);
-  putc('I', dinfo->pub.output_file);
-  putc('F', dinfo->pub.output_file);
-  putc('8', dinfo->pub.output_file);
-  putc('7', dinfo->pub.output_file);
-  putc('a', dinfo->pub.output_file);
-  /* Write the Logical Screen Descriptor */
-  put_word(dinfo, (unsigned int)dinfo->cinfo->output_width);
-  put_word(dinfo, (unsigned int)dinfo->cinfo->output_height);
-  FlagByte = 0x80;              /* Yes, there is a global color table */
-  FlagByte |= (BitsPerPixel - 1) << 4; /* color resolution */
-  FlagByte |= (BitsPerPixel - 1); /* size of global color table */
-  putc(FlagByte, dinfo->pub.output_file);
-  putc(0, dinfo->pub.output_file); /* Background color index */
-  putc(0, dinfo->pub.output_file); /* Reserved (aspect ratio in GIF89) */
-  /* Write the Global Color Map */
-  /* If the color map is more than 8 bits precision, */
-  /* we reduce it to 8 bits by shifting */
-  for (i = 0; i < ColorMapSize; i++) {
-    if (i < num_colors) {
-      if (colormap != NULL) {
-        if (dinfo->cinfo->out_color_space == JCS_RGB) {
-          /* Normal case: RGB color map */
-          putc(colormap[0][i] >> cshift, dinfo->pub.output_file);
-          putc(colormap[1][i] >> cshift, dinfo->pub.output_file);
-          putc(colormap[2][i] >> cshift, dinfo->pub.output_file);
-        } else {
-          /* Grayscale "color map": possible if quantizing grayscale image */
-          put_3bytes(dinfo, colormap[0][i] >> cshift);
-        }
-      } else {
-        /* Create a grayscale map of num_colors values, range 0..255 */
-        put_3bytes(dinfo, (i * 255 + (num_colors - 1) / 2) / (num_colors - 1));
-      }
-    } else {
-      /* fill out the map to a power of 2 */
-      put_3bytes(dinfo, CENTERJSAMPLE >> cshift);
-    }
-  }
-  /* Write image separator and Image Descriptor */
-  putc(',', dinfo->pub.output_file); /* separator */
-  put_word(dinfo, 0);           /* left/top offset */
-  put_word(dinfo, 0);
-  put_word(dinfo, (unsigned int)dinfo->cinfo->output_width); /* image size */
-  put_word(dinfo, (unsigned int)dinfo->cinfo->output_height);
-  /* flag byte: not interlaced, no local color map */
-  putc(0x00, dinfo->pub.output_file);
-  /* Write Initial Code Size byte */
-  putc(InitCodeSize, dinfo->pub.output_file);
-
-  /* Initialize for compression of image data */
-  compress_init(dinfo, InitCodeSize + 1);
-}
-
-
-/*
- * Startup: write the file header.
- */
-
-METHODDEF(void)
-start_output_gif(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo)
-{
-  gif_dest_ptr dest = (gif_dest_ptr)dinfo;
-
-  if (cinfo->quantize_colors)
-    emit_header(dest, cinfo->actual_number_of_colors, cinfo->colormap);
-  else
-    emit_header(dest, 256, (JSAMPARRAY)NULL);
-}
-
-
-/*
- * Write some pixel data.
- * In this module rows_supplied will always be 1.
- */
-
-
-/*
- * The LZW algorithm proper
- */
-
-METHODDEF(void)
-put_LZW_pixel_rows(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo,
-                   JDIMENSION rows_supplied)
-{
-  gif_dest_ptr dest = (gif_dest_ptr)dinfo;
-  register JSAMPROW ptr;
-  register JDIMENSION col;
-  code_int c;
-  register hash_int i;
-  register hash_int disp;
-  register hash_entry probe_value;
-
-  ptr = dest->pub.buffer[0];
-  for (col = cinfo->output_width; col > 0; col--) {
-    /* Accept and compress one 8-bit byte */
-    c = (code_int)(*ptr++);
-
-    if (dest->first_byte) {     /* need to initialize waiting_code */
-      dest->waiting_code = c;
-      dest->first_byte = FALSE;
-      continue;
-    }
-
-    /* Probe hash table to see if a symbol exists for
-     * waiting_code followed by c.
-     * If so, replace waiting_code by that symbol and continue.
-     */
-    i = ((hash_int)c << (MAX_LZW_BITS - 8)) + dest->waiting_code;
-    /* i is less than twice 2**MAX_LZW_BITS, therefore less than twice HSIZE */
-    if (i >= HSIZE)
-      i -= HSIZE;
-
-    probe_value = HASH_ENTRY(dest->waiting_code, c);
-
-    if (dest->hash_code[i] == 0) {
-      /* hit empty slot; desired symbol not in table */
-      output(dest, dest->waiting_code);
-      if (dest->free_code < LZW_TABLE_SIZE) {
-        dest->hash_code[i] = dest->free_code++; /* add symbol to hashtable */
-        dest->hash_value[i] = probe_value;
-      } else
-        clear_block(dest);
-      dest->waiting_code = c;
-      continue;
-    }
-    if (dest->hash_value[i] == probe_value) {
-      dest->waiting_code = dest->hash_code[i];
-      continue;
-    }
-
-    if (i == 0)                 /* secondary hash (after G. Knott) */
-      disp = 1;
-    else
-      disp = HSIZE - i;
-    for (;;) {
-      i -= disp;
-      if (i < 0)
-        i += HSIZE;
-      if (dest->hash_code[i] == 0) {
-        /* hit empty slot; desired symbol not in table */
-        output(dest, dest->waiting_code);
-        if (dest->free_code < LZW_TABLE_SIZE) {
-          dest->hash_code[i] = dest->free_code++; /* add symbol to hashtable */
-          dest->hash_value[i] = probe_value;
-        } else
-          clear_block(dest);
-        dest->waiting_code = c;
-        break;
-      }
-      if (dest->hash_value[i] == probe_value) {
-        dest->waiting_code = dest->hash_code[i];
-        break;
-      }
-    }
-  }
-}
-
-
-/*
- * The pseudo-compression algorithm.
- *
- * In this version we simply output each pixel value as a separate symbol;
- * thus, no compression occurs.  In fact, there is expansion of one bit per
- * pixel, because we use a symbol width one bit wider than the pixel width.
- *
- * GIF ordinarily uses variable-width symbols, and the decoder will expect
- * to ratchet up the symbol width after a fixed number of symbols.
- * To simplify the logic and keep the expansion penalty down, we emit a
- * GIF Clear code to reset the decoder just before the width would ratchet up.
- * Thus, all the symbols in the output file will have the same bit width.
- * Note that emitting the Clear codes at the right times is a mere matter of
- * counting output symbols and is in no way dependent on the LZW algorithm.
- *
- * With a small basic pixel width (low color count), Clear codes will be
- * needed very frequently, causing the file to expand even more.  So this
- * simplistic approach wouldn't work too well on bilevel images, for example.
- * But for output of JPEG conversions the pixel width will usually be 8 bits
- * (129 to 256 colors), so the overhead added by Clear symbols is only about
- * one symbol in every 256.
- */
-
-METHODDEF(void)
-put_raw_pixel_rows(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo,
-                   JDIMENSION rows_supplied)
-{
-  gif_dest_ptr dest = (gif_dest_ptr)dinfo;
-  register JSAMPROW ptr;
-  register JDIMENSION col;
-  code_int c;
-
-  ptr = dest->pub.buffer[0];
-  for (col = cinfo->output_width; col > 0; col--) {
-    c = (code_int)(*ptr++);
-    /* Accept and output one pixel value.
-     * The given value must be less than n_bits wide.
-     */
-
-    /* Output the given pixel value as a symbol. */
-    output(dest, c);
-    /* Issue Clear codes often enough to keep the reader from ratcheting up
-     * its symbol size.
-     */
-    if (dest->code_counter < dest->maxcode) {
-      dest->code_counter++;
-    } else {
-      output(dest, dest->ClearCode);
-      dest->code_counter = dest->ClearCode + 2; /* reset the counter */
-    }
-  }
-}
-
-
-/*
- * Finish up at the end of the file.
- */
-
-METHODDEF(void)
-finish_output_gif(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo)
-{
-  gif_dest_ptr dest = (gif_dest_ptr)dinfo;
-
-  /* Flush compression mechanism */
-  compress_term(dest);
-  /* Write a zero-length data block to end the series */
-  putc(0, dest->pub.output_file);
-  /* Write the GIF terminator mark */
-  putc(';', dest->pub.output_file);
-  /* Make sure we wrote the output file OK */
-  fflush(dest->pub.output_file);
-  if (ferror(dest->pub.output_file))
-    ERREXIT(cinfo, JERR_FILE_WRITE);
-}
-
-
-/*
- * Re-calculate buffer dimensions based on output dimensions.
- */
-
-METHODDEF(void)
-calc_buffer_dimensions_gif(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo)
-{
-}
-
-
-/*
- * The module selection routine for GIF format output.
- */
-
-GLOBAL(djpeg_dest_ptr)
-jinit_write_gif(j_decompress_ptr cinfo, boolean is_lzw)
-{
-  gif_dest_ptr dest;
-
-  /* Create module interface object, fill in method pointers */
-  dest = (gif_dest_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(gif_dest_struct));
-  dest->cinfo = cinfo;          /* make back link for subroutines */
-  dest->pub.start_output = start_output_gif;
-  dest->pub.finish_output = finish_output_gif;
-  dest->pub.calc_buffer_dimensions = calc_buffer_dimensions_gif;
-
-  if (cinfo->out_color_space != JCS_GRAYSCALE &&
-      cinfo->out_color_space != JCS_RGB)
-    ERREXIT(cinfo, JERR_GIF_COLORSPACE);
-
-  /* Force quantization if color or if > 8 bits input */
-  if (cinfo->out_color_space != JCS_GRAYSCALE || cinfo->data_precision > 8) {
-    /* Force quantization to at most 256 colors */
-    cinfo->quantize_colors = TRUE;
-    if (cinfo->desired_number_of_colors > 256)
-      cinfo->desired_number_of_colors = 256;
-  }
-
-  /* Calculate output image dimensions so we can allocate space */
-  jpeg_calc_output_dimensions(cinfo);
-
-  if (cinfo->output_components != 1) /* safety check: just one component? */
-    ERREXIT(cinfo, JERR_GIF_BUG);
-
-  /* Create decompressor output buffer. */
-  dest->pub.buffer = (*cinfo->mem->alloc_sarray)
-    ((j_common_ptr)cinfo, JPOOL_IMAGE, cinfo->output_width, (JDIMENSION)1);
-  dest->pub.buffer_height = 1;
-
-  if (is_lzw) {
-    dest->pub.put_pixel_rows = put_LZW_pixel_rows;
-    /* Allocate space for hash table */
-    dest->hash_code = (code_int *)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                  HSIZE * sizeof(code_int));
-    dest->hash_value = (hash_entry *)
-      (*cinfo->mem->alloc_large) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                  HSIZE * sizeof(hash_entry));
-  } else {
-    dest->pub.put_pixel_rows = put_raw_pixel_rows;
-    /* Mark tables unused */
-    dest->hash_code = NULL;
-    dest->hash_value = NULL;
-  }
-
-  return (djpeg_dest_ptr)dest;
-}
-
-#endif /* GIF_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/wrjpgcom.1 b/3rdparty/libjpeg-turbo_2_1_0/wrjpgcom.1
deleted file mode 100644
index a255cab..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/wrjpgcom.1
+++ /dev/null
@@ -1,103 +0,0 @@
-.TH WRJPGCOM 1 "15 June 1995"
-.SH NAME
-wrjpgcom \- insert text comments into a JPEG file
-.SH SYNOPSIS
-.B wrjpgcom
-[
-.B \-replace
-]
-[
-.BI \-comment " text"
-]
-[
-.BI \-cfile " name"
-]
-[
-.I filename
-]
-.LP
-.SH DESCRIPTION
-.LP
-.B wrjpgcom
-reads the named JPEG/JFIF file, or the standard input if no file is named,
-and generates a new JPEG/JFIF file on standard output.  A comment block is
-added to the file.
-.PP
-The JPEG standard allows "comment" (COM) blocks to occur within a JPEG file.
-Although the standard doesn't actually define what COM blocks are for, they
-are widely used to hold user-supplied text strings.  This lets you add
-annotations, titles, index terms, etc to your JPEG files, and later retrieve
-them as text.  COM blocks do not interfere with the image stored in the JPEG
-file.  The maximum size of a COM block is 64K, but you can have as many of
-them as you like in one JPEG file.
-.PP
-.B wrjpgcom
-adds a COM block, containing text you provide, to a JPEG file.
-Ordinarily, the COM block is added after any existing COM blocks; but you
-can delete the old COM blocks if you wish.
-.SH OPTIONS
-Switch names may be abbreviated, and are not case sensitive.
-.TP
-.B \-replace
-Delete any existing COM blocks from the file.
-.TP
-.BI \-comment " text"
-Supply text for new COM block on command line.
-.TP
-.BI \-cfile " name"
-Read text for new COM block from named file.
-.PP
-If you have only one line of comment text to add, you can provide it on the
-command line with
-.BR \-comment .
-The comment text must be surrounded with quotes so that it is treated as a
-single argument.  Longer comments can be read from a text file.
-.PP
-If you give neither
-.B \-comment
-nor
-.BR \-cfile,
-then
-.B wrjpgcom
-will read the comment text from standard input.  (In this case an input image
-file name MUST be supplied, so that the source JPEG file comes from somewhere
-else.)  You can enter multiple lines, up to 64KB worth.  Type an end-of-file
-indicator (usually control-D) to terminate the comment text entry.
-.PP
-.B wrjpgcom
-will not add a COM block if the provided comment string is empty.  Therefore
-\fB\-replace \-comment ""\fR can be used to delete all COM blocks from a file.
-.SH EXAMPLES
-.LP
-Add a short comment to in.jpg, producing out.jpg:
-.IP
-.B wrjpgcom \-c
-\fI"View of my back yard" in.jpg
-.B >
-.I out.jpg
-.PP
-Attach a long comment previously stored in comment.txt:
-.IP
-.B wrjpgcom
-.I in.jpg
-.B <
-.I comment.txt
-.B >
-.I out.jpg
-.PP
-or equivalently
-.IP
-.B wrjpgcom
-.B -cfile
-.I comment.txt
-.B <
-.I in.jpg
-.B >
-.I out.jpg
-.SH SEE ALSO
-.BR cjpeg (1),
-.BR djpeg (1),
-.BR jpegtran (1),
-.BR rdjpgcom (1)
-.SH AUTHOR
-Independent JPEG Group
diff --git a/3rdparty/libjpeg-turbo_2_1_0/wrjpgcom.c b/3rdparty/libjpeg-turbo_2_1_0/wrjpgcom.c
deleted file mode 100644
index 8a4e741..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/wrjpgcom.c
+++ /dev/null
@@ -1,591 +0,0 @@
-/*
- * wrjpgcom.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1994-1997, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2014, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains a very simple stand-alone application that inserts
- * user-supplied text as a COM (comment) marker in a JFIF file.
- * This may be useful as an example of the minimum logic needed to parse
- * JPEG markers.
- */
-
-#define JPEG_CJPEG_DJPEG        /* to get the command-line config symbols */
-#include "jinclude.h"           /* get auto-config symbols, <stdio.h> */
-
-#ifndef HAVE_STDLIB_H           /* <stdlib.h> should declare malloc() */
-extern void *malloc();
-#endif
-#include <ctype.h>              /* to declare isupper(), tolower() */
-#ifdef USE_SETMODE
-#include <fcntl.h>              /* to declare setmode()'s parameter macros */
-/* If you have setmode() but not <io.h>, just delete this line: */
-#include <io.h>                 /* to declare setmode() */
-#endif
-
-#ifdef USE_CCOMMAND             /* command-line reader for Macintosh */
-#ifdef __MWERKS__
-#include <SIOUX.h>              /* Metrowerks needs this */
-#include <console.h>            /* ... and this */
-#endif
-#ifdef THINK_C
-#include <console.h>            /* Think declares it here */
-#endif
-#endif
-
-#ifdef DONT_USE_B_MODE          /* define mode parameters for fopen() */
-#define READ_BINARY     "r"
-#define WRITE_BINARY    "w"
-#else
-#define READ_BINARY     "rb"
-#define WRITE_BINARY    "wb"
-#endif
-
-#ifndef EXIT_FAILURE            /* define exit() codes if not provided */
-#define EXIT_FAILURE  1
-#endif
-#ifndef EXIT_SUCCESS
-#define EXIT_SUCCESS  0
-#endif
-
-/* Reduce this value if your malloc() can't allocate blocks up to 64K.
- * On DOS, compiling in large model is usually a better solution.
- */
-
-#ifndef MAX_COM_LENGTH
-#define MAX_COM_LENGTH  65000L  /* must be <= 65533 in any case */
-#endif
-
-
-/*
- * These macros are used to read the input file and write the output file.
- * To reuse this code in another application, you might need to change these.
- */
-
-static FILE *infile;            /* input JPEG file */
-
-/* Return next input byte, or EOF if no more */
-#define NEXTBYTE()  getc(infile)
-
-static FILE *outfile;           /* output JPEG file */
-
-/* Emit an output byte */
-#define PUTBYTE(x)  putc((x), outfile)
-
-
-/* Error exit handler */
-#define ERREXIT(msg)  (fprintf(stderr, "%s\n", msg), exit(EXIT_FAILURE))
-
-
-/* Read one byte, testing for EOF */
-static int
-read_1_byte(void)
-{
-  int c;
-
-  c = NEXTBYTE();
-  if (c == EOF)
-    ERREXIT("Premature EOF in JPEG file");
-  return c;
-}
-
-/* Read 2 bytes, convert to unsigned int */
-/* All 2-byte quantities in JPEG markers are MSB first */
-static unsigned int
-read_2_bytes(void)
-{
-  int c1, c2;
-
-  c1 = NEXTBYTE();
-  if (c1 == EOF)
-    ERREXIT("Premature EOF in JPEG file");
-  c2 = NEXTBYTE();
-  if (c2 == EOF)
-    ERREXIT("Premature EOF in JPEG file");
-  return (((unsigned int)c1) << 8) + ((unsigned int)c2);
-}
-
-
-/* Routines to write data to output file */
-
-static void
-write_1_byte(int c)
-{
-  PUTBYTE(c);
-}
-
-static void
-write_2_bytes(unsigned int val)
-{
-  PUTBYTE((val >> 8) & 0xFF);
-  PUTBYTE(val & 0xFF);
-}
-
-static void
-write_marker(int marker)
-{
-  PUTBYTE(0xFF);
-  PUTBYTE(marker);
-}
-
-static void
-copy_rest_of_file(void)
-{
-  int c;
-
-  while ((c = NEXTBYTE()) != EOF)
-    PUTBYTE(c);
-}
-
-
-/*
- * JPEG markers consist of one or more 0xFF bytes, followed by a marker
- * code byte (which is not an FF).  Here are the marker codes of interest
- * in this program.  (See jdmarker.c for a more complete list.)
- */
-
-#define M_SOF0   0xC0           /* Start Of Frame N */
-#define M_SOF1   0xC1           /* N indicates which compression process */
-#define M_SOF2   0xC2           /* Only SOF0-SOF2 are now in common use */
-#define M_SOF3   0xC3
-#define M_SOF5   0xC5           /* NB: codes C4 and CC are NOT SOF markers */
-#define M_SOF6   0xC6
-#define M_SOF7   0xC7
-#define M_SOF9   0xC9
-#define M_SOF10  0xCA
-#define M_SOF11  0xCB
-#define M_SOF13  0xCD
-#define M_SOF14  0xCE
-#define M_SOF15  0xCF
-#define M_SOI    0xD8           /* Start Of Image (beginning of datastream) */
-#define M_EOI    0xD9           /* End Of Image (end of datastream) */
-#define M_SOS    0xDA           /* Start Of Scan (begins compressed data) */
-#define M_COM    0xFE           /* COMment */
-
-
-/*
- * Find the next JPEG marker and return its marker code.
- * We expect at least one FF byte, possibly more if the compressor used FFs
- * to pad the file.  (Padding FFs will NOT be replicated in the output file.)
- * There could also be non-FF garbage between markers.  The treatment of such
- * garbage is unspecified; we choose to skip over it but emit a warning msg.
- * NB: this routine must not be used after seeing SOS marker, since it will
- * not deal correctly with FF/00 sequences in the compressed image data...
- */
-
-static int
-next_marker(void)
-{
-  int c;
-  int discarded_bytes = 0;
-
-  /* Find 0xFF byte; count and skip any non-FFs. */
-  c = read_1_byte();
-  while (c != 0xFF) {
-    discarded_bytes++;
-    c = read_1_byte();
-  }
-  /* Get marker code byte, swallowing any duplicate FF bytes.  Extra FFs
-   * are legal as pad bytes, so don't count them in discarded_bytes.
-   */
-  do {
-    c = read_1_byte();
-  } while (c == 0xFF);
-
-  if (discarded_bytes != 0) {
-    fprintf(stderr, "Warning: garbage data found in JPEG file\n");
-  }
-
-  return c;
-}
-
-
-/*
- * Read the initial marker, which should be SOI.
- * For a JFIF file, the first two bytes of the file should be literally
- * 0xFF M_SOI.  To be more general, we could use next_marker, but if the
- * input file weren't actually JPEG at all, next_marker might read the whole
- * file and then return a misleading error message...
- */
-
-static int
-first_marker(void)
-{
-  int c1, c2;
-
-  c1 = NEXTBYTE();
-  c2 = NEXTBYTE();
-  if (c1 != 0xFF || c2 != M_SOI)
-    ERREXIT("Not a JPEG file");
-  return c2;
-}
-
-
-/*
- * Most types of marker are followed by a variable-length parameter segment.
- * This routine skips over the parameters for any marker we don't otherwise
- * want to process.
- * Note that we MUST skip the parameter segment explicitly in order not to
- * be fooled by 0xFF bytes that might appear within the parameter segment;
- * such bytes do NOT introduce new markers.
- */
-
-static void
-copy_variable(void)
-/* Copy an unknown or uninteresting variable-length marker */
-{
-  unsigned int length;
-
-  /* Get the marker parameter length count */
-  length = read_2_bytes();
-  write_2_bytes(length);
-  /* Length includes itself, so must be at least 2 */
-  if (length < 2)
-    ERREXIT("Erroneous JPEG marker length");
-  length -= 2;
-  /* Copy the remaining bytes */
-  while (length > 0) {
-    write_1_byte(read_1_byte());
-    length--;
-  }
-}
-
-static void
-skip_variable(void)
-/* Skip over an unknown or uninteresting variable-length marker */
-{
-  unsigned int length;
-
-  /* Get the marker parameter length count */
-  length = read_2_bytes();
-  /* Length includes itself, so must be at least 2 */
-  if (length < 2)
-    ERREXIT("Erroneous JPEG marker length");
-  length -= 2;
-  /* Skip over the remaining bytes */
-  while (length > 0) {
-    (void)read_1_byte();
-    length--;
-  }
-}
-
-
-/*
- * Parse the marker stream until SOFn or EOI is seen;
- * copy data to output, but discard COM markers unless keep_COM is true.
- */
-
-static int
-scan_JPEG_header(int keep_COM)
-{
-  int marker;
-
-  /* Expect SOI at start of file */
-  if (first_marker() != M_SOI)
-    ERREXIT("Expected SOI marker first");
-  write_marker(M_SOI);
-
-  /* Scan miscellaneous markers until we reach SOFn. */
-  for (;;) {
-    marker = next_marker();
-    switch (marker) {
-      /* Note that marker codes 0xC4, 0xC8, 0xCC are not, and must not be,
-       * treated as SOFn.  C4 in particular is actually DHT.
-       */
-    case M_SOF0:                /* Baseline */
-    case M_SOF1:                /* Extended sequential, Huffman */
-    case M_SOF2:                /* Progressive, Huffman */
-    case M_SOF3:                /* Lossless, Huffman */
-    case M_SOF5:                /* Differential sequential, Huffman */
-    case M_SOF6:                /* Differential progressive, Huffman */
-    case M_SOF7:                /* Differential lossless, Huffman */
-    case M_SOF9:                /* Extended sequential, arithmetic */
-    case M_SOF10:               /* Progressive, arithmetic */
-    case M_SOF11:               /* Lossless, arithmetic */
-    case M_SOF13:               /* Differential sequential, arithmetic */
-    case M_SOF14:               /* Differential progressive, arithmetic */
-    case M_SOF15:               /* Differential lossless, arithmetic */
-      return marker;
-
-    case M_SOS:                 /* should not see compressed data before SOF */
-      ERREXIT("SOS without prior SOFn");
-      break;
-
-    case M_EOI:                 /* in case it's a tables-only JPEG stream */
-      return marker;
-
-    case M_COM:                 /* Existing COM: conditionally discard */
-      if (keep_COM) {
-        write_marker(marker);
-        copy_variable();
-      } else {
-        skip_variable();
-      }
-      break;
-
-    default:                    /* Anything else just gets copied */
-      write_marker(marker);
-      copy_variable();          /* we assume it has a parameter count... */
-      break;
-    }
-  } /* end loop */
-}
-
-
-/* Command line parsing code */
-
-static const char *progname;    /* program name for error messages */
-
-
-static void
-usage(void)
-/* complain about bad command line */
-{
-  fprintf(stderr, "wrjpgcom inserts a textual comment in a JPEG file.\n");
-  fprintf(stderr, "You can add to or replace any existing comment(s).\n");
-
-  fprintf(stderr, "Usage: %s [switches] ", progname);
-#ifdef TWO_FILE_COMMANDLINE
-  fprintf(stderr, "inputfile outputfile\n");
-#else
-  fprintf(stderr, "[inputfile]\n");
-#endif
-
-  fprintf(stderr, "Switches (names may be abbreviated):\n");
-  fprintf(stderr, "  -replace         Delete any existing comments\n");
-  fprintf(stderr, "  -comment \"text\"  Insert comment with given text\n");
-  fprintf(stderr, "  -cfile name      Read comment from named file\n");
-  fprintf(stderr, "Notice that you must put quotes around the comment text\n");
-  fprintf(stderr, "when you use -comment.\n");
-  fprintf(stderr, "If you do not give either -comment or -cfile on the command line,\n");
-  fprintf(stderr, "then the comment text is read from standard input.\n");
-  fprintf(stderr, "It can be multiple lines, up to %u characters total.\n",
-          (unsigned int)MAX_COM_LENGTH);
-#ifndef TWO_FILE_COMMANDLINE
-  fprintf(stderr, "You must specify an input JPEG file name when supplying\n");
-  fprintf(stderr, "comment text from standard input.\n");
-#endif
-
-  exit(EXIT_FAILURE);
-}
-
-
-static int
-keymatch(char *arg, const char *keyword, int minchars)
-/* Case-insensitive matching of (possibly abbreviated) keyword switches. */
-/* keyword is the constant keyword (must be lower case already), */
-/* minchars is length of minimum legal abbreviation. */
-{
-  register int ca, ck;
-  register int nmatched = 0;
-
-  while ((ca = *arg++) != '\0') {
-    if ((ck = *keyword++) == '\0')
-      return 0;                 /* arg longer than keyword, no good */
-    if (isupper(ca))            /* force arg to lcase (assume ck is already) */
-      ca = tolower(ca);
-    if (ca != ck)
-      return 0;                 /* no good */
-    nmatched++;                 /* count matched characters */
-  }
-  /* reached end of argument; fail if it's too short for unique abbrev */
-  if (nmatched < minchars)
-    return 0;
-  return 1;                     /* A-OK */
-}
-
-
-/*
- * The main program.
- */
-
-int
-main(int argc, char **argv)
-{
-  int argn;
-  char *arg;
-  int keep_COM = 1;
-  char *comment_arg = NULL;
-  FILE *comment_file = NULL;
-  unsigned int comment_length = 0;
-  int marker;
-
-  /* On Mac, fetch a command line. */
-#ifdef USE_CCOMMAND
-  argc = ccommand(&argv);
-#endif
-
-  progname = argv[0];
-  if (progname == NULL || progname[0] == 0)
-    progname = "wrjpgcom";      /* in case C library doesn't provide it */
-
-  /* Parse switches, if any */
-  for (argn = 1; argn < argc; argn++) {
-    arg = argv[argn];
-    if (arg[0] != '-')
-      break;                    /* not switch, must be file name */
-    arg++;                      /* advance over '-' */
-    if (keymatch(arg, "replace", 1)) {
-      keep_COM = 0;
-    } else if (keymatch(arg, "cfile", 2)) {
-      if (++argn >= argc) usage();
-      if ((comment_file = fopen(argv[argn], "r")) == NULL) {
-        fprintf(stderr, "%s: can't open %s\n", progname, argv[argn]);
-        exit(EXIT_FAILURE);
-      }
-    } else if (keymatch(arg, "comment", 1)) {
-      if (++argn >= argc) usage();
-      comment_arg = argv[argn];
-      /* If the comment text starts with '"', then we are probably running
-       * under MS-DOG and must parse out the quoted string ourselves.  Sigh.
-       */
-      if (comment_arg[0] == '"') {
-        comment_arg = (char *)malloc((size_t)MAX_COM_LENGTH);
-        if (comment_arg == NULL)
-          ERREXIT("Insufficient memory");
-        if (strlen(argv[argn]) + 2 >= (size_t)MAX_COM_LENGTH) {
-          fprintf(stderr, "Comment text may not exceed %u bytes\n",
-                  (unsigned int)MAX_COM_LENGTH);
-          exit(EXIT_FAILURE);
-        }
-        strcpy(comment_arg, argv[argn] + 1);
-        for (;;) {
-          comment_length = (unsigned int)strlen(comment_arg);
-          if (comment_length > 0 && comment_arg[comment_length - 1] == '"') {
-            comment_arg[comment_length - 1] = '\0'; /* zap terminating quote */
-            break;
-          }
-          if (++argn >= argc)
-            ERREXIT("Missing ending quote mark");
-          if (strlen(comment_arg) + strlen(argv[argn]) + 2 >=
-              (size_t)MAX_COM_LENGTH) {
-            fprintf(stderr, "Comment text may not exceed %u bytes\n",
-                    (unsigned int)MAX_COM_LENGTH);
-            exit(EXIT_FAILURE);
-          }
-          strcat(comment_arg, " ");
-          strcat(comment_arg, argv[argn]);
-        }
-      } else if (strlen(argv[argn]) >= (size_t)MAX_COM_LENGTH) {
-        fprintf(stderr, "Comment text may not exceed %u bytes\n",
-                (unsigned int)MAX_COM_LENGTH);
-        exit(EXIT_FAILURE);
-      }
-      comment_length = (unsigned int)strlen(comment_arg);
-    } else
-      usage();
-  }
-
-  /* Cannot use both -comment and -cfile. */
-  if (comment_arg != NULL && comment_file != NULL)
-    usage();
-  /* If there is neither -comment nor -cfile, we will read the comment text
-   * from stdin; in this case there MUST be an input JPEG file name.
-   */
-  if (comment_arg == NULL && comment_file == NULL && argn >= argc)
-    usage();
-
-  /* Open the input file. */
-  if (argn < argc) {
-    if ((infile = fopen(argv[argn], READ_BINARY)) == NULL) {
-      fprintf(stderr, "%s: can't open %s\n", progname, argv[argn]);
-      exit(EXIT_FAILURE);
-    }
-  } else {
-    /* default input file is stdin */
-#ifdef USE_SETMODE              /* need to hack file mode? */
-    setmode(fileno(stdin), O_BINARY);
-#endif
-#ifdef USE_FDOPEN               /* need to re-open in binary mode? */
-    if ((infile = fdopen(fileno(stdin), READ_BINARY)) == NULL) {
-      fprintf(stderr, "%s: can't open stdin\n", progname);
-      exit(EXIT_FAILURE);
-    }
-#else
-    infile = stdin;
-#endif
-  }
-
-  /* Open the output file. */
-#ifdef TWO_FILE_COMMANDLINE
-  /* Must have explicit output file name */
-  if (argn != argc - 2) {
-    fprintf(stderr, "%s: must name one input and one output file\n", progname);
-    usage();
-  }
-  if ((outfile = fopen(argv[argn + 1], WRITE_BINARY)) == NULL) {
-    fprintf(stderr, "%s: can't open %s\n", progname, argv[argn + 1]);
-    exit(EXIT_FAILURE);
-  }
-#else
-  /* Unix style: expect zero or one file name */
-  if (argn < argc - 1) {
-    fprintf(stderr, "%s: only one input file\n", progname);
-    usage();
-  }
-  /* default output file is stdout */
-#ifdef USE_SETMODE              /* need to hack file mode? */
-  setmode(fileno(stdout), O_BINARY);
-#endif
-#ifdef USE_FDOPEN               /* need to re-open in binary mode? */
-  if ((outfile = fdopen(fileno(stdout), WRITE_BINARY)) == NULL) {
-    fprintf(stderr, "%s: can't open stdout\n", progname);
-    exit(EXIT_FAILURE);
-  }
-#else
-  outfile = stdout;
-#endif
-#endif /* TWO_FILE_COMMANDLINE */
-
-  /* Collect comment text from comment_file or stdin, if necessary */
-  if (comment_arg == NULL) {
-    FILE *src_file;
-    int c;
-
-    comment_arg = (char *)malloc((size_t)MAX_COM_LENGTH);
-    if (comment_arg == NULL)
-      ERREXIT("Insufficient memory");
-    comment_length = 0;
-    src_file = (comment_file != NULL ? comment_file : stdin);
-    while ((c = getc(src_file)) != EOF) {
-      if (comment_length >= (unsigned int)MAX_COM_LENGTH) {
-        fprintf(stderr, "Comment text may not exceed %u bytes\n",
-                (unsigned int)MAX_COM_LENGTH);
-        exit(EXIT_FAILURE);
-      }
-      comment_arg[comment_length++] = (char)c;
-    }
-    if (comment_file != NULL)
-      fclose(comment_file);
-  }
-
-  /* Copy JPEG headers until SOFn marker;
-   * we will insert the new comment marker just before SOFn.
-   * This (a) causes the new comment to appear after, rather than before,
-   * existing comments; and (b) ensures that comments come after any JFIF
-   * or JFXX markers, as required by the JFIF specification.
-   */
-  marker = scan_JPEG_header(keep_COM);
-  /* Insert the new COM marker, but only if nonempty text has been supplied */
-  if (comment_length > 0) {
-    write_marker(M_COM);
-    write_2_bytes(comment_length + 2);
-    while (comment_length > 0) {
-      write_1_byte(*comment_arg++);
-      comment_length--;
-    }
-  }
-  /* Duplicate the remainder of the source file.
-   * Note that any COM markers occurring after SOF will not be touched.
-   */
-  write_marker(marker);
-  copy_rest_of_file();
-
-  /* All done. */
-  exit(EXIT_SUCCESS);
-  return 0;                     /* suppress no-return-value warnings */
-}
diff --git a/3rdparty/libjpeg-turbo_2_1_0/wrppm.c b/3rdparty/libjpeg-turbo_2_1_0/wrppm.c
deleted file mode 100644
index 3081ec3..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/wrppm.c
+++ /dev/null
@@ -1,366 +0,0 @@
-/*
- * wrppm.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1996, Thomas G. Lane.
- * Modified 2009 by Guido Vollbeding.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2017, 2019-2020, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains routines to write output images in PPM/PGM format.
- * The extended 2-byte-per-sample raw PPM/PGM formats are supported.
- * The PBMPLUS library is NOT required to compile this software
- * (but it is highly useful as a set of PPM image manipulation programs).
- *
- * These routines may need modification for non-Unix environments or
- * specialized applications.  As they stand, they assume output to
- * an ordinary stdio stream.
- */
-
-#include "cmyk.h"
-#include "cdjpeg.h"             /* Common decls for cjpeg/djpeg applications */
-
-#ifdef PPM_SUPPORTED
-
-
-/*
- * For 12-bit JPEG data, we either downscale the values to 8 bits
- * (to write standard byte-per-sample PPM/PGM files), or output
- * nonstandard word-per-sample PPM/PGM files.  Downscaling is done
- * if PPM_NORAWWORD is defined (this can be done in the Makefile
- * or in jconfig.h).
- * (When the core library supports data precision reduction, a cleaner
- * implementation will be to ask for that instead.)
- */
-
-#if BITS_IN_JSAMPLE == 8
-#define PUTPPMSAMPLE(ptr, v)  *ptr++ = (char)(v)
-#define BYTESPERSAMPLE  1
-#define PPM_MAXVAL  255
-#else
-#ifdef PPM_NORAWWORD
-#define PUTPPMSAMPLE(ptr, v)  *ptr++ = (char)((v) >> (BITS_IN_JSAMPLE - 8))
-#define BYTESPERSAMPLE  1
-#define PPM_MAXVAL  255
-#else
-/* The word-per-sample format always puts the MSB first. */
-#define PUTPPMSAMPLE(ptr, v) { \
-  register int val_ = v; \
-  *ptr++ = (char)((val_ >> 8) & 0xFF); \
-  *ptr++ = (char)(val_ & 0xFF); \
-}
-#define BYTESPERSAMPLE  2
-#define PPM_MAXVAL  ((1 << BITS_IN_JSAMPLE) - 1)
-#endif
-#endif
-
-
-/*
- * When JSAMPLE is the same size as char, we can just fwrite() the
- * decompressed data to the PPM or PGM file.
- */
-
-
-/* Private version of data destination object */
-
-typedef struct {
-  struct djpeg_dest_struct pub; /* public fields */
-
-  /* Usually these two pointers point to the same place: */
-  char *iobuffer;               /* fwrite's I/O buffer */
-  JSAMPROW pixrow;              /* decompressor output buffer */
-  size_t buffer_width;          /* width of I/O buffer */
-  JDIMENSION samples_per_row;   /* JSAMPLEs per output row */
-} ppm_dest_struct;
-
-typedef ppm_dest_struct *ppm_dest_ptr;
-
-
-/*
- * Write some pixel data.
- * In this module rows_supplied will always be 1.
- *
- * put_pixel_rows handles the "normal" 8-bit case where the decompressor
- * output buffer is physically the same as the fwrite buffer.
- */
-
-METHODDEF(void)
-put_pixel_rows(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo,
-               JDIMENSION rows_supplied)
-{
-  ppm_dest_ptr dest = (ppm_dest_ptr)dinfo;
-
-  (void)JFWRITE(dest->pub.output_file, dest->iobuffer, dest->buffer_width);
-}
-
-
-/*
- * This code is used when we have to copy the data and apply a pixel
- * format translation.  Typically this only happens in 12-bit mode.
- */
-
-METHODDEF(void)
-copy_pixel_rows(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo,
-                JDIMENSION rows_supplied)
-{
-  ppm_dest_ptr dest = (ppm_dest_ptr)dinfo;
-  register char *bufferptr;
-  register JSAMPROW ptr;
-#if BITS_IN_JSAMPLE != 8
-  register JDIMENSION col;
-#endif
-
-  ptr = dest->pub.buffer[0];
-  bufferptr = dest->iobuffer;
-#if BITS_IN_JSAMPLE == 8
-  MEMCOPY(bufferptr, ptr, dest->samples_per_row);
-#else
-  for (col = dest->samples_per_row; col > 0; col--) {
-    PUTPPMSAMPLE(bufferptr, *ptr++);
-  }
-#endif
-  (void)JFWRITE(dest->pub.output_file, dest->iobuffer, dest->buffer_width);
-}
-
-
-/*
- * Convert extended RGB to RGB.
- */
-
-METHODDEF(void)
-put_rgb(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo, JDIMENSION rows_supplied)
-{
-  ppm_dest_ptr dest = (ppm_dest_ptr)dinfo;
-  register char *bufferptr;
-  register JSAMPROW ptr;
-  register JDIMENSION col;
-  register int rindex = rgb_red[cinfo->out_color_space];
-  register int gindex = rgb_green[cinfo->out_color_space];
-  register int bindex = rgb_blue[cinfo->out_color_space];
-  register int ps = rgb_pixelsize[cinfo->out_color_space];
-
-  ptr = dest->pub.buffer[0];
-  bufferptr = dest->iobuffer;
-  for (col = cinfo->output_width; col > 0; col--) {
-    PUTPPMSAMPLE(bufferptr, ptr[rindex]);
-    PUTPPMSAMPLE(bufferptr, ptr[gindex]);
-    PUTPPMSAMPLE(bufferptr, ptr[bindex]);
-    ptr += ps;
-  }
-  (void)JFWRITE(dest->pub.output_file, dest->iobuffer, dest->buffer_width);
-}
-
-
-/*
- * Convert CMYK to RGB.
- */
-
-METHODDEF(void)
-put_cmyk(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo,
-         JDIMENSION rows_supplied)
-{
-  ppm_dest_ptr dest = (ppm_dest_ptr)dinfo;
-  register char *bufferptr;
-  register JSAMPROW ptr;
-  register JDIMENSION col;
-
-  ptr = dest->pub.buffer[0];
-  bufferptr = dest->iobuffer;
-  for (col = cinfo->output_width; col > 0; col--) {
-    JSAMPLE r, g, b, c = *ptr++, m = *ptr++, y = *ptr++, k = *ptr++;
-    cmyk_to_rgb(c, m, y, k, &r, &g, &b);
-    PUTPPMSAMPLE(bufferptr, r);
-    PUTPPMSAMPLE(bufferptr, g);
-    PUTPPMSAMPLE(bufferptr, b);
-  }
-  (void)JFWRITE(dest->pub.output_file, dest->iobuffer, dest->buffer_width);
-}
-
-
-/*
- * Write some pixel data when color quantization is in effect.
- * We have to demap the color index values to straight data.
- */
-
-METHODDEF(void)
-put_demapped_rgb(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo,
-                 JDIMENSION rows_supplied)
-{
-  ppm_dest_ptr dest = (ppm_dest_ptr)dinfo;
-  register char *bufferptr;
-  register int pixval;
-  register JSAMPROW ptr;
-  register JSAMPROW color_map0 = cinfo->colormap[0];
-  register JSAMPROW color_map1 = cinfo->colormap[1];
-  register JSAMPROW color_map2 = cinfo->colormap[2];
-  register JDIMENSION col;
-
-  ptr = dest->pub.buffer[0];
-  bufferptr = dest->iobuffer;
-  for (col = cinfo->output_width; col > 0; col--) {
-    pixval = *ptr++;
-    PUTPPMSAMPLE(bufferptr, color_map0[pixval]);
-    PUTPPMSAMPLE(bufferptr, color_map1[pixval]);
-    PUTPPMSAMPLE(bufferptr, color_map2[pixval]);
-  }
-  (void)JFWRITE(dest->pub.output_file, dest->iobuffer, dest->buffer_width);
-}
-
-
-METHODDEF(void)
-put_demapped_gray(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo,
-                  JDIMENSION rows_supplied)
-{
-  ppm_dest_ptr dest = (ppm_dest_ptr)dinfo;
-  register char *bufferptr;
-  register JSAMPROW ptr;
-  register JSAMPROW color_map = cinfo->colormap[0];
-  register JDIMENSION col;
-
-  ptr = dest->pub.buffer[0];
-  bufferptr = dest->iobuffer;
-  for (col = cinfo->output_width; col > 0; col--) {
-    PUTPPMSAMPLE(bufferptr, color_map[*ptr++]);
-  }
-  (void)JFWRITE(dest->pub.output_file, dest->iobuffer, dest->buffer_width);
-}
-
-
-/*
- * Startup: write the file header.
- */
-
-METHODDEF(void)
-start_output_ppm(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo)
-{
-  ppm_dest_ptr dest = (ppm_dest_ptr)dinfo;
-
-  /* Emit file header */
-  switch (cinfo->out_color_space) {
-  case JCS_GRAYSCALE:
-    /* emit header for raw PGM format */
-    fprintf(dest->pub.output_file, "P5\n%ld %ld\n%d\n",
-            (long)cinfo->output_width, (long)cinfo->output_height, PPM_MAXVAL);
-    break;
-  case JCS_RGB:
-  case JCS_EXT_RGB:
-  case JCS_EXT_RGBX:
-  case JCS_EXT_BGR:
-  case JCS_EXT_BGRX:
-  case JCS_EXT_XBGR:
-  case JCS_EXT_XRGB:
-  case JCS_EXT_RGBA:
-  case JCS_EXT_BGRA:
-  case JCS_EXT_ABGR:
-  case JCS_EXT_ARGB:
-  case JCS_CMYK:
-    if (!IsExtRGB(cinfo->out_color_space) && cinfo->quantize_colors)
-      ERREXIT(cinfo, JERR_PPM_COLORSPACE);
-    /* emit header for raw PPM format */
-    fprintf(dest->pub.output_file, "P6\n%ld %ld\n%d\n",
-            (long)cinfo->output_width, (long)cinfo->output_height, PPM_MAXVAL);
-    break;
-  default:
-    ERREXIT(cinfo, JERR_PPM_COLORSPACE);
-  }
-}
-
-
-/*
- * Finish up at the end of the file.
- */
-
-METHODDEF(void)
-finish_output_ppm(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo)
-{
-  /* Make sure we wrote the output file OK */
-  fflush(dinfo->output_file);
-  if (ferror(dinfo->output_file))
-    ERREXIT(cinfo, JERR_FILE_WRITE);
-}
-
-
-/*
- * Re-calculate buffer dimensions based on output dimensions.
- */
-
-METHODDEF(void)
-calc_buffer_dimensions_ppm(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo)
-{
-  ppm_dest_ptr dest = (ppm_dest_ptr)dinfo;
-
-  if (cinfo->out_color_space == JCS_GRAYSCALE)
-    dest->samples_per_row = cinfo->output_width * cinfo->out_color_components;
-  else
-    dest->samples_per_row = cinfo->output_width * 3;
-  dest->buffer_width = dest->samples_per_row * (BYTESPERSAMPLE * sizeof(char));
-}
-
-
-/*
- * The module selection routine for PPM format output.
- */
-
-GLOBAL(djpeg_dest_ptr)
-jinit_write_ppm(j_decompress_ptr cinfo)
-{
-  ppm_dest_ptr dest;
-
-  /* Create module interface object, fill in method pointers */
-  dest = (ppm_dest_ptr)
-      (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                  sizeof(ppm_dest_struct));
-  dest->pub.start_output = start_output_ppm;
-  dest->pub.finish_output = finish_output_ppm;
-  dest->pub.calc_buffer_dimensions = calc_buffer_dimensions_ppm;
-
-  /* Calculate output image dimensions so we can allocate space */
-  jpeg_calc_output_dimensions(cinfo);
-
-  /* Create physical I/O buffer */
-  dest->pub.calc_buffer_dimensions(cinfo, (djpeg_dest_ptr)dest);
-  dest->iobuffer = (char *)(*cinfo->mem->alloc_small)
-    ((j_common_ptr)cinfo, JPOOL_IMAGE, dest->buffer_width);
-
-  if (cinfo->quantize_colors || BITS_IN_JSAMPLE != 8 ||
-      sizeof(JSAMPLE) != sizeof(char) ||
-#if RGB_RED == 0 && RGB_GREEN == 1 && RGB_BLUE == 2 && RGB_PIXELSIZE == 3
-      (cinfo->out_color_space != JCS_EXT_RGB &&
-       cinfo->out_color_space != JCS_RGB)) {
-#else
-      cinfo->out_color_space != JCS_EXT_RGB) {
-#endif
-    /* When quantizing, we need an output buffer for colormap indexes
-     * that's separate from the physical I/O buffer.  We also need a
-     * separate buffer if pixel format translation must take place.
-     */
-    dest->pub.buffer = (*cinfo->mem->alloc_sarray)
-      ((j_common_ptr)cinfo, JPOOL_IMAGE,
-       cinfo->output_width * cinfo->output_components, (JDIMENSION)1);
-    dest->pub.buffer_height = 1;
-    if (!cinfo->quantize_colors) {
-      if (IsExtRGB(cinfo->out_color_space))
-        dest->pub.put_pixel_rows = put_rgb;
-      else if (cinfo->out_color_space == JCS_CMYK)
-        dest->pub.put_pixel_rows = put_cmyk;
-      else
-        dest->pub.put_pixel_rows = copy_pixel_rows;
-    } else if (cinfo->out_color_space == JCS_GRAYSCALE)
-      dest->pub.put_pixel_rows = put_demapped_gray;
-    else
-      dest->pub.put_pixel_rows = put_demapped_rgb;
-  } else {
-    /* We will fwrite() directly from decompressor output buffer. */
-    /* Synthesize a JSAMPARRAY pointer structure */
-    dest->pixrow = (JSAMPROW)dest->iobuffer;
-    dest->pub.buffer = &dest->pixrow;
-    dest->pub.buffer_height = 1;
-    dest->pub.put_pixel_rows = put_pixel_rows;
-  }
-
-  return (djpeg_dest_ptr)dest;
-}
-
-#endif /* PPM_SUPPORTED */
diff --git a/3rdparty/libjpeg-turbo_2_1_0/wrtarga.c b/3rdparty/libjpeg-turbo_2_1_0/wrtarga.c
deleted file mode 100644
index 7a654ff..0000000
--- a/3rdparty/libjpeg-turbo_2_1_0/wrtarga.c
+++ /dev/null
@@ -1,258 +0,0 @@
-/*
- * wrtarga.c
- *
- * This file was part of the Independent JPEG Group's software:
- * Copyright (C) 1991-1996, Thomas G. Lane.
- * libjpeg-turbo Modifications:
- * Copyright (C) 2017, 2019, D. R. Commander.
- * For conditions of distribution and use, see the accompanying README.ijg
- * file.
- *
- * This file contains routines to write output images in Targa format.
- *
- * These routines may need modification for non-Unix environments or
- * specialized applications.  As they stand, they assume output to
- * an ordinary stdio stream.
- *
- * Based on code contributed by Lee Daniel Crocker.
- */
-
-#include "cdjpeg.h"             /* Common decls for cjpeg/djpeg applications */
-
-#ifdef TARGA_SUPPORTED
-
-
-/*
- * To support 12-bit JPEG data, we'd have to scale output down to 8 bits.
- * This is not yet implemented.
- */
-
-#if BITS_IN_JSAMPLE != 8
-  Sorry, this code only copes with 8-bit JSAMPLEs. /* deliberate syntax err */
-#endif
-
-
-/* Private version of data destination object */
-
-typedef struct {
-  struct djpeg_dest_struct pub; /* public fields */
-
-  char *iobuffer;               /* physical I/O buffer */
-  JDIMENSION buffer_width;      /* width of one row */
-} tga_dest_struct;
-
-typedef tga_dest_struct *tga_dest_ptr;
-
-
-LOCAL(void)
-write_header(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo, int num_colors)
-/* Create and write a Targa header */
-{
-  char targaheader[18];
-
-  /* Set unused fields of header to 0 */
-  MEMZERO(targaheader, sizeof(targaheader));
-
-  if (num_colors > 0) {
-    targaheader[1] = 1;         /* color map type 1 */
-    targaheader[5] = (char)(num_colors & 0xFF);
-    targaheader[6] = (char)(num_colors >> 8);
-    targaheader[7] = 24;        /* 24 bits per cmap entry */
-  }
-
-  targaheader[12] = (char)(cinfo->output_width & 0xFF);
-  targaheader[13] = (char)(cinfo->output_width >> 8);
-  targaheader[14] = (char)(cinfo->output_height & 0xFF);
-  targaheader[15] = (char)(cinfo->output_height >> 8);
-  targaheader[17] = 0x20;       /* Top-down, non-interlaced */
-
-  if (cinfo->out_color_space == JCS_GRAYSCALE) {
-    targaheader[2] = 3;         /* image type = uncompressed grayscale */
-    targaheader[16] = 8;        /* bits per pixel */
-  } else {                      /* must be RGB */
-    if (num_colors > 0) {
-      targaheader[2] = 1;       /* image type = colormapped RGB */
-      targaheader[16] = 8;
-    } else {
-      targaheader[2] = 2;       /* image type = uncompressed RGB */
-      targaheader[16] = 24;
-    }
-  }
-
-  if (JFWRITE(dinfo->output_file, targaheader, 18) != (size_t)18)
-    ERREXIT(cinfo, JERR_FILE_WRITE);
-}
-
-
-/*
- * Write some pixel data.
- * In this module rows_supplied will always be 1.
- */
-
-METHODDEF(void)
-put_pixel_rows(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo,
-               JDIMENSION rows_supplied)
-/* used for unquantized full-color output */
-{
-  tga_dest_ptr dest = (tga_dest_ptr)dinfo;
-  register JSAMPROW inptr;
-  register char *outptr;
-  register JDIMENSION col;
-
-  inptr = dest->pub.buffer[0];
-  outptr = dest->iobuffer;
-  for (col = cinfo->output_width; col > 0; col--) {
-    outptr[0] = inptr[2]; /* RGB to BGR order */
-    outptr[1] = inptr[1];
-    outptr[2] = inptr[0];
-    inptr += 3, outptr += 3;
-  }
-  (void)JFWRITE(dest->pub.output_file, dest->iobuffer, dest->buffer_width);
-}
-
-METHODDEF(void)
-put_gray_rows(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo,
-              JDIMENSION rows_supplied)
-/* used for grayscale OR quantized color output */
-{
-  tga_dest_ptr dest = (tga_dest_ptr)dinfo;
-  register JSAMPROW inptr;
-  register char *outptr;
-
-  inptr = dest->pub.buffer[0];
-  outptr = dest->iobuffer;
-  MEMCOPY(outptr, inptr, cinfo->output_width);
-  (void)JFWRITE(dest->pub.output_file, dest->iobuffer, dest->buffer_width);
-}
-
-
-/*
- * Write some demapped pixel data when color quantization is in effect.
- * For Targa, this is only applied to grayscale data.
- */
-
-METHODDEF(void)
-put_demapped_gray(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo,
-                  JDIMENSION rows_supplied)
-{
-  tga_dest_ptr dest = (tga_dest_ptr)dinfo;
-  register JSAMPROW inptr;
-  register char *outptr;
-  register JSAMPROW color_map0 = cinfo->colormap[0];
-  register JDIMENSION col;
-
-  inptr = dest->pub.buffer[0];
-  outptr = dest->iobuffer;
-  for (col = cinfo->output_width; col > 0; col--) {
-    *outptr++ = color_map0[*inptr++];
-  }
-  (void)JFWRITE(dest->pub.output_file, dest->iobuffer, dest->buffer_width);
-}
-
-
-/*
- * Startup: write the file header.
- */
-
-METHODDEF(void)
-start_output_tga(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo)
-{
-  tga_dest_ptr dest = (tga_dest_ptr)dinfo;
-  int num_colors, i;
-  FILE *outfile;
-
-  if (cinfo->out_color_space == JCS_GRAYSCALE) {
-    /* Targa doesn't have a mapped grayscale format, so we will */
-    /* demap quantized gray output.  Never emit a colormap. */
-    write_header(cinfo, dinfo, 0);
-    if (cinfo->quantize_colors)
-      dest->pub.put_pixel_rows = put_demapped_gray;
-    else
-      dest->pub.put_pixel_rows = put_gray_rows;
-  } else if (cinfo->out_color_space == JCS_RGB) {
-    if (cinfo->quantize_colors) {
-      /* We only support 8-bit colormap indexes, so only 256 colors */
-      num_colors = cinfo->actual_number_of_colors;
-      if (num_colors > 256)
-        ERREXIT1(cinfo, JERR_TOO_MANY_COLORS, num_colors);
-      write_header(cinfo, dinfo, num_colors);
-      /* Write the colormap.  Note Targa uses BGR byte order */
-      outfile = dest->pub.output_file;
-      for (i = 0; i < num_colors; i++) {
-        putc(cinfo->colormap[2][i], outfile);
-        putc(cinfo->colormap[1][i], outfile);
-        putc(cinfo->colormap[0][i], outfile);
-      }
-      dest->pub.put_pixel_rows = put_gray_rows;
-    } else {
-      write_header(cinfo, dinfo, 0);
-      dest->pub.put_pixel_rows = put_pixel_rows;
-    }
-  } else {
-    ERREXIT(cinfo, JERR_TGA_COLORSPACE);
-  }
-}
-
-
-/*
- * Finish up at the end of the file.
- */
-
-METHODDEF(void)
-finish_output_tga(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo)
-{
-  /* Make sure we wrote the output file OK */
-  fflush(dinfo->output_file);
-  if (ferror(dinfo->output_file))
-    ERREXIT(cinfo, JERR_FILE_WRITE);
-}
-
-
-/*
- * Re-calculate buffer dimensions based on output dimensions.
- */
-
-METHODDEF(void)
-calc_buffer_dimensions_tga(j_decompress_ptr cinfo, djpeg_dest_ptr dinfo)
-{
-  tga_dest_ptr dest = (tga_dest_ptr)dinfo;
-
-  dest->buffer_width = cinfo->output_width * cinfo->output_components;
-}
-
-
-/*
- * The module selection routine for Targa format output.
- */
-
-GLOBAL(djpeg_dest_ptr)
-jinit_write_targa(j_decompress_ptr cinfo)
-{
-  tga_dest_ptr dest;
-
-  /* Create module interface object, fill in method pointers */
-  dest = (tga_dest_ptr)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                sizeof(tga_dest_struct));
-  dest->pub.start_output = start_output_tga;
-  dest->pub.finish_output = finish_output_tga;
-  dest->pub.calc_buffer_dimensions = calc_buffer_dimensions_tga;
-
-  /* Calculate output image dimensions so we can allocate space */
-  jpeg_calc_output_dimensions(cinfo);
-
-  /* Create I/O buffer. */
-  dest->pub.calc_buffer_dimensions(cinfo, (djpeg_dest_ptr)dest);
-  dest->iobuffer = (char *)
-    (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
-                                (size_t)(dest->buffer_width * sizeof(char)));
-
-  /* Create decompressor output buffer. */
-  dest->pub.buffer = (*cinfo->mem->alloc_sarray)
-    ((j_common_ptr)cinfo, JPOOL_IMAGE, dest->buffer_width, (JDIMENSION)1);
-  dest->pub.buffer_height = 1;
-
-  return (djpeg_dest_ptr)dest;
-}
-
-#endif /* TARGA_SUPPORTED */
diff --git a/3rdparty/mbedtls-2.25.0/.github/issue_template.md b/3rdparty/mbedtls-2.25.0/.github/issue_template.md
deleted file mode 100644
index 18b87fc..0000000
--- a/3rdparty/mbedtls-2.25.0/.github/issue_template.md
+++ /dev/null
@@ -1,41 +0,0 @@
-Note: This is just a template, so feel free to use/remove the unnecessary things
-
-### Description
-- Type: Bug | Enhancement\Feature Request
-- Priority: Blocker | Major | Minor
-
----------------------------------------------------------------
-## Bug
-
-**OS**  
-Mbed OS|linux|windows|
-
-**mbed TLS build:**  
-Version: x.x.x or git commit id  
-OS version: x.x.x  
-Configuration: please attach config.h file where possible  
-Compiler and options (if you used a pre-built binary, please indicate how you obtained it):  
-Additional environment information:  
-
-**Peer device TLS stack and version**  
-OpenSSL|GnuTls|Chrome|NSS(Firefox)|SecureChannel (IIS/Internet Explorer/Edge)|Other  
-Version:  
-
-**Expected behavior**   
-
-**Actual behavior**  
-
-**Steps to reproduce**  
-
-----------------------------------------------------------------
-## Enhancement\Feature Request
-
-**Justification - why does the library need this feature?**  
-
-**Suggested enhancement**  
-
------------------------------------------------------------------
-
-## Question
-
-**Please first check for answers in the [Mbed TLS knowledge Base](https://tls.mbed.org/kb). If you can't find the answer you're looking for then please use the [Mbed TLS mailing list](https://lists.trustedfirmware.org/mailman/listinfo/mbed-tls)**
diff --git a/3rdparty/mbedtls-2.25.0/.github/pull_request_template.md b/3rdparty/mbedtls-2.25.0/.github/pull_request_template.md
deleted file mode 100644
index c580443..0000000
--- a/3rdparty/mbedtls-2.25.0/.github/pull_request_template.md
+++ /dev/null
@@ -1,36 +0,0 @@
-Notes:
-* Pull requests cannot be accepted until the PR follows the [contributing guidelines](../CONTRIBUTING.md). In particular, each commit must have at least one `Signed-off-by:` line from the committer to certify that the contribution is made under the terms of the [Developer Certificate of Origin](../dco.txt).
-* This is just a template, so feel free to use/remove the unnecessary things
-## Description
-A few sentences describing the overall goals of the pull request's commits.
-
-
-## Status
-**READY/IN DEVELOPMENT/HOLD**
-
-## Requires Backporting
-When there is a bug fix, it should be backported to all maintained and supported branches.
-Changes do not have to be backported if:
-- This PR is a new feature\enhancement
-- This PR contains changes in the API. If this is true, and there is a need for the fix to be backported, the fix should be handled differently in the legacy branch
-
-Yes | NO  
-Which branch?
-
-## Migrations
-If there is any API change, what's the incentive and logic for it.
-
-YES | NO
-
-## Additional comments
-Any additional information that could be of interest
-
-## Todos
-- [ ] Tests
-- [ ] Documentation
-- [ ] Changelog updated
-- [ ] Backported
-
-
-## Steps to test or reproduce
-Outline the steps to test or reproduce the PR here.
diff --git a/3rdparty/mbedtls-2.25.0/.gitignore b/3rdparty/mbedtls-2.25.0/.gitignore
deleted file mode 100644
index 39cdc4e..0000000
--- a/3rdparty/mbedtls-2.25.0/.gitignore
+++ /dev/null
@@ -1,58 +0,0 @@
-# Random seed file created by test scripts and sample programs
-seedfile
-
-# CMake build artifacts:
-CMakeCache.txt
-CMakeFiles
-CTestTestfile.cmake
-cmake_install.cmake
-Testing
-# CMake generates *.dir/ folders for in-tree builds (used by MSVC projects), ignore all of those:
-*.dir/
-# MSVC files generated by CMake:
-/*.sln
-/*.vcxproj
-/*.filters
-
-# Test coverage build artifacts:
-Coverage
-*.gcno
-*.gcda
-
-# generated by scripts/memory.sh
-massif-*
-
-# MSVC build artifacts:
-*.exe
-*.pdb
-*.ilk
-*.lib
-
-# Python build artifacts:
-*.pyc
-
-# CMake generates *.dir/ folders for in-tree builds (used by MSVC projects), ignore all of those:
-*.dir/
-
-# Microsoft CMake extension for Visual Studio Code generates a build directory by default
-/build/
-
-# Visual Studio artifacts
-/visualc/VS2010/.localhistory/
-/visualc/VS2010/.vs/
-/visualc/VS2010/Debug/
-/visualc/VS2010/Release/
-/visualc/VS2010/*.vcxproj.filters
-/visualc/VS2010/*.vcxproj.user
-
-# Generated documentation:
-/apidoc
-
-# Editor navigation files:
-/GPATH
-/GRTAGS
-/GSYMS
-/GTAGS
-/TAGS
-/cscope*.out
-/tags
diff --git a/3rdparty/mbedtls-2.25.0/.travis.yml b/3rdparty/mbedtls-2.25.0/.travis.yml
deleted file mode 100644
index 76cb1c5..0000000
--- a/3rdparty/mbedtls-2.25.0/.travis.yml
+++ /dev/null
@@ -1,69 +0,0 @@
-language: c
-compiler: gcc
-sudo: false
-cache: ccache
-
-jobs:
-  include:
-    - name: basic checks and reference configurations
-      addons:
-        apt:
-          packages:
-          - gnutls-bin
-          - doxygen
-          - graphviz
-          - gcc-arm-none-eabi
-          - libnewlib-arm-none-eabi
-      language: python # Needed to get pip for Python 3
-      python: 3.5 # version from Ubuntu 16.04
-      install:
-        - pip install pylint==2.4.4
-      script:
-        - tests/scripts/all.sh -k 'check_*'
-        - tests/scripts/all.sh -k test_default_out_of_box
-        - tests/scripts/test-ref-configs.pl
-        - tests/scripts/all.sh -k build_arm_none_eabi_gcc_arm5vte build_arm_none_eabi_gcc_m0plus
-
-    - name: full configuration
-      script:
-        - tests/scripts/all.sh -k test_full_cmake_gcc_asan
-
-    - name: macOS
-      os: osx
-      compiler: clang
-      script:
-        - tests/scripts/all.sh -k test_default_out_of_box
-
-    - name: Windows
-      os: windows
-      before_install:
-        - choco install python --version=3.5.4
-      env:
-        # Add the directory where the Choco package goes
-        - PATH=/c/Python35:/c/Python35/Scripts:$PATH
-      script:
-        - type python; python --version
-        - python scripts/generate_psa_constants.py
-        # Logs appear out of sequence on Windows. Give time to catch up.
-        - sleep 5
-        - scripts/windows_msbuild.bat v141 # Visual Studio 2017
-
-after_failure:
-- tests/scripts/travis-log-failure.sh
-
-env:
-  global:
-    - SEED=1
-    - secure: "FrI5d2s+ckckC17T66c8jm2jV6i2DkBPU5nyWzwbedjmEBeocREfQLd/x8yKpPzLDz7ghOvr+/GQvsPPn0dVkGlNzm3Q+hGHc/ujnASuUtGrcuMM+0ALnJ3k4rFr9xEvjJeWb4SmhJO5UCAZYvTItW4k7+bj9L+R6lt3TzQbXzg="
-
-addons:
-  apt:
-    packages:
-    - gnutls-bin
-  coverity_scan:
-    project:
-      name: "ARMmbed/mbedtls"
-    notification_email: support-mbedtls@arm.com
-    build_command_prepend:
-    build_command: make
-    branch_pattern: coverity_scan
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/.gitignore b/3rdparty/mbedtls-2.25.0/3rdparty/everest/.gitignore
deleted file mode 100644
index 6eb25f6..0000000
--- a/3rdparty/mbedtls-2.25.0/3rdparty/everest/.gitignore
+++ /dev/null
@@ -1,2 +0,0 @@
-*.o
-Makefile
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/README.md b/3rdparty/mbedtls-2.25.0/3rdparty/everest/README.md
deleted file mode 100644
index 0e25466..0000000
--- a/3rdparty/mbedtls-2.25.0/3rdparty/everest/README.md
+++ /dev/null
@@ -1,5 +0,0 @@
-The files in this directory stem from [Project Everest](https://project-everest.github.io/) and are distributed under the Apache 2.0 license.
-
-This is a formally verified implementation of Curve25519-based handshakes. The C code is automatically derived from the (verified) [original implementation](https://github.com/project-everest/hacl-star/tree/master/code/curve25519) in the [F* language](https://github.com/fstarlang/fstar) by [KreMLin](https://github.com/fstarlang/kremlin). In addition to the improved safety and security of the implementation, it is also significantly faster than the default implementation of Curve25519 in mbedTLS.
-
-The caveat is that not all platforms are supported, although the version in `everest/library/legacy` should work on most systems. The main issue is that some platforms do not provide a 128-bit integer type and KreMLin therefore has to use additional (also verified) code to simulate them, resulting in less of a performance gain overall. Explictly supported platforms are currently `x86` and `x86_64` using gcc or clang, and Visual C (2010 and later).
diff --git a/3rdparty/mbedtls-2.25.0/CMakeLists.txt b/3rdparty/mbedtls-2.25.0/CMakeLists.txt
deleted file mode 100644
index b8a44c5..0000000
--- a/3rdparty/mbedtls-2.25.0/CMakeLists.txt
+++ /dev/null
@@ -1,331 +0,0 @@
-#
-# CMake build system design considerations:
-#
-# - Include directories:
-#   + Do not define include directories globally using the include_directories
-#     command but rather at the target level using the
-#     target_include_directories command. That way, it is easier to guarantee
-#     that targets are built using the proper list of include directories.
-#   + Use the PUBLIC and PRIVATE keywords to specifiy the scope of include
-#     directories. That way, a target linking to a library (using the
-#     target_link_librairies command) inherits from the library PUBLIC include
-#     directories and not from the PRIVATE ones.
-#   + Note: there is currently one remaining include_directories command in the
-#     CMake files. It is related to ZLIB support which is planned to be removed.
-#     When the support is removed, the associated include_directories command
-#     will be removed as well as this note.
-# - MBEDTLS_TARGET_PREFIX: CMake targets are designed to be alterable by calling
-#   CMake in order to avoid target name clashes, via the use of
-#   MBEDTLS_TARGET_PREFIX. The value of this variable is prefixed to the
-#   mbedtls, mbedx509, mbedcrypto and apidoc targets.
-#
-
-# The following line was commented out by RealSenseID project (in order to use parent project policy)
-#cmake_minimum_required(VERSION 2.8.12)
-if(TEST_CPP)
-    project("mbed TLS" C CXX)
-else()
-    project("mbed TLS" C)
-endif()
-
-# Set the project root directory.
-set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR})
-
-option(USE_PKCS11_HELPER_LIBRARY "Build mbed TLS with the pkcs11-helper library." OFF)
-option(ENABLE_ZLIB_SUPPORT "Build mbed TLS with zlib library." OFF)
-
-option(ENABLE_PROGRAMS "Build mbed TLS programs." ON)
-
-option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF)
-option(MBEDTLS_FATAL_WARNINGS "Compiler warnings treated as errors" ON)
-
-string(REGEX MATCH "Clang" CMAKE_COMPILER_IS_CLANG "${CMAKE_C_COMPILER_ID}")
-string(REGEX MATCH "GNU" CMAKE_COMPILER_IS_GNU "${CMAKE_C_COMPILER_ID}")
-string(REGEX MATCH "IAR" CMAKE_COMPILER_IS_IAR "${CMAKE_C_COMPILER_ID}")
-string(REGEX MATCH "MSVC" CMAKE_COMPILER_IS_MSVC "${CMAKE_C_COMPILER_ID}")
-
-# the test suites currently have compile errors with MSVC
-if(CMAKE_COMPILER_IS_MSVC)
-    option(ENABLE_TESTING "Build mbed TLS tests." OFF)
-else()
-    option(ENABLE_TESTING "Build mbed TLS tests." ON)
-endif()
-
-# Warning string - created as a list for compatibility with CMake 2.8
-set(WARNING_BORDER "*******************************************************\n")
-set(NULL_ENTROPY_WARN_L1 "****  WARNING!  MBEDTLS_TEST_NULL_ENTROPY defined!\n")
-set(NULL_ENTROPY_WARN_L2 "****  THIS BUILD HAS NO DEFINED ENTROPY SOURCES\n")
-set(NULL_ENTROPY_WARN_L3 "****  AND IS *NOT* SUITABLE FOR PRODUCTION USE\n")
-
-set(NULL_ENTROPY_WARNING "${WARNING_BORDER}"
-                         "${NULL_ENTROPY_WARN_L1}"
-                         "${NULL_ENTROPY_WARN_L2}"
-                         "${NULL_ENTROPY_WARN_L3}"
-                         "${WARNING_BORDER}")
-
-set(CTR_DRBG_128_BIT_KEY_WARN_L1 "****  WARNING!  MBEDTLS_CTR_DRBG_USE_128_BIT_KEY defined!\n")
-set(CTR_DRBG_128_BIT_KEY_WARN_L2 "****  Using 128-bit keys for CTR_DRBG limits the security of generated\n")
-set(CTR_DRBG_128_BIT_KEY_WARN_L3 "****  keys and operations that use random values generated to 128-bit security\n")
-
-set(CTR_DRBG_128_BIT_KEY_WARNING "${WARNING_BORDER}"
-                         "${CTR_DRBG_128_BIT_KEY_WARN_L1}"
-                         "${CTR_DRBG_128_BIT_KEY_WARN_L2}"
-                         "${CTR_DRBG_128_BIT_KEY_WARN_L3}"
-                         "${WARNING_BORDER}")
-
-# Python 3 is only needed here to check for configuration warnings.
-if(NOT CMAKE_VERSION VERSION_LESS 3.15.0)
-    set(Python3_FIND_STRATEGY LOCATION)
-    find_package(Python3 COMPONENTS Interpreter)
-    if(Python3_Interpreter_FOUND)
-        set(MBEDTLS_PYTHON_EXECUTABLE ${Python3_EXECUTABLE})
-    endif()
-else()
-    find_package(PythonInterp 3)
-    if(PYTHONINTERP_FOUND)
-        set(MBEDTLS_PYTHON_EXECUTABLE ${PYTHON_EXECUTABLE})
-    endif()
-endif()
-if(MBEDTLS_PYTHON_EXECUTABLE)
-
-    # If 128-bit keys are configured for CTR_DRBG, display an appropriate warning
-    execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
-                        RESULT_VARIABLE result)
-    if(${result} EQUAL 0)
-        message(WARNING ${CTR_DRBG_128_BIT_KEY_WARNING})
-    endif()
-
-    # If NULL Entropy is configured, display an appropriate warning
-    execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_TEST_NULL_ENTROPY
-                        RESULT_VARIABLE result)
-    if(${result} EQUAL 0)
-        message(WARNING ${NULL_ENTROPY_WARNING})
-
-        if(NOT UNSAFE_BUILD)
-            message(FATAL_ERROR "\
-\n\
-Warning! You have enabled MBEDTLS_TEST_NULL_ENTROPY. \
-This option is not safe for production use and negates all security \
-It is intended for development use only. \
-\n\
-To confirm you want to build with this option, re-run cmake with the \
-option: \n\
-  cmake -DUNSAFE_BUILD=ON ")
-
-            return()
-        endif()
-    endif()
-endif()
-
-# If this is the root project add longer list of available CMAKE_BUILD_TYPE values
-if(CMAKE_SOURCE_DIR STREQUAL CMAKE_CURRENT_SOURCE_DIR)
-    set(CMAKE_BUILD_TYPE ${CMAKE_BUILD_TYPE}
-        CACHE STRING "Choose the type of build: None Debug Release Coverage ASan ASanDbg MemSan MemSanDbg Check CheckFull"
-        FORCE)
-endif()
-
-# Create a symbolic link from ${base_name} in the binary directory
-# to the corresponding path in the source directory.
-function(link_to_source base_name)
-    # Get OS dependent path to use in `execute_process`
-    if (CMAKE_HOST_WIN32)
-        #mklink is an internal command of cmd.exe it can only work with \
-        string(REPLACE "/" "\\" link "${CMAKE_CURRENT_BINARY_DIR}/${base_name}")
-        string(REPLACE "/" "\\" target "${CMAKE_CURRENT_SOURCE_DIR}/${base_name}")
-    else()
-        set(link "${CMAKE_CURRENT_BINARY_DIR}/${base_name}")
-        set(target "${CMAKE_CURRENT_SOURCE_DIR}/${base_name}")
-    endif()
-
-    if (NOT EXISTS ${link})
-        if (CMAKE_HOST_UNIX)
-            set(command ln -s ${target} ${link})
-        else()
-            if (IS_DIRECTORY ${target})
-                set(command cmd.exe /c mklink /j ${link} ${target})
-            else()
-                set(command cmd.exe /c mklink /h ${link} ${target})
-            endif()
-        endif()
-
-        execute_process(COMMAND ${command}
-            RESULT_VARIABLE result
-            ERROR_VARIABLE output)
-
-        if (NOT ${result} EQUAL 0)
-            message(FATAL_ERROR "Could not create symbolic link for: ${target} --> ${output}")
-        endif()
-    endif()
-endfunction(link_to_source)
-
-string(REGEX MATCH "Clang" CMAKE_COMPILER_IS_CLANG "${CMAKE_C_COMPILER_ID}")
-
-include(CheckCCompilerFlag)
-
-if(CMAKE_COMPILER_IS_GNU)
-    # some warnings we want are not available with old GCC versions
-    # note: starting with CMake 2.8 we could use CMAKE_C_COMPILER_VERSION
-    execute_process(COMMAND ${CMAKE_C_COMPILER} -dumpversion
-                    OUTPUT_VARIABLE GCC_VERSION)
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings")
-    if (GCC_VERSION VERSION_GREATER 4.3 OR GCC_VERSION VERSION_EQUAL 4.3)
-        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wvla")
-    endif()
-    if (GCC_VERSION VERSION_GREATER 4.5 OR GCC_VERSION VERSION_EQUAL 4.5)
-        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wlogical-op")
-    endif()
-    if (GCC_VERSION VERSION_GREATER 4.8 OR GCC_VERSION VERSION_EQUAL 4.8)
-        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wshadow")
-    endif()
-    if (GCC_VERSION VERSION_GREATER 5.0)
-        CHECK_C_COMPILER_FLAG("-Wformat-signedness" C_COMPILER_SUPPORTS_WFORMAT_SIGNEDNESS)
-        if(C_COMPILER_SUPPORTS_WFORMAT_SIGNEDNESS)
-            set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-signedness")
-        endif()
-    endif()
-    set(CMAKE_C_FLAGS_RELEASE     "-O2")
-    set(CMAKE_C_FLAGS_DEBUG       "-O0 -g3")
-    set(CMAKE_C_FLAGS_COVERAGE    "-O0 -g3 --coverage")
-    set(CMAKE_C_FLAGS_ASAN        "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3")
-    set(CMAKE_C_FLAGS_ASANDBG     "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
-    set(CMAKE_C_FLAGS_CHECK       "-Os")
-    set(CMAKE_C_FLAGS_CHECKFULL   "${CMAKE_C_FLAGS_CHECK} -Wcast-qual")
-endif(CMAKE_COMPILER_IS_GNU)
-
-if(CMAKE_COMPILER_IS_CLANG)
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla")
-    set(CMAKE_C_FLAGS_RELEASE     "-O2")
-    set(CMAKE_C_FLAGS_DEBUG       "-O0 -g3")
-    set(CMAKE_C_FLAGS_COVERAGE    "-O0 -g3 --coverage")
-    set(CMAKE_C_FLAGS_ASAN        "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3")
-    set(CMAKE_C_FLAGS_ASANDBG     "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
-    set(CMAKE_C_FLAGS_MEMSAN      "-fsanitize=memory -O3")
-    set(CMAKE_C_FLAGS_MEMSANDBG   "-fsanitize=memory -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2")
-    set(CMAKE_C_FLAGS_CHECK       "-Os")
-endif(CMAKE_COMPILER_IS_CLANG)
-
-if(CMAKE_COMPILER_IS_IAR)
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warn_about_c_style_casts --warnings_are_errors -Ohz")
-endif(CMAKE_COMPILER_IS_IAR)
-
-if(CMAKE_COMPILER_IS_MSVC)
-    # Strictest warnings
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3")
-endif(CMAKE_COMPILER_IS_MSVC)
-
-if(MBEDTLS_FATAL_WARNINGS)
-    if(CMAKE_COMPILER_IS_MSVC)
-        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX")
-    endif(CMAKE_COMPILER_IS_MSVC)
-
-    if(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU)
-        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Werror")
-        if(UNSAFE_BUILD)
-            set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-error=cpp")
-            set(CMAKE_C_FLAGS_ASAN "${CMAKE_C_FLAGS_ASAN} -Wno-error=cpp")
-            set(CMAKE_C_FLAGS_ASANDBG "${CMAKE_C_FLAGS_ASANDBG} -Wno-error=cpp")
-        endif(UNSAFE_BUILD)
-    endif(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU)
-endif(MBEDTLS_FATAL_WARNINGS)
-
-if(CMAKE_BUILD_TYPE STREQUAL "Coverage")
-    if(CMAKE_COMPILER_IS_GNU OR CMAKE_COMPILER_IS_CLANG)
-        set(CMAKE_SHARED_LINKER_FLAGS "--coverage")
-    endif(CMAKE_COMPILER_IS_GNU OR CMAKE_COMPILER_IS_CLANG)
-endif(CMAKE_BUILD_TYPE STREQUAL "Coverage")
-
-if(LIB_INSTALL_DIR)
-else()
-    set(LIB_INSTALL_DIR lib)
-endif()
-
-if(ENABLE_ZLIB_SUPPORT)
-    find_package(ZLIB)
-
-    if(ZLIB_FOUND)
-        include_directories(${ZLIB_INCLUDE_DIR})
-    endif(ZLIB_FOUND)
-endif(ENABLE_ZLIB_SUPPORT)
-
-add_subdirectory(include)
-
-add_subdirectory(3rdparty)
-list(APPEND libs ${thirdparty_lib})
-
-add_subdirectory(library)
-
-#
-# The C files in tests/src directory contain test code shared among test suites
-# and programs. This shared test code is compiled and linked to test suites and
-# programs objects as a set of compiled objects. The compiled objects are NOT
-# built into a library that the test suite and program objects would link
-# against as they link against the mbedcrypto, mbedx509 and mbedtls libraries.
-# The reason is that such library is expected to have mutual dependencies with
-# the aforementioned libraries and that there is as of today no portable way of
-# handling such dependencies (only toolchain specific solutions).
-#
-# Thus the below definition of the `mbedtls_test` CMake library of objects
-# target. This library of objects is used by tests and programs CMake files
-# to define the test executables.
-#
-if(ENABLE_TESTING OR ENABLE_PROGRAMS)
-    file(GLOB MBEDTLS_TEST_FILES ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/*.c ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/drivers/*.c)
-    add_library(mbedtls_test OBJECT ${MBEDTLS_TEST_FILES})
-    target_include_directories(mbedtls_test
-        PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tests/include
-        PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
-        PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/library)
-endif()
-
-if(ENABLE_PROGRAMS)
-    add_subdirectory(programs)
-endif()
-
-ADD_CUSTOM_TARGET(${MBEDTLS_TARGET_PREFIX}apidoc
-    COMMAND doxygen mbedtls.doxyfile
-    WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/doxygen)
-
-if(ENABLE_TESTING)
-    enable_testing()
-
-    add_subdirectory(tests)
-
-    # additional convenience targets for Unix only
-    if(UNIX)
-
-        ADD_CUSTOM_TARGET(covtest
-            COMMAND make test
-            COMMAND programs/test/selftest
-            COMMAND tests/compat.sh
-            COMMAND tests/ssl-opt.sh
-        )
-
-        ADD_CUSTOM_TARGET(lcov
-            COMMAND rm -rf Coverage
-            COMMAND lcov --capture --initial --directory library/CMakeFiles/mbedtls.dir -o files.info
-            COMMAND lcov --capture --directory library/CMakeFiles/mbedtls.dir -o tests.info
-            COMMAND lcov --add-tracefile files.info --add-tracefile tests.info -o all.info
-            COMMAND lcov --remove all.info -o final.info '*.h'
-            COMMAND gendesc tests/Descriptions.txt -o descriptions
-            COMMAND genhtml --title "mbed TLS" --description-file descriptions --keep-descriptions --legend --no-branch-coverage -o Coverage final.info
-            COMMAND rm -f files.info tests.info all.info final.info descriptions
-        )
-
-        ADD_CUSTOM_TARGET(memcheck
-            COMMAND sed -i.bak s+/usr/bin/valgrind+`which valgrind`+ DartConfiguration.tcl
-            COMMAND ctest -O memcheck.log -D ExperimentalMemCheck
-            COMMAND tail -n1 memcheck.log | grep 'Memory checking results:' > /dev/null
-            COMMAND rm -f memcheck.log
-            COMMAND mv DartConfiguration.tcl.bak DartConfiguration.tcl
-        )
-    endif(UNIX)
-
-    # Make scripts needed for testing available in an out-of-source build.
-    if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR})
-        link_to_source(scripts)
-        # Copy (don't link) DartConfiguration.tcl, needed for memcheck, to
-        # keep things simple with the sed commands in the memcheck target.
-        configure_file(${CMAKE_CURRENT_SOURCE_DIR}/DartConfiguration.tcl
-                    ${CMAKE_CURRENT_BINARY_DIR}/DartConfiguration.tcl COPYONLY)
-    endif()
-endif()
diff --git a/3rdparty/mbedtls-2.25.0/CONTRIBUTING.md b/3rdparty/mbedtls-2.25.0/CONTRIBUTING.md
deleted file mode 100644
index 9b02ba5..0000000
--- a/3rdparty/mbedtls-2.25.0/CONTRIBUTING.md
+++ /dev/null
@@ -1,82 +0,0 @@
-Contributing
-============
-We gratefully accept bug reports and contributions from the community. There are some requirements we need to fulfill in order to be able to integrate contributions:
-
- - As with any open source project, contributions will be reviewed by the project team and community and may need some modifications to be accepted.
- - The contribution should not break API or ABI, unless there is a real justification for that. If there is an API change, the contribution, if accepted, will be merged only when there will be a major release.
-
-Coding Standards
-----------------
-- We would ask that contributions conform to [our coding standards](https://tls.mbed.org/kb/development/mbedtls-coding-standards), and that contributions are fully tested before submission, as mentioned in the [Tests](#tests) and [Continuous Integration](#continuous-integration-tests) sections.
-- The code should be written in a clean and readable style.
-- The code should be written in a portable generic way, that will benefit the whole community, and not only your own needs.
-- The code should be secure, and will be reviewed from a security point of view as well.
-
-Making a Contribution
----------------------
-1. [Check for open issues](https://github.com/ARMmbed/mbedtls/issues) or [start a discussion](https://lists.trustedfirmware.org/mailman/listinfo/mbed-tls) around a feature idea or a bug.
-1. Fork the [Mbed TLS repository on GitHub](https://github.com/ARMmbed/mbedtls) to start making your changes. As a general rule, you should use the ["development" branch](https://github.com/ARMmbed/mbedtls/tree/development) as a basis.
-1. Write a test which shows that the bug was fixed or that the feature works as expected.
-1. Send a pull request (PR) and work with us until it gets merged and published. Contributions may need some modifications, so a few rounds of review and fixing may be necessary. We will include your name in the ChangeLog :)
-1. For quick merging, the contribution should be short, and concentrated on a single feature or topic. The larger the contribution is, the longer it would take to review it and merge it.
-1. All new files should include the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) standard license header where possible.
-1. Ensure that each commit has at least one `Signed-off-by:` line from the committer. If anyone else contributes to the commit, they should also add their own `Signed-off-by:` line. By adding this line, contributor(s) certify that the contribution is made under the terms of the [Developer Certificate of Origin](dco.txt). The contribution licensing is described in the [License section of the README](README.md#License).
-
-API/ABI Compatibility
----------------------
-The project aims to minimise the impact on users upgrading to newer versions of the library and it should not be necessary for a user to make any changes to their own code to work with a newer version of the library. Unless the user has made an active decision to use newer features, a newer generation of the library or a change has been necessary due to a security issue or other significant software defect, no modifications to their own code should be necessary. To achieve this, API compatibility is maintained between different versions of Mbed TLS on the main development branch and in LTS (Long Term Support) branches.
-
-To minimise such disruption to users, where a change to the interface is required, all changes to the ABI or API, even on the main development branch where new features are added, need to be justifiable by either being a significant enhancement, new feature or bug fix which is best resolved by an interface change.
-
-Where changes to an existing interface are necessary, functions in the public interface which need to be changed, are marked as 'deprecated'. This is done with the preprocessor symbols `MBEDTLS_DEPRECATED_WARNING` and `MBEDTLS_DEPRECATED_REMOVED`. Then, a new function with a new name but similar if not identical behaviour to the original function containing the necessary changes should be created alongside the existing deprecated function.
-
-When a build is made with the deprecation preprocessor symbols defined, a compiler warning will be generated to warn a user that the function will be removed at some point in the future, notifying users that they should change from the older deprecated function to the newer function at their own convenience.
-
-Therefore, no changes are permitted to the definition of functions in the public interface which will change the API. Instead the interface can only be changed by its extension. As described above, if a function needs to be changed, a new function needs to be created alongside it, with a new name, and whatever change is necessary, such as a new parameter or the addition of a return value.
-
-Periodically, the library will remove deprecated functions from the library which will be a breaking change in the API, but such changes will be made only in a planned, structured way that gives sufficient notice to users of the library.
-
-Long Term Support Branches
---------------------------
-Mbed TLS maintains several LTS (Long Term Support) branches, which are maintained continuously for a given period. The LTS branches are provided to allow users of the library to have a maintained, stable version of the library which contains only security fixes and fixes for other defects, without encountering additional features or API extensions which may introduce issues or change the code size or RAM usage, which can be significant considerations on some platforms. To allow users to take advantage of the LTS branches, these branches maintain backwards compatibility for both the public API and ABI.
-
-When backporting to these branches please observe the following rules:
-
-1. Any change to the library which changes the API or ABI cannot be backported.
-1. All bug fixes that correct a defect that is also present in an LTS branch must be backported to that LTS branch. If a bug fix introduces a change to the API such as a new function, the fix should be reworked to avoid the API change. API changes without very strong justification are unlikely to be accepted.
-1. If a contribution is a new feature or enhancement, no backporting is required. Exceptions to this may be additional test cases or quality improvements such as changes to build or test scripts.
-
-It would be highly appreciated if contributions are backported to LTS branches in addition to the [development branch](https://github.com/ARMmbed/mbedtls/tree/development) by contributors.
-
-Currently maintained LTS branches are:
-1. [mbedtls-2.7](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.7)
-1. [mbedtls-2.16](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.16)
-
-
-Tests
------
-As mentioned, tests that show the correctness of the feature or bug fix should be added to the pull request, if no such tests exist.
-
-Mbed TLS includes a comprehensive set of test suites in the `tests/` directory that are dynamically generated to produce the actual test source files (e.g. `test_suite_mpi.c`). These files are generated from a `function file` (e.g. `suites/test_suite_mpi.function`) and a `data file` (e.g. `suites/test_suite_mpi.data`). The function file contains the test functions. The data file contains the test cases, specified as parameters that will be passed to the test function.
-
-[A Knowledge Base article describing how to add additional tests is available on the Mbed TLS website](https://tls.mbed.org/kb/development/test_suites).
-
-A test script `tests/scripts/basic-build-test.sh` is available to show test coverage of the library. New code contributions should provide a similar level of code coverage to that which already exists for the library.
-
-Sample applications, if needed, should be modified as well.
-
-Continuous Integration Tests
-----------------------------
-Once a PR has been made, the Continuous Integration (CI) tests are triggered and run. You should follow the result of the CI tests, and fix failures.
-
-It is advised to enable the [githooks scripts](https://github.com/ARMmbed/mbedtls/tree/development/tests/git-scripts) prior to pushing your changes, for catching some of the issues as early as possible.
-
-Documentation
--------------
-Mbed TLS is well documented, but if you think documentation is needed, speak out!
-
-1. All interfaces should be documented through Doxygen. New APIs should introduce Doxygen documentation.
-1. Complex parts in the code should include comments.
-1. If needed, a Readme file is advised.
-1. If a [Knowledge Base (KB)](https://tls.mbed.org/kb) article should be added, write this as a comment in the PR description.
-1. A [ChangeLog](https://github.com/ARMmbed/mbedtls/blob/development/ChangeLog.d/00README.md) entry should be added for this contribution.
diff --git a/3rdparty/mbedtls-2.25.0/LICENSE b/3rdparty/mbedtls-2.25.0/LICENSE
deleted file mode 100644
index d645695..0000000
--- a/3rdparty/mbedtls-2.25.0/LICENSE
+++ /dev/null
@@ -1,202 +0,0 @@
-
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright [yyyy] [name of copyright owner]
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
diff --git a/3rdparty/mbedtls-2.25.0/Makefile b/3rdparty/mbedtls-2.25.0/Makefile
deleted file mode 100644
index 9344e71..0000000
--- a/3rdparty/mbedtls-2.25.0/Makefile
+++ /dev/null
@@ -1,152 +0,0 @@
-DESTDIR=/usr/local
-PREFIX=mbedtls_
-
-.SILENT:
-
-.PHONY: all no_test programs lib tests install uninstall clean test check covtest lcov apidoc apidoc_clean
-
-all: programs tests
-	$(MAKE) post_build
-
-no_test: programs
-
-programs: lib mbedtls_test
-	$(MAKE) -C programs
-
-lib:
-	$(MAKE) -C library
-
-tests: lib mbedtls_test
-	$(MAKE) -C tests
-
-mbedtls_test:
-	$(MAKE) -C tests mbedtls_test
-
-ifndef WINDOWS
-install: no_test
-	mkdir -p $(DESTDIR)/include/mbedtls
-	cp -rp include/mbedtls $(DESTDIR)/include
-	mkdir -p $(DESTDIR)/include/psa
-	cp -rp include/psa $(DESTDIR)/include
-
-	mkdir -p $(DESTDIR)/lib
-	cp -RP library/libmbedtls.*    $(DESTDIR)/lib
-	cp -RP library/libmbedx509.*   $(DESTDIR)/lib
-	cp -RP library/libmbedcrypto.* $(DESTDIR)/lib
-
-	mkdir -p $(DESTDIR)/bin
-	for p in programs/*/* ; do              \
-	    if [ -x $$p ] && [ ! -d $$p ] ;     \
-	    then                                \
-	        f=$(PREFIX)`basename $$p` ;     \
-	        cp $$p $(DESTDIR)/bin/$$f ;     \
-	    fi                                  \
-	done
-
-uninstall:
-	rm -rf $(DESTDIR)/include/mbedtls
-	rm -rf $(DESTDIR)/include/psa
-	rm -f $(DESTDIR)/lib/libmbedtls.*
-	rm -f $(DESTDIR)/lib/libmbedx509.*
-	rm -f $(DESTDIR)/lib/libmbedcrypto.*
-
-	for p in programs/*/* ; do              \
-	    if [ -x $$p ] && [ ! -d $$p ] ;     \
-	    then                                \
-	        f=$(PREFIX)`basename $$p` ;     \
-	        rm -f $(DESTDIR)/bin/$$f ;      \
-	    fi                                  \
-	done
-endif
-
-WARNING_BORDER      =*******************************************************\n
-NULL_ENTROPY_WARN_L1=****  WARNING!  MBEDTLS_TEST_NULL_ENTROPY defined! ****\n
-NULL_ENTROPY_WARN_L2=****  THIS BUILD HAS NO DEFINED ENTROPY SOURCES    ****\n
-NULL_ENTROPY_WARN_L3=****  AND IS *NOT* SUITABLE FOR PRODUCTION USE     ****\n
-
-NULL_ENTROPY_WARNING=\n$(WARNING_BORDER)$(NULL_ENTROPY_WARN_L1)$(NULL_ENTROPY_WARN_L2)$(NULL_ENTROPY_WARN_L3)$(WARNING_BORDER)
-
-WARNING_BORDER_LONG      =**********************************************************************************\n
-CTR_DRBG_128_BIT_KEY_WARN_L1=****  WARNING!  MBEDTLS_CTR_DRBG_USE_128_BIT_KEY defined!                      ****\n
-CTR_DRBG_128_BIT_KEY_WARN_L2=****  Using 128-bit keys for CTR_DRBG limits the security of generated         ****\n
-CTR_DRBG_128_BIT_KEY_WARN_L3=****  keys and operations that use random values generated to 128-bit security ****\n
-
-CTR_DRBG_128_BIT_KEY_WARNING=\n$(WARNING_BORDER_LONG)$(CTR_DRBG_128_BIT_KEY_WARN_L1)$(CTR_DRBG_128_BIT_KEY_WARN_L2)$(CTR_DRBG_128_BIT_KEY_WARN_L3)$(WARNING_BORDER_LONG)
-
-# Post build steps
-post_build:
-ifndef WINDOWS
-
-	# If 128-bit keys are configured for CTR_DRBG, display an appropriate warning
-	-scripts/config.py get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY && ([ $$? -eq 0 ]) && \
-	    echo '$(CTR_DRBG_128_BIT_KEY_WARNING)'
-
-	# If NULL Entropy is configured, display an appropriate warning
-	-scripts/config.py get MBEDTLS_TEST_NULL_ENTROPY && ([ $$? -eq 0 ]) && \
-	    echo '$(NULL_ENTROPY_WARNING)'
-endif
-
-clean:
-	$(MAKE) -C library clean
-	$(MAKE) -C programs clean
-	$(MAKE) -C tests clean
-ifndef WINDOWS
-	find . \( -name \*.gcno -o -name \*.gcda -o -name \*.info \) -exec rm {} +
-endif
-
-check: lib tests
-	$(MAKE) -C tests check
-
-test: check
-
-ifndef WINDOWS
-# note: for coverage testing, build with:
-# make CFLAGS='--coverage -g3 -O0'
-covtest:
-	$(MAKE) check
-	programs/test/selftest
-	tests/compat.sh
-	tests/ssl-opt.sh
-
-lcov:
-	rm -rf Coverage
-	lcov --capture --initial --directory library -o files.info
-	lcov --rc lcov_branch_coverage=1 --capture --directory library -o tests.info
-	lcov --rc lcov_branch_coverage=1 --add-tracefile files.info --add-tracefile tests.info -o all.info
-	lcov --rc lcov_branch_coverage=1 --remove all.info -o final.info '*.h'
-	gendesc tests/Descriptions.txt -o descriptions
-	genhtml --title "mbed TLS" --description-file descriptions --keep-descriptions --legend --branch-coverage -o Coverage final.info
-	rm -f files.info tests.info all.info final.info descriptions
-
-apidoc:
-	mkdir -p apidoc
-	cd doxygen && doxygen mbedtls.doxyfile
-
-apidoc_clean:
-	rm -rf apidoc
-endif
-
-## Editor navigation files
-C_SOURCE_FILES = $(wildcard \
-	3rdparty/*/include/*/*.h 3rdparty/*/include/*/*/*.h 3rdparty/*/include/*/*/*/*.h \
-	3rdparty/*/*.c 3rdparty/*/*/*.c 3rdparty/*/*/*/*.c 3rdparty/*/*/*/*/*.c \
-	include/*/*.h \
-	library/*.[hc] \
-	programs/*/*.[hc] \
-	tests/include/*/*.h tests/include/*/*/*.h \
-	tests/src/*.c tests/src/*/*.c \
-	tests/suites/*.function \
-)
-# Exuberant-ctags invocation. Other ctags implementations may require different options.
-CTAGS = ctags --langmap=c:+.h.function -o
-tags: $(C_SOURCE_FILES)
-	$(CTAGS) $@ $(C_SOURCE_FILES)
-TAGS: $(C_SOURCE_FILES)
-	etags -o $@ $(C_SOURCE_FILES)
-global: GPATH GRTAGS GSYMS GTAGS
-GPATH GRTAGS GSYMS GTAGS: $(C_SOURCE_FILES)
-	ls $(C_SOURCE_FILES) | gtags -f - --gtagsconf .globalrc
-cscope: cscope.in.out cscope.po.out cscope.out
-cscope.in.out cscope.po.out cscope.out: $(C_SOURCE_FILES)
-	cscope -bq -u -Iinclude -Ilibrary $(patsubst %,-I%,$(wildcard 3rdparty/*/include)) -Itests/include $(C_SOURCE_FILES)
-.PHONY: cscope global
diff --git a/3rdparty/mbedtls-2.25.0/README.md b/3rdparty/mbedtls-2.25.0/README.md
deleted file mode 100644
index ac2a6ab..0000000
--- a/3rdparty/mbedtls-2.25.0/README.md
+++ /dev/null
@@ -1,247 +0,0 @@
-README for Mbed TLS
-===================
-
-Mbed TLS is a C library that implements cryptographic primitives, X.509 certificate manipulation and the SSL/TLS and DTLS protocols. Its small code footprint makes it suitable for embedded systems.
-
-Mbed TLS includes a reference implementation of the [PSA Cryptography API](#psa-cryptography-api). This is currently a preview for evaluation purposes only.
-
-Configuration
--------------
-
-Mbed TLS should build out of the box on most systems. Some platform specific options are available in the fully documented configuration file `include/mbedtls/config.h`, which is also the place where features can be selected. This file can be edited manually, or in a more programmatic way using the Python 3 script `scripts/config.py` (use `--help` for usage instructions).
-
-Compiler options can be set using conventional environment variables such as `CC` and `CFLAGS` when using the Make and CMake build system (see below).
-
-We provide some non-standard configurations focused on specific use cases in the `configs/` directory. You can read more about those in `configs/README.txt`
-
-Documentation
--------------
-
-Documentation for the Mbed TLS interfaces in the default library configuration is available as part of the [Mbed TLS documentation](https://tls.mbed.org/api/).
-
-To generate a local copy of the library documentation in HTML format, tailored to your compile-time configuration:
-
-1. Make sure that [Doxygen](http://www.doxygen.nl/) is installed. We use version 1.8.11 but slightly older or more recent versions should work.
-1. Run `make apidoc`.
-1. Browse `apidoc/index.html` or `apidoc/modules.html`.
-
-Compiling
----------
-
-There are currently three active build systems used within Mbed TLS releases:
-
--   GNU Make
--   CMake
--   Microsoft Visual Studio (Microsoft Visual Studio 2013 or later)
-
-The main systems used for development are CMake and GNU Make. Those systems are always complete and up-to-date. The others should reflect all changes present in the CMake and Make build system, although features may not be ported there automatically.
-
-The Make and CMake build systems create three libraries: libmbedcrypto, libmbedx509, and libmbedtls. Note that libmbedtls depends on libmbedx509 and libmbedcrypto, and libmbedx509 depends on libmbedcrypto. As a result, some linkers will expect flags to be in a specific order, for example the GNU linker wants `-lmbedtls -lmbedx509 -lmbedcrypto`. Also, when loading shared libraries using dlopen(), you'll need to load libmbedcrypto first, then libmbedx509, before you can load libmbedtls.
-
-### Tool versions
-
-You need the following tools to build the library with the provided makefiles:
-
-* GNU Make or a build tool that CMake supports.
-* A C99 toolchain (compiler, linker, archiver). We actively test with GCC 5.4, Clang 3.8, IAR8 and Visual Studio 2013. More recent versions should work. Slightly older versions may work.
-* Python 3 to generate the test code.
-* Perl to run the tests.
-
-### Make
-
-We require GNU Make. To build the library and the sample programs, GNU Make and a C compiler are sufficient. Some of the more advanced build targets require some Unix/Linux tools.
-
-We intentionally only use a minimum of functionality in the makefiles in order to keep them as simple and independent of different toolchains as possible, to allow users to more easily move between different platforms. Users who need more features are recommended to use CMake.
-
-In order to build from the source code using GNU Make, just enter at the command line:
-
-    make
-
-In order to run the tests, enter:
-
-    make check
-
-The tests need Python to be built and Perl to be run. If you don't have one of them installed, you can skip building the tests with:
-
-    make no_test
-
-You'll still be able to run a much smaller set of tests with:
-
-    programs/test/selftest
-
-In order to build for a Windows platform, you should use `WINDOWS_BUILD=1` if the target is Windows but the build environment is Unix-like (for instance when cross-compiling, or compiling from an MSYS shell), and `WINDOWS=1` if the build environment is a Windows shell (for instance using mingw32-make) (in that case some targets will not be available).
-
-Setting the variable `SHARED` in your environment will build shared libraries in addition to the static libraries. Setting `DEBUG` gives you a debug build. You can override `CFLAGS` and `LDFLAGS` by setting them in your environment or on the make command line; compiler warning options may be overridden separately using `WARNING_CFLAGS`. Some directory-specific options (for example, `-I` directives) are still preserved.
-
-Please note that setting `CFLAGS` overrides its default value of `-O2` and setting `WARNING_CFLAGS` overrides its default value (starting with `-Wall -Wextra`), so if you just want to add some warning options to the default ones, you can do so by setting `CFLAGS=-O2 -Werror` for example. Setting `WARNING_CFLAGS` is useful when you want to get rid of its default content (for example because your compiler doesn't accept `-Wall` as an option). Directory-specific options cannot be overridden from the command line.
-
-Depending on your platform, you might run into some issues. Please check the Makefiles in `library/`, `programs/` and `tests/` for options to manually add or remove for specific platforms. You can also check [the Mbed TLS Knowledge Base](https://tls.mbed.org/kb) for articles on your platform or issue.
-
-In case you find that you need to do something else as well, please let us know what, so we can add it to the [Mbed TLS Knowledge Base](https://tls.mbed.org/kb).
-
-### CMake
-
-In order to build the source using CMake in a separate directory (recommended), just enter at the command line:
-
-    mkdir /path/to/build_dir && cd /path/to/build_dir
-    cmake /path/to/mbedtls_source
-    cmake --build .
-
-In order to run the tests, enter:
-
-    ctest
-
-The test suites need Python to be built and Perl to be executed. If you don't have one of these installed, you'll want to disable the test suites with:
-
-    cmake -DENABLE_TESTING=Off /path/to/mbedtls_source
-
-If you disabled the test suites, but kept the programs enabled, you can still run a much smaller set of tests with:
-
-    programs/test/selftest
-
-To configure CMake for building shared libraries, use:
-
-    cmake -DUSE_SHARED_MBEDTLS_LIBRARY=On /path/to/mbedtls_source
-
-There are many different build modes available within the CMake buildsystem. Most of them are available for gcc and clang, though some are compiler-specific:
-
--   `Release`. This generates the default code without any unnecessary information in the binary files.
--   `Debug`. This generates debug information and disables optimization of the code.
--   `Coverage`. This generates code coverage information in addition to debug information.
--   `ASan`. This instruments the code with AddressSanitizer to check for memory errors. (This includes LeakSanitizer, with recent version of gcc and clang.) (With recent version of clang, this mode also instruments the code with UndefinedSanitizer to check for undefined behaviour.)
--   `ASanDbg`. Same as ASan but slower, with debug information and better stack traces.
--   `MemSan`. This instruments the code with MemorySanitizer to check for uninitialised memory reads. Experimental, needs recent clang on Linux/x86\_64.
--   `MemSanDbg`. Same as MemSan but slower, with debug information, better stack traces and origin tracking.
--   `Check`. This activates the compiler warnings that depend on optimization and treats all warnings as errors.
-
-Switching build modes in CMake is simple. For debug mode, enter at the command line:
-
-    cmake -D CMAKE_BUILD_TYPE=Debug /path/to/mbedtls_source
-
-To list other available CMake options, use:
-
-    cmake -LH
-
-Note that, with CMake, you can't adjust the compiler or its flags after the
-initial invocation of cmake. This means that `CC=your_cc make` and `make
-CC=your_cc` will *not* work (similarly with `CFLAGS` and other variables).
-These variables need to be adjusted when invoking cmake for the first time,
-for example:
-
-    CC=your_cc cmake /path/to/mbedtls_source
-
-If you already invoked cmake and want to change those settings, you need to
-remove the build directory and create it again.
-
-Note that it is possible to build in-place; this will however overwrite the
-provided Makefiles (see `scripts/tmp_ignore_makefiles.sh` if you want to
-prevent `git status` from showing them as modified). In order to do so, from
-the Mbed TLS source directory, use:
-
-    cmake .
-    make
-
-If you want to change `CC` or `CFLAGS` afterwards, you will need to remove the
-CMake cache. This can be done with the following command using GNU find:
-
-    find . -iname '*cmake*' -not -name CMakeLists.txt -exec rm -rf {} +
-
-You can now make the desired change:
-
-    CC=your_cc cmake .
-    make
-
-Regarding variables, also note that if you set CFLAGS when invoking cmake,
-your value of CFLAGS doesn't override the content provided by cmake (depending
-on the build mode as seen above), it's merely prepended to it.
-
-#### Mbed TLS as a subproject
-
-Mbed TLS supports being built as a CMake subproject. One can
-use `add_subdirectory()` from a parent CMake project to include Mbed TLS as a
-subproject.
-
-### Microsoft Visual Studio
-
-The build files for Microsoft Visual Studio are generated for Visual Studio 2010.
-
-The solution file `mbedTLS.sln` contains all the basic projects needed to build the library and all the programs. The files in tests are not generated and compiled, as these need Python and perl environments as well. However, the selftest program in `programs/test/` is still available.
-
-Example programs
-----------------
-
-We've included example programs for a lot of different features and uses in [`programs/`](programs/README.md).
-Please note that the goal of these sample programs is to demonstrate specific features of the library, and the code may need to be adapted to build a real-world application.
-
-Tests
------
-
-Mbed TLS includes an elaborate test suite in `tests/` that initially requires Python to generate the tests files (e.g. `test\_suite\_mpi.c`). These files are generated from a `function file` (e.g. `suites/test\_suite\_mpi.function`) and a `data file` (e.g. `suites/test\_suite\_mpi.data`). The `function file` contains the test functions. The `data file` contains the test cases, specified as parameters that will be passed to the test function.
-
-For machines with a Unix shell and OpenSSL (and optionally GnuTLS) installed, additional test scripts are available:
-
--   `tests/ssl-opt.sh` runs integration tests for various TLS options (renegotiation, resumption, etc.) and tests interoperability of these options with other implementations.
--   `tests/compat.sh` tests interoperability of every ciphersuite with other implementations.
--   `tests/scripts/test-ref-configs.pl` test builds in various reduced configurations.
--   `tests/scripts/key-exchanges.pl` test builds in configurations with a single key exchange enabled
--   `tests/scripts/all.sh` runs a combination of the above tests, plus some more, with various build options (such as ASan, full `config.h`, etc).
-
-Porting Mbed TLS
-----------------
-
-Mbed TLS can be ported to many different architectures, OS's and platforms. Before starting a port, you may find the following Knowledge Base articles useful:
-
--   [Porting Mbed TLS to a new environment or OS](https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS)
--   [What external dependencies does Mbed TLS rely on?](https://tls.mbed.org/kb/development/what-external-dependencies-does-mbedtls-rely-on)
--   [How do I configure Mbed TLS](https://tls.mbed.org/kb/compiling-and-building/how-do-i-configure-mbedtls)
-
-PSA cryptography API
---------------------
-
-### PSA API design
-
-Arm's [Platform Security Architecture (PSA)](https://developer.arm.com/architectures/security-architectures/platform-security-architecture) is a holistic set of threat models, security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level.
-
-The [PSA cryptography API](https://armmbed.github.io/mbed-crypto/psa/#application-programming-interface) provides access to a set of cryptographic primitives. It has a dual purpose. First, it can be used in a PSA-compliant platform to build services, such as secure boot, secure storage and secure communication. Second, it can also be used independently of other PSA components on any platform.
-
-The design goals of the PSA cryptography API include:
-
-* The API distinguishes caller memory from internal memory, which allows the library to be implemented in an isolated space for additional security. Library calls can be implemented as direct function calls if isolation is not desired, and as remote procedure calls if isolation is desired.
-* The structure of internal data is hidden to the application, which allows substituting alternative implementations at build time or run time, for example, in order to take advantage of hardware accelerators.
-* All access to the keys happens through key identifiers, which allows support for external cryptoprocessors that is transparent to applications.
-* The interface to algorithms is generic, favoring algorithm agility.
-* The interface is designed to be easy to use and hard to accidentally misuse.
-
-Arm welcomes feedback on the design of the API. If you think something could be improved, please open an issue on our Github repository. Alternatively, if you prefer to provide your feedback privately, please email us at [`mbed-crypto@arm.com`](mailto:mbed-crypto@arm.com). All feedback received by email is treated confidentially.
-
-### PSA API documentation
-
-A browsable copy of the PSA Cryptography API documents is available on the [PSA cryptography interfaces documentation portal](https://armmbed.github.io/mbed-crypto/psa/#application-programming-interface) in [PDF](https://armmbed.github.io/mbed-crypto/PSA_Cryptography_API_Specification.pdf) and [HTML](https://armmbed.github.io/mbed-crypto/html/index.html) formats.
-
-### PSA implementation in Mbed TLS
-
-Mbed TLS includes a reference implementation of the PSA Cryptography API.
-This implementation is not yet as mature as the rest of the library. Some parts of the code have not been reviewed as thoroughly, and some parts of the PSA implementation are not yet well optimized for code size.
-
-The X.509 and TLS code can use PSA cryptography for a limited subset of operations. To enable this support, activate the compilation option `MBEDTLS_USE_PSA_CRYPTO` in `config.h`.
-
-There are currently a few deviations where the library does not yet implement the latest version of the specification. Please refer to the [compliance issues on Github](https://github.com/ARMmbed/mbed-crypto/labels/compliance) for an up-to-date list.
-
-### Upcoming features
-
-Future releases of this library will include:
-
-* A driver programming interface, which makes it possible to use hardware accelerators instead of the default software implementation for chosen algorithms.
-* Support for external keys to be stored and manipulated exclusively in a separate cryptoprocessor.
-* A configuration mechanism to compile only the algorithms you need for your application.
-* A wider set of cryptographic algorithms.
-
-License
--------
-
-Unless specifically indicated otherwise in a file, Mbed TLS files are provided under the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) license. See the [LICENSE](LICENSE) file for the full text of this license. Contributors must accept that their contributions are made under both the Apache-2.0 AND [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) licenses. This enables LTS (Long Term Support) branches of the software to be provided under either the Apache-2.0 OR GPL-2.0-or-later licenses.
-
-Contributing
-------------
-
-We gratefully accept bug reports and contributions from the community. Please see the [contributing guidelines](CONTRIBUTING.md) for details on how to do this.
diff --git a/3rdparty/mbedtls-2.25.0/configs/config-ccm-psk-tls1_2.h b/3rdparty/mbedtls-2.25.0/configs/config-ccm-psk-tls1_2.h
deleted file mode 100644
index c58d150..0000000
--- a/3rdparty/mbedtls-2.25.0/configs/config-ccm-psk-tls1_2.h
+++ /dev/null
@@ -1,86 +0,0 @@
-/**
- * \file config-ccm-psk-tls1_2.h
- *
- * \brief Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- * Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites
- * Distinguishing features:
- * - no bignum, no PK, no X509
- * - fully modern and secure (provided the pre-shared keys have high entropy)
- * - very low record overhead with CCM-8
- * - optimized for low RAM usage
- *
- * See README.txt for usage instructions.
- */
-#ifndef MBEDTLS_CONFIG_H
-#define MBEDTLS_CONFIG_H
-
-/* System support */
-//#define MBEDTLS_HAVE_TIME /* Optionally used in Hello messages */
-/* Other MBEDTLS_HAVE_XXX flags irrelevant for this configuration */
-
-/* mbed TLS feature support */
-#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
-#define MBEDTLS_SSL_PROTO_TLS1_2
-
-/* mbed TLS modules */
-#define MBEDTLS_AES_C
-#define MBEDTLS_CCM_C
-#define MBEDTLS_CIPHER_C
-#define MBEDTLS_CTR_DRBG_C
-#define MBEDTLS_ENTROPY_C
-#define MBEDTLS_MD_C
-#define MBEDTLS_NET_C
-#define MBEDTLS_SHA256_C
-#define MBEDTLS_SSL_CLI_C
-#define MBEDTLS_SSL_SRV_C
-#define MBEDTLS_SSL_TLS_C
-
-/* Save RAM at the expense of ROM */
-#define MBEDTLS_AES_ROM_TABLES
-
-/* Save some RAM by adjusting to your exact needs */
-#define MBEDTLS_PSK_MAX_LEN    16 /* 128-bits keys are generally enough */
-
-/*
- * You should adjust this to the exact number of sources you're using: default
- * is the "platform_entropy_poll" source, but you may want to add other ones
- * Minimum is 2 for the entropy test suite.
- */
-#define MBEDTLS_ENTROPY_MAX_SOURCES 2
-
-/*
- * Use only CCM_8 ciphersuites, and
- * save ROM and a few bytes of RAM by specifying our own ciphersuite list
- */
-#define MBEDTLS_SSL_CIPHERSUITES                        \
-        MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,             \
-        MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8
-
-/*
- * Save RAM at the expense of interoperability: do this only if you control
- * both ends of the connection!  (See comments in "mbedtls/ssl.h".)
- * The optimal size here depends on the typical size of records.
- */
-#define MBEDTLS_SSL_MAX_CONTENT_LEN             1024
-
-#include "mbedtls/check_config.h"
-
-#endif /* MBEDTLS_CONFIG_H */
diff --git a/3rdparty/mbedtls-2.25.0/configs/config-mini-tls1_1.h b/3rdparty/mbedtls-2.25.0/configs/config-mini-tls1_1.h
deleted file mode 100644
index 638c1e2..0000000
--- a/3rdparty/mbedtls-2.25.0/configs/config-mini-tls1_1.h
+++ /dev/null
@@ -1,76 +0,0 @@
-/**
- * \file config-mini-tls1_1.h
- *
- * \brief Minimal configuration for TLS 1.1 (RFC 4346)
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- * Minimal configuration for TLS 1.1 (RFC 4346), implementing only the
- * required ciphersuite: MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
- *
- * See README.txt for usage instructions.
- */
-
-#ifndef MBEDTLS_CONFIG_H
-#define MBEDTLS_CONFIG_H
-
-/* System support */
-#define MBEDTLS_HAVE_ASM
-#define MBEDTLS_HAVE_TIME
-
-/* mbed TLS feature support */
-#define MBEDTLS_CIPHER_MODE_CBC
-#define MBEDTLS_PKCS1_V15
-#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-#define MBEDTLS_SSL_PROTO_TLS1_1
-
-/* mbed TLS modules */
-#define MBEDTLS_AES_C
-#define MBEDTLS_ASN1_PARSE_C
-#define MBEDTLS_ASN1_WRITE_C
-#define MBEDTLS_BIGNUM_C
-#define MBEDTLS_CIPHER_C
-#define MBEDTLS_CTR_DRBG_C
-#define MBEDTLS_DES_C
-#define MBEDTLS_ENTROPY_C
-#define MBEDTLS_MD_C
-#define MBEDTLS_MD5_C
-#define MBEDTLS_NET_C
-#define MBEDTLS_OID_C
-#define MBEDTLS_PK_C
-#define MBEDTLS_PK_PARSE_C
-#define MBEDTLS_RSA_C
-#define MBEDTLS_SHA1_C
-#define MBEDTLS_SHA256_C
-#define MBEDTLS_SSL_CLI_C
-#define MBEDTLS_SSL_SRV_C
-#define MBEDTLS_SSL_TLS_C
-#define MBEDTLS_X509_CRT_PARSE_C
-#define MBEDTLS_X509_USE_C
-
-/* For test certificates */
-#define MBEDTLS_BASE64_C
-#define MBEDTLS_CERTS_C
-#define MBEDTLS_PEM_PARSE_C
-
-/* For testing with compat.sh */
-#define MBEDTLS_FS_IO
-
-#include "mbedtls/check_config.h"
-
-#endif /* MBEDTLS_CONFIG_H */
diff --git a/3rdparty/mbedtls-2.25.0/configs/config-no-entropy.h b/3rdparty/mbedtls-2.25.0/configs/config-no-entropy.h
deleted file mode 100644
index 04c1213..0000000
--- a/3rdparty/mbedtls-2.25.0/configs/config-no-entropy.h
+++ /dev/null
@@ -1,90 +0,0 @@
-/**
- * \file config-no-entropy.h
- *
- * \brief Minimal configuration of features that do not require an entropy source
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- * Minimal configuration of features that do not require an entropy source
- * Distinguishing reatures:
- * - no entropy module
- * - no TLS protocol implementation available due to absence of an entropy
- *   source
- *
- * See README.txt for usage instructions.
- */
-
-#ifndef MBEDTLS_CONFIG_H
-#define MBEDTLS_CONFIG_H
-
-/* System support */
-#define MBEDTLS_HAVE_ASM
-#define MBEDTLS_HAVE_TIME
-
-/* mbed TLS feature support */
-#define MBEDTLS_CIPHER_MODE_CBC
-#define MBEDTLS_CIPHER_PADDING_PKCS7
-#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
-#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
-#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
-#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
-#define MBEDTLS_ECP_NIST_OPTIM
-#define MBEDTLS_ECDSA_DETERMINISTIC
-#define MBEDTLS_PK_RSA_ALT_SUPPORT
-#define MBEDTLS_PKCS1_V15
-#define MBEDTLS_PKCS1_V21
-#define MBEDTLS_SELF_TEST
-#define MBEDTLS_VERSION_FEATURES
-#define MBEDTLS_X509_CHECK_KEY_USAGE
-#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
-
-/* mbed TLS modules */
-#define MBEDTLS_AES_C
-#define MBEDTLS_ASN1_PARSE_C
-#define MBEDTLS_ASN1_WRITE_C
-#define MBEDTLS_BASE64_C
-#define MBEDTLS_BIGNUM_C
-#define MBEDTLS_CCM_C
-#define MBEDTLS_CIPHER_C
-#define MBEDTLS_ECDSA_C
-#define MBEDTLS_ECP_C
-#define MBEDTLS_ERROR_C
-#define MBEDTLS_GCM_C
-#define MBEDTLS_HMAC_DRBG_C
-#define MBEDTLS_MD_C
-#define MBEDTLS_OID_C
-#define MBEDTLS_PEM_PARSE_C
-#define MBEDTLS_PK_C
-#define MBEDTLS_PK_PARSE_C
-#define MBEDTLS_PK_WRITE_C
-#define MBEDTLS_PLATFORM_C
-#define MBEDTLS_RSA_C
-#define MBEDTLS_SHA256_C
-#define MBEDTLS_SHA512_C
-#define MBEDTLS_VERSION_C
-#define MBEDTLS_X509_USE_C
-#define MBEDTLS_X509_CRT_PARSE_C
-#define MBEDTLS_X509_CRL_PARSE_C
-//#define MBEDTLS_CMAC_C
-
-/* Miscellaneous options */
-#define MBEDTLS_AES_ROM_TABLES
-
-#include "mbedtls/check_config.h"
-
-#endif /* MBEDTLS_CONFIG_H */
diff --git a/3rdparty/mbedtls-2.25.0/configs/config-psa-crypto.h b/3rdparty/mbedtls-2.25.0/configs/config-psa-crypto.h
deleted file mode 100644
index b98fc9c..0000000
--- a/3rdparty/mbedtls-2.25.0/configs/config-psa-crypto.h
+++ /dev/null
@@ -1,3371 +0,0 @@
-/**
- * \file config.h
- *
- * \brief Configuration options (set of defines)
- *
- *  This set of compile-time options may be used to enable
- *  or disable features selectively, and reduce the global
- *  memory footprint.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef MBEDTLS_CONFIG_H
-#define MBEDTLS_CONFIG_H
-
-#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
-#define _CRT_SECURE_NO_DEPRECATE 1
-#endif
-
-/**
- * \name SECTION: System support
- *
- * This section sets system specific settings.
- * \{
- */
-
-/**
- * \def MBEDTLS_HAVE_ASM
- *
- * The compiler has support for asm().
- *
- * Requires support for asm() in compiler.
- *
- * Used in:
- *      library/aria.c
- *      library/timing.c
- *      include/mbedtls/bn_mul.h
- *
- * Required by:
- *      MBEDTLS_AESNI_C
- *      MBEDTLS_PADLOCK_C
- *
- * Comment to disable the use of assembly code.
- */
-#define MBEDTLS_HAVE_ASM
-
-/**
- * \def MBEDTLS_NO_UDBL_DIVISION
- *
- * The platform lacks support for double-width integer division (64-bit
- * division on a 32-bit platform, 128-bit division on a 64-bit platform).
- *
- * Used in:
- *      include/mbedtls/bignum.h
- *      library/bignum.c
- *
- * The bignum code uses double-width division to speed up some operations.
- * Double-width division is often implemented in software that needs to
- * be linked with the program. The presence of a double-width integer
- * type is usually detected automatically through preprocessor macros,
- * but the automatic detection cannot know whether the code needs to
- * and can be linked with an implementation of division for that type.
- * By default division is assumed to be usable if the type is present.
- * Uncomment this option to prevent the use of double-width division.
- *
- * Note that division for the native integer type is always required.
- * Furthermore, a 64-bit type is always required even on a 32-bit
- * platform, but it need not support multiplication or division. In some
- * cases it is also desirable to disable some double-width operations. For
- * example, if double-width division is implemented in software, disabling
- * it can reduce code size in some embedded targets.
- */
-//#define MBEDTLS_NO_UDBL_DIVISION
-
-/**
- * \def MBEDTLS_NO_64BIT_MULTIPLICATION
- *
- * The platform lacks support for 32x32 -> 64-bit multiplication.
- *
- * Used in:
- *      library/poly1305.c
- *
- * Some parts of the library may use multiplication of two unsigned 32-bit
- * operands with a 64-bit result in order to speed up computations. On some
- * platforms, this is not available in hardware and has to be implemented in
- * software, usually in a library provided by the toolchain.
- *
- * Sometimes it is not desirable to have to link to that library. This option
- * removes the dependency of that library on platforms that lack a hardware
- * 64-bit multiplier by embedding a software implementation in Mbed TLS.
- *
- * Note that depending on the compiler, this may decrease performance compared
- * to using the library function provided by the toolchain.
- */
-//#define MBEDTLS_NO_64BIT_MULTIPLICATION
-
-/**
- * \def MBEDTLS_HAVE_SSE2
- *
- * CPU supports SSE2 instruction set.
- *
- * Uncomment if the CPU supports SSE2 (IA-32 specific).
- */
-//#define MBEDTLS_HAVE_SSE2
-
-/**
- * \def MBEDTLS_HAVE_TIME
- *
- * System has time.h and time().
- * The time does not need to be correct, only time differences are used,
- * by contrast with MBEDTLS_HAVE_TIME_DATE
- *
- * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT,
- * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and
- * MBEDTLS_PLATFORM_STD_TIME.
- *
- * Comment if your system does not support time functions
- */
-#define MBEDTLS_HAVE_TIME
-
-/**
- * \def MBEDTLS_HAVE_TIME_DATE
- *
- * System has time.h, time(), and an implementation for
- * mbedtls_platform_gmtime_r() (see below).
- * The time needs to be correct (not necessarily very accurate, but at least
- * the date should be correct). This is used to verify the validity period of
- * X.509 certificates.
- *
- * Comment if your system does not have a correct clock.
- *
- * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that
- * behaves similarly to the gmtime_r() function from the C standard. Refer to
- * the documentation for mbedtls_platform_gmtime_r() for more information.
- *
- * \note It is possible to configure an implementation for
- * mbedtls_platform_gmtime_r() at compile-time by using the macro
- * MBEDTLS_PLATFORM_GMTIME_R_ALT.
- */
-#define MBEDTLS_HAVE_TIME_DATE
-
-/**
- * \def MBEDTLS_PLATFORM_MEMORY
- *
- * Enable the memory allocation layer.
- *
- * By default mbed TLS uses the system-provided calloc() and free().
- * This allows different allocators (self-implemented or provided) to be
- * provided to the platform abstraction layer.
- *
- * Enabling MBEDTLS_PLATFORM_MEMORY without the
- * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide
- * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and
- * free() function pointer at runtime.
- *
- * Enabling MBEDTLS_PLATFORM_MEMORY and specifying
- * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the
- * alternate function at compile time.
- *
- * Requires: MBEDTLS_PLATFORM_C
- *
- * Enable this layer to allow use of alternative memory allocators.
- */
-//#define MBEDTLS_PLATFORM_MEMORY
-
-/**
- * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
- *
- * Do not assign standard functions in the platform layer (e.g. calloc() to
- * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF)
- *
- * This makes sure there are no linking errors on platforms that do not support
- * these functions. You will HAVE to provide alternatives, either at runtime
- * via the platform_set_xxx() functions or at compile time by setting
- * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a
- * MBEDTLS_PLATFORM_XXX_MACRO.
- *
- * Requires: MBEDTLS_PLATFORM_C
- *
- * Uncomment to prevent default assignment of standard functions in the
- * platform layer.
- */
-//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
-
-/**
- * \def MBEDTLS_PLATFORM_EXIT_ALT
- *
- * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the
- * function in the platform abstraction layer.
- *
- * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will
- * provide a function "mbedtls_platform_set_printf()" that allows you to set an
- * alternative printf function pointer.
- *
- * All these define require MBEDTLS_PLATFORM_C to be defined!
- *
- * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows;
- * it will be enabled automatically by check_config.h
- *
- * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
- * MBEDTLS_PLATFORM_XXX_MACRO!
- *
- * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
- *
- * Uncomment a macro to enable alternate implementation of specific base
- * platform function
- */
-//#define MBEDTLS_PLATFORM_EXIT_ALT
-//#define MBEDTLS_PLATFORM_TIME_ALT
-//#define MBEDTLS_PLATFORM_FPRINTF_ALT
-//#define MBEDTLS_PLATFORM_PRINTF_ALT
-//#define MBEDTLS_PLATFORM_SNPRINTF_ALT
-//#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
-//#define MBEDTLS_PLATFORM_NV_SEED_ALT
-//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
-
-/**
- * \def MBEDTLS_DEPRECATED_WARNING
- *
- * Mark deprecated functions so that they generate a warning if used.
- * Functions deprecated in one version will usually be removed in the next
- * version. You can enable this to help you prepare the transition to a new
- * major version by making sure your code is not using these functions.
- *
- * This only works with GCC and Clang. With other compilers, you may want to
- * use MBEDTLS_DEPRECATED_REMOVED
- *
- * Uncomment to get warnings on using deprecated functions.
- */
-//#define MBEDTLS_DEPRECATED_WARNING
-
-/**
- * \def MBEDTLS_DEPRECATED_REMOVED
- *
- * Remove deprecated functions so that they generate an error if used.
- * Functions deprecated in one version will usually be removed in the next
- * version. You can enable this to help you prepare the transition to a new
- * major version by making sure your code is not using these functions.
- *
- * Uncomment to get errors on using deprecated functions.
- */
-//#define MBEDTLS_DEPRECATED_REMOVED
-
-/**
- * \def MBEDTLS_CHECK_PARAMS
- *
- * This configuration option controls whether the library validates more of
- * the parameters passed to it.
- *
- * When this flag is not defined, the library only attempts to validate an
- * input parameter if: (1) they may come from the outside world (such as the
- * network, the filesystem, etc.) or (2) not validating them could result in
- * internal memory errors such as overflowing a buffer controlled by the
- * library. On the other hand, it doesn't attempt to validate parameters whose
- * values are fully controlled by the application (such as pointers).
- *
- * When this flag is defined, the library additionally attempts to validate
- * parameters that are fully controlled by the application, and should always
- * be valid if the application code is fully correct and trusted.
- *
- * For example, when a function accepts as input a pointer to a buffer that may
- * contain untrusted data, and its documentation mentions that this pointer
- * must not be NULL:
- * - the pointer is checked to be non-NULL only if this option is enabled
- * - the content of the buffer is always validated
- *
- * When this flag is defined, if a library function receives a parameter that
- * is invalid, it will:
- * - invoke the macro MBEDTLS_PARAM_FAILED() which by default expands to a
- *   call to the function mbedtls_param_failed()
- * - immediately return (with a specific error code unless the function
- *   returns void and can't communicate an error).
- *
- * When defining this flag, you also need to:
- * - either provide a definition of the function mbedtls_param_failed() in
- *   your application (see platform_util.h for its prototype) as the library
- *   calls that function, but does not provide a default definition for it,
- * - or provide a different definition of the macro MBEDTLS_PARAM_FAILED()
- *   below if the above mechanism is not flexible enough to suit your needs.
- *   See the documentation of this macro later in this file.
- *
- * Uncomment to enable validation of application-controlled parameters.
- */
-//#define MBEDTLS_CHECK_PARAMS
-
-/* \} name SECTION: System support */
-
-/**
- * \name SECTION: mbed TLS feature support
- *
- * This section sets support for features that are or are not needed
- * within the modules that are enabled.
- * \{
- */
-
-/**
- * \def MBEDTLS_TIMING_ALT
- *
- * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(),
- * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
- *
- * Only works if you have MBEDTLS_TIMING_C enabled.
- *
- * You will need to provide a header "timing_alt.h" and an implementation at
- * compile time.
- */
-//#define MBEDTLS_TIMING_ALT
-
-/**
- * \def MBEDTLS_AES_ALT
- *
- * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your
- * alternate core implementation of a symmetric crypto, an arithmetic or hash
- * module (e.g. platform specific assembly optimized implementations). Keep
- * in mind that the function prototypes should remain the same.
- *
- * This replaces the whole module. If you only want to replace one of the
- * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
- *
- * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer
- * provide the "struct mbedtls_aes_context" definition and omit the base
- * function declarations and implementations. "aes_alt.h" will be included from
- * "aes.h" to include the new function definitions.
- *
- * Uncomment a macro to enable alternate implementation of the corresponding
- * module.
- *
- * \warning   MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their
- *            use constitutes a security risk. If possible, we recommend
- *            avoiding dependencies on them, and considering stronger message
- *            digests and ciphers instead.
- *
- */
-//#define MBEDTLS_AES_ALT
-//#define MBEDTLS_ARC4_ALT
-//#define MBEDTLS_ARIA_ALT
-//#define MBEDTLS_BLOWFISH_ALT
-//#define MBEDTLS_CAMELLIA_ALT
-//#define MBEDTLS_CCM_ALT
-//#define MBEDTLS_CHACHA20_ALT
-//#define MBEDTLS_CHACHAPOLY_ALT
-//#define MBEDTLS_CMAC_ALT
-//#define MBEDTLS_DES_ALT
-//#define MBEDTLS_DHM_ALT
-//#define MBEDTLS_ECJPAKE_ALT
-//#define MBEDTLS_GCM_ALT
-//#define MBEDTLS_NIST_KW_ALT
-//#define MBEDTLS_MD2_ALT
-//#define MBEDTLS_MD4_ALT
-//#define MBEDTLS_MD5_ALT
-//#define MBEDTLS_POLY1305_ALT
-//#define MBEDTLS_RIPEMD160_ALT
-//#define MBEDTLS_RSA_ALT
-//#define MBEDTLS_SHA1_ALT
-//#define MBEDTLS_SHA256_ALT
-//#define MBEDTLS_SHA512_ALT
-//#define MBEDTLS_XTEA_ALT
-
-/*
- * When replacing the elliptic curve module, pleace consider, that it is
- * implemented with two .c files:
- *      - ecp.c
- *      - ecp_curves.c
- * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
- * macros as described above. The only difference is that you have to make sure
- * that you provide functionality for both .c files.
- */
-//#define MBEDTLS_ECP_ALT
-
-/**
- * \def MBEDTLS_MD2_PROCESS_ALT
- *
- * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
- * alternate core implementation of symmetric crypto or hash function. Keep in
- * mind that function prototypes should remain the same.
- *
- * This replaces only one function. The header file from mbed TLS is still
- * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags.
- *
- * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will
- * no longer provide the mbedtls_sha1_process() function, but it will still provide
- * the other function (using your mbedtls_sha1_process() function) and the definition
- * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
- * with this definition.
- *
- * \note Because of a signature change, the core AES encryption and decryption routines are
- *       currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt,
- *       respectively. When setting up alternative implementations, these functions should
- *       be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
- *       must stay untouched.
- *
- * \note If you use the AES_xxx_ALT macros, then is is recommended to also set
- *       MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
- *       tables.
- *
- * Uncomment a macro to enable alternate implementation of the corresponding
- * function.
- *
- * \warning   MD2, MD4, MD5, DES and SHA-1 are considered weak and their use
- *            constitutes a security risk. If possible, we recommend avoiding
- *            dependencies on them, and considering stronger message digests
- *            and ciphers instead.
- *
- */
-//#define MBEDTLS_MD2_PROCESS_ALT
-//#define MBEDTLS_MD4_PROCESS_ALT
-//#define MBEDTLS_MD5_PROCESS_ALT
-//#define MBEDTLS_RIPEMD160_PROCESS_ALT
-//#define MBEDTLS_SHA1_PROCESS_ALT
-//#define MBEDTLS_SHA256_PROCESS_ALT
-//#define MBEDTLS_SHA512_PROCESS_ALT
-//#define MBEDTLS_DES_SETKEY_ALT
-//#define MBEDTLS_DES_CRYPT_ECB_ALT
-//#define MBEDTLS_DES3_CRYPT_ECB_ALT
-//#define MBEDTLS_AES_SETKEY_ENC_ALT
-//#define MBEDTLS_AES_SETKEY_DEC_ALT
-//#define MBEDTLS_AES_ENCRYPT_ALT
-//#define MBEDTLS_AES_DECRYPT_ALT
-//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
-//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
-//#define MBEDTLS_ECDSA_VERIFY_ALT
-//#define MBEDTLS_ECDSA_SIGN_ALT
-//#define MBEDTLS_ECDSA_GENKEY_ALT
-
-/**
- * \def MBEDTLS_ECP_INTERNAL_ALT
- *
- * Expose a part of the internal interface of the Elliptic Curve Point module.
- *
- * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your
- * alternative core implementation of elliptic curve arithmetic. Keep in mind
- * that function prototypes should remain the same.
- *
- * This partially replaces one function. The header file from mbed TLS is still
- * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation
- * is still present and it is used for group structures not supported by the
- * alternative.
- *
- * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT
- * and implementing the following functions:
- *      unsigned char mbedtls_internal_ecp_grp_capable(
- *          const mbedtls_ecp_group *grp )
- *      int  mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp )
- *      void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp )
- * The mbedtls_internal_ecp_grp_capable function should return 1 if the
- * replacement functions implement arithmetic for the given group and 0
- * otherwise.
- * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are
- * called before and after each point operation and provide an opportunity to
- * implement optimized set up and tear down instructions.
- *
- * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and
- * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac
- * function, but will use your mbedtls_internal_ecp_double_jac if the group is
- * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when
- * receives it as an argument). If the group is not supported then the original
- * implementation is used. The other functions and the definition of
- * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your
- * implementation of mbedtls_internal_ecp_double_jac and
- * mbedtls_internal_ecp_grp_capable must be compatible with this definition.
- *
- * Uncomment a macro to enable alternate implementation of the corresponding
- * function.
- */
-/* Required for all the functions in this section */
-//#define MBEDTLS_ECP_INTERNAL_ALT
-/* Support for Weierstrass curves with Jacobi representation */
-//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
-//#define MBEDTLS_ECP_ADD_MIXED_ALT
-//#define MBEDTLS_ECP_DOUBLE_JAC_ALT
-//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
-//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
-/* Support for curves with Montgomery arithmetic */
-//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
-//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
-//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
-
-/**
- * \def MBEDTLS_TEST_NULL_ENTROPY
- *
- * Enables testing and use of mbed TLS without any configured entropy sources.
- * This permits use of the library on platforms before an entropy source has
- * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the
- * MBEDTLS_ENTROPY_NV_SEED switches).
- *
- * WARNING! This switch MUST be disabled in production builds, and is suitable
- * only for development.
- * Enabling the switch negates any security provided by the library.
- *
- * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
- *
- */
-//#define MBEDTLS_TEST_NULL_ENTROPY
-
-/**
- * \def MBEDTLS_ENTROPY_HARDWARE_ALT
- *
- * Uncomment this macro to let mbed TLS use your own implementation of a
- * hardware entropy collector.
- *
- * Your function must be called \c mbedtls_hardware_poll(), have the same
- * prototype as declared in entropy_poll.h, and accept NULL as first argument.
- *
- * Uncomment to use your own hardware entropy collector.
- */
-//#define MBEDTLS_ENTROPY_HARDWARE_ALT
-
-/**
- * \def MBEDTLS_AES_ROM_TABLES
- *
- * Use precomputed AES tables stored in ROM.
- *
- * Uncomment this macro to use precomputed AES tables stored in ROM.
- * Comment this macro to generate AES tables in RAM at runtime.
- *
- * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb
- * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the
- * initialization time before the first AES operation can be performed.
- * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c
- * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded
- * performance if ROM access is slower than RAM access.
- *
- * This option is independent of \c MBEDTLS_AES_FEWER_TABLES.
- *
- */
-//#define MBEDTLS_AES_ROM_TABLES
-
-/**
- * \def MBEDTLS_AES_FEWER_TABLES
- *
- * Use less ROM/RAM for AES tables.
- *
- * Uncommenting this macro omits 75% of the AES tables from
- * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES)
- * by computing their values on the fly during operations
- * (the tables are entry-wise rotations of one another).
- *
- * Tradeoff: Uncommenting this reduces the RAM / ROM footprint
- * by ~6kb but at the cost of more arithmetic operations during
- * runtime. Specifically, one has to compare 4 accesses within
- * different tables to 4 accesses with additional arithmetic
- * operations within the same table. The performance gain/loss
- * depends on the system and memory details.
- *
- * This option is independent of \c MBEDTLS_AES_ROM_TABLES.
- *
- */
-//#define MBEDTLS_AES_FEWER_TABLES
-
-/**
- * \def MBEDTLS_CAMELLIA_SMALL_MEMORY
- *
- * Use less ROM for the Camellia implementation (saves about 768 bytes).
- *
- * Uncomment this macro to use less memory for Camellia.
- */
-//#define MBEDTLS_CAMELLIA_SMALL_MEMORY
-
-/**
- * \def MBEDTLS_CIPHER_MODE_CBC
- *
- * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
- */
-#define MBEDTLS_CIPHER_MODE_CBC
-
-/**
- * \def MBEDTLS_CIPHER_MODE_CFB
- *
- * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
- */
-#define MBEDTLS_CIPHER_MODE_CFB
-
-/**
- * \def MBEDTLS_CIPHER_MODE_CTR
- *
- * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
- */
-#define MBEDTLS_CIPHER_MODE_CTR
-
-/**
- * \def MBEDTLS_CIPHER_MODE_OFB
- *
- * Enable Output Feedback mode (OFB) for symmetric ciphers.
- */
-#define MBEDTLS_CIPHER_MODE_OFB
-
-/**
- * \def MBEDTLS_CIPHER_MODE_XTS
- *
- * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES.
- */
-#define MBEDTLS_CIPHER_MODE_XTS
-
-/**
- * \def MBEDTLS_CIPHER_NULL_CIPHER
- *
- * Enable NULL cipher.
- * Warning: Only do so when you know what you are doing. This allows for
- * encryption or channels without any security!
- *
- * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable
- * the following ciphersuites:
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
- *      MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA
- *      MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384
- *      MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256
- *      MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA
- *      MBEDTLS_TLS_RSA_WITH_NULL_SHA256
- *      MBEDTLS_TLS_RSA_WITH_NULL_SHA
- *      MBEDTLS_TLS_RSA_WITH_NULL_MD5
- *      MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384
- *      MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256
- *      MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA
- *      MBEDTLS_TLS_PSK_WITH_NULL_SHA384
- *      MBEDTLS_TLS_PSK_WITH_NULL_SHA256
- *      MBEDTLS_TLS_PSK_WITH_NULL_SHA
- *
- * Uncomment this macro to enable the NULL cipher and ciphersuites
- */
-//#define MBEDTLS_CIPHER_NULL_CIPHER
-
-/**
- * \def MBEDTLS_CIPHER_PADDING_PKCS7
- *
- * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for
- * specific padding modes in the cipher layer with cipher modes that support
- * padding (e.g. CBC)
- *
- * If you disable all padding modes, only full blocks can be used with CBC.
- *
- * Enable padding modes in the cipher layer.
- */
-#define MBEDTLS_CIPHER_PADDING_PKCS7
-#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
-#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
-#define MBEDTLS_CIPHER_PADDING_ZEROS
-
-/**
- * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES
- *
- * Enable weak ciphersuites in SSL / TLS.
- * Warning: Only do so when you know what you are doing. This allows for
- * channels with virtually no security at all!
- *
- * This enables the following ciphersuites:
- *      MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA
- *      MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA
- *
- * Uncomment this macro to enable weak ciphersuites
- *
- * \warning   DES is considered a weak cipher and its use constitutes a
- *            security risk. We recommend considering stronger ciphers instead.
- */
-//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
-
-/**
- * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES
- *
- * Remove RC4 ciphersuites by default in SSL / TLS.
- * This flag removes the ciphersuites based on RC4 from the default list as
- * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to
- * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them
- * explicitly.
- *
- * Uncomment this macro to remove RC4 ciphersuites by default.
- */
-#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
-
-/**
- * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
- *
- * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve
- * module.  By default all supported curves are enabled.
- *
- * Comment macros to disable the curve and functions for it
- */
-#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
-#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
-#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
-#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
-#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
-#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
-#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
-#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
-#define MBEDTLS_ECP_DP_BP256R1_ENABLED
-#define MBEDTLS_ECP_DP_BP384R1_ENABLED
-#define MBEDTLS_ECP_DP_BP512R1_ENABLED
-#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
-#define MBEDTLS_ECP_DP_CURVE448_ENABLED
-
-/**
- * \def MBEDTLS_ECP_NIST_OPTIM
- *
- * Enable specific 'modulo p' routines for each NIST prime.
- * Depending on the prime and architecture, makes operations 4 to 8 times
- * faster on the corresponding curve.
- *
- * Comment this macro to disable NIST curves optimisation.
- */
-#define MBEDTLS_ECP_NIST_OPTIM
-
-/**
- * \def MBEDTLS_ECP_RESTARTABLE
- *
- * Enable "non-blocking" ECC operations that can return early and be resumed.
- *
- * This allows various functions to pause by returning
- * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module,
- * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in
- * order to further progress and eventually complete their operation. This is
- * controlled through mbedtls_ecp_set_max_ops() which limits the maximum
- * number of ECC operations a function may perform before pausing; see
- * mbedtls_ecp_set_max_ops() for more information.
- *
- * This is useful in non-threaded environments if you want to avoid blocking
- * for too long on ECC (and, hence, X.509 or SSL/TLS) operations.
- *
- * Uncomment this macro to enable restartable ECC computations.
- *
- * \note  This option only works with the default software implementation of
- *        elliptic curve functionality. It is incompatible with
- *        MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT and MBEDTLS_ECDSA_XXX_ALT.
- */
-//#define MBEDTLS_ECP_RESTARTABLE
-
-/**
- * \def MBEDTLS_ECDSA_DETERMINISTIC
- *
- * Enable deterministic ECDSA (RFC 6979).
- * Standard ECDSA is "fragile" in the sense that lack of entropy when signing
- * may result in a compromise of the long-term signing key. This is avoided by
- * the deterministic variant.
- *
- * Requires: MBEDTLS_HMAC_DRBG_C
- *
- * Comment this macro to disable deterministic ECDSA.
- */
-#define MBEDTLS_ECDSA_DETERMINISTIC
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
- *
- * Enable the PSK based ciphersuite modes in SSL / TLS.
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
- */
-#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
- *
- * Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_DHM_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
- *
- * \warning    Using DHE constitutes a security risk as it
- *             is not possible to validate custom DH parameters.
- *             If possible, it is recommended users should consider
- *             preferring other methods of key exchange.
- *             See dhm.h for more details.
- *
- */
-#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
- *
- * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_ECDH_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
- */
-#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
- *
- * Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
- *           MBEDTLS_X509_CRT_PARSE_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
- */
-#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
- *
- * Enable the RSA-only based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
- *           MBEDTLS_X509_CRT_PARSE_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
- *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
- *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
- *      MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
- *      MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
- *      MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
- */
-#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
- *
- * Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
- *           MBEDTLS_X509_CRT_PARSE_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
- *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
- *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
- *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
- *      MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
- *
- * \warning    Using DHE constitutes a security risk as it
- *             is not possible to validate custom DH parameters.
- *             If possible, it is recommended users should consider
- *             preferring other methods of key exchange.
- *             See dhm.h for more details.
- *
- */
-#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
- *
- * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
- *           MBEDTLS_X509_CRT_PARSE_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
- */
-#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
- *
- * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C,
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
- */
-#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
- *
- * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
- */
-#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
- *
- * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
- *      MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
- */
-#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
- *
- * Enable the ECJPAKE based ciphersuite modes in SSL / TLS.
- *
- * \warning This is currently experimental. EC J-PAKE support is based on the
- * Thread v1.0.0 specification; incompatible changes to the specification
- * might still happen. For this reason, this is disabled by default.
- *
- * Requires: MBEDTLS_ECJPAKE_C
- *           MBEDTLS_SHA256_C
- *           MBEDTLS_ECP_DP_SECP256R1_ENABLED
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
- */
-//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
-
-/**
- * \def MBEDTLS_PK_PARSE_EC_EXTENDED
- *
- * Enhance support for reading EC keys using variants of SEC1 not allowed by
- * RFC 5915 and RFC 5480.
- *
- * Currently this means parsing the SpecifiedECDomain choice of EC
- * parameters (only known groups are supported, not arbitrary domains, to
- * avoid validation issues).
- *
- * Disable if you only need to support RFC 5915 + 5480 key formats.
- */
-#define MBEDTLS_PK_PARSE_EC_EXTENDED
-
-/**
- * \def MBEDTLS_ERROR_STRERROR_DUMMY
- *
- * Enable a dummy error function to make use of mbedtls_strerror() in
- * third party libraries easier when MBEDTLS_ERROR_C is disabled
- * (no effect when MBEDTLS_ERROR_C is enabled).
- *
- * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're
- * not using mbedtls_strerror() or error_strerror() in your application.
- *
- * Disable if you run into name conflicts and want to really remove the
- * mbedtls_strerror()
- */
-#define MBEDTLS_ERROR_STRERROR_DUMMY
-
-/**
- * \def MBEDTLS_GENPRIME
- *
- * Enable the prime-number generation code.
- *
- * Requires: MBEDTLS_BIGNUM_C
- */
-#define MBEDTLS_GENPRIME
-
-/**
- * \def MBEDTLS_FS_IO
- *
- * Enable functions that use the filesystem.
- */
-#define MBEDTLS_FS_IO
-
-/**
- * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
- *
- * Do not add default entropy sources. These are the platform specific,
- * mbedtls_timing_hardclock and HAVEGE based poll functions.
- *
- * This is useful to have more control over the added entropy sources in an
- * application.
- *
- * Uncomment this macro to prevent loading of default entropy functions.
- */
-//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
-
-/**
- * \def MBEDTLS_NO_PLATFORM_ENTROPY
- *
- * Do not use built-in platform entropy functions.
- * This is useful if your platform does not support
- * standards like the /dev/urandom or Windows CryptoAPI.
- *
- * Uncomment this macro to disable the built-in platform entropy functions.
- */
-//#define MBEDTLS_NO_PLATFORM_ENTROPY
-
-/**
- * \def MBEDTLS_ENTROPY_FORCE_SHA256
- *
- * Force the entropy accumulator to use a SHA-256 accumulator instead of the
- * default SHA-512 based one (if both are available).
- *
- * Requires: MBEDTLS_SHA256_C
- *
- * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option
- * if you have performance concerns.
- *
- * This option is only useful if both MBEDTLS_SHA256_C and
- * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
- */
-//#define MBEDTLS_ENTROPY_FORCE_SHA256
-
-/**
- * \def MBEDTLS_ENTROPY_NV_SEED
- *
- * Enable the non-volatile (NV) seed file-based entropy source.
- * (Also enables the NV seed read/write functions in the platform layer)
- *
- * This is crucial (if not required) on systems that do not have a
- * cryptographic entropy source (in hardware or kernel) available.
- *
- * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C
- *
- * \note The read/write functions that are used by the entropy source are
- *       determined in the platform layer, and can be modified at runtime and/or
- *       compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used.
- *
- * \note If you use the default implementation functions that read a seedfile
- *       with regular fopen(), please make sure you make a seedfile with the
- *       proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at
- *       least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from
- *       and written to or you will get an entropy source error! The default
- *       implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE
- *       bytes from the file.
- *
- * \note The entropy collector will write to the seed file before entropy is
- *       given to an external source, to update it.
- */
-//#define MBEDTLS_ENTROPY_NV_SEED
-
-/* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
- *
- * Enable key identifiers that encode a key owner identifier.
- *
- * This is only meaningful when building the library as part of a
- * multi-client service. When you activate this option, you must provide an
- * implementation of the type mbedtls_key_owner_id_t and a translation from
- * mbedtls_svc_key_id_t to file name in all the storage backends that you
- * you wish to support.
- *
- * Note that this option is meant for internal use only and may be removed
- * without notice.
- */
-//#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
-
-/**
- * \def MBEDTLS_MEMORY_DEBUG
- *
- * Enable debugging of buffer allocator memory issues. Automatically prints
- * (to stderr) all (fatal) messages on memory allocation issues. Enables
- * function for 'debug output' of allocated memory.
- *
- * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
- *
- * Uncomment this macro to let the buffer allocator print out error messages.
- */
-//#define MBEDTLS_MEMORY_DEBUG
-
-/**
- * \def MBEDTLS_MEMORY_BACKTRACE
- *
- * Include backtrace information with each allocated block.
- *
- * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
- *           GLIBC-compatible backtrace() an backtrace_symbols() support
- *
- * Uncomment this macro to include backtrace information
- */
-//#define MBEDTLS_MEMORY_BACKTRACE
-
-/**
- * \def MBEDTLS_PK_RSA_ALT_SUPPORT
- *
- * Support external private RSA keys (eg from a HSM) in the PK layer.
- *
- * Comment this macro to disable support for external private RSA keys.
- */
-#define MBEDTLS_PK_RSA_ALT_SUPPORT
-
-/**
- * \def MBEDTLS_PKCS1_V15
- *
- * Enable support for PKCS#1 v1.5 encoding.
- *
- * Requires: MBEDTLS_RSA_C
- *
- * This enables support for PKCS#1 v1.5 operations.
- */
-#define MBEDTLS_PKCS1_V15
-
-/**
- * \def MBEDTLS_PKCS1_V21
- *
- * Enable support for PKCS#1 v2.1 encoding.
- *
- * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C
- *
- * This enables support for RSAES-OAEP and RSASSA-PSS operations.
- */
-#define MBEDTLS_PKCS1_V21
-
-/**
- * \def MBEDTLS_PSA_CRYPTO_SPM
- *
- * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure
- * Partition Manager) integration which separates the code into two parts: a
- * NSPE (Non-Secure Process Environment) and an SPE (Secure Process
- * Environment).
- *
- * Module:  library/psa_crypto.c
- * Requires: MBEDTLS_PSA_CRYPTO_C
- *
- */
-//#define MBEDTLS_PSA_CRYPTO_SPM
-
-/**
- * \def MBEDTLS_PSA_INJECT_ENTROPY
- *
- * Enable support for entropy injection at first boot. This feature is
- * required on systems that do not have a built-in entropy source (TRNG).
- * This feature is currently not supported on systems that have a built-in
- * entropy source.
- *
- * Requires: MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_ENTROPY_NV_SEED
- *
- */
-//#define MBEDTLS_PSA_INJECT_ENTROPY
-
-/**
- * \def MBEDTLS_RSA_NO_CRT
- *
- * Do not use the Chinese Remainder Theorem
- * for the RSA private operation.
- *
- * Uncomment this macro to disable the use of CRT in RSA.
- *
- */
-//#define MBEDTLS_RSA_NO_CRT
-
-/**
- * \def MBEDTLS_SELF_TEST
- *
- * Enable the checkup functions (*_self_test).
- */
-#define MBEDTLS_SELF_TEST
-
-/**
- * \def MBEDTLS_SHA256_SMALLER
- *
- * Enable an implementation of SHA-256 that has lower ROM footprint but also
- * lower performance.
- *
- * The default implementation is meant to be a reasonnable compromise between
- * performance and size. This version optimizes more aggressively for size at
- * the expense of performance. Eg on Cortex-M4 it reduces the size of
- * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about
- * 30%.
- *
- * Uncomment to enable the smaller implementation of SHA256.
- */
-//#define MBEDTLS_SHA256_SMALLER
-
-/**
- * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
- *
- * Enable sending of alert messages in case of encountered errors as per RFC.
- * If you choose not to send the alert messages, mbed TLS can still communicate
- * with other servers, only debugging of failures is harder.
- *
- * The advantage of not sending alert messages, is that no information is given
- * about reasons for failures thus preventing adversaries of gaining intel.
- *
- * Enable sending of all alert messages
- */
-#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
-
-/**
- * \def MBEDTLS_SSL_ASYNC_PRIVATE
- *
- * Enable asynchronous external private key operations in SSL. This allows
- * you to configure an SSL connection to call an external cryptographic
- * module to perform private key operations instead of performing the
- * operation inside the library.
- *
- */
-//#define MBEDTLS_SSL_ASYNC_PRIVATE
-
-/**
- * \def MBEDTLS_SSL_DEBUG_ALL
- *
- * Enable the debug messages in SSL module for all issues.
- * Debug messages have been disabled in some places to prevent timing
- * attacks due to (unbalanced) debugging function calls.
- *
- * If you need all error reporting you should enable this during debugging,
- * but remove this for production servers that should log as well.
- *
- * Uncomment this macro to report all debug messages on errors introducing
- * a timing side-channel.
- *
- */
-//#define MBEDTLS_SSL_DEBUG_ALL
-
-/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
- *
- * Enable support for Encrypt-then-MAC, RFC 7366.
- *
- * This allows peers that both support it to use a more robust protection for
- * ciphersuites using CBC, providing deep resistance against timing attacks
- * on the padding or underlying cipher.
- *
- * This only affects CBC ciphersuites, and is useless if none is defined.
- *
- * Requires: MBEDTLS_SSL_PROTO_TLS1    or
- *           MBEDTLS_SSL_PROTO_TLS1_1  or
- *           MBEDTLS_SSL_PROTO_TLS1_2
- *
- * Comment this macro to disable support for Encrypt-then-MAC
- */
-#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
-
-/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET
- *
- * Enable support for Extended Master Secret, aka Session Hash
- * (draft-ietf-tls-session-hash-02).
- *
- * This was introduced as "the proper fix" to the Triple Handshake familiy of
- * attacks, but it is recommended to always use it (even if you disable
- * renegotiation), since it actually fixes a more fundamental issue in the
- * original SSL/TLS design, and has implications beyond Triple Handshake.
- *
- * Requires: MBEDTLS_SSL_PROTO_TLS1    or
- *           MBEDTLS_SSL_PROTO_TLS1_1  or
- *           MBEDTLS_SSL_PROTO_TLS1_2
- *
- * Comment this macro to disable support for Extended Master Secret.
- */
-#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
-
-/**
- * \def MBEDTLS_SSL_FALLBACK_SCSV
- *
- * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00).
- *
- * For servers, it is recommended to always enable this, unless you support
- * only one version of TLS, or know for sure that none of your clients
- * implements a fallback strategy.
- *
- * For clients, you only need this if you're using a fallback strategy, which
- * is not recommended in the first place, unless you absolutely need it to
- * interoperate with buggy (version-intolerant) servers.
- *
- * Comment this macro to disable support for FALLBACK_SCSV
- */
-#define MBEDTLS_SSL_FALLBACK_SCSV
-
-/**
- * \def MBEDTLS_SSL_HW_RECORD_ACCEL
- *
- * Enable hooking functions in SSL module for hardware acceleration of
- * individual records.
- *
- * Uncomment this macro to enable hooking functions.
- */
-//#define MBEDTLS_SSL_HW_RECORD_ACCEL
-
-/**
- * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING
- *
- * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0.
- *
- * This is a countermeasure to the BEAST attack, which also minimizes the risk
- * of interoperability issues compared to sending 0-length records.
- *
- * Comment this macro to disable 1/n-1 record splitting.
- */
-#define MBEDTLS_SSL_CBC_RECORD_SPLITTING
-
-/**
- * \def MBEDTLS_SSL_RENEGOTIATION
- *
- * Enable support for TLS renegotiation.
- *
- * The two main uses of renegotiation are (1) refresh keys on long-lived
- * connections and (2) client authentication after the initial handshake.
- * If you don't need renegotiation, it's probably better to disable it, since
- * it has been associated with security issues in the past and is easy to
- * misuse/misunderstand.
- *
- * Comment this to disable support for renegotiation.
- *
- * \note   Even if this option is disabled, both client and server are aware
- *         of the Renegotiation Indication Extension (RFC 5746) used to
- *         prevent the SSL renegotiation attack (see RFC 5746 Sect. 1).
- *         (See \c mbedtls_ssl_conf_legacy_renegotiation for the
- *          configuration of this extension).
- *
- */
-#define MBEDTLS_SSL_RENEGOTIATION
-
-/**
- * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
- *
- * Enable support for receiving and parsing SSLv2 Client Hello messages for the
- * SSL Server module (MBEDTLS_SSL_SRV_C).
- *
- * Uncomment this macro to enable support for SSLv2 Client Hello messages.
- */
-//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
-
-/**
- * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
- *
- * Pick the ciphersuite according to the client's preferences rather than ours
- * in the SSL Server module (MBEDTLS_SSL_SRV_C).
- *
- * Uncomment this macro to respect client's ciphersuite order
- */
-//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
-
-/**
- * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
- *
- * Enable support for RFC 6066 max_fragment_length extension in SSL.
- *
- * Comment this macro to disable support for the max_fragment_length extension
- */
-#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
-
-/**
- * \def MBEDTLS_SSL_PROTO_SSL3
- *
- * Enable support for SSL 3.0.
- *
- * Requires: MBEDTLS_MD5_C
- *           MBEDTLS_SHA1_C
- *
- * Comment this macro to disable support for SSL 3.0
- */
-//#define MBEDTLS_SSL_PROTO_SSL3
-
-/**
- * \def MBEDTLS_SSL_PROTO_TLS1
- *
- * Enable support for TLS 1.0.
- *
- * Requires: MBEDTLS_MD5_C
- *           MBEDTLS_SHA1_C
- *
- * Comment this macro to disable support for TLS 1.0
- */
-#define MBEDTLS_SSL_PROTO_TLS1
-
-/**
- * \def MBEDTLS_SSL_PROTO_TLS1_1
- *
- * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled).
- *
- * Requires: MBEDTLS_MD5_C
- *           MBEDTLS_SHA1_C
- *
- * Comment this macro to disable support for TLS 1.1 / DTLS 1.0
- */
-#define MBEDTLS_SSL_PROTO_TLS1_1
-
-/**
- * \def MBEDTLS_SSL_PROTO_TLS1_2
- *
- * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
- *
- * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C
- *           (Depends on ciphersuites)
- *
- * Comment this macro to disable support for TLS 1.2 / DTLS 1.2
- */
-#define MBEDTLS_SSL_PROTO_TLS1_2
-
-/**
- * \def MBEDTLS_SSL_PROTO_DTLS
- *
- * Enable support for DTLS (all available versions).
- *
- * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0,
- * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
- *
- * Requires: MBEDTLS_SSL_PROTO_TLS1_1
- *        or MBEDTLS_SSL_PROTO_TLS1_2
- *
- * Comment this macro to disable support for DTLS
- */
-#define MBEDTLS_SSL_PROTO_DTLS
-
-/**
- * \def MBEDTLS_SSL_ALPN
- *
- * Enable support for RFC 7301 Application Layer Protocol Negotiation.
- *
- * Comment this macro to disable support for ALPN.
- */
-#define MBEDTLS_SSL_ALPN
-
-/**
- * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY
- *
- * Enable support for the anti-replay mechanism in DTLS.
- *
- * Requires: MBEDTLS_SSL_TLS_C
- *           MBEDTLS_SSL_PROTO_DTLS
- *
- * \warning Disabling this is often a security risk!
- * See mbedtls_ssl_conf_dtls_anti_replay() for details.
- *
- * Comment this to disable anti-replay in DTLS.
- */
-#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
-
-/**
- * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY
- *
- * Enable support for HelloVerifyRequest on DTLS servers.
- *
- * This feature is highly recommended to prevent DTLS servers being used as
- * amplifiers in DoS attacks against other hosts. It should always be enabled
- * unless you know for sure amplification cannot be a problem in the
- * environment in which your server operates.
- *
- * \warning Disabling this can ba a security risk! (see above)
- *
- * Requires: MBEDTLS_SSL_PROTO_DTLS
- *
- * Comment this to disable support for HelloVerifyRequest.
- */
-#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
-
-/**
- * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
- *
- * Enable server-side support for clients that reconnect from the same port.
- *
- * Some clients unexpectedly close the connection and try to reconnect using the
- * same source port. This needs special support from the server to handle the
- * new connection securely, as described in section 4.2.8 of RFC 6347. This
- * flag enables that support.
- *
- * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
- *
- * Comment this to disable support for clients reusing the source port.
- */
-#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
-
-/**
- * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT
- *
- * Enable support for a limit of records with bad MAC.
- *
- * See mbedtls_ssl_conf_dtls_badmac_limit().
- *
- * Requires: MBEDTLS_SSL_PROTO_DTLS
- */
-#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
-
-/**
- * \def MBEDTLS_SSL_SESSION_TICKETS
- *
- * Enable support for RFC 5077 session tickets in SSL.
- * Client-side, provides full support for session tickets (maintenance of a
- * session store remains the responsibility of the application, though).
- * Server-side, you also need to provide callbacks for writing and parsing
- * tickets, including authenticated encryption and key management. Example
- * callbacks are provided by MBEDTLS_SSL_TICKET_C.
- *
- * Comment this macro to disable support for SSL session tickets
- */
-#define MBEDTLS_SSL_SESSION_TICKETS
-
-/**
- * \def MBEDTLS_SSL_EXPORT_KEYS
- *
- * Enable support for exporting key block and master secret.
- * This is required for certain users of TLS, e.g. EAP-TLS.
- *
- * Comment this macro to disable support for key export
- */
-#define MBEDTLS_SSL_EXPORT_KEYS
-
-/**
- * \def MBEDTLS_SSL_SERVER_NAME_INDICATION
- *
- * Enable support for RFC 6066 server name indication (SNI) in SSL.
- *
- * Requires: MBEDTLS_X509_CRT_PARSE_C
- *
- * Comment this macro to disable support for server name indication in SSL
- */
-#define MBEDTLS_SSL_SERVER_NAME_INDICATION
-
-/**
- * \def MBEDTLS_SSL_TRUNCATED_HMAC
- *
- * Enable support for RFC 6066 truncated HMAC in SSL.
- *
- * Comment this macro to disable support for truncated HMAC in SSL
- */
-#define MBEDTLS_SSL_TRUNCATED_HMAC
-
-/**
- * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
- *
- * Fallback to old (pre-2.7), non-conforming implementation of the truncated
- * HMAC extension which also truncates the HMAC key. Note that this option is
- * only meant for a transitory upgrade period and is likely to be removed in
- * a future version of the library.
- *
- * \warning The old implementation is non-compliant and has a security weakness
- *          (2^80 brute force attack on the HMAC key used for a single,
- *          uninterrupted connection). This should only be enabled temporarily
- *          when (1) the use of truncated HMAC is essential in order to save
- *          bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use
- *          the fixed implementation yet (pre-2.7).
- *
- * \deprecated This option is deprecated and will likely be removed in a
- *             future version of Mbed TLS.
- *
- * Uncomment to fallback to old, non-compliant truncated HMAC implementation.
- *
- * Requires: MBEDTLS_SSL_TRUNCATED_HMAC
- */
-//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
-
-/**
- * \def MBEDTLS_THREADING_ALT
- *
- * Provide your own alternate threading implementation.
- *
- * Requires: MBEDTLS_THREADING_C
- *
- * Uncomment this to allow your own alternate threading implementation.
- */
-//#define MBEDTLS_THREADING_ALT
-
-/**
- * \def MBEDTLS_THREADING_PTHREAD
- *
- * Enable the pthread wrapper layer for the threading layer.
- *
- * Requires: MBEDTLS_THREADING_C
- *
- * Uncomment this to enable pthread mutexes.
- */
-//#define MBEDTLS_THREADING_PTHREAD
-
-/**
- * \def MBEDTLS_USE_PSA_CRYPTO
- *
- * Make the X.509 and TLS library use PSA for cryptographic operations, see
- * #MBEDTLS_PSA_CRYPTO_C.
- *
- * Note: this option is still in progress, the full X.509 and TLS modules are
- * not covered yet, but parts that are not ported to PSA yet will still work
- * as usual, so enabling this option should not break backwards compatibility.
- *
- * \warning  Support for PSA is still an experimental feature.
- *           Any public API that depends on this option may change
- *           at any time until this warning is removed.
- *
- * Requires: MBEDTLS_PSA_CRYPTO_C.
- */
-//#define MBEDTLS_USE_PSA_CRYPTO
-
-/**
- * \def MBEDTLS_VERSION_FEATURES
- *
- * Allow run-time checking of compile-time enabled features. Thus allowing users
- * to check at run-time if the library is for instance compiled with threading
- * support via mbedtls_version_check_feature().
- *
- * Requires: MBEDTLS_VERSION_C
- *
- * Comment this to disable run-time checking and save ROM space
- */
-#define MBEDTLS_VERSION_FEATURES
-
-/**
- * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
- *
- * If set, the X509 parser will not break-off when parsing an X509 certificate
- * and encountering an extension in a v1 or v2 certificate.
- *
- * Uncomment to prevent an error.
- */
-//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
-
-/**
- * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
- *
- * If set, the X509 parser will not break-off when parsing an X509 certificate
- * and encountering an unknown critical extension.
- *
- * \warning Depending on your PKI use, enabling this can be a security risk!
- *
- * Uncomment to prevent an error.
- */
-//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
-
-/**
- * \def MBEDTLS_X509_CHECK_KEY_USAGE
- *
- * Enable verification of the keyUsage extension (CA and leaf certificates).
- *
- * Disabling this avoids problems with mis-issued and/or misused
- * (intermediate) CA and leaf certificates.
- *
- * \warning Depending on your PKI use, disabling this can be a security risk!
- *
- * Comment to skip keyUsage checking for both CA and leaf certificates.
- */
-#define MBEDTLS_X509_CHECK_KEY_USAGE
-
-/**
- * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
- *
- * Enable verification of the extendedKeyUsage extension (leaf certificates).
- *
- * Disabling this avoids problems with mis-issued and/or misused certificates.
- *
- * \warning Depending on your PKI use, disabling this can be a security risk!
- *
- * Comment to skip extendedKeyUsage checking for certificates.
- */
-#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
-
-/**
- * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
- *
- * Enable parsing and verification of X.509 certificates, CRLs and CSRS
- * signed with RSASSA-PSS (aka PKCS#1 v2.1).
- *
- * Comment this macro to disallow using RSASSA-PSS in certificates.
- */
-#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
-
-/**
- * \def MBEDTLS_ZLIB_SUPPORT
- *
- * If set, the SSL/TLS module uses ZLIB to support compression and
- * decompression of packet data.
- *
- * \warning TLS-level compression MAY REDUCE SECURITY! See for example the
- * CRIME attack. Before enabling this option, you should examine with care if
- * CRIME or similar exploits may be applicable to your use case.
- *
- * \note Currently compression can't be used with DTLS.
- *
- * \deprecated This feature is deprecated and will be removed
- *             in the next major revision of the library.
- *
- * Used in: library/ssl_tls.c
- *          library/ssl_cli.c
- *          library/ssl_srv.c
- *
- * This feature requires zlib library and headers to be present.
- *
- * Uncomment to enable use of ZLIB
- */
-//#define MBEDTLS_ZLIB_SUPPORT
-/* \} name SECTION: mbed TLS feature support */
-
-/**
- * \name SECTION: mbed TLS modules
- *
- * This section enables or disables entire modules in mbed TLS
- * \{
- */
-
-/**
- * \def MBEDTLS_AESNI_C
- *
- * Enable AES-NI support on x86-64.
- *
- * Module:  library/aesni.c
- * Caller:  library/aes.c
- *
- * Requires: MBEDTLS_HAVE_ASM
- *
- * This modules adds support for the AES-NI instructions on x86-64
- */
-#define MBEDTLS_AESNI_C
-
-/**
- * \def MBEDTLS_AES_C
- *
- * Enable the AES block cipher.
- *
- * Module:  library/aes.c
- * Caller:  library/cipher.c
- *          library/pem.c
- *          library/ctr_drbg.c
- *
- * This module enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
- *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
- *
- * PEM_PARSE uses AES for decrypting encrypted keys.
- */
-#define MBEDTLS_AES_C
-
-/**
- * \def MBEDTLS_ARC4_C
- *
- * Enable the ARCFOUR stream cipher.
- *
- * Module:  library/arc4.c
- * Caller:  library/cipher.c
- *
- * This module enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
- *      MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
- *      MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
- *      MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
- *      MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
- *      MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
- *      MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
- *
- * \warning   ARC4 is considered a weak cipher and its use constitutes a
- *            security risk. If possible, we recommend avoidng dependencies on
- *            it, and considering stronger ciphers instead.
- *
- */
-#define MBEDTLS_ARC4_C
-
-/**
- * \def MBEDTLS_ASN1_PARSE_C
- *
- * Enable the generic ASN1 parser.
- *
- * Module:  library/asn1.c
- * Caller:  library/x509.c
- *          library/dhm.c
- *          library/pkcs12.c
- *          library/pkcs5.c
- *          library/pkparse.c
- */
-#define MBEDTLS_ASN1_PARSE_C
-
-/**
- * \def MBEDTLS_ASN1_WRITE_C
- *
- * Enable the generic ASN1 writer.
- *
- * Module:  library/asn1write.c
- * Caller:  library/ecdsa.c
- *          library/pkwrite.c
- *          library/x509_create.c
- *          library/x509write_crt.c
- *          library/x509write_csr.c
- */
-#define MBEDTLS_ASN1_WRITE_C
-
-/**
- * \def MBEDTLS_BASE64_C
- *
- * Enable the Base64 module.
- *
- * Module:  library/base64.c
- * Caller:  library/pem.c
- *
- * This module is required for PEM support (required by X.509).
- */
-#define MBEDTLS_BASE64_C
-
-/**
- * \def MBEDTLS_BIGNUM_C
- *
- * Enable the multi-precision integer library.
- *
- * Module:  library/bignum.c
- * Caller:  library/dhm.c
- *          library/ecp.c
- *          library/ecdsa.c
- *          library/rsa.c
- *          library/rsa_internal.c
- *          library/ssl_tls.c
- *
- * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support.
- */
-#define MBEDTLS_BIGNUM_C
-
-/**
- * \def MBEDTLS_BLOWFISH_C
- *
- * Enable the Blowfish block cipher.
- *
- * Module:  library/blowfish.c
- */
-#define MBEDTLS_BLOWFISH_C
-
-/**
- * \def MBEDTLS_CAMELLIA_C
- *
- * Enable the Camellia block cipher.
- *
- * Module:  library/camellia.c
- * Caller:  library/cipher.c
- *
- * This module enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
- *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
- *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
- *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
- *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
- *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
- */
-#define MBEDTLS_CAMELLIA_C
-
-/**
- * \def MBEDTLS_ARIA_C
- *
- * Enable the ARIA block cipher.
- *
- * Module:  library/aria.c
- * Caller:  library/cipher.c
- *
- * This module enables the following ciphersuites (if other requisites are
- * enabled as well):
- *
- *      MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256
- *      MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384
- *      MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256
- *      MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384
- *      MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256
- *      MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384
- *      MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256
- *      MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384
- *      MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256
- *      MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384
- *      MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256
- *      MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384
- *      MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256
- *      MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384
- *      MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256
- *      MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384
- *      MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256
- *      MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384
- *      MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256
- *      MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384
- */
-//#define MBEDTLS_ARIA_C
-
-/**
- * \def MBEDTLS_CCM_C
- *
- * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
- *
- * Module:  library/ccm.c
- *
- * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
- *
- * This module enables the AES-CCM ciphersuites, if other requisites are
- * enabled as well.
- */
-#define MBEDTLS_CCM_C
-
-/**
- * \def MBEDTLS_CERTS_C
- *
- * Enable the test certificates.
- *
- * Module:  library/certs.c
- * Caller:
- *
- * This module is used for testing (ssl_client/server).
- */
-#define MBEDTLS_CERTS_C
-
-/**
- * \def MBEDTLS_CHACHA20_C
- *
- * Enable the ChaCha20 stream cipher.
- *
- * Module:  library/chacha20.c
- */
-#define MBEDTLS_CHACHA20_C
-
-/**
- * \def MBEDTLS_CHACHAPOLY_C
- *
- * Enable the ChaCha20-Poly1305 AEAD algorithm.
- *
- * Module:  library/chachapoly.c
- *
- * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C
- */
-#define MBEDTLS_CHACHAPOLY_C
-
-/**
- * \def MBEDTLS_CIPHER_C
- *
- * Enable the generic cipher layer.
- *
- * Module:  library/cipher.c
- * Caller:  library/ssl_tls.c
- *
- * Uncomment to enable generic cipher wrappers.
- */
-#define MBEDTLS_CIPHER_C
-
-/**
- * \def MBEDTLS_CMAC_C
- *
- * Enable the CMAC (Cipher-based Message Authentication Code) mode for block
- * ciphers.
- *
- * Module:  library/cmac.c
- *
- * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
- *
- */
-#define MBEDTLS_CMAC_C
-
-/**
- * \def MBEDTLS_CTR_DRBG_C
- *
- * Enable the CTR_DRBG AES-based random generator.
- * The CTR_DRBG generator uses AES-256 by default.
- * To use AES-128 instead, enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY below.
- *
- * Module:  library/ctr_drbg.c
- * Caller:
- *
- * Requires: MBEDTLS_AES_C
- *
- * This module provides the CTR_DRBG AES random number generator.
- */
-#define MBEDTLS_CTR_DRBG_C
-
-/**
- * \def MBEDTLS_DEBUG_C
- *
- * Enable the debug functions.
- *
- * Module:  library/debug.c
- * Caller:  library/ssl_cli.c
- *          library/ssl_srv.c
- *          library/ssl_tls.c
- *
- * This module provides debugging functions.
- */
-#define MBEDTLS_DEBUG_C
-
-/**
- * \def MBEDTLS_DES_C
- *
- * Enable the DES block cipher.
- *
- * Module:  library/des.c
- * Caller:  library/pem.c
- *          library/cipher.c
- *
- * This module enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
- *
- * PEM_PARSE uses DES/3DES for decrypting encrypted keys.
- *
- * \warning   DES is considered a weak cipher and its use constitutes a
- *            security risk. We recommend considering stronger ciphers instead.
- */
-#define MBEDTLS_DES_C
-
-/**
- * \def MBEDTLS_DHM_C
- *
- * Enable the Diffie-Hellman-Merkle module.
- *
- * Module:  library/dhm.c
- * Caller:  library/ssl_cli.c
- *          library/ssl_srv.c
- *
- * This module is used by the following key exchanges:
- *      DHE-RSA, DHE-PSK
- *
- * \warning    Using DHE constitutes a security risk as it
- *             is not possible to validate custom DH parameters.
- *             If possible, it is recommended users should consider
- *             preferring other methods of key exchange.
- *             See dhm.h for more details.
- *
- */
-#define MBEDTLS_DHM_C
-
-/**
- * \def MBEDTLS_ECDH_C
- *
- * Enable the elliptic curve Diffie-Hellman library.
- *
- * Module:  library/ecdh.c
- * Caller:  library/ssl_cli.c
- *          library/ssl_srv.c
- *
- * This module is used by the following key exchanges:
- *      ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
- *
- * Requires: MBEDTLS_ECP_C
- */
-#define MBEDTLS_ECDH_C
-
-/**
- * \def MBEDTLS_ECDSA_C
- *
- * Enable the elliptic curve DSA library.
- *
- * Module:  library/ecdsa.c
- * Caller:
- *
- * This module is used by the following key exchanges:
- *      ECDHE-ECDSA
- *
- * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C
- */
-#define MBEDTLS_ECDSA_C
-
-/**
- * \def MBEDTLS_ECJPAKE_C
- *
- * Enable the elliptic curve J-PAKE library.
- *
- * \warning This is currently experimental. EC J-PAKE support is based on the
- * Thread v1.0.0 specification; incompatible changes to the specification
- * might still happen. For this reason, this is disabled by default.
- *
- * Module:  library/ecjpake.c
- * Caller:
- *
- * This module is used by the following key exchanges:
- *      ECJPAKE
- *
- * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C
- */
-//#define MBEDTLS_ECJPAKE_C
-
-/**
- * \def MBEDTLS_ECP_C
- *
- * Enable the elliptic curve over GF(p) library.
- *
- * Module:  library/ecp.c
- * Caller:  library/ecdh.c
- *          library/ecdsa.c
- *          library/ecjpake.c
- *
- * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED
- */
-#define MBEDTLS_ECP_C
-
-/**
- * \def MBEDTLS_ENTROPY_C
- *
- * Enable the platform-specific entropy code.
- *
- * Module:  library/entropy.c
- * Caller:
- *
- * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C
- *
- * This module provides a generic entropy pool
- */
-#define MBEDTLS_ENTROPY_C
-
-/**
- * \def MBEDTLS_ERROR_C
- *
- * Enable error code to error string conversion.
- *
- * Module:  library/error.c
- * Caller:
- *
- * This module enables mbedtls_strerror().
- */
-#define MBEDTLS_ERROR_C
-
-/**
- * \def MBEDTLS_GCM_C
- *
- * Enable the Galois/Counter Mode (GCM) for AES.
- *
- * Module:  library/gcm.c
- *
- * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
- *
- * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
- * requisites are enabled as well.
- */
-#define MBEDTLS_GCM_C
-
-/**
- * \def MBEDTLS_HAVEGE_C
- *
- * Enable the HAVEGE random generator.
- *
- * Warning: the HAVEGE random generator is not suitable for virtualized
- *          environments
- *
- * Warning: the HAVEGE random generator is dependent on timing and specific
- *          processor traits. It is therefore not advised to use HAVEGE as
- *          your applications primary random generator or primary entropy pool
- *          input. As a secondary input to your entropy pool, it IS able add
- *          the (limited) extra entropy it provides.
- *
- * Module:  library/havege.c
- * Caller:
- *
- * Requires: MBEDTLS_TIMING_C
- *
- * Uncomment to enable the HAVEGE random generator.
- */
-//#define MBEDTLS_HAVEGE_C
-
-/**
- * \def MBEDTLS_HKDF_C
- *
- * Enable the HKDF algorithm (RFC 5869).
- *
- * Module:  library/hkdf.c
- * Caller:
- *
- * Requires: MBEDTLS_MD_C
- *
- * This module adds support for the Hashed Message Authentication Code
- * (HMAC)-based key derivation function (HKDF).
- */
-#define MBEDTLS_HKDF_C
-
-/**
- * \def MBEDTLS_HMAC_DRBG_C
- *
- * Enable the HMAC_DRBG random generator.
- *
- * Module:  library/hmac_drbg.c
- * Caller:
- *
- * Requires: MBEDTLS_MD_C
- *
- * Uncomment to enable the HMAC_DRBG random number geerator.
- */
-#define MBEDTLS_HMAC_DRBG_C
-
-/**
- * \def MBEDTLS_NIST_KW_C
- *
- * Enable the Key Wrapping mode for 128-bit block ciphers,
- * as defined in NIST SP 800-38F. Only KW and KWP modes
- * are supported. At the moment, only AES is approved by NIST.
- *
- * Module:  library/nist_kw.c
- *
- * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C
- */
-//#define MBEDTLS_NIST_KW_C
-
-/**
- * \def MBEDTLS_MD_C
- *
- * Enable the generic message digest layer.
- *
- * Module:  library/md.c
- * Caller:
- *
- * Uncomment to enable generic message digest wrappers.
- */
-#define MBEDTLS_MD_C
-
-/**
- * \def MBEDTLS_MD2_C
- *
- * Enable the MD2 hash algorithm.
- *
- * Module:  library/md2.c
- * Caller:
- *
- * Uncomment to enable support for (rare) MD2-signed X.509 certs.
- *
- * \warning   MD2 is considered a weak message digest and its use constitutes a
- *            security risk. If possible, we recommend avoiding dependencies on
- *            it, and considering stronger message digests instead.
- *
- */
-//#define MBEDTLS_MD2_C
-
-/**
- * \def MBEDTLS_MD4_C
- *
- * Enable the MD4 hash algorithm.
- *
- * Module:  library/md4.c
- * Caller:
- *
- * Uncomment to enable support for (rare) MD4-signed X.509 certs.
- *
- * \warning   MD4 is considered a weak message digest and its use constitutes a
- *            security risk. If possible, we recommend avoiding dependencies on
- *            it, and considering stronger message digests instead.
- *
- */
-//#define MBEDTLS_MD4_C
-
-/**
- * \def MBEDTLS_MD5_C
- *
- * Enable the MD5 hash algorithm.
- *
- * Module:  library/md5.c
- * Caller:  library/md.c
- *          library/pem.c
- *          library/ssl_tls.c
- *
- * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2
- * depending on the handshake parameters. Further, it is used for checking
- * MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded
- * encrypted keys.
- *
- * \warning   MD5 is considered a weak message digest and its use constitutes a
- *            security risk. If possible, we recommend avoiding dependencies on
- *            it, and considering stronger message digests instead.
- *
- */
-#define MBEDTLS_MD5_C
-
-/**
- * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C
- *
- * Enable the buffer allocator implementation that makes use of a (stack)
- * based buffer to 'allocate' dynamic memory. (replaces calloc() and free()
- * calls)
- *
- * Module:  library/memory_buffer_alloc.c
- *
- * Requires: MBEDTLS_PLATFORM_C
- *           MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS)
- *
- * Enable this module to enable the buffer memory allocator.
- */
-//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
-
-/**
- * \def MBEDTLS_NET_C
- *
- * Enable the TCP and UDP over IPv6/IPv4 networking routines.
- *
- * \note This module only works on POSIX/Unix (including Linux, BSD and OS X)
- * and Windows. For other platforms, you'll want to disable it, and write your
- * own networking callbacks to be passed to \c mbedtls_ssl_set_bio().
- *
- * \note See also our Knowledge Base article about porting to a new
- * environment:
- * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
- *
- * Module:  library/net_sockets.c
- *
- * This module provides networking routines.
- */
-#define MBEDTLS_NET_C
-
-/**
- * \def MBEDTLS_OID_C
- *
- * Enable the OID database.
- *
- * Module:  library/oid.c
- * Caller:  library/asn1write.c
- *          library/pkcs5.c
- *          library/pkparse.c
- *          library/pkwrite.c
- *          library/rsa.c
- *          library/x509.c
- *          library/x509_create.c
- *          library/x509_crl.c
- *          library/x509_crt.c
- *          library/x509_csr.c
- *          library/x509write_crt.c
- *          library/x509write_csr.c
- *
- * This modules translates between OIDs and internal values.
- */
-#define MBEDTLS_OID_C
-
-/**
- * \def MBEDTLS_PADLOCK_C
- *
- * Enable VIA Padlock support on x86.
- *
- * Module:  library/padlock.c
- * Caller:  library/aes.c
- *
- * Requires: MBEDTLS_HAVE_ASM
- *
- * This modules adds support for the VIA PadLock on x86.
- */
-#define MBEDTLS_PADLOCK_C
-
-/**
- * \def MBEDTLS_PEM_PARSE_C
- *
- * Enable PEM decoding / parsing.
- *
- * Module:  library/pem.c
- * Caller:  library/dhm.c
- *          library/pkparse.c
- *          library/x509_crl.c
- *          library/x509_crt.c
- *          library/x509_csr.c
- *
- * Requires: MBEDTLS_BASE64_C
- *
- * This modules adds support for decoding / parsing PEM files.
- */
-#define MBEDTLS_PEM_PARSE_C
-
-/**
- * \def MBEDTLS_PEM_WRITE_C
- *
- * Enable PEM encoding / writing.
- *
- * Module:  library/pem.c
- * Caller:  library/pkwrite.c
- *          library/x509write_crt.c
- *          library/x509write_csr.c
- *
- * Requires: MBEDTLS_BASE64_C
- *
- * This modules adds support for encoding / writing PEM files.
- */
-#define MBEDTLS_PEM_WRITE_C
-
-/**
- * \def MBEDTLS_PK_C
- *
- * Enable the generic public (asymetric) key layer.
- *
- * Module:  library/pk.c
- * Caller:  library/ssl_tls.c
- *          library/ssl_cli.c
- *          library/ssl_srv.c
- *
- * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C
- *
- * Uncomment to enable generic public key wrappers.
- */
-#define MBEDTLS_PK_C
-
-/**
- * \def MBEDTLS_PK_PARSE_C
- *
- * Enable the generic public (asymetric) key parser.
- *
- * Module:  library/pkparse.c
- * Caller:  library/x509_crt.c
- *          library/x509_csr.c
- *
- * Requires: MBEDTLS_PK_C
- *
- * Uncomment to enable generic public key parse functions.
- */
-#define MBEDTLS_PK_PARSE_C
-
-/**
- * \def MBEDTLS_PK_WRITE_C
- *
- * Enable the generic public (asymetric) key writer.
- *
- * Module:  library/pkwrite.c
- * Caller:  library/x509write.c
- *
- * Requires: MBEDTLS_PK_C
- *
- * Uncomment to enable generic public key write functions.
- */
-#define MBEDTLS_PK_WRITE_C
-
-/**
- * \def MBEDTLS_PKCS5_C
- *
- * Enable PKCS#5 functions.
- *
- * Module:  library/pkcs5.c
- *
- * Requires: MBEDTLS_MD_C
- *
- * This module adds support for the PKCS#5 functions.
- */
-#define MBEDTLS_PKCS5_C
-
-/**
- * \def MBEDTLS_PKCS11_C
- *
- * Enable wrapper for PKCS#11 smartcard support.
- *
- * Module:  library/pkcs11.c
- * Caller:  library/pk.c
- *
- * Requires: MBEDTLS_PK_C
- *
- * This module enables SSL/TLS PKCS #11 smartcard support.
- * Requires the presence of the PKCS#11 helper library (libpkcs11-helper)
- */
-//#define MBEDTLS_PKCS11_C
-
-/**
- * \def MBEDTLS_PKCS12_C
- *
- * Enable PKCS#12 PBE functions.
- * Adds algorithms for parsing PKCS#8 encrypted private keys
- *
- * Module:  library/pkcs12.c
- * Caller:  library/pkparse.c
- *
- * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C
- * Can use:  MBEDTLS_ARC4_C
- *
- * This module enables PKCS#12 functions.
- */
-#define MBEDTLS_PKCS12_C
-
-/**
- * \def MBEDTLS_PLATFORM_C
- *
- * Enable the platform abstraction layer that allows you to re-assign
- * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit().
- *
- * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT
- * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned
- * above to be specified at runtime or compile time respectively.
- *
- * \note This abstraction layer must be enabled on Windows (including MSYS2)
- * as other module rely on it for a fixed snprintf implementation.
- *
- * Module:  library/platform.c
- * Caller:  Most other .c files
- *
- * This module enables abstraction of common (libc) functions.
- */
-#define MBEDTLS_PLATFORM_C
-
-/**
- * \def MBEDTLS_POLY1305_C
- *
- * Enable the Poly1305 MAC algorithm.
- *
- * Module:  library/poly1305.c
- * Caller:  library/chachapoly.c
- */
-#define MBEDTLS_POLY1305_C
-
-/**
- * \def MBEDTLS_PSA_CRYPTO_C
- *
- * Enable the Platform Security Architecture cryptography API.
- *
- * Module:  library/psa_crypto.c
- *
- * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C
- *
- */
-#define MBEDTLS_PSA_CRYPTO_C
-
-/**
- * \def MBEDTLS_PSA_CRYPTO_STORAGE_C
- *
- * Enable the Platform Security Architecture persistent key storage.
- *
- * Module:  library/psa_crypto_storage.c
- *
- * Requires: MBEDTLS_PSA_CRYPTO_C,
- *           either MBEDTLS_PSA_ITS_FILE_C or a native implementation of
- *           the PSA ITS interface
- */
-#define MBEDTLS_PSA_CRYPTO_STORAGE_C
-
-/**
- * \def MBEDTLS_PSA_ITS_FILE_C
- *
- * Enable the emulation of the Platform Security Architecture
- * Internal Trusted Storage (PSA ITS) over files.
- *
- * Module:  library/psa_its_file.c
- *
- * Requires: MBEDTLS_FS_IO
- */
-#define MBEDTLS_PSA_ITS_FILE_C
-
-/**
- * \def MBEDTLS_RIPEMD160_C
- *
- * Enable the RIPEMD-160 hash algorithm.
- *
- * Module:  library/ripemd160.c
- * Caller:  library/md.c
- *
- */
-#define MBEDTLS_RIPEMD160_C
-
-/**
- * \def MBEDTLS_RSA_C
- *
- * Enable the RSA public-key cryptosystem.
- *
- * Module:  library/rsa.c
- *          library/rsa_internal.c
- * Caller:  library/ssl_cli.c
- *          library/ssl_srv.c
- *          library/ssl_tls.c
- *          library/x509.c
- *
- * This module is used by the following key exchanges:
- *      RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
- *
- * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C
- */
-#define MBEDTLS_RSA_C
-
-/**
- * \def MBEDTLS_SHA1_C
- *
- * Enable the SHA1 cryptographic hash algorithm.
- *
- * Module:  library/sha1.c
- * Caller:  library/md.c
- *          library/ssl_cli.c
- *          library/ssl_srv.c
- *          library/ssl_tls.c
- *          library/x509write_crt.c
- *
- * This module is required for SSL/TLS up to version 1.1, for TLS 1.2
- * depending on the handshake parameters, and for SHA1-signed certificates.
- *
- * \warning   SHA-1 is considered a weak message digest and its use constitutes
- *            a security risk. If possible, we recommend avoiding dependencies
- *            on it, and considering stronger message digests instead.
- *
- */
-#define MBEDTLS_SHA1_C
-
-/**
- * \def MBEDTLS_SHA256_C
- *
- * Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
- *
- * Module:  library/sha256.c
- * Caller:  library/entropy.c
- *          library/md.c
- *          library/ssl_cli.c
- *          library/ssl_srv.c
- *          library/ssl_tls.c
- *
- * This module adds support for SHA-224 and SHA-256.
- * This module is required for the SSL/TLS 1.2 PRF function.
- */
-#define MBEDTLS_SHA256_C
-
-/**
- * \def MBEDTLS_SHA512_C
- *
- * Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
- *
- * Module:  library/sha512.c
- * Caller:  library/entropy.c
- *          library/md.c
- *          library/ssl_cli.c
- *          library/ssl_srv.c
- *
- * This module adds support for SHA-384 and SHA-512.
- */
-#define MBEDTLS_SHA512_C
-
-/**
- * \def MBEDTLS_SSL_CACHE_C
- *
- * Enable simple SSL cache implementation.
- *
- * Module:  library/ssl_cache.c
- * Caller:
- *
- * Requires: MBEDTLS_SSL_CACHE_C
- */
-#define MBEDTLS_SSL_CACHE_C
-
-/**
- * \def MBEDTLS_SSL_COOKIE_C
- *
- * Enable basic implementation of DTLS cookies for hello verification.
- *
- * Module:  library/ssl_cookie.c
- * Caller:
- */
-#define MBEDTLS_SSL_COOKIE_C
-
-/**
- * \def MBEDTLS_SSL_TICKET_C
- *
- * Enable an implementation of TLS server-side callbacks for session tickets.
- *
- * Module:  library/ssl_ticket.c
- * Caller:
- *
- * Requires: MBEDTLS_CIPHER_C
- */
-#define MBEDTLS_SSL_TICKET_C
-
-/**
- * \def MBEDTLS_SSL_CLI_C
- *
- * Enable the SSL/TLS client code.
- *
- * Module:  library/ssl_cli.c
- * Caller:
- *
- * Requires: MBEDTLS_SSL_TLS_C
- *
- * This module is required for SSL/TLS client support.
- */
-#define MBEDTLS_SSL_CLI_C
-
-/**
- * \def MBEDTLS_SSL_SRV_C
- *
- * Enable the SSL/TLS server code.
- *
- * Module:  library/ssl_srv.c
- * Caller:
- *
- * Requires: MBEDTLS_SSL_TLS_C
- *
- * This module is required for SSL/TLS server support.
- */
-#define MBEDTLS_SSL_SRV_C
-
-/**
- * \def MBEDTLS_SSL_TLS_C
- *
- * Enable the generic SSL/TLS code.
- *
- * Module:  library/ssl_tls.c
- * Caller:  library/ssl_cli.c
- *          library/ssl_srv.c
- *
- * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C
- *           and at least one of the MBEDTLS_SSL_PROTO_XXX defines
- *
- * This module is required for SSL/TLS.
- */
-#define MBEDTLS_SSL_TLS_C
-
-/**
- * \def MBEDTLS_THREADING_C
- *
- * Enable the threading abstraction layer.
- * By default mbed TLS assumes it is used in a non-threaded environment or that
- * contexts are not shared between threads. If you do intend to use contexts
- * between threads, you will need to enable this layer to prevent race
- * conditions. See also our Knowledge Base article about threading:
- * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading
- *
- * Module:  library/threading.c
- *
- * This allows different threading implementations (self-implemented or
- * provided).
- *
- * You will have to enable either MBEDTLS_THREADING_ALT or
- * MBEDTLS_THREADING_PTHREAD.
- *
- * Enable this layer to allow use of mutexes within mbed TLS
- */
-//#define MBEDTLS_THREADING_C
-
-/**
- * \def MBEDTLS_TIMING_C
- *
- * Enable the semi-portable timing interface.
- *
- * \note The provided implementation only works on POSIX/Unix (including Linux,
- * BSD and OS X) and Windows. On other platforms, you can either disable that
- * module and provide your own implementations of the callbacks needed by
- * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide
- * your own implementation of the whole module by setting
- * \c MBEDTLS_TIMING_ALT in the current file.
- *
- * \note See also our Knowledge Base article about porting to a new
- * environment:
- * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
- *
- * Module:  library/timing.c
- * Caller:  library/havege.c
- *
- * This module is used by the HAVEGE random number generator.
- */
-#define MBEDTLS_TIMING_C
-
-/**
- * \def MBEDTLS_VERSION_C
- *
- * Enable run-time version information.
- *
- * Module:  library/version.c
- *
- * This module provides run-time version information.
- */
-#define MBEDTLS_VERSION_C
-
-/**
- * \def MBEDTLS_X509_USE_C
- *
- * Enable X.509 core for using certificates.
- *
- * Module:  library/x509.c
- * Caller:  library/x509_crl.c
- *          library/x509_crt.c
- *          library/x509_csr.c
- *
- * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C,
- *           MBEDTLS_PK_PARSE_C
- *
- * This module is required for the X.509 parsing modules.
- */
-#define MBEDTLS_X509_USE_C
-
-/**
- * \def MBEDTLS_X509_CRT_PARSE_C
- *
- * Enable X.509 certificate parsing.
- *
- * Module:  library/x509_crt.c
- * Caller:  library/ssl_cli.c
- *          library/ssl_srv.c
- *          library/ssl_tls.c
- *
- * Requires: MBEDTLS_X509_USE_C
- *
- * This module is required for X.509 certificate parsing.
- */
-#define MBEDTLS_X509_CRT_PARSE_C
-
-/**
- * \def MBEDTLS_X509_CRL_PARSE_C
- *
- * Enable X.509 CRL parsing.
- *
- * Module:  library/x509_crl.c
- * Caller:  library/x509_crt.c
- *
- * Requires: MBEDTLS_X509_USE_C
- *
- * This module is required for X.509 CRL parsing.
- */
-#define MBEDTLS_X509_CRL_PARSE_C
-
-/**
- * \def MBEDTLS_X509_CSR_PARSE_C
- *
- * Enable X.509 Certificate Signing Request (CSR) parsing.
- *
- * Module:  library/x509_csr.c
- * Caller:  library/x509_crt_write.c
- *
- * Requires: MBEDTLS_X509_USE_C
- *
- * This module is used for reading X.509 certificate request.
- */
-#define MBEDTLS_X509_CSR_PARSE_C
-
-/**
- * \def MBEDTLS_X509_CREATE_C
- *
- * Enable X.509 core for creating certificates.
- *
- * Module:  library/x509_create.c
- *
- * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C
- *
- * This module is the basis for creating X.509 certificates and CSRs.
- */
-#define MBEDTLS_X509_CREATE_C
-
-/**
- * \def MBEDTLS_X509_CRT_WRITE_C
- *
- * Enable creating X.509 certificates.
- *
- * Module:  library/x509_crt_write.c
- *
- * Requires: MBEDTLS_X509_CREATE_C
- *
- * This module is required for X.509 certificate creation.
- */
-#define MBEDTLS_X509_CRT_WRITE_C
-
-/**
- * \def MBEDTLS_X509_CSR_WRITE_C
- *
- * Enable creating X.509 Certificate Signing Requests (CSR).
- *
- * Module:  library/x509_csr_write.c
- *
- * Requires: MBEDTLS_X509_CREATE_C
- *
- * This module is required for X.509 certificate request writing.
- */
-#define MBEDTLS_X509_CSR_WRITE_C
-
-/**
- * \def MBEDTLS_XTEA_C
- *
- * Enable the XTEA block cipher.
- *
- * Module:  library/xtea.c
- * Caller:
- */
-#define MBEDTLS_XTEA_C
-
-/* \} name SECTION: mbed TLS modules */
-
-/**
- * \name SECTION: Module configuration options
- *
- * This section allows for the setting of module specific sizes and
- * configuration options. The default values are already present in the
- * relevant header files and should suffice for the regular use cases.
- *
- * Our advice is to enable options and change their values here
- * only if you have a good reason and know the consequences.
- *
- * Please check the respective header file for documentation on these
- * parameters (to prevent duplicate documentation).
- * \{
- */
-
-/* MPI / BIGNUM options */
-//#define MBEDTLS_MPI_WINDOW_SIZE            6 /**< Maximum windows size used. */
-//#define MBEDTLS_MPI_MAX_SIZE            1024 /**< Maximum number of bytes for usable MPIs. */
-
-/* CTR_DRBG options */
-//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN               48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
-//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL        10000 /**< Interval before reseed is performed by default */
-//#define MBEDTLS_CTR_DRBG_MAX_INPUT                256 /**< Maximum number of additional input bytes */
-//#define MBEDTLS_CTR_DRBG_MAX_REQUEST             1024 /**< Maximum number of requested bytes per call */
-//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT           384 /**< Maximum size of (re)seed buffer */
-//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY              /**< Use 128-bit key for CTR_DRBG - may reduce security (see ctr_drbg.h) */
-
-/* HMAC_DRBG options */
-//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL   10000 /**< Interval before reseed is performed by default */
-//#define MBEDTLS_HMAC_DRBG_MAX_INPUT           256 /**< Maximum number of additional input bytes */
-//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST        1024 /**< Maximum number of requested bytes per call */
-//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT      384 /**< Maximum size of (re)seed buffer */
-
-/* ECP options */
-//#define MBEDTLS_ECP_MAX_BITS             521 /**< Maximum bit size of groups */
-//#define MBEDTLS_ECP_WINDOW_SIZE            6 /**< Maximum window size used */
-//#define MBEDTLS_ECP_FIXED_POINT_OPTIM      1 /**< Enable fixed-point speed-up */
-
-/* Entropy options */
-//#define MBEDTLS_ENTROPY_MAX_SOURCES                20 /**< Maximum number of sources supported */
-//#define MBEDTLS_ENTROPY_MAX_GATHER                128 /**< Maximum amount requested from entropy sources */
-//#define MBEDTLS_ENTROPY_MIN_HARDWARE               32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
-
-/* Memory buffer allocator options */
-//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE      4 /**< Align on multiples of this value */
-
-/* Platform options */
-//#define MBEDTLS_PLATFORM_STD_MEM_HDR   <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
-//#define MBEDTLS_PLATFORM_STD_CALLOC        calloc /**< Default allocator to use, can be undefined */
-//#define MBEDTLS_PLATFORM_STD_FREE            free /**< Default free to use, can be undefined */
-//#define MBEDTLS_PLATFORM_STD_EXIT            exit /**< Default exit to use, can be undefined */
-//#define MBEDTLS_PLATFORM_STD_TIME            time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
-//#define MBEDTLS_PLATFORM_STD_FPRINTF      fprintf /**< Default fprintf to use, can be undefined */
-//#define MBEDTLS_PLATFORM_STD_PRINTF        printf /**< Default printf to use, can be undefined */
-/* Note: your snprintf must correctly zero-terminate the buffer! */
-//#define MBEDTLS_PLATFORM_STD_SNPRINTF    snprintf /**< Default snprintf to use, can be undefined */
-//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS       0 /**< Default exit value to use, can be undefined */
-//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE       1 /**< Default exit value to use, can be undefined */
-//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ   mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
-//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE  mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
-//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE  "seedfile" /**< Seed file to read/write with default implementation */
-
-/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
-/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
-//#define MBEDTLS_PLATFORM_CALLOC_MACRO        calloc /**< Default allocator macro to use, can be undefined */
-//#define MBEDTLS_PLATFORM_FREE_MACRO            free /**< Default free macro to use, can be undefined */
-//#define MBEDTLS_PLATFORM_EXIT_MACRO            exit /**< Default exit macro to use, can be undefined */
-//#define MBEDTLS_PLATFORM_TIME_MACRO            time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
-//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO       time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
-//#define MBEDTLS_PLATFORM_FPRINTF_MACRO      fprintf /**< Default fprintf macro to use, can be undefined */
-//#define MBEDTLS_PLATFORM_PRINTF_MACRO        printf /**< Default printf macro to use, can be undefined */
-/* Note: your snprintf must correctly zero-terminate the buffer! */
-//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO    snprintf /**< Default snprintf macro to use, can be undefined */
-//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO    vsnprintf /**< Default vsnprintf macro to use, can be undefined */
-//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO   mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
-//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO  mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
-
-/**
- * \brief       This macro is invoked by the library when an invalid parameter
- *              is detected that is only checked with MBEDTLS_CHECK_PARAMS
- *              (see the documentation of that option for context).
- *
- *              When you leave this undefined here, a default definition is
- *              provided that invokes the function mbedtls_param_failed(),
- *              which is declared in platform_util.h for the benefit of the
- *              library, but that you need to define in your application.
- *
- *              When you define this here, this replaces the default
- *              definition in platform_util.h (which no longer declares the
- *              function mbedtls_param_failed()) and it is your responsibility
- *              to make sure this macro expands to something suitable (in
- *              particular, that all the necessary declarations are visible
- *              from within the library - you can ensure that by providing
- *              them in this file next to the macro definition).
- *
- *              Note that you may define this macro to expand to nothing, in
- *              which case you don't have to worry about declarations or
- *              definitions. However, you will then be notified about invalid
- *              parameters only in non-void functions, and void function will
- *              just silently return early on invalid parameters, which
- *              partially negates the benefits of enabling
- *              #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged.
- *
- * \param cond  The expression that should evaluate to true, but doesn't.
- */
-//#define MBEDTLS_PARAM_FAILED( cond )               assert( cond )
-
-/* SSL Cache options */
-//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT       86400 /**< 1 day  */
-//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES      50 /**< Maximum entries in cache */
-
-/* SSL options */
-
-/** \def MBEDTLS_SSL_MAX_CONTENT_LEN
- *
- * Maximum length (in bytes) of incoming and outgoing plaintext fragments.
- *
- * This determines the size of both the incoming and outgoing TLS I/O buffers
- * in such a way that both are capable of holding the specified amount of
- * plaintext data, regardless of the protection mechanism used.
- *
- * To configure incoming and outgoing I/O buffers separately, use
- * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN,
- * which overwrite the value set by this option.
- *
- * \note When using a value less than the default of 16KB on the client, it is
- *       recommended to use the Maximum Fragment Length (MFL) extension to
- *       inform the server about this limitation. On the server, there
- *       is no supported, standardized way of informing the client about
- *       restriction on the maximum size of incoming messages, and unless
- *       the limitation has been communicated by other means, it is recommended
- *       to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN
- *       while keeping the default value of 16KB for the incoming buffer.
- *
- * Uncomment to set the maximum plaintext size of both
- * incoming and outgoing I/O buffers.
- */
-//#define MBEDTLS_SSL_MAX_CONTENT_LEN             16384
-
-/** \def MBEDTLS_SSL_IN_CONTENT_LEN
- *
- * Maximum length (in bytes) of incoming plaintext fragments.
- *
- * This determines the size of the incoming TLS I/O buffer in such a way
- * that it is capable of holding the specified amount of plaintext data,
- * regardless of the protection mechanism used.
- *
- * If this option is undefined, it inherits its value from
- * #MBEDTLS_SSL_MAX_CONTENT_LEN.
- *
- * \note When using a value less than the default of 16KB on the client, it is
- *       recommended to use the Maximum Fragment Length (MFL) extension to
- *       inform the server about this limitation. On the server, there
- *       is no supported, standardized way of informing the client about
- *       restriction on the maximum size of incoming messages, and unless
- *       the limitation has been communicated by other means, it is recommended
- *       to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN
- *       while keeping the default value of 16KB for the incoming buffer.
- *
- * Uncomment to set the maximum plaintext size of the incoming I/O buffer
- * independently of the outgoing I/O buffer.
- */
-//#define MBEDTLS_SSL_IN_CONTENT_LEN              16384
-
-/** \def MBEDTLS_SSL_OUT_CONTENT_LEN
- *
- * Maximum length (in bytes) of outgoing plaintext fragments.
- *
- * This determines the size of the outgoing TLS I/O buffer in such a way
- * that it is capable of holding the specified amount of plaintext data,
- * regardless of the protection mechanism used.
- *
- * If this option undefined, it inherits its value from
- * #MBEDTLS_SSL_MAX_CONTENT_LEN.
- *
- * It is possible to save RAM by setting a smaller outward buffer, while keeping
- * the default inward 16384 byte buffer to conform to the TLS specification.
- *
- * The minimum required outward buffer size is determined by the handshake
- * protocol's usage. Handshaking will fail if the outward buffer is too small.
- * The specific size requirement depends on the configured ciphers and any
- * certificate data which is sent during the handshake.
- *
- * Uncomment to set the maximum plaintext size of the outgoing I/O buffer
- * independently of the incoming I/O buffer.
- */
-//#define MBEDTLS_SSL_OUT_CONTENT_LEN             16384
-
-/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING
- *
- * Maximum number of heap-allocated bytes for the purpose of
- * DTLS handshake message reassembly and future message buffering.
- *
- * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN
- * to account for a reassembled handshake message of maximum size,
- * together with its reassembly bitmap.
- *
- * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default)
- * should be sufficient for all practical situations as it allows
- * to reassembly a large handshake message (such as a certificate)
- * while buffering multiple smaller handshake messages.
- *
- */
-//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING             32768
-
-//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME     86400 /**< Lifetime of session tickets (if enabled) */
-//#define MBEDTLS_PSK_MAX_LEN               32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
-//#define MBEDTLS_SSL_COOKIE_TIMEOUT        60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
-
-/**
- * Complete list of ciphersuites to use, in order of preference.
- *
- * \warning No dependency checking is done on that field! This option can only
- * be used to restrict the set of available ciphersuites. It is your
- * responsibility to make sure the needed modules are active.
- *
- * Use this to save a few hundred bytes of ROM (default ordering of all
- * available ciphersuites) and a few to a few hundred bytes of RAM.
- *
- * The value below is only an example, not the default.
- */
-//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
-
-/* X509 options */
-//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA   8   /**< Maximum number of intermediate CAs in a verification chain. */
-//#define MBEDTLS_X509_MAX_FILE_PATH_LEN     512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
-
-/**
- * Allow SHA-1 in the default TLS configuration for certificate signing.
- * Without this build-time option, SHA-1 support must be activated explicitly
- * through mbedtls_ssl_conf_cert_profile. Turning on this option is not
- * recommended because of it is possible to generate SHA-1 collisions, however
- * this may be safe for legacy infrastructure where additional controls apply.
- *
- * \warning   SHA-1 is considered a weak message digest and its use constitutes
- *            a security risk. If possible, we recommend avoiding dependencies
- *            on it, and considering stronger message digests instead.
- *
- */
-// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
-
-/**
- * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake
- * signature and ciphersuite selection. Without this build-time option, SHA-1
- * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes.
- * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by
- * default. At the time of writing, there is no practical attack on the use
- * of SHA-1 in handshake signatures, hence this option is turned on by default
- * to preserve compatibility with existing peers, but the general
- * warning applies nonetheless:
- *
- * \warning   SHA-1 is considered a weak message digest and its use constitutes
- *            a security risk. If possible, we recommend avoiding dependencies
- *            on it, and considering stronger message digests instead.
- *
- */
-#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
-
-/**
- * Uncomment the macro to let mbed TLS use your alternate implementation of
- * mbedtls_platform_zeroize(). This replaces the default implementation in
- * platform_util.c.
- *
- * mbedtls_platform_zeroize() is a widely used function across the library to
- * zero a block of memory. The implementation is expected to be secure in the
- * sense that it has been written to prevent the compiler from removing calls
- * to mbedtls_platform_zeroize() as part of redundant code elimination
- * optimizations. However, it is difficult to guarantee that calls to
- * mbedtls_platform_zeroize() will not be optimized by the compiler as older
- * versions of the C language standards do not provide a secure implementation
- * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to
- * configure their own implementation of mbedtls_platform_zeroize(), for
- * example by using directives specific to their compiler, features from newer
- * C standards (e.g using memset_s() in C11) or calling a secure memset() from
- * their system (e.g explicit_bzero() in BSD).
- */
-//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
-
-/**
- * Uncomment the macro to let Mbed TLS use your alternate implementation of
- * mbedtls_platform_gmtime_r(). This replaces the default implementation in
- * platform_util.c.
- *
- * gmtime() is not a thread-safe function as defined in the C standard. The
- * library will try to use safer implementations of this function, such as
- * gmtime_r() when available. However, if Mbed TLS cannot identify the target
- * system, the implementation of mbedtls_platform_gmtime_r() will default to
- * using the standard gmtime(). In this case, calls from the library to
- * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex
- * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the
- * library are also guarded with this mutex to avoid race conditions. However,
- * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will
- * unconditionally use the implementation for mbedtls_platform_gmtime_r()
- * supplied at compile time.
- */
-//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
-
-/* \} name SECTION: Customisation configuration options */
-
-/* Target and application specific configurations
- *
- * Allow user to override any previous default.
- *
- */
-#if defined(MBEDTLS_USER_CONFIG_FILE)
-#include MBEDTLS_USER_CONFIG_FILE
-#endif
-
-#include "mbedtls/check_config.h"
-
-#endif /* MBEDTLS_CONFIG_H */
diff --git a/3rdparty/mbedtls-2.25.0/configs/config-thread.h b/3rdparty/mbedtls-2.25.0/configs/config-thread.h
deleted file mode 100644
index 47dd5e2..0000000
--- a/3rdparty/mbedtls-2.25.0/configs/config-thread.h
+++ /dev/null
@@ -1,92 +0,0 @@
-/**
- * \file config-thread.h
- *
- * \brief Minimal configuration for using TLS as part of Thread
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- * Minimal configuration for using TLS a part of Thread
- * http://threadgroup.org/
- *
- * Distinguishing features:
- * - no RSA or classic DH, fully based on ECC
- * - no X.509
- * - support for experimental EC J-PAKE key exchange
- *
- * See README.txt for usage instructions.
- */
-
-#ifndef MBEDTLS_CONFIG_H
-#define MBEDTLS_CONFIG_H
-
-/* System support */
-#define MBEDTLS_HAVE_ASM
-
-/* mbed TLS feature support */
-#define MBEDTLS_AES_ROM_TABLES
-#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
-#define MBEDTLS_ECP_NIST_OPTIM
-#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
-#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
-#define MBEDTLS_SSL_PROTO_TLS1_2
-#define MBEDTLS_SSL_PROTO_DTLS
-#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
-#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
-#define MBEDTLS_SSL_EXPORT_KEYS
-
-/* mbed TLS modules */
-#define MBEDTLS_AES_C
-#define MBEDTLS_ASN1_PARSE_C
-#define MBEDTLS_ASN1_WRITE_C
-#define MBEDTLS_BIGNUM_C
-#define MBEDTLS_CCM_C
-#define MBEDTLS_CIPHER_C
-#define MBEDTLS_CTR_DRBG_C
-#define MBEDTLS_CMAC_C
-#define MBEDTLS_ECJPAKE_C
-#define MBEDTLS_ECP_C
-#define MBEDTLS_ENTROPY_C
-#define MBEDTLS_HMAC_DRBG_C
-#define MBEDTLS_MD_C
-#define MBEDTLS_OID_C
-#define MBEDTLS_PK_C
-#define MBEDTLS_PK_PARSE_C
-#define MBEDTLS_SHA256_C
-#define MBEDTLS_SSL_COOKIE_C
-#define MBEDTLS_SSL_CLI_C
-#define MBEDTLS_SSL_SRV_C
-#define MBEDTLS_SSL_TLS_C
-
-/* For tests using ssl-opt.sh */
-#define MBEDTLS_NET_C
-#define MBEDTLS_TIMING_C
-
-/* Save RAM at the expense of ROM */
-#define MBEDTLS_AES_ROM_TABLES
-
-/* Save RAM by adjusting to our exact needs */
-#define MBEDTLS_ECP_MAX_BITS             256
-#define MBEDTLS_MPI_MAX_SIZE              32 // 256 bits is 32 bytes
-
-/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */
-#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
-
-#include "mbedtls/check_config.h"
-
-#endif /* MBEDTLS_CONFIG_H */
diff --git a/3rdparty/mbedtls-2.25.0/docs/.gitignore b/3rdparty/mbedtls-2.25.0/docs/.gitignore
deleted file mode 100644
index 33ae5ac..0000000
--- a/3rdparty/mbedtls-2.25.0/docs/.gitignore
+++ /dev/null
@@ -1,3 +0,0 @@
-*.html
-*.pdf
-!PSACryptoDriverModelSpec.pdf
diff --git a/3rdparty/mbedtls-2.25.0/docs/PSACryptoDriverModelSpec.pdf b/3rdparty/mbedtls-2.25.0/docs/PSACryptoDriverModelSpec.pdf
deleted file mode 100644
index cf11380..0000000
Binary files a/3rdparty/mbedtls-2.25.0/docs/PSACryptoDriverModelSpec.pdf and /dev/null differ
diff --git a/3rdparty/mbedtls-2.25.0/docs/architecture/mbed-crypto-storage-specification.md b/3rdparty/mbedtls-2.25.0/docs/architecture/mbed-crypto-storage-specification.md
deleted file mode 100644
index 914bca3..0000000
--- a/3rdparty/mbedtls-2.25.0/docs/architecture/mbed-crypto-storage-specification.md
+++ /dev/null
@@ -1,316 +0,0 @@
-Mbed Crypto storage specification
-=================================
-
-This document specifies how Mbed Crypto uses storage.
-
-Mbed Crypto may be upgraded on an existing device with the storage preserved. Therefore:
-
-1. Any change may break existing installations and may require an upgrade path.
-1. This document retains historical information about all past released versions. Do not remove information from this document unless it has always been incorrect or it is about a version that you are sure was never released.
-
-Mbed Crypto 0.1.0
------------------
-
-Tags: mbedcrypto-0.1.0b, mbedcrypto-0.1.0b2
-
-Released in November 2018. <br>
-Integrated in Mbed OS 5.11.
-
-Supported backends:
-
-* [PSA ITS](#file-namespace-on-its-for-0.1.0)
-* [C stdio](#file-namespace-on-stdio-for-0.1.0)
-
-Supported features:
-
-* [Persistent transparent keys](#key-file-format-for-0.1.0) designated by a [slot number](#key-names-for-0.1.0).
-* [Nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.1.0) on ITS only.
-
-This is a beta release, and we do not promise backward compatibility, with one exception:
-
-> On Mbed OS, if a device has a nonvolatile random seed file produced with Mbed OS 5.11.x and is upgraded to a later version of Mbed OS, the nonvolatile random seed file is preserved or upgraded.
-
-We do not make any promises regarding key storage, or regarding the nonvolatile random seed file on other platforms.
-
-### Key names for 0.1.0
-
-Information about each key is stored in a dedicated file whose name is constructed from the key identifier. The way in which the file name is constructed depends on the storage backend. The content of the file is described [below](#key-file-format-for-0.1.0).
-
-The valid values for a key identifier are the range from 1 to 0xfffeffff. This limitation on the range is not documented in user-facing documentation: according to the user-facing documentation, arbitrary 32-bit values are valid.
-
-The code uses the following constant in an internal header (note that despite the name, this value is actually one plus the maximum permitted value):
-
-    #define PSA_MAX_PERSISTENT_KEY_IDENTIFIER 0xffff0000
-
-There is a shared namespace for all callers.
-
-### Key file format for 0.1.0
-
-All integers are encoded in little-endian order in 8-bit bytes.
-
-The layout of a key file is:
-
-* magic (8 bytes): `"PSA\0KEY\0"`
-* version (4 bytes): 0
-* type (4 bytes): `psa_key_type_t` value
-* policy usage flags (4 bytes): `psa_key_usage_t` value
-* policy usage algorithm (4 bytes): `psa_algorithm_t` value
-* key material length (4 bytes)
-* key material: output of `psa_export_key`
-* Any trailing data is rejected on load.
-
-### Nonvolatile random seed file format for 0.1.0
-
-The nonvolatile random seed file contains a seed for the random generator. If present, it is rewritten at each boot as part of the random generator initialization.
-
-The file format is just the seed as a byte string with no metadata or encoding of any kind.
-
-### File namespace on ITS for 0.1.0
-
-Assumption: ITS provides a 32-bit file identifier namespace. The Crypto service can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace.
-
-* File 0: unused.
-* Files 1 through 0xfffeffff: [content](#key-file-format-for-0.1.0) of the [key whose identifier is the file identifier](#key-names-for-0.1.0).
-* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.1.0).
-* Files 0xffff0000 through 0xffffff51, 0xffffff53 through 0xffffffff: unused.
-
-### File namespace on stdio for 0.1.0
-
-Assumption: C stdio, allowing names containing lowercase letters, digits and underscores, of length up to 23.
-
-An undocumented build-time configuration value `CRYPTO_STORAGE_FILE_LOCATION` allows storing the key files in a directory other than the current directory. This value is simply prepended to the file name (so it must end with a directory separator to put the keys in a different directory).
-
-* `CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_0"`: used as a temporary file. Must be writable. May be overwritten or deleted if present.
-* `sprintf(CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_%lu", key_id)` [content](#key-file-format-for-0.1.0) of the [key whose identifier](#key-names-for-0.1.0) is `key_id`.
-* Other files: unused.
-
-Mbed Crypto 1.0.0
------------------
-
-Tags: mbedcrypto-1.0.0d4, mbedcrypto-1.0.0
-
-Released in February 2019. <br>
-Integrated in Mbed OS 5.12.
-
-Supported integrations:
-
-* [PSA platform](#file-namespace-on-a-psa-platform-for-1.0.0)
-* [library using PSA ITS](#file-namespace-on-its-as-a-library-for-1.0.0)
-* [library using C stdio](#file-namespace-on-stdio-for-1.0.0)
-
-Supported features:
-
-* [Persistent transparent keys](#key-file-format-for-1.0.0) designated by a [key identifier and owner](#key-names-for-1.0.0).
-* [Nonvolatile random seed](#nonvolatile-random-seed-file-format-for-1.0.0) on ITS only.
-
-Backward compatibility commitments: TBD
-
-### Key names for 1.0.0
-
-Information about each key is stored in a dedicated file designated by the key identifier. In integrations where there is no concept of key owner (in particular, in library integrations), the key identifier is exactly the key identifier as defined in the PSA Cryptography API specification (`psa_key_id_t`). In integrations where there is a concept of key owner (integration into a service for example), the key identifier is made of an owner identifier (its semantics and type are integration specific) and of the key identifier (`psa_key_id_t`) from the key owner point of view.
-
-The way in which the file name is constructed from the key identifier depends on the storage backend. The content of the file is described [below](#key-file-format-for-1.0.0).
-
-* Library integration: the key file name is just the key identifier as defined in the PSA crypto specification. This is a 32-bit value.
-* PSA service integration: the key file name is `(uint32_t)owner_uid << 32 | key_id` where `key_id` is the key identifier from the owner point of view and `owner_uid` (of type `int32_t`) is the calling partition identifier provided to the server by the partition manager. This is a 64-bit value.
-
-### Key file format for 1.0.0
-
-The layout is identical to [0.1.0](#key-file-format-for-0.1.0) so far. However note that the encoding of key types, algorithms and key material has changed, therefore the storage format is not compatible (despite using the same value in the version field so far).
-
-### Nonvolatile random seed file format for 1.0.0
-
-[Identical to 0.1.0](#nonvolatile-random-seed-file-format-for-0.1.0).
-
-### File namespace on a PSA platform for 1.0.0
-
-Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace.
-
-Assumption: the owner identifier is a nonzero value of type `int32_t`.
-
-* Files 0 through 0xffffff51, 0xffffff53 through 0xffffffff: unused, reserved for internal use of the crypto library or crypto service.
-* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.1.0).
-* Files 0x100000000 through 0xffffffffffff: [content](#key-file-format-for-1.0.0) of the [key whose identifier is the file identifier](#key-names-for-1.0.0). The upper 32 bits determine the owner.
-
-### File namespace on ITS as a library for 1.0.0
-
-Assumption: ITS provides a 64-bit file identifier namespace. The entity using the crypto library can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace.
-
-This is a library integration, so there is no owner. The key file identifier is identical to the key identifier.
-
-* File 0: unused.
-* Files 1 through 0xfffeffff: [content](#key-file-format-for-1.0.0) of the [key whose identifier is the file identifier](#key-names-for-1.0.0).
-* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-1.0.0).
-* Files 0xffff0000 through 0xffffff51, 0xffffff53 through 0xffffffff, 0x100000000 through 0xffffffffffffffff: unused.
-
-### File namespace on stdio for 1.0.0
-
-This is a library integration, so there is no owner. The key file identifier is identical to the key identifier.
-
-[Identical to 0.1.0](#file-namespace-on-stdio-for-0.1.0).
-
-### Upgrade from 0.1.0 to 1.0.0.
-
-* Delete files 1 through 0xfffeffff, which contain keys in a format that is no longer supported.
-
-### Suggested changes to make before 1.0.0
-
-The library integration and the PSA platform integration use different sets of file names. This is annoyingly non-uniform. For example, if we want to store non-key files, we have room in different ranges (0 through 0xffffffff on a PSA platform, 0xffff0000 through 0xffffffffffffffff in a library integration).
-
-It would simplify things to always have a 32-bit owner, with a nonzero value, and thus reserve the range 0–0xffffffff for internal library use.
-
-Mbed Crypto 1.1.0
------------------
-
-Tags: mbedcrypto-1.1.0
-
-Released in early June 2019. <br>
-Integrated in Mbed OS 5.13.
-
-Identical to [1.0.0](#mbed-crypto-1.0.0) except for some changes in the key file format.
-
-### Key file format for 1.1.0
-
-The key file format is identical to [1.0.0](#key-file-format-for-1.0.0), except for the following changes:
-
-* A new policy field, marked as [NEW:1.1.0] below.
-* The encoding of key types, algorithms and key material has changed, therefore the storage format is not compatible (despite using the same value in the version field so far).
-
-A self-contained description of the file layout follows.
-
-All integers are encoded in little-endian order in 8-bit bytes.
-
-The layout of a key file is:
-
-* magic (8 bytes): `"PSA\0KEY\0"`
-* version (4 bytes): 0
-* type (4 bytes): `psa_key_type_t` value
-* policy usage flags (4 bytes): `psa_key_usage_t` value
-* policy usage algorithm (4 bytes): `psa_algorithm_t` value
-* policy enrollment algorithm (4 bytes): `psa_algorithm_t` value [NEW:1.1.0]
-* key material length (4 bytes)
-* key material: output of `psa_export_key`
-* Any trailing data is rejected on load.
-
-Mbed Crypto TBD
----------------
-
-Tags: TBD
-
-Released in TBD 2019. <br>
-Integrated in Mbed OS TBD.
-
-### Changes introduced in TBD
-
-* The layout of a key file now has a lifetime field before the type field.
-* Key files can store references to keys in a secure element. In such key files, the key material contains the slot number.
-
-### File namespace on a PSA platform on TBD
-
-Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace.
-
-Assumption: the owner identifier is a nonzero value of type `int32_t`.
-
-* Files 0 through 0xfffeffff: unused.
-* Files 0xffff0000 through 0xffffffff: reserved for internal use of the crypto library or crypto service. See [non-key files](#non-key-files-on-tbd).
-* Files 0x100000000 through 0xffffffffffff: [content](#key-file-format-for-1.0.0) of the [key whose identifier is the file identifier](#key-names-for-1.0.0). The upper 32 bits determine the owner.
-
-### File namespace on ITS as a library on TBD
-
-Assumption: ITS provides a 64-bit file identifier namespace. The entity using the crypto library can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace.
-
-This is a library integration, so there is no owner. The key file identifier is identical to the key identifier.
-
-* File 0: unused.
-* Files 1 through 0xfffeffff: [content](#key-file-format-for-1.0.0) of the [key whose identifier is the file identifier](#key-names-for-1.0.0).
-* Files 0xffff0000 through 0xffffffff: reserved for internal use of the crypto library or crypto service. See [non-key files](#non-key-files-on-tbd).
-* Files 0x100000000 through 0xffffffffffffffff: unused.
-
-### Non-key files on TBD
-
-File identifiers in the range 0xffff0000 through 0xffffffff are reserved for internal use in Mbed Crypto.
-
-* Files 0xfffffe02 through 0xfffffeff (`PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + lifetime`): secure element driver storage. The content of the file is the secure element driver's persistent data.
-* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-1.0.0).
-* File 0xffffff54 (`PSA_CRYPTO_ITS_TRANSACTION_UID`): [transaction file](#transaction-file-format-for-tbd).
-* Other files are unused and reserved for future use.
-
-### Key file format for TBD
-
-All integers are encoded in little-endian order in 8-bit bytes except where otherwise indicated.
-
-The layout of a key file is:
-
-* magic (8 bytes): `"PSA\0KEY\0"`.
-* version (4 bytes): 0.
-* lifetime (4 bytes): `psa_key_lifetime_t` value.
-* type (4 bytes): `psa_key_type_t` value.
-* policy usage flags (4 bytes): `psa_key_usage_t` value.
-* policy usage algorithm (4 bytes): `psa_algorithm_t` value.
-* policy enrollment algorithm (4 bytes): `psa_algorithm_t` value.
-* key material length (4 bytes).
-* key material:
-    * For a transparent key: output of `psa_export_key`.
-    * For an opaque key (unified driver interface): driver-specific opaque key blob.
-    * For an opaque key (key in a secure element): slot number (8 bytes), in platform endianness.
-* Any trailing data is rejected on load.
-
-### Transaction file format for TBD
-
-The transaction file contains data about an ongoing action that cannot be completed atomically. It exists only if there is an ongoing transaction.
-
-All integers are encoded in platform endianness.
-
-All currently existing transactions concern a key in a secure element.
-
-The layout of a transaction file is:
-
-* type (2 bytes): the [transaction type](#transaction-types-on-tbd).
-* unused (2 bytes)
-* lifetime (4 bytes): `psa_key_lifetime_t` value that corresponds to a key in a secure element.
-* slot number (8 bytes): `psa_key_slot_number_t` value. This is the unique designation of the key for the secure element driver.
-* key identifier (4 bytes in a library integration, 8 bytes on a PSA platform): the internal representation of the key identifier. On a PSA platform, this encodes the key owner in the same way as [in file identifiers for key files](#file-namespace-on-a-psa-platform-on-tbd)).
-
-#### Transaction types on TBD
-
-* 0x0001: key creation. The following locations may or may not contain data about the key that is being created:
-    * The slot in the secure element designated by the slot number.
-    * The file containing the key metadata designated by the key identifier.
-    * The driver persistent data.
-* 0x0002: key destruction. The following locations may or may not still contain data about the key that is being destroyed:
-    * The slot in the secure element designated by the slot number.
-    * The file containing the key metadata designated by the key identifier.
-    * The driver persistent data.
-
-Mbed Crypto TBD
----------------
-
-Tags: TBD
-
-Released in TBD 2020. <br>
-Integrated in Mbed OS TBD.
-
-### Changes introduced in TBD
-
-* The type field has been split into a type and a bits field of 2 bytes each.
-
-### Key file format for TBD
-
-All integers are encoded in little-endian order in 8-bit bytes except where otherwise indicated.
-
-The layout of a key file is:
-
-* magic (8 bytes): `"PSA\0KEY\0"`.
-* version (4 bytes): 0.
-* lifetime (4 bytes): `psa_key_lifetime_t` value.
-* type (2 bytes): `psa_key_type_t` value.
-* bits (2 bytes): `psa_key_bits_t` value.
-* policy usage flags (4 bytes): `psa_key_usage_t` value.
-* policy usage algorithm (4 bytes): `psa_algorithm_t` value.
-* policy enrollment algorithm (4 bytes): `psa_algorithm_t` value.
-* key material length (4 bytes).
-* key material:
-    * For a transparent key: output of `psa_export_key`.
-    * For an opaque key (unified driver interface): driver-specific opaque key blob.
-    * For an opaque key (key in a secure element): slot number (8 bytes), in platform endianness.
-* Any trailing data is rejected on load.
diff --git a/3rdparty/mbedtls-2.25.0/docs/architecture/testing/driver-interface-test-strategy.md b/3rdparty/mbedtls-2.25.0/docs/architecture/testing/driver-interface-test-strategy.md
deleted file mode 100644
index d6769da..0000000
--- a/3rdparty/mbedtls-2.25.0/docs/architecture/testing/driver-interface-test-strategy.md
+++ /dev/null
@@ -1,115 +0,0 @@
-# Mbed Crypto driver interface test strategy
-
-This document describes the test strategy for the driver interfaces in Mbed Crypto. Mbed Crypto has interfaces for secure element drivers, accelerator drivers and entropy drivers. This document is about testing Mbed Crypto itself; testing drivers is out of scope.
-
-The driver interfaces are standardized through PSA Cryptography functional specifications.
-
-## Secure element driver interface
-
-The secure element driver interface (SE interface for short) is defined by [`psa/crypto_se_driver.h`](../../../include/psa/crypto_se_driver.h). This is an interface between Mbed Crypto and one or more third-party drivers.
-
-The SE interface consists of one function provided by Mbed Crypto (`psa_register_se_driver`) and many functions that drivers must implement. To make a driver usable by Mbed Crypto, the initialization code must call `psa_register_se_driver` with a structure that describes the driver. The structure mostly contains function pointers, pointing to the driver's methods. All calls to a driver function are triggered by a call to a PSA crypto API function.
-
-### SE driver interface unit tests
-
-This section describes unit tests that must be implemented to validate the secure element driver interface. Note that a test case may cover multiple requirements; for example a “good case” test can validate that the proper function is called, that it receives the expected inputs and that it produces the expected outputs.
-
-Many SE driver interface unit tests could be covered by running the existing API tests with a key in a secure element.
-
-#### SE driver registration
-
-* Test `psa_register_se_driver` with valid and with invalid arguments.
-* Make at least one failing call to `psa_register_se_driver` followed by a successful call.
-* Make at least one test that successfully registers the maximum number of drivers and fails to register one more.
-
-#### Dispatch to SE driver
-
-For each API function that can lead to a driver call (more precisely, for each driver method call site, but this is practically equivalent):
-
-* Make at least one test with a key in a secure element that checks that the driver method is called. A few API functions involve multiple driver methods; these should validate that all the expected driver methods are called.
-* Make at least one test with a key that is not in a secure element that checks that the driver method is not called.
-* Make at least one test with a key in a secure element with a driver that does not have the requisite method (i.e. the method pointer is `NULL`) but has the substructure containing that method, and check that the return value is `PSA_ERROR_NOT_SUPPORTED`.
-* Make at least one test with a key in a secure element with a driver that does not have the substructure containing that method (i.e. the pointer to the substructure is `NULL`), and check that the return value is `PSA_ERROR_NOT_SUPPORTED`.
-* At least one test should register multiple drivers with a key in each driver and check that the expected driver is called. This does not need to be done for all operations (use a white-box approach to determine if operations may use different code paths to choose the driver).
-* At least one test should register the same driver structure with multiple lifetime values and check that the driver receives the expected lifetime value.
-
-Some methods only make sense as a group (for example a driver that provides the MAC methods must provide all or none). In those cases, test with all of them null and none of them null.
-
-#### SE driver inputs
-
-For each API function that can lead to a driver call (more precisely, for each driver method call site, but this is practically equivalent):
-
-* Wherever the specification guarantees parameters that satisfy certain preconditions, check these preconditions whenever practical.
-* If the API function can take parameters that are invalid and must not reach the driver, call the API function with such parameters and verify that the driver method is not called.
-* Check that the expected inputs reach the driver. This may be implicit in a test that checks the outputs if the only realistic way to obtain the correct outputs is to start from the expected inputs (as is often the case for cryptographic material, but not for metadata).
-
-#### SE driver outputs
-
-For each API function that leads to a driver call, call it with parameters that cause a driver to be invoked and check how Mbed Crypto handles the outputs.
-
-* Correct outputs.
-* Incorrect outputs such as an invalid output length.
-* Expected errors (e.g. `PSA_ERROR_INVALID_SIGNATURE` from a signature verification method).
-* Unexpected errors. At least test that if the driver returns `PSA_ERROR_GENERIC_ERROR`, this is propagated correctly.
-
-Key creation functions invoke multiple methods and need more complex error handling:
-
-* Check the consequence of errors detected at each stage (slot number allocation or validation, key creation method, storage accesses).
-* Check that the storage ends up in the expected state. At least make sure that no intermediate file remains after a failure.
-
-#### Persistence of SE keys
-
-The following tests must be performed at least one for each key creation method (import, generate, ...).
-
-* Test that keys in a secure element survive `psa_close_key(); psa_open_key()`.
-* Test that keys in a secure element survive `mbedtls_psa_crypto_free(); psa_crypto_init()`.
-* Test that the driver's persistent data survives `mbedtls_psa_crypto_free(); psa_crypto_init()`.
-* Test that `psa_destroy_key()` does not leave any trace of the key.
-
-#### Resilience for SE drivers
-
-Creating or removing a key in a secure element involves multiple storage modifications (M<sub>1</sub>, ..., M<sub>n</sub>). If the operation is interrupted by a reset at any point, it must be either rolled back or completed.
-
-* For each potential interruption point (before M<sub>1</sub>, between M<sub>1</sub> and M<sub>2</sub>, ..., after M<sub>n</sub>), call `mbedtls_psa_crypto_free(); psa_crypto_init()` at that point and check that this either rolls back or completes the operation that was started.
-* This must be done for each key creation method and for key destruction.
-* This must be done for each possible flow, including error cases (e.g. a key creation that fails midway due to `OUT_OF_MEMORY`).
-* The recovery during `psa_crypto_init` can itself be interrupted. Test those interruptions too.
-* Two things need to be tested: the key that is being created or destroyed, and the driver's persistent storage.
-* Check both that the storage has the expected content (this can be done by e.g. using a key that is supposed to be present) and does not have any unexpected content (for keys, this can be done by checking that `psa_open_key` fails with `PSA_ERRROR_DOES_NOT_EXIST`).
-
-This requires instrumenting the storage implementation, either to force it to fail at each point or to record successive storage states and replay each of them. Each `psa_its_xxx` function call is assumed to be atomic.
-
-### SE driver system tests
-
-#### Real-world use case
-
-We must have at least one driver that is close to real-world conditions:
-
-* With its own source tree.
-* Running on actual hardware.
-* Run the full driver validation test suite (which does not yet exist).
-* Run at least one test application (e.g. the Mbed OS TLS example).
-
-This requirement shall be fulfilled by the [Microchip ATECC508A driver](https://github.com/ARMmbed/mbed-os-atecc608a/).
-
-#### Complete driver
-
-We should have at least one driver that covers the whole interface:
-
-* With its own source tree.
-* Implementing all the methods.
-* Run the full driver validation test suite (which does not yet exist).
-
-A PKCS#11 driver would be a good candidate. It would be useful as part of our product offering.
-
-## Accelerator driver interface
-
-The accelerator driver interface is defined by [`psa/crypto_accel_driver.h`](../../../include/psa/crypto_accel_driver.h).
-
-TODO
-
-## Entropy driver interface
-
-The entropy driver interface is defined by [`psa/crypto_entropy_driver.h`](../../../include/psa/crypto_entropy_driver.h).
-
-TODO
diff --git a/3rdparty/mbedtls-2.25.0/docs/architecture/testing/invasive-testing.md b/3rdparty/mbedtls-2.25.0/docs/architecture/testing/invasive-testing.md
deleted file mode 100644
index de611a5..0000000
--- a/3rdparty/mbedtls-2.25.0/docs/architecture/testing/invasive-testing.md
+++ /dev/null
@@ -1,367 +0,0 @@
-# Mbed TLS invasive testing strategy
-
-## Introduction
-
-In Mbed TLS, we use black-box testing as much as possible: test the documented behavior of the product, in a realistic environment. However this is not always sufficient.
-
-The goal of this document is to identify areas where black-box testing is insufficient and to propose solutions.
-
-This is a test strategy document, not a test plan. A description of exactly what is tested is out of scope.
-
-This document is structured as follows:
-
-* [“Rules”](#rules) gives general rules and is written for brevity.
-* [“Requirements”](#requirements) explores the reasons why invasive testing is needed and how it should be done.
-* [“Possible approaches”](#possible-approaches) discusses some general methods for non-black-box testing.
-* [“Solutions”](#solutions) explains how we currently solve, or intend to solve, specific problems.
-
-### TLS
-
-This document currently focuses on data structure manipulation and storage, which is what the crypto/keystore and X.509 parts of the library are about. More work is needed to fully take TLS into account.
-
-## Rules
-
-Always follow these rules unless you have a good reason not to. If you deviate, document the rationale somewhere.
-
-See the section [“Possible approaches”](#possible-approaches) for a rationale.
-
-### Interface design for testing
-
-Do not add test-specific interfaces if there's a practical way of doing it another way. All public interfaces should be useful in at least some configurations. Features with a significant impact on the code size or attack surface should have a compile-time guard.
-
-### Reliance on internal details
-
-In unit tests and in test programs, it's ok to include header files from `library/`. Do not define non-public interfaces in public headers (`include/mbedtls` has `*_internal.h` headers for legacy reasons, but this approach is deprecated). In contrast, sample programs must not include header files from `library/`.
-
-Sometimes it makes sense to have unit tests on functions that aren't part of the public API. Declare such functions in `library/*.h` and include the corresponding header in the test code. If the function should be `static` for optimization but can't be `static` for testing, declare it as `MBEDTLS_STATIC_TESTABLE`, and make the tests that use it depend on `MBEDTLS_TEST_HOOKS` (see [“rules for compile-time options”](#rules-for-compile-time-options)).
-
-If test code or test data depends on internal details of the library and not just on its documented behavior, add a comment in the code that explains the dependency. For example:
-
-> ```
-> /* This test file is specific to the ITS implementation in PSA Crypto
->  * on top of stdio. It expects to know what the stdio name of a file is
->  * based on its keystore name.
->  */
-> ```
-
-> ```
-> # This test assumes that PSA_MAX_KEY_BITS (currently 65536-8 bits = 8191 bytes
-> # and not expected to be raised any time soon) is less than the maximum
-> # output from HKDF-SHA512 (255*64 = 16320 bytes).
-> ```
-
-### Rules for compile-time options
-
-If the most practical way to test something is to add code to the product that is only useful for testing, do so, but obey the following rules. For more information, see the [rationale](#guidelines-for-compile-time-options).
-
-* **Only use test-specific code when necessary.** Anything that can be tested through the documented API must be tested through the documented API.
-* **Test-specific code must be guarded by `#if defined(MBEDTLS_TEST_HOOKS)`**. Do not create fine-grained guards for test-specific code.
-* **Do not use `MBEDTLS_TEST_HOOKS` for security checks or assertions.** Security checks belong in the product.
-* **Merely defining `MBEDTLS_TEST_HOOKS` must not change the behavior**. It may define extra functions. It may add fields to structures, but if so, make it very clear that these fields have no impact on non-test-specific fields.
-* **Where tests must be able to change the behavior, do it by function substitution.** See [“rules for function substitution”](#rules-for-function-substitution) for more details.
-
-#### Rules for function substitution
-
-This section explains how to replace a library function `mbedtls_foo()` by alternative code for test purposes. That is, library code calls `mbedtls_foo()`, and there is a mechanism to arrange for these calls to invoke different code.
-
-Often `mbedtls_foo` is a macro which is defined to be a system function (like `mbedtls_calloc` or `mbedtls_fopen`), which we replace to mock or wrap the system function. This is useful to simulate I/O failure, for example. Note that if the macro can be replaced at compile time to support alternative platforms, the test code should be compatible with this compile-time configuration so that it works on these alternative platforms as well.
-
-Sometimes the substitutable function is a `static inline` function that does nothing (not a macro, to avoid accidentally skipping side effects in its parameters), to provide a hook for test code; such functions should have a name that starts with the prefix `mbedtls_test_hook_`. In such cases, the function should generally not modify its parameters, so any pointer argument should be const. The function should return void.
-
-With `MBEDTLS_TEST_HOOKS` set, `mbedtls_foo` is a global variable of function pointer type. This global variable is initialized to the system function, or to a function that does nothing. The global variable is defined in a header in the `library` directory such as `psa_crypto_invasive.h`. This is similar to the platform function configuration mechanism with `MBEDTLS_PLATFORM_xxx_ALT`.
-
-In unit test code that needs to modify the internal behavior:
-
-* The test function (or the whole test file) must depend on `MBEDTLS_TEST_HOOKS`.
-* At the beginning of the test function, set the global function pointers to the desired value.
-* In the test function's cleanup code, restore the global function pointers to their default value.
-
-## Requirements
-
-### General goals
-
-We need to balance the following goals, which are sometimes contradictory.
-
-* Coverage: we need to test behaviors which are not easy to trigger by using the API or which cannot be triggered deterministically, for example I/O failures.
-* Correctness: we want to test the actual product, not a modified version, since conclusions drawn from a test of a modified product may not apply to the real product.
-* Effacement: the product should not include features that are solely present for test purposes, since these increase the attack surface and the code size.
-* Portability: tests should work on every platform. Skipping tests on certain platforms may hide errors that are only apparent on such platforms.
-* Maintainability: tests should only enforce the documented behavior of the product, to avoid extra work when the product's internal or implementation-specific behavior changes. We should also not give the impression that whatever the tests check is guaranteed behavior of the product which cannot change in future versions.
-
-Where those goals conflict, we should at least mitigate the goals that cannot be fulfilled, and document the architectural choices and their rationale.
-
-### Problem areas
-
-#### Allocation
-
-Resource allocation can fail, but rarely does so in a typical test environment. How does the product cope if some allocations fail?
-
-Resources include:
-
-* Memory.
-* Files in storage (PSA API only — in the Mbed TLS API, black-box unit tests are sufficient).
-* Key slots (PSA API only).
-* Key slots in a secure element (PSA SE HAL).
-* Communication handles (PSA crypto service only).
-
-#### Storage
-
-Storage can fail, either due to hardware errors or to active attacks on trusted storage. How does the code cope if some storage accesses fail?
-
-We also need to test resilience: if the system is reset during an operation, does it restart in a correct state?
-
-#### Cleanup
-
-When code should clean up resources, how do we know that they have truly been cleaned up?
-
-* Zeroization of confidential data after use.
-* Freeing memory.
-* Freeing key slots.
-* Freeing key slots in a secure element.
-* Deleting files in storage (PSA API only).
-
-#### Internal data
-
-Sometimes it is useful to peek or poke internal data.
-
-* Check consistency of internal data (e.g. output of key generation).
-* Check the format of files (which matters so that the product can still read old files after an upgrade).
-* Inject faults and test corruption checks inside the product.
-
-## Possible approaches
-
-Key to requirement tables:
-
-* ++ requirement is fully met
-* \+ requirement is mostly met
-* ~ requirement is partially met but there are limitations
-* ! requirement is somewhat problematic
-* !! requirement is very problematic
-
-### Fine-grained public interfaces
-
-We can include all the features we want to test in the public interface. Then the tests can be truly black-box. The limitation of this approach is that this requires adding a lot of interfaces that are not useful in production. These interfaces have costs: they increase the code size, the attack surface, and the testing burden (exponentially, because we need to test all these interfaces in combination).
-
-As a rule, we do not add public interfaces solely for testing purposes. We only add public interfaces if they are also useful in production, at least sometimes. For example, the main purpose of `mbedtls_psa_crypto_free` is to clean up all resources in tests, but this is also useful in production in some applications that only want to use PSA Crypto during part of their lifetime.
-
-Mbed TLS traditionally has very fine-grained public interfaces, with many platform functions that can be substituted (`MBEDTLS_PLATFORM_xxx` macros). PSA Crypto has more opacity and less platform substitution macros.
-
-| Requirement | Analysis |
-| ----------- | -------- |
-| Coverage | ~ Many useful tests are not reasonably achievable |
-| Correctness | ++ Ideal |
-| Effacement | !! Requires adding many otherwise-useless interfaces |
-| Portability | ++ Ideal; the additional interfaces may be useful for portability beyond testing |
-| Maintainability | !! Combinatorial explosion on the testing burden |
-|                 | ! Public interfaces must remain for backward compatibility even if the test architecture changes |
-
-### Fine-grained undocumented interfaces
-
-We can include all the features we want to test in undocumented interfaces. Undocumented interfaces are described in public headers for the sake of the C compiler, but are described as “do not use” in comments (or not described at all) and are not included in Doxygen-rendered documentation. This mitigates some of the downsides of [fine-grained public interfaces](#fine-grained-public-interfaces), but not all. In particular, the extra interfaces do increase the code size, the attack surface and the test surface.
-
-Mbed TLS traditionally has a few internal interfaces, mostly intended for cross-module abstraction leakage rather than for testing. For the PSA API, we favor [internal interfaces](#internal-interfaces).
-
-| Requirement | Analysis |
-| ----------- | -------- |
-| Coverage | ~ Many useful tests are not reasonably achievable |
-| Correctness | ++ Ideal |
-| Effacement | !! Requires adding many otherwise-useless interfaces |
-| Portability | ++ Ideal; the additional interfaces may be useful for portability beyond testing |
-| Maintainability | ! Combinatorial explosion on the testing burden |
-
-### Internal interfaces
-
-We can write tests that call internal functions that are not exposed in the public interfaces. This is nice when it works, because it lets us test the unchanged product without compromising the design of the public interface.
-
-A limitation is that these interfaces must exist in the first place. If they don't, this has mostly the same downside as public interfaces: the extra interfaces increase the code size and the attack surface for no direct benefit to the product.
-
-Another limitation is that internal interfaces need to be used correctly. We may accidentally rely on internal details in the tests that are not necessarily always true (for example that are platform-specific). We may accidentally use these internal interfaces in ways that don't correspond to the actual product.
-
-This approach is mostly portable since it only relies on C interfaces. A limitation is that the test-only interfaces must not be hidden at link time (but link-time hiding is not something we currently do). Another limitation is that this approach does not work for users who patch the library by replacing some modules; this is a secondary concern since we do not officially offer this as a feature.
-
-| Requirement | Analysis |
-| ----------- | -------- |
-| Coverage | ~ Many useful tests require additional internal interfaces |
-| Correctness | + Does not require a product change |
-|             | ~ The tests may call internal functions in a way that does not reflect actual usage inside the product |
-| Effacement | ++ Fine as long as the internal interfaces aren't added solely for test purposes |
-| Portability | + Fine as long as we control how the tests are linked |
-|             | ~ Doesn't work if the users rewrite an internal module |
-| Maintainability | + Tests interfaces that are documented; dependencies in the tests are easily noticed when changing these interfaces |
-
-### Static analysis
-
-If we guarantee certain properties through static analysis, we don't need to test them. This puts some constraints on the properties:
-
-* We need to have confidence in the specification (but we can gain this confidence by evaluating the specification on test data).
-* This does not work for platform-dependent properties unless we have a formal model of the platform.
-
-| Requirement | Analysis |
-| ----------- | -------- |
-| Coverage | ~ Good for platform-independent properties, if we can guarantee them statically |
-| Correctness | + Good as long as we have confidence in the specification |
-| Effacement | ++ Zero impact on the code |
-| Portability | ++ Zero runtime burden |
-| Maintainability | ~ Static analysis is hard, but it's also helpful |
-
-### Compile-time options
-
-If there's code that we want to have in the product for testing, but not in production, we can add a compile-time option to enable it. This is very powerful and usually easy to use, but comes with a major downside: we aren't testing the same code anymore.
-
-| Requirement | Analysis |
-| ----------- | -------- |
-| Coverage | ++ Most things can be tested that way |
-| Correctness | ! Difficult to ensure that what we test is what we run |
-| Effacement | ++ No impact on the product when built normally or on the documentation, if done right |
-|             | ! Risk of getting “no impact” wrong |
-| Portability | ++ It's just C code so it works everywhere |
-|             | ~ Doesn't work if the users rewrite an internal module |
-| Maintainability | + Test interfaces impact the product source code, but at least they're clearly marked as such in the code |
-
-#### Guidelines for compile-time options
-
-* **Minimize the number of compile-time options.**<br>
-  Either we're testing or we're not. Fine-grained options for testing would require more test builds, especially if combinatorics enters the play.
-* **Merely enabling the compile-time option should not change the behavior.**<br>
-  When building in test mode, the code should have exactly the same behavior. Changing the behavior should require some action at runtime (calling a function or changing a variable).
-* **Minimize the impact on code**.<br>
-  We should not have test-specific conditional compilation littered through the code, as that makes the code hard to read.
-
-### Runtime instrumentation
-
-Some properties can be tested through runtime instrumentation: have the compiler or a similar tool inject something into the binary.
-
-* Sanitizers check for certain bad usage patterns (ASan, MSan, UBSan, Valgrind).
-* We can inject external libraries at link time. This can be a way to make system functions fail.
-
-| Requirement | Analysis |
-| ----------- | -------- |
-| Coverage | ! Limited scope |
-| Correctness | + Instrumentation generally does not affect the program's functional behavior |
-| Effacement | ++ Zero impact on the code |
-| Portability | ~ Depends on the method |
-| Maintainability | ~ Depending on the instrumentation, this may require additional builds and scripts |
-|                 | + Many properties come for free, but some require effort (e.g. the test code itself must be leak-free to avoid false positives in a leak detector) |
-
-### Debugger-based testing
-
-If we want to do something in a test that the product isn't capable of doing, we can use a debugger to read or modify the memory, or hook into the code at arbitrary points.
-
-This is a very powerful approach, but it comes with limitations:
-
-* The debugger may introduce behavior changes (e.g. timing). If we modify data structures in memory, we may do so in a way that the code doesn't expect.
-* Due to compiler optimizations, the memory may not have the layout that we expect.
-* Writing reliable debugger scripts is hard. We need to have confidence that we're testing what we mean to test, even in the face of compiler optimizations. Languages such as gdb make it hard to automate even relatively simple things such as finding the place(s) in the binary corresponding to some place in the source code.
-* Debugger scripts are very much non-portable.
-
-| Requirement | Analysis |
-| ----------- | -------- |
-| Coverage | ++ The sky is the limit |
-| Correctness | ++ The code is unmodified, and tested as compiled (so we even detect compiler-induced bugs) |
-|             | ! Compiler optimizations may hinder |
-|             | ~ Modifying the execution may introduce divergence |
-| Effacement | ++ Zero impact on the code |
-| Portability | !! Not all environments have a debugger, and even if they do, we'd need completely different scripts for every debugger |
-| Maintainability | ! Writing reliable debugger scripts is hard |
-|                 | !! Very tight coupling with the details of the source code and even with the compiler |
-
-## Solutions
-
-This section lists some strategies that are currently used for invasive testing, or planned to be used. This list is not intended to be exhaustive.
-
-### Memory management
-
-#### Zeroization testing
-
-Goal: test that `mbedtls_platform_zeroize` does wipe the memory buffer.
-
-Solution ([debugger](#debugger-based-testing)): implemented in `tests/scripts/test_zeroize.gdb`.
-
-Rationale: this cannot be tested by adding C code, because the danger is that the compiler optimizes the zeroization away, and any C code that observes the zeroization would cause the compiler not to optimize it away.
-
-#### Memory cleanup
-
-Goal: test the absence of memory leaks.
-
-Solution ([instrumentation](#runtime-instrumentation)): run tests with ASan. (We also use Valgrind, but it's slower than ASan, so we favor ASan.)
-
-Since we run many test jobs with a memory leak detector, each test function or test program must clean up after itself. Use the cleanup code (after the `exit` label in test functions) to free any memory that the function may have allocated.
-
-#### Robustness against memory allocation failure
-
-Solution: TODO. We don't test this at all at this point.
-
-#### PSA key store memory cleanup
-
-Goal: test the absence of resource leaks in the PSA key store code, in particular that `psa_close_key` and `psa_destroy_key` work correctly.
-
-Solution ([internal interface](#internal-interfaces)): in most tests involving PSA functions, the cleanup code explicitly calls `PSA_DONE()` instead of `mbedtls_psa_crypto_free()`. `PSA_DONE` fails the test if the key store in memory is not empty.
-
-Note there must also be tests that call `mbedtls_psa_crypto_free` with keys still open, to verify that it does close all keys.
-
-`PSA_DONE` is a macro defined in `psa_crypto_helpers.h` which uses `mbedtls_psa_get_stats()` to get information about the keystore content before calling `mbedtls_psa_crypto_free()`. This feature is mostly but not exclusively useful for testing, and may be moved under `MBEDTLS_TEST_HOOKS`.
-
-### PSA storage
-
-#### PSA storage cleanup on success
-
-Goal: test that no stray files are left over in the key store after a test that succeeded.
-
-Solution: TODO. Currently the various test suites do it differently.
-
-#### PSA storage cleanup on failure
-
-Goal: ensure that no stray files are left over in the key store even if a test has failed (as that could cause other tests to fail).
-
-Solution: TODO. Currently the various test suites do it differently.
-
-#### PSA storage resilience
-
-Goal: test the resilience of PSA storage against power failures.
-
-Solution: TODO.
-
-See the [secure element driver interface test strategy](driver-interface-test-strategy.html) for more information.
-
-#### Corrupted storage
-
-Goal: test the robustness against corrupted storage.
-
-Solution ([internal interface](#internal-interfaces)): call `psa_its` functions to modify the storage.
-
-#### Storage read failure
-
-Goal: test the robustness against read errors.
-
-Solution: TODO
-
-#### Storage write failure
-
-Goal: test the robustness against write errors (`STORAGE_FAILURE` or `INSUFFICIENT_STORAGE`).
-
-Solution: TODO
-
-#### Storage format stability
-
-Goal: test that the storage format does not change between versions (or if it does, an upgrade path must be provided).
-
-Solution ([internal interface](#internal-interfaces)): call internal functions to inspect the content of the file.
-
-Note that the storage format is defined not only by the general layout, but also by the numerical values of encodings for key types and other metadata. For numerical values, there is a risk that we would accidentally modify a single value or a few values, so the tests should be exhaustive. This probably requires some compile-time analysis (perhaps the automation for `psa_constant_names` can be used here). TODO
-
-### Other fault injection
-
-#### PSA crypto init failure
-
-Goal: test the failure of `psa_crypto_init`.
-
-Solution ([compile-time option](#compile-time-options)): replace entropy initialization functions by functions that can fail. This is the only failure point for `psa_crypto_init` that is present in all builds.
-
-When we implement the PSA entropy driver interface, this should be reworked to use the entropy driver interface.
-
-#### PSA crypto data corruption
-
-The PSA crypto subsystem has a few checks to detect corrupted data in memory. We currently don't have a way to exercise those checks.
-
-Solution: TODO. To corrupt a multipart operation structure, we can do it by looking inside the structure content, but only when running without isolation. To corrupt the key store, we would need to add a function to the library or to use a debugger.
-
diff --git a/3rdparty/mbedtls-2.25.0/docs/architecture/testing/test-framework.md b/3rdparty/mbedtls-2.25.0/docs/architecture/testing/test-framework.md
deleted file mode 100644
index c4178fa..0000000
--- a/3rdparty/mbedtls-2.25.0/docs/architecture/testing/test-framework.md
+++ /dev/null
@@ -1,58 +0,0 @@
-# Mbed TLS test framework
-
-This document is an overview of the Mbed TLS test framework and test tools.
-
-This document is incomplete. You can help by expanding it.
-
-## Unit tests
-
-See <https://tls.mbed.org/kb/development/test_suites>
-
-### Unit test descriptions
-
-Each test case has a description which succinctly describes for a human audience what the test does. The first non-comment line of each paragraph in a `.data` file is the test description. The following rules and guidelines apply:
-
-* Test descriptions may not contain semicolons, line breaks and other control characters, or non-ASCII characters. <br>
-  Rationale: keep the tools that process test descriptions (`generate_test_code.py`, [outcome file](#outcome-file) tools) simple.
-* Test descriptions must be unique within a `.data` file. If you can't think of a better description, the convention is to append `#1`, `#2`, etc. <br>
-  Rationale: make it easy to relate a failure log to the test data. Avoid confusion between cases in the [outcome file](#outcome-file).
-* Test descriptions should be a maximum of **66 characters**. <br>
-  Rationale: 66 characters is what our various tools assume (leaving room for 14 more characters on an 80-column line). Longer descriptions may be truncated or may break a visual alignment. <br>
-  We have a lot of test cases with longer descriptions, but they should be avoided. At least please make sure that the first 66 characters describe the test uniquely.
-* Make the description descriptive. “foo: x=2, y=4” is more descriptive than “foo #2”. “foo: 0<x<y, both even” is even better if these inequalities and parities are why this particular test data was chosen.
-* Avoid changing the description of an existing test case without a good reason. This breaks the tracking of failures across CI runs, since this tracking is based on the descriptions.
-
-`tests/scripts/check_test_cases.py` enforces some rules and warns if some guidelines are violated.
-
-## TLS tests
-
-### SSL extension tests
-
-#### SSL test case descriptions
-
-Each test case in `ssl-opt.sh` has a description which succinctly describes for a human audience what the test does. The test description is the first parameter to `run_tests`.
-
-The same rules and guidelines apply as for [unit test descriptions](#unit-test-descriptions). In addition, the description must be written on the same line as `run_test`, in double quotes, for the sake of `check_test_cases.py`.
-
-## Running tests
-
-### Outcome file
-
-#### Generating an outcome file
-
-Unit tests and `ssl-opt.sh` record the outcome of each test case in a **test outcome file**. This feature is enabled if the environment variable `MBEDTLS_TEST_OUTCOME_FILE` is set. Set it to the path of the desired file.
-
-If you run `all.sh --outcome-file test-outcome.csv`, this collects the outcome of all the test cases in `test-outcome.csv`.
-
-#### Outcome file format
-
-The outcome file is in a CSV format using `;` (semicolon) as the delimiter and no quoting. This means that fields may not contain newlines or semicolons. There is no title line.
-
-The outcome file has 6 fields:
-
-* **Platform**: a description of the platform, e.g. `Linux-x86_64` or `Linux-x86_64-gcc7-msan`.
-* **Configuration**: a unique description of the configuration (`config.h`).
-* **Test suite**: `test_suite_xxx` or `ssl-opt`.
-* **Test case**: the description of the test case.
-* **Result**: one of `PASS`, `SKIP` or `FAIL`.
-* **Cause**: more information explaining the result.
diff --git a/3rdparty/mbedtls-2.25.0/docs/architecture/tls13-experimental.md b/3rdparty/mbedtls-2.25.0/docs/architecture/tls13-experimental.md
deleted file mode 100644
index 3db16e0..0000000
--- a/3rdparty/mbedtls-2.25.0/docs/architecture/tls13-experimental.md
+++ /dev/null
@@ -1,49 +0,0 @@
-TLS 1.3 Experimental Developments
-=================================
-
-Overview
---------
-
-Mbed TLS doesn't support the TLS 1.3 protocol yet, but a prototype is in development.
-Stable parts of this prototype that can be independently tested are being successively
-upstreamed under the guard of the following macro:
-
-```
-MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
-```
-
-This macro will likely be renamed to `MBEDTLS_SSL_PROTO_TLS1_3` once a minimal viable
-implementation of the TLS 1.3 protocol is available.
-
-See the [documentation of `MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL`](../../include/mbedtls/config.h)
-for more information.
-
-Status
-------
-
-The following lists which parts of the TLS 1.3 prototype have already been upstreamed
-together with their level of testing:
-
-* TLS 1.3 record protection mechanisms
-
-  The record protection routines `mbedtls_ssl_{encrypt|decrypt}_buf()` have been extended
-  to support the modified TLS 1.3 record protection mechanism, including modified computation
-  of AAD, IV, and the introduction of a flexible padding.
-
-  Those record protection routines have unit tests in `test_suite_ssl` alongside the
-  tests for the other record protection routines.
-
-  TODO: Add some test vectors from RFC 8448.
-
-- The HKDF key derivation function on which the TLS 1.3 key schedule is based,
-  is already present as an independent module controlled by `MBEDTLS_HKDF_C`
-  independently of the development of the TLS 1.3 prototype.
-
-- The TLS 1.3-specific HKDF-based key derivation functions (see RFC 8446):
-  * HKDF-Expand-Label
-  * Derive-Secret
-  - Secret evolution
-  * The traffic {Key,IV} generation from secret
-  Those functions are implemented in `library/ssl_tls13_keys.c` and
-  tested in `test_suite_ssl` using test vectors from RFC 8448 and
-  https://tls13.ulfheim.net/.
diff --git a/3rdparty/mbedtls-2.25.0/docs/getting_started.md b/3rdparty/mbedtls-2.25.0/docs/getting_started.md
deleted file mode 100644
index 15d5a31..0000000
--- a/3rdparty/mbedtls-2.25.0/docs/getting_started.md
+++ /dev/null
@@ -1,894 +0,0 @@
-## Getting started with Mbed Crypto
-
-### What is Mbed Crypto?
-
-Mbed Crypto is an open source cryptographic library that supports a wide range of cryptographic operations, including:
-* Key management
-* Hashing
-* Symmetric cryptography
-* Asymmetric cryptography
-* Message authentication (MAC)
-* Key generation and derivation
-* Authenticated encryption with associated data (AEAD)
-
-The Mbed Crypto library is a reference implementation of the cryptography interface of the Arm Platform Security Architecture (PSA). It is written in portable C.
-
-The Mbed Crypto library is distributed under the Apache License, version 2.0.
-
-#### Platform Security Architecture (PSA)
-
-Arm's Platform Security Architecture (PSA) is a holistic set of threat models,
-security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that enables you to design security into both hardware and firmware consistently. Part of the API provided by PSA is the cryptography interface, which provides access to a set of primitives.
-
-### Using Mbed Crypto
-
-* [Getting the Mbed Crypto library](#getting-the-mbed-crypto-library)
-* [Building the Mbed Crypto library](#building-the-mbed-crypto-library)
-* [Using the Mbed Crypto library](#using-the-mbed-crypto-library)
-* [Importing a key](#importing-a-key)
-* [Signing a message using RSA](#signing-a-message-using-RSA)
-* [Encrypting or decrypting using symmetric ciphers](#encrypting-or-decrypting-using-symmetric-ciphers)
-* [Hashing a message](#hashing-a-message)
-* [Deriving a new key from an existing key](#deriving-a-new-key-from-an-existing-key)
-* [Generating a random value](#generating-a-random-value)
-* [Authenticating and encrypting or decrypting a message](#authenticating-and-encrypting-or-decrypting-a-message)
-* [Generating and exporting keys](#generating-and-exporting-keys)
-* [More about the Mbed Crypto library](#more-about-the-mbed-crypto-library)
-
-### Getting the Mbed Crypto library
-
-Mbed Crypto releases are available in the [public GitHub repository](https://github.com/ARMmbed/mbed-crypto).
-
-### Building the Mbed Crypto library
-
-**Prerequisites to building the library with the provided makefiles:**
-* GNU Make.
-* A C toolchain (compiler, linker, archiver).
-* Python 2 or Python 3 (either works) to generate the test code.
-* Perl to run the tests.
-
-If you have a C compiler such as GCC or Clang, just run `make` in the top-level directory to build the library, a set of unit tests and some sample programs.
-
-To select a different compiler, set the `CC` variable to the name or path of the compiler and linker (default: `cc`) and set `AR` to a compatible archiver (default: `ar`); for example:
-```
-make CC=arm-linux-gnueabi-gcc AR=arm-linux-gnueabi-ar
-```
-The provided makefiles pass options to the compiler that assume a GCC-like command line syntax. To use a different compiler, you may need to pass different values for `CFLAGS`, `WARNINGS_CFLAGS` and `LDFLAGS`.
-
-To run the unit tests on the host machine, run `make test` from the top-level directory. If you are cross-compiling, copy the test executable from the `tests` directory to the target machine.
-
-### Using the Mbed Crypto library
-
-To use the Mbed Crypto APIs, call `psa_crypto_init()` before calling any other API. This initializes the library.
-
-### Importing a key
-
-To use a key for cryptography operations in Mbed Crypto, you need to first
-import it. The import operation returns the identifier of the key for use
-with other function calls.
-
-**Prerequisites to importing keys:**
-* Initialize the library with a successful call to `psa_crypto_init()`.
-
-This example shows how to import a key:
-```C
-void import_a_key(const uint8_t *key, size_t key_len)
-{
-    psa_status_t status;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_id_t key;
-
-    printf("Import an AES key...\t");
-    fflush(stdout);
-
-    /* Initialize PSA Crypto */
-    status = psa_crypto_init();
-    if (status != PSA_SUCCESS) {
-        printf("Failed to initialize PSA Crypto\n");
-        return;
-    }
-
-    /* Set key attributes */
-    psa_set_key_usage_flags(&attributes, 0);
-    psa_set_key_algorithm(&attributes, 0);
-    psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
-    psa_set_key_bits(&attributes, 128);
-
-    /* Import the key */
-    status = psa_import_key(&attributes, key, key_len, &key);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to import key\n");
-        return;
-    }
-    printf("Imported a key\n");
-
-    /* Free the attributes */
-    psa_reset_key_attributes(&attributes);
-
-    /* Destroy the key */
-    psa_destroy_key(key);
-
-    mbedtls_psa_crypto_free();
-}
-```
-
-### Signing a message using RSA
-
-Mbed Crypto supports encrypting, decrypting, signing and verifying messages using public key signature algorithms, such as RSA or ECDSA.
-
-**Prerequisites to performing asymmetric signature operations:**
-* Initialize the library with a successful call to `psa_crypto_init()`.
-* Have a valid key with appropriate attributes set:
-    * Usage flag `PSA_KEY_USAGE_SIGN_HASH` to allow signing.
-    * Usage flag `PSA_KEY_USAGE_VERIFY_HASH` to allow signature verification.
-    * Algorithm set to the desired signature algorithm.
-
-This example shows how to sign a hash that has already been calculated:
-```C
-void sign_a_message_using_rsa(const uint8_t *key, size_t key_len)
-{
-    psa_status_t status;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    uint8_t hash[32] = {0x50, 0xd8, 0x58, 0xe0, 0x98, 0x5e, 0xcc, 0x7f,
-                        0x60, 0x41, 0x8a, 0xaf, 0x0c, 0xc5, 0xab, 0x58,
-                        0x7f, 0x42, 0xc2, 0x57, 0x0a, 0x88, 0x40, 0x95,
-                        0xa9, 0xe8, 0xcc, 0xac, 0xd0, 0xf6, 0x54, 0x5c};
-    uint8_t signature[PSA_SIGNATURE_MAX_SIZE] = {0};
-    size_t signature_length;
-    psa_key_id_t key;
-
-    printf("Sign a message...\t");
-    fflush(stdout);
-
-    /* Initialize PSA Crypto */
-    status = psa_crypto_init();
-    if (status != PSA_SUCCESS) {
-        printf("Failed to initialize PSA Crypto\n");
-        return;
-    }
-
-    /* Set key attributes */
-    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH);
-    psa_set_key_algorithm(&attributes, PSA_ALG_RSA_PKCS1V15_SIGN_RAW);
-    psa_set_key_type(&attributes, PSA_KEY_TYPE_RSA_KEY_PAIR);
-    psa_set_key_bits(&attributes, 1024);
-
-    /* Import the key */
-    status = psa_import_key(&attributes, key, key_len, &key);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to import key\n");
-        return;
-    }
-
-    /* Sign message using the key */
-    status = psa_sign_hash(key, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
-                           hash, sizeof(hash),
-                           signature, sizeof(signature),
-                           &signature_length);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to sign\n");
-        return;
-    }
-
-    printf("Signed a message\n");
-
-    /* Free the attributes */
-    psa_reset_key_attributes(&attributes);
-
-    /* Destroy the key */
-    psa_destroy_key(key);
-
-    mbedtls_psa_crypto_free();
-}
-```
-
-### Using symmetric ciphers
-
-Mbed Crypto supports encrypting and decrypting messages using various symmetric cipher algorithms (both block and stream ciphers).
-
-**Prerequisites to working with the symmetric cipher API:**
-* Initialize the library with a successful call to `psa_crypto_init()`.
-* Have a symmetric key. This key's usage flags must include `PSA_KEY_USAGE_ENCRYPT` to allow encryption or `PSA_KEY_USAGE_DECRYPT` to allow decryption.
-
-**To encrypt a message with a symmetric cipher:**
-1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions.
-1. Initialize the operation structure to zero or to `PSA_CIPHER_OPERATION_INIT`.
-1. Call `psa_cipher_encrypt_setup()` to specify the algorithm and the key to be used.
-1. Call either `psa_cipher_generate_iv()` or `psa_cipher_set_iv()` to generate or set the initialization vector (IV). We recommend calling `psa_cipher_generate_iv()`, unless you require a specific IV value.
-1. Call `psa_cipher_update()` with the message to encrypt. You may call this function multiple times, passing successive fragments of the message on successive calls.
-1. Call `psa_cipher_finish()` to end the operation and output the encrypted message.
-
-This example shows how to encrypt data using an AES (Advanced Encryption Standard) key in CBC (Cipher Block Chaining) mode with no padding (assuming all prerequisites have been fulfilled):
-```c
-void encrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len)
-{
-    enum {
-        block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES),
-    };
-    psa_status_t status;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING;
-    uint8_t plaintext[block_size] = SOME_PLAINTEXT;
-    uint8_t iv[block_size];
-    size_t iv_len;
-    uint8_t output[block_size];
-    size_t output_len;
-    psa_key_id_t key;
-    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
-
-    printf("Encrypt with cipher...\t");
-    fflush(stdout);
-
-    /* Initialize PSA Crypto */
-    status = psa_crypto_init();
-    if (status != PSA_SUCCESS)
-    {
-        printf("Failed to initialize PSA Crypto\n");
-        return;
-    }
-
-    /* Import a key */
-    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT);
-    psa_set_key_algorithm(&attributes, alg);
-    psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
-    psa_set_key_bits(&attributes, 128);
-    status = psa_import_key(&attributes, key, key_len, &key);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to import a key\n");
-        return;
-    }
-    psa_reset_key_attributes(&attributes);
-
-    /* Encrypt the plaintext */
-    status = psa_cipher_encrypt_setup(&operation, key, alg);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to begin cipher operation\n");
-        return;
-    }
-    status = psa_cipher_generate_iv(&operation, iv, sizeof(iv), &iv_len);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to generate IV\n");
-        return;
-    }
-    status = psa_cipher_update(&operation, plaintext, sizeof(plaintext),
-                               output, sizeof(output), &output_len);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to update cipher operation\n");
-        return;
-    }
-    status = psa_cipher_finish(&operation, output + output_len,
-                               sizeof(output) - output_len, &output_len);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to finish cipher operation\n");
-        return;
-    }
-    printf("Encrypted plaintext\n");
-
-    /* Clean up cipher operation context */
-    psa_cipher_abort(&operation);
-
-    /* Destroy the key */
-    psa_destroy_key(key);
-
-    mbedtls_psa_crypto_free();
-}
-```
-
-**To decrypt a message with a symmetric cipher:**
-1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions.
-1. Initialize the operation structure to zero or to `PSA_CIPHER_OPERATION_INIT`.
-1. Call `psa_cipher_decrypt_setup()` to specify the algorithm and the key to be used.
-1. Call `psa_cipher_set_iv()` with the IV for the decryption.
-1. Call `psa_cipher_update()` with the message to encrypt. You may call this function multiple times, passing successive fragments of the message on successive calls.
-1. Call `psa_cipher_finish()` to end the operation and output the decrypted message.
-
-This example shows how to decrypt encrypted data using an AES key in CBC mode with no padding
-(assuming all prerequisites have been fulfilled):
-```c
-void decrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len)
-{
-    enum {
-        block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES),
-    };
-    psa_status_t status;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING;
-    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
-    uint8_t ciphertext[block_size] = SOME_CIPHERTEXT;
-    uint8_t iv[block_size] = ENCRYPTED_WITH_IV;
-    uint8_t output[block_size];
-    size_t output_len;
-    psa_key_id_t key;
-
-    printf("Decrypt with cipher...\t");
-    fflush(stdout);
-
-    /* Initialize PSA Crypto */
-    status = psa_crypto_init();
-    if (status != PSA_SUCCESS)
-    {
-        printf("Failed to initialize PSA Crypto\n");
-        return;
-    }
-
-    /* Import a key */
-    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT);
-    psa_set_key_algorithm(&attributes, alg);
-    psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
-    psa_set_key_bits(&attributes, 128);
-    status = psa_import_key(&attributes, key, key_len, &key);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to import a key\n");
-        return;
-    }
-    psa_reset_key_attributes(&attributes);
-
-    /* Decrypt the ciphertext */
-    status = psa_cipher_decrypt_setup(&operation, key, alg);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to begin cipher operation\n");
-        return;
-    }
-    status = psa_cipher_set_iv(&operation, iv, sizeof(iv));
-    if (status != PSA_SUCCESS) {
-        printf("Failed to set IV\n");
-        return;
-    }
-    status = psa_cipher_update(&operation, ciphertext, sizeof(ciphertext),
-                               output, sizeof(output), &output_len);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to update cipher operation\n");
-        return;
-    }
-    status = psa_cipher_finish(&operation, output + output_len,
-                               sizeof(output) - output_len, &output_len);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to finish cipher operation\n");
-        return;
-    }
-    printf("Decrypted ciphertext\n");
-
-    /* Clean up cipher operation context */
-    psa_cipher_abort(&operation);
-
-    /* Destroy the key */
-    psa_destroy_key(key);
-
-    mbedtls_psa_crypto_free();
-}
-```
-
-#### Handling cipher operation contexts
-
-After you've initialized the operation structure with a successful call to `psa_cipher_encrypt_setup()` or `psa_cipher_decrypt_setup()`, you can terminate the operation at any time by calling `psa_cipher_abort()`.
-
-The call to `psa_cipher_abort()` frees any resources associated with the operation, except for the operation structure itself.
-
-Mbed Crypto implicitly calls `psa_cipher_abort()` when:
-* A call to `psa_cipher_generate_iv()`, `psa_cipher_set_iv()` or `psa_cipher_update()` fails (returning any status other than `PSA_SUCCESS`).
-* A call to `psa_cipher_finish()` succeeds or fails.
-
-After an implicit or explicit call to `psa_cipher_abort()`, the operation structure is invalidated; in other words, you cannot reuse the operation structure for the same operation. You can, however, reuse the operation structure for a different operation by calling either `psa_cipher_encrypt_setup()` or `psa_cipher_decrypt_setup()` again.
-
-You must call `psa_cipher_abort()` at some point for any operation that is initialized successfully (by a successful call to `psa_cipher_encrypt_setup()` or `psa_cipher_decrypt_setup()`).
-
-Making multiple sequential calls to `psa_cipher_abort()` on an operation that is terminated (either implicitly or explicitly) is safe and has no effect.
-
-### Hashing a message
-
-Mbed Crypto lets you compute and verify hashes using various hashing
-algorithms.
-
-**Prerequisites to working with the hash APIs:**
-* Initialize the library with a successful call to `psa_crypto_init()`.
-
-**To calculate a hash:**
-1. Allocate an operation structure (`psa_hash_operation_t`) to pass to the hash functions.
-1. Initialize the operation structure to zero or to `PSA_HASH_OPERATION_INIT`.
-1. Call `psa_hash_setup()` to specify the hash algorithm.
-1. Call `psa_hash_update()` with the message to encrypt. You may call this function multiple times, passing successive fragments of the message on successive calls.
-1. Call `psa_hash_finish()` to calculate the hash, or `psa_hash_verify()` to compare the computed hash with an expected hash value.
-
-This example shows how to calculate the SHA-256 hash of a message:
-```c
-    psa_status_t status;
-    psa_algorithm_t alg = PSA_ALG_SHA_256;
-    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
-    unsigned char input[] = { 'a', 'b', 'c' };
-    unsigned char actual_hash[PSA_HASH_MAX_SIZE];
-    size_t actual_hash_len;
-
-    printf("Hash a message...\t");
-    fflush(stdout);
-
-    /* Initialize PSA Crypto */
-    status = psa_crypto_init();
-    if (status != PSA_SUCCESS) {
-        printf("Failed to initialize PSA Crypto\n");
-        return;
-    }
-
-    /* Compute hash of message  */
-    status = psa_hash_setup(&operation, alg);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to begin hash operation\n");
-        return;
-    }
-    status = psa_hash_update(&operation, input, sizeof(input));
-    if (status != PSA_SUCCESS) {
-        printf("Failed to update hash operation\n");
-        return;
-    }
-    status = psa_hash_finish(&operation, actual_hash, sizeof(actual_hash),
-                             &actual_hash_len);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to finish hash operation\n");
-        return;
-    }
-
-    printf("Hashed a message\n");
-
-    /* Clean up hash operation context */
-    psa_hash_abort(&operation);
-
-    mbedtls_psa_crypto_free();
-```
-
-This example shows how to verify the SHA-256 hash of a message:
-```c
-    psa_status_t status;
-    psa_algorithm_t alg = PSA_ALG_SHA_256;
-    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
-    unsigned char input[] = { 'a', 'b', 'c' };
-    unsigned char expected_hash[] = {
-        0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde,
-        0x5d, 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
-        0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
-    };
-    size_t expected_hash_len = PSA_HASH_SIZE(alg);
-
-    printf("Verify a hash...\t");
-    fflush(stdout);
-
-    /* Initialize PSA Crypto */
-    status = psa_crypto_init();
-    if (status != PSA_SUCCESS) {
-        printf("Failed to initialize PSA Crypto\n");
-        return;
-    }
-
-    /* Verify message hash */
-    status = psa_hash_setup(&operation, alg);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to begin hash operation\n");
-        return;
-    }
-    status = psa_hash_update(&operation, input, sizeof(input));
-    if (status != PSA_SUCCESS) {
-        printf("Failed to update hash operation\n");
-        return;
-    }
-    status = psa_hash_verify(&operation, expected_hash, expected_hash_len);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to verify hash\n");
-        return;
-    }
-
-    printf("Verified a hash\n");
-
-    /* Clean up hash operation context */
-    psa_hash_abort(&operation);
-
-    mbedtls_psa_crypto_free();
-```
-
-The API provides the macro `PSA_HASH_SIZE`, which returns the expected hash length (in bytes) for the specified algorithm.
-
-#### Handling hash operation contexts
-
-After a successful call to `psa_hash_setup()`, you can terminate the operation at any time by calling `psa_hash_abort()`. The call to `psa_hash_abort()` frees any resources associated with the operation, except for the operation structure itself.
-
-Mbed Crypto implicitly calls `psa_hash_abort()` when:
-1. A call to `psa_hash_update()` fails (returning any status other than `PSA_SUCCESS`).
-1. A call to `psa_hash_finish()` succeeds or fails.
-1. A call to `psa_hash_verify()` succeeds or fails.
-
-After an implicit or explicit call to `psa_hash_abort()`, the operation structure is invalidated; in other words, you cannot reuse the operation structure for the same operation. You can, however, reuse the operation structure for a different operation by calling `psa_hash_setup()` again.
-
-You must call `psa_hash_abort()` at some point for any operation that is initialized successfully (by a successful call to `psa_hash_setup()`) .
-
-Making multiple sequential calls to `psa_hash_abort()` on an operation that has already been terminated (either implicitly or explicitly) is safe and has no effect.
-
-### Generating a random value
-
-Mbed Crypto can generate random data.
-
-**Prerequisites to generating random data:**
-* Initialize the library with a successful call to `psa_crypto_init()`.
-
-<span class="notes">**Note:** To generate a random key, use `psa_generate_key()` instead of `psa_generate_random()`.</span>
-
-This example shows how to generate ten bytes of random data by calling `psa_generate_random()`:
-```C
-    psa_status_t status;
-    uint8_t random[10] = { 0 };
-
-    printf("Generate random...\t");
-    fflush(stdout);
-
-    /* Initialize PSA Crypto */
-    status = psa_crypto_init();
-    if (status != PSA_SUCCESS) {
-        printf("Failed to initialize PSA Crypto\n");
-        return;
-    }
-
-    status = psa_generate_random(random, sizeof(random));
-    if (status != PSA_SUCCESS) {
-        printf("Failed to generate a random value\n");
-        return;
-    }
-
-    printf("Generated random data\n");
-
-    /* Clean up */
-    mbedtls_psa_crypto_free();
-```
-
-### Deriving a new key from an existing key
-
-Mbed Crypto provides a key derivation API that lets you derive new keys from
-existing ones. The key derivation API has functions to take inputs, including
-other keys and data, and functions to generate outputs, such as new keys or
-other data.
-
-You must first initialize and set up a key derivation context,
-provided with a key and, optionally, other data. Then, use the key derivation context to either read derived data to a buffer or send derived data directly to a key slot.
-
-See the documentation for the particular algorithm (such as HKDF or the TLS1.2 PRF) for
-information about which inputs to pass when, and when you can obtain which outputs.
-
-**Prerequisites to working with the key derivation APIs:**
-* Initialize the library with a successful call to `psa_crypto_init()`.
-* Use a key with the appropriate attributes set:
-    * Usage flags set for key derivation (`PSA_KEY_USAGE_DERIVE`)
-    * Key type set to `PSA_KEY_TYPE_DERIVE`.
-    * Algorithm set to a key derivation algorithm
-      (for example, `PSA_ALG_HKDF(PSA_ALG_SHA_256)`).
-
-**To derive a new AES-CTR 128-bit encryption key into a given key slot using HKDF
-with a given key, salt and info:**
-
-1. Set up the key derivation context using the `psa_key_derivation_setup()`
-function, specifying the derivation algorithm `PSA_ALG_HKDF(PSA_ALG_SHA_256)`.
-1. Provide an optional salt with `psa_key_derivation_input_bytes()`.
-1. Provide info with `psa_key_derivation_input_bytes()`.
-1. Provide a secret with `psa_key_derivation_input_key()`, referencing a key that
-   can be used for key derivation.
-1. Set the key attributes desired for the new derived key. We'll set
-   the `PSA_KEY_USAGE_ENCRYPT` usage flag and the `PSA_ALG_CTR` algorithm for this
-   example.
-1. Derive the key by calling `psa_key_derivation_output_key()`.
-1. Clean up the key derivation context.
-
-At this point, the derived key slot holds a new 128-bit AES-CTR encryption key
-derived from the key, salt and info provided:
-```C
-    psa_status_t status;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    static const unsigned char key[] = {
-        0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
-        0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
-        0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
-        0x0b };
-    static const unsigned char salt[] = {
-        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
-        0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c };
-    static const unsigned char info[] = {
-        0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6,
-        0xf7, 0xf8, 0xf9 };
-    psa_algorithm_t alg = PSA_ALG_HKDF(PSA_ALG_SHA_256);
-    psa_key_derivation_operation_t operation =
-        PSA_KEY_DERIVATION_OPERATION_INIT;
-    size_t derived_bits = 128;
-    size_t capacity = PSA_BITS_TO_BYTES(derived_bits);
-    psa_key_id_t base_key;
-    psa_key_id_t derived_key;
-
-    printf("Derive a key (HKDF)...\t");
-    fflush(stdout);
-
-    /* Initialize PSA Crypto */
-    status = psa_crypto_init();
-    if (status != PSA_SUCCESS) {
-        printf("Failed to initialize PSA Crypto\n");
-        return;
-    }
-
-    /* Import a key for use in key derivation. If such a key has already been
-     * generated or imported, you can skip this part. */
-    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE);
-    psa_set_key_algorithm(&attributes, alg);
-    psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE);
-    status = psa_import_key(&attributes, key, sizeof(key), &base_key);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to import a key\n");
-        return;
-    }
-    psa_reset_key_attributes(&attributes);
-
-    /* Derive a key */
-    status = psa_key_derivation_setup(&operation, alg);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to begin key derivation\n");
-        return;
-    }
-    status = psa_key_derivation_set_capacity(&operation, capacity);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to set capacity\n");
-        return;
-    }
-    status = psa_key_derivation_input_bytes(&operation,
-                                            PSA_KEY_DERIVATION_INPUT_SALT,
-                                            salt, sizeof(salt));
-    if (status != PSA_SUCCESS) {
-        printf("Failed to input salt (extract)\n");
-        return;
-    }
-    status = psa_key_derivation_input_key(&operation,
-                                          PSA_KEY_DERIVATION_INPUT_SECRET,
-                                          base_key);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to input key (extract)\n");
-        return;
-    }
-    status = psa_key_derivation_input_bytes(&operation,
-                                            PSA_KEY_DERIVATION_INPUT_INFO,
-                                            info, sizeof(info));
-    if (status != PSA_SUCCESS) {
-        printf("Failed to input info (expand)\n");
-        return;
-    }
-    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT);
-    psa_set_key_algorithm(&attributes, PSA_ALG_CTR);
-    psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
-    psa_set_key_bits(&attributes, 128);
-    status = psa_key_derivation_output_key(&attributes, &operation,
-                                           &derived_key);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to derive key\n");
-        return;
-    }
-    psa_reset_key_attributes(&attributes);
-
-    printf("Derived key\n");
-
-    /* Clean up key derivation operation */
-    psa_key_derivation_abort(&operation);
-
-    /* Destroy the keys */
-    psa_destroy_key(derived_key);
-    psa_destroy_key(base_key);
-
-    mbedtls_psa_crypto_free();
-```
-
-### Authenticating and encrypting or decrypting a message
-
-Mbed Crypto provides a simple way to authenticate and encrypt with associated data (AEAD), supporting the `PSA_ALG_CCM` algorithm.
-
-**Prerequisites to working with the AEAD cipher APIs:**
-* Initialize the library with a successful call to `psa_crypto_init()`.
-* The key attributes for the key used for derivation must have the `PSA_KEY_USAGE_ENCRYPT` or `PSA_KEY_USAGE_DECRYPT` usage flags.
-
-This example shows how to authenticate and encrypt a message:
-```C
-    psa_status_t status;
-    static const uint8_t key[] = {
-        0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7,
-        0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF };
-    static const uint8_t nonce[] = {
-        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-        0x08, 0x09, 0x0A, 0x0B };
-    static const uint8_t additional_data[] = {
-        0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25,
-        0x20, 0xC3, 0x3C, 0x49, 0xFD, 0x70 };
-    static const uint8_t input_data[] = {
-        0xB9, 0x6B, 0x49, 0xE2, 0x1D, 0x62, 0x17, 0x41,
-        0x63, 0x28, 0x75, 0xDB, 0x7F, 0x6C, 0x92, 0x43,
-        0xD2, 0xD7, 0xC2 };
-    uint8_t *output_data = NULL;
-    size_t output_size = 0;
-    size_t output_length = 0;
-    size_t tag_length = 16;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_id_t key;
-
-    printf("Authenticate encrypt...\t");
-    fflush(stdout);
-
-    /* Initialize PSA Crypto */
-    status = psa_crypto_init();
-    if (status != PSA_SUCCESS) {
-        printf("Failed to initialize PSA Crypto\n");
-        return;
-    }
-
-    output_size = sizeof(input_data) + tag_length;
-    output_data = (uint8_t *)malloc(output_size);
-    if (!output_data) {
-        printf("Out of memory\n");
-        return;
-    }
-
-    /* Import a key */
-    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT);
-    psa_set_key_algorithm(&attributes, PSA_ALG_CCM);
-    psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
-    psa_set_key_bits(&attributes, 128);
-    status = psa_import_key(&attributes, key, sizeof(key), &key);
-    psa_reset_key_attributes(&attributes);
-
-    /* Authenticate and encrypt */
-    status = psa_aead_encrypt(key, PSA_ALG_CCM,
-                              nonce, sizeof(nonce),
-                              additional_data, sizeof(additional_data),
-                              input_data, sizeof(input_data),
-                              output_data, output_size,
-                              &output_length);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to authenticate and encrypt\n");
-        return;
-    }
-
-    printf("Authenticated and encrypted\n");
-
-    /* Clean up */
-    free(output_data);
-
-    /* Destroy the key */
-    psa_destroy_key(key);
-
-    mbedtls_psa_crypto_free();
-```
-
-This example shows how to authenticate and decrypt a message:
-
-```C
-    psa_status_t status;
-    static const uint8_t key_data[] = {
-        0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7,
-        0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF };
-    static const uint8_t nonce[] = {
-        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-        0x08, 0x09, 0x0A, 0x0B };
-    static const uint8_t additional_data[] = {
-        0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25,
-        0x20, 0xC3, 0x3C, 0x49, 0xFD, 0x70 };
-    static const uint8_t input_data[] = {
-        0x20, 0x30, 0xE0, 0x36, 0xED, 0x09, 0xA0, 0x45, 0xAF, 0x3C, 0xBA, 0xEE,
-        0x0F, 0xC8, 0x48, 0xAF, 0xCD, 0x89, 0x54, 0xF4, 0xF6, 0x3F, 0x28, 0x9A,
-        0xA1, 0xDD, 0xB2, 0xB8, 0x09, 0xCD, 0x7C, 0xE1, 0x46, 0xE9, 0x98 };
-    uint8_t *output_data = NULL;
-    size_t output_size = 0;
-    size_t output_length = 0;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_id_t key;
-
-    printf("Authenticate decrypt...\t");
-    fflush(stdout);
-
-    /* Initialize PSA Crypto */
-    status = psa_crypto_init();
-    if (status != PSA_SUCCESS) {
-        printf("Failed to initialize PSA Crypto\n");
-        return;
-    }
-
-    output_size = sizeof(input_data);
-    output_data = (uint8_t *)malloc(output_size);
-    if (!output_data) {
-        printf("Out of memory\n");
-        return;
-    }
-
-    /* Import a key */
-    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT);
-    psa_set_key_algorithm(&attributes, PSA_ALG_CCM);
-    psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
-    psa_set_key_bits(&attributes, 128);
-    status = psa_import_key(&attributes, key_data, sizeof(key_data), &key);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to import a key\n");
-        return;
-    }
-    psa_reset_key_attributes(&attributes);
-
-    /* Authenticate and decrypt */
-    status = psa_aead_decrypt(key, PSA_ALG_CCM,
-                              nonce, sizeof(nonce),
-                              additional_data, sizeof(additional_data),
-                              input_data, sizeof(input_data),
-                              output_data, output_size,
-                              &output_length);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to authenticate and decrypt %ld\n", status);
-        return;
-    }
-
-    printf("Authenticated and decrypted\n");
-
-    /* Clean up */
-    free(output_data);
-
-    /* Destroy the key */
-    psa_destroy_key(key);
-
-    mbedtls_psa_crypto_free();
-```
-
-### Generating and exporting keys
-
-Mbed Crypto provides a simple way to generate a key or key pair.
-
-**Prerequisites to using key generation and export APIs:**
-* Initialize the library with a successful call to `psa_crypto_init()`.
-
-**To generate an ECDSA key:**
-1. Set the desired key attributes for key generation by calling
-   `psa_set_key_algorithm()` with the chosen ECDSA algorithm (such as
-   `PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256)`). You only want to export the public key, not the key pair (or private key); therefore, do not set `PSA_KEY_USAGE_EXPORT`.
-1. Generate a key by calling `psa_generate_key()`.
-1. Export the generated public key by calling `psa_export_public_key()`:
-```C
-    enum {
-        key_bits = 256,
-    };
-    psa_status_t status;
-    size_t exported_length = 0;
-    static uint8_t exported[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits)];
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_id_t key;
-
-    printf("Generate a key pair...\t");
-    fflush(stdout);
-
-    /* Initialize PSA Crypto */
-    status = psa_crypto_init();
-    if (status != PSA_SUCCESS) {
-        printf("Failed to initialize PSA Crypto\n");
-        return;
-    }
-
-    /* Generate a key */
-    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH);
-    psa_set_key_algorithm(&attributes,
-                          PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256));
-    psa_set_key_type(&attributes,
-                     PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1));
-    psa_set_key_bits(&attributes, key_bits);
-    status = psa_generate_key(&attributes, &key);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to generate key\n");
-        return;
-    }
-    psa_reset_key_attributes(&attributes);
-
-    status = psa_export_public_key(key, exported, sizeof(exported),
-                                   &exported_length);
-    if (status != PSA_SUCCESS) {
-        printf("Failed to export public key %ld\n", status);
-        return;
-    }
-
-    printf("Exported a public key\n");
-
-    /* Destroy the key */
-    psa_destroy_key(key);
-
-    mbedtls_psa_crypto_free();
-```
-
-### More about the PSA Crypto API
-
-For more information about the PSA Crypto API, please see the [PSA Cryptography API Specification](https://armmbed.github.io/mbed-crypto/html/index.html).
diff --git a/3rdparty/mbedtls-2.25.0/docs/proposed/psa-driver-interface.md b/3rdparty/mbedtls-2.25.0/docs/proposed/psa-driver-interface.md
deleted file mode 100644
index d825794..0000000
--- a/3rdparty/mbedtls-2.25.0/docs/proposed/psa-driver-interface.md
+++ /dev/null
@@ -1,790 +0,0 @@
-PSA Cryptoprocessor Driver Interface
-====================================
-
-This document describes an interface for cryptoprocessor drivers in the PSA cryptography API. This interface complements the [PSA Cryptography API specification](https://armmbed.github.io/mbed-crypto/psa/#application-programming-interface), which describes the interface between a PSA Cryptography implementation and an application.
-
-This specification is work in progress and should be considered to be in a beta stage. There is ongoing work to implement this interface in Mbed TLS, which is the reference implementation of the PSA Cryptography API. At this stage, Arm does not expect major changes, but minor changes are expected based on experience from the first implementation and on external feedback.
-
-Time-stamp: "2020/11/24 11:03:32 GMT"
-
-## Introduction
-
-### Purpose of the driver interface
-
-The PSA Cryptography API defines an interface that allows applications to perform cryptographic operations in a uniform way regardless of how the operations are performed. Under the hood, different keys may be stored and used in different hardware or in different logical partitions, and different algorithms may involve different hardware or software components.
-
-The driver interface allows implementations of the PSA Cryptography API to be built compositionally. An implementation of the PSA Cryptography API is composed of a **core** and zero or more **drivers**. The core handles key management, enforces key usage policies, and dispatches cryptographic operations either to the applicable driver or to built-in code.
-
-Functions in the PSA Cryptography API invoke functions in the core. Code from the core calls drivers as described in the present document.
-
-### Types of drivers
-
-The PSA Cryptography driver interface supports two types of cryptoprocessors, and accordingly two types of drivers.
-
-* **Transparent** drivers implement cryptographic operations on keys that are provided in cleartext at the beginning of each operation. They are typically used for hardware **accelerators**. When a transparent driver is available for a particular combination of parameters (cryptographic algorithm, key type and size, etc.), it is used instead of the default software implementation. Transparent drivers can also be pure software implementations that are distributed as plug-ins to a PSA Cryptography implementation (for example, an alternative implementation with different performance characteristics, or a certified implementation).
-* **Opaque** drivers implement cryptographic operations on keys that can only be used inside a protected environment such as a **secure element**, a hardware security module, a smartcard, a secure enclave, etc. An opaque driver is invoked for the specific [key location](#lifetimes-and-locations) that the driver is registered for: the dispatch is based on the key's lifetime.
-
-### Requirements
-
-The present specification was designed to fulfill the following high-level requirements.
-
-[Req.plugins] It is possible to combine multiple drivers from different providers into the same implementation, without any prior arrangement other than choosing certain names and values from disjoint namespaces.
-
-[Req.compile] It is possible to compile the code of each driver and of the core separately, and link them together. A small amount of glue code may need to be compiled once the list of drivers is available.
-
-[Req.types] Support drivers for the following types of hardware: accelerators that operate on keys in cleartext; cryptoprocessors that can wrap keys with a built-in keys but not store user keys; and cryptoprocessors that store key material.
-
-[Req.portable] The interface between drivers and the core does not involve any platform-specific consideration. Driver calls are simple C function calls. Interactions with platform-specific hardware happen only inside the driver (and in fact a driver need not involve any hardware at all).
-
-[Req.location] Applications can tell which location values correspond to which secure element drivers.
-
-[Req.fallback] Accelerator drivers can specify that they do not fully support a cryptographic mechanism and that a fallback to core code may be necessary. Conversely, if an accelerator fully supports cryptographic mechanism, the core must be able to omit code for this mechanism.
-
-[Req.mechanisms] Drivers can specify which mechanisms they support. A driver's code will not be invoked for cryptographic mechanisms that it does not support.
-
-## Overview of drivers
-
-### Deliverables for a driver
-
-To write a driver, you need to implement some functions with C linkage, and to declare these functions in a **driver description file**. The driver description file declares which functions the driver implements and what cryptographic mechanisms they support. If the driver description references custom types, macros or constants, you also need to provide C header files defining those elements.
-
-The concrete syntax for a driver description file is JSON. The structure of this JSON file is specified in the section [“Driver description syntax”](#driver-description-syntax).
-
-A driver therefore consists of:
-
-* A driver description file (in JSON format).
-* C header files defining the types required by the driver description. The names of these header files are declared in the driver description file.
-* An object file compiled for the target platform defining the entry point functions specified by the driver description. Implementations may allow drivers to be provided as source files and compiled with the core instead of being pre-compiled.
-
-How to provide the driver description file, the C header files and the object code is implementation-dependent.
-
-### Driver description syntax
-
-The concrete syntax for a driver description file is JSON.
-
-#### Driver description list
-
-PSA Cryptography core implementations should support multiple drivers. The driver description files are passed to the implementation as an ordered list in an unspecified manner. This may be, for example, a list of file names passed on a command line, or a JSON list whose elements are individual driver descriptions.
-
-#### Driver description top-level element
-
-A driver description is a JSON object containing the following properties:
-
-* `"prefix"` (mandatory, string). This must be a valid prefix for a C identifier. All the types and functions provided by the driver have a name that starts with this prefix unless overridden with a `"name"` element in the applicable capability as described below.
-* `"type"` (mandatory, string). One of `"transparent"` or `"opaque"`.
-* `"headers"` (optional, array of strings). A list of header files. These header files must define the types, macros and constants referenced by the driver description. They may declare the entry point functions, but this is not required. They may include other PSA headers and standard headers of the platform. Whether they may include other headers is implementation-specific. If omitted, the list of headers is empty. The header files must be present at the specified location relative to a directory on the compiler's include path when compiling glue code between the core and the drivers.
-* `"capabilities"` (mandatory, array of [capabilities](#driver-description-capability)).
-A list of **capabilities**. Each capability describes a family of functions that the driver implements for a certain class of cryptographic mechanisms.
-* `"key_context"` (not permitted for transparent drivers, mandatory for opaque drivers): information about the [representation of keys](#key-format-for-opaque-drivers).
-* `"persistent_state_size"` (not permitted for transparent drivers, optional for opaque drivers, integer or string). The size in bytes of the [persistent state of the driver](#opaque-driver-persistent-state). This may be either a non-negative integer or a C constant expression of type `size_t`.
-* `"location"` (not permitted for transparent drivers, optional for opaque drivers, integer or string). The [location value](#lifetimes-and-locations) for which this driver is invoked. In other words, this determines the lifetimes for which the driver is invoked. This may be either a non-negative integer or a C constant expression of type `psa_key_location_t`.
-
-### Driver description capability
-
-#### Capability syntax
-
-A capability declares a family of functions that the driver implements for a certain class of cryptographic mechanisms. The capability specifies which key types and algorithms are covered and the names of the types and functions that implement it.
-
-A capability is a JSON object containing the following properties:
-
-* `"entry_points"` (mandatory, list of strings). Each element is the name of a [driver entry point](#driver-entry-points) or driver entry point family. An entry point is a function defined by the driver. If specified, the core will invoke this capability of the driver only when performing one of the specified operations. The driver must implement all the specified entry points, as well as the types if applicable.
-* `"algorithms"` (optional, list of strings). Each element is an [algorithm specification](#algorithm-specifications). If specified, the core will invoke this capability of the driver only when performing one of the specified algorithms. If omitted, the core will invoke this capability for all applicable algorithms.
-* `"key_types"` (optional, list of strings). Each element is a [key type specification](#key-type-specifications). If specified, the core will invoke this capability of the driver only for operations involving a key with one of the specified key types. If omitted, the core will invoke this capability of the driver for all applicable key types.
-* `"key_sizes"` (optional, list of integers). If specified, the core will invoke this capability of the driver only for operations involving a key with one of the specified key sizes. If omitted, the core will invoke this capability of the driver for all applicable key sizes. Key sizes are expressed in bits.
-* `"names"` (optional, object). A mapping from entry point names described by the `"entry_points"` property, to the name of the C function in the driver that implements the corresponding function. If a function is not listed here, name of the driver function that implements it is the driver's prefix followed by an underscore (`_`) followed by the function name. If this property is omitted, it is equivalent to an empty object (so each entry point *suffix* is implemented by a function called *prefix*`_`*suffix*).
-* `"fallback"` (optional for transparent drivers, not permitted for opaque drivers, boolean). If present and true, the driver may return `PSA_ERROR_NOT_SUPPORTED`, in which case the core should call another driver or use built-in code to perform this operation. If absent or false, the driver is expected to fully support the mechanisms described by this capability. See the section “[Fallback](#fallback)” for more information.
-
-#### Capability semantics
-
-When the PSA Cryptography implementation performs a cryptographic mechanism, it invokes available driver entry points as described in the section [“Driver entry points”](#driver-entry-points).
-
-A driver is considered available for a cryptographic mechanism that invokes a given entry point if all of the following conditions are met:
-
-* The driver specification includes a capability whose `"entry_points"` list either includes the entry point or includes an entry point family that includes the entry point.
-* If the mechanism involves an algorithm:
-    * either the capability does not have an `"algorithms"` property;
-    * or the value of the capability's `"algorithms"` property includes an [algorithm specification](#algorithm-specifications) that matches this algorithm.
-* If the mechanism involves a key:
-    * either the key is transparent (its location is `PSA_KEY_LOCATION_LOCAL_STORAGE`) and the driver is transparent;
-    * or the key is opaque (its location is not `PSA_KEY_LOCATION_LOCAL_STORAGE`) and the driver is an opaque driver whose location is the key's location.
-* If the mechanism involves a key:
-    * either the capability does not have a `"key_types"` property;
-    * or the value of the capability's `"key_types"` property includes a [key type specification](#key-type-specifications) that matches this algorithm.
-* If the mechanism involves a key:
-    * either the capability does not have a `"key_sizes"` property;
-    * or the value of the capability's `"key_sizes"` property includes the key's size.
-
-If a driver includes multiple applicable capabilities for a given combination of entry point, algorithm, key type and key size, and all the capabilities map the entry point to the same function name, the driver is considered available for this cryptographic mechanism. If a driver includes multiple applicable capabilities for a given combination of entry point, algorithm, key type and key size, and at least two of these capabilities map the entry point to the different function names, the driver specification is invalid.
-
-If multiple transparent drivers have applicable capabilities for a given combination of entry point, algorithm, key type and key size, the first matching driver in the [specification list](#driver-description-list) is invoked. If the capability has [fallback](#fallback) enabled and the first driver returns `PSA_ERROR_NOT_SUPPORTED`, the next matching driver is invoked, and so on.
-
-If multiple opaque drivers have the same location, the list of driver specifications is invalid.
-
-#### Capability examples
-
-Example 1: the following capability declares that the driver can perform deterministic ECDSA signatures (but not signature verification) using any hash algorithm and any curve that the core supports. If the prefix of this driver is `"acme"`, the function that performs the signature is called `acme_sign_hash`.
-```
-{
-    "entry_points": ["sign_hash"],
-    "algorithms": ["PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH)"],
-}
-```
-
-Example 2: the following capability declares that the driver can perform deterministic ECDSA signatures using SHA-256 or SHA-384 with a SECP256R1 or SECP384R1 private key (with either hash being possible in combination with either curve). If the prefix of this driver is `"acme"`, the function that performs the signature is called `acme_sign_hash`.
-```
-{
-    "entry_points": ["sign_hash"],
-    "algorithms": ["PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256)",
-                   "PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384)"],
-    "key_types": ["PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1)"],
-    "key_sizes": [256, 384]
-}
-```
-
-### Algorithm and key specifications
-
-#### Algorithm specifications
-
-An algorithm specification is a string consisting of a `PSA_ALG_xxx` macro that specifies a cryptographic algorithm or an algorithm wildcard policy defined by the PSA Cryptography API. If the macro takes arguments, the string must have the syntax of a C macro call and each argument must be an algorithm specification or a decimal or hexadecimal literal with no suffix, depending on the expected type of argument.
-
-Spaces are optional after commas. Whether other whitespace is permitted is implementation-specific.
-
-Valid examples:
-```
-PSA_ALG_SHA_256
-PSA_ALG_HMAC(PSA_ALG_SHA_256)
-PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256))
-PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH)
-```
-
-#### Key type specifications
-
-An algorithm specification is a string consisting of a `PSA_KEY_TYPE_xxx` macro that specifies a key type defined by the PSA Cryptography API. If the macro takes an argument, the string must have the syntax of a C macro call and each argument must be the name of a constant of suitable type (curve or group).
-
-The name `_` may be used instead of a curve or group to indicate that the capability concerns all curves or groups.
-
-Valid examples:
-```
-PSA_KEY_TYPE_AES
-PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1)
-PSA_KEY_TYPE_ECC_KEY_PAIR(_)
-```
-
-### Driver entry points
-
-#### Overview of driver entry points
-
-Drivers define functions, each of which implements an aspect of a capability of a driver, such as a cryptographic operation, a part of a cryptographic operation, or a key management action. These functions are called the **entry points** of the driver. Most driver entry points correspond to a particular function in the PSA Cryptography API. For example, if a call to `psa_sign_hash()` is dispatched to a driver, it invokes the driver's `sign_hash` function.
-
-All driver entry points return a status of type `psa_status_t` which should use the status codes documented for PSA services in general and for PSA Cryptography in particular: `PSA_SUCCESS` indicates that the function succeeded, and `PSA_ERROR_xxx` values indicate that an error occurred.
-
-The signature of a driver entry point generally looks like the signature of the PSA Cryptography API that it implements, with some modifications. This section gives an overview of modifications that apply to whole classes of entry points. Refer to the reference section for each entry point or entry point family for details.
-
-* For entry points that operate on an existing key, the `psa_key_id_t` parameter is replaced by a sequence of three parameters that describe the key:
-    1. `const psa_key_attributes_t *attributes`: the key attributes.
-    2. `const uint8_t *key_buffer`: a key material or key context buffer.
-    3. `size_t key_buffer_size`: the size of the key buffer in bytes.
-
-    For transparent drivers, the key buffer contains the key material, in the same format as defined for `psa_export_key()` and `psa_export_public_key()` in the PSA Cryptography API. For opaque drivers, the content of the key buffer is entirely up to the driver.
-
-* For entry points that involve a multi-part operation, the operation state type (`psa_XXX_operation_t`) is replaced by a driver-specific operation state type (*prefix*`_XXX_operation_t`).
-
-* For entry points that are involved in key creation, the `psa_key_id_t *` output parameter is replaced by a sequence of parameters that convey the key context:
-    1. `uint8_t *key_buffer`: a buffer for the key material or key context.
-    2. `size_t key_buffer_size`: the size of the key buffer in bytes.
-    2. `size_t *key_buffer_length`: the length of the data written to the key buffer in bytes.
-
-Some entry points are grouped in families that must be implemented as a whole. If a driver supports an entry point family, it must provide all the entry points in the family.
-
-#### General considerations on driver entry point parameters
-
-Buffer parameters for driver entry points obey the following conventions:
-
-* An input buffer has the type `const uint8_t *` and is immediately followed by a parameter of type `size_t` that indicates the buffer size.
-* An output buffer has the type `uint8_t *` and is immediately followed by a parameter of type `size_t` that indicates the buffer size. A third parameter of type `size_t *` is provided to report the actual length of the data written in the buffer if the function succeeds.
-* An in-out buffer has the type `uint8_t *` and is immediately followed by a parameter of type `size_t` that indicates the buffer size. In-out buffers are only used when the input and the output have the same length.
-
-Buffers of size 0 may be represented with either a null pointer or a non-null pointer.
-
-Input buffers and other input-only parameters (`const` pointers) may be in read-only memory. Overlap is possible between input buffers, and between an input buffer and an output buffer, but not between two output buffers or between a non-buffer parameter and another parameter.
-
-#### Driver entry points for single-part cryptographic operations
-
-The following driver entry points perform a cryptographic operation in one shot (single-part operation):
-
-* `"hash_compute"` (transparent drivers only): calculation of a hash. Called by `psa_hash_compute()` and `psa_hash_compare()`. To verify a hash with `psa_hash_compare()`, the core calls the driver's `"hash_compute"` entry point and compares the result with the reference hash value.
-* `"mac_compute"`: calculation of a MAC. Called by `psa_mac_compute()` and possibly `psa_mac_verify()`. To verify a mac with `psa_mac_verify()`, the core calls an applicable driver's `"mac_verify"` entry point if there is one, otherwise the core calls an applicable driver's `"mac_compute"` entry point and compares the result with the reference MAC value.
-* `"mac_verify"`: verification of a MAC. Called by `psa_mac_verify()`. This entry point is mainly useful for drivers of secure elements that verify a MAC without revealing the correct MAC. Although transparent drivers may implement this entry point in addition to `"mac_compute"`, it is generally not useful because the core can call the `"mac_compute"` entry point and compare with the expected MAC value.
-* `"cipher_encrypt"`: unauthenticated symmetric cipher encryption. Called by `psa_cipher_encrypt()`.
-* `"cipher_decrypt"`: unauthenticated symmetric cipher decryption. Called by `psa_cipher_decrypt()`.
-* `"aead_encrypt"`: authenticated encryption with associated data. Called by `psa_aead_encrypt()`.
-* `"aead_decrypt"`: authenticated decryption with associated data. Called by `psa_aead_decrypt()`.
-* `"asymmetric_encrypt"`: asymmetric encryption. Called by `psa_asymmetric_encrypt()`.
-* `"asymmetric_decrypt"`: asymmetric decryption. Called by `psa_asymmetric_decrypt()`.
-* `"sign_hash"`: signature of an already calculated hash. Called by `psa_sign_hash()` and possibly `psa_sign_message()`. To sign a message with `psa_sign_message()`, the core calls an applicable driver's `"sign_message"` entry point if there is one, otherwise the core calls an applicable driver's `"hash_compute"` entry point followed by an applicable driver's `"sign_hash"` entry point.
-* `"verify_hash"`: verification of an already calculated hash. Called by `psa_verify_hash()` and possibly `psa_verify_message()`. To verify a message with `psa_verify_message()`, the core calls an applicable driver's `"verify_message"` entry point if there is one, otherwise the core calls an applicable driver's `"hash_compute"` entry point followed by an applicable driver's `"verify_hash"` entry point.
-* `"sign_message"`: signature of a message. Called by `psa_sign_message()`.
-* `"verify_message"`: verification of a message. Called by `psa_verify_message()`.
-* `"key_agreement"`: key agreement without a subsequent key derivation. Called by `psa_raw_key_agreement()` and possibly `psa_key_derivation_key_agreement()`.
-
-### Driver entry points for multi-part operations
-
-#### General considerations on multi-part operations
-
-The entry points that implement each step of a multi-part operation are grouped into a family. A driver that implements a multi-part operation must define all of the entry points in this family as well as a type that represents the operation context. The lifecycle of a driver operation context is similar to the lifecycle of an API operation context:
-
-1. The core initializes operation context objects to either all-bits-zero or to logical zero (`{0}`), at its discretion.
-1. The core calls the `xxx_setup` entry point for this operation family. If this fails, the core destroys the operation context object without calling any other driver entry point on it.
-1. The core calls other entry points that manipulate the operation context object, respecting the constraints.
-1. If any entry point fails, the core calls the driver's `xxx_abort` entry point for this operation family, then destroys the operation context object without calling any other driver entry point on it.
-1. If a “finish” entry point fails, the core destroys the operation context object without calling any other driver entry point on it. The finish entry points are: *prefix*`_mac_sign_finish`, *prefix*`_mac_verify_finish`, *prefix*`_cipher_fnish`, *prefix*`_aead_finish`, *prefix*`_aead_verify`.
-
-If a driver implements a multi-part operation but not the corresponding single-part operation, the core calls the driver's multipart operation entry points to perform the single-part operation.
-
-#### Multi-part operation entry point family `"hash_multipart"`
-
-This family corresponds to the calculation of a hash in multiple steps.
-
-This family applies to transparent drivers only.
-
-This family requires the following type and entry points:
-
-* Type `"hash_operation_t"`: the type of a hash operation context. It must be possible to copy a hash operation context byte by byte, therefore hash operation contexts must not contain any embedded pointers (except pointers to global data that do not change after the setup step).
-* `"hash_setup"`: called by `psa_hash_setup()`.
-* `"hash_update"`: called by `psa_hash_update()`.
-* `"hash_finish"`: called by `psa_hash_finish()` and `psa_hash_verify()`.
-* `"hash_abort"`: called by all multi-part hash functions of the PSA Cryptography API.
-
-To verify a hash with `psa_hash_verify()`, the core calls the driver's *prefix*`_hash_finish` entry point and compares the result with the reference hash value.
-
-For example, a driver with the prefix `"acme"` that implements the `"hash_multipart"` entry point family must define the following type and entry points (assuming that the capability does not use the `"names"` property to declare different type and entry point names):
-
-```
-typedef ... acme_hash_operation_t;
-psa_status_t acme_hash_setup(acme_hash_operation_t *operation,
-                             psa_algorithm_t alg);
-psa_status_t acme_hash_update(acme_hash_operation_t *operation,
-                              const uint8_t *input,
-                              size_t input_length);
-psa_status_t acme_hash_finish(acme_hash_operation_t *operation,
-                              uint8_t *hash,
-                              size_t hash_size,
-                              size_t *hash_length);
-psa_status_t acme_hash_abort(acme_hash_operation_t *operation);
-```
-
-#### Operation family `"mac_multipart"`
-
-TODO
-
-#### Operation family `"mac_verify_multipart"`
-
-TODO
-
-#### Operation family `"cipher_encrypt_multipart"`
-
-TODO
-
-#### Operation family `"cipher_decrypt_multipart"`
-
-TODO
-
-#### Operation family `"aead_encrypt_multipart"`
-
-TODO
-
-#### Operation family `"aead_decrypt_multipart"`
-
-TODO
-
-#### Operation family `"key_derivation"`
-
-This family requires the following type and entry points:
-
-* Type `"key_derivation_operation_t"`: the type of a key derivation operation context.
-* `"key_derivation_setup"`: called by `psa_key_derivation_setup()`.
-* `"key_derivation_set_capacity"`: called by `psa_key_derivation_set_capacity()`. The core will always enforce the capacity, therefore this function does not need to do anything for algorithms where the output stream only depends on the effective generated length and not on the capacity.
-* `"key_derivation_input_bytes"`: called by `psa_key_derivation_input_bytes()` and `psa_key_derivation_input_key()`. For transparent drivers, when processing a call to `psa_key_derivation_input_key()`, the core always calls the applicable driver's `"key_derivation_input_bytes"` entry point.
-* `"key_derivation_input_key"` (opaque drivers only)
-* `"key_derivation_output_bytes"`: called by `psa_key_derivation_output_bytes()`; also by `psa_key_derivation_output_key()` for transparent drivers.
-* `"key_derivation_output_key"`: called by `psa_key_derivation_output_key()` for transparent drivers when deriving an asymmetric key pair, and also for opaque drivers.
-* `"key_derivation_abort"`: called by all key derivation functions of the PSA Cryptography API.
-
-TODO: key input and output for opaque drivers; deterministic key generation for transparent drivers
-
-TODO
-
-### Driver entry points for key management
-
-The driver entry points for key management differ significantly between [transparent drivers](#key-management-with-transparent-drivers) and [opaque drivers](#key-management-with-opaque-drivers). This section describes common elements. Refer to the applicable section for each driver type for more information.
-
-The entry points that create or format key data have the following prototypes for a driver with the prefix `"acme"`:
-
-```
-psa_status_t acme_import_key(const psa_key_attributes_t *attributes,
-                             const uint8_t *data,
-                             size_t data_length,
-                             uint8_t *key_buffer,
-                             size_t key_buffer_size,
-                             size_t *key_buffer_length,
-                             size_t *bits); // additional parameter, see below
-psa_status_t acme_generate_key(const psa_key_attributes_t *attributes,
-                               uint8_t *key_buffer,
-                               size_t key_buffer_size,
-                               size_t *key_buffer_length);
-```
-
-TODO: derivation, copy
-
-* The key attributes (`attributes`) have the same semantics as in the PSA Cryptography application interface.
-* For the `"import_key"` entry point, the input in the `data` buffer is either the export format or an implementation-specific format that the core documents as an acceptable input format for `psa_import_key()`.
-* The size of the key data buffer `key_buffer` is sufficient for the internal representation of the key. For a transparent driver, this is the key's [export format](#key-format-for-transparent-drivers). For an opaque driver, this is the size determined from the driver description and the key attributes, as specified in the section [“Key format for opaque drivers”](#key-format-for-opaque-drivers).
-* For an opaque driver with an `"allocate_key"` entry point, the content of the key data buffer on entry is the output of that entry point.
-* The `"import_key"` entry point must determine or validate the key size and set `*bits` as described in the section [“Key size determination on import”](#key-size-determination-on-import) below.
-
-All key creation entry points must ensure that the resulting key is valid as specified in the section [“Key validation”](#key-validation) below. This is primarily important for import entry points since the key data comes from the application.
-
-#### Key size determination on import
-
-The `"import_key"` entry point must determine or validate the key size.
-The PSA Cryptography API exposes the key size as part of the key attributes.
-When importing a key, the key size recorded in the key attributes can be either a size specified by the caller of the API (who may not be trusted), or `0` which indicates that the size must be calculated from the data.
-
-When the core calls the `"import_key"` entry point to process a call to `psa_import_key`, it passes an `attributes` structure such that `psa_get_key_bits(attributes)` is the size passed by the caller of `psa_import_key`. If this size is `0`, the `"import_key"` entry point must set the `bits` input-output parameter to the correct key size. The semantics of `bits` is as follows:
-
-* The core sets `*bits` to `psa_get_key_bits(attributes)` before calling the `"import_key"` entry point.
-* If `*bits == 0`, the driver must determine the key size from the data and set `*bits` to this size. If the key size cannot be determined from the data, the driver must return `PSA_ERROR_INVALID_ARGUMENT` (as of version 1.0 of the PSA Cryptography API specification, it is possible to determine the key size for all standard key types).
-* If `*bits != 0`, the driver must check the value of `*bits` against the data and return `PSA_ERROR_INVALID_ARGUMENT` if it does not match. If the driver entry point changes `*bits` to a different value but returns `PSA_SUCCESS`, the core will consider the key as invalid and the import will fail.
-
-#### Key validation
-
-Key creation entry points must produce valid key data. Key data is _valid_ if operations involving the key are guaranteed to work functionally and not to cause indirect security loss. Operation functions are supposed to receive valid keys, and should not have to check and report invalid keys. For example:
-
-* If a cryptographic mechanism is defined as having keying material of a certain size, or if the keying material involves integers that have to be in a certain range, key creation must ensure that the keying material has an appropriate size and falls within an appropriate range.
-* If a cryptographic operation involves a division by an integer which is provided as part of a key, key creation must ensure that this integer is nonzero.
-* If a cryptographic operation involves two keys A and B (or more), then the creation of A must ensure that using it does not risk compromising B. This applies even if A's policy does not explicitly allow a problematic operation, but A is exportable. In particular, public keys that can potentially be used for key agreement are considered invalid and must not be created if they risk compromising the private key.
-* On the other hand, it is acceptable for import to accept a key that cannot be verified as valid if using this key would at most compromise the key itself and material that is secured with this key. For example, RSA key import does not need to verify that the primes are actually prime. Key import may accept an insecure key if the consequences of the insecurity are no worse than a leak of the key prior to its import.
-
-With opaque drivers, the key context can only be used by code from the same driver, so key validity is primarily intended to report key creation errors at creation time rather than during an operation. With transparent drivers, the key context can potentially be used by code from a different provider, so key validity is critical for interoperability.
-
-This section describes some minimal validity requirements for standard key types.
-
-* For symmetric key types, check that the key size is suitable for the type.
-* For DES (`PSA_KEY_TYPE_DES`), additionally verify the parity bits.
-* For RSA (`PSA_KEY_TYPE_RSA_PUBLIC_KEY`, `PSA_KEY_TYPE_RSA_KEY_PAIR`), check the syntax of the key and make sanity checks on its components. TODO: what sanity checks? Value ranges (e.g. p < n), sanity checks such as parity, minimum and maximum size, what else?
-* For elliptic curve private keys (`PSA_KEY_TYPE_ECC_KEY_PAIR`), check the size and range. TODO: what else?
-* For elliptic curve public keys (`PSA_KEY_TYPE_ECC_PUBLIC_KEY`), check the size and range, and that the point is on the curve. TODO: what else?
-
-### Miscellaneous driver entry points
-
-#### Driver initialization
-
-A driver may declare an `"init"` entry point in a capability with no algorithm, key type or key size. If so, the core calls this entry point once during the initialization of the PSA Cryptography subsystem. If the init entry point of any driver fails, the initialization of the PSA Cryptography subsystem fails.
-
-When multiple drivers have an init entry point, the order in which they are called is unspecified. It is also unspecified whether other drivers' `"init"` entry points are called if one or more init entry point fails.
-
-On platforms where the PSA Cryptography implementation is a subsystem of a single application, the initialization of the PSA Cryptography subsystem takes place during the call to `psa_crypto_init()`. On platforms where the PSA Cryptography implementation is separate from the application or applications, the initialization of the PSA Cryptography subsystem takes place before or during the first time an application calls `psa_crypto_init()`.
-
-The init entry point does not take any parameter.
-
-### Combining multiple drivers
-
-To declare a cryptoprocessor can handle both cleartext and wrapped keys, you need to provide two driver descriptions, one for a transparent driver and one for an opaque driver. You can use the mapping in capabilities' `"names"` property to arrange for multiple driver entry points to map to the same C function.
-
-## Transparent drivers
-
-### Key format for transparent drivers
-
-The format of a key for transparent drivers is the same as in applications. Refer to the documentation of [`psa_export_key()`](https://armmbed.github.io/mbed-crypto/html/api/keys/management.html#c.psa_export_key) and [`psa_export_public_key()`](https://armmbed.github.io/mbed-crypto/html/api/keys/management.html#c.psa_export_public_key) in the PSA Cryptography API specification. For custom key types defined by an implementation, refer to the documentation of that implementation.
-
-### Key management with transparent drivers
-
-Transparent drivers may provide the following key management entry points:
-
-* [`"import_key"`](#key-import-with-transparent-drivers): called by `psa_import_key()`, only when importing a key pair or a public key (key such that `PSA_KEY_TYPE_IS_ASYMMETRIC` is true).
-* `"generate_key"`: called by `psa_generate_key()`, only when generating a key pair (key such that `PSA_KEY_TYPE_IS_KEY_PAIR` is true).
-* `"key_derivation_output_key"`: called by `psa_key_derivation_output_key()`, only when deriving a key pair (key such that `PSA_KEY_TYPE_IS_KEY_PAIR` is true).
-* `"export_public_key"`: called by the core to obtain the public key of a key pair. The core may call this function at any time to obtain the public key, which can be for `psa_export_public_key()` but also at other times, including during a cryptographic operation that requires the public key such as a call to `psa_verify_message()` on a key pair object.
-
-Transparent drivers are not involved when exporting, copying or destroying keys, or when importing, generating or deriving symmetric keys.
-
-#### Key import with transparent drivers
-
-As discussed in [the general section about key management entry points](#driver-entry-points-for-key-management), the key import entry points has the following prototype for a driver with the prefix `"acme"`:
-```
-psa_status_t acme_import_key(const psa_key_attributes_t *attributes,
-                             const uint8_t *data,
-                             size_t data_length,
-                             uint8_t *key_buffer,
-                             size_t key_buffer_size,
-                             size_t *key_buffer_length,
-                             size_t *bits);
-```
-
-This entry point has several roles:
-
-1. Parse the key data in the input buffer `data`. The driver must support the export format for the key types that the entry point is declared for. It may support additional formats as specified in the description of [`psa_import_key()`](https://armmbed.github.io/mbed-crypto/html/api/keys/management.html#c.psa_export_key) in the PSA Cryptography API specification.
-2. Validate the key data. The necessary validation is described in the section [“Key validation with transparent drivers”](#key-validation-with-transparent-drivers) above.
-3. [Determine the key size](#key-size-determination-on-import) and output it through `*bits`.
-4. Copy the validated key data from `data` to `key_buffer`. The output must be in the canonical format documented for [`psa_export_key()`](https://armmbed.github.io/mbed-crypto/html/api/keys/management.html#c.psa_export_key) or [`psa_export_public_key()`](https://armmbed.github.io/mbed-crypto/html/api/keys/management.html#c.psa_export_public_key), so if the input is not in this format, the entry point must convert it.
-
-### Fallback
-
-Sometimes cryptographic accelerators only support certain cryptographic mechanisms partially. The capability description language allows specifying some restrictions, including restrictions on key sizes, but it cannot cover all the possibilities that may arise in practice. Furthermore, it may be desirable to deploy the same binary image on different devices, only some of which have a cryptographic accelerators.
-For these purposes, a transparent driver can declare that it only supports a [capability](#driver-description-capability) partially, by setting the capability's `"fallback"` property to true.
-
-If a transparent driver entry point is part of a capability which has a true `"fallback"` property and returns `PSA_ERROR_NOT_SUPPORTED`, the core will call the next transparent driver that supports the mechanism, if there is one. The core considers drivers in the order given by the [driver description list](#driver-description-list).
-
-If all the available drivers have fallback enabled and return `PSA_ERROR_NOT_SUPPORTED`, the core will perform the operation using built-in code.
-As soon as a driver returns any value other than `PSA_ERROR_NOT_SUPPORTED` (`PSA_SUCCESS` or a different error code), this value is returned to the application, without attempting to call any other driver or built-in code.
-
-If a transparent driver entry point is part of a capability where the `"fallback"` property is false or omitted, the core should not include any other code for this capability, whether built in or in another transparent driver.
-
-## Opaque drivers
-
-Opaque drivers allow a PSA Cryptography implementation to delegate cryptographic operations to a separate environment that might not allow exporting key material in cleartext. The opaque driver interface is designed so that the core never inspects the representation of a key. The opaque driver interface is designed to support two subtypes of cryptoprocessors:
-
-* Some cryptoprocessors do not have persistent storage for individual keys. The representation of a key is the key material wrapped with a master key which is located in the cryptoprocessor and never exported from it. The core stores this wrapped key material on behalf of the cryptoprocessor.
-* Some cryptoprocessors have persistent storage for individual keys. The representation of a key is an identifier such as label or slot number. The core stores this identifier.
-
-### Key format for opaque drivers
-
-The format of a key for opaque drivers is an opaque blob. The content of this blob is fully up to the driver. The core merely stores this blob.
-
-Note that since the core stores the key context blob as it is in memory, it must only contain data that is meaningful after a reboot. In particular, it must not contain any pointers or transient handles.
-
-The `"key_context"` property in the [driver description](#driver-description-top-level-element) specifies how to calculate the size of the key context as a function of the key type and size. This is an object with the following properties:
-
-* `"base_size"` (integer or string, optional): this many bytes are included in every key context. If omitted, this value defaults to 0.
-* `"key_pair_size"` (integer or string, optional): this many bytes are included in every key context for a key pair. If omitted, this value defaults to 0.
-* `"public_key_size"` (integer or string, optional): this many bytes are included in every key context for a public key. If omitted, this value defaults to 0.
-* `"symmetric_factor"` (integer or string, optional): every key context for a symmetric key includes this many times the key size. If omitted, this value defaults to 0.
-* `"store_public_key"` (boolean, optional): If specified and true, for a key pair, the key context includes space for the public key. If omitted or false, no additional space is added for the public key.
-* `"size_function"` (string, optional): the name of a function that returns the number of bytes that the driver needs in a key context for a key. This may be a pointer to function. This must be a C identifier; more complex expressions are not permitted. If the core uses this function, it supersedes all the other properties.
-
-The integer properties must be C language constants. A typical value for `"base_size"` is `sizeof(acme_key_context_t)` where `acme_key_context_t` is a type defined in a driver header file.
-
-#### Size of a dynamically allocated key context
-
-If the core supports dynamic allocation for the key context and chooses to use it, and the driver specification includes the `"size_function"` property, the size of the key context is at least
-```
-size_function(key_type, key_bits)
-```
-where `size_function` is the function named in the `"size_function"` property, `key_type` is the key type and `key_bits` is the key size in bits. The prototype of the size function is
-```
-size_t size_function(psa_key_type_t key_type, size_t key_bits);
-```
-
-#### Size of a statically allocated key context
-
-If the core does not support dynamic allocation for the key context or chooses not to use it, or if the driver specification does not include the `"size_function"` property, the size of the key context for a key of type `key_type` and of size `key_bits` bits is:
-
-* For a key pair (`PSA_KEY_TYPE_IS_KEY_PAIR(key_type)` is true):
-    ```
-    base_size + key_pair_size + public_key_overhead
-    ```
-    where `public_key_overhead = PSA_EXPORT_PUBLIC_KEY_MAX_SIZE(key_type, key_bits)` if the `"store_public_key"` property is true and `public_key_overhead = 0` otherwise.
-
-* For a public key (`PSA_KEY_TYPE_IS_PUBLIC_KEY(key_type)` is true):
-    ```
-    base_size + public_key_size
-    ```
-
-* For a symmetric key (not a key pair or public key):
-    ```
-    base_size + symmetric_factor * key_bytes
-    ```
-    where `key_bytes = ((key_bits + 7) / 8)` is the key size in bytes.
-
-#### Key context size for a secure element with storage
-
-If the key is stored in the secure element and the driver only needs to store a label for the key, use `"base_size"` as the size of the label plus any other metadata that the driver needs to store, and omit the other properties.
-
-If the key is stored in the secure element, but the secure element does not store the public part of a key pair and cannot recompute it on demand, additionally use the `"store_public_key"` property with the value `true`. Note that this only influences the size of the key context: the driver code must copy the public key to the key context and retrieve it on demand in its `export_public_key` entry point.
-
-#### Key context size for a secure element without storage
-
-If the key is stored in wrapped form outside the secure element, and the wrapped form of the key plus any metadata has up to *N* bytes of overhead, use *N* as the value of the `"base_size"` property and set the `"symmetric_factor"` property to 1. Set the `"key_pair_size"` and `"public_key_size"` properties appropriately for the largest supported key pair and the largest supported public key respectively.
-
-### Key management with opaque drivers
-
-Opaque drivers may provide the following key management entry points:
-
-* `"export_key"`: called by `psa_export_key()`, or by `psa_copy_key()` when copying a key from or to a different [location](#lifetimes-and-locations).
-* `"export_public_key"`: called by the core to obtain the public key of a key pair. The core may call this entry point at any time to obtain the public key, which can be for `psa_export_public_key()` but also at other times, including during a cryptographic operation that requires the public key such as a call to `psa_verify_message()` on a key pair object.
-* `"import_key"`: called by `psa_import_key()`, or by `psa_copy_key()` when copying a key from another location.
-* `"generate_key"`: called by `psa_generate_key()`.
-* `"key_derivation_output_key"`: called by `psa_key_derivation_output_key()`.
-* `"copy_key"`: called by `psa_copy_key()` when copying a key within the same [location](#lifetimes-and-locations).
-
-In addition, secure elements that store the key material internally must provide the following two entry points:
-
-* `"allocate_key"`: called by `psa_import_key()`, `psa_generate_key()`, `psa_key_derivation_output_key()` or `psa_copy_key()` before creating a key in the location of this driver.
-* `"destroy_key"`: called by `psa_destroy_key()`.
-
-#### Key creation in a secure element without storage
-
-This section describes the key creation process for secure elements that do not store the key material. The driver must obtain a wrapped form of the key material which the core will store. A driver for such a secure element has no `"allocate_key"` or `"destroy_key"` entry point.
-
-When creating a key with an opaque driver which does not have an `"allocate_key"` or `"destroy_key"` entry point:
-
-1. The core allocates memory for the key context.
-2. The core calls the driver's import, generate, derive or copy entry point.
-3. The core saves the resulting wrapped key material and any other data that the key context may contain.
-
-To destroy a key, the core simply destroys the wrapped key material, without invoking driver code.
-
-#### Key management in a secure element with storage
-
-This section describes the key creation and key destruction processes for secure elements that have persistent storage for the key material. A driver for such a secure element has two mandatory entry points:
-
-* `"allocate_key"`: this function obtains an internal identifier for the key. This may be, for example, a unique label or a slot number.
-* `"destroy_key"`: this function invalidates the internal identifier and destroys the associated key material.
-
-These functions have the following prototypes for a driver with the prefix `"acme"`:
-```
-psa_status_t acme_allocate_key(const psa_key_attributes_t *attributes,
-                               uint8_t *key_buffer,
-                               size_t key_buffer_size);
-psa_status_t acme_destroy_key(const psa_key_attributes_t *attributes,
-                              const uint8_t *key_buffer,
-                              size_t key_buffer_size);
-```
-
-When creating a persistent key with an opaque driver which has an `"allocate_key"` entry point:
-
-1. The core calls the driver's `"allocate_key"` entry point. This function typically allocates an internal identifier for the key without modifying the state of the secure element and stores the identifier in the key context. This function should not modify the state of the secure element. It may modify the copy of the persistent state of the driver in memory.
-
-1. The core saves the key context to persistent storage.
-
-1. The core calls the driver's key creation entry point.
-
-1. The core saves the updated key context to persistent storage.
-
-If a failure occurs after the `"allocate_key"` step but before the call to the second driver entry point, the core will do one of the following:
-
-* Fail the creation of the key without indicating this to the driver. This can happen, in particular, if the device loses power immediately after the key allocation entry point returns.
-* Call the driver's `"destroy_key"` entry point.
-
-To destroy a key, the core calls the driver's `"destroy_key"` entry point.
-
-Note that the key allocation and destruction entry points must not rely solely on the key identifier in the key attributes to identify a key. Some implementations of the PSA Cryptography API store keys on behalf of multiple clients, and different clients may use the same key identifier to designate different keys. The manner in which the core distinguishes keys that have the same identifier but are part of the key namespace for different clients is implementation-dependent and is not accessible to drivers. Some typical strategies to allocate an internal key identifier are:
-
-* Maintain a set of free slot numbers which is stored either in the secure element or in the driver's persistent storage. To allocate a key slot, find a free slot number, mark it as occupied and store the number in the key context. When the key is destroyed, mark the slot number as free.
-* Maintain a monotonic counter with a practically unbounded range in the secure element or in the driver's persistent storage. To allocate a key slot, increment the counter and store the current value in the key context. Destroying a key does not change the counter.
-
-TODO: explain constraints on how the driver updates its persistent state for resilience
-
-TODO: some of the above doesn't apply to volatile keys
-
-#### Key creation entry points in opaque drivers
-
-The key creation entry points have the following prototypes for a driver with the prefix `"acme"`:
-
-```
-psa_status_t acme_import_key(const psa_key_attributes_t *attributes,
-                             const uint8_t *data,
-                             size_t data_length,
-                             uint8_t *key_buffer,
-                             size_t key_buffer_size,
-                             size_t *key_buffer_length,
-                             size_t *bits);
-psa_status_t acme_generate_key(const psa_key_attributes_t *attributes,
-                               uint8_t *key_buffer,
-                               size_t key_buffer_size,
-                               size_t *key_buffer_length);
-```
-
-If the driver has an [`"allocate_key"` entry point](#key-management-in-a-secure-element-with-storage), the core calls the `"allocate_key"` entry point with the same attributes on the same key buffer before calling the key creation entry point.
-
-TODO: derivation, copy
-
-#### Key export entry points in opaque drivers
-
-The key export entry points have the following prototypes for a driver with the prefix `"acme"`:
-
-```
-psa_status_t acme_export_key(const psa_key_attributes_t *attributes,
-                             const uint8_t *key_buffer,
-                             size_t key_buffer_size,
-                             uint8_t *data,
-                             size_t data_size,
-                             size_t *data_length);
-psa_status_t acme_export_public_key(const psa_key_attributes_t *attributes,
-                                    const uint8_t *key_buffer,
-                                    size_t key_buffer_size,
-                                    uint8_t *data,
-                                    size_t data_size,
-                                    size_t *data_length);
-```
-
-The core will only call `acme_export_public_key` on a private key. Drivers implementers may choose to store the public key in the key context buffer or to recalculate it on demand. If the key context includes the public key, it needs to have an adequate size; see [“Key format for opaque drivers”](#key-format-for-opaque-drivers).
-
-The core guarantees that the size of the output buffer (`data_size`) is sufficient to export any key with the given attributes. The driver must set `*data_length` to the exact size of the exported key.
-
-### Opaque driver persistent state
-
-The core maintains persistent state on behalf of an opaque driver. This persistent state consists of a single byte array whose size is given by the `"persistent_state_size"` property in the [driver description](#driver-description-top-level-element).
-
-The core loads the persistent state in memory before it calls the driver's [init entry point](#driver-initialization). It is adjusted to match the size declared by the driver, in case a driver upgrade changes the size:
-
-* The first time the driver is loaded on a system, the persistent state is all-bits-zero.
-* If the stored persistent state is smaller than the declared size, the core pads the persistent state with all-bits-zero at the end.
-* If the stored persistent state is larger than the declared size, the core truncates the persistent state to the declared size.
-
-The core provides the following callback functions, which an opaque driver may call while it is processing a call from the driver:
-```
-psa_status_t psa_crypto_driver_get_persistent_state(uint_8_t **persistent_state_ptr);
-psa_status_t psa_crypto_driver_commit_persistent_state(size_t from, size_t length);
-```
-
-`psa_crypto_driver_get_persistent_state` sets `*persistent_state_ptr` to a pointer to the first byte of the persistent state. This pointer remains valid during a call to a driver entry point. Once the entry point returns, the pointer is no longer valid. The core guarantees that calls to `psa_crypto_driver_get_persistent_state` within the same entry point return the same address for the persistent state, but this address may change between calls to an entry point.
-
-`psa_crypto_driver_commit_persistent_state` updates the persistent state in persistent storage. Only the portion at byte offsets `from` inclusive to `from + length` exclusive is guaranteed to be updated; it is unspecified whether changes made to other parts of the state are taken into account. The driver must call this function after updating the persistent state in memory and before returning from the entry point, otherwise it is unspecified whether the persistent state is updated.
-
-The core will not update the persistent state in storage while an entry point is running except when the entry point calls `psa_crypto_driver_commit_persistent_state`. It may update the persistent state in storage after an entry point returns.
-
-In a multithreaded environment, the driver may only call these two functions from the thread that is executing the entry point.
-
-## How to use drivers from an application
-
-### Using transparent drivers
-
-Transparent drivers linked into the library are automatically used for the mechanisms that they implement.
-
-### Using opaque drivers
-
-Each opaque driver is assigned a [location](#lifetimes-and-locations). The driver is invoked for all actions that use a key in that location. A key's location is indicated by its lifetime. The application chooses the key's lifetime when it creates the key.
-
-For example, the following snippet creates an AES-GCM key which is only accessible inside the secure element designated by the location `PSA_KEY_LOCATION_acme`.
-```
-psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
-        PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_acme));
-psa_set_key_identifer(&attributes, 42);
-psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
-psa_set_key_size(&attributes, 128);
-psa_set_key_algorithm(&attributes, PSA_ALG_GCM);
-psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
-psa_key_id_t key;
-psa_generate_key(&attributes, &key);
-```
-
-## Using opaque drivers from an application
-
-### Lifetimes and locations
-
-The PSA Cryptography API, version 1.0.0, defines [lifetimes](https://armmbed.github.io/mbed-crypto/html/api/keys/attributes.html?highlight=psa_key_lifetime_t#c.psa_key_lifetime_t) as an attribute of a key that indicates where the key is stored and which application and system actions will create and destroy it. The lifetime is expressed as a 32-bit value (`typedef uint32_t psa_key_lifetime_t`). An upcoming version of the PSA Cryptography API defines more structure for lifetime values to separate these two aspects of the lifetime:
-
-* Bits 0–7 are a _persistence level_. This value indicates what device management actions can cause it to be destroyed. In particular, it indicates whether the key is volatile or persistent.
-* Bits 8–31 are a _location indicator_. This value indicates where the key material is stored and where operations on the key are performed. Location values can be stored in a variable of type `psa_key_location_t`.
-
-An opaque driver is attached to a specific location. Keys in the default location (`PSA_KEY_LOCATION_LOCAL_STORAGE = 0`) are transparent: the core has direct access to the key material. For keys in a location that is managed by an opaque driver, only the secure element has access to the key material and can perform operations on the key, while the core only manipulates a wrapped form of the key or an identifier of the key.
-
-### Creating a key in a secure element
-
-The core defines a compile-time constant for each opaque driver indicating its location called `PSA_KEY_LOCATION_`*prefix* where *prefix* is the value of the `"prefix"` property in the driver description. For convenience, Mbed TLS also declares a compile-time constant for the corresponding lifetime with the default persistence called `PSA_KEY_LIFETIME_`*prefix*. Therefore, to declare an opaque key in the location with the prefix `foo` with the default persistence, call `psa_set_key_lifetime` during the key creation as follows:
-```
-psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_foo);
-```
-
-To declare a volatile key:
-```
-psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
-        PSA_KEY_LOCATION_foo,
-        PSA_KEY_PERSISTENCE_VOLATILE));
-```
-
-Generally speaking, to declare a key with a specified persistence:
-```
-psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
-        PSA_KEY_LOCATION_foo,
-        persistence));
-```
-
-## Open questions
-
-### Driver declarations
-
-#### Declaring driver entry points
-
-The core may want to provide declarations for the driver entry points so that it can compile code using them. At the time of writing this paragraph, the driver headers must define types but there is no obligation for them to declare functions. The core knows what the function names and argument types are, so it can generate prototypes.
-
-It should be ok for driver functions to be function-like macros or function pointers.
-
-#### Driver location values
-
-How does a driver author decide which location values to use? It should be possible to combine drivers from different sources. Use the same vendor assignment as for PSA services?
-
-Can the driver assembly process generate distinct location values as needed? This can be convenient, but it's also risky: if you upgrade a device, you need the location values to be the same between builds.
-
-The current plan is for Arm to maintain a registry of vendors and assign a location namespace to each vendor. Parts of the namespace would be reserved for implementations and integrators.
-
-#### Multiple transparent drivers
-
-When multiple transparent drivers implement the same mechanism, which one is called? The first one? The last one? Unspecified? Or is this an error (excluding capabilities with fallback enabled)?
-
-The current choice is that the first one is used, which allows having a preference order on drivers, but may mask integration errors.
-
-### Driver function interfaces
-
-#### Driver function parameter conventions
-
-Should 0-size buffers be guaranteed to have a non-null pointers?
-
-Should drivers really have to cope with overlap?
-
-Should the core guarantee that the output buffer size has the size indicated by the applicable buffer size macro (which may be an overestimation)?
-
-### Partial computations in drivers
-
-#### Substitution points
-
-Earlier drafts of the driver interface had a concept of _substitution points_: places in the calculation where a driver may be called. Some hardware doesn't do the whole calculation, but only the “main” part. This goes both for transparent and opaque drivers. Some common examples:
-
-* A processor that performs the RSA exponentiation, but not the padding. The driver should be able to leverage the padding code in the core.
-* A processor that performs a block cipher operation only for a single block, or only in ECB mode, or only in CTR mode. The core would perform the block mode (CBC, CTR, CCM, ...).
-
-This concept, or some other way to reuse portable code such as specifying inner functions like `psa_rsa_pad` in the core, should be added to the specification.
-
-### Key management
-
-#### Mixing drivers in key derivation
-
-How does `psa_key_derivation_output_key` work when the extraction part and the expansion part use different drivers?
-
-#### Public key calculation
-
-ECC key pairs are represented as the private key value only. The public key needs to be calculated from that. Both transparent drivers and opaque drivers provide a function to calculate the public key (`"export_public_key"`).
-
-The specification doesn't mention when the public key might be calculated. The core may calculate it on creation, on demand, or anything in between. Opaque drivers have a choice of storing the public key in the key context or calculating it on demand and can convey whether the core should store the public key with the `"store_public_key"` property. Is this good enough or should the specification include non-functional requirements?
-
-#### Symmetric key validation with transparent drivers
-
-Should the entry point be called for symmetric keys as well?
-
-#### Support for custom import formats
-
-[“Driver entry points for key management”](#driver-entry-points-for-key-management) states that the input to `"import_key"` can be an implementation-defined format. Is this a good idea? It reduces driver portability, since a core that accepts a custom format would not work with a driver that doesn't accept this format. On the other hand, if a driver accepts a custom format, the core should let it through because the driver presumably handles it more efficiently (in terms of speed and code size) than the core could.
-
-Allowing custom formats also causes a problem with import: the core can't know the size of the key representation until it knows the bit-size of the key, but determining the bit-size of the key is part of the job of the `"import_key"` entry point. For standard key types, this could plausibly be an issue for RSA private keys, where an implementation might accept a custom format that omits the CRT parameters (or that omits *d*).
-
-### Opaque drivers
-
-#### Opaque driver persistent state
-
-The driver is allowed to update the state at any time. Is this ok?
-
-An example use case for updating the persistent state at arbitrary times is to renew a key that is used to encrypt communications between the application processor and the secure element.
-
-`psa_crypto_driver_get_persistent_state` does not identify the calling driver, so the driver needs to remember which driver it's calling. This may require a thread-local variable in a multithreaded core. Is this ok?
-
-<!--
-Local Variables:
-time-stamp-line-limit: 40
-time-stamp-start: "Time-stamp: *\""
-time-stamp-end: "\""
-time-stamp-format: "%04Y/%02m/%02d %02H:%02M:%02S %Z"
-time-stamp-time-zone: "GMT"
-End:
--->
diff --git a/3rdparty/mbedtls-2.25.0/doxygen/input/doc_hashing.h b/3rdparty/mbedtls-2.25.0/doxygen/input/doc_hashing.h
deleted file mode 100644
index aaa0c78..0000000
--- a/3rdparty/mbedtls-2.25.0/doxygen/input/doc_hashing.h
+++ /dev/null
@@ -1,42 +0,0 @@
-/**
- * \file doc_hashing.h
- *
- * \brief Hashing module documentation file.
- */
-/*
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/**
- * @addtogroup hashing_module Hashing module
- *
- * The Message Digest (MD) or Hashing module provides one-way hashing
- * functions. Such functions can be used for creating a hash message
- * authentication code (HMAC) when sending a message. Such a HMAC can be used
- * in combination with a private key for authentication, which is a message
- * integrity control.
- *
- * All hash algorithms can be accessed via the generic MD layer (see
- * \c mbedtls_md_setup())
- *
- * The following hashing-algorithms are provided:
- * - MD2, MD4, MD5 128-bit one-way hash functions by Ron Rivest.
- * - SHA-1, SHA-256, SHA-384/512 160-bit or more one-way hash functions by
- *   NIST and NSA.
- *
- * This module provides one-way hashing which can be used for authentication.
- */
diff --git a/3rdparty/mbedtls-2.25.0/doxygen/input/doc_mainpage.h b/3rdparty/mbedtls-2.25.0/doxygen/input/doc_mainpage.h
deleted file mode 100644
index 5b51bd5..0000000
--- a/3rdparty/mbedtls-2.25.0/doxygen/input/doc_mainpage.h
+++ /dev/null
@@ -1,94 +0,0 @@
-/**
- * \file doc_mainpage.h
- *
- * \brief Main page documentation file.
- */
-/*
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/**
- * @mainpage mbed TLS v2.25.0 source code documentation
- *
- * This documentation describes the internal structure of mbed TLS.  It was
- * automatically generated from specially formatted comment blocks in
- * mbed TLS's source code using Doxygen.  (See
- * http://www.stack.nl/~dimitri/doxygen/ for more information on Doxygen)
- *
- * mbed TLS has a simple setup: it provides the ingredients for an SSL/TLS
- * implementation. These ingredients are listed as modules in the
- * \ref mainpage_modules "Modules section". This "Modules section" introduces
- * the high-level module concepts used throughout this documentation.\n
- * Some examples of mbed TLS usage can be found in the \ref mainpage_examples
- * "Examples section".
- *
- * @section mainpage_modules Modules
- *
- * mbed TLS supports SSLv3 up to TLSv1.2 communication by providing the
- * following:
- * - TCP/IP communication functions: listen, connect, accept, read/write.
- * - SSL/TLS communication functions: init, handshake, read/write.
- * - X.509 functions: CRT, CRL and key handling
- * - Random number generation
- * - Hashing
- * - Encryption/decryption
- *
- * Above functions are split up neatly into logical interfaces. These can be
- * used separately to provide any of the above functions or to mix-and-match
- * into an SSL server/client solution that utilises a X.509 PKI. Examples of
- * such implementations are amply provided with the source code.
- *
- * Note that mbed TLS does not provide a control channel or (multiple) session
- * handling without additional work from the developer.
- *
- * @section mainpage_examples Examples
- *
- * Example server setup:
- *
- * \b Prerequisites:
- * - X.509 certificate and private key
- * - session handling functions
- *
- * \b Setup:
- * - Load your certificate and your private RSA key (X.509 interface)
- * - Setup the listening TCP socket (TCP/IP interface)
- * - Accept incoming client connection (TCP/IP interface)
- * - Initialise as an SSL-server (SSL/TLS interface)
- *   - Set parameters, e.g. authentication, ciphers, CA-chain, key exchange
- *   - Set callback functions RNG, IO, session handling
- * - Perform an SSL-handshake (SSL/TLS interface)
- * - Read/write data (SSL/TLS interface)
- * - Close and cleanup (all interfaces)
- *
- * Example client setup:
- *
- * \b Prerequisites:
- * - X.509 certificate and private key
- * - X.509 trusted CA certificates
- *
- * \b Setup:
- * - Load the trusted CA certificates (X.509 interface)
- * - Load your certificate and your private RSA key (X.509 interface)
- * - Setup a TCP/IP connection (TCP/IP interface)
- * - Initialise as an SSL-client (SSL/TLS interface)
- *   - Set parameters, e.g. authentication mode, ciphers, CA-chain, session
- *   - Set callback functions RNG, IO
- * - Perform an SSL-handshake (SSL/TLS interface)
- * - Verify the server certificate (SSL/TLS interface)
- * - Write/read data (SSL/TLS interface)
- * - Close and cleanup (all interfaces)
- */
diff --git a/3rdparty/mbedtls-2.25.0/doxygen/input/doc_rng.h b/3rdparty/mbedtls-2.25.0/doxygen/input/doc_rng.h
deleted file mode 100644
index b298d3b..0000000
--- a/3rdparty/mbedtls-2.25.0/doxygen/input/doc_rng.h
+++ /dev/null
@@ -1,44 +0,0 @@
-/**
- * \file doc_rng.h
- *
- * \brief Random number generator (RNG) module documentation file.
- */
-/*
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/**
- * @addtogroup rng_module Random number generator (RNG) module
- *
- * The Random number generator (RNG) module provides random number
- * generation, see \c mbedtls_ctr_drbg_random().
- *
- * The block-cipher counter-mode based deterministic random
- * bit generator (CTR_DBRG) as specified in NIST SP800-90. It needs an external
- * source of entropy. For these purposes \c mbedtls_entropy_func() can be used.
- * This is an implementation based on a simple entropy accumulator design.
- *
- * The other number generator that is included is less strong and uses the
- * HAVEGE (HArdware Volatile Entropy Gathering and Expansion) software heuristic
- * which considered unsafe for primary usage, but provides additional random
- * to the entropy pool if enables.
- *
- * Meaning that there seems to be no practical algorithm that can guess
- * the next bit with a probability larger than 1/2 in an output sequence.
- *
- * This module can be used to generate random numbers.
- */
diff --git a/3rdparty/mbedtls-2.25.0/doxygen/input/doc_ssltls.h b/3rdparty/mbedtls-2.25.0/doxygen/input/doc_ssltls.h
deleted file mode 100644
index 6961124..0000000
--- a/3rdparty/mbedtls-2.25.0/doxygen/input/doc_ssltls.h
+++ /dev/null
@@ -1,49 +0,0 @@
-/**
- * \file doc_ssltls.h
- *
- * \brief SSL/TLS communication module documentation file.
- */
-/*
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/**
- * @addtogroup ssltls_communication_module SSL/TLS communication module
- *
- * The SSL/TLS communication module provides the means to create an SSL/TLS
- * communication channel.
- *
- * The basic provisions are:
- * - initialise an SSL/TLS context (see \c mbedtls_ssl_init()).
- * - perform an SSL/TLS handshake (see \c mbedtls_ssl_handshake()).
- * - read/write (see \c mbedtls_ssl_read() and \c mbedtls_ssl_write()).
- * - notify a peer that connection is being closed (see \c mbedtls_ssl_close_notify()).
- *
- * Many aspects of such a channel are set through parameters and callback
- * functions:
- * - the endpoint role: client or server.
- * - the authentication mode. Should verification take place.
- * - the Host-to-host communication channel. A TCP/IP module is provided.
- * - the random number generator (RNG).
- * - the ciphers to use for encryption/decryption.
- * - session control functions.
- * - X.509 parameters for certificate-handling and key exchange.
- *
- * This module can be used to create an SSL/TLS server and client and to provide a basic
- * framework to setup and communicate through an SSL/TLS communication channel.\n
- * Note that you need to provide for several aspects yourself as mentioned above.
- */
diff --git a/3rdparty/mbedtls-2.25.0/doxygen/input/doc_tcpip.h b/3rdparty/mbedtls-2.25.0/doxygen/input/doc_tcpip.h
deleted file mode 100644
index a705de1..0000000
--- a/3rdparty/mbedtls-2.25.0/doxygen/input/doc_tcpip.h
+++ /dev/null
@@ -1,44 +0,0 @@
-/**
- * \file doc_tcpip.h
- *
- * \brief TCP/IP communication module documentation file.
- */
-/*
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/**
- * @addtogroup tcpip_communication_module TCP/IP communication module
- *
- * The TCP/IP communication module provides for a channel of
- * communication for the \link ssltls_communication_module SSL/TLS communication
- * module\endlink to use.
- * In the TCP/IP-model it provides for communication up to the Transport
- * (or Host-to-host) layer.
- * SSL/TLS resides on top of that, in the Application layer, and makes use of
- * its basic provisions:
- * - listening on a port (see \c mbedtls_net_bind()).
- * - accepting a connection (through \c mbedtls_net_accept()).
- * - read/write (through \c mbedtls_net_recv()/\c mbedtls_net_send()).
- * - close a connection (through \c mbedtls_net_close()).
- *
- * This way you have the means to, for example, implement and use an UDP or
- * IPSec communication solution as a basis.
- *
- * This module can be used at server- and clientside to provide a basic
- * means of communication over the internet.
- */
diff --git a/3rdparty/mbedtls-2.25.0/doxygen/input/doc_x509.h b/3rdparty/mbedtls-2.25.0/doxygen/input/doc_x509.h
deleted file mode 100644
index 9049675..0000000
--- a/3rdparty/mbedtls-2.25.0/doxygen/input/doc_x509.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/**
- * \file doc_x509.h
- *
- * \brief X.509 module documentation file.
- */
-/*
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/**
- * @addtogroup x509_module X.509 module
- *
- * The X.509 module provides X.509 support for reading, writing and verification
- * of certificates.
- * In summary:
- *   - X.509 certificate (CRT) reading (see \c mbedtls_x509_crt_parse(),
- *     \c mbedtls_x509_crt_parse_der(), \c mbedtls_x509_crt_parse_file()).
- *   - X.509 certificate revocation list (CRL) reading (see
- *     \c mbedtls_x509_crl_parse(), \c mbedtls_x509_crl_parse_der(),
- *     and \c mbedtls_x509_crl_parse_file()).
- *   - X.509 certificate signature verification (see \c
- *     mbedtls_x509_crt_verify() and \c mbedtls_x509_crt_verify_with_profile().
- *   - X.509 certificate writing and certificate request writing (see
- *     \c mbedtls_x509write_crt_der() and \c mbedtls_x509write_csr_der()).
- *
- * This module can be used to build a certificate authority (CA) chain and
- * verify its signature. It is also used to generate Certificate Signing
- * Requests and X.509 certificates just as a CA would do.
- */
diff --git a/3rdparty/mbedtls-2.25.0/doxygen/mbedtls.doxyfile b/3rdparty/mbedtls-2.25.0/doxygen/mbedtls.doxyfile
deleted file mode 100644
index dd4237a..0000000
--- a/3rdparty/mbedtls-2.25.0/doxygen/mbedtls.doxyfile
+++ /dev/null
@@ -1,1911 +0,0 @@
-# Doxyfile 1.8.4
-
-# This file describes the settings to be used by the documentation system
-# doxygen (www.doxygen.org) for a project.
-#
-# All text after a double hash (##) is considered a comment and is placed
-# in front of the TAG it is preceding .
-# All text after a hash (#) is considered a comment and will be ignored.
-# The format is:
-#       TAG = value [value, ...]
-# For lists items can also be appended using:
-#       TAG += value [value, ...]
-# Values that contain spaces should be placed between quotes (" ").
-
-#---------------------------------------------------------------------------
-# Project related configuration options
-#---------------------------------------------------------------------------
-
-# This tag specifies the encoding used for all characters in the config file
-# that follow. The default is UTF-8 which is also the encoding used for all
-# text before the first occurrence of this tag. Doxygen uses libiconv (or the
-# iconv built into libc) for the transcoding. See
-# http://www.gnu.org/software/libiconv for the list of possible encodings.
-
-DOXYFILE_ENCODING      = UTF-8
-
-# The PROJECT_NAME tag is a single word (or sequence of words) that should
-# identify the project. Note that if you do not use Doxywizard you need
-# to put quotes around the project name if it contains spaces.
-
-PROJECT_NAME           = "mbed TLS v2.25.0"
-
-# The PROJECT_NUMBER tag can be used to enter a project or revision number.
-# This could be handy for archiving the generated documentation or
-# if some version control system is used.
-
-PROJECT_NUMBER         =
-
-# Using the PROJECT_BRIEF tag one can provide an optional one line description
-# for a project that appears at the top of each page and should give viewer
-# a quick idea about the purpose of the project. Keep the description short.
-
-PROJECT_BRIEF          =
-
-# With the PROJECT_LOGO tag one can specify an logo or icon that is
-# included in the documentation. The maximum height of the logo should not
-# exceed 55 pixels and the maximum width should not exceed 200 pixels.
-# Doxygen will copy the logo to the output directory.
-
-PROJECT_LOGO           =
-
-# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
-# base path where the generated documentation will be put.
-# If a relative path is entered, it will be relative to the location
-# where doxygen was started. If left blank the current directory will be used.
-
-OUTPUT_DIRECTORY       = ../apidoc/
-
-# If the CREATE_SUBDIRS tag is set to YES, then doxygen will create
-# 4096 sub-directories (in 2 levels) under the output directory of each output
-# format and will distribute the generated files over these directories.
-# Enabling this option can be useful when feeding doxygen a huge amount of
-# source files, where putting all generated files in the same directory would
-# otherwise cause performance problems for the file system.
-
-CREATE_SUBDIRS         = NO
-
-# The OUTPUT_LANGUAGE tag is used to specify the language in which all
-# documentation generated by doxygen is written. Doxygen will use this
-# information to generate all constant output in the proper language.
-# The default language is English, other supported languages are:
-# Afrikaans, Arabic, Brazilian, Catalan, Chinese, Chinese-Traditional,
-# Croatian, Czech, Danish, Dutch, Esperanto, Farsi, Finnish, French, German,
-# Greek, Hungarian, Italian, Japanese, Japanese-en (Japanese with English
-# messages), Korean, Korean-en, Latvian, Lithuanian, Norwegian, Macedonian,
-# Persian, Polish, Portuguese, Romanian, Russian, Serbian, Serbian-Cyrillic,
-# Slovak, Slovene, Spanish, Swedish, Ukrainian, and Vietnamese.
-
-OUTPUT_LANGUAGE        = English
-
-# If the BRIEF_MEMBER_DESC tag is set to YES (the default) Doxygen will
-# include brief member descriptions after the members that are listed in
-# the file and class documentation (similar to JavaDoc).
-# Set to NO to disable this.
-
-BRIEF_MEMBER_DESC      = YES
-
-# If the REPEAT_BRIEF tag is set to YES (the default) Doxygen will prepend
-# the brief description of a member or function before the detailed description.
-# Note: if both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the
-# brief descriptions will be completely suppressed.
-
-REPEAT_BRIEF           = YES
-
-# This tag implements a quasi-intelligent brief description abbreviator
-# that is used to form the text in various listings. Each string
-# in this list, if found as the leading text of the brief description, will be
-# stripped from the text and the result after processing the whole list, is
-# used as the annotated text. Otherwise, the brief description is used as-is.
-# If left blank, the following values are used ("$name" is automatically
-# replaced with the name of the entity): "The $name class" "The $name widget"
-# "The $name file" "is" "provides" "specifies" "contains"
-# "represents" "a" "an" "the"
-
-ABBREVIATE_BRIEF       = "The $name class" \
-                         "The $name widget" \
-                         "The $name file" \
-                         is \
-                         provides \
-                         specifies \
-                         contains \
-                         represents \
-                         a \
-                         an \
-                         the
-
-# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then
-# Doxygen will generate a detailed section even if there is only a brief
-# description.
-
-ALWAYS_DETAILED_SEC    = NO
-
-# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all
-# inherited members of a class in the documentation of that class as if those
-# members were ordinary class members. Constructors, destructors and assignment
-# operators of the base classes will not be shown.
-
-INLINE_INHERITED_MEMB  = NO
-
-# If the FULL_PATH_NAMES tag is set to YES then Doxygen will prepend the full
-# path before files name in the file list and in the header files. If set
-# to NO the shortest path that makes the file name unique will be used.
-
-FULL_PATH_NAMES        = NO
-
-# If the FULL_PATH_NAMES tag is set to YES then the STRIP_FROM_PATH tag
-# can be used to strip a user-defined part of the path. Stripping is
-# only done if one of the specified strings matches the left-hand part of
-# the path. The tag can be used to show relative paths in the file list.
-# If left blank the directory from which doxygen is run is used as the
-# path to strip. Note that you specify absolute paths here, but also
-# relative paths, which will be relative from the directory where doxygen is
-# started.
-
-STRIP_FROM_PATH        =
-
-# The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of
-# the path mentioned in the documentation of a class, which tells
-# the reader which header file to include in order to use a class.
-# If left blank only the name of the header file containing the class
-# definition is used. Otherwise one should specify the include paths that
-# are normally passed to the compiler using the -I flag.
-
-STRIP_FROM_INC_PATH    =
-
-# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter
-# (but less readable) file names. This can be useful if your file system
-# doesn't support long names like on DOS, Mac, or CD-ROM.
-
-SHORT_NAMES            = NO
-
-# If the JAVADOC_AUTOBRIEF tag is set to YES then Doxygen
-# will interpret the first line (until the first dot) of a JavaDoc-style
-# comment as the brief description. If set to NO, the JavaDoc
-# comments will behave just like regular Qt-style comments
-# (thus requiring an explicit @brief command for a brief description.)
-
-JAVADOC_AUTOBRIEF      = NO
-
-# If the QT_AUTOBRIEF tag is set to YES then Doxygen will
-# interpret the first line (until the first dot) of a Qt-style
-# comment as the brief description. If set to NO, the comments
-# will behave just like regular Qt-style comments (thus requiring
-# an explicit \brief command for a brief description.)
-
-QT_AUTOBRIEF           = NO
-
-# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make Doxygen
-# treat a multi-line C++ special comment block (i.e. a block of //! or ///
-# comments) as a brief description. This used to be the default behaviour.
-# The new default is to treat a multi-line C++ comment block as a detailed
-# description. Set this tag to YES if you prefer the old behaviour instead.
-
-MULTILINE_CPP_IS_BRIEF = NO
-
-# If the INHERIT_DOCS tag is set to YES (the default) then an undocumented
-# member inherits the documentation from any documented member that it
-# re-implements.
-
-INHERIT_DOCS           = YES
-
-# If the SEPARATE_MEMBER_PAGES tag is set to YES, then doxygen will produce
-# a new page for each member. If set to NO, the documentation of a member will
-# be part of the file/class/namespace that contains it.
-
-SEPARATE_MEMBER_PAGES  = NO
-
-# The TAB_SIZE tag can be used to set the number of spaces in a tab.
-# Doxygen uses this value to replace tabs by spaces in code fragments.
-
-TAB_SIZE               = 8
-
-# This tag can be used to specify a number of aliases that acts
-# as commands in the documentation. An alias has the form "name=value".
-# For example adding "sideeffect=\par Side Effects:\n" will allow you to
-# put the command \sideeffect (or @sideeffect) in the documentation, which
-# will result in a user-defined paragraph with heading "Side Effects:".
-# You can put \n's in the value part of an alias to insert newlines.
-
-ALIASES                =
-
-# This tag can be used to specify a number of word-keyword mappings (TCL only).
-# A mapping has the form "name=value". For example adding
-# "class=itcl::class" will allow you to use the command class in the
-# itcl::class meaning.
-
-TCL_SUBST              =
-
-# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C
-# sources only. Doxygen will then generate output that is more tailored for C.
-# For instance, some of the names that are used will be different. The list
-# of all members will be omitted, etc.
-
-OPTIMIZE_OUTPUT_FOR_C  = YES
-
-# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java
-# sources only. Doxygen will then generate output that is more tailored for
-# Java. For instance, namespaces will be presented as packages, qualified
-# scopes will look different, etc.
-
-OPTIMIZE_OUTPUT_JAVA   = NO
-
-# Set the OPTIMIZE_FOR_FORTRAN tag to YES if your project consists of Fortran
-# sources only. Doxygen will then generate output that is more tailored for
-# Fortran.
-
-OPTIMIZE_FOR_FORTRAN   = NO
-
-# Set the OPTIMIZE_OUTPUT_VHDL tag to YES if your project consists of VHDL
-# sources. Doxygen will then generate output that is tailored for
-# VHDL.
-
-OPTIMIZE_OUTPUT_VHDL   = NO
-
-# Doxygen selects the parser to use depending on the extension of the files it
-# parses. With this tag you can assign which parser to use for a given
-# extension. Doxygen has a built-in mapping, but you can override or extend it
-# using this tag. The format is ext=language, where ext is a file extension,
-# and language is one of the parsers supported by doxygen: IDL, Java,
-# Javascript, CSharp, C, C++, D, PHP, Objective-C, Python, Fortran, VHDL, C,
-# C++. For instance to make doxygen treat .inc files as Fortran files (default
-# is PHP), and .f files as C (default is Fortran), use: inc=Fortran f=C. Note
-# that for custom extensions you also need to set FILE_PATTERNS otherwise the
-# files are not read by doxygen.
-
-EXTENSION_MAPPING      =
-
-# If MARKDOWN_SUPPORT is enabled (the default) then doxygen pre-processes all
-# comments according to the Markdown format, which allows for more readable
-# documentation. See http://daringfireball.net/projects/markdown/ for details.
-# The output of markdown processing is further processed by doxygen, so you
-# can mix doxygen, HTML, and XML commands with Markdown formatting.
-# Disable only in case of backward compatibilities issues.
-
-MARKDOWN_SUPPORT       = YES
-
-# When enabled doxygen tries to link words that correspond to documented
-# classes, or namespaces to their corresponding documentation. Such a link can
-# be prevented in individual cases by by putting a % sign in front of the word
-# or globally by setting AUTOLINK_SUPPORT to NO.
-
-AUTOLINK_SUPPORT       = YES
-
-# If you use STL classes (i.e. std::string, std::vector, etc.) but do not want
-# to include (a tag file for) the STL sources as input, then you should
-# set this tag to YES in order to let doxygen match functions declarations and
-# definitions whose arguments contain STL classes (e.g. func(std::string); v.s.
-# func(std::string) {}). This also makes the inheritance and collaboration
-# diagrams that involve STL classes more complete and accurate.
-
-BUILTIN_STL_SUPPORT    = NO
-
-# If you use Microsoft's C++/CLI language, you should set this option to YES to
-# enable parsing support.
-
-CPP_CLI_SUPPORT        = NO
-
-# Set the SIP_SUPPORT tag to YES if your project consists of sip sources only.
-# Doxygen will parse them like normal C++ but will assume all classes use public
-# instead of private inheritance when no explicit protection keyword is present.
-
-SIP_SUPPORT            = NO
-
-# For Microsoft's IDL there are propget and propput attributes to indicate
-# getter and setter methods for a property. Setting this option to YES (the
-# default) will make doxygen replace the get and set methods by a property in
-# the documentation. This will only work if the methods are indeed getting or
-# setting a simple type. If this is not the case, or you want to show the
-# methods anyway, you should set this option to NO.
-
-IDL_PROPERTY_SUPPORT   = YES
-
-# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC
-# tag is set to YES, then doxygen will reuse the documentation of the first
-# member in the group (if any) for the other members of the group. By default
-# all members of a group must be documented explicitly.
-
-DISTRIBUTE_GROUP_DOC   = NO
-
-# Set the SUBGROUPING tag to YES (the default) to allow class member groups of
-# the same type (for instance a group of public functions) to be put as a
-# subgroup of that type (e.g. under the Public Functions section). Set it to
-# NO to prevent subgrouping. Alternatively, this can be done per class using
-# the \nosubgrouping command.
-
-SUBGROUPING            = YES
-
-# When the INLINE_GROUPED_CLASSES tag is set to YES, classes, structs and
-# unions are shown inside the group in which they are included (e.g. using
-# @ingroup) instead of on a separate page (for HTML and Man pages) or
-# section (for LaTeX and RTF).
-
-INLINE_GROUPED_CLASSES = NO
-
-# When the INLINE_SIMPLE_STRUCTS tag is set to YES, structs, classes, and
-# unions with only public data fields or simple typedef fields will be shown
-# inline in the documentation of the scope in which they are defined (i.e. file,
-# namespace, or group documentation), provided this scope is documented. If set
-# to NO (the default), structs, classes, and unions are shown on a separate
-# page (for HTML and Man pages) or section (for LaTeX and RTF).
-
-INLINE_SIMPLE_STRUCTS  = NO
-
-# When TYPEDEF_HIDES_STRUCT is enabled, a typedef of a struct, union, or enum
-# is documented as struct, union, or enum with the name of the typedef. So
-# typedef struct TypeS {} TypeT, will appear in the documentation as a struct
-# with name TypeT. When disabled the typedef will appear as a member of a file,
-# namespace, or class. And the struct will be named TypeS. This can typically
-# be useful for C code in case the coding convention dictates that all compound
-# types are typedef'ed and only the typedef is referenced, never the tag name.
-
-TYPEDEF_HIDES_STRUCT   = NO
-
-# The size of the symbol lookup cache can be set using LOOKUP_CACHE_SIZE. This
-# cache is used to resolve symbols given their name and scope. Since this can
-# be an expensive process and often the same symbol appear multiple times in
-# the code, doxygen keeps a cache of pre-resolved symbols. If the cache is too
-# small doxygen will become slower. If the cache is too large, memory is wasted.
-# The cache size is given by this formula: 2^(16+LOOKUP_CACHE_SIZE). The valid
-# range is 0..9, the default is 0, corresponding to a cache size of 2^16 = 65536
-# symbols.
-
-LOOKUP_CACHE_SIZE      = 0
-
-#---------------------------------------------------------------------------
-# Build related configuration options
-#---------------------------------------------------------------------------
-
-# If the EXTRACT_ALL tag is set to YES doxygen will assume all entities in
-# documentation are documented, even if no documentation was available.
-# Private class members and static file members will be hidden unless
-# the EXTRACT_PRIVATE respectively EXTRACT_STATIC tags are set to YES
-
-EXTRACT_ALL            = YES
-
-# If the EXTRACT_PRIVATE tag is set to YES all private members of a class
-# will be included in the documentation.
-
-EXTRACT_PRIVATE        = YES
-
-# If the EXTRACT_PACKAGE tag is set to YES all members with package or internal
-# scope will be included in the documentation.
-
-EXTRACT_PACKAGE        = NO
-
-# If the EXTRACT_STATIC tag is set to YES all static members of a file
-# will be included in the documentation.
-
-EXTRACT_STATIC         = YES
-
-# If the EXTRACT_LOCAL_CLASSES tag is set to YES classes (and structs)
-# defined locally in source files will be included in the documentation.
-# If set to NO only classes defined in header files are included.
-
-EXTRACT_LOCAL_CLASSES  = YES
-
-# This flag is only useful for Objective-C code. When set to YES local
-# methods, which are defined in the implementation section but not in
-# the interface are included in the documentation.
-# If set to NO (the default) only methods in the interface are included.
-
-EXTRACT_LOCAL_METHODS  = YES
-
-# If this flag is set to YES, the members of anonymous namespaces will be
-# extracted and appear in the documentation as a namespace called
-# 'anonymous_namespace{file}', where file will be replaced with the base
-# name of the file that contains the anonymous namespace. By default
-# anonymous namespaces are hidden.
-
-EXTRACT_ANON_NSPACES   = YES
-
-# If the HIDE_UNDOC_MEMBERS tag is set to YES, Doxygen will hide all
-# undocumented members of documented classes, files or namespaces.
-# If set to NO (the default) these members will be included in the
-# various overviews, but no documentation section is generated.
-# This option has no effect if EXTRACT_ALL is enabled.
-
-HIDE_UNDOC_MEMBERS     = NO
-
-# If the HIDE_UNDOC_CLASSES tag is set to YES, Doxygen will hide all
-# undocumented classes that are normally visible in the class hierarchy.
-# If set to NO (the default) these classes will be included in the various
-# overviews. This option has no effect if EXTRACT_ALL is enabled.
-
-HIDE_UNDOC_CLASSES     = NO
-
-# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, Doxygen will hide all
-# friend (class|struct|union) declarations.
-# If set to NO (the default) these declarations will be included in the
-# documentation.
-
-HIDE_FRIEND_COMPOUNDS  = NO
-
-# If the HIDE_IN_BODY_DOCS tag is set to YES, Doxygen will hide any
-# documentation blocks found inside the body of a function.
-# If set to NO (the default) these blocks will be appended to the
-# function's detailed documentation block.
-
-HIDE_IN_BODY_DOCS      = NO
-
-# The INTERNAL_DOCS tag determines if documentation
-# that is typed after a \internal command is included. If the tag is set
-# to NO (the default) then the documentation will be excluded.
-# Set it to YES to include the internal documentation.
-
-INTERNAL_DOCS          = NO
-
-# If the CASE_SENSE_NAMES tag is set to NO then Doxygen will only generate
-# file names in lower-case letters. If set to YES upper-case letters are also
-# allowed. This is useful if you have classes or files whose names only differ
-# in case and if your file system supports case sensitive file names. Windows
-# and Mac users are advised to set this option to NO.
-
-CASE_SENSE_NAMES       = NO
-
-# If the HIDE_SCOPE_NAMES tag is set to NO (the default) then Doxygen
-# will show members with their full class and namespace scopes in the
-# documentation. If set to YES the scope will be hidden.
-
-HIDE_SCOPE_NAMES       = NO
-
-# If the SHOW_INCLUDE_FILES tag is set to YES (the default) then Doxygen
-# will put a list of the files that are included by a file in the documentation
-# of that file.
-
-SHOW_INCLUDE_FILES     = YES
-
-# If the FORCE_LOCAL_INCLUDES tag is set to YES then Doxygen
-# will list include files with double quotes in the documentation
-# rather than with sharp brackets.
-
-FORCE_LOCAL_INCLUDES   = NO
-
-# If the INLINE_INFO tag is set to YES (the default) then a tag [inline]
-# is inserted in the documentation for inline members.
-
-INLINE_INFO            = YES
-
-# If the SORT_MEMBER_DOCS tag is set to YES (the default) then doxygen
-# will sort the (detailed) documentation of file and class members
-# alphabetically by member name. If set to NO the members will appear in
-# declaration order.
-
-SORT_MEMBER_DOCS       = YES
-
-# If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the
-# brief documentation of file, namespace and class members alphabetically
-# by member name. If set to NO (the default) the members will appear in
-# declaration order.
-
-SORT_BRIEF_DOCS        = NO
-
-# If the SORT_MEMBERS_CTORS_1ST tag is set to YES then doxygen
-# will sort the (brief and detailed) documentation of class members so that
-# constructors and destructors are listed first. If set to NO (the default)
-# the constructors will appear in the respective orders defined by
-# SORT_MEMBER_DOCS and SORT_BRIEF_DOCS.
-# This tag will be ignored for brief docs if SORT_BRIEF_DOCS is set to NO
-# and ignored for detailed docs if SORT_MEMBER_DOCS is set to NO.
-
-SORT_MEMBERS_CTORS_1ST = NO
-
-# If the SORT_GROUP_NAMES tag is set to YES then doxygen will sort the
-# hierarchy of group names into alphabetical order. If set to NO (the default)
-# the group names will appear in their defined order.
-
-SORT_GROUP_NAMES       = NO
-
-# If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be
-# sorted by fully-qualified names, including namespaces. If set to
-# NO (the default), the class list will be sorted only by class name,
-# not including the namespace part.
-# Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES.
-# Note: This option applies only to the class list, not to the
-# alphabetical list.
-
-SORT_BY_SCOPE_NAME     = NO
-
-# If the STRICT_PROTO_MATCHING option is enabled and doxygen fails to
-# do proper type resolution of all parameters of a function it will reject a
-# match between the prototype and the implementation of a member function even
-# if there is only one candidate or it is obvious which candidate to choose
-# by doing a simple string match. By disabling STRICT_PROTO_MATCHING doxygen
-# will still accept a match between prototype and implementation in such cases.
-
-STRICT_PROTO_MATCHING  = NO
-
-# The GENERATE_TODOLIST tag can be used to enable (YES) or
-# disable (NO) the todo list. This list is created by putting \todo
-# commands in the documentation.
-
-GENERATE_TODOLIST      = YES
-
-# The GENERATE_TESTLIST tag can be used to enable (YES) or
-# disable (NO) the test list. This list is created by putting \test
-# commands in the documentation.
-
-GENERATE_TESTLIST      = YES
-
-# The GENERATE_BUGLIST tag can be used to enable (YES) or
-# disable (NO) the bug list. This list is created by putting \bug
-# commands in the documentation.
-
-GENERATE_BUGLIST       = YES
-
-# The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or
-# disable (NO) the deprecated list. This list is created by putting
-# \deprecated commands in the documentation.
-
-GENERATE_DEPRECATEDLIST= YES
-
-# The ENABLED_SECTIONS tag can be used to enable conditional
-# documentation sections, marked by \if section-label ... \endif
-# and \cond section-label ... \endcond blocks.
-
-ENABLED_SECTIONS       =
-
-# The MAX_INITIALIZER_LINES tag determines the maximum number of lines
-# the initial value of a variable or macro consists of for it to appear in
-# the documentation. If the initializer consists of more lines than specified
-# here it will be hidden. Use a value of 0 to hide initializers completely.
-# The appearance of the initializer of individual variables and macros in the
-# documentation can be controlled using \showinitializer or \hideinitializer
-# command in the documentation regardless of this setting.
-
-MAX_INITIALIZER_LINES  = 30
-
-# Set the SHOW_USED_FILES tag to NO to disable the list of files generated
-# at the bottom of the documentation of classes and structs. If set to YES the
-# list will mention the files that were used to generate the documentation.
-
-SHOW_USED_FILES        = YES
-
-# Set the SHOW_FILES tag to NO to disable the generation of the Files page.
-# This will remove the Files entry from the Quick Index and from the
-# Folder Tree View (if specified). The default is YES.
-
-SHOW_FILES             = YES
-
-# Set the SHOW_NAMESPACES tag to NO to disable the generation of the
-# Namespaces page.
-# This will remove the Namespaces entry from the Quick Index
-# and from the Folder Tree View (if specified). The default is YES.
-
-SHOW_NAMESPACES        = YES
-
-# The FILE_VERSION_FILTER tag can be used to specify a program or script that
-# doxygen should invoke to get the current version for each file (typically from
-# the version control system). Doxygen will invoke the program by executing (via
-# popen()) the command <command> <input-file>, where <command> is the value of
-# the FILE_VERSION_FILTER tag, and <input-file> is the name of an input file
-# provided by doxygen. Whatever the program writes to standard output
-# is used as the file version. See the manual for examples.
-
-FILE_VERSION_FILTER    =
-
-# The LAYOUT_FILE tag can be used to specify a layout file which will be parsed
-# by doxygen. The layout file controls the global structure of the generated
-# output files in an output format independent way. To create the layout file
-# that represents doxygen's defaults, run doxygen with the -l option.
-# You can optionally specify a file name after the option, if omitted
-# DoxygenLayout.xml will be used as the name of the layout file.
-
-LAYOUT_FILE            =
-
-# The CITE_BIB_FILES tag can be used to specify one or more bib files
-# containing the references data. This must be a list of .bib files. The
-# .bib extension is automatically appended if omitted. Using this command
-# requires the bibtex tool to be installed. See also
-# http://en.wikipedia.org/wiki/BibTeX for more info. For LaTeX the style
-# of the bibliography can be controlled using LATEX_BIB_STYLE. To use this
-# feature you need bibtex and perl available in the search path. Do not use
-# file names with spaces, bibtex cannot handle them.
-
-CITE_BIB_FILES         =
-
-#---------------------------------------------------------------------------
-# configuration options related to warning and progress messages
-#---------------------------------------------------------------------------
-
-# The QUIET tag can be used to turn on/off the messages that are generated
-# by doxygen. Possible values are YES and NO. If left blank NO is used.
-
-QUIET                  = NO
-
-# The WARNINGS tag can be used to turn on/off the warning messages that are
-# generated by doxygen. Possible values are YES and NO. If left blank
-# NO is used.
-
-WARNINGS               = YES
-
-# If WARN_IF_UNDOCUMENTED is set to YES, then doxygen will generate warnings
-# for undocumented members. If EXTRACT_ALL is set to YES then this flag will
-# automatically be disabled.
-
-WARN_IF_UNDOCUMENTED   = YES
-
-# If WARN_IF_DOC_ERROR is set to YES, doxygen will generate warnings for
-# potential errors in the documentation, such as not documenting some
-# parameters in a documented function, or documenting parameters that
-# don't exist or using markup commands wrongly.
-
-WARN_IF_DOC_ERROR      = YES
-
-# The WARN_NO_PARAMDOC option can be enabled to get warnings for
-# functions that are documented, but have no documentation for their parameters
-# or return value. If set to NO (the default) doxygen will only warn about
-# wrong or incomplete parameter documentation, but not about the absence of
-# documentation.
-
-WARN_NO_PARAMDOC       = NO
-
-# The WARN_FORMAT tag determines the format of the warning messages that
-# doxygen can produce. The string should contain the $file, $line, and $text
-# tags, which will be replaced by the file and line number from which the
-# warning originated and the warning text. Optionally the format may contain
-# $version, which will be replaced by the version of the file (if it could
-# be obtained via FILE_VERSION_FILTER)
-
-WARN_FORMAT            = "$file:$line: $text"
-
-# The WARN_LOGFILE tag can be used to specify a file to which warning
-# and error messages should be written. If left blank the output is written
-# to stderr.
-
-WARN_LOGFILE           =
-
-#---------------------------------------------------------------------------
-# configuration options related to the input files
-#---------------------------------------------------------------------------
-
-# The INPUT tag can be used to specify the files and/or directories that contain
-# documented source files. You may enter file names like "myfile.cpp" or
-# directories like "/usr/src/myproject". Separate the files or directories
-# with spaces.
-
-INPUT                  = ../include input
-
-# This tag can be used to specify the character encoding of the source files
-# that doxygen parses. Internally doxygen uses the UTF-8 encoding, which is
-# also the default input encoding. Doxygen uses libiconv (or the iconv built
-# into libc) for the transcoding. See http://www.gnu.org/software/libiconv for
-# the list of possible encodings.
-
-INPUT_ENCODING         = UTF-8
-
-# If the value of the INPUT tag contains directories, you can use the
-# FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
-# and *.h) to filter out the source-files in the directories. If left
-# blank the following patterns are tested:
-# *.c *.cc *.cxx *.cpp *.c++ *.d *.java *.ii *.ixx *.ipp *.i++ *.inl *.h *.hh
-# *.hxx *.hpp *.h++ *.idl *.odl *.cs *.php *.php3 *.inc *.m *.mm *.dox *.py
-# *.f90 *.f *.for *.vhd *.vhdl
-
-FILE_PATTERNS          = *.h
-
-# The RECURSIVE tag can be used to turn specify whether or not subdirectories
-# should be searched for input files as well. Possible values are YES and NO.
-# If left blank NO is used.
-
-RECURSIVE              = YES
-
-# The EXCLUDE tag can be used to specify files and/or directories that should be
-# excluded from the INPUT source files. This way you can easily exclude a
-# subdirectory from a directory tree whose root is specified with the INPUT tag.
-# Note that relative paths are relative to the directory from which doxygen is
-# run.
-
-EXCLUDE                =
-
-# The EXCLUDE_SYMLINKS tag can be used to select whether or not files or
-# directories that are symbolic links (a Unix file system feature) are excluded
-# from the input.
-
-EXCLUDE_SYMLINKS       = YES
-
-# If the value of the INPUT tag contains directories, you can use the
-# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude
-# certain files from those directories. Note that the wildcards are matched
-# against the file with absolute path, so to exclude all test directories
-# for example use the pattern */test/*
-
-EXCLUDE_PATTERNS       = *_internal.h *_wrap.h
-
-# The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names
-# (namespaces, classes, functions, etc.) that should be excluded from the
-# output. The symbol name can be a fully qualified name, a word, or if the
-# wildcard * is used, a substring. Examples: ANamespace, AClass,
-# AClass::ANamespace, ANamespace::*Test
-
-EXCLUDE_SYMBOLS        =
-
-# The EXAMPLE_PATH tag can be used to specify one or more files or
-# directories that contain example code fragments that are included (see
-# the \include command).
-
-EXAMPLE_PATH           =
-
-# If the value of the EXAMPLE_PATH tag contains directories, you can use the
-# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
-# and *.h) to filter out the source-files in the directories. If left
-# blank all files are included.
-
-EXAMPLE_PATTERNS       = *
-
-# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be
-# searched for input files to be used with the \include or \dontinclude
-# commands irrespective of the value of the RECURSIVE tag.
-# Possible values are YES and NO. If left blank NO is used.
-
-EXAMPLE_RECURSIVE      = NO
-
-# The IMAGE_PATH tag can be used to specify one or more files or
-# directories that contain image that are included in the documentation (see
-# the \image command).
-
-IMAGE_PATH             =
-
-# The INPUT_FILTER tag can be used to specify a program that doxygen should
-# invoke to filter for each input file. Doxygen will invoke the filter program
-# by executing (via popen()) the command <filter> <input-file>, where <filter>
-# is the value of the INPUT_FILTER tag, and <input-file> is the name of an
-# input file. Doxygen will then use the output that the filter program writes
-# to standard output.
-# If FILTER_PATTERNS is specified, this tag will be ignored.
-# Note that the filter must not add or remove lines; it is applied before the
-# code is scanned, but not when the output code is generated. If lines are added
-# or removed, the anchors will not be placed correctly.
-
-INPUT_FILTER           =
-
-# The FILTER_PATTERNS tag can be used to specify filters on a per file pattern
-# basis.
-# Doxygen will compare the file name with each pattern and apply the
-# filter if there is a match.
-# The filters are a list of the form:
-# pattern=filter (like *.cpp=my_cpp_filter). See INPUT_FILTER for further
-# info on how filters are used. If FILTER_PATTERNS is empty or if
-# non of the patterns match the file name, INPUT_FILTER is applied.
-
-FILTER_PATTERNS        =
-
-# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using
-# INPUT_FILTER) will be used to filter the input files when producing source
-# files to browse (i.e. when SOURCE_BROWSER is set to YES).
-
-FILTER_SOURCE_FILES    = NO
-
-# The FILTER_SOURCE_PATTERNS tag can be used to specify source filters per file
-# pattern. A pattern will override the setting for FILTER_PATTERN (if any)
-# and it is also possible to disable source filtering for a specific pattern
-# using *.ext= (so without naming a filter). This option only has effect when
-# FILTER_SOURCE_FILES is enabled.
-
-FILTER_SOURCE_PATTERNS =
-
-# If the USE_MD_FILE_AS_MAINPAGE tag refers to the name of a markdown file that
-# is part of the input, its contents will be placed on the main page
-# (index.html). This can be useful if you have a project on for instance GitHub
-# and want reuse the introduction page also for the doxygen output.
-
-USE_MDFILE_AS_MAINPAGE =
-
-#---------------------------------------------------------------------------
-# configuration options related to source browsing
-#---------------------------------------------------------------------------
-
-# If the SOURCE_BROWSER tag is set to YES then a list of source files will
-# be generated. Documented entities will be cross-referenced with these sources.
-# Note: To get rid of all source code in the generated output, make sure also
-# VERBATIM_HEADERS is set to NO.
-
-SOURCE_BROWSER         = YES
-
-# Setting the INLINE_SOURCES tag to YES will include the body
-# of functions and classes directly in the documentation.
-
-INLINE_SOURCES         = NO
-
-# Setting the STRIP_CODE_COMMENTS tag to YES (the default) will instruct
-# doxygen to hide any special comment blocks from generated source code
-# fragments. Normal C, C++ and Fortran comments will always remain visible.
-
-STRIP_CODE_COMMENTS    = YES
-
-# If the REFERENCED_BY_RELATION tag is set to YES
-# then for each documented function all documented
-# functions referencing it will be listed.
-
-REFERENCED_BY_RELATION = YES
-
-# If the REFERENCES_RELATION tag is set to YES
-# then for each documented function all documented entities
-# called/used by that function will be listed.
-
-REFERENCES_RELATION    = YES
-
-# If the REFERENCES_LINK_SOURCE tag is set to YES (the default)
-# and SOURCE_BROWSER tag is set to YES, then the hyperlinks from
-# functions in REFERENCES_RELATION and REFERENCED_BY_RELATION lists will
-# link to the source code.
-# Otherwise they will link to the documentation.
-
-REFERENCES_LINK_SOURCE = YES
-
-# If the USE_HTAGS tag is set to YES then the references to source code
-# will point to the HTML generated by the htags(1) tool instead of doxygen
-# built-in source browser. The htags tool is part of GNU's global source
-# tagging system (see http://www.gnu.org/software/global/global.html). You
-# will need version 4.8.6 or higher.
-
-USE_HTAGS              = NO
-
-# If the VERBATIM_HEADERS tag is set to YES (the default) then Doxygen
-# will generate a verbatim copy of the header file for each class for
-# which an include is specified. Set to NO to disable this.
-
-VERBATIM_HEADERS       = YES
-
-#---------------------------------------------------------------------------
-# configuration options related to the alphabetical class index
-#---------------------------------------------------------------------------
-
-# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index
-# of all compounds will be generated. Enable this if the project
-# contains a lot of classes, structs, unions or interfaces.
-
-ALPHABETICAL_INDEX     = NO
-
-# If the alphabetical index is enabled (see ALPHABETICAL_INDEX) then
-# the COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns
-# in which this list will be split (can be a number in the range [1..20])
-
-COLS_IN_ALPHA_INDEX    = 5
-
-# In case all classes in a project start with a common prefix, all
-# classes will be put under the same header in the alphabetical index.
-# The IGNORE_PREFIX tag can be used to specify one or more prefixes that
-# should be ignored while generating the index headers.
-
-IGNORE_PREFIX          =
-
-#---------------------------------------------------------------------------
-# configuration options related to the HTML output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_HTML tag is set to YES (the default) Doxygen will
-# generate HTML output.
-
-GENERATE_HTML          = YES
-
-# The HTML_OUTPUT tag is used to specify where the HTML docs will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `html' will be used as the default path.
-
-HTML_OUTPUT            = .
-
-# The HTML_FILE_EXTENSION tag can be used to specify the file extension for
-# each generated HTML page (for example: .htm,.php,.asp). If it is left blank
-# doxygen will generate files with .html extension.
-
-HTML_FILE_EXTENSION    = .html
-
-# The HTML_HEADER tag can be used to specify a personal HTML header for
-# each generated HTML page. If it is left blank doxygen will generate a
-# standard header. Note that when using a custom header you are responsible
-#  for the proper inclusion of any scripts and style sheets that doxygen
-# needs, which is dependent on the configuration options used.
-# It is advised to generate a default header using "doxygen -w html
-# header.html footer.html stylesheet.css YourConfigFile" and then modify
-# that header. Note that the header is subject to change so you typically
-# have to redo this when upgrading to a newer version of doxygen or when
-# changing the value of configuration settings such as GENERATE_TREEVIEW!
-
-HTML_HEADER            =
-
-# The HTML_FOOTER tag can be used to specify a personal HTML footer for
-# each generated HTML page. If it is left blank doxygen will generate a
-# standard footer.
-
-HTML_FOOTER            =
-
-# The HTML_STYLESHEET tag can be used to specify a user-defined cascading
-# style sheet that is used by each HTML page. It can be used to
-# fine-tune the look of the HTML output. If left blank doxygen will
-# generate a default style sheet. Note that it is recommended to use
-# HTML_EXTRA_STYLESHEET instead of this one, as it is more robust and this
-# tag will in the future become obsolete.
-
-HTML_STYLESHEET        =
-
-# The HTML_EXTRA_STYLESHEET tag can be used to specify an additional
-# user-defined cascading style sheet that is included after the standard
-# style sheets created by doxygen. Using this option one can overrule
-# certain style aspects. This is preferred over using HTML_STYLESHEET
-# since it does not replace the standard style sheet and is therefor more
-# robust against future updates. Doxygen will copy the style sheet file to
-# the output directory.
-
-HTML_EXTRA_STYLESHEET  =
-
-# The HTML_EXTRA_FILES tag can be used to specify one or more extra images or
-# other source files which should be copied to the HTML output directory. Note
-# that these files will be copied to the base HTML output directory. Use the
-# $relpath^ marker in the HTML_HEADER and/or HTML_FOOTER files to load these
-# files. In the HTML_STYLESHEET file, use the file name only. Also note that
-# the files will be copied as-is; there are no commands or markers available.
-
-HTML_EXTRA_FILES       =
-
-# The HTML_COLORSTYLE_HUE tag controls the color of the HTML output.
-# Doxygen will adjust the colors in the style sheet and background images
-# according to this color. Hue is specified as an angle on a colorwheel,
-# see http://en.wikipedia.org/wiki/Hue for more information.
-# For instance the value 0 represents red, 60 is yellow, 120 is green,
-# 180 is cyan, 240 is blue, 300 purple, and 360 is red again.
-# The allowed range is 0 to 359.
-
-HTML_COLORSTYLE_HUE    = 220
-
-# The HTML_COLORSTYLE_SAT tag controls the purity (or saturation) of
-# the colors in the HTML output. For a value of 0 the output will use
-# grayscales only. A value of 255 will produce the most vivid colors.
-
-HTML_COLORSTYLE_SAT    = 100
-
-# The HTML_COLORSTYLE_GAMMA tag controls the gamma correction applied to
-# the luminance component of the colors in the HTML output. Values below
-# 100 gradually make the output lighter, whereas values above 100 make
-# the output darker. The value divided by 100 is the actual gamma applied,
-# so 80 represents a gamma of 0.8, The value 220 represents a gamma of 2.2,
-# and 100 does not change the gamma.
-
-HTML_COLORSTYLE_GAMMA  = 80
-
-# If the HTML_TIMESTAMP tag is set to YES then the footer of each generated HTML
-# page will contain the date and time when the page was generated. Setting
-# this to NO can help when comparing the output of multiple runs.
-
-HTML_TIMESTAMP         = YES
-
-# If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML
-# documentation will contain sections that can be hidden and shown after the
-# page has loaded.
-
-HTML_DYNAMIC_SECTIONS  = NO
-
-# With HTML_INDEX_NUM_ENTRIES one can control the preferred number of
-# entries shown in the various tree structured indices initially; the user
-# can expand and collapse entries dynamically later on. Doxygen will expand
-# the tree to such a level that at most the specified number of entries are
-# visible (unless a fully collapsed tree already exceeds this amount).
-# So setting the number of entries 1 will produce a full collapsed tree by
-# default. 0 is a special value representing an infinite number of entries
-# and will result in a full expanded tree by default.
-
-HTML_INDEX_NUM_ENTRIES = 100
-
-# If the GENERATE_DOCSET tag is set to YES, additional index files
-# will be generated that can be used as input for Apple's Xcode 3
-# integrated development environment, introduced with OSX 10.5 (Leopard).
-# To create a documentation set, doxygen will generate a Makefile in the
-# HTML output directory. Running make will produce the docset in that
-# directory and running "make install" will install the docset in
-# ~/Library/Developer/Shared/Documentation/DocSets so that Xcode will find
-# it at startup.
-# See http://developer.apple.com/tools/creatingdocsetswithdoxygen.html
-# for more information.
-
-GENERATE_DOCSET        = NO
-
-# When GENERATE_DOCSET tag is set to YES, this tag determines the name of the
-# feed. A documentation feed provides an umbrella under which multiple
-# documentation sets from a single provider (such as a company or product suite)
-# can be grouped.
-
-DOCSET_FEEDNAME        = "Doxygen generated docs"
-
-# When GENERATE_DOCSET tag is set to YES, this tag specifies a string that
-# should uniquely identify the documentation set bundle. This should be a
-# reverse domain-name style string, e.g. com.mycompany.MyDocSet. Doxygen
-# will append .docset to the name.
-
-DOCSET_BUNDLE_ID       = org.doxygen.Project
-
-# When GENERATE_PUBLISHER_ID tag specifies a string that should uniquely
-# identify the documentation publisher. This should be a reverse domain-name
-# style string, e.g. com.mycompany.MyDocSet.documentation.
-
-DOCSET_PUBLISHER_ID    = org.doxygen.Publisher
-
-# The GENERATE_PUBLISHER_NAME tag identifies the documentation publisher.
-
-DOCSET_PUBLISHER_NAME  = Publisher
-
-# If the GENERATE_HTMLHELP tag is set to YES, additional index files
-# will be generated that can be used as input for tools like the
-# Microsoft HTML help workshop to generate a compiled HTML help file (.chm)
-# of the generated HTML documentation.
-
-GENERATE_HTMLHELP      = NO
-
-# If the GENERATE_HTMLHELP tag is set to YES, the CHM_FILE tag can
-# be used to specify the file name of the resulting .chm file. You
-# can add a path in front of the file if the result should not be
-# written to the html output directory.
-
-CHM_FILE               =
-
-# If the GENERATE_HTMLHELP tag is set to YES, the HHC_LOCATION tag can
-# be used to specify the location (absolute path including file name) of
-# the HTML help compiler (hhc.exe). If non-empty doxygen will try to run
-# the HTML help compiler on the generated index.hhp.
-
-HHC_LOCATION           =
-
-# If the GENERATE_HTMLHELP tag is set to YES, the GENERATE_CHI flag
-# controls if a separate .chi index file is generated (YES) or that
-# it should be included in the master .chm file (NO).
-
-GENERATE_CHI           = NO
-
-# If the GENERATE_HTMLHELP tag is set to YES, the CHM_INDEX_ENCODING
-# is used to encode HtmlHelp index (hhk), content (hhc) and project file
-# content.
-
-CHM_INDEX_ENCODING     =
-
-# If the GENERATE_HTMLHELP tag is set to YES, the BINARY_TOC flag
-# controls whether a binary table of contents is generated (YES) or a
-# normal table of contents (NO) in the .chm file.
-
-BINARY_TOC             = NO
-
-# The TOC_EXPAND flag can be set to YES to add extra items for group members
-# to the contents of the HTML help documentation and to the tree view.
-
-TOC_EXPAND             = NO
-
-# If the GENERATE_QHP tag is set to YES and both QHP_NAMESPACE and
-# QHP_VIRTUAL_FOLDER are set, an additional index file will be generated
-# that can be used as input for Qt's qhelpgenerator to generate a
-# Qt Compressed Help (.qch) of the generated HTML documentation.
-
-GENERATE_QHP           = NO
-
-# If the QHG_LOCATION tag is specified, the QCH_FILE tag can
-# be used to specify the file name of the resulting .qch file.
-# The path specified is relative to the HTML output folder.
-
-QCH_FILE               =
-
-# The QHP_NAMESPACE tag specifies the namespace to use when generating
-# Qt Help Project output. For more information please see
-# http://doc.trolltech.com/qthelpproject.html#namespace
-
-QHP_NAMESPACE          = org.doxygen.Project
-
-# The QHP_VIRTUAL_FOLDER tag specifies the namespace to use when generating
-# Qt Help Project output. For more information please see
-# http://doc.trolltech.com/qthelpproject.html#virtual-folders
-
-QHP_VIRTUAL_FOLDER     = doc
-
-# If QHP_CUST_FILTER_NAME is set, it specifies the name of a custom filter to
-# add. For more information please see
-# http://doc.trolltech.com/qthelpproject.html#custom-filters
-
-QHP_CUST_FILTER_NAME   =
-
-# The QHP_CUST_FILT_ATTRS tag specifies the list of the attributes of the
-# custom filter to add. For more information please see
-# <a href="http://doc.trolltech.com/qthelpproject.html#custom-filters">
-# Qt Help Project / Custom Filters</a>.
-
-QHP_CUST_FILTER_ATTRS  =
-
-# The QHP_SECT_FILTER_ATTRS tag specifies the list of the attributes this
-# project's
-# filter section matches.
-# <a href="http://doc.trolltech.com/qthelpproject.html#filter-attributes">
-# Qt Help Project / Filter Attributes</a>.
-
-QHP_SECT_FILTER_ATTRS  =
-
-# If the GENERATE_QHP tag is set to YES, the QHG_LOCATION tag can
-# be used to specify the location of Qt's qhelpgenerator.
-# If non-empty doxygen will try to run qhelpgenerator on the generated
-# .qhp file.
-
-QHG_LOCATION           =
-
-# If the GENERATE_ECLIPSEHELP tag is set to YES, additional index files
-#  will be generated, which together with the HTML files, form an Eclipse help
-# plugin. To install this plugin and make it available under the help contents
-# menu in Eclipse, the contents of the directory containing the HTML and XML
-# files needs to be copied into the plugins directory of eclipse. The name of
-# the directory within the plugins directory should be the same as
-# the ECLIPSE_DOC_ID value. After copying Eclipse needs to be restarted before
-# the help appears.
-
-GENERATE_ECLIPSEHELP   = NO
-
-# A unique identifier for the eclipse help plugin. When installing the plugin
-# the directory name containing the HTML and XML files should also have
-# this name.
-
-ECLIPSE_DOC_ID         = org.doxygen.Project
-
-# The DISABLE_INDEX tag can be used to turn on/off the condensed index (tabs)
-# at top of each HTML page. The value NO (the default) enables the index and
-# the value YES disables it. Since the tabs have the same information as the
-# navigation tree you can set this option to NO if you already set
-# GENERATE_TREEVIEW to YES.
-
-DISABLE_INDEX          = NO
-
-# The GENERATE_TREEVIEW tag is used to specify whether a tree-like index
-# structure should be generated to display hierarchical information.
-# If the tag value is set to YES, a side panel will be generated
-# containing a tree-like index structure (just like the one that
-# is generated for HTML Help). For this to work a browser that supports
-# JavaScript, DHTML, CSS and frames is required (i.e. any modern browser).
-# Windows users are probably better off using the HTML help feature.
-# Since the tree basically has the same information as the tab index you
-# could consider to set DISABLE_INDEX to NO when enabling this option.
-
-GENERATE_TREEVIEW      = NO
-
-# The ENUM_VALUES_PER_LINE tag can be used to set the number of enum values
-# (range [0,1..20]) that doxygen will group on one line in the generated HTML
-# documentation. Note that a value of 0 will completely suppress the enum
-# values from appearing in the overview section.
-
-ENUM_VALUES_PER_LINE   = 4
-
-# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be
-# used to set the initial width (in pixels) of the frame in which the tree
-# is shown.
-
-TREEVIEW_WIDTH         = 250
-
-# When the EXT_LINKS_IN_WINDOW option is set to YES doxygen will open
-# links to external symbols imported via tag files in a separate window.
-
-EXT_LINKS_IN_WINDOW    = NO
-
-# Use this tag to change the font size of Latex formulas included
-# as images in the HTML documentation. The default is 10. Note that
-# when you change the font size after a successful doxygen run you need
-# to manually remove any form_*.png images from the HTML output directory
-# to force them to be regenerated.
-
-FORMULA_FONTSIZE       = 10
-
-# Use the FORMULA_TRANPARENT tag to determine whether or not the images
-# generated for formulas are transparent PNGs. Transparent PNGs are
-# not supported properly for IE 6.0, but are supported on all modern browsers.
-# Note that when changing this option you need to delete any form_*.png files
-# in the HTML output before the changes have effect.
-
-FORMULA_TRANSPARENT    = YES
-
-# Enable the USE_MATHJAX option to render LaTeX formulas using MathJax
-# (see http://www.mathjax.org) which uses client side Javascript for the
-# rendering instead of using prerendered bitmaps. Use this if you do not
-# have LaTeX installed or if you want to formulas look prettier in the HTML
-# output. When enabled you may also need to install MathJax separately and
-# configure the path to it using the MATHJAX_RELPATH option.
-
-USE_MATHJAX            = NO
-
-# When MathJax is enabled you can set the default output format to be used for
-# the MathJax output. Supported types are HTML-CSS, NativeMML (i.e. MathML) and
-# SVG. The default value is HTML-CSS, which is slower, but has the best
-# compatibility.
-
-MATHJAX_FORMAT         = HTML-CSS
-
-# When MathJax is enabled you need to specify the location relative to the
-# HTML output directory using the MATHJAX_RELPATH option. The destination
-# directory should contain the MathJax.js script. For instance, if the mathjax
-# directory is located at the same level as the HTML output directory, then
-# MATHJAX_RELPATH should be ../mathjax. The default value points to
-# the MathJax Content Delivery Network so you can quickly see the result without
-# installing MathJax.
-# However, it is strongly recommended to install a local
-# copy of MathJax from http://www.mathjax.org before deployment.
-
-MATHJAX_RELPATH        = http://cdn.mathjax.org/mathjax/latest
-
-# The MATHJAX_EXTENSIONS tag can be used to specify one or MathJax extension
-# names that should be enabled during MathJax rendering.
-
-MATHJAX_EXTENSIONS     =
-
-# The MATHJAX_CODEFILE tag can be used to specify a file with javascript
-# pieces of code that will be used on startup of the MathJax code.
-
-MATHJAX_CODEFILE       =
-
-# When the SEARCHENGINE tag is enabled doxygen will generate a search box
-# for the HTML output. The underlying search engine uses javascript
-# and DHTML and should work on any modern browser. Note that when using
-# HTML help (GENERATE_HTMLHELP), Qt help (GENERATE_QHP), or docsets
-# (GENERATE_DOCSET) there is already a search function so this one should
-# typically be disabled. For large projects the javascript based search engine
-# can be slow, then enabling SERVER_BASED_SEARCH may provide a better solution.
-
-SEARCHENGINE           = NO
-
-# When the SERVER_BASED_SEARCH tag is enabled the search engine will be
-# implemented using a web server instead of a web client using Javascript.
-# There are two flavours of web server based search depending on the
-# EXTERNAL_SEARCH setting. When disabled, doxygen will generate a PHP script for
-# searching and an index file used by the script. When EXTERNAL_SEARCH is
-# enabled the indexing and searching needs to be provided by external tools.
-# See the manual for details.
-
-SERVER_BASED_SEARCH    = NO
-
-# When EXTERNAL_SEARCH is enabled doxygen will no longer generate the PHP
-# script for searching. Instead the search results are written to an XML file
-# which needs to be processed by an external indexer. Doxygen will invoke an
-# external search engine pointed to by the SEARCHENGINE_URL option to obtain
-# the search results. Doxygen ships with an example indexer (doxyindexer) and
-# search engine (doxysearch.cgi) which are based on the open source search
-# engine library Xapian. See the manual for configuration details.
-
-EXTERNAL_SEARCH        = NO
-
-# The SEARCHENGINE_URL should point to a search engine hosted by a web server
-# which will returned the search results when EXTERNAL_SEARCH is enabled.
-# Doxygen ships with an example search engine (doxysearch) which is based on
-# the open source search engine library Xapian. See the manual for configuration
-# details.
-
-SEARCHENGINE_URL       =
-
-# When SERVER_BASED_SEARCH and EXTERNAL_SEARCH are both enabled the unindexed
-# search data is written to a file for indexing by an external tool. With the
-# SEARCHDATA_FILE tag the name of this file can be specified.
-
-SEARCHDATA_FILE        = searchdata.xml
-
-# When SERVER_BASED_SEARCH AND EXTERNAL_SEARCH are both enabled the
-# EXTERNAL_SEARCH_ID tag can be used as an identifier for the project. This is
-# useful in combination with EXTRA_SEARCH_MAPPINGS to search through multiple
-# projects and redirect the results back to the right project.
-
-EXTERNAL_SEARCH_ID     =
-
-# The EXTRA_SEARCH_MAPPINGS tag can be used to enable searching through doxygen
-# projects other than the one defined by this configuration file, but that are
-# all added to the same external search index. Each project needs to have a
-# unique id set via EXTERNAL_SEARCH_ID. The search mapping then maps the id
-# of to a relative location where the documentation can be found.
-# The format is: EXTRA_SEARCH_MAPPINGS = id1=loc1 id2=loc2 ...
-
-EXTRA_SEARCH_MAPPINGS  =
-
-#---------------------------------------------------------------------------
-# configuration options related to the LaTeX output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_LATEX tag is set to YES (the default) Doxygen will
-# generate Latex output.
-
-GENERATE_LATEX         = NO
-
-# The LATEX_OUTPUT tag is used to specify where the LaTeX docs will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `latex' will be used as the default path.
-
-LATEX_OUTPUT           = latex
-
-# The LATEX_CMD_NAME tag can be used to specify the LaTeX command name to be
-# invoked. If left blank `latex' will be used as the default command name.
-# Note that when enabling USE_PDFLATEX this option is only used for
-# generating bitmaps for formulas in the HTML output, but not in the
-# Makefile that is written to the output directory.
-
-LATEX_CMD_NAME         = latex
-
-# The MAKEINDEX_CMD_NAME tag can be used to specify the command name to
-# generate index for LaTeX. If left blank `makeindex' will be used as the
-# default command name.
-
-MAKEINDEX_CMD_NAME     = makeindex
-
-# If the COMPACT_LATEX tag is set to YES Doxygen generates more compact
-# LaTeX documents. This may be useful for small projects and may help to
-# save some trees in general.
-
-COMPACT_LATEX          = YES
-
-# The PAPER_TYPE tag can be used to set the paper type that is used
-# by the printer. Possible values are: a4, letter, legal and
-# executive. If left blank a4 will be used.
-
-PAPER_TYPE             = a4wide
-
-# The EXTRA_PACKAGES tag can be to specify one or more names of LaTeX
-# packages that should be included in the LaTeX output.
-
-EXTRA_PACKAGES         =
-
-# The LATEX_HEADER tag can be used to specify a personal LaTeX header for
-# the generated latex document. The header should contain everything until
-# the first chapter. If it is left blank doxygen will generate a
-# standard header. Notice: only use this tag if you know what you are doing!
-
-LATEX_HEADER           =
-
-# The LATEX_FOOTER tag can be used to specify a personal LaTeX footer for
-# the generated latex document. The footer should contain everything after
-# the last chapter. If it is left blank doxygen will generate a
-# standard footer. Notice: only use this tag if you know what you are doing!
-
-LATEX_FOOTER           =
-
-# The LATEX_EXTRA_FILES tag can be used to specify one or more extra images
-# or other source files which should be copied to the LaTeX output directory.
-# Note that the files will be copied as-is; there are no commands or markers
-# available.
-
-LATEX_EXTRA_FILES      =
-
-# If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated
-# is prepared for conversion to pdf (using ps2pdf). The pdf file will
-# contain links (just like the HTML output) instead of page references
-# This makes the output suitable for online browsing using a pdf viewer.
-
-PDF_HYPERLINKS         = YES
-
-# If the USE_PDFLATEX tag is set to YES, pdflatex will be used instead of
-# plain latex in the generated Makefile. Set this option to YES to get a
-# higher quality PDF documentation.
-
-USE_PDFLATEX           = YES
-
-# If the LATEX_BATCHMODE tag is set to YES, doxygen will add the \\batchmode.
-# command to the generated LaTeX files. This will instruct LaTeX to keep
-# running if errors occur, instead of asking the user for help.
-# This option is also used when generating formulas in HTML.
-
-LATEX_BATCHMODE        = NO
-
-# If LATEX_HIDE_INDICES is set to YES then doxygen will not
-# include the index chapters (such as File Index, Compound Index, etc.)
-# in the output.
-
-LATEX_HIDE_INDICES     = NO
-
-# If LATEX_SOURCE_CODE is set to YES then doxygen will include
-# source code with syntax highlighting in the LaTeX output.
-# Note that which sources are shown also depends on other settings
-# such as SOURCE_BROWSER.
-
-LATEX_SOURCE_CODE      = NO
-
-# The LATEX_BIB_STYLE tag can be used to specify the style to use for the
-# bibliography, e.g. plainnat, or ieeetr. The default style is "plain". See
-# http://en.wikipedia.org/wiki/BibTeX for more info.
-
-LATEX_BIB_STYLE        = plain
-
-#---------------------------------------------------------------------------
-# configuration options related to the RTF output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_RTF tag is set to YES Doxygen will generate RTF output
-# The RTF output is optimized for Word 97 and may not look very pretty with
-# other RTF readers or editors.
-
-GENERATE_RTF           = NO
-
-# The RTF_OUTPUT tag is used to specify where the RTF docs will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `rtf' will be used as the default path.
-
-RTF_OUTPUT             = rtf
-
-# If the COMPACT_RTF tag is set to YES Doxygen generates more compact
-# RTF documents. This may be useful for small projects and may help to
-# save some trees in general.
-
-COMPACT_RTF            = NO
-
-# If the RTF_HYPERLINKS tag is set to YES, the RTF that is generated
-# will contain hyperlink fields. The RTF file will
-# contain links (just like the HTML output) instead of page references.
-# This makes the output suitable for online browsing using WORD or other
-# programs which support those fields.
-# Note: wordpad (write) and others do not support links.
-
-RTF_HYPERLINKS         = NO
-
-# Load style sheet definitions from file. Syntax is similar to doxygen's
-# config file, i.e. a series of assignments. You only have to provide
-# replacements, missing definitions are set to their default value.
-
-RTF_STYLESHEET_FILE    =
-
-# Set optional variables used in the generation of an rtf document.
-# Syntax is similar to doxygen's config file.
-
-RTF_EXTENSIONS_FILE    =
-
-#---------------------------------------------------------------------------
-# configuration options related to the man page output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_MAN tag is set to YES (the default) Doxygen will
-# generate man pages
-
-GENERATE_MAN           = NO
-
-# The MAN_OUTPUT tag is used to specify where the man pages will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `man' will be used as the default path.
-
-MAN_OUTPUT             = man
-
-# The MAN_EXTENSION tag determines the extension that is added to
-# the generated man pages (default is the subroutine's section .3)
-
-MAN_EXTENSION          = .3
-
-# If the MAN_LINKS tag is set to YES and Doxygen generates man output,
-# then it will generate one additional man file for each entity
-# documented in the real man page(s). These additional files
-# only source the real man page, but without them the man command
-# would be unable to find the correct page. The default is NO.
-
-MAN_LINKS              = NO
-
-#---------------------------------------------------------------------------
-# configuration options related to the XML output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_XML tag is set to YES Doxygen will
-# generate an XML file that captures the structure of
-# the code including all documentation.
-
-GENERATE_XML           = NO
-
-# The XML_OUTPUT tag is used to specify where the XML pages will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `xml' will be used as the default path.
-
-XML_OUTPUT             = xml
-
-# The XML_SCHEMA tag can be used to specify an XML schema,
-# which can be used by a validating XML parser to check the
-# syntax of the XML files.
-
-#XML_SCHEMA             =
-
-# The XML_DTD tag can be used to specify an XML DTD,
-# which can be used by a validating XML parser to check the
-# syntax of the XML files.
-
-#XML_DTD                =
-
-# If the XML_PROGRAMLISTING tag is set to YES Doxygen will
-# dump the program listings (including syntax highlighting
-# and cross-referencing information) to the XML output. Note that
-# enabling this will significantly increase the size of the XML output.
-
-XML_PROGRAMLISTING     = YES
-
-#---------------------------------------------------------------------------
-# configuration options related to the DOCBOOK output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_DOCBOOK tag is set to YES Doxygen will generate DOCBOOK files
-# that can be used to generate PDF.
-
-GENERATE_DOCBOOK       = NO
-
-# The DOCBOOK_OUTPUT tag is used to specify where the DOCBOOK pages will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be put in
-# front of it. If left blank docbook will be used as the default path.
-
-DOCBOOK_OUTPUT         = docbook
-
-#---------------------------------------------------------------------------
-# configuration options for the AutoGen Definitions output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_AUTOGEN_DEF tag is set to YES Doxygen will
-# generate an AutoGen Definitions (see autogen.sf.net) file
-# that captures the structure of the code including all
-# documentation. Note that this feature is still experimental
-# and incomplete at the moment.
-
-GENERATE_AUTOGEN_DEF   = NO
-
-#---------------------------------------------------------------------------
-# configuration options related to the Perl module output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_PERLMOD tag is set to YES Doxygen will
-# generate a Perl module file that captures the structure of
-# the code including all documentation. Note that this
-# feature is still experimental and incomplete at the
-# moment.
-
-GENERATE_PERLMOD       = NO
-
-# If the PERLMOD_LATEX tag is set to YES Doxygen will generate
-# the necessary Makefile rules, Perl scripts and LaTeX code to be able
-# to generate PDF and DVI output from the Perl module output.
-
-PERLMOD_LATEX          = NO
-
-# If the PERLMOD_PRETTY tag is set to YES the Perl module output will be
-# nicely formatted so it can be parsed by a human reader.
-# This is useful
-# if you want to understand what is going on.
-# On the other hand, if this
-# tag is set to NO the size of the Perl module output will be much smaller
-# and Perl will parse it just the same.
-
-PERLMOD_PRETTY         = YES
-
-# The names of the make variables in the generated doxyrules.make file
-# are prefixed with the string contained in PERLMOD_MAKEVAR_PREFIX.
-# This is useful so different doxyrules.make files included by the same
-# Makefile don't overwrite each other's variables.
-
-PERLMOD_MAKEVAR_PREFIX =
-
-#---------------------------------------------------------------------------
-# Configuration options related to the preprocessor
-#---------------------------------------------------------------------------
-
-# If the ENABLE_PREPROCESSING tag is set to YES (the default) Doxygen will
-# evaluate all C-preprocessor directives found in the sources and include
-# files.
-
-ENABLE_PREPROCESSING   = YES
-
-# If the MACRO_EXPANSION tag is set to YES Doxygen will expand all macro
-# names in the source code. If set to NO (the default) only conditional
-# compilation will be performed. Macro expansion can be done in a controlled
-# way by setting EXPAND_ONLY_PREDEF to YES.
-
-MACRO_EXPANSION        = NO
-
-# If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES
-# then the macro expansion is limited to the macros specified with the
-# PREDEFINED and EXPAND_AS_DEFINED tags.
-
-EXPAND_ONLY_PREDEF     = NO
-
-# If the SEARCH_INCLUDES tag is set to YES (the default) the includes files
-# pointed to by INCLUDE_PATH will be searched when a #include is found.
-
-SEARCH_INCLUDES        = YES
-
-# The INCLUDE_PATH tag can be used to specify one or more directories that
-# contain include files that are not input files but should be processed by
-# the preprocessor.
-
-INCLUDE_PATH           = ../include
-
-# You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard
-# patterns (like *.h and *.hpp) to filter out the header-files in the
-# directories. If left blank, the patterns specified with FILE_PATTERNS will
-# be used.
-
-INCLUDE_FILE_PATTERNS  =
-
-# The PREDEFINED tag can be used to specify one or more macro names that
-# are defined before the preprocessor is started (similar to the -D option of
-# gcc). The argument of the tag is a list of macros of the form: name
-# or name=definition (no spaces). If the definition and the = are
-# omitted =1 is assumed. To prevent a macro definition from being
-# undefined via #undef or recursively expanded use the := operator
-# instead of the = operator.
-
-PREDEFINED             = WIN32 \
-                         NTLM \
-                         USE_LZO \
-                         ENABLE_FRAGMENT \
-                         P2MP \
-                         P2MP_SERVER \
-                         USE_CRYPTO \
-                         USE_SSL \
-                         ENABLE_PLUGIN \
-                         ENABLE_MANAGEMENT \
-                         ENABLE_OCC \
-                         HAVE_GETTIMEOFDAY
-
-# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then
-# this tag can be used to specify a list of macro names that should be expanded.
-# The macro definition that is found in the sources will be used.
-# Use the PREDEFINED tag if you want to use a different macro definition that
-# overrules the definition found in the source code.
-
-EXPAND_AS_DEFINED      =
-
-# If the SKIP_FUNCTION_MACROS tag is set to YES (the default) then
-# doxygen's preprocessor will remove all references to function-like macros
-# that are alone on a line, have an all uppercase name, and do not end with a
-# semicolon, because these will confuse the parser if not removed.
-
-SKIP_FUNCTION_MACROS   = YES
-
-#---------------------------------------------------------------------------
-# Configuration::additions related to external references
-#---------------------------------------------------------------------------
-
-# The TAGFILES option can be used to specify one or more tagfiles. For each
-# tag file the location of the external documentation should be added. The
-# format of a tag file without this location is as follows:
-#
-# TAGFILES = file1 file2 ...
-# Adding location for the tag files is done as follows:
-#
-# TAGFILES = file1=loc1 "file2 = loc2" ...
-# where "loc1" and "loc2" can be relative or absolute paths
-# or URLs. Note that each tag file must have a unique name (where the name does
-# NOT include the path). If a tag file is not located in the directory in which
-# doxygen is run, you must also specify the path to the tagfile here.
-
-TAGFILES               =
-
-# When a file name is specified after GENERATE_TAGFILE, doxygen will create
-# a tag file that is based on the input files it reads.
-
-GENERATE_TAGFILE       =
-
-# If the ALLEXTERNALS tag is set to YES all external classes will be listed
-# in the class index. If set to NO only the inherited external classes
-# will be listed.
-
-ALLEXTERNALS           = NO
-
-# If the EXTERNAL_GROUPS tag is set to YES all external groups will be listed
-# in the modules index. If set to NO, only the current project's groups will
-# be listed.
-
-EXTERNAL_GROUPS        = YES
-
-# If the EXTERNAL_PAGES tag is set to YES all external pages will be listed
-# in the related pages index. If set to NO, only the current project's
-# pages will be listed.
-
-EXTERNAL_PAGES         = YES
-
-# The PERL_PATH should be the absolute path and name of the perl script
-# interpreter (i.e. the result of `which perl').
-
-PERL_PATH              = /usr/bin/perl
-
-#---------------------------------------------------------------------------
-# Configuration options related to the dot tool
-#---------------------------------------------------------------------------
-
-# If the CLASS_DIAGRAMS tag is set to YES (the default) Doxygen will
-# generate a inheritance diagram (in HTML, RTF and LaTeX) for classes with base
-# or super classes. Setting the tag to NO turns the diagrams off. Note that
-# this option also works with HAVE_DOT disabled, but it is recommended to
-# install and use dot, since it yields more powerful graphs.
-
-CLASS_DIAGRAMS         = NO
-
-# You can define message sequence charts within doxygen comments using the \msc
-# command. Doxygen will then run the mscgen tool (see
-# http://www.mcternan.me.uk/mscgen/) to produce the chart and insert it in the
-# documentation. The MSCGEN_PATH tag allows you to specify the directory where
-# the mscgen tool resides. If left empty the tool is assumed to be found in the
-# default search path.
-
-MSCGEN_PATH            =
-
-# If set to YES, the inheritance and collaboration graphs will hide
-# inheritance and usage relations if the target is undocumented
-# or is not a class.
-
-HIDE_UNDOC_RELATIONS   = YES
-
-# If you set the HAVE_DOT tag to YES then doxygen will assume the dot tool is
-# available from the path. This tool is part of Graphviz, a graph visualization
-# toolkit from AT&T and Lucent Bell Labs. The other options in this section
-# have no effect if this option is set to NO (the default)
-
-HAVE_DOT               = YES
-
-# The DOT_NUM_THREADS specifies the number of dot invocations doxygen is
-# allowed to run in parallel. When set to 0 (the default) doxygen will
-# base this on the number of processors available in the system. You can set it
-# explicitly to a value larger than 0 to get control over the balance
-# between CPU load and processing speed.
-
-DOT_NUM_THREADS        = 0
-
-# By default doxygen will use the Helvetica font for all dot files that
-# doxygen generates. When you want a differently looking font you can specify
-# the font name using DOT_FONTNAME. You need to make sure dot is able to find
-# the font, which can be done by putting it in a standard location or by setting
-# the DOTFONTPATH environment variable or by setting DOT_FONTPATH to the
-# directory containing the font.
-
-DOT_FONTNAME           = Helvetica
-
-# The DOT_FONTSIZE tag can be used to set the size of the font of dot graphs.
-# The default size is 10pt.
-
-DOT_FONTSIZE           = 10
-
-# By default doxygen will tell dot to use the Helvetica font.
-# If you specify a different font using DOT_FONTNAME you can use DOT_FONTPATH to
-# set the path where dot can find it.
-
-DOT_FONTPATH           =
-
-# If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen
-# will generate a graph for each documented class showing the direct and
-# indirect inheritance relations. Setting this tag to YES will force the
-# CLASS_DIAGRAMS tag to NO.
-
-CLASS_GRAPH            = YES
-
-# If the COLLABORATION_GRAPH and HAVE_DOT tags are set to YES then doxygen
-# will generate a graph for each documented class showing the direct and
-# indirect implementation dependencies (inheritance, containment, and
-# class references variables) of the class with other documented classes.
-
-COLLABORATION_GRAPH    = YES
-
-# If the GROUP_GRAPHS and HAVE_DOT tags are set to YES then doxygen
-# will generate a graph for groups, showing the direct groups dependencies
-
-GROUP_GRAPHS           = YES
-
-# If the UML_LOOK tag is set to YES doxygen will generate inheritance and
-# collaboration diagrams in a style similar to the OMG's Unified Modeling
-# Language.
-
-UML_LOOK               = NO
-
-# If the UML_LOOK tag is enabled, the fields and methods are shown inside
-# the class node. If there are many fields or methods and many nodes the
-# graph may become too big to be useful. The UML_LIMIT_NUM_FIELDS
-# threshold limits the number of items for each type to make the size more
-# manageable. Set this to 0 for no limit. Note that the threshold may be
-# exceeded by 50% before the limit is enforced.
-
-UML_LIMIT_NUM_FIELDS   = 10
-
-# If set to YES, the inheritance and collaboration graphs will show the
-# relations between templates and their instances.
-
-TEMPLATE_RELATIONS     = NO
-
-# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDE_GRAPH, and HAVE_DOT
-# tags are set to YES then doxygen will generate a graph for each documented
-# file showing the direct and indirect include dependencies of the file with
-# other documented files.
-
-INCLUDE_GRAPH          = YES
-
-# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDED_BY_GRAPH, and
-# HAVE_DOT tags are set to YES then doxygen will generate a graph for each
-# documented header file showing the documented files that directly or
-# indirectly include this file.
-
-INCLUDED_BY_GRAPH      = YES
-
-# If the CALL_GRAPH and HAVE_DOT options are set to YES then
-# doxygen will generate a call dependency graph for every global function
-# or class method. Note that enabling this option will significantly increase
-# the time of a run. So in most cases it will be better to enable call graphs
-# for selected functions only using the \callgraph command.
-
-CALL_GRAPH             = NO
-
-# If the CALLER_GRAPH and HAVE_DOT tags are set to YES then
-# doxygen will generate a caller dependency graph for every global function
-# or class method. Note that enabling this option will significantly increase
-# the time of a run. So in most cases it will be better to enable caller
-# graphs for selected functions only using the \callergraph command.
-
-CALLER_GRAPH           = NO
-
-# If the GRAPHICAL_HIERARCHY and HAVE_DOT tags are set to YES then doxygen
-# will generate a graphical hierarchy of all classes instead of a textual one.
-
-GRAPHICAL_HIERARCHY    = YES
-
-# If the DIRECTORY_GRAPH and HAVE_DOT tags are set to YES
-# then doxygen will show the dependencies a directory has on other directories
-# in a graphical way. The dependency relations are determined by the #include
-# relations between the files in the directories.
-
-DIRECTORY_GRAPH        = YES
-
-# The DOT_IMAGE_FORMAT tag can be used to set the image format of the images
-# generated by dot. Possible values are svg, png, jpg, or gif.
-# If left blank png will be used. If you choose svg you need to set
-# HTML_FILE_EXTENSION to xhtml in order to make the SVG files
-# visible in IE 9+ (other browsers do not have this requirement).
-
-DOT_IMAGE_FORMAT       = png
-
-# If DOT_IMAGE_FORMAT is set to svg, then this option can be set to YES to
-# enable generation of interactive SVG images that allow zooming and panning.
-# Note that this requires a modern browser other than Internet Explorer.
-# Tested and working are Firefox, Chrome, Safari, and Opera. For IE 9+ you
-# need to set HTML_FILE_EXTENSION to xhtml in order to make the SVG files
-# visible. Older versions of IE do not have SVG support.
-
-INTERACTIVE_SVG        = NO
-
-# The tag DOT_PATH can be used to specify the path where the dot tool can be
-# found. If left blank, it is assumed the dot tool can be found in the path.
-
-DOT_PATH               =
-
-# The DOTFILE_DIRS tag can be used to specify one or more directories that
-# contain dot files that are included in the documentation (see the
-# \dotfile command).
-
-DOTFILE_DIRS           =
-
-# The MSCFILE_DIRS tag can be used to specify one or more directories that
-# contain msc files that are included in the documentation (see the
-# \mscfile command).
-
-MSCFILE_DIRS           =
-
-# The DOT_GRAPH_MAX_NODES tag can be used to set the maximum number of
-# nodes that will be shown in the graph. If the number of nodes in a graph
-# becomes larger than this value, doxygen will truncate the graph, which is
-# visualized by representing a node as a red box. Note that doxygen if the
-# number of direct children of the root node in a graph is already larger than
-# DOT_GRAPH_MAX_NODES then the graph will not be shown at all. Also note
-# that the size of a graph can be further restricted by MAX_DOT_GRAPH_DEPTH.
-
-DOT_GRAPH_MAX_NODES    = 200
-
-# The MAX_DOT_GRAPH_DEPTH tag can be used to set the maximum depth of the
-# graphs generated by dot. A depth value of 3 means that only nodes reachable
-# from the root by following a path via at most 3 edges will be shown. Nodes
-# that lay further from the root node will be omitted. Note that setting this
-# option to 1 or 2 may greatly reduce the computation time needed for large
-# code bases. Also note that the size of a graph can be further restricted by
-# DOT_GRAPH_MAX_NODES. Using a depth of 0 means no depth restriction.
-
-MAX_DOT_GRAPH_DEPTH    = 1000
-
-# Set the DOT_TRANSPARENT tag to YES to generate images with a transparent
-# background. This is disabled by default, because dot on Windows does not
-# seem to support this out of the box. Warning: Depending on the platform used,
-# enabling this option may lead to badly anti-aliased labels on the edges of
-# a graph (i.e. they become hard to read).
-
-DOT_TRANSPARENT        = YES
-
-# Set the DOT_MULTI_TARGETS tag to YES allow dot to generate multiple output
-# files in one run (i.e. multiple -o and -T options on the command line). This
-# makes dot run faster, but since only newer versions of dot (>1.8.10)
-# support this, this feature is disabled by default.
-
-DOT_MULTI_TARGETS      = NO
-
-# If the GENERATE_LEGEND tag is set to YES (the default) Doxygen will
-# generate a legend page explaining the meaning of the various boxes and
-# arrows in the dot generated graphs.
-
-GENERATE_LEGEND        = YES
-
-# If the DOT_CLEANUP tag is set to YES (the default) Doxygen will
-# remove the intermediate dot files that are used to generate
-# the various graphs.
-
-DOT_CLEANUP            = YES
diff --git a/3rdparty/mbedtls-2.25.0/include/CMakeLists.txt b/3rdparty/mbedtls-2.25.0/include/CMakeLists.txt
deleted file mode 100644
index 62c0f62..0000000
--- a/3rdparty/mbedtls-2.25.0/include/CMakeLists.txt
+++ /dev/null
@@ -1,22 +0,0 @@
-option(INSTALL_MBEDTLS_HEADERS "Install mbed TLS headers." ON)
-
-if(INSTALL_MBEDTLS_HEADERS)
-
-    file(GLOB headers "mbedtls/*.h")
-    file(GLOB psa_headers "psa/*.h")
-
-    install(FILES ${headers}
-        DESTINATION include/mbedtls
-        PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
-
-    install(FILES ${psa_headers}
-        DESTINATION include/psa
-        PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
-
-endif(INSTALL_MBEDTLS_HEADERS)
-
-# Make config.h available in an out-of-source build. ssl-opt.sh requires it.
-if (ENABLE_TESTING AND NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR})
-    link_to_source(mbedtls)
-    link_to_source(psa)
-endif()
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/aesni.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/aesni.h
deleted file mode 100644
index c1d22f5..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/aesni.h
+++ /dev/null
@@ -1,136 +0,0 @@
-/**
- * \file aesni.h
- *
- * \brief AES-NI for hardware AES acceleration on some Intel processors
- *
- * \warning These functions are only for internal use by other library
- *          functions; you must not call them directly.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_AESNI_H
-#define MBEDTLS_AESNI_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/aes.h"
-
-#define MBEDTLS_AESNI_AES      0x02000000u
-#define MBEDTLS_AESNI_CLMUL    0x00000002u
-
-#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) &&  \
-    ( defined(__amd64__) || defined(__x86_64__) )   &&  \
-    ! defined(MBEDTLS_HAVE_X86_64)
-#define MBEDTLS_HAVE_X86_64
-#endif
-
-#if defined(MBEDTLS_HAVE_X86_64)
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief          Internal function to detect the AES-NI feature in CPUs.
- *
- * \note           This function is only for internal use by other library
- *                 functions; you must not call it directly.
- *
- * \param what     The feature to detect
- *                 (MBEDTLS_AESNI_AES or MBEDTLS_AESNI_CLMUL)
- *
- * \return         1 if CPU has support for the feature, 0 otherwise
- */
-int mbedtls_aesni_has_support( unsigned int what );
-
-/**
- * \brief          Internal AES-NI AES-ECB block encryption and decryption
- *
- * \note           This function is only for internal use by other library
- *                 functions; you must not call it directly.
- *
- * \param ctx      AES context
- * \param mode     MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
- * \param input    16-byte input block
- * \param output   16-byte output block
- *
- * \return         0 on success (cannot fail)
- */
-int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx,
-                             int mode,
-                             const unsigned char input[16],
-                             unsigned char output[16] );
-
-/**
- * \brief          Internal GCM multiplication: c = a * b in GF(2^128)
- *
- * \note           This function is only for internal use by other library
- *                 functions; you must not call it directly.
- *
- * \param c        Result
- * \param a        First operand
- * \param b        Second operand
- *
- * \note           Both operands and result are bit strings interpreted as
- *                 elements of GF(2^128) as per the GCM spec.
- */
-void mbedtls_aesni_gcm_mult( unsigned char c[16],
-                             const unsigned char a[16],
-                             const unsigned char b[16] );
-
-/**
- * \brief           Internal round key inversion. This function computes
- *                  decryption round keys from the encryption round keys.
- *
- * \note            This function is only for internal use by other library
- *                  functions; you must not call it directly.
- *
- * \param invkey    Round keys for the equivalent inverse cipher
- * \param fwdkey    Original round keys (for encryption)
- * \param nr        Number of rounds (that is, number of round keys minus one)
- */
-void mbedtls_aesni_inverse_key( unsigned char *invkey,
-                                const unsigned char *fwdkey,
-                                int nr );
-
-/**
- * \brief           Internal key expansion for encryption
- *
- * \note            This function is only for internal use by other library
- *                  functions; you must not call it directly.
- *
- * \param rk        Destination buffer where the round keys are written
- * \param key       Encryption key
- * \param bits      Key size in bits (must be 128, 192 or 256)
- *
- * \return          0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
- */
-int mbedtls_aesni_setkey_enc( unsigned char *rk,
-                              const unsigned char *key,
-                              size_t bits );
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* MBEDTLS_HAVE_X86_64 */
-
-#endif /* MBEDTLS_AESNI_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/arc4.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/arc4.h
deleted file mode 100644
index 17728f4..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/arc4.h
+++ /dev/null
@@ -1,144 +0,0 @@
-/**
- * \file arc4.h
- *
- * \brief The ARCFOUR stream cipher
- *
- * \warning   ARC4 is considered a weak cipher and its use constitutes a
- *            security risk. We recommend considering stronger ciphers instead.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- *
- */
-#ifndef MBEDTLS_ARC4_H
-#define MBEDTLS_ARC4_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-
-/* MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED                  -0x0019  /**< ARC4 hardware accelerator failed. */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if !defined(MBEDTLS_ARC4_ALT)
-// Regular implementation
-//
-
-/**
- * \brief     ARC4 context structure
- *
- * \warning   ARC4 is considered a weak cipher and its use constitutes a
- *            security risk. We recommend considering stronger ciphers instead.
- *
- */
-typedef struct mbedtls_arc4_context
-{
-    int x;                      /*!< permutation index */
-    int y;                      /*!< permutation index */
-    unsigned char m[256];       /*!< permutation table */
-}
-mbedtls_arc4_context;
-
-#else  /* MBEDTLS_ARC4_ALT */
-#include "arc4_alt.h"
-#endif /* MBEDTLS_ARC4_ALT */
-
-/**
- * \brief          Initialize ARC4 context
- *
- * \param ctx      ARC4 context to be initialized
- *
- * \warning        ARC4 is considered a weak cipher and its use constitutes a
- *                 security risk. We recommend considering stronger ciphers
- *                 instead.
- *
- */
-void mbedtls_arc4_init( mbedtls_arc4_context *ctx );
-
-/**
- * \brief          Clear ARC4 context
- *
- * \param ctx      ARC4 context to be cleared
- *
- * \warning        ARC4 is considered a weak cipher and its use constitutes a
- *                 security risk. We recommend considering stronger ciphers
- *                 instead.
- *
- */
-void mbedtls_arc4_free( mbedtls_arc4_context *ctx );
-
-/**
- * \brief          ARC4 key schedule
- *
- * \param ctx      ARC4 context to be setup
- * \param key      the secret key
- * \param keylen   length of the key, in bytes
- *
- * \warning        ARC4 is considered a weak cipher and its use constitutes a
- *                 security risk. We recommend considering stronger ciphers
- *                 instead.
- *
- */
-void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key,
-                 unsigned int keylen );
-
-/**
- * \brief          ARC4 cipher function
- *
- * \param ctx      ARC4 context
- * \param length   length of the input data
- * \param input    buffer holding the input data
- * \param output   buffer for the output data
- *
- * \return         0 if successful
- *
- * \warning        ARC4 is considered a weak cipher and its use constitutes a
- *                 security risk. We recommend considering stronger ciphers
- *                 instead.
- *
- */
-int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input,
-                unsigned char *output );
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/**
- * \brief          Checkup routine
- *
- * \return         0 if successful, or 1 if the test failed
- *
- * \warning        ARC4 is considered a weak cipher and its use constitutes a
- *                 security risk. We recommend considering stronger ciphers
- *                 instead.
- *
- */
-int mbedtls_arc4_self_test( int verbose );
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* arc4.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/base64.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/base64.h
deleted file mode 100644
index 7e73a8b..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/base64.h
+++ /dev/null
@@ -1,96 +0,0 @@
-/**
- * \file base64.h
- *
- * \brief RFC 1521 base64 encoding/decoding
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_BASE64_H
-#define MBEDTLS_BASE64_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-
-#define MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL               -0x002A  /**< Output buffer too small. */
-#define MBEDTLS_ERR_BASE64_INVALID_CHARACTER              -0x002C  /**< Invalid character in input. */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief          Encode a buffer into base64 format
- *
- * \param dst      destination buffer
- * \param dlen     size of the destination buffer
- * \param olen     number of bytes written
- * \param src      source buffer
- * \param slen     amount of data to be encoded
- *
- * \return         0 if successful, or MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL.
- *                 *olen is always updated to reflect the amount
- *                 of data that has (or would have) been written.
- *                 If that length cannot be represented, then no data is
- *                 written to the buffer and *olen is set to the maximum
- *                 length representable as a size_t.
- *
- * \note           Call this function with dlen = 0 to obtain the
- *                 required buffer size in *olen
- */
-int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
-                   const unsigned char *src, size_t slen );
-
-/**
- * \brief          Decode a base64-formatted buffer
- *
- * \param dst      destination buffer (can be NULL for checking size)
- * \param dlen     size of the destination buffer
- * \param olen     number of bytes written
- * \param src      source buffer
- * \param slen     amount of data to be decoded
- *
- * \return         0 if successful, MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL, or
- *                 MBEDTLS_ERR_BASE64_INVALID_CHARACTER if the input data is
- *                 not correct. *olen is always updated to reflect the amount
- *                 of data that has (or would have) been written.
- *
- * \note           Call this function with *dst = NULL or dlen = 0 to obtain
- *                 the required buffer size in *olen
- */
-int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
-                   const unsigned char *src, size_t slen );
-
-#if defined(MBEDTLS_SELF_TEST)
-/**
- * \brief          Checkup routine
- *
- * \return         0 if successful, or 1 if the test failed
- */
-int mbedtls_base64_self_test( int verbose );
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* base64.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/bignum.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/bignum.h
deleted file mode 100644
index 637360e..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/bignum.h
+++ /dev/null
@@ -1,1017 +0,0 @@
-/**
- * \file bignum.h
- *
- * \brief Multi-precision integer library
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_BIGNUM_H
-#define MBEDTLS_BIGNUM_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-#include <stdint.h>
-
-#if defined(MBEDTLS_FS_IO)
-#include <stdio.h>
-#endif
-
-#define MBEDTLS_ERR_MPI_FILE_IO_ERROR                     -0x0002  /**< An error occurred while reading from or writing to a file. */
-#define MBEDTLS_ERR_MPI_BAD_INPUT_DATA                    -0x0004  /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_MPI_INVALID_CHARACTER                 -0x0006  /**< There is an invalid character in the digit string. */
-#define MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL                  -0x0008  /**< The buffer is too small to write to. */
-#define MBEDTLS_ERR_MPI_NEGATIVE_VALUE                    -0x000A  /**< The input arguments are negative or result in illegal output. */
-#define MBEDTLS_ERR_MPI_DIVISION_BY_ZERO                  -0x000C  /**< The input argument for division is zero, which is not allowed. */
-#define MBEDTLS_ERR_MPI_NOT_ACCEPTABLE                    -0x000E  /**< The input arguments are not acceptable. */
-#define MBEDTLS_ERR_MPI_ALLOC_FAILED                      -0x0010  /**< Memory allocation failed. */
-
-#define MBEDTLS_MPI_CHK(f)       \
-    do                           \
-    {                            \
-        if( ( ret = (f) ) != 0 ) \
-            goto cleanup;        \
-    } while( 0 )
-
-/*
- * Maximum size MPIs are allowed to grow to in number of limbs.
- */
-#define MBEDTLS_MPI_MAX_LIMBS                             10000
-
-#if !defined(MBEDTLS_MPI_WINDOW_SIZE)
-/*
- * Maximum window size used for modular exponentiation. Default: 6
- * Minimum value: 1. Maximum value: 6.
- *
- * Result is an array of ( 2 ** MBEDTLS_MPI_WINDOW_SIZE ) MPIs used
- * for the sliding window calculation. (So 64 by default)
- *
- * Reduction in size, reduces speed.
- */
-#define MBEDTLS_MPI_WINDOW_SIZE                           6        /**< Maximum window size used. */
-#endif /* !MBEDTLS_MPI_WINDOW_SIZE */
-
-#if !defined(MBEDTLS_MPI_MAX_SIZE)
-/*
- * Maximum size of MPIs allowed in bits and bytes for user-MPIs.
- * ( Default: 512 bytes => 4096 bits, Maximum tested: 2048 bytes => 16384 bits )
- *
- * Note: Calculations can temporarily result in larger MPIs. So the number
- * of limbs required (MBEDTLS_MPI_MAX_LIMBS) is higher.
- */
-#define MBEDTLS_MPI_MAX_SIZE                              1024     /**< Maximum number of bytes for usable MPIs. */
-#endif /* !MBEDTLS_MPI_MAX_SIZE */
-
-#define MBEDTLS_MPI_MAX_BITS                              ( 8 * MBEDTLS_MPI_MAX_SIZE )    /**< Maximum number of bits for usable MPIs. */
-
-/*
- * When reading from files with mbedtls_mpi_read_file() and writing to files with
- * mbedtls_mpi_write_file() the buffer should have space
- * for a (short) label, the MPI (in the provided radix), the newline
- * characters and the '\0'.
- *
- * By default we assume at least a 10 char label, a minimum radix of 10
- * (decimal) and a maximum of 4096 bit numbers (1234 decimal chars).
- * Autosized at compile time for at least a 10 char label, a minimum radix
- * of 10 (decimal) for a number of MBEDTLS_MPI_MAX_BITS size.
- *
- * This used to be statically sized to 1250 for a maximum of 4096 bit
- * numbers (1234 decimal chars).
- *
- * Calculate using the formula:
- *  MBEDTLS_MPI_RW_BUFFER_SIZE = ceil(MBEDTLS_MPI_MAX_BITS / ln(10) * ln(2)) +
- *                                LabelSize + 6
- */
-#define MBEDTLS_MPI_MAX_BITS_SCALE100          ( 100 * MBEDTLS_MPI_MAX_BITS )
-#define MBEDTLS_LN_2_DIV_LN_10_SCALE100                 332
-#define MBEDTLS_MPI_RW_BUFFER_SIZE             ( ((MBEDTLS_MPI_MAX_BITS_SCALE100 + MBEDTLS_LN_2_DIV_LN_10_SCALE100 - 1) / MBEDTLS_LN_2_DIV_LN_10_SCALE100) + 10 + 6 )
-
-/*
- * Define the base integer type, architecture-wise.
- *
- * 32 or 64-bit integer types can be forced regardless of the underlying
- * architecture by defining MBEDTLS_HAVE_INT32 or MBEDTLS_HAVE_INT64
- * respectively and undefining MBEDTLS_HAVE_ASM.
- *
- * Double-width integers (e.g. 128-bit in 64-bit architectures) can be
- * disabled by defining MBEDTLS_NO_UDBL_DIVISION.
- */
-#if !defined(MBEDTLS_HAVE_INT32)
-    #if defined(_MSC_VER) && defined(_M_AMD64)
-        /* Always choose 64-bit when using MSC */
-        #if !defined(MBEDTLS_HAVE_INT64)
-            #define MBEDTLS_HAVE_INT64
-        #endif /* !MBEDTLS_HAVE_INT64 */
-        typedef  int64_t mbedtls_mpi_sint;
-        typedef uint64_t mbedtls_mpi_uint;
-    #elif defined(__GNUC__) && (                         \
-        defined(__amd64__) || defined(__x86_64__)     || \
-        defined(__ppc64__) || defined(__powerpc64__)  || \
-        defined(__ia64__)  || defined(__alpha__)      || \
-        ( defined(__sparc__) && defined(__arch64__) ) || \
-        defined(__s390x__) || defined(__mips64)       || \
-        defined(__aarch64__) )
-        #if !defined(MBEDTLS_HAVE_INT64)
-            #define MBEDTLS_HAVE_INT64
-        #endif /* MBEDTLS_HAVE_INT64 */
-        typedef  int64_t mbedtls_mpi_sint;
-        typedef uint64_t mbedtls_mpi_uint;
-        #if !defined(MBEDTLS_NO_UDBL_DIVISION)
-            /* mbedtls_t_udbl defined as 128-bit unsigned int */
-            typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI)));
-            #define MBEDTLS_HAVE_UDBL
-        #endif /* !MBEDTLS_NO_UDBL_DIVISION */
-    #elif defined(__ARMCC_VERSION) && defined(__aarch64__)
-        /*
-         * __ARMCC_VERSION is defined for both armcc and armclang and
-         * __aarch64__ is only defined by armclang when compiling 64-bit code
-         */
-        #if !defined(MBEDTLS_HAVE_INT64)
-            #define MBEDTLS_HAVE_INT64
-        #endif /* !MBEDTLS_HAVE_INT64 */
-        typedef  int64_t mbedtls_mpi_sint;
-        typedef uint64_t mbedtls_mpi_uint;
-        #if !defined(MBEDTLS_NO_UDBL_DIVISION)
-            /* mbedtls_t_udbl defined as 128-bit unsigned int */
-            typedef __uint128_t mbedtls_t_udbl;
-            #define MBEDTLS_HAVE_UDBL
-        #endif /* !MBEDTLS_NO_UDBL_DIVISION */
-    #elif defined(MBEDTLS_HAVE_INT64)
-        /* Force 64-bit integers with unknown compiler */
-        typedef  int64_t mbedtls_mpi_sint;
-        typedef uint64_t mbedtls_mpi_uint;
-    #endif
-#endif /* !MBEDTLS_HAVE_INT32 */
-
-#if !defined(MBEDTLS_HAVE_INT64)
-    /* Default to 32-bit compilation */
-    #if !defined(MBEDTLS_HAVE_INT32)
-        #define MBEDTLS_HAVE_INT32
-    #endif /* !MBEDTLS_HAVE_INT32 */
-    typedef  int32_t mbedtls_mpi_sint;
-    typedef uint32_t mbedtls_mpi_uint;
-    #if !defined(MBEDTLS_NO_UDBL_DIVISION)
-        typedef uint64_t mbedtls_t_udbl;
-        #define MBEDTLS_HAVE_UDBL
-    #endif /* !MBEDTLS_NO_UDBL_DIVISION */
-#endif /* !MBEDTLS_HAVE_INT64 */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief          MPI structure
- */
-typedef struct mbedtls_mpi
-{
-    int s;              /*!<  Sign: -1 if the mpi is negative, 1 otherwise */
-    size_t n;           /*!<  total # of limbs  */
-    mbedtls_mpi_uint *p;          /*!<  pointer to limbs  */
-}
-mbedtls_mpi;
-
-/**
- * \brief           Initialize an MPI context.
- *
- *                  This makes the MPI ready to be set or freed,
- *                  but does not define a value for the MPI.
- *
- * \param X         The MPI context to initialize. This must not be \c NULL.
- */
-void mbedtls_mpi_init( mbedtls_mpi *X );
-
-/**
- * \brief          This function frees the components of an MPI context.
- *
- * \param X        The MPI context to be cleared. This may be \c NULL,
- *                 in which case this function is a no-op. If it is
- *                 not \c NULL, it must point to an initialized MPI.
- */
-void mbedtls_mpi_free( mbedtls_mpi *X );
-
-/**
- * \brief          Enlarge an MPI to the specified number of limbs.
- *
- * \note           This function does nothing if the MPI is
- *                 already large enough.
- *
- * \param X        The MPI to grow. It must be initialized.
- * \param nblimbs  The target number of limbs.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
- * \return         Another negative error code on other kinds of failure.
- */
-int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs );
-
-/**
- * \brief          This function resizes an MPI downwards, keeping at least the
- *                 specified number of limbs.
- *
- *                 If \c X is smaller than \c nblimbs, it is resized up
- *                 instead.
- *
- * \param X        The MPI to shrink. This must point to an initialized MPI.
- * \param nblimbs  The minimum number of limbs to keep.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
- *                 (this can only happen when resizing up).
- * \return         Another negative error code on other kinds of failure.
- */
-int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs );
-
-/**
- * \brief          Make a copy of an MPI.
- *
- * \param X        The destination MPI. This must point to an initialized MPI.
- * \param Y        The source MPI. This must point to an initialized MPI.
- *
- * \note           The limb-buffer in the destination MPI is enlarged
- *                 if necessary to hold the value in the source MPI.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
- * \return         Another negative error code on other kinds of failure.
- */
-int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y );
-
-/**
- * \brief          Swap the contents of two MPIs.
- *
- * \param X        The first MPI. It must be initialized.
- * \param Y        The second MPI. It must be initialized.
- */
-void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y );
-
-/**
- * \brief          Perform a safe conditional copy of MPI which doesn't
- *                 reveal whether the condition was true or not.
- *
- * \param X        The MPI to conditionally assign to. This must point
- *                 to an initialized MPI.
- * \param Y        The MPI to be assigned from. This must point to an
- *                 initialized MPI.
- * \param assign   The condition deciding whether to perform the
- *                 assignment or not. Possible values:
- *                 * \c 1: Perform the assignment `X = Y`.
- *                 * \c 0: Keep the original value of \p X.
- *
- * \note           This function is equivalent to
- *                      `if( assign ) mbedtls_mpi_copy( X, Y );`
- *                 except that it avoids leaking any information about whether
- *                 the assignment was done or not (the above code may leak
- *                 information through branch prediction and/or memory access
- *                 patterns analysis).
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
- * \return         Another negative error code on other kinds of failure.
- */
-int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign );
-
-/**
- * \brief          Perform a safe conditional swap which doesn't
- *                 reveal whether the condition was true or not.
- *
- * \param X        The first MPI. This must be initialized.
- * \param Y        The second MPI. This must be initialized.
- * \param assign   The condition deciding whether to perform
- *                 the swap or not. Possible values:
- *                 * \c 1: Swap the values of \p X and \p Y.
- *                 * \c 0: Keep the original values of \p X and \p Y.
- *
- * \note           This function is equivalent to
- *                      if( assign ) mbedtls_mpi_swap( X, Y );
- *                 except that it avoids leaking any information about whether
- *                 the assignment was done or not (the above code may leak
- *                 information through branch prediction and/or memory access
- *                 patterns analysis).
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
- * \return         Another negative error code on other kinds of failure.
- *
- */
-int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char assign );
-
-/**
- * \brief          Store integer value in MPI.
- *
- * \param X        The MPI to set. This must be initialized.
- * \param z        The value to use.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
- * \return         Another negative error code on other kinds of failure.
- */
-int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z );
-
-/**
- * \brief          Get a specific bit from an MPI.
- *
- * \param X        The MPI to query. This must be initialized.
- * \param pos      Zero-based index of the bit to query.
- *
- * \return         \c 0 or \c 1 on success, depending on whether bit \c pos
- *                 of \c X is unset or set.
- * \return         A negative error code on failure.
- */
-int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos );
-
-/**
- * \brief          Modify a specific bit in an MPI.
- *
- * \note           This function will grow the target MPI if necessary to set a
- *                 bit to \c 1 in a not yet existing limb. It will not grow if
- *                 the bit should be set to \c 0.
- *
- * \param X        The MPI to modify. This must be initialized.
- * \param pos      Zero-based index of the bit to modify.
- * \param val      The desired value of bit \c pos: \c 0 or \c 1.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
- * \return         Another negative error code on other kinds of failure.
- */
-int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val );
-
-/**
- * \brief          Return the number of bits of value \c 0 before the
- *                 least significant bit of value \c 1.
- *
- * \note           This is the same as the zero-based index of
- *                 the least significant bit of value \c 1.
- *
- * \param X        The MPI to query.
- *
- * \return         The number of bits of value \c 0 before the least significant
- *                 bit of value \c 1 in \p X.
- */
-size_t mbedtls_mpi_lsb( const mbedtls_mpi *X );
-
-/**
- * \brief          Return the number of bits up to and including the most
- *                 significant bit of value \c 1.
- *
- * * \note         This is same as the one-based index of the most
- *                 significant bit of value \c 1.
- *
- * \param X        The MPI to query. This must point to an initialized MPI.
- *
- * \return         The number of bits up to and including the most
- *                 significant bit of value \c 1.
- */
-size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X );
-
-/**
- * \brief          Return the total size of an MPI value in bytes.
- *
- * \param X        The MPI to use. This must point to an initialized MPI.
- *
- * \note           The value returned by this function may be less than
- *                 the number of bytes used to store \p X internally.
- *                 This happens if and only if there are trailing bytes
- *                 of value zero.
- *
- * \return         The least number of bytes capable of storing
- *                 the absolute value of \p X.
- */
-size_t mbedtls_mpi_size( const mbedtls_mpi *X );
-
-/**
- * \brief          Import an MPI from an ASCII string.
- *
- * \param X        The destination MPI. This must point to an initialized MPI.
- * \param radix    The numeric base of the input string.
- * \param s        Null-terminated string buffer.
- *
- * \return         \c 0 if successful.
- * \return         A negative error code on failure.
- */
-int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s );
-
-/**
- * \brief          Export an MPI to an ASCII string.
- *
- * \param X        The source MPI. This must point to an initialized MPI.
- * \param radix    The numeric base of the output string.
- * \param buf      The buffer to write the string to. This must be writable
- *                 buffer of length \p buflen Bytes.
- * \param buflen   The available size in Bytes of \p buf.
- * \param olen     The address at which to store the length of the string
- *                 written, including the  final \c NULL byte. This must
- *                 not be \c NULL.
- *
- * \note           You can call this function with `buflen == 0` to obtain the
- *                 minimum required buffer size in `*olen`.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if the target buffer \p buf
- *                 is too small to hold the value of \p X in the desired base.
- *                 In this case, `*olen` is nonetheless updated to contain the
- *                 size of \p buf required for a successful call.
- * \return         Another negative error code on different kinds of failure.
- */
-int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix,
-                              char *buf, size_t buflen, size_t *olen );
-
-#if defined(MBEDTLS_FS_IO)
-/**
- * \brief          Read an MPI from a line in an opened file.
- *
- * \param X        The destination MPI. This must point to an initialized MPI.
- * \param radix    The numeric base of the string representation used
- *                 in the source line.
- * \param fin      The input file handle to use. This must not be \c NULL.
- *
- * \note           On success, this function advances the file stream
- *                 to the end of the current line or to EOF.
- *
- *                 The function returns \c 0 on an empty line.
- *
- *                 Leading whitespaces are ignored, as is a
- *                 '0x' prefix for radix \c 16.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if the file read buffer
- *                 is too small.
- * \return         Another negative error code on failure.
- */
-int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin );
-
-/**
- * \brief          Export an MPI into an opened file.
- *
- * \param p        A string prefix to emit prior to the MPI data.
- *                 For example, this might be a label, or "0x" when
- *                 printing in base \c 16. This may be \c NULL if no prefix
- *                 is needed.
- * \param X        The source MPI. This must point to an initialized MPI.
- * \param radix    The numeric base to be used in the emitted string.
- * \param fout     The output file handle. This may be \c NULL, in which case
- *                 the output is written to \c stdout.
- *
- * \return         \c 0 if successful.
- * \return         A negative error code on failure.
- */
-int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X,
-                            int radix, FILE *fout );
-#endif /* MBEDTLS_FS_IO */
-
-/**
- * \brief          Import an MPI from unsigned big endian binary data.
- *
- * \param X        The destination MPI. This must point to an initialized MPI.
- * \param buf      The input buffer. This must be a readable buffer of length
- *                 \p buflen Bytes.
- * \param buflen   The length of the input buffer \p p in Bytes.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
- * \return         Another negative error code on different kinds of failure.
- */
-int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf,
-                             size_t buflen );
-
-/**
- * \brief          Import X from unsigned binary data, little endian
- *
- * \param X        The destination MPI. This must point to an initialized MPI.
- * \param buf      The input buffer. This must be a readable buffer of length
- *                 \p buflen Bytes.
- * \param buflen   The length of the input buffer \p p in Bytes.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
- * \return         Another negative error code on different kinds of failure.
- */
-int mbedtls_mpi_read_binary_le( mbedtls_mpi *X,
-                                const unsigned char *buf, size_t buflen );
-
-/**
- * \brief          Export X into unsigned binary data, big endian.
- *                 Always fills the whole buffer, which will start with zeros
- *                 if the number is smaller.
- *
- * \param X        The source MPI. This must point to an initialized MPI.
- * \param buf      The output buffer. This must be a writable buffer of length
- *                 \p buflen Bytes.
- * \param buflen   The size of the output buffer \p buf in Bytes.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p buf isn't
- *                 large enough to hold the value of \p X.
- * \return         Another negative error code on different kinds of failure.
- */
-int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf,
-                              size_t buflen );
-
-/**
- * \brief          Export X into unsigned binary data, little endian.
- *                 Always fills the whole buffer, which will end with zeros
- *                 if the number is smaller.
- *
- * \param X        The source MPI. This must point to an initialized MPI.
- * \param buf      The output buffer. This must be a writable buffer of length
- *                 \p buflen Bytes.
- * \param buflen   The size of the output buffer \p buf in Bytes.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p buf isn't
- *                 large enough to hold the value of \p X.
- * \return         Another negative error code on different kinds of failure.
- */
-int mbedtls_mpi_write_binary_le( const mbedtls_mpi *X,
-                                 unsigned char *buf, size_t buflen );
-
-/**
- * \brief          Perform a left-shift on an MPI: X <<= count
- *
- * \param X        The MPI to shift. This must point to an initialized MPI.
- * \param count    The number of bits to shift by.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
- * \return         Another negative error code on different kinds of failure.
- */
-int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count );
-
-/**
- * \brief          Perform a right-shift on an MPI: X >>= count
- *
- * \param X        The MPI to shift. This must point to an initialized MPI.
- * \param count    The number of bits to shift by.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
- * \return         Another negative error code on different kinds of failure.
- */
-int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count );
-
-/**
- * \brief          Compare the absolute values of two MPIs.
- *
- * \param X        The left-hand MPI. This must point to an initialized MPI.
- * \param Y        The right-hand MPI. This must point to an initialized MPI.
- *
- * \return         \c 1 if `|X|` is greater than `|Y|`.
- * \return         \c -1 if `|X|` is lesser than `|Y|`.
- * \return         \c 0 if `|X|` is equal to `|Y|`.
- */
-int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y );
-
-/**
- * \brief          Compare two MPIs.
- *
- * \param X        The left-hand MPI. This must point to an initialized MPI.
- * \param Y        The right-hand MPI. This must point to an initialized MPI.
- *
- * \return         \c 1 if \p X is greater than \p Y.
- * \return         \c -1 if \p X is lesser than \p Y.
- * \return         \c 0 if \p X is equal to \p Y.
- */
-int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y );
-
-/**
- * \brief          Check if an MPI is less than the other in constant time.
- *
- * \param X        The left-hand MPI. This must point to an initialized MPI
- *                 with the same allocated length as Y.
- * \param Y        The right-hand MPI. This must point to an initialized MPI
- *                 with the same allocated length as X.
- * \param ret      The result of the comparison:
- *                 \c 1 if \p X is less than \p Y.
- *                 \c 0 if \p X is greater than or equal to \p Y.
- *
- * \return         0 on success.
- * \return         MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the allocated length of
- *                 the two input MPIs is not the same.
- */
-int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y,
-        unsigned *ret );
-
-/**
- * \brief          Compare an MPI with an integer.
- *
- * \param X        The left-hand MPI. This must point to an initialized MPI.
- * \param z        The integer value to compare \p X to.
- *
- * \return         \c 1 if \p X is greater than \p z.
- * \return         \c -1 if \p X is lesser than \p z.
- * \return         \c 0 if \p X is equal to \p z.
- */
-int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z );
-
-/**
- * \brief          Perform an unsigned addition of MPIs: X = |A| + |B|
- *
- * \param X        The destination MPI. This must point to an initialized MPI.
- * \param A        The first summand. This must point to an initialized MPI.
- * \param B        The second summand. This must point to an initialized MPI.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
- * \return         Another negative error code on different kinds of failure.
- */
-int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         const mbedtls_mpi *B );
-
-/**
- * \brief          Perform an unsigned subtraction of MPIs: X = |A| - |B|
- *
- * \param X        The destination MPI. This must point to an initialized MPI.
- * \param A        The minuend. This must point to an initialized MPI.
- * \param B        The subtrahend. This must point to an initialized MPI.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p B is greater than \p A.
- * \return         Another negative error code on different kinds of failure.
- *
- */
-int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         const mbedtls_mpi *B );
-
-/**
- * \brief          Perform a signed addition of MPIs: X = A + B
- *
- * \param X        The destination MPI. This must point to an initialized MPI.
- * \param A        The first summand. This must point to an initialized MPI.
- * \param B        The second summand. This must point to an initialized MPI.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
- * \return         Another negative error code on different kinds of failure.
- */
-int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         const mbedtls_mpi *B );
-
-/**
- * \brief          Perform a signed subtraction of MPIs: X = A - B
- *
- * \param X        The destination MPI. This must point to an initialized MPI.
- * \param A        The minuend. This must point to an initialized MPI.
- * \param B        The subtrahend. This must point to an initialized MPI.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
- * \return         Another negative error code on different kinds of failure.
- */
-int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         const mbedtls_mpi *B );
-
-/**
- * \brief          Perform a signed addition of an MPI and an integer: X = A + b
- *
- * \param X        The destination MPI. This must point to an initialized MPI.
- * \param A        The first summand. This must point to an initialized MPI.
- * \param b        The second summand.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
- * \return         Another negative error code on different kinds of failure.
- */
-int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         mbedtls_mpi_sint b );
-
-/**
- * \brief          Perform a signed subtraction of an MPI and an integer:
- *                 X = A - b
- *
- * \param X        The destination MPI. This must point to an initialized MPI.
- * \param A        The minuend. This must point to an initialized MPI.
- * \param b        The subtrahend.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
- * \return         Another negative error code on different kinds of failure.
- */
-int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         mbedtls_mpi_sint b );
-
-/**
- * \brief          Perform a multiplication of two MPIs: X = A * B
- *
- * \param X        The destination MPI. This must point to an initialized MPI.
- * \param A        The first factor. This must point to an initialized MPI.
- * \param B        The second factor. This must point to an initialized MPI.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
- * \return         Another negative error code on different kinds of failure.
- *
- */
-int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         const mbedtls_mpi *B );
-
-/**
- * \brief          Perform a multiplication of an MPI with an unsigned integer:
- *                 X = A * b
- *
- * \param X        The destination MPI. This must point to an initialized MPI.
- * \param A        The first factor. This must point to an initialized MPI.
- * \param b        The second factor.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
- * \return         Another negative error code on different kinds of failure.
- *
- */
-int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         mbedtls_mpi_uint b );
-
-/**
- * \brief          Perform a division with remainder of two MPIs:
- *                 A = Q * B + R
- *
- * \param Q        The destination MPI for the quotient.
- *                 This may be \c NULL if the value of the
- *                 quotient is not needed.
- * \param R        The destination MPI for the remainder value.
- *                 This may be \c NULL if the value of the
- *                 remainder is not needed.
- * \param A        The dividend. This must point to an initialized MPi.
- * \param B        The divisor. This must point to an initialized MPI.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
- * \return         #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p B equals zero.
- * \return         Another negative error code on different kinds of failure.
- */
-int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
-                         const mbedtls_mpi *B );
-
-/**
- * \brief          Perform a division with remainder of an MPI by an integer:
- *                 A = Q * b + R
- *
- * \param Q        The destination MPI for the quotient.
- *                 This may be \c NULL if the value of the
- *                 quotient is not needed.
- * \param R        The destination MPI for the remainder value.
- *                 This may be \c NULL if the value of the
- *                 remainder is not needed.
- * \param A        The dividend. This must point to an initialized MPi.
- * \param b        The divisor.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
- * \return         #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p b equals zero.
- * \return         Another negative error code on different kinds of failure.
- */
-int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
-                         mbedtls_mpi_sint b );
-
-/**
- * \brief          Perform a modular reduction. R = A mod B
- *
- * \param R        The destination MPI for the residue value.
- *                 This must point to an initialized MPI.
- * \param A        The MPI to compute the residue of.
- *                 This must point to an initialized MPI.
- * \param B        The base of the modular reduction.
- *                 This must point to an initialized MPI.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
- * \return         #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p B equals zero.
- * \return         #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p B is negative.
- * \return         Another negative error code on different kinds of failure.
- *
- */
-int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A,
-                         const mbedtls_mpi *B );
-
-/**
- * \brief          Perform a modular reduction with respect to an integer.
- *                 r = A mod b
- *
- * \param r        The address at which to store the residue.
- *                 This must not be \c NULL.
- * \param A        The MPI to compute the residue of.
- *                 This must point to an initialized MPi.
- * \param b        The integer base of the modular reduction.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
- * \return         #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p b equals zero.
- * \return         #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p b is negative.
- * \return         Another negative error code on different kinds of failure.
- */
-int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A,
-                         mbedtls_mpi_sint b );
-
-/**
- * \brief          Perform a sliding-window exponentiation: X = A^E mod N
- *
- * \param X        The destination MPI. This must point to an initialized MPI.
- * \param A        The base of the exponentiation.
- *                 This must point to an initialized MPI.
- * \param E        The exponent MPI. This must point to an initialized MPI.
- * \param N        The base for the modular reduction. This must point to an
- *                 initialized MPI.
- * \param _RR      A helper MPI depending solely on \p N which can be used to
- *                 speed-up multiple modular exponentiations for the same value
- *                 of \p N. This may be \c NULL. If it is not \c NULL, it must
- *                 point to an initialized MPI. If it hasn't been used after
- *                 the call to mbedtls_mpi_init(), this function will compute
- *                 the helper value and store it in \p _RR for reuse on
- *                 subsequent calls to this function. Otherwise, the function
- *                 will assume that \p _RR holds the helper value set by a
- *                 previous call to mbedtls_mpi_exp_mod(), and reuse it.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
- * \return         #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \c N is negative or
- *                 even, or if \c E is negative.
- * \return         Another negative error code on different kinds of failures.
- *
- */
-int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         const mbedtls_mpi *E, const mbedtls_mpi *N,
-                         mbedtls_mpi *_RR );
-
-/**
- * \brief          Fill an MPI with a number of random bytes.
- *
- * \param X        The destination MPI. This must point to an initialized MPI.
- * \param size     The number of random bytes to generate.
- * \param f_rng    The RNG function to use. This must not be \c NULL.
- * \param p_rng    The RNG parameter to be passed to \p f_rng. This may be
- *                 \c NULL if \p f_rng doesn't need a context argument.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
- * \return         Another negative error code on failure.
- *
- * \note           The bytes obtained from the RNG are interpreted
- *                 as a big-endian representation of an MPI; this can
- *                 be relevant in applications like deterministic ECDSA.
- */
-int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size,
-                     int (*f_rng)(void *, unsigned char *, size_t),
-                     void *p_rng );
-
-/**
- * \brief          Compute the greatest common divisor: G = gcd(A, B)
- *
- * \param G        The destination MPI. This must point to an initialized MPI.
- * \param A        The first operand. This must point to an initialized MPI.
- * \param B        The second operand. This must point to an initialized MPI.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
- * \return         Another negative error code on different kinds of failure.
- */
-int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A,
-                     const mbedtls_mpi *B );
-
-/**
- * \brief          Compute the modular inverse: X = A^-1 mod N
- *
- * \param X        The destination MPI. This must point to an initialized MPI.
- * \param A        The MPI to calculate the modular inverse of. This must point
- *                 to an initialized MPI.
- * \param N        The base of the modular inversion. This must point to an
- *                 initialized MPI.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
- * \return         #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p N is less than
- *                 or equal to one.
- * \return         #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p has no modular inverse
- *                 with respect to \p N.
- */
-int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         const mbedtls_mpi *N );
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-#if defined(MBEDTLS_DEPRECATED_WARNING)
-#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
-#else
-#define MBEDTLS_DEPRECATED
-#endif
-/**
- * \brief          Perform a Miller-Rabin primality test with error
- *                 probability of 2<sup>-80</sup>.
- *
- * \deprecated     Superseded by mbedtls_mpi_is_prime_ext() which allows
- *                 specifying the number of Miller-Rabin rounds.
- *
- * \param X        The MPI to check for primality.
- *                 This must point to an initialized MPI.
- * \param f_rng    The RNG function to use. This must not be \c NULL.
- * \param p_rng    The RNG parameter to be passed to \p f_rng.
- *                 This may be \c NULL if \p f_rng doesn't use a
- *                 context parameter.
- *
- * \return         \c 0 if successful, i.e. \p X is probably prime.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
- * \return         #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime.
- * \return         Another negative error code on other kinds of failure.
- */
-MBEDTLS_DEPRECATED int mbedtls_mpi_is_prime( const mbedtls_mpi *X,
-                          int (*f_rng)(void *, unsigned char *, size_t),
-                          void *p_rng );
-#undef MBEDTLS_DEPRECATED
-#endif /* !MBEDTLS_DEPRECATED_REMOVED */
-
-/**
- * \brief          Miller-Rabin primality test.
- *
- * \warning        If \p X is potentially generated by an adversary, for example
- *                 when validating cryptographic parameters that you didn't
- *                 generate yourself and that are supposed to be prime, then
- *                 \p rounds should be at least the half of the security
- *                 strength of the cryptographic algorithm. On the other hand,
- *                 if \p X is chosen uniformly or non-adversially (as is the
- *                 case when mbedtls_mpi_gen_prime calls this function), then
- *                 \p rounds can be much lower.
- *
- * \param X        The MPI to check for primality.
- *                 This must point to an initialized MPI.
- * \param rounds   The number of bases to perform the Miller-Rabin primality
- *                 test for. The probability of returning 0 on a composite is
- *                 at most 2<sup>-2*\p rounds</sup>.
- * \param f_rng    The RNG function to use. This must not be \c NULL.
- * \param p_rng    The RNG parameter to be passed to \p f_rng.
- *                 This may be \c NULL if \p f_rng doesn't use
- *                 a context parameter.
- *
- * \return         \c 0 if successful, i.e. \p X is probably prime.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
- * \return         #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime.
- * \return         Another negative error code on other kinds of failure.
- */
-int mbedtls_mpi_is_prime_ext( const mbedtls_mpi *X, int rounds,
-                              int (*f_rng)(void *, unsigned char *, size_t),
-                              void *p_rng );
-/**
- * \brief Flags for mbedtls_mpi_gen_prime()
- *
- * Each of these flags is a constraint on the result X returned by
- * mbedtls_mpi_gen_prime().
- */
-typedef enum {
-    MBEDTLS_MPI_GEN_PRIME_FLAG_DH =      0x0001, /**< (X-1)/2 is prime too */
-    MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR = 0x0002, /**< lower error rate from 2<sup>-80</sup> to 2<sup>-128</sup> */
-} mbedtls_mpi_gen_prime_flag_t;
-
-/**
- * \brief          Generate a prime number.
- *
- * \param X        The destination MPI to store the generated prime in.
- *                 This must point to an initialized MPi.
- * \param nbits    The required size of the destination MPI in bits.
- *                 This must be between \c 3 and #MBEDTLS_MPI_MAX_BITS.
- * \param flags    A mask of flags of type #mbedtls_mpi_gen_prime_flag_t.
- * \param f_rng    The RNG function to use. This must not be \c NULL.
- * \param p_rng    The RNG parameter to be passed to \p f_rng.
- *                 This may be \c NULL if \p f_rng doesn't use
- *                 a context parameter.
- *
- * \return         \c 0 if successful, in which case \p X holds a
- *                 probably prime number.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
- * \return         #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if `nbits` is not between
- *                 \c 3 and #MBEDTLS_MPI_MAX_BITS.
- */
-int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags,
-                   int (*f_rng)(void *, unsigned char *, size_t),
-                   void *p_rng );
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/**
- * \brief          Checkup routine
- *
- * \return         0 if successful, or 1 if the test failed
- */
-int mbedtls_mpi_self_test( int verbose );
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* bignum.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/cipher.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/cipher.h
deleted file mode 100644
index 1cafa6e..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/cipher.h
+++ /dev/null
@@ -1,1094 +0,0 @@
-/**
- * \file cipher.h
- *
- * \brief This file contains an abstraction interface for use with the cipher
- * primitives provided by the library. It provides a common interface to all of
- * the available cipher operations.
- *
- * \author Adriaan de Jong <dejong@fox-it.com>
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef MBEDTLS_CIPHER_H
-#define MBEDTLS_CIPHER_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-#include "mbedtls/platform_util.h"
-
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
-#define MBEDTLS_CIPHER_MODE_AEAD
-#endif
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-#define MBEDTLS_CIPHER_MODE_WITH_PADDING
-#endif
-
-#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) || \
-    defined(MBEDTLS_CHACHA20_C)
-#define MBEDTLS_CIPHER_MODE_STREAM
-#endif
-
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
-    !defined(inline) && !defined(__cplusplus)
-#define inline __inline
-#endif
-
-#define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE  -0x6080  /**< The selected feature is not available. */
-#define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA       -0x6100  /**< Bad input parameters. */
-#define MBEDTLS_ERR_CIPHER_ALLOC_FAILED         -0x6180  /**< Failed to allocate memory. */
-#define MBEDTLS_ERR_CIPHER_INVALID_PADDING      -0x6200  /**< Input data contains invalid padding and is rejected. */
-#define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED  -0x6280  /**< Decryption of block requires a full block. */
-#define MBEDTLS_ERR_CIPHER_AUTH_FAILED          -0x6300  /**< Authentication failed (for AEAD modes). */
-#define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT      -0x6380  /**< The context is invalid. For example, because it was freed. */
-
-/* MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED      -0x6400  /**< Cipher hardware accelerator failed. */
-
-#define MBEDTLS_CIPHER_VARIABLE_IV_LEN     0x01    /**< Cipher accepts IVs of variable length. */
-#define MBEDTLS_CIPHER_VARIABLE_KEY_LEN    0x02    /**< Cipher accepts keys of variable length. */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief     Supported cipher types.
- *
- * \warning   RC4 and DES are considered weak ciphers and their use
- *            constitutes a security risk. Arm recommends considering stronger
- *            ciphers instead.
- */
-typedef enum {
-    MBEDTLS_CIPHER_ID_NONE = 0,  /**< Placeholder to mark the end of cipher ID lists. */
-    MBEDTLS_CIPHER_ID_NULL,      /**< The identity cipher, treated as a stream cipher. */
-    MBEDTLS_CIPHER_ID_AES,       /**< The AES cipher. */
-    MBEDTLS_CIPHER_ID_DES,       /**< The DES cipher. */
-    MBEDTLS_CIPHER_ID_3DES,      /**< The Triple DES cipher. */
-    MBEDTLS_CIPHER_ID_CAMELLIA,  /**< The Camellia cipher. */
-    MBEDTLS_CIPHER_ID_BLOWFISH,  /**< The Blowfish cipher. */
-    MBEDTLS_CIPHER_ID_ARC4,      /**< The RC4 cipher. */
-    MBEDTLS_CIPHER_ID_ARIA,      /**< The Aria cipher. */
-    MBEDTLS_CIPHER_ID_CHACHA20,  /**< The ChaCha20 cipher. */
-} mbedtls_cipher_id_t;
-
-/**
- * \brief     Supported {cipher type, cipher mode} pairs.
- *
- * \warning   RC4 and DES are considered weak ciphers and their use
- *            constitutes a security risk. Arm recommends considering stronger
- *            ciphers instead.
- */
-typedef enum {
-    MBEDTLS_CIPHER_NONE = 0,             /**< Placeholder to mark the end of cipher-pair lists. */
-    MBEDTLS_CIPHER_NULL,                 /**< The identity stream cipher. */
-    MBEDTLS_CIPHER_AES_128_ECB,          /**< AES cipher with 128-bit ECB mode. */
-    MBEDTLS_CIPHER_AES_192_ECB,          /**< AES cipher with 192-bit ECB mode. */
-    MBEDTLS_CIPHER_AES_256_ECB,          /**< AES cipher with 256-bit ECB mode. */
-    MBEDTLS_CIPHER_AES_128_CBC,          /**< AES cipher with 128-bit CBC mode. */
-    MBEDTLS_CIPHER_AES_192_CBC,          /**< AES cipher with 192-bit CBC mode. */
-    MBEDTLS_CIPHER_AES_256_CBC,          /**< AES cipher with 256-bit CBC mode. */
-    MBEDTLS_CIPHER_AES_128_CFB128,       /**< AES cipher with 128-bit CFB128 mode. */
-    MBEDTLS_CIPHER_AES_192_CFB128,       /**< AES cipher with 192-bit CFB128 mode. */
-    MBEDTLS_CIPHER_AES_256_CFB128,       /**< AES cipher with 256-bit CFB128 mode. */
-    MBEDTLS_CIPHER_AES_128_CTR,          /**< AES cipher with 128-bit CTR mode. */
-    MBEDTLS_CIPHER_AES_192_CTR,          /**< AES cipher with 192-bit CTR mode. */
-    MBEDTLS_CIPHER_AES_256_CTR,          /**< AES cipher with 256-bit CTR mode. */
-    MBEDTLS_CIPHER_AES_128_GCM,          /**< AES cipher with 128-bit GCM mode. */
-    MBEDTLS_CIPHER_AES_192_GCM,          /**< AES cipher with 192-bit GCM mode. */
-    MBEDTLS_CIPHER_AES_256_GCM,          /**< AES cipher with 256-bit GCM mode. */
-    MBEDTLS_CIPHER_CAMELLIA_128_ECB,     /**< Camellia cipher with 128-bit ECB mode. */
-    MBEDTLS_CIPHER_CAMELLIA_192_ECB,     /**< Camellia cipher with 192-bit ECB mode. */
-    MBEDTLS_CIPHER_CAMELLIA_256_ECB,     /**< Camellia cipher with 256-bit ECB mode. */
-    MBEDTLS_CIPHER_CAMELLIA_128_CBC,     /**< Camellia cipher with 128-bit CBC mode. */
-    MBEDTLS_CIPHER_CAMELLIA_192_CBC,     /**< Camellia cipher with 192-bit CBC mode. */
-    MBEDTLS_CIPHER_CAMELLIA_256_CBC,     /**< Camellia cipher with 256-bit CBC mode. */
-    MBEDTLS_CIPHER_CAMELLIA_128_CFB128,  /**< Camellia cipher with 128-bit CFB128 mode. */
-    MBEDTLS_CIPHER_CAMELLIA_192_CFB128,  /**< Camellia cipher with 192-bit CFB128 mode. */
-    MBEDTLS_CIPHER_CAMELLIA_256_CFB128,  /**< Camellia cipher with 256-bit CFB128 mode. */
-    MBEDTLS_CIPHER_CAMELLIA_128_CTR,     /**< Camellia cipher with 128-bit CTR mode. */
-    MBEDTLS_CIPHER_CAMELLIA_192_CTR,     /**< Camellia cipher with 192-bit CTR mode. */
-    MBEDTLS_CIPHER_CAMELLIA_256_CTR,     /**< Camellia cipher with 256-bit CTR mode. */
-    MBEDTLS_CIPHER_CAMELLIA_128_GCM,     /**< Camellia cipher with 128-bit GCM mode. */
-    MBEDTLS_CIPHER_CAMELLIA_192_GCM,     /**< Camellia cipher with 192-bit GCM mode. */
-    MBEDTLS_CIPHER_CAMELLIA_256_GCM,     /**< Camellia cipher with 256-bit GCM mode. */
-    MBEDTLS_CIPHER_DES_ECB,              /**< DES cipher with ECB mode. */
-    MBEDTLS_CIPHER_DES_CBC,              /**< DES cipher with CBC mode. */
-    MBEDTLS_CIPHER_DES_EDE_ECB,          /**< DES cipher with EDE ECB mode. */
-    MBEDTLS_CIPHER_DES_EDE_CBC,          /**< DES cipher with EDE CBC mode. */
-    MBEDTLS_CIPHER_DES_EDE3_ECB,         /**< DES cipher with EDE3 ECB mode. */
-    MBEDTLS_CIPHER_DES_EDE3_CBC,         /**< DES cipher with EDE3 CBC mode. */
-    MBEDTLS_CIPHER_BLOWFISH_ECB,         /**< Blowfish cipher with ECB mode. */
-    MBEDTLS_CIPHER_BLOWFISH_CBC,         /**< Blowfish cipher with CBC mode. */
-    MBEDTLS_CIPHER_BLOWFISH_CFB64,       /**< Blowfish cipher with CFB64 mode. */
-    MBEDTLS_CIPHER_BLOWFISH_CTR,         /**< Blowfish cipher with CTR mode. */
-    MBEDTLS_CIPHER_ARC4_128,             /**< RC4 cipher with 128-bit mode. */
-    MBEDTLS_CIPHER_AES_128_CCM,          /**< AES cipher with 128-bit CCM mode. */
-    MBEDTLS_CIPHER_AES_192_CCM,          /**< AES cipher with 192-bit CCM mode. */
-    MBEDTLS_CIPHER_AES_256_CCM,          /**< AES cipher with 256-bit CCM mode. */
-    MBEDTLS_CIPHER_CAMELLIA_128_CCM,     /**< Camellia cipher with 128-bit CCM mode. */
-    MBEDTLS_CIPHER_CAMELLIA_192_CCM,     /**< Camellia cipher with 192-bit CCM mode. */
-    MBEDTLS_CIPHER_CAMELLIA_256_CCM,     /**< Camellia cipher with 256-bit CCM mode. */
-    MBEDTLS_CIPHER_ARIA_128_ECB,         /**< Aria cipher with 128-bit key and ECB mode. */
-    MBEDTLS_CIPHER_ARIA_192_ECB,         /**< Aria cipher with 192-bit key and ECB mode. */
-    MBEDTLS_CIPHER_ARIA_256_ECB,         /**< Aria cipher with 256-bit key and ECB mode. */
-    MBEDTLS_CIPHER_ARIA_128_CBC,         /**< Aria cipher with 128-bit key and CBC mode. */
-    MBEDTLS_CIPHER_ARIA_192_CBC,         /**< Aria cipher with 192-bit key and CBC mode. */
-    MBEDTLS_CIPHER_ARIA_256_CBC,         /**< Aria cipher with 256-bit key and CBC mode. */
-    MBEDTLS_CIPHER_ARIA_128_CFB128,      /**< Aria cipher with 128-bit key and CFB-128 mode. */
-    MBEDTLS_CIPHER_ARIA_192_CFB128,      /**< Aria cipher with 192-bit key and CFB-128 mode. */
-    MBEDTLS_CIPHER_ARIA_256_CFB128,      /**< Aria cipher with 256-bit key and CFB-128 mode. */
-    MBEDTLS_CIPHER_ARIA_128_CTR,         /**< Aria cipher with 128-bit key and CTR mode. */
-    MBEDTLS_CIPHER_ARIA_192_CTR,         /**< Aria cipher with 192-bit key and CTR mode. */
-    MBEDTLS_CIPHER_ARIA_256_CTR,         /**< Aria cipher with 256-bit key and CTR mode. */
-    MBEDTLS_CIPHER_ARIA_128_GCM,         /**< Aria cipher with 128-bit key and GCM mode. */
-    MBEDTLS_CIPHER_ARIA_192_GCM,         /**< Aria cipher with 192-bit key and GCM mode. */
-    MBEDTLS_CIPHER_ARIA_256_GCM,         /**< Aria cipher with 256-bit key and GCM mode. */
-    MBEDTLS_CIPHER_ARIA_128_CCM,         /**< Aria cipher with 128-bit key and CCM mode. */
-    MBEDTLS_CIPHER_ARIA_192_CCM,         /**< Aria cipher with 192-bit key and CCM mode. */
-    MBEDTLS_CIPHER_ARIA_256_CCM,         /**< Aria cipher with 256-bit key and CCM mode. */
-    MBEDTLS_CIPHER_AES_128_OFB,          /**< AES 128-bit cipher in OFB mode. */
-    MBEDTLS_CIPHER_AES_192_OFB,          /**< AES 192-bit cipher in OFB mode. */
-    MBEDTLS_CIPHER_AES_256_OFB,          /**< AES 256-bit cipher in OFB mode. */
-    MBEDTLS_CIPHER_AES_128_XTS,          /**< AES 128-bit cipher in XTS block mode. */
-    MBEDTLS_CIPHER_AES_256_XTS,          /**< AES 256-bit cipher in XTS block mode. */
-    MBEDTLS_CIPHER_CHACHA20,             /**< ChaCha20 stream cipher. */
-    MBEDTLS_CIPHER_CHACHA20_POLY1305,    /**< ChaCha20-Poly1305 AEAD cipher. */
-    MBEDTLS_CIPHER_AES_128_KW,           /**< AES cipher with 128-bit NIST KW mode. */
-    MBEDTLS_CIPHER_AES_192_KW,           /**< AES cipher with 192-bit NIST KW mode. */
-    MBEDTLS_CIPHER_AES_256_KW,           /**< AES cipher with 256-bit NIST KW mode. */
-    MBEDTLS_CIPHER_AES_128_KWP,          /**< AES cipher with 128-bit NIST KWP mode. */
-    MBEDTLS_CIPHER_AES_192_KWP,          /**< AES cipher with 192-bit NIST KWP mode. */
-    MBEDTLS_CIPHER_AES_256_KWP,          /**< AES cipher with 256-bit NIST KWP mode. */
-} mbedtls_cipher_type_t;
-
-/** Supported cipher modes. */
-typedef enum {
-    MBEDTLS_MODE_NONE = 0,               /**< None.                        */
-    MBEDTLS_MODE_ECB,                    /**< The ECB cipher mode.         */
-    MBEDTLS_MODE_CBC,                    /**< The CBC cipher mode.         */
-    MBEDTLS_MODE_CFB,                    /**< The CFB cipher mode.         */
-    MBEDTLS_MODE_OFB,                    /**< The OFB cipher mode.         */
-    MBEDTLS_MODE_CTR,                    /**< The CTR cipher mode.         */
-    MBEDTLS_MODE_GCM,                    /**< The GCM cipher mode.         */
-    MBEDTLS_MODE_STREAM,                 /**< The stream cipher mode.      */
-    MBEDTLS_MODE_CCM,                    /**< The CCM cipher mode.         */
-    MBEDTLS_MODE_XTS,                    /**< The XTS cipher mode.         */
-    MBEDTLS_MODE_CHACHAPOLY,             /**< The ChaCha-Poly cipher mode. */
-    MBEDTLS_MODE_KW,                     /**< The SP800-38F KW mode */
-    MBEDTLS_MODE_KWP,                    /**< The SP800-38F KWP mode */
-} mbedtls_cipher_mode_t;
-
-/** Supported cipher padding types. */
-typedef enum {
-    MBEDTLS_PADDING_PKCS7 = 0,     /**< PKCS7 padding (default).        */
-    MBEDTLS_PADDING_ONE_AND_ZEROS, /**< ISO/IEC 7816-4 padding.         */
-    MBEDTLS_PADDING_ZEROS_AND_LEN, /**< ANSI X.923 padding.             */
-    MBEDTLS_PADDING_ZEROS,         /**< Zero padding (not reversible). */
-    MBEDTLS_PADDING_NONE,          /**< Never pad (full blocks only).   */
-} mbedtls_cipher_padding_t;
-
-/** Type of operation. */
-typedef enum {
-    MBEDTLS_OPERATION_NONE = -1,
-    MBEDTLS_DECRYPT = 0,
-    MBEDTLS_ENCRYPT,
-} mbedtls_operation_t;
-
-enum {
-    /** Undefined key length. */
-    MBEDTLS_KEY_LENGTH_NONE = 0,
-    /** Key length, in bits (including parity), for DES keys. */
-    MBEDTLS_KEY_LENGTH_DES  = 64,
-    /** Key length in bits, including parity, for DES in two-key EDE. */
-    MBEDTLS_KEY_LENGTH_DES_EDE = 128,
-    /** Key length in bits, including parity, for DES in three-key EDE. */
-    MBEDTLS_KEY_LENGTH_DES_EDE3 = 192,
-};
-
-/** Maximum length of any IV, in Bytes. */
-/* This should ideally be derived automatically from list of ciphers.
- * This should be kept in sync with MBEDTLS_SSL_MAX_IV_LENGTH defined
- * in ssl_internal.h. */
-#define MBEDTLS_MAX_IV_LENGTH      16
-
-/** Maximum block size of any cipher, in Bytes. */
-/* This should ideally be derived automatically from list of ciphers.
- * This should be kept in sync with MBEDTLS_SSL_MAX_BLOCK_LENGTH defined
- * in ssl_internal.h. */
-#define MBEDTLS_MAX_BLOCK_LENGTH   16
-
-/** Maximum key length, in Bytes. */
-/* This should ideally be derived automatically from list of ciphers.
- * For now, only check whether XTS is enabled which uses 64 Byte keys,
- * and use 32 Bytes as an upper bound for the maximum key length otherwise.
- * This should be kept in sync with MBEDTLS_SSL_MAX_BLOCK_LENGTH defined
- * in ssl_internal.h, which however deliberately ignores the case of XTS
- * since the latter isn't used in SSL/TLS. */
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-#define MBEDTLS_MAX_KEY_LENGTH     64
-#else
-#define MBEDTLS_MAX_KEY_LENGTH     32
-#endif /* MBEDTLS_CIPHER_MODE_XTS */
-
-/**
- * Base cipher information (opaque struct).
- */
-typedef struct mbedtls_cipher_base_t mbedtls_cipher_base_t;
-
-/**
- * CMAC context (opaque struct).
- */
-typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t;
-
-/**
- * Cipher information. Allows calling cipher functions
- * in a generic way.
- */
-typedef struct mbedtls_cipher_info_t
-{
-    /** Full cipher identifier. For example,
-     * MBEDTLS_CIPHER_AES_256_CBC.
-     */
-    mbedtls_cipher_type_t type;
-
-    /** The cipher mode. For example, MBEDTLS_MODE_CBC. */
-    mbedtls_cipher_mode_t mode;
-
-    /** The cipher key length, in bits. This is the
-     * default length for variable sized ciphers.
-     * Includes parity bits for ciphers like DES.
-     */
-    unsigned int key_bitlen;
-
-    /** Name of the cipher. */
-    const char * name;
-
-    /** IV or nonce size, in Bytes.
-     * For ciphers that accept variable IV sizes,
-     * this is the recommended size.
-     */
-    unsigned int iv_size;
-
-    /** Bitflag comprised of MBEDTLS_CIPHER_VARIABLE_IV_LEN and
-     *  MBEDTLS_CIPHER_VARIABLE_KEY_LEN indicating whether the
-     *  cipher supports variable IV or variable key sizes, respectively.
-     */
-    int flags;
-
-    /** The block size, in Bytes. */
-    unsigned int block_size;
-
-    /** Struct for base cipher information and functions. */
-    const mbedtls_cipher_base_t *base;
-
-} mbedtls_cipher_info_t;
-
-/**
- * Generic cipher context.
- */
-typedef struct mbedtls_cipher_context_t
-{
-    /** Information about the associated cipher. */
-    const mbedtls_cipher_info_t *cipher_info;
-
-    /** Key length to use. */
-    int key_bitlen;
-
-    /** Operation that the key of the context has been
-     * initialized for.
-     */
-    mbedtls_operation_t operation;
-
-#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
-    /** Padding functions to use, if relevant for
-     * the specific cipher mode.
-     */
-    void (*add_padding)( unsigned char *output, size_t olen, size_t data_len );
-    int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len );
-#endif
-
-    /** Buffer for input that has not been processed yet. */
-    unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH];
-
-    /** Number of Bytes that have not been processed yet. */
-    size_t unprocessed_len;
-
-    /** Current IV or NONCE_COUNTER for CTR-mode, data unit (or sector) number
-     * for XTS-mode. */
-    unsigned char iv[MBEDTLS_MAX_IV_LENGTH];
-
-    /** IV size in Bytes, for ciphers with variable-length IVs. */
-    size_t iv_size;
-
-    /** The cipher-specific context. */
-    void *cipher_ctx;
-
-#if defined(MBEDTLS_CMAC_C)
-    /** CMAC-specific context. */
-    mbedtls_cmac_context_t *cmac_ctx;
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    /** Indicates whether the cipher operations should be performed
-     *  by Mbed TLS' own crypto library or an external implementation
-     *  of the PSA Crypto API.
-     *  This is unset if the cipher context was established through
-     *  mbedtls_cipher_setup(), and set if it was established through
-     *  mbedtls_cipher_setup_psa().
-     */
-    unsigned char psa_enabled;
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-} mbedtls_cipher_context_t;
-
-/**
- * \brief This function retrieves the list of ciphers supported
- *        by the generic cipher module.
- *
- *        For any cipher identifier in the returned list, you can
- *        obtain the corresponding generic cipher information structure
- *        via mbedtls_cipher_info_from_type(), which can then be used
- *        to prepare a cipher context via mbedtls_cipher_setup().
- *
- *
- * \return      A statically-allocated array of cipher identifiers
- *              of type cipher_type_t. The last entry is zero.
- */
-const int *mbedtls_cipher_list( void );
-
-/**
- * \brief               This function retrieves the cipher-information
- *                      structure associated with the given cipher name.
- *
- * \param cipher_name   Name of the cipher to search for. This must not be
- *                      \c NULL.
- *
- * \return              The cipher information structure associated with the
- *                      given \p cipher_name.
- * \return              \c NULL if the associated cipher information is not found.
- */
-const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name );
-
-/**
- * \brief               This function retrieves the cipher-information
- *                      structure associated with the given cipher type.
- *
- * \param cipher_type   Type of the cipher to search for.
- *
- * \return              The cipher information structure associated with the
- *                      given \p cipher_type.
- * \return              \c NULL if the associated cipher information is not found.
- */
-const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type );
-
-/**
- * \brief               This function retrieves the cipher-information
- *                      structure associated with the given cipher ID,
- *                      key size and mode.
- *
- * \param cipher_id     The ID of the cipher to search for. For example,
- *                      #MBEDTLS_CIPHER_ID_AES.
- * \param key_bitlen    The length of the key in bits.
- * \param mode          The cipher mode. For example, #MBEDTLS_MODE_CBC.
- *
- * \return              The cipher information structure associated with the
- *                      given \p cipher_id.
- * \return              \c NULL if the associated cipher information is not found.
- */
-const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
-                                              int key_bitlen,
-                                              const mbedtls_cipher_mode_t mode );
-
-/**
- * \brief               This function initializes a \p cipher_context as NONE.
- *
- * \param ctx           The context to be initialized. This must not be \c NULL.
- */
-void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx );
-
-/**
- * \brief               This function frees and clears the cipher-specific
- *                      context of \p ctx. Freeing \p ctx itself remains the
- *                      responsibility of the caller.
- *
- * \param ctx           The context to be freed. If this is \c NULL, the
- *                      function has no effect, otherwise this must point to an
- *                      initialized context.
- */
-void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );
-
-
-/**
- * \brief               This function initializes a cipher context for
- *                      use with the given cipher primitive.
- *
- * \param ctx           The context to initialize. This must be initialized.
- * \param cipher_info   The cipher to use.
- *
- * \return              \c 0 on success.
- * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
- *                      parameter-verification failure.
- * \return              #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the
- *                      cipher-specific context fails.
- *
- * \internal Currently, the function also clears the structure.
- * In future versions, the caller will be required to call
- * mbedtls_cipher_init() on the structure first.
- */
-int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
-                          const mbedtls_cipher_info_t *cipher_info );
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-/**
- * \brief               This function initializes a cipher context for
- *                      PSA-based use with the given cipher primitive.
- *
- * \note                See #MBEDTLS_USE_PSA_CRYPTO for information on PSA.
- *
- * \param ctx           The context to initialize. May not be \c NULL.
- * \param cipher_info   The cipher to use.
- * \param taglen        For AEAD ciphers, the length in bytes of the
- *                      authentication tag to use. Subsequent uses of
- *                      mbedtls_cipher_auth_encrypt() or
- *                      mbedtls_cipher_auth_decrypt() must provide
- *                      the same tag length.
- *                      For non-AEAD ciphers, the value must be \c 0.
- *
- * \return              \c 0 on success.
- * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
- *                      parameter-verification failure.
- * \return              #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the
- *                      cipher-specific context fails.
- */
-int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
-                              const mbedtls_cipher_info_t *cipher_info,
-                              size_t taglen );
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-/**
- * \brief        This function returns the block size of the given cipher.
- *
- * \param ctx    The context of the cipher. This must be initialized.
- *
- * \return       The block size of the underlying cipher.
- * \return       \c 0 if \p ctx has not been initialized.
- */
-static inline unsigned int mbedtls_cipher_get_block_size(
-    const mbedtls_cipher_context_t *ctx )
-{
-    MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 );
-    if( ctx->cipher_info == NULL )
-        return 0;
-
-    return ctx->cipher_info->block_size;
-}
-
-/**
- * \brief        This function returns the mode of operation for
- *               the cipher. For example, MBEDTLS_MODE_CBC.
- *
- * \param ctx    The context of the cipher. This must be initialized.
- *
- * \return       The mode of operation.
- * \return       #MBEDTLS_MODE_NONE if \p ctx has not been initialized.
- */
-static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(
-    const mbedtls_cipher_context_t *ctx )
-{
-    MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, MBEDTLS_MODE_NONE );
-    if( ctx->cipher_info == NULL )
-        return MBEDTLS_MODE_NONE;
-
-    return ctx->cipher_info->mode;
-}
-
-/**
- * \brief       This function returns the size of the IV or nonce
- *              of the cipher, in Bytes.
- *
- * \param ctx   The context of the cipher. This must be initialized.
- *
- * \return      The recommended IV size if no IV has been set.
- * \return      \c 0 for ciphers not using an IV or a nonce.
- * \return      The actual size if an IV has been set.
- */
-static inline int mbedtls_cipher_get_iv_size(
-    const mbedtls_cipher_context_t *ctx )
-{
-    MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 );
-    if( ctx->cipher_info == NULL )
-        return 0;
-
-    if( ctx->iv_size != 0 )
-        return (int) ctx->iv_size;
-
-    return (int) ctx->cipher_info->iv_size;
-}
-
-/**
- * \brief               This function returns the type of the given cipher.
- *
- * \param ctx           The context of the cipher. This must be initialized.
- *
- * \return              The type of the cipher.
- * \return              #MBEDTLS_CIPHER_NONE if \p ctx has not been initialized.
- */
-static inline mbedtls_cipher_type_t mbedtls_cipher_get_type(
-    const mbedtls_cipher_context_t *ctx )
-{
-    MBEDTLS_INTERNAL_VALIDATE_RET(
-        ctx != NULL, MBEDTLS_CIPHER_NONE );
-    if( ctx->cipher_info == NULL )
-        return MBEDTLS_CIPHER_NONE;
-
-    return ctx->cipher_info->type;
-}
-
-/**
- * \brief               This function returns the name of the given cipher
- *                      as a string.
- *
- * \param ctx           The context of the cipher. This must be initialized.
- *
- * \return              The name of the cipher.
- * \return              NULL if \p ctx has not been not initialized.
- */
-static inline const char *mbedtls_cipher_get_name(
-    const mbedtls_cipher_context_t *ctx )
-{
-    MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 );
-    if( ctx->cipher_info == NULL )
-        return 0;
-
-    return ctx->cipher_info->name;
-}
-
-/**
- * \brief               This function returns the key length of the cipher.
- *
- * \param ctx           The context of the cipher. This must be initialized.
- *
- * \return              The key length of the cipher in bits.
- * \return              #MBEDTLS_KEY_LENGTH_NONE if ctx \p has not been
- *                      initialized.
- */
-static inline int mbedtls_cipher_get_key_bitlen(
-    const mbedtls_cipher_context_t *ctx )
-{
-    MBEDTLS_INTERNAL_VALIDATE_RET(
-        ctx != NULL, MBEDTLS_KEY_LENGTH_NONE );
-    if( ctx->cipher_info == NULL )
-        return MBEDTLS_KEY_LENGTH_NONE;
-
-    return (int) ctx->cipher_info->key_bitlen;
-}
-
-/**
- * \brief          This function returns the operation of the given cipher.
- *
- * \param ctx      The context of the cipher. This must be initialized.
- *
- * \return         The type of operation: #MBEDTLS_ENCRYPT or #MBEDTLS_DECRYPT.
- * \return         #MBEDTLS_OPERATION_NONE if \p ctx has not been initialized.
- */
-static inline mbedtls_operation_t mbedtls_cipher_get_operation(
-    const mbedtls_cipher_context_t *ctx )
-{
-    MBEDTLS_INTERNAL_VALIDATE_RET(
-        ctx != NULL, MBEDTLS_OPERATION_NONE );
-    if( ctx->cipher_info == NULL )
-        return MBEDTLS_OPERATION_NONE;
-
-    return ctx->operation;
-}
-
-/**
- * \brief               This function sets the key to use with the given context.
- *
- * \param ctx           The generic cipher context. This must be initialized and
- *                      bound to a cipher information structure.
- * \param key           The key to use. This must be a readable buffer of at
- *                      least \p key_bitlen Bits.
- * \param key_bitlen    The key length to use, in Bits.
- * \param operation     The operation that the key will be used for:
- *                      #MBEDTLS_ENCRYPT or #MBEDTLS_DECRYPT.
- *
- * \return              \c 0 on success.
- * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
- *                      parameter-verification failure.
- * \return              A cipher-specific error code on failure.
- */
-int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
-                           const unsigned char *key,
-                           int key_bitlen,
-                           const mbedtls_operation_t operation );
-
-#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
-/**
- * \brief               This function sets the padding mode, for cipher modes
- *                      that use padding.
- *
- *                      The default passing mode is PKCS7 padding.
- *
- * \param ctx           The generic cipher context. This must be initialized and
- *                      bound to a cipher information structure.
- * \param mode          The padding mode.
- *
- * \return              \c 0 on success.
- * \return              #MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE
- *                      if the selected padding mode is not supported.
- * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode
- *                      does not support padding.
- */
-int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx,
-                                     mbedtls_cipher_padding_t mode );
-#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
-
-/**
- * \brief           This function sets the initialization vector (IV)
- *                  or nonce.
- *
- * \note            Some ciphers do not use IVs nor nonce. For these
- *                  ciphers, this function has no effect.
- *
- * \param ctx       The generic cipher context. This must be initialized and
- *                  bound to a cipher information structure.
- * \param iv        The IV to use, or NONCE_COUNTER for CTR-mode ciphers. This
- *                  must be a readable buffer of at least \p iv_len Bytes.
- * \param iv_len    The IV length for ciphers with variable-size IV.
- *                  This parameter is discarded by ciphers with fixed-size IV.
- *
- * \return          \c 0 on success.
- * \return          #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
- *                  parameter-verification failure.
- */
-int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
-                           const unsigned char *iv,
-                           size_t iv_len );
-
-/**
- * \brief         This function resets the cipher state.
- *
- * \param ctx     The generic cipher context. This must be initialized.
- *
- * \return        \c 0 on success.
- * \return        #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
- *                parameter-verification failure.
- */
-int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx );
-
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
-/**
- * \brief               This function adds additional data for AEAD ciphers.
- *                      Currently supported with GCM and ChaCha20+Poly1305.
- *                      This must be called exactly once, after
- *                      mbedtls_cipher_reset().
- *
- * \param ctx           The generic cipher context. This must be initialized.
- * \param ad            The additional data to use. This must be a readable
- *                      buffer of at least \p ad_len Bytes.
- * \param ad_len        The length of \p ad in Bytes.
- *
- * \return              \c 0 on success.
- * \return              A specific error code on failure.
- */
-int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
-                      const unsigned char *ad, size_t ad_len );
-#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
-
-/**
- * \brief               The generic cipher update function. It encrypts or
- *                      decrypts using the given cipher context. Writes as
- *                      many block-sized blocks of data as possible to output.
- *                      Any data that cannot be written immediately is either
- *                      added to the next block, or flushed when
- *                      mbedtls_cipher_finish() is called.
- *                      Exception: For MBEDTLS_MODE_ECB, expects a single block
- *                      in size. For example, 16 Bytes for AES.
- *
- * \note                If the underlying cipher is used in GCM mode, all calls
- *                      to this function, except for the last one before
- *                      mbedtls_cipher_finish(), must have \p ilen as a
- *                      multiple of the block size of the cipher.
- *
- * \param ctx           The generic cipher context. This must be initialized and
- *                      bound to a key.
- * \param input         The buffer holding the input data. This must be a
- *                      readable buffer of at least \p ilen Bytes.
- * \param ilen          The length of the input data.
- * \param output        The buffer for the output data. This must be able to
- *                      hold at least `ilen + block_size`. This must not be the
- *                      same buffer as \p input.
- * \param olen          The length of the output data, to be updated with the
- *                      actual number of Bytes written. This must not be
- *                      \c NULL.
- *
- * \return              \c 0 on success.
- * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
- *                      parameter-verification failure.
- * \return              #MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE on an
- *                      unsupported mode for a cipher.
- * \return              A cipher-specific error code on failure.
- */
-int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx,
-                           const unsigned char *input,
-                           size_t ilen, unsigned char *output,
-                           size_t *olen );
-
-/**
- * \brief               The generic cipher finalization function. If data still
- *                      needs to be flushed from an incomplete block, the data
- *                      contained in it is padded to the size of
- *                      the last block, and written to the \p output buffer.
- *
- * \param ctx           The generic cipher context. This must be initialized and
- *                      bound to a key.
- * \param output        The buffer to write data to. This needs to be a writable
- *                      buffer of at least \p block_size Bytes.
- * \param olen          The length of the data written to the \p output buffer.
- *                      This may not be \c NULL.
- *
- * \return              \c 0 on success.
- * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
- *                      parameter-verification failure.
- * \return              #MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED on decryption
- *                      expecting a full block but not receiving one.
- * \return              #MBEDTLS_ERR_CIPHER_INVALID_PADDING on invalid padding
- *                      while decrypting.
- * \return              A cipher-specific error code on failure.
- */
-int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
-                   unsigned char *output, size_t *olen );
-
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
-/**
- * \brief               This function writes a tag for AEAD ciphers.
- *                      Currently supported with GCM and ChaCha20+Poly1305.
- *                      This must be called after mbedtls_cipher_finish().
- *
- * \param ctx           The generic cipher context. This must be initialized,
- *                      bound to a key, and have just completed a cipher
- *                      operation through mbedtls_cipher_finish() the tag for
- *                      which should be written.
- * \param tag           The buffer to write the tag to. This must be a writable
- *                      buffer of at least \p tag_len Bytes.
- * \param tag_len       The length of the tag to write.
- *
- * \return              \c 0 on success.
- * \return              A specific error code on failure.
- */
-int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
-                      unsigned char *tag, size_t tag_len );
-
-/**
- * \brief               This function checks the tag for AEAD ciphers.
- *                      Currently supported with GCM and ChaCha20+Poly1305.
- *                      This must be called after mbedtls_cipher_finish().
- *
- * \param ctx           The generic cipher context. This must be initialized.
- * \param tag           The buffer holding the tag. This must be a readable
- *                      buffer of at least \p tag_len Bytes.
- * \param tag_len       The length of the tag to check.
- *
- * \return              \c 0 on success.
- * \return              A specific error code on failure.
- */
-int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
-                      const unsigned char *tag, size_t tag_len );
-#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
-
-/**
- * \brief               The generic all-in-one encryption/decryption function,
- *                      for all ciphers except AEAD constructs.
- *
- * \param ctx           The generic cipher context. This must be initialized.
- * \param iv            The IV to use, or NONCE_COUNTER for CTR-mode ciphers.
- *                      This must be a readable buffer of at least \p iv_len
- *                      Bytes.
- * \param iv_len        The IV length for ciphers with variable-size IV.
- *                      This parameter is discarded by ciphers with fixed-size
- *                      IV.
- * \param input         The buffer holding the input data. This must be a
- *                      readable buffer of at least \p ilen Bytes.
- * \param ilen          The length of the input data in Bytes.
- * \param output        The buffer for the output data. This must be able to
- *                      hold at least `ilen + block_size`. This must not be the
- *                      same buffer as \p input.
- * \param olen          The length of the output data, to be updated with the
- *                      actual number of Bytes written. This must not be
- *                      \c NULL.
- *
- * \note                Some ciphers do not use IVs nor nonce. For these
- *                      ciphers, use \p iv = NULL and \p iv_len = 0.
- *
- * \return              \c 0 on success.
- * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
- *                      parameter-verification failure.
- * \return              #MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED on decryption
- *                      expecting a full block but not receiving one.
- * \return              #MBEDTLS_ERR_CIPHER_INVALID_PADDING on invalid padding
- *                      while decrypting.
- * \return              A cipher-specific error code on failure.
- */
-int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
-                  const unsigned char *iv, size_t iv_len,
-                  const unsigned char *input, size_t ilen,
-                  unsigned char *output, size_t *olen );
-
-#if defined(MBEDTLS_CIPHER_MODE_AEAD)
-#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
-#if defined(MBEDTLS_DEPRECATED_WARNING)
-#define MBEDTLS_DEPRECATED    __attribute__((deprecated))
-#else
-#define MBEDTLS_DEPRECATED
-#endif /* MBEDTLS_DEPRECATED_WARNING */
-/**
- * \brief               The generic authenticated encryption (AEAD) function.
- *
- * \deprecated          Superseded by mbedtls_cipher_auth_encrypt_ext().
- *
- * \note                This function only supports AEAD algorithms, not key
- *                      wrapping algorithms such as NIST_KW; for this, see
- *                      mbedtls_cipher_auth_encrypt_ext().
- *
- * \param ctx           The generic cipher context. This must be initialized and
- *                      bound to a key associated with an AEAD algorithm.
- * \param iv            The nonce to use. This must be a readable buffer of
- *                      at least \p iv_len Bytes and must not be \c NULL.
- * \param iv_len        The length of the nonce. This must satisfy the
- *                      constraints imposed by the AEAD cipher used.
- * \param ad            The additional data to authenticate. This must be a
- *                      readable buffer of at least \p ad_len Bytes, and may
- *                      be \c NULL is \p ad_len is \c 0.
- * \param ad_len        The length of \p ad.
- * \param input         The buffer holding the input data. This must be a
- *                      readable buffer of at least \p ilen Bytes, and may be
- *                      \c NULL if \p ilen is \c 0.
- * \param ilen          The length of the input data.
- * \param output        The buffer for the output data. This must be a
- *                      writable buffer of at least \p ilen Bytes, and must
- *                      not be \c NULL.
- * \param olen          This will be filled with the actual number of Bytes
- *                      written to the \p output buffer. This must point to a
- *                      writable object of type \c size_t.
- * \param tag           The buffer for the authentication tag. This must be a
- *                      writable buffer of at least \p tag_len Bytes. See note
- *                      below regarding restrictions with PSA-based contexts.
- * \param tag_len       The desired length of the authentication tag. This
- *                      must match the constraints imposed by the AEAD cipher
- *                      used, and in particular must not be \c 0.
- *
- * \note                If the context is based on PSA (that is, it was set up
- *                      with mbedtls_cipher_setup_psa()), then it is required
- *                      that \c tag == output + ilen. That is, the tag must be
- *                      appended to the ciphertext as recommended by RFC 5116.
- *
- * \return              \c 0 on success.
- * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
- *                      parameter-verification failure.
- * \return              A cipher-specific error code on failure.
- */
-int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *ad, size_t ad_len,
-                         const unsigned char *input, size_t ilen,
-                         unsigned char *output, size_t *olen,
-                         unsigned char *tag, size_t tag_len )
-                         MBEDTLS_DEPRECATED;
-
-/**
- * \brief               The generic authenticated decryption (AEAD) function.
- *
- * \deprecated          Superseded by mbedtls_cipher_auth_decrypt_ext().
- *
- * \note                This function only supports AEAD algorithms, not key
- *                      wrapping algorithms such as NIST_KW; for this, see
- *                      mbedtls_cipher_auth_decrypt_ext().
- *
- * \note                If the data is not authentic, then the output buffer
- *                      is zeroed out to prevent the unauthentic plaintext being
- *                      used, making this interface safer.
- *
- * \param ctx           The generic cipher context. This must be initialized and
- *                      bound to a key associated with an AEAD algorithm.
- * \param iv            The nonce to use. This must be a readable buffer of
- *                      at least \p iv_len Bytes and must not be \c NULL.
- * \param iv_len        The length of the nonce. This must satisfy the
- *                      constraints imposed by the AEAD cipher used.
- * \param ad            The additional data to authenticate. This must be a
- *                      readable buffer of at least \p ad_len Bytes, and may
- *                      be \c NULL is \p ad_len is \c 0.
- * \param ad_len        The length of \p ad.
- * \param input         The buffer holding the input data. This must be a
- *                      readable buffer of at least \p ilen Bytes, and may be
- *                      \c NULL if \p ilen is \c 0.
- * \param ilen          The length of the input data.
- * \param output        The buffer for the output data. This must be a
- *                      writable buffer of at least \p ilen Bytes, and must
- *                      not be \c NULL.
- * \param olen          This will be filled with the actual number of Bytes
- *                      written to the \p output buffer. This must point to a
- *                      writable object of type \c size_t.
- * \param tag           The buffer for the authentication tag. This must be a
- *                      readable buffer of at least \p tag_len Bytes. See note
- *                      below regarding restrictions with PSA-based contexts.
- * \param tag_len       The length of the authentication tag. This must match
- *                      the constraints imposed by the AEAD cipher used, and in
- *                      particular must not be \c 0.
- *
- * \note                If the context is based on PSA (that is, it was set up
- *                      with mbedtls_cipher_setup_psa()), then it is required
- *                      that \c tag == input + len. That is, the tag must be
- *                      appended to the ciphertext as recommended by RFC 5116.
- *
- * \return              \c 0 on success.
- * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
- *                      parameter-verification failure.
- * \return              #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic.
- * \return              A cipher-specific error code on failure.
- */
-int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *ad, size_t ad_len,
-                         const unsigned char *input, size_t ilen,
-                         unsigned char *output, size_t *olen,
-                         const unsigned char *tag, size_t tag_len )
-                         MBEDTLS_DEPRECATED;
-#undef MBEDTLS_DEPRECATED
-#endif /* MBEDTLS_DEPRECATED_REMOVED */
-#endif /* MBEDTLS_CIPHER_MODE_AEAD */
-
-#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
-/**
- * \brief               The authenticated encryption (AEAD/NIST_KW) function.
- *
- * \note                For AEAD modes, the tag will be appended to the
- *                      ciphertext, as recommended by RFC 5116.
- *                      (NIST_KW doesn't have a separate tag.)
- *
- * \param ctx           The generic cipher context. This must be initialized and
- *                      bound to a key, with an AEAD algorithm or NIST_KW.
- * \param iv            The nonce to use. This must be a readable buffer of
- *                      at least \p iv_len Bytes and may be \c NULL if \p
- *                      iv_len is \c 0.
- * \param iv_len        The length of the nonce. For AEAD ciphers, this must
- *                      satisfy the constraints imposed by the cipher used.
- *                      For NIST_KW, this must be \c 0.
- * \param ad            The additional data to authenticate. This must be a
- *                      readable buffer of at least \p ad_len Bytes, and may
- *                      be \c NULL is \p ad_len is \c 0.
- * \param ad_len        The length of \p ad. For NIST_KW, this must be \c 0.
- * \param input         The buffer holding the input data. This must be a
- *                      readable buffer of at least \p ilen Bytes, and may be
- *                      \c NULL if \p ilen is \c 0.
- * \param ilen          The length of the input data.
- * \param output        The buffer for the output data. This must be a
- *                      writable buffer of at least \p output_len Bytes, and
- *                      must not be \c NULL.
- * \param output_len    The length of the \p output buffer in Bytes. For AEAD
- *                      ciphers, this must be at least \p ilen + \p tag_len.
- *                      For NIST_KW, this must be at least \p ilen + 8
- *                      (rounded up to a multiple of 8 if KWP is used);
- *                      \p ilen + 15 is always a safe value.
- * \param olen          This will be filled with the actual number of Bytes
- *                      written to the \p output buffer. This must point to a
- *                      writable object of type \c size_t.
- * \param tag_len       The desired length of the authentication tag. For AEAD
- *                      ciphers, this must match the constraints imposed by
- *                      the cipher used, and in particular must not be \c 0.
- *                      For NIST_KW, this must be \c 0.
- *
- * \return              \c 0 on success.
- * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
- *                      parameter-verification failure.
- * \return              A cipher-specific error code on failure.
- */
-int mbedtls_cipher_auth_encrypt_ext( mbedtls_cipher_context_t *ctx,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *ad, size_t ad_len,
-                         const unsigned char *input, size_t ilen,
-                         unsigned char *output, size_t output_len,
-                         size_t *olen, size_t tag_len );
-
-/**
- * \brief               The authenticated encryption (AEAD/NIST_KW) function.
- *
- * \note                If the data is not authentic, then the output buffer
- *                      is zeroed out to prevent the unauthentic plaintext being
- *                      used, making this interface safer.
- *
- * \note                For AEAD modes, the tag must be appended to the
- *                      ciphertext, as recommended by RFC 5116.
- *                      (NIST_KW doesn't have a separate tag.)
- *
- * \param ctx           The generic cipher context. This must be initialized and
- *                      bound to a key, with an AEAD algorithm or NIST_KW.
- * \param iv            The nonce to use. This must be a readable buffer of
- *                      at least \p iv_len Bytes and may be \c NULL if \p
- *                      iv_len is \c 0.
- * \param iv_len        The length of the nonce. For AEAD ciphers, this must
- *                      satisfy the constraints imposed by the cipher used.
- *                      For NIST_KW, this must be \c 0.
- * \param ad            The additional data to authenticate. This must be a
- *                      readable buffer of at least \p ad_len Bytes, and may
- *                      be \c NULL is \p ad_len is \c 0.
- * \param ad_len        The length of \p ad. For NIST_KW, this must be \c 0.
- * \param input         The buffer holding the input data. This must be a
- *                      readable buffer of at least \p ilen Bytes, and may be
- *                      \c NULL if \p ilen is \c 0.
- * \param ilen          The length of the input data. For AEAD ciphers this
- *                      must be at least \p tag_len. For NIST_KW this must be
- *                      at least \c 8.
- * \param output        The buffer for the output data. This must be a
- *                      writable buffer of at least \p output_len Bytes, and
- *                      may be \c NULL if \p output_len is \c 0.
- * \param output_len    The length of the \p output buffer in Bytes. For AEAD
- *                      ciphers, this must be at least \p ilen - \p tag_len.
- *                      For NIST_KW, this must be at least \p ilen - 8.
- * \param olen          This will be filled with the actual number of Bytes
- *                      written to the \p output buffer. This must point to a
- *                      writable object of type \c size_t.
- * \param tag_len       The actual length of the authentication tag. For AEAD
- *                      ciphers, this must match the constraints imposed by
- *                      the cipher used, and in particular must not be \c 0.
- *                      For NIST_KW, this must be \c 0.
- *
- * \return              \c 0 on success.
- * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
- *                      parameter-verification failure.
- * \return              #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic.
- * \return              A cipher-specific error code on failure.
- */
-int mbedtls_cipher_auth_decrypt_ext( mbedtls_cipher_context_t *ctx,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *ad, size_t ad_len,
-                         const unsigned char *input, size_t ilen,
-                         unsigned char *output, size_t output_len,
-                         size_t *olen, size_t tag_len );
-#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* MBEDTLS_CIPHER_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/cipher_internal.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/cipher_internal.h
deleted file mode 100644
index 2484c01..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/cipher_internal.h
+++ /dev/null
@@ -1,150 +0,0 @@
-/**
- * \file cipher_internal.h
- *
- * \brief Cipher wrappers.
- *
- * \author Adriaan de Jong <dejong@fox-it.com>
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_CIPHER_WRAP_H
-#define MBEDTLS_CIPHER_WRAP_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/cipher.h"
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "psa/crypto.h"
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * Base cipher information. The non-mode specific functions and values.
- */
-struct mbedtls_cipher_base_t
-{
-    /** Base Cipher type (e.g. MBEDTLS_CIPHER_ID_AES) */
-    mbedtls_cipher_id_t cipher;
-
-    /** Encrypt using ECB */
-    int (*ecb_func)( void *ctx, mbedtls_operation_t mode,
-                     const unsigned char *input, unsigned char *output );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    /** Encrypt using CBC */
-    int (*cbc_func)( void *ctx, mbedtls_operation_t mode, size_t length,
-                     unsigned char *iv, const unsigned char *input,
-                     unsigned char *output );
-#endif
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    /** Encrypt using CFB (Full length) */
-    int (*cfb_func)( void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off,
-                     unsigned char *iv, const unsigned char *input,
-                     unsigned char *output );
-#endif
-
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    /** Encrypt using OFB (Full length) */
-    int (*ofb_func)( void *ctx, size_t length, size_t *iv_off,
-                     unsigned char *iv,
-                     const unsigned char *input,
-                     unsigned char *output );
-#endif
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    /** Encrypt using CTR */
-    int (*ctr_func)( void *ctx, size_t length, size_t *nc_off,
-                     unsigned char *nonce_counter, unsigned char *stream_block,
-                     const unsigned char *input, unsigned char *output );
-#endif
-
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    /** Encrypt or decrypt using XTS. */
-    int (*xts_func)( void *ctx, mbedtls_operation_t mode, size_t length,
-                     const unsigned char data_unit[16],
-                     const unsigned char *input, unsigned char *output );
-#endif
-
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    /** Encrypt using STREAM */
-    int (*stream_func)( void *ctx, size_t length,
-                        const unsigned char *input, unsigned char *output );
-#endif
-
-    /** Set key for encryption purposes */
-    int (*setkey_enc_func)( void *ctx, const unsigned char *key,
-                            unsigned int key_bitlen );
-
-    /** Set key for decryption purposes */
-    int (*setkey_dec_func)( void *ctx, const unsigned char *key,
-                            unsigned int key_bitlen);
-
-    /** Allocate a new context */
-    void * (*ctx_alloc_func)( void );
-
-    /** Free the given context */
-    void (*ctx_free_func)( void *ctx );
-
-};
-
-typedef struct
-{
-    mbedtls_cipher_type_t type;
-    const mbedtls_cipher_info_t *info;
-} mbedtls_cipher_definition_t;
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-typedef enum
-{
-    MBEDTLS_CIPHER_PSA_KEY_UNSET = 0,
-    MBEDTLS_CIPHER_PSA_KEY_OWNED, /* Used for PSA-based cipher contexts which */
-                                  /* use raw key material internally imported */
-                                  /* as a volatile key, and which hence need  */
-                                  /* to destroy that key when the context is  */
-                                  /* freed.                                   */
-    MBEDTLS_CIPHER_PSA_KEY_NOT_OWNED, /* Used for PSA-based cipher contexts   */
-                                      /* which use a key provided by the      */
-                                      /* user, and which hence will not be    */
-                                      /* destroyed when the context is freed. */
-} mbedtls_cipher_psa_key_ownership;
-
-typedef struct
-{
-    psa_algorithm_t alg;
-    psa_key_id_t slot;
-    mbedtls_cipher_psa_key_ownership slot_state;
-} mbedtls_cipher_context_psa;
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-extern const mbedtls_cipher_definition_t mbedtls_cipher_definitions[];
-
-extern int mbedtls_cipher_supported[];
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* MBEDTLS_CIPHER_WRAP_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/cmac.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/cmac.h
deleted file mode 100644
index cb538d0..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/cmac.h
+++ /dev/null
@@ -1,211 +0,0 @@
-/**
- * \file cmac.h
- *
- * \brief This file contains CMAC definitions and functions.
- *
- * The Cipher-based Message Authentication Code (CMAC) Mode for
- * Authentication is defined in <em>RFC-4493: The AES-CMAC Algorithm</em>.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef MBEDTLS_CMAC_H
-#define MBEDTLS_CMAC_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/cipher.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED -0x007A  /**< CMAC hardware accelerator failed. */
-
-#define MBEDTLS_AES_BLOCK_SIZE          16
-#define MBEDTLS_DES3_BLOCK_SIZE         8
-
-#if defined(MBEDTLS_AES_C)
-#define MBEDTLS_CIPHER_BLKSIZE_MAX      16  /**< The longest block used by CMAC is that of AES. */
-#else
-#define MBEDTLS_CIPHER_BLKSIZE_MAX      8   /**< The longest block used by CMAC is that of 3DES. */
-#endif
-
-#if !defined(MBEDTLS_CMAC_ALT)
-
-/**
- * The CMAC context structure.
- */
-struct mbedtls_cmac_context_t
-{
-    /** The internal state of the CMAC algorithm.  */
-    unsigned char       state[MBEDTLS_CIPHER_BLKSIZE_MAX];
-
-    /** Unprocessed data - either data that was not block aligned and is still
-     *  pending processing, or the final block. */
-    unsigned char       unprocessed_block[MBEDTLS_CIPHER_BLKSIZE_MAX];
-
-    /** The length of data pending processing. */
-    size_t              unprocessed_len;
-};
-
-#else  /* !MBEDTLS_CMAC_ALT */
-#include "cmac_alt.h"
-#endif /* !MBEDTLS_CMAC_ALT */
-
-/**
- * \brief               This function sets the CMAC key, and prepares to authenticate
- *                      the input data.
- *                      Must be called with an initialized cipher context.
- *
- * \param ctx           The cipher context used for the CMAC operation, initialized
- *                      as one of the following types: MBEDTLS_CIPHER_AES_128_ECB,
- *                      MBEDTLS_CIPHER_AES_192_ECB, MBEDTLS_CIPHER_AES_256_ECB,
- *                      or MBEDTLS_CIPHER_DES_EDE3_ECB.
- * \param key           The CMAC key.
- * \param keybits       The length of the CMAC key in bits.
- *                      Must be supported by the cipher.
- *
- * \return              \c 0 on success.
- * \return              A cipher-specific error code on failure.
- */
-int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
-                                const unsigned char *key, size_t keybits );
-
-/**
- * \brief               This function feeds an input buffer into an ongoing CMAC
- *                      computation.
- *
- *                      It is called between mbedtls_cipher_cmac_starts() or
- *                      mbedtls_cipher_cmac_reset(), and mbedtls_cipher_cmac_finish().
- *                      Can be called repeatedly.
- *
- * \param ctx           The cipher context used for the CMAC operation.
- * \param input         The buffer holding the input data.
- * \param ilen          The length of the input data.
- *
- * \return             \c 0 on success.
- * \return             #MBEDTLS_ERR_MD_BAD_INPUT_DATA
- *                     if parameter verification fails.
- */
-int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
-                                const unsigned char *input, size_t ilen );
-
-/**
- * \brief               This function finishes the CMAC operation, and writes
- *                      the result to the output buffer.
- *
- *                      It is called after mbedtls_cipher_cmac_update().
- *                      It can be followed by mbedtls_cipher_cmac_reset() and
- *                      mbedtls_cipher_cmac_update(), or mbedtls_cipher_free().
- *
- * \param ctx           The cipher context used for the CMAC operation.
- * \param output        The output buffer for the CMAC checksum result.
- *
- * \return              \c 0 on success.
- * \return              #MBEDTLS_ERR_MD_BAD_INPUT_DATA
- *                      if parameter verification fails.
- */
-int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
-                                unsigned char *output );
-
-/**
- * \brief               This function prepares the authentication of another
- *                      message with the same key as the previous CMAC
- *                      operation.
- *
- *                      It is called after mbedtls_cipher_cmac_finish()
- *                      and before mbedtls_cipher_cmac_update().
- *
- * \param ctx           The cipher context used for the CMAC operation.
- *
- * \return              \c 0 on success.
- * \return              #MBEDTLS_ERR_MD_BAD_INPUT_DATA
- *                      if parameter verification fails.
- */
-int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx );
-
-/**
- * \brief               This function calculates the full generic CMAC
- *                      on the input buffer with the provided key.
- *
- *                      The function allocates the context, performs the
- *                      calculation, and frees the context.
- *
- *                      The CMAC result is calculated as
- *                      output = generic CMAC(cmac key, input buffer).
- *
- *
- * \param cipher_info   The cipher information.
- * \param key           The CMAC key.
- * \param keylen        The length of the CMAC key in bits.
- * \param input         The buffer holding the input data.
- * \param ilen          The length of the input data.
- * \param output        The buffer for the generic CMAC result.
- *
- * \return              \c 0 on success.
- * \return              #MBEDTLS_ERR_MD_BAD_INPUT_DATA
- *                      if parameter verification fails.
- */
-int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
-                         const unsigned char *key, size_t keylen,
-                         const unsigned char *input, size_t ilen,
-                         unsigned char *output );
-
-#if defined(MBEDTLS_AES_C)
-/**
- * \brief           This function implements the AES-CMAC-PRF-128 pseudorandom
- *                  function, as defined in
- *                  <em>RFC-4615: The Advanced Encryption Standard-Cipher-based
- *                  Message Authentication Code-Pseudo-Random Function-128
- *                  (AES-CMAC-PRF-128) Algorithm for the Internet Key
- *                  Exchange Protocol (IKE).</em>
- *
- * \param key       The key to use.
- * \param key_len   The key length in Bytes.
- * \param input     The buffer holding the input data.
- * \param in_len    The length of the input data in Bytes.
- * \param output    The buffer holding the generated 16 Bytes of
- *                  pseudorandom output.
- *
- * \return          \c 0 on success.
- */
-int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
-                              const unsigned char *input, size_t in_len,
-                              unsigned char output[16] );
-#endif /* MBEDTLS_AES_C */
-
-#if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) )
-/**
- * \brief          The CMAC checkup routine.
- *
- * \return         \c 0 on success.
- * \return         \c 1 on failure.
- */
-int mbedtls_cmac_self_test( int verbose );
-#endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* MBEDTLS_CMAC_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/config_psa.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/config_psa.h
deleted file mode 100644
index 2b4c498..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/config_psa.h
+++ /dev/null
@@ -1,335 +0,0 @@
-/**
- * \file mbedtls/config_psa.h
- * \brief PSA crypto configuration options (set of defines)
- *
- *  This set of compile-time options takes settings defined in
- *  include/mbedtls/config.h and include/psa/crypto_config.h and uses
- *  those definitions to define symbols used in the library code.
- *
- *  Users and integrators should not edit this file, please edit
- *  include/mbedtls/config.h for MBETLS_XXX settings or
- *  include/psa/crypto_config.h for PSA_WANT_XXX settings.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef MBEDTLS_CONFIG_PSA_H
-#define MBEDTLS_CONFIG_PSA_H
-
-#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
-#include "psa/crypto_config.h"
-#endif /* defined(MBEDTLS_PSA_CRYPTO_CONFIG) */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
-
-#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
-#if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
-#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
-#define MBEDTLS_ECDSA_DETERMINISTIC
-#define MBEDTLS_ECDSA_C
-#define MBEDTLS_HMAC_DRBG_C
-#define MBEDTLS_MD_C
-#endif /* !MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA */
-#endif /* PSA_WANT_ALG_DETERMINISTIC_ECDSA */
-
-#if defined(PSA_WANT_ALG_ECDH)
-#if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH)
-#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
-#define MBEDTLS_ECDH_C
-#define MBEDTLS_ECP_C
-#define MBEDTLS_BIGNUM_C
-#endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDH */
-#endif /* PSA_WANT_ALG_ECDH */
-
-#if defined(PSA_WANT_ALG_ECDSA)
-#if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)
-#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
-#define MBEDTLS_ECDSA_C
-#endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDSA */
-#endif /* PSA_WANT_ALG_ECDSA */
-
-#if defined(PSA_WANT_ALG_HKDF)
-#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF)
-#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
-#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
-#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */
-#endif /* PSA_WANT_ALG_HKDF */
-
-#if defined(PSA_WANT_ALG_HMAC)
-#if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
-#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
-#endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
-#endif /* PSA_WANT_ALG_HMAC */
-
-#if defined(PSA_WANT_ALG_MD2) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD2)
-#define MBEDTLS_PSA_BUILTIN_ALG_MD2 1
-#define MBEDTLS_MD2_C
-#endif
-
-#if defined(PSA_WANT_ALG_MD4) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD4)
-#define MBEDTLS_PSA_BUILTIN_ALG_MD4 1
-#define MBEDTLS_MD4_C
-#endif
-
-#if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
-#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
-#define MBEDTLS_MD5_C
-#endif
-
-#if defined(PSA_WANT_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
-#define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
-#define MBEDTLS_RIPEMD160_C
-#endif
-
-#if defined(PSA_WANT_ALG_RSA_OAEP)
-#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP)
-#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
-#define MBEDTLS_RSA_C
-#define MBEDTLS_BIGNUM_C
-#define MBEDTLS_OID_C
-#define MBEDTLS_PKCS1_V21
-#define MBEDTLS_MD_C
-#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */
-#endif /* PSA_WANT_ALG_RSA_OAEP */
-
-#if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT)
-#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT)
-#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
-#define MBEDTLS_RSA_C
-#define MBEDTLS_BIGNUM_C
-#define MBEDTLS_OID_C
-#define MBEDTLS_PKCS1_V15
-#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT */
-#endif /* PSA_WANT_ALG_RSA_PKCS1V15_CRYPT */
-
-#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
-#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN)
-#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
-#define MBEDTLS_RSA_C
-#define MBEDTLS_BIGNUM_C
-#define MBEDTLS_OID_C
-#define MBEDTLS_PKCS1_V15
-#define MBEDTLS_MD_C
-#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN */
-#endif /* PSA_WANT_ALG_RSA_PKCS1V15_SIGN */
-
-#if defined(PSA_WANT_ALG_RSA_PSS)
-#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
-#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
-#define MBEDTLS_RSA_C
-#define MBEDTLS_BIGNUM_C
-#define MBEDTLS_OID_C
-#define MBEDTLS_PKCS1_V21
-#define MBEDTLS_MD_C
-#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */
-#endif /* PSA_WANT_ALG_RSA_PSS */
-
-#if defined(PSA_WANT_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
-#define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
-#define MBEDTLS_SHA1_C
-#endif
-
-#if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
-#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
-#define MBEDTLS_SHA256_C
-#endif
-
-#if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
-#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
-#define MBEDTLS_SHA256_C
-#endif
-
-#if defined(PSA_WANT_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
-#define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
-#define MBEDTLS_SHA512_C
-#endif
-
-#if defined(PSA_WANT_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
-#define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
-#define MBEDTLS_SHA512_C
-#endif
-
-#if defined(PSA_WANT_ALG_TLS12_PRF)
-#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF)
-#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
-#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF */
-#endif /* PSA_WANT_ALG_TLS12_PRF */
-
-#if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS)
-#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS)
-#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
-#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS */
-#endif /* PSA_WANT_ALG_TLS12_PSK_TO_MS */
-
-#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR)
-#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR)
-#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1
-#define MBEDTLS_ECP_C
-#define MBEDTLS_BIGNUM_C
-#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR */
-#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR */
-
-#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
-#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
-#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
-#define MBEDTLS_ECP_C
-#define MBEDTLS_BIGNUM_C
-#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY */
-#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
-
-#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR)
-#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR)
-#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1
-#define MBEDTLS_RSA_C
-#define MBEDTLS_BIGNUM_C
-#define MBEDTLS_OID_C
-#define MBEDTLS_GENPRIME
-#define MBEDTLS_PK_PARSE_C
-#define MBEDTLS_PK_WRITE_C
-#define MBEDTLS_PK_C
-#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR */
-#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */
-
-#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)
-#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
-#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
-#define MBEDTLS_RSA_C
-#define MBEDTLS_BIGNUM_C
-#define MBEDTLS_OID_C
-#define MBEDTLS_PK_PARSE_C
-#define MBEDTLS_PK_WRITE_C
-#define MBEDTLS_PK_C
-#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */
-#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */
-
-#else /* MBEDTLS_PSA_CRYPTO_CONFIG */
-
-/*
- * Ensure PSA_WANT_* defines are setup properly if MBEDTLS_PSA_CRYPTO_CONFIG
- * is not defined
- */
-
-#if defined(MBEDTLS_ECDH_C)
-#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
-#define PSA_WANT_ALG_ECDH 1
-#endif /* MBEDTLS_ECDH_C */
-
-#if defined(MBEDTLS_ECDSA_C)
-#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
-#define PSA_WANT_ALG_ECDSA 1
-
-// Only add in DETERMINISTIC support if ECDSA is also enabled
-#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
-#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
-#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
-#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
-
-#endif /* MBEDTLS_ECDSA_C */
-
-#if defined(MBEDTLS_ECP_C)
-#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1
-#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1
-#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
-#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
-#endif /* MBEDTLS_ECP_C */
-
-#if defined(MBEDTLS_HKDF_C)
-#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
-#define PSA_WANT_ALG_HMAC 1
-#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
-#define PSA_WANT_ALG_HKDF 1
-#endif /* MBEDTLS_HKDF_C */
-
-#if defined(MBEDTLS_MD_C)
-#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
-#define PSA_WANT_ALG_HMAC 1
-#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
-#define PSA_WANT_ALG_TLS12_PRF 1
-#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
-#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
-#endif /* MBEDTLS_MD_C */
-
-#if defined(MBEDTLS_MD2_C)
-#define MBEDTLS_PSA_BUILTIN_ALG_MD2 1
-#define PSA_WANT_ALG_MD2 1
-#endif
-
-#if defined(MBEDTLS_MD4_C)
-#define MBEDTLS_PSA_BUILTIN_ALG_MD4 1
-#define PSA_WANT_ALG_MD4 1
-#endif
-
-#if defined(MBEDTLS_MD5_C)
-#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
-#define PSA_WANT_ALG_MD5 1
-#endif
-
-#if defined(MBEDTLS_RIPEMD160_C)
-#define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
-#define PSA_WANT_ALG_RIPEMD160 1
-#endif
-
-#if defined(MBEDTLS_RSA_C)
-#if defined(MBEDTLS_PKCS1_V15)
-#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
-#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
-#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
-#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
-#endif /* MBEDTLSS_PKCS1_V15 */
-#if defined(MBEDTLS_PKCS1_V21)
-#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
-#define PSA_WANT_ALG_RSA_OAEP 1
-#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
-#define PSA_WANT_ALG_RSA_PSS 1
-#endif /* MBEDTLS_PKCS1_V21 */
-#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1
-#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1
-#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
-#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
-#endif /* MBEDTLS_RSA_C */
-
-#if defined(MBEDTLS_SHA1_C)
-#define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
-#define PSA_WANT_ALG_SHA_1 1
-#endif
-
-#if defined(MBEDTLS_SHA256_C)
-#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
-#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
-#define PSA_WANT_ALG_SHA_256 1
-#endif
-
-#if defined(MBEDTLS_SHA512_C)
-#if !defined(MBEDTLS_SHA512_NO_SHA384)
-#define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
-#define PSA_WANT_ALG_SHA_384 1
-#endif
-#define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
-#define PSA_WANT_ALG_SHA_512 1
-#endif
-
-#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* MBEDTLS_CONFIG_PSA_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/debug.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/debug.h
deleted file mode 100644
index ab5b037..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/debug.h
+++ /dev/null
@@ -1,262 +0,0 @@
-/**
- * \file debug.h
- *
- * \brief Functions for controlling and providing debug output from the library.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_DEBUG_H
-#define MBEDTLS_DEBUG_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/ssl.h"
-
-#if defined(MBEDTLS_ECP_C)
-#include "mbedtls/ecp.h"
-#endif
-
-#if defined(MBEDTLS_DEBUG_C)
-
-#define MBEDTLS_DEBUG_STRIP_PARENS( ... )   __VA_ARGS__
-
-#define MBEDTLS_SSL_DEBUG_MSG( level, args )                    \
-    mbedtls_debug_print_msg( ssl, level, __FILE__, __LINE__,    \
-                             MBEDTLS_DEBUG_STRIP_PARENS args )
-
-#define MBEDTLS_SSL_DEBUG_RET( level, text, ret )                \
-    mbedtls_debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret )
-
-#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len )           \
-    mbedtls_debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len )
-
-#if defined(MBEDTLS_BIGNUM_C)
-#define MBEDTLS_SSL_DEBUG_MPI( level, text, X )                  \
-    mbedtls_debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X )
-#endif
-
-#if defined(MBEDTLS_ECP_C)
-#define MBEDTLS_SSL_DEBUG_ECP( level, text, X )                  \
-    mbedtls_debug_print_ecp( ssl, level, __FILE__, __LINE__, text, X )
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt )                \
-    mbedtls_debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt )
-#endif
-
-#if defined(MBEDTLS_ECDH_C)
-#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr )               \
-    mbedtls_debug_printf_ecdh( ssl, level, __FILE__, __LINE__, ecdh, attr )
-#endif
-
-#else /* MBEDTLS_DEBUG_C */
-
-#define MBEDTLS_SSL_DEBUG_MSG( level, args )            do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_RET( level, text, ret )       do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len )  do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_MPI( level, text, X )         do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_ECP( level, text, X )         do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt )       do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr )     do { } while( 0 )
-
-#endif /* MBEDTLS_DEBUG_C */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief   Set the threshold error level to handle globally all debug output.
- *          Debug messages that have a level over the threshold value are
- *          discarded.
- *          (Default value: 0 = No debug )
- *
- * \param threshold     theshold level of messages to filter on. Messages at a
- *                      higher level will be discarded.
- *                          - Debug levels
- *                              - 0 No debug
- *                              - 1 Error
- *                              - 2 State change
- *                              - 3 Informational
- *                              - 4 Verbose
- */
-void mbedtls_debug_set_threshold( int threshold );
-
-/**
- * \brief    Print a message to the debug output. This function is always used
- *          through the MBEDTLS_SSL_DEBUG_MSG() macro, which supplies the ssl
- *          context, file and line number parameters.
- *
- * \param ssl       SSL context
- * \param level     error level of the debug message
- * \param file      file the message has occurred in
- * \param line      line number the message has occurred at
- * \param format    format specifier, in printf format
- * \param ...       variables used by the format specifier
- *
- * \attention       This function is intended for INTERNAL usage within the
- *                  library only.
- */
-void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
-                              const char *file, int line,
-                              const char *format, ... );
-
-/**
- * \brief   Print the return value of a function to the debug output. This
- *          function is always used through the MBEDTLS_SSL_DEBUG_RET() macro,
- *          which supplies the ssl context, file and line number parameters.
- *
- * \param ssl       SSL context
- * \param level     error level of the debug message
- * \param file      file the error has occurred in
- * \param line      line number the error has occurred in
- * \param text      the name of the function that returned the error
- * \param ret       the return code value
- *
- * \attention       This function is intended for INTERNAL usage within the
- *                  library only.
- */
-void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
-                      const char *file, int line,
-                      const char *text, int ret );
-
-/**
- * \brief   Output a buffer of size len bytes to the debug output. This function
- *          is always used through the MBEDTLS_SSL_DEBUG_BUF() macro,
- *          which supplies the ssl context, file and line number parameters.
- *
- * \param ssl       SSL context
- * \param level     error level of the debug message
- * \param file      file the error has occurred in
- * \param line      line number the error has occurred in
- * \param text      a name or label for the buffer being dumped. Normally the
- *                  variable or buffer name
- * \param buf       the buffer to be outputted
- * \param len       length of the buffer
- *
- * \attention       This function is intended for INTERNAL usage within the
- *                  library only.
- */
-void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
-                      const char *file, int line, const char *text,
-                      const unsigned char *buf, size_t len );
-
-#if defined(MBEDTLS_BIGNUM_C)
-/**
- * \brief   Print a MPI variable to the debug output. This function is always
- *          used through the MBEDTLS_SSL_DEBUG_MPI() macro, which supplies the
- *          ssl context, file and line number parameters.
- *
- * \param ssl       SSL context
- * \param level     error level of the debug message
- * \param file      file the error has occurred in
- * \param line      line number the error has occurred in
- * \param text      a name or label for the MPI being output. Normally the
- *                  variable name
- * \param X         the MPI variable
- *
- * \attention       This function is intended for INTERNAL usage within the
- *                  library only.
- */
-void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
-                      const char *file, int line,
-                      const char *text, const mbedtls_mpi *X );
-#endif
-
-#if defined(MBEDTLS_ECP_C)
-/**
- * \brief   Print an ECP point to the debug output. This function is always
- *          used through the MBEDTLS_SSL_DEBUG_ECP() macro, which supplies the
- *          ssl context, file and line number parameters.
- *
- * \param ssl       SSL context
- * \param level     error level of the debug message
- * \param file      file the error has occurred in
- * \param line      line number the error has occurred in
- * \param text      a name or label for the ECP point being output. Normally the
- *                  variable name
- * \param X         the ECP point
- *
- * \attention       This function is intended for INTERNAL usage within the
- *                  library only.
- */
-void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level,
-                      const char *file, int line,
-                      const char *text, const mbedtls_ecp_point *X );
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-/**
- * \brief   Print a X.509 certificate structure to the debug output. This
- *          function is always used through the MBEDTLS_SSL_DEBUG_CRT() macro,
- *          which supplies the ssl context, file and line number parameters.
- *
- * \param ssl       SSL context
- * \param level     error level of the debug message
- * \param file      file the error has occurred in
- * \param line      line number the error has occurred in
- * \param text      a name or label for the certificate being output
- * \param crt       X.509 certificate structure
- *
- * \attention       This function is intended for INTERNAL usage within the
- *                  library only.
- */
-void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level,
-                      const char *file, int line,
-                      const char *text, const mbedtls_x509_crt *crt );
-#endif
-
-#if defined(MBEDTLS_ECDH_C)
-typedef enum
-{
-    MBEDTLS_DEBUG_ECDH_Q,
-    MBEDTLS_DEBUG_ECDH_QP,
-    MBEDTLS_DEBUG_ECDH_Z,
-} mbedtls_debug_ecdh_attr;
-
-/**
- * \brief   Print a field of the ECDH structure in the SSL context to the debug
- *          output. This function is always used through the
- *          MBEDTLS_SSL_DEBUG_ECDH() macro, which supplies the ssl context, file
- *          and line number parameters.
- *
- * \param ssl       SSL context
- * \param level     error level of the debug message
- * \param file      file the error has occurred in
- * \param line      line number the error has occurred in
- * \param ecdh      the ECDH context
- * \param attr      the identifier of the attribute being output
- *
- * \attention       This function is intended for INTERNAL usage within the
- *                  library only.
- */
-void mbedtls_debug_printf_ecdh( const mbedtls_ssl_context *ssl, int level,
-                                const char *file, int line,
-                                const mbedtls_ecdh_context *ecdh,
-                                mbedtls_debug_ecdh_attr attr );
-#endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* debug.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/des.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/des.h
deleted file mode 100644
index 549d19b..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/des.h
+++ /dev/null
@@ -1,354 +0,0 @@
-/**
- * \file des.h
- *
- * \brief DES block cipher
- *
- * \warning   DES is considered a weak cipher and its use constitutes a
- *            security risk. We recommend considering stronger ciphers
- *            instead.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- *
- */
-#ifndef MBEDTLS_DES_H
-#define MBEDTLS_DES_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-#include <stdint.h>
-
-#define MBEDTLS_DES_ENCRYPT     1
-#define MBEDTLS_DES_DECRYPT     0
-
-#define MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH              -0x0032  /**< The data input has an invalid length. */
-
-/* MBEDTLS_ERR_DES_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_DES_HW_ACCEL_FAILED                   -0x0033  /**< DES hardware accelerator failed. */
-
-#define MBEDTLS_DES_KEY_SIZE    8
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if !defined(MBEDTLS_DES_ALT)
-// Regular implementation
-//
-
-/**
- * \brief          DES context structure
- *
- * \warning        DES is considered a weak cipher and its use constitutes a
- *                 security risk. We recommend considering stronger ciphers
- *                 instead.
- */
-typedef struct mbedtls_des_context
-{
-    uint32_t sk[32];            /*!<  DES subkeys       */
-}
-mbedtls_des_context;
-
-/**
- * \brief          Triple-DES context structure
- */
-typedef struct mbedtls_des3_context
-{
-    uint32_t sk[96];            /*!<  3DES subkeys      */
-}
-mbedtls_des3_context;
-
-#else  /* MBEDTLS_DES_ALT */
-#include "des_alt.h"
-#endif /* MBEDTLS_DES_ALT */
-
-/**
- * \brief          Initialize DES context
- *
- * \param ctx      DES context to be initialized
- *
- * \warning        DES is considered a weak cipher and its use constitutes a
- *                 security risk. We recommend considering stronger ciphers
- *                 instead.
- */
-void mbedtls_des_init( mbedtls_des_context *ctx );
-
-/**
- * \brief          Clear DES context
- *
- * \param ctx      DES context to be cleared
- *
- * \warning        DES is considered a weak cipher and its use constitutes a
- *                 security risk. We recommend considering stronger ciphers
- *                 instead.
- */
-void mbedtls_des_free( mbedtls_des_context *ctx );
-
-/**
- * \brief          Initialize Triple-DES context
- *
- * \param ctx      DES3 context to be initialized
- */
-void mbedtls_des3_init( mbedtls_des3_context *ctx );
-
-/**
- * \brief          Clear Triple-DES context
- *
- * \param ctx      DES3 context to be cleared
- */
-void mbedtls_des3_free( mbedtls_des3_context *ctx );
-
-/**
- * \brief          Set key parity on the given key to odd.
- *
- *                 DES keys are 56 bits long, but each byte is padded with
- *                 a parity bit to allow verification.
- *
- * \param key      8-byte secret key
- *
- * \warning        DES is considered a weak cipher and its use constitutes a
- *                 security risk. We recommend considering stronger ciphers
- *                 instead.
- */
-void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] );
-
-/**
- * \brief          Check that key parity on the given key is odd.
- *
- *                 DES keys are 56 bits long, but each byte is padded with
- *                 a parity bit to allow verification.
- *
- * \param key      8-byte secret key
- *
- * \return         0 is parity was ok, 1 if parity was not correct.
- *
- * \warning        DES is considered a weak cipher and its use constitutes a
- *                 security risk. We recommend considering stronger ciphers
- *                 instead.
- */
-int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
-
-/**
- * \brief          Check that key is not a weak or semi-weak DES key
- *
- * \param key      8-byte secret key
- *
- * \return         0 if no weak key was found, 1 if a weak key was identified.
- *
- * \warning        DES is considered a weak cipher and its use constitutes a
- *                 security risk. We recommend considering stronger ciphers
- *                 instead.
- */
-int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
-
-/**
- * \brief          DES key schedule (56-bit, encryption)
- *
- * \param ctx      DES context to be initialized
- * \param key      8-byte secret key
- *
- * \return         0
- *
- * \warning        DES is considered a weak cipher and its use constitutes a
- *                 security risk. We recommend considering stronger ciphers
- *                 instead.
- */
-int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
-
-/**
- * \brief          DES key schedule (56-bit, decryption)
- *
- * \param ctx      DES context to be initialized
- * \param key      8-byte secret key
- *
- * \return         0
- *
- * \warning        DES is considered a weak cipher and its use constitutes a
- *                 security risk. We recommend considering stronger ciphers
- *                 instead.
- */
-int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
-
-/**
- * \brief          Triple-DES key schedule (112-bit, encryption)
- *
- * \param ctx      3DES context to be initialized
- * \param key      16-byte secret key
- *
- * \return         0
- */
-int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
-                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
-
-/**
- * \brief          Triple-DES key schedule (112-bit, decryption)
- *
- * \param ctx      3DES context to be initialized
- * \param key      16-byte secret key
- *
- * \return         0
- */
-int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
-                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
-
-/**
- * \brief          Triple-DES key schedule (168-bit, encryption)
- *
- * \param ctx      3DES context to be initialized
- * \param key      24-byte secret key
- *
- * \return         0
- */
-int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
-                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
-
-/**
- * \brief          Triple-DES key schedule (168-bit, decryption)
- *
- * \param ctx      3DES context to be initialized
- * \param key      24-byte secret key
- *
- * \return         0
- */
-int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
-                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
-
-/**
- * \brief          DES-ECB block encryption/decryption
- *
- * \param ctx      DES context
- * \param input    64-bit input block
- * \param output   64-bit output block
- *
- * \return         0 if successful
- *
- * \warning        DES is considered a weak cipher and its use constitutes a
- *                 security risk. We recommend considering stronger ciphers
- *                 instead.
- */
-int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
-                    const unsigned char input[8],
-                    unsigned char output[8] );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-/**
- * \brief          DES-CBC buffer encryption/decryption
- *
- * \note           Upon exit, the content of the IV is updated so that you can
- *                 call the function same function again on the following
- *                 block(s) of data and get the same result as if it was
- *                 encrypted in one call. This allows a "streaming" usage.
- *                 If on the other hand you need to retain the contents of the
- *                 IV, you should either save it manually or use the cipher
- *                 module instead.
- *
- * \param ctx      DES context
- * \param mode     MBEDTLS_DES_ENCRYPT or MBEDTLS_DES_DECRYPT
- * \param length   length of the input data
- * \param iv       initialization vector (updated after use)
- * \param input    buffer holding the input data
- * \param output   buffer holding the output data
- *
- * \warning        DES is considered a weak cipher and its use constitutes a
- *                 security risk. We recommend considering stronger ciphers
- *                 instead.
- */
-int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
-                    int mode,
-                    size_t length,
-                    unsigned char iv[8],
-                    const unsigned char *input,
-                    unsigned char *output );
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-/**
- * \brief          3DES-ECB block encryption/decryption
- *
- * \param ctx      3DES context
- * \param input    64-bit input block
- * \param output   64-bit output block
- *
- * \return         0 if successful
- */
-int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
-                     const unsigned char input[8],
-                     unsigned char output[8] );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-/**
- * \brief          3DES-CBC buffer encryption/decryption
- *
- * \note           Upon exit, the content of the IV is updated so that you can
- *                 call the function same function again on the following
- *                 block(s) of data and get the same result as if it was
- *                 encrypted in one call. This allows a "streaming" usage.
- *                 If on the other hand you need to retain the contents of the
- *                 IV, you should either save it manually or use the cipher
- *                 module instead.
- *
- * \param ctx      3DES context
- * \param mode     MBEDTLS_DES_ENCRYPT or MBEDTLS_DES_DECRYPT
- * \param length   length of the input data
- * \param iv       initialization vector (updated after use)
- * \param input    buffer holding the input data
- * \param output   buffer holding the output data
- *
- * \return         0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
- */
-int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
-                     int mode,
-                     size_t length,
-                     unsigned char iv[8],
-                     const unsigned char *input,
-                     unsigned char *output );
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-/**
- * \brief          Internal function for key expansion.
- *                 (Only exposed to allow overriding it,
- *                 see MBEDTLS_DES_SETKEY_ALT)
- *
- * \param SK       Round keys
- * \param key      Base key
- *
- * \warning        DES is considered a weak cipher and its use constitutes a
- *                 security risk. We recommend considering stronger ciphers
- *                 instead.
- */
-void mbedtls_des_setkey( uint32_t SK[32],
-                         const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/**
- * \brief          Checkup routine
- *
- * \return         0 if successful, or 1 if the test failed
- */
-int mbedtls_des_self_test( int verbose );
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* des.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/dhm.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/dhm.h
deleted file mode 100644
index c7830b9..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/dhm.h
+++ /dev/null
@@ -1,1092 +0,0 @@
-/**
- * \file dhm.h
- *
- * \brief   This file contains Diffie-Hellman-Merkle (DHM) key exchange
- *          definitions and functions.
- *
- * Diffie-Hellman-Merkle (DHM) key exchange is defined in
- * <em>RFC-2631: Diffie-Hellman Key Agreement Method</em> and
- * <em>Public-Key Cryptography Standards (PKCS) #3: Diffie
- * Hellman Key Agreement Standard</em>.
- *
- * <em>RFC-3526: More Modular Exponential (MODP) Diffie-Hellman groups for
- * Internet Key Exchange (IKE)</em> defines a number of standardized
- * Diffie-Hellman groups for IKE.
- *
- * <em>RFC-5114: Additional Diffie-Hellman Groups for Use with IETF
- * Standards</em> defines a number of standardized Diffie-Hellman
- * groups that can be used.
- *
- * \warning  The security of the DHM key exchange relies on the proper choice
- *           of prime modulus - optimally, it should be a safe prime. The usage
- *           of non-safe primes both decreases the difficulty of the underlying
- *           discrete logarithm problem and can lead to small subgroup attacks
- *           leaking private exponent bits when invalid public keys are used
- *           and not detected. This is especially relevant if the same DHM
- *           parameters are reused for multiple key exchanges as in static DHM,
- *           while the criticality of small-subgroup attacks is lower for
- *           ephemeral DHM.
- *
- * \warning  For performance reasons, the code does neither perform primality
- *           nor safe primality tests, nor the expensive checks for invalid
- *           subgroups. Moreover, even if these were performed, non-standardized
- *           primes cannot be trusted because of the possibility of backdoors
- *           that can't be effectively checked for.
- *
- * \warning  Diffie-Hellman-Merkle is therefore a security risk when not using
- *           standardized primes generated using a trustworthy ("nothing up
- *           my sleeve") method, such as the RFC 3526 / 7919 primes. In the TLS
- *           protocol, DH parameters need to be negotiated, so using the default
- *           primes systematically is not always an option. If possible, use
- *           Elliptic Curve Diffie-Hellman (ECDH), which has better performance,
- *           and for which the TLS protocol mandates the use of standard
- *           parameters.
- *
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef MBEDTLS_DHM_H
-#define MBEDTLS_DHM_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-#include "mbedtls/bignum.h"
-
-/*
- * DHM Error codes
- */
-#define MBEDTLS_ERR_DHM_BAD_INPUT_DATA                    -0x3080  /**< Bad input parameters. */
-#define MBEDTLS_ERR_DHM_READ_PARAMS_FAILED                -0x3100  /**< Reading of the DHM parameters failed. */
-#define MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED                -0x3180  /**< Making of the DHM parameters failed. */
-#define MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED                -0x3200  /**< Reading of the public values failed. */
-#define MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED                -0x3280  /**< Making of the public value failed. */
-#define MBEDTLS_ERR_DHM_CALC_SECRET_FAILED                -0x3300  /**< Calculation of the DHM secret failed. */
-#define MBEDTLS_ERR_DHM_INVALID_FORMAT                    -0x3380  /**< The ASN.1 data is not formatted correctly. */
-#define MBEDTLS_ERR_DHM_ALLOC_FAILED                      -0x3400  /**< Allocation of memory failed. */
-#define MBEDTLS_ERR_DHM_FILE_IO_ERROR                     -0x3480  /**< Read or write of file failed. */
-
-/* MBEDTLS_ERR_DHM_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_DHM_HW_ACCEL_FAILED                   -0x3500  /**< DHM hardware accelerator failed. */
-
-#define MBEDTLS_ERR_DHM_SET_GROUP_FAILED                  -0x3580  /**< Setting the modulus and generator failed. */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if !defined(MBEDTLS_DHM_ALT)
-
-/**
- * \brief          The DHM context structure.
- */
-typedef struct mbedtls_dhm_context
-{
-    size_t len;         /*!<  The size of \p P in Bytes. */
-    mbedtls_mpi P;      /*!<  The prime modulus. */
-    mbedtls_mpi G;      /*!<  The generator. */
-    mbedtls_mpi X;      /*!<  Our secret value. */
-    mbedtls_mpi GX;     /*!<  Our public key = \c G^X mod \c P. */
-    mbedtls_mpi GY;     /*!<  The public key of the peer = \c G^Y mod \c P. */
-    mbedtls_mpi K;      /*!<  The shared secret = \c G^(XY) mod \c P. */
-    mbedtls_mpi RP;     /*!<  The cached value = \c R^2 mod \c P. */
-    mbedtls_mpi Vi;     /*!<  The blinding value. */
-    mbedtls_mpi Vf;     /*!<  The unblinding value. */
-    mbedtls_mpi pX;     /*!<  The previous \c X. */
-}
-mbedtls_dhm_context;
-
-#else /* MBEDTLS_DHM_ALT */
-#include "dhm_alt.h"
-#endif /* MBEDTLS_DHM_ALT */
-
-/**
- * \brief          This function initializes the DHM context.
- *
- * \param ctx      The DHM context to initialize.
- */
-void mbedtls_dhm_init( mbedtls_dhm_context *ctx );
-
-/**
- * \brief          This function parses the DHM parameters in a
- *                 TLS ServerKeyExchange handshake message
- *                 (DHM modulus, generator, and public key).
- *
- * \note           In a TLS handshake, this is the how the client
- *                 sets up its DHM context from the server's public
- *                 DHM key material.
- *
- * \param ctx      The DHM context to use. This must be initialized.
- * \param p        On input, *p must be the start of the input buffer.
- *                 On output, *p is updated to point to the end of the data
- *                 that has been read. On success, this is the first byte
- *                 past the end of the ServerKeyExchange parameters.
- *                 On error, this is the point at which an error has been
- *                 detected, which is usually not useful except to debug
- *                 failures.
- * \param end      The end of the input buffer.
- *
- * \return         \c 0 on success.
- * \return         An \c MBEDTLS_ERR_DHM_XXX error code on failure.
- */
-int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx,
-                             unsigned char **p,
-                             const unsigned char *end );
-
-/**
- * \brief          This function generates a DHM key pair and exports its
- *                 public part together with the DHM parameters in the format
- *                 used in a TLS ServerKeyExchange handshake message.
- *
- * \note           This function assumes that the DHM parameters \c ctx->P
- *                 and \c ctx->G have already been properly set. For that, use
- *                 mbedtls_dhm_set_group() below in conjunction with
- *                 mbedtls_mpi_read_binary() and mbedtls_mpi_read_string().
- *
- * \note           In a TLS handshake, this is the how the server generates
- *                 and exports its DHM key material.
- *
- * \param ctx      The DHM context to use. This must be initialized
- *                 and have the DHM parameters set. It may or may not
- *                 already have imported the peer's public key.
- * \param x_size   The private key size in Bytes.
- * \param olen     The address at which to store the number of Bytes
- *                 written on success. This must not be \c NULL.
- * \param output   The destination buffer. This must be a writable buffer of
- *                 sufficient size to hold the reduced binary presentation of
- *                 the modulus, the generator and the public key, each wrapped
- *                 with a 2-byte length field. It is the responsibility of the
- *                 caller to ensure that enough space is available. Refer to
- *                 mbedtls_mpi_size() to computing the byte-size of an MPI.
- * \param f_rng    The RNG function. Must not be \c NULL.
- * \param p_rng    The RNG context to be passed to \p f_rng. This may be
- *                 \c NULL if \p f_rng doesn't need a context parameter.
- *
- * \return         \c 0 on success.
- * \return         An \c MBEDTLS_ERR_DHM_XXX error code on failure.
- */
-int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
-                     unsigned char *output, size_t *olen,
-                     int (*f_rng)(void *, unsigned char *, size_t),
-                     void *p_rng );
-
-/**
- * \brief          This function sets the prime modulus and generator.
- *
- * \note           This function can be used to set \c ctx->P, \c ctx->G
- *                 in preparation for mbedtls_dhm_make_params().
- *
- * \param ctx      The DHM context to configure. This must be initialized.
- * \param P        The MPI holding the DHM prime modulus. This must be
- *                 an initialized MPI.
- * \param G        The MPI holding the DHM generator. This must be an
- *                 initialized MPI.
- *
- * \return         \c 0 if successful.
- * \return         An \c MBEDTLS_ERR_DHM_XXX error code on failure.
- */
-int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx,
-                           const mbedtls_mpi *P,
-                           const mbedtls_mpi *G );
-
-/**
- * \brief          This function imports the raw public value of the peer.
- *
- * \note           In a TLS handshake, this is the how the server imports
- *                 the Client's public DHM key.
- *
- * \param ctx      The DHM context to use. This must be initialized and have
- *                 its DHM parameters set, e.g. via mbedtls_dhm_set_group().
- *                 It may or may not already have generated its own private key.
- * \param input    The input buffer containing the \c G^Y value of the peer.
- *                 This must be a readable buffer of size \p ilen Bytes.
- * \param ilen     The size of the input buffer \p input in Bytes.
- *
- * \return         \c 0 on success.
- * \return         An \c MBEDTLS_ERR_DHM_XXX error code on failure.
- */
-int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx,
-                     const unsigned char *input, size_t ilen );
-
-/**
- * \brief          This function creates a DHM key pair and exports
- *                 the raw public key in big-endian format.
- *
- * \note           The destination buffer is always fully written
- *                 so as to contain a big-endian representation of G^X mod P.
- *                 If it is larger than \c ctx->len, it is padded accordingly
- *                 with zero-bytes at the beginning.
- *
- * \param ctx      The DHM context to use. This must be initialized and
- *                 have the DHM parameters set. It may or may not already
- *                 have imported the peer's public key.
- * \param x_size   The private key size in Bytes.
- * \param output   The destination buffer. This must be a writable buffer of
- *                 size \p olen Bytes.
- * \param olen     The length of the destination buffer. This must be at least
- *                 equal to `ctx->len` (the size of \c P).
- * \param f_rng    The RNG function. This must not be \c NULL.
- * \param p_rng    The RNG context to be passed to \p f_rng. This may be \c NULL
- *                 if \p f_rng doesn't need a context argument.
- *
- * \return         \c 0 on success.
- * \return         An \c MBEDTLS_ERR_DHM_XXX error code on failure.
- */
-int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size,
-                     unsigned char *output, size_t olen,
-                     int (*f_rng)(void *, unsigned char *, size_t),
-                     void *p_rng );
-
-/**
- * \brief          This function derives and exports the shared secret
- *                 \c (G^Y)^X mod \c P.
- *
- * \note           If \p f_rng is not \c NULL, it is used to blind the input as
- *                 a countermeasure against timing attacks. Blinding is used
- *                 only if our private key \c X is re-used, and not used
- *                 otherwise. We recommend always passing a non-NULL
- *                 \p f_rng argument.
- *
- * \param ctx           The DHM context to use. This must be initialized
- *                      and have its own private key generated and the peer's
- *                      public key imported.
- * \param output        The buffer to write the generated shared key to. This
- *                      must be a writable buffer of size \p output_size Bytes.
- * \param output_size   The size of the destination buffer. This must be at
- *                      least the size of \c ctx->len (the size of \c P).
- * \param olen          On exit, holds the actual number of Bytes written.
- * \param f_rng         The RNG function, for blinding purposes. This may
- *                      b \c NULL if blinding isn't needed.
- * \param p_rng         The RNG context. This may be \c NULL if \p f_rng
- *                      doesn't need a context argument.
- *
- * \return              \c 0 on success.
- * \return              An \c MBEDTLS_ERR_DHM_XXX error code on failure.
- */
-int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx,
-                     unsigned char *output, size_t output_size, size_t *olen,
-                     int (*f_rng)(void *, unsigned char *, size_t),
-                     void *p_rng );
-
-/**
- * \brief          This function frees and clears the components
- *                 of a DHM context.
- *
- * \param ctx      The DHM context to free and clear. This may be \c NULL,
- *                 in which case this function is a no-op. If it is not \c NULL,
- *                 it must point to an initialized DHM context.
- */
-void mbedtls_dhm_free( mbedtls_dhm_context *ctx );
-
-#if defined(MBEDTLS_ASN1_PARSE_C)
-/**
- * \brief             This function parses DHM parameters in PEM or DER format.
- *
- * \param dhm         The DHM context to import the DHM parameters into.
- *                    This must be initialized.
- * \param dhmin       The input buffer. This must be a readable buffer of
- *                    length \p dhminlen Bytes.
- * \param dhminlen    The size of the input buffer \p dhmin, including the
- *                    terminating \c NULL Byte for PEM data.
- *
- * \return            \c 0 on success.
- * \return            An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX error
- *                    code on failure.
- */
-int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,
-                           size_t dhminlen );
-
-#if defined(MBEDTLS_FS_IO)
-/**
- * \brief          This function loads and parses DHM parameters from a file.
- *
- * \param dhm      The DHM context to load the parameters to.
- *                 This must be initialized.
- * \param path     The filename to read the DHM parameters from.
- *                 This must not be \c NULL.
- *
- * \return         \c 0 on success.
- * \return         An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX
- *                 error code on failure.
- */
-int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path );
-#endif /* MBEDTLS_FS_IO */
-#endif /* MBEDTLS_ASN1_PARSE_C */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/**
- * \brief          The DMH checkup routine.
- *
- * \return         \c 0 on success.
- * \return         \c 1 on failure.
- */
-int mbedtls_dhm_self_test( int verbose );
-
-#endif /* MBEDTLS_SELF_TEST */
-#ifdef __cplusplus
-}
-#endif
-
-/**
- * RFC 3526, RFC 5114 and RFC 7919 standardize a number of
- * Diffie-Hellman groups, some of which are included here
- * for use within the SSL/TLS module and the user's convenience
- * when configuring the Diffie-Hellman parameters by hand
- * through \c mbedtls_ssl_conf_dh_param.
- *
- * The following lists the source of the above groups in the standards:
- * - RFC 5114 section 2.2:  2048-bit MODP Group with 224-bit Prime Order Subgroup
- * - RFC 3526 section 3:    2048-bit MODP Group
- * - RFC 3526 section 4:    3072-bit MODP Group
- * - RFC 3526 section 5:    4096-bit MODP Group
- * - RFC 7919 section A.1:  ffdhe2048
- * - RFC 7919 section A.2:  ffdhe3072
- * - RFC 7919 section A.3:  ffdhe4096
- * - RFC 7919 section A.4:  ffdhe6144
- * - RFC 7919 section A.5:  ffdhe8192
- *
- * The constants with suffix "_p" denote the chosen prime moduli, while
- * the constants with suffix "_g" denote the chosen generator
- * of the associated prime field.
- *
- * The constants further suffixed with "_bin" are provided in binary format,
- * while all other constants represent null-terminated strings holding the
- * hexadecimal presentation of the respective numbers.
- *
- * The primes from RFC 3526 and RFC 7919 have been generating by the following
- * trust-worthy procedure:
- * - Fix N in { 2048, 3072, 4096, 6144, 8192 } and consider the N-bit number
- *   the first and last 64 bits are all 1, and the remaining N - 128 bits of
- *   which are 0x7ff...ff.
- * - Add the smallest multiple of the first N - 129 bits of the binary expansion
- *   of pi (for RFC 5236) or e (for RFC 7919) to this intermediate bit-string
- *   such that the resulting integer is a safe-prime.
- * - The result is the respective RFC 3526 / 7919 prime, and the corresponding
- *   generator is always chosen to be 2 (which is a square for these prime,
- *   hence the corresponding subgroup has order (p-1)/2 and avoids leaking a
- *   bit in the private exponent).
- *
- */
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-
-/**
- * \warning The origin of the primes in RFC 5114 is not documented and
- *          their use therefore constitutes a security risk!
- *
- * \deprecated The hex-encoded primes from RFC 5114 are deprecated and are
- *             likely to be removed in a future version of the library without
- *             replacement.
- */
-
-/**
- * The hexadecimal presentation of the prime underlying the
- * 2048-bit MODP Group with 224-bit Prime Order Subgroup, as defined
- * in <em>RFC-5114: Additional Diffie-Hellman Groups for Use with
- * IETF Standards</em>.
- */
-#define MBEDTLS_DHM_RFC5114_MODP_2048_P                         \
-    MBEDTLS_DEPRECATED_STRING_CONSTANT(                         \
-        "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1"      \
-        "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15"      \
-        "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212"      \
-        "9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207"      \
-        "C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708"      \
-        "B3BF8A317091883681286130BC8985DB1602E714415D9330"      \
-        "278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D"      \
-        "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8"      \
-        "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763"      \
-        "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71"      \
-        "CF9DE5384E71B81C0AC4DFFE0C10E64F" )
-
-/**
- * The hexadecimal presentation of the chosen generator of the 2048-bit MODP
- * Group with 224-bit Prime Order Subgroup, as defined in <em>RFC-5114:
- * Additional Diffie-Hellman Groups for Use with IETF Standards</em>.
- */
-#define MBEDTLS_DHM_RFC5114_MODP_2048_G                         \
-    MBEDTLS_DEPRECATED_STRING_CONSTANT(                         \
-        "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"      \
-        "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"      \
-        "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"      \
-        "C17669101999024AF4D027275AC1348BB8A762D0521BC98A"      \
-        "E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE"      \
-        "F180EB34118E98D119529A45D6F834566E3025E316A330EF"      \
-        "BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB"      \
-        "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381"      \
-        "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269"      \
-        "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179"      \
-        "81BC087F2A7065B384B890D3191F2BFA" )
-
-/**
- * The hexadecimal presentation of the prime underlying the 2048-bit MODP
- * Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
- * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
- *
- * \deprecated The hex-encoded primes from RFC 3625 are deprecated and
- *             superseded by the corresponding macros providing them as
- *             binary constants. Their hex-encoded constants are likely
- *             to be removed in a future version of the library.
- *
- */
-#define MBEDTLS_DHM_RFC3526_MODP_2048_P                         \
-    MBEDTLS_DEPRECATED_STRING_CONSTANT(                         \
-        "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"      \
-        "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"      \
-        "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"      \
-        "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"      \
-        "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"      \
-        "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"      \
-        "83655D23DCA3AD961C62F356208552BB9ED529077096966D"      \
-        "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"      \
-        "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"      \
-        "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"      \
-        "15728E5A8AACAA68FFFFFFFFFFFFFFFF" )
-
-/**
- * The hexadecimal presentation of the chosen generator of the 2048-bit MODP
- * Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
- * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
- */
-#define MBEDTLS_DHM_RFC3526_MODP_2048_G                         \
-    MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" )
-
-/**
- * The hexadecimal presentation of the prime underlying the 3072-bit MODP
- * Group, as defined in <em>RFC-3072: More Modular Exponential (MODP)
- * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
- */
-#define MBEDTLS_DHM_RFC3526_MODP_3072_P                         \
-    MBEDTLS_DEPRECATED_STRING_CONSTANT(                         \
-        "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"      \
-        "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"      \
-        "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"      \
-        "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"      \
-        "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"      \
-        "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"      \
-        "83655D23DCA3AD961C62F356208552BB9ED529077096966D"      \
-        "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"      \
-        "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"      \
-        "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"      \
-        "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"      \
-        "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"      \
-        "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"      \
-        "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"      \
-        "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"      \
-        "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF" )
-
-/**
- * The hexadecimal presentation of the chosen generator of the 3072-bit MODP
- * Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
- * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
- */
-#define MBEDTLS_DHM_RFC3526_MODP_3072_G                      \
-    MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" )
-
-/**
- * The hexadecimal presentation of the prime underlying the 4096-bit MODP
- * Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
- * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
- */
-#define MBEDTLS_DHM_RFC3526_MODP_4096_P                      \
-    MBEDTLS_DEPRECATED_STRING_CONSTANT(                      \
-        "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"   \
-        "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"   \
-        "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"   \
-        "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"   \
-        "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"   \
-        "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"   \
-        "83655D23DCA3AD961C62F356208552BB9ED529077096966D"   \
-        "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"   \
-        "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"   \
-        "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"   \
-        "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"   \
-        "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"   \
-        "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"   \
-        "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"   \
-        "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"   \
-        "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7"   \
-        "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"   \
-        "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6"   \
-        "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"   \
-        "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9"   \
-        "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199"   \
-        "FFFFFFFFFFFFFFFF" )
-
-/**
- * The hexadecimal presentation of the chosen generator of the 4096-bit MODP
- * Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
- * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
- */
-#define MBEDTLS_DHM_RFC3526_MODP_4096_G                      \
-    MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" )
-
-#endif /* MBEDTLS_DEPRECATED_REMOVED */
-
-/*
- * Trustworthy DHM parameters in binary form
- */
-
-#define MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN {        \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
-     0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \
-     0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \
-     0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \
-     0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \
-     0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \
-     0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \
-     0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \
-     0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \
-     0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \
-     0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \
-     0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \
-     0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \
-     0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \
-     0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \
-     0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \
-     0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \
-     0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \
-     0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \
-     0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \
-     0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \
-     0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \
-     0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \
-     0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \
-     0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \
-     0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \
-     0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \
-     0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \
-     0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \
-     0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \
-     0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
-
-#define MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN { 0x02 }
-
-#define MBEDTLS_DHM_RFC3526_MODP_3072_P_BIN {       \
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
-    0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \
-    0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \
-    0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \
-    0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \
-    0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \
-    0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \
-    0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \
-    0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \
-    0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \
-    0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \
-    0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \
-    0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \
-    0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \
-    0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \
-    0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \
-    0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \
-    0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \
-    0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \
-    0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \
-    0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \
-    0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \
-    0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \
-    0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \
-    0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \
-    0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \
-    0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \
-    0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \
-    0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \
-    0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \
-    0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, \
-    0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, \
-    0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, \
-    0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, \
-    0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, \
-    0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, \
-    0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, \
-    0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, \
-    0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, \
-    0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, \
-    0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, \
-    0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, \
-    0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, \
-    0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, \
-    0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, \
-    0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, \
-    0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA, \
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
-
-#define MBEDTLS_DHM_RFC3526_MODP_3072_G_BIN { 0x02 }
-
-#define MBEDTLS_DHM_RFC3526_MODP_4096_P_BIN  {       \
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,  \
-    0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,  \
-    0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,  \
-    0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,  \
-    0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,  \
-    0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,  \
-    0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,  \
-    0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,  \
-    0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,  \
-    0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,  \
-    0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,  \
-    0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,  \
-    0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,  \
-    0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,  \
-    0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,  \
-    0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,  \
-    0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,  \
-    0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,  \
-    0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,  \
-    0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,  \
-    0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,  \
-    0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,  \
-    0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,  \
-    0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,  \
-    0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,  \
-    0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,  \
-    0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,  \
-    0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,  \
-    0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,  \
-    0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,  \
-    0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D,  \
-    0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33,  \
-    0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,  \
-    0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A,  \
-    0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,  \
-    0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,  \
-    0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7,  \
-    0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D,  \
-    0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,  \
-    0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64,  \
-    0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64,  \
-    0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,  \
-    0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C,  \
-    0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2,  \
-    0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,  \
-    0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E,  \
-    0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01,  \
-    0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,  \
-    0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,  \
-    0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C,  \
-    0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,  \
-    0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8,  \
-    0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9,  \
-    0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,  \
-    0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D,  \
-    0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,  \
-    0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,  \
-    0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF,  \
-    0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C,  \
-    0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,  \
-    0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1,  \
-    0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F,  \
-    0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99,  \
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
-
-#define MBEDTLS_DHM_RFC3526_MODP_4096_G_BIN { 0x02 }
-
-#define MBEDTLS_DHM_RFC7919_FFDHE2048_P_BIN {        \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
-     0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
-     0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
-     0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
-     0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
-     0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
-     0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
-     0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
-     0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
-     0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
-     0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
-     0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
-     0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
-     0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
-     0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
-     0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
-     0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
-     0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
-     0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
-     0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
-     0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
-     0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
-     0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
-     0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
-     0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
-     0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
-     0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
-     0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
-     0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
-     0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
-     0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97, \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, }
-
-#define MBEDTLS_DHM_RFC7919_FFDHE2048_G_BIN { 0x02 }
-
-#define MBEDTLS_DHM_RFC7919_FFDHE3072_P_BIN { \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
-     0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
-     0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
-     0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
-     0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
-     0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
-     0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
-     0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
-     0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
-     0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
-     0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
-     0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
-     0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
-     0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
-     0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
-     0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
-     0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
-     0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
-     0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
-     0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
-     0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
-     0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
-     0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
-     0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
-     0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
-     0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
-     0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
-     0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
-     0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
-     0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
-     0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
-     0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
-     0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
-     0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
-     0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
-     0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
-     0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
-     0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
-     0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
-     0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
-     0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
-     0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
-     0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
-     0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
-     0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
-     0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
-     0x25, 0xE4, 0x1D, 0x2B, 0x66, 0xC6, 0x2E, 0x37, \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
-
-#define MBEDTLS_DHM_RFC7919_FFDHE3072_G_BIN { 0x02 }
-
-#define MBEDTLS_DHM_RFC7919_FFDHE4096_P_BIN {        \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
-     0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
-     0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
-     0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
-     0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
-     0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
-     0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
-     0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
-     0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
-     0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
-     0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
-     0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
-     0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
-     0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
-     0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
-     0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
-     0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
-     0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
-     0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
-     0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
-     0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
-     0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
-     0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
-     0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
-     0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
-     0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
-     0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
-     0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
-     0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
-     0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
-     0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
-     0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
-     0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
-     0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
-     0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
-     0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
-     0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
-     0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
-     0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
-     0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
-     0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
-     0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
-     0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
-     0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
-     0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
-     0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
-     0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
-     0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
-     0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
-     0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
-     0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
-     0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
-     0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
-     0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
-     0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
-     0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
-     0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
-     0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
-     0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
-     0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
-     0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
-     0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
-     0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x65, 0x5F, 0x6A, \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
-
-#define MBEDTLS_DHM_RFC7919_FFDHE4096_G_BIN { 0x02 }
-
-#define MBEDTLS_DHM_RFC7919_FFDHE6144_P_BIN {        \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
-     0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
-     0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
-     0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
-     0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
-     0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
-     0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
-     0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
-     0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
-     0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
-     0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
-     0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
-     0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
-     0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
-     0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
-     0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
-     0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
-     0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
-     0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
-     0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
-     0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
-     0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
-     0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
-     0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
-     0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
-     0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
-     0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
-     0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
-     0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
-     0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
-     0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
-     0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
-     0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
-     0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
-     0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
-     0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
-     0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
-     0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
-     0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
-     0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
-     0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
-     0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
-     0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
-     0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
-     0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
-     0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
-     0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
-     0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
-     0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
-     0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
-     0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
-     0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
-     0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
-     0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
-     0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
-     0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
-     0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
-     0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
-     0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
-     0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
-     0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
-     0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
-     0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \
-     0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \
-     0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \
-     0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \
-     0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \
-     0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \
-     0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \
-     0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \
-     0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \
-     0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \
-     0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \
-     0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \
-     0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \
-     0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \
-     0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \
-     0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \
-     0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \
-     0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \
-     0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \
-     0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \
-     0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \
-     0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \
-     0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \
-     0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \
-     0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \
-     0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \
-     0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \
-     0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \
-     0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \
-     0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \
-     0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \
-     0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \
-     0xA4, 0x0E, 0x32, 0x9C, 0xD0, 0xE4, 0x0E, 0x65, \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
-
-#define MBEDTLS_DHM_RFC7919_FFDHE6144_G_BIN { 0x02 }
-
-#define MBEDTLS_DHM_RFC7919_FFDHE8192_P_BIN {        \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
-     0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
-     0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
-     0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
-     0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
-     0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
-     0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
-     0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
-     0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
-     0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
-     0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
-     0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
-     0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
-     0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
-     0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
-     0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
-     0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
-     0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
-     0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
-     0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
-     0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
-     0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
-     0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
-     0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
-     0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
-     0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
-     0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
-     0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
-     0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
-     0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
-     0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
-     0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
-     0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
-     0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
-     0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
-     0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
-     0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
-     0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
-     0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
-     0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
-     0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
-     0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
-     0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
-     0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
-     0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
-     0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
-     0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
-     0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
-     0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
-     0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
-     0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
-     0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
-     0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
-     0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
-     0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
-     0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
-     0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
-     0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
-     0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
-     0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
-     0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
-     0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
-     0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \
-     0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \
-     0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \
-     0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \
-     0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \
-     0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \
-     0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \
-     0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \
-     0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \
-     0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \
-     0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \
-     0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \
-     0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \
-     0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \
-     0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \
-     0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \
-     0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \
-     0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \
-     0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \
-     0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \
-     0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \
-     0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \
-     0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \
-     0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \
-     0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \
-     0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \
-     0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \
-     0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \
-     0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \
-     0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \
-     0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \
-     0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \
-     0xA4, 0x0E, 0x32, 0x9C, 0xCF, 0xF4, 0x6A, 0xAA, \
-     0x36, 0xAD, 0x00, 0x4C, 0xF6, 0x00, 0xC8, 0x38, \
-     0x1E, 0x42, 0x5A, 0x31, 0xD9, 0x51, 0xAE, 0x64, \
-     0xFD, 0xB2, 0x3F, 0xCE, 0xC9, 0x50, 0x9D, 0x43, \
-     0x68, 0x7F, 0xEB, 0x69, 0xED, 0xD1, 0xCC, 0x5E, \
-     0x0B, 0x8C, 0xC3, 0xBD, 0xF6, 0x4B, 0x10, 0xEF, \
-     0x86, 0xB6, 0x31, 0x42, 0xA3, 0xAB, 0x88, 0x29, \
-     0x55, 0x5B, 0x2F, 0x74, 0x7C, 0x93, 0x26, 0x65, \
-     0xCB, 0x2C, 0x0F, 0x1C, 0xC0, 0x1B, 0xD7, 0x02, \
-     0x29, 0x38, 0x88, 0x39, 0xD2, 0xAF, 0x05, 0xE4, \
-     0x54, 0x50, 0x4A, 0xC7, 0x8B, 0x75, 0x82, 0x82, \
-     0x28, 0x46, 0xC0, 0xBA, 0x35, 0xC3, 0x5F, 0x5C, \
-     0x59, 0x16, 0x0C, 0xC0, 0x46, 0xFD, 0x82, 0x51, \
-     0x54, 0x1F, 0xC6, 0x8C, 0x9C, 0x86, 0xB0, 0x22, \
-     0xBB, 0x70, 0x99, 0x87, 0x6A, 0x46, 0x0E, 0x74, \
-     0x51, 0xA8, 0xA9, 0x31, 0x09, 0x70, 0x3F, 0xEE, \
-     0x1C, 0x21, 0x7E, 0x6C, 0x38, 0x26, 0xE5, 0x2C, \
-     0x51, 0xAA, 0x69, 0x1E, 0x0E, 0x42, 0x3C, 0xFC, \
-     0x99, 0xE9, 0xE3, 0x16, 0x50, 0xC1, 0x21, 0x7B, \
-     0x62, 0x48, 0x16, 0xCD, 0xAD, 0x9A, 0x95, 0xF9, \
-     0xD5, 0xB8, 0x01, 0x94, 0x88, 0xD9, 0xC0, 0xA0, \
-     0xA1, 0xFE, 0x30, 0x75, 0xA5, 0x77, 0xE2, 0x31, \
-     0x83, 0xF8, 0x1D, 0x4A, 0x3F, 0x2F, 0xA4, 0x57, \
-     0x1E, 0xFC, 0x8C, 0xE0, 0xBA, 0x8A, 0x4F, 0xE8, \
-     0xB6, 0x85, 0x5D, 0xFE, 0x72, 0xB0, 0xA6, 0x6E, \
-     0xDE, 0xD2, 0xFB, 0xAB, 0xFB, 0xE5, 0x8A, 0x30, \
-     0xFA, 0xFA, 0xBE, 0x1C, 0x5D, 0x71, 0xA8, 0x7E, \
-     0x2F, 0x74, 0x1E, 0xF8, 0xC1, 0xFE, 0x86, 0xFE, \
-     0xA6, 0xBB, 0xFD, 0xE5, 0x30, 0x67, 0x7F, 0x0D, \
-     0x97, 0xD1, 0x1D, 0x49, 0xF7, 0xA8, 0x44, 0x3D, \
-     0x08, 0x22, 0xE5, 0x06, 0xA9, 0xF4, 0x61, 0x4E, \
-     0x01, 0x1E, 0x2A, 0x94, 0x83, 0x8F, 0xF8, 0x8C, \
-     0xD6, 0x8C, 0x8B, 0xB7, 0xC5, 0xC6, 0x42, 0x4C, \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
-
-#define MBEDTLS_DHM_RFC7919_FFDHE8192_G_BIN { 0x02 }
-
-#endif /* dhm.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/entropy_poll.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/entropy_poll.h
deleted file mode 100644
index e1d7491..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/entropy_poll.h
+++ /dev/null
@@ -1,108 +0,0 @@
-/**
- * \file entropy_poll.h
- *
- * \brief Platform-specific and custom entropy polling functions
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_ENTROPY_POLL_H
-#define MBEDTLS_ENTROPY_POLL_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- * Default thresholds for built-in sources, in bytes
- */
-#define MBEDTLS_ENTROPY_MIN_PLATFORM     32     /**< Minimum for platform source    */
-#define MBEDTLS_ENTROPY_MIN_HAVEGE       32     /**< Minimum for HAVEGE             */
-#define MBEDTLS_ENTROPY_MIN_HARDCLOCK     4     /**< Minimum for mbedtls_timing_hardclock()        */
-#if !defined(MBEDTLS_ENTROPY_MIN_HARDWARE)
-#define MBEDTLS_ENTROPY_MIN_HARDWARE     32     /**< Minimum for the hardware source */
-#endif
-
-/**
- * \brief           Entropy poll callback that provides 0 entropy.
- */
-#if defined(MBEDTLS_TEST_NULL_ENTROPY)
-    int mbedtls_null_entropy_poll( void *data,
-                                unsigned char *output, size_t len, size_t *olen );
-#endif
-
-#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
-/**
- * \brief           Platform-specific entropy poll callback
- */
-int mbedtls_platform_entropy_poll( void *data,
-                           unsigned char *output, size_t len, size_t *olen );
-#endif
-
-#if defined(MBEDTLS_HAVEGE_C)
-/**
- * \brief           HAVEGE based entropy poll callback
- *
- * Requires an HAVEGE state as its data pointer.
- */
-int mbedtls_havege_poll( void *data,
-                 unsigned char *output, size_t len, size_t *olen );
-#endif
-
-#if defined(MBEDTLS_TIMING_C)
-/**
- * \brief           mbedtls_timing_hardclock-based entropy poll callback
- */
-int mbedtls_hardclock_poll( void *data,
-                    unsigned char *output, size_t len, size_t *olen );
-#endif
-
-#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
-/**
- * \brief           Entropy poll callback for a hardware source
- *
- * \warning         This is not provided by mbed TLS!
- *                  See \c MBEDTLS_ENTROPY_HARDWARE_ALT in config.h.
- *
- * \note            This must accept NULL as its first argument.
- */
-int mbedtls_hardware_poll( void *data,
-                           unsigned char *output, size_t len, size_t *olen );
-#endif
-
-#if defined(MBEDTLS_ENTROPY_NV_SEED)
-/**
- * \brief           Entropy poll callback for a non-volatile seed file
- *
- * \note            This must accept NULL as its first argument.
- */
-int mbedtls_nv_seed_poll( void *data,
-                          unsigned char *output, size_t len, size_t *olen );
-#endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* entropy_poll.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/error.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/error.h
deleted file mode 100644
index cd7731e..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/error.h
+++ /dev/null
@@ -1,162 +0,0 @@
-/**
- * \file error.h
- *
- * \brief Error to string translation
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_ERROR_H
-#define MBEDTLS_ERROR_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-
-/**
- * Error code layout.
- *
- * Currently we try to keep all error codes within the negative space of 16
- * bits signed integers to support all platforms (-0x0001 - -0x7FFF). In
- * addition we'd like to give two layers of information on the error if
- * possible.
- *
- * For that purpose the error codes are segmented in the following manner:
- *
- * 16 bit error code bit-segmentation
- *
- * 1 bit  - Unused (sign bit)
- * 3 bits - High level module ID
- * 5 bits - Module-dependent error code
- * 7 bits - Low level module errors
- *
- * For historical reasons, low-level error codes are divided in even and odd,
- * even codes were assigned first, and -1 is reserved for other errors.
- *
- * Low-level module errors (0x0002-0x007E, 0x0001-0x007F)
- *
- * Module   Nr  Codes assigned
- * ERROR     2  0x006E          0x0001
- * MPI       7  0x0002-0x0010
- * GCM       3  0x0012-0x0014   0x0013-0x0013
- * BLOWFISH  3  0x0016-0x0018   0x0017-0x0017
- * THREADING 3  0x001A-0x001E
- * AES       5  0x0020-0x0022   0x0021-0x0025
- * CAMELLIA  3  0x0024-0x0026   0x0027-0x0027
- * XTEA      2  0x0028-0x0028   0x0029-0x0029
- * BASE64    2  0x002A-0x002C
- * OID       1  0x002E-0x002E   0x000B-0x000B
- * PADLOCK   1  0x0030-0x0030
- * DES       2  0x0032-0x0032   0x0033-0x0033
- * CTR_DBRG  4  0x0034-0x003A
- * ENTROPY   3  0x003C-0x0040   0x003D-0x003F
- * NET      13  0x0042-0x0052   0x0043-0x0049
- * ARIA      4  0x0058-0x005E
- * ASN1      7  0x0060-0x006C
- * CMAC      1  0x007A-0x007A
- * PBKDF2    1  0x007C-0x007C
- * HMAC_DRBG 4                  0x0003-0x0009
- * CCM       3                  0x000D-0x0011
- * ARC4      1                  0x0019-0x0019
- * MD2       1                  0x002B-0x002B
- * MD4       1                  0x002D-0x002D
- * MD5       1                  0x002F-0x002F
- * RIPEMD160 1                  0x0031-0x0031
- * SHA1      1                  0x0035-0x0035 0x0073-0x0073
- * SHA256    1                  0x0037-0x0037 0x0074-0x0074
- * SHA512    1                  0x0039-0x0039 0x0075-0x0075
- * CHACHA20  3                  0x0051-0x0055
- * POLY1305  3                  0x0057-0x005B
- * CHACHAPOLY 2 0x0054-0x0056
- * PLATFORM  2  0x0070-0x0072
- *
- * High-level module nr (3 bits - 0x0...-0x7...)
- * Name      ID  Nr of Errors
- * PEM       1   9
- * PKCS#12   1   4 (Started from top)
- * X509      2   20
- * PKCS5     2   4 (Started from top)
- * DHM       3   11
- * PK        3   15 (Started from top)
- * RSA       4   11
- * ECP       4   10 (Started from top)
- * MD        5   5
- * HKDF      5   1 (Started from top)
- * SSL       5   2 (Started from 0x5F00)
- * CIPHER    6   8 (Started from 0x6080)
- * SSL       6   24 (Started from top, plus 0x6000)
- * SSL       7   32
- *
- * Module dependent error code (5 bits 0x.00.-0x.F8.)
- */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define MBEDTLS_ERR_ERROR_GENERIC_ERROR       -0x0001  /**< Generic error */
-#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E  /**< This is a bug in the library */
-
-/**
- * \brief Translate a mbed TLS error code into a string representation,
- *        Result is truncated if necessary and always includes a terminating
- *        null byte.
- *
- * \param errnum    error code
- * \param buffer    buffer to place representation in
- * \param buflen    length of the buffer
- */
-void mbedtls_strerror( int errnum, char *buffer, size_t buflen );
-
-/**
- * \brief Translate the high-level part of an Mbed TLS error code into a string
- *        representation.
- *
- * This function returns a const pointer to an un-modifiable string. The caller
- * must not try to modify the string. It is intended to be used mostly for
- * logging purposes.
- *
- * \param error_code    error code
- *
- * \return The string representation of the error code, or \c NULL if the error
- *         code is unknown.
- */
-const char * mbedtls_high_level_strerr( int error_code );
-
-/**
- * \brief Translate the low-level part of an Mbed TLS error code into a string
- *        representation.
- *
- * This function returns a const pointer to an un-modifiable string. The caller
- * must not try to modify the string. It is intended to be used mostly for
- * logging purposes.
- *
- * \param error_code    error code
- *
- * \return The string representation of the error code, or \c NULL if the error
- *         code is unknown.
- */
-const char * mbedtls_low_level_strerr( int error_code );
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* error.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/havege.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/havege.h
deleted file mode 100644
index 7d27039..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/havege.h
+++ /dev/null
@@ -1,80 +0,0 @@
-/**
- * \file havege.h
- *
- * \brief HAVEGE: HArdware Volatile Entropy Gathering and Expansion
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_HAVEGE_H
-#define MBEDTLS_HAVEGE_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-#include <stdint.h>
-
-#define MBEDTLS_HAVEGE_COLLECT_SIZE 1024
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief          HAVEGE state structure
- */
-typedef struct mbedtls_havege_state
-{
-    uint32_t PT1, PT2, offset[2];
-    uint32_t pool[MBEDTLS_HAVEGE_COLLECT_SIZE];
-    uint32_t WALK[8192];
-}
-mbedtls_havege_state;
-
-/**
- * \brief          HAVEGE initialization
- *
- * \param hs       HAVEGE state to be initialized
- */
-void mbedtls_havege_init( mbedtls_havege_state *hs );
-
-/**
- * \brief          Clear HAVEGE state
- *
- * \param hs       HAVEGE state to be cleared
- */
-void mbedtls_havege_free( mbedtls_havege_state *hs );
-
-/**
- * \brief          HAVEGE rand function
- *
- * \param p_rng    A HAVEGE state
- * \param output   Buffer to fill
- * \param len      Length of buffer
- *
- * \return         0
- */
-int mbedtls_havege_random( void *p_rng, unsigned char *output, size_t len );
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* havege.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/hmac_drbg.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/hmac_drbg.h
deleted file mode 100644
index 9116541..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/hmac_drbg.h
+++ /dev/null
@@ -1,418 +0,0 @@
-/**
- * \file hmac_drbg.h
- *
- * \brief The HMAC_DRBG pseudorandom generator.
- *
- * This module implements the HMAC_DRBG pseudorandom generator described
- * in <em>NIST SP 800-90A: Recommendation for Random Number Generation Using
- * Deterministic Random Bit Generators</em>.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_HMAC_DRBG_H
-#define MBEDTLS_HMAC_DRBG_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/md.h"
-
-#if defined(MBEDTLS_THREADING_C)
-#include "mbedtls/threading.h"
-#endif
-
-/*
- * Error codes
- */
-#define MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG              -0x0003  /**< Too many random requested in single call. */
-#define MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG                -0x0005  /**< Input too large (Entropy + additional). */
-#define MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR                -0x0007  /**< Read/write error in file. */
-#define MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED        -0x0009  /**< The entropy source failed. */
-
-/**
- * \name SECTION: Module settings
- *
- * The configuration options you can set for this module are in this section.
- * Either change them in config.h or define them on the compiler command line.
- * \{
- */
-
-#if !defined(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL)
-#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL   10000   /**< Interval before reseed is performed by default */
-#endif
-
-#if !defined(MBEDTLS_HMAC_DRBG_MAX_INPUT)
-#define MBEDTLS_HMAC_DRBG_MAX_INPUT         256     /**< Maximum number of additional input bytes */
-#endif
-
-#if !defined(MBEDTLS_HMAC_DRBG_MAX_REQUEST)
-#define MBEDTLS_HMAC_DRBG_MAX_REQUEST       1024    /**< Maximum number of requested bytes per call */
-#endif
-
-#if !defined(MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT)
-#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT    384     /**< Maximum size of (re)seed buffer */
-#endif
-
-/* \} name SECTION: Module settings */
-
-#define MBEDTLS_HMAC_DRBG_PR_OFF   0   /**< No prediction resistance       */
-#define MBEDTLS_HMAC_DRBG_PR_ON    1   /**< Prediction resistance enabled  */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * HMAC_DRBG context.
- */
-typedef struct mbedtls_hmac_drbg_context
-{
-    /* Working state: the key K is not stored explicitly,
-     * but is implied by the HMAC context */
-    mbedtls_md_context_t md_ctx;                    /*!< HMAC context (inc. K)  */
-    unsigned char V[MBEDTLS_MD_MAX_SIZE];  /*!< V in the spec          */
-    int reseed_counter;                     /*!< reseed counter         */
-
-    /* Administrative state */
-    size_t entropy_len;         /*!< entropy bytes grabbed on each (re)seed */
-    int prediction_resistance;  /*!< enable prediction resistance (Automatic
-                                     reseed before every random generation) */
-    int reseed_interval;        /*!< reseed interval   */
-
-    /* Callbacks */
-    int (*f_entropy)(void *, unsigned char *, size_t); /*!< entropy function */
-    void *p_entropy;            /*!< context for the entropy function        */
-
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_threading_mutex_t mutex;
-#endif
-} mbedtls_hmac_drbg_context;
-
-/**
- * \brief               HMAC_DRBG context initialization.
- *
- * This function makes the context ready for mbedtls_hmac_drbg_seed(),
- * mbedtls_hmac_drbg_seed_buf() or mbedtls_hmac_drbg_free().
- *
- * \note                The reseed interval is #MBEDTLS_HMAC_DRBG_RESEED_INTERVAL
- *                      by default. Override this value by calling
- *                      mbedtls_hmac_drbg_set_reseed_interval().
- *
- * \param ctx           HMAC_DRBG context to be initialized.
- */
-void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx );
-
-/**
- * \brief               HMAC_DRBG initial seeding.
- *
- * Set the initial seed and set up the entropy source for future reseeds.
- *
- * A typical choice for the \p f_entropy and \p p_entropy parameters is
- * to use the entropy module:
- * - \p f_entropy is mbedtls_entropy_func();
- * - \p p_entropy is an instance of ::mbedtls_entropy_context initialized
- *   with mbedtls_entropy_init() (which registers the platform's default
- *   entropy sources).
- *
- * You can provide a personalization string in addition to the
- * entropy source, to make this instantiation as unique as possible.
- *
- * \note                By default, the security strength as defined by NIST is:
- *                      - 128 bits if \p md_info is SHA-1;
- *                      - 192 bits if \p md_info is SHA-224;
- *                      - 256 bits if \p md_info is SHA-256, SHA-384 or SHA-512.
- *                      Note that SHA-256 is just as efficient as SHA-224.
- *                      The security strength can be reduced if a smaller
- *                      entropy length is set with
- *                      mbedtls_hmac_drbg_set_entropy_len().
- *
- * \note                The default entropy length is the security strength
- *                      (converted from bits to bytes). You can override
- *                      it by calling mbedtls_hmac_drbg_set_entropy_len().
- *
- * \note                During the initial seeding, this function calls
- *                      the entropy source to obtain a nonce
- *                      whose length is half the entropy length.
- *
- * \param ctx           HMAC_DRBG context to be seeded.
- * \param md_info       MD algorithm to use for HMAC_DRBG.
- * \param f_entropy     The entropy callback, taking as arguments the
- *                      \p p_entropy context, the buffer to fill, and the
- *                      length of the buffer.
- *                      \p f_entropy is always called with a length that is
- *                      less than or equal to the entropy length.
- * \param p_entropy     The entropy context to pass to \p f_entropy.
- * \param custom        The personalization string.
- *                      This can be \c NULL, in which case the personalization
- *                      string is empty regardless of the value of \p len.
- * \param len           The length of the personalization string.
- *                      This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT
- *                      and also at most
- *                      #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \p entropy_len * 3 / 2
- *                      where \p entropy_len is the entropy length
- *                      described above.
- *
- * \return              \c 0 if successful.
- * \return              #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info is
- *                      invalid.
- * \return              #MBEDTLS_ERR_MD_ALLOC_FAILED if there was not enough
- *                      memory to allocate context data.
- * \return              #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
- *                      if the call to \p f_entropy failed.
- */
-int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
-                    const mbedtls_md_info_t * md_info,
-                    int (*f_entropy)(void *, unsigned char *, size_t),
-                    void *p_entropy,
-                    const unsigned char *custom,
-                    size_t len );
-
-/**
- * \brief               Initilisation of simpified HMAC_DRBG (never reseeds).
- *
- * This function is meant for use in algorithms that need a pseudorandom
- * input such as deterministic ECDSA.
- *
- * \param ctx           HMAC_DRBG context to be initialised.
- * \param md_info       MD algorithm to use for HMAC_DRBG.
- * \param data          Concatenation of the initial entropy string and
- *                      the additional data.
- * \param data_len      Length of \p data in bytes.
- *
- * \return              \c 0 if successful. or
- * \return              #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info is
- *                      invalid.
- * \return              #MBEDTLS_ERR_MD_ALLOC_FAILED if there was not enough
- *                      memory to allocate context data.
- */
-int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx,
-                        const mbedtls_md_info_t * md_info,
-                        const unsigned char *data, size_t data_len );
-
-/**
- * \brief               This function turns prediction resistance on or off.
- *                      The default value is off.
- *
- * \note                If enabled, entropy is gathered at the beginning of
- *                      every call to mbedtls_hmac_drbg_random_with_add()
- *                      or mbedtls_hmac_drbg_random().
- *                      Only use this if your entropy source has sufficient
- *                      throughput.
- *
- * \param ctx           The HMAC_DRBG context.
- * \param resistance    #MBEDTLS_HMAC_DRBG_PR_ON or #MBEDTLS_HMAC_DRBG_PR_OFF.
- */
-void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx,
-                                          int resistance );
-
-/**
- * \brief               This function sets the amount of entropy grabbed on each
- *                      seed or reseed.
- *
- * See the documentation of mbedtls_hmac_drbg_seed() for the default value.
- *
- * \param ctx           The HMAC_DRBG context.
- * \param len           The amount of entropy to grab, in bytes.
- */
-void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx,
-                                size_t len );
-
-/**
- * \brief               Set the reseed interval.
- *
- * The reseed interval is the number of calls to mbedtls_hmac_drbg_random()
- * or mbedtls_hmac_drbg_random_with_add() after which the entropy function
- * is called again.
- *
- * The default value is #MBEDTLS_HMAC_DRBG_RESEED_INTERVAL.
- *
- * \param ctx           The HMAC_DRBG context.
- * \param interval      The reseed interval.
- */
-void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx,
-                                    int interval );
-
-/**
- * \brief               This function updates the state of the HMAC_DRBG context.
- *
- * \param ctx           The HMAC_DRBG context.
- * \param additional    The data to update the state with.
- *                      If this is \c NULL, there is no additional data.
- * \param add_len       Length of \p additional in bytes.
- *                      Unused if \p additional is \c NULL.
- *
- * \return              \c 0 on success, or an error from the underlying
- *                      hash calculation.
- */
-int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx,
-                       const unsigned char *additional, size_t add_len );
-
-/**
- * \brief               This function reseeds the HMAC_DRBG context, that is
- *                      extracts data from the entropy source.
- *
- * \param ctx           The HMAC_DRBG context.
- * \param additional    Additional data to add to the state.
- *                      If this is \c NULL, there is no additional data
- *                      and \p len should be \c 0.
- * \param len           The length of the additional data.
- *                      This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT
- *                      and also at most
- *                      #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \p entropy_len
- *                      where \p entropy_len is the entropy length
- *                      (see mbedtls_hmac_drbg_set_entropy_len()).
- *
- * \return              \c 0 if successful.
- * \return              #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
- *                      if a call to the entropy function failed.
- */
-int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx,
-                      const unsigned char *additional, size_t len );
-
-/**
- * \brief   This function updates an HMAC_DRBG instance with additional
- *          data and uses it to generate random data.
- *
- * This function automatically reseeds if the reseed counter is exceeded
- * or prediction resistance is enabled.
- *
- * \param p_rng         The HMAC_DRBG context. This must be a pointer to a
- *                      #mbedtls_hmac_drbg_context structure.
- * \param output        The buffer to fill.
- * \param output_len    The length of the buffer in bytes.
- *                      This must be at most #MBEDTLS_HMAC_DRBG_MAX_REQUEST.
- * \param additional    Additional data to update with.
- *                      If this is \c NULL, there is no additional data
- *                      and \p add_len should be \c 0.
- * \param add_len       The length of the additional data.
- *                      This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT.
- *
- * \return              \c 0 if successful.
- * \return              #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
- *                      if a call to the entropy source failed.
- * \return              #MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG if
- *                      \p output_len > #MBEDTLS_HMAC_DRBG_MAX_REQUEST.
- * \return              #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if
- *                      \p add_len > #MBEDTLS_HMAC_DRBG_MAX_INPUT.
- */
-int mbedtls_hmac_drbg_random_with_add( void *p_rng,
-                               unsigned char *output, size_t output_len,
-                               const unsigned char *additional,
-                               size_t add_len );
-
-/**
- * \brief   This function uses HMAC_DRBG to generate random data.
- *
- * This function automatically reseeds if the reseed counter is exceeded
- * or prediction resistance is enabled.
- *
- * \param p_rng         The HMAC_DRBG context. This must be a pointer to a
- *                      #mbedtls_hmac_drbg_context structure.
- * \param output        The buffer to fill.
- * \param out_len       The length of the buffer in bytes.
- *                      This must be at most #MBEDTLS_HMAC_DRBG_MAX_REQUEST.
- *
- * \return              \c 0 if successful.
- * \return              #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
- *                      if a call to the entropy source failed.
- * \return              #MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG if
- *                      \p out_len > #MBEDTLS_HMAC_DRBG_MAX_REQUEST.
- */
-int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len );
-
-/**
- * \brief               This function resets HMAC_DRBG context to the state immediately
- *                      after initial call of mbedtls_hmac_drbg_init().
- *
- * \param ctx           The HMAC_DRBG context to free.
- */
-void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx );
-
-#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
-#if defined(MBEDTLS_DEPRECATED_WARNING)
-#define MBEDTLS_DEPRECATED    __attribute__((deprecated))
-#else
-#define MBEDTLS_DEPRECATED
-#endif
-/**
- * \brief               This function updates the state of the HMAC_DRBG context.
- *
- * \deprecated          Superseded by mbedtls_hmac_drbg_update_ret()
- *                      in 2.16.0.
- *
- * \param ctx           The HMAC_DRBG context.
- * \param additional    The data to update the state with.
- *                      If this is \c NULL, there is no additional data.
- * \param add_len       Length of \p additional in bytes.
- *                      Unused if \p additional is \c NULL.
- */
-MBEDTLS_DEPRECATED void mbedtls_hmac_drbg_update(
-    mbedtls_hmac_drbg_context *ctx,
-    const unsigned char *additional, size_t add_len );
-#undef MBEDTLS_DEPRECATED
-#endif /* !MBEDTLS_DEPRECATED_REMOVED */
-
-#if defined(MBEDTLS_FS_IO)
-/**
- * \brief               This function writes a seed file.
- *
- * \param ctx           The HMAC_DRBG context.
- * \param path          The name of the file.
- *
- * \return              \c 0 on success.
- * \return              #MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR on file error.
- * \return              #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED on reseed
- *                      failure.
- */
-int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path );
-
-/**
- * \brief               This function reads and updates a seed file. The seed
- *                      is added to this instance.
- *
- * \param ctx           The HMAC_DRBG context.
- * \param path          The name of the file.
- *
- * \return              \c 0 on success.
- * \return              #MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR on file error.
- * \return              #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED on
- *                      reseed failure.
- * \return              #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if the existing
- *                      seed file is too large.
- */
-int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path );
-#endif /* MBEDTLS_FS_IO */
-
-
-#if defined(MBEDTLS_SELF_TEST)
-/**
- * \brief               The HMAC_DRBG Checkup routine.
- *
- * \return              \c 0 if successful.
- * \return              \c 1 if the test failed.
- */
-int mbedtls_hmac_drbg_self_test( int verbose );
-#endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* hmac_drbg.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/md5.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/md5.h
deleted file mode 100644
index aaca0f2..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/md5.h
+++ /dev/null
@@ -1,309 +0,0 @@
-/**
- * \file md5.h
- *
- * \brief MD5 message digest algorithm (hash function)
- *
- * \warning   MD5 is considered a weak message digest and its use constitutes a
- *            security risk. We recommend considering stronger message
- *            digests instead.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_MD5_H
-#define MBEDTLS_MD5_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-#include <stdint.h>
-
-/* MBEDTLS_ERR_MD5_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_MD5_HW_ACCEL_FAILED                   -0x002F  /**< MD5 hardware accelerator failed */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if !defined(MBEDTLS_MD5_ALT)
-// Regular implementation
-//
-
-/**
- * \brief          MD5 context structure
- *
- * \warning        MD5 is considered a weak message digest and its use
- *                 constitutes a security risk. We recommend considering
- *                 stronger message digests instead.
- *
- */
-typedef struct mbedtls_md5_context
-{
-    uint32_t total[2];          /*!< number of bytes processed  */
-    uint32_t state[4];          /*!< intermediate digest state  */
-    unsigned char buffer[64];   /*!< data block being processed */
-}
-mbedtls_md5_context;
-
-#else  /* MBEDTLS_MD5_ALT */
-#include "md5_alt.h"
-#endif /* MBEDTLS_MD5_ALT */
-
-/**
- * \brief          Initialize MD5 context
- *
- * \param ctx      MD5 context to be initialized
- *
- * \warning        MD5 is considered a weak message digest and its use
- *                 constitutes a security risk. We recommend considering
- *                 stronger message digests instead.
- *
- */
-void mbedtls_md5_init( mbedtls_md5_context *ctx );
-
-/**
- * \brief          Clear MD5 context
- *
- * \param ctx      MD5 context to be cleared
- *
- * \warning        MD5 is considered a weak message digest and its use
- *                 constitutes a security risk. We recommend considering
- *                 stronger message digests instead.
- *
- */
-void mbedtls_md5_free( mbedtls_md5_context *ctx );
-
-/**
- * \brief          Clone (the state of) an MD5 context
- *
- * \param dst      The destination context
- * \param src      The context to be cloned
- *
- * \warning        MD5 is considered a weak message digest and its use
- *                 constitutes a security risk. We recommend considering
- *                 stronger message digests instead.
- *
- */
-void mbedtls_md5_clone( mbedtls_md5_context *dst,
-                        const mbedtls_md5_context *src );
-
-/**
- * \brief          MD5 context setup
- *
- * \param ctx      context to be initialized
- *
- * \return         0 if successful
- *
- * \warning        MD5 is considered a weak message digest and its use
- *                 constitutes a security risk. We recommend considering
- *                 stronger message digests instead.
- *
- */
-int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx );
-
-/**
- * \brief          MD5 process buffer
- *
- * \param ctx      MD5 context
- * \param input    buffer holding the data
- * \param ilen     length of the input data
- *
- * \return         0 if successful
- *
- * \warning        MD5 is considered a weak message digest and its use
- *                 constitutes a security risk. We recommend considering
- *                 stronger message digests instead.
- *
- */
-int mbedtls_md5_update_ret( mbedtls_md5_context *ctx,
-                            const unsigned char *input,
-                            size_t ilen );
-
-/**
- * \brief          MD5 final digest
- *
- * \param ctx      MD5 context
- * \param output   MD5 checksum result
- *
- * \return         0 if successful
- *
- * \warning        MD5 is considered a weak message digest and its use
- *                 constitutes a security risk. We recommend considering
- *                 stronger message digests instead.
- *
- */
-int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx,
-                            unsigned char output[16] );
-
-/**
- * \brief          MD5 process data block (internal use only)
- *
- * \param ctx      MD5 context
- * \param data     buffer holding one block of data
- *
- * \return         0 if successful
- *
- * \warning        MD5 is considered a weak message digest and its use
- *                 constitutes a security risk. We recommend considering
- *                 stronger message digests instead.
- *
- */
-int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
-                                  const unsigned char data[64] );
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-#if defined(MBEDTLS_DEPRECATED_WARNING)
-#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
-#else
-#define MBEDTLS_DEPRECATED
-#endif
-/**
- * \brief          MD5 context setup
- *
- * \deprecated     Superseded by mbedtls_md5_starts_ret() in 2.7.0
- *
- * \param ctx      context to be initialized
- *
- * \warning        MD5 is considered a weak message digest and its use
- *                 constitutes a security risk. We recommend considering
- *                 stronger message digests instead.
- *
- */
-MBEDTLS_DEPRECATED void mbedtls_md5_starts( mbedtls_md5_context *ctx );
-
-/**
- * \brief          MD5 process buffer
- *
- * \deprecated     Superseded by mbedtls_md5_update_ret() in 2.7.0
- *
- * \param ctx      MD5 context
- * \param input    buffer holding the data
- * \param ilen     length of the input data
- *
- * \warning        MD5 is considered a weak message digest and its use
- *                 constitutes a security risk. We recommend considering
- *                 stronger message digests instead.
- *
- */
-MBEDTLS_DEPRECATED void mbedtls_md5_update( mbedtls_md5_context *ctx,
-                                            const unsigned char *input,
-                                            size_t ilen );
-
-/**
- * \brief          MD5 final digest
- *
- * \deprecated     Superseded by mbedtls_md5_finish_ret() in 2.7.0
- *
- * \param ctx      MD5 context
- * \param output   MD5 checksum result
- *
- * \warning        MD5 is considered a weak message digest and its use
- *                 constitutes a security risk. We recommend considering
- *                 stronger message digests instead.
- *
- */
-MBEDTLS_DEPRECATED void mbedtls_md5_finish( mbedtls_md5_context *ctx,
-                                            unsigned char output[16] );
-
-/**
- * \brief          MD5 process data block (internal use only)
- *
- * \deprecated     Superseded by mbedtls_internal_md5_process() in 2.7.0
- *
- * \param ctx      MD5 context
- * \param data     buffer holding one block of data
- *
- * \warning        MD5 is considered a weak message digest and its use
- *                 constitutes a security risk. We recommend considering
- *                 stronger message digests instead.
- *
- */
-MBEDTLS_DEPRECATED void mbedtls_md5_process( mbedtls_md5_context *ctx,
-                                             const unsigned char data[64] );
-
-#undef MBEDTLS_DEPRECATED
-#endif /* !MBEDTLS_DEPRECATED_REMOVED */
-
-/**
- * \brief          Output = MD5( input buffer )
- *
- * \param input    buffer holding the data
- * \param ilen     length of the input data
- * \param output   MD5 checksum result
- *
- * \return         0 if successful
- *
- * \warning        MD5 is considered a weak message digest and its use
- *                 constitutes a security risk. We recommend considering
- *                 stronger message digests instead.
- *
- */
-int mbedtls_md5_ret( const unsigned char *input,
-                     size_t ilen,
-                     unsigned char output[16] );
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-#if defined(MBEDTLS_DEPRECATED_WARNING)
-#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
-#else
-#define MBEDTLS_DEPRECATED
-#endif
-/**
- * \brief          Output = MD5( input buffer )
- *
- * \deprecated     Superseded by mbedtls_md5_ret() in 2.7.0
- *
- * \param input    buffer holding the data
- * \param ilen     length of the input data
- * \param output   MD5 checksum result
- *
- * \warning        MD5 is considered a weak message digest and its use
- *                 constitutes a security risk. We recommend considering
- *                 stronger message digests instead.
- *
- */
-MBEDTLS_DEPRECATED void mbedtls_md5( const unsigned char *input,
-                                     size_t ilen,
-                                     unsigned char output[16] );
-
-#undef MBEDTLS_DEPRECATED
-#endif /* !MBEDTLS_DEPRECATED_REMOVED */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/**
- * \brief          Checkup routine
- *
- * \return         0 if successful, or 1 if the test failed
- *
- * \warning        MD5 is considered a weak message digest and its use
- *                 constitutes a security risk. We recommend considering
- *                 stronger message digests instead.
- *
- */
-int mbedtls_md5_self_test( int verbose );
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* mbedtls_md5.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/md_internal.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/md_internal.h
deleted file mode 100644
index f33cdf6..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/md_internal.h
+++ /dev/null
@@ -1,90 +0,0 @@
-/**
- * \file md_internal.h
- *
- * \brief Message digest wrappers.
- *
- * \warning This in an internal header. Do not include directly.
- *
- * \author Adriaan de Jong <dejong@fox-it.com>
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_MD_WRAP_H
-#define MBEDTLS_MD_WRAP_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/md.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * Message digest information.
- * Allows message digest functions to be called in a generic way.
- */
-struct mbedtls_md_info_t
-{
-    /** Name of the message digest */
-    const char * name;
-
-    /** Digest identifier */
-    mbedtls_md_type_t type;
-
-    /** Output length of the digest function in bytes */
-    unsigned char size;
-
-    /** Block length of the digest function in bytes */
-    unsigned char block_size;
-};
-
-#if defined(MBEDTLS_MD2_C)
-extern const mbedtls_md_info_t mbedtls_md2_info;
-#endif
-#if defined(MBEDTLS_MD4_C)
-extern const mbedtls_md_info_t mbedtls_md4_info;
-#endif
-#if defined(MBEDTLS_MD5_C)
-extern const mbedtls_md_info_t mbedtls_md5_info;
-#endif
-#if defined(MBEDTLS_RIPEMD160_C)
-extern const mbedtls_md_info_t mbedtls_ripemd160_info;
-#endif
-#if defined(MBEDTLS_SHA1_C)
-extern const mbedtls_md_info_t mbedtls_sha1_info;
-#endif
-#if defined(MBEDTLS_SHA256_C)
-extern const mbedtls_md_info_t mbedtls_sha224_info;
-extern const mbedtls_md_info_t mbedtls_sha256_info;
-#endif
-#if defined(MBEDTLS_SHA512_C)
-#if !defined(MBEDTLS_SHA512_NO_SHA384)
-extern const mbedtls_md_info_t mbedtls_sha384_info;
-#endif
-extern const mbedtls_md_info_t mbedtls_sha512_info;
-#endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* MBEDTLS_MD_WRAP_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/net.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/net.h
deleted file mode 100644
index 6692188..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/net.h
+++ /dev/null
@@ -1,35 +0,0 @@
-/**
- * \file net.h
- *
- * \brief Deprecated header file that includes net_sockets.h
- *
- * \deprecated Superseded by mbedtls/net_sockets.h
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-#include "mbedtls/net_sockets.h"
-#if defined(MBEDTLS_DEPRECATED_WARNING)
-#warning "Deprecated header file: Superseded by mbedtls/net_sockets.h"
-#endif /* MBEDTLS_DEPRECATED_WARNING */
-#endif /* !MBEDTLS_DEPRECATED_REMOVED */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/net_sockets.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/net_sockets.h
deleted file mode 100644
index 55fd18b..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/net_sockets.h
+++ /dev/null
@@ -1,276 +0,0 @@
-/**
- * \file net_sockets.h
- *
- * \brief   Network sockets abstraction layer to integrate Mbed TLS into a
- *          BSD-style sockets API.
- *
- *          The network sockets module provides an example integration of the
- *          Mbed TLS library into a BSD sockets implementation. The module is
- *          intended to be an example of how Mbed TLS can be integrated into a
- *          networking stack, as well as to be Mbed TLS's network integration
- *          for its supported platforms.
- *
- *          The module is intended only to be used with the Mbed TLS library and
- *          is not intended to be used by third party application software
- *          directly.
- *
- *          The supported platforms are as follows:
- *              * Microsoft Windows and Windows CE
- *              * POSIX/Unix platforms including Linux, OS X
- *
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_NET_SOCKETS_H
-#define MBEDTLS_NET_SOCKETS_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/ssl.h"
-
-#include <stddef.h>
-#include <stdint.h>
-
-#define MBEDTLS_ERR_NET_SOCKET_FAILED                     -0x0042  /**< Failed to open a socket. */
-#define MBEDTLS_ERR_NET_CONNECT_FAILED                    -0x0044  /**< The connection to the given server / port failed. */
-#define MBEDTLS_ERR_NET_BIND_FAILED                       -0x0046  /**< Binding of the socket failed. */
-#define MBEDTLS_ERR_NET_LISTEN_FAILED                     -0x0048  /**< Could not listen on the socket. */
-#define MBEDTLS_ERR_NET_ACCEPT_FAILED                     -0x004A  /**< Could not accept the incoming connection. */
-#define MBEDTLS_ERR_NET_RECV_FAILED                       -0x004C  /**< Reading information from the socket failed. */
-#define MBEDTLS_ERR_NET_SEND_FAILED                       -0x004E  /**< Sending information through the socket failed. */
-#define MBEDTLS_ERR_NET_CONN_RESET                        -0x0050  /**< Connection was reset by peer. */
-#define MBEDTLS_ERR_NET_UNKNOWN_HOST                      -0x0052  /**< Failed to get an IP address for the given hostname. */
-#define MBEDTLS_ERR_NET_BUFFER_TOO_SMALL                  -0x0043  /**< Buffer is too small to hold the data. */
-#define MBEDTLS_ERR_NET_INVALID_CONTEXT                   -0x0045  /**< The context is invalid, eg because it was free()ed. */
-#define MBEDTLS_ERR_NET_POLL_FAILED                       -0x0047  /**< Polling the net context failed. */
-#define MBEDTLS_ERR_NET_BAD_INPUT_DATA                    -0x0049  /**< Input invalid. */
-
-#define MBEDTLS_NET_LISTEN_BACKLOG         10 /**< The backlog that listen() should use. */
-
-#define MBEDTLS_NET_PROTO_TCP 0 /**< The TCP transport protocol */
-#define MBEDTLS_NET_PROTO_UDP 1 /**< The UDP transport protocol */
-
-#define MBEDTLS_NET_POLL_READ  1 /**< Used in \c mbedtls_net_poll to check for pending data  */
-#define MBEDTLS_NET_POLL_WRITE 2 /**< Used in \c mbedtls_net_poll to check if write possible */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * Wrapper type for sockets.
- *
- * Currently backed by just a file descriptor, but might be more in the future
- * (eg two file descriptors for combined IPv4 + IPv6 support, or additional
- * structures for hand-made UDP demultiplexing).
- */
-typedef struct mbedtls_net_context
-{
-    int fd;             /**< The underlying file descriptor                 */
-}
-mbedtls_net_context;
-
-/**
- * \brief          Initialize a context
- *                 Just makes the context ready to be used or freed safely.
- *
- * \param ctx      Context to initialize
- */
-void mbedtls_net_init( mbedtls_net_context *ctx );
-
-/**
- * \brief          Initiate a connection with host:port in the given protocol
- *
- * \param ctx      Socket to use
- * \param host     Host to connect to
- * \param port     Port to connect to
- * \param proto    Protocol: MBEDTLS_NET_PROTO_TCP or MBEDTLS_NET_PROTO_UDP
- *
- * \return         0 if successful, or one of:
- *                      MBEDTLS_ERR_NET_SOCKET_FAILED,
- *                      MBEDTLS_ERR_NET_UNKNOWN_HOST,
- *                      MBEDTLS_ERR_NET_CONNECT_FAILED
- *
- * \note           Sets the socket in connected mode even with UDP.
- */
-int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char *port, int proto );
-
-/**
- * \brief          Create a receiving socket on bind_ip:port in the chosen
- *                 protocol. If bind_ip == NULL, all interfaces are bound.
- *
- * \param ctx      Socket to use
- * \param bind_ip  IP to bind to, can be NULL
- * \param port     Port number to use
- * \param proto    Protocol: MBEDTLS_NET_PROTO_TCP or MBEDTLS_NET_PROTO_UDP
- *
- * \return         0 if successful, or one of:
- *                      MBEDTLS_ERR_NET_SOCKET_FAILED,
- *                      MBEDTLS_ERR_NET_BIND_FAILED,
- *                      MBEDTLS_ERR_NET_LISTEN_FAILED
- *
- * \note           Regardless of the protocol, opens the sockets and binds it.
- *                 In addition, make the socket listening if protocol is TCP.
- */
-int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto );
-
-/**
- * \brief           Accept a connection from a remote client
- *
- * \param bind_ctx  Relevant socket
- * \param client_ctx Will contain the connected client socket
- * \param client_ip Will contain the client IP address, can be NULL
- * \param buf_size  Size of the client_ip buffer
- * \param ip_len    Will receive the size of the client IP written,
- *                  can be NULL if client_ip is null
- *
- * \return          0 if successful, or
- *                  MBEDTLS_ERR_NET_ACCEPT_FAILED, or
- *                  MBEDTLS_ERR_NET_BUFFER_TOO_SMALL if buf_size is too small,
- *                  MBEDTLS_ERR_SSL_WANT_READ if bind_fd was set to
- *                  non-blocking and accept() would block.
- */
-int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
-                        mbedtls_net_context *client_ctx,
-                        void *client_ip, size_t buf_size, size_t *ip_len );
-
-/**
- * \brief          Check and wait for the context to be ready for read/write
- *
- * \param ctx      Socket to check
- * \param rw       Bitflag composed of MBEDTLS_NET_POLL_READ and
- *                 MBEDTLS_NET_POLL_WRITE specifying the events
- *                 to wait for:
- *                 - If MBEDTLS_NET_POLL_READ is set, the function
- *                   will return as soon as the net context is available
- *                   for reading.
- *                 - If MBEDTLS_NET_POLL_WRITE is set, the function
- *                   will return as soon as the net context is available
- *                   for writing.
- * \param timeout  Maximal amount of time to wait before returning,
- *                 in milliseconds. If \c timeout is zero, the
- *                 function returns immediately. If \c timeout is
- *                 -1u, the function blocks potentially indefinitely.
- *
- * \return         Bitmask composed of MBEDTLS_NET_POLL_READ/WRITE
- *                 on success or timeout, or a negative return code otherwise.
- */
-int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout );
-
-/**
- * \brief          Set the socket blocking
- *
- * \param ctx      Socket to set
- *
- * \return         0 if successful, or a non-zero error code
- */
-int mbedtls_net_set_block( mbedtls_net_context *ctx );
-
-/**
- * \brief          Set the socket non-blocking
- *
- * \param ctx      Socket to set
- *
- * \return         0 if successful, or a non-zero error code
- */
-int mbedtls_net_set_nonblock( mbedtls_net_context *ctx );
-
-/**
- * \brief          Portable usleep helper
- *
- * \param usec     Amount of microseconds to sleep
- *
- * \note           Real amount of time slept will not be less than
- *                 select()'s timeout granularity (typically, 10ms).
- */
-void mbedtls_net_usleep( unsigned long usec );
-
-/**
- * \brief          Read at most 'len' characters. If no error occurs,
- *                 the actual amount read is returned.
- *
- * \param ctx      Socket
- * \param buf      The buffer to write to
- * \param len      Maximum length of the buffer
- *
- * \return         the number of bytes received,
- *                 or a non-zero error code; with a non-blocking socket,
- *                 MBEDTLS_ERR_SSL_WANT_READ indicates read() would block.
- */
-int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len );
-
-/**
- * \brief          Write at most 'len' characters. If no error occurs,
- *                 the actual amount read is returned.
- *
- * \param ctx      Socket
- * \param buf      The buffer to read from
- * \param len      The length of the buffer
- *
- * \return         the number of bytes sent,
- *                 or a non-zero error code; with a non-blocking socket,
- *                 MBEDTLS_ERR_SSL_WANT_WRITE indicates write() would block.
- */
-int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len );
-
-/**
- * \brief          Read at most 'len' characters, blocking for at most
- *                 'timeout' seconds. If no error occurs, the actual amount
- *                 read is returned.
- *
- * \param ctx      Socket
- * \param buf      The buffer to write to
- * \param len      Maximum length of the buffer
- * \param timeout  Maximum number of milliseconds to wait for data
- *                 0 means no timeout (wait forever)
- *
- * \return         the number of bytes received,
- *                 or a non-zero error code:
- *                 MBEDTLS_ERR_SSL_TIMEOUT if the operation timed out,
- *                 MBEDTLS_ERR_SSL_WANT_READ if interrupted by a signal.
- *
- * \note           This function will block (until data becomes available or
- *                 timeout is reached) even if the socket is set to
- *                 non-blocking. Handling timeouts with non-blocking reads
- *                 requires a different strategy.
- */
-int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len,
-                      uint32_t timeout );
-
-/**
- * \brief          Closes down the connection and free associated data
- *
- * \param ctx      The context to close
- */
-void mbedtls_net_close( mbedtls_net_context *ctx );
-
-/**
- * \brief          Gracefully shutdown the connection and free associated data
- *
- * \param ctx      The context to free
- */
-void mbedtls_net_free( mbedtls_net_context *ctx );
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* net_sockets.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/padlock.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/padlock.h
deleted file mode 100644
index 78dbeb6..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/padlock.h
+++ /dev/null
@@ -1,124 +0,0 @@
-/**
- * \file padlock.h
- *
- * \brief VIA PadLock ACE for HW encryption/decryption supported by some
- *        processors
- *
- * \warning These functions are only for internal use by other library
- *          functions; you must not call them directly.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_PADLOCK_H
-#define MBEDTLS_PADLOCK_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/aes.h"
-
-#define MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED               -0x0030  /**< Input data should be aligned. */
-
-#if defined(__has_feature)
-#if __has_feature(address_sanitizer)
-#define MBEDTLS_HAVE_ASAN
-#endif
-#endif
-
-/* Some versions of ASan result in errors about not enough registers */
-#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) && \
-    !defined(MBEDTLS_HAVE_ASAN)
-
-#ifndef MBEDTLS_HAVE_X86
-#define MBEDTLS_HAVE_X86
-#endif
-
-#include <stdint.h>
-
-#define MBEDTLS_PADLOCK_RNG 0x000C
-#define MBEDTLS_PADLOCK_ACE 0x00C0
-#define MBEDTLS_PADLOCK_PHE 0x0C00
-#define MBEDTLS_PADLOCK_PMM 0x3000
-
-#define MBEDTLS_PADLOCK_ALIGN16(x) (uint32_t *) (16 + ((int32_t) (x) & ~15))
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief          Internal PadLock detection routine
- *
- * \note           This function is only for internal use by other library
- *                 functions; you must not call it directly.
- *
- * \param feature  The feature to detect
- *
- * \return         1 if CPU has support for the feature, 0 otherwise
- */
-int mbedtls_padlock_has_support( int feature );
-
-/**
- * \brief          Internal PadLock AES-ECB block en(de)cryption
- *
- * \note           This function is only for internal use by other library
- *                 functions; you must not call it directly.
- *
- * \param ctx      AES context
- * \param mode     MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
- * \param input    16-byte input block
- * \param output   16-byte output block
- *
- * \return         0 if success, 1 if operation failed
- */
-int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx,
-                               int mode,
-                               const unsigned char input[16],
-                               unsigned char output[16] );
-
-/**
- * \brief          Internal PadLock AES-CBC buffer en(de)cryption
- *
- * \note           This function is only for internal use by other library
- *                 functions; you must not call it directly.
- *
- * \param ctx      AES context
- * \param mode     MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
- * \param length   length of the input data
- * \param iv       initialization vector (updated after use)
- * \param input    buffer holding the input data
- * \param output   buffer holding the output data
- *
- * \return         0 if success, 1 if operation failed
- */
-int mbedtls_padlock_xcryptcbc( mbedtls_aes_context *ctx,
-                               int mode,
-                               size_t length,
-                               unsigned char iv[16],
-                               const unsigned char *input,
-                               unsigned char *output );
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* HAVE_X86  */
-
-#endif /* padlock.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/pem.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/pem.h
deleted file mode 100644
index 4769bec..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/pem.h
+++ /dev/null
@@ -1,144 +0,0 @@
-/**
- * \file pem.h
- *
- * \brief Privacy Enhanced Mail (PEM) decoding
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_PEM_H
-#define MBEDTLS_PEM_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-
-/**
- * \name PEM Error codes
- * These error codes are returned in case of errors reading the
- * PEM data.
- * \{
- */
-#define MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT          -0x1080  /**< No PEM header or footer found. */
-#define MBEDTLS_ERR_PEM_INVALID_DATA                      -0x1100  /**< PEM string is not as expected. */
-#define MBEDTLS_ERR_PEM_ALLOC_FAILED                      -0x1180  /**< Failed to allocate memory. */
-#define MBEDTLS_ERR_PEM_INVALID_ENC_IV                    -0x1200  /**< RSA IV is not in hex-format. */
-#define MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG                   -0x1280  /**< Unsupported key encryption algorithm. */
-#define MBEDTLS_ERR_PEM_PASSWORD_REQUIRED                 -0x1300  /**< Private key password can't be empty. */
-#define MBEDTLS_ERR_PEM_PASSWORD_MISMATCH                 -0x1380  /**< Given private key password does not allow for correct decryption. */
-#define MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE               -0x1400  /**< Unavailable feature, e.g. hashing/encryption combination. */
-#define MBEDTLS_ERR_PEM_BAD_INPUT_DATA                    -0x1480  /**< Bad input parameters to function. */
-/* \} name */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if defined(MBEDTLS_PEM_PARSE_C)
-/**
- * \brief       PEM context structure
- */
-typedef struct mbedtls_pem_context
-{
-    unsigned char *buf;     /*!< buffer for decoded data             */
-    size_t buflen;          /*!< length of the buffer                */
-    unsigned char *info;    /*!< buffer for extra header information */
-}
-mbedtls_pem_context;
-
-/**
- * \brief       PEM context setup
- *
- * \param ctx   context to be initialized
- */
-void mbedtls_pem_init( mbedtls_pem_context *ctx );
-
-/**
- * \brief       Read a buffer for PEM information and store the resulting
- *              data into the specified context buffers.
- *
- * \param ctx       context to use
- * \param header    header string to seek and expect
- * \param footer    footer string to seek and expect
- * \param data      source data to look in (must be nul-terminated)
- * \param pwd       password for decryption (can be NULL)
- * \param pwdlen    length of password
- * \param use_len   destination for total length used (set after header is
- *                  correctly read, so unless you get
- *                  MBEDTLS_ERR_PEM_BAD_INPUT_DATA or
- *                  MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT, use_len is
- *                  the length to skip)
- *
- * \note            Attempts to check password correctness by verifying if
- *                  the decrypted text starts with an ASN.1 sequence of
- *                  appropriate length
- *
- * \return          0 on success, or a specific PEM error code
- */
-int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer,
-                     const unsigned char *data,
-                     const unsigned char *pwd,
-                     size_t pwdlen, size_t *use_len );
-
-/**
- * \brief       PEM context memory freeing
- *
- * \param ctx   context to be freed
- */
-void mbedtls_pem_free( mbedtls_pem_context *ctx );
-#endif /* MBEDTLS_PEM_PARSE_C */
-
-#if defined(MBEDTLS_PEM_WRITE_C)
-/**
- * \brief           Write a buffer of PEM information from a DER encoded
- *                  buffer.
- *
- * \param header    The header string to write.
- * \param footer    The footer string to write.
- * \param der_data  The DER data to encode.
- * \param der_len   The length of the DER data \p der_data in Bytes.
- * \param buf       The buffer to write to.
- * \param buf_len   The length of the output buffer \p buf in Bytes.
- * \param olen      The address at which to store the total length written
- *                  or required (if \p buf_len is not enough).
- *
- * \note            You may pass \c NULL for \p buf and \c 0 for \p buf_len
- *                  to request the length of the resulting PEM buffer in
- *                  `*olen`.
- *
- * \note            This function may be called with overlapping \p der_data
- *                  and \p buf buffers.
- *
- * \return          \c 0 on success.
- * \return          #MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL if \p buf isn't large
- *                  enough to hold the PEM buffer. In  this case, `*olen` holds
- *                  the required minimum size of \p buf.
- * \return          Another PEM or BASE64 error code on other kinds of failure.
- */
-int mbedtls_pem_write_buffer( const char *header, const char *footer,
-                      const unsigned char *der_data, size_t der_len,
-                      unsigned char *buf, size_t buf_len, size_t *olen );
-#endif /* MBEDTLS_PEM_WRITE_C */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* pem.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/pk.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/pk.h
deleted file mode 100644
index 7d0f977..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/pk.h
+++ /dev/null
@@ -1,880 +0,0 @@
-/**
- * \file pk.h
- *
- * \brief Public Key abstraction layer
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef MBEDTLS_PK_H
-#define MBEDTLS_PK_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/md.h"
-
-#if defined(MBEDTLS_RSA_C)
-#include "mbedtls/rsa.h"
-#endif
-
-#if defined(MBEDTLS_ECP_C)
-#include "mbedtls/ecp.h"
-#endif
-
-#if defined(MBEDTLS_ECDSA_C)
-#include "mbedtls/ecdsa.h"
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "psa/crypto.h"
-#endif
-
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
-    !defined(inline) && !defined(__cplusplus)
-#define inline __inline
-#endif
-
-#define MBEDTLS_ERR_PK_ALLOC_FAILED        -0x3F80  /**< Memory allocation failed. */
-#define MBEDTLS_ERR_PK_TYPE_MISMATCH       -0x3F00  /**< Type mismatch, eg attempt to encrypt with an ECDSA key */
-#define MBEDTLS_ERR_PK_BAD_INPUT_DATA      -0x3E80  /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_PK_FILE_IO_ERROR       -0x3E00  /**< Read/write of file failed. */
-#define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x3D80  /**< Unsupported key version */
-#define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT  -0x3D00  /**< Invalid key tag or value. */
-#define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG      -0x3C80  /**< Key algorithm is unsupported (only RSA and EC are supported). */
-#define MBEDTLS_ERR_PK_PASSWORD_REQUIRED   -0x3C00  /**< Private key password can't be empty. */
-#define MBEDTLS_ERR_PK_PASSWORD_MISMATCH   -0x3B80  /**< Given private key password does not allow for correct decryption. */
-#define MBEDTLS_ERR_PK_INVALID_PUBKEY      -0x3B00  /**< The pubkey tag or value is invalid (only RSA and EC are supported). */
-#define MBEDTLS_ERR_PK_INVALID_ALG         -0x3A80  /**< The algorithm tag or value is invalid. */
-#define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00  /**< Elliptic curve is unsupported (only NIST curves are supported). */
-#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980  /**< Unavailable feature, e.g. RSA disabled for RSA key. */
-#define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH    -0x3900  /**< The buffer contains a valid signature followed by more data. */
-
-/* MBEDTLS_ERR_PK_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_PK_HW_ACCEL_FAILED     -0x3880  /**< PK hardware accelerator failed. */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief          Public key types
- */
-typedef enum {
-    MBEDTLS_PK_NONE=0,
-    MBEDTLS_PK_RSA,
-    MBEDTLS_PK_ECKEY,
-    MBEDTLS_PK_ECKEY_DH,
-    MBEDTLS_PK_ECDSA,
-    MBEDTLS_PK_RSA_ALT,
-    MBEDTLS_PK_RSASSA_PSS,
-    MBEDTLS_PK_OPAQUE,
-} mbedtls_pk_type_t;
-
-/**
- * \brief           Options for RSASSA-PSS signature verification.
- *                  See \c mbedtls_rsa_rsassa_pss_verify_ext()
- */
-typedef struct mbedtls_pk_rsassa_pss_options
-{
-    mbedtls_md_type_t mgf1_hash_id;
-    int expected_salt_len;
-
-} mbedtls_pk_rsassa_pss_options;
-
-/**
- * \brief           Maximum size of a signature made by mbedtls_pk_sign().
- */
-/* We need to set MBEDTLS_PK_SIGNATURE_MAX_SIZE to the maximum signature
- * size among the supported signature types. Do it by starting at 0,
- * then incrementally increasing to be large enough for each supported
- * signature mechanism.
- *
- * The resulting value can be 0, for example if MBEDTLS_ECDH_C is enabled
- * (which allows the pk module to be included) but neither MBEDTLS_ECDSA_C
- * nor MBEDTLS_RSA_C nor any opaque signature mechanism (PSA or RSA_ALT).
- */
-#define MBEDTLS_PK_SIGNATURE_MAX_SIZE 0
-
-#if ( defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_RSA_ALT_SUPPORT) ) && \
-    MBEDTLS_MPI_MAX_SIZE > MBEDTLS_PK_SIGNATURE_MAX_SIZE
-/* For RSA, the signature can be as large as the bignum module allows.
- * For RSA_ALT, the signature size is not necessarily tied to what the
- * bignum module can do, but in the absence of any specific setting,
- * we use that (rsa_alt_sign_wrap in pk_wrap will check). */
-#undef MBEDTLS_PK_SIGNATURE_MAX_SIZE
-#define MBEDTLS_PK_SIGNATURE_MAX_SIZE MBEDTLS_MPI_MAX_SIZE
-#endif
-
-#if defined(MBEDTLS_ECDSA_C) &&                                 \
-    MBEDTLS_ECDSA_MAX_LEN > MBEDTLS_PK_SIGNATURE_MAX_SIZE
-/* For ECDSA, the ecdsa module exports a constant for the maximum
- * signature size. */
-#undef MBEDTLS_PK_SIGNATURE_MAX_SIZE
-#define MBEDTLS_PK_SIGNATURE_MAX_SIZE MBEDTLS_ECDSA_MAX_LEN
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#if PSA_SIGNATURE_MAX_SIZE > MBEDTLS_PK_SIGNATURE_MAX_SIZE
-/* PSA_SIGNATURE_MAX_SIZE is the maximum size of a signature made
- * through the PSA API in the PSA representation. */
-#undef MBEDTLS_PK_SIGNATURE_MAX_SIZE
-#define MBEDTLS_PK_SIGNATURE_MAX_SIZE PSA_SIGNATURE_MAX_SIZE
-#endif
-
-#if PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE + 11 > MBEDTLS_PK_SIGNATURE_MAX_SIZE
-/* The Mbed TLS representation is different for ECDSA signatures:
- * PSA uses the raw concatenation of r and s,
- * whereas Mbed TLS uses the ASN.1 representation (SEQUENCE of two INTEGERs).
- * Add the overhead of ASN.1: up to (1+2) + 2 * (1+2+1) for the
- * types, lengths (represented by up to 2 bytes), and potential leading
- * zeros of the INTEGERs and the SEQUENCE. */
-#undef MBEDTLS_PK_SIGNATURE_MAX_SIZE
-#define MBEDTLS_PK_SIGNATURE_MAX_SIZE ( PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE + 11 )
-#endif
-#endif /* defined(MBEDTLS_USE_PSA_CRYPTO) */
-
-/**
- * \brief           Types for interfacing with the debug module
- */
-typedef enum
-{
-    MBEDTLS_PK_DEBUG_NONE = 0,
-    MBEDTLS_PK_DEBUG_MPI,
-    MBEDTLS_PK_DEBUG_ECP,
-} mbedtls_pk_debug_type;
-
-/**
- * \brief           Item to send to the debug module
- */
-typedef struct mbedtls_pk_debug_item
-{
-    mbedtls_pk_debug_type type;
-    const char *name;
-    void *value;
-} mbedtls_pk_debug_item;
-
-/** Maximum number of item send for debugging, plus 1 */
-#define MBEDTLS_PK_DEBUG_MAX_ITEMS 3
-
-/**
- * \brief           Public key information and operations
- */
-typedef struct mbedtls_pk_info_t mbedtls_pk_info_t;
-
-/**
- * \brief           Public key container
- */
-typedef struct mbedtls_pk_context
-{
-    const mbedtls_pk_info_t *   pk_info; /**< Public key information         */
-    void *                      pk_ctx;  /**< Underlying public key context  */
-} mbedtls_pk_context;
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-/**
- * \brief           Context for resuming operations
- */
-typedef struct
-{
-    const mbedtls_pk_info_t *   pk_info; /**< Public key information         */
-    void *                      rs_ctx;  /**< Underlying restart context     */
-} mbedtls_pk_restart_ctx;
-#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
-/* Now we can declare functions that take a pointer to that */
-typedef void mbedtls_pk_restart_ctx;
-#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
-
-#if defined(MBEDTLS_RSA_C)
-/**
- * Quick access to an RSA context inside a PK context.
- *
- * \warning You must make sure the PK context actually holds an RSA context
- * before using this function!
- */
-static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk )
-{
-    return( (mbedtls_rsa_context *) (pk).pk_ctx );
-}
-#endif /* MBEDTLS_RSA_C */
-
-#if defined(MBEDTLS_ECP_C)
-/**
- * Quick access to an EC context inside a PK context.
- *
- * \warning You must make sure the PK context actually holds an EC context
- * before using this function!
- */
-static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk )
-{
-    return( (mbedtls_ecp_keypair *) (pk).pk_ctx );
-}
-#endif /* MBEDTLS_ECP_C */
-
-#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
-/**
- * \brief           Types for RSA-alt abstraction
- */
-typedef int (*mbedtls_pk_rsa_alt_decrypt_func)( void *ctx, int mode, size_t *olen,
-                    const unsigned char *input, unsigned char *output,
-                    size_t output_max_len );
-typedef int (*mbedtls_pk_rsa_alt_sign_func)( void *ctx,
-                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-                    int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
-                    const unsigned char *hash, unsigned char *sig );
-typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx );
-#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
-
-/**
- * \brief           Return information associated with the given PK type
- *
- * \param pk_type   PK type to search for.
- *
- * \return          The PK info associated with the type or NULL if not found.
- */
-const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type );
-
-/**
- * \brief           Initialize a #mbedtls_pk_context (as NONE).
- *
- * \param ctx       The context to initialize.
- *                  This must not be \c NULL.
- */
-void mbedtls_pk_init( mbedtls_pk_context *ctx );
-
-/**
- * \brief           Free the components of a #mbedtls_pk_context.
- *
- * \param ctx       The context to clear. It must have been initialized.
- *                  If this is \c NULL, this function does nothing.
- *
- * \note            For contexts that have been set up with
- *                  mbedtls_pk_setup_opaque(), this does not free the underlying
- *                  PSA key and you still need to call psa_destroy_key()
- *                  independently if you want to destroy that key.
- */
-void mbedtls_pk_free( mbedtls_pk_context *ctx );
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-/**
- * \brief           Initialize a restart context
- *
- * \param ctx       The context to initialize.
- *                  This must not be \c NULL.
- */
-void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx );
-
-/**
- * \brief           Free the components of a restart context
- *
- * \param ctx       The context to clear. It must have been initialized.
- *                  If this is \c NULL, this function does nothing.
- */
-void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx );
-#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
-
-/**
- * \brief           Initialize a PK context with the information given
- *                  and allocates the type-specific PK subcontext.
- *
- * \param ctx       Context to initialize. It must not have been set
- *                  up yet (type #MBEDTLS_PK_NONE).
- * \param info      Information to use
- *
- * \return          0 on success,
- *                  MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input,
- *                  MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
- *
- * \note            For contexts holding an RSA-alt key, use
- *                  \c mbedtls_pk_setup_rsa_alt() instead.
- */
-int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-/**
- * \brief           Initialize a PK context to wrap a PSA key.
- *
- * \note            This function replaces mbedtls_pk_setup() for contexts
- *                  that wrap a (possibly opaque) PSA key instead of
- *                  storing and manipulating the key material directly.
- *
- * \param ctx       The context to initialize. It must be empty (type NONE).
- * \param key       The PSA key to wrap, which must hold an ECC key pair
- *                  (see notes below).
- *
- * \note            The wrapped key must remain valid as long as the
- *                  wrapping PK context is in use, that is at least between
- *                  the point this function is called and the point
- *                  mbedtls_pk_free() is called on this context. The wrapped
- *                  key might then be independently used or destroyed.
- *
- * \note            This function is currently only available for ECC key
- *                  pairs (that is, ECC keys containing private key material).
- *                  Support for other key types may be added later.
- *
- * \return          \c 0 on success.
- * \return          #MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input
- *                  (context already used, invalid key identifier).
- * \return          #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the key is not an
- *                  ECC key pair.
- * \return          #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
- */
-int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx,
-                             const psa_key_id_t key );
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
-/**
- * \brief           Initialize an RSA-alt context
- *
- * \param ctx       Context to initialize. It must not have been set
- *                  up yet (type #MBEDTLS_PK_NONE).
- * \param key       RSA key pointer
- * \param decrypt_func  Decryption function
- * \param sign_func     Signing function
- * \param key_len_func  Function returning key length in bytes
- *
- * \return          0 on success, or MBEDTLS_ERR_PK_BAD_INPUT_DATA if the
- *                  context wasn't already initialized as RSA_ALT.
- *
- * \note            This function replaces \c mbedtls_pk_setup() for RSA-alt.
- */
-int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key,
-                         mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
-                         mbedtls_pk_rsa_alt_sign_func sign_func,
-                         mbedtls_pk_rsa_alt_key_len_func key_len_func );
-#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
-
-/**
- * \brief           Get the size in bits of the underlying key
- *
- * \param ctx       The context to query. It must have been initialized.
- *
- * \return          Key size in bits, or 0 on error
- */
-size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx );
-
-/**
- * \brief           Get the length in bytes of the underlying key
- *
- * \param ctx       The context to query. It must have been initialized.
- *
- * \return          Key length in bytes, or 0 on error
- */
-static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx )
-{
-    return( ( mbedtls_pk_get_bitlen( ctx ) + 7 ) / 8 );
-}
-
-/**
- * \brief           Tell if a context can do the operation given by type
- *
- * \param ctx       The context to query. It must have been initialized.
- * \param type      The desired type.
- *
- * \return          1 if the context can do operations on the given type.
- * \return          0 if the context cannot do the operations on the given
- *                  type. This is always the case for a context that has
- *                  been initialized but not set up, or that has been
- *                  cleared with mbedtls_pk_free().
- */
-int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type );
-
-/**
- * \brief           Verify signature (including padding if relevant).
- *
- * \param ctx       The PK context to use. It must have been set up.
- * \param md_alg    Hash algorithm used (see notes)
- * \param hash      Hash of the message to sign
- * \param hash_len  Hash length or 0 (see notes)
- * \param sig       Signature to verify
- * \param sig_len   Signature length
- *
- * \return          0 on success (signature is valid),
- *                  #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid
- *                  signature in sig but its length is less than \p siglen,
- *                  or a specific error code.
- *
- * \note            For RSA keys, the default padding type is PKCS#1 v1.5.
- *                  Use \c mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, ... )
- *                  to verify RSASSA_PSS signatures.
- *
- * \note            If hash_len is 0, then the length associated with md_alg
- *                  is used instead, or an error returned if it is invalid.
- *
- * \note            md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0
- */
-int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
-               const unsigned char *hash, size_t hash_len,
-               const unsigned char *sig, size_t sig_len );
-
-/**
- * \brief           Restartable version of \c mbedtls_pk_verify()
- *
- * \note            Performs the same job as \c mbedtls_pk_verify(), but can
- *                  return early and restart according to the limit set with
- *                  \c mbedtls_ecp_set_max_ops() to reduce blocking for ECC
- *                  operations. For RSA, same as \c mbedtls_pk_verify().
- *
- * \param ctx       The PK context to use. It must have been set up.
- * \param md_alg    Hash algorithm used (see notes)
- * \param hash      Hash of the message to sign
- * \param hash_len  Hash length or 0 (see notes)
- * \param sig       Signature to verify
- * \param sig_len   Signature length
- * \param rs_ctx    Restart context (NULL to disable restart)
- *
- * \return          See \c mbedtls_pk_verify(), or
- * \return          #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
- *                  operations was reached: see \c mbedtls_ecp_set_max_ops().
- */
-int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx,
-               mbedtls_md_type_t md_alg,
-               const unsigned char *hash, size_t hash_len,
-               const unsigned char *sig, size_t sig_len,
-               mbedtls_pk_restart_ctx *rs_ctx );
-
-/**
- * \brief           Verify signature, with options.
- *                  (Includes verification of the padding depending on type.)
- *
- * \param type      Signature type (inc. possible padding type) to verify
- * \param options   Pointer to type-specific options, or NULL
- * \param ctx       The PK context to use. It must have been set up.
- * \param md_alg    Hash algorithm used (see notes)
- * \param hash      Hash of the message to sign
- * \param hash_len  Hash length or 0 (see notes)
- * \param sig       Signature to verify
- * \param sig_len   Signature length
- *
- * \return          0 on success (signature is valid),
- *                  #MBEDTLS_ERR_PK_TYPE_MISMATCH if the PK context can't be
- *                  used for this type of signatures,
- *                  #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid
- *                  signature in sig but its length is less than \p siglen,
- *                  or a specific error code.
- *
- * \note            If hash_len is 0, then the length associated with md_alg
- *                  is used instead, or an error returned if it is invalid.
- *
- * \note            md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0
- *
- * \note            If type is MBEDTLS_PK_RSASSA_PSS, then options must point
- *                  to a mbedtls_pk_rsassa_pss_options structure,
- *                  otherwise it must be NULL.
- */
-int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
-                   mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
-                   const unsigned char *hash, size_t hash_len,
-                   const unsigned char *sig, size_t sig_len );
-
-/**
- * \brief           Make signature, including padding if relevant.
- *
- * \param ctx       The PK context to use. It must have been set up
- *                  with a private key.
- * \param md_alg    Hash algorithm used (see notes)
- * \param hash      Hash of the message to sign
- * \param hash_len  Hash length or 0 (see notes)
- * \param sig       Place to write the signature.
- *                  It must have enough room for the signature.
- *                  #MBEDTLS_PK_SIGNATURE_MAX_SIZE is always enough.
- *                  You may use a smaller buffer if it is large enough
- *                  given the key type.
- * \param sig_len   On successful return,
- *                  the number of bytes written to \p sig.
- * \param f_rng     RNG function
- * \param p_rng     RNG parameter
- *
- * \return          0 on success, or a specific error code.
- *
- * \note            For RSA keys, the default padding type is PKCS#1 v1.5.
- *                  There is no interface in the PK module to make RSASSA-PSS
- *                  signatures yet.
- *
- * \note            If hash_len is 0, then the length associated with md_alg
- *                  is used instead, or an error returned if it is invalid.
- *
- * \note            For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0.
- *                  For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
- */
-int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
-             const unsigned char *hash, size_t hash_len,
-             unsigned char *sig, size_t *sig_len,
-             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
-
-/**
- * \brief           Restartable version of \c mbedtls_pk_sign()
- *
- * \note            Performs the same job as \c mbedtls_pk_sign(), but can
- *                  return early and restart according to the limit set with
- *                  \c mbedtls_ecp_set_max_ops() to reduce blocking for ECC
- *                  operations. For RSA, same as \c mbedtls_pk_sign().
- *
- * \param ctx       The PK context to use. It must have been set up
- *                  with a private key.
- * \param md_alg    Hash algorithm used (see notes for mbedtls_pk_sign())
- * \param hash      Hash of the message to sign
- * \param hash_len  Hash length or 0 (see notes for mbedtls_pk_sign())
- * \param sig       Place to write the signature.
- *                  It must have enough room for the signature.
- *                  #MBEDTLS_PK_SIGNATURE_MAX_SIZE is always enough.
- *                  You may use a smaller buffer if it is large enough
- *                  given the key type.
- * \param sig_len   On successful return,
- *                  the number of bytes written to \p sig.
- * \param f_rng     RNG function
- * \param p_rng     RNG parameter
- * \param rs_ctx    Restart context (NULL to disable restart)
- *
- * \return          See \c mbedtls_pk_sign().
- * \return          #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
- *                  operations was reached: see \c mbedtls_ecp_set_max_ops().
- */
-int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx,
-             mbedtls_md_type_t md_alg,
-             const unsigned char *hash, size_t hash_len,
-             unsigned char *sig, size_t *sig_len,
-             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-             mbedtls_pk_restart_ctx *rs_ctx );
-
-/**
- * \brief           Decrypt message (including padding if relevant).
- *
- * \param ctx       The PK context to use. It must have been set up
- *                  with a private key.
- * \param input     Input to decrypt
- * \param ilen      Input size
- * \param output    Decrypted output
- * \param olen      Decrypted message length
- * \param osize     Size of the output buffer
- * \param f_rng     RNG function
- * \param p_rng     RNG parameter
- *
- * \note            For RSA keys, the default padding type is PKCS#1 v1.5.
- *
- * \return          0 on success, or a specific error code.
- */
-int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,
-                const unsigned char *input, size_t ilen,
-                unsigned char *output, size_t *olen, size_t osize,
-                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
-
-/**
- * \brief           Encrypt message (including padding if relevant).
- *
- * \param ctx       The PK context to use. It must have been set up.
- * \param input     Message to encrypt
- * \param ilen      Message size
- * \param output    Encrypted output
- * \param olen      Encrypted output length
- * \param osize     Size of the output buffer
- * \param f_rng     RNG function
- * \param p_rng     RNG parameter
- *
- * \note            For RSA keys, the default padding type is PKCS#1 v1.5.
- *
- * \return          0 on success, or a specific error code.
- */
-int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
-                const unsigned char *input, size_t ilen,
-                unsigned char *output, size_t *olen, size_t osize,
-                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
-
-/**
- * \brief           Check if a public-private pair of keys matches.
- *
- * \param pub       Context holding a public key.
- * \param prv       Context holding a private (and public) key.
- *
- * \return          \c 0 on success (keys were checked and match each other).
- * \return          #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the keys could not
- *                  be checked - in that case they may or may not match.
- * \return          #MBEDTLS_ERR_PK_BAD_INPUT_DATA if a context is invalid.
- * \return          Another non-zero value if the keys do not match.
- */
-int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv );
-
-/**
- * \brief           Export debug information
- *
- * \param ctx       The PK context to use. It must have been initialized.
- * \param items     Place to write debug items
- *
- * \return          0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA
- */
-int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items );
-
-/**
- * \brief           Access the type name
- *
- * \param ctx       The PK context to use. It must have been initialized.
- *
- * \return          Type name on success, or "invalid PK"
- */
-const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx );
-
-/**
- * \brief           Get the key type
- *
- * \param ctx       The PK context to use. It must have been initialized.
- *
- * \return          Type on success.
- * \return          #MBEDTLS_PK_NONE for a context that has not been set up.
- */
-mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx );
-
-#if defined(MBEDTLS_PK_PARSE_C)
-/** \ingroup pk_module */
-/**
- * \brief           Parse a private key in PEM or DER format
- *
- * \param ctx       The PK context to fill. It must have been initialized
- *                  but not set up.
- * \param key       Input buffer to parse.
- *                  The buffer must contain the input exactly, with no
- *                  extra trailing material. For PEM, the buffer must
- *                  contain a null-terminated string.
- * \param keylen    Size of \b key in bytes.
- *                  For PEM data, this includes the terminating null byte,
- *                  so \p keylen must be equal to `strlen(key) + 1`.
- * \param pwd       Optional password for decryption.
- *                  Pass \c NULL if expecting a non-encrypted key.
- *                  Pass a string of \p pwdlen bytes if expecting an encrypted
- *                  key; a non-encrypted key will also be accepted.
- *                  The empty password is not supported.
- * \param pwdlen    Size of the password in bytes.
- *                  Ignored if \p pwd is \c NULL.
- *
- * \note            On entry, ctx must be empty, either freshly initialised
- *                  with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a
- *                  specific key type, check the result with mbedtls_pk_can_do().
- *
- * \note            The key is also checked for correctness.
- *
- * \return          0 if successful, or a specific PK or PEM error code
- */
-int mbedtls_pk_parse_key( mbedtls_pk_context *ctx,
-                  const unsigned char *key, size_t keylen,
-                  const unsigned char *pwd, size_t pwdlen );
-
-/** \ingroup pk_module */
-/**
- * \brief           Parse a public key in PEM or DER format
- *
- * \param ctx       The PK context to fill. It must have been initialized
- *                  but not set up.
- * \param key       Input buffer to parse.
- *                  The buffer must contain the input exactly, with no
- *                  extra trailing material. For PEM, the buffer must
- *                  contain a null-terminated string.
- * \param keylen    Size of \b key in bytes.
- *                  For PEM data, this includes the terminating null byte,
- *                  so \p keylen must be equal to `strlen(key) + 1`.
- *
- * \note            On entry, ctx must be empty, either freshly initialised
- *                  with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a
- *                  specific key type, check the result with mbedtls_pk_can_do().
- *
- * \note            The key is also checked for correctness.
- *
- * \return          0 if successful, or a specific PK or PEM error code
- */
-int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
-                         const unsigned char *key, size_t keylen );
-
-#if defined(MBEDTLS_FS_IO)
-/** \ingroup pk_module */
-/**
- * \brief           Load and parse a private key
- *
- * \param ctx       The PK context to fill. It must have been initialized
- *                  but not set up.
- * \param path      filename to read the private key from
- * \param password  Optional password to decrypt the file.
- *                  Pass \c NULL if expecting a non-encrypted key.
- *                  Pass a null-terminated string if expecting an encrypted
- *                  key; a non-encrypted key will also be accepted.
- *                  The empty password is not supported.
- *
- * \note            On entry, ctx must be empty, either freshly initialised
- *                  with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a
- *                  specific key type, check the result with mbedtls_pk_can_do().
- *
- * \note            The key is also checked for correctness.
- *
- * \return          0 if successful, or a specific PK or PEM error code
- */
-int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx,
-                      const char *path, const char *password );
-
-/** \ingroup pk_module */
-/**
- * \brief           Load and parse a public key
- *
- * \param ctx       The PK context to fill. It must have been initialized
- *                  but not set up.
- * \param path      filename to read the public key from
- *
- * \note            On entry, ctx must be empty, either freshly initialised
- *                  with mbedtls_pk_init() or reset with mbedtls_pk_free(). If
- *                  you need a specific key type, check the result with
- *                  mbedtls_pk_can_do().
- *
- * \note            The key is also checked for correctness.
- *
- * \return          0 if successful, or a specific PK or PEM error code
- */
-int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path );
-#endif /* MBEDTLS_FS_IO */
-#endif /* MBEDTLS_PK_PARSE_C */
-
-#if defined(MBEDTLS_PK_WRITE_C)
-/**
- * \brief           Write a private key to a PKCS#1 or SEC1 DER structure
- *                  Note: data is written at the end of the buffer! Use the
- *                        return value to determine where you should start
- *                        using the buffer
- *
- * \param ctx       PK context which must contain a valid private key.
- * \param buf       buffer to write to
- * \param size      size of the buffer
- *
- * \return          length of data written if successful, or a specific
- *                  error code
- */
-int mbedtls_pk_write_key_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
-
-/**
- * \brief           Write a public key to a SubjectPublicKeyInfo DER structure
- *                  Note: data is written at the end of the buffer! Use the
- *                        return value to determine where you should start
- *                        using the buffer
- *
- * \param ctx       PK context which must contain a valid public or private key.
- * \param buf       buffer to write to
- * \param size      size of the buffer
- *
- * \return          length of data written if successful, or a specific
- *                  error code
- */
-int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
-
-#if defined(MBEDTLS_PEM_WRITE_C)
-/**
- * \brief           Write a public key to a PEM string
- *
- * \param ctx       PK context which must contain a valid public or private key.
- * \param buf       Buffer to write to. The output includes a
- *                  terminating null byte.
- * \param size      Size of the buffer in bytes.
- *
- * \return          0 if successful, or a specific error code
- */
-int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
-
-/**
- * \brief           Write a private key to a PKCS#1 or SEC1 PEM string
- *
- * \param ctx       PK context which must contain a valid private key.
- * \param buf       Buffer to write to. The output includes a
- *                  terminating null byte.
- * \param size      Size of the buffer in bytes.
- *
- * \return          0 if successful, or a specific error code
- */
-int mbedtls_pk_write_key_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
-#endif /* MBEDTLS_PEM_WRITE_C */
-#endif /* MBEDTLS_PK_WRITE_C */
-
-/*
- * WARNING: Low-level functions. You probably do not want to use these unless
- *          you are certain you do ;)
- */
-
-#if defined(MBEDTLS_PK_PARSE_C)
-/**
- * \brief           Parse a SubjectPublicKeyInfo DER structure
- *
- * \param p         the position in the ASN.1 data
- * \param end       end of the buffer
- * \param pk        The PK context to fill. It must have been initialized
- *                  but not set up.
- *
- * \return          0 if successful, or a specific PK error code
- */
-int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end,
-                        mbedtls_pk_context *pk );
-#endif /* MBEDTLS_PK_PARSE_C */
-
-#if defined(MBEDTLS_PK_WRITE_C)
-/**
- * \brief           Write a subjectPublicKey to ASN.1 data
- *                  Note: function works backwards in data buffer
- *
- * \param p         reference to current position pointer
- * \param start     start of the buffer (for bounds-checking)
- * \param key       PK context which must contain a valid public or private key.
- *
- * \return          the length written or a negative error code
- */
-int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
-                     const mbedtls_pk_context *key );
-#endif /* MBEDTLS_PK_WRITE_C */
-
-/*
- * Internal module functions. You probably do not want to use these unless you
- * know you do.
- */
-#if defined(MBEDTLS_FS_IO)
-int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n );
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-/**
- * \brief           Turn an EC key into an opaque one.
- *
- * \warning         This is a temporary utility function for tests. It might
- *                  change or be removed at any time without notice.
- *
- * \note            Only ECDSA keys are supported so far. Signing with the
- *                  specified hash is the only allowed use of that key.
- *
- * \param pk        Input: the EC key to import to a PSA key.
- *                  Output: a PK context wrapping that PSA key.
- * \param key       Output: a PSA key identifier.
- *                  It's the caller's responsibility to call
- *                  psa_destroy_key() on that key identifier after calling
- *                  mbedtls_pk_free() on the PK context.
- * \param hash_alg  The hash algorithm to allow for use with that key.
- *
- * \return          \c 0 if successful.
- * \return          An Mbed TLS error code otherwise.
- */
-int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk,
-                               psa_key_id_t *key,
-                               psa_algorithm_t hash_alg );
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* MBEDTLS_PK_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/pk_internal.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/pk_internal.h
deleted file mode 100644
index 47f7767..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/pk_internal.h
+++ /dev/null
@@ -1,140 +0,0 @@
-/**
- * \file pk_internal.h
- *
- * \brief Public Key abstraction layer: wrapper functions
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef MBEDTLS_PK_WRAP_H
-#define MBEDTLS_PK_WRAP_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/pk.h"
-
-struct mbedtls_pk_info_t
-{
-    /** Public key type */
-    mbedtls_pk_type_t type;
-
-    /** Type name */
-    const char *name;
-
-    /** Get key size in bits */
-    size_t (*get_bitlen)( const void * );
-
-    /** Tell if the context implements this type (e.g. ECKEY can do ECDSA) */
-    int (*can_do)( mbedtls_pk_type_t type );
-
-    /** Verify signature */
-    int (*verify_func)( void *ctx, mbedtls_md_type_t md_alg,
-                        const unsigned char *hash, size_t hash_len,
-                        const unsigned char *sig, size_t sig_len );
-
-    /** Make signature */
-    int (*sign_func)( void *ctx, mbedtls_md_type_t md_alg,
-                      const unsigned char *hash, size_t hash_len,
-                      unsigned char *sig, size_t *sig_len,
-                      int (*f_rng)(void *, unsigned char *, size_t),
-                      void *p_rng );
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    /** Verify signature (restartable) */
-    int (*verify_rs_func)( void *ctx, mbedtls_md_type_t md_alg,
-                           const unsigned char *hash, size_t hash_len,
-                           const unsigned char *sig, size_t sig_len,
-                           void *rs_ctx );
-
-    /** Make signature (restartable) */
-    int (*sign_rs_func)( void *ctx, mbedtls_md_type_t md_alg,
-                         const unsigned char *hash, size_t hash_len,
-                         unsigned char *sig, size_t *sig_len,
-                         int (*f_rng)(void *, unsigned char *, size_t),
-                         void *p_rng, void *rs_ctx );
-#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
-
-    /** Decrypt message */
-    int (*decrypt_func)( void *ctx, const unsigned char *input, size_t ilen,
-                         unsigned char *output, size_t *olen, size_t osize,
-                         int (*f_rng)(void *, unsigned char *, size_t),
-                         void *p_rng );
-
-    /** Encrypt message */
-    int (*encrypt_func)( void *ctx, const unsigned char *input, size_t ilen,
-                         unsigned char *output, size_t *olen, size_t osize,
-                         int (*f_rng)(void *, unsigned char *, size_t),
-                         void *p_rng );
-
-    /** Check public-private key pair */
-    int (*check_pair_func)( const void *pub, const void *prv );
-
-    /** Allocate a new context */
-    void * (*ctx_alloc_func)( void );
-
-    /** Free the given context */
-    void (*ctx_free_func)( void *ctx );
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    /** Allocate the restart context */
-    void * (*rs_alloc_func)( void );
-
-    /** Free the restart context */
-    void (*rs_free_func)( void *rs_ctx );
-#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
-
-    /** Interface with the debug module */
-    void (*debug_func)( const void *ctx, mbedtls_pk_debug_item *items );
-
-};
-#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
-/* Container for RSA-alt */
-typedef struct
-{
-    void *key;
-    mbedtls_pk_rsa_alt_decrypt_func decrypt_func;
-    mbedtls_pk_rsa_alt_sign_func sign_func;
-    mbedtls_pk_rsa_alt_key_len_func key_len_func;
-} mbedtls_rsa_alt_context;
-#endif
-
-#if defined(MBEDTLS_RSA_C)
-extern const mbedtls_pk_info_t mbedtls_rsa_info;
-#endif
-
-#if defined(MBEDTLS_ECP_C)
-extern const mbedtls_pk_info_t mbedtls_eckey_info;
-extern const mbedtls_pk_info_t mbedtls_eckeydh_info;
-#endif
-
-#if defined(MBEDTLS_ECDSA_C)
-extern const mbedtls_pk_info_t mbedtls_ecdsa_info;
-#endif
-
-#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
-extern const mbedtls_pk_info_t mbedtls_rsa_alt_info;
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-extern const mbedtls_pk_info_t mbedtls_pk_opaque_info;
-#endif
-
-#endif /* MBEDTLS_PK_WRAP_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/pkcs11.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/pkcs11.h
deleted file mode 100644
index 3530ee1..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/pkcs11.h
+++ /dev/null
@@ -1,246 +0,0 @@
-/**
- * \file pkcs11.h
- *
- * \brief Wrapper for PKCS#11 library libpkcs11-helper
- *
- * \author Adriaan de Jong <dejong@fox-it.com>
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_PKCS11_H
-#define MBEDTLS_PKCS11_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PKCS11_C)
-
-#include "mbedtls/x509_crt.h"
-
-#include <pkcs11-helper-1.0/pkcs11h-certificate.h>
-
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
-    !defined(inline) && !defined(__cplusplus)
-#define inline __inline
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if defined(MBEDTLS_DEPRECATED_REMOVED)
-
-/**
- * Context for PKCS #11 private keys.
- */
-typedef struct mbedtls_pkcs11_context
-{
-        pkcs11h_certificate_t pkcs11h_cert;
-        int len;
-} mbedtls_pkcs11_context;
-
-#if defined(MBEDTLS_DEPRECATED_WARNING)
-#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
-#else
-#define MBEDTLS_DEPRECATED
-#endif
-
-/**
- * Initialize a mbedtls_pkcs11_context.
- * (Just making memory references valid.)
- *
- * \deprecated          This function is deprecated and will be removed in a
- *                      future version of the library.
- */
-MBEDTLS_DEPRECATED void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx );
-
-/**
- * Fill in a mbed TLS certificate, based on the given PKCS11 helper certificate.
- *
- * \deprecated          This function is deprecated and will be removed in a
- *                      future version of the library.
- *
- * \param cert          X.509 certificate to fill
- * \param pkcs11h_cert  PKCS #11 helper certificate
- *
- * \return              0 on success.
- */
-MBEDTLS_DEPRECATED int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert,
-                                        pkcs11h_certificate_t pkcs11h_cert );
-
-/**
- * Set up a mbedtls_pkcs11_context storing the given certificate. Note that the
- * mbedtls_pkcs11_context will take over control of the certificate, freeing it when
- * done.
- *
- * \deprecated          This function is deprecated and will be removed in a
- *                      future version of the library.
- *
- * \param priv_key      Private key structure to fill.
- * \param pkcs11_cert   PKCS #11 helper certificate
- *
- * \return              0 on success
- */
-MBEDTLS_DEPRECATED int mbedtls_pkcs11_priv_key_bind(
-                                        mbedtls_pkcs11_context *priv_key,
-                                        pkcs11h_certificate_t pkcs11_cert );
-
-/**
- * Free the contents of the given private key context. Note that the structure
- * itself is not freed.
- *
- * \deprecated          This function is deprecated and will be removed in a
- *                      future version of the library.
- *
- * \param priv_key      Private key structure to cleanup
- */
-MBEDTLS_DEPRECATED void mbedtls_pkcs11_priv_key_free(
-                                            mbedtls_pkcs11_context *priv_key );
-
-/**
- * \brief          Do an RSA private key decrypt, then remove the message
- *                 padding
- *
- * \deprecated     This function is deprecated and will be removed in a future
- *                 version of the library.
- *
- * \param ctx      PKCS #11 context
- * \param mode     must be MBEDTLS_RSA_PRIVATE, for compatibility with rsa.c's signature
- * \param input    buffer holding the encrypted data
- * \param output   buffer that will hold the plaintext
- * \param olen     will contain the plaintext length
- * \param output_max_len    maximum length of the output buffer
- *
- * \return         0 if successful, or an MBEDTLS_ERR_RSA_XXX error code
- *
- * \note           The output buffer must be as large as the size
- *                 of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
- *                 an error is thrown.
- */
-MBEDTLS_DEPRECATED int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx,
-                                               int mode, size_t *olen,
-                                               const unsigned char *input,
-                                               unsigned char *output,
-                                               size_t output_max_len );
-
-/**
- * \brief          Do a private RSA to sign a message digest
- *
- * \deprecated     This function is deprecated and will be removed in a future
- *                 version of the library.
- *
- * \param ctx      PKCS #11 context
- * \param mode     must be MBEDTLS_RSA_PRIVATE, for compatibility with rsa.c's signature
- * \param md_alg   a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data)
- * \param hashlen  message digest length (for MBEDTLS_MD_NONE only)
- * \param hash     buffer holding the message digest
- * \param sig      buffer that will hold the ciphertext
- *
- * \return         0 if the signing operation was successful,
- *                 or an MBEDTLS_ERR_RSA_XXX error code
- *
- * \note           The "sig" buffer must be as large as the size
- *                 of ctx->N (eg. 128 bytes if RSA-1024 is used).
- */
-MBEDTLS_DEPRECATED int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx,
-                                            int mode,
-                                            mbedtls_md_type_t md_alg,
-                                            unsigned int hashlen,
-                                            const unsigned char *hash,
-                                            unsigned char *sig );
-
-/**
- * SSL/TLS wrappers for PKCS#11 functions
- *
- * \deprecated     This function is deprecated and will be removed in a future
- *                 version of the library.
- */
-MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_decrypt( void *ctx,
-                            int mode, size_t *olen,
-                            const unsigned char *input, unsigned char *output,
-                            size_t output_max_len )
-{
-    return mbedtls_pkcs11_decrypt( (mbedtls_pkcs11_context *) ctx, mode, olen, input, output,
-                           output_max_len );
-}
-
-/**
- * \brief          This function signs a message digest using RSA.
- *
- * \deprecated     This function is deprecated and will be removed in a future
- *                 version of the library.
- *
- * \param ctx      The PKCS #11 context.
- * \param f_rng    The RNG function. This parameter is unused.
- * \param p_rng    The RNG context. This parameter is unused.
- * \param mode     The operation to run. This must be set to
- *                 MBEDTLS_RSA_PRIVATE, for compatibility with rsa.c's
- *                 signature.
- * \param md_alg   The message digest algorithm. One of the MBEDTLS_MD_XXX
- *                 must be passed to this function and MBEDTLS_MD_NONE can be
- *                 used for signing raw data.
- * \param hashlen  The message digest length (for MBEDTLS_MD_NONE only).
- * \param hash     The buffer holding the message digest.
- * \param sig      The buffer that will hold the ciphertext.
- *
- * \return         \c 0 if the signing operation was successful.
- * \return         A non-zero error code on failure.
- *
- * \note           The \p sig buffer must be as large as the size of
- *                 <code>ctx->N</code>. For example, 128 bytes if RSA-1024 is
- *                 used.
- */
-MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_sign( void *ctx,
-                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-                    int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
-                    const unsigned char *hash, unsigned char *sig )
-{
-    ((void) f_rng);
-    ((void) p_rng);
-    return mbedtls_pkcs11_sign( (mbedtls_pkcs11_context *) ctx, mode, md_alg,
-                        hashlen, hash, sig );
-}
-
-/**
- * This function gets the length of the private key.
- *
- * \deprecated     This function is deprecated and will be removed in a future
- *                 version of the library.
- *
- * \param ctx      The PKCS #11 context.
- *
- * \return         The length of the private key.
- */
-MBEDTLS_DEPRECATED static inline size_t mbedtls_ssl_pkcs11_key_len( void *ctx )
-{
-    return ( (mbedtls_pkcs11_context *) ctx )->len;
-}
-
-#undef MBEDTLS_DEPRECATED
-
-#endif /* MBEDTLS_DEPRECATED_REMOVED */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* MBEDTLS_PKCS11_C */
-
-#endif /* MBEDTLS_PKCS11_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/pkcs12.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/pkcs12.h
deleted file mode 100644
index 4b8ce7e..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/pkcs12.h
+++ /dev/null
@@ -1,128 +0,0 @@
-/**
- * \file pkcs12.h
- *
- * \brief PKCS#12 Personal Information Exchange Syntax
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_PKCS12_H
-#define MBEDTLS_PKCS12_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/md.h"
-#include "mbedtls/cipher.h"
-#include "mbedtls/asn1.h"
-
-#include <stddef.h>
-
-#define MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA                 -0x1F80  /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE            -0x1F00  /**< Feature not available, e.g. unsupported encryption scheme. */
-#define MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT             -0x1E80  /**< PBE ASN.1 data not as expected. */
-#define MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH              -0x1E00  /**< Given private key password does not allow for correct decryption. */
-
-#define MBEDTLS_PKCS12_DERIVE_KEY       1   /**< encryption/decryption key */
-#define MBEDTLS_PKCS12_DERIVE_IV        2   /**< initialization vector     */
-#define MBEDTLS_PKCS12_DERIVE_MAC_KEY   3   /**< integrity / MAC key       */
-
-#define MBEDTLS_PKCS12_PBE_DECRYPT      0
-#define MBEDTLS_PKCS12_PBE_ENCRYPT      1
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if defined(MBEDTLS_ASN1_PARSE_C)
-
-/**
- * \brief            PKCS12 Password Based function (encryption / decryption)
- *                   for pbeWithSHAAnd128BitRC4
- *
- * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
- * \param mode       either MBEDTLS_PKCS12_PBE_ENCRYPT or MBEDTLS_PKCS12_PBE_DECRYPT
- * \param pwd        the password used (may be NULL if no password is used)
- * \param pwdlen     length of the password (may be 0)
- * \param input      the input data
- * \param len        data length
- * \param output     the output buffer
- *
- * \return           0 if successful, or a MBEDTLS_ERR_XXX code
- */
-int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode,
-                             const unsigned char *pwd,  size_t pwdlen,
-                             const unsigned char *input, size_t len,
-                             unsigned char *output );
-
-/**
- * \brief            PKCS12 Password Based function (encryption / decryption)
- *                   for cipher-based and mbedtls_md-based PBE's
- *
- * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
- * \param mode       either MBEDTLS_PKCS12_PBE_ENCRYPT or MBEDTLS_PKCS12_PBE_DECRYPT
- * \param cipher_type the cipher used
- * \param md_type     the mbedtls_md used
- * \param pwd        the password used (may be NULL if no password is used)
- * \param pwdlen     length of the password (may be 0)
- * \param input      the input data
- * \param len        data length
- * \param output     the output buffer
- *
- * \return           0 if successful, or a MBEDTLS_ERR_XXX code
- */
-int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode,
-                mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
-                const unsigned char *pwd,  size_t pwdlen,
-                const unsigned char *input, size_t len,
-                unsigned char *output );
-
-#endif /* MBEDTLS_ASN1_PARSE_C */
-
-/**
- * \brief            The PKCS#12 derivation function uses a password and a salt
- *                   to produce pseudo-random bits for a particular "purpose".
- *
- *                   Depending on the given id, this function can produce an
- *                   encryption/decryption key, an nitialization vector or an
- *                   integrity key.
- *
- * \param data       buffer to store the derived data in
- * \param datalen    length to fill
- * \param pwd        password to use (may be NULL if no password is used)
- * \param pwdlen     length of the password (may be 0)
- * \param salt       salt buffer to use
- * \param saltlen    length of the salt
- * \param mbedtls_md         mbedtls_md type to use during the derivation
- * \param id         id that describes the purpose (can be MBEDTLS_PKCS12_DERIVE_KEY,
- *                   MBEDTLS_PKCS12_DERIVE_IV or MBEDTLS_PKCS12_DERIVE_MAC_KEY)
- * \param iterations number of iterations
- *
- * \return          0 if successful, or a MD, BIGNUM type error.
- */
-int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,
-                       const unsigned char *pwd, size_t pwdlen,
-                       const unsigned char *salt, size_t saltlen,
-                       mbedtls_md_type_t mbedtls_md, int id, int iterations );
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* pkcs12.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/pkcs5.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/pkcs5.h
deleted file mode 100644
index 8f348ce..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/pkcs5.h
+++ /dev/null
@@ -1,107 +0,0 @@
-/**
- * \file pkcs5.h
- *
- * \brief PKCS#5 functions
- *
- * \author Mathias Olsson <mathias@kompetensum.com>
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_PKCS5_H
-#define MBEDTLS_PKCS5_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/asn1.h"
-#include "mbedtls/md.h"
-
-#include <stddef.h>
-#include <stdint.h>
-
-#define MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA                  -0x2f80  /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_PKCS5_INVALID_FORMAT                  -0x2f00  /**< Unexpected ASN.1 data. */
-#define MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE             -0x2e80  /**< Requested encryption or digest alg not available. */
-#define MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH               -0x2e00  /**< Given private key password does not allow for correct decryption. */
-
-#define MBEDTLS_PKCS5_DECRYPT      0
-#define MBEDTLS_PKCS5_ENCRYPT      1
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if defined(MBEDTLS_ASN1_PARSE_C)
-
-/**
- * \brief          PKCS#5 PBES2 function
- *
- * \param pbe_params the ASN.1 algorithm parameters
- * \param mode       either MBEDTLS_PKCS5_DECRYPT or MBEDTLS_PKCS5_ENCRYPT
- * \param pwd        password to use when generating key
- * \param pwdlen     length of password
- * \param data       data to process
- * \param datalen    length of data
- * \param output     output buffer
- *
- * \returns        0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
- */
-int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
-                 const unsigned char *pwd,  size_t pwdlen,
-                 const unsigned char *data, size_t datalen,
-                 unsigned char *output );
-
-#endif /* MBEDTLS_ASN1_PARSE_C */
-
-/**
- * \brief          PKCS#5 PBKDF2 using HMAC
- *
- * \param ctx      Generic HMAC context
- * \param password Password to use when generating key
- * \param plen     Length of password
- * \param salt     Salt to use when generating key
- * \param slen     Length of salt
- * \param iteration_count       Iteration count
- * \param key_length            Length of generated key in bytes
- * \param output   Generated key. Must be at least as big as key_length
- *
- * \returns        0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
- */
-int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *password,
-                       size_t plen, const unsigned char *salt, size_t slen,
-                       unsigned int iteration_count,
-                       uint32_t key_length, unsigned char *output );
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/**
- * \brief          Checkup routine
- *
- * \return         0 if successful, or 1 if the test failed
- */
-int mbedtls_pkcs5_self_test( int verbose );
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* pkcs5.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/platform_time.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/platform_time.h
deleted file mode 100644
index 7e7daab..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/platform_time.h
+++ /dev/null
@@ -1,80 +0,0 @@
-/**
- * \file platform_time.h
- *
- * \brief mbed TLS Platform time abstraction
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_PLATFORM_TIME_H
-#define MBEDTLS_PLATFORM_TIME_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \name SECTION: Module settings
- *
- * The configuration options you can set for this module are in this section.
- * Either change them in config.h or define them on the compiler command line.
- * \{
- */
-
-/*
- * The time_t datatype
- */
-#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO)
-typedef MBEDTLS_PLATFORM_TIME_TYPE_MACRO mbedtls_time_t;
-#else
-/* For time_t */
-#include <time.h>
-typedef time_t mbedtls_time_t;
-#endif /* MBEDTLS_PLATFORM_TIME_TYPE_MACRO */
-
-/*
- * The function pointers for time
- */
-#if defined(MBEDTLS_PLATFORM_TIME_ALT)
-extern mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* time );
-
-/**
- * \brief   Set your own time function pointer
- *
- * \param   time_func   the time function implementation
- *
- * \return              0
- */
-int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t* time ) );
-#else
-#if defined(MBEDTLS_PLATFORM_TIME_MACRO)
-#define mbedtls_time    MBEDTLS_PLATFORM_TIME_MACRO
-#else
-#define mbedtls_time   time
-#endif /* MBEDTLS_PLATFORM_TIME_MACRO */
-#endif /* MBEDTLS_PLATFORM_TIME_ALT */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* platform_time.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/platform_util.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/platform_util.h
deleted file mode 100644
index fbc2a0d..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/platform_util.h
+++ /dev/null
@@ -1,194 +0,0 @@
-/**
- * \file platform_util.h
- *
- * \brief Common and shared functions used by multiple modules in the Mbed TLS
- *        library.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_PLATFORM_UTIL_H
-#define MBEDTLS_PLATFORM_UTIL_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-#if defined(MBEDTLS_HAVE_TIME_DATE)
-#include "mbedtls/platform_time.h"
-#include <time.h>
-#endif /* MBEDTLS_HAVE_TIME_DATE */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if defined(MBEDTLS_CHECK_PARAMS)
-
-#if defined(MBEDTLS_CHECK_PARAMS_ASSERT)
-/* Allow the user to define MBEDTLS_PARAM_FAILED to something like assert
- * (which is what our config.h suggests). */
-#include <assert.h>
-#endif /* MBEDTLS_CHECK_PARAMS_ASSERT */
-
-#if defined(MBEDTLS_PARAM_FAILED)
-/** An alternative definition of MBEDTLS_PARAM_FAILED has been set in config.h.
- *
- * This flag can be used to check whether it is safe to assume that
- * MBEDTLS_PARAM_FAILED() will expand to a call to mbedtls_param_failed().
- */
-#define MBEDTLS_PARAM_FAILED_ALT
-
-#elif defined(MBEDTLS_CHECK_PARAMS_ASSERT)
-#define MBEDTLS_PARAM_FAILED( cond ) assert( cond )
-#define MBEDTLS_PARAM_FAILED_ALT
-
-#else /* MBEDTLS_PARAM_FAILED */
-#define MBEDTLS_PARAM_FAILED( cond ) \
-    mbedtls_param_failed( #cond, __FILE__, __LINE__ )
-
-/**
- * \brief       User supplied callback function for parameter validation failure.
- *              See #MBEDTLS_CHECK_PARAMS for context.
- *
- *              This function will be called unless an alternative treatement
- *              is defined through the #MBEDTLS_PARAM_FAILED macro.
- *
- *              This function can return, and the operation will be aborted, or
- *              alternatively, through use of setjmp()/longjmp() can resume
- *              execution in the application code.
- *
- * \param failure_condition The assertion that didn't hold.
- * \param file  The file where the assertion failed.
- * \param line  The line in the file where the assertion failed.
- */
-void mbedtls_param_failed( const char *failure_condition,
-                           const char *file,
-                           int line );
-#endif /* MBEDTLS_PARAM_FAILED */
-
-/* Internal macro meant to be called only from within the library. */
-#define MBEDTLS_INTERNAL_VALIDATE_RET( cond, ret )  \
-    do {                                            \
-        if( !(cond) )                               \
-        {                                           \
-            MBEDTLS_PARAM_FAILED( cond );           \
-            return( ret );                          \
-        }                                           \
-    } while( 0 )
-
-/* Internal macro meant to be called only from within the library. */
-#define MBEDTLS_INTERNAL_VALIDATE( cond )           \
-    do {                                            \
-        if( !(cond) )                               \
-        {                                           \
-            MBEDTLS_PARAM_FAILED( cond );           \
-            return;                                 \
-        }                                           \
-    } while( 0 )
-
-#else /* MBEDTLS_CHECK_PARAMS */
-
-/* Internal macros meant to be called only from within the library. */
-#define MBEDTLS_INTERNAL_VALIDATE_RET( cond, ret )  do { } while( 0 )
-#define MBEDTLS_INTERNAL_VALIDATE( cond )           do { } while( 0 )
-
-#endif /* MBEDTLS_CHECK_PARAMS */
-
-/* Internal helper macros for deprecating API constants. */
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-#if defined(MBEDTLS_DEPRECATED_WARNING)
-/* Deliberately don't (yet) export MBEDTLS_DEPRECATED here
- * to avoid conflict with other headers which define and use
- * it, too. We might want to move all these definitions here at
- * some point for uniformity. */
-#define MBEDTLS_DEPRECATED __attribute__((deprecated))
-MBEDTLS_DEPRECATED typedef char const * mbedtls_deprecated_string_constant_t;
-#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL )       \
-    ( (mbedtls_deprecated_string_constant_t) ( VAL ) )
-MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t;
-#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( VAL )       \
-    ( (mbedtls_deprecated_numeric_constant_t) ( VAL ) )
-#undef MBEDTLS_DEPRECATED
-#else /* MBEDTLS_DEPRECATED_WARNING */
-#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL ) VAL
-#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( VAL ) VAL
-#endif /* MBEDTLS_DEPRECATED_WARNING */
-#endif /* MBEDTLS_DEPRECATED_REMOVED */
-
-/**
- * \brief       Securely zeroize a buffer
- *
- *              The function is meant to wipe the data contained in a buffer so
- *              that it can no longer be recovered even if the program memory
- *              is later compromised. Call this function on sensitive data
- *              stored on the stack before returning from a function, and on
- *              sensitive data stored on the heap before freeing the heap
- *              object.
- *
- *              It is extremely difficult to guarantee that calls to
- *              mbedtls_platform_zeroize() are not removed by aggressive
- *              compiler optimizations in a portable way. For this reason, Mbed
- *              TLS provides the configuration option
- *              MBEDTLS_PLATFORM_ZEROIZE_ALT, which allows users to configure
- *              mbedtls_platform_zeroize() to use a suitable implementation for
- *              their platform and needs
- *
- * \param buf   Buffer to be zeroized
- * \param len   Length of the buffer in bytes
- *
- */
-void mbedtls_platform_zeroize( void *buf, size_t len );
-
-#if defined(MBEDTLS_HAVE_TIME_DATE)
-/**
- * \brief      Platform-specific implementation of gmtime_r()
- *
- *             The function is a thread-safe abstraction that behaves
- *             similarly to the gmtime_r() function from Unix/POSIX.
- *
- *             Mbed TLS will try to identify the underlying platform and
- *             make use of an appropriate underlying implementation (e.g.
- *             gmtime_r() for POSIX and gmtime_s() for Windows). If this is
- *             not possible, then gmtime() will be used. In this case, calls
- *             from the library to gmtime() will be guarded by the mutex
- *             mbedtls_threading_gmtime_mutex if MBEDTLS_THREADING_C is
- *             enabled. It is recommended that calls from outside the library
- *             are also guarded by this mutex.
- *
- *             If MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, then Mbed TLS will
- *             unconditionally use the alternative implementation for
- *             mbedtls_platform_gmtime_r() supplied by the user at compile time.
- *
- * \param tt     Pointer to an object containing time (in seconds) since the
- *               epoch to be converted
- * \param tm_buf Pointer to an object where the results will be stored
- *
- * \return      Pointer to an object of type struct tm on success, otherwise
- *              NULL
- */
-struct tm *mbedtls_platform_gmtime_r( const mbedtls_time_t *tt,
-                                      struct tm *tm_buf );
-#endif /* MBEDTLS_HAVE_TIME_DATE */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* MBEDTLS_PLATFORM_UTIL_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/poly1305.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/poly1305.h
deleted file mode 100644
index 905c145..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/poly1305.h
+++ /dev/null
@@ -1,191 +0,0 @@
-/**
- * \file poly1305.h
- *
- * \brief   This file contains Poly1305 definitions and functions.
- *
- *          Poly1305 is a one-time message authenticator that can be used to
- *          authenticate messages. Poly1305-AES was created by Daniel
- *          Bernstein https://cr.yp.to/mac/poly1305-20050329.pdf The generic
- *          Poly1305 algorithm (not tied to AES) was also standardized in RFC
- *          7539.
- *
- * \author Daniel King <damaki.gh@gmail.com>
- */
-
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef MBEDTLS_POLY1305_H
-#define MBEDTLS_POLY1305_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stdint.h>
-#include <stddef.h>
-
-#define MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA         -0x0057 /**< Invalid input parameter(s). */
-
-/* MBEDTLS_ERR_POLY1305_FEATURE_UNAVAILABLE is deprecated and should not be
- * used. */
-#define MBEDTLS_ERR_POLY1305_FEATURE_UNAVAILABLE    -0x0059 /**< Feature not available. For example, s part of the API is not implemented. */
-
-/* MBEDTLS_ERR_POLY1305_HW_ACCEL_FAILED is deprecated and should not be used.
- */
-#define MBEDTLS_ERR_POLY1305_HW_ACCEL_FAILED        -0x005B  /**< Poly1305 hardware accelerator failed. */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if !defined(MBEDTLS_POLY1305_ALT)
-
-typedef struct mbedtls_poly1305_context
-{
-    uint32_t r[4];      /** The value for 'r' (low 128 bits of the key). */
-    uint32_t s[4];      /** The value for 's' (high 128 bits of the key). */
-    uint32_t acc[5];    /** The accumulator number. */
-    uint8_t queue[16];  /** The current partial block of data. */
-    size_t queue_len;   /** The number of bytes stored in 'queue'. */
-}
-mbedtls_poly1305_context;
-
-#else  /* MBEDTLS_POLY1305_ALT */
-#include "poly1305_alt.h"
-#endif /* MBEDTLS_POLY1305_ALT */
-
-/**
- * \brief           This function initializes the specified Poly1305 context.
- *
- *                  It must be the first API called before using
- *                  the context.
- *
- *                  It is usually followed by a call to
- *                  \c mbedtls_poly1305_starts(), then one or more calls to
- *                  \c mbedtls_poly1305_update(), then one call to
- *                  \c mbedtls_poly1305_finish(), then finally
- *                  \c mbedtls_poly1305_free().
- *
- * \param ctx       The Poly1305 context to initialize. This must
- *                  not be \c NULL.
- */
-void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx );
-
-/**
- * \brief           This function releases and clears the specified
- *                  Poly1305 context.
- *
- * \param ctx       The Poly1305 context to clear. This may be \c NULL, in which
- *                  case this function is a no-op. If it is not \c NULL, it must
- *                  point to an initialized Poly1305 context.
- */
-void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx );
-
-/**
- * \brief           This function sets the one-time authentication key.
- *
- * \warning         The key must be unique and unpredictable for each
- *                  invocation of Poly1305.
- *
- * \param ctx       The Poly1305 context to which the key should be bound.
- *                  This must be initialized.
- * \param key       The buffer containing the \c 32 Byte (\c 256 Bit) key.
- *
- * \return          \c 0 on success.
- * \return          A negative error code on failure.
- */
-int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx,
-                             const unsigned char key[32] );
-
-/**
- * \brief           This functions feeds an input buffer into an ongoing
- *                  Poly1305 computation.
- *
- *                  It is called between \c mbedtls_cipher_poly1305_starts() and
- *                  \c mbedtls_cipher_poly1305_finish().
- *                  It can be called repeatedly to process a stream of data.
- *
- * \param ctx       The Poly1305 context to use for the Poly1305 operation.
- *                  This must be initialized and bound to a key.
- * \param ilen      The length of the input data in Bytes.
- *                  Any value is accepted.
- * \param input     The buffer holding the input data.
- *                  This pointer can be \c NULL if `ilen == 0`.
- *
- * \return          \c 0 on success.
- * \return          A negative error code on failure.
- */
-int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx,
-                             const unsigned char *input,
-                             size_t ilen );
-
-/**
- * \brief           This function generates the Poly1305 Message
- *                  Authentication Code (MAC).
- *
- * \param ctx       The Poly1305 context to use for the Poly1305 operation.
- *                  This must be initialized and bound to a key.
- * \param mac       The buffer to where the MAC is written. This must
- *                  be a writable buffer of length \c 16 Bytes.
- *
- * \return          \c 0 on success.
- * \return          A negative error code on failure.
- */
-int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx,
-                             unsigned char mac[16] );
-
-/**
- * \brief           This function calculates the Poly1305 MAC of the input
- *                  buffer with the provided key.
- *
- * \warning         The key must be unique and unpredictable for each
- *                  invocation of Poly1305.
- *
- * \param key       The buffer containing the \c 32 Byte (\c 256 Bit) key.
- * \param ilen      The length of the input data in Bytes.
- *                  Any value is accepted.
- * \param input     The buffer holding the input data.
- *                  This pointer can be \c NULL if `ilen == 0`.
- * \param mac       The buffer to where the MAC is written. This must be
- *                  a writable buffer of length \c 16 Bytes.
- *
- * \return          \c 0 on success.
- * \return          A negative error code on failure.
- */
-int mbedtls_poly1305_mac( const unsigned char key[32],
-                          const unsigned char *input,
-                          size_t ilen,
-                          unsigned char mac[16] );
-
-#if defined(MBEDTLS_SELF_TEST)
-/**
- * \brief           The Poly1305 checkup routine.
- *
- * \return          \c 0 on success.
- * \return          \c 1 on failure.
- */
-int mbedtls_poly1305_self_test( int verbose );
-#endif /* MBEDTLS_SELF_TEST */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* MBEDTLS_POLY1305_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/psa_util.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/psa_util.h
deleted file mode 100644
index d8a32c5..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/psa_util.h
+++ /dev/null
@@ -1,422 +0,0 @@
-/**
- * \file psa_util.h
- *
- * \brief Utility functions for the use of the PSA Crypto library.
- *
- * \warning This function is not part of the public API and may
- *          change at any time.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef MBEDTLS_PSA_UTIL_H
-#define MBEDTLS_PSA_UTIL_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-
-#include "psa/crypto.h"
-
-#include "mbedtls/ecp.h"
-#include "mbedtls/md.h"
-#include "mbedtls/pk.h"
-#include "mbedtls/oid.h"
-
-#include <string.h>
-
-/* Translations for symmetric crypto. */
-
-static inline psa_key_type_t mbedtls_psa_translate_cipher_type(
-    mbedtls_cipher_type_t cipher )
-{
-    switch( cipher )
-    {
-        case MBEDTLS_CIPHER_AES_128_CCM:
-        case MBEDTLS_CIPHER_AES_192_CCM:
-        case MBEDTLS_CIPHER_AES_256_CCM:
-        case MBEDTLS_CIPHER_AES_128_GCM:
-        case MBEDTLS_CIPHER_AES_192_GCM:
-        case MBEDTLS_CIPHER_AES_256_GCM:
-        case MBEDTLS_CIPHER_AES_128_CBC:
-        case MBEDTLS_CIPHER_AES_192_CBC:
-        case MBEDTLS_CIPHER_AES_256_CBC:
-            return( PSA_KEY_TYPE_AES );
-
-        /* ARIA not yet supported in PSA. */
-        /* case MBEDTLS_CIPHER_ARIA_128_CCM:
-           case MBEDTLS_CIPHER_ARIA_192_CCM:
-           case MBEDTLS_CIPHER_ARIA_256_CCM:
-           case MBEDTLS_CIPHER_ARIA_128_GCM:
-           case MBEDTLS_CIPHER_ARIA_192_GCM:
-           case MBEDTLS_CIPHER_ARIA_256_GCM:
-           case MBEDTLS_CIPHER_ARIA_128_CBC:
-           case MBEDTLS_CIPHER_ARIA_192_CBC:
-           case MBEDTLS_CIPHER_ARIA_256_CBC:
-               return( PSA_KEY_TYPE_ARIA ); */
-
-        default:
-            return( 0 );
-    }
-}
-
-static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode(
-    mbedtls_cipher_mode_t mode, size_t taglen )
-{
-    switch( mode )
-    {
-        case MBEDTLS_MODE_ECB:
-            return( PSA_ALG_ECB_NO_PADDING );
-        case MBEDTLS_MODE_GCM:
-            return( PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, taglen ) );
-        case MBEDTLS_MODE_CCM:
-            return( PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, taglen ) );
-        case MBEDTLS_MODE_CBC:
-            if( taglen == 0 )
-                return( PSA_ALG_CBC_NO_PADDING );
-            /* Intentional fallthrough for taglen != 0 */
-            /* fallthrough */
-        default:
-            return( 0 );
-    }
-}
-
-static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation(
-    mbedtls_operation_t op )
-{
-    switch( op )
-    {
-        case MBEDTLS_ENCRYPT:
-            return( PSA_KEY_USAGE_ENCRYPT );
-        case MBEDTLS_DECRYPT:
-            return( PSA_KEY_USAGE_DECRYPT );
-        default:
-            return( 0 );
-    }
-}
-
-/* Translations for hashing. */
-
-static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
-{
-    switch( md_alg )
-    {
-#if defined(MBEDTLS_MD2_C)
-    case MBEDTLS_MD_MD2:
-        return( PSA_ALG_MD2 );
-#endif
-#if defined(MBEDTLS_MD4_C)
-    case MBEDTLS_MD_MD4:
-        return( PSA_ALG_MD4 );
-#endif
-#if defined(MBEDTLS_MD5_C)
-    case MBEDTLS_MD_MD5:
-        return( PSA_ALG_MD5 );
-#endif
-#if defined(MBEDTLS_SHA1_C)
-    case MBEDTLS_MD_SHA1:
-        return( PSA_ALG_SHA_1 );
-#endif
-#if defined(MBEDTLS_SHA256_C)
-    case MBEDTLS_MD_SHA224:
-        return( PSA_ALG_SHA_224 );
-    case MBEDTLS_MD_SHA256:
-        return( PSA_ALG_SHA_256 );
-#endif
-#if defined(MBEDTLS_SHA512_C)
-    case MBEDTLS_MD_SHA384:
-        return( PSA_ALG_SHA_384 );
-    case MBEDTLS_MD_SHA512:
-        return( PSA_ALG_SHA_512 );
-#endif
-#if defined(MBEDTLS_RIPEMD160_C)
-    case MBEDTLS_MD_RIPEMD160:
-        return( PSA_ALG_RIPEMD160 );
-#endif
-    case MBEDTLS_MD_NONE:  /* Intentional fallthrough */
-    default:
-        return( 0 );
-    }
-}
-
-/* Translations for ECC. */
-
-static inline int mbedtls_psa_get_ecc_oid_from_id(
-    psa_ecc_family_t curve, size_t bits,
-    char const **oid, size_t *oid_len )
-{
-    switch( curve )
-    {
-        case PSA_ECC_FAMILY_SECP_R1:
-            switch( bits )
-            {
-#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
-                case 192:
-                    *oid = MBEDTLS_OID_EC_GRP_SECP192R1;
-                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192R1 );
-                    return( 0 );
-#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
-#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
-                case 224:
-                    *oid = MBEDTLS_OID_EC_GRP_SECP224R1;
-                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224R1 );
-                    return( 0 );
-#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
-#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
-                case 256:
-                    *oid = MBEDTLS_OID_EC_GRP_SECP256R1;
-                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256R1 );
-                    return( 0 );
-#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
-#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
-                case 384:
-                    *oid = MBEDTLS_OID_EC_GRP_SECP384R1;
-                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP384R1 );
-                    return( 0 );
-#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
-#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
-                case 521:
-                    *oid = MBEDTLS_OID_EC_GRP_SECP521R1;
-                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP521R1 );
-                    return( 0 );
-#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
-            }
-            break;
-        case PSA_ECC_FAMILY_SECP_K1:
-            switch( bits )
-            {
-#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
-                case 192:
-                    *oid = MBEDTLS_OID_EC_GRP_SECP192K1;
-                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192K1 );
-                    return( 0 );
-#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
-#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
-                case 224:
-                    *oid = MBEDTLS_OID_EC_GRP_SECP224K1;
-                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224K1 );
-                    return( 0 );
-#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
-#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
-                case 256:
-                    *oid = MBEDTLS_OID_EC_GRP_SECP256K1;
-                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256K1 );
-                    return( 0 );
-#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
-            }
-            break;
-        case PSA_ECC_FAMILY_BRAINPOOL_P_R1:
-            switch( bits )
-            {
-#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
-                case 256:
-                    *oid = MBEDTLS_OID_EC_GRP_BP256R1;
-                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP256R1 );
-                    return( 0 );
-#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
-#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
-                case 384:
-                    *oid = MBEDTLS_OID_EC_GRP_BP384R1;
-                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP384R1 );
-                    return( 0 );
-#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
-#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
-                case 512:
-                    *oid = MBEDTLS_OID_EC_GRP_BP512R1;
-                    *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP512R1 );
-                    return( 0 );
-#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
-            }
-            break;
-    }
-    (void) oid;
-    (void) oid_len;
-    return( -1 );
-}
-
-#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 1
-
-#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
-#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )
-#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
-#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )
-#endif
-#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
-#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )
-#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
-#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )
-#endif
-#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
-#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
-#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
-#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
-#endif
-#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
-#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )
-#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
-#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )
-#endif
-#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
-#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 521 + 7 ) / 8 ) + 1 )
-#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
-#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 521 + 7 ) / 8 ) + 1 )
-#endif
-#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
-#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )
-#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
-#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )
-#endif
-#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
-#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )
-#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
-#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )
-#endif
-#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
-#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
-#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
-#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
-#endif
-#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
-#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
-#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
-#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
-#endif
-#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
-#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )
-#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
-#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )
-#endif
-#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
-#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 512 + 7 ) / 8 ) + 1 )
-#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
-#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 512 + 7 ) / 8 ) + 1 )
-#endif
-#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
-
-
-/* Translations for PK layer */
-
-static inline int mbedtls_psa_err_translate_pk( psa_status_t status )
-{
-    switch( status )
-    {
-        case PSA_SUCCESS:
-            return( 0 );
-        case PSA_ERROR_NOT_SUPPORTED:
-            return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
-        case PSA_ERROR_INSUFFICIENT_MEMORY:
-            return( MBEDTLS_ERR_PK_ALLOC_FAILED );
-        case PSA_ERROR_INSUFFICIENT_ENTROPY:
-            return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
-        case PSA_ERROR_BAD_STATE:
-            return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-        /* All other failures */
-        case PSA_ERROR_COMMUNICATION_FAILURE:
-        case PSA_ERROR_HARDWARE_FAILURE:
-        case PSA_ERROR_CORRUPTION_DETECTED:
-            return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
-        default: /* We return the same as for the 'other failures',
-                  * but list them separately nonetheless to indicate
-                  * which failure conditions we have considered. */
-            return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
-    }
-}
-
-/* Translations for ECC */
-
-/* This function transforms an ECC group identifier from
- * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
- * into a PSA ECC group identifier. */
-#if defined(MBEDTLS_ECP_C)
-static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group(
-    uint16_t tls_ecc_grp_reg_id, size_t *bits )
-{
-    const mbedtls_ecp_curve_info *curve_info =
-        mbedtls_ecp_curve_info_from_tls_id( tls_ecc_grp_reg_id );
-    if( curve_info == NULL )
-        return( 0 );
-    return( PSA_KEY_TYPE_ECC_KEY_PAIR(
-                mbedtls_ecc_group_to_psa( curve_info->grp_id, bits ) ) );
-}
-#endif /* MBEDTLS_ECP_C */
-
-/* This function takes a buffer holding an EC public key
- * exported through psa_export_public_key(), and converts
- * it into an ECPoint structure to be put into a ClientKeyExchange
- * message in an ECDHE exchange.
- *
- * Both the present and the foreseeable future format of EC public keys
- * used by PSA have the ECPoint structure contained in the exported key
- * as a subbuffer, and the function merely selects this subbuffer instead
- * of making a copy.
- */
-static inline int mbedtls_psa_tls_psa_ec_to_ecpoint( unsigned char *src,
-                                                     size_t srclen,
-                                                     unsigned char **dst,
-                                                     size_t *dstlen )
-{
-    *dst = src;
-    *dstlen = srclen;
-    return( 0 );
-}
-
-/* This function takes a buffer holding an ECPoint structure
- * (as contained in a TLS ServerKeyExchange message for ECDHE
- * exchanges) and converts it into a format that the PSA key
- * agreement API understands.
- */
-static inline int mbedtls_psa_tls_ecpoint_to_psa_ec( unsigned char const *src,
-                                                     size_t srclen,
-                                                     unsigned char *dst,
-                                                     size_t dstlen,
-                                                     size_t *olen )
-{
-    if( srclen > dstlen )
-        return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
-
-    memcpy( dst, src, srclen );
-    *olen = srclen;
-    return( 0 );
-}
-
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#endif /* MBEDTLS_PSA_UTIL_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/ripemd160.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/ripemd160.h
deleted file mode 100644
index 381c725..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/ripemd160.h
+++ /dev/null
@@ -1,235 +0,0 @@
-/**
- * \file ripemd160.h
- *
- * \brief RIPE MD-160 message digest
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_RIPEMD160_H
-#define MBEDTLS_RIPEMD160_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-#include <stdint.h>
-
-/* MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED is deprecated and should not be used.
- */
-#define MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED             -0x0031  /**< RIPEMD160 hardware accelerator failed */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if !defined(MBEDTLS_RIPEMD160_ALT)
-// Regular implementation
-//
-
-/**
- * \brief          RIPEMD-160 context structure
- */
-typedef struct mbedtls_ripemd160_context
-{
-    uint32_t total[2];          /*!< number of bytes processed  */
-    uint32_t state[5];          /*!< intermediate digest state  */
-    unsigned char buffer[64];   /*!< data block being processed */
-}
-mbedtls_ripemd160_context;
-
-#else  /* MBEDTLS_RIPEMD160_ALT */
-#include "ripemd160_alt.h"
-#endif /* MBEDTLS_RIPEMD160_ALT */
-
-/**
- * \brief          Initialize RIPEMD-160 context
- *
- * \param ctx      RIPEMD-160 context to be initialized
- */
-void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx );
-
-/**
- * \brief          Clear RIPEMD-160 context
- *
- * \param ctx      RIPEMD-160 context to be cleared
- */
-void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx );
-
-/**
- * \brief          Clone (the state of) an RIPEMD-160 context
- *
- * \param dst      The destination context
- * \param src      The context to be cloned
- */
-void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst,
-                        const mbedtls_ripemd160_context *src );
-
-/**
- * \brief          RIPEMD-160 context setup
- *
- * \param ctx      context to be initialized
- *
- * \return         0 if successful
- */
-int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx );
-
-/**
- * \brief          RIPEMD-160 process buffer
- *
- * \param ctx      RIPEMD-160 context
- * \param input    buffer holding the data
- * \param ilen     length of the input data
- *
- * \return         0 if successful
- */
-int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx,
-                                  const unsigned char *input,
-                                  size_t ilen );
-
-/**
- * \brief          RIPEMD-160 final digest
- *
- * \param ctx      RIPEMD-160 context
- * \param output   RIPEMD-160 checksum result
- *
- * \return         0 if successful
- */
-int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx,
-                                  unsigned char output[20] );
-
-/**
- * \brief          RIPEMD-160 process data block (internal use only)
- *
- * \param ctx      RIPEMD-160 context
- * \param data     buffer holding one block of data
- *
- * \return         0 if successful
- */
-int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
-                                        const unsigned char data[64] );
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-#if defined(MBEDTLS_DEPRECATED_WARNING)
-#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
-#else
-#define MBEDTLS_DEPRECATED
-#endif
-/**
- * \brief          RIPEMD-160 context setup
- *
- * \deprecated     Superseded by mbedtls_ripemd160_starts_ret() in 2.7.0
- *
- * \param ctx      context to be initialized
- */
-MBEDTLS_DEPRECATED void mbedtls_ripemd160_starts(
-                                            mbedtls_ripemd160_context *ctx );
-
-/**
- * \brief          RIPEMD-160 process buffer
- *
- * \deprecated     Superseded by mbedtls_ripemd160_update_ret() in 2.7.0
- *
- * \param ctx      RIPEMD-160 context
- * \param input    buffer holding the data
- * \param ilen     length of the input data
- */
-MBEDTLS_DEPRECATED void mbedtls_ripemd160_update(
-                                                mbedtls_ripemd160_context *ctx,
-                                                const unsigned char *input,
-                                                size_t ilen );
-
-/**
- * \brief          RIPEMD-160 final digest
- *
- * \deprecated     Superseded by mbedtls_ripemd160_finish_ret() in 2.7.0
- *
- * \param ctx      RIPEMD-160 context
- * \param output   RIPEMD-160 checksum result
- */
-MBEDTLS_DEPRECATED void mbedtls_ripemd160_finish(
-                                                mbedtls_ripemd160_context *ctx,
-                                                unsigned char output[20] );
-
-/**
- * \brief          RIPEMD-160 process data block (internal use only)
- *
- * \deprecated     Superseded by mbedtls_internal_ripemd160_process() in 2.7.0
- *
- * \param ctx      RIPEMD-160 context
- * \param data     buffer holding one block of data
- */
-MBEDTLS_DEPRECATED void mbedtls_ripemd160_process(
-                                            mbedtls_ripemd160_context *ctx,
-                                            const unsigned char data[64] );
-
-#undef MBEDTLS_DEPRECATED
-#endif /* !MBEDTLS_DEPRECATED_REMOVED */
-
-/**
- * \brief          Output = RIPEMD-160( input buffer )
- *
- * \param input    buffer holding the data
- * \param ilen     length of the input data
- * \param output   RIPEMD-160 checksum result
- *
- * \return         0 if successful
- */
-int mbedtls_ripemd160_ret( const unsigned char *input,
-                           size_t ilen,
-                           unsigned char output[20] );
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-#if defined(MBEDTLS_DEPRECATED_WARNING)
-#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
-#else
-#define MBEDTLS_DEPRECATED
-#endif
-/**
- * \brief          Output = RIPEMD-160( input buffer )
- *
- * \deprecated     Superseded by mbedtls_ripemd160_ret() in 2.7.0
- *
- * \param input    buffer holding the data
- * \param ilen     length of the input data
- * \param output   RIPEMD-160 checksum result
- */
-MBEDTLS_DEPRECATED void mbedtls_ripemd160( const unsigned char *input,
-                                           size_t ilen,
-                                           unsigned char output[20] );
-
-#undef MBEDTLS_DEPRECATED
-#endif /* !MBEDTLS_DEPRECATED_REMOVED */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/**
- * \brief          Checkup routine
- *
- * \return         0 if successful, or 1 if the test failed
- */
-int mbedtls_ripemd160_self_test( int verbose );
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* mbedtls_ripemd160.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/ssl_cache.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/ssl_cache.h
deleted file mode 100644
index c6ef296..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/ssl_cache.h
+++ /dev/null
@@ -1,149 +0,0 @@
-/**
- * \file ssl_cache.h
- *
- * \brief SSL session cache implementation
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_SSL_CACHE_H
-#define MBEDTLS_SSL_CACHE_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/ssl.h"
-
-#if defined(MBEDTLS_THREADING_C)
-#include "mbedtls/threading.h"
-#endif
-
-/**
- * \name SECTION: Module settings
- *
- * The configuration options you can set for this module are in this section.
- * Either change them in config.h or define them on the compiler command line.
- * \{
- */
-
-#if !defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT)
-#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT       86400   /*!< 1 day  */
-#endif
-
-#if !defined(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES)
-#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES      50   /*!< Maximum entries in cache */
-#endif
-
-/* \} name SECTION: Module settings */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct mbedtls_ssl_cache_context mbedtls_ssl_cache_context;
-typedef struct mbedtls_ssl_cache_entry mbedtls_ssl_cache_entry;
-
-/**
- * \brief   This structure is used for storing cache entries
- */
-struct mbedtls_ssl_cache_entry
-{
-#if defined(MBEDTLS_HAVE_TIME)
-    mbedtls_time_t timestamp;           /*!< entry timestamp    */
-#endif
-    mbedtls_ssl_session session;        /*!< entry session      */
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
-    defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    mbedtls_x509_buf peer_cert;         /*!< entry peer_cert    */
-#endif
-    mbedtls_ssl_cache_entry *next;      /*!< chain pointer      */
-};
-
-/**
- * \brief Cache context
- */
-struct mbedtls_ssl_cache_context
-{
-    mbedtls_ssl_cache_entry *chain;     /*!< start of the chain     */
-    int timeout;                /*!< cache entry timeout    */
-    int max_entries;            /*!< maximum entries        */
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_threading_mutex_t mutex;    /*!< mutex                  */
-#endif
-};
-
-/**
- * \brief          Initialize an SSL cache context
- *
- * \param cache    SSL cache context
- */
-void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache );
-
-/**
- * \brief          Cache get callback implementation
- *                 (Thread-safe if MBEDTLS_THREADING_C is enabled)
- *
- * \param data     SSL cache context
- * \param session  session to retrieve entry for
- */
-int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session );
-
-/**
- * \brief          Cache set callback implementation
- *                 (Thread-safe if MBEDTLS_THREADING_C is enabled)
- *
- * \param data     SSL cache context
- * \param session  session to store entry for
- */
-int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session );
-
-#if defined(MBEDTLS_HAVE_TIME)
-/**
- * \brief          Set the cache timeout
- *                 (Default: MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT (1 day))
- *
- *                 A timeout of 0 indicates no timeout.
- *
- * \param cache    SSL cache context
- * \param timeout  cache entry timeout in seconds
- */
-void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout );
-#endif /* MBEDTLS_HAVE_TIME */
-
-/**
- * \brief          Set the maximum number of cache entries
- *                 (Default: MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES (50))
- *
- * \param cache    SSL cache context
- * \param max      cache entry maximum
- */
-void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max );
-
-/**
- * \brief          Free referenced items in a cache context and clear memory
- *
- * \param cache    SSL cache context
- */
-void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache );
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* ssl_cache.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/ssl_cookie.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/ssl_cookie.h
deleted file mode 100644
index 0a23870..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/ssl_cookie.h
+++ /dev/null
@@ -1,113 +0,0 @@
-/**
- * \file ssl_cookie.h
- *
- * \brief DTLS cookie callbacks implementation
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_SSL_COOKIE_H
-#define MBEDTLS_SSL_COOKIE_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/ssl.h"
-
-#if defined(MBEDTLS_THREADING_C)
-#include "mbedtls/threading.h"
-#endif
-
-/**
- * \name SECTION: Module settings
- *
- * The configuration options you can set for this module are in this section.
- * Either change them in config.h or define them on the compiler command line.
- * \{
- */
-#ifndef MBEDTLS_SSL_COOKIE_TIMEOUT
-#define MBEDTLS_SSL_COOKIE_TIMEOUT     60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
-#endif
-
-/* \} name SECTION: Module settings */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief          Context for the default cookie functions.
- */
-typedef struct mbedtls_ssl_cookie_ctx
-{
-    mbedtls_md_context_t    hmac_ctx;   /*!< context for the HMAC portion   */
-#if !defined(MBEDTLS_HAVE_TIME)
-    unsigned long   serial;     /*!< serial number for expiration   */
-#endif
-    unsigned long   timeout;    /*!< timeout delay, in seconds if HAVE_TIME,
-                                     or in number of tickets issued */
-
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_threading_mutex_t mutex;
-#endif
-} mbedtls_ssl_cookie_ctx;
-
-/**
- * \brief          Initialize cookie context
- */
-void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx );
-
-/**
- * \brief          Setup cookie context (generate keys)
- */
-int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
-                      int (*f_rng)(void *, unsigned char *, size_t),
-                      void *p_rng );
-
-/**
- * \brief          Set expiration delay for cookies
- *                 (Default MBEDTLS_SSL_COOKIE_TIMEOUT)
- *
- * \param ctx      Cookie contex
- * \param delay    Delay, in seconds if HAVE_TIME, or in number of cookies
- *                 issued in the meantime.
- *                 0 to disable expiration (NOT recommended)
- */
-void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay );
-
-/**
- * \brief          Free cookie context
- */
-void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx );
-
-/**
- * \brief          Generate cookie, see \c mbedtls_ssl_cookie_write_t
- */
-mbedtls_ssl_cookie_write_t mbedtls_ssl_cookie_write;
-
-/**
- * \brief          Verify cookie, see \c mbedtls_ssl_cookie_write_t
- */
-mbedtls_ssl_cookie_check_t mbedtls_ssl_cookie_check;
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* ssl_cookie.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/ssl_internal.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/ssl_internal.h
deleted file mode 100644
index 577c959..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/ssl_internal.h
+++ /dev/null
@@ -1,1309 +0,0 @@
-/**
- * \file ssl_internal.h
- *
- * \brief Internal functions shared by the SSL modules
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_SSL_INTERNAL_H
-#define MBEDTLS_SSL_INTERNAL_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/ssl.h"
-#include "mbedtls/cipher.h"
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "psa/crypto.h"
-#endif
-
-#if defined(MBEDTLS_MD5_C)
-#include "mbedtls/md5.h"
-#endif
-
-#if defined(MBEDTLS_SHA1_C)
-#include "mbedtls/sha1.h"
-#endif
-
-#if defined(MBEDTLS_SHA256_C)
-#include "mbedtls/sha256.h"
-#endif
-
-#if defined(MBEDTLS_SHA512_C)
-#include "mbedtls/sha512.h"
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-#include "mbedtls/ecjpake.h"
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "psa/crypto.h"
-#include "mbedtls/psa_util.h"
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
-    !defined(inline) && !defined(__cplusplus)
-#define inline __inline
-#endif
-
-/* Determine minimum supported version */
-#define MBEDTLS_SSL_MIN_MAJOR_VERSION           MBEDTLS_SSL_MAJOR_VERSION_3
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-#define MBEDTLS_SSL_MIN_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_0
-#else
-#if defined(MBEDTLS_SSL_PROTO_TLS1)
-#define MBEDTLS_SSL_MIN_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_1
-#else
-#if defined(MBEDTLS_SSL_PROTO_TLS1_1)
-#define MBEDTLS_SSL_MIN_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_2
-#else
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#define MBEDTLS_SSL_MIN_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_3
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */
-#endif /* MBEDTLS_SSL_PROTO_TLS1   */
-#endif /* MBEDTLS_SSL_PROTO_SSL3   */
-
-#define MBEDTLS_SSL_MIN_VALID_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_1
-#define MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3
-
-/* Determine maximum supported version */
-#define MBEDTLS_SSL_MAX_MAJOR_VERSION           MBEDTLS_SSL_MAJOR_VERSION_3
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#define MBEDTLS_SSL_MAX_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_3
-#else
-#if defined(MBEDTLS_SSL_PROTO_TLS1_1)
-#define MBEDTLS_SSL_MAX_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_2
-#else
-#if defined(MBEDTLS_SSL_PROTO_TLS1)
-#define MBEDTLS_SSL_MAX_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_1
-#else
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-#define MBEDTLS_SSL_MAX_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_0
-#endif /* MBEDTLS_SSL_PROTO_SSL3   */
-#endif /* MBEDTLS_SSL_PROTO_TLS1   */
-#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-
-/* Shorthand for restartable ECC */
-#if defined(MBEDTLS_ECP_RESTARTABLE) && \
-    defined(MBEDTLS_SSL_CLI_C) && \
-    defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
-#define MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED
-#endif
-
-#define MBEDTLS_SSL_INITIAL_HANDSHAKE           0
-#define MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS   1   /* In progress */
-#define MBEDTLS_SSL_RENEGOTIATION_DONE          2   /* Done or aborted */
-#define MBEDTLS_SSL_RENEGOTIATION_PENDING       3   /* Requested (server only) */
-
-/*
- * DTLS retransmission states, see RFC 6347 4.2.4
- *
- * The SENDING state is merged in PREPARING for initial sends,
- * but is distinct for resends.
- *
- * Note: initial state is wrong for server, but is not used anyway.
- */
-#define MBEDTLS_SSL_RETRANS_PREPARING       0
-#define MBEDTLS_SSL_RETRANS_SENDING         1
-#define MBEDTLS_SSL_RETRANS_WAITING         2
-#define MBEDTLS_SSL_RETRANS_FINISHED        3
-
-/*
- * Allow extra bytes for record, authentication and encryption overhead:
- * counter (8) + header (5) + IV(16) + MAC (16-48) + padding (0-256)
- * and allow for a maximum of 1024 of compression expansion if
- * enabled.
- */
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-#define MBEDTLS_SSL_COMPRESSION_ADD          1024
-#else
-#define MBEDTLS_SSL_COMPRESSION_ADD             0
-#endif
-
-/* This macro determines whether CBC is supported. */
-#if defined(MBEDTLS_CIPHER_MODE_CBC) &&                               \
-    ( defined(MBEDTLS_AES_C)      ||                                  \
-      defined(MBEDTLS_CAMELLIA_C) ||                                  \
-      defined(MBEDTLS_ARIA_C)     ||                                  \
-      defined(MBEDTLS_DES_C) )
-#define MBEDTLS_SSL_SOME_SUITES_USE_CBC
-#endif
-
-/* This macro determines whether the CBC construct used in TLS 1.0-1.2 (as
- * opposed to the very different CBC construct used in SSLv3) is supported. */
-#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) && \
-    ( defined(MBEDTLS_SSL_PROTO_TLS1) ||        \
-      defined(MBEDTLS_SSL_PROTO_TLS1_1) ||      \
-      defined(MBEDTLS_SSL_PROTO_TLS1_2) )
-#define MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC
-#endif
-
-#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) ||   \
-    defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC)
-#define MBEDTLS_SSL_SOME_MODES_USE_MAC
-#endif
-
-#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
-/* Ciphersuites using HMAC */
-#if defined(MBEDTLS_SHA512_C)
-#define MBEDTLS_SSL_MAC_ADD                 48  /* SHA-384 used for HMAC */
-#elif defined(MBEDTLS_SHA256_C)
-#define MBEDTLS_SSL_MAC_ADD                 32  /* SHA-256 used for HMAC */
-#else
-#define MBEDTLS_SSL_MAC_ADD                 20  /* SHA-1   used for HMAC */
-#endif
-#else /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
-/* AEAD ciphersuites: GCM and CCM use a 128 bits tag */
-#define MBEDTLS_SSL_MAC_ADD                 16
-#endif
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-#define MBEDTLS_SSL_PADDING_ADD            256
-#else
-#define MBEDTLS_SSL_PADDING_ADD              0
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-#define MBEDTLS_SSL_MAX_CID_EXPANSION      MBEDTLS_SSL_CID_PADDING_GRANULARITY
-#else
-#define MBEDTLS_SSL_MAX_CID_EXPANSION        0
-#endif
-
-#define MBEDTLS_SSL_PAYLOAD_OVERHEAD ( MBEDTLS_SSL_COMPRESSION_ADD +    \
-                                       MBEDTLS_MAX_IV_LENGTH +          \
-                                       MBEDTLS_SSL_MAC_ADD +            \
-                                       MBEDTLS_SSL_PADDING_ADD +        \
-                                       MBEDTLS_SSL_MAX_CID_EXPANSION    \
-                                       )
-
-#define MBEDTLS_SSL_IN_PAYLOAD_LEN ( MBEDTLS_SSL_PAYLOAD_OVERHEAD + \
-                                     ( MBEDTLS_SSL_IN_CONTENT_LEN ) )
-
-#define MBEDTLS_SSL_OUT_PAYLOAD_LEN ( MBEDTLS_SSL_PAYLOAD_OVERHEAD + \
-                                      ( MBEDTLS_SSL_OUT_CONTENT_LEN ) )
-
-/* The maximum number of buffered handshake messages. */
-#define MBEDTLS_SSL_MAX_BUFFERED_HS 4
-
-/* Maximum length we can advertise as our max content length for
-   RFC 6066 max_fragment_length extension negotiation purposes
-   (the lesser of both sizes, if they are unequal.)
- */
-#define MBEDTLS_TLS_EXT_ADV_CONTENT_LEN (                            \
-        (MBEDTLS_SSL_IN_CONTENT_LEN > MBEDTLS_SSL_OUT_CONTENT_LEN)   \
-        ? ( MBEDTLS_SSL_OUT_CONTENT_LEN )                            \
-        : ( MBEDTLS_SSL_IN_CONTENT_LEN )                             \
-        )
-
-/* Maximum size in bytes of list in sig-hash algorithm ext., RFC 5246 */
-#define MBEDTLS_SSL_MAX_SIG_HASH_ALG_LIST_LEN  65534
-
-/* Maximum size in bytes of list in supported elliptic curve ext., RFC 4492 */
-#define MBEDTLS_SSL_MAX_CURVE_LIST_LEN         65535
-
-/*
- * Check that we obey the standard's message size bounds
- */
-
-#if MBEDTLS_SSL_MAX_CONTENT_LEN > 16384
-#error "Bad configuration - record content too large."
-#endif
-
-#if MBEDTLS_SSL_IN_CONTENT_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN
-#error "Bad configuration - incoming record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN."
-#endif
-
-#if MBEDTLS_SSL_OUT_CONTENT_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN
-#error "Bad configuration - outgoing record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN."
-#endif
-
-#if MBEDTLS_SSL_IN_PAYLOAD_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN + 2048
-#error "Bad configuration - incoming protected record payload too large."
-#endif
-
-#if MBEDTLS_SSL_OUT_PAYLOAD_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN + 2048
-#error "Bad configuration - outgoing protected record payload too large."
-#endif
-
-/* Calculate buffer sizes */
-
-/* Note: Even though the TLS record header is only 5 bytes
-   long, we're internally using 8 bytes to store the
-   implicit sequence number. */
-#define MBEDTLS_SSL_HEADER_LEN 13
-
-#if !defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-#define MBEDTLS_SSL_IN_BUFFER_LEN  \
-    ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_IN_PAYLOAD_LEN ) )
-#else
-#define MBEDTLS_SSL_IN_BUFFER_LEN  \
-    ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_IN_PAYLOAD_LEN ) \
-      + ( MBEDTLS_SSL_CID_IN_LEN_MAX ) )
-#endif
-
-#if !defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-#define MBEDTLS_SSL_OUT_BUFFER_LEN  \
-    ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_OUT_PAYLOAD_LEN ) )
-#else
-#define MBEDTLS_SSL_OUT_BUFFER_LEN                               \
-    ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_OUT_PAYLOAD_LEN )    \
-      + ( MBEDTLS_SSL_CID_OUT_LEN_MAX ) )
-#endif
-
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-static inline uint32_t mbedtls_ssl_get_output_buflen( const mbedtls_ssl_context *ctx )
-{
-#if defined (MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    return (uint32_t) mbedtls_ssl_get_output_max_frag_len( ctx )
-               + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD
-               + MBEDTLS_SSL_CID_OUT_LEN_MAX;
-#else
-    return (uint32_t) mbedtls_ssl_get_output_max_frag_len( ctx )
-               + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD;
-#endif
-}
-
-static inline uint32_t mbedtls_ssl_get_input_buflen( const mbedtls_ssl_context *ctx )
-{
-#if defined (MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    return (uint32_t) mbedtls_ssl_get_input_max_frag_len( ctx )
-               + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD
-               + MBEDTLS_SSL_CID_IN_LEN_MAX;
-#else
-    return (uint32_t) mbedtls_ssl_get_input_max_frag_len( ctx )
-               + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD;
-#endif
-}
-#endif
-
-#ifdef MBEDTLS_ZLIB_SUPPORT
-/* Compression buffer holds both IN and OUT buffers, so should be size of the larger */
-#define MBEDTLS_SSL_COMPRESS_BUFFER_LEN (                               \
-        ( MBEDTLS_SSL_IN_BUFFER_LEN > MBEDTLS_SSL_OUT_BUFFER_LEN )      \
-        ? MBEDTLS_SSL_IN_BUFFER_LEN                                     \
-        : MBEDTLS_SSL_OUT_BUFFER_LEN                                    \
-        )
-#endif
-
-/*
- * TLS extension flags (for extensions with outgoing ServerHello content
- * that need it (e.g. for RENEGOTIATION_INFO the server already knows because
- * of state of the renegotiation flag, so no indicator is required)
- */
-#define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT (1 << 0)
-#define MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK                 (1 << 1)
-
-/**
- * \brief        This function checks if the remaining size in a buffer is
- *               greater or equal than a needed space.
- *
- * \param cur    Pointer to the current position in the buffer.
- * \param end    Pointer to one past the end of the buffer.
- * \param need   Needed space in bytes.
- *
- * \return       Zero if the needed space is available in the buffer, non-zero
- *               otherwise.
- */
-static inline int mbedtls_ssl_chk_buf_ptr( const uint8_t *cur,
-                                           const uint8_t *end, size_t need )
-{
-    return( ( cur > end ) || ( need > (size_t)( end - cur ) ) );
-}
-
-/**
- * \brief        This macro checks if the remaining size in a buffer is
- *               greater or equal than a needed space. If it is not the case,
- *               it returns an SSL_BUFFER_TOO_SMALL error.
- *
- * \param cur    Pointer to the current position in the buffer.
- * \param end    Pointer to one past the end of the buffer.
- * \param need   Needed space in bytes.
- *
- */
-#define MBEDTLS_SSL_CHK_BUF_PTR( cur, end, need )                        \
-    do {                                                                 \
-        if( mbedtls_ssl_chk_buf_ptr( ( cur ), ( end ), ( need ) ) != 0 ) \
-        {                                                                \
-            return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );                  \
-        }                                                                \
-    } while( 0 )
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
-    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-/*
- * Abstraction for a grid of allowed signature-hash-algorithm pairs.
- */
-struct mbedtls_ssl_sig_hash_set_t
-{
-    /* At the moment, we only need to remember a single suitable
-     * hash algorithm per signature algorithm. As long as that's
-     * the case - and we don't need a general lookup function -
-     * we can implement the sig-hash-set as a map from signatures
-     * to hash algorithms. */
-    mbedtls_md_type_t rsa;
-    mbedtls_md_type_t ecdsa;
-};
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
-          MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
-
-typedef int  mbedtls_ssl_tls_prf_cb( const unsigned char *secret, size_t slen,
-                                     const char *label,
-                                     const unsigned char *random, size_t rlen,
-                                     unsigned char *dstbuf, size_t dlen );
-
-/* cipher.h exports the maximum IV, key and block length from
- * all ciphers enabled in the config, regardless of whether those
- * ciphers are actually usable in SSL/TLS. Notably, XTS is enabled
- * in the default configuration and uses 64 Byte keys, but it is
- * not used for record protection in SSL/TLS.
- *
- * In order to prevent unnecessary inflation of key structures,
- * we introduce SSL-specific variants of the max-{key,block,IV}
- * macros here which are meant to only take those ciphers into
- * account which can be negotiated in SSL/TLS.
- *
- * Since the current definitions of MBEDTLS_MAX_{KEY|BLOCK|IV}_LENGTH
- * in cipher.h are rough overapproximations of the real maxima, here
- * we content ourselves with replicating those overapproximations
- * for the maximum block and IV length, and excluding XTS from the
- * computation of the maximum key length. */
-#define MBEDTLS_SSL_MAX_BLOCK_LENGTH 16
-#define MBEDTLS_SSL_MAX_IV_LENGTH    16
-#define MBEDTLS_SSL_MAX_KEY_LENGTH   32
-
-/**
- * \brief   The data structure holding the cryptographic material (key and IV)
- *          used for record protection in TLS 1.3.
- */
-struct mbedtls_ssl_key_set
-{
-    /*! The key for client->server records. */
-    unsigned char client_write_key[ MBEDTLS_SSL_MAX_KEY_LENGTH ];
-    /*! The key for server->client records. */
-    unsigned char server_write_key[ MBEDTLS_SSL_MAX_KEY_LENGTH ];
-    /*! The IV  for client->server records. */
-    unsigned char client_write_iv[ MBEDTLS_SSL_MAX_IV_LENGTH ];
-    /*! The IV  for server->client records. */
-    unsigned char server_write_iv[ MBEDTLS_SSL_MAX_IV_LENGTH ];
-
-    size_t key_len; /*!< The length of client_write_key and
-                     *   server_write_key, in Bytes. */
-    size_t iv_len;  /*!< The length of client_write_iv and
-                     *   server_write_iv, in Bytes. */
-};
-typedef struct mbedtls_ssl_key_set mbedtls_ssl_key_set;
-
-/*
- * This structure contains the parameters only needed during handshake.
- */
-struct mbedtls_ssl_handshake_params
-{
-    /*
-     * Handshake specific crypto variables
-     */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
-    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-    mbedtls_ssl_sig_hash_set_t hash_algs;             /*!<  Set of suitable sig-hash pairs */
-#endif
-#if defined(MBEDTLS_DHM_C)
-    mbedtls_dhm_context dhm_ctx;                /*!<  DHM key exchange        */
-#endif
-/* Adding guard for MBEDTLS_ECDSA_C to ensure no compile errors due
- * to guards also being in ssl_srv.c and ssl_cli.c. There is a gap
- * in functionality that access to ecdh_ctx structure is needed for
- * MBEDTLS_ECDSA_C which does not seem correct.
- */
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
-    mbedtls_ecdh_context ecdh_ctx;              /*!<  ECDH key exchange       */
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_key_type_t ecdh_psa_type;
-    uint16_t ecdh_bits;
-    psa_key_id_t ecdh_psa_privkey;
-    unsigned char ecdh_psa_peerkey[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH];
-    size_t ecdh_psa_peerkey_len;
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-    mbedtls_ecjpake_context ecjpake_ctx;        /*!< EC J-PAKE key exchange */
-#if defined(MBEDTLS_SSL_CLI_C)
-    unsigned char *ecjpake_cache;               /*!< Cache for ClientHello ext */
-    size_t ecjpake_cache_len;                   /*!< Length of cached data */
-#endif
-#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
-    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-    const mbedtls_ecp_curve_info **curves;      /*!<  Supported elliptic curves */
-#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_key_id_t psk_opaque;            /*!< Opaque PSK from the callback   */
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-    unsigned char *psk;                 /*!<  PSK from the callback         */
-    size_t psk_len;                     /*!<  Length of PSK from callback   */
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    mbedtls_ssl_key_cert *key_cert;     /*!< chosen key/cert pair (server)  */
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-    int sni_authmode;                   /*!< authmode from SNI callback     */
-    mbedtls_ssl_key_cert *sni_key_cert; /*!< key/cert list from SNI         */
-    mbedtls_x509_crt *sni_ca_chain;     /*!< trusted CAs from SNI callback  */
-    mbedtls_x509_crl *sni_ca_crl;       /*!< trusted CAs CRLs from SNI      */
-#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-    int ecrs_enabled;                   /*!< Handshake supports EC restart? */
-    mbedtls_x509_crt_restart_ctx ecrs_ctx;  /*!< restart context            */
-    enum { /* this complements ssl->state with info on intra-state operations */
-        ssl_ecrs_none = 0,              /*!< nothing going on (yet)         */
-        ssl_ecrs_crt_verify,            /*!< Certificate: crt_verify()      */
-        ssl_ecrs_ske_start_processing,  /*!< ServerKeyExchange: pk_verify() */
-        ssl_ecrs_cke_ecdh_calc_secret,  /*!< ClientKeyExchange: ECDH step 2 */
-        ssl_ecrs_crt_vrfy_sign,         /*!< CertificateVerify: pk_sign()   */
-    } ecrs_state;                       /*!< current (or last) operation    */
-    mbedtls_x509_crt *ecrs_peer_cert;   /*!< The peer's CRT chain.          */
-    size_t ecrs_n;                      /*!< place for saving a length      */
-#endif
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
-    !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    mbedtls_pk_context peer_pubkey;     /*!< The public key from the peer.  */
-#endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    unsigned int out_msg_seq;           /*!<  Outgoing handshake sequence number */
-    unsigned int in_msg_seq;            /*!<  Incoming handshake sequence number */
-
-    unsigned char *verify_cookie;       /*!<  Cli: HelloVerifyRequest cookie
-                                              Srv: unused                    */
-    unsigned char verify_cookie_len;    /*!<  Cli: cookie length
-                                              Srv: flag for sending a cookie */
-
-    uint32_t retransmit_timeout;        /*!<  Current value of timeout       */
-    unsigned char retransmit_state;     /*!<  Retransmission state           */
-    mbedtls_ssl_flight_item *flight;    /*!<  Current outgoing flight        */
-    mbedtls_ssl_flight_item *cur_msg;   /*!<  Current message in flight      */
-    unsigned char *cur_msg_p;           /*!<  Position in current message    */
-    unsigned int in_flight_start_seq;   /*!<  Minimum message sequence in the
-                                              flight being received          */
-    mbedtls_ssl_transform *alt_transform_out;   /*!<  Alternative transform for
-                                              resending messages             */
-    unsigned char alt_out_ctr[8];       /*!<  Alternative record epoch/counter
-                                              for resending messages         */
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    /* The state of CID configuration in this handshake. */
-
-    uint8_t cid_in_use; /*!< This indicates whether the use of the CID extension
-                         *   has been negotiated. Possible values are
-                         *   #MBEDTLS_SSL_CID_ENABLED and
-                         *   #MBEDTLS_SSL_CID_DISABLED. */
-    unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; /*! The peer's CID */
-    uint8_t peer_cid_len;                                  /*!< The length of
-                                                            *   \c peer_cid.  */
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-    struct
-    {
-        size_t total_bytes_buffered; /*!< Cumulative size of heap allocated
-                                      *   buffers used for message buffering. */
-
-        uint8_t seen_ccs;               /*!< Indicates if a CCS message has
-                                         *   been seen in the current flight. */
-
-        struct mbedtls_ssl_hs_buffer
-        {
-            unsigned is_valid      : 1;
-            unsigned is_fragmented : 1;
-            unsigned is_complete   : 1;
-            unsigned char *data;
-            size_t data_len;
-        } hs[MBEDTLS_SSL_MAX_BUFFERED_HS];
-
-        struct
-        {
-            unsigned char *data;
-            size_t len;
-            unsigned epoch;
-        } future_record;
-
-    } buffering;
-
-    uint16_t mtu;                       /*!<  Handshake mtu, used to fragment outgoing messages */
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-    /*
-     * Checksum contexts
-     */
-#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_1)
-       mbedtls_md5_context fin_md5;
-      mbedtls_sha1_context fin_sha1;
-#endif
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#if defined(MBEDTLS_SHA256_C)
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_hash_operation_t fin_sha256_psa;
-#else
-    mbedtls_sha256_context fin_sha256;
-#endif
-#endif
-#if defined(MBEDTLS_SHA512_C)
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_hash_operation_t fin_sha384_psa;
-#else
-    mbedtls_sha512_context fin_sha512;
-#endif
-#endif
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-
-    void (*update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t);
-    void (*calc_verify)(const mbedtls_ssl_context *, unsigned char *, size_t *);
-    void (*calc_finished)(mbedtls_ssl_context *, unsigned char *, int);
-    mbedtls_ssl_tls_prf_cb *tls_prf;
-
-    mbedtls_ssl_ciphersuite_t const *ciphersuite_info;
-
-    size_t pmslen;                      /*!<  premaster length        */
-
-    unsigned char randbytes[64];        /*!<  random bytes            */
-    unsigned char premaster[MBEDTLS_PREMASTER_SIZE];
-                                        /*!<  premaster secret        */
-
-    int resume;                         /*!<  session resume indicator*/
-    int max_major_ver;                  /*!< max. major version client*/
-    int max_minor_ver;                  /*!< max. minor version client*/
-    int cli_exts;                       /*!< client extension presence*/
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    int new_session_ticket;             /*!< use NewSessionTicket?    */
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-    int extended_ms;                    /*!< use Extended Master Secret? */
-#endif
-
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-    unsigned int async_in_progress : 1; /*!< an asynchronous operation is in progress */
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-    /** Asynchronous operation context. This field is meant for use by the
-     * asynchronous operation callbacks (mbedtls_ssl_config::f_async_sign_start,
-     * mbedtls_ssl_config::f_async_decrypt_start,
-     * mbedtls_ssl_config::f_async_resume, mbedtls_ssl_config::f_async_cancel).
-     * The library does not use it internally. */
-    void *user_async_ctx;
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-};
-
-typedef struct mbedtls_ssl_hs_buffer mbedtls_ssl_hs_buffer;
-
-/*
- * Representation of decryption/encryption transformations on records
- *
- * There are the following general types of record transformations:
- * - Stream transformations (TLS versions <= 1.2 only)
- *   Transformation adding a MAC and applying a stream-cipher
- *   to the authenticated message.
- * - CBC block cipher transformations ([D]TLS versions <= 1.2 only)
- *   In addition to the distinction of the order of encryption and
- *   authentication, there's a fundamental difference between the
- *   handling in SSL3 & TLS 1.0 and TLS 1.1 and TLS 1.2: For SSL3
- *   and TLS 1.0, the final IV after processing a record is used
- *   as the IV for the next record. No explicit IV is contained
- *   in an encrypted record. The IV for the first record is extracted
- *   at key extraction time. In contrast, for TLS 1.1 and 1.2, no
- *   IV is generated at key extraction time, but every encrypted
- *   record is explicitly prefixed by the IV with which it was encrypted.
- * - AEAD transformations ([D]TLS versions >= 1.2 only)
- *   These come in two fundamentally different versions, the first one
- *   used in TLS 1.2, excluding ChaChaPoly ciphersuites, and the second
- *   one used for ChaChaPoly ciphersuites in TLS 1.2 as well as for TLS 1.3.
- *   In the first transformation, the IV to be used for a record is obtained
- *   as the concatenation of an explicit, static 4-byte IV and the 8-byte
- *   record sequence number, and explicitly prepending this sequence number
- *   to the encrypted record. In contrast, in the second transformation
- *   the IV is obtained by XOR'ing a static IV obtained at key extraction
- *   time with the 8-byte record sequence number, without prepending the
- *   latter to the encrypted record.
- *
- * Additionally, DTLS 1.2 + CID as well as TLS 1.3 use an inner plaintext
- * which allows to add flexible length padding and to hide a record's true
- * content type.
- *
- * In addition to type and version, the following parameters are relevant:
- * - The symmetric cipher algorithm to be used.
- * - The (static) encryption/decryption keys for the cipher.
- * - For stream/CBC, the type of message digest to be used.
- * - For stream/CBC, (static) encryption/decryption keys for the digest.
- * - For AEAD transformations, the size (potentially 0) of an explicit,
- *   random initialization vector placed in encrypted records.
- * - For some transformations (currently AEAD and CBC in SSL3 and TLS 1.0)
- *   an implicit IV. It may be static (e.g. AEAD) or dynamic (e.g. CBC)
- *   and (if present) is combined with the explicit IV in a transformation-
- *   dependent way (e.g. appending in TLS 1.2 and XOR'ing in TLS 1.3).
- * - For stream/CBC, a flag determining the order of encryption and MAC.
- * - The details of the transformation depend on the SSL/TLS version.
- * - The length of the authentication tag.
- *
- * Note: Except for CBC in SSL3 and TLS 1.0, these parameters are
- *       constant across multiple encryption/decryption operations.
- *       For CBC, the implicit IV needs to be updated after each
- *       operation.
- *
- * The struct below refines this abstract view as follows:
- * - The cipher underlying the transformation is managed in
- *   cipher contexts cipher_ctx_{enc/dec}, which must have the
- *   same cipher type. The mode of these cipher contexts determines
- *   the type of the transformation in the sense above: e.g., if
- *   the type is MBEDTLS_CIPHER_AES_256_CBC resp. MBEDTLS_CIPHER_AES_192_GCM
- *   then the transformation has type CBC resp. AEAD.
- * - The cipher keys are never stored explicitly but
- *   are maintained within cipher_ctx_{enc/dec}.
- * - For stream/CBC transformations, the message digest contexts
- *   used for the MAC's are stored in md_ctx_{enc/dec}. These contexts
- *   are unused for AEAD transformations.
- * - For stream/CBC transformations and versions > SSL3, the
- *   MAC keys are not stored explicitly but maintained within
- *   md_ctx_{enc/dec}.
- * - For stream/CBC transformations and version SSL3, the MAC
- *   keys are stored explicitly in mac_enc, mac_dec and have
- *   a fixed size of 20 bytes. These fields are unused for
- *   AEAD transformations or transformations >= TLS 1.0.
- * - For transformations using an implicit IV maintained within
- *   the transformation context, its contents are stored within
- *   iv_{enc/dec}.
- * - The value of ivlen indicates the length of the IV.
- *   This is redundant in case of stream/CBC transformations
- *   which always use 0 resp. the cipher's block length as the
- *   IV length, but is needed for AEAD ciphers and may be
- *   different from the underlying cipher's block length
- *   in this case.
- * - The field fixed_ivlen is nonzero for AEAD transformations only
- *   and indicates the length of the static part of the IV which is
- *   constant throughout the communication, and which is stored in
- *   the first fixed_ivlen bytes of the iv_{enc/dec} arrays.
- *   Note: For CBC in SSL3 and TLS 1.0, the fields iv_{enc/dec}
- *   still store IV's for continued use across multiple transformations,
- *   so it is not true that fixed_ivlen == 0 means that iv_{enc/dec} are
- *   not being used!
- * - minor_ver denotes the SSL/TLS version
- * - For stream/CBC transformations, maclen denotes the length of the
- *   authentication tag, while taglen is unused and 0.
- * - For AEAD transformations, taglen denotes the length of the
- *   authentication tag, while maclen is unused and 0.
- * - For CBC transformations, encrypt_then_mac determines the
- *   order of encryption and authentication. This field is unused
- *   in other transformations.
- *
- */
-struct mbedtls_ssl_transform
-{
-    /*
-     * Session specific crypto layer
-     */
-    size_t minlen;                      /*!<  min. ciphertext length  */
-    size_t ivlen;                       /*!<  IV length               */
-    size_t fixed_ivlen;                 /*!<  Fixed part of IV (AEAD) */
-    size_t maclen;                      /*!<  MAC(CBC) len            */
-    size_t taglen;                      /*!<  TAG(AEAD) len           */
-
-    unsigned char iv_enc[16];           /*!<  IV (encryption)         */
-    unsigned char iv_dec[16];           /*!<  IV (decryption)         */
-
-#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-    /* Needed only for SSL v3.0 secret */
-    unsigned char mac_enc[20];          /*!<  SSL v3.0 secret (enc)   */
-    unsigned char mac_dec[20];          /*!<  SSL v3.0 secret (dec)   */
-#endif /* MBEDTLS_SSL_PROTO_SSL3 */
-
-    mbedtls_md_context_t md_ctx_enc;            /*!<  MAC (encryption)        */
-    mbedtls_md_context_t md_ctx_dec;            /*!<  MAC (decryption)        */
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-    int encrypt_then_mac;       /*!< flag for EtM activation                */
-#endif
-
-#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
-
-    mbedtls_cipher_context_t cipher_ctx_enc;    /*!<  encryption context      */
-    mbedtls_cipher_context_t cipher_ctx_dec;    /*!<  decryption context      */
-    int minor_ver;
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    uint8_t in_cid_len;
-    uint8_t out_cid_len;
-    unsigned char in_cid [ MBEDTLS_SSL_CID_OUT_LEN_MAX ];
-    unsigned char out_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ];
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-    /*
-     * Session specific compression layer
-     */
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-    z_stream ctx_deflate;               /*!<  compression context     */
-    z_stream ctx_inflate;               /*!<  decompression context   */
-#endif
-
-#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
-    /* We need the Hello random bytes in order to re-derive keys from the
-     * Master Secret and other session info, see ssl_populate_transform() */
-    unsigned char randbytes[64]; /*!< ServerHello.random+ClientHello.random */
-#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
-};
-
-/*
- * Return 1 if the transform uses an AEAD cipher, 0 otherwise.
- * Equivalently, return 0 if a separate MAC is used, 1 otherwise.
- */
-static inline int mbedtls_ssl_transform_uses_aead(
-        const mbedtls_ssl_transform *transform )
-{
-#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
-    return( transform->maclen == 0 && transform->taglen != 0 );
-#else
-    (void) transform;
-    return( 1 );
-#endif
-}
-
-/*
- * Internal representation of record frames
- *
- * Instances come in two flavors:
- * (1) Encrypted
- *     These always have data_offset = 0
- * (2) Unencrypted
- *     These have data_offset set to the amount of
- *     pre-expansion during record protection. Concretely,
- *     this is the length of the fixed part of the explicit IV
- *     used for encryption, or 0 if no explicit IV is used
- *     (e.g. for CBC in TLS 1.0, or stream ciphers).
- *
- * The reason for the data_offset in the unencrypted case
- * is to allow for in-place conversion of an unencrypted to
- * an encrypted record. If the offset wasn't included, the
- * encrypted content would need to be shifted afterwards to
- * make space for the fixed IV.
- *
- */
-#if MBEDTLS_SSL_CID_OUT_LEN_MAX > MBEDTLS_SSL_CID_IN_LEN_MAX
-#define MBEDTLS_SSL_CID_LEN_MAX MBEDTLS_SSL_CID_OUT_LEN_MAX
-#else
-#define MBEDTLS_SSL_CID_LEN_MAX MBEDTLS_SSL_CID_IN_LEN_MAX
-#endif
-
-typedef struct
-{
-    uint8_t ctr[8];         /* In TLS:  The implicit record sequence number.
-                             * In DTLS: The 2-byte epoch followed by
-                             *          the 6-byte sequence number.
-                             * This is stored as a raw big endian byte array
-                             * as opposed to a uint64_t because we rarely
-                             * need to perform arithmetic on this, but do
-                             * need it as a Byte array for the purpose of
-                             * MAC computations.                             */
-    uint8_t type;           /* The record content type.                      */
-    uint8_t ver[2];         /* SSL/TLS version as present on the wire.
-                             * Convert to internal presentation of versions
-                             * using mbedtls_ssl_read_version() and
-                             * mbedtls_ssl_write_version().
-                             * Keep wire-format for MAC computations.        */
-
-    unsigned char *buf;     /* Memory buffer enclosing the record content    */
-    size_t buf_len;         /* Buffer length                                 */
-    size_t data_offset;     /* Offset of record content                      */
-    size_t data_len;        /* Length of record content                      */
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    uint8_t cid_len;        /* Length of the CID (0 if not present)          */
-    unsigned char cid[ MBEDTLS_SSL_CID_LEN_MAX ]; /* The CID                 */
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-} mbedtls_record;
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-/*
- * List of certificate + private key pairs
- */
-struct mbedtls_ssl_key_cert
-{
-    mbedtls_x509_crt *cert;                 /*!< cert                       */
-    mbedtls_pk_context *key;                /*!< private key                */
-    mbedtls_ssl_key_cert *next;             /*!< next key/cert pair         */
-};
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-/*
- * List of handshake messages kept around for resending
- */
-struct mbedtls_ssl_flight_item
-{
-    unsigned char *p;       /*!< message, including handshake headers   */
-    size_t len;             /*!< length of p                            */
-    unsigned char type;     /*!< type of the message: handshake or CCS  */
-    mbedtls_ssl_flight_item *next;  /*!< next handshake message(s)              */
-};
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
-    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-
-/* Find an entry in a signature-hash set matching a given hash algorithm. */
-mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find( mbedtls_ssl_sig_hash_set_t *set,
-                                                 mbedtls_pk_type_t sig_alg );
-/* Add a signature-hash-pair to a signature-hash set */
-void mbedtls_ssl_sig_hash_set_add( mbedtls_ssl_sig_hash_set_t *set,
-                                   mbedtls_pk_type_t sig_alg,
-                                   mbedtls_md_type_t md_alg );
-/* Allow exactly one hash algorithm for each signature. */
-void mbedtls_ssl_sig_hash_set_const_hash( mbedtls_ssl_sig_hash_set_t *set,
-                                          mbedtls_md_type_t md_alg );
-
-/* Setup an empty signature-hash set */
-static inline void mbedtls_ssl_sig_hash_set_init( mbedtls_ssl_sig_hash_set_t *set )
-{
-    mbedtls_ssl_sig_hash_set_const_hash( set, MBEDTLS_MD_NONE );
-}
-
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2) &&
-          MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
-
-/**
- * \brief           Free referenced items in an SSL transform context and clear
- *                  memory
- *
- * \param transform SSL transform context
- */
-void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform );
-
-/**
- * \brief           Free referenced items in an SSL handshake context and clear
- *                  memory
- *
- * \param ssl       SSL context
- */
-void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl );
-
-int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl );
-int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl );
-void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl );
-
-int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl );
-
-void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl );
-int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl );
-
-int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl );
-int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl );
-void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl );
-
-/**
- * \brief       Update record layer
- *
- *              This function roughly separates the implementation
- *              of the logic of (D)TLS from the implementation
- *              of the secure transport.
- *
- * \param  ssl              The SSL context to use.
- * \param  update_hs_digest This indicates if the handshake digest
- *                          should be automatically updated in case
- *                          a handshake message is found.
- *
- * \return      0 or non-zero error code.
- *
- * \note        A clarification on what is called 'record layer' here
- *              is in order, as many sensible definitions are possible:
- *
- *              The record layer takes as input an untrusted underlying
- *              transport (stream or datagram) and transforms it into
- *              a serially multiplexed, secure transport, which
- *              conceptually provides the following:
- *
- *              (1) Three datagram based, content-agnostic transports
- *                  for handshake, alert and CCS messages.
- *              (2) One stream- or datagram-based transport
- *                  for application data.
- *              (3) Functionality for changing the underlying transform
- *                  securing the contents.
- *
- *              The interface to this functionality is given as follows:
- *
- *              a Updating
- *                [Currently implemented by mbedtls_ssl_read_record]
- *
- *                Check if and on which of the four 'ports' data is pending:
- *                Nothing, a controlling datagram of type (1), or application
- *                data (2). In any case data is present, internal buffers
- *                provide access to the data for the user to process it.
- *                Consumption of type (1) datagrams is done automatically
- *                on the next update, invalidating that the internal buffers
- *                for previous datagrams, while consumption of application
- *                data (2) is user-controlled.
- *
- *              b Reading of application data
- *                [Currently manual adaption of ssl->in_offt pointer]
- *
- *                As mentioned in the last paragraph, consumption of data
- *                is different from the automatic consumption of control
- *                datagrams (1) because application data is treated as a stream.
- *
- *              c Tracking availability of application data
- *                [Currently manually through decreasing ssl->in_msglen]
- *
- *                For efficiency and to retain datagram semantics for
- *                application data in case of DTLS, the record layer
- *                provides functionality for checking how much application
- *                data is still available in the internal buffer.
- *
- *              d Changing the transformation securing the communication.
- *
- *              Given an opaque implementation of the record layer in the
- *              above sense, it should be possible to implement the logic
- *              of (D)TLS on top of it without the need to know anything
- *              about the record layer's internals. This is done e.g.
- *              in all the handshake handling functions, and in the
- *              application data reading function mbedtls_ssl_read.
- *
- * \note        The above tries to give a conceptual picture of the
- *              record layer, but the current implementation deviates
- *              from it in some places. For example, our implementation of
- *              the update functionality through mbedtls_ssl_read_record
- *              discards datagrams depending on the current state, which
- *              wouldn't fall under the record layer's responsibility
- *              following the above definition.
- *
- */
-int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl,
-                             unsigned update_hs_digest );
-int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want );
-
-int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl );
-int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush );
-int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl );
-
-int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl );
-int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl );
-
-int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl );
-int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl );
-
-int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl );
-int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl );
-
-void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl,
-                            const mbedtls_ssl_ciphersuite_t *ciphersuite_info );
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex );
-
-/**
- * Get the first defined PSK by order of precedence:
- * 1. handshake PSK set by \c mbedtls_ssl_set_hs_psk() in the PSK callback
- * 2. static PSK configured by \c mbedtls_ssl_conf_psk()
- * Return a code and update the pair (PSK, PSK length) passed to this function
- */
-static inline int mbedtls_ssl_get_psk( const mbedtls_ssl_context *ssl,
-    const unsigned char **psk, size_t *psk_len )
-{
-    if( ssl->handshake->psk != NULL && ssl->handshake->psk_len > 0 )
-    {
-        *psk = ssl->handshake->psk;
-        *psk_len = ssl->handshake->psk_len;
-    }
-
-    else if( ssl->conf->psk != NULL && ssl->conf->psk_len > 0 )
-    {
-        *psk = ssl->conf->psk;
-        *psk_len = ssl->conf->psk_len;
-    }
-
-    else
-    {
-        *psk = NULL;
-        *psk_len = 0;
-        return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED );
-    }
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-/**
- * Get the first defined opaque PSK by order of precedence:
- * 1. handshake PSK set by \c mbedtls_ssl_set_hs_psk_opaque() in the PSK
- *    callback
- * 2. static PSK configured by \c mbedtls_ssl_conf_psk_opaque()
- * Return an opaque PSK
- */
-static inline psa_key_id_t mbedtls_ssl_get_opaque_psk(
-    const mbedtls_ssl_context *ssl )
-{
-    if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) )
-        return( ssl->handshake->psk_opaque );
-
-    if( ! mbedtls_svc_key_id_is_null( ssl->conf->psk_opaque ) )
-        return( ssl->conf->psk_opaque );
-
-    return( MBEDTLS_SVC_KEY_ID_INIT );
-}
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-
-#if defined(MBEDTLS_PK_C)
-unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk );
-unsigned char mbedtls_ssl_sig_from_pk_alg( mbedtls_pk_type_t type );
-mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig );
-#endif
-
-mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash );
-unsigned char mbedtls_ssl_hash_from_md_alg( int md );
-int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md );
-
-#if defined(MBEDTLS_ECP_C)
-int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id );
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl,
-                                mbedtls_md_type_t md );
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_SRTP)
-static inline mbedtls_ssl_srtp_profile mbedtls_ssl_check_srtp_profile_value
-                                                    ( const uint16_t srtp_profile_value )
-{
-    switch( srtp_profile_value )
-    {
-        case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80:
-        case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32:
-        case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80:
-        case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32:
-            return srtp_profile_value;
-        default: break;
-    }
-    return( MBEDTLS_TLS_SRTP_UNSET );
-}
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-static inline mbedtls_pk_context *mbedtls_ssl_own_key( mbedtls_ssl_context *ssl )
-{
-    mbedtls_ssl_key_cert *key_cert;
-
-    if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL )
-        key_cert = ssl->handshake->key_cert;
-    else
-        key_cert = ssl->conf->key_cert;
-
-    return( key_cert == NULL ? NULL : key_cert->key );
-}
-
-static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl )
-{
-    mbedtls_ssl_key_cert *key_cert;
-
-    if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL )
-        key_cert = ssl->handshake->key_cert;
-    else
-        key_cert = ssl->conf->key_cert;
-
-    return( key_cert == NULL ? NULL : key_cert->cert );
-}
-
-/*
- * Check usage of a certificate wrt extensions:
- * keyUsage, extendedKeyUsage (later), and nSCertType (later).
- *
- * Warning: cert_endpoint is the endpoint of the cert (ie, of our peer when we
- * check a cert we received from them)!
- *
- * Return 0 if everything is OK, -1 if not.
- */
-int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
-                          const mbedtls_ssl_ciphersuite_t *ciphersuite,
-                          int cert_endpoint,
-                          uint32_t *flags );
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-void mbedtls_ssl_write_version( int major, int minor, int transport,
-                        unsigned char ver[2] );
-void mbedtls_ssl_read_version( int *major, int *minor, int transport,
-                       const unsigned char ver[2] );
-
-static inline size_t mbedtls_ssl_in_hdr_len( const mbedtls_ssl_context *ssl )
-{
-#if !defined(MBEDTLS_SSL_PROTO_DTLS)
-    ((void) ssl);
-#endif
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        return( 13 );
-    }
-    else
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-    {
-        return( 5 );
-    }
-}
-
-static inline size_t mbedtls_ssl_out_hdr_len( const mbedtls_ssl_context *ssl )
-{
-    return( (size_t) ( ssl->out_iv - ssl->out_hdr ) );
-}
-
-static inline size_t mbedtls_ssl_hs_hdr_len( const mbedtls_ssl_context *ssl )
-{
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        return( 12 );
-#else
-    ((void) ssl);
-#endif
-    return( 4 );
-}
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl );
-void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl );
-int mbedtls_ssl_resend( mbedtls_ssl_context *ssl );
-int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl );
-#endif
-
-/* Visible for testing purposes only */
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context const *ssl );
-void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl );
-#endif
-
-int mbedtls_ssl_session_copy( mbedtls_ssl_session *dst,
-                              const mbedtls_ssl_session *src );
-
-/* constant-time buffer comparison */
-static inline int mbedtls_ssl_safer_memcmp( const void *a, const void *b, size_t n )
-{
-    size_t i;
-    volatile const unsigned char *A = (volatile const unsigned char *) a;
-    volatile const unsigned char *B = (volatile const unsigned char *) b;
-    volatile unsigned char diff = 0;
-
-    for( i = 0; i < n; i++ )
-    {
-        /* Read volatile data in order before computing diff.
-         * This avoids IAR compiler warning:
-         * 'the order of volatile accesses is undefined ..' */
-        unsigned char x = A[i], y = B[i];
-        diff |= x ^ y;
-    }
-
-    return( diff );
-}
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_1)
-int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl,
-                                        unsigned char *output,
-                                        unsigned char *data, size_t data_len );
-#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
-          MBEDTLS_SSL_PROTO_TLS1_1 */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_2)
-/* The hash buffer must have at least MBEDTLS_MD_MAX_SIZE bytes of length. */
-int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
-                                            unsigned char *hash, size_t *hashlen,
-                                            unsigned char *data, size_t data_len,
-                                            mbedtls_md_type_t md_alg );
-#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
-          MBEDTLS_SSL_PROTO_TLS1_2 */
-
-#ifdef __cplusplus
-}
-#endif
-
-void mbedtls_ssl_transform_init( mbedtls_ssl_transform *transform );
-int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
-                             mbedtls_ssl_transform *transform,
-                             mbedtls_record *rec,
-                             int (*f_rng)(void *, unsigned char *, size_t),
-                             void *p_rng );
-int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
-                             mbedtls_ssl_transform *transform,
-                             mbedtls_record *rec );
-
-/* Length of the "epoch" field in the record header */
-static inline size_t mbedtls_ssl_ep_len( const mbedtls_ssl_context *ssl )
-{
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        return( 2 );
-#else
-    ((void) ssl);
-#endif
-    return( 0 );
-}
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-int mbedtls_ssl_resend_hello_request( mbedtls_ssl_context *ssl );
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-void mbedtls_ssl_set_timer( mbedtls_ssl_context *ssl, uint32_t millisecs );
-int mbedtls_ssl_check_timer( mbedtls_ssl_context *ssl );
-
-void mbedtls_ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl );
-void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context *ssl,
-                              mbedtls_ssl_transform *transform );
-void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context *ssl );
-
-int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial );
-
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-void mbedtls_ssl_dtls_replay_reset( mbedtls_ssl_context *ssl );
-#endif
-
-void mbedtls_ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl );
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-int mbedtls_ssl_start_renegotiation( mbedtls_ssl_context *ssl );
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-size_t mbedtls_ssl_get_current_mtu( const mbedtls_ssl_context *ssl );
-void mbedtls_ssl_buffering_free( mbedtls_ssl_context *ssl );
-void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight );
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-#endif /* ssl_internal.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/ssl_ticket.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/ssl_ticket.h
deleted file mode 100644
index bf5fc97..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/ssl_ticket.h
+++ /dev/null
@@ -1,140 +0,0 @@
-/**
- * \file ssl_ticket.h
- *
- * \brief TLS server ticket callbacks implementation
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_SSL_TICKET_H
-#define MBEDTLS_SSL_TICKET_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-/*
- * This implementation of the session ticket callbacks includes key
- * management, rotating the keys periodically in order to preserve forward
- * secrecy, when MBEDTLS_HAVE_TIME is defined.
- */
-
-#include "mbedtls/ssl.h"
-#include "mbedtls/cipher.h"
-
-#if defined(MBEDTLS_THREADING_C)
-#include "mbedtls/threading.h"
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief   Information for session ticket protection
- */
-typedef struct mbedtls_ssl_ticket_key
-{
-    unsigned char name[4];          /*!< random key identifier              */
-    uint32_t generation_time;       /*!< key generation timestamp (seconds) */
-    mbedtls_cipher_context_t ctx;   /*!< context for auth enc/decryption    */
-}
-mbedtls_ssl_ticket_key;
-
-/**
- * \brief   Context for session ticket handling functions
- */
-typedef struct mbedtls_ssl_ticket_context
-{
-    mbedtls_ssl_ticket_key keys[2]; /*!< ticket protection keys             */
-    unsigned char active;           /*!< index of the currently active key  */
-
-    uint32_t ticket_lifetime;       /*!< lifetime of tickets in seconds     */
-
-    /** Callback for getting (pseudo-)random numbers                        */
-    int  (*f_rng)(void *, unsigned char *, size_t);
-    void *p_rng;                    /*!< context for the RNG function       */
-
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_threading_mutex_t mutex;
-#endif
-}
-mbedtls_ssl_ticket_context;
-
-/**
- * \brief           Initialize a ticket context.
- *                  (Just make it ready for mbedtls_ssl_ticket_setup()
- *                  or mbedtls_ssl_ticket_free().)
- *
- * \param ctx       Context to be initialized
- */
-void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx );
-
-/**
- * \brief           Prepare context to be actually used
- *
- * \param ctx       Context to be set up
- * \param f_rng     RNG callback function
- * \param p_rng     RNG callback context
- * \param cipher    AEAD cipher to use for ticket protection.
- *                  Recommended value: MBEDTLS_CIPHER_AES_256_GCM.
- * \param lifetime  Tickets lifetime in seconds
- *                  Recommended value: 86400 (one day).
- *
- * \note            It is highly recommended to select a cipher that is at
- *                  least as strong as the the strongest ciphersuite
- *                  supported. Usually that means a 256-bit key.
- *
- * \note            The lifetime of the keys is twice the lifetime of tickets.
- *                  It is recommended to pick a reasonnable lifetime so as not
- *                  to negate the benefits of forward secrecy.
- *
- * \return          0 if successful,
- *                  or a specific MBEDTLS_ERR_XXX error code
- */
-int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
-    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-    mbedtls_cipher_type_t cipher,
-    uint32_t lifetime );
-
-/**
- * \brief           Implementation of the ticket write callback
- *
- * \note            See \c mbedtls_ssl_ticket_write_t for description
- */
-mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write;
-
-/**
- * \brief           Implementation of the ticket parse callback
- *
- * \note            See \c mbedtls_ssl_ticket_parse_t for description
- */
-mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse;
-
-/**
- * \brief           Free a context's content and zeroize it.
- *
- * \param ctx       Context to be cleaned up
- */
-void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx );
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* ssl_ticket.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/threading.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/threading.h
deleted file mode 100644
index 8baf15a..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/threading.h
+++ /dev/null
@@ -1,120 +0,0 @@
-/**
- * \file threading.h
- *
- * \brief Threading abstraction layer
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_THREADING_H
-#define MBEDTLS_THREADING_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stdlib.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE is deprecated and should not be
- * used. */
-#define MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE         -0x001A  /**< The selected feature is not available. */
-
-#define MBEDTLS_ERR_THREADING_BAD_INPUT_DATA              -0x001C  /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_THREADING_MUTEX_ERROR                 -0x001E  /**< Locking / unlocking / free failed with error code. */
-
-#if defined(MBEDTLS_THREADING_PTHREAD)
-#include <pthread.h>
-typedef struct mbedtls_threading_mutex_t
-{
-    pthread_mutex_t mutex;
-    char is_valid;
-} mbedtls_threading_mutex_t;
-#endif
-
-#if defined(MBEDTLS_THREADING_ALT)
-/* You should define the mbedtls_threading_mutex_t type in your header */
-#include "threading_alt.h"
-
-/**
- * \brief           Set your alternate threading implementation function
- *                  pointers and initialize global mutexes. If used, this
- *                  function must be called once in the main thread before any
- *                  other mbed TLS function is called, and
- *                  mbedtls_threading_free_alt() must be called once in the main
- *                  thread after all other mbed TLS functions.
- *
- * \note            mutex_init() and mutex_free() don't return a status code.
- *                  If mutex_init() fails, it should leave its argument (the
- *                  mutex) in a state such that mutex_lock() will fail when
- *                  called with this argument.
- *
- * \param mutex_init    the init function implementation
- * \param mutex_free    the free function implementation
- * \param mutex_lock    the lock function implementation
- * \param mutex_unlock  the unlock function implementation
- */
-void mbedtls_threading_set_alt( void (*mutex_init)( mbedtls_threading_mutex_t * ),
-                       void (*mutex_free)( mbedtls_threading_mutex_t * ),
-                       int (*mutex_lock)( mbedtls_threading_mutex_t * ),
-                       int (*mutex_unlock)( mbedtls_threading_mutex_t * ) );
-
-/**
- * \brief               Free global mutexes.
- */
-void mbedtls_threading_free_alt( void );
-#endif /* MBEDTLS_THREADING_ALT */
-
-#if defined(MBEDTLS_THREADING_C)
-/*
- * The function pointers for mutex_init, mutex_free, mutex_ and mutex_unlock
- *
- * All these functions are expected to work or the result will be undefined.
- */
-extern void (*mbedtls_mutex_init)( mbedtls_threading_mutex_t *mutex );
-extern void (*mbedtls_mutex_free)( mbedtls_threading_mutex_t *mutex );
-extern int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t *mutex );
-extern int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t *mutex );
-
-/*
- * Global mutexes
- */
-#if defined(MBEDTLS_FS_IO)
-extern mbedtls_threading_mutex_t mbedtls_threading_readdir_mutex;
-#endif
-
-#if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_PLATFORM_GMTIME_R_ALT)
-/* This mutex may or may not be used in the default definition of
- * mbedtls_platform_gmtime_r(), but in order to determine that,
- * we need to check POSIX features, hence modify _POSIX_C_SOURCE.
- * With the current approach, this declaration is orphaned, lacking
- * an accompanying definition, in case mbedtls_platform_gmtime_r()
- * doesn't need it, but that's not a problem. */
-extern mbedtls_threading_mutex_t mbedtls_threading_gmtime_mutex;
-#endif /* MBEDTLS_HAVE_TIME_DATE && !MBEDTLS_PLATFORM_GMTIME_R_ALT */
-
-#endif /* MBEDTLS_THREADING_C */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* threading.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/version.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/version.h
deleted file mode 100644
index 10c4316..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/version.h
+++ /dev/null
@@ -1,110 +0,0 @@
-/**
- * \file version.h
- *
- * \brief Run-time version information
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- * This set of compile-time defines and run-time variables can be used to
- * determine the version number of the mbed TLS library used.
- */
-#ifndef MBEDTLS_VERSION_H
-#define MBEDTLS_VERSION_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-/**
- * The version number x.y.z is split into three parts.
- * Major, Minor, Patchlevel
- */
-#define MBEDTLS_VERSION_MAJOR  2
-#define MBEDTLS_VERSION_MINOR  25
-#define MBEDTLS_VERSION_PATCH  0
-
-/**
- * The single version number has the following structure:
- *    MMNNPP00
- *    Major version | Minor version | Patch version
- */
-#define MBEDTLS_VERSION_NUMBER         0x02190000
-#define MBEDTLS_VERSION_STRING         "2.25.0"
-#define MBEDTLS_VERSION_STRING_FULL    "mbed TLS 2.25.0"
-
-#if defined(MBEDTLS_VERSION_C)
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * Get the version number.
- *
- * \return          The constructed version number in the format
- *                  MMNNPP00 (Major, Minor, Patch).
- */
-unsigned int mbedtls_version_get_number( void );
-
-/**
- * Get the version string ("x.y.z").
- *
- * \param string    The string that will receive the value.
- *                  (Should be at least 9 bytes in size)
- */
-void mbedtls_version_get_string( char *string );
-
-/**
- * Get the full version string ("mbed TLS x.y.z").
- *
- * \param string    The string that will receive the value. The mbed TLS version
- *                  string will use 18 bytes AT MOST including a terminating
- *                  null byte.
- *                  (So the buffer should be at least 18 bytes to receive this
- *                  version string).
- */
-void mbedtls_version_get_string_full( char *string );
-
-/**
- * \brief           Check if support for a feature was compiled into this
- *                  mbed TLS binary. This allows you to see at runtime if the
- *                  library was for instance compiled with or without
- *                  Multi-threading support.
- *
- * \note            only checks against defines in the sections "System
- *                  support", "mbed TLS modules" and "mbed TLS feature
- *                  support" in config.h
- *
- * \param feature   The string for the define to check (e.g. "MBEDTLS_AES_C")
- *
- * \return          0 if the feature is present,
- *                  -1 if the feature is not present and
- *                  -2 if support for feature checking as a whole was not
- *                  compiled in.
- */
-int mbedtls_version_check_feature( const char *feature );
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* MBEDTLS_VERSION_C */
-
-#endif /* version.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/x509.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/x509.h
deleted file mode 100644
index 08525e2..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/x509.h
+++ /dev/null
@@ -1,359 +0,0 @@
-/**
- * \file x509.h
- *
- * \brief X.509 generic defines and structures
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_X509_H
-#define MBEDTLS_X509_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/asn1.h"
-#include "mbedtls/pk.h"
-
-#if defined(MBEDTLS_RSA_C)
-#include "mbedtls/rsa.h"
-#endif
-
-/**
- * \addtogroup x509_module
- * \{
- */
-
-#if !defined(MBEDTLS_X509_MAX_INTERMEDIATE_CA)
-/**
- * Maximum number of intermediate CAs in a verification chain.
- * That is, maximum length of the chain, excluding the end-entity certificate
- * and the trusted root certificate.
- *
- * Set this to a low value to prevent an adversary from making you waste
- * resources verifying an overlong certificate chain.
- */
-#define MBEDTLS_X509_MAX_INTERMEDIATE_CA   8
-#endif
-
-/**
- * \name X509 Error codes
- * \{
- */
-#define MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE              -0x2080  /**< Unavailable feature, e.g. RSA hashing/encryption combination. */
-#define MBEDTLS_ERR_X509_UNKNOWN_OID                      -0x2100  /**< Requested OID is unknown. */
-#define MBEDTLS_ERR_X509_INVALID_FORMAT                   -0x2180  /**< The CRT/CRL/CSR format is invalid, e.g. different type expected. */
-#define MBEDTLS_ERR_X509_INVALID_VERSION                  -0x2200  /**< The CRT/CRL/CSR version element is invalid. */
-#define MBEDTLS_ERR_X509_INVALID_SERIAL                   -0x2280  /**< The serial tag or value is invalid. */
-#define MBEDTLS_ERR_X509_INVALID_ALG                      -0x2300  /**< The algorithm tag or value is invalid. */
-#define MBEDTLS_ERR_X509_INVALID_NAME                     -0x2380  /**< The name tag or value is invalid. */
-#define MBEDTLS_ERR_X509_INVALID_DATE                     -0x2400  /**< The date tag or value is invalid. */
-#define MBEDTLS_ERR_X509_INVALID_SIGNATURE                -0x2480  /**< The signature tag or value invalid. */
-#define MBEDTLS_ERR_X509_INVALID_EXTENSIONS               -0x2500  /**< The extension tag or value is invalid. */
-#define MBEDTLS_ERR_X509_UNKNOWN_VERSION                  -0x2580  /**< CRT/CRL/CSR has an unsupported version number. */
-#define MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG                  -0x2600  /**< Signature algorithm (oid) is unsupported. */
-#define MBEDTLS_ERR_X509_SIG_MISMATCH                     -0x2680  /**< Signature algorithms do not match. (see \c ::mbedtls_x509_crt sig_oid) */
-#define MBEDTLS_ERR_X509_CERT_VERIFY_FAILED               -0x2700  /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */
-#define MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT              -0x2780  /**< Format not recognized as DER or PEM. */
-#define MBEDTLS_ERR_X509_BAD_INPUT_DATA                   -0x2800  /**< Input invalid. */
-#define MBEDTLS_ERR_X509_ALLOC_FAILED                     -0x2880  /**< Allocation of memory failed. */
-#define MBEDTLS_ERR_X509_FILE_IO_ERROR                    -0x2900  /**< Read/write of file failed. */
-#define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL                 -0x2980  /**< Destination buffer is too small. */
-#define MBEDTLS_ERR_X509_FATAL_ERROR                      -0x3000  /**< A fatal error occurred, eg the chain is too long or the vrfy callback failed. */
-/* \} name */
-
-/**
- * \name X509 Verify codes
- * \{
- */
-/* Reminder: update x509_crt_verify_strings[] in library/x509_crt.c */
-#define MBEDTLS_X509_BADCERT_EXPIRED             0x01  /**< The certificate validity has expired. */
-#define MBEDTLS_X509_BADCERT_REVOKED             0x02  /**< The certificate has been revoked (is on a CRL). */
-#define MBEDTLS_X509_BADCERT_CN_MISMATCH         0x04  /**< The certificate Common Name (CN) does not match with the expected CN. */
-#define MBEDTLS_X509_BADCERT_NOT_TRUSTED         0x08  /**< The certificate is not correctly signed by the trusted CA. */
-#define MBEDTLS_X509_BADCRL_NOT_TRUSTED          0x10  /**< The CRL is not correctly signed by the trusted CA. */
-#define MBEDTLS_X509_BADCRL_EXPIRED              0x20  /**< The CRL is expired. */
-#define MBEDTLS_X509_BADCERT_MISSING             0x40  /**< Certificate was missing. */
-#define MBEDTLS_X509_BADCERT_SKIP_VERIFY         0x80  /**< Certificate verification was skipped. */
-#define MBEDTLS_X509_BADCERT_OTHER             0x0100  /**< Other reason (can be used by verify callback) */
-#define MBEDTLS_X509_BADCERT_FUTURE            0x0200  /**< The certificate validity starts in the future. */
-#define MBEDTLS_X509_BADCRL_FUTURE             0x0400  /**< The CRL is from the future */
-#define MBEDTLS_X509_BADCERT_KEY_USAGE         0x0800  /**< Usage does not match the keyUsage extension. */
-#define MBEDTLS_X509_BADCERT_EXT_KEY_USAGE     0x1000  /**< Usage does not match the extendedKeyUsage extension. */
-#define MBEDTLS_X509_BADCERT_NS_CERT_TYPE      0x2000  /**< Usage does not match the nsCertType extension. */
-#define MBEDTLS_X509_BADCERT_BAD_MD            0x4000  /**< The certificate is signed with an unacceptable hash. */
-#define MBEDTLS_X509_BADCERT_BAD_PK            0x8000  /**< The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA). */
-#define MBEDTLS_X509_BADCERT_BAD_KEY         0x010000  /**< The certificate is signed with an unacceptable key (eg bad curve, RSA too short). */
-#define MBEDTLS_X509_BADCRL_BAD_MD           0x020000  /**< The CRL is signed with an unacceptable hash. */
-#define MBEDTLS_X509_BADCRL_BAD_PK           0x040000  /**< The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA). */
-#define MBEDTLS_X509_BADCRL_BAD_KEY          0x080000  /**< The CRL is signed with an unacceptable key (eg bad curve, RSA too short). */
-
-/* \} name */
-/* \} addtogroup x509_module */
-
-/*
- * X.509 v3 Subject Alternative Name types.
- *      otherName                       [0]     OtherName,
- *      rfc822Name                      [1]     IA5String,
- *      dNSName                         [2]     IA5String,
- *      x400Address                     [3]     ORAddress,
- *      directoryName                   [4]     Name,
- *      ediPartyName                    [5]     EDIPartyName,
- *      uniformResourceIdentifier       [6]     IA5String,
- *      iPAddress                       [7]     OCTET STRING,
- *      registeredID                    [8]     OBJECT IDENTIFIER
- */
-#define MBEDTLS_X509_SAN_OTHER_NAME                      0
-#define MBEDTLS_X509_SAN_RFC822_NAME                     1
-#define MBEDTLS_X509_SAN_DNS_NAME                        2
-#define MBEDTLS_X509_SAN_X400_ADDRESS_NAME               3
-#define MBEDTLS_X509_SAN_DIRECTORY_NAME                  4
-#define MBEDTLS_X509_SAN_EDI_PARTY_NAME                  5
-#define MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER     6
-#define MBEDTLS_X509_SAN_IP_ADDRESS                      7
-#define MBEDTLS_X509_SAN_REGISTERED_ID                   8
-
-/*
- * X.509 v3 Key Usage Extension flags
- * Reminder: update x509_info_key_usage() when adding new flags.
- */
-#define MBEDTLS_X509_KU_DIGITAL_SIGNATURE            (0x80)  /* bit 0 */
-#define MBEDTLS_X509_KU_NON_REPUDIATION              (0x40)  /* bit 1 */
-#define MBEDTLS_X509_KU_KEY_ENCIPHERMENT             (0x20)  /* bit 2 */
-#define MBEDTLS_X509_KU_DATA_ENCIPHERMENT            (0x10)  /* bit 3 */
-#define MBEDTLS_X509_KU_KEY_AGREEMENT                (0x08)  /* bit 4 */
-#define MBEDTLS_X509_KU_KEY_CERT_SIGN                (0x04)  /* bit 5 */
-#define MBEDTLS_X509_KU_CRL_SIGN                     (0x02)  /* bit 6 */
-#define MBEDTLS_X509_KU_ENCIPHER_ONLY                (0x01)  /* bit 7 */
-#define MBEDTLS_X509_KU_DECIPHER_ONLY              (0x8000)  /* bit 8 */
-
-/*
- * Netscape certificate types
- * (http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn3.html)
- */
-
-#define MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT         (0x80)  /* bit 0 */
-#define MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER         (0x40)  /* bit 1 */
-#define MBEDTLS_X509_NS_CERT_TYPE_EMAIL              (0x20)  /* bit 2 */
-#define MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING     (0x10)  /* bit 3 */
-#define MBEDTLS_X509_NS_CERT_TYPE_RESERVED           (0x08)  /* bit 4 */
-#define MBEDTLS_X509_NS_CERT_TYPE_SSL_CA             (0x04)  /* bit 5 */
-#define MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA           (0x02)  /* bit 6 */
-#define MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA  (0x01)  /* bit 7 */
-
-/*
- * X.509 extension types
- *
- * Comments refer to the status for using certificates. Status can be
- * different for writing certificates or reading CRLs or CSRs.
- *
- * Those are defined in oid.h as oid.c needs them in a data structure. Since
- * these were previously defined here, let's have aliases for compatibility.
- */
-#define MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER MBEDTLS_OID_X509_EXT_AUTHORITY_KEY_IDENTIFIER
-#define MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER   MBEDTLS_OID_X509_EXT_SUBJECT_KEY_IDENTIFIER
-#define MBEDTLS_X509_EXT_KEY_USAGE                MBEDTLS_OID_X509_EXT_KEY_USAGE
-#define MBEDTLS_X509_EXT_CERTIFICATE_POLICIES     MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES
-#define MBEDTLS_X509_EXT_POLICY_MAPPINGS          MBEDTLS_OID_X509_EXT_POLICY_MAPPINGS
-#define MBEDTLS_X509_EXT_SUBJECT_ALT_NAME         MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME         /* Supported (DNS) */
-#define MBEDTLS_X509_EXT_ISSUER_ALT_NAME          MBEDTLS_OID_X509_EXT_ISSUER_ALT_NAME
-#define MBEDTLS_X509_EXT_SUBJECT_DIRECTORY_ATTRS  MBEDTLS_OID_X509_EXT_SUBJECT_DIRECTORY_ATTRS
-#define MBEDTLS_X509_EXT_BASIC_CONSTRAINTS        MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS        /* Supported */
-#define MBEDTLS_X509_EXT_NAME_CONSTRAINTS         MBEDTLS_OID_X509_EXT_NAME_CONSTRAINTS
-#define MBEDTLS_X509_EXT_POLICY_CONSTRAINTS       MBEDTLS_OID_X509_EXT_POLICY_CONSTRAINTS
-#define MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE       MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE
-#define MBEDTLS_X509_EXT_CRL_DISTRIBUTION_POINTS  MBEDTLS_OID_X509_EXT_CRL_DISTRIBUTION_POINTS
-#define MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY       MBEDTLS_OID_X509_EXT_INIHIBIT_ANYPOLICY
-#define MBEDTLS_X509_EXT_FRESHEST_CRL             MBEDTLS_OID_X509_EXT_FRESHEST_CRL
-#define MBEDTLS_X509_EXT_NS_CERT_TYPE             MBEDTLS_OID_X509_EXT_NS_CERT_TYPE
-
-/*
- * Storage format identifiers
- * Recognized formats: PEM and DER
- */
-#define MBEDTLS_X509_FORMAT_DER                 1
-#define MBEDTLS_X509_FORMAT_PEM                 2
-
-#define MBEDTLS_X509_MAX_DN_NAME_SIZE         256 /**< Maximum value size of a DN entry */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \addtogroup x509_module
- * \{ */
-
-/**
- * \name Structures for parsing X.509 certificates, CRLs and CSRs
- * \{
- */
-
-/**
- * Type-length-value structure that allows for ASN1 using DER.
- */
-typedef mbedtls_asn1_buf mbedtls_x509_buf;
-
-/**
- * Container for ASN1 bit strings.
- */
-typedef mbedtls_asn1_bitstring mbedtls_x509_bitstring;
-
-/**
- * Container for ASN1 named information objects.
- * It allows for Relative Distinguished Names (e.g. cn=localhost,ou=code,etc.).
- */
-typedef mbedtls_asn1_named_data mbedtls_x509_name;
-
-/**
- * Container for a sequence of ASN.1 items
- */
-typedef mbedtls_asn1_sequence mbedtls_x509_sequence;
-
-/** Container for date and time (precision in seconds). */
-typedef struct mbedtls_x509_time
-{
-    int year, mon, day;         /**< Date. */
-    int hour, min, sec;         /**< Time. */
-}
-mbedtls_x509_time;
-
-/** \} name Structures for parsing X.509 certificates, CRLs and CSRs */
-/** \} addtogroup x509_module */
-
-/**
- * \brief          Store the certificate DN in printable form into buf;
- *                 no more than size characters will be written.
- *
- * \param buf      Buffer to write to
- * \param size     Maximum size of buffer
- * \param dn       The X509 name to represent
- *
- * \return         The length of the string written (not including the
- *                 terminated nul byte), or a negative error code.
- */
-int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn );
-
-/**
- * \brief          Store the certificate serial in printable form into buf;
- *                 no more than size characters will be written.
- *
- * \param buf      Buffer to write to
- * \param size     Maximum size of buffer
- * \param serial   The X509 serial to represent
- *
- * \return         The length of the string written (not including the
- *                 terminated nul byte), or a negative error code.
- */
-int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial );
-
-/**
- * \brief          Check a given mbedtls_x509_time against the system time
- *                 and tell if it's in the past.
- *
- * \note           Intended usage is "if( is_past( valid_to ) ) ERROR".
- *                 Hence the return value of 1 if on internal errors.
- *
- * \param to       mbedtls_x509_time to check
- *
- * \return         1 if the given time is in the past or an error occurred,
- *                 0 otherwise.
- */
-int mbedtls_x509_time_is_past( const mbedtls_x509_time *to );
-
-/**
- * \brief          Check a given mbedtls_x509_time against the system time
- *                 and tell if it's in the future.
- *
- * \note           Intended usage is "if( is_future( valid_from ) ) ERROR".
- *                 Hence the return value of 1 if on internal errors.
- *
- * \param from     mbedtls_x509_time to check
- *
- * \return         1 if the given time is in the future or an error occurred,
- *                 0 otherwise.
- */
-int mbedtls_x509_time_is_future( const mbedtls_x509_time *from );
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/**
- * \brief          Checkup routine
- *
- * \return         0 if successful, or 1 if the test failed
- */
-int mbedtls_x509_self_test( int verbose );
-
-#endif /* MBEDTLS_SELF_TEST */
-
-/*
- * Internal module functions. You probably do not want to use these unless you
- * know you do.
- */
-int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end,
-                   mbedtls_x509_name *cur );
-int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end,
-                       mbedtls_x509_buf *alg );
-int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end,
-                  mbedtls_x509_buf *alg, mbedtls_x509_buf *params );
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
-int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params,
-                                mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md,
-                                int *salt_len );
-#endif
-int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig );
-int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
-                      mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg,
-                      void **sig_opts );
-int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end,
-                   mbedtls_x509_time *t );
-int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end,
-                     mbedtls_x509_buf *serial );
-int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end,
-                  mbedtls_x509_buf *ext, int tag );
-int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
-                       mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
-                       const void *sig_opts );
-int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name );
-int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name );
-int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,
-                        int critical, const unsigned char *val,
-                        size_t val_len );
-int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start,
-                           mbedtls_asn1_named_data *first );
-int mbedtls_x509_write_names( unsigned char **p, unsigned char *start,
-                      mbedtls_asn1_named_data *first );
-int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start,
-                    const char *oid, size_t oid_len,
-                    unsigned char *sig, size_t size );
-
-#define MBEDTLS_X509_SAFE_SNPRINTF                          \
-    do {                                                    \
-        if( ret < 0 || (size_t) ret >= n )                  \
-            return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL );    \
-                                                            \
-        n -= (size_t) ret;                                  \
-        p += (size_t) ret;                                  \
-    } while( 0 )
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* x509.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/x509_crl.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/x509_crl.h
deleted file mode 100644
index 7e9e888..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/x509_crl.h
+++ /dev/null
@@ -1,172 +0,0 @@
-/**
- * \file x509_crl.h
- *
- * \brief X.509 certificate revocation list parsing
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_X509_CRL_H
-#define MBEDTLS_X509_CRL_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/x509.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \addtogroup x509_module
- * \{ */
-
-/**
- * \name Structures and functions for parsing CRLs
- * \{
- */
-
-/**
- * Certificate revocation list entry.
- * Contains the CA-specific serial numbers and revocation dates.
- */
-typedef struct mbedtls_x509_crl_entry
-{
-    mbedtls_x509_buf raw;
-
-    mbedtls_x509_buf serial;
-
-    mbedtls_x509_time revocation_date;
-
-    mbedtls_x509_buf entry_ext;
-
-    struct mbedtls_x509_crl_entry *next;
-}
-mbedtls_x509_crl_entry;
-
-/**
- * Certificate revocation list structure.
- * Every CRL may have multiple entries.
- */
-typedef struct mbedtls_x509_crl
-{
-    mbedtls_x509_buf raw;           /**< The raw certificate data (DER). */
-    mbedtls_x509_buf tbs;           /**< The raw certificate body (DER). The part that is To Be Signed. */
-
-    int version;            /**< CRL version (1=v1, 2=v2) */
-    mbedtls_x509_buf sig_oid;       /**< CRL signature type identifier */
-
-    mbedtls_x509_buf issuer_raw;    /**< The raw issuer data (DER). */
-
-    mbedtls_x509_name issuer;       /**< The parsed issuer data (named information object). */
-
-    mbedtls_x509_time this_update;
-    mbedtls_x509_time next_update;
-
-    mbedtls_x509_crl_entry entry;   /**< The CRL entries containing the certificate revocation times for this CA. */
-
-    mbedtls_x509_buf crl_ext;
-
-    mbedtls_x509_buf sig_oid2;
-    mbedtls_x509_buf sig;
-    mbedtls_md_type_t sig_md;           /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
-    mbedtls_pk_type_t sig_pk;           /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
-    void *sig_opts;             /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
-
-    struct mbedtls_x509_crl *next;
-}
-mbedtls_x509_crl;
-
-/**
- * \brief          Parse a DER-encoded CRL and append it to the chained list
- *
- * \param chain    points to the start of the chain
- * \param buf      buffer holding the CRL data in DER format
- * \param buflen   size of the buffer
- *                 (including the terminating null byte for PEM data)
- *
- * \return         0 if successful, or a specific X509 or PEM error code
- */
-int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,
-                        const unsigned char *buf, size_t buflen );
-/**
- * \brief          Parse one or more CRLs and append them to the chained list
- *
- * \note           Multiple CRLs are accepted only if using PEM format
- *
- * \param chain    points to the start of the chain
- * \param buf      buffer holding the CRL data in PEM or DER format
- * \param buflen   size of the buffer
- *                 (including the terminating null byte for PEM data)
- *
- * \return         0 if successful, or a specific X509 or PEM error code
- */
-int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen );
-
-#if defined(MBEDTLS_FS_IO)
-/**
- * \brief          Load one or more CRLs and append them to the chained list
- *
- * \note           Multiple CRLs are accepted only if using PEM format
- *
- * \param chain    points to the start of the chain
- * \param path     filename to read the CRLs from (in PEM or DER encoding)
- *
- * \return         0 if successful, or a specific X509 or PEM error code
- */
-int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path );
-#endif /* MBEDTLS_FS_IO */
-
-/**
- * \brief          Returns an informational string about the CRL.
- *
- * \param buf      Buffer to write to
- * \param size     Maximum size of buffer
- * \param prefix   A line prefix
- * \param crl      The X509 CRL to represent
- *
- * \return         The length of the string written (not including the
- *                 terminated nul byte), or a negative error code.
- */
-int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix,
-                   const mbedtls_x509_crl *crl );
-
-/**
- * \brief          Initialize a CRL (chain)
- *
- * \param crl      CRL chain to initialize
- */
-void mbedtls_x509_crl_init( mbedtls_x509_crl *crl );
-
-/**
- * \brief          Unallocate all CRL data
- *
- * \param crl      CRL chain to free
- */
-void mbedtls_x509_crl_free( mbedtls_x509_crl *crl );
-
-/* \} name */
-/* \} addtogroup x509_module */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* mbedtls_x509_crl.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/x509_csr.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/x509_csr.h
deleted file mode 100644
index b1dfc21..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/x509_csr.h
+++ /dev/null
@@ -1,305 +0,0 @@
-/**
- * \file x509_csr.h
- *
- * \brief X.509 certificate signing request parsing and writing
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_X509_CSR_H
-#define MBEDTLS_X509_CSR_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/x509.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \addtogroup x509_module
- * \{ */
-
-/**
- * \name Structures and functions for X.509 Certificate Signing Requests (CSR)
- * \{
- */
-
-/**
- * Certificate Signing Request (CSR) structure.
- */
-typedef struct mbedtls_x509_csr
-{
-    mbedtls_x509_buf raw;           /**< The raw CSR data (DER). */
-    mbedtls_x509_buf cri;           /**< The raw CertificateRequestInfo body (DER). */
-
-    int version;            /**< CSR version (1=v1). */
-
-    mbedtls_x509_buf  subject_raw;  /**< The raw subject data (DER). */
-    mbedtls_x509_name subject;      /**< The parsed subject data (named information object). */
-
-    mbedtls_pk_context pk;          /**< Container for the public key context. */
-
-    mbedtls_x509_buf sig_oid;
-    mbedtls_x509_buf sig;
-    mbedtls_md_type_t sig_md;       /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
-    mbedtls_pk_type_t sig_pk;       /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
-    void *sig_opts;         /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
-}
-mbedtls_x509_csr;
-
-/**
- * Container for writing a CSR
- */
-typedef struct mbedtls_x509write_csr
-{
-    mbedtls_pk_context *key;
-    mbedtls_asn1_named_data *subject;
-    mbedtls_md_type_t md_alg;
-    mbedtls_asn1_named_data *extensions;
-}
-mbedtls_x509write_csr;
-
-#if defined(MBEDTLS_X509_CSR_PARSE_C)
-/**
- * \brief          Load a Certificate Signing Request (CSR) in DER format
- *
- * \note           CSR attributes (if any) are currently silently ignored.
- *
- * \param csr      CSR context to fill
- * \param buf      buffer holding the CRL data
- * \param buflen   size of the buffer
- *
- * \return         0 if successful, or a specific X509 error code
- */
-int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr,
-                        const unsigned char *buf, size_t buflen );
-
-/**
- * \brief          Load a Certificate Signing Request (CSR), DER or PEM format
- *
- * \note           See notes for \c mbedtls_x509_csr_parse_der()
- *
- * \param csr      CSR context to fill
- * \param buf      buffer holding the CRL data
- * \param buflen   size of the buffer
- *                 (including the terminating null byte for PEM data)
- *
- * \return         0 if successful, or a specific X509 or PEM error code
- */
-int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen );
-
-#if defined(MBEDTLS_FS_IO)
-/**
- * \brief          Load a Certificate Signing Request (CSR)
- *
- * \note           See notes for \c mbedtls_x509_csr_parse()
- *
- * \param csr      CSR context to fill
- * \param path     filename to read the CSR from
- *
- * \return         0 if successful, or a specific X509 or PEM error code
- */
-int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path );
-#endif /* MBEDTLS_FS_IO */
-
-/**
- * \brief          Returns an informational string about the
- *                 CSR.
- *
- * \param buf      Buffer to write to
- * \param size     Maximum size of buffer
- * \param prefix   A line prefix
- * \param csr      The X509 CSR to represent
- *
- * \return         The length of the string written (not including the
- *                 terminated nul byte), or a negative error code.
- */
-int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix,
-                   const mbedtls_x509_csr *csr );
-
-/**
- * \brief          Initialize a CSR
- *
- * \param csr      CSR to initialize
- */
-void mbedtls_x509_csr_init( mbedtls_x509_csr *csr );
-
-/**
- * \brief          Unallocate all CSR data
- *
- * \param csr      CSR to free
- */
-void mbedtls_x509_csr_free( mbedtls_x509_csr *csr );
-#endif /* MBEDTLS_X509_CSR_PARSE_C */
-
-/* \} name */
-/* \} addtogroup x509_module */
-
-#if defined(MBEDTLS_X509_CSR_WRITE_C)
-/**
- * \brief           Initialize a CSR context
- *
- * \param ctx       CSR context to initialize
- */
-void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx );
-
-/**
- * \brief           Set the subject name for a CSR
- *                  Subject names should contain a comma-separated list
- *                  of OID types and values:
- *                  e.g. "C=UK,O=ARM,CN=mbed TLS Server 1"
- *
- * \param ctx           CSR context to use
- * \param subject_name  subject name to set
- *
- * \return          0 if subject name was parsed successfully, or
- *                  a specific error code
- */
-int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx,
-                                    const char *subject_name );
-
-/**
- * \brief           Set the key for a CSR (public key will be included,
- *                  private key used to sign the CSR when writing it)
- *
- * \param ctx       CSR context to use
- * \param key       Asymetric key to include
- */
-void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key );
-
-/**
- * \brief           Set the MD algorithm to use for the signature
- *                  (e.g. MBEDTLS_MD_SHA1)
- *
- * \param ctx       CSR context to use
- * \param md_alg    MD algorithm to use
- */
-void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg );
-
-/**
- * \brief           Set the Key Usage Extension flags
- *                  (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN)
- *
- * \param ctx       CSR context to use
- * \param key_usage key usage flags to set
- *
- * \return          0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
- *
- * \note            The <code>decipherOnly</code> flag from the Key Usage
- *                  extension is represented by bit 8 (i.e.
- *                  <code>0x8000</code>), which cannot typically be represented
- *                  in an unsigned char. Therefore, the flag
- *                  <code>decipherOnly</code> (i.e.
- *                  #MBEDTLS_X509_KU_DECIPHER_ONLY) cannot be set using this
- *                  function.
- */
-int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage );
-
-/**
- * \brief           Set the Netscape Cert Type flags
- *                  (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL)
- *
- * \param ctx           CSR context to use
- * \param ns_cert_type  Netscape Cert Type flags to set
- *
- * \return          0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
- */
-int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx,
-                                    unsigned char ns_cert_type );
-
-/**
- * \brief           Generic function to add to or replace an extension in the
- *                  CSR
- *
- * \param ctx       CSR context to use
- * \param oid       OID of the extension
- * \param oid_len   length of the OID
- * \param val       value of the extension OCTET STRING
- * \param val_len   length of the value data
- *
- * \return          0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
- */
-int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx,
-                                 const char *oid, size_t oid_len,
-                                 const unsigned char *val, size_t val_len );
-
-/**
- * \brief           Free the contents of a CSR context
- *
- * \param ctx       CSR context to free
- */
-void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx );
-
-/**
- * \brief           Write a CSR (Certificate Signing Request) to a
- *                  DER structure
- *                  Note: data is written at the end of the buffer! Use the
- *                        return value to determine where you should start
- *                        using the buffer
- *
- * \param ctx       CSR to write away
- * \param buf       buffer to write to
- * \param size      size of the buffer
- * \param f_rng     RNG function (for signature, see note)
- * \param p_rng     RNG parameter
- *
- * \return          length of data written if successful, or a specific
- *                  error code
- *
- * \note            f_rng may be NULL if RSA is used for signature and the
- *                  signature is made offline (otherwise f_rng is desirable
- *                  for countermeasures against timing attacks).
- *                  ECDSA signatures always require a non-NULL f_rng.
- */
-int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
-                       int (*f_rng)(void *, unsigned char *, size_t),
-                       void *p_rng );
-
-#if defined(MBEDTLS_PEM_WRITE_C)
-/**
- * \brief           Write a CSR (Certificate Signing Request) to a
- *                  PEM string
- *
- * \param ctx       CSR to write away
- * \param buf       buffer to write to
- * \param size      size of the buffer
- * \param f_rng     RNG function (for signature, see note)
- * \param p_rng     RNG parameter
- *
- * \return          0 if successful, or a specific error code
- *
- * \note            f_rng may be NULL if RSA is used for signature and the
- *                  signature is made offline (otherwise f_rng is desirable
- *                  for countermeasures against timing attacks).
- *                  ECDSA signatures always require a non-NULL f_rng.
- */
-int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
-                       int (*f_rng)(void *, unsigned char *, size_t),
-                       void *p_rng );
-#endif /* MBEDTLS_PEM_WRITE_C */
-#endif /* MBEDTLS_X509_CSR_WRITE_C */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* mbedtls_x509_csr.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/xtea.h b/3rdparty/mbedtls-2.25.0/include/mbedtls/xtea.h
deleted file mode 100644
index 473dd4b..0000000
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/xtea.h
+++ /dev/null
@@ -1,137 +0,0 @@
-/**
- * \file xtea.h
- *
- * \brief XTEA block cipher (32-bit)
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_XTEA_H
-#define MBEDTLS_XTEA_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-#include <stdint.h>
-
-#define MBEDTLS_XTEA_ENCRYPT     1
-#define MBEDTLS_XTEA_DECRYPT     0
-
-#define MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH             -0x0028  /**< The data input has an invalid length. */
-
-/* MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED                  -0x0029  /**< XTEA hardware accelerator failed. */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if !defined(MBEDTLS_XTEA_ALT)
-// Regular implementation
-//
-
-/**
- * \brief          XTEA context structure
- */
-typedef struct mbedtls_xtea_context
-{
-    uint32_t k[4];       /*!< key */
-}
-mbedtls_xtea_context;
-
-#else  /* MBEDTLS_XTEA_ALT */
-#include "xtea_alt.h"
-#endif /* MBEDTLS_XTEA_ALT */
-
-/**
- * \brief          Initialize XTEA context
- *
- * \param ctx      XTEA context to be initialized
- */
-void mbedtls_xtea_init( mbedtls_xtea_context *ctx );
-
-/**
- * \brief          Clear XTEA context
- *
- * \param ctx      XTEA context to be cleared
- */
-void mbedtls_xtea_free( mbedtls_xtea_context *ctx );
-
-/**
- * \brief          XTEA key schedule
- *
- * \param ctx      XTEA context to be initialized
- * \param key      the secret key
- */
-void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] );
-
-/**
- * \brief          XTEA cipher function
- *
- * \param ctx      XTEA context
- * \param mode     MBEDTLS_XTEA_ENCRYPT or MBEDTLS_XTEA_DECRYPT
- * \param input    8-byte input block
- * \param output   8-byte output block
- *
- * \return         0 if successful
- */
-int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx,
-                    int mode,
-                    const unsigned char input[8],
-                    unsigned char output[8] );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-/**
- * \brief          XTEA CBC cipher function
- *
- * \param ctx      XTEA context
- * \param mode     MBEDTLS_XTEA_ENCRYPT or MBEDTLS_XTEA_DECRYPT
- * \param length   the length of input, multiple of 8
- * \param iv       initialization vector for CBC mode
- * \param input    input block
- * \param output   output block
- *
- * \return         0 if successful,
- *                 MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH if the length % 8 != 0
- */
-int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx,
-                    int mode,
-                    size_t length,
-                    unsigned char iv[8],
-                    const unsigned char *input,
-                    unsigned char *output);
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/**
- * \brief          Checkup routine
- *
- * \return         0 if successful, or 1 if the test failed
- */
-int mbedtls_xtea_self_test( int verbose );
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* xtea.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/psa/crypto_accel_driver.h b/3rdparty/mbedtls-2.25.0/include/psa/crypto_accel_driver.h
deleted file mode 100644
index 4488ea8..0000000
--- a/3rdparty/mbedtls-2.25.0/include/psa/crypto_accel_driver.h
+++ /dev/null
@@ -1,823 +0,0 @@
-/**
- * \file psa/crypto_accel_driver.h
- * \brief PSA cryptography accelerator driver module
- *
- * This header declares types and function signatures for cryptography
- * drivers that access key material directly. This is meant for
- * on-chip cryptography accelerators.
- *
- * This file is part of the PSA Crypto Driver Model, containing functions for
- * driver developers to implement to enable hardware to be called in a
- * standardized way by a PSA Cryptographic API implementation. The functions
- * comprising the driver model, which driver authors implement, are not
- * intended to be called by application developers.
- */
-
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef PSA_CRYPTO_ACCEL_DRIVER_H
-#define PSA_CRYPTO_ACCEL_DRIVER_H
-
-#include "crypto_driver_common.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/** \defgroup driver_digest Hardware-Accelerated Message Digests
- *
- * Generation and authentication of Message Digests (aka hashes) must be done
- * in parts using the following sequence:
- * - `psa_drv_hash_setup_t`
- * - `psa_drv_hash_update_t`
- * - `psa_drv_hash_update_t`
- * - ...
- * - `psa_drv_hash_finish_t`
- *
- * If a previously started Message Digest operation needs to be terminated
- * before the `psa_drv_hash_finish_t` operation is complete, it should be aborted
- * by the `psa_drv_hash_abort_t`. Failure to do so may result in allocated
- * resources not being freed or in other undefined behavior.
- */
-/**@{*/
-
-/** \brief The hardware-specific hash context structure
- *
- * The contents of this structure are implementation dependent and are
- * therefore not described here
- */
-typedef struct psa_drv_hash_context_s psa_drv_hash_context_t;
-
-/** \brief The function prototype for the start operation of a hash (message
- * digest) operation
- *
- *  Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_hash_<ALGO>_setup
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying hash function
- *
- * \param[in,out] p_context     A structure that will contain the
- * hardware-specific hash context
- *
- * \retval #PSA_SUCCESS     Success.
- */
-typedef psa_status_t (*psa_drv_hash_setup_t)(psa_drv_hash_context_t *p_context);
-
-/** \brief The function prototype for the update operation of a hash (message
- * digest) operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_hash_<ALGO>_update
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm
- *
- * \param[in,out] p_context     A hardware-specific structure for the
- *                              previously-established hash operation to be
- *                              continued
- * \param[in] p_input           A buffer containing the message to be appended
- *                              to the hash operation
- * \param[in] input_length      The size in bytes of the input message buffer
- */
-typedef psa_status_t (*psa_drv_hash_update_t)(psa_drv_hash_context_t *p_context,
-                                              const uint8_t *p_input,
-                                              size_t input_length);
-
-/** \brief  The function prototype for the finish operation of a hash (message
- * digest) operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_hash_<ALGO>_finish
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm
- *
- * \param[in,out] p_context     A hardware-specific structure for the
- *                              previously started hash operation to be
- *                              fiinished
- * \param[out] p_output         A buffer where the generated digest will be
- *                              placed
- * \param[in] output_size       The size in bytes of the buffer that has been
- *                              allocated for the `p_output` buffer
- * \param[out] p_output_length  The number of bytes placed in `p_output` after
- *                              success
- *
- * \retval #PSA_SUCCESS
- *          Success.
- */
-typedef psa_status_t (*psa_drv_hash_finish_t)(psa_drv_hash_context_t *p_context,
-                                              uint8_t *p_output,
-                                              size_t output_size,
-                                              size_t *p_output_length);
-
-/** \brief The function prototype for the abort operation of a hash (message
- * digest) operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_hash_<ALGO>_abort
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm
- *
- * \param[in,out] p_context A hardware-specific structure for the previously
- *                          started hash operation to be aborted
- */
-typedef void (*psa_drv_hash_abort_t)(psa_drv_hash_context_t *p_context);
-
-/**@}*/
-
-/** \defgroup accel_mac Hardware-Accelerated Message Authentication Code
- * Generation and authentication of Message Authentication Codes (MACs) using
- * cryptographic accelerators can be done either as a single function call (via the
- * `psa_drv_accel_mac_generate_t` or `psa_drv_accel_mac_verify_t`
- * functions), or in parts using the following sequence:
- * - `psa_drv_accel_mac_setup_t`
- * - `psa_drv_accel_mac_update_t`
- * - `psa_drv_accel_mac_update_t`
- * - ...
- * - `psa_drv_accel_mac_finish_t` or `psa_drv_accel_mac_finish_verify_t`
- *
- * If a previously started MAC operation needs to be terminated, it
- * should be done so by the `psa_drv_accel_mac_abort_t`. Failure to do so may
- * result in allocated resources not being freed or in other undefined
- * behavior.
- *
- */
-/**@{*/
-
-/** \brief The hardware-accelerator-specific MAC context structure
- *
- * The contents of this structure are implementation dependent and are
- * therefore not described here.
- */
-typedef struct psa_drv_accel_mac_context_s psa_drv_accel_mac_context_t;
-
-/** \brief The function prototype for the setup operation of a
- * hardware-accelerated MAC operation
- *
- *  Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_mac_<ALGO>_<MAC_VARIANT>_setup
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying primitive, and `MAC_VARIANT`
- * is the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in,out] p_context     A structure that will contain the
- *                              hardware-specific MAC context
- * \param[in] p_key             A buffer containing the cleartext key material
- *                              to be used in the operation
- * \param[in] key_length        The size in bytes of the key material
- *
- * \retval  #PSA_SUCCESS
- *          Success.
- */
-typedef psa_status_t (*psa_drv_accel_mac_setup_t)(psa_drv_accel_mac_context_t *p_context,
-                                                  const uint8_t *p_key,
-                                                  size_t key_length);
-
-/** \brief The function prototype for the update operation of a
- * hardware-accelerated MAC operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_mac_<ALGO>_<MAC_VARIANT>_update
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT`
- * is the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in,out] p_context     A hardware-specific structure for the
- *                              previously-established MAC operation to be
- *                              continued
- * \param[in] p_input           A buffer containing the message to be appended
- *                              to the MAC operation
- * \param[in] input_length      The size in bytes of the input message buffer
- */
-typedef psa_status_t (*psa_drv_accel_mac_update_t)(psa_drv_accel_mac_context_t *p_context,
-                                                   const uint8_t *p_input,
-                                                   size_t input_length);
-
-/** \brief  The function prototype for the finish operation of a
- * hardware-accelerated MAC operation
- *
- * Functions that implement this prototype should be named in the following
- *  convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_mac_<ALGO>_<MAC_VARIANT>_finish
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
- * the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in,out] p_context     A hardware-specific structure for the
- *                              previously started MAC operation to be
- *                              finished
- * \param[out] p_mac            A buffer where the generated MAC will be placed
- * \param[in] mac_length        The size in bytes of the buffer that has been
- *                              allocated for the `p_mac` buffer
- *
- * \retval #PSA_SUCCESS
- *          Success.
- */
-typedef psa_status_t (*psa_drv_accel_mac_finish_t)(psa_drv_accel_mac_context_t *p_context,
-                                                   uint8_t *p_mac,
-                                                   size_t mac_length);
-
-/** \brief The function prototype for the finish and verify operation of a
- * hardware-accelerated MAC operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_mac_<ALGO>_<MAC_VARIANT>_finish_verify
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
- * the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in,out] p_context     A hardware-specific structure for the
- *                              previously started MAC operation to be
- *                              verified and finished
- * \param[in] p_mac             A buffer containing the MAC that will be used
- *                              for verification
- * \param[in] mac_length        The size in bytes of the data in the `p_mac`
- *                              buffer
- *
- * \retval #PSA_SUCCESS
- *          The operation completed successfully and the comparison matched
- */
-typedef psa_status_t (*psa_drv_accel_mac_finish_verify_t)(psa_drv_accel_mac_context_t *p_context,
-                                                          const uint8_t *p_mac,
-                                                          size_t mac_length);
-
-/** \brief The function prototype for the abort operation for a previously
- * started hardware-accelerated MAC operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_mac_<ALGO>_<MAC_VARIANT>_abort
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
- * the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in,out] p_context     A hardware-specific structure for the
- *                              previously started MAC operation to be
- *                              aborted
- *
- */
-typedef psa_status_t (*psa_drv_accel_mac_abort_t)(psa_drv_accel_mac_context_t *p_context);
-
-/** \brief The function prototype for the one-shot operation of a
- * hardware-accelerated MAC operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_mac_<ALGO>_<MAC_VARIANT>
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
- * the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in] p_input        A buffer containing the data to be MACed
- * \param[in] input_length   The length in bytes of the `p_input` data
- * \param[in] p_key          A buffer containing the key material to be used
- *                           for the MAC operation
- * \param[in] key_length     The length in bytes of the `p_key` data
- * \param[in] alg            The algorithm to be performed
- * \param[out] p_mac         The buffer where the resulting MAC will be placed
- *                           upon success
- * \param[in] mac_length     The length in bytes of the `p_mac` buffer
- */
-typedef psa_status_t (*psa_drv_accel_mac_t)(const uint8_t *p_input,
-                                            size_t input_length,
-                                            const uint8_t *p_key,
-                                            size_t key_length,
-                                            psa_algorithm_t alg,
-                                            uint8_t *p_mac,
-                                            size_t mac_length);
-
-/** \brief The function prototype for the one-shot hardware-accelerated MAC
- * Verify operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_mac_<ALGO>_<MAC_VARIANT>_verify
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
- * the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in] p_input        A buffer containing the data to be MACed
- * \param[in] input_length   The length in bytes of the `p_input` data
- * \param[in] p_key          A buffer containing the key material to be used
- *                           for the MAC operation
- * \param[in] key_length     The length in bytes of the `p_key` data
- * \param[in] alg            The algorithm to be performed
- * \param[in] p_mac          The MAC data to be compared
- * \param[in] mac_length     The length in bytes of the `p_mac` buffer
- *
- * \retval #PSA_SUCCESS
- *  The operation completed successfully and the comparison matched
- */
-typedef psa_status_t (*psa_drv_accel_mac_verify_t)(const uint8_t *p_input,
-                                                   size_t input_length,
-                                                   const uint8_t *p_key,
-                                                   size_t key_length,
-                                                   psa_algorithm_t alg,
-                                                   const uint8_t *p_mac,
-                                                   size_t mac_length);
-/**@}*/
-
-/** \defgroup accel_cipher Hardware-Accelerated Block Ciphers
- * Encryption and Decryption using hardware-acceleration in block modes other
- * than ECB must be done in multiple parts, using the following flow:
- * - `psa_drv_accel_ciphersetup_t`
- * - `psa_drv_accel_cipher_set_iv_t` (optional depending upon block mode)
- * - `psa_drv_accel_cipher_update_t`
- * - `psa_drv_accel_cipher_update_t`
- * - ...
- * - `psa_drv_accel_cipher_finish_t`
- *
- * If a previously started hardware-accelerated Cipher operation needs to be
- * terminated, it should be done so by the `psa_drv_accel_cipher_abort_t`.
- * Failure to do so may result in allocated resources not being freed or in
- * other undefined behavior.
- */
-/**@{*/
-
-/** \brief The hardware-accelerator-specific cipher context structure
- *
- * The contents of this structure are implementation dependent and are
- * therefore not described here.
- */
-typedef struct psa_drv_accel_cipher_context_s psa_drv_accel_cipher_context_t;
-
-/** \brief The function prototype for the setup operation of
- * hardware-accelerated block cipher operations.
- *  Functions that implement this prototype should be named in the following
- * conventions:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_cipher_setup_<CIPHER_NAME>_<MODE>
- * ~~~~~~~~~~~~~
- * Where
- * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
- * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
- *
- * For stream ciphers:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_cipher_setup_<CIPHER_NAME>
- * ~~~~~~~~~~~~~
- * Where `CIPHER_NAME` is the name of a stream cipher (i.e. RC4)
- *
- * \param[in,out] p_context     A structure that will contain the
- *                              hardware-specific cipher context
- * \param[in] direction         Indicates if the operation is an encrypt or a
- *                              decrypt
- * \param[in] p_key_data        A buffer containing the cleartext key material
- *                              to be used in the operation
- * \param[in] key_data_size     The size in bytes of the key material
- *
- * \retval #PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_accel_cipher_setup_t)(psa_drv_accel_cipher_context_t *p_context,
-                                                     psa_encrypt_or_decrypt_t direction,
-                                                     const uint8_t *p_key_data,
-                                                     size_t key_data_size);
-
-/** \brief The function prototype for the set initialization vector operation
- * of hardware-accelerated block cipher operations
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_cipher_set_iv_<CIPHER_NAME>_<MODE>
- * ~~~~~~~~~~~~~
- * Where
- * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
- * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
- *
- * \param[in,out] p_context     A structure that contains the previously setup
- *                              hardware-specific cipher context
- * \param[in] p_iv              A buffer containing the initialization vecotr
- * \param[in] iv_length         The size in bytes of the contents of `p_iv`
- *
- * \retval #PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_accel_cipher_set_iv_t)(psa_drv_accel_cipher_context_t *p_context,
-                                                      const uint8_t *p_iv,
-                                                      size_t iv_length);
-
-/** \brief The function prototype for the update operation of
- * hardware-accelerated block cipher operations.
- *
- *  Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_cipher_update_<CIPHER_NAME>_<MODE>
- * ~~~~~~~~~~~~~
- * Where
- * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
- * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
- *
- * \param[in,out] p_context         A hardware-specific structure for the
- *                                  previously started cipher operation
- * \param[in] p_input               A buffer containing the data to be
- *                                  encrypted or decrypted
- * \param[in] input_size            The size in bytes of the `p_input` buffer
- * \param[out] p_output             A caller-allocated buffer where the
- *                                  generated output will be placed
- * \param[in] output_size           The size in bytes of the `p_output` buffer
- * \param[out] p_output_length      After completion, will contain the number
- *                                  of bytes placed in the `p_output` buffer
- *
- * \retval #PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_accel_cipher_update_t)(psa_drv_accel_cipher_context_t *p_context,
-                                                      const uint8_t *p_input,
-                                                      size_t input_size,
-                                                      uint8_t *p_output,
-                                                      size_t output_size,
-                                                      size_t *p_output_length);
-
-/** \brief The function prototype for the finish operation of
- * hardware-accelerated block cipher operations.
- *
- *  Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_cipher_finish_<CIPHER_NAME>_<MODE>
- * ~~~~~~~~~~~~~
- * Where
- * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
- * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
- *
- * \param[in,out] p_context     A hardware-specific structure for the
- *                              previously started cipher operation
- * \param[out] p_output         A caller-allocated buffer where the generated
- *                              output will be placed
- * \param[in] output_size       The size in bytes of the `p_output` buffer
- * \param[out] p_output_length  After completion, will contain the number of
- *                              bytes placed in the `p_output` buffer
- *
- * \retval #PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_accel_cipher_finish_t)(psa_drv_accel_cipher_context_t *p_context,
-                                                      uint8_t *p_output,
-                                                      size_t output_size,
-                                                      size_t *p_output_length);
-
-/** \brief The function prototype for the abort operation of
- * hardware-accelerated block cipher operations.
- *
- *  Functions that implement the following prototype should be named in the
- * following convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_cipher_abort_<CIPHER_NAME>_<MODE>
- * ~~~~~~~~~~~~~
- * Where
- * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
- * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
- *
- * \param[in,out] p_context     A hardware-specific structure for the
- *                              previously started cipher operation
- *
- * \retval #PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_accel_cipher_abort_t)(psa_drv_accel_cipher_context_t *p_context);
-
-/**@}*/
-
-/** \defgroup accel_aead Hardware-Accelerated Authenticated Encryption with Additional Data
- *
- * Hardware-accelerated Authenticated Encryption with Additional Data (AEAD)
- * operations must be done in one function call. While this creates a burden
- * for implementers as there must be sufficient space in memory for the entire
- * message, it prevents decrypted data from being made available before the
- * authentication operation is complete and the data is known to be authentic.
- */
-/**@{*/
-
-/** \brief The function prototype for the hardware-accelerated authenticated
- * encryption operation.
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_aead_<ALGO>_encrypt
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the AEAD algorithm
- *
- * \param[in] p_key                     A pointer to the key material
- * \param[in] key_length                The size in bytes of the key material
- * \param[in] alg                       The AEAD algorithm to compute
- *                                      (\c PSA_ALG_XXX value such that
- *                                      #PSA_ALG_IS_AEAD(`alg`) is true)
- * \param[in] nonce                     Nonce or IV to use
- * \param[in] nonce_length              Size of the `nonce` buffer in bytes
- * \param[in] additional_data           Additional data that will be MACed
- *                                      but not encrypted.
- * \param[in] additional_data_length    Size of `additional_data` in bytes
- * \param[in] plaintext                 Data that will be MACed and
- *                                      encrypted.
- * \param[in] plaintext_length          Size of `plaintext` in bytes
- * \param[out] ciphertext               Output buffer for the authenticated and
- *                                      encrypted data. The additional data is
- *                                      not part of this output. For algorithms
- *                                      where the encrypted data and the
- *                                      authentication tag are defined as
- *                                      separate outputs, the authentication
- *                                      tag is appended to the encrypted data.
- * \param[in] ciphertext_size           Size of the `ciphertext` buffer in
- *                                      bytes
- *                                      This must be at least
- *                                      #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(`alg`,
- *                                      `plaintext_length`).
- * \param[out] ciphertext_length        On success, the size of the output in
- *                                      the `ciphertext` buffer
- *
- * \retval #PSA_SUCCESS
- *
- */
-typedef psa_status_t (*psa_drv_accel_aead_encrypt_t)(const uint8_t *p_key,
-                                                     size_t key_length,
-                                                     psa_algorithm_t alg,
-                                                     const uint8_t *nonce,
-                                                     size_t nonce_length,
-                                                     const uint8_t *additional_data,
-                                                     size_t additional_data_length,
-                                                     const uint8_t *plaintext,
-                                                     size_t plaintext_length,
-                                                     uint8_t *ciphertext,
-                                                     size_t ciphertext_size,
-                                                     size_t *ciphertext_length);
-
-/** \brief The function prototype for the hardware-accelerated authenticated
- * decryption operation.
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_aead_<ALGO>_decrypt
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the AEAD algorithm
- * \param[in] p_key                     A pointer to the key material
- * \param[in] key_length                The size in bytes of the key material
- * \param[in] alg                       The AEAD algorithm to compute
- *                                      (\c PSA_ALG_XXX value such that
- *                                      #PSA_ALG_IS_AEAD(`alg`) is true)
- * \param[in] nonce                     Nonce or IV to use
- * \param[in] nonce_length              Size of the `nonce` buffer in bytes
- * \param[in] additional_data           Additional data that has been MACed
- *                                      but not encrypted
- * \param[in] additional_data_length    Size of `additional_data` in bytes
- * \param[in] ciphertext                Data that has been MACed and
- *                                      encrypted
- *                                      For algorithms where the encrypted data
- *                                      and the authentication tag are defined
- *                                      as separate inputs, the buffer must
- *                                      contain the encrypted data followed by
- *                                      the authentication tag.
- * \param[in] ciphertext_length         Size of `ciphertext` in bytes
- * \param[out] plaintext                Output buffer for the decrypted data
- * \param[in] plaintext_size            Size of the `plaintext` buffer in
- *                                      bytes
- *                                      This must be at least
- *                                      #PSA_AEAD_DECRYPT_OUTPUT_SIZE(`alg`,
- *                                      `ciphertext_length`).
- * \param[out] plaintext_length         On success, the size of the output
- *                                      in the \b plaintext buffer
- *
- * \retval #PSA_SUCCESS
- *         Success.
- */
-typedef psa_status_t (*psa_drv_accel_aead_decrypt_t)(const uint8_t *p_key,
-                                                     size_t key_length,
-                                                     psa_algorithm_t alg,
-                                                     const uint8_t *nonce,
-                                                     size_t nonce_length,
-                                                     const uint8_t *additional_data,
-                                                     size_t additional_data_length,
-                                                     const uint8_t *ciphertext,
-                                                     size_t ciphertext_length,
-                                                     uint8_t *plaintext,
-                                                     size_t plaintext_size,
-                                                     size_t *plaintext_length);
-
-/**@}*/
-
-/** \defgroup accel_asymmetric Hardware-Accelerated Asymmetric Cryptography
- *
- * Since the amount of data that can (or should) be encrypted or signed using
- * asymmetric keys is limited by the key size, hardware-accelerated asymmetric
- * key operations must be done in single function calls.
- */
-/**@{*/
-
-
-/**
- * \brief The function prototype for the hardware-accelerated asymmetric sign
- * operation.
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_asymmetric_<ALGO>_sign
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the signing algorithm
- *
- * This function supports any asymmetric-key output from psa_export_key() as
- * the buffer in \p p_key. Refer to the documentation of \ref
- * psa_export_key() for the formats.
- *
- * \param[in] p_key                 A buffer containing the private key
- *                                  material
- * \param[in] key_size              The size in bytes of the `p_key` data
- * \param[in] alg                   A signature algorithm that is compatible
- *                                  with the type of `p_key`
- * \param[in] p_hash                The hash or message to sign
- * \param[in] hash_length           Size of the `p_hash` buffer in bytes
- * \param[out] p_signature          Buffer where the signature is to be written
- * \param[in] signature_size        Size of the `p_signature` buffer in bytes
- * \param[out] p_signature_length   On success, the number of bytes
- *                                  that make up the returned signature value
- *
- * \retval #PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_accel_asymmetric_sign_t)(const uint8_t *p_key,
-                                                        size_t key_size,
-                                                        psa_algorithm_t alg,
-                                                        psa_key_type_t key_type,
-                                                        const uint8_t *p_hash,
-                                                        size_t hash_length,
-                                                        uint8_t *p_signature,
-                                                        size_t signature_size,
-                                                        size_t *p_signature_length);
-
-/**
- * \brief The function prototype for the hardware-accelerated signature verify
- * operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_asymmetric_<ALGO>_verify
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the signing algorithm
- *
- * This function supports any output from \ref psa_export_public_key() as the
- * buffer in \p p_key. Refer to the documentation of \ref
- * psa_export_public_key() for the format of public keys and to the
- * documentation of \ref psa_export_key() for the format for other key types.
- *
- * \param[in] p_key             A buffer containing the public key material
- * \param[in] key_size          The size in bytes of the `p_key` data
- * \param[in] alg               A signature algorithm that is compatible with
- *                              the type of `key`
- * \param[in] p_hash            The hash or message whose signature is to be
- *                              verified
- * \param[in] hash_length       Size of the `p_hash` buffer in bytes
- * \param[in] p_signature       Buffer containing the signature to verify
- * \param[in] signature_length  Size of the `p_signature` buffer in bytes
- *
- * \retval #PSA_SUCCESS
- *         The signature is valid.
- */
-typedef psa_status_t (*psa_drv_accel_asymmetric_verify_t)(const uint8_t *p_key,
-                                                          size_t key_size,
-                                                          psa_algorithm_t alg,
-                                                          psa_key_type_t key_type,
-                                                          const uint8_t *p_hash,
-                                                          size_t hash_length,
-                                                          const uint8_t *p_signature,
-                                                          size_t signature_length);
-
-/**
- * \brief The function prototype for the hardware-accelerated asymmetric
- * encrypt operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_asymmetric_<ALGO>_encrypt
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the encryption algorithm
- *
- * This function supports any output from \ref psa_export_public_key() as the
- * buffer in \p p_key. Refer to the documentation of \ref
- * psa_export_public_key() for the format of public keys and to the
- * documentation of \ref psa_export_key() for the format for other key types.
- *
- * \param[in] p_key             A buffer containing the public key material
- * \param[in] key_size          The size in bytes of the `p_key` data
- * \param[in] alg               An asymmetric encryption algorithm that is
- *                              compatible with the type of `key`
- * \param[in] p_input           The message to encrypt
- * \param[in] input_length      Size of the `p_input` buffer in bytes
- * \param[in] p_salt            A salt or label, if supported by the
- *                              encryption algorithm
- *                              If the algorithm does not support a
- *                              salt, pass `NULL`
- *                              If the algorithm supports an optional
- *                              salt and you do not want to pass a salt,
- *                              pass `NULL`.
- *                              For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
- *                              supported.
- * \param[in] salt_length       Size of the `p_salt` buffer in bytes
- *                              If `p_salt` is `NULL`, pass 0.
- * \param[out] p_output         Buffer where the encrypted message is to
- *                              be written
- * \param[in] output_size       Size of the `p_output` buffer in bytes
- * \param[out] p_output_length  On success, the number of bytes
- *                              that make up the returned output
- *
- * \retval #PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_accel_asymmetric_encrypt_t)(const uint8_t *p_key,
-                                                           size_t key_size,
-                                                           psa_algorithm_t alg,
-                                                           psa_key_type_t key_type,
-                                                           const uint8_t *p_input,
-                                                           size_t input_length,
-                                                           const uint8_t *p_salt,
-                                                           size_t salt_length,
-                                                           uint8_t *p_output,
-                                                           size_t output_size,
-                                                           size_t *p_output_length);
-
-/**
- * \brief The function prototype for the hardware=acce;erated asymmetric
- * decrypt operation
- *
- * Functions that implement this prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_accel_asymmetric_<ALGO>_decrypt
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the encryption algorithm
- *
- * This function supports any asymmetric-key output from psa_export_key() as
- * the buffer in \p p_key. Refer to the documentation of \ref
- * psa_export_key() for the formats.
- *
- * \param[in] p_key             A buffer containing the private key material
- * \param[in] key_size          The size in bytes of the `p_key` data
- * \param[in] alg               An asymmetric encryption algorithm that is
- *                              compatible with the type of `key`
- * \param[in] p_input           The message to decrypt
- * \param[in] input_length      Size of the `p_input` buffer in bytes
- * \param[in] p_salt            A salt or label, if supported by the
- *                              encryption algorithm
- *                              If the algorithm does not support a
- *                              salt, pass `NULL`.
- *                              If the algorithm supports an optional
- *                              salt and you do not want to pass a salt,
- *                              pass `NULL`.
- *                              For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
- *                              supported
- * \param[in] salt_length       Size of the `p_salt` buffer in bytes
- *                              If `p_salt` is `NULL`, pass 0
- * \param[out] p_output         Buffer where the decrypted message is to
- *                              be written
- * \param[in] output_size       Size of the `p_output` buffer in bytes
- * \param[out] p_output_length  On success, the number of bytes
- *                              that make up the returned output
- *
- * \retval #PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_accel_asymmetric_decrypt_t)(const uint8_t *p_key,
-                                                           size_t key_size,
-                                                           psa_algorithm_t alg,
-                                                           psa_key_type_t key_type,
-                                                           const uint8_t *p_input,
-                                                           size_t input_length,
-                                                           const uint8_t *p_salt,
-                                                           size_t salt_length,
-                                                           uint8_t *p_output,
-                                                           size_t output_size,
-                                                           size_t *p_output_length);
-
-/**@}*/
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* PSA_CRYPTO_ACCEL_DRIVER_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/psa/crypto_compat.h b/3rdparty/mbedtls-2.25.0/include/psa/crypto_compat.h
deleted file mode 100644
index 5bb5669..0000000
--- a/3rdparty/mbedtls-2.25.0/include/psa/crypto_compat.h
+++ /dev/null
@@ -1,359 +0,0 @@
-/**
- * \file psa/crypto_compat.h
- *
- * \brief PSA cryptography module: Backward compatibility aliases
- *
- * This header declares alternative names for macro and functions.
- * New application code should not use these names.
- * These names may be removed in a future version of Mbed Crypto.
- *
- * \note This file may not be included directly. Applications must
- * include psa/crypto.h.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_COMPAT_H
-#define PSA_CRYPTO_COMPAT_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- * To support both openless APIs and psa_open_key() temporarily, define
- * psa_key_handle_t to be equal to mbedtls_svc_key_id_t. Do not mark the
- * type and its utility macros and functions deprecated yet. This will be done
- * in a subsequent phase.
- */
-typedef mbedtls_svc_key_id_t psa_key_handle_t;
-
-#define PSA_KEY_HANDLE_INIT MBEDTLS_SVC_KEY_ID_INIT
-
-/** Check wether an handle is null.
- *
- * \param handle  Handle
- *
- * \return Non-zero if the handle is null, zero otherwise.
- */
-static inline int psa_key_handle_is_null( psa_key_handle_t handle )
-{
-    return( mbedtls_svc_key_id_is_null( handle ) );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-
-/*
- * Mechanism for declaring deprecated values
- */
-#if defined(MBEDTLS_DEPRECATED_WARNING) && !defined(MBEDTLS_PSA_DEPRECATED)
-#define MBEDTLS_PSA_DEPRECATED __attribute__((deprecated))
-#else
-#define MBEDTLS_PSA_DEPRECATED
-#endif
-
-typedef MBEDTLS_PSA_DEPRECATED size_t mbedtls_deprecated_size_t;
-typedef MBEDTLS_PSA_DEPRECATED psa_status_t mbedtls_deprecated_psa_status_t;
-typedef MBEDTLS_PSA_DEPRECATED psa_key_usage_t mbedtls_deprecated_psa_key_usage_t;
-typedef MBEDTLS_PSA_DEPRECATED psa_ecc_family_t mbedtls_deprecated_psa_ecc_family_t;
-typedef MBEDTLS_PSA_DEPRECATED psa_dh_family_t mbedtls_deprecated_psa_dh_family_t;
-typedef MBEDTLS_PSA_DEPRECATED psa_ecc_family_t psa_ecc_curve_t;
-typedef MBEDTLS_PSA_DEPRECATED psa_dh_family_t psa_dh_group_t;
-typedef MBEDTLS_PSA_DEPRECATED psa_algorithm_t mbedtls_deprecated_psa_algorithm_t;
-
-#define PSA_KEY_TYPE_GET_CURVE PSA_KEY_TYPE_ECC_GET_FAMILY
-#define PSA_KEY_TYPE_GET_GROUP PSA_KEY_TYPE_DH_GET_FAMILY
-
-#define MBEDTLS_DEPRECATED_CONSTANT( type, value )      \
-    ( (mbedtls_deprecated_##type) ( value ) )
-
-/*
- * Deprecated PSA Crypto error code definitions (PSA Crypto API  <= 1.0 beta2)
- */
-#define PSA_ERROR_UNKNOWN_ERROR \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_GENERIC_ERROR )
-#define PSA_ERROR_OCCUPIED_SLOT \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_ALREADY_EXISTS )
-#define PSA_ERROR_EMPTY_SLOT \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_DOES_NOT_EXIST )
-#define PSA_ERROR_INSUFFICIENT_CAPACITY \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_INSUFFICIENT_DATA )
-#define PSA_ERROR_TAMPERING_DETECTED \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_CORRUPTION_DETECTED )
-
-/*
- * Deprecated PSA Crypto numerical encodings (PSA Crypto API  <= 1.0 beta3)
- */
-#define PSA_KEY_USAGE_SIGN \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_key_usage_t, PSA_KEY_USAGE_SIGN_HASH )
-#define PSA_KEY_USAGE_VERIFY \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_key_usage_t, PSA_KEY_USAGE_VERIFY_HASH )
-
-/*
- * Deprecated PSA Crypto size calculation macros (PSA Crypto API  <= 1.0 beta3)
- */
-#define PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE \
-    MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_SIGNATURE_MAX_SIZE )
-#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ) \
-    MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ) )
-
-/*
- * Deprecated PSA Crypto function names (PSA Crypto API  <= 1.0 beta3)
- */
-MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_sign( psa_key_handle_t key,
-                            psa_algorithm_t alg,
-                            const uint8_t *hash,
-                            size_t hash_length,
-                            uint8_t *signature,
-                            size_t signature_size,
-                            size_t *signature_length )
-{
-    return psa_sign_hash( key, alg, hash, hash_length, signature, signature_size, signature_length );
-}
-
-MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key_handle_t key,
-                              psa_algorithm_t alg,
-                              const uint8_t *hash,
-                              size_t hash_length,
-                              const uint8_t *signature,
-                              size_t signature_length )
-{
-    return psa_verify_hash( key, alg, hash, hash_length, signature, signature_length );
-}
-
-/*
- * Size-specific elliptic curve families.
- */
-#define PSA_ECC_CURVE_SECP160K1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 )
-#define PSA_ECC_CURVE_SECP192K1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 )
-#define PSA_ECC_CURVE_SECP224K1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 )
-#define PSA_ECC_CURVE_SECP256K1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 )
-#define PSA_ECC_CURVE_SECP160R1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 )
-#define PSA_ECC_CURVE_SECP192R1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 )
-#define PSA_ECC_CURVE_SECP224R1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 )
-#define PSA_ECC_CURVE_SECP256R1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 )
-#define PSA_ECC_CURVE_SECP384R1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 )
-#define PSA_ECC_CURVE_SECP521R1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 )
-#define PSA_ECC_CURVE_SECP160R2 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R2 )
-#define PSA_ECC_CURVE_SECT163K1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 )
-#define PSA_ECC_CURVE_SECT233K1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 )
-#define PSA_ECC_CURVE_SECT239K1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 )
-#define PSA_ECC_CURVE_SECT283K1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 )
-#define PSA_ECC_CURVE_SECT409K1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 )
-#define PSA_ECC_CURVE_SECT571K1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 )
-#define PSA_ECC_CURVE_SECT163R1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 )
-#define PSA_ECC_CURVE_SECT193R1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 )
-#define PSA_ECC_CURVE_SECT233R1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 )
-#define PSA_ECC_CURVE_SECT283R1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 )
-#define PSA_ECC_CURVE_SECT409R1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 )
-#define PSA_ECC_CURVE_SECT571R1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 )
-#define PSA_ECC_CURVE_SECT163R2 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2 )
-#define PSA_ECC_CURVE_SECT193R2 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2 )
-#define PSA_ECC_CURVE_BRAINPOOL_P256R1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1 )
-#define PSA_ECC_CURVE_BRAINPOOL_P384R1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1 )
-#define PSA_ECC_CURVE_BRAINPOOL_P512R1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1 )
-#define PSA_ECC_CURVE_CURVE25519 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY )
-#define PSA_ECC_CURVE_CURVE448 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY )
-
-/*
- * Curves that changed name due to PSA specification.
- */
-#define PSA_ECC_CURVE_SECP_K1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 )
-#define PSA_ECC_CURVE_SECP_R1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 )
-#define PSA_ECC_CURVE_SECP_R2 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R2 )
-#define PSA_ECC_CURVE_SECT_K1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 )
-#define PSA_ECC_CURVE_SECT_R1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 )
-#define PSA_ECC_CURVE_SECT_R2 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2 )
-#define PSA_ECC_CURVE_BRAINPOOL_P_R1 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1 )
-#define PSA_ECC_CURVE_MONTGOMERY \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY )
-
-/*
- * Finite-field Diffie-Hellman families.
- */
-#define PSA_DH_GROUP_FFDHE2048 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 )
-#define PSA_DH_GROUP_FFDHE3072 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 )
-#define PSA_DH_GROUP_FFDHE4096 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 )
-#define PSA_DH_GROUP_FFDHE6144 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 )
-#define PSA_DH_GROUP_FFDHE8192 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 )
-
-/*
- * Diffie-Hellman families that changed name due to PSA specification.
- */
-#define PSA_DH_GROUP_RFC7919 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 )
-#define PSA_DH_GROUP_CUSTOM \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_CUSTOM )
-
-/*
- * Deprecated PSA Crypto stream cipher algorithms (PSA Crypto API  <= 1.0 beta3)
- */
-#define PSA_ALG_ARC4 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_algorithm_t, PSA_ALG_STREAM_CIPHER )
-#define PSA_ALG_CHACHA20 \
-    MBEDTLS_DEPRECATED_CONSTANT( psa_algorithm_t, PSA_ALG_STREAM_CIPHER )
-
-#endif /* MBEDTLS_DEPRECATED_REMOVED */
-
-/** Open a handle to an existing persistent key.
- *
- * Open a handle to a persistent key. A key is persistent if it was created
- * with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE. A persistent key
- * always has a nonzero key identifier, set with psa_set_key_id() when
- * creating the key. Implementations may provide additional pre-provisioned
- * keys that can be opened with psa_open_key(). Such keys have an application
- * key identifier in the vendor range, as documented in the description of
- * #psa_key_id_t.
- *
- * The application must eventually close the handle with psa_close_key() or
- * psa_destroy_key() to release associated resources. If the application dies
- * without calling one of these functions, the implementation should perform
- * the equivalent of a call to psa_close_key().
- *
- * Some implementations permit an application to open the same key multiple
- * times. If this is successful, each call to psa_open_key() will return a
- * different key handle.
- *
- * \note This API is not part of the PSA Cryptography API Release 1.0.0
- * specification. It was defined in the 1.0 Beta 3 version of the
- * specification but was removed in the 1.0.0 released version. This API is
- * kept for the time being to not break applications relying on it. It is not
- * deprecated yet but will be in the near future.
- *
- * \note Applications that rely on opening a key multiple times will not be
- * portable to implementations that only permit a single key handle to be
- * opened. See also :ref:\`key-handles\`.
- *
- *
- * \param key           The persistent identifier of the key.
- * \param[out] handle   On success, a handle to the key.
- *
- * \retval #PSA_SUCCESS
- *         Success. The application can now use the value of `*handle`
- *         to access the key.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- *         The implementation does not have sufficient resources to open the
- *         key. This can be due to reaching an implementation limit on the
- *         number of open keys, the number of open key handles, or available
- *         memory.
- * \retval #PSA_ERROR_DOES_NOT_EXIST
- *         There is no persistent key with key identifier \p id.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         \p id is not a valid persistent key identifier.
- * \retval #PSA_ERROR_NOT_PERMITTED
- *         The specified key exists, but the application does not have the
- *         permission to access it. Note that this specification does not
- *         define any way to create such a key, but it may be possible
- *         through implementation-specific means.
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
- *         It is implementation-dependent whether a failure to initialize
- *         results in this error code.
- */
-psa_status_t psa_open_key( mbedtls_svc_key_id_t key,
-                           psa_key_handle_t *handle );
-
-/** Close a key handle.
- *
- * If the handle designates a volatile key, this will destroy the key material
- * and free all associated resources, just like psa_destroy_key().
- *
- * If this is the last open handle to a persistent key, then closing the handle
- * will free all resources associated with the key in volatile memory. The key
- * data in persistent storage is not affected and can be opened again later
- * with a call to psa_open_key().
- *
- * Closing the key handle makes the handle invalid, and the key handle
- * must not be used again by the application.
- *
- * \note This API is not part of the PSA Cryptography API Release 1.0.0
- * specification. It was defined in the 1.0 Beta 3 version of the
- * specification but was removed in the 1.0.0 released version. This API is
- * kept for the time being to not break applications relying on it. It is not
- * deprecated yet but will be in the near future.
- *
- * \note If the key handle was used to set up an active
- * :ref:\`multipart operation <multipart-operations>\`, then closing the
- * key handle can cause the multipart operation to fail. Applications should
- * maintain the key handle until after the multipart operation has finished.
- *
- * \param handle        The key handle to close.
- *                      If this is \c 0, do nothing and return \c PSA_SUCCESS.
- *
- * \retval #PSA_SUCCESS
- *         \p handle was a valid handle or \c 0. It is now closed.
- * \retval #PSA_ERROR_INVALID_HANDLE
- *         \p handle is not a valid handle nor \c 0.
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
- *         It is implementation-dependent whether a failure to initialize
- *         results in this error code.
- */
-psa_status_t psa_close_key(psa_key_handle_t handle);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* PSA_CRYPTO_COMPAT_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/psa/crypto_config.h b/3rdparty/mbedtls-2.25.0/include/psa/crypto_config.h
deleted file mode 100644
index cf7f63a..0000000
--- a/3rdparty/mbedtls-2.25.0/include/psa/crypto_config.h
+++ /dev/null
@@ -1,78 +0,0 @@
-/**
- * \file psa/crypto_config.h
- * \brief PSA crypto configuration options (set of defines)
- *
- */
-#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
-/**
- * When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled in config.h,
- * this file determines which cryptographic mechanisms are enabled
- * through the PSA Cryptography API (\c psa_xxx() functions).
- *
- * To enable a cryptographic mechanism, uncomment the definition of
- * the corresponding \c PSA_WANT_xxx preprocessor symbol.
- * To disable a cryptographic mechanism, comment out the definition of
- * the corresponding \c PSA_WANT_xxx preprocessor symbol.
- * The names of cryptographic mechanisms correspond to values
- * defined in psa/crypto_values.h, with the prefix \c PSA_WANT_ instead
- * of \c PSA_.
- *
- * Note that many cryptographic mechanisms involve two symbols: one for
- * the key type (\c PSA_WANT_KEY_TYPE_xxx) and one for the algorithm
- * (\c PSA_WANT_ALG_xxx). Mechanisms with additional parameters may involve
- * additional symbols.
- */
-#else
-/**
- * When \c MBEDTLS_PSA_CRYPTO_CONFIG is disabled in config.h,
- * this file is not used, and cryptographic mechanisms are supported
- * through the PSA API if and only if they are supported through the
- * mbedtls_xxx API.
- */
-#endif
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_CONFIG_H
-#define PSA_CRYPTO_CONFIG_H
-
-#define PSA_WANT_ALG_DETERMINISTIC_ECDSA        1
-#define PSA_WANT_ALG_ECDH                       1
-#define PSA_WANT_ALG_ECDSA                      1
-#define PSA_WANT_ALG_HKDF                       1
-#define PSA_WANT_ALG_HMAC                       1
-#define PSA_WANT_ALG_MD2                        1
-#define PSA_WANT_ALG_MD4                        1
-#define PSA_WANT_ALG_MD5                        1
-#define PSA_WANT_ALG_RIPEMD160                  1
-#define PSA_WANT_ALG_RSA_OAEP                   1
-#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT         1
-#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN          1
-#define PSA_WANT_ALG_RSA_PSS                    1
-#define PSA_WANT_ALG_SHA_1                      1
-#define PSA_WANT_ALG_SHA_224                    1
-#define PSA_WANT_ALG_SHA_256                    1
-#define PSA_WANT_ALG_SHA_384                    1
-#define PSA_WANT_ALG_SHA_512                    1
-#define PSA_WANT_ALG_TLS12_PRF                  1
-#define PSA_WANT_ALG_TLS12_PSK_TO_MS            1
-#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR          1
-#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY        1
-#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR          1
-#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY        1
-
-#endif /* PSA_CRYPTO_CONFIG_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/psa/crypto_driver_common.h b/3rdparty/mbedtls-2.25.0/include/psa/crypto_driver_common.h
deleted file mode 100644
index 2ce75d2..0000000
--- a/3rdparty/mbedtls-2.25.0/include/psa/crypto_driver_common.h
+++ /dev/null
@@ -1,54 +0,0 @@
-/**
- * \file psa/crypto_driver_common.h
- * \brief Definitions for all PSA crypto drivers
- *
- * This file contains common definitions shared by all PSA crypto drivers.
- * Do not include it directly: instead, include the header file(s) for
- * the type(s) of driver that you are implementing. For example, if
- * you are writing a driver for a chip that provides both a hardware
- * random generator and an accelerator for some cryptographic algorithms,
- * include `psa/crypto_entropy_driver.h` and `psa/crypto_accel_driver.h`.
- *
- * This file is part of the PSA Crypto Driver Model, containing functions for
- * driver developers to implement to enable hardware to be called in a
- * standardized way by a PSA Cryptographic API implementation. The functions
- * comprising the driver model, which driver authors implement, are not
- * intended to be called by application developers.
- */
-
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef PSA_CRYPTO_DRIVER_COMMON_H
-#define PSA_CRYPTO_DRIVER_COMMON_H
-
-#include <stddef.h>
-#include <stdint.h>
-
-/* Include type definitions (psa_status_t, psa_algorithm_t,
- * psa_key_type_t, etc.) and macros to build and analyze values
- * of these types. */
-#include "crypto_types.h"
-#include "crypto_values.h"
-
-/** For encrypt-decrypt functions, whether the operation is an encryption
- * or a decryption. */
-typedef enum {
-    PSA_CRYPTO_DRIVER_DECRYPT,
-    PSA_CRYPTO_DRIVER_ENCRYPT
-} psa_encrypt_or_decrypt_t;
-
-#endif /* PSA_CRYPTO_DRIVER_COMMON_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/psa/crypto_entropy_driver.h b/3rdparty/mbedtls-2.25.0/include/psa/crypto_entropy_driver.h
deleted file mode 100644
index 9b6546e..0000000
--- a/3rdparty/mbedtls-2.25.0/include/psa/crypto_entropy_driver.h
+++ /dev/null
@@ -1,108 +0,0 @@
-/**
- * \file psa/crypto_entropy_driver.h
- * \brief PSA entropy source driver module
- *
- * This header declares types and function signatures for entropy sources.
- *
- * This file is part of the PSA Crypto Driver Model, containing functions for
- * driver developers to implement to enable hardware to be called in a
- * standardized way by a PSA Cryptographic API implementation. The functions
- * comprising the driver model, which driver authors implement, are not
- * intended to be called by application developers.
- */
-
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef PSA_CRYPTO_ENTROPY_DRIVER_H
-#define PSA_CRYPTO_ENTROPY_DRIVER_H
-
-#include "crypto_driver_common.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/** \defgroup driver_rng Entropy Generation
- */
-/**@{*/
-
-/** \brief Initialize an entropy driver
- *
- *
- * \param[in,out] p_context             A hardware-specific structure
- *                                      containing any context information for
- *                                      the implementation
- *
- * \retval #PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_entropy_init_t)(void *p_context);
-
-/** \brief Get a specified number of bits from the entropy source
- *
- * It retrives `buffer_size` bytes of data from the entropy source. The entropy
- * source will always fill the provided buffer to its full size, however, most
- * entropy sources have biases, and the actual amount of entropy contained in
- * the buffer will be less than the number of bytes.
- * The driver will return the actual number of bytes of entropy placed in the
- * buffer in `p_received_entropy_bytes`.
- * A PSA Crypto API implementation will likely feed the output of this function
- * into a Digital Random Bit Generator (DRBG), and typically has a minimum
- * amount of entropy that it needs.
- * To accomplish this, the PSA Crypto implementation should be designed to call
- * this function multiple times until it has received the required amount of
- * entropy from the entropy source.
- *
- * \param[in,out] p_context                 A hardware-specific structure
- *                                          containing any context information
- *                                          for the implementation
- * \param[out] p_buffer                     A caller-allocated buffer for the
- *                                          retrieved entropy to be placed in
- * \param[in] buffer_size                   The allocated size of `p_buffer`
- * \param[out] p_received_entropy_bits      The amount of entropy (in bits)
- *                                          actually provided in `p_buffer`
- *
- * \retval #PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_entropy_get_bits_t)(void *p_context,
-                                                   uint8_t *p_buffer,
-                                                   uint32_t buffer_size,
-                                                   uint32_t *p_received_entropy_bits);
-
-/**
- * \brief A struct containing all of the function pointers needed to interface
- * to an entropy source
- *
- * PSA Crypto API implementations should populate instances of the table as
- * appropriate upon startup.
- *
- * If one of the functions is not implemented, it should be set to NULL.
- */
-typedef struct {
-    /** The driver-specific size of the entropy context */
-    const size_t                context_size;
-    /** Function that performs initialization for the entropy source */
-    psa_drv_entropy_init_t      p_init;
-    /** Function that performs the get_bits operation for the entropy source */
-    psa_drv_entropy_get_bits_t  p_get_bits;
-} psa_drv_entropy_t;
-/**@}*/
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* PSA_CRYPTO_ENTROPY_DRIVER_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/psa/crypto_extra.h b/3rdparty/mbedtls-2.25.0/include/psa/crypto_extra.h
deleted file mode 100644
index f793a6c..0000000
--- a/3rdparty/mbedtls-2.25.0/include/psa/crypto_extra.h
+++ /dev/null
@@ -1,656 +0,0 @@
-/**
- * \file psa/crypto_extra.h
- *
- * \brief PSA cryptography module: Mbed TLS vendor extensions
- *
- * \note This file may not be included directly. Applications must
- * include psa/crypto.h.
- *
- * This file is reserved for vendor-specific definitions.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_EXTRA_H
-#define PSA_CRYPTO_EXTRA_H
-
-#include "mbedtls/platform_util.h"
-
-#include "crypto_compat.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* UID for secure storage seed */
-#define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52
-
-
-/** \addtogroup attributes
- * @{
- */
-
-/** \brief Declare the enrollment algorithm for a key.
- *
- * An operation on a key may indifferently use the algorithm set with
- * psa_set_key_algorithm() or with this function.
- *
- * \param[out] attributes       The attribute structure to write to.
- * \param alg2                  A second algorithm that the key may be used
- *                              for, in addition to the algorithm set with
- *                              psa_set_key_algorithm().
- *
- * \warning Setting an enrollment algorithm is not recommended, because
- *          using the same key with different algorithms can allow some
- *          attacks based on arithmetic relations between different
- *          computations made with the same key, or can escalate harmless
- *          side channels into exploitable ones. Use this function only
- *          if it is necessary to support a protocol for which it has been
- *          verified that the usage of the key with multiple algorithms
- *          is safe.
- */
-static inline void psa_set_key_enrollment_algorithm(
-    psa_key_attributes_t *attributes,
-    psa_algorithm_t alg2)
-{
-    attributes->core.policy.alg2 = alg2;
-}
-
-/** Retrieve the enrollment algorithm policy from key attributes.
- *
- * \param[in] attributes        The key attribute structure to query.
- *
- * \return The enrollment algorithm stored in the attribute structure.
- */
-static inline psa_algorithm_t psa_get_key_enrollment_algorithm(
-    const psa_key_attributes_t *attributes)
-{
-    return( attributes->core.policy.alg2 );
-}
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-
-/** Retrieve the slot number where a key is stored.
- *
- * A slot number is only defined for keys that are stored in a secure
- * element.
- *
- * This information is only useful if the secure element is not entirely
- * managed through the PSA Cryptography API. It is up to the secure
- * element driver to decide how PSA slot numbers map to any other interface
- * that the secure element may have.
- *
- * \param[in] attributes        The key attribute structure to query.
- * \param[out] slot_number      On success, the slot number containing the key.
- *
- * \retval #PSA_SUCCESS
- *         The key is located in a secure element, and \p *slot_number
- *         indicates the slot number that contains it.
- * \retval #PSA_ERROR_NOT_PERMITTED
- *         The caller is not permitted to query the slot number.
- *         Mbed Crypto currently does not return this error.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         The key is not located in a secure element.
- */
-psa_status_t psa_get_key_slot_number(
-    const psa_key_attributes_t *attributes,
-    psa_key_slot_number_t *slot_number );
-
-/** Choose the slot number where a key is stored.
- *
- * This function declares a slot number in the specified attribute
- * structure.
- *
- * A slot number is only meaningful for keys that are stored in a secure
- * element. It is up to the secure element driver to decide how PSA slot
- * numbers map to any other interface that the secure element may have.
- *
- * \note Setting a slot number in key attributes for a key creation can
- *       cause the following errors when creating the key:
- *       - #PSA_ERROR_NOT_SUPPORTED if the selected secure element does
- *         not support choosing a specific slot number.
- *       - #PSA_ERROR_NOT_PERMITTED if the caller is not permitted to
- *         choose slot numbers in general or to choose this specific slot.
- *       - #PSA_ERROR_INVALID_ARGUMENT if the chosen slot number is not
- *         valid in general or not valid for this specific key.
- *       - #PSA_ERROR_ALREADY_EXISTS if there is already a key in the
- *         selected slot.
- *
- * \param[out] attributes       The attribute structure to write to.
- * \param slot_number           The slot number to set.
- */
-static inline void psa_set_key_slot_number(
-    psa_key_attributes_t *attributes,
-    psa_key_slot_number_t slot_number )
-{
-    attributes->core.flags |= MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
-    attributes->slot_number = slot_number;
-}
-
-/** Remove the slot number attribute from a key attribute structure.
- *
- * This function undoes the action of psa_set_key_slot_number().
- *
- * \param[out] attributes       The attribute structure to write to.
- */
-static inline void psa_clear_key_slot_number(
-    psa_key_attributes_t *attributes )
-{
-    attributes->core.flags &= ~MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
-}
-
-/** Register a key that is already present in a secure element.
- *
- * The key must be located in a secure element designated by the
- * lifetime field in \p attributes, in the slot set with
- * psa_set_key_slot_number() in the attribute structure.
- * This function makes the key available through the key identifier
- * specified in \p attributes.
- *
- * \param[in] attributes        The attributes of the existing key.
- *
- * \retval #PSA_SUCCESS
- *         The key was successfully registered.
- *         Note that depending on the design of the driver, this may or may
- *         not guarantee that a key actually exists in the designated slot
- *         and is compatible with the specified attributes.
- * \retval #PSA_ERROR_ALREADY_EXISTS
- *         There is already a key with the identifier specified in
- *         \p attributes.
- * \retval #PSA_ERROR_NOT_SUPPORTED
- *         The secure element driver for the specified lifetime does not
- *         support registering a key.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         \p attributes specifies a lifetime which is not located
- *         in a secure element.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         No slot number is specified in \p attributes,
- *         or the specified slot number is not valid.
- * \retval #PSA_ERROR_NOT_PERMITTED
- *         The caller is not authorized to register the specified key slot.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
- *         It is implementation-dependent whether a failure to initialize
- *         results in this error code.
- */
-psa_status_t mbedtls_psa_register_se_key(
-    const psa_key_attributes_t *attributes);
-
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-
-/**@}*/
-
-/**
- * \brief Library deinitialization.
- *
- * This function clears all data associated with the PSA layer,
- * including the whole key store.
- *
- * This is an Mbed TLS extension.
- */
-void mbedtls_psa_crypto_free( void );
-
-/** \brief Statistics about
- * resource consumption related to the PSA keystore.
- *
- * \note The content of this structure is not part of the stable API and ABI
- *       of Mbed Crypto and may change arbitrarily from version to version.
- */
-typedef struct mbedtls_psa_stats_s
-{
-    /** Number of slots containing key material for a volatile key. */
-    size_t volatile_slots;
-    /** Number of slots containing key material for a key which is in
-     * internal persistent storage. */
-    size_t persistent_slots;
-    /** Number of slots containing a reference to a key in a
-     * secure element. */
-    size_t external_slots;
-    /** Number of slots which are occupied, but do not contain
-     * key material yet. */
-    size_t half_filled_slots;
-    /** Number of slots that contain cache data. */
-    size_t cache_slots;
-    /** Number of slots that are not used for anything. */
-    size_t empty_slots;
-    /** Number of slots that are locked. */
-    size_t locked_slots;
-    /** Largest key id value among open keys in internal persistent storage. */
-    psa_key_id_t max_open_internal_key_id;
-    /** Largest key id value among open keys in secure elements. */
-    psa_key_id_t max_open_external_key_id;
-} mbedtls_psa_stats_t;
-
-/** \brief Get statistics about
- * resource consumption related to the PSA keystore.
- *
- * \note When Mbed Crypto is built as part of a service, with isolation
- *       between the application and the keystore, the service may or
- *       may not expose this function.
- */
-void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats );
-
-/**
- * \brief Inject an initial entropy seed for the random generator into
- *        secure storage.
- *
- * This function injects data to be used as a seed for the random generator
- * used by the PSA Crypto implementation. On devices that lack a trusted
- * entropy source (preferably a hardware random number generator),
- * the Mbed PSA Crypto implementation uses this value to seed its
- * random generator.
- *
- * On devices without a trusted entropy source, this function must be
- * called exactly once in the lifetime of the device. On devices with
- * a trusted entropy source, calling this function is optional.
- * In all cases, this function may only be called before calling any
- * other function in the PSA Crypto API, including psa_crypto_init().
- *
- * When this function returns successfully, it populates a file in
- * persistent storage. Once the file has been created, this function
- * can no longer succeed.
- *
- * If any error occurs, this function does not change the system state.
- * You can call this function again after correcting the reason for the
- * error if possible.
- *
- * \warning This function **can** fail! Callers MUST check the return status.
- *
- * \warning If you use this function, you should use it as part of a
- *          factory provisioning process. The value of the injected seed
- *          is critical to the security of the device. It must be
- *          *secret*, *unpredictable* and (statistically) *unique per device*.
- *          You should be generate it randomly using a cryptographically
- *          secure random generator seeded from trusted entropy sources.
- *          You should transmit it securely to the device and ensure
- *          that its value is not leaked or stored anywhere beyond the
- *          needs of transmitting it from the point of generation to
- *          the call of this function, and erase all copies of the value
- *          once this function returns.
- *
- * This is an Mbed TLS extension.
- *
- * \note This function is only available on the following platforms:
- * * If the compile-time option MBEDTLS_PSA_INJECT_ENTROPY is enabled.
- *   Note that you must provide compatible implementations of
- *   mbedtls_nv_seed_read and mbedtls_nv_seed_write.
- * * In a client-server integration of PSA Cryptography, on the client side,
- *   if the server supports this feature.
- * \param[in] seed          Buffer containing the seed value to inject.
- * \param[in] seed_size     Size of the \p seed buffer.
- *                          The size of the seed in bytes must be greater
- *                          or equal to both #MBEDTLS_ENTROPY_MIN_PLATFORM
- *                          and #MBEDTLS_ENTROPY_BLOCK_SIZE.
- *                          It must be less or equal to
- *                          #MBEDTLS_ENTROPY_MAX_SEED_SIZE.
- *
- * \retval #PSA_SUCCESS
- *         The seed value was injected successfully. The random generator
- *         of the PSA Crypto implementation is now ready for use.
- *         You may now call psa_crypto_init() and use the PSA Crypto
- *         implementation.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         \p seed_size is out of range.
- * \retval #PSA_ERROR_STORAGE_FAILURE
- *         There was a failure reading or writing from storage.
- * \retval #PSA_ERROR_NOT_PERMITTED
- *         The library has already been initialized. It is no longer
- *         possible to call this function.
- */
-psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
-                                        size_t seed_size);
-
-/** \addtogroup crypto_types
- * @{
- */
-
-/** DSA public key.
- *
- * The import and export format is the
- * representation of the public key `y = g^x mod p` as a big-endian byte
- * string. The length of the byte string is the length of the base prime `p`
- * in bytes.
- */
-#define PSA_KEY_TYPE_DSA_PUBLIC_KEY                 ((psa_key_type_t)0x4002)
-
-/** DSA key pair (private and public key).
- *
- * The import and export format is the
- * representation of the private key `x` as a big-endian byte string. The
- * length of the byte string is the private key size in bytes (leading zeroes
- * are not stripped).
- *
- * Determinstic DSA key derivation with psa_generate_derived_key follows
- * FIPS 186-4 &sect;B.1.2: interpret the byte string as integer
- * in big-endian order. Discard it if it is not in the range
- * [0, *N* - 2] where *N* is the boundary of the private key domain
- * (the prime *p* for Diffie-Hellman, the subprime *q* for DSA,
- * or the order of the curve's base point for ECC).
- * Add 1 to the resulting integer and use this as the private key *x*.
- *
- */
-#define PSA_KEY_TYPE_DSA_KEY_PAIR                    ((psa_key_type_t)0x7002)
-
-/** Whether a key type is an DSA key (pair or public-only). */
-#define PSA_KEY_TYPE_IS_DSA(type)                                       \
-    (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
-
-#define PSA_ALG_DSA_BASE                        ((psa_algorithm_t)0x06000400)
-/** DSA signature with hashing.
- *
- * This is the signature scheme defined by FIPS 186-4,
- * with a random per-message secret number (*k*).
- *
- * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
- *                      This includes #PSA_ALG_ANY_HASH
- *                      when specifying the algorithm in a usage policy.
- *
- * \return              The corresponding DSA signature algorithm.
- * \return              Unspecified if \p hash_alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_DSA(hash_alg)                             \
-    (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_DETERMINISTIC_DSA_BASE          ((psa_algorithm_t)0x06000500)
-#define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG
-/** Deterministic DSA signature with hashing.
- *
- * This is the deterministic variant defined by RFC 6979 of
- * the signature scheme defined by FIPS 186-4.
- *
- * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
- *                      This includes #PSA_ALG_ANY_HASH
- *                      when specifying the algorithm in a usage policy.
- *
- * \return              The corresponding DSA signature algorithm.
- * \return              Unspecified if \p hash_alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_DETERMINISTIC_DSA(hash_alg)                             \
-    (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_IS_DSA(alg)                                             \
-    (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) ==  \
-     PSA_ALG_DSA_BASE)
-#define PSA_ALG_DSA_IS_DETERMINISTIC(alg)               \
-    (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
-#define PSA_ALG_IS_DETERMINISTIC_DSA(alg)                       \
-    (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg))
-#define PSA_ALG_IS_RANDOMIZED_DSA(alg)                          \
-    (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg))
-
-
-/* We need to expand the sample definition of this macro from
- * the API definition. */
-#undef PSA_ALG_IS_HASH_AND_SIGN
-#define PSA_ALG_IS_HASH_AND_SIGN(alg)                                   \
-    (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) ||    \
-     PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg))
-
-/**@}*/
-
-/** \addtogroup attributes
- * @{
- */
-
-/** Custom Diffie-Hellman group.
- *
- * For keys of type #PSA_KEY_TYPE_DH_PUBLIC_KEY(#PSA_DH_FAMILY_CUSTOM) or
- * #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_FAMILY_CUSTOM), the group data comes
- * from domain parameters set by psa_set_key_domain_parameters().
- */
-#define PSA_DH_FAMILY_CUSTOM             ((psa_dh_family_t) 0x7e)
-
-
-/**
- * \brief Set domain parameters for a key.
- *
- * Some key types require additional domain parameters in addition to
- * the key type identifier and the key size. Use this function instead
- * of psa_set_key_type() when you need to specify domain parameters.
- *
- * The format for the required domain parameters varies based on the key type.
- *
- * - For RSA keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY or #PSA_KEY_TYPE_RSA_KEY_PAIR),
- *   the domain parameter data consists of the public exponent,
- *   represented as a big-endian integer with no leading zeros.
- *   This information is used when generating an RSA key pair.
- *   When importing a key, the public exponent is read from the imported
- *   key data and the exponent recorded in the attribute structure is ignored.
- *   As an exception, the public exponent 65537 is represented by an empty
- *   byte string.
- * - For DSA keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY or #PSA_KEY_TYPE_DSA_KEY_PAIR),
- *   the `Dss-Parms` format as defined by RFC 3279 &sect;2.3.2.
- *   ```
- *   Dss-Parms ::= SEQUENCE  {
- *      p       INTEGER,
- *      q       INTEGER,
- *      g       INTEGER
- *   }
- *   ```
- * - For Diffie-Hellman key exchange keys
- *   (#PSA_KEY_TYPE_DH_PUBLIC_KEY(#PSA_DH_FAMILY_CUSTOM) or
- *   #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_FAMILY_CUSTOM)), the
- *   `DomainParameters` format as defined by RFC 3279 &sect;2.3.3.
- *   ```
- *   DomainParameters ::= SEQUENCE {
- *      p               INTEGER,                    -- odd prime, p=jq +1
- *      g               INTEGER,                    -- generator, g
- *      q               INTEGER,                    -- factor of p-1
- *      j               INTEGER OPTIONAL,           -- subgroup factor
- *      validationParms ValidationParms OPTIONAL
- *   }
- *   ValidationParms ::= SEQUENCE {
- *      seed            BIT STRING,
- *      pgenCounter     INTEGER
- *   }
- *   ```
- *
- * \note This function may allocate memory or other resources.
- *       Once you have called this function on an attribute structure,
- *       you must call psa_reset_key_attributes() to free these resources.
- *
- * \note This is an experimental extension to the interface. It may change
- *       in future versions of the library.
- *
- * \param[in,out] attributes    Attribute structure where the specified domain
- *                              parameters will be stored.
- *                              If this function fails, the content of
- *                              \p attributes is not modified.
- * \param type                  Key type (a \c PSA_KEY_TYPE_XXX value).
- * \param[in] data              Buffer containing the key domain parameters.
- *                              The content of this buffer is interpreted
- *                              according to \p type as described above.
- * \param data_length           Size of the \p data buffer in bytes.
- *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- * \retval #PSA_ERROR_NOT_SUPPORTED
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- */
-psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes,
-                                           psa_key_type_t type,
-                                           const uint8_t *data,
-                                           size_t data_length);
-
-/**
- * \brief Get domain parameters for a key.
- *
- * Get the domain parameters for a key with this function, if any. The format
- * of the domain parameters written to \p data is specified in the
- * documentation for psa_set_key_domain_parameters().
- *
- * \note This is an experimental extension to the interface. It may change
- *       in future versions of the library.
- *
- * \param[in] attributes        The key attribute structure to query.
- * \param[out] data             On success, the key domain parameters.
- * \param data_size             Size of the \p data buffer in bytes.
- *                              The buffer is guaranteed to be large
- *                              enough if its size in bytes is at least
- *                              the value given by
- *                              PSA_KEY_DOMAIN_PARAMETERS_SIZE().
- * \param[out] data_length      On success, the number of bytes
- *                              that make up the key domain parameters data.
- *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_BUFFER_TOO_SMALL
- */
-psa_status_t psa_get_key_domain_parameters(
-    const psa_key_attributes_t *attributes,
-    uint8_t *data,
-    size_t data_size,
-    size_t *data_length);
-
-/** Safe output buffer size for psa_get_key_domain_parameters().
- *
- * This macro returns a compile-time constant if its arguments are
- * compile-time constants.
- *
- * \warning This function may call its arguments multiple times or
- *          zero times, so you should not pass arguments that contain
- *          side effects.
- *
- * \note This is an experimental extension to the interface. It may change
- *       in future versions of the library.
- *
- * \param key_type  A supported key type.
- * \param key_bits  The size of the key in bits.
- *
- * \return If the parameters are valid and supported, return
- *         a buffer size in bytes that guarantees that
- *         psa_get_key_domain_parameters() will not fail with
- *         #PSA_ERROR_BUFFER_TOO_SMALL.
- *         If the parameters are a valid combination that is not supported
- *         by the implementation, this macro shall return either a
- *         sensible size or 0.
- *         If the parameters are not valid, the
- *         return value is unspecified.
- */
-#define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits)              \
-    (PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) :                      \
-     PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
-     PSA_KEY_TYPE_IS_DSA(key_type) ? PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
-     0)
-#define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits)     \
-    (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 3 /*without optional parts*/)
-#define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits)    \
-    (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 2 /*p, g*/ + 34 /*q*/)
-
-/**@}*/
-
-/** \defgroup psa_tls_helpers TLS helper functions
- * @{
- */
-
-#if defined(MBEDTLS_ECP_C)
-#include <mbedtls/ecp.h>
-
-/** Convert an ECC curve identifier from the Mbed TLS encoding to PSA.
- *
- * \note This function is provided solely for the convenience of
- *       Mbed TLS and may be removed at any time without notice.
- *
- * \param grpid         An Mbed TLS elliptic curve identifier
- *                      (`MBEDTLS_ECP_DP_xxx`).
- * \param[out] bits     On success, the bit size of the curve.
- *
- * \return              The corresponding PSA elliptic curve identifier
- *                      (`PSA_ECC_FAMILY_xxx`).
- * \return              \c 0 on failure (\p grpid is not recognized).
- */
-static inline psa_ecc_family_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid,
-                                                        size_t *bits )
-{
-    switch( grpid )
-    {
-        case MBEDTLS_ECP_DP_SECP192R1:
-            *bits = 192;
-            return( PSA_ECC_FAMILY_SECP_R1 );
-        case MBEDTLS_ECP_DP_SECP224R1:
-            *bits = 224;
-            return( PSA_ECC_FAMILY_SECP_R1 );
-        case MBEDTLS_ECP_DP_SECP256R1:
-            *bits = 256;
-            return( PSA_ECC_FAMILY_SECP_R1 );
-        case MBEDTLS_ECP_DP_SECP384R1:
-            *bits = 384;
-            return( PSA_ECC_FAMILY_SECP_R1 );
-        case MBEDTLS_ECP_DP_SECP521R1:
-            *bits = 521;
-            return( PSA_ECC_FAMILY_SECP_R1 );
-        case MBEDTLS_ECP_DP_BP256R1:
-            *bits = 256;
-            return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 );
-        case MBEDTLS_ECP_DP_BP384R1:
-            *bits = 384;
-            return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 );
-        case MBEDTLS_ECP_DP_BP512R1:
-            *bits = 512;
-            return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 );
-        case MBEDTLS_ECP_DP_CURVE25519:
-            *bits = 255;
-            return( PSA_ECC_FAMILY_MONTGOMERY );
-        case MBEDTLS_ECP_DP_SECP192K1:
-            *bits = 192;
-            return( PSA_ECC_FAMILY_SECP_K1 );
-        case MBEDTLS_ECP_DP_SECP224K1:
-            *bits = 224;
-            return( PSA_ECC_FAMILY_SECP_K1 );
-        case MBEDTLS_ECP_DP_SECP256K1:
-            *bits = 256;
-            return( PSA_ECC_FAMILY_SECP_K1 );
-        case MBEDTLS_ECP_DP_CURVE448:
-            *bits = 448;
-            return( PSA_ECC_FAMILY_MONTGOMERY );
-        default:
-            *bits = 0;
-            return( 0 );
-    }
-}
-
-/** Convert an ECC curve identifier from the PSA encoding to Mbed TLS.
- *
- * \note This function is provided solely for the convenience of
- *       Mbed TLS and may be removed at any time without notice.
- *
- * \param curve         A PSA elliptic curve identifier
- *                      (`PSA_ECC_FAMILY_xxx`).
- * \param byte_length   The byte-length of a private key on \p curve.
- *
- * \return              The corresponding Mbed TLS elliptic curve identifier
- *                      (`MBEDTLS_ECP_DP_xxx`).
- * \return              #MBEDTLS_ECP_DP_NONE if \c curve is not recognized.
- * \return              #MBEDTLS_ECP_DP_NONE if \p byte_length is not
- *                      correct for \p curve.
- */
-mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve,
-                                               size_t byte_length );
-#endif /* MBEDTLS_ECP_C */
-
-/**@}*/
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* PSA_CRYPTO_EXTRA_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/psa/crypto_platform.h b/3rdparty/mbedtls-2.25.0/include/psa/crypto_platform.h
deleted file mode 100644
index 567398d..0000000
--- a/3rdparty/mbedtls-2.25.0/include/psa/crypto_platform.h
+++ /dev/null
@@ -1,84 +0,0 @@
-/**
- * \file psa/crypto_platform.h
- *
- * \brief PSA cryptography module: Mbed TLS platform definitions
- *
- * \note This file may not be included directly. Applications must
- * include psa/crypto.h.
- *
- * This file contains platform-dependent type definitions.
- *
- * In implementations with isolation between the application and the
- * cryptography module, implementers should take care to ensure that
- * the definitions that are exposed to applications match what the
- * module implements.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_PLATFORM_H
-#define PSA_CRYPTO_PLATFORM_H
-
-/* Include the Mbed TLS configuration file, the way Mbed TLS does it
- * in each of its header files. */
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-/* Translate between classic MBEDTLS_xxx feature symbols and PSA_xxx
- * feature symbols. */
-#include "mbedtls/config_psa.h"
-
-/* PSA requires several types which C99 provides in stdint.h. */
-#include <stdint.h>
-
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
-    !defined(inline) && !defined(__cplusplus)
-#define inline __inline
-#endif
-
-#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
-
-/* Building for the PSA Crypto service on a PSA platform, a key owner is a PSA
- * partition identifier.
- *
- * The function psa_its_identifier_of_slot() in psa_crypto_storage.c that
- * translates a key identifier to a key storage file name assumes that
- * mbedtls_key_owner_id_t is an 32 bits integer. This function thus needs
- * reworking if mbedtls_key_owner_id_t is not defined as a 32 bits integer
- * here anymore.
- */
-typedef int32_t mbedtls_key_owner_id_t;
-
-/** Compare two key owner identifiers.
- *
- * \param id1 First key owner identifier.
- * \param id2 Second key owner identifier.
- *
- * \return Non-zero if the two key owner identifiers are equal, zero otherwise.
- */
-static inline int mbedtls_key_owner_id_equal( mbedtls_key_owner_id_t id1,
-                                              mbedtls_key_owner_id_t id2 )
-{
-    return( id1 == id2 );
-}
-
-#endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
-
-#endif /* PSA_CRYPTO_PLATFORM_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/psa/crypto_sizes.h b/3rdparty/mbedtls-2.25.0/include/psa/crypto_sizes.h
deleted file mode 100644
index 3df01b2..0000000
--- a/3rdparty/mbedtls-2.25.0/include/psa/crypto_sizes.h
+++ /dev/null
@@ -1,747 +0,0 @@
-/**
- * \file psa/crypto_sizes.h
- *
- * \brief PSA cryptography module: Mbed TLS buffer size macros
- *
- * \note This file may not be included directly. Applications must
- * include psa/crypto.h.
- *
- * This file contains the definitions of macros that are useful to
- * compute buffer sizes. The signatures and semantics of these macros
- * are standardized, but the definitions are not, because they depend on
- * the available algorithms and, in some cases, on permitted tolerances
- * on buffer sizes.
- *
- * In implementations with isolation between the application and the
- * cryptography module, implementers should take care to ensure that
- * the definitions that are exposed to applications match what the
- * module implements.
- *
- * Macros that compute sizes whose values do not depend on the
- * implementation are in crypto.h.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_SIZES_H
-#define PSA_CRYPTO_SIZES_H
-
-/* Include the Mbed TLS configuration file, the way Mbed TLS does it
- * in each of its header files. */
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8)
-#define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8)
-
-#define PSA_ROUND_UP_TO_MULTIPLE(block_size, length) \
-    (((length) + (block_size) - 1) / (block_size) * (block_size))
-
-/** The size of the output of psa_hash_finish(), in bytes.
- *
- * This is also the hash size that psa_hash_verify() expects.
- *
- * \param alg   A hash algorithm (\c PSA_ALG_XXX value such that
- *              #PSA_ALG_IS_HASH(\p alg) is true), or an HMAC algorithm
- *              (#PSA_ALG_HMAC(\c hash_alg) where \c hash_alg is a
- *              hash algorithm).
- *
- * \return The hash size for the specified hash algorithm.
- *         If the hash algorithm is not recognized, return 0.
- *         An implementation may return either 0 or the correct size
- *         for a hash algorithm that it recognizes, but does not support.
- */
-#define PSA_HASH_SIZE(alg)                                      \
-    (                                                           \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 :            \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 16 :            \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 :            \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 :      \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 :          \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28 :        \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32 :        \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48 :        \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64 :        \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 :    \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 :    \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28 :       \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32 :       \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48 :       \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64 :       \
-        0)
-
-/** \def PSA_HASH_MAX_SIZE
- *
- * Maximum size of a hash.
- *
- * This macro must expand to a compile-time constant integer. This value
- * should be the maximum size of a hash supported by the implementation,
- * in bytes, and must be no smaller than this maximum.
- */
-/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-226,
- * 136 bytes for HMAC-SHA3-256, 104 bytes for SHA3-384, 72 bytes for
- * HMAC-SHA3-512. */
-#if defined(MBEDTLS_SHA512_C)
-#define PSA_HASH_MAX_SIZE 64
-#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128
-#else
-#define PSA_HASH_MAX_SIZE 32
-#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64
-#endif
-
-/** \def PSA_MAC_MAX_SIZE
- *
- * Maximum size of a MAC.
- *
- * This macro must expand to a compile-time constant integer. This value
- * should be the maximum size of a MAC supported by the implementation,
- * in bytes, and must be no smaller than this maximum.
- */
-/* All non-HMAC MACs have a maximum size that's smaller than the
- * minimum possible value of PSA_HASH_MAX_SIZE in this implementation. */
-/* Note that the encoding of truncated MAC algorithms limits this value
- * to 64 bytes.
- */
-#define PSA_MAC_MAX_SIZE PSA_HASH_MAX_SIZE
-
-/** The tag size for an AEAD algorithm, in bytes.
- *
- * \param alg                 An AEAD algorithm
- *                            (\c PSA_ALG_XXX value such that
- *                            #PSA_ALG_IS_AEAD(\p alg) is true).
- *
- * \return                    The tag size for the specified algorithm.
- *                            If the AEAD algorithm does not have an identified
- *                            tag that can be distinguished from the rest of
- *                            the ciphertext, return 0.
- *                            If the AEAD algorithm is not recognized, return 0.
- *                            An implementation may return either 0 or a
- *                            correct size for an AEAD algorithm that it
- *                            recognizes, but does not support.
- */
-#define PSA_AEAD_TAG_LENGTH(alg)                                        \
-    (PSA_ALG_IS_AEAD(alg) ?                                             \
-     (((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET) : \
-     0)
-
-/* The maximum size of an RSA key on this implementation, in bits.
- * This is a vendor-specific macro.
- *
- * Mbed TLS does not set a hard limit on the size of RSA keys: any key
- * whose parameters fit in a bignum is accepted. However large keys can
- * induce a large memory usage and long computation times. Unlike other
- * auxiliary macros in this file and in crypto.h, which reflect how the
- * library is configured, this macro defines how the library is
- * configured. This implementation refuses to import or generate an
- * RSA key whose size is larger than the value defined here.
- *
- * Note that an implementation may set different size limits for different
- * operations, and does not need to accept all key sizes up to the limit. */
-#define PSA_VENDOR_RSA_MAX_KEY_BITS 4096
-
-/* The maximum size of an ECC key on this implementation, in bits.
- * This is a vendor-specific macro. */
-#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
-#define PSA_VENDOR_ECC_MAX_CURVE_BITS 521
-#elif defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
-#define PSA_VENDOR_ECC_MAX_CURVE_BITS 512
-#elif defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
-#define PSA_VENDOR_ECC_MAX_CURVE_BITS 448
-#elif defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
-#define PSA_VENDOR_ECC_MAX_CURVE_BITS 384
-#elif defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
-#define PSA_VENDOR_ECC_MAX_CURVE_BITS 384
-#elif defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
-#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256
-#elif defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
-#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256
-#elif defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
-#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256
-#elif defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
-#define PSA_VENDOR_ECC_MAX_CURVE_BITS 255
-#elif defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
-#define PSA_VENDOR_ECC_MAX_CURVE_BITS 224
-#elif defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
-#define PSA_VENDOR_ECC_MAX_CURVE_BITS 224
-#elif defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
-#define PSA_VENDOR_ECC_MAX_CURVE_BITS 192
-#elif defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
-#define PSA_VENDOR_ECC_MAX_CURVE_BITS 192
-#else
-#define PSA_VENDOR_ECC_MAX_CURVE_BITS 0
-#endif
-
-/** \def PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN
- *
- * This macro returns the maximum length of the PSK supported
- * by the TLS-1.2 PSK-to-MS key derivation.
- *
- * Quoting RFC 4279, Sect 5.3:
- * TLS implementations supporting these ciphersuites MUST support
- * arbitrary PSK identities up to 128 octets in length, and arbitrary
- * PSKs up to 64 octets in length.  Supporting longer identities and
- * keys is RECOMMENDED.
- *
- * Therefore, no implementation should define a value smaller than 64
- * for #PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN.
- */
-#define PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN 128
-
-/** The maximum size of a block cipher supported by the implementation. */
-#define PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE 16
-
-/** The size of the output of psa_mac_sign_finish(), in bytes.
- *
- * This is also the MAC size that psa_mac_verify_finish() expects.
- *
- * \param key_type      The type of the MAC key.
- * \param key_bits      The size of the MAC key in bits.
- * \param alg           A MAC algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_MAC(\p alg) is true).
- *
- * \return              The MAC size for the specified algorithm with
- *                      the specified key parameters.
- * \return              0 if the MAC algorithm is not recognized.
- * \return              Either 0 or the correct size for a MAC algorithm that
- *                      the implementation recognizes, but does not support.
- * \return              Unspecified if the key parameters are not consistent
- *                      with the algorithm.
- */
-#define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg)                     \
-    ((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) : \
-     PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_GET_HASH(alg)) : \
-     PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \
-     ((void)(key_type), (void)(key_bits), 0))
-
-/** The maximum size of the output of psa_aead_encrypt(), in bytes.
- *
- * If the size of the ciphertext buffer is at least this large, it is
- * guaranteed that psa_aead_encrypt() will not fail due to an
- * insufficient buffer size. Depending on the algorithm, the actual size of
- * the ciphertext may be smaller.
- *
- * \param alg                 An AEAD algorithm
- *                            (\c PSA_ALG_XXX value such that
- *                            #PSA_ALG_IS_AEAD(\p alg) is true).
- * \param plaintext_length    Size of the plaintext in bytes.
- *
- * \return                    The AEAD ciphertext size for the specified
- *                            algorithm.
- *                            If the AEAD algorithm is not recognized, return 0.
- *                            An implementation may return either 0 or a
- *                            correct size for an AEAD algorithm that it
- *                            recognizes, but does not support.
- */
-#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length)       \
-    (PSA_AEAD_TAG_LENGTH(alg) != 0 ?                              \
-     (plaintext_length) + PSA_AEAD_TAG_LENGTH(alg) :              \
-     0)
-
-/** The maximum size of the output of psa_aead_decrypt(), in bytes.
- *
- * If the size of the plaintext buffer is at least this large, it is
- * guaranteed that psa_aead_decrypt() will not fail due to an
- * insufficient buffer size. Depending on the algorithm, the actual size of
- * the plaintext may be smaller.
- *
- * \param alg                 An AEAD algorithm
- *                            (\c PSA_ALG_XXX value such that
- *                            #PSA_ALG_IS_AEAD(\p alg) is true).
- * \param ciphertext_length   Size of the plaintext in bytes.
- *
- * \return                    The AEAD ciphertext size for the specified
- *                            algorithm.
- *                            If the AEAD algorithm is not recognized, return 0.
- *                            An implementation may return either 0 or a
- *                            correct size for an AEAD algorithm that it
- *                            recognizes, but does not support.
- */
-#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length)      \
-    (PSA_AEAD_TAG_LENGTH(alg) != 0 ?                              \
-     (ciphertext_length) - PSA_AEAD_TAG_LENGTH(alg) :             \
-     0)
-
-/** A sufficient output buffer size for psa_aead_update().
- *
- * If the size of the output buffer is at least this large, it is
- * guaranteed that psa_aead_update() will not fail due to an
- * insufficient buffer size. The actual size of the output may be smaller
- * in any given call.
- *
- * \param alg                 An AEAD algorithm
- *                            (\c PSA_ALG_XXX value such that
- *                            #PSA_ALG_IS_AEAD(\p alg) is true).
- * \param input_length        Size of the input in bytes.
- *
- * \return                    A sufficient output buffer size for the specified
- *                            algorithm.
- *                            If the AEAD algorithm is not recognized, return 0.
- *                            An implementation may return either 0 or a
- *                            correct size for an AEAD algorithm that it
- *                            recognizes, but does not support.
- */
-/* For all the AEAD modes defined in this specification, it is possible
- * to emit output without delay. However, hardware may not always be
- * capable of this. So for modes based on a block cipher, allow the
- * implementation to delay the output until it has a full block. */
-#define PSA_AEAD_UPDATE_OUTPUT_SIZE(alg, input_length)                  \
-    (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ?                             \
-     PSA_ROUND_UP_TO_MULTIPLE(PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE, (input_length)) : \
-     (input_length))
-
-/** A sufficient ciphertext buffer size for psa_aead_finish().
- *
- * If the size of the ciphertext buffer is at least this large, it is
- * guaranteed that psa_aead_finish() will not fail due to an
- * insufficient ciphertext buffer size. The actual size of the output may
- * be smaller in any given call.
- *
- * \param alg                 An AEAD algorithm
- *                            (\c PSA_ALG_XXX value such that
- *                            #PSA_ALG_IS_AEAD(\p alg) is true).
- *
- * \return                    A sufficient ciphertext buffer size for the
- *                            specified algorithm.
- *                            If the AEAD algorithm is not recognized, return 0.
- *                            An implementation may return either 0 or a
- *                            correct size for an AEAD algorithm that it
- *                            recognizes, but does not support.
- */
-#define PSA_AEAD_FINISH_OUTPUT_SIZE(alg)                                \
-    (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ?                             \
-     PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE :                                  \
-     0)
-
-/** A sufficient plaintext buffer size for psa_aead_verify().
- *
- * If the size of the plaintext buffer is at least this large, it is
- * guaranteed that psa_aead_verify() will not fail due to an
- * insufficient plaintext buffer size. The actual size of the output may
- * be smaller in any given call.
- *
- * \param alg                 An AEAD algorithm
- *                            (\c PSA_ALG_XXX value such that
- *                            #PSA_ALG_IS_AEAD(\p alg) is true).
- *
- * \return                    A sufficient plaintext buffer size for the
- *                            specified algorithm.
- *                            If the AEAD algorithm is not recognized, return 0.
- *                            An implementation may return either 0 or a
- *                            correct size for an AEAD algorithm that it
- *                            recognizes, but does not support.
- */
-#define PSA_AEAD_VERIFY_OUTPUT_SIZE(alg)                                \
-    (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ?                             \
-     PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE :                                  \
-     0)
-
-#define PSA_RSA_MINIMUM_PADDING_SIZE(alg)                         \
-    (PSA_ALG_IS_RSA_OAEP(alg) ?                                   \
-     2 * PSA_HASH_SIZE(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 :      \
-     11 /*PKCS#1v1.5*/)
-
-/**
- * \brief ECDSA signature size for a given curve bit size
- *
- * \param curve_bits    Curve size in bits.
- * \return              Signature size in bytes.
- *
- * \note This macro returns a compile-time constant if its argument is one.
- */
-#define PSA_ECDSA_SIGNATURE_SIZE(curve_bits)    \
-    (PSA_BITS_TO_BYTES(curve_bits) * 2)
-
-/** Sufficient signature buffer size for psa_sign_hash().
- *
- * This macro returns a sufficient buffer size for a signature using a key
- * of the specified type and size, with the specified algorithm.
- * Note that the actual size of the signature may be smaller
- * (some algorithms produce a variable-size signature).
- *
- * \warning This function may call its arguments multiple times or
- *          zero times, so you should not pass arguments that contain
- *          side effects.
- *
- * \param key_type  An asymmetric key type (this may indifferently be a
- *                  key pair type or a public key type).
- * \param key_bits  The size of the key in bits.
- * \param alg       The signature algorithm.
- *
- * \return If the parameters are valid and supported, return
- *         a buffer size in bytes that guarantees that
- *         psa_sign_hash() will not fail with
- *         #PSA_ERROR_BUFFER_TOO_SMALL.
- *         If the parameters are a valid combination that is not supported
- *         by the implementation, this macro shall return either a
- *         sensible size or 0.
- *         If the parameters are not valid, the
- *         return value is unspecified.
- */
-#define PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg)        \
-    (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \
-     PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \
-     ((void)alg, 0))
-
-#define PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE     \
-    PSA_ECDSA_SIGNATURE_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)
-
-/** \def PSA_SIGNATURE_MAX_SIZE
- *
- * Maximum size of an asymmetric signature.
- *
- * This macro must expand to a compile-time constant integer. This value
- * should be the maximum size of a signature supported by the implementation,
- * in bytes, and must be no smaller than this maximum.
- */
-#define PSA_SIGNATURE_MAX_SIZE                               \
-    (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) > PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE ? \
-     PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) :                   \
-     PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE)
-
-/** Sufficient output buffer size for psa_asymmetric_encrypt().
- *
- * This macro returns a sufficient buffer size for a ciphertext produced using
- * a key of the specified type and size, with the specified algorithm.
- * Note that the actual size of the ciphertext may be smaller, depending
- * on the algorithm.
- *
- * \warning This function may call its arguments multiple times or
- *          zero times, so you should not pass arguments that contain
- *          side effects.
- *
- * \param key_type  An asymmetric key type (this may indifferently be a
- *                  key pair type or a public key type).
- * \param key_bits  The size of the key in bits.
- * \param alg       The asymmetric encryption algorithm.
- *
- * \return If the parameters are valid and supported, return
- *         a buffer size in bytes that guarantees that
- *         psa_asymmetric_encrypt() will not fail with
- *         #PSA_ERROR_BUFFER_TOO_SMALL.
- *         If the parameters are a valid combination that is not supported
- *         by the implementation, this macro shall return either a
- *         sensible size or 0.
- *         If the parameters are not valid, the
- *         return value is unspecified.
- */
-#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg)     \
-    (PSA_KEY_TYPE_IS_RSA(key_type) ?                                    \
-     ((void)alg, PSA_BITS_TO_BYTES(key_bits)) :                         \
-     0)
-
-/** Sufficient output buffer size for psa_asymmetric_decrypt().
- *
- * This macro returns a sufficient buffer size for a plaintext produced using
- * a key of the specified type and size, with the specified algorithm.
- * Note that the actual size of the plaintext may be smaller, depending
- * on the algorithm.
- *
- * \warning This function may call its arguments multiple times or
- *          zero times, so you should not pass arguments that contain
- *          side effects.
- *
- * \param key_type  An asymmetric key type (this may indifferently be a
- *                  key pair type or a public key type).
- * \param key_bits  The size of the key in bits.
- * \param alg       The asymmetric encryption algorithm.
- *
- * \return If the parameters are valid and supported, return
- *         a buffer size in bytes that guarantees that
- *         psa_asymmetric_decrypt() will not fail with
- *         #PSA_ERROR_BUFFER_TOO_SMALL.
- *         If the parameters are a valid combination that is not supported
- *         by the implementation, this macro shall return either a
- *         sensible size or 0.
- *         If the parameters are not valid, the
- *         return value is unspecified.
- */
-#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg)     \
-    (PSA_KEY_TYPE_IS_RSA(key_type) ?                                    \
-     PSA_BITS_TO_BYTES(key_bits) - PSA_RSA_MINIMUM_PADDING_SIZE(alg) :  \
-     0)
-
-/* Maximum size of the ASN.1 encoding of an INTEGER with the specified
- * number of bits.
- *
- * This definition assumes that bits <= 2^19 - 9 so that the length field
- * is at most 3 bytes. The length of the encoding is the length of the
- * bit string padded to a whole number of bytes plus:
- * - 1 type byte;
- * - 1 to 3 length bytes;
- * - 0 to 1 bytes of leading 0 due to the sign bit.
- */
-#define PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(bits)      \
-    ((bits) / 8 + 5)
-
-/* Maximum size of the export encoding of an RSA public key.
- * Assumes that the public exponent is less than 2^32.
- *
- * RSAPublicKey  ::=  SEQUENCE  {
- *    modulus            INTEGER,    -- n
- *    publicExponent     INTEGER  }  -- e
- *
- * - 4 bytes of SEQUENCE overhead;
- * - n : INTEGER;
- * - 7 bytes for the public exponent.
- */
-#define PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits)        \
-    (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) + 11)
-
-/* Maximum size of the export encoding of an RSA key pair.
- * Assumes thatthe public exponent is less than 2^32 and that the size
- * difference between the two primes is at most 1 bit.
- *
- * RSAPrivateKey ::= SEQUENCE {
- *     version           Version,  -- 0
- *     modulus           INTEGER,  -- N-bit
- *     publicExponent    INTEGER,  -- 32-bit
- *     privateExponent   INTEGER,  -- N-bit
- *     prime1            INTEGER,  -- N/2-bit
- *     prime2            INTEGER,  -- N/2-bit
- *     exponent1         INTEGER,  -- N/2-bit
- *     exponent2         INTEGER,  -- N/2-bit
- *     coefficient       INTEGER,  -- N/2-bit
- * }
- *
- * - 4 bytes of SEQUENCE overhead;
- * - 3 bytes of version;
- * - 7 half-size INTEGERs plus 2 full-size INTEGERs,
- *   overapproximated as 9 half-size INTEGERS;
- * - 7 bytes for the public exponent.
- */
-#define PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits)   \
-    (9 * PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE((key_bits) / 2 + 1) + 14)
-
-/* Maximum size of the export encoding of a DSA public key.
- *
- * SubjectPublicKeyInfo  ::=  SEQUENCE  {
- *      algorithm            AlgorithmIdentifier,
- *      subjectPublicKey     BIT STRING  } -- contains DSAPublicKey
- * AlgorithmIdentifier  ::=  SEQUENCE  {
- *      algorithm               OBJECT IDENTIFIER,
- *      parameters              Dss-Parms  } -- SEQUENCE of 3 INTEGERs
- * DSAPublicKey  ::=  INTEGER -- public key, Y
- *
- * - 3 * 4 bytes of SEQUENCE overhead;
- * - 1 + 1 + 7 bytes of algorithm (DSA OID);
- * - 4 bytes of BIT STRING overhead;
- * - 3 full-size INTEGERs (p, g, y);
- * - 1 + 1 + 32 bytes for 1 sub-size INTEGER (q <= 256 bits).
- */
-#define PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits)        \
-    (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3 + 59)
-
-/* Maximum size of the export encoding of a DSA key pair.
- *
- * DSAPrivateKey ::= SEQUENCE {
- *     version             Version,  -- 0
- *     prime               INTEGER,  -- p
- *     subprime            INTEGER,  -- q
- *     generator           INTEGER,  -- g
- *     public              INTEGER,  -- y
- *     private             INTEGER,  -- x
- * }
- *
- * - 4 bytes of SEQUENCE overhead;
- * - 3 bytes of version;
- * - 3 full-size INTEGERs (p, g, y);
- * - 2 * (1 + 1 + 32) bytes for 2 sub-size INTEGERs (q, x <= 256 bits).
- */
-#define PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits)   \
-    (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3 + 75)
-
-/* Maximum size of the export encoding of an ECC public key.
- *
- * The representation of an ECC public key is:
- *      - The byte 0x04;
- *      - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
- *      - `y_P` as a `ceiling(m/8)`-byte string, big-endian;
- *      - where m is the bit size associated with the curve.
- *
- * - 1 byte + 2 * point size.
- */
-#define PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits)        \
-    (2 * PSA_BITS_TO_BYTES(key_bits) + 1)
-
-/* Maximum size of the export encoding of an ECC key pair.
- *
- * An ECC key pair is represented by the secret value.
- */
-#define PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits)   \
-    (PSA_BITS_TO_BYTES(key_bits))
-
-/** Sufficient output buffer size for psa_export_key() or psa_export_public_key().
- *
- * This macro returns a compile-time constant if its arguments are
- * compile-time constants.
- *
- * \warning This function may call its arguments multiple times or
- *          zero times, so you should not pass arguments that contain
- *          side effects.
- *
- * The following code illustrates how to allocate enough memory to export
- * a key by querying the key type and size at runtime.
- * \code{c}
- * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- * psa_status_t status;
- * status = psa_get_key_attributes(key, &attributes);
- * if (status != PSA_SUCCESS) handle_error(...);
- * psa_key_type_t key_type = psa_get_key_type(&attributes);
- * size_t key_bits = psa_get_key_bits(&attributes);
- * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits);
- * psa_reset_key_attributes(&attributes);
- * uint8_t *buffer = malloc(buffer_size);
- * if (buffer == NULL) handle_error(...);
- * size_t buffer_length;
- * status = psa_export_key(key, buffer, buffer_size, &buffer_length);
- * if (status != PSA_SUCCESS) handle_error(...);
- * \endcode
- *
- * For psa_export_public_key(), calculate the buffer size from the
- * public key type. You can use the macro #PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR
- * to convert a key pair type to the corresponding public key type.
- * \code{c}
- * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- * psa_status_t status;
- * status = psa_get_key_attributes(key, &attributes);
- * if (status != PSA_SUCCESS) handle_error(...);
- * psa_key_type_t key_type = psa_get_key_type(&attributes);
- * psa_key_type_t public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(key_type);
- * size_t key_bits = psa_get_key_bits(&attributes);
- * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(public_key_type, key_bits);
- * psa_reset_key_attributes(&attributes);
- * uint8_t *buffer = malloc(buffer_size);
- * if (buffer == NULL) handle_error(...);
- * size_t buffer_length;
- * status = psa_export_public_key(key, buffer, buffer_size, &buffer_length);
- * if (status != PSA_SUCCESS) handle_error(...);
- * \endcode
- *
- * \param key_type  A supported key type.
- * \param key_bits  The size of the key in bits.
- *
- * \return If the parameters are valid and supported, return
- *         a buffer size in bytes that guarantees that
- *         psa_sign_hash() will not fail with
- *         #PSA_ERROR_BUFFER_TOO_SMALL.
- *         If the parameters are a valid combination that is not supported
- *         by the implementation, this macro shall return either a
- *         sensible size or 0.
- *         If the parameters are not valid, the
- *         return value is unspecified.
- */
-#define PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits)                     \
-    (PSA_KEY_TYPE_IS_UNSTRUCTURED(key_type) ? PSA_BITS_TO_BYTES(key_bits) : \
-     (key_type) == PSA_KEY_TYPE_RSA_KEY_PAIR ? PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits) : \
-     (key_type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY ? PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \
-     (key_type) == PSA_KEY_TYPE_DSA_KEY_PAIR ? PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits) : \
-     (key_type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY ? PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \
-     PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type) ? PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) : \
-     PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \
-     0)
-
-/** The default nonce size for an AEAD algorithm, in bytes.
- *
- * This macro can be used to allocate a buffer of sufficient size to
- * store the nonce output from #psa_aead_generate_nonce().
- *
- * See also #PSA_AEAD_NONCE_MAX_SIZE.
- *
- * \note This is not the maximum size of nonce supported as input to #psa_aead_set_nonce(),
- *       #psa_aead_encrypt() or #psa_aead_decrypt(), just the default size that is generated by
- *       #psa_aead_generate_nonce().
- *
- * \warning This macro may evaluate its arguments multiple times or
- *          zero times, so you should not pass arguments that contain
- *          side effects.
- *
- * \param key_type  A symmetric key type that is compatible with algorithm \p alg.
- *
- * \param alg       An AEAD algorithm (\c PSA_ALG_XXX value such that #PSA_ALG_IS_AEAD(\p alg) is true).
- *
- * \return The default nonce size for the specified key type and algorithm.
- *         If the key type or AEAD algorithm is not recognized,
- *         or the parameters are incompatible, return 0.
- *         An implementation can return either 0 or a correct size for a key type
- *         and AEAD algorithm that it recognizes, but does not support.
- */
-#define PSA_AEAD_NONCE_LENGTH(key_type, alg) \
-    (PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) == 16 && \
-         (PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg) == PSA_ALG_CCM || \
-          PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg) == PSA_ALG_GCM) ? 12 : \
-     (key_type) == PSA_KEY_TYPE_CHACHA20 && \
-          PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg) == PSA_ALG_CHACHA20_POLY1305 ? 12 : \
-     0)
-
-/** The maximum default nonce size among all supported pairs of key types and AEAD algorithms, in bytes.
- *
- * This is equal to or greater than any value that #PSA_AEAD_NONCE_LENGTH() may return.
- *
- * \note This is not the maximum size of nonce supported as input to #psa_aead_set_nonce(),
- *       #psa_aead_encrypt() or #psa_aead_decrypt(), just the largest size that may be generated by
- *       #psa_aead_generate_nonce().
- */
-#define PSA_AEAD_NONCE_MAX_SIZE 12
-
-/** The default IV size for a cipher algorithm, in bytes.
- *
- * The IV that is generated as part of a call to #psa_cipher_encrypt() is always
- * the default IV length for the algorithm.
- *
- * This macro can be used to allocate a buffer of sufficient size to
- * store the IV output from #psa_cipher_generate_iv() when using
- * a multi-part cipher operation.
- *
- * See also #PSA_CIPHER_IV_MAX_SIZE.
- *
- * \warning This macro may evaluate its arguments multiple times or
- *          zero times, so you should not pass arguments that contain
- *          side effects.
- *
- * \param key_type  A symmetric key type that is compatible with algorithm \p alg.
- *
- * \param alg       A cipher algorithm (\c PSA_ALG_XXX value such that #PSA_ALG_IS_CIPHER(\p alg) is true).
- *
- * \return The default IV size for the specified key type and algorithm.
- *         If the algorithm does not use an IV, return 0.
- *         If the key type or cipher algorithm is not recognized,
- *         or the parameters are incompatible, return 0.
- *         An implementation can return either 0 or a correct size for a key type
- *         and cipher algorithm that it recognizes, but does not support.
- */
-#define PSA_CIPHER_IV_LENGTH(key_type, alg) \
-    (PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) > 1 && \
-        ((alg) == PSA_ALG_CTR || \
-         (alg) == PSA_ALG_CFB || \
-         (alg) == PSA_ALG_OFB || \
-         (alg) == PSA_ALG_XTS || \
-         (alg) == PSA_ALG_CBC_NO_PADDING || \
-         (alg) == PSA_ALG_CBC_PKCS7) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \
-     (key_type) == PSA_KEY_TYPE_CHACHA20 && \
-         (alg) == PSA_ALG_STREAM_CIPHER ? 12 : \
-     0)
-
-/** The maximum IV size for all supported cipher algorithms, in bytes.
- *
- * See also #PSA_CIPHER_IV_LENGTH().
- */
-#define PSA_CIPHER_IV_MAX_SIZE 16
-
-#endif /* PSA_CRYPTO_SIZES_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/psa/crypto_struct.h b/3rdparty/mbedtls-2.25.0/include/psa/crypto_struct.h
deleted file mode 100644
index 6a018e1..0000000
--- a/3rdparty/mbedtls-2.25.0/include/psa/crypto_struct.h
+++ /dev/null
@@ -1,498 +0,0 @@
-/**
- * \file psa/crypto_struct.h
- *
- * \brief PSA cryptography module: Mbed TLS structured type implementations
- *
- * \note This file may not be included directly. Applications must
- * include psa/crypto.h.
- *
- * This file contains the definitions of some data structures with
- * implementation-specific definitions.
- *
- * In implementations with isolation between the application and the
- * cryptography module, it is expected that the front-end and the back-end
- * would have different versions of this file.
- *
- * <h3>Design notes about multipart operation structures</h3>
- *
- * Each multipart operation structure contains a `psa_algorithm_t alg`
- * field which indicates which specific algorithm the structure is for.
- * When the structure is not in use, `alg` is 0. Most of the structure
- * consists of a union which is discriminated by `alg`.
- *
- * Note that when `alg` is 0, the content of other fields is undefined.
- * In particular, it is not guaranteed that a freshly-initialized structure
- * is all-zero: we initialize structures to something like `{0, 0}`, which
- * is only guaranteed to initializes the first member of the union;
- * GCC and Clang initialize the whole structure to 0 (at the time of writing),
- * but MSVC and CompCert don't.
- *
- * In Mbed Crypto, multipart operation structures live independently from
- * the key. This allows Mbed Crypto to free the key objects when destroying
- * a key slot. If a multipart operation needs to remember the key after
- * the setup function returns, the operation structure needs to contain a
- * copy of the key.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_STRUCT_H
-#define PSA_CRYPTO_STRUCT_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Include the Mbed TLS configuration file, the way Mbed TLS does it
- * in each of its header files. */
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/cipher.h"
-#include "mbedtls/cmac.h"
-#include "mbedtls/gcm.h"
-#include "mbedtls/md.h"
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
-#include "mbedtls/md5.h"
-#include "mbedtls/ripemd160.h"
-#include "mbedtls/sha1.h"
-#include "mbedtls/sha256.h"
-#include "mbedtls/sha512.h"
-
-typedef struct {
-    /** Unique ID indicating which driver got assigned to do the
-     * operation. Since driver contexts are driver-specific, swapping
-     * drivers halfway through the operation is not supported.
-     * ID values are auto-generated in psa_driver_wrappers.h */
-    unsigned int id;
-    /** Context structure for the assigned driver, when id is not zero. */
-    void* ctx;
-} psa_operation_driver_context_t;
-
-struct psa_hash_operation_s
-{
-    psa_algorithm_t alg;
-    union
-    {
-        unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
-#if defined(MBEDTLS_MD2_C)
-        mbedtls_md2_context md2;
-#endif
-#if defined(MBEDTLS_MD4_C)
-        mbedtls_md4_context md4;
-#endif
-#if defined(MBEDTLS_MD5_C)
-        mbedtls_md5_context md5;
-#endif
-#if defined(MBEDTLS_RIPEMD160_C)
-        mbedtls_ripemd160_context ripemd160;
-#endif
-#if defined(MBEDTLS_SHA1_C)
-        mbedtls_sha1_context sha1;
-#endif
-#if defined(MBEDTLS_SHA256_C)
-        mbedtls_sha256_context sha256;
-#endif
-#if defined(MBEDTLS_SHA512_C)
-        mbedtls_sha512_context sha512;
-#endif
-    } ctx;
-};
-
-#define PSA_HASH_OPERATION_INIT {0, {0}}
-static inline struct psa_hash_operation_s psa_hash_operation_init( void )
-{
-    const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT;
-    return( v );
-}
-
-#if defined(MBEDTLS_MD_C)
-typedef struct
-{
-        /** The hash context. */
-        struct psa_hash_operation_s hash_ctx;
-        /** The HMAC part of the context. */
-        uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
-} psa_hmac_internal_data;
-#endif /* MBEDTLS_MD_C */
-
-struct psa_mac_operation_s
-{
-    psa_algorithm_t alg;
-    unsigned int key_set : 1;
-    unsigned int iv_required : 1;
-    unsigned int iv_set : 1;
-    unsigned int has_input : 1;
-    unsigned int is_sign : 1;
-    uint8_t mac_size;
-    union
-    {
-        unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
-#if defined(MBEDTLS_MD_C)
-        psa_hmac_internal_data hmac;
-#endif
-#if defined(MBEDTLS_CMAC_C)
-        mbedtls_cipher_context_t cmac;
-#endif
-    } ctx;
-};
-
-#define PSA_MAC_OPERATION_INIT {0, 0, 0, 0, 0, 0, 0, {0}}
-static inline struct psa_mac_operation_s psa_mac_operation_init( void )
-{
-    const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT;
-    return( v );
-}
-
-struct psa_cipher_operation_s
-{
-    psa_algorithm_t alg;
-    unsigned int key_set : 1;
-    unsigned int iv_required : 1;
-    unsigned int iv_set : 1;
-    unsigned int mbedtls_in_use : 1; /* Indicates mbed TLS is handling the operation. */
-    uint8_t iv_size;
-    uint8_t block_size;
-    union
-    {
-        unsigned dummy; /* Enable easier initializing of the union. */
-        mbedtls_cipher_context_t cipher;
-        psa_operation_driver_context_t driver;
-    } ctx;
-};
-
-#define PSA_CIPHER_OPERATION_INIT {0, 0, 0, 0, 0, 0, 0, {0}}
-static inline struct psa_cipher_operation_s psa_cipher_operation_init( void )
-{
-    const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT;
-    return( v );
-}
-
-struct psa_aead_operation_s
-{
-    psa_algorithm_t alg;
-    unsigned int key_set : 1;
-    unsigned int iv_set : 1;
-    uint8_t iv_size;
-    uint8_t block_size;
-    union
-    {
-        unsigned dummy; /* Enable easier initializing of the union. */
-        mbedtls_cipher_context_t cipher;
-    } ctx;
-};
-
-#define PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, 0, {0}}
-static inline struct psa_aead_operation_s psa_aead_operation_init( void )
-{
-    const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT;
-    return( v );
-}
-
-#if defined(MBEDTLS_MD_C)
-typedef struct
-{
-    uint8_t *info;
-    size_t info_length;
-    psa_hmac_internal_data hmac;
-    uint8_t prk[PSA_HASH_MAX_SIZE];
-    uint8_t output_block[PSA_HASH_MAX_SIZE];
-#if PSA_HASH_MAX_SIZE > 0xff
-#error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
-#endif
-    uint8_t offset_in_block;
-    uint8_t block_number;
-    unsigned int state : 2;
-    unsigned int info_set : 1;
-} psa_hkdf_key_derivation_t;
-#endif /* MBEDTLS_MD_C */
-
-#if defined(MBEDTLS_MD_C)
-typedef enum
-{
-    TLS12_PRF_STATE_INIT,       /* no input provided */
-    TLS12_PRF_STATE_SEED_SET,   /* seed has been set */
-    TLS12_PRF_STATE_KEY_SET,    /* key has been set */
-    TLS12_PRF_STATE_LABEL_SET,  /* label has been set */
-    TLS12_PRF_STATE_OUTPUT      /* output has been started */
-} psa_tls12_prf_key_derivation_state_t;
-
-typedef struct psa_tls12_prf_key_derivation_s
-{
-#if PSA_HASH_MAX_SIZE > 0xff
-#error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
-#endif
-
-    /* Indicates how many bytes in the current HMAC block have
-     * not yet been read by the user. */
-    uint8_t left_in_block;
-
-    /* The 1-based number of the block. */
-    uint8_t block_number;
-
-    psa_tls12_prf_key_derivation_state_t state;
-
-    uint8_t *seed;
-    size_t seed_length;
-    uint8_t *label;
-    size_t label_length;
-    psa_hmac_internal_data hmac;
-    uint8_t Ai[PSA_HASH_MAX_SIZE];
-
-    /* `HMAC_hash( prk, A(i) + seed )` in the notation of RFC 5246, Sect. 5. */
-    uint8_t output_block[PSA_HASH_MAX_SIZE];
-} psa_tls12_prf_key_derivation_t;
-#endif /* MBEDTLS_MD_C */
-
-struct psa_key_derivation_s
-{
-    psa_algorithm_t alg;
-    unsigned int can_output_key : 1;
-    size_t capacity;
-    union
-    {
-        /* Make the union non-empty even with no supported algorithms. */
-        uint8_t dummy;
-#if defined(MBEDTLS_MD_C)
-        psa_hkdf_key_derivation_t hkdf;
-        psa_tls12_prf_key_derivation_t tls12_prf;
-#endif
-    } ctx;
-};
-
-/* This only zeroes out the first byte in the union, the rest is unspecified. */
-#define PSA_KEY_DERIVATION_OPERATION_INIT {0, 0, 0, {0}}
-static inline struct psa_key_derivation_s psa_key_derivation_operation_init( void )
-{
-    const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT;
-    return( v );
-}
-
-struct psa_key_policy_s
-{
-    psa_key_usage_t usage;
-    psa_algorithm_t alg;
-    psa_algorithm_t alg2;
-};
-typedef struct psa_key_policy_s psa_key_policy_t;
-
-#define PSA_KEY_POLICY_INIT {0, 0, 0}
-static inline struct psa_key_policy_s psa_key_policy_init( void )
-{
-    const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT;
-    return( v );
-}
-
-/* The type used internally for key sizes.
- * Public interfaces use size_t, but internally we use a smaller type. */
-typedef uint16_t psa_key_bits_t;
-/* The maximum value of the type used to represent bit-sizes.
- * This is used to mark an invalid key size. */
-#define PSA_KEY_BITS_TOO_LARGE ( (psa_key_bits_t) ( -1 ) )
-/* The maximum size of a key in bits.
- * Currently defined as the maximum that can be represented, rounded down
- * to a whole number of bytes.
- * This is an uncast value so that it can be used in preprocessor
- * conditionals. */
-#define PSA_MAX_KEY_BITS 0xfff8
-
-/** A mask of flags that can be stored in key attributes.
- *
- * This type is also used internally to store flags in slots. Internal
- * flags are defined in library/psa_crypto_core.h. Internal flags may have
- * the same value as external flags if they are properly handled during
- * key creation and in psa_get_key_attributes.
- */
-typedef uint16_t psa_key_attributes_flag_t;
-
-#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER     \
-    ( (psa_key_attributes_flag_t) 0x0001 )
-
-/* A mask of key attribute flags used externally only.
- * Only meant for internal checks inside the library. */
-#define MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY (      \
-        MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER |    \
-        0 )
-
-/* A mask of key attribute flags used both internally and externally.
- * Currently there aren't any. */
-#define MBEDTLS_PSA_KA_MASK_DUAL_USE (          \
-        0 )
-
-typedef struct
-{
-    psa_key_type_t type;
-    psa_key_bits_t bits;
-    psa_key_lifetime_t lifetime;
-    mbedtls_svc_key_id_t id;
-    psa_key_policy_t policy;
-    psa_key_attributes_flag_t flags;
-} psa_core_key_attributes_t;
-
-#define PSA_CORE_KEY_ATTRIBUTES_INIT {PSA_KEY_TYPE_NONE, 0, PSA_KEY_LIFETIME_VOLATILE, MBEDTLS_SVC_KEY_ID_INIT, PSA_KEY_POLICY_INIT, 0}
-
-struct psa_key_attributes_s
-{
-    psa_core_key_attributes_t core;
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    psa_key_slot_number_t slot_number;
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-    void *domain_parameters;
-    size_t domain_parameters_size;
-};
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-#define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, 0, NULL, 0}
-#else
-#define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0}
-#endif
-
-static inline struct psa_key_attributes_s psa_key_attributes_init( void )
-{
-    const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT;
-    return( v );
-}
-
-static inline void psa_set_key_id( psa_key_attributes_t *attributes,
-                                   mbedtls_svc_key_id_t key )
-{
-    psa_key_lifetime_t lifetime = attributes->core.lifetime;
-
-    attributes->core.id = key;
-
-    if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
-    {
-        attributes->core.lifetime =
-            PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
-                PSA_KEY_LIFETIME_PERSISTENT,
-                PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) );
-    }
-}
-
-static inline mbedtls_svc_key_id_t psa_get_key_id(
-    const psa_key_attributes_t *attributes)
-{
-    return( attributes->core.id );
-}
-
-#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
-static inline void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes,
-                                             mbedtls_key_owner_id_t owner )
-{
-    attributes->core.id.owner = owner;
-}
-#endif
-
-static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes,
-                                        psa_key_lifetime_t lifetime)
-{
-    attributes->core.lifetime = lifetime;
-    if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
-    {
-#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
-        attributes->core.id.key_id = 0;
-#else
-        attributes->core.id = 0;
-#endif
-    }
-}
-
-static inline psa_key_lifetime_t psa_get_key_lifetime(
-    const psa_key_attributes_t *attributes)
-{
-    return( attributes->core.lifetime );
-}
-
-static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes,
-                                           psa_key_usage_t usage_flags)
-{
-    attributes->core.policy.usage = usage_flags;
-}
-
-static inline psa_key_usage_t psa_get_key_usage_flags(
-    const psa_key_attributes_t *attributes)
-{
-    return( attributes->core.policy.usage );
-}
-
-static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes,
-                                         psa_algorithm_t alg)
-{
-    attributes->core.policy.alg = alg;
-}
-
-static inline psa_algorithm_t psa_get_key_algorithm(
-    const psa_key_attributes_t *attributes)
-{
-    return( attributes->core.policy.alg );
-}
-
-/* This function is declared in crypto_extra.h, which comes after this
- * header file, but we need the function here, so repeat the declaration. */
-psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes,
-                                           psa_key_type_t type,
-                                           const uint8_t *data,
-                                           size_t data_length);
-
-static inline void psa_set_key_type(psa_key_attributes_t *attributes,
-                                    psa_key_type_t type)
-{
-    if( attributes->domain_parameters == NULL )
-    {
-        /* Common case: quick path */
-        attributes->core.type = type;
-    }
-    else
-    {
-        /* Call the bigger function to free the old domain paramteres.
-         * Ignore any errors which may arise due to type requiring
-         * non-default domain parameters, since this function can't
-         * report errors. */
-        (void) psa_set_key_domain_parameters( attributes, type, NULL, 0 );
-    }
-}
-
-static inline psa_key_type_t psa_get_key_type(
-    const psa_key_attributes_t *attributes)
-{
-    return( attributes->core.type );
-}
-
-static inline void psa_set_key_bits(psa_key_attributes_t *attributes,
-                                    size_t bits)
-{
-    if( bits > PSA_MAX_KEY_BITS )
-        attributes->core.bits = PSA_KEY_BITS_TOO_LARGE;
-    else
-        attributes->core.bits = (psa_key_bits_t) bits;
-}
-
-static inline size_t psa_get_key_bits(
-    const psa_key_attributes_t *attributes)
-{
-    return( attributes->core.bits );
-}
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* PSA_CRYPTO_STRUCT_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/psa/crypto_types.h b/3rdparty/mbedtls-2.25.0/include/psa/crypto_types.h
deleted file mode 100644
index 0a2ae54..0000000
--- a/3rdparty/mbedtls-2.25.0/include/psa/crypto_types.h
+++ /dev/null
@@ -1,395 +0,0 @@
-/**
- * \file psa/crypto_types.h
- *
- * \brief PSA cryptography module: type aliases.
- *
- * \note This file may not be included directly. Applications must
- * include psa/crypto.h. Drivers must include the appropriate driver
- * header file.
- *
- * This file contains portable definitions of integral types for properties
- * of cryptographic keys, designations of cryptographic algorithms, and
- * error codes returned by the library.
- *
- * This header file does not declare any function.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_TYPES_H
-#define PSA_CRYPTO_TYPES_H
-
-#include "crypto_platform.h"
-
-#include <stdint.h>
-
-/** \defgroup error Error codes
- * @{
- */
-
-/**
- * \brief Function return status.
- *
- * This is either #PSA_SUCCESS (which is zero), indicating success,
- * or a small negative value indicating that an error occurred. Errors are
- * encoded as one of the \c PSA_ERROR_xxx values defined here. */
-/* If #PSA_SUCCESS is already defined, it means that #psa_status_t
- * is also defined in an external header, so prevent its multiple
- * definition.
- */
-#ifndef PSA_SUCCESS
-typedef int32_t psa_status_t;
-#endif
-
-/**@}*/
-
-/** \defgroup crypto_types Key and algorithm types
- * @{
- */
-
-/** \brief Encoding of a key type.
- */
-typedef uint16_t psa_key_type_t;
-
-/** The type of PSA elliptic curve family identifiers.
- *
- * The curve identifier is required to create an ECC key using the
- * PSA_KEY_TYPE_ECC_KEY_PAIR() or PSA_KEY_TYPE_ECC_PUBLIC_KEY()
- * macros.
- *
- * Values defined by this standard will never be in the range 0x80-0xff.
- * Vendors who define additional families must use an encoding in this range.
- */
-typedef uint8_t psa_ecc_family_t;
-
-/** The type of PSA Diffie-Hellman group family identifiers.
- *
- * The group identifier is required to create an Diffie-Hellman key using the
- * PSA_KEY_TYPE_DH_KEY_PAIR() or PSA_KEY_TYPE_DH_PUBLIC_KEY()
- * macros.
- *
- * Values defined by this standard will never be in the range 0x80-0xff.
- * Vendors who define additional families must use an encoding in this range.
- */
-typedef uint8_t psa_dh_family_t;
-
-/** \brief Encoding of a cryptographic algorithm.
- *
- * For algorithms that can be applied to multiple key types, this type
- * does not encode the key type. For example, for symmetric ciphers
- * based on a block cipher, #psa_algorithm_t encodes the block cipher
- * mode and the padding mode while the block cipher itself is encoded
- * via #psa_key_type_t.
- */
-typedef uint32_t psa_algorithm_t;
-
-/**@}*/
-
-/** \defgroup key_lifetimes Key lifetimes
- * @{
- */
-
-/** Encoding of key lifetimes.
- *
- * The lifetime of a key indicates where it is stored and what system actions
- * may create and destroy it.
- *
- * Lifetime values have the following structure:
- * - Bits 0-7 (#PSA_KEY_LIFETIME_GET_PERSISTENCE(\c lifetime)):
- *   persistence level. This value indicates what device management
- *   actions can cause it to be destroyed. In particular, it indicates
- *   whether the key is _volatile_ or _persistent_.
- *   See ::psa_key_persistence_t for more information.
- * - Bits 8-31 (#PSA_KEY_LIFETIME_GET_LOCATION(\c lifetime)):
- *   location indicator. This value indicates where the key is stored
- *   and where operations on the key are performed.
- *   See ::psa_key_location_t for more information.
- *
- * Volatile keys are automatically destroyed when the application instance
- * terminates or on a power reset of the device. Persistent keys are
- * preserved until the application explicitly destroys them or until an
- * implementation-specific device management event occurs (for example,
- * a factory reset).
- *
- * Persistent keys have a key identifier of type #mbedtls_svc_key_id_t.
- * This identifier remains valid throughout the lifetime of the key,
- * even if the application instance that created the key terminates.
- * The application can call psa_open_key() to open a persistent key that
- * it created previously.
- *
- * This specification defines two basic lifetime values:
- * - Keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE are volatile.
- *   All implementations should support this lifetime.
- * - Keys with the lifetime #PSA_KEY_LIFETIME_PERSISTENT are persistent.
- *   All implementations that have access to persistent storage with
- *   appropriate security guarantees should support this lifetime.
- */
-typedef uint32_t psa_key_lifetime_t;
-
-/** Encoding of key persistence levels.
- *
- * What distinguishes different persistence levels is what device management
- * events may cause keys to be destroyed. _Volatile_ keys are destroyed
- * by a power reset. Persistent keys may be destroyed by events such as
- * a transfer of ownership or a factory reset. What management events
- * actually affect persistent keys at different levels is outside the
- * scope of the PSA Cryptography specification.
- *
- * This specification defines the following values of persistence levels:
- * - \c 0 = #PSA_KEY_PERSISTENCE_VOLATILE: volatile key.
- *   A volatile key is automatically destroyed by the implementation when
- *   the application instance terminates. In particular, a volatile key
- *   is automatically destroyed on a power reset of the device.
- * - \c 1 = #PSA_KEY_PERSISTENCE_DEFAULT:
- *   persistent key with a default lifetime.
- *   Implementations should support this value if they support persistent
- *   keys at all.
- *   Applications should use this value if they have no specific needs that
- *   are only met by implementation-specific features.
- * - \c 2-127: persistent key with a PSA-specified lifetime.
- *   The PSA Cryptography specification does not define the meaning of these
- *   values, but other PSA specifications may do so.
- * - \c 128-254: persistent key with a vendor-specified lifetime.
- *   No PSA specification will define the meaning of these values, so
- *   implementations may choose the meaning freely.
- *   As a guideline, higher persistence levels should cause a key to survive
- *   more management events than lower levels.
- * - \c 255 = #PSA_KEY_PERSISTENCE_READ_ONLY:
- *   read-only or write-once key.
- *   A key with this persistence level cannot be destroyed.
- *   Implementations that support such keys may either allow their creation
- *   through the PSA Cryptography API, preferably only to applications with
- *   the appropriate privilege, or only expose keys created through
- *   implementation-specific means such as a factory ROM engraving process.
- *   Note that keys that are read-only due to policy restrictions
- *   rather than due to physical limitations should not have this
- *   persistence levels.
- *
- * \note Key persistence levels are 8-bit values. Key management
- *       interfaces operate on lifetimes (type ::psa_key_lifetime_t) which
- *       encode the persistence as the lower 8 bits of a 32-bit value.
- */
-typedef uint8_t psa_key_persistence_t;
-
-/** Encoding of key location indicators.
- *
- * If an implementation of this API can make calls to external
- * cryptoprocessors such as secure elements, the location of a key
- * indicates which secure element performs the operations on the key.
- * If an implementation offers multiple physical locations for persistent
- * storage, the location indicator reflects at which physical location
- * the key is stored.
- *
- * This specification defines the following values of location indicators:
- * - \c 0: primary local storage.
- *   All implementations should support this value.
- *   The primary local storage is typically the same storage area that
- *   contains the key metadata.
- * - \c 1: primary secure element.
- *   Implementations should support this value if there is a secure element
- *   attached to the operating environment.
- *   As a guideline, secure elements may provide higher resistance against
- *   side channel and physical attacks than the primary local storage, but may
- *   have restrictions on supported key types, sizes, policies and operations
- *   and may have different performance characteristics.
- * - \c 2-0x7fffff: other locations defined by a PSA specification.
- *   The PSA Cryptography API does not currently assign any meaning to these
- *   locations, but future versions of this specification or other PSA
- *   specifications may do so.
- * - \c 0x800000-0xffffff: vendor-defined locations.
- *   No PSA specification will assign a meaning to locations in this range.
- *
- * \note Key location indicators are 24-bit values. Key management
- *       interfaces operate on lifetimes (type ::psa_key_lifetime_t) which
- *       encode the location as the upper 24 bits of a 32-bit value.
- */
-typedef uint32_t psa_key_location_t;
-
-/** Encoding of identifiers of persistent keys.
- *
- * - Applications may freely choose key identifiers in the range
- *   #PSA_KEY_ID_USER_MIN to #PSA_KEY_ID_USER_MAX.
- * - Implementations may define additional key identifiers in the range
- *   #PSA_KEY_ID_VENDOR_MIN to #PSA_KEY_ID_VENDOR_MAX.
- * - 0 is reserved as an invalid key identifier.
- * - Key identifiers outside these ranges are reserved for future use.
- */
-typedef uint32_t psa_key_id_t;
-
-#if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
-typedef psa_key_id_t mbedtls_svc_key_id_t;
-
-#else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
-/* Implementation-specific: The Mbed Cryptography library can be built as
- * part of a multi-client service that exposes the PSA Cryptograpy API in each
- * client and encodes the client identity in the key identifier argument of
- * functions such as psa_open_key().
- */
-typedef struct
-{
-    psa_key_id_t key_id;
-    mbedtls_key_owner_id_t owner;
-} mbedtls_svc_key_id_t;
-
-#endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
-
-/**@}*/
-
-/** \defgroup policy Key policies
- * @{
- */
-
-/** \brief Encoding of permitted usage on a key. */
-typedef uint32_t psa_key_usage_t;
-
-/**@}*/
-
-/** \defgroup attributes Key attributes
- * @{
- */
-
-/** The type of a structure containing key attributes.
- *
- * This is an opaque structure that can represent the metadata of a key
- * object. Metadata that can be stored in attributes includes:
- * - The location of the key in storage, indicated by its key identifier
- *   and its lifetime.
- * - The key's policy, comprising usage flags and a specification of
- *   the permitted algorithm(s).
- * - Information about the key itself: the key type and its size.
- * - Implementations may define additional attributes.
- *
- * The actual key material is not considered an attribute of a key.
- * Key attributes do not contain information that is generally considered
- * highly confidential.
- *
- * An attribute structure can be a simple data structure where each function
- * `psa_set_key_xxx` sets a field and the corresponding function
- * `psa_get_key_xxx` retrieves the value of the corresponding field.
- * However, implementations may report values that are equivalent to the
- * original one, but have a different encoding. For example, an
- * implementation may use a more compact representation for types where
- * many bit-patterns are invalid or not supported, and store all values
- * that it does not support as a special marker value. In such an
- * implementation, after setting an invalid value, the corresponding
- * get function returns an invalid value which may not be the one that
- * was originally stored.
- *
- * An attribute structure may contain references to auxiliary resources,
- * for example pointers to allocated memory or indirect references to
- * pre-calculated values. In order to free such resources, the application
- * must call psa_reset_key_attributes(). As an exception, calling
- * psa_reset_key_attributes() on an attribute structure is optional if
- * the structure has only been modified by the following functions
- * since it was initialized or last reset with psa_reset_key_attributes():
- * - psa_set_key_id()
- * - psa_set_key_lifetime()
- * - psa_set_key_type()
- * - psa_set_key_bits()
- * - psa_set_key_usage_flags()
- * - psa_set_key_algorithm()
- *
- * Before calling any function on a key attribute structure, the application
- * must initialize it by any of the following means:
- * - Set the structure to all-bits-zero, for example:
- *   \code
- *   psa_key_attributes_t attributes;
- *   memset(&attributes, 0, sizeof(attributes));
- *   \endcode
- * - Initialize the structure to logical zero values, for example:
- *   \code
- *   psa_key_attributes_t attributes = {0};
- *   \endcode
- * - Initialize the structure to the initializer #PSA_KEY_ATTRIBUTES_INIT,
- *   for example:
- *   \code
- *   psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- *   \endcode
- * - Assign the result of the function psa_key_attributes_init()
- *   to the structure, for example:
- *   \code
- *   psa_key_attributes_t attributes;
- *   attributes = psa_key_attributes_init();
- *   \endcode
- *
- * A freshly initialized attribute structure contains the following
- * values:
- *
- * - lifetime: #PSA_KEY_LIFETIME_VOLATILE.
- * - key identifier: 0 (which is not a valid key identifier).
- * - type: \c 0 (meaning that the type is unspecified).
- * - key size: \c 0 (meaning that the size is unspecified).
- * - usage flags: \c 0 (which allows no usage except exporting a public key).
- * - algorithm: \c 0 (which allows no cryptographic usage, but allows
- *   exporting).
- *
- * A typical sequence to create a key is as follows:
- * -# Create and initialize an attribute structure.
- * -# If the key is persistent, call psa_set_key_id().
- *    Also call psa_set_key_lifetime() to place the key in a non-default
- *    location.
- * -# Set the key policy with psa_set_key_usage_flags() and
- *    psa_set_key_algorithm().
- * -# Set the key type with psa_set_key_type().
- *    Skip this step if copying an existing key with psa_copy_key().
- * -# When generating a random key with psa_generate_key() or deriving a key
- *    with psa_key_derivation_output_key(), set the desired key size with
- *    psa_set_key_bits().
- * -# Call a key creation function: psa_import_key(), psa_generate_key(),
- *    psa_key_derivation_output_key() or psa_copy_key(). This function reads
- *    the attribute structure, creates a key with these attributes, and
- *    outputs a key identifier to the newly created key.
- * -# The attribute structure is now no longer necessary.
- *    You may call psa_reset_key_attributes(), although this is optional
- *    with the workflow presented here because the attributes currently
- *    defined in this specification do not require any additional resources
- *    beyond the structure itself.
- *
- * A typical sequence to query a key's attributes is as follows:
- * -# Call psa_get_key_attributes().
- * -# Call `psa_get_key_xxx` functions to retrieve the attribute(s) that
- *    you are interested in.
- * -# Call psa_reset_key_attributes() to free any resources that may be
- *    used by the attribute structure.
- *
- * Once a key has been created, it is impossible to change its attributes.
- */
-typedef struct psa_key_attributes_s psa_key_attributes_t;
-
-
-#ifndef __DOXYGEN_ONLY__
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-/* Mbed Crypto defines this type in crypto_types.h because it is also
- * visible to applications through an implementation-specific extension.
- * For the PSA Cryptography specification, this type is only visible
- * via crypto_se_driver.h. */
-typedef uint64_t psa_key_slot_number_t;
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-#endif /* !__DOXYGEN_ONLY__ */
-
-/**@}*/
-
-/** \defgroup derivation Key derivation
- * @{
- */
-
-/** \brief Encoding of the step of a key derivation. */
-typedef uint16_t psa_key_derivation_step_t;
-
-/**@}*/
-
-#endif /* PSA_CRYPTO_TYPES_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/psa/crypto_values.h b/3rdparty/mbedtls-2.25.0/include/psa/crypto_values.h
deleted file mode 100644
index f1b5c53..0000000
--- a/3rdparty/mbedtls-2.25.0/include/psa/crypto_values.h
+++ /dev/null
@@ -1,1882 +0,0 @@
-/**
- * \file psa/crypto_values.h
- *
- * \brief PSA cryptography module: macros to build and analyze integer values.
- *
- * \note This file may not be included directly. Applications must
- * include psa/crypto.h. Drivers must include the appropriate driver
- * header file.
- *
- * This file contains portable definitions of macros to build and analyze
- * values of integral types that encode properties of cryptographic keys,
- * designations of cryptographic algorithms, and error codes returned by
- * the library.
- *
- * This header file only defines preprocessor macros.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_VALUES_H
-#define PSA_CRYPTO_VALUES_H
-
-/** \defgroup error Error codes
- * @{
- */
-
-/* PSA error codes */
-
-/** The action was completed successfully. */
-#define PSA_SUCCESS ((psa_status_t)0)
-
-/** An error occurred that does not correspond to any defined
- * failure cause.
- *
- * Implementations may use this error code if none of the other standard
- * error codes are applicable. */
-#define PSA_ERROR_GENERIC_ERROR         ((psa_status_t)-132)
-
-/** The requested operation or a parameter is not supported
- * by this implementation.
- *
- * Implementations should return this error code when an enumeration
- * parameter such as a key type, algorithm, etc. is not recognized.
- * If a combination of parameters is recognized and identified as
- * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */
-#define PSA_ERROR_NOT_SUPPORTED         ((psa_status_t)-134)
-
-/** The requested action is denied by a policy.
- *
- * Implementations should return this error code when the parameters
- * are recognized as valid and supported, and a policy explicitly
- * denies the requested operation.
- *
- * If a subset of the parameters of a function call identify a
- * forbidden operation, and another subset of the parameters are
- * not valid or not supported, it is unspecified whether the function
- * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or
- * #PSA_ERROR_INVALID_ARGUMENT. */
-#define PSA_ERROR_NOT_PERMITTED         ((psa_status_t)-133)
-
-/** An output buffer is too small.
- *
- * Applications can call the \c PSA_xxx_SIZE macro listed in the function
- * description to determine a sufficient buffer size.
- *
- * Implementations should preferably return this error code only
- * in cases when performing the operation with a larger output
- * buffer would succeed. However implementations may return this
- * error if a function has invalid or unsupported parameters in addition
- * to the parameters that determine the necessary output buffer size. */
-#define PSA_ERROR_BUFFER_TOO_SMALL      ((psa_status_t)-138)
-
-/** Asking for an item that already exists
- *
- * Implementations should return this error, when attempting
- * to write an item (like a key) that already exists. */
-#define PSA_ERROR_ALREADY_EXISTS        ((psa_status_t)-139)
-
-/** Asking for an item that doesn't exist
- *
- * Implementations should return this error, if a requested item (like
- * a key) does not exist. */
-#define PSA_ERROR_DOES_NOT_EXIST        ((psa_status_t)-140)
-
-/** The requested action cannot be performed in the current state.
- *
- * Multipart operations return this error when one of the
- * functions is called out of sequence. Refer to the function
- * descriptions for permitted sequencing of functions.
- *
- * Implementations shall not return this error code to indicate
- * that a key either exists or not,
- * but shall instead return #PSA_ERROR_ALREADY_EXISTS or #PSA_ERROR_DOES_NOT_EXIST
- * as applicable.
- *
- * Implementations shall not return this error code to indicate that a
- * key identifier is invalid, but shall return #PSA_ERROR_INVALID_HANDLE
- * instead. */
-#define PSA_ERROR_BAD_STATE             ((psa_status_t)-137)
-
-/** The parameters passed to the function are invalid.
- *
- * Implementations may return this error any time a parameter or
- * combination of parameters are recognized as invalid.
- *
- * Implementations shall not return this error code to indicate that a
- * key identifier is invalid, but shall return #PSA_ERROR_INVALID_HANDLE
- * instead.
- */
-#define PSA_ERROR_INVALID_ARGUMENT      ((psa_status_t)-135)
-
-/** There is not enough runtime memory.
- *
- * If the action is carried out across multiple security realms, this
- * error can refer to available memory in any of the security realms. */
-#define PSA_ERROR_INSUFFICIENT_MEMORY   ((psa_status_t)-141)
-
-/** There is not enough persistent storage.
- *
- * Functions that modify the key storage return this error code if
- * there is insufficient storage space on the host media. In addition,
- * many functions that do not otherwise access storage may return this
- * error code if the implementation requires a mandatory log entry for
- * the requested action and the log storage space is full. */
-#define PSA_ERROR_INSUFFICIENT_STORAGE  ((psa_status_t)-142)
-
-/** There was a communication failure inside the implementation.
- *
- * This can indicate a communication failure between the application
- * and an external cryptoprocessor or between the cryptoprocessor and
- * an external volatile or persistent memory. A communication failure
- * may be transient or permanent depending on the cause.
- *
- * \warning If a function returns this error, it is undetermined
- * whether the requested action has completed or not. Implementations
- * should return #PSA_SUCCESS on successful completion whenever
- * possible, however functions may return #PSA_ERROR_COMMUNICATION_FAILURE
- * if the requested action was completed successfully in an external
- * cryptoprocessor but there was a breakdown of communication before
- * the cryptoprocessor could report the status to the application.
- */
-#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145)
-
-/** There was a storage failure that may have led to data loss.
- *
- * This error indicates that some persistent storage is corrupted.
- * It should not be used for a corruption of volatile memory
- * (use #PSA_ERROR_CORRUPTION_DETECTED), for a communication error
- * between the cryptoprocessor and its external storage (use
- * #PSA_ERROR_COMMUNICATION_FAILURE), or when the storage is
- * in a valid state but is full (use #PSA_ERROR_INSUFFICIENT_STORAGE).
- *
- * Note that a storage failure does not indicate that any data that was
- * previously read is invalid. However this previously read data may no
- * longer be readable from storage.
- *
- * When a storage failure occurs, it is no longer possible to ensure
- * the global integrity of the keystore. Depending on the global
- * integrity guarantees offered by the implementation, access to other
- * data may or may not fail even if the data is still readable but
- * its integrity cannot be guaranteed.
- *
- * Implementations should only use this error code to report a
- * permanent storage corruption. However application writers should
- * keep in mind that transient errors while reading the storage may be
- * reported using this error code. */
-#define PSA_ERROR_STORAGE_FAILURE       ((psa_status_t)-146)
-
-/** A hardware failure was detected.
- *
- * A hardware failure may be transient or permanent depending on the
- * cause. */
-#define PSA_ERROR_HARDWARE_FAILURE      ((psa_status_t)-147)
-
-/** A tampering attempt was detected.
- *
- * If an application receives this error code, there is no guarantee
- * that previously accessed or computed data was correct and remains
- * confidential. Applications should not perform any security function
- * and should enter a safe failure state.
- *
- * Implementations may return this error code if they detect an invalid
- * state that cannot happen during normal operation and that indicates
- * that the implementation's security guarantees no longer hold. Depending
- * on the implementation architecture and on its security and safety goals,
- * the implementation may forcibly terminate the application.
- *
- * This error code is intended as a last resort when a security breach
- * is detected and it is unsure whether the keystore data is still
- * protected. Implementations shall only return this error code
- * to report an alarm from a tampering detector, to indicate that
- * the confidentiality of stored data can no longer be guaranteed,
- * or to indicate that the integrity of previously returned data is now
- * considered compromised. Implementations shall not use this error code
- * to indicate a hardware failure that merely makes it impossible to
- * perform the requested operation (use #PSA_ERROR_COMMUNICATION_FAILURE,
- * #PSA_ERROR_STORAGE_FAILURE, #PSA_ERROR_HARDWARE_FAILURE,
- * #PSA_ERROR_INSUFFICIENT_ENTROPY or other applicable error code
- * instead).
- *
- * This error indicates an attack against the application. Implementations
- * shall not return this error code as a consequence of the behavior of
- * the application itself. */
-#define PSA_ERROR_CORRUPTION_DETECTED    ((psa_status_t)-151)
-
-/** There is not enough entropy to generate random data needed
- * for the requested action.
- *
- * This error indicates a failure of a hardware random generator.
- * Application writers should note that this error can be returned not
- * only by functions whose purpose is to generate random data, such
- * as key, IV or nonce generation, but also by functions that execute
- * an algorithm with a randomized result, as well as functions that
- * use randomization of intermediate computations as a countermeasure
- * to certain attacks.
- *
- * Implementations should avoid returning this error after psa_crypto_init()
- * has succeeded. Implementations should generate sufficient
- * entropy during initialization and subsequently use a cryptographically
- * secure pseudorandom generator (PRNG). However implementations may return
- * this error at any time if a policy requires the PRNG to be reseeded
- * during normal operation. */
-#define PSA_ERROR_INSUFFICIENT_ENTROPY  ((psa_status_t)-148)
-
-/** The signature, MAC or hash is incorrect.
- *
- * Verification functions return this error if the verification
- * calculations completed successfully, and the value to be verified
- * was determined to be incorrect.
- *
- * If the value to verify has an invalid size, implementations may return
- * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */
-#define PSA_ERROR_INVALID_SIGNATURE     ((psa_status_t)-149)
-
-/** The decrypted padding is incorrect.
- *
- * \warning In some protocols, when decrypting data, it is essential that
- * the behavior of the application does not depend on whether the padding
- * is correct, down to precise timing. Applications should prefer
- * protocols that use authenticated encryption rather than plain
- * encryption. If the application must perform a decryption of
- * unauthenticated data, the application writer should take care not
- * to reveal whether the padding is invalid.
- *
- * Implementations should strive to make valid and invalid padding
- * as close as possible to indistinguishable to an external observer.
- * In particular, the timing of a decryption operation should not
- * depend on the validity of the padding. */
-#define PSA_ERROR_INVALID_PADDING       ((psa_status_t)-150)
-
-/** Return this error when there's insufficient data when attempting
- * to read from a resource. */
-#define PSA_ERROR_INSUFFICIENT_DATA     ((psa_status_t)-143)
-
-/** The key identifier is not valid. See also :ref:\`key-handles\`.
- */
-#define PSA_ERROR_INVALID_HANDLE        ((psa_status_t)-136)
-
-/**@}*/
-
-/** \defgroup crypto_types Key and algorithm types
- * @{
- */
-
-/** An invalid key type value.
- *
- * Zero is not the encoding of any key type.
- */
-#define PSA_KEY_TYPE_NONE                           ((psa_key_type_t)0x0000)
-
-/** Vendor-defined key type flag.
- *
- * Key types defined by this standard will never have the
- * #PSA_KEY_TYPE_VENDOR_FLAG bit set. Vendors who define additional key types
- * must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should
- * respect the bitwise structure used by standard encodings whenever practical.
- */
-#define PSA_KEY_TYPE_VENDOR_FLAG                    ((psa_key_type_t)0x8000)
-
-#define PSA_KEY_TYPE_CATEGORY_MASK                  ((psa_key_type_t)0x7000)
-#define PSA_KEY_TYPE_CATEGORY_RAW                   ((psa_key_type_t)0x1000)
-#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC             ((psa_key_type_t)0x2000)
-#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY            ((psa_key_type_t)0x4000)
-#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR              ((psa_key_type_t)0x7000)
-
-#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR             ((psa_key_type_t)0x3000)
-
-/** Whether a key type is vendor-defined.
- *
- * See also #PSA_KEY_TYPE_VENDOR_FLAG.
- */
-#define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
-    (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
-
-/** Whether a key type is an unstructured array of bytes.
- *
- * This encompasses both symmetric keys and non-key data.
- */
-#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \
-    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_RAW || \
-     ((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
-
-/** Whether a key type is asymmetric: either a key pair or a public key. */
-#define PSA_KEY_TYPE_IS_ASYMMETRIC(type)                                \
-    (((type) & PSA_KEY_TYPE_CATEGORY_MASK                               \
-      & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) ==                            \
-     PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
-/** Whether a key type is the public part of a key pair. */
-#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type)                                \
-    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
-/** Whether a key type is a key pair containing a private part and a public
- * part. */
-#define PSA_KEY_TYPE_IS_KEY_PAIR(type)                                   \
-    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR)
-/** The key pair type corresponding to a public key type.
- *
- * You may also pass a key pair type as \p type, it will be left unchanged.
- *
- * \param type      A public key type or key pair type.
- *
- * \return          The corresponding key pair type.
- *                  If \p type is not a public key or a key pair,
- *                  the return value is undefined.
- */
-#define PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type)        \
-    ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
-/** The public key type corresponding to a key pair type.
- *
- * You may also pass a key pair type as \p type, it will be left unchanged.
- *
- * \param type      A public key type or key pair type.
- *
- * \return          The corresponding public key type.
- *                  If \p type is not a public key or a key pair,
- *                  the return value is undefined.
- */
-#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type)        \
-    ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
-
-/** Raw data.
- *
- * A "key" of this type cannot be used for any cryptographic operation.
- * Applications may use this type to store arbitrary data in the keystore. */
-#define PSA_KEY_TYPE_RAW_DATA                       ((psa_key_type_t)0x1001)
-
-/** HMAC key.
- *
- * The key policy determines which underlying hash algorithm the key can be
- * used for.
- *
- * HMAC keys should generally have the same size as the underlying hash.
- * This size can be calculated with #PSA_HASH_SIZE(\c alg) where
- * \c alg is the HMAC algorithm or the underlying hash algorithm. */
-#define PSA_KEY_TYPE_HMAC                           ((psa_key_type_t)0x1100)
-
-/** A secret for key derivation.
- *
- * The key policy determines which key derivation algorithm the key
- * can be used for.
- */
-#define PSA_KEY_TYPE_DERIVE                         ((psa_key_type_t)0x1200)
-
-/** Key for a cipher, AEAD or MAC algorithm based on the AES block cipher.
- *
- * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or
- * 32 bytes (AES-256).
- */
-#define PSA_KEY_TYPE_AES                            ((psa_key_type_t)0x2400)
-
-/** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES).
- *
- * The size of the key can be 8 bytes (single DES), 16 bytes (2-key 3DES) or
- * 24 bytes (3-key 3DES).
- *
- * Note that single DES and 2-key 3DES are weak and strongly
- * deprecated and should only be used to decrypt legacy data. 3-key 3DES
- * is weak and deprecated and should only be used in legacy protocols.
- */
-#define PSA_KEY_TYPE_DES                            ((psa_key_type_t)0x2301)
-
-/** Key for a cipher, AEAD or MAC algorithm based on the
- * Camellia block cipher. */
-#define PSA_KEY_TYPE_CAMELLIA                       ((psa_key_type_t)0x2403)
-
-/** Key for the RC4 stream cipher.
- *
- * Note that RC4 is weak and deprecated and should only be used in
- * legacy protocols. */
-#define PSA_KEY_TYPE_ARC4                           ((psa_key_type_t)0x2002)
-
-/** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm.
- *
- * ChaCha20 and the ChaCha20_Poly1305 construction are defined in RFC 7539.
- *
- * Implementations must support 12-byte nonces, may support 8-byte nonces,
- * and should reject other sizes.
- */
-#define PSA_KEY_TYPE_CHACHA20                       ((psa_key_type_t)0x2004)
-
-/** RSA public key. */
-#define PSA_KEY_TYPE_RSA_PUBLIC_KEY                 ((psa_key_type_t)0x4001)
-/** RSA key pair (private and public key). */
-#define PSA_KEY_TYPE_RSA_KEY_PAIR                   ((psa_key_type_t)0x7001)
-/** Whether a key type is an RSA key (pair or public-only). */
-#define PSA_KEY_TYPE_IS_RSA(type)                                       \
-    (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
-
-#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE            ((psa_key_type_t)0x4100)
-#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE              ((psa_key_type_t)0x7100)
-#define PSA_KEY_TYPE_ECC_CURVE_MASK                 ((psa_key_type_t)0x00ff)
-/** Elliptic curve key pair.
- *
- * \param curve     A value of type ::psa_ecc_family_t that
- *                  identifies the ECC curve to be used.
- */
-#define PSA_KEY_TYPE_ECC_KEY_PAIR(curve)         \
-    (PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve))
-/** Elliptic curve public key.
- *
- * \param curve     A value of type ::psa_ecc_family_t that
- *                  identifies the ECC curve to be used.
- */
-#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve)              \
-    (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
-
-/** Whether a key type is an elliptic curve key (pair or public-only). */
-#define PSA_KEY_TYPE_IS_ECC(type)                                       \
-    ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) &                        \
-      ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
-/** Whether a key type is an elliptic curve key pair. */
-#define PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)                               \
-    (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) ==                         \
-     PSA_KEY_TYPE_ECC_KEY_PAIR_BASE)
-/** Whether a key type is an elliptic curve public key. */
-#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type)                            \
-    (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) ==                         \
-     PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
-
-/** Extract the curve from an elliptic curve key type. */
-#define PSA_KEY_TYPE_ECC_GET_FAMILY(type)                        \
-    ((psa_ecc_family_t) (PSA_KEY_TYPE_IS_ECC(type) ?             \
-                        ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
-                        0))
-
-/** SEC Koblitz curves over prime fields.
- *
- * This family comprises the following curves:
- * secp192k1, secp224k1, secp256k1.
- * They are defined in _Standards for Efficient Cryptography_,
- * _SEC 2: Recommended Elliptic Curve Domain Parameters_.
- * https://www.secg.org/sec2-v2.pdf
- */
-#define PSA_ECC_FAMILY_SECP_K1           ((psa_ecc_family_t) 0x17)
-
-/** SEC random curves over prime fields.
- *
- * This family comprises the following curves:
- * secp192k1, secp224r1, secp256r1, secp384r1, secp521r1.
- * They are defined in _Standards for Efficient Cryptography_,
- * _SEC 2: Recommended Elliptic Curve Domain Parameters_.
- * https://www.secg.org/sec2-v2.pdf
- */
-#define PSA_ECC_FAMILY_SECP_R1           ((psa_ecc_family_t) 0x12)
-/* SECP160R2 (SEC2 v1, obsolete) */
-#define PSA_ECC_FAMILY_SECP_R2           ((psa_ecc_family_t) 0x1b)
-
-/** SEC Koblitz curves over binary fields.
- *
- * This family comprises the following curves:
- * sect163k1, sect233k1, sect239k1, sect283k1, sect409k1, sect571k1.
- * They are defined in _Standards for Efficient Cryptography_,
- * _SEC 2: Recommended Elliptic Curve Domain Parameters_.
- * https://www.secg.org/sec2-v2.pdf
- */
-#define PSA_ECC_FAMILY_SECT_K1           ((psa_ecc_family_t) 0x27)
-
-/** SEC random curves over binary fields.
- *
- * This family comprises the following curves:
- * sect163r1, sect233r1, sect283r1, sect409r1, sect571r1.
- * They are defined in _Standards for Efficient Cryptography_,
- * _SEC 2: Recommended Elliptic Curve Domain Parameters_.
- * https://www.secg.org/sec2-v2.pdf
- */
-#define PSA_ECC_FAMILY_SECT_R1           ((psa_ecc_family_t) 0x22)
-
-/** SEC additional random curves over binary fields.
- *
- * This family comprises the following curve:
- * sect163r2.
- * It is defined in _Standards for Efficient Cryptography_,
- * _SEC 2: Recommended Elliptic Curve Domain Parameters_.
- * https://www.secg.org/sec2-v2.pdf
- */
-#define PSA_ECC_FAMILY_SECT_R2           ((psa_ecc_family_t) 0x2b)
-
-/** Brainpool P random curves.
- *
- * This family comprises the following curves:
- * brainpoolP160r1, brainpoolP192r1, brainpoolP224r1, brainpoolP256r1,
- * brainpoolP320r1, brainpoolP384r1, brainpoolP512r1.
- * It is defined in RFC 5639.
- */
-#define PSA_ECC_FAMILY_BRAINPOOL_P_R1    ((psa_ecc_family_t) 0x30)
-
-/** Curve25519 and Curve448.
- *
- * This family comprises the following Montgomery curves:
- * - 255-bit: Bernstein et al.,
- *   _Curve25519: new Diffie-Hellman speed records_, LNCS 3958, 2006.
- *   The algorithm #PSA_ALG_ECDH performs X25519 when used with this curve.
- * - 448-bit: Hamburg,
- *   _Ed448-Goldilocks, a new elliptic curve_, NIST ECC Workshop, 2015.
- *   The algorithm #PSA_ALG_ECDH performs X448 when used with this curve.
- */
-#define PSA_ECC_FAMILY_MONTGOMERY        ((psa_ecc_family_t) 0x41)
-
-#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE             ((psa_key_type_t)0x4200)
-#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE               ((psa_key_type_t)0x7200)
-#define PSA_KEY_TYPE_DH_GROUP_MASK                  ((psa_key_type_t)0x00ff)
-/** Diffie-Hellman key pair.
- *
- * \param group     A value of type ::psa_dh_family_t that identifies the
- *                  Diffie-Hellman group to be used.
- */
-#define PSA_KEY_TYPE_DH_KEY_PAIR(group)          \
-    (PSA_KEY_TYPE_DH_KEY_PAIR_BASE | (group))
-/** Diffie-Hellman public key.
- *
- * \param group     A value of type ::psa_dh_family_t that identifies the
- *                  Diffie-Hellman group to be used.
- */
-#define PSA_KEY_TYPE_DH_PUBLIC_KEY(group)               \
-    (PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE | (group))
-
-/** Whether a key type is a Diffie-Hellman key (pair or public-only). */
-#define PSA_KEY_TYPE_IS_DH(type)                                        \
-    ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) &                        \
-      ~PSA_KEY_TYPE_DH_GROUP_MASK) == PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
-/** Whether a key type is a Diffie-Hellman key pair. */
-#define PSA_KEY_TYPE_IS_DH_KEY_PAIR(type)                               \
-    (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) ==                         \
-     PSA_KEY_TYPE_DH_KEY_PAIR_BASE)
-/** Whether a key type is a Diffie-Hellman public key. */
-#define PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type)                            \
-    (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) ==                         \
-     PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
-
-/** Extract the group from a Diffie-Hellman key type. */
-#define PSA_KEY_TYPE_DH_GET_FAMILY(type)                        \
-    ((psa_dh_family_t) (PSA_KEY_TYPE_IS_DH(type) ?              \
-                       ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) :  \
-                       0))
-
-/** Diffie-Hellman groups defined in RFC 7919 Appendix A.
- *
- * This family includes groups with the following key sizes (in bits):
- * 2048, 3072, 4096, 6144, 8192. A given implementation may support
- * all of these sizes or only a subset.
- */
-#define PSA_DH_FAMILY_RFC7919            ((psa_dh_family_t) 0x03)
-
-#define PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type)      \
-    (((type) >> 8) & 7)
-/** The block size of a block cipher.
- *
- * \param type  A cipher key type (value of type #psa_key_type_t).
- *
- * \return      The block size for a block cipher, or 1 for a stream cipher.
- *              The return value is undefined if \p type is not a supported
- *              cipher key type.
- *
- * \note It is possible to build stream cipher algorithms on top of a block
- *       cipher, for example CTR mode (#PSA_ALG_CTR).
- *       This macro only takes the key type into account, so it cannot be
- *       used to determine the size of the data that #psa_cipher_update()
- *       might buffer for future processing in general.
- *
- * \note This macro returns a compile-time constant if its argument is one.
- *
- * \warning This macro may evaluate its argument multiple times.
- */
-#define PSA_BLOCK_CIPHER_BLOCK_SIZE(type)            \
-    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \
-     1u << PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) :                 \
-     0u)
-
-/** Vendor-defined algorithm flag.
- *
- * Algorithms defined by this standard will never have the #PSA_ALG_VENDOR_FLAG
- * bit set. Vendors who define additional algorithms must use an encoding with
- * the #PSA_ALG_VENDOR_FLAG bit set and should respect the bitwise structure
- * used by standard encodings whenever practical.
- */
-#define PSA_ALG_VENDOR_FLAG                     ((psa_algorithm_t)0x80000000)
-
-#define PSA_ALG_CATEGORY_MASK                   ((psa_algorithm_t)0x7f000000)
-#define PSA_ALG_CATEGORY_HASH                   ((psa_algorithm_t)0x02000000)
-#define PSA_ALG_CATEGORY_MAC                    ((psa_algorithm_t)0x03000000)
-#define PSA_ALG_CATEGORY_CIPHER                 ((psa_algorithm_t)0x04000000)
-#define PSA_ALG_CATEGORY_AEAD                   ((psa_algorithm_t)0x05000000)
-#define PSA_ALG_CATEGORY_SIGN                   ((psa_algorithm_t)0x06000000)
-#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION  ((psa_algorithm_t)0x07000000)
-#define PSA_ALG_CATEGORY_KEY_DERIVATION         ((psa_algorithm_t)0x08000000)
-#define PSA_ALG_CATEGORY_KEY_AGREEMENT          ((psa_algorithm_t)0x09000000)
-
-/** Whether an algorithm is vendor-defined.
- *
- * See also #PSA_ALG_VENDOR_FLAG.
- */
-#define PSA_ALG_IS_VENDOR_DEFINED(alg)                                  \
-    (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
-
-/** Whether the specified algorithm is a hash algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is a hash algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_HASH(alg)                                            \
-    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
-
-/** Whether the specified algorithm is a MAC algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is a MAC algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_MAC(alg)                                             \
-    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC)
-
-/** Whether the specified algorithm is a symmetric cipher algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is a symmetric cipher algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_CIPHER(alg)                                          \
-    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER)
-
-/** Whether the specified algorithm is an authenticated encryption
- * with associated data (AEAD) algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is an AEAD algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_AEAD(alg)                                            \
-    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD)
-
-/** Whether the specified algorithm is an asymmetric signature algorithm,
- * also known as public-key signature algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is an asymmetric signature algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_SIGN(alg)                                            \
-    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN)
-
-/** Whether the specified algorithm is an asymmetric encryption algorithm,
- * also known as public-key encryption algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is an asymmetric encryption algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)                           \
-    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION)
-
-/** Whether the specified algorithm is a key agreement algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is a key agreement algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_KEY_AGREEMENT(alg)                                   \
-    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT)
-
-/** Whether the specified algorithm is a key derivation algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is a key derivation algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_KEY_DERIVATION(alg)                                  \
-    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION)
-
-#define PSA_ALG_HASH_MASK                       ((psa_algorithm_t)0x000000ff)
-/** MD2 */
-#define PSA_ALG_MD2                             ((psa_algorithm_t)0x02000001)
-/** MD4 */
-#define PSA_ALG_MD4                             ((psa_algorithm_t)0x02000002)
-/** MD5 */
-#define PSA_ALG_MD5                             ((psa_algorithm_t)0x02000003)
-/** PSA_ALG_RIPEMD160 */
-#define PSA_ALG_RIPEMD160                       ((psa_algorithm_t)0x02000004)
-/** SHA1 */
-#define PSA_ALG_SHA_1                           ((psa_algorithm_t)0x02000005)
-/** SHA2-224 */
-#define PSA_ALG_SHA_224                         ((psa_algorithm_t)0x02000008)
-/** SHA2-256 */
-#define PSA_ALG_SHA_256                         ((psa_algorithm_t)0x02000009)
-/** SHA2-384 */
-#define PSA_ALG_SHA_384                         ((psa_algorithm_t)0x0200000a)
-/** SHA2-512 */
-#define PSA_ALG_SHA_512                         ((psa_algorithm_t)0x0200000b)
-/** SHA2-512/224 */
-#define PSA_ALG_SHA_512_224                     ((psa_algorithm_t)0x0200000c)
-/** SHA2-512/256 */
-#define PSA_ALG_SHA_512_256                     ((psa_algorithm_t)0x0200000d)
-/** SHA3-224 */
-#define PSA_ALG_SHA3_224                        ((psa_algorithm_t)0x02000010)
-/** SHA3-256 */
-#define PSA_ALG_SHA3_256                        ((psa_algorithm_t)0x02000011)
-/** SHA3-384 */
-#define PSA_ALG_SHA3_384                        ((psa_algorithm_t)0x02000012)
-/** SHA3-512 */
-#define PSA_ALG_SHA3_512                        ((psa_algorithm_t)0x02000013)
-
-/** In a hash-and-sign algorithm policy, allow any hash algorithm.
- *
- * This value may be used to form the algorithm usage field of a policy
- * for a signature algorithm that is parametrized by a hash. The key
- * may then be used to perform operations using the same signature
- * algorithm parametrized with any supported hash.
- *
- * That is, suppose that `PSA_xxx_SIGNATURE` is one of the following macros:
- * - #PSA_ALG_RSA_PKCS1V15_SIGN, #PSA_ALG_RSA_PSS,
- * - #PSA_ALG_ECDSA, #PSA_ALG_DETERMINISTIC_ECDSA.
- * Then you may create and use a key as follows:
- * - Set the key usage field using #PSA_ALG_ANY_HASH, for example:
- *   ```
- *   psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); // or VERIFY
- *   psa_set_key_algorithm(&attributes, PSA_xxx_SIGNATURE(PSA_ALG_ANY_HASH));
- *   ```
- * - Import or generate key material.
- * - Call psa_sign_hash() or psa_verify_hash(), passing
- *   an algorithm built from `PSA_xxx_SIGNATURE` and a specific hash. Each
- *   call to sign or verify a message may use a different hash.
- *   ```
- *   psa_sign_hash(key, PSA_xxx_SIGNATURE(PSA_ALG_SHA_256), ...);
- *   psa_sign_hash(key, PSA_xxx_SIGNATURE(PSA_ALG_SHA_512), ...);
- *   psa_sign_hash(key, PSA_xxx_SIGNATURE(PSA_ALG_SHA3_256), ...);
- *   ```
- *
- * This value may not be used to build other algorithms that are
- * parametrized over a hash. For any valid use of this macro to build
- * an algorithm \c alg, #PSA_ALG_IS_HASH_AND_SIGN(\c alg) is true.
- *
- * This value may not be used to build an algorithm specification to
- * perform an operation. It is only valid to build policies.
- */
-#define PSA_ALG_ANY_HASH                        ((psa_algorithm_t)0x020000ff)
-
-#define PSA_ALG_MAC_SUBCATEGORY_MASK            ((psa_algorithm_t)0x00c00000)
-#define PSA_ALG_HMAC_BASE                       ((psa_algorithm_t)0x03800000)
-/** Macro to build an HMAC algorithm.
- *
- * For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256.
- *
- * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
- *
- * \return              The corresponding HMAC algorithm.
- * \return              Unspecified if \p hash_alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_HMAC(hash_alg)                                  \
-    (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-
-#define PSA_ALG_HMAC_GET_HASH(hmac_alg)                             \
-    (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
-
-/** Whether the specified algorithm is an HMAC algorithm.
- *
- * HMAC is a family of MAC algorithms that are based on a hash function.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is an HMAC algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_HMAC(alg)                                            \
-    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
-     PSA_ALG_HMAC_BASE)
-
-/* In the encoding of a MAC algorithm, the bits corresponding to
- * PSA_ALG_MAC_TRUNCATION_MASK encode the length to which the MAC is
- * truncated. As an exception, the value 0 means the untruncated algorithm,
- * whatever its length is. The length is encoded in 6 bits, so it can
- * reach up to 63; the largest MAC is 64 bytes so its trivial truncation
- * to full length is correctly encoded as 0 and any non-trivial truncation
- * is correctly encoded as a value between 1 and 63. */
-#define PSA_ALG_MAC_TRUNCATION_MASK             ((psa_algorithm_t)0x003f0000)
-#define PSA_MAC_TRUNCATION_OFFSET 16
-
-/** Macro to build a truncated MAC algorithm.
- *
- * A truncated MAC algorithm is identical to the corresponding MAC
- * algorithm except that the MAC value for the truncated algorithm
- * consists of only the first \p mac_length bytes of the MAC value
- * for the untruncated algorithm.
- *
- * \note    This macro may allow constructing algorithm identifiers that
- *          are not valid, either because the specified length is larger
- *          than the untruncated MAC or because the specified length is
- *          smaller than permitted by the implementation.
- *
- * \note    It is implementation-defined whether a truncated MAC that
- *          is truncated to the same length as the MAC of the untruncated
- *          algorithm is considered identical to the untruncated algorithm
- *          for policy comparison purposes.
- *
- * \param mac_alg       A MAC algorithm identifier (value of type
- *                      #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
- *                      is true). This may be a truncated or untruncated
- *                      MAC algorithm.
- * \param mac_length    Desired length of the truncated MAC in bytes.
- *                      This must be at most the full length of the MAC
- *                      and must be at least an implementation-specified
- *                      minimum. The implementation-specified minimum
- *                      shall not be zero.
- *
- * \return              The corresponding MAC algorithm with the specified
- *                      length.
- * \return              Unspecified if \p alg is not a supported
- *                      MAC algorithm or if \p mac_length is too small or
- *                      too large for the specified MAC algorithm.
- */
-#define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length)                      \
-    (((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) |                       \
-     ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK))
-
-/** Macro to build the base MAC algorithm corresponding to a truncated
- * MAC algorithm.
- *
- * \param mac_alg       A MAC algorithm identifier (value of type
- *                      #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
- *                      is true). This may be a truncated or untruncated
- *                      MAC algorithm.
- *
- * \return              The corresponding base MAC algorithm.
- * \return              Unspecified if \p alg is not a supported
- *                      MAC algorithm.
- */
-#define PSA_ALG_FULL_LENGTH_MAC(mac_alg)        \
-    ((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK)
-
-/** Length to which a MAC algorithm is truncated.
- *
- * \param mac_alg       A MAC algorithm identifier (value of type
- *                      #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
- *                      is true).
- *
- * \return              Length of the truncated MAC in bytes.
- * \return              0 if \p alg is a non-truncated MAC algorithm.
- * \return              Unspecified if \p alg is not a supported
- *                      MAC algorithm.
- */
-#define PSA_MAC_TRUNCATED_LENGTH(mac_alg)                               \
-    (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)
-
-#define PSA_ALG_CIPHER_MAC_BASE                 ((psa_algorithm_t)0x03c00000)
-/** The CBC-MAC construction over a block cipher
- *
- * \warning CBC-MAC is insecure in many cases.
- * A more secure mode, such as #PSA_ALG_CMAC, is recommended.
- */
-#define PSA_ALG_CBC_MAC                         ((psa_algorithm_t)0x03c00100)
-/** The CMAC construction over a block cipher */
-#define PSA_ALG_CMAC                            ((psa_algorithm_t)0x03c00200)
-
-/** Whether the specified algorithm is a MAC algorithm based on a block cipher.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is a MAC algorithm based on a block cipher, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg)                                \
-    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
-     PSA_ALG_CIPHER_MAC_BASE)
-
-#define PSA_ALG_CIPHER_STREAM_FLAG              ((psa_algorithm_t)0x00800000)
-#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG          ((psa_algorithm_t)0x00400000)
-
-/** Whether the specified algorithm is a stream cipher.
- *
- * A stream cipher is a symmetric cipher that encrypts or decrypts messages
- * by applying a bitwise-xor with a stream of bytes that is generated
- * from a key.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is a stream cipher algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier or if it is not a symmetric cipher algorithm.
- */
-#define PSA_ALG_IS_STREAM_CIPHER(alg)            \
-    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \
-        (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
-
-/** The stream cipher mode of a stream cipher algorithm.
- *
- * The underlying stream cipher is determined by the key type.
- * - To use ChaCha20, use a key type of #PSA_KEY_TYPE_CHACHA20.
- * - To use ARC4, use a key type of #PSA_KEY_TYPE_ARC4.
- */
-#define PSA_ALG_STREAM_CIPHER                   ((psa_algorithm_t)0x04800100)
-
-/** The CTR stream cipher mode.
- *
- * CTR is a stream cipher which is built from a block cipher.
- * The underlying block cipher is determined by the key type.
- * For example, to use AES-128-CTR, use this algorithm with
- * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes).
- */
-#define PSA_ALG_CTR                             ((psa_algorithm_t)0x04c01000)
-
-/** The CFB stream cipher mode.
- *
- * The underlying block cipher is determined by the key type.
- */
-#define PSA_ALG_CFB                             ((psa_algorithm_t)0x04c01100)
-
-/** The OFB stream cipher mode.
- *
- * The underlying block cipher is determined by the key type.
- */
-#define PSA_ALG_OFB                             ((psa_algorithm_t)0x04c01200)
-
-/** The XTS cipher mode.
- *
- * XTS is a cipher mode which is built from a block cipher. It requires at
- * least one full block of input, but beyond this minimum the input
- * does not need to be a whole number of blocks.
- */
-#define PSA_ALG_XTS                             ((psa_algorithm_t)0x0440ff00)
-
-/** The Electronic Code Book (ECB) mode of a block cipher, with no padding.
- *
- * \warning ECB mode does not protect the confidentiality of the encrypted data
- * except in extremely narrow circumstances. It is recommended that applications
- * only use ECB if they need to construct an operating mode that the
- * implementation does not provide. Implementations are encouraged to provide
- * the modes that applications need in preference to supporting direct access
- * to ECB.
- *
- * The underlying block cipher is determined by the key type.
- *
- * This symmetric cipher mode can only be used with messages whose lengths are a
- * multiple of the block size of the chosen block cipher.
- *
- * ECB mode does not accept an initialization vector (IV). When using a
- * multi-part cipher operation with this algorithm, psa_cipher_generate_iv()
- * and psa_cipher_set_iv() must not be called.
- */
-#define PSA_ALG_ECB_NO_PADDING                  ((psa_algorithm_t)0x04404400)
-
-/** The CBC block cipher chaining mode, with no padding.
- *
- * The underlying block cipher is determined by the key type.
- *
- * This symmetric cipher mode can only be used with messages whose lengths
- * are whole number of blocks for the chosen block cipher.
- */
-#define PSA_ALG_CBC_NO_PADDING                  ((psa_algorithm_t)0x04404000)
-
-/** The CBC block cipher chaining mode with PKCS#7 padding.
- *
- * The underlying block cipher is determined by the key type.
- *
- * This is the padding method defined by PKCS#7 (RFC 2315) &sect;10.3.
- */
-#define PSA_ALG_CBC_PKCS7                       ((psa_algorithm_t)0x04404100)
-
-#define PSA_ALG_AEAD_FROM_BLOCK_FLAG            ((psa_algorithm_t)0x00400000)
-
-/** Whether the specified algorithm is an AEAD mode on a block cipher.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is an AEAD algorithm which is an AEAD mode based on
- *         a block cipher, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg)    \
-    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) == \
-     (PSA_ALG_CATEGORY_AEAD | PSA_ALG_AEAD_FROM_BLOCK_FLAG))
-
-/** The CCM authenticated encryption algorithm.
- *
- * The underlying block cipher is determined by the key type.
- */
-#define PSA_ALG_CCM                             ((psa_algorithm_t)0x05500100)
-
-/** The GCM authenticated encryption algorithm.
- *
- * The underlying block cipher is determined by the key type.
- */
-#define PSA_ALG_GCM                             ((psa_algorithm_t)0x05500200)
-
-/** The Chacha20-Poly1305 AEAD algorithm.
- *
- * The ChaCha20_Poly1305 construction is defined in RFC 7539.
- *
- * Implementations must support 12-byte nonces, may support 8-byte nonces,
- * and should reject other sizes.
- *
- * Implementations must support 16-byte tags and should reject other sizes.
- */
-#define PSA_ALG_CHACHA20_POLY1305               ((psa_algorithm_t)0x05100500)
-
-/* In the encoding of a AEAD algorithm, the bits corresponding to
- * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag.
- * The constants for default lengths follow this encoding.
- */
-#define PSA_ALG_AEAD_TAG_LENGTH_MASK            ((psa_algorithm_t)0x003f0000)
-#define PSA_AEAD_TAG_LENGTH_OFFSET 16
-
-/** Macro to build a shortened AEAD algorithm.
- *
- * A shortened AEAD algorithm is similar to the corresponding AEAD
- * algorithm, but has an authentication tag that consists of fewer bytes.
- * Depending on the algorithm, the tag length may affect the calculation
- * of the ciphertext.
- *
- * \param aead_alg      An AEAD algorithm identifier (value of type
- *                      #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p alg)
- *                      is true).
- * \param tag_length    Desired length of the authentication tag in bytes.
- *
- * \return              The corresponding AEAD algorithm with the specified
- *                      length.
- * \return              Unspecified if \p alg is not a supported
- *                      AEAD algorithm or if \p tag_length is not valid
- *                      for the specified AEAD algorithm.
- */
-#define PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, tag_length)              \
-    (((aead_alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) |                     \
-     ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET &                      \
-      PSA_ALG_AEAD_TAG_LENGTH_MASK))
-
-/** Calculate the corresponding AEAD algorithm with the default tag length.
- *
- * \param aead_alg      An AEAD algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_AEAD(\p alg) is true).
- *
- * \return              The corresponding AEAD algorithm with the default
- *                      tag length for that algorithm.
- */
-#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(aead_alg)                   \
-    (                                                                    \
-        PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_CCM) \
-        PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_GCM) \
-        PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_CHACHA20_POLY1305) \
-        0)
-#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, ref)         \
-    PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, 0) ==                         \
-    PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ?                               \
-    ref :
-
-#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE          ((psa_algorithm_t)0x06000200)
-/** RSA PKCS#1 v1.5 signature with hashing.
- *
- * This is the signature scheme defined by RFC 8017
- * (PKCS#1: RSA Cryptography Specifications) under the name
- * RSASSA-PKCS1-v1_5.
- *
- * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
- *                      This includes #PSA_ALG_ANY_HASH
- *                      when specifying the algorithm in a usage policy.
- *
- * \return              The corresponding RSA PKCS#1 v1.5 signature algorithm.
- * \return              Unspecified if \p hash_alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg)                             \
-    (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-/** Raw PKCS#1 v1.5 signature.
- *
- * The input to this algorithm is the DigestInfo structure used by
- * RFC 8017 (PKCS#1: RSA Cryptography Specifications), &sect;9.2
- * steps 3&ndash;6.
- */
-#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE
-#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)                               \
-    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
-
-#define PSA_ALG_RSA_PSS_BASE               ((psa_algorithm_t)0x06000300)
-/** RSA PSS signature with hashing.
- *
- * This is the signature scheme defined by RFC 8017
- * (PKCS#1: RSA Cryptography Specifications) under the name
- * RSASSA-PSS, with the message generation function MGF1, and with
- * a salt length equal to the length of the hash. The specified
- * hash algorithm is used to hash the input message, to create the
- * salted hash, and for the mask generation.
- *
- * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
- *                      This includes #PSA_ALG_ANY_HASH
- *                      when specifying the algorithm in a usage policy.
- *
- * \return              The corresponding RSA PSS signature algorithm.
- * \return              Unspecified if \p hash_alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_RSA_PSS(hash_alg)                               \
-    (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_IS_RSA_PSS(alg)                                 \
-    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE)
-
-#define PSA_ALG_ECDSA_BASE                      ((psa_algorithm_t)0x06000600)
-/** ECDSA signature with hashing.
- *
- * This is the ECDSA signature scheme defined by ANSI X9.62,
- * with a random per-message secret number (*k*).
- *
- * The representation of the signature as a byte string consists of
- * the concatentation of the signature values *r* and *s*. Each of
- * *r* and *s* is encoded as an *N*-octet string, where *N* is the length
- * of the base point of the curve in octets. Each value is represented
- * in big-endian order (most significant octet first).
- *
- * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
- *                      This includes #PSA_ALG_ANY_HASH
- *                      when specifying the algorithm in a usage policy.
- *
- * \return              The corresponding ECDSA signature algorithm.
- * \return              Unspecified if \p hash_alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_ECDSA(hash_alg)                                 \
-    (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-/** ECDSA signature without hashing.
- *
- * This is the same signature scheme as #PSA_ALG_ECDSA(), but
- * without specifying a hash algorithm. This algorithm may only be
- * used to sign or verify a sequence of bytes that should be an
- * already-calculated hash. Note that the input is padded with
- * zeros on the left or truncated on the left as required to fit
- * the curve size.
- */
-#define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
-#define PSA_ALG_DETERMINISTIC_ECDSA_BASE        ((psa_algorithm_t)0x06000700)
-/** Deterministic ECDSA signature with hashing.
- *
- * This is the deterministic ECDSA signature scheme defined by RFC 6979.
- *
- * The representation of a signature is the same as with #PSA_ALG_ECDSA().
- *
- * Note that when this algorithm is used for verification, signatures
- * made with randomized ECDSA (#PSA_ALG_ECDSA(\p hash_alg)) with the
- * same private key are accepted. In other words,
- * #PSA_ALG_DETERMINISTIC_ECDSA(\p hash_alg) differs from
- * #PSA_ALG_ECDSA(\p hash_alg) only for signature, not for verification.
- *
- * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
- *                      This includes #PSA_ALG_ANY_HASH
- *                      when specifying the algorithm in a usage policy.
- *
- * \return              The corresponding deterministic ECDSA signature
- *                      algorithm.
- * \return              Unspecified if \p hash_alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg)                           \
-    (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG        ((psa_algorithm_t)0x00000100)
-#define PSA_ALG_IS_ECDSA(alg)                                           \
-    (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) ==  \
-     PSA_ALG_ECDSA_BASE)
-#define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)             \
-    (((alg) & PSA_ALG_ECDSA_DETERMINISTIC_FLAG) != 0)
-#define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg)                             \
-    (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
-#define PSA_ALG_IS_RANDOMIZED_ECDSA(alg)                                \
-    (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
-
-/** Whether the specified algorithm is a hash-and-sign algorithm.
- *
- * Hash-and-sign algorithms are asymmetric (public-key) signature algorithms
- * structured in two parts: first the calculation of a hash in a way that
- * does not depend on the key, then the calculation of a signature from the
- * hash value and the key.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is a hash-and-sign algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_HASH_AND_SIGN(alg)                                   \
-    (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) ||    \
-     PSA_ALG_IS_ECDSA(alg))
-
-/** Get the hash used by a hash-and-sign signature algorithm.
- *
- * A hash-and-sign algorithm is a signature algorithm which is
- * composed of two phases: first a hashing phase which does not use
- * the key and produces a hash of the input message, then a signing
- * phase which only uses the hash and the key and not the message
- * itself.
- *
- * \param alg   A signature algorithm (\c PSA_ALG_XXX value such that
- *              #PSA_ALG_IS_SIGN(\p alg) is true).
- *
- * \return      The underlying hash algorithm if \p alg is a hash-and-sign
- *              algorithm.
- * \return      0 if \p alg is a signature algorithm that does not
- *              follow the hash-and-sign structure.
- * \return      Unspecified if \p alg is not a signature algorithm or
- *              if it is not supported by the implementation.
- */
-#define PSA_ALG_SIGN_GET_HASH(alg)                                     \
-    (PSA_ALG_IS_HASH_AND_SIGN(alg) ?                                   \
-     ((alg) & PSA_ALG_HASH_MASK) == 0 ? /*"raw" algorithm*/ 0 :        \
-     ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH :             \
-     0)
-
-/** RSA PKCS#1 v1.5 encryption.
- */
-#define PSA_ALG_RSA_PKCS1V15_CRYPT              ((psa_algorithm_t)0x07000200)
-
-#define PSA_ALG_RSA_OAEP_BASE                   ((psa_algorithm_t)0x07000300)
-/** RSA OAEP encryption.
- *
- * This is the encryption scheme defined by RFC 8017
- * (PKCS#1: RSA Cryptography Specifications) under the name
- * RSAES-OAEP, with the message generation function MGF1.
- *
- * \param hash_alg      The hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true) to use
- *                      for MGF1.
- *
- * \return              The corresponding RSA OAEP encryption algorithm.
- * \return              Unspecified if \p hash_alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_RSA_OAEP(hash_alg)                              \
-    (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_IS_RSA_OAEP(alg)                                \
-    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE)
-#define PSA_ALG_RSA_OAEP_GET_HASH(alg)                          \
-    (PSA_ALG_IS_RSA_OAEP(alg) ?                                 \
-     ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH :      \
-     0)
-
-#define PSA_ALG_HKDF_BASE                       ((psa_algorithm_t)0x08000100)
-/** Macro to build an HKDF algorithm.
- *
- * For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256.
- *
- * This key derivation algorithm uses the following inputs:
- * - #PSA_KEY_DERIVATION_INPUT_SALT is the salt used in the "extract" step.
- *   It is optional; if omitted, the derivation uses an empty salt.
- * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key used in the "extract" step.
- * - #PSA_KEY_DERIVATION_INPUT_INFO is the info string used in the "expand" step.
- * You must pass #PSA_KEY_DERIVATION_INPUT_SALT before #PSA_KEY_DERIVATION_INPUT_SECRET.
- * You may pass #PSA_KEY_DERIVATION_INPUT_INFO at any time after steup and before
- * starting to generate output.
- *
- * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
- *
- * \return              The corresponding HKDF algorithm.
- * \return              Unspecified if \p hash_alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_HKDF(hash_alg)                                  \
-    (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-/** Whether the specified algorithm is an HKDF algorithm.
- *
- * HKDF is a family of key derivation algorithms that are based on a hash
- * function and the HMAC construction.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \c alg is an HKDF algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
- *         key derivation algorithm identifier.
- */
-#define PSA_ALG_IS_HKDF(alg)                            \
-    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE)
-#define PSA_ALG_HKDF_GET_HASH(hkdf_alg)                         \
-    (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
-
-#define PSA_ALG_TLS12_PRF_BASE                  ((psa_algorithm_t)0x08000200)
-/** Macro to build a TLS-1.2 PRF algorithm.
- *
- * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule,
- * specified in Section 5 of RFC 5246. It is based on HMAC and can be
- * used with either SHA-256 or SHA-384.
- *
- * This key derivation algorithm uses the following inputs, which must be
- * passed in the order given here:
- * - #PSA_KEY_DERIVATION_INPUT_SEED is the seed.
- * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key.
- * - #PSA_KEY_DERIVATION_INPUT_LABEL is the label.
- *
- * For the application to TLS-1.2 key expansion, the seed is the
- * concatenation of ServerHello.Random + ClientHello.Random,
- * and the label is "key expansion".
- *
- * For example, `PSA_ALG_TLS12_PRF(PSA_ALG_SHA256)` represents the
- * TLS 1.2 PRF using HMAC-SHA-256.
- *
- * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
- *
- * \return              The corresponding TLS-1.2 PRF algorithm.
- * \return              Unspecified if \p hash_alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_TLS12_PRF(hash_alg)                                  \
-    (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-
-/** Whether the specified algorithm is a TLS-1.2 PRF algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \c alg is a TLS-1.2 PRF algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
- *         key derivation algorithm identifier.
- */
-#define PSA_ALG_IS_TLS12_PRF(alg)                                    \
-    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE)
-#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg)                         \
-    (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
-
-#define PSA_ALG_TLS12_PSK_TO_MS_BASE            ((psa_algorithm_t)0x08000300)
-/** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm.
- *
- * In a pure-PSK handshake in TLS 1.2, the master secret is derived
- * from the PreSharedKey (PSK) through the application of padding
- * (RFC 4279, Section 2) and the TLS-1.2 PRF (RFC 5246, Section 5).
- * The latter is based on HMAC and can be used with either SHA-256
- * or SHA-384.
- *
- * This key derivation algorithm uses the following inputs, which must be
- * passed in the order given here:
- * - #PSA_KEY_DERIVATION_INPUT_SEED is the seed.
- * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key.
- * - #PSA_KEY_DERIVATION_INPUT_LABEL is the label.
- *
- * For the application to TLS-1.2, the seed (which is
- * forwarded to the TLS-1.2 PRF) is the concatenation of the
- * ClientHello.Random + ServerHello.Random,
- * and the label is "master secret" or "extended master secret".
- *
- * For example, `PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA256)` represents the
- * TLS-1.2 PSK to MasterSecret derivation PRF using HMAC-SHA-256.
- *
- * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
- *
- * \return              The corresponding TLS-1.2 PSK to MS algorithm.
- * \return              Unspecified if \p hash_alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_TLS12_PSK_TO_MS(hash_alg)                                  \
-    (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-
-/** Whether the specified algorithm is a TLS-1.2 PSK to MS algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \c alg is a TLS-1.2 PSK to MS algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
- *         key derivation algorithm identifier.
- */
-#define PSA_ALG_IS_TLS12_PSK_TO_MS(alg)                                    \
-    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE)
-#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg)                         \
-    (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
-
-#define PSA_ALG_KEY_DERIVATION_MASK             ((psa_algorithm_t)0xfe00ffff)
-#define PSA_ALG_KEY_AGREEMENT_MASK              ((psa_algorithm_t)0xffff0000)
-
-/** Macro to build a combined algorithm that chains a key agreement with
- * a key derivation.
- *
- * \param ka_alg        A key agreement algorithm (\c PSA_ALG_XXX value such
- *                      that #PSA_ALG_IS_KEY_AGREEMENT(\p ka_alg) is true).
- * \param kdf_alg       A key derivation algorithm (\c PSA_ALG_XXX value such
- *                      that #PSA_ALG_IS_KEY_DERIVATION(\p kdf_alg) is true).
- *
- * \return              The corresponding key agreement and derivation
- *                      algorithm.
- * \return              Unspecified if \p ka_alg is not a supported
- *                      key agreement algorithm or \p kdf_alg is not a
- *                      supported key derivation algorithm.
- */
-#define PSA_ALG_KEY_AGREEMENT(ka_alg, kdf_alg)  \
-    ((ka_alg) | (kdf_alg))
-
-#define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg)                              \
-    (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION)
-
-#define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg)                             \
-    (((alg) & PSA_ALG_KEY_AGREEMENT_MASK) | PSA_ALG_CATEGORY_KEY_AGREEMENT)
-
-/** Whether the specified algorithm is a raw key agreement algorithm.
- *
- * A raw key agreement algorithm is one that does not specify
- * a key derivation function.
- * Usually, raw key agreement algorithms are constructed directly with
- * a \c PSA_ALG_xxx macro while non-raw key agreement algorithms are
- * constructed with #PSA_ALG_KEY_AGREEMENT().
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is a raw key agreement algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)                               \
-    (PSA_ALG_IS_KEY_AGREEMENT(alg) &&                                   \
-     PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) == PSA_ALG_CATEGORY_KEY_DERIVATION)
-
-#define PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT(alg)     \
-    ((PSA_ALG_IS_KEY_DERIVATION(alg) || PSA_ALG_IS_KEY_AGREEMENT(alg)))
-
-/** The finite-field Diffie-Hellman (DH) key agreement algorithm.
- *
- * The shared secret produced by key agreement is
- * `g^{ab}` in big-endian format.
- * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p`
- * in bits.
- */
-#define PSA_ALG_FFDH                            ((psa_algorithm_t)0x09010000)
-
-/** Whether the specified algorithm is a finite field Diffie-Hellman algorithm.
- *
- * This includes the raw finite field Diffie-Hellman algorithm as well as
- * finite-field Diffie-Hellman followed by any supporter key derivation
- * algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \c alg is a finite field Diffie-Hellman algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
- *         key agreement algorithm identifier.
- */
-#define PSA_ALG_IS_FFDH(alg) \
-    (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH)
-
-/** The elliptic curve Diffie-Hellman (ECDH) key agreement algorithm.
- *
- * The shared secret produced by key agreement is the x-coordinate of
- * the shared secret point. It is always `ceiling(m / 8)` bytes long where
- * `m` is the bit size associated with the curve, i.e. the bit size of the
- * order of the curve's coordinate field. When `m` is not a multiple of 8,
- * the byte containing the most significant bit of the shared secret
- * is padded with zero bits. The byte order is either little-endian
- * or big-endian depending on the curve type.
- *
- * - For Montgomery curves (curve types `PSA_ECC_FAMILY_CURVEXXX`),
- *   the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
- *   in little-endian byte order.
- *   The bit size is 448 for Curve448 and 255 for Curve25519.
- * - For Weierstrass curves over prime fields (curve types
- *   `PSA_ECC_FAMILY_SECPXXX` and `PSA_ECC_FAMILY_BRAINPOOL_PXXX`),
- *   the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
- *   in big-endian byte order.
- *   The bit size is `m = ceiling(log_2(p))` for the field `F_p`.
- * - For Weierstrass curves over binary fields (curve types
- *   `PSA_ECC_FAMILY_SECTXXX`),
- *   the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
- *   in big-endian byte order.
- *   The bit size is `m` for the field `F_{2^m}`.
- */
-#define PSA_ALG_ECDH                            ((psa_algorithm_t)0x09020000)
-
-/** Whether the specified algorithm is an elliptic curve Diffie-Hellman
- * algorithm.
- *
- * This includes the raw elliptic curve Diffie-Hellman algorithm as well as
- * elliptic curve Diffie-Hellman followed by any supporter key derivation
- * algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \c alg is an elliptic curve Diffie-Hellman algorithm,
- *         0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
- *         key agreement algorithm identifier.
- */
-#define PSA_ALG_IS_ECDH(alg) \
-    (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH)
-
-/** Whether the specified algorithm encoding is a wildcard.
- *
- * Wildcard values may only be used to set the usage algorithm field in
- * a policy, not to perform an operation.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \c alg is a wildcard algorithm encoding.
- * \return 0 if \c alg is a non-wildcard algorithm encoding (suitable for
- *         an operation).
- * \return This macro may return either 0 or 1 if \c alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_WILDCARD(alg)                        \
-    (PSA_ALG_IS_HASH_AND_SIGN(alg) ?                    \
-     PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH :   \
-     (alg) == PSA_ALG_ANY_HASH)
-
-/**@}*/
-
-/** \defgroup key_lifetimes Key lifetimes
- * @{
- */
-
-/** The default lifetime for volatile keys.
- *
- * A volatile key only exists as long as the identifier to it is not destroyed.
- * The key material is guaranteed to be erased on a power reset.
- *
- * A key with this lifetime is typically stored in the RAM area of the
- * PSA Crypto subsystem. However this is an implementation choice.
- * If an implementation stores data about the key in a non-volatile memory,
- * it must release all the resources associated with the key and erase the
- * key material if the calling application terminates.
- */
-#define PSA_KEY_LIFETIME_VOLATILE               ((psa_key_lifetime_t)0x00000000)
-
-/** The default lifetime for persistent keys.
- *
- * A persistent key remains in storage until it is explicitly destroyed or
- * until the corresponding storage area is wiped. This specification does
- * not define any mechanism to wipe a storage area, but implementations may
- * provide their own mechanism (for example to perform a factory reset,
- * to prepare for device refurbishment, or to uninstall an application).
- *
- * This lifetime value is the default storage area for the calling
- * application. Implementations may offer other storage areas designated
- * by other lifetime values as implementation-specific extensions.
- * See ::psa_key_lifetime_t for more information.
- */
-#define PSA_KEY_LIFETIME_PERSISTENT             ((psa_key_lifetime_t)0x00000001)
-
-/** The persistence level of volatile keys.
- *
- * See ::psa_key_persistence_t for more information.
- */
-#define PSA_KEY_PERSISTENCE_VOLATILE            ((psa_key_persistence_t)0x00)
-
-/** The default persistence level for persistent keys.
- *
- * See ::psa_key_persistence_t for more information.
- */
-#define PSA_KEY_PERSISTENCE_DEFAULT             ((psa_key_persistence_t)0x01)
-
-/** A persistence level indicating that a key is never destroyed.
- *
- * See ::psa_key_persistence_t for more information.
- */
-#define PSA_KEY_PERSISTENCE_READ_ONLY           ((psa_key_persistence_t)0xff)
-
-#define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime)      \
-    ((psa_key_persistence_t)((lifetime) & 0x000000ff))
-
-#define PSA_KEY_LIFETIME_GET_LOCATION(lifetime)      \
-    ((psa_key_location_t)((lifetime) >> 8))
-
-/** Whether a key lifetime indicates that the key is volatile.
- *
- * A volatile key is automatically destroyed by the implementation when
- * the application instance terminates. In particular, a volatile key
- * is automatically destroyed on a power reset of the device.
- *
- * A key that is not volatile is persistent. Persistent keys are
- * preserved until the application explicitly destroys them or until an
- * implementation-specific device management event occurs (for example,
- * a factory reset).
- *
- * \param lifetime      The lifetime value to query (value of type
- *                      ::psa_key_lifetime_t).
- *
- * \return \c 1 if the key is volatile, otherwise \c 0.
- */
-#define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)  \
-    (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
-     PSA_KEY_PERSISTENCE_VOLATILE)
-
-/** Construct a lifetime from a persistence level and a location.
- *
- * \param persistence   The persistence level
- *                      (value of type ::psa_key_persistence_t).
- * \param location      The location indicator
- *                      (value of type ::psa_key_location_t).
- *
- * \return The constructed lifetime value.
- */
-#define PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(persistence, location) \
-    ((location) << 8 | (persistence))
-
-/** The local storage area for persistent keys.
- *
- * This storage area is available on all systems that can store persistent
- * keys without delegating the storage to a third-party cryptoprocessor.
- *
- * See ::psa_key_location_t for more information.
- */
-#define PSA_KEY_LOCATION_LOCAL_STORAGE          ((psa_key_location_t)0x000000)
-
-#define PSA_KEY_LOCATION_VENDOR_FLAG            ((psa_key_location_t)0x800000)
-
-/** The minimum value for a key identifier chosen by the application.
- */
-#define PSA_KEY_ID_USER_MIN                     ((psa_key_id_t)0x00000001)
-/** The maximum value for a key identifier chosen by the application.
- */
-#define PSA_KEY_ID_USER_MAX                     ((psa_key_id_t)0x3fffffff)
-/** The minimum value for a key identifier chosen by the implementation.
- */
-#define PSA_KEY_ID_VENDOR_MIN                   ((psa_key_id_t)0x40000000)
-/** The maximum value for a key identifier chosen by the implementation.
- */
-#define PSA_KEY_ID_VENDOR_MAX                   ((psa_key_id_t)0x7fffffff)
-
-
-#if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
-
-#define MBEDTLS_SVC_KEY_ID_INIT ( (psa_key_id_t)0 )
-#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ( id )
-#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( id ) ( 0 )
-
-/** Utility to initialize a key identifier at runtime.
- *
- * \param unused  Unused parameter.
- * \param key_id  Identifier of the key.
- */
-static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make(
-    unsigned int unused, psa_key_id_t key_id )
-{
-    (void)unused;
-
-    return( key_id );
-}
-
-/** Compare two key identifiers.
- *
- * \param id1 First key identifier.
- * \param id2 Second key identifier.
- *
- * \return Non-zero if the two key identifier are equal, zero otherwise.
- */
-static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1,
-                                            mbedtls_svc_key_id_t id2 )
-{
-    return( id1 == id2 );
-}
-
-/** Check whether a key identifier is null.
- *
- * \param key Key identifier.
- *
- * \return Non-zero if the key identifier is null, zero otherwise.
- */
-static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
-{
-    return( key == 0 );
-}
-
-#else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
-
-#define MBEDTLS_SVC_KEY_ID_INIT ( (mbedtls_svc_key_id_t){ 0, 0 } )
-#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ( ( id ).key_id )
-#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( id ) ( ( id ).owner )
-
-/** Utility to initialize a key identifier at runtime.
- *
- * \param owner_id Identifier of the key owner.
- * \param key_id   Identifier of the key.
- */
-static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make(
-    mbedtls_key_owner_id_t owner_id, psa_key_id_t key_id )
-{
-    return( (mbedtls_svc_key_id_t){ .key_id = key_id,
-                                    .owner = owner_id } );
-}
-
-/** Compare two key identifiers.
- *
- * \param id1 First key identifier.
- * \param id2 Second key identifier.
- *
- * \return Non-zero if the two key identifier are equal, zero otherwise.
- */
-static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1,
-                                            mbedtls_svc_key_id_t id2 )
-{
-    return( ( id1.key_id == id2.key_id ) &&
-            mbedtls_key_owner_id_equal( id1.owner, id2.owner ) );
-}
-
-/** Check whether a key identifier is null.
- *
- * \param key Key identifier.
- *
- * \return Non-zero if the key identifier is null, zero otherwise.
- */
-static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
-{
-    return( ( key.key_id == 0 ) && ( key.owner == 0 ) );
-}
-
-#endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
-
-/**@}*/
-
-/** \defgroup policy Key policies
- * @{
- */
-
-/** Whether the key may be exported.
- *
- * A public key or the public part of a key pair may always be exported
- * regardless of the value of this permission flag.
- *
- * If a key does not have export permission, implementations shall not
- * allow the key to be exported in plain form from the cryptoprocessor,
- * whether through psa_export_key() or through a proprietary interface.
- * The key may however be exportable in a wrapped form, i.e. in a form
- * where it is encrypted by another key.
- */
-#define PSA_KEY_USAGE_EXPORT                    ((psa_key_usage_t)0x00000001)
-
-/** Whether the key may be copied.
- *
- * This flag allows the use of psa_copy_key() to make a copy of the key
- * with the same policy or a more restrictive policy.
- *
- * For lifetimes for which the key is located in a secure element which
- * enforce the non-exportability of keys, copying a key outside the secure
- * element also requires the usage flag #PSA_KEY_USAGE_EXPORT.
- * Copying the key inside the secure element is permitted with just
- * #PSA_KEY_USAGE_COPY if the secure element supports it.
- * For keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE or
- * #PSA_KEY_LIFETIME_PERSISTENT, the usage flag #PSA_KEY_USAGE_COPY
- * is sufficient to permit the copy.
- */
-#define PSA_KEY_USAGE_COPY                      ((psa_key_usage_t)0x00000002)
-
-/** Whether the key may be used to encrypt a message.
- *
- * This flag allows the key to be used for a symmetric encryption operation,
- * for an AEAD encryption-and-authentication operation,
- * or for an asymmetric encryption operation,
- * if otherwise permitted by the key's type and policy.
- *
- * For a key pair, this concerns the public key.
- */
-#define PSA_KEY_USAGE_ENCRYPT                   ((psa_key_usage_t)0x00000100)
-
-/** Whether the key may be used to decrypt a message.
- *
- * This flag allows the key to be used for a symmetric decryption operation,
- * for an AEAD decryption-and-verification operation,
- * or for an asymmetric decryption operation,
- * if otherwise permitted by the key's type and policy.
- *
- * For a key pair, this concerns the private key.
- */
-#define PSA_KEY_USAGE_DECRYPT                   ((psa_key_usage_t)0x00000200)
-
-/** Whether the key may be used to sign a message.
- *
- * This flag allows the key to be used for a MAC calculation operation
- * or for an asymmetric signature operation,
- * if otherwise permitted by the key's type and policy.
- *
- * For a key pair, this concerns the private key.
- */
-#define PSA_KEY_USAGE_SIGN_HASH                 ((psa_key_usage_t)0x00001000)
-
-/** Whether the key may be used to verify a message signature.
- *
- * This flag allows the key to be used for a MAC verification operation
- * or for an asymmetric signature verification operation,
- * if otherwise permitted by by the key's type and policy.
- *
- * For a key pair, this concerns the public key.
- */
-#define PSA_KEY_USAGE_VERIFY_HASH               ((psa_key_usage_t)0x00002000)
-
-/** Whether the key may be used to derive other keys.
- */
-#define PSA_KEY_USAGE_DERIVE                    ((psa_key_usage_t)0x00004000)
-
-/**@}*/
-
-/** \defgroup derivation Key derivation
- * @{
- */
-
-/** A secret input for key derivation.
- *
- * This should be a key of type #PSA_KEY_TYPE_DERIVE
- * (passed to psa_key_derivation_input_key())
- * or the shared secret resulting from a key agreement
- * (obtained via psa_key_derivation_key_agreement()).
- *
- * The secret can also be a direct input (passed to
- * key_derivation_input_bytes()). In this case, the derivation operation
- * may not be used to derive keys: the operation will only allow
- * psa_key_derivation_output_bytes(), not psa_key_derivation_output_key().
- */
-#define PSA_KEY_DERIVATION_INPUT_SECRET     ((psa_key_derivation_step_t)0x0101)
-
-/** A label for key derivation.
- *
- * This should be a direct input.
- * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
- */
-#define PSA_KEY_DERIVATION_INPUT_LABEL      ((psa_key_derivation_step_t)0x0201)
-
-/** A salt for key derivation.
- *
- * This should be a direct input.
- * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
- */
-#define PSA_KEY_DERIVATION_INPUT_SALT       ((psa_key_derivation_step_t)0x0202)
-
-/** An information string for key derivation.
- *
- * This should be a direct input.
- * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
- */
-#define PSA_KEY_DERIVATION_INPUT_INFO       ((psa_key_derivation_step_t)0x0203)
-
-/** A seed for key derivation.
- *
- * This should be a direct input.
- * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
- */
-#define PSA_KEY_DERIVATION_INPUT_SEED       ((psa_key_derivation_step_t)0x0204)
-
-/**@}*/
-
-#endif /* PSA_CRYPTO_VALUES_H */
diff --git a/3rdparty/mbedtls-2.25.0/library/.gitignore b/3rdparty/mbedtls-2.25.0/library/.gitignore
deleted file mode 100644
index 3a63a63..0000000
--- a/3rdparty/mbedtls-2.25.0/library/.gitignore
+++ /dev/null
@@ -1,4 +0,0 @@
-*.o
-libmbed*
-*.sln
-*.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/library/CMakeLists.txt b/3rdparty/mbedtls-2.25.0/library/CMakeLists.txt
deleted file mode 100644
index b309b6e..0000000
--- a/3rdparty/mbedtls-2.25.0/library/CMakeLists.txt
+++ /dev/null
@@ -1,231 +0,0 @@
-option(USE_STATIC_MBEDTLS_LIBRARY "Build mbed TLS static library." ON)
-option(USE_SHARED_MBEDTLS_LIBRARY "Build mbed TLS shared library." OFF)
-option(LINK_WITH_PTHREAD "Explicitly link mbed TLS library to pthread." OFF)
-option(LINK_WITH_TRUSTED_STORAGE "Explicitly link mbed TLS library to trusted_storage." OFF)
-
-# Set the project root directory if it's not already defined, as may happen if
-# the library folder is included directly by a parent project, without
-# including the top level CMakeLists.txt.
-if(NOT DEFINED MBEDTLS_DIR)
-    set(MBEDTLS_DIR ${CMAKE_SOURCE_DIR})
-endif()
-
-set(src_crypto
-    aes.c
-    aesni.c
-    arc4.c
-    aria.c
-    asn1parse.c
-    asn1write.c
-    base64.c
-    bignum.c
-    blowfish.c
-    camellia.c
-    ccm.c
-    chacha20.c
-    chachapoly.c
-    cipher.c
-    cipher_wrap.c
-    cmac.c
-    ctr_drbg.c
-    des.c
-    dhm.c
-    ecdh.c
-    ecdsa.c
-    ecjpake.c
-    ecp.c
-    ecp_curves.c
-    entropy.c
-    entropy_poll.c
-    error.c
-    gcm.c
-    havege.c
-    hkdf.c
-    hmac_drbg.c
-    md.c
-    md2.c
-    md4.c
-    md5.c
-    memory_buffer_alloc.c
-    nist_kw.c
-    oid.c
-    padlock.c
-    pem.c
-    pk.c
-    pk_wrap.c
-    pkcs12.c
-    pkcs5.c
-    pkparse.c
-    pkwrite.c
-    platform.c
-    platform_util.c
-    poly1305.c
-    psa_crypto.c
-    psa_crypto_driver_wrappers.c
-    psa_crypto_se.c
-    psa_crypto_slot_management.c
-    psa_crypto_storage.c
-    psa_its_file.c
-    ripemd160.c
-    rsa.c
-    rsa_internal.c
-    sha1.c
-    sha256.c
-    sha512.c
-    threading.c
-    timing.c
-    version.c
-    version_features.c
-    xtea.c
-)
-
-list(APPEND src_crypto ${thirdparty_src})
-
-set(src_x509
-    certs.c
-    pkcs11.c
-    x509.c
-    x509_create.c
-    x509_crl.c
-    x509_crt.c
-    x509_csr.c
-    x509write_crt.c
-    x509write_csr.c
-)
-
-set(src_tls
-    debug.c
-    net_sockets.c
-    ssl_cache.c
-    ssl_ciphersuites.c
-    ssl_cli.c
-    ssl_cookie.c
-    ssl_msg.c
-    ssl_srv.c
-    ssl_ticket.c
-    ssl_tls.c
-    ssl_tls13_keys.c
-)
-
-if(CMAKE_COMPILER_IS_GNUCC)
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes")
-endif(CMAKE_COMPILER_IS_GNUCC)
-
-if(CMAKE_COMPILER_IS_CLANG)
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code")
-endif(CMAKE_COMPILER_IS_CLANG)
-
-if(WIN32)
-    set(libs ${libs} ws2_32)
-endif(WIN32)
-
-if(${CMAKE_SYSTEM_NAME} MATCHES "Darwin")
-    SET(CMAKE_C_ARCHIVE_CREATE   "<CMAKE_AR> Scr <TARGET> <LINK_FLAGS> <OBJECTS>")
-    SET(CMAKE_CXX_ARCHIVE_CREATE "<CMAKE_AR> Scr <TARGET> <LINK_FLAGS> <OBJECTS>")
-    SET(CMAKE_C_ARCHIVE_FINISH   "<CMAKE_RANLIB> -no_warning_for_no_symbols -c <TARGET>")
-    SET(CMAKE_CXX_ARCHIVE_FINISH "<CMAKE_RANLIB> -no_warning_for_no_symbols -c <TARGET>")
-endif()
-
-if(HAIKU)
-    set(libs ${libs} network)
-endif(HAIKU)
-
-if(USE_PKCS11_HELPER_LIBRARY)
-    set(libs ${libs} pkcs11-helper)
-endif(USE_PKCS11_HELPER_LIBRARY)
-
-if(ENABLE_ZLIB_SUPPORT)
-    set(libs ${libs} ${ZLIB_LIBRARIES})
-endif(ENABLE_ZLIB_SUPPORT)
-
-if(LINK_WITH_PTHREAD)
-    set(libs ${libs} pthread)
-endif()
-
-if(LINK_WITH_TRUSTED_STORAGE)
-    set(libs ${libs} trusted_storage)
-endif()
-
-if (NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY)
-    message(FATAL_ERROR "Need to choose static or shared mbedtls build!")
-endif(NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY)
-
-set(mbedtls_target    "${MBEDTLS_TARGET_PREFIX}mbedtls")
-set(mbedx509_target   "${MBEDTLS_TARGET_PREFIX}mbedx509")
-set(mbedcrypto_target "${MBEDTLS_TARGET_PREFIX}mbedcrypto")
-
-set(mbedtls_target    ${mbedtls_target}    PARENT_SCOPE)
-set(mbedx509_target   ${mbedx509_target}   PARENT_SCOPE)
-set(mbedcrypto_target ${mbedcrypto_target} PARENT_SCOPE)
-
-if (USE_STATIC_MBEDTLS_LIBRARY)
-    set(mbedtls_static_target    ${mbedtls_target})
-    set(mbedx509_static_target   ${mbedx509_target})
-    set(mbedcrypto_static_target ${mbedcrypto_target})
-endif()
-
-set(target_libraries ${mbedcrypto_target} ${mbedx509_target} ${mbedtls_target})
-
-if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
-    string(APPEND mbedtls_static_target    "_static")
-    string(APPEND mbedx509_static_target   "_static")
-    string(APPEND mbedcrypto_static_target "_static")
-
-    list(APPEND target_libraries
-        ${mbedcrypto_static_target}
-        ${mbedx509_static_target}
-        ${mbedtls_static_target})
-endif()
-
-if(USE_STATIC_MBEDTLS_LIBRARY)
-    add_library(${mbedcrypto_static_target} STATIC ${src_crypto})
-    set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto)
-    target_link_libraries(${mbedcrypto_static_target} PUBLIC ${libs})
-
-    add_library(${mbedx509_static_target} STATIC ${src_x509})
-    set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509)
-    target_link_libraries(${mbedx509_static_target} PUBLIC ${libs} ${mbedcrypto_static_target})
-
-    add_library(${mbedtls_static_target} STATIC ${src_tls})
-    set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls)
-    target_link_libraries(${mbedtls_static_target} PUBLIC ${libs} ${mbedx509_static_target})
-endif(USE_STATIC_MBEDTLS_LIBRARY)
-
-if(USE_SHARED_MBEDTLS_LIBRARY)
-    add_library(${mbedcrypto_target} SHARED ${src_crypto})
-    set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 2.25.0 SOVERSION 6)
-    target_link_libraries(${mbedcrypto_target} PUBLIC ${libs})
-
-    add_library(${mbedx509_target} SHARED ${src_x509})
-    set_target_properties(${mbedx509_target} PROPERTIES VERSION 2.25.0 SOVERSION 1)
-    target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target})
-
-    add_library(${mbedtls_target} SHARED ${src_tls})
-    set_target_properties(${mbedtls_target} PROPERTIES VERSION 2.25.0 SOVERSION 13)
-    target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target})
-endif(USE_SHARED_MBEDTLS_LIBRARY)
-
-foreach(target IN LISTS target_libraries)
-    # Include public header files from /include and other directories
-    # declared by /3rdparty/**/CMakeLists.txt. Include private header files
-    # from /library and others declared by /3rdparty/**/CMakeLists.txt.
-    # /library needs to be listed explicitly when building .c files outside
-    # of /library (which currently means: under /3rdparty).
-    target_include_directories(${target}
-        PUBLIC ${MBEDTLS_DIR}/include/
-        PUBLIC ${thirdparty_inc_public}
-        PRIVATE ${MBEDTLS_DIR}/library/
-        PRIVATE ${thirdparty_inc})
-    target_compile_definitions(${target}
-        PRIVATE ${thirdparty_def})
-    install(TARGETS ${target}
-            DESTINATION ${LIB_INSTALL_DIR}
-            PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
-endforeach(target)
-
-set(lib_target "${MBEDTLS_TARGET_PREFIX}lib")
-
-add_custom_target(${lib_target} DEPENDS ${mbedcrypto_target} ${mbedx509_target} ${mbedtls_target})
-if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
-    add_dependencies(${lib_target} ${mbedcrypto_static_target} ${mbedx509_static_target} ${mbedtls_static_target})
-endif()
diff --git a/3rdparty/mbedtls-2.25.0/library/Makefile b/3rdparty/mbedtls-2.25.0/library/Makefile
deleted file mode 100644
index ae33bf2..0000000
--- a/3rdparty/mbedtls-2.25.0/library/Makefile
+++ /dev/null
@@ -1,276 +0,0 @@
-
-# Also see "include/mbedtls/config.h"
-
-CFLAGS	?= -O2
-WARNING_CFLAGS ?=  -Wall -Wextra
-LDFLAGS ?=
-
-# Include ../include for public headers and . for private headers.
-# Note that . needs to be included explicitly for the sake of library
-# files that are not in the /library directory (which currently means
-# under /3rdparty).
-LOCAL_CFLAGS = $(WARNING_CFLAGS) -I. -I../include -D_FILE_OFFSET_BITS=64
-LOCAL_LDFLAGS =
-
-ifdef DEBUG
-LOCAL_CFLAGS += -g3
-endif
-
-# MicroBlaze specific options:
-# CFLAGS += -mno-xl-soft-mul -mxl-barrel-shift
-
-# To compile on Plan9:
-# CFLAGS += -D_BSD_EXTENSION
-
-# if were running on Windows build for Windows
-ifdef WINDOWS
-WINDOWS_BUILD=1
-else ifeq ($(shell uname -s),Darwin)
-ifeq ($(AR),ar)
-APPLE_BUILD ?= 1
-endif
-endif
-
-# To compile as a shared library:
-ifdef SHARED
-# all code is position-indep with mingw, avoid warning about useless flag
-ifndef WINDOWS_BUILD
-LOCAL_CFLAGS += -fPIC -fpic
-endif
-endif
-
-SOEXT_TLS=so.13
-SOEXT_X509=so.1
-SOEXT_CRYPTO=so.6
-
-# Set AR_DASH= (empty string) to use an ar implementation that does not accept
-# the - prefix for command line options (e.g. llvm-ar)
-AR_DASH ?= -
-
-ARFLAGS = $(AR_DASH)src
-ifdef APPLE_BUILD
-ifneq ($(APPLE_BUILD),0)
-ARFLAGS = $(AR_DASH)Src
-RLFLAGS = -no_warning_for_no_symbols -c
-RL ?= ranlib
-endif
-endif
-
-DLEXT ?= so
-ifdef WINDOWS_BUILD
-# Windows shared library extension:
-DLEXT = dll
-else ifdef APPLE_BUILD
-ifneq ($(APPLE_BUILD),0)
-# Mac OS X shared library extension:
-DLEXT = dylib
-endif
-endif
-
-OBJS_CRYPTO= \
-	     aes.o \
-	     aesni.o \
-	     arc4.o \
-	     aria.o \
-	     asn1parse.o \
-	     asn1write.o \
-	     base64.o \
-	     bignum.o \
-	     blowfish.o \
-	     camellia.o \
-	     ccm.o \
-	     chacha20.o \
-	     chachapoly.o \
-	     cipher.o \
-	     cipher_wrap.o \
-	     cmac.o \
-	     ctr_drbg.o \
-	     des.o \
-	     dhm.o \
-	     ecdh.o \
-	     ecdsa.o \
-	     ecjpake.o \
-	     ecp.o \
-	     ecp_curves.o \
-	     entropy.o \
-	     entropy_poll.o \
-	     error.o \
-	     gcm.o \
-	     havege.o \
-	     hkdf.o \
-	     hmac_drbg.o \
-	     md.o \
-	     md2.o \
-	     md4.o \
-	     md5.o \
-	     memory_buffer_alloc.o \
-	     nist_kw.o \
-	     oid.o \
-	     padlock.o \
-	     pem.o \
-	     pk.o \
-	     pk_wrap.o \
-	     pkcs12.o \
-	     pkcs5.o \
-	     pkparse.o \
-	     pkwrite.o \
-	     platform.o \
-	     platform_util.o \
-	     poly1305.o \
-	     psa_crypto.o \
-	     psa_crypto_driver_wrappers.o \
-	     psa_crypto_se.o \
-	     psa_crypto_slot_management.o \
-	     psa_crypto_storage.o \
-	     psa_its_file.o \
-	     ripemd160.o \
-	     rsa.o \
-	     rsa_internal.o \
-	     sha1.o \
-	     sha256.o \
-	     sha512.o \
-	     threading.o \
-	     timing.o \
-	     version.o \
-	     version_features.o \
-	     xtea.o \
-	     # This line is intentionally left blank
-
-include ../3rdparty/Makefile.inc
-LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES)
-OBJS_CRYPTO+=$(THIRDPARTY_CRYPTO_OBJECTS)
-
-OBJS_X509= \
-	   certs.o \
-	   pkcs11.o \
-	   x509.o \
-	   x509_create.o \
-	   x509_crl.o \
-	   x509_crt.o \
-	   x509_csr.o \
-	   x509write_crt.o \
-	   x509write_csr.o \
-	   # This line is intentionally left blank
-
-OBJS_TLS= \
-	  debug.o \
-	  net_sockets.o \
-	  ssl_cache.o \
-	  ssl_ciphersuites.o \
-	  ssl_cli.o \
-	  ssl_cookie.o \
-	  ssl_msg.o \
-	  ssl_srv.o \
-	  ssl_ticket.o \
-	  ssl_tls.o \
-	  ssl_tls13_keys.o \
-	  # This line is intentionally left blank
-
-.SILENT:
-
-.PHONY: all static shared clean
-
-ifndef SHARED
-all: static
-else
-all: shared static
-endif
-
-static: libmbedcrypto.a libmbedx509.a libmbedtls.a
-
-shared: libmbedcrypto.$(DLEXT) libmbedx509.$(DLEXT) libmbedtls.$(DLEXT)
-
-# tls
-libmbedtls.a: $(OBJS_TLS)
-	echo "  AR    $@"
-	$(AR) $(ARFLAGS) $@ $(OBJS_TLS)
-ifdef APPLE_BUILD
-ifneq ($(APPLE_BUILD),0)
-	echo "  RL    $@"
-	$(RL) $(RLFLAGS) $@
-endif
-endif
-
-libmbedtls.$(SOEXT_TLS): $(OBJS_TLS) libmbedx509.so
-	echo "  LD    $@"
-	$(CC) -shared -Wl,-soname,$@ -L. -lmbedcrypto -lmbedx509 $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_TLS)
-
-libmbedtls.so: libmbedtls.$(SOEXT_TLS)
-	echo "  LN    $@ -> $<"
-	ln -sf $< $@
-
-libmbedtls.dylib: $(OBJS_TLS) libmbedx509.dylib
-	echo "  LD    $@"
-	$(CC) -dynamiclib -L. -lmbedcrypto -lmbedx509 $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_TLS)
-
-libmbedtls.dll: $(OBJS_TLS) libmbedx509.dll
-	echo "  LD    $@"
-	$(CC) -shared -Wl,-soname,$@ -Wl,--out-implib,$@.a -o $@ $(OBJS_TLS) -lws2_32 -lwinmm -lgdi32 -L. -lmbedcrypto -lmbedx509 -static-libgcc $(LOCAL_LDFLAGS) $(LDFLAGS)
-
-# x509
-libmbedx509.a: $(OBJS_X509)
-	echo "  AR    $@"
-	$(AR) $(ARFLAGS) $@ $(OBJS_X509)
-ifdef APPLE_BUILD
-ifneq ($(APPLE_BUILD),0)
-	echo "  RL    $@"
-	$(RL) $(RLFLAGS) $@
-endif
-endif
-
-libmbedx509.$(SOEXT_X509): $(OBJS_X509) libmbedcrypto.so
-	echo "  LD    $@"
-	$(CC) -shared -Wl,-soname,$@ -L. -lmbedcrypto $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_X509)
-
-libmbedx509.so: libmbedx509.$(SOEXT_X509)
-	echo "  LN    $@ -> $<"
-	ln -sf $< $@
-
-libmbedx509.dylib: $(OBJS_X509) libmbedcrypto.dylib
-	echo "  LD    $@"
-	$(CC) -dynamiclib -L. -lmbedcrypto  $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_X509)
-
-libmbedx509.dll: $(OBJS_X509) libmbedcrypto.dll
-	echo "  LD    $@"
-	$(CC) -shared -Wl,-soname,$@ -Wl,--out-implib,$@.a -o $@ $(OBJS_X509) -lws2_32 -lwinmm -lgdi32 -L. -lmbedcrypto -static-libgcc $(LOCAL_LDFLAGS) $(LDFLAGS)
-
-# crypto
-libmbedcrypto.a: $(OBJS_CRYPTO)
-	echo "  AR    $@"
-	$(AR) $(ARFLAGS) $@ $(OBJS_CRYPTO)
-ifdef APPLE_BUILD
-ifneq ($(APPLE_BUILD),0)
-	echo "  RL    $@"
-	$(RL) $(RLFLAGS) $@
-endif
-endif
-
-libmbedcrypto.$(SOEXT_CRYPTO): $(OBJS_CRYPTO)
-	echo "  LD    $@"
-	$(CC) -shared -Wl,-soname,$@ $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_CRYPTO)
-
-libmbedcrypto.so: libmbedcrypto.$(SOEXT_CRYPTO)
-	echo "  LN    $@ -> $<"
-	ln -sf $< $@
-
-libmbedcrypto.dylib: $(OBJS_CRYPTO)
-	echo "  LD    $@"
-	$(CC) -dynamiclib $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_CRYPTO)
-
-libmbedcrypto.dll: $(OBJS_CRYPTO)
-	echo "  LD    $@"
-	$(CC) -shared -Wl,-soname,$@ -Wl,--out-implib,$@.a -o $@ $(OBJS_CRYPTO) -lws2_32 -lwinmm -lgdi32 -static-libgcc $(LOCAL_LDFLAGS) $(LDFLAGS)
-
-.c.o:
-	echo "  CC    $<"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $<
-
-clean:
-ifndef WINDOWS
-	rm -f *.o libmbed*
-	rm -f $(THIRDPARTY_CRYPTO_OBJECTS)
-else
-	if exist *.o del /Q /F *.o
-	if exist libmbed* del /Q /F libmbed*
-	del /Q /F del_errors_out_if_the_file_list_is_empty_but_not_if_a_file_does_not_exist $(subst /,\,$(THIRDPARTY_CRYPTO_OBJECTS))
-endif
diff --git a/3rdparty/mbedtls-2.25.0/library/aes.c b/3rdparty/mbedtls-2.25.0/library/aes.c
deleted file mode 100644
index 3f61642..0000000
--- a/3rdparty/mbedtls-2.25.0/library/aes.c
+++ /dev/null
@@ -1,2213 +0,0 @@
-/*
- *  FIPS-197 compliant AES implementation
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  The AES block cipher was designed by Vincent Rijmen and Joan Daemen.
- *
- *  http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf
- *  http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_AES_C)
-
-#include <string.h>
-
-#include "mbedtls/aes.h"
-#include "mbedtls/platform.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-#if defined(MBEDTLS_PADLOCK_C)
-#include "mbedtls/padlock.h"
-#endif
-#if defined(MBEDTLS_AESNI_C)
-#include "mbedtls/aesni.h"
-#endif
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_AES_ALT)
-
-/* Parameter validation macros based on platform_util.h */
-#define AES_VALIDATE_RET( cond )    \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_AES_BAD_INPUT_DATA )
-#define AES_VALIDATE( cond )        \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-/*
- * 32-bit integer manipulation macros (little endian)
- */
-#ifndef GET_UINT32_LE
-#define GET_UINT32_LE(n,b,i)                            \
-{                                                       \
-    (n) = ( (uint32_t) (b)[(i)    ]       )             \
-        | ( (uint32_t) (b)[(i) + 1] <<  8 )             \
-        | ( (uint32_t) (b)[(i) + 2] << 16 )             \
-        | ( (uint32_t) (b)[(i) + 3] << 24 );            \
-}
-#endif
-
-#ifndef PUT_UINT32_LE
-#define PUT_UINT32_LE(n,b,i)                                    \
-{                                                               \
-    (b)[(i)    ] = (unsigned char) ( ( (n)       ) & 0xFF );    \
-    (b)[(i) + 1] = (unsigned char) ( ( (n) >>  8 ) & 0xFF );    \
-    (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF );    \
-    (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF );    \
-}
-#endif
-
-#if defined(MBEDTLS_PADLOCK_C) &&                      \
-    ( defined(MBEDTLS_HAVE_X86) || defined(MBEDTLS_PADLOCK_ALIGN16) )
-static int aes_padlock_ace = -1;
-#endif
-
-#if defined(MBEDTLS_AES_ROM_TABLES)
-/*
- * Forward S-box
- */
-static const unsigned char FSb[256] =
-{
-    0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5,
-    0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76,
-    0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0,
-    0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0,
-    0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC,
-    0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15,
-    0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A,
-    0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75,
-    0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0,
-    0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84,
-    0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B,
-    0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF,
-    0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85,
-    0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8,
-    0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5,
-    0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2,
-    0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17,
-    0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73,
-    0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88,
-    0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB,
-    0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C,
-    0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79,
-    0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9,
-    0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08,
-    0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6,
-    0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A,
-    0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E,
-    0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E,
-    0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94,
-    0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF,
-    0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68,
-    0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16
-};
-
-/*
- * Forward tables
- */
-#define FT \
-\
-    V(A5,63,63,C6), V(84,7C,7C,F8), V(99,77,77,EE), V(8D,7B,7B,F6), \
-    V(0D,F2,F2,FF), V(BD,6B,6B,D6), V(B1,6F,6F,DE), V(54,C5,C5,91), \
-    V(50,30,30,60), V(03,01,01,02), V(A9,67,67,CE), V(7D,2B,2B,56), \
-    V(19,FE,FE,E7), V(62,D7,D7,B5), V(E6,AB,AB,4D), V(9A,76,76,EC), \
-    V(45,CA,CA,8F), V(9D,82,82,1F), V(40,C9,C9,89), V(87,7D,7D,FA), \
-    V(15,FA,FA,EF), V(EB,59,59,B2), V(C9,47,47,8E), V(0B,F0,F0,FB), \
-    V(EC,AD,AD,41), V(67,D4,D4,B3), V(FD,A2,A2,5F), V(EA,AF,AF,45), \
-    V(BF,9C,9C,23), V(F7,A4,A4,53), V(96,72,72,E4), V(5B,C0,C0,9B), \
-    V(C2,B7,B7,75), V(1C,FD,FD,E1), V(AE,93,93,3D), V(6A,26,26,4C), \
-    V(5A,36,36,6C), V(41,3F,3F,7E), V(02,F7,F7,F5), V(4F,CC,CC,83), \
-    V(5C,34,34,68), V(F4,A5,A5,51), V(34,E5,E5,D1), V(08,F1,F1,F9), \
-    V(93,71,71,E2), V(73,D8,D8,AB), V(53,31,31,62), V(3F,15,15,2A), \
-    V(0C,04,04,08), V(52,C7,C7,95), V(65,23,23,46), V(5E,C3,C3,9D), \
-    V(28,18,18,30), V(A1,96,96,37), V(0F,05,05,0A), V(B5,9A,9A,2F), \
-    V(09,07,07,0E), V(36,12,12,24), V(9B,80,80,1B), V(3D,E2,E2,DF), \
-    V(26,EB,EB,CD), V(69,27,27,4E), V(CD,B2,B2,7F), V(9F,75,75,EA), \
-    V(1B,09,09,12), V(9E,83,83,1D), V(74,2C,2C,58), V(2E,1A,1A,34), \
-    V(2D,1B,1B,36), V(B2,6E,6E,DC), V(EE,5A,5A,B4), V(FB,A0,A0,5B), \
-    V(F6,52,52,A4), V(4D,3B,3B,76), V(61,D6,D6,B7), V(CE,B3,B3,7D), \
-    V(7B,29,29,52), V(3E,E3,E3,DD), V(71,2F,2F,5E), V(97,84,84,13), \
-    V(F5,53,53,A6), V(68,D1,D1,B9), V(00,00,00,00), V(2C,ED,ED,C1), \
-    V(60,20,20,40), V(1F,FC,FC,E3), V(C8,B1,B1,79), V(ED,5B,5B,B6), \
-    V(BE,6A,6A,D4), V(46,CB,CB,8D), V(D9,BE,BE,67), V(4B,39,39,72), \
-    V(DE,4A,4A,94), V(D4,4C,4C,98), V(E8,58,58,B0), V(4A,CF,CF,85), \
-    V(6B,D0,D0,BB), V(2A,EF,EF,C5), V(E5,AA,AA,4F), V(16,FB,FB,ED), \
-    V(C5,43,43,86), V(D7,4D,4D,9A), V(55,33,33,66), V(94,85,85,11), \
-    V(CF,45,45,8A), V(10,F9,F9,E9), V(06,02,02,04), V(81,7F,7F,FE), \
-    V(F0,50,50,A0), V(44,3C,3C,78), V(BA,9F,9F,25), V(E3,A8,A8,4B), \
-    V(F3,51,51,A2), V(FE,A3,A3,5D), V(C0,40,40,80), V(8A,8F,8F,05), \
-    V(AD,92,92,3F), V(BC,9D,9D,21), V(48,38,38,70), V(04,F5,F5,F1), \
-    V(DF,BC,BC,63), V(C1,B6,B6,77), V(75,DA,DA,AF), V(63,21,21,42), \
-    V(30,10,10,20), V(1A,FF,FF,E5), V(0E,F3,F3,FD), V(6D,D2,D2,BF), \
-    V(4C,CD,CD,81), V(14,0C,0C,18), V(35,13,13,26), V(2F,EC,EC,C3), \
-    V(E1,5F,5F,BE), V(A2,97,97,35), V(CC,44,44,88), V(39,17,17,2E), \
-    V(57,C4,C4,93), V(F2,A7,A7,55), V(82,7E,7E,FC), V(47,3D,3D,7A), \
-    V(AC,64,64,C8), V(E7,5D,5D,BA), V(2B,19,19,32), V(95,73,73,E6), \
-    V(A0,60,60,C0), V(98,81,81,19), V(D1,4F,4F,9E), V(7F,DC,DC,A3), \
-    V(66,22,22,44), V(7E,2A,2A,54), V(AB,90,90,3B), V(83,88,88,0B), \
-    V(CA,46,46,8C), V(29,EE,EE,C7), V(D3,B8,B8,6B), V(3C,14,14,28), \
-    V(79,DE,DE,A7), V(E2,5E,5E,BC), V(1D,0B,0B,16), V(76,DB,DB,AD), \
-    V(3B,E0,E0,DB), V(56,32,32,64), V(4E,3A,3A,74), V(1E,0A,0A,14), \
-    V(DB,49,49,92), V(0A,06,06,0C), V(6C,24,24,48), V(E4,5C,5C,B8), \
-    V(5D,C2,C2,9F), V(6E,D3,D3,BD), V(EF,AC,AC,43), V(A6,62,62,C4), \
-    V(A8,91,91,39), V(A4,95,95,31), V(37,E4,E4,D3), V(8B,79,79,F2), \
-    V(32,E7,E7,D5), V(43,C8,C8,8B), V(59,37,37,6E), V(B7,6D,6D,DA), \
-    V(8C,8D,8D,01), V(64,D5,D5,B1), V(D2,4E,4E,9C), V(E0,A9,A9,49), \
-    V(B4,6C,6C,D8), V(FA,56,56,AC), V(07,F4,F4,F3), V(25,EA,EA,CF), \
-    V(AF,65,65,CA), V(8E,7A,7A,F4), V(E9,AE,AE,47), V(18,08,08,10), \
-    V(D5,BA,BA,6F), V(88,78,78,F0), V(6F,25,25,4A), V(72,2E,2E,5C), \
-    V(24,1C,1C,38), V(F1,A6,A6,57), V(C7,B4,B4,73), V(51,C6,C6,97), \
-    V(23,E8,E8,CB), V(7C,DD,DD,A1), V(9C,74,74,E8), V(21,1F,1F,3E), \
-    V(DD,4B,4B,96), V(DC,BD,BD,61), V(86,8B,8B,0D), V(85,8A,8A,0F), \
-    V(90,70,70,E0), V(42,3E,3E,7C), V(C4,B5,B5,71), V(AA,66,66,CC), \
-    V(D8,48,48,90), V(05,03,03,06), V(01,F6,F6,F7), V(12,0E,0E,1C), \
-    V(A3,61,61,C2), V(5F,35,35,6A), V(F9,57,57,AE), V(D0,B9,B9,69), \
-    V(91,86,86,17), V(58,C1,C1,99), V(27,1D,1D,3A), V(B9,9E,9E,27), \
-    V(38,E1,E1,D9), V(13,F8,F8,EB), V(B3,98,98,2B), V(33,11,11,22), \
-    V(BB,69,69,D2), V(70,D9,D9,A9), V(89,8E,8E,07), V(A7,94,94,33), \
-    V(B6,9B,9B,2D), V(22,1E,1E,3C), V(92,87,87,15), V(20,E9,E9,C9), \
-    V(49,CE,CE,87), V(FF,55,55,AA), V(78,28,28,50), V(7A,DF,DF,A5), \
-    V(8F,8C,8C,03), V(F8,A1,A1,59), V(80,89,89,09), V(17,0D,0D,1A), \
-    V(DA,BF,BF,65), V(31,E6,E6,D7), V(C6,42,42,84), V(B8,68,68,D0), \
-    V(C3,41,41,82), V(B0,99,99,29), V(77,2D,2D,5A), V(11,0F,0F,1E), \
-    V(CB,B0,B0,7B), V(FC,54,54,A8), V(D6,BB,BB,6D), V(3A,16,16,2C)
-
-#define V(a,b,c,d) 0x##a##b##c##d
-static const uint32_t FT0[256] = { FT };
-#undef V
-
-#if !defined(MBEDTLS_AES_FEWER_TABLES)
-
-#define V(a,b,c,d) 0x##b##c##d##a
-static const uint32_t FT1[256] = { FT };
-#undef V
-
-#define V(a,b,c,d) 0x##c##d##a##b
-static const uint32_t FT2[256] = { FT };
-#undef V
-
-#define V(a,b,c,d) 0x##d##a##b##c
-static const uint32_t FT3[256] = { FT };
-#undef V
-
-#endif /* !MBEDTLS_AES_FEWER_TABLES */
-
-#undef FT
-
-/*
- * Reverse S-box
- */
-static const unsigned char RSb[256] =
-{
-    0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38,
-    0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB,
-    0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87,
-    0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB,
-    0x54, 0x7B, 0x94, 0x32, 0xA6, 0xC2, 0x23, 0x3D,
-    0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E,
-    0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2,
-    0x76, 0x5B, 0xA2, 0x49, 0x6D, 0x8B, 0xD1, 0x25,
-    0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16,
-    0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92,
-    0x6C, 0x70, 0x48, 0x50, 0xFD, 0xED, 0xB9, 0xDA,
-    0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84,
-    0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A,
-    0xF7, 0xE4, 0x58, 0x05, 0xB8, 0xB3, 0x45, 0x06,
-    0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02,
-    0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B,
-    0x3A, 0x91, 0x11, 0x41, 0x4F, 0x67, 0xDC, 0xEA,
-    0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73,
-    0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85,
-    0xE2, 0xF9, 0x37, 0xE8, 0x1C, 0x75, 0xDF, 0x6E,
-    0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89,
-    0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B,
-    0xFC, 0x56, 0x3E, 0x4B, 0xC6, 0xD2, 0x79, 0x20,
-    0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4,
-    0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31,
-    0xB1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xEC, 0x5F,
-    0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D,
-    0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF,
-    0xA0, 0xE0, 0x3B, 0x4D, 0xAE, 0x2A, 0xF5, 0xB0,
-    0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61,
-    0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26,
-    0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D
-};
-
-/*
- * Reverse tables
- */
-#define RT \
-\
-    V(50,A7,F4,51), V(53,65,41,7E), V(C3,A4,17,1A), V(96,5E,27,3A), \
-    V(CB,6B,AB,3B), V(F1,45,9D,1F), V(AB,58,FA,AC), V(93,03,E3,4B), \
-    V(55,FA,30,20), V(F6,6D,76,AD), V(91,76,CC,88), V(25,4C,02,F5), \
-    V(FC,D7,E5,4F), V(D7,CB,2A,C5), V(80,44,35,26), V(8F,A3,62,B5), \
-    V(49,5A,B1,DE), V(67,1B,BA,25), V(98,0E,EA,45), V(E1,C0,FE,5D), \
-    V(02,75,2F,C3), V(12,F0,4C,81), V(A3,97,46,8D), V(C6,F9,D3,6B), \
-    V(E7,5F,8F,03), V(95,9C,92,15), V(EB,7A,6D,BF), V(DA,59,52,95), \
-    V(2D,83,BE,D4), V(D3,21,74,58), V(29,69,E0,49), V(44,C8,C9,8E), \
-    V(6A,89,C2,75), V(78,79,8E,F4), V(6B,3E,58,99), V(DD,71,B9,27), \
-    V(B6,4F,E1,BE), V(17,AD,88,F0), V(66,AC,20,C9), V(B4,3A,CE,7D), \
-    V(18,4A,DF,63), V(82,31,1A,E5), V(60,33,51,97), V(45,7F,53,62), \
-    V(E0,77,64,B1), V(84,AE,6B,BB), V(1C,A0,81,FE), V(94,2B,08,F9), \
-    V(58,68,48,70), V(19,FD,45,8F), V(87,6C,DE,94), V(B7,F8,7B,52), \
-    V(23,D3,73,AB), V(E2,02,4B,72), V(57,8F,1F,E3), V(2A,AB,55,66), \
-    V(07,28,EB,B2), V(03,C2,B5,2F), V(9A,7B,C5,86), V(A5,08,37,D3), \
-    V(F2,87,28,30), V(B2,A5,BF,23), V(BA,6A,03,02), V(5C,82,16,ED), \
-    V(2B,1C,CF,8A), V(92,B4,79,A7), V(F0,F2,07,F3), V(A1,E2,69,4E), \
-    V(CD,F4,DA,65), V(D5,BE,05,06), V(1F,62,34,D1), V(8A,FE,A6,C4), \
-    V(9D,53,2E,34), V(A0,55,F3,A2), V(32,E1,8A,05), V(75,EB,F6,A4), \
-    V(39,EC,83,0B), V(AA,EF,60,40), V(06,9F,71,5E), V(51,10,6E,BD), \
-    V(F9,8A,21,3E), V(3D,06,DD,96), V(AE,05,3E,DD), V(46,BD,E6,4D), \
-    V(B5,8D,54,91), V(05,5D,C4,71), V(6F,D4,06,04), V(FF,15,50,60), \
-    V(24,FB,98,19), V(97,E9,BD,D6), V(CC,43,40,89), V(77,9E,D9,67), \
-    V(BD,42,E8,B0), V(88,8B,89,07), V(38,5B,19,E7), V(DB,EE,C8,79), \
-    V(47,0A,7C,A1), V(E9,0F,42,7C), V(C9,1E,84,F8), V(00,00,00,00), \
-    V(83,86,80,09), V(48,ED,2B,32), V(AC,70,11,1E), V(4E,72,5A,6C), \
-    V(FB,FF,0E,FD), V(56,38,85,0F), V(1E,D5,AE,3D), V(27,39,2D,36), \
-    V(64,D9,0F,0A), V(21,A6,5C,68), V(D1,54,5B,9B), V(3A,2E,36,24), \
-    V(B1,67,0A,0C), V(0F,E7,57,93), V(D2,96,EE,B4), V(9E,91,9B,1B), \
-    V(4F,C5,C0,80), V(A2,20,DC,61), V(69,4B,77,5A), V(16,1A,12,1C), \
-    V(0A,BA,93,E2), V(E5,2A,A0,C0), V(43,E0,22,3C), V(1D,17,1B,12), \
-    V(0B,0D,09,0E), V(AD,C7,8B,F2), V(B9,A8,B6,2D), V(C8,A9,1E,14), \
-    V(85,19,F1,57), V(4C,07,75,AF), V(BB,DD,99,EE), V(FD,60,7F,A3), \
-    V(9F,26,01,F7), V(BC,F5,72,5C), V(C5,3B,66,44), V(34,7E,FB,5B), \
-    V(76,29,43,8B), V(DC,C6,23,CB), V(68,FC,ED,B6), V(63,F1,E4,B8), \
-    V(CA,DC,31,D7), V(10,85,63,42), V(40,22,97,13), V(20,11,C6,84), \
-    V(7D,24,4A,85), V(F8,3D,BB,D2), V(11,32,F9,AE), V(6D,A1,29,C7), \
-    V(4B,2F,9E,1D), V(F3,30,B2,DC), V(EC,52,86,0D), V(D0,E3,C1,77), \
-    V(6C,16,B3,2B), V(99,B9,70,A9), V(FA,48,94,11), V(22,64,E9,47), \
-    V(C4,8C,FC,A8), V(1A,3F,F0,A0), V(D8,2C,7D,56), V(EF,90,33,22), \
-    V(C7,4E,49,87), V(C1,D1,38,D9), V(FE,A2,CA,8C), V(36,0B,D4,98), \
-    V(CF,81,F5,A6), V(28,DE,7A,A5), V(26,8E,B7,DA), V(A4,BF,AD,3F), \
-    V(E4,9D,3A,2C), V(0D,92,78,50), V(9B,CC,5F,6A), V(62,46,7E,54), \
-    V(C2,13,8D,F6), V(E8,B8,D8,90), V(5E,F7,39,2E), V(F5,AF,C3,82), \
-    V(BE,80,5D,9F), V(7C,93,D0,69), V(A9,2D,D5,6F), V(B3,12,25,CF), \
-    V(3B,99,AC,C8), V(A7,7D,18,10), V(6E,63,9C,E8), V(7B,BB,3B,DB), \
-    V(09,78,26,CD), V(F4,18,59,6E), V(01,B7,9A,EC), V(A8,9A,4F,83), \
-    V(65,6E,95,E6), V(7E,E6,FF,AA), V(08,CF,BC,21), V(E6,E8,15,EF), \
-    V(D9,9B,E7,BA), V(CE,36,6F,4A), V(D4,09,9F,EA), V(D6,7C,B0,29), \
-    V(AF,B2,A4,31), V(31,23,3F,2A), V(30,94,A5,C6), V(C0,66,A2,35), \
-    V(37,BC,4E,74), V(A6,CA,82,FC), V(B0,D0,90,E0), V(15,D8,A7,33), \
-    V(4A,98,04,F1), V(F7,DA,EC,41), V(0E,50,CD,7F), V(2F,F6,91,17), \
-    V(8D,D6,4D,76), V(4D,B0,EF,43), V(54,4D,AA,CC), V(DF,04,96,E4), \
-    V(E3,B5,D1,9E), V(1B,88,6A,4C), V(B8,1F,2C,C1), V(7F,51,65,46), \
-    V(04,EA,5E,9D), V(5D,35,8C,01), V(73,74,87,FA), V(2E,41,0B,FB), \
-    V(5A,1D,67,B3), V(52,D2,DB,92), V(33,56,10,E9), V(13,47,D6,6D), \
-    V(8C,61,D7,9A), V(7A,0C,A1,37), V(8E,14,F8,59), V(89,3C,13,EB), \
-    V(EE,27,A9,CE), V(35,C9,61,B7), V(ED,E5,1C,E1), V(3C,B1,47,7A), \
-    V(59,DF,D2,9C), V(3F,73,F2,55), V(79,CE,14,18), V(BF,37,C7,73), \
-    V(EA,CD,F7,53), V(5B,AA,FD,5F), V(14,6F,3D,DF), V(86,DB,44,78), \
-    V(81,F3,AF,CA), V(3E,C4,68,B9), V(2C,34,24,38), V(5F,40,A3,C2), \
-    V(72,C3,1D,16), V(0C,25,E2,BC), V(8B,49,3C,28), V(41,95,0D,FF), \
-    V(71,01,A8,39), V(DE,B3,0C,08), V(9C,E4,B4,D8), V(90,C1,56,64), \
-    V(61,84,CB,7B), V(70,B6,32,D5), V(74,5C,6C,48), V(42,57,B8,D0)
-
-#define V(a,b,c,d) 0x##a##b##c##d
-static const uint32_t RT0[256] = { RT };
-#undef V
-
-#if !defined(MBEDTLS_AES_FEWER_TABLES)
-
-#define V(a,b,c,d) 0x##b##c##d##a
-static const uint32_t RT1[256] = { RT };
-#undef V
-
-#define V(a,b,c,d) 0x##c##d##a##b
-static const uint32_t RT2[256] = { RT };
-#undef V
-
-#define V(a,b,c,d) 0x##d##a##b##c
-static const uint32_t RT3[256] = { RT };
-#undef V
-
-#endif /* !MBEDTLS_AES_FEWER_TABLES */
-
-#undef RT
-
-/*
- * Round constants
- */
-static const uint32_t RCON[10] =
-{
-    0x00000001, 0x00000002, 0x00000004, 0x00000008,
-    0x00000010, 0x00000020, 0x00000040, 0x00000080,
-    0x0000001B, 0x00000036
-};
-
-#else /* MBEDTLS_AES_ROM_TABLES */
-
-/*
- * Forward S-box & tables
- */
-static unsigned char FSb[256];
-static uint32_t FT0[256];
-#if !defined(MBEDTLS_AES_FEWER_TABLES)
-static uint32_t FT1[256];
-static uint32_t FT2[256];
-static uint32_t FT3[256];
-#endif /* !MBEDTLS_AES_FEWER_TABLES */
-
-/*
- * Reverse S-box & tables
- */
-static unsigned char RSb[256];
-static uint32_t RT0[256];
-#if !defined(MBEDTLS_AES_FEWER_TABLES)
-static uint32_t RT1[256];
-static uint32_t RT2[256];
-static uint32_t RT3[256];
-#endif /* !MBEDTLS_AES_FEWER_TABLES */
-
-/*
- * Round constants
- */
-static uint32_t RCON[10];
-
-/*
- * Tables generation code
- */
-#define ROTL8(x) ( ( (x) << 8 ) & 0xFFFFFFFF ) | ( (x) >> 24 )
-#define XTIME(x) ( ( (x) << 1 ) ^ ( ( (x) & 0x80 ) ? 0x1B : 0x00 ) )
-#define MUL(x,y) ( ( (x) && (y) ) ? pow[(log[(x)]+log[(y)]) % 255] : 0 )
-
-static int aes_init_done = 0;
-
-static void aes_gen_tables( void )
-{
-    int i, x, y, z;
-    int pow[256];
-    int log[256];
-
-    /*
-     * compute pow and log tables over GF(2^8)
-     */
-    for( i = 0, x = 1; i < 256; i++ )
-    {
-        pow[i] = x;
-        log[x] = i;
-        x = ( x ^ XTIME( x ) ) & 0xFF;
-    }
-
-    /*
-     * calculate the round constants
-     */
-    for( i = 0, x = 1; i < 10; i++ )
-    {
-        RCON[i] = (uint32_t) x;
-        x = XTIME( x ) & 0xFF;
-    }
-
-    /*
-     * generate the forward and reverse S-boxes
-     */
-    FSb[0x00] = 0x63;
-    RSb[0x63] = 0x00;
-
-    for( i = 1; i < 256; i++ )
-    {
-        x = pow[255 - log[i]];
-
-        y  = x; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF;
-        x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF;
-        x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF;
-        x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF;
-        x ^= y ^ 0x63;
-
-        FSb[i] = (unsigned char) x;
-        RSb[x] = (unsigned char) i;
-    }
-
-    /*
-     * generate the forward and reverse tables
-     */
-    for( i = 0; i < 256; i++ )
-    {
-        x = FSb[i];
-        y = XTIME( x ) & 0xFF;
-        z =  ( y ^ x ) & 0xFF;
-
-        FT0[i] = ( (uint32_t) y       ) ^
-                 ( (uint32_t) x <<  8 ) ^
-                 ( (uint32_t) x << 16 ) ^
-                 ( (uint32_t) z << 24 );
-
-#if !defined(MBEDTLS_AES_FEWER_TABLES)
-        FT1[i] = ROTL8( FT0[i] );
-        FT2[i] = ROTL8( FT1[i] );
-        FT3[i] = ROTL8( FT2[i] );
-#endif /* !MBEDTLS_AES_FEWER_TABLES */
-
-        x = RSb[i];
-
-        RT0[i] = ( (uint32_t) MUL( 0x0E, x )       ) ^
-                 ( (uint32_t) MUL( 0x09, x ) <<  8 ) ^
-                 ( (uint32_t) MUL( 0x0D, x ) << 16 ) ^
-                 ( (uint32_t) MUL( 0x0B, x ) << 24 );
-
-#if !defined(MBEDTLS_AES_FEWER_TABLES)
-        RT1[i] = ROTL8( RT0[i] );
-        RT2[i] = ROTL8( RT1[i] );
-        RT3[i] = ROTL8( RT2[i] );
-#endif /* !MBEDTLS_AES_FEWER_TABLES */
-    }
-}
-
-#undef ROTL8
-
-#endif /* MBEDTLS_AES_ROM_TABLES */
-
-#if defined(MBEDTLS_AES_FEWER_TABLES)
-
-#define ROTL8(x)  ( (uint32_t)( ( x ) <<  8 ) + (uint32_t)( ( x ) >> 24 ) )
-#define ROTL16(x) ( (uint32_t)( ( x ) << 16 ) + (uint32_t)( ( x ) >> 16 ) )
-#define ROTL24(x) ( (uint32_t)( ( x ) << 24 ) + (uint32_t)( ( x ) >>  8 ) )
-
-#define AES_RT0(idx) RT0[idx]
-#define AES_RT1(idx) ROTL8(  RT0[idx] )
-#define AES_RT2(idx) ROTL16( RT0[idx] )
-#define AES_RT3(idx) ROTL24( RT0[idx] )
-
-#define AES_FT0(idx) FT0[idx]
-#define AES_FT1(idx) ROTL8(  FT0[idx] )
-#define AES_FT2(idx) ROTL16( FT0[idx] )
-#define AES_FT3(idx) ROTL24( FT0[idx] )
-
-#else /* MBEDTLS_AES_FEWER_TABLES */
-
-#define AES_RT0(idx) RT0[idx]
-#define AES_RT1(idx) RT1[idx]
-#define AES_RT2(idx) RT2[idx]
-#define AES_RT3(idx) RT3[idx]
-
-#define AES_FT0(idx) FT0[idx]
-#define AES_FT1(idx) FT1[idx]
-#define AES_FT2(idx) FT2[idx]
-#define AES_FT3(idx) FT3[idx]
-
-#endif /* MBEDTLS_AES_FEWER_TABLES */
-
-void mbedtls_aes_init( mbedtls_aes_context *ctx )
-{
-    AES_VALIDATE( ctx != NULL );
-
-    memset( ctx, 0, sizeof( mbedtls_aes_context ) );
-}
-
-void mbedtls_aes_free( mbedtls_aes_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_aes_context ) );
-}
-
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx )
-{
-    AES_VALIDATE( ctx != NULL );
-
-    mbedtls_aes_init( &ctx->crypt );
-    mbedtls_aes_init( &ctx->tweak );
-}
-
-void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_aes_free( &ctx->crypt );
-    mbedtls_aes_free( &ctx->tweak );
-}
-#endif /* MBEDTLS_CIPHER_MODE_XTS */
-
-/*
- * AES key schedule (encryption)
- */
-#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT)
-int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
-                    unsigned int keybits )
-{
-    unsigned int i;
-    uint32_t *RK;
-
-    AES_VALIDATE_RET( ctx != NULL );
-    AES_VALIDATE_RET( key != NULL );
-
-    switch( keybits )
-    {
-        case 128: ctx->nr = 10; break;
-        case 192: ctx->nr = 12; break;
-        case 256: ctx->nr = 14; break;
-        default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
-    }
-
-#if !defined(MBEDTLS_AES_ROM_TABLES)
-    if( aes_init_done == 0 )
-    {
-        aes_gen_tables();
-        aes_init_done = 1;
-    }
-#endif
-
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16)
-    if( aes_padlock_ace == -1 )
-        aes_padlock_ace = mbedtls_padlock_has_support( MBEDTLS_PADLOCK_ACE );
-
-    if( aes_padlock_ace )
-        ctx->rk = RK = MBEDTLS_PADLOCK_ALIGN16( ctx->buf );
-    else
-#endif
-    ctx->rk = RK = ctx->buf;
-
-#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
-    if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) )
-        return( mbedtls_aesni_setkey_enc( (unsigned char *) ctx->rk, key, keybits ) );
-#endif
-
-    for( i = 0; i < ( keybits >> 5 ); i++ )
-    {
-        GET_UINT32_LE( RK[i], key, i << 2 );
-    }
-
-    switch( ctx->nr )
-    {
-        case 10:
-
-            for( i = 0; i < 10; i++, RK += 4 )
-            {
-                RK[4]  = RK[0] ^ RCON[i] ^
-                ( (uint32_t) FSb[ ( RK[3] >>  8 ) & 0xFF ]       ) ^
-                ( (uint32_t) FSb[ ( RK[3] >> 16 ) & 0xFF ] <<  8 ) ^
-                ( (uint32_t) FSb[ ( RK[3] >> 24 ) & 0xFF ] << 16 ) ^
-                ( (uint32_t) FSb[ ( RK[3]       ) & 0xFF ] << 24 );
-
-                RK[5]  = RK[1] ^ RK[4];
-                RK[6]  = RK[2] ^ RK[5];
-                RK[7]  = RK[3] ^ RK[6];
-            }
-            break;
-
-        case 12:
-
-            for( i = 0; i < 8; i++, RK += 6 )
-            {
-                RK[6]  = RK[0] ^ RCON[i] ^
-                ( (uint32_t) FSb[ ( RK[5] >>  8 ) & 0xFF ]       ) ^
-                ( (uint32_t) FSb[ ( RK[5] >> 16 ) & 0xFF ] <<  8 ) ^
-                ( (uint32_t) FSb[ ( RK[5] >> 24 ) & 0xFF ] << 16 ) ^
-                ( (uint32_t) FSb[ ( RK[5]       ) & 0xFF ] << 24 );
-
-                RK[7]  = RK[1] ^ RK[6];
-                RK[8]  = RK[2] ^ RK[7];
-                RK[9]  = RK[3] ^ RK[8];
-                RK[10] = RK[4] ^ RK[9];
-                RK[11] = RK[5] ^ RK[10];
-            }
-            break;
-
-        case 14:
-
-            for( i = 0; i < 7; i++, RK += 8 )
-            {
-                RK[8]  = RK[0] ^ RCON[i] ^
-                ( (uint32_t) FSb[ ( RK[7] >>  8 ) & 0xFF ]       ) ^
-                ( (uint32_t) FSb[ ( RK[7] >> 16 ) & 0xFF ] <<  8 ) ^
-                ( (uint32_t) FSb[ ( RK[7] >> 24 ) & 0xFF ] << 16 ) ^
-                ( (uint32_t) FSb[ ( RK[7]       ) & 0xFF ] << 24 );
-
-                RK[9]  = RK[1] ^ RK[8];
-                RK[10] = RK[2] ^ RK[9];
-                RK[11] = RK[3] ^ RK[10];
-
-                RK[12] = RK[4] ^
-                ( (uint32_t) FSb[ ( RK[11]       ) & 0xFF ]       ) ^
-                ( (uint32_t) FSb[ ( RK[11] >>  8 ) & 0xFF ] <<  8 ) ^
-                ( (uint32_t) FSb[ ( RK[11] >> 16 ) & 0xFF ] << 16 ) ^
-                ( (uint32_t) FSb[ ( RK[11] >> 24 ) & 0xFF ] << 24 );
-
-                RK[13] = RK[5] ^ RK[12];
-                RK[14] = RK[6] ^ RK[13];
-                RK[15] = RK[7] ^ RK[14];
-            }
-            break;
-    }
-
-    return( 0 );
-}
-#endif /* !MBEDTLS_AES_SETKEY_ENC_ALT */
-
-/*
- * AES key schedule (decryption)
- */
-#if !defined(MBEDTLS_AES_SETKEY_DEC_ALT)
-int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
-                    unsigned int keybits )
-{
-    int i, j, ret;
-    mbedtls_aes_context cty;
-    uint32_t *RK;
-    uint32_t *SK;
-
-    AES_VALIDATE_RET( ctx != NULL );
-    AES_VALIDATE_RET( key != NULL );
-
-    mbedtls_aes_init( &cty );
-
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16)
-    if( aes_padlock_ace == -1 )
-        aes_padlock_ace = mbedtls_padlock_has_support( MBEDTLS_PADLOCK_ACE );
-
-    if( aes_padlock_ace )
-        ctx->rk = RK = MBEDTLS_PADLOCK_ALIGN16( ctx->buf );
-    else
-#endif
-    ctx->rk = RK = ctx->buf;
-
-    /* Also checks keybits */
-    if( ( ret = mbedtls_aes_setkey_enc( &cty, key, keybits ) ) != 0 )
-        goto exit;
-
-    ctx->nr = cty.nr;
-
-#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
-    if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) )
-    {
-        mbedtls_aesni_inverse_key( (unsigned char *) ctx->rk,
-                           (const unsigned char *) cty.rk, ctx->nr );
-        goto exit;
-    }
-#endif
-
-    SK = cty.rk + cty.nr * 4;
-
-    *RK++ = *SK++;
-    *RK++ = *SK++;
-    *RK++ = *SK++;
-    *RK++ = *SK++;
-
-    for( i = ctx->nr - 1, SK -= 8; i > 0; i--, SK -= 8 )
-    {
-        for( j = 0; j < 4; j++, SK++ )
-        {
-            *RK++ = AES_RT0( FSb[ ( *SK       ) & 0xFF ] ) ^
-                    AES_RT1( FSb[ ( *SK >>  8 ) & 0xFF ] ) ^
-                    AES_RT2( FSb[ ( *SK >> 16 ) & 0xFF ] ) ^
-                    AES_RT3( FSb[ ( *SK >> 24 ) & 0xFF ] );
-        }
-    }
-
-    *RK++ = *SK++;
-    *RK++ = *SK++;
-    *RK++ = *SK++;
-    *RK++ = *SK++;
-
-exit:
-    mbedtls_aes_free( &cty );
-
-    return( ret );
-}
-#endif /* !MBEDTLS_AES_SETKEY_DEC_ALT */
-
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-static int mbedtls_aes_xts_decode_keys( const unsigned char *key,
-                                        unsigned int keybits,
-                                        const unsigned char **key1,
-                                        unsigned int *key1bits,
-                                        const unsigned char **key2,
-                                        unsigned int *key2bits )
-{
-    const unsigned int half_keybits = keybits / 2;
-    const unsigned int half_keybytes = half_keybits / 8;
-
-    switch( keybits )
-    {
-        case 256: break;
-        case 512: break;
-        default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
-    }
-
-    *key1bits = half_keybits;
-    *key2bits = half_keybits;
-    *key1 = &key[0];
-    *key2 = &key[half_keybytes];
-
-    return 0;
-}
-
-int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
-                                const unsigned char *key,
-                                unsigned int keybits)
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const unsigned char *key1, *key2;
-    unsigned int key1bits, key2bits;
-
-    AES_VALIDATE_RET( ctx != NULL );
-    AES_VALIDATE_RET( key != NULL );
-
-    ret = mbedtls_aes_xts_decode_keys( key, keybits, &key1, &key1bits,
-                                       &key2, &key2bits );
-    if( ret != 0 )
-        return( ret );
-
-    /* Set the tweak key. Always set tweak key for the encryption mode. */
-    ret = mbedtls_aes_setkey_enc( &ctx->tweak, key2, key2bits );
-    if( ret != 0 )
-        return( ret );
-
-    /* Set crypt key for encryption. */
-    return mbedtls_aes_setkey_enc( &ctx->crypt, key1, key1bits );
-}
-
-int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
-                                const unsigned char *key,
-                                unsigned int keybits)
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const unsigned char *key1, *key2;
-    unsigned int key1bits, key2bits;
-
-    AES_VALIDATE_RET( ctx != NULL );
-    AES_VALIDATE_RET( key != NULL );
-
-    ret = mbedtls_aes_xts_decode_keys( key, keybits, &key1, &key1bits,
-                                       &key2, &key2bits );
-    if( ret != 0 )
-        return( ret );
-
-    /* Set the tweak key. Always set tweak key for encryption. */
-    ret = mbedtls_aes_setkey_enc( &ctx->tweak, key2, key2bits );
-    if( ret != 0 )
-        return( ret );
-
-    /* Set crypt key for decryption. */
-    return mbedtls_aes_setkey_dec( &ctx->crypt, key1, key1bits );
-}
-#endif /* MBEDTLS_CIPHER_MODE_XTS */
-
-#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3)                     \
-    do                                                          \
-    {                                                           \
-        (X0) = *RK++ ^ AES_FT0( ( (Y0)       ) & 0xFF ) ^       \
-                       AES_FT1( ( (Y1) >>  8 ) & 0xFF ) ^       \
-                       AES_FT2( ( (Y2) >> 16 ) & 0xFF ) ^       \
-                       AES_FT3( ( (Y3) >> 24 ) & 0xFF );        \
-                                                                \
-        (X1) = *RK++ ^ AES_FT0( ( (Y1)       ) & 0xFF ) ^       \
-                       AES_FT1( ( (Y2) >>  8 ) & 0xFF ) ^       \
-                       AES_FT2( ( (Y3) >> 16 ) & 0xFF ) ^       \
-                       AES_FT3( ( (Y0) >> 24 ) & 0xFF );        \
-                                                                \
-        (X2) = *RK++ ^ AES_FT0( ( (Y2)       ) & 0xFF ) ^       \
-                       AES_FT1( ( (Y3) >>  8 ) & 0xFF ) ^       \
-                       AES_FT2( ( (Y0) >> 16 ) & 0xFF ) ^       \
-                       AES_FT3( ( (Y1) >> 24 ) & 0xFF );        \
-                                                                \
-        (X3) = *RK++ ^ AES_FT0( ( (Y3)       ) & 0xFF ) ^       \
-                       AES_FT1( ( (Y0) >>  8 ) & 0xFF ) ^       \
-                       AES_FT2( ( (Y1) >> 16 ) & 0xFF ) ^       \
-                       AES_FT3( ( (Y2) >> 24 ) & 0xFF );        \
-    } while( 0 )
-
-#define AES_RROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3)                 \
-    do                                                      \
-    {                                                       \
-        (X0) = *RK++ ^ AES_RT0( ( (Y0)       ) & 0xFF ) ^   \
-                       AES_RT1( ( (Y3) >>  8 ) & 0xFF ) ^   \
-                       AES_RT2( ( (Y2) >> 16 ) & 0xFF ) ^   \
-                       AES_RT3( ( (Y1) >> 24 ) & 0xFF );    \
-                                                            \
-        (X1) = *RK++ ^ AES_RT0( ( (Y1)       ) & 0xFF ) ^   \
-                       AES_RT1( ( (Y0) >>  8 ) & 0xFF ) ^   \
-                       AES_RT2( ( (Y3) >> 16 ) & 0xFF ) ^   \
-                       AES_RT3( ( (Y2) >> 24 ) & 0xFF );    \
-                                                            \
-        (X2) = *RK++ ^ AES_RT0( ( (Y2)       ) & 0xFF ) ^   \
-                       AES_RT1( ( (Y1) >>  8 ) & 0xFF ) ^   \
-                       AES_RT2( ( (Y0) >> 16 ) & 0xFF ) ^   \
-                       AES_RT3( ( (Y3) >> 24 ) & 0xFF );    \
-                                                            \
-        (X3) = *RK++ ^ AES_RT0( ( (Y3)       ) & 0xFF ) ^   \
-                       AES_RT1( ( (Y2) >>  8 ) & 0xFF ) ^   \
-                       AES_RT2( ( (Y1) >> 16 ) & 0xFF ) ^   \
-                       AES_RT3( ( (Y0) >> 24 ) & 0xFF );    \
-    } while( 0 )
-
-/*
- * AES-ECB block encryption
- */
-#if !defined(MBEDTLS_AES_ENCRYPT_ALT)
-int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
-                                  const unsigned char input[16],
-                                  unsigned char output[16] )
-{
-    int i;
-    uint32_t *RK = ctx->rk;
-    struct
-    {
-        uint32_t X[4];
-        uint32_t Y[4];
-    } t;
-
-    GET_UINT32_LE( t.X[0], input,  0 ); t.X[0] ^= *RK++;
-    GET_UINT32_LE( t.X[1], input,  4 ); t.X[1] ^= *RK++;
-    GET_UINT32_LE( t.X[2], input,  8 ); t.X[2] ^= *RK++;
-    GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++;
-
-    for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- )
-    {
-        AES_FROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] );
-        AES_FROUND( t.X[0], t.X[1], t.X[2], t.X[3], t.Y[0], t.Y[1], t.Y[2], t.Y[3] );
-    }
-
-    AES_FROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] );
-
-    t.X[0] = *RK++ ^ \
-            ( (uint32_t) FSb[ ( t.Y[0]       ) & 0xFF ]       ) ^
-            ( (uint32_t) FSb[ ( t.Y[1] >>  8 ) & 0xFF ] <<  8 ) ^
-            ( (uint32_t) FSb[ ( t.Y[2] >> 16 ) & 0xFF ] << 16 ) ^
-            ( (uint32_t) FSb[ ( t.Y[3] >> 24 ) & 0xFF ] << 24 );
-
-    t.X[1] = *RK++ ^ \
-            ( (uint32_t) FSb[ ( t.Y[1]       ) & 0xFF ]       ) ^
-            ( (uint32_t) FSb[ ( t.Y[2] >>  8 ) & 0xFF ] <<  8 ) ^
-            ( (uint32_t) FSb[ ( t.Y[3] >> 16 ) & 0xFF ] << 16 ) ^
-            ( (uint32_t) FSb[ ( t.Y[0] >> 24 ) & 0xFF ] << 24 );
-
-    t.X[2] = *RK++ ^ \
-            ( (uint32_t) FSb[ ( t.Y[2]       ) & 0xFF ]       ) ^
-            ( (uint32_t) FSb[ ( t.Y[3] >>  8 ) & 0xFF ] <<  8 ) ^
-            ( (uint32_t) FSb[ ( t.Y[0] >> 16 ) & 0xFF ] << 16 ) ^
-            ( (uint32_t) FSb[ ( t.Y[1] >> 24 ) & 0xFF ] << 24 );
-
-    t.X[3] = *RK++ ^ \
-            ( (uint32_t) FSb[ ( t.Y[3]       ) & 0xFF ]       ) ^
-            ( (uint32_t) FSb[ ( t.Y[0] >>  8 ) & 0xFF ] <<  8 ) ^
-            ( (uint32_t) FSb[ ( t.Y[1] >> 16 ) & 0xFF ] << 16 ) ^
-            ( (uint32_t) FSb[ ( t.Y[2] >> 24 ) & 0xFF ] << 24 );
-
-    PUT_UINT32_LE( t.X[0], output,  0 );
-    PUT_UINT32_LE( t.X[1], output,  4 );
-    PUT_UINT32_LE( t.X[2], output,  8 );
-    PUT_UINT32_LE( t.X[3], output, 12 );
-
-    mbedtls_platform_zeroize( &t, sizeof( t ) );
-
-    return( 0 );
-}
-#endif /* !MBEDTLS_AES_ENCRYPT_ALT */
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
-                          const unsigned char input[16],
-                          unsigned char output[16] )
-{
-    mbedtls_internal_aes_encrypt( ctx, input, output );
-}
-#endif /* !MBEDTLS_DEPRECATED_REMOVED */
-
-/*
- * AES-ECB block decryption
- */
-#if !defined(MBEDTLS_AES_DECRYPT_ALT)
-int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
-                                  const unsigned char input[16],
-                                  unsigned char output[16] )
-{
-    int i;
-    uint32_t *RK = ctx->rk;
-    struct
-    {
-        uint32_t X[4];
-        uint32_t Y[4];
-    } t;
-
-    GET_UINT32_LE( t.X[0], input,  0 ); t.X[0] ^= *RK++;
-    GET_UINT32_LE( t.X[1], input,  4 ); t.X[1] ^= *RK++;
-    GET_UINT32_LE( t.X[2], input,  8 ); t.X[2] ^= *RK++;
-    GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++;
-
-    for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- )
-    {
-        AES_RROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] );
-        AES_RROUND( t.X[0], t.X[1], t.X[2], t.X[3], t.Y[0], t.Y[1], t.Y[2], t.Y[3] );
-    }
-
-    AES_RROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] );
-
-    t.X[0] = *RK++ ^ \
-            ( (uint32_t) RSb[ ( t.Y[0]       ) & 0xFF ]       ) ^
-            ( (uint32_t) RSb[ ( t.Y[3] >>  8 ) & 0xFF ] <<  8 ) ^
-            ( (uint32_t) RSb[ ( t.Y[2] >> 16 ) & 0xFF ] << 16 ) ^
-            ( (uint32_t) RSb[ ( t.Y[1] >> 24 ) & 0xFF ] << 24 );
-
-    t.X[1] = *RK++ ^ \
-            ( (uint32_t) RSb[ ( t.Y[1]       ) & 0xFF ]       ) ^
-            ( (uint32_t) RSb[ ( t.Y[0] >>  8 ) & 0xFF ] <<  8 ) ^
-            ( (uint32_t) RSb[ ( t.Y[3] >> 16 ) & 0xFF ] << 16 ) ^
-            ( (uint32_t) RSb[ ( t.Y[2] >> 24 ) & 0xFF ] << 24 );
-
-    t.X[2] = *RK++ ^ \
-            ( (uint32_t) RSb[ ( t.Y[2]       ) & 0xFF ]       ) ^
-            ( (uint32_t) RSb[ ( t.Y[1] >>  8 ) & 0xFF ] <<  8 ) ^
-            ( (uint32_t) RSb[ ( t.Y[0] >> 16 ) & 0xFF ] << 16 ) ^
-            ( (uint32_t) RSb[ ( t.Y[3] >> 24 ) & 0xFF ] << 24 );
-
-    t.X[3] = *RK++ ^ \
-            ( (uint32_t) RSb[ ( t.Y[3]       ) & 0xFF ]       ) ^
-            ( (uint32_t) RSb[ ( t.Y[2] >>  8 ) & 0xFF ] <<  8 ) ^
-            ( (uint32_t) RSb[ ( t.Y[1] >> 16 ) & 0xFF ] << 16 ) ^
-            ( (uint32_t) RSb[ ( t.Y[0] >> 24 ) & 0xFF ] << 24 );
-
-    PUT_UINT32_LE( t.X[0], output,  0 );
-    PUT_UINT32_LE( t.X[1], output,  4 );
-    PUT_UINT32_LE( t.X[2], output,  8 );
-    PUT_UINT32_LE( t.X[3], output, 12 );
-
-    mbedtls_platform_zeroize( &t, sizeof( t ) );
-
-    return( 0 );
-}
-#endif /* !MBEDTLS_AES_DECRYPT_ALT */
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_aes_decrypt( mbedtls_aes_context *ctx,
-                          const unsigned char input[16],
-                          unsigned char output[16] )
-{
-    mbedtls_internal_aes_decrypt( ctx, input, output );
-}
-#endif /* !MBEDTLS_DEPRECATED_REMOVED */
-
-/*
- * AES-ECB block encryption/decryption
- */
-int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
-                           int mode,
-                           const unsigned char input[16],
-                           unsigned char output[16] )
-{
-    AES_VALIDATE_RET( ctx != NULL );
-    AES_VALIDATE_RET( input != NULL );
-    AES_VALIDATE_RET( output != NULL );
-    AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
-                      mode == MBEDTLS_AES_DECRYPT );
-
-#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
-    if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) )
-        return( mbedtls_aesni_crypt_ecb( ctx, mode, input, output ) );
-#endif
-
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)
-    if( aes_padlock_ace )
-    {
-        if( mbedtls_padlock_xcryptecb( ctx, mode, input, output ) == 0 )
-            return( 0 );
-
-        // If padlock data misaligned, we just fall back to
-        // unaccelerated mode
-        //
-    }
-#endif
-
-    if( mode == MBEDTLS_AES_ENCRYPT )
-        return( mbedtls_internal_aes_encrypt( ctx, input, output ) );
-    else
-        return( mbedtls_internal_aes_decrypt( ctx, input, output ) );
-}
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-/*
- * AES-CBC buffer encryption/decryption
- */
-int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
-                    int mode,
-                    size_t length,
-                    unsigned char iv[16],
-                    const unsigned char *input,
-                    unsigned char *output )
-{
-    int i;
-    unsigned char temp[16];
-
-    AES_VALIDATE_RET( ctx != NULL );
-    AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
-                      mode == MBEDTLS_AES_DECRYPT );
-    AES_VALIDATE_RET( iv != NULL );
-    AES_VALIDATE_RET( input != NULL );
-    AES_VALIDATE_RET( output != NULL );
-
-    if( length % 16 )
-        return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
-
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)
-    if( aes_padlock_ace )
-    {
-        if( mbedtls_padlock_xcryptcbc( ctx, mode, length, iv, input, output ) == 0 )
-            return( 0 );
-
-        // If padlock data misaligned, we just fall back to
-        // unaccelerated mode
-        //
-    }
-#endif
-
-    if( mode == MBEDTLS_AES_DECRYPT )
-    {
-        while( length > 0 )
-        {
-            memcpy( temp, input, 16 );
-            mbedtls_aes_crypt_ecb( ctx, mode, input, output );
-
-            for( i = 0; i < 16; i++ )
-                output[i] = (unsigned char)( output[i] ^ iv[i] );
-
-            memcpy( iv, temp, 16 );
-
-            input  += 16;
-            output += 16;
-            length -= 16;
-        }
-    }
-    else
-    {
-        while( length > 0 )
-        {
-            for( i = 0; i < 16; i++ )
-                output[i] = (unsigned char)( input[i] ^ iv[i] );
-
-            mbedtls_aes_crypt_ecb( ctx, mode, output, output );
-            memcpy( iv, output, 16 );
-
-            input  += 16;
-            output += 16;
-            length -= 16;
-        }
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-
-/* Endianess with 64 bits values */
-#ifndef GET_UINT64_LE
-#define GET_UINT64_LE(n,b,i)                            \
-{                                                       \
-    (n) = ( (uint64_t) (b)[(i) + 7] << 56 )             \
-        | ( (uint64_t) (b)[(i) + 6] << 48 )             \
-        | ( (uint64_t) (b)[(i) + 5] << 40 )             \
-        | ( (uint64_t) (b)[(i) + 4] << 32 )             \
-        | ( (uint64_t) (b)[(i) + 3] << 24 )             \
-        | ( (uint64_t) (b)[(i) + 2] << 16 )             \
-        | ( (uint64_t) (b)[(i) + 1] <<  8 )             \
-        | ( (uint64_t) (b)[(i)    ]       );            \
-}
-#endif
-
-#ifndef PUT_UINT64_LE
-#define PUT_UINT64_LE(n,b,i)                            \
-{                                                       \
-    (b)[(i) + 7] = (unsigned char) ( (n) >> 56 );       \
-    (b)[(i) + 6] = (unsigned char) ( (n) >> 48 );       \
-    (b)[(i) + 5] = (unsigned char) ( (n) >> 40 );       \
-    (b)[(i) + 4] = (unsigned char) ( (n) >> 32 );       \
-    (b)[(i) + 3] = (unsigned char) ( (n) >> 24 );       \
-    (b)[(i) + 2] = (unsigned char) ( (n) >> 16 );       \
-    (b)[(i) + 1] = (unsigned char) ( (n) >>  8 );       \
-    (b)[(i)    ] = (unsigned char) ( (n)       );       \
-}
-#endif
-
-typedef unsigned char mbedtls_be128[16];
-
-/*
- * GF(2^128) multiplication function
- *
- * This function multiplies a field element by x in the polynomial field
- * representation. It uses 64-bit word operations to gain speed but compensates
- * for machine endianess and hence works correctly on both big and little
- * endian machines.
- */
-static void mbedtls_gf128mul_x_ble( unsigned char r[16],
-                                    const unsigned char x[16] )
-{
-    uint64_t a, b, ra, rb;
-
-    GET_UINT64_LE( a, x, 0 );
-    GET_UINT64_LE( b, x, 8 );
-
-    ra = ( a << 1 )  ^ 0x0087 >> ( 8 - ( ( b >> 63 ) << 3 ) );
-    rb = ( a >> 63 ) | ( b << 1 );
-
-    PUT_UINT64_LE( ra, r, 0 );
-    PUT_UINT64_LE( rb, r, 8 );
-}
-
-/*
- * AES-XTS buffer encryption/decryption
- */
-int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
-                           int mode,
-                           size_t length,
-                           const unsigned char data_unit[16],
-                           const unsigned char *input,
-                           unsigned char *output )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t blocks = length / 16;
-    size_t leftover = length % 16;
-    unsigned char tweak[16];
-    unsigned char prev_tweak[16];
-    unsigned char tmp[16];
-
-    AES_VALIDATE_RET( ctx != NULL );
-    AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
-                      mode == MBEDTLS_AES_DECRYPT );
-    AES_VALIDATE_RET( data_unit != NULL );
-    AES_VALIDATE_RET( input != NULL );
-    AES_VALIDATE_RET( output != NULL );
-
-    /* Data units must be at least 16 bytes long. */
-    if( length < 16 )
-        return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
-
-    /* NIST SP 800-38E disallows data units larger than 2**20 blocks. */
-    if( length > ( 1 << 20 ) * 16 )
-        return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
-
-    /* Compute the tweak. */
-    ret = mbedtls_aes_crypt_ecb( &ctx->tweak, MBEDTLS_AES_ENCRYPT,
-                                 data_unit, tweak );
-    if( ret != 0 )
-        return( ret );
-
-    while( blocks-- )
-    {
-        size_t i;
-
-        if( leftover && ( mode == MBEDTLS_AES_DECRYPT ) && blocks == 0 )
-        {
-            /* We are on the last block in a decrypt operation that has
-             * leftover bytes, so we need to use the next tweak for this block,
-             * and this tweak for the lefover bytes. Save the current tweak for
-             * the leftovers and then update the current tweak for use on this,
-             * the last full block. */
-            memcpy( prev_tweak, tweak, sizeof( tweak ) );
-            mbedtls_gf128mul_x_ble( tweak, tweak );
-        }
-
-        for( i = 0; i < 16; i++ )
-            tmp[i] = input[i] ^ tweak[i];
-
-        ret = mbedtls_aes_crypt_ecb( &ctx->crypt, mode, tmp, tmp );
-        if( ret != 0 )
-            return( ret );
-
-        for( i = 0; i < 16; i++ )
-            output[i] = tmp[i] ^ tweak[i];
-
-        /* Update the tweak for the next block. */
-        mbedtls_gf128mul_x_ble( tweak, tweak );
-
-        output += 16;
-        input += 16;
-    }
-
-    if( leftover )
-    {
-        /* If we are on the leftover bytes in a decrypt operation, we need to
-         * use the previous tweak for these bytes (as saved in prev_tweak). */
-        unsigned char *t = mode == MBEDTLS_AES_DECRYPT ? prev_tweak : tweak;
-
-        /* We are now on the final part of the data unit, which doesn't divide
-         * evenly by 16. It's time for ciphertext stealing. */
-        size_t i;
-        unsigned char *prev_output = output - 16;
-
-        /* Copy ciphertext bytes from the previous block to our output for each
-         * byte of cyphertext we won't steal. At the same time, copy the
-         * remainder of the input for this final round (since the loop bounds
-         * are the same). */
-        for( i = 0; i < leftover; i++ )
-        {
-            output[i] = prev_output[i];
-            tmp[i] = input[i] ^ t[i];
-        }
-
-        /* Copy ciphertext bytes from the previous block for input in this
-         * round. */
-        for( ; i < 16; i++ )
-            tmp[i] = prev_output[i] ^ t[i];
-
-        ret = mbedtls_aes_crypt_ecb( &ctx->crypt, mode, tmp, tmp );
-        if( ret != 0 )
-            return ret;
-
-        /* Write the result back to the previous block, overriding the previous
-         * output we copied. */
-        for( i = 0; i < 16; i++ )
-            prev_output[i] = tmp[i] ^ t[i];
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_XTS */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-/*
- * AES-CFB128 buffer encryption/decryption
- */
-int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
-                       int mode,
-                       size_t length,
-                       size_t *iv_off,
-                       unsigned char iv[16],
-                       const unsigned char *input,
-                       unsigned char *output )
-{
-    int c;
-    size_t n;
-
-    AES_VALIDATE_RET( ctx != NULL );
-    AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
-                      mode == MBEDTLS_AES_DECRYPT );
-    AES_VALIDATE_RET( iv_off != NULL );
-    AES_VALIDATE_RET( iv != NULL );
-    AES_VALIDATE_RET( input != NULL );
-    AES_VALIDATE_RET( output != NULL );
-
-    n = *iv_off;
-
-    if( n > 15 )
-        return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
-
-    if( mode == MBEDTLS_AES_DECRYPT )
-    {
-        while( length-- )
-        {
-            if( n == 0 )
-                mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
-
-            c = *input++;
-            *output++ = (unsigned char)( c ^ iv[n] );
-            iv[n] = (unsigned char) c;
-
-            n = ( n + 1 ) & 0x0F;
-        }
-    }
-    else
-    {
-        while( length-- )
-        {
-            if( n == 0 )
-                mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
-
-            iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
-
-            n = ( n + 1 ) & 0x0F;
-        }
-    }
-
-    *iv_off = n;
-
-    return( 0 );
-}
-
-/*
- * AES-CFB8 buffer encryption/decryption
- */
-int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
-                            int mode,
-                            size_t length,
-                            unsigned char iv[16],
-                            const unsigned char *input,
-                            unsigned char *output )
-{
-    unsigned char c;
-    unsigned char ov[17];
-
-    AES_VALIDATE_RET( ctx != NULL );
-    AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
-                      mode == MBEDTLS_AES_DECRYPT );
-    AES_VALIDATE_RET( iv != NULL );
-    AES_VALIDATE_RET( input != NULL );
-    AES_VALIDATE_RET( output != NULL );
-    while( length-- )
-    {
-        memcpy( ov, iv, 16 );
-        mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
-
-        if( mode == MBEDTLS_AES_DECRYPT )
-            ov[16] = *input;
-
-        c = *output++ = (unsigned char)( iv[0] ^ *input++ );
-
-        if( mode == MBEDTLS_AES_ENCRYPT )
-            ov[16] = c;
-
-        memcpy( iv, ov + 1, 16 );
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-/*
- * AES-OFB (Output Feedback Mode) buffer encryption/decryption
- */
-int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
-                           size_t length,
-                           size_t *iv_off,
-                           unsigned char iv[16],
-                           const unsigned char *input,
-                           unsigned char *output )
-{
-    int ret = 0;
-    size_t n;
-
-    AES_VALIDATE_RET( ctx != NULL );
-    AES_VALIDATE_RET( iv_off != NULL );
-    AES_VALIDATE_RET( iv != NULL );
-    AES_VALIDATE_RET( input != NULL );
-    AES_VALIDATE_RET( output != NULL );
-
-    n = *iv_off;
-
-    if( n > 15 )
-        return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
-
-    while( length-- )
-    {
-        if( n == 0 )
-        {
-            ret = mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
-            if( ret != 0 )
-                goto exit;
-        }
-        *output++ =  *input++ ^ iv[n];
-
-        n = ( n + 1 ) & 0x0F;
-    }
-
-    *iv_off = n;
-
-exit:
-    return( ret );
-}
-#endif /* MBEDTLS_CIPHER_MODE_OFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-/*
- * AES-CTR buffer encryption/decryption
- */
-int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
-                       size_t length,
-                       size_t *nc_off,
-                       unsigned char nonce_counter[16],
-                       unsigned char stream_block[16],
-                       const unsigned char *input,
-                       unsigned char *output )
-{
-    int c, i;
-    size_t n;
-
-    AES_VALIDATE_RET( ctx != NULL );
-    AES_VALIDATE_RET( nc_off != NULL );
-    AES_VALIDATE_RET( nonce_counter != NULL );
-    AES_VALIDATE_RET( stream_block != NULL );
-    AES_VALIDATE_RET( input != NULL );
-    AES_VALIDATE_RET( output != NULL );
-
-    n = *nc_off;
-
-    if ( n > 0x0F )
-        return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
-
-    while( length-- )
-    {
-        if( n == 0 ) {
-            mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block );
-
-            for( i = 16; i > 0; i-- )
-                if( ++nonce_counter[i - 1] != 0 )
-                    break;
-        }
-        c = *input++;
-        *output++ = (unsigned char)( c ^ stream_block[n] );
-
-        n = ( n + 1 ) & 0x0F;
-    }
-
-    *nc_off = n;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-#endif /* !MBEDTLS_AES_ALT */
-
-#if defined(MBEDTLS_SELF_TEST)
-/*
- * AES test vectors from:
- *
- * http://csrc.nist.gov/archive/aes/rijndael/rijndael-vals.zip
- */
-static const unsigned char aes_test_ecb_dec[3][16] =
-{
-    { 0x44, 0x41, 0x6A, 0xC2, 0xD1, 0xF5, 0x3C, 0x58,
-      0x33, 0x03, 0x91, 0x7E, 0x6B, 0xE9, 0xEB, 0xE0 },
-    { 0x48, 0xE3, 0x1E, 0x9E, 0x25, 0x67, 0x18, 0xF2,
-      0x92, 0x29, 0x31, 0x9C, 0x19, 0xF1, 0x5B, 0xA4 },
-    { 0x05, 0x8C, 0xCF, 0xFD, 0xBB, 0xCB, 0x38, 0x2D,
-      0x1F, 0x6F, 0x56, 0x58, 0x5D, 0x8A, 0x4A, 0xDE }
-};
-
-static const unsigned char aes_test_ecb_enc[3][16] =
-{
-    { 0xC3, 0x4C, 0x05, 0x2C, 0xC0, 0xDA, 0x8D, 0x73,
-      0x45, 0x1A, 0xFE, 0x5F, 0x03, 0xBE, 0x29, 0x7F },
-    { 0xF3, 0xF6, 0x75, 0x2A, 0xE8, 0xD7, 0x83, 0x11,
-      0x38, 0xF0, 0x41, 0x56, 0x06, 0x31, 0xB1, 0x14 },
-    { 0x8B, 0x79, 0xEE, 0xCC, 0x93, 0xA0, 0xEE, 0x5D,
-      0xFF, 0x30, 0xB4, 0xEA, 0x21, 0x63, 0x6D, 0xA4 }
-};
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-static const unsigned char aes_test_cbc_dec[3][16] =
-{
-    { 0xFA, 0xCA, 0x37, 0xE0, 0xB0, 0xC8, 0x53, 0x73,
-      0xDF, 0x70, 0x6E, 0x73, 0xF7, 0xC9, 0xAF, 0x86 },
-    { 0x5D, 0xF6, 0x78, 0xDD, 0x17, 0xBA, 0x4E, 0x75,
-      0xB6, 0x17, 0x68, 0xC6, 0xAD, 0xEF, 0x7C, 0x7B },
-    { 0x48, 0x04, 0xE1, 0x81, 0x8F, 0xE6, 0x29, 0x75,
-      0x19, 0xA3, 0xE8, 0x8C, 0x57, 0x31, 0x04, 0x13 }
-};
-
-static const unsigned char aes_test_cbc_enc[3][16] =
-{
-    { 0x8A, 0x05, 0xFC, 0x5E, 0x09, 0x5A, 0xF4, 0x84,
-      0x8A, 0x08, 0xD3, 0x28, 0xD3, 0x68, 0x8E, 0x3D },
-    { 0x7B, 0xD9, 0x66, 0xD5, 0x3A, 0xD8, 0xC1, 0xBB,
-      0x85, 0xD2, 0xAD, 0xFA, 0xE8, 0x7B, 0xB1, 0x04 },
-    { 0xFE, 0x3C, 0x53, 0x65, 0x3E, 0x2F, 0x45, 0xB5,
-      0x6F, 0xCD, 0x88, 0xB2, 0xCC, 0x89, 0x8F, 0xF0 }
-};
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-/*
- * AES-CFB128 test vectors from:
- *
- * http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
- */
-static const unsigned char aes_test_cfb128_key[3][32] =
-{
-    { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6,
-      0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C },
-    { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52,
-      0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5,
-      0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B },
-    { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE,
-      0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81,
-      0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7,
-      0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 }
-};
-
-static const unsigned char aes_test_cfb128_iv[16] =
-{
-    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-    0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
-};
-
-static const unsigned char aes_test_cfb128_pt[64] =
-{
-    0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
-    0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
-    0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
-    0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51,
-    0x30, 0xC8, 0x1C, 0x46, 0xA3, 0x5C, 0xE4, 0x11,
-    0xE5, 0xFB, 0xC1, 0x19, 0x1A, 0x0A, 0x52, 0xEF,
-    0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17,
-    0xAD, 0x2B, 0x41, 0x7B, 0xE6, 0x6C, 0x37, 0x10
-};
-
-static const unsigned char aes_test_cfb128_ct[3][64] =
-{
-    { 0x3B, 0x3F, 0xD9, 0x2E, 0xB7, 0x2D, 0xAD, 0x20,
-      0x33, 0x34, 0x49, 0xF8, 0xE8, 0x3C, 0xFB, 0x4A,
-      0xC8, 0xA6, 0x45, 0x37, 0xA0, 0xB3, 0xA9, 0x3F,
-      0xCD, 0xE3, 0xCD, 0xAD, 0x9F, 0x1C, 0xE5, 0x8B,
-      0x26, 0x75, 0x1F, 0x67, 0xA3, 0xCB, 0xB1, 0x40,
-      0xB1, 0x80, 0x8C, 0xF1, 0x87, 0xA4, 0xF4, 0xDF,
-      0xC0, 0x4B, 0x05, 0x35, 0x7C, 0x5D, 0x1C, 0x0E,
-      0xEA, 0xC4, 0xC6, 0x6F, 0x9F, 0xF7, 0xF2, 0xE6 },
-    { 0xCD, 0xC8, 0x0D, 0x6F, 0xDD, 0xF1, 0x8C, 0xAB,
-      0x34, 0xC2, 0x59, 0x09, 0xC9, 0x9A, 0x41, 0x74,
-      0x67, 0xCE, 0x7F, 0x7F, 0x81, 0x17, 0x36, 0x21,
-      0x96, 0x1A, 0x2B, 0x70, 0x17, 0x1D, 0x3D, 0x7A,
-      0x2E, 0x1E, 0x8A, 0x1D, 0xD5, 0x9B, 0x88, 0xB1,
-      0xC8, 0xE6, 0x0F, 0xED, 0x1E, 0xFA, 0xC4, 0xC9,
-      0xC0, 0x5F, 0x9F, 0x9C, 0xA9, 0x83, 0x4F, 0xA0,
-      0x42, 0xAE, 0x8F, 0xBA, 0x58, 0x4B, 0x09, 0xFF },
-    { 0xDC, 0x7E, 0x84, 0xBF, 0xDA, 0x79, 0x16, 0x4B,
-      0x7E, 0xCD, 0x84, 0x86, 0x98, 0x5D, 0x38, 0x60,
-      0x39, 0xFF, 0xED, 0x14, 0x3B, 0x28, 0xB1, 0xC8,
-      0x32, 0x11, 0x3C, 0x63, 0x31, 0xE5, 0x40, 0x7B,
-      0xDF, 0x10, 0x13, 0x24, 0x15, 0xE5, 0x4B, 0x92,
-      0xA1, 0x3E, 0xD0, 0xA8, 0x26, 0x7A, 0xE2, 0xF9,
-      0x75, 0xA3, 0x85, 0x74, 0x1A, 0xB9, 0xCE, 0xF8,
-      0x20, 0x31, 0x62, 0x3D, 0x55, 0xB1, 0xE4, 0x71 }
-};
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-/*
- * AES-OFB test vectors from:
- *
- * https://csrc.nist.gov/publications/detail/sp/800-38a/final
- */
-static const unsigned char aes_test_ofb_key[3][32] =
-{
-    { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6,
-      0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C },
-    { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52,
-      0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5,
-      0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B },
-    { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE,
-      0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81,
-      0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7,
-      0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 }
-};
-
-static const unsigned char aes_test_ofb_iv[16] =
-{
-    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-    0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
-};
-
-static const unsigned char aes_test_ofb_pt[64] =
-{
-    0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
-    0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
-    0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
-    0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51,
-    0x30, 0xC8, 0x1C, 0x46, 0xA3, 0x5C, 0xE4, 0x11,
-    0xE5, 0xFB, 0xC1, 0x19, 0x1A, 0x0A, 0x52, 0xEF,
-    0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17,
-    0xAD, 0x2B, 0x41, 0x7B, 0xE6, 0x6C, 0x37, 0x10
-};
-
-static const unsigned char aes_test_ofb_ct[3][64] =
-{
-    { 0x3B, 0x3F, 0xD9, 0x2E, 0xB7, 0x2D, 0xAD, 0x20,
-      0x33, 0x34, 0x49, 0xF8, 0xE8, 0x3C, 0xFB, 0x4A,
-      0x77, 0x89, 0x50, 0x8d, 0x16, 0x91, 0x8f, 0x03,
-      0xf5, 0x3c, 0x52, 0xda, 0xc5, 0x4e, 0xd8, 0x25,
-      0x97, 0x40, 0x05, 0x1e, 0x9c, 0x5f, 0xec, 0xf6,
-      0x43, 0x44, 0xf7, 0xa8, 0x22, 0x60, 0xed, 0xcc,
-      0x30, 0x4c, 0x65, 0x28, 0xf6, 0x59, 0xc7, 0x78,
-      0x66, 0xa5, 0x10, 0xd9, 0xc1, 0xd6, 0xae, 0x5e },
-    { 0xCD, 0xC8, 0x0D, 0x6F, 0xDD, 0xF1, 0x8C, 0xAB,
-      0x34, 0xC2, 0x59, 0x09, 0xC9, 0x9A, 0x41, 0x74,
-      0xfc, 0xc2, 0x8b, 0x8d, 0x4c, 0x63, 0x83, 0x7c,
-      0x09, 0xe8, 0x17, 0x00, 0xc1, 0x10, 0x04, 0x01,
-      0x8d, 0x9a, 0x9a, 0xea, 0xc0, 0xf6, 0x59, 0x6f,
-      0x55, 0x9c, 0x6d, 0x4d, 0xaf, 0x59, 0xa5, 0xf2,
-      0x6d, 0x9f, 0x20, 0x08, 0x57, 0xca, 0x6c, 0x3e,
-      0x9c, 0xac, 0x52, 0x4b, 0xd9, 0xac, 0xc9, 0x2a },
-    { 0xDC, 0x7E, 0x84, 0xBF, 0xDA, 0x79, 0x16, 0x4B,
-      0x7E, 0xCD, 0x84, 0x86, 0x98, 0x5D, 0x38, 0x60,
-      0x4f, 0xeb, 0xdc, 0x67, 0x40, 0xd2, 0x0b, 0x3a,
-      0xc8, 0x8f, 0x6a, 0xd8, 0x2a, 0x4f, 0xb0, 0x8d,
-      0x71, 0xab, 0x47, 0xa0, 0x86, 0xe8, 0x6e, 0xed,
-      0xf3, 0x9d, 0x1c, 0x5b, 0xba, 0x97, 0xc4, 0x08,
-      0x01, 0x26, 0x14, 0x1d, 0x67, 0xf3, 0x7b, 0xe8,
-      0x53, 0x8f, 0x5a, 0x8b, 0xe7, 0x40, 0xe4, 0x84 }
-};
-#endif /* MBEDTLS_CIPHER_MODE_OFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-/*
- * AES-CTR test vectors from:
- *
- * http://www.faqs.org/rfcs/rfc3686.html
- */
-
-static const unsigned char aes_test_ctr_key[3][16] =
-{
-    { 0xAE, 0x68, 0x52, 0xF8, 0x12, 0x10, 0x67, 0xCC,
-      0x4B, 0xF7, 0xA5, 0x76, 0x55, 0x77, 0xF3, 0x9E },
-    { 0x7E, 0x24, 0x06, 0x78, 0x17, 0xFA, 0xE0, 0xD7,
-      0x43, 0xD6, 0xCE, 0x1F, 0x32, 0x53, 0x91, 0x63 },
-    { 0x76, 0x91, 0xBE, 0x03, 0x5E, 0x50, 0x20, 0xA8,
-      0xAC, 0x6E, 0x61, 0x85, 0x29, 0xF9, 0xA0, 0xDC }
-};
-
-static const unsigned char aes_test_ctr_nonce_counter[3][16] =
-{
-    { 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
-    { 0x00, 0x6C, 0xB6, 0xDB, 0xC0, 0x54, 0x3B, 0x59,
-      0xDA, 0x48, 0xD9, 0x0B, 0x00, 0x00, 0x00, 0x01 },
-    { 0x00, 0xE0, 0x01, 0x7B, 0x27, 0x77, 0x7F, 0x3F,
-      0x4A, 0x17, 0x86, 0xF0, 0x00, 0x00, 0x00, 0x01 }
-};
-
-static const unsigned char aes_test_ctr_pt[3][48] =
-{
-    { 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62,
-      0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67 },
-
-    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-      0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
-      0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
-      0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F },
-
-    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-      0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
-      0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
-      0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F,
-      0x20, 0x21, 0x22, 0x23 }
-};
-
-static const unsigned char aes_test_ctr_ct[3][48] =
-{
-    { 0xE4, 0x09, 0x5D, 0x4F, 0xB7, 0xA7, 0xB3, 0x79,
-      0x2D, 0x61, 0x75, 0xA3, 0x26, 0x13, 0x11, 0xB8 },
-    { 0x51, 0x04, 0xA1, 0x06, 0x16, 0x8A, 0x72, 0xD9,
-      0x79, 0x0D, 0x41, 0xEE, 0x8E, 0xDA, 0xD3, 0x88,
-      0xEB, 0x2E, 0x1E, 0xFC, 0x46, 0xDA, 0x57, 0xC8,
-      0xFC, 0xE6, 0x30, 0xDF, 0x91, 0x41, 0xBE, 0x28 },
-    { 0xC1, 0xCF, 0x48, 0xA8, 0x9F, 0x2F, 0xFD, 0xD9,
-      0xCF, 0x46, 0x52, 0xE9, 0xEF, 0xDB, 0x72, 0xD7,
-      0x45, 0x40, 0xA4, 0x2B, 0xDE, 0x6D, 0x78, 0x36,
-      0xD5, 0x9A, 0x5C, 0xEA, 0xAE, 0xF3, 0x10, 0x53,
-      0x25, 0xB2, 0x07, 0x2F }
-};
-
-static const int aes_test_ctr_len[3] =
-    { 16, 32, 36 };
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-/*
- * AES-XTS test vectors from:
- *
- * IEEE P1619/D16 Annex B
- * https://web.archive.org/web/20150629024421/http://grouper.ieee.org/groups/1619/email/pdf00086.pdf
- * (Archived from original at http://grouper.ieee.org/groups/1619/email/pdf00086.pdf)
- */
-static const unsigned char aes_test_xts_key[][32] =
-{
-    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-    { 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
-      0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
-      0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
-      0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22 },
-    { 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8,
-      0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0,
-      0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
-      0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22 },
-};
-
-static const unsigned char aes_test_xts_pt32[][32] =
-{
-    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-    { 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
-      0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
-      0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
-      0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44 },
-    { 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
-      0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
-      0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
-      0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44 },
-};
-
-static const unsigned char aes_test_xts_ct32[][32] =
-{
-    { 0x91, 0x7c, 0xf6, 0x9e, 0xbd, 0x68, 0xb2, 0xec,
-      0x9b, 0x9f, 0xe9, 0xa3, 0xea, 0xdd, 0xa6, 0x92,
-      0xcd, 0x43, 0xd2, 0xf5, 0x95, 0x98, 0xed, 0x85,
-      0x8c, 0x02, 0xc2, 0x65, 0x2f, 0xbf, 0x92, 0x2e },
-    { 0xc4, 0x54, 0x18, 0x5e, 0x6a, 0x16, 0x93, 0x6e,
-      0x39, 0x33, 0x40, 0x38, 0xac, 0xef, 0x83, 0x8b,
-      0xfb, 0x18, 0x6f, 0xff, 0x74, 0x80, 0xad, 0xc4,
-      0x28, 0x93, 0x82, 0xec, 0xd6, 0xd3, 0x94, 0xf0 },
-    { 0xaf, 0x85, 0x33, 0x6b, 0x59, 0x7a, 0xfc, 0x1a,
-      0x90, 0x0b, 0x2e, 0xb2, 0x1e, 0xc9, 0x49, 0xd2,
-      0x92, 0xdf, 0x4c, 0x04, 0x7e, 0x0b, 0x21, 0x53,
-      0x21, 0x86, 0xa5, 0x97, 0x1a, 0x22, 0x7a, 0x89 },
-};
-
-static const unsigned char aes_test_xts_data_unit[][16] =
-{
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0x33, 0x33, 0x33, 0x33, 0x33, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0x33, 0x33, 0x33, 0x33, 0x33, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-};
-
-#endif /* MBEDTLS_CIPHER_MODE_XTS */
-
-/*
- * Checkup routine
- */
-int mbedtls_aes_self_test( int verbose )
-{
-    int ret = 0, i, j, u, mode;
-    unsigned int keybits;
-    unsigned char key[32];
-    unsigned char buf[64];
-    const unsigned char *aes_tests;
-#if defined(MBEDTLS_CIPHER_MODE_CBC) || defined(MBEDTLS_CIPHER_MODE_CFB)
-    unsigned char iv[16];
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    unsigned char prv[16];
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR) || defined(MBEDTLS_CIPHER_MODE_CFB) || \
-    defined(MBEDTLS_CIPHER_MODE_OFB)
-    size_t offset;
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR) || defined(MBEDTLS_CIPHER_MODE_XTS)
-    int len;
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    unsigned char nonce_counter[16];
-    unsigned char stream_block[16];
-#endif
-    mbedtls_aes_context ctx;
-
-    memset( key, 0, 32 );
-    mbedtls_aes_init( &ctx );
-
-    /*
-     * ECB mode
-     */
-    for( i = 0; i < 6; i++ )
-    {
-        u = i >> 1;
-        keybits = 128 + u * 64;
-        mode = i & 1;
-
-        if( verbose != 0 )
-            mbedtls_printf( "  AES-ECB-%3u (%s): ", keybits,
-                            ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
-
-        memset( buf, 0, 16 );
-
-        if( mode == MBEDTLS_AES_DECRYPT )
-        {
-            ret = mbedtls_aes_setkey_dec( &ctx, key, keybits );
-            aes_tests = aes_test_ecb_dec[u];
-        }
-        else
-        {
-            ret = mbedtls_aes_setkey_enc( &ctx, key, keybits );
-            aes_tests = aes_test_ecb_enc[u];
-        }
-
-        /*
-         * AES-192 is an optional feature that may be unavailable when
-         * there is an alternative underlying implementation i.e. when
-         * MBEDTLS_AES_ALT is defined.
-         */
-        if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192 )
-        {
-            mbedtls_printf( "skipped\n" );
-            continue;
-        }
-        else if( ret != 0 )
-        {
-            goto exit;
-        }
-
-        for( j = 0; j < 10000; j++ )
-        {
-            ret = mbedtls_aes_crypt_ecb( &ctx, mode, buf, buf );
-            if( ret != 0 )
-                goto exit;
-        }
-
-        if( memcmp( buf, aes_tests, 16 ) != 0 )
-        {
-            ret = 1;
-            goto exit;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    /*
-     * CBC mode
-     */
-    for( i = 0; i < 6; i++ )
-    {
-        u = i >> 1;
-        keybits = 128 + u * 64;
-        mode = i & 1;
-
-        if( verbose != 0 )
-            mbedtls_printf( "  AES-CBC-%3u (%s): ", keybits,
-                            ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
-
-        memset( iv , 0, 16 );
-        memset( prv, 0, 16 );
-        memset( buf, 0, 16 );
-
-        if( mode == MBEDTLS_AES_DECRYPT )
-        {
-            ret = mbedtls_aes_setkey_dec( &ctx, key, keybits );
-            aes_tests = aes_test_cbc_dec[u];
-        }
-        else
-        {
-            ret = mbedtls_aes_setkey_enc( &ctx, key, keybits );
-            aes_tests = aes_test_cbc_enc[u];
-        }
-
-        /*
-         * AES-192 is an optional feature that may be unavailable when
-         * there is an alternative underlying implementation i.e. when
-         * MBEDTLS_AES_ALT is defined.
-         */
-        if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192 )
-        {
-            mbedtls_printf( "skipped\n" );
-            continue;
-        }
-        else if( ret != 0 )
-        {
-            goto exit;
-        }
-
-        for( j = 0; j < 10000; j++ )
-        {
-            if( mode == MBEDTLS_AES_ENCRYPT )
-            {
-                unsigned char tmp[16];
-
-                memcpy( tmp, prv, 16 );
-                memcpy( prv, buf, 16 );
-                memcpy( buf, tmp, 16 );
-            }
-
-            ret = mbedtls_aes_crypt_cbc( &ctx, mode, 16, iv, buf, buf );
-            if( ret != 0 )
-                goto exit;
-
-        }
-
-        if( memcmp( buf, aes_tests, 16 ) != 0 )
-        {
-            ret = 1;
-            goto exit;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    /*
-     * CFB128 mode
-     */
-    for( i = 0; i < 6; i++ )
-    {
-        u = i >> 1;
-        keybits = 128 + u * 64;
-        mode = i & 1;
-
-        if( verbose != 0 )
-            mbedtls_printf( "  AES-CFB128-%3u (%s): ", keybits,
-                            ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
-
-        memcpy( iv,  aes_test_cfb128_iv, 16 );
-        memcpy( key, aes_test_cfb128_key[u], keybits / 8 );
-
-        offset = 0;
-        ret = mbedtls_aes_setkey_enc( &ctx, key, keybits );
-        /*
-         * AES-192 is an optional feature that may be unavailable when
-         * there is an alternative underlying implementation i.e. when
-         * MBEDTLS_AES_ALT is defined.
-         */
-        if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192 )
-        {
-            mbedtls_printf( "skipped\n" );
-            continue;
-        }
-        else if( ret != 0 )
-        {
-            goto exit;
-        }
-
-        if( mode == MBEDTLS_AES_DECRYPT )
-        {
-            memcpy( buf, aes_test_cfb128_ct[u], 64 );
-            aes_tests = aes_test_cfb128_pt;
-        }
-        else
-        {
-            memcpy( buf, aes_test_cfb128_pt, 64 );
-            aes_tests = aes_test_cfb128_ct[u];
-        }
-
-        ret = mbedtls_aes_crypt_cfb128( &ctx, mode, 64, &offset, iv, buf, buf );
-        if( ret != 0 )
-            goto exit;
-
-        if( memcmp( buf, aes_tests, 64 ) != 0 )
-        {
-            ret = 1;
-            goto exit;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    /*
-     * OFB mode
-     */
-    for( i = 0; i < 6; i++ )
-    {
-        u = i >> 1;
-        keybits = 128 + u * 64;
-        mode = i & 1;
-
-        if( verbose != 0 )
-            mbedtls_printf( "  AES-OFB-%3u (%s): ", keybits,
-                            ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
-
-        memcpy( iv,  aes_test_ofb_iv, 16 );
-        memcpy( key, aes_test_ofb_key[u], keybits / 8 );
-
-        offset = 0;
-        ret = mbedtls_aes_setkey_enc( &ctx, key, keybits );
-        /*
-         * AES-192 is an optional feature that may be unavailable when
-         * there is an alternative underlying implementation i.e. when
-         * MBEDTLS_AES_ALT is defined.
-         */
-        if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192 )
-        {
-            mbedtls_printf( "skipped\n" );
-            continue;
-        }
-        else if( ret != 0 )
-        {
-            goto exit;
-        }
-
-        if( mode == MBEDTLS_AES_DECRYPT )
-        {
-            memcpy( buf, aes_test_ofb_ct[u], 64 );
-            aes_tests = aes_test_ofb_pt;
-        }
-        else
-        {
-            memcpy( buf, aes_test_ofb_pt, 64 );
-            aes_tests = aes_test_ofb_ct[u];
-        }
-
-        ret = mbedtls_aes_crypt_ofb( &ctx, 64, &offset, iv, buf, buf );
-        if( ret != 0 )
-            goto exit;
-
-        if( memcmp( buf, aes_tests, 64 ) != 0 )
-        {
-            ret = 1;
-            goto exit;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-#endif /* MBEDTLS_CIPHER_MODE_OFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    /*
-     * CTR mode
-     */
-    for( i = 0; i < 6; i++ )
-    {
-        u = i >> 1;
-        mode = i & 1;
-
-        if( verbose != 0 )
-            mbedtls_printf( "  AES-CTR-128 (%s): ",
-                            ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
-
-        memcpy( nonce_counter, aes_test_ctr_nonce_counter[u], 16 );
-        memcpy( key, aes_test_ctr_key[u], 16 );
-
-        offset = 0;
-        if( ( ret = mbedtls_aes_setkey_enc( &ctx, key, 128 ) ) != 0 )
-            goto exit;
-
-        len = aes_test_ctr_len[u];
-
-        if( mode == MBEDTLS_AES_DECRYPT )
-        {
-            memcpy( buf, aes_test_ctr_ct[u], len );
-            aes_tests = aes_test_ctr_pt[u];
-        }
-        else
-        {
-            memcpy( buf, aes_test_ctr_pt[u], len );
-            aes_tests = aes_test_ctr_ct[u];
-        }
-
-        ret = mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter,
-                                     stream_block, buf, buf );
-        if( ret != 0 )
-            goto exit;
-
-        if( memcmp( buf, aes_tests, len ) != 0 )
-        {
-            ret = 1;
-            goto exit;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    {
-    static const int num_tests =
-        sizeof(aes_test_xts_key) / sizeof(*aes_test_xts_key);
-    mbedtls_aes_xts_context ctx_xts;
-
-    /*
-     * XTS mode
-     */
-    mbedtls_aes_xts_init( &ctx_xts );
-
-    for( i = 0; i < num_tests << 1; i++ )
-    {
-        const unsigned char *data_unit;
-        u = i >> 1;
-        mode = i & 1;
-
-        if( verbose != 0 )
-            mbedtls_printf( "  AES-XTS-128 (%s): ",
-                            ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
-
-        memset( key, 0, sizeof( key ) );
-        memcpy( key, aes_test_xts_key[u], 32 );
-        data_unit = aes_test_xts_data_unit[u];
-
-        len = sizeof( *aes_test_xts_ct32 );
-
-        if( mode == MBEDTLS_AES_DECRYPT )
-        {
-            ret = mbedtls_aes_xts_setkey_dec( &ctx_xts, key, 256 );
-            if( ret != 0)
-                goto exit;
-            memcpy( buf, aes_test_xts_ct32[u], len );
-            aes_tests = aes_test_xts_pt32[u];
-        }
-        else
-        {
-            ret = mbedtls_aes_xts_setkey_enc( &ctx_xts, key, 256 );
-            if( ret != 0)
-                goto exit;
-            memcpy( buf, aes_test_xts_pt32[u], len );
-            aes_tests = aes_test_xts_ct32[u];
-        }
-
-
-        ret = mbedtls_aes_crypt_xts( &ctx_xts, mode, len, data_unit,
-                                     buf, buf );
-        if( ret != 0 )
-            goto exit;
-
-        if( memcmp( buf, aes_tests, len ) != 0 )
-        {
-            ret = 1;
-            goto exit;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-    mbedtls_aes_xts_free( &ctx_xts );
-    }
-#endif /* MBEDTLS_CIPHER_MODE_XTS */
-
-    ret = 0;
-
-exit:
-    if( ret != 0 && verbose != 0 )
-        mbedtls_printf( "failed\n" );
-
-    mbedtls_aes_free( &ctx );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_AES_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/aesni.c b/3rdparty/mbedtls-2.25.0/library/aesni.c
deleted file mode 100644
index 996292f..0000000
--- a/3rdparty/mbedtls-2.25.0/library/aesni.c
+++ /dev/null
@@ -1,464 +0,0 @@
-/*
- *  AES-NI support functions
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- * [AES-WP] http://software.intel.com/en-us/articles/intel-advanced-encryption-standard-aes-instructions-set
- * [CLMUL-WP] http://software.intel.com/en-us/articles/intel-carry-less-multiplication-instruction-and-its-usage-for-computing-the-gcm-mode/
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_AESNI_C)
-
-#if defined(__has_feature)
-#if __has_feature(memory_sanitizer)
-#warning "MBEDTLS_AESNI_C is known to cause spurious error reports with some memory sanitizers as they do not understand the assembly code."
-#endif
-#endif
-
-#include "mbedtls/aesni.h"
-
-#include <string.h>
-
-#ifndef asm
-#define asm __asm
-#endif
-
-#if defined(MBEDTLS_HAVE_X86_64)
-
-/*
- * AES-NI support detection routine
- */
-int mbedtls_aesni_has_support( unsigned int what )
-{
-    static int done = 0;
-    static unsigned int c = 0;
-
-    if( ! done )
-    {
-        asm( "movl  $1, %%eax   \n\t"
-             "cpuid             \n\t"
-             : "=c" (c)
-             :
-             : "eax", "ebx", "edx" );
-        done = 1;
-    }
-
-    return( ( c & what ) != 0 );
-}
-
-/*
- * Binutils needs to be at least 2.19 to support AES-NI instructions.
- * Unfortunately, a lot of users have a lower version now (2014-04).
- * Emit bytecode directly in order to support "old" version of gas.
- *
- * Opcodes from the Intel architecture reference manual, vol. 3.
- * We always use registers, so we don't need prefixes for memory operands.
- * Operand macros are in gas order (src, dst) as opposed to Intel order
- * (dst, src) in order to blend better into the surrounding assembly code.
- */
-#define AESDEC      ".byte 0x66,0x0F,0x38,0xDE,"
-#define AESDECLAST  ".byte 0x66,0x0F,0x38,0xDF,"
-#define AESENC      ".byte 0x66,0x0F,0x38,0xDC,"
-#define AESENCLAST  ".byte 0x66,0x0F,0x38,0xDD,"
-#define AESIMC      ".byte 0x66,0x0F,0x38,0xDB,"
-#define AESKEYGENA  ".byte 0x66,0x0F,0x3A,0xDF,"
-#define PCLMULQDQ   ".byte 0x66,0x0F,0x3A,0x44,"
-
-#define xmm0_xmm0   "0xC0"
-#define xmm0_xmm1   "0xC8"
-#define xmm0_xmm2   "0xD0"
-#define xmm0_xmm3   "0xD8"
-#define xmm0_xmm4   "0xE0"
-#define xmm1_xmm0   "0xC1"
-#define xmm1_xmm2   "0xD1"
-
-/*
- * AES-NI AES-ECB block en(de)cryption
- */
-int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx,
-                     int mode,
-                     const unsigned char input[16],
-                     unsigned char output[16] )
-{
-    asm( "movdqu    (%3), %%xmm0    \n\t" // load input
-         "movdqu    (%1), %%xmm1    \n\t" // load round key 0
-         "pxor      %%xmm1, %%xmm0  \n\t" // round 0
-         "add       $16, %1         \n\t" // point to next round key
-         "subl      $1, %0          \n\t" // normal rounds = nr - 1
-         "test      %2, %2          \n\t" // mode?
-         "jz        2f              \n\t" // 0 = decrypt
-
-         "1:                        \n\t" // encryption loop
-         "movdqu    (%1), %%xmm1    \n\t" // load round key
-         AESENC     xmm1_xmm0      "\n\t" // do round
-         "add       $16, %1         \n\t" // point to next round key
-         "subl      $1, %0          \n\t" // loop
-         "jnz       1b              \n\t"
-         "movdqu    (%1), %%xmm1    \n\t" // load round key
-         AESENCLAST xmm1_xmm0      "\n\t" // last round
-         "jmp       3f              \n\t"
-
-         "2:                        \n\t" // decryption loop
-         "movdqu    (%1), %%xmm1    \n\t"
-         AESDEC     xmm1_xmm0      "\n\t" // do round
-         "add       $16, %1         \n\t"
-         "subl      $1, %0          \n\t"
-         "jnz       2b              \n\t"
-         "movdqu    (%1), %%xmm1    \n\t" // load round key
-         AESDECLAST xmm1_xmm0      "\n\t" // last round
-
-         "3:                        \n\t"
-         "movdqu    %%xmm0, (%4)    \n\t" // export output
-         :
-         : "r" (ctx->nr), "r" (ctx->rk), "r" (mode), "r" (input), "r" (output)
-         : "memory", "cc", "xmm0", "xmm1" );
-
-
-    return( 0 );
-}
-
-/*
- * GCM multiplication: c = a times b in GF(2^128)
- * Based on [CLMUL-WP] algorithms 1 (with equation 27) and 5.
- */
-void mbedtls_aesni_gcm_mult( unsigned char c[16],
-                     const unsigned char a[16],
-                     const unsigned char b[16] )
-{
-    unsigned char aa[16], bb[16], cc[16];
-    size_t i;
-
-    /* The inputs are in big-endian order, so byte-reverse them */
-    for( i = 0; i < 16; i++ )
-    {
-        aa[i] = a[15 - i];
-        bb[i] = b[15 - i];
-    }
-
-    asm( "movdqu (%0), %%xmm0               \n\t" // a1:a0
-         "movdqu (%1), %%xmm1               \n\t" // b1:b0
-
-         /*
-          * Caryless multiplication xmm2:xmm1 = xmm0 * xmm1
-          * using [CLMUL-WP] algorithm 1 (p. 13).
-          */
-         "movdqa %%xmm1, %%xmm2             \n\t" // copy of b1:b0
-         "movdqa %%xmm1, %%xmm3             \n\t" // same
-         "movdqa %%xmm1, %%xmm4             \n\t" // same
-         PCLMULQDQ xmm0_xmm1 ",0x00         \n\t" // a0*b0 = c1:c0
-         PCLMULQDQ xmm0_xmm2 ",0x11         \n\t" // a1*b1 = d1:d0
-         PCLMULQDQ xmm0_xmm3 ",0x10         \n\t" // a0*b1 = e1:e0
-         PCLMULQDQ xmm0_xmm4 ",0x01         \n\t" // a1*b0 = f1:f0
-         "pxor %%xmm3, %%xmm4               \n\t" // e1+f1:e0+f0
-         "movdqa %%xmm4, %%xmm3             \n\t" // same
-         "psrldq $8, %%xmm4                 \n\t" // 0:e1+f1
-         "pslldq $8, %%xmm3                 \n\t" // e0+f0:0
-         "pxor %%xmm4, %%xmm2               \n\t" // d1:d0+e1+f1
-         "pxor %%xmm3, %%xmm1               \n\t" // c1+e0+f1:c0
-
-         /*
-          * Now shift the result one bit to the left,
-          * taking advantage of [CLMUL-WP] eq 27 (p. 20)
-          */
-         "movdqa %%xmm1, %%xmm3             \n\t" // r1:r0
-         "movdqa %%xmm2, %%xmm4             \n\t" // r3:r2
-         "psllq $1, %%xmm1                  \n\t" // r1<<1:r0<<1
-         "psllq $1, %%xmm2                  \n\t" // r3<<1:r2<<1
-         "psrlq $63, %%xmm3                 \n\t" // r1>>63:r0>>63
-         "psrlq $63, %%xmm4                 \n\t" // r3>>63:r2>>63
-         "movdqa %%xmm3, %%xmm5             \n\t" // r1>>63:r0>>63
-         "pslldq $8, %%xmm3                 \n\t" // r0>>63:0
-         "pslldq $8, %%xmm4                 \n\t" // r2>>63:0
-         "psrldq $8, %%xmm5                 \n\t" // 0:r1>>63
-         "por %%xmm3, %%xmm1                \n\t" // r1<<1|r0>>63:r0<<1
-         "por %%xmm4, %%xmm2                \n\t" // r3<<1|r2>>62:r2<<1
-         "por %%xmm5, %%xmm2                \n\t" // r3<<1|r2>>62:r2<<1|r1>>63
-
-         /*
-          * Now reduce modulo the GCM polynomial x^128 + x^7 + x^2 + x + 1
-          * using [CLMUL-WP] algorithm 5 (p. 20).
-          * Currently xmm2:xmm1 holds x3:x2:x1:x0 (already shifted).
-          */
-         /* Step 2 (1) */
-         "movdqa %%xmm1, %%xmm3             \n\t" // x1:x0
-         "movdqa %%xmm1, %%xmm4             \n\t" // same
-         "movdqa %%xmm1, %%xmm5             \n\t" // same
-         "psllq $63, %%xmm3                 \n\t" // x1<<63:x0<<63 = stuff:a
-         "psllq $62, %%xmm4                 \n\t" // x1<<62:x0<<62 = stuff:b
-         "psllq $57, %%xmm5                 \n\t" // x1<<57:x0<<57 = stuff:c
-
-         /* Step 2 (2) */
-         "pxor %%xmm4, %%xmm3               \n\t" // stuff:a+b
-         "pxor %%xmm5, %%xmm3               \n\t" // stuff:a+b+c
-         "pslldq $8, %%xmm3                 \n\t" // a+b+c:0
-         "pxor %%xmm3, %%xmm1               \n\t" // x1+a+b+c:x0 = d:x0
-
-         /* Steps 3 and 4 */
-         "movdqa %%xmm1,%%xmm0              \n\t" // d:x0
-         "movdqa %%xmm1,%%xmm4              \n\t" // same
-         "movdqa %%xmm1,%%xmm5              \n\t" // same
-         "psrlq $1, %%xmm0                  \n\t" // e1:x0>>1 = e1:e0'
-         "psrlq $2, %%xmm4                  \n\t" // f1:x0>>2 = f1:f0'
-         "psrlq $7, %%xmm5                  \n\t" // g1:x0>>7 = g1:g0'
-         "pxor %%xmm4, %%xmm0               \n\t" // e1+f1:e0'+f0'
-         "pxor %%xmm5, %%xmm0               \n\t" // e1+f1+g1:e0'+f0'+g0'
-         // e0'+f0'+g0' is almost e0+f0+g0, ex\tcept for some missing
-         // bits carried from d. Now get those\t bits back in.
-         "movdqa %%xmm1,%%xmm3              \n\t" // d:x0
-         "movdqa %%xmm1,%%xmm4              \n\t" // same
-         "movdqa %%xmm1,%%xmm5              \n\t" // same
-         "psllq $63, %%xmm3                 \n\t" // d<<63:stuff
-         "psllq $62, %%xmm4                 \n\t" // d<<62:stuff
-         "psllq $57, %%xmm5                 \n\t" // d<<57:stuff
-         "pxor %%xmm4, %%xmm3               \n\t" // d<<63+d<<62:stuff
-         "pxor %%xmm5, %%xmm3               \n\t" // missing bits of d:stuff
-         "psrldq $8, %%xmm3                 \n\t" // 0:missing bits of d
-         "pxor %%xmm3, %%xmm0               \n\t" // e1+f1+g1:e0+f0+g0
-         "pxor %%xmm1, %%xmm0               \n\t" // h1:h0
-         "pxor %%xmm2, %%xmm0               \n\t" // x3+h1:x2+h0
-
-         "movdqu %%xmm0, (%2)               \n\t" // done
-         :
-         : "r" (aa), "r" (bb), "r" (cc)
-         : "memory", "cc", "xmm0", "xmm1", "xmm2", "xmm3", "xmm4", "xmm5" );
-
-    /* Now byte-reverse the outputs */
-    for( i = 0; i < 16; i++ )
-        c[i] = cc[15 - i];
-
-    return;
-}
-
-/*
- * Compute decryption round keys from encryption round keys
- */
-void mbedtls_aesni_inverse_key( unsigned char *invkey,
-                        const unsigned char *fwdkey, int nr )
-{
-    unsigned char *ik = invkey;
-    const unsigned char *fk = fwdkey + 16 * nr;
-
-    memcpy( ik, fk, 16 );
-
-    for( fk -= 16, ik += 16; fk > fwdkey; fk -= 16, ik += 16 )
-        asm( "movdqu (%0), %%xmm0       \n\t"
-             AESIMC  xmm0_xmm0         "\n\t"
-             "movdqu %%xmm0, (%1)       \n\t"
-             :
-             : "r" (fk), "r" (ik)
-             : "memory", "xmm0" );
-
-    memcpy( ik, fk, 16 );
-}
-
-/*
- * Key expansion, 128-bit case
- */
-static void aesni_setkey_enc_128( unsigned char *rk,
-                                  const unsigned char *key )
-{
-    asm( "movdqu (%1), %%xmm0               \n\t" // copy the original key
-         "movdqu %%xmm0, (%0)               \n\t" // as round key 0
-         "jmp 2f                            \n\t" // skip auxiliary routine
-
-         /*
-          * Finish generating the next round key.
-          *
-          * On entry xmm0 is r3:r2:r1:r0 and xmm1 is X:stuff:stuff:stuff
-          * with X = rot( sub( r3 ) ) ^ RCON.
-          *
-          * On exit, xmm0 is r7:r6:r5:r4
-          * with r4 = X + r0, r5 = r4 + r1, r6 = r5 + r2, r7 = r6 + r3
-          * and those are written to the round key buffer.
-          */
-         "1:                                \n\t"
-         "pshufd $0xff, %%xmm1, %%xmm1      \n\t" // X:X:X:X
-         "pxor %%xmm0, %%xmm1               \n\t" // X+r3:X+r2:X+r1:r4
-         "pslldq $4, %%xmm0                 \n\t" // r2:r1:r0:0
-         "pxor %%xmm0, %%xmm1               \n\t" // X+r3+r2:X+r2+r1:r5:r4
-         "pslldq $4, %%xmm0                 \n\t" // etc
-         "pxor %%xmm0, %%xmm1               \n\t"
-         "pslldq $4, %%xmm0                 \n\t"
-         "pxor %%xmm1, %%xmm0               \n\t" // update xmm0 for next time!
-         "add $16, %0                       \n\t" // point to next round key
-         "movdqu %%xmm0, (%0)               \n\t" // write it
-         "ret                               \n\t"
-
-         /* Main "loop" */
-         "2:                                \n\t"
-         AESKEYGENA xmm0_xmm1 ",0x01        \n\tcall 1b \n\t"
-         AESKEYGENA xmm0_xmm1 ",0x02        \n\tcall 1b \n\t"
-         AESKEYGENA xmm0_xmm1 ",0x04        \n\tcall 1b \n\t"
-         AESKEYGENA xmm0_xmm1 ",0x08        \n\tcall 1b \n\t"
-         AESKEYGENA xmm0_xmm1 ",0x10        \n\tcall 1b \n\t"
-         AESKEYGENA xmm0_xmm1 ",0x20        \n\tcall 1b \n\t"
-         AESKEYGENA xmm0_xmm1 ",0x40        \n\tcall 1b \n\t"
-         AESKEYGENA xmm0_xmm1 ",0x80        \n\tcall 1b \n\t"
-         AESKEYGENA xmm0_xmm1 ",0x1B        \n\tcall 1b \n\t"
-         AESKEYGENA xmm0_xmm1 ",0x36        \n\tcall 1b \n\t"
-         :
-         : "r" (rk), "r" (key)
-         : "memory", "cc", "0" );
-}
-
-/*
- * Key expansion, 192-bit case
- */
-static void aesni_setkey_enc_192( unsigned char *rk,
-                                  const unsigned char *key )
-{
-    asm( "movdqu (%1), %%xmm0   \n\t" // copy original round key
-         "movdqu %%xmm0, (%0)   \n\t"
-         "add $16, %0           \n\t"
-         "movq 16(%1), %%xmm1   \n\t"
-         "movq %%xmm1, (%0)     \n\t"
-         "add $8, %0            \n\t"
-         "jmp 2f                \n\t" // skip auxiliary routine
-
-         /*
-          * Finish generating the next 6 quarter-keys.
-          *
-          * On entry xmm0 is r3:r2:r1:r0, xmm1 is stuff:stuff:r5:r4
-          * and xmm2 is stuff:stuff:X:stuff with X = rot( sub( r3 ) ) ^ RCON.
-          *
-          * On exit, xmm0 is r9:r8:r7:r6 and xmm1 is stuff:stuff:r11:r10
-          * and those are written to the round key buffer.
-          */
-         "1:                            \n\t"
-         "pshufd $0x55, %%xmm2, %%xmm2  \n\t" // X:X:X:X
-         "pxor %%xmm0, %%xmm2           \n\t" // X+r3:X+r2:X+r1:r4
-         "pslldq $4, %%xmm0             \n\t" // etc
-         "pxor %%xmm0, %%xmm2           \n\t"
-         "pslldq $4, %%xmm0             \n\t"
-         "pxor %%xmm0, %%xmm2           \n\t"
-         "pslldq $4, %%xmm0             \n\t"
-         "pxor %%xmm2, %%xmm0           \n\t" // update xmm0 = r9:r8:r7:r6
-         "movdqu %%xmm0, (%0)           \n\t"
-         "add $16, %0                   \n\t"
-         "pshufd $0xff, %%xmm0, %%xmm2  \n\t" // r9:r9:r9:r9
-         "pxor %%xmm1, %%xmm2           \n\t" // stuff:stuff:r9+r5:r10
-         "pslldq $4, %%xmm1             \n\t" // r2:r1:r0:0
-         "pxor %%xmm2, %%xmm1           \n\t" // xmm1 = stuff:stuff:r11:r10
-         "movq %%xmm1, (%0)             \n\t"
-         "add $8, %0                    \n\t"
-         "ret                           \n\t"
-
-         "2:                            \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x01    \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x02    \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x04    \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x08    \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x10    \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x20    \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x40    \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x80    \n\tcall 1b \n\t"
-
-         :
-         : "r" (rk), "r" (key)
-         : "memory", "cc", "0" );
-}
-
-/*
- * Key expansion, 256-bit case
- */
-static void aesni_setkey_enc_256( unsigned char *rk,
-                                  const unsigned char *key )
-{
-    asm( "movdqu (%1), %%xmm0           \n\t"
-         "movdqu %%xmm0, (%0)           \n\t"
-         "add $16, %0                   \n\t"
-         "movdqu 16(%1), %%xmm1         \n\t"
-         "movdqu %%xmm1, (%0)           \n\t"
-         "jmp 2f                        \n\t" // skip auxiliary routine
-
-         /*
-          * Finish generating the next two round keys.
-          *
-          * On entry xmm0 is r3:r2:r1:r0, xmm1 is r7:r6:r5:r4 and
-          * xmm2 is X:stuff:stuff:stuff with X = rot( sub( r7 )) ^ RCON
-          *
-          * On exit, xmm0 is r11:r10:r9:r8 and xmm1 is r15:r14:r13:r12
-          * and those have been written to the output buffer.
-          */
-         "1:                                \n\t"
-         "pshufd $0xff, %%xmm2, %%xmm2      \n\t"
-         "pxor %%xmm0, %%xmm2               \n\t"
-         "pslldq $4, %%xmm0                 \n\t"
-         "pxor %%xmm0, %%xmm2               \n\t"
-         "pslldq $4, %%xmm0                 \n\t"
-         "pxor %%xmm0, %%xmm2               \n\t"
-         "pslldq $4, %%xmm0                 \n\t"
-         "pxor %%xmm2, %%xmm0               \n\t"
-         "add $16, %0                       \n\t"
-         "movdqu %%xmm0, (%0)               \n\t"
-
-         /* Set xmm2 to stuff:Y:stuff:stuff with Y = subword( r11 )
-          * and proceed to generate next round key from there */
-         AESKEYGENA xmm0_xmm2 ",0x00        \n\t"
-         "pshufd $0xaa, %%xmm2, %%xmm2      \n\t"
-         "pxor %%xmm1, %%xmm2               \n\t"
-         "pslldq $4, %%xmm1                 \n\t"
-         "pxor %%xmm1, %%xmm2               \n\t"
-         "pslldq $4, %%xmm1                 \n\t"
-         "pxor %%xmm1, %%xmm2               \n\t"
-         "pslldq $4, %%xmm1                 \n\t"
-         "pxor %%xmm2, %%xmm1               \n\t"
-         "add $16, %0                       \n\t"
-         "movdqu %%xmm1, (%0)               \n\t"
-         "ret                               \n\t"
-
-         /*
-          * Main "loop" - Generating one more key than necessary,
-          * see definition of mbedtls_aes_context.buf
-          */
-         "2:                                \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x01        \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x02        \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x04        \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x08        \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x10        \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x20        \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x40        \n\tcall 1b \n\t"
-         :
-         : "r" (rk), "r" (key)
-         : "memory", "cc", "0" );
-}
-
-/*
- * Key expansion, wrapper
- */
-int mbedtls_aesni_setkey_enc( unsigned char *rk,
-                      const unsigned char *key,
-                      size_t bits )
-{
-    switch( bits )
-    {
-        case 128: aesni_setkey_enc_128( rk, key ); break;
-        case 192: aesni_setkey_enc_192( rk, key ); break;
-        case 256: aesni_setkey_enc_256( rk, key ); break;
-        default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
-    }
-
-    return( 0 );
-}
-
-#endif /* MBEDTLS_HAVE_X86_64 */
-
-#endif /* MBEDTLS_AESNI_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/arc4.c b/3rdparty/mbedtls-2.25.0/library/arc4.c
deleted file mode 100644
index b34dc5e..0000000
--- a/3rdparty/mbedtls-2.25.0/library/arc4.c
+++ /dev/null
@@ -1,195 +0,0 @@
-/*
- *  An implementation of the ARCFOUR algorithm
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  The ARCFOUR algorithm was publicly disclosed on 94/09.
- *
- *  http://groups.google.com/group/sci.crypt/msg/10a300c9d21afca0
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_ARC4_C)
-
-#include "mbedtls/arc4.h"
-#include "mbedtls/platform_util.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_ARC4_ALT)
-
-void mbedtls_arc4_init( mbedtls_arc4_context *ctx )
-{
-    memset( ctx, 0, sizeof( mbedtls_arc4_context ) );
-}
-
-void mbedtls_arc4_free( mbedtls_arc4_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_arc4_context ) );
-}
-
-/*
- * ARC4 key schedule
- */
-void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key,
-                 unsigned int keylen )
-{
-    int i, j, a;
-    unsigned int k;
-    unsigned char *m;
-
-    ctx->x = 0;
-    ctx->y = 0;
-    m = ctx->m;
-
-    for( i = 0; i < 256; i++ )
-        m[i] = (unsigned char) i;
-
-    j = k = 0;
-
-    for( i = 0; i < 256; i++, k++ )
-    {
-        if( k >= keylen ) k = 0;
-
-        a = m[i];
-        j = ( j + a + key[k] ) & 0xFF;
-        m[i] = m[j];
-        m[j] = (unsigned char) a;
-    }
-}
-
-/*
- * ARC4 cipher function
- */
-int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input,
-                unsigned char *output )
-{
-    int x, y, a, b;
-    size_t i;
-    unsigned char *m;
-
-    x = ctx->x;
-    y = ctx->y;
-    m = ctx->m;
-
-    for( i = 0; i < length; i++ )
-    {
-        x = ( x + 1 ) & 0xFF; a = m[x];
-        y = ( y + a ) & 0xFF; b = m[y];
-
-        m[x] = (unsigned char) b;
-        m[y] = (unsigned char) a;
-
-        output[i] = (unsigned char)
-            ( input[i] ^ m[(unsigned char)( a + b )] );
-    }
-
-    ctx->x = x;
-    ctx->y = y;
-
-    return( 0 );
-}
-
-#endif /* !MBEDTLS_ARC4_ALT */
-
-#if defined(MBEDTLS_SELF_TEST)
-/*
- * ARC4 tests vectors as posted by Eric Rescorla in sep. 1994:
- *
- * http://groups.google.com/group/comp.security.misc/msg/10a300c9d21afca0
- */
-static const unsigned char arc4_test_key[3][8] =
-{
-    { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
-    { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
-    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
-};
-
-static const unsigned char arc4_test_pt[3][8] =
-{
-    { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
-    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
-};
-
-static const unsigned char arc4_test_ct[3][8] =
-{
-    { 0x75, 0xB7, 0x87, 0x80, 0x99, 0xE0, 0xC5, 0x96 },
-    { 0x74, 0x94, 0xC2, 0xE7, 0x10, 0x4B, 0x08, 0x79 },
-    { 0xDE, 0x18, 0x89, 0x41, 0xA3, 0x37, 0x5D, 0x3A }
-};
-
-/*
- * Checkup routine
- */
-int mbedtls_arc4_self_test( int verbose )
-{
-    int i, ret = 0;
-    unsigned char ibuf[8];
-    unsigned char obuf[8];
-    mbedtls_arc4_context ctx;
-
-    mbedtls_arc4_init( &ctx );
-
-    for( i = 0; i < 3; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  ARC4 test #%d: ", i + 1 );
-
-        memcpy( ibuf, arc4_test_pt[i], 8 );
-
-        mbedtls_arc4_setup( &ctx, arc4_test_key[i], 8 );
-        mbedtls_arc4_crypt( &ctx, 8, ibuf, obuf );
-
-        if( memcmp( obuf, arc4_test_ct[i], 8 ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
-
-            ret = 1;
-            goto exit;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-exit:
-    mbedtls_arc4_free( &ctx );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_ARC4_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/aria.c b/3rdparty/mbedtls-2.25.0/library/aria.c
deleted file mode 100644
index 1875635..0000000
--- a/3rdparty/mbedtls-2.25.0/library/aria.c
+++ /dev/null
@@ -1,1073 +0,0 @@
-/*
- *  ARIA implementation
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- * This implementation is based on the following standards:
- * [1] http://210.104.33.10/ARIA/doc/ARIA-specification-e.pdf
- * [2] https://tools.ietf.org/html/rfc5794
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_ARIA_C)
-
-#include "mbedtls/aria.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_ARIA_ALT)
-
-#include "mbedtls/platform_util.h"
-
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
-    !defined(inline) && !defined(__cplusplus)
-#define inline __inline
-#endif
-
-/* Parameter validation macros */
-#define ARIA_VALIDATE_RET( cond )                                       \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ARIA_BAD_INPUT_DATA )
-#define ARIA_VALIDATE( cond )                                           \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-/*
- * 32-bit integer manipulation macros (little endian)
- */
-#ifndef GET_UINT32_LE
-#define GET_UINT32_LE( n, b, i )                \
-{                                               \
-    (n) = ( (uint32_t) (b)[(i)    ]       )     \
-        | ( (uint32_t) (b)[(i) + 1] <<  8 )     \
-        | ( (uint32_t) (b)[(i) + 2] << 16 )     \
-        | ( (uint32_t) (b)[(i) + 3] << 24 );    \
-}
-#endif
-
-#ifndef PUT_UINT32_LE
-#define PUT_UINT32_LE( n, b, i )                                \
-{                                                               \
-    (b)[(i)    ] = (unsigned char) ( ( (n)       ) & 0xFF );    \
-    (b)[(i) + 1] = (unsigned char) ( ( (n) >>  8 ) & 0xFF );    \
-    (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF );    \
-    (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF );    \
-}
-#endif
-
-/*
- * modify byte order: ( A B C D ) -> ( B A D C ), i.e. swap pairs of bytes
- *
- * This is submatrix P1 in [1] Appendix B.1
- *
- * Common compilers fail to translate this to minimal number of instructions,
- * so let's provide asm versions for common platforms with C fallback.
- */
-#if defined(MBEDTLS_HAVE_ASM)
-#if defined(__arm__) /* rev16 available from v6 up */
-/* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */
-#if defined(__GNUC__) && \
-    ( !defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000 ) && \
-    __ARM_ARCH >= 6
-static inline uint32_t aria_p1( uint32_t x )
-{
-    uint32_t r;
-    __asm( "rev16 %0, %1" : "=l" (r) : "l" (x) );
-    return( r );
-}
-#define ARIA_P1 aria_p1
-#elif defined(__ARMCC_VERSION) && __ARMCC_VERSION < 6000000 && \
-    ( __TARGET_ARCH_ARM >= 6 || __TARGET_ARCH_THUMB >= 3 )
-static inline uint32_t aria_p1( uint32_t x )
-{
-    uint32_t r;
-    __asm( "rev16 r, x" );
-    return( r );
-}
-#define ARIA_P1 aria_p1
-#endif
-#endif /* arm */
-#if defined(__GNUC__) && \
-    defined(__i386__) || defined(__amd64__) || defined( __x86_64__)
-/* I couldn't find an Intel equivalent of rev16, so two instructions */
-#define ARIA_P1(x) ARIA_P2( ARIA_P3( x ) )
-#endif /* x86 gnuc */
-#endif /* MBEDTLS_HAVE_ASM && GNUC */
-#if !defined(ARIA_P1)
-#define ARIA_P1(x) ((((x) >> 8) & 0x00FF00FF) ^ (((x) & 0x00FF00FF) << 8))
-#endif
-
-/*
- * modify byte order: ( A B C D ) -> ( C D A B ), i.e. rotate by 16 bits
- *
- * This is submatrix P2 in [1] Appendix B.1
- *
- * Common compilers will translate this to a single instruction.
- */
-#define ARIA_P2(x) (((x) >> 16) ^ ((x) << 16))
-
-/*
- * modify byte order: ( A B C D ) -> ( D C B A ), i.e. change endianness
- *
- * This is submatrix P3 in [1] Appendix B.1
- *
- * Some compilers fail to translate this to a single instruction,
- * so let's provide asm versions for common platforms with C fallback.
- */
-#if defined(MBEDTLS_HAVE_ASM)
-#if defined(__arm__) /* rev available from v6 up */
-/* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */
-#if defined(__GNUC__) && \
-    ( !defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000 ) && \
-    __ARM_ARCH >= 6
-static inline uint32_t aria_p3( uint32_t x )
-{
-    uint32_t r;
-    __asm( "rev %0, %1" : "=l" (r) : "l" (x) );
-    return( r );
-}
-#define ARIA_P3 aria_p3
-#elif defined(__ARMCC_VERSION) && __ARMCC_VERSION < 6000000 && \
-    ( __TARGET_ARCH_ARM >= 6 || __TARGET_ARCH_THUMB >= 3 )
-static inline uint32_t aria_p3( uint32_t x )
-{
-    uint32_t r;
-    __asm( "rev r, x" );
-    return( r );
-}
-#define ARIA_P3 aria_p3
-#endif
-#endif /* arm */
-#if defined(__GNUC__) && \
-    defined(__i386__) || defined(__amd64__) || defined( __x86_64__)
-static inline uint32_t aria_p3( uint32_t x )
-{
-    __asm( "bswap %0" : "=r" (x) : "0" (x) );
-    return( x );
-}
-#define ARIA_P3 aria_p3
-#endif /* x86 gnuc */
-#endif /* MBEDTLS_HAVE_ASM && GNUC */
-#if !defined(ARIA_P3)
-#define ARIA_P3(x) ARIA_P2( ARIA_P1 ( x ) )
-#endif
-
-/*
- * ARIA Affine Transform
- * (a, b, c, d) = state in/out
- *
- * If we denote the first byte of input by 0, ..., the last byte by f,
- * then inputs are: a = 0123, b = 4567, c = 89ab, d = cdef.
- *
- * Reading [1] 2.4 or [2] 2.4.3 in columns and performing simple
- * rearrangements on adjacent pairs, output is:
- *
- * a = 3210 + 4545 + 6767 + 88aa + 99bb + dccd + effe
- *   = 3210 + 4567 + 6745 + 89ab + 98ba + dcfe + efcd
- * b = 0101 + 2323 + 5476 + 8998 + baab + eecc + ffdd
- *   = 0123 + 2301 + 5476 + 89ab + ba98 + efcd + fedc
- * c = 0022 + 1133 + 4554 + 7667 + ab89 + dcdc + fefe
- *   = 0123 + 1032 + 4567 + 7654 + ab89 + dcfe + fedc
- * d = 1001 + 2332 + 6644 + 7755 + 9898 + baba + cdef
- *   = 1032 + 2301 + 6745 + 7654 + 98ba + ba98 + cdef
- *
- * Note: another presentation of the A transform can be found as the first
- * half of App. B.1 in [1] in terms of 4-byte operators P1, P2, P3 and P4.
- * The implementation below uses only P1 and P2 as they are sufficient.
- */
-static inline void aria_a( uint32_t *a, uint32_t *b,
-                           uint32_t *c, uint32_t *d )
-{
-    uint32_t ta, tb, tc;
-    ta  =  *b;                      // 4567
-    *b  =  *a;                      // 0123
-    *a  =  ARIA_P2( ta );           // 6745
-    tb  =  ARIA_P2( *d );           // efcd
-    *d  =  ARIA_P1( *c );           // 98ba
-    *c  =  ARIA_P1( tb );           // fedc
-    ta  ^= *d;                      // 4567+98ba
-    tc  =  ARIA_P2( *b );           // 2301
-    ta  =  ARIA_P1( ta ) ^ tc ^ *c; // 2301+5476+89ab+fedc
-    tb  ^= ARIA_P2( *d );           // ba98+efcd
-    tc  ^= ARIA_P1( *a );           // 2301+7654
-    *b  ^= ta ^ tb;                 // 0123+2301+5476+89ab+ba98+efcd+fedc OUT
-    tb  =  ARIA_P2( tb ) ^ ta;      // 2301+5476+89ab+98ba+cdef+fedc
-    *a  ^= ARIA_P1( tb );           // 3210+4567+6745+89ab+98ba+dcfe+efcd OUT
-    ta  =  ARIA_P2( ta );           // 0123+7654+ab89+dcfe
-    *d  ^= ARIA_P1( ta ) ^ tc;      // 1032+2301+6745+7654+98ba+ba98+cdef OUT
-    tc  =  ARIA_P2( tc );           // 0123+5476
-    *c  ^= ARIA_P1( tc ) ^ ta;      // 0123+1032+4567+7654+ab89+dcfe+fedc OUT
-}
-
-/*
- * ARIA Substitution Layer SL1 / SL2
- * (a, b, c, d) = state in/out
- * (sa, sb, sc, sd) = 256 8-bit S-Boxes (see below)
- *
- * By passing sb1, sb2, is1, is2 as S-Boxes you get SL1
- * By passing is1, is2, sb1, sb2 as S-Boxes you get SL2
- */
-static inline void aria_sl( uint32_t *a, uint32_t *b,
-                            uint32_t *c, uint32_t *d,
-                            const uint8_t sa[256], const uint8_t sb[256],
-                            const uint8_t sc[256], const uint8_t sd[256] )
-{
-    *a = ( (uint32_t) sa[ *a        & 0xFF]       ) ^
-         (((uint32_t) sb[(*a >>  8) & 0xFF]) <<  8) ^
-         (((uint32_t) sc[(*a >> 16) & 0xFF]) << 16) ^
-         (((uint32_t) sd[ *a >> 24        ]) << 24);
-    *b = ( (uint32_t) sa[ *b        & 0xFF]       ) ^
-         (((uint32_t) sb[(*b >>  8) & 0xFF]) <<  8) ^
-         (((uint32_t) sc[(*b >> 16) & 0xFF]) << 16) ^
-         (((uint32_t) sd[ *b >> 24        ]) << 24);
-    *c = ( (uint32_t) sa[ *c        & 0xFF]       ) ^
-         (((uint32_t) sb[(*c >>  8) & 0xFF]) <<  8) ^
-         (((uint32_t) sc[(*c >> 16) & 0xFF]) << 16) ^
-         (((uint32_t) sd[ *c >> 24        ]) << 24);
-    *d = ( (uint32_t) sa[ *d        & 0xFF]       ) ^
-         (((uint32_t) sb[(*d >>  8) & 0xFF]) <<  8) ^
-         (((uint32_t) sc[(*d >> 16) & 0xFF]) << 16) ^
-         (((uint32_t) sd[ *d >> 24        ]) << 24);
-}
-
-/*
- * S-Boxes
- */
-static const uint8_t aria_sb1[256] =
-{
-    0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B,
-    0xFE, 0xD7, 0xAB, 0x76, 0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0,
-    0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0, 0xB7, 0xFD, 0x93, 0x26,
-    0x36, 0x3F, 0xF7, 0xCC, 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15,
-    0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, 0x07, 0x12, 0x80, 0xE2,
-    0xEB, 0x27, 0xB2, 0x75, 0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0,
-    0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84, 0x53, 0xD1, 0x00, 0xED,
-    0x20, 0xFC, 0xB1, 0x5B, 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF,
-    0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, 0x45, 0xF9, 0x02, 0x7F,
-    0x50, 0x3C, 0x9F, 0xA8, 0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5,
-    0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2, 0xCD, 0x0C, 0x13, 0xEC,
-    0x5F, 0x97, 0x44, 0x17, 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73,
-    0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, 0x46, 0xEE, 0xB8, 0x14,
-    0xDE, 0x5E, 0x0B, 0xDB, 0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C,
-    0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79, 0xE7, 0xC8, 0x37, 0x6D,
-    0x8D, 0xD5, 0x4E, 0xA9, 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08,
-    0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, 0xE8, 0xDD, 0x74, 0x1F,
-    0x4B, 0xBD, 0x8B, 0x8A, 0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E,
-    0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E, 0xE1, 0xF8, 0x98, 0x11,
-    0x69, 0xD9, 0x8E, 0x94, 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF,
-    0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F,
-    0xB0, 0x54, 0xBB, 0x16
-};
-
-static const uint8_t aria_sb2[256] =
-{
-    0xE2, 0x4E, 0x54, 0xFC, 0x94, 0xC2, 0x4A, 0xCC, 0x62, 0x0D, 0x6A, 0x46,
-    0x3C, 0x4D, 0x8B, 0xD1, 0x5E, 0xFA, 0x64, 0xCB, 0xB4, 0x97, 0xBE, 0x2B,
-    0xBC, 0x77, 0x2E, 0x03, 0xD3, 0x19, 0x59, 0xC1, 0x1D, 0x06, 0x41, 0x6B,
-    0x55, 0xF0, 0x99, 0x69, 0xEA, 0x9C, 0x18, 0xAE, 0x63, 0xDF, 0xE7, 0xBB,
-    0x00, 0x73, 0x66, 0xFB, 0x96, 0x4C, 0x85, 0xE4, 0x3A, 0x09, 0x45, 0xAA,
-    0x0F, 0xEE, 0x10, 0xEB, 0x2D, 0x7F, 0xF4, 0x29, 0xAC, 0xCF, 0xAD, 0x91,
-    0x8D, 0x78, 0xC8, 0x95, 0xF9, 0x2F, 0xCE, 0xCD, 0x08, 0x7A, 0x88, 0x38,
-    0x5C, 0x83, 0x2A, 0x28, 0x47, 0xDB, 0xB8, 0xC7, 0x93, 0xA4, 0x12, 0x53,
-    0xFF, 0x87, 0x0E, 0x31, 0x36, 0x21, 0x58, 0x48, 0x01, 0x8E, 0x37, 0x74,
-    0x32, 0xCA, 0xE9, 0xB1, 0xB7, 0xAB, 0x0C, 0xD7, 0xC4, 0x56, 0x42, 0x26,
-    0x07, 0x98, 0x60, 0xD9, 0xB6, 0xB9, 0x11, 0x40, 0xEC, 0x20, 0x8C, 0xBD,
-    0xA0, 0xC9, 0x84, 0x04, 0x49, 0x23, 0xF1, 0x4F, 0x50, 0x1F, 0x13, 0xDC,
-    0xD8, 0xC0, 0x9E, 0x57, 0xE3, 0xC3, 0x7B, 0x65, 0x3B, 0x02, 0x8F, 0x3E,
-    0xE8, 0x25, 0x92, 0xE5, 0x15, 0xDD, 0xFD, 0x17, 0xA9, 0xBF, 0xD4, 0x9A,
-    0x7E, 0xC5, 0x39, 0x67, 0xFE, 0x76, 0x9D, 0x43, 0xA7, 0xE1, 0xD0, 0xF5,
-    0x68, 0xF2, 0x1B, 0x34, 0x70, 0x05, 0xA3, 0x8A, 0xD5, 0x79, 0x86, 0xA8,
-    0x30, 0xC6, 0x51, 0x4B, 0x1E, 0xA6, 0x27, 0xF6, 0x35, 0xD2, 0x6E, 0x24,
-    0x16, 0x82, 0x5F, 0xDA, 0xE6, 0x75, 0xA2, 0xEF, 0x2C, 0xB2, 0x1C, 0x9F,
-    0x5D, 0x6F, 0x80, 0x0A, 0x72, 0x44, 0x9B, 0x6C, 0x90, 0x0B, 0x5B, 0x33,
-    0x7D, 0x5A, 0x52, 0xF3, 0x61, 0xA1, 0xF7, 0xB0, 0xD6, 0x3F, 0x7C, 0x6D,
-    0xED, 0x14, 0xE0, 0xA5, 0x3D, 0x22, 0xB3, 0xF8, 0x89, 0xDE, 0x71, 0x1A,
-    0xAF, 0xBA, 0xB5, 0x81
-};
-
-static const uint8_t aria_is1[256] =
-{
-    0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, 0xBF, 0x40, 0xA3, 0x9E,
-    0x81, 0xF3, 0xD7, 0xFB, 0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87,
-    0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB, 0x54, 0x7B, 0x94, 0x32,
-    0xA6, 0xC2, 0x23, 0x3D, 0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E,
-    0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2, 0x76, 0x5B, 0xA2, 0x49,
-    0x6D, 0x8B, 0xD1, 0x25, 0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16,
-    0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92, 0x6C, 0x70, 0x48, 0x50,
-    0xFD, 0xED, 0xB9, 0xDA, 0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84,
-    0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A, 0xF7, 0xE4, 0x58, 0x05,
-    0xB8, 0xB3, 0x45, 0x06, 0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02,
-    0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B, 0x3A, 0x91, 0x11, 0x41,
-    0x4F, 0x67, 0xDC, 0xEA, 0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73,
-    0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85, 0xE2, 0xF9, 0x37, 0xE8,
-    0x1C, 0x75, 0xDF, 0x6E, 0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89,
-    0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B, 0xFC, 0x56, 0x3E, 0x4B,
-    0xC6, 0xD2, 0x79, 0x20, 0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4,
-    0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31, 0xB1, 0x12, 0x10, 0x59,
-    0x27, 0x80, 0xEC, 0x5F, 0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D,
-    0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF, 0xA0, 0xE0, 0x3B, 0x4D,
-    0xAE, 0x2A, 0xF5, 0xB0, 0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61,
-    0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63,
-    0x55, 0x21, 0x0C, 0x7D
-};
-
-static const uint8_t aria_is2[256] =
-{
-    0x30, 0x68, 0x99, 0x1B, 0x87, 0xB9, 0x21, 0x78, 0x50, 0x39, 0xDB, 0xE1,
-    0x72, 0x09, 0x62, 0x3C, 0x3E, 0x7E, 0x5E, 0x8E, 0xF1, 0xA0, 0xCC, 0xA3,
-    0x2A, 0x1D, 0xFB, 0xB6, 0xD6, 0x20, 0xC4, 0x8D, 0x81, 0x65, 0xF5, 0x89,
-    0xCB, 0x9D, 0x77, 0xC6, 0x57, 0x43, 0x56, 0x17, 0xD4, 0x40, 0x1A, 0x4D,
-    0xC0, 0x63, 0x6C, 0xE3, 0xB7, 0xC8, 0x64, 0x6A, 0x53, 0xAA, 0x38, 0x98,
-    0x0C, 0xF4, 0x9B, 0xED, 0x7F, 0x22, 0x76, 0xAF, 0xDD, 0x3A, 0x0B, 0x58,
-    0x67, 0x88, 0x06, 0xC3, 0x35, 0x0D, 0x01, 0x8B, 0x8C, 0xC2, 0xE6, 0x5F,
-    0x02, 0x24, 0x75, 0x93, 0x66, 0x1E, 0xE5, 0xE2, 0x54, 0xD8, 0x10, 0xCE,
-    0x7A, 0xE8, 0x08, 0x2C, 0x12, 0x97, 0x32, 0xAB, 0xB4, 0x27, 0x0A, 0x23,
-    0xDF, 0xEF, 0xCA, 0xD9, 0xB8, 0xFA, 0xDC, 0x31, 0x6B, 0xD1, 0xAD, 0x19,
-    0x49, 0xBD, 0x51, 0x96, 0xEE, 0xE4, 0xA8, 0x41, 0xDA, 0xFF, 0xCD, 0x55,
-    0x86, 0x36, 0xBE, 0x61, 0x52, 0xF8, 0xBB, 0x0E, 0x82, 0x48, 0x69, 0x9A,
-    0xE0, 0x47, 0x9E, 0x5C, 0x04, 0x4B, 0x34, 0x15, 0x79, 0x26, 0xA7, 0xDE,
-    0x29, 0xAE, 0x92, 0xD7, 0x84, 0xE9, 0xD2, 0xBA, 0x5D, 0xF3, 0xC5, 0xB0,
-    0xBF, 0xA4, 0x3B, 0x71, 0x44, 0x46, 0x2B, 0xFC, 0xEB, 0x6F, 0xD5, 0xF6,
-    0x14, 0xFE, 0x7C, 0x70, 0x5A, 0x7D, 0xFD, 0x2F, 0x18, 0x83, 0x16, 0xA5,
-    0x91, 0x1F, 0x05, 0x95, 0x74, 0xA9, 0xC1, 0x5B, 0x4A, 0x85, 0x6D, 0x13,
-    0x07, 0x4F, 0x4E, 0x45, 0xB2, 0x0F, 0xC9, 0x1C, 0xA6, 0xBC, 0xEC, 0x73,
-    0x90, 0x7B, 0xCF, 0x59, 0x8F, 0xA1, 0xF9, 0x2D, 0xF2, 0xB1, 0x00, 0x94,
-    0x37, 0x9F, 0xD0, 0x2E, 0x9C, 0x6E, 0x28, 0x3F, 0x80, 0xF0, 0x3D, 0xD3,
-    0x25, 0x8A, 0xB5, 0xE7, 0x42, 0xB3, 0xC7, 0xEA, 0xF7, 0x4C, 0x11, 0x33,
-    0x03, 0xA2, 0xAC, 0x60
-};
-
-/*
- * Helper for key schedule: r = FO( p, k ) ^ x
- */
-static void aria_fo_xor( uint32_t r[4], const uint32_t p[4],
-                         const uint32_t k[4], const uint32_t x[4] )
-{
-    uint32_t a, b, c, d;
-
-    a = p[0] ^ k[0];
-    b = p[1] ^ k[1];
-    c = p[2] ^ k[2];
-    d = p[3] ^ k[3];
-
-    aria_sl( &a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2 );
-    aria_a( &a, &b, &c, &d );
-
-    r[0] = a ^ x[0];
-    r[1] = b ^ x[1];
-    r[2] = c ^ x[2];
-    r[3] = d ^ x[3];
-}
-
-/*
- * Helper for key schedule: r = FE( p, k ) ^ x
- */
-static void aria_fe_xor( uint32_t r[4], const uint32_t p[4],
-                         const uint32_t k[4], const uint32_t x[4] )
-{
-    uint32_t a, b, c, d;
-
-    a = p[0] ^ k[0];
-    b = p[1] ^ k[1];
-    c = p[2] ^ k[2];
-    d = p[3] ^ k[3];
-
-    aria_sl( &a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2 );
-    aria_a( &a, &b, &c, &d );
-
-    r[0] = a ^ x[0];
-    r[1] = b ^ x[1];
-    r[2] = c ^ x[2];
-    r[3] = d ^ x[3];
-}
-
-/*
- * Big endian 128-bit rotation: r = a ^ (b <<< n), used only in key setup.
- *
- * We chose to store bytes into 32-bit words in little-endian format (see
- * GET/PUT_UINT32_LE) so we need to reverse bytes here.
- */
-static void aria_rot128( uint32_t r[4], const uint32_t a[4],
-                         const uint32_t b[4], uint8_t n )
-{
-    uint8_t i, j;
-    uint32_t t, u;
-
-    const uint8_t n1 = n % 32;              // bit offset
-    const uint8_t n2 = n1 ? 32 - n1 : 0;    // reverse bit offset
-
-    j = ( n / 32 ) % 4;                     // initial word offset
-    t = ARIA_P3( b[j] );                    // big endian
-    for( i = 0; i < 4; i++ )
-    {
-        j = ( j + 1 ) % 4;                  // get next word, big endian
-        u = ARIA_P3( b[j] );
-        t <<= n1;                           // rotate
-        t |= u >> n2;
-        t = ARIA_P3( t );                   // back to little endian
-        r[i] = a[i] ^ t;                    // store
-        t = u;                              // move to next word
-    }
-}
-
-/*
- * Set encryption key
- */
-int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx,
-                             const unsigned char *key, unsigned int keybits )
-{
-    /* round constant masks */
-    const uint32_t rc[3][4] =
-    {
-        {   0xB7C17C51, 0x940A2227, 0xE8AB13FE, 0xE06E9AFA  },
-        {   0xCC4AB16D, 0x20C8219E, 0xD5B128FF, 0xB0E25DEF  },
-        {   0x1D3792DB, 0x70E92621, 0x75972403, 0x0EC9E804  }
-    };
-
-    int i;
-    uint32_t w[4][4], *w2;
-    ARIA_VALIDATE_RET( ctx != NULL );
-    ARIA_VALIDATE_RET( key != NULL );
-
-    if( keybits != 128 && keybits != 192 && keybits != 256 )
-        return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA );
-
-    /* Copy key to W0 (and potential remainder to W1) */
-    GET_UINT32_LE( w[0][0], key,  0 );
-    GET_UINT32_LE( w[0][1], key,  4 );
-    GET_UINT32_LE( w[0][2], key,  8 );
-    GET_UINT32_LE( w[0][3], key, 12 );
-
-    memset( w[1], 0, 16 );
-    if( keybits >= 192 )
-    {
-        GET_UINT32_LE( w[1][0], key, 16 );  // 192 bit key
-        GET_UINT32_LE( w[1][1], key, 20 );
-    }
-    if( keybits == 256 )
-    {
-        GET_UINT32_LE( w[1][2], key, 24 );  // 256 bit key
-        GET_UINT32_LE( w[1][3], key, 28 );
-    }
-
-    i = ( keybits - 128 ) >> 6;             // index: 0, 1, 2
-    ctx->nr = 12 + 2 * i;                   // no. rounds: 12, 14, 16
-
-    aria_fo_xor( w[1], w[0], rc[i], w[1] ); // W1 = FO(W0, CK1) ^ KR
-    i = i < 2 ? i + 1 : 0;
-    aria_fe_xor( w[2], w[1], rc[i], w[0] ); // W2 = FE(W1, CK2) ^ W0
-    i = i < 2 ? i + 1 : 0;
-    aria_fo_xor( w[3], w[2], rc[i], w[1] ); // W3 = FO(W2, CK3) ^ W1
-
-    for( i = 0; i < 4; i++ )                // create round keys
-    {
-        w2 = w[(i + 1) & 3];
-        aria_rot128( ctx->rk[i     ], w[i], w2, 128 - 19 );
-        aria_rot128( ctx->rk[i +  4], w[i], w2, 128 - 31 );
-        aria_rot128( ctx->rk[i +  8], w[i], w2,       61 );
-        aria_rot128( ctx->rk[i + 12], w[i], w2,       31 );
-    }
-    aria_rot128( ctx->rk[16], w[0], w[1], 19 );
-
-    /* w holds enough info to reconstruct the round keys */
-    mbedtls_platform_zeroize( w, sizeof( w ) );
-
-    return( 0 );
-}
-
-/*
- * Set decryption key
- */
-int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx,
-                             const unsigned char *key, unsigned int keybits )
-{
-    int i, j, k, ret;
-    ARIA_VALIDATE_RET( ctx != NULL );
-    ARIA_VALIDATE_RET( key != NULL );
-
-    ret = mbedtls_aria_setkey_enc( ctx, key, keybits );
-    if( ret != 0 )
-        return( ret );
-
-    /* flip the order of round keys */
-    for( i = 0, j = ctx->nr; i < j; i++, j-- )
-    {
-        for( k = 0; k < 4; k++ )
-        {
-            uint32_t t = ctx->rk[i][k];
-            ctx->rk[i][k] = ctx->rk[j][k];
-            ctx->rk[j][k] = t;
-        }
-    }
-
-    /* apply affine transform to middle keys */
-    for( i = 1; i < ctx->nr; i++ )
-    {
-        aria_a( &ctx->rk[i][0], &ctx->rk[i][1],
-                &ctx->rk[i][2], &ctx->rk[i][3] );
-    }
-
-    return( 0 );
-}
-
-/*
- * Encrypt a block
- */
-int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
-                            const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE],
-                            unsigned char output[MBEDTLS_ARIA_BLOCKSIZE] )
-{
-    int i;
-
-    uint32_t a, b, c, d;
-    ARIA_VALIDATE_RET( ctx != NULL );
-    ARIA_VALIDATE_RET( input != NULL );
-    ARIA_VALIDATE_RET( output != NULL );
-
-    GET_UINT32_LE( a, input,  0 );
-    GET_UINT32_LE( b, input,  4 );
-    GET_UINT32_LE( c, input,  8 );
-    GET_UINT32_LE( d, input, 12 );
-
-    i = 0;
-    while( 1 )
-    {
-        a ^= ctx->rk[i][0];
-        b ^= ctx->rk[i][1];
-        c ^= ctx->rk[i][2];
-        d ^= ctx->rk[i][3];
-        i++;
-
-        aria_sl( &a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2 );
-        aria_a( &a, &b, &c, &d );
-
-        a ^= ctx->rk[i][0];
-        b ^= ctx->rk[i][1];
-        c ^= ctx->rk[i][2];
-        d ^= ctx->rk[i][3];
-        i++;
-
-        aria_sl( &a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2 );
-        if( i >= ctx->nr )
-            break;
-        aria_a( &a, &b, &c, &d );
-    }
-
-    /* final key mixing */
-    a ^= ctx->rk[i][0];
-    b ^= ctx->rk[i][1];
-    c ^= ctx->rk[i][2];
-    d ^= ctx->rk[i][3];
-
-    PUT_UINT32_LE( a, output,  0 );
-    PUT_UINT32_LE( b, output,  4 );
-    PUT_UINT32_LE( c, output,  8 );
-    PUT_UINT32_LE( d, output, 12 );
-
-    return( 0 );
-}
-
-/* Initialize context */
-void mbedtls_aria_init( mbedtls_aria_context *ctx )
-{
-    ARIA_VALIDATE( ctx != NULL );
-    memset( ctx, 0, sizeof( mbedtls_aria_context ) );
-}
-
-/* Clear context */
-void mbedtls_aria_free( mbedtls_aria_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_aria_context ) );
-}
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-/*
- * ARIA-CBC buffer encryption/decryption
- */
-int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
-                            int mode,
-                            size_t length,
-                            unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
-                            const unsigned char *input,
-                            unsigned char *output )
-{
-    int i;
-    unsigned char temp[MBEDTLS_ARIA_BLOCKSIZE];
-
-    ARIA_VALIDATE_RET( ctx != NULL );
-    ARIA_VALIDATE_RET( mode == MBEDTLS_ARIA_ENCRYPT ||
-                       mode == MBEDTLS_ARIA_DECRYPT );
-    ARIA_VALIDATE_RET( length == 0 || input  != NULL );
-    ARIA_VALIDATE_RET( length == 0 || output != NULL );
-    ARIA_VALIDATE_RET( iv != NULL );
-
-    if( length % MBEDTLS_ARIA_BLOCKSIZE )
-        return( MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH );
-
-    if( mode == MBEDTLS_ARIA_DECRYPT )
-    {
-        while( length > 0 )
-        {
-            memcpy( temp, input, MBEDTLS_ARIA_BLOCKSIZE );
-            mbedtls_aria_crypt_ecb( ctx, input, output );
-
-            for( i = 0; i < MBEDTLS_ARIA_BLOCKSIZE; i++ )
-                output[i] = (unsigned char)( output[i] ^ iv[i] );
-
-            memcpy( iv, temp, MBEDTLS_ARIA_BLOCKSIZE );
-
-            input  += MBEDTLS_ARIA_BLOCKSIZE;
-            output += MBEDTLS_ARIA_BLOCKSIZE;
-            length -= MBEDTLS_ARIA_BLOCKSIZE;
-        }
-    }
-    else
-    {
-        while( length > 0 )
-        {
-            for( i = 0; i < MBEDTLS_ARIA_BLOCKSIZE; i++ )
-                output[i] = (unsigned char)( input[i] ^ iv[i] );
-
-            mbedtls_aria_crypt_ecb( ctx, output, output );
-            memcpy( iv, output, MBEDTLS_ARIA_BLOCKSIZE );
-
-            input  += MBEDTLS_ARIA_BLOCKSIZE;
-            output += MBEDTLS_ARIA_BLOCKSIZE;
-            length -= MBEDTLS_ARIA_BLOCKSIZE;
-        }
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-/*
- * ARIA-CFB128 buffer encryption/decryption
- */
-int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
-                               int mode,
-                               size_t length,
-                               size_t *iv_off,
-                               unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
-                               const unsigned char *input,
-                               unsigned char *output )
-{
-    unsigned char c;
-    size_t n;
-
-    ARIA_VALIDATE_RET( ctx != NULL );
-    ARIA_VALIDATE_RET( mode == MBEDTLS_ARIA_ENCRYPT ||
-                       mode == MBEDTLS_ARIA_DECRYPT );
-    ARIA_VALIDATE_RET( length == 0 || input  != NULL );
-    ARIA_VALIDATE_RET( length == 0 || output != NULL );
-    ARIA_VALIDATE_RET( iv != NULL );
-    ARIA_VALIDATE_RET( iv_off != NULL );
-
-    n = *iv_off;
-
-    /* An overly large value of n can lead to an unlimited
-     * buffer overflow. Therefore, guard against this
-     * outside of parameter validation. */
-    if( n >= MBEDTLS_ARIA_BLOCKSIZE )
-        return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA );
-
-    if( mode == MBEDTLS_ARIA_DECRYPT )
-    {
-        while( length-- )
-        {
-            if( n == 0 )
-                mbedtls_aria_crypt_ecb( ctx, iv, iv );
-
-            c = *input++;
-            *output++ = c ^ iv[n];
-            iv[n] = c;
-
-            n = ( n + 1 ) & 0x0F;
-        }
-    }
-    else
-    {
-        while( length-- )
-        {
-            if( n == 0 )
-                mbedtls_aria_crypt_ecb( ctx, iv, iv );
-
-            iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
-
-            n = ( n + 1 ) & 0x0F;
-        }
-    }
-
-    *iv_off = n;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-/*
- * ARIA-CTR buffer encryption/decryption
- */
-int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx,
-                            size_t length,
-                            size_t *nc_off,
-                            unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE],
-                            unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE],
-                            const unsigned char *input,
-                            unsigned char *output )
-{
-    int c, i;
-    size_t n;
-
-    ARIA_VALIDATE_RET( ctx != NULL );
-    ARIA_VALIDATE_RET( length == 0 || input  != NULL );
-    ARIA_VALIDATE_RET( length == 0 || output != NULL );
-    ARIA_VALIDATE_RET( nonce_counter != NULL );
-    ARIA_VALIDATE_RET( stream_block  != NULL );
-    ARIA_VALIDATE_RET( nc_off != NULL );
-
-    n = *nc_off;
-    /* An overly large value of n can lead to an unlimited
-     * buffer overflow. Therefore, guard against this
-     * outside of parameter validation. */
-    if( n >= MBEDTLS_ARIA_BLOCKSIZE )
-        return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA );
-
-    while( length-- )
-    {
-        if( n == 0 ) {
-            mbedtls_aria_crypt_ecb( ctx, nonce_counter,
-                                stream_block );
-
-            for( i = MBEDTLS_ARIA_BLOCKSIZE; i > 0; i-- )
-                if( ++nonce_counter[i - 1] != 0 )
-                    break;
-        }
-        c = *input++;
-        *output++ = (unsigned char)( c ^ stream_block[n] );
-
-        n = ( n + 1 ) & 0x0F;
-    }
-
-    *nc_off = n;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-#endif /* !MBEDTLS_ARIA_ALT */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/*
- * Basic ARIA ECB test vectors from RFC 5794
- */
-static const uint8_t aria_test1_ecb_key[32] =           // test key
-{
-    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,     // 128 bit
-    0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
-    0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,     // 192 bit
-    0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F      // 256 bit
-};
-
-static const uint8_t aria_test1_ecb_pt[MBEDTLS_ARIA_BLOCKSIZE] =            // plaintext
-{
-    0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,     // same for all
-    0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF      // key sizes
-};
-
-static const uint8_t aria_test1_ecb_ct[3][MBEDTLS_ARIA_BLOCKSIZE] =         // ciphertext
-{
-    { 0xD7, 0x18, 0xFB, 0xD6, 0xAB, 0x64, 0x4C, 0x73,   // 128 bit
-      0x9D, 0xA9, 0x5F, 0x3B, 0xE6, 0x45, 0x17, 0x78 },
-    { 0x26, 0x44, 0x9C, 0x18, 0x05, 0xDB, 0xE7, 0xAA,   // 192 bit
-      0x25, 0xA4, 0x68, 0xCE, 0x26, 0x3A, 0x9E, 0x79 },
-    { 0xF9, 0x2B, 0xD7, 0xC7, 0x9F, 0xB7, 0x2E, 0x2F,   // 256 bit
-      0x2B, 0x8F, 0x80, 0xC1, 0x97, 0x2D, 0x24, 0xFC }
-};
-
-/*
- * Mode tests from "Test Vectors for ARIA"  Version 1.0
- * http://210.104.33.10/ARIA/doc/ARIA-testvector-e.pdf
- */
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) || defined(MBEDTLS_CIPHER_MODE_CFB) || \
-    defined(MBEDTLS_CIPHER_MODE_CTR))
-static const uint8_t aria_test2_key[32] =
-{
-    0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,     // 128 bit
-    0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
-    0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,     // 192 bit
-    0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff      // 256 bit
-};
-
-static const uint8_t aria_test2_pt[48] =
-{
-    0x11, 0x11, 0x11, 0x11, 0xaa, 0xaa, 0xaa, 0xaa,     // same for all
-    0x11, 0x11, 0x11, 0x11, 0xbb, 0xbb, 0xbb, 0xbb,
-    0x11, 0x11, 0x11, 0x11, 0xcc, 0xcc, 0xcc, 0xcc,
-    0x11, 0x11, 0x11, 0x11, 0xdd, 0xdd, 0xdd, 0xdd,
-    0x22, 0x22, 0x22, 0x22, 0xaa, 0xaa, 0xaa, 0xaa,
-    0x22, 0x22, 0x22, 0x22, 0xbb, 0xbb, 0xbb, 0xbb,
-};
-#endif
-
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) || defined(MBEDTLS_CIPHER_MODE_CFB))
-static const uint8_t aria_test2_iv[MBEDTLS_ARIA_BLOCKSIZE] =
-{
-    0x0f, 0x1e, 0x2d, 0x3c, 0x4b, 0x5a, 0x69, 0x78,     // same for CBC, CFB
-    0x87, 0x96, 0xa5, 0xb4, 0xc3, 0xd2, 0xe1, 0xf0      // CTR has zero IV
-};
-#endif
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-static const uint8_t aria_test2_cbc_ct[3][48] =         // CBC ciphertext
-{
-    { 0x49, 0xd6, 0x18, 0x60, 0xb1, 0x49, 0x09, 0x10,   // 128-bit key
-      0x9c, 0xef, 0x0d, 0x22, 0xa9, 0x26, 0x81, 0x34,
-      0xfa, 0xdf, 0x9f, 0xb2, 0x31, 0x51, 0xe9, 0x64,
-      0x5f, 0xba, 0x75, 0x01, 0x8b, 0xdb, 0x15, 0x38,
-      0xb5, 0x33, 0x34, 0x63, 0x4b, 0xbf, 0x7d, 0x4c,
-      0xd4, 0xb5, 0x37, 0x70, 0x33, 0x06, 0x0c, 0x15 },
-    { 0xaf, 0xe6, 0xcf, 0x23, 0x97, 0x4b, 0x53, 0x3c,   // 192-bit key
-      0x67, 0x2a, 0x82, 0x62, 0x64, 0xea, 0x78, 0x5f,
-      0x4e, 0x4f, 0x7f, 0x78, 0x0d, 0xc7, 0xf3, 0xf1,
-      0xe0, 0x96, 0x2b, 0x80, 0x90, 0x23, 0x86, 0xd5,
-      0x14, 0xe9, 0xc3, 0xe7, 0x72, 0x59, 0xde, 0x92,
-      0xdd, 0x11, 0x02, 0xff, 0xab, 0x08, 0x6c, 0x1e },
-    { 0x52, 0x3a, 0x8a, 0x80, 0x6a, 0xe6, 0x21, 0xf1,   // 256-bit key
-      0x55, 0xfd, 0xd2, 0x8d, 0xbc, 0x34, 0xe1, 0xab,
-      0x7b, 0x9b, 0x42, 0x43, 0x2a, 0xd8, 0xb2, 0xef,
-      0xb9, 0x6e, 0x23, 0xb1, 0x3f, 0x0a, 0x6e, 0x52,
-      0xf3, 0x61, 0x85, 0xd5, 0x0a, 0xd0, 0x02, 0xc5,
-      0xf6, 0x01, 0xbe, 0xe5, 0x49, 0x3f, 0x11, 0x8b }
-};
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-static const uint8_t aria_test2_cfb_ct[3][48] =         // CFB ciphertext
-{
-    { 0x37, 0x20, 0xe5, 0x3b, 0xa7, 0xd6, 0x15, 0x38,   // 128-bit key
-      0x34, 0x06, 0xb0, 0x9f, 0x0a, 0x05, 0xa2, 0x00,
-      0xc0, 0x7c, 0x21, 0xe6, 0x37, 0x0f, 0x41, 0x3a,
-      0x5d, 0x13, 0x25, 0x00, 0xa6, 0x82, 0x85, 0x01,
-      0x7c, 0x61, 0xb4, 0x34, 0xc7, 0xb7, 0xca, 0x96,
-      0x85, 0xa5, 0x10, 0x71, 0x86, 0x1e, 0x4d, 0x4b },
-    { 0x41, 0x71, 0xf7, 0x19, 0x2b, 0xf4, 0x49, 0x54,   // 192-bit key
-      0x94, 0xd2, 0x73, 0x61, 0x29, 0x64, 0x0f, 0x5c,
-      0x4d, 0x87, 0xa9, 0xa2, 0x13, 0x66, 0x4c, 0x94,
-      0x48, 0x47, 0x7c, 0x6e, 0xcc, 0x20, 0x13, 0x59,
-      0x8d, 0x97, 0x66, 0x95, 0x2d, 0xd8, 0xc3, 0x86,
-      0x8f, 0x17, 0xe3, 0x6e, 0xf6, 0x6f, 0xd8, 0x4b },
-    { 0x26, 0x83, 0x47, 0x05, 0xb0, 0xf2, 0xc0, 0xe2,   // 256-bit key
-      0x58, 0x8d, 0x4a, 0x7f, 0x09, 0x00, 0x96, 0x35,
-      0xf2, 0x8b, 0xb9, 0x3d, 0x8c, 0x31, 0xf8, 0x70,
-      0xec, 0x1e, 0x0b, 0xdb, 0x08, 0x2b, 0x66, 0xfa,
-      0x40, 0x2d, 0xd9, 0xc2, 0x02, 0xbe, 0x30, 0x0c,
-      0x45, 0x17, 0xd1, 0x96, 0xb1, 0x4d, 0x4c, 0xe1 }
-};
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-static const uint8_t aria_test2_ctr_ct[3][48] =         // CTR ciphertext
-{
-    { 0xac, 0x5d, 0x7d, 0xe8, 0x05, 0xa0, 0xbf, 0x1c,   // 128-bit key
-      0x57, 0xc8, 0x54, 0x50, 0x1a, 0xf6, 0x0f, 0xa1,
-      0x14, 0x97, 0xe2, 0xa3, 0x45, 0x19, 0xde, 0xa1,
-      0x56, 0x9e, 0x91, 0xe5, 0xb5, 0xcc, 0xae, 0x2f,
-      0xf3, 0xbf, 0xa1, 0xbf, 0x97, 0x5f, 0x45, 0x71,
-      0xf4, 0x8b, 0xe1, 0x91, 0x61, 0x35, 0x46, 0xc3 },
-    { 0x08, 0x62, 0x5c, 0xa8, 0xfe, 0x56, 0x9c, 0x19,   // 192-bit key
-      0xba, 0x7a, 0xf3, 0x76, 0x0a, 0x6e, 0xd1, 0xce,
-      0xf4, 0xd1, 0x99, 0x26, 0x3e, 0x99, 0x9d, 0xde,
-      0x14, 0x08, 0x2d, 0xbb, 0xa7, 0x56, 0x0b, 0x79,
-      0xa4, 0xc6, 0xb4, 0x56, 0xb8, 0x70, 0x7d, 0xce,
-      0x75, 0x1f, 0x98, 0x54, 0xf1, 0x88, 0x93, 0xdf },
-    { 0x30, 0x02, 0x6c, 0x32, 0x96, 0x66, 0x14, 0x17,   // 256-bit key
-      0x21, 0x17, 0x8b, 0x99, 0xc0, 0xa1, 0xf1, 0xb2,
-      0xf0, 0x69, 0x40, 0x25, 0x3f, 0x7b, 0x30, 0x89,
-      0xe2, 0xa3, 0x0e, 0xa8, 0x6a, 0xa3, 0xc8, 0x8f,
-      0x59, 0x40, 0xf0, 0x5a, 0xd7, 0xee, 0x41, 0xd7,
-      0x13, 0x47, 0xbb, 0x72, 0x61, 0xe3, 0x48, 0xf1 }
-};
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#define ARIA_SELF_TEST_IF_FAIL              \
-        {                                   \
-            if( verbose )                   \
-                mbedtls_printf( "failed\n" );       \
-            return( 1 );                    \
-        } else {                            \
-            if( verbose )                   \
-                mbedtls_printf( "passed\n" );       \
-        }
-
-/*
- * Checkup routine
- */
-int mbedtls_aria_self_test( int verbose )
-{
-    int i;
-    uint8_t blk[MBEDTLS_ARIA_BLOCKSIZE];
-    mbedtls_aria_context ctx;
-
-#if (defined(MBEDTLS_CIPHER_MODE_CFB) || defined(MBEDTLS_CIPHER_MODE_CTR))
-    size_t j;
-#endif
-
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) || \
-     defined(MBEDTLS_CIPHER_MODE_CFB) || \
-     defined(MBEDTLS_CIPHER_MODE_CTR))
-    uint8_t buf[48], iv[MBEDTLS_ARIA_BLOCKSIZE];
-#endif
-
-    /*
-     * Test set 1
-     */
-    for( i = 0; i < 3; i++ )
-    {
-        /* test ECB encryption */
-        if( verbose )
-            mbedtls_printf( "  ARIA-ECB-%d (enc): ", 128 + 64 * i );
-        mbedtls_aria_setkey_enc( &ctx, aria_test1_ecb_key, 128 + 64 * i );
-        mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_pt, blk );
-        if( memcmp( blk, aria_test1_ecb_ct[i], MBEDTLS_ARIA_BLOCKSIZE ) != 0 )
-            ARIA_SELF_TEST_IF_FAIL;
-
-        /* test ECB decryption */
-        if( verbose )
-            mbedtls_printf( "  ARIA-ECB-%d (dec): ", 128 + 64 * i );
-        mbedtls_aria_setkey_dec( &ctx, aria_test1_ecb_key, 128 + 64 * i );
-        mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_ct[i], blk );
-        if( memcmp( blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE ) != 0 )
-            ARIA_SELF_TEST_IF_FAIL;
-    }
-    if( verbose )
-        mbedtls_printf( "\n" );
-
-    /*
-     * Test set 2
-     */
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    for( i = 0; i < 3; i++ )
-    {
-        /* Test CBC encryption */
-        if( verbose )
-            mbedtls_printf( "  ARIA-CBC-%d (enc): ", 128 + 64 * i );
-        mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i );
-        memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE );
-        memset( buf, 0x55, sizeof( buf ) );
-        mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, iv,
-            aria_test2_pt, buf );
-        if( memcmp( buf, aria_test2_cbc_ct[i], 48 ) != 0 )
-            ARIA_SELF_TEST_IF_FAIL;
-
-        /* Test CBC decryption */
-        if( verbose )
-            mbedtls_printf( "  ARIA-CBC-%d (dec): ", 128 + 64 * i );
-        mbedtls_aria_setkey_dec( &ctx, aria_test2_key, 128 + 64 * i );
-        memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE );
-        memset( buf, 0xAA, sizeof( buf ) );
-        mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT, 48, iv,
-            aria_test2_cbc_ct[i], buf );
-        if( memcmp( buf, aria_test2_pt, 48 ) != 0 )
-            ARIA_SELF_TEST_IF_FAIL;
-    }
-    if( verbose )
-        mbedtls_printf( "\n" );
-
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    for( i = 0; i < 3; i++ )
-    {
-        /* Test CFB encryption */
-        if( verbose )
-            mbedtls_printf( "  ARIA-CFB-%d (enc): ", 128 + 64 * i );
-        mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i );
-        memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE );
-        memset( buf, 0x55, sizeof( buf ) );
-        j = 0;
-        mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, &j, iv,
-            aria_test2_pt, buf );
-        if( memcmp( buf, aria_test2_cfb_ct[i], 48 ) != 0 )
-            ARIA_SELF_TEST_IF_FAIL;
-
-        /* Test CFB decryption */
-        if( verbose )
-            mbedtls_printf( "  ARIA-CFB-%d (dec): ", 128 + 64 * i );
-        mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i );
-        memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE );
-        memset( buf, 0xAA, sizeof( buf ) );
-        j = 0;
-        mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_DECRYPT, 48, &j,
-            iv, aria_test2_cfb_ct[i], buf );
-        if( memcmp( buf, aria_test2_pt, 48 ) != 0 )
-            ARIA_SELF_TEST_IF_FAIL;
-    }
-    if( verbose )
-        mbedtls_printf( "\n" );
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    for( i = 0; i < 3; i++ )
-    {
-        /* Test CTR encryption */
-        if( verbose )
-            mbedtls_printf( "  ARIA-CTR-%d (enc): ", 128 + 64 * i );
-        mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i );
-        memset( iv, 0, MBEDTLS_ARIA_BLOCKSIZE );                    // IV = 0
-        memset( buf, 0x55, sizeof( buf ) );
-        j = 0;
-        mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk,
-            aria_test2_pt, buf );
-        if( memcmp( buf, aria_test2_ctr_ct[i], 48 ) != 0 )
-            ARIA_SELF_TEST_IF_FAIL;
-
-        /* Test CTR decryption */
-        if( verbose )
-            mbedtls_printf( "  ARIA-CTR-%d (dec): ", 128 + 64 * i );
-        mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i );
-        memset( iv, 0, MBEDTLS_ARIA_BLOCKSIZE );                    // IV = 0
-        memset( buf, 0xAA, sizeof( buf ) );
-        j = 0;
-        mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk,
-            aria_test2_ctr_ct[i], buf );
-        if( memcmp( buf, aria_test2_pt, 48 ) != 0 )
-            ARIA_SELF_TEST_IF_FAIL;
-    }
-    if( verbose )
-        mbedtls_printf( "\n" );
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-    return( 0 );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_ARIA_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/asn1parse.c b/3rdparty/mbedtls-2.25.0/library/asn1parse.c
deleted file mode 100644
index 22747d3..0000000
--- a/3rdparty/mbedtls-2.25.0/library/asn1parse.c
+++ /dev/null
@@ -1,481 +0,0 @@
-/*
- *  Generic ASN.1 parsing
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_ASN1_PARSE_C)
-
-#include "mbedtls/asn1.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_BIGNUM_C)
-#include "mbedtls/bignum.h"
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc    calloc
-#define mbedtls_free       free
-#endif
-
-/*
- * ASN.1 DER decoding routines
- */
-int mbedtls_asn1_get_len( unsigned char **p,
-                  const unsigned char *end,
-                  size_t *len )
-{
-    if( ( end - *p ) < 1 )
-        return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
-    if( ( **p & 0x80 ) == 0 )
-        *len = *(*p)++;
-    else
-    {
-        switch( **p & 0x7F )
-        {
-        case 1:
-            if( ( end - *p ) < 2 )
-                return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
-            *len = (*p)[1];
-            (*p) += 2;
-            break;
-
-        case 2:
-            if( ( end - *p ) < 3 )
-                return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
-            *len = ( (size_t)(*p)[1] << 8 ) | (*p)[2];
-            (*p) += 3;
-            break;
-
-        case 3:
-            if( ( end - *p ) < 4 )
-                return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
-            *len = ( (size_t)(*p)[1] << 16 ) |
-                   ( (size_t)(*p)[2] << 8  ) | (*p)[3];
-            (*p) += 4;
-            break;
-
-        case 4:
-            if( ( end - *p ) < 5 )
-                return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
-            *len = ( (size_t)(*p)[1] << 24 ) | ( (size_t)(*p)[2] << 16 ) |
-                   ( (size_t)(*p)[3] << 8  ) |           (*p)[4];
-            (*p) += 5;
-            break;
-
-        default:
-            return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
-        }
-    }
-
-    if( *len > (size_t) ( end - *p ) )
-        return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
-    return( 0 );
-}
-
-int mbedtls_asn1_get_tag( unsigned char **p,
-                  const unsigned char *end,
-                  size_t *len, int tag )
-{
-    if( ( end - *p ) < 1 )
-        return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
-    if( **p != tag )
-        return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
-
-    (*p)++;
-
-    return( mbedtls_asn1_get_len( p, end, len ) );
-}
-
-int mbedtls_asn1_get_bool( unsigned char **p,
-                   const unsigned char *end,
-                   int *val )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_BOOLEAN ) ) != 0 )
-        return( ret );
-
-    if( len != 1 )
-        return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
-
-    *val = ( **p != 0 ) ? 1 : 0;
-    (*p)++;
-
-    return( 0 );
-}
-
-static int asn1_get_tagged_int( unsigned char **p,
-                                const unsigned char *end,
-                                int tag, int *val )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len, tag ) ) != 0 )
-        return( ret );
-
-    /*
-     * len==0 is malformed (0 must be represented as 020100 for INTEGER,
-     * or 0A0100 for ENUMERATED tags
-     */
-    if( len == 0 )
-        return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
-    /* This is a cryptography library. Reject negative integers. */
-    if( ( **p & 0x80 ) != 0 )
-        return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
-
-    /* Skip leading zeros. */
-    while( len > 0 && **p == 0 )
-    {
-        ++( *p );
-        --len;
-    }
-
-    /* Reject integers that don't fit in an int. This code assumes that
-     * the int type has no padding bit. */
-    if( len > sizeof( int ) )
-        return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
-    if( len == sizeof( int ) && ( **p & 0x80 ) != 0 )
-        return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
-
-    *val = 0;
-    while( len-- > 0 )
-    {
-        *val = ( *val << 8 ) | **p;
-        (*p)++;
-    }
-
-    return( 0 );
-}
-
-int mbedtls_asn1_get_int( unsigned char **p,
-                          const unsigned char *end,
-                          int *val )
-{
-    return( asn1_get_tagged_int( p, end, MBEDTLS_ASN1_INTEGER, val) );
-}
-
-int mbedtls_asn1_get_enum( unsigned char **p,
-                           const unsigned char *end,
-                           int *val )
-{
-    return( asn1_get_tagged_int( p, end, MBEDTLS_ASN1_ENUMERATED, val) );
-}
-
-#if defined(MBEDTLS_BIGNUM_C)
-int mbedtls_asn1_get_mpi( unsigned char **p,
-                  const unsigned char *end,
-                  mbedtls_mpi *X )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
-        return( ret );
-
-    ret = mbedtls_mpi_read_binary( X, *p, len );
-
-    *p += len;
-
-    return( ret );
-}
-#endif /* MBEDTLS_BIGNUM_C */
-
-int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end,
-                        mbedtls_asn1_bitstring *bs)
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    /* Certificate type is a single byte bitstring */
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 )
-        return( ret );
-
-    /* Check length, subtract one for actual bit string length */
-    if( bs->len < 1 )
-        return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-    bs->len -= 1;
-
-    /* Get number of unused bits, ensure unused bits <= 7 */
-    bs->unused_bits = **p;
-    if( bs->unused_bits > 7 )
-        return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
-    (*p)++;
-
-    /* Get actual bitstring */
-    bs->p = *p;
-    *p += bs->len;
-
-    if( *p != end )
-        return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    return( 0 );
-}
-
-/*
- * Traverse an ASN.1 "SEQUENCE OF <tag>"
- * and call a callback for each entry found.
- */
-int mbedtls_asn1_traverse_sequence_of(
-    unsigned char **p,
-    const unsigned char *end,
-    unsigned char tag_must_mask, unsigned char tag_must_val,
-    unsigned char tag_may_mask, unsigned char tag_may_val,
-    int (*cb)( void *ctx, int tag,
-               unsigned char *start, size_t len ),
-    void *ctx )
-{
-    int ret;
-    size_t len;
-
-    /* Get main sequence tag */
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    if( *p + len != end )
-        return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    while( *p < end )
-    {
-        unsigned char const tag = *(*p)++;
-
-        if( ( tag & tag_must_mask ) != tag_must_val )
-            return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
-
-        if( ( ret = mbedtls_asn1_get_len( p, end, &len ) ) != 0 )
-            return( ret );
-
-        if( ( tag & tag_may_mask ) == tag_may_val )
-        {
-            if( cb != NULL )
-            {
-                ret = cb( ctx, tag, *p, len );
-                if( ret != 0 )
-                    return( ret );
-            }
-        }
-
-        *p += len;
-    }
-
-    return( 0 );
-}
-
-/*
- * Get a bit string without unused bits
- */
-int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end,
-                             size_t *len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ( ret = mbedtls_asn1_get_tag( p, end, len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 )
-        return( ret );
-
-    if( *len == 0 )
-        return( MBEDTLS_ERR_ASN1_INVALID_DATA );
-    --( *len );
-
-    if( **p != 0 )
-        return( MBEDTLS_ERR_ASN1_INVALID_DATA );
-    ++( *p );
-
-    return( 0 );
-}
-
-void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq )
-{
-    while( seq != NULL )
-    {
-        mbedtls_asn1_sequence *next = seq->next;
-        mbedtls_platform_zeroize( seq, sizeof( *seq ) );
-        mbedtls_free( seq );
-        seq = next;
-    }
-}
-
-typedef struct
-{
-    int tag;
-    mbedtls_asn1_sequence *cur;
-} asn1_get_sequence_of_cb_ctx_t;
-
-static int asn1_get_sequence_of_cb( void *ctx,
-                                    int tag,
-                                    unsigned char *start,
-                                    size_t len )
-{
-    asn1_get_sequence_of_cb_ctx_t *cb_ctx =
-        (asn1_get_sequence_of_cb_ctx_t *) ctx;
-    mbedtls_asn1_sequence *cur =
-        cb_ctx->cur;
-
-    if( cur->buf.p != NULL )
-    {
-        cur->next =
-            mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) );
-
-        if( cur->next == NULL )
-            return( MBEDTLS_ERR_ASN1_ALLOC_FAILED );
-
-        cur = cur->next;
-    }
-
-    cur->buf.p = start;
-    cur->buf.len = len;
-    cur->buf.tag = tag;
-
-    cb_ctx->cur = cur;
-    return( 0 );
-}
-
-/*
- *  Parses and splits an ASN.1 "SEQUENCE OF <tag>"
- */
-int mbedtls_asn1_get_sequence_of( unsigned char **p,
-                          const unsigned char *end,
-                          mbedtls_asn1_sequence *cur,
-                          int tag)
-{
-    asn1_get_sequence_of_cb_ctx_t cb_ctx = { tag, cur };
-    memset( cur, 0, sizeof( mbedtls_asn1_sequence ) );
-    return( mbedtls_asn1_traverse_sequence_of(
-                p, end, 0xFF, tag, 0, 0,
-                asn1_get_sequence_of_cb, &cb_ctx ) );
-}
-
-int mbedtls_asn1_get_alg( unsigned char **p,
-                  const unsigned char *end,
-                  mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-        return( ret );
-
-    if( ( end - *p ) < 1 )
-        return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
-    alg->tag = **p;
-    end = *p + len;
-
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &alg->len, MBEDTLS_ASN1_OID ) ) != 0 )
-        return( ret );
-
-    alg->p = *p;
-    *p += alg->len;
-
-    if( *p == end )
-    {
-        mbedtls_platform_zeroize( params, sizeof(mbedtls_asn1_buf) );
-        return( 0 );
-    }
-
-    params->tag = **p;
-    (*p)++;
-
-    if( ( ret = mbedtls_asn1_get_len( p, end, &params->len ) ) != 0 )
-        return( ret );
-
-    params->p = *p;
-    *p += params->len;
-
-    if( *p != end )
-        return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    return( 0 );
-}
-
-int mbedtls_asn1_get_alg_null( unsigned char **p,
-                       const unsigned char *end,
-                       mbedtls_asn1_buf *alg )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_asn1_buf params;
-
-    memset( &params, 0, sizeof(mbedtls_asn1_buf) );
-
-    if( ( ret = mbedtls_asn1_get_alg( p, end, alg, &params ) ) != 0 )
-        return( ret );
-
-    if( ( params.tag != MBEDTLS_ASN1_NULL && params.tag != 0 ) || params.len != 0 )
-        return( MBEDTLS_ERR_ASN1_INVALID_DATA );
-
-    return( 0 );
-}
-
-void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *cur )
-{
-    if( cur == NULL )
-        return;
-
-    mbedtls_free( cur->oid.p );
-    mbedtls_free( cur->val.p );
-
-    mbedtls_platform_zeroize( cur, sizeof( mbedtls_asn1_named_data ) );
-}
-
-void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head )
-{
-    mbedtls_asn1_named_data *cur;
-
-    while( ( cur = *head ) != NULL )
-    {
-        *head = cur->next;
-        mbedtls_asn1_free_named_data( cur );
-        mbedtls_free( cur );
-    }
-}
-
-mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *list,
-                                       const char *oid, size_t len )
-{
-    while( list != NULL )
-    {
-        if( list->oid.len == len &&
-            memcmp( list->oid.p, oid, len ) == 0 )
-        {
-            break;
-        }
-
-        list = list->next;
-    }
-
-    return( list );
-}
-
-#endif /* MBEDTLS_ASN1_PARSE_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/asn1write.c b/3rdparty/mbedtls-2.25.0/library/asn1write.c
deleted file mode 100644
index deb1a2f..0000000
--- a/3rdparty/mbedtls-2.25.0/library/asn1write.c
+++ /dev/null
@@ -1,480 +0,0 @@
-/*
- * ASN.1 buffer writing functionality
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_ASN1_WRITE_C)
-
-#include "mbedtls/asn1write.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc    calloc
-#define mbedtls_free       free
-#endif
-
-int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len )
-{
-    if( len < 0x80 )
-    {
-        if( *p - start < 1 )
-            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-        *--(*p) = (unsigned char) len;
-        return( 1 );
-    }
-
-    if( len <= 0xFF )
-    {
-        if( *p - start < 2 )
-            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-        *--(*p) = (unsigned char) len;
-        *--(*p) = 0x81;
-        return( 2 );
-    }
-
-    if( len <= 0xFFFF )
-    {
-        if( *p - start < 3 )
-            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-        *--(*p) = ( len       ) & 0xFF;
-        *--(*p) = ( len >>  8 ) & 0xFF;
-        *--(*p) = 0x82;
-        return( 3 );
-    }
-
-    if( len <= 0xFFFFFF )
-    {
-        if( *p - start < 4 )
-            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-        *--(*p) = ( len       ) & 0xFF;
-        *--(*p) = ( len >>  8 ) & 0xFF;
-        *--(*p) = ( len >> 16 ) & 0xFF;
-        *--(*p) = 0x83;
-        return( 4 );
-    }
-
-#if SIZE_MAX > 0xFFFFFFFF
-    if( len <= 0xFFFFFFFF )
-#endif
-    {
-        if( *p - start < 5 )
-            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-        *--(*p) = ( len       ) & 0xFF;
-        *--(*p) = ( len >>  8 ) & 0xFF;
-        *--(*p) = ( len >> 16 ) & 0xFF;
-        *--(*p) = ( len >> 24 ) & 0xFF;
-        *--(*p) = 0x84;
-        return( 5 );
-    }
-
-#if SIZE_MAX > 0xFFFFFFFF
-    return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
-#endif
-}
-
-int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag )
-{
-    if( *p - start < 1 )
-        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-    *--(*p) = tag;
-
-    return( 1 );
-}
-
-int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
-                           const unsigned char *buf, size_t size )
-{
-    size_t len = 0;
-
-    if( *p < start || (size_t)( *p - start ) < size )
-        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-    len = size;
-    (*p) -= len;
-    memcpy( *p, buf, len );
-
-    return( (int) len );
-}
-
-#if defined(MBEDTLS_BIGNUM_C)
-int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, const mbedtls_mpi *X )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-
-    // Write the MPI
-    //
-    len = mbedtls_mpi_size( X );
-
-    if( *p < start || (size_t)( *p - start ) < len )
-        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-    (*p) -= len;
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( X, *p, len ) );
-
-    // DER format assumes 2s complement for numbers, so the leftmost bit
-    // should be 0 for positive numbers and 1 for negative numbers.
-    //
-    if( X->s ==1 && **p & 0x80 )
-    {
-        if( *p - start < 1 )
-            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-        *--(*p) = 0x00;
-        len += 1;
-    }
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) );
-
-    ret = (int) len;
-
-cleanup:
-    return( ret );
-}
-#endif /* MBEDTLS_BIGNUM_C */
-
-int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-
-    // Write NULL
-    //
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, 0) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_NULL ) );
-
-    return( (int) len );
-}
-
-int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start,
-                    const char *oid, size_t oid_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
-                                  (const unsigned char *) oid, oid_len ) );
-    MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) );
-
-    return( (int) len );
-}
-
-int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start,
-                                     const char *oid, size_t oid_len,
-                                     size_t par_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-
-    if( par_len == 0 )
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_null( p, start ) );
-    else
-        len += par_len;
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) );
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start,
-                                       MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
-
-    return( (int) len );
-}
-
-int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, int boolean )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-
-    if( *p - start < 1 )
-        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-    *--(*p) = (boolean) ? 255 : 0;
-    len++;
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BOOLEAN ) );
-
-    return( (int) len );
-}
-
-static int asn1_write_tagged_int( unsigned char **p, unsigned char *start, int val, int tag )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-
-    do
-    {
-        if( *p - start < 1 )
-            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-        len += 1;
-        *--(*p) = val & 0xff;
-        val >>= 8;
-    }
-    while( val > 0 );
-
-    if( **p & 0x80 )
-    {
-        if( *p - start < 1 )
-            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-        *--(*p) = 0x00;
-        len += 1;
-    }
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, tag ) );
-
-    return( (int) len );
-}
-
-int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val )
-{
-    return( asn1_write_tagged_int( p, start, val, MBEDTLS_ASN1_INTEGER ) );
-}
-
-int mbedtls_asn1_write_enum( unsigned char **p, unsigned char *start, int val )
-{
-    return( asn1_write_tagged_int( p, start, val, MBEDTLS_ASN1_ENUMERATED ) );
-}
-
-int mbedtls_asn1_write_tagged_string( unsigned char **p, unsigned char *start, int tag,
-    const char *text, size_t text_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
-        (const unsigned char *) text, text_len ) );
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, tag ) );
-
-    return( (int) len );
-}
-
-int mbedtls_asn1_write_utf8_string( unsigned char **p, unsigned char *start,
-    const char *text, size_t text_len )
-{
-    return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_UTF8_STRING, text, text_len) );
-}
-
-int mbedtls_asn1_write_printable_string( unsigned char **p, unsigned char *start,
-                                 const char *text, size_t text_len )
-{
-    return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_PRINTABLE_STRING, text, text_len) );
-}
-
-int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start,
-                           const char *text, size_t text_len )
-{
-    return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_IA5_STRING, text, text_len) );
-}
-
-int mbedtls_asn1_write_named_bitstring( unsigned char **p,
-                                        unsigned char *start,
-                                        const unsigned char *buf,
-                                        size_t bits )
-{
-    size_t unused_bits, byte_len;
-    const unsigned char *cur_byte;
-    unsigned char cur_byte_shifted;
-    unsigned char bit;
-
-    byte_len = ( bits + 7 ) / 8;
-    unused_bits = ( byte_len * 8 ) - bits;
-
-    /*
-     * Named bitstrings require that trailing 0s are excluded in the encoding
-     * of the bitstring. Trailing 0s are considered part of the 'unused' bits
-     * when encoding this value in the first content octet
-     */
-    if( bits != 0 )
-    {
-        cur_byte = buf + byte_len - 1;
-        cur_byte_shifted = *cur_byte >> unused_bits;
-
-        for( ; ; )
-        {
-            bit = cur_byte_shifted & 0x1;
-            cur_byte_shifted >>= 1;
-
-            if( bit != 0 )
-                break;
-
-            bits--;
-            if( bits == 0 )
-                break;
-
-            if( bits % 8 == 0 )
-                cur_byte_shifted = *--cur_byte;
-        }
-    }
-
-    return( mbedtls_asn1_write_bitstring( p, start, buf, bits ) );
-}
-
-int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start,
-                          const unsigned char *buf, size_t bits )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-    size_t unused_bits, byte_len;
-
-    byte_len = ( bits + 7 ) / 8;
-    unused_bits = ( byte_len * 8 ) - bits;
-
-    if( *p < start || (size_t)( *p - start ) < byte_len + 1 )
-        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-    len = byte_len + 1;
-
-    /* Write the bitstring. Ensure the unused bits are zeroed */
-    if( byte_len > 0 )
-    {
-        byte_len--;
-        *--( *p ) = buf[byte_len] & ~( ( 0x1 << unused_bits ) - 1 );
-        ( *p ) -= byte_len;
-        memcpy( *p, buf, byte_len );
-    }
-
-    /* Write unused bits */
-    *--( *p ) = (unsigned char)unused_bits;
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) );
-
-    return( (int) len );
-}
-
-int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start,
-                             const unsigned char *buf, size_t size )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, buf, size ) );
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) );
-
-    return( (int) len );
-}
-
-
-/* This is a copy of the ASN.1 parsing function mbedtls_asn1_find_named_data(),
- * which is replicated to avoid a dependency ASN1_WRITE_C on ASN1_PARSE_C. */
-static mbedtls_asn1_named_data *asn1_find_named_data(
-                                               mbedtls_asn1_named_data *list,
-                                               const char *oid, size_t len )
-{
-    while( list != NULL )
-    {
-        if( list->oid.len == len &&
-            memcmp( list->oid.p, oid, len ) == 0 )
-        {
-            break;
-        }
-
-        list = list->next;
-    }
-
-    return( list );
-}
-
-mbedtls_asn1_named_data *mbedtls_asn1_store_named_data(
-                                        mbedtls_asn1_named_data **head,
-                                        const char *oid, size_t oid_len,
-                                        const unsigned char *val,
-                                        size_t val_len )
-{
-    mbedtls_asn1_named_data *cur;
-
-    if( ( cur = asn1_find_named_data( *head, oid, oid_len ) ) == NULL )
-    {
-        // Add new entry if not present yet based on OID
-        //
-        cur = (mbedtls_asn1_named_data*)mbedtls_calloc( 1,
-                                            sizeof(mbedtls_asn1_named_data) );
-        if( cur == NULL )
-            return( NULL );
-
-        cur->oid.len = oid_len;
-        cur->oid.p = mbedtls_calloc( 1, oid_len );
-        if( cur->oid.p == NULL )
-        {
-            mbedtls_free( cur );
-            return( NULL );
-        }
-
-        memcpy( cur->oid.p, oid, oid_len );
-
-        cur->val.len = val_len;
-        if( val_len != 0 )
-        {
-            cur->val.p = mbedtls_calloc( 1, val_len );
-            if( cur->val.p == NULL )
-            {
-                mbedtls_free( cur->oid.p );
-                mbedtls_free( cur );
-                return( NULL );
-            }
-        }
-
-        cur->next = *head;
-        *head = cur;
-    }
-    else if( val_len == 0 )
-    {
-        mbedtls_free( cur->val.p );
-        cur->val.p = NULL;
-    }
-    else if( cur->val.len != val_len )
-    {
-        /*
-         * Enlarge existing value buffer if needed
-         * Preserve old data until the allocation succeeded, to leave list in
-         * a consistent state in case allocation fails.
-         */
-        void *p = mbedtls_calloc( 1, val_len );
-        if( p == NULL )
-            return( NULL );
-
-        mbedtls_free( cur->val.p );
-        cur->val.p = p;
-        cur->val.len = val_len;
-    }
-
-    if( val != NULL )
-        memcpy( cur->val.p, val, val_len );
-
-    return( cur );
-}
-#endif /* MBEDTLS_ASN1_WRITE_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/base64.c b/3rdparty/mbedtls-2.25.0/library/base64.c
deleted file mode 100644
index d39474a..0000000
--- a/3rdparty/mbedtls-2.25.0/library/base64.c
+++ /dev/null
@@ -1,287 +0,0 @@
-/*
- *  RFC 1521 base64 encoding/decoding
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_BASE64_C)
-
-#include "mbedtls/base64.h"
-
-#include <stdint.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#include <string.h>
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-static const unsigned char base64_enc_map[64] =
-{
-    'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',
-    'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T',
-    'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd',
-    'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n',
-    'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x',
-    'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7',
-    '8', '9', '+', '/'
-};
-
-static const unsigned char base64_dec_map[128] =
-{
-    127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
-    127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
-    127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
-    127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
-    127, 127, 127,  62, 127, 127, 127,  63,  52,  53,
-     54,  55,  56,  57,  58,  59,  60,  61, 127, 127,
-    127,  64, 127, 127, 127,   0,   1,   2,   3,   4,
-      5,   6,   7,   8,   9,  10,  11,  12,  13,  14,
-     15,  16,  17,  18,  19,  20,  21,  22,  23,  24,
-     25, 127, 127, 127, 127, 127, 127,  26,  27,  28,
-     29,  30,  31,  32,  33,  34,  35,  36,  37,  38,
-     39,  40,  41,  42,  43,  44,  45,  46,  47,  48,
-     49,  50,  51, 127, 127, 127, 127, 127
-};
-
-#define BASE64_SIZE_T_MAX   ( (size_t) -1 ) /* SIZE_T_MAX is not standard */
-
-/*
- * Encode a buffer into base64 format
- */
-int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
-                   const unsigned char *src, size_t slen )
-{
-    size_t i, n;
-    int C1, C2, C3;
-    unsigned char *p;
-
-    if( slen == 0 )
-    {
-        *olen = 0;
-        return( 0 );
-    }
-
-    n = slen / 3 + ( slen % 3 != 0 );
-
-    if( n > ( BASE64_SIZE_T_MAX - 1 ) / 4 )
-    {
-        *olen = BASE64_SIZE_T_MAX;
-        return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
-    }
-
-    n *= 4;
-
-    if( ( dlen < n + 1 ) || ( NULL == dst ) )
-    {
-        *olen = n + 1;
-        return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
-    }
-
-    n = ( slen / 3 ) * 3;
-
-    for( i = 0, p = dst; i < n; i += 3 )
-    {
-        C1 = *src++;
-        C2 = *src++;
-        C3 = *src++;
-
-        *p++ = base64_enc_map[(C1 >> 2) & 0x3F];
-        *p++ = base64_enc_map[(((C1 &  3) << 4) + (C2 >> 4)) & 0x3F];
-        *p++ = base64_enc_map[(((C2 & 15) << 2) + (C3 >> 6)) & 0x3F];
-        *p++ = base64_enc_map[C3 & 0x3F];
-    }
-
-    if( i < slen )
-    {
-        C1 = *src++;
-        C2 = ( ( i + 1 ) < slen ) ? *src++ : 0;
-
-        *p++ = base64_enc_map[(C1 >> 2) & 0x3F];
-        *p++ = base64_enc_map[(((C1 & 3) << 4) + (C2 >> 4)) & 0x3F];
-
-        if( ( i + 1 ) < slen )
-             *p++ = base64_enc_map[((C2 & 15) << 2) & 0x3F];
-        else *p++ = '=';
-
-        *p++ = '=';
-    }
-
-    *olen = p - dst;
-    *p = 0;
-
-    return( 0 );
-}
-
-/*
- * Decode a base64-formatted buffer
- */
-int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
-                   const unsigned char *src, size_t slen )
-{
-    size_t i, n;
-    uint32_t j, x;
-    unsigned char *p;
-
-    /* First pass: check for validity and get output length */
-    for( i = n = j = 0; i < slen; i++ )
-    {
-        /* Skip spaces before checking for EOL */
-        x = 0;
-        while( i < slen && src[i] == ' ' )
-        {
-            ++i;
-            ++x;
-        }
-
-        /* Spaces at end of buffer are OK */
-        if( i == slen )
-            break;
-
-        if( ( slen - i ) >= 2 &&
-            src[i] == '\r' && src[i + 1] == '\n' )
-            continue;
-
-        if( src[i] == '\n' )
-            continue;
-
-        /* Space inside a line is an error */
-        if( x != 0 )
-            return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
-
-        if( src[i] == '=' && ++j > 2 )
-            return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
-
-        if( src[i] > 127 || base64_dec_map[src[i]] == 127 )
-            return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
-
-        if( base64_dec_map[src[i]] < 64 && j != 0 )
-            return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
-
-        n++;
-    }
-
-    if( n == 0 )
-    {
-        *olen = 0;
-        return( 0 );
-    }
-
-    /* The following expression is to calculate the following formula without
-     * risk of integer overflow in n:
-     *     n = ( ( n * 6 ) + 7 ) >> 3;
-     */
-    n = ( 6 * ( n >> 3 ) ) + ( ( 6 * ( n & 0x7 ) + 7 ) >> 3 );
-    n -= j;
-
-    if( dst == NULL || dlen < n )
-    {
-        *olen = n;
-        return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
-    }
-
-   for( j = 3, n = x = 0, p = dst; i > 0; i--, src++ )
-   {
-        if( *src == '\r' || *src == '\n' || *src == ' ' )
-            continue;
-
-        j -= ( base64_dec_map[*src] == 64 );
-        x  = ( x << 6 ) | ( base64_dec_map[*src] & 0x3F );
-
-        if( ++n == 4 )
-        {
-            n = 0;
-            if( j > 0 ) *p++ = (unsigned char)( x >> 16 );
-            if( j > 1 ) *p++ = (unsigned char)( x >>  8 );
-            if( j > 2 ) *p++ = (unsigned char)( x       );
-        }
-    }
-
-    *olen = p - dst;
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_SELF_TEST)
-
-static const unsigned char base64_test_dec[64] =
-{
-    0x24, 0x48, 0x6E, 0x56, 0x87, 0x62, 0x5A, 0xBD,
-    0xBF, 0x17, 0xD9, 0xA2, 0xC4, 0x17, 0x1A, 0x01,
-    0x94, 0xED, 0x8F, 0x1E, 0x11, 0xB3, 0xD7, 0x09,
-    0x0C, 0xB6, 0xE9, 0x10, 0x6F, 0x22, 0xEE, 0x13,
-    0xCA, 0xB3, 0x07, 0x05, 0x76, 0xC9, 0xFA, 0x31,
-    0x6C, 0x08, 0x34, 0xFF, 0x8D, 0xC2, 0x6C, 0x38,
-    0x00, 0x43, 0xE9, 0x54, 0x97, 0xAF, 0x50, 0x4B,
-    0xD1, 0x41, 0xBA, 0x95, 0x31, 0x5A, 0x0B, 0x97
-};
-
-static const unsigned char base64_test_enc[] =
-    "JEhuVodiWr2/F9mixBcaAZTtjx4Rs9cJDLbpEG8i7hPK"
-    "swcFdsn6MWwINP+Nwmw4AEPpVJevUEvRQbqVMVoLlw==";
-
-/*
- * Checkup routine
- */
-int mbedtls_base64_self_test( int verbose )
-{
-    size_t len;
-    const unsigned char *src;
-    unsigned char buffer[128];
-
-    if( verbose != 0 )
-        mbedtls_printf( "  Base64 encoding test: " );
-
-    src = base64_test_dec;
-
-    if( mbedtls_base64_encode( buffer, sizeof( buffer ), &len, src, 64 ) != 0 ||
-         memcmp( base64_test_enc, buffer, 88 ) != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
-
-        return( 1 );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n  Base64 decoding test: " );
-
-    src = base64_test_enc;
-
-    if( mbedtls_base64_decode( buffer, sizeof( buffer ), &len, src, 88 ) != 0 ||
-         memcmp( base64_test_dec, buffer, 64 ) != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
-
-        return( 1 );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n\n" );
-
-    return( 0 );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_BASE64_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/bignum.c b/3rdparty/mbedtls-2.25.0/library/bignum.c
deleted file mode 100644
index 9cc5d66..0000000
--- a/3rdparty/mbedtls-2.25.0/library/bignum.c
+++ /dev/null
@@ -1,3017 +0,0 @@
-/*
- *  Multi-precision integer library
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- *  The following sources were referenced in the design of this Multi-precision
- *  Integer library:
- *
- *  [1] Handbook of Applied Cryptography - 1997
- *      Menezes, van Oorschot and Vanstone
- *
- *  [2] Multi-Precision Math
- *      Tom St Denis
- *      https://github.com/libtom/libtommath/blob/develop/tommath.pdf
- *
- *  [3] GNU Multi-Precision Arithmetic Library
- *      https://gmplib.org/manual/index.html
- *
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_BIGNUM_C)
-
-#include "mbedtls/bignum.h"
-#include "mbedtls/bn_mul.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf     printf
-#define mbedtls_calloc    calloc
-#define mbedtls_free       free
-#endif
-
-#define MPI_VALIDATE_RET( cond )                                       \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_MPI_BAD_INPUT_DATA )
-#define MPI_VALIDATE( cond )                                           \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-#define ciL    (sizeof(mbedtls_mpi_uint))         /* chars in limb  */
-#define biL    (ciL << 3)               /* bits  in limb  */
-#define biH    (ciL << 2)               /* half limb size */
-
-#define MPI_SIZE_T_MAX  ( (size_t) -1 ) /* SIZE_T_MAX is not standard */
-
-/*
- * Convert between bits/chars and number of limbs
- * Divide first in order to avoid potential overflows
- */
-#define BITS_TO_LIMBS(i)  ( (i) / biL + ( (i) % biL != 0 ) )
-#define CHARS_TO_LIMBS(i) ( (i) / ciL + ( (i) % ciL != 0 ) )
-
-/* Implementation that should never be optimized out by the compiler */
-static void mbedtls_mpi_zeroize( mbedtls_mpi_uint *v, size_t n )
-{
-    mbedtls_platform_zeroize( v, ciL * n );
-}
-
-/*
- * Initialize one MPI
- */
-void mbedtls_mpi_init( mbedtls_mpi *X )
-{
-    MPI_VALIDATE( X != NULL );
-
-    X->s = 1;
-    X->n = 0;
-    X->p = NULL;
-}
-
-/*
- * Unallocate one MPI
- */
-void mbedtls_mpi_free( mbedtls_mpi *X )
-{
-    if( X == NULL )
-        return;
-
-    if( X->p != NULL )
-    {
-        mbedtls_mpi_zeroize( X->p, X->n );
-        mbedtls_free( X->p );
-    }
-
-    X->s = 1;
-    X->n = 0;
-    X->p = NULL;
-}
-
-/*
- * Enlarge to the specified number of limbs
- */
-int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs )
-{
-    mbedtls_mpi_uint *p;
-    MPI_VALIDATE_RET( X != NULL );
-
-    if( nblimbs > MBEDTLS_MPI_MAX_LIMBS )
-        return( MBEDTLS_ERR_MPI_ALLOC_FAILED );
-
-    if( X->n < nblimbs )
-    {
-        if( ( p = (mbedtls_mpi_uint*)mbedtls_calloc( nblimbs, ciL ) ) == NULL )
-            return( MBEDTLS_ERR_MPI_ALLOC_FAILED );
-
-        if( X->p != NULL )
-        {
-            memcpy( p, X->p, X->n * ciL );
-            mbedtls_mpi_zeroize( X->p, X->n );
-            mbedtls_free( X->p );
-        }
-
-        X->n = nblimbs;
-        X->p = p;
-    }
-
-    return( 0 );
-}
-
-/*
- * Resize down as much as possible,
- * while keeping at least the specified number of limbs
- */
-int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs )
-{
-    mbedtls_mpi_uint *p;
-    size_t i;
-    MPI_VALIDATE_RET( X != NULL );
-
-    if( nblimbs > MBEDTLS_MPI_MAX_LIMBS )
-        return( MBEDTLS_ERR_MPI_ALLOC_FAILED );
-
-    /* Actually resize up if there are currently fewer than nblimbs limbs. */
-    if( X->n <= nblimbs )
-        return( mbedtls_mpi_grow( X, nblimbs ) );
-    /* After this point, then X->n > nblimbs and in particular X->n > 0. */
-
-    for( i = X->n - 1; i > 0; i-- )
-        if( X->p[i] != 0 )
-            break;
-    i++;
-
-    if( i < nblimbs )
-        i = nblimbs;
-
-    if( ( p = (mbedtls_mpi_uint*)mbedtls_calloc( i, ciL ) ) == NULL )
-        return( MBEDTLS_ERR_MPI_ALLOC_FAILED );
-
-    if( X->p != NULL )
-    {
-        memcpy( p, X->p, i * ciL );
-        mbedtls_mpi_zeroize( X->p, X->n );
-        mbedtls_free( X->p );
-    }
-
-    X->n = i;
-    X->p = p;
-
-    return( 0 );
-}
-
-/*
- * Copy the contents of Y into X
- */
-int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y )
-{
-    int ret = 0;
-    size_t i;
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( Y != NULL );
-
-    if( X == Y )
-        return( 0 );
-
-    if( Y->n == 0 )
-    {
-        mbedtls_mpi_free( X );
-        return( 0 );
-    }
-
-    for( i = Y->n - 1; i > 0; i-- )
-        if( Y->p[i] != 0 )
-            break;
-    i++;
-
-    X->s = Y->s;
-
-    if( X->n < i )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i ) );
-    }
-    else
-    {
-        memset( X->p + i, 0, ( X->n - i ) * ciL );
-    }
-
-    memcpy( X->p, Y->p, i * ciL );
-
-cleanup:
-
-    return( ret );
-}
-
-/*
- * Swap the contents of X and Y
- */
-void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y )
-{
-    mbedtls_mpi T;
-    MPI_VALIDATE( X != NULL );
-    MPI_VALIDATE( Y != NULL );
-
-    memcpy( &T,  X, sizeof( mbedtls_mpi ) );
-    memcpy(  X,  Y, sizeof( mbedtls_mpi ) );
-    memcpy(  Y, &T, sizeof( mbedtls_mpi ) );
-}
-
-/*
- * Conditionally assign dest = src, without leaking information
- * about whether the assignment was made or not.
- * dest and src must be arrays of limbs of size n.
- * assign must be 0 or 1.
- */
-static void mpi_safe_cond_assign( size_t n,
-                                  mbedtls_mpi_uint *dest,
-                                  const mbedtls_mpi_uint *src,
-                                  unsigned char assign )
-{
-    size_t i;
-    for( i = 0; i < n; i++ )
-        dest[i] = dest[i] * ( 1 - assign ) + src[i] * assign;
-}
-
-/*
- * Conditionally assign X = Y, without leaking information
- * about whether the assignment was made or not.
- * (Leaking information about the respective sizes of X and Y is ok however.)
- */
-int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign )
-{
-    int ret = 0;
-    size_t i;
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( Y != NULL );
-
-    /* make sure assign is 0 or 1 in a time-constant manner */
-    assign = (assign | (unsigned char)-assign) >> 7;
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, Y->n ) );
-
-    X->s = X->s * ( 1 - assign ) + Y->s * assign;
-
-    mpi_safe_cond_assign( Y->n, X->p, Y->p, assign );
-
-    for( i = Y->n; i < X->n; i++ )
-        X->p[i] *= ( 1 - assign );
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Conditionally swap X and Y, without leaking information
- * about whether the swap was made or not.
- * Here it is not ok to simply swap the pointers, which whould lead to
- * different memory access patterns when X and Y are used afterwards.
- */
-int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char swap )
-{
-    int ret, s;
-    size_t i;
-    mbedtls_mpi_uint tmp;
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( Y != NULL );
-
-    if( X == Y )
-        return( 0 );
-
-    /* make sure swap is 0 or 1 in a time-constant manner */
-    swap = (swap | (unsigned char)-swap) >> 7;
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, Y->n ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( Y, X->n ) );
-
-    s = X->s;
-    X->s = X->s * ( 1 - swap ) + Y->s * swap;
-    Y->s = Y->s * ( 1 - swap ) +    s * swap;
-
-
-    for( i = 0; i < X->n; i++ )
-    {
-        tmp = X->p[i];
-        X->p[i] = X->p[i] * ( 1 - swap ) + Y->p[i] * swap;
-        Y->p[i] = Y->p[i] * ( 1 - swap ) +     tmp * swap;
-    }
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Set value from integer
- */
-int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    MPI_VALIDATE_RET( X != NULL );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, 1 ) );
-    memset( X->p, 0, X->n * ciL );
-
-    X->p[0] = ( z < 0 ) ? -z : z;
-    X->s    = ( z < 0 ) ? -1 : 1;
-
-cleanup:
-
-    return( ret );
-}
-
-/*
- * Get a specific bit
- */
-int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos )
-{
-    MPI_VALIDATE_RET( X != NULL );
-
-    if( X->n * biL <= pos )
-        return( 0 );
-
-    return( ( X->p[pos / biL] >> ( pos % biL ) ) & 0x01 );
-}
-
-/* Get a specific byte, without range checks. */
-#define GET_BYTE( X, i )                                \
-    ( ( ( X )->p[( i ) / ciL] >> ( ( ( i ) % ciL ) * 8 ) ) & 0xff )
-
-/*
- * Set a bit to a specific value of 0 or 1
- */
-int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val )
-{
-    int ret = 0;
-    size_t off = pos / biL;
-    size_t idx = pos % biL;
-    MPI_VALIDATE_RET( X != NULL );
-
-    if( val != 0 && val != 1 )
-        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
-
-    if( X->n * biL <= pos )
-    {
-        if( val == 0 )
-            return( 0 );
-
-        MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, off + 1 ) );
-    }
-
-    X->p[off] &= ~( (mbedtls_mpi_uint) 0x01 << idx );
-    X->p[off] |= (mbedtls_mpi_uint) val << idx;
-
-cleanup:
-
-    return( ret );
-}
-
-/*
- * Return the number of less significant zero-bits
- */
-size_t mbedtls_mpi_lsb( const mbedtls_mpi *X )
-{
-    size_t i, j, count = 0;
-    MBEDTLS_INTERNAL_VALIDATE_RET( X != NULL, 0 );
-
-    for( i = 0; i < X->n; i++ )
-        for( j = 0; j < biL; j++, count++ )
-            if( ( ( X->p[i] >> j ) & 1 ) != 0 )
-                return( count );
-
-    return( 0 );
-}
-
-/*
- * Count leading zero bits in a given integer
- */
-static size_t mbedtls_clz( const mbedtls_mpi_uint x )
-{
-    size_t j;
-    mbedtls_mpi_uint mask = (mbedtls_mpi_uint) 1 << (biL - 1);
-
-    for( j = 0; j < biL; j++ )
-    {
-        if( x & mask ) break;
-
-        mask >>= 1;
-    }
-
-    return j;
-}
-
-/*
- * Return the number of bits
- */
-size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X )
-{
-    size_t i, j;
-
-    if( X->n == 0 )
-        return( 0 );
-
-    for( i = X->n - 1; i > 0; i-- )
-        if( X->p[i] != 0 )
-            break;
-
-    j = biL - mbedtls_clz( X->p[i] );
-
-    return( ( i * biL ) + j );
-}
-
-/*
- * Return the total size in bytes
- */
-size_t mbedtls_mpi_size( const mbedtls_mpi *X )
-{
-    return( ( mbedtls_mpi_bitlen( X ) + 7 ) >> 3 );
-}
-
-/*
- * Convert an ASCII character to digit value
- */
-static int mpi_get_digit( mbedtls_mpi_uint *d, int radix, char c )
-{
-    *d = 255;
-
-    if( c >= 0x30 && c <= 0x39 ) *d = c - 0x30;
-    if( c >= 0x41 && c <= 0x46 ) *d = c - 0x37;
-    if( c >= 0x61 && c <= 0x66 ) *d = c - 0x57;
-
-    if( *d >= (mbedtls_mpi_uint) radix )
-        return( MBEDTLS_ERR_MPI_INVALID_CHARACTER );
-
-    return( 0 );
-}
-
-/*
- * Import from an ASCII string
- */
-int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t i, j, slen, n;
-    mbedtls_mpi_uint d;
-    mbedtls_mpi T;
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( s != NULL );
-
-    if( radix < 2 || radix > 16 )
-        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
-
-    mbedtls_mpi_init( &T );
-
-    slen = strlen( s );
-
-    if( radix == 16 )
-    {
-        if( slen > MPI_SIZE_T_MAX >> 2 )
-            return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
-
-        n = BITS_TO_LIMBS( slen << 2 );
-
-        MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, n ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
-
-        for( i = slen, j = 0; i > 0; i--, j++ )
-        {
-            if( i == 1 && s[i - 1] == '-' )
-            {
-                X->s = -1;
-                break;
-            }
-
-            MBEDTLS_MPI_CHK( mpi_get_digit( &d, radix, s[i - 1] ) );
-            X->p[j / ( 2 * ciL )] |= d << ( ( j % ( 2 * ciL ) ) << 2 );
-        }
-    }
-    else
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
-
-        for( i = 0; i < slen; i++ )
-        {
-            if( i == 0 && s[i] == '-' )
-            {
-                X->s = -1;
-                continue;
-            }
-
-            MBEDTLS_MPI_CHK( mpi_get_digit( &d, radix, s[i] ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T, X, radix ) );
-
-            if( X->s == 1 )
-            {
-                MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, &T, d ) );
-            }
-            else
-            {
-                MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( X, &T, d ) );
-            }
-        }
-    }
-
-cleanup:
-
-    mbedtls_mpi_free( &T );
-
-    return( ret );
-}
-
-/*
- * Helper to write the digits high-order first.
- */
-static int mpi_write_hlp( mbedtls_mpi *X, int radix,
-                          char **p, const size_t buflen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_mpi_uint r;
-    size_t length = 0;
-    char *p_end = *p + buflen;
-
-    do
-    {
-        if( length >= buflen )
-        {
-            return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL );
-        }
-
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, radix ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_div_int( X, NULL, X, radix ) );
-        /*
-         * Write the residue in the current position, as an ASCII character.
-         */
-        if( r < 0xA )
-            *(--p_end) = (char)( '0' + r );
-        else
-            *(--p_end) = (char)( 'A' + ( r - 0xA ) );
-
-        length++;
-    } while( mbedtls_mpi_cmp_int( X, 0 ) != 0 );
-
-    memmove( *p, p_end, length );
-    *p += length;
-
-cleanup:
-
-    return( ret );
-}
-
-/*
- * Export into an ASCII string
- */
-int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix,
-                              char *buf, size_t buflen, size_t *olen )
-{
-    int ret = 0;
-    size_t n;
-    char *p;
-    mbedtls_mpi T;
-    MPI_VALIDATE_RET( X    != NULL );
-    MPI_VALIDATE_RET( olen != NULL );
-    MPI_VALIDATE_RET( buflen == 0 || buf != NULL );
-
-    if( radix < 2 || radix > 16 )
-        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
-
-    n = mbedtls_mpi_bitlen( X ); /* Number of bits necessary to present `n`. */
-    if( radix >=  4 ) n >>= 1;   /* Number of 4-adic digits necessary to present
-                                  * `n`. If radix > 4, this might be a strict
-                                  * overapproximation of the number of
-                                  * radix-adic digits needed to present `n`. */
-    if( radix >= 16 ) n >>= 1;   /* Number of hexadecimal digits necessary to
-                                  * present `n`. */
-
-    n += 1; /* Terminating null byte */
-    n += 1; /* Compensate for the divisions above, which round down `n`
-             * in case it's not even. */
-    n += 1; /* Potential '-'-sign. */
-    n += ( n & 1 ); /* Make n even to have enough space for hexadecimal writing,
-                     * which always uses an even number of hex-digits. */
-
-    if( buflen < n )
-    {
-        *olen = n;
-        return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL );
-    }
-
-    p = buf;
-    mbedtls_mpi_init( &T );
-
-    if( X->s == -1 )
-    {
-        *p++ = '-';
-        buflen--;
-    }
-
-    if( radix == 16 )
-    {
-        int c;
-        size_t i, j, k;
-
-        for( i = X->n, k = 0; i > 0; i-- )
-        {
-            for( j = ciL; j > 0; j-- )
-            {
-                c = ( X->p[i - 1] >> ( ( j - 1 ) << 3) ) & 0xFF;
-
-                if( c == 0 && k == 0 && ( i + j ) != 2 )
-                    continue;
-
-                *(p++) = "0123456789ABCDEF" [c / 16];
-                *(p++) = "0123456789ABCDEF" [c % 16];
-                k = 1;
-            }
-        }
-    }
-    else
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &T, X ) );
-
-        if( T.s == -1 )
-            T.s = 1;
-
-        MBEDTLS_MPI_CHK( mpi_write_hlp( &T, radix, &p, buflen ) );
-    }
-
-    *p++ = '\0';
-    *olen = p - buf;
-
-cleanup:
-
-    mbedtls_mpi_free( &T );
-
-    return( ret );
-}
-
-#if defined(MBEDTLS_FS_IO)
-/*
- * Read X from an opened file
- */
-int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin )
-{
-    mbedtls_mpi_uint d;
-    size_t slen;
-    char *p;
-    /*
-     * Buffer should have space for (short) label and decimal formatted MPI,
-     * newline characters and '\0'
-     */
-    char s[ MBEDTLS_MPI_RW_BUFFER_SIZE ];
-
-    MPI_VALIDATE_RET( X   != NULL );
-    MPI_VALIDATE_RET( fin != NULL );
-
-    if( radix < 2 || radix > 16 )
-        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
-
-    memset( s, 0, sizeof( s ) );
-    if( fgets( s, sizeof( s ) - 1, fin ) == NULL )
-        return( MBEDTLS_ERR_MPI_FILE_IO_ERROR );
-
-    slen = strlen( s );
-    if( slen == sizeof( s ) - 2 )
-        return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL );
-
-    if( slen > 0 && s[slen - 1] == '\n' ) { slen--; s[slen] = '\0'; }
-    if( slen > 0 && s[slen - 1] == '\r' ) { slen--; s[slen] = '\0'; }
-
-    p = s + slen;
-    while( p-- > s )
-        if( mpi_get_digit( &d, radix, *p ) != 0 )
-            break;
-
-    return( mbedtls_mpi_read_string( X, radix, p + 1 ) );
-}
-
-/*
- * Write X into an opened file (or stdout if fout == NULL)
- */
-int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, int radix, FILE *fout )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t n, slen, plen;
-    /*
-     * Buffer should have space for (short) label and decimal formatted MPI,
-     * newline characters and '\0'
-     */
-    char s[ MBEDTLS_MPI_RW_BUFFER_SIZE ];
-    MPI_VALIDATE_RET( X != NULL );
-
-    if( radix < 2 || radix > 16 )
-        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
-
-    memset( s, 0, sizeof( s ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_string( X, radix, s, sizeof( s ) - 2, &n ) );
-
-    if( p == NULL ) p = "";
-
-    plen = strlen( p );
-    slen = strlen( s );
-    s[slen++] = '\r';
-    s[slen++] = '\n';
-
-    if( fout != NULL )
-    {
-        if( fwrite( p, 1, plen, fout ) != plen ||
-            fwrite( s, 1, slen, fout ) != slen )
-            return( MBEDTLS_ERR_MPI_FILE_IO_ERROR );
-    }
-    else
-        mbedtls_printf( "%s%s", p, s );
-
-cleanup:
-
-    return( ret );
-}
-#endif /* MBEDTLS_FS_IO */
-
-
-/* Convert a big-endian byte array aligned to the size of mbedtls_mpi_uint
- * into the storage form used by mbedtls_mpi. */
-
-static mbedtls_mpi_uint mpi_uint_bigendian_to_host_c( mbedtls_mpi_uint x )
-{
-    uint8_t i;
-    unsigned char *x_ptr;
-    mbedtls_mpi_uint tmp = 0;
-
-    for( i = 0, x_ptr = (unsigned char*) &x; i < ciL; i++, x_ptr++ )
-    {
-        tmp <<= CHAR_BIT;
-        tmp |= (mbedtls_mpi_uint) *x_ptr;
-    }
-
-    return( tmp );
-}
-
-static mbedtls_mpi_uint mpi_uint_bigendian_to_host( mbedtls_mpi_uint x )
-{
-#if defined(__BYTE_ORDER__)
-
-/* Nothing to do on bigendian systems. */
-#if ( __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ )
-    return( x );
-#endif /* __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ */
-
-#if ( __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ )
-
-/* For GCC and Clang, have builtins for byte swapping. */
-#if defined(__GNUC__) && defined(__GNUC_PREREQ)
-#if __GNUC_PREREQ(4,3)
-#define have_bswap
-#endif
-#endif
-
-#if defined(__clang__) && defined(__has_builtin)
-#if __has_builtin(__builtin_bswap32)  &&                 \
-    __has_builtin(__builtin_bswap64)
-#define have_bswap
-#endif
-#endif
-
-#if defined(have_bswap)
-    /* The compiler is hopefully able to statically evaluate this! */
-    switch( sizeof(mbedtls_mpi_uint) )
-    {
-        case 4:
-            return( __builtin_bswap32(x) );
-        case 8:
-            return( __builtin_bswap64(x) );
-    }
-#endif
-#endif /* __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ */
-#endif /* __BYTE_ORDER__ */
-
-    /* Fall back to C-based reordering if we don't know the byte order
-     * or we couldn't use a compiler-specific builtin. */
-    return( mpi_uint_bigendian_to_host_c( x ) );
-}
-
-static void mpi_bigendian_to_host( mbedtls_mpi_uint * const p, size_t limbs )
-{
-    mbedtls_mpi_uint *cur_limb_left;
-    mbedtls_mpi_uint *cur_limb_right;
-    if( limbs == 0 )
-        return;
-
-    /*
-     * Traverse limbs and
-     * - adapt byte-order in each limb
-     * - swap the limbs themselves.
-     * For that, simultaneously traverse the limbs from left to right
-     * and from right to left, as long as the left index is not bigger
-     * than the right index (it's not a problem if limbs is odd and the
-     * indices coincide in the last iteration).
-     */
-    for( cur_limb_left = p, cur_limb_right = p + ( limbs - 1 );
-         cur_limb_left <= cur_limb_right;
-         cur_limb_left++, cur_limb_right-- )
-    {
-        mbedtls_mpi_uint tmp;
-        /* Note that if cur_limb_left == cur_limb_right,
-         * this code effectively swaps the bytes only once. */
-        tmp             = mpi_uint_bigendian_to_host( *cur_limb_left  );
-        *cur_limb_left  = mpi_uint_bigendian_to_host( *cur_limb_right );
-        *cur_limb_right = tmp;
-    }
-}
-
-/*
- * Import X from unsigned binary data, little endian
- */
-int mbedtls_mpi_read_binary_le( mbedtls_mpi *X,
-                                const unsigned char *buf, size_t buflen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t i;
-    size_t const limbs = CHARS_TO_LIMBS( buflen );
-
-    /* Ensure that target MPI has exactly the necessary number of limbs */
-    if( X->n != limbs )
-    {
-        mbedtls_mpi_free( X );
-        mbedtls_mpi_init( X );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, limbs ) );
-    }
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
-
-    for( i = 0; i < buflen; i++ )
-        X->p[i / ciL] |= ((mbedtls_mpi_uint) buf[i]) << ((i % ciL) << 3);
-
-cleanup:
-
-    /*
-     * This function is also used to import keys. However, wiping the buffers
-     * upon failure is not necessary because failure only can happen before any
-     * input is copied.
-     */
-    return( ret );
-}
-
-/*
- * Import X from unsigned binary data, big endian
- */
-int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t buflen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t const limbs    = CHARS_TO_LIMBS( buflen );
-    size_t const overhead = ( limbs * ciL ) - buflen;
-    unsigned char *Xp;
-
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( buflen == 0 || buf != NULL );
-
-    /* Ensure that target MPI has exactly the necessary number of limbs */
-    if( X->n != limbs )
-    {
-        mbedtls_mpi_free( X );
-        mbedtls_mpi_init( X );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, limbs ) );
-    }
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
-
-    /* Avoid calling `memcpy` with NULL source argument,
-     * even if buflen is 0. */
-    if( buf != NULL )
-    {
-        Xp = (unsigned char*) X->p;
-        memcpy( Xp + overhead, buf, buflen );
-
-        mpi_bigendian_to_host( X->p, limbs );
-    }
-
-cleanup:
-
-    /*
-     * This function is also used to import keys. However, wiping the buffers
-     * upon failure is not necessary because failure only can happen before any
-     * input is copied.
-     */
-    return( ret );
-}
-
-/*
- * Export X into unsigned binary data, little endian
- */
-int mbedtls_mpi_write_binary_le( const mbedtls_mpi *X,
-                                 unsigned char *buf, size_t buflen )
-{
-    size_t stored_bytes = X->n * ciL;
-    size_t bytes_to_copy;
-    size_t i;
-
-    if( stored_bytes < buflen )
-    {
-        bytes_to_copy = stored_bytes;
-    }
-    else
-    {
-        bytes_to_copy = buflen;
-
-        /* The output buffer is smaller than the allocated size of X.
-         * However X may fit if its leading bytes are zero. */
-        for( i = bytes_to_copy; i < stored_bytes; i++ )
-        {
-            if( GET_BYTE( X, i ) != 0 )
-                return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL );
-        }
-    }
-
-    for( i = 0; i < bytes_to_copy; i++ )
-        buf[i] = GET_BYTE( X, i );
-
-    if( stored_bytes < buflen )
-    {
-        /* Write trailing 0 bytes */
-        memset( buf + stored_bytes, 0, buflen - stored_bytes );
-    }
-
-    return( 0 );
-}
-
-/*
- * Export X into unsigned binary data, big endian
- */
-int mbedtls_mpi_write_binary( const mbedtls_mpi *X,
-                              unsigned char *buf, size_t buflen )
-{
-    size_t stored_bytes;
-    size_t bytes_to_copy;
-    unsigned char *p;
-    size_t i;
-
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( buflen == 0 || buf != NULL );
-
-    stored_bytes = X->n * ciL;
-
-    if( stored_bytes < buflen )
-    {
-        /* There is enough space in the output buffer. Write initial
-         * null bytes and record the position at which to start
-         * writing the significant bytes. In this case, the execution
-         * trace of this function does not depend on the value of the
-         * number. */
-        bytes_to_copy = stored_bytes;
-        p = buf + buflen - stored_bytes;
-        memset( buf, 0, buflen - stored_bytes );
-    }
-    else
-    {
-        /* The output buffer is smaller than the allocated size of X.
-         * However X may fit if its leading bytes are zero. */
-        bytes_to_copy = buflen;
-        p = buf;
-        for( i = bytes_to_copy; i < stored_bytes; i++ )
-        {
-            if( GET_BYTE( X, i ) != 0 )
-                return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL );
-        }
-    }
-
-    for( i = 0; i < bytes_to_copy; i++ )
-        p[bytes_to_copy - i - 1] = GET_BYTE( X, i );
-
-    return( 0 );
-}
-
-/*
- * Left-shift: X <<= count
- */
-int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t i, v0, t1;
-    mbedtls_mpi_uint r0 = 0, r1;
-    MPI_VALIDATE_RET( X != NULL );
-
-    v0 = count / (biL    );
-    t1 = count & (biL - 1);
-
-    i = mbedtls_mpi_bitlen( X ) + count;
-
-    if( X->n * biL < i )
-        MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, BITS_TO_LIMBS( i ) ) );
-
-    ret = 0;
-
-    /*
-     * shift by count / limb_size
-     */
-    if( v0 > 0 )
-    {
-        for( i = X->n; i > v0; i-- )
-            X->p[i - 1] = X->p[i - v0 - 1];
-
-        for( ; i > 0; i-- )
-            X->p[i - 1] = 0;
-    }
-
-    /*
-     * shift by count % limb_size
-     */
-    if( t1 > 0 )
-    {
-        for( i = v0; i < X->n; i++ )
-        {
-            r1 = X->p[i] >> (biL - t1);
-            X->p[i] <<= t1;
-            X->p[i] |= r0;
-            r0 = r1;
-        }
-    }
-
-cleanup:
-
-    return( ret );
-}
-
-/*
- * Right-shift: X >>= count
- */
-int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count )
-{
-    size_t i, v0, v1;
-    mbedtls_mpi_uint r0 = 0, r1;
-    MPI_VALIDATE_RET( X != NULL );
-
-    v0 = count /  biL;
-    v1 = count & (biL - 1);
-
-    if( v0 > X->n || ( v0 == X->n && v1 > 0 ) )
-        return mbedtls_mpi_lset( X, 0 );
-
-    /*
-     * shift by count / limb_size
-     */
-    if( v0 > 0 )
-    {
-        for( i = 0; i < X->n - v0; i++ )
-            X->p[i] = X->p[i + v0];
-
-        for( ; i < X->n; i++ )
-            X->p[i] = 0;
-    }
-
-    /*
-     * shift by count % limb_size
-     */
-    if( v1 > 0 )
-    {
-        for( i = X->n; i > 0; i-- )
-        {
-            r1 = X->p[i - 1] << (biL - v1);
-            X->p[i - 1] >>= v1;
-            X->p[i - 1] |= r0;
-            r0 = r1;
-        }
-    }
-
-    return( 0 );
-}
-
-/*
- * Compare unsigned values
- */
-int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y )
-{
-    size_t i, j;
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( Y != NULL );
-
-    for( i = X->n; i > 0; i-- )
-        if( X->p[i - 1] != 0 )
-            break;
-
-    for( j = Y->n; j > 0; j-- )
-        if( Y->p[j - 1] != 0 )
-            break;
-
-    if( i == 0 && j == 0 )
-        return( 0 );
-
-    if( i > j ) return(  1 );
-    if( j > i ) return( -1 );
-
-    for( ; i > 0; i-- )
-    {
-        if( X->p[i - 1] > Y->p[i - 1] ) return(  1 );
-        if( X->p[i - 1] < Y->p[i - 1] ) return( -1 );
-    }
-
-    return( 0 );
-}
-
-/*
- * Compare signed values
- */
-int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y )
-{
-    size_t i, j;
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( Y != NULL );
-
-    for( i = X->n; i > 0; i-- )
-        if( X->p[i - 1] != 0 )
-            break;
-
-    for( j = Y->n; j > 0; j-- )
-        if( Y->p[j - 1] != 0 )
-            break;
-
-    if( i == 0 && j == 0 )
-        return( 0 );
-
-    if( i > j ) return(  X->s );
-    if( j > i ) return( -Y->s );
-
-    if( X->s > 0 && Y->s < 0 ) return(  1 );
-    if( Y->s > 0 && X->s < 0 ) return( -1 );
-
-    for( ; i > 0; i-- )
-    {
-        if( X->p[i - 1] > Y->p[i - 1] ) return(  X->s );
-        if( X->p[i - 1] < Y->p[i - 1] ) return( -X->s );
-    }
-
-    return( 0 );
-}
-
-/** Decide if an integer is less than the other, without branches.
- *
- * \param x         First integer.
- * \param y         Second integer.
- *
- * \return          1 if \p x is less than \p y, 0 otherwise
- */
-static unsigned ct_lt_mpi_uint( const mbedtls_mpi_uint x,
-        const mbedtls_mpi_uint y )
-{
-    mbedtls_mpi_uint ret;
-    mbedtls_mpi_uint cond;
-
-    /*
-     * Check if the most significant bits (MSB) of the operands are different.
-     */
-    cond = ( x ^ y );
-    /*
-     * If the MSB are the same then the difference x-y will be negative (and
-     * have its MSB set to 1 during conversion to unsigned) if and only if x<y.
-     */
-    ret = ( x - y ) & ~cond;
-    /*
-     * If the MSB are different, then the operand with the MSB of 1 is the
-     * bigger. (That is if y has MSB of 1, then x<y is true and it is false if
-     * the MSB of y is 0.)
-     */
-    ret |= y & cond;
-
-
-    ret = ret >> ( biL - 1 );
-
-    return (unsigned) ret;
-}
-
-/*
- * Compare signed values in constant time
- */
-int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y,
-        unsigned *ret )
-{
-    size_t i;
-    /* The value of any of these variables is either 0 or 1 at all times. */
-    unsigned cond, done, X_is_negative, Y_is_negative;
-
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( Y != NULL );
-    MPI_VALIDATE_RET( ret != NULL );
-
-    if( X->n != Y->n )
-        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
-
-    /*
-     * Set sign_N to 1 if N >= 0, 0 if N < 0.
-     * We know that N->s == 1 if N >= 0 and N->s == -1 if N < 0.
-     */
-    X_is_negative = ( X->s & 2 ) >> 1;
-    Y_is_negative = ( Y->s & 2 ) >> 1;
-
-    /*
-     * If the signs are different, then the positive operand is the bigger.
-     * That is if X is negative (X_is_negative == 1), then X < Y is true and it
-     * is false if X is positive (X_is_negative == 0).
-     */
-    cond = ( X_is_negative ^ Y_is_negative );
-    *ret = cond & X_is_negative;
-
-    /*
-     * This is a constant-time function. We might have the result, but we still
-     * need to go through the loop. Record if we have the result already.
-     */
-    done = cond;
-
-    for( i = X->n; i > 0; i-- )
-    {
-        /*
-         * If Y->p[i - 1] < X->p[i - 1] then X < Y is true if and only if both
-         * X and Y are negative.
-         *
-         * Again even if we can make a decision, we just mark the result and
-         * the fact that we are done and continue looping.
-         */
-        cond = ct_lt_mpi_uint( Y->p[i - 1], X->p[i - 1] );
-        *ret |= cond & ( 1 - done ) & X_is_negative;
-        done |= cond;
-
-        /*
-         * If X->p[i - 1] < Y->p[i - 1] then X < Y is true if and only if both
-         * X and Y are positive.
-         *
-         * Again even if we can make a decision, we just mark the result and
-         * the fact that we are done and continue looping.
-         */
-        cond = ct_lt_mpi_uint( X->p[i - 1], Y->p[i - 1] );
-        *ret |= cond & ( 1 - done ) & ( 1 - X_is_negative );
-        done |= cond;
-    }
-
-    return( 0 );
-}
-
-/*
- * Compare signed values
- */
-int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z )
-{
-    mbedtls_mpi Y;
-    mbedtls_mpi_uint p[1];
-    MPI_VALIDATE_RET( X != NULL );
-
-    *p  = ( z < 0 ) ? -z : z;
-    Y.s = ( z < 0 ) ? -1 : 1;
-    Y.n = 1;
-    Y.p = p;
-
-    return( mbedtls_mpi_cmp_mpi( X, &Y ) );
-}
-
-/*
- * Unsigned addition: X = |A| + |B|  (HAC 14.7)
- */
-int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t i, j;
-    mbedtls_mpi_uint *o, *p, c, tmp;
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( A != NULL );
-    MPI_VALIDATE_RET( B != NULL );
-
-    if( X == B )
-    {
-        const mbedtls_mpi *T = A; A = X; B = T;
-    }
-
-    if( X != A )
-        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, A ) );
-
-    /*
-     * X should always be positive as a result of unsigned additions.
-     */
-    X->s = 1;
-
-    for( j = B->n; j > 0; j-- )
-        if( B->p[j - 1] != 0 )
-            break;
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) );
-
-    o = B->p; p = X->p; c = 0;
-
-    /*
-     * tmp is used because it might happen that p == o
-     */
-    for( i = 0; i < j; i++, o++, p++ )
-    {
-        tmp= *o;
-        *p +=  c; c  = ( *p <  c );
-        *p += tmp; c += ( *p < tmp );
-    }
-
-    while( c != 0 )
-    {
-        if( i >= X->n )
-        {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i + 1 ) );
-            p = X->p + i;
-        }
-
-        *p += c; c = ( *p < c ); i++; p++;
-    }
-
-cleanup:
-
-    return( ret );
-}
-
-/**
- * Helper for mbedtls_mpi subtraction.
- *
- * Calculate d - s where d and s have the same size.
- * This function operates modulo (2^ciL)^n and returns the carry
- * (1 if there was a wraparound, i.e. if `d < s`, and 0 otherwise).
- *
- * \param n             Number of limbs of \p d and \p s.
- * \param[in,out] d     On input, the left operand.
- *                      On output, the result of the subtraction:
- * \param[in] s         The right operand.
- *
- * \return              1 if `d < s`.
- *                      0 if `d >= s`.
- */
-static mbedtls_mpi_uint mpi_sub_hlp( size_t n,
-                                     mbedtls_mpi_uint *d,
-                                     const mbedtls_mpi_uint *s )
-{
-    size_t i;
-    mbedtls_mpi_uint c, z;
-
-    for( i = c = 0; i < n; i++, s++, d++ )
-    {
-        z = ( *d <  c );     *d -=  c;
-        c = ( *d < *s ) + z; *d -= *s;
-    }
-
-    return( c );
-}
-
-/*
- * Unsigned subtraction: X = |A| - |B|  (HAC 14.9, 14.10)
- */
-int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B )
-{
-    mbedtls_mpi TB;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t n;
-    mbedtls_mpi_uint carry;
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( A != NULL );
-    MPI_VALIDATE_RET( B != NULL );
-
-    mbedtls_mpi_init( &TB );
-
-    if( X == B )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, B ) );
-        B = &TB;
-    }
-
-    if( X != A )
-        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, A ) );
-
-    /*
-     * X should always be positive as a result of unsigned subtractions.
-     */
-    X->s = 1;
-
-    ret = 0;
-
-    for( n = B->n; n > 0; n-- )
-        if( B->p[n - 1] != 0 )
-            break;
-
-    carry = mpi_sub_hlp( n, X->p, B->p );
-    if( carry != 0 )
-    {
-        /* Propagate the carry to the first nonzero limb of X. */
-        for( ; n < X->n && X->p[n] == 0; n++ )
-            --X->p[n];
-        /* If we ran out of space for the carry, it means that the result
-         * is negative. */
-        if( n == X->n )
-        {
-            ret = MBEDTLS_ERR_MPI_NEGATIVE_VALUE;
-            goto cleanup;
-        }
-        --X->p[n];
-    }
-
-cleanup:
-
-    mbedtls_mpi_free( &TB );
-
-    return( ret );
-}
-
-/*
- * Signed addition: X = A + B
- */
-int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B )
-{
-    int ret, s;
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( A != NULL );
-    MPI_VALIDATE_RET( B != NULL );
-
-    s = A->s;
-    if( A->s * B->s < 0 )
-    {
-        if( mbedtls_mpi_cmp_abs( A, B ) >= 0 )
-        {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, A, B ) );
-            X->s =  s;
-        }
-        else
-        {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, B, A ) );
-            X->s = -s;
-        }
-    }
-    else
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( X, A, B ) );
-        X->s = s;
-    }
-
-cleanup:
-
-    return( ret );
-}
-
-/*
- * Signed subtraction: X = A - B
- */
-int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B )
-{
-    int ret, s;
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( A != NULL );
-    MPI_VALIDATE_RET( B != NULL );
-
-    s = A->s;
-    if( A->s * B->s > 0 )
-    {
-        if( mbedtls_mpi_cmp_abs( A, B ) >= 0 )
-        {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, A, B ) );
-            X->s =  s;
-        }
-        else
-        {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, B, A ) );
-            X->s = -s;
-        }
-    }
-    else
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( X, A, B ) );
-        X->s = s;
-    }
-
-cleanup:
-
-    return( ret );
-}
-
-/*
- * Signed addition: X = A + b
- */
-int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b )
-{
-    mbedtls_mpi _B;
-    mbedtls_mpi_uint p[1];
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( A != NULL );
-
-    p[0] = ( b < 0 ) ? -b : b;
-    _B.s = ( b < 0 ) ? -1 : 1;
-    _B.n = 1;
-    _B.p = p;
-
-    return( mbedtls_mpi_add_mpi( X, A, &_B ) );
-}
-
-/*
- * Signed subtraction: X = A - b
- */
-int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b )
-{
-    mbedtls_mpi _B;
-    mbedtls_mpi_uint p[1];
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( A != NULL );
-
-    p[0] = ( b < 0 ) ? -b : b;
-    _B.s = ( b < 0 ) ? -1 : 1;
-    _B.n = 1;
-    _B.p = p;
-
-    return( mbedtls_mpi_sub_mpi( X, A, &_B ) );
-}
-
-/*
- * Helper for mbedtls_mpi multiplication
- */
-static
-#if defined(__APPLE__) && defined(__arm__)
-/*
- * Apple LLVM version 4.2 (clang-425.0.24) (based on LLVM 3.2svn)
- * appears to need this to prevent bad ARM code generation at -O3.
- */
-__attribute__ ((noinline))
-#endif
-void mpi_mul_hlp( size_t i, mbedtls_mpi_uint *s, mbedtls_mpi_uint *d, mbedtls_mpi_uint b )
-{
-    mbedtls_mpi_uint c = 0, t = 0;
-
-#if defined(MULADDC_HUIT)
-    for( ; i >= 8; i -= 8 )
-    {
-        MULADDC_INIT
-        MULADDC_HUIT
-        MULADDC_STOP
-    }
-
-    for( ; i > 0; i-- )
-    {
-        MULADDC_INIT
-        MULADDC_CORE
-        MULADDC_STOP
-    }
-#else /* MULADDC_HUIT */
-    for( ; i >= 16; i -= 16 )
-    {
-        MULADDC_INIT
-        MULADDC_CORE   MULADDC_CORE
-        MULADDC_CORE   MULADDC_CORE
-        MULADDC_CORE   MULADDC_CORE
-        MULADDC_CORE   MULADDC_CORE
-
-        MULADDC_CORE   MULADDC_CORE
-        MULADDC_CORE   MULADDC_CORE
-        MULADDC_CORE   MULADDC_CORE
-        MULADDC_CORE   MULADDC_CORE
-        MULADDC_STOP
-    }
-
-    for( ; i >= 8; i -= 8 )
-    {
-        MULADDC_INIT
-        MULADDC_CORE   MULADDC_CORE
-        MULADDC_CORE   MULADDC_CORE
-
-        MULADDC_CORE   MULADDC_CORE
-        MULADDC_CORE   MULADDC_CORE
-        MULADDC_STOP
-    }
-
-    for( ; i > 0; i-- )
-    {
-        MULADDC_INIT
-        MULADDC_CORE
-        MULADDC_STOP
-    }
-#endif /* MULADDC_HUIT */
-
-    t++;
-
-    do {
-        *d += c; c = ( *d < c ); d++;
-    }
-    while( c != 0 );
-}
-
-/*
- * Baseline multiplication: X = A * B  (HAC 14.12)
- */
-int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t i, j;
-    mbedtls_mpi TA, TB;
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( A != NULL );
-    MPI_VALIDATE_RET( B != NULL );
-
-    mbedtls_mpi_init( &TA ); mbedtls_mpi_init( &TB );
-
-    if( X == A ) { MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TA, A ) ); A = &TA; }
-    if( X == B ) { MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, B ) ); B = &TB; }
-
-    for( i = A->n; i > 0; i-- )
-        if( A->p[i - 1] != 0 )
-            break;
-
-    for( j = B->n; j > 0; j-- )
-        if( B->p[j - 1] != 0 )
-            break;
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i + j ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
-
-    for( ; j > 0; j-- )
-        mpi_mul_hlp( i, A->p, X->p + j - 1, B->p[j - 1] );
-
-    X->s = A->s * B->s;
-
-cleanup:
-
-    mbedtls_mpi_free( &TB ); mbedtls_mpi_free( &TA );
-
-    return( ret );
-}
-
-/*
- * Baseline multiplication: X = A * b
- */
-int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint b )
-{
-    mbedtls_mpi _B;
-    mbedtls_mpi_uint p[1];
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( A != NULL );
-
-    _B.s = 1;
-    _B.n = 1;
-    _B.p = p;
-    p[0] = b;
-
-    return( mbedtls_mpi_mul_mpi( X, A, &_B ) );
-}
-
-/*
- * Unsigned integer divide - double mbedtls_mpi_uint dividend, u1/u0, and
- * mbedtls_mpi_uint divisor, d
- */
-static mbedtls_mpi_uint mbedtls_int_div_int( mbedtls_mpi_uint u1,
-            mbedtls_mpi_uint u0, mbedtls_mpi_uint d, mbedtls_mpi_uint *r )
-{
-#if defined(MBEDTLS_HAVE_UDBL)
-    mbedtls_t_udbl dividend, quotient;
-#else
-    const mbedtls_mpi_uint radix = (mbedtls_mpi_uint) 1 << biH;
-    const mbedtls_mpi_uint uint_halfword_mask = ( (mbedtls_mpi_uint) 1 << biH ) - 1;
-    mbedtls_mpi_uint d0, d1, q0, q1, rAX, r0, quotient;
-    mbedtls_mpi_uint u0_msw, u0_lsw;
-    size_t s;
-#endif
-
-    /*
-     * Check for overflow
-     */
-    if( 0 == d || u1 >= d )
-    {
-        if (r != NULL) *r = ~0;
-
-        return ( ~0 );
-    }
-
-#if defined(MBEDTLS_HAVE_UDBL)
-    dividend  = (mbedtls_t_udbl) u1 << biL;
-    dividend |= (mbedtls_t_udbl) u0;
-    quotient = dividend / d;
-    if( quotient > ( (mbedtls_t_udbl) 1 << biL ) - 1 )
-        quotient = ( (mbedtls_t_udbl) 1 << biL ) - 1;
-
-    if( r != NULL )
-        *r = (mbedtls_mpi_uint)( dividend - (quotient * d ) );
-
-    return (mbedtls_mpi_uint) quotient;
-#else
-
-    /*
-     * Algorithm D, Section 4.3.1 - The Art of Computer Programming
-     *   Vol. 2 - Seminumerical Algorithms, Knuth
-     */
-
-    /*
-     * Normalize the divisor, d, and dividend, u0, u1
-     */
-    s = mbedtls_clz( d );
-    d = d << s;
-
-    u1 = u1 << s;
-    u1 |= ( u0 >> ( biL - s ) ) & ( -(mbedtls_mpi_sint)s >> ( biL - 1 ) );
-    u0 =  u0 << s;
-
-    d1 = d >> biH;
-    d0 = d & uint_halfword_mask;
-
-    u0_msw = u0 >> biH;
-    u0_lsw = u0 & uint_halfword_mask;
-
-    /*
-     * Find the first quotient and remainder
-     */
-    q1 = u1 / d1;
-    r0 = u1 - d1 * q1;
-
-    while( q1 >= radix || ( q1 * d0 > radix * r0 + u0_msw ) )
-    {
-        q1 -= 1;
-        r0 += d1;
-
-        if ( r0 >= radix ) break;
-    }
-
-    rAX = ( u1 * radix ) + ( u0_msw - q1 * d );
-    q0 = rAX / d1;
-    r0 = rAX - q0 * d1;
-
-    while( q0 >= radix || ( q0 * d0 > radix * r0 + u0_lsw ) )
-    {
-        q0 -= 1;
-        r0 += d1;
-
-        if ( r0 >= radix ) break;
-    }
-
-    if (r != NULL)
-        *r = ( rAX * radix + u0_lsw - q0 * d ) >> s;
-
-    quotient = q1 * radix + q0;
-
-    return quotient;
-#endif
-}
-
-/*
- * Division by mbedtls_mpi: A = Q * B + R  (HAC 14.20)
- */
-int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
-                         const mbedtls_mpi *B )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t i, n, t, k;
-    mbedtls_mpi X, Y, Z, T1, T2;
-    mbedtls_mpi_uint TP2[3];
-    MPI_VALIDATE_RET( A != NULL );
-    MPI_VALIDATE_RET( B != NULL );
-
-    if( mbedtls_mpi_cmp_int( B, 0 ) == 0 )
-        return( MBEDTLS_ERR_MPI_DIVISION_BY_ZERO );
-
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z );
-    mbedtls_mpi_init( &T1 );
-    /*
-     * Avoid dynamic memory allocations for constant-size T2.
-     *
-     * T2 is used for comparison only and the 3 limbs are assigned explicitly,
-     * so nobody increase the size of the MPI and we're safe to use an on-stack
-     * buffer.
-     */
-    T2.s = 1;
-    T2.n = sizeof( TP2 ) / sizeof( *TP2 );
-    T2.p = TP2;
-
-    if( mbedtls_mpi_cmp_abs( A, B ) < 0 )
-    {
-        if( Q != NULL ) MBEDTLS_MPI_CHK( mbedtls_mpi_lset( Q, 0 ) );
-        if( R != NULL ) MBEDTLS_MPI_CHK( mbedtls_mpi_copy( R, A ) );
-        return( 0 );
-    }
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &X, A ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &Y, B ) );
-    X.s = Y.s = 1;
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &Z, A->n + 2 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &Z,  0 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &T1, 2 ) );
-
-    k = mbedtls_mpi_bitlen( &Y ) % biL;
-    if( k < biL - 1 )
-    {
-        k = biL - 1 - k;
-        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &X, k ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &Y, k ) );
-    }
-    else k = 0;
-
-    n = X.n - 1;
-    t = Y.n - 1;
-    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &Y, biL * ( n - t ) ) );
-
-    while( mbedtls_mpi_cmp_mpi( &X, &Y ) >= 0 )
-    {
-        Z.p[n - t]++;
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &X, &X, &Y ) );
-    }
-    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &Y, biL * ( n - t ) ) );
-
-    for( i = n; i > t ; i-- )
-    {
-        if( X.p[i] >= Y.p[t] )
-            Z.p[i - t - 1] = ~0;
-        else
-        {
-            Z.p[i - t - 1] = mbedtls_int_div_int( X.p[i], X.p[i - 1],
-                                                            Y.p[t], NULL);
-        }
-
-        T2.p[0] = ( i < 2 ) ? 0 : X.p[i - 2];
-        T2.p[1] = ( i < 1 ) ? 0 : X.p[i - 1];
-        T2.p[2] = X.p[i];
-
-        Z.p[i - t - 1]++;
-        do
-        {
-            Z.p[i - t - 1]--;
-
-            MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &T1, 0 ) );
-            T1.p[0] = ( t < 1 ) ? 0 : Y.p[t - 1];
-            T1.p[1] = Y.p[t];
-            MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T1, &T1, Z.p[i - t - 1] ) );
-        }
-        while( mbedtls_mpi_cmp_mpi( &T1, &T2 ) > 0 );
-
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T1, &Y, Z.p[i - t - 1] ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &T1,  biL * ( i - t - 1 ) ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &X, &X, &T1 ) );
-
-        if( mbedtls_mpi_cmp_int( &X, 0 ) < 0 )
-        {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &T1, &Y ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &T1, biL * ( i - t - 1 ) ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &X, &X, &T1 ) );
-            Z.p[i - t - 1]--;
-        }
-    }
-
-    if( Q != NULL )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( Q, &Z ) );
-        Q->s = A->s * B->s;
-    }
-
-    if( R != NULL )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &X, k ) );
-        X.s = A->s;
-        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( R, &X ) );
-
-        if( mbedtls_mpi_cmp_int( R, 0 ) == 0 )
-            R->s = 1;
-    }
-
-cleanup:
-
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z );
-    mbedtls_mpi_free( &T1 );
-    mbedtls_platform_zeroize( TP2, sizeof( TP2 ) );
-
-    return( ret );
-}
-
-/*
- * Division by int: A = Q * b + R
- */
-int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R,
-                         const mbedtls_mpi *A,
-                         mbedtls_mpi_sint b )
-{
-    mbedtls_mpi _B;
-    mbedtls_mpi_uint p[1];
-    MPI_VALIDATE_RET( A != NULL );
-
-    p[0] = ( b < 0 ) ? -b : b;
-    _B.s = ( b < 0 ) ? -1 : 1;
-    _B.n = 1;
-    _B.p = p;
-
-    return( mbedtls_mpi_div_mpi( Q, R, A, &_B ) );
-}
-
-/*
- * Modulo: R = A mod B
- */
-int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    MPI_VALIDATE_RET( R != NULL );
-    MPI_VALIDATE_RET( A != NULL );
-    MPI_VALIDATE_RET( B != NULL );
-
-    if( mbedtls_mpi_cmp_int( B, 0 ) < 0 )
-        return( MBEDTLS_ERR_MPI_NEGATIVE_VALUE );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( NULL, R, A, B ) );
-
-    while( mbedtls_mpi_cmp_int( R, 0 ) < 0 )
-      MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( R, R, B ) );
-
-    while( mbedtls_mpi_cmp_mpi( R, B ) >= 0 )
-      MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( R, R, B ) );
-
-cleanup:
-
-    return( ret );
-}
-
-/*
- * Modulo: r = A mod b
- */
-int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, mbedtls_mpi_sint b )
-{
-    size_t i;
-    mbedtls_mpi_uint x, y, z;
-    MPI_VALIDATE_RET( r != NULL );
-    MPI_VALIDATE_RET( A != NULL );
-
-    if( b == 0 )
-        return( MBEDTLS_ERR_MPI_DIVISION_BY_ZERO );
-
-    if( b < 0 )
-        return( MBEDTLS_ERR_MPI_NEGATIVE_VALUE );
-
-    /*
-     * handle trivial cases
-     */
-    if( b == 1 )
-    {
-        *r = 0;
-        return( 0 );
-    }
-
-    if( b == 2 )
-    {
-        *r = A->p[0] & 1;
-        return( 0 );
-    }
-
-    /*
-     * general case
-     */
-    for( i = A->n, y = 0; i > 0; i-- )
-    {
-        x  = A->p[i - 1];
-        y  = ( y << biH ) | ( x >> biH );
-        z  = y / b;
-        y -= z * b;
-
-        x <<= biH;
-        y  = ( y << biH ) | ( x >> biH );
-        z  = y / b;
-        y -= z * b;
-    }
-
-    /*
-     * If A is negative, then the current y represents a negative value.
-     * Flipping it to the positive side.
-     */
-    if( A->s < 0 && y != 0 )
-        y = b - y;
-
-    *r = y;
-
-    return( 0 );
-}
-
-/*
- * Fast Montgomery initialization (thanks to Tom St Denis)
- */
-static void mpi_montg_init( mbedtls_mpi_uint *mm, const mbedtls_mpi *N )
-{
-    mbedtls_mpi_uint x, m0 = N->p[0];
-    unsigned int i;
-
-    x  = m0;
-    x += ( ( m0 + 2 ) & 4 ) << 1;
-
-    for( i = biL; i >= 8; i /= 2 )
-        x *= ( 2 - ( m0 * x ) );
-
-    *mm = ~x + 1;
-}
-
-/** Montgomery multiplication: A = A * B * R^-1 mod N  (HAC 14.36)
- *
- * \param[in,out]   A   One of the numbers to multiply.
- *                      It must have at least as many limbs as N
- *                      (A->n >= N->n), and any limbs beyond n are ignored.
- *                      On successful completion, A contains the result of
- *                      the multiplication A * B * R^-1 mod N where
- *                      R = (2^ciL)^n.
- * \param[in]       B   One of the numbers to multiply.
- *                      It must be nonzero and must not have more limbs than N
- *                      (B->n <= N->n).
- * \param[in]       N   The modulo. N must be odd.
- * \param           mm  The value calculated by `mpi_montg_init(&mm, N)`.
- *                      This is -N^-1 mod 2^ciL.
- * \param[in,out]   T   A bignum for temporary storage.
- *                      It must be at least twice the limb size of N plus 2
- *                      (T->n >= 2 * (N->n + 1)).
- *                      Its initial content is unused and
- *                      its final content is indeterminate.
- *                      Note that unlike the usual convention in the library
- *                      for `const mbedtls_mpi*`, the content of T can change.
- */
-static void mpi_montmul( mbedtls_mpi *A, const mbedtls_mpi *B, const mbedtls_mpi *N, mbedtls_mpi_uint mm,
-                         const mbedtls_mpi *T )
-{
-    size_t i, n, m;
-    mbedtls_mpi_uint u0, u1, *d;
-
-    memset( T->p, 0, T->n * ciL );
-
-    d = T->p;
-    n = N->n;
-    m = ( B->n < n ) ? B->n : n;
-
-    for( i = 0; i < n; i++ )
-    {
-        /*
-         * T = (T + u0*B + u1*N) / 2^biL
-         */
-        u0 = A->p[i];
-        u1 = ( d[0] + u0 * B->p[0] ) * mm;
-
-        mpi_mul_hlp( m, B->p, d, u0 );
-        mpi_mul_hlp( n, N->p, d, u1 );
-
-        *d++ = u0; d[n + 1] = 0;
-    }
-
-    /* At this point, d is either the desired result or the desired result
-     * plus N. We now potentially subtract N, avoiding leaking whether the
-     * subtraction is performed through side channels. */
-
-    /* Copy the n least significant limbs of d to A, so that
-     * A = d if d < N (recall that N has n limbs). */
-    memcpy( A->p, d, n * ciL );
-    /* If d >= N then we want to set A to d - N. To prevent timing attacks,
-     * do the calculation without using conditional tests. */
-    /* Set d to d0 + (2^biL)^n - N where d0 is the current value of d. */
-    d[n] += 1;
-    d[n] -= mpi_sub_hlp( n, d, N->p );
-    /* If d0 < N then d < (2^biL)^n
-     * so d[n] == 0 and we want to keep A as it is.
-     * If d0 >= N then d >= (2^biL)^n, and d <= (2^biL)^n + N < 2 * (2^biL)^n
-     * so d[n] == 1 and we want to set A to the result of the subtraction
-     * which is d - (2^biL)^n, i.e. the n least significant limbs of d.
-     * This exactly corresponds to a conditional assignment. */
-    mpi_safe_cond_assign( n, A->p, d, (unsigned char) d[n] );
-}
-
-/*
- * Montgomery reduction: A = A * R^-1 mod N
- *
- * See mpi_montmul() regarding constraints and guarantees on the parameters.
- */
-static void mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N,
-                         mbedtls_mpi_uint mm, const mbedtls_mpi *T )
-{
-    mbedtls_mpi_uint z = 1;
-    mbedtls_mpi U;
-
-    U.n = U.s = (int) z;
-    U.p = &z;
-
-    mpi_montmul( A, &U, N, mm, T );
-}
-
-/*
- * Sliding-window exponentiation: X = A^E mod N  (HAC 14.85)
- */
-int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         const mbedtls_mpi *E, const mbedtls_mpi *N,
-                         mbedtls_mpi *_RR )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t wbits, wsize, one = 1;
-    size_t i, j, nblimbs;
-    size_t bufsize, nbits;
-    mbedtls_mpi_uint ei, mm, state;
-    mbedtls_mpi RR, T, W[ 1 << MBEDTLS_MPI_WINDOW_SIZE ], Apos;
-    int neg;
-
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( A != NULL );
-    MPI_VALIDATE_RET( E != NULL );
-    MPI_VALIDATE_RET( N != NULL );
-
-    if( mbedtls_mpi_cmp_int( N, 0 ) <= 0 || ( N->p[0] & 1 ) == 0 )
-        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
-
-    if( mbedtls_mpi_cmp_int( E, 0 ) < 0 )
-        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
-
-    if( mbedtls_mpi_bitlen( E ) > MBEDTLS_MPI_MAX_BITS ||
-        mbedtls_mpi_bitlen( N ) > MBEDTLS_MPI_MAX_BITS )
-        return ( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
-
-    /*
-     * Init temps and window size
-     */
-    mpi_montg_init( &mm, N );
-    mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &T );
-    mbedtls_mpi_init( &Apos );
-    memset( W, 0, sizeof( W ) );
-
-    i = mbedtls_mpi_bitlen( E );
-
-    wsize = ( i > 671 ) ? 6 : ( i > 239 ) ? 5 :
-            ( i >  79 ) ? 4 : ( i >  23 ) ? 3 : 1;
-
-#if( MBEDTLS_MPI_WINDOW_SIZE < 6 )
-    if( wsize > MBEDTLS_MPI_WINDOW_SIZE )
-        wsize = MBEDTLS_MPI_WINDOW_SIZE;
-#endif
-
-    j = N->n + 1;
-    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[1],  j ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &T, j * 2 ) );
-
-    /*
-     * Compensate for negative A (and correct at the end)
-     */
-    neg = ( A->s == -1 );
-    if( neg )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &Apos, A ) );
-        Apos.s = 1;
-        A = &Apos;
-    }
-
-    /*
-     * If 1st call, pre-compute R^2 mod N
-     */
-    if( _RR == NULL || _RR->p == NULL )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &RR, 1 ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &RR, N->n * 2 * biL ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &RR, &RR, N ) );
-
-        if( _RR != NULL )
-            memcpy( _RR, &RR, sizeof( mbedtls_mpi ) );
-    }
-    else
-        memcpy( &RR, _RR, sizeof( mbedtls_mpi ) );
-
-    /*
-     * W[1] = A * R^2 * R^-1 mod N = A * R mod N
-     */
-    if( mbedtls_mpi_cmp_mpi( A, N ) >= 0 )
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &W[1], A, N ) );
-    else
-        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[1], A ) );
-
-    mpi_montmul( &W[1], &RR, N, mm, &T );
-
-    /*
-     * X = R^2 * R^-1 mod N = R mod N
-     */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, &RR ) );
-    mpi_montred( X, N, mm, &T );
-
-    if( wsize > 1 )
-    {
-        /*
-         * W[1 << (wsize - 1)] = W[1] ^ (wsize - 1)
-         */
-        j =  one << ( wsize - 1 );
-
-        MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[j], N->n + 1 ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[j], &W[1]    ) );
-
-        for( i = 0; i < wsize - 1; i++ )
-            mpi_montmul( &W[j], &W[j], N, mm, &T );
-
-        /*
-         * W[i] = W[i - 1] * W[1]
-         */
-        for( i = j + 1; i < ( one << wsize ); i++ )
-        {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[i], N->n + 1 ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[i], &W[i - 1] ) );
-
-            mpi_montmul( &W[i], &W[1], N, mm, &T );
-        }
-    }
-
-    nblimbs = E->n;
-    bufsize = 0;
-    nbits   = 0;
-    wbits   = 0;
-    state   = 0;
-
-    while( 1 )
-    {
-        if( bufsize == 0 )
-        {
-            if( nblimbs == 0 )
-                break;
-
-            nblimbs--;
-
-            bufsize = sizeof( mbedtls_mpi_uint ) << 3;
-        }
-
-        bufsize--;
-
-        ei = (E->p[nblimbs] >> bufsize) & 1;
-
-        /*
-         * skip leading 0s
-         */
-        if( ei == 0 && state == 0 )
-            continue;
-
-        if( ei == 0 && state == 1 )
-        {
-            /*
-             * out of window, square X
-             */
-            mpi_montmul( X, X, N, mm, &T );
-            continue;
-        }
-
-        /*
-         * add ei to current window
-         */
-        state = 2;
-
-        nbits++;
-        wbits |= ( ei << ( wsize - nbits ) );
-
-        if( nbits == wsize )
-        {
-            /*
-             * X = X^wsize R^-1 mod N
-             */
-            for( i = 0; i < wsize; i++ )
-                mpi_montmul( X, X, N, mm, &T );
-
-            /*
-             * X = X * W[wbits] R^-1 mod N
-             */
-            mpi_montmul( X, &W[wbits], N, mm, &T );
-
-            state--;
-            nbits = 0;
-            wbits = 0;
-        }
-    }
-
-    /*
-     * process the remaining bits
-     */
-    for( i = 0; i < nbits; i++ )
-    {
-        mpi_montmul( X, X, N, mm, &T );
-
-        wbits <<= 1;
-
-        if( ( wbits & ( one << wsize ) ) != 0 )
-            mpi_montmul( X, &W[1], N, mm, &T );
-    }
-
-    /*
-     * X = A^E * R * R^-1 mod N = A^E mod N
-     */
-    mpi_montred( X, N, mm, &T );
-
-    if( neg && E->n != 0 && ( E->p[0] & 1 ) != 0 )
-    {
-        X->s = -1;
-        MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( X, N, X ) );
-    }
-
-cleanup:
-
-    for( i = ( one << ( wsize - 1 ) ); i < ( one << wsize ); i++ )
-        mbedtls_mpi_free( &W[i] );
-
-    mbedtls_mpi_free( &W[1] ); mbedtls_mpi_free( &T ); mbedtls_mpi_free( &Apos );
-
-    if( _RR == NULL || _RR->p == NULL )
-        mbedtls_mpi_free( &RR );
-
-    return( ret );
-}
-
-/*
- * Greatest common divisor: G = gcd(A, B)  (HAC 14.54)
- */
-int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t lz, lzt;
-    mbedtls_mpi TA, TB;
-
-    MPI_VALIDATE_RET( G != NULL );
-    MPI_VALIDATE_RET( A != NULL );
-    MPI_VALIDATE_RET( B != NULL );
-
-    mbedtls_mpi_init( &TA ); mbedtls_mpi_init( &TB );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TA, A ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, B ) );
-
-    lz = mbedtls_mpi_lsb( &TA );
-    lzt = mbedtls_mpi_lsb( &TB );
-
-    if( lzt < lz )
-        lz = lzt;
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, lz ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, lz ) );
-
-    TA.s = TB.s = 1;
-
-    while( mbedtls_mpi_cmp_int( &TA, 0 ) != 0 )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, mbedtls_mpi_lsb( &TA ) ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, mbedtls_mpi_lsb( &TB ) ) );
-
-        if( mbedtls_mpi_cmp_mpi( &TA, &TB ) >= 0 )
-        {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &TA, &TA, &TB ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, 1 ) );
-        }
-        else
-        {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &TB, &TB, &TA ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, 1 ) );
-        }
-    }
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &TB, lz ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( G, &TB ) );
-
-cleanup:
-
-    mbedtls_mpi_free( &TA ); mbedtls_mpi_free( &TB );
-
-    return( ret );
-}
-
-/*
- * Fill X with size bytes of random.
- *
- * Use a temporary bytes representation to make sure the result is the same
- * regardless of the platform endianness (useful when f_rng is actually
- * deterministic, eg for tests).
- */
-int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size,
-                     int (*f_rng)(void *, unsigned char *, size_t),
-                     void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t const limbs = CHARS_TO_LIMBS( size );
-    size_t const overhead = ( limbs * ciL ) - size;
-    unsigned char *Xp;
-
-    MPI_VALIDATE_RET( X     != NULL );
-    MPI_VALIDATE_RET( f_rng != NULL );
-
-    /* Ensure that target MPI has exactly the necessary number of limbs */
-    if( X->n != limbs )
-    {
-        mbedtls_mpi_free( X );
-        mbedtls_mpi_init( X );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, limbs ) );
-    }
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
-
-    Xp = (unsigned char*) X->p;
-    MBEDTLS_MPI_CHK( f_rng( p_rng, Xp + overhead, size ) );
-
-    mpi_bigendian_to_host( X->p, limbs );
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Modular inverse: X = A^-1 mod N  (HAC 14.61 / 14.64)
- */
-int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *N )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_mpi G, TA, TU, U1, U2, TB, TV, V1, V2;
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( A != NULL );
-    MPI_VALIDATE_RET( N != NULL );
-
-    if( mbedtls_mpi_cmp_int( N, 1 ) <= 0 )
-        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
-
-    mbedtls_mpi_init( &TA ); mbedtls_mpi_init( &TU ); mbedtls_mpi_init( &U1 ); mbedtls_mpi_init( &U2 );
-    mbedtls_mpi_init( &G ); mbedtls_mpi_init( &TB ); mbedtls_mpi_init( &TV );
-    mbedtls_mpi_init( &V1 ); mbedtls_mpi_init( &V2 );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &G, A, N ) );
-
-    if( mbedtls_mpi_cmp_int( &G, 1 ) != 0 )
-    {
-        ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
-        goto cleanup;
-    }
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &TA, A, N ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TU, &TA ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, N ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TV, N ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &U1, 1 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &U2, 0 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &V1, 0 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &V2, 1 ) );
-
-    do
-    {
-        while( ( TU.p[0] & 1 ) == 0 )
-        {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TU, 1 ) );
-
-            if( ( U1.p[0] & 1 ) != 0 || ( U2.p[0] & 1 ) != 0 )
-            {
-                MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &U1, &U1, &TB ) );
-                MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U2, &U2, &TA ) );
-            }
-
-            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &U1, 1 ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &U2, 1 ) );
-        }
-
-        while( ( TV.p[0] & 1 ) == 0 )
-        {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TV, 1 ) );
-
-            if( ( V1.p[0] & 1 ) != 0 || ( V2.p[0] & 1 ) != 0 )
-            {
-                MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &V1, &V1, &TB ) );
-                MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V2, &V2, &TA ) );
-            }
-
-            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &V1, 1 ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &V2, 1 ) );
-        }
-
-        if( mbedtls_mpi_cmp_mpi( &TU, &TV ) >= 0 )
-        {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &TU, &TU, &TV ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U1, &U1, &V1 ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U2, &U2, &V2 ) );
-        }
-        else
-        {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &TV, &TV, &TU ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V1, &V1, &U1 ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V2, &V2, &U2 ) );
-        }
-    }
-    while( mbedtls_mpi_cmp_int( &TU, 0 ) != 0 );
-
-    while( mbedtls_mpi_cmp_int( &V1, 0 ) < 0 )
-        MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &V1, &V1, N ) );
-
-    while( mbedtls_mpi_cmp_mpi( &V1, N ) >= 0 )
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V1, &V1, N ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, &V1 ) );
-
-cleanup:
-
-    mbedtls_mpi_free( &TA ); mbedtls_mpi_free( &TU ); mbedtls_mpi_free( &U1 ); mbedtls_mpi_free( &U2 );
-    mbedtls_mpi_free( &G ); mbedtls_mpi_free( &TB ); mbedtls_mpi_free( &TV );
-    mbedtls_mpi_free( &V1 ); mbedtls_mpi_free( &V2 );
-
-    return( ret );
-}
-
-#if defined(MBEDTLS_GENPRIME)
-
-static const int small_prime[] =
-{
-        3,    5,    7,   11,   13,   17,   19,   23,
-       29,   31,   37,   41,   43,   47,   53,   59,
-       61,   67,   71,   73,   79,   83,   89,   97,
-      101,  103,  107,  109,  113,  127,  131,  137,
-      139,  149,  151,  157,  163,  167,  173,  179,
-      181,  191,  193,  197,  199,  211,  223,  227,
-      229,  233,  239,  241,  251,  257,  263,  269,
-      271,  277,  281,  283,  293,  307,  311,  313,
-      317,  331,  337,  347,  349,  353,  359,  367,
-      373,  379,  383,  389,  397,  401,  409,  419,
-      421,  431,  433,  439,  443,  449,  457,  461,
-      463,  467,  479,  487,  491,  499,  503,  509,
-      521,  523,  541,  547,  557,  563,  569,  571,
-      577,  587,  593,  599,  601,  607,  613,  617,
-      619,  631,  641,  643,  647,  653,  659,  661,
-      673,  677,  683,  691,  701,  709,  719,  727,
-      733,  739,  743,  751,  757,  761,  769,  773,
-      787,  797,  809,  811,  821,  823,  827,  829,
-      839,  853,  857,  859,  863,  877,  881,  883,
-      887,  907,  911,  919,  929,  937,  941,  947,
-      953,  967,  971,  977,  983,  991,  997, -103
-};
-
-/*
- * Small divisors test (X must be positive)
- *
- * Return values:
- * 0: no small factor (possible prime, more tests needed)
- * 1: certain prime
- * MBEDTLS_ERR_MPI_NOT_ACCEPTABLE: certain non-prime
- * other negative: error
- */
-static int mpi_check_small_factors( const mbedtls_mpi *X )
-{
-    int ret = 0;
-    size_t i;
-    mbedtls_mpi_uint r;
-
-    if( ( X->p[0] & 1 ) == 0 )
-        return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE );
-
-    for( i = 0; small_prime[i] > 0; i++ )
-    {
-        if( mbedtls_mpi_cmp_int( X, small_prime[i] ) <= 0 )
-            return( 1 );
-
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, small_prime[i] ) );
-
-        if( r == 0 )
-            return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE );
-    }
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Miller-Rabin pseudo-primality test  (HAC 4.24)
- */
-static int mpi_miller_rabin( const mbedtls_mpi *X, size_t rounds,
-                             int (*f_rng)(void *, unsigned char *, size_t),
-                             void *p_rng )
-{
-    int ret, count;
-    size_t i, j, k, s;
-    mbedtls_mpi W, R, T, A, RR;
-
-    MPI_VALIDATE_RET( X     != NULL );
-    MPI_VALIDATE_RET( f_rng != NULL );
-
-    mbedtls_mpi_init( &W ); mbedtls_mpi_init( &R );
-    mbedtls_mpi_init( &T ); mbedtls_mpi_init( &A );
-    mbedtls_mpi_init( &RR );
-
-    /*
-     * W = |X| - 1
-     * R = W >> lsb( W )
-     */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &W, X, 1 ) );
-    s = mbedtls_mpi_lsb( &W );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R, &W ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &R, s ) );
-
-    for( i = 0; i < rounds; i++ )
-    {
-        /*
-         * pick a random A, 1 < A < |X| - 1
-         */
-        count = 0;
-        do {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &A, X->n * ciL, f_rng, p_rng ) );
-
-            j = mbedtls_mpi_bitlen( &A );
-            k = mbedtls_mpi_bitlen( &W );
-            if (j > k) {
-                A.p[A.n - 1] &= ( (mbedtls_mpi_uint) 1 << ( k - ( A.n - 1 ) * biL - 1 ) ) - 1;
-            }
-
-            if (count++ > 30) {
-                ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
-                goto cleanup;
-            }
-
-        } while ( mbedtls_mpi_cmp_mpi( &A, &W ) >= 0 ||
-                  mbedtls_mpi_cmp_int( &A, 1 )  <= 0    );
-
-        /*
-         * A = A^R mod |X|
-         */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &A, &A, &R, X, &RR ) );
-
-        if( mbedtls_mpi_cmp_mpi( &A, &W ) == 0 ||
-            mbedtls_mpi_cmp_int( &A,  1 ) == 0 )
-            continue;
-
-        j = 1;
-        while( j < s && mbedtls_mpi_cmp_mpi( &A, &W ) != 0 )
-        {
-            /*
-             * A = A * A mod |X|
-             */
-            MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &A, &A ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &A, &T, X  ) );
-
-            if( mbedtls_mpi_cmp_int( &A, 1 ) == 0 )
-                break;
-
-            j++;
-        }
-
-        /*
-         * not prime if A != |X| - 1 or A == 1
-         */
-        if( mbedtls_mpi_cmp_mpi( &A, &W ) != 0 ||
-            mbedtls_mpi_cmp_int( &A,  1 ) == 0 )
-        {
-            ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
-            break;
-        }
-    }
-
-cleanup:
-    mbedtls_mpi_free( &W ); mbedtls_mpi_free( &R );
-    mbedtls_mpi_free( &T ); mbedtls_mpi_free( &A );
-    mbedtls_mpi_free( &RR );
-
-    return( ret );
-}
-
-/*
- * Pseudo-primality test: small factors, then Miller-Rabin
- */
-int mbedtls_mpi_is_prime_ext( const mbedtls_mpi *X, int rounds,
-                              int (*f_rng)(void *, unsigned char *, size_t),
-                              void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_mpi XX;
-    MPI_VALIDATE_RET( X     != NULL );
-    MPI_VALIDATE_RET( f_rng != NULL );
-
-    XX.s = 1;
-    XX.n = X->n;
-    XX.p = X->p;
-
-    if( mbedtls_mpi_cmp_int( &XX, 0 ) == 0 ||
-        mbedtls_mpi_cmp_int( &XX, 1 ) == 0 )
-        return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE );
-
-    if( mbedtls_mpi_cmp_int( &XX, 2 ) == 0 )
-        return( 0 );
-
-    if( ( ret = mpi_check_small_factors( &XX ) ) != 0 )
-    {
-        if( ret == 1 )
-            return( 0 );
-
-        return( ret );
-    }
-
-    return( mpi_miller_rabin( &XX, rounds, f_rng, p_rng ) );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-/*
- * Pseudo-primality test, error probability 2^-80
- */
-int mbedtls_mpi_is_prime( const mbedtls_mpi *X,
-                  int (*f_rng)(void *, unsigned char *, size_t),
-                  void *p_rng )
-{
-    MPI_VALIDATE_RET( X     != NULL );
-    MPI_VALIDATE_RET( f_rng != NULL );
-
-    /*
-     * In the past our key generation aimed for an error rate of at most
-     * 2^-80. Since this function is deprecated, aim for the same certainty
-     * here as well.
-     */
-    return( mbedtls_mpi_is_prime_ext( X, 40, f_rng, p_rng ) );
-}
-#endif
-
-/*
- * Prime number generation
- *
- * To generate an RSA key in a way recommended by FIPS 186-4, both primes must
- * be either 1024 bits or 1536 bits long, and flags must contain
- * MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR.
- */
-int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags,
-                   int (*f_rng)(void *, unsigned char *, size_t),
-                   void *p_rng )
-{
-#ifdef MBEDTLS_HAVE_INT64
-// ceil(2^63.5)
-#define CEIL_MAXUINT_DIV_SQRT2 0xb504f333f9de6485ULL
-#else
-// ceil(2^31.5)
-#define CEIL_MAXUINT_DIV_SQRT2 0xb504f334U
-#endif
-    int ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
-    size_t k, n;
-    int rounds;
-    mbedtls_mpi_uint r;
-    mbedtls_mpi Y;
-
-    MPI_VALIDATE_RET( X     != NULL );
-    MPI_VALIDATE_RET( f_rng != NULL );
-
-    if( nbits < 3 || nbits > MBEDTLS_MPI_MAX_BITS )
-        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
-
-    mbedtls_mpi_init( &Y );
-
-    n = BITS_TO_LIMBS( nbits );
-
-    if( ( flags & MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR ) == 0 )
-    {
-        /*
-         * 2^-80 error probability, number of rounds chosen per HAC, table 4.4
-         */
-        rounds = ( ( nbits >= 1300 ) ?  2 : ( nbits >=  850 ) ?  3 :
-                   ( nbits >=  650 ) ?  4 : ( nbits >=  350 ) ?  8 :
-                   ( nbits >=  250 ) ? 12 : ( nbits >=  150 ) ? 18 : 27 );
-    }
-    else
-    {
-        /*
-         * 2^-100 error probability, number of rounds computed based on HAC,
-         * fact 4.48
-         */
-        rounds = ( ( nbits >= 1450 ) ?  4 : ( nbits >=  1150 ) ?  5 :
-                   ( nbits >= 1000 ) ?  6 : ( nbits >=   850 ) ?  7 :
-                   ( nbits >=  750 ) ?  8 : ( nbits >=   500 ) ? 13 :
-                   ( nbits >=  250 ) ? 28 : ( nbits >=   150 ) ? 40 : 51 );
-    }
-
-    while( 1 )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( X, n * ciL, f_rng, p_rng ) );
-        /* make sure generated number is at least (nbits-1)+0.5 bits (FIPS 186-4 §B.3.3 steps 4.4, 5.5) */
-        if( X->p[n-1] < CEIL_MAXUINT_DIV_SQRT2 ) continue;
-
-        k = n * biL;
-        if( k > nbits ) MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( X, k - nbits ) );
-        X->p[0] |= 1;
-
-        if( ( flags & MBEDTLS_MPI_GEN_PRIME_FLAG_DH ) == 0 )
-        {
-            ret = mbedtls_mpi_is_prime_ext( X, rounds, f_rng, p_rng );
-
-            if( ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE )
-                goto cleanup;
-        }
-        else
-        {
-            /*
-             * An necessary condition for Y and X = 2Y + 1 to be prime
-             * is X = 2 mod 3 (which is equivalent to Y = 2 mod 3).
-             * Make sure it is satisfied, while keeping X = 3 mod 4
-             */
-
-            X->p[0] |= 2;
-
-            MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, 3 ) );
-            if( r == 0 )
-                MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, X, 8 ) );
-            else if( r == 1 )
-                MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, X, 4 ) );
-
-            /* Set Y = (X-1) / 2, which is X / 2 because X is odd */
-            MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &Y, X ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &Y, 1 ) );
-
-            while( 1 )
-            {
-                /*
-                 * First, check small factors for X and Y
-                 * before doing Miller-Rabin on any of them
-                 */
-                if( ( ret = mpi_check_small_factors(  X         ) ) == 0 &&
-                    ( ret = mpi_check_small_factors( &Y         ) ) == 0 &&
-                    ( ret = mpi_miller_rabin(  X, rounds, f_rng, p_rng  ) )
-                                                                    == 0 &&
-                    ( ret = mpi_miller_rabin( &Y, rounds, f_rng, p_rng  ) )
-                                                                    == 0 )
-                    goto cleanup;
-
-                if( ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE )
-                    goto cleanup;
-
-                /*
-                 * Next candidates. We want to preserve Y = (X-1) / 2 and
-                 * Y = 1 mod 2 and Y = 2 mod 3 (eq X = 3 mod 4 and X = 2 mod 3)
-                 * so up Y by 6 and X by 12.
-                 */
-                MBEDTLS_MPI_CHK( mbedtls_mpi_add_int(  X,  X, 12 ) );
-                MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &Y, &Y, 6  ) );
-            }
-        }
-    }
-
-cleanup:
-
-    mbedtls_mpi_free( &Y );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_GENPRIME */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-#define GCD_PAIR_COUNT  3
-
-static const int gcd_pairs[GCD_PAIR_COUNT][3] =
-{
-    { 693, 609, 21 },
-    { 1764, 868, 28 },
-    { 768454923, 542167814, 1 }
-};
-
-/*
- * Checkup routine
- */
-int mbedtls_mpi_self_test( int verbose )
-{
-    int ret, i;
-    mbedtls_mpi A, E, N, X, Y, U, V;
-
-    mbedtls_mpi_init( &A ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &X );
-    mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &U ); mbedtls_mpi_init( &V );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &A, 16,
-        "EFE021C2645FD1DC586E69184AF4A31E" \
-        "D5F53E93B5F123FA41680867BA110131" \
-        "944FE7952E2517337780CB0DB80E61AA" \
-        "E7C8DDC6C5C6AADEB34EB38A2F40D5E6" ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &E, 16,
-        "B2E7EFD37075B9F03FF989C7C5051C20" \
-        "34D2A323810251127E7BF8625A4F49A5" \
-        "F3E27F4DA8BD59C47D6DAABA4C8127BD" \
-        "5B5C25763222FEFCCFC38B832366C29E" ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &N, 16,
-        "0066A198186C18C10B2F5ED9B522752A" \
-        "9830B69916E535C8F047518A889A43A5" \
-        "94B6BED27A168D31D4A52F88925AA8F5" ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &X, &A, &N ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &U, 16,
-        "602AB7ECA597A3D6B56FF9829A5E8B85" \
-        "9E857EA95A03512E2BAE7391688D264A" \
-        "A5663B0341DB9CCFD2C4C5F421FEC814" \
-        "8001B72E848A38CAE1C65F78E56ABDEF" \
-        "E12D3C039B8A02D6BE593F0BBBDA56F1" \
-        "ECF677152EF804370C1A305CAF3B5BF1" \
-        "30879B56C61DE584A0F53A2447A51E" ) );
-
-    if( verbose != 0 )
-        mbedtls_printf( "  MPI test #1 (mul_mpi): " );
-
-    if( mbedtls_mpi_cmp_mpi( &X, &U ) != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
-
-        ret = 1;
-        goto cleanup;
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( &X, &Y, &A, &N ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &U, 16,
-        "256567336059E52CAE22925474705F39A94" ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &V, 16,
-        "6613F26162223DF488E9CD48CC132C7A" \
-        "0AC93C701B001B092E4E5B9F73BCD27B" \
-        "9EE50D0657C77F374E903CDFA4C642" ) );
-
-    if( verbose != 0 )
-        mbedtls_printf( "  MPI test #2 (div_mpi): " );
-
-    if( mbedtls_mpi_cmp_mpi( &X, &U ) != 0 ||
-        mbedtls_mpi_cmp_mpi( &Y, &V ) != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
-
-        ret = 1;
-        goto cleanup;
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &X, &A, &E, &N, NULL ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &U, 16,
-        "36E139AEA55215609D2816998ED020BB" \
-        "BD96C37890F65171D948E9BC7CBAA4D9" \
-        "325D24D6A3C12710F10A09FA08AB87" ) );
-
-    if( verbose != 0 )
-        mbedtls_printf( "  MPI test #3 (exp_mod): " );
-
-    if( mbedtls_mpi_cmp_mpi( &X, &U ) != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
-
-        ret = 1;
-        goto cleanup;
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &X, &A, &N ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &U, 16,
-        "003A0AAEDD7E784FC07D8F9EC6E3BFD5" \
-        "C3DBA76456363A10869622EAC2DD84EC" \
-        "C5B8A74DAC4D09E03B5E0BE779F2DF61" ) );
-
-    if( verbose != 0 )
-        mbedtls_printf( "  MPI test #4 (inv_mod): " );
-
-    if( mbedtls_mpi_cmp_mpi( &X, &U ) != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
-
-        ret = 1;
-        goto cleanup;
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-
-    if( verbose != 0 )
-        mbedtls_printf( "  MPI test #5 (simple gcd): " );
-
-    for( i = 0; i < GCD_PAIR_COUNT; i++ )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &X, gcd_pairs[i][0] ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &Y, gcd_pairs[i][1] ) );
-
-        MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &A, &X, &Y ) );
-
-        if( mbedtls_mpi_cmp_int( &A, gcd_pairs[i][2] ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed at %d\n", i );
-
-            ret = 1;
-            goto cleanup;
-        }
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-
-cleanup:
-
-    if( ret != 0 && verbose != 0 )
-        mbedtls_printf( "Unexpected error, return code = %08X\n", (unsigned int) ret );
-
-    mbedtls_mpi_free( &A ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &N ); mbedtls_mpi_free( &X );
-    mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &U ); mbedtls_mpi_free( &V );
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_BIGNUM_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/blowfish.c b/3rdparty/mbedtls-2.25.0/library/blowfish.c
deleted file mode 100644
index 76da448..0000000
--- a/3rdparty/mbedtls-2.25.0/library/blowfish.c
+++ /dev/null
@@ -1,690 +0,0 @@
-/*
- *  Blowfish implementation
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  The Blowfish block cipher was designed by Bruce Schneier in 1993.
- *  http://www.schneier.com/blowfish.html
- *  http://en.wikipedia.org/wiki/Blowfish_%28cipher%29
- *
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_BLOWFISH_C)
-
-#include "mbedtls/blowfish.h"
-#include "mbedtls/platform_util.h"
-
-#include <string.h>
-
-#if !defined(MBEDTLS_BLOWFISH_ALT)
-
-/* Parameter validation macros */
-#define BLOWFISH_VALIDATE_RET( cond )                                       \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA )
-#define BLOWFISH_VALIDATE( cond )                                           \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-/*
- * 32-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i)                            \
-{                                                       \
-    (n) = ( (uint32_t) (b)[(i)    ] << 24 )             \
-        | ( (uint32_t) (b)[(i) + 1] << 16 )             \
-        | ( (uint32_t) (b)[(i) + 2] <<  8 )             \
-        | ( (uint32_t) (b)[(i) + 3]       );            \
-}
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i)                            \
-{                                                       \
-    (b)[(i)    ] = (unsigned char) ( (n) >> 24 );       \
-    (b)[(i) + 1] = (unsigned char) ( (n) >> 16 );       \
-    (b)[(i) + 2] = (unsigned char) ( (n) >>  8 );       \
-    (b)[(i) + 3] = (unsigned char) ( (n)       );       \
-}
-#endif
-
-static const uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2] = {
-        0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L,
-        0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L,
-        0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL,
-        0xC0AC29B7L, 0xC97C50DDL, 0x3F84D5B5L, 0xB5470917L,
-        0x9216D5D9L, 0x8979FB1BL
-};
-
-/* declarations of data at the end of this file */
-static const uint32_t S[4][256];
-
-static uint32_t F( mbedtls_blowfish_context *ctx, uint32_t x )
-{
-   unsigned short a, b, c, d;
-   uint32_t  y;
-
-   d = (unsigned short)(x & 0xFF);
-   x >>= 8;
-   c = (unsigned short)(x & 0xFF);
-   x >>= 8;
-   b = (unsigned short)(x & 0xFF);
-   x >>= 8;
-   a = (unsigned short)(x & 0xFF);
-   y = ctx->S[0][a] + ctx->S[1][b];
-   y = y ^ ctx->S[2][c];
-   y = y + ctx->S[3][d];
-
-   return( y );
-}
-
-static void blowfish_enc( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
-{
-    uint32_t  Xl, Xr, temp;
-    short i;
-
-    Xl = *xl;
-    Xr = *xr;
-
-    for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS; ++i )
-    {
-        Xl = Xl ^ ctx->P[i];
-        Xr = F( ctx, Xl ) ^ Xr;
-
-        temp = Xl;
-        Xl = Xr;
-        Xr = temp;
-    }
-
-    temp = Xl;
-    Xl = Xr;
-    Xr = temp;
-
-    Xr = Xr ^ ctx->P[MBEDTLS_BLOWFISH_ROUNDS];
-    Xl = Xl ^ ctx->P[MBEDTLS_BLOWFISH_ROUNDS + 1];
-
-    *xl = Xl;
-    *xr = Xr;
-}
-
-static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
-{
-    uint32_t  Xl, Xr, temp;
-    short i;
-
-    Xl = *xl;
-    Xr = *xr;
-
-    for( i = MBEDTLS_BLOWFISH_ROUNDS + 1; i > 1; --i )
-    {
-        Xl = Xl ^ ctx->P[i];
-        Xr = F( ctx, Xl ) ^ Xr;
-
-        temp = Xl;
-        Xl = Xr;
-        Xr = temp;
-    }
-
-    temp = Xl;
-    Xl = Xr;
-    Xr = temp;
-
-    Xr = Xr ^ ctx->P[1];
-    Xl = Xl ^ ctx->P[0];
-
-    *xl = Xl;
-    *xr = Xr;
-}
-
-void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx )
-{
-    BLOWFISH_VALIDATE( ctx != NULL );
-    memset( ctx, 0, sizeof( mbedtls_blowfish_context ) );
-}
-
-void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_blowfish_context ) );
-}
-
-/*
- * Blowfish key schedule
- */
-int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx,
-                             const unsigned char *key,
-                             unsigned int keybits )
-{
-    unsigned int i, j, k;
-    uint32_t data, datal, datar;
-    BLOWFISH_VALIDATE_RET( ctx != NULL );
-    BLOWFISH_VALIDATE_RET( key != NULL );
-
-    if( keybits < MBEDTLS_BLOWFISH_MIN_KEY_BITS    ||
-        keybits > MBEDTLS_BLOWFISH_MAX_KEY_BITS    ||
-        keybits % 8 != 0 )
-    {
-        return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA );
-    }
-
-    keybits >>= 3;
-
-    for( i = 0; i < 4; i++ )
-    {
-        for( j = 0; j < 256; j++ )
-            ctx->S[i][j] = S[i][j];
-    }
-
-    j = 0;
-    for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; ++i )
-    {
-        data = 0x00000000;
-        for( k = 0; k < 4; ++k )
-        {
-            data = ( data << 8 ) | key[j++];
-            if( j >= keybits )
-                j = 0;
-        }
-        ctx->P[i] = P[i] ^ data;
-    }
-
-    datal = 0x00000000;
-    datar = 0x00000000;
-
-    for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; i += 2 )
-    {
-        blowfish_enc( ctx, &datal, &datar );
-        ctx->P[i] = datal;
-        ctx->P[i + 1] = datar;
-    }
-
-    for( i = 0; i < 4; i++ )
-    {
-       for( j = 0; j < 256; j += 2 )
-       {
-            blowfish_enc( ctx, &datal, &datar );
-            ctx->S[i][j] = datal;
-            ctx->S[i][j + 1] = datar;
-        }
-    }
-    return( 0 );
-}
-
-/*
- * Blowfish-ECB block encryption/decryption
- */
-int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
-                    int mode,
-                    const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE],
-                    unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] )
-{
-    uint32_t X0, X1;
-    BLOWFISH_VALIDATE_RET( ctx != NULL );
-    BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT ||
-                           mode == MBEDTLS_BLOWFISH_DECRYPT );
-    BLOWFISH_VALIDATE_RET( input  != NULL );
-    BLOWFISH_VALIDATE_RET( output != NULL );
-
-    GET_UINT32_BE( X0, input,  0 );
-    GET_UINT32_BE( X1, input,  4 );
-
-    if( mode == MBEDTLS_BLOWFISH_DECRYPT )
-    {
-        blowfish_dec( ctx, &X0, &X1 );
-    }
-    else /* MBEDTLS_BLOWFISH_ENCRYPT */
-    {
-        blowfish_enc( ctx, &X0, &X1 );
-    }
-
-    PUT_UINT32_BE( X0, output,  0 );
-    PUT_UINT32_BE( X1, output,  4 );
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-/*
- * Blowfish-CBC buffer encryption/decryption
- */
-int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
-                    int mode,
-                    size_t length,
-                    unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
-                    const unsigned char *input,
-                    unsigned char *output )
-{
-    int i;
-    unsigned char temp[MBEDTLS_BLOWFISH_BLOCKSIZE];
-    BLOWFISH_VALIDATE_RET( ctx != NULL );
-    BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT ||
-                           mode == MBEDTLS_BLOWFISH_DECRYPT );
-    BLOWFISH_VALIDATE_RET( iv != NULL );
-    BLOWFISH_VALIDATE_RET( length == 0 || input  != NULL );
-    BLOWFISH_VALIDATE_RET( length == 0 || output != NULL );
-
-    if( length % MBEDTLS_BLOWFISH_BLOCKSIZE )
-        return( MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH );
-
-    if( mode == MBEDTLS_BLOWFISH_DECRYPT )
-    {
-        while( length > 0 )
-        {
-            memcpy( temp, input, MBEDTLS_BLOWFISH_BLOCKSIZE );
-            mbedtls_blowfish_crypt_ecb( ctx, mode, input, output );
-
-            for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE;i++ )
-                output[i] = (unsigned char)( output[i] ^ iv[i] );
-
-            memcpy( iv, temp, MBEDTLS_BLOWFISH_BLOCKSIZE );
-
-            input  += MBEDTLS_BLOWFISH_BLOCKSIZE;
-            output += MBEDTLS_BLOWFISH_BLOCKSIZE;
-            length -= MBEDTLS_BLOWFISH_BLOCKSIZE;
-        }
-    }
-    else
-    {
-        while( length > 0 )
-        {
-            for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE; i++ )
-                output[i] = (unsigned char)( input[i] ^ iv[i] );
-
-            mbedtls_blowfish_crypt_ecb( ctx, mode, output, output );
-            memcpy( iv, output, MBEDTLS_BLOWFISH_BLOCKSIZE );
-
-            input  += MBEDTLS_BLOWFISH_BLOCKSIZE;
-            output += MBEDTLS_BLOWFISH_BLOCKSIZE;
-            length -= MBEDTLS_BLOWFISH_BLOCKSIZE;
-        }
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-/*
- * Blowfish CFB buffer encryption/decryption
- */
-int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
-                       int mode,
-                       size_t length,
-                       size_t *iv_off,
-                       unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
-                       const unsigned char *input,
-                       unsigned char *output )
-{
-    int c;
-    size_t n;
-
-    BLOWFISH_VALIDATE_RET( ctx != NULL );
-    BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT ||
-                           mode == MBEDTLS_BLOWFISH_DECRYPT );
-    BLOWFISH_VALIDATE_RET( iv     != NULL );
-    BLOWFISH_VALIDATE_RET( iv_off != NULL );
-    BLOWFISH_VALIDATE_RET( length == 0 || input  != NULL );
-    BLOWFISH_VALIDATE_RET( length == 0 || output != NULL );
-
-    n = *iv_off;
-    if( n >= 8 )
-        return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA );
-
-    if( mode == MBEDTLS_BLOWFISH_DECRYPT )
-    {
-        while( length-- )
-        {
-            if( n == 0 )
-                mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv );
-
-            c = *input++;
-            *output++ = (unsigned char)( c ^ iv[n] );
-            iv[n] = (unsigned char) c;
-
-            n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
-        }
-    }
-    else
-    {
-        while( length-- )
-        {
-            if( n == 0 )
-                mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv );
-
-            iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
-
-            n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
-        }
-    }
-
-    *iv_off = n;
-
-    return( 0 );
-}
-#endif /*MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-/*
- * Blowfish CTR buffer encryption/decryption
- */
-int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx,
-                       size_t length,
-                       size_t *nc_off,
-                       unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE],
-                       unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE],
-                       const unsigned char *input,
-                       unsigned char *output )
-{
-    int c, i;
-    size_t n;
-    BLOWFISH_VALIDATE_RET( ctx != NULL );
-    BLOWFISH_VALIDATE_RET( nonce_counter != NULL );
-    BLOWFISH_VALIDATE_RET( stream_block  != NULL );
-    BLOWFISH_VALIDATE_RET( nc_off != NULL );
-    BLOWFISH_VALIDATE_RET( length == 0 || input  != NULL );
-    BLOWFISH_VALIDATE_RET( length == 0 || output != NULL );
-
-    n = *nc_off;
-    if( n >= 8 )
-        return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA );
-
-    while( length-- )
-    {
-        if( n == 0 ) {
-            mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, nonce_counter,
-                                stream_block );
-
-            for( i = MBEDTLS_BLOWFISH_BLOCKSIZE; i > 0; i-- )
-                if( ++nonce_counter[i - 1] != 0 )
-                    break;
-        }
-        c = *input++;
-        *output++ = (unsigned char)( c ^ stream_block[n] );
-
-        n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
-    }
-
-    *nc_off = n;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-static const uint32_t S[4][256] = {
-    {   0xD1310BA6L, 0x98DFB5ACL, 0x2FFD72DBL, 0xD01ADFB7L,
-        0xB8E1AFEDL, 0x6A267E96L, 0xBA7C9045L, 0xF12C7F99L,
-        0x24A19947L, 0xB3916CF7L, 0x0801F2E2L, 0x858EFC16L,
-        0x636920D8L, 0x71574E69L, 0xA458FEA3L, 0xF4933D7EL,
-        0x0D95748FL, 0x728EB658L, 0x718BCD58L, 0x82154AEEL,
-        0x7B54A41DL, 0xC25A59B5L, 0x9C30D539L, 0x2AF26013L,
-        0xC5D1B023L, 0x286085F0L, 0xCA417918L, 0xB8DB38EFL,
-        0x8E79DCB0L, 0x603A180EL, 0x6C9E0E8BL, 0xB01E8A3EL,
-        0xD71577C1L, 0xBD314B27L, 0x78AF2FDAL, 0x55605C60L,
-        0xE65525F3L, 0xAA55AB94L, 0x57489862L, 0x63E81440L,
-        0x55CA396AL, 0x2AAB10B6L, 0xB4CC5C34L, 0x1141E8CEL,
-        0xA15486AFL, 0x7C72E993L, 0xB3EE1411L, 0x636FBC2AL,
-        0x2BA9C55DL, 0x741831F6L, 0xCE5C3E16L, 0x9B87931EL,
-        0xAFD6BA33L, 0x6C24CF5CL, 0x7A325381L, 0x28958677L,
-        0x3B8F4898L, 0x6B4BB9AFL, 0xC4BFE81BL, 0x66282193L,
-        0x61D809CCL, 0xFB21A991L, 0x487CAC60L, 0x5DEC8032L,
-        0xEF845D5DL, 0xE98575B1L, 0xDC262302L, 0xEB651B88L,
-        0x23893E81L, 0xD396ACC5L, 0x0F6D6FF3L, 0x83F44239L,
-        0x2E0B4482L, 0xA4842004L, 0x69C8F04AL, 0x9E1F9B5EL,
-        0x21C66842L, 0xF6E96C9AL, 0x670C9C61L, 0xABD388F0L,
-        0x6A51A0D2L, 0xD8542F68L, 0x960FA728L, 0xAB5133A3L,
-        0x6EEF0B6CL, 0x137A3BE4L, 0xBA3BF050L, 0x7EFB2A98L,
-        0xA1F1651DL, 0x39AF0176L, 0x66CA593EL, 0x82430E88L,
-        0x8CEE8619L, 0x456F9FB4L, 0x7D84A5C3L, 0x3B8B5EBEL,
-        0xE06F75D8L, 0x85C12073L, 0x401A449FL, 0x56C16AA6L,
-        0x4ED3AA62L, 0x363F7706L, 0x1BFEDF72L, 0x429B023DL,
-        0x37D0D724L, 0xD00A1248L, 0xDB0FEAD3L, 0x49F1C09BL,
-        0x075372C9L, 0x80991B7BL, 0x25D479D8L, 0xF6E8DEF7L,
-        0xE3FE501AL, 0xB6794C3BL, 0x976CE0BDL, 0x04C006BAL,
-        0xC1A94FB6L, 0x409F60C4L, 0x5E5C9EC2L, 0x196A2463L,
-        0x68FB6FAFL, 0x3E6C53B5L, 0x1339B2EBL, 0x3B52EC6FL,
-        0x6DFC511FL, 0x9B30952CL, 0xCC814544L, 0xAF5EBD09L,
-        0xBEE3D004L, 0xDE334AFDL, 0x660F2807L, 0x192E4BB3L,
-        0xC0CBA857L, 0x45C8740FL, 0xD20B5F39L, 0xB9D3FBDBL,
-        0x5579C0BDL, 0x1A60320AL, 0xD6A100C6L, 0x402C7279L,
-        0x679F25FEL, 0xFB1FA3CCL, 0x8EA5E9F8L, 0xDB3222F8L,
-        0x3C7516DFL, 0xFD616B15L, 0x2F501EC8L, 0xAD0552ABL,
-        0x323DB5FAL, 0xFD238760L, 0x53317B48L, 0x3E00DF82L,
-        0x9E5C57BBL, 0xCA6F8CA0L, 0x1A87562EL, 0xDF1769DBL,
-        0xD542A8F6L, 0x287EFFC3L, 0xAC6732C6L, 0x8C4F5573L,
-        0x695B27B0L, 0xBBCA58C8L, 0xE1FFA35DL, 0xB8F011A0L,
-        0x10FA3D98L, 0xFD2183B8L, 0x4AFCB56CL, 0x2DD1D35BL,
-        0x9A53E479L, 0xB6F84565L, 0xD28E49BCL, 0x4BFB9790L,
-        0xE1DDF2DAL, 0xA4CB7E33L, 0x62FB1341L, 0xCEE4C6E8L,
-        0xEF20CADAL, 0x36774C01L, 0xD07E9EFEL, 0x2BF11FB4L,
-        0x95DBDA4DL, 0xAE909198L, 0xEAAD8E71L, 0x6B93D5A0L,
-        0xD08ED1D0L, 0xAFC725E0L, 0x8E3C5B2FL, 0x8E7594B7L,
-        0x8FF6E2FBL, 0xF2122B64L, 0x8888B812L, 0x900DF01CL,
-        0x4FAD5EA0L, 0x688FC31CL, 0xD1CFF191L, 0xB3A8C1ADL,
-        0x2F2F2218L, 0xBE0E1777L, 0xEA752DFEL, 0x8B021FA1L,
-        0xE5A0CC0FL, 0xB56F74E8L, 0x18ACF3D6L, 0xCE89E299L,
-        0xB4A84FE0L, 0xFD13E0B7L, 0x7CC43B81L, 0xD2ADA8D9L,
-        0x165FA266L, 0x80957705L, 0x93CC7314L, 0x211A1477L,
-        0xE6AD2065L, 0x77B5FA86L, 0xC75442F5L, 0xFB9D35CFL,
-        0xEBCDAF0CL, 0x7B3E89A0L, 0xD6411BD3L, 0xAE1E7E49L,
-        0x00250E2DL, 0x2071B35EL, 0x226800BBL, 0x57B8E0AFL,
-        0x2464369BL, 0xF009B91EL, 0x5563911DL, 0x59DFA6AAL,
-        0x78C14389L, 0xD95A537FL, 0x207D5BA2L, 0x02E5B9C5L,
-        0x83260376L, 0x6295CFA9L, 0x11C81968L, 0x4E734A41L,
-        0xB3472DCAL, 0x7B14A94AL, 0x1B510052L, 0x9A532915L,
-        0xD60F573FL, 0xBC9BC6E4L, 0x2B60A476L, 0x81E67400L,
-        0x08BA6FB5L, 0x571BE91FL, 0xF296EC6BL, 0x2A0DD915L,
-        0xB6636521L, 0xE7B9F9B6L, 0xFF34052EL, 0xC5855664L,
-        0x53B02D5DL, 0xA99F8FA1L, 0x08BA4799L, 0x6E85076AL   },
-    {   0x4B7A70E9L, 0xB5B32944L, 0xDB75092EL, 0xC4192623L,
-        0xAD6EA6B0L, 0x49A7DF7DL, 0x9CEE60B8L, 0x8FEDB266L,
-        0xECAA8C71L, 0x699A17FFL, 0x5664526CL, 0xC2B19EE1L,
-        0x193602A5L, 0x75094C29L, 0xA0591340L, 0xE4183A3EL,
-        0x3F54989AL, 0x5B429D65L, 0x6B8FE4D6L, 0x99F73FD6L,
-        0xA1D29C07L, 0xEFE830F5L, 0x4D2D38E6L, 0xF0255DC1L,
-        0x4CDD2086L, 0x8470EB26L, 0x6382E9C6L, 0x021ECC5EL,
-        0x09686B3FL, 0x3EBAEFC9L, 0x3C971814L, 0x6B6A70A1L,
-        0x687F3584L, 0x52A0E286L, 0xB79C5305L, 0xAA500737L,
-        0x3E07841CL, 0x7FDEAE5CL, 0x8E7D44ECL, 0x5716F2B8L,
-        0xB03ADA37L, 0xF0500C0DL, 0xF01C1F04L, 0x0200B3FFL,
-        0xAE0CF51AL, 0x3CB574B2L, 0x25837A58L, 0xDC0921BDL,
-        0xD19113F9L, 0x7CA92FF6L, 0x94324773L, 0x22F54701L,
-        0x3AE5E581L, 0x37C2DADCL, 0xC8B57634L, 0x9AF3DDA7L,
-        0xA9446146L, 0x0FD0030EL, 0xECC8C73EL, 0xA4751E41L,
-        0xE238CD99L, 0x3BEA0E2FL, 0x3280BBA1L, 0x183EB331L,
-        0x4E548B38L, 0x4F6DB908L, 0x6F420D03L, 0xF60A04BFL,
-        0x2CB81290L, 0x24977C79L, 0x5679B072L, 0xBCAF89AFL,
-        0xDE9A771FL, 0xD9930810L, 0xB38BAE12L, 0xDCCF3F2EL,
-        0x5512721FL, 0x2E6B7124L, 0x501ADDE6L, 0x9F84CD87L,
-        0x7A584718L, 0x7408DA17L, 0xBC9F9ABCL, 0xE94B7D8CL,
-        0xEC7AEC3AL, 0xDB851DFAL, 0x63094366L, 0xC464C3D2L,
-        0xEF1C1847L, 0x3215D908L, 0xDD433B37L, 0x24C2BA16L,
-        0x12A14D43L, 0x2A65C451L, 0x50940002L, 0x133AE4DDL,
-        0x71DFF89EL, 0x10314E55L, 0x81AC77D6L, 0x5F11199BL,
-        0x043556F1L, 0xD7A3C76BL, 0x3C11183BL, 0x5924A509L,
-        0xF28FE6EDL, 0x97F1FBFAL, 0x9EBABF2CL, 0x1E153C6EL,
-        0x86E34570L, 0xEAE96FB1L, 0x860E5E0AL, 0x5A3E2AB3L,
-        0x771FE71CL, 0x4E3D06FAL, 0x2965DCB9L, 0x99E71D0FL,
-        0x803E89D6L, 0x5266C825L, 0x2E4CC978L, 0x9C10B36AL,
-        0xC6150EBAL, 0x94E2EA78L, 0xA5FC3C53L, 0x1E0A2DF4L,
-        0xF2F74EA7L, 0x361D2B3DL, 0x1939260FL, 0x19C27960L,
-        0x5223A708L, 0xF71312B6L, 0xEBADFE6EL, 0xEAC31F66L,
-        0xE3BC4595L, 0xA67BC883L, 0xB17F37D1L, 0x018CFF28L,
-        0xC332DDEFL, 0xBE6C5AA5L, 0x65582185L, 0x68AB9802L,
-        0xEECEA50FL, 0xDB2F953BL, 0x2AEF7DADL, 0x5B6E2F84L,
-        0x1521B628L, 0x29076170L, 0xECDD4775L, 0x619F1510L,
-        0x13CCA830L, 0xEB61BD96L, 0x0334FE1EL, 0xAA0363CFL,
-        0xB5735C90L, 0x4C70A239L, 0xD59E9E0BL, 0xCBAADE14L,
-        0xEECC86BCL, 0x60622CA7L, 0x9CAB5CABL, 0xB2F3846EL,
-        0x648B1EAFL, 0x19BDF0CAL, 0xA02369B9L, 0x655ABB50L,
-        0x40685A32L, 0x3C2AB4B3L, 0x319EE9D5L, 0xC021B8F7L,
-        0x9B540B19L, 0x875FA099L, 0x95F7997EL, 0x623D7DA8L,
-        0xF837889AL, 0x97E32D77L, 0x11ED935FL, 0x16681281L,
-        0x0E358829L, 0xC7E61FD6L, 0x96DEDFA1L, 0x7858BA99L,
-        0x57F584A5L, 0x1B227263L, 0x9B83C3FFL, 0x1AC24696L,
-        0xCDB30AEBL, 0x532E3054L, 0x8FD948E4L, 0x6DBC3128L,
-        0x58EBF2EFL, 0x34C6FFEAL, 0xFE28ED61L, 0xEE7C3C73L,
-        0x5D4A14D9L, 0xE864B7E3L, 0x42105D14L, 0x203E13E0L,
-        0x45EEE2B6L, 0xA3AAABEAL, 0xDB6C4F15L, 0xFACB4FD0L,
-        0xC742F442L, 0xEF6ABBB5L, 0x654F3B1DL, 0x41CD2105L,
-        0xD81E799EL, 0x86854DC7L, 0xE44B476AL, 0x3D816250L,
-        0xCF62A1F2L, 0x5B8D2646L, 0xFC8883A0L, 0xC1C7B6A3L,
-        0x7F1524C3L, 0x69CB7492L, 0x47848A0BL, 0x5692B285L,
-        0x095BBF00L, 0xAD19489DL, 0x1462B174L, 0x23820E00L,
-        0x58428D2AL, 0x0C55F5EAL, 0x1DADF43EL, 0x233F7061L,
-        0x3372F092L, 0x8D937E41L, 0xD65FECF1L, 0x6C223BDBL,
-        0x7CDE3759L, 0xCBEE7460L, 0x4085F2A7L, 0xCE77326EL,
-        0xA6078084L, 0x19F8509EL, 0xE8EFD855L, 0x61D99735L,
-        0xA969A7AAL, 0xC50C06C2L, 0x5A04ABFCL, 0x800BCADCL,
-        0x9E447A2EL, 0xC3453484L, 0xFDD56705L, 0x0E1E9EC9L,
-        0xDB73DBD3L, 0x105588CDL, 0x675FDA79L, 0xE3674340L,
-        0xC5C43465L, 0x713E38D8L, 0x3D28F89EL, 0xF16DFF20L,
-        0x153E21E7L, 0x8FB03D4AL, 0xE6E39F2BL, 0xDB83ADF7L   },
-    {   0xE93D5A68L, 0x948140F7L, 0xF64C261CL, 0x94692934L,
-        0x411520F7L, 0x7602D4F7L, 0xBCF46B2EL, 0xD4A20068L,
-        0xD4082471L, 0x3320F46AL, 0x43B7D4B7L, 0x500061AFL,
-        0x1E39F62EL, 0x97244546L, 0x14214F74L, 0xBF8B8840L,
-        0x4D95FC1DL, 0x96B591AFL, 0x70F4DDD3L, 0x66A02F45L,
-        0xBFBC09ECL, 0x03BD9785L, 0x7FAC6DD0L, 0x31CB8504L,
-        0x96EB27B3L, 0x55FD3941L, 0xDA2547E6L, 0xABCA0A9AL,
-        0x28507825L, 0x530429F4L, 0x0A2C86DAL, 0xE9B66DFBL,
-        0x68DC1462L, 0xD7486900L, 0x680EC0A4L, 0x27A18DEEL,
-        0x4F3FFEA2L, 0xE887AD8CL, 0xB58CE006L, 0x7AF4D6B6L,
-        0xAACE1E7CL, 0xD3375FECL, 0xCE78A399L, 0x406B2A42L,
-        0x20FE9E35L, 0xD9F385B9L, 0xEE39D7ABL, 0x3B124E8BL,
-        0x1DC9FAF7L, 0x4B6D1856L, 0x26A36631L, 0xEAE397B2L,
-        0x3A6EFA74L, 0xDD5B4332L, 0x6841E7F7L, 0xCA7820FBL,
-        0xFB0AF54EL, 0xD8FEB397L, 0x454056ACL, 0xBA489527L,
-        0x55533A3AL, 0x20838D87L, 0xFE6BA9B7L, 0xD096954BL,
-        0x55A867BCL, 0xA1159A58L, 0xCCA92963L, 0x99E1DB33L,
-        0xA62A4A56L, 0x3F3125F9L, 0x5EF47E1CL, 0x9029317CL,
-        0xFDF8E802L, 0x04272F70L, 0x80BB155CL, 0x05282CE3L,
-        0x95C11548L, 0xE4C66D22L, 0x48C1133FL, 0xC70F86DCL,
-        0x07F9C9EEL, 0x41041F0FL, 0x404779A4L, 0x5D886E17L,
-        0x325F51EBL, 0xD59BC0D1L, 0xF2BCC18FL, 0x41113564L,
-        0x257B7834L, 0x602A9C60L, 0xDFF8E8A3L, 0x1F636C1BL,
-        0x0E12B4C2L, 0x02E1329EL, 0xAF664FD1L, 0xCAD18115L,
-        0x6B2395E0L, 0x333E92E1L, 0x3B240B62L, 0xEEBEB922L,
-        0x85B2A20EL, 0xE6BA0D99L, 0xDE720C8CL, 0x2DA2F728L,
-        0xD0127845L, 0x95B794FDL, 0x647D0862L, 0xE7CCF5F0L,
-        0x5449A36FL, 0x877D48FAL, 0xC39DFD27L, 0xF33E8D1EL,
-        0x0A476341L, 0x992EFF74L, 0x3A6F6EABL, 0xF4F8FD37L,
-        0xA812DC60L, 0xA1EBDDF8L, 0x991BE14CL, 0xDB6E6B0DL,
-        0xC67B5510L, 0x6D672C37L, 0x2765D43BL, 0xDCD0E804L,
-        0xF1290DC7L, 0xCC00FFA3L, 0xB5390F92L, 0x690FED0BL,
-        0x667B9FFBL, 0xCEDB7D9CL, 0xA091CF0BL, 0xD9155EA3L,
-        0xBB132F88L, 0x515BAD24L, 0x7B9479BFL, 0x763BD6EBL,
-        0x37392EB3L, 0xCC115979L, 0x8026E297L, 0xF42E312DL,
-        0x6842ADA7L, 0xC66A2B3BL, 0x12754CCCL, 0x782EF11CL,
-        0x6A124237L, 0xB79251E7L, 0x06A1BBE6L, 0x4BFB6350L,
-        0x1A6B1018L, 0x11CAEDFAL, 0x3D25BDD8L, 0xE2E1C3C9L,
-        0x44421659L, 0x0A121386L, 0xD90CEC6EL, 0xD5ABEA2AL,
-        0x64AF674EL, 0xDA86A85FL, 0xBEBFE988L, 0x64E4C3FEL,
-        0x9DBC8057L, 0xF0F7C086L, 0x60787BF8L, 0x6003604DL,
-        0xD1FD8346L, 0xF6381FB0L, 0x7745AE04L, 0xD736FCCCL,
-        0x83426B33L, 0xF01EAB71L, 0xB0804187L, 0x3C005E5FL,
-        0x77A057BEL, 0xBDE8AE24L, 0x55464299L, 0xBF582E61L,
-        0x4E58F48FL, 0xF2DDFDA2L, 0xF474EF38L, 0x8789BDC2L,
-        0x5366F9C3L, 0xC8B38E74L, 0xB475F255L, 0x46FCD9B9L,
-        0x7AEB2661L, 0x8B1DDF84L, 0x846A0E79L, 0x915F95E2L,
-        0x466E598EL, 0x20B45770L, 0x8CD55591L, 0xC902DE4CL,
-        0xB90BACE1L, 0xBB8205D0L, 0x11A86248L, 0x7574A99EL,
-        0xB77F19B6L, 0xE0A9DC09L, 0x662D09A1L, 0xC4324633L,
-        0xE85A1F02L, 0x09F0BE8CL, 0x4A99A025L, 0x1D6EFE10L,
-        0x1AB93D1DL, 0x0BA5A4DFL, 0xA186F20FL, 0x2868F169L,
-        0xDCB7DA83L, 0x573906FEL, 0xA1E2CE9BL, 0x4FCD7F52L,
-        0x50115E01L, 0xA70683FAL, 0xA002B5C4L, 0x0DE6D027L,
-        0x9AF88C27L, 0x773F8641L, 0xC3604C06L, 0x61A806B5L,
-        0xF0177A28L, 0xC0F586E0L, 0x006058AAL, 0x30DC7D62L,
-        0x11E69ED7L, 0x2338EA63L, 0x53C2DD94L, 0xC2C21634L,
-        0xBBCBEE56L, 0x90BCB6DEL, 0xEBFC7DA1L, 0xCE591D76L,
-        0x6F05E409L, 0x4B7C0188L, 0x39720A3DL, 0x7C927C24L,
-        0x86E3725FL, 0x724D9DB9L, 0x1AC15BB4L, 0xD39EB8FCL,
-        0xED545578L, 0x08FCA5B5L, 0xD83D7CD3L, 0x4DAD0FC4L,
-        0x1E50EF5EL, 0xB161E6F8L, 0xA28514D9L, 0x6C51133CL,
-        0x6FD5C7E7L, 0x56E14EC4L, 0x362ABFCEL, 0xDDC6C837L,
-        0xD79A3234L, 0x92638212L, 0x670EFA8EL, 0x406000E0L  },
-    {   0x3A39CE37L, 0xD3FAF5CFL, 0xABC27737L, 0x5AC52D1BL,
-        0x5CB0679EL, 0x4FA33742L, 0xD3822740L, 0x99BC9BBEL,
-        0xD5118E9DL, 0xBF0F7315L, 0xD62D1C7EL, 0xC700C47BL,
-        0xB78C1B6BL, 0x21A19045L, 0xB26EB1BEL, 0x6A366EB4L,
-        0x5748AB2FL, 0xBC946E79L, 0xC6A376D2L, 0x6549C2C8L,
-        0x530FF8EEL, 0x468DDE7DL, 0xD5730A1DL, 0x4CD04DC6L,
-        0x2939BBDBL, 0xA9BA4650L, 0xAC9526E8L, 0xBE5EE304L,
-        0xA1FAD5F0L, 0x6A2D519AL, 0x63EF8CE2L, 0x9A86EE22L,
-        0xC089C2B8L, 0x43242EF6L, 0xA51E03AAL, 0x9CF2D0A4L,
-        0x83C061BAL, 0x9BE96A4DL, 0x8FE51550L, 0xBA645BD6L,
-        0x2826A2F9L, 0xA73A3AE1L, 0x4BA99586L, 0xEF5562E9L,
-        0xC72FEFD3L, 0xF752F7DAL, 0x3F046F69L, 0x77FA0A59L,
-        0x80E4A915L, 0x87B08601L, 0x9B09E6ADL, 0x3B3EE593L,
-        0xE990FD5AL, 0x9E34D797L, 0x2CF0B7D9L, 0x022B8B51L,
-        0x96D5AC3AL, 0x017DA67DL, 0xD1CF3ED6L, 0x7C7D2D28L,
-        0x1F9F25CFL, 0xADF2B89BL, 0x5AD6B472L, 0x5A88F54CL,
-        0xE029AC71L, 0xE019A5E6L, 0x47B0ACFDL, 0xED93FA9BL,
-        0xE8D3C48DL, 0x283B57CCL, 0xF8D56629L, 0x79132E28L,
-        0x785F0191L, 0xED756055L, 0xF7960E44L, 0xE3D35E8CL,
-        0x15056DD4L, 0x88F46DBAL, 0x03A16125L, 0x0564F0BDL,
-        0xC3EB9E15L, 0x3C9057A2L, 0x97271AECL, 0xA93A072AL,
-        0x1B3F6D9BL, 0x1E6321F5L, 0xF59C66FBL, 0x26DCF319L,
-        0x7533D928L, 0xB155FDF5L, 0x03563482L, 0x8ABA3CBBL,
-        0x28517711L, 0xC20AD9F8L, 0xABCC5167L, 0xCCAD925FL,
-        0x4DE81751L, 0x3830DC8EL, 0x379D5862L, 0x9320F991L,
-        0xEA7A90C2L, 0xFB3E7BCEL, 0x5121CE64L, 0x774FBE32L,
-        0xA8B6E37EL, 0xC3293D46L, 0x48DE5369L, 0x6413E680L,
-        0xA2AE0810L, 0xDD6DB224L, 0x69852DFDL, 0x09072166L,
-        0xB39A460AL, 0x6445C0DDL, 0x586CDECFL, 0x1C20C8AEL,
-        0x5BBEF7DDL, 0x1B588D40L, 0xCCD2017FL, 0x6BB4E3BBL,
-        0xDDA26A7EL, 0x3A59FF45L, 0x3E350A44L, 0xBCB4CDD5L,
-        0x72EACEA8L, 0xFA6484BBL, 0x8D6612AEL, 0xBF3C6F47L,
-        0xD29BE463L, 0x542F5D9EL, 0xAEC2771BL, 0xF64E6370L,
-        0x740E0D8DL, 0xE75B1357L, 0xF8721671L, 0xAF537D5DL,
-        0x4040CB08L, 0x4EB4E2CCL, 0x34D2466AL, 0x0115AF84L,
-        0xE1B00428L, 0x95983A1DL, 0x06B89FB4L, 0xCE6EA048L,
-        0x6F3F3B82L, 0x3520AB82L, 0x011A1D4BL, 0x277227F8L,
-        0x611560B1L, 0xE7933FDCL, 0xBB3A792BL, 0x344525BDL,
-        0xA08839E1L, 0x51CE794BL, 0x2F32C9B7L, 0xA01FBAC9L,
-        0xE01CC87EL, 0xBCC7D1F6L, 0xCF0111C3L, 0xA1E8AAC7L,
-        0x1A908749L, 0xD44FBD9AL, 0xD0DADECBL, 0xD50ADA38L,
-        0x0339C32AL, 0xC6913667L, 0x8DF9317CL, 0xE0B12B4FL,
-        0xF79E59B7L, 0x43F5BB3AL, 0xF2D519FFL, 0x27D9459CL,
-        0xBF97222CL, 0x15E6FC2AL, 0x0F91FC71L, 0x9B941525L,
-        0xFAE59361L, 0xCEB69CEBL, 0xC2A86459L, 0x12BAA8D1L,
-        0xB6C1075EL, 0xE3056A0CL, 0x10D25065L, 0xCB03A442L,
-        0xE0EC6E0EL, 0x1698DB3BL, 0x4C98A0BEL, 0x3278E964L,
-        0x9F1F9532L, 0xE0D392DFL, 0xD3A0342BL, 0x8971F21EL,
-        0x1B0A7441L, 0x4BA3348CL, 0xC5BE7120L, 0xC37632D8L,
-        0xDF359F8DL, 0x9B992F2EL, 0xE60B6F47L, 0x0FE3F11DL,
-        0xE54CDA54L, 0x1EDAD891L, 0xCE6279CFL, 0xCD3E7E6FL,
-        0x1618B166L, 0xFD2C1D05L, 0x848FD2C5L, 0xF6FB2299L,
-        0xF523F357L, 0xA6327623L, 0x93A83531L, 0x56CCCD02L,
-        0xACF08162L, 0x5A75EBB5L, 0x6E163697L, 0x88D273CCL,
-        0xDE966292L, 0x81B949D0L, 0x4C50901BL, 0x71C65614L,
-        0xE6C6C7BDL, 0x327A140AL, 0x45E1D006L, 0xC3F27B9AL,
-        0xC9AA53FDL, 0x62A80F00L, 0xBB25BFE2L, 0x35BDD2F6L,
-        0x71126905L, 0xB2040222L, 0xB6CBCF7CL, 0xCD769C2BL,
-        0x53113EC0L, 0x1640E3D3L, 0x38ABBD60L, 0x2547ADF0L,
-        0xBA38209CL, 0xF746CE76L, 0x77AFA1C5L, 0x20756060L,
-        0x85CBFE4EL, 0x8AE88DD8L, 0x7AAAF9B0L, 0x4CF9AA7EL,
-        0x1948C25CL, 0x02FB8A8CL, 0x01C36AE4L, 0xD6EBE1F9L,
-        0x90D4F869L, 0xA65CDEA0L, 0x3F09252DL, 0xC208E69FL,
-        0xB74E6132L, 0xCE77E25BL, 0x578FDFE3L, 0x3AC372E6L  }
-};
-
-#endif /* !MBEDTLS_BLOWFISH_ALT */
-#endif /* MBEDTLS_BLOWFISH_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/camellia.c b/3rdparty/mbedtls-2.25.0/library/camellia.c
deleted file mode 100644
index d60f931..0000000
--- a/3rdparty/mbedtls-2.25.0/library/camellia.c
+++ /dev/null
@@ -1,1108 +0,0 @@
-/*
- *  Camellia implementation
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  The Camellia block cipher was designed by NTT and Mitsubishi Electric
- *  Corporation.
- *
- *  http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/01espec.pdf
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_CAMELLIA_C)
-
-#include "mbedtls/camellia.h"
-#include "mbedtls/platform_util.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_CAMELLIA_ALT)
-
-/* Parameter validation macros */
-#define CAMELLIA_VALIDATE_RET( cond )                                       \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA )
-#define CAMELLIA_VALIDATE( cond )                                           \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-/*
- * 32-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i)                            \
-{                                                       \
-    (n) = ( (uint32_t) (b)[(i)    ] << 24 )             \
-        | ( (uint32_t) (b)[(i) + 1] << 16 )             \
-        | ( (uint32_t) (b)[(i) + 2] <<  8 )             \
-        | ( (uint32_t) (b)[(i) + 3]       );            \
-}
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i)                            \
-{                                                       \
-    (b)[(i)    ] = (unsigned char) ( (n) >> 24 );       \
-    (b)[(i) + 1] = (unsigned char) ( (n) >> 16 );       \
-    (b)[(i) + 2] = (unsigned char) ( (n) >>  8 );       \
-    (b)[(i) + 3] = (unsigned char) ( (n)       );       \
-}
-#endif
-
-static const unsigned char SIGMA_CHARS[6][8] =
-{
-    { 0xa0, 0x9e, 0x66, 0x7f, 0x3b, 0xcc, 0x90, 0x8b },
-    { 0xb6, 0x7a, 0xe8, 0x58, 0x4c, 0xaa, 0x73, 0xb2 },
-    { 0xc6, 0xef, 0x37, 0x2f, 0xe9, 0x4f, 0x82, 0xbe },
-    { 0x54, 0xff, 0x53, 0xa5, 0xf1, 0xd3, 0x6f, 0x1c },
-    { 0x10, 0xe5, 0x27, 0xfa, 0xde, 0x68, 0x2d, 0x1d },
-    { 0xb0, 0x56, 0x88, 0xc2, 0xb3, 0xe6, 0xc1, 0xfd }
-};
-
-#if defined(MBEDTLS_CAMELLIA_SMALL_MEMORY)
-
-static const unsigned char FSb[256] =
-{
-    112,130, 44,236,179, 39,192,229,228,133, 87, 53,234, 12,174, 65,
-     35,239,107,147, 69, 25,165, 33,237, 14, 79, 78, 29,101,146,189,
-    134,184,175,143,124,235, 31,206, 62, 48,220, 95, 94,197, 11, 26,
-    166,225, 57,202,213, 71, 93, 61,217,  1, 90,214, 81, 86,108, 77,
-    139, 13,154,102,251,204,176, 45,116, 18, 43, 32,240,177,132,153,
-    223, 76,203,194, 52,126,118,  5,109,183,169, 49,209, 23,  4,215,
-     20, 88, 58, 97,222, 27, 17, 28, 50, 15,156, 22, 83, 24,242, 34,
-    254, 68,207,178,195,181,122,145, 36,  8,232,168, 96,252,105, 80,
-    170,208,160,125,161,137, 98,151, 84, 91, 30,149,224,255,100,210,
-     16,196,  0, 72,163,247,117,219,138,  3,230,218,  9, 63,221,148,
-    135, 92,131,  2,205, 74,144, 51,115,103,246,243,157,127,191,226,
-     82,155,216, 38,200, 55,198, 59,129,150,111, 75, 19,190, 99, 46,
-    233,121,167,140,159,110,188,142, 41,245,249,182, 47,253,180, 89,
-    120,152,  6,106,231, 70,113,186,212, 37,171, 66,136,162,141,250,
-    114,  7,185, 85,248,238,172, 10, 54, 73, 42,104, 60, 56,241,164,
-     64, 40,211,123,187,201, 67,193, 21,227,173,244,119,199,128,158
-};
-
-#define SBOX1(n) FSb[(n)]
-#define SBOX2(n) (unsigned char)((FSb[(n)] >> 7 ^ FSb[(n)] << 1) & 0xff)
-#define SBOX3(n) (unsigned char)((FSb[(n)] >> 1 ^ FSb[(n)] << 7) & 0xff)
-#define SBOX4(n) FSb[((n) << 1 ^ (n) >> 7) &0xff]
-
-#else /* MBEDTLS_CAMELLIA_SMALL_MEMORY */
-
-static const unsigned char FSb[256] =
-{
- 112, 130,  44, 236, 179,  39, 192, 229, 228, 133,  87,  53, 234,  12, 174,  65,
-  35, 239, 107, 147,  69,  25, 165,  33, 237,  14,  79,  78,  29, 101, 146, 189,
- 134, 184, 175, 143, 124, 235,  31, 206,  62,  48, 220,  95,  94, 197,  11,  26,
- 166, 225,  57, 202, 213,  71,  93,  61, 217,   1,  90, 214,  81,  86, 108,  77,
- 139,  13, 154, 102, 251, 204, 176,  45, 116,  18,  43,  32, 240, 177, 132, 153,
- 223,  76, 203, 194,  52, 126, 118,   5, 109, 183, 169,  49, 209,  23,   4, 215,
-  20,  88,  58,  97, 222,  27,  17,  28,  50,  15, 156,  22,  83,  24, 242,  34,
- 254,  68, 207, 178, 195, 181, 122, 145,  36,   8, 232, 168,  96, 252, 105,  80,
- 170, 208, 160, 125, 161, 137,  98, 151,  84,  91,  30, 149, 224, 255, 100, 210,
-  16, 196,   0,  72, 163, 247, 117, 219, 138,   3, 230, 218,   9,  63, 221, 148,
- 135,  92, 131,   2, 205,  74, 144,  51, 115, 103, 246, 243, 157, 127, 191, 226,
-  82, 155, 216,  38, 200,  55, 198,  59, 129, 150, 111,  75,  19, 190,  99,  46,
- 233, 121, 167, 140, 159, 110, 188, 142,  41, 245, 249, 182,  47, 253, 180,  89,
- 120, 152,   6, 106, 231,  70, 113, 186, 212,  37, 171,  66, 136, 162, 141, 250,
- 114,   7, 185,  85, 248, 238, 172,  10,  54,  73,  42, 104,  60,  56, 241, 164,
- 64,  40, 211, 123, 187, 201,  67, 193,  21, 227, 173, 244, 119, 199, 128, 158
-};
-
-static const unsigned char FSb2[256] =
-{
- 224,   5,  88, 217, 103,  78, 129, 203, 201,  11, 174, 106, 213,  24,  93, 130,
-  70, 223, 214,  39, 138,  50,  75,  66, 219,  28, 158, 156,  58, 202,  37, 123,
-  13, 113,  95,  31, 248, 215,  62, 157, 124,  96, 185, 190, 188, 139,  22,  52,
-  77, 195, 114, 149, 171, 142, 186, 122, 179,   2, 180, 173, 162, 172, 216, 154,
-  23,  26,  53, 204, 247, 153,  97,  90, 232,  36,  86,  64, 225,  99,   9,  51,
- 191, 152, 151, 133, 104, 252, 236,  10, 218, 111,  83,  98, 163,  46,   8, 175,
-  40, 176, 116, 194, 189,  54,  34,  56, 100,  30,  57,  44, 166,  48, 229,  68,
- 253, 136, 159, 101, 135, 107, 244,  35,  72,  16, 209,  81, 192, 249, 210, 160,
-  85, 161,  65, 250,  67,  19, 196,  47, 168, 182,  60,  43, 193, 255, 200, 165,
-  32, 137,   0, 144,  71, 239, 234, 183,  21,   6, 205, 181,  18, 126, 187,  41,
-  15, 184,   7,   4, 155, 148,  33, 102, 230, 206, 237, 231,  59, 254, 127, 197,
- 164,  55, 177,  76, 145, 110, 141, 118,   3,  45, 222, 150,  38, 125, 198,  92,
- 211, 242,  79,  25,  63, 220, 121,  29,  82, 235, 243, 109,  94, 251, 105, 178,
- 240,  49,  12, 212, 207, 140, 226, 117, 169,  74,  87, 132,  17,  69,  27, 245,
- 228,  14, 115, 170, 241, 221,  89,  20, 108, 146,  84, 208, 120, 112, 227,  73,
- 128,  80, 167, 246, 119, 147, 134, 131,  42, 199,  91, 233, 238, 143,   1,  61
-};
-
-static const unsigned char FSb3[256] =
-{
-  56,  65,  22, 118, 217, 147,  96, 242, 114, 194, 171, 154, 117,   6,  87, 160,
- 145, 247, 181, 201, 162, 140, 210, 144, 246,   7, 167,  39, 142, 178,  73, 222,
-  67,  92, 215, 199,  62, 245, 143, 103,  31,  24, 110, 175,  47, 226, 133,  13,
-  83, 240, 156, 101, 234, 163, 174, 158, 236, 128,  45, 107, 168,  43,  54, 166,
- 197, 134,  77,  51, 253, 102,  88, 150,  58,   9, 149,  16, 120, 216,  66, 204,
- 239,  38, 229,  97,  26,  63,  59, 130, 182, 219, 212, 152, 232, 139,   2, 235,
-  10,  44,  29, 176, 111, 141, 136,  14,  25, 135,  78,  11, 169,  12, 121,  17,
- 127,  34, 231,  89, 225, 218,  61, 200,  18,   4, 116,  84,  48, 126, 180,  40,
-  85, 104,  80, 190, 208, 196,  49, 203,  42, 173,  15, 202, 112, 255,  50, 105,
-   8,  98,   0,  36, 209, 251, 186, 237,  69, 129, 115, 109, 132, 159, 238,  74,
- 195,  46, 193,   1, 230,  37,  72, 153, 185, 179, 123, 249, 206, 191, 223, 113,
-  41, 205, 108,  19, 100, 155,  99, 157, 192,  75, 183, 165, 137,  95, 177,  23,
- 244, 188, 211,  70, 207,  55,  94,  71, 148, 250, 252,  91, 151, 254,  90, 172,
-  60,  76,   3,  53, 243,  35, 184,  93, 106, 146, 213,  33,  68,  81, 198, 125,
-  57, 131, 220, 170, 124, 119,  86,   5,  27, 164,  21,  52,  30,  28, 248,  82,
-  32,  20, 233, 189, 221, 228, 161, 224, 138, 241, 214, 122, 187, 227,  64,  79
-};
-
-static const unsigned char FSb4[256] =
-{
- 112,  44, 179, 192, 228,  87, 234, 174,  35, 107,  69, 165, 237,  79,  29, 146,
- 134, 175, 124,  31,  62, 220,  94,  11, 166,  57, 213,  93, 217,  90,  81, 108,
- 139, 154, 251, 176, 116,  43, 240, 132, 223, 203,  52, 118, 109, 169, 209,   4,
-  20,  58, 222,  17,  50, 156,  83, 242, 254, 207, 195, 122,  36, 232,  96, 105,
- 170, 160, 161,  98,  84,  30, 224, 100,  16,   0, 163, 117, 138, 230,   9, 221,
- 135, 131, 205, 144, 115, 246, 157, 191,  82, 216, 200, 198, 129, 111,  19,  99,
- 233, 167, 159, 188,  41, 249,  47, 180, 120,   6, 231, 113, 212, 171, 136, 141,
- 114, 185, 248, 172,  54,  42,  60, 241,  64, 211, 187,  67,  21, 173, 119, 128,
- 130, 236,  39, 229, 133,  53,  12,  65, 239, 147,  25,  33,  14,  78, 101, 189,
- 184, 143, 235, 206,  48,  95, 197,  26, 225, 202,  71,  61,   1, 214,  86,  77,
-  13, 102, 204,  45,  18,  32, 177, 153,  76, 194, 126,   5, 183,  49,  23, 215,
-  88,  97,  27,  28,  15,  22,  24,  34,  68, 178, 181, 145,   8, 168, 252,  80,
- 208, 125, 137, 151,  91, 149, 255, 210, 196,  72, 247, 219,   3, 218,  63, 148,
-  92,   2,  74,  51, 103, 243, 127, 226, 155,  38,  55,  59, 150,  75, 190,  46,
- 121, 140, 110, 142, 245, 182, 253,  89, 152, 106,  70, 186,  37,  66, 162, 250,
-  7,  85, 238,  10,  73, 104,  56, 164,  40, 123, 201, 193, 227, 244, 199, 158
-};
-
-#define SBOX1(n) FSb[(n)]
-#define SBOX2(n) FSb2[(n)]
-#define SBOX3(n) FSb3[(n)]
-#define SBOX4(n) FSb4[(n)]
-
-#endif /* MBEDTLS_CAMELLIA_SMALL_MEMORY */
-
-static const unsigned char shifts[2][4][4] =
-{
-    {
-        { 1, 1, 1, 1 }, /* KL */
-        { 0, 0, 0, 0 }, /* KR */
-        { 1, 1, 1, 1 }, /* KA */
-        { 0, 0, 0, 0 }  /* KB */
-    },
-    {
-        { 1, 0, 1, 1 }, /* KL */
-        { 1, 1, 0, 1 }, /* KR */
-        { 1, 1, 1, 0 }, /* KA */
-        { 1, 1, 0, 1 }  /* KB */
-    }
-};
-
-static const signed char indexes[2][4][20] =
-{
-    {
-        {  0,  1,  2,  3,  8,  9, 10, 11, 38, 39,
-          36, 37, 23, 20, 21, 22, 27, -1, -1, 26 }, /* KL -> RK */
-        { -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-          -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 }, /* KR -> RK */
-        {  4,  5,  6,  7, 12, 13, 14, 15, 16, 17,
-          18, 19, -1, 24, 25, -1, 31, 28, 29, 30 }, /* KA -> RK */
-        { -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-          -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 }  /* KB -> RK */
-    },
-    {
-        {  0,  1,  2,  3, 61, 62, 63, 60, -1, -1,
-          -1, -1, 27, 24, 25, 26, 35, 32, 33, 34 }, /* KL -> RK */
-        { -1, -1, -1, -1,  8,  9, 10, 11, 16, 17,
-          18, 19, -1, -1, -1, -1, 39, 36, 37, 38 }, /* KR -> RK */
-        { -1, -1, -1, -1, 12, 13, 14, 15, 58, 59,
-          56, 57, 31, 28, 29, 30, -1, -1, -1, -1 }, /* KA -> RK */
-        {  4,  5,  6,  7, 65, 66, 67, 64, 20, 21,
-          22, 23, -1, -1, -1, -1, 43, 40, 41, 42 }  /* KB -> RK */
-    }
-};
-
-static const signed char transposes[2][20] =
-{
-    {
-        21, 22, 23, 20,
-        -1, -1, -1, -1,
-        18, 19, 16, 17,
-        11,  8,  9, 10,
-        15, 12, 13, 14
-    },
-    {
-        25, 26, 27, 24,
-        29, 30, 31, 28,
-        18, 19, 16, 17,
-        -1, -1, -1, -1,
-        -1, -1, -1, -1
-    }
-};
-
-/* Shift macro for 128 bit strings with rotation smaller than 32 bits (!) */
-#define ROTL(DEST, SRC, SHIFT)                                      \
-{                                                                   \
-    (DEST)[0] = (SRC)[0] << (SHIFT) ^ (SRC)[1] >> (32 - (SHIFT));   \
-    (DEST)[1] = (SRC)[1] << (SHIFT) ^ (SRC)[2] >> (32 - (SHIFT));   \
-    (DEST)[2] = (SRC)[2] << (SHIFT) ^ (SRC)[3] >> (32 - (SHIFT));   \
-    (DEST)[3] = (SRC)[3] << (SHIFT) ^ (SRC)[0] >> (32 - (SHIFT));   \
-}
-
-#define FL(XL, XR, KL, KR)                                          \
-{                                                                   \
-    (XR) = ((((XL) & (KL)) << 1) | (((XL) & (KL)) >> 31)) ^ (XR);   \
-    (XL) = ((XR) | (KR)) ^ (XL);                                    \
-}
-
-#define FLInv(YL, YR, KL, KR)                                       \
-{                                                                   \
-    (YL) = ((YR) | (KR)) ^ (YL);                                    \
-    (YR) = ((((YL) & (KL)) << 1) | (((YL) & (KL)) >> 31)) ^ (YR);   \
-}
-
-#define SHIFT_AND_PLACE(INDEX, OFFSET)                      \
-{                                                           \
-    TK[0] = KC[(OFFSET) * 4 + 0];                           \
-    TK[1] = KC[(OFFSET) * 4 + 1];                           \
-    TK[2] = KC[(OFFSET) * 4 + 2];                           \
-    TK[3] = KC[(OFFSET) * 4 + 3];                           \
-                                                            \
-    for( i = 1; i <= 4; i++ )                               \
-        if( shifts[(INDEX)][(OFFSET)][i -1] )               \
-            ROTL(TK + i * 4, TK, ( 15 * i ) % 32);          \
-                                                            \
-    for( i = 0; i < 20; i++ )                               \
-        if( indexes[(INDEX)][(OFFSET)][i] != -1 ) {         \
-            RK[indexes[(INDEX)][(OFFSET)][i]] = TK[ i ];    \
-        }                                                   \
-}
-
-static void camellia_feistel( const uint32_t x[2], const uint32_t k[2],
-                              uint32_t z[2])
-{
-    uint32_t I0, I1;
-    I0 = x[0] ^ k[0];
-    I1 = x[1] ^ k[1];
-
-    I0 = ((uint32_t) SBOX1((I0 >> 24) & 0xFF) << 24) |
-         ((uint32_t) SBOX2((I0 >> 16) & 0xFF) << 16) |
-         ((uint32_t) SBOX3((I0 >>  8) & 0xFF) <<  8) |
-         ((uint32_t) SBOX4((I0      ) & 0xFF)      );
-    I1 = ((uint32_t) SBOX2((I1 >> 24) & 0xFF) << 24) |
-         ((uint32_t) SBOX3((I1 >> 16) & 0xFF) << 16) |
-         ((uint32_t) SBOX4((I1 >>  8) & 0xFF) <<  8) |
-         ((uint32_t) SBOX1((I1      ) & 0xFF)      );
-
-    I0 ^= (I1 << 8) | (I1 >> 24);
-    I1 ^= (I0 << 16) | (I0 >> 16);
-    I0 ^= (I1 >> 8) | (I1 << 24);
-    I1 ^= (I0 >> 8) | (I0 << 24);
-
-    z[0] ^= I1;
-    z[1] ^= I0;
-}
-
-void mbedtls_camellia_init( mbedtls_camellia_context *ctx )
-{
-    CAMELLIA_VALIDATE( ctx != NULL );
-    memset( ctx, 0, sizeof( mbedtls_camellia_context ) );
-}
-
-void mbedtls_camellia_free( mbedtls_camellia_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_camellia_context ) );
-}
-
-/*
- * Camellia key schedule (encryption)
- */
-int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx,
-                                 const unsigned char *key,
-                                 unsigned int keybits )
-{
-    int idx;
-    size_t i;
-    uint32_t *RK;
-    unsigned char t[64];
-    uint32_t SIGMA[6][2];
-    uint32_t KC[16];
-    uint32_t TK[20];
-
-    CAMELLIA_VALIDATE_RET( ctx != NULL );
-    CAMELLIA_VALIDATE_RET( key != NULL );
-
-    RK = ctx->rk;
-
-    memset( t, 0, 64 );
-    memset( RK, 0, sizeof(ctx->rk) );
-
-    switch( keybits )
-    {
-        case 128: ctx->nr = 3; idx = 0; break;
-        case 192:
-        case 256: ctx->nr = 4; idx = 1; break;
-        default : return( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA );
-    }
-
-    for( i = 0; i < keybits / 8; ++i )
-        t[i] = key[i];
-
-    if( keybits == 192 ) {
-        for( i = 0; i < 8; i++ )
-            t[24 + i] = ~t[16 + i];
-    }
-
-    /*
-     * Prepare SIGMA values
-     */
-    for( i = 0; i < 6; i++ ) {
-        GET_UINT32_BE( SIGMA[i][0], SIGMA_CHARS[i], 0 );
-        GET_UINT32_BE( SIGMA[i][1], SIGMA_CHARS[i], 4 );
-    }
-
-    /*
-     * Key storage in KC
-     * Order: KL, KR, KA, KB
-     */
-    memset( KC, 0, sizeof(KC) );
-
-    /* Store KL, KR */
-    for( i = 0; i < 8; i++ )
-        GET_UINT32_BE( KC[i], t, i * 4 );
-
-    /* Generate KA */
-    for( i = 0; i < 4; ++i )
-        KC[8 + i] = KC[i] ^ KC[4 + i];
-
-    camellia_feistel( KC + 8, SIGMA[0], KC + 10 );
-    camellia_feistel( KC + 10, SIGMA[1], KC + 8 );
-
-    for( i = 0; i < 4; ++i )
-        KC[8 + i] ^= KC[i];
-
-    camellia_feistel( KC + 8, SIGMA[2], KC + 10 );
-    camellia_feistel( KC + 10, SIGMA[3], KC + 8 );
-
-    if( keybits > 128 ) {
-        /* Generate KB */
-        for( i = 0; i < 4; ++i )
-            KC[12 + i] = KC[4 + i] ^ KC[8 + i];
-
-        camellia_feistel( KC + 12, SIGMA[4], KC + 14 );
-        camellia_feistel( KC + 14, SIGMA[5], KC + 12 );
-    }
-
-    /*
-     * Generating subkeys
-     */
-
-    /* Manipulating KL */
-    SHIFT_AND_PLACE( idx, 0 );
-
-    /* Manipulating KR */
-    if( keybits > 128 ) {
-        SHIFT_AND_PLACE( idx, 1 );
-    }
-
-    /* Manipulating KA */
-    SHIFT_AND_PLACE( idx, 2 );
-
-    /* Manipulating KB */
-    if( keybits > 128 ) {
-        SHIFT_AND_PLACE( idx, 3 );
-    }
-
-    /* Do transpositions */
-    for( i = 0; i < 20; i++ ) {
-        if( transposes[idx][i] != -1 ) {
-            RK[32 + 12 * idx + i] = RK[transposes[idx][i]];
-        }
-    }
-
-    return( 0 );
-}
-
-/*
- * Camellia key schedule (decryption)
- */
-int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx,
-                                 const unsigned char *key,
-                                 unsigned int keybits )
-{
-    int idx, ret;
-    size_t i;
-    mbedtls_camellia_context cty;
-    uint32_t *RK;
-    uint32_t *SK;
-    CAMELLIA_VALIDATE_RET( ctx != NULL );
-    CAMELLIA_VALIDATE_RET( key != NULL );
-
-    mbedtls_camellia_init( &cty );
-
-    /* Also checks keybits */
-    if( ( ret = mbedtls_camellia_setkey_enc( &cty, key, keybits ) ) != 0 )
-        goto exit;
-
-    ctx->nr = cty.nr;
-    idx = ( ctx->nr == 4 );
-
-    RK = ctx->rk;
-    SK = cty.rk + 24 * 2 + 8 * idx * 2;
-
-    *RK++ = *SK++;
-    *RK++ = *SK++;
-    *RK++ = *SK++;
-    *RK++ = *SK++;
-
-    for( i = 22 + 8 * idx, SK -= 6; i > 0; i--, SK -= 4 )
-    {
-        *RK++ = *SK++;
-        *RK++ = *SK++;
-    }
-
-    SK -= 2;
-
-    *RK++ = *SK++;
-    *RK++ = *SK++;
-    *RK++ = *SK++;
-    *RK++ = *SK++;
-
-exit:
-    mbedtls_camellia_free( &cty );
-
-    return( ret );
-}
-
-/*
- * Camellia-ECB block encryption/decryption
- */
-int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx,
-                    int mode,
-                    const unsigned char input[16],
-                    unsigned char output[16] )
-{
-    int NR;
-    uint32_t *RK, X[4];
-    CAMELLIA_VALIDATE_RET( ctx != NULL );
-    CAMELLIA_VALIDATE_RET( mode == MBEDTLS_CAMELLIA_ENCRYPT ||
-                           mode == MBEDTLS_CAMELLIA_DECRYPT );
-    CAMELLIA_VALIDATE_RET( input  != NULL );
-    CAMELLIA_VALIDATE_RET( output != NULL );
-
-    ( (void) mode );
-
-    NR = ctx->nr;
-    RK = ctx->rk;
-
-    GET_UINT32_BE( X[0], input,  0 );
-    GET_UINT32_BE( X[1], input,  4 );
-    GET_UINT32_BE( X[2], input,  8 );
-    GET_UINT32_BE( X[3], input, 12 );
-
-    X[0] ^= *RK++;
-    X[1] ^= *RK++;
-    X[2] ^= *RK++;
-    X[3] ^= *RK++;
-
-    while( NR ) {
-        --NR;
-        camellia_feistel( X, RK, X + 2 );
-        RK += 2;
-        camellia_feistel( X + 2, RK, X );
-        RK += 2;
-        camellia_feistel( X, RK, X + 2 );
-        RK += 2;
-        camellia_feistel( X + 2, RK, X );
-        RK += 2;
-        camellia_feistel( X, RK, X + 2 );
-        RK += 2;
-        camellia_feistel( X + 2, RK, X );
-        RK += 2;
-
-        if( NR ) {
-            FL(X[0], X[1], RK[0], RK[1]);
-            RK += 2;
-            FLInv(X[2], X[3], RK[0], RK[1]);
-            RK += 2;
-        }
-    }
-
-    X[2] ^= *RK++;
-    X[3] ^= *RK++;
-    X[0] ^= *RK++;
-    X[1] ^= *RK++;
-
-    PUT_UINT32_BE( X[2], output,  0 );
-    PUT_UINT32_BE( X[3], output,  4 );
-    PUT_UINT32_BE( X[0], output,  8 );
-    PUT_UINT32_BE( X[1], output, 12 );
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-/*
- * Camellia-CBC buffer encryption/decryption
- */
-int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx,
-                                int mode,
-                                size_t length,
-                                unsigned char iv[16],
-                                const unsigned char *input,
-                                unsigned char *output )
-{
-    int i;
-    unsigned char temp[16];
-    CAMELLIA_VALIDATE_RET( ctx != NULL );
-    CAMELLIA_VALIDATE_RET( mode == MBEDTLS_CAMELLIA_ENCRYPT ||
-                           mode == MBEDTLS_CAMELLIA_DECRYPT );
-    CAMELLIA_VALIDATE_RET( iv != NULL );
-    CAMELLIA_VALIDATE_RET( length == 0 || input  != NULL );
-    CAMELLIA_VALIDATE_RET( length == 0 || output != NULL );
-
-    if( length % 16 )
-        return( MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH );
-
-    if( mode == MBEDTLS_CAMELLIA_DECRYPT )
-    {
-        while( length > 0 )
-        {
-            memcpy( temp, input, 16 );
-            mbedtls_camellia_crypt_ecb( ctx, mode, input, output );
-
-            for( i = 0; i < 16; i++ )
-                output[i] = (unsigned char)( output[i] ^ iv[i] );
-
-            memcpy( iv, temp, 16 );
-
-            input  += 16;
-            output += 16;
-            length -= 16;
-        }
-    }
-    else
-    {
-        while( length > 0 )
-        {
-            for( i = 0; i < 16; i++ )
-                output[i] = (unsigned char)( input[i] ^ iv[i] );
-
-            mbedtls_camellia_crypt_ecb( ctx, mode, output, output );
-            memcpy( iv, output, 16 );
-
-            input  += 16;
-            output += 16;
-            length -= 16;
-        }
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-/*
- * Camellia-CFB128 buffer encryption/decryption
- */
-int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
-                       int mode,
-                       size_t length,
-                       size_t *iv_off,
-                       unsigned char iv[16],
-                       const unsigned char *input,
-                       unsigned char *output )
-{
-    int c;
-    size_t n;
-    CAMELLIA_VALIDATE_RET( ctx != NULL );
-    CAMELLIA_VALIDATE_RET( mode == MBEDTLS_CAMELLIA_ENCRYPT ||
-                           mode == MBEDTLS_CAMELLIA_DECRYPT );
-    CAMELLIA_VALIDATE_RET( iv     != NULL );
-    CAMELLIA_VALIDATE_RET( iv_off != NULL );
-    CAMELLIA_VALIDATE_RET( length == 0 || input  != NULL );
-    CAMELLIA_VALIDATE_RET( length == 0 || output != NULL );
-
-    n = *iv_off;
-    if( n >= 16 )
-        return( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA );
-
-    if( mode == MBEDTLS_CAMELLIA_DECRYPT )
-    {
-        while( length-- )
-        {
-            if( n == 0 )
-                mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv );
-
-            c = *input++;
-            *output++ = (unsigned char)( c ^ iv[n] );
-            iv[n] = (unsigned char) c;
-
-            n = ( n + 1 ) & 0x0F;
-        }
-    }
-    else
-    {
-        while( length-- )
-        {
-            if( n == 0 )
-                mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv );
-
-            iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
-
-            n = ( n + 1 ) & 0x0F;
-        }
-    }
-
-    *iv_off = n;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-/*
- * Camellia-CTR buffer encryption/decryption
- */
-int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx,
-                       size_t length,
-                       size_t *nc_off,
-                       unsigned char nonce_counter[16],
-                       unsigned char stream_block[16],
-                       const unsigned char *input,
-                       unsigned char *output )
-{
-    int c, i;
-    size_t n;
-    CAMELLIA_VALIDATE_RET( ctx != NULL );
-    CAMELLIA_VALIDATE_RET( nonce_counter != NULL );
-    CAMELLIA_VALIDATE_RET( stream_block  != NULL );
-    CAMELLIA_VALIDATE_RET( nc_off != NULL );
-    CAMELLIA_VALIDATE_RET( length == 0 || input  != NULL );
-    CAMELLIA_VALIDATE_RET( length == 0 || output != NULL );
-
-    n = *nc_off;
-    if( n >= 16 )
-        return( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA );
-
-    while( length-- )
-    {
-        if( n == 0 ) {
-            mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, nonce_counter,
-                                stream_block );
-
-            for( i = 16; i > 0; i-- )
-                if( ++nonce_counter[i - 1] != 0 )
-                    break;
-        }
-        c = *input++;
-        *output++ = (unsigned char)( c ^ stream_block[n] );
-
-        n = ( n + 1 ) & 0x0F;
-    }
-
-    *nc_off = n;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-#endif /* !MBEDTLS_CAMELLIA_ALT */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/*
- * Camellia test vectors from:
- *
- * http://info.isl.ntt.co.jp/crypt/eng/camellia/technology.html:
- *   http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/cryptrec/intermediate.txt
- *   http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/cryptrec/t_camellia.txt
- *                      (For each bitlength: Key 0, Nr 39)
- */
-#define CAMELLIA_TESTS_ECB  2
-
-static const unsigned char camellia_test_ecb_key[3][CAMELLIA_TESTS_ECB][32] =
-{
-    {
-        { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
-          0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 },
-        { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
-    },
-    {
-        { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
-          0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
-          0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 },
-        { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
-    },
-    {
-        { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
-          0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
-          0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
-          0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff },
-        { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
-    },
-};
-
-static const unsigned char camellia_test_ecb_plain[CAMELLIA_TESTS_ECB][16] =
-{
-    { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
-      0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 },
-    { 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
-};
-
-static const unsigned char camellia_test_ecb_cipher[3][CAMELLIA_TESTS_ECB][16] =
-{
-    {
-        { 0x67, 0x67, 0x31, 0x38, 0x54, 0x96, 0x69, 0x73,
-          0x08, 0x57, 0x06, 0x56, 0x48, 0xea, 0xbe, 0x43 },
-        { 0x38, 0x3C, 0x6C, 0x2A, 0xAB, 0xEF, 0x7F, 0xDE,
-          0x25, 0xCD, 0x47, 0x0B, 0xF7, 0x74, 0xA3, 0x31 }
-    },
-    {
-        { 0xb4, 0x99, 0x34, 0x01, 0xb3, 0xe9, 0x96, 0xf8,
-          0x4e, 0xe5, 0xce, 0xe7, 0xd7, 0x9b, 0x09, 0xb9 },
-        { 0xD1, 0x76, 0x3F, 0xC0, 0x19, 0xD7, 0x7C, 0xC9,
-          0x30, 0xBF, 0xF2, 0xA5, 0x6F, 0x7C, 0x93, 0x64 }
-    },
-    {
-        { 0x9a, 0xcc, 0x23, 0x7d, 0xff, 0x16, 0xd7, 0x6c,
-          0x20, 0xef, 0x7c, 0x91, 0x9e, 0x3a, 0x75, 0x09 },
-        { 0x05, 0x03, 0xFB, 0x10, 0xAB, 0x24, 0x1E, 0x7C,
-          0xF4, 0x5D, 0x8C, 0xDE, 0xEE, 0x47, 0x43, 0x35 }
-    }
-};
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-#define CAMELLIA_TESTS_CBC  3
-
-static const unsigned char camellia_test_cbc_key[3][32] =
-{
-        { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6,
-          0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C }
-    ,
-        { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52,
-          0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5,
-          0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B }
-    ,
-        { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE,
-          0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81,
-          0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7,
-          0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 }
-};
-
-static const unsigned char camellia_test_cbc_iv[16] =
-
-    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-      0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F }
-;
-
-static const unsigned char camellia_test_cbc_plain[CAMELLIA_TESTS_CBC][16] =
-{
-    { 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
-      0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A },
-    { 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
-      0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51 },
-    { 0x30, 0xC8, 0x1C, 0x46, 0xA3, 0x5C, 0xE4, 0x11,
-      0xE5, 0xFB, 0xC1, 0x19, 0x1A, 0x0A, 0x52, 0xEF }
-
-};
-
-static const unsigned char camellia_test_cbc_cipher[3][CAMELLIA_TESTS_CBC][16] =
-{
-    {
-        { 0x16, 0x07, 0xCF, 0x49, 0x4B, 0x36, 0xBB, 0xF0,
-          0x0D, 0xAE, 0xB0, 0xB5, 0x03, 0xC8, 0x31, 0xAB },
-        { 0xA2, 0xF2, 0xCF, 0x67, 0x16, 0x29, 0xEF, 0x78,
-          0x40, 0xC5, 0xA5, 0xDF, 0xB5, 0x07, 0x48, 0x87 },
-        { 0x0F, 0x06, 0x16, 0x50, 0x08, 0xCF, 0x8B, 0x8B,
-          0x5A, 0x63, 0x58, 0x63, 0x62, 0x54, 0x3E, 0x54 }
-    },
-    {
-        { 0x2A, 0x48, 0x30, 0xAB, 0x5A, 0xC4, 0xA1, 0xA2,
-          0x40, 0x59, 0x55, 0xFD, 0x21, 0x95, 0xCF, 0x93 },
-        { 0x5D, 0x5A, 0x86, 0x9B, 0xD1, 0x4C, 0xE5, 0x42,
-          0x64, 0xF8, 0x92, 0xA6, 0xDD, 0x2E, 0xC3, 0xD5 },
-        { 0x37, 0xD3, 0x59, 0xC3, 0x34, 0x98, 0x36, 0xD8,
-          0x84, 0xE3, 0x10, 0xAD, 0xDF, 0x68, 0xC4, 0x49 }
-    },
-    {
-        { 0xE6, 0xCF, 0xA3, 0x5F, 0xC0, 0x2B, 0x13, 0x4A,
-          0x4D, 0x2C, 0x0B, 0x67, 0x37, 0xAC, 0x3E, 0xDA },
-        { 0x36, 0xCB, 0xEB, 0x73, 0xBD, 0x50, 0x4B, 0x40,
-          0x70, 0xB1, 0xB7, 0xDE, 0x2B, 0x21, 0xEB, 0x50 },
-        { 0xE3, 0x1A, 0x60, 0x55, 0x29, 0x7D, 0x96, 0xCA,
-          0x33, 0x30, 0xCD, 0xF1, 0xB1, 0x86, 0x0A, 0x83 }
-    }
-};
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-/*
- * Camellia-CTR test vectors from:
- *
- * http://www.faqs.org/rfcs/rfc5528.html
- */
-
-static const unsigned char camellia_test_ctr_key[3][16] =
-{
-    { 0xAE, 0x68, 0x52, 0xF8, 0x12, 0x10, 0x67, 0xCC,
-      0x4B, 0xF7, 0xA5, 0x76, 0x55, 0x77, 0xF3, 0x9E },
-    { 0x7E, 0x24, 0x06, 0x78, 0x17, 0xFA, 0xE0, 0xD7,
-      0x43, 0xD6, 0xCE, 0x1F, 0x32, 0x53, 0x91, 0x63 },
-    { 0x76, 0x91, 0xBE, 0x03, 0x5E, 0x50, 0x20, 0xA8,
-      0xAC, 0x6E, 0x61, 0x85, 0x29, 0xF9, 0xA0, 0xDC }
-};
-
-static const unsigned char camellia_test_ctr_nonce_counter[3][16] =
-{
-    { 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
-    { 0x00, 0x6C, 0xB6, 0xDB, 0xC0, 0x54, 0x3B, 0x59,
-      0xDA, 0x48, 0xD9, 0x0B, 0x00, 0x00, 0x00, 0x01 },
-    { 0x00, 0xE0, 0x01, 0x7B, 0x27, 0x77, 0x7F, 0x3F,
-      0x4A, 0x17, 0x86, 0xF0, 0x00, 0x00, 0x00, 0x01 }
-};
-
-static const unsigned char camellia_test_ctr_pt[3][48] =
-{
-    { 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62,
-      0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67 },
-
-    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-      0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
-      0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
-      0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F },
-
-    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-      0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
-      0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
-      0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F,
-      0x20, 0x21, 0x22, 0x23 }
-};
-
-static const unsigned char camellia_test_ctr_ct[3][48] =
-{
-    { 0xD0, 0x9D, 0xC2, 0x9A, 0x82, 0x14, 0x61, 0x9A,
-      0x20, 0x87, 0x7C, 0x76, 0xDB, 0x1F, 0x0B, 0x3F },
-    { 0xDB, 0xF3, 0xC7, 0x8D, 0xC0, 0x83, 0x96, 0xD4,
-      0xDA, 0x7C, 0x90, 0x77, 0x65, 0xBB, 0xCB, 0x44,
-      0x2B, 0x8E, 0x8E, 0x0F, 0x31, 0xF0, 0xDC, 0xA7,
-      0x2C, 0x74, 0x17, 0xE3, 0x53, 0x60, 0xE0, 0x48 },
-    { 0xB1, 0x9D, 0x1F, 0xCD, 0xCB, 0x75, 0xEB, 0x88,
-      0x2F, 0x84, 0x9C, 0xE2, 0x4D, 0x85, 0xCF, 0x73,
-      0x9C, 0xE6, 0x4B, 0x2B, 0x5C, 0x9D, 0x73, 0xF1,
-      0x4F, 0x2D, 0x5D, 0x9D, 0xCE, 0x98, 0x89, 0xCD,
-      0xDF, 0x50, 0x86, 0x96 }
-};
-
-static const int camellia_test_ctr_len[3] =
-    { 16, 32, 36 };
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-/*
- * Checkup routine
- */
-int mbedtls_camellia_self_test( int verbose )
-{
-    int i, j, u, v;
-    unsigned char key[32];
-    unsigned char buf[64];
-    unsigned char src[16];
-    unsigned char dst[16];
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    unsigned char iv[16];
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    size_t offset, len;
-    unsigned char nonce_counter[16];
-    unsigned char stream_block[16];
-#endif
-
-    mbedtls_camellia_context ctx;
-
-    memset( key, 0, 32 );
-
-    for( j = 0; j < 6; j++ ) {
-        u = j >> 1;
-    v = j & 1;
-
-    if( verbose != 0 )
-        mbedtls_printf( "  CAMELLIA-ECB-%3d (%s): ", 128 + u * 64,
-                         (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc");
-
-    for( i = 0; i < CAMELLIA_TESTS_ECB; i++ ) {
-        memcpy( key, camellia_test_ecb_key[u][i], 16 + 8 * u );
-
-        if( v == MBEDTLS_CAMELLIA_DECRYPT ) {
-            mbedtls_camellia_setkey_dec( &ctx, key, 128 + u * 64 );
-            memcpy( src, camellia_test_ecb_cipher[u][i], 16 );
-            memcpy( dst, camellia_test_ecb_plain[i], 16 );
-        } else { /* MBEDTLS_CAMELLIA_ENCRYPT */
-            mbedtls_camellia_setkey_enc( &ctx, key, 128 + u * 64 );
-            memcpy( src, camellia_test_ecb_plain[i], 16 );
-            memcpy( dst, camellia_test_ecb_cipher[u][i], 16 );
-        }
-
-        mbedtls_camellia_crypt_ecb( &ctx, v, src, buf );
-
-        if( memcmp( buf, dst, 16 ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
-
-            return( 1 );
-        }
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    /*
-     * CBC mode
-     */
-    for( j = 0; j < 6; j++ )
-    {
-        u = j >> 1;
-        v = j  & 1;
-
-        if( verbose != 0 )
-            mbedtls_printf( "  CAMELLIA-CBC-%3d (%s): ", 128 + u * 64,
-                             ( v == MBEDTLS_CAMELLIA_DECRYPT ) ? "dec" : "enc" );
-
-        memcpy( src, camellia_test_cbc_iv, 16 );
-        memcpy( dst, camellia_test_cbc_iv, 16 );
-        memcpy( key, camellia_test_cbc_key[u], 16 + 8 * u );
-
-        if( v == MBEDTLS_CAMELLIA_DECRYPT ) {
-            mbedtls_camellia_setkey_dec( &ctx, key, 128 + u * 64 );
-        } else {
-            mbedtls_camellia_setkey_enc( &ctx, key, 128 + u * 64 );
-        }
-
-        for( i = 0; i < CAMELLIA_TESTS_CBC; i++ ) {
-
-            if( v == MBEDTLS_CAMELLIA_DECRYPT ) {
-                memcpy( iv , src, 16 );
-                memcpy( src, camellia_test_cbc_cipher[u][i], 16 );
-                memcpy( dst, camellia_test_cbc_plain[i], 16 );
-            } else { /* MBEDTLS_CAMELLIA_ENCRYPT */
-                memcpy( iv , dst, 16 );
-                memcpy( src, camellia_test_cbc_plain[i], 16 );
-                memcpy( dst, camellia_test_cbc_cipher[u][i], 16 );
-            }
-
-            mbedtls_camellia_crypt_cbc( &ctx, v, 16, iv, src, buf );
-
-            if( memcmp( buf, dst, 16 ) != 0 )
-            {
-                if( verbose != 0 )
-                    mbedtls_printf( "failed\n" );
-
-                return( 1 );
-            }
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    /*
-     * CTR mode
-     */
-    for( i = 0; i < 6; i++ )
-    {
-        u = i >> 1;
-        v = i  & 1;
-
-        if( verbose != 0 )
-            mbedtls_printf( "  CAMELLIA-CTR-128 (%s): ",
-                             ( v == MBEDTLS_CAMELLIA_DECRYPT ) ? "dec" : "enc" );
-
-        memcpy( nonce_counter, camellia_test_ctr_nonce_counter[u], 16 );
-        memcpy( key, camellia_test_ctr_key[u], 16 );
-
-        offset = 0;
-        mbedtls_camellia_setkey_enc( &ctx, key, 128 );
-
-        if( v == MBEDTLS_CAMELLIA_DECRYPT )
-        {
-            len = camellia_test_ctr_len[u];
-            memcpy( buf, camellia_test_ctr_ct[u], len );
-
-            mbedtls_camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
-                                buf, buf );
-
-            if( memcmp( buf, camellia_test_ctr_pt[u], len ) != 0 )
-            {
-                if( verbose != 0 )
-                    mbedtls_printf( "failed\n" );
-
-                return( 1 );
-            }
-        }
-        else
-        {
-            len = camellia_test_ctr_len[u];
-            memcpy( buf, camellia_test_ctr_pt[u], len );
-
-            mbedtls_camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
-                                buf, buf );
-
-            if( memcmp( buf, camellia_test_ctr_ct[u], len ) != 0 )
-            {
-                if( verbose != 0 )
-                    mbedtls_printf( "failed\n" );
-
-                return( 1 );
-            }
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-    return( 0 );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_CAMELLIA_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/ccm.c b/3rdparty/mbedtls-2.25.0/library/ccm.c
deleted file mode 100644
index 424ee77..0000000
--- a/3rdparty/mbedtls-2.25.0/library/ccm.c
+++ /dev/null
@@ -1,547 +0,0 @@
-/*
- *  NIST SP800-38C compliant CCM implementation
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- * Definition of CCM:
- * http://csrc.nist.gov/publications/nistpubs/800-38C/SP800-38C_updated-July20_2007.pdf
- * RFC 3610 "Counter with CBC-MAC (CCM)"
- *
- * Related:
- * RFC 5116 "An Interface and Algorithms for Authenticated Encryption"
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_CCM_C)
-
-#include "mbedtls/ccm.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
-
-#if !defined(MBEDTLS_CCM_ALT)
-
-#define CCM_VALIDATE_RET( cond ) \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CCM_BAD_INPUT )
-#define CCM_VALIDATE( cond ) \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-#define CCM_ENCRYPT 0
-#define CCM_DECRYPT 1
-
-/*
- * Initialize context
- */
-void mbedtls_ccm_init( mbedtls_ccm_context *ctx )
-{
-    CCM_VALIDATE( ctx != NULL );
-    memset( ctx, 0, sizeof( mbedtls_ccm_context ) );
-}
-
-int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
-                        mbedtls_cipher_id_t cipher,
-                        const unsigned char *key,
-                        unsigned int keybits )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const mbedtls_cipher_info_t *cipher_info;
-
-    CCM_VALIDATE_RET( ctx != NULL );
-    CCM_VALIDATE_RET( key != NULL );
-
-    cipher_info = mbedtls_cipher_info_from_values( cipher, keybits,
-                                                   MBEDTLS_MODE_ECB );
-    if( cipher_info == NULL )
-        return( MBEDTLS_ERR_CCM_BAD_INPUT );
-
-    if( cipher_info->block_size != 16 )
-        return( MBEDTLS_ERR_CCM_BAD_INPUT );
-
-    mbedtls_cipher_free( &ctx->cipher_ctx );
-
-    if( ( ret = mbedtls_cipher_setup( &ctx->cipher_ctx, cipher_info ) ) != 0 )
-        return( ret );
-
-    if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keybits,
-                               MBEDTLS_ENCRYPT ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    return( 0 );
-}
-
-/*
- * Free context
- */
-void mbedtls_ccm_free( mbedtls_ccm_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-    mbedtls_cipher_free( &ctx->cipher_ctx );
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ccm_context ) );
-}
-
-/*
- * Macros for common operations.
- * Results in smaller compiled code than static inline functions.
- */
-
-/*
- * Update the CBC-MAC state in y using a block in b
- * (Always using b as the source helps the compiler optimise a bit better.)
- */
-#define UPDATE_CBC_MAC                                                      \
-    for( i = 0; i < 16; i++ )                                               \
-        y[i] ^= b[i];                                                       \
-                                                                            \
-    if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, y, 16, y, &olen ) ) != 0 ) \
-        return( ret );
-
-/*
- * Encrypt or decrypt a partial block with CTR
- * Warning: using b for temporary storage! src and dst must not be b!
- * This avoids allocating one more 16 bytes buffer while allowing src == dst.
- */
-#define CTR_CRYPT( dst, src, len  )                                            \
-    do                                                                  \
-    {                                                                   \
-        if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctr,       \
-                                           16, b, &olen ) ) != 0 )      \
-        {                                                               \
-            return( ret );                                              \
-        }                                                               \
-                                                                        \
-        for( i = 0; i < (len); i++ )                                    \
-            (dst)[i] = (src)[i] ^ b[i];                                 \
-    } while( 0 )
-
-/*
- * Authenticated encryption or decryption
- */
-static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length,
-                           const unsigned char *iv, size_t iv_len,
-                           const unsigned char *add, size_t add_len,
-                           const unsigned char *input, unsigned char *output,
-                           unsigned char *tag, size_t tag_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char i;
-    unsigned char q;
-    size_t len_left, olen;
-    unsigned char b[16];
-    unsigned char y[16];
-    unsigned char ctr[16];
-    const unsigned char *src;
-    unsigned char *dst;
-
-    /*
-     * Check length requirements: SP800-38C A.1
-     * Additional requirement: a < 2^16 - 2^8 to simplify the code.
-     * 'length' checked later (when writing it to the first block)
-     *
-     * Also, loosen the requirements to enable support for CCM* (IEEE 802.15.4).
-     */
-    if( tag_len == 2 || tag_len > 16 || tag_len % 2 != 0 )
-        return( MBEDTLS_ERR_CCM_BAD_INPUT );
-
-    /* Also implies q is within bounds */
-    if( iv_len < 7 || iv_len > 13 )
-        return( MBEDTLS_ERR_CCM_BAD_INPUT );
-
-    if( add_len >= 0xFF00 )
-        return( MBEDTLS_ERR_CCM_BAD_INPUT );
-
-    q = 16 - 1 - (unsigned char) iv_len;
-
-    /*
-     * First block B_0:
-     * 0        .. 0        flags
-     * 1        .. iv_len   nonce (aka iv)
-     * iv_len+1 .. 15       length
-     *
-     * With flags as (bits):
-     * 7        0
-     * 6        add present?
-     * 5 .. 3   (t - 2) / 2
-     * 2 .. 0   q - 1
-     */
-    b[0] = 0;
-    b[0] |= ( add_len > 0 ) << 6;
-    b[0] |= ( ( tag_len - 2 ) / 2 ) << 3;
-    b[0] |= q - 1;
-
-    memcpy( b + 1, iv, iv_len );
-
-    for( i = 0, len_left = length; i < q; i++, len_left >>= 8 )
-        b[15-i] = (unsigned char)( len_left & 0xFF );
-
-    if( len_left > 0 )
-        return( MBEDTLS_ERR_CCM_BAD_INPUT );
-
-
-    /* Start CBC-MAC with first block */
-    memset( y, 0, 16 );
-    UPDATE_CBC_MAC;
-
-    /*
-     * If there is additional data, update CBC-MAC with
-     * add_len, add, 0 (padding to a block boundary)
-     */
-    if( add_len > 0 )
-    {
-        size_t use_len;
-        len_left = add_len;
-        src = add;
-
-        memset( b, 0, 16 );
-        b[0] = (unsigned char)( ( add_len >> 8 ) & 0xFF );
-        b[1] = (unsigned char)( ( add_len      ) & 0xFF );
-
-        use_len = len_left < 16 - 2 ? len_left : 16 - 2;
-        memcpy( b + 2, src, use_len );
-        len_left -= use_len;
-        src += use_len;
-
-        UPDATE_CBC_MAC;
-
-        while( len_left > 0 )
-        {
-            use_len = len_left > 16 ? 16 : len_left;
-
-            memset( b, 0, 16 );
-            memcpy( b, src, use_len );
-            UPDATE_CBC_MAC;
-
-            len_left -= use_len;
-            src += use_len;
-        }
-    }
-
-    /*
-     * Prepare counter block for encryption:
-     * 0        .. 0        flags
-     * 1        .. iv_len   nonce (aka iv)
-     * iv_len+1 .. 15       counter (initially 1)
-     *
-     * With flags as (bits):
-     * 7 .. 3   0
-     * 2 .. 0   q - 1
-     */
-    ctr[0] = q - 1;
-    memcpy( ctr + 1, iv, iv_len );
-    memset( ctr + 1 + iv_len, 0, q );
-    ctr[15] = 1;
-
-    /*
-     * Authenticate and {en,de}crypt the message.
-     *
-     * The only difference between encryption and decryption is
-     * the respective order of authentication and {en,de}cryption.
-     */
-    len_left = length;
-    src = input;
-    dst = output;
-
-    while( len_left > 0 )
-    {
-        size_t use_len = len_left > 16 ? 16 : len_left;
-
-        if( mode == CCM_ENCRYPT )
-        {
-            memset( b, 0, 16 );
-            memcpy( b, src, use_len );
-            UPDATE_CBC_MAC;
-        }
-
-        CTR_CRYPT( dst, src, use_len );
-
-        if( mode == CCM_DECRYPT )
-        {
-            memset( b, 0, 16 );
-            memcpy( b, dst, use_len );
-            UPDATE_CBC_MAC;
-        }
-
-        dst += use_len;
-        src += use_len;
-        len_left -= use_len;
-
-        /*
-         * Increment counter.
-         * No need to check for overflow thanks to the length check above.
-         */
-        for( i = 0; i < q; i++ )
-            if( ++ctr[15-i] != 0 )
-                break;
-    }
-
-    /*
-     * Authentication: reset counter and crypt/mask internal tag
-     */
-    for( i = 0; i < q; i++ )
-        ctr[15-i] = 0;
-
-    CTR_CRYPT( y, y, 16 );
-    memcpy( tag, y, tag_len );
-
-    return( 0 );
-}
-
-/*
- * Authenticated encryption
- */
-int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *add, size_t add_len,
-                         const unsigned char *input, unsigned char *output,
-                         unsigned char *tag, size_t tag_len )
-{
-    CCM_VALIDATE_RET( ctx != NULL );
-    CCM_VALIDATE_RET( iv != NULL );
-    CCM_VALIDATE_RET( add_len == 0 || add != NULL );
-    CCM_VALIDATE_RET( length == 0 || input != NULL );
-    CCM_VALIDATE_RET( length == 0 || output != NULL );
-    CCM_VALIDATE_RET( tag_len == 0 || tag != NULL );
-    return( ccm_auth_crypt( ctx, CCM_ENCRYPT, length, iv, iv_len,
-                            add, add_len, input, output, tag, tag_len ) );
-}
-
-int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *add, size_t add_len,
-                         const unsigned char *input, unsigned char *output,
-                         unsigned char *tag, size_t tag_len )
-{
-    CCM_VALIDATE_RET( ctx != NULL );
-    CCM_VALIDATE_RET( iv != NULL );
-    CCM_VALIDATE_RET( add_len == 0 || add != NULL );
-    CCM_VALIDATE_RET( length == 0 || input != NULL );
-    CCM_VALIDATE_RET( length == 0 || output != NULL );
-    CCM_VALIDATE_RET( tag_len == 0 || tag != NULL );
-    if( tag_len == 0 )
-        return( MBEDTLS_ERR_CCM_BAD_INPUT );
-
-    return( mbedtls_ccm_star_encrypt_and_tag( ctx, length, iv, iv_len, add,
-                add_len, input, output, tag, tag_len ) );
-}
-
-/*
- * Authenticated decryption
- */
-int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
-                      const unsigned char *iv, size_t iv_len,
-                      const unsigned char *add, size_t add_len,
-                      const unsigned char *input, unsigned char *output,
-                      const unsigned char *tag, size_t tag_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char check_tag[16];
-    unsigned char i;
-    int diff;
-
-    CCM_VALIDATE_RET( ctx != NULL );
-    CCM_VALIDATE_RET( iv != NULL );
-    CCM_VALIDATE_RET( add_len == 0 || add != NULL );
-    CCM_VALIDATE_RET( length == 0 || input != NULL );
-    CCM_VALIDATE_RET( length == 0 || output != NULL );
-    CCM_VALIDATE_RET( tag_len == 0 || tag != NULL );
-
-    if( ( ret = ccm_auth_crypt( ctx, CCM_DECRYPT, length,
-                                iv, iv_len, add, add_len,
-                                input, output, check_tag, tag_len ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    /* Check tag in "constant-time" */
-    for( diff = 0, i = 0; i < tag_len; i++ )
-        diff |= tag[i] ^ check_tag[i];
-
-    if( diff != 0 )
-    {
-        mbedtls_platform_zeroize( output, length );
-        return( MBEDTLS_ERR_CCM_AUTH_FAILED );
-    }
-
-    return( 0 );
-}
-
-int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
-                      const unsigned char *iv, size_t iv_len,
-                      const unsigned char *add, size_t add_len,
-                      const unsigned char *input, unsigned char *output,
-                      const unsigned char *tag, size_t tag_len )
-{
-    CCM_VALIDATE_RET( ctx != NULL );
-    CCM_VALIDATE_RET( iv != NULL );
-    CCM_VALIDATE_RET( add_len == 0 || add != NULL );
-    CCM_VALIDATE_RET( length == 0 || input != NULL );
-    CCM_VALIDATE_RET( length == 0 || output != NULL );
-    CCM_VALIDATE_RET( tag_len == 0 || tag != NULL );
-
-    if( tag_len == 0 )
-        return( MBEDTLS_ERR_CCM_BAD_INPUT );
-
-    return( mbedtls_ccm_star_auth_decrypt( ctx, length, iv, iv_len, add,
-                add_len, input, output, tag, tag_len ) );
-}
-#endif /* !MBEDTLS_CCM_ALT */
-
-#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
-/*
- * Examples 1 to 3 from SP800-38C Appendix C
- */
-
-#define NB_TESTS 3
-#define CCM_SELFTEST_PT_MAX_LEN 24
-#define CCM_SELFTEST_CT_MAX_LEN 32
-/*
- * The data is the same for all tests, only the used length changes
- */
-static const unsigned char key_test_data[] = {
-    0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
-    0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f
-};
-
-static const unsigned char iv_test_data[] = {
-    0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
-    0x18, 0x19, 0x1a, 0x1b
-};
-
-static const unsigned char ad_test_data[] = {
-    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
-    0x10, 0x11, 0x12, 0x13
-};
-
-static const unsigned char msg_test_data[CCM_SELFTEST_PT_MAX_LEN] = {
-    0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
-    0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
-    0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
-};
-
-static const size_t iv_len_test_data [NB_TESTS] = { 7, 8,  12 };
-static const size_t add_len_test_data[NB_TESTS] = { 8, 16, 20 };
-static const size_t msg_len_test_data[NB_TESTS] = { 4, 16, 24 };
-static const size_t tag_len_test_data[NB_TESTS] = { 4, 6,  8  };
-
-static const unsigned char res_test_data[NB_TESTS][CCM_SELFTEST_CT_MAX_LEN] = {
-    {   0x71, 0x62, 0x01, 0x5b, 0x4d, 0xac, 0x25, 0x5d },
-    {   0xd2, 0xa1, 0xf0, 0xe0, 0x51, 0xea, 0x5f, 0x62,
-        0x08, 0x1a, 0x77, 0x92, 0x07, 0x3d, 0x59, 0x3d,
-        0x1f, 0xc6, 0x4f, 0xbf, 0xac, 0xcd },
-    {   0xe3, 0xb2, 0x01, 0xa9, 0xf5, 0xb7, 0x1a, 0x7a,
-        0x9b, 0x1c, 0xea, 0xec, 0xcd, 0x97, 0xe7, 0x0b,
-        0x61, 0x76, 0xaa, 0xd9, 0xa4, 0x42, 0x8a, 0xa5,
-        0x48, 0x43, 0x92, 0xfb, 0xc1, 0xb0, 0x99, 0x51 }
-};
-
-int mbedtls_ccm_self_test( int verbose )
-{
-    mbedtls_ccm_context ctx;
-    /*
-     * Some hardware accelerators require the input and output buffers
-     * would be in RAM, because the flash is not accessible.
-     * Use buffers on the stack to hold the test vectors data.
-     */
-    unsigned char plaintext[CCM_SELFTEST_PT_MAX_LEN];
-    unsigned char ciphertext[CCM_SELFTEST_CT_MAX_LEN];
-    size_t i;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    mbedtls_ccm_init( &ctx );
-
-    if( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, key_test_data,
-                            8 * sizeof key_test_data ) != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  CCM: setup failed" );
-
-        return( 1 );
-    }
-
-    for( i = 0; i < NB_TESTS; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  CCM-AES #%u: ", (unsigned int) i + 1 );
-
-        memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
-        memset( ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN );
-        memcpy( plaintext, msg_test_data, msg_len_test_data[i] );
-
-        ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len_test_data[i],
-                                           iv_test_data, iv_len_test_data[i],
-                                           ad_test_data, add_len_test_data[i],
-                                           plaintext, ciphertext,
-                                           ciphertext + msg_len_test_data[i],
-                                           tag_len_test_data[i] );
-
-        if( ret != 0 ||
-            memcmp( ciphertext, res_test_data[i],
-                    msg_len_test_data[i] + tag_len_test_data[i] ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
-
-            return( 1 );
-        }
-        memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
-
-        ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len_test_data[i],
-                                        iv_test_data, iv_len_test_data[i],
-                                        ad_test_data, add_len_test_data[i],
-                                        ciphertext, plaintext,
-                                        ciphertext + msg_len_test_data[i],
-                                        tag_len_test_data[i] );
-
-        if( ret != 0 ||
-            memcmp( plaintext, msg_test_data, msg_len_test_data[i] ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
-
-            return( 1 );
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    mbedtls_ccm_free( &ctx );
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-    return( 0 );
-}
-
-#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
-
-#endif /* MBEDTLS_CCM_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/certs.c b/3rdparty/mbedtls-2.25.0/library/certs.c
deleted file mode 100644
index a5695e3..0000000
--- a/3rdparty/mbedtls-2.25.0/library/certs.c
+++ /dev/null
@@ -1,1746 +0,0 @@
-/*
- *  X.509 test certificates
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#include "mbedtls/certs.h"
-
-#if defined(MBEDTLS_CERTS_C)
-
-/*
- * Test CA Certificates
- *
- * We define test CA certificates for each choice of the following parameters:
- * - PEM or DER encoding
- * - SHA-1 or SHA-256 hash
- * - RSA or EC key
- *
- * Things to add:
- * - multiple EC curve types
- *
- */
-
-/* This is taken from tests/data_files/test-ca2.crt */
-/* BEGIN FILE string macro TEST_CA_CRT_EC_PEM tests/data_files/test-ca2.crt */
-#define TEST_CA_CRT_EC_PEM                                                 \
-    "-----BEGIN CERTIFICATE-----\r\n"                                      \
-    "MIICBDCCAYigAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE\r\n" \
-    "BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0\r\n" \
-    "IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE\r\n" \
-    "BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0\r\n" \
-    "IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO\r\n" \
-    "4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK\r\n" \
-    "6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1AwTjAMBgNVHRMEBTADAQH/\r\n" \
-    "MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSdbSAk\r\n" \
-    "SQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMFHKrjAPpHB0BN1a\r\n" \
-    "LH8TwcJ3vh0AxeKZj30mRdOKBmg/jLS3rU3g8VQBHpn8sOTTBwIxANxPO5AerimZ\r\n" \
-    "hCjMe0d4CTHf1gFZMF70+IqEP+o5VHsIp2Cqvflb0VGWFC5l9a4cQg==\r\n"         \
-    "-----END CERTIFICATE-----\r\n"
-/* END FILE */
-
-/* This is generated from tests/data_files/test-ca2.crt.der using `xxd -i`. */
-/* BEGIN FILE binary macro TEST_CA_CRT_EC_DER tests/data_files/test-ca2.crt.der */
-#define TEST_CA_CRT_EC_DER {                                                 \
-  0x30, 0x82, 0x02, 0x04, 0x30, 0x82, 0x01, 0x88, 0xa0, 0x03, 0x02, 0x01,    \
-  0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8,    \
-  0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02,    \
-  0x05, 0x00, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,    \
-  0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55,    \
-  0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c,    \
-  0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50,    \
-  0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74,    \
-  0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x39,    \
-  0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, 0x5a, 0x17,    \
-  0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30,    \
-  0x30, 0x5a, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,    \
-  0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55,    \
-  0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c,    \
-  0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50,    \
-  0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74,    \
-  0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07,    \
-  0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04,    \
-  0x00, 0x22, 0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37,    \
-  0x58, 0x2f, 0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e,    \
-  0xe0, 0x6e, 0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4,    \
-  0x91, 0x95, 0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc,    \
-  0x1a, 0x95, 0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf,    \
-  0xd6, 0x6a, 0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca,    \
-  0xe8, 0xb2, 0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75,    \
-  0xa7, 0x47, 0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20,    \
-  0xb4, 0x66, 0x16, 0x60, 0x33, 0x1e, 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x0c,    \
-  0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff,    \
-  0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x9d,    \
-  0x6d, 0x20, 0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc,    \
-  0x7e, 0x24, 0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x1f, 0x06, 0x03, 0x55,    \
-  0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24,    \
-  0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9,    \
-  0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,    \
-  0x3d, 0x04, 0x03, 0x02, 0x05, 0x00, 0x03, 0x68, 0x00, 0x30, 0x65, 0x02,    \
-  0x30, 0x51, 0xca, 0xae, 0x30, 0x0f, 0xa4, 0x70, 0x74, 0x04, 0xdd, 0x5a,    \
-  0x2c, 0x7f, 0x13, 0xc1, 0xc2, 0x77, 0xbe, 0x1d, 0x00, 0xc5, 0xe2, 0x99,    \
-  0x8f, 0x7d, 0x26, 0x45, 0xd3, 0x8a, 0x06, 0x68, 0x3f, 0x8c, 0xb4, 0xb7,    \
-  0xad, 0x4d, 0xe0, 0xf1, 0x54, 0x01, 0x1e, 0x99, 0xfc, 0xb0, 0xe4, 0xd3,    \
-  0x07, 0x02, 0x31, 0x00, 0xdc, 0x4f, 0x3b, 0x90, 0x1e, 0xae, 0x29, 0x99,    \
-  0x84, 0x28, 0xcc, 0x7b, 0x47, 0x78, 0x09, 0x31, 0xdf, 0xd6, 0x01, 0x59,    \
-  0x30, 0x5e, 0xf4, 0xf8, 0x8a, 0x84, 0x3f, 0xea, 0x39, 0x54, 0x7b, 0x08,    \
-  0xa7, 0x60, 0xaa, 0xbd, 0xf9, 0x5b, 0xd1, 0x51, 0x96, 0x14, 0x2e, 0x65,    \
-  0xf5, 0xae, 0x1c, 0x42                                                     \
-}
-/* END FILE */
-
-/* This is taken from tests/data_files/test-ca2.key.enc */
-/* BEGIN FILE string macro TEST_CA_KEY_EC_PEM tests/data_files/test-ca2.key.enc */
-#define TEST_CA_KEY_EC_PEM                                                 \
-    "-----BEGIN EC PRIVATE KEY-----\r\n"                                   \
-    "Proc-Type: 4,ENCRYPTED\r\n"                                           \
-    "DEK-Info: DES-EDE3-CBC,307EAB469933D64E\r\n"                          \
-    "\r\n"                                                                 \
-    "IxbrRmKcAzctJqPdTQLA4SWyBYYGYJVkYEna+F7Pa5t5Yg/gKADrFKcm6B72e7DG\r\n" \
-    "ihExtZI648s0zdYw6qSJ74vrPSuWDe5qm93BqsfVH9svtCzWHW0pm1p0KTBCFfUq\r\n" \
-    "UsuWTITwJImcnlAs1gaRZ3sAWm7cOUidL0fo2G0fYUFNcYoCSLffCFTEHBuPnagb\r\n" \
-    "a77x/sY1Bvii8S9/XhDTb6pTMx06wzrm\r\n"                                 \
-    "-----END EC PRIVATE KEY-----\r\n"
-/* END FILE */
-
-#define TEST_CA_PWD_EC_PEM "PolarSSLTest"
-
-/* This is generated from tests/data_files/test-ca2.key.der using `xxd -i`. */
-/* BEGIN FILE binary macro TEST_CA_KEY_EC_DER tests/data_files/test-ca2.key.der */
-#define TEST_CA_KEY_EC_DER {                                                 \
-    0x30, 0x81, 0xa4, 0x02, 0x01, 0x01, 0x04, 0x30, 0x83, 0xd9, 0x15, 0x0e,  \
-    0xa0, 0x71, 0xf0, 0x57, 0x10, 0x33, 0xa3, 0x38, 0xb8, 0x86, 0xc1, 0xa6,  \
-    0x11, 0x5d, 0x6d, 0xb4, 0x03, 0xe1, 0x29, 0x76, 0x45, 0xd7, 0x87, 0x6f,  \
-    0x23, 0xab, 0x44, 0x20, 0xea, 0x64, 0x7b, 0x85, 0xb1, 0x76, 0xe7, 0x85,  \
-    0x95, 0xaa, 0x74, 0xd6, 0xd1, 0xa4, 0x5e, 0xea, 0xa0, 0x07, 0x06, 0x05,  \
-    0x2b, 0x81, 0x04, 0x00, 0x22, 0xa1, 0x64, 0x03, 0x62, 0x00, 0x04, 0xc3,  \
-    0xda, 0x2b, 0x34, 0x41, 0x37, 0x58, 0x2f, 0x87, 0x56, 0xfe, 0xfc, 0x89,  \
-    0xba, 0x29, 0x43, 0x4b, 0x4e, 0xe0, 0x6e, 0xc3, 0x0e, 0x57, 0x53, 0x33,  \
-    0x39, 0x58, 0xd4, 0x52, 0xb4, 0x91, 0x95, 0x39, 0x0b, 0x23, 0xdf, 0x5f,  \
-    0x17, 0x24, 0x62, 0x48, 0xfc, 0x1a, 0x95, 0x29, 0xce, 0x2c, 0x2d, 0x87,  \
-    0xc2, 0x88, 0x52, 0x80, 0xaf, 0xd6, 0x6a, 0xab, 0x21, 0xdd, 0xb8, 0xd3,  \
-    0x1c, 0x6e, 0x58, 0xb8, 0xca, 0xe8, 0xb2, 0x69, 0x8e, 0xf3, 0x41, 0xad,  \
-    0x29, 0xc3, 0xb4, 0x5f, 0x75, 0xa7, 0x47, 0x6f, 0xd5, 0x19, 0x29, 0x55,  \
-    0x69, 0x9a, 0x53, 0x3b, 0x20, 0xb4, 0x66, 0x16, 0x60, 0x33, 0x1e         \
-}
-/* END FILE */
-
-/* This is taken from tests/data_files/test-ca-sha256.crt. */
-/* BEGIN FILE string macro TEST_CA_CRT_RSA_SHA256_PEM tests/data_files/test-ca-sha256.crt */
-#define TEST_CA_CRT_RSA_SHA256_PEM                                         \
-    "-----BEGIN CERTIFICATE-----\r\n"                                      \
-    "MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \
-    "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \
-    "MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G\r\n" \
-    "A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n" \
-    "CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n" \
-    "mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n" \
-    "50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n" \
-    "YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n" \
-    "R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n" \
-    "KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n" \
-    "UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/\r\n" \
-    "MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBCwUA\r\n" \
-    "A4IBAQA4qFSCth2q22uJIdE4KGHJsJjVEfw2/xn+MkTvCMfxVrvmRvqCtjE4tKDl\r\n" \
-    "oK4MxFOek07oDZwvtAT9ijn1hHftTNS7RH9zd/fxNpfcHnMZXVC4w4DNA1fSANtW\r\n" \
-    "5sY1JB5Je9jScrsLSS+mAjyv0Ow3Hb2Bix8wu7xNNrV5fIf7Ubm+wt6SqEBxu3Kb\r\n" \
-    "+EfObAT4huf3czznhH3C17ed6NSbXwoXfby7stWUDeRJv08RaFOykf/Aae7bY5PL\r\n" \
-    "yTVrkAnikMntJ9YI+hNNYt3inqq11A5cN0+rVTst8UKCxzQ4GpvroSwPKTFkbMw4\r\n" \
-    "/anT1dVxr/BtwJfiESoK3/4CeXR1\r\n"                                     \
-    "-----END CERTIFICATE-----\r\n"
-/* END FILE */
-
-/* This is generated from tests/data_files/test-ca-sha256.crt.der
- * using `xxd -i`. */
-/* BEGIN FILE binary macro TEST_CA_CRT_RSA_SHA256_DER tests/data_files/test-ca-sha256.crt.der */
-#define TEST_CA_CRT_RSA_SHA256_DER {                                         \
-  0x30, 0x82, 0x03, 0x41, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01,    \
-  0x02, 0x02, 0x01, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,    \
-  0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30,    \
-  0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11,    \
-  0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c,    \
-  0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55,    \
-  0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c,    \
-  0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d,    \
-  0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30,    \
-  0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34,    \
-  0x34, 0x30, 0x30, 0x5a, 0x30, 0x3b, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,    \
-  0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06,    \
-  0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53,    \
-  0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,    \
-  0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x54, 0x65,    \
-  0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06,    \
-  0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00,    \
-  0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01,    \
-  0x01, 0x00, 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f,    \
-  0x86, 0xde, 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1,    \
-  0x99, 0xd4, 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec,    \
-  0x9b, 0xc5, 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b,    \
-  0xc0, 0x8d, 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9,    \
-  0x93, 0xe8, 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2,    \
-  0xe7, 0x40, 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40,    \
-  0xf9, 0x3e, 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8,    \
-  0x29, 0x00, 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1,    \
-  0xbd, 0x83, 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27,    \
-  0x60, 0xc3, 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84,    \
-  0x32, 0xbe, 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5,    \
-  0xfb, 0xf5, 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e,    \
-  0xee, 0xe2, 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb,    \
-  0x47, 0xb1, 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab,    \
-  0xf1, 0x79, 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62,    \
-  0x6f, 0x27, 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37,    \
-  0xa1, 0x30, 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e,    \
-  0x28, 0xd1, 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64,    \
-  0x09, 0xea, 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b,    \
-  0xc9, 0xab, 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32,    \
-  0x9e, 0x99, 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3,    \
-  0x50, 0x30, 0x4e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05,    \
-  0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e,    \
-  0x04, 0x16, 0x04, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52,    \
-  0xf6, 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff,    \
-  0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80,    \
-  0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5,    \
-  0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06,    \
-  0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00,    \
-  0x03, 0x82, 0x01, 0x01, 0x00, 0x38, 0xa8, 0x54, 0x82, 0xb6, 0x1d, 0xaa,    \
-  0xdb, 0x6b, 0x89, 0x21, 0xd1, 0x38, 0x28, 0x61, 0xc9, 0xb0, 0x98, 0xd5,    \
-  0x11, 0xfc, 0x36, 0xff, 0x19, 0xfe, 0x32, 0x44, 0xef, 0x08, 0xc7, 0xf1,    \
-  0x56, 0xbb, 0xe6, 0x46, 0xfa, 0x82, 0xb6, 0x31, 0x38, 0xb4, 0xa0, 0xe5,    \
-  0xa0, 0xae, 0x0c, 0xc4, 0x53, 0x9e, 0x93, 0x4e, 0xe8, 0x0d, 0x9c, 0x2f,    \
-  0xb4, 0x04, 0xfd, 0x8a, 0x39, 0xf5, 0x84, 0x77, 0xed, 0x4c, 0xd4, 0xbb,    \
-  0x44, 0x7f, 0x73, 0x77, 0xf7, 0xf1, 0x36, 0x97, 0xdc, 0x1e, 0x73, 0x19,    \
-  0x5d, 0x50, 0xb8, 0xc3, 0x80, 0xcd, 0x03, 0x57, 0xd2, 0x00, 0xdb, 0x56,    \
-  0xe6, 0xc6, 0x35, 0x24, 0x1e, 0x49, 0x7b, 0xd8, 0xd2, 0x72, 0xbb, 0x0b,    \
-  0x49, 0x2f, 0xa6, 0x02, 0x3c, 0xaf, 0xd0, 0xec, 0x37, 0x1d, 0xbd, 0x81,    \
-  0x8b, 0x1f, 0x30, 0xbb, 0xbc, 0x4d, 0x36, 0xb5, 0x79, 0x7c, 0x87, 0xfb,    \
-  0x51, 0xb9, 0xbe, 0xc2, 0xde, 0x92, 0xa8, 0x40, 0x71, 0xbb, 0x72, 0x9b,    \
-  0xf8, 0x47, 0xce, 0x6c, 0x04, 0xf8, 0x86, 0xe7, 0xf7, 0x73, 0x3c, 0xe7,    \
-  0x84, 0x7d, 0xc2, 0xd7, 0xb7, 0x9d, 0xe8, 0xd4, 0x9b, 0x5f, 0x0a, 0x17,    \
-  0x7d, 0xbc, 0xbb, 0xb2, 0xd5, 0x94, 0x0d, 0xe4, 0x49, 0xbf, 0x4f, 0x11,    \
-  0x68, 0x53, 0xb2, 0x91, 0xff, 0xc0, 0x69, 0xee, 0xdb, 0x63, 0x93, 0xcb,    \
-  0xc9, 0x35, 0x6b, 0x90, 0x09, 0xe2, 0x90, 0xc9, 0xed, 0x27, 0xd6, 0x08,    \
-  0xfa, 0x13, 0x4d, 0x62, 0xdd, 0xe2, 0x9e, 0xaa, 0xb5, 0xd4, 0x0e, 0x5c,    \
-  0x37, 0x4f, 0xab, 0x55, 0x3b, 0x2d, 0xf1, 0x42, 0x82, 0xc7, 0x34, 0x38,    \
-  0x1a, 0x9b, 0xeb, 0xa1, 0x2c, 0x0f, 0x29, 0x31, 0x64, 0x6c, 0xcc, 0x38,    \
-  0xfd, 0xa9, 0xd3, 0xd5, 0xd5, 0x71, 0xaf, 0xf0, 0x6d, 0xc0, 0x97, 0xe2,    \
-  0x11, 0x2a, 0x0a, 0xdf, 0xfe, 0x02, 0x79, 0x74, 0x75                       \
-}
-/* END FILE */
-
-/* This is taken from tests/data_files/test-ca-sha1.crt. */
-/* BEGIN FILE string macro TEST_CA_CRT_RSA_SHA1_PEM tests/data_files/test-ca-sha1.crt */
-#define TEST_CA_CRT_RSA_SHA1_PEM                                           \
-    "-----BEGIN CERTIFICATE-----\r\n"                                      \
-    "MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \
-    "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \
-    "MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G\r\n" \
-    "A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n" \
-    "CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n" \
-    "mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n" \
-    "50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n" \
-    "YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n" \
-    "R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n" \
-    "KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n" \
-    "UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/\r\n" \
-    "MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA\r\n" \
-    "A4IBAQABE3OEPfEd/bcJW5ZdU3/VgPNS4tMzh8gnJP/V2FcvFtGylMpQq6YnEBYI\r\n" \
-    "yBHAL4DRvlMY5rnXGBp3ODR8MpqHC6AquRTCLzjS57iYff//4QFQqW9n92zctspv\r\n" \
-    "czkaPKgjqo1No3Uq0Xaz10rcxyTUPrf5wNVRZ2V0KvllvAAVSzbI4mpdUXztjhST\r\n" \
-    "S5A2BeWQAAOr0zq1F7TSRVJpJs7jmB2ai/igkh1IAjcuwV6VwlP+sbw0gjQ0NpGM\r\n" \
-    "iHpnlzRAi/tIbtOvMIGOBU2TIfax/5jq1agUx5aPmT5TWAiJPOOP6l5xXnDwxeYS\r\n" \
-    "NWqiX9GyusBZjezaCaHabjDLU0qQ\r\n"                                     \
-    "-----END CERTIFICATE-----\r\n"
-/* END FILE */
-
-/* This is taken from tests/data_files/test-ca-sha1.crt.der. */
-/* BEGIN FILE binary macro TEST_CA_CRT_RSA_SHA1_DER tests/data_files/test-ca-sha1.crt.der */
-#define TEST_CA_CRT_RSA_SHA1_DER {                                           \
-    0x30, 0x82, 0x03, 0x41, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01,  \
-    0x02, 0x02, 0x01, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,  \
-    0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30,  \
-    0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11,  \
-    0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c,  \
-    0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55,  \
-    0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c,  \
-    0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d,  \
-    0x31, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30,  \
-    0x5a, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34,  \
-    0x34, 0x30, 0x30, 0x5a, 0x30, 0x3b, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,  \
-    0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06,  \
-    0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53,  \
-    0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,  \
-    0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x54, 0x65,  \
-    0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06,  \
-    0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00,  \
-    0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01,  \
-    0x01, 0x00, 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f,  \
-    0x86, 0xde, 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1,  \
-    0x99, 0xd4, 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec,  \
-    0x9b, 0xc5, 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b,  \
-    0xc0, 0x8d, 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9,  \
-    0x93, 0xe8, 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2,  \
-    0xe7, 0x40, 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40,  \
-    0xf9, 0x3e, 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8,  \
-    0x29, 0x00, 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1,  \
-    0xbd, 0x83, 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27,  \
-    0x60, 0xc3, 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84,  \
-    0x32, 0xbe, 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5,  \
-    0xfb, 0xf5, 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e,  \
-    0xee, 0xe2, 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb,  \
-    0x47, 0xb1, 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab,  \
-    0xf1, 0x79, 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62,  \
-    0x6f, 0x27, 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37,  \
-    0xa1, 0x30, 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e,  \
-    0x28, 0xd1, 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64,  \
-    0x09, 0xea, 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b,  \
-    0xc9, 0xab, 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32,  \
-    0x9e, 0x99, 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3,  \
-    0x50, 0x30, 0x4e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05,  \
-    0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e,  \
-    0x04, 0x16, 0x04, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52,  \
-    0xf6, 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff,  \
-    0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80,  \
-    0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5,  \
-    0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06,  \
-    0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00,  \
-    0x03, 0x82, 0x01, 0x01, 0x00, 0x01, 0x13, 0x73, 0x84, 0x3d, 0xf1, 0x1d,  \
-    0xfd, 0xb7, 0x09, 0x5b, 0x96, 0x5d, 0x53, 0x7f, 0xd5, 0x80, 0xf3, 0x52,  \
-    0xe2, 0xd3, 0x33, 0x87, 0xc8, 0x27, 0x24, 0xff, 0xd5, 0xd8, 0x57, 0x2f,  \
-    0x16, 0xd1, 0xb2, 0x94, 0xca, 0x50, 0xab, 0xa6, 0x27, 0x10, 0x16, 0x08,  \
-    0xc8, 0x11, 0xc0, 0x2f, 0x80, 0xd1, 0xbe, 0x53, 0x18, 0xe6, 0xb9, 0xd7,  \
-    0x18, 0x1a, 0x77, 0x38, 0x34, 0x7c, 0x32, 0x9a, 0x87, 0x0b, 0xa0, 0x2a,  \
-    0xb9, 0x14, 0xc2, 0x2f, 0x38, 0xd2, 0xe7, 0xb8, 0x98, 0x7d, 0xff, 0xff,  \
-    0xe1, 0x01, 0x50, 0xa9, 0x6f, 0x67, 0xf7, 0x6c, 0xdc, 0xb6, 0xca, 0x6f,  \
-    0x73, 0x39, 0x1a, 0x3c, 0xa8, 0x23, 0xaa, 0x8d, 0x4d, 0xa3, 0x75, 0x2a,  \
-    0xd1, 0x76, 0xb3, 0xd7, 0x4a, 0xdc, 0xc7, 0x24, 0xd4, 0x3e, 0xb7, 0xf9,  \
-    0xc0, 0xd5, 0x51, 0x67, 0x65, 0x74, 0x2a, 0xf9, 0x65, 0xbc, 0x00, 0x15,  \
-    0x4b, 0x36, 0xc8, 0xe2, 0x6a, 0x5d, 0x51, 0x7c, 0xed, 0x8e, 0x14, 0x93,  \
-    0x4b, 0x90, 0x36, 0x05, 0xe5, 0x90, 0x00, 0x03, 0xab, 0xd3, 0x3a, 0xb5,  \
-    0x17, 0xb4, 0xd2, 0x45, 0x52, 0x69, 0x26, 0xce, 0xe3, 0x98, 0x1d, 0x9a,  \
-    0x8b, 0xf8, 0xa0, 0x92, 0x1d, 0x48, 0x02, 0x37, 0x2e, 0xc1, 0x5e, 0x95,  \
-    0xc2, 0x53, 0xfe, 0xb1, 0xbc, 0x34, 0x82, 0x34, 0x34, 0x36, 0x91, 0x8c,  \
-    0x88, 0x7a, 0x67, 0x97, 0x34, 0x40, 0x8b, 0xfb, 0x48, 0x6e, 0xd3, 0xaf,  \
-    0x30, 0x81, 0x8e, 0x05, 0x4d, 0x93, 0x21, 0xf6, 0xb1, 0xff, 0x98, 0xea,  \
-    0xd5, 0xa8, 0x14, 0xc7, 0x96, 0x8f, 0x99, 0x3e, 0x53, 0x58, 0x08, 0x89,  \
-    0x3c, 0xe3, 0x8f, 0xea, 0x5e, 0x71, 0x5e, 0x70, 0xf0, 0xc5, 0xe6, 0x12,  \
-    0x35, 0x6a, 0xa2, 0x5f, 0xd1, 0xb2, 0xba, 0xc0, 0x59, 0x8d, 0xec, 0xda,  \
-    0x09, 0xa1, 0xda, 0x6e, 0x30, 0xcb, 0x53, 0x4a, 0x90                     \
-}
-/* END FILE */
-
-/* This is taken from tests/data_files/test-ca.key */
-/* BEGIN FILE string macro TEST_CA_KEY_RSA_PEM tests/data_files/test-ca.key */
-#define TEST_CA_KEY_RSA_PEM                                                \
-    "-----BEGIN RSA PRIVATE KEY-----\r\n"                                  \
-    "Proc-Type: 4,ENCRYPTED\r\n"                                           \
-    "DEK-Info: DES-EDE3-CBC,A8A95B05D5B7206B\r\n"                          \
-    "\r\n"                                                                 \
-    "9Qd9GeArejl1GDVh2lLV1bHt0cPtfbh5h/5zVpAVaFpqtSPMrElp50Rntn9et+JA\r\n" \
-    "7VOyboR+Iy2t/HU4WvA687k3Bppe9GwKHjHhtl//8xFKwZr3Xb5yO5JUP8AUctQq\r\n" \
-    "Nb8CLlZyuUC+52REAAthdWgsX+7dJO4yabzUcQ22Tp9JSD0hiL43BlkWYUNK3dAo\r\n" \
-    "PZlmiptjnzVTjg1MxsBSydZinWOLBV8/JQgxSPo2yD4uEfig28qbvQ2wNIn0pnAb\r\n" \
-    "GxnSAOazkongEGfvcjIIs+LZN9gXFhxcOh6kc4Q/c99B7QWETwLLkYgZ+z1a9VY9\r\n" \
-    "gEU7CwCxYCD+h9hY6FPmsK0/lC4O7aeRKpYq00rPPxs6i7phiexg6ax6yTMmArQq\r\n" \
-    "QmK3TAsJm8V/J5AWpLEV6jAFgRGymGGHnof0DXzVWZidrcZJWTNuGEX90nB3ee2w\r\n" \
-    "PXJEFWKoD3K3aFcSLdHYr3mLGxP7H9ThQai9VsycxZKS5kwvBKQ//YMrmFfwPk8x\r\n" \
-    "vTeY4KZMaUrveEel5tWZC94RSMKgxR6cyE1nBXyTQnDOGbfpNNgBKxyKbINWoOJU\r\n" \
-    "WJZAwlsQn+QzCDwpri7+sV1mS3gBE6UY7aQmnmiiaC2V3Hbphxct/en5QsfDOt1X\r\n" \
-    "JczSfpRWLlbPznZg8OQh/VgCMA58N5DjOzTIK7sJJ5r+94ZBTCpgAMbF588f0NTR\r\n" \
-    "KCe4yrxGJR7X02M4nvD4IwOlpsQ8xQxZtOSgXv4LkxvdU9XJJKWZ/XNKJeWztxSe\r\n" \
-    "Z1vdTc2YfsDBA2SEv33vxHx2g1vqtw8SjDRT2RaQSS0QuSaMJimdOX6mTOCBKk1J\r\n" \
-    "9Q5mXTrER+/LnK0jEmXsBXWA5bqqVZIyahXSx4VYZ7l7w/PHiUDtDgyRhMMKi4n2\r\n" \
-    "iQvQcWSQTjrpnlJbca1/DkpRt3YwrvJwdqb8asZU2VrNETh5x0QVefDRLFiVpif/\r\n" \
-    "tUaeAe/P1F8OkS7OIZDs1SUbv/sD2vMbhNkUoCms3/PvNtdnvgL4F0zhaDpKCmlT\r\n" \
-    "P8vx49E7v5CyRNmED9zZg4o3wmMqrQO93PtTug3Eu9oVx1zPQM1NVMyBa2+f29DL\r\n" \
-    "1nuTCeXdo9+ni45xx+jAI4DCwrRdhJ9uzZyC6962H37H6D+5naNvClFR1s6li1Gb\r\n" \
-    "nqPoiy/OBsEx9CaDGcqQBp5Wme/3XW+6z1ISOx+igwNTVCT14mHdBMbya0eIKft5\r\n" \
-    "X+GnwtgEMyCYyyWuUct8g4RzErcY9+yW9Om5Hzpx4zOuW4NPZgPDTgK+t2RSL/Yq\r\n" \
-    "rE1njrgeGYcVeG3f+OftH4s6fPbq7t1A5ZgUscbLMBqr9tK+OqygR4EgKBPsH6Cz\r\n" \
-    "L6zlv/2RV0qAHvVuDJcIDIgwY5rJtINEm32rhOeFNJwZS5MNIC1czXZx5//ugX7l\r\n" \
-    "I4sy5nbVhwSjtAk8Xg5dZbdTZ6mIrb7xqH+fdakZor1khG7bC2uIwibD3cSl2XkR\r\n" \
-    "wN48lslbHnqqagr6Xm1nNOSVl8C/6kbJEsMpLhAezfRtGwvOucoaE+WbeUNolGde\r\n" \
-    "P/eQiddSf0brnpiLJRh7qZrl9XuqYdpUqnoEdMAfotDOID8OtV7gt8a48ad8VPW2\r\n" \
-    "-----END RSA PRIVATE KEY-----\r\n"
-/* END FILE */
-
-#define TEST_CA_PWD_RSA_PEM "PolarSSLTest"
-
-/* This was generated from test-ca.key.der using `xxd -i`. */
-/* BEGIN FILE binary macro TEST_CA_KEY_RSA_DER tests/data_files/test-ca.key.der */
-#define TEST_CA_KEY_RSA_DER {                                                \
-    0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,  \
-    0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, 0x86, 0xde,  \
-    0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, 0x99, 0xd4,  \
-    0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, 0x9b, 0xc5,  \
-    0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, 0xc0, 0x8d,  \
-    0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, 0x93, 0xe8,  \
-    0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, 0xe7, 0x40,  \
-    0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, 0xf9, 0x3e,  \
-    0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, 0x29, 0x00,  \
-    0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, 0xbd, 0x83,  \
-    0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, 0x60, 0xc3,  \
-    0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, 0x32, 0xbe,  \
-    0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, 0xfb, 0xf5,  \
-    0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, 0xee, 0xe2,  \
-    0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, 0x47, 0xb1,  \
-    0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, 0xf1, 0x79,  \
-    0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, 0x6f, 0x27,  \
-    0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, 0xa1, 0x30,  \
-    0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, 0x28, 0xd1,  \
-    0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, 0x09, 0xea,  \
-    0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, 0xc9, 0xab,  \
-    0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, 0x9e, 0x99,  \
-    0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,  \
-    0x00, 0x3f, 0xf7, 0x07, 0xd3, 0x34, 0x6f, 0xdb, 0xc9, 0x37, 0xb7, 0x84,  \
-    0xdc, 0x37, 0x45, 0xe1, 0x63, 0xad, 0xb8, 0xb6, 0x75, 0xb1, 0xc7, 0x35,  \
-    0xb4, 0x77, 0x2a, 0x5b, 0x77, 0xf9, 0x7e, 0xe0, 0xc1, 0xa3, 0xd1, 0xb7,  \
-    0xcb, 0xa9, 0x5a, 0xc1, 0x87, 0xda, 0x5a, 0xfa, 0x17, 0xe4, 0xd5, 0x38,  \
-    0x03, 0xde, 0x68, 0x98, 0x81, 0xec, 0xb5, 0xf2, 0x2a, 0x8d, 0xe9, 0x2c,  \
-    0xf3, 0xa6, 0xe5, 0x32, 0x17, 0x7f, 0x33, 0x81, 0xe8, 0x38, 0x72, 0xd5,  \
-    0x9c, 0xfa, 0x4e, 0xfb, 0x26, 0xf5, 0x15, 0x0b, 0xaf, 0x84, 0x66, 0xab,  \
-    0x02, 0xe0, 0x18, 0xd5, 0x91, 0x7c, 0xd6, 0x8f, 0xc9, 0x4b, 0x76, 0x08,  \
-    0x2b, 0x1d, 0x81, 0x68, 0x30, 0xe1, 0xfa, 0x70, 0x6c, 0x13, 0x4e, 0x10,  \
-    0x03, 0x35, 0x3e, 0xc5, 0xca, 0x58, 0x20, 0x8a, 0x21, 0x18, 0x38, 0xa0,  \
-    0x0f, 0xed, 0xc4, 0xbb, 0x45, 0x6f, 0xf5, 0x84, 0x5b, 0xb0, 0xcf, 0x4e,  \
-    0x9d, 0x58, 0x13, 0x6b, 0x35, 0x35, 0x69, 0xa1, 0xd2, 0xc4, 0xf2, 0xc1,  \
-    0x48, 0x04, 0x20, 0x51, 0xb9, 0x6b, 0xa4, 0x5d, 0xa5, 0x4b, 0x84, 0x88,  \
-    0x43, 0x48, 0x99, 0x2c, 0xbb, 0xa4, 0x97, 0xd6, 0xd6, 0x18, 0xf6, 0xec,  \
-    0x5c, 0xd1, 0x31, 0x49, 0xc9, 0xf2, 0x8f, 0x0b, 0x4d, 0xef, 0x09, 0x02,  \
-    0xfe, 0x7d, 0xfd, 0xbb, 0xaf, 0x2b, 0x83, 0x94, 0x22, 0xc4, 0xa7, 0x3e,  \
-    0x66, 0xf5, 0xe0, 0x57, 0xdc, 0xf2, 0xed, 0x2c, 0x3e, 0x81, 0x74, 0x76,  \
-    0x1e, 0x96, 0x6f, 0x74, 0x1e, 0x32, 0x0e, 0x14, 0x31, 0xd0, 0x74, 0xf0,  \
-    0xf4, 0x07, 0xbd, 0xc3, 0xd1, 0x22, 0xc2, 0xa8, 0x95, 0x92, 0x06, 0x7f,  \
-    0x43, 0x02, 0x91, 0xbc, 0xdd, 0x23, 0x01, 0x89, 0x94, 0x20, 0x44, 0x64,  \
-    0xf5, 0x1d, 0x67, 0xd2, 0x8f, 0xe8, 0x69, 0xa5, 0x29, 0x25, 0xe6, 0x50,  \
-    0x9c, 0xe3, 0xe9, 0xcb, 0x75, 0x02, 0x81, 0x81, 0x00, 0xe2, 0x29, 0x3e,  \
-    0xaa, 0x6b, 0xd5, 0x59, 0x1e, 0x9c, 0xe6, 0x47, 0xd5, 0xb6, 0xd7, 0xe3,  \
-    0xf1, 0x8e, 0x9e, 0xe9, 0x83, 0x5f, 0x10, 0x9f, 0x63, 0xec, 0x04, 0x44,  \
-    0xcc, 0x3f, 0xf8, 0xd9, 0x3a, 0x17, 0xe0, 0x4f, 0xfe, 0xd8, 0x4d, 0xcd,  \
-    0x46, 0x54, 0x74, 0xbf, 0x0a, 0xc4, 0x67, 0x9c, 0xa7, 0xd8, 0x89, 0x65,  \
-    0x4c, 0xfd, 0x58, 0x2a, 0x47, 0x0f, 0xf4, 0x37, 0xb6, 0x55, 0xb0, 0x1d,  \
-    0xed, 0xa7, 0x39, 0xfc, 0x4f, 0xa3, 0xc4, 0x75, 0x3a, 0xa3, 0x98, 0xa7,  \
-    0x45, 0xf5, 0x66, 0xcb, 0x7c, 0x65, 0xfb, 0x80, 0x23, 0xe6, 0xff, 0xfd,  \
-    0x99, 0x1f, 0x8e, 0x6b, 0xff, 0x5e, 0x93, 0x66, 0xdf, 0x6c, 0x6f, 0xc3,  \
-    0xf6, 0x38, 0x2e, 0xff, 0x69, 0xb5, 0xac, 0xae, 0xbb, 0xc6, 0x71, 0x16,  \
-    0x6b, 0xd0, 0xf8, 0x22, 0xd9, 0xf8, 0xa2, 0x72, 0x20, 0xd2, 0xe2, 0x3a,  \
-    0x70, 0x4b, 0xde, 0xab, 0x2f, 0x02, 0x81, 0x81, 0x00, 0xda, 0x51, 0x9b,  \
-    0xb8, 0xb2, 0x2a, 0x14, 0x75, 0x58, 0x40, 0x8d, 0x27, 0x70, 0xfa, 0x31,  \
-    0x48, 0xb0, 0x20, 0x21, 0x34, 0xfa, 0x4c, 0x57, 0xa8, 0x11, 0x88, 0xf3,  \
-    0xa7, 0xae, 0x21, 0xe9, 0xb6, 0x2b, 0xd1, 0xcd, 0xa7, 0xf8, 0xd8, 0x0c,  \
-    0x8a, 0x76, 0x22, 0x35, 0x44, 0xce, 0x3f, 0x25, 0x29, 0x83, 0x7d, 0x79,  \
-    0xa7, 0x31, 0xd6, 0xec, 0xb2, 0xbf, 0xda, 0x34, 0xb6, 0xf6, 0xb2, 0x3b,  \
-    0xf3, 0x78, 0x5a, 0x04, 0x83, 0x33, 0x3e, 0xa2, 0xe2, 0x81, 0x82, 0x13,  \
-    0xd4, 0x35, 0x17, 0x63, 0x9b, 0x9e, 0xc4, 0x8d, 0x91, 0x4c, 0x03, 0x77,  \
-    0xc7, 0x71, 0x5b, 0xee, 0x83, 0x6d, 0xd5, 0x78, 0x88, 0xf6, 0x2c, 0x79,  \
-    0xc2, 0x4a, 0xb4, 0x79, 0x90, 0x70, 0xbf, 0xdf, 0x34, 0x56, 0x96, 0x71,  \
-    0xe3, 0x0e, 0x68, 0x91, 0xbc, 0xea, 0xcb, 0x33, 0xc0, 0xbe, 0x45, 0xd7,  \
-    0xfc, 0x30, 0xfd, 0x01, 0x3b, 0x02, 0x81, 0x81, 0x00, 0xd2, 0x9f, 0x2a,  \
-    0xb7, 0x38, 0x19, 0xc7, 0x17, 0x95, 0x73, 0x78, 0xae, 0xf5, 0xcb, 0x75,  \
-    0x83, 0x7f, 0x19, 0x4b, 0xcb, 0x86, 0xfb, 0x4a, 0x15, 0x9a, 0xb6, 0x17,  \
-    0x04, 0x49, 0x07, 0x8d, 0xf6, 0x66, 0x4a, 0x06, 0xf6, 0x05, 0xa7, 0xdf,  \
-    0x66, 0x82, 0x3c, 0xff, 0xb6, 0x1d, 0x57, 0x89, 0x33, 0x5f, 0x9c, 0x05,  \
-    0x75, 0x7f, 0xf3, 0x5d, 0xdc, 0x34, 0x65, 0x72, 0x85, 0x22, 0xa4, 0x14,  \
-    0x1b, 0x41, 0xc3, 0xe4, 0xd0, 0x9e, 0x69, 0xd5, 0xeb, 0x38, 0x74, 0x70,  \
-    0x43, 0xdc, 0xd9, 0x50, 0xe4, 0x97, 0x6d, 0x73, 0xd6, 0xfb, 0xc8, 0xa7,  \
-    0xfa, 0xb4, 0xc2, 0xc4, 0x9d, 0x5d, 0x0c, 0xd5, 0x9f, 0x79, 0xb3, 0x54,  \
-    0xc2, 0xb7, 0x6c, 0x3d, 0x7d, 0xcb, 0x2d, 0xf8, 0xc4, 0xf3, 0x78, 0x5a,  \
-    0x33, 0x2a, 0xb8, 0x0c, 0x6d, 0x06, 0xfa, 0xf2, 0x62, 0xd3, 0x42, 0xd0,  \
-    0xbd, 0xc8, 0x4a, 0xa5, 0x0d, 0x02, 0x81, 0x81, 0x00, 0xd4, 0xa9, 0x90,  \
-    0x15, 0xde, 0xbf, 0x2c, 0xc4, 0x8d, 0x9d, 0xfb, 0xa1, 0xc2, 0xe4, 0x83,  \
-    0xe3, 0x79, 0x65, 0x22, 0xd3, 0xb7, 0x49, 0x6c, 0x4d, 0x94, 0x1f, 0x22,  \
-    0xb1, 0x60, 0xe7, 0x3a, 0x00, 0xb1, 0x38, 0xa2, 0xab, 0x0f, 0xb4, 0x6c,  \
-    0xaa, 0xe7, 0x9e, 0x34, 0xe3, 0x7c, 0x40, 0x78, 0x53, 0xb2, 0xf9, 0x23,  \
-    0xea, 0xa0, 0x9a, 0xea, 0x60, 0xc8, 0x8f, 0xa6, 0xaf, 0xdf, 0x29, 0x09,  \
-    0x4b, 0x06, 0x1e, 0x31, 0xad, 0x17, 0xda, 0xd8, 0xd1, 0xe9, 0x33, 0xab,  \
-    0x5b, 0x18, 0x08, 0x5b, 0x87, 0xf8, 0xa5, 0x1f, 0xfd, 0xbb, 0xdc, 0xd8,  \
-    0xed, 0x97, 0x57, 0xe4, 0xc3, 0x73, 0xd6, 0xf0, 0x9e, 0x01, 0xa6, 0x9b,  \
-    0x48, 0x8e, 0x7a, 0xb4, 0xbb, 0xe5, 0x88, 0x91, 0xc5, 0x2a, 0xdf, 0x4b,  \
-    0xba, 0xd0, 0x8b, 0x3e, 0x03, 0x97, 0x77, 0x2f, 0x47, 0x7e, 0x51, 0x0c,  \
-    0xae, 0x65, 0x8d, 0xde, 0x87, 0x02, 0x81, 0x80, 0x20, 0x24, 0x0f, 0xd2,  \
-    0xaf, 0xc2, 0x28, 0x3b, 0x97, 0x20, 0xb2, 0x92, 0x49, 0xeb, 0x09, 0x68,  \
-    0x40, 0xb2, 0xbe, 0xd1, 0xc3, 0x83, 0x94, 0x34, 0x38, 0xd6, 0xc9, 0xec,  \
-    0x34, 0x09, 0xf9, 0x41, 0x6d, 0x5c, 0x42, 0x94, 0xf7, 0x04, 0xfc, 0x32,  \
-    0x39, 0x69, 0xbc, 0x1c, 0xfb, 0x3e, 0x61, 0x98, 0xc0, 0x80, 0xd8, 0x36,  \
-    0x47, 0xc3, 0x6d, 0xc2, 0x2e, 0xe7, 0x81, 0x2a, 0x17, 0x34, 0x64, 0x30,  \
-    0x4e, 0x96, 0xbb, 0x26, 0x16, 0xb9, 0x41, 0x36, 0xfe, 0x8a, 0xd6, 0x53,  \
-    0x7c, 0xaa, 0xec, 0x39, 0x42, 0x50, 0xef, 0xe3, 0xb3, 0x01, 0x28, 0x32,  \
-    0xca, 0x6d, 0xf5, 0x9a, 0x1e, 0x9f, 0x37, 0xbe, 0xfe, 0x38, 0x20, 0x22,  \
-    0x91, 0x8c, 0xcd, 0x95, 0x02, 0xf2, 0x4d, 0x6f, 0x1a, 0xb4, 0x43, 0xf0,  \
-    0x19, 0xdf, 0x65, 0xc0, 0x92, 0xe7, 0x9d, 0x2f, 0x09, 0xe7, 0xec, 0x69,  \
-    0xa8, 0xc2, 0x8f, 0x0d                                                   \
-}
-/* END FILE */
-
-/*
- * Test server Certificates
- *
- * Test server certificates are defined for each choice
- * of the following parameters:
- * - PEM or DER encoding
- * - SHA-1 or SHA-256 hash
- * - RSA or EC key
- *
- * Things to add:
- * - multiple EC curve types
- */
-
-/* This is taken from tests/data_files/server5.crt. */
-/* BEGIN FILE string macro TEST_SRV_CRT_EC_PEM tests/data_files/server5.crt */
-#define TEST_SRV_CRT_EC_PEM                                                \
-    "-----BEGIN CERTIFICATE-----\r\n"                                      \
-    "MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" \
-    "A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n" \
-    "MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \
-    "A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\r\n" \
-    "CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\r\n" \
-    "2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\r\n" \
-    "BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\r\n" \
-    "PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh\r\n" \
-    "clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\r\n" \
-    "CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S\r\n" \
-    "C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V\r\n" \
-    "fGa5kHvHARBPc8YAIVIqDvHH1Q==\r\n"                                     \
-    "-----END CERTIFICATE-----\r\n"
-/* END FILE */
-
-/* This is generated from tests/data_files/server5.crt.der using `xxd -i`. */
-/* BEGIN FILE binary macro TEST_SRV_CRT_EC_DER tests/data_files/server5.crt.der */
-#define TEST_SRV_CRT_EC_DER {                                                \
-    0x30, 0x82, 0x02, 0x1f, 0x30, 0x82, 0x01, 0xa5, 0xa0, 0x03, 0x02, 0x01,  \
-    0x02, 0x02, 0x01, 0x09, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,  \
-    0x3d, 0x04, 0x03, 0x02, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,  \
-    0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06,  \
-    0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53,  \
-    0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,  \
-    0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65,  \
-    0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d,  \
-    0x31, 0x33, 0x30, 0x39, 0x32, 0x34, 0x31, 0x35, 0x35, 0x32, 0x30, 0x34,  \
-    0x5a, 0x17, 0x0d, 0x32, 0x33, 0x30, 0x39, 0x32, 0x32, 0x31, 0x35, 0x35,  \
-    0x32, 0x30, 0x34, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,  \
-    0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06,  \
-    0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53,  \
-    0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,  \
-    0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x59,  \
-    0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06,  \
-    0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00,  \
-    0x04, 0x37, 0xcc, 0x56, 0xd9, 0x76, 0x09, 0x1e, 0x5a, 0x72, 0x3e, 0xc7,  \
-    0x59, 0x2d, 0xff, 0x20, 0x6e, 0xee, 0x7c, 0xf9, 0x06, 0x91, 0x74, 0xd0,  \
-    0xad, 0x14, 0xb5, 0xf7, 0x68, 0x22, 0x59, 0x62, 0x92, 0x4e, 0xe5, 0x00,  \
-    0xd8, 0x23, 0x11, 0xff, 0xea, 0x2f, 0xd2, 0x34, 0x5d, 0x5d, 0x16, 0xbd,  \
-    0x8a, 0x88, 0xc2, 0x6b, 0x77, 0x0d, 0x55, 0xcd, 0x8a, 0x2a, 0x0e, 0xfa,  \
-    0x01, 0xc8, 0xb4, 0xed, 0xff, 0xa3, 0x81, 0x9d, 0x30, 0x81, 0x9a, 0x30,  \
-    0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d,  \
-    0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x50, 0x61, 0xa5,  \
-    0x8f, 0xd4, 0x07, 0xd9, 0xd7, 0x82, 0x01, 0x0c, 0xe5, 0x65, 0x7f, 0x8c,  \
-    0x63, 0x46, 0xa7, 0x13, 0xbe, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23,  \
-    0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01,  \
-    0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb,  \
-    0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09,  \
-    0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30,  \
-    0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61,  \
-    0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04,  \
-    0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20,  \
-    0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09,  \
-    0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0a, 0x06,  \
-    0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x68, 0x00,  \
-    0x30, 0x65, 0x02, 0x31, 0x00, 0x9a, 0x2c, 0x5c, 0xd7, 0xa6, 0xdb, 0xa2,  \
-    0xe5, 0x64, 0x0d, 0xf0, 0xb9, 0x4e, 0xdd, 0xd7, 0x61, 0xd6, 0x13, 0x31,  \
-    0xc7, 0xab, 0x73, 0x80, 0xbb, 0xd3, 0xd3, 0x73, 0x13, 0x54, 0xad, 0x92,  \
-    0x0b, 0x5d, 0xab, 0xd0, 0xbc, 0xf7, 0xae, 0x2f, 0xe6, 0xa1, 0x21, 0x29,  \
-    0x35, 0x95, 0xaa, 0x3e, 0x39, 0x02, 0x30, 0x21, 0x36, 0x7f, 0x9d, 0xc6,  \
-    0x5d, 0xc6, 0x0b, 0xab, 0x27, 0xf2, 0x25, 0x1d, 0x3b, 0xf1, 0xcf, 0xf1,  \
-    0x35, 0x25, 0x14, 0xe7, 0xe5, 0xf1, 0x97, 0xb5, 0x59, 0xe3, 0x5e, 0x15,  \
-    0x7c, 0x66, 0xb9, 0x90, 0x7b, 0xc7, 0x01, 0x10, 0x4f, 0x73, 0xc6, 0x00,  \
-    0x21, 0x52, 0x2a, 0x0e, 0xf1, 0xc7, 0xd5                                 \
-}
-/* END FILE */
-
-/* This is taken from tests/data_files/server5.key. */
-/* BEGIN FILE string macro TEST_SRV_KEY_EC_PEM tests/data_files/server5.key */
-#define TEST_SRV_KEY_EC_PEM                                                \
-    "-----BEGIN EC PRIVATE KEY-----\r\n"                                   \
-    "MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\r\n" \
-    "AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\r\n" \
-    "6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\r\n"                             \
-    "-----END EC PRIVATE KEY-----\r\n"
-/* END FILE */
-
-/* This is generated from tests/data_files/server5.key.der using `xxd -i`. */
-/* BEGIN FILE binary macro TEST_SRV_KEY_EC_DER tests/data_files/server5.key.der */
-#define TEST_SRV_KEY_EC_DER {                                                \
-    0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xf1, 0x2a, 0x13, 0x20, 0x76,  \
-    0x02, 0x70, 0xa8, 0x3c, 0xbf, 0xfd, 0x53, 0xf6, 0x03, 0x1e, 0xf7, 0x6a,  \
-    0x5d, 0x86, 0xc8, 0xa2, 0x04, 0xf2, 0xc3, 0x0c, 0xa9, 0xeb, 0xf5, 0x1f,  \
-    0x0f, 0x0e, 0xa7, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,  \
-    0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x37, 0xcc, 0x56,  \
-    0xd9, 0x76, 0x09, 0x1e, 0x5a, 0x72, 0x3e, 0xc7, 0x59, 0x2d, 0xff, 0x20,  \
-    0x6e, 0xee, 0x7c, 0xf9, 0x06, 0x91, 0x74, 0xd0, 0xad, 0x14, 0xb5, 0xf7,  \
-    0x68, 0x22, 0x59, 0x62, 0x92, 0x4e, 0xe5, 0x00, 0xd8, 0x23, 0x11, 0xff,  \
-    0xea, 0x2f, 0xd2, 0x34, 0x5d, 0x5d, 0x16, 0xbd, 0x8a, 0x88, 0xc2, 0x6b,  \
-    0x77, 0x0d, 0x55, 0xcd, 0x8a, 0x2a, 0x0e, 0xfa, 0x01, 0xc8, 0xb4, 0xed,  \
-    0xff                                                                     \
-}
-/* END FILE */
-
-/* This is taken from tests/data_files/server2-sha256.crt. */
-/* BEGIN FILE string macro TEST_SRV_CRT_RSA_SHA256_PEM tests/data_files/server2-sha256.crt */
-#define TEST_SRV_CRT_RSA_SHA256_PEM                                        \
-    "-----BEGIN CERTIFICATE-----\r\n"                                      \
-    "MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \
-    "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \
-    "MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \
-    "A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n" \
-    "AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n" \
-    "owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n" \
-    "NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n" \
-    "tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n" \
-    "hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n" \
-    "HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n" \
-    "VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n" \
-    "FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQELBQADggEBAC465FJh\r\n" \
-    "Pqel7zJngHIHJrqj/wVAxGAFOTF396XKATGAp+HRCqJ81Ry60CNK1jDzk8dv6M6U\r\n" \
-    "HoS7RIFiM/9rXQCbJfiPD5xMTejZp5n5UYHAmxsxDaazfA5FuBhkfokKK6jD4Eq9\r\n" \
-    "1C94xGKb6X4/VkaPF7cqoBBw/bHxawXc0UEPjqayiBpCYU/rJoVZgLqFVP7Px3sv\r\n" \
-    "a1nOrNx8rPPI1hJ+ZOg8maiPTxHZnBVLakSSLQy/sWeWyazO1RnrbxjrbgQtYKz0\r\n" \
-    "e3nwGpu1w13vfckFmUSBhHXH7AAS/HpKC4IH7G2GAk3+n8iSSN71sZzpxonQwVbo\r\n" \
-    "pMZqLmbBm/7WPLc=\r\n"                                                 \
-    "-----END CERTIFICATE-----\r\n"
-/* END FILE */
-
-/* This is taken from tests/data_files/server2-sha256.crt.der. */
-/* BEGIN FILE binary macro TEST_SRV_CRT_RSA_SHA256_DER tests/data_files/server2-sha256.crt.der */
-#define TEST_SRV_CRT_RSA_SHA256_DER {                                        \
-  0x30, 0x82, 0x03, 0x37, 0x30, 0x82, 0x02, 0x1f, 0xa0, 0x03, 0x02, 0x01,    \
-  0x02, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,    \
-  0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30,    \
-  0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11,    \
-  0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c,    \
-  0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55,    \
-  0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c,    \
-  0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d,    \
-  0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36,    \
-  0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34,    \
-  0x34, 0x30, 0x36, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,    \
-  0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06,    \
-  0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53,    \
-  0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,    \
-  0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x82,    \
-  0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,    \
-  0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82,    \
-  0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc1, 0x4d, 0xa3, 0xdd, 0xe7,    \
-  0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, 0xb8, 0x99, 0xac, 0x0e, 0x78,    \
-  0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, 0x16, 0xd0, 0x5a, 0xe4, 0xcd,    \
-  0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, 0x96, 0xa7, 0x52, 0xb4, 0x90,    \
-  0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, 0xfc, 0xb6, 0x34, 0xac, 0x24,    \
-  0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, 0xb0, 0x28, 0x7d, 0xa1, 0xda,    \
-  0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, 0xfe, 0xc1, 0x04, 0x52, 0xb3,    \
-  0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, 0xd8, 0x90, 0xc1, 0x61, 0xb4,    \
-  0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, 0xab, 0x74, 0x5e, 0x07, 0x7d,    \
-  0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, 0xd9, 0x0d, 0x1c, 0x2d, 0x49,    \
-  0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, 0x0b, 0x8a, 0x4f, 0x69, 0x0c,    \
-  0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, 0x66, 0x7d, 0xae, 0x54, 0x2b,    \
-  0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, 0xc3, 0xcd, 0x40, 0x49, 0x08,    \
-  0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, 0x46, 0xbf, 0xd0, 0xb8, 0xaa,    \
-  0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, 0x1e, 0x44, 0x18, 0x0f, 0x0f,    \
-  0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, 0x18, 0xc6, 0x62, 0x2f, 0xc7,    \
-  0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, 0x27, 0x89, 0x29, 0x01, 0xc5,    \
-  0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, 0x4a, 0x0e, 0xef, 0xd6, 0xde,    \
-  0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, 0x7a, 0xc4, 0x02, 0x3c, 0x9a,    \
-  0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, 0xcb, 0x73, 0x4b, 0x52, 0x96,    \
-  0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, 0x39, 0x5a, 0xd3, 0x0f, 0xb0,    \
-  0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, 0x12, 0x01, 0x30, 0x97, 0x02,    \
-  0x03, 0x01, 0x00, 0x01, 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03,    \
-  0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55,    \
-  0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xa5, 0x05, 0xe8, 0x64, 0xb8, 0xdc,    \
-  0xdf, 0x60, 0x0f, 0x50, 0x12, 0x4d, 0x60, 0xa8, 0x64, 0xaf, 0x4d, 0x8b,    \
-  0x43, 0x93, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30,    \
-  0x16, 0x80, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6,    \
-  0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30,    \
-  0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,    \
-  0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x2e, 0x3a, 0xe4, 0x52, 0x61,    \
-  0x3e, 0xa7, 0xa5, 0xef, 0x32, 0x67, 0x80, 0x72, 0x07, 0x26, 0xba, 0xa3,    \
-  0xff, 0x05, 0x40, 0xc4, 0x60, 0x05, 0x39, 0x31, 0x77, 0xf7, 0xa5, 0xca,    \
-  0x01, 0x31, 0x80, 0xa7, 0xe1, 0xd1, 0x0a, 0xa2, 0x7c, 0xd5, 0x1c, 0xba,    \
-  0xd0, 0x23, 0x4a, 0xd6, 0x30, 0xf3, 0x93, 0xc7, 0x6f, 0xe8, 0xce, 0x94,    \
-  0x1e, 0x84, 0xbb, 0x44, 0x81, 0x62, 0x33, 0xff, 0x6b, 0x5d, 0x00, 0x9b,    \
-  0x25, 0xf8, 0x8f, 0x0f, 0x9c, 0x4c, 0x4d, 0xe8, 0xd9, 0xa7, 0x99, 0xf9,    \
-  0x51, 0x81, 0xc0, 0x9b, 0x1b, 0x31, 0x0d, 0xa6, 0xb3, 0x7c, 0x0e, 0x45,    \
-  0xb8, 0x18, 0x64, 0x7e, 0x89, 0x0a, 0x2b, 0xa8, 0xc3, 0xe0, 0x4a, 0xbd,    \
-  0xd4, 0x2f, 0x78, 0xc4, 0x62, 0x9b, 0xe9, 0x7e, 0x3f, 0x56, 0x46, 0x8f,    \
-  0x17, 0xb7, 0x2a, 0xa0, 0x10, 0x70, 0xfd, 0xb1, 0xf1, 0x6b, 0x05, 0xdc,    \
-  0xd1, 0x41, 0x0f, 0x8e, 0xa6, 0xb2, 0x88, 0x1a, 0x42, 0x61, 0x4f, 0xeb,    \
-  0x26, 0x85, 0x59, 0x80, 0xba, 0x85, 0x54, 0xfe, 0xcf, 0xc7, 0x7b, 0x2f,    \
-  0x6b, 0x59, 0xce, 0xac, 0xdc, 0x7c, 0xac, 0xf3, 0xc8, 0xd6, 0x12, 0x7e,    \
-  0x64, 0xe8, 0x3c, 0x99, 0xa8, 0x8f, 0x4f, 0x11, 0xd9, 0x9c, 0x15, 0x4b,    \
-  0x6a, 0x44, 0x92, 0x2d, 0x0c, 0xbf, 0xb1, 0x67, 0x96, 0xc9, 0xac, 0xce,    \
-  0xd5, 0x19, 0xeb, 0x6f, 0x18, 0xeb, 0x6e, 0x04, 0x2d, 0x60, 0xac, 0xf4,    \
-  0x7b, 0x79, 0xf0, 0x1a, 0x9b, 0xb5, 0xc3, 0x5d, 0xef, 0x7d, 0xc9, 0x05,    \
-  0x99, 0x44, 0x81, 0x84, 0x75, 0xc7, 0xec, 0x00, 0x12, 0xfc, 0x7a, 0x4a,    \
-  0x0b, 0x82, 0x07, 0xec, 0x6d, 0x86, 0x02, 0x4d, 0xfe, 0x9f, 0xc8, 0x92,    \
-  0x48, 0xde, 0xf5, 0xb1, 0x9c, 0xe9, 0xc6, 0x89, 0xd0, 0xc1, 0x56, 0xe8,    \
-  0xa4, 0xc6, 0x6a, 0x2e, 0x66, 0xc1, 0x9b, 0xfe, 0xd6, 0x3c, 0xb7           \
-}
-/* END FILE */
-
-/* This is taken from tests/data_files/server2.crt. */
-/* BEGIN FILE string macro TEST_SRV_CRT_RSA_SHA1_PEM tests/data_files/server2.crt */
-#define TEST_SRV_CRT_RSA_SHA1_PEM                                       \
-"-----BEGIN CERTIFICATE-----\r\n"                                       \
-"MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n"  \
-"MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"  \
-"MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n"  \
-"A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n"  \
-"AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n"  \
-"owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n"  \
-"NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n"  \
-"tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n"  \
-"hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n"  \
-"HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n"  \
-"VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n"  \
-"FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJklg3Q4\r\n"  \
-"cB7v7BzsxM/vLyKccO6op0/gZzM4ghuLq2Y32kl0sM6kSNUUmduuq3u/+GmUZN2A\r\n"  \
-"O/7c+Hw7hDFEIvZk98aBGjCLqn3DmgHIv8ToQ67nellQxx2Uj309PdgjNi/r9HOc\r\n"  \
-"KNAYPbBcg6MJGWWj2TI6vNaceios/DhOYx5V0j5nfqSJ/pnU0g9Ign2LAhgYpGJE\r\n"  \
-"iEM9wW7hEMkwmk0h/sqZsrJsGH5YsF/VThSq/JVO1e2mZH2vruyZKJVBq+8tDNYp\r\n"  \
-"HkK6tSyVYQhzIt3StMJWKMl/o5k2AYz6tSC164+1oG+ML3LWg8XrGKa91H4UOKap\r\n"  \
-"Awgk0+4m0T25cNs=\r\n"                                                  \
-"-----END CERTIFICATE-----\r\n"
-/* END FILE */
-
-/* This is taken from tests/data_files/server2.crt.der. */
-/* BEGIN FILE binary macro TEST_SRV_CRT_RSA_SHA1_DER tests/data_files/server2.crt.der */
-#define TEST_SRV_CRT_RSA_SHA1_DER {                                          \
-    0x30, 0x82, 0x03, 0x37, 0x30, 0x82, 0x02, 0x1f, 0xa0, 0x03, 0x02, 0x01,  \
-    0x02, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,  \
-    0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30,  \
-    0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11,  \
-    0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c,  \
-    0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55,  \
-    0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c,  \
-    0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d,  \
-    0x31, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36,  \
-    0x5a, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34,  \
-    0x34, 0x30, 0x36, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,  \
-    0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06,  \
-    0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53,  \
-    0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,  \
-    0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x82,  \
-    0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,  \
-    0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82,  \
-    0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc1, 0x4d, 0xa3, 0xdd, 0xe7,  \
-    0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, 0xb8, 0x99, 0xac, 0x0e, 0x78,  \
-    0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, 0x16, 0xd0, 0x5a, 0xe4, 0xcd,  \
-    0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, 0x96, 0xa7, 0x52, 0xb4, 0x90,  \
-    0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, 0xfc, 0xb6, 0x34, 0xac, 0x24,  \
-    0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, 0xb0, 0x28, 0x7d, 0xa1, 0xda,  \
-    0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, 0xfe, 0xc1, 0x04, 0x52, 0xb3,  \
-    0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, 0xd8, 0x90, 0xc1, 0x61, 0xb4,  \
-    0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, 0xab, 0x74, 0x5e, 0x07, 0x7d,  \
-    0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, 0xd9, 0x0d, 0x1c, 0x2d, 0x49,  \
-    0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, 0x0b, 0x8a, 0x4f, 0x69, 0x0c,  \
-    0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, 0x66, 0x7d, 0xae, 0x54, 0x2b,  \
-    0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, 0xc3, 0xcd, 0x40, 0x49, 0x08,  \
-    0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, 0x46, 0xbf, 0xd0, 0xb8, 0xaa,  \
-    0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, 0x1e, 0x44, 0x18, 0x0f, 0x0f,  \
-    0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, 0x18, 0xc6, 0x62, 0x2f, 0xc7,  \
-    0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, 0x27, 0x89, 0x29, 0x01, 0xc5,  \
-    0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, 0x4a, 0x0e, 0xef, 0xd6, 0xde,  \
-    0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, 0x7a, 0xc4, 0x02, 0x3c, 0x9a,  \
-    0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, 0xcb, 0x73, 0x4b, 0x52, 0x96,  \
-    0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, 0x39, 0x5a, 0xd3, 0x0f, 0xb0,  \
-    0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, 0x12, 0x01, 0x30, 0x97, 0x02,  \
-    0x03, 0x01, 0x00, 0x01, 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03,  \
-    0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55,  \
-    0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xa5, 0x05, 0xe8, 0x64, 0xb8, 0xdc,  \
-    0xdf, 0x60, 0x0f, 0x50, 0x12, 0x4d, 0x60, 0xa8, 0x64, 0xaf, 0x4d, 0x8b,  \
-    0x43, 0x93, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30,  \
-    0x16, 0x80, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6,  \
-    0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30,  \
-    0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05,  \
-    0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x01, 0x73, 0x0b, 0x4a, 0xc5,  \
-    0xcb, 0xa0, 0xde, 0xf1, 0x63, 0x1c, 0x76, 0x04, 0x2b, 0x13, 0x0d, 0xc0,  \
-    0x84, 0x11, 0xc5, 0x8f, 0x3a, 0xa7, 0xc5, 0x9c, 0x35, 0x7a, 0x77, 0xb8,  \
-    0x20, 0x14, 0x82, 0xee, 0x54, 0xf0, 0xf2, 0xb0, 0x52, 0xcb, 0x78, 0xce,  \
-    0x59, 0x07, 0x4f, 0x51, 0x69, 0xfe, 0xd3, 0x2f, 0xe9, 0x09, 0xe7, 0x85,  \
-    0x92, 0xd8, 0xba, 0xb1, 0xeb, 0xc5, 0x76, 0x5d, 0x61, 0x2d, 0xe9, 0x86,  \
-    0xb5, 0xde, 0x2a, 0xf9, 0x3f, 0x53, 0x28, 0x42, 0x86, 0x83, 0x73, 0x43,  \
-    0xe0, 0x04, 0x5f, 0x07, 0x90, 0x14, 0x65, 0x9f, 0x6e, 0x10, 0x7a, 0xbc,  \
-    0x58, 0x19, 0x22, 0xc2, 0xeb, 0x39, 0x72, 0x51, 0x92, 0xd7, 0xb4, 0x1d,  \
-    0x75, 0x2f, 0xd3, 0x3a, 0x2b, 0x01, 0xe7, 0xdb, 0x50, 0xae, 0xe2, 0xf1,  \
-    0xd4, 0x4d, 0x5b, 0x3c, 0xbb, 0x41, 0x2b, 0x2a, 0xa4, 0xe2, 0x4a, 0x02,  \
-    0xe5, 0x60, 0x14, 0x2c, 0x9c, 0x1f, 0xa6, 0xcc, 0x06, 0x4b, 0x25, 0x89,  \
-    0x4e, 0x96, 0x30, 0x22, 0x9c, 0x5c, 0x58, 0x4d, 0xc3, 0xda, 0xd0, 0x6e,  \
-    0x50, 0x1e, 0x8c, 0x65, 0xf5, 0xd9, 0x17, 0x35, 0xa6, 0x58, 0x43, 0xb2,  \
-    0x29, 0xb7, 0xa8, 0x5e, 0x35, 0xde, 0xf0, 0x60, 0x42, 0x1a, 0x01, 0xcb,  \
-    0xcb, 0x0b, 0xd8, 0x0e, 0xc1, 0x90, 0xdf, 0xa1, 0xd2, 0x1a, 0xd1, 0x2c,  \
-    0x02, 0xf4, 0x76, 0x41, 0xa4, 0xcb, 0x4b, 0x15, 0x98, 0x71, 0xf9, 0x35,  \
-    0x7d, 0xb0, 0xe7, 0xe2, 0x34, 0x96, 0x91, 0xbe, 0x32, 0x67, 0x2d, 0x6b,  \
-    0xd3, 0x55, 0x04, 0x8a, 0x01, 0x50, 0xb4, 0xe3, 0x62, 0x78, 0x6c, 0x11,  \
-    0x15, 0xa5, 0x2a, 0x11, 0xc1, 0x49, 0x1c, 0x9b, 0xc4, 0x10, 0x65, 0x60,  \
-    0x87, 0xd9, 0x1e, 0x69, 0x59, 0x4e, 0x8f, 0x6b, 0xeb, 0xc1, 0xfe, 0x6b,  \
-    0xe2, 0x63, 0x78, 0x95, 0x6e, 0xe0, 0x2d, 0xd7, 0xa7, 0x37, 0xa8         \
-}
-/* END FILE */
-
-/* This is taken from tests/data_files/server2.key. */
-/* BEGIN FILE string macro TEST_SRV_KEY_RSA_PEM tests/data_files/server2.key */
-#define TEST_SRV_KEY_RSA_PEM                                               \
-    "-----BEGIN RSA PRIVATE KEY-----\r\n"                                  \
-    "MIIEpAIBAAKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r\r\n" \
-    "lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2\r\n" \
-    "2JDBYbRmUjaiJlOqq3ReB30Zgtsq2B+g2Q0cLUlm91slc0boC4pPaQy1AJDh2oIQ\r\n" \
-    "Zn2uVCuLZXmRoeJhw81ASQjuaAzxi4bSRr/QuKoRAx5/VqgaHkQYDw+Fi9qLRF7i\r\n" \
-    "GMZiL8dmjfpd2H3zJ4kpAcWQDj8n8TDISg7v1t7HxydrxwU9esQCPJodPg/oNJhb\r\n" \
-    "y3NLUpbYEaIsgIhpOVrTD7DeWS8Rx/fqEgEwlwIDAQABAoIBAQCXR0S8EIHFGORZ\r\n" \
-    "++AtOg6eENxD+xVs0f1IeGz57Tjo3QnXX7VBZNdj+p1ECvhCE/G7XnkgU5hLZX+G\r\n" \
-    "Z0jkz/tqJOI0vRSdLBbipHnWouyBQ4e/A1yIJdlBtqXxJ1KE/ituHRbNc4j4kL8Z\r\n" \
-    "/r6pvwnTI0PSx2Eqs048YdS92LT6qAv4flbNDxMn2uY7s4ycS4Q8w1JXnCeaAnYm\r\n" \
-    "WYI5wxO+bvRELR2Mcz5DmVnL8jRyml6l6582bSv5oufReFIbyPZbQWlXgYnpu6He\r\n" \
-    "GTc7E1zKYQGG/9+DQUl/1vQuCPqQwny0tQoX2w5tdYpdMdVm+zkLtbajzdTviJJa\r\n" \
-    "TWzL6lt5AoGBAN86+SVeJDcmQJcv4Eq6UhtRr4QGMiQMz0Sod6ettYxYzMgxtw28\r\n" \
-    "CIrgpozCc+UaZJLo7UxvC6an85r1b2nKPCLQFaggJ0H4Q0J/sZOhBIXaoBzWxveK\r\n" \
-    "nupceKdVxGsFi8CDy86DBfiyFivfBj+47BbaQzPBj7C4rK7UlLjab2rDAoGBAN2u\r\n" \
-    "AM2gchoFiu4v1HFL8D7lweEpi6ZnMJjnEu/dEgGQJFjwdpLnPbsj4c75odQ4Gz8g\r\n" \
-    "sw9lao9VVzbusoRE/JGI4aTdO0pATXyG7eG1Qu+5Yc1YGXcCrliA2xM9xx+d7f+s\r\n" \
-    "mPzN+WIEg5GJDYZDjAzHG5BNvi/FfM1C9dOtjv2dAoGAF0t5KmwbjWHBhcVqO4Ic\r\n" \
-    "BVvN3BIlc1ue2YRXEDlxY5b0r8N4XceMgKmW18OHApZxfl8uPDauWZLXOgl4uepv\r\n" \
-    "whZC3EuWrSyyICNhLY21Ah7hbIEBPF3L3ZsOwC+UErL+dXWLdB56Jgy3gZaBeW7b\r\n" \
-    "vDrEnocJbqCm7IukhXHOBK8CgYEAwqdHB0hqyNSzIOGY7v9abzB6pUdA3BZiQvEs\r\n" \
-    "3LjHVd4HPJ2x0N8CgrBIWOE0q8+0hSMmeE96WW/7jD3fPWwCR5zlXknxBQsfv0gP\r\n" \
-    "3BC5PR0Qdypz+d+9zfMf625kyit4T/hzwhDveZUzHnk1Cf+IG7Q+TOEnLnWAWBED\r\n" \
-    "ISOWmrUCgYAFEmRxgwAc/u+D6t0syCwAYh6POtscq9Y0i9GyWk89NzgC4NdwwbBH\r\n" \
-    "4AgahOxIxXx2gxJnq3yfkJfIjwf0s2DyP0kY2y6Ua1OeomPeY9mrIS4tCuDQ6LrE\r\n" \
-    "TB6l9VGoxJL4fyHnZb8L5gGvnB1bbD8cL6YPaDiOhcRseC9vBiEuVg==\r\n"         \
-    "-----END RSA PRIVATE KEY-----\r\n"
-/* END FILE */
-
-/* This was generated from tests/data_files/server2.key.der using `xxd -i`. */
-/* BEGIN FILE binary macro TEST_SRV_KEY_RSA_DER tests/data_files/server2.key.der */
-#define TEST_SRV_KEY_RSA_DER {                                               \
-    0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,  \
-    0xc1, 0x4d, 0xa3, 0xdd, 0xe7, 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72,  \
-    0xb8, 0x99, 0xac, 0x0e, 0x78, 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13,  \
-    0x16, 0xd0, 0x5a, 0xe4, 0xcd, 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b,  \
-    0x96, 0xa7, 0x52, 0xb4, 0x90, 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a,  \
-    0xfc, 0xb6, 0x34, 0xac, 0x24, 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c,  \
-    0xb0, 0x28, 0x7d, 0xa1, 0xda, 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc,  \
-    0xfe, 0xc1, 0x04, 0x52, 0xb3, 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76,  \
-    0xd8, 0x90, 0xc1, 0x61, 0xb4, 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa,  \
-    0xab, 0x74, 0x5e, 0x07, 0x7d, 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0,  \
-    0xd9, 0x0d, 0x1c, 0x2d, 0x49, 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8,  \
-    0x0b, 0x8a, 0x4f, 0x69, 0x0c, 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10,  \
-    0x66, 0x7d, 0xae, 0x54, 0x2b, 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61,  \
-    0xc3, 0xcd, 0x40, 0x49, 0x08, 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2,  \
-    0x46, 0xbf, 0xd0, 0xb8, 0xaa, 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a,  \
-    0x1e, 0x44, 0x18, 0x0f, 0x0f, 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2,  \
-    0x18, 0xc6, 0x62, 0x2f, 0xc7, 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3,  \
-    0x27, 0x89, 0x29, 0x01, 0xc5, 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8,  \
-    0x4a, 0x0e, 0xef, 0xd6, 0xde, 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d,  \
-    0x7a, 0xc4, 0x02, 0x3c, 0x9a, 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b,  \
-    0xcb, 0x73, 0x4b, 0x52, 0x96, 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69,  \
-    0x39, 0x5a, 0xd3, 0x0f, 0xb0, 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea,  \
-    0x12, 0x01, 0x30, 0x97, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,  \
-    0x01, 0x00, 0x97, 0x47, 0x44, 0xbc, 0x10, 0x81, 0xc5, 0x18, 0xe4, 0x59,  \
-    0xfb, 0xe0, 0x2d, 0x3a, 0x0e, 0x9e, 0x10, 0xdc, 0x43, 0xfb, 0x15, 0x6c,  \
-    0xd1, 0xfd, 0x48, 0x78, 0x6c, 0xf9, 0xed, 0x38, 0xe8, 0xdd, 0x09, 0xd7,  \
-    0x5f, 0xb5, 0x41, 0x64, 0xd7, 0x63, 0xfa, 0x9d, 0x44, 0x0a, 0xf8, 0x42,  \
-    0x13, 0xf1, 0xbb, 0x5e, 0x79, 0x20, 0x53, 0x98, 0x4b, 0x65, 0x7f, 0x86,  \
-    0x67, 0x48, 0xe4, 0xcf, 0xfb, 0x6a, 0x24, 0xe2, 0x34, 0xbd, 0x14, 0x9d,  \
-    0x2c, 0x16, 0xe2, 0xa4, 0x79, 0xd6, 0xa2, 0xec, 0x81, 0x43, 0x87, 0xbf,  \
-    0x03, 0x5c, 0x88, 0x25, 0xd9, 0x41, 0xb6, 0xa5, 0xf1, 0x27, 0x52, 0x84,  \
-    0xfe, 0x2b, 0x6e, 0x1d, 0x16, 0xcd, 0x73, 0x88, 0xf8, 0x90, 0xbf, 0x19,  \
-    0xfe, 0xbe, 0xa9, 0xbf, 0x09, 0xd3, 0x23, 0x43, 0xd2, 0xc7, 0x61, 0x2a,  \
-    0xb3, 0x4e, 0x3c, 0x61, 0xd4, 0xbd, 0xd8, 0xb4, 0xfa, 0xa8, 0x0b, 0xf8,  \
-    0x7e, 0x56, 0xcd, 0x0f, 0x13, 0x27, 0xda, 0xe6, 0x3b, 0xb3, 0x8c, 0x9c,  \
-    0x4b, 0x84, 0x3c, 0xc3, 0x52, 0x57, 0x9c, 0x27, 0x9a, 0x02, 0x76, 0x26,  \
-    0x59, 0x82, 0x39, 0xc3, 0x13, 0xbe, 0x6e, 0xf4, 0x44, 0x2d, 0x1d, 0x8c,  \
-    0x73, 0x3e, 0x43, 0x99, 0x59, 0xcb, 0xf2, 0x34, 0x72, 0x9a, 0x5e, 0xa5,  \
-    0xeb, 0x9f, 0x36, 0x6d, 0x2b, 0xf9, 0xa2, 0xe7, 0xd1, 0x78, 0x52, 0x1b,  \
-    0xc8, 0xf6, 0x5b, 0x41, 0x69, 0x57, 0x81, 0x89, 0xe9, 0xbb, 0xa1, 0xde,  \
-    0x19, 0x37, 0x3b, 0x13, 0x5c, 0xca, 0x61, 0x01, 0x86, 0xff, 0xdf, 0x83,  \
-    0x41, 0x49, 0x7f, 0xd6, 0xf4, 0x2e, 0x08, 0xfa, 0x90, 0xc2, 0x7c, 0xb4,  \
-    0xb5, 0x0a, 0x17, 0xdb, 0x0e, 0x6d, 0x75, 0x8a, 0x5d, 0x31, 0xd5, 0x66,  \
-    0xfb, 0x39, 0x0b, 0xb5, 0xb6, 0xa3, 0xcd, 0xd4, 0xef, 0x88, 0x92, 0x5a,  \
-    0x4d, 0x6c, 0xcb, 0xea, 0x5b, 0x79, 0x02, 0x81, 0x81, 0x00, 0xdf, 0x3a,  \
-    0xf9, 0x25, 0x5e, 0x24, 0x37, 0x26, 0x40, 0x97, 0x2f, 0xe0, 0x4a, 0xba,  \
-    0x52, 0x1b, 0x51, 0xaf, 0x84, 0x06, 0x32, 0x24, 0x0c, 0xcf, 0x44, 0xa8,  \
-    0x77, 0xa7, 0xad, 0xb5, 0x8c, 0x58, 0xcc, 0xc8, 0x31, 0xb7, 0x0d, 0xbc,  \
-    0x08, 0x8a, 0xe0, 0xa6, 0x8c, 0xc2, 0x73, 0xe5, 0x1a, 0x64, 0x92, 0xe8,  \
-    0xed, 0x4c, 0x6f, 0x0b, 0xa6, 0xa7, 0xf3, 0x9a, 0xf5, 0x6f, 0x69, 0xca,  \
-    0x3c, 0x22, 0xd0, 0x15, 0xa8, 0x20, 0x27, 0x41, 0xf8, 0x43, 0x42, 0x7f,  \
-    0xb1, 0x93, 0xa1, 0x04, 0x85, 0xda, 0xa0, 0x1c, 0xd6, 0xc6, 0xf7, 0x8a,  \
-    0x9e, 0xea, 0x5c, 0x78, 0xa7, 0x55, 0xc4, 0x6b, 0x05, 0x8b, 0xc0, 0x83,  \
-    0xcb, 0xce, 0x83, 0x05, 0xf8, 0xb2, 0x16, 0x2b, 0xdf, 0x06, 0x3f, 0xb8,  \
-    0xec, 0x16, 0xda, 0x43, 0x33, 0xc1, 0x8f, 0xb0, 0xb8, 0xac, 0xae, 0xd4,  \
-    0x94, 0xb8, 0xda, 0x6f, 0x6a, 0xc3, 0x02, 0x81, 0x81, 0x00, 0xdd, 0xae,  \
-    0x00, 0xcd, 0xa0, 0x72, 0x1a, 0x05, 0x8a, 0xee, 0x2f, 0xd4, 0x71, 0x4b,  \
-    0xf0, 0x3e, 0xe5, 0xc1, 0xe1, 0x29, 0x8b, 0xa6, 0x67, 0x30, 0x98, 0xe7,  \
-    0x12, 0xef, 0xdd, 0x12, 0x01, 0x90, 0x24, 0x58, 0xf0, 0x76, 0x92, 0xe7,  \
-    0x3d, 0xbb, 0x23, 0xe1, 0xce, 0xf9, 0xa1, 0xd4, 0x38, 0x1b, 0x3f, 0x20,  \
-    0xb3, 0x0f, 0x65, 0x6a, 0x8f, 0x55, 0x57, 0x36, 0xee, 0xb2, 0x84, 0x44,  \
-    0xfc, 0x91, 0x88, 0xe1, 0xa4, 0xdd, 0x3b, 0x4a, 0x40, 0x4d, 0x7c, 0x86,  \
-    0xed, 0xe1, 0xb5, 0x42, 0xef, 0xb9, 0x61, 0xcd, 0x58, 0x19, 0x77, 0x02,  \
-    0xae, 0x58, 0x80, 0xdb, 0x13, 0x3d, 0xc7, 0x1f, 0x9d, 0xed, 0xff, 0xac,  \
-    0x98, 0xfc, 0xcd, 0xf9, 0x62, 0x04, 0x83, 0x91, 0x89, 0x0d, 0x86, 0x43,  \
-    0x8c, 0x0c, 0xc7, 0x1b, 0x90, 0x4d, 0xbe, 0x2f, 0xc5, 0x7c, 0xcd, 0x42,  \
-    0xf5, 0xd3, 0xad, 0x8e, 0xfd, 0x9d, 0x02, 0x81, 0x80, 0x17, 0x4b, 0x79,  \
-    0x2a, 0x6c, 0x1b, 0x8d, 0x61, 0xc1, 0x85, 0xc5, 0x6a, 0x3b, 0x82, 0x1c,  \
-    0x05, 0x5b, 0xcd, 0xdc, 0x12, 0x25, 0x73, 0x5b, 0x9e, 0xd9, 0x84, 0x57,  \
-    0x10, 0x39, 0x71, 0x63, 0x96, 0xf4, 0xaf, 0xc3, 0x78, 0x5d, 0xc7, 0x8c,  \
-    0x80, 0xa9, 0x96, 0xd7, 0xc3, 0x87, 0x02, 0x96, 0x71, 0x7e, 0x5f, 0x2e,  \
-    0x3c, 0x36, 0xae, 0x59, 0x92, 0xd7, 0x3a, 0x09, 0x78, 0xb9, 0xea, 0x6f,  \
-    0xc2, 0x16, 0x42, 0xdc, 0x4b, 0x96, 0xad, 0x2c, 0xb2, 0x20, 0x23, 0x61,  \
-    0x2d, 0x8d, 0xb5, 0x02, 0x1e, 0xe1, 0x6c, 0x81, 0x01, 0x3c, 0x5d, 0xcb,  \
-    0xdd, 0x9b, 0x0e, 0xc0, 0x2f, 0x94, 0x12, 0xb2, 0xfe, 0x75, 0x75, 0x8b,  \
-    0x74, 0x1e, 0x7a, 0x26, 0x0c, 0xb7, 0x81, 0x96, 0x81, 0x79, 0x6e, 0xdb,  \
-    0xbc, 0x3a, 0xc4, 0x9e, 0x87, 0x09, 0x6e, 0xa0, 0xa6, 0xec, 0x8b, 0xa4,  \
-    0x85, 0x71, 0xce, 0x04, 0xaf, 0x02, 0x81, 0x81, 0x00, 0xc2, 0xa7, 0x47,  \
-    0x07, 0x48, 0x6a, 0xc8, 0xd4, 0xb3, 0x20, 0xe1, 0x98, 0xee, 0xff, 0x5a,  \
-    0x6f, 0x30, 0x7a, 0xa5, 0x47, 0x40, 0xdc, 0x16, 0x62, 0x42, 0xf1, 0x2c,  \
-    0xdc, 0xb8, 0xc7, 0x55, 0xde, 0x07, 0x3c, 0x9d, 0xb1, 0xd0, 0xdf, 0x02,  \
-    0x82, 0xb0, 0x48, 0x58, 0xe1, 0x34, 0xab, 0xcf, 0xb4, 0x85, 0x23, 0x26,  \
-    0x78, 0x4f, 0x7a, 0x59, 0x6f, 0xfb, 0x8c, 0x3d, 0xdf, 0x3d, 0x6c, 0x02,  \
-    0x47, 0x9c, 0xe5, 0x5e, 0x49, 0xf1, 0x05, 0x0b, 0x1f, 0xbf, 0x48, 0x0f,  \
-    0xdc, 0x10, 0xb9, 0x3d, 0x1d, 0x10, 0x77, 0x2a, 0x73, 0xf9, 0xdf, 0xbd,  \
-    0xcd, 0xf3, 0x1f, 0xeb, 0x6e, 0x64, 0xca, 0x2b, 0x78, 0x4f, 0xf8, 0x73,  \
-    0xc2, 0x10, 0xef, 0x79, 0x95, 0x33, 0x1e, 0x79, 0x35, 0x09, 0xff, 0x88,  \
-    0x1b, 0xb4, 0x3e, 0x4c, 0xe1, 0x27, 0x2e, 0x75, 0x80, 0x58, 0x11, 0x03,  \
-    0x21, 0x23, 0x96, 0x9a, 0xb5, 0x02, 0x81, 0x80, 0x05, 0x12, 0x64, 0x71,  \
-    0x83, 0x00, 0x1c, 0xfe, 0xef, 0x83, 0xea, 0xdd, 0x2c, 0xc8, 0x2c, 0x00,  \
-    0x62, 0x1e, 0x8f, 0x3a, 0xdb, 0x1c, 0xab, 0xd6, 0x34, 0x8b, 0xd1, 0xb2,  \
-    0x5a, 0x4f, 0x3d, 0x37, 0x38, 0x02, 0xe0, 0xd7, 0x70, 0xc1, 0xb0, 0x47,  \
-    0xe0, 0x08, 0x1a, 0x84, 0xec, 0x48, 0xc5, 0x7c, 0x76, 0x83, 0x12, 0x67,  \
-    0xab, 0x7c, 0x9f, 0x90, 0x97, 0xc8, 0x8f, 0x07, 0xf4, 0xb3, 0x60, 0xf2,  \
-    0x3f, 0x49, 0x18, 0xdb, 0x2e, 0x94, 0x6b, 0x53, 0x9e, 0xa2, 0x63, 0xde,  \
-    0x63, 0xd9, 0xab, 0x21, 0x2e, 0x2d, 0x0a, 0xe0, 0xd0, 0xe8, 0xba, 0xc4,  \
-    0x4c, 0x1e, 0xa5, 0xf5, 0x51, 0xa8, 0xc4, 0x92, 0xf8, 0x7f, 0x21, 0xe7,  \
-    0x65, 0xbf, 0x0b, 0xe6, 0x01, 0xaf, 0x9c, 0x1d, 0x5b, 0x6c, 0x3f, 0x1c,  \
-    0x2f, 0xa6, 0x0f, 0x68, 0x38, 0x8e, 0x85, 0xc4, 0x6c, 0x78, 0x2f, 0x6f,  \
-    0x06, 0x21, 0x2e, 0x56                                                   \
-}
-/* END FILE */
-
-/*
- * Test client Certificates
- *
- * Test client certificates are defined for each choice
- * of the following parameters:
- * - PEM or DER encoding
- * - RSA or EC key
- *
- * Things to add:
- * - hash type
- * - multiple EC curve types
- */
-
-/* This is taken from tests/data_files/cli2.crt. */
-/* BEGIN FILE string macro TEST_CLI_CRT_EC_PEM tests/data_files/cli2.crt */
-#define TEST_CLI_CRT_EC_PEM                                                \
-    "-----BEGIN CERTIFICATE-----\r\n"                                      \
-    "MIIB3zCCAWOgAwIBAgIBDTAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw\r\n" \
-    "DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJTU0wgVGVzdCBFQyBDQTAe\r\n" \
-    "Fw0xOTAyMTAxNDQ0MDBaFw0yOTAyMTAxNDQ0MDBaMEExCzAJBgNVBAYTAk5MMREw\r\n" \
-    "DwYDVQQKDAhQb2xhclNTTDEfMB0GA1UEAwwWUG9sYXJTU0wgVGVzdCBDbGllbnQg\r\n" \
-    "MjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFflrrFz39Osu5O4gf8Sru7mU6zO\r\n" \
-    "VVP2NA7MLuNjJQvfmOLzXGA2lsDVGBRw5X+f1UtFGOWwbNVc+JaPh3Cj5MejTTBL\r\n" \
-    "MAkGA1UdEwQCMAAwHQYDVR0OBBYEFHoAX4Zk/OBd5REQO7LmO8QmP8/iMB8GA1Ud\r\n" \
-    "IwQYMBaAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8MAwGCCqGSM49BAMCBQADaAAwZQIx\r\n" \
-    "AMqme4DKMldUlplDET9Q6Eptre7uUWKhsLOF+zPkKDlfzpIkJYEFgcloDHGYw80u\r\n" \
-    "IgIwNftyPXsabTqMM7iEHgVpX/GRozKklY9yQI/5eoA6gGW7Y+imuGR/oao5ySOb\r\n" \
-    "a9Vk\r\n"       \
-    "-----END CERTIFICATE-----\r\n"
-/* END FILE */
-
-/* This is generated from tests/data_files/cli2.crt.der using `xxd -i`. */
-/* BEGIN FILE binary macro TEST_CLI_CRT_EC_DER tests/data_files/cli2.crt.der */
-#define TEST_CLI_CRT_EC_DER {                                                \
-    0x30, 0x82, 0x01, 0xdf, 0x30, 0x82, 0x01, 0x63, 0xa0, 0x03, 0x02, 0x01,  \
-    0x02, 0x02, 0x01, 0x0d, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,  \
-    0x3d, 0x04, 0x03, 0x02, 0x05, 0x00, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09,  \
-    0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30,  \
-    0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61,  \
-    0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04,  \
-    0x03, 0x0c, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20,  \
-    0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e,  \
-    0x17, 0x0d, 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34,  \
-    0x30, 0x30, 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31,  \
-    0x34, 0x34, 0x34, 0x30, 0x30, 0x5a, 0x30, 0x41, 0x31, 0x0b, 0x30, 0x09,  \
-    0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30,  \
-    0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61,  \
-    0x72, 0x53, 0x53, 0x4c, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x04,  \
-    0x03, 0x0c, 0x16, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20,  \
-    0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x20,  \
-    0x32, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d,  \
-    0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07,  \
-    0x03, 0x42, 0x00, 0x04, 0x57, 0xe5, 0xae, 0xb1, 0x73, 0xdf, 0xd3, 0xac,  \
-    0xbb, 0x93, 0xb8, 0x81, 0xff, 0x12, 0xae, 0xee, 0xe6, 0x53, 0xac, 0xce,  \
-    0x55, 0x53, 0xf6, 0x34, 0x0e, 0xcc, 0x2e, 0xe3, 0x63, 0x25, 0x0b, 0xdf,  \
-    0x98, 0xe2, 0xf3, 0x5c, 0x60, 0x36, 0x96, 0xc0, 0xd5, 0x18, 0x14, 0x70,  \
-    0xe5, 0x7f, 0x9f, 0xd5, 0x4b, 0x45, 0x18, 0xe5, 0xb0, 0x6c, 0xd5, 0x5c,  \
-    0xf8, 0x96, 0x8f, 0x87, 0x70, 0xa3, 0xe4, 0xc7, 0xa3, 0x4d, 0x30, 0x4b,  \
-    0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30,  \
-    0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x7a, 0x00,  \
-    0x5f, 0x86, 0x64, 0xfc, 0xe0, 0x5d, 0xe5, 0x11, 0x10, 0x3b, 0xb2, 0xe6,  \
-    0x3b, 0xc4, 0x26, 0x3f, 0xcf, 0xe2, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d,  \
-    0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49,  \
-    0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb,  \
-    0xfb, 0x36, 0x7c, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,  \
-    0x04, 0x03, 0x02, 0x05, 0x00, 0x03, 0x68, 0x00, 0x30, 0x65, 0x02, 0x31,  \
-    0x00, 0xca, 0xa6, 0x7b, 0x80, 0xca, 0x32, 0x57, 0x54, 0x96, 0x99, 0x43,  \
-    0x11, 0x3f, 0x50, 0xe8, 0x4a, 0x6d, 0xad, 0xee, 0xee, 0x51, 0x62, 0xa1,  \
-    0xb0, 0xb3, 0x85, 0xfb, 0x33, 0xe4, 0x28, 0x39, 0x5f, 0xce, 0x92, 0x24,  \
-    0x25, 0x81, 0x05, 0x81, 0xc9, 0x68, 0x0c, 0x71, 0x98, 0xc3, 0xcd, 0x2e,  \
-    0x22, 0x02, 0x30, 0x35, 0xfb, 0x72, 0x3d, 0x7b, 0x1a, 0x6d, 0x3a, 0x8c,  \
-    0x33, 0xb8, 0x84, 0x1e, 0x05, 0x69, 0x5f, 0xf1, 0x91, 0xa3, 0x32, 0xa4,  \
-    0x95, 0x8f, 0x72, 0x40, 0x8f, 0xf9, 0x7a, 0x80, 0x3a, 0x80, 0x65, 0xbb,  \
-    0x63, 0xe8, 0xa6, 0xb8, 0x64, 0x7f, 0xa1, 0xaa, 0x39, 0xc9, 0x23, 0x9b,  \
-    0x6b, 0xd5, 0x64                           \
-}
-/* END FILE */
-
-/* This is taken from tests/data_files/cli2.key. */
-/* BEGIN FILE string macro TEST_CLI_KEY_EC_PEM tests/data_files/cli2.key */
-#define TEST_CLI_KEY_EC_PEM                                                \
-    "-----BEGIN EC PRIVATE KEY-----\r\n"                                   \
-    "MHcCAQEEIPb3hmTxZ3/mZI3vyk7p3U3wBf+WIop6hDhkFzJhmLcqoAoGCCqGSM49\r\n" \
-    "AwEHoUQDQgAEV+WusXPf06y7k7iB/xKu7uZTrM5VU/Y0Dswu42MlC9+Y4vNcYDaW\r\n" \
-    "wNUYFHDlf5/VS0UY5bBs1Vz4lo+HcKPkxw==\r\n"                             \
-    "-----END EC PRIVATE KEY-----\r\n"
-/* END FILE */
-
-/* This is generated from tests/data_files/cli2.key.der using `xxd -i`. */
-/* BEGIN FILE binary macro TEST_CLI_KEY_EC_DER tests/data_files/cli2.key.der */
-#define TEST_CLI_KEY_EC_DER {                                                \
-    0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xf6, 0xf7, 0x86, 0x64, 0xf1,  \
-    0x67, 0x7f, 0xe6, 0x64, 0x8d, 0xef, 0xca, 0x4e, 0xe9, 0xdd, 0x4d, 0xf0,  \
-    0x05, 0xff, 0x96, 0x22, 0x8a, 0x7a, 0x84, 0x38, 0x64, 0x17, 0x32, 0x61,  \
-    0x98, 0xb7, 0x2a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,  \
-    0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x57, 0xe5, 0xae,  \
-    0xb1, 0x73, 0xdf, 0xd3, 0xac, 0xbb, 0x93, 0xb8, 0x81, 0xff, 0x12, 0xae,  \
-    0xee, 0xe6, 0x53, 0xac, 0xce, 0x55, 0x53, 0xf6, 0x34, 0x0e, 0xcc, 0x2e,  \
-    0xe3, 0x63, 0x25, 0x0b, 0xdf, 0x98, 0xe2, 0xf3, 0x5c, 0x60, 0x36, 0x96,  \
-    0xc0, 0xd5, 0x18, 0x14, 0x70, 0xe5, 0x7f, 0x9f, 0xd5, 0x4b, 0x45, 0x18,  \
-    0xe5, 0xb0, 0x6c, 0xd5, 0x5c, 0xf8, 0x96, 0x8f, 0x87, 0x70, 0xa3, 0xe4,  \
-    0xc7                                                                     \
-}
-/* END FILE */
-
-/* This is taken from tests/data_files/cli-rsa-sha256.crt. */
-/* BEGIN FILE string macro TEST_CLI_CRT_RSA_PEM tests/data_files/cli-rsa-sha256.crt */
-#define TEST_CLI_CRT_RSA_PEM                                               \
-    "-----BEGIN CERTIFICATE-----\r\n"                                      \
-    "MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \
-    "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \
-    "MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G\r\n" \
-    "A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENsaWVudCAyMIIBIjAN\r\n" \
-    "BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f\r\n" \
-    "M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu\r\n" \
-    "1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw\r\n" \
-    "MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v\r\n" \
-    "4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/\r\n" \
-    "/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB\r\n" \
-    "o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf\r\n" \
-    "BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQsFAAOC\r\n" \
-    "AQEAXidv1d4pLlBiKWED95rMycBdgDcgyNqJxakFkRfRyA2y1mlyTn7uBXRkNLY5\r\n" \
-    "ZFzK82GCjk2Q2OD4RZSCPAJJqLpHHU34t71ciffvy2KK81YvrxczRhMAE64i+qna\r\n" \
-    "yP3Td2XuWJR05PVPoSemsNELs9gWttdnYy3ce+EY2Y0n7Rsi7982EeLIAA7H6ca4\r\n" \
-    "2Es/NUH//JZJT32OP0doMxeDRA+vplkKqTLLWf7dX26LIriBkBaRCgR5Yv9LBPFc\r\n" \
-    "NOtpzu/LbrY7QFXKJMI+JXDudCsOn8KCmiA4d6Emisqfh3V3485l7HEQNcvLTxlD\r\n" \
-    "6zDQyi0/ykYUYZkwQTK1N2Nvlw==\r\n"                                     \
-    "-----END CERTIFICATE-----\r\n"
-/* END FILE */
-
-/* This was generated from tests/data_files/cli-rsa-sha256.crt.der
-   using `xxd -i.` */
-/* BEGIN FILE binary macro TEST_CLI_CRT_RSA_DER tests/data_files/cli-rsa-sha256.crt.der */
-#define TEST_CLI_CRT_RSA_DER {                                               \
-  0x30, 0x82, 0x03, 0x3f, 0x30, 0x82, 0x02, 0x27, 0xa0, 0x03, 0x02, 0x01,   \
-  0x02, 0x02, 0x01, 0x04, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,   \
-  0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30,   \
-  0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11,   \
-  0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c,   \
-  0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55,   \
-  0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c,   \
-  0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d,   \
-  0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36,   \
-  0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34,   \
-  0x34, 0x30, 0x36, 0x5a, 0x30, 0x3c, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,   \
-  0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06,   \
-  0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53,   \
-  0x53, 0x4c, 0x31, 0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,   \
-  0x11, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x43, 0x6c,   \
-  0x69, 0x65, 0x6e, 0x74, 0x20, 0x32, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d,   \
-  0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,   \
-  0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82,   \
-  0x01, 0x01, 0x00, 0xc8, 0x74, 0xc4, 0xcc, 0xb9, 0xf9, 0xb5, 0x79, 0xe9,   \
-  0x45, 0xd9, 0x14, 0x60, 0xb0, 0x7d, 0xbb, 0x93, 0xf2, 0x6b, 0x1e, 0x9f,   \
-  0x33, 0xad, 0x0d, 0x8f, 0x8a, 0x3c, 0x56, 0x65, 0xe5, 0xdc, 0x44, 0xd9,   \
-  0xcc, 0x66, 0x85, 0x07, 0xd5, 0xf8, 0x27, 0xb0, 0x4a, 0x35, 0xd0, 0x63,   \
-  0x9e, 0x0a, 0x6e, 0x1b, 0xb7, 0xda, 0xf0, 0x7e, 0xab, 0xee, 0x0c, 0x10,   \
-  0x93, 0x86, 0x49, 0x18, 0x34, 0xf3, 0xa8, 0x2a, 0xd2, 0x57, 0xf5, 0x2e,   \
-  0xd4, 0x2f, 0x77, 0x29, 0x84, 0x61, 0x4d, 0x82, 0x50, 0x8f, 0xa7, 0x95,   \
-  0x48, 0x70, 0xf5, 0x6e, 0x4d, 0xb2, 0xd5, 0x13, 0xc3, 0xd2, 0x1a, 0xed,   \
-  0xe6, 0x43, 0xea, 0x42, 0x14, 0xeb, 0x74, 0xea, 0xc0, 0xed, 0x1f, 0xd4,   \
-  0x57, 0x4e, 0xa9, 0xf3, 0xa8, 0xed, 0xd2, 0xe0, 0xc1, 0x30, 0x71, 0x30,   \
-  0x32, 0x30, 0xd5, 0xd3, 0xf6, 0x08, 0xd0, 0x56, 0x4f, 0x46, 0x8e, 0xf2,   \
-  0x5f, 0xf9, 0x3d, 0x67, 0x91, 0x88, 0x30, 0x2e, 0x42, 0xb2, 0xdf, 0x7d,   \
-  0xfb, 0xe5, 0x0c, 0x77, 0xff, 0xec, 0x31, 0xc0, 0x78, 0x8f, 0xbf, 0xc2,   \
-  0x7f, 0xca, 0xad, 0x6c, 0x21, 0xd6, 0x8d, 0xd9, 0x8b, 0x6a, 0x8e, 0x6f,   \
-  0xe0, 0x9b, 0xf8, 0x10, 0x56, 0xcc, 0xb3, 0x8e, 0x13, 0x15, 0xe6, 0x34,   \
-  0x04, 0x66, 0xc7, 0xee, 0xf9, 0x36, 0x0e, 0x6a, 0x95, 0xf6, 0x09, 0x9a,   \
-  0x06, 0x67, 0xf4, 0x65, 0x71, 0xf8, 0xca, 0xa4, 0xb1, 0x25, 0xe0, 0xfe,   \
-  0x3c, 0x8b, 0x35, 0x04, 0x67, 0xba, 0xe0, 0x4f, 0x76, 0x85, 0xfc, 0x7f,   \
-  0xfc, 0x36, 0x6b, 0xb5, 0xe9, 0xcd, 0x2d, 0x03, 0x62, 0x4e, 0xb3, 0x3d,   \
-  0x00, 0xcf, 0xaf, 0x76, 0xa0, 0x69, 0x56, 0x83, 0x6a, 0xd2, 0xa8, 0xd4,   \
-  0xe7, 0x50, 0x71, 0xe6, 0xb5, 0x36, 0x05, 0x77, 0x05, 0x6d, 0x7b, 0xc8,   \
-  0xe4, 0xc4, 0xfd, 0x4c, 0xd5, 0x21, 0x5f, 0x02, 0x03, 0x01, 0x00, 0x01,   \
-  0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04,   \
-  0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16,   \
-  0x04, 0x14, 0x71, 0xa1, 0x00, 0x73, 0x72, 0x40, 0x2f, 0x54, 0x76, 0x5e,   \
-  0x33, 0xfc, 0x52, 0x8f, 0xbc, 0xf1, 0xdd, 0x6b, 0x46, 0x21, 0x30, 0x1f,   \
-  0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xb4,   \
-  0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, 0xa6, 0x95,   \
-  0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, 0x09, 0x2a,   \
-  0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82,   \
-  0x01, 0x01, 0x00, 0x5e, 0x27, 0x6f, 0xd5, 0xde, 0x29, 0x2e, 0x50, 0x62,   \
-  0x29, 0x61, 0x03, 0xf7, 0x9a, 0xcc, 0xc9, 0xc0, 0x5d, 0x80, 0x37, 0x20,   \
-  0xc8, 0xda, 0x89, 0xc5, 0xa9, 0x05, 0x91, 0x17, 0xd1, 0xc8, 0x0d, 0xb2,   \
-  0xd6, 0x69, 0x72, 0x4e, 0x7e, 0xee, 0x05, 0x74, 0x64, 0x34, 0xb6, 0x39,   \
-  0x64, 0x5c, 0xca, 0xf3, 0x61, 0x82, 0x8e, 0x4d, 0x90, 0xd8, 0xe0, 0xf8,   \
-  0x45, 0x94, 0x82, 0x3c, 0x02, 0x49, 0xa8, 0xba, 0x47, 0x1d, 0x4d, 0xf8,   \
-  0xb7, 0xbd, 0x5c, 0x89, 0xf7, 0xef, 0xcb, 0x62, 0x8a, 0xf3, 0x56, 0x2f,   \
-  0xaf, 0x17, 0x33, 0x46, 0x13, 0x00, 0x13, 0xae, 0x22, 0xfa, 0xa9, 0xda,   \
-  0xc8, 0xfd, 0xd3, 0x77, 0x65, 0xee, 0x58, 0x94, 0x74, 0xe4, 0xf5, 0x4f,   \
-  0xa1, 0x27, 0xa6, 0xb0, 0xd1, 0x0b, 0xb3, 0xd8, 0x16, 0xb6, 0xd7, 0x67,   \
-  0x63, 0x2d, 0xdc, 0x7b, 0xe1, 0x18, 0xd9, 0x8d, 0x27, 0xed, 0x1b, 0x22,   \
-  0xef, 0xdf, 0x36, 0x11, 0xe2, 0xc8, 0x00, 0x0e, 0xc7, 0xe9, 0xc6, 0xb8,   \
-  0xd8, 0x4b, 0x3f, 0x35, 0x41, 0xff, 0xfc, 0x96, 0x49, 0x4f, 0x7d, 0x8e,   \
-  0x3f, 0x47, 0x68, 0x33, 0x17, 0x83, 0x44, 0x0f, 0xaf, 0xa6, 0x59, 0x0a,   \
-  0xa9, 0x32, 0xcb, 0x59, 0xfe, 0xdd, 0x5f, 0x6e, 0x8b, 0x22, 0xb8, 0x81,   \
-  0x90, 0x16, 0x91, 0x0a, 0x04, 0x79, 0x62, 0xff, 0x4b, 0x04, 0xf1, 0x5c,   \
-  0x34, 0xeb, 0x69, 0xce, 0xef, 0xcb, 0x6e, 0xb6, 0x3b, 0x40, 0x55, 0xca,   \
-  0x24, 0xc2, 0x3e, 0x25, 0x70, 0xee, 0x74, 0x2b, 0x0e, 0x9f, 0xc2, 0x82,   \
-  0x9a, 0x20, 0x38, 0x77, 0xa1, 0x26, 0x8a, 0xca, 0x9f, 0x87, 0x75, 0x77,   \
-  0xe3, 0xce, 0x65, 0xec, 0x71, 0x10, 0x35, 0xcb, 0xcb, 0x4f, 0x19, 0x43,   \
-  0xeb, 0x30, 0xd0, 0xca, 0x2d, 0x3f, 0xca, 0x46, 0x14, 0x61, 0x99, 0x30,   \
-  0x41, 0x32, 0xb5, 0x37, 0x63, 0x6f, 0x97                                  \
-}
-/* END FILE */
-
-/* This is taken from tests/data_files/cli-rsa.key. */
-/* BEGIN FILE string macro TEST_CLI_KEY_RSA_PEM tests/data_files/cli-rsa.key */
-#define TEST_CLI_KEY_RSA_PEM                                               \
-    "-----BEGIN RSA PRIVATE KEY-----\r\n"                                  \
-    "MIIEpAIBAAKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6fM60Nj4o8VmXl3ETZzGaF\r\n" \
-    "B9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu1C93KYRhTYJQj6eVSHD1\r\n" \
-    "bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEwMjDV0/YI0FZPRo7yX/k9\r\n" \
-    "Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v4Jv4EFbMs44TFeY0BGbH\r\n" \
-    "7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx//DZrtenNLQNiTrM9AM+v\r\n" \
-    "dqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQABAoIBAGdNtfYDiap6bzst\r\n" \
-    "yhCiI8m9TtrhZw4MisaEaN/ll3XSjaOG2dvV6xMZCMV+5TeXDHOAZnY18Yi18vzz\r\n" \
-    "4Ut2TnNFzizCECYNaA2fST3WgInnxUkV3YXAyP6CNxJaCmv2aA0yFr2kFVSeaKGt\r\n" \
-    "ymvljNp2NVkvm7Th8fBQBO7I7AXhz43k0mR7XmPgewe8ApZOG3hstkOaMvbWAvWA\r\n" \
-    "zCZupdDjZYjOJqlA4eEA4H8/w7F83r5CugeBE8LgEREjLPiyejrU5H1fubEY+h0d\r\n" \
-    "l5HZBJ68ybTXfQ5U9o/QKA3dd0toBEhhdRUDGzWtjvwkEQfqF1reGWj/tod/gCpf\r\n" \
-    "DFi6X0ECgYEA4wOv/pjSC3ty6TuOvKX2rOUiBrLXXv2JSxZnMoMiWI5ipLQt+RYT\r\n" \
-    "VPafL/m7Dn6MbwjayOkcZhBwk5CNz5A6Q4lJ64Mq/lqHznRCQQ2Mc1G8eyDF/fYL\r\n" \
-    "Ze2pLvwP9VD5jTc2miDfw+MnvJhywRRLcemDFP8k4hQVtm8PMp3ZmNECgYEA4gz7\r\n" \
-    "wzObR4gn8ibe617uQPZjWzUj9dUHYd+in1gwBCIrtNnaRn9I9U/Q6tegRYpii4ys\r\n" \
-    "c176NmU+umy6XmuSKV5qD9bSpZWG2nLFnslrN15Lm3fhZxoeMNhBaEDTnLT26yoi\r\n" \
-    "33gp0mSSWy94ZEqipms+ULF6sY1ZtFW6tpGFoy8CgYAQHhnnvJflIs2ky4q10B60\r\n" \
-    "ZcxFp3rtDpkp0JxhFLhiizFrujMtZSjYNm5U7KkgPVHhLELEUvCmOnKTt4ap/vZ0\r\n" \
-    "BxJNe1GZH3pW6SAvGDQpl9sG7uu/vTFP+lCxukmzxB0DrrDcvorEkKMom7ZCCRvW\r\n" \
-    "KZsZ6YeH2Z81BauRj218kQKBgQCUV/DgKP2985xDTT79N08jUo3hTP5MVYCCuj/+\r\n" \
-    "UeEw1TvZcx3LJby7P6Xad6a1/BqveaGyFKIfEFIaBUBItk801sDDpDaYc4gL00Xc\r\n" \
-    "7lFuBHOZkxJYlss5QrGpuOEl9ZwUt5IrFLBdYaKqNHzNVC1pCPfb/JyH6Dr2HUxq\r\n" \
-    "gxUwAQKBgQCcU6G2L8AG9d9c0UpOyL1tMvFe5Ttw0KjlQVdsh1MP6yigYo9DYuwu\r\n" \
-    "bHFVW2r0dBTqegP2/KTOxKzaHfC1qf0RGDsUoJCNJrd1cwoCLG8P2EF4w3OBrKqv\r\n" \
-    "8u4ytY0F+Vlanj5lm3TaoHSVF1+NWPyOTiwevIECGKwSxvlki4fDAA==\r\n"         \
-    "-----END RSA PRIVATE KEY-----\r\n"/* END FILE */
-
-/* This was generated from tests/data_files/cli-rsa.key.der using `xxd -i`. */
-/* BEGIN FILE binary macro TEST_CLI_KEY_RSA_DER tests/data_files/cli-rsa.key.der */
-#define TEST_CLI_KEY_RSA_DER {                                               \
-    0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,  \
-    0xc8, 0x74, 0xc4, 0xcc, 0xb9, 0xf9, 0xb5, 0x79, 0xe9, 0x45, 0xd9, 0x14,  \
-    0x60, 0xb0, 0x7d, 0xbb, 0x93, 0xf2, 0x6b, 0x1e, 0x9f, 0x33, 0xad, 0x0d,  \
-    0x8f, 0x8a, 0x3c, 0x56, 0x65, 0xe5, 0xdc, 0x44, 0xd9, 0xcc, 0x66, 0x85,  \
-    0x07, 0xd5, 0xf8, 0x27, 0xb0, 0x4a, 0x35, 0xd0, 0x63, 0x9e, 0x0a, 0x6e,  \
-    0x1b, 0xb7, 0xda, 0xf0, 0x7e, 0xab, 0xee, 0x0c, 0x10, 0x93, 0x86, 0x49,  \
-    0x18, 0x34, 0xf3, 0xa8, 0x2a, 0xd2, 0x57, 0xf5, 0x2e, 0xd4, 0x2f, 0x77,  \
-    0x29, 0x84, 0x61, 0x4d, 0x82, 0x50, 0x8f, 0xa7, 0x95, 0x48, 0x70, 0xf5,  \
-    0x6e, 0x4d, 0xb2, 0xd5, 0x13, 0xc3, 0xd2, 0x1a, 0xed, 0xe6, 0x43, 0xea,  \
-    0x42, 0x14, 0xeb, 0x74, 0xea, 0xc0, 0xed, 0x1f, 0xd4, 0x57, 0x4e, 0xa9,  \
-    0xf3, 0xa8, 0xed, 0xd2, 0xe0, 0xc1, 0x30, 0x71, 0x30, 0x32, 0x30, 0xd5,  \
-    0xd3, 0xf6, 0x08, 0xd0, 0x56, 0x4f, 0x46, 0x8e, 0xf2, 0x5f, 0xf9, 0x3d,  \
-    0x67, 0x91, 0x88, 0x30, 0x2e, 0x42, 0xb2, 0xdf, 0x7d, 0xfb, 0xe5, 0x0c,  \
-    0x77, 0xff, 0xec, 0x31, 0xc0, 0x78, 0x8f, 0xbf, 0xc2, 0x7f, 0xca, 0xad,  \
-    0x6c, 0x21, 0xd6, 0x8d, 0xd9, 0x8b, 0x6a, 0x8e, 0x6f, 0xe0, 0x9b, 0xf8,  \
-    0x10, 0x56, 0xcc, 0xb3, 0x8e, 0x13, 0x15, 0xe6, 0x34, 0x04, 0x66, 0xc7,  \
-    0xee, 0xf9, 0x36, 0x0e, 0x6a, 0x95, 0xf6, 0x09, 0x9a, 0x06, 0x67, 0xf4,  \
-    0x65, 0x71, 0xf8, 0xca, 0xa4, 0xb1, 0x25, 0xe0, 0xfe, 0x3c, 0x8b, 0x35,  \
-    0x04, 0x67, 0xba, 0xe0, 0x4f, 0x76, 0x85, 0xfc, 0x7f, 0xfc, 0x36, 0x6b,  \
-    0xb5, 0xe9, 0xcd, 0x2d, 0x03, 0x62, 0x4e, 0xb3, 0x3d, 0x00, 0xcf, 0xaf,  \
-    0x76, 0xa0, 0x69, 0x56, 0x83, 0x6a, 0xd2, 0xa8, 0xd4, 0xe7, 0x50, 0x71,  \
-    0xe6, 0xb5, 0x36, 0x05, 0x77, 0x05, 0x6d, 0x7b, 0xc8, 0xe4, 0xc4, 0xfd,  \
-    0x4c, 0xd5, 0x21, 0x5f, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,  \
-    0x00, 0x67, 0x4d, 0xb5, 0xf6, 0x03, 0x89, 0xaa, 0x7a, 0x6f, 0x3b, 0x2d,  \
-    0xca, 0x10, 0xa2, 0x23, 0xc9, 0xbd, 0x4e, 0xda, 0xe1, 0x67, 0x0e, 0x0c,  \
-    0x8a, 0xc6, 0x84, 0x68, 0xdf, 0xe5, 0x97, 0x75, 0xd2, 0x8d, 0xa3, 0x86,  \
-    0xd9, 0xdb, 0xd5, 0xeb, 0x13, 0x19, 0x08, 0xc5, 0x7e, 0xe5, 0x37, 0x97,  \
-    0x0c, 0x73, 0x80, 0x66, 0x76, 0x35, 0xf1, 0x88, 0xb5, 0xf2, 0xfc, 0xf3,  \
-    0xe1, 0x4b, 0x76, 0x4e, 0x73, 0x45, 0xce, 0x2c, 0xc2, 0x10, 0x26, 0x0d,  \
-    0x68, 0x0d, 0x9f, 0x49, 0x3d, 0xd6, 0x80, 0x89, 0xe7, 0xc5, 0x49, 0x15,  \
-    0xdd, 0x85, 0xc0, 0xc8, 0xfe, 0x82, 0x37, 0x12, 0x5a, 0x0a, 0x6b, 0xf6,  \
-    0x68, 0x0d, 0x32, 0x16, 0xbd, 0xa4, 0x15, 0x54, 0x9e, 0x68, 0xa1, 0xad,  \
-    0xca, 0x6b, 0xe5, 0x8c, 0xda, 0x76, 0x35, 0x59, 0x2f, 0x9b, 0xb4, 0xe1,  \
-    0xf1, 0xf0, 0x50, 0x04, 0xee, 0xc8, 0xec, 0x05, 0xe1, 0xcf, 0x8d, 0xe4,  \
-    0xd2, 0x64, 0x7b, 0x5e, 0x63, 0xe0, 0x7b, 0x07, 0xbc, 0x02, 0x96, 0x4e,  \
-    0x1b, 0x78, 0x6c, 0xb6, 0x43, 0x9a, 0x32, 0xf6, 0xd6, 0x02, 0xf5, 0x80,  \
-    0xcc, 0x26, 0x6e, 0xa5, 0xd0, 0xe3, 0x65, 0x88, 0xce, 0x26, 0xa9, 0x40,  \
-    0xe1, 0xe1, 0x00, 0xe0, 0x7f, 0x3f, 0xc3, 0xb1, 0x7c, 0xde, 0xbe, 0x42,  \
-    0xba, 0x07, 0x81, 0x13, 0xc2, 0xe0, 0x11, 0x11, 0x23, 0x2c, 0xf8, 0xb2,  \
-    0x7a, 0x3a, 0xd4, 0xe4, 0x7d, 0x5f, 0xb9, 0xb1, 0x18, 0xfa, 0x1d, 0x1d,  \
-    0x97, 0x91, 0xd9, 0x04, 0x9e, 0xbc, 0xc9, 0xb4, 0xd7, 0x7d, 0x0e, 0x54,  \
-    0xf6, 0x8f, 0xd0, 0x28, 0x0d, 0xdd, 0x77, 0x4b, 0x68, 0x04, 0x48, 0x61,  \
-    0x75, 0x15, 0x03, 0x1b, 0x35, 0xad, 0x8e, 0xfc, 0x24, 0x11, 0x07, 0xea,  \
-    0x17, 0x5a, 0xde, 0x19, 0x68, 0xff, 0xb6, 0x87, 0x7f, 0x80, 0x2a, 0x5f,  \
-    0x0c, 0x58, 0xba, 0x5f, 0x41, 0x02, 0x81, 0x81, 0x00, 0xe3, 0x03, 0xaf,  \
-    0xfe, 0x98, 0xd2, 0x0b, 0x7b, 0x72, 0xe9, 0x3b, 0x8e, 0xbc, 0xa5, 0xf6,  \
-    0xac, 0xe5, 0x22, 0x06, 0xb2, 0xd7, 0x5e, 0xfd, 0x89, 0x4b, 0x16, 0x67,  \
-    0x32, 0x83, 0x22, 0x58, 0x8e, 0x62, 0xa4, 0xb4, 0x2d, 0xf9, 0x16, 0x13,  \
-    0x54, 0xf6, 0x9f, 0x2f, 0xf9, 0xbb, 0x0e, 0x7e, 0x8c, 0x6f, 0x08, 0xda,  \
-    0xc8, 0xe9, 0x1c, 0x66, 0x10, 0x70, 0x93, 0x90, 0x8d, 0xcf, 0x90, 0x3a,  \
-    0x43, 0x89, 0x49, 0xeb, 0x83, 0x2a, 0xfe, 0x5a, 0x87, 0xce, 0x74, 0x42,  \
-    0x41, 0x0d, 0x8c, 0x73, 0x51, 0xbc, 0x7b, 0x20, 0xc5, 0xfd, 0xf6, 0x0b,  \
-    0x65, 0xed, 0xa9, 0x2e, 0xfc, 0x0f, 0xf5, 0x50, 0xf9, 0x8d, 0x37, 0x36,  \
-    0x9a, 0x20, 0xdf, 0xc3, 0xe3, 0x27, 0xbc, 0x98, 0x72, 0xc1, 0x14, 0x4b,  \
-    0x71, 0xe9, 0x83, 0x14, 0xff, 0x24, 0xe2, 0x14, 0x15, 0xb6, 0x6f, 0x0f,  \
-    0x32, 0x9d, 0xd9, 0x98, 0xd1, 0x02, 0x81, 0x81, 0x00, 0xe2, 0x0c, 0xfb,  \
-    0xc3, 0x33, 0x9b, 0x47, 0x88, 0x27, 0xf2, 0x26, 0xde, 0xeb, 0x5e, 0xee,  \
-    0x40, 0xf6, 0x63, 0x5b, 0x35, 0x23, 0xf5, 0xd5, 0x07, 0x61, 0xdf, 0xa2,  \
-    0x9f, 0x58, 0x30, 0x04, 0x22, 0x2b, 0xb4, 0xd9, 0xda, 0x46, 0x7f, 0x48,  \
-    0xf5, 0x4f, 0xd0, 0xea, 0xd7, 0xa0, 0x45, 0x8a, 0x62, 0x8b, 0x8c, 0xac,  \
-    0x73, 0x5e, 0xfa, 0x36, 0x65, 0x3e, 0xba, 0x6c, 0xba, 0x5e, 0x6b, 0x92,  \
-    0x29, 0x5e, 0x6a, 0x0f, 0xd6, 0xd2, 0xa5, 0x95, 0x86, 0xda, 0x72, 0xc5,  \
-    0x9e, 0xc9, 0x6b, 0x37, 0x5e, 0x4b, 0x9b, 0x77, 0xe1, 0x67, 0x1a, 0x1e,  \
-    0x30, 0xd8, 0x41, 0x68, 0x40, 0xd3, 0x9c, 0xb4, 0xf6, 0xeb, 0x2a, 0x22,  \
-    0xdf, 0x78, 0x29, 0xd2, 0x64, 0x92, 0x5b, 0x2f, 0x78, 0x64, 0x4a, 0xa2,  \
-    0xa6, 0x6b, 0x3e, 0x50, 0xb1, 0x7a, 0xb1, 0x8d, 0x59, 0xb4, 0x55, 0xba,  \
-    0xb6, 0x91, 0x85, 0xa3, 0x2f, 0x02, 0x81, 0x80, 0x10, 0x1e, 0x19, 0xe7,  \
-    0xbc, 0x97, 0xe5, 0x22, 0xcd, 0xa4, 0xcb, 0x8a, 0xb5, 0xd0, 0x1e, 0xb4,  \
-    0x65, 0xcc, 0x45, 0xa7, 0x7a, 0xed, 0x0e, 0x99, 0x29, 0xd0, 0x9c, 0x61,  \
-    0x14, 0xb8, 0x62, 0x8b, 0x31, 0x6b, 0xba, 0x33, 0x2d, 0x65, 0x28, 0xd8,  \
-    0x36, 0x6e, 0x54, 0xec, 0xa9, 0x20, 0x3d, 0x51, 0xe1, 0x2c, 0x42, 0xc4,  \
-    0x52, 0xf0, 0xa6, 0x3a, 0x72, 0x93, 0xb7, 0x86, 0xa9, 0xfe, 0xf6, 0x74,  \
-    0x07, 0x12, 0x4d, 0x7b, 0x51, 0x99, 0x1f, 0x7a, 0x56, 0xe9, 0x20, 0x2f,  \
-    0x18, 0x34, 0x29, 0x97, 0xdb, 0x06, 0xee, 0xeb, 0xbf, 0xbd, 0x31, 0x4f,  \
-    0xfa, 0x50, 0xb1, 0xba, 0x49, 0xb3, 0xc4, 0x1d, 0x03, 0xae, 0xb0, 0xdc,  \
-    0xbe, 0x8a, 0xc4, 0x90, 0xa3, 0x28, 0x9b, 0xb6, 0x42, 0x09, 0x1b, 0xd6,  \
-    0x29, 0x9b, 0x19, 0xe9, 0x87, 0x87, 0xd9, 0x9f, 0x35, 0x05, 0xab, 0x91,  \
-    0x8f, 0x6d, 0x7c, 0x91, 0x02, 0x81, 0x81, 0x00, 0x94, 0x57, 0xf0, 0xe0,  \
-    0x28, 0xfd, 0xbd, 0xf3, 0x9c, 0x43, 0x4d, 0x3e, 0xfd, 0x37, 0x4f, 0x23,  \
-    0x52, 0x8d, 0xe1, 0x4c, 0xfe, 0x4c, 0x55, 0x80, 0x82, 0xba, 0x3f, 0xfe,  \
-    0x51, 0xe1, 0x30, 0xd5, 0x3b, 0xd9, 0x73, 0x1d, 0xcb, 0x25, 0xbc, 0xbb,  \
-    0x3f, 0xa5, 0xda, 0x77, 0xa6, 0xb5, 0xfc, 0x1a, 0xaf, 0x79, 0xa1, 0xb2,  \
-    0x14, 0xa2, 0x1f, 0x10, 0x52, 0x1a, 0x05, 0x40, 0x48, 0xb6, 0x4f, 0x34,  \
-    0xd6, 0xc0, 0xc3, 0xa4, 0x36, 0x98, 0x73, 0x88, 0x0b, 0xd3, 0x45, 0xdc,  \
-    0xee, 0x51, 0x6e, 0x04, 0x73, 0x99, 0x93, 0x12, 0x58, 0x96, 0xcb, 0x39,  \
-    0x42, 0xb1, 0xa9, 0xb8, 0xe1, 0x25, 0xf5, 0x9c, 0x14, 0xb7, 0x92, 0x2b,  \
-    0x14, 0xb0, 0x5d, 0x61, 0xa2, 0xaa, 0x34, 0x7c, 0xcd, 0x54, 0x2d, 0x69,  \
-    0x08, 0xf7, 0xdb, 0xfc, 0x9c, 0x87, 0xe8, 0x3a, 0xf6, 0x1d, 0x4c, 0x6a,  \
-    0x83, 0x15, 0x30, 0x01, 0x02, 0x81, 0x81, 0x00, 0x9c, 0x53, 0xa1, 0xb6,  \
-    0x2f, 0xc0, 0x06, 0xf5, 0xdf, 0x5c, 0xd1, 0x4a, 0x4e, 0xc8, 0xbd, 0x6d,  \
-    0x32, 0xf1, 0x5e, 0xe5, 0x3b, 0x70, 0xd0, 0xa8, 0xe5, 0x41, 0x57, 0x6c,  \
-    0x87, 0x53, 0x0f, 0xeb, 0x28, 0xa0, 0x62, 0x8f, 0x43, 0x62, 0xec, 0x2e,  \
-    0x6c, 0x71, 0x55, 0x5b, 0x6a, 0xf4, 0x74, 0x14, 0xea, 0x7a, 0x03, 0xf6,  \
-    0xfc, 0xa4, 0xce, 0xc4, 0xac, 0xda, 0x1d, 0xf0, 0xb5, 0xa9, 0xfd, 0x11,  \
-    0x18, 0x3b, 0x14, 0xa0, 0x90, 0x8d, 0x26, 0xb7, 0x75, 0x73, 0x0a, 0x02,  \
-    0x2c, 0x6f, 0x0f, 0xd8, 0x41, 0x78, 0xc3, 0x73, 0x81, 0xac, 0xaa, 0xaf,  \
-    0xf2, 0xee, 0x32, 0xb5, 0x8d, 0x05, 0xf9, 0x59, 0x5a, 0x9e, 0x3e, 0x65,  \
-    0x9b, 0x74, 0xda, 0xa0, 0x74, 0x95, 0x17, 0x5f, 0x8d, 0x58, 0xfc, 0x8e,  \
-    0x4e, 0x2c, 0x1e, 0xbc, 0x81, 0x02, 0x18, 0xac, 0x12, 0xc6, 0xf9, 0x64,  \
-    0x8b, 0x87, 0xc3, 0x00                                                   \
-}
-/* END FILE */
-
-/*
- *
- * Test certificates and keys as C variables
- *
- */
-
-/*
- * CA
- */
-
-const char mbedtls_test_ca_crt_ec_pem[]           = TEST_CA_CRT_EC_PEM;
-const char mbedtls_test_ca_key_ec_pem[]           = TEST_CA_KEY_EC_PEM;
-const char mbedtls_test_ca_pwd_ec_pem[]           = TEST_CA_PWD_EC_PEM;
-const char mbedtls_test_ca_key_rsa_pem[]          = TEST_CA_KEY_RSA_PEM;
-const char mbedtls_test_ca_pwd_rsa_pem[]          = TEST_CA_PWD_RSA_PEM;
-const char mbedtls_test_ca_crt_rsa_sha1_pem[]     = TEST_CA_CRT_RSA_SHA1_PEM;
-const char mbedtls_test_ca_crt_rsa_sha256_pem[]   = TEST_CA_CRT_RSA_SHA256_PEM;
-
-const unsigned char mbedtls_test_ca_crt_ec_der[]   = TEST_CA_CRT_EC_DER;
-const unsigned char mbedtls_test_ca_key_ec_der[]   = TEST_CA_KEY_EC_DER;
-const unsigned char mbedtls_test_ca_key_rsa_der[]  = TEST_CA_KEY_RSA_DER;
-const unsigned char mbedtls_test_ca_crt_rsa_sha1_der[]   =
-    TEST_CA_CRT_RSA_SHA1_DER;
-const unsigned char mbedtls_test_ca_crt_rsa_sha256_der[] =
-    TEST_CA_CRT_RSA_SHA256_DER;
-
-const size_t mbedtls_test_ca_crt_ec_pem_len =
-    sizeof( mbedtls_test_ca_crt_ec_pem );
-const size_t mbedtls_test_ca_key_ec_pem_len =
-    sizeof( mbedtls_test_ca_key_ec_pem );
-const size_t mbedtls_test_ca_pwd_ec_pem_len =
-    sizeof( mbedtls_test_ca_pwd_ec_pem ) - 1;
-const size_t mbedtls_test_ca_key_rsa_pem_len =
-    sizeof( mbedtls_test_ca_key_rsa_pem );
-const size_t mbedtls_test_ca_pwd_rsa_pem_len =
-    sizeof( mbedtls_test_ca_pwd_rsa_pem ) - 1;
-const size_t mbedtls_test_ca_crt_rsa_sha1_pem_len =
-    sizeof( mbedtls_test_ca_crt_rsa_sha1_pem );
-const size_t mbedtls_test_ca_crt_rsa_sha256_pem_len =
-    sizeof( mbedtls_test_ca_crt_rsa_sha256_pem );
-
-const size_t mbedtls_test_ca_crt_ec_der_len =
-    sizeof( mbedtls_test_ca_crt_ec_der );
-const size_t mbedtls_test_ca_key_ec_der_len =
-    sizeof( mbedtls_test_ca_key_ec_der );
-const size_t mbedtls_test_ca_pwd_ec_der_len = 0;
-const size_t mbedtls_test_ca_key_rsa_der_len =
-    sizeof( mbedtls_test_ca_key_rsa_der );
-const size_t mbedtls_test_ca_pwd_rsa_der_len = 0;
-const size_t mbedtls_test_ca_crt_rsa_sha1_der_len =
-    sizeof( mbedtls_test_ca_crt_rsa_sha1_der );
-const size_t mbedtls_test_ca_crt_rsa_sha256_der_len =
-    sizeof( mbedtls_test_ca_crt_rsa_sha256_der );
-
-/*
- * Server
- */
-
-const char mbedtls_test_srv_crt_ec_pem[]           = TEST_SRV_CRT_EC_PEM;
-const char mbedtls_test_srv_key_ec_pem[]           = TEST_SRV_KEY_EC_PEM;
-const char mbedtls_test_srv_pwd_ec_pem[]           = "";
-const char mbedtls_test_srv_key_rsa_pem[]          = TEST_SRV_KEY_RSA_PEM;
-const char mbedtls_test_srv_pwd_rsa_pem[]          = "";
-const char mbedtls_test_srv_crt_rsa_sha1_pem[]     = TEST_SRV_CRT_RSA_SHA1_PEM;
-const char mbedtls_test_srv_crt_rsa_sha256_pem[]   = TEST_SRV_CRT_RSA_SHA256_PEM;
-
-const unsigned char mbedtls_test_srv_crt_ec_der[]   = TEST_SRV_CRT_EC_DER;
-const unsigned char mbedtls_test_srv_key_ec_der[]   = TEST_SRV_KEY_EC_DER;
-const unsigned char mbedtls_test_srv_key_rsa_der[]  = TEST_SRV_KEY_RSA_DER;
-const unsigned char mbedtls_test_srv_crt_rsa_sha1_der[]   =
-    TEST_SRV_CRT_RSA_SHA1_DER;
-const unsigned char mbedtls_test_srv_crt_rsa_sha256_der[] =
-    TEST_SRV_CRT_RSA_SHA256_DER;
-
-const size_t mbedtls_test_srv_crt_ec_pem_len =
-    sizeof( mbedtls_test_srv_crt_ec_pem );
-const size_t mbedtls_test_srv_key_ec_pem_len =
-    sizeof( mbedtls_test_srv_key_ec_pem );
-const size_t mbedtls_test_srv_pwd_ec_pem_len =
-    sizeof( mbedtls_test_srv_pwd_ec_pem ) - 1;
-const size_t mbedtls_test_srv_key_rsa_pem_len =
-    sizeof( mbedtls_test_srv_key_rsa_pem );
-const size_t mbedtls_test_srv_pwd_rsa_pem_len =
-    sizeof( mbedtls_test_srv_pwd_rsa_pem ) - 1;
-const size_t mbedtls_test_srv_crt_rsa_sha1_pem_len =
-    sizeof( mbedtls_test_srv_crt_rsa_sha1_pem );
-const size_t mbedtls_test_srv_crt_rsa_sha256_pem_len =
-    sizeof( mbedtls_test_srv_crt_rsa_sha256_pem );
-
-const size_t mbedtls_test_srv_crt_ec_der_len =
-    sizeof( mbedtls_test_srv_crt_ec_der );
-const size_t mbedtls_test_srv_key_ec_der_len =
-    sizeof( mbedtls_test_srv_key_ec_der );
-const size_t mbedtls_test_srv_pwd_ec_der_len = 0;
-const size_t mbedtls_test_srv_key_rsa_der_len =
-    sizeof( mbedtls_test_srv_key_rsa_der );
-const size_t mbedtls_test_srv_pwd_rsa_der_len = 0;
-const size_t mbedtls_test_srv_crt_rsa_sha1_der_len =
-    sizeof( mbedtls_test_srv_crt_rsa_sha1_der );
-const size_t mbedtls_test_srv_crt_rsa_sha256_der_len =
-    sizeof( mbedtls_test_srv_crt_rsa_sha256_der );
-
-/*
- * Client
- */
-
-const char mbedtls_test_cli_crt_ec_pem[]   = TEST_CLI_CRT_EC_PEM;
-const char mbedtls_test_cli_key_ec_pem[]   = TEST_CLI_KEY_EC_PEM;
-const char mbedtls_test_cli_pwd_ec_pem[]   = "";
-const char mbedtls_test_cli_key_rsa_pem[]  = TEST_CLI_KEY_RSA_PEM;
-const char mbedtls_test_cli_pwd_rsa_pem[]  = "";
-const char mbedtls_test_cli_crt_rsa_pem[]  = TEST_CLI_CRT_RSA_PEM;
-
-const unsigned char mbedtls_test_cli_crt_ec_der[]   = TEST_CLI_CRT_EC_DER;
-const unsigned char mbedtls_test_cli_key_ec_der[]   = TEST_CLI_KEY_EC_DER;
-const unsigned char mbedtls_test_cli_key_rsa_der[]  = TEST_CLI_KEY_RSA_DER;
-const unsigned char mbedtls_test_cli_crt_rsa_der[]  = TEST_CLI_CRT_RSA_DER;
-
-const size_t mbedtls_test_cli_crt_ec_pem_len =
-    sizeof( mbedtls_test_cli_crt_ec_pem );
-const size_t mbedtls_test_cli_key_ec_pem_len =
-    sizeof( mbedtls_test_cli_key_ec_pem );
-const size_t mbedtls_test_cli_pwd_ec_pem_len =
-    sizeof( mbedtls_test_cli_pwd_ec_pem ) - 1;
-const size_t mbedtls_test_cli_key_rsa_pem_len =
-    sizeof( mbedtls_test_cli_key_rsa_pem );
-const size_t mbedtls_test_cli_pwd_rsa_pem_len =
-    sizeof( mbedtls_test_cli_pwd_rsa_pem ) - 1;
-const size_t mbedtls_test_cli_crt_rsa_pem_len =
-    sizeof( mbedtls_test_cli_crt_rsa_pem );
-
-const size_t mbedtls_test_cli_crt_ec_der_len =
-    sizeof( mbedtls_test_cli_crt_ec_der );
-const size_t mbedtls_test_cli_key_ec_der_len =
-    sizeof( mbedtls_test_cli_key_ec_der );
-const size_t mbedtls_test_cli_key_rsa_der_len =
-    sizeof( mbedtls_test_cli_key_rsa_der );
-const size_t mbedtls_test_cli_crt_rsa_der_len =
-    sizeof( mbedtls_test_cli_crt_rsa_der );
-
-/*
- *
- * Definitions of test CRTs without specification of all parameters, choosing
- * them automatically according to the config. For example, mbedtls_test_ca_crt
- * is one of mbedtls_test_ca_crt_{rsa|ec}_{sha1|sha256}_{pem|der}.
- *
- */
-
-/*
- * Dispatch between PEM and DER according to config
- */
-
-#if defined(MBEDTLS_PEM_PARSE_C)
-
-/* PEM encoded test CA certificates and keys */
-
-#define TEST_CA_KEY_RSA        TEST_CA_KEY_RSA_PEM
-#define TEST_CA_PWD_RSA        TEST_CA_PWD_RSA_PEM
-#define TEST_CA_CRT_RSA_SHA256 TEST_CA_CRT_RSA_SHA256_PEM
-#define TEST_CA_CRT_RSA_SHA1   TEST_CA_CRT_RSA_SHA1_PEM
-#define TEST_CA_KEY_EC         TEST_CA_KEY_EC_PEM
-#define TEST_CA_PWD_EC         TEST_CA_PWD_EC_PEM
-#define TEST_CA_CRT_EC         TEST_CA_CRT_EC_PEM
-
-/* PEM encoded test server certificates and keys */
-
-#define TEST_SRV_KEY_RSA        TEST_SRV_KEY_RSA_PEM
-#define TEST_SRV_PWD_RSA        ""
-#define TEST_SRV_CRT_RSA_SHA256 TEST_SRV_CRT_RSA_SHA256_PEM
-#define TEST_SRV_CRT_RSA_SHA1   TEST_SRV_CRT_RSA_SHA1_PEM
-#define TEST_SRV_KEY_EC         TEST_SRV_KEY_EC_PEM
-#define TEST_SRV_PWD_EC         ""
-#define TEST_SRV_CRT_EC         TEST_SRV_CRT_EC_PEM
-
-/* PEM encoded test client certificates and keys */
-
-#define TEST_CLI_KEY_RSA  TEST_CLI_KEY_RSA_PEM
-#define TEST_CLI_PWD_RSA  ""
-#define TEST_CLI_CRT_RSA  TEST_CLI_CRT_RSA_PEM
-#define TEST_CLI_KEY_EC   TEST_CLI_KEY_EC_PEM
-#define TEST_CLI_PWD_EC   ""
-#define TEST_CLI_CRT_EC   TEST_CLI_CRT_EC_PEM
-
-#else /* MBEDTLS_PEM_PARSE_C */
-
-/* DER encoded test CA certificates and keys */
-
-#define TEST_CA_KEY_RSA        TEST_CA_KEY_RSA_DER
-#define TEST_CA_PWD_RSA        ""
-#define TEST_CA_CRT_RSA_SHA256 TEST_CA_CRT_RSA_SHA256_DER
-#define TEST_CA_CRT_RSA_SHA1   TEST_CA_CRT_RSA_SHA1_DER
-#define TEST_CA_KEY_EC         TEST_CA_KEY_EC_DER
-#define TEST_CA_PWD_EC         ""
-#define TEST_CA_CRT_EC         TEST_CA_CRT_EC_DER
-
-/* DER encoded test server certificates and keys */
-
-#define TEST_SRV_KEY_RSA        TEST_SRV_KEY_RSA_DER
-#define TEST_SRV_PWD_RSA        ""
-#define TEST_SRV_CRT_RSA_SHA256 TEST_SRV_CRT_RSA_SHA256_DER
-#define TEST_SRV_CRT_RSA_SHA1   TEST_SRV_CRT_RSA_SHA1_DER
-#define TEST_SRV_KEY_EC         TEST_SRV_KEY_EC_DER
-#define TEST_SRV_PWD_EC         ""
-#define TEST_SRV_CRT_EC         TEST_SRV_CRT_EC_DER
-
-/* DER encoded test client certificates and keys */
-
-#define TEST_CLI_KEY_RSA  TEST_CLI_KEY_RSA_DER
-#define TEST_CLI_PWD_RSA  ""
-#define TEST_CLI_CRT_RSA  TEST_CLI_CRT_RSA_DER
-#define TEST_CLI_KEY_EC   TEST_CLI_KEY_EC_DER
-#define TEST_CLI_PWD_EC   ""
-#define TEST_CLI_CRT_EC   TEST_CLI_CRT_EC_DER
-
-#endif /* MBEDTLS_PEM_PARSE_C */
-
-const char mbedtls_test_ca_key_rsa[]         = TEST_CA_KEY_RSA;
-const char mbedtls_test_ca_pwd_rsa[]         = TEST_CA_PWD_RSA;
-const char mbedtls_test_ca_crt_rsa_sha256[]  = TEST_CA_CRT_RSA_SHA256;
-const char mbedtls_test_ca_crt_rsa_sha1[]    = TEST_CA_CRT_RSA_SHA1;
-const char mbedtls_test_ca_key_ec[]          = TEST_CA_KEY_EC;
-const char mbedtls_test_ca_pwd_ec[]          = TEST_CA_PWD_EC;
-const char mbedtls_test_ca_crt_ec[]          = TEST_CA_CRT_EC;
-
-const char mbedtls_test_srv_key_rsa[]        = TEST_SRV_KEY_RSA;
-const char mbedtls_test_srv_pwd_rsa[]        = TEST_SRV_PWD_RSA;
-const char mbedtls_test_srv_crt_rsa_sha256[] = TEST_SRV_CRT_RSA_SHA256;
-const char mbedtls_test_srv_crt_rsa_sha1[]   = TEST_SRV_CRT_RSA_SHA1;
-const char mbedtls_test_srv_key_ec[]         = TEST_SRV_KEY_EC;
-const char mbedtls_test_srv_pwd_ec[]         = TEST_SRV_PWD_EC;
-const char mbedtls_test_srv_crt_ec[]         = TEST_SRV_CRT_EC;
-
-const char mbedtls_test_cli_key_rsa[]        = TEST_CLI_KEY_RSA;
-const char mbedtls_test_cli_pwd_rsa[]        = TEST_CLI_PWD_RSA;
-const char mbedtls_test_cli_crt_rsa[]        = TEST_CLI_CRT_RSA;
-const char mbedtls_test_cli_key_ec[]         = TEST_CLI_KEY_EC;
-const char mbedtls_test_cli_pwd_ec[]         = TEST_CLI_PWD_EC;
-const char mbedtls_test_cli_crt_ec[]         = TEST_CLI_CRT_EC;
-
-const size_t mbedtls_test_ca_key_rsa_len =
-    sizeof( mbedtls_test_ca_key_rsa );
-const size_t mbedtls_test_ca_pwd_rsa_len =
-    sizeof( mbedtls_test_ca_pwd_rsa ) - 1;
-const size_t mbedtls_test_ca_crt_rsa_sha256_len =
-    sizeof( mbedtls_test_ca_crt_rsa_sha256 );
-const size_t mbedtls_test_ca_crt_rsa_sha1_len =
-    sizeof( mbedtls_test_ca_crt_rsa_sha1 );
-const size_t mbedtls_test_ca_key_ec_len =
-    sizeof( mbedtls_test_ca_key_ec );
-const size_t mbedtls_test_ca_pwd_ec_len =
-    sizeof( mbedtls_test_ca_pwd_ec ) - 1;
-const size_t mbedtls_test_ca_crt_ec_len =
-    sizeof( mbedtls_test_ca_crt_ec );
-
-const size_t mbedtls_test_srv_key_rsa_len =
-    sizeof( mbedtls_test_srv_key_rsa );
-const size_t mbedtls_test_srv_pwd_rsa_len =
-    sizeof( mbedtls_test_srv_pwd_rsa ) -1;
-const size_t mbedtls_test_srv_crt_rsa_sha256_len =
-    sizeof( mbedtls_test_srv_crt_rsa_sha256 );
-const size_t mbedtls_test_srv_crt_rsa_sha1_len =
-    sizeof( mbedtls_test_srv_crt_rsa_sha1 );
-const size_t mbedtls_test_srv_key_ec_len =
-    sizeof( mbedtls_test_srv_key_ec );
-const size_t mbedtls_test_srv_pwd_ec_len =
-    sizeof( mbedtls_test_srv_pwd_ec ) - 1;
-const size_t mbedtls_test_srv_crt_ec_len =
-    sizeof( mbedtls_test_srv_crt_ec );
-
-const size_t mbedtls_test_cli_key_rsa_len =
-    sizeof( mbedtls_test_cli_key_rsa );
-const size_t mbedtls_test_cli_pwd_rsa_len =
-    sizeof( mbedtls_test_cli_pwd_rsa ) - 1;
-const size_t mbedtls_test_cli_crt_rsa_len =
-    sizeof( mbedtls_test_cli_crt_rsa );
-const size_t mbedtls_test_cli_key_ec_len =
-    sizeof( mbedtls_test_cli_key_ec );
-const size_t mbedtls_test_cli_pwd_ec_len =
-    sizeof( mbedtls_test_cli_pwd_ec ) - 1;
-const size_t mbedtls_test_cli_crt_ec_len =
-    sizeof( mbedtls_test_cli_crt_ec );
-
-/*
- * Dispatch between SHA-1 and SHA-256
- */
-
-#if defined(MBEDTLS_SHA256_C)
-#define TEST_CA_CRT_RSA  TEST_CA_CRT_RSA_SHA256
-#define TEST_SRV_CRT_RSA TEST_SRV_CRT_RSA_SHA256
-#else
-#define TEST_CA_CRT_RSA  TEST_CA_CRT_RSA_SHA1
-#define TEST_SRV_CRT_RSA TEST_SRV_CRT_RSA_SHA1
-#endif /* MBEDTLS_SHA256_C */
-
-const char mbedtls_test_ca_crt_rsa[]  = TEST_CA_CRT_RSA;
-const char mbedtls_test_srv_crt_rsa[] = TEST_SRV_CRT_RSA;
-
-const size_t mbedtls_test_ca_crt_rsa_len =
-    sizeof( mbedtls_test_ca_crt_rsa );
-const size_t mbedtls_test_srv_crt_rsa_len =
-    sizeof( mbedtls_test_srv_crt_rsa );
-
-/*
- * Dispatch between RSA and EC
- */
-
-#if defined(MBEDTLS_RSA_C)
-
-#define TEST_CA_KEY TEST_CA_KEY_RSA
-#define TEST_CA_PWD TEST_CA_PWD_RSA
-#define TEST_CA_CRT TEST_CA_CRT_RSA
-
-#define TEST_SRV_KEY TEST_SRV_KEY_RSA
-#define TEST_SRV_PWD TEST_SRV_PWD_RSA
-#define TEST_SRV_CRT TEST_SRV_CRT_RSA
-
-#define TEST_CLI_KEY TEST_CLI_KEY_RSA
-#define TEST_CLI_PWD TEST_CLI_PWD_RSA
-#define TEST_CLI_CRT TEST_CLI_CRT_RSA
-
-#else /* no RSA, so assume ECDSA */
-
-#define TEST_CA_KEY TEST_CA_KEY_EC
-#define TEST_CA_PWD TEST_CA_PWD_EC
-#define TEST_CA_CRT TEST_CA_CRT_EC
-
-#define TEST_SRV_KEY TEST_SRV_KEY_EC
-#define TEST_SRV_PWD TEST_SRV_PWD_EC
-#define TEST_SRV_CRT TEST_SRV_CRT_EC
-
-#define TEST_CLI_KEY TEST_CLI_KEY_EC
-#define TEST_CLI_PWD TEST_CLI_PWD_EC
-#define TEST_CLI_CRT TEST_CLI_CRT_EC
-#endif /* MBEDTLS_RSA_C */
-
-/* API stability forces us to declare
- *   mbedtls_test_{ca|srv|cli}_{key|pwd|crt}
- * as pointers. */
-static const char test_ca_key[] = TEST_CA_KEY;
-static const char test_ca_pwd[] = TEST_CA_PWD;
-static const char test_ca_crt[] = TEST_CA_CRT;
-
-static const char test_srv_key[] = TEST_SRV_KEY;
-static const char test_srv_pwd[] = TEST_SRV_PWD;
-static const char test_srv_crt[] = TEST_SRV_CRT;
-
-static const char test_cli_key[] = TEST_CLI_KEY;
-static const char test_cli_pwd[] = TEST_CLI_PWD;
-static const char test_cli_crt[] = TEST_CLI_CRT;
-
-const char *mbedtls_test_ca_key = test_ca_key;
-const char *mbedtls_test_ca_pwd = test_ca_pwd;
-const char *mbedtls_test_ca_crt = test_ca_crt;
-
-const char *mbedtls_test_srv_key = test_srv_key;
-const char *mbedtls_test_srv_pwd = test_srv_pwd;
-const char *mbedtls_test_srv_crt = test_srv_crt;
-
-const char *mbedtls_test_cli_key = test_cli_key;
-const char *mbedtls_test_cli_pwd = test_cli_pwd;
-const char *mbedtls_test_cli_crt = test_cli_crt;
-
-const size_t mbedtls_test_ca_key_len =
-    sizeof( test_ca_key );
-const size_t mbedtls_test_ca_pwd_len =
-    sizeof( test_ca_pwd ) - 1;
-const size_t mbedtls_test_ca_crt_len =
-    sizeof( test_ca_crt );
-
-const size_t mbedtls_test_srv_key_len =
-    sizeof( test_srv_key );
-const size_t mbedtls_test_srv_pwd_len =
-    sizeof( test_srv_pwd ) - 1;
-const size_t mbedtls_test_srv_crt_len =
-    sizeof( test_srv_crt );
-
-const size_t mbedtls_test_cli_key_len =
-    sizeof( test_cli_key );
-const size_t mbedtls_test_cli_pwd_len =
-    sizeof( test_cli_pwd ) - 1;
-const size_t mbedtls_test_cli_crt_len =
-    sizeof( test_cli_crt );
-
-/*
- *
- * Lists of certificates
- *
- */
-
-/* List of CAs in PEM or DER, depending on config */
-const char * mbedtls_test_cas[] = {
-#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA1_C)
-    mbedtls_test_ca_crt_rsa_sha1,
-#endif
-#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C)
-    mbedtls_test_ca_crt_rsa_sha256,
-#endif
-#if defined(MBEDTLS_ECDSA_C)
-    mbedtls_test_ca_crt_ec,
-#endif
-    NULL
-};
-const size_t mbedtls_test_cas_len[] = {
-#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA1_C)
-    sizeof( mbedtls_test_ca_crt_rsa_sha1 ),
-#endif
-#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C)
-    sizeof( mbedtls_test_ca_crt_rsa_sha256 ),
-#endif
-#if defined(MBEDTLS_ECDSA_C)
-    sizeof( mbedtls_test_ca_crt_ec ),
-#endif
-    0
-};
-
-/* List of all available CA certificates in DER format */
-const unsigned char * mbedtls_test_cas_der[] = {
-#if defined(MBEDTLS_RSA_C)
-#if defined(MBEDTLS_SHA256_C)
-    mbedtls_test_ca_crt_rsa_sha256_der,
-#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA1_C)
-    mbedtls_test_ca_crt_rsa_sha1_der,
-#endif /* MBEDTLS_SHA1_C */
-#endif /* MBEDTLS_RSA_C */
-#if defined(MBEDTLS_ECDSA_C)
-    mbedtls_test_ca_crt_ec_der,
-#endif /* MBEDTLS_ECDSA_C */
-    NULL
-};
-
-const size_t mbedtls_test_cas_der_len[] = {
-#if defined(MBEDTLS_RSA_C)
-#if defined(MBEDTLS_SHA256_C)
-    sizeof( mbedtls_test_ca_crt_rsa_sha256_der ),
-#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA1_C)
-    sizeof( mbedtls_test_ca_crt_rsa_sha1_der ),
-#endif /* MBEDTLS_SHA1_C */
-#endif /* MBEDTLS_RSA_C */
-#if defined(MBEDTLS_ECDSA_C)
-    sizeof( mbedtls_test_ca_crt_ec_der ),
-#endif /* MBEDTLS_ECDSA_C */
-    0
-};
-
-/* Concatenation of all available CA certificates in PEM format */
-#if defined(MBEDTLS_PEM_PARSE_C)
-const char mbedtls_test_cas_pem[] =
-#if defined(MBEDTLS_RSA_C)
-#if defined(MBEDTLS_SHA256_C)
-    TEST_CA_CRT_RSA_SHA256_PEM
-#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA1_C)
-    TEST_CA_CRT_RSA_SHA1_PEM
-#endif /* MBEDTLS_SHA1_C */
-#endif /* MBEDTLS_RSA_C */
-#if defined(MBEDTLS_ECDSA_C)
-    TEST_CA_CRT_EC_PEM
-#endif /* MBEDTLS_ECDSA_C */
-    "";
-const size_t mbedtls_test_cas_pem_len = sizeof( mbedtls_test_cas_pem );
-#endif /* MBEDTLS_PEM_PARSE_C */
-
-#endif /* MBEDTLS_CERTS_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/chacha20.c b/3rdparty/mbedtls-2.25.0/library/chacha20.c
deleted file mode 100644
index 78467d3..0000000
--- a/3rdparty/mbedtls-2.25.0/library/chacha20.c
+++ /dev/null
@@ -1,568 +0,0 @@
-/**
- * \file chacha20.c
- *
- * \brief ChaCha20 cipher.
- *
- * \author Daniel King <damaki.gh@gmail.com>
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_CHACHA20_C)
-
-#include "mbedtls/chacha20.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <stddef.h>
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_CHACHA20_ALT)
-
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
-    !defined(inline) && !defined(__cplusplus)
-#define inline __inline
-#endif
-
-/* Parameter validation macros */
-#define CHACHA20_VALIDATE_RET( cond )                                       \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA )
-#define CHACHA20_VALIDATE( cond )                                           \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-#define BYTES_TO_U32_LE( data, offset )                           \
-    ( (uint32_t) (data)[offset]                                   \
-      | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 )     \
-      | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 )    \
-      | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 )    \
-    )
-
-#define ROTL32( value, amount ) \
-    ( (uint32_t) ( (value) << (amount) ) | ( (value) >> ( 32 - (amount) ) ) )
-
-#define CHACHA20_CTR_INDEX ( 12U )
-
-#define CHACHA20_BLOCK_SIZE_BYTES ( 4U * 16U )
-
-/**
- * \brief           ChaCha20 quarter round operation.
- *
- *                  The quarter round is defined as follows (from RFC 7539):
- *                      1.  a += b; d ^= a; d <<<= 16;
- *                      2.  c += d; b ^= c; b <<<= 12;
- *                      3.  a += b; d ^= a; d <<<= 8;
- *                      4.  c += d; b ^= c; b <<<= 7;
- *
- * \param state     ChaCha20 state to modify.
- * \param a         The index of 'a' in the state.
- * \param b         The index of 'b' in the state.
- * \param c         The index of 'c' in the state.
- * \param d         The index of 'd' in the state.
- */
-static inline void chacha20_quarter_round( uint32_t state[16],
-                                           size_t a,
-                                           size_t b,
-                                           size_t c,
-                                           size_t d )
-{
-    /* a += b; d ^= a; d <<<= 16; */
-    state[a] += state[b];
-    state[d] ^= state[a];
-    state[d] = ROTL32( state[d], 16 );
-
-    /* c += d; b ^= c; b <<<= 12 */
-    state[c] += state[d];
-    state[b] ^= state[c];
-    state[b] = ROTL32( state[b], 12 );
-
-    /* a += b; d ^= a; d <<<= 8; */
-    state[a] += state[b];
-    state[d] ^= state[a];
-    state[d] = ROTL32( state[d], 8 );
-
-    /* c += d; b ^= c; b <<<= 7; */
-    state[c] += state[d];
-    state[b] ^= state[c];
-    state[b] = ROTL32( state[b], 7 );
-}
-
-/**
- * \brief           Perform the ChaCha20 inner block operation.
- *
- *                  This function performs two rounds: the column round and the
- *                  diagonal round.
- *
- * \param state     The ChaCha20 state to update.
- */
-static void chacha20_inner_block( uint32_t state[16] )
-{
-    chacha20_quarter_round( state, 0, 4, 8,  12 );
-    chacha20_quarter_round( state, 1, 5, 9,  13 );
-    chacha20_quarter_round( state, 2, 6, 10, 14 );
-    chacha20_quarter_round( state, 3, 7, 11, 15 );
-
-    chacha20_quarter_round( state, 0, 5, 10, 15 );
-    chacha20_quarter_round( state, 1, 6, 11, 12 );
-    chacha20_quarter_round( state, 2, 7, 8,  13 );
-    chacha20_quarter_round( state, 3, 4, 9,  14 );
-}
-
-/**
- * \brief               Generates a keystream block.
- *
- * \param initial_state The initial ChaCha20 state (key, nonce, counter).
- * \param keystream     Generated keystream bytes are written to this buffer.
- */
-static void chacha20_block( const uint32_t initial_state[16],
-                            unsigned char keystream[64] )
-{
-    uint32_t working_state[16];
-    size_t i;
-
-    memcpy( working_state,
-            initial_state,
-            CHACHA20_BLOCK_SIZE_BYTES );
-
-    for( i = 0U; i < 10U; i++ )
-        chacha20_inner_block( working_state );
-
-    working_state[ 0] += initial_state[ 0];
-    working_state[ 1] += initial_state[ 1];
-    working_state[ 2] += initial_state[ 2];
-    working_state[ 3] += initial_state[ 3];
-    working_state[ 4] += initial_state[ 4];
-    working_state[ 5] += initial_state[ 5];
-    working_state[ 6] += initial_state[ 6];
-    working_state[ 7] += initial_state[ 7];
-    working_state[ 8] += initial_state[ 8];
-    working_state[ 9] += initial_state[ 9];
-    working_state[10] += initial_state[10];
-    working_state[11] += initial_state[11];
-    working_state[12] += initial_state[12];
-    working_state[13] += initial_state[13];
-    working_state[14] += initial_state[14];
-    working_state[15] += initial_state[15];
-
-    for( i = 0U; i < 16; i++ )
-    {
-        size_t offset = i * 4U;
-
-        keystream[offset     ] = (unsigned char)( working_state[i]       );
-        keystream[offset + 1U] = (unsigned char)( working_state[i] >>  8 );
-        keystream[offset + 2U] = (unsigned char)( working_state[i] >> 16 );
-        keystream[offset + 3U] = (unsigned char)( working_state[i] >> 24 );
-    }
-
-    mbedtls_platform_zeroize( working_state, sizeof( working_state ) );
-}
-
-void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx )
-{
-    CHACHA20_VALIDATE( ctx != NULL );
-
-    mbedtls_platform_zeroize( ctx->state, sizeof( ctx->state ) );
-    mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) );
-
-    /* Initially, there's no keystream bytes available */
-    ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES;
-}
-
-void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx )
-{
-    if( ctx != NULL )
-    {
-        mbedtls_platform_zeroize( ctx, sizeof( mbedtls_chacha20_context ) );
-    }
-}
-
-int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx,
-                            const unsigned char key[32] )
-{
-    CHACHA20_VALIDATE_RET( ctx != NULL );
-    CHACHA20_VALIDATE_RET( key != NULL );
-
-    /* ChaCha20 constants - the string "expand 32-byte k" */
-    ctx->state[0] = 0x61707865;
-    ctx->state[1] = 0x3320646e;
-    ctx->state[2] = 0x79622d32;
-    ctx->state[3] = 0x6b206574;
-
-    /* Set key */
-    ctx->state[4]  = BYTES_TO_U32_LE( key, 0 );
-    ctx->state[5]  = BYTES_TO_U32_LE( key, 4 );
-    ctx->state[6]  = BYTES_TO_U32_LE( key, 8 );
-    ctx->state[7]  = BYTES_TO_U32_LE( key, 12 );
-    ctx->state[8]  = BYTES_TO_U32_LE( key, 16 );
-    ctx->state[9]  = BYTES_TO_U32_LE( key, 20 );
-    ctx->state[10] = BYTES_TO_U32_LE( key, 24 );
-    ctx->state[11] = BYTES_TO_U32_LE( key, 28 );
-
-    return( 0 );
-}
-
-int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx,
-                             const unsigned char nonce[12],
-                             uint32_t counter )
-{
-    CHACHA20_VALIDATE_RET( ctx != NULL );
-    CHACHA20_VALIDATE_RET( nonce != NULL );
-
-    /* Counter */
-    ctx->state[12] = counter;
-
-    /* Nonce */
-    ctx->state[13] = BYTES_TO_U32_LE( nonce, 0 );
-    ctx->state[14] = BYTES_TO_U32_LE( nonce, 4 );
-    ctx->state[15] = BYTES_TO_U32_LE( nonce, 8 );
-
-    mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) );
-
-    /* Initially, there's no keystream bytes available */
-    ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES;
-
-    return( 0 );
-}
-
-int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx,
-                              size_t size,
-                              const unsigned char *input,
-                              unsigned char *output )
-{
-    size_t offset = 0U;
-    size_t i;
-
-    CHACHA20_VALIDATE_RET( ctx != NULL );
-    CHACHA20_VALIDATE_RET( size == 0 || input  != NULL );
-    CHACHA20_VALIDATE_RET( size == 0 || output != NULL );
-
-    /* Use leftover keystream bytes, if available */
-    while( size > 0U && ctx->keystream_bytes_used < CHACHA20_BLOCK_SIZE_BYTES )
-    {
-        output[offset] = input[offset]
-                       ^ ctx->keystream8[ctx->keystream_bytes_used];
-
-        ctx->keystream_bytes_used++;
-        offset++;
-        size--;
-    }
-
-    /* Process full blocks */
-    while( size >= CHACHA20_BLOCK_SIZE_BYTES )
-    {
-        /* Generate new keystream block and increment counter */
-        chacha20_block( ctx->state, ctx->keystream8 );
-        ctx->state[CHACHA20_CTR_INDEX]++;
-
-        for( i = 0U; i < 64U; i += 8U )
-        {
-            output[offset + i  ] = input[offset + i  ] ^ ctx->keystream8[i  ];
-            output[offset + i+1] = input[offset + i+1] ^ ctx->keystream8[i+1];
-            output[offset + i+2] = input[offset + i+2] ^ ctx->keystream8[i+2];
-            output[offset + i+3] = input[offset + i+3] ^ ctx->keystream8[i+3];
-            output[offset + i+4] = input[offset + i+4] ^ ctx->keystream8[i+4];
-            output[offset + i+5] = input[offset + i+5] ^ ctx->keystream8[i+5];
-            output[offset + i+6] = input[offset + i+6] ^ ctx->keystream8[i+6];
-            output[offset + i+7] = input[offset + i+7] ^ ctx->keystream8[i+7];
-        }
-
-        offset += CHACHA20_BLOCK_SIZE_BYTES;
-        size   -= CHACHA20_BLOCK_SIZE_BYTES;
-    }
-
-    /* Last (partial) block */
-    if( size > 0U )
-    {
-        /* Generate new keystream block and increment counter */
-        chacha20_block( ctx->state, ctx->keystream8 );
-        ctx->state[CHACHA20_CTR_INDEX]++;
-
-        for( i = 0U; i < size; i++)
-        {
-            output[offset + i] = input[offset + i] ^ ctx->keystream8[i];
-        }
-
-        ctx->keystream_bytes_used = size;
-
-    }
-
-    return( 0 );
-}
-
-int mbedtls_chacha20_crypt( const unsigned char key[32],
-                            const unsigned char nonce[12],
-                            uint32_t counter,
-                            size_t data_len,
-                            const unsigned char* input,
-                            unsigned char* output )
-{
-    mbedtls_chacha20_context ctx;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    CHACHA20_VALIDATE_RET( key != NULL );
-    CHACHA20_VALIDATE_RET( nonce != NULL );
-    CHACHA20_VALIDATE_RET( data_len == 0 || input  != NULL );
-    CHACHA20_VALIDATE_RET( data_len == 0 || output != NULL );
-
-    mbedtls_chacha20_init( &ctx );
-
-    ret = mbedtls_chacha20_setkey( &ctx, key );
-    if( ret != 0 )
-        goto cleanup;
-
-    ret = mbedtls_chacha20_starts( &ctx, nonce, counter );
-    if( ret != 0 )
-        goto cleanup;
-
-    ret = mbedtls_chacha20_update( &ctx, data_len, input, output );
-
-cleanup:
-    mbedtls_chacha20_free( &ctx );
-    return( ret );
-}
-
-#endif /* !MBEDTLS_CHACHA20_ALT */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-static const unsigned char test_keys[2][32] =
-{
-    {
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-    },
-    {
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
-    }
-};
-
-static const unsigned char test_nonces[2][12] =
-{
-    {
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00
-    },
-    {
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x02
-    }
-};
-
-static const uint32_t test_counters[2] =
-{
-    0U,
-    1U
-};
-
-static const unsigned char test_input[2][375] =
-{
-    {
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-    },
-    {
-        0x41, 0x6e, 0x79, 0x20, 0x73, 0x75, 0x62, 0x6d,
-        0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x20, 0x74,
-        0x6f, 0x20, 0x74, 0x68, 0x65, 0x20, 0x49, 0x45,
-        0x54, 0x46, 0x20, 0x69, 0x6e, 0x74, 0x65, 0x6e,
-        0x64, 0x65, 0x64, 0x20, 0x62, 0x79, 0x20, 0x74,
-        0x68, 0x65, 0x20, 0x43, 0x6f, 0x6e, 0x74, 0x72,
-        0x69, 0x62, 0x75, 0x74, 0x6f, 0x72, 0x20, 0x66,
-        0x6f, 0x72, 0x20, 0x70, 0x75, 0x62, 0x6c, 0x69,
-        0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x61,
-        0x73, 0x20, 0x61, 0x6c, 0x6c, 0x20, 0x6f, 0x72,
-        0x20, 0x70, 0x61, 0x72, 0x74, 0x20, 0x6f, 0x66,
-        0x20, 0x61, 0x6e, 0x20, 0x49, 0x45, 0x54, 0x46,
-        0x20, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65,
-        0x74, 0x2d, 0x44, 0x72, 0x61, 0x66, 0x74, 0x20,
-        0x6f, 0x72, 0x20, 0x52, 0x46, 0x43, 0x20, 0x61,
-        0x6e, 0x64, 0x20, 0x61, 0x6e, 0x79, 0x20, 0x73,
-        0x74, 0x61, 0x74, 0x65, 0x6d, 0x65, 0x6e, 0x74,
-        0x20, 0x6d, 0x61, 0x64, 0x65, 0x20, 0x77, 0x69,
-        0x74, 0x68, 0x69, 0x6e, 0x20, 0x74, 0x68, 0x65,
-        0x20, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74,
-        0x20, 0x6f, 0x66, 0x20, 0x61, 0x6e, 0x20, 0x49,
-        0x45, 0x54, 0x46, 0x20, 0x61, 0x63, 0x74, 0x69,
-        0x76, 0x69, 0x74, 0x79, 0x20, 0x69, 0x73, 0x20,
-        0x63, 0x6f, 0x6e, 0x73, 0x69, 0x64, 0x65, 0x72,
-        0x65, 0x64, 0x20, 0x61, 0x6e, 0x20, 0x22, 0x49,
-        0x45, 0x54, 0x46, 0x20, 0x43, 0x6f, 0x6e, 0x74,
-        0x72, 0x69, 0x62, 0x75, 0x74, 0x69, 0x6f, 0x6e,
-        0x22, 0x2e, 0x20, 0x53, 0x75, 0x63, 0x68, 0x20,
-        0x73, 0x74, 0x61, 0x74, 0x65, 0x6d, 0x65, 0x6e,
-        0x74, 0x73, 0x20, 0x69, 0x6e, 0x63, 0x6c, 0x75,
-        0x64, 0x65, 0x20, 0x6f, 0x72, 0x61, 0x6c, 0x20,
-        0x73, 0x74, 0x61, 0x74, 0x65, 0x6d, 0x65, 0x6e,
-        0x74, 0x73, 0x20, 0x69, 0x6e, 0x20, 0x49, 0x45,
-        0x54, 0x46, 0x20, 0x73, 0x65, 0x73, 0x73, 0x69,
-        0x6f, 0x6e, 0x73, 0x2c, 0x20, 0x61, 0x73, 0x20,
-        0x77, 0x65, 0x6c, 0x6c, 0x20, 0x61, 0x73, 0x20,
-        0x77, 0x72, 0x69, 0x74, 0x74, 0x65, 0x6e, 0x20,
-        0x61, 0x6e, 0x64, 0x20, 0x65, 0x6c, 0x65, 0x63,
-        0x74, 0x72, 0x6f, 0x6e, 0x69, 0x63, 0x20, 0x63,
-        0x6f, 0x6d, 0x6d, 0x75, 0x6e, 0x69, 0x63, 0x61,
-        0x74, 0x69, 0x6f, 0x6e, 0x73, 0x20, 0x6d, 0x61,
-        0x64, 0x65, 0x20, 0x61, 0x74, 0x20, 0x61, 0x6e,
-        0x79, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x20, 0x6f,
-        0x72, 0x20, 0x70, 0x6c, 0x61, 0x63, 0x65, 0x2c,
-        0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x61,
-        0x72, 0x65, 0x20, 0x61, 0x64, 0x64, 0x72, 0x65,
-        0x73, 0x73, 0x65, 0x64, 0x20, 0x74, 0x6f
-    }
-};
-
-static const unsigned char test_output[2][375] =
-{
-    {
-        0x76, 0xb8, 0xe0, 0xad, 0xa0, 0xf1, 0x3d, 0x90,
-        0x40, 0x5d, 0x6a, 0xe5, 0x53, 0x86, 0xbd, 0x28,
-        0xbd, 0xd2, 0x19, 0xb8, 0xa0, 0x8d, 0xed, 0x1a,
-        0xa8, 0x36, 0xef, 0xcc, 0x8b, 0x77, 0x0d, 0xc7,
-        0xda, 0x41, 0x59, 0x7c, 0x51, 0x57, 0x48, 0x8d,
-        0x77, 0x24, 0xe0, 0x3f, 0xb8, 0xd8, 0x4a, 0x37,
-        0x6a, 0x43, 0xb8, 0xf4, 0x15, 0x18, 0xa1, 0x1c,
-        0xc3, 0x87, 0xb6, 0x69, 0xb2, 0xee, 0x65, 0x86
-    },
-    {
-        0xa3, 0xfb, 0xf0, 0x7d, 0xf3, 0xfa, 0x2f, 0xde,
-        0x4f, 0x37, 0x6c, 0xa2, 0x3e, 0x82, 0x73, 0x70,
-        0x41, 0x60, 0x5d, 0x9f, 0x4f, 0x4f, 0x57, 0xbd,
-        0x8c, 0xff, 0x2c, 0x1d, 0x4b, 0x79, 0x55, 0xec,
-        0x2a, 0x97, 0x94, 0x8b, 0xd3, 0x72, 0x29, 0x15,
-        0xc8, 0xf3, 0xd3, 0x37, 0xf7, 0xd3, 0x70, 0x05,
-        0x0e, 0x9e, 0x96, 0xd6, 0x47, 0xb7, 0xc3, 0x9f,
-        0x56, 0xe0, 0x31, 0xca, 0x5e, 0xb6, 0x25, 0x0d,
-        0x40, 0x42, 0xe0, 0x27, 0x85, 0xec, 0xec, 0xfa,
-        0x4b, 0x4b, 0xb5, 0xe8, 0xea, 0xd0, 0x44, 0x0e,
-        0x20, 0xb6, 0xe8, 0xdb, 0x09, 0xd8, 0x81, 0xa7,
-        0xc6, 0x13, 0x2f, 0x42, 0x0e, 0x52, 0x79, 0x50,
-        0x42, 0xbd, 0xfa, 0x77, 0x73, 0xd8, 0xa9, 0x05,
-        0x14, 0x47, 0xb3, 0x29, 0x1c, 0xe1, 0x41, 0x1c,
-        0x68, 0x04, 0x65, 0x55, 0x2a, 0xa6, 0xc4, 0x05,
-        0xb7, 0x76, 0x4d, 0x5e, 0x87, 0xbe, 0xa8, 0x5a,
-        0xd0, 0x0f, 0x84, 0x49, 0xed, 0x8f, 0x72, 0xd0,
-        0xd6, 0x62, 0xab, 0x05, 0x26, 0x91, 0xca, 0x66,
-        0x42, 0x4b, 0xc8, 0x6d, 0x2d, 0xf8, 0x0e, 0xa4,
-        0x1f, 0x43, 0xab, 0xf9, 0x37, 0xd3, 0x25, 0x9d,
-        0xc4, 0xb2, 0xd0, 0xdf, 0xb4, 0x8a, 0x6c, 0x91,
-        0x39, 0xdd, 0xd7, 0xf7, 0x69, 0x66, 0xe9, 0x28,
-        0xe6, 0x35, 0x55, 0x3b, 0xa7, 0x6c, 0x5c, 0x87,
-        0x9d, 0x7b, 0x35, 0xd4, 0x9e, 0xb2, 0xe6, 0x2b,
-        0x08, 0x71, 0xcd, 0xac, 0x63, 0x89, 0x39, 0xe2,
-        0x5e, 0x8a, 0x1e, 0x0e, 0xf9, 0xd5, 0x28, 0x0f,
-        0xa8, 0xca, 0x32, 0x8b, 0x35, 0x1c, 0x3c, 0x76,
-        0x59, 0x89, 0xcb, 0xcf, 0x3d, 0xaa, 0x8b, 0x6c,
-        0xcc, 0x3a, 0xaf, 0x9f, 0x39, 0x79, 0xc9, 0x2b,
-        0x37, 0x20, 0xfc, 0x88, 0xdc, 0x95, 0xed, 0x84,
-        0xa1, 0xbe, 0x05, 0x9c, 0x64, 0x99, 0xb9, 0xfd,
-        0xa2, 0x36, 0xe7, 0xe8, 0x18, 0xb0, 0x4b, 0x0b,
-        0xc3, 0x9c, 0x1e, 0x87, 0x6b, 0x19, 0x3b, 0xfe,
-        0x55, 0x69, 0x75, 0x3f, 0x88, 0x12, 0x8c, 0xc0,
-        0x8a, 0xaa, 0x9b, 0x63, 0xd1, 0xa1, 0x6f, 0x80,
-        0xef, 0x25, 0x54, 0xd7, 0x18, 0x9c, 0x41, 0x1f,
-        0x58, 0x69, 0xca, 0x52, 0xc5, 0xb8, 0x3f, 0xa3,
-        0x6f, 0xf2, 0x16, 0xb9, 0xc1, 0xd3, 0x00, 0x62,
-        0xbe, 0xbc, 0xfd, 0x2d, 0xc5, 0xbc, 0xe0, 0x91,
-        0x19, 0x34, 0xfd, 0xa7, 0x9a, 0x86, 0xf6, 0xe6,
-        0x98, 0xce, 0xd7, 0x59, 0xc3, 0xff, 0x9b, 0x64,
-        0x77, 0x33, 0x8f, 0x3d, 0xa4, 0xf9, 0xcd, 0x85,
-        0x14, 0xea, 0x99, 0x82, 0xcc, 0xaf, 0xb3, 0x41,
-        0xb2, 0x38, 0x4d, 0xd9, 0x02, 0xf3, 0xd1, 0xab,
-        0x7a, 0xc6, 0x1d, 0xd2, 0x9c, 0x6f, 0x21, 0xba,
-        0x5b, 0x86, 0x2f, 0x37, 0x30, 0xe3, 0x7c, 0xfd,
-        0xc4, 0xfd, 0x80, 0x6c, 0x22, 0xf2, 0x21
-    }
-};
-
-static const size_t test_lengths[2] =
-{
-    64U,
-    375U
-};
-
-/* Make sure no other definition is already present. */
-#undef ASSERT
-
-#define ASSERT( cond, args )            \
-    do                                  \
-    {                                   \
-        if( ! ( cond ) )                \
-        {                               \
-            if( verbose != 0 )          \
-                mbedtls_printf args;    \
-                                        \
-            return( -1 );               \
-        }                               \
-    }                                   \
-    while( 0 )
-
-int mbedtls_chacha20_self_test( int verbose )
-{
-    unsigned char output[381];
-    unsigned i;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    for( i = 0U; i < 2U; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  ChaCha20 test %u ", i );
-
-        ret = mbedtls_chacha20_crypt( test_keys[i],
-                                      test_nonces[i],
-                                      test_counters[i],
-                                      test_lengths[i],
-                                      test_input[i],
-                                      output );
-
-        ASSERT( 0 == ret, ( "error code: %i\n", ret ) );
-
-        ASSERT( 0 == memcmp( output, test_output[i], test_lengths[i] ),
-                ( "failed (output)\n" ) );
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-    return( 0 );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* !MBEDTLS_CHACHA20_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/chachapoly.c b/3rdparty/mbedtls-2.25.0/library/chachapoly.c
deleted file mode 100644
index 77d5477..0000000
--- a/3rdparty/mbedtls-2.25.0/library/chachapoly.c
+++ /dev/null
@@ -1,538 +0,0 @@
-/**
- * \file chachapoly.c
- *
- * \brief ChaCha20-Poly1305 AEAD construction based on RFC 7539.
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#include "common.h"
-
-#if defined(MBEDTLS_CHACHAPOLY_C)
-
-#include "mbedtls/chachapoly.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_CHACHAPOLY_ALT)
-
-/* Parameter validation macros */
-#define CHACHAPOLY_VALIDATE_RET( cond )                                       \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA )
-#define CHACHAPOLY_VALIDATE( cond )                                           \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-#define CHACHAPOLY_STATE_INIT       ( 0 )
-#define CHACHAPOLY_STATE_AAD        ( 1 )
-#define CHACHAPOLY_STATE_CIPHERTEXT ( 2 ) /* Encrypting or decrypting */
-#define CHACHAPOLY_STATE_FINISHED   ( 3 )
-
-/**
- * \brief           Adds nul bytes to pad the AAD for Poly1305.
- *
- * \param ctx       The ChaCha20-Poly1305 context.
- */
-static int chachapoly_pad_aad( mbedtls_chachapoly_context *ctx )
-{
-    uint32_t partial_block_len = (uint32_t) ( ctx->aad_len % 16U );
-    unsigned char zeroes[15];
-
-    if( partial_block_len == 0U )
-        return( 0 );
-
-    memset( zeroes, 0, sizeof( zeroes ) );
-
-    return( mbedtls_poly1305_update( &ctx->poly1305_ctx,
-                                     zeroes,
-                                     16U - partial_block_len ) );
-}
-
-/**
- * \brief           Adds nul bytes to pad the ciphertext for Poly1305.
- *
- * \param ctx       The ChaCha20-Poly1305 context.
- */
-static int chachapoly_pad_ciphertext( mbedtls_chachapoly_context *ctx )
-{
-    uint32_t partial_block_len = (uint32_t) ( ctx->ciphertext_len % 16U );
-    unsigned char zeroes[15];
-
-    if( partial_block_len == 0U )
-        return( 0 );
-
-    memset( zeroes, 0, sizeof( zeroes ) );
-    return( mbedtls_poly1305_update( &ctx->poly1305_ctx,
-                                     zeroes,
-                                     16U - partial_block_len ) );
-}
-
-void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx )
-{
-    CHACHAPOLY_VALIDATE( ctx != NULL );
-
-    mbedtls_chacha20_init( &ctx->chacha20_ctx );
-    mbedtls_poly1305_init( &ctx->poly1305_ctx );
-    ctx->aad_len        = 0U;
-    ctx->ciphertext_len = 0U;
-    ctx->state          = CHACHAPOLY_STATE_INIT;
-    ctx->mode           = MBEDTLS_CHACHAPOLY_ENCRYPT;
-}
-
-void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_chacha20_free( &ctx->chacha20_ctx );
-    mbedtls_poly1305_free( &ctx->poly1305_ctx );
-    ctx->aad_len        = 0U;
-    ctx->ciphertext_len = 0U;
-    ctx->state          = CHACHAPOLY_STATE_INIT;
-    ctx->mode           = MBEDTLS_CHACHAPOLY_ENCRYPT;
-}
-
-int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx,
-                               const unsigned char key[32] )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    CHACHAPOLY_VALIDATE_RET( ctx != NULL );
-    CHACHAPOLY_VALIDATE_RET( key != NULL );
-
-    ret = mbedtls_chacha20_setkey( &ctx->chacha20_ctx, key );
-
-    return( ret );
-}
-
-int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx,
-                               const unsigned char nonce[12],
-                               mbedtls_chachapoly_mode_t mode  )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char poly1305_key[64];
-    CHACHAPOLY_VALIDATE_RET( ctx != NULL );
-    CHACHAPOLY_VALIDATE_RET( nonce != NULL );
-
-    /* Set counter = 0, will be update to 1 when generating Poly1305 key */
-    ret = mbedtls_chacha20_starts( &ctx->chacha20_ctx, nonce, 0U );
-    if( ret != 0 )
-        goto cleanup;
-
-    /* Generate the Poly1305 key by getting the ChaCha20 keystream output with
-     * counter = 0.  This is the same as encrypting a buffer of zeroes.
-     * Only the first 256-bits (32 bytes) of the key is used for Poly1305.
-     * The other 256 bits are discarded.
-     */
-    memset( poly1305_key, 0, sizeof( poly1305_key ) );
-    ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, sizeof( poly1305_key ),
-                                      poly1305_key, poly1305_key );
-    if( ret != 0 )
-        goto cleanup;
-
-    ret = mbedtls_poly1305_starts( &ctx->poly1305_ctx, poly1305_key );
-
-    if( ret == 0 )
-    {
-        ctx->aad_len        = 0U;
-        ctx->ciphertext_len = 0U;
-        ctx->state          = CHACHAPOLY_STATE_AAD;
-        ctx->mode           = mode;
-    }
-
-cleanup:
-    mbedtls_platform_zeroize( poly1305_key, 64U );
-    return( ret );
-}
-
-int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx,
-                                   const unsigned char *aad,
-                                   size_t aad_len )
-{
-    CHACHAPOLY_VALIDATE_RET( ctx != NULL );
-    CHACHAPOLY_VALIDATE_RET( aad_len == 0 || aad != NULL );
-
-    if( ctx->state != CHACHAPOLY_STATE_AAD )
-        return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
-
-    ctx->aad_len += aad_len;
-
-    return( mbedtls_poly1305_update( &ctx->poly1305_ctx, aad, aad_len ) );
-}
-
-int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx,
-                               size_t len,
-                               const unsigned char *input,
-                               unsigned char *output )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    CHACHAPOLY_VALIDATE_RET( ctx != NULL );
-    CHACHAPOLY_VALIDATE_RET( len == 0 || input != NULL );
-    CHACHAPOLY_VALIDATE_RET( len == 0 || output != NULL );
-
-    if( ( ctx->state != CHACHAPOLY_STATE_AAD ) &&
-        ( ctx->state != CHACHAPOLY_STATE_CIPHERTEXT ) )
-    {
-        return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
-    }
-
-    if( ctx->state == CHACHAPOLY_STATE_AAD )
-    {
-        ctx->state = CHACHAPOLY_STATE_CIPHERTEXT;
-
-        ret = chachapoly_pad_aad( ctx );
-        if( ret != 0 )
-            return( ret );
-    }
-
-    ctx->ciphertext_len += len;
-
-    if( ctx->mode == MBEDTLS_CHACHAPOLY_ENCRYPT )
-    {
-        ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, len, input, output );
-        if( ret != 0 )
-            return( ret );
-
-        ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, output, len );
-        if( ret != 0 )
-            return( ret );
-    }
-    else /* DECRYPT */
-    {
-        ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, input, len );
-        if( ret != 0 )
-            return( ret );
-
-        ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, len, input, output );
-        if( ret != 0 )
-            return( ret );
-    }
-
-    return( 0 );
-}
-
-int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx,
-                               unsigned char mac[16] )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char len_block[16];
-    CHACHAPOLY_VALIDATE_RET( ctx != NULL );
-    CHACHAPOLY_VALIDATE_RET( mac != NULL );
-
-    if( ctx->state == CHACHAPOLY_STATE_INIT )
-    {
-        return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
-    }
-
-    if( ctx->state == CHACHAPOLY_STATE_AAD )
-    {
-        ret = chachapoly_pad_aad( ctx );
-        if( ret != 0 )
-            return( ret );
-    }
-    else if( ctx->state == CHACHAPOLY_STATE_CIPHERTEXT )
-    {
-        ret = chachapoly_pad_ciphertext( ctx );
-        if( ret != 0 )
-            return( ret );
-    }
-
-    ctx->state = CHACHAPOLY_STATE_FINISHED;
-
-    /* The lengths of the AAD and ciphertext are processed by
-     * Poly1305 as the final 128-bit block, encoded as little-endian integers.
-     */
-    len_block[ 0] = (unsigned char)( ctx->aad_len       );
-    len_block[ 1] = (unsigned char)( ctx->aad_len >>  8 );
-    len_block[ 2] = (unsigned char)( ctx->aad_len >> 16 );
-    len_block[ 3] = (unsigned char)( ctx->aad_len >> 24 );
-    len_block[ 4] = (unsigned char)( ctx->aad_len >> 32 );
-    len_block[ 5] = (unsigned char)( ctx->aad_len >> 40 );
-    len_block[ 6] = (unsigned char)( ctx->aad_len >> 48 );
-    len_block[ 7] = (unsigned char)( ctx->aad_len >> 56 );
-    len_block[ 8] = (unsigned char)( ctx->ciphertext_len       );
-    len_block[ 9] = (unsigned char)( ctx->ciphertext_len >>  8 );
-    len_block[10] = (unsigned char)( ctx->ciphertext_len >> 16 );
-    len_block[11] = (unsigned char)( ctx->ciphertext_len >> 24 );
-    len_block[12] = (unsigned char)( ctx->ciphertext_len >> 32 );
-    len_block[13] = (unsigned char)( ctx->ciphertext_len >> 40 );
-    len_block[14] = (unsigned char)( ctx->ciphertext_len >> 48 );
-    len_block[15] = (unsigned char)( ctx->ciphertext_len >> 56 );
-
-    ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, len_block, 16U );
-    if( ret != 0 )
-        return( ret );
-
-    ret = mbedtls_poly1305_finish( &ctx->poly1305_ctx, mac );
-
-    return( ret );
-}
-
-static int chachapoly_crypt_and_tag( mbedtls_chachapoly_context *ctx,
-                                     mbedtls_chachapoly_mode_t mode,
-                                     size_t length,
-                                     const unsigned char nonce[12],
-                                     const unsigned char *aad,
-                                     size_t aad_len,
-                                     const unsigned char *input,
-                                     unsigned char *output,
-                                     unsigned char tag[16] )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    ret = mbedtls_chachapoly_starts( ctx, nonce, mode );
-    if( ret != 0 )
-        goto cleanup;
-
-    ret = mbedtls_chachapoly_update_aad( ctx, aad, aad_len );
-    if( ret != 0 )
-        goto cleanup;
-
-    ret = mbedtls_chachapoly_update( ctx, length, input, output );
-    if( ret != 0 )
-        goto cleanup;
-
-    ret = mbedtls_chachapoly_finish( ctx, tag );
-
-cleanup:
-    return( ret );
-}
-
-int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx,
-                                        size_t length,
-                                        const unsigned char nonce[12],
-                                        const unsigned char *aad,
-                                        size_t aad_len,
-                                        const unsigned char *input,
-                                        unsigned char *output,
-                                        unsigned char tag[16] )
-{
-    CHACHAPOLY_VALIDATE_RET( ctx   != NULL );
-    CHACHAPOLY_VALIDATE_RET( nonce != NULL );
-    CHACHAPOLY_VALIDATE_RET( tag   != NULL );
-    CHACHAPOLY_VALIDATE_RET( aad_len == 0 || aad    != NULL );
-    CHACHAPOLY_VALIDATE_RET( length  == 0 || input  != NULL );
-    CHACHAPOLY_VALIDATE_RET( length  == 0 || output != NULL );
-
-    return( chachapoly_crypt_and_tag( ctx, MBEDTLS_CHACHAPOLY_ENCRYPT,
-                                      length, nonce, aad, aad_len,
-                                      input, output, tag ) );
-}
-
-int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx,
-                                     size_t length,
-                                     const unsigned char nonce[12],
-                                     const unsigned char *aad,
-                                     size_t aad_len,
-                                     const unsigned char tag[16],
-                                     const unsigned char *input,
-                                     unsigned char *output )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char check_tag[16];
-    size_t i;
-    int diff;
-    CHACHAPOLY_VALIDATE_RET( ctx   != NULL );
-    CHACHAPOLY_VALIDATE_RET( nonce != NULL );
-    CHACHAPOLY_VALIDATE_RET( tag   != NULL );
-    CHACHAPOLY_VALIDATE_RET( aad_len == 0 || aad    != NULL );
-    CHACHAPOLY_VALIDATE_RET( length  == 0 || input  != NULL );
-    CHACHAPOLY_VALIDATE_RET( length  == 0 || output != NULL );
-
-    if( ( ret = chachapoly_crypt_and_tag( ctx,
-                        MBEDTLS_CHACHAPOLY_DECRYPT, length, nonce,
-                        aad, aad_len, input, output, check_tag ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    /* Check tag in "constant-time" */
-    for( diff = 0, i = 0; i < sizeof( check_tag ); i++ )
-        diff |= tag[i] ^ check_tag[i];
-
-    if( diff != 0 )
-    {
-        mbedtls_platform_zeroize( output, length );
-        return( MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED );
-    }
-
-    return( 0 );
-}
-
-#endif /* MBEDTLS_CHACHAPOLY_ALT */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-static const unsigned char test_key[1][32] =
-{
-    {
-        0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
-        0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
-        0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
-        0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f
-    }
-};
-
-static const unsigned char test_nonce[1][12] =
-{
-    {
-        0x07, 0x00, 0x00, 0x00,                         /* 32-bit common part */
-        0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47  /* 64-bit IV */
-    }
-};
-
-static const unsigned char test_aad[1][12] =
-{
-    {
-        0x50, 0x51, 0x52, 0x53, 0xc0, 0xc1, 0xc2, 0xc3,
-        0xc4, 0xc5, 0xc6, 0xc7
-    }
-};
-
-static const size_t test_aad_len[1] =
-{
-    12U
-};
-
-static const unsigned char test_input[1][114] =
-{
-    {
-        0x4c, 0x61, 0x64, 0x69, 0x65, 0x73, 0x20, 0x61,
-        0x6e, 0x64, 0x20, 0x47, 0x65, 0x6e, 0x74, 0x6c,
-        0x65, 0x6d, 0x65, 0x6e, 0x20, 0x6f, 0x66, 0x20,
-        0x74, 0x68, 0x65, 0x20, 0x63, 0x6c, 0x61, 0x73,
-        0x73, 0x20, 0x6f, 0x66, 0x20, 0x27, 0x39, 0x39,
-        0x3a, 0x20, 0x49, 0x66, 0x20, 0x49, 0x20, 0x63,
-        0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6f, 0x66, 0x66,
-        0x65, 0x72, 0x20, 0x79, 0x6f, 0x75, 0x20, 0x6f,
-        0x6e, 0x6c, 0x79, 0x20, 0x6f, 0x6e, 0x65, 0x20,
-        0x74, 0x69, 0x70, 0x20, 0x66, 0x6f, 0x72, 0x20,
-        0x74, 0x68, 0x65, 0x20, 0x66, 0x75, 0x74, 0x75,
-        0x72, 0x65, 0x2c, 0x20, 0x73, 0x75, 0x6e, 0x73,
-        0x63, 0x72, 0x65, 0x65, 0x6e, 0x20, 0x77, 0x6f,
-        0x75, 0x6c, 0x64, 0x20, 0x62, 0x65, 0x20, 0x69,
-        0x74, 0x2e
-    }
-};
-
-static const unsigned char test_output[1][114] =
-{
-    {
-        0xd3, 0x1a, 0x8d, 0x34, 0x64, 0x8e, 0x60, 0xdb,
-        0x7b, 0x86, 0xaf, 0xbc, 0x53, 0xef, 0x7e, 0xc2,
-        0xa4, 0xad, 0xed, 0x51, 0x29, 0x6e, 0x08, 0xfe,
-        0xa9, 0xe2, 0xb5, 0xa7, 0x36, 0xee, 0x62, 0xd6,
-        0x3d, 0xbe, 0xa4, 0x5e, 0x8c, 0xa9, 0x67, 0x12,
-        0x82, 0xfa, 0xfb, 0x69, 0xda, 0x92, 0x72, 0x8b,
-        0x1a, 0x71, 0xde, 0x0a, 0x9e, 0x06, 0x0b, 0x29,
-        0x05, 0xd6, 0xa5, 0xb6, 0x7e, 0xcd, 0x3b, 0x36,
-        0x92, 0xdd, 0xbd, 0x7f, 0x2d, 0x77, 0x8b, 0x8c,
-        0x98, 0x03, 0xae, 0xe3, 0x28, 0x09, 0x1b, 0x58,
-        0xfa, 0xb3, 0x24, 0xe4, 0xfa, 0xd6, 0x75, 0x94,
-        0x55, 0x85, 0x80, 0x8b, 0x48, 0x31, 0xd7, 0xbc,
-        0x3f, 0xf4, 0xde, 0xf0, 0x8e, 0x4b, 0x7a, 0x9d,
-        0xe5, 0x76, 0xd2, 0x65, 0x86, 0xce, 0xc6, 0x4b,
-        0x61, 0x16
-    }
-};
-
-static const size_t test_input_len[1] =
-{
-    114U
-};
-
-static const unsigned char test_mac[1][16] =
-{
-    {
-        0x1a, 0xe1, 0x0b, 0x59, 0x4f, 0x09, 0xe2, 0x6a,
-        0x7e, 0x90, 0x2e, 0xcb, 0xd0, 0x60, 0x06, 0x91
-    }
-};
-
-/* Make sure no other definition is already present. */
-#undef ASSERT
-
-#define ASSERT( cond, args )            \
-    do                                  \
-    {                                   \
-        if( ! ( cond ) )                \
-        {                               \
-            if( verbose != 0 )          \
-                mbedtls_printf args;    \
-                                        \
-            return( -1 );               \
-        }                               \
-    }                                   \
-    while( 0 )
-
-int mbedtls_chachapoly_self_test( int verbose )
-{
-    mbedtls_chachapoly_context ctx;
-    unsigned i;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char output[200];
-    unsigned char mac[16];
-
-    for( i = 0U; i < 1U; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  ChaCha20-Poly1305 test %u ", i );
-
-        mbedtls_chachapoly_init( &ctx );
-
-        ret = mbedtls_chachapoly_setkey( &ctx, test_key[i] );
-        ASSERT( 0 == ret, ( "setkey() error code: %i\n", ret ) );
-
-        ret = mbedtls_chachapoly_encrypt_and_tag( &ctx,
-                                                  test_input_len[i],
-                                                  test_nonce[i],
-                                                  test_aad[i],
-                                                  test_aad_len[i],
-                                                  test_input[i],
-                                                  output,
-                                                  mac );
-
-        ASSERT( 0 == ret, ( "crypt_and_tag() error code: %i\n", ret ) );
-
-        ASSERT( 0 == memcmp( output, test_output[i], test_input_len[i] ),
-                ( "failure (wrong output)\n" ) );
-
-        ASSERT( 0 == memcmp( mac, test_mac[i], 16U ),
-                ( "failure (wrong MAC)\n" ) );
-
-        mbedtls_chachapoly_free( &ctx );
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-    return( 0 );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_CHACHAPOLY_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/check_crypto_config.h b/3rdparty/mbedtls-2.25.0/library/check_crypto_config.h
deleted file mode 100644
index cac90a0..0000000
--- a/3rdparty/mbedtls-2.25.0/library/check_crypto_config.h
+++ /dev/null
@@ -1,72 +0,0 @@
-/**
- * \file check_crypto_config.h
- *
- * \brief Consistency checks for PSA configuration options
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- * It is recommended to include this file from your crypto_config.h
- * in order to catch dependency issues early.
- */
-
-#ifndef MBEDTLS_CHECK_CRYPTO_CONFIG_H
-#define MBEDTLS_CHECK_CRYPTO_CONFIG_H
-
-#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) && \
-    !( defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \
-       defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) )
-#error "PSA_WANT_ALG_DETERMINISTIC_ECDSA defined, but not all prerequisites"
-#endif
-
-#if defined(PSA_WANT_ALG_ECDSA) && \
-    !( defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \
-       defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) )
-#error "PSA_WANT_ALG_ECDSA defined, but not all prerequisites"
-#endif
-
-#if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) && \
-    !( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
-       defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) )
-#error "PSA_WANT_ALG_RSA_PKCS1V15_CRYPT defined, but not all prerequisites"
-#endif
-
-#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) && \
-    !( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
-       defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) )
-#error "PSA_WANT_ALG_RSA_PKCS1V15_SIGN defined, but not all prerequisites"
-#endif
-
-#if defined(PSA_WANT_ALG_RSA_OAEP) && \
-    !( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
-       defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) )
-#error "PSA_WANT_ALG_RSA_OAEP defined, but not all prerequisites"
-#endif
-
-#if defined(PSA_WANT_ALG_RSA_PSS) && \
-    !( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
-       defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) )
-#error "PSA_WANT_ALG_RSA_PSS defined, but not all prerequisites"
-#endif
-
-#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) && \
-    !defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
-#error "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR defined, but not all prerequisites"
-#endif
-
-#endif /* MBEDTLS_CHECK_CRYPTO_CONFIG_H */
diff --git a/3rdparty/mbedtls-2.25.0/library/cipher.c b/3rdparty/mbedtls-2.25.0/library/cipher.c
deleted file mode 100644
index 457f8f6..0000000
--- a/3rdparty/mbedtls-2.25.0/library/cipher.c
+++ /dev/null
@@ -1,1633 +0,0 @@
-/**
- * \file cipher.c
- *
- * \brief Generic cipher wrapper for mbed TLS
- *
- * \author Adriaan de Jong <dejong@fox-it.com>
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_CIPHER_C)
-
-#include "mbedtls/cipher.h"
-#include "mbedtls/cipher_internal.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <stdlib.h>
-#include <string.h>
-
-#if defined(MBEDTLS_CHACHAPOLY_C)
-#include "mbedtls/chachapoly.h"
-#endif
-
-#if defined(MBEDTLS_GCM_C)
-#include "mbedtls/gcm.h"
-#endif
-
-#if defined(MBEDTLS_CCM_C)
-#include "mbedtls/ccm.h"
-#endif
-
-#if defined(MBEDTLS_CHACHA20_C)
-#include "mbedtls/chacha20.h"
-#endif
-
-#if defined(MBEDTLS_CMAC_C)
-#include "mbedtls/cmac.h"
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "psa/crypto.h"
-#include "mbedtls/psa_util.h"
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#if defined(MBEDTLS_NIST_KW_C)
-#include "mbedtls/nist_kw.h"
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#define mbedtls_calloc calloc
-#define mbedtls_free   free
-#endif
-
-#define CIPHER_VALIDATE_RET( cond )    \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA )
-#define CIPHER_VALIDATE( cond )        \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
-/* Compare the contents of two buffers in constant time.
- * Returns 0 if the contents are bitwise identical, otherwise returns
- * a non-zero value.
- * This is currently only used by GCM and ChaCha20+Poly1305.
- */
-static int mbedtls_constant_time_memcmp( const void *v1, const void *v2,
-                                         size_t len )
-{
-    const unsigned char *p1 = (const unsigned char*) v1;
-    const unsigned char *p2 = (const unsigned char*) v2;
-    size_t i;
-    unsigned char diff;
-
-    for( diff = 0, i = 0; i < len; i++ )
-        diff |= p1[i] ^ p2[i];
-
-    return( (int)diff );
-}
-#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
-
-static int supported_init = 0;
-
-const int *mbedtls_cipher_list( void )
-{
-    const mbedtls_cipher_definition_t *def;
-    int *type;
-
-    if( ! supported_init )
-    {
-        def = mbedtls_cipher_definitions;
-        type = mbedtls_cipher_supported;
-
-        while( def->type != 0 )
-            *type++ = (*def++).type;
-
-        *type = 0;
-
-        supported_init = 1;
-    }
-
-    return( mbedtls_cipher_supported );
-}
-
-const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type(
-    const mbedtls_cipher_type_t cipher_type )
-{
-    const mbedtls_cipher_definition_t *def;
-
-    for( def = mbedtls_cipher_definitions; def->info != NULL; def++ )
-        if( def->type == cipher_type )
-            return( def->info );
-
-    return( NULL );
-}
-
-const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string(
-    const char *cipher_name )
-{
-    const mbedtls_cipher_definition_t *def;
-
-    if( NULL == cipher_name )
-        return( NULL );
-
-    for( def = mbedtls_cipher_definitions; def->info != NULL; def++ )
-        if( !  strcmp( def->info->name, cipher_name ) )
-            return( def->info );
-
-    return( NULL );
-}
-
-const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values(
-    const mbedtls_cipher_id_t cipher_id,
-    int key_bitlen,
-    const mbedtls_cipher_mode_t mode )
-{
-    const mbedtls_cipher_definition_t *def;
-
-    for( def = mbedtls_cipher_definitions; def->info != NULL; def++ )
-        if( def->info->base->cipher == cipher_id &&
-            def->info->key_bitlen == (unsigned) key_bitlen &&
-            def->info->mode == mode )
-            return( def->info );
-
-    return( NULL );
-}
-
-void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx )
-{
-    CIPHER_VALIDATE( ctx != NULL );
-    memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
-}
-
-void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( ctx->psa_enabled == 1 )
-    {
-        if( ctx->cipher_ctx != NULL )
-        {
-            mbedtls_cipher_context_psa * const cipher_psa =
-                (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
-
-            if( cipher_psa->slot_state == MBEDTLS_CIPHER_PSA_KEY_OWNED )
-            {
-                /* xxx_free() doesn't allow to return failures. */
-                (void) psa_destroy_key( cipher_psa->slot );
-            }
-
-            mbedtls_platform_zeroize( cipher_psa, sizeof( *cipher_psa ) );
-            mbedtls_free( cipher_psa );
-        }
-
-        mbedtls_platform_zeroize( ctx, sizeof(mbedtls_cipher_context_t) );
-        return;
-    }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#if defined(MBEDTLS_CMAC_C)
-    if( ctx->cmac_ctx )
-    {
-       mbedtls_platform_zeroize( ctx->cmac_ctx,
-                                 sizeof( mbedtls_cmac_context_t ) );
-       mbedtls_free( ctx->cmac_ctx );
-    }
-#endif
-
-    if( ctx->cipher_ctx )
-        ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx );
-
-    mbedtls_platform_zeroize( ctx, sizeof(mbedtls_cipher_context_t) );
-}
-
-int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
-                          const mbedtls_cipher_info_t *cipher_info )
-{
-    CIPHER_VALIDATE_RET( ctx != NULL );
-    if( cipher_info == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
-
-    if( NULL == ( ctx->cipher_ctx = cipher_info->base->ctx_alloc_func() ) )
-        return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED );
-
-    ctx->cipher_info = cipher_info;
-
-#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
-    /*
-     * Ignore possible errors caused by a cipher mode that doesn't use padding
-     */
-#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
-    (void) mbedtls_cipher_set_padding_mode( ctx, MBEDTLS_PADDING_PKCS7 );
-#else
-    (void) mbedtls_cipher_set_padding_mode( ctx, MBEDTLS_PADDING_NONE );
-#endif
-#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
-                              const mbedtls_cipher_info_t *cipher_info,
-                              size_t taglen )
-{
-    psa_algorithm_t alg;
-    mbedtls_cipher_context_psa *cipher_psa;
-
-    if( NULL == cipher_info || NULL == ctx )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    /* Check that the underlying cipher mode and cipher type are
-     * supported by the underlying PSA Crypto implementation. */
-    alg = mbedtls_psa_translate_cipher_mode( cipher_info->mode, taglen );
-    if( alg == 0 )
-        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-    if( mbedtls_psa_translate_cipher_type( cipher_info->type ) == 0 )
-        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-
-    memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
-
-    cipher_psa = mbedtls_calloc( 1, sizeof(mbedtls_cipher_context_psa ) );
-    if( cipher_psa == NULL )
-        return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED );
-    cipher_psa->alg  = alg;
-    ctx->cipher_ctx  = cipher_psa;
-    ctx->cipher_info = cipher_info;
-    ctx->psa_enabled = 1;
-    return( 0 );
-}
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
-                           const unsigned char *key,
-                           int key_bitlen,
-                           const mbedtls_operation_t operation )
-{
-    CIPHER_VALIDATE_RET( ctx != NULL );
-    CIPHER_VALIDATE_RET( key != NULL );
-    CIPHER_VALIDATE_RET( operation == MBEDTLS_ENCRYPT ||
-                         operation == MBEDTLS_DECRYPT );
-    if( ctx->cipher_info == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( ctx->psa_enabled == 1 )
-    {
-        mbedtls_cipher_context_psa * const cipher_psa =
-            (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
-
-        size_t const key_bytelen = ( (size_t) key_bitlen + 7 ) / 8;
-
-        psa_status_t status;
-        psa_key_type_t key_type;
-        psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-        /* PSA Crypto API only accepts byte-aligned keys. */
-        if( key_bitlen % 8 != 0 )
-            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-        /* Don't allow keys to be set multiple times. */
-        if( cipher_psa->slot_state != MBEDTLS_CIPHER_PSA_KEY_UNSET )
-            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-        key_type = mbedtls_psa_translate_cipher_type(
-            ctx->cipher_info->type );
-        if( key_type == 0 )
-            return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-        psa_set_key_type( &attributes, key_type );
-
-        /* Mbed TLS' cipher layer doesn't enforce the mode of operation
-         * (encrypt vs. decrypt): it is possible to setup a key for encryption
-         * and use it for AEAD decryption. Until tests relying on this
-         * are changed, allow any usage in PSA. */
-        psa_set_key_usage_flags( &attributes,
-                                 /* mbedtls_psa_translate_cipher_operation( operation ); */
-                                 PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
-        psa_set_key_algorithm( &attributes, cipher_psa->alg );
-
-        status = psa_import_key( &attributes, key, key_bytelen,
-                                 &cipher_psa->slot );
-        switch( status )
-        {
-            case PSA_SUCCESS:
-                break;
-            case PSA_ERROR_INSUFFICIENT_MEMORY:
-                return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED );
-            case PSA_ERROR_NOT_SUPPORTED:
-                return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-            default:
-                return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
-        }
-        /* Indicate that we own the key slot and need to
-         * destroy it in mbedtls_cipher_free(). */
-        cipher_psa->slot_state = MBEDTLS_CIPHER_PSA_KEY_OWNED;
-
-        ctx->key_bitlen = key_bitlen;
-        ctx->operation = operation;
-        return( 0 );
-    }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-    if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN ) == 0 &&
-        (int) ctx->cipher_info->key_bitlen != key_bitlen )
-    {
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-    }
-
-    ctx->key_bitlen = key_bitlen;
-    ctx->operation = operation;
-
-    /*
-     * For OFB, CFB and CTR mode always use the encryption key schedule
-     */
-    if( MBEDTLS_ENCRYPT == operation ||
-        MBEDTLS_MODE_CFB == ctx->cipher_info->mode ||
-        MBEDTLS_MODE_OFB == ctx->cipher_info->mode ||
-        MBEDTLS_MODE_CTR == ctx->cipher_info->mode )
-    {
-        return( ctx->cipher_info->base->setkey_enc_func( ctx->cipher_ctx, key,
-                                                         ctx->key_bitlen ) );
-    }
-
-    if( MBEDTLS_DECRYPT == operation )
-        return( ctx->cipher_info->base->setkey_dec_func( ctx->cipher_ctx, key,
-                                                         ctx->key_bitlen ) );
-
-    return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-}
-
-int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
-                           const unsigned char *iv,
-                           size_t iv_len )
-{
-    size_t actual_iv_size;
-
-    CIPHER_VALIDATE_RET( ctx != NULL );
-    CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL );
-    if( ctx->cipher_info == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( ctx->psa_enabled == 1 )
-    {
-        /* While PSA Crypto has an API for multipart
-         * operations, we currently don't make it
-         * accessible through the cipher layer. */
-        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-    }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-    /* avoid buffer overflow in ctx->iv */
-    if( iv_len > MBEDTLS_MAX_IV_LENGTH )
-        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-
-    if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_IV_LEN ) != 0 )
-        actual_iv_size = iv_len;
-    else
-    {
-        actual_iv_size = ctx->cipher_info->iv_size;
-
-        /* avoid reading past the end of input buffer */
-        if( actual_iv_size > iv_len )
-            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-    }
-
-#if defined(MBEDTLS_CHACHA20_C)
-    if ( ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20 )
-    {
-        if ( 0 != mbedtls_chacha20_starts( (mbedtls_chacha20_context*)ctx->cipher_ctx,
-                                           iv,
-                                           0U ) ) /* Initial counter value */
-        {
-            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-        }
-    }
-#endif
-
-    if ( actual_iv_size != 0 )
-    {
-        memcpy( ctx->iv, iv, actual_iv_size );
-        ctx->iv_size = actual_iv_size;
-    }
-
-    return( 0 );
-}
-
-int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx )
-{
-    CIPHER_VALIDATE_RET( ctx != NULL );
-    if( ctx->cipher_info == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( ctx->psa_enabled == 1 )
-    {
-        /* We don't support resetting PSA-based
-         * cipher contexts, yet. */
-        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-    }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-    ctx->unprocessed_len = 0;
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
-int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
-                      const unsigned char *ad, size_t ad_len )
-{
-    CIPHER_VALIDATE_RET( ctx != NULL );
-    CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL );
-    if( ctx->cipher_info == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( ctx->psa_enabled == 1 )
-    {
-        /* While PSA Crypto has an API for multipart
-         * operations, we currently don't make it
-         * accessible through the cipher layer. */
-        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-    }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#if defined(MBEDTLS_GCM_C)
-    if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
-    {
-        return( mbedtls_gcm_starts( (mbedtls_gcm_context *) ctx->cipher_ctx, ctx->operation,
-                                    ctx->iv, ctx->iv_size, ad, ad_len ) );
-    }
-#endif
-
-#if defined(MBEDTLS_CHACHAPOLY_C)
-    if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
-    {
-        int result;
-        mbedtls_chachapoly_mode_t mode;
-
-        mode = ( ctx->operation == MBEDTLS_ENCRYPT )
-                ? MBEDTLS_CHACHAPOLY_ENCRYPT
-                : MBEDTLS_CHACHAPOLY_DECRYPT;
-
-        result = mbedtls_chachapoly_starts( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
-                                                        ctx->iv,
-                                                        mode );
-        if ( result != 0 )
-            return( result );
-
-        return( mbedtls_chachapoly_update_aad( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
-                                               ad, ad_len ) );
-    }
-#endif
-
-    return( 0 );
-}
-#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
-
-int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
-                   size_t ilen, unsigned char *output, size_t *olen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t block_size;
-
-    CIPHER_VALIDATE_RET( ctx != NULL );
-    CIPHER_VALIDATE_RET( ilen == 0 || input != NULL );
-    CIPHER_VALIDATE_RET( output != NULL );
-    CIPHER_VALIDATE_RET( olen != NULL );
-    if( ctx->cipher_info == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( ctx->psa_enabled == 1 )
-    {
-        /* While PSA Crypto has an API for multipart
-         * operations, we currently don't make it
-         * accessible through the cipher layer. */
-        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-    }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-    *olen = 0;
-    block_size = mbedtls_cipher_get_block_size( ctx );
-    if ( 0 == block_size )
-    {
-        return( MBEDTLS_ERR_CIPHER_INVALID_CONTEXT );
-    }
-
-    if( ctx->cipher_info->mode == MBEDTLS_MODE_ECB )
-    {
-        if( ilen != block_size )
-            return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
-
-        *olen = ilen;
-
-        if( 0 != ( ret = ctx->cipher_info->base->ecb_func( ctx->cipher_ctx,
-                    ctx->operation, input, output ) ) )
-        {
-            return( ret );
-        }
-
-        return( 0 );
-    }
-
-#if defined(MBEDTLS_GCM_C)
-    if( ctx->cipher_info->mode == MBEDTLS_MODE_GCM )
-    {
-        *olen = ilen;
-        return( mbedtls_gcm_update( (mbedtls_gcm_context *) ctx->cipher_ctx, ilen, input,
-                                    output ) );
-    }
-#endif
-
-#if defined(MBEDTLS_CHACHAPOLY_C)
-    if ( ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305 )
-    {
-        *olen = ilen;
-        return( mbedtls_chachapoly_update( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
-                                           ilen, input, output ) );
-    }
-#endif
-
-    if( input == output &&
-       ( ctx->unprocessed_len != 0 || ilen % block_size ) )
-    {
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-    }
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    if( ctx->cipher_info->mode == MBEDTLS_MODE_CBC )
-    {
-        size_t copy_len = 0;
-
-        /*
-         * If there is not enough data for a full block, cache it.
-         */
-        if( ( ctx->operation == MBEDTLS_DECRYPT && NULL != ctx->add_padding &&
-                ilen <= block_size - ctx->unprocessed_len ) ||
-            ( ctx->operation == MBEDTLS_DECRYPT && NULL == ctx->add_padding &&
-                ilen < block_size - ctx->unprocessed_len ) ||
-             ( ctx->operation == MBEDTLS_ENCRYPT &&
-                ilen < block_size - ctx->unprocessed_len ) )
-        {
-            memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
-                    ilen );
-
-            ctx->unprocessed_len += ilen;
-            return( 0 );
-        }
-
-        /*
-         * Process cached data first
-         */
-        if( 0 != ctx->unprocessed_len )
-        {
-            copy_len = block_size - ctx->unprocessed_len;
-
-            memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
-                    copy_len );
-
-            if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
-                    ctx->operation, block_size, ctx->iv,
-                    ctx->unprocessed_data, output ) ) )
-            {
-                return( ret );
-            }
-
-            *olen += block_size;
-            output += block_size;
-            ctx->unprocessed_len = 0;
-
-            input += copy_len;
-            ilen -= copy_len;
-        }
-
-        /*
-         * Cache final, incomplete block
-         */
-        if( 0 != ilen )
-        {
-            /* Encryption: only cache partial blocks
-             * Decryption w/ padding: always keep at least one whole block
-             * Decryption w/o padding: only cache partial blocks
-             */
-            copy_len = ilen % block_size;
-            if( copy_len == 0 &&
-                ctx->operation == MBEDTLS_DECRYPT &&
-                NULL != ctx->add_padding)
-            {
-                copy_len = block_size;
-            }
-
-            memcpy( ctx->unprocessed_data, &( input[ilen - copy_len] ),
-                    copy_len );
-
-            ctx->unprocessed_len += copy_len;
-            ilen -= copy_len;
-        }
-
-        /*
-         * Process remaining full blocks
-         */
-        if( ilen )
-        {
-            if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
-                    ctx->operation, ilen, ctx->iv, input, output ) ) )
-            {
-                return( ret );
-            }
-
-            *olen += ilen;
-        }
-
-        return( 0 );
-    }
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    if( ctx->cipher_info->mode == MBEDTLS_MODE_CFB )
-    {
-        if( 0 != ( ret = ctx->cipher_info->base->cfb_func( ctx->cipher_ctx,
-                ctx->operation, ilen, &ctx->unprocessed_len, ctx->iv,
-                input, output ) ) )
-        {
-            return( ret );
-        }
-
-        *olen = ilen;
-
-        return( 0 );
-    }
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    if( ctx->cipher_info->mode == MBEDTLS_MODE_OFB )
-    {
-        if( 0 != ( ret = ctx->cipher_info->base->ofb_func( ctx->cipher_ctx,
-                ilen, &ctx->unprocessed_len, ctx->iv, input, output ) ) )
-        {
-            return( ret );
-        }
-
-        *olen = ilen;
-
-        return( 0 );
-    }
-#endif /* MBEDTLS_CIPHER_MODE_OFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    if( ctx->cipher_info->mode == MBEDTLS_MODE_CTR )
-    {
-        if( 0 != ( ret = ctx->cipher_info->base->ctr_func( ctx->cipher_ctx,
-                ilen, &ctx->unprocessed_len, ctx->iv,
-                ctx->unprocessed_data, input, output ) ) )
-        {
-            return( ret );
-        }
-
-        *olen = ilen;
-
-        return( 0 );
-    }
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    if( ctx->cipher_info->mode == MBEDTLS_MODE_XTS )
-    {
-        if( ctx->unprocessed_len > 0 ) {
-            /* We can only process an entire data unit at a time. */
-            return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-        }
-
-        ret = ctx->cipher_info->base->xts_func( ctx->cipher_ctx,
-                ctx->operation, ilen, ctx->iv, input, output );
-        if( ret != 0 )
-        {
-            return( ret );
-        }
-
-        *olen = ilen;
-
-        return( 0 );
-    }
-#endif /* MBEDTLS_CIPHER_MODE_XTS */
-
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    if( ctx->cipher_info->mode == MBEDTLS_MODE_STREAM )
-    {
-        if( 0 != ( ret = ctx->cipher_info->base->stream_func( ctx->cipher_ctx,
-                                                    ilen, input, output ) ) )
-        {
-            return( ret );
-        }
-
-        *olen = ilen;
-
-        return( 0 );
-    }
-#endif /* MBEDTLS_CIPHER_MODE_STREAM */
-
-    return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-}
-
-#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
-#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
-/*
- * PKCS7 (and PKCS5) padding: fill with ll bytes, with ll = padding_len
- */
-static void add_pkcs_padding( unsigned char *output, size_t output_len,
-        size_t data_len )
-{
-    size_t padding_len = output_len - data_len;
-    unsigned char i;
-
-    for( i = 0; i < padding_len; i++ )
-        output[data_len + i] = (unsigned char) padding_len;
-}
-
-static int get_pkcs_padding( unsigned char *input, size_t input_len,
-        size_t *data_len )
-{
-    size_t i, pad_idx;
-    unsigned char padding_len, bad = 0;
-
-    if( NULL == input || NULL == data_len )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    padding_len = input[input_len - 1];
-    *data_len = input_len - padding_len;
-
-    /* Avoid logical || since it results in a branch */
-    bad |= padding_len > input_len;
-    bad |= padding_len == 0;
-
-    /* The number of bytes checked must be independent of padding_len,
-     * so pick input_len, which is usually 8 or 16 (one block) */
-    pad_idx = input_len - padding_len;
-    for( i = 0; i < input_len; i++ )
-        bad |= ( input[i] ^ padding_len ) * ( i >= pad_idx );
-
-    return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
-}
-#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */
-
-#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS)
-/*
- * One and zeros padding: fill with 80 00 ... 00
- */
-static void add_one_and_zeros_padding( unsigned char *output,
-                                       size_t output_len, size_t data_len )
-{
-    size_t padding_len = output_len - data_len;
-    unsigned char i = 0;
-
-    output[data_len] = 0x80;
-    for( i = 1; i < padding_len; i++ )
-        output[data_len + i] = 0x00;
-}
-
-static int get_one_and_zeros_padding( unsigned char *input, size_t input_len,
-                                      size_t *data_len )
-{
-    size_t i;
-    unsigned char done = 0, prev_done, bad;
-
-    if( NULL == input || NULL == data_len )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    bad = 0x80;
-    *data_len = 0;
-    for( i = input_len; i > 0; i-- )
-    {
-        prev_done = done;
-        done |= ( input[i - 1] != 0 );
-        *data_len |= ( i - 1 ) * ( done != prev_done );
-        bad ^= input[i - 1] * ( done != prev_done );
-    }
-
-    return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
-
-}
-#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */
-
-#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN)
-/*
- * Zeros and len padding: fill with 00 ... 00 ll, where ll is padding length
- */
-static void add_zeros_and_len_padding( unsigned char *output,
-                                       size_t output_len, size_t data_len )
-{
-    size_t padding_len = output_len - data_len;
-    unsigned char i = 0;
-
-    for( i = 1; i < padding_len; i++ )
-        output[data_len + i - 1] = 0x00;
-    output[output_len - 1] = (unsigned char) padding_len;
-}
-
-static int get_zeros_and_len_padding( unsigned char *input, size_t input_len,
-                                      size_t *data_len )
-{
-    size_t i, pad_idx;
-    unsigned char padding_len, bad = 0;
-
-    if( NULL == input || NULL == data_len )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    padding_len = input[input_len - 1];
-    *data_len = input_len - padding_len;
-
-    /* Avoid logical || since it results in a branch */
-    bad |= padding_len > input_len;
-    bad |= padding_len == 0;
-
-    /* The number of bytes checked must be independent of padding_len */
-    pad_idx = input_len - padding_len;
-    for( i = 0; i < input_len - 1; i++ )
-        bad |= input[i] * ( i >= pad_idx );
-
-    return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
-}
-#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */
-
-#if defined(MBEDTLS_CIPHER_PADDING_ZEROS)
-/*
- * Zero padding: fill with 00 ... 00
- */
-static void add_zeros_padding( unsigned char *output,
-                               size_t output_len, size_t data_len )
-{
-    size_t i;
-
-    for( i = data_len; i < output_len; i++ )
-        output[i] = 0x00;
-}
-
-static int get_zeros_padding( unsigned char *input, size_t input_len,
-                              size_t *data_len )
-{
-    size_t i;
-    unsigned char done = 0, prev_done;
-
-    if( NULL == input || NULL == data_len )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    *data_len = 0;
-    for( i = input_len; i > 0; i-- )
-    {
-        prev_done = done;
-        done |= ( input[i-1] != 0 );
-        *data_len |= i * ( done != prev_done );
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_PADDING_ZEROS */
-
-/*
- * No padding: don't pad :)
- *
- * There is no add_padding function (check for NULL in mbedtls_cipher_finish)
- * but a trivial get_padding function
- */
-static int get_no_padding( unsigned char *input, size_t input_len,
-                              size_t *data_len )
-{
-    if( NULL == input || NULL == data_len )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    *data_len = input_len;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
-
-int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
-                   unsigned char *output, size_t *olen )
-{
-    CIPHER_VALIDATE_RET( ctx != NULL );
-    CIPHER_VALIDATE_RET( output != NULL );
-    CIPHER_VALIDATE_RET( olen != NULL );
-    if( ctx->cipher_info == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( ctx->psa_enabled == 1 )
-    {
-        /* While PSA Crypto has an API for multipart
-         * operations, we currently don't make it
-         * accessible through the cipher layer. */
-        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-    }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-    *olen = 0;
-
-    if( MBEDTLS_MODE_CFB == ctx->cipher_info->mode ||
-        MBEDTLS_MODE_OFB == ctx->cipher_info->mode ||
-        MBEDTLS_MODE_CTR == ctx->cipher_info->mode ||
-        MBEDTLS_MODE_GCM == ctx->cipher_info->mode ||
-        MBEDTLS_MODE_XTS == ctx->cipher_info->mode ||
-        MBEDTLS_MODE_STREAM == ctx->cipher_info->mode )
-    {
-        return( 0 );
-    }
-
-    if ( ( MBEDTLS_CIPHER_CHACHA20          == ctx->cipher_info->type ) ||
-         ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type ) )
-    {
-        return( 0 );
-    }
-
-    if( MBEDTLS_MODE_ECB == ctx->cipher_info->mode )
-    {
-        if( ctx->unprocessed_len != 0 )
-            return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
-
-        return( 0 );
-    }
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    if( MBEDTLS_MODE_CBC == ctx->cipher_info->mode )
-    {
-        int ret = 0;
-
-        if( MBEDTLS_ENCRYPT == ctx->operation )
-        {
-            /* check for 'no padding' mode */
-            if( NULL == ctx->add_padding )
-            {
-                if( 0 != ctx->unprocessed_len )
-                    return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
-
-                return( 0 );
-            }
-
-            ctx->add_padding( ctx->unprocessed_data, mbedtls_cipher_get_iv_size( ctx ),
-                    ctx->unprocessed_len );
-        }
-        else if( mbedtls_cipher_get_block_size( ctx ) != ctx->unprocessed_len )
-        {
-            /*
-             * For decrypt operations, expect a full block,
-             * or an empty block if no padding
-             */
-            if( NULL == ctx->add_padding && 0 == ctx->unprocessed_len )
-                return( 0 );
-
-            return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
-        }
-
-        /* cipher block */
-        if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
-                ctx->operation, mbedtls_cipher_get_block_size( ctx ), ctx->iv,
-                ctx->unprocessed_data, output ) ) )
-        {
-            return( ret );
-        }
-
-        /* Set output size for decryption */
-        if( MBEDTLS_DECRYPT == ctx->operation )
-            return( ctx->get_padding( output, mbedtls_cipher_get_block_size( ctx ),
-                                      olen ) );
-
-        /* Set output size for encryption */
-        *olen = mbedtls_cipher_get_block_size( ctx );
-        return( 0 );
-    }
-#else
-    ((void) output);
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-    return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-}
-
-#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
-int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx,
-                                     mbedtls_cipher_padding_t mode )
-{
-    CIPHER_VALIDATE_RET( ctx != NULL );
-
-    if( NULL == ctx->cipher_info || MBEDTLS_MODE_CBC != ctx->cipher_info->mode )
-    {
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-    }
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( ctx->psa_enabled == 1 )
-    {
-        /* While PSA Crypto knows about CBC padding
-         * schemes, we currently don't make them
-         * accessible through the cipher layer. */
-        if( mode != MBEDTLS_PADDING_NONE )
-            return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-
-        return( 0 );
-    }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-    switch( mode )
-    {
-#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
-    case MBEDTLS_PADDING_PKCS7:
-        ctx->add_padding = add_pkcs_padding;
-        ctx->get_padding = get_pkcs_padding;
-        break;
-#endif
-#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS)
-    case MBEDTLS_PADDING_ONE_AND_ZEROS:
-        ctx->add_padding = add_one_and_zeros_padding;
-        ctx->get_padding = get_one_and_zeros_padding;
-        break;
-#endif
-#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN)
-    case MBEDTLS_PADDING_ZEROS_AND_LEN:
-        ctx->add_padding = add_zeros_and_len_padding;
-        ctx->get_padding = get_zeros_and_len_padding;
-        break;
-#endif
-#if defined(MBEDTLS_CIPHER_PADDING_ZEROS)
-    case MBEDTLS_PADDING_ZEROS:
-        ctx->add_padding = add_zeros_padding;
-        ctx->get_padding = get_zeros_padding;
-        break;
-#endif
-    case MBEDTLS_PADDING_NONE:
-        ctx->add_padding = NULL;
-        ctx->get_padding = get_no_padding;
-        break;
-
-    default:
-        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
-
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
-int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
-                      unsigned char *tag, size_t tag_len )
-{
-    CIPHER_VALIDATE_RET( ctx != NULL );
-    CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
-    if( ctx->cipher_info == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    if( MBEDTLS_ENCRYPT != ctx->operation )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( ctx->psa_enabled == 1 )
-    {
-        /* While PSA Crypto has an API for multipart
-         * operations, we currently don't make it
-         * accessible through the cipher layer. */
-        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-    }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#if defined(MBEDTLS_GCM_C)
-    if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
-        return( mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx,
-                                    tag, tag_len ) );
-#endif
-
-#if defined(MBEDTLS_CHACHAPOLY_C)
-    if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
-    {
-        /* Don't allow truncated MAC for Poly1305 */
-        if ( tag_len != 16U )
-            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-        return( mbedtls_chachapoly_finish(
-                    (mbedtls_chachapoly_context*) ctx->cipher_ctx, tag ) );
-    }
-#endif
-
-    return( 0 );
-}
-
-int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
-                      const unsigned char *tag, size_t tag_len )
-{
-    unsigned char check_tag[16];
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    CIPHER_VALIDATE_RET( ctx != NULL );
-    CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
-    if( ctx->cipher_info == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    if( MBEDTLS_DECRYPT != ctx->operation )
-    {
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-    }
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( ctx->psa_enabled == 1 )
-    {
-        /* While PSA Crypto has an API for multipart
-         * operations, we currently don't make it
-         * accessible through the cipher layer. */
-        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-    }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#if defined(MBEDTLS_GCM_C)
-    if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
-    {
-        if( tag_len > sizeof( check_tag ) )
-            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-        if( 0 != ( ret = mbedtls_gcm_finish(
-                       (mbedtls_gcm_context *) ctx->cipher_ctx,
-                       check_tag, tag_len ) ) )
-        {
-            return( ret );
-        }
-
-        /* Check the tag in "constant-time" */
-        if( mbedtls_constant_time_memcmp( tag, check_tag, tag_len ) != 0 )
-            return( MBEDTLS_ERR_CIPHER_AUTH_FAILED );
-
-        return( 0 );
-    }
-#endif /* MBEDTLS_GCM_C */
-
-#if defined(MBEDTLS_CHACHAPOLY_C)
-    if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
-    {
-        /* Don't allow truncated MAC for Poly1305 */
-        if ( tag_len != sizeof( check_tag ) )
-            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-        ret = mbedtls_chachapoly_finish(
-            (mbedtls_chachapoly_context*) ctx->cipher_ctx, check_tag );
-        if ( ret != 0 )
-        {
-            return( ret );
-        }
-
-        /* Check the tag in "constant-time" */
-        if( mbedtls_constant_time_memcmp( tag, check_tag, tag_len ) != 0 )
-            return( MBEDTLS_ERR_CIPHER_AUTH_FAILED );
-
-        return( 0 );
-    }
-#endif /* MBEDTLS_CHACHAPOLY_C */
-
-    return( 0 );
-}
-#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
-
-/*
- * Packet-oriented wrapper for non-AEAD modes
- */
-int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
-                  const unsigned char *iv, size_t iv_len,
-                  const unsigned char *input, size_t ilen,
-                  unsigned char *output, size_t *olen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t finish_olen;
-
-    CIPHER_VALIDATE_RET( ctx != NULL );
-    CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL );
-    CIPHER_VALIDATE_RET( ilen == 0 || input != NULL );
-    CIPHER_VALIDATE_RET( output != NULL );
-    CIPHER_VALIDATE_RET( olen != NULL );
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( ctx->psa_enabled == 1 )
-    {
-        /* As in the non-PSA case, we don't check that
-         * a key has been set. If not, the key slot will
-         * still be in its default state of 0, which is
-         * guaranteed to be invalid, hence the PSA-call
-         * below will gracefully fail. */
-        mbedtls_cipher_context_psa * const cipher_psa =
-            (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
-
-        psa_status_t status;
-        psa_cipher_operation_t cipher_op = PSA_CIPHER_OPERATION_INIT;
-        size_t part_len;
-
-        if( ctx->operation == MBEDTLS_DECRYPT )
-        {
-            status = psa_cipher_decrypt_setup( &cipher_op,
-                                               cipher_psa->slot,
-                                               cipher_psa->alg );
-        }
-        else if( ctx->operation == MBEDTLS_ENCRYPT )
-        {
-            status = psa_cipher_encrypt_setup( &cipher_op,
-                                               cipher_psa->slot,
-                                               cipher_psa->alg );
-        }
-        else
-            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-        /* In the following, we can immediately return on an error,
-         * because the PSA Crypto API guarantees that cipher operations
-         * are terminated by unsuccessful calls to psa_cipher_update(),
-         * and by any call to psa_cipher_finish(). */
-        if( status != PSA_SUCCESS )
-            return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
-
-        status = psa_cipher_set_iv( &cipher_op, iv, iv_len );
-        if( status != PSA_SUCCESS )
-            return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
-
-        status = psa_cipher_update( &cipher_op,
-                                    input, ilen,
-                                    output, ilen, olen );
-        if( status != PSA_SUCCESS )
-            return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
-
-        status = psa_cipher_finish( &cipher_op,
-                                    output + *olen, ilen - *olen,
-                                    &part_len );
-        if( status != PSA_SUCCESS )
-            return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
-
-        *olen += part_len;
-        return( 0 );
-    }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-    if( ( ret = mbedtls_cipher_set_iv( ctx, iv, iv_len ) ) != 0 )
-        return( ret );
-
-    if( ( ret = mbedtls_cipher_reset( ctx ) ) != 0 )
-        return( ret );
-
-    if( ( ret = mbedtls_cipher_update( ctx, input, ilen,
-                                       output, olen ) ) != 0 )
-        return( ret );
-
-    if( ( ret = mbedtls_cipher_finish( ctx, output + *olen,
-                                       &finish_olen ) ) != 0 )
-        return( ret );
-
-    *olen += finish_olen;
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_CIPHER_MODE_AEAD)
-/*
- * Packet-oriented encryption for AEAD modes: internal function shared by
- * mbedtls_cipher_auth_encrypt() and mbedtls_cipher_auth_encrypt_ext().
- */
-static int mbedtls_cipher_aead_encrypt( mbedtls_cipher_context_t *ctx,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *ad, size_t ad_len,
-                         const unsigned char *input, size_t ilen,
-                         unsigned char *output, size_t *olen,
-                         unsigned char *tag, size_t tag_len )
-{
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( ctx->psa_enabled == 1 )
-    {
-        /* As in the non-PSA case, we don't check that
-         * a key has been set. If not, the key slot will
-         * still be in its default state of 0, which is
-         * guaranteed to be invalid, hence the PSA-call
-         * below will gracefully fail. */
-        mbedtls_cipher_context_psa * const cipher_psa =
-            (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
-
-        psa_status_t status;
-
-        /* PSA Crypto API always writes the authentication tag
-         * at the end of the encrypted message. */
-        if( output == NULL || tag != output + ilen )
-            return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-
-        status = psa_aead_encrypt( cipher_psa->slot,
-                                   cipher_psa->alg,
-                                   iv, iv_len,
-                                   ad, ad_len,
-                                   input, ilen,
-                                   output, ilen + tag_len, olen );
-        if( status != PSA_SUCCESS )
-            return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
-
-        *olen -= tag_len;
-        return( 0 );
-    }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#if defined(MBEDTLS_GCM_C)
-    if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
-    {
-        *olen = ilen;
-        return( mbedtls_gcm_crypt_and_tag( ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT,
-                                           ilen, iv, iv_len, ad, ad_len,
-                                           input, output, tag_len, tag ) );
-    }
-#endif /* MBEDTLS_GCM_C */
-#if defined(MBEDTLS_CCM_C)
-    if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode )
-    {
-        *olen = ilen;
-        return( mbedtls_ccm_encrypt_and_tag( ctx->cipher_ctx, ilen,
-                                     iv, iv_len, ad, ad_len, input, output,
-                                     tag, tag_len ) );
-    }
-#endif /* MBEDTLS_CCM_C */
-#if defined(MBEDTLS_CHACHAPOLY_C)
-    if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
-    {
-        /* ChachaPoly has fixed length nonce and MAC (tag) */
-        if ( ( iv_len != ctx->cipher_info->iv_size ) ||
-             ( tag_len != 16U ) )
-        {
-            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-        }
-
-        *olen = ilen;
-        return( mbedtls_chachapoly_encrypt_and_tag( ctx->cipher_ctx,
-                                ilen, iv, ad, ad_len, input, output, tag ) );
-    }
-#endif /* MBEDTLS_CHACHAPOLY_C */
-
-    return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-}
-
-/*
- * Packet-oriented encryption for AEAD modes: internal function shared by
- * mbedtls_cipher_auth_encrypt() and mbedtls_cipher_auth_encrypt_ext().
- */
-static int mbedtls_cipher_aead_decrypt( mbedtls_cipher_context_t *ctx,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *ad, size_t ad_len,
-                         const unsigned char *input, size_t ilen,
-                         unsigned char *output, size_t *olen,
-                         const unsigned char *tag, size_t tag_len )
-{
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( ctx->psa_enabled == 1 )
-    {
-        /* As in the non-PSA case, we don't check that
-         * a key has been set. If not, the key slot will
-         * still be in its default state of 0, which is
-         * guaranteed to be invalid, hence the PSA-call
-         * below will gracefully fail. */
-        mbedtls_cipher_context_psa * const cipher_psa =
-            (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
-
-        psa_status_t status;
-
-        /* PSA Crypto API always writes the authentication tag
-         * at the end of the encrypted message. */
-        if( input == NULL || tag != input + ilen )
-            return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-
-        status = psa_aead_decrypt( cipher_psa->slot,
-                                   cipher_psa->alg,
-                                   iv, iv_len,
-                                   ad, ad_len,
-                                   input, ilen + tag_len,
-                                   output, ilen, olen );
-        if( status == PSA_ERROR_INVALID_SIGNATURE )
-            return( MBEDTLS_ERR_CIPHER_AUTH_FAILED );
-        else if( status != PSA_SUCCESS )
-            return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
-
-        return( 0 );
-    }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#if defined(MBEDTLS_GCM_C)
-    if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
-    {
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-        *olen = ilen;
-        ret = mbedtls_gcm_auth_decrypt( ctx->cipher_ctx, ilen,
-                                iv, iv_len, ad, ad_len,
-                                tag, tag_len, input, output );
-
-        if( ret == MBEDTLS_ERR_GCM_AUTH_FAILED )
-            ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
-
-        return( ret );
-    }
-#endif /* MBEDTLS_GCM_C */
-#if defined(MBEDTLS_CCM_C)
-    if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode )
-    {
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-        *olen = ilen;
-        ret = mbedtls_ccm_auth_decrypt( ctx->cipher_ctx, ilen,
-                                iv, iv_len, ad, ad_len,
-                                input, output, tag, tag_len );
-
-        if( ret == MBEDTLS_ERR_CCM_AUTH_FAILED )
-            ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
-
-        return( ret );
-    }
-#endif /* MBEDTLS_CCM_C */
-#if defined(MBEDTLS_CHACHAPOLY_C)
-    if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
-    {
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-        /* ChachaPoly has fixed length nonce and MAC (tag) */
-        if ( ( iv_len != ctx->cipher_info->iv_size ) ||
-             ( tag_len != 16U ) )
-        {
-            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-        }
-
-        *olen = ilen;
-        ret = mbedtls_chachapoly_auth_decrypt( ctx->cipher_ctx, ilen,
-                                iv, ad, ad_len, tag, input, output );
-
-        if( ret == MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED )
-            ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
-
-        return( ret );
-    }
-#endif /* MBEDTLS_CHACHAPOLY_C */
-
-    return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-/*
- * Packet-oriented encryption for AEAD modes: public legacy function.
- */
-int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *ad, size_t ad_len,
-                         const unsigned char *input, size_t ilen,
-                         unsigned char *output, size_t *olen,
-                         unsigned char *tag, size_t tag_len )
-{
-    CIPHER_VALIDATE_RET( ctx != NULL );
-    CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL );
-    CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL );
-    CIPHER_VALIDATE_RET( ilen == 0 || input != NULL );
-    CIPHER_VALIDATE_RET( ilen == 0 || output != NULL );
-    CIPHER_VALIDATE_RET( olen != NULL );
-    CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
-
-    return( mbedtls_cipher_aead_encrypt( ctx, iv, iv_len, ad, ad_len,
-                                         input, ilen, output, olen,
-                                         tag, tag_len ) );
-}
-
-/*
- * Packet-oriented decryption for AEAD modes: public legacy function.
- */
-int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *ad, size_t ad_len,
-                         const unsigned char *input, size_t ilen,
-                         unsigned char *output, size_t *olen,
-                         const unsigned char *tag, size_t tag_len )
-{
-    CIPHER_VALIDATE_RET( ctx != NULL );
-    CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL );
-    CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL );
-    CIPHER_VALIDATE_RET( ilen == 0 || input != NULL );
-    CIPHER_VALIDATE_RET( ilen == 0 || output != NULL );
-    CIPHER_VALIDATE_RET( olen != NULL );
-    CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
-
-    return( mbedtls_cipher_aead_decrypt( ctx, iv, iv_len, ad, ad_len,
-                                         input, ilen, output, olen,
-                                         tag, tag_len ) );
-}
-#endif /* !MBEDTLS_DEPRECATED_REMOVED */
-#endif /* MBEDTLS_CIPHER_MODE_AEAD */
-
-#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
-/*
- * Packet-oriented encryption for AEAD/NIST_KW: public function.
- */
-int mbedtls_cipher_auth_encrypt_ext( mbedtls_cipher_context_t *ctx,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *ad, size_t ad_len,
-                         const unsigned char *input, size_t ilen,
-                         unsigned char *output, size_t output_len,
-                         size_t *olen, size_t tag_len )
-{
-    CIPHER_VALIDATE_RET( ctx != NULL );
-    CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL );
-    CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL );
-    CIPHER_VALIDATE_RET( ilen == 0 || input != NULL );
-    CIPHER_VALIDATE_RET( output != NULL );
-    CIPHER_VALIDATE_RET( olen != NULL );
-
-#if defined(MBEDTLS_NIST_KW_C)
-    if(
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-        ctx->psa_enabled == 0 &&
-#endif
-        ( MBEDTLS_MODE_KW == ctx->cipher_info->mode ||
-          MBEDTLS_MODE_KWP == ctx->cipher_info->mode ) )
-    {
-        mbedtls_nist_kw_mode_t mode = ( MBEDTLS_MODE_KW == ctx->cipher_info->mode ) ?
-                                        MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP;
-
-        /* There is no iv, tag or ad associated with KW and KWP,
-         * so these length should be 0 as documented. */
-        if( iv_len != 0 || tag_len != 0 || ad_len != 0 )
-            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-        (void) iv;
-        (void) ad;
-
-        return( mbedtls_nist_kw_wrap( ctx->cipher_ctx, mode, input, ilen,
-                                      output, olen, output_len ) );
-    }
-#endif /* MBEDTLS_NIST_KW_C */
-
-#if defined(MBEDTLS_CIPHER_MODE_AEAD)
-    /* AEAD case: check length before passing on to shared function */
-    if( output_len < ilen + tag_len )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    int ret = mbedtls_cipher_aead_encrypt( ctx, iv, iv_len, ad, ad_len,
-                                       input, ilen, output, olen,
-                                       output + ilen, tag_len );
-    *olen += tag_len;
-    return( ret );
-#else
-    return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-#endif /* MBEDTLS_CIPHER_MODE_AEAD */
-}
-
-/*
- * Packet-oriented decryption for AEAD/NIST_KW: public function.
- */
-int mbedtls_cipher_auth_decrypt_ext( mbedtls_cipher_context_t *ctx,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *ad, size_t ad_len,
-                         const unsigned char *input, size_t ilen,
-                         unsigned char *output, size_t output_len,
-                         size_t *olen, size_t tag_len )
-{
-    CIPHER_VALIDATE_RET( ctx != NULL );
-    CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL );
-    CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL );
-    CIPHER_VALIDATE_RET( ilen == 0 || input != NULL );
-    CIPHER_VALIDATE_RET( output_len == 0 || output != NULL );
-    CIPHER_VALIDATE_RET( olen != NULL );
-
-#if defined(MBEDTLS_NIST_KW_C)
-    if(
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-        ctx->psa_enabled == 0 &&
-#endif
-        ( MBEDTLS_MODE_KW == ctx->cipher_info->mode ||
-          MBEDTLS_MODE_KWP == ctx->cipher_info->mode ) )
-    {
-        mbedtls_nist_kw_mode_t mode = ( MBEDTLS_MODE_KW == ctx->cipher_info->mode ) ?
-                                        MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP;
-
-        /* There is no iv, tag or ad associated with KW and KWP,
-         * so these length should be 0 as documented. */
-        if( iv_len != 0 || tag_len != 0 || ad_len != 0 )
-            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-        (void) iv;
-        (void) ad;
-
-        return( mbedtls_nist_kw_unwrap( ctx->cipher_ctx, mode, input, ilen,
-                                        output, olen, output_len ) );
-    }
-#endif /* MBEDTLS_NIST_KW_C */
-
-#if defined(MBEDTLS_CIPHER_MODE_AEAD)
-    /* AEAD case: check length before passing on to shared function */
-    if( ilen < tag_len || output_len < ilen - tag_len )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    return( mbedtls_cipher_aead_decrypt( ctx, iv, iv_len, ad, ad_len,
-                                         input, ilen - tag_len, output, olen,
-                                         input + ilen - tag_len, tag_len ) );
-#else
-    return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-#endif /* MBEDTLS_CIPHER_MODE_AEAD */
-}
-#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */
-
-#endif /* MBEDTLS_CIPHER_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/cipher_wrap.c b/3rdparty/mbedtls-2.25.0/library/cipher_wrap.c
deleted file mode 100644
index 57eb3cb..0000000
--- a/3rdparty/mbedtls-2.25.0/library/cipher_wrap.c
+++ /dev/null
@@ -1,2406 +0,0 @@
-/**
- * \file cipher_wrap.c
- *
- * \brief Generic cipher wrapper for mbed TLS
- *
- * \author Adriaan de Jong <dejong@fox-it.com>
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_CIPHER_C)
-
-#include "mbedtls/cipher_internal.h"
-#include "mbedtls/error.h"
-
-#if defined(MBEDTLS_CHACHAPOLY_C)
-#include "mbedtls/chachapoly.h"
-#endif
-
-#if defined(MBEDTLS_AES_C)
-#include "mbedtls/aes.h"
-#endif
-
-#if defined(MBEDTLS_ARC4_C)
-#include "mbedtls/arc4.h"
-#endif
-
-#if defined(MBEDTLS_CAMELLIA_C)
-#include "mbedtls/camellia.h"
-#endif
-
-#if defined(MBEDTLS_ARIA_C)
-#include "mbedtls/aria.h"
-#endif
-
-#if defined(MBEDTLS_DES_C)
-#include "mbedtls/des.h"
-#endif
-
-#if defined(MBEDTLS_BLOWFISH_C)
-#include "mbedtls/blowfish.h"
-#endif
-
-#if defined(MBEDTLS_CHACHA20_C)
-#include "mbedtls/chacha20.h"
-#endif
-
-#if defined(MBEDTLS_GCM_C)
-#include "mbedtls/gcm.h"
-#endif
-
-#if defined(MBEDTLS_CCM_C)
-#include "mbedtls/ccm.h"
-#endif
-
-#if defined(MBEDTLS_NIST_KW_C)
-#include "mbedtls/nist_kw.h"
-#endif
-
-#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
-#include <string.h>
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc    calloc
-#define mbedtls_free       free
-#endif
-
-#if defined(MBEDTLS_GCM_C)
-/* shared by all GCM ciphers */
-static void *gcm_ctx_alloc( void )
-{
-    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_gcm_context ) );
-
-    if( ctx != NULL )
-        mbedtls_gcm_init( (mbedtls_gcm_context *) ctx );
-
-    return( ctx );
-}
-
-static void gcm_ctx_free( void *ctx )
-{
-    mbedtls_gcm_free( ctx );
-    mbedtls_free( ctx );
-}
-#endif /* MBEDTLS_GCM_C */
-
-#if defined(MBEDTLS_CCM_C)
-/* shared by all CCM ciphers */
-static void *ccm_ctx_alloc( void )
-{
-    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ccm_context ) );
-
-    if( ctx != NULL )
-        mbedtls_ccm_init( (mbedtls_ccm_context *) ctx );
-
-    return( ctx );
-}
-
-static void ccm_ctx_free( void *ctx )
-{
-    mbedtls_ccm_free( ctx );
-    mbedtls_free( ctx );
-}
-#endif /* MBEDTLS_CCM_C */
-
-#if defined(MBEDTLS_AES_C)
-
-static int aes_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation,
-        const unsigned char *input, unsigned char *output )
-{
-    return mbedtls_aes_crypt_ecb( (mbedtls_aes_context *) ctx, operation, input, output );
-}
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-static int aes_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length,
-        unsigned char *iv, const unsigned char *input, unsigned char *output )
-{
-    return mbedtls_aes_crypt_cbc( (mbedtls_aes_context *) ctx, operation, length, iv, input,
-                          output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-static int aes_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation,
-        size_t length, size_t *iv_off, unsigned char *iv,
-        const unsigned char *input, unsigned char *output )
-{
-    return mbedtls_aes_crypt_cfb128( (mbedtls_aes_context *) ctx, operation, length, iv_off, iv,
-                             input, output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-static int aes_crypt_ofb_wrap( void *ctx, size_t length, size_t *iv_off,
-        unsigned char *iv, const unsigned char *input, unsigned char *output )
-{
-    return mbedtls_aes_crypt_ofb( (mbedtls_aes_context *) ctx, length, iv_off,
-                                    iv, input, output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_OFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-static int aes_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off,
-        unsigned char *nonce_counter, unsigned char *stream_block,
-        const unsigned char *input, unsigned char *output )
-{
-    return mbedtls_aes_crypt_ctr( (mbedtls_aes_context *) ctx, length, nc_off, nonce_counter,
-                          stream_block, input, output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-static int aes_crypt_xts_wrap( void *ctx, mbedtls_operation_t operation,
-                               size_t length,
-                               const unsigned char data_unit[16],
-                               const unsigned char *input,
-                               unsigned char *output )
-{
-    mbedtls_aes_xts_context *xts_ctx = ctx;
-    int mode;
-
-    switch( operation )
-    {
-        case MBEDTLS_ENCRYPT:
-            mode = MBEDTLS_AES_ENCRYPT;
-            break;
-        case MBEDTLS_DECRYPT:
-            mode = MBEDTLS_AES_DECRYPT;
-            break;
-        default:
-            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
-    }
-
-    return mbedtls_aes_crypt_xts( xts_ctx, mode, length,
-                                  data_unit, input, output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_XTS */
-
-static int aes_setkey_dec_wrap( void *ctx, const unsigned char *key,
-                                unsigned int key_bitlen )
-{
-    return mbedtls_aes_setkey_dec( (mbedtls_aes_context *) ctx, key, key_bitlen );
-}
-
-static int aes_setkey_enc_wrap( void *ctx, const unsigned char *key,
-                                unsigned int key_bitlen )
-{
-    return mbedtls_aes_setkey_enc( (mbedtls_aes_context *) ctx, key, key_bitlen );
-}
-
-static void * aes_ctx_alloc( void )
-{
-    mbedtls_aes_context *aes = mbedtls_calloc( 1, sizeof( mbedtls_aes_context ) );
-
-    if( aes == NULL )
-        return( NULL );
-
-    mbedtls_aes_init( aes );
-
-    return( aes );
-}
-
-static void aes_ctx_free( void *ctx )
-{
-    mbedtls_aes_free( (mbedtls_aes_context *) ctx );
-    mbedtls_free( ctx );
-}
-
-static const mbedtls_cipher_base_t aes_info = {
-    MBEDTLS_CIPHER_ID_AES,
-    aes_crypt_ecb_wrap,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    aes_crypt_cbc_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    aes_crypt_cfb128_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    aes_crypt_ofb_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    aes_crypt_ctr_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    NULL,
-#endif
-    aes_setkey_enc_wrap,
-    aes_setkey_dec_wrap,
-    aes_ctx_alloc,
-    aes_ctx_free
-};
-
-static const mbedtls_cipher_info_t aes_128_ecb_info = {
-    MBEDTLS_CIPHER_AES_128_ECB,
-    MBEDTLS_MODE_ECB,
-    128,
-    "AES-128-ECB",
-    0,
-    0,
-    16,
-    &aes_info
-};
-
-static const mbedtls_cipher_info_t aes_192_ecb_info = {
-    MBEDTLS_CIPHER_AES_192_ECB,
-    MBEDTLS_MODE_ECB,
-    192,
-    "AES-192-ECB",
-    0,
-    0,
-    16,
-    &aes_info
-};
-
-static const mbedtls_cipher_info_t aes_256_ecb_info = {
-    MBEDTLS_CIPHER_AES_256_ECB,
-    MBEDTLS_MODE_ECB,
-    256,
-    "AES-256-ECB",
-    0,
-    0,
-    16,
-    &aes_info
-};
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-static const mbedtls_cipher_info_t aes_128_cbc_info = {
-    MBEDTLS_CIPHER_AES_128_CBC,
-    MBEDTLS_MODE_CBC,
-    128,
-    "AES-128-CBC",
-    16,
-    0,
-    16,
-    &aes_info
-};
-
-static const mbedtls_cipher_info_t aes_192_cbc_info = {
-    MBEDTLS_CIPHER_AES_192_CBC,
-    MBEDTLS_MODE_CBC,
-    192,
-    "AES-192-CBC",
-    16,
-    0,
-    16,
-    &aes_info
-};
-
-static const mbedtls_cipher_info_t aes_256_cbc_info = {
-    MBEDTLS_CIPHER_AES_256_CBC,
-    MBEDTLS_MODE_CBC,
-    256,
-    "AES-256-CBC",
-    16,
-    0,
-    16,
-    &aes_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-static const mbedtls_cipher_info_t aes_128_cfb128_info = {
-    MBEDTLS_CIPHER_AES_128_CFB128,
-    MBEDTLS_MODE_CFB,
-    128,
-    "AES-128-CFB128",
-    16,
-    0,
-    16,
-    &aes_info
-};
-
-static const mbedtls_cipher_info_t aes_192_cfb128_info = {
-    MBEDTLS_CIPHER_AES_192_CFB128,
-    MBEDTLS_MODE_CFB,
-    192,
-    "AES-192-CFB128",
-    16,
-    0,
-    16,
-    &aes_info
-};
-
-static const mbedtls_cipher_info_t aes_256_cfb128_info = {
-    MBEDTLS_CIPHER_AES_256_CFB128,
-    MBEDTLS_MODE_CFB,
-    256,
-    "AES-256-CFB128",
-    16,
-    0,
-    16,
-    &aes_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-static const mbedtls_cipher_info_t aes_128_ofb_info = {
-    MBEDTLS_CIPHER_AES_128_OFB,
-    MBEDTLS_MODE_OFB,
-    128,
-    "AES-128-OFB",
-    16,
-    0,
-    16,
-    &aes_info
-};
-
-static const mbedtls_cipher_info_t aes_192_ofb_info = {
-    MBEDTLS_CIPHER_AES_192_OFB,
-    MBEDTLS_MODE_OFB,
-    192,
-    "AES-192-OFB",
-    16,
-    0,
-    16,
-    &aes_info
-};
-
-static const mbedtls_cipher_info_t aes_256_ofb_info = {
-    MBEDTLS_CIPHER_AES_256_OFB,
-    MBEDTLS_MODE_OFB,
-    256,
-    "AES-256-OFB",
-    16,
-    0,
-    16,
-    &aes_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_OFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-static const mbedtls_cipher_info_t aes_128_ctr_info = {
-    MBEDTLS_CIPHER_AES_128_CTR,
-    MBEDTLS_MODE_CTR,
-    128,
-    "AES-128-CTR",
-    16,
-    0,
-    16,
-    &aes_info
-};
-
-static const mbedtls_cipher_info_t aes_192_ctr_info = {
-    MBEDTLS_CIPHER_AES_192_CTR,
-    MBEDTLS_MODE_CTR,
-    192,
-    "AES-192-CTR",
-    16,
-    0,
-    16,
-    &aes_info
-};
-
-static const mbedtls_cipher_info_t aes_256_ctr_info = {
-    MBEDTLS_CIPHER_AES_256_CTR,
-    MBEDTLS_MODE_CTR,
-    256,
-    "AES-256-CTR",
-    16,
-    0,
-    16,
-    &aes_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-static int xts_aes_setkey_enc_wrap( void *ctx, const unsigned char *key,
-                                    unsigned int key_bitlen )
-{
-    mbedtls_aes_xts_context *xts_ctx = ctx;
-    return( mbedtls_aes_xts_setkey_enc( xts_ctx, key, key_bitlen ) );
-}
-
-static int xts_aes_setkey_dec_wrap( void *ctx, const unsigned char *key,
-                                    unsigned int key_bitlen )
-{
-    mbedtls_aes_xts_context *xts_ctx = ctx;
-    return( mbedtls_aes_xts_setkey_dec( xts_ctx, key, key_bitlen ) );
-}
-
-static void *xts_aes_ctx_alloc( void )
-{
-    mbedtls_aes_xts_context *xts_ctx = mbedtls_calloc( 1, sizeof( *xts_ctx ) );
-
-    if( xts_ctx != NULL )
-        mbedtls_aes_xts_init( xts_ctx );
-
-    return( xts_ctx );
-}
-
-static void xts_aes_ctx_free( void *ctx )
-{
-    mbedtls_aes_xts_context *xts_ctx = ctx;
-
-    if( xts_ctx == NULL )
-        return;
-
-    mbedtls_aes_xts_free( xts_ctx );
-    mbedtls_free( xts_ctx );
-}
-
-static const mbedtls_cipher_base_t xts_aes_info = {
-    MBEDTLS_CIPHER_ID_AES,
-    NULL,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    aes_crypt_xts_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    NULL,
-#endif
-    xts_aes_setkey_enc_wrap,
-    xts_aes_setkey_dec_wrap,
-    xts_aes_ctx_alloc,
-    xts_aes_ctx_free
-};
-
-static const mbedtls_cipher_info_t aes_128_xts_info = {
-    MBEDTLS_CIPHER_AES_128_XTS,
-    MBEDTLS_MODE_XTS,
-    256,
-    "AES-128-XTS",
-    16,
-    0,
-    16,
-    &xts_aes_info
-};
-
-static const mbedtls_cipher_info_t aes_256_xts_info = {
-    MBEDTLS_CIPHER_AES_256_XTS,
-    MBEDTLS_MODE_XTS,
-    512,
-    "AES-256-XTS",
-    16,
-    0,
-    16,
-    &xts_aes_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_XTS */
-
-#if defined(MBEDTLS_GCM_C)
-static int gcm_aes_setkey_wrap( void *ctx, const unsigned char *key,
-                                unsigned int key_bitlen )
-{
-    return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES,
-                     key, key_bitlen );
-}
-
-static const mbedtls_cipher_base_t gcm_aes_info = {
-    MBEDTLS_CIPHER_ID_AES,
-    NULL,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    NULL,
-#endif
-    gcm_aes_setkey_wrap,
-    gcm_aes_setkey_wrap,
-    gcm_ctx_alloc,
-    gcm_ctx_free,
-};
-
-static const mbedtls_cipher_info_t aes_128_gcm_info = {
-    MBEDTLS_CIPHER_AES_128_GCM,
-    MBEDTLS_MODE_GCM,
-    128,
-    "AES-128-GCM",
-    12,
-    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
-    16,
-    &gcm_aes_info
-};
-
-static const mbedtls_cipher_info_t aes_192_gcm_info = {
-    MBEDTLS_CIPHER_AES_192_GCM,
-    MBEDTLS_MODE_GCM,
-    192,
-    "AES-192-GCM",
-    12,
-    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
-    16,
-    &gcm_aes_info
-};
-
-static const mbedtls_cipher_info_t aes_256_gcm_info = {
-    MBEDTLS_CIPHER_AES_256_GCM,
-    MBEDTLS_MODE_GCM,
-    256,
-    "AES-256-GCM",
-    12,
-    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
-    16,
-    &gcm_aes_info
-};
-#endif /* MBEDTLS_GCM_C */
-
-#if defined(MBEDTLS_CCM_C)
-static int ccm_aes_setkey_wrap( void *ctx, const unsigned char *key,
-                                unsigned int key_bitlen )
-{
-    return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_AES,
-                     key, key_bitlen );
-}
-
-static const mbedtls_cipher_base_t ccm_aes_info = {
-    MBEDTLS_CIPHER_ID_AES,
-    NULL,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    NULL,
-#endif
-    ccm_aes_setkey_wrap,
-    ccm_aes_setkey_wrap,
-    ccm_ctx_alloc,
-    ccm_ctx_free,
-};
-
-static const mbedtls_cipher_info_t aes_128_ccm_info = {
-    MBEDTLS_CIPHER_AES_128_CCM,
-    MBEDTLS_MODE_CCM,
-    128,
-    "AES-128-CCM",
-    12,
-    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
-    16,
-    &ccm_aes_info
-};
-
-static const mbedtls_cipher_info_t aes_192_ccm_info = {
-    MBEDTLS_CIPHER_AES_192_CCM,
-    MBEDTLS_MODE_CCM,
-    192,
-    "AES-192-CCM",
-    12,
-    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
-    16,
-    &ccm_aes_info
-};
-
-static const mbedtls_cipher_info_t aes_256_ccm_info = {
-    MBEDTLS_CIPHER_AES_256_CCM,
-    MBEDTLS_MODE_CCM,
-    256,
-    "AES-256-CCM",
-    12,
-    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
-    16,
-    &ccm_aes_info
-};
-#endif /* MBEDTLS_CCM_C */
-
-#endif /* MBEDTLS_AES_C */
-
-#if defined(MBEDTLS_CAMELLIA_C)
-
-static int camellia_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation,
-        const unsigned char *input, unsigned char *output )
-{
-    return mbedtls_camellia_crypt_ecb( (mbedtls_camellia_context *) ctx, operation, input,
-                               output );
-}
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-static int camellia_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation,
-        size_t length, unsigned char *iv,
-        const unsigned char *input, unsigned char *output )
-{
-    return mbedtls_camellia_crypt_cbc( (mbedtls_camellia_context *) ctx, operation, length, iv,
-                               input, output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-static int camellia_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation,
-        size_t length, size_t *iv_off, unsigned char *iv,
-        const unsigned char *input, unsigned char *output )
-{
-    return mbedtls_camellia_crypt_cfb128( (mbedtls_camellia_context *) ctx, operation, length,
-                                  iv_off, iv, input, output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-static int camellia_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off,
-        unsigned char *nonce_counter, unsigned char *stream_block,
-        const unsigned char *input, unsigned char *output )
-{
-    return mbedtls_camellia_crypt_ctr( (mbedtls_camellia_context *) ctx, length, nc_off,
-                               nonce_counter, stream_block, input, output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-static int camellia_setkey_dec_wrap( void *ctx, const unsigned char *key,
-                                     unsigned int key_bitlen )
-{
-    return mbedtls_camellia_setkey_dec( (mbedtls_camellia_context *) ctx, key, key_bitlen );
-}
-
-static int camellia_setkey_enc_wrap( void *ctx, const unsigned char *key,
-                                     unsigned int key_bitlen )
-{
-    return mbedtls_camellia_setkey_enc( (mbedtls_camellia_context *) ctx, key, key_bitlen );
-}
-
-static void * camellia_ctx_alloc( void )
-{
-    mbedtls_camellia_context *ctx;
-    ctx = mbedtls_calloc( 1, sizeof( mbedtls_camellia_context ) );
-
-    if( ctx == NULL )
-        return( NULL );
-
-    mbedtls_camellia_init( ctx );
-
-    return( ctx );
-}
-
-static void camellia_ctx_free( void *ctx )
-{
-    mbedtls_camellia_free( (mbedtls_camellia_context *) ctx );
-    mbedtls_free( ctx );
-}
-
-static const mbedtls_cipher_base_t camellia_info = {
-    MBEDTLS_CIPHER_ID_CAMELLIA,
-    camellia_crypt_ecb_wrap,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    camellia_crypt_cbc_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    camellia_crypt_cfb128_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    camellia_crypt_ctr_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    NULL,
-#endif
-    camellia_setkey_enc_wrap,
-    camellia_setkey_dec_wrap,
-    camellia_ctx_alloc,
-    camellia_ctx_free
-};
-
-static const mbedtls_cipher_info_t camellia_128_ecb_info = {
-    MBEDTLS_CIPHER_CAMELLIA_128_ECB,
-    MBEDTLS_MODE_ECB,
-    128,
-    "CAMELLIA-128-ECB",
-    0,
-    0,
-    16,
-    &camellia_info
-};
-
-static const mbedtls_cipher_info_t camellia_192_ecb_info = {
-    MBEDTLS_CIPHER_CAMELLIA_192_ECB,
-    MBEDTLS_MODE_ECB,
-    192,
-    "CAMELLIA-192-ECB",
-    0,
-    0,
-    16,
-    &camellia_info
-};
-
-static const mbedtls_cipher_info_t camellia_256_ecb_info = {
-    MBEDTLS_CIPHER_CAMELLIA_256_ECB,
-    MBEDTLS_MODE_ECB,
-    256,
-    "CAMELLIA-256-ECB",
-    0,
-    0,
-    16,
-    &camellia_info
-};
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-static const mbedtls_cipher_info_t camellia_128_cbc_info = {
-    MBEDTLS_CIPHER_CAMELLIA_128_CBC,
-    MBEDTLS_MODE_CBC,
-    128,
-    "CAMELLIA-128-CBC",
-    16,
-    0,
-    16,
-    &camellia_info
-};
-
-static const mbedtls_cipher_info_t camellia_192_cbc_info = {
-    MBEDTLS_CIPHER_CAMELLIA_192_CBC,
-    MBEDTLS_MODE_CBC,
-    192,
-    "CAMELLIA-192-CBC",
-    16,
-    0,
-    16,
-    &camellia_info
-};
-
-static const mbedtls_cipher_info_t camellia_256_cbc_info = {
-    MBEDTLS_CIPHER_CAMELLIA_256_CBC,
-    MBEDTLS_MODE_CBC,
-    256,
-    "CAMELLIA-256-CBC",
-    16,
-    0,
-    16,
-    &camellia_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-static const mbedtls_cipher_info_t camellia_128_cfb128_info = {
-    MBEDTLS_CIPHER_CAMELLIA_128_CFB128,
-    MBEDTLS_MODE_CFB,
-    128,
-    "CAMELLIA-128-CFB128",
-    16,
-    0,
-    16,
-    &camellia_info
-};
-
-static const mbedtls_cipher_info_t camellia_192_cfb128_info = {
-    MBEDTLS_CIPHER_CAMELLIA_192_CFB128,
-    MBEDTLS_MODE_CFB,
-    192,
-    "CAMELLIA-192-CFB128",
-    16,
-    0,
-    16,
-    &camellia_info
-};
-
-static const mbedtls_cipher_info_t camellia_256_cfb128_info = {
-    MBEDTLS_CIPHER_CAMELLIA_256_CFB128,
-    MBEDTLS_MODE_CFB,
-    256,
-    "CAMELLIA-256-CFB128",
-    16,
-    0,
-    16,
-    &camellia_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-static const mbedtls_cipher_info_t camellia_128_ctr_info = {
-    MBEDTLS_CIPHER_CAMELLIA_128_CTR,
-    MBEDTLS_MODE_CTR,
-    128,
-    "CAMELLIA-128-CTR",
-    16,
-    0,
-    16,
-    &camellia_info
-};
-
-static const mbedtls_cipher_info_t camellia_192_ctr_info = {
-    MBEDTLS_CIPHER_CAMELLIA_192_CTR,
-    MBEDTLS_MODE_CTR,
-    192,
-    "CAMELLIA-192-CTR",
-    16,
-    0,
-    16,
-    &camellia_info
-};
-
-static const mbedtls_cipher_info_t camellia_256_ctr_info = {
-    MBEDTLS_CIPHER_CAMELLIA_256_CTR,
-    MBEDTLS_MODE_CTR,
-    256,
-    "CAMELLIA-256-CTR",
-    16,
-    0,
-    16,
-    &camellia_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-#if defined(MBEDTLS_GCM_C)
-static int gcm_camellia_setkey_wrap( void *ctx, const unsigned char *key,
-                                     unsigned int key_bitlen )
-{
-    return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA,
-                     key, key_bitlen );
-}
-
-static const mbedtls_cipher_base_t gcm_camellia_info = {
-    MBEDTLS_CIPHER_ID_CAMELLIA,
-    NULL,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    NULL,
-#endif
-    gcm_camellia_setkey_wrap,
-    gcm_camellia_setkey_wrap,
-    gcm_ctx_alloc,
-    gcm_ctx_free,
-};
-
-static const mbedtls_cipher_info_t camellia_128_gcm_info = {
-    MBEDTLS_CIPHER_CAMELLIA_128_GCM,
-    MBEDTLS_MODE_GCM,
-    128,
-    "CAMELLIA-128-GCM",
-    12,
-    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
-    16,
-    &gcm_camellia_info
-};
-
-static const mbedtls_cipher_info_t camellia_192_gcm_info = {
-    MBEDTLS_CIPHER_CAMELLIA_192_GCM,
-    MBEDTLS_MODE_GCM,
-    192,
-    "CAMELLIA-192-GCM",
-    12,
-    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
-    16,
-    &gcm_camellia_info
-};
-
-static const mbedtls_cipher_info_t camellia_256_gcm_info = {
-    MBEDTLS_CIPHER_CAMELLIA_256_GCM,
-    MBEDTLS_MODE_GCM,
-    256,
-    "CAMELLIA-256-GCM",
-    12,
-    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
-    16,
-    &gcm_camellia_info
-};
-#endif /* MBEDTLS_GCM_C */
-
-#if defined(MBEDTLS_CCM_C)
-static int ccm_camellia_setkey_wrap( void *ctx, const unsigned char *key,
-                                     unsigned int key_bitlen )
-{
-    return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA,
-                     key, key_bitlen );
-}
-
-static const mbedtls_cipher_base_t ccm_camellia_info = {
-    MBEDTLS_CIPHER_ID_CAMELLIA,
-    NULL,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    NULL,
-#endif
-    ccm_camellia_setkey_wrap,
-    ccm_camellia_setkey_wrap,
-    ccm_ctx_alloc,
-    ccm_ctx_free,
-};
-
-static const mbedtls_cipher_info_t camellia_128_ccm_info = {
-    MBEDTLS_CIPHER_CAMELLIA_128_CCM,
-    MBEDTLS_MODE_CCM,
-    128,
-    "CAMELLIA-128-CCM",
-    12,
-    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
-    16,
-    &ccm_camellia_info
-};
-
-static const mbedtls_cipher_info_t camellia_192_ccm_info = {
-    MBEDTLS_CIPHER_CAMELLIA_192_CCM,
-    MBEDTLS_MODE_CCM,
-    192,
-    "CAMELLIA-192-CCM",
-    12,
-    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
-    16,
-    &ccm_camellia_info
-};
-
-static const mbedtls_cipher_info_t camellia_256_ccm_info = {
-    MBEDTLS_CIPHER_CAMELLIA_256_CCM,
-    MBEDTLS_MODE_CCM,
-    256,
-    "CAMELLIA-256-CCM",
-    12,
-    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
-    16,
-    &ccm_camellia_info
-};
-#endif /* MBEDTLS_CCM_C */
-
-#endif /* MBEDTLS_CAMELLIA_C */
-
-#if defined(MBEDTLS_ARIA_C)
-
-static int aria_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation,
-        const unsigned char *input, unsigned char *output )
-{
-    (void) operation;
-    return mbedtls_aria_crypt_ecb( (mbedtls_aria_context *) ctx, input,
-                               output );
-}
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-static int aria_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation,
-        size_t length, unsigned char *iv,
-        const unsigned char *input, unsigned char *output )
-{
-    return mbedtls_aria_crypt_cbc( (mbedtls_aria_context *) ctx, operation, length, iv,
-                               input, output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-static int aria_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation,
-        size_t length, size_t *iv_off, unsigned char *iv,
-        const unsigned char *input, unsigned char *output )
-{
-    return mbedtls_aria_crypt_cfb128( (mbedtls_aria_context *) ctx, operation, length,
-                                  iv_off, iv, input, output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-static int aria_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off,
-        unsigned char *nonce_counter, unsigned char *stream_block,
-        const unsigned char *input, unsigned char *output )
-{
-    return mbedtls_aria_crypt_ctr( (mbedtls_aria_context *) ctx, length, nc_off,
-                               nonce_counter, stream_block, input, output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-static int aria_setkey_dec_wrap( void *ctx, const unsigned char *key,
-                                     unsigned int key_bitlen )
-{
-    return mbedtls_aria_setkey_dec( (mbedtls_aria_context *) ctx, key, key_bitlen );
-}
-
-static int aria_setkey_enc_wrap( void *ctx, const unsigned char *key,
-                                     unsigned int key_bitlen )
-{
-    return mbedtls_aria_setkey_enc( (mbedtls_aria_context *) ctx, key, key_bitlen );
-}
-
-static void * aria_ctx_alloc( void )
-{
-    mbedtls_aria_context *ctx;
-    ctx = mbedtls_calloc( 1, sizeof( mbedtls_aria_context ) );
-
-    if( ctx == NULL )
-        return( NULL );
-
-    mbedtls_aria_init( ctx );
-
-    return( ctx );
-}
-
-static void aria_ctx_free( void *ctx )
-{
-    mbedtls_aria_free( (mbedtls_aria_context *) ctx );
-    mbedtls_free( ctx );
-}
-
-static const mbedtls_cipher_base_t aria_info = {
-    MBEDTLS_CIPHER_ID_ARIA,
-    aria_crypt_ecb_wrap,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    aria_crypt_cbc_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    aria_crypt_cfb128_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    aria_crypt_ctr_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    NULL,
-#endif
-    aria_setkey_enc_wrap,
-    aria_setkey_dec_wrap,
-    aria_ctx_alloc,
-    aria_ctx_free
-};
-
-static const mbedtls_cipher_info_t aria_128_ecb_info = {
-    MBEDTLS_CIPHER_ARIA_128_ECB,
-    MBEDTLS_MODE_ECB,
-    128,
-    "ARIA-128-ECB",
-    0,
-    0,
-    16,
-    &aria_info
-};
-
-static const mbedtls_cipher_info_t aria_192_ecb_info = {
-    MBEDTLS_CIPHER_ARIA_192_ECB,
-    MBEDTLS_MODE_ECB,
-    192,
-    "ARIA-192-ECB",
-    0,
-    0,
-    16,
-    &aria_info
-};
-
-static const mbedtls_cipher_info_t aria_256_ecb_info = {
-    MBEDTLS_CIPHER_ARIA_256_ECB,
-    MBEDTLS_MODE_ECB,
-    256,
-    "ARIA-256-ECB",
-    0,
-    0,
-    16,
-    &aria_info
-};
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-static const mbedtls_cipher_info_t aria_128_cbc_info = {
-    MBEDTLS_CIPHER_ARIA_128_CBC,
-    MBEDTLS_MODE_CBC,
-    128,
-    "ARIA-128-CBC",
-    16,
-    0,
-    16,
-    &aria_info
-};
-
-static const mbedtls_cipher_info_t aria_192_cbc_info = {
-    MBEDTLS_CIPHER_ARIA_192_CBC,
-    MBEDTLS_MODE_CBC,
-    192,
-    "ARIA-192-CBC",
-    16,
-    0,
-    16,
-    &aria_info
-};
-
-static const mbedtls_cipher_info_t aria_256_cbc_info = {
-    MBEDTLS_CIPHER_ARIA_256_CBC,
-    MBEDTLS_MODE_CBC,
-    256,
-    "ARIA-256-CBC",
-    16,
-    0,
-    16,
-    &aria_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-static const mbedtls_cipher_info_t aria_128_cfb128_info = {
-    MBEDTLS_CIPHER_ARIA_128_CFB128,
-    MBEDTLS_MODE_CFB,
-    128,
-    "ARIA-128-CFB128",
-    16,
-    0,
-    16,
-    &aria_info
-};
-
-static const mbedtls_cipher_info_t aria_192_cfb128_info = {
-    MBEDTLS_CIPHER_ARIA_192_CFB128,
-    MBEDTLS_MODE_CFB,
-    192,
-    "ARIA-192-CFB128",
-    16,
-    0,
-    16,
-    &aria_info
-};
-
-static const mbedtls_cipher_info_t aria_256_cfb128_info = {
-    MBEDTLS_CIPHER_ARIA_256_CFB128,
-    MBEDTLS_MODE_CFB,
-    256,
-    "ARIA-256-CFB128",
-    16,
-    0,
-    16,
-    &aria_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-static const mbedtls_cipher_info_t aria_128_ctr_info = {
-    MBEDTLS_CIPHER_ARIA_128_CTR,
-    MBEDTLS_MODE_CTR,
-    128,
-    "ARIA-128-CTR",
-    16,
-    0,
-    16,
-    &aria_info
-};
-
-static const mbedtls_cipher_info_t aria_192_ctr_info = {
-    MBEDTLS_CIPHER_ARIA_192_CTR,
-    MBEDTLS_MODE_CTR,
-    192,
-    "ARIA-192-CTR",
-    16,
-    0,
-    16,
-    &aria_info
-};
-
-static const mbedtls_cipher_info_t aria_256_ctr_info = {
-    MBEDTLS_CIPHER_ARIA_256_CTR,
-    MBEDTLS_MODE_CTR,
-    256,
-    "ARIA-256-CTR",
-    16,
-    0,
-    16,
-    &aria_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-#if defined(MBEDTLS_GCM_C)
-static int gcm_aria_setkey_wrap( void *ctx, const unsigned char *key,
-                                     unsigned int key_bitlen )
-{
-    return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_ARIA,
-                     key, key_bitlen );
-}
-
-static const mbedtls_cipher_base_t gcm_aria_info = {
-    MBEDTLS_CIPHER_ID_ARIA,
-    NULL,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    NULL,
-#endif
-    gcm_aria_setkey_wrap,
-    gcm_aria_setkey_wrap,
-    gcm_ctx_alloc,
-    gcm_ctx_free,
-};
-
-static const mbedtls_cipher_info_t aria_128_gcm_info = {
-    MBEDTLS_CIPHER_ARIA_128_GCM,
-    MBEDTLS_MODE_GCM,
-    128,
-    "ARIA-128-GCM",
-    12,
-    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
-    16,
-    &gcm_aria_info
-};
-
-static const mbedtls_cipher_info_t aria_192_gcm_info = {
-    MBEDTLS_CIPHER_ARIA_192_GCM,
-    MBEDTLS_MODE_GCM,
-    192,
-    "ARIA-192-GCM",
-    12,
-    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
-    16,
-    &gcm_aria_info
-};
-
-static const mbedtls_cipher_info_t aria_256_gcm_info = {
-    MBEDTLS_CIPHER_ARIA_256_GCM,
-    MBEDTLS_MODE_GCM,
-    256,
-    "ARIA-256-GCM",
-    12,
-    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
-    16,
-    &gcm_aria_info
-};
-#endif /* MBEDTLS_GCM_C */
-
-#if defined(MBEDTLS_CCM_C)
-static int ccm_aria_setkey_wrap( void *ctx, const unsigned char *key,
-                                     unsigned int key_bitlen )
-{
-    return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_ARIA,
-                     key, key_bitlen );
-}
-
-static const mbedtls_cipher_base_t ccm_aria_info = {
-    MBEDTLS_CIPHER_ID_ARIA,
-    NULL,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    NULL,
-#endif
-    ccm_aria_setkey_wrap,
-    ccm_aria_setkey_wrap,
-    ccm_ctx_alloc,
-    ccm_ctx_free,
-};
-
-static const mbedtls_cipher_info_t aria_128_ccm_info = {
-    MBEDTLS_CIPHER_ARIA_128_CCM,
-    MBEDTLS_MODE_CCM,
-    128,
-    "ARIA-128-CCM",
-    12,
-    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
-    16,
-    &ccm_aria_info
-};
-
-static const mbedtls_cipher_info_t aria_192_ccm_info = {
-    MBEDTLS_CIPHER_ARIA_192_CCM,
-    MBEDTLS_MODE_CCM,
-    192,
-    "ARIA-192-CCM",
-    12,
-    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
-    16,
-    &ccm_aria_info
-};
-
-static const mbedtls_cipher_info_t aria_256_ccm_info = {
-    MBEDTLS_CIPHER_ARIA_256_CCM,
-    MBEDTLS_MODE_CCM,
-    256,
-    "ARIA-256-CCM",
-    12,
-    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
-    16,
-    &ccm_aria_info
-};
-#endif /* MBEDTLS_CCM_C */
-
-#endif /* MBEDTLS_ARIA_C */
-
-#if defined(MBEDTLS_DES_C)
-
-static int des_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation,
-        const unsigned char *input, unsigned char *output )
-{
-    ((void) operation);
-    return mbedtls_des_crypt_ecb( (mbedtls_des_context *) ctx, input, output );
-}
-
-static int des3_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation,
-        const unsigned char *input, unsigned char *output )
-{
-    ((void) operation);
-    return mbedtls_des3_crypt_ecb( (mbedtls_des3_context *) ctx, input, output );
-}
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-static int des_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length,
-        unsigned char *iv, const unsigned char *input, unsigned char *output )
-{
-    return mbedtls_des_crypt_cbc( (mbedtls_des_context *) ctx, operation, length, iv, input,
-                          output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-static int des3_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length,
-        unsigned char *iv, const unsigned char *input, unsigned char *output )
-{
-    return mbedtls_des3_crypt_cbc( (mbedtls_des3_context *) ctx, operation, length, iv, input,
-                           output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-static int des_setkey_dec_wrap( void *ctx, const unsigned char *key,
-                                unsigned int key_bitlen )
-{
-    ((void) key_bitlen);
-
-    return mbedtls_des_setkey_dec( (mbedtls_des_context *) ctx, key );
-}
-
-static int des_setkey_enc_wrap( void *ctx, const unsigned char *key,
-                                unsigned int key_bitlen )
-{
-    ((void) key_bitlen);
-
-    return mbedtls_des_setkey_enc( (mbedtls_des_context *) ctx, key );
-}
-
-static int des3_set2key_dec_wrap( void *ctx, const unsigned char *key,
-                                  unsigned int key_bitlen )
-{
-    ((void) key_bitlen);
-
-    return mbedtls_des3_set2key_dec( (mbedtls_des3_context *) ctx, key );
-}
-
-static int des3_set2key_enc_wrap( void *ctx, const unsigned char *key,
-                                  unsigned int key_bitlen )
-{
-    ((void) key_bitlen);
-
-    return mbedtls_des3_set2key_enc( (mbedtls_des3_context *) ctx, key );
-}
-
-static int des3_set3key_dec_wrap( void *ctx, const unsigned char *key,
-                                  unsigned int key_bitlen )
-{
-    ((void) key_bitlen);
-
-    return mbedtls_des3_set3key_dec( (mbedtls_des3_context *) ctx, key );
-}
-
-static int des3_set3key_enc_wrap( void *ctx, const unsigned char *key,
-                                  unsigned int key_bitlen )
-{
-    ((void) key_bitlen);
-
-    return mbedtls_des3_set3key_enc( (mbedtls_des3_context *) ctx, key );
-}
-
-static void * des_ctx_alloc( void )
-{
-    mbedtls_des_context *des = mbedtls_calloc( 1, sizeof( mbedtls_des_context ) );
-
-    if( des == NULL )
-        return( NULL );
-
-    mbedtls_des_init( des );
-
-    return( des );
-}
-
-static void des_ctx_free( void *ctx )
-{
-    mbedtls_des_free( (mbedtls_des_context *) ctx );
-    mbedtls_free( ctx );
-}
-
-static void * des3_ctx_alloc( void )
-{
-    mbedtls_des3_context *des3;
-    des3 = mbedtls_calloc( 1, sizeof( mbedtls_des3_context ) );
-
-    if( des3 == NULL )
-        return( NULL );
-
-    mbedtls_des3_init( des3 );
-
-    return( des3 );
-}
-
-static void des3_ctx_free( void *ctx )
-{
-    mbedtls_des3_free( (mbedtls_des3_context *) ctx );
-    mbedtls_free( ctx );
-}
-
-static const mbedtls_cipher_base_t des_info = {
-    MBEDTLS_CIPHER_ID_DES,
-    des_crypt_ecb_wrap,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    des_crypt_cbc_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    NULL,
-#endif
-    des_setkey_enc_wrap,
-    des_setkey_dec_wrap,
-    des_ctx_alloc,
-    des_ctx_free
-};
-
-static const mbedtls_cipher_info_t des_ecb_info = {
-    MBEDTLS_CIPHER_DES_ECB,
-    MBEDTLS_MODE_ECB,
-    MBEDTLS_KEY_LENGTH_DES,
-    "DES-ECB",
-    0,
-    0,
-    8,
-    &des_info
-};
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-static const mbedtls_cipher_info_t des_cbc_info = {
-    MBEDTLS_CIPHER_DES_CBC,
-    MBEDTLS_MODE_CBC,
-    MBEDTLS_KEY_LENGTH_DES,
-    "DES-CBC",
-    8,
-    0,
-    8,
-    &des_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-static const mbedtls_cipher_base_t des_ede_info = {
-    MBEDTLS_CIPHER_ID_DES,
-    des3_crypt_ecb_wrap,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    des3_crypt_cbc_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    NULL,
-#endif
-    des3_set2key_enc_wrap,
-    des3_set2key_dec_wrap,
-    des3_ctx_alloc,
-    des3_ctx_free
-};
-
-static const mbedtls_cipher_info_t des_ede_ecb_info = {
-    MBEDTLS_CIPHER_DES_EDE_ECB,
-    MBEDTLS_MODE_ECB,
-    MBEDTLS_KEY_LENGTH_DES_EDE,
-    "DES-EDE-ECB",
-    0,
-    0,
-    8,
-    &des_ede_info
-};
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-static const mbedtls_cipher_info_t des_ede_cbc_info = {
-    MBEDTLS_CIPHER_DES_EDE_CBC,
-    MBEDTLS_MODE_CBC,
-    MBEDTLS_KEY_LENGTH_DES_EDE,
-    "DES-EDE-CBC",
-    8,
-    0,
-    8,
-    &des_ede_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-static const mbedtls_cipher_base_t des_ede3_info = {
-    MBEDTLS_CIPHER_ID_3DES,
-    des3_crypt_ecb_wrap,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    des3_crypt_cbc_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    NULL,
-#endif
-    des3_set3key_enc_wrap,
-    des3_set3key_dec_wrap,
-    des3_ctx_alloc,
-    des3_ctx_free
-};
-
-static const mbedtls_cipher_info_t des_ede3_ecb_info = {
-    MBEDTLS_CIPHER_DES_EDE3_ECB,
-    MBEDTLS_MODE_ECB,
-    MBEDTLS_KEY_LENGTH_DES_EDE3,
-    "DES-EDE3-ECB",
-    0,
-    0,
-    8,
-    &des_ede3_info
-};
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-static const mbedtls_cipher_info_t des_ede3_cbc_info = {
-    MBEDTLS_CIPHER_DES_EDE3_CBC,
-    MBEDTLS_MODE_CBC,
-    MBEDTLS_KEY_LENGTH_DES_EDE3,
-    "DES-EDE3-CBC",
-    8,
-    0,
-    8,
-    &des_ede3_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-#endif /* MBEDTLS_DES_C */
-
-#if defined(MBEDTLS_BLOWFISH_C)
-
-static int blowfish_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation,
-        const unsigned char *input, unsigned char *output )
-{
-    return mbedtls_blowfish_crypt_ecb( (mbedtls_blowfish_context *) ctx, operation, input,
-                               output );
-}
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-static int blowfish_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation,
-        size_t length, unsigned char *iv, const unsigned char *input,
-        unsigned char *output )
-{
-    return mbedtls_blowfish_crypt_cbc( (mbedtls_blowfish_context *) ctx, operation, length, iv,
-                               input, output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-static int blowfish_crypt_cfb64_wrap( void *ctx, mbedtls_operation_t operation,
-        size_t length, size_t *iv_off, unsigned char *iv,
-        const unsigned char *input, unsigned char *output )
-{
-    return mbedtls_blowfish_crypt_cfb64( (mbedtls_blowfish_context *) ctx, operation, length,
-                                 iv_off, iv, input, output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-static int blowfish_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off,
-        unsigned char *nonce_counter, unsigned char *stream_block,
-        const unsigned char *input, unsigned char *output )
-{
-    return mbedtls_blowfish_crypt_ctr( (mbedtls_blowfish_context *) ctx, length, nc_off,
-                               nonce_counter, stream_block, input, output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-static int blowfish_setkey_wrap( void *ctx, const unsigned char *key,
-                                 unsigned int key_bitlen )
-{
-    return mbedtls_blowfish_setkey( (mbedtls_blowfish_context *) ctx, key, key_bitlen );
-}
-
-static void * blowfish_ctx_alloc( void )
-{
-    mbedtls_blowfish_context *ctx;
-    ctx = mbedtls_calloc( 1, sizeof( mbedtls_blowfish_context ) );
-
-    if( ctx == NULL )
-        return( NULL );
-
-    mbedtls_blowfish_init( ctx );
-
-    return( ctx );
-}
-
-static void blowfish_ctx_free( void *ctx )
-{
-    mbedtls_blowfish_free( (mbedtls_blowfish_context *) ctx );
-    mbedtls_free( ctx );
-}
-
-static const mbedtls_cipher_base_t blowfish_info = {
-    MBEDTLS_CIPHER_ID_BLOWFISH,
-    blowfish_crypt_ecb_wrap,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    blowfish_crypt_cbc_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    blowfish_crypt_cfb64_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    blowfish_crypt_ctr_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    NULL,
-#endif
-    blowfish_setkey_wrap,
-    blowfish_setkey_wrap,
-    blowfish_ctx_alloc,
-    blowfish_ctx_free
-};
-
-static const mbedtls_cipher_info_t blowfish_ecb_info = {
-    MBEDTLS_CIPHER_BLOWFISH_ECB,
-    MBEDTLS_MODE_ECB,
-    128,
-    "BLOWFISH-ECB",
-    0,
-    MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
-    8,
-    &blowfish_info
-};
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-static const mbedtls_cipher_info_t blowfish_cbc_info = {
-    MBEDTLS_CIPHER_BLOWFISH_CBC,
-    MBEDTLS_MODE_CBC,
-    128,
-    "BLOWFISH-CBC",
-    8,
-    MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
-    8,
-    &blowfish_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-static const mbedtls_cipher_info_t blowfish_cfb64_info = {
-    MBEDTLS_CIPHER_BLOWFISH_CFB64,
-    MBEDTLS_MODE_CFB,
-    128,
-    "BLOWFISH-CFB64",
-    8,
-    MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
-    8,
-    &blowfish_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-static const mbedtls_cipher_info_t blowfish_ctr_info = {
-    MBEDTLS_CIPHER_BLOWFISH_CTR,
-    MBEDTLS_MODE_CTR,
-    128,
-    "BLOWFISH-CTR",
-    8,
-    MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
-    8,
-    &blowfish_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-#endif /* MBEDTLS_BLOWFISH_C */
-
-#if defined(MBEDTLS_ARC4_C)
-static int arc4_crypt_stream_wrap( void *ctx, size_t length,
-                                   const unsigned char *input,
-                                   unsigned char *output )
-{
-    return( mbedtls_arc4_crypt( (mbedtls_arc4_context *) ctx, length, input, output ) );
-}
-
-static int arc4_setkey_wrap( void *ctx, const unsigned char *key,
-                             unsigned int key_bitlen )
-{
-    /* we get key_bitlen in bits, arc4 expects it in bytes */
-    if( key_bitlen % 8 != 0 )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    mbedtls_arc4_setup( (mbedtls_arc4_context *) ctx, key, key_bitlen / 8 );
-    return( 0 );
-}
-
-static void * arc4_ctx_alloc( void )
-{
-    mbedtls_arc4_context *ctx;
-    ctx = mbedtls_calloc( 1, sizeof( mbedtls_arc4_context ) );
-
-    if( ctx == NULL )
-        return( NULL );
-
-    mbedtls_arc4_init( ctx );
-
-    return( ctx );
-}
-
-static void arc4_ctx_free( void *ctx )
-{
-    mbedtls_arc4_free( (mbedtls_arc4_context *) ctx );
-    mbedtls_free( ctx );
-}
-
-static const mbedtls_cipher_base_t arc4_base_info = {
-    MBEDTLS_CIPHER_ID_ARC4,
-    NULL,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    arc4_crypt_stream_wrap,
-#endif
-    arc4_setkey_wrap,
-    arc4_setkey_wrap,
-    arc4_ctx_alloc,
-    arc4_ctx_free
-};
-
-static const mbedtls_cipher_info_t arc4_128_info = {
-    MBEDTLS_CIPHER_ARC4_128,
-    MBEDTLS_MODE_STREAM,
-    128,
-    "ARC4-128",
-    0,
-    0,
-    1,
-    &arc4_base_info
-};
-#endif /* MBEDTLS_ARC4_C */
-
-#if defined(MBEDTLS_CHACHA20_C)
-
-static int chacha20_setkey_wrap( void *ctx, const unsigned char *key,
-                                 unsigned int key_bitlen )
-{
-    if( key_bitlen != 256U )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    if ( 0 != mbedtls_chacha20_setkey( (mbedtls_chacha20_context*)ctx, key ) )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    return( 0 );
-}
-
-static int chacha20_stream_wrap( void *ctx,  size_t length,
-                                 const unsigned char *input,
-                                 unsigned char *output )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    ret = mbedtls_chacha20_update( ctx, length, input, output );
-    if( ret == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    return( ret );
-}
-
-static void * chacha20_ctx_alloc( void )
-{
-    mbedtls_chacha20_context *ctx;
-    ctx = mbedtls_calloc( 1, sizeof( mbedtls_chacha20_context ) );
-
-    if( ctx == NULL )
-        return( NULL );
-
-    mbedtls_chacha20_init( ctx );
-
-    return( ctx );
-}
-
-static void chacha20_ctx_free( void *ctx )
-{
-    mbedtls_chacha20_free( (mbedtls_chacha20_context *) ctx );
-    mbedtls_free( ctx );
-}
-
-static const mbedtls_cipher_base_t chacha20_base_info = {
-    MBEDTLS_CIPHER_ID_CHACHA20,
-    NULL,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    chacha20_stream_wrap,
-#endif
-    chacha20_setkey_wrap,
-    chacha20_setkey_wrap,
-    chacha20_ctx_alloc,
-    chacha20_ctx_free
-};
-static const mbedtls_cipher_info_t chacha20_info = {
-    MBEDTLS_CIPHER_CHACHA20,
-    MBEDTLS_MODE_STREAM,
-    256,
-    "CHACHA20",
-    12,
-    0,
-    1,
-    &chacha20_base_info
-};
-#endif /* MBEDTLS_CHACHA20_C */
-
-#if defined(MBEDTLS_CHACHAPOLY_C)
-
-static int chachapoly_setkey_wrap( void *ctx,
-                                   const unsigned char *key,
-                                   unsigned int key_bitlen )
-{
-    if( key_bitlen != 256U )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    if ( 0 != mbedtls_chachapoly_setkey( (mbedtls_chachapoly_context*)ctx, key ) )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    return( 0 );
-}
-
-static void * chachapoly_ctx_alloc( void )
-{
-    mbedtls_chachapoly_context *ctx;
-    ctx = mbedtls_calloc( 1, sizeof( mbedtls_chachapoly_context ) );
-
-    if( ctx == NULL )
-        return( NULL );
-
-    mbedtls_chachapoly_init( ctx );
-
-    return( ctx );
-}
-
-static void chachapoly_ctx_free( void *ctx )
-{
-    mbedtls_chachapoly_free( (mbedtls_chachapoly_context *) ctx );
-    mbedtls_free( ctx );
-}
-
-static const mbedtls_cipher_base_t chachapoly_base_info = {
-    MBEDTLS_CIPHER_ID_CHACHA20,
-    NULL,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    NULL,
-#endif
-    chachapoly_setkey_wrap,
-    chachapoly_setkey_wrap,
-    chachapoly_ctx_alloc,
-    chachapoly_ctx_free
-};
-static const mbedtls_cipher_info_t chachapoly_info = {
-    MBEDTLS_CIPHER_CHACHA20_POLY1305,
-    MBEDTLS_MODE_CHACHAPOLY,
-    256,
-    "CHACHA20-POLY1305",
-    12,
-    0,
-    1,
-    &chachapoly_base_info
-};
-#endif /* MBEDTLS_CHACHAPOLY_C */
-
-#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
-static int null_crypt_stream( void *ctx, size_t length,
-                              const unsigned char *input,
-                              unsigned char *output )
-{
-    ((void) ctx);
-    memmove( output, input, length );
-    return( 0 );
-}
-
-static int null_setkey( void *ctx, const unsigned char *key,
-                        unsigned int key_bitlen )
-{
-    ((void) ctx);
-    ((void) key);
-    ((void) key_bitlen);
-
-    return( 0 );
-}
-
-static void * null_ctx_alloc( void )
-{
-    return( (void *) 1 );
-}
-
-static void null_ctx_free( void *ctx )
-{
-    ((void) ctx);
-}
-
-static const mbedtls_cipher_base_t null_base_info = {
-    MBEDTLS_CIPHER_ID_NULL,
-    NULL,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    null_crypt_stream,
-#endif
-    null_setkey,
-    null_setkey,
-    null_ctx_alloc,
-    null_ctx_free
-};
-
-static const mbedtls_cipher_info_t null_cipher_info = {
-    MBEDTLS_CIPHER_NULL,
-    MBEDTLS_MODE_STREAM,
-    0,
-    "NULL",
-    0,
-    0,
-    1,
-    &null_base_info
-};
-#endif /* defined(MBEDTLS_CIPHER_NULL_CIPHER) */
-
-#if defined(MBEDTLS_NIST_KW_C)
-static void *kw_ctx_alloc( void )
-{
-    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_nist_kw_context ) );
-
-    if( ctx != NULL )
-        mbedtls_nist_kw_init( (mbedtls_nist_kw_context *) ctx );
-
-    return( ctx );
-}
-
-static void kw_ctx_free( void *ctx )
-{
-    mbedtls_nist_kw_free( ctx );
-    mbedtls_free( ctx );
-}
-
-static int kw_aes_setkey_wrap( void *ctx, const unsigned char *key,
-                                unsigned int key_bitlen )
-{
-    return mbedtls_nist_kw_setkey( (mbedtls_nist_kw_context *) ctx,
-                                   MBEDTLS_CIPHER_ID_AES, key, key_bitlen, 1 );
-}
-
-static int kw_aes_setkey_unwrap( void *ctx, const unsigned char *key,
-                                unsigned int key_bitlen )
-{
-   return mbedtls_nist_kw_setkey( (mbedtls_nist_kw_context *) ctx,
-                                  MBEDTLS_CIPHER_ID_AES, key, key_bitlen, 0 );
-}
-
-static const mbedtls_cipher_base_t kw_aes_info = {
-    MBEDTLS_CIPHER_ID_AES,
-    NULL,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
-    NULL,
-#endif
-    kw_aes_setkey_wrap,
-    kw_aes_setkey_unwrap,
-    kw_ctx_alloc,
-    kw_ctx_free,
-};
-
-static const mbedtls_cipher_info_t aes_128_nist_kw_info = {
-    MBEDTLS_CIPHER_AES_128_KW,
-    MBEDTLS_MODE_KW,
-    128,
-    "AES-128-KW",
-    0,
-    0,
-    16,
-    &kw_aes_info
-};
-
-static const mbedtls_cipher_info_t aes_192_nist_kw_info = {
-    MBEDTLS_CIPHER_AES_192_KW,
-    MBEDTLS_MODE_KW,
-    192,
-    "AES-192-KW",
-    0,
-    0,
-    16,
-    &kw_aes_info
-};
-
-static const mbedtls_cipher_info_t aes_256_nist_kw_info = {
-    MBEDTLS_CIPHER_AES_256_KW,
-    MBEDTLS_MODE_KW,
-    256,
-    "AES-256-KW",
-    0,
-    0,
-    16,
-    &kw_aes_info
-};
-
-static const mbedtls_cipher_info_t aes_128_nist_kwp_info = {
-    MBEDTLS_CIPHER_AES_128_KWP,
-    MBEDTLS_MODE_KWP,
-    128,
-    "AES-128-KWP",
-    0,
-    0,
-    16,
-    &kw_aes_info
-};
-
-static const mbedtls_cipher_info_t aes_192_nist_kwp_info = {
-    MBEDTLS_CIPHER_AES_192_KWP,
-    MBEDTLS_MODE_KWP,
-    192,
-    "AES-192-KWP",
-    0,
-    0,
-    16,
-    &kw_aes_info
-};
-
-static const mbedtls_cipher_info_t aes_256_nist_kwp_info = {
-    MBEDTLS_CIPHER_AES_256_KWP,
-    MBEDTLS_MODE_KWP,
-    256,
-    "AES-256-KWP",
-    0,
-    0,
-    16,
-    &kw_aes_info
-};
-#endif /* MBEDTLS_NIST_KW_C */
-
-const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] =
-{
-#if defined(MBEDTLS_AES_C)
-    { MBEDTLS_CIPHER_AES_128_ECB,          &aes_128_ecb_info },
-    { MBEDTLS_CIPHER_AES_192_ECB,          &aes_192_ecb_info },
-    { MBEDTLS_CIPHER_AES_256_ECB,          &aes_256_ecb_info },
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    { MBEDTLS_CIPHER_AES_128_CBC,          &aes_128_cbc_info },
-    { MBEDTLS_CIPHER_AES_192_CBC,          &aes_192_cbc_info },
-    { MBEDTLS_CIPHER_AES_256_CBC,          &aes_256_cbc_info },
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    { MBEDTLS_CIPHER_AES_128_CFB128,       &aes_128_cfb128_info },
-    { MBEDTLS_CIPHER_AES_192_CFB128,       &aes_192_cfb128_info },
-    { MBEDTLS_CIPHER_AES_256_CFB128,       &aes_256_cfb128_info },
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    { MBEDTLS_CIPHER_AES_128_OFB,          &aes_128_ofb_info },
-    { MBEDTLS_CIPHER_AES_192_OFB,          &aes_192_ofb_info },
-    { MBEDTLS_CIPHER_AES_256_OFB,          &aes_256_ofb_info },
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    { MBEDTLS_CIPHER_AES_128_CTR,          &aes_128_ctr_info },
-    { MBEDTLS_CIPHER_AES_192_CTR,          &aes_192_ctr_info },
-    { MBEDTLS_CIPHER_AES_256_CTR,          &aes_256_ctr_info },
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    { MBEDTLS_CIPHER_AES_128_XTS,          &aes_128_xts_info },
-    { MBEDTLS_CIPHER_AES_256_XTS,          &aes_256_xts_info },
-#endif
-#if defined(MBEDTLS_GCM_C)
-    { MBEDTLS_CIPHER_AES_128_GCM,          &aes_128_gcm_info },
-    { MBEDTLS_CIPHER_AES_192_GCM,          &aes_192_gcm_info },
-    { MBEDTLS_CIPHER_AES_256_GCM,          &aes_256_gcm_info },
-#endif
-#if defined(MBEDTLS_CCM_C)
-    { MBEDTLS_CIPHER_AES_128_CCM,          &aes_128_ccm_info },
-    { MBEDTLS_CIPHER_AES_192_CCM,          &aes_192_ccm_info },
-    { MBEDTLS_CIPHER_AES_256_CCM,          &aes_256_ccm_info },
-#endif
-#endif /* MBEDTLS_AES_C */
-
-#if defined(MBEDTLS_ARC4_C)
-    { MBEDTLS_CIPHER_ARC4_128,             &arc4_128_info },
-#endif
-
-#if defined(MBEDTLS_BLOWFISH_C)
-    { MBEDTLS_CIPHER_BLOWFISH_ECB,         &blowfish_ecb_info },
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    { MBEDTLS_CIPHER_BLOWFISH_CBC,         &blowfish_cbc_info },
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    { MBEDTLS_CIPHER_BLOWFISH_CFB64,       &blowfish_cfb64_info },
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    { MBEDTLS_CIPHER_BLOWFISH_CTR,         &blowfish_ctr_info },
-#endif
-#endif /* MBEDTLS_BLOWFISH_C */
-
-#if defined(MBEDTLS_CAMELLIA_C)
-    { MBEDTLS_CIPHER_CAMELLIA_128_ECB,     &camellia_128_ecb_info },
-    { MBEDTLS_CIPHER_CAMELLIA_192_ECB,     &camellia_192_ecb_info },
-    { MBEDTLS_CIPHER_CAMELLIA_256_ECB,     &camellia_256_ecb_info },
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    { MBEDTLS_CIPHER_CAMELLIA_128_CBC,     &camellia_128_cbc_info },
-    { MBEDTLS_CIPHER_CAMELLIA_192_CBC,     &camellia_192_cbc_info },
-    { MBEDTLS_CIPHER_CAMELLIA_256_CBC,     &camellia_256_cbc_info },
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    { MBEDTLS_CIPHER_CAMELLIA_128_CFB128,  &camellia_128_cfb128_info },
-    { MBEDTLS_CIPHER_CAMELLIA_192_CFB128,  &camellia_192_cfb128_info },
-    { MBEDTLS_CIPHER_CAMELLIA_256_CFB128,  &camellia_256_cfb128_info },
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    { MBEDTLS_CIPHER_CAMELLIA_128_CTR,     &camellia_128_ctr_info },
-    { MBEDTLS_CIPHER_CAMELLIA_192_CTR,     &camellia_192_ctr_info },
-    { MBEDTLS_CIPHER_CAMELLIA_256_CTR,     &camellia_256_ctr_info },
-#endif
-#if defined(MBEDTLS_GCM_C)
-    { MBEDTLS_CIPHER_CAMELLIA_128_GCM,     &camellia_128_gcm_info },
-    { MBEDTLS_CIPHER_CAMELLIA_192_GCM,     &camellia_192_gcm_info },
-    { MBEDTLS_CIPHER_CAMELLIA_256_GCM,     &camellia_256_gcm_info },
-#endif
-#if defined(MBEDTLS_CCM_C)
-    { MBEDTLS_CIPHER_CAMELLIA_128_CCM,     &camellia_128_ccm_info },
-    { MBEDTLS_CIPHER_CAMELLIA_192_CCM,     &camellia_192_ccm_info },
-    { MBEDTLS_CIPHER_CAMELLIA_256_CCM,     &camellia_256_ccm_info },
-#endif
-#endif /* MBEDTLS_CAMELLIA_C */
-
-#if defined(MBEDTLS_ARIA_C)
-    { MBEDTLS_CIPHER_ARIA_128_ECB,     &aria_128_ecb_info },
-    { MBEDTLS_CIPHER_ARIA_192_ECB,     &aria_192_ecb_info },
-    { MBEDTLS_CIPHER_ARIA_256_ECB,     &aria_256_ecb_info },
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    { MBEDTLS_CIPHER_ARIA_128_CBC,     &aria_128_cbc_info },
-    { MBEDTLS_CIPHER_ARIA_192_CBC,     &aria_192_cbc_info },
-    { MBEDTLS_CIPHER_ARIA_256_CBC,     &aria_256_cbc_info },
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    { MBEDTLS_CIPHER_ARIA_128_CFB128,  &aria_128_cfb128_info },
-    { MBEDTLS_CIPHER_ARIA_192_CFB128,  &aria_192_cfb128_info },
-    { MBEDTLS_CIPHER_ARIA_256_CFB128,  &aria_256_cfb128_info },
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    { MBEDTLS_CIPHER_ARIA_128_CTR,     &aria_128_ctr_info },
-    { MBEDTLS_CIPHER_ARIA_192_CTR,     &aria_192_ctr_info },
-    { MBEDTLS_CIPHER_ARIA_256_CTR,     &aria_256_ctr_info },
-#endif
-#if defined(MBEDTLS_GCM_C)
-    { MBEDTLS_CIPHER_ARIA_128_GCM,     &aria_128_gcm_info },
-    { MBEDTLS_CIPHER_ARIA_192_GCM,     &aria_192_gcm_info },
-    { MBEDTLS_CIPHER_ARIA_256_GCM,     &aria_256_gcm_info },
-#endif
-#if defined(MBEDTLS_CCM_C)
-    { MBEDTLS_CIPHER_ARIA_128_CCM,     &aria_128_ccm_info },
-    { MBEDTLS_CIPHER_ARIA_192_CCM,     &aria_192_ccm_info },
-    { MBEDTLS_CIPHER_ARIA_256_CCM,     &aria_256_ccm_info },
-#endif
-#endif /* MBEDTLS_ARIA_C */
-
-#if defined(MBEDTLS_DES_C)
-    { MBEDTLS_CIPHER_DES_ECB,              &des_ecb_info },
-    { MBEDTLS_CIPHER_DES_EDE_ECB,          &des_ede_ecb_info },
-    { MBEDTLS_CIPHER_DES_EDE3_ECB,         &des_ede3_ecb_info },
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    { MBEDTLS_CIPHER_DES_CBC,              &des_cbc_info },
-    { MBEDTLS_CIPHER_DES_EDE_CBC,          &des_ede_cbc_info },
-    { MBEDTLS_CIPHER_DES_EDE3_CBC,         &des_ede3_cbc_info },
-#endif
-#endif /* MBEDTLS_DES_C */
-
-#if defined(MBEDTLS_CHACHA20_C)
-    { MBEDTLS_CIPHER_CHACHA20,             &chacha20_info },
-#endif
-
-#if defined(MBEDTLS_CHACHAPOLY_C)
-    { MBEDTLS_CIPHER_CHACHA20_POLY1305,    &chachapoly_info },
-#endif
-
-#if defined(MBEDTLS_NIST_KW_C)
-    { MBEDTLS_CIPHER_AES_128_KW,          &aes_128_nist_kw_info },
-    { MBEDTLS_CIPHER_AES_192_KW,          &aes_192_nist_kw_info },
-    { MBEDTLS_CIPHER_AES_256_KW,          &aes_256_nist_kw_info },
-    { MBEDTLS_CIPHER_AES_128_KWP,         &aes_128_nist_kwp_info },
-    { MBEDTLS_CIPHER_AES_192_KWP,         &aes_192_nist_kwp_info },
-    { MBEDTLS_CIPHER_AES_256_KWP,         &aes_256_nist_kwp_info },
-#endif
-
-#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
-    { MBEDTLS_CIPHER_NULL,                 &null_cipher_info },
-#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
-
-    { MBEDTLS_CIPHER_NONE, NULL }
-};
-
-#define NUM_CIPHERS ( sizeof(mbedtls_cipher_definitions) /      \
-                      sizeof(mbedtls_cipher_definitions[0]) )
-int mbedtls_cipher_supported[NUM_CIPHERS];
-
-#endif /* MBEDTLS_CIPHER_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/cmac.c b/3rdparty/mbedtls-2.25.0/library/cmac.c
deleted file mode 100644
index 59ece15..0000000
--- a/3rdparty/mbedtls-2.25.0/library/cmac.c
+++ /dev/null
@@ -1,1073 +0,0 @@
-/**
- * \file cmac.c
- *
- * \brief NIST SP800-38B compliant CMAC implementation for AES and 3DES
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- * References:
- *
- * - NIST SP 800-38B Recommendation for Block Cipher Modes of Operation: The
- *      CMAC Mode for Authentication
- *   http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38b.pdf
- *
- * - RFC 4493 - The AES-CMAC Algorithm
- *   https://tools.ietf.org/html/rfc4493
- *
- * - RFC 4615 - The Advanced Encryption Standard-Cipher-based Message
- *      Authentication Code-Pseudo-Random Function-128 (AES-CMAC-PRF-128)
- *      Algorithm for the Internet Key Exchange Protocol (IKE)
- *   https://tools.ietf.org/html/rfc4615
- *
- *   Additional test vectors: ISO/IEC 9797-1
- *
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_CMAC_C)
-
-#include "mbedtls/cmac.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc     calloc
-#define mbedtls_free       free
-#if defined(MBEDTLS_SELF_TEST)
-#include <stdio.h>
-#define mbedtls_printf     printf
-#endif /* MBEDTLS_SELF_TEST */
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST)
-
-/*
- * Multiplication by u in the Galois field of GF(2^n)
- *
- * As explained in NIST SP 800-38B, this can be computed:
- *
- *   If MSB(p) = 0, then p = (p << 1)
- *   If MSB(p) = 1, then p = (p << 1) ^ R_n
- *   with R_64 = 0x1B and  R_128 = 0x87
- *
- * Input and output MUST NOT point to the same buffer
- * Block size must be 8 bytes or 16 bytes - the block sizes for DES and AES.
- */
-static int cmac_multiply_by_u( unsigned char *output,
-                               const unsigned char *input,
-                               size_t blocksize )
-{
-    const unsigned char R_128 = 0x87;
-    const unsigned char R_64 = 0x1B;
-    unsigned char R_n, mask;
-    unsigned char overflow = 0x00;
-    int i;
-
-    if( blocksize == MBEDTLS_AES_BLOCK_SIZE )
-    {
-        R_n = R_128;
-    }
-    else if( blocksize == MBEDTLS_DES3_BLOCK_SIZE )
-    {
-        R_n = R_64;
-    }
-    else
-    {
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-    }
-
-    for( i = (int)blocksize - 1; i >= 0; i-- )
-    {
-        output[i] = input[i] << 1 | overflow;
-        overflow = input[i] >> 7;
-    }
-
-    /* mask = ( input[0] >> 7 ) ? 0xff : 0x00
-     * using bit operations to avoid branches */
-
-    /* MSVC has a warning about unary minus on unsigned, but this is
-     * well-defined and precisely what we want to do here */
-#if defined(_MSC_VER)
-#pragma warning( push )
-#pragma warning( disable : 4146 )
-#endif
-    mask = - ( input[0] >> 7 );
-#if defined(_MSC_VER)
-#pragma warning( pop )
-#endif
-
-    output[ blocksize - 1 ] ^= R_n & mask;
-
-    return( 0 );
-}
-
-/*
- * Generate subkeys
- *
- * - as specified by RFC 4493, section 2.3 Subkey Generation Algorithm
- */
-static int cmac_generate_subkeys( mbedtls_cipher_context_t *ctx,
-                                  unsigned char* K1, unsigned char* K2 )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char L[MBEDTLS_CIPHER_BLKSIZE_MAX];
-    size_t olen, block_size;
-
-    mbedtls_platform_zeroize( L, sizeof( L ) );
-
-    block_size = ctx->cipher_info->block_size;
-
-    /* Calculate Ek(0) */
-    if( ( ret = mbedtls_cipher_update( ctx, L, block_size, L, &olen ) ) != 0 )
-        goto exit;
-
-    /*
-     * Generate K1 and K2
-     */
-    if( ( ret = cmac_multiply_by_u( K1, L , block_size ) ) != 0 )
-        goto exit;
-
-    if( ( ret = cmac_multiply_by_u( K2, K1 , block_size ) ) != 0 )
-        goto exit;
-
-exit:
-    mbedtls_platform_zeroize( L, sizeof( L ) );
-
-    return( ret );
-}
-#endif /* !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST) */
-
-#if !defined(MBEDTLS_CMAC_ALT)
-static void cmac_xor_block( unsigned char *output, const unsigned char *input1,
-                            const unsigned char *input2,
-                            const size_t block_size )
-{
-    size_t idx;
-
-    for( idx = 0; idx < block_size; idx++ )
-        output[ idx ] = input1[ idx ] ^ input2[ idx ];
-}
-
-/*
- * Create padded last block from (partial) last block.
- *
- * We can't use the padding option from the cipher layer, as it only works for
- * CBC and we use ECB mode, and anyway we need to XOR K1 or K2 in addition.
- */
-static void cmac_pad( unsigned char padded_block[MBEDTLS_CIPHER_BLKSIZE_MAX],
-                      size_t padded_block_len,
-                      const unsigned char *last_block,
-                      size_t last_block_len )
-{
-    size_t j;
-
-    for( j = 0; j < padded_block_len; j++ )
-    {
-        if( j < last_block_len )
-            padded_block[j] = last_block[j];
-        else if( j == last_block_len )
-            padded_block[j] = 0x80;
-        else
-            padded_block[j] = 0x00;
-    }
-}
-
-int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
-                                const unsigned char *key, size_t keybits )
-{
-    mbedtls_cipher_type_t type;
-    mbedtls_cmac_context_t *cmac_ctx;
-    int retval;
-
-    if( ctx == NULL || ctx->cipher_info == NULL || key == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    if( ( retval = mbedtls_cipher_setkey( ctx, key, (int)keybits,
-                                          MBEDTLS_ENCRYPT ) ) != 0 )
-        return( retval );
-
-    type = ctx->cipher_info->type;
-
-    switch( type )
-    {
-        case MBEDTLS_CIPHER_AES_128_ECB:
-        case MBEDTLS_CIPHER_AES_192_ECB:
-        case MBEDTLS_CIPHER_AES_256_ECB:
-        case MBEDTLS_CIPHER_DES_EDE3_ECB:
-            break;
-        default:
-            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-    }
-
-    /* Allocated and initialise in the cipher context memory for the CMAC
-     * context */
-    cmac_ctx = mbedtls_calloc( 1, sizeof( mbedtls_cmac_context_t ) );
-    if( cmac_ctx == NULL )
-        return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED );
-
-    ctx->cmac_ctx = cmac_ctx;
-
-    mbedtls_platform_zeroize( cmac_ctx->state, sizeof( cmac_ctx->state ) );
-
-    return 0;
-}
-
-int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
-                                const unsigned char *input, size_t ilen )
-{
-    mbedtls_cmac_context_t* cmac_ctx;
-    unsigned char *state;
-    int ret = 0;
-    size_t n, j, olen, block_size;
-
-    if( ctx == NULL || ctx->cipher_info == NULL || input == NULL ||
-        ctx->cmac_ctx == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    cmac_ctx = ctx->cmac_ctx;
-    block_size = ctx->cipher_info->block_size;
-    state = ctx->cmac_ctx->state;
-
-    /* Is there data still to process from the last call, that's greater in
-     * size than a block? */
-    if( cmac_ctx->unprocessed_len > 0 &&
-        ilen > block_size - cmac_ctx->unprocessed_len )
-    {
-        memcpy( &cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len],
-                input,
-                block_size - cmac_ctx->unprocessed_len );
-
-        cmac_xor_block( state, cmac_ctx->unprocessed_block, state, block_size );
-
-        if( ( ret = mbedtls_cipher_update( ctx, state, block_size, state,
-                                           &olen ) ) != 0 )
-        {
-           goto exit;
-        }
-
-        input += block_size - cmac_ctx->unprocessed_len;
-        ilen -= block_size - cmac_ctx->unprocessed_len;
-        cmac_ctx->unprocessed_len = 0;
-    }
-
-    /* n is the number of blocks including any final partial block */
-    n = ( ilen + block_size - 1 ) / block_size;
-
-    /* Iterate across the input data in block sized chunks, excluding any
-     * final partial or complete block */
-    for( j = 1; j < n; j++ )
-    {
-        cmac_xor_block( state, input, state, block_size );
-
-        if( ( ret = mbedtls_cipher_update( ctx, state, block_size, state,
-                                           &olen ) ) != 0 )
-           goto exit;
-
-        ilen -= block_size;
-        input += block_size;
-    }
-
-    /* If there is data left over that wasn't aligned to a block */
-    if( ilen > 0 )
-    {
-        memcpy( &cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len],
-                input,
-                ilen );
-        cmac_ctx->unprocessed_len += ilen;
-    }
-
-exit:
-    return( ret );
-}
-
-int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
-                                unsigned char *output )
-{
-    mbedtls_cmac_context_t* cmac_ctx;
-    unsigned char *state, *last_block;
-    unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX];
-    unsigned char K2[MBEDTLS_CIPHER_BLKSIZE_MAX];
-    unsigned char M_last[MBEDTLS_CIPHER_BLKSIZE_MAX];
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t olen, block_size;
-
-    if( ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL ||
-        output == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    cmac_ctx = ctx->cmac_ctx;
-    block_size = ctx->cipher_info->block_size;
-    state = cmac_ctx->state;
-
-    mbedtls_platform_zeroize( K1, sizeof( K1 ) );
-    mbedtls_platform_zeroize( K2, sizeof( K2 ) );
-    cmac_generate_subkeys( ctx, K1, K2 );
-
-    last_block = cmac_ctx->unprocessed_block;
-
-    /* Calculate last block */
-    if( cmac_ctx->unprocessed_len < block_size )
-    {
-        cmac_pad( M_last, block_size, last_block, cmac_ctx->unprocessed_len );
-        cmac_xor_block( M_last, M_last, K2, block_size );
-    }
-    else
-    {
-        /* Last block is complete block */
-        cmac_xor_block( M_last, last_block, K1, block_size );
-    }
-
-
-    cmac_xor_block( state, M_last, state, block_size );
-    if( ( ret = mbedtls_cipher_update( ctx, state, block_size, state,
-                                       &olen ) ) != 0 )
-    {
-        goto exit;
-    }
-
-    memcpy( output, state, block_size );
-
-exit:
-    /* Wipe the generated keys on the stack, and any other transients to avoid
-     * side channel leakage */
-    mbedtls_platform_zeroize( K1, sizeof( K1 ) );
-    mbedtls_platform_zeroize( K2, sizeof( K2 ) );
-
-    cmac_ctx->unprocessed_len = 0;
-    mbedtls_platform_zeroize( cmac_ctx->unprocessed_block,
-                              sizeof( cmac_ctx->unprocessed_block ) );
-
-    mbedtls_platform_zeroize( state, MBEDTLS_CIPHER_BLKSIZE_MAX );
-    return( ret );
-}
-
-int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx )
-{
-    mbedtls_cmac_context_t* cmac_ctx;
-
-    if( ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    cmac_ctx = ctx->cmac_ctx;
-
-    /* Reset the internal state */
-    cmac_ctx->unprocessed_len = 0;
-    mbedtls_platform_zeroize( cmac_ctx->unprocessed_block,
-                              sizeof( cmac_ctx->unprocessed_block ) );
-    mbedtls_platform_zeroize( cmac_ctx->state,
-                              sizeof( cmac_ctx->state ) );
-
-    return( 0 );
-}
-
-int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
-                         const unsigned char *key, size_t keylen,
-                         const unsigned char *input, size_t ilen,
-                         unsigned char *output )
-{
-    mbedtls_cipher_context_t ctx;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( cipher_info == NULL || key == NULL || input == NULL || output == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    mbedtls_cipher_init( &ctx );
-
-    if( ( ret = mbedtls_cipher_setup( &ctx, cipher_info ) ) != 0 )
-        goto exit;
-
-    ret = mbedtls_cipher_cmac_starts( &ctx, key, keylen );
-    if( ret != 0 )
-        goto exit;
-
-    ret = mbedtls_cipher_cmac_update( &ctx, input, ilen );
-    if( ret != 0 )
-        goto exit;
-
-    ret = mbedtls_cipher_cmac_finish( &ctx, output );
-
-exit:
-    mbedtls_cipher_free( &ctx );
-
-    return( ret );
-}
-
-#if defined(MBEDTLS_AES_C)
-/*
- * Implementation of AES-CMAC-PRF-128 defined in RFC 4615
- */
-int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_length,
-                              const unsigned char *input, size_t in_len,
-                              unsigned char output[16] )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const mbedtls_cipher_info_t *cipher_info;
-    unsigned char zero_key[MBEDTLS_AES_BLOCK_SIZE];
-    unsigned char int_key[MBEDTLS_AES_BLOCK_SIZE];
-
-    if( key == NULL || input == NULL || output == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB );
-    if( cipher_info == NULL )
-    {
-        /* Failing at this point must be due to a build issue */
-        ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
-        goto exit;
-    }
-
-    if( key_length == MBEDTLS_AES_BLOCK_SIZE )
-    {
-        /* Use key as is */
-        memcpy( int_key, key, MBEDTLS_AES_BLOCK_SIZE );
-    }
-    else
-    {
-        memset( zero_key, 0, MBEDTLS_AES_BLOCK_SIZE );
-
-        ret = mbedtls_cipher_cmac( cipher_info, zero_key, 128, key,
-                                   key_length, int_key );
-        if( ret != 0 )
-            goto exit;
-    }
-
-    ret = mbedtls_cipher_cmac( cipher_info, int_key, 128, input, in_len,
-                               output );
-
-exit:
-    mbedtls_platform_zeroize( int_key, sizeof( int_key ) );
-
-    return( ret );
-}
-#endif /* MBEDTLS_AES_C */
-
-#endif /* !MBEDTLS_CMAC_ALT */
-
-#if defined(MBEDTLS_SELF_TEST)
-/*
- * CMAC test data for SP800-38B
- * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/AES_CMAC.pdf
- * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/TDES_CMAC.pdf
- *
- * AES-CMAC-PRF-128 test data from RFC 4615
- * https://tools.ietf.org/html/rfc4615#page-4
- */
-
-#define NB_CMAC_TESTS_PER_KEY 4
-#define NB_PRF_TESTS 3
-
-#if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C)
-/* All CMAC test inputs are truncated from the same 64 byte buffer. */
-static const unsigned char test_message[] = {
-    /* PT */
-    0x6b, 0xc1, 0xbe, 0xe2,     0x2e, 0x40, 0x9f, 0x96,
-    0xe9, 0x3d, 0x7e, 0x11,     0x73, 0x93, 0x17, 0x2a,
-    0xae, 0x2d, 0x8a, 0x57,     0x1e, 0x03, 0xac, 0x9c,
-    0x9e, 0xb7, 0x6f, 0xac,     0x45, 0xaf, 0x8e, 0x51,
-    0x30, 0xc8, 0x1c, 0x46,     0xa3, 0x5c, 0xe4, 0x11,
-    0xe5, 0xfb, 0xc1, 0x19,     0x1a, 0x0a, 0x52, 0xef,
-    0xf6, 0x9f, 0x24, 0x45,     0xdf, 0x4f, 0x9b, 0x17,
-    0xad, 0x2b, 0x41, 0x7b,     0xe6, 0x6c, 0x37, 0x10
-};
-#endif /* MBEDTLS_AES_C || MBEDTLS_DES_C */
-
-#if defined(MBEDTLS_AES_C)
-/* Truncation point of message for AES CMAC tests  */
-static const  unsigned int  aes_message_lengths[NB_CMAC_TESTS_PER_KEY] = {
-    /* Mlen */
-    0,
-    16,
-    20,
-    64
-};
-
-/* CMAC-AES128 Test Data */
-static const unsigned char aes_128_key[16] = {
-    0x2b, 0x7e, 0x15, 0x16,     0x28, 0xae, 0xd2, 0xa6,
-    0xab, 0xf7, 0x15, 0x88,     0x09, 0xcf, 0x4f, 0x3c
-};
-static const unsigned char aes_128_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
-    {
-        /* K1 */
-        0xfb, 0xee, 0xd6, 0x18,     0x35, 0x71, 0x33, 0x66,
-        0x7c, 0x85, 0xe0, 0x8f,     0x72, 0x36, 0xa8, 0xde
-    },
-    {
-        /* K2 */
-        0xf7, 0xdd, 0xac, 0x30,     0x6a, 0xe2, 0x66, 0xcc,
-        0xf9, 0x0b, 0xc1, 0x1e,     0xe4, 0x6d, 0x51, 0x3b
-    }
-};
-static const unsigned char aes_128_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = {
-    {
-        /* Example #1 */
-        0xbb, 0x1d, 0x69, 0x29,     0xe9, 0x59, 0x37, 0x28,
-        0x7f, 0xa3, 0x7d, 0x12,     0x9b, 0x75, 0x67, 0x46
-    },
-    {
-        /* Example #2 */
-        0x07, 0x0a, 0x16, 0xb4,     0x6b, 0x4d, 0x41, 0x44,
-        0xf7, 0x9b, 0xdd, 0x9d,     0xd0, 0x4a, 0x28, 0x7c
-    },
-    {
-        /* Example #3 */
-        0x7d, 0x85, 0x44, 0x9e,     0xa6, 0xea, 0x19, 0xc8,
-        0x23, 0xa7, 0xbf, 0x78,     0x83, 0x7d, 0xfa, 0xde
-    },
-    {
-        /* Example #4 */
-        0x51, 0xf0, 0xbe, 0xbf,     0x7e, 0x3b, 0x9d, 0x92,
-        0xfc, 0x49, 0x74, 0x17,     0x79, 0x36, 0x3c, 0xfe
-    }
-};
-
-/* CMAC-AES192 Test Data */
-static const unsigned char aes_192_key[24] = {
-    0x8e, 0x73, 0xb0, 0xf7,     0xda, 0x0e, 0x64, 0x52,
-    0xc8, 0x10, 0xf3, 0x2b,     0x80, 0x90, 0x79, 0xe5,
-    0x62, 0xf8, 0xea, 0xd2,     0x52, 0x2c, 0x6b, 0x7b
-};
-static const unsigned char aes_192_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
-    {
-        /* K1 */
-        0x44, 0x8a, 0x5b, 0x1c,     0x93, 0x51, 0x4b, 0x27,
-        0x3e, 0xe6, 0x43, 0x9d,     0xd4, 0xda, 0xa2, 0x96
-    },
-    {
-        /* K2 */
-        0x89, 0x14, 0xb6, 0x39,     0x26, 0xa2, 0x96, 0x4e,
-        0x7d, 0xcc, 0x87, 0x3b,     0xa9, 0xb5, 0x45, 0x2c
-    }
-};
-static const unsigned char aes_192_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = {
-    {
-        /* Example #1 */
-        0xd1, 0x7d, 0xdf, 0x46,     0xad, 0xaa, 0xcd, 0xe5,
-        0x31, 0xca, 0xc4, 0x83,     0xde, 0x7a, 0x93, 0x67
-    },
-    {
-        /* Example #2 */
-        0x9e, 0x99, 0xa7, 0xbf,     0x31, 0xe7, 0x10, 0x90,
-        0x06, 0x62, 0xf6, 0x5e,     0x61, 0x7c, 0x51, 0x84
-    },
-    {
-        /* Example #3 */
-        0x3d, 0x75, 0xc1, 0x94,     0xed, 0x96, 0x07, 0x04,
-        0x44, 0xa9, 0xfa, 0x7e,     0xc7, 0x40, 0xec, 0xf8
-    },
-    {
-        /* Example #4 */
-        0xa1, 0xd5, 0xdf, 0x0e,     0xed, 0x79, 0x0f, 0x79,
-        0x4d, 0x77, 0x58, 0x96,     0x59, 0xf3, 0x9a, 0x11
-    }
-};
-
-/* CMAC-AES256 Test Data */
-static const unsigned char aes_256_key[32] = {
-    0x60, 0x3d, 0xeb, 0x10,     0x15, 0xca, 0x71, 0xbe,
-    0x2b, 0x73, 0xae, 0xf0,     0x85, 0x7d, 0x77, 0x81,
-    0x1f, 0x35, 0x2c, 0x07,     0x3b, 0x61, 0x08, 0xd7,
-    0x2d, 0x98, 0x10, 0xa3,     0x09, 0x14, 0xdf, 0xf4
-};
-static const unsigned char aes_256_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
-    {
-        /* K1 */
-        0xca, 0xd1, 0xed, 0x03,     0x29, 0x9e, 0xed, 0xac,
-        0x2e, 0x9a, 0x99, 0x80,     0x86, 0x21, 0x50, 0x2f
-    },
-    {
-        /* K2 */
-        0x95, 0xa3, 0xda, 0x06,     0x53, 0x3d, 0xdb, 0x58,
-        0x5d, 0x35, 0x33, 0x01,     0x0c, 0x42, 0xa0, 0xd9
-    }
-};
-static const unsigned char aes_256_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = {
-    {
-        /* Example #1 */
-        0x02, 0x89, 0x62, 0xf6,     0x1b, 0x7b, 0xf8, 0x9e,
-        0xfc, 0x6b, 0x55, 0x1f,     0x46, 0x67, 0xd9, 0x83
-    },
-    {
-        /* Example #2 */
-        0x28, 0xa7, 0x02, 0x3f,     0x45, 0x2e, 0x8f, 0x82,
-        0xbd, 0x4b, 0xf2, 0x8d,     0x8c, 0x37, 0xc3, 0x5c
-    },
-    {
-        /* Example #3 */
-        0x15, 0x67, 0x27, 0xdc,     0x08, 0x78, 0x94, 0x4a,
-        0x02, 0x3c, 0x1f, 0xe0,     0x3b, 0xad, 0x6d, 0x93
-    },
-    {
-        /* Example #4 */
-        0xe1, 0x99, 0x21, 0x90,     0x54, 0x9f, 0x6e, 0xd5,
-        0x69, 0x6a, 0x2c, 0x05,     0x6c, 0x31, 0x54, 0x10
-    }
-};
-#endif /* MBEDTLS_AES_C */
-
-#if defined(MBEDTLS_DES_C)
-/* Truncation point of message for 3DES CMAC tests  */
-static const unsigned int des3_message_lengths[NB_CMAC_TESTS_PER_KEY] = {
-    0,
-    16,
-    20,
-    32
-};
-
-/* CMAC-TDES (Generation) - 2 Key Test Data */
-static const unsigned char des3_2key_key[24] = {
-    /* Key1 */
-    0x01, 0x23, 0x45, 0x67,     0x89, 0xab, 0xcd, 0xef,
-    /* Key2 */
-    0x23, 0x45, 0x67, 0x89,     0xab, 0xcd, 0xEF, 0x01,
-    /* Key3 */
-    0x01, 0x23, 0x45, 0x67,     0x89, 0xab, 0xcd, 0xef
-};
-static const unsigned char des3_2key_subkeys[2][8] = {
-    {
-        /* K1 */
-        0x0d, 0xd2, 0xcb, 0x7a,     0x3d, 0x88, 0x88, 0xd9
-    },
-    {
-        /* K2 */
-        0x1b, 0xa5, 0x96, 0xf4,     0x7b, 0x11, 0x11, 0xb2
-    }
-};
-static const unsigned char des3_2key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] = {
-    {
-        /* Sample #1 */
-        0x79, 0xce, 0x52, 0xa7,     0xf7, 0x86, 0xa9, 0x60
-    },
-    {
-        /* Sample #2 */
-        0xcc, 0x18, 0xa0, 0xb7,     0x9a, 0xf2, 0x41, 0x3b
-    },
-    {
-        /* Sample #3 */
-        0xc0, 0x6d, 0x37, 0x7e,     0xcd, 0x10, 0x19, 0x69
-    },
-    {
-        /* Sample #4 */
-        0x9c, 0xd3, 0x35, 0x80,     0xf9, 0xb6, 0x4d, 0xfb
-    }
-};
-
-/* CMAC-TDES (Generation) - 3 Key Test Data */
-static const unsigned char des3_3key_key[24] = {
-    /* Key1 */
-    0x01, 0x23, 0x45, 0x67,     0x89, 0xaa, 0xcd, 0xef,
-    /* Key2 */
-    0x23, 0x45, 0x67, 0x89,     0xab, 0xcd, 0xef, 0x01,
-    /* Key3 */
-    0x45, 0x67, 0x89, 0xab,     0xcd, 0xef, 0x01, 0x23
-};
-static const unsigned char des3_3key_subkeys[2][8] = {
-    {
-        /* K1 */
-        0x9d, 0x74, 0xe7, 0x39,     0x33, 0x17, 0x96, 0xc0
-    },
-    {
-        /* K2 */
-        0x3a, 0xe9, 0xce, 0x72,     0x66, 0x2f, 0x2d, 0x9b
-    }
-};
-static const unsigned char des3_3key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] = {
-    {
-        /* Sample #1 */
-        0x7d, 0xb0, 0xd3, 0x7d,     0xf9, 0x36, 0xc5, 0x50
-    },
-    {
-        /* Sample #2 */
-        0x30, 0x23, 0x9c, 0xf1,     0xf5, 0x2e, 0x66, 0x09
-    },
-    {
-        /* Sample #3 */
-        0x6c, 0x9f, 0x3e, 0xe4,     0x92, 0x3f, 0x6b, 0xe2
-    },
-    {
-        /* Sample #4 */
-        0x99, 0x42, 0x9b, 0xd0,     0xbF, 0x79, 0x04, 0xe5
-    }
-};
-
-#endif /* MBEDTLS_DES_C */
-
-#if defined(MBEDTLS_AES_C)
-/* AES AES-CMAC-PRF-128 Test Data */
-static const unsigned char PRFK[] = {
-    /* Key */
-    0x00, 0x01, 0x02, 0x03,     0x04, 0x05, 0x06, 0x07,
-    0x08, 0x09, 0x0a, 0x0b,     0x0c, 0x0d, 0x0e, 0x0f,
-    0xed, 0xcb
-};
-
-/* Sizes in bytes */
-static const size_t PRFKlen[NB_PRF_TESTS] = {
-    18,
-    16,
-    10
-};
-
-/* Message */
-static const unsigned char PRFM[] = {
-    0x00, 0x01, 0x02, 0x03,     0x04, 0x05, 0x06, 0x07,
-    0x08, 0x09, 0x0a, 0x0b,     0x0c, 0x0d, 0x0e, 0x0f,
-    0x10, 0x11, 0x12, 0x13
-};
-
-static const unsigned char PRFT[NB_PRF_TESTS][16] = {
-    {
-        0x84, 0xa3, 0x48, 0xa4,     0xa4, 0x5d, 0x23, 0x5b,
-        0xab, 0xff, 0xfc, 0x0d,     0x2b, 0x4d, 0xa0, 0x9a
-    },
-    {
-        0x98, 0x0a, 0xe8, 0x7b,     0x5f, 0x4c, 0x9c, 0x52,
-        0x14, 0xf5, 0xb6, 0xa8,     0x45, 0x5e, 0x4c, 0x2d
-    },
-    {
-        0x29, 0x0d, 0x9e, 0x11,     0x2e, 0xdb, 0x09, 0xee,
-        0x14, 0x1f, 0xcf, 0x64,     0xc0, 0xb7, 0x2f, 0x3d
-    }
-};
-#endif /* MBEDTLS_AES_C */
-
-static int cmac_test_subkeys( int verbose,
-                              const char* testname,
-                              const unsigned char* key,
-                              int keybits,
-                              const unsigned char* subkeys,
-                              mbedtls_cipher_type_t cipher_type,
-                              int block_size,
-                              int num_tests )
-{
-    int i, ret = 0;
-    mbedtls_cipher_context_t ctx;
-    const mbedtls_cipher_info_t *cipher_info;
-    unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX];
-    unsigned char K2[MBEDTLS_CIPHER_BLKSIZE_MAX];
-
-    cipher_info = mbedtls_cipher_info_from_type( cipher_type );
-    if( cipher_info == NULL )
-    {
-        /* Failing at this point must be due to a build issue */
-        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-    }
-
-    for( i = 0; i < num_tests; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  %s CMAC subkey #%d: ", testname, i + 1 );
-
-        mbedtls_cipher_init( &ctx );
-
-        if( ( ret = mbedtls_cipher_setup( &ctx, cipher_info ) ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "test execution failed\n" );
-
-            goto cleanup;
-        }
-
-        if( ( ret = mbedtls_cipher_setkey( &ctx, key, keybits,
-                                       MBEDTLS_ENCRYPT ) ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "test execution failed\n" );
-
-            goto cleanup;
-        }
-
-        ret = cmac_generate_subkeys( &ctx, K1, K2 );
-        if( ret != 0 )
-        {
-           if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
-
-            goto cleanup;
-        }
-
-        if( ( ret = memcmp( K1, subkeys, block_size ) ) != 0  ||
-            ( ret = memcmp( K2, &subkeys[block_size], block_size ) ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
-
-            goto cleanup;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-
-        mbedtls_cipher_free( &ctx );
-    }
-
-    ret = 0;
-    goto exit;
-
-cleanup:
-    mbedtls_cipher_free( &ctx );
-
-exit:
-    return( ret );
-}
-
-static int cmac_test_wth_cipher( int verbose,
-                                 const char* testname,
-                                 const unsigned char* key,
-                                 int keybits,
-                                 const unsigned char* messages,
-                                 const unsigned int message_lengths[4],
-                                 const unsigned char* expected_result,
-                                 mbedtls_cipher_type_t cipher_type,
-                                 int block_size,
-                                 int num_tests )
-{
-    const mbedtls_cipher_info_t *cipher_info;
-    int i, ret = 0;
-    unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX];
-
-    cipher_info = mbedtls_cipher_info_from_type( cipher_type );
-    if( cipher_info == NULL )
-    {
-        /* Failing at this point must be due to a build issue */
-        ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
-        goto exit;
-    }
-
-    for( i = 0; i < num_tests; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  %s CMAC #%d: ", testname, i + 1 );
-
-        if( ( ret = mbedtls_cipher_cmac( cipher_info, key, keybits, messages,
-                                         message_lengths[i], output ) ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
-            goto exit;
-        }
-
-        if( ( ret = memcmp( output, &expected_result[i * block_size], block_size ) ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
-            goto exit;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-    ret = 0;
-
-exit:
-    return( ret );
-}
-
-#if defined(MBEDTLS_AES_C)
-static int test_aes128_cmac_prf( int verbose )
-{
-    int i;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char output[MBEDTLS_AES_BLOCK_SIZE];
-
-    for( i = 0; i < NB_PRF_TESTS; i++ )
-    {
-        mbedtls_printf( "  AES CMAC 128 PRF #%d: ", i );
-        ret = mbedtls_aes_cmac_prf_128( PRFK, PRFKlen[i], PRFM, 20, output );
-        if( ret != 0 ||
-            memcmp( output, PRFT[i], MBEDTLS_AES_BLOCK_SIZE ) != 0 )
-        {
-
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
-
-            return( ret );
-        }
-        else if( verbose != 0 )
-        {
-            mbedtls_printf( "passed\n" );
-        }
-    }
-    return( ret );
-}
-#endif /* MBEDTLS_AES_C */
-
-int mbedtls_cmac_self_test( int verbose )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-#if defined(MBEDTLS_AES_C)
-    /* AES-128 */
-    if( ( ret = cmac_test_subkeys( verbose,
-                                   "AES 128",
-                                   aes_128_key,
-                                   128,
-                                   (const unsigned char*)aes_128_subkeys,
-                                   MBEDTLS_CIPHER_AES_128_ECB,
-                                   MBEDTLS_AES_BLOCK_SIZE,
-                                   NB_CMAC_TESTS_PER_KEY ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    if( ( ret = cmac_test_wth_cipher( verbose,
-                                      "AES 128",
-                                      aes_128_key,
-                                      128,
-                                      test_message,
-                                      aes_message_lengths,
-                                      (const unsigned char*)aes_128_expected_result,
-                                      MBEDTLS_CIPHER_AES_128_ECB,
-                                      MBEDTLS_AES_BLOCK_SIZE,
-                                      NB_CMAC_TESTS_PER_KEY ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    /* AES-192 */
-    if( ( ret = cmac_test_subkeys( verbose,
-                                   "AES 192",
-                                   aes_192_key,
-                                   192,
-                                   (const unsigned char*)aes_192_subkeys,
-                                   MBEDTLS_CIPHER_AES_192_ECB,
-                                   MBEDTLS_AES_BLOCK_SIZE,
-                                   NB_CMAC_TESTS_PER_KEY ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    if( ( ret = cmac_test_wth_cipher( verbose,
-                                      "AES 192",
-                                      aes_192_key,
-                                      192,
-                                      test_message,
-                                      aes_message_lengths,
-                                      (const unsigned char*)aes_192_expected_result,
-                                      MBEDTLS_CIPHER_AES_192_ECB,
-                                      MBEDTLS_AES_BLOCK_SIZE,
-                                      NB_CMAC_TESTS_PER_KEY ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    /* AES-256 */
-    if( ( ret = cmac_test_subkeys( verbose,
-                                   "AES 256",
-                                   aes_256_key,
-                                   256,
-                                   (const unsigned char*)aes_256_subkeys,
-                                   MBEDTLS_CIPHER_AES_256_ECB,
-                                   MBEDTLS_AES_BLOCK_SIZE,
-                                   NB_CMAC_TESTS_PER_KEY ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    if( ( ret = cmac_test_wth_cipher ( verbose,
-                                       "AES 256",
-                                       aes_256_key,
-                                       256,
-                                       test_message,
-                                       aes_message_lengths,
-                                       (const unsigned char*)aes_256_expected_result,
-                                       MBEDTLS_CIPHER_AES_256_ECB,
-                                       MBEDTLS_AES_BLOCK_SIZE,
-                                       NB_CMAC_TESTS_PER_KEY ) ) != 0 )
-    {
-        return( ret );
-    }
-#endif /* MBEDTLS_AES_C */
-
-#if defined(MBEDTLS_DES_C)
-    /* 3DES 2 key */
-    if( ( ret = cmac_test_subkeys( verbose,
-                                   "3DES 2 key",
-                                   des3_2key_key,
-                                   192,
-                                   (const unsigned char*)des3_2key_subkeys,
-                                   MBEDTLS_CIPHER_DES_EDE3_ECB,
-                                   MBEDTLS_DES3_BLOCK_SIZE,
-                                   NB_CMAC_TESTS_PER_KEY ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    if( ( ret = cmac_test_wth_cipher( verbose,
-                                      "3DES 2 key",
-                                      des3_2key_key,
-                                      192,
-                                      test_message,
-                                      des3_message_lengths,
-                                      (const unsigned char*)des3_2key_expected_result,
-                                      MBEDTLS_CIPHER_DES_EDE3_ECB,
-                                      MBEDTLS_DES3_BLOCK_SIZE,
-                                      NB_CMAC_TESTS_PER_KEY ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    /* 3DES 3 key */
-    if( ( ret = cmac_test_subkeys( verbose,
-                                   "3DES 3 key",
-                                   des3_3key_key,
-                                   192,
-                                   (const unsigned char*)des3_3key_subkeys,
-                                   MBEDTLS_CIPHER_DES_EDE3_ECB,
-                                   MBEDTLS_DES3_BLOCK_SIZE,
-                                   NB_CMAC_TESTS_PER_KEY ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    if( ( ret = cmac_test_wth_cipher( verbose,
-                                      "3DES 3 key",
-                                      des3_3key_key,
-                                      192,
-                                      test_message,
-                                      des3_message_lengths,
-                                      (const unsigned char*)des3_3key_expected_result,
-                                      MBEDTLS_CIPHER_DES_EDE3_ECB,
-                                      MBEDTLS_DES3_BLOCK_SIZE,
-                                      NB_CMAC_TESTS_PER_KEY ) ) != 0 )
-    {
-        return( ret );
-    }
-#endif /* MBEDTLS_DES_C */
-
-#if defined(MBEDTLS_AES_C)
-    if( ( ret = test_aes128_cmac_prf( verbose ) ) != 0 )
-        return( ret );
-#endif /* MBEDTLS_AES_C */
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-    return( 0 );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_CMAC_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/common.h b/3rdparty/mbedtls-2.25.0/library/common.h
deleted file mode 100644
index 5845766..0000000
--- a/3rdparty/mbedtls-2.25.0/library/common.h
+++ /dev/null
@@ -1,53 +0,0 @@
-/**
- * \file common.h
- *
- * \brief Utility macros for internal use in the library
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef MBEDTLS_LIBRARY_COMMON_H
-#define MBEDTLS_LIBRARY_COMMON_H
-
-#if defined(MBEDTLS_CONFIG_FILE)
-#include MBEDTLS_CONFIG_FILE
-#else
-#include "mbedtls/config.h"
-#endif
-
-/** Helper to define a function as static except when building invasive tests.
- *
- * If a function is only used inside its own source file and should be
- * declared `static` to allow the compiler to optimize for code size,
- * but that function has unit tests, define it with
- * ```
- * MBEDTLS_STATIC_TESTABLE int mbedtls_foo(...) { ... }
- * ```
- * and declare it in a header in the `library/` directory with
- * ```
- * #if defined(MBEDTLS_TEST_HOOKS)
- * int mbedtls_foo(...);
- * #endif
- * ```
- */
-#if defined(MBEDTLS_TEST_HOOKS)
-#define MBEDTLS_STATIC_TESTABLE
-#else
-#define MBEDTLS_STATIC_TESTABLE static
-#endif
-
-#endif /* MBEDTLS_LIBRARY_COMMON_H */
diff --git a/3rdparty/mbedtls-2.25.0/library/ctr_drbg.c b/3rdparty/mbedtls-2.25.0/library/ctr_drbg.c
deleted file mode 100644
index 023aac5..0000000
--- a/3rdparty/mbedtls-2.25.0/library/ctr_drbg.c
+++ /dev/null
@@ -1,819 +0,0 @@
-/*
- *  CTR_DRBG implementation based on AES-256 (NIST SP 800-90)
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  The NIST SP 800-90 DRBGs are described in the following publication.
- *
- *  http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_CTR_DRBG_C)
-
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_FS_IO)
-#include <stdio.h>
-#endif
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-/*
- * CTR_DRBG context initialization
- */
-void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx )
-{
-    memset( ctx, 0, sizeof( mbedtls_ctr_drbg_context ) );
-    /* Indicate that the entropy nonce length is not set explicitly.
-     * See mbedtls_ctr_drbg_set_nonce_len(). */
-    ctx->reseed_counter = -1;
-
-    ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL;
-
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_mutex_init( &ctx->mutex );
-#endif
-}
-
-/*
- *  This function resets CTR_DRBG context to the state immediately
- *  after initial call of mbedtls_ctr_drbg_init().
- */
-void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_mutex_free( &ctx->mutex );
-#endif
-    mbedtls_aes_free( &ctx->aes_ctx );
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ctr_drbg_context ) );
-    ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL;
-    ctx->reseed_counter = -1;
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_mutex_init( &ctx->mutex );
-#endif
-}
-
-void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx,
-                                                 int resistance )
-{
-    ctx->prediction_resistance = resistance;
-}
-
-void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx,
-                                       size_t len )
-{
-    ctx->entropy_len = len;
-}
-
-int mbedtls_ctr_drbg_set_nonce_len( mbedtls_ctr_drbg_context *ctx,
-                                    size_t len )
-{
-    /* If mbedtls_ctr_drbg_seed() has already been called, it's
-     * too late. Return the error code that's closest to making sense. */
-    if( ctx->f_entropy != NULL )
-        return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED );
-
-    if( len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT )
-        return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
-#if SIZE_MAX > INT_MAX
-    /* This shouldn't be an issue because
-     * MBEDTLS_CTR_DRBG_MAX_SEED_INPUT < INT_MAX in any sensible
-     * configuration, but make sure anyway. */
-    if( len > INT_MAX )
-        return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
-#endif
-
-    /* For backward compatibility with Mbed TLS <= 2.19, store the
-     * entropy nonce length in a field that already exists, but isn't
-     * used until after the initial seeding. */
-    /* Due to the capping of len above, the value fits in an int. */
-    ctx->reseed_counter = (int) len;
-    return( 0 );
-}
-
-void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx,
-                                           int interval )
-{
-    ctx->reseed_interval = interval;
-}
-
-static int block_cipher_df( unsigned char *output,
-                            const unsigned char *data, size_t data_len )
-{
-    unsigned char buf[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT +
-                      MBEDTLS_CTR_DRBG_BLOCKSIZE + 16];
-    unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
-    unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE];
-    unsigned char chain[MBEDTLS_CTR_DRBG_BLOCKSIZE];
-    unsigned char *p, *iv;
-    mbedtls_aes_context aes_ctx;
-    int ret = 0;
-
-    int i, j;
-    size_t buf_len, use_len;
-
-    if( data_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT )
-        return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
-
-    memset( buf, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT +
-            MBEDTLS_CTR_DRBG_BLOCKSIZE + 16 );
-    mbedtls_aes_init( &aes_ctx );
-
-    /*
-     * Construct IV (16 bytes) and S in buffer
-     * IV = Counter (in 32-bits) padded to 16 with zeroes
-     * S = Length input string (in 32-bits) || Length of output (in 32-bits) ||
-     *     data || 0x80
-     *     (Total is padded to a multiple of 16-bytes with zeroes)
-     */
-    p = buf + MBEDTLS_CTR_DRBG_BLOCKSIZE;
-    *p++ = ( data_len >> 24 ) & 0xff;
-    *p++ = ( data_len >> 16 ) & 0xff;
-    *p++ = ( data_len >> 8  ) & 0xff;
-    *p++ = ( data_len       ) & 0xff;
-    p += 3;
-    *p++ = MBEDTLS_CTR_DRBG_SEEDLEN;
-    memcpy( p, data, data_len );
-    p[data_len] = 0x80;
-
-    buf_len = MBEDTLS_CTR_DRBG_BLOCKSIZE + 8 + data_len + 1;
-
-    for( i = 0; i < MBEDTLS_CTR_DRBG_KEYSIZE; i++ )
-        key[i] = i;
-
-    if( ( ret = mbedtls_aes_setkey_enc( &aes_ctx, key,
-                                        MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
-    {
-        goto exit;
-    }
-
-    /*
-     * Reduce data to MBEDTLS_CTR_DRBG_SEEDLEN bytes of data
-     */
-    for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE )
-    {
-        p = buf;
-        memset( chain, 0, MBEDTLS_CTR_DRBG_BLOCKSIZE );
-        use_len = buf_len;
-
-        while( use_len > 0 )
-        {
-            for( i = 0; i < MBEDTLS_CTR_DRBG_BLOCKSIZE; i++ )
-                chain[i] ^= p[i];
-            p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
-            use_len -= ( use_len >= MBEDTLS_CTR_DRBG_BLOCKSIZE ) ?
-                       MBEDTLS_CTR_DRBG_BLOCKSIZE : use_len;
-
-            if( ( ret = mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT,
-                                               chain, chain ) ) != 0 )
-            {
-                goto exit;
-            }
-        }
-
-        memcpy( tmp + j, chain, MBEDTLS_CTR_DRBG_BLOCKSIZE );
-
-        /*
-         * Update IV
-         */
-        buf[3]++;
-    }
-
-    /*
-     * Do final encryption with reduced data
-     */
-    if( ( ret = mbedtls_aes_setkey_enc( &aes_ctx, tmp,
-                                        MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
-    {
-        goto exit;
-    }
-    iv = tmp + MBEDTLS_CTR_DRBG_KEYSIZE;
-    p = output;
-
-    for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE )
-    {
-        if( ( ret = mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT,
-                                           iv, iv ) ) != 0 )
-        {
-            goto exit;
-        }
-        memcpy( p, iv, MBEDTLS_CTR_DRBG_BLOCKSIZE );
-        p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
-    }
-exit:
-    mbedtls_aes_free( &aes_ctx );
-    /*
-    * tidy up the stack
-    */
-    mbedtls_platform_zeroize( buf, sizeof( buf ) );
-    mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
-    mbedtls_platform_zeroize( key, sizeof( key ) );
-    mbedtls_platform_zeroize( chain, sizeof( chain ) );
-    if( 0 != ret )
-    {
-        /*
-        * wipe partial seed from memory
-        */
-        mbedtls_platform_zeroize( output, MBEDTLS_CTR_DRBG_SEEDLEN );
-    }
-
-    return( ret );
-}
-
-/* CTR_DRBG_Update (SP 800-90A &sect;10.2.1.2)
- * ctr_drbg_update_internal(ctx, provided_data)
- * implements
- * CTR_DRBG_Update(provided_data, Key, V)
- * with inputs and outputs
- *   ctx->aes_ctx = Key
- *   ctx->counter = V
- */
-static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx,
-                          const unsigned char data[MBEDTLS_CTR_DRBG_SEEDLEN] )
-{
-    unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
-    unsigned char *p = tmp;
-    int i, j;
-    int ret = 0;
-
-    memset( tmp, 0, MBEDTLS_CTR_DRBG_SEEDLEN );
-
-    for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE )
-    {
-        /*
-         * Increase counter
-         */
-        for( i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i-- )
-            if( ++ctx->counter[i - 1] != 0 )
-                break;
-
-        /*
-         * Crypt counter block
-         */
-        if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT,
-                                           ctx->counter, p ) ) != 0 )
-        {
-            goto exit;
-        }
-
-        p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
-    }
-
-    for( i = 0; i < MBEDTLS_CTR_DRBG_SEEDLEN; i++ )
-        tmp[i] ^= data[i];
-
-    /*
-     * Update key and counter
-     */
-    if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp,
-                                        MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
-    {
-        goto exit;
-    }
-    memcpy( ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE,
-            MBEDTLS_CTR_DRBG_BLOCKSIZE );
-
-exit:
-    mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
-    return( ret );
-}
-
-/* CTR_DRBG_Instantiate with derivation function (SP 800-90A &sect;10.2.1.3.2)
- * mbedtls_ctr_drbg_update(ctx, additional, add_len)
- * implements
- * CTR_DRBG_Instantiate(entropy_input, nonce, personalization_string,
- *                      security_strength) -> initial_working_state
- * with inputs
- *   ctx->counter = all-bits-0
- *   ctx->aes_ctx = context from all-bits-0 key
- *   additional[:add_len] = entropy_input || nonce || personalization_string
- * and with outputs
- *   ctx = initial_working_state
- */
-int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx,
-                                 const unsigned char *additional,
-                                 size_t add_len )
-{
-    unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN];
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( add_len == 0 )
-        return( 0 );
-
-    if( ( ret = block_cipher_df( add_input, additional, add_len ) ) != 0 )
-        goto exit;
-    if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 )
-        goto exit;
-
-exit:
-    mbedtls_platform_zeroize( add_input, sizeof( add_input ) );
-    return( ret );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx,
-                              const unsigned char *additional,
-                              size_t add_len )
-{
-    /* MAX_INPUT would be more logical here, but we have to match
-     * block_cipher_df()'s limits since we can't propagate errors */
-    if( add_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT )
-        add_len = MBEDTLS_CTR_DRBG_MAX_SEED_INPUT;
-    (void) mbedtls_ctr_drbg_update_ret( ctx, additional, add_len );
-}
-#endif /* MBEDTLS_DEPRECATED_REMOVED */
-
-/* CTR_DRBG_Reseed with derivation function (SP 800-90A &sect;10.2.1.4.2)
- * mbedtls_ctr_drbg_reseed(ctx, additional, len, nonce_len)
- * implements
- * CTR_DRBG_Reseed(working_state, entropy_input, additional_input)
- *                -> new_working_state
- * with inputs
- *   ctx contains working_state
- *   additional[:len] = additional_input
- * and entropy_input comes from calling ctx->f_entropy
- *                              for (ctx->entropy_len + nonce_len) bytes
- * and with output
- *   ctx contains new_working_state
- */
-static int mbedtls_ctr_drbg_reseed_internal( mbedtls_ctr_drbg_context *ctx,
-                                             const unsigned char *additional,
-                                             size_t len,
-                                             size_t nonce_len )
-{
-    unsigned char seed[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT];
-    size_t seedlen = 0;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ctx->entropy_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT )
-        return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
-    if( nonce_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len )
-        return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
-    if( len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len - nonce_len )
-        return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
-
-    memset( seed, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT );
-
-    /* Gather entropy_len bytes of entropy to seed state. */
-    if( 0 != ctx->f_entropy( ctx->p_entropy, seed, ctx->entropy_len ) )
-    {
-        return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED );
-    }
-    seedlen += ctx->entropy_len;
-
-    /* Gather entropy for a nonce if requested. */
-    if( nonce_len != 0 )
-    {
-        if( 0 != ctx->f_entropy( ctx->p_entropy, seed, nonce_len ) )
-        {
-            return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED );
-        }
-        seedlen += nonce_len;
-    }
-
-    /* Add additional data if provided. */
-    if( additional != NULL && len != 0 )
-    {
-        memcpy( seed + seedlen, additional, len );
-        seedlen += len;
-    }
-
-    /* Reduce to 384 bits. */
-    if( ( ret = block_cipher_df( seed, seed, seedlen ) ) != 0 )
-        goto exit;
-
-    /* Update state. */
-    if( ( ret = ctr_drbg_update_internal( ctx, seed ) ) != 0 )
-        goto exit;
-    ctx->reseed_counter = 1;
-
-exit:
-    mbedtls_platform_zeroize( seed, sizeof( seed ) );
-    return( ret );
-}
-
-int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
-                             const unsigned char *additional, size_t len )
-{
-    return( mbedtls_ctr_drbg_reseed_internal( ctx, additional, len, 0 ) );
-}
-
-/* Return a "good" nonce length for CTR_DRBG. The chosen nonce length
- * is sufficient to achieve the maximum security strength given the key
- * size and entropy length. If there is enough entropy in the initial
- * call to the entropy function to serve as both the entropy input and
- * the nonce, don't make a second call to get a nonce. */
-static size_t good_nonce_len( size_t entropy_len )
-{
-    if( entropy_len >= MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2 )
-        return( 0 );
-    else
-        return( ( entropy_len + 1 ) / 2 );
-}
-
-/* CTR_DRBG_Instantiate with derivation function (SP 800-90A &sect;10.2.1.3.2)
- * mbedtls_ctr_drbg_seed(ctx, f_entropy, p_entropy, custom, len)
- * implements
- * CTR_DRBG_Instantiate(entropy_input, nonce, personalization_string,
- *                      security_strength) -> initial_working_state
- * with inputs
- *   custom[:len] = nonce || personalization_string
- * where entropy_input comes from f_entropy for ctx->entropy_len bytes
- * and with outputs
- *   ctx = initial_working_state
- */
-int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx,
-                           int (*f_entropy)(void *, unsigned char *, size_t),
-                           void *p_entropy,
-                           const unsigned char *custom,
-                           size_t len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE];
-    size_t nonce_len;
-
-    memset( key, 0, MBEDTLS_CTR_DRBG_KEYSIZE );
-
-    mbedtls_aes_init( &ctx->aes_ctx );
-
-    ctx->f_entropy = f_entropy;
-    ctx->p_entropy = p_entropy;
-
-    if( ctx->entropy_len == 0 )
-        ctx->entropy_len = MBEDTLS_CTR_DRBG_ENTROPY_LEN;
-    /* ctx->reseed_counter contains the desired amount of entropy to
-     * grab for a nonce (see mbedtls_ctr_drbg_set_nonce_len()).
-     * If it's -1, indicating that the entropy nonce length was not set
-     * explicitly, use a sufficiently large nonce for security. */
-    nonce_len = ( ctx->reseed_counter >= 0 ?
-                  (size_t) ctx->reseed_counter :
-                  good_nonce_len( ctx->entropy_len ) );
-
-    /* Initialize with an empty key. */
-    if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, key,
-                                        MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    /* Do the initial seeding. */
-    if( ( ret = mbedtls_ctr_drbg_reseed_internal( ctx, custom, len,
-                                                  nonce_len ) ) != 0 )
-    {
-        return( ret );
-    }
-    return( 0 );
-}
-
-/* CTR_DRBG_Generate with derivation function (SP 800-90A &sect;10.2.1.5.2)
- * mbedtls_ctr_drbg_random_with_add(ctx, output, output_len, additional, add_len)
- * implements
- * CTR_DRBG_Reseed(working_state, entropy_input, additional[:add_len])
- *                -> working_state_after_reseed
- *                if required, then
- * CTR_DRBG_Generate(working_state_after_reseed,
- *                   requested_number_of_bits, additional_input)
- *                -> status, returned_bits, new_working_state
- * with inputs
- *   ctx contains working_state
- *   requested_number_of_bits = 8 * output_len
- *   additional[:add_len] = additional_input
- * and entropy_input comes from calling ctx->f_entropy
- * and with outputs
- *   status = SUCCESS (this function does the reseed internally)
- *   returned_bits = output[:output_len]
- *   ctx contains new_working_state
- */
-int mbedtls_ctr_drbg_random_with_add( void *p_rng,
-                              unsigned char *output, size_t output_len,
-                              const unsigned char *additional, size_t add_len )
-{
-    int ret = 0;
-    mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng;
-    unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN];
-    unsigned char *p = output;
-    unsigned char tmp[MBEDTLS_CTR_DRBG_BLOCKSIZE];
-    int i;
-    size_t use_len;
-
-    if( output_len > MBEDTLS_CTR_DRBG_MAX_REQUEST )
-        return( MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG );
-
-    if( add_len > MBEDTLS_CTR_DRBG_MAX_INPUT )
-        return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
-
-    memset( add_input, 0, MBEDTLS_CTR_DRBG_SEEDLEN );
-
-    if( ctx->reseed_counter > ctx->reseed_interval ||
-        ctx->prediction_resistance )
-    {
-        if( ( ret = mbedtls_ctr_drbg_reseed( ctx, additional, add_len ) ) != 0 )
-        {
-            return( ret );
-        }
-        add_len = 0;
-    }
-
-    if( add_len > 0 )
-    {
-        if( ( ret = block_cipher_df( add_input, additional, add_len ) ) != 0 )
-            goto exit;
-        if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 )
-            goto exit;
-    }
-
-    while( output_len > 0 )
-    {
-        /*
-         * Increase counter
-         */
-        for( i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i-- )
-            if( ++ctx->counter[i - 1] != 0 )
-                break;
-
-        /*
-         * Crypt counter block
-         */
-        if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT,
-                                           ctx->counter, tmp ) ) != 0 )
-        {
-            goto exit;
-        }
-
-        use_len = ( output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE )
-            ? MBEDTLS_CTR_DRBG_BLOCKSIZE : output_len;
-        /*
-         * Copy random block to destination
-         */
-        memcpy( p, tmp, use_len );
-        p += use_len;
-        output_len -= use_len;
-    }
-
-    if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 )
-        goto exit;
-
-    ctx->reseed_counter++;
-
-exit:
-    mbedtls_platform_zeroize( add_input, sizeof( add_input ) );
-    mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
-    return( ret );
-}
-
-int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output,
-                             size_t output_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng;
-
-#if defined(MBEDTLS_THREADING_C)
-    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
-        return( ret );
-#endif
-
-    ret = mbedtls_ctr_drbg_random_with_add( ctx, output, output_len, NULL, 0 );
-
-#if defined(MBEDTLS_THREADING_C)
-    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
-        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
-#endif
-
-    return( ret );
-}
-
-#if defined(MBEDTLS_FS_IO)
-int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx,
-                                      const char *path )
-{
-    int ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
-    FILE *f;
-    unsigned char buf[ MBEDTLS_CTR_DRBG_MAX_INPUT ];
-
-    if( ( f = fopen( path, "wb" ) ) == NULL )
-        return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR );
-
-    if( ( ret = mbedtls_ctr_drbg_random( ctx, buf,
-                                         MBEDTLS_CTR_DRBG_MAX_INPUT ) ) != 0 )
-        goto exit;
-
-    if( fwrite( buf, 1, MBEDTLS_CTR_DRBG_MAX_INPUT, f ) !=
-        MBEDTLS_CTR_DRBG_MAX_INPUT )
-    {
-        ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
-    }
-    else
-    {
-        ret = 0;
-    }
-
-exit:
-    mbedtls_platform_zeroize( buf, sizeof( buf ) );
-
-    fclose( f );
-    return( ret );
-}
-
-int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx,
-                                       const char *path )
-{
-    int ret = 0;
-    FILE *f = NULL;
-    size_t n;
-    unsigned char buf[ MBEDTLS_CTR_DRBG_MAX_INPUT ];
-    unsigned char c;
-
-    if( ( f = fopen( path, "rb" ) ) == NULL )
-        return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR );
-
-    n = fread( buf, 1, sizeof( buf ), f );
-    if( fread( &c, 1, 1, f ) != 0 )
-    {
-        ret = MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG;
-        goto exit;
-    }
-    if( n == 0 || ferror( f ) )
-    {
-        ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
-        goto exit;
-    }
-    fclose( f );
-    f = NULL;
-
-    ret = mbedtls_ctr_drbg_update_ret( ctx, buf, n );
-
-exit:
-    mbedtls_platform_zeroize( buf, sizeof( buf ) );
-    if( f != NULL )
-        fclose( f );
-    if( ret != 0 )
-        return( ret );
-    return( mbedtls_ctr_drbg_write_seed_file( ctx, path ) );
-}
-#endif /* MBEDTLS_FS_IO */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-static const unsigned char entropy_source_pr[96] =
-    { 0xc1, 0x80, 0x81, 0xa6, 0x5d, 0x44, 0x02, 0x16,
-      0x19, 0xb3, 0xf1, 0x80, 0xb1, 0xc9, 0x20, 0x02,
-      0x6a, 0x54, 0x6f, 0x0c, 0x70, 0x81, 0x49, 0x8b,
-      0x6e, 0xa6, 0x62, 0x52, 0x6d, 0x51, 0xb1, 0xcb,
-      0x58, 0x3b, 0xfa, 0xd5, 0x37, 0x5f, 0xfb, 0xc9,
-      0xff, 0x46, 0xd2, 0x19, 0xc7, 0x22, 0x3e, 0x95,
-      0x45, 0x9d, 0x82, 0xe1, 0xe7, 0x22, 0x9f, 0x63,
-      0x31, 0x69, 0xd2, 0x6b, 0x57, 0x47, 0x4f, 0xa3,
-      0x37, 0xc9, 0x98, 0x1c, 0x0b, 0xfb, 0x91, 0x31,
-      0x4d, 0x55, 0xb9, 0xe9, 0x1c, 0x5a, 0x5e, 0xe4,
-      0x93, 0x92, 0xcf, 0xc5, 0x23, 0x12, 0xd5, 0x56,
-      0x2c, 0x4a, 0x6e, 0xff, 0xdc, 0x10, 0xd0, 0x68 };
-
-static const unsigned char entropy_source_nopr[64] =
-    { 0x5a, 0x19, 0x4d, 0x5e, 0x2b, 0x31, 0x58, 0x14,
-      0x54, 0xde, 0xf6, 0x75, 0xfb, 0x79, 0x58, 0xfe,
-      0xc7, 0xdb, 0x87, 0x3e, 0x56, 0x89, 0xfc, 0x9d,
-      0x03, 0x21, 0x7c, 0x68, 0xd8, 0x03, 0x38, 0x20,
-      0xf9, 0xe6, 0x5e, 0x04, 0xd8, 0x56, 0xf3, 0xa9,
-      0xc4, 0x4a, 0x4c, 0xbd, 0xc1, 0xd0, 0x08, 0x46,
-      0xf5, 0x98, 0x3d, 0x77, 0x1c, 0x1b, 0x13, 0x7e,
-      0x4e, 0x0f, 0x9d, 0x8e, 0xf4, 0x09, 0xf9, 0x2e };
-
-static const unsigned char nonce_pers_pr[16] =
-    { 0xd2, 0x54, 0xfc, 0xff, 0x02, 0x1e, 0x69, 0xd2,
-      0x29, 0xc9, 0xcf, 0xad, 0x85, 0xfa, 0x48, 0x6c };
-
-static const unsigned char nonce_pers_nopr[16] =
-    { 0x1b, 0x54, 0xb8, 0xff, 0x06, 0x42, 0xbf, 0xf5,
-      0x21, 0xf1, 0x5c, 0x1c, 0x0b, 0x66, 0x5f, 0x3f };
-
-#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
-static const unsigned char result_pr[16] =
-    { 0x95, 0x3c, 0xa5, 0xbd, 0x44, 0x1, 0x34, 0xb7,
-      0x13, 0x58, 0x3e, 0x6a, 0x6c, 0x7e, 0x88, 0x8a };
-
-static const unsigned char result_nopr[16] =
-    { 0x6c, 0x25, 0x27, 0x95, 0xa3, 0x62, 0xd6, 0xdb,
-      0x90, 0xfd, 0x69, 0xb5, 0x42, 0x9, 0x4b, 0x84 };
-#else /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */
-static const unsigned char result_pr[16] =
-    { 0x34, 0x01, 0x16, 0x56, 0xb4, 0x29, 0x00, 0x8f,
-      0x35, 0x63, 0xec, 0xb5, 0xf2, 0x59, 0x07, 0x23 };
-
-static const unsigned char result_nopr[16] =
-    { 0xa0, 0x54, 0x30, 0x3d, 0x8a, 0x7e, 0xa9, 0x88,
-      0x9d, 0x90, 0x3e, 0x07, 0x7c, 0x6f, 0x21, 0x8f };
-#endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */
-
-static size_t test_offset;
-static int ctr_drbg_self_test_entropy( void *data, unsigned char *buf,
-                                       size_t len )
-{
-    const unsigned char *p = data;
-    memcpy( buf, p + test_offset, len );
-    test_offset += len;
-    return( 0 );
-}
-
-#define CHK( c )    if( (c) != 0 )                          \
-                    {                                       \
-                        if( verbose != 0 )                  \
-                            mbedtls_printf( "failed\n" );  \
-                        return( 1 );                        \
-                    }
-
-/*
- * Checkup routine
- */
-int mbedtls_ctr_drbg_self_test( int verbose )
-{
-    mbedtls_ctr_drbg_context ctx;
-    unsigned char buf[16];
-
-    mbedtls_ctr_drbg_init( &ctx );
-
-    /*
-     * Based on a NIST CTR_DRBG test vector (PR = True)
-     */
-    if( verbose != 0 )
-        mbedtls_printf( "  CTR_DRBG (PR = TRUE) : " );
-
-    test_offset = 0;
-    mbedtls_ctr_drbg_set_entropy_len( &ctx, 32 );
-    mbedtls_ctr_drbg_set_nonce_len( &ctx, 0 );
-    CHK( mbedtls_ctr_drbg_seed( &ctx,
-                                ctr_drbg_self_test_entropy,
-                                (void *) entropy_source_pr,
-                                nonce_pers_pr, 16 ) );
-    mbedtls_ctr_drbg_set_prediction_resistance( &ctx, MBEDTLS_CTR_DRBG_PR_ON );
-    CHK( mbedtls_ctr_drbg_random( &ctx, buf, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
-    CHK( mbedtls_ctr_drbg_random( &ctx, buf, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
-    CHK( memcmp( buf, result_pr, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
-
-    mbedtls_ctr_drbg_free( &ctx );
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-
-    /*
-     * Based on a NIST CTR_DRBG test vector (PR = FALSE)
-     */
-    if( verbose != 0 )
-        mbedtls_printf( "  CTR_DRBG (PR = FALSE): " );
-
-    mbedtls_ctr_drbg_init( &ctx );
-
-    test_offset = 0;
-    mbedtls_ctr_drbg_set_entropy_len( &ctx, 32 );
-    mbedtls_ctr_drbg_set_nonce_len( &ctx, 0 );
-    CHK( mbedtls_ctr_drbg_seed( &ctx,
-                                ctr_drbg_self_test_entropy,
-                                (void *) entropy_source_nopr,
-                                nonce_pers_nopr, 16 ) );
-    CHK( mbedtls_ctr_drbg_random( &ctx, buf, 16 ) );
-    CHK( mbedtls_ctr_drbg_reseed( &ctx, NULL, 0 ) );
-    CHK( mbedtls_ctr_drbg_random( &ctx, buf, 16 ) );
-    CHK( memcmp( buf, result_nopr, 16 ) );
-
-    mbedtls_ctr_drbg_free( &ctx );
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-
-    if( verbose != 0 )
-            mbedtls_printf( "\n" );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/debug.c b/3rdparty/mbedtls-2.25.0/library/debug.c
deleted file mode 100644
index c3384be..0000000
--- a/3rdparty/mbedtls-2.25.0/library/debug.c
+++ /dev/null
@@ -1,433 +0,0 @@
-/*
- *  Debugging routines
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_DEBUG_C)
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc      calloc
-#define mbedtls_free        free
-#define mbedtls_time_t      time_t
-#define mbedtls_snprintf    snprintf
-#define mbedtls_vsnprintf   vsnprintf
-#endif
-
-#include "mbedtls/debug.h"
-#include "mbedtls/error.h"
-
-#include <stdarg.h>
-#include <stdio.h>
-#include <string.h>
-
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
-    !defined(inline) && !defined(__cplusplus)
-#define inline __inline
-#endif
-
-#define DEBUG_BUF_SIZE      512
-
-static int debug_threshold = 0;
-
-void mbedtls_debug_set_threshold( int threshold )
-{
-    debug_threshold = threshold;
-}
-
-/*
- * All calls to f_dbg must be made via this function
- */
-static inline void debug_send_line( const mbedtls_ssl_context *ssl, int level,
-                                    const char *file, int line,
-                                    const char *str )
-{
-    /*
-     * If in a threaded environment, we need a thread identifier.
-     * Since there is no portable way to get one, use the address of the ssl
-     * context instead, as it shouldn't be shared between threads.
-     */
-#if defined(MBEDTLS_THREADING_C)
-    char idstr[20 + DEBUG_BUF_SIZE]; /* 0x + 16 nibbles + ': ' */
-    mbedtls_snprintf( idstr, sizeof( idstr ), "%p: %s", (void*)ssl, str );
-    ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, idstr );
-#else
-    ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str );
-#endif
-}
-
-void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
-                              const char *file, int line,
-                              const char *format, ... )
-{
-    va_list argp;
-    char str[DEBUG_BUF_SIZE];
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( NULL == ssl              ||
-        NULL == ssl->conf        ||
-        NULL == ssl->conf->f_dbg ||
-        level > debug_threshold )
-    {
-        return;
-    }
-
-    va_start( argp, format );
-    ret = mbedtls_vsnprintf( str, DEBUG_BUF_SIZE, format, argp );
-    va_end( argp );
-
-    if( ret >= 0 && ret < DEBUG_BUF_SIZE - 1 )
-    {
-        str[ret]     = '\n';
-        str[ret + 1] = '\0';
-    }
-
-    debug_send_line( ssl, level, file, line, str );
-}
-
-void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
-                      const char *file, int line,
-                      const char *text, int ret )
-{
-    char str[DEBUG_BUF_SIZE];
-
-    if( NULL == ssl              ||
-        NULL == ssl->conf        ||
-        NULL == ssl->conf->f_dbg ||
-        level > debug_threshold )
-    {
-        return;
-    }
-
-    /*
-     * With non-blocking I/O and examples that just retry immediately,
-     * the logs would be quickly flooded with WANT_READ, so ignore that.
-     * Don't ignore WANT_WRITE however, since is is usually rare.
-     */
-    if( ret == MBEDTLS_ERR_SSL_WANT_READ )
-        return;
-
-    mbedtls_snprintf( str, sizeof( str ), "%s() returned %d (-0x%04x)\n",
-              text, ret, (unsigned int) -ret );
-
-    debug_send_line( ssl, level, file, line, str );
-}
-
-void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
-                      const char *file, int line, const char *text,
-                      const unsigned char *buf, size_t len )
-{
-    char str[DEBUG_BUF_SIZE];
-    char txt[17];
-    size_t i, idx = 0;
-
-    if( NULL == ssl              ||
-        NULL == ssl->conf        ||
-        NULL == ssl->conf->f_dbg ||
-        level > debug_threshold )
-    {
-        return;
-    }
-
-    mbedtls_snprintf( str + idx, sizeof( str ) - idx, "dumping '%s' (%u bytes)\n",
-              text, (unsigned int) len );
-
-    debug_send_line( ssl, level, file, line, str );
-
-    idx = 0;
-    memset( txt, 0, sizeof( txt ) );
-    for( i = 0; i < len; i++ )
-    {
-        if( i >= 4096 )
-            break;
-
-        if( i % 16 == 0 )
-        {
-            if( i > 0 )
-            {
-                mbedtls_snprintf( str + idx, sizeof( str ) - idx, "  %s\n", txt );
-                debug_send_line( ssl, level, file, line, str );
-
-                idx = 0;
-                memset( txt, 0, sizeof( txt ) );
-            }
-
-            idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, "%04x: ",
-                             (unsigned int) i );
-
-        }
-
-        idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x",
-                         (unsigned int) buf[i] );
-        txt[i % 16] = ( buf[i] > 31 && buf[i] < 127 ) ? buf[i] : '.' ;
-    }
-
-    if( len > 0 )
-    {
-        for( /* i = i */; i % 16 != 0; i++ )
-            idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, "   " );
-
-        mbedtls_snprintf( str + idx, sizeof( str ) - idx, "  %s\n", txt );
-        debug_send_line( ssl, level, file, line, str );
-    }
-}
-
-#if defined(MBEDTLS_ECP_C)
-void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level,
-                      const char *file, int line,
-                      const char *text, const mbedtls_ecp_point *X )
-{
-    char str[DEBUG_BUF_SIZE];
-
-    if( NULL == ssl              ||
-        NULL == ssl->conf        ||
-        NULL == ssl->conf->f_dbg ||
-        level > debug_threshold )
-    {
-        return;
-    }
-
-    mbedtls_snprintf( str, sizeof( str ), "%s(X)", text );
-    mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->X );
-
-    mbedtls_snprintf( str, sizeof( str ), "%s(Y)", text );
-    mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->Y );
-}
-#endif /* MBEDTLS_ECP_C */
-
-#if defined(MBEDTLS_BIGNUM_C)
-void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
-                      const char *file, int line,
-                      const char *text, const mbedtls_mpi *X )
-{
-    char str[DEBUG_BUF_SIZE];
-    int j, k, zeros = 1;
-    size_t i, n, idx = 0;
-
-    if( NULL == ssl              ||
-        NULL == ssl->conf        ||
-        NULL == ssl->conf->f_dbg ||
-        NULL == X                ||
-        level > debug_threshold )
-    {
-        return;
-    }
-
-    for( n = X->n - 1; n > 0; n-- )
-        if( X->p[n] != 0 )
-            break;
-
-    for( j = ( sizeof(mbedtls_mpi_uint) << 3 ) - 1; j >= 0; j-- )
-        if( ( ( X->p[n] >> j ) & 1 ) != 0 )
-            break;
-
-    mbedtls_snprintf( str + idx, sizeof( str ) - idx, "value of '%s' (%d bits) is:\n",
-              text, (int) ( ( n * ( sizeof(mbedtls_mpi_uint) << 3 ) ) + j + 1 ) );
-
-    debug_send_line( ssl, level, file, line, str );
-
-    idx = 0;
-    for( i = n + 1, j = 0; i > 0; i-- )
-    {
-        if( zeros && X->p[i - 1] == 0 )
-            continue;
-
-        for( k = sizeof( mbedtls_mpi_uint ) - 1; k >= 0; k-- )
-        {
-            if( zeros && ( ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF ) == 0 )
-                continue;
-            else
-                zeros = 0;
-
-            if( j % 16 == 0 )
-            {
-                if( j > 0 )
-                {
-                    mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
-                    debug_send_line( ssl, level, file, line, str );
-                    idx = 0;
-                }
-            }
-
-            idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", (unsigned int)
-                             ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF );
-
-            j++;
-        }
-
-    }
-
-    if( zeros == 1 )
-        idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " 00" );
-
-    mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
-    debug_send_line( ssl, level, file, line, str );
-}
-#endif /* MBEDTLS_BIGNUM_C */
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-static void debug_print_pk( const mbedtls_ssl_context *ssl, int level,
-                            const char *file, int line,
-                            const char *text, const mbedtls_pk_context *pk )
-{
-    size_t i;
-    mbedtls_pk_debug_item items[MBEDTLS_PK_DEBUG_MAX_ITEMS];
-    char name[16];
-
-    memset( items, 0, sizeof( items ) );
-
-    if( mbedtls_pk_debug( pk, items ) != 0 )
-    {
-        debug_send_line( ssl, level, file, line,
-                          "invalid PK context\n" );
-        return;
-    }
-
-    for( i = 0; i < MBEDTLS_PK_DEBUG_MAX_ITEMS; i++ )
-    {
-        if( items[i].type == MBEDTLS_PK_DEBUG_NONE )
-            return;
-
-        mbedtls_snprintf( name, sizeof( name ), "%s%s", text, items[i].name );
-        name[sizeof( name ) - 1] = '\0';
-
-        if( items[i].type == MBEDTLS_PK_DEBUG_MPI )
-            mbedtls_debug_print_mpi( ssl, level, file, line, name, items[i].value );
-        else
-#if defined(MBEDTLS_ECP_C)
-        if( items[i].type == MBEDTLS_PK_DEBUG_ECP )
-            mbedtls_debug_print_ecp( ssl, level, file, line, name, items[i].value );
-        else
-#endif
-            debug_send_line( ssl, level, file, line,
-                              "should not happen\n" );
-    }
-}
-
-static void debug_print_line_by_line( const mbedtls_ssl_context *ssl, int level,
-                                      const char *file, int line, const char *text )
-{
-    char str[DEBUG_BUF_SIZE];
-    const char *start, *cur;
-
-    start = text;
-    for( cur = text; *cur != '\0'; cur++ )
-    {
-        if( *cur == '\n' )
-        {
-            size_t len = cur - start + 1;
-            if( len > DEBUG_BUF_SIZE - 1 )
-                len = DEBUG_BUF_SIZE - 1;
-
-            memcpy( str, start, len );
-            str[len] = '\0';
-
-            debug_send_line( ssl, level, file, line, str );
-
-            start = cur + 1;
-        }
-    }
-}
-
-void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level,
-                      const char *file, int line,
-                      const char *text, const mbedtls_x509_crt *crt )
-{
-    char str[DEBUG_BUF_SIZE];
-    int i = 0;
-
-    if( NULL == ssl              ||
-        NULL == ssl->conf        ||
-        NULL == ssl->conf->f_dbg ||
-        NULL == crt              ||
-        level > debug_threshold )
-    {
-        return;
-    }
-
-    while( crt != NULL )
-    {
-        char buf[1024];
-
-        mbedtls_snprintf( str, sizeof( str ), "%s #%d:\n", text, ++i );
-        debug_send_line( ssl, level, file, line, str );
-
-        mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
-        debug_print_line_by_line( ssl, level, file, line, buf );
-
-        debug_print_pk( ssl, level, file, line, "crt->", &crt->pk );
-
-        crt = crt->next;
-    }
-}
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-#if defined(MBEDTLS_ECDH_C)
-static void mbedtls_debug_printf_ecdh_internal( const mbedtls_ssl_context *ssl,
-                                                int level, const char *file,
-                                                int line,
-                                                const mbedtls_ecdh_context *ecdh,
-                                                mbedtls_debug_ecdh_attr attr )
-{
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    const mbedtls_ecdh_context* ctx = ecdh;
-#else
-    const mbedtls_ecdh_context_mbed* ctx = &ecdh->ctx.mbed_ecdh;
-#endif
-
-    switch( attr )
-    {
-        case MBEDTLS_DEBUG_ECDH_Q:
-            mbedtls_debug_print_ecp( ssl, level, file, line, "ECDH: Q",
-                                     &ctx->Q );
-            break;
-        case MBEDTLS_DEBUG_ECDH_QP:
-            mbedtls_debug_print_ecp( ssl, level, file, line, "ECDH: Qp",
-                                     &ctx->Qp );
-            break;
-        case MBEDTLS_DEBUG_ECDH_Z:
-            mbedtls_debug_print_mpi( ssl, level, file, line, "ECDH: z",
-                                     &ctx->z );
-            break;
-        default:
-            break;
-    }
-}
-
-void mbedtls_debug_printf_ecdh( const mbedtls_ssl_context *ssl, int level,
-                                const char *file, int line,
-                                const mbedtls_ecdh_context *ecdh,
-                                mbedtls_debug_ecdh_attr attr )
-{
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    mbedtls_debug_printf_ecdh_internal( ssl, level, file, line, ecdh, attr );
-#else
-    switch( ecdh->var )
-    {
-        default:
-            mbedtls_debug_printf_ecdh_internal( ssl, level, file, line, ecdh,
-                                                attr );
-    }
-#endif
-}
-#endif /* MBEDTLS_ECDH_C */
-
-#endif /* MBEDTLS_DEBUG_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/des.c b/3rdparty/mbedtls-2.25.0/library/des.c
deleted file mode 100644
index eddf55e..0000000
--- a/3rdparty/mbedtls-2.25.0/library/des.c
+++ /dev/null
@@ -1,1058 +0,0 @@
-/*
- *  FIPS-46-3 compliant Triple-DES implementation
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  DES, on which TDES is based, was originally designed by Horst Feistel
- *  at IBM in 1974, and was adopted as a standard by NIST (formerly NBS).
- *
- *  http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_DES_C)
-
-#include "mbedtls/des.h"
-#include "mbedtls/platform_util.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_DES_ALT)
-
-/*
- * 32-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i)                            \
-{                                                       \
-    (n) = ( (uint32_t) (b)[(i)    ] << 24 )             \
-        | ( (uint32_t) (b)[(i) + 1] << 16 )             \
-        | ( (uint32_t) (b)[(i) + 2] <<  8 )             \
-        | ( (uint32_t) (b)[(i) + 3]       );            \
-}
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i)                            \
-{                                                       \
-    (b)[(i)    ] = (unsigned char) ( (n) >> 24 );       \
-    (b)[(i) + 1] = (unsigned char) ( (n) >> 16 );       \
-    (b)[(i) + 2] = (unsigned char) ( (n) >>  8 );       \
-    (b)[(i) + 3] = (unsigned char) ( (n)       );       \
-}
-#endif
-
-/*
- * Expanded DES S-boxes
- */
-static const uint32_t SB1[64] =
-{
-    0x01010400, 0x00000000, 0x00010000, 0x01010404,
-    0x01010004, 0x00010404, 0x00000004, 0x00010000,
-    0x00000400, 0x01010400, 0x01010404, 0x00000400,
-    0x01000404, 0x01010004, 0x01000000, 0x00000004,
-    0x00000404, 0x01000400, 0x01000400, 0x00010400,
-    0x00010400, 0x01010000, 0x01010000, 0x01000404,
-    0x00010004, 0x01000004, 0x01000004, 0x00010004,
-    0x00000000, 0x00000404, 0x00010404, 0x01000000,
-    0x00010000, 0x01010404, 0x00000004, 0x01010000,
-    0x01010400, 0x01000000, 0x01000000, 0x00000400,
-    0x01010004, 0x00010000, 0x00010400, 0x01000004,
-    0x00000400, 0x00000004, 0x01000404, 0x00010404,
-    0x01010404, 0x00010004, 0x01010000, 0x01000404,
-    0x01000004, 0x00000404, 0x00010404, 0x01010400,
-    0x00000404, 0x01000400, 0x01000400, 0x00000000,
-    0x00010004, 0x00010400, 0x00000000, 0x01010004
-};
-
-static const uint32_t SB2[64] =
-{
-    0x80108020, 0x80008000, 0x00008000, 0x00108020,
-    0x00100000, 0x00000020, 0x80100020, 0x80008020,
-    0x80000020, 0x80108020, 0x80108000, 0x80000000,
-    0x80008000, 0x00100000, 0x00000020, 0x80100020,
-    0x00108000, 0x00100020, 0x80008020, 0x00000000,
-    0x80000000, 0x00008000, 0x00108020, 0x80100000,
-    0x00100020, 0x80000020, 0x00000000, 0x00108000,
-    0x00008020, 0x80108000, 0x80100000, 0x00008020,
-    0x00000000, 0x00108020, 0x80100020, 0x00100000,
-    0x80008020, 0x80100000, 0x80108000, 0x00008000,
-    0x80100000, 0x80008000, 0x00000020, 0x80108020,
-    0x00108020, 0x00000020, 0x00008000, 0x80000000,
-    0x00008020, 0x80108000, 0x00100000, 0x80000020,
-    0x00100020, 0x80008020, 0x80000020, 0x00100020,
-    0x00108000, 0x00000000, 0x80008000, 0x00008020,
-    0x80000000, 0x80100020, 0x80108020, 0x00108000
-};
-
-static const uint32_t SB3[64] =
-{
-    0x00000208, 0x08020200, 0x00000000, 0x08020008,
-    0x08000200, 0x00000000, 0x00020208, 0x08000200,
-    0x00020008, 0x08000008, 0x08000008, 0x00020000,
-    0x08020208, 0x00020008, 0x08020000, 0x00000208,
-    0x08000000, 0x00000008, 0x08020200, 0x00000200,
-    0x00020200, 0x08020000, 0x08020008, 0x00020208,
-    0x08000208, 0x00020200, 0x00020000, 0x08000208,
-    0x00000008, 0x08020208, 0x00000200, 0x08000000,
-    0x08020200, 0x08000000, 0x00020008, 0x00000208,
-    0x00020000, 0x08020200, 0x08000200, 0x00000000,
-    0x00000200, 0x00020008, 0x08020208, 0x08000200,
-    0x08000008, 0x00000200, 0x00000000, 0x08020008,
-    0x08000208, 0x00020000, 0x08000000, 0x08020208,
-    0x00000008, 0x00020208, 0x00020200, 0x08000008,
-    0x08020000, 0x08000208, 0x00000208, 0x08020000,
-    0x00020208, 0x00000008, 0x08020008, 0x00020200
-};
-
-static const uint32_t SB4[64] =
-{
-    0x00802001, 0x00002081, 0x00002081, 0x00000080,
-    0x00802080, 0x00800081, 0x00800001, 0x00002001,
-    0x00000000, 0x00802000, 0x00802000, 0x00802081,
-    0x00000081, 0x00000000, 0x00800080, 0x00800001,
-    0x00000001, 0x00002000, 0x00800000, 0x00802001,
-    0x00000080, 0x00800000, 0x00002001, 0x00002080,
-    0x00800081, 0x00000001, 0x00002080, 0x00800080,
-    0x00002000, 0x00802080, 0x00802081, 0x00000081,
-    0x00800080, 0x00800001, 0x00802000, 0x00802081,
-    0x00000081, 0x00000000, 0x00000000, 0x00802000,
-    0x00002080, 0x00800080, 0x00800081, 0x00000001,
-    0x00802001, 0x00002081, 0x00002081, 0x00000080,
-    0x00802081, 0x00000081, 0x00000001, 0x00002000,
-    0x00800001, 0x00002001, 0x00802080, 0x00800081,
-    0x00002001, 0x00002080, 0x00800000, 0x00802001,
-    0x00000080, 0x00800000, 0x00002000, 0x00802080
-};
-
-static const uint32_t SB5[64] =
-{
-    0x00000100, 0x02080100, 0x02080000, 0x42000100,
-    0x00080000, 0x00000100, 0x40000000, 0x02080000,
-    0x40080100, 0x00080000, 0x02000100, 0x40080100,
-    0x42000100, 0x42080000, 0x00080100, 0x40000000,
-    0x02000000, 0x40080000, 0x40080000, 0x00000000,
-    0x40000100, 0x42080100, 0x42080100, 0x02000100,
-    0x42080000, 0x40000100, 0x00000000, 0x42000000,
-    0x02080100, 0x02000000, 0x42000000, 0x00080100,
-    0x00080000, 0x42000100, 0x00000100, 0x02000000,
-    0x40000000, 0x02080000, 0x42000100, 0x40080100,
-    0x02000100, 0x40000000, 0x42080000, 0x02080100,
-    0x40080100, 0x00000100, 0x02000000, 0x42080000,
-    0x42080100, 0x00080100, 0x42000000, 0x42080100,
-    0x02080000, 0x00000000, 0x40080000, 0x42000000,
-    0x00080100, 0x02000100, 0x40000100, 0x00080000,
-    0x00000000, 0x40080000, 0x02080100, 0x40000100
-};
-
-static const uint32_t SB6[64] =
-{
-    0x20000010, 0x20400000, 0x00004000, 0x20404010,
-    0x20400000, 0x00000010, 0x20404010, 0x00400000,
-    0x20004000, 0x00404010, 0x00400000, 0x20000010,
-    0x00400010, 0x20004000, 0x20000000, 0x00004010,
-    0x00000000, 0x00400010, 0x20004010, 0x00004000,
-    0x00404000, 0x20004010, 0x00000010, 0x20400010,
-    0x20400010, 0x00000000, 0x00404010, 0x20404000,
-    0x00004010, 0x00404000, 0x20404000, 0x20000000,
-    0x20004000, 0x00000010, 0x20400010, 0x00404000,
-    0x20404010, 0x00400000, 0x00004010, 0x20000010,
-    0x00400000, 0x20004000, 0x20000000, 0x00004010,
-    0x20000010, 0x20404010, 0x00404000, 0x20400000,
-    0x00404010, 0x20404000, 0x00000000, 0x20400010,
-    0x00000010, 0x00004000, 0x20400000, 0x00404010,
-    0x00004000, 0x00400010, 0x20004010, 0x00000000,
-    0x20404000, 0x20000000, 0x00400010, 0x20004010
-};
-
-static const uint32_t SB7[64] =
-{
-    0x00200000, 0x04200002, 0x04000802, 0x00000000,
-    0x00000800, 0x04000802, 0x00200802, 0x04200800,
-    0x04200802, 0x00200000, 0x00000000, 0x04000002,
-    0x00000002, 0x04000000, 0x04200002, 0x00000802,
-    0x04000800, 0x00200802, 0x00200002, 0x04000800,
-    0x04000002, 0x04200000, 0x04200800, 0x00200002,
-    0x04200000, 0x00000800, 0x00000802, 0x04200802,
-    0x00200800, 0x00000002, 0x04000000, 0x00200800,
-    0x04000000, 0x00200800, 0x00200000, 0x04000802,
-    0x04000802, 0x04200002, 0x04200002, 0x00000002,
-    0x00200002, 0x04000000, 0x04000800, 0x00200000,
-    0x04200800, 0x00000802, 0x00200802, 0x04200800,
-    0x00000802, 0x04000002, 0x04200802, 0x04200000,
-    0x00200800, 0x00000000, 0x00000002, 0x04200802,
-    0x00000000, 0x00200802, 0x04200000, 0x00000800,
-    0x04000002, 0x04000800, 0x00000800, 0x00200002
-};
-
-static const uint32_t SB8[64] =
-{
-    0x10001040, 0x00001000, 0x00040000, 0x10041040,
-    0x10000000, 0x10001040, 0x00000040, 0x10000000,
-    0x00040040, 0x10040000, 0x10041040, 0x00041000,
-    0x10041000, 0x00041040, 0x00001000, 0x00000040,
-    0x10040000, 0x10000040, 0x10001000, 0x00001040,
-    0x00041000, 0x00040040, 0x10040040, 0x10041000,
-    0x00001040, 0x00000000, 0x00000000, 0x10040040,
-    0x10000040, 0x10001000, 0x00041040, 0x00040000,
-    0x00041040, 0x00040000, 0x10041000, 0x00001000,
-    0x00000040, 0x10040040, 0x00001000, 0x00041040,
-    0x10001000, 0x00000040, 0x10000040, 0x10040000,
-    0x10040040, 0x10000000, 0x00040000, 0x10001040,
-    0x00000000, 0x10041040, 0x00040040, 0x10000040,
-    0x10040000, 0x10001000, 0x10001040, 0x00000000,
-    0x10041040, 0x00041000, 0x00041000, 0x00001040,
-    0x00001040, 0x00040040, 0x10000000, 0x10041000
-};
-
-/*
- * PC1: left and right halves bit-swap
- */
-static const uint32_t LHs[16] =
-{
-    0x00000000, 0x00000001, 0x00000100, 0x00000101,
-    0x00010000, 0x00010001, 0x00010100, 0x00010101,
-    0x01000000, 0x01000001, 0x01000100, 0x01000101,
-    0x01010000, 0x01010001, 0x01010100, 0x01010101
-};
-
-static const uint32_t RHs[16] =
-{
-    0x00000000, 0x01000000, 0x00010000, 0x01010000,
-    0x00000100, 0x01000100, 0x00010100, 0x01010100,
-    0x00000001, 0x01000001, 0x00010001, 0x01010001,
-    0x00000101, 0x01000101, 0x00010101, 0x01010101,
-};
-
-/*
- * Initial Permutation macro
- */
-#define DES_IP(X,Y)                                                       \
-    do                                                                    \
-    {                                                                     \
-        T = (((X) >>  4) ^ (Y)) & 0x0F0F0F0F; (Y) ^= T; (X) ^= (T <<  4); \
-        T = (((X) >> 16) ^ (Y)) & 0x0000FFFF; (Y) ^= T; (X) ^= (T << 16); \
-        T = (((Y) >>  2) ^ (X)) & 0x33333333; (X) ^= T; (Y) ^= (T <<  2); \
-        T = (((Y) >>  8) ^ (X)) & 0x00FF00FF; (X) ^= T; (Y) ^= (T <<  8); \
-        (Y) = (((Y) << 1) | ((Y) >> 31)) & 0xFFFFFFFF;                    \
-        T = ((X) ^ (Y)) & 0xAAAAAAAA; (Y) ^= T; (X) ^= T;                 \
-        (X) = (((X) << 1) | ((X) >> 31)) & 0xFFFFFFFF;                    \
-    } while( 0 )
-
-/*
- * Final Permutation macro
- */
-#define DES_FP(X,Y)                                                       \
-    do                                                                    \
-    {                                                                     \
-        (X) = (((X) << 31) | ((X) >> 1)) & 0xFFFFFFFF;                    \
-        T = ((X) ^ (Y)) & 0xAAAAAAAA; (X) ^= T; (Y) ^= T;                 \
-        (Y) = (((Y) << 31) | ((Y) >> 1)) & 0xFFFFFFFF;                    \
-        T = (((Y) >>  8) ^ (X)) & 0x00FF00FF; (X) ^= T; (Y) ^= (T <<  8); \
-        T = (((Y) >>  2) ^ (X)) & 0x33333333; (X) ^= T; (Y) ^= (T <<  2); \
-        T = (((X) >> 16) ^ (Y)) & 0x0000FFFF; (Y) ^= T; (X) ^= (T << 16); \
-        T = (((X) >>  4) ^ (Y)) & 0x0F0F0F0F; (Y) ^= T; (X) ^= (T <<  4); \
-    } while( 0 )
-
-/*
- * DES round macro
- */
-#define DES_ROUND(X,Y)                              \
-    do                                              \
-    {                                               \
-        T = *SK++ ^ (X);                            \
-        (Y) ^= SB8[ (T      ) & 0x3F ] ^            \
-               SB6[ (T >>  8) & 0x3F ] ^            \
-               SB4[ (T >> 16) & 0x3F ] ^            \
-               SB2[ (T >> 24) & 0x3F ];             \
-                                                    \
-        T = *SK++ ^ (((X) << 28) | ((X) >> 4));     \
-        (Y) ^= SB7[ (T      ) & 0x3F ] ^            \
-               SB5[ (T >>  8) & 0x3F ] ^            \
-               SB3[ (T >> 16) & 0x3F ] ^            \
-               SB1[ (T >> 24) & 0x3F ];             \
-    } while( 0 )
-
-#define SWAP(a,b)                                       \
-    do                                                  \
-    {                                                   \
-        uint32_t t = (a); (a) = (b); (b) = t; t = 0;    \
-    } while( 0 )
-
-void mbedtls_des_init( mbedtls_des_context *ctx )
-{
-    memset( ctx, 0, sizeof( mbedtls_des_context ) );
-}
-
-void mbedtls_des_free( mbedtls_des_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_des_context ) );
-}
-
-void mbedtls_des3_init( mbedtls_des3_context *ctx )
-{
-    memset( ctx, 0, sizeof( mbedtls_des3_context ) );
-}
-
-void mbedtls_des3_free( mbedtls_des3_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_des3_context ) );
-}
-
-static const unsigned char odd_parity_table[128] = { 1,  2,  4,  7,  8,
-        11, 13, 14, 16, 19, 21, 22, 25, 26, 28, 31, 32, 35, 37, 38, 41, 42, 44,
-        47, 49, 50, 52, 55, 56, 59, 61, 62, 64, 67, 69, 70, 73, 74, 76, 79, 81,
-        82, 84, 87, 88, 91, 93, 94, 97, 98, 100, 103, 104, 107, 109, 110, 112,
-        115, 117, 118, 121, 122, 124, 127, 128, 131, 133, 134, 137, 138, 140,
-        143, 145, 146, 148, 151, 152, 155, 157, 158, 161, 162, 164, 167, 168,
-        171, 173, 174, 176, 179, 181, 182, 185, 186, 188, 191, 193, 194, 196,
-        199, 200, 203, 205, 206, 208, 211, 213, 214, 217, 218, 220, 223, 224,
-        227, 229, 230, 233, 234, 236, 239, 241, 242, 244, 247, 248, 251, 253,
-        254 };
-
-void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] )
-{
-    int i;
-
-    for( i = 0; i < MBEDTLS_DES_KEY_SIZE; i++ )
-        key[i] = odd_parity_table[key[i] / 2];
-}
-
-/*
- * Check the given key's parity, returns 1 on failure, 0 on SUCCESS
- */
-int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] )
-{
-    int i;
-
-    for( i = 0; i < MBEDTLS_DES_KEY_SIZE; i++ )
-        if( key[i] != odd_parity_table[key[i] / 2] )
-            return( 1 );
-
-    return( 0 );
-}
-
-/*
- * Table of weak and semi-weak keys
- *
- * Source: http://en.wikipedia.org/wiki/Weak_key
- *
- * Weak:
- * Alternating ones + zeros (0x0101010101010101)
- * Alternating 'F' + 'E' (0xFEFEFEFEFEFEFEFE)
- * '0xE0E0E0E0F1F1F1F1'
- * '0x1F1F1F1F0E0E0E0E'
- *
- * Semi-weak:
- * 0x011F011F010E010E and 0x1F011F010E010E01
- * 0x01E001E001F101F1 and 0xE001E001F101F101
- * 0x01FE01FE01FE01FE and 0xFE01FE01FE01FE01
- * 0x1FE01FE00EF10EF1 and 0xE01FE01FF10EF10E
- * 0x1FFE1FFE0EFE0EFE and 0xFE1FFE1FFE0EFE0E
- * 0xE0FEE0FEF1FEF1FE and 0xFEE0FEE0FEF1FEF1
- *
- */
-
-#define WEAK_KEY_COUNT 16
-
-static const unsigned char weak_key_table[WEAK_KEY_COUNT][MBEDTLS_DES_KEY_SIZE] =
-{
-    { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
-    { 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE },
-    { 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E },
-    { 0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1 },
-
-    { 0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E },
-    { 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01 },
-    { 0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1 },
-    { 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01 },
-    { 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE },
-    { 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01 },
-    { 0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1 },
-    { 0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E },
-    { 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE },
-    { 0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E },
-    { 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE },
-    { 0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1 }
-};
-
-int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] )
-{
-    int i;
-
-    for( i = 0; i < WEAK_KEY_COUNT; i++ )
-        if( memcmp( weak_key_table[i], key, MBEDTLS_DES_KEY_SIZE) == 0 )
-            return( 1 );
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DES_SETKEY_ALT)
-void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KEY_SIZE] )
-{
-    int i;
-    uint32_t X, Y, T;
-
-    GET_UINT32_BE( X, key, 0 );
-    GET_UINT32_BE( Y, key, 4 );
-
-    /*
-     * Permuted Choice 1
-     */
-    T =  ((Y >>  4) ^ X) & 0x0F0F0F0F;  X ^= T; Y ^= (T <<  4);
-    T =  ((Y      ) ^ X) & 0x10101010;  X ^= T; Y ^= (T      );
-
-    X =   (LHs[ (X      ) & 0xF] << 3) | (LHs[ (X >>  8) & 0xF ] << 2)
-        | (LHs[ (X >> 16) & 0xF] << 1) | (LHs[ (X >> 24) & 0xF ]     )
-        | (LHs[ (X >>  5) & 0xF] << 7) | (LHs[ (X >> 13) & 0xF ] << 6)
-        | (LHs[ (X >> 21) & 0xF] << 5) | (LHs[ (X >> 29) & 0xF ] << 4);
-
-    Y =   (RHs[ (Y >>  1) & 0xF] << 3) | (RHs[ (Y >>  9) & 0xF ] << 2)
-        | (RHs[ (Y >> 17) & 0xF] << 1) | (RHs[ (Y >> 25) & 0xF ]     )
-        | (RHs[ (Y >>  4) & 0xF] << 7) | (RHs[ (Y >> 12) & 0xF ] << 6)
-        | (RHs[ (Y >> 20) & 0xF] << 5) | (RHs[ (Y >> 28) & 0xF ] << 4);
-
-    X &= 0x0FFFFFFF;
-    Y &= 0x0FFFFFFF;
-
-    /*
-     * calculate subkeys
-     */
-    for( i = 0; i < 16; i++ )
-    {
-        if( i < 2 || i == 8 || i == 15 )
-        {
-            X = ((X <<  1) | (X >> 27)) & 0x0FFFFFFF;
-            Y = ((Y <<  1) | (Y >> 27)) & 0x0FFFFFFF;
-        }
-        else
-        {
-            X = ((X <<  2) | (X >> 26)) & 0x0FFFFFFF;
-            Y = ((Y <<  2) | (Y >> 26)) & 0x0FFFFFFF;
-        }
-
-        *SK++ =   ((X <<  4) & 0x24000000) | ((X << 28) & 0x10000000)
-                | ((X << 14) & 0x08000000) | ((X << 18) & 0x02080000)
-                | ((X <<  6) & 0x01000000) | ((X <<  9) & 0x00200000)
-                | ((X >>  1) & 0x00100000) | ((X << 10) & 0x00040000)
-                | ((X <<  2) & 0x00020000) | ((X >> 10) & 0x00010000)
-                | ((Y >> 13) & 0x00002000) | ((Y >>  4) & 0x00001000)
-                | ((Y <<  6) & 0x00000800) | ((Y >>  1) & 0x00000400)
-                | ((Y >> 14) & 0x00000200) | ((Y      ) & 0x00000100)
-                | ((Y >>  5) & 0x00000020) | ((Y >> 10) & 0x00000010)
-                | ((Y >>  3) & 0x00000008) | ((Y >> 18) & 0x00000004)
-                | ((Y >> 26) & 0x00000002) | ((Y >> 24) & 0x00000001);
-
-        *SK++ =   ((X << 15) & 0x20000000) | ((X << 17) & 0x10000000)
-                | ((X << 10) & 0x08000000) | ((X << 22) & 0x04000000)
-                | ((X >>  2) & 0x02000000) | ((X <<  1) & 0x01000000)
-                | ((X << 16) & 0x00200000) | ((X << 11) & 0x00100000)
-                | ((X <<  3) & 0x00080000) | ((X >>  6) & 0x00040000)
-                | ((X << 15) & 0x00020000) | ((X >>  4) & 0x00010000)
-                | ((Y >>  2) & 0x00002000) | ((Y <<  8) & 0x00001000)
-                | ((Y >> 14) & 0x00000808) | ((Y >>  9) & 0x00000400)
-                | ((Y      ) & 0x00000200) | ((Y <<  7) & 0x00000100)
-                | ((Y >>  7) & 0x00000020) | ((Y >>  3) & 0x00000011)
-                | ((Y <<  2) & 0x00000004) | ((Y >> 21) & 0x00000002);
-    }
-}
-#endif /* !MBEDTLS_DES_SETKEY_ALT */
-
-/*
- * DES key schedule (56-bit, encryption)
- */
-int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] )
-{
-    mbedtls_des_setkey( ctx->sk, key );
-
-    return( 0 );
-}
-
-/*
- * DES key schedule (56-bit, decryption)
- */
-int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] )
-{
-    int i;
-
-    mbedtls_des_setkey( ctx->sk, key );
-
-    for( i = 0; i < 16; i += 2 )
-    {
-        SWAP( ctx->sk[i    ], ctx->sk[30 - i] );
-        SWAP( ctx->sk[i + 1], ctx->sk[31 - i] );
-    }
-
-    return( 0 );
-}
-
-static void des3_set2key( uint32_t esk[96],
-                          uint32_t dsk[96],
-                          const unsigned char key[MBEDTLS_DES_KEY_SIZE*2] )
-{
-    int i;
-
-    mbedtls_des_setkey( esk, key );
-    mbedtls_des_setkey( dsk + 32, key + 8 );
-
-    for( i = 0; i < 32; i += 2 )
-    {
-        dsk[i     ] = esk[30 - i];
-        dsk[i +  1] = esk[31 - i];
-
-        esk[i + 32] = dsk[62 - i];
-        esk[i + 33] = dsk[63 - i];
-
-        esk[i + 64] = esk[i    ];
-        esk[i + 65] = esk[i + 1];
-
-        dsk[i + 64] = dsk[i    ];
-        dsk[i + 65] = dsk[i + 1];
-    }
-}
-
-/*
- * Triple-DES key schedule (112-bit, encryption)
- */
-int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
-                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] )
-{
-    uint32_t sk[96];
-
-    des3_set2key( ctx->sk, sk, key );
-    mbedtls_platform_zeroize( sk,  sizeof( sk ) );
-
-    return( 0 );
-}
-
-/*
- * Triple-DES key schedule (112-bit, decryption)
- */
-int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
-                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] )
-{
-    uint32_t sk[96];
-
-    des3_set2key( sk, ctx->sk, key );
-    mbedtls_platform_zeroize( sk,  sizeof( sk ) );
-
-    return( 0 );
-}
-
-static void des3_set3key( uint32_t esk[96],
-                          uint32_t dsk[96],
-                          const unsigned char key[24] )
-{
-    int i;
-
-    mbedtls_des_setkey( esk, key );
-    mbedtls_des_setkey( dsk + 32, key +  8 );
-    mbedtls_des_setkey( esk + 64, key + 16 );
-
-    for( i = 0; i < 32; i += 2 )
-    {
-        dsk[i     ] = esk[94 - i];
-        dsk[i +  1] = esk[95 - i];
-
-        esk[i + 32] = dsk[62 - i];
-        esk[i + 33] = dsk[63 - i];
-
-        dsk[i + 64] = esk[30 - i];
-        dsk[i + 65] = esk[31 - i];
-    }
-}
-
-/*
- * Triple-DES key schedule (168-bit, encryption)
- */
-int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
-                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] )
-{
-    uint32_t sk[96];
-
-    des3_set3key( ctx->sk, sk, key );
-    mbedtls_platform_zeroize( sk,  sizeof( sk ) );
-
-    return( 0 );
-}
-
-/*
- * Triple-DES key schedule (168-bit, decryption)
- */
-int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
-                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] )
-{
-    uint32_t sk[96];
-
-    des3_set3key( sk, ctx->sk, key );
-    mbedtls_platform_zeroize( sk,  sizeof( sk ) );
-
-    return( 0 );
-}
-
-/*
- * DES-ECB block encryption/decryption
- */
-#if !defined(MBEDTLS_DES_CRYPT_ECB_ALT)
-int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
-                    const unsigned char input[8],
-                    unsigned char output[8] )
-{
-    int i;
-    uint32_t X, Y, T, *SK;
-
-    SK = ctx->sk;
-
-    GET_UINT32_BE( X, input, 0 );
-    GET_UINT32_BE( Y, input, 4 );
-
-    DES_IP( X, Y );
-
-    for( i = 0; i < 8; i++ )
-    {
-        DES_ROUND( Y, X );
-        DES_ROUND( X, Y );
-    }
-
-    DES_FP( Y, X );
-
-    PUT_UINT32_BE( Y, output, 0 );
-    PUT_UINT32_BE( X, output, 4 );
-
-    return( 0 );
-}
-#endif /* !MBEDTLS_DES_CRYPT_ECB_ALT */
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-/*
- * DES-CBC buffer encryption/decryption
- */
-int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
-                    int mode,
-                    size_t length,
-                    unsigned char iv[8],
-                    const unsigned char *input,
-                    unsigned char *output )
-{
-    int i;
-    unsigned char temp[8];
-
-    if( length % 8 )
-        return( MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH );
-
-    if( mode == MBEDTLS_DES_ENCRYPT )
-    {
-        while( length > 0 )
-        {
-            for( i = 0; i < 8; i++ )
-                output[i] = (unsigned char)( input[i] ^ iv[i] );
-
-            mbedtls_des_crypt_ecb( ctx, output, output );
-            memcpy( iv, output, 8 );
-
-            input  += 8;
-            output += 8;
-            length -= 8;
-        }
-    }
-    else /* MBEDTLS_DES_DECRYPT */
-    {
-        while( length > 0 )
-        {
-            memcpy( temp, input, 8 );
-            mbedtls_des_crypt_ecb( ctx, input, output );
-
-            for( i = 0; i < 8; i++ )
-                output[i] = (unsigned char)( output[i] ^ iv[i] );
-
-            memcpy( iv, temp, 8 );
-
-            input  += 8;
-            output += 8;
-            length -= 8;
-        }
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-/*
- * 3DES-ECB block encryption/decryption
- */
-#if !defined(MBEDTLS_DES3_CRYPT_ECB_ALT)
-int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
-                     const unsigned char input[8],
-                     unsigned char output[8] )
-{
-    int i;
-    uint32_t X, Y, T, *SK;
-
-    SK = ctx->sk;
-
-    GET_UINT32_BE( X, input, 0 );
-    GET_UINT32_BE( Y, input, 4 );
-
-    DES_IP( X, Y );
-
-    for( i = 0; i < 8; i++ )
-    {
-        DES_ROUND( Y, X );
-        DES_ROUND( X, Y );
-    }
-
-    for( i = 0; i < 8; i++ )
-    {
-        DES_ROUND( X, Y );
-        DES_ROUND( Y, X );
-    }
-
-    for( i = 0; i < 8; i++ )
-    {
-        DES_ROUND( Y, X );
-        DES_ROUND( X, Y );
-    }
-
-    DES_FP( Y, X );
-
-    PUT_UINT32_BE( Y, output, 0 );
-    PUT_UINT32_BE( X, output, 4 );
-
-    return( 0 );
-}
-#endif /* !MBEDTLS_DES3_CRYPT_ECB_ALT */
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-/*
- * 3DES-CBC buffer encryption/decryption
- */
-int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
-                     int mode,
-                     size_t length,
-                     unsigned char iv[8],
-                     const unsigned char *input,
-                     unsigned char *output )
-{
-    int i;
-    unsigned char temp[8];
-
-    if( length % 8 )
-        return( MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH );
-
-    if( mode == MBEDTLS_DES_ENCRYPT )
-    {
-        while( length > 0 )
-        {
-            for( i = 0; i < 8; i++ )
-                output[i] = (unsigned char)( input[i] ^ iv[i] );
-
-            mbedtls_des3_crypt_ecb( ctx, output, output );
-            memcpy( iv, output, 8 );
-
-            input  += 8;
-            output += 8;
-            length -= 8;
-        }
-    }
-    else /* MBEDTLS_DES_DECRYPT */
-    {
-        while( length > 0 )
-        {
-            memcpy( temp, input, 8 );
-            mbedtls_des3_crypt_ecb( ctx, input, output );
-
-            for( i = 0; i < 8; i++ )
-                output[i] = (unsigned char)( output[i] ^ iv[i] );
-
-            memcpy( iv, temp, 8 );
-
-            input  += 8;
-            output += 8;
-            length -= 8;
-        }
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#endif /* !MBEDTLS_DES_ALT */
-
-#if defined(MBEDTLS_SELF_TEST)
-/*
- * DES and 3DES test vectors from:
- *
- * http://csrc.nist.gov/groups/STM/cavp/documents/des/tripledes-vectors.zip
- */
-static const unsigned char des3_test_keys[24] =
-{
-    0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
-    0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01,
-    0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23
-};
-
-static const unsigned char des3_test_buf[8] =
-{
-    0x4E, 0x6F, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74
-};
-
-static const unsigned char des3_test_ecb_dec[3][8] =
-{
-    { 0x37, 0x2B, 0x98, 0xBF, 0x52, 0x65, 0xB0, 0x59 },
-    { 0xC2, 0x10, 0x19, 0x9C, 0x38, 0x5A, 0x65, 0xA1 },
-    { 0xA2, 0x70, 0x56, 0x68, 0x69, 0xE5, 0x15, 0x1D }
-};
-
-static const unsigned char des3_test_ecb_enc[3][8] =
-{
-    { 0x1C, 0xD5, 0x97, 0xEA, 0x84, 0x26, 0x73, 0xFB },
-    { 0xB3, 0x92, 0x4D, 0xF3, 0xC5, 0xB5, 0x42, 0x93 },
-    { 0xDA, 0x37, 0x64, 0x41, 0xBA, 0x6F, 0x62, 0x6F }
-};
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-static const unsigned char des3_test_iv[8] =
-{
-    0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF,
-};
-
-static const unsigned char des3_test_cbc_dec[3][8] =
-{
-    { 0x58, 0xD9, 0x48, 0xEF, 0x85, 0x14, 0x65, 0x9A },
-    { 0x5F, 0xC8, 0x78, 0xD4, 0xD7, 0x92, 0xD9, 0x54 },
-    { 0x25, 0xF9, 0x75, 0x85, 0xA8, 0x1E, 0x48, 0xBF }
-};
-
-static const unsigned char des3_test_cbc_enc[3][8] =
-{
-    { 0x91, 0x1C, 0x6D, 0xCF, 0x48, 0xA7, 0xC3, 0x4D },
-    { 0x60, 0x1A, 0x76, 0x8F, 0xA1, 0xF9, 0x66, 0xF1 },
-    { 0xA1, 0x50, 0x0F, 0x99, 0xB2, 0xCD, 0x64, 0x76 }
-};
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-/*
- * Checkup routine
- */
-int mbedtls_des_self_test( int verbose )
-{
-    int i, j, u, v, ret = 0;
-    mbedtls_des_context ctx;
-    mbedtls_des3_context ctx3;
-    unsigned char buf[8];
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    unsigned char prv[8];
-    unsigned char iv[8];
-#endif
-
-    mbedtls_des_init( &ctx );
-    mbedtls_des3_init( &ctx3 );
-    /*
-     * ECB mode
-     */
-    for( i = 0; i < 6; i++ )
-    {
-        u = i >> 1;
-        v = i  & 1;
-
-        if( verbose != 0 )
-            mbedtls_printf( "  DES%c-ECB-%3d (%s): ",
-                             ( u == 0 ) ? ' ' : '3', 56 + u * 56,
-                             ( v == MBEDTLS_DES_DECRYPT ) ? "dec" : "enc" );
-
-        memcpy( buf, des3_test_buf, 8 );
-
-        switch( i )
-        {
-        case 0:
-            mbedtls_des_setkey_dec( &ctx, des3_test_keys );
-            break;
-
-        case 1:
-            mbedtls_des_setkey_enc( &ctx, des3_test_keys );
-            break;
-
-        case 2:
-            mbedtls_des3_set2key_dec( &ctx3, des3_test_keys );
-            break;
-
-        case 3:
-            mbedtls_des3_set2key_enc( &ctx3, des3_test_keys );
-            break;
-
-        case 4:
-            mbedtls_des3_set3key_dec( &ctx3, des3_test_keys );
-            break;
-
-        case 5:
-            mbedtls_des3_set3key_enc( &ctx3, des3_test_keys );
-            break;
-
-        default:
-            return( 1 );
-        }
-
-        for( j = 0; j < 100; j++ )
-        {
-            if( u == 0 )
-                mbedtls_des_crypt_ecb( &ctx, buf, buf );
-            else
-                mbedtls_des3_crypt_ecb( &ctx3, buf, buf );
-        }
-
-        if( ( v == MBEDTLS_DES_DECRYPT &&
-                memcmp( buf, des3_test_ecb_dec[u], 8 ) != 0 ) ||
-            ( v != MBEDTLS_DES_DECRYPT &&
-                memcmp( buf, des3_test_ecb_enc[u], 8 ) != 0 ) )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
-
-            ret = 1;
-            goto exit;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    /*
-     * CBC mode
-     */
-    for( i = 0; i < 6; i++ )
-    {
-        u = i >> 1;
-        v = i  & 1;
-
-        if( verbose != 0 )
-            mbedtls_printf( "  DES%c-CBC-%3d (%s): ",
-                             ( u == 0 ) ? ' ' : '3', 56 + u * 56,
-                             ( v == MBEDTLS_DES_DECRYPT ) ? "dec" : "enc" );
-
-        memcpy( iv,  des3_test_iv,  8 );
-        memcpy( prv, des3_test_iv,  8 );
-        memcpy( buf, des3_test_buf, 8 );
-
-        switch( i )
-        {
-        case 0:
-            mbedtls_des_setkey_dec( &ctx, des3_test_keys );
-            break;
-
-        case 1:
-            mbedtls_des_setkey_enc( &ctx, des3_test_keys );
-            break;
-
-        case 2:
-            mbedtls_des3_set2key_dec( &ctx3, des3_test_keys );
-            break;
-
-        case 3:
-            mbedtls_des3_set2key_enc( &ctx3, des3_test_keys );
-            break;
-
-        case 4:
-            mbedtls_des3_set3key_dec( &ctx3, des3_test_keys );
-            break;
-
-        case 5:
-            mbedtls_des3_set3key_enc( &ctx3, des3_test_keys );
-            break;
-
-        default:
-            return( 1 );
-        }
-
-        if( v == MBEDTLS_DES_DECRYPT )
-        {
-            for( j = 0; j < 100; j++ )
-            {
-                if( u == 0 )
-                    mbedtls_des_crypt_cbc( &ctx, v, 8, iv, buf, buf );
-                else
-                    mbedtls_des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf );
-            }
-        }
-        else
-        {
-            for( j = 0; j < 100; j++ )
-            {
-                unsigned char tmp[8];
-
-                if( u == 0 )
-                    mbedtls_des_crypt_cbc( &ctx, v, 8, iv, buf, buf );
-                else
-                    mbedtls_des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf );
-
-                memcpy( tmp, prv, 8 );
-                memcpy( prv, buf, 8 );
-                memcpy( buf, tmp, 8 );
-            }
-
-            memcpy( buf, prv, 8 );
-        }
-
-        if( ( v == MBEDTLS_DES_DECRYPT &&
-                memcmp( buf, des3_test_cbc_dec[u], 8 ) != 0 ) ||
-            ( v != MBEDTLS_DES_DECRYPT &&
-                memcmp( buf, des3_test_cbc_enc[u], 8 ) != 0 ) )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
-
-            ret = 1;
-            goto exit;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-exit:
-    mbedtls_des_free( &ctx );
-    mbedtls_des3_free( &ctx3 );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_DES_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/dhm.c b/3rdparty/mbedtls-2.25.0/library/dhm.c
deleted file mode 100644
index f796812..0000000
--- a/3rdparty/mbedtls-2.25.0/library/dhm.c
+++ /dev/null
@@ -1,735 +0,0 @@
-/*
- *  Diffie-Hellman-Merkle key exchange
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  The following sources were referenced in the design of this implementation
- *  of the Diffie-Hellman-Merkle algorithm:
- *
- *  [1] Handbook of Applied Cryptography - 1997, Chapter 12
- *      Menezes, van Oorschot and Vanstone
- *
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_DHM_C)
-
-#include "mbedtls/dhm.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_PEM_PARSE_C)
-#include "mbedtls/pem.h"
-#endif
-
-#if defined(MBEDTLS_ASN1_PARSE_C)
-#include "mbedtls/asn1.h"
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#include <stdio.h>
-#define mbedtls_printf     printf
-#define mbedtls_calloc    calloc
-#define mbedtls_free       free
-#endif
-
-#if !defined(MBEDTLS_DHM_ALT)
-
-#define DHM_VALIDATE_RET( cond )    \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_DHM_BAD_INPUT_DATA )
-#define DHM_VALIDATE( cond )        \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-/*
- * helper to validate the mbedtls_mpi size and import it
- */
-static int dhm_read_bignum( mbedtls_mpi *X,
-                            unsigned char **p,
-                            const unsigned char *end )
-{
-    int ret, n;
-
-    if( end - *p < 2 )
-        return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
-
-    n = ( (*p)[0] << 8 ) | (*p)[1];
-    (*p) += 2;
-
-    if( (int)( end - *p ) < n )
-        return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
-
-    if( ( ret = mbedtls_mpi_read_binary( X, *p, n ) ) != 0 )
-        return( MBEDTLS_ERR_DHM_READ_PARAMS_FAILED + ret );
-
-    (*p) += n;
-
-    return( 0 );
-}
-
-/*
- * Verify sanity of parameter with regards to P
- *
- * Parameter should be: 2 <= public_param <= P - 2
- *
- * This means that we need to return an error if
- *              public_param < 2 or public_param > P-2
- *
- * For more information on the attack, see:
- *  http://www.cl.cam.ac.uk/~rja14/Papers/psandqs.pdf
- *  http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2643
- */
-static int dhm_check_range( const mbedtls_mpi *param, const mbedtls_mpi *P )
-{
-    mbedtls_mpi L, U;
-    int ret = 0;
-
-    mbedtls_mpi_init( &L ); mbedtls_mpi_init( &U );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &L, 2 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &U, P, 2 ) );
-
-    if( mbedtls_mpi_cmp_mpi( param, &L ) < 0 ||
-        mbedtls_mpi_cmp_mpi( param, &U ) > 0 )
-    {
-        ret = MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
-    }
-
-cleanup:
-    mbedtls_mpi_free( &L ); mbedtls_mpi_free( &U );
-    return( ret );
-}
-
-void mbedtls_dhm_init( mbedtls_dhm_context *ctx )
-{
-    DHM_VALIDATE( ctx != NULL );
-    memset( ctx, 0, sizeof( mbedtls_dhm_context ) );
-}
-
-/*
- * Parse the ServerKeyExchange parameters
- */
-int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx,
-                     unsigned char **p,
-                     const unsigned char *end )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    DHM_VALIDATE_RET( ctx != NULL );
-    DHM_VALIDATE_RET( p != NULL && *p != NULL );
-    DHM_VALIDATE_RET( end != NULL );
-
-    if( ( ret = dhm_read_bignum( &ctx->P,  p, end ) ) != 0 ||
-        ( ret = dhm_read_bignum( &ctx->G,  p, end ) ) != 0 ||
-        ( ret = dhm_read_bignum( &ctx->GY, p, end ) ) != 0 )
-        return( ret );
-
-    if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 )
-        return( ret );
-
-    ctx->len = mbedtls_mpi_size( &ctx->P );
-
-    return( 0 );
-}
-
-/*
- * Setup and write the ServerKeyExchange parameters
- */
-int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
-                     unsigned char *output, size_t *olen,
-                     int (*f_rng)(void *, unsigned char *, size_t),
-                     void *p_rng )
-{
-    int ret, count = 0;
-    size_t n1, n2, n3;
-    unsigned char *p;
-    DHM_VALIDATE_RET( ctx != NULL );
-    DHM_VALIDATE_RET( output != NULL );
-    DHM_VALIDATE_RET( olen != NULL );
-    DHM_VALIDATE_RET( f_rng != NULL );
-
-    if( mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 )
-        return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
-
-    /*
-     * Generate X as large as possible ( < P )
-     */
-    do
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ) );
-
-        while( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
-            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &ctx->X, 1 ) );
-
-        if( count++ > 10 )
-            return( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED );
-    }
-    while( dhm_check_range( &ctx->X, &ctx->P ) != 0 );
-
-    /*
-     * Calculate GX = G^X mod P
-     */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X,
-                          &ctx->P , &ctx->RP ) );
-
-    if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 )
-        return( ret );
-
-    /*
-     * export P, G, GX
-     */
-#define DHM_MPI_EXPORT( X, n )                                          \
-    do {                                                                \
-        MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( ( X ),               \
-                                                   p + 2,               \
-                                                   ( n ) ) );           \
-        *p++ = (unsigned char)( ( n ) >> 8 );                           \
-        *p++ = (unsigned char)( ( n )      );                           \
-        p += ( n );                                                     \
-    } while( 0 )
-
-    n1 = mbedtls_mpi_size( &ctx->P  );
-    n2 = mbedtls_mpi_size( &ctx->G  );
-    n3 = mbedtls_mpi_size( &ctx->GX );
-
-    p = output;
-    DHM_MPI_EXPORT( &ctx->P , n1 );
-    DHM_MPI_EXPORT( &ctx->G , n2 );
-    DHM_MPI_EXPORT( &ctx->GX, n3 );
-
-    *olen = p - output;
-
-    ctx->len = n1;
-
-cleanup:
-
-    if( ret != 0 )
-        return( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED + ret );
-
-    return( 0 );
-}
-
-/*
- * Set prime modulus and generator
- */
-int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx,
-                           const mbedtls_mpi *P,
-                           const mbedtls_mpi *G )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    DHM_VALIDATE_RET( ctx != NULL );
-    DHM_VALIDATE_RET( P != NULL );
-    DHM_VALIDATE_RET( G != NULL );
-
-    if( ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 ||
-        ( ret = mbedtls_mpi_copy( &ctx->G, G ) ) != 0 )
-    {
-        return( MBEDTLS_ERR_DHM_SET_GROUP_FAILED + ret );
-    }
-
-    ctx->len = mbedtls_mpi_size( &ctx->P );
-    return( 0 );
-}
-
-/*
- * Import the peer's public value G^Y
- */
-int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx,
-                     const unsigned char *input, size_t ilen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    DHM_VALIDATE_RET( ctx != NULL );
-    DHM_VALIDATE_RET( input != NULL );
-
-    if( ilen < 1 || ilen > ctx->len )
-        return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
-
-    if( ( ret = mbedtls_mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 )
-        return( MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED + ret );
-
-    return( 0 );
-}
-
-/*
- * Create own private value X and export G^X
- */
-int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size,
-                     unsigned char *output, size_t olen,
-                     int (*f_rng)(void *, unsigned char *, size_t),
-                     void *p_rng )
-{
-    int ret, count = 0;
-    DHM_VALIDATE_RET( ctx != NULL );
-    DHM_VALIDATE_RET( output != NULL );
-    DHM_VALIDATE_RET( f_rng != NULL );
-
-    if( olen < 1 || olen > ctx->len )
-        return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
-
-    if( mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 )
-        return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
-
-    /*
-     * generate X and calculate GX = G^X mod P
-     */
-    do
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ) );
-
-        while( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
-            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &ctx->X, 1 ) );
-
-        if( count++ > 10 )
-            return( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED );
-    }
-    while( dhm_check_range( &ctx->X, &ctx->P ) != 0 );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X,
-                          &ctx->P , &ctx->RP ) );
-
-    if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 )
-        return( ret );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->GX, output, olen ) );
-
-cleanup:
-
-    if( ret != 0 )
-        return( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED + ret );
-
-    return( 0 );
-}
-
-/*
- * Pick a random R in the range [2, M) for blinding purposes
- */
-static int dhm_random_below( mbedtls_mpi *R, const mbedtls_mpi *M,
-                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-    int ret, count;
-
-    count = 0;
-    do
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( R, mbedtls_mpi_size( M ), f_rng, p_rng ) );
-
-        while( mbedtls_mpi_cmp_mpi( R, M ) >= 0 )
-            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( R, 1 ) );
-
-        if( count++ > 10 )
-            return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE );
-    }
-    while( mbedtls_mpi_cmp_int( R, 1 ) <= 0 );
-
-cleanup:
-    return( ret );
-}
-
-
-/*
- * Use the blinding method and optimisation suggested in section 10 of:
- *  KOCHER, Paul C. Timing attacks on implementations of Diffie-Hellman, RSA,
- *  DSS, and other systems. In : Advances in Cryptology-CRYPTO'96. Springer
- *  Berlin Heidelberg, 1996. p. 104-113.
- */
-static int dhm_update_blinding( mbedtls_dhm_context *ctx,
-                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-    int ret;
-    mbedtls_mpi R;
-
-    mbedtls_mpi_init( &R );
-
-    /*
-     * Don't use any blinding the first time a particular X is used,
-     * but remember it to use blinding next time.
-     */
-    if( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->pX ) != 0 )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &ctx->pX, &ctx->X ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->Vi, 1 ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->Vf, 1 ) );
-
-        return( 0 );
-    }
-
-    /*
-     * Ok, we need blinding. Can we re-use existing values?
-     * If yes, just update them by squaring them.
-     */
-    if( mbedtls_mpi_cmp_int( &ctx->Vi, 1 ) != 0 )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->P ) );
-
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) );
-
-        return( 0 );
-    }
-
-    /*
-     * We need to generate blinding values from scratch
-     */
-
-    /* Vi = random( 2, P-1 ) */
-    MBEDTLS_MPI_CHK( dhm_random_below( &ctx->Vi, &ctx->P, f_rng, p_rng ) );
-
-    /* Vf = Vi^-X mod P
-     * First compute Vi^-1 = R * (R Vi)^-1, (avoiding leaks from inv_mod),
-     * then elevate to the Xth power. */
-    MBEDTLS_MPI_CHK( dhm_random_below( &R, &ctx->P, f_rng, p_rng ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vi, &R ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &ctx->Vf, &ctx->Vf, &ctx->P ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &R ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->Vf, &ctx->Vf, &ctx->X, &ctx->P, &ctx->RP ) );
-
-cleanup:
-    mbedtls_mpi_free( &R );
-
-    return( ret );
-}
-
-/*
- * Derive and export the shared secret (G^Y)^X mod P
- */
-int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx,
-                     unsigned char *output, size_t output_size, size_t *olen,
-                     int (*f_rng)(void *, unsigned char *, size_t),
-                     void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_mpi GYb;
-    DHM_VALIDATE_RET( ctx != NULL );
-    DHM_VALIDATE_RET( output != NULL );
-    DHM_VALIDATE_RET( olen != NULL );
-
-    if( output_size < ctx->len )
-        return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
-
-    if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 )
-        return( ret );
-
-    mbedtls_mpi_init( &GYb );
-
-    /* Blind peer's value */
-    if( f_rng != NULL )
-    {
-        MBEDTLS_MPI_CHK( dhm_update_blinding( ctx, f_rng, p_rng ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &GYb, &ctx->GY, &ctx->Vi ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &GYb, &GYb, &ctx->P ) );
-    }
-    else
-        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &GYb, &ctx->GY ) );
-
-    /* Do modular exponentiation */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->K, &GYb, &ctx->X,
-                          &ctx->P, &ctx->RP ) );
-
-    /* Unblind secret value */
-    if( f_rng != NULL )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->K, &ctx->K, &ctx->Vf ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) );
-    }
-
-    *olen = mbedtls_mpi_size( &ctx->K );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->K, output, *olen ) );
-
-cleanup:
-    mbedtls_mpi_free( &GYb );
-
-    if( ret != 0 )
-        return( MBEDTLS_ERR_DHM_CALC_SECRET_FAILED + ret );
-
-    return( 0 );
-}
-
-/*
- * Free the components of a DHM key
- */
-void mbedtls_dhm_free( mbedtls_dhm_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_mpi_free( &ctx->pX );
-    mbedtls_mpi_free( &ctx->Vf );
-    mbedtls_mpi_free( &ctx->Vi );
-    mbedtls_mpi_free( &ctx->RP );
-    mbedtls_mpi_free( &ctx->K  );
-    mbedtls_mpi_free( &ctx->GY );
-    mbedtls_mpi_free( &ctx->GX );
-    mbedtls_mpi_free( &ctx->X  );
-    mbedtls_mpi_free( &ctx->G  );
-    mbedtls_mpi_free( &ctx->P  );
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_dhm_context ) );
-}
-
-#if defined(MBEDTLS_ASN1_PARSE_C)
-/*
- * Parse DHM parameters
- */
-int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,
-                   size_t dhminlen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-    unsigned char *p, *end;
-#if defined(MBEDTLS_PEM_PARSE_C)
-    mbedtls_pem_context pem;
-#endif /* MBEDTLS_PEM_PARSE_C */
-
-    DHM_VALIDATE_RET( dhm != NULL );
-    DHM_VALIDATE_RET( dhmin != NULL );
-
-#if defined(MBEDTLS_PEM_PARSE_C)
-    mbedtls_pem_init( &pem );
-
-    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
-    if( dhminlen == 0 || dhmin[dhminlen - 1] != '\0' )
-        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
-    else
-        ret = mbedtls_pem_read_buffer( &pem,
-                               "-----BEGIN DH PARAMETERS-----",
-                               "-----END DH PARAMETERS-----",
-                               dhmin, NULL, 0, &dhminlen );
-
-    if( ret == 0 )
-    {
-        /*
-         * Was PEM encoded
-         */
-        dhminlen = pem.buflen;
-    }
-    else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
-        goto exit;
-
-    p = ( ret == 0 ) ? pem.buf : (unsigned char *) dhmin;
-#else
-    p = (unsigned char *) dhmin;
-#endif /* MBEDTLS_PEM_PARSE_C */
-    end = p + dhminlen;
-
-    /*
-     *  DHParams ::= SEQUENCE {
-     *      prime              INTEGER,  -- P
-     *      generator          INTEGER,  -- g
-     *      privateValueLength INTEGER OPTIONAL
-     *  }
-     */
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret;
-        goto exit;
-    }
-
-    end = p + len;
-
-    if( ( ret = mbedtls_asn1_get_mpi( &p, end, &dhm->P  ) ) != 0 ||
-        ( ret = mbedtls_asn1_get_mpi( &p, end, &dhm->G ) ) != 0 )
-    {
-        ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret;
-        goto exit;
-    }
-
-    if( p != end )
-    {
-        /* This might be the optional privateValueLength.
-         * If so, we can cleanly discard it */
-        mbedtls_mpi rec;
-        mbedtls_mpi_init( &rec );
-        ret = mbedtls_asn1_get_mpi( &p, end, &rec );
-        mbedtls_mpi_free( &rec );
-        if ( ret != 0 )
-        {
-            ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret;
-            goto exit;
-        }
-        if ( p != end )
-        {
-            ret = MBEDTLS_ERR_DHM_INVALID_FORMAT +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
-            goto exit;
-        }
-    }
-
-    ret = 0;
-
-    dhm->len = mbedtls_mpi_size( &dhm->P );
-
-exit:
-#if defined(MBEDTLS_PEM_PARSE_C)
-    mbedtls_pem_free( &pem );
-#endif
-    if( ret != 0 )
-        mbedtls_dhm_free( dhm );
-
-    return( ret );
-}
-
-#if defined(MBEDTLS_FS_IO)
-/*
- * Load all data from a file into a given buffer.
- *
- * The file is expected to contain either PEM or DER encoded data.
- * A terminating null byte is always appended. It is included in the announced
- * length only if the data looks like it is PEM encoded.
- */
-static int load_file( const char *path, unsigned char **buf, size_t *n )
-{
-    FILE *f;
-    long size;
-
-    if( ( f = fopen( path, "rb" ) ) == NULL )
-        return( MBEDTLS_ERR_DHM_FILE_IO_ERROR );
-
-    fseek( f, 0, SEEK_END );
-    if( ( size = ftell( f ) ) == -1 )
-    {
-        fclose( f );
-        return( MBEDTLS_ERR_DHM_FILE_IO_ERROR );
-    }
-    fseek( f, 0, SEEK_SET );
-
-    *n = (size_t) size;
-
-    if( *n + 1 == 0 ||
-        ( *buf = mbedtls_calloc( 1, *n + 1 ) ) == NULL )
-    {
-        fclose( f );
-        return( MBEDTLS_ERR_DHM_ALLOC_FAILED );
-    }
-
-    if( fread( *buf, 1, *n, f ) != *n )
-    {
-        fclose( f );
-
-        mbedtls_platform_zeroize( *buf, *n + 1 );
-        mbedtls_free( *buf );
-
-        return( MBEDTLS_ERR_DHM_FILE_IO_ERROR );
-    }
-
-    fclose( f );
-
-    (*buf)[*n] = '\0';
-
-    if( strstr( (const char *) *buf, "-----BEGIN " ) != NULL )
-        ++*n;
-
-    return( 0 );
-}
-
-/*
- * Load and parse DHM parameters
- */
-int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t n;
-    unsigned char *buf;
-    DHM_VALIDATE_RET( dhm != NULL );
-    DHM_VALIDATE_RET( path != NULL );
-
-    if( ( ret = load_file( path, &buf, &n ) ) != 0 )
-        return( ret );
-
-    ret = mbedtls_dhm_parse_dhm( dhm, buf, n );
-
-    mbedtls_platform_zeroize( buf, n );
-    mbedtls_free( buf );
-
-    return( ret );
-}
-#endif /* MBEDTLS_FS_IO */
-#endif /* MBEDTLS_ASN1_PARSE_C */
-#endif /* MBEDTLS_DHM_ALT */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-#if defined(MBEDTLS_PEM_PARSE_C)
-static const char mbedtls_test_dhm_params[] =
-"-----BEGIN DH PARAMETERS-----\r\n"
-"MIGHAoGBAJ419DBEOgmQTzo5qXl5fQcN9TN455wkOL7052HzxxRVMyhYmwQcgJvh\r\n"
-"1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32\r\n"
-"9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC\r\n"
-"-----END DH PARAMETERS-----\r\n";
-#else /* MBEDTLS_PEM_PARSE_C */
-static const char mbedtls_test_dhm_params[] = {
-  0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0x9e, 0x35, 0xf4, 0x30, 0x44,
-  0x3a, 0x09, 0x90, 0x4f, 0x3a, 0x39, 0xa9, 0x79, 0x79, 0x7d, 0x07, 0x0d,
-  0xf5, 0x33, 0x78, 0xe7, 0x9c, 0x24, 0x38, 0xbe, 0xf4, 0xe7, 0x61, 0xf3,
-  0xc7, 0x14, 0x55, 0x33, 0x28, 0x58, 0x9b, 0x04, 0x1c, 0x80, 0x9b, 0xe1,
-  0xd6, 0xc6, 0xb5, 0xf1, 0xfc, 0x9f, 0x47, 0xd3, 0xa2, 0x54, 0x43, 0x18,
-  0x82, 0x53, 0xa9, 0x92, 0xa5, 0x68, 0x18, 0xb3, 0x7b, 0xa9, 0xde, 0x5a,
-  0x40, 0xd3, 0x62, 0xe5, 0x6e, 0xff, 0x0b, 0xe5, 0x41, 0x74, 0x74, 0xc1,
-  0x25, 0xc1, 0x99, 0x27, 0x2c, 0x8f, 0xe4, 0x1d, 0xea, 0x73, 0x3d, 0xf6,
-  0xf6, 0x62, 0xc9, 0x2a, 0xe7, 0x65, 0x56, 0xe7, 0x55, 0xd1, 0x0c, 0x64,
-  0xe6, 0xa5, 0x09, 0x68, 0xf6, 0x7f, 0xc6, 0xea, 0x73, 0xd0, 0xdc, 0xa8,
-  0x56, 0x9b, 0xe2, 0xba, 0x20, 0x4e, 0x23, 0x58, 0x0d, 0x8b, 0xca, 0x2f,
-  0x49, 0x75, 0xb3, 0x02, 0x01, 0x02 };
-#endif /* MBEDTLS_PEM_PARSE_C */
-
-static const size_t mbedtls_test_dhm_params_len = sizeof( mbedtls_test_dhm_params );
-
-/*
- * Checkup routine
- */
-int mbedtls_dhm_self_test( int verbose )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_dhm_context dhm;
-
-    mbedtls_dhm_init( &dhm );
-
-    if( verbose != 0 )
-        mbedtls_printf( "  DHM parameter load: " );
-
-    if( ( ret = mbedtls_dhm_parse_dhm( &dhm,
-                    (const unsigned char *) mbedtls_test_dhm_params,
-                    mbedtls_test_dhm_params_len ) ) != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
-
-        ret = 1;
-        goto exit;
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n\n" );
-
-exit:
-    mbedtls_dhm_free( &dhm );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_DHM_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/ecdh.c b/3rdparty/mbedtls-2.25.0/library/ecdh.c
deleted file mode 100644
index 9dfa868..0000000
--- a/3rdparty/mbedtls-2.25.0/library/ecdh.c
+++ /dev/null
@@ -1,729 +0,0 @@
-/*
- *  Elliptic curve Diffie-Hellman
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- * References:
- *
- * SEC1 http://www.secg.org/index.php?action=secg,docs_secg
- * RFC 4492
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_ECDH_C)
-
-#include "mbedtls/ecdh.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-/* Parameter validation macros based on platform_util.h */
-#define ECDH_VALIDATE_RET( cond )    \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA )
-#define ECDH_VALIDATE( cond )        \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-typedef mbedtls_ecdh_context mbedtls_ecdh_context_mbed;
-#endif
-
-static mbedtls_ecp_group_id mbedtls_ecdh_grp_id(
-    const mbedtls_ecdh_context *ctx )
-{
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    return( ctx->grp.id );
-#else
-    return( ctx->grp_id );
-#endif
-}
-
-int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid )
-{
-    /* At this time, all groups support ECDH. */
-    (void) gid;
-    return( 1 );
-}
-
-#if !defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT)
-/*
- * Generate public key (restartable version)
- *
- * Note: this internal function relies on its caller preserving the value of
- * the output parameter 'd' across continuation calls. This would not be
- * acceptable for a public function but is OK here as we control call sites.
- */
-static int ecdh_gen_public_restartable( mbedtls_ecp_group *grp,
-                    mbedtls_mpi *d, mbedtls_ecp_point *Q,
-                    int (*f_rng)(void *, unsigned char *, size_t),
-                    void *p_rng,
-                    mbedtls_ecp_restart_ctx *rs_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    /* If multiplication is in progress, we already generated a privkey */
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx == NULL || rs_ctx->rsm == NULL )
-#endif
-        MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, d, f_rng, p_rng ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, Q, d, &grp->G,
-                                                  f_rng, p_rng, rs_ctx ) );
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Generate public key
- */
-int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
-                     int (*f_rng)(void *, unsigned char *, size_t),
-                     void *p_rng )
-{
-    ECDH_VALIDATE_RET( grp != NULL );
-    ECDH_VALIDATE_RET( d != NULL );
-    ECDH_VALIDATE_RET( Q != NULL );
-    ECDH_VALIDATE_RET( f_rng != NULL );
-    return( ecdh_gen_public_restartable( grp, d, Q, f_rng, p_rng, NULL ) );
-}
-#endif /* !MBEDTLS_ECDH_GEN_PUBLIC_ALT */
-
-#if !defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT)
-/*
- * Compute shared secret (SEC1 3.3.1)
- */
-static int ecdh_compute_shared_restartable( mbedtls_ecp_group *grp,
-                         mbedtls_mpi *z,
-                         const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
-                         int (*f_rng)(void *, unsigned char *, size_t),
-                         void *p_rng,
-                         mbedtls_ecp_restart_ctx *rs_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ecp_point P;
-
-    mbedtls_ecp_point_init( &P );
-
-    MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, &P, d, Q,
-                                                  f_rng, p_rng, rs_ctx ) );
-
-    if( mbedtls_ecp_is_zero( &P ) )
-    {
-        ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-        goto cleanup;
-    }
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( z, &P.X ) );
-
-cleanup:
-    mbedtls_ecp_point_free( &P );
-
-    return( ret );
-}
-
-/*
- * Compute shared secret (SEC1 3.3.1)
- */
-int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
-                         const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
-                         int (*f_rng)(void *, unsigned char *, size_t),
-                         void *p_rng )
-{
-    ECDH_VALIDATE_RET( grp != NULL );
-    ECDH_VALIDATE_RET( Q != NULL );
-    ECDH_VALIDATE_RET( d != NULL );
-    ECDH_VALIDATE_RET( z != NULL );
-    return( ecdh_compute_shared_restartable( grp, z, Q, d,
-                                             f_rng, p_rng, NULL ) );
-}
-#endif /* !MBEDTLS_ECDH_COMPUTE_SHARED_ALT */
-
-static void ecdh_init_internal( mbedtls_ecdh_context_mbed *ctx )
-{
-    mbedtls_ecp_group_init( &ctx->grp );
-    mbedtls_mpi_init( &ctx->d  );
-    mbedtls_ecp_point_init( &ctx->Q   );
-    mbedtls_ecp_point_init( &ctx->Qp  );
-    mbedtls_mpi_init( &ctx->z  );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    mbedtls_ecp_restart_init( &ctx->rs );
-#endif
-}
-
-/*
- * Initialize context
- */
-void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx )
-{
-    ECDH_VALIDATE( ctx != NULL );
-
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    ecdh_init_internal( ctx );
-    mbedtls_ecp_point_init( &ctx->Vi  );
-    mbedtls_ecp_point_init( &ctx->Vf  );
-    mbedtls_mpi_init( &ctx->_d );
-#else
-    memset( ctx, 0, sizeof( mbedtls_ecdh_context ) );
-
-    ctx->var = MBEDTLS_ECDH_VARIANT_NONE;
-#endif
-    ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED;
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    ctx->restart_enabled = 0;
-#endif
-}
-
-static int ecdh_setup_internal( mbedtls_ecdh_context_mbed *ctx,
-                                mbedtls_ecp_group_id grp_id )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    ret = mbedtls_ecp_group_load( &ctx->grp, grp_id );
-    if( ret != 0 )
-    {
-        return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
-    }
-
-    return( 0 );
-}
-
-/*
- * Setup context
- */
-int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx, mbedtls_ecp_group_id grp_id )
-{
-    ECDH_VALIDATE_RET( ctx != NULL );
-
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    return( ecdh_setup_internal( ctx, grp_id ) );
-#else
-    switch( grp_id )
-    {
-#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
-        case MBEDTLS_ECP_DP_CURVE25519:
-            ctx->point_format = MBEDTLS_ECP_PF_COMPRESSED;
-            ctx->var = MBEDTLS_ECDH_VARIANT_EVEREST;
-            ctx->grp_id = grp_id;
-            return( mbedtls_everest_setup( &ctx->ctx.everest_ecdh, grp_id ) );
-#endif
-        default:
-            ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED;
-            ctx->var = MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0;
-            ctx->grp_id = grp_id;
-            ecdh_init_internal( &ctx->ctx.mbed_ecdh );
-            return( ecdh_setup_internal( &ctx->ctx.mbed_ecdh, grp_id ) );
-    }
-#endif
-}
-
-static void ecdh_free_internal( mbedtls_ecdh_context_mbed *ctx )
-{
-    mbedtls_ecp_group_free( &ctx->grp );
-    mbedtls_mpi_free( &ctx->d  );
-    mbedtls_ecp_point_free( &ctx->Q   );
-    mbedtls_ecp_point_free( &ctx->Qp  );
-    mbedtls_mpi_free( &ctx->z  );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    mbedtls_ecp_restart_free( &ctx->rs );
-#endif
-}
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-/*
- * Enable restartable operations for context
- */
-void mbedtls_ecdh_enable_restart( mbedtls_ecdh_context *ctx )
-{
-    ECDH_VALIDATE( ctx != NULL );
-
-    ctx->restart_enabled = 1;
-}
-#endif
-
-/*
- * Free context
- */
-void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    mbedtls_ecp_point_free( &ctx->Vi );
-    mbedtls_ecp_point_free( &ctx->Vf );
-    mbedtls_mpi_free( &ctx->_d );
-    ecdh_free_internal( ctx );
-#else
-    switch( ctx->var )
-    {
-#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
-        case MBEDTLS_ECDH_VARIANT_EVEREST:
-            mbedtls_everest_free( &ctx->ctx.everest_ecdh );
-            break;
-#endif
-        case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
-            ecdh_free_internal( &ctx->ctx.mbed_ecdh );
-            break;
-        default:
-            break;
-    }
-
-    ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED;
-    ctx->var = MBEDTLS_ECDH_VARIANT_NONE;
-    ctx->grp_id = MBEDTLS_ECP_DP_NONE;
-#endif
-}
-
-static int ecdh_make_params_internal( mbedtls_ecdh_context_mbed *ctx,
-                                      size_t *olen, int point_format,
-                                      unsigned char *buf, size_t blen,
-                                      int (*f_rng)(void *,
-                                                   unsigned char *,
-                                                   size_t),
-                                      void *p_rng,
-                                      int restart_enabled )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t grp_len, pt_len;
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    mbedtls_ecp_restart_ctx *rs_ctx = NULL;
-#endif
-
-    if( ctx->grp.pbits == 0 )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( restart_enabled )
-        rs_ctx = &ctx->rs;
-#else
-    (void) restart_enabled;
-#endif
-
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( ( ret = ecdh_gen_public_restartable( &ctx->grp, &ctx->d, &ctx->Q,
-                                             f_rng, p_rng, rs_ctx ) ) != 0 )
-        return( ret );
-#else
-    if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q,
-                                         f_rng, p_rng ) ) != 0 )
-        return( ret );
-#endif /* MBEDTLS_ECP_RESTARTABLE */
-
-    if( ( ret = mbedtls_ecp_tls_write_group( &ctx->grp, &grp_len, buf,
-                                             blen ) ) != 0 )
-        return( ret );
-
-    buf += grp_len;
-    blen -= grp_len;
-
-    if( ( ret = mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, point_format,
-                                             &pt_len, buf, blen ) ) != 0 )
-        return( ret );
-
-    *olen = grp_len + pt_len;
-    return( 0 );
-}
-
-/*
- * Setup and write the ServerKeyExchange parameters (RFC 4492)
- *      struct {
- *          ECParameters    curve_params;
- *          ECPoint         public;
- *      } ServerECDHParams;
- */
-int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
-                              unsigned char *buf, size_t blen,
-                              int (*f_rng)(void *, unsigned char *, size_t),
-                              void *p_rng )
-{
-    int restart_enabled = 0;
-    ECDH_VALIDATE_RET( ctx != NULL );
-    ECDH_VALIDATE_RET( olen != NULL );
-    ECDH_VALIDATE_RET( buf != NULL );
-    ECDH_VALIDATE_RET( f_rng != NULL );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    restart_enabled = ctx->restart_enabled;
-#else
-    (void) restart_enabled;
-#endif
-
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    return( ecdh_make_params_internal( ctx, olen, ctx->point_format, buf, blen,
-                                       f_rng, p_rng, restart_enabled ) );
-#else
-    switch( ctx->var )
-    {
-#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
-        case MBEDTLS_ECDH_VARIANT_EVEREST:
-            return( mbedtls_everest_make_params( &ctx->ctx.everest_ecdh, olen,
-                                                 buf, blen, f_rng, p_rng ) );
-#endif
-        case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
-            return( ecdh_make_params_internal( &ctx->ctx.mbed_ecdh, olen,
-                                               ctx->point_format, buf, blen,
-                                               f_rng, p_rng,
-                                               restart_enabled ) );
-        default:
-            return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-    }
-#endif
-}
-
-static int ecdh_read_params_internal( mbedtls_ecdh_context_mbed *ctx,
-                                      const unsigned char **buf,
-                                      const unsigned char *end )
-{
-    return( mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, buf,
-                                        end - *buf ) );
-}
-
-/*
- * Read the ServerKeyExhange parameters (RFC 4492)
- *      struct {
- *          ECParameters    curve_params;
- *          ECPoint         public;
- *      } ServerECDHParams;
- */
-int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx,
-                              const unsigned char **buf,
-                              const unsigned char *end )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ecp_group_id grp_id;
-    ECDH_VALIDATE_RET( ctx != NULL );
-    ECDH_VALIDATE_RET( buf != NULL );
-    ECDH_VALIDATE_RET( *buf != NULL );
-    ECDH_VALIDATE_RET( end != NULL );
-
-    if( ( ret = mbedtls_ecp_tls_read_group_id( &grp_id, buf, end - *buf ) )
-            != 0 )
-        return( ret );
-
-    if( ( ret = mbedtls_ecdh_setup( ctx, grp_id ) ) != 0 )
-        return( ret );
-
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    return( ecdh_read_params_internal( ctx, buf, end ) );
-#else
-    switch( ctx->var )
-    {
-#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
-        case MBEDTLS_ECDH_VARIANT_EVEREST:
-            return( mbedtls_everest_read_params( &ctx->ctx.everest_ecdh,
-                                                 buf, end) );
-#endif
-        case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
-            return( ecdh_read_params_internal( &ctx->ctx.mbed_ecdh,
-                                               buf, end ) );
-        default:
-            return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-    }
-#endif
-}
-
-static int ecdh_get_params_internal( mbedtls_ecdh_context_mbed *ctx,
-                                     const mbedtls_ecp_keypair *key,
-                                     mbedtls_ecdh_side side )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    /* If it's not our key, just import the public part as Qp */
-    if( side == MBEDTLS_ECDH_THEIRS )
-        return( mbedtls_ecp_copy( &ctx->Qp, &key->Q ) );
-
-    /* Our key: import public (as Q) and private parts */
-    if( side != MBEDTLS_ECDH_OURS )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-    if( ( ret = mbedtls_ecp_copy( &ctx->Q, &key->Q ) ) != 0 ||
-        ( ret = mbedtls_mpi_copy( &ctx->d, &key->d ) ) != 0 )
-        return( ret );
-
-    return( 0 );
-}
-
-/*
- * Get parameters from a keypair
- */
-int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx,
-                             const mbedtls_ecp_keypair *key,
-                             mbedtls_ecdh_side side )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    ECDH_VALIDATE_RET( ctx != NULL );
-    ECDH_VALIDATE_RET( key != NULL );
-    ECDH_VALIDATE_RET( side == MBEDTLS_ECDH_OURS ||
-                       side == MBEDTLS_ECDH_THEIRS );
-
-    if( mbedtls_ecdh_grp_id( ctx ) == MBEDTLS_ECP_DP_NONE )
-    {
-        /* This is the first call to get_params(). Set up the context
-         * for use with the group. */
-        if( ( ret = mbedtls_ecdh_setup( ctx, key->grp.id ) ) != 0 )
-            return( ret );
-    }
-    else
-    {
-        /* This is not the first call to get_params(). Check that the
-         * current key's group is the same as the context's, which was set
-         * from the first key's group. */
-        if( mbedtls_ecdh_grp_id( ctx ) != key->grp.id )
-            return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-    }
-
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    return( ecdh_get_params_internal( ctx, key, side ) );
-#else
-    switch( ctx->var )
-    {
-#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
-        case MBEDTLS_ECDH_VARIANT_EVEREST:
-        {
-            mbedtls_everest_ecdh_side s = side == MBEDTLS_ECDH_OURS ?
-                                                   MBEDTLS_EVEREST_ECDH_OURS :
-                                                   MBEDTLS_EVEREST_ECDH_THEIRS;
-            return( mbedtls_everest_get_params( &ctx->ctx.everest_ecdh,
-                                                key, s) );
-        }
-#endif
-        case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
-            return( ecdh_get_params_internal( &ctx->ctx.mbed_ecdh,
-                                              key, side ) );
-        default:
-            return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-    }
-#endif
-}
-
-static int ecdh_make_public_internal( mbedtls_ecdh_context_mbed *ctx,
-                                      size_t *olen, int point_format,
-                                      unsigned char *buf, size_t blen,
-                                      int (*f_rng)(void *,
-                                                   unsigned char *,
-                                                   size_t),
-                                      void *p_rng,
-                                      int restart_enabled )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    mbedtls_ecp_restart_ctx *rs_ctx = NULL;
-#endif
-
-    if( ctx->grp.pbits == 0 )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( restart_enabled )
-        rs_ctx = &ctx->rs;
-#else
-    (void) restart_enabled;
-#endif
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( ( ret = ecdh_gen_public_restartable( &ctx->grp, &ctx->d, &ctx->Q,
-                                             f_rng, p_rng, rs_ctx ) ) != 0 )
-        return( ret );
-#else
-    if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q,
-                                         f_rng, p_rng ) ) != 0 )
-        return( ret );
-#endif /* MBEDTLS_ECP_RESTARTABLE */
-
-    return mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, point_format, olen,
-                                        buf, blen );
-}
-
-/*
- * Setup and export the client public value
- */
-int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
-                              unsigned char *buf, size_t blen,
-                              int (*f_rng)(void *, unsigned char *, size_t),
-                              void *p_rng )
-{
-    int restart_enabled = 0;
-    ECDH_VALIDATE_RET( ctx != NULL );
-    ECDH_VALIDATE_RET( olen != NULL );
-    ECDH_VALIDATE_RET( buf != NULL );
-    ECDH_VALIDATE_RET( f_rng != NULL );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    restart_enabled = ctx->restart_enabled;
-#endif
-
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    return( ecdh_make_public_internal( ctx, olen, ctx->point_format, buf, blen,
-                                       f_rng, p_rng, restart_enabled ) );
-#else
-    switch( ctx->var )
-    {
-#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
-        case MBEDTLS_ECDH_VARIANT_EVEREST:
-            return( mbedtls_everest_make_public( &ctx->ctx.everest_ecdh, olen,
-                                                 buf, blen, f_rng, p_rng ) );
-#endif
-        case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
-            return( ecdh_make_public_internal( &ctx->ctx.mbed_ecdh, olen,
-                                               ctx->point_format, buf, blen,
-                                               f_rng, p_rng,
-                                               restart_enabled ) );
-        default:
-            return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-    }
-#endif
-}
-
-static int ecdh_read_public_internal( mbedtls_ecdh_context_mbed *ctx,
-                                      const unsigned char *buf, size_t blen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const unsigned char *p = buf;
-
-    if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, &p,
-                                            blen ) ) != 0 )
-        return( ret );
-
-    if( (size_t)( p - buf ) != blen )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-    return( 0 );
-}
-
-/*
- * Parse and import the client's public value
- */
-int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx,
-                              const unsigned char *buf, size_t blen )
-{
-    ECDH_VALIDATE_RET( ctx != NULL );
-    ECDH_VALIDATE_RET( buf != NULL );
-
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    return( ecdh_read_public_internal( ctx, buf, blen ) );
-#else
-    switch( ctx->var )
-    {
-#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
-        case MBEDTLS_ECDH_VARIANT_EVEREST:
-            return( mbedtls_everest_read_public( &ctx->ctx.everest_ecdh,
-                                                 buf, blen ) );
-#endif
-        case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
-            return( ecdh_read_public_internal( &ctx->ctx.mbed_ecdh,
-                                                       buf, blen ) );
-        default:
-            return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-    }
-#endif
-}
-
-static int ecdh_calc_secret_internal( mbedtls_ecdh_context_mbed *ctx,
-                                      size_t *olen, unsigned char *buf,
-                                      size_t blen,
-                                      int (*f_rng)(void *,
-                                                   unsigned char *,
-                                                   size_t),
-                                      void *p_rng,
-                                      int restart_enabled )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    mbedtls_ecp_restart_ctx *rs_ctx = NULL;
-#endif
-
-    if( ctx == NULL || ctx->grp.pbits == 0 )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( restart_enabled )
-        rs_ctx = &ctx->rs;
-#else
-    (void) restart_enabled;
-#endif
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( ( ret = ecdh_compute_shared_restartable( &ctx->grp, &ctx->z, &ctx->Qp,
-                                                 &ctx->d, f_rng, p_rng,
-                                                 rs_ctx ) ) != 0 )
-    {
-        return( ret );
-    }
-#else
-    if( ( ret = mbedtls_ecdh_compute_shared( &ctx->grp, &ctx->z, &ctx->Qp,
-                                             &ctx->d, f_rng, p_rng ) ) != 0 )
-    {
-        return( ret );
-    }
-#endif /* MBEDTLS_ECP_RESTARTABLE */
-
-    if( mbedtls_mpi_size( &ctx->z ) > blen )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-    *olen = ctx->grp.pbits / 8 + ( ( ctx->grp.pbits % 8 ) != 0 );
-
-    if( mbedtls_ecp_get_type( &ctx->grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
-        return mbedtls_mpi_write_binary_le( &ctx->z, buf, *olen );
-
-    return mbedtls_mpi_write_binary( &ctx->z, buf, *olen );
-}
-
-/*
- * Derive and export the shared secret
- */
-int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
-                              unsigned char *buf, size_t blen,
-                              int (*f_rng)(void *, unsigned char *, size_t),
-                              void *p_rng )
-{
-    int restart_enabled = 0;
-    ECDH_VALIDATE_RET( ctx != NULL );
-    ECDH_VALIDATE_RET( olen != NULL );
-    ECDH_VALIDATE_RET( buf != NULL );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    restart_enabled = ctx->restart_enabled;
-#endif
-
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    return( ecdh_calc_secret_internal( ctx, olen, buf, blen, f_rng, p_rng,
-                                       restart_enabled ) );
-#else
-    switch( ctx->var )
-    {
-#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
-        case MBEDTLS_ECDH_VARIANT_EVEREST:
-            return( mbedtls_everest_calc_secret( &ctx->ctx.everest_ecdh, olen,
-                                                 buf, blen, f_rng, p_rng ) );
-#endif
-        case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
-            return( ecdh_calc_secret_internal( &ctx->ctx.mbed_ecdh, olen, buf,
-                                               blen, f_rng, p_rng,
-                                               restart_enabled ) );
-        default:
-            return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-    }
-#endif
-}
-
-#endif /* MBEDTLS_ECDH_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/ecdsa.c b/3rdparty/mbedtls-2.25.0/library/ecdsa.c
deleted file mode 100644
index 22fb5e3..0000000
--- a/3rdparty/mbedtls-2.25.0/library/ecdsa.c
+++ /dev/null
@@ -1,1002 +0,0 @@
-/*
- *  Elliptic curve DSA
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- * References:
- *
- * SEC1 http://www.secg.org/index.php?action=secg,docs_secg
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_ECDSA_C)
-
-#include "mbedtls/ecdsa.h"
-#include "mbedtls/asn1write.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
-#include "mbedtls/hmac_drbg.h"
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc    calloc
-#define mbedtls_free       free
-#endif
-
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-/* Parameter validation macros based on platform_util.h */
-#define ECDSA_VALIDATE_RET( cond )    \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA )
-#define ECDSA_VALIDATE( cond )        \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-
-/*
- * Sub-context for ecdsa_verify()
- */
-struct mbedtls_ecdsa_restart_ver
-{
-    mbedtls_mpi u1, u2;     /* intermediate values  */
-    enum {                  /* what to do next?     */
-        ecdsa_ver_init = 0, /* getting started      */
-        ecdsa_ver_muladd,   /* muladd step          */
-    } state;
-};
-
-/*
- * Init verify restart sub-context
- */
-static void ecdsa_restart_ver_init( mbedtls_ecdsa_restart_ver_ctx *ctx )
-{
-    mbedtls_mpi_init( &ctx->u1 );
-    mbedtls_mpi_init( &ctx->u2 );
-    ctx->state = ecdsa_ver_init;
-}
-
-/*
- * Free the components of a verify restart sub-context
- */
-static void ecdsa_restart_ver_free( mbedtls_ecdsa_restart_ver_ctx *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_mpi_free( &ctx->u1 );
-    mbedtls_mpi_free( &ctx->u2 );
-
-    ecdsa_restart_ver_init( ctx );
-}
-
-/*
- * Sub-context for ecdsa_sign()
- */
-struct mbedtls_ecdsa_restart_sig
-{
-    int sign_tries;
-    int key_tries;
-    mbedtls_mpi k;          /* per-signature random */
-    mbedtls_mpi r;          /* r value              */
-    enum {                  /* what to do next?     */
-        ecdsa_sig_init = 0, /* getting started      */
-        ecdsa_sig_mul,      /* doing ecp_mul()      */
-        ecdsa_sig_modn,     /* mod N computations   */
-    } state;
-};
-
-/*
- * Init verify sign sub-context
- */
-static void ecdsa_restart_sig_init( mbedtls_ecdsa_restart_sig_ctx *ctx )
-{
-    ctx->sign_tries = 0;
-    ctx->key_tries = 0;
-    mbedtls_mpi_init( &ctx->k );
-    mbedtls_mpi_init( &ctx->r );
-    ctx->state = ecdsa_sig_init;
-}
-
-/*
- * Free the components of a sign restart sub-context
- */
-static void ecdsa_restart_sig_free( mbedtls_ecdsa_restart_sig_ctx *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_mpi_free( &ctx->k );
-    mbedtls_mpi_free( &ctx->r );
-}
-
-#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
-/*
- * Sub-context for ecdsa_sign_det()
- */
-struct mbedtls_ecdsa_restart_det
-{
-    mbedtls_hmac_drbg_context rng_ctx;  /* DRBG state   */
-    enum {                      /* what to do next?     */
-        ecdsa_det_init = 0,     /* getting started      */
-        ecdsa_det_sign,         /* make signature       */
-    } state;
-};
-
-/*
- * Init verify sign_det sub-context
- */
-static void ecdsa_restart_det_init( mbedtls_ecdsa_restart_det_ctx *ctx )
-{
-    mbedtls_hmac_drbg_init( &ctx->rng_ctx );
-    ctx->state = ecdsa_det_init;
-}
-
-/*
- * Free the components of a sign_det restart sub-context
- */
-static void ecdsa_restart_det_free( mbedtls_ecdsa_restart_det_ctx *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_hmac_drbg_free( &ctx->rng_ctx );
-
-    ecdsa_restart_det_init( ctx );
-}
-#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
-
-#define ECDSA_RS_ECP    ( rs_ctx == NULL ? NULL : &rs_ctx->ecp )
-
-/* Utility macro for checking and updating ops budget */
-#define ECDSA_BUDGET( ops )   \
-    MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, ECDSA_RS_ECP, ops ) );
-
-/* Call this when entering a function that needs its own sub-context */
-#define ECDSA_RS_ENTER( SUB )   do {                                 \
-    /* reset ops count for this call if top-level */                 \
-    if( rs_ctx != NULL && rs_ctx->ecp.depth++ == 0 )                 \
-        rs_ctx->ecp.ops_done = 0;                                    \
-                                                                     \
-    /* set up our own sub-context if needed */                       \
-    if( mbedtls_ecp_restart_is_enabled() &&                          \
-        rs_ctx != NULL && rs_ctx->SUB == NULL )                      \
-    {                                                                \
-        rs_ctx->SUB = mbedtls_calloc( 1, sizeof( *rs_ctx->SUB ) );   \
-        if( rs_ctx->SUB == NULL )                                    \
-            return( MBEDTLS_ERR_ECP_ALLOC_FAILED );                  \
-                                                                     \
-        ecdsa_restart_## SUB ##_init( rs_ctx->SUB );                 \
-    }                                                                \
-} while( 0 )
-
-/* Call this when leaving a function that needs its own sub-context */
-#define ECDSA_RS_LEAVE( SUB )   do {                                 \
-    /* clear our sub-context when not in progress (done or error) */ \
-    if( rs_ctx != NULL && rs_ctx->SUB != NULL &&                     \
-        ret != MBEDTLS_ERR_ECP_IN_PROGRESS )                         \
-    {                                                                \
-        ecdsa_restart_## SUB ##_free( rs_ctx->SUB );                 \
-        mbedtls_free( rs_ctx->SUB );                                 \
-        rs_ctx->SUB = NULL;                                          \
-    }                                                                \
-                                                                     \
-    if( rs_ctx != NULL )                                             \
-        rs_ctx->ecp.depth--;                                         \
-} while( 0 )
-
-#else /* MBEDTLS_ECP_RESTARTABLE */
-
-#define ECDSA_RS_ECP    NULL
-
-#define ECDSA_BUDGET( ops )   /* no-op; for compatibility */
-
-#define ECDSA_RS_ENTER( SUB )   (void) rs_ctx
-#define ECDSA_RS_LEAVE( SUB )   (void) rs_ctx
-
-#endif /* MBEDTLS_ECP_RESTARTABLE */
-
-/*
- * Derive a suitable integer for group grp from a buffer of length len
- * SEC1 4.1.3 step 5 aka SEC1 4.1.4 step 3
- */
-static int derive_mpi( const mbedtls_ecp_group *grp, mbedtls_mpi *x,
-                       const unsigned char *buf, size_t blen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t n_size = ( grp->nbits + 7 ) / 8;
-    size_t use_size = blen > n_size ? n_size : blen;
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( x, buf, use_size ) );
-    if( use_size * 8 > grp->nbits )
-        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( x, use_size * 8 - grp->nbits ) );
-
-    /* While at it, reduce modulo N */
-    if( mbedtls_mpi_cmp_mpi( x, &grp->N ) >= 0 )
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( x, x, &grp->N ) );
-
-cleanup:
-    return( ret );
-}
-
-#if !defined(MBEDTLS_ECDSA_SIGN_ALT)
-/*
- * Compute ECDSA signature of a hashed message (SEC1 4.1.3)
- * Obviously, compared to SEC1 4.1.3, we skip step 4 (hash message)
- */
-static int ecdsa_sign_restartable( mbedtls_ecp_group *grp,
-                mbedtls_mpi *r, mbedtls_mpi *s,
-                const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
-                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-                int (*f_rng_blind)(void *, unsigned char *, size_t),
-                void *p_rng_blind,
-                mbedtls_ecdsa_restart_ctx *rs_ctx )
-{
-    int ret, key_tries, sign_tries;
-    int *p_sign_tries = &sign_tries, *p_key_tries = &key_tries;
-    mbedtls_ecp_point R;
-    mbedtls_mpi k, e, t;
-    mbedtls_mpi *pk = &k, *pr = r;
-
-    /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
-    if( ! mbedtls_ecdsa_can_do( grp->id ) || grp->N.p == NULL )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-    /* Make sure d is in range 1..n-1 */
-    if( mbedtls_mpi_cmp_int( d, 1 ) < 0 || mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 )
-        return( MBEDTLS_ERR_ECP_INVALID_KEY );
-
-    mbedtls_ecp_point_init( &R );
-    mbedtls_mpi_init( &k ); mbedtls_mpi_init( &e ); mbedtls_mpi_init( &t );
-
-    ECDSA_RS_ENTER( sig );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->sig != NULL )
-    {
-        /* redirect to our context */
-        p_sign_tries = &rs_ctx->sig->sign_tries;
-        p_key_tries = &rs_ctx->sig->key_tries;
-        pk = &rs_ctx->sig->k;
-        pr = &rs_ctx->sig->r;
-
-        /* jump to current step */
-        if( rs_ctx->sig->state == ecdsa_sig_mul )
-            goto mul;
-        if( rs_ctx->sig->state == ecdsa_sig_modn )
-            goto modn;
-    }
-#endif /* MBEDTLS_ECP_RESTARTABLE */
-
-    *p_sign_tries = 0;
-    do
-    {
-        if( (*p_sign_tries)++ > 10 )
-        {
-            ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
-            goto cleanup;
-        }
-
-        /*
-         * Steps 1-3: generate a suitable ephemeral keypair
-         * and set r = xR mod n
-         */
-        *p_key_tries = 0;
-        do
-        {
-            if( (*p_key_tries)++ > 10 )
-            {
-                ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
-                goto cleanup;
-            }
-
-            MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, pk, f_rng, p_rng ) );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-            if( rs_ctx != NULL && rs_ctx->sig != NULL )
-                rs_ctx->sig->state = ecdsa_sig_mul;
-
-mul:
-#endif
-            MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, &R, pk, &grp->G,
-                                                          f_rng_blind,
-                                                          p_rng_blind,
-                                                          ECDSA_RS_ECP ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pr, &R.X, &grp->N ) );
-        }
-        while( mbedtls_mpi_cmp_int( pr, 0 ) == 0 );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-        if( rs_ctx != NULL && rs_ctx->sig != NULL )
-            rs_ctx->sig->state = ecdsa_sig_modn;
-
-modn:
-#endif
-        /*
-         * Accounting for everything up to the end of the loop
-         * (step 6, but checking now avoids saving e and t)
-         */
-        ECDSA_BUDGET( MBEDTLS_ECP_OPS_INV + 4 );
-
-        /*
-         * Step 5: derive MPI from hashed message
-         */
-        MBEDTLS_MPI_CHK( derive_mpi( grp, &e, buf, blen ) );
-
-        /*
-         * Generate a random value to blind inv_mod in next step,
-         * avoiding a potential timing leak.
-         */
-        MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, &t, f_rng_blind,
-                                                  p_rng_blind ) );
-
-        /*
-         * Step 6: compute s = (e + r * d) / k = t (e + rd) / (kt) mod n
-         */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, pr, d ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &e, &e, s ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &e, &e, &t ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( pk, pk, &t ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pk, pk, &grp->N ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( s, pk, &grp->N ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, s, &e ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( s, s, &grp->N ) );
-    }
-    while( mbedtls_mpi_cmp_int( s, 0 ) == 0 );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->sig != NULL )
-        mbedtls_mpi_copy( r, pr );
-#endif
-
-cleanup:
-    mbedtls_ecp_point_free( &R );
-    mbedtls_mpi_free( &k ); mbedtls_mpi_free( &e ); mbedtls_mpi_free( &t );
-
-    ECDSA_RS_LEAVE( sig );
-
-    return( ret );
-}
-
-int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid )
-{
-    switch( gid )
-    {
-#ifdef MBEDTLS_ECP_DP_CURVE25519_ENABLED
-        case MBEDTLS_ECP_DP_CURVE25519: return 0;
-#endif
-#ifdef MBEDTLS_ECP_DP_CURVE448_ENABLED
-        case MBEDTLS_ECP_DP_CURVE448: return 0;
-#endif
-    default: return 1;
-    }
-}
-
-/*
- * Compute ECDSA signature of a hashed message
- */
-int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
-                const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
-                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-    ECDSA_VALIDATE_RET( grp   != NULL );
-    ECDSA_VALIDATE_RET( r     != NULL );
-    ECDSA_VALIDATE_RET( s     != NULL );
-    ECDSA_VALIDATE_RET( d     != NULL );
-    ECDSA_VALIDATE_RET( f_rng != NULL );
-    ECDSA_VALIDATE_RET( buf   != NULL || blen == 0 );
-
-    /* Use the same RNG for both blinding and ephemeral key generation */
-    return( ecdsa_sign_restartable( grp, r, s, d, buf, blen,
-                                    f_rng, p_rng, f_rng, p_rng, NULL ) );
-}
-#endif /* !MBEDTLS_ECDSA_SIGN_ALT */
-
-#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
-/*
- * Deterministic signature wrapper
- */
-static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp,
-                    mbedtls_mpi *r, mbedtls_mpi *s,
-                    const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
-                    mbedtls_md_type_t md_alg,
-                    int (*f_rng_blind)(void *, unsigned char *, size_t),
-                    void *p_rng_blind,
-                    mbedtls_ecdsa_restart_ctx *rs_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_hmac_drbg_context rng_ctx;
-    mbedtls_hmac_drbg_context *p_rng = &rng_ctx;
-    unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES];
-    size_t grp_len = ( grp->nbits + 7 ) / 8;
-    const mbedtls_md_info_t *md_info;
-    mbedtls_mpi h;
-
-    if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-    mbedtls_mpi_init( &h );
-    mbedtls_hmac_drbg_init( &rng_ctx );
-
-    ECDSA_RS_ENTER( det );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->det != NULL )
-    {
-        /* redirect to our context */
-        p_rng = &rs_ctx->det->rng_ctx;
-
-        /* jump to current step */
-        if( rs_ctx->det->state == ecdsa_det_sign )
-            goto sign;
-    }
-#endif /* MBEDTLS_ECP_RESTARTABLE */
-
-    /* Use private key and message hash (reduced) to initialize HMAC_DRBG */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, data, grp_len ) );
-    MBEDTLS_MPI_CHK( derive_mpi( grp, &h, buf, blen ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, data + grp_len, grp_len ) );
-    mbedtls_hmac_drbg_seed_buf( p_rng, md_info, data, 2 * grp_len );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->det != NULL )
-        rs_ctx->det->state = ecdsa_det_sign;
-
-sign:
-#endif
-#if defined(MBEDTLS_ECDSA_SIGN_ALT)
-    ret = mbedtls_ecdsa_sign( grp, r, s, d, buf, blen,
-                              mbedtls_hmac_drbg_random, p_rng );
-#else
-    if( f_rng_blind != NULL )
-        ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen,
-                                      mbedtls_hmac_drbg_random, p_rng,
-                                      f_rng_blind, p_rng_blind, rs_ctx );
-    else
-    {
-        mbedtls_hmac_drbg_context *p_rng_blind_det;
-
-#if !defined(MBEDTLS_ECP_RESTARTABLE)
-        /*
-         * To avoid reusing rng_ctx and risking incorrect behavior we seed a
-         * second HMAC-DRBG with the same seed. We also apply a label to avoid
-         * reusing the bits of the ephemeral key for blinding and eliminate the
-         * risk that they leak this way.
-         */
-        const char* blind_label = "BLINDING CONTEXT";
-        mbedtls_hmac_drbg_context rng_ctx_blind;
-
-        mbedtls_hmac_drbg_init( &rng_ctx_blind );
-        p_rng_blind_det = &rng_ctx_blind;
-        mbedtls_hmac_drbg_seed_buf( p_rng_blind_det, md_info,
-                                    data, 2 * grp_len );
-        ret = mbedtls_hmac_drbg_update_ret( p_rng_blind_det,
-                                            (const unsigned char*) blind_label,
-                                            strlen( blind_label ) );
-        if( ret != 0 )
-        {
-            mbedtls_hmac_drbg_free( &rng_ctx_blind );
-            goto cleanup;
-        }
-#else
-        /*
-         * In the case of restartable computations we would either need to store
-         * the second RNG in the restart context too or set it up at every
-         * restart. The first option would penalize the correct application of
-         * the function and the second would defeat the purpose of the
-         * restartable feature.
-         *
-         * Therefore in this case we reuse the original RNG. This comes with the
-         * price that the resulting signature might not be a valid deterministic
-         * ECDSA signature with a very low probability (same magnitude as
-         * successfully guessing the private key). However even then it is still
-         * a valid ECDSA signature.
-         */
-        p_rng_blind_det = p_rng;
-#endif /* MBEDTLS_ECP_RESTARTABLE */
-
-        /*
-         * Since the output of the RNGs is always the same for the same key and
-         * message, this limits the efficiency of blinding and leaks information
-         * through side channels. After mbedtls_ecdsa_sign_det() is removed NULL
-         * won't be a valid value for f_rng_blind anymore. Therefore it should
-         * be checked by the caller and this branch and check can be removed.
-         */
-        ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen,
-                                      mbedtls_hmac_drbg_random, p_rng,
-                                      mbedtls_hmac_drbg_random, p_rng_blind_det,
-                                      rs_ctx );
-
-#if !defined(MBEDTLS_ECP_RESTARTABLE)
-        mbedtls_hmac_drbg_free( &rng_ctx_blind );
-#endif
-    }
-#endif /* MBEDTLS_ECDSA_SIGN_ALT */
-
-cleanup:
-    mbedtls_hmac_drbg_free( &rng_ctx );
-    mbedtls_mpi_free( &h );
-
-    ECDSA_RS_LEAVE( det );
-
-    return( ret );
-}
-
-/*
- * Deterministic signature wrappers
- */
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r,
-                            mbedtls_mpi *s, const mbedtls_mpi *d,
-                            const unsigned char *buf, size_t blen,
-                            mbedtls_md_type_t md_alg )
-{
-    ECDSA_VALIDATE_RET( grp   != NULL );
-    ECDSA_VALIDATE_RET( r     != NULL );
-    ECDSA_VALIDATE_RET( s     != NULL );
-    ECDSA_VALIDATE_RET( d     != NULL );
-    ECDSA_VALIDATE_RET( buf   != NULL || blen == 0 );
-
-    return( ecdsa_sign_det_restartable( grp, r, s, d, buf, blen, md_alg,
-                                        NULL, NULL, NULL ) );
-}
-#endif /* MBEDTLS_DEPRECATED_REMOVED */
-
-int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r,
-                                mbedtls_mpi *s, const mbedtls_mpi *d,
-                                const unsigned char *buf, size_t blen,
-                                mbedtls_md_type_t md_alg,
-                                int (*f_rng_blind)(void *, unsigned char *,
-                                                   size_t),
-                                void *p_rng_blind )
-{
-    ECDSA_VALIDATE_RET( grp   != NULL );
-    ECDSA_VALIDATE_RET( r     != NULL );
-    ECDSA_VALIDATE_RET( s     != NULL );
-    ECDSA_VALIDATE_RET( d     != NULL );
-    ECDSA_VALIDATE_RET( buf   != NULL || blen == 0 );
-    ECDSA_VALIDATE_RET( f_rng_blind != NULL );
-
-    return( ecdsa_sign_det_restartable( grp, r, s, d, buf, blen, md_alg,
-                                        f_rng_blind, p_rng_blind, NULL ) );
-}
-#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
-
-#if !defined(MBEDTLS_ECDSA_VERIFY_ALT)
-/*
- * Verify ECDSA signature of hashed message (SEC1 4.1.4)
- * Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message)
- */
-static int ecdsa_verify_restartable( mbedtls_ecp_group *grp,
-                                     const unsigned char *buf, size_t blen,
-                                     const mbedtls_ecp_point *Q,
-                                     const mbedtls_mpi *r, const mbedtls_mpi *s,
-                                     mbedtls_ecdsa_restart_ctx *rs_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_mpi e, s_inv, u1, u2;
-    mbedtls_ecp_point R;
-    mbedtls_mpi *pu1 = &u1, *pu2 = &u2;
-
-    mbedtls_ecp_point_init( &R );
-    mbedtls_mpi_init( &e ); mbedtls_mpi_init( &s_inv );
-    mbedtls_mpi_init( &u1 ); mbedtls_mpi_init( &u2 );
-
-    /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
-    if( ! mbedtls_ecdsa_can_do( grp->id ) || grp->N.p == NULL )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-    ECDSA_RS_ENTER( ver );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->ver != NULL )
-    {
-        /* redirect to our context */
-        pu1 = &rs_ctx->ver->u1;
-        pu2 = &rs_ctx->ver->u2;
-
-        /* jump to current step */
-        if( rs_ctx->ver->state == ecdsa_ver_muladd )
-            goto muladd;
-    }
-#endif /* MBEDTLS_ECP_RESTARTABLE */
-
-    /*
-     * Step 1: make sure r and s are in range 1..n-1
-     */
-    if( mbedtls_mpi_cmp_int( r, 1 ) < 0 || mbedtls_mpi_cmp_mpi( r, &grp->N ) >= 0 ||
-        mbedtls_mpi_cmp_int( s, 1 ) < 0 || mbedtls_mpi_cmp_mpi( s, &grp->N ) >= 0 )
-    {
-        ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
-        goto cleanup;
-    }
-
-    /*
-     * Step 3: derive MPI from hashed message
-     */
-    MBEDTLS_MPI_CHK( derive_mpi( grp, &e, buf, blen ) );
-
-    /*
-     * Step 4: u1 = e / s mod n, u2 = r / s mod n
-     */
-    ECDSA_BUDGET( MBEDTLS_ECP_OPS_CHK + MBEDTLS_ECP_OPS_INV + 2 );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &s_inv, s, &grp->N ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( pu1, &e, &s_inv ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pu1, pu1, &grp->N ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( pu2, r, &s_inv ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pu2, pu2, &grp->N ) );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->ver != NULL )
-        rs_ctx->ver->state = ecdsa_ver_muladd;
-
-muladd:
-#endif
-    /*
-     * Step 5: R = u1 G + u2 Q
-     */
-    MBEDTLS_MPI_CHK( mbedtls_ecp_muladd_restartable( grp,
-                     &R, pu1, &grp->G, pu2, Q, ECDSA_RS_ECP ) );
-
-    if( mbedtls_ecp_is_zero( &R ) )
-    {
-        ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
-        goto cleanup;
-    }
-
-    /*
-     * Step 6: convert xR to an integer (no-op)
-     * Step 7: reduce xR mod n (gives v)
-     */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &R.X, &R.X, &grp->N ) );
-
-    /*
-     * Step 8: check if v (that is, R.X) is equal to r
-     */
-    if( mbedtls_mpi_cmp_mpi( &R.X, r ) != 0 )
-    {
-        ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
-        goto cleanup;
-    }
-
-cleanup:
-    mbedtls_ecp_point_free( &R );
-    mbedtls_mpi_free( &e ); mbedtls_mpi_free( &s_inv );
-    mbedtls_mpi_free( &u1 ); mbedtls_mpi_free( &u2 );
-
-    ECDSA_RS_LEAVE( ver );
-
-    return( ret );
-}
-
-/*
- * Verify ECDSA signature of hashed message
- */
-int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
-                          const unsigned char *buf, size_t blen,
-                          const mbedtls_ecp_point *Q,
-                          const mbedtls_mpi *r,
-                          const mbedtls_mpi *s)
-{
-    ECDSA_VALIDATE_RET( grp != NULL );
-    ECDSA_VALIDATE_RET( Q   != NULL );
-    ECDSA_VALIDATE_RET( r   != NULL );
-    ECDSA_VALIDATE_RET( s   != NULL );
-    ECDSA_VALIDATE_RET( buf != NULL || blen == 0 );
-
-    return( ecdsa_verify_restartable( grp, buf, blen, Q, r, s, NULL ) );
-}
-#endif /* !MBEDTLS_ECDSA_VERIFY_ALT */
-
-/*
- * Convert a signature (given by context) to ASN.1
- */
-static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s,
-                                    unsigned char *sig, size_t *slen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char buf[MBEDTLS_ECDSA_MAX_LEN];
-    unsigned char *p = buf + sizeof( buf );
-    size_t len = 0;
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, s ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, r ) );
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, buf, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, buf,
-                                       MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
-
-    memcpy( sig, p, len );
-    *slen = len;
-
-    return( 0 );
-}
-
-/*
- * Compute and write signature
- */
-int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx,
-                           mbedtls_md_type_t md_alg,
-                           const unsigned char *hash, size_t hlen,
-                           unsigned char *sig, size_t *slen,
-                           int (*f_rng)(void *, unsigned char *, size_t),
-                           void *p_rng,
-                           mbedtls_ecdsa_restart_ctx *rs_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_mpi r, s;
-    ECDSA_VALIDATE_RET( ctx  != NULL );
-    ECDSA_VALIDATE_RET( hash != NULL );
-    ECDSA_VALIDATE_RET( sig  != NULL );
-    ECDSA_VALIDATE_RET( slen != NULL );
-
-    mbedtls_mpi_init( &r );
-    mbedtls_mpi_init( &s );
-
-#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
-    MBEDTLS_MPI_CHK( ecdsa_sign_det_restartable( &ctx->grp, &r, &s, &ctx->d,
-                                                 hash, hlen, md_alg, f_rng,
-                                                 p_rng, rs_ctx ) );
-#else
-    (void) md_alg;
-
-#if defined(MBEDTLS_ECDSA_SIGN_ALT)
-    MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ctx->grp, &r, &s, &ctx->d,
-                         hash, hlen, f_rng, p_rng ) );
-#else
-    /* Use the same RNG for both blinding and ephemeral key generation */
-    MBEDTLS_MPI_CHK( ecdsa_sign_restartable( &ctx->grp, &r, &s, &ctx->d,
-                                             hash, hlen, f_rng, p_rng, f_rng,
-                                             p_rng, rs_ctx ) );
-#endif /* MBEDTLS_ECDSA_SIGN_ALT */
-#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
-
-    MBEDTLS_MPI_CHK( ecdsa_signature_to_asn1( &r, &s, sig, slen ) );
-
-cleanup:
-    mbedtls_mpi_free( &r );
-    mbedtls_mpi_free( &s );
-
-    return( ret );
-}
-
-/*
- * Compute and write signature
- */
-int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx,
-                                 mbedtls_md_type_t md_alg,
-                                 const unsigned char *hash, size_t hlen,
-                                 unsigned char *sig, size_t *slen,
-                                 int (*f_rng)(void *, unsigned char *, size_t),
-                                 void *p_rng )
-{
-    ECDSA_VALIDATE_RET( ctx  != NULL );
-    ECDSA_VALIDATE_RET( hash != NULL );
-    ECDSA_VALIDATE_RET( sig  != NULL );
-    ECDSA_VALIDATE_RET( slen != NULL );
-    return( mbedtls_ecdsa_write_signature_restartable(
-                ctx, md_alg, hash, hlen, sig, slen, f_rng, p_rng, NULL ) );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED) && \
-    defined(MBEDTLS_ECDSA_DETERMINISTIC)
-int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx,
-                               const unsigned char *hash, size_t hlen,
-                               unsigned char *sig, size_t *slen,
-                               mbedtls_md_type_t md_alg )
-{
-    ECDSA_VALIDATE_RET( ctx  != NULL );
-    ECDSA_VALIDATE_RET( hash != NULL );
-    ECDSA_VALIDATE_RET( sig  != NULL );
-    ECDSA_VALIDATE_RET( slen != NULL );
-    return( mbedtls_ecdsa_write_signature( ctx, md_alg, hash, hlen, sig, slen,
-                                   NULL, NULL ) );
-}
-#endif
-
-/*
- * Read and check signature
- */
-int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx,
-                          const unsigned char *hash, size_t hlen,
-                          const unsigned char *sig, size_t slen )
-{
-    ECDSA_VALIDATE_RET( ctx  != NULL );
-    ECDSA_VALIDATE_RET( hash != NULL );
-    ECDSA_VALIDATE_RET( sig  != NULL );
-    return( mbedtls_ecdsa_read_signature_restartable(
-                ctx, hash, hlen, sig, slen, NULL ) );
-}
-
-/*
- * Restartable read and check signature
- */
-int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx,
-                          const unsigned char *hash, size_t hlen,
-                          const unsigned char *sig, size_t slen,
-                          mbedtls_ecdsa_restart_ctx *rs_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *p = (unsigned char *) sig;
-    const unsigned char *end = sig + slen;
-    size_t len;
-    mbedtls_mpi r, s;
-    ECDSA_VALIDATE_RET( ctx  != NULL );
-    ECDSA_VALIDATE_RET( hash != NULL );
-    ECDSA_VALIDATE_RET( sig  != NULL );
-
-    mbedtls_mpi_init( &r );
-    mbedtls_mpi_init( &s );
-
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-        goto cleanup;
-    }
-
-    if( p + len != end )
-    {
-        ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA +
-              MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
-        goto cleanup;
-    }
-
-    if( ( ret = mbedtls_asn1_get_mpi( &p, end, &r ) ) != 0 ||
-        ( ret = mbedtls_asn1_get_mpi( &p, end, &s ) ) != 0 )
-    {
-        ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-        goto cleanup;
-    }
-#if defined(MBEDTLS_ECDSA_VERIFY_ALT)
-    if( ( ret = mbedtls_ecdsa_verify( &ctx->grp, hash, hlen,
-                                      &ctx->Q, &r, &s ) ) != 0 )
-        goto cleanup;
-#else
-    if( ( ret = ecdsa_verify_restartable( &ctx->grp, hash, hlen,
-                              &ctx->Q, &r, &s, rs_ctx ) ) != 0 )
-        goto cleanup;
-#endif /* MBEDTLS_ECDSA_VERIFY_ALT */
-
-    /* At this point we know that the buffer starts with a valid signature.
-     * Return 0 if the buffer just contains the signature, and a specific
-     * error code if the valid signature is followed by more data. */
-    if( p != end )
-        ret = MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH;
-
-cleanup:
-    mbedtls_mpi_free( &r );
-    mbedtls_mpi_free( &s );
-
-    return( ret );
-}
-
-#if !defined(MBEDTLS_ECDSA_GENKEY_ALT)
-/*
- * Generate key pair
- */
-int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
-                  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-    int ret = 0;
-    ECDSA_VALIDATE_RET( ctx   != NULL );
-    ECDSA_VALIDATE_RET( f_rng != NULL );
-
-    ret = mbedtls_ecp_group_load( &ctx->grp, gid );
-    if( ret != 0 )
-        return( ret );
-
-   return( mbedtls_ecp_gen_keypair( &ctx->grp, &ctx->d,
-                                    &ctx->Q, f_rng, p_rng ) );
-}
-#endif /* !MBEDTLS_ECDSA_GENKEY_ALT */
-
-/*
- * Set context from an mbedtls_ecp_keypair
- */
-int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    ECDSA_VALIDATE_RET( ctx != NULL );
-    ECDSA_VALIDATE_RET( key != NULL );
-
-    if( ( ret = mbedtls_ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 ||
-        ( ret = mbedtls_mpi_copy( &ctx->d, &key->d ) ) != 0 ||
-        ( ret = mbedtls_ecp_copy( &ctx->Q, &key->Q ) ) != 0 )
-    {
-        mbedtls_ecdsa_free( ctx );
-    }
-
-    return( ret );
-}
-
-/*
- * Initialize context
- */
-void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx )
-{
-    ECDSA_VALIDATE( ctx != NULL );
-
-    mbedtls_ecp_keypair_init( ctx );
-}
-
-/*
- * Free context
- */
-void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_ecp_keypair_free( ctx );
-}
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-/*
- * Initialize a restart context
- */
-void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx )
-{
-    ECDSA_VALIDATE( ctx != NULL );
-
-    mbedtls_ecp_restart_init( &ctx->ecp );
-
-    ctx->ver = NULL;
-    ctx->sig = NULL;
-#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
-    ctx->det = NULL;
-#endif
-}
-
-/*
- * Free the components of a restart context
- */
-void mbedtls_ecdsa_restart_free( mbedtls_ecdsa_restart_ctx *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_ecp_restart_free( &ctx->ecp );
-
-    ecdsa_restart_ver_free( ctx->ver );
-    mbedtls_free( ctx->ver );
-    ctx->ver = NULL;
-
-    ecdsa_restart_sig_free( ctx->sig );
-    mbedtls_free( ctx->sig );
-    ctx->sig = NULL;
-
-#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
-    ecdsa_restart_det_free( ctx->det );
-    mbedtls_free( ctx->det );
-    ctx->det = NULL;
-#endif
-}
-#endif /* MBEDTLS_ECP_RESTARTABLE */
-
-#endif /* MBEDTLS_ECDSA_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/ecjpake.c b/3rdparty/mbedtls-2.25.0/library/ecjpake.c
deleted file mode 100644
index 315da4a..0000000
--- a/3rdparty/mbedtls-2.25.0/library/ecjpake.c
+++ /dev/null
@@ -1,1135 +0,0 @@
-/*
- *  Elliptic curve J-PAKE
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- * References in the code are to the Thread v1.0 Specification,
- * available to members of the Thread Group http://threadgroup.org/
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_ECJPAKE_C)
-
-#include "mbedtls/ecjpake.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if !defined(MBEDTLS_ECJPAKE_ALT)
-
-/* Parameter validation macros based on platform_util.h */
-#define ECJPAKE_VALIDATE_RET( cond )    \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA )
-#define ECJPAKE_VALIDATE( cond )        \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-/*
- * Convert a mbedtls_ecjpake_role to identifier string
- */
-static const char * const ecjpake_id[] = {
-    "client",
-    "server"
-};
-
-#define ID_MINE     ( ecjpake_id[ ctx->role ] )
-#define ID_PEER     ( ecjpake_id[ 1 - ctx->role ] )
-
-/*
- * Initialize context
- */
-void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx )
-{
-    ECJPAKE_VALIDATE( ctx != NULL );
-
-    ctx->md_info = NULL;
-    mbedtls_ecp_group_init( &ctx->grp );
-    ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED;
-
-    mbedtls_ecp_point_init( &ctx->Xm1 );
-    mbedtls_ecp_point_init( &ctx->Xm2 );
-    mbedtls_ecp_point_init( &ctx->Xp1 );
-    mbedtls_ecp_point_init( &ctx->Xp2 );
-    mbedtls_ecp_point_init( &ctx->Xp  );
-
-    mbedtls_mpi_init( &ctx->xm1 );
-    mbedtls_mpi_init( &ctx->xm2 );
-    mbedtls_mpi_init( &ctx->s   );
-}
-
-/*
- * Free context
- */
-void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    ctx->md_info = NULL;
-    mbedtls_ecp_group_free( &ctx->grp );
-
-    mbedtls_ecp_point_free( &ctx->Xm1 );
-    mbedtls_ecp_point_free( &ctx->Xm2 );
-    mbedtls_ecp_point_free( &ctx->Xp1 );
-    mbedtls_ecp_point_free( &ctx->Xp2 );
-    mbedtls_ecp_point_free( &ctx->Xp  );
-
-    mbedtls_mpi_free( &ctx->xm1 );
-    mbedtls_mpi_free( &ctx->xm2 );
-    mbedtls_mpi_free( &ctx->s   );
-}
-
-/*
- * Setup context
- */
-int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx,
-                           mbedtls_ecjpake_role role,
-                           mbedtls_md_type_t hash,
-                           mbedtls_ecp_group_id curve,
-                           const unsigned char *secret,
-                           size_t len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    ECJPAKE_VALIDATE_RET( ctx != NULL );
-    ECJPAKE_VALIDATE_RET( role == MBEDTLS_ECJPAKE_CLIENT ||
-                          role == MBEDTLS_ECJPAKE_SERVER );
-    ECJPAKE_VALIDATE_RET( secret != NULL || len == 0 );
-
-    ctx->role = role;
-
-    if( ( ctx->md_info = mbedtls_md_info_from_type( hash ) ) == NULL )
-        return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
-
-    MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ctx->grp, curve ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->s, secret, len ) );
-
-cleanup:
-    if( ret != 0 )
-        mbedtls_ecjpake_free( ctx );
-
-    return( ret );
-}
-
-/*
- * Check if context is ready for use
- */
-int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx )
-{
-    ECJPAKE_VALIDATE_RET( ctx != NULL );
-
-    if( ctx->md_info == NULL ||
-        ctx->grp.id == MBEDTLS_ECP_DP_NONE ||
-        ctx->s.p == NULL )
-    {
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-    }
-
-    return( 0 );
-}
-
-/*
- * Write a point plus its length to a buffer
- */
-static int ecjpake_write_len_point( unsigned char **p,
-                                    const unsigned char *end,
-                                    const mbedtls_ecp_group *grp,
-                                    const int pf,
-                                    const mbedtls_ecp_point *P )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-
-    /* Need at least 4 for length plus 1 for point */
-    if( end < *p || end - *p < 5 )
-        return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
-
-    ret = mbedtls_ecp_point_write_binary( grp, P, pf,
-                                          &len, *p + 4, end - ( *p + 4 ) );
-    if( ret != 0 )
-        return( ret );
-
-    (*p)[0] = (unsigned char)( ( len >> 24 ) & 0xFF );
-    (*p)[1] = (unsigned char)( ( len >> 16 ) & 0xFF );
-    (*p)[2] = (unsigned char)( ( len >>  8 ) & 0xFF );
-    (*p)[3] = (unsigned char)( ( len       ) & 0xFF );
-
-    *p += 4 + len;
-
-    return( 0 );
-}
-
-/*
- * Size of the temporary buffer for ecjpake_hash:
- * 3 EC points plus their length, plus ID and its length (4 + 6 bytes)
- */
-#define ECJPAKE_HASH_BUF_LEN    ( 3 * ( 4 + MBEDTLS_ECP_MAX_PT_LEN ) + 4 + 6 )
-
-/*
- * Compute hash for ZKP (7.4.2.2.2.1)
- */
-static int ecjpake_hash( const mbedtls_md_info_t *md_info,
-                         const mbedtls_ecp_group *grp,
-                         const int pf,
-                         const mbedtls_ecp_point *G,
-                         const mbedtls_ecp_point *V,
-                         const mbedtls_ecp_point *X,
-                         const char *id,
-                         mbedtls_mpi *h )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char buf[ECJPAKE_HASH_BUF_LEN];
-    unsigned char *p = buf;
-    const unsigned char *end = buf + sizeof( buf );
-    const size_t id_len = strlen( id );
-    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
-
-    /* Write things to temporary buffer */
-    MBEDTLS_MPI_CHK( ecjpake_write_len_point( &p, end, grp, pf, G ) );
-    MBEDTLS_MPI_CHK( ecjpake_write_len_point( &p, end, grp, pf, V ) );
-    MBEDTLS_MPI_CHK( ecjpake_write_len_point( &p, end, grp, pf, X ) );
-
-    if( end - p < 4 )
-        return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
-
-    *p++ = (unsigned char)( ( id_len >> 24 ) & 0xFF );
-    *p++ = (unsigned char)( ( id_len >> 16 ) & 0xFF );
-    *p++ = (unsigned char)( ( id_len >>  8 ) & 0xFF );
-    *p++ = (unsigned char)( ( id_len       ) & 0xFF );
-
-    if( end < p || (size_t)( end - p ) < id_len )
-        return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
-
-    memcpy( p, id, id_len );
-    p += id_len;
-
-    /* Compute hash */
-    MBEDTLS_MPI_CHK( mbedtls_md( md_info, buf, p - buf, hash ) );
-
-    /* Turn it into an integer mod n */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( h, hash,
-                                        mbedtls_md_get_size( md_info ) ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( h, h, &grp->N ) );
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Parse a ECShnorrZKP (7.4.2.2.2) and verify it (7.4.2.3.3)
- */
-static int ecjpake_zkp_read( const mbedtls_md_info_t *md_info,
-                             const mbedtls_ecp_group *grp,
-                             const int pf,
-                             const mbedtls_ecp_point *G,
-                             const mbedtls_ecp_point *X,
-                             const char *id,
-                             const unsigned char **p,
-                             const unsigned char *end )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ecp_point V, VV;
-    mbedtls_mpi r, h;
-    size_t r_len;
-
-    mbedtls_ecp_point_init( &V );
-    mbedtls_ecp_point_init( &VV );
-    mbedtls_mpi_init( &r );
-    mbedtls_mpi_init( &h );
-
-    /*
-     * struct {
-     *     ECPoint V;
-     *     opaque r<1..2^8-1>;
-     * } ECSchnorrZKP;
-     */
-    if( end < *p )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-    MBEDTLS_MPI_CHK( mbedtls_ecp_tls_read_point( grp, &V, p, end - *p ) );
-
-    if( end < *p || (size_t)( end - *p ) < 1 )
-    {
-        ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-        goto cleanup;
-    }
-
-    r_len = *(*p)++;
-
-    if( end < *p || (size_t)( end - *p ) < r_len )
-    {
-        ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-        goto cleanup;
-    }
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &r, *p, r_len ) );
-    *p += r_len;
-
-    /*
-     * Verification
-     */
-    MBEDTLS_MPI_CHK( ecjpake_hash( md_info, grp, pf, G, &V, X, id, &h ) );
-    MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( (mbedtls_ecp_group *) grp,
-                     &VV, &h, X, &r, G ) );
-
-    if( mbedtls_ecp_point_cmp( &VV, &V ) != 0 )
-    {
-        ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
-        goto cleanup;
-    }
-
-cleanup:
-    mbedtls_ecp_point_free( &V );
-    mbedtls_ecp_point_free( &VV );
-    mbedtls_mpi_free( &r );
-    mbedtls_mpi_free( &h );
-
-    return( ret );
-}
-
-/*
- * Generate ZKP (7.4.2.3.2) and write it as ECSchnorrZKP (7.4.2.2.2)
- */
-static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info,
-                              const mbedtls_ecp_group *grp,
-                              const int pf,
-                              const mbedtls_ecp_point *G,
-                              const mbedtls_mpi *x,
-                              const mbedtls_ecp_point *X,
-                              const char *id,
-                              unsigned char **p,
-                              const unsigned char *end,
-                              int (*f_rng)(void *, unsigned char *, size_t),
-                              void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ecp_point V;
-    mbedtls_mpi v;
-    mbedtls_mpi h; /* later recycled to hold r */
-    size_t len;
-
-    if( end < *p )
-        return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
-
-    mbedtls_ecp_point_init( &V );
-    mbedtls_mpi_init( &v );
-    mbedtls_mpi_init( &h );
-
-    /* Compute signature */
-    MBEDTLS_MPI_CHK( mbedtls_ecp_gen_keypair_base( (mbedtls_ecp_group *) grp,
-                                                   G, &v, &V, f_rng, p_rng ) );
-    MBEDTLS_MPI_CHK( ecjpake_hash( md_info, grp, pf, G, &V, X, id, &h ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &h, &h, x ) ); /* x*h */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &h, &v, &h ) ); /* v - x*h */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &h, &h, &grp->N ) ); /* r */
-
-    /* Write it out */
-    MBEDTLS_MPI_CHK( mbedtls_ecp_tls_write_point( grp, &V,
-                pf, &len, *p, end - *p ) );
-    *p += len;
-
-    len = mbedtls_mpi_size( &h ); /* actually r */
-    if( end < *p || (size_t)( end - *p ) < 1 + len || len > 255 )
-    {
-        ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
-        goto cleanup;
-    }
-
-    *(*p)++ = (unsigned char)( len & 0xFF );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, *p, len ) ); /* r */
-    *p += len;
-
-cleanup:
-    mbedtls_ecp_point_free( &V );
-    mbedtls_mpi_free( &v );
-    mbedtls_mpi_free( &h );
-
-    return( ret );
-}
-
-/*
- * Parse a ECJPAKEKeyKP (7.4.2.2.1) and check proof
- * Output: verified public key X
- */
-static int ecjpake_kkp_read( const mbedtls_md_info_t *md_info,
-                             const mbedtls_ecp_group *grp,
-                             const int pf,
-                             const mbedtls_ecp_point *G,
-                             mbedtls_ecp_point *X,
-                             const char *id,
-                             const unsigned char **p,
-                             const unsigned char *end )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( end < *p )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-    /*
-     * struct {
-     *     ECPoint X;
-     *     ECSchnorrZKP zkp;
-     * } ECJPAKEKeyKP;
-     */
-    MBEDTLS_MPI_CHK( mbedtls_ecp_tls_read_point( grp, X, p, end - *p ) );
-    if( mbedtls_ecp_is_zero( X ) )
-    {
-        ret = MBEDTLS_ERR_ECP_INVALID_KEY;
-        goto cleanup;
-    }
-
-    MBEDTLS_MPI_CHK( ecjpake_zkp_read( md_info, grp, pf, G, X, id, p, end ) );
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Generate an ECJPAKEKeyKP
- * Output: the serialized structure, plus private/public key pair
- */
-static int ecjpake_kkp_write( const mbedtls_md_info_t *md_info,
-                              const mbedtls_ecp_group *grp,
-                              const int pf,
-                              const mbedtls_ecp_point *G,
-                              mbedtls_mpi *x,
-                              mbedtls_ecp_point *X,
-                              const char *id,
-                              unsigned char **p,
-                              const unsigned char *end,
-                              int (*f_rng)(void *, unsigned char *, size_t),
-                              void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-
-    if( end < *p )
-        return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
-
-    /* Generate key (7.4.2.3.1) and write it out */
-    MBEDTLS_MPI_CHK( mbedtls_ecp_gen_keypair_base( (mbedtls_ecp_group *) grp, G, x, X,
-                                                   f_rng, p_rng ) );
-    MBEDTLS_MPI_CHK( mbedtls_ecp_tls_write_point( grp, X,
-                pf, &len, *p, end - *p ) );
-    *p += len;
-
-    /* Generate and write proof */
-    MBEDTLS_MPI_CHK( ecjpake_zkp_write( md_info, grp, pf, G, x, X, id,
-                                        p, end, f_rng, p_rng ) );
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Read a ECJPAKEKeyKPPairList (7.4.2.3) and check proofs
- * Ouputs: verified peer public keys Xa, Xb
- */
-static int ecjpake_kkpp_read( const mbedtls_md_info_t *md_info,
-                              const mbedtls_ecp_group *grp,
-                              const int pf,
-                              const mbedtls_ecp_point *G,
-                              mbedtls_ecp_point *Xa,
-                              mbedtls_ecp_point *Xb,
-                              const char *id,
-                              const unsigned char *buf,
-                              size_t len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const unsigned char *p = buf;
-    const unsigned char *end = buf + len;
-
-    /*
-     * struct {
-     *     ECJPAKEKeyKP ecjpake_key_kp_pair_list[2];
-     * } ECJPAKEKeyKPPairList;
-     */
-    MBEDTLS_MPI_CHK( ecjpake_kkp_read( md_info, grp, pf, G, Xa, id, &p, end ) );
-    MBEDTLS_MPI_CHK( ecjpake_kkp_read( md_info, grp, pf, G, Xb, id, &p, end ) );
-
-    if( p != end )
-        ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Generate a ECJPAKEKeyKPPairList
- * Outputs: the serialized structure, plus two private/public key pairs
- */
-static int ecjpake_kkpp_write( const mbedtls_md_info_t *md_info,
-                               const mbedtls_ecp_group *grp,
-                               const int pf,
-                               const mbedtls_ecp_point *G,
-                               mbedtls_mpi *xm1,
-                               mbedtls_ecp_point *Xa,
-                               mbedtls_mpi *xm2,
-                               mbedtls_ecp_point *Xb,
-                               const char *id,
-                               unsigned char *buf,
-                               size_t len,
-                               size_t *olen,
-                               int (*f_rng)(void *, unsigned char *, size_t),
-                               void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *p = buf;
-    const unsigned char *end = buf + len;
-
-    MBEDTLS_MPI_CHK( ecjpake_kkp_write( md_info, grp, pf, G, xm1, Xa, id,
-                &p, end, f_rng, p_rng ) );
-    MBEDTLS_MPI_CHK( ecjpake_kkp_write( md_info, grp, pf, G, xm2, Xb, id,
-                &p, end, f_rng, p_rng ) );
-
-    *olen = p - buf;
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Read and process the first round message
- */
-int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx,
-                                    const unsigned char *buf,
-                                    size_t len )
-{
-    ECJPAKE_VALIDATE_RET( ctx != NULL );
-    ECJPAKE_VALIDATE_RET( buf != NULL );
-
-    return( ecjpake_kkpp_read( ctx->md_info, &ctx->grp, ctx->point_format,
-                               &ctx->grp.G,
-                               &ctx->Xp1, &ctx->Xp2, ID_PEER,
-                               buf, len ) );
-}
-
-/*
- * Generate and write the first round message
- */
-int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx,
-                            unsigned char *buf, size_t len, size_t *olen,
-                            int (*f_rng)(void *, unsigned char *, size_t),
-                            void *p_rng )
-{
-    ECJPAKE_VALIDATE_RET( ctx   != NULL );
-    ECJPAKE_VALIDATE_RET( buf   != NULL );
-    ECJPAKE_VALIDATE_RET( olen  != NULL );
-    ECJPAKE_VALIDATE_RET( f_rng != NULL );
-
-    return( ecjpake_kkpp_write( ctx->md_info, &ctx->grp, ctx->point_format,
-                                &ctx->grp.G,
-                                &ctx->xm1, &ctx->Xm1, &ctx->xm2, &ctx->Xm2,
-                                ID_MINE, buf, len, olen, f_rng, p_rng ) );
-}
-
-/*
- * Compute the sum of three points R = A + B + C
- */
-static int ecjpake_ecp_add3( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
-                             const mbedtls_ecp_point *A,
-                             const mbedtls_ecp_point *B,
-                             const mbedtls_ecp_point *C )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_mpi one;
-
-    mbedtls_mpi_init( &one );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &one, 1 ) );
-    MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( grp, R, &one, A, &one, B ) );
-    MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( grp, R, &one, R, &one, C ) );
-
-cleanup:
-    mbedtls_mpi_free( &one );
-
-    return( ret );
-}
-
-/*
- * Read and process second round message (C: 7.4.2.5, S: 7.4.2.6)
- */
-int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx,
-                                            const unsigned char *buf,
-                                            size_t len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const unsigned char *p = buf;
-    const unsigned char *end = buf + len;
-    mbedtls_ecp_group grp;
-    mbedtls_ecp_point G;    /* C: GB, S: GA */
-
-    ECJPAKE_VALIDATE_RET( ctx != NULL );
-    ECJPAKE_VALIDATE_RET( buf != NULL );
-
-    mbedtls_ecp_group_init( &grp );
-    mbedtls_ecp_point_init( &G );
-
-    /*
-     * Server: GA = X3  + X4  + X1      (7.4.2.6.1)
-     * Client: GB = X1  + X2  + X3      (7.4.2.5.1)
-     * Unified: G = Xm1 + Xm2 + Xp1
-     * We need that before parsing in order to check Xp as we read it
-     */
-    MBEDTLS_MPI_CHK( ecjpake_ecp_add3( &ctx->grp, &G,
-                                       &ctx->Xm1, &ctx->Xm2, &ctx->Xp1 ) );
-
-    /*
-     * struct {
-     *     ECParameters curve_params;   // only client reading server msg
-     *     ECJPAKEKeyKP ecjpake_key_kp;
-     * } Client/ServerECJPAKEParams;
-     */
-    if( ctx->role == MBEDTLS_ECJPAKE_CLIENT )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_ecp_tls_read_group( &grp, &p, len ) );
-        if( grp.id != ctx->grp.id )
-        {
-            ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
-            goto cleanup;
-        }
-    }
-
-    MBEDTLS_MPI_CHK( ecjpake_kkp_read( ctx->md_info, &ctx->grp,
-                            ctx->point_format,
-                            &G, &ctx->Xp, ID_PEER, &p, end ) );
-
-    if( p != end )
-    {
-        ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-        goto cleanup;
-    }
-
-cleanup:
-    mbedtls_ecp_group_free( &grp );
-    mbedtls_ecp_point_free( &G );
-
-    return( ret );
-}
-
-/*
- * Compute R = +/- X * S mod N, taking care not to leak S
- */
-static int ecjpake_mul_secret( mbedtls_mpi *R, int sign,
-                               const mbedtls_mpi *X,
-                               const mbedtls_mpi *S,
-                               const mbedtls_mpi *N,
-                               int (*f_rng)(void *, unsigned char *, size_t),
-                               void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_mpi b; /* Blinding value, then s + N * blinding */
-
-    mbedtls_mpi_init( &b );
-
-    /* b = s + rnd-128-bit * N */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &b, 16, f_rng, p_rng ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &b, &b, N ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &b, &b, S ) );
-
-    /* R = sign * X * b mod N */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( R, X, &b ) );
-    R->s *= sign;
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( R, R, N ) );
-
-cleanup:
-    mbedtls_mpi_free( &b );
-
-    return( ret );
-}
-
-/*
- * Generate and write the second round message (S: 7.4.2.5, C: 7.4.2.6)
- */
-int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx,
-                            unsigned char *buf, size_t len, size_t *olen,
-                            int (*f_rng)(void *, unsigned char *, size_t),
-                            void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ecp_point G;    /* C: GA, S: GB */
-    mbedtls_ecp_point Xm;   /* C: Xc, S: Xs */
-    mbedtls_mpi xm;         /* C: xc, S: xs */
-    unsigned char *p = buf;
-    const unsigned char *end = buf + len;
-    size_t ec_len;
-
-    ECJPAKE_VALIDATE_RET( ctx   != NULL );
-    ECJPAKE_VALIDATE_RET( buf   != NULL );
-    ECJPAKE_VALIDATE_RET( olen  != NULL );
-    ECJPAKE_VALIDATE_RET( f_rng != NULL );
-
-    mbedtls_ecp_point_init( &G );
-    mbedtls_ecp_point_init( &Xm );
-    mbedtls_mpi_init( &xm );
-
-    /*
-     * First generate private/public key pair (S: 7.4.2.5.1, C: 7.4.2.6.1)
-     *
-     * Client:  GA = X1  + X3  + X4  | xs = x2  * s | Xc = xc * GA
-     * Server:  GB = X3  + X1  + X2  | xs = x4  * s | Xs = xs * GB
-     * Unified: G  = Xm1 + Xp1 + Xp2 | xm = xm2 * s | Xm = xm * G
-     */
-    MBEDTLS_MPI_CHK( ecjpake_ecp_add3( &ctx->grp, &G,
-                                       &ctx->Xp1, &ctx->Xp2, &ctx->Xm1 ) );
-    MBEDTLS_MPI_CHK( ecjpake_mul_secret( &xm, 1, &ctx->xm2, &ctx->s,
-                                         &ctx->grp.N, f_rng, p_rng ) );
-    MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &Xm, &xm, &G, f_rng, p_rng ) );
-
-    /*
-     * Now write things out
-     *
-     * struct {
-     *     ECParameters curve_params;   // only server writing its message
-     *     ECJPAKEKeyKP ecjpake_key_kp;
-     * } Client/ServerECJPAKEParams;
-     */
-    if( ctx->role == MBEDTLS_ECJPAKE_SERVER )
-    {
-        if( end < p )
-        {
-            ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
-            goto cleanup;
-        }
-        MBEDTLS_MPI_CHK( mbedtls_ecp_tls_write_group( &ctx->grp, &ec_len,
-                                                      p, end - p ) );
-        p += ec_len;
-    }
-
-    if( end < p )
-    {
-        ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
-        goto cleanup;
-    }
-    MBEDTLS_MPI_CHK( mbedtls_ecp_tls_write_point( &ctx->grp, &Xm,
-                     ctx->point_format, &ec_len, p, end - p ) );
-    p += ec_len;
-
-    MBEDTLS_MPI_CHK( ecjpake_zkp_write( ctx->md_info, &ctx->grp,
-                                        ctx->point_format,
-                                        &G, &xm, &Xm, ID_MINE,
-                                        &p, end, f_rng, p_rng ) );
-
-    *olen = p - buf;
-
-cleanup:
-    mbedtls_ecp_point_free( &G );
-    mbedtls_ecp_point_free( &Xm );
-    mbedtls_mpi_free( &xm );
-
-    return( ret );
-}
-
-/*
- * Derive PMS (7.4.2.7 / 7.4.2.8)
- */
-int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx,
-                            unsigned char *buf, size_t len, size_t *olen,
-                            int (*f_rng)(void *, unsigned char *, size_t),
-                            void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ecp_point K;
-    mbedtls_mpi m_xm2_s, one;
-    unsigned char kx[MBEDTLS_ECP_MAX_BYTES];
-    size_t x_bytes;
-
-    ECJPAKE_VALIDATE_RET( ctx   != NULL );
-    ECJPAKE_VALIDATE_RET( buf   != NULL );
-    ECJPAKE_VALIDATE_RET( olen  != NULL );
-    ECJPAKE_VALIDATE_RET( f_rng != NULL );
-
-    *olen = mbedtls_md_get_size( ctx->md_info );
-    if( len < *olen )
-        return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
-
-    mbedtls_ecp_point_init( &K );
-    mbedtls_mpi_init( &m_xm2_s );
-    mbedtls_mpi_init( &one );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &one, 1 ) );
-
-    /*
-     * Client:  K = ( Xs - X4  * x2  * s ) * x2
-     * Server:  K = ( Xc - X2  * x4  * s ) * x4
-     * Unified: K = ( Xp - Xp2 * xm2 * s ) * xm2
-     */
-    MBEDTLS_MPI_CHK( ecjpake_mul_secret( &m_xm2_s, -1, &ctx->xm2, &ctx->s,
-                                         &ctx->grp.N, f_rng, p_rng ) );
-    MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( &ctx->grp, &K,
-                                         &one, &ctx->Xp,
-                                         &m_xm2_s, &ctx->Xp2 ) );
-    MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &K, &ctx->xm2, &K,
-                                      f_rng, p_rng ) );
-
-    /* PMS = SHA-256( K.X ) */
-    x_bytes = ( ctx->grp.pbits + 7 ) / 8;
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &K.X, kx, x_bytes ) );
-    MBEDTLS_MPI_CHK( mbedtls_md( ctx->md_info, kx, x_bytes, buf ) );
-
-cleanup:
-    mbedtls_ecp_point_free( &K );
-    mbedtls_mpi_free( &m_xm2_s );
-    mbedtls_mpi_free( &one );
-
-    return( ret );
-}
-
-#undef ID_MINE
-#undef ID_PEER
-
-#endif /* ! MBEDTLS_ECJPAKE_ALT */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf     printf
-#endif
-
-#if !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
-    !defined(MBEDTLS_SHA256_C)
-int mbedtls_ecjpake_self_test( int verbose )
-{
-    (void) verbose;
-    return( 0 );
-}
-#else
-
-static const unsigned char ecjpake_test_password[] = {
-    0x74, 0x68, 0x72, 0x65, 0x61, 0x64, 0x6a, 0x70, 0x61, 0x6b, 0x65, 0x74,
-    0x65, 0x73, 0x74
-};
-
-static const unsigned char ecjpake_test_x1[] = {
-    0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
-    0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
-    0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x21
-};
-
-static const unsigned char ecjpake_test_x2[] = {
-    0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c,
-    0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78,
-    0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x81
-};
-
-static const unsigned char ecjpake_test_x3[] = {
-    0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c,
-    0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78,
-    0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x81
-};
-
-static const unsigned char ecjpake_test_x4[] = {
-    0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc,
-    0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8,
-    0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, 0xe1
-};
-
-static const unsigned char ecjpake_test_cli_one[] = {
-    0x41, 0x04, 0xac, 0xcf, 0x01, 0x06, 0xef, 0x85, 0x8f, 0xa2, 0xd9, 0x19,
-    0x33, 0x13, 0x46, 0x80, 0x5a, 0x78, 0xb5, 0x8b, 0xba, 0xd0, 0xb8, 0x44,
-    0xe5, 0xc7, 0x89, 0x28, 0x79, 0x14, 0x61, 0x87, 0xdd, 0x26, 0x66, 0xad,
-    0xa7, 0x81, 0xbb, 0x7f, 0x11, 0x13, 0x72, 0x25, 0x1a, 0x89, 0x10, 0x62,
-    0x1f, 0x63, 0x4d, 0xf1, 0x28, 0xac, 0x48, 0xe3, 0x81, 0xfd, 0x6e, 0xf9,
-    0x06, 0x07, 0x31, 0xf6, 0x94, 0xa4, 0x41, 0x04, 0x1d, 0xd0, 0xbd, 0x5d,
-    0x45, 0x66, 0xc9, 0xbe, 0xd9, 0xce, 0x7d, 0xe7, 0x01, 0xb5, 0xe8, 0x2e,
-    0x08, 0xe8, 0x4b, 0x73, 0x04, 0x66, 0x01, 0x8a, 0xb9, 0x03, 0xc7, 0x9e,
-    0xb9, 0x82, 0x17, 0x22, 0x36, 0xc0, 0xc1, 0x72, 0x8a, 0xe4, 0xbf, 0x73,
-    0x61, 0x0d, 0x34, 0xde, 0x44, 0x24, 0x6e, 0xf3, 0xd9, 0xc0, 0x5a, 0x22,
-    0x36, 0xfb, 0x66, 0xa6, 0x58, 0x3d, 0x74, 0x49, 0x30, 0x8b, 0xab, 0xce,
-    0x20, 0x72, 0xfe, 0x16, 0x66, 0x29, 0x92, 0xe9, 0x23, 0x5c, 0x25, 0x00,
-    0x2f, 0x11, 0xb1, 0x50, 0x87, 0xb8, 0x27, 0x38, 0xe0, 0x3c, 0x94, 0x5b,
-    0xf7, 0xa2, 0x99, 0x5d, 0xda, 0x1e, 0x98, 0x34, 0x58, 0x41, 0x04, 0x7e,
-    0xa6, 0xe3, 0xa4, 0x48, 0x70, 0x37, 0xa9, 0xe0, 0xdb, 0xd7, 0x92, 0x62,
-    0xb2, 0xcc, 0x27, 0x3e, 0x77, 0x99, 0x30, 0xfc, 0x18, 0x40, 0x9a, 0xc5,
-    0x36, 0x1c, 0x5f, 0xe6, 0x69, 0xd7, 0x02, 0xe1, 0x47, 0x79, 0x0a, 0xeb,
-    0x4c, 0xe7, 0xfd, 0x65, 0x75, 0xab, 0x0f, 0x6c, 0x7f, 0xd1, 0xc3, 0x35,
-    0x93, 0x9a, 0xa8, 0x63, 0xba, 0x37, 0xec, 0x91, 0xb7, 0xe3, 0x2b, 0xb0,
-    0x13, 0xbb, 0x2b, 0x41, 0x04, 0xa4, 0x95, 0x58, 0xd3, 0x2e, 0xd1, 0xeb,
-    0xfc, 0x18, 0x16, 0xaf, 0x4f, 0xf0, 0x9b, 0x55, 0xfc, 0xb4, 0xca, 0x47,
-    0xb2, 0xa0, 0x2d, 0x1e, 0x7c, 0xaf, 0x11, 0x79, 0xea, 0x3f, 0xe1, 0x39,
-    0x5b, 0x22, 0xb8, 0x61, 0x96, 0x40, 0x16, 0xfa, 0xba, 0xf7, 0x2c, 0x97,
-    0x56, 0x95, 0xd9, 0x3d, 0x4d, 0xf0, 0xe5, 0x19, 0x7f, 0xe9, 0xf0, 0x40,
-    0x63, 0x4e, 0xd5, 0x97, 0x64, 0x93, 0x77, 0x87, 0xbe, 0x20, 0xbc, 0x4d,
-    0xee, 0xbb, 0xf9, 0xb8, 0xd6, 0x0a, 0x33, 0x5f, 0x04, 0x6c, 0xa3, 0xaa,
-    0x94, 0x1e, 0x45, 0x86, 0x4c, 0x7c, 0xad, 0xef, 0x9c, 0xf7, 0x5b, 0x3d,
-    0x8b, 0x01, 0x0e, 0x44, 0x3e, 0xf0
-};
-
-static const unsigned char ecjpake_test_srv_one[] = {
-    0x41, 0x04, 0x7e, 0xa6, 0xe3, 0xa4, 0x48, 0x70, 0x37, 0xa9, 0xe0, 0xdb,
-    0xd7, 0x92, 0x62, 0xb2, 0xcc, 0x27, 0x3e, 0x77, 0x99, 0x30, 0xfc, 0x18,
-    0x40, 0x9a, 0xc5, 0x36, 0x1c, 0x5f, 0xe6, 0x69, 0xd7, 0x02, 0xe1, 0x47,
-    0x79, 0x0a, 0xeb, 0x4c, 0xe7, 0xfd, 0x65, 0x75, 0xab, 0x0f, 0x6c, 0x7f,
-    0xd1, 0xc3, 0x35, 0x93, 0x9a, 0xa8, 0x63, 0xba, 0x37, 0xec, 0x91, 0xb7,
-    0xe3, 0x2b, 0xb0, 0x13, 0xbb, 0x2b, 0x41, 0x04, 0x09, 0xf8, 0x5b, 0x3d,
-    0x20, 0xeb, 0xd7, 0x88, 0x5c, 0xe4, 0x64, 0xc0, 0x8d, 0x05, 0x6d, 0x64,
-    0x28, 0xfe, 0x4d, 0xd9, 0x28, 0x7a, 0xa3, 0x65, 0xf1, 0x31, 0xf4, 0x36,
-    0x0f, 0xf3, 0x86, 0xd8, 0x46, 0x89, 0x8b, 0xc4, 0xb4, 0x15, 0x83, 0xc2,
-    0xa5, 0x19, 0x7f, 0x65, 0xd7, 0x87, 0x42, 0x74, 0x6c, 0x12, 0xa5, 0xec,
-    0x0a, 0x4f, 0xfe, 0x2f, 0x27, 0x0a, 0x75, 0x0a, 0x1d, 0x8f, 0xb5, 0x16,
-    0x20, 0x93, 0x4d, 0x74, 0xeb, 0x43, 0xe5, 0x4d, 0xf4, 0x24, 0xfd, 0x96,
-    0x30, 0x6c, 0x01, 0x17, 0xbf, 0x13, 0x1a, 0xfa, 0xbf, 0x90, 0xa9, 0xd3,
-    0x3d, 0x11, 0x98, 0xd9, 0x05, 0x19, 0x37, 0x35, 0x14, 0x41, 0x04, 0x19,
-    0x0a, 0x07, 0x70, 0x0f, 0xfa, 0x4b, 0xe6, 0xae, 0x1d, 0x79, 0xee, 0x0f,
-    0x06, 0xae, 0xb5, 0x44, 0xcd, 0x5a, 0xdd, 0xaa, 0xbe, 0xdf, 0x70, 0xf8,
-    0x62, 0x33, 0x21, 0x33, 0x2c, 0x54, 0xf3, 0x55, 0xf0, 0xfb, 0xfe, 0xc7,
-    0x83, 0xed, 0x35, 0x9e, 0x5d, 0x0b, 0xf7, 0x37, 0x7a, 0x0f, 0xc4, 0xea,
-    0x7a, 0xce, 0x47, 0x3c, 0x9c, 0x11, 0x2b, 0x41, 0xcc, 0xd4, 0x1a, 0xc5,
-    0x6a, 0x56, 0x12, 0x41, 0x04, 0x36, 0x0a, 0x1c, 0xea, 0x33, 0xfc, 0xe6,
-    0x41, 0x15, 0x64, 0x58, 0xe0, 0xa4, 0xea, 0xc2, 0x19, 0xe9, 0x68, 0x31,
-    0xe6, 0xae, 0xbc, 0x88, 0xb3, 0xf3, 0x75, 0x2f, 0x93, 0xa0, 0x28, 0x1d,
-    0x1b, 0xf1, 0xfb, 0x10, 0x60, 0x51, 0xdb, 0x96, 0x94, 0xa8, 0xd6, 0xe8,
-    0x62, 0xa5, 0xef, 0x13, 0x24, 0xa3, 0xd9, 0xe2, 0x78, 0x94, 0xf1, 0xee,
-    0x4f, 0x7c, 0x59, 0x19, 0x99, 0x65, 0xa8, 0xdd, 0x4a, 0x20, 0x91, 0x84,
-    0x7d, 0x2d, 0x22, 0xdf, 0x3e, 0xe5, 0x5f, 0xaa, 0x2a, 0x3f, 0xb3, 0x3f,
-    0xd2, 0xd1, 0xe0, 0x55, 0xa0, 0x7a, 0x7c, 0x61, 0xec, 0xfb, 0x8d, 0x80,
-    0xec, 0x00, 0xc2, 0xc9, 0xeb, 0x12
-};
-
-static const unsigned char ecjpake_test_srv_two[] = {
-    0x03, 0x00, 0x17, 0x41, 0x04, 0x0f, 0xb2, 0x2b, 0x1d, 0x5d, 0x11, 0x23,
-    0xe0, 0xef, 0x9f, 0xeb, 0x9d, 0x8a, 0x2e, 0x59, 0x0a, 0x1f, 0x4d, 0x7c,
-    0xed, 0x2c, 0x2b, 0x06, 0x58, 0x6e, 0x8f, 0x2a, 0x16, 0xd4, 0xeb, 0x2f,
-    0xda, 0x43, 0x28, 0xa2, 0x0b, 0x07, 0xd8, 0xfd, 0x66, 0x76, 0x54, 0xca,
-    0x18, 0xc5, 0x4e, 0x32, 0xa3, 0x33, 0xa0, 0x84, 0x54, 0x51, 0xe9, 0x26,
-    0xee, 0x88, 0x04, 0xfd, 0x7a, 0xf0, 0xaa, 0xa7, 0xa6, 0x41, 0x04, 0x55,
-    0x16, 0xea, 0x3e, 0x54, 0xa0, 0xd5, 0xd8, 0xb2, 0xce, 0x78, 0x6b, 0x38,
-    0xd3, 0x83, 0x37, 0x00, 0x29, 0xa5, 0xdb, 0xe4, 0x45, 0x9c, 0x9d, 0xd6,
-    0x01, 0xb4, 0x08, 0xa2, 0x4a, 0xe6, 0x46, 0x5c, 0x8a, 0xc9, 0x05, 0xb9,
-    0xeb, 0x03, 0xb5, 0xd3, 0x69, 0x1c, 0x13, 0x9e, 0xf8, 0x3f, 0x1c, 0xd4,
-    0x20, 0x0f, 0x6c, 0x9c, 0xd4, 0xec, 0x39, 0x22, 0x18, 0xa5, 0x9e, 0xd2,
-    0x43, 0xd3, 0xc8, 0x20, 0xff, 0x72, 0x4a, 0x9a, 0x70, 0xb8, 0x8c, 0xb8,
-    0x6f, 0x20, 0xb4, 0x34, 0xc6, 0x86, 0x5a, 0xa1, 0xcd, 0x79, 0x06, 0xdd,
-    0x7c, 0x9b, 0xce, 0x35, 0x25, 0xf5, 0x08, 0x27, 0x6f, 0x26, 0x83, 0x6c
-};
-
-static const unsigned char ecjpake_test_cli_two[] = {
-    0x41, 0x04, 0x69, 0xd5, 0x4e, 0xe8, 0x5e, 0x90, 0xce, 0x3f, 0x12, 0x46,
-    0x74, 0x2d, 0xe5, 0x07, 0xe9, 0x39, 0xe8, 0x1d, 0x1d, 0xc1, 0xc5, 0xcb,
-    0x98, 0x8b, 0x58, 0xc3, 0x10, 0xc9, 0xfd, 0xd9, 0x52, 0x4d, 0x93, 0x72,
-    0x0b, 0x45, 0x54, 0x1c, 0x83, 0xee, 0x88, 0x41, 0x19, 0x1d, 0xa7, 0xce,
-    0xd8, 0x6e, 0x33, 0x12, 0xd4, 0x36, 0x23, 0xc1, 0xd6, 0x3e, 0x74, 0x98,
-    0x9a, 0xba, 0x4a, 0xff, 0xd1, 0xee, 0x41, 0x04, 0x07, 0x7e, 0x8c, 0x31,
-    0xe2, 0x0e, 0x6b, 0xed, 0xb7, 0x60, 0xc1, 0x35, 0x93, 0xe6, 0x9f, 0x15,
-    0xbe, 0x85, 0xc2, 0x7d, 0x68, 0xcd, 0x09, 0xcc, 0xb8, 0xc4, 0x18, 0x36,
-    0x08, 0x91, 0x7c, 0x5c, 0x3d, 0x40, 0x9f, 0xac, 0x39, 0xfe, 0xfe, 0xe8,
-    0x2f, 0x72, 0x92, 0xd3, 0x6f, 0x0d, 0x23, 0xe0, 0x55, 0x91, 0x3f, 0x45,
-    0xa5, 0x2b, 0x85, 0xdd, 0x8a, 0x20, 0x52, 0xe9, 0xe1, 0x29, 0xbb, 0x4d,
-    0x20, 0x0f, 0x01, 0x1f, 0x19, 0x48, 0x35, 0x35, 0xa6, 0xe8, 0x9a, 0x58,
-    0x0c, 0x9b, 0x00, 0x03, 0xba, 0xf2, 0x14, 0x62, 0xec, 0xe9, 0x1a, 0x82,
-    0xcc, 0x38, 0xdb, 0xdc, 0xae, 0x60, 0xd9, 0xc5, 0x4c
-};
-
-static const unsigned char ecjpake_test_pms[] = {
-    0xf3, 0xd4, 0x7f, 0x59, 0x98, 0x44, 0xdb, 0x92, 0xa5, 0x69, 0xbb, 0xe7,
-    0x98, 0x1e, 0x39, 0xd9, 0x31, 0xfd, 0x74, 0x3b, 0xf2, 0x2e, 0x98, 0xf9,
-    0xb4, 0x38, 0xf7, 0x19, 0xd3, 0xc4, 0xf3, 0x51
-};
-
-/* Load my private keys and generate the corresponding public keys */
-static int ecjpake_test_load( mbedtls_ecjpake_context *ctx,
-                              const unsigned char *xm1, size_t len1,
-                              const unsigned char *xm2, size_t len2 )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm1, xm1, len1 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm2, xm2, len2 ) );
-    MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &ctx->Xm1, &ctx->xm1,
-                                      &ctx->grp.G, NULL, NULL ) );
-    MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &ctx->Xm2, &ctx->xm2,
-                                      &ctx->grp.G, NULL, NULL ) );
-
-cleanup:
-    return( ret );
-}
-
-/* For tests we don't need a secure RNG;
- * use the LGC from Numerical Recipes for simplicity */
-static int ecjpake_lgc( void *p, unsigned char *out, size_t len )
-{
-    static uint32_t x = 42;
-    (void) p;
-
-    while( len > 0 )
-    {
-        size_t use_len = len > 4 ? 4 : len;
-        x = 1664525 * x + 1013904223;
-        memcpy( out, &x, use_len );
-        out += use_len;
-        len -= use_len;
-    }
-
-    return( 0 );
-}
-
-#define TEST_ASSERT( x )    \
-    do {                    \
-        if( x )             \
-            ret = 0;        \
-        else                \
-        {                   \
-            ret = 1;        \
-            goto cleanup;   \
-        }                   \
-    } while( 0 )
-
-/*
- * Checkup routine
- */
-int mbedtls_ecjpake_self_test( int verbose )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ecjpake_context cli;
-    mbedtls_ecjpake_context srv;
-    unsigned char buf[512], pms[32];
-    size_t len, pmslen;
-
-    mbedtls_ecjpake_init( &cli );
-    mbedtls_ecjpake_init( &srv );
-
-    if( verbose != 0 )
-        mbedtls_printf( "  ECJPAKE test #0 (setup): " );
-
-    TEST_ASSERT( mbedtls_ecjpake_setup( &cli, MBEDTLS_ECJPAKE_CLIENT,
-                    MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1,
-                    ecjpake_test_password,
-            sizeof( ecjpake_test_password ) ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecjpake_setup( &srv, MBEDTLS_ECJPAKE_SERVER,
-                    MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1,
-                    ecjpake_test_password,
-            sizeof( ecjpake_test_password ) ) == 0 );
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-
-    if( verbose != 0 )
-        mbedtls_printf( "  ECJPAKE test #1 (random handshake): " );
-
-    TEST_ASSERT( mbedtls_ecjpake_write_round_one( &cli,
-                 buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecjpake_read_round_one( &srv, buf, len ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecjpake_write_round_one( &srv,
-                 buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecjpake_read_round_one( &cli, buf, len ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecjpake_write_round_two( &srv,
-                 buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecjpake_read_round_two( &cli, buf, len ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecjpake_derive_secret( &cli,
-                 pms, sizeof( pms ), &pmslen, ecjpake_lgc, NULL ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecjpake_write_round_two( &cli,
-                 buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecjpake_read_round_two( &srv, buf, len ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecjpake_derive_secret( &srv,
-                 buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 );
-
-    TEST_ASSERT( len == pmslen );
-    TEST_ASSERT( memcmp( buf, pms, len ) == 0 );
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-
-    if( verbose != 0 )
-        mbedtls_printf( "  ECJPAKE test #2 (reference handshake): " );
-
-    /* Simulate generation of round one */
-    MBEDTLS_MPI_CHK( ecjpake_test_load( &cli,
-                ecjpake_test_x1, sizeof( ecjpake_test_x1 ),
-                ecjpake_test_x2, sizeof( ecjpake_test_x2 ) ) );
-
-    MBEDTLS_MPI_CHK( ecjpake_test_load( &srv,
-                ecjpake_test_x3, sizeof( ecjpake_test_x3 ),
-                ecjpake_test_x4, sizeof( ecjpake_test_x4 ) ) );
-
-    /* Read round one */
-    TEST_ASSERT( mbedtls_ecjpake_read_round_one( &srv,
-                                    ecjpake_test_cli_one,
-                            sizeof( ecjpake_test_cli_one ) ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecjpake_read_round_one( &cli,
-                                    ecjpake_test_srv_one,
-                            sizeof( ecjpake_test_srv_one ) ) == 0 );
-
-    /* Skip generation of round two, read round two */
-    TEST_ASSERT( mbedtls_ecjpake_read_round_two( &cli,
-                                    ecjpake_test_srv_two,
-                            sizeof( ecjpake_test_srv_two ) ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecjpake_read_round_two( &srv,
-                                    ecjpake_test_cli_two,
-                            sizeof( ecjpake_test_cli_two ) ) == 0 );
-
-    /* Server derives PMS */
-    TEST_ASSERT( mbedtls_ecjpake_derive_secret( &srv,
-                 buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 );
-
-    TEST_ASSERT( len == sizeof( ecjpake_test_pms ) );
-    TEST_ASSERT( memcmp( buf, ecjpake_test_pms, len ) == 0 );
-
-    memset( buf, 0, len ); /* Avoid interferences with next step */
-
-    /* Client derives PMS */
-    TEST_ASSERT( mbedtls_ecjpake_derive_secret( &cli,
-                 buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 );
-
-    TEST_ASSERT( len == sizeof( ecjpake_test_pms ) );
-    TEST_ASSERT( memcmp( buf, ecjpake_test_pms, len ) == 0 );
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-
-cleanup:
-    mbedtls_ecjpake_free( &cli );
-    mbedtls_ecjpake_free( &srv );
-
-    if( ret != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
-
-        ret = 1;
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-    return( ret );
-}
-
-#undef TEST_ASSERT
-
-#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED && MBEDTLS_SHA256_C */
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_ECJPAKE_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/ecp.c b/3rdparty/mbedtls-2.25.0/library/ecp.c
deleted file mode 100644
index 05a0b01..0000000
--- a/3rdparty/mbedtls-2.25.0/library/ecp.c
+++ /dev/null
@@ -1,3505 +0,0 @@
-/*
- *  Elliptic curves over GF(p): generic functions
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- * References:
- *
- * SEC1 http://www.secg.org/index.php?action=secg,docs_secg
- * GECC = Guide to Elliptic Curve Cryptography - Hankerson, Menezes, Vanstone
- * FIPS 186-3 http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf
- * RFC 4492 for the related TLS structures and constants
- * RFC 7748 for the Curve448 and Curve25519 curve definitions
- *
- * [Curve25519] http://cr.yp.to/ecdh/curve25519-20060209.pdf
- *
- * [2] CORON, Jean-S'ebastien. Resistance against differential power analysis
- *     for elliptic curve cryptosystems. In : Cryptographic Hardware and
- *     Embedded Systems. Springer Berlin Heidelberg, 1999. p. 292-302.
- *     <http://link.springer.com/chapter/10.1007/3-540-48059-5_25>
- *
- * [3] HEDABOU, Mustapha, PINEL, Pierre, et B'EN'ETEAU, Lucien. A comb method to
- *     render ECC resistant against Side Channel Attacks. IACR Cryptology
- *     ePrint Archive, 2004, vol. 2004, p. 342.
- *     <http://eprint.iacr.org/2004/342.pdf>
- */
-
-#include "common.h"
-
-/**
- * \brief Function level alternative implementation.
- *
- * The MBEDTLS_ECP_INTERNAL_ALT macro enables alternative implementations to
- * replace certain functions in this module. The alternative implementations are
- * typically hardware accelerators and need to activate the hardware before the
- * computation starts and deactivate it after it finishes. The
- * mbedtls_internal_ecp_init() and mbedtls_internal_ecp_free() functions serve
- * this purpose.
- *
- * To preserve the correct functionality the following conditions must hold:
- *
- * - The alternative implementation must be activated by
- *   mbedtls_internal_ecp_init() before any of the replaceable functions is
- *   called.
- * - mbedtls_internal_ecp_free() must \b only be called when the alternative
- *   implementation is activated.
- * - mbedtls_internal_ecp_init() must \b not be called when the alternative
- *   implementation is activated.
- * - Public functions must not return while the alternative implementation is
- *   activated.
- * - Replaceable functions are guarded by \c MBEDTLS_ECP_XXX_ALT macros and
- *   before calling them an \code if( mbedtls_internal_ecp_grp_capable( grp ) )
- *   \endcode ensures that the alternative implementation supports the current
- *   group.
- */
-#if defined(MBEDTLS_ECP_INTERNAL_ALT)
-#endif
-
-#if defined(MBEDTLS_ECP_C)
-
-#include "mbedtls/ecp.h"
-#include "mbedtls/threading.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if !defined(MBEDTLS_ECP_ALT)
-
-/* Parameter validation macros based on platform_util.h */
-#define ECP_VALIDATE_RET( cond )    \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA )
-#define ECP_VALIDATE( cond )        \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#include <stdio.h>
-#define mbedtls_printf     printf
-#define mbedtls_calloc    calloc
-#define mbedtls_free       free
-#endif
-
-#include "mbedtls/ecp_internal.h"
-
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-#if defined(MBEDTLS_HMAC_DRBG_C)
-#include "mbedtls/hmac_drbg.h"
-#elif defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/ctr_drbg.h"
-#else
-#error "Invalid configuration detected. Include check_config.h to ensure that the configuration is valid."
-#endif
-#endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */
-
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
-    !defined(inline) && !defined(__cplusplus)
-#define inline __inline
-#endif
-
-#if defined(MBEDTLS_SELF_TEST)
-/*
- * Counts of point addition and doubling, and field multiplications.
- * Used to test resistance of point multiplication to simple timing attacks.
- */
-static unsigned long add_count, dbl_count, mul_count;
-#endif
-
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-/*
- * Currently ecp_mul() takes a RNG function as an argument, used for
- * side-channel protection, but it can be NULL. The initial reasoning was
- * that people will pass non-NULL RNG when they care about side-channels, but
- * unfortunately we have some APIs that call ecp_mul() with a NULL RNG, with
- * no opportunity for the user to do anything about it.
- *
- * The obvious strategies for addressing that include:
- * - change those APIs so that they take RNG arguments;
- * - require a global RNG to be available to all crypto modules.
- *
- * Unfortunately those would break compatibility. So what we do instead is
- * have our own internal DRBG instance, seeded from the secret scalar.
- *
- * The following is a light-weight abstraction layer for doing that with
- * HMAC_DRBG (first choice) or CTR_DRBG.
- */
-
-#if defined(MBEDTLS_HMAC_DRBG_C)
-
-/* DRBG context type */
-typedef mbedtls_hmac_drbg_context ecp_drbg_context;
-
-/* DRBG context init */
-static inline void ecp_drbg_init( ecp_drbg_context *ctx )
-{
-    mbedtls_hmac_drbg_init( ctx );
-}
-
-/* DRBG context free */
-static inline void ecp_drbg_free( ecp_drbg_context *ctx )
-{
-    mbedtls_hmac_drbg_free( ctx );
-}
-
-/* DRBG function */
-static inline int ecp_drbg_random( void *p_rng,
-                                   unsigned char *output, size_t output_len )
-{
-    return( mbedtls_hmac_drbg_random( p_rng, output, output_len ) );
-}
-
-/* DRBG context seeding */
-static int ecp_drbg_seed( ecp_drbg_context *ctx,
-                   const mbedtls_mpi *secret, size_t secret_len )
-{
-    int ret;
-    unsigned char secret_bytes[MBEDTLS_ECP_MAX_BYTES];
-    /* The list starts with strong hashes */
-    const mbedtls_md_type_t md_type = mbedtls_md_list()[0];
-    const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_type );
-
-    if( secret_len > MBEDTLS_ECP_MAX_BYTES )
-    {
-        ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
-        goto cleanup;
-    }
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( secret,
-                                               secret_bytes, secret_len ) );
-
-    ret = mbedtls_hmac_drbg_seed_buf( ctx, md_info, secret_bytes, secret_len );
-
-cleanup:
-    mbedtls_platform_zeroize( secret_bytes, secret_len );
-
-    return( ret );
-}
-
-#elif defined(MBEDTLS_CTR_DRBG_C)
-
-/* DRBG context type */
-typedef mbedtls_ctr_drbg_context ecp_drbg_context;
-
-/* DRBG context init */
-static inline void ecp_drbg_init( ecp_drbg_context *ctx )
-{
-    mbedtls_ctr_drbg_init( ctx );
-}
-
-/* DRBG context free */
-static inline void ecp_drbg_free( ecp_drbg_context *ctx )
-{
-    mbedtls_ctr_drbg_free( ctx );
-}
-
-/* DRBG function */
-static inline int ecp_drbg_random( void *p_rng,
-                                   unsigned char *output, size_t output_len )
-{
-    return( mbedtls_ctr_drbg_random( p_rng, output, output_len ) );
-}
-
-/*
- * Since CTR_DRBG doesn't have a seed_buf() function the way HMAC_DRBG does,
- * we need to pass an entropy function when seeding. So we use a dummy
- * function for that, and pass the actual entropy as customisation string.
- * (During seeding of CTR_DRBG the entropy input and customisation string are
- * concatenated before being used to update the secret state.)
- */
-static int ecp_ctr_drbg_null_entropy(void *ctx, unsigned char *out, size_t len)
-{
-    (void) ctx;
-    memset( out, 0, len );
-    return( 0 );
-}
-
-/* DRBG context seeding */
-static int ecp_drbg_seed( ecp_drbg_context *ctx,
-                   const mbedtls_mpi *secret, size_t secret_len )
-{
-    int ret;
-    unsigned char secret_bytes[MBEDTLS_ECP_MAX_BYTES];
-
-    if( secret_len > MBEDTLS_ECP_MAX_BYTES )
-    {
-        ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
-        goto cleanup;
-    }
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( secret,
-                                               secret_bytes, secret_len ) );
-
-    ret = mbedtls_ctr_drbg_seed( ctx, ecp_ctr_drbg_null_entropy, NULL,
-                                 secret_bytes, secret_len );
-
-cleanup:
-    mbedtls_platform_zeroize( secret_bytes, secret_len );
-
-    return( ret );
-}
-
-#else
-#error "Invalid configuration detected. Include check_config.h to ensure that the configuration is valid."
-#endif /* DRBG modules */
-#endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-/*
- * Maximum number of "basic operations" to be done in a row.
- *
- * Default value 0 means that ECC operations will not yield.
- * Note that regardless of the value of ecp_max_ops, always at
- * least one step is performed before yielding.
- *
- * Setting ecp_max_ops=1 can be suitable for testing purposes
- * as it will interrupt computation at all possible points.
- */
-static unsigned ecp_max_ops = 0;
-
-/*
- * Set ecp_max_ops
- */
-void mbedtls_ecp_set_max_ops( unsigned max_ops )
-{
-    ecp_max_ops = max_ops;
-}
-
-/*
- * Check if restart is enabled
- */
-int mbedtls_ecp_restart_is_enabled( void )
-{
-    return( ecp_max_ops != 0 );
-}
-
-/*
- * Restart sub-context for ecp_mul_comb()
- */
-struct mbedtls_ecp_restart_mul
-{
-    mbedtls_ecp_point R;    /* current intermediate result                  */
-    size_t i;               /* current index in various loops, 0 outside    */
-    mbedtls_ecp_point *T;   /* table for precomputed points                 */
-    unsigned char T_size;   /* number of points in table T                  */
-    enum {                  /* what were we doing last time we returned?    */
-        ecp_rsm_init = 0,       /* nothing so far, dummy initial state      */
-        ecp_rsm_pre_dbl,        /* precompute 2^n multiples                 */
-        ecp_rsm_pre_norm_dbl,   /* normalize precomputed 2^n multiples      */
-        ecp_rsm_pre_add,        /* precompute remaining points by adding    */
-        ecp_rsm_pre_norm_add,   /* normalize all precomputed points         */
-        ecp_rsm_comb_core,      /* ecp_mul_comb_core()                      */
-        ecp_rsm_final_norm,     /* do the final normalization               */
-    } state;
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-    ecp_drbg_context drbg_ctx;
-    unsigned char drbg_seeded;
-#endif
-};
-
-/*
- * Init restart_mul sub-context
- */
-static void ecp_restart_rsm_init( mbedtls_ecp_restart_mul_ctx *ctx )
-{
-    mbedtls_ecp_point_init( &ctx->R );
-    ctx->i = 0;
-    ctx->T = NULL;
-    ctx->T_size = 0;
-    ctx->state = ecp_rsm_init;
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-    ecp_drbg_init( &ctx->drbg_ctx );
-    ctx->drbg_seeded = 0;
-#endif
-}
-
-/*
- * Free the components of a restart_mul sub-context
- */
-static void ecp_restart_rsm_free( mbedtls_ecp_restart_mul_ctx *ctx )
-{
-    unsigned char i;
-
-    if( ctx == NULL )
-        return;
-
-    mbedtls_ecp_point_free( &ctx->R );
-
-    if( ctx->T != NULL )
-    {
-        for( i = 0; i < ctx->T_size; i++ )
-            mbedtls_ecp_point_free( ctx->T + i );
-        mbedtls_free( ctx->T );
-    }
-
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-    ecp_drbg_free( &ctx->drbg_ctx );
-#endif
-
-    ecp_restart_rsm_init( ctx );
-}
-
-/*
- * Restart context for ecp_muladd()
- */
-struct mbedtls_ecp_restart_muladd
-{
-    mbedtls_ecp_point mP;       /* mP value                             */
-    mbedtls_ecp_point R;        /* R intermediate result                */
-    enum {                      /* what should we do next?              */
-        ecp_rsma_mul1 = 0,      /* first multiplication                 */
-        ecp_rsma_mul2,          /* second multiplication                */
-        ecp_rsma_add,           /* addition                             */
-        ecp_rsma_norm,          /* normalization                        */
-    } state;
-};
-
-/*
- * Init restart_muladd sub-context
- */
-static void ecp_restart_ma_init( mbedtls_ecp_restart_muladd_ctx *ctx )
-{
-    mbedtls_ecp_point_init( &ctx->mP );
-    mbedtls_ecp_point_init( &ctx->R );
-    ctx->state = ecp_rsma_mul1;
-}
-
-/*
- * Free the components of a restart_muladd sub-context
- */
-static void ecp_restart_ma_free( mbedtls_ecp_restart_muladd_ctx *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_ecp_point_free( &ctx->mP );
-    mbedtls_ecp_point_free( &ctx->R );
-
-    ecp_restart_ma_init( ctx );
-}
-
-/*
- * Initialize a restart context
- */
-void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx )
-{
-    ECP_VALIDATE( ctx != NULL );
-    ctx->ops_done = 0;
-    ctx->depth = 0;
-    ctx->rsm = NULL;
-    ctx->ma = NULL;
-}
-
-/*
- * Free the components of a restart context
- */
-void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    ecp_restart_rsm_free( ctx->rsm );
-    mbedtls_free( ctx->rsm );
-
-    ecp_restart_ma_free( ctx->ma );
-    mbedtls_free( ctx->ma );
-
-    mbedtls_ecp_restart_init( ctx );
-}
-
-/*
- * Check if we can do the next step
- */
-int mbedtls_ecp_check_budget( const mbedtls_ecp_group *grp,
-                              mbedtls_ecp_restart_ctx *rs_ctx,
-                              unsigned ops )
-{
-    ECP_VALIDATE_RET( grp != NULL );
-
-    if( rs_ctx != NULL && ecp_max_ops != 0 )
-    {
-        /* scale depending on curve size: the chosen reference is 256-bit,
-         * and multiplication is quadratic. Round to the closest integer. */
-        if( grp->pbits >= 512 )
-            ops *= 4;
-        else if( grp->pbits >= 384 )
-            ops *= 2;
-
-        /* Avoid infinite loops: always allow first step.
-         * Because of that, however, it's not generally true
-         * that ops_done <= ecp_max_ops, so the check
-         * ops_done > ecp_max_ops below is mandatory. */
-        if( ( rs_ctx->ops_done != 0 ) &&
-            ( rs_ctx->ops_done > ecp_max_ops ||
-              ops > ecp_max_ops - rs_ctx->ops_done ) )
-        {
-            return( MBEDTLS_ERR_ECP_IN_PROGRESS );
-        }
-
-        /* update running count */
-        rs_ctx->ops_done += ops;
-    }
-
-    return( 0 );
-}
-
-/* Call this when entering a function that needs its own sub-context */
-#define ECP_RS_ENTER( SUB )   do {                                      \
-    /* reset ops count for this call if top-level */                    \
-    if( rs_ctx != NULL && rs_ctx->depth++ == 0 )                        \
-        rs_ctx->ops_done = 0;                                           \
-                                                                        \
-    /* set up our own sub-context if needed */                          \
-    if( mbedtls_ecp_restart_is_enabled() &&                             \
-        rs_ctx != NULL && rs_ctx->SUB == NULL )                         \
-    {                                                                   \
-        rs_ctx->SUB = mbedtls_calloc( 1, sizeof( *rs_ctx->SUB ) );      \
-        if( rs_ctx->SUB == NULL )                                       \
-            return( MBEDTLS_ERR_ECP_ALLOC_FAILED );                     \
-                                                                        \
-        ecp_restart_## SUB ##_init( rs_ctx->SUB );                      \
-    }                                                                   \
-} while( 0 )
-
-/* Call this when leaving a function that needs its own sub-context */
-#define ECP_RS_LEAVE( SUB )   do {                                      \
-    /* clear our sub-context when not in progress (done or error) */    \
-    if( rs_ctx != NULL && rs_ctx->SUB != NULL &&                        \
-        ret != MBEDTLS_ERR_ECP_IN_PROGRESS )                            \
-    {                                                                   \
-        ecp_restart_## SUB ##_free( rs_ctx->SUB );                      \
-        mbedtls_free( rs_ctx->SUB );                                    \
-        rs_ctx->SUB = NULL;                                             \
-    }                                                                   \
-                                                                        \
-    if( rs_ctx != NULL )                                                \
-        rs_ctx->depth--;                                                \
-} while( 0 )
-
-#else /* MBEDTLS_ECP_RESTARTABLE */
-
-#define ECP_RS_ENTER( sub )     (void) rs_ctx;
-#define ECP_RS_LEAVE( sub )     (void) rs_ctx;
-
-#endif /* MBEDTLS_ECP_RESTARTABLE */
-
-/*
- * List of supported curves:
- *  - internal ID
- *  - TLS NamedCurve ID (RFC 4492 sec. 5.1.1, RFC 7071 sec. 2, RFC 8446 sec. 4.2.7)
- *  - size in bits
- *  - readable name
- *
- * Curves are listed in order: largest curves first, and for a given size,
- * fastest curves first. This provides the default order for the SSL module.
- *
- * Reminder: update profiles in x509_crt.c when adding a new curves!
- */
-static const mbedtls_ecp_curve_info ecp_supported_curves[] =
-{
-#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
-    { MBEDTLS_ECP_DP_SECP521R1,    25,     521,    "secp521r1"         },
-#endif
-#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
-    { MBEDTLS_ECP_DP_BP512R1,      28,     512,    "brainpoolP512r1"   },
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
-    { MBEDTLS_ECP_DP_SECP384R1,    24,     384,    "secp384r1"         },
-#endif
-#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
-    { MBEDTLS_ECP_DP_BP384R1,      27,     384,    "brainpoolP384r1"   },
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
-    { MBEDTLS_ECP_DP_SECP256R1,    23,     256,    "secp256r1"         },
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
-    { MBEDTLS_ECP_DP_SECP256K1,    22,     256,    "secp256k1"         },
-#endif
-#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
-    { MBEDTLS_ECP_DP_BP256R1,      26,     256,    "brainpoolP256r1"   },
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
-    { MBEDTLS_ECP_DP_SECP224R1,    21,     224,    "secp224r1"         },
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
-    { MBEDTLS_ECP_DP_SECP224K1,    20,     224,    "secp224k1"         },
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
-    { MBEDTLS_ECP_DP_SECP192R1,    19,     192,    "secp192r1"         },
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
-    { MBEDTLS_ECP_DP_SECP192K1,    18,     192,    "secp192k1"         },
-#endif
-#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
-    { MBEDTLS_ECP_DP_CURVE25519,   29,     256,    "x25519"            },
-#endif
-#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
-    { MBEDTLS_ECP_DP_CURVE448,     30,     448,    "x448"              },
-#endif
-    { MBEDTLS_ECP_DP_NONE,          0,     0,      NULL                },
-};
-
-#define ECP_NB_CURVES   sizeof( ecp_supported_curves ) /    \
-                        sizeof( ecp_supported_curves[0] )
-
-static mbedtls_ecp_group_id ecp_supported_grp_id[ECP_NB_CURVES];
-
-/*
- * List of supported curves and associated info
- */
-const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void )
-{
-    return( ecp_supported_curves );
-}
-
-/*
- * List of supported curves, group ID only
- */
-const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void )
-{
-    static int init_done = 0;
-
-    if( ! init_done )
-    {
-        size_t i = 0;
-        const mbedtls_ecp_curve_info *curve_info;
-
-        for( curve_info = mbedtls_ecp_curve_list();
-             curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
-             curve_info++ )
-        {
-            ecp_supported_grp_id[i++] = curve_info->grp_id;
-        }
-        ecp_supported_grp_id[i] = MBEDTLS_ECP_DP_NONE;
-
-        init_done = 1;
-    }
-
-    return( ecp_supported_grp_id );
-}
-
-/*
- * Get the curve info for the internal identifier
- */
-const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_group_id grp_id )
-{
-    const mbedtls_ecp_curve_info *curve_info;
-
-    for( curve_info = mbedtls_ecp_curve_list();
-         curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
-         curve_info++ )
-    {
-        if( curve_info->grp_id == grp_id )
-            return( curve_info );
-    }
-
-    return( NULL );
-}
-
-/*
- * Get the curve info from the TLS identifier
- */
-const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_id )
-{
-    const mbedtls_ecp_curve_info *curve_info;
-
-    for( curve_info = mbedtls_ecp_curve_list();
-         curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
-         curve_info++ )
-    {
-        if( curve_info->tls_id == tls_id )
-            return( curve_info );
-    }
-
-    return( NULL );
-}
-
-/*
- * Get the curve info from the name
- */
-const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name( const char *name )
-{
-    const mbedtls_ecp_curve_info *curve_info;
-
-    if( name == NULL )
-        return( NULL );
-
-    for( curve_info = mbedtls_ecp_curve_list();
-         curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
-         curve_info++ )
-    {
-        if( strcmp( curve_info->name, name ) == 0 )
-            return( curve_info );
-    }
-
-    return( NULL );
-}
-
-/*
- * Get the type of a curve
- */
-mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp )
-{
-    if( grp->G.X.p == NULL )
-        return( MBEDTLS_ECP_TYPE_NONE );
-
-    if( grp->G.Y.p == NULL )
-        return( MBEDTLS_ECP_TYPE_MONTGOMERY );
-    else
-        return( MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS );
-}
-
-/*
- * Initialize (the components of) a point
- */
-void mbedtls_ecp_point_init( mbedtls_ecp_point *pt )
-{
-    ECP_VALIDATE( pt != NULL );
-
-    mbedtls_mpi_init( &pt->X );
-    mbedtls_mpi_init( &pt->Y );
-    mbedtls_mpi_init( &pt->Z );
-}
-
-/*
- * Initialize (the components of) a group
- */
-void mbedtls_ecp_group_init( mbedtls_ecp_group *grp )
-{
-    ECP_VALIDATE( grp != NULL );
-
-    grp->id = MBEDTLS_ECP_DP_NONE;
-    mbedtls_mpi_init( &grp->P );
-    mbedtls_mpi_init( &grp->A );
-    mbedtls_mpi_init( &grp->B );
-    mbedtls_ecp_point_init( &grp->G );
-    mbedtls_mpi_init( &grp->N );
-    grp->pbits = 0;
-    grp->nbits = 0;
-    grp->h = 0;
-    grp->modp = NULL;
-    grp->t_pre = NULL;
-    grp->t_post = NULL;
-    grp->t_data = NULL;
-    grp->T = NULL;
-    grp->T_size = 0;
-}
-
-/*
- * Initialize (the components of) a key pair
- */
-void mbedtls_ecp_keypair_init( mbedtls_ecp_keypair *key )
-{
-    ECP_VALIDATE( key != NULL );
-
-    mbedtls_ecp_group_init( &key->grp );
-    mbedtls_mpi_init( &key->d );
-    mbedtls_ecp_point_init( &key->Q );
-}
-
-/*
- * Unallocate (the components of) a point
- */
-void mbedtls_ecp_point_free( mbedtls_ecp_point *pt )
-{
-    if( pt == NULL )
-        return;
-
-    mbedtls_mpi_free( &( pt->X ) );
-    mbedtls_mpi_free( &( pt->Y ) );
-    mbedtls_mpi_free( &( pt->Z ) );
-}
-
-/*
- * Unallocate (the components of) a group
- */
-void mbedtls_ecp_group_free( mbedtls_ecp_group *grp )
-{
-    size_t i;
-
-    if( grp == NULL )
-        return;
-
-    if( grp->h != 1 )
-    {
-        mbedtls_mpi_free( &grp->P );
-        mbedtls_mpi_free( &grp->A );
-        mbedtls_mpi_free( &grp->B );
-        mbedtls_ecp_point_free( &grp->G );
-        mbedtls_mpi_free( &grp->N );
-    }
-
-    if( grp->T != NULL )
-    {
-        for( i = 0; i < grp->T_size; i++ )
-            mbedtls_ecp_point_free( &grp->T[i] );
-        mbedtls_free( grp->T );
-    }
-
-    mbedtls_platform_zeroize( grp, sizeof( mbedtls_ecp_group ) );
-}
-
-/*
- * Unallocate (the components of) a key pair
- */
-void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key )
-{
-    if( key == NULL )
-        return;
-
-    mbedtls_ecp_group_free( &key->grp );
-    mbedtls_mpi_free( &key->d );
-    mbedtls_ecp_point_free( &key->Q );
-}
-
-/*
- * Copy the contents of a point
- */
-int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    ECP_VALIDATE_RET( P != NULL );
-    ECP_VALIDATE_RET( Q != NULL );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &P->X, &Q->X ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &P->Y, &Q->Y ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &P->Z, &Q->Z ) );
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Copy the contents of a group object
- */
-int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst, const mbedtls_ecp_group *src )
-{
-    ECP_VALIDATE_RET( dst != NULL );
-    ECP_VALIDATE_RET( src != NULL );
-
-    return( mbedtls_ecp_group_load( dst, src->id ) );
-}
-
-/*
- * Set point to zero
- */
-int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    ECP_VALIDATE_RET( pt != NULL );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->X , 1 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Y , 1 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Z , 0 ) );
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Tell if a point is zero
- */
-int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt )
-{
-    ECP_VALIDATE_RET( pt != NULL );
-
-    return( mbedtls_mpi_cmp_int( &pt->Z, 0 ) == 0 );
-}
-
-/*
- * Compare two points lazily
- */
-int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P,
-                           const mbedtls_ecp_point *Q )
-{
-    ECP_VALIDATE_RET( P != NULL );
-    ECP_VALIDATE_RET( Q != NULL );
-
-    if( mbedtls_mpi_cmp_mpi( &P->X, &Q->X ) == 0 &&
-        mbedtls_mpi_cmp_mpi( &P->Y, &Q->Y ) == 0 &&
-        mbedtls_mpi_cmp_mpi( &P->Z, &Q->Z ) == 0 )
-    {
-        return( 0 );
-    }
-
-    return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-}
-
-/*
- * Import a non-zero point from ASCII strings
- */
-int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix,
-                           const char *x, const char *y )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    ECP_VALIDATE_RET( P != NULL );
-    ECP_VALIDATE_RET( x != NULL );
-    ECP_VALIDATE_RET( y != NULL );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &P->X, radix, x ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &P->Y, radix, y ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &P->Z, 1 ) );
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Export a point into unsigned binary data (SEC1 2.3.3 and RFC7748)
- */
-int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp,
-                                    const mbedtls_ecp_point *P,
-                                    int format, size_t *olen,
-                                    unsigned char *buf, size_t buflen )
-{
-    int ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
-    size_t plen;
-    ECP_VALIDATE_RET( grp  != NULL );
-    ECP_VALIDATE_RET( P    != NULL );
-    ECP_VALIDATE_RET( olen != NULL );
-    ECP_VALIDATE_RET( buf  != NULL );
-    ECP_VALIDATE_RET( format == MBEDTLS_ECP_PF_UNCOMPRESSED ||
-                      format == MBEDTLS_ECP_PF_COMPRESSED );
-
-    plen = mbedtls_mpi_size( &grp->P );
-
-#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
-    (void) format; /* Montgomery curves always use the same point format */
-    if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
-    {
-        *olen = plen;
-        if( buflen < *olen )
-            return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
-
-        MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary_le( &P->X, buf, plen ) );
-    }
-#endif
-#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
-    if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS )
-    {
-        /*
-         * Common case: P == 0
-         */
-        if( mbedtls_mpi_cmp_int( &P->Z, 0 ) == 0 )
-        {
-            if( buflen < 1 )
-                return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
-
-            buf[0] = 0x00;
-            *olen = 1;
-
-            return( 0 );
-        }
-
-        if( format == MBEDTLS_ECP_PF_UNCOMPRESSED )
-        {
-            *olen = 2 * plen + 1;
-
-            if( buflen < *olen )
-                return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
-
-            buf[0] = 0x04;
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &P->X, buf + 1, plen ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &P->Y, buf + 1 + plen, plen ) );
-        }
-        else if( format == MBEDTLS_ECP_PF_COMPRESSED )
-        {
-            *olen = plen + 1;
-
-            if( buflen < *olen )
-                return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
-
-            buf[0] = 0x02 + mbedtls_mpi_get_bit( &P->Y, 0 );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &P->X, buf + 1, plen ) );
-        }
-    }
-#endif
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Import a point from unsigned binary data (SEC1 2.3.4 and RFC7748)
- */
-int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp,
-                                   mbedtls_ecp_point *pt,
-                                   const unsigned char *buf, size_t ilen )
-{
-    int ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
-    size_t plen;
-    ECP_VALIDATE_RET( grp != NULL );
-    ECP_VALIDATE_RET( pt  != NULL );
-    ECP_VALIDATE_RET( buf != NULL );
-
-    if( ilen < 1 )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-    plen = mbedtls_mpi_size( &grp->P );
-
-#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
-    if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
-    {
-        if( plen != ilen )
-            return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-        MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary_le( &pt->X, buf, plen ) );
-        mbedtls_mpi_free( &pt->Y );
-
-        if( grp->id == MBEDTLS_ECP_DP_CURVE25519 )
-            /* Set most significant bit to 0 as prescribed in RFC7748 §5 */
-            MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &pt->X, plen * 8 - 1, 0 ) );
-
-        MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Z, 1 ) );
-    }
-#endif
-#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
-    if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS )
-    {
-        if( buf[0] == 0x00 )
-        {
-            if( ilen == 1 )
-                return( mbedtls_ecp_set_zero( pt ) );
-            else
-                return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-        }
-
-        if( buf[0] != 0x04 )
-            return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
-
-        if( ilen != 2 * plen + 1 )
-            return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-        MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &pt->X, buf + 1, plen ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &pt->Y,
-                                                  buf + 1 + plen, plen ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Z, 1 ) );
-    }
-#endif
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Import a point from a TLS ECPoint record (RFC 4492)
- *      struct {
- *          opaque point <1..2^8-1>;
- *      } ECPoint;
- */
-int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp,
-                                mbedtls_ecp_point *pt,
-                                const unsigned char **buf, size_t buf_len )
-{
-    unsigned char data_len;
-    const unsigned char *buf_start;
-    ECP_VALIDATE_RET( grp != NULL );
-    ECP_VALIDATE_RET( pt  != NULL );
-    ECP_VALIDATE_RET( buf != NULL );
-    ECP_VALIDATE_RET( *buf != NULL );
-
-    /*
-     * We must have at least two bytes (1 for length, at least one for data)
-     */
-    if( buf_len < 2 )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-    data_len = *(*buf)++;
-    if( data_len < 1 || data_len > buf_len - 1 )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-    /*
-     * Save buffer start for read_binary and update buf
-     */
-    buf_start = *buf;
-    *buf += data_len;
-
-    return( mbedtls_ecp_point_read_binary( grp, pt, buf_start, data_len ) );
-}
-
-/*
- * Export a point as a TLS ECPoint record (RFC 4492)
- *      struct {
- *          opaque point <1..2^8-1>;
- *      } ECPoint;
- */
-int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt,
-                         int format, size_t *olen,
-                         unsigned char *buf, size_t blen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    ECP_VALIDATE_RET( grp  != NULL );
-    ECP_VALIDATE_RET( pt   != NULL );
-    ECP_VALIDATE_RET( olen != NULL );
-    ECP_VALIDATE_RET( buf  != NULL );
-    ECP_VALIDATE_RET( format == MBEDTLS_ECP_PF_UNCOMPRESSED ||
-                      format == MBEDTLS_ECP_PF_COMPRESSED );
-
-    /*
-     * buffer length must be at least one, for our length byte
-     */
-    if( blen < 1 )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-    if( ( ret = mbedtls_ecp_point_write_binary( grp, pt, format,
-                    olen, buf + 1, blen - 1) ) != 0 )
-        return( ret );
-
-    /*
-     * write length to the first byte and update total length
-     */
-    buf[0] = (unsigned char) *olen;
-    ++*olen;
-
-    return( 0 );
-}
-
-/*
- * Set a group from an ECParameters record (RFC 4492)
- */
-int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp,
-                                const unsigned char **buf, size_t len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ecp_group_id grp_id;
-    ECP_VALIDATE_RET( grp  != NULL );
-    ECP_VALIDATE_RET( buf  != NULL );
-    ECP_VALIDATE_RET( *buf != NULL );
-
-    if( ( ret = mbedtls_ecp_tls_read_group_id( &grp_id, buf, len ) ) != 0 )
-        return( ret );
-
-    return( mbedtls_ecp_group_load( grp, grp_id ) );
-}
-
-/*
- * Read a group id from an ECParameters record (RFC 4492) and convert it to
- * mbedtls_ecp_group_id.
- */
-int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp,
-                                   const unsigned char **buf, size_t len )
-{
-    uint16_t tls_id;
-    const mbedtls_ecp_curve_info *curve_info;
-    ECP_VALIDATE_RET( grp  != NULL );
-    ECP_VALIDATE_RET( buf  != NULL );
-    ECP_VALIDATE_RET( *buf != NULL );
-
-    /*
-     * We expect at least three bytes (see below)
-     */
-    if( len < 3 )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-    /*
-     * First byte is curve_type; only named_curve is handled
-     */
-    if( *(*buf)++ != MBEDTLS_ECP_TLS_NAMED_CURVE )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-    /*
-     * Next two bytes are the namedcurve value
-     */
-    tls_id = *(*buf)++;
-    tls_id <<= 8;
-    tls_id |= *(*buf)++;
-
-    if( ( curve_info = mbedtls_ecp_curve_info_from_tls_id( tls_id ) ) == NULL )
-        return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
-
-    *grp = curve_info->grp_id;
-
-    return( 0 );
-}
-
-/*
- * Write the ECParameters record corresponding to a group (RFC 4492)
- */
-int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen,
-                         unsigned char *buf, size_t blen )
-{
-    const mbedtls_ecp_curve_info *curve_info;
-    ECP_VALIDATE_RET( grp  != NULL );
-    ECP_VALIDATE_RET( buf  != NULL );
-    ECP_VALIDATE_RET( olen != NULL );
-
-    if( ( curve_info = mbedtls_ecp_curve_info_from_grp_id( grp->id ) ) == NULL )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-    /*
-     * We are going to write 3 bytes (see below)
-     */
-    *olen = 3;
-    if( blen < *olen )
-        return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
-
-    /*
-     * First byte is curve_type, always named_curve
-     */
-    *buf++ = MBEDTLS_ECP_TLS_NAMED_CURVE;
-
-    /*
-     * Next two bytes are the namedcurve value
-     */
-    buf[0] = curve_info->tls_id >> 8;
-    buf[1] = curve_info->tls_id & 0xFF;
-
-    return( 0 );
-}
-
-/*
- * Wrapper around fast quasi-modp functions, with fall-back to mbedtls_mpi_mod_mpi.
- * See the documentation of struct mbedtls_ecp_group.
- *
- * This function is in the critial loop for mbedtls_ecp_mul, so pay attention to perf.
- */
-static int ecp_modp( mbedtls_mpi *N, const mbedtls_ecp_group *grp )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( grp->modp == NULL )
-        return( mbedtls_mpi_mod_mpi( N, N, &grp->P ) );
-
-    /* N->s < 0 is a much faster test, which fails only if N is 0 */
-    if( ( N->s < 0 && mbedtls_mpi_cmp_int( N, 0 ) != 0 ) ||
-        mbedtls_mpi_bitlen( N ) > 2 * grp->pbits )
-    {
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-    }
-
-    MBEDTLS_MPI_CHK( grp->modp( N ) );
-
-    /* N->s < 0 is a much faster test, which fails only if N is 0 */
-    while( N->s < 0 && mbedtls_mpi_cmp_int( N, 0 ) != 0 )
-        MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( N, N, &grp->P ) );
-
-    while( mbedtls_mpi_cmp_mpi( N, &grp->P ) >= 0 )
-        /* we known P, N and the result are positive */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( N, N, &grp->P ) );
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Fast mod-p functions expect their argument to be in the 0..p^2 range.
- *
- * In order to guarantee that, we need to ensure that operands of
- * mbedtls_mpi_mul_mpi are in the 0..p range. So, after each operation we will
- * bring the result back to this range.
- *
- * The following macros are shortcuts for doing that.
- */
-
-/*
- * Reduce a mbedtls_mpi mod p in-place, general case, to use after mbedtls_mpi_mul_mpi
- */
-#if defined(MBEDTLS_SELF_TEST)
-#define INC_MUL_COUNT   mul_count++;
-#else
-#define INC_MUL_COUNT
-#endif
-
-#define MOD_MUL( N )                                                    \
-    do                                                                  \
-    {                                                                   \
-        MBEDTLS_MPI_CHK( ecp_modp( &(N), grp ) );                       \
-        INC_MUL_COUNT                                                   \
-    } while( 0 )
-
-static inline int mbedtls_mpi_mul_mod( const mbedtls_ecp_group *grp,
-                                       mbedtls_mpi *X,
-                                       const mbedtls_mpi *A,
-                                       const mbedtls_mpi *B )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( X, A, B ) );
-    MOD_MUL( *X );
-cleanup:
-    return( ret );
-}
-
-/*
- * Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_sub_mpi
- * N->s < 0 is a very fast test, which fails only if N is 0
- */
-#define MOD_SUB( N )                                                    \
-    while( (N).s < 0 && mbedtls_mpi_cmp_int( &(N), 0 ) != 0 )           \
-        MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &(N), &(N), &grp->P ) )
-
-static inline int mbedtls_mpi_sub_mod( const mbedtls_ecp_group *grp,
-                                       mbedtls_mpi *X,
-                                       const mbedtls_mpi *A,
-                                       const mbedtls_mpi *B )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( X, A, B ) );
-    MOD_SUB( *X );
-cleanup:
-    return( ret );
-}
-
-/*
- * Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_add_mpi and mbedtls_mpi_mul_int.
- * We known P, N and the result are positive, so sub_abs is correct, and
- * a bit faster.
- */
-#define MOD_ADD( N )                                                    \
-    while( mbedtls_mpi_cmp_mpi( &(N), &grp->P ) >= 0 )                  \
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &(N), &(N), &grp->P ) )
-
-static inline int mbedtls_mpi_add_mod( const mbedtls_ecp_group *grp,
-                                       mbedtls_mpi *X,
-                                       const mbedtls_mpi *A,
-                                       const mbedtls_mpi *B )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( X, A, B ) );
-    MOD_ADD( *X );
-cleanup:
-    return( ret );
-}
-
-static inline int mbedtls_mpi_shift_l_mod( const mbedtls_ecp_group *grp,
-                                           mbedtls_mpi *X,
-                                           size_t count )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( X, count ) );
-    MOD_ADD( *X );
-cleanup:
-    return( ret );
-}
-
-#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
-/*
- * For curves in short Weierstrass form, we do all the internal operations in
- * Jacobian coordinates.
- *
- * For multiplication, we'll use a comb method with coutermeasueres against
- * SPA, hence timing attacks.
- */
-
-/*
- * Normalize jacobian coordinates so that Z == 0 || Z == 1  (GECC 3.2.1)
- * Cost: 1N := 1I + 3M + 1S
- */
-static int ecp_normalize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_mpi Zi, ZZi;
-
-    if( mbedtls_mpi_cmp_int( &pt->Z, 0 ) == 0 )
-        return( 0 );
-
-#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT)
-    if( mbedtls_internal_ecp_grp_capable( grp ) )
-        return( mbedtls_internal_ecp_normalize_jac( grp, pt ) );
-#endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */
-
-    mbedtls_mpi_init( &Zi ); mbedtls_mpi_init( &ZZi );
-
-    /*
-     * X = X / Z^2  mod p
-     */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &Zi,      &pt->Z,     &grp->P ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &ZZi,     &Zi,        &Zi     ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->X,   &pt->X,     &ZZi    ) );
-
-    /*
-     * Y = Y / Z^3  mod p
-     */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->Y,   &pt->Y,     &ZZi    ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->Y,   &pt->Y,     &Zi     ) );
-
-    /*
-     * Z = 1
-     */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Z, 1 ) );
-
-cleanup:
-
-    mbedtls_mpi_free( &Zi ); mbedtls_mpi_free( &ZZi );
-
-    return( ret );
-}
-
-/*
- * Normalize jacobian coordinates of an array of (pointers to) points,
- * using Montgomery's trick to perform only one inversion mod P.
- * (See for example Cohen's "A Course in Computational Algebraic Number
- * Theory", Algorithm 10.3.4.)
- *
- * Warning: fails (returning an error) if one of the points is zero!
- * This should never happen, see choice of w in ecp_mul_comb().
- *
- * Cost: 1N(t) := 1I + (6t - 3)M + 1S
- */
-static int ecp_normalize_jac_many( const mbedtls_ecp_group *grp,
-                                   mbedtls_ecp_point *T[], size_t T_size )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t i;
-    mbedtls_mpi *c, u, Zi, ZZi;
-
-    if( T_size < 2 )
-        return( ecp_normalize_jac( grp, *T ) );
-
-#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT)
-    if( mbedtls_internal_ecp_grp_capable( grp ) )
-        return( mbedtls_internal_ecp_normalize_jac_many( grp, T, T_size ) );
-#endif
-
-    if( ( c = mbedtls_calloc( T_size, sizeof( mbedtls_mpi ) ) ) == NULL )
-        return( MBEDTLS_ERR_ECP_ALLOC_FAILED );
-
-    for( i = 0; i < T_size; i++ )
-        mbedtls_mpi_init( &c[i] );
-
-    mbedtls_mpi_init( &u ); mbedtls_mpi_init( &Zi ); mbedtls_mpi_init( &ZZi );
-
-    /*
-     * c[i] = Z_0 * ... * Z_i
-     */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &c[0], &T[0]->Z ) );
-    for( i = 1; i < T_size; i++ )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &c[i], &c[i-1], &T[i]->Z ) );
-    }
-
-    /*
-     * u = 1 / (Z_0 * ... * Z_n) mod P
-     */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &u, &c[T_size-1], &grp->P ) );
-
-    for( i = T_size - 1; ; i-- )
-    {
-        /*
-         * Zi = 1 / Z_i mod p
-         * u = 1 / (Z_0 * ... * Z_i) mod P
-         */
-        if( i == 0 ) {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &Zi, &u ) );
-        }
-        else
-        {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &Zi, &u, &c[i-1]  ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &u,  &u, &T[i]->Z ) );
-        }
-
-        /*
-         * proceed as in normalize()
-         */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &ZZi,     &Zi,      &Zi  ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T[i]->X, &T[i]->X, &ZZi ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T[i]->Y, &T[i]->Y, &ZZi ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T[i]->Y, &T[i]->Y, &Zi  ) );
-
-        /*
-         * Post-precessing: reclaim some memory by shrinking coordinates
-         * - not storing Z (always 1)
-         * - shrinking other coordinates, but still keeping the same number of
-         *   limbs as P, as otherwise it will too likely be regrown too fast.
-         */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_shrink( &T[i]->X, grp->P.n ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_shrink( &T[i]->Y, grp->P.n ) );
-        mbedtls_mpi_free( &T[i]->Z );
-
-        if( i == 0 )
-            break;
-    }
-
-cleanup:
-
-    mbedtls_mpi_free( &u ); mbedtls_mpi_free( &Zi ); mbedtls_mpi_free( &ZZi );
-    for( i = 0; i < T_size; i++ )
-        mbedtls_mpi_free( &c[i] );
-    mbedtls_free( c );
-
-    return( ret );
-}
-
-/*
- * Conditional point inversion: Q -> -Q = (Q.X, -Q.Y, Q.Z) without leak.
- * "inv" must be 0 (don't invert) or 1 (invert) or the result will be invalid
- */
-static int ecp_safe_invert_jac( const mbedtls_ecp_group *grp,
-                            mbedtls_ecp_point *Q,
-                            unsigned char inv )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char nonzero;
-    mbedtls_mpi mQY;
-
-    mbedtls_mpi_init( &mQY );
-
-    /* Use the fact that -Q.Y mod P = P - Q.Y unless Q.Y == 0 */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &mQY, &grp->P, &Q->Y ) );
-    nonzero = mbedtls_mpi_cmp_int( &Q->Y, 0 ) != 0;
-    MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &Q->Y, &mQY, inv & nonzero ) );
-
-cleanup:
-    mbedtls_mpi_free( &mQY );
-
-    return( ret );
-}
-
-/*
- * Point doubling R = 2 P, Jacobian coordinates
- *
- * Based on http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian.html#doubling-dbl-1998-cmo-2 .
- *
- * We follow the variable naming fairly closely. The formula variations that trade a MUL for a SQR
- * (plus a few ADDs) aren't useful as our bignum implementation doesn't distinguish squaring.
- *
- * Standard optimizations are applied when curve parameter A is one of { 0, -3 }.
- *
- * Cost: 1D := 3M + 4S          (A ==  0)
- *             4M + 4S          (A == -3)
- *             3M + 6S + 1a     otherwise
- */
-static int ecp_double_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
-                           const mbedtls_ecp_point *P )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_mpi M, S, T, U;
-
-#if defined(MBEDTLS_SELF_TEST)
-    dbl_count++;
-#endif
-
-#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT)
-    if( mbedtls_internal_ecp_grp_capable( grp ) )
-        return( mbedtls_internal_ecp_double_jac( grp, R, P ) );
-#endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */
-
-    mbedtls_mpi_init( &M ); mbedtls_mpi_init( &S ); mbedtls_mpi_init( &T ); mbedtls_mpi_init( &U );
-
-    /* Special case for A = -3 */
-    if( grp->A.p == NULL )
-    {
-        /* M = 3(X + Z^2)(X - Z^2) */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S,  &P->Z,  &P->Z   ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &T,  &P->X,  &S      ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &U,  &P->X,  &S      ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S,  &T,     &U      ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &M,  &S,     3       ) ); MOD_ADD( M );
-    }
-    else
-    {
-        /* M = 3.X^2 */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S,  &P->X,  &P->X   ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &M,  &S,     3       ) ); MOD_ADD( M );
-
-        /* Optimize away for "koblitz" curves with A = 0 */
-        if( mbedtls_mpi_cmp_int( &grp->A, 0 ) != 0 )
-        {
-            /* M += A.Z^4 */
-            MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S,  &P->Z,  &P->Z   ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T,  &S,     &S      ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S,  &T,     &grp->A ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &M,  &M,     &S      ) );
-        }
-    }
-
-    /* S = 4.X.Y^2 */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T,  &P->Y,  &P->Y   ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l_mod( grp, &T,  1               ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S,  &P->X,  &T      ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l_mod( grp, &S,  1               ) );
-
-    /* U = 8.Y^4 */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &U,  &T,     &T      ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l_mod( grp, &U,  1               ) );
-
-    /* T = M^2 - 2.S */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T,  &M,     &M      ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &T,  &T,     &S      ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &T,  &T,     &S      ) );
-
-    /* S = M(S - T) - U */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &S,  &S,     &T      ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S,  &S,     &M      ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &S,  &S,     &U      ) );
-
-    /* U = 2.Y.Z */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &U,  &P->Y,  &P->Z   ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l_mod( grp, &U,  1               ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->X, &T ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Y, &S ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Z, &U ) );
-
-cleanup:
-    mbedtls_mpi_free( &M ); mbedtls_mpi_free( &S ); mbedtls_mpi_free( &T ); mbedtls_mpi_free( &U );
-
-    return( ret );
-}
-
-/*
- * Addition: R = P + Q, mixed affine-Jacobian coordinates (GECC 3.22)
- *
- * The coordinates of Q must be normalized (= affine),
- * but those of P don't need to. R is not normalized.
- *
- * Special cases: (1) P or Q is zero, (2) R is zero, (3) P == Q.
- * None of these cases can happen as intermediate step in ecp_mul_comb():
- * - at each step, P, Q and R are multiples of the base point, the factor
- *   being less than its order, so none of them is zero;
- * - Q is an odd multiple of the base point, P an even multiple,
- *   due to the choice of precomputed points in the modified comb method.
- * So branches for these cases do not leak secret information.
- *
- * We accept Q->Z being unset (saving memory in tables) as meaning 1.
- *
- * Cost: 1A := 8M + 3S
- */
-static int ecp_add_mixed( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
-                          const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_mpi T1, T2, T3, T4, X, Y, Z;
-
-#if defined(MBEDTLS_SELF_TEST)
-    add_count++;
-#endif
-
-#if defined(MBEDTLS_ECP_ADD_MIXED_ALT)
-    if( mbedtls_internal_ecp_grp_capable( grp ) )
-        return( mbedtls_internal_ecp_add_mixed( grp, R, P, Q ) );
-#endif /* MBEDTLS_ECP_ADD_MIXED_ALT */
-
-    /*
-     * Trivial cases: P == 0 or Q == 0 (case 1)
-     */
-    if( mbedtls_mpi_cmp_int( &P->Z, 0 ) == 0 )
-        return( mbedtls_ecp_copy( R, Q ) );
-
-    if( Q->Z.p != NULL && mbedtls_mpi_cmp_int( &Q->Z, 0 ) == 0 )
-        return( mbedtls_ecp_copy( R, P ) );
-
-    /*
-     * Make sure Q coordinates are normalized
-     */
-    if( Q->Z.p != NULL && mbedtls_mpi_cmp_int( &Q->Z, 1 ) != 0 )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-    mbedtls_mpi_init( &T1 ); mbedtls_mpi_init( &T2 ); mbedtls_mpi_init( &T3 ); mbedtls_mpi_init( &T4 );
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T1,  &P->Z,  &P->Z ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T2,  &T1,    &P->Z ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T1,  &T1,    &Q->X ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T2,  &T2,    &Q->Y ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &T1,  &T1,    &P->X ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &T2,  &T2,    &P->Y ) );
-
-    /* Special cases (2) and (3) */
-    if( mbedtls_mpi_cmp_int( &T1, 0 ) == 0 )
-    {
-        if( mbedtls_mpi_cmp_int( &T2, 0 ) == 0 )
-        {
-            ret = ecp_double_jac( grp, R, P );
-            goto cleanup;
-        }
-        else
-        {
-            ret = mbedtls_ecp_set_zero( R );
-            goto cleanup;
-        }
-    }
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &Z,   &P->Z,  &T1   ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T3,  &T1,    &T1   ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T4,  &T3,    &T1   ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T3,  &T3,    &P->X ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &T1, &T3 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l_mod( grp, &T1,  1     ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &X,   &T2,    &T2   ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &X,   &X,     &T1   ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &X,   &X,     &T4   ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &T3,  &T3,    &X    ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T3,  &T3,    &T2   ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T4,  &T4,    &P->Y ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &Y,   &T3,    &T4   ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->X, &X ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Y, &Y ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Z, &Z ) );
-
-cleanup:
-
-    mbedtls_mpi_free( &T1 ); mbedtls_mpi_free( &T2 ); mbedtls_mpi_free( &T3 ); mbedtls_mpi_free( &T4 );
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z );
-
-    return( ret );
-}
-
-/*
- * Randomize jacobian coordinates:
- * (X, Y, Z) -> (l^2 X, l^3 Y, l Z) for random l
- * This is sort of the reverse operation of ecp_normalize_jac().
- *
- * This countermeasure was first suggested in [2].
- */
-static int ecp_randomize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt,
-                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_mpi l, ll;
-    size_t p_size;
-    int count = 0;
-
-#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT)
-    if( mbedtls_internal_ecp_grp_capable( grp ) )
-        return( mbedtls_internal_ecp_randomize_jac( grp, pt, f_rng, p_rng ) );
-#endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */
-
-    p_size = ( grp->pbits + 7 ) / 8;
-    mbedtls_mpi_init( &l ); mbedtls_mpi_init( &ll );
-
-    /* Generate l such that 1 < l < p */
-    do
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &l, p_size, f_rng, p_rng ) );
-
-        while( mbedtls_mpi_cmp_mpi( &l, &grp->P ) >= 0 )
-            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &l, 1 ) );
-
-        if( count++ > 10 )
-        {
-            ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
-            goto cleanup;
-        }
-    }
-    while( mbedtls_mpi_cmp_int( &l, 1 ) <= 0 );
-
-    /* Z = l * Z */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->Z,   &pt->Z,     &l  ) );
-
-    /* X = l^2 * X */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &ll,      &l,         &l  ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->X,   &pt->X,     &ll ) );
-
-    /* Y = l^3 * Y */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &ll,      &ll,        &l  ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->Y,   &pt->Y,     &ll ) );
-
-cleanup:
-    mbedtls_mpi_free( &l ); mbedtls_mpi_free( &ll );
-
-    return( ret );
-}
-
-/*
- * Check and define parameters used by the comb method (see below for details)
- */
-#if MBEDTLS_ECP_WINDOW_SIZE < 2 || MBEDTLS_ECP_WINDOW_SIZE > 7
-#error "MBEDTLS_ECP_WINDOW_SIZE out of bounds"
-#endif
-
-/* d = ceil( n / w ) */
-#define COMB_MAX_D      ( MBEDTLS_ECP_MAX_BITS + 1 ) / 2
-
-/* number of precomputed points */
-#define COMB_MAX_PRE    ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) )
-
-/*
- * Compute the representation of m that will be used with our comb method.
- *
- * The basic comb method is described in GECC 3.44 for example. We use a
- * modified version that provides resistance to SPA by avoiding zero
- * digits in the representation as in [3]. We modify the method further by
- * requiring that all K_i be odd, which has the small cost that our
- * representation uses one more K_i, due to carries, but saves on the size of
- * the precomputed table.
- *
- * Summary of the comb method and its modifications:
- *
- * - The goal is to compute m*P for some w*d-bit integer m.
- *
- * - The basic comb method splits m into the w-bit integers
- *   x[0] .. x[d-1] where x[i] consists of the bits in m whose
- *   index has residue i modulo d, and computes m * P as
- *   S[x[0]] + 2 * S[x[1]] + .. + 2^(d-1) S[x[d-1]], where
- *   S[i_{w-1} .. i_0] := i_{w-1} 2^{(w-1)d} P + ... + i_1 2^d P + i_0 P.
- *
- * - If it happens that, say, x[i+1]=0 (=> S[x[i+1]]=0), one can replace the sum by
- *    .. + 2^{i-1} S[x[i-1]] - 2^i S[x[i]] + 2^{i+1} S[x[i]] + 2^{i+2} S[x[i+2]] ..,
- *   thereby successively converting it into a form where all summands
- *   are nonzero, at the cost of negative summands. This is the basic idea of [3].
- *
- * - More generally, even if x[i+1] != 0, we can first transform the sum as
- *   .. - 2^i S[x[i]] + 2^{i+1} ( S[x[i]] + S[x[i+1]] ) + 2^{i+2} S[x[i+2]] ..,
- *   and then replace S[x[i]] + S[x[i+1]] = S[x[i] ^ x[i+1]] + 2 S[x[i] & x[i+1]].
- *   Performing and iterating this procedure for those x[i] that are even
- *   (keeping track of carry), we can transform the original sum into one of the form
- *   S[x'[0]] +- 2 S[x'[1]] +- .. +- 2^{d-1} S[x'[d-1]] + 2^d S[x'[d]]
- *   with all x'[i] odd. It is therefore only necessary to know S at odd indices,
- *   which is why we are only computing half of it in the first place in
- *   ecp_precompute_comb and accessing it with index abs(i) / 2 in ecp_select_comb.
- *
- * - For the sake of compactness, only the seven low-order bits of x[i]
- *   are used to represent its absolute value (K_i in the paper), and the msb
- *   of x[i] encodes the sign (s_i in the paper): it is set if and only if
- *   if s_i == -1;
- *
- * Calling conventions:
- * - x is an array of size d + 1
- * - w is the size, ie number of teeth, of the comb, and must be between
- *   2 and 7 (in practice, between 2 and MBEDTLS_ECP_WINDOW_SIZE)
- * - m is the MPI, expected to be odd and such that bitlength(m) <= w * d
- *   (the result will be incorrect if these assumptions are not satisfied)
- */
-static void ecp_comb_recode_core( unsigned char x[], size_t d,
-                                  unsigned char w, const mbedtls_mpi *m )
-{
-    size_t i, j;
-    unsigned char c, cc, adjust;
-
-    memset( x, 0, d+1 );
-
-    /* First get the classical comb values (except for x_d = 0) */
-    for( i = 0; i < d; i++ )
-        for( j = 0; j < w; j++ )
-            x[i] |= mbedtls_mpi_get_bit( m, i + d * j ) << j;
-
-    /* Now make sure x_1 .. x_d are odd */
-    c = 0;
-    for( i = 1; i <= d; i++ )
-    {
-        /* Add carry and update it */
-        cc   = x[i] & c;
-        x[i] = x[i] ^ c;
-        c = cc;
-
-        /* Adjust if needed, avoiding branches */
-        adjust = 1 - ( x[i] & 0x01 );
-        c   |= x[i] & ( x[i-1] * adjust );
-        x[i] = x[i] ^ ( x[i-1] * adjust );
-        x[i-1] |= adjust << 7;
-    }
-}
-
-/*
- * Precompute points for the adapted comb method
- *
- * Assumption: T must be able to hold 2^{w - 1} elements.
- *
- * Operation: If i = i_{w-1} ... i_1 is the binary representation of i,
- *            sets T[i] = i_{w-1} 2^{(w-1)d} P + ... + i_1 2^d P + P.
- *
- * Cost: d(w-1) D + (2^{w-1} - 1) A + 1 N(w-1) + 1 N(2^{w-1} - 1)
- *
- * Note: Even comb values (those where P would be omitted from the
- *       sum defining T[i] above) are not needed in our adaption
- *       the comb method. See ecp_comb_recode_core().
- *
- * This function currently works in four steps:
- * (1) [dbl]      Computation of intermediate T[i] for 2-power values of i
- * (2) [norm_dbl] Normalization of coordinates of these T[i]
- * (3) [add]      Computation of all T[i]
- * (4) [norm_add] Normalization of all T[i]
- *
- * Step 1 can be interrupted but not the others; together with the final
- * coordinate normalization they are the largest steps done at once, depending
- * on the window size. Here are operation counts for P-256:
- *
- * step     (2)     (3)     (4)
- * w = 5    142     165     208
- * w = 4    136      77     160
- * w = 3    130      33     136
- * w = 2    124      11     124
- *
- * So if ECC operations are blocking for too long even with a low max_ops
- * value, it's useful to set MBEDTLS_ECP_WINDOW_SIZE to a lower value in order
- * to minimize maximum blocking time.
- */
-static int ecp_precompute_comb( const mbedtls_ecp_group *grp,
-                                mbedtls_ecp_point T[], const mbedtls_ecp_point *P,
-                                unsigned char w, size_t d,
-                                mbedtls_ecp_restart_ctx *rs_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char i;
-    size_t j = 0;
-    const unsigned char T_size = 1U << ( w - 1 );
-    mbedtls_ecp_point *cur, *TT[COMB_MAX_PRE - 1];
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->rsm != NULL )
-    {
-        if( rs_ctx->rsm->state == ecp_rsm_pre_dbl )
-            goto dbl;
-        if( rs_ctx->rsm->state == ecp_rsm_pre_norm_dbl )
-            goto norm_dbl;
-        if( rs_ctx->rsm->state == ecp_rsm_pre_add )
-            goto add;
-        if( rs_ctx->rsm->state == ecp_rsm_pre_norm_add )
-            goto norm_add;
-    }
-#else
-    (void) rs_ctx;
-#endif
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->rsm != NULL )
-    {
-        rs_ctx->rsm->state = ecp_rsm_pre_dbl;
-
-        /* initial state for the loop */
-        rs_ctx->rsm->i = 0;
-    }
-
-dbl:
-#endif
-    /*
-     * Set T[0] = P and
-     * T[2^{l-1}] = 2^{dl} P for l = 1 .. w-1 (this is not the final value)
-     */
-    MBEDTLS_MPI_CHK( mbedtls_ecp_copy( &T[0], P ) );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->i != 0 )
-        j = rs_ctx->rsm->i;
-    else
-#endif
-        j = 0;
-
-    for( ; j < d * ( w - 1 ); j++ )
-    {
-        MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_DBL );
-
-        i = 1U << ( j / d );
-        cur = T + i;
-
-        if( j % d == 0 )
-            MBEDTLS_MPI_CHK( mbedtls_ecp_copy( cur, T + ( i >> 1 ) ) );
-
-        MBEDTLS_MPI_CHK( ecp_double_jac( grp, cur, cur ) );
-    }
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->rsm != NULL )
-        rs_ctx->rsm->state = ecp_rsm_pre_norm_dbl;
-
-norm_dbl:
-#endif
-    /*
-     * Normalize current elements in T. As T has holes,
-     * use an auxiliary array of pointers to elements in T.
-     */
-    j = 0;
-    for( i = 1; i < T_size; i <<= 1 )
-        TT[j++] = T + i;
-
-    MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV + 6 * j - 2 );
-
-    MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, j ) );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->rsm != NULL )
-        rs_ctx->rsm->state = ecp_rsm_pre_add;
-
-add:
-#endif
-    /*
-     * Compute the remaining ones using the minimal number of additions
-     * Be careful to update T[2^l] only after using it!
-     */
-    MBEDTLS_ECP_BUDGET( ( T_size - 1 ) * MBEDTLS_ECP_OPS_ADD );
-
-    for( i = 1; i < T_size; i <<= 1 )
-    {
-        j = i;
-        while( j-- )
-            MBEDTLS_MPI_CHK( ecp_add_mixed( grp, &T[i + j], &T[j], &T[i] ) );
-    }
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->rsm != NULL )
-        rs_ctx->rsm->state = ecp_rsm_pre_norm_add;
-
-norm_add:
-#endif
-    /*
-     * Normalize final elements in T. Even though there are no holes now, we
-     * still need the auxiliary array for homogeneity with the previous
-     * call. Also, skip T[0] which is already normalised, being a copy of P.
-     */
-    for( j = 0; j + 1 < T_size; j++ )
-        TT[j] = T + j + 1;
-
-    MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV + 6 * j - 2 );
-
-    MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, j ) );
-
-cleanup:
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->rsm != NULL &&
-        ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
-    {
-        if( rs_ctx->rsm->state == ecp_rsm_pre_dbl )
-            rs_ctx->rsm->i = j;
-    }
-#endif
-
-    return( ret );
-}
-
-/*
- * Select precomputed point: R = sign(i) * T[ abs(i) / 2 ]
- *
- * See ecp_comb_recode_core() for background
- */
-static int ecp_select_comb( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
-                            const mbedtls_ecp_point T[], unsigned char T_size,
-                            unsigned char i )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char ii, j;
-
-    /* Ignore the "sign" bit and scale down */
-    ii =  ( i & 0x7Fu ) >> 1;
-
-    /* Read the whole table to thwart cache-based timing attacks */
-    for( j = 0; j < T_size; j++ )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &R->X, &T[j].X, j == ii ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &R->Y, &T[j].Y, j == ii ) );
-    }
-
-    /* Safely invert result if i is "negative" */
-    MBEDTLS_MPI_CHK( ecp_safe_invert_jac( grp, R, i >> 7 ) );
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Core multiplication algorithm for the (modified) comb method.
- * This part is actually common with the basic comb method (GECC 3.44)
- *
- * Cost: d A + d D + 1 R
- */
-static int ecp_mul_comb_core( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
-                              const mbedtls_ecp_point T[], unsigned char T_size,
-                              const unsigned char x[], size_t d,
-                              int (*f_rng)(void *, unsigned char *, size_t),
-                              void *p_rng,
-                              mbedtls_ecp_restart_ctx *rs_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ecp_point Txi;
-    size_t i;
-
-    mbedtls_ecp_point_init( &Txi );
-
-#if !defined(MBEDTLS_ECP_RESTARTABLE)
-    (void) rs_ctx;
-#endif
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->rsm != NULL &&
-        rs_ctx->rsm->state != ecp_rsm_comb_core )
-    {
-        rs_ctx->rsm->i = 0;
-        rs_ctx->rsm->state = ecp_rsm_comb_core;
-    }
-
-    /* new 'if' instead of nested for the sake of the 'else' branch */
-    if( rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->i != 0 )
-    {
-        /* restore current index (R already pointing to rs_ctx->rsm->R) */
-        i = rs_ctx->rsm->i;
-    }
-    else
-#endif
-    {
-        /* Start with a non-zero point and randomize its coordinates */
-        i = d;
-        MBEDTLS_MPI_CHK( ecp_select_comb( grp, R, T, T_size, x[i] ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 1 ) );
-#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-        if( f_rng != 0 )
-#endif
-            MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, R, f_rng, p_rng ) );
-    }
-
-    while( i != 0 )
-    {
-        MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_DBL + MBEDTLS_ECP_OPS_ADD );
-        --i;
-
-        MBEDTLS_MPI_CHK( ecp_double_jac( grp, R, R ) );
-        MBEDTLS_MPI_CHK( ecp_select_comb( grp, &Txi, T, T_size, x[i] ) );
-        MBEDTLS_MPI_CHK( ecp_add_mixed( grp, R, R, &Txi ) );
-    }
-
-cleanup:
-
-    mbedtls_ecp_point_free( &Txi );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->rsm != NULL &&
-        ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
-    {
-        rs_ctx->rsm->i = i;
-        /* no need to save R, already pointing to rs_ctx->rsm->R */
-    }
-#endif
-
-    return( ret );
-}
-
-/*
- * Recode the scalar to get constant-time comb multiplication
- *
- * As the actual scalar recoding needs an odd scalar as a starting point,
- * this wrapper ensures that by replacing m by N - m if necessary, and
- * informs the caller that the result of multiplication will be negated.
- *
- * This works because we only support large prime order for Short Weierstrass
- * curves, so N is always odd hence either m or N - m is.
- *
- * See ecp_comb_recode_core() for background.
- */
-static int ecp_comb_recode_scalar( const mbedtls_ecp_group *grp,
-                                   const mbedtls_mpi *m,
-                                   unsigned char k[COMB_MAX_D + 1],
-                                   size_t d,
-                                   unsigned char w,
-                                   unsigned char *parity_trick )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_mpi M, mm;
-
-    mbedtls_mpi_init( &M );
-    mbedtls_mpi_init( &mm );
-
-    /* N is always odd (see above), just make extra sure */
-    if( mbedtls_mpi_get_bit( &grp->N, 0 ) != 1 )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-    /* do we need the parity trick? */
-    *parity_trick = ( mbedtls_mpi_get_bit( m, 0 ) == 0 );
-
-    /* execute parity fix in constant time */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &M, m ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &mm, &grp->N, m ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &M, &mm, *parity_trick ) );
-
-    /* actual scalar recoding */
-    ecp_comb_recode_core( k, d, w, &M );
-
-cleanup:
-    mbedtls_mpi_free( &mm );
-    mbedtls_mpi_free( &M );
-
-    return( ret );
-}
-
-/*
- * Perform comb multiplication (for short Weierstrass curves)
- * once the auxiliary table has been pre-computed.
- *
- * Scalar recoding may use a parity trick that makes us compute -m * P,
- * if that is the case we'll need to recover m * P at the end.
- */
-static int ecp_mul_comb_after_precomp( const mbedtls_ecp_group *grp,
-                                mbedtls_ecp_point *R,
-                                const mbedtls_mpi *m,
-                                const mbedtls_ecp_point *T,
-                                unsigned char T_size,
-                                unsigned char w,
-                                size_t d,
-                                int (*f_rng)(void *, unsigned char *, size_t),
-                                void *p_rng,
-                                mbedtls_ecp_restart_ctx *rs_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char parity_trick;
-    unsigned char k[COMB_MAX_D + 1];
-    mbedtls_ecp_point *RR = R;
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->rsm != NULL )
-    {
-        RR = &rs_ctx->rsm->R;
-
-        if( rs_ctx->rsm->state == ecp_rsm_final_norm )
-            goto final_norm;
-    }
-#endif
-
-    MBEDTLS_MPI_CHK( ecp_comb_recode_scalar( grp, m, k, d, w,
-                                            &parity_trick ) );
-    MBEDTLS_MPI_CHK( ecp_mul_comb_core( grp, RR, T, T_size, k, d,
-                                        f_rng, p_rng, rs_ctx ) );
-    MBEDTLS_MPI_CHK( ecp_safe_invert_jac( grp, RR, parity_trick ) );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->rsm != NULL )
-        rs_ctx->rsm->state = ecp_rsm_final_norm;
-
-final_norm:
-    MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV );
-#endif
-    /*
-     * Knowledge of the jacobian coordinates may leak the last few bits of the
-     * scalar [1], and since our MPI implementation isn't constant-flow,
-     * inversion (used for coordinate normalization) may leak the full value
-     * of its input via side-channels [2].
-     *
-     * [1] https://eprint.iacr.org/2003/191
-     * [2] https://eprint.iacr.org/2020/055
-     *
-     * Avoid the leak by randomizing coordinates before we normalize them.
-     */
-#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-    if( f_rng != 0 )
-#endif
-        MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, RR, f_rng, p_rng ) );
-
-    MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, RR ) );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->rsm != NULL )
-        MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, RR ) );
-#endif
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Pick window size based on curve size and whether we optimize for base point
- */
-static unsigned char ecp_pick_window_size( const mbedtls_ecp_group *grp,
-                                           unsigned char p_eq_g )
-{
-    unsigned char w;
-
-    /*
-     * Minimize the number of multiplications, that is minimize
-     * 10 * d * w + 18 * 2^(w-1) + 11 * d + 7 * w, with d = ceil( nbits / w )
-     * (see costs of the various parts, with 1S = 1M)
-     */
-    w = grp->nbits >= 384 ? 5 : 4;
-
-    /*
-     * If P == G, pre-compute a bit more, since this may be re-used later.
-     * Just adding one avoids upping the cost of the first mul too much,
-     * and the memory cost too.
-     */
-    if( p_eq_g )
-        w++;
-
-    /*
-     * Make sure w is within bounds.
-     * (The last test is useful only for very small curves in the test suite.)
-     */
-#if( MBEDTLS_ECP_WINDOW_SIZE < 6 )
-    if( w > MBEDTLS_ECP_WINDOW_SIZE )
-        w = MBEDTLS_ECP_WINDOW_SIZE;
-#endif
-    if( w >= grp->nbits )
-        w = 2;
-
-    return( w );
-}
-
-/*
- * Multiplication using the comb method - for curves in short Weierstrass form
- *
- * This function is mainly responsible for administrative work:
- * - managing the restart context if enabled
- * - managing the table of precomputed points (passed between the below two
- *   functions): allocation, computation, ownership tranfer, freeing.
- *
- * It delegates the actual arithmetic work to:
- *      ecp_precompute_comb() and ecp_mul_comb_with_precomp()
- *
- * See comments on ecp_comb_recode_core() regarding the computation strategy.
- */
-static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
-                         const mbedtls_mpi *m, const mbedtls_ecp_point *P,
-                         int (*f_rng)(void *, unsigned char *, size_t),
-                         void *p_rng,
-                         mbedtls_ecp_restart_ctx *rs_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char w, p_eq_g, i;
-    size_t d;
-    unsigned char T_size = 0, T_ok = 0;
-    mbedtls_ecp_point *T = NULL;
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-    ecp_drbg_context drbg_ctx;
-
-    ecp_drbg_init( &drbg_ctx );
-#endif
-
-    ECP_RS_ENTER( rsm );
-
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-    if( f_rng == NULL )
-    {
-        /* Adjust pointers */
-        f_rng = &ecp_drbg_random;
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-        if( rs_ctx != NULL && rs_ctx->rsm != NULL )
-            p_rng = &rs_ctx->rsm->drbg_ctx;
-        else
-#endif
-            p_rng = &drbg_ctx;
-
-        /* Initialize internal DRBG if necessary */
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-        if( rs_ctx == NULL || rs_ctx->rsm == NULL ||
-            rs_ctx->rsm->drbg_seeded == 0 )
-#endif
-        {
-            const size_t m_len = ( grp->nbits + 7 ) / 8;
-            MBEDTLS_MPI_CHK( ecp_drbg_seed( p_rng, m, m_len ) );
-        }
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-        if( rs_ctx != NULL && rs_ctx->rsm != NULL )
-            rs_ctx->rsm->drbg_seeded = 1;
-#endif
-    }
-#endif /* !MBEDTLS_ECP_NO_INTERNAL_RNG */
-
-    /* Is P the base point ? */
-#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1
-    p_eq_g = ( mbedtls_mpi_cmp_mpi( &P->Y, &grp->G.Y ) == 0 &&
-               mbedtls_mpi_cmp_mpi( &P->X, &grp->G.X ) == 0 );
-#else
-    p_eq_g = 0;
-#endif
-
-    /* Pick window size and deduce related sizes */
-    w = ecp_pick_window_size( grp, p_eq_g );
-    T_size = 1U << ( w - 1 );
-    d = ( grp->nbits + w - 1 ) / w;
-
-    /* Pre-computed table: do we have it already for the base point? */
-    if( p_eq_g && grp->T != NULL )
-    {
-        /* second pointer to the same table, will be deleted on exit */
-        T = grp->T;
-        T_ok = 1;
-    }
-    else
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    /* Pre-computed table: do we have one in progress? complete? */
-    if( rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->T != NULL )
-    {
-        /* transfer ownership of T from rsm to local function */
-        T = rs_ctx->rsm->T;
-        rs_ctx->rsm->T = NULL;
-        rs_ctx->rsm->T_size = 0;
-
-        /* This effectively jumps to the call to mul_comb_after_precomp() */
-        T_ok = rs_ctx->rsm->state >= ecp_rsm_comb_core;
-    }
-    else
-#endif
-    /* Allocate table if we didn't have any */
-    {
-        T = mbedtls_calloc( T_size, sizeof( mbedtls_ecp_point ) );
-        if( T == NULL )
-        {
-            ret = MBEDTLS_ERR_ECP_ALLOC_FAILED;
-            goto cleanup;
-        }
-
-        for( i = 0; i < T_size; i++ )
-            mbedtls_ecp_point_init( &T[i] );
-
-        T_ok = 0;
-    }
-
-    /* Compute table (or finish computing it) if not done already */
-    if( !T_ok )
-    {
-        MBEDTLS_MPI_CHK( ecp_precompute_comb( grp, T, P, w, d, rs_ctx ) );
-
-        if( p_eq_g )
-        {
-            /* almost transfer ownership of T to the group, but keep a copy of
-             * the pointer to use for calling the next function more easily */
-            grp->T = T;
-            grp->T_size = T_size;
-        }
-    }
-
-    /* Actual comb multiplication using precomputed points */
-    MBEDTLS_MPI_CHK( ecp_mul_comb_after_precomp( grp, R, m,
-                                                 T, T_size, w, d,
-                                                 f_rng, p_rng, rs_ctx ) );
-
-cleanup:
-
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-    ecp_drbg_free( &drbg_ctx );
-#endif
-
-    /* does T belong to the group? */
-    if( T == grp->T )
-        T = NULL;
-
-    /* does T belong to the restart context? */
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->rsm != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS && T != NULL )
-    {
-        /* transfer ownership of T from local function to rsm */
-        rs_ctx->rsm->T_size = T_size;
-        rs_ctx->rsm->T = T;
-        T = NULL;
-    }
-#endif
-
-    /* did T belong to us? then let's destroy it! */
-    if( T != NULL )
-    {
-        for( i = 0; i < T_size; i++ )
-            mbedtls_ecp_point_free( &T[i] );
-        mbedtls_free( T );
-    }
-
-    /* don't free R while in progress in case R == P */
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
-#endif
-    /* prevent caller from using invalid value */
-    if( ret != 0 )
-        mbedtls_ecp_point_free( R );
-
-    ECP_RS_LEAVE( rsm );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
-
-#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
-/*
- * For Montgomery curves, we do all the internal arithmetic in projective
- * coordinates. Import/export of points uses only the x coordinates, which is
- * internaly represented as X / Z.
- *
- * For scalar multiplication, we'll use a Montgomery ladder.
- */
-
-/*
- * Normalize Montgomery x/z coordinates: X = X/Z, Z = 1
- * Cost: 1M + 1I
- */
-static int ecp_normalize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
-    if( mbedtls_internal_ecp_grp_capable( grp ) )
-        return( mbedtls_internal_ecp_normalize_mxz( grp, P ) );
-#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &P->Z, &P->Z, &grp->P ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &P->X, &P->X, &P->Z ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &P->Z, 1 ) );
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Randomize projective x/z coordinates:
- * (X, Z) -> (l X, l Z) for random l
- * This is sort of the reverse operation of ecp_normalize_mxz().
- *
- * This countermeasure was first suggested in [2].
- * Cost: 2M
- */
-static int ecp_randomize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P,
-                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_mpi l;
-    size_t p_size;
-    int count = 0;
-
-#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT)
-    if( mbedtls_internal_ecp_grp_capable( grp ) )
-        return( mbedtls_internal_ecp_randomize_mxz( grp, P, f_rng, p_rng );
-#endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */
-
-    p_size = ( grp->pbits + 7 ) / 8;
-    mbedtls_mpi_init( &l );
-
-    /* Generate l such that 1 < l < p */
-    do
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &l, p_size, f_rng, p_rng ) );
-
-        while( mbedtls_mpi_cmp_mpi( &l, &grp->P ) >= 0 )
-            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &l, 1 ) );
-
-        if( count++ > 10 )
-        {
-            ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
-            goto cleanup;
-        }
-    }
-    while( mbedtls_mpi_cmp_int( &l, 1 ) <= 0 );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &P->X, &P->X, &l ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &P->Z, &P->Z, &l ) );
-
-cleanup:
-    mbedtls_mpi_free( &l );
-
-    return( ret );
-}
-
-/*
- * Double-and-add: R = 2P, S = P + Q, with d = X(P - Q),
- * for Montgomery curves in x/z coordinates.
- *
- * http://www.hyperelliptic.org/EFD/g1p/auto-code/montgom/xz/ladder/mladd-1987-m.op3
- * with
- * d =  X1
- * P = (X2, Z2)
- * Q = (X3, Z3)
- * R = (X4, Z4)
- * S = (X5, Z5)
- * and eliminating temporary variables tO, ..., t4.
- *
- * Cost: 5M + 4S
- */
-static int ecp_double_add_mxz( const mbedtls_ecp_group *grp,
-                               mbedtls_ecp_point *R, mbedtls_ecp_point *S,
-                               const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q,
-                               const mbedtls_mpi *d )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_mpi A, AA, B, BB, E, C, D, DA, CB;
-
-#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)
-    if( mbedtls_internal_ecp_grp_capable( grp ) )
-        return( mbedtls_internal_ecp_double_add_mxz( grp, R, S, P, Q, d ) );
-#endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */
-
-    mbedtls_mpi_init( &A ); mbedtls_mpi_init( &AA ); mbedtls_mpi_init( &B );
-    mbedtls_mpi_init( &BB ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &C );
-    mbedtls_mpi_init( &D ); mbedtls_mpi_init( &DA ); mbedtls_mpi_init( &CB );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &A,    &P->X,   &P->Z ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &AA,   &A,      &A    ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &B,    &P->X,   &P->Z ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &BB,   &B,      &B    ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &E,    &AA,     &BB   ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &C,    &Q->X,   &Q->Z ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &D,    &Q->X,   &Q->Z ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &DA,   &D,      &A    ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &CB,   &C,      &B    ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &S->X, &DA,     &CB   ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S->X, &S->X,   &S->X ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &S->Z, &DA,     &CB   ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S->Z, &S->Z,   &S->Z ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S->Z, d,       &S->Z ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &R->X, &AA,     &BB   ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &R->Z, &grp->A, &E    ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &R->Z, &BB,     &R->Z ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &R->Z, &E,      &R->Z ) );
-
-cleanup:
-    mbedtls_mpi_free( &A ); mbedtls_mpi_free( &AA ); mbedtls_mpi_free( &B );
-    mbedtls_mpi_free( &BB ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &C );
-    mbedtls_mpi_free( &D ); mbedtls_mpi_free( &DA ); mbedtls_mpi_free( &CB );
-
-    return( ret );
-}
-
-/*
- * Multiplication with Montgomery ladder in x/z coordinates,
- * for curves in Montgomery form
- */
-static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
-                        const mbedtls_mpi *m, const mbedtls_ecp_point *P,
-                        int (*f_rng)(void *, unsigned char *, size_t),
-                        void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t i;
-    unsigned char b;
-    mbedtls_ecp_point RP;
-    mbedtls_mpi PX;
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-    ecp_drbg_context drbg_ctx;
-
-    ecp_drbg_init( &drbg_ctx );
-#endif
-    mbedtls_ecp_point_init( &RP ); mbedtls_mpi_init( &PX );
-
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-    if( f_rng == NULL )
-    {
-        const size_t m_len = ( grp->nbits + 7 ) / 8;
-        MBEDTLS_MPI_CHK( ecp_drbg_seed( &drbg_ctx, m, m_len ) );
-        f_rng = &ecp_drbg_random;
-        p_rng = &drbg_ctx;
-    }
-#endif /* !MBEDTLS_ECP_NO_INTERNAL_RNG */
-
-    /* Save PX and read from P before writing to R, in case P == R */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &PX, &P->X ) );
-    MBEDTLS_MPI_CHK( mbedtls_ecp_copy( &RP, P ) );
-
-    /* Set R to zero in modified x/z coordinates */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->X, 1 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 0 ) );
-    mbedtls_mpi_free( &R->Y );
-
-    /* RP.X might be sligtly larger than P, so reduce it */
-    MOD_ADD( RP.X );
-
-    /* Randomize coordinates of the starting point */
-#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-    if( f_rng != NULL )
-#endif
-        MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, &RP, f_rng, p_rng ) );
-
-    /* Loop invariant: R = result so far, RP = R + P */
-    i = mbedtls_mpi_bitlen( m ); /* one past the (zero-based) most significant bit */
-    while( i-- > 0 )
-    {
-        b = mbedtls_mpi_get_bit( m, i );
-        /*
-         *  if (b) R = 2R + P else R = 2R,
-         * which is:
-         *  if (b) double_add( RP, R, RP, R )
-         *  else   double_add( R, RP, R, RP )
-         * but using safe conditional swaps to avoid leaks
-         */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->X, &RP.X, b ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->Z, &RP.Z, b ) );
-        MBEDTLS_MPI_CHK( ecp_double_add_mxz( grp, R, &RP, R, &RP, &PX ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->X, &RP.X, b ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->Z, &RP.Z, b ) );
-    }
-
-    /*
-     * Knowledge of the projective coordinates may leak the last few bits of the
-     * scalar [1], and since our MPI implementation isn't constant-flow,
-     * inversion (used for coordinate normalization) may leak the full value
-     * of its input via side-channels [2].
-     *
-     * [1] https://eprint.iacr.org/2003/191
-     * [2] https://eprint.iacr.org/2020/055
-     *
-     * Avoid the leak by randomizing coordinates before we normalize them.
-     */
-#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-    if( f_rng != NULL )
-#endif
-        MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, R, f_rng, p_rng ) );
-
-    MBEDTLS_MPI_CHK( ecp_normalize_mxz( grp, R ) );
-
-cleanup:
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-    ecp_drbg_free( &drbg_ctx );
-#endif
-
-    mbedtls_ecp_point_free( &RP ); mbedtls_mpi_free( &PX );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
-
-/*
- * Restartable multiplication R = m * P
- */
-int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
-             const mbedtls_mpi *m, const mbedtls_ecp_point *P,
-             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-             mbedtls_ecp_restart_ctx *rs_ctx )
-{
-    int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-#if defined(MBEDTLS_ECP_INTERNAL_ALT)
-    char is_grp_capable = 0;
-#endif
-    ECP_VALIDATE_RET( grp != NULL );
-    ECP_VALIDATE_RET( R   != NULL );
-    ECP_VALIDATE_RET( m   != NULL );
-    ECP_VALIDATE_RET( P   != NULL );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    /* reset ops count for this call if top-level */
-    if( rs_ctx != NULL && rs_ctx->depth++ == 0 )
-        rs_ctx->ops_done = 0;
-#else
-    (void) rs_ctx;
-#endif
-
-#if defined(MBEDTLS_ECP_INTERNAL_ALT)
-    if( ( is_grp_capable = mbedtls_internal_ecp_grp_capable( grp ) ) )
-        MBEDTLS_MPI_CHK( mbedtls_internal_ecp_init( grp ) );
-#endif /* MBEDTLS_ECP_INTERNAL_ALT */
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    /* skip argument check when restarting */
-    if( rs_ctx == NULL || rs_ctx->rsm == NULL )
-#endif
-    {
-        /* check_privkey is free */
-        MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_CHK );
-
-        /* Common sanity checks */
-        MBEDTLS_MPI_CHK( mbedtls_ecp_check_privkey( grp, m ) );
-        MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, P ) );
-    }
-
-    ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
-    if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
-        MBEDTLS_MPI_CHK( ecp_mul_mxz( grp, R, m, P, f_rng, p_rng ) );
-#endif
-#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
-    if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS )
-        MBEDTLS_MPI_CHK( ecp_mul_comb( grp, R, m, P, f_rng, p_rng, rs_ctx ) );
-#endif
-
-cleanup:
-
-#if defined(MBEDTLS_ECP_INTERNAL_ALT)
-    if( is_grp_capable )
-        mbedtls_internal_ecp_free( grp );
-#endif /* MBEDTLS_ECP_INTERNAL_ALT */
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL )
-        rs_ctx->depth--;
-#endif
-
-    return( ret );
-}
-
-/*
- * Multiplication R = m * P
- */
-int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
-             const mbedtls_mpi *m, const mbedtls_ecp_point *P,
-             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-    ECP_VALIDATE_RET( grp != NULL );
-    ECP_VALIDATE_RET( R   != NULL );
-    ECP_VALIDATE_RET( m   != NULL );
-    ECP_VALIDATE_RET( P   != NULL );
-    return( mbedtls_ecp_mul_restartable( grp, R, m, P, f_rng, p_rng, NULL ) );
-}
-
-#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
-/*
- * Check that an affine point is valid as a public key,
- * short weierstrass curves (SEC1 3.2.3.1)
- */
-static int ecp_check_pubkey_sw( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_mpi YY, RHS;
-
-    /* pt coordinates must be normalized for our checks */
-    if( mbedtls_mpi_cmp_int( &pt->X, 0 ) < 0 ||
-        mbedtls_mpi_cmp_int( &pt->Y, 0 ) < 0 ||
-        mbedtls_mpi_cmp_mpi( &pt->X, &grp->P ) >= 0 ||
-        mbedtls_mpi_cmp_mpi( &pt->Y, &grp->P ) >= 0 )
-        return( MBEDTLS_ERR_ECP_INVALID_KEY );
-
-    mbedtls_mpi_init( &YY ); mbedtls_mpi_init( &RHS );
-
-    /*
-     * YY = Y^2
-     * RHS = X (X^2 + A) + B = X^3 + A X + B
-     */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &YY,  &pt->Y,   &pt->Y  ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &RHS, &pt->X,   &pt->X  ) );
-
-    /* Special case for A = -3 */
-    if( grp->A.p == NULL )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &RHS, &RHS, 3       ) );  MOD_SUB( RHS );
-    }
-    else
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &RHS, &RHS, &grp->A ) );
-    }
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &RHS, &RHS,     &pt->X  ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &RHS, &RHS,     &grp->B ) );
-
-    if( mbedtls_mpi_cmp_mpi( &YY, &RHS ) != 0 )
-        ret = MBEDTLS_ERR_ECP_INVALID_KEY;
-
-cleanup:
-
-    mbedtls_mpi_free( &YY ); mbedtls_mpi_free( &RHS );
-
-    return( ret );
-}
-#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
-
-#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
-/*
- * R = m * P with shortcuts for m == 1 and m == -1
- * NOT constant-time - ONLY for short Weierstrass!
- */
-static int mbedtls_ecp_mul_shortcuts( mbedtls_ecp_group *grp,
-                                      mbedtls_ecp_point *R,
-                                      const mbedtls_mpi *m,
-                                      const mbedtls_ecp_point *P,
-                                      mbedtls_ecp_restart_ctx *rs_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( mbedtls_mpi_cmp_int( m, 1 ) == 0 )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, P ) );
-    }
-    else if( mbedtls_mpi_cmp_int( m, -1 ) == 0 )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, P ) );
-        if( mbedtls_mpi_cmp_int( &R->Y, 0 ) != 0 )
-            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &R->Y, &grp->P, &R->Y ) );
-    }
-    else
-    {
-        MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, R, m, P,
-                                                      NULL, NULL, rs_ctx ) );
-    }
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Restartable linear combination
- * NOT constant-time
- */
-int mbedtls_ecp_muladd_restartable(
-             mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
-             const mbedtls_mpi *m, const mbedtls_ecp_point *P,
-             const mbedtls_mpi *n, const mbedtls_ecp_point *Q,
-             mbedtls_ecp_restart_ctx *rs_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ecp_point mP;
-    mbedtls_ecp_point *pmP = &mP;
-    mbedtls_ecp_point *pR = R;
-#if defined(MBEDTLS_ECP_INTERNAL_ALT)
-    char is_grp_capable = 0;
-#endif
-    ECP_VALIDATE_RET( grp != NULL );
-    ECP_VALIDATE_RET( R   != NULL );
-    ECP_VALIDATE_RET( m   != NULL );
-    ECP_VALIDATE_RET( P   != NULL );
-    ECP_VALIDATE_RET( n   != NULL );
-    ECP_VALIDATE_RET( Q   != NULL );
-
-    if( mbedtls_ecp_get_type( grp ) != MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS )
-        return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
-
-    mbedtls_ecp_point_init( &mP );
-
-    ECP_RS_ENTER( ma );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->ma != NULL )
-    {
-        /* redirect intermediate results to restart context */
-        pmP = &rs_ctx->ma->mP;
-        pR  = &rs_ctx->ma->R;
-
-        /* jump to next operation */
-        if( rs_ctx->ma->state == ecp_rsma_mul2 )
-            goto mul2;
-        if( rs_ctx->ma->state == ecp_rsma_add )
-            goto add;
-        if( rs_ctx->ma->state == ecp_rsma_norm )
-            goto norm;
-    }
-#endif /* MBEDTLS_ECP_RESTARTABLE */
-
-    MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, pmP, m, P, rs_ctx ) );
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->ma != NULL )
-        rs_ctx->ma->state = ecp_rsma_mul2;
-
-mul2:
-#endif
-    MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, pR,  n, Q, rs_ctx ) );
-
-#if defined(MBEDTLS_ECP_INTERNAL_ALT)
-    if( ( is_grp_capable = mbedtls_internal_ecp_grp_capable( grp ) ) )
-        MBEDTLS_MPI_CHK( mbedtls_internal_ecp_init( grp ) );
-#endif /* MBEDTLS_ECP_INTERNAL_ALT */
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->ma != NULL )
-        rs_ctx->ma->state = ecp_rsma_add;
-
-add:
-#endif
-    MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_ADD );
-    MBEDTLS_MPI_CHK( ecp_add_mixed( grp, pR, pmP, pR ) );
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->ma != NULL )
-        rs_ctx->ma->state = ecp_rsma_norm;
-
-norm:
-#endif
-    MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV );
-    MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, pR ) );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && rs_ctx->ma != NULL )
-        MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, pR ) );
-#endif
-
-cleanup:
-#if defined(MBEDTLS_ECP_INTERNAL_ALT)
-    if( is_grp_capable )
-        mbedtls_internal_ecp_free( grp );
-#endif /* MBEDTLS_ECP_INTERNAL_ALT */
-
-    mbedtls_ecp_point_free( &mP );
-
-    ECP_RS_LEAVE( ma );
-
-    return( ret );
-}
-
-/*
- * Linear combination
- * NOT constant-time
- */
-int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
-             const mbedtls_mpi *m, const mbedtls_ecp_point *P,
-             const mbedtls_mpi *n, const mbedtls_ecp_point *Q )
-{
-    ECP_VALIDATE_RET( grp != NULL );
-    ECP_VALIDATE_RET( R   != NULL );
-    ECP_VALIDATE_RET( m   != NULL );
-    ECP_VALIDATE_RET( P   != NULL );
-    ECP_VALIDATE_RET( n   != NULL );
-    ECP_VALIDATE_RET( Q   != NULL );
-    return( mbedtls_ecp_muladd_restartable( grp, R, m, P, n, Q, NULL ) );
-}
-#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
-
-#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
-/*
- * Check validity of a public key for Montgomery curves with x-only schemes
- */
-static int ecp_check_pubkey_mx( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt )
-{
-    /* [Curve25519 p. 5] Just check X is the correct number of bytes */
-    /* Allow any public value, if it's too big then we'll just reduce it mod p
-     * (RFC 7748 sec. 5 para. 3). */
-    if( mbedtls_mpi_size( &pt->X ) > ( grp->nbits + 7 ) / 8 )
-        return( MBEDTLS_ERR_ECP_INVALID_KEY );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
-
-/*
- * Check that a point is valid as a public key
- */
-int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp,
-                              const mbedtls_ecp_point *pt )
-{
-    ECP_VALIDATE_RET( grp != NULL );
-    ECP_VALIDATE_RET( pt  != NULL );
-
-    /* Must use affine coordinates */
-    if( mbedtls_mpi_cmp_int( &pt->Z, 1 ) != 0 )
-        return( MBEDTLS_ERR_ECP_INVALID_KEY );
-
-#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
-    if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
-        return( ecp_check_pubkey_mx( grp, pt ) );
-#endif
-#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
-    if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS )
-        return( ecp_check_pubkey_sw( grp, pt ) );
-#endif
-    return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-}
-
-/*
- * Check that an mbedtls_mpi is valid as a private key
- */
-int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp,
-                               const mbedtls_mpi *d )
-{
-    ECP_VALIDATE_RET( grp != NULL );
-    ECP_VALIDATE_RET( d   != NULL );
-
-#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
-    if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
-    {
-        /* see RFC 7748 sec. 5 para. 5 */
-        if( mbedtls_mpi_get_bit( d, 0 ) != 0 ||
-            mbedtls_mpi_get_bit( d, 1 ) != 0 ||
-            mbedtls_mpi_bitlen( d ) - 1 != grp->nbits ) /* mbedtls_mpi_bitlen is one-based! */
-            return( MBEDTLS_ERR_ECP_INVALID_KEY );
-
-        /* see [Curve25519] page 5 */
-        if( grp->nbits == 254 && mbedtls_mpi_get_bit( d, 2 ) != 0 )
-            return( MBEDTLS_ERR_ECP_INVALID_KEY );
-
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
-#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
-    if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS )
-    {
-        /* see SEC1 3.2 */
-        if( mbedtls_mpi_cmp_int( d, 1 ) < 0 ||
-            mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 )
-            return( MBEDTLS_ERR_ECP_INVALID_KEY );
-        else
-            return( 0 );
-    }
-#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
-
-    return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-}
-
-/*
- * Generate a private key
- */
-int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp,
-                     mbedtls_mpi *d,
-                     int (*f_rng)(void *, unsigned char *, size_t),
-                     void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-    size_t n_size;
-
-    ECP_VALIDATE_RET( grp   != NULL );
-    ECP_VALIDATE_RET( d     != NULL );
-    ECP_VALIDATE_RET( f_rng != NULL );
-
-    n_size = ( grp->nbits + 7 ) / 8;
-
-#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
-    if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
-    {
-        /* [M225] page 5 */
-        size_t b;
-
-        do {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_size, f_rng, p_rng ) );
-        } while( mbedtls_mpi_bitlen( d ) == 0);
-
-        /* Make sure the most significant bit is nbits */
-        b = mbedtls_mpi_bitlen( d ) - 1; /* mbedtls_mpi_bitlen is one-based */
-        if( b > grp->nbits )
-            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, b - grp->nbits ) );
-        else
-            MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, grp->nbits, 1 ) );
-
-        /* Make sure the last two bits are unset for Curve448, three bits for
-           Curve25519 */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 0, 0 ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 1, 0 ) );
-        if( grp->nbits == 254 )
-        {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 2, 0 ) );
-        }
-    }
-#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
-
-#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
-    if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS )
-    {
-        /* SEC1 3.2.1: Generate d such that 1 <= n < N */
-        int count = 0;
-        unsigned cmp = 0;
-
-        /*
-         * Match the procedure given in RFC 6979 (deterministic ECDSA):
-         * - use the same byte ordering;
-         * - keep the leftmost nbits bits of the generated octet string;
-         * - try until result is in the desired range.
-         * This also avoids any biais, which is especially important for ECDSA.
-         */
-        do
-        {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_size, f_rng, p_rng ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, 8 * n_size - grp->nbits ) );
-
-            /*
-             * Each try has at worst a probability 1/2 of failing (the msb has
-             * a probability 1/2 of being 0, and then the result will be < N),
-             * so after 30 tries failure probability is a most 2**(-30).
-             *
-             * For most curves, 1 try is enough with overwhelming probability,
-             * since N starts with a lot of 1s in binary, but some curves
-             * such as secp224k1 are actually very close to the worst case.
-             */
-            if( ++count > 30 )
-            {
-                ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
-                goto cleanup;
-            }
-
-            ret = mbedtls_mpi_lt_mpi_ct( d, &grp->N, &cmp );
-            if( ret != 0 )
-            {
-                goto cleanup;
-            }
-        }
-        while( mbedtls_mpi_cmp_int( d, 1 ) < 0 || cmp != 1 );
-    }
-#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Generate a keypair with configurable base point
- */
-int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
-                     const mbedtls_ecp_point *G,
-                     mbedtls_mpi *d, mbedtls_ecp_point *Q,
-                     int (*f_rng)(void *, unsigned char *, size_t),
-                     void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    ECP_VALIDATE_RET( grp   != NULL );
-    ECP_VALIDATE_RET( d     != NULL );
-    ECP_VALIDATE_RET( G     != NULL );
-    ECP_VALIDATE_RET( Q     != NULL );
-    ECP_VALIDATE_RET( f_rng != NULL );
-
-    MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, d, f_rng, p_rng ) );
-    MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, Q, d, G, f_rng, p_rng ) );
-
-cleanup:
-    return( ret );
-}
-
-/*
- * Generate key pair, wrapper for conventional base point
- */
-int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp,
-                             mbedtls_mpi *d, mbedtls_ecp_point *Q,
-                             int (*f_rng)(void *, unsigned char *, size_t),
-                             void *p_rng )
-{
-    ECP_VALIDATE_RET( grp   != NULL );
-    ECP_VALIDATE_RET( d     != NULL );
-    ECP_VALIDATE_RET( Q     != NULL );
-    ECP_VALIDATE_RET( f_rng != NULL );
-
-    return( mbedtls_ecp_gen_keypair_base( grp, &grp->G, d, Q, f_rng, p_rng ) );
-}
-
-/*
- * Generate a keypair, prettier wrapper
- */
-int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
-                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    ECP_VALIDATE_RET( key   != NULL );
-    ECP_VALIDATE_RET( f_rng != NULL );
-
-    if( ( ret = mbedtls_ecp_group_load( &key->grp, grp_id ) ) != 0 )
-        return( ret );
-
-    return( mbedtls_ecp_gen_keypair( &key->grp, &key->d, &key->Q, f_rng, p_rng ) );
-}
-
-#define ECP_CURVE25519_KEY_SIZE 32
-/*
- * Read a private key.
- */
-int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
-                          const unsigned char *buf, size_t buflen )
-{
-    int ret = 0;
-
-    ECP_VALIDATE_RET( key  != NULL );
-    ECP_VALIDATE_RET( buf  != NULL );
-
-    if( ( ret = mbedtls_ecp_group_load( &key->grp, grp_id ) ) != 0 )
-        return( ret );
-
-    ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
-
-#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
-    if( mbedtls_ecp_get_type( &key->grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
-    {
-        /*
-         * If it is Curve25519 curve then mask the key as mandated by RFC7748
-         */
-        if( grp_id == MBEDTLS_ECP_DP_CURVE25519 )
-        {
-            if( buflen != ECP_CURVE25519_KEY_SIZE )
-                return MBEDTLS_ERR_ECP_INVALID_KEY;
-
-            MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary_le( &key->d, buf, buflen ) );
-
-            /* Set the three least significant bits to 0 */
-            MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &key->d, 0, 0 ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &key->d, 1, 0 ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &key->d, 2, 0 ) );
-
-            /* Set the most significant bit to 0 */
-            MBEDTLS_MPI_CHK(
-                    mbedtls_mpi_set_bit( &key->d,
-                                         ECP_CURVE25519_KEY_SIZE * 8 - 1, 0 )
-                    );
-
-            /* Set the second most significant bit to 1 */
-            MBEDTLS_MPI_CHK(
-                    mbedtls_mpi_set_bit( &key->d,
-                                         ECP_CURVE25519_KEY_SIZE * 8 - 2, 1 )
-                    );
-        }
-        else
-            ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
-    }
-
-#endif
-#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
-    if( mbedtls_ecp_get_type( &key->grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &key->d, buf, buflen ) );
-
-        MBEDTLS_MPI_CHK( mbedtls_ecp_check_privkey( &key->grp, &key->d ) );
-    }
-
-#endif
-cleanup:
-
-    if( ret != 0 )
-        mbedtls_mpi_free( &key->d );
-
-    return( ret );
-}
-
-/*
- * Write a private key.
- */
-int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key,
-                           unsigned char *buf, size_t buflen )
-{
-    int ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
-
-    ECP_VALIDATE_RET( key != NULL );
-    ECP_VALIDATE_RET( buf != NULL );
-
-#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
-    if( mbedtls_ecp_get_type( &key->grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
-    {
-        if( key->grp.id == MBEDTLS_ECP_DP_CURVE25519 )
-        {
-            if( buflen < ECP_CURVE25519_KEY_SIZE )
-                return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
-
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary_le( &key->d, buf, buflen ) );
-        }
-        else
-            ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
-    }
-
-#endif
-#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
-    if( mbedtls_ecp_get_type( &key->grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &key->d, buf, buflen ) );
-    }
-
-#endif
-cleanup:
-
-    return( ret );
-}
-
-
-/*
- * Check a public-private key pair
- */
-int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ecp_point Q;
-    mbedtls_ecp_group grp;
-    ECP_VALIDATE_RET( pub != NULL );
-    ECP_VALIDATE_RET( prv != NULL );
-
-    if( pub->grp.id == MBEDTLS_ECP_DP_NONE ||
-        pub->grp.id != prv->grp.id ||
-        mbedtls_mpi_cmp_mpi( &pub->Q.X, &prv->Q.X ) ||
-        mbedtls_mpi_cmp_mpi( &pub->Q.Y, &prv->Q.Y ) ||
-        mbedtls_mpi_cmp_mpi( &pub->Q.Z, &prv->Q.Z ) )
-    {
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-    }
-
-    mbedtls_ecp_point_init( &Q );
-    mbedtls_ecp_group_init( &grp );
-
-    /* mbedtls_ecp_mul() needs a non-const group... */
-    mbedtls_ecp_group_copy( &grp, &prv->grp );
-
-    /* Also checks d is valid */
-    MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &Q, &prv->d, &prv->grp.G, NULL, NULL ) );
-
-    if( mbedtls_mpi_cmp_mpi( &Q.X, &prv->Q.X ) ||
-        mbedtls_mpi_cmp_mpi( &Q.Y, &prv->Q.Y ) ||
-        mbedtls_mpi_cmp_mpi( &Q.Z, &prv->Q.Z ) )
-    {
-        ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
-        goto cleanup;
-    }
-
-cleanup:
-    mbedtls_ecp_point_free( &Q );
-    mbedtls_ecp_group_free( &grp );
-
-    return( ret );
-}
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/* Adjust the exponent to be a valid private point for the specified curve.
- * This is sometimes necessary because we use a single set of exponents
- * for all curves but the validity of values depends on the curve. */
-static int self_test_adjust_exponent( const mbedtls_ecp_group *grp,
-                                      mbedtls_mpi *m )
-{
-    int ret = 0;
-    switch( grp->id )
-    {
-        /* If Curve25519 is available, then that's what we use for the
-         * Montgomery test, so we don't need the adjustment code. */
-#if ! defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
-#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
-        case MBEDTLS_ECP_DP_CURVE448:
-            /* Move highest bit from 254 to N-1. Setting bit N-1 is
-             * necessary to enforce the highest-bit-set constraint. */
-            MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( m, 254, 0 ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( m, grp->nbits, 1 ) );
-            /* Copy second-highest bit from 253 to N-2. This is not
-             * necessary but improves the test variety a bit. */
-            MBEDTLS_MPI_CHK(
-                mbedtls_mpi_set_bit( m, grp->nbits - 1,
-                                     mbedtls_mpi_get_bit( m, 253 ) ) );
-            break;
-#endif
-#endif /* ! defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) */
-        default:
-            /* Non-Montgomery curves and Curve25519 need no adjustment. */
-            (void) grp;
-            (void) m;
-            goto cleanup;
-    }
-cleanup:
-    return( ret );
-}
-
-/* Calculate R = m.P for each m in exponents. Check that the number of
- * basic operations doesn't depend on the value of m. */
-static int self_test_point( int verbose,
-                            mbedtls_ecp_group *grp,
-                            mbedtls_ecp_point *R,
-                            mbedtls_mpi *m,
-                            const mbedtls_ecp_point *P,
-                            const char *const *exponents,
-                            size_t n_exponents )
-{
-    int ret = 0;
-    size_t i = 0;
-    unsigned long add_c_prev, dbl_c_prev, mul_c_prev;
-    add_count = 0;
-    dbl_count = 0;
-    mul_count = 0;
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( m, 16, exponents[0] ) );
-    MBEDTLS_MPI_CHK( self_test_adjust_exponent( grp, m ) );
-    MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) );
-
-    for( i = 1; i < n_exponents; i++ )
-    {
-        add_c_prev = add_count;
-        dbl_c_prev = dbl_count;
-        mul_c_prev = mul_count;
-        add_count = 0;
-        dbl_count = 0;
-        mul_count = 0;
-
-        MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( m, 16, exponents[i] ) );
-        MBEDTLS_MPI_CHK( self_test_adjust_exponent( grp, m ) );
-        MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) );
-
-        if( add_count != add_c_prev ||
-            dbl_count != dbl_c_prev ||
-            mul_count != mul_c_prev )
-        {
-            ret = 1;
-            break;
-        }
-    }
-
-cleanup:
-    if( verbose != 0 )
-    {
-        if( ret != 0 )
-            mbedtls_printf( "failed (%u)\n", (unsigned int) i );
-        else
-            mbedtls_printf( "passed\n" );
-    }
-    return( ret );
-}
-
-/*
- * Checkup routine
- */
-int mbedtls_ecp_self_test( int verbose )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ecp_group grp;
-    mbedtls_ecp_point R, P;
-    mbedtls_mpi m;
-
-#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
-    /* Exponents especially adapted for secp192k1, which has the lowest
-     * order n of all supported curves (secp192r1 is in a slightly larger
-     * field but the order of its base point is slightly smaller). */
-    const char *sw_exponents[] =
-    {
-        "000000000000000000000000000000000000000000000001", /* one */
-        "FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8C", /* n - 1 */
-        "5EA6F389A38B8BC81E767753B15AA5569E1782E30ABE7D25", /* random */
-        "400000000000000000000000000000000000000000000000", /* one and zeros */
-        "7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", /* all ones */
-        "555555555555555555555555555555555555555555555555", /* 101010... */
-    };
-#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
-#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
-    const char *m_exponents[] =
-    {
-        /* Valid private values for Curve25519. In a build with Curve448
-         * but not Curve25519, they will be adjusted in
-         * self_test_adjust_exponent(). */
-        "4000000000000000000000000000000000000000000000000000000000000000",
-        "5C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C30",
-        "5715ECCE24583F7A7023C24164390586842E816D7280A49EF6DF4EAE6B280BF8",
-        "41A2B017516F6D254E1F002BCCBADD54BE30F8CEC737A0E912B4963B6BA74460",
-        "5555555555555555555555555555555555555555555555555555555555555550",
-        "7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF8",
-    };
-#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
-
-    mbedtls_ecp_group_init( &grp );
-    mbedtls_ecp_point_init( &R );
-    mbedtls_ecp_point_init( &P );
-    mbedtls_mpi_init( &m );
-
-#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
-    /* Use secp192r1 if available, or any available curve */
-#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
-    MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, MBEDTLS_ECP_DP_SECP192R1 ) );
-#else
-    MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, mbedtls_ecp_curve_list()->grp_id ) );
-#endif
-
-    if( verbose != 0 )
-        mbedtls_printf( "  ECP SW test #1 (constant op_count, base point G): " );
-    /* Do a dummy multiplication first to trigger precomputation */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &m, 2 ) );
-    MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &P, &m, &grp.G, NULL, NULL ) );
-    ret = self_test_point( verbose,
-                           &grp, &R, &m, &grp.G,
-                           sw_exponents,
-                           sizeof( sw_exponents ) / sizeof( sw_exponents[0] ));
-    if( ret != 0 )
-        goto cleanup;
-
-    if( verbose != 0 )
-        mbedtls_printf( "  ECP SW test #2 (constant op_count, other point): " );
-    /* We computed P = 2G last time, use it */
-    ret = self_test_point( verbose,
-                           &grp, &R, &m, &P,
-                           sw_exponents,
-                           sizeof( sw_exponents ) / sizeof( sw_exponents[0] ));
-    if( ret != 0 )
-        goto cleanup;
-
-    mbedtls_ecp_group_free( &grp );
-    mbedtls_ecp_point_free( &R );
-#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
-
-#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
-    if( verbose != 0 )
-        mbedtls_printf( "  ECP Montgomery test (constant op_count): " );
-#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
-    MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, MBEDTLS_ECP_DP_CURVE25519 ) );
-#elif defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
-    MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, MBEDTLS_ECP_DP_CURVE448 ) );
-#else
-#error "MBEDTLS_ECP_MONTGOMERY_ENABLED is defined, but no curve is supported for self-test"
-#endif
-    ret = self_test_point( verbose,
-                           &grp, &R, &m, &grp.G,
-                           m_exponents,
-                           sizeof( m_exponents ) / sizeof( m_exponents[0] ));
-    if( ret != 0 )
-        goto cleanup;
-#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
-
-cleanup:
-
-    if( ret < 0 && verbose != 0 )
-        mbedtls_printf( "Unexpected error, return code = %08X\n", (unsigned int) ret );
-
-    mbedtls_ecp_group_free( &grp );
-    mbedtls_ecp_point_free( &R );
-    mbedtls_ecp_point_free( &P );
-    mbedtls_mpi_free( &m );
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* !MBEDTLS_ECP_ALT */
-
-#endif /* MBEDTLS_ECP_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/ecp_curves.c b/3rdparty/mbedtls-2.25.0/library/ecp_curves.c
deleted file mode 100644
index 839fb5e..0000000
--- a/3rdparty/mbedtls-2.25.0/library/ecp_curves.c
+++ /dev/null
@@ -1,1484 +0,0 @@
-/*
- *  Elliptic curves over GF(p): curve-specific data and functions
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_ECP_C)
-
-#include "mbedtls/ecp.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if !defined(MBEDTLS_ECP_ALT)
-
-/* Parameter validation macros based on platform_util.h */
-#define ECP_VALIDATE_RET( cond )    \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA )
-#define ECP_VALIDATE( cond )        \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
-    !defined(inline) && !defined(__cplusplus)
-#define inline __inline
-#endif
-
-/*
- * Conversion macros for embedded constants:
- * build lists of mbedtls_mpi_uint's from lists of unsigned char's grouped by 8, 4 or 2
- */
-#if defined(MBEDTLS_HAVE_INT32)
-
-#define BYTES_TO_T_UINT_4( a, b, c, d )                       \
-    ( (mbedtls_mpi_uint) (a) <<  0 ) |                        \
-    ( (mbedtls_mpi_uint) (b) <<  8 ) |                        \
-    ( (mbedtls_mpi_uint) (c) << 16 ) |                        \
-    ( (mbedtls_mpi_uint) (d) << 24 )
-
-#define BYTES_TO_T_UINT_2( a, b )                   \
-    BYTES_TO_T_UINT_4( a, b, 0, 0 )
-
-#define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \
-    BYTES_TO_T_UINT_4( a, b, c, d ),                \
-    BYTES_TO_T_UINT_4( e, f, g, h )
-
-#else /* 64-bits */
-
-#define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \
-    ( (mbedtls_mpi_uint) (a) <<  0 ) |                        \
-    ( (mbedtls_mpi_uint) (b) <<  8 ) |                        \
-    ( (mbedtls_mpi_uint) (c) << 16 ) |                        \
-    ( (mbedtls_mpi_uint) (d) << 24 ) |                        \
-    ( (mbedtls_mpi_uint) (e) << 32 ) |                        \
-    ( (mbedtls_mpi_uint) (f) << 40 ) |                        \
-    ( (mbedtls_mpi_uint) (g) << 48 ) |                        \
-    ( (mbedtls_mpi_uint) (h) << 56 )
-
-#define BYTES_TO_T_UINT_4( a, b, c, d )             \
-    BYTES_TO_T_UINT_8( a, b, c, d, 0, 0, 0, 0 )
-
-#define BYTES_TO_T_UINT_2( a, b )                   \
-    BYTES_TO_T_UINT_8( a, b, 0, 0, 0, 0, 0, 0 )
-
-#endif /* bits in mbedtls_mpi_uint */
-
-/*
- * Note: the constants are in little-endian order
- * to be directly usable in MPIs
- */
-
-/*
- * Domain parameters for secp192r1
- */
-#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
-static const mbedtls_mpi_uint secp192r1_p[] = {
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-};
-static const mbedtls_mpi_uint secp192r1_b[] = {
-    BYTES_TO_T_UINT_8( 0xB1, 0xB9, 0x46, 0xC1, 0xEC, 0xDE, 0xB8, 0xFE ),
-    BYTES_TO_T_UINT_8( 0x49, 0x30, 0x24, 0x72, 0xAB, 0xE9, 0xA7, 0x0F ),
-    BYTES_TO_T_UINT_8( 0xE7, 0x80, 0x9C, 0xE5, 0x19, 0x05, 0x21, 0x64 ),
-};
-static const mbedtls_mpi_uint secp192r1_gx[] = {
-    BYTES_TO_T_UINT_8( 0x12, 0x10, 0xFF, 0x82, 0xFD, 0x0A, 0xFF, 0xF4 ),
-    BYTES_TO_T_UINT_8( 0x00, 0x88, 0xA1, 0x43, 0xEB, 0x20, 0xBF, 0x7C ),
-    BYTES_TO_T_UINT_8( 0xF6, 0x90, 0x30, 0xB0, 0x0E, 0xA8, 0x8D, 0x18 ),
-};
-static const mbedtls_mpi_uint secp192r1_gy[] = {
-    BYTES_TO_T_UINT_8( 0x11, 0x48, 0x79, 0x1E, 0xA1, 0x77, 0xF9, 0x73 ),
-    BYTES_TO_T_UINT_8( 0xD5, 0xCD, 0x24, 0x6B, 0xED, 0x11, 0x10, 0x63 ),
-    BYTES_TO_T_UINT_8( 0x78, 0xDA, 0xC8, 0xFF, 0x95, 0x2B, 0x19, 0x07 ),
-};
-static const mbedtls_mpi_uint secp192r1_n[] = {
-    BYTES_TO_T_UINT_8( 0x31, 0x28, 0xD2, 0xB4, 0xB1, 0xC9, 0x6B, 0x14 ),
-    BYTES_TO_T_UINT_8( 0x36, 0xF8, 0xDE, 0x99, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-};
-#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
-
-/*
- * Domain parameters for secp224r1
- */
-#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
-static const mbedtls_mpi_uint secp224r1_p[] = {
-    BYTES_TO_T_UINT_8( 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ),
-    BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ),
-};
-static const mbedtls_mpi_uint secp224r1_b[] = {
-    BYTES_TO_T_UINT_8( 0xB4, 0xFF, 0x55, 0x23, 0x43, 0x39, 0x0B, 0x27 ),
-    BYTES_TO_T_UINT_8( 0xBA, 0xD8, 0xBF, 0xD7, 0xB7, 0xB0, 0x44, 0x50 ),
-    BYTES_TO_T_UINT_8( 0x56, 0x32, 0x41, 0xF5, 0xAB, 0xB3, 0x04, 0x0C ),
-    BYTES_TO_T_UINT_4( 0x85, 0x0A, 0x05, 0xB4 ),
-};
-static const mbedtls_mpi_uint secp224r1_gx[] = {
-    BYTES_TO_T_UINT_8( 0x21, 0x1D, 0x5C, 0x11, 0xD6, 0x80, 0x32, 0x34 ),
-    BYTES_TO_T_UINT_8( 0x22, 0x11, 0xC2, 0x56, 0xD3, 0xC1, 0x03, 0x4A ),
-    BYTES_TO_T_UINT_8( 0xB9, 0x90, 0x13, 0x32, 0x7F, 0xBF, 0xB4, 0x6B ),
-    BYTES_TO_T_UINT_4( 0xBD, 0x0C, 0x0E, 0xB7 ),
-};
-static const mbedtls_mpi_uint secp224r1_gy[] = {
-    BYTES_TO_T_UINT_8( 0x34, 0x7E, 0x00, 0x85, 0x99, 0x81, 0xD5, 0x44 ),
-    BYTES_TO_T_UINT_8( 0x64, 0x47, 0x07, 0x5A, 0xA0, 0x75, 0x43, 0xCD ),
-    BYTES_TO_T_UINT_8( 0xE6, 0xDF, 0x22, 0x4C, 0xFB, 0x23, 0xF7, 0xB5 ),
-    BYTES_TO_T_UINT_4( 0x88, 0x63, 0x37, 0xBD ),
-};
-static const mbedtls_mpi_uint secp224r1_n[] = {
-    BYTES_TO_T_UINT_8( 0x3D, 0x2A, 0x5C, 0x5C, 0x45, 0x29, 0xDD, 0x13 ),
-    BYTES_TO_T_UINT_8( 0x3E, 0xF0, 0xB8, 0xE0, 0xA2, 0x16, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_4( 0xFF, 0xFF, 0xFF, 0xFF ),
-};
-#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
-
-/*
- * Domain parameters for secp256r1
- */
-#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
-static const mbedtls_mpi_uint secp256r1_p[] = {
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ),
-    BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ),
-    BYTES_TO_T_UINT_8( 0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ),
-};
-static const mbedtls_mpi_uint secp256r1_b[] = {
-    BYTES_TO_T_UINT_8( 0x4B, 0x60, 0xD2, 0x27, 0x3E, 0x3C, 0xCE, 0x3B ),
-    BYTES_TO_T_UINT_8( 0xF6, 0xB0, 0x53, 0xCC, 0xB0, 0x06, 0x1D, 0x65 ),
-    BYTES_TO_T_UINT_8( 0xBC, 0x86, 0x98, 0x76, 0x55, 0xBD, 0xEB, 0xB3 ),
-    BYTES_TO_T_UINT_8( 0xE7, 0x93, 0x3A, 0xAA, 0xD8, 0x35, 0xC6, 0x5A ),
-};
-static const mbedtls_mpi_uint secp256r1_gx[] = {
-    BYTES_TO_T_UINT_8( 0x96, 0xC2, 0x98, 0xD8, 0x45, 0x39, 0xA1, 0xF4 ),
-    BYTES_TO_T_UINT_8( 0xA0, 0x33, 0xEB, 0x2D, 0x81, 0x7D, 0x03, 0x77 ),
-    BYTES_TO_T_UINT_8( 0xF2, 0x40, 0xA4, 0x63, 0xE5, 0xE6, 0xBC, 0xF8 ),
-    BYTES_TO_T_UINT_8( 0x47, 0x42, 0x2C, 0xE1, 0xF2, 0xD1, 0x17, 0x6B ),
-};
-static const mbedtls_mpi_uint secp256r1_gy[] = {
-    BYTES_TO_T_UINT_8( 0xF5, 0x51, 0xBF, 0x37, 0x68, 0x40, 0xB6, 0xCB ),
-    BYTES_TO_T_UINT_8( 0xCE, 0x5E, 0x31, 0x6B, 0x57, 0x33, 0xCE, 0x2B ),
-    BYTES_TO_T_UINT_8( 0x16, 0x9E, 0x0F, 0x7C, 0x4A, 0xEB, 0xE7, 0x8E ),
-    BYTES_TO_T_UINT_8( 0x9B, 0x7F, 0x1A, 0xFE, 0xE2, 0x42, 0xE3, 0x4F ),
-};
-static const mbedtls_mpi_uint secp256r1_n[] = {
-    BYTES_TO_T_UINT_8( 0x51, 0x25, 0x63, 0xFC, 0xC2, 0xCA, 0xB9, 0xF3 ),
-    BYTES_TO_T_UINT_8( 0x84, 0x9E, 0x17, 0xA7, 0xAD, 0xFA, 0xE6, 0xBC ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ),
-};
-#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
-
-/*
- * Domain parameters for secp384r1
- */
-#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
-static const mbedtls_mpi_uint secp384r1_p[] = {
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ),
-    BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-};
-static const mbedtls_mpi_uint secp384r1_b[] = {
-    BYTES_TO_T_UINT_8( 0xEF, 0x2A, 0xEC, 0xD3, 0xED, 0xC8, 0x85, 0x2A ),
-    BYTES_TO_T_UINT_8( 0x9D, 0xD1, 0x2E, 0x8A, 0x8D, 0x39, 0x56, 0xC6 ),
-    BYTES_TO_T_UINT_8( 0x5A, 0x87, 0x13, 0x50, 0x8F, 0x08, 0x14, 0x03 ),
-    BYTES_TO_T_UINT_8( 0x12, 0x41, 0x81, 0xFE, 0x6E, 0x9C, 0x1D, 0x18 ),
-    BYTES_TO_T_UINT_8( 0x19, 0x2D, 0xF8, 0xE3, 0x6B, 0x05, 0x8E, 0x98 ),
-    BYTES_TO_T_UINT_8( 0xE4, 0xE7, 0x3E, 0xE2, 0xA7, 0x2F, 0x31, 0xB3 ),
-};
-static const mbedtls_mpi_uint secp384r1_gx[] = {
-    BYTES_TO_T_UINT_8( 0xB7, 0x0A, 0x76, 0x72, 0x38, 0x5E, 0x54, 0x3A ),
-    BYTES_TO_T_UINT_8( 0x6C, 0x29, 0x55, 0xBF, 0x5D, 0xF2, 0x02, 0x55 ),
-    BYTES_TO_T_UINT_8( 0x38, 0x2A, 0x54, 0x82, 0xE0, 0x41, 0xF7, 0x59 ),
-    BYTES_TO_T_UINT_8( 0x98, 0x9B, 0xA7, 0x8B, 0x62, 0x3B, 0x1D, 0x6E ),
-    BYTES_TO_T_UINT_8( 0x74, 0xAD, 0x20, 0xF3, 0x1E, 0xC7, 0xB1, 0x8E ),
-    BYTES_TO_T_UINT_8( 0x37, 0x05, 0x8B, 0xBE, 0x22, 0xCA, 0x87, 0xAA ),
-};
-static const mbedtls_mpi_uint secp384r1_gy[] = {
-    BYTES_TO_T_UINT_8( 0x5F, 0x0E, 0xEA, 0x90, 0x7C, 0x1D, 0x43, 0x7A ),
-    BYTES_TO_T_UINT_8( 0x9D, 0x81, 0x7E, 0x1D, 0xCE, 0xB1, 0x60, 0x0A ),
-    BYTES_TO_T_UINT_8( 0xC0, 0xB8, 0xF0, 0xB5, 0x13, 0x31, 0xDA, 0xE9 ),
-    BYTES_TO_T_UINT_8( 0x7C, 0x14, 0x9A, 0x28, 0xBD, 0x1D, 0xF4, 0xF8 ),
-    BYTES_TO_T_UINT_8( 0x29, 0xDC, 0x92, 0x92, 0xBF, 0x98, 0x9E, 0x5D ),
-    BYTES_TO_T_UINT_8( 0x6F, 0x2C, 0x26, 0x96, 0x4A, 0xDE, 0x17, 0x36 ),
-};
-static const mbedtls_mpi_uint secp384r1_n[] = {
-    BYTES_TO_T_UINT_8( 0x73, 0x29, 0xC5, 0xCC, 0x6A, 0x19, 0xEC, 0xEC ),
-    BYTES_TO_T_UINT_8( 0x7A, 0xA7, 0xB0, 0x48, 0xB2, 0x0D, 0x1A, 0x58 ),
-    BYTES_TO_T_UINT_8( 0xDF, 0x2D, 0x37, 0xF4, 0x81, 0x4D, 0x63, 0xC7 ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-};
-#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
-
-/*
- * Domain parameters for secp521r1
- */
-#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
-static const mbedtls_mpi_uint secp521r1_p[] = {
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_2( 0xFF, 0x01 ),
-};
-static const mbedtls_mpi_uint secp521r1_b[] = {
-    BYTES_TO_T_UINT_8( 0x00, 0x3F, 0x50, 0x6B, 0xD4, 0x1F, 0x45, 0xEF ),
-    BYTES_TO_T_UINT_8( 0xF1, 0x34, 0x2C, 0x3D, 0x88, 0xDF, 0x73, 0x35 ),
-    BYTES_TO_T_UINT_8( 0x07, 0xBF, 0xB1, 0x3B, 0xBD, 0xC0, 0x52, 0x16 ),
-    BYTES_TO_T_UINT_8( 0x7B, 0x93, 0x7E, 0xEC, 0x51, 0x39, 0x19, 0x56 ),
-    BYTES_TO_T_UINT_8( 0xE1, 0x09, 0xF1, 0x8E, 0x91, 0x89, 0xB4, 0xB8 ),
-    BYTES_TO_T_UINT_8( 0xF3, 0x15, 0xB3, 0x99, 0x5B, 0x72, 0xDA, 0xA2 ),
-    BYTES_TO_T_UINT_8( 0xEE, 0x40, 0x85, 0xB6, 0xA0, 0x21, 0x9A, 0x92 ),
-    BYTES_TO_T_UINT_8( 0x1F, 0x9A, 0x1C, 0x8E, 0x61, 0xB9, 0x3E, 0x95 ),
-    BYTES_TO_T_UINT_2( 0x51, 0x00 ),
-};
-static const mbedtls_mpi_uint secp521r1_gx[] = {
-    BYTES_TO_T_UINT_8( 0x66, 0xBD, 0xE5, 0xC2, 0x31, 0x7E, 0x7E, 0xF9 ),
-    BYTES_TO_T_UINT_8( 0x9B, 0x42, 0x6A, 0x85, 0xC1, 0xB3, 0x48, 0x33 ),
-    BYTES_TO_T_UINT_8( 0xDE, 0xA8, 0xFF, 0xA2, 0x27, 0xC1, 0x1D, 0xFE ),
-    BYTES_TO_T_UINT_8( 0x28, 0x59, 0xE7, 0xEF, 0x77, 0x5E, 0x4B, 0xA1 ),
-    BYTES_TO_T_UINT_8( 0xBA, 0x3D, 0x4D, 0x6B, 0x60, 0xAF, 0x28, 0xF8 ),
-    BYTES_TO_T_UINT_8( 0x21, 0xB5, 0x3F, 0x05, 0x39, 0x81, 0x64, 0x9C ),
-    BYTES_TO_T_UINT_8( 0x42, 0xB4, 0x95, 0x23, 0x66, 0xCB, 0x3E, 0x9E ),
-    BYTES_TO_T_UINT_8( 0xCD, 0xE9, 0x04, 0x04, 0xB7, 0x06, 0x8E, 0x85 ),
-    BYTES_TO_T_UINT_2( 0xC6, 0x00 ),
-};
-static const mbedtls_mpi_uint secp521r1_gy[] = {
-    BYTES_TO_T_UINT_8( 0x50, 0x66, 0xD1, 0x9F, 0x76, 0x94, 0xBE, 0x88 ),
-    BYTES_TO_T_UINT_8( 0x40, 0xC2, 0x72, 0xA2, 0x86, 0x70, 0x3C, 0x35 ),
-    BYTES_TO_T_UINT_8( 0x61, 0x07, 0xAD, 0x3F, 0x01, 0xB9, 0x50, 0xC5 ),
-    BYTES_TO_T_UINT_8( 0x40, 0x26, 0xF4, 0x5E, 0x99, 0x72, 0xEE, 0x97 ),
-    BYTES_TO_T_UINT_8( 0x2C, 0x66, 0x3E, 0x27, 0x17, 0xBD, 0xAF, 0x17 ),
-    BYTES_TO_T_UINT_8( 0x68, 0x44, 0x9B, 0x57, 0x49, 0x44, 0xF5, 0x98 ),
-    BYTES_TO_T_UINT_8( 0xD9, 0x1B, 0x7D, 0x2C, 0xB4, 0x5F, 0x8A, 0x5C ),
-    BYTES_TO_T_UINT_8( 0x04, 0xC0, 0x3B, 0x9A, 0x78, 0x6A, 0x29, 0x39 ),
-    BYTES_TO_T_UINT_2( 0x18, 0x01 ),
-};
-static const mbedtls_mpi_uint secp521r1_n[] = {
-    BYTES_TO_T_UINT_8( 0x09, 0x64, 0x38, 0x91, 0x1E, 0xB7, 0x6F, 0xBB ),
-    BYTES_TO_T_UINT_8( 0xAE, 0x47, 0x9C, 0x89, 0xB8, 0xC9, 0xB5, 0x3B ),
-    BYTES_TO_T_UINT_8( 0xD0, 0xA5, 0x09, 0xF7, 0x48, 0x01, 0xCC, 0x7F ),
-    BYTES_TO_T_UINT_8( 0x6B, 0x96, 0x2F, 0xBF, 0x83, 0x87, 0x86, 0x51 ),
-    BYTES_TO_T_UINT_8( 0xFA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_2( 0xFF, 0x01 ),
-};
-#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
-static const mbedtls_mpi_uint secp192k1_p[] = {
-    BYTES_TO_T_UINT_8( 0x37, 0xEE, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-};
-static const mbedtls_mpi_uint secp192k1_a[] = {
-    BYTES_TO_T_UINT_2( 0x00, 0x00 ),
-};
-static const mbedtls_mpi_uint secp192k1_b[] = {
-    BYTES_TO_T_UINT_2( 0x03, 0x00 ),
-};
-static const mbedtls_mpi_uint secp192k1_gx[] = {
-    BYTES_TO_T_UINT_8( 0x7D, 0x6C, 0xE0, 0xEA, 0xB1, 0xD1, 0xA5, 0x1D ),
-    BYTES_TO_T_UINT_8( 0x34, 0xF4, 0xB7, 0x80, 0x02, 0x7D, 0xB0, 0x26 ),
-    BYTES_TO_T_UINT_8( 0xAE, 0xE9, 0x57, 0xC0, 0x0E, 0xF1, 0x4F, 0xDB ),
-};
-static const mbedtls_mpi_uint secp192k1_gy[] = {
-    BYTES_TO_T_UINT_8( 0x9D, 0x2F, 0x5E, 0xD9, 0x88, 0xAA, 0x82, 0x40 ),
-    BYTES_TO_T_UINT_8( 0x34, 0x86, 0xBE, 0x15, 0xD0, 0x63, 0x41, 0x84 ),
-    BYTES_TO_T_UINT_8( 0xA7, 0x28, 0x56, 0x9C, 0x6D, 0x2F, 0x2F, 0x9B ),
-};
-static const mbedtls_mpi_uint secp192k1_n[] = {
-    BYTES_TO_T_UINT_8( 0x8D, 0xFD, 0xDE, 0x74, 0x6A, 0x46, 0x69, 0x0F ),
-    BYTES_TO_T_UINT_8( 0x17, 0xFC, 0xF2, 0x26, 0xFE, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-};
-#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
-static const mbedtls_mpi_uint secp224k1_p[] = {
-    BYTES_TO_T_UINT_8( 0x6D, 0xE5, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_4( 0xFF, 0xFF, 0xFF, 0xFF ),
-};
-static const mbedtls_mpi_uint secp224k1_a[] = {
-    BYTES_TO_T_UINT_2( 0x00, 0x00 ),
-};
-static const mbedtls_mpi_uint secp224k1_b[] = {
-    BYTES_TO_T_UINT_2( 0x05, 0x00 ),
-};
-static const mbedtls_mpi_uint secp224k1_gx[] = {
-    BYTES_TO_T_UINT_8( 0x5C, 0xA4, 0xB7, 0xB6, 0x0E, 0x65, 0x7E, 0x0F ),
-    BYTES_TO_T_UINT_8( 0xA9, 0x75, 0x70, 0xE4, 0xE9, 0x67, 0xA4, 0x69 ),
-    BYTES_TO_T_UINT_8( 0xA1, 0x28, 0xFC, 0x30, 0xDF, 0x99, 0xF0, 0x4D ),
-    BYTES_TO_T_UINT_4( 0x33, 0x5B, 0x45, 0xA1 ),
-};
-static const mbedtls_mpi_uint secp224k1_gy[] = {
-    BYTES_TO_T_UINT_8( 0xA5, 0x61, 0x6D, 0x55, 0xDB, 0x4B, 0xCA, 0xE2 ),
-    BYTES_TO_T_UINT_8( 0x59, 0xBD, 0xB0, 0xC0, 0xF7, 0x19, 0xE3, 0xF7 ),
-    BYTES_TO_T_UINT_8( 0xD6, 0xFB, 0xCA, 0x82, 0x42, 0x34, 0xBA, 0x7F ),
-    BYTES_TO_T_UINT_4( 0xED, 0x9F, 0x08, 0x7E ),
-};
-static const mbedtls_mpi_uint secp224k1_n[] = {
-    BYTES_TO_T_UINT_8( 0xF7, 0xB1, 0x9F, 0x76, 0x71, 0xA9, 0xF0, 0xCA ),
-    BYTES_TO_T_UINT_8( 0x84, 0x61, 0xEC, 0xD2, 0xE8, 0xDC, 0x01, 0x00 ),
-    BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ),
-    BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ),
-};
-#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
-static const mbedtls_mpi_uint secp256k1_p[] = {
-    BYTES_TO_T_UINT_8( 0x2F, 0xFC, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-};
-static const mbedtls_mpi_uint secp256k1_a[] = {
-    BYTES_TO_T_UINT_2( 0x00, 0x00 ),
-};
-static const mbedtls_mpi_uint secp256k1_b[] = {
-    BYTES_TO_T_UINT_2( 0x07, 0x00 ),
-};
-static const mbedtls_mpi_uint secp256k1_gx[] = {
-    BYTES_TO_T_UINT_8( 0x98, 0x17, 0xF8, 0x16, 0x5B, 0x81, 0xF2, 0x59 ),
-    BYTES_TO_T_UINT_8( 0xD9, 0x28, 0xCE, 0x2D, 0xDB, 0xFC, 0x9B, 0x02 ),
-    BYTES_TO_T_UINT_8( 0x07, 0x0B, 0x87, 0xCE, 0x95, 0x62, 0xA0, 0x55 ),
-    BYTES_TO_T_UINT_8( 0xAC, 0xBB, 0xDC, 0xF9, 0x7E, 0x66, 0xBE, 0x79 ),
-};
-static const mbedtls_mpi_uint secp256k1_gy[] = {
-    BYTES_TO_T_UINT_8( 0xB8, 0xD4, 0x10, 0xFB, 0x8F, 0xD0, 0x47, 0x9C ),
-    BYTES_TO_T_UINT_8( 0x19, 0x54, 0x85, 0xA6, 0x48, 0xB4, 0x17, 0xFD ),
-    BYTES_TO_T_UINT_8( 0xA8, 0x08, 0x11, 0x0E, 0xFC, 0xFB, 0xA4, 0x5D ),
-    BYTES_TO_T_UINT_8( 0x65, 0xC4, 0xA3, 0x26, 0x77, 0xDA, 0x3A, 0x48 ),
-};
-static const mbedtls_mpi_uint secp256k1_n[] = {
-    BYTES_TO_T_UINT_8( 0x41, 0x41, 0x36, 0xD0, 0x8C, 0x5E, 0xD2, 0xBF ),
-    BYTES_TO_T_UINT_8( 0x3B, 0xA0, 0x48, 0xAF, 0xE6, 0xDC, 0xAE, 0xBA ),
-    BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
-};
-#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
-
-/*
- * Domain parameters for brainpoolP256r1 (RFC 5639 3.4)
- */
-#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
-static const mbedtls_mpi_uint brainpoolP256r1_p[] = {
-    BYTES_TO_T_UINT_8( 0x77, 0x53, 0x6E, 0x1F, 0x1D, 0x48, 0x13, 0x20 ),
-    BYTES_TO_T_UINT_8( 0x28, 0x20, 0x26, 0xD5, 0x23, 0xF6, 0x3B, 0x6E ),
-    BYTES_TO_T_UINT_8( 0x72, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E ),
-    BYTES_TO_T_UINT_8( 0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9 ),
-};
-static const mbedtls_mpi_uint brainpoolP256r1_a[] = {
-    BYTES_TO_T_UINT_8( 0xD9, 0xB5, 0x30, 0xF3, 0x44, 0x4B, 0x4A, 0xE9 ),
-    BYTES_TO_T_UINT_8( 0x6C, 0x5C, 0xDC, 0x26, 0xC1, 0x55, 0x80, 0xFB ),
-    BYTES_TO_T_UINT_8( 0xE7, 0xFF, 0x7A, 0x41, 0x30, 0x75, 0xF6, 0xEE ),
-    BYTES_TO_T_UINT_8( 0x57, 0x30, 0x2C, 0xFC, 0x75, 0x09, 0x5A, 0x7D ),
-};
-static const mbedtls_mpi_uint brainpoolP256r1_b[] = {
-    BYTES_TO_T_UINT_8( 0xB6, 0x07, 0x8C, 0xFF, 0x18, 0xDC, 0xCC, 0x6B ),
-    BYTES_TO_T_UINT_8( 0xCE, 0xE1, 0xF7, 0x5C, 0x29, 0x16, 0x84, 0x95 ),
-    BYTES_TO_T_UINT_8( 0xBF, 0x7C, 0xD7, 0xBB, 0xD9, 0xB5, 0x30, 0xF3 ),
-    BYTES_TO_T_UINT_8( 0x44, 0x4B, 0x4A, 0xE9, 0x6C, 0x5C, 0xDC, 0x26 ),
-};
-static const mbedtls_mpi_uint brainpoolP256r1_gx[] = {
-    BYTES_TO_T_UINT_8( 0x62, 0x32, 0xCE, 0x9A, 0xBD, 0x53, 0x44, 0x3A ),
-    BYTES_TO_T_UINT_8( 0xC2, 0x23, 0xBD, 0xE3, 0xE1, 0x27, 0xDE, 0xB9 ),
-    BYTES_TO_T_UINT_8( 0xAF, 0xB7, 0x81, 0xFC, 0x2F, 0x48, 0x4B, 0x2C ),
-    BYTES_TO_T_UINT_8( 0xCB, 0x57, 0x7E, 0xCB, 0xB9, 0xAE, 0xD2, 0x8B ),
-};
-static const mbedtls_mpi_uint brainpoolP256r1_gy[] = {
-    BYTES_TO_T_UINT_8( 0x97, 0x69, 0x04, 0x2F, 0xC7, 0x54, 0x1D, 0x5C ),
-    BYTES_TO_T_UINT_8( 0x54, 0x8E, 0xED, 0x2D, 0x13, 0x45, 0x77, 0xC2 ),
-    BYTES_TO_T_UINT_8( 0xC9, 0x1D, 0x61, 0x14, 0x1A, 0x46, 0xF8, 0x97 ),
-    BYTES_TO_T_UINT_8( 0xFD, 0xC4, 0xDA, 0xC3, 0x35, 0xF8, 0x7E, 0x54 ),
-};
-static const mbedtls_mpi_uint brainpoolP256r1_n[] = {
-    BYTES_TO_T_UINT_8( 0xA7, 0x56, 0x48, 0x97, 0x82, 0x0E, 0x1E, 0x90 ),
-    BYTES_TO_T_UINT_8( 0xF7, 0xA6, 0x61, 0xB5, 0xA3, 0x7A, 0x39, 0x8C ),
-    BYTES_TO_T_UINT_8( 0x71, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E ),
-    BYTES_TO_T_UINT_8( 0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9 ),
-};
-#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
-
-/*
- * Domain parameters for brainpoolP384r1 (RFC 5639 3.6)
- */
-#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
-static const mbedtls_mpi_uint brainpoolP384r1_p[] = {
-    BYTES_TO_T_UINT_8( 0x53, 0xEC, 0x07, 0x31, 0x13, 0x00, 0x47, 0x87 ),
-    BYTES_TO_T_UINT_8( 0x71, 0x1A, 0x1D, 0x90, 0x29, 0xA7, 0xD3, 0xAC ),
-    BYTES_TO_T_UINT_8( 0x23, 0x11, 0xB7, 0x7F, 0x19, 0xDA, 0xB1, 0x12 ),
-    BYTES_TO_T_UINT_8( 0xB4, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15 ),
-    BYTES_TO_T_UINT_8( 0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F ),
-    BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C ),
-};
-static const mbedtls_mpi_uint brainpoolP384r1_a[] = {
-    BYTES_TO_T_UINT_8( 0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04 ),
-    BYTES_TO_T_UINT_8( 0xEB, 0xD4, 0x3A, 0x50, 0x4A, 0x81, 0xA5, 0x8A ),
-    BYTES_TO_T_UINT_8( 0x0F, 0xF9, 0x91, 0xBA, 0xEF, 0x65, 0x91, 0x13 ),
-    BYTES_TO_T_UINT_8( 0x87, 0x27, 0xB2, 0x4F, 0x8E, 0xA2, 0xBE, 0xC2 ),
-    BYTES_TO_T_UINT_8( 0xA0, 0xAF, 0x05, 0xCE, 0x0A, 0x08, 0x72, 0x3C ),
-    BYTES_TO_T_UINT_8( 0x0C, 0x15, 0x8C, 0x3D, 0xC6, 0x82, 0xC3, 0x7B ),
-};
-static const mbedtls_mpi_uint brainpoolP384r1_b[] = {
-    BYTES_TO_T_UINT_8( 0x11, 0x4C, 0x50, 0xFA, 0x96, 0x86, 0xB7, 0x3A ),
-    BYTES_TO_T_UINT_8( 0x94, 0xC9, 0xDB, 0x95, 0x02, 0x39, 0xB4, 0x7C ),
-    BYTES_TO_T_UINT_8( 0xD5, 0x62, 0xEB, 0x3E, 0xA5, 0x0E, 0x88, 0x2E ),
-    BYTES_TO_T_UINT_8( 0xA6, 0xD2, 0xDC, 0x07, 0xE1, 0x7D, 0xB7, 0x2F ),
-    BYTES_TO_T_UINT_8( 0x7C, 0x44, 0xF0, 0x16, 0x54, 0xB5, 0x39, 0x8B ),
-    BYTES_TO_T_UINT_8( 0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04 ),
-};
-static const mbedtls_mpi_uint brainpoolP384r1_gx[] = {
-    BYTES_TO_T_UINT_8( 0x1E, 0xAF, 0xD4, 0x47, 0xE2, 0xB2, 0x87, 0xEF ),
-    BYTES_TO_T_UINT_8( 0xAA, 0x46, 0xD6, 0x36, 0x34, 0xE0, 0x26, 0xE8 ),
-    BYTES_TO_T_UINT_8( 0xE8, 0x10, 0xBD, 0x0C, 0xFE, 0xCA, 0x7F, 0xDB ),
-    BYTES_TO_T_UINT_8( 0xE3, 0x4F, 0xF1, 0x7E, 0xE7, 0xA3, 0x47, 0x88 ),
-    BYTES_TO_T_UINT_8( 0x6B, 0x3F, 0xC1, 0xB7, 0x81, 0x3A, 0xA6, 0xA2 ),
-    BYTES_TO_T_UINT_8( 0xFF, 0x45, 0xCF, 0x68, 0xF0, 0x64, 0x1C, 0x1D ),
-};
-static const mbedtls_mpi_uint brainpoolP384r1_gy[] = {
-    BYTES_TO_T_UINT_8( 0x15, 0x53, 0x3C, 0x26, 0x41, 0x03, 0x82, 0x42 ),
-    BYTES_TO_T_UINT_8( 0x11, 0x81, 0x91, 0x77, 0x21, 0x46, 0x46, 0x0E ),
-    BYTES_TO_T_UINT_8( 0x28, 0x29, 0x91, 0xF9, 0x4F, 0x05, 0x9C, 0xE1 ),
-    BYTES_TO_T_UINT_8( 0x64, 0x58, 0xEC, 0xFE, 0x29, 0x0B, 0xB7, 0x62 ),
-    BYTES_TO_T_UINT_8( 0x52, 0xD5, 0xCF, 0x95, 0x8E, 0xEB, 0xB1, 0x5C ),
-    BYTES_TO_T_UINT_8( 0xA4, 0xC2, 0xF9, 0x20, 0x75, 0x1D, 0xBE, 0x8A ),
-};
-static const mbedtls_mpi_uint brainpoolP384r1_n[] = {
-    BYTES_TO_T_UINT_8( 0x65, 0x65, 0x04, 0xE9, 0x02, 0x32, 0x88, 0x3B ),
-    BYTES_TO_T_UINT_8( 0x10, 0xC3, 0x7F, 0x6B, 0xAF, 0xB6, 0x3A, 0xCF ),
-    BYTES_TO_T_UINT_8( 0xA7, 0x25, 0x04, 0xAC, 0x6C, 0x6E, 0x16, 0x1F ),
-    BYTES_TO_T_UINT_8( 0xB3, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15 ),
-    BYTES_TO_T_UINT_8( 0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F ),
-    BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C ),
-};
-#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
-
-/*
- * Domain parameters for brainpoolP512r1 (RFC 5639 3.7)
- */
-#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
-static const mbedtls_mpi_uint brainpoolP512r1_p[] = {
-    BYTES_TO_T_UINT_8( 0xF3, 0x48, 0x3A, 0x58, 0x56, 0x60, 0xAA, 0x28 ),
-    BYTES_TO_T_UINT_8( 0x85, 0xC6, 0x82, 0x2D, 0x2F, 0xFF, 0x81, 0x28 ),
-    BYTES_TO_T_UINT_8( 0xE6, 0x80, 0xA3, 0xE6, 0x2A, 0xA1, 0xCD, 0xAE ),
-    BYTES_TO_T_UINT_8( 0x42, 0x68, 0xC6, 0x9B, 0x00, 0x9B, 0x4D, 0x7D ),
-    BYTES_TO_T_UINT_8( 0x71, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6 ),
-    BYTES_TO_T_UINT_8( 0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB ),
-    BYTES_TO_T_UINT_8( 0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F ),
-    BYTES_TO_T_UINT_8( 0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA ),
-};
-static const mbedtls_mpi_uint brainpoolP512r1_a[] = {
-    BYTES_TO_T_UINT_8( 0xCA, 0x94, 0xFC, 0x77, 0x4D, 0xAC, 0xC1, 0xE7 ),
-    BYTES_TO_T_UINT_8( 0xB9, 0xC7, 0xF2, 0x2B, 0xA7, 0x17, 0x11, 0x7F ),
-    BYTES_TO_T_UINT_8( 0xB5, 0xC8, 0x9A, 0x8B, 0xC9, 0xF1, 0x2E, 0x0A ),
-    BYTES_TO_T_UINT_8( 0xA1, 0x3A, 0x25, 0xA8, 0x5A, 0x5D, 0xED, 0x2D ),
-    BYTES_TO_T_UINT_8( 0xBC, 0x63, 0x98, 0xEA, 0xCA, 0x41, 0x34, 0xA8 ),
-    BYTES_TO_T_UINT_8( 0x10, 0x16, 0xF9, 0x3D, 0x8D, 0xDD, 0xCB, 0x94 ),
-    BYTES_TO_T_UINT_8( 0xC5, 0x4C, 0x23, 0xAC, 0x45, 0x71, 0x32, 0xE2 ),
-    BYTES_TO_T_UINT_8( 0x89, 0x3B, 0x60, 0x8B, 0x31, 0xA3, 0x30, 0x78 ),
-};
-static const mbedtls_mpi_uint brainpoolP512r1_b[] = {
-    BYTES_TO_T_UINT_8( 0x23, 0xF7, 0x16, 0x80, 0x63, 0xBD, 0x09, 0x28 ),
-    BYTES_TO_T_UINT_8( 0xDD, 0xE5, 0xBA, 0x5E, 0xB7, 0x50, 0x40, 0x98 ),
-    BYTES_TO_T_UINT_8( 0x67, 0x3E, 0x08, 0xDC, 0xCA, 0x94, 0xFC, 0x77 ),
-    BYTES_TO_T_UINT_8( 0x4D, 0xAC, 0xC1, 0xE7, 0xB9, 0xC7, 0xF2, 0x2B ),
-    BYTES_TO_T_UINT_8( 0xA7, 0x17, 0x11, 0x7F, 0xB5, 0xC8, 0x9A, 0x8B ),
-    BYTES_TO_T_UINT_8( 0xC9, 0xF1, 0x2E, 0x0A, 0xA1, 0x3A, 0x25, 0xA8 ),
-    BYTES_TO_T_UINT_8( 0x5A, 0x5D, 0xED, 0x2D, 0xBC, 0x63, 0x98, 0xEA ),
-    BYTES_TO_T_UINT_8( 0xCA, 0x41, 0x34, 0xA8, 0x10, 0x16, 0xF9, 0x3D ),
-};
-static const mbedtls_mpi_uint brainpoolP512r1_gx[] = {
-    BYTES_TO_T_UINT_8( 0x22, 0xF8, 0xB9, 0xBC, 0x09, 0x22, 0x35, 0x8B ),
-    BYTES_TO_T_UINT_8( 0x68, 0x5E, 0x6A, 0x40, 0x47, 0x50, 0x6D, 0x7C ),
-    BYTES_TO_T_UINT_8( 0x5F, 0x7D, 0xB9, 0x93, 0x7B, 0x68, 0xD1, 0x50 ),
-    BYTES_TO_T_UINT_8( 0x8D, 0xD4, 0xD0, 0xE2, 0x78, 0x1F, 0x3B, 0xFF ),
-    BYTES_TO_T_UINT_8( 0x8E, 0x09, 0xD0, 0xF4, 0xEE, 0x62, 0x3B, 0xB4 ),
-    BYTES_TO_T_UINT_8( 0xC1, 0x16, 0xD9, 0xB5, 0x70, 0x9F, 0xED, 0x85 ),
-    BYTES_TO_T_UINT_8( 0x93, 0x6A, 0x4C, 0x9C, 0x2E, 0x32, 0x21, 0x5A ),
-    BYTES_TO_T_UINT_8( 0x64, 0xD9, 0x2E, 0xD8, 0xBD, 0xE4, 0xAE, 0x81 ),
-};
-static const mbedtls_mpi_uint brainpoolP512r1_gy[] = {
-    BYTES_TO_T_UINT_8( 0x92, 0x08, 0xD8, 0x3A, 0x0F, 0x1E, 0xCD, 0x78 ),
-    BYTES_TO_T_UINT_8( 0x06, 0x54, 0xF0, 0xA8, 0x2F, 0x2B, 0xCA, 0xD1 ),
-    BYTES_TO_T_UINT_8( 0xAE, 0x63, 0x27, 0x8A, 0xD8, 0x4B, 0xCA, 0x5B ),
-    BYTES_TO_T_UINT_8( 0x5E, 0x48, 0x5F, 0x4A, 0x49, 0xDE, 0xDC, 0xB2 ),
-    BYTES_TO_T_UINT_8( 0x11, 0x81, 0x1F, 0x88, 0x5B, 0xC5, 0x00, 0xA0 ),
-    BYTES_TO_T_UINT_8( 0x1A, 0x7B, 0xA5, 0x24, 0x00, 0xF7, 0x09, 0xF2 ),
-    BYTES_TO_T_UINT_8( 0xFD, 0x22, 0x78, 0xCF, 0xA9, 0xBF, 0xEA, 0xC0 ),
-    BYTES_TO_T_UINT_8( 0xEC, 0x32, 0x63, 0x56, 0x5D, 0x38, 0xDE, 0x7D ),
-};
-static const mbedtls_mpi_uint brainpoolP512r1_n[] = {
-    BYTES_TO_T_UINT_8( 0x69, 0x00, 0xA9, 0x9C, 0x82, 0x96, 0x87, 0xB5 ),
-    BYTES_TO_T_UINT_8( 0xDD, 0xDA, 0x5D, 0x08, 0x81, 0xD3, 0xB1, 0x1D ),
-    BYTES_TO_T_UINT_8( 0x47, 0x10, 0xAC, 0x7F, 0x19, 0x61, 0x86, 0x41 ),
-    BYTES_TO_T_UINT_8( 0x19, 0x26, 0xA9, 0x4C, 0x41, 0x5C, 0x3E, 0x55 ),
-    BYTES_TO_T_UINT_8( 0x70, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6 ),
-    BYTES_TO_T_UINT_8( 0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB ),
-    BYTES_TO_T_UINT_8( 0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F ),
-    BYTES_TO_T_UINT_8( 0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA ),
-};
-#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) ||   \
-    defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) ||   \
-    defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) ||   \
-    defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) ||   \
-    defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) ||   \
-    defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)   ||   \
-    defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)   ||   \
-    defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)   ||   \
-    defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) ||   \
-    defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) ||   \
-    defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
-/* For these curves, we build the group parameters dynamically. */
-#define ECP_LOAD_GROUP
-#endif
-
-#if defined(ECP_LOAD_GROUP)
-/*
- * Create an MPI from embedded constants
- * (assumes len is an exact multiple of sizeof mbedtls_mpi_uint)
- */
-static inline void ecp_mpi_load( mbedtls_mpi *X, const mbedtls_mpi_uint *p, size_t len )
-{
-    X->s = 1;
-    X->n = len / sizeof( mbedtls_mpi_uint );
-    X->p = (mbedtls_mpi_uint *) p;
-}
-
-/*
- * Set an MPI to static value 1
- */
-static inline void ecp_mpi_set1( mbedtls_mpi *X )
-{
-    static mbedtls_mpi_uint one[] = { 1 };
-    X->s = 1;
-    X->n = 1;
-    X->p = one;
-}
-
-/*
- * Make group available from embedded constants
- */
-static int ecp_group_load( mbedtls_ecp_group *grp,
-                           const mbedtls_mpi_uint *p,  size_t plen,
-                           const mbedtls_mpi_uint *a,  size_t alen,
-                           const mbedtls_mpi_uint *b,  size_t blen,
-                           const mbedtls_mpi_uint *gx, size_t gxlen,
-                           const mbedtls_mpi_uint *gy, size_t gylen,
-                           const mbedtls_mpi_uint *n,  size_t nlen)
-{
-    ecp_mpi_load( &grp->P, p, plen );
-    if( a != NULL )
-        ecp_mpi_load( &grp->A, a, alen );
-    ecp_mpi_load( &grp->B, b, blen );
-    ecp_mpi_load( &grp->N, n, nlen );
-
-    ecp_mpi_load( &grp->G.X, gx, gxlen );
-    ecp_mpi_load( &grp->G.Y, gy, gylen );
-    ecp_mpi_set1( &grp->G.Z );
-
-    grp->pbits = mbedtls_mpi_bitlen( &grp->P );
-    grp->nbits = mbedtls_mpi_bitlen( &grp->N );
-
-    grp->h = 1;
-
-    return( 0 );
-}
-#endif /* ECP_LOAD_GROUP */
-
-#if defined(MBEDTLS_ECP_NIST_OPTIM)
-/* Forward declarations */
-#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
-static int ecp_mod_p192( mbedtls_mpi * );
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
-static int ecp_mod_p224( mbedtls_mpi * );
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
-static int ecp_mod_p256( mbedtls_mpi * );
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
-static int ecp_mod_p384( mbedtls_mpi * );
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
-static int ecp_mod_p521( mbedtls_mpi * );
-#endif
-
-#define NIST_MODP( P )      grp->modp = ecp_mod_ ## P;
-#else
-#define NIST_MODP( P )
-#endif /* MBEDTLS_ECP_NIST_OPTIM */
-
-/* Additional forward declarations */
-#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
-static int ecp_mod_p255( mbedtls_mpi * );
-#endif
-#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
-static int ecp_mod_p448( mbedtls_mpi * );
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
-static int ecp_mod_p192k1( mbedtls_mpi * );
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
-static int ecp_mod_p224k1( mbedtls_mpi * );
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
-static int ecp_mod_p256k1( mbedtls_mpi * );
-#endif
-
-#if defined(ECP_LOAD_GROUP)
-#define LOAD_GROUP_A( G )   ecp_group_load( grp,            \
-                            G ## _p,  sizeof( G ## _p  ),   \
-                            G ## _a,  sizeof( G ## _a  ),   \
-                            G ## _b,  sizeof( G ## _b  ),   \
-                            G ## _gx, sizeof( G ## _gx ),   \
-                            G ## _gy, sizeof( G ## _gy ),   \
-                            G ## _n,  sizeof( G ## _n  ) )
-
-#define LOAD_GROUP( G )     ecp_group_load( grp,            \
-                            G ## _p,  sizeof( G ## _p  ),   \
-                            NULL,     0,                    \
-                            G ## _b,  sizeof( G ## _b  ),   \
-                            G ## _gx, sizeof( G ## _gx ),   \
-                            G ## _gy, sizeof( G ## _gy ),   \
-                            G ## _n,  sizeof( G ## _n  ) )
-#endif /* ECP_LOAD_GROUP */
-
-#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
-/*
- * Specialized function for creating the Curve25519 group
- */
-static int ecp_use_curve25519( mbedtls_ecp_group *grp )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    /* Actually ( A + 2 ) / 4 */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &grp->A, 16, "01DB42" ) );
-
-    /* P = 2^255 - 19 */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->P, 1 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &grp->P, 255 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &grp->P, &grp->P, 19 ) );
-    grp->pbits = mbedtls_mpi_bitlen( &grp->P );
-
-    /* N = 2^252 + 27742317777372353535851937790883648493 */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &grp->N, 16,
-                                              "14DEF9DEA2F79CD65812631A5CF5D3ED" ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &grp->N, 252, 1 ) );
-
-    /* Y intentionally not set, since we use x/z coordinates.
-     * This is used as a marker to identify Montgomery curves! */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->G.X, 9 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->G.Z, 1 ) );
-    mbedtls_mpi_free( &grp->G.Y );
-
-    /* Actually, the required msb for private keys */
-    grp->nbits = 254;
-
-cleanup:
-    if( ret != 0 )
-        mbedtls_ecp_group_free( grp );
-
-    return( ret );
-}
-#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
-/*
- * Specialized function for creating the Curve448 group
- */
-static int ecp_use_curve448( mbedtls_ecp_group *grp )
-{
-    mbedtls_mpi Ns;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    mbedtls_mpi_init( &Ns );
-
-    /* Actually ( A + 2 ) / 4 */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &grp->A, 16, "98AA" ) );
-
-    /* P = 2^448 - 2^224 - 1 */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->P, 1 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &grp->P, 224 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &grp->P, &grp->P, 1 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &grp->P, 224 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &grp->P, &grp->P, 1 ) );
-    grp->pbits = mbedtls_mpi_bitlen( &grp->P );
-
-    /* Y intentionally not set, since we use x/z coordinates.
-     * This is used as a marker to identify Montgomery curves! */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->G.X, 5 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->G.Z, 1 ) );
-    mbedtls_mpi_free( &grp->G.Y );
-
-    /* N = 2^446 - 13818066809895115352007386748515426880336692474882178609894547503885 */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &grp->N, 446, 1 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &Ns, 16,
-                                              "8335DC163BB124B65129C96FDE933D8D723A70AADC873D6D54A7BB0D" ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &grp->N, &grp->N, &Ns ) );
-
-    /* Actually, the required msb for private keys */
-    grp->nbits = 447;
-
-cleanup:
-    mbedtls_mpi_free( &Ns );
-    if( ret != 0 )
-        mbedtls_ecp_group_free( grp );
-
-    return( ret );
-}
-#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */
-
-/*
- * Set a group using well-known domain parameters
- */
-int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id )
-{
-    ECP_VALIDATE_RET( grp != NULL );
-    mbedtls_ecp_group_free( grp );
-
-    grp->id = id;
-
-    switch( id )
-    {
-#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
-        case MBEDTLS_ECP_DP_SECP192R1:
-            NIST_MODP( p192 );
-            return( LOAD_GROUP( secp192r1 ) );
-#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
-        case MBEDTLS_ECP_DP_SECP224R1:
-            NIST_MODP( p224 );
-            return( LOAD_GROUP( secp224r1 ) );
-#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
-        case MBEDTLS_ECP_DP_SECP256R1:
-            NIST_MODP( p256 );
-            return( LOAD_GROUP( secp256r1 ) );
-#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
-        case MBEDTLS_ECP_DP_SECP384R1:
-            NIST_MODP( p384 );
-            return( LOAD_GROUP( secp384r1 ) );
-#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
-        case MBEDTLS_ECP_DP_SECP521R1:
-            NIST_MODP( p521 );
-            return( LOAD_GROUP( secp521r1 ) );
-#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
-        case MBEDTLS_ECP_DP_SECP192K1:
-            grp->modp = ecp_mod_p192k1;
-            return( LOAD_GROUP_A( secp192k1 ) );
-#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
-        case MBEDTLS_ECP_DP_SECP224K1:
-            grp->modp = ecp_mod_p224k1;
-            return( LOAD_GROUP_A( secp224k1 ) );
-#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
-        case MBEDTLS_ECP_DP_SECP256K1:
-            grp->modp = ecp_mod_p256k1;
-            return( LOAD_GROUP_A( secp256k1 ) );
-#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
-        case MBEDTLS_ECP_DP_BP256R1:
-            return( LOAD_GROUP_A( brainpoolP256r1 ) );
-#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
-        case MBEDTLS_ECP_DP_BP384R1:
-            return( LOAD_GROUP_A( brainpoolP384r1 ) );
-#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
-        case MBEDTLS_ECP_DP_BP512R1:
-            return( LOAD_GROUP_A( brainpoolP512r1 ) );
-#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
-        case MBEDTLS_ECP_DP_CURVE25519:
-            grp->modp = ecp_mod_p255;
-            return( ecp_use_curve25519( grp ) );
-#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
-        case MBEDTLS_ECP_DP_CURVE448:
-            grp->modp = ecp_mod_p448;
-            return( ecp_use_curve448( grp ) );
-#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */
-
-        default:
-            grp->id = MBEDTLS_ECP_DP_NONE;
-            return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
-    }
-}
-
-#if defined(MBEDTLS_ECP_NIST_OPTIM)
-/*
- * Fast reduction modulo the primes used by the NIST curves.
- *
- * These functions are critical for speed, but not needed for correct
- * operations. So, we make the choice to heavily rely on the internals of our
- * bignum library, which creates a tight coupling between these functions and
- * our MPI implementation.  However, the coupling between the ECP module and
- * MPI remains loose, since these functions can be deactivated at will.
- */
-
-#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
-/*
- * Compared to the way things are presented in FIPS 186-3 D.2,
- * we proceed in columns, from right (least significant chunk) to left,
- * adding chunks to N in place, and keeping a carry for the next chunk.
- * This avoids moving things around in memory, and uselessly adding zeros,
- * compared to the more straightforward, line-oriented approach.
- *
- * For this prime we need to handle data in chunks of 64 bits.
- * Since this is always a multiple of our basic mbedtls_mpi_uint, we can
- * use a mbedtls_mpi_uint * to designate such a chunk, and small loops to handle it.
- */
-
-/* Add 64-bit chunks (dst += src) and update carry */
-static inline void add64( mbedtls_mpi_uint *dst, mbedtls_mpi_uint *src, mbedtls_mpi_uint *carry )
-{
-    unsigned char i;
-    mbedtls_mpi_uint c = 0;
-    for( i = 0; i < 8 / sizeof( mbedtls_mpi_uint ); i++, dst++, src++ )
-    {
-        *dst += c;      c  = ( *dst < c );
-        *dst += *src;   c += ( *dst < *src );
-    }
-    *carry += c;
-}
-
-/* Add carry to a 64-bit chunk and update carry */
-static inline void carry64( mbedtls_mpi_uint *dst, mbedtls_mpi_uint *carry )
-{
-    unsigned char i;
-    for( i = 0; i < 8 / sizeof( mbedtls_mpi_uint ); i++, dst++ )
-    {
-        *dst += *carry;
-        *carry  = ( *dst < *carry );
-    }
-}
-
-#define WIDTH       8 / sizeof( mbedtls_mpi_uint )
-#define A( i )      N->p + (i) * WIDTH
-#define ADD( i )    add64( p, A( i ), &c )
-#define NEXT        p += WIDTH; carry64( p, &c )
-#define LAST        p += WIDTH; *p = c; while( ++p < end ) *p = 0
-
-/*
- * Fast quasi-reduction modulo p192 (FIPS 186-3 D.2.1)
- */
-static int ecp_mod_p192( mbedtls_mpi *N )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_mpi_uint c = 0;
-    mbedtls_mpi_uint *p, *end;
-
-    /* Make sure we have enough blocks so that A(5) is legal */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( N, 6 * WIDTH ) );
-
-    p = N->p;
-    end = p + N->n;
-
-    ADD( 3 ); ADD( 5 );             NEXT; // A0 += A3 + A5
-    ADD( 3 ); ADD( 4 ); ADD( 5 );   NEXT; // A1 += A3 + A4 + A5
-    ADD( 4 ); ADD( 5 );             LAST; // A2 += A4 + A5
-
-cleanup:
-    return( ret );
-}
-
-#undef WIDTH
-#undef A
-#undef ADD
-#undef NEXT
-#undef LAST
-#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) ||   \
-    defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) ||   \
-    defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
-/*
- * The reader is advised to first understand ecp_mod_p192() since the same
- * general structure is used here, but with additional complications:
- * (1) chunks of 32 bits, and (2) subtractions.
- */
-
-/*
- * For these primes, we need to handle data in chunks of 32 bits.
- * This makes it more complicated if we use 64 bits limbs in MPI,
- * which prevents us from using a uniform access method as for p192.
- *
- * So, we define a mini abstraction layer to access 32 bit chunks,
- * load them in 'cur' for work, and store them back from 'cur' when done.
- *
- * While at it, also define the size of N in terms of 32-bit chunks.
- */
-#define LOAD32      cur = A( i );
-
-#if defined(MBEDTLS_HAVE_INT32)  /* 32 bit */
-
-#define MAX32       N->n
-#define A( j )      N->p[j]
-#define STORE32     N->p[i] = cur;
-
-#else                               /* 64-bit */
-
-#define MAX32       N->n * 2
-#define A( j ) (j) % 2 ? (uint32_t)( N->p[(j)/2] >> 32 ) : \
-                         (uint32_t)( N->p[(j)/2] )
-#define STORE32                                   \
-    if( i % 2 ) {                                 \
-        N->p[i/2] &= 0x00000000FFFFFFFF;          \
-        N->p[i/2] |= ((mbedtls_mpi_uint) cur) << 32;        \
-    } else {                                      \
-        N->p[i/2] &= 0xFFFFFFFF00000000;          \
-        N->p[i/2] |= (mbedtls_mpi_uint) cur;                \
-    }
-
-#endif /* sizeof( mbedtls_mpi_uint ) */
-
-/*
- * Helpers for addition and subtraction of chunks, with signed carry.
- */
-static inline void add32( uint32_t *dst, uint32_t src, signed char *carry )
-{
-    *dst += src;
-    *carry += ( *dst < src );
-}
-
-static inline void sub32( uint32_t *dst, uint32_t src, signed char *carry )
-{
-    *carry -= ( *dst < src );
-    *dst -= src;
-}
-
-#define ADD( j )    add32( &cur, A( j ), &c );
-#define SUB( j )    sub32( &cur, A( j ), &c );
-
-/*
- * Helpers for the main 'loop'
- * (see fix_negative for the motivation of C)
- */
-#define INIT( b )                                                       \
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;                                                            \
-    signed char c = 0, cc;                                              \
-    uint32_t cur;                                                       \
-    size_t i = 0, bits = (b);                                           \
-    mbedtls_mpi C;                                                      \
-    mbedtls_mpi_uint Cp[ (b) / 8 / sizeof( mbedtls_mpi_uint) + 1 ];     \
-                                                                        \
-    C.s = 1;                                                            \
-    C.n = (b) / 8 / sizeof( mbedtls_mpi_uint) + 1;                      \
-    C.p = Cp;                                                           \
-    memset( Cp, 0, C.n * sizeof( mbedtls_mpi_uint ) );                  \
-                                                                        \
-    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( N, (b) * 2 / 8 /                 \
-                                       sizeof( mbedtls_mpi_uint ) ) );  \
-    LOAD32;
-
-#define NEXT                    \
-    STORE32; i++; LOAD32;       \
-    cc = c; c = 0;              \
-    if( cc < 0 )                \
-        sub32( &cur, -cc, &c ); \
-    else                        \
-        add32( &cur, cc, &c );  \
-
-#define LAST                                    \
-    STORE32; i++;                               \
-    cur = c > 0 ? c : 0; STORE32;               \
-    cur = 0; while( ++i < MAX32 ) { STORE32; }  \
-    if( c < 0 ) MBEDTLS_MPI_CHK( fix_negative( N, c, &C, bits ) );
-
-/*
- * If the result is negative, we get it in the form
- * c * 2^(bits + 32) + N, with c negative and N positive shorter than 'bits'
- */
-static inline int fix_negative( mbedtls_mpi *N, signed char c, mbedtls_mpi *C, size_t bits )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    /* C = - c * 2^(bits + 32) */
-#if !defined(MBEDTLS_HAVE_INT64)
-    ((void) bits);
-#else
-    if( bits == 224 )
-        C->p[ C->n - 1 ] = ((mbedtls_mpi_uint) -c) << 32;
-    else
-#endif
-        C->p[ C->n - 1 ] = (mbedtls_mpi_uint) -c;
-
-    /* N = - ( C - N ) */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( N, C, N ) );
-    N->s = -1;
-
-cleanup:
-
-    return( ret );
-}
-
-#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
-/*
- * Fast quasi-reduction modulo p224 (FIPS 186-3 D.2.2)
- */
-static int ecp_mod_p224( mbedtls_mpi *N )
-{
-    INIT( 224 );
-
-    SUB(  7 ); SUB( 11 );               NEXT; // A0 += -A7 - A11
-    SUB(  8 ); SUB( 12 );               NEXT; // A1 += -A8 - A12
-    SUB(  9 ); SUB( 13 );               NEXT; // A2 += -A9 - A13
-    SUB( 10 ); ADD(  7 ); ADD( 11 );    NEXT; // A3 += -A10 + A7 + A11
-    SUB( 11 ); ADD(  8 ); ADD( 12 );    NEXT; // A4 += -A11 + A8 + A12
-    SUB( 12 ); ADD(  9 ); ADD( 13 );    NEXT; // A5 += -A12 + A9 + A13
-    SUB( 13 ); ADD( 10 );               LAST; // A6 += -A13 + A10
-
-cleanup:
-    return( ret );
-}
-#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
-/*
- * Fast quasi-reduction modulo p256 (FIPS 186-3 D.2.3)
- */
-static int ecp_mod_p256( mbedtls_mpi *N )
-{
-    INIT( 256 );
-
-    ADD(  8 ); ADD(  9 );
-    SUB( 11 ); SUB( 12 ); SUB( 13 ); SUB( 14 );             NEXT; // A0
-
-    ADD(  9 ); ADD( 10 );
-    SUB( 12 ); SUB( 13 ); SUB( 14 ); SUB( 15 );             NEXT; // A1
-
-    ADD( 10 ); ADD( 11 );
-    SUB( 13 ); SUB( 14 ); SUB( 15 );                        NEXT; // A2
-
-    ADD( 11 ); ADD( 11 ); ADD( 12 ); ADD( 12 ); ADD( 13 );
-    SUB( 15 ); SUB(  8 ); SUB(  9 );                        NEXT; // A3
-
-    ADD( 12 ); ADD( 12 ); ADD( 13 ); ADD( 13 ); ADD( 14 );
-    SUB(  9 ); SUB( 10 );                                   NEXT; // A4
-
-    ADD( 13 ); ADD( 13 ); ADD( 14 ); ADD( 14 ); ADD( 15 );
-    SUB( 10 ); SUB( 11 );                                   NEXT; // A5
-
-    ADD( 14 ); ADD( 14 ); ADD( 15 ); ADD( 15 ); ADD( 14 ); ADD( 13 );
-    SUB(  8 ); SUB(  9 );                                   NEXT; // A6
-
-    ADD( 15 ); ADD( 15 ); ADD( 15 ); ADD( 8 );
-    SUB( 10 ); SUB( 11 ); SUB( 12 ); SUB( 13 );             LAST; // A7
-
-cleanup:
-    return( ret );
-}
-#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
-/*
- * Fast quasi-reduction modulo p384 (FIPS 186-3 D.2.4)
- */
-static int ecp_mod_p384( mbedtls_mpi *N )
-{
-    INIT( 384 );
-
-    ADD( 12 ); ADD( 21 ); ADD( 20 );
-    SUB( 23 );                                              NEXT; // A0
-
-    ADD( 13 ); ADD( 22 ); ADD( 23 );
-    SUB( 12 ); SUB( 20 );                                   NEXT; // A2
-
-    ADD( 14 ); ADD( 23 );
-    SUB( 13 ); SUB( 21 );                                   NEXT; // A2
-
-    ADD( 15 ); ADD( 12 ); ADD( 20 ); ADD( 21 );
-    SUB( 14 ); SUB( 22 ); SUB( 23 );                        NEXT; // A3
-
-    ADD( 21 ); ADD( 21 ); ADD( 16 ); ADD( 13 ); ADD( 12 ); ADD( 20 ); ADD( 22 );
-    SUB( 15 ); SUB( 23 ); SUB( 23 );                        NEXT; // A4
-
-    ADD( 22 ); ADD( 22 ); ADD( 17 ); ADD( 14 ); ADD( 13 ); ADD( 21 ); ADD( 23 );
-    SUB( 16 );                                              NEXT; // A5
-
-    ADD( 23 ); ADD( 23 ); ADD( 18 ); ADD( 15 ); ADD( 14 ); ADD( 22 );
-    SUB( 17 );                                              NEXT; // A6
-
-    ADD( 19 ); ADD( 16 ); ADD( 15 ); ADD( 23 );
-    SUB( 18 );                                              NEXT; // A7
-
-    ADD( 20 ); ADD( 17 ); ADD( 16 );
-    SUB( 19 );                                              NEXT; // A8
-
-    ADD( 21 ); ADD( 18 ); ADD( 17 );
-    SUB( 20 );                                              NEXT; // A9
-
-    ADD( 22 ); ADD( 19 ); ADD( 18 );
-    SUB( 21 );                                              NEXT; // A10
-
-    ADD( 23 ); ADD( 20 ); ADD( 19 );
-    SUB( 22 );                                              LAST; // A11
-
-cleanup:
-    return( ret );
-}
-#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
-
-#undef A
-#undef LOAD32
-#undef STORE32
-#undef MAX32
-#undef INIT
-#undef NEXT
-#undef LAST
-
-#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED ||
-          MBEDTLS_ECP_DP_SECP256R1_ENABLED ||
-          MBEDTLS_ECP_DP_SECP384R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
-/*
- * Here we have an actual Mersenne prime, so things are more straightforward.
- * However, chunks are aligned on a 'weird' boundary (521 bits).
- */
-
-/* Size of p521 in terms of mbedtls_mpi_uint */
-#define P521_WIDTH      ( 521 / 8 / sizeof( mbedtls_mpi_uint ) + 1 )
-
-/* Bits to keep in the most significant mbedtls_mpi_uint */
-#define P521_MASK       0x01FF
-
-/*
- * Fast quasi-reduction modulo p521 (FIPS 186-3 D.2.5)
- * Write N as A1 + 2^521 A0, return A0 + A1
- */
-static int ecp_mod_p521( mbedtls_mpi *N )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t i;
-    mbedtls_mpi M;
-    mbedtls_mpi_uint Mp[P521_WIDTH + 1];
-    /* Worst case for the size of M is when mbedtls_mpi_uint is 16 bits:
-     * we need to hold bits 513 to 1056, which is 34 limbs, that is
-     * P521_WIDTH + 1. Otherwise P521_WIDTH is enough. */
-
-    if( N->n < P521_WIDTH )
-        return( 0 );
-
-    /* M = A1 */
-    M.s = 1;
-    M.n = N->n - ( P521_WIDTH - 1 );
-    if( M.n > P521_WIDTH + 1 )
-        M.n = P521_WIDTH + 1;
-    M.p = Mp;
-    memcpy( Mp, N->p + P521_WIDTH - 1, M.n * sizeof( mbedtls_mpi_uint ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, 521 % ( 8 * sizeof( mbedtls_mpi_uint ) ) ) );
-
-    /* N = A0 */
-    N->p[P521_WIDTH - 1] &= P521_MASK;
-    for( i = P521_WIDTH; i < N->n; i++ )
-        N->p[i] = 0;
-
-    /* N = A0 + A1 */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) );
-
-cleanup:
-    return( ret );
-}
-
-#undef P521_WIDTH
-#undef P521_MASK
-#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
-
-#endif /* MBEDTLS_ECP_NIST_OPTIM */
-
-#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
-
-/* Size of p255 in terms of mbedtls_mpi_uint */
-#define P255_WIDTH      ( 255 / 8 / sizeof( mbedtls_mpi_uint ) + 1 )
-
-/*
- * Fast quasi-reduction modulo p255 = 2^255 - 19
- * Write N as A0 + 2^255 A1, return A0 + 19 * A1
- */
-static int ecp_mod_p255( mbedtls_mpi *N )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t i;
-    mbedtls_mpi M;
-    mbedtls_mpi_uint Mp[P255_WIDTH + 2];
-
-    if( N->n < P255_WIDTH )
-        return( 0 );
-
-    /* M = A1 */
-    M.s = 1;
-    M.n = N->n - ( P255_WIDTH - 1 );
-    if( M.n > P255_WIDTH + 1 )
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-    M.p = Mp;
-    memset( Mp, 0, sizeof Mp );
-    memcpy( Mp, N->p + P255_WIDTH - 1, M.n * sizeof( mbedtls_mpi_uint ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, 255 % ( 8 * sizeof( mbedtls_mpi_uint ) ) ) );
-    M.n++; /* Make room for multiplication by 19 */
-
-    /* N = A0 */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( N, 255, 0 ) );
-    for( i = P255_WIDTH; i < N->n; i++ )
-        N->p[i] = 0;
-
-    /* N = A0 + 19 * A1 */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &M, &M, 19 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) );
-
-cleanup:
-    return( ret );
-}
-#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
-
-/* Size of p448 in terms of mbedtls_mpi_uint */
-#define P448_WIDTH      ( 448 / 8 / sizeof( mbedtls_mpi_uint ) )
-
-/* Number of limbs fully occupied by 2^224 (max), and limbs used by it (min) */
-#define DIV_ROUND_UP( X, Y ) ( ( ( X ) + ( Y ) - 1 ) / ( Y ) )
-#define P224_WIDTH_MIN   ( 28 / sizeof( mbedtls_mpi_uint ) )
-#define P224_WIDTH_MAX   DIV_ROUND_UP( 28, sizeof( mbedtls_mpi_uint ) )
-#define P224_UNUSED_BITS ( ( P224_WIDTH_MAX * sizeof( mbedtls_mpi_uint ) * 8 ) - 224 )
-
-/*
- * Fast quasi-reduction modulo p448 = 2^448 - 2^224 - 1
- * Write N as A0 + 2^448 A1 and A1 as B0 + 2^224 B1, and return
- * A0 + A1 + B1 + (B0 + B1) * 2^224.  This is different to the reference
- * implementation of Curve448, which uses its own special 56-bit limbs rather
- * than a generic bignum library.  We could squeeze some extra speed out on
- * 32-bit machines by splitting N up into 32-bit limbs and doing the
- * arithmetic using the limbs directly as we do for the NIST primes above,
- * but for 64-bit targets it should use half the number of operations if we do
- * the reduction with 224-bit limbs, since mpi_add_mpi will then use 64-bit adds.
- */
-static int ecp_mod_p448( mbedtls_mpi *N )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t i;
-    mbedtls_mpi M, Q;
-    mbedtls_mpi_uint Mp[P448_WIDTH + 1], Qp[P448_WIDTH];
-
-    if( N->n <= P448_WIDTH )
-        return( 0 );
-
-    /* M = A1 */
-    M.s = 1;
-    M.n = N->n - ( P448_WIDTH );
-    if( M.n > P448_WIDTH )
-        /* Shouldn't be called with N larger than 2^896! */
-        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-    M.p = Mp;
-    memset( Mp, 0, sizeof( Mp ) );
-    memcpy( Mp, N->p + P448_WIDTH, M.n * sizeof( mbedtls_mpi_uint ) );
-
-    /* N = A0 */
-    for( i = P448_WIDTH; i < N->n; i++ )
-        N->p[i] = 0;
-
-    /* N += A1 */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( N, N, &M ) );
-
-    /* Q = B1, N += B1 */
-    Q = M;
-    Q.p = Qp;
-    memcpy( Qp, Mp, sizeof( Qp ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &Q, 224 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( N, N, &Q ) );
-
-    /* M = (B0 + B1) * 2^224, N += M */
-    if( sizeof( mbedtls_mpi_uint ) > 4 )
-        Mp[P224_WIDTH_MIN] &= ( (mbedtls_mpi_uint)-1 ) >> ( P224_UNUSED_BITS );
-    for( i = P224_WIDTH_MAX; i < M.n; ++i )
-        Mp[i] = 0;
-    MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &M, &M, &Q ) );
-    M.n = P448_WIDTH + 1; /* Make room for shifted carry bit from the addition */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &M, 224 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( N, N, &M ) );
-
-cleanup:
-    return( ret );
-}
-#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) ||   \
-    defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) ||   \
-    defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
-/*
- * Fast quasi-reduction modulo P = 2^s - R,
- * with R about 33 bits, used by the Koblitz curves.
- *
- * Write N as A0 + 2^224 A1, return A0 + R * A1.
- * Actually do two passes, since R is big.
- */
-#define P_KOBLITZ_MAX   ( 256 / 8 / sizeof( mbedtls_mpi_uint ) )  // Max limbs in P
-#define P_KOBLITZ_R     ( 8 / sizeof( mbedtls_mpi_uint ) )        // Limbs in R
-static inline int ecp_mod_koblitz( mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t p_limbs,
-                                   size_t adjust, size_t shift, mbedtls_mpi_uint mask )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t i;
-    mbedtls_mpi M, R;
-    mbedtls_mpi_uint Mp[P_KOBLITZ_MAX + P_KOBLITZ_R + 1];
-
-    if( N->n < p_limbs )
-        return( 0 );
-
-    /* Init R */
-    R.s = 1;
-    R.p = Rp;
-    R.n = P_KOBLITZ_R;
-
-    /* Common setup for M */
-    M.s = 1;
-    M.p = Mp;
-
-    /* M = A1 */
-    M.n = N->n - ( p_limbs - adjust );
-    if( M.n > p_limbs + adjust )
-        M.n = p_limbs + adjust;
-    memset( Mp, 0, sizeof Mp );
-    memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( mbedtls_mpi_uint ) );
-    if( shift != 0 )
-        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, shift ) );
-    M.n += R.n; /* Make room for multiplication by R */
-
-    /* N = A0 */
-    if( mask != 0 )
-        N->p[p_limbs - 1] &= mask;
-    for( i = p_limbs; i < N->n; i++ )
-        N->p[i] = 0;
-
-    /* N = A0 + R * A1 */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &M, &M, &R ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) );
-
-    /* Second pass */
-
-    /* M = A1 */
-    M.n = N->n - ( p_limbs - adjust );
-    if( M.n > p_limbs + adjust )
-        M.n = p_limbs + adjust;
-    memset( Mp, 0, sizeof Mp );
-    memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( mbedtls_mpi_uint ) );
-    if( shift != 0 )
-        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, shift ) );
-    M.n += R.n; /* Make room for multiplication by R */
-
-    /* N = A0 */
-    if( mask != 0 )
-        N->p[p_limbs - 1] &= mask;
-    for( i = p_limbs; i < N->n; i++ )
-        N->p[i] = 0;
-
-    /* N = A0 + R * A1 */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &M, &M, &R ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) );
-
-cleanup:
-    return( ret );
-}
-#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED) ||
-          MBEDTLS_ECP_DP_SECP224K1_ENABLED) ||
-          MBEDTLS_ECP_DP_SECP256K1_ENABLED) */
-
-#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
-/*
- * Fast quasi-reduction modulo p192k1 = 2^192 - R,
- * with R = 2^32 + 2^12 + 2^8 + 2^7 + 2^6 + 2^3 + 1 = 0x0100001119
- */
-static int ecp_mod_p192k1( mbedtls_mpi *N )
-{
-    static mbedtls_mpi_uint Rp[] = {
-        BYTES_TO_T_UINT_8( 0xC9, 0x11, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ) };
-
-    return( ecp_mod_koblitz( N, Rp, 192 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, 0 ) );
-}
-#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
-/*
- * Fast quasi-reduction modulo p224k1 = 2^224 - R,
- * with R = 2^32 + 2^12 + 2^11 + 2^9 + 2^7 + 2^4 + 2 + 1 = 0x0100001A93
- */
-static int ecp_mod_p224k1( mbedtls_mpi *N )
-{
-    static mbedtls_mpi_uint Rp[] = {
-        BYTES_TO_T_UINT_8( 0x93, 0x1A, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ) };
-
-#if defined(MBEDTLS_HAVE_INT64)
-    return( ecp_mod_koblitz( N, Rp, 4, 1, 32, 0xFFFFFFFF ) );
-#else
-    return( ecp_mod_koblitz( N, Rp, 224 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, 0 ) );
-#endif
-}
-
-#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
-/*
- * Fast quasi-reduction modulo p256k1 = 2^256 - R,
- * with R = 2^32 + 2^9 + 2^8 + 2^7 + 2^6 + 2^4 + 1 = 0x01000003D1
- */
-static int ecp_mod_p256k1( mbedtls_mpi *N )
-{
-    static mbedtls_mpi_uint Rp[] = {
-        BYTES_TO_T_UINT_8( 0xD1, 0x03, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ) };
-    return( ecp_mod_koblitz( N, Rp, 256 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, 0 ) );
-}
-#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
-
-#endif /* !MBEDTLS_ECP_ALT */
-
-#endif /* MBEDTLS_ECP_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/entropy.c b/3rdparty/mbedtls-2.25.0/library/entropy.c
deleted file mode 100644
index db61f16..0000000
--- a/3rdparty/mbedtls-2.25.0/library/entropy.c
+++ /dev/null
@@ -1,724 +0,0 @@
-/*
- *  Entropy accumulator implementation
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_ENTROPY_C)
-
-#if defined(MBEDTLS_TEST_NULL_ENTROPY)
-#warning "**** WARNING!  MBEDTLS_TEST_NULL_ENTROPY defined! "
-#warning "**** THIS BUILD HAS NO DEFINED ENTROPY SOURCES "
-#warning "**** THIS BUILD IS *NOT* SUITABLE FOR PRODUCTION USE "
-#endif
-
-#include "mbedtls/entropy.h"
-#include "mbedtls/entropy_poll.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_FS_IO)
-#include <stdio.h>
-#endif
-
-#if defined(MBEDTLS_ENTROPY_NV_SEED)
-#include "mbedtls/platform.h"
-#endif
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf     printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if defined(MBEDTLS_HAVEGE_C)
-#include "mbedtls/havege.h"
-#endif
-
-#define ENTROPY_MAX_LOOP    256     /**< Maximum amount to loop before error */
-
-void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
-{
-    ctx->source_count = 0;
-    memset( ctx->source, 0, sizeof( ctx->source ) );
-
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_mutex_init( &ctx->mutex );
-#endif
-
-    ctx->accumulator_started = 0;
-#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
-    mbedtls_sha512_init( &ctx->accumulator );
-#else
-    mbedtls_sha256_init( &ctx->accumulator );
-#endif
-#if defined(MBEDTLS_HAVEGE_C)
-    mbedtls_havege_init( &ctx->havege_data );
-#endif
-
-    /* Reminder: Update ENTROPY_HAVE_STRONG in the test files
-     *           when adding more strong entropy sources here. */
-
-#if defined(MBEDTLS_TEST_NULL_ENTROPY)
-    mbedtls_entropy_add_source( ctx, mbedtls_null_entropy_poll, NULL,
-                                1, MBEDTLS_ENTROPY_SOURCE_STRONG );
-#endif
-
-#if !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
-#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
-    mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL,
-                                MBEDTLS_ENTROPY_MIN_PLATFORM,
-                                MBEDTLS_ENTROPY_SOURCE_STRONG );
-#endif
-#if defined(MBEDTLS_TIMING_C)
-    mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL,
-                                MBEDTLS_ENTROPY_MIN_HARDCLOCK,
-                                MBEDTLS_ENTROPY_SOURCE_WEAK );
-#endif
-#if defined(MBEDTLS_HAVEGE_C)
-    mbedtls_entropy_add_source( ctx, mbedtls_havege_poll, &ctx->havege_data,
-                                MBEDTLS_ENTROPY_MIN_HAVEGE,
-                                MBEDTLS_ENTROPY_SOURCE_STRONG );
-#endif
-#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
-    mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL,
-                                MBEDTLS_ENTROPY_MIN_HARDWARE,
-                                MBEDTLS_ENTROPY_SOURCE_STRONG );
-#endif
-#if defined(MBEDTLS_ENTROPY_NV_SEED)
-    mbedtls_entropy_add_source( ctx, mbedtls_nv_seed_poll, NULL,
-                                MBEDTLS_ENTROPY_BLOCK_SIZE,
-                                MBEDTLS_ENTROPY_SOURCE_STRONG );
-    ctx->initial_entropy_run = 0;
-#endif
-#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */
-}
-
-void mbedtls_entropy_free( mbedtls_entropy_context *ctx )
-{
-#if defined(MBEDTLS_HAVEGE_C)
-    mbedtls_havege_free( &ctx->havege_data );
-#endif
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_mutex_free( &ctx->mutex );
-#endif
-#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
-    mbedtls_sha512_free( &ctx->accumulator );
-#else
-    mbedtls_sha256_free( &ctx->accumulator );
-#endif
-#if defined(MBEDTLS_ENTROPY_NV_SEED)
-    ctx->initial_entropy_run = 0;
-#endif
-    ctx->source_count = 0;
-    mbedtls_platform_zeroize( ctx->source, sizeof( ctx->source ) );
-    ctx->accumulator_started = 0;
-}
-
-int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,
-                        mbedtls_entropy_f_source_ptr f_source, void *p_source,
-                        size_t threshold, int strong )
-{
-    int idx, ret = 0;
-
-#if defined(MBEDTLS_THREADING_C)
-    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
-        return( ret );
-#endif
-
-    idx = ctx->source_count;
-    if( idx >= MBEDTLS_ENTROPY_MAX_SOURCES )
-    {
-        ret = MBEDTLS_ERR_ENTROPY_MAX_SOURCES;
-        goto exit;
-    }
-
-    ctx->source[idx].f_source  = f_source;
-    ctx->source[idx].p_source  = p_source;
-    ctx->source[idx].threshold = threshold;
-    ctx->source[idx].strong    = strong;
-
-    ctx->source_count++;
-
-exit:
-#if defined(MBEDTLS_THREADING_C)
-    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
-        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
-#endif
-
-    return( ret );
-}
-
-/*
- * Entropy accumulator update
- */
-static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id,
-                           const unsigned char *data, size_t len )
-{
-    unsigned char header[2];
-    unsigned char tmp[MBEDTLS_ENTROPY_BLOCK_SIZE];
-    size_t use_len = len;
-    const unsigned char *p = data;
-    int ret = 0;
-
-    if( use_len > MBEDTLS_ENTROPY_BLOCK_SIZE )
-    {
-#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
-        if( ( ret = mbedtls_sha512_ret( data, len, tmp, 0 ) ) != 0 )
-            goto cleanup;
-#else
-        if( ( ret = mbedtls_sha256_ret( data, len, tmp, 0 ) ) != 0 )
-            goto cleanup;
-#endif
-        p = tmp;
-        use_len = MBEDTLS_ENTROPY_BLOCK_SIZE;
-    }
-
-    header[0] = source_id;
-    header[1] = use_len & 0xFF;
-
-    /*
-     * Start the accumulator if this has not already happened. Note that
-     * it is sufficient to start the accumulator here only because all calls to
-     * gather entropy eventually execute this code.
-     */
-#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
-    if( ctx->accumulator_started == 0 &&
-        ( ret = mbedtls_sha512_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
-        goto cleanup;
-    else
-        ctx->accumulator_started = 1;
-    if( ( ret = mbedtls_sha512_update_ret( &ctx->accumulator, header, 2 ) ) != 0 )
-        goto cleanup;
-    ret = mbedtls_sha512_update_ret( &ctx->accumulator, p, use_len );
-#else
-    if( ctx->accumulator_started == 0 &&
-        ( ret = mbedtls_sha256_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
-        goto cleanup;
-    else
-        ctx->accumulator_started = 1;
-    if( ( ret = mbedtls_sha256_update_ret( &ctx->accumulator, header, 2 ) ) != 0 )
-        goto cleanup;
-    ret = mbedtls_sha256_update_ret( &ctx->accumulator, p, use_len );
-#endif
-
-cleanup:
-    mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
-
-    return( ret );
-}
-
-int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx,
-                           const unsigned char *data, size_t len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-#if defined(MBEDTLS_THREADING_C)
-    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
-        return( ret );
-#endif
-
-    ret = entropy_update( ctx, MBEDTLS_ENTROPY_SOURCE_MANUAL, data, len );
-
-#if defined(MBEDTLS_THREADING_C)
-    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
-        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
-#endif
-
-    return( ret );
-}
-
-/*
- * Run through the different sources to add entropy to our accumulator
- */
-static int entropy_gather_internal( mbedtls_entropy_context *ctx )
-{
-    int ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
-    int i;
-    int have_one_strong = 0;
-    unsigned char buf[MBEDTLS_ENTROPY_MAX_GATHER];
-    size_t olen;
-
-    if( ctx->source_count == 0 )
-        return( MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED );
-
-    /*
-     * Run through our entropy sources
-     */
-    for( i = 0; i < ctx->source_count; i++ )
-    {
-        if( ctx->source[i].strong == MBEDTLS_ENTROPY_SOURCE_STRONG )
-            have_one_strong = 1;
-
-        olen = 0;
-        if( ( ret = ctx->source[i].f_source( ctx->source[i].p_source,
-                        buf, MBEDTLS_ENTROPY_MAX_GATHER, &olen ) ) != 0 )
-        {
-            goto cleanup;
-        }
-
-        /*
-         * Add if we actually gathered something
-         */
-        if( olen > 0 )
-        {
-            if( ( ret = entropy_update( ctx, (unsigned char) i,
-                                        buf, olen ) ) != 0 )
-                return( ret );
-            ctx->source[i].size += olen;
-        }
-    }
-
-    if( have_one_strong == 0 )
-        ret = MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE;
-
-cleanup:
-    mbedtls_platform_zeroize( buf, sizeof( buf ) );
-
-    return( ret );
-}
-
-/*
- * Thread-safe wrapper for entropy_gather_internal()
- */
-int mbedtls_entropy_gather( mbedtls_entropy_context *ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-#if defined(MBEDTLS_THREADING_C)
-    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
-        return( ret );
-#endif
-
-    ret = entropy_gather_internal( ctx );
-
-#if defined(MBEDTLS_THREADING_C)
-    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
-        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
-#endif
-
-    return( ret );
-}
-
-int mbedtls_entropy_func( void *data, unsigned char *output, size_t len )
-{
-    int ret, count = 0, i, thresholds_reached;
-    size_t strong_size;
-    mbedtls_entropy_context *ctx = (mbedtls_entropy_context *) data;
-    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
-
-    if( len > MBEDTLS_ENTROPY_BLOCK_SIZE )
-        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
-
-#if defined(MBEDTLS_ENTROPY_NV_SEED)
-    /* Update the NV entropy seed before generating any entropy for outside
-     * use.
-     */
-    if( ctx->initial_entropy_run == 0 )
-    {
-        ctx->initial_entropy_run = 1;
-        if( ( ret = mbedtls_entropy_update_nv_seed( ctx ) ) != 0 )
-            return( ret );
-    }
-#endif
-
-#if defined(MBEDTLS_THREADING_C)
-    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
-        return( ret );
-#endif
-
-    /*
-     * Always gather extra entropy before a call
-     */
-    do
-    {
-        if( count++ > ENTROPY_MAX_LOOP )
-        {
-            ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
-            goto exit;
-        }
-
-        if( ( ret = entropy_gather_internal( ctx ) ) != 0 )
-            goto exit;
-
-        thresholds_reached = 1;
-        strong_size = 0;
-        for( i = 0; i < ctx->source_count; i++ )
-        {
-            if( ctx->source[i].size < ctx->source[i].threshold )
-                thresholds_reached = 0;
-            if( ctx->source[i].strong == MBEDTLS_ENTROPY_SOURCE_STRONG )
-                strong_size += ctx->source[i].size;
-        }
-    }
-    while( ! thresholds_reached || strong_size < MBEDTLS_ENTROPY_BLOCK_SIZE );
-
-    memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
-
-#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
-    /*
-     * Note that at this stage it is assumed that the accumulator was started
-     * in a previous call to entropy_update(). If this is not guaranteed, the
-     * code below will fail.
-     */
-    if( ( ret = mbedtls_sha512_finish_ret( &ctx->accumulator, buf ) ) != 0 )
-        goto exit;
-
-    /*
-     * Reset accumulator and counters and recycle existing entropy
-     */
-    mbedtls_sha512_free( &ctx->accumulator );
-    mbedtls_sha512_init( &ctx->accumulator );
-    if( ( ret = mbedtls_sha512_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
-        goto exit;
-    if( ( ret = mbedtls_sha512_update_ret( &ctx->accumulator, buf,
-                                           MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
-        goto exit;
-
-    /*
-     * Perform second SHA-512 on entropy
-     */
-    if( ( ret = mbedtls_sha512_ret( buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
-                                    buf, 0 ) ) != 0 )
-        goto exit;
-#else /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */
-    if( ( ret = mbedtls_sha256_finish_ret( &ctx->accumulator, buf ) ) != 0 )
-        goto exit;
-
-    /*
-     * Reset accumulator and counters and recycle existing entropy
-     */
-    mbedtls_sha256_free( &ctx->accumulator );
-    mbedtls_sha256_init( &ctx->accumulator );
-    if( ( ret = mbedtls_sha256_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
-        goto exit;
-    if( ( ret = mbedtls_sha256_update_ret( &ctx->accumulator, buf,
-                                           MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
-        goto exit;
-
-    /*
-     * Perform second SHA-256 on entropy
-     */
-    if( ( ret = mbedtls_sha256_ret( buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
-                                    buf, 0 ) ) != 0 )
-        goto exit;
-#endif /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */
-
-    for( i = 0; i < ctx->source_count; i++ )
-        ctx->source[i].size = 0;
-
-    memcpy( output, buf, len );
-
-    ret = 0;
-
-exit:
-    mbedtls_platform_zeroize( buf, sizeof( buf ) );
-
-#if defined(MBEDTLS_THREADING_C)
-    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
-        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
-#endif
-
-    return( ret );
-}
-
-#if defined(MBEDTLS_ENTROPY_NV_SEED)
-int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx )
-{
-    int ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
-    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
-
-    /* Read new seed  and write it to NV */
-    if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
-        return( ret );
-
-    if( mbedtls_nv_seed_write( buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) < 0 )
-        return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
-
-    /* Manually update the remaining stream with a separator value to diverge */
-    memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
-    ret = mbedtls_entropy_update_manual( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
-
-    return( ret );
-}
-#endif /* MBEDTLS_ENTROPY_NV_SEED */
-
-#if defined(MBEDTLS_FS_IO)
-int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path )
-{
-    int ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
-    FILE *f;
-    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
-
-    if( ( f = fopen( path, "wb" ) ) == NULL )
-        return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
-
-    if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
-        goto exit;
-
-    if( fwrite( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) != MBEDTLS_ENTROPY_BLOCK_SIZE )
-    {
-        ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
-        goto exit;
-    }
-
-    ret = 0;
-
-exit:
-    mbedtls_platform_zeroize( buf, sizeof( buf ) );
-
-    fclose( f );
-    return( ret );
-}
-
-int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path )
-{
-    int ret = 0;
-    FILE *f;
-    size_t n;
-    unsigned char buf[ MBEDTLS_ENTROPY_MAX_SEED_SIZE ];
-
-    if( ( f = fopen( path, "rb" ) ) == NULL )
-        return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
-
-    fseek( f, 0, SEEK_END );
-    n = (size_t) ftell( f );
-    fseek( f, 0, SEEK_SET );
-
-    if( n > MBEDTLS_ENTROPY_MAX_SEED_SIZE )
-        n = MBEDTLS_ENTROPY_MAX_SEED_SIZE;
-
-    if( fread( buf, 1, n, f ) != n )
-        ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
-    else
-        ret = mbedtls_entropy_update_manual( ctx, buf, n );
-
-    fclose( f );
-
-    mbedtls_platform_zeroize( buf, sizeof( buf ) );
-
-    if( ret != 0 )
-        return( ret );
-
-    return( mbedtls_entropy_write_seed_file( ctx, path ) );
-}
-#endif /* MBEDTLS_FS_IO */
-
-#if defined(MBEDTLS_SELF_TEST)
-#if !defined(MBEDTLS_TEST_NULL_ENTROPY)
-/*
- * Dummy source function
- */
-static int entropy_dummy_source( void *data, unsigned char *output,
-                                 size_t len, size_t *olen )
-{
-    ((void) data);
-
-    memset( output, 0x2a, len );
-    *olen = len;
-
-    return( 0 );
-}
-#endif /* !MBEDTLS_TEST_NULL_ENTROPY */
-
-#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
-
-static int mbedtls_entropy_source_self_test_gather( unsigned char *buf, size_t buf_len )
-{
-    int ret = 0;
-    size_t entropy_len = 0;
-    size_t olen = 0;
-    size_t attempts = buf_len;
-
-    while( attempts > 0 && entropy_len < buf_len )
-    {
-        if( ( ret = mbedtls_hardware_poll( NULL, buf + entropy_len,
-            buf_len - entropy_len, &olen ) ) != 0 )
-            return( ret );
-
-        entropy_len += olen;
-        attempts--;
-    }
-
-    if( entropy_len < buf_len )
-    {
-        ret = 1;
-    }
-
-    return( ret );
-}
-
-
-static int mbedtls_entropy_source_self_test_check_bits( const unsigned char *buf,
-                                                        size_t buf_len )
-{
-    unsigned char set= 0xFF;
-    unsigned char unset = 0x00;
-    size_t i;
-
-    for( i = 0; i < buf_len; i++ )
-    {
-        set &= buf[i];
-        unset |= buf[i];
-    }
-
-    return( set == 0xFF || unset == 0x00 );
-}
-
-/*
- * A test to ensure hat the entropy sources are functioning correctly
- * and there is no obvious failure. The test performs the following checks:
- *  - The entropy source is not providing only 0s (all bits unset) or 1s (all
- *    bits set).
- *  - The entropy source is not providing values in a pattern. Because the
- *    hardware could be providing data in an arbitrary length, this check polls
- *    the hardware entropy source twice and compares the result to ensure they
- *    are not equal.
- *  - The error code returned by the entropy source is not an error.
- */
-int mbedtls_entropy_source_self_test( int verbose )
-{
-    int ret = 0;
-    unsigned char buf0[2 * sizeof( unsigned long long int )];
-    unsigned char buf1[2 * sizeof( unsigned long long int )];
-
-    if( verbose != 0 )
-        mbedtls_printf( "  ENTROPY_BIAS test: " );
-
-    memset( buf0, 0x00, sizeof( buf0 ) );
-    memset( buf1, 0x00, sizeof( buf1 ) );
-
-    if( ( ret = mbedtls_entropy_source_self_test_gather( buf0, sizeof( buf0 ) ) ) != 0 )
-        goto cleanup;
-    if( ( ret = mbedtls_entropy_source_self_test_gather( buf1, sizeof( buf1 ) ) ) != 0 )
-        goto cleanup;
-
-    /* Make sure that the returned values are not all 0 or 1 */
-    if( ( ret = mbedtls_entropy_source_self_test_check_bits( buf0, sizeof( buf0 ) ) ) != 0 )
-        goto cleanup;
-    if( ( ret = mbedtls_entropy_source_self_test_check_bits( buf1, sizeof( buf1 ) ) ) != 0 )
-        goto cleanup;
-
-    /* Make sure that the entropy source is not returning values in a
-     * pattern */
-    ret = memcmp( buf0, buf1, sizeof( buf0 ) ) == 0;
-
-cleanup:
-    if( verbose != 0 )
-    {
-        if( ret != 0 )
-            mbedtls_printf( "failed\n" );
-        else
-            mbedtls_printf( "passed\n" );
-
-        mbedtls_printf( "\n" );
-    }
-
-    return( ret != 0 );
-}
-
-#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */
-
-/*
- * The actual entropy quality is hard to test, but we can at least
- * test that the functions don't cause errors and write the correct
- * amount of data to buffers.
- */
-int mbedtls_entropy_self_test( int verbose )
-{
-    int ret = 1;
-#if !defined(MBEDTLS_TEST_NULL_ENTROPY)
-    mbedtls_entropy_context ctx;
-    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
-    unsigned char acc[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
-    size_t i, j;
-#endif /* !MBEDTLS_TEST_NULL_ENTROPY */
-
-    if( verbose != 0 )
-        mbedtls_printf( "  ENTROPY test: " );
-
-#if !defined(MBEDTLS_TEST_NULL_ENTROPY)
-    mbedtls_entropy_init( &ctx );
-
-    /* First do a gather to make sure we have default sources */
-    if( ( ret = mbedtls_entropy_gather( &ctx ) ) != 0 )
-        goto cleanup;
-
-    ret = mbedtls_entropy_add_source( &ctx, entropy_dummy_source, NULL, 16,
-                                      MBEDTLS_ENTROPY_SOURCE_WEAK );
-    if( ret != 0 )
-        goto cleanup;
-
-    if( ( ret = mbedtls_entropy_update_manual( &ctx, buf, sizeof buf ) ) != 0 )
-        goto cleanup;
-
-    /*
-     * To test that mbedtls_entropy_func writes correct number of bytes:
-     * - use the whole buffer and rely on ASan to detect overruns
-     * - collect entropy 8 times and OR the result in an accumulator:
-     *   any byte should then be 0 with probably 2^(-64), so requiring
-     *   each of the 32 or 64 bytes to be non-zero has a false failure rate
-     *   of at most 2^(-58) which is acceptable.
-     */
-    for( i = 0; i < 8; i++ )
-    {
-        if( ( ret = mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ) ) != 0 )
-            goto cleanup;
-
-        for( j = 0; j < sizeof( buf ); j++ )
-            acc[j] |= buf[j];
-    }
-
-    for( j = 0; j < sizeof( buf ); j++ )
-    {
-        if( acc[j] == 0 )
-        {
-            ret = 1;
-            goto cleanup;
-        }
-    }
-
-#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
-    if( ( ret = mbedtls_entropy_source_self_test( 0 ) ) != 0 )
-        goto cleanup;
-#endif
-
-cleanup:
-    mbedtls_entropy_free( &ctx );
-#endif /* !MBEDTLS_TEST_NULL_ENTROPY */
-
-    if( verbose != 0 )
-    {
-        if( ret != 0 )
-            mbedtls_printf( "failed\n" );
-        else
-            mbedtls_printf( "passed\n" );
-
-        mbedtls_printf( "\n" );
-    }
-
-    return( ret != 0 );
-}
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_ENTROPY_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/entropy_poll.c b/3rdparty/mbedtls-2.25.0/library/entropy_poll.c
deleted file mode 100644
index 5250a7b..0000000
--- a/3rdparty/mbedtls-2.25.0/library/entropy_poll.c
+++ /dev/null
@@ -1,276 +0,0 @@
-/*
- *  Platform-specific and custom entropy polling functions
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if defined(__linux__) && !defined(_GNU_SOURCE)
-/* Ensure that syscall() is available even when compiling with -std=c99 */
-#define _GNU_SOURCE
-#endif
-
-#include "common.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_ENTROPY_C)
-
-#include "mbedtls/entropy.h"
-#include "mbedtls/entropy_poll.h"
-#include "mbedtls/error.h"
-
-#if defined(MBEDTLS_TIMING_C)
-#include "mbedtls/timing.h"
-#endif
-#if defined(MBEDTLS_HAVEGE_C)
-#include "mbedtls/havege.h"
-#endif
-#if defined(MBEDTLS_ENTROPY_NV_SEED)
-#include "mbedtls/platform.h"
-#endif
-
-#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
-
-#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \
-    !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \
-    !defined(__HAIKU__) && !defined(__midipix__)
-#error "Platform entropy sources only work on Unix and Windows, see MBEDTLS_NO_PLATFORM_ENTROPY in config.h"
-#endif
-
-#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
-
-#if !defined(_WIN32_WINNT)
-#define _WIN32_WINNT 0x0400
-#endif
-#include <windows.h>
-#include <wincrypt.h>
-
-int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len,
-                           size_t *olen )
-{
-    HCRYPTPROV provider;
-    ((void) data);
-    *olen = 0;
-
-    if( CryptAcquireContext( &provider, NULL, NULL,
-                              PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE )
-    {
-        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
-    }
-
-    if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE )
-    {
-        CryptReleaseContext( provider, 0 );
-        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
-    }
-
-    CryptReleaseContext( provider, 0 );
-    *olen = len;
-
-    return( 0 );
-}
-#else /* _WIN32 && !EFIX64 && !EFI32 */
-
-/*
- * Test for Linux getrandom() support.
- * Since there is no wrapper in the libc yet, use the generic syscall wrapper
- * available in GNU libc and compatible libc's (eg uClibc).
- */
-#if ((defined(__linux__) && defined(__GLIBC__)) || defined(__midipix__))
-#include <unistd.h>
-#include <sys/syscall.h>
-#if defined(SYS_getrandom)
-#define HAVE_GETRANDOM
-#include <errno.h>
-
-static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags )
-{
-    /* MemSan cannot understand that the syscall writes to the buffer */
-#if defined(__has_feature)
-#if __has_feature(memory_sanitizer)
-    memset( buf, 0, buflen );
-#endif
-#endif
-    return( syscall( SYS_getrandom, buf, buflen, flags ) );
-}
-#endif /* SYS_getrandom */
-#endif /* __linux__ || __midipix__ */
-
-/*
- * Some BSD systems provide KERN_ARND.
- * This is equivalent to reading from /dev/urandom, only it doesn't require an
- * open file descriptor, and provides up to 256 bytes per call (basically the
- * same as getentropy(), but with a longer history).
- *
- * Documentation: https://netbsd.gw.com/cgi-bin/man-cgi?sysctl+7
- */
-#if (defined(__FreeBSD__) || defined(__NetBSD__)) && !defined(HAVE_GETRANDOM)
-#include <sys/param.h>
-#include <sys/sysctl.h>
-#if defined(KERN_ARND)
-#define HAVE_SYSCTL_ARND
-
-static int sysctl_arnd_wrapper( unsigned char *buf, size_t buflen )
-{
-    int name[2];
-    size_t len;
-
-    name[0] = CTL_KERN;
-    name[1] = KERN_ARND;
-
-    while( buflen > 0 )
-    {
-        len = buflen > 256 ? 256 : buflen;
-        if( sysctl(name, 2, buf, &len, NULL, 0) == -1 )
-            return( -1 );
-        buflen -= len;
-        buf += len;
-    }
-    return( 0 );
-}
-#endif /* KERN_ARND */
-#endif /* __FreeBSD__ || __NetBSD__ */
-
-#include <stdio.h>
-
-int mbedtls_platform_entropy_poll( void *data,
-                           unsigned char *output, size_t len, size_t *olen )
-{
-    FILE *file;
-    size_t read_len;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    ((void) data);
-
-#if defined(HAVE_GETRANDOM)
-    ret = getrandom_wrapper( output, len, 0 );
-    if( ret >= 0 )
-    {
-        *olen = ret;
-        return( 0 );
-    }
-    else if( errno != ENOSYS )
-        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
-    /* Fall through if the system call isn't known. */
-#else
-    ((void) ret);
-#endif /* HAVE_GETRANDOM */
-
-#if defined(HAVE_SYSCTL_ARND)
-    ((void) file);
-    ((void) read_len);
-    if( sysctl_arnd_wrapper( output, len ) == -1 )
-        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
-    *olen = len;
-    return( 0 );
-#else
-
-    *olen = 0;
-
-    file = fopen( "/dev/urandom", "rb" );
-    if( file == NULL )
-        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
-
-    read_len = fread( output, 1, len, file );
-    if( read_len != len )
-    {
-        fclose( file );
-        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
-    }
-
-    fclose( file );
-    *olen = len;
-
-    return( 0 );
-#endif /* HAVE_SYSCTL_ARND */
-}
-#endif /* _WIN32 && !EFIX64 && !EFI32 */
-#endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */
-
-#if defined(MBEDTLS_TEST_NULL_ENTROPY)
-int mbedtls_null_entropy_poll( void *data,
-                    unsigned char *output, size_t len, size_t *olen )
-{
-    ((void) data);
-    ((void) output);
-    *olen = 0;
-
-    if( len < sizeof(unsigned char) )
-        return( 0 );
-
-    *olen = sizeof(unsigned char);
-
-    return( 0 );
-}
-#endif
-
-#if defined(MBEDTLS_TIMING_C)
-int mbedtls_hardclock_poll( void *data,
-                    unsigned char *output, size_t len, size_t *olen )
-{
-    unsigned long timer = mbedtls_timing_hardclock();
-    ((void) data);
-    *olen = 0;
-
-    if( len < sizeof(unsigned long) )
-        return( 0 );
-
-    memcpy( output, &timer, sizeof(unsigned long) );
-    *olen = sizeof(unsigned long);
-
-    return( 0 );
-}
-#endif /* MBEDTLS_TIMING_C */
-
-#if defined(MBEDTLS_HAVEGE_C)
-int mbedtls_havege_poll( void *data,
-                 unsigned char *output, size_t len, size_t *olen )
-{
-    mbedtls_havege_state *hs = (mbedtls_havege_state *) data;
-    *olen = 0;
-
-    if( mbedtls_havege_random( hs, output, len ) != 0 )
-        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
-
-    *olen = len;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_HAVEGE_C */
-
-#if defined(MBEDTLS_ENTROPY_NV_SEED)
-int mbedtls_nv_seed_poll( void *data,
-                          unsigned char *output, size_t len, size_t *olen )
-{
-    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
-    size_t use_len = MBEDTLS_ENTROPY_BLOCK_SIZE;
-    ((void) data);
-
-    memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
-
-    if( mbedtls_nv_seed_read( buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) < 0 )
-      return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
-
-    if( len < use_len )
-      use_len = len;
-
-    memcpy( output, buf, use_len );
-    *olen = use_len;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_ENTROPY_NV_SEED */
-
-#endif /* MBEDTLS_ENTROPY_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/gcm.c b/3rdparty/mbedtls-2.25.0/library/gcm.c
deleted file mode 100644
index 2363e58..0000000
--- a/3rdparty/mbedtls-2.25.0/library/gcm.c
+++ /dev/null
@@ -1,1015 +0,0 @@
-/*
- *  NIST SP800-38D compliant GCM implementation
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- * http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf
- *
- * See also:
- * [MGV] http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf
- *
- * We use the algorithm described as Shoup's method with 4-bit tables in
- * [MGV] 4.1, pp. 12-13, to enhance speed without using too much memory.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_GCM_C)
-
-#include "mbedtls/gcm.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_AESNI_C)
-#include "mbedtls/aesni.h"
-#endif
-
-#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
-#include "mbedtls/aes.h"
-#include "mbedtls/platform.h"
-#if !defined(MBEDTLS_PLATFORM_C)
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
-
-#if !defined(MBEDTLS_GCM_ALT)
-
-/* Parameter validation macros */
-#define GCM_VALIDATE_RET( cond ) \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_GCM_BAD_INPUT )
-#define GCM_VALIDATE( cond ) \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-/*
- * 32-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i)                            \
-{                                                       \
-    (n) = ( (uint32_t) (b)[(i)    ] << 24 )             \
-        | ( (uint32_t) (b)[(i) + 1] << 16 )             \
-        | ( (uint32_t) (b)[(i) + 2] <<  8 )             \
-        | ( (uint32_t) (b)[(i) + 3]       );            \
-}
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i)                            \
-{                                                       \
-    (b)[(i)    ] = (unsigned char) ( (n) >> 24 );       \
-    (b)[(i) + 1] = (unsigned char) ( (n) >> 16 );       \
-    (b)[(i) + 2] = (unsigned char) ( (n) >>  8 );       \
-    (b)[(i) + 3] = (unsigned char) ( (n)       );       \
-}
-#endif
-
-/*
- * Initialize a context
- */
-void mbedtls_gcm_init( mbedtls_gcm_context *ctx )
-{
-    GCM_VALIDATE( ctx != NULL );
-    memset( ctx, 0, sizeof( mbedtls_gcm_context ) );
-}
-
-/*
- * Precompute small multiples of H, that is set
- *      HH[i] || HL[i] = H times i,
- * where i is seen as a field element as in [MGV], ie high-order bits
- * correspond to low powers of P. The result is stored in the same way, that
- * is the high-order bit of HH corresponds to P^0 and the low-order bit of HL
- * corresponds to P^127.
- */
-static int gcm_gen_table( mbedtls_gcm_context *ctx )
-{
-    int ret, i, j;
-    uint64_t hi, lo;
-    uint64_t vl, vh;
-    unsigned char h[16];
-    size_t olen = 0;
-
-    memset( h, 0, 16 );
-    if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, h, 16, h, &olen ) ) != 0 )
-        return( ret );
-
-    /* pack h as two 64-bits ints, big-endian */
-    GET_UINT32_BE( hi, h,  0  );
-    GET_UINT32_BE( lo, h,  4  );
-    vh = (uint64_t) hi << 32 | lo;
-
-    GET_UINT32_BE( hi, h,  8  );
-    GET_UINT32_BE( lo, h,  12 );
-    vl = (uint64_t) hi << 32 | lo;
-
-    /* 8 = 1000 corresponds to 1 in GF(2^128) */
-    ctx->HL[8] = vl;
-    ctx->HH[8] = vh;
-
-#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
-    /* With CLMUL support, we need only h, not the rest of the table */
-    if( mbedtls_aesni_has_support( MBEDTLS_AESNI_CLMUL ) )
-        return( 0 );
-#endif
-
-    /* 0 corresponds to 0 in GF(2^128) */
-    ctx->HH[0] = 0;
-    ctx->HL[0] = 0;
-
-    for( i = 4; i > 0; i >>= 1 )
-    {
-        uint32_t T = ( vl & 1 ) * 0xe1000000U;
-        vl  = ( vh << 63 ) | ( vl >> 1 );
-        vh  = ( vh >> 1 ) ^ ( (uint64_t) T << 32);
-
-        ctx->HL[i] = vl;
-        ctx->HH[i] = vh;
-    }
-
-    for( i = 2; i <= 8; i *= 2 )
-    {
-        uint64_t *HiL = ctx->HL + i, *HiH = ctx->HH + i;
-        vh = *HiH;
-        vl = *HiL;
-        for( j = 1; j < i; j++ )
-        {
-            HiH[j] = vh ^ ctx->HH[j];
-            HiL[j] = vl ^ ctx->HL[j];
-        }
-    }
-
-    return( 0 );
-}
-
-int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
-                        mbedtls_cipher_id_t cipher,
-                        const unsigned char *key,
-                        unsigned int keybits )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const mbedtls_cipher_info_t *cipher_info;
-
-    GCM_VALIDATE_RET( ctx != NULL );
-    GCM_VALIDATE_RET( key != NULL );
-    GCM_VALIDATE_RET( keybits == 128 || keybits == 192 || keybits == 256 );
-
-    cipher_info = mbedtls_cipher_info_from_values( cipher, keybits,
-                                                   MBEDTLS_MODE_ECB );
-    if( cipher_info == NULL )
-        return( MBEDTLS_ERR_GCM_BAD_INPUT );
-
-    if( cipher_info->block_size != 16 )
-        return( MBEDTLS_ERR_GCM_BAD_INPUT );
-
-    mbedtls_cipher_free( &ctx->cipher_ctx );
-
-    if( ( ret = mbedtls_cipher_setup( &ctx->cipher_ctx, cipher_info ) ) != 0 )
-        return( ret );
-
-    if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keybits,
-                               MBEDTLS_ENCRYPT ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    if( ( ret = gcm_gen_table( ctx ) ) != 0 )
-        return( ret );
-
-    return( 0 );
-}
-
-/*
- * Shoup's method for multiplication use this table with
- *      last4[x] = x times P^128
- * where x and last4[x] are seen as elements of GF(2^128) as in [MGV]
- */
-static const uint64_t last4[16] =
-{
-    0x0000, 0x1c20, 0x3840, 0x2460,
-    0x7080, 0x6ca0, 0x48c0, 0x54e0,
-    0xe100, 0xfd20, 0xd940, 0xc560,
-    0x9180, 0x8da0, 0xa9c0, 0xb5e0
-};
-
-/*
- * Sets output to x times H using the precomputed tables.
- * x and output are seen as elements of GF(2^128) as in [MGV].
- */
-static void gcm_mult( mbedtls_gcm_context *ctx, const unsigned char x[16],
-                      unsigned char output[16] )
-{
-    int i = 0;
-    unsigned char lo, hi, rem;
-    uint64_t zh, zl;
-
-#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
-    if( mbedtls_aesni_has_support( MBEDTLS_AESNI_CLMUL ) ) {
-        unsigned char h[16];
-
-        PUT_UINT32_BE( ctx->HH[8] >> 32, h,  0 );
-        PUT_UINT32_BE( ctx->HH[8],       h,  4 );
-        PUT_UINT32_BE( ctx->HL[8] >> 32, h,  8 );
-        PUT_UINT32_BE( ctx->HL[8],       h, 12 );
-
-        mbedtls_aesni_gcm_mult( output, x, h );
-        return;
-    }
-#endif /* MBEDTLS_AESNI_C && MBEDTLS_HAVE_X86_64 */
-
-    lo = x[15] & 0xf;
-
-    zh = ctx->HH[lo];
-    zl = ctx->HL[lo];
-
-    for( i = 15; i >= 0; i-- )
-    {
-        lo = x[i] & 0xf;
-        hi = ( x[i] >> 4 ) & 0xf;
-
-        if( i != 15 )
-        {
-            rem = (unsigned char) zl & 0xf;
-            zl = ( zh << 60 ) | ( zl >> 4 );
-            zh = ( zh >> 4 );
-            zh ^= (uint64_t) last4[rem] << 48;
-            zh ^= ctx->HH[lo];
-            zl ^= ctx->HL[lo];
-
-        }
-
-        rem = (unsigned char) zl & 0xf;
-        zl = ( zh << 60 ) | ( zl >> 4 );
-        zh = ( zh >> 4 );
-        zh ^= (uint64_t) last4[rem] << 48;
-        zh ^= ctx->HH[hi];
-        zl ^= ctx->HL[hi];
-    }
-
-    PUT_UINT32_BE( zh >> 32, output, 0 );
-    PUT_UINT32_BE( zh, output, 4 );
-    PUT_UINT32_BE( zl >> 32, output, 8 );
-    PUT_UINT32_BE( zl, output, 12 );
-}
-
-int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
-                int mode,
-                const unsigned char *iv,
-                size_t iv_len,
-                const unsigned char *add,
-                size_t add_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char work_buf[16];
-    size_t i;
-    const unsigned char *p;
-    size_t use_len, olen = 0;
-
-    GCM_VALIDATE_RET( ctx != NULL );
-    GCM_VALIDATE_RET( iv != NULL );
-    GCM_VALIDATE_RET( add_len == 0 || add != NULL );
-
-    /* IV and AD are limited to 2^64 bits, so 2^61 bytes */
-    /* IV is not allowed to be zero length */
-    if( iv_len == 0 ||
-      ( (uint64_t) iv_len  ) >> 61 != 0 ||
-      ( (uint64_t) add_len ) >> 61 != 0 )
-    {
-        return( MBEDTLS_ERR_GCM_BAD_INPUT );
-    }
-
-    memset( ctx->y, 0x00, sizeof(ctx->y) );
-    memset( ctx->buf, 0x00, sizeof(ctx->buf) );
-
-    ctx->mode = mode;
-    ctx->len = 0;
-    ctx->add_len = 0;
-
-    if( iv_len == 12 )
-    {
-        memcpy( ctx->y, iv, iv_len );
-        ctx->y[15] = 1;
-    }
-    else
-    {
-        memset( work_buf, 0x00, 16 );
-        PUT_UINT32_BE( iv_len * 8, work_buf, 12 );
-
-        p = iv;
-        while( iv_len > 0 )
-        {
-            use_len = ( iv_len < 16 ) ? iv_len : 16;
-
-            for( i = 0; i < use_len; i++ )
-                ctx->y[i] ^= p[i];
-
-            gcm_mult( ctx, ctx->y, ctx->y );
-
-            iv_len -= use_len;
-            p += use_len;
-        }
-
-        for( i = 0; i < 16; i++ )
-            ctx->y[i] ^= work_buf[i];
-
-        gcm_mult( ctx, ctx->y, ctx->y );
-    }
-
-    if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16,
-                                       ctx->base_ectr, &olen ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    ctx->add_len = add_len;
-    p = add;
-    while( add_len > 0 )
-    {
-        use_len = ( add_len < 16 ) ? add_len : 16;
-
-        for( i = 0; i < use_len; i++ )
-            ctx->buf[i] ^= p[i];
-
-        gcm_mult( ctx, ctx->buf, ctx->buf );
-
-        add_len -= use_len;
-        p += use_len;
-    }
-
-    return( 0 );
-}
-
-int mbedtls_gcm_update( mbedtls_gcm_context *ctx,
-                size_t length,
-                const unsigned char *input,
-                unsigned char *output )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char ectr[16];
-    size_t i;
-    const unsigned char *p;
-    unsigned char *out_p = output;
-    size_t use_len, olen = 0;
-
-    GCM_VALIDATE_RET( ctx != NULL );
-    GCM_VALIDATE_RET( length == 0 || input != NULL );
-    GCM_VALIDATE_RET( length == 0 || output != NULL );
-
-    if( output > input && (size_t) ( output - input ) < length )
-        return( MBEDTLS_ERR_GCM_BAD_INPUT );
-
-    /* Total length is restricted to 2^39 - 256 bits, ie 2^36 - 2^5 bytes
-     * Also check for possible overflow */
-    if( ctx->len + length < ctx->len ||
-        (uint64_t) ctx->len + length > 0xFFFFFFFE0ull )
-    {
-        return( MBEDTLS_ERR_GCM_BAD_INPUT );
-    }
-
-    ctx->len += length;
-
-    p = input;
-    while( length > 0 )
-    {
-        use_len = ( length < 16 ) ? length : 16;
-
-        for( i = 16; i > 12; i-- )
-            if( ++ctx->y[i - 1] != 0 )
-                break;
-
-        if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ectr,
-                                   &olen ) ) != 0 )
-        {
-            return( ret );
-        }
-
-        for( i = 0; i < use_len; i++ )
-        {
-            if( ctx->mode == MBEDTLS_GCM_DECRYPT )
-                ctx->buf[i] ^= p[i];
-            out_p[i] = ectr[i] ^ p[i];
-            if( ctx->mode == MBEDTLS_GCM_ENCRYPT )
-                ctx->buf[i] ^= out_p[i];
-        }
-
-        gcm_mult( ctx, ctx->buf, ctx->buf );
-
-        length -= use_len;
-        p += use_len;
-        out_p += use_len;
-    }
-
-    return( 0 );
-}
-
-int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
-                unsigned char *tag,
-                size_t tag_len )
-{
-    unsigned char work_buf[16];
-    size_t i;
-    uint64_t orig_len;
-    uint64_t orig_add_len;
-
-    GCM_VALIDATE_RET( ctx != NULL );
-    GCM_VALIDATE_RET( tag != NULL );
-
-    orig_len = ctx->len * 8;
-    orig_add_len = ctx->add_len * 8;
-
-    if( tag_len > 16 || tag_len < 4 )
-        return( MBEDTLS_ERR_GCM_BAD_INPUT );
-
-    memcpy( tag, ctx->base_ectr, tag_len );
-
-    if( orig_len || orig_add_len )
-    {
-        memset( work_buf, 0x00, 16 );
-
-        PUT_UINT32_BE( ( orig_add_len >> 32 ), work_buf, 0  );
-        PUT_UINT32_BE( ( orig_add_len       ), work_buf, 4  );
-        PUT_UINT32_BE( ( orig_len     >> 32 ), work_buf, 8  );
-        PUT_UINT32_BE( ( orig_len           ), work_buf, 12 );
-
-        for( i = 0; i < 16; i++ )
-            ctx->buf[i] ^= work_buf[i];
-
-        gcm_mult( ctx, ctx->buf, ctx->buf );
-
-        for( i = 0; i < tag_len; i++ )
-            tag[i] ^= ctx->buf[i];
-    }
-
-    return( 0 );
-}
-
-int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx,
-                       int mode,
-                       size_t length,
-                       const unsigned char *iv,
-                       size_t iv_len,
-                       const unsigned char *add,
-                       size_t add_len,
-                       const unsigned char *input,
-                       unsigned char *output,
-                       size_t tag_len,
-                       unsigned char *tag )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    GCM_VALIDATE_RET( ctx != NULL );
-    GCM_VALIDATE_RET( iv != NULL );
-    GCM_VALIDATE_RET( add_len == 0 || add != NULL );
-    GCM_VALIDATE_RET( length == 0 || input != NULL );
-    GCM_VALIDATE_RET( length == 0 || output != NULL );
-    GCM_VALIDATE_RET( tag != NULL );
-
-    if( ( ret = mbedtls_gcm_starts( ctx, mode, iv, iv_len, add, add_len ) ) != 0 )
-        return( ret );
-
-    if( ( ret = mbedtls_gcm_update( ctx, length, input, output ) ) != 0 )
-        return( ret );
-
-    if( ( ret = mbedtls_gcm_finish( ctx, tag, tag_len ) ) != 0 )
-        return( ret );
-
-    return( 0 );
-}
-
-int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx,
-                      size_t length,
-                      const unsigned char *iv,
-                      size_t iv_len,
-                      const unsigned char *add,
-                      size_t add_len,
-                      const unsigned char *tag,
-                      size_t tag_len,
-                      const unsigned char *input,
-                      unsigned char *output )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char check_tag[16];
-    size_t i;
-    int diff;
-
-    GCM_VALIDATE_RET( ctx != NULL );
-    GCM_VALIDATE_RET( iv != NULL );
-    GCM_VALIDATE_RET( add_len == 0 || add != NULL );
-    GCM_VALIDATE_RET( tag != NULL );
-    GCM_VALIDATE_RET( length == 0 || input != NULL );
-    GCM_VALIDATE_RET( length == 0 || output != NULL );
-
-    if( ( ret = mbedtls_gcm_crypt_and_tag( ctx, MBEDTLS_GCM_DECRYPT, length,
-                                   iv, iv_len, add, add_len,
-                                   input, output, tag_len, check_tag ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    /* Check tag in "constant-time" */
-    for( diff = 0, i = 0; i < tag_len; i++ )
-        diff |= tag[i] ^ check_tag[i];
-
-    if( diff != 0 )
-    {
-        mbedtls_platform_zeroize( output, length );
-        return( MBEDTLS_ERR_GCM_AUTH_FAILED );
-    }
-
-    return( 0 );
-}
-
-void mbedtls_gcm_free( mbedtls_gcm_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-    mbedtls_cipher_free( &ctx->cipher_ctx );
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_gcm_context ) );
-}
-
-#endif /* !MBEDTLS_GCM_ALT */
-
-#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
-/*
- * AES-GCM test vectors from:
- *
- * http://csrc.nist.gov/groups/STM/cavp/documents/mac/gcmtestvectors.zip
- */
-#define MAX_TESTS   6
-
-static const int key_index_test_data[MAX_TESTS] =
-    { 0, 0, 1, 1, 1, 1 };
-
-static const unsigned char key_test_data[MAX_TESTS][32] =
-{
-    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-    { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
-      0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
-      0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
-      0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 },
-};
-
-static const size_t iv_len_test_data[MAX_TESTS] =
-    { 12, 12, 12, 12, 8, 60 };
-
-static const int iv_index_test_data[MAX_TESTS] =
-    { 0, 0, 1, 1, 1, 2 };
-
-static const unsigned char iv_test_data[MAX_TESTS][64] =
-{
-    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00 },
-    { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
-      0xde, 0xca, 0xf8, 0x88 },
-    { 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
-      0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
-      0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
-      0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
-      0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
-      0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
-      0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
-      0xa6, 0x37, 0xb3, 0x9b },
-};
-
-static const size_t add_len_test_data[MAX_TESTS] =
-    { 0, 0, 0, 20, 20, 20 };
-
-static const int add_index_test_data[MAX_TESTS] =
-    { 0, 0, 0, 1, 1, 1 };
-
-static const unsigned char additional_test_data[MAX_TESTS][64] =
-{
-    { 0x00 },
-    { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
-      0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
-      0xab, 0xad, 0xda, 0xd2 },
-};
-
-static const size_t pt_len_test_data[MAX_TESTS] =
-    { 0, 16, 64, 60, 60, 60 };
-
-static const int pt_index_test_data[MAX_TESTS] =
-    { 0, 0, 1, 1, 1, 1 };
-
-static const unsigned char pt_test_data[MAX_TESTS][64] =
-{
-    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-    { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
-      0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
-      0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
-      0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
-      0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
-      0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
-      0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
-      0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 },
-};
-
-static const unsigned char ct_test_data[MAX_TESTS * 3][64] =
-{
-    { 0x00 },
-    { 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92,
-      0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78 },
-    { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
-      0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
-      0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
-      0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
-      0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
-      0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
-      0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
-      0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85 },
-    { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
-      0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
-      0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
-      0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
-      0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
-      0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
-      0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
-      0x3d, 0x58, 0xe0, 0x91 },
-    { 0x61, 0x35, 0x3b, 0x4c, 0x28, 0x06, 0x93, 0x4a,
-      0x77, 0x7f, 0xf5, 0x1f, 0xa2, 0x2a, 0x47, 0x55,
-      0x69, 0x9b, 0x2a, 0x71, 0x4f, 0xcd, 0xc6, 0xf8,
-      0x37, 0x66, 0xe5, 0xf9, 0x7b, 0x6c, 0x74, 0x23,
-      0x73, 0x80, 0x69, 0x00, 0xe4, 0x9f, 0x24, 0xb2,
-      0x2b, 0x09, 0x75, 0x44, 0xd4, 0x89, 0x6b, 0x42,
-      0x49, 0x89, 0xb5, 0xe1, 0xeb, 0xac, 0x0f, 0x07,
-      0xc2, 0x3f, 0x45, 0x98 },
-    { 0x8c, 0xe2, 0x49, 0x98, 0x62, 0x56, 0x15, 0xb6,
-      0x03, 0xa0, 0x33, 0xac, 0xa1, 0x3f, 0xb8, 0x94,
-      0xbe, 0x91, 0x12, 0xa5, 0xc3, 0xa2, 0x11, 0xa8,
-      0xba, 0x26, 0x2a, 0x3c, 0xca, 0x7e, 0x2c, 0xa7,
-      0x01, 0xe4, 0xa9, 0xa4, 0xfb, 0xa4, 0x3c, 0x90,
-      0xcc, 0xdc, 0xb2, 0x81, 0xd4, 0x8c, 0x7c, 0x6f,
-      0xd6, 0x28, 0x75, 0xd2, 0xac, 0xa4, 0x17, 0x03,
-      0x4c, 0x34, 0xae, 0xe5 },
-    { 0x00 },
-    { 0x98, 0xe7, 0x24, 0x7c, 0x07, 0xf0, 0xfe, 0x41,
-      0x1c, 0x26, 0x7e, 0x43, 0x84, 0xb0, 0xf6, 0x00 },
-    { 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
-      0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
-      0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
-      0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
-      0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
-      0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
-      0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
-      0xcc, 0xda, 0x27, 0x10, 0xac, 0xad, 0xe2, 0x56 },
-    { 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
-      0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
-      0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
-      0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
-      0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
-      0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
-      0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
-      0xcc, 0xda, 0x27, 0x10 },
-    { 0x0f, 0x10, 0xf5, 0x99, 0xae, 0x14, 0xa1, 0x54,
-      0xed, 0x24, 0xb3, 0x6e, 0x25, 0x32, 0x4d, 0xb8,
-      0xc5, 0x66, 0x63, 0x2e, 0xf2, 0xbb, 0xb3, 0x4f,
-      0x83, 0x47, 0x28, 0x0f, 0xc4, 0x50, 0x70, 0x57,
-      0xfd, 0xdc, 0x29, 0xdf, 0x9a, 0x47, 0x1f, 0x75,
-      0xc6, 0x65, 0x41, 0xd4, 0xd4, 0xda, 0xd1, 0xc9,
-      0xe9, 0x3a, 0x19, 0xa5, 0x8e, 0x8b, 0x47, 0x3f,
-      0xa0, 0xf0, 0x62, 0xf7 },
-    { 0xd2, 0x7e, 0x88, 0x68, 0x1c, 0xe3, 0x24, 0x3c,
-      0x48, 0x30, 0x16, 0x5a, 0x8f, 0xdc, 0xf9, 0xff,
-      0x1d, 0xe9, 0xa1, 0xd8, 0xe6, 0xb4, 0x47, 0xef,
-      0x6e, 0xf7, 0xb7, 0x98, 0x28, 0x66, 0x6e, 0x45,
-      0x81, 0xe7, 0x90, 0x12, 0xaf, 0x34, 0xdd, 0xd9,
-      0xe2, 0xf0, 0x37, 0x58, 0x9b, 0x29, 0x2d, 0xb3,
-      0xe6, 0x7c, 0x03, 0x67, 0x45, 0xfa, 0x22, 0xe7,
-      0xe9, 0xb7, 0x37, 0x3b },
-    { 0x00 },
-    { 0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e,
-      0x07, 0x4e, 0xc5, 0xd3, 0xba, 0xf3, 0x9d, 0x18 },
-    { 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
-      0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
-      0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
-      0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
-      0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
-      0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
-      0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
-      0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad },
-    { 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
-      0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
-      0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
-      0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
-      0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
-      0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
-      0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
-      0xbc, 0xc9, 0xf6, 0x62 },
-    { 0xc3, 0x76, 0x2d, 0xf1, 0xca, 0x78, 0x7d, 0x32,
-      0xae, 0x47, 0xc1, 0x3b, 0xf1, 0x98, 0x44, 0xcb,
-      0xaf, 0x1a, 0xe1, 0x4d, 0x0b, 0x97, 0x6a, 0xfa,
-      0xc5, 0x2f, 0xf7, 0xd7, 0x9b, 0xba, 0x9d, 0xe0,
-      0xfe, 0xb5, 0x82, 0xd3, 0x39, 0x34, 0xa4, 0xf0,
-      0x95, 0x4c, 0xc2, 0x36, 0x3b, 0xc7, 0x3f, 0x78,
-      0x62, 0xac, 0x43, 0x0e, 0x64, 0xab, 0xe4, 0x99,
-      0xf4, 0x7c, 0x9b, 0x1f },
-    { 0x5a, 0x8d, 0xef, 0x2f, 0x0c, 0x9e, 0x53, 0xf1,
-      0xf7, 0x5d, 0x78, 0x53, 0x65, 0x9e, 0x2a, 0x20,
-      0xee, 0xb2, 0xb2, 0x2a, 0xaf, 0xde, 0x64, 0x19,
-      0xa0, 0x58, 0xab, 0x4f, 0x6f, 0x74, 0x6b, 0xf4,
-      0x0f, 0xc0, 0xc3, 0xb7, 0x80, 0xf2, 0x44, 0x45,
-      0x2d, 0xa3, 0xeb, 0xf1, 0xc5, 0xd8, 0x2c, 0xde,
-      0xa2, 0x41, 0x89, 0x97, 0x20, 0x0e, 0xf8, 0x2e,
-      0x44, 0xae, 0x7e, 0x3f },
-};
-
-static const unsigned char tag_test_data[MAX_TESTS * 3][16] =
-{
-    { 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61,
-      0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a },
-    { 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd,
-      0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf },
-    { 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6,
-      0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4 },
-    { 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb,
-      0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47 },
-    { 0x36, 0x12, 0xd2, 0xe7, 0x9e, 0x3b, 0x07, 0x85,
-      0x56, 0x1b, 0xe1, 0x4a, 0xac, 0xa2, 0xfc, 0xcb },
-    { 0x61, 0x9c, 0xc5, 0xae, 0xff, 0xfe, 0x0b, 0xfa,
-      0x46, 0x2a, 0xf4, 0x3c, 0x16, 0x99, 0xd0, 0x50 },
-    { 0xcd, 0x33, 0xb2, 0x8a, 0xc7, 0x73, 0xf7, 0x4b,
-      0xa0, 0x0e, 0xd1, 0xf3, 0x12, 0x57, 0x24, 0x35 },
-    { 0x2f, 0xf5, 0x8d, 0x80, 0x03, 0x39, 0x27, 0xab,
-      0x8e, 0xf4, 0xd4, 0x58, 0x75, 0x14, 0xf0, 0xfb },
-    { 0x99, 0x24, 0xa7, 0xc8, 0x58, 0x73, 0x36, 0xbf,
-      0xb1, 0x18, 0x02, 0x4d, 0xb8, 0x67, 0x4a, 0x14 },
-    { 0x25, 0x19, 0x49, 0x8e, 0x80, 0xf1, 0x47, 0x8f,
-      0x37, 0xba, 0x55, 0xbd, 0x6d, 0x27, 0x61, 0x8c },
-    { 0x65, 0xdc, 0xc5, 0x7f, 0xcf, 0x62, 0x3a, 0x24,
-      0x09, 0x4f, 0xcc, 0xa4, 0x0d, 0x35, 0x33, 0xf8 },
-    { 0xdc, 0xf5, 0x66, 0xff, 0x29, 0x1c, 0x25, 0xbb,
-      0xb8, 0x56, 0x8f, 0xc3, 0xd3, 0x76, 0xa6, 0xd9 },
-    { 0x53, 0x0f, 0x8a, 0xfb, 0xc7, 0x45, 0x36, 0xb9,
-      0xa9, 0x63, 0xb4, 0xf1, 0xc4, 0xcb, 0x73, 0x8b },
-    { 0xd0, 0xd1, 0xc8, 0xa7, 0x99, 0x99, 0x6b, 0xf0,
-      0x26, 0x5b, 0x98, 0xb5, 0xd4, 0x8a, 0xb9, 0x19 },
-    { 0xb0, 0x94, 0xda, 0xc5, 0xd9, 0x34, 0x71, 0xbd,
-      0xec, 0x1a, 0x50, 0x22, 0x70, 0xe3, 0xcc, 0x6c },
-    { 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
-      0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b },
-    { 0x3a, 0x33, 0x7d, 0xbf, 0x46, 0xa7, 0x92, 0xc4,
-      0x5e, 0x45, 0x49, 0x13, 0xfe, 0x2e, 0xa8, 0xf2 },
-    { 0xa4, 0x4a, 0x82, 0x66, 0xee, 0x1c, 0x8e, 0xb0,
-      0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a },
-};
-
-int mbedtls_gcm_self_test( int verbose )
-{
-    mbedtls_gcm_context ctx;
-    unsigned char buf[64];
-    unsigned char tag_buf[16];
-    int i, j, ret;
-    mbedtls_cipher_id_t cipher = MBEDTLS_CIPHER_ID_AES;
-
-    for( j = 0; j < 3; j++ )
-    {
-        int key_len = 128 + 64 * j;
-
-        for( i = 0; i < MAX_TESTS; i++ )
-        {
-            mbedtls_gcm_init( &ctx );
-
-            if( verbose != 0 )
-                mbedtls_printf( "  AES-GCM-%3d #%d (%s): ",
-                                key_len, i, "enc" );
-
-            ret = mbedtls_gcm_setkey( &ctx, cipher,
-                                      key_test_data[key_index_test_data[i]],
-                                      key_len );
-            /*
-             * AES-192 is an optional feature that may be unavailable when
-             * there is an alternative underlying implementation i.e. when
-             * MBEDTLS_AES_ALT is defined.
-             */
-            if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && key_len == 192 )
-            {
-                mbedtls_printf( "skipped\n" );
-                break;
-            }
-            else if( ret != 0 )
-            {
-                goto exit;
-            }
-
-            ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT,
-                                pt_len_test_data[i],
-                                iv_test_data[iv_index_test_data[i]],
-                                iv_len_test_data[i],
-                                additional_test_data[add_index_test_data[i]],
-                                add_len_test_data[i],
-                                pt_test_data[pt_index_test_data[i]],
-                                buf, 16, tag_buf );
-            if( ret != 0 )
-                goto exit;
-
-            if ( memcmp( buf, ct_test_data[j * 6 + i],
-                         pt_len_test_data[i] ) != 0 ||
-                 memcmp( tag_buf, tag_test_data[j * 6 + i], 16 ) != 0 )
-            {
-                ret = 1;
-                goto exit;
-            }
-
-            mbedtls_gcm_free( &ctx );
-
-            if( verbose != 0 )
-                mbedtls_printf( "passed\n" );
-
-            mbedtls_gcm_init( &ctx );
-
-            if( verbose != 0 )
-                mbedtls_printf( "  AES-GCM-%3d #%d (%s): ",
-                                key_len, i, "dec" );
-
-            ret = mbedtls_gcm_setkey( &ctx, cipher,
-                                      key_test_data[key_index_test_data[i]],
-                                      key_len );
-            if( ret != 0 )
-                goto exit;
-
-            ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_DECRYPT,
-                                pt_len_test_data[i],
-                                iv_test_data[iv_index_test_data[i]],
-                                iv_len_test_data[i],
-                                additional_test_data[add_index_test_data[i]],
-                                add_len_test_data[i],
-                                ct_test_data[j * 6 + i], buf, 16, tag_buf );
-
-            if( ret != 0 )
-                goto exit;
-
-            if( memcmp( buf, pt_test_data[pt_index_test_data[i]],
-                        pt_len_test_data[i] ) != 0 ||
-                memcmp( tag_buf, tag_test_data[j * 6 + i], 16 ) != 0 )
-            {
-                ret = 1;
-                goto exit;
-            }
-
-            mbedtls_gcm_free( &ctx );
-
-            if( verbose != 0 )
-                mbedtls_printf( "passed\n" );
-
-            mbedtls_gcm_init( &ctx );
-
-            if( verbose != 0 )
-                mbedtls_printf( "  AES-GCM-%3d #%d split (%s): ",
-                                key_len, i, "enc" );
-
-            ret = mbedtls_gcm_setkey( &ctx, cipher,
-                                      key_test_data[key_index_test_data[i]],
-                                      key_len );
-            if( ret != 0 )
-                goto exit;
-
-            ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_ENCRYPT,
-                                  iv_test_data[iv_index_test_data[i]],
-                                  iv_len_test_data[i],
-                                  additional_test_data[add_index_test_data[i]],
-                                  add_len_test_data[i] );
-            if( ret != 0 )
-                goto exit;
-
-            if( pt_len_test_data[i] > 32 )
-            {
-                size_t rest_len = pt_len_test_data[i] - 32;
-                ret = mbedtls_gcm_update( &ctx, 32,
-                                          pt_test_data[pt_index_test_data[i]],
-                                          buf );
-                if( ret != 0 )
-                    goto exit;
-
-                ret = mbedtls_gcm_update( &ctx, rest_len,
-                                      pt_test_data[pt_index_test_data[i]] + 32,
-                                      buf + 32 );
-                if( ret != 0 )
-                    goto exit;
-            }
-            else
-            {
-                ret = mbedtls_gcm_update( &ctx, pt_len_test_data[i],
-                                          pt_test_data[pt_index_test_data[i]],
-                                          buf );
-                if( ret != 0 )
-                    goto exit;
-            }
-
-            ret = mbedtls_gcm_finish( &ctx, tag_buf, 16 );
-            if( ret != 0 )
-                goto exit;
-
-            if( memcmp( buf, ct_test_data[j * 6 + i],
-                        pt_len_test_data[i] ) != 0 ||
-                memcmp( tag_buf, tag_test_data[j * 6 + i], 16 ) != 0 )
-            {
-                ret = 1;
-                goto exit;
-            }
-
-            mbedtls_gcm_free( &ctx );
-
-            if( verbose != 0 )
-                mbedtls_printf( "passed\n" );
-
-            mbedtls_gcm_init( &ctx );
-
-            if( verbose != 0 )
-                mbedtls_printf( "  AES-GCM-%3d #%d split (%s): ",
-                                key_len, i, "dec" );
-
-            ret = mbedtls_gcm_setkey( &ctx, cipher,
-                                      key_test_data[key_index_test_data[i]],
-                                      key_len );
-            if( ret != 0 )
-                goto exit;
-
-            ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_DECRYPT,
-                              iv_test_data[iv_index_test_data[i]],
-                              iv_len_test_data[i],
-                              additional_test_data[add_index_test_data[i]],
-                              add_len_test_data[i] );
-            if( ret != 0 )
-                goto exit;
-
-            if( pt_len_test_data[i] > 32 )
-            {
-                size_t rest_len = pt_len_test_data[i] - 32;
-                ret = mbedtls_gcm_update( &ctx, 32, ct_test_data[j * 6 + i],
-                                          buf );
-                if( ret != 0 )
-                    goto exit;
-
-                ret = mbedtls_gcm_update( &ctx, rest_len,
-                                          ct_test_data[j * 6 + i] + 32,
-                                          buf + 32 );
-                if( ret != 0 )
-                    goto exit;
-            }
-            else
-            {
-                ret = mbedtls_gcm_update( &ctx, pt_len_test_data[i],
-                                          ct_test_data[j * 6 + i],
-                                          buf );
-                if( ret != 0 )
-                    goto exit;
-            }
-
-            ret = mbedtls_gcm_finish( &ctx, tag_buf, 16 );
-            if( ret != 0 )
-                goto exit;
-
-            if( memcmp( buf, pt_test_data[pt_index_test_data[i]],
-                        pt_len_test_data[i] ) != 0 ||
-                memcmp( tag_buf, tag_test_data[j * 6 + i], 16 ) != 0 )
-            {
-                ret = 1;
-                goto exit;
-            }
-
-            mbedtls_gcm_free( &ctx );
-
-            if( verbose != 0 )
-                mbedtls_printf( "passed\n" );
-        }
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-    ret = 0;
-
-exit:
-    if( ret != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
-        mbedtls_gcm_free( &ctx );
-    }
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
-
-#endif /* MBEDTLS_GCM_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/hkdf.c b/3rdparty/mbedtls-2.25.0/library/hkdf.c
deleted file mode 100644
index 5013729..0000000
--- a/3rdparty/mbedtls-2.25.0/library/hkdf.c
+++ /dev/null
@@ -1,189 +0,0 @@
-/*
- *  HKDF implementation -- RFC 5869
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#include "common.h"
-
-#if defined(MBEDTLS_HKDF_C)
-
-#include <string.h>
-#include "mbedtls/hkdf.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt,
-                  size_t salt_len, const unsigned char *ikm, size_t ikm_len,
-                  const unsigned char *info, size_t info_len,
-                  unsigned char *okm, size_t okm_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char prk[MBEDTLS_MD_MAX_SIZE];
-
-    ret = mbedtls_hkdf_extract( md, salt, salt_len, ikm, ikm_len, prk );
-
-    if( ret == 0 )
-    {
-        ret = mbedtls_hkdf_expand( md, prk, mbedtls_md_get_size( md ),
-                                   info, info_len, okm, okm_len );
-    }
-
-    mbedtls_platform_zeroize( prk, sizeof( prk ) );
-
-    return( ret );
-}
-
-int mbedtls_hkdf_extract( const mbedtls_md_info_t *md,
-                          const unsigned char *salt, size_t salt_len,
-                          const unsigned char *ikm, size_t ikm_len,
-                          unsigned char *prk )
-{
-    unsigned char null_salt[MBEDTLS_MD_MAX_SIZE] = { '\0' };
-
-    if( salt == NULL )
-    {
-        size_t hash_len;
-
-        if( salt_len != 0 )
-        {
-            return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA;
-        }
-
-        hash_len = mbedtls_md_get_size( md );
-
-        if( hash_len == 0 )
-        {
-            return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA;
-        }
-
-        salt = null_salt;
-        salt_len = hash_len;
-    }
-
-    return( mbedtls_md_hmac( md, salt, salt_len, ikm, ikm_len, prk ) );
-}
-
-int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk,
-                         size_t prk_len, const unsigned char *info,
-                         size_t info_len, unsigned char *okm, size_t okm_len )
-{
-    size_t hash_len;
-    size_t where = 0;
-    size_t n;
-    size_t t_len = 0;
-    size_t i;
-    int ret = 0;
-    mbedtls_md_context_t ctx;
-    unsigned char t[MBEDTLS_MD_MAX_SIZE];
-
-    if( okm == NULL )
-    {
-        return( MBEDTLS_ERR_HKDF_BAD_INPUT_DATA );
-    }
-
-    hash_len = mbedtls_md_get_size( md );
-
-    if( prk_len < hash_len || hash_len == 0 )
-    {
-        return( MBEDTLS_ERR_HKDF_BAD_INPUT_DATA );
-    }
-
-    if( info == NULL )
-    {
-        info = (const unsigned char *) "";
-        info_len = 0;
-    }
-
-    n = okm_len / hash_len;
-
-    if( okm_len % hash_len != 0 )
-    {
-        n++;
-    }
-
-    /*
-     * Per RFC 5869 Section 2.3, okm_len must not exceed
-     * 255 times the hash length
-     */
-    if( n > 255 )
-    {
-        return( MBEDTLS_ERR_HKDF_BAD_INPUT_DATA );
-    }
-
-    mbedtls_md_init( &ctx );
-
-    if( ( ret = mbedtls_md_setup( &ctx, md, 1 ) ) != 0 )
-    {
-        goto exit;
-    }
-
-    memset( t, 0, hash_len );
-
-    /*
-     * Compute T = T(1) | T(2) | T(3) | ... | T(N)
-     * Where T(N) is defined in RFC 5869 Section 2.3
-     */
-    for( i = 1; i <= n; i++ )
-    {
-        size_t num_to_copy;
-        unsigned char c = i & 0xff;
-
-        ret = mbedtls_md_hmac_starts( &ctx, prk, prk_len );
-        if( ret != 0 )
-        {
-            goto exit;
-        }
-
-        ret = mbedtls_md_hmac_update( &ctx, t, t_len );
-        if( ret != 0 )
-        {
-            goto exit;
-        }
-
-        ret = mbedtls_md_hmac_update( &ctx, info, info_len );
-        if( ret != 0 )
-        {
-            goto exit;
-        }
-
-        /* The constant concatenated to the end of each T(n) is a single octet.
-         * */
-        ret = mbedtls_md_hmac_update( &ctx, &c, 1 );
-        if( ret != 0 )
-        {
-            goto exit;
-        }
-
-        ret = mbedtls_md_hmac_finish( &ctx, t );
-        if( ret != 0 )
-        {
-            goto exit;
-        }
-
-        num_to_copy = i != n ? hash_len : okm_len - where;
-        memcpy( okm + where, t, num_to_copy );
-        where += hash_len;
-        t_len = hash_len;
-    }
-
-exit:
-    mbedtls_md_free( &ctx );
-    mbedtls_platform_zeroize( t, sizeof( t ) );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_HKDF_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/hmac_drbg.c b/3rdparty/mbedtls-2.25.0/library/hmac_drbg.c
deleted file mode 100644
index 25a0225..0000000
--- a/3rdparty/mbedtls-2.25.0/library/hmac_drbg.c
+++ /dev/null
@@ -1,625 +0,0 @@
-/*
- *  HMAC_DRBG implementation (NIST SP 800-90)
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- *  The NIST SP 800-90A DRBGs are described in the following publication.
- *  http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf
- *  References below are based on rev. 1 (January 2012).
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_HMAC_DRBG_C)
-
-#include "mbedtls/hmac_drbg.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_FS_IO)
-#include <stdio.h>
-#endif
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_SELF_TEST */
-#endif /* MBEDTLS_PLATFORM_C */
-
-/*
- * HMAC_DRBG context initialization
- */
-void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx )
-{
-    memset( ctx, 0, sizeof( mbedtls_hmac_drbg_context ) );
-
-    ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL;
-
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_mutex_init( &ctx->mutex );
-#endif
-}
-
-/*
- * HMAC_DRBG update, using optional additional data (10.1.2.2)
- */
-int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx,
-                                  const unsigned char *additional,
-                                  size_t add_len )
-{
-    size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info );
-    unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1;
-    unsigned char sep[1];
-    unsigned char K[MBEDTLS_MD_MAX_SIZE];
-    int ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA;
-
-    for( sep[0] = 0; sep[0] < rounds; sep[0]++ )
-    {
-        /* Step 1 or 4 */
-        if( ( ret = mbedtls_md_hmac_reset( &ctx->md_ctx ) ) != 0 )
-            goto exit;
-        if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx,
-                                            ctx->V, md_len ) ) != 0 )
-            goto exit;
-        if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx,
-                                            sep, 1 ) ) != 0 )
-            goto exit;
-        if( rounds == 2 )
-        {
-            if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx,
-                                                additional, add_len ) ) != 0 )
-            goto exit;
-        }
-        if( ( ret = mbedtls_md_hmac_finish( &ctx->md_ctx, K ) ) != 0 )
-            goto exit;
-
-        /* Step 2 or 5 */
-        if( ( ret = mbedtls_md_hmac_starts( &ctx->md_ctx, K, md_len ) ) != 0 )
-            goto exit;
-        if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx,
-                                            ctx->V, md_len ) ) != 0 )
-            goto exit;
-        if( ( ret = mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V ) ) != 0 )
-            goto exit;
-    }
-
-exit:
-    mbedtls_platform_zeroize( K, sizeof( K ) );
-    return( ret );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx,
-                               const unsigned char *additional,
-                               size_t add_len )
-{
-    (void) mbedtls_hmac_drbg_update_ret( ctx, additional, add_len );
-}
-#endif /* MBEDTLS_DEPRECATED_REMOVED */
-
-/*
- * Simplified HMAC_DRBG initialisation (for use with deterministic ECDSA)
- */
-int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx,
-                        const mbedtls_md_info_t * md_info,
-                        const unsigned char *data, size_t data_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 )
-        return( ret );
-
-    /*
-     * Set initial working state.
-     * Use the V memory location, which is currently all 0, to initialize the
-     * MD context with an all-zero key. Then set V to its initial value.
-     */
-    if( ( ret = mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V,
-                                        mbedtls_md_get_size( md_info ) ) ) != 0 )
-        return( ret );
-    memset( ctx->V, 0x01, mbedtls_md_get_size( md_info ) );
-
-    if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, data, data_len ) ) != 0 )
-        return( ret );
-
-    return( 0 );
-}
-
-/*
- * Internal function used both for seeding and reseeding the DRBG.
- * Comments starting with arabic numbers refer to section 10.1.2.4
- * of SP800-90A, while roman numbers refer to section 9.2.
- */
-static int hmac_drbg_reseed_core( mbedtls_hmac_drbg_context *ctx,
-                                  const unsigned char *additional, size_t len,
-                                  int use_nonce )
-{
-    unsigned char seed[MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT];
-    size_t seedlen = 0;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    {
-        size_t total_entropy_len;
-
-        if( use_nonce == 0 )
-            total_entropy_len = ctx->entropy_len;
-        else
-            total_entropy_len = ctx->entropy_len * 3 / 2;
-
-        /* III. Check input length */
-        if( len > MBEDTLS_HMAC_DRBG_MAX_INPUT ||
-            total_entropy_len + len > MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT )
-        {
-            return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG );
-        }
-    }
-
-    memset( seed, 0, MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT );
-
-    /* IV. Gather entropy_len bytes of entropy for the seed */
-    if( ( ret = ctx->f_entropy( ctx->p_entropy,
-                                seed, ctx->entropy_len ) ) != 0 )
-    {
-        return( MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED );
-    }
-    seedlen += ctx->entropy_len;
-
-    /* For initial seeding, allow adding of nonce generated
-     * from the entropy source. See Sect 8.6.7 in SP800-90A. */
-    if( use_nonce )
-    {
-        /* Note: We don't merge the two calls to f_entropy() in order
-         *       to avoid requesting too much entropy from f_entropy()
-         *       at once. Specifically, if the underlying digest is not
-         *       SHA-1, 3 / 2 * entropy_len is at least 36 Bytes, which
-         *       is larger than the maximum of 32 Bytes that our own
-         *       entropy source implementation can emit in a single
-         *       call in configurations disabling SHA-512. */
-        if( ( ret = ctx->f_entropy( ctx->p_entropy,
-                                    seed + seedlen,
-                                    ctx->entropy_len / 2 ) ) != 0 )
-        {
-            return( MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED );
-        }
-
-        seedlen += ctx->entropy_len / 2;
-    }
-
-
-    /* 1. Concatenate entropy and additional data if any */
-    if( additional != NULL && len != 0 )
-    {
-        memcpy( seed + seedlen, additional, len );
-        seedlen += len;
-    }
-
-    /* 2. Update state */
-    if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, seed, seedlen ) ) != 0 )
-        goto exit;
-
-    /* 3. Reset reseed_counter */
-    ctx->reseed_counter = 1;
-
-exit:
-    /* 4. Done */
-    mbedtls_platform_zeroize( seed, seedlen );
-    return( ret );
-}
-
-/*
- * HMAC_DRBG reseeding: 10.1.2.4 + 9.2
- */
-int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx,
-                      const unsigned char *additional, size_t len )
-{
-    return( hmac_drbg_reseed_core( ctx, additional, len, 0 ) );
-}
-
-/*
- * HMAC_DRBG initialisation (10.1.2.3 + 9.1)
- *
- * The nonce is not passed as a separate parameter but extracted
- * from the entropy source as suggested in 8.6.7.
- */
-int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
-                    const mbedtls_md_info_t * md_info,
-                    int (*f_entropy)(void *, unsigned char *, size_t),
-                    void *p_entropy,
-                    const unsigned char *custom,
-                    size_t len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t md_size;
-
-    if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 )
-        return( ret );
-
-    md_size = mbedtls_md_get_size( md_info );
-
-    /*
-     * Set initial working state.
-     * Use the V memory location, which is currently all 0, to initialize the
-     * MD context with an all-zero key. Then set V to its initial value.
-     */
-    if( ( ret = mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, md_size ) ) != 0 )
-        return( ret );
-    memset( ctx->V, 0x01, md_size );
-
-    ctx->f_entropy = f_entropy;
-    ctx->p_entropy = p_entropy;
-
-    if( ctx->entropy_len == 0 )
-    {
-        /*
-         * See SP800-57 5.6.1 (p. 65-66) for the security strength provided by
-         * each hash function, then according to SP800-90A rev1 10.1 table 2,
-         * min_entropy_len (in bits) is security_strength.
-         *
-         * (This also matches the sizes used in the NIST test vectors.)
-         */
-        ctx->entropy_len = md_size <= 20 ? 16 : /* 160-bits hash -> 128 bits */
-                           md_size <= 28 ? 24 : /* 224-bits hash -> 192 bits */
-                           32;  /* better (256+) -> 256 bits */
-    }
-
-    if( ( ret = hmac_drbg_reseed_core( ctx, custom, len,
-                                       1 /* add nonce */ ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    return( 0 );
-}
-
-/*
- * Set prediction resistance
- */
-void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx,
-                                          int resistance )
-{
-    ctx->prediction_resistance = resistance;
-}
-
-/*
- * Set entropy length grabbed for seeding
- */
-void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, size_t len )
-{
-    ctx->entropy_len = len;
-}
-
-/*
- * Set reseed interval
- */
-void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, int interval )
-{
-    ctx->reseed_interval = interval;
-}
-
-/*
- * HMAC_DRBG random function with optional additional data:
- * 10.1.2.5 (arabic) + 9.3 (Roman)
- */
-int mbedtls_hmac_drbg_random_with_add( void *p_rng,
-                               unsigned char *output, size_t out_len,
-                               const unsigned char *additional, size_t add_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng;
-    size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info );
-    size_t left = out_len;
-    unsigned char *out = output;
-
-    /* II. Check request length */
-    if( out_len > MBEDTLS_HMAC_DRBG_MAX_REQUEST )
-        return( MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG );
-
-    /* III. Check input length */
-    if( add_len > MBEDTLS_HMAC_DRBG_MAX_INPUT )
-        return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG );
-
-    /* 1. (aka VII and IX) Check reseed counter and PR */
-    if( ctx->f_entropy != NULL && /* For no-reseeding instances */
-        ( ctx->prediction_resistance == MBEDTLS_HMAC_DRBG_PR_ON ||
-          ctx->reseed_counter > ctx->reseed_interval ) )
-    {
-        if( ( ret = mbedtls_hmac_drbg_reseed( ctx, additional, add_len ) ) != 0 )
-            return( ret );
-
-        add_len = 0; /* VII.4 */
-    }
-
-    /* 2. Use additional data if any */
-    if( additional != NULL && add_len != 0 )
-    {
-        if( ( ret = mbedtls_hmac_drbg_update_ret( ctx,
-                                                  additional, add_len ) ) != 0 )
-            goto exit;
-    }
-
-    /* 3, 4, 5. Generate bytes */
-    while( left != 0 )
-    {
-        size_t use_len = left > md_len ? md_len : left;
-
-        if( ( ret = mbedtls_md_hmac_reset( &ctx->md_ctx ) ) != 0 )
-            goto exit;
-        if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx,
-                                            ctx->V, md_len ) ) != 0 )
-            goto exit;
-        if( ( ret = mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V ) ) != 0 )
-            goto exit;
-
-        memcpy( out, ctx->V, use_len );
-        out += use_len;
-        left -= use_len;
-    }
-
-    /* 6. Update */
-    if( ( ret = mbedtls_hmac_drbg_update_ret( ctx,
-                                              additional, add_len ) ) != 0 )
-        goto exit;
-
-    /* 7. Update reseed counter */
-    ctx->reseed_counter++;
-
-exit:
-    /* 8. Done */
-    return( ret );
-}
-
-/*
- * HMAC_DRBG random function
- */
-int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng;
-
-#if defined(MBEDTLS_THREADING_C)
-    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
-        return( ret );
-#endif
-
-    ret = mbedtls_hmac_drbg_random_with_add( ctx, output, out_len, NULL, 0 );
-
-#if defined(MBEDTLS_THREADING_C)
-    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
-        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
-#endif
-
-    return( ret );
-}
-
-/*
- *  This function resets HMAC_DRBG context to the state immediately
- *  after initial call of mbedtls_hmac_drbg_init().
- */
-void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_mutex_free( &ctx->mutex );
-#endif
-    mbedtls_md_free( &ctx->md_ctx );
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_hmac_drbg_context ) );
-    ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL;
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_mutex_init( &ctx->mutex );
-#endif
-}
-
-#if defined(MBEDTLS_FS_IO)
-int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    FILE *f;
-    unsigned char buf[ MBEDTLS_HMAC_DRBG_MAX_INPUT ];
-
-    if( ( f = fopen( path, "wb" ) ) == NULL )
-        return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR );
-
-    if( ( ret = mbedtls_hmac_drbg_random( ctx, buf, sizeof( buf ) ) ) != 0 )
-        goto exit;
-
-    if( fwrite( buf, 1, sizeof( buf ), f ) != sizeof( buf ) )
-    {
-        ret = MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR;
-        goto exit;
-    }
-
-    ret = 0;
-
-exit:
-    fclose( f );
-    mbedtls_platform_zeroize( buf, sizeof( buf ) );
-
-    return( ret );
-}
-
-int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path )
-{
-    int ret = 0;
-    FILE *f = NULL;
-    size_t n;
-    unsigned char buf[ MBEDTLS_HMAC_DRBG_MAX_INPUT ];
-    unsigned char c;
-
-    if( ( f = fopen( path, "rb" ) ) == NULL )
-        return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR );
-
-    n = fread( buf, 1, sizeof( buf ), f );
-    if( fread( &c, 1, 1, f ) != 0 )
-    {
-        ret = MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG;
-        goto exit;
-    }
-    if( n == 0 || ferror( f ) )
-    {
-        ret = MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR;
-        goto exit;
-    }
-    fclose( f );
-    f = NULL;
-
-    ret = mbedtls_hmac_drbg_update_ret( ctx, buf, n );
-
-exit:
-    mbedtls_platform_zeroize( buf, sizeof( buf ) );
-    if( f != NULL )
-        fclose( f );
-    if( ret != 0 )
-        return( ret );
-    return( mbedtls_hmac_drbg_write_seed_file( ctx, path ) );
-}
-#endif /* MBEDTLS_FS_IO */
-
-
-#if defined(MBEDTLS_SELF_TEST)
-
-#if !defined(MBEDTLS_SHA1_C)
-/* Dummy checkup routine */
-int mbedtls_hmac_drbg_self_test( int verbose )
-{
-    (void) verbose;
-    return( 0 );
-}
-#else
-
-#define OUTPUT_LEN  80
-
-/* From a NIST PR=true test vector */
-static const unsigned char entropy_pr[] = {
-    0xa0, 0xc9, 0xab, 0x58, 0xf1, 0xe2, 0xe5, 0xa4, 0xde, 0x3e, 0xbd, 0x4f,
-    0xf7, 0x3e, 0x9c, 0x5b, 0x64, 0xef, 0xd8, 0xca, 0x02, 0x8c, 0xf8, 0x11,
-    0x48, 0xa5, 0x84, 0xfe, 0x69, 0xab, 0x5a, 0xee, 0x42, 0xaa, 0x4d, 0x42,
-    0x17, 0x60, 0x99, 0xd4, 0x5e, 0x13, 0x97, 0xdc, 0x40, 0x4d, 0x86, 0xa3,
-    0x7b, 0xf5, 0x59, 0x54, 0x75, 0x69, 0x51, 0xe4 };
-static const unsigned char result_pr[OUTPUT_LEN] = {
-    0x9a, 0x00, 0xa2, 0xd0, 0x0e, 0xd5, 0x9b, 0xfe, 0x31, 0xec, 0xb1, 0x39,
-    0x9b, 0x60, 0x81, 0x48, 0xd1, 0x96, 0x9d, 0x25, 0x0d, 0x3c, 0x1e, 0x94,
-    0x10, 0x10, 0x98, 0x12, 0x93, 0x25, 0xca, 0xb8, 0xfc, 0xcc, 0x2d, 0x54,
-    0x73, 0x19, 0x70, 0xc0, 0x10, 0x7a, 0xa4, 0x89, 0x25, 0x19, 0x95, 0x5e,
-    0x4b, 0xc6, 0x00, 0x1d, 0x7f, 0x4e, 0x6a, 0x2b, 0xf8, 0xa3, 0x01, 0xab,
-    0x46, 0x05, 0x5c, 0x09, 0xa6, 0x71, 0x88, 0xf1, 0xa7, 0x40, 0xee, 0xf3,
-    0xe1, 0x5c, 0x02, 0x9b, 0x44, 0xaf, 0x03, 0x44 };
-
-/* From a NIST PR=false test vector */
-static const unsigned char entropy_nopr[] = {
-    0x79, 0x34, 0x9b, 0xbf, 0x7c, 0xdd, 0xa5, 0x79, 0x95, 0x57, 0x86, 0x66,
-    0x21, 0xc9, 0x13, 0x83, 0x11, 0x46, 0x73, 0x3a, 0xbf, 0x8c, 0x35, 0xc8,
-    0xc7, 0x21, 0x5b, 0x5b, 0x96, 0xc4, 0x8e, 0x9b, 0x33, 0x8c, 0x74, 0xe3,
-    0xe9, 0x9d, 0xfe, 0xdf };
-static const unsigned char result_nopr[OUTPUT_LEN] = {
-    0xc6, 0xa1, 0x6a, 0xb8, 0xd4, 0x20, 0x70, 0x6f, 0x0f, 0x34, 0xab, 0x7f,
-    0xec, 0x5a, 0xdc, 0xa9, 0xd8, 0xca, 0x3a, 0x13, 0x3e, 0x15, 0x9c, 0xa6,
-    0xac, 0x43, 0xc6, 0xf8, 0xa2, 0xbe, 0x22, 0x83, 0x4a, 0x4c, 0x0a, 0x0a,
-    0xff, 0xb1, 0x0d, 0x71, 0x94, 0xf1, 0xc1, 0xa5, 0xcf, 0x73, 0x22, 0xec,
-    0x1a, 0xe0, 0x96, 0x4e, 0xd4, 0xbf, 0x12, 0x27, 0x46, 0xe0, 0x87, 0xfd,
-    0xb5, 0xb3, 0xe9, 0x1b, 0x34, 0x93, 0xd5, 0xbb, 0x98, 0xfa, 0xed, 0x49,
-    0xe8, 0x5f, 0x13, 0x0f, 0xc8, 0xa4, 0x59, 0xb7 };
-
-/* "Entropy" from buffer */
-static size_t test_offset;
-static int hmac_drbg_self_test_entropy( void *data,
-                                        unsigned char *buf, size_t len )
-{
-    const unsigned char *p = data;
-    memcpy( buf, p + test_offset, len );
-    test_offset += len;
-    return( 0 );
-}
-
-#define CHK( c )    if( (c) != 0 )                          \
-                    {                                       \
-                        if( verbose != 0 )                  \
-                            mbedtls_printf( "failed\n" );  \
-                        return( 1 );                        \
-                    }
-
-/*
- * Checkup routine for HMAC_DRBG with SHA-1
- */
-int mbedtls_hmac_drbg_self_test( int verbose )
-{
-    mbedtls_hmac_drbg_context ctx;
-    unsigned char buf[OUTPUT_LEN];
-    const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
-
-    mbedtls_hmac_drbg_init( &ctx );
-
-    /*
-     * PR = True
-     */
-    if( verbose != 0 )
-        mbedtls_printf( "  HMAC_DRBG (PR = True) : " );
-
-    test_offset = 0;
-    CHK( mbedtls_hmac_drbg_seed( &ctx, md_info,
-                         hmac_drbg_self_test_entropy, (void *) entropy_pr,
-                         NULL, 0 ) );
-    mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON );
-    CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
-    CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
-    CHK( memcmp( buf, result_pr, OUTPUT_LEN ) );
-    mbedtls_hmac_drbg_free( &ctx );
-
-    mbedtls_hmac_drbg_free( &ctx );
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-
-    /*
-     * PR = False
-     */
-    if( verbose != 0 )
-        mbedtls_printf( "  HMAC_DRBG (PR = False) : " );
-
-    mbedtls_hmac_drbg_init( &ctx );
-
-    test_offset = 0;
-    CHK( mbedtls_hmac_drbg_seed( &ctx, md_info,
-                         hmac_drbg_self_test_entropy, (void *) entropy_nopr,
-                         NULL, 0 ) );
-    CHK( mbedtls_hmac_drbg_reseed( &ctx, NULL, 0 ) );
-    CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
-    CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
-    CHK( memcmp( buf, result_nopr, OUTPUT_LEN ) );
-    mbedtls_hmac_drbg_free( &ctx );
-
-    mbedtls_hmac_drbg_free( &ctx );
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SHA1_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_HMAC_DRBG_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/md.c b/3rdparty/mbedtls-2.25.0/library/md.c
deleted file mode 100644
index de77b16..0000000
--- a/3rdparty/mbedtls-2.25.0/library/md.c
+++ /dev/null
@@ -1,890 +0,0 @@
-/**
- * \file mbedtls_md.c
- *
- * \brief Generic message digest wrapper for mbed TLS
- *
- * \author Adriaan de Jong <dejong@fox-it.com>
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_MD_C)
-
-#include "mbedtls/md.h"
-#include "mbedtls/md_internal.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
-#include "mbedtls/md5.h"
-#include "mbedtls/ripemd160.h"
-#include "mbedtls/sha1.h"
-#include "mbedtls/sha256.h"
-#include "mbedtls/sha512.h"
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc    calloc
-#define mbedtls_free       free
-#endif
-
-#include <string.h>
-
-#if defined(MBEDTLS_FS_IO)
-#include <stdio.h>
-#endif
-
-#if defined(MBEDTLS_MD2_C)
-const mbedtls_md_info_t mbedtls_md2_info = {
-    "MD2",
-    MBEDTLS_MD_MD2,
-    16,
-    16,
-};
-#endif
-
-#if defined(MBEDTLS_MD4_C)
-const mbedtls_md_info_t mbedtls_md4_info = {
-    "MD4",
-    MBEDTLS_MD_MD4,
-    16,
-    64,
-};
-#endif
-
-#if defined(MBEDTLS_MD5_C)
-const mbedtls_md_info_t mbedtls_md5_info = {
-    "MD5",
-    MBEDTLS_MD_MD5,
-    16,
-    64,
-};
-#endif
-
-#if defined(MBEDTLS_RIPEMD160_C)
-const mbedtls_md_info_t mbedtls_ripemd160_info = {
-    "RIPEMD160",
-    MBEDTLS_MD_RIPEMD160,
-    20,
-    64,
-};
-#endif
-
-#if defined(MBEDTLS_SHA1_C)
-const mbedtls_md_info_t mbedtls_sha1_info = {
-    "SHA1",
-    MBEDTLS_MD_SHA1,
-    20,
-    64,
-};
-#endif
-
-#if defined(MBEDTLS_SHA256_C)
-const mbedtls_md_info_t mbedtls_sha224_info = {
-    "SHA224",
-    MBEDTLS_MD_SHA224,
-    28,
-    64,
-};
-
-const mbedtls_md_info_t mbedtls_sha256_info = {
-    "SHA256",
-    MBEDTLS_MD_SHA256,
-    32,
-    64,
-};
-#endif
-
-#if defined(MBEDTLS_SHA512_C)
-#if !defined(MBEDTLS_SHA512_NO_SHA384)
-const mbedtls_md_info_t mbedtls_sha384_info = {
-    "SHA384",
-    MBEDTLS_MD_SHA384,
-    48,
-    128,
-};
-#endif
-
-const mbedtls_md_info_t mbedtls_sha512_info = {
-    "SHA512",
-    MBEDTLS_MD_SHA512,
-    64,
-    128,
-};
-#endif
-
-/*
- * Reminder: update profiles in x509_crt.c when adding a new hash!
- */
-static const int supported_digests[] = {
-
-#if defined(MBEDTLS_SHA512_C)
-        MBEDTLS_MD_SHA512,
-#if !defined(MBEDTLS_SHA512_NO_SHA384)
-        MBEDTLS_MD_SHA384,
-#endif
-#endif
-
-#if defined(MBEDTLS_SHA256_C)
-        MBEDTLS_MD_SHA256,
-        MBEDTLS_MD_SHA224,
-#endif
-
-#if defined(MBEDTLS_SHA1_C)
-        MBEDTLS_MD_SHA1,
-#endif
-
-#if defined(MBEDTLS_RIPEMD160_C)
-        MBEDTLS_MD_RIPEMD160,
-#endif
-
-#if defined(MBEDTLS_MD5_C)
-        MBEDTLS_MD_MD5,
-#endif
-
-#if defined(MBEDTLS_MD4_C)
-        MBEDTLS_MD_MD4,
-#endif
-
-#if defined(MBEDTLS_MD2_C)
-        MBEDTLS_MD_MD2,
-#endif
-
-        MBEDTLS_MD_NONE
-};
-
-const int *mbedtls_md_list( void )
-{
-    return( supported_digests );
-}
-
-const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name )
-{
-    if( NULL == md_name )
-        return( NULL );
-
-    /* Get the appropriate digest information */
-#if defined(MBEDTLS_MD2_C)
-    if( !strcmp( "MD2", md_name ) )
-        return mbedtls_md_info_from_type( MBEDTLS_MD_MD2 );
-#endif
-#if defined(MBEDTLS_MD4_C)
-    if( !strcmp( "MD4", md_name ) )
-        return mbedtls_md_info_from_type( MBEDTLS_MD_MD4 );
-#endif
-#if defined(MBEDTLS_MD5_C)
-    if( !strcmp( "MD5", md_name ) )
-        return mbedtls_md_info_from_type( MBEDTLS_MD_MD5 );
-#endif
-#if defined(MBEDTLS_RIPEMD160_C)
-    if( !strcmp( "RIPEMD160", md_name ) )
-        return mbedtls_md_info_from_type( MBEDTLS_MD_RIPEMD160 );
-#endif
-#if defined(MBEDTLS_SHA1_C)
-    if( !strcmp( "SHA1", md_name ) || !strcmp( "SHA", md_name ) )
-        return mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
-#endif
-#if defined(MBEDTLS_SHA256_C)
-    if( !strcmp( "SHA224", md_name ) )
-        return mbedtls_md_info_from_type( MBEDTLS_MD_SHA224 );
-    if( !strcmp( "SHA256", md_name ) )
-        return mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 );
-#endif
-#if defined(MBEDTLS_SHA512_C)
-#if !defined(MBEDTLS_SHA512_NO_SHA384)
-    if( !strcmp( "SHA384", md_name ) )
-        return mbedtls_md_info_from_type( MBEDTLS_MD_SHA384 );
-#endif
-    if( !strcmp( "SHA512", md_name ) )
-        return mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 );
-#endif
-    return( NULL );
-}
-
-const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type )
-{
-    switch( md_type )
-    {
-#if defined(MBEDTLS_MD2_C)
-        case MBEDTLS_MD_MD2:
-            return( &mbedtls_md2_info );
-#endif
-#if defined(MBEDTLS_MD4_C)
-        case MBEDTLS_MD_MD4:
-            return( &mbedtls_md4_info );
-#endif
-#if defined(MBEDTLS_MD5_C)
-        case MBEDTLS_MD_MD5:
-            return( &mbedtls_md5_info );
-#endif
-#if defined(MBEDTLS_RIPEMD160_C)
-        case MBEDTLS_MD_RIPEMD160:
-            return( &mbedtls_ripemd160_info );
-#endif
-#if defined(MBEDTLS_SHA1_C)
-        case MBEDTLS_MD_SHA1:
-            return( &mbedtls_sha1_info );
-#endif
-#if defined(MBEDTLS_SHA256_C)
-        case MBEDTLS_MD_SHA224:
-            return( &mbedtls_sha224_info );
-        case MBEDTLS_MD_SHA256:
-            return( &mbedtls_sha256_info );
-#endif
-#if defined(MBEDTLS_SHA512_C)
-#if !defined(MBEDTLS_SHA512_NO_SHA384)
-        case MBEDTLS_MD_SHA384:
-            return( &mbedtls_sha384_info );
-#endif
-        case MBEDTLS_MD_SHA512:
-            return( &mbedtls_sha512_info );
-#endif
-        default:
-            return( NULL );
-    }
-}
-
-void mbedtls_md_init( mbedtls_md_context_t *ctx )
-{
-    memset( ctx, 0, sizeof( mbedtls_md_context_t ) );
-}
-
-void mbedtls_md_free( mbedtls_md_context_t *ctx )
-{
-    if( ctx == NULL || ctx->md_info == NULL )
-        return;
-
-    if( ctx->md_ctx != NULL )
-    {
-        switch( ctx->md_info->type )
-        {
-#if defined(MBEDTLS_MD2_C)
-            case MBEDTLS_MD_MD2:
-                mbedtls_md2_free( ctx->md_ctx );
-                break;
-#endif
-#if defined(MBEDTLS_MD4_C)
-            case MBEDTLS_MD_MD4:
-                mbedtls_md4_free( ctx->md_ctx );
-                break;
-#endif
-#if defined(MBEDTLS_MD5_C)
-            case MBEDTLS_MD_MD5:
-                mbedtls_md5_free( ctx->md_ctx );
-                break;
-#endif
-#if defined(MBEDTLS_RIPEMD160_C)
-            case MBEDTLS_MD_RIPEMD160:
-                mbedtls_ripemd160_free( ctx->md_ctx );
-                break;
-#endif
-#if defined(MBEDTLS_SHA1_C)
-            case MBEDTLS_MD_SHA1:
-                mbedtls_sha1_free( ctx->md_ctx );
-                break;
-#endif
-#if defined(MBEDTLS_SHA256_C)
-            case MBEDTLS_MD_SHA224:
-            case MBEDTLS_MD_SHA256:
-                mbedtls_sha256_free( ctx->md_ctx );
-                break;
-#endif
-#if defined(MBEDTLS_SHA512_C)
-#if !defined(MBEDTLS_SHA512_NO_SHA384)
-            case MBEDTLS_MD_SHA384:
-#endif
-            case MBEDTLS_MD_SHA512:
-                mbedtls_sha512_free( ctx->md_ctx );
-                break;
-#endif
-            default:
-                /* Shouldn't happen */
-                break;
-        }
-        mbedtls_free( ctx->md_ctx );
-    }
-
-    if( ctx->hmac_ctx != NULL )
-    {
-        mbedtls_platform_zeroize( ctx->hmac_ctx,
-                                  2 * ctx->md_info->block_size );
-        mbedtls_free( ctx->hmac_ctx );
-    }
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md_context_t ) );
-}
-
-int mbedtls_md_clone( mbedtls_md_context_t *dst,
-                      const mbedtls_md_context_t *src )
-{
-    if( dst == NULL || dst->md_info == NULL ||
-        src == NULL || src->md_info == NULL ||
-        dst->md_info != src->md_info )
-    {
-        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-    }
-
-    switch( src->md_info->type )
-    {
-#if defined(MBEDTLS_MD2_C)
-        case MBEDTLS_MD_MD2:
-            mbedtls_md2_clone( dst->md_ctx, src->md_ctx );
-            break;
-#endif
-#if defined(MBEDTLS_MD4_C)
-        case MBEDTLS_MD_MD4:
-            mbedtls_md4_clone( dst->md_ctx, src->md_ctx );
-            break;
-#endif
-#if defined(MBEDTLS_MD5_C)
-        case MBEDTLS_MD_MD5:
-            mbedtls_md5_clone( dst->md_ctx, src->md_ctx );
-            break;
-#endif
-#if defined(MBEDTLS_RIPEMD160_C)
-        case MBEDTLS_MD_RIPEMD160:
-            mbedtls_ripemd160_clone( dst->md_ctx, src->md_ctx );
-            break;
-#endif
-#if defined(MBEDTLS_SHA1_C)
-        case MBEDTLS_MD_SHA1:
-            mbedtls_sha1_clone( dst->md_ctx, src->md_ctx );
-            break;
-#endif
-#if defined(MBEDTLS_SHA256_C)
-        case MBEDTLS_MD_SHA224:
-        case MBEDTLS_MD_SHA256:
-            mbedtls_sha256_clone( dst->md_ctx, src->md_ctx );
-            break;
-#endif
-#if defined(MBEDTLS_SHA512_C)
-#if !defined(MBEDTLS_SHA512_NO_SHA384)
-        case MBEDTLS_MD_SHA384:
-#endif
-        case MBEDTLS_MD_SHA512:
-            mbedtls_sha512_clone( dst->md_ctx, src->md_ctx );
-            break;
-#endif
-        default:
-            return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-    }
-
-    return( 0 );
-}
-
-#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
-int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info )
-{
-    return mbedtls_md_setup( ctx, md_info, 1 );
-}
-#endif
-
-#define ALLOC( type )                                                   \
-    do {                                                                \
-        ctx->md_ctx = mbedtls_calloc( 1, sizeof( mbedtls_##type##_context ) ); \
-        if( ctx->md_ctx == NULL )                                       \
-            return( MBEDTLS_ERR_MD_ALLOC_FAILED );                      \
-        mbedtls_##type##_init( ctx->md_ctx );                           \
-    }                                                                   \
-    while( 0 )
-
-int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac )
-{
-    if( md_info == NULL || ctx == NULL )
-        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    ctx->md_info = md_info;
-    ctx->md_ctx = NULL;
-    ctx->hmac_ctx = NULL;
-
-    switch( md_info->type )
-    {
-#if defined(MBEDTLS_MD2_C)
-        case MBEDTLS_MD_MD2:
-            ALLOC( md2 );
-            break;
-#endif
-#if defined(MBEDTLS_MD4_C)
-        case MBEDTLS_MD_MD4:
-            ALLOC( md4 );
-            break;
-#endif
-#if defined(MBEDTLS_MD5_C)
-        case MBEDTLS_MD_MD5:
-            ALLOC( md5 );
-            break;
-#endif
-#if defined(MBEDTLS_RIPEMD160_C)
-        case MBEDTLS_MD_RIPEMD160:
-            ALLOC( ripemd160 );
-            break;
-#endif
-#if defined(MBEDTLS_SHA1_C)
-        case MBEDTLS_MD_SHA1:
-            ALLOC( sha1 );
-            break;
-#endif
-#if defined(MBEDTLS_SHA256_C)
-        case MBEDTLS_MD_SHA224:
-        case MBEDTLS_MD_SHA256:
-            ALLOC( sha256 );
-            break;
-#endif
-#if defined(MBEDTLS_SHA512_C)
-#if !defined(MBEDTLS_SHA512_NO_SHA384)
-        case MBEDTLS_MD_SHA384:
-#endif
-        case MBEDTLS_MD_SHA512:
-            ALLOC( sha512 );
-            break;
-#endif
-        default:
-            return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-    }
-
-    if( hmac != 0 )
-    {
-        ctx->hmac_ctx = mbedtls_calloc( 2, md_info->block_size );
-        if( ctx->hmac_ctx == NULL )
-        {
-            mbedtls_md_free( ctx );
-            return( MBEDTLS_ERR_MD_ALLOC_FAILED );
-        }
-    }
-
-    return( 0 );
-}
-#undef ALLOC
-
-int mbedtls_md_starts( mbedtls_md_context_t *ctx )
-{
-    if( ctx == NULL || ctx->md_info == NULL )
-        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    switch( ctx->md_info->type )
-    {
-#if defined(MBEDTLS_MD2_C)
-        case MBEDTLS_MD_MD2:
-            return( mbedtls_md2_starts_ret( ctx->md_ctx ) );
-#endif
-#if defined(MBEDTLS_MD4_C)
-        case MBEDTLS_MD_MD4:
-            return( mbedtls_md4_starts_ret( ctx->md_ctx ) );
-#endif
-#if defined(MBEDTLS_MD5_C)
-        case MBEDTLS_MD_MD5:
-            return( mbedtls_md5_starts_ret( ctx->md_ctx ) );
-#endif
-#if defined(MBEDTLS_RIPEMD160_C)
-        case MBEDTLS_MD_RIPEMD160:
-            return( mbedtls_ripemd160_starts_ret( ctx->md_ctx ) );
-#endif
-#if defined(MBEDTLS_SHA1_C)
-        case MBEDTLS_MD_SHA1:
-            return( mbedtls_sha1_starts_ret( ctx->md_ctx ) );
-#endif
-#if defined(MBEDTLS_SHA256_C)
-        case MBEDTLS_MD_SHA224:
-            return( mbedtls_sha256_starts_ret( ctx->md_ctx, 1 ) );
-        case MBEDTLS_MD_SHA256:
-            return( mbedtls_sha256_starts_ret( ctx->md_ctx, 0 ) );
-#endif
-#if defined(MBEDTLS_SHA512_C)
-#if !defined(MBEDTLS_SHA512_NO_SHA384)
-        case MBEDTLS_MD_SHA384:
-            return( mbedtls_sha512_starts_ret( ctx->md_ctx, 1 ) );
-#endif
-        case MBEDTLS_MD_SHA512:
-            return( mbedtls_sha512_starts_ret( ctx->md_ctx, 0 ) );
-#endif
-        default:
-            return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-    }
-}
-
-int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
-{
-    if( ctx == NULL || ctx->md_info == NULL )
-        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    switch( ctx->md_info->type )
-    {
-#if defined(MBEDTLS_MD2_C)
-        case MBEDTLS_MD_MD2:
-            return( mbedtls_md2_update_ret( ctx->md_ctx, input, ilen ) );
-#endif
-#if defined(MBEDTLS_MD4_C)
-        case MBEDTLS_MD_MD4:
-            return( mbedtls_md4_update_ret( ctx->md_ctx, input, ilen ) );
-#endif
-#if defined(MBEDTLS_MD5_C)
-        case MBEDTLS_MD_MD5:
-            return( mbedtls_md5_update_ret( ctx->md_ctx, input, ilen ) );
-#endif
-#if defined(MBEDTLS_RIPEMD160_C)
-        case MBEDTLS_MD_RIPEMD160:
-            return( mbedtls_ripemd160_update_ret( ctx->md_ctx, input, ilen ) );
-#endif
-#if defined(MBEDTLS_SHA1_C)
-        case MBEDTLS_MD_SHA1:
-            return( mbedtls_sha1_update_ret( ctx->md_ctx, input, ilen ) );
-#endif
-#if defined(MBEDTLS_SHA256_C)
-        case MBEDTLS_MD_SHA224:
-        case MBEDTLS_MD_SHA256:
-            return( mbedtls_sha256_update_ret( ctx->md_ctx, input, ilen ) );
-#endif
-#if defined(MBEDTLS_SHA512_C)
-#if !defined(MBEDTLS_SHA512_NO_SHA384)
-        case MBEDTLS_MD_SHA384:
-#endif
-        case MBEDTLS_MD_SHA512:
-            return( mbedtls_sha512_update_ret( ctx->md_ctx, input, ilen ) );
-#endif
-        default:
-            return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-    }
-}
-
-int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output )
-{
-    if( ctx == NULL || ctx->md_info == NULL )
-        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    switch( ctx->md_info->type )
-    {
-#if defined(MBEDTLS_MD2_C)
-        case MBEDTLS_MD_MD2:
-            return( mbedtls_md2_finish_ret( ctx->md_ctx, output ) );
-#endif
-#if defined(MBEDTLS_MD4_C)
-        case MBEDTLS_MD_MD4:
-            return( mbedtls_md4_finish_ret( ctx->md_ctx, output ) );
-#endif
-#if defined(MBEDTLS_MD5_C)
-        case MBEDTLS_MD_MD5:
-            return( mbedtls_md5_finish_ret( ctx->md_ctx, output ) );
-#endif
-#if defined(MBEDTLS_RIPEMD160_C)
-        case MBEDTLS_MD_RIPEMD160:
-            return( mbedtls_ripemd160_finish_ret( ctx->md_ctx, output ) );
-#endif
-#if defined(MBEDTLS_SHA1_C)
-        case MBEDTLS_MD_SHA1:
-            return( mbedtls_sha1_finish_ret( ctx->md_ctx, output ) );
-#endif
-#if defined(MBEDTLS_SHA256_C)
-        case MBEDTLS_MD_SHA224:
-        case MBEDTLS_MD_SHA256:
-            return( mbedtls_sha256_finish_ret( ctx->md_ctx, output ) );
-#endif
-#if defined(MBEDTLS_SHA512_C)
-#if !defined(MBEDTLS_SHA512_NO_SHA384)
-        case MBEDTLS_MD_SHA384:
-#endif
-        case MBEDTLS_MD_SHA512:
-            return( mbedtls_sha512_finish_ret( ctx->md_ctx, output ) );
-#endif
-        default:
-            return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-    }
-}
-
-int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
-            unsigned char *output )
-{
-    if( md_info == NULL )
-        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    switch( md_info->type )
-    {
-#if defined(MBEDTLS_MD2_C)
-        case MBEDTLS_MD_MD2:
-            return( mbedtls_md2_ret( input, ilen, output ) );
-#endif
-#if defined(MBEDTLS_MD4_C)
-        case MBEDTLS_MD_MD4:
-            return( mbedtls_md4_ret( input, ilen, output ) );
-#endif
-#if defined(MBEDTLS_MD5_C)
-        case MBEDTLS_MD_MD5:
-            return( mbedtls_md5_ret( input, ilen, output ) );
-#endif
-#if defined(MBEDTLS_RIPEMD160_C)
-        case MBEDTLS_MD_RIPEMD160:
-            return( mbedtls_ripemd160_ret( input, ilen, output ) );
-#endif
-#if defined(MBEDTLS_SHA1_C)
-        case MBEDTLS_MD_SHA1:
-            return( mbedtls_sha1_ret( input, ilen, output ) );
-#endif
-#if defined(MBEDTLS_SHA256_C)
-        case MBEDTLS_MD_SHA224:
-            return( mbedtls_sha256_ret( input, ilen, output, 1 ) );
-        case MBEDTLS_MD_SHA256:
-            return( mbedtls_sha256_ret( input, ilen, output, 0 ) );
-#endif
-#if defined(MBEDTLS_SHA512_C)
-#if !defined(MBEDTLS_SHA512_NO_SHA384)
-        case MBEDTLS_MD_SHA384:
-            return( mbedtls_sha512_ret( input, ilen, output, 1 ) );
-#endif
-        case MBEDTLS_MD_SHA512:
-            return( mbedtls_sha512_ret( input, ilen, output, 0 ) );
-#endif
-        default:
-            return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-    }
-}
-
-#if defined(MBEDTLS_FS_IO)
-int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigned char *output )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    FILE *f;
-    size_t n;
-    mbedtls_md_context_t ctx;
-    unsigned char buf[1024];
-
-    if( md_info == NULL )
-        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    if( ( f = fopen( path, "rb" ) ) == NULL )
-        return( MBEDTLS_ERR_MD_FILE_IO_ERROR );
-
-    mbedtls_md_init( &ctx );
-
-    if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 )
-        goto cleanup;
-
-    if( ( ret = mbedtls_md_starts( &ctx ) ) != 0 )
-        goto cleanup;
-
-    while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
-        if( ( ret = mbedtls_md_update( &ctx, buf, n ) ) != 0 )
-            goto cleanup;
-
-    if( ferror( f ) != 0 )
-        ret = MBEDTLS_ERR_MD_FILE_IO_ERROR;
-    else
-        ret = mbedtls_md_finish( &ctx, output );
-
-cleanup:
-    mbedtls_platform_zeroize( buf, sizeof( buf ) );
-    fclose( f );
-    mbedtls_md_free( &ctx );
-
-    return( ret );
-}
-#endif /* MBEDTLS_FS_IO */
-
-int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char sum[MBEDTLS_MD_MAX_SIZE];
-    unsigned char *ipad, *opad;
-    size_t i;
-
-    if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
-        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    if( keylen > (size_t) ctx->md_info->block_size )
-    {
-        if( ( ret = mbedtls_md_starts( ctx ) ) != 0 )
-            goto cleanup;
-        if( ( ret = mbedtls_md_update( ctx, key, keylen ) ) != 0 )
-            goto cleanup;
-        if( ( ret = mbedtls_md_finish( ctx, sum ) ) != 0 )
-            goto cleanup;
-
-        keylen = ctx->md_info->size;
-        key = sum;
-    }
-
-    ipad = (unsigned char *) ctx->hmac_ctx;
-    opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
-
-    memset( ipad, 0x36, ctx->md_info->block_size );
-    memset( opad, 0x5C, ctx->md_info->block_size );
-
-    for( i = 0; i < keylen; i++ )
-    {
-        ipad[i] = (unsigned char)( ipad[i] ^ key[i] );
-        opad[i] = (unsigned char)( opad[i] ^ key[i] );
-    }
-
-    if( ( ret = mbedtls_md_starts( ctx ) ) != 0 )
-        goto cleanup;
-    if( ( ret = mbedtls_md_update( ctx, ipad,
-                                   ctx->md_info->block_size ) ) != 0 )
-        goto cleanup;
-
-cleanup:
-    mbedtls_platform_zeroize( sum, sizeof( sum ) );
-
-    return( ret );
-}
-
-int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
-{
-    if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
-        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    return( mbedtls_md_update( ctx, input, ilen ) );
-}
-
-int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
-    unsigned char *opad;
-
-    if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
-        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
-
-    if( ( ret = mbedtls_md_finish( ctx, tmp ) ) != 0 )
-        return( ret );
-    if( ( ret = mbedtls_md_starts( ctx ) ) != 0 )
-        return( ret );
-    if( ( ret = mbedtls_md_update( ctx, opad,
-                                   ctx->md_info->block_size ) ) != 0 )
-        return( ret );
-    if( ( ret = mbedtls_md_update( ctx, tmp,
-                                   ctx->md_info->size ) ) != 0 )
-        return( ret );
-    return( mbedtls_md_finish( ctx, output ) );
-}
-
-int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *ipad;
-
-    if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
-        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    ipad = (unsigned char *) ctx->hmac_ctx;
-
-    if( ( ret = mbedtls_md_starts( ctx ) ) != 0 )
-        return( ret );
-    return( mbedtls_md_update( ctx, ipad, ctx->md_info->block_size ) );
-}
-
-int mbedtls_md_hmac( const mbedtls_md_info_t *md_info,
-                     const unsigned char *key, size_t keylen,
-                     const unsigned char *input, size_t ilen,
-                     unsigned char *output )
-{
-    mbedtls_md_context_t ctx;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( md_info == NULL )
-        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    mbedtls_md_init( &ctx );
-
-    if( ( ret = mbedtls_md_setup( &ctx, md_info, 1 ) ) != 0 )
-        goto cleanup;
-
-    if( ( ret = mbedtls_md_hmac_starts( &ctx, key, keylen ) ) != 0 )
-        goto cleanup;
-    if( ( ret = mbedtls_md_hmac_update( &ctx, input, ilen ) ) != 0 )
-        goto cleanup;
-    if( ( ret = mbedtls_md_hmac_finish( &ctx, output ) ) != 0 )
-        goto cleanup;
-
-cleanup:
-    mbedtls_md_free( &ctx );
-
-    return( ret );
-}
-
-int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data )
-{
-    if( ctx == NULL || ctx->md_info == NULL )
-        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    switch( ctx->md_info->type )
-    {
-#if defined(MBEDTLS_MD2_C)
-        case MBEDTLS_MD_MD2:
-            return( mbedtls_internal_md2_process( ctx->md_ctx ) );
-#endif
-#if defined(MBEDTLS_MD4_C)
-        case MBEDTLS_MD_MD4:
-            return( mbedtls_internal_md4_process( ctx->md_ctx, data ) );
-#endif
-#if defined(MBEDTLS_MD5_C)
-        case MBEDTLS_MD_MD5:
-            return( mbedtls_internal_md5_process( ctx->md_ctx, data ) );
-#endif
-#if defined(MBEDTLS_RIPEMD160_C)
-        case MBEDTLS_MD_RIPEMD160:
-            return( mbedtls_internal_ripemd160_process( ctx->md_ctx, data ) );
-#endif
-#if defined(MBEDTLS_SHA1_C)
-        case MBEDTLS_MD_SHA1:
-            return( mbedtls_internal_sha1_process( ctx->md_ctx, data ) );
-#endif
-#if defined(MBEDTLS_SHA256_C)
-        case MBEDTLS_MD_SHA224:
-        case MBEDTLS_MD_SHA256:
-            return( mbedtls_internal_sha256_process( ctx->md_ctx, data ) );
-#endif
-#if defined(MBEDTLS_SHA512_C)
-#if !defined(MBEDTLS_SHA512_NO_SHA384)
-        case MBEDTLS_MD_SHA384:
-#endif
-        case MBEDTLS_MD_SHA512:
-            return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) );
-#endif
-        default:
-            return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-    }
-}
-
-unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info )
-{
-    if( md_info == NULL )
-        return( 0 );
-
-    return md_info->size;
-}
-
-mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info )
-{
-    if( md_info == NULL )
-        return( MBEDTLS_MD_NONE );
-
-    return md_info->type;
-}
-
-const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info )
-{
-    if( md_info == NULL )
-        return( NULL );
-
-    return md_info->name;
-}
-
-#endif /* MBEDTLS_MD_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/md2.c b/3rdparty/mbedtls-2.25.0/library/md2.c
deleted file mode 100644
index 7264e30..0000000
--- a/3rdparty/mbedtls-2.25.0/library/md2.c
+++ /dev/null
@@ -1,360 +0,0 @@
-/*
- *  RFC 1115/1319 compliant MD2 implementation
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  The MD2 algorithm was designed by Ron Rivest in 1989.
- *
- *  http://www.ietf.org/rfc/rfc1115.txt
- *  http://www.ietf.org/rfc/rfc1319.txt
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_MD2_C)
-
-#include "mbedtls/md2.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_MD2_ALT)
-
-static const unsigned char PI_SUBST[256] =
-{
-    0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01, 0x3D, 0x36,
-    0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13, 0x62, 0xA7, 0x05, 0xF3,
-    0xC0, 0xC7, 0x73, 0x8C, 0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C,
-    0x82, 0xCA, 0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16,
-    0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12, 0xBE, 0x4E,
-    0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49, 0xA0, 0xFB, 0xF5, 0x8E,
-    0xBB, 0x2F, 0xEE, 0x7A, 0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2,
-    0x07, 0x3F, 0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21,
-    0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27, 0x35, 0x3E,
-    0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03, 0xFF, 0x19, 0x30, 0xB3,
-    0x48, 0xA5, 0xB5, 0xD1, 0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56,
-    0xAA, 0xC6, 0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6,
-    0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1, 0x45, 0x9D,
-    0x70, 0x59, 0x64, 0x71, 0x87, 0x20, 0x86, 0x5B, 0xCF, 0x65,
-    0xE6, 0x2D, 0xA8, 0x02, 0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0,
-    0xB9, 0xF6, 0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F,
-    0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A, 0xC3, 0x5C,
-    0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26, 0x2C, 0x53, 0x0D, 0x6E,
-    0x85, 0x28, 0x84, 0x09, 0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81,
-    0x4D, 0x52, 0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA,
-    0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A, 0x78, 0x88,
-    0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D, 0xE9, 0xCB, 0xD5, 0xFE,
-    0x3B, 0x00, 0x1D, 0x39, 0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58,
-    0xD0, 0xE4, 0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A,
-    0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A, 0xDB, 0x99,
-    0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14
-};
-
-void mbedtls_md2_init( mbedtls_md2_context *ctx )
-{
-    memset( ctx, 0, sizeof( mbedtls_md2_context ) );
-}
-
-void mbedtls_md2_free( mbedtls_md2_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md2_context ) );
-}
-
-void mbedtls_md2_clone( mbedtls_md2_context *dst,
-                        const mbedtls_md2_context *src )
-{
-    *dst = *src;
-}
-
-/*
- * MD2 context setup
- */
-int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx )
-{
-    memset( ctx->cksum, 0, 16 );
-    memset( ctx->state, 0, 46 );
-    memset( ctx->buffer, 0, 16 );
-    ctx->left = 0;
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_md2_starts( mbedtls_md2_context *ctx )
-{
-    mbedtls_md2_starts_ret( ctx );
-}
-#endif
-
-#if !defined(MBEDTLS_MD2_PROCESS_ALT)
-int mbedtls_internal_md2_process( mbedtls_md2_context *ctx )
-{
-    int i, j;
-    unsigned char t = 0;
-
-    for( i = 0; i < 16; i++ )
-    {
-        ctx->state[i + 16] = ctx->buffer[i];
-        ctx->state[i + 32] =
-            (unsigned char)( ctx->buffer[i] ^ ctx->state[i]);
-    }
-
-    for( i = 0; i < 18; i++ )
-    {
-        for( j = 0; j < 48; j++ )
-        {
-            ctx->state[j] = (unsigned char)
-               ( ctx->state[j] ^ PI_SUBST[t] );
-            t  = ctx->state[j];
-        }
-
-        t = (unsigned char)( t + i );
-    }
-
-    t = ctx->cksum[15];
-
-    for( i = 0; i < 16; i++ )
-    {
-        ctx->cksum[i] = (unsigned char)
-           ( ctx->cksum[i] ^ PI_SUBST[ctx->buffer[i] ^ t] );
-        t  = ctx->cksum[i];
-    }
-
-    /* Zeroise variables to clear sensitive data from memory. */
-    mbedtls_platform_zeroize( &t, sizeof( t ) );
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_md2_process( mbedtls_md2_context *ctx )
-{
-    mbedtls_internal_md2_process( ctx );
-}
-#endif
-#endif /* !MBEDTLS_MD2_PROCESS_ALT */
-
-/*
- * MD2 process buffer
- */
-int mbedtls_md2_update_ret( mbedtls_md2_context *ctx,
-                            const unsigned char *input,
-                            size_t ilen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t fill;
-
-    while( ilen > 0 )
-    {
-        if( ilen > 16 - ctx->left )
-            fill = 16 - ctx->left;
-        else
-            fill = ilen;
-
-        memcpy( ctx->buffer + ctx->left, input, fill );
-
-        ctx->left += fill;
-        input += fill;
-        ilen  -= fill;
-
-        if( ctx->left == 16 )
-        {
-            ctx->left = 0;
-            if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
-                return( ret );
-        }
-    }
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_md2_update( mbedtls_md2_context *ctx,
-                         const unsigned char *input,
-                         size_t ilen )
-{
-    mbedtls_md2_update_ret( ctx, input, ilen );
-}
-#endif
-
-/*
- * MD2 final digest
- */
-int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx,
-                            unsigned char output[16] )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t i;
-    unsigned char x;
-
-    x = (unsigned char)( 16 - ctx->left );
-
-    for( i = ctx->left; i < 16; i++ )
-        ctx->buffer[i] = x;
-
-    if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
-        return( ret );
-
-    memcpy( ctx->buffer, ctx->cksum, 16 );
-    if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
-        return( ret );
-
-    memcpy( output, ctx->state, 16 );
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_md2_finish( mbedtls_md2_context *ctx,
-                         unsigned char output[16] )
-{
-    mbedtls_md2_finish_ret( ctx, output );
-}
-#endif
-
-#endif /* !MBEDTLS_MD2_ALT */
-
-/*
- * output = MD2( input buffer )
- */
-int mbedtls_md2_ret( const unsigned char *input,
-                     size_t ilen,
-                     unsigned char output[16] )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_md2_context ctx;
-
-    mbedtls_md2_init( &ctx );
-
-    if( ( ret = mbedtls_md2_starts_ret( &ctx ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_md2_update_ret( &ctx, input, ilen ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_md2_finish_ret( &ctx, output ) ) != 0 )
-        goto exit;
-
-exit:
-    mbedtls_md2_free( &ctx );
-
-    return( ret );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_md2( const unsigned char *input,
-                  size_t ilen,
-                  unsigned char output[16] )
-{
-    mbedtls_md2_ret( input, ilen, output );
-}
-#endif
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/*
- * RFC 1319 test vectors
- */
-static const unsigned char md2_test_str[7][81] =
-{
-    { "" },
-    { "a" },
-    { "abc" },
-    { "message digest" },
-    { "abcdefghijklmnopqrstuvwxyz" },
-    { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
-    { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" }
-};
-
-static const size_t md2_test_strlen[7] =
-{
-    0, 1, 3, 14, 26, 62, 80
-};
-
-static const unsigned char md2_test_sum[7][16] =
-{
-    { 0x83, 0x50, 0xE5, 0xA3, 0xE2, 0x4C, 0x15, 0x3D,
-      0xF2, 0x27, 0x5C, 0x9F, 0x80, 0x69, 0x27, 0x73 },
-    { 0x32, 0xEC, 0x01, 0xEC, 0x4A, 0x6D, 0xAC, 0x72,
-      0xC0, 0xAB, 0x96, 0xFB, 0x34, 0xC0, 0xB5, 0xD1 },
-    { 0xDA, 0x85, 0x3B, 0x0D, 0x3F, 0x88, 0xD9, 0x9B,
-      0x30, 0x28, 0x3A, 0x69, 0xE6, 0xDE, 0xD6, 0xBB },
-    { 0xAB, 0x4F, 0x49, 0x6B, 0xFB, 0x2A, 0x53, 0x0B,
-      0x21, 0x9F, 0xF3, 0x30, 0x31, 0xFE, 0x06, 0xB0 },
-    { 0x4E, 0x8D, 0xDF, 0xF3, 0x65, 0x02, 0x92, 0xAB,
-      0x5A, 0x41, 0x08, 0xC3, 0xAA, 0x47, 0x94, 0x0B },
-    { 0xDA, 0x33, 0xDE, 0xF2, 0xA4, 0x2D, 0xF1, 0x39,
-      0x75, 0x35, 0x28, 0x46, 0xC3, 0x03, 0x38, 0xCD },
-    { 0xD5, 0x97, 0x6F, 0x79, 0xD8, 0x3D, 0x3A, 0x0D,
-      0xC9, 0x80, 0x6C, 0x3C, 0x66, 0xF3, 0xEF, 0xD8 }
-};
-
-/*
- * Checkup routine
- */
-int mbedtls_md2_self_test( int verbose )
-{
-    int i, ret = 0;
-    unsigned char md2sum[16];
-
-    for( i = 0; i < 7; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  MD2 test #%d: ", i + 1 );
-
-        ret = mbedtls_md2_ret( md2_test_str[i], md2_test_strlen[i], md2sum );
-        if( ret != 0 )
-            goto fail;
-
-        if( memcmp( md2sum, md2_test_sum[i], 16 ) != 0 )
-        {
-            ret = 1;
-            goto fail;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-    return( 0 );
-
-fail:
-    if( verbose != 0 )
-        mbedtls_printf( "failed\n" );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_MD2_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/md4.c b/3rdparty/mbedtls-2.25.0/library/md4.c
deleted file mode 100644
index 4fd6bc3..0000000
--- a/3rdparty/mbedtls-2.25.0/library/md4.c
+++ /dev/null
@@ -1,484 +0,0 @@
-/*
- *  RFC 1186/1320 compliant MD4 implementation
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  The MD4 algorithm was designed by Ron Rivest in 1990.
- *
- *  http://www.ietf.org/rfc/rfc1186.txt
- *  http://www.ietf.org/rfc/rfc1320.txt
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_MD4_C)
-
-#include "mbedtls/md4.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_MD4_ALT)
-
-/*
- * 32-bit integer manipulation macros (little endian)
- */
-#ifndef GET_UINT32_LE
-#define GET_UINT32_LE(n,b,i)                            \
-{                                                       \
-    (n) = ( (uint32_t) (b)[(i)    ]       )             \
-        | ( (uint32_t) (b)[(i) + 1] <<  8 )             \
-        | ( (uint32_t) (b)[(i) + 2] << 16 )             \
-        | ( (uint32_t) (b)[(i) + 3] << 24 );            \
-}
-#endif
-
-#ifndef PUT_UINT32_LE
-#define PUT_UINT32_LE(n,b,i)                                    \
-{                                                               \
-    (b)[(i)    ] = (unsigned char) ( ( (n)       ) & 0xFF );    \
-    (b)[(i) + 1] = (unsigned char) ( ( (n) >>  8 ) & 0xFF );    \
-    (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF );    \
-    (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF );    \
-}
-#endif
-
-void mbedtls_md4_init( mbedtls_md4_context *ctx )
-{
-    memset( ctx, 0, sizeof( mbedtls_md4_context ) );
-}
-
-void mbedtls_md4_free( mbedtls_md4_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md4_context ) );
-}
-
-void mbedtls_md4_clone( mbedtls_md4_context *dst,
-                        const mbedtls_md4_context *src )
-{
-    *dst = *src;
-}
-
-/*
- * MD4 context setup
- */
-int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx )
-{
-    ctx->total[0] = 0;
-    ctx->total[1] = 0;
-
-    ctx->state[0] = 0x67452301;
-    ctx->state[1] = 0xEFCDAB89;
-    ctx->state[2] = 0x98BADCFE;
-    ctx->state[3] = 0x10325476;
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_md4_starts( mbedtls_md4_context *ctx )
-{
-    mbedtls_md4_starts_ret( ctx );
-}
-#endif
-
-#if !defined(MBEDTLS_MD4_PROCESS_ALT)
-int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
-                                  const unsigned char data[64] )
-{
-    struct
-    {
-        uint32_t X[16], A, B, C, D;
-    } local;
-
-    GET_UINT32_LE( local.X[ 0], data,  0 );
-    GET_UINT32_LE( local.X[ 1], data,  4 );
-    GET_UINT32_LE( local.X[ 2], data,  8 );
-    GET_UINT32_LE( local.X[ 3], data, 12 );
-    GET_UINT32_LE( local.X[ 4], data, 16 );
-    GET_UINT32_LE( local.X[ 5], data, 20 );
-    GET_UINT32_LE( local.X[ 6], data, 24 );
-    GET_UINT32_LE( local.X[ 7], data, 28 );
-    GET_UINT32_LE( local.X[ 8], data, 32 );
-    GET_UINT32_LE( local.X[ 9], data, 36 );
-    GET_UINT32_LE( local.X[10], data, 40 );
-    GET_UINT32_LE( local.X[11], data, 44 );
-    GET_UINT32_LE( local.X[12], data, 48 );
-    GET_UINT32_LE( local.X[13], data, 52 );
-    GET_UINT32_LE( local.X[14], data, 56 );
-    GET_UINT32_LE( local.X[15], data, 60 );
-
-#define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n))))
-
-    local.A = ctx->state[0];
-    local.B = ctx->state[1];
-    local.C = ctx->state[2];
-    local.D = ctx->state[3];
-
-#define F(x, y, z) (((x) & (y)) | ((~(x)) & (z)))
-#define P(a,b,c,d,x,s)                           \
-    do                                           \
-    {                                            \
-        (a) += F((b),(c),(d)) + (x);             \
-        (a) = S((a),(s));                        \
-    } while( 0 )
-
-
-    P( local.A, local.B, local.C, local.D, local.X[ 0],  3 );
-    P( local.D, local.A, local.B, local.C, local.X[ 1],  7 );
-    P( local.C, local.D, local.A, local.B, local.X[ 2], 11 );
-    P( local.B, local.C, local.D, local.A, local.X[ 3], 19 );
-    P( local.A, local.B, local.C, local.D, local.X[ 4],  3 );
-    P( local.D, local.A, local.B, local.C, local.X[ 5],  7 );
-    P( local.C, local.D, local.A, local.B, local.X[ 6], 11 );
-    P( local.B, local.C, local.D, local.A, local.X[ 7], 19 );
-    P( local.A, local.B, local.C, local.D, local.X[ 8],  3 );
-    P( local.D, local.A, local.B, local.C, local.X[ 9],  7 );
-    P( local.C, local.D, local.A, local.B, local.X[10], 11 );
-    P( local.B, local.C, local.D, local.A, local.X[11], 19 );
-    P( local.A, local.B, local.C, local.D, local.X[12],  3 );
-    P( local.D, local.A, local.B, local.C, local.X[13],  7 );
-    P( local.C, local.D, local.A, local.B, local.X[14], 11 );
-    P( local.B, local.C, local.D, local.A, local.X[15], 19 );
-
-#undef P
-#undef F
-
-#define F(x,y,z) (((x) & (y)) | ((x) & (z)) | ((y) & (z)))
-#define P(a,b,c,d,x,s)                          \
-    do                                          \
-    {                                           \
-        (a) += F((b),(c),(d)) + (x) + 0x5A827999;       \
-        (a) = S((a),(s));                               \
-    } while( 0 )
-
-    P( local.A, local.B, local.C, local.D, local.X[ 0],  3 );
-    P( local.D, local.A, local.B, local.C, local.X[ 4],  5 );
-    P( local.C, local.D, local.A, local.B, local.X[ 8],  9 );
-    P( local.B, local.C, local.D, local.A, local.X[12], 13 );
-    P( local.A, local.B, local.C, local.D, local.X[ 1],  3 );
-    P( local.D, local.A, local.B, local.C, local.X[ 5],  5 );
-    P( local.C, local.D, local.A, local.B, local.X[ 9],  9 );
-    P( local.B, local.C, local.D, local.A, local.X[13], 13 );
-    P( local.A, local.B, local.C, local.D, local.X[ 2],  3 );
-    P( local.D, local.A, local.B, local.C, local.X[ 6],  5 );
-    P( local.C, local.D, local.A, local.B, local.X[10],  9 );
-    P( local.B, local.C, local.D, local.A, local.X[14], 13 );
-    P( local.A, local.B, local.C, local.D, local.X[ 3],  3 );
-    P( local.D, local.A, local.B, local.C, local.X[ 7],  5 );
-    P( local.C, local.D, local.A, local.B, local.X[11],  9 );
-    P( local.B, local.C, local.D, local.A, local.X[15], 13 );
-
-#undef P
-#undef F
-
-#define F(x,y,z) ((x) ^ (y) ^ (z))
-#define P(a,b,c,d,x,s)                                  \
-    do                                                  \
-    {                                                   \
-        (a) += F((b),(c),(d)) + (x) + 0x6ED9EBA1;       \
-        (a) = S((a),(s));                               \
-    } while( 0 )
-
-    P( local.A, local.B, local.C, local.D, local.X[ 0],  3 );
-    P( local.D, local.A, local.B, local.C, local.X[ 8],  9 );
-    P( local.C, local.D, local.A, local.B, local.X[ 4], 11 );
-    P( local.B, local.C, local.D, local.A, local.X[12], 15 );
-    P( local.A, local.B, local.C, local.D, local.X[ 2],  3 );
-    P( local.D, local.A, local.B, local.C, local.X[10],  9 );
-    P( local.C, local.D, local.A, local.B, local.X[ 6], 11 );
-    P( local.B, local.C, local.D, local.A, local.X[14], 15 );
-    P( local.A, local.B, local.C, local.D, local.X[ 1],  3 );
-    P( local.D, local.A, local.B, local.C, local.X[ 9],  9 );
-    P( local.C, local.D, local.A, local.B, local.X[ 5], 11 );
-    P( local.B, local.C, local.D, local.A, local.X[13], 15 );
-    P( local.A, local.B, local.C, local.D, local.X[ 3],  3 );
-    P( local.D, local.A, local.B, local.C, local.X[11],  9 );
-    P( local.C, local.D, local.A, local.B, local.X[ 7], 11 );
-    P( local.B, local.C, local.D, local.A, local.X[15], 15 );
-
-#undef F
-#undef P
-
-    ctx->state[0] += local.A;
-    ctx->state[1] += local.B;
-    ctx->state[2] += local.C;
-    ctx->state[3] += local.D;
-
-    /* Zeroise variables to clear sensitive data from memory. */
-    mbedtls_platform_zeroize( &local, sizeof( local ) );
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_md4_process( mbedtls_md4_context *ctx,
-                          const unsigned char data[64] )
-{
-    mbedtls_internal_md4_process( ctx, data );
-}
-#endif
-#endif /* !MBEDTLS_MD4_PROCESS_ALT */
-
-/*
- * MD4 process buffer
- */
-int mbedtls_md4_update_ret( mbedtls_md4_context *ctx,
-                            const unsigned char *input,
-                            size_t ilen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t fill;
-    uint32_t left;
-
-    if( ilen == 0 )
-        return( 0 );
-
-    left = ctx->total[0] & 0x3F;
-    fill = 64 - left;
-
-    ctx->total[0] += (uint32_t) ilen;
-    ctx->total[0] &= 0xFFFFFFFF;
-
-    if( ctx->total[0] < (uint32_t) ilen )
-        ctx->total[1]++;
-
-    if( left && ilen >= fill )
-    {
-        memcpy( (void *) (ctx->buffer + left),
-                (void *) input, fill );
-
-        if( ( ret = mbedtls_internal_md4_process( ctx, ctx->buffer ) ) != 0 )
-            return( ret );
-
-        input += fill;
-        ilen  -= fill;
-        left = 0;
-    }
-
-    while( ilen >= 64 )
-    {
-        if( ( ret = mbedtls_internal_md4_process( ctx, input ) ) != 0 )
-            return( ret );
-
-        input += 64;
-        ilen  -= 64;
-    }
-
-    if( ilen > 0 )
-    {
-        memcpy( (void *) (ctx->buffer + left),
-                (void *) input, ilen );
-    }
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_md4_update( mbedtls_md4_context *ctx,
-                         const unsigned char *input,
-                         size_t ilen )
-{
-    mbedtls_md4_update_ret( ctx, input, ilen );
-}
-#endif
-
-static const unsigned char md4_padding[64] =
-{
- 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-};
-
-/*
- * MD4 final digest
- */
-int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx,
-                            unsigned char output[16] )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    uint32_t last, padn;
-    uint32_t high, low;
-    unsigned char msglen[8];
-
-    high = ( ctx->total[0] >> 29 )
-         | ( ctx->total[1] <<  3 );
-    low  = ( ctx->total[0] <<  3 );
-
-    PUT_UINT32_LE( low,  msglen, 0 );
-    PUT_UINT32_LE( high, msglen, 4 );
-
-    last = ctx->total[0] & 0x3F;
-    padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
-
-    ret = mbedtls_md4_update_ret( ctx, (unsigned char *)md4_padding, padn );
-    if( ret != 0 )
-        return( ret );
-
-    if( ( ret = mbedtls_md4_update_ret( ctx, msglen, 8 ) ) != 0 )
-        return( ret );
-
-
-    PUT_UINT32_LE( ctx->state[0], output,  0 );
-    PUT_UINT32_LE( ctx->state[1], output,  4 );
-    PUT_UINT32_LE( ctx->state[2], output,  8 );
-    PUT_UINT32_LE( ctx->state[3], output, 12 );
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_md4_finish( mbedtls_md4_context *ctx,
-                         unsigned char output[16] )
-{
-    mbedtls_md4_finish_ret( ctx, output );
-}
-#endif
-
-#endif /* !MBEDTLS_MD4_ALT */
-
-/*
- * output = MD4( input buffer )
- */
-int mbedtls_md4_ret( const unsigned char *input,
-                     size_t ilen,
-                     unsigned char output[16] )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_md4_context ctx;
-
-    mbedtls_md4_init( &ctx );
-
-    if( ( ret = mbedtls_md4_starts_ret( &ctx ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_md4_update_ret( &ctx, input, ilen ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_md4_finish_ret( &ctx, output ) ) != 0 )
-        goto exit;
-
-exit:
-    mbedtls_md4_free( &ctx );
-
-    return( ret );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_md4( const unsigned char *input,
-                  size_t ilen,
-                  unsigned char output[16] )
-{
-    mbedtls_md4_ret( input, ilen, output );
-}
-#endif
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/*
- * RFC 1320 test vectors
- */
-static const unsigned char md4_test_str[7][81] =
-{
-    { "" },
-    { "a" },
-    { "abc" },
-    { "message digest" },
-    { "abcdefghijklmnopqrstuvwxyz" },
-    { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
-    { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" }
-};
-
-static const size_t md4_test_strlen[7] =
-{
-    0, 1, 3, 14, 26, 62, 80
-};
-
-static const unsigned char md4_test_sum[7][16] =
-{
-    { 0x31, 0xD6, 0xCF, 0xE0, 0xD1, 0x6A, 0xE9, 0x31,
-      0xB7, 0x3C, 0x59, 0xD7, 0xE0, 0xC0, 0x89, 0xC0 },
-    { 0xBD, 0xE5, 0x2C, 0xB3, 0x1D, 0xE3, 0x3E, 0x46,
-      0x24, 0x5E, 0x05, 0xFB, 0xDB, 0xD6, 0xFB, 0x24 },
-    { 0xA4, 0x48, 0x01, 0x7A, 0xAF, 0x21, 0xD8, 0x52,
-      0x5F, 0xC1, 0x0A, 0xE8, 0x7A, 0xA6, 0x72, 0x9D },
-    { 0xD9, 0x13, 0x0A, 0x81, 0x64, 0x54, 0x9F, 0xE8,
-      0x18, 0x87, 0x48, 0x06, 0xE1, 0xC7, 0x01, 0x4B },
-    { 0xD7, 0x9E, 0x1C, 0x30, 0x8A, 0xA5, 0xBB, 0xCD,
-      0xEE, 0xA8, 0xED, 0x63, 0xDF, 0x41, 0x2D, 0xA9 },
-    { 0x04, 0x3F, 0x85, 0x82, 0xF2, 0x41, 0xDB, 0x35,
-      0x1C, 0xE6, 0x27, 0xE1, 0x53, 0xE7, 0xF0, 0xE4 },
-    { 0xE3, 0x3B, 0x4D, 0xDC, 0x9C, 0x38, 0xF2, 0x19,
-      0x9C, 0x3E, 0x7B, 0x16, 0x4F, 0xCC, 0x05, 0x36 }
-};
-
-/*
- * Checkup routine
- */
-int mbedtls_md4_self_test( int verbose )
-{
-    int i, ret = 0;
-    unsigned char md4sum[16];
-
-    for( i = 0; i < 7; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  MD4 test #%d: ", i + 1 );
-
-        ret = mbedtls_md4_ret( md4_test_str[i], md4_test_strlen[i], md4sum );
-        if( ret != 0 )
-            goto fail;
-
-        if( memcmp( md4sum, md4_test_sum[i], 16 ) != 0 )
-        {
-            ret = 1;
-            goto fail;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-    return( 0 );
-
-fail:
-    if( verbose != 0 )
-        mbedtls_printf( "failed\n" );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_MD4_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/md5.c b/3rdparty/mbedtls-2.25.0/library/md5.c
deleted file mode 100644
index c4f2dbf..0000000
--- a/3rdparty/mbedtls-2.25.0/library/md5.c
+++ /dev/null
@@ -1,498 +0,0 @@
-/*
- *  RFC 1321 compliant MD5 implementation
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  The MD5 algorithm was designed by Ron Rivest in 1991.
- *
- *  http://www.ietf.org/rfc/rfc1321.txt
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_MD5_C)
-
-#include "mbedtls/md5.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_MD5_ALT)
-
-/*
- * 32-bit integer manipulation macros (little endian)
- */
-#ifndef GET_UINT32_LE
-#define GET_UINT32_LE(n,b,i)                            \
-{                                                       \
-    (n) = ( (uint32_t) (b)[(i)    ]       )             \
-        | ( (uint32_t) (b)[(i) + 1] <<  8 )             \
-        | ( (uint32_t) (b)[(i) + 2] << 16 )             \
-        | ( (uint32_t) (b)[(i) + 3] << 24 );            \
-}
-#endif
-
-#ifndef PUT_UINT32_LE
-#define PUT_UINT32_LE(n,b,i)                                    \
-{                                                               \
-    (b)[(i)    ] = (unsigned char) ( ( (n)       ) & 0xFF );    \
-    (b)[(i) + 1] = (unsigned char) ( ( (n) >>  8 ) & 0xFF );    \
-    (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF );    \
-    (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF );    \
-}
-#endif
-
-void mbedtls_md5_init( mbedtls_md5_context *ctx )
-{
-    memset( ctx, 0, sizeof( mbedtls_md5_context ) );
-}
-
-void mbedtls_md5_free( mbedtls_md5_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md5_context ) );
-}
-
-void mbedtls_md5_clone( mbedtls_md5_context *dst,
-                        const mbedtls_md5_context *src )
-{
-    *dst = *src;
-}
-
-/*
- * MD5 context setup
- */
-int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx )
-{
-    ctx->total[0] = 0;
-    ctx->total[1] = 0;
-
-    ctx->state[0] = 0x67452301;
-    ctx->state[1] = 0xEFCDAB89;
-    ctx->state[2] = 0x98BADCFE;
-    ctx->state[3] = 0x10325476;
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_md5_starts( mbedtls_md5_context *ctx )
-{
-    mbedtls_md5_starts_ret( ctx );
-}
-#endif
-
-#if !defined(MBEDTLS_MD5_PROCESS_ALT)
-int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
-                                  const unsigned char data[64] )
-{
-    struct
-    {
-        uint32_t X[16], A, B, C, D;
-    } local;
-
-    GET_UINT32_LE( local.X[ 0], data,  0 );
-    GET_UINT32_LE( local.X[ 1], data,  4 );
-    GET_UINT32_LE( local.X[ 2], data,  8 );
-    GET_UINT32_LE( local.X[ 3], data, 12 );
-    GET_UINT32_LE( local.X[ 4], data, 16 );
-    GET_UINT32_LE( local.X[ 5], data, 20 );
-    GET_UINT32_LE( local.X[ 6], data, 24 );
-    GET_UINT32_LE( local.X[ 7], data, 28 );
-    GET_UINT32_LE( local.X[ 8], data, 32 );
-    GET_UINT32_LE( local.X[ 9], data, 36 );
-    GET_UINT32_LE( local.X[10], data, 40 );
-    GET_UINT32_LE( local.X[11], data, 44 );
-    GET_UINT32_LE( local.X[12], data, 48 );
-    GET_UINT32_LE( local.X[13], data, 52 );
-    GET_UINT32_LE( local.X[14], data, 56 );
-    GET_UINT32_LE( local.X[15], data, 60 );
-
-#define S(x,n)                                                          \
-    ( ( (x) << (n) ) | ( ( (x) & 0xFFFFFFFF) >> ( 32 - (n) ) ) )
-
-#define P(a,b,c,d,k,s,t)                                                \
-    do                                                                  \
-    {                                                                   \
-        (a) += F((b),(c),(d)) + local.X[(k)] + (t);                     \
-        (a) = S((a),(s)) + (b);                                         \
-    } while( 0 )
-
-    local.A = ctx->state[0];
-    local.B = ctx->state[1];
-    local.C = ctx->state[2];
-    local.D = ctx->state[3];
-
-#define F(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
-
-    P( local.A, local.B, local.C, local.D,  0,  7, 0xD76AA478 );
-    P( local.D, local.A, local.B, local.C,  1, 12, 0xE8C7B756 );
-    P( local.C, local.D, local.A, local.B,  2, 17, 0x242070DB );
-    P( local.B, local.C, local.D, local.A,  3, 22, 0xC1BDCEEE );
-    P( local.A, local.B, local.C, local.D,  4,  7, 0xF57C0FAF );
-    P( local.D, local.A, local.B, local.C,  5, 12, 0x4787C62A );
-    P( local.C, local.D, local.A, local.B,  6, 17, 0xA8304613 );
-    P( local.B, local.C, local.D, local.A,  7, 22, 0xFD469501 );
-    P( local.A, local.B, local.C, local.D,  8,  7, 0x698098D8 );
-    P( local.D, local.A, local.B, local.C,  9, 12, 0x8B44F7AF );
-    P( local.C, local.D, local.A, local.B, 10, 17, 0xFFFF5BB1 );
-    P( local.B, local.C, local.D, local.A, 11, 22, 0x895CD7BE );
-    P( local.A, local.B, local.C, local.D, 12,  7, 0x6B901122 );
-    P( local.D, local.A, local.B, local.C, 13, 12, 0xFD987193 );
-    P( local.C, local.D, local.A, local.B, 14, 17, 0xA679438E );
-    P( local.B, local.C, local.D, local.A, 15, 22, 0x49B40821 );
-
-#undef F
-
-#define F(x,y,z) ((y) ^ ((z) & ((x) ^ (y))))
-
-    P( local.A, local.B, local.C, local.D,  1,  5, 0xF61E2562 );
-    P( local.D, local.A, local.B, local.C,  6,  9, 0xC040B340 );
-    P( local.C, local.D, local.A, local.B, 11, 14, 0x265E5A51 );
-    P( local.B, local.C, local.D, local.A,  0, 20, 0xE9B6C7AA );
-    P( local.A, local.B, local.C, local.D,  5,  5, 0xD62F105D );
-    P( local.D, local.A, local.B, local.C, 10,  9, 0x02441453 );
-    P( local.C, local.D, local.A, local.B, 15, 14, 0xD8A1E681 );
-    P( local.B, local.C, local.D, local.A,  4, 20, 0xE7D3FBC8 );
-    P( local.A, local.B, local.C, local.D,  9,  5, 0x21E1CDE6 );
-    P( local.D, local.A, local.B, local.C, 14,  9, 0xC33707D6 );
-    P( local.C, local.D, local.A, local.B,  3, 14, 0xF4D50D87 );
-    P( local.B, local.C, local.D, local.A,  8, 20, 0x455A14ED );
-    P( local.A, local.B, local.C, local.D, 13,  5, 0xA9E3E905 );
-    P( local.D, local.A, local.B, local.C,  2,  9, 0xFCEFA3F8 );
-    P( local.C, local.D, local.A, local.B,  7, 14, 0x676F02D9 );
-    P( local.B, local.C, local.D, local.A, 12, 20, 0x8D2A4C8A );
-
-#undef F
-
-#define F(x,y,z) ((x) ^ (y) ^ (z))
-
-    P( local.A, local.B, local.C, local.D,  5,  4, 0xFFFA3942 );
-    P( local.D, local.A, local.B, local.C,  8, 11, 0x8771F681 );
-    P( local.C, local.D, local.A, local.B, 11, 16, 0x6D9D6122 );
-    P( local.B, local.C, local.D, local.A, 14, 23, 0xFDE5380C );
-    P( local.A, local.B, local.C, local.D,  1,  4, 0xA4BEEA44 );
-    P( local.D, local.A, local.B, local.C,  4, 11, 0x4BDECFA9 );
-    P( local.C, local.D, local.A, local.B,  7, 16, 0xF6BB4B60 );
-    P( local.B, local.C, local.D, local.A, 10, 23, 0xBEBFBC70 );
-    P( local.A, local.B, local.C, local.D, 13,  4, 0x289B7EC6 );
-    P( local.D, local.A, local.B, local.C,  0, 11, 0xEAA127FA );
-    P( local.C, local.D, local.A, local.B,  3, 16, 0xD4EF3085 );
-    P( local.B, local.C, local.D, local.A,  6, 23, 0x04881D05 );
-    P( local.A, local.B, local.C, local.D,  9,  4, 0xD9D4D039 );
-    P( local.D, local.A, local.B, local.C, 12, 11, 0xE6DB99E5 );
-    P( local.C, local.D, local.A, local.B, 15, 16, 0x1FA27CF8 );
-    P( local.B, local.C, local.D, local.A,  2, 23, 0xC4AC5665 );
-
-#undef F
-
-#define F(x,y,z) ((y) ^ ((x) | ~(z)))
-
-    P( local.A, local.B, local.C, local.D,  0,  6, 0xF4292244 );
-    P( local.D, local.A, local.B, local.C,  7, 10, 0x432AFF97 );
-    P( local.C, local.D, local.A, local.B, 14, 15, 0xAB9423A7 );
-    P( local.B, local.C, local.D, local.A,  5, 21, 0xFC93A039 );
-    P( local.A, local.B, local.C, local.D, 12,  6, 0x655B59C3 );
-    P( local.D, local.A, local.B, local.C,  3, 10, 0x8F0CCC92 );
-    P( local.C, local.D, local.A, local.B, 10, 15, 0xFFEFF47D );
-    P( local.B, local.C, local.D, local.A,  1, 21, 0x85845DD1 );
-    P( local.A, local.B, local.C, local.D,  8,  6, 0x6FA87E4F );
-    P( local.D, local.A, local.B, local.C, 15, 10, 0xFE2CE6E0 );
-    P( local.C, local.D, local.A, local.B,  6, 15, 0xA3014314 );
-    P( local.B, local.C, local.D, local.A, 13, 21, 0x4E0811A1 );
-    P( local.A, local.B, local.C, local.D,  4,  6, 0xF7537E82 );
-    P( local.D, local.A, local.B, local.C, 11, 10, 0xBD3AF235 );
-    P( local.C, local.D, local.A, local.B,  2, 15, 0x2AD7D2BB );
-    P( local.B, local.C, local.D, local.A,  9, 21, 0xEB86D391 );
-
-#undef F
-
-    ctx->state[0] += local.A;
-    ctx->state[1] += local.B;
-    ctx->state[2] += local.C;
-    ctx->state[3] += local.D;
-
-    /* Zeroise variables to clear sensitive data from memory. */
-    mbedtls_platform_zeroize( &local, sizeof( local ) );
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_md5_process( mbedtls_md5_context *ctx,
-                          const unsigned char data[64] )
-{
-    mbedtls_internal_md5_process( ctx, data );
-}
-#endif
-#endif /* !MBEDTLS_MD5_PROCESS_ALT */
-
-/*
- * MD5 process buffer
- */
-int mbedtls_md5_update_ret( mbedtls_md5_context *ctx,
-                            const unsigned char *input,
-                            size_t ilen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t fill;
-    uint32_t left;
-
-    if( ilen == 0 )
-        return( 0 );
-
-    left = ctx->total[0] & 0x3F;
-    fill = 64 - left;
-
-    ctx->total[0] += (uint32_t) ilen;
-    ctx->total[0] &= 0xFFFFFFFF;
-
-    if( ctx->total[0] < (uint32_t) ilen )
-        ctx->total[1]++;
-
-    if( left && ilen >= fill )
-    {
-        memcpy( (void *) (ctx->buffer + left), input, fill );
-        if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 )
-            return( ret );
-
-        input += fill;
-        ilen  -= fill;
-        left = 0;
-    }
-
-    while( ilen >= 64 )
-    {
-        if( ( ret = mbedtls_internal_md5_process( ctx, input ) ) != 0 )
-            return( ret );
-
-        input += 64;
-        ilen  -= 64;
-    }
-
-    if( ilen > 0 )
-    {
-        memcpy( (void *) (ctx->buffer + left), input, ilen );
-    }
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_md5_update( mbedtls_md5_context *ctx,
-                         const unsigned char *input,
-                         size_t ilen )
-{
-    mbedtls_md5_update_ret( ctx, input, ilen );
-}
-#endif
-
-/*
- * MD5 final digest
- */
-int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx,
-                            unsigned char output[16] )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    uint32_t used;
-    uint32_t high, low;
-
-    /*
-     * Add padding: 0x80 then 0x00 until 8 bytes remain for the length
-     */
-    used = ctx->total[0] & 0x3F;
-
-    ctx->buffer[used++] = 0x80;
-
-    if( used <= 56 )
-    {
-        /* Enough room for padding + length in current block */
-        memset( ctx->buffer + used, 0, 56 - used );
-    }
-    else
-    {
-        /* We'll need an extra block */
-        memset( ctx->buffer + used, 0, 64 - used );
-
-        if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 )
-            return( ret );
-
-        memset( ctx->buffer, 0, 56 );
-    }
-
-    /*
-     * Add message length
-     */
-    high = ( ctx->total[0] >> 29 )
-         | ( ctx->total[1] <<  3 );
-    low  = ( ctx->total[0] <<  3 );
-
-    PUT_UINT32_LE( low,  ctx->buffer, 56 );
-    PUT_UINT32_LE( high, ctx->buffer, 60 );
-
-    if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 )
-        return( ret );
-
-    /*
-     * Output final state
-     */
-    PUT_UINT32_LE( ctx->state[0], output,  0 );
-    PUT_UINT32_LE( ctx->state[1], output,  4 );
-    PUT_UINT32_LE( ctx->state[2], output,  8 );
-    PUT_UINT32_LE( ctx->state[3], output, 12 );
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_md5_finish( mbedtls_md5_context *ctx,
-                         unsigned char output[16] )
-{
-    mbedtls_md5_finish_ret( ctx, output );
-}
-#endif
-
-#endif /* !MBEDTLS_MD5_ALT */
-
-/*
- * output = MD5( input buffer )
- */
-int mbedtls_md5_ret( const unsigned char *input,
-                     size_t ilen,
-                     unsigned char output[16] )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_md5_context ctx;
-
-    mbedtls_md5_init( &ctx );
-
-    if( ( ret = mbedtls_md5_starts_ret( &ctx ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_md5_update_ret( &ctx, input, ilen ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_md5_finish_ret( &ctx, output ) ) != 0 )
-        goto exit;
-
-exit:
-    mbedtls_md5_free( &ctx );
-
-    return( ret );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_md5( const unsigned char *input,
-                  size_t ilen,
-                  unsigned char output[16] )
-{
-    mbedtls_md5_ret( input, ilen, output );
-}
-#endif
-
-#if defined(MBEDTLS_SELF_TEST)
-/*
- * RFC 1321 test vectors
- */
-static const unsigned char md5_test_buf[7][81] =
-{
-    { "" },
-    { "a" },
-    { "abc" },
-    { "message digest" },
-    { "abcdefghijklmnopqrstuvwxyz" },
-    { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
-    { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" }
-};
-
-static const size_t md5_test_buflen[7] =
-{
-    0, 1, 3, 14, 26, 62, 80
-};
-
-static const unsigned char md5_test_sum[7][16] =
-{
-    { 0xD4, 0x1D, 0x8C, 0xD9, 0x8F, 0x00, 0xB2, 0x04,
-      0xE9, 0x80, 0x09, 0x98, 0xEC, 0xF8, 0x42, 0x7E },
-    { 0x0C, 0xC1, 0x75, 0xB9, 0xC0, 0xF1, 0xB6, 0xA8,
-      0x31, 0xC3, 0x99, 0xE2, 0x69, 0x77, 0x26, 0x61 },
-    { 0x90, 0x01, 0x50, 0x98, 0x3C, 0xD2, 0x4F, 0xB0,
-      0xD6, 0x96, 0x3F, 0x7D, 0x28, 0xE1, 0x7F, 0x72 },
-    { 0xF9, 0x6B, 0x69, 0x7D, 0x7C, 0xB7, 0x93, 0x8D,
-      0x52, 0x5A, 0x2F, 0x31, 0xAA, 0xF1, 0x61, 0xD0 },
-    { 0xC3, 0xFC, 0xD3, 0xD7, 0x61, 0x92, 0xE4, 0x00,
-      0x7D, 0xFB, 0x49, 0x6C, 0xCA, 0x67, 0xE1, 0x3B },
-    { 0xD1, 0x74, 0xAB, 0x98, 0xD2, 0x77, 0xD9, 0xF5,
-      0xA5, 0x61, 0x1C, 0x2C, 0x9F, 0x41, 0x9D, 0x9F },
-    { 0x57, 0xED, 0xF4, 0xA2, 0x2B, 0xE3, 0xC9, 0x55,
-      0xAC, 0x49, 0xDA, 0x2E, 0x21, 0x07, 0xB6, 0x7A }
-};
-
-/*
- * Checkup routine
- */
-int mbedtls_md5_self_test( int verbose )
-{
-    int i, ret = 0;
-    unsigned char md5sum[16];
-
-    for( i = 0; i < 7; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  MD5 test #%d: ", i + 1 );
-
-        ret = mbedtls_md5_ret( md5_test_buf[i], md5_test_buflen[i], md5sum );
-        if( ret != 0 )
-            goto fail;
-
-        if( memcmp( md5sum, md5_test_sum[i], 16 ) != 0 )
-        {
-            ret = 1;
-            goto fail;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-    return( 0 );
-
-fail:
-    if( verbose != 0 )
-        mbedtls_printf( "failed\n" );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_MD5_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/memory_buffer_alloc.c b/3rdparty/mbedtls-2.25.0/library/memory_buffer_alloc.c
deleted file mode 100644
index 0d5d27d..0000000
--- a/3rdparty/mbedtls-2.25.0/library/memory_buffer_alloc.c
+++ /dev/null
@@ -1,744 +0,0 @@
-/*
- *  Buffer-based memory allocator
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-#include "mbedtls/memory_buffer_alloc.h"
-
-/* No need for the header guard as MBEDTLS_MEMORY_BUFFER_ALLOC_C
-   is dependent upon MBEDTLS_PLATFORM_C */
-#include "mbedtls/platform.h"
-#include "mbedtls/platform_util.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_MEMORY_BACKTRACE)
-#include <execinfo.h>
-#endif
-
-#if defined(MBEDTLS_THREADING_C)
-#include "mbedtls/threading.h"
-#endif
-
-#define MAGIC1       0xFF00AA55
-#define MAGIC2       0xEE119966
-#define MAX_BT 20
-
-typedef struct _memory_header memory_header;
-struct _memory_header
-{
-    size_t          magic1;
-    size_t          size;
-    size_t          alloc;
-    memory_header   *prev;
-    memory_header   *next;
-    memory_header   *prev_free;
-    memory_header   *next_free;
-#if defined(MBEDTLS_MEMORY_BACKTRACE)
-    char            **trace;
-    size_t          trace_count;
-#endif
-    size_t          magic2;
-};
-
-typedef struct
-{
-    unsigned char   *buf;
-    size_t          len;
-    memory_header   *first;
-    memory_header   *first_free;
-    int             verify;
-#if defined(MBEDTLS_MEMORY_DEBUG)
-    size_t          alloc_count;
-    size_t          free_count;
-    size_t          total_used;
-    size_t          maximum_used;
-    size_t          header_count;
-    size_t          maximum_header_count;
-#endif
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_threading_mutex_t   mutex;
-#endif
-}
-buffer_alloc_ctx;
-
-static buffer_alloc_ctx heap;
-
-#if defined(MBEDTLS_MEMORY_DEBUG)
-static void debug_header( memory_header *hdr )
-{
-#if defined(MBEDTLS_MEMORY_BACKTRACE)
-    size_t i;
-#endif
-
-    mbedtls_fprintf( stderr, "HDR:  PTR(%10zu), PREV(%10zu), NEXT(%10zu), "
-                              "ALLOC(%zu), SIZE(%10zu)\n",
-                      (size_t) hdr, (size_t) hdr->prev, (size_t) hdr->next,
-                      hdr->alloc, hdr->size );
-    mbedtls_fprintf( stderr, "      FPREV(%10zu), FNEXT(%10zu)\n",
-                      (size_t) hdr->prev_free, (size_t) hdr->next_free );
-
-#if defined(MBEDTLS_MEMORY_BACKTRACE)
-    mbedtls_fprintf( stderr, "TRACE: \n" );
-    for( i = 0; i < hdr->trace_count; i++ )
-        mbedtls_fprintf( stderr, "%s\n", hdr->trace[i] );
-    mbedtls_fprintf( stderr, "\n" );
-#endif
-}
-
-static void debug_chain( void )
-{
-    memory_header *cur = heap.first;
-
-    mbedtls_fprintf( stderr, "\nBlock list\n" );
-    while( cur != NULL )
-    {
-        debug_header( cur );
-        cur = cur->next;
-    }
-
-    mbedtls_fprintf( stderr, "Free list\n" );
-    cur = heap.first_free;
-
-    while( cur != NULL )
-    {
-        debug_header( cur );
-        cur = cur->next_free;
-    }
-}
-#endif /* MBEDTLS_MEMORY_DEBUG */
-
-static int verify_header( memory_header *hdr )
-{
-    if( hdr->magic1 != MAGIC1 )
-    {
-#if defined(MBEDTLS_MEMORY_DEBUG)
-        mbedtls_fprintf( stderr, "FATAL: MAGIC1 mismatch\n" );
-#endif
-        return( 1 );
-    }
-
-    if( hdr->magic2 != MAGIC2 )
-    {
-#if defined(MBEDTLS_MEMORY_DEBUG)
-        mbedtls_fprintf( stderr, "FATAL: MAGIC2 mismatch\n" );
-#endif
-        return( 1 );
-    }
-
-    if( hdr->alloc > 1 )
-    {
-#if defined(MBEDTLS_MEMORY_DEBUG)
-        mbedtls_fprintf( stderr, "FATAL: alloc has illegal value\n" );
-#endif
-        return( 1 );
-    }
-
-    if( hdr->prev != NULL && hdr->prev == hdr->next )
-    {
-#if defined(MBEDTLS_MEMORY_DEBUG)
-        mbedtls_fprintf( stderr, "FATAL: prev == next\n" );
-#endif
-        return( 1 );
-    }
-
-    if( hdr->prev_free != NULL && hdr->prev_free == hdr->next_free )
-    {
-#if defined(MBEDTLS_MEMORY_DEBUG)
-        mbedtls_fprintf( stderr, "FATAL: prev_free == next_free\n" );
-#endif
-        return( 1 );
-    }
-
-    return( 0 );
-}
-
-static int verify_chain( void )
-{
-    memory_header *prv = heap.first, *cur;
-
-    if( prv == NULL || verify_header( prv ) != 0 )
-    {
-#if defined(MBEDTLS_MEMORY_DEBUG)
-        mbedtls_fprintf( stderr, "FATAL: verification of first header "
-                                  "failed\n" );
-#endif
-        return( 1 );
-    }
-
-    if( heap.first->prev != NULL )
-    {
-#if defined(MBEDTLS_MEMORY_DEBUG)
-        mbedtls_fprintf( stderr, "FATAL: verification failed: "
-                                  "first->prev != NULL\n" );
-#endif
-        return( 1 );
-    }
-
-    cur = heap.first->next;
-
-    while( cur != NULL )
-    {
-        if( verify_header( cur ) != 0 )
-        {
-#if defined(MBEDTLS_MEMORY_DEBUG)
-            mbedtls_fprintf( stderr, "FATAL: verification of header "
-                                      "failed\n" );
-#endif
-            return( 1 );
-        }
-
-        if( cur->prev != prv )
-        {
-#if defined(MBEDTLS_MEMORY_DEBUG)
-            mbedtls_fprintf( stderr, "FATAL: verification failed: "
-                                      "cur->prev != prv\n" );
-#endif
-            return( 1 );
-        }
-
-        prv = cur;
-        cur = cur->next;
-    }
-
-    return( 0 );
-}
-
-static void *buffer_alloc_calloc( size_t n, size_t size )
-{
-    memory_header *new, *cur = heap.first_free;
-    unsigned char *p;
-    void *ret;
-    size_t original_len, len;
-#if defined(MBEDTLS_MEMORY_BACKTRACE)
-    void *trace_buffer[MAX_BT];
-    size_t trace_cnt;
-#endif
-
-    if( heap.buf == NULL || heap.first == NULL )
-        return( NULL );
-
-    original_len = len = n * size;
-
-    if( n == 0 || size == 0 || len / n != size )
-        return( NULL );
-    else if( len > (size_t)-MBEDTLS_MEMORY_ALIGN_MULTIPLE )
-        return( NULL );
-
-    if( len % MBEDTLS_MEMORY_ALIGN_MULTIPLE )
-    {
-        len -= len % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
-        len += MBEDTLS_MEMORY_ALIGN_MULTIPLE;
-    }
-
-    // Find block that fits
-    //
-    while( cur != NULL )
-    {
-        if( cur->size >= len )
-            break;
-
-        cur = cur->next_free;
-    }
-
-    if( cur == NULL )
-        return( NULL );
-
-    if( cur->alloc != 0 )
-    {
-#if defined(MBEDTLS_MEMORY_DEBUG)
-        mbedtls_fprintf( stderr, "FATAL: block in free_list but allocated "
-                                  "data\n" );
-#endif
-        mbedtls_exit( 1 );
-    }
-
-#if defined(MBEDTLS_MEMORY_DEBUG)
-    heap.alloc_count++;
-#endif
-
-    // Found location, split block if > memory_header + 4 room left
-    //
-    if( cur->size - len < sizeof(memory_header) +
-                          MBEDTLS_MEMORY_ALIGN_MULTIPLE )
-    {
-        cur->alloc = 1;
-
-        // Remove from free_list
-        //
-        if( cur->prev_free != NULL )
-            cur->prev_free->next_free = cur->next_free;
-        else
-            heap.first_free = cur->next_free;
-
-        if( cur->next_free != NULL )
-            cur->next_free->prev_free = cur->prev_free;
-
-        cur->prev_free = NULL;
-        cur->next_free = NULL;
-
-#if defined(MBEDTLS_MEMORY_DEBUG)
-        heap.total_used += cur->size;
-        if( heap.total_used > heap.maximum_used )
-            heap.maximum_used = heap.total_used;
-#endif
-#if defined(MBEDTLS_MEMORY_BACKTRACE)
-        trace_cnt = backtrace( trace_buffer, MAX_BT );
-        cur->trace = backtrace_symbols( trace_buffer, trace_cnt );
-        cur->trace_count = trace_cnt;
-#endif
-
-        if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 )
-            mbedtls_exit( 1 );
-
-        ret = (unsigned char *) cur + sizeof( memory_header );
-        memset( ret, 0, original_len );
-
-        return( ret );
-    }
-
-    p = ( (unsigned char *) cur ) + sizeof(memory_header) + len;
-    new = (memory_header *) p;
-
-    new->size = cur->size - len - sizeof(memory_header);
-    new->alloc = 0;
-    new->prev = cur;
-    new->next = cur->next;
-#if defined(MBEDTLS_MEMORY_BACKTRACE)
-    new->trace = NULL;
-    new->trace_count = 0;
-#endif
-    new->magic1 = MAGIC1;
-    new->magic2 = MAGIC2;
-
-    if( new->next != NULL )
-        new->next->prev = new;
-
-    // Replace cur with new in free_list
-    //
-    new->prev_free = cur->prev_free;
-    new->next_free = cur->next_free;
-    if( new->prev_free != NULL )
-        new->prev_free->next_free = new;
-    else
-        heap.first_free = new;
-
-    if( new->next_free != NULL )
-        new->next_free->prev_free = new;
-
-    cur->alloc = 1;
-    cur->size = len;
-    cur->next = new;
-    cur->prev_free = NULL;
-    cur->next_free = NULL;
-
-#if defined(MBEDTLS_MEMORY_DEBUG)
-    heap.header_count++;
-    if( heap.header_count > heap.maximum_header_count )
-        heap.maximum_header_count = heap.header_count;
-    heap.total_used += cur->size;
-    if( heap.total_used > heap.maximum_used )
-        heap.maximum_used = heap.total_used;
-#endif
-#if defined(MBEDTLS_MEMORY_BACKTRACE)
-    trace_cnt = backtrace( trace_buffer, MAX_BT );
-    cur->trace = backtrace_symbols( trace_buffer, trace_cnt );
-    cur->trace_count = trace_cnt;
-#endif
-
-    if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 )
-        mbedtls_exit( 1 );
-
-    ret = (unsigned char *) cur + sizeof( memory_header );
-    memset( ret, 0, original_len );
-
-    return( ret );
-}
-
-static void buffer_alloc_free( void *ptr )
-{
-    memory_header *hdr, *old = NULL;
-    unsigned char *p = (unsigned char *) ptr;
-
-    if( ptr == NULL || heap.buf == NULL || heap.first == NULL )
-        return;
-
-    if( p < heap.buf || p >= heap.buf + heap.len )
-    {
-#if defined(MBEDTLS_MEMORY_DEBUG)
-        mbedtls_fprintf( stderr, "FATAL: mbedtls_free() outside of managed "
-                                  "space\n" );
-#endif
-        mbedtls_exit( 1 );
-    }
-
-    p -= sizeof(memory_header);
-    hdr = (memory_header *) p;
-
-    if( verify_header( hdr ) != 0 )
-        mbedtls_exit( 1 );
-
-    if( hdr->alloc != 1 )
-    {
-#if defined(MBEDTLS_MEMORY_DEBUG)
-        mbedtls_fprintf( stderr, "FATAL: mbedtls_free() on unallocated "
-                                  "data\n" );
-#endif
-        mbedtls_exit( 1 );
-    }
-
-    hdr->alloc = 0;
-
-#if defined(MBEDTLS_MEMORY_DEBUG)
-    heap.free_count++;
-    heap.total_used -= hdr->size;
-#endif
-
-#if defined(MBEDTLS_MEMORY_BACKTRACE)
-    free( hdr->trace );
-    hdr->trace = NULL;
-    hdr->trace_count = 0;
-#endif
-
-    // Regroup with block before
-    //
-    if( hdr->prev != NULL && hdr->prev->alloc == 0 )
-    {
-#if defined(MBEDTLS_MEMORY_DEBUG)
-        heap.header_count--;
-#endif
-        hdr->prev->size += sizeof(memory_header) + hdr->size;
-        hdr->prev->next = hdr->next;
-        old = hdr;
-        hdr = hdr->prev;
-
-        if( hdr->next != NULL )
-            hdr->next->prev = hdr;
-
-        memset( old, 0, sizeof(memory_header) );
-    }
-
-    // Regroup with block after
-    //
-    if( hdr->next != NULL && hdr->next->alloc == 0 )
-    {
-#if defined(MBEDTLS_MEMORY_DEBUG)
-        heap.header_count--;
-#endif
-        hdr->size += sizeof(memory_header) + hdr->next->size;
-        old = hdr->next;
-        hdr->next = hdr->next->next;
-
-        if( hdr->prev_free != NULL || hdr->next_free != NULL )
-        {
-            if( hdr->prev_free != NULL )
-                hdr->prev_free->next_free = hdr->next_free;
-            else
-                heap.first_free = hdr->next_free;
-
-            if( hdr->next_free != NULL )
-                hdr->next_free->prev_free = hdr->prev_free;
-        }
-
-        hdr->prev_free = old->prev_free;
-        hdr->next_free = old->next_free;
-
-        if( hdr->prev_free != NULL )
-            hdr->prev_free->next_free = hdr;
-        else
-            heap.first_free = hdr;
-
-        if( hdr->next_free != NULL )
-            hdr->next_free->prev_free = hdr;
-
-        if( hdr->next != NULL )
-            hdr->next->prev = hdr;
-
-        memset( old, 0, sizeof(memory_header) );
-    }
-
-    // Prepend to free_list if we have not merged
-    // (Does not have to stay in same order as prev / next list)
-    //
-    if( old == NULL )
-    {
-        hdr->next_free = heap.first_free;
-        if( heap.first_free != NULL )
-            heap.first_free->prev_free = hdr;
-        heap.first_free = hdr;
-    }
-
-    if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_FREE ) && verify_chain() != 0 )
-        mbedtls_exit( 1 );
-}
-
-void mbedtls_memory_buffer_set_verify( int verify )
-{
-    heap.verify = verify;
-}
-
-int mbedtls_memory_buffer_alloc_verify( void )
-{
-    return verify_chain();
-}
-
-#if defined(MBEDTLS_MEMORY_DEBUG)
-void mbedtls_memory_buffer_alloc_status( void )
-{
-    mbedtls_fprintf( stderr,
-                      "Current use: %zu blocks / %zu bytes, max: %zu blocks / "
-                      "%zu bytes (total %zu bytes), alloc / free: %zu / %zu\n",
-                      heap.header_count, heap.total_used,
-                      heap.maximum_header_count, heap.maximum_used,
-                      heap.maximum_header_count * sizeof( memory_header )
-                      + heap.maximum_used,
-                      heap.alloc_count, heap.free_count );
-
-    if( heap.first->next == NULL )
-    {
-        mbedtls_fprintf( stderr, "All memory de-allocated in stack buffer\n" );
-    }
-    else
-    {
-        mbedtls_fprintf( stderr, "Memory currently allocated:\n" );
-        debug_chain();
-    }
-}
-
-void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks )
-{
-    *max_used   = heap.maximum_used;
-    *max_blocks = heap.maximum_header_count;
-}
-
-void mbedtls_memory_buffer_alloc_max_reset( void )
-{
-    heap.maximum_used = 0;
-    heap.maximum_header_count = 0;
-}
-
-void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks )
-{
-    *cur_used   = heap.total_used;
-    *cur_blocks = heap.header_count;
-}
-#endif /* MBEDTLS_MEMORY_DEBUG */
-
-#if defined(MBEDTLS_THREADING_C)
-static void *buffer_alloc_calloc_mutexed( size_t n, size_t size )
-{
-    void *buf;
-    if( mbedtls_mutex_lock( &heap.mutex ) != 0 )
-        return( NULL );
-    buf = buffer_alloc_calloc( n, size );
-    if( mbedtls_mutex_unlock( &heap.mutex ) )
-        return( NULL );
-    return( buf );
-}
-
-static void buffer_alloc_free_mutexed( void *ptr )
-{
-    /* We have to good option here, but corrupting the heap seems
-     * worse than loosing memory. */
-    if( mbedtls_mutex_lock( &heap.mutex ) )
-        return;
-    buffer_alloc_free( ptr );
-    (void) mbedtls_mutex_unlock( &heap.mutex );
-}
-#endif /* MBEDTLS_THREADING_C */
-
-void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len )
-{
-    memset( &heap, 0, sizeof( buffer_alloc_ctx ) );
-
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_mutex_init( &heap.mutex );
-    mbedtls_platform_set_calloc_free( buffer_alloc_calloc_mutexed,
-                              buffer_alloc_free_mutexed );
-#else
-    mbedtls_platform_set_calloc_free( buffer_alloc_calloc, buffer_alloc_free );
-#endif
-
-    if( len < sizeof( memory_header ) + MBEDTLS_MEMORY_ALIGN_MULTIPLE )
-        return;
-    else if( (size_t)buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE )
-    {
-        /* Adjust len first since buf is used in the computation */
-        len -= MBEDTLS_MEMORY_ALIGN_MULTIPLE
-             - (size_t)buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
-        buf += MBEDTLS_MEMORY_ALIGN_MULTIPLE
-             - (size_t)buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
-    }
-
-    memset( buf, 0, len );
-
-    heap.buf = buf;
-    heap.len = len;
-
-    heap.first = (memory_header *)buf;
-    heap.first->size = len - sizeof( memory_header );
-    heap.first->magic1 = MAGIC1;
-    heap.first->magic2 = MAGIC2;
-    heap.first_free = heap.first;
-}
-
-void mbedtls_memory_buffer_alloc_free( void )
-{
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_mutex_free( &heap.mutex );
-#endif
-    mbedtls_platform_zeroize( &heap, sizeof(buffer_alloc_ctx) );
-}
-
-#if defined(MBEDTLS_SELF_TEST)
-static int check_pointer( void *p )
-{
-    if( p == NULL )
-        return( -1 );
-
-    if( (size_t) p % MBEDTLS_MEMORY_ALIGN_MULTIPLE != 0 )
-        return( -1 );
-
-    return( 0 );
-}
-
-static int check_all_free( void )
-{
-    if(
-#if defined(MBEDTLS_MEMORY_DEBUG)
-        heap.total_used != 0 ||
-#endif
-        heap.first != heap.first_free ||
-        (void *) heap.first != (void *) heap.buf )
-    {
-        return( -1 );
-    }
-
-    return( 0 );
-}
-
-#define TEST_ASSERT( condition )            \
-    if( ! (condition) )                     \
-    {                                       \
-        if( verbose != 0 )                  \
-            mbedtls_printf( "failed\n" );  \
-                                            \
-        ret = 1;                            \
-        goto cleanup;                       \
-    }
-
-int mbedtls_memory_buffer_alloc_self_test( int verbose )
-{
-    unsigned char buf[1024];
-    unsigned char *p, *q, *r, *end;
-    int ret = 0;
-
-    if( verbose != 0 )
-        mbedtls_printf( "  MBA test #1 (basic alloc-free cycle): " );
-
-    mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) );
-
-    p = mbedtls_calloc( 1, 1 );
-    q = mbedtls_calloc( 1, 128 );
-    r = mbedtls_calloc( 1, 16 );
-
-    TEST_ASSERT( check_pointer( p ) == 0 &&
-                 check_pointer( q ) == 0 &&
-                 check_pointer( r ) == 0 );
-
-    mbedtls_free( r );
-    mbedtls_free( q );
-    mbedtls_free( p );
-
-    TEST_ASSERT( check_all_free( ) == 0 );
-
-    /* Memorize end to compare with the next test */
-    end = heap.buf + heap.len;
-
-    mbedtls_memory_buffer_alloc_free( );
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-
-    if( verbose != 0 )
-        mbedtls_printf( "  MBA test #2 (buf not aligned): " );
-
-    mbedtls_memory_buffer_alloc_init( buf + 1, sizeof( buf ) - 1 );
-
-    TEST_ASSERT( heap.buf + heap.len == end );
-
-    p = mbedtls_calloc( 1, 1 );
-    q = mbedtls_calloc( 1, 128 );
-    r = mbedtls_calloc( 1, 16 );
-
-    TEST_ASSERT( check_pointer( p ) == 0 &&
-                 check_pointer( q ) == 0 &&
-                 check_pointer( r ) == 0 );
-
-    mbedtls_free( r );
-    mbedtls_free( q );
-    mbedtls_free( p );
-
-    TEST_ASSERT( check_all_free( ) == 0 );
-
-    mbedtls_memory_buffer_alloc_free( );
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-
-    if( verbose != 0 )
-        mbedtls_printf( "  MBA test #3 (full): " );
-
-    mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) );
-
-    p = mbedtls_calloc( 1, sizeof( buf ) - sizeof( memory_header ) );
-
-    TEST_ASSERT( check_pointer( p ) == 0 );
-    TEST_ASSERT( mbedtls_calloc( 1, 1 ) == NULL );
-
-    mbedtls_free( p );
-
-    p = mbedtls_calloc( 1, sizeof( buf ) - 2 * sizeof( memory_header ) - 16 );
-    q = mbedtls_calloc( 1, 16 );
-
-    TEST_ASSERT( check_pointer( p ) == 0 && check_pointer( q ) == 0 );
-    TEST_ASSERT( mbedtls_calloc( 1, 1 ) == NULL );
-
-    mbedtls_free( q );
-
-    TEST_ASSERT( mbedtls_calloc( 1, 17 ) == NULL );
-
-    mbedtls_free( p );
-
-    TEST_ASSERT( check_all_free( ) == 0 );
-
-    mbedtls_memory_buffer_alloc_free( );
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-
-cleanup:
-    mbedtls_memory_buffer_alloc_free( );
-
-    return( ret );
-}
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/net_sockets.c b/3rdparty/mbedtls-2.25.0/library/net_sockets.c
deleted file mode 100644
index 54c2b47..0000000
--- a/3rdparty/mbedtls-2.25.0/library/net_sockets.c
+++ /dev/null
@@ -1,680 +0,0 @@
-/*
- *  TCP/IP or UDP/IP networking functions
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/* Enable definition of getaddrinfo() even when compiling with -std=c99. Must
- * be set before config.h, which pulls in glibc's features.h indirectly.
- * Harmless on other platforms. */
-#define _POSIX_C_SOURCE 200112L
-#define _XOPEN_SOURCE 600 /* sockaddr_storage */
-
-#include "common.h"
-
-#if defined(MBEDTLS_NET_C)
-
-#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \
-    !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \
-    !defined(__HAIKU__) && !defined(__midipix__)
-#error "This module only works on Unix and Windows, see MBEDTLS_NET_C in config.h"
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#endif
-
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
-    !defined(EFI32)
-
-#define IS_EINTR( ret ) ( ( ret ) == WSAEINTR )
-
-#if !defined(_WIN32_WINNT)
-/* Enables getaddrinfo() & Co */
-#define _WIN32_WINNT 0x0501
-#endif
-
-#include <ws2tcpip.h>
-
-#include <winsock2.h>
-#include <windows.h>
-#if (_WIN32_WINNT < 0x0501)
-#include <wspiapi.h>
-#endif
-
-#if defined(_MSC_VER)
-#if defined(_WIN32_WCE)
-#pragma comment( lib, "ws2.lib" )
-#else
-#pragma comment( lib, "ws2_32.lib" )
-#endif
-#endif /* _MSC_VER */
-
-#define read(fd,buf,len)        recv( fd, (char*)( buf ), (int)( len ), 0 )
-#define write(fd,buf,len)       send( fd, (char*)( buf ), (int)( len ), 0 )
-#define close(fd)               closesocket(fd)
-
-static int wsa_init_done = 0;
-
-#else /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
-
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-#include <sys/time.h>
-#include <unistd.h>
-#include <signal.h>
-#include <fcntl.h>
-#include <netdb.h>
-#include <errno.h>
-
-#define IS_EINTR( ret ) ( ( ret ) == EINTR )
-
-#endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
-
-/* Some MS functions want int and MSVC warns if we pass size_t,
- * but the standard functions use socklen_t, so cast only for MSVC */
-#if defined(_MSC_VER)
-#define MSVC_INT_CAST   (int)
-#else
-#define MSVC_INT_CAST
-#endif
-
-#include <stdio.h>
-
-#include <time.h>
-
-#include <stdint.h>
-
-/*
- * Prepare for using the sockets interface
- */
-static int net_prepare( void )
-{
-#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \
-    !defined(EFI32)
-    WSADATA wsaData;
-
-    if( wsa_init_done == 0 )
-    {
-        if( WSAStartup( MAKEWORD(2,0), &wsaData ) != 0 )
-            return( MBEDTLS_ERR_NET_SOCKET_FAILED );
-
-        wsa_init_done = 1;
-    }
-#else
-#if !defined(EFIX64) && !defined(EFI32)
-    signal( SIGPIPE, SIG_IGN );
-#endif
-#endif
-    return( 0 );
-}
-
-/*
- * Initialize a context
- */
-void mbedtls_net_init( mbedtls_net_context *ctx )
-{
-    ctx->fd = -1;
-}
-
-/*
- * Initiate a TCP connection with host:port and the given protocol
- */
-int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host,
-                         const char *port, int proto )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    struct addrinfo hints, *addr_list, *cur;
-
-    if( ( ret = net_prepare() ) != 0 )
-        return( ret );
-
-    /* Do name resolution with both IPv6 and IPv4 */
-    memset( &hints, 0, sizeof( hints ) );
-    hints.ai_family = AF_UNSPEC;
-    hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM;
-    hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP;
-
-    if( getaddrinfo( host, port, &hints, &addr_list ) != 0 )
-        return( MBEDTLS_ERR_NET_UNKNOWN_HOST );
-
-    /* Try the sockaddrs until a connection succeeds */
-    ret = MBEDTLS_ERR_NET_UNKNOWN_HOST;
-    for( cur = addr_list; cur != NULL; cur = cur->ai_next )
-    {
-        ctx->fd = (int) socket( cur->ai_family, cur->ai_socktype,
-                            cur->ai_protocol );
-        if( ctx->fd < 0 )
-        {
-            ret = MBEDTLS_ERR_NET_SOCKET_FAILED;
-            continue;
-        }
-
-        if( connect( ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen ) == 0 )
-        {
-            ret = 0;
-            break;
-        }
-
-        close( ctx->fd );
-        ret = MBEDTLS_ERR_NET_CONNECT_FAILED;
-    }
-
-    freeaddrinfo( addr_list );
-
-    return( ret );
-}
-
-/*
- * Create a listening socket on bind_ip:port
- */
-int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto )
-{
-    int n, ret;
-    struct addrinfo hints, *addr_list, *cur;
-
-    if( ( ret = net_prepare() ) != 0 )
-        return( ret );
-
-    /* Bind to IPv6 and/or IPv4, but only in the desired protocol */
-    memset( &hints, 0, sizeof( hints ) );
-    hints.ai_family = AF_UNSPEC;
-    hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM;
-    hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP;
-    if( bind_ip == NULL )
-        hints.ai_flags = AI_PASSIVE;
-
-    if( getaddrinfo( bind_ip, port, &hints, &addr_list ) != 0 )
-        return( MBEDTLS_ERR_NET_UNKNOWN_HOST );
-
-    /* Try the sockaddrs until a binding succeeds */
-    ret = MBEDTLS_ERR_NET_UNKNOWN_HOST;
-    for( cur = addr_list; cur != NULL; cur = cur->ai_next )
-    {
-        ctx->fd = (int) socket( cur->ai_family, cur->ai_socktype,
-                            cur->ai_protocol );
-        if( ctx->fd < 0 )
-        {
-            ret = MBEDTLS_ERR_NET_SOCKET_FAILED;
-            continue;
-        }
-
-        n = 1;
-        if( setsockopt( ctx->fd, SOL_SOCKET, SO_REUSEADDR,
-                        (const char *) &n, sizeof( n ) ) != 0 )
-        {
-            close( ctx->fd );
-            ret = MBEDTLS_ERR_NET_SOCKET_FAILED;
-            continue;
-        }
-
-        if( bind( ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen ) != 0 )
-        {
-            close( ctx->fd );
-            ret = MBEDTLS_ERR_NET_BIND_FAILED;
-            continue;
-        }
-
-        /* Listen only makes sense for TCP */
-        if( proto == MBEDTLS_NET_PROTO_TCP )
-        {
-            if( listen( ctx->fd, MBEDTLS_NET_LISTEN_BACKLOG ) != 0 )
-            {
-                close( ctx->fd );
-                ret = MBEDTLS_ERR_NET_LISTEN_FAILED;
-                continue;
-            }
-        }
-
-        /* Bind was successful */
-        ret = 0;
-        break;
-    }
-
-    freeaddrinfo( addr_list );
-
-    return( ret );
-
-}
-
-#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \
-    !defined(EFI32)
-/*
- * Check if the requested operation would be blocking on a non-blocking socket
- * and thus 'failed' with a negative return value.
- */
-static int net_would_block( const mbedtls_net_context *ctx )
-{
-    ((void) ctx);
-    return( WSAGetLastError() == WSAEWOULDBLOCK );
-}
-#else
-/*
- * Check if the requested operation would be blocking on a non-blocking socket
- * and thus 'failed' with a negative return value.
- *
- * Note: on a blocking socket this function always returns 0!
- */
-static int net_would_block( const mbedtls_net_context *ctx )
-{
-    int err = errno;
-
-    /*
-     * Never return 'WOULD BLOCK' on a blocking socket
-     */
-    if( ( fcntl( ctx->fd, F_GETFL ) & O_NONBLOCK ) != O_NONBLOCK )
-    {
-        errno = err;
-        return( 0 );
-    }
-
-    switch( errno = err )
-    {
-#if defined EAGAIN
-        case EAGAIN:
-#endif
-#if defined EWOULDBLOCK && EWOULDBLOCK != EAGAIN
-        case EWOULDBLOCK:
-#endif
-            return( 1 );
-    }
-    return( 0 );
-}
-#endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
-
-/*
- * Accept a connection from a remote client
- */
-int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
-                        mbedtls_net_context *client_ctx,
-                        void *client_ip, size_t buf_size, size_t *ip_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    int type;
-
-    struct sockaddr_storage client_addr;
-
-#if defined(__socklen_t_defined) || defined(_SOCKLEN_T) ||  \
-    defined(_SOCKLEN_T_DECLARED) || defined(__DEFINED_socklen_t) || \
-    defined(socklen_t) || (defined(_POSIX_VERSION) && _POSIX_VERSION >= 200112L)
-    socklen_t n = (socklen_t) sizeof( client_addr );
-    socklen_t type_len = (socklen_t) sizeof( type );
-#else
-    int n = (int) sizeof( client_addr );
-    int type_len = (int) sizeof( type );
-#endif
-
-    /* Is this a TCP or UDP socket? */
-    if( getsockopt( bind_ctx->fd, SOL_SOCKET, SO_TYPE,
-                    (void *) &type, &type_len ) != 0 ||
-        ( type != SOCK_STREAM && type != SOCK_DGRAM ) )
-    {
-        return( MBEDTLS_ERR_NET_ACCEPT_FAILED );
-    }
-
-    if( type == SOCK_STREAM )
-    {
-        /* TCP: actual accept() */
-        ret = client_ctx->fd = (int) accept( bind_ctx->fd,
-                                             (struct sockaddr *) &client_addr, &n );
-    }
-    else
-    {
-        /* UDP: wait for a message, but keep it in the queue */
-        char buf[1] = { 0 };
-
-        ret = (int) recvfrom( bind_ctx->fd, buf, sizeof( buf ), MSG_PEEK,
-                        (struct sockaddr *) &client_addr, &n );
-
-#if defined(_WIN32)
-        if( ret == SOCKET_ERROR &&
-            WSAGetLastError() == WSAEMSGSIZE )
-        {
-            /* We know buf is too small, thanks, just peeking here */
-            ret = 0;
-        }
-#endif
-    }
-
-    if( ret < 0 )
-    {
-        if( net_would_block( bind_ctx ) != 0 )
-            return( MBEDTLS_ERR_SSL_WANT_READ );
-
-        return( MBEDTLS_ERR_NET_ACCEPT_FAILED );
-    }
-
-    /* UDP: hijack the listening socket to communicate with the client,
-     * then bind a new socket to accept new connections */
-    if( type != SOCK_STREAM )
-    {
-        struct sockaddr_storage local_addr;
-        int one = 1;
-
-        if( connect( bind_ctx->fd, (struct sockaddr *) &client_addr, n ) != 0 )
-            return( MBEDTLS_ERR_NET_ACCEPT_FAILED );
-
-        client_ctx->fd = bind_ctx->fd;
-        bind_ctx->fd   = -1; /* In case we exit early */
-
-        n = sizeof( struct sockaddr_storage );
-        if( getsockname( client_ctx->fd,
-                         (struct sockaddr *) &local_addr, &n ) != 0 ||
-            ( bind_ctx->fd = (int) socket( local_addr.ss_family,
-                                           SOCK_DGRAM, IPPROTO_UDP ) ) < 0 ||
-            setsockopt( bind_ctx->fd, SOL_SOCKET, SO_REUSEADDR,
-                        (const char *) &one, sizeof( one ) ) != 0 )
-        {
-            return( MBEDTLS_ERR_NET_SOCKET_FAILED );
-        }
-
-        if( bind( bind_ctx->fd, (struct sockaddr *) &local_addr, n ) != 0 )
-        {
-            return( MBEDTLS_ERR_NET_BIND_FAILED );
-        }
-    }
-
-    if( client_ip != NULL )
-    {
-        if( client_addr.ss_family == AF_INET )
-        {
-            struct sockaddr_in *addr4 = (struct sockaddr_in *) &client_addr;
-            *ip_len = sizeof( addr4->sin_addr.s_addr );
-
-            if( buf_size < *ip_len )
-                return( MBEDTLS_ERR_NET_BUFFER_TOO_SMALL );
-
-            memcpy( client_ip, &addr4->sin_addr.s_addr, *ip_len );
-        }
-        else
-        {
-            struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *) &client_addr;
-            *ip_len = sizeof( addr6->sin6_addr.s6_addr );
-
-            if( buf_size < *ip_len )
-                return( MBEDTLS_ERR_NET_BUFFER_TOO_SMALL );
-
-            memcpy( client_ip, &addr6->sin6_addr.s6_addr, *ip_len);
-        }
-    }
-
-    return( 0 );
-}
-
-/*
- * Set the socket blocking or non-blocking
- */
-int mbedtls_net_set_block( mbedtls_net_context *ctx )
-{
-#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \
-    !defined(EFI32)
-    u_long n = 0;
-    return( ioctlsocket( ctx->fd, FIONBIO, &n ) );
-#else
-    return( fcntl( ctx->fd, F_SETFL, fcntl( ctx->fd, F_GETFL ) & ~O_NONBLOCK ) );
-#endif
-}
-
-int mbedtls_net_set_nonblock( mbedtls_net_context *ctx )
-{
-#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \
-    !defined(EFI32)
-    u_long n = 1;
-    return( ioctlsocket( ctx->fd, FIONBIO, &n ) );
-#else
-    return( fcntl( ctx->fd, F_SETFL, fcntl( ctx->fd, F_GETFL ) | O_NONBLOCK ) );
-#endif
-}
-
-/*
- * Check if data is available on the socket
- */
-
-int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    struct timeval tv;
-
-    fd_set read_fds;
-    fd_set write_fds;
-
-    int fd = ctx->fd;
-
-    if( fd < 0 )
-        return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
-
-#if defined(__has_feature)
-#if __has_feature(memory_sanitizer)
-    /* Ensure that memory sanitizers consider read_fds and write_fds as
-     * initialized even on platforms such as Glibc/x86_64 where FD_ZERO
-     * is implemented in assembly. */
-    memset( &read_fds, 0, sizeof( read_fds ) );
-    memset( &write_fds, 0, sizeof( write_fds ) );
-#endif
-#endif
-
-    FD_ZERO( &read_fds );
-    if( rw & MBEDTLS_NET_POLL_READ )
-    {
-        rw &= ~MBEDTLS_NET_POLL_READ;
-        FD_SET( fd, &read_fds );
-    }
-
-    FD_ZERO( &write_fds );
-    if( rw & MBEDTLS_NET_POLL_WRITE )
-    {
-        rw &= ~MBEDTLS_NET_POLL_WRITE;
-        FD_SET( fd, &write_fds );
-    }
-
-    if( rw != 0 )
-        return( MBEDTLS_ERR_NET_BAD_INPUT_DATA );
-
-    tv.tv_sec  = timeout / 1000;
-    tv.tv_usec = ( timeout % 1000 ) * 1000;
-
-    do
-    {
-        ret = select( fd + 1, &read_fds, &write_fds, NULL,
-                      timeout == (uint32_t) -1 ? NULL : &tv );
-    }
-    while( IS_EINTR( ret ) );
-
-    if( ret < 0 )
-        return( MBEDTLS_ERR_NET_POLL_FAILED );
-
-    ret = 0;
-    if( FD_ISSET( fd, &read_fds ) )
-        ret |= MBEDTLS_NET_POLL_READ;
-    if( FD_ISSET( fd, &write_fds ) )
-        ret |= MBEDTLS_NET_POLL_WRITE;
-
-    return( ret );
-}
-
-/*
- * Portable usleep helper
- */
-void mbedtls_net_usleep( unsigned long usec )
-{
-#if defined(_WIN32)
-    Sleep( ( usec + 999 ) / 1000 );
-#else
-    struct timeval tv;
-    tv.tv_sec  = usec / 1000000;
-#if defined(__unix__) || defined(__unix) || \
-    ( defined(__APPLE__) && defined(__MACH__) )
-    tv.tv_usec = (suseconds_t) usec % 1000000;
-#else
-    tv.tv_usec = usec % 1000000;
-#endif
-    select( 0, NULL, NULL, NULL, &tv );
-#endif
-}
-
-/*
- * Read at most 'len' characters
- */
-int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    int fd = ((mbedtls_net_context *) ctx)->fd;
-
-    if( fd < 0 )
-        return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
-
-    ret = (int) read( fd, buf, len );
-
-    if( ret < 0 )
-    {
-        if( net_would_block( ctx ) != 0 )
-            return( MBEDTLS_ERR_SSL_WANT_READ );
-
-#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \
-    !defined(EFI32)
-        if( WSAGetLastError() == WSAECONNRESET )
-            return( MBEDTLS_ERR_NET_CONN_RESET );
-#else
-        if( errno == EPIPE || errno == ECONNRESET )
-            return( MBEDTLS_ERR_NET_CONN_RESET );
-
-        if( errno == EINTR )
-            return( MBEDTLS_ERR_SSL_WANT_READ );
-#endif
-
-        return( MBEDTLS_ERR_NET_RECV_FAILED );
-    }
-
-    return( ret );
-}
-
-/*
- * Read at most 'len' characters, blocking for at most 'timeout' ms
- */
-int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf,
-                              size_t len, uint32_t timeout )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    struct timeval tv;
-    fd_set read_fds;
-    int fd = ((mbedtls_net_context *) ctx)->fd;
-
-    if( fd < 0 )
-        return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
-
-    FD_ZERO( &read_fds );
-    FD_SET( fd, &read_fds );
-
-    tv.tv_sec  = timeout / 1000;
-    tv.tv_usec = ( timeout % 1000 ) * 1000;
-
-    ret = select( fd + 1, &read_fds, NULL, NULL, timeout == 0 ? NULL : &tv );
-
-    /* Zero fds ready means we timed out */
-    if( ret == 0 )
-        return( MBEDTLS_ERR_SSL_TIMEOUT );
-
-    if( ret < 0 )
-    {
-#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \
-    !defined(EFI32)
-        if( WSAGetLastError() == WSAEINTR )
-            return( MBEDTLS_ERR_SSL_WANT_READ );
-#else
-        if( errno == EINTR )
-            return( MBEDTLS_ERR_SSL_WANT_READ );
-#endif
-
-        return( MBEDTLS_ERR_NET_RECV_FAILED );
-    }
-
-    /* This call will not block */
-    return( mbedtls_net_recv( ctx, buf, len ) );
-}
-
-/*
- * Write at most 'len' characters
- */
-int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    int fd = ((mbedtls_net_context *) ctx)->fd;
-
-    if( fd < 0 )
-        return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
-
-    ret = (int) write( fd, buf, len );
-
-    if( ret < 0 )
-    {
-        if( net_would_block( ctx ) != 0 )
-            return( MBEDTLS_ERR_SSL_WANT_WRITE );
-
-#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \
-    !defined(EFI32)
-        if( WSAGetLastError() == WSAECONNRESET )
-            return( MBEDTLS_ERR_NET_CONN_RESET );
-#else
-        if( errno == EPIPE || errno == ECONNRESET )
-            return( MBEDTLS_ERR_NET_CONN_RESET );
-
-        if( errno == EINTR )
-            return( MBEDTLS_ERR_SSL_WANT_WRITE );
-#endif
-
-        return( MBEDTLS_ERR_NET_SEND_FAILED );
-    }
-
-    return( ret );
-}
-
-/*
- * Close the connection
- */
-void mbedtls_net_close( mbedtls_net_context *ctx )
-{
-    if( ctx->fd == -1 )
-        return;
-
-    close( ctx->fd );
-
-    ctx->fd = -1;
-}
-
-/*
- * Gracefully close the connection
- */
-void mbedtls_net_free( mbedtls_net_context *ctx )
-{
-    if( ctx->fd == -1 )
-        return;
-
-    shutdown( ctx->fd, 2 );
-    close( ctx->fd );
-
-    ctx->fd = -1;
-}
-
-#endif /* MBEDTLS_NET_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/nist_kw.c b/3rdparty/mbedtls-2.25.0/library/nist_kw.c
deleted file mode 100644
index 04829a0..0000000
--- a/3rdparty/mbedtls-2.25.0/library/nist_kw.c
+++ /dev/null
@@ -1,750 +0,0 @@
-/*
- *  Implementation of NIST SP 800-38F key wrapping, supporting KW and KWP modes
- *  only
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- * Definition of Key Wrapping:
- * https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf
- * RFC 3394 "Advanced Encryption Standard (AES) Key Wrap Algorithm"
- * RFC 5649 "Advanced Encryption Standard (AES) Key Wrap with Padding Algorithm"
- *
- * Note: RFC 3394 defines different methodology for intermediate operations for
- * the wrapping and unwrapping operation than the definition in NIST SP 800-38F.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_NIST_KW_C)
-
-#include "mbedtls/nist_kw.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <stdint.h>
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
-
-#if !defined(MBEDTLS_NIST_KW_ALT)
-
-#define KW_SEMIBLOCK_LENGTH    8
-#define MIN_SEMIBLOCKS_COUNT   3
-
-/* constant-time buffer comparison */
-static inline unsigned char mbedtls_nist_kw_safer_memcmp( const void *a, const void *b, size_t n )
-{
-    size_t i;
-    volatile const unsigned char *A = (volatile const unsigned char *) a;
-    volatile const unsigned char *B = (volatile const unsigned char *) b;
-    volatile unsigned char diff = 0;
-
-    for( i = 0; i < n; i++ )
-    {
-        /* Read volatile data in order before computing diff.
-         * This avoids IAR compiler warning:
-         * 'the order of volatile accesses is undefined ..' */
-        unsigned char x = A[i], y = B[i];
-        diff |= x ^ y;
-    }
-
-    return( diff );
-}
-
-/*! The 64-bit default integrity check value (ICV) for KW mode. */
-static const unsigned char NIST_KW_ICV1[] = {0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6};
-/*! The 32-bit default integrity check value (ICV) for KWP mode. */
-static const  unsigned char NIST_KW_ICV2[] = {0xA6, 0x59, 0x59, 0xA6};
-
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i)                            \
-do {                                                    \
-    (n) = ( (uint32_t) (b)[(i)    ] << 24 )             \
-        | ( (uint32_t) (b)[(i) + 1] << 16 )             \
-        | ( (uint32_t) (b)[(i) + 2] <<  8 )             \
-        | ( (uint32_t) (b)[(i) + 3]       );            \
-} while( 0 )
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i)                            \
-do {                                                    \
-    (b)[(i)    ] = (unsigned char) ( (n) >> 24 );       \
-    (b)[(i) + 1] = (unsigned char) ( (n) >> 16 );       \
-    (b)[(i) + 2] = (unsigned char) ( (n) >>  8 );       \
-    (b)[(i) + 3] = (unsigned char) ( (n)       );       \
-} while( 0 )
-#endif
-
-/*
- * Initialize context
- */
-void mbedtls_nist_kw_init( mbedtls_nist_kw_context *ctx )
-{
-    memset( ctx, 0, sizeof( mbedtls_nist_kw_context ) );
-}
-
-int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx,
-                            mbedtls_cipher_id_t cipher,
-                            const unsigned char *key,
-                            unsigned int keybits,
-                            const int is_wrap )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const mbedtls_cipher_info_t *cipher_info;
-
-    cipher_info = mbedtls_cipher_info_from_values( cipher,
-                                                   keybits,
-                                                   MBEDTLS_MODE_ECB );
-    if( cipher_info == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    if( cipher_info->block_size != 16 )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    /*
-     * SP 800-38F currently defines AES cipher as the only block cipher allowed:
-     * "For KW and KWP, the underlying block cipher shall be approved, and the
-     *  block size shall be 128 bits. Currently, the AES block cipher, with key
-     *  lengths of 128, 192, or 256 bits, is the only block cipher that fits
-     *  this profile."
-     *  Currently we don't support other 128 bit block ciphers for key wrapping,
-     *  such as Camellia and Aria.
-     */
-    if( cipher != MBEDTLS_CIPHER_ID_AES )
-        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-
-    mbedtls_cipher_free( &ctx->cipher_ctx );
-
-    if( ( ret = mbedtls_cipher_setup( &ctx->cipher_ctx, cipher_info ) ) != 0 )
-        return( ret );
-
-    if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keybits,
-                                       is_wrap ? MBEDTLS_ENCRYPT :
-                                                 MBEDTLS_DECRYPT )
-                                                                   ) != 0 )
-    {
-        return( ret );
-    }
-
-    return( 0 );
-}
-
-/*
- * Free context
- */
-void mbedtls_nist_kw_free( mbedtls_nist_kw_context *ctx )
-{
-    mbedtls_cipher_free( &ctx->cipher_ctx );
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_nist_kw_context ) );
-}
-
-/*
- * Helper function for Xoring the uint64_t "t" with the encrypted A.
- * Defined in NIST SP 800-38F section 6.1
- */
-static void calc_a_xor_t( unsigned char A[KW_SEMIBLOCK_LENGTH], uint64_t t )
-{
-    size_t i = 0;
-    for( i = 0; i < sizeof( t ); i++ )
-    {
-        A[i] ^= ( t >> ( ( sizeof( t ) - 1 - i ) * 8 ) ) & 0xff;
-    }
-}
-
-/*
- * KW-AE as defined in SP 800-38F section 6.2
- * KWP-AE as defined in SP 800-38F section 6.3
- */
-int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx,
-                          mbedtls_nist_kw_mode_t mode,
-                          const unsigned char *input, size_t in_len,
-                          unsigned char *output, size_t *out_len, size_t out_size )
-{
-    int ret = 0;
-    size_t semiblocks = 0;
-    size_t s;
-    size_t olen, padlen = 0;
-    uint64_t t = 0;
-    unsigned char outbuff[KW_SEMIBLOCK_LENGTH * 2];
-    unsigned char inbuff[KW_SEMIBLOCK_LENGTH * 2];
-    unsigned char *R2 = output + KW_SEMIBLOCK_LENGTH;
-    unsigned char *A = output;
-
-    *out_len = 0;
-    /*
-     * Generate the String to work on
-     */
-    if( mode == MBEDTLS_KW_MODE_KW )
-    {
-        if( out_size < in_len + KW_SEMIBLOCK_LENGTH )
-        {
-            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-        }
-
-        /*
-         * According to SP 800-38F Table 1, the plaintext length for KW
-         * must be between 2 to 2^54-1 semiblocks inclusive.
-         */
-        if( in_len < 16 ||
-#if SIZE_MAX > 0x1FFFFFFFFFFFFF8
-            in_len > 0x1FFFFFFFFFFFFF8 ||
-#endif
-            in_len % KW_SEMIBLOCK_LENGTH != 0 )
-        {
-            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-        }
-
-        memcpy( output, NIST_KW_ICV1, KW_SEMIBLOCK_LENGTH );
-        memmove( output + KW_SEMIBLOCK_LENGTH, input, in_len );
-    }
-    else
-    {
-        if( in_len % 8 != 0 )
-        {
-            padlen = ( 8 - ( in_len % 8 ) );
-        }
-
-        if( out_size < in_len + KW_SEMIBLOCK_LENGTH + padlen )
-        {
-            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-        }
-
-        /*
-         * According to SP 800-38F Table 1, the plaintext length for KWP
-         * must be between 1 and 2^32-1 octets inclusive.
-         */
-        if( in_len < 1
-#if SIZE_MAX > 0xFFFFFFFF
-            || in_len > 0xFFFFFFFF
-#endif
-          )
-        {
-            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-        }
-
-        memcpy( output, NIST_KW_ICV2, KW_SEMIBLOCK_LENGTH / 2 );
-        PUT_UINT32_BE( ( in_len & 0xffffffff ), output,
-                       KW_SEMIBLOCK_LENGTH / 2 );
-
-        memcpy( output + KW_SEMIBLOCK_LENGTH, input, in_len );
-        memset( output + KW_SEMIBLOCK_LENGTH + in_len, 0, padlen );
-    }
-    semiblocks = ( ( in_len + padlen ) / KW_SEMIBLOCK_LENGTH ) + 1;
-
-    s = 6 * ( semiblocks - 1 );
-
-    if( mode == MBEDTLS_KW_MODE_KWP
-        && in_len <= KW_SEMIBLOCK_LENGTH )
-    {
-        memcpy( inbuff, output, 16 );
-        ret = mbedtls_cipher_update( &ctx->cipher_ctx,
-                                     inbuff, 16, output, &olen );
-        if( ret != 0 )
-            goto cleanup;
-    }
-    else
-    {
-        /*
-         * Do the wrapping function W, as defined in RFC 3394 section 2.2.1
-         */
-        if( semiblocks < MIN_SEMIBLOCKS_COUNT )
-        {
-            ret = MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
-            goto cleanup;
-        }
-
-        /* Calculate intermediate values */
-        for( t = 1; t <= s; t++ )
-        {
-            memcpy( inbuff, A, KW_SEMIBLOCK_LENGTH );
-            memcpy( inbuff + KW_SEMIBLOCK_LENGTH, R2, KW_SEMIBLOCK_LENGTH );
-
-            ret = mbedtls_cipher_update( &ctx->cipher_ctx,
-                                         inbuff, 16, outbuff, &olen );
-            if( ret != 0 )
-                goto cleanup;
-
-            memcpy( A, outbuff, KW_SEMIBLOCK_LENGTH );
-            calc_a_xor_t( A, t );
-
-            memcpy( R2, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH );
-            R2 += KW_SEMIBLOCK_LENGTH;
-            if( R2 >= output + ( semiblocks * KW_SEMIBLOCK_LENGTH ) )
-                R2 = output + KW_SEMIBLOCK_LENGTH;
-        }
-    }
-
-    *out_len = semiblocks * KW_SEMIBLOCK_LENGTH;
-
-cleanup:
-
-    if( ret != 0)
-    {
-        memset( output, 0, semiblocks * KW_SEMIBLOCK_LENGTH );
-    }
-    mbedtls_platform_zeroize( inbuff, KW_SEMIBLOCK_LENGTH * 2 );
-    mbedtls_platform_zeroize( outbuff, KW_SEMIBLOCK_LENGTH * 2 );
-
-    return( ret );
-}
-
-/*
- * W-1 function as defined in RFC 3394 section 2.2.2
- * This function assumes the following:
- * 1. Output buffer is at least of size ( semiblocks - 1 ) * KW_SEMIBLOCK_LENGTH.
- * 2. The input buffer is of size semiblocks * KW_SEMIBLOCK_LENGTH.
- * 3. Minimal number of semiblocks is 3.
- * 4. A is a buffer to hold the first semiblock of the input buffer.
- */
-static int unwrap( mbedtls_nist_kw_context *ctx,
-                   const unsigned char *input, size_t semiblocks,
-                   unsigned char A[KW_SEMIBLOCK_LENGTH],
-                   unsigned char *output, size_t* out_len )
-{
-    int ret = 0;
-    const size_t s = 6 * ( semiblocks - 1 );
-    size_t olen;
-    uint64_t t = 0;
-    unsigned char outbuff[KW_SEMIBLOCK_LENGTH * 2];
-    unsigned char inbuff[KW_SEMIBLOCK_LENGTH * 2];
-    unsigned char *R = output + ( semiblocks - 2 ) * KW_SEMIBLOCK_LENGTH;
-    *out_len = 0;
-
-    if( semiblocks < MIN_SEMIBLOCKS_COUNT )
-    {
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-    }
-
-    memcpy( A, input, KW_SEMIBLOCK_LENGTH );
-    memmove( output, input + KW_SEMIBLOCK_LENGTH, ( semiblocks - 1 ) * KW_SEMIBLOCK_LENGTH );
-
-    /* Calculate intermediate values */
-    for( t = s; t >= 1; t-- )
-    {
-        calc_a_xor_t( A, t );
-
-        memcpy( inbuff, A, KW_SEMIBLOCK_LENGTH );
-        memcpy( inbuff + KW_SEMIBLOCK_LENGTH, R, KW_SEMIBLOCK_LENGTH );
-
-        ret = mbedtls_cipher_update( &ctx->cipher_ctx,
-                                     inbuff, 16, outbuff, &olen );
-        if( ret != 0 )
-            goto cleanup;
-
-        memcpy( A, outbuff, KW_SEMIBLOCK_LENGTH );
-
-        /* Set R as LSB64 of outbuff */
-        memcpy( R, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH );
-
-        if( R == output )
-            R = output + ( semiblocks - 2 ) * KW_SEMIBLOCK_LENGTH;
-        else
-            R -= KW_SEMIBLOCK_LENGTH;
-    }
-
-    *out_len = ( semiblocks - 1 ) * KW_SEMIBLOCK_LENGTH;
-
-cleanup:
-    if( ret != 0)
-        memset( output, 0, ( semiblocks - 1 ) * KW_SEMIBLOCK_LENGTH );
-    mbedtls_platform_zeroize( inbuff, sizeof( inbuff )  );
-    mbedtls_platform_zeroize( outbuff, sizeof( outbuff ) );
-
-    return( ret );
-}
-
-/*
- * KW-AD as defined in SP 800-38F section 6.2
- * KWP-AD as defined in SP 800-38F section 6.3
- */
-int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx,
-                            mbedtls_nist_kw_mode_t mode,
-                            const unsigned char *input, size_t in_len,
-                            unsigned char *output, size_t *out_len, size_t out_size )
-{
-    int ret = 0;
-    size_t i, olen;
-    unsigned char A[KW_SEMIBLOCK_LENGTH];
-    unsigned char diff, bad_padding = 0;
-
-    *out_len = 0;
-    if( out_size < in_len - KW_SEMIBLOCK_LENGTH )
-    {
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-    }
-
-    if( mode == MBEDTLS_KW_MODE_KW )
-    {
-        /*
-         * According to SP 800-38F Table 1, the ciphertext length for KW
-         * must be between 3 to 2^54 semiblocks inclusive.
-         */
-        if( in_len < 24 ||
-#if SIZE_MAX > 0x200000000000000
-            in_len > 0x200000000000000 ||
-#endif
-            in_len % KW_SEMIBLOCK_LENGTH != 0 )
-        {
-            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-        }
-
-        ret = unwrap( ctx, input, in_len / KW_SEMIBLOCK_LENGTH,
-                      A, output, out_len );
-        if( ret != 0 )
-            goto cleanup;
-
-        /* Check ICV in "constant-time" */
-        diff = mbedtls_nist_kw_safer_memcmp( NIST_KW_ICV1, A, KW_SEMIBLOCK_LENGTH );
-
-        if( diff != 0 )
-        {
-            ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
-            goto cleanup;
-        }
-
-    }
-    else if( mode == MBEDTLS_KW_MODE_KWP )
-    {
-        size_t padlen = 0;
-        uint32_t Plen;
-        /*
-         * According to SP 800-38F Table 1, the ciphertext length for KWP
-         * must be between 2 to 2^29 semiblocks inclusive.
-         */
-        if( in_len < KW_SEMIBLOCK_LENGTH * 2 ||
-#if SIZE_MAX > 0x100000000
-            in_len > 0x100000000 ||
-#endif
-            in_len % KW_SEMIBLOCK_LENGTH != 0 )
-        {
-            return(  MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-        }
-
-        if( in_len == KW_SEMIBLOCK_LENGTH * 2 )
-        {
-            unsigned char outbuff[KW_SEMIBLOCK_LENGTH * 2];
-            ret = mbedtls_cipher_update( &ctx->cipher_ctx,
-                                         input, 16, outbuff, &olen );
-            if( ret != 0 )
-                goto cleanup;
-
-            memcpy( A, outbuff, KW_SEMIBLOCK_LENGTH );
-            memcpy( output, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH );
-            mbedtls_platform_zeroize( outbuff, sizeof( outbuff ) );
-            *out_len = KW_SEMIBLOCK_LENGTH;
-        }
-        else
-        {
-            /* in_len >=  KW_SEMIBLOCK_LENGTH * 3 */
-            ret = unwrap( ctx, input, in_len / KW_SEMIBLOCK_LENGTH,
-                          A, output, out_len );
-            if( ret != 0 )
-                goto cleanup;
-        }
-
-        /* Check ICV in "constant-time" */
-        diff = mbedtls_nist_kw_safer_memcmp( NIST_KW_ICV2, A, KW_SEMIBLOCK_LENGTH / 2 );
-
-        if( diff != 0 )
-        {
-            ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
-        }
-
-        GET_UINT32_BE( Plen, A, KW_SEMIBLOCK_LENGTH / 2 );
-
-        /*
-         * Plen is the length of the plaintext, when the input is valid.
-         * If Plen is larger than the plaintext and padding, padlen will be
-         * larger than 8, because of the type wrap around.
-         */
-        padlen = in_len - KW_SEMIBLOCK_LENGTH - Plen;
-        if ( padlen > 7 )
-        {
-            padlen &= 7;
-            ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
-        }
-
-        /* Check padding in "constant-time" */
-        for( diff = 0, i = 0; i < KW_SEMIBLOCK_LENGTH; i++ )
-        {
-             if( i >= KW_SEMIBLOCK_LENGTH - padlen )
-                 diff |= output[*out_len - KW_SEMIBLOCK_LENGTH + i];
-             else
-                 bad_padding |= output[*out_len - KW_SEMIBLOCK_LENGTH + i];
-        }
-
-        if( diff != 0 )
-        {
-            ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
-        }
-
-        if( ret != 0 )
-        {
-            goto cleanup;
-        }
-        memset( output + Plen, 0, padlen );
-        *out_len = Plen;
-    }
-    else
-    {
-        ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
-        goto cleanup;
-    }
-
-cleanup:
-    if( ret != 0 )
-    {
-        memset( output, 0, *out_len );
-        *out_len = 0;
-    }
-
-    mbedtls_platform_zeroize( &bad_padding, sizeof( bad_padding) );
-    mbedtls_platform_zeroize( &diff, sizeof( diff ) );
-    mbedtls_platform_zeroize( A, sizeof( A ) );
-
-    return( ret );
-}
-
-#endif /* !MBEDTLS_NIST_KW_ALT */
-
-#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
-
-#define KW_TESTS 3
-
-/*
- * Test vectors taken from NIST
- * https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/CAVP-TESTING-BLOCK-CIPHER-MODES#KW
- */
-static const unsigned int key_len[KW_TESTS] = { 16, 24, 32 };
-
-static const unsigned char kw_key[KW_TESTS][32] = {
-    { 0x75, 0x75, 0xda, 0x3a, 0x93, 0x60, 0x7c, 0xc2,
-      0xbf, 0xd8, 0xce, 0xc7, 0xaa, 0xdf, 0xd9, 0xa6 },
-    { 0x2d, 0x85, 0x26, 0x08, 0x1d, 0x02, 0xfb, 0x5b,
-      0x85, 0xf6, 0x9a, 0xc2, 0x86, 0xec, 0xd5, 0x7d,
-      0x40, 0xdf, 0x5d, 0xf3, 0x49, 0x47, 0x44, 0xd3 },
-    { 0x11, 0x2a, 0xd4, 0x1b, 0x48, 0x56, 0xc7, 0x25,
-      0x4a, 0x98, 0x48, 0xd3, 0x0f, 0xdd, 0x78, 0x33,
-      0x5b, 0x03, 0x9a, 0x48, 0xa8, 0x96, 0x2c, 0x4d,
-      0x1c, 0xb7, 0x8e, 0xab, 0xd5, 0xda, 0xd7, 0x88 }
-};
-
-static const unsigned char kw_msg[KW_TESTS][40] = {
-    { 0x42, 0x13, 0x6d, 0x3c, 0x38, 0x4a, 0x3e, 0xea,
-      0xc9, 0x5a, 0x06, 0x6f, 0xd2, 0x8f, 0xed, 0x3f },
-    { 0x95, 0xc1, 0x1b, 0xf5, 0x35, 0x3a, 0xfe, 0xdb,
-      0x98, 0xfd, 0xd6, 0xc8, 0xca, 0x6f, 0xdb, 0x6d,
-      0xa5, 0x4b, 0x74, 0xb4, 0x99, 0x0f, 0xdc, 0x45,
-      0xc0, 0x9d, 0x15, 0x8f, 0x51, 0xce, 0x62, 0x9d,
-      0xe2, 0xaf, 0x26, 0xe3, 0x25, 0x0e, 0x6b, 0x4c },
-    { 0x1b, 0x20, 0xbf, 0x19, 0x90, 0xb0, 0x65, 0xd7,
-      0x98, 0xe1, 0xb3, 0x22, 0x64, 0xad, 0x50, 0xa8,
-      0x74, 0x74, 0x92, 0xba, 0x09, 0xa0, 0x4d, 0xd1 }
-};
-
-static const size_t kw_msg_len[KW_TESTS] = { 16, 40, 24 };
-static const size_t kw_out_len[KW_TESTS] = { 24, 48, 32 };
-static const unsigned char kw_res[KW_TESTS][48] = {
-    { 0x03, 0x1f, 0x6b, 0xd7, 0xe6, 0x1e, 0x64, 0x3d,
-      0xf6, 0x85, 0x94, 0x81, 0x6f, 0x64, 0xca, 0xa3,
-      0xf5, 0x6f, 0xab, 0xea, 0x25, 0x48, 0xf5, 0xfb },
-    { 0x44, 0x3c, 0x6f, 0x15, 0x09, 0x83, 0x71, 0x91,
-      0x3e, 0x5c, 0x81, 0x4c, 0xa1, 0xa0, 0x42, 0xec,
-      0x68, 0x2f, 0x7b, 0x13, 0x6d, 0x24, 0x3a, 0x4d,
-      0x6c, 0x42, 0x6f, 0xc6, 0x97, 0x15, 0x63, 0xe8,
-      0xa1, 0x4a, 0x55, 0x8e, 0x09, 0x64, 0x16, 0x19,
-      0xbf, 0x03, 0xfc, 0xaf, 0x90, 0xb1, 0xfc, 0x2d },
-    { 0xba, 0x8a, 0x25, 0x9a, 0x47, 0x1b, 0x78, 0x7d,
-      0xd5, 0xd5, 0x40, 0xec, 0x25, 0xd4, 0x3d, 0x87,
-      0x20, 0x0f, 0xda, 0xdc, 0x6d, 0x1f, 0x05, 0xd9,
-      0x16, 0x58, 0x4f, 0xa9, 0xf6, 0xcb, 0xf5, 0x12 }
-};
-
-static const unsigned char kwp_key[KW_TESTS][32] = {
-    { 0x78, 0x65, 0xe2, 0x0f, 0x3c, 0x21, 0x65, 0x9a,
-      0xb4, 0x69, 0x0b, 0x62, 0x9c, 0xdf, 0x3c, 0xc4 },
-    { 0xf5, 0xf8, 0x96, 0xa3, 0xbd, 0x2f, 0x4a, 0x98,
-      0x23, 0xef, 0x16, 0x2b, 0x00, 0xb8, 0x05, 0xd7,
-      0xde, 0x1e, 0xa4, 0x66, 0x26, 0x96, 0xa2, 0x58 },
-    { 0x95, 0xda, 0x27, 0x00, 0xca, 0x6f, 0xd9, 0xa5,
-      0x25, 0x54, 0xee, 0x2a, 0x8d, 0xf1, 0x38, 0x6f,
-      0x5b, 0x94, 0xa1, 0xa6, 0x0e, 0xd8, 0xa4, 0xae,
-      0xf6, 0x0a, 0x8d, 0x61, 0xab, 0x5f, 0x22, 0x5a }
-};
-
-static const unsigned char kwp_msg[KW_TESTS][31] = {
-    { 0xbd, 0x68, 0x43, 0xd4, 0x20, 0x37, 0x8d, 0xc8,
-      0x96 },
-    { 0x6c, 0xcd, 0xd5, 0x85, 0x18, 0x40, 0x97, 0xeb,
-      0xd5, 0xc3, 0xaf, 0x3e, 0x47, 0xd0, 0x2c, 0x19,
-      0x14, 0x7b, 0x4d, 0x99, 0x5f, 0x96, 0x43, 0x66,
-      0x91, 0x56, 0x75, 0x8c, 0x13, 0x16, 0x8f },
-    { 0xd1 }
-};
-static const size_t kwp_msg_len[KW_TESTS] = { 9, 31, 1 };
-
-static const unsigned char kwp_res[KW_TESTS][48] = {
-    { 0x41, 0xec, 0xa9, 0x56, 0xd4, 0xaa, 0x04, 0x7e,
-      0xb5, 0xcf, 0x4e, 0xfe, 0x65, 0x96, 0x61, 0xe7,
-      0x4d, 0xb6, 0xf8, 0xc5, 0x64, 0xe2, 0x35, 0x00 },
-    { 0x4e, 0x9b, 0xc2, 0xbc, 0xbc, 0x6c, 0x1e, 0x13,
-      0xd3, 0x35, 0xbc, 0xc0, 0xf7, 0x73, 0x6a, 0x88,
-      0xfa, 0x87, 0x53, 0x66, 0x15, 0xbb, 0x8e, 0x63,
-      0x8b, 0xcc, 0x81, 0x66, 0x84, 0x68, 0x17, 0x90,
-      0x67, 0xcf, 0xa9, 0x8a, 0x9d, 0x0e, 0x33, 0x26 },
-    { 0x06, 0xba, 0x7a, 0xe6, 0xf3, 0x24, 0x8c, 0xfd,
-      0xcf, 0x26, 0x75, 0x07, 0xfa, 0x00, 0x1b, 0xc4  }
-};
-static const size_t kwp_out_len[KW_TESTS] = { 24, 40, 16 };
-
-int mbedtls_nist_kw_self_test( int verbose )
-{
-    mbedtls_nist_kw_context ctx;
-    unsigned char out[48];
-    size_t olen;
-    int i;
-    int ret = 0;
-    mbedtls_nist_kw_init( &ctx );
-
-    for( i = 0; i < KW_TESTS; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  KW-AES-%u ", (unsigned int) key_len[i] * 8 );
-
-        ret = mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
-                                      kw_key[i], key_len[i] * 8, 1 );
-        if( ret != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "  KW: setup failed " );
-
-            goto end;
-        }
-
-        ret = mbedtls_nist_kw_wrap( &ctx, MBEDTLS_KW_MODE_KW, kw_msg[i],
-                                    kw_msg_len[i], out, &olen, sizeof( out ) );
-        if( ret != 0 || kw_out_len[i] != olen ||
-            memcmp( out, kw_res[i], kw_out_len[i] ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed. ");
-
-            ret = 1;
-            goto end;
-        }
-
-        if( ( ret = mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
-                                            kw_key[i], key_len[i] * 8, 0 ) )
-              != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "  KW: setup failed ");
-
-            goto end;
-        }
-
-        ret = mbedtls_nist_kw_unwrap( &ctx, MBEDTLS_KW_MODE_KW,
-                                      out, olen, out, &olen, sizeof( out ) );
-
-        if( ret != 0 || olen != kw_msg_len[i] ||
-            memcmp( out, kw_msg[i], kw_msg_len[i] ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
-
-            ret = 1;
-            goto end;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( " passed\n" );
-    }
-
-    for( i = 0; i < KW_TESTS; i++ )
-    {
-        olen = sizeof( out );
-        if( verbose != 0 )
-            mbedtls_printf( "  KWP-AES-%u ", (unsigned int) key_len[i] * 8 );
-
-        ret = mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, kwp_key[i],
-                                      key_len[i] * 8, 1 );
-        if( ret  != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "  KWP: setup failed " );
-
-            goto end;
-        }
-        ret = mbedtls_nist_kw_wrap( &ctx, MBEDTLS_KW_MODE_KWP, kwp_msg[i],
-                                    kwp_msg_len[i], out, &olen, sizeof( out ) );
-
-        if( ret != 0 || kwp_out_len[i] != olen ||
-            memcmp( out, kwp_res[i], kwp_out_len[i] ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed. ");
-
-            ret = 1;
-            goto end;
-        }
-
-        if( ( ret = mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
-                                            kwp_key[i], key_len[i] * 8, 0 ) )
-              != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "  KWP: setup failed ");
-
-            goto end;
-        }
-
-        ret = mbedtls_nist_kw_unwrap(  &ctx, MBEDTLS_KW_MODE_KWP, out,
-                                       olen, out, &olen, sizeof( out ) );
-
-        if( ret != 0 || olen != kwp_msg_len[i] ||
-            memcmp( out, kwp_msg[i], kwp_msg_len[i] ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed. ");
-
-            ret = 1;
-            goto end;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( " passed\n" );
-    }
-end:
-    mbedtls_nist_kw_free( &ctx );
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
-
-#endif /* MBEDTLS_NIST_KW_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/oid.c b/3rdparty/mbedtls-2.25.0/library/oid.c
deleted file mode 100644
index 19c8ac2..0000000
--- a/3rdparty/mbedtls-2.25.0/library/oid.c
+++ /dev/null
@@ -1,767 +0,0 @@
-/**
- * \file oid.c
- *
- * \brief Object Identifier (OID) database
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_OID_C)
-
-#include "mbedtls/oid.h"
-#include "mbedtls/rsa.h"
-#include "mbedtls/error.h"
-
-#include <stdio.h>
-#include <string.h>
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#define mbedtls_snprintf snprintf
-#endif
-
-/*
- * Macro to automatically add the size of #define'd OIDs
- */
-#define ADD_LEN(s)      s, MBEDTLS_OID_SIZE(s)
-
-/*
- * Macro to generate an internal function for oid_XXX_from_asn1() (used by
- * the other functions)
- */
-#define FN_OID_TYPED_FROM_ASN1( TYPE_T, NAME, LIST )                    \
-    static const TYPE_T * oid_ ## NAME ## _from_asn1(                   \
-                                      const mbedtls_asn1_buf *oid )     \
-    {                                                                   \
-        const TYPE_T *p = (LIST);                                       \
-        const mbedtls_oid_descriptor_t *cur =                           \
-            (const mbedtls_oid_descriptor_t *) p;                       \
-        if( p == NULL || oid == NULL ) return( NULL );                  \
-        while( cur->asn1 != NULL ) {                                    \
-            if( cur->asn1_len == oid->len &&                            \
-                memcmp( cur->asn1, oid->p, oid->len ) == 0 ) {          \
-                return( p );                                            \
-            }                                                           \
-            p++;                                                        \
-            cur = (const mbedtls_oid_descriptor_t *) p;                 \
-        }                                                               \
-        return( NULL );                                                 \
-    }
-
-/*
- * Macro to generate a function for retrieving a single attribute from the
- * descriptor of an mbedtls_oid_descriptor_t wrapper.
- */
-#define FN_OID_GET_DESCRIPTOR_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
-int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 )                  \
-{                                                                       \
-    const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid );        \
-    if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND );            \
-    *ATTR1 = data->descriptor.ATTR1;                                    \
-    return( 0 );                                                        \
-}
-
-/*
- * Macro to generate a function for retrieving a single attribute from an
- * mbedtls_oid_descriptor_t wrapper.
- */
-#define FN_OID_GET_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
-int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 )                  \
-{                                                                       \
-    const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid );        \
-    if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND );            \
-    *ATTR1 = data->ATTR1;                                               \
-    return( 0 );                                                        \
-}
-
-/*
- * Macro to generate a function for retrieving two attributes from an
- * mbedtls_oid_descriptor_t wrapper.
- */
-#define FN_OID_GET_ATTR2(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1,     \
-                         ATTR2_TYPE, ATTR2)                                 \
-int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1,               \
-                                          ATTR2_TYPE * ATTR2 )              \
-{                                                                           \
-    const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid );            \
-    if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND );                 \
-    *(ATTR1) = data->ATTR1;                                                 \
-    *(ATTR2) = data->ATTR2;                                                 \
-    return( 0 );                                                            \
-}
-
-/*
- * Macro to generate a function for retrieving the OID based on a single
- * attribute from a mbedtls_oid_descriptor_t wrapper.
- */
-#define FN_OID_GET_OID_BY_ATTR1(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1)   \
-int FN_NAME( ATTR1_TYPE ATTR1, const char **oid, size_t *olen )             \
-{                                                                           \
-    const TYPE_T *cur = (LIST);                                             \
-    while( cur->descriptor.asn1 != NULL ) {                                 \
-        if( cur->ATTR1 == (ATTR1) ) {                                       \
-            *oid = cur->descriptor.asn1;                                    \
-            *olen = cur->descriptor.asn1_len;                               \
-            return( 0 );                                                    \
-        }                                                                   \
-        cur++;                                                              \
-    }                                                                       \
-    return( MBEDTLS_ERR_OID_NOT_FOUND );                                    \
-}
-
-/*
- * Macro to generate a function for retrieving the OID based on two
- * attributes from a mbedtls_oid_descriptor_t wrapper.
- */
-#define FN_OID_GET_OID_BY_ATTR2(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1,   \
-                                ATTR2_TYPE, ATTR2)                          \
-int FN_NAME( ATTR1_TYPE ATTR1, ATTR2_TYPE ATTR2, const char **oid ,         \
-             size_t *olen )                                                 \
-{                                                                           \
-    const TYPE_T *cur = (LIST);                                             \
-    while( cur->descriptor.asn1 != NULL ) {                                 \
-        if( cur->ATTR1 == (ATTR1) && cur->ATTR2 == (ATTR2) ) {              \
-            *oid = cur->descriptor.asn1;                                    \
-            *olen = cur->descriptor.asn1_len;                               \
-            return( 0 );                                                    \
-        }                                                                   \
-        cur++;                                                              \
-    }                                                                       \
-    return( MBEDTLS_ERR_OID_NOT_FOUND );                                   \
-}
-
-/*
- * For X520 attribute types
- */
-typedef struct {
-    mbedtls_oid_descriptor_t    descriptor;
-    const char          *short_name;
-} oid_x520_attr_t;
-
-static const oid_x520_attr_t oid_x520_attr_type[] =
-{
-    {
-        { ADD_LEN( MBEDTLS_OID_AT_CN ),          "id-at-commonName",               "Common Name" },
-        "CN",
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_AT_COUNTRY ),     "id-at-countryName",              "Country" },
-        "C",
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_AT_LOCALITY ),    "id-at-locality",                 "Locality" },
-        "L",
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_AT_STATE ),       "id-at-state",                    "State" },
-        "ST",
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_AT_ORGANIZATION ),"id-at-organizationName",         "Organization" },
-        "O",
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_AT_ORG_UNIT ),    "id-at-organizationalUnitName",   "Org Unit" },
-        "OU",
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_PKCS9_EMAIL ),    "emailAddress",                   "E-mail address" },
-        "emailAddress",
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_AT_SERIAL_NUMBER ),"id-at-serialNumber",            "Serial number" },
-        "serialNumber",
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_AT_POSTAL_ADDRESS ),"id-at-postalAddress",          "Postal address" },
-        "postalAddress",
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_AT_POSTAL_CODE ), "id-at-postalCode",               "Postal code" },
-        "postalCode",
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_AT_SUR_NAME ),    "id-at-surName",                  "Surname" },
-        "SN",
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_AT_GIVEN_NAME ),  "id-at-givenName",                "Given name" },
-        "GN",
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_AT_INITIALS ),    "id-at-initials",                 "Initials" },
-        "initials",
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_AT_GENERATION_QUALIFIER ), "id-at-generationQualifier", "Generation qualifier" },
-        "generationQualifier",
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_AT_TITLE ),       "id-at-title",                    "Title" },
-        "title",
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_AT_DN_QUALIFIER ),"id-at-dnQualifier",              "Distinguished Name qualifier" },
-        "dnQualifier",
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_AT_PSEUDONYM ),   "id-at-pseudonym",                "Pseudonym" },
-        "pseudonym",
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_DOMAIN_COMPONENT ), "id-domainComponent",           "Domain component" },
-        "DC",
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_AT_UNIQUE_IDENTIFIER ), "id-at-uniqueIdentifier",    "Unique Identifier" },
-        "uniqueIdentifier",
-    },
-    {
-        { NULL, 0, NULL, NULL },
-        NULL,
-    }
-};
-
-FN_OID_TYPED_FROM_ASN1(oid_x520_attr_t, x520_attr, oid_x520_attr_type)
-FN_OID_GET_ATTR1(mbedtls_oid_get_attr_short_name, oid_x520_attr_t, x520_attr, const char *, short_name)
-
-/*
- * For X509 extensions
- */
-typedef struct {
-    mbedtls_oid_descriptor_t    descriptor;
-    int                 ext_type;
-} oid_x509_ext_t;
-
-static const oid_x509_ext_t oid_x509_ext[] =
-{
-    {
-        { ADD_LEN( MBEDTLS_OID_BASIC_CONSTRAINTS ),    "id-ce-basicConstraints",    "Basic Constraints" },
-        MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS,
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_KEY_USAGE ),            "id-ce-keyUsage",            "Key Usage" },
-        MBEDTLS_OID_X509_EXT_KEY_USAGE,
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_EXTENDED_KEY_USAGE ),   "id-ce-extKeyUsage",         "Extended Key Usage" },
-        MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE,
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_SUBJECT_ALT_NAME ),     "id-ce-subjectAltName",      "Subject Alt Name" },
-        MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME,
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_NS_CERT_TYPE ),         "id-netscape-certtype",      "Netscape Certificate Type" },
-        MBEDTLS_OID_X509_EXT_NS_CERT_TYPE,
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_CERTIFICATE_POLICIES ), "id-ce-certificatePolicies", "Certificate Policies" },
-        MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES,
-    },
-    {
-        { NULL, 0, NULL, NULL },
-        0,
-    },
-};
-
-FN_OID_TYPED_FROM_ASN1(oid_x509_ext_t, x509_ext, oid_x509_ext)
-FN_OID_GET_ATTR1(mbedtls_oid_get_x509_ext_type, oid_x509_ext_t, x509_ext, int, ext_type)
-
-static const mbedtls_oid_descriptor_t oid_ext_key_usage[] =
-{
-    { ADD_LEN( MBEDTLS_OID_SERVER_AUTH ),      "id-kp-serverAuth",       "TLS Web Server Authentication" },
-    { ADD_LEN( MBEDTLS_OID_CLIENT_AUTH ),      "id-kp-clientAuth",       "TLS Web Client Authentication" },
-    { ADD_LEN( MBEDTLS_OID_CODE_SIGNING ),     "id-kp-codeSigning",      "Code Signing" },
-    { ADD_LEN( MBEDTLS_OID_EMAIL_PROTECTION ), "id-kp-emailProtection",  "E-mail Protection" },
-    { ADD_LEN( MBEDTLS_OID_TIME_STAMPING ),    "id-kp-timeStamping",     "Time Stamping" },
-    { ADD_LEN( MBEDTLS_OID_OCSP_SIGNING ),     "id-kp-OCSPSigning",      "OCSP Signing" },
-    { ADD_LEN( MBEDTLS_OID_WISUN_FAN ),        "id-kp-wisun-fan-device", "Wi-SUN Alliance Field Area Network (FAN)" },
-    { NULL, 0, NULL, NULL },
-};
-
-FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, ext_key_usage, oid_ext_key_usage)
-FN_OID_GET_ATTR1(mbedtls_oid_get_extended_key_usage, mbedtls_oid_descriptor_t, ext_key_usage, const char *, description)
-
-static const mbedtls_oid_descriptor_t oid_certificate_policies[] =
-{
-    { ADD_LEN( MBEDTLS_OID_ANY_POLICY ),      "anyPolicy",       "Any Policy" },
-    { NULL, 0, NULL, NULL },
-};
-
-FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, certificate_policies, oid_certificate_policies)
-FN_OID_GET_ATTR1(mbedtls_oid_get_certificate_policies, mbedtls_oid_descriptor_t, certificate_policies, const char *, description)
-
-#if defined(MBEDTLS_MD_C)
-/*
- * For SignatureAlgorithmIdentifier
- */
-typedef struct {
-    mbedtls_oid_descriptor_t    descriptor;
-    mbedtls_md_type_t           md_alg;
-    mbedtls_pk_type_t           pk_alg;
-} oid_sig_alg_t;
-
-static const oid_sig_alg_t oid_sig_alg[] =
-{
-#if defined(MBEDTLS_RSA_C)
-#if defined(MBEDTLS_MD2_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_PKCS1_MD2 ),        "md2WithRSAEncryption",     "RSA with MD2" },
-        MBEDTLS_MD_MD2,      MBEDTLS_PK_RSA,
-    },
-#endif /* MBEDTLS_MD2_C */
-#if defined(MBEDTLS_MD4_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_PKCS1_MD4 ),        "md4WithRSAEncryption",     "RSA with MD4" },
-        MBEDTLS_MD_MD4,      MBEDTLS_PK_RSA,
-    },
-#endif /* MBEDTLS_MD4_C */
-#if defined(MBEDTLS_MD5_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_PKCS1_MD5 ),        "md5WithRSAEncryption",     "RSA with MD5" },
-        MBEDTLS_MD_MD5,      MBEDTLS_PK_RSA,
-    },
-#endif /* MBEDTLS_MD5_C */
-#if defined(MBEDTLS_SHA1_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_PKCS1_SHA1 ),       "sha-1WithRSAEncryption",   "RSA with SHA1" },
-        MBEDTLS_MD_SHA1,     MBEDTLS_PK_RSA,
-    },
-#endif /* MBEDTLS_SHA1_C */
-#if defined(MBEDTLS_SHA256_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_PKCS1_SHA224 ),     "sha224WithRSAEncryption",  "RSA with SHA-224" },
-        MBEDTLS_MD_SHA224,   MBEDTLS_PK_RSA,
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_PKCS1_SHA256 ),     "sha256WithRSAEncryption",  "RSA with SHA-256" },
-        MBEDTLS_MD_SHA256,   MBEDTLS_PK_RSA,
-    },
-#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_PKCS1_SHA384 ),     "sha384WithRSAEncryption",  "RSA with SHA-384" },
-        MBEDTLS_MD_SHA384,   MBEDTLS_PK_RSA,
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_PKCS1_SHA512 ),     "sha512WithRSAEncryption",  "RSA with SHA-512" },
-        MBEDTLS_MD_SHA512,   MBEDTLS_PK_RSA,
-    },
-#endif /* MBEDTLS_SHA512_C */
-#if defined(MBEDTLS_SHA1_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_RSA_SHA_OBS ),      "sha-1WithRSAEncryption",   "RSA with SHA1" },
-        MBEDTLS_MD_SHA1,     MBEDTLS_PK_RSA,
-    },
-#endif /* MBEDTLS_SHA1_C */
-#endif /* MBEDTLS_RSA_C */
-#if defined(MBEDTLS_ECDSA_C)
-#if defined(MBEDTLS_SHA1_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_ECDSA_SHA1 ),       "ecdsa-with-SHA1",      "ECDSA with SHA1" },
-        MBEDTLS_MD_SHA1,     MBEDTLS_PK_ECDSA,
-    },
-#endif /* MBEDTLS_SHA1_C */
-#if defined(MBEDTLS_SHA256_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_ECDSA_SHA224 ),     "ecdsa-with-SHA224",    "ECDSA with SHA224" },
-        MBEDTLS_MD_SHA224,   MBEDTLS_PK_ECDSA,
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_ECDSA_SHA256 ),     "ecdsa-with-SHA256",    "ECDSA with SHA256" },
-        MBEDTLS_MD_SHA256,   MBEDTLS_PK_ECDSA,
-    },
-#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_ECDSA_SHA384 ),     "ecdsa-with-SHA384",    "ECDSA with SHA384" },
-        MBEDTLS_MD_SHA384,   MBEDTLS_PK_ECDSA,
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_ECDSA_SHA512 ),     "ecdsa-with-SHA512",    "ECDSA with SHA512" },
-        MBEDTLS_MD_SHA512,   MBEDTLS_PK_ECDSA,
-    },
-#endif /* MBEDTLS_SHA512_C */
-#endif /* MBEDTLS_ECDSA_C */
-#if defined(MBEDTLS_RSA_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_RSASSA_PSS ),        "RSASSA-PSS",           "RSASSA-PSS" },
-        MBEDTLS_MD_NONE,     MBEDTLS_PK_RSASSA_PSS,
-    },
-#endif /* MBEDTLS_RSA_C */
-    {
-        { NULL, 0, NULL, NULL },
-        MBEDTLS_MD_NONE, MBEDTLS_PK_NONE,
-    },
-};
-
-FN_OID_TYPED_FROM_ASN1(oid_sig_alg_t, sig_alg, oid_sig_alg)
-FN_OID_GET_DESCRIPTOR_ATTR1(mbedtls_oid_get_sig_alg_desc, oid_sig_alg_t, sig_alg, const char *, description)
-FN_OID_GET_ATTR2(mbedtls_oid_get_sig_alg, oid_sig_alg_t, sig_alg, mbedtls_md_type_t, md_alg, mbedtls_pk_type_t, pk_alg)
-FN_OID_GET_OID_BY_ATTR2(mbedtls_oid_get_oid_by_sig_alg, oid_sig_alg_t, oid_sig_alg, mbedtls_pk_type_t, pk_alg, mbedtls_md_type_t, md_alg)
-#endif /* MBEDTLS_MD_C */
-
-/*
- * For PublicKeyInfo (PKCS1, RFC 5480)
- */
-typedef struct {
-    mbedtls_oid_descriptor_t    descriptor;
-    mbedtls_pk_type_t           pk_alg;
-} oid_pk_alg_t;
-
-static const oid_pk_alg_t oid_pk_alg[] =
-{
-    {
-        { ADD_LEN( MBEDTLS_OID_PKCS1_RSA ),      "rsaEncryption",   "RSA" },
-        MBEDTLS_PK_RSA,
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_EC_ALG_UNRESTRICTED ),  "id-ecPublicKey",   "Generic EC key" },
-        MBEDTLS_PK_ECKEY,
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_EC_ALG_ECDH ),          "id-ecDH",          "EC key for ECDH" },
-        MBEDTLS_PK_ECKEY_DH,
-    },
-    {
-        { NULL, 0, NULL, NULL },
-        MBEDTLS_PK_NONE,
-    },
-};
-
-FN_OID_TYPED_FROM_ASN1(oid_pk_alg_t, pk_alg, oid_pk_alg)
-FN_OID_GET_ATTR1(mbedtls_oid_get_pk_alg, oid_pk_alg_t, pk_alg, mbedtls_pk_type_t, pk_alg)
-FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_pk_alg, oid_pk_alg_t, oid_pk_alg, mbedtls_pk_type_t, pk_alg)
-
-#if defined(MBEDTLS_ECP_C)
-/*
- * For namedCurve (RFC 5480)
- */
-typedef struct {
-    mbedtls_oid_descriptor_t    descriptor;
-    mbedtls_ecp_group_id        grp_id;
-} oid_ecp_grp_t;
-
-static const oid_ecp_grp_t oid_ecp_grp[] =
-{
-#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
-    {
-        { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP192R1 ), "secp192r1",    "secp192r1" },
-        MBEDTLS_ECP_DP_SECP192R1,
-    },
-#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
-#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
-    {
-        { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP224R1 ), "secp224r1",    "secp224r1" },
-        MBEDTLS_ECP_DP_SECP224R1,
-    },
-#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
-#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
-    {
-        { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP256R1 ), "secp256r1",    "secp256r1" },
-        MBEDTLS_ECP_DP_SECP256R1,
-    },
-#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
-#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
-    {
-        { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP384R1 ), "secp384r1",    "secp384r1" },
-        MBEDTLS_ECP_DP_SECP384R1,
-    },
-#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
-#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
-    {
-        { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP521R1 ), "secp521r1",    "secp521r1" },
-        MBEDTLS_ECP_DP_SECP521R1,
-    },
-#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
-#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
-    {
-        { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP192K1 ), "secp192k1",    "secp192k1" },
-        MBEDTLS_ECP_DP_SECP192K1,
-    },
-#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
-#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
-    {
-        { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP224K1 ), "secp224k1",    "secp224k1" },
-        MBEDTLS_ECP_DP_SECP224K1,
-    },
-#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
-#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
-    {
-        { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP256K1 ), "secp256k1",    "secp256k1" },
-        MBEDTLS_ECP_DP_SECP256K1,
-    },
-#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
-#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
-    {
-        { ADD_LEN( MBEDTLS_OID_EC_GRP_BP256R1 ),   "brainpoolP256r1","brainpool256r1" },
-        MBEDTLS_ECP_DP_BP256R1,
-    },
-#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
-#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
-    {
-        { ADD_LEN( MBEDTLS_OID_EC_GRP_BP384R1 ),   "brainpoolP384r1","brainpool384r1" },
-        MBEDTLS_ECP_DP_BP384R1,
-    },
-#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
-#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
-    {
-        { ADD_LEN( MBEDTLS_OID_EC_GRP_BP512R1 ),   "brainpoolP512r1","brainpool512r1" },
-        MBEDTLS_ECP_DP_BP512R1,
-    },
-#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
-    {
-        { NULL, 0, NULL, NULL },
-        MBEDTLS_ECP_DP_NONE,
-    },
-};
-
-FN_OID_TYPED_FROM_ASN1(oid_ecp_grp_t, grp_id, oid_ecp_grp)
-FN_OID_GET_ATTR1(mbedtls_oid_get_ec_grp, oid_ecp_grp_t, grp_id, mbedtls_ecp_group_id, grp_id)
-FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_ec_grp, oid_ecp_grp_t, oid_ecp_grp, mbedtls_ecp_group_id, grp_id)
-#endif /* MBEDTLS_ECP_C */
-
-#if defined(MBEDTLS_CIPHER_C)
-/*
- * For PKCS#5 PBES2 encryption algorithm
- */
-typedef struct {
-    mbedtls_oid_descriptor_t    descriptor;
-    mbedtls_cipher_type_t       cipher_alg;
-} oid_cipher_alg_t;
-
-static const oid_cipher_alg_t oid_cipher_alg[] =
-{
-    {
-        { ADD_LEN( MBEDTLS_OID_DES_CBC ),              "desCBC",       "DES-CBC" },
-        MBEDTLS_CIPHER_DES_CBC,
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_DES_EDE3_CBC ),         "des-ede3-cbc", "DES-EDE3-CBC" },
-        MBEDTLS_CIPHER_DES_EDE3_CBC,
-    },
-    {
-        { NULL, 0, NULL, NULL },
-        MBEDTLS_CIPHER_NONE,
-    },
-};
-
-FN_OID_TYPED_FROM_ASN1(oid_cipher_alg_t, cipher_alg, oid_cipher_alg)
-FN_OID_GET_ATTR1(mbedtls_oid_get_cipher_alg, oid_cipher_alg_t, cipher_alg, mbedtls_cipher_type_t, cipher_alg)
-#endif /* MBEDTLS_CIPHER_C */
-
-#if defined(MBEDTLS_MD_C)
-/*
- * For digestAlgorithm
- */
-typedef struct {
-    mbedtls_oid_descriptor_t    descriptor;
-    mbedtls_md_type_t           md_alg;
-} oid_md_alg_t;
-
-static const oid_md_alg_t oid_md_alg[] =
-{
-#if defined(MBEDTLS_MD2_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD2 ),       "id-md2",       "MD2" },
-        MBEDTLS_MD_MD2,
-    },
-#endif /* MBEDTLS_MD2_C */
-#if defined(MBEDTLS_MD4_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD4 ),       "id-md4",       "MD4" },
-        MBEDTLS_MD_MD4,
-    },
-#endif /* MBEDTLS_MD4_C */
-#if defined(MBEDTLS_MD5_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD5 ),       "id-md5",       "MD5" },
-        MBEDTLS_MD_MD5,
-    },
-#endif /* MBEDTLS_MD5_C */
-#if defined(MBEDTLS_SHA1_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA1 ),      "id-sha1",      "SHA-1" },
-        MBEDTLS_MD_SHA1,
-    },
-#endif /* MBEDTLS_SHA1_C */
-#if defined(MBEDTLS_SHA256_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA224 ),    "id-sha224",    "SHA-224" },
-        MBEDTLS_MD_SHA224,
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA256 ),    "id-sha256",    "SHA-256" },
-        MBEDTLS_MD_SHA256,
-    },
-#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA384 ),    "id-sha384",    "SHA-384" },
-        MBEDTLS_MD_SHA384,
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA512 ),    "id-sha512",    "SHA-512" },
-        MBEDTLS_MD_SHA512,
-    },
-#endif /* MBEDTLS_SHA512_C */
-#if defined(MBEDTLS_RIPEMD160_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_RIPEMD160 ),       "id-ripemd160",       "RIPEMD-160" },
-        MBEDTLS_MD_RIPEMD160,
-    },
-#endif /* MBEDTLS_RIPEMD160_C */
-    {
-        { NULL, 0, NULL, NULL },
-        MBEDTLS_MD_NONE,
-    },
-};
-
-FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg)
-FN_OID_GET_ATTR1(mbedtls_oid_get_md_alg, oid_md_alg_t, md_alg, mbedtls_md_type_t, md_alg)
-FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_md, oid_md_alg_t, oid_md_alg, mbedtls_md_type_t, md_alg)
-
-/*
- * For HMAC digestAlgorithm
- */
-typedef struct {
-    mbedtls_oid_descriptor_t    descriptor;
-    mbedtls_md_type_t           md_hmac;
-} oid_md_hmac_t;
-
-static const oid_md_hmac_t oid_md_hmac[] =
-{
-#if defined(MBEDTLS_SHA1_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_HMAC_SHA1 ),      "hmacSHA1",      "HMAC-SHA-1" },
-        MBEDTLS_MD_SHA1,
-    },
-#endif /* MBEDTLS_SHA1_C */
-#if defined(MBEDTLS_SHA256_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_HMAC_SHA224 ),    "hmacSHA224",    "HMAC-SHA-224" },
-        MBEDTLS_MD_SHA224,
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_HMAC_SHA256 ),    "hmacSHA256",    "HMAC-SHA-256" },
-        MBEDTLS_MD_SHA256,
-    },
-#endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
-    {
-        { ADD_LEN( MBEDTLS_OID_HMAC_SHA384 ),    "hmacSHA384",    "HMAC-SHA-384" },
-        MBEDTLS_MD_SHA384,
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_HMAC_SHA512 ),    "hmacSHA512",    "HMAC-SHA-512" },
-        MBEDTLS_MD_SHA512,
-    },
-#endif /* MBEDTLS_SHA512_C */
-    {
-        { NULL, 0, NULL, NULL },
-        MBEDTLS_MD_NONE,
-    },
-};
-
-FN_OID_TYPED_FROM_ASN1(oid_md_hmac_t, md_hmac, oid_md_hmac)
-FN_OID_GET_ATTR1(mbedtls_oid_get_md_hmac, oid_md_hmac_t, md_hmac, mbedtls_md_type_t, md_hmac)
-#endif /* MBEDTLS_MD_C */
-
-#if defined(MBEDTLS_PKCS12_C)
-/*
- * For PKCS#12 PBEs
- */
-typedef struct {
-    mbedtls_oid_descriptor_t    descriptor;
-    mbedtls_md_type_t           md_alg;
-    mbedtls_cipher_type_t       cipher_alg;
-} oid_pkcs12_pbe_alg_t;
-
-static const oid_pkcs12_pbe_alg_t oid_pkcs12_pbe_alg[] =
-{
-    {
-        { ADD_LEN( MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC ), "pbeWithSHAAnd3-KeyTripleDES-CBC", "PBE with SHA1 and 3-Key 3DES" },
-        MBEDTLS_MD_SHA1,      MBEDTLS_CIPHER_DES_EDE3_CBC,
-    },
-    {
-        { ADD_LEN( MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC ), "pbeWithSHAAnd2-KeyTripleDES-CBC", "PBE with SHA1 and 2-Key 3DES" },
-        MBEDTLS_MD_SHA1,      MBEDTLS_CIPHER_DES_EDE_CBC,
-    },
-    {
-        { NULL, 0, NULL, NULL },
-        MBEDTLS_MD_NONE, MBEDTLS_CIPHER_NONE,
-    },
-};
-
-FN_OID_TYPED_FROM_ASN1(oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, oid_pkcs12_pbe_alg)
-FN_OID_GET_ATTR2(mbedtls_oid_get_pkcs12_pbe_alg, oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, mbedtls_md_type_t, md_alg, mbedtls_cipher_type_t, cipher_alg)
-#endif /* MBEDTLS_PKCS12_C */
-
-#define OID_SAFE_SNPRINTF                               \
-    do {                                                \
-        if( ret < 0 || (size_t) ret >= n )              \
-            return( MBEDTLS_ERR_OID_BUF_TOO_SMALL );    \
-                                                        \
-        n -= (size_t) ret;                              \
-        p += (size_t) ret;                              \
-    } while( 0 )
-
-/* Return the x.y.z.... style numeric string for the given OID */
-int mbedtls_oid_get_numeric_string( char *buf, size_t size,
-                            const mbedtls_asn1_buf *oid )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t i, n;
-    unsigned int value;
-    char *p;
-
-    p = buf;
-    n = size;
-
-    /* First byte contains first two dots */
-    if( oid->len > 0 )
-    {
-        ret = mbedtls_snprintf( p, n, "%d.%d", oid->p[0] / 40, oid->p[0] % 40 );
-        OID_SAFE_SNPRINTF;
-    }
-
-    value = 0;
-    for( i = 1; i < oid->len; i++ )
-    {
-        /* Prevent overflow in value. */
-        if( ( ( value << 7 ) >> 7 ) != value )
-            return( MBEDTLS_ERR_OID_BUF_TOO_SMALL );
-
-        value <<= 7;
-        value += oid->p[i] & 0x7F;
-
-        if( !( oid->p[i] & 0x80 ) )
-        {
-            /* Last byte */
-            ret = mbedtls_snprintf( p, n, ".%u", value );
-            OID_SAFE_SNPRINTF;
-            value = 0;
-        }
-    }
-
-    return( (int) ( size - n ) );
-}
-
-#endif /* MBEDTLS_OID_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/padlock.c b/3rdparty/mbedtls-2.25.0/library/padlock.c
deleted file mode 100644
index 8373374..0000000
--- a/3rdparty/mbedtls-2.25.0/library/padlock.c
+++ /dev/null
@@ -1,164 +0,0 @@
-/*
- *  VIA PadLock support functions
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  This implementation is based on the VIA PadLock Programming Guide:
- *
- *  http://www.via.com.tw/en/downloads/whitepapers/initiatives/padlock/
- *  programming_guide.pdf
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_PADLOCK_C)
-
-#include "mbedtls/padlock.h"
-
-#include <string.h>
-
-#ifndef asm
-#define asm __asm
-#endif
-
-#if defined(MBEDTLS_HAVE_X86)
-
-/*
- * PadLock detection routine
- */
-int mbedtls_padlock_has_support( int feature )
-{
-    static int flags = -1;
-    int ebx = 0, edx = 0;
-
-    if( flags == -1 )
-    {
-        asm( "movl  %%ebx, %0           \n\t"
-             "movl  $0xC0000000, %%eax  \n\t"
-             "cpuid                     \n\t"
-             "cmpl  $0xC0000001, %%eax  \n\t"
-             "movl  $0, %%edx           \n\t"
-             "jb    1f                  \n\t"
-             "movl  $0xC0000001, %%eax  \n\t"
-             "cpuid                     \n\t"
-             "1:                        \n\t"
-             "movl  %%edx, %1           \n\t"
-             "movl  %2, %%ebx           \n\t"
-             : "=m" (ebx), "=m" (edx)
-             :  "m" (ebx)
-             : "eax", "ecx", "edx" );
-
-        flags = edx;
-    }
-
-    return( flags & feature );
-}
-
-/*
- * PadLock AES-ECB block en(de)cryption
- */
-int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx,
-                       int mode,
-                       const unsigned char input[16],
-                       unsigned char output[16] )
-{
-    int ebx = 0;
-    uint32_t *rk;
-    uint32_t *blk;
-    uint32_t *ctrl;
-    unsigned char buf[256];
-
-    rk  = ctx->rk;
-    blk = MBEDTLS_PADLOCK_ALIGN16( buf );
-    memcpy( blk, input, 16 );
-
-     ctrl = blk + 4;
-    *ctrl = 0x80 | ctx->nr | ( ( ctx->nr + ( mode^1 ) - 10 ) << 9 );
-
-    asm( "pushfl                        \n\t"
-         "popfl                         \n\t"
-         "movl    %%ebx, %0             \n\t"
-         "movl    $1, %%ecx             \n\t"
-         "movl    %2, %%edx             \n\t"
-         "movl    %3, %%ebx             \n\t"
-         "movl    %4, %%esi             \n\t"
-         "movl    %4, %%edi             \n\t"
-         ".byte  0xf3,0x0f,0xa7,0xc8    \n\t"
-         "movl    %1, %%ebx             \n\t"
-         : "=m" (ebx)
-         :  "m" (ebx), "m" (ctrl), "m" (rk), "m" (blk)
-         : "memory", "ecx", "edx", "esi", "edi" );
-
-    memcpy( output, blk, 16 );
-
-    return( 0 );
-}
-
-/*
- * PadLock AES-CBC buffer en(de)cryption
- */
-int mbedtls_padlock_xcryptcbc( mbedtls_aes_context *ctx,
-                       int mode,
-                       size_t length,
-                       unsigned char iv[16],
-                       const unsigned char *input,
-                       unsigned char *output )
-{
-    int ebx = 0;
-    size_t count;
-    uint32_t *rk;
-    uint32_t *iw;
-    uint32_t *ctrl;
-    unsigned char buf[256];
-
-    if( ( (long) input  & 15 ) != 0 ||
-        ( (long) output & 15 ) != 0 )
-        return( MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED );
-
-    rk = ctx->rk;
-    iw = MBEDTLS_PADLOCK_ALIGN16( buf );
-    memcpy( iw, iv, 16 );
-
-     ctrl = iw + 4;
-    *ctrl = 0x80 | ctx->nr | ( ( ctx->nr + ( mode ^ 1 ) - 10 ) << 9 );
-
-    count = ( length + 15 ) >> 4;
-
-    asm( "pushfl                        \n\t"
-         "popfl                         \n\t"
-         "movl    %%ebx, %0             \n\t"
-         "movl    %2, %%ecx             \n\t"
-         "movl    %3, %%edx             \n\t"
-         "movl    %4, %%ebx             \n\t"
-         "movl    %5, %%esi             \n\t"
-         "movl    %6, %%edi             \n\t"
-         "movl    %7, %%eax             \n\t"
-         ".byte  0xf3,0x0f,0xa7,0xd0    \n\t"
-         "movl    %1, %%ebx             \n\t"
-         : "=m" (ebx)
-         :  "m" (ebx), "m" (count), "m" (ctrl),
-            "m"  (rk), "m" (input), "m" (output), "m" (iw)
-         : "memory", "eax", "ecx", "edx", "esi", "edi" );
-
-    memcpy( iv, iw, 16 );
-
-    return( 0 );
-}
-
-#endif /* MBEDTLS_HAVE_X86 */
-
-#endif /* MBEDTLS_PADLOCK_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/pem.c b/3rdparty/mbedtls-2.25.0/library/pem.c
deleted file mode 100644
index 969d492..0000000
--- a/3rdparty/mbedtls-2.25.0/library/pem.c
+++ /dev/null
@@ -1,489 +0,0 @@
-/*
- *  Privacy Enhanced Mail (PEM) decoding
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C)
-
-#include "mbedtls/pem.h"
-#include "mbedtls/base64.h"
-#include "mbedtls/des.h"
-#include "mbedtls/aes.h"
-#include "mbedtls/md5.h"
-#include "mbedtls/cipher.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc    calloc
-#define mbedtls_free       free
-#endif
-
-#if defined(MBEDTLS_PEM_PARSE_C)
-void mbedtls_pem_init( mbedtls_pem_context *ctx )
-{
-    memset( ctx, 0, sizeof( mbedtls_pem_context ) );
-}
-
-#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) &&         \
-    ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
-/*
- * Read a 16-byte hex string and convert it to binary
- */
-static int pem_get_iv( const unsigned char *s, unsigned char *iv,
-                       size_t iv_len )
-{
-    size_t i, j, k;
-
-    memset( iv, 0, iv_len );
-
-    for( i = 0; i < iv_len * 2; i++, s++ )
-    {
-        if( *s >= '0' && *s <= '9' ) j = *s - '0'; else
-        if( *s >= 'A' && *s <= 'F' ) j = *s - '7'; else
-        if( *s >= 'a' && *s <= 'f' ) j = *s - 'W'; else
-            return( MBEDTLS_ERR_PEM_INVALID_ENC_IV );
-
-        k = ( ( i & 1 ) != 0 ) ? j : j << 4;
-
-        iv[i >> 1] = (unsigned char)( iv[i >> 1] | k );
-    }
-
-    return( 0 );
-}
-
-static int pem_pbkdf1( unsigned char *key, size_t keylen,
-                       unsigned char *iv,
-                       const unsigned char *pwd, size_t pwdlen )
-{
-    mbedtls_md5_context md5_ctx;
-    unsigned char md5sum[16];
-    size_t use_len;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    mbedtls_md5_init( &md5_ctx );
-
-    /*
-     * key[ 0..15] = MD5(pwd || IV)
-     */
-    if( ( ret = mbedtls_md5_starts_ret( &md5_ctx ) ) != 0 )
-        goto exit;
-    if( ( ret = mbedtls_md5_update_ret( &md5_ctx, pwd, pwdlen ) ) != 0 )
-        goto exit;
-    if( ( ret = mbedtls_md5_update_ret( &md5_ctx, iv,  8 ) ) != 0 )
-        goto exit;
-    if( ( ret = mbedtls_md5_finish_ret( &md5_ctx, md5sum ) ) != 0 )
-        goto exit;
-
-    if( keylen <= 16 )
-    {
-        memcpy( key, md5sum, keylen );
-        goto exit;
-    }
-
-    memcpy( key, md5sum, 16 );
-
-    /*
-     * key[16..23] = MD5(key[ 0..15] || pwd || IV])
-     */
-    if( ( ret = mbedtls_md5_starts_ret( &md5_ctx ) ) != 0 )
-        goto exit;
-    if( ( ret = mbedtls_md5_update_ret( &md5_ctx, md5sum, 16 ) ) != 0 )
-        goto exit;
-    if( ( ret = mbedtls_md5_update_ret( &md5_ctx, pwd, pwdlen ) ) != 0 )
-        goto exit;
-    if( ( ret = mbedtls_md5_update_ret( &md5_ctx, iv, 8 ) ) != 0 )
-        goto exit;
-    if( ( ret = mbedtls_md5_finish_ret( &md5_ctx, md5sum ) ) != 0 )
-        goto exit;
-
-    use_len = 16;
-    if( keylen < 32 )
-        use_len = keylen - 16;
-
-    memcpy( key + 16, md5sum, use_len );
-
-exit:
-    mbedtls_md5_free( &md5_ctx );
-    mbedtls_platform_zeroize( md5sum, 16 );
-
-    return( ret );
-}
-
-#if defined(MBEDTLS_DES_C)
-/*
- * Decrypt with DES-CBC, using PBKDF1 for key derivation
- */
-static int pem_des_decrypt( unsigned char des_iv[8],
-                            unsigned char *buf, size_t buflen,
-                            const unsigned char *pwd, size_t pwdlen )
-{
-    mbedtls_des_context des_ctx;
-    unsigned char des_key[8];
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    mbedtls_des_init( &des_ctx );
-
-    if( ( ret = pem_pbkdf1( des_key, 8, des_iv, pwd, pwdlen ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_des_setkey_dec( &des_ctx, des_key ) ) != 0 )
-        goto exit;
-    ret = mbedtls_des_crypt_cbc( &des_ctx, MBEDTLS_DES_DECRYPT, buflen,
-                     des_iv, buf, buf );
-
-exit:
-    mbedtls_des_free( &des_ctx );
-    mbedtls_platform_zeroize( des_key, 8 );
-
-    return( ret );
-}
-
-/*
- * Decrypt with 3DES-CBC, using PBKDF1 for key derivation
- */
-static int pem_des3_decrypt( unsigned char des3_iv[8],
-                             unsigned char *buf, size_t buflen,
-                             const unsigned char *pwd, size_t pwdlen )
-{
-    mbedtls_des3_context des3_ctx;
-    unsigned char des3_key[24];
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    mbedtls_des3_init( &des3_ctx );
-
-    if( ( ret = pem_pbkdf1( des3_key, 24, des3_iv, pwd, pwdlen ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_des3_set3key_dec( &des3_ctx, des3_key ) ) != 0 )
-        goto exit;
-    ret = mbedtls_des3_crypt_cbc( &des3_ctx, MBEDTLS_DES_DECRYPT, buflen,
-                     des3_iv, buf, buf );
-
-exit:
-    mbedtls_des3_free( &des3_ctx );
-    mbedtls_platform_zeroize( des3_key, 24 );
-
-    return( ret );
-}
-#endif /* MBEDTLS_DES_C */
-
-#if defined(MBEDTLS_AES_C)
-/*
- * Decrypt with AES-XXX-CBC, using PBKDF1 for key derivation
- */
-static int pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen,
-                            unsigned char *buf, size_t buflen,
-                            const unsigned char *pwd, size_t pwdlen )
-{
-    mbedtls_aes_context aes_ctx;
-    unsigned char aes_key[32];
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    mbedtls_aes_init( &aes_ctx );
-
-    if( ( ret = pem_pbkdf1( aes_key, keylen, aes_iv, pwd, pwdlen ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_aes_setkey_dec( &aes_ctx, aes_key, keylen * 8 ) ) != 0 )
-        goto exit;
-    ret = mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_DECRYPT, buflen,
-                     aes_iv, buf, buf );
-
-exit:
-    mbedtls_aes_free( &aes_ctx );
-    mbedtls_platform_zeroize( aes_key, keylen );
-
-    return( ret );
-}
-#endif /* MBEDTLS_AES_C */
-
-#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
-          ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
-
-int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer,
-                     const unsigned char *data, const unsigned char *pwd,
-                     size_t pwdlen, size_t *use_len )
-{
-    int ret, enc;
-    size_t len;
-    unsigned char *buf;
-    const unsigned char *s1, *s2, *end;
-#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) &&         \
-    ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
-    unsigned char pem_iv[16];
-    mbedtls_cipher_type_t enc_alg = MBEDTLS_CIPHER_NONE;
-#else
-    ((void) pwd);
-    ((void) pwdlen);
-#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
-          ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
-
-    if( ctx == NULL )
-        return( MBEDTLS_ERR_PEM_BAD_INPUT_DATA );
-
-    s1 = (unsigned char *) strstr( (const char *) data, header );
-
-    if( s1 == NULL )
-        return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT );
-
-    s2 = (unsigned char *) strstr( (const char *) data, footer );
-
-    if( s2 == NULL || s2 <= s1 )
-        return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT );
-
-    s1 += strlen( header );
-    if( *s1 == ' '  ) s1++;
-    if( *s1 == '\r' ) s1++;
-    if( *s1 == '\n' ) s1++;
-    else return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT );
-
-    end = s2;
-    end += strlen( footer );
-    if( *end == ' '  ) end++;
-    if( *end == '\r' ) end++;
-    if( *end == '\n' ) end++;
-    *use_len = end - data;
-
-    enc = 0;
-
-    if( s2 - s1 >= 22 && memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 )
-    {
-#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) &&         \
-    ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
-        enc++;
-
-        s1 += 22;
-        if( *s1 == '\r' ) s1++;
-        if( *s1 == '\n' ) s1++;
-        else return( MBEDTLS_ERR_PEM_INVALID_DATA );
-
-
-#if defined(MBEDTLS_DES_C)
-        if( s2 - s1 >= 23 && memcmp( s1, "DEK-Info: DES-EDE3-CBC,", 23 ) == 0 )
-        {
-            enc_alg = MBEDTLS_CIPHER_DES_EDE3_CBC;
-
-            s1 += 23;
-            if( s2 - s1 < 16 || pem_get_iv( s1, pem_iv, 8 ) != 0 )
-                return( MBEDTLS_ERR_PEM_INVALID_ENC_IV );
-
-            s1 += 16;
-        }
-        else if( s2 - s1 >= 18 && memcmp( s1, "DEK-Info: DES-CBC,", 18 ) == 0 )
-        {
-            enc_alg = MBEDTLS_CIPHER_DES_CBC;
-
-            s1 += 18;
-            if( s2 - s1 < 16 || pem_get_iv( s1, pem_iv, 8) != 0 )
-                return( MBEDTLS_ERR_PEM_INVALID_ENC_IV );
-
-            s1 += 16;
-        }
-#endif /* MBEDTLS_DES_C */
-
-#if defined(MBEDTLS_AES_C)
-        if( s2 - s1 >= 14 && memcmp( s1, "DEK-Info: AES-", 14 ) == 0 )
-        {
-            if( s2 - s1 < 22 )
-                return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG );
-            else if( memcmp( s1, "DEK-Info: AES-128-CBC,", 22 ) == 0 )
-                enc_alg = MBEDTLS_CIPHER_AES_128_CBC;
-            else if( memcmp( s1, "DEK-Info: AES-192-CBC,", 22 ) == 0 )
-                enc_alg = MBEDTLS_CIPHER_AES_192_CBC;
-            else if( memcmp( s1, "DEK-Info: AES-256-CBC,", 22 ) == 0 )
-                enc_alg = MBEDTLS_CIPHER_AES_256_CBC;
-            else
-                return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG );
-
-            s1 += 22;
-            if( s2 - s1 < 32 || pem_get_iv( s1, pem_iv, 16 ) != 0 )
-                return( MBEDTLS_ERR_PEM_INVALID_ENC_IV );
-
-            s1 += 32;
-        }
-#endif /* MBEDTLS_AES_C */
-
-        if( enc_alg == MBEDTLS_CIPHER_NONE )
-            return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG );
-
-        if( *s1 == '\r' ) s1++;
-        if( *s1 == '\n' ) s1++;
-        else return( MBEDTLS_ERR_PEM_INVALID_DATA );
-#else
-        return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE );
-#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
-          ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
-    }
-
-    if( s1 >= s2 )
-        return( MBEDTLS_ERR_PEM_INVALID_DATA );
-
-    ret = mbedtls_base64_decode( NULL, 0, &len, s1, s2 - s1 );
-
-    if( ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER )
-        return( MBEDTLS_ERR_PEM_INVALID_DATA + ret );
-
-    if( ( buf = mbedtls_calloc( 1, len ) ) == NULL )
-        return( MBEDTLS_ERR_PEM_ALLOC_FAILED );
-
-    if( ( ret = mbedtls_base64_decode( buf, len, &len, s1, s2 - s1 ) ) != 0 )
-    {
-        mbedtls_platform_zeroize( buf, len );
-        mbedtls_free( buf );
-        return( MBEDTLS_ERR_PEM_INVALID_DATA + ret );
-    }
-
-    if( enc != 0 )
-    {
-#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) &&         \
-    ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
-        if( pwd == NULL )
-        {
-            mbedtls_platform_zeroize( buf, len );
-            mbedtls_free( buf );
-            return( MBEDTLS_ERR_PEM_PASSWORD_REQUIRED );
-        }
-
-        ret = 0;
-
-#if defined(MBEDTLS_DES_C)
-        if( enc_alg == MBEDTLS_CIPHER_DES_EDE3_CBC )
-            ret = pem_des3_decrypt( pem_iv, buf, len, pwd, pwdlen );
-        else if( enc_alg == MBEDTLS_CIPHER_DES_CBC )
-            ret = pem_des_decrypt( pem_iv, buf, len, pwd, pwdlen );
-#endif /* MBEDTLS_DES_C */
-
-#if defined(MBEDTLS_AES_C)
-        if( enc_alg == MBEDTLS_CIPHER_AES_128_CBC )
-            ret = pem_aes_decrypt( pem_iv, 16, buf, len, pwd, pwdlen );
-        else if( enc_alg == MBEDTLS_CIPHER_AES_192_CBC )
-            ret = pem_aes_decrypt( pem_iv, 24, buf, len, pwd, pwdlen );
-        else if( enc_alg == MBEDTLS_CIPHER_AES_256_CBC )
-            ret = pem_aes_decrypt( pem_iv, 32, buf, len, pwd, pwdlen );
-#endif /* MBEDTLS_AES_C */
-
-        if( ret != 0 )
-        {
-            mbedtls_free( buf );
-            return( ret );
-        }
-
-        /*
-         * The result will be ASN.1 starting with a SEQUENCE tag, with 1 to 3
-         * length bytes (allow 4 to be sure) in all known use cases.
-         *
-         * Use that as a heuristic to try to detect password mismatches.
-         */
-        if( len <= 2 || buf[0] != 0x30 || buf[1] > 0x83 )
-        {
-            mbedtls_platform_zeroize( buf, len );
-            mbedtls_free( buf );
-            return( MBEDTLS_ERR_PEM_PASSWORD_MISMATCH );
-        }
-#else
-        mbedtls_platform_zeroize( buf, len );
-        mbedtls_free( buf );
-        return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE );
-#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
-          ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
-    }
-
-    ctx->buf = buf;
-    ctx->buflen = len;
-
-    return( 0 );
-}
-
-void mbedtls_pem_free( mbedtls_pem_context *ctx )
-{
-    if ( ctx->buf != NULL )
-    {
-        mbedtls_platform_zeroize( ctx->buf, ctx->buflen );
-        mbedtls_free( ctx->buf );
-    }
-    mbedtls_free( ctx->info );
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_pem_context ) );
-}
-#endif /* MBEDTLS_PEM_PARSE_C */
-
-#if defined(MBEDTLS_PEM_WRITE_C)
-int mbedtls_pem_write_buffer( const char *header, const char *footer,
-                      const unsigned char *der_data, size_t der_len,
-                      unsigned char *buf, size_t buf_len, size_t *olen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *encode_buf = NULL, *c, *p = buf;
-    size_t len = 0, use_len, add_len = 0;
-
-    mbedtls_base64_encode( NULL, 0, &use_len, der_data, der_len );
-    add_len = strlen( header ) + strlen( footer ) + ( use_len / 64 ) + 1;
-
-    if( use_len + add_len > buf_len )
-    {
-        *olen = use_len + add_len;
-        return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
-    }
-
-    if( use_len != 0 &&
-        ( ( encode_buf = mbedtls_calloc( 1, use_len ) ) == NULL ) )
-        return( MBEDTLS_ERR_PEM_ALLOC_FAILED );
-
-    if( ( ret = mbedtls_base64_encode( encode_buf, use_len, &use_len, der_data,
-                               der_len ) ) != 0 )
-    {
-        mbedtls_free( encode_buf );
-        return( ret );
-    }
-
-    memcpy( p, header, strlen( header ) );
-    p += strlen( header );
-    c = encode_buf;
-
-    while( use_len )
-    {
-        len = ( use_len > 64 ) ? 64 : use_len;
-        memcpy( p, c, len );
-        use_len -= len;
-        p += len;
-        c += len;
-        *p++ = '\n';
-    }
-
-    memcpy( p, footer, strlen( footer ) );
-    p += strlen( footer );
-
-    *p++ = '\0';
-    *olen = p - buf;
-
-     /* Clean any remaining data previously written to the buffer */
-    memset( buf + *olen, 0, buf_len - *olen );
-
-    mbedtls_free( encode_buf );
-    return( 0 );
-}
-#endif /* MBEDTLS_PEM_WRITE_C */
-#endif /* MBEDTLS_PEM_PARSE_C || MBEDTLS_PEM_WRITE_C */
-
diff --git a/3rdparty/mbedtls-2.25.0/library/pk.c b/3rdparty/mbedtls-2.25.0/library/pk.c
deleted file mode 100644
index ecf002d..0000000
--- a/3rdparty/mbedtls-2.25.0/library/pk.c
+++ /dev/null
@@ -1,639 +0,0 @@
-/*
- *  Public Key abstraction layer
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_PK_C)
-#include "mbedtls/pk.h"
-#include "mbedtls/pk_internal.h"
-
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#if defined(MBEDTLS_RSA_C)
-#include "mbedtls/rsa.h"
-#endif
-#if defined(MBEDTLS_ECP_C)
-#include "mbedtls/ecp.h"
-#endif
-#if defined(MBEDTLS_ECDSA_C)
-#include "mbedtls/ecdsa.h"
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "mbedtls/psa_util.h"
-#endif
-
-#include <limits.h>
-#include <stdint.h>
-
-/* Parameter validation macros based on platform_util.h */
-#define PK_VALIDATE_RET( cond )    \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA )
-#define PK_VALIDATE( cond )        \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-/*
- * Initialise a mbedtls_pk_context
- */
-void mbedtls_pk_init( mbedtls_pk_context *ctx )
-{
-    PK_VALIDATE( ctx != NULL );
-
-    ctx->pk_info = NULL;
-    ctx->pk_ctx = NULL;
-}
-
-/*
- * Free (the components of) a mbedtls_pk_context
- */
-void mbedtls_pk_free( mbedtls_pk_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    if ( ctx->pk_info != NULL )
-        ctx->pk_info->ctx_free_func( ctx->pk_ctx );
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_pk_context ) );
-}
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-/*
- * Initialize a restart context
- */
-void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx )
-{
-    PK_VALIDATE( ctx != NULL );
-    ctx->pk_info = NULL;
-    ctx->rs_ctx = NULL;
-}
-
-/*
- * Free the components of a restart context
- */
-void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx )
-{
-    if( ctx == NULL || ctx->pk_info == NULL ||
-        ctx->pk_info->rs_free_func == NULL )
-    {
-        return;
-    }
-
-    ctx->pk_info->rs_free_func( ctx->rs_ctx );
-
-    ctx->pk_info = NULL;
-    ctx->rs_ctx = NULL;
-}
-#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
-
-/*
- * Get pk_info structure from type
- */
-const mbedtls_pk_info_t * mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type )
-{
-    switch( pk_type ) {
-#if defined(MBEDTLS_RSA_C)
-        case MBEDTLS_PK_RSA:
-            return( &mbedtls_rsa_info );
-#endif
-#if defined(MBEDTLS_ECP_C)
-        case MBEDTLS_PK_ECKEY:
-            return( &mbedtls_eckey_info );
-        case MBEDTLS_PK_ECKEY_DH:
-            return( &mbedtls_eckeydh_info );
-#endif
-#if defined(MBEDTLS_ECDSA_C)
-        case MBEDTLS_PK_ECDSA:
-            return( &mbedtls_ecdsa_info );
-#endif
-        /* MBEDTLS_PK_RSA_ALT omitted on purpose */
-        default:
-            return( NULL );
-    }
-}
-
-/*
- * Initialise context
- */
-int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info )
-{
-    PK_VALIDATE_RET( ctx != NULL );
-    if( info == NULL || ctx->pk_info != NULL )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
-        return( MBEDTLS_ERR_PK_ALLOC_FAILED );
-
-    ctx->pk_info = info;
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-/*
- * Initialise a PSA-wrapping context
- */
-int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx,
-                             const psa_key_id_t key )
-{
-    const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_info;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_id_t *pk_ctx;
-    psa_key_type_t type;
-
-    if( ctx == NULL || ctx->pk_info != NULL )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    if( PSA_SUCCESS != psa_get_key_attributes( key, &attributes ) )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-    type = psa_get_key_type( &attributes );
-    psa_reset_key_attributes( &attributes );
-
-    /* Current implementation of can_do() relies on this. */
-    if( ! PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) )
-        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE) ;
-
-    if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
-        return( MBEDTLS_ERR_PK_ALLOC_FAILED );
-
-    ctx->pk_info = info;
-
-    pk_ctx = (psa_key_id_t *) ctx->pk_ctx;
-    *pk_ctx = key;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
-/*
- * Initialize an RSA-alt context
- */
-int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key,
-                         mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
-                         mbedtls_pk_rsa_alt_sign_func sign_func,
-                         mbedtls_pk_rsa_alt_key_len_func key_len_func )
-{
-    mbedtls_rsa_alt_context *rsa_alt;
-    const mbedtls_pk_info_t *info = &mbedtls_rsa_alt_info;
-
-    PK_VALIDATE_RET( ctx != NULL );
-    if( ctx->pk_info != NULL )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
-        return( MBEDTLS_ERR_PK_ALLOC_FAILED );
-
-    ctx->pk_info = info;
-
-    rsa_alt = (mbedtls_rsa_alt_context *) ctx->pk_ctx;
-
-    rsa_alt->key = key;
-    rsa_alt->decrypt_func = decrypt_func;
-    rsa_alt->sign_func = sign_func;
-    rsa_alt->key_len_func = key_len_func;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
-
-/*
- * Tell if a PK can do the operations of the given type
- */
-int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type )
-{
-    /* A context with null pk_info is not set up yet and can't do anything.
-     * For backward compatibility, also accept NULL instead of a context
-     * pointer. */
-    if( ctx == NULL || ctx->pk_info == NULL )
-        return( 0 );
-
-    return( ctx->pk_info->can_do( type ) );
-}
-
-/*
- * Helper for mbedtls_pk_sign and mbedtls_pk_verify
- */
-static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len )
-{
-    const mbedtls_md_info_t *md_info;
-
-    if( *hash_len != 0 )
-        return( 0 );
-
-    if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
-        return( -1 );
-
-    *hash_len = mbedtls_md_get_size( md_info );
-    return( 0 );
-}
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-/*
- * Helper to set up a restart context if needed
- */
-static int pk_restart_setup( mbedtls_pk_restart_ctx *ctx,
-                             const mbedtls_pk_info_t *info )
-{
-    /* Don't do anything if already set up or invalid */
-    if( ctx == NULL || ctx->pk_info != NULL )
-        return( 0 );
-
-    /* Should never happen when we're called */
-    if( info->rs_alloc_func == NULL || info->rs_free_func == NULL )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    if( ( ctx->rs_ctx = info->rs_alloc_func() ) == NULL )
-        return( MBEDTLS_ERR_PK_ALLOC_FAILED );
-
-    ctx->pk_info = info;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
-
-/*
- * Verify a signature (restartable)
- */
-int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx,
-               mbedtls_md_type_t md_alg,
-               const unsigned char *hash, size_t hash_len,
-               const unsigned char *sig, size_t sig_len,
-               mbedtls_pk_restart_ctx *rs_ctx )
-{
-    PK_VALIDATE_RET( ctx != NULL );
-    PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) ||
-                     hash != NULL );
-    PK_VALIDATE_RET( sig != NULL );
-
-    if( ctx->pk_info == NULL ||
-        pk_hashlen_helper( md_alg, &hash_len ) != 0 )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    /* optimization: use non-restartable version if restart disabled */
-    if( rs_ctx != NULL &&
-        mbedtls_ecp_restart_is_enabled() &&
-        ctx->pk_info->verify_rs_func != NULL )
-    {
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-        if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 )
-            return( ret );
-
-        ret = ctx->pk_info->verify_rs_func( ctx->pk_ctx,
-                   md_alg, hash, hash_len, sig, sig_len, rs_ctx->rs_ctx );
-
-        if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
-            mbedtls_pk_restart_free( rs_ctx );
-
-        return( ret );
-    }
-#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
-    (void) rs_ctx;
-#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
-
-    if( ctx->pk_info->verify_func == NULL )
-        return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
-
-    return( ctx->pk_info->verify_func( ctx->pk_ctx, md_alg, hash, hash_len,
-                                       sig, sig_len ) );
-}
-
-/*
- * Verify a signature
- */
-int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
-               const unsigned char *hash, size_t hash_len,
-               const unsigned char *sig, size_t sig_len )
-{
-    return( mbedtls_pk_verify_restartable( ctx, md_alg, hash, hash_len,
-                                           sig, sig_len, NULL ) );
-}
-
-/*
- * Verify a signature with options
- */
-int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
-                   mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
-                   const unsigned char *hash, size_t hash_len,
-                   const unsigned char *sig, size_t sig_len )
-{
-    PK_VALIDATE_RET( ctx != NULL );
-    PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) ||
-                     hash != NULL );
-    PK_VALIDATE_RET( sig != NULL );
-
-    if( ctx->pk_info == NULL )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    if( ! mbedtls_pk_can_do( ctx, type ) )
-        return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
-
-    if( type == MBEDTLS_PK_RSASSA_PSS )
-    {
-#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21)
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-        const mbedtls_pk_rsassa_pss_options *pss_opts;
-
-#if SIZE_MAX > UINT_MAX
-        if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
-            return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-#endif /* SIZE_MAX > UINT_MAX */
-
-        if( options == NULL )
-            return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-        pss_opts = (const mbedtls_pk_rsassa_pss_options *) options;
-
-        if( sig_len < mbedtls_pk_get_len( ctx ) )
-            return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
-
-        ret = mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_pk_rsa( *ctx ),
-                NULL, NULL, MBEDTLS_RSA_PUBLIC,
-                md_alg, (unsigned int) hash_len, hash,
-                pss_opts->mgf1_hash_id,
-                pss_opts->expected_salt_len,
-                sig );
-        if( ret != 0 )
-            return( ret );
-
-        if( sig_len > mbedtls_pk_get_len( ctx ) )
-            return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
-
-        return( 0 );
-#else
-        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
-#endif /* MBEDTLS_RSA_C && MBEDTLS_PKCS1_V21 */
-    }
-
-    /* General case: no options */
-    if( options != NULL )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    return( mbedtls_pk_verify( ctx, md_alg, hash, hash_len, sig, sig_len ) );
-}
-
-/*
- * Make a signature (restartable)
- */
-int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx,
-             mbedtls_md_type_t md_alg,
-             const unsigned char *hash, size_t hash_len,
-             unsigned char *sig, size_t *sig_len,
-             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-             mbedtls_pk_restart_ctx *rs_ctx )
-{
-    PK_VALIDATE_RET( ctx != NULL );
-    PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) ||
-                     hash != NULL );
-    PK_VALIDATE_RET( sig != NULL );
-
-    if( ctx->pk_info == NULL ||
-        pk_hashlen_helper( md_alg, &hash_len ) != 0 )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    /* optimization: use non-restartable version if restart disabled */
-    if( rs_ctx != NULL &&
-        mbedtls_ecp_restart_is_enabled() &&
-        ctx->pk_info->sign_rs_func != NULL )
-    {
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-        if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 )
-            return( ret );
-
-        ret = ctx->pk_info->sign_rs_func( ctx->pk_ctx, md_alg,
-                hash, hash_len, sig, sig_len, f_rng, p_rng, rs_ctx->rs_ctx );
-
-        if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
-            mbedtls_pk_restart_free( rs_ctx );
-
-        return( ret );
-    }
-#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
-    (void) rs_ctx;
-#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
-
-    if( ctx->pk_info->sign_func == NULL )
-        return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
-
-    return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len,
-                                     sig, sig_len, f_rng, p_rng ) );
-}
-
-/*
- * Make a signature
- */
-int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
-             const unsigned char *hash, size_t hash_len,
-             unsigned char *sig, size_t *sig_len,
-             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-    return( mbedtls_pk_sign_restartable( ctx, md_alg, hash, hash_len,
-                                         sig, sig_len, f_rng, p_rng, NULL ) );
-}
-
-/*
- * Decrypt message
- */
-int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,
-                const unsigned char *input, size_t ilen,
-                unsigned char *output, size_t *olen, size_t osize,
-                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-    PK_VALIDATE_RET( ctx != NULL );
-    PK_VALIDATE_RET( input != NULL || ilen == 0 );
-    PK_VALIDATE_RET( output != NULL || osize == 0 );
-    PK_VALIDATE_RET( olen != NULL );
-
-    if( ctx->pk_info == NULL )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    if( ctx->pk_info->decrypt_func == NULL )
-        return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
-
-    return( ctx->pk_info->decrypt_func( ctx->pk_ctx, input, ilen,
-                output, olen, osize, f_rng, p_rng ) );
-}
-
-/*
- * Encrypt message
- */
-int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
-                const unsigned char *input, size_t ilen,
-                unsigned char *output, size_t *olen, size_t osize,
-                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-    PK_VALIDATE_RET( ctx != NULL );
-    PK_VALIDATE_RET( input != NULL || ilen == 0 );
-    PK_VALIDATE_RET( output != NULL || osize == 0 );
-    PK_VALIDATE_RET( olen != NULL );
-
-    if( ctx->pk_info == NULL )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    if( ctx->pk_info->encrypt_func == NULL )
-        return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
-
-    return( ctx->pk_info->encrypt_func( ctx->pk_ctx, input, ilen,
-                output, olen, osize, f_rng, p_rng ) );
-}
-
-/*
- * Check public-private key pair
- */
-int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv )
-{
-    PK_VALIDATE_RET( pub != NULL );
-    PK_VALIDATE_RET( prv != NULL );
-
-    if( pub->pk_info == NULL ||
-        prv->pk_info == NULL )
-    {
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-    }
-
-    if( prv->pk_info->check_pair_func == NULL )
-        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
-
-    if( prv->pk_info->type == MBEDTLS_PK_RSA_ALT )
-    {
-        if( pub->pk_info->type != MBEDTLS_PK_RSA )
-            return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
-    }
-    else
-    {
-        if( pub->pk_info != prv->pk_info )
-            return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
-    }
-
-    return( prv->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx ) );
-}
-
-/*
- * Get key size in bits
- */
-size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx )
-{
-    /* For backward compatibility, accept NULL or a context that
-     * isn't set up yet, and return a fake value that should be safe. */
-    if( ctx == NULL || ctx->pk_info == NULL )
-        return( 0 );
-
-    return( ctx->pk_info->get_bitlen( ctx->pk_ctx ) );
-}
-
-/*
- * Export debug information
- */
-int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items )
-{
-    PK_VALIDATE_RET( ctx != NULL );
-    if( ctx->pk_info == NULL )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    if( ctx->pk_info->debug_func == NULL )
-        return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
-
-    ctx->pk_info->debug_func( ctx->pk_ctx, items );
-    return( 0 );
-}
-
-/*
- * Access the PK type name
- */
-const char *mbedtls_pk_get_name( const mbedtls_pk_context *ctx )
-{
-    if( ctx == NULL || ctx->pk_info == NULL )
-        return( "invalid PK" );
-
-    return( ctx->pk_info->name );
-}
-
-/*
- * Access the PK type
- */
-mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx )
-{
-    if( ctx == NULL || ctx->pk_info == NULL )
-        return( MBEDTLS_PK_NONE );
-
-    return( ctx->pk_info->type );
-}
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-/*
- * Load the key to a PSA key slot,
- * then turn the PK context into a wrapper for that key slot.
- *
- * Currently only works for EC private keys.
- */
-int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk,
-                               psa_key_id_t *key,
-                               psa_algorithm_t hash_alg )
-{
-#if !defined(MBEDTLS_ECP_C)
-    ((void) pk);
-    ((void) key);
-    ((void) hash_alg);
-    return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
-#else
-    const mbedtls_ecp_keypair *ec;
-    unsigned char d[MBEDTLS_ECP_MAX_BYTES];
-    size_t d_len;
-    psa_ecc_family_t curve_id;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_type_t key_type;
-    size_t bits;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    /* export the private key material in the format PSA wants */
-    if( mbedtls_pk_get_type( pk ) != MBEDTLS_PK_ECKEY )
-        return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
-
-    ec = mbedtls_pk_ec( *pk );
-    d_len = ( ec->grp.nbits + 7 ) / 8;
-    if( ( ret = mbedtls_mpi_write_binary( &ec->d, d, d_len ) ) != 0 )
-        return( ret );
-
-    curve_id = mbedtls_ecc_group_to_psa( ec->grp.id, &bits );
-    key_type = PSA_KEY_TYPE_ECC_KEY_PAIR( curve_id );
-
-    /* prepare the key attributes */
-    psa_set_key_type( &attributes, key_type );
-    psa_set_key_bits( &attributes, bits );
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
-    psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA(hash_alg) );
-
-    /* import private key into PSA */
-    if( PSA_SUCCESS != psa_import_key( &attributes, d, d_len, key ) )
-        return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
-
-    /* make PK context wrap the key slot */
-    mbedtls_pk_free( pk );
-    mbedtls_pk_init( pk );
-
-    return( mbedtls_pk_setup_opaque( pk, *key ) );
-#endif /* MBEDTLS_ECP_C */
-}
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-#endif /* MBEDTLS_PK_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/pk_wrap.c b/3rdparty/mbedtls-2.25.0/library/pk_wrap.c
deleted file mode 100644
index 107e912..0000000
--- a/3rdparty/mbedtls-2.25.0/library/pk_wrap.c
+++ /dev/null
@@ -1,1069 +0,0 @@
-/*
- *  Public Key abstraction layer: wrapper functions
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_PK_C)
-#include "mbedtls/pk_internal.h"
-#include "mbedtls/error.h"
-
-/* Even if RSA not activated, for the sake of RSA-alt */
-#include "mbedtls/rsa.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_ECP_C)
-#include "mbedtls/ecp.h"
-#endif
-
-#if defined(MBEDTLS_ECDSA_C)
-#include "mbedtls/ecdsa.h"
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "mbedtls/asn1write.h"
-#endif
-
-#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
-#include "mbedtls/platform_util.h"
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "psa/crypto.h"
-#include "mbedtls/psa_util.h"
-#include "mbedtls/asn1.h"
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc    calloc
-#define mbedtls_free       free
-#endif
-
-#include <limits.h>
-#include <stdint.h>
-
-#if defined(MBEDTLS_RSA_C)
-static int rsa_can_do( mbedtls_pk_type_t type )
-{
-    return( type == MBEDTLS_PK_RSA ||
-            type == MBEDTLS_PK_RSASSA_PSS );
-}
-
-static size_t rsa_get_bitlen( const void *ctx )
-{
-    const mbedtls_rsa_context * rsa = (const mbedtls_rsa_context *) ctx;
-    return( 8 * mbedtls_rsa_get_len( rsa ) );
-}
-
-static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
-                   const unsigned char *hash, size_t hash_len,
-                   const unsigned char *sig, size_t sig_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
-    size_t rsa_len = mbedtls_rsa_get_len( rsa );
-
-#if SIZE_MAX > UINT_MAX
-    if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-#endif /* SIZE_MAX > UINT_MAX */
-
-    if( sig_len < rsa_len )
-        return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
-
-    if( ( ret = mbedtls_rsa_pkcs1_verify( rsa, NULL, NULL,
-                                  MBEDTLS_RSA_PUBLIC, md_alg,
-                                  (unsigned int) hash_len, hash, sig ) ) != 0 )
-        return( ret );
-
-    /* The buffer contains a valid signature followed by extra data.
-     * We have a special error code for that so that so that callers can
-     * use mbedtls_pk_verify() to check "Does the buffer start with a
-     * valid signature?" and not just "Does the buffer contain a valid
-     * signature?". */
-    if( sig_len > rsa_len )
-        return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
-
-    return( 0 );
-}
-
-static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
-                   const unsigned char *hash, size_t hash_len,
-                   unsigned char *sig, size_t *sig_len,
-                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-    mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
-
-#if SIZE_MAX > UINT_MAX
-    if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-#endif /* SIZE_MAX > UINT_MAX */
-
-    *sig_len = mbedtls_rsa_get_len( rsa );
-
-    return( mbedtls_rsa_pkcs1_sign( rsa, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
-                md_alg, (unsigned int) hash_len, hash, sig ) );
-}
-
-static int rsa_decrypt_wrap( void *ctx,
-                    const unsigned char *input, size_t ilen,
-                    unsigned char *output, size_t *olen, size_t osize,
-                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-    mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
-
-    if( ilen != mbedtls_rsa_get_len( rsa ) )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    return( mbedtls_rsa_pkcs1_decrypt( rsa, f_rng, p_rng,
-                MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) );
-}
-
-static int rsa_encrypt_wrap( void *ctx,
-                    const unsigned char *input, size_t ilen,
-                    unsigned char *output, size_t *olen, size_t osize,
-                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-    mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
-    *olen = mbedtls_rsa_get_len( rsa );
-
-    if( *olen > osize )
-        return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE );
-
-    return( mbedtls_rsa_pkcs1_encrypt( rsa, f_rng, p_rng, MBEDTLS_RSA_PUBLIC,
-                                       ilen, input, output ) );
-}
-
-static int rsa_check_pair_wrap( const void *pub, const void *prv )
-{
-    return( mbedtls_rsa_check_pub_priv( (const mbedtls_rsa_context *) pub,
-                                (const mbedtls_rsa_context *) prv ) );
-}
-
-static void *rsa_alloc_wrap( void )
-{
-    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_context ) );
-
-    if( ctx != NULL )
-        mbedtls_rsa_init( (mbedtls_rsa_context *) ctx, 0, 0 );
-
-    return( ctx );
-}
-
-static void rsa_free_wrap( void *ctx )
-{
-    mbedtls_rsa_free( (mbedtls_rsa_context *) ctx );
-    mbedtls_free( ctx );
-}
-
-static void rsa_debug( const void *ctx, mbedtls_pk_debug_item *items )
-{
-    items->type = MBEDTLS_PK_DEBUG_MPI;
-    items->name = "rsa.N";
-    items->value = &( ((mbedtls_rsa_context *) ctx)->N );
-
-    items++;
-
-    items->type = MBEDTLS_PK_DEBUG_MPI;
-    items->name = "rsa.E";
-    items->value = &( ((mbedtls_rsa_context *) ctx)->E );
-}
-
-const mbedtls_pk_info_t mbedtls_rsa_info = {
-    MBEDTLS_PK_RSA,
-    "RSA",
-    rsa_get_bitlen,
-    rsa_can_do,
-    rsa_verify_wrap,
-    rsa_sign_wrap,
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    NULL,
-    NULL,
-#endif
-    rsa_decrypt_wrap,
-    rsa_encrypt_wrap,
-    rsa_check_pair_wrap,
-    rsa_alloc_wrap,
-    rsa_free_wrap,
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    NULL,
-    NULL,
-#endif
-    rsa_debug,
-};
-#endif /* MBEDTLS_RSA_C */
-
-#if defined(MBEDTLS_ECP_C)
-/*
- * Generic EC key
- */
-static int eckey_can_do( mbedtls_pk_type_t type )
-{
-    return( type == MBEDTLS_PK_ECKEY ||
-            type == MBEDTLS_PK_ECKEY_DH ||
-            type == MBEDTLS_PK_ECDSA );
-}
-
-static size_t eckey_get_bitlen( const void *ctx )
-{
-    return( ((mbedtls_ecp_keypair *) ctx)->grp.pbits );
-}
-
-#if defined(MBEDTLS_ECDSA_C)
-/* Forward declarations */
-static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
-                       const unsigned char *hash, size_t hash_len,
-                       const unsigned char *sig, size_t sig_len );
-
-static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
-                   const unsigned char *hash, size_t hash_len,
-                   unsigned char *sig, size_t *sig_len,
-                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
-
-static int eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
-                       const unsigned char *hash, size_t hash_len,
-                       const unsigned char *sig, size_t sig_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ecdsa_context ecdsa;
-
-    mbedtls_ecdsa_init( &ecdsa );
-
-    if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
-        ret = ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len );
-
-    mbedtls_ecdsa_free( &ecdsa );
-
-    return( ret );
-}
-
-static int eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
-                   const unsigned char *hash, size_t hash_len,
-                   unsigned char *sig, size_t *sig_len,
-                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ecdsa_context ecdsa;
-
-    mbedtls_ecdsa_init( &ecdsa );
-
-    if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
-        ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len,
-                               f_rng, p_rng );
-
-    mbedtls_ecdsa_free( &ecdsa );
-
-    return( ret );
-}
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-/* Forward declarations */
-static int ecdsa_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg,
-                       const unsigned char *hash, size_t hash_len,
-                       const unsigned char *sig, size_t sig_len,
-                       void *rs_ctx );
-
-static int ecdsa_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg,
-                   const unsigned char *hash, size_t hash_len,
-                   unsigned char *sig, size_t *sig_len,
-                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-                   void *rs_ctx );
-
-/*
- * Restart context for ECDSA operations with ECKEY context
- *
- * We need to store an actual ECDSA context, as we need to pass the same to
- * the underlying ecdsa function, so we can't create it on the fly every time.
- */
-typedef struct
-{
-    mbedtls_ecdsa_restart_ctx ecdsa_rs;
-    mbedtls_ecdsa_context ecdsa_ctx;
-} eckey_restart_ctx;
-
-static void *eckey_rs_alloc( void )
-{
-    eckey_restart_ctx *rs_ctx;
-
-    void *ctx = mbedtls_calloc( 1, sizeof( eckey_restart_ctx ) );
-
-    if( ctx != NULL )
-    {
-        rs_ctx = ctx;
-        mbedtls_ecdsa_restart_init( &rs_ctx->ecdsa_rs );
-        mbedtls_ecdsa_init( &rs_ctx->ecdsa_ctx );
-    }
-
-    return( ctx );
-}
-
-static void eckey_rs_free( void *ctx )
-{
-    eckey_restart_ctx *rs_ctx;
-
-    if( ctx == NULL)
-        return;
-
-    rs_ctx = ctx;
-    mbedtls_ecdsa_restart_free( &rs_ctx->ecdsa_rs );
-    mbedtls_ecdsa_free( &rs_ctx->ecdsa_ctx );
-
-    mbedtls_free( ctx );
-}
-
-static int eckey_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg,
-                       const unsigned char *hash, size_t hash_len,
-                       const unsigned char *sig, size_t sig_len,
-                       void *rs_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    eckey_restart_ctx *rs = rs_ctx;
-
-    /* Should never happen */
-    if( rs == NULL )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    /* set up our own sub-context if needed (that is, on first run) */
-    if( rs->ecdsa_ctx.grp.pbits == 0 )
-        MBEDTLS_MPI_CHK( mbedtls_ecdsa_from_keypair( &rs->ecdsa_ctx, ctx ) );
-
-    MBEDTLS_MPI_CHK( ecdsa_verify_rs_wrap( &rs->ecdsa_ctx,
-                                           md_alg, hash, hash_len,
-                                           sig, sig_len, &rs->ecdsa_rs ) );
-
-cleanup:
-    return( ret );
-}
-
-static int eckey_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg,
-                   const unsigned char *hash, size_t hash_len,
-                   unsigned char *sig, size_t *sig_len,
-                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-                       void *rs_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    eckey_restart_ctx *rs = rs_ctx;
-
-    /* Should never happen */
-    if( rs == NULL )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    /* set up our own sub-context if needed (that is, on first run) */
-    if( rs->ecdsa_ctx.grp.pbits == 0 )
-        MBEDTLS_MPI_CHK( mbedtls_ecdsa_from_keypair( &rs->ecdsa_ctx, ctx ) );
-
-    MBEDTLS_MPI_CHK( ecdsa_sign_rs_wrap( &rs->ecdsa_ctx, md_alg,
-                                         hash, hash_len, sig, sig_len,
-                                         f_rng, p_rng, &rs->ecdsa_rs ) );
-
-cleanup:
-    return( ret );
-}
-#endif /* MBEDTLS_ECP_RESTARTABLE */
-#endif /* MBEDTLS_ECDSA_C */
-
-static int eckey_check_pair( const void *pub, const void *prv )
-{
-    return( mbedtls_ecp_check_pub_priv( (const mbedtls_ecp_keypair *) pub,
-                                (const mbedtls_ecp_keypair *) prv ) );
-}
-
-static void *eckey_alloc_wrap( void )
-{
-    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) );
-
-    if( ctx != NULL )
-        mbedtls_ecp_keypair_init( ctx );
-
-    return( ctx );
-}
-
-static void eckey_free_wrap( void *ctx )
-{
-    mbedtls_ecp_keypair_free( (mbedtls_ecp_keypair *) ctx );
-    mbedtls_free( ctx );
-}
-
-static void eckey_debug( const void *ctx, mbedtls_pk_debug_item *items )
-{
-    items->type = MBEDTLS_PK_DEBUG_ECP;
-    items->name = "eckey.Q";
-    items->value = &( ((mbedtls_ecp_keypair *) ctx)->Q );
-}
-
-const mbedtls_pk_info_t mbedtls_eckey_info = {
-    MBEDTLS_PK_ECKEY,
-    "EC",
-    eckey_get_bitlen,
-    eckey_can_do,
-#if defined(MBEDTLS_ECDSA_C)
-    eckey_verify_wrap,
-    eckey_sign_wrap,
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    eckey_verify_rs_wrap,
-    eckey_sign_rs_wrap,
-#endif
-#else /* MBEDTLS_ECDSA_C */
-    NULL,
-    NULL,
-#endif /* MBEDTLS_ECDSA_C */
-    NULL,
-    NULL,
-    eckey_check_pair,
-    eckey_alloc_wrap,
-    eckey_free_wrap,
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    eckey_rs_alloc,
-    eckey_rs_free,
-#endif
-    eckey_debug,
-};
-
-/*
- * EC key restricted to ECDH
- */
-static int eckeydh_can_do( mbedtls_pk_type_t type )
-{
-    return( type == MBEDTLS_PK_ECKEY ||
-            type == MBEDTLS_PK_ECKEY_DH );
-}
-
-const mbedtls_pk_info_t mbedtls_eckeydh_info = {
-    MBEDTLS_PK_ECKEY_DH,
-    "EC_DH",
-    eckey_get_bitlen,         /* Same underlying key structure */
-    eckeydh_can_do,
-    NULL,
-    NULL,
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    NULL,
-    NULL,
-#endif
-    NULL,
-    NULL,
-    eckey_check_pair,
-    eckey_alloc_wrap,       /* Same underlying key structure */
-    eckey_free_wrap,        /* Same underlying key structure */
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    NULL,
-    NULL,
-#endif
-    eckey_debug,            /* Same underlying key structure */
-};
-#endif /* MBEDTLS_ECP_C */
-
-#if defined(MBEDTLS_ECDSA_C)
-static int ecdsa_can_do( mbedtls_pk_type_t type )
-{
-    return( type == MBEDTLS_PK_ECDSA );
-}
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-/*
- * An ASN.1 encoded signature is a sequence of two ASN.1 integers. Parse one of
- * those integers and convert it to the fixed-length encoding expected by PSA.
- */
-static int extract_ecdsa_sig_int( unsigned char **from, const unsigned char *end,
-                                  unsigned char *to, size_t to_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t unpadded_len, padding_len;
-
-    if( ( ret = mbedtls_asn1_get_tag( from, end, &unpadded_len,
-                                      MBEDTLS_ASN1_INTEGER ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    while( unpadded_len > 0 && **from == 0x00 )
-    {
-        ( *from )++;
-        unpadded_len--;
-    }
-
-    if( unpadded_len > to_len || unpadded_len == 0 )
-        return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    padding_len = to_len - unpadded_len;
-    memset( to, 0x00, padding_len );
-    memcpy( to + padding_len, *from, unpadded_len );
-    ( *from ) += unpadded_len;
-
-    return( 0 );
-}
-
-/*
- * Convert a signature from an ASN.1 sequence of two integers
- * to a raw {r,s} buffer. Note: the provided sig buffer must be at least
- * twice as big as int_size.
- */
-static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end,
-                              unsigned char *sig, size_t int_size )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t tmp_size;
-
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &tmp_size,
-                MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-        return( ret );
-
-    /* Extract r */
-    if( ( ret = extract_ecdsa_sig_int( p, end, sig, int_size ) ) != 0 )
-        return( ret );
-    /* Extract s */
-    if( ( ret = extract_ecdsa_sig_int( p, end, sig + int_size, int_size ) ) != 0 )
-        return( ret );
-
-    return( 0 );
-}
-
-static int ecdsa_verify_wrap( void *ctx_arg, mbedtls_md_type_t md_alg,
-                       const unsigned char *hash, size_t hash_len,
-                       const unsigned char *sig, size_t sig_len )
-{
-    mbedtls_ecdsa_context *ctx = ctx_arg;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_id_t key_id = 0;
-    psa_status_t status;
-    mbedtls_pk_context key;
-    int key_len;
-    /* see ECP_PUB_DER_MAX_BYTES in pkwrite.c */
-    unsigned char buf[30 + 2 * MBEDTLS_ECP_MAX_BYTES];
-    unsigned char *p;
-    mbedtls_pk_info_t pk_info = mbedtls_eckey_info;
-    psa_algorithm_t psa_sig_md = PSA_ALG_ECDSA_ANY;
-    size_t curve_bits;
-    psa_ecc_family_t curve =
-        mbedtls_ecc_group_to_psa( ctx->grp.id, &curve_bits );
-    const size_t signature_part_size = ( ctx->grp.nbits + 7 ) / 8;
-    ((void) md_alg);
-
-    if( curve == 0 )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    /* mbedtls_pk_write_pubkey() expects a full PK context;
-     * re-construct one to make it happy */
-    key.pk_info = &pk_info;
-    key.pk_ctx = ctx;
-    p = buf + sizeof( buf );
-    key_len = mbedtls_pk_write_pubkey( &p, buf, &key );
-    if( key_len <= 0 )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ) );
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH );
-    psa_set_key_algorithm( &attributes, psa_sig_md );
-
-    status = psa_import_key( &attributes,
-                             buf + sizeof( buf ) - key_len, key_len,
-                             &key_id );
-    if( status != PSA_SUCCESS )
-    {
-        ret = mbedtls_psa_err_translate_pk( status );
-        goto cleanup;
-    }
-
-    /* We don't need the exported key anymore and can
-     * reuse its buffer for signature extraction. */
-    if( 2 * signature_part_size > sizeof( buf ) )
-    {
-        ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA;
-        goto cleanup;
-    }
-
-    p = (unsigned char*) sig;
-    if( ( ret = extract_ecdsa_sig( &p, sig + sig_len, buf,
-                                   signature_part_size ) ) != 0 )
-    {
-        goto cleanup;
-    }
-
-    if( psa_verify_hash( key_id, psa_sig_md,
-                         hash, hash_len,
-                         buf, 2 * signature_part_size )
-         != PSA_SUCCESS )
-    {
-         ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
-         goto cleanup;
-    }
-
-    if( p != sig + sig_len )
-    {
-        ret = MBEDTLS_ERR_PK_SIG_LEN_MISMATCH;
-        goto cleanup;
-    }
-    ret = 0;
-
-cleanup:
-    psa_destroy_key( key_id );
-    return( ret );
-}
-#else /* MBEDTLS_USE_PSA_CRYPTO */
-static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
-                       const unsigned char *hash, size_t hash_len,
-                       const unsigned char *sig, size_t sig_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    ((void) md_alg);
-
-    ret = mbedtls_ecdsa_read_signature( (mbedtls_ecdsa_context *) ctx,
-                                hash, hash_len, sig, sig_len );
-
-    if( ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH )
-        return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
-
-    return( ret );
-}
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
-                   const unsigned char *hash, size_t hash_len,
-                   unsigned char *sig, size_t *sig_len,
-                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-    return( mbedtls_ecdsa_write_signature( (mbedtls_ecdsa_context *) ctx,
-                md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng ) );
-}
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-static int ecdsa_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg,
-                       const unsigned char *hash, size_t hash_len,
-                       const unsigned char *sig, size_t sig_len,
-                       void *rs_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    ((void) md_alg);
-
-    ret = mbedtls_ecdsa_read_signature_restartable(
-            (mbedtls_ecdsa_context *) ctx,
-            hash, hash_len, sig, sig_len,
-            (mbedtls_ecdsa_restart_ctx *) rs_ctx );
-
-    if( ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH )
-        return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
-
-    return( ret );
-}
-
-static int ecdsa_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg,
-                   const unsigned char *hash, size_t hash_len,
-                   unsigned char *sig, size_t *sig_len,
-                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-                   void *rs_ctx )
-{
-    return( mbedtls_ecdsa_write_signature_restartable(
-                (mbedtls_ecdsa_context *) ctx,
-                md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng,
-                (mbedtls_ecdsa_restart_ctx *) rs_ctx ) );
-
-}
-#endif /* MBEDTLS_ECP_RESTARTABLE */
-
-static void *ecdsa_alloc_wrap( void )
-{
-    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_context ) );
-
-    if( ctx != NULL )
-        mbedtls_ecdsa_init( (mbedtls_ecdsa_context *) ctx );
-
-    return( ctx );
-}
-
-static void ecdsa_free_wrap( void *ctx )
-{
-    mbedtls_ecdsa_free( (mbedtls_ecdsa_context *) ctx );
-    mbedtls_free( ctx );
-}
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-static void *ecdsa_rs_alloc( void )
-{
-    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_restart_ctx ) );
-
-    if( ctx != NULL )
-        mbedtls_ecdsa_restart_init( ctx );
-
-    return( ctx );
-}
-
-static void ecdsa_rs_free( void *ctx )
-{
-    mbedtls_ecdsa_restart_free( ctx );
-    mbedtls_free( ctx );
-}
-#endif /* MBEDTLS_ECP_RESTARTABLE */
-
-const mbedtls_pk_info_t mbedtls_ecdsa_info = {
-    MBEDTLS_PK_ECDSA,
-    "ECDSA",
-    eckey_get_bitlen,     /* Compatible key structures */
-    ecdsa_can_do,
-    ecdsa_verify_wrap,
-    ecdsa_sign_wrap,
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    ecdsa_verify_rs_wrap,
-    ecdsa_sign_rs_wrap,
-#endif
-    NULL,
-    NULL,
-    eckey_check_pair,   /* Compatible key structures */
-    ecdsa_alloc_wrap,
-    ecdsa_free_wrap,
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    ecdsa_rs_alloc,
-    ecdsa_rs_free,
-#endif
-    eckey_debug,        /* Compatible key structures */
-};
-#endif /* MBEDTLS_ECDSA_C */
-
-#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
-/*
- * Support for alternative RSA-private implementations
- */
-
-static int rsa_alt_can_do( mbedtls_pk_type_t type )
-{
-    return( type == MBEDTLS_PK_RSA );
-}
-
-static size_t rsa_alt_get_bitlen( const void *ctx )
-{
-    const mbedtls_rsa_alt_context *rsa_alt = (const mbedtls_rsa_alt_context *) ctx;
-
-    return( 8 * rsa_alt->key_len_func( rsa_alt->key ) );
-}
-
-static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
-                   const unsigned char *hash, size_t hash_len,
-                   unsigned char *sig, size_t *sig_len,
-                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-    mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx;
-
-#if SIZE_MAX > UINT_MAX
-    if( UINT_MAX < hash_len )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-#endif /* SIZE_MAX > UINT_MAX */
-
-    *sig_len = rsa_alt->key_len_func( rsa_alt->key );
-    if( *sig_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
-                md_alg, (unsigned int) hash_len, hash, sig ) );
-}
-
-static int rsa_alt_decrypt_wrap( void *ctx,
-                    const unsigned char *input, size_t ilen,
-                    unsigned char *output, size_t *olen, size_t osize,
-                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-    mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx;
-
-    ((void) f_rng);
-    ((void) p_rng);
-
-    if( ilen != rsa_alt->key_len_func( rsa_alt->key ) )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    return( rsa_alt->decrypt_func( rsa_alt->key,
-                MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) );
-}
-
-#if defined(MBEDTLS_RSA_C)
-static int rsa_alt_check_pair( const void *pub, const void *prv )
-{
-    unsigned char sig[MBEDTLS_MPI_MAX_SIZE];
-    unsigned char hash[32];
-    size_t sig_len = 0;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( rsa_alt_get_bitlen( prv ) != rsa_get_bitlen( pub ) )
-        return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
-
-    memset( hash, 0x2a, sizeof( hash ) );
-
-    if( ( ret = rsa_alt_sign_wrap( (void *) prv, MBEDTLS_MD_NONE,
-                                   hash, sizeof( hash ),
-                                   sig, &sig_len, NULL, NULL ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    if( rsa_verify_wrap( (void *) pub, MBEDTLS_MD_NONE,
-                         hash, sizeof( hash ), sig, sig_len ) != 0 )
-    {
-        return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_RSA_C */
-
-static void *rsa_alt_alloc_wrap( void )
-{
-    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_alt_context ) );
-
-    if( ctx != NULL )
-        memset( ctx, 0, sizeof( mbedtls_rsa_alt_context ) );
-
-    return( ctx );
-}
-
-static void rsa_alt_free_wrap( void *ctx )
-{
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_rsa_alt_context ) );
-    mbedtls_free( ctx );
-}
-
-const mbedtls_pk_info_t mbedtls_rsa_alt_info = {
-    MBEDTLS_PK_RSA_ALT,
-    "RSA-alt",
-    rsa_alt_get_bitlen,
-    rsa_alt_can_do,
-    NULL,
-    rsa_alt_sign_wrap,
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    NULL,
-    NULL,
-#endif
-    rsa_alt_decrypt_wrap,
-    NULL,
-#if defined(MBEDTLS_RSA_C)
-    rsa_alt_check_pair,
-#else
-    NULL,
-#endif
-    rsa_alt_alloc_wrap,
-    rsa_alt_free_wrap,
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    NULL,
-    NULL,
-#endif
-    NULL,
-};
-
-#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-
-static void *pk_opaque_alloc_wrap( void )
-{
-    void *ctx = mbedtls_calloc( 1, sizeof( psa_key_id_t ) );
-
-    /* no _init() function to call, an calloc() already zeroized */
-
-    return( ctx );
-}
-
-static void pk_opaque_free_wrap( void *ctx )
-{
-    mbedtls_platform_zeroize( ctx, sizeof( psa_key_id_t ) );
-    mbedtls_free( ctx );
-}
-
-static size_t pk_opaque_get_bitlen( const void *ctx )
-{
-    const psa_key_id_t *key = (const psa_key_id_t *) ctx;
-    size_t bits;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    if( PSA_SUCCESS != psa_get_key_attributes( *key, &attributes ) )
-        return( 0 );
-
-    bits = psa_get_key_bits( &attributes );
-    psa_reset_key_attributes( &attributes );
-    return( bits );
-}
-
-static int pk_opaque_can_do( mbedtls_pk_type_t type )
-{
-    /* For now opaque PSA keys can only wrap ECC keypairs,
-     * as checked by setup_psa().
-     * Also, ECKEY_DH does not really make sense with the current API. */
-    return( type == MBEDTLS_PK_ECKEY ||
-            type == MBEDTLS_PK_ECDSA );
-}
-
-#if defined(MBEDTLS_ECDSA_C)
-
-/*
- * Simultaneously convert and move raw MPI from the beginning of a buffer
- * to an ASN.1 MPI at the end of the buffer.
- * See also mbedtls_asn1_write_mpi().
- *
- * p: pointer to the end of the output buffer
- * start: start of the output buffer, and also of the mpi to write at the end
- * n_len: length of the mpi to read from start
- */
-static int asn1_write_mpibuf( unsigned char **p, unsigned char *start,
-                              size_t n_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-
-    if( (size_t)( *p - start ) < n_len )
-        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-    len = n_len;
-    *p -= len;
-    memmove( *p, start, len );
-
-    /* ASN.1 DER encoding requires minimal length, so skip leading 0s.
-     * Neither r nor s should be 0, but as a failsafe measure, still detect
-     * that rather than overflowing the buffer in case of a PSA error. */
-    while( len > 0 && **p == 0x00 )
-    {
-        ++(*p);
-        --len;
-    }
-
-    /* this is only reached if the signature was invalid */
-    if( len == 0 )
-        return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
-
-    /* if the msb is 1, ASN.1 requires that we prepend a 0.
-     * Neither r nor s can be 0, so we can assume len > 0 at all times. */
-    if( **p & 0x80 )
-    {
-        if( *p - start < 1 )
-            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-        *--(*p) = 0x00;
-        len += 1;
-    }
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start,
-                                                MBEDTLS_ASN1_INTEGER ) );
-
-    return( (int) len );
-}
-
-/* Transcode signature from PSA format to ASN.1 sequence.
- * See ecdsa_signature_to_asn1 in ecdsa.c, but with byte buffers instead of
- * MPIs, and in-place.
- *
- * [in/out] sig: the signature pre- and post-transcoding
- * [in/out] sig_len: signature length pre- and post-transcoding
- * [int] buf_len: the available size the in/out buffer
- */
-static int pk_ecdsa_sig_asn1_from_psa( unsigned char *sig, size_t *sig_len,
-                                       size_t buf_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-    const size_t rs_len = *sig_len / 2;
-    unsigned char *p = sig + buf_len;
-
-    MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, sig + rs_len, rs_len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, sig, rs_len ) );
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, sig, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, sig,
-                          MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
-
-    memmove( sig, p, len );
-    *sig_len = len;
-
-    return( 0 );
-}
-
-#endif /* MBEDTLS_ECDSA_C */
-
-static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
-                   const unsigned char *hash, size_t hash_len,
-                   unsigned char *sig, size_t *sig_len,
-                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-#if !defined(MBEDTLS_ECDSA_C)
-    ((void) ctx);
-    ((void) md_alg);
-    ((void) hash);
-    ((void) hash_len);
-    ((void) sig);
-    ((void) sig_len);
-    ((void) f_rng);
-    ((void) p_rng);
-    return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
-#else /* !MBEDTLS_ECDSA_C */
-    const psa_key_id_t *key = (const psa_key_id_t *) ctx;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_algorithm_t alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) );
-    size_t buf_len;
-    psa_status_t status;
-
-    /* PSA has its own RNG */
-    (void) f_rng;
-    (void) p_rng;
-
-    /* PSA needs an output buffer of known size, but our API doesn't provide
-     * that information. Assume that the buffer is large enough for a
-     * maximal-length signature with that key (otherwise the application is
-     * buggy anyway). */
-    status = psa_get_key_attributes( *key, &attributes );
-    if( status != PSA_SUCCESS )
-        return( mbedtls_psa_err_translate_pk( status ) );
-    buf_len = MBEDTLS_ECDSA_MAX_SIG_LEN( psa_get_key_bits( &attributes ) );
-    psa_reset_key_attributes( &attributes );
-    if( buf_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    /* make the signature */
-    status = psa_sign_hash( *key, alg, hash, hash_len,
-                            sig, buf_len, sig_len );
-    if( status != PSA_SUCCESS )
-        return( mbedtls_psa_err_translate_pk( status ) );
-
-    /* transcode it to ASN.1 sequence */
-    return( pk_ecdsa_sig_asn1_from_psa( sig, sig_len, buf_len ) );
-#endif /* !MBEDTLS_ECDSA_C */
-}
-
-const mbedtls_pk_info_t mbedtls_pk_opaque_info = {
-    MBEDTLS_PK_OPAQUE,
-    "Opaque",
-    pk_opaque_get_bitlen,
-    pk_opaque_can_do,
-    NULL, /* verify - will be done later */
-    pk_opaque_sign_wrap,
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    NULL, /* restartable verify - not relevant */
-    NULL, /* restartable sign - not relevant */
-#endif
-    NULL, /* decrypt - will be done later */
-    NULL, /* encrypt - will be done later */
-    NULL, /* check_pair - could be done later or left NULL */
-    pk_opaque_alloc_wrap,
-    pk_opaque_free_wrap,
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    NULL, /* restart alloc - not relevant */
-    NULL, /* restart free - not relevant */
-#endif
-    NULL, /* debug - could be done later, or even left NULL */
-};
-
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#endif /* MBEDTLS_PK_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/pkcs11.c b/3rdparty/mbedtls-2.25.0/library/pkcs11.c
deleted file mode 100644
index 4deccf3..0000000
--- a/3rdparty/mbedtls-2.25.0/library/pkcs11.c
+++ /dev/null
@@ -1,238 +0,0 @@
-/**
- * \file pkcs11.c
- *
- * \brief Wrapper for PKCS#11 library libpkcs11-helper
- *
- * \author Adriaan de Jong <dejong@fox-it.com>
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "mbedtls/pkcs11.h"
-
-#if defined(MBEDTLS_PKCS11_C)
-
-#include "mbedtls/md.h"
-#include "mbedtls/oid.h"
-#include "mbedtls/x509_crt.h"
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc    calloc
-#define mbedtls_free       free
-#endif
-
-#include <string.h>
-
-void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx )
-{
-    memset( ctx, 0, sizeof( mbedtls_pkcs11_context ) );
-}
-
-int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11_cert )
-{
-    int ret = 1;
-    unsigned char *cert_blob = NULL;
-    size_t cert_blob_size = 0;
-
-    if( cert == NULL )
-    {
-        ret = 2;
-        goto cleanup;
-    }
-
-    if( pkcs11h_certificate_getCertificateBlob( pkcs11_cert, NULL,
-                                                &cert_blob_size ) != CKR_OK )
-    {
-        ret = 3;
-        goto cleanup;
-    }
-
-    cert_blob = mbedtls_calloc( 1, cert_blob_size );
-    if( NULL == cert_blob )
-    {
-        ret = 4;
-        goto cleanup;
-    }
-
-    if( pkcs11h_certificate_getCertificateBlob( pkcs11_cert, cert_blob,
-                                                &cert_blob_size ) != CKR_OK )
-    {
-        ret = 5;
-        goto cleanup;
-    }
-
-    if( 0 != mbedtls_x509_crt_parse( cert, cert_blob, cert_blob_size ) )
-    {
-        ret = 6;
-        goto cleanup;
-    }
-
-    ret = 0;
-
-cleanup:
-    if( NULL != cert_blob )
-        mbedtls_free( cert_blob );
-
-    return( ret );
-}
-
-
-int mbedtls_pkcs11_priv_key_bind( mbedtls_pkcs11_context *priv_key,
-        pkcs11h_certificate_t pkcs11_cert )
-{
-    int ret = 1;
-    mbedtls_x509_crt cert;
-
-    mbedtls_x509_crt_init( &cert );
-
-    if( priv_key == NULL )
-        goto cleanup;
-
-    if( 0 != mbedtls_pkcs11_x509_cert_bind( &cert, pkcs11_cert ) )
-        goto cleanup;
-
-    priv_key->len = mbedtls_pk_get_len( &cert.pk );
-    priv_key->pkcs11h_cert = pkcs11_cert;
-
-    ret = 0;
-
-cleanup:
-    mbedtls_x509_crt_free( &cert );
-
-    return( ret );
-}
-
-void mbedtls_pkcs11_priv_key_free( mbedtls_pkcs11_context *priv_key )
-{
-    if( NULL != priv_key )
-        pkcs11h_certificate_freeCertificate( priv_key->pkcs11h_cert );
-}
-
-int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx,
-                       int mode, size_t *olen,
-                       const unsigned char *input,
-                       unsigned char *output,
-                       size_t output_max_len )
-{
-    size_t input_len, output_len;
-
-    if( NULL == ctx )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    if( MBEDTLS_RSA_PRIVATE != mode )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    output_len = input_len = ctx->len;
-
-    if( input_len < 16 || input_len > output_max_len )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    /* Determine size of output buffer */
-    if( pkcs11h_certificate_decryptAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, input,
-            input_len, NULL, &output_len ) != CKR_OK )
-    {
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-    }
-
-    if( output_len > output_max_len )
-        return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE );
-
-    if( pkcs11h_certificate_decryptAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, input,
-            input_len, output, &output_len ) != CKR_OK )
-    {
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-    }
-    *olen = output_len;
-    return( 0 );
-}
-
-int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx,
-                    int mode,
-                    mbedtls_md_type_t md_alg,
-                    unsigned int hashlen,
-                    const unsigned char *hash,
-                    unsigned char *sig )
-{
-    size_t sig_len = 0, asn_len = 0, oid_size = 0;
-    unsigned char *p = sig;
-    const char *oid;
-
-    if( NULL == ctx )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    if( MBEDTLS_RSA_PRIVATE != mode )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    if( md_alg != MBEDTLS_MD_NONE )
-    {
-        const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
-        if( md_info == NULL )
-            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-        if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 )
-            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-        hashlen = mbedtls_md_get_size( md_info );
-        asn_len = 10 + oid_size;
-    }
-
-    sig_len = ctx->len;
-    if( hashlen > sig_len || asn_len > sig_len ||
-        hashlen + asn_len > sig_len )
-    {
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-    }
-
-    if( md_alg != MBEDTLS_MD_NONE )
-    {
-        /*
-         * DigestInfo ::= SEQUENCE {
-         *   digestAlgorithm DigestAlgorithmIdentifier,
-         *   digest Digest }
-         *
-         * DigestAlgorithmIdentifier ::= AlgorithmIdentifier
-         *
-         * Digest ::= OCTET STRING
-         */
-        *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED;
-        *p++ = (unsigned char) ( 0x08 + oid_size + hashlen );
-        *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED;
-        *p++ = (unsigned char) ( 0x04 + oid_size );
-        *p++ = MBEDTLS_ASN1_OID;
-        *p++ = oid_size & 0xFF;
-        memcpy( p, oid, oid_size );
-        p += oid_size;
-        *p++ = MBEDTLS_ASN1_NULL;
-        *p++ = 0x00;
-        *p++ = MBEDTLS_ASN1_OCTET_STRING;
-        *p++ = hashlen;
-    }
-
-    memcpy( p, hash, hashlen );
-
-    if( pkcs11h_certificate_signAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, sig,
-            asn_len + hashlen, sig, &sig_len ) != CKR_OK )
-    {
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-    }
-
-    return( 0 );
-}
-
-#endif /* defined(MBEDTLS_PKCS11_C) */
diff --git a/3rdparty/mbedtls-2.25.0/library/pkcs12.c b/3rdparty/mbedtls-2.25.0/library/pkcs12.c
deleted file mode 100644
index 4bdeb68..0000000
--- a/3rdparty/mbedtls-2.25.0/library/pkcs12.c
+++ /dev/null
@@ -1,360 +0,0 @@
-/*
- *  PKCS#12 Personal Information Exchange Syntax
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  The PKCS #12 Personal Information Exchange Syntax Standard v1.1
- *
- *  http://www.rsa.com/rsalabs/pkcs/files/h11301-wp-pkcs-12v1-1-personal-information-exchange-syntax.pdf
- *  ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1-1.asn
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_PKCS12_C)
-
-#include "mbedtls/pkcs12.h"
-#include "mbedtls/asn1.h"
-#include "mbedtls/cipher.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_ARC4_C)
-#include "mbedtls/arc4.h"
-#endif
-
-#if defined(MBEDTLS_DES_C)
-#include "mbedtls/des.h"
-#endif
-
-#if defined(MBEDTLS_ASN1_PARSE_C)
-
-static int pkcs12_parse_pbe_params( mbedtls_asn1_buf *params,
-                                    mbedtls_asn1_buf *salt, int *iterations )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char **p = &params->p;
-    const unsigned char *end = params->p + params->len;
-
-    /*
-     *  pkcs-12PbeParams ::= SEQUENCE {
-     *    salt          OCTET STRING,
-     *    iterations    INTEGER
-     *  }
-     *
-     */
-    if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
-        return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT +
-                MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
-
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
-        return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + ret );
-
-    salt->p = *p;
-    *p += salt->len;
-
-    if( ( ret = mbedtls_asn1_get_int( p, end, iterations ) ) != 0 )
-        return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + ret );
-
-    if( *p != end )
-        return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    return( 0 );
-}
-
-#define PKCS12_MAX_PWDLEN 128
-
-static int pkcs12_pbe_derive_key_iv( mbedtls_asn1_buf *pbe_params, mbedtls_md_type_t md_type,
-                                     const unsigned char *pwd,  size_t pwdlen,
-                                     unsigned char *key, size_t keylen,
-                                     unsigned char *iv,  size_t ivlen )
-{
-    int ret, iterations = 0;
-    mbedtls_asn1_buf salt;
-    size_t i;
-    unsigned char unipwd[PKCS12_MAX_PWDLEN * 2 + 2];
-
-    if( pwdlen > PKCS12_MAX_PWDLEN )
-        return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA );
-
-    memset( &salt, 0, sizeof(mbedtls_asn1_buf) );
-    memset( &unipwd, 0, sizeof(unipwd) );
-
-    if( ( ret = pkcs12_parse_pbe_params( pbe_params, &salt,
-                                         &iterations ) ) != 0 )
-        return( ret );
-
-    for( i = 0; i < pwdlen; i++ )
-        unipwd[i * 2 + 1] = pwd[i];
-
-    if( ( ret = mbedtls_pkcs12_derivation( key, keylen, unipwd, pwdlen * 2 + 2,
-                                   salt.p, salt.len, md_type,
-                                   MBEDTLS_PKCS12_DERIVE_KEY, iterations ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    if( iv == NULL || ivlen == 0 )
-        return( 0 );
-
-    if( ( ret = mbedtls_pkcs12_derivation( iv, ivlen, unipwd, pwdlen * 2 + 2,
-                                   salt.p, salt.len, md_type,
-                                   MBEDTLS_PKCS12_DERIVE_IV, iterations ) ) != 0 )
-    {
-        return( ret );
-    }
-    return( 0 );
-}
-
-#undef PKCS12_MAX_PWDLEN
-
-int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode,
-                             const unsigned char *pwd,  size_t pwdlen,
-                             const unsigned char *data, size_t len,
-                             unsigned char *output )
-{
-#if !defined(MBEDTLS_ARC4_C)
-    ((void) pbe_params);
-    ((void) mode);
-    ((void) pwd);
-    ((void) pwdlen);
-    ((void) data);
-    ((void) len);
-    ((void) output);
-    return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
-#else
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char key[16];
-    mbedtls_arc4_context ctx;
-    ((void) mode);
-
-    mbedtls_arc4_init( &ctx );
-
-    if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, MBEDTLS_MD_SHA1,
-                                          pwd, pwdlen,
-                                          key, 16, NULL, 0 ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    mbedtls_arc4_setup( &ctx, key, 16 );
-    if( ( ret = mbedtls_arc4_crypt( &ctx, len, data, output ) ) != 0 )
-        goto exit;
-
-exit:
-    mbedtls_platform_zeroize( key, sizeof( key ) );
-    mbedtls_arc4_free( &ctx );
-
-    return( ret );
-#endif /* MBEDTLS_ARC4_C */
-}
-
-int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode,
-                mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
-                const unsigned char *pwd,  size_t pwdlen,
-                const unsigned char *data, size_t len,
-                unsigned char *output )
-{
-    int ret, keylen = 0;
-    unsigned char key[32];
-    unsigned char iv[16];
-    const mbedtls_cipher_info_t *cipher_info;
-    mbedtls_cipher_context_t cipher_ctx;
-    size_t olen = 0;
-
-    cipher_info = mbedtls_cipher_info_from_type( cipher_type );
-    if( cipher_info == NULL )
-        return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
-
-    keylen = cipher_info->key_bitlen / 8;
-
-    if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, md_type, pwd, pwdlen,
-                                          key, keylen,
-                                          iv, cipher_info->iv_size ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    mbedtls_cipher_init( &cipher_ctx );
-
-    if( ( ret = mbedtls_cipher_setup( &cipher_ctx, cipher_info ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_cipher_setkey( &cipher_ctx, key, 8 * keylen, (mbedtls_operation_t) mode ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_cipher_set_iv( &cipher_ctx, iv, cipher_info->iv_size ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_cipher_reset( &cipher_ctx ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_cipher_update( &cipher_ctx, data, len,
-                                output, &olen ) ) != 0 )
-    {
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_cipher_finish( &cipher_ctx, output + olen, &olen ) ) != 0 )
-        ret = MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH;
-
-exit:
-    mbedtls_platform_zeroize( key, sizeof( key ) );
-    mbedtls_platform_zeroize( iv,  sizeof( iv  ) );
-    mbedtls_cipher_free( &cipher_ctx );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_ASN1_PARSE_C */
-
-static void pkcs12_fill_buffer( unsigned char *data, size_t data_len,
-                                const unsigned char *filler, size_t fill_len )
-{
-    unsigned char *p = data;
-    size_t use_len;
-
-    while( data_len > 0 )
-    {
-        use_len = ( data_len > fill_len ) ? fill_len : data_len;
-        memcpy( p, filler, use_len );
-        p += use_len;
-        data_len -= use_len;
-    }
-}
-
-int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,
-                       const unsigned char *pwd, size_t pwdlen,
-                       const unsigned char *salt, size_t saltlen,
-                       mbedtls_md_type_t md_type, int id, int iterations )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned int j;
-
-    unsigned char diversifier[128];
-    unsigned char salt_block[128], pwd_block[128], hash_block[128];
-    unsigned char hash_output[MBEDTLS_MD_MAX_SIZE];
-    unsigned char *p;
-    unsigned char c;
-
-    size_t hlen, use_len, v, i;
-
-    const mbedtls_md_info_t *md_info;
-    mbedtls_md_context_t md_ctx;
-
-    // This version only allows max of 64 bytes of password or salt
-    if( datalen > 128 || pwdlen > 64 || saltlen > 64 )
-        return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA );
-
-    md_info = mbedtls_md_info_from_type( md_type );
-    if( md_info == NULL )
-        return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
-
-    mbedtls_md_init( &md_ctx );
-
-    if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
-        return( ret );
-    hlen = mbedtls_md_get_size( md_info );
-
-    if( hlen <= 32 )
-        v = 64;
-    else
-        v = 128;
-
-    memset( diversifier, (unsigned char) id, v );
-
-    pkcs12_fill_buffer( salt_block, v, salt, saltlen );
-    pkcs12_fill_buffer( pwd_block,  v, pwd,  pwdlen  );
-
-    p = data;
-    while( datalen > 0 )
-    {
-        // Calculate hash( diversifier || salt_block || pwd_block )
-        if( ( ret = mbedtls_md_starts( &md_ctx ) ) != 0 )
-            goto exit;
-
-        if( ( ret = mbedtls_md_update( &md_ctx, diversifier, v ) ) != 0 )
-            goto exit;
-
-        if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v ) ) != 0 )
-            goto exit;
-
-        if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v ) ) != 0 )
-            goto exit;
-
-        if( ( ret = mbedtls_md_finish( &md_ctx, hash_output ) ) != 0 )
-            goto exit;
-
-        // Perform remaining ( iterations - 1 ) recursive hash calculations
-        for( i = 1; i < (size_t) iterations; i++ )
-        {
-            if( ( ret = mbedtls_md( md_info, hash_output, hlen, hash_output ) ) != 0 )
-                goto exit;
-        }
-
-        use_len = ( datalen > hlen ) ? hlen : datalen;
-        memcpy( p, hash_output, use_len );
-        datalen -= use_len;
-        p += use_len;
-
-        if( datalen == 0 )
-            break;
-
-        // Concatenating copies of hash_output into hash_block (B)
-        pkcs12_fill_buffer( hash_block, v, hash_output, hlen );
-
-        // B += 1
-        for( i = v; i > 0; i-- )
-            if( ++hash_block[i - 1] != 0 )
-                break;
-
-        // salt_block += B
-        c = 0;
-        for( i = v; i > 0; i-- )
-        {
-            j = salt_block[i - 1] + hash_block[i - 1] + c;
-            c = (unsigned char) (j >> 8);
-            salt_block[i - 1] = j & 0xFF;
-        }
-
-        // pwd_block  += B
-        c = 0;
-        for( i = v; i > 0; i-- )
-        {
-            j = pwd_block[i - 1] + hash_block[i - 1] + c;
-            c = (unsigned char) (j >> 8);
-            pwd_block[i - 1] = j & 0xFF;
-        }
-    }
-
-    ret = 0;
-
-exit:
-    mbedtls_platform_zeroize( salt_block, sizeof( salt_block ) );
-    mbedtls_platform_zeroize( pwd_block, sizeof( pwd_block ) );
-    mbedtls_platform_zeroize( hash_block, sizeof( hash_block ) );
-    mbedtls_platform_zeroize( hash_output, sizeof( hash_output ) );
-
-    mbedtls_md_free( &md_ctx );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_PKCS12_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/pkcs5.c b/3rdparty/mbedtls-2.25.0/library/pkcs5.c
deleted file mode 100644
index e9e743f..0000000
--- a/3rdparty/mbedtls-2.25.0/library/pkcs5.c
+++ /dev/null
@@ -1,420 +0,0 @@
-/**
- * \file pkcs5.c
- *
- * \brief PKCS#5 functions
- *
- * \author Mathias Olsson <mathias@kompetensum.com>
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- * PKCS#5 includes PBKDF2 and more
- *
- * http://tools.ietf.org/html/rfc2898 (Specification)
- * http://tools.ietf.org/html/rfc6070 (Test vectors)
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_PKCS5_C)
-
-#include "mbedtls/pkcs5.h"
-#include "mbedtls/error.h"
-
-#if defined(MBEDTLS_ASN1_PARSE_C)
-#include "mbedtls/asn1.h"
-#include "mbedtls/cipher.h"
-#include "mbedtls/oid.h"
-#endif /* MBEDTLS_ASN1_PARSE_C */
-
-#include <string.h>
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif
-
-#if defined(MBEDTLS_ASN1_PARSE_C)
-static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params,
-                                      mbedtls_asn1_buf *salt, int *iterations,
-                                      int *keylen, mbedtls_md_type_t *md_type )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_asn1_buf prf_alg_oid;
-    unsigned char *p = params->p;
-    const unsigned char *end = params->p + params->len;
-
-    if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
-        return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT +
-                MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
-    /*
-     *  PBKDF2-params ::= SEQUENCE {
-     *    salt              OCTET STRING,
-     *    iterationCount    INTEGER,
-     *    keyLength         INTEGER OPTIONAL
-     *    prf               AlgorithmIdentifier DEFAULT algid-hmacWithSHA1
-     *  }
-     *
-     */
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &salt->len,
-                                      MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
-        return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
-
-    salt->p = p;
-    p += salt->len;
-
-    if( ( ret = mbedtls_asn1_get_int( &p, end, iterations ) ) != 0 )
-        return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
-
-    if( p == end )
-        return( 0 );
-
-    if( ( ret = mbedtls_asn1_get_int( &p, end, keylen ) ) != 0 )
-    {
-        if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
-            return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
-    }
-
-    if( p == end )
-        return( 0 );
-
-    if( ( ret = mbedtls_asn1_get_alg_null( &p, end, &prf_alg_oid ) ) != 0 )
-        return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
-
-    if( mbedtls_oid_get_md_hmac( &prf_alg_oid, md_type ) != 0 )
-        return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
-
-    if( p != end )
-        return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    return( 0 );
-}
-
-int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
-                 const unsigned char *pwd,  size_t pwdlen,
-                 const unsigned char *data, size_t datalen,
-                 unsigned char *output )
-{
-    int ret, iterations = 0, keylen = 0;
-    unsigned char *p, *end;
-    mbedtls_asn1_buf kdf_alg_oid, enc_scheme_oid, kdf_alg_params, enc_scheme_params;
-    mbedtls_asn1_buf salt;
-    mbedtls_md_type_t md_type = MBEDTLS_MD_SHA1;
-    unsigned char key[32], iv[32];
-    size_t olen = 0;
-    const mbedtls_md_info_t *md_info;
-    const mbedtls_cipher_info_t *cipher_info;
-    mbedtls_md_context_t md_ctx;
-    mbedtls_cipher_type_t cipher_alg;
-    mbedtls_cipher_context_t cipher_ctx;
-
-    p = pbe_params->p;
-    end = p + pbe_params->len;
-
-    /*
-     *  PBES2-params ::= SEQUENCE {
-     *    keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}},
-     *    encryptionScheme AlgorithmIdentifier {{PBES2-Encs}}
-     *  }
-     */
-    if( pbe_params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
-        return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT +
-                MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
-
-    if( ( ret = mbedtls_asn1_get_alg( &p, end, &kdf_alg_oid,
-                                      &kdf_alg_params ) ) != 0 )
-        return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
-
-    // Only PBKDF2 supported at the moment
-    //
-    if( MBEDTLS_OID_CMP( MBEDTLS_OID_PKCS5_PBKDF2, &kdf_alg_oid ) != 0 )
-        return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
-
-    if( ( ret = pkcs5_parse_pbkdf2_params( &kdf_alg_params,
-                                           &salt, &iterations, &keylen,
-                                           &md_type ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    md_info = mbedtls_md_info_from_type( md_type );
-    if( md_info == NULL )
-        return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
-
-    if( ( ret = mbedtls_asn1_get_alg( &p, end, &enc_scheme_oid,
-                              &enc_scheme_params ) ) != 0 )
-    {
-        return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
-    }
-
-    if( mbedtls_oid_get_cipher_alg( &enc_scheme_oid, &cipher_alg ) != 0 )
-        return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
-
-    cipher_info = mbedtls_cipher_info_from_type( cipher_alg );
-    if( cipher_info == NULL )
-        return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
-
-    /*
-     * The value of keylen from pkcs5_parse_pbkdf2_params() is ignored
-     * since it is optional and we don't know if it was set or not
-     */
-    keylen = cipher_info->key_bitlen / 8;
-
-    if( enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING ||
-        enc_scheme_params.len != cipher_info->iv_size )
-    {
-        return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT );
-    }
-
-    mbedtls_md_init( &md_ctx );
-    mbedtls_cipher_init( &cipher_ctx );
-
-    memcpy( iv, enc_scheme_params.p, enc_scheme_params.len );
-
-    if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_pkcs5_pbkdf2_hmac( &md_ctx, pwd, pwdlen, salt.p, salt.len,
-                                   iterations, keylen, key ) ) != 0 )
-    {
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_cipher_setup( &cipher_ctx, cipher_info ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_cipher_setkey( &cipher_ctx, key, 8 * keylen,
-                                       (mbedtls_operation_t) mode ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_cipher_crypt( &cipher_ctx, iv, enc_scheme_params.len,
-                              data, datalen, output, &olen ) ) != 0 )
-        ret = MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH;
-
-exit:
-    mbedtls_md_free( &md_ctx );
-    mbedtls_cipher_free( &cipher_ctx );
-
-    return( ret );
-}
-#endif /* MBEDTLS_ASN1_PARSE_C */
-
-int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx,
-                       const unsigned char *password,
-                       size_t plen, const unsigned char *salt, size_t slen,
-                       unsigned int iteration_count,
-                       uint32_t key_length, unsigned char *output )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    int j;
-    unsigned int i;
-    unsigned char md1[MBEDTLS_MD_MAX_SIZE];
-    unsigned char work[MBEDTLS_MD_MAX_SIZE];
-    unsigned char md_size = mbedtls_md_get_size( ctx->md_info );
-    size_t use_len;
-    unsigned char *out_p = output;
-    unsigned char counter[4];
-
-    memset( counter, 0, 4 );
-    counter[3] = 1;
-
-#if UINT_MAX > 0xFFFFFFFF
-    if( iteration_count > 0xFFFFFFFF )
-        return( MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA );
-#endif
-
-    if( ( ret = mbedtls_md_hmac_starts( ctx, password, plen ) ) != 0 )
-        return( ret );
-    while( key_length )
-    {
-        // U1 ends up in work
-        //
-        if( ( ret = mbedtls_md_hmac_update( ctx, salt, slen ) ) != 0 )
-            goto cleanup;
-
-        if( ( ret = mbedtls_md_hmac_update( ctx, counter, 4 ) ) != 0 )
-            goto cleanup;
-
-        if( ( ret = mbedtls_md_hmac_finish( ctx, work ) ) != 0 )
-            goto cleanup;
-
-        if( ( ret = mbedtls_md_hmac_reset( ctx ) ) != 0 )
-            goto cleanup;
-
-        memcpy( md1, work, md_size );
-
-        for( i = 1; i < iteration_count; i++ )
-        {
-            // U2 ends up in md1
-            //
-            if( ( ret = mbedtls_md_hmac_update( ctx, md1, md_size ) ) != 0 )
-                goto cleanup;
-
-            if( ( ret = mbedtls_md_hmac_finish( ctx, md1 ) ) != 0 )
-                goto cleanup;
-
-            if( ( ret = mbedtls_md_hmac_reset( ctx ) ) != 0 )
-                goto cleanup;
-
-            // U1 xor U2
-            //
-            for( j = 0; j < md_size; j++ )
-                work[j] ^= md1[j];
-        }
-
-        use_len = ( key_length < md_size ) ? key_length : md_size;
-        memcpy( out_p, work, use_len );
-
-        key_length -= (uint32_t) use_len;
-        out_p += use_len;
-
-        for( i = 4; i > 0; i-- )
-            if( ++counter[i - 1] != 0 )
-                break;
-    }
-
-cleanup:
-    /* Zeroise buffers to clear sensitive data from memory. */
-    mbedtls_platform_zeroize( work, MBEDTLS_MD_MAX_SIZE );
-    mbedtls_platform_zeroize( md1, MBEDTLS_MD_MAX_SIZE );
-
-    return( ret );
-}
-
-#if defined(MBEDTLS_SELF_TEST)
-
-#if !defined(MBEDTLS_SHA1_C)
-int mbedtls_pkcs5_self_test( int verbose )
-{
-    if( verbose != 0 )
-        mbedtls_printf( "  PBKDF2 (SHA1): skipped\n\n" );
-
-    return( 0 );
-}
-#else
-
-#define MAX_TESTS   6
-
-static const size_t plen_test_data[MAX_TESTS] =
-    { 8, 8, 8, 24, 9 };
-
-static const unsigned char password_test_data[MAX_TESTS][32] =
-{
-    "password",
-    "password",
-    "password",
-    "passwordPASSWORDpassword",
-    "pass\0word",
-};
-
-static const size_t slen_test_data[MAX_TESTS] =
-    { 4, 4, 4, 36, 5 };
-
-static const unsigned char salt_test_data[MAX_TESTS][40] =
-{
-    "salt",
-    "salt",
-    "salt",
-    "saltSALTsaltSALTsaltSALTsaltSALTsalt",
-    "sa\0lt",
-};
-
-static const uint32_t it_cnt_test_data[MAX_TESTS] =
-    { 1, 2, 4096, 4096, 4096 };
-
-static const uint32_t key_len_test_data[MAX_TESTS] =
-    { 20, 20, 20, 25, 16 };
-
-static const unsigned char result_key_test_data[MAX_TESTS][32] =
-{
-    { 0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71,
-      0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06,
-      0x2f, 0xe0, 0x37, 0xa6 },
-    { 0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c,
-      0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0,
-      0xd8, 0xde, 0x89, 0x57 },
-    { 0x4b, 0x00, 0x79, 0x01, 0xb7, 0x65, 0x48, 0x9a,
-      0xbe, 0xad, 0x49, 0xd9, 0x26, 0xf7, 0x21, 0xd0,
-      0x65, 0xa4, 0x29, 0xc1 },
-    { 0x3d, 0x2e, 0xec, 0x4f, 0xe4, 0x1c, 0x84, 0x9b,
-      0x80, 0xc8, 0xd8, 0x36, 0x62, 0xc0, 0xe4, 0x4a,
-      0x8b, 0x29, 0x1a, 0x96, 0x4c, 0xf2, 0xf0, 0x70,
-      0x38 },
-    { 0x56, 0xfa, 0x6a, 0xa7, 0x55, 0x48, 0x09, 0x9d,
-      0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3 },
-};
-
-int mbedtls_pkcs5_self_test( int verbose )
-{
-    mbedtls_md_context_t sha1_ctx;
-    const mbedtls_md_info_t *info_sha1;
-    int ret, i;
-    unsigned char key[64];
-
-    mbedtls_md_init( &sha1_ctx );
-
-    info_sha1 = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
-    if( info_sha1 == NULL )
-    {
-        ret = 1;
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_md_setup( &sha1_ctx, info_sha1, 1 ) ) != 0 )
-    {
-        ret = 1;
-        goto exit;
-    }
-
-    for( i = 0; i < MAX_TESTS; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  PBKDF2 (SHA1) #%d: ", i );
-
-        ret = mbedtls_pkcs5_pbkdf2_hmac( &sha1_ctx, password_test_data[i],
-                                         plen_test_data[i], salt_test_data[i],
-                                         slen_test_data[i], it_cnt_test_data[i],
-                                         key_len_test_data[i], key );
-        if( ret != 0 ||
-            memcmp( result_key_test_data[i], key, key_len_test_data[i] ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
-
-            ret = 1;
-            goto exit;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-exit:
-    mbedtls_md_free( &sha1_ctx );
-
-    return( ret );
-}
-#endif /* MBEDTLS_SHA1_C */
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_PKCS5_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/pkparse.c b/3rdparty/mbedtls-2.25.0/library/pkparse.c
deleted file mode 100644
index 0590f2b..0000000
--- a/3rdparty/mbedtls-2.25.0/library/pkparse.c
+++ /dev/null
@@ -1,1533 +0,0 @@
-/*
- *  Public Key layer for parsing key files and structures
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_PK_PARSE_C)
-
-#include "mbedtls/pk.h"
-#include "mbedtls/asn1.h"
-#include "mbedtls/oid.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_RSA_C)
-#include "mbedtls/rsa.h"
-#endif
-#if defined(MBEDTLS_ECP_C)
-#include "mbedtls/ecp.h"
-#endif
-#if defined(MBEDTLS_ECDSA_C)
-#include "mbedtls/ecdsa.h"
-#endif
-#if defined(MBEDTLS_PEM_PARSE_C)
-#include "mbedtls/pem.h"
-#endif
-#if defined(MBEDTLS_PKCS5_C)
-#include "mbedtls/pkcs5.h"
-#endif
-#if defined(MBEDTLS_PKCS12_C)
-#include "mbedtls/pkcs12.h"
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc    calloc
-#define mbedtls_free       free
-#endif
-
-/* Parameter validation macros based on platform_util.h */
-#define PK_VALIDATE_RET( cond )    \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA )
-#define PK_VALIDATE( cond )        \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-#if defined(MBEDTLS_FS_IO)
-/*
- * Load all data from a file into a given buffer.
- *
- * The file is expected to contain either PEM or DER encoded data.
- * A terminating null byte is always appended. It is included in the announced
- * length only if the data looks like it is PEM encoded.
- */
-int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n )
-{
-    FILE *f;
-    long size;
-
-    PK_VALIDATE_RET( path != NULL );
-    PK_VALIDATE_RET( buf != NULL );
-    PK_VALIDATE_RET( n != NULL );
-
-    if( ( f = fopen( path, "rb" ) ) == NULL )
-        return( MBEDTLS_ERR_PK_FILE_IO_ERROR );
-
-    fseek( f, 0, SEEK_END );
-    if( ( size = ftell( f ) ) == -1 )
-    {
-        fclose( f );
-        return( MBEDTLS_ERR_PK_FILE_IO_ERROR );
-    }
-    fseek( f, 0, SEEK_SET );
-
-    *n = (size_t) size;
-
-    if( *n + 1 == 0 ||
-        ( *buf = mbedtls_calloc( 1, *n + 1 ) ) == NULL )
-    {
-        fclose( f );
-        return( MBEDTLS_ERR_PK_ALLOC_FAILED );
-    }
-
-    if( fread( *buf, 1, *n, f ) != *n )
-    {
-        fclose( f );
-
-        mbedtls_platform_zeroize( *buf, *n );
-        mbedtls_free( *buf );
-
-        return( MBEDTLS_ERR_PK_FILE_IO_ERROR );
-    }
-
-    fclose( f );
-
-    (*buf)[*n] = '\0';
-
-    if( strstr( (const char *) *buf, "-----BEGIN " ) != NULL )
-        ++*n;
-
-    return( 0 );
-}
-
-/*
- * Load and parse a private key
- */
-int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx,
-                      const char *path, const char *pwd )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t n;
-    unsigned char *buf;
-
-    PK_VALIDATE_RET( ctx != NULL );
-    PK_VALIDATE_RET( path != NULL );
-
-    if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 )
-        return( ret );
-
-    if( pwd == NULL )
-        ret = mbedtls_pk_parse_key( ctx, buf, n, NULL, 0 );
-    else
-        ret = mbedtls_pk_parse_key( ctx, buf, n,
-                (const unsigned char *) pwd, strlen( pwd ) );
-
-    mbedtls_platform_zeroize( buf, n );
-    mbedtls_free( buf );
-
-    return( ret );
-}
-
-/*
- * Load and parse a public key
- */
-int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t n;
-    unsigned char *buf;
-
-    PK_VALIDATE_RET( ctx != NULL );
-    PK_VALIDATE_RET( path != NULL );
-
-    if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 )
-        return( ret );
-
-    ret = mbedtls_pk_parse_public_key( ctx, buf, n );
-
-    mbedtls_platform_zeroize( buf, n );
-    mbedtls_free( buf );
-
-    return( ret );
-}
-#endif /* MBEDTLS_FS_IO */
-
-#if defined(MBEDTLS_ECP_C)
-/* Minimally parse an ECParameters buffer to and mbedtls_asn1_buf
- *
- * ECParameters ::= CHOICE {
- *   namedCurve         OBJECT IDENTIFIER
- *   specifiedCurve     SpecifiedECDomain -- = SEQUENCE { ... }
- *   -- implicitCurve   NULL
- * }
- */
-static int pk_get_ecparams( unsigned char **p, const unsigned char *end,
-                            mbedtls_asn1_buf *params )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if ( end - *p < 1 )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
-                MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
-    /* Tag may be either OID or SEQUENCE */
-    params->tag = **p;
-    if( params->tag != MBEDTLS_ASN1_OID
-#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED)
-            && params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE )
-#endif
-            )
-    {
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
-                MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
-    }
-
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &params->len, params->tag ) ) != 0 )
-    {
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-    }
-
-    params->p = *p;
-    *p += params->len;
-
-    if( *p != end )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED)
-/*
- * Parse a SpecifiedECDomain (SEC 1 C.2) and (mostly) fill the group with it.
- * WARNING: the resulting group should only be used with
- * pk_group_id_from_specified(), since its base point may not be set correctly
- * if it was encoded compressed.
- *
- *  SpecifiedECDomain ::= SEQUENCE {
- *      version SpecifiedECDomainVersion(ecdpVer1 | ecdpVer2 | ecdpVer3, ...),
- *      fieldID FieldID {{FieldTypes}},
- *      curve Curve,
- *      base ECPoint,
- *      order INTEGER,
- *      cofactor INTEGER OPTIONAL,
- *      hash HashAlgorithm OPTIONAL,
- *      ...
- *  }
- *
- * We only support prime-field as field type, and ignore hash and cofactor.
- */
-static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *p = params->p;
-    const unsigned char * const end = params->p + params->len;
-    const unsigned char *end_field, *end_curve;
-    size_t len;
-    int ver;
-
-    /* SpecifiedECDomainVersion ::= INTEGER { 1, 2, 3 } */
-    if( ( ret = mbedtls_asn1_get_int( &p, end, &ver ) ) != 0 )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-
-    if( ver < 1 || ver > 3 )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
-
-    /*
-     * FieldID { FIELD-ID:IOSet } ::= SEQUENCE { -- Finite field
-     *       fieldType FIELD-ID.&id({IOSet}),
-     *       parameters FIELD-ID.&Type({IOSet}{@fieldType})
-     * }
-     */
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-        return( ret );
-
-    end_field = p + len;
-
-    /*
-     * FIELD-ID ::= TYPE-IDENTIFIER
-     * FieldTypes FIELD-ID ::= {
-     *       { Prime-p IDENTIFIED BY prime-field } |
-     *       { Characteristic-two IDENTIFIED BY characteristic-two-field }
-     * }
-     * prime-field OBJECT IDENTIFIER ::= { id-fieldType 1 }
-     */
-    if( ( ret = mbedtls_asn1_get_tag( &p, end_field, &len, MBEDTLS_ASN1_OID ) ) != 0 )
-        return( ret );
-
-    if( len != MBEDTLS_OID_SIZE( MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD ) ||
-        memcmp( p, MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD, len ) != 0 )
-    {
-        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
-    }
-
-    p += len;
-
-    /* Prime-p ::= INTEGER -- Field of size p. */
-    if( ( ret = mbedtls_asn1_get_mpi( &p, end_field, &grp->P ) ) != 0 )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-
-    grp->pbits = mbedtls_mpi_bitlen( &grp->P );
-
-    if( p != end_field )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    /*
-     * Curve ::= SEQUENCE {
-     *       a FieldElement,
-     *       b FieldElement,
-     *       seed BIT STRING OPTIONAL
-     *       -- Shall be present if used in SpecifiedECDomain
-     *       -- with version equal to ecdpVer2 or ecdpVer3
-     * }
-     */
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-        return( ret );
-
-    end_curve = p + len;
-
-    /*
-     * FieldElement ::= OCTET STRING
-     * containing an integer in the case of a prime field
-     */
-    if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ||
-        ( ret = mbedtls_mpi_read_binary( &grp->A, p, len ) ) != 0 )
-    {
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-    }
-
-    p += len;
-
-    if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ||
-        ( ret = mbedtls_mpi_read_binary( &grp->B, p, len ) ) != 0 )
-    {
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-    }
-
-    p += len;
-
-    /* Ignore seed BIT STRING OPTIONAL */
-    if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_BIT_STRING ) ) == 0 )
-        p += len;
-
-    if( p != end_curve )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    /*
-     * ECPoint ::= OCTET STRING
-     */
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-
-    if( ( ret = mbedtls_ecp_point_read_binary( grp, &grp->G,
-                                      ( const unsigned char *) p, len ) ) != 0 )
-    {
-        /*
-         * If we can't read the point because it's compressed, cheat by
-         * reading only the X coordinate and the parity bit of Y.
-         */
-        if( ret != MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ||
-            ( p[0] != 0x02 && p[0] != 0x03 ) ||
-            len != mbedtls_mpi_size( &grp->P ) + 1 ||
-            mbedtls_mpi_read_binary( &grp->G.X, p + 1, len - 1 ) != 0 ||
-            mbedtls_mpi_lset( &grp->G.Y, p[0] - 2 ) != 0 ||
-            mbedtls_mpi_lset( &grp->G.Z, 1 ) != 0 )
-        {
-            return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
-        }
-    }
-
-    p += len;
-
-    /*
-     * order INTEGER
-     */
-    if( ( ret = mbedtls_asn1_get_mpi( &p, end, &grp->N ) ) != 0 )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-
-    grp->nbits = mbedtls_mpi_bitlen( &grp->N );
-
-    /*
-     * Allow optional elements by purposefully not enforcing p == end here.
-     */
-
-    return( 0 );
-}
-
-/*
- * Find the group id associated with an (almost filled) group as generated by
- * pk_group_from_specified(), or return an error if unknown.
- */
-static int pk_group_id_from_group( const mbedtls_ecp_group *grp, mbedtls_ecp_group_id *grp_id )
-{
-    int ret = 0;
-    mbedtls_ecp_group ref;
-    const mbedtls_ecp_group_id *id;
-
-    mbedtls_ecp_group_init( &ref );
-
-    for( id = mbedtls_ecp_grp_id_list(); *id != MBEDTLS_ECP_DP_NONE; id++ )
-    {
-        /* Load the group associated to that id */
-        mbedtls_ecp_group_free( &ref );
-        MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ref, *id ) );
-
-        /* Compare to the group we were given, starting with easy tests */
-        if( grp->pbits == ref.pbits && grp->nbits == ref.nbits &&
-            mbedtls_mpi_cmp_mpi( &grp->P, &ref.P ) == 0 &&
-            mbedtls_mpi_cmp_mpi( &grp->A, &ref.A ) == 0 &&
-            mbedtls_mpi_cmp_mpi( &grp->B, &ref.B ) == 0 &&
-            mbedtls_mpi_cmp_mpi( &grp->N, &ref.N ) == 0 &&
-            mbedtls_mpi_cmp_mpi( &grp->G.X, &ref.G.X ) == 0 &&
-            mbedtls_mpi_cmp_mpi( &grp->G.Z, &ref.G.Z ) == 0 &&
-            /* For Y we may only know the parity bit, so compare only that */
-            mbedtls_mpi_get_bit( &grp->G.Y, 0 ) == mbedtls_mpi_get_bit( &ref.G.Y, 0 ) )
-        {
-            break;
-        }
-
-    }
-
-cleanup:
-    mbedtls_ecp_group_free( &ref );
-
-    *grp_id = *id;
-
-    if( ret == 0 && *id == MBEDTLS_ECP_DP_NONE )
-        ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
-
-    return( ret );
-}
-
-/*
- * Parse a SpecifiedECDomain (SEC 1 C.2) and find the associated group ID
- */
-static int pk_group_id_from_specified( const mbedtls_asn1_buf *params,
-                                       mbedtls_ecp_group_id *grp_id )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ecp_group grp;
-
-    mbedtls_ecp_group_init( &grp );
-
-    if( ( ret = pk_group_from_specified( params, &grp ) ) != 0 )
-        goto cleanup;
-
-    ret = pk_group_id_from_group( &grp, grp_id );
-
-cleanup:
-    mbedtls_ecp_group_free( &grp );
-
-    return( ret );
-}
-#endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */
-
-/*
- * Use EC parameters to initialise an EC group
- *
- * ECParameters ::= CHOICE {
- *   namedCurve         OBJECT IDENTIFIER
- *   specifiedCurve     SpecifiedECDomain -- = SEQUENCE { ... }
- *   -- implicitCurve   NULL
- */
-static int pk_use_ecparams( const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ecp_group_id grp_id;
-
-    if( params->tag == MBEDTLS_ASN1_OID )
-    {
-        if( mbedtls_oid_get_ec_grp( params, &grp_id ) != 0 )
-            return( MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE );
-    }
-    else
-    {
-#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED)
-        if( ( ret = pk_group_id_from_specified( params, &grp_id ) ) != 0 )
-            return( ret );
-#else
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
-#endif
-    }
-
-    /*
-     * grp may already be initilialized; if so, make sure IDs match
-     */
-    if( grp->id != MBEDTLS_ECP_DP_NONE && grp->id != grp_id )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
-
-    if( ( ret = mbedtls_ecp_group_load( grp, grp_id ) ) != 0 )
-        return( ret );
-
-    return( 0 );
-}
-
-/*
- * EC public key is an EC point
- *
- * The caller is responsible for clearing the structure upon failure if
- * desired. Take care to pass along the possible ECP_FEATURE_UNAVAILABLE
- * return code of mbedtls_ecp_point_read_binary() and leave p in a usable state.
- */
-static int pk_get_ecpubkey( unsigned char **p, const unsigned char *end,
-                            mbedtls_ecp_keypair *key )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ( ret = mbedtls_ecp_point_read_binary( &key->grp, &key->Q,
-                    (const unsigned char *) *p, end - *p ) ) == 0 )
-    {
-        ret = mbedtls_ecp_check_pubkey( &key->grp, &key->Q );
-    }
-
-    /*
-     * We know mbedtls_ecp_point_read_binary consumed all bytes or failed
-     */
-    *p = (unsigned char *) end;
-
-    return( ret );
-}
-#endif /* MBEDTLS_ECP_C */
-
-#if defined(MBEDTLS_RSA_C)
-/*
- *  RSAPublicKey ::= SEQUENCE {
- *      modulus           INTEGER,  -- n
- *      publicExponent    INTEGER   -- e
- *  }
- */
-static int pk_get_rsapubkey( unsigned char **p,
-                             const unsigned char *end,
-                             mbedtls_rsa_context *rsa )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-        return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret );
-
-    if( *p + len != end )
-        return( MBEDTLS_ERR_PK_INVALID_PUBKEY +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    /* Import N */
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
-        return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret );
-
-    if( ( ret = mbedtls_rsa_import_raw( rsa, *p, len, NULL, 0, NULL, 0,
-                                        NULL, 0, NULL, 0 ) ) != 0 )
-        return( MBEDTLS_ERR_PK_INVALID_PUBKEY );
-
-    *p += len;
-
-    /* Import E */
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
-        return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret );
-
-    if( ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, NULL, 0,
-                                        NULL, 0, *p, len ) ) != 0 )
-        return( MBEDTLS_ERR_PK_INVALID_PUBKEY );
-
-    *p += len;
-
-    if( mbedtls_rsa_complete( rsa ) != 0 ||
-        mbedtls_rsa_check_pubkey( rsa ) != 0 )
-    {
-        return( MBEDTLS_ERR_PK_INVALID_PUBKEY );
-    }
-
-    if( *p != end )
-        return( MBEDTLS_ERR_PK_INVALID_PUBKEY +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_RSA_C */
-
-/* Get a PK algorithm identifier
- *
- *  AlgorithmIdentifier  ::=  SEQUENCE  {
- *       algorithm               OBJECT IDENTIFIER,
- *       parameters              ANY DEFINED BY algorithm OPTIONAL  }
- */
-static int pk_get_pk_alg( unsigned char **p,
-                          const unsigned char *end,
-                          mbedtls_pk_type_t *pk_alg, mbedtls_asn1_buf *params )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_asn1_buf alg_oid;
-
-    memset( params, 0, sizeof(mbedtls_asn1_buf) );
-
-    if( ( ret = mbedtls_asn1_get_alg( p, end, &alg_oid, params ) ) != 0 )
-        return( MBEDTLS_ERR_PK_INVALID_ALG + ret );
-
-    if( mbedtls_oid_get_pk_alg( &alg_oid, pk_alg ) != 0 )
-        return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
-
-    /*
-     * No parameters with RSA (only for EC)
-     */
-    if( *pk_alg == MBEDTLS_PK_RSA &&
-            ( ( params->tag != MBEDTLS_ASN1_NULL && params->tag != 0 ) ||
-                params->len != 0 ) )
-    {
-        return( MBEDTLS_ERR_PK_INVALID_ALG );
-    }
-
-    return( 0 );
-}
-
-/*
- *  SubjectPublicKeyInfo  ::=  SEQUENCE  {
- *       algorithm            AlgorithmIdentifier,
- *       subjectPublicKey     BIT STRING }
- */
-int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end,
-                        mbedtls_pk_context *pk )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-    mbedtls_asn1_buf alg_params;
-    mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE;
-    const mbedtls_pk_info_t *pk_info;
-
-    PK_VALIDATE_RET( p != NULL );
-    PK_VALIDATE_RET( *p != NULL );
-    PK_VALIDATE_RET( end != NULL );
-    PK_VALIDATE_RET( pk != NULL );
-
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
-                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-    }
-
-    end = *p + len;
-
-    if( ( ret = pk_get_pk_alg( p, end, &pk_alg, &alg_params ) ) != 0 )
-        return( ret );
-
-    if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 )
-        return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret );
-
-    if( *p + len != end )
-        return( MBEDTLS_ERR_PK_INVALID_PUBKEY +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    if( ( pk_info = mbedtls_pk_info_from_type( pk_alg ) ) == NULL )
-        return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
-
-    if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 )
-        return( ret );
-
-#if defined(MBEDTLS_RSA_C)
-    if( pk_alg == MBEDTLS_PK_RSA )
-    {
-        ret = pk_get_rsapubkey( p, end, mbedtls_pk_rsa( *pk ) );
-    } else
-#endif /* MBEDTLS_RSA_C */
-#if defined(MBEDTLS_ECP_C)
-    if( pk_alg == MBEDTLS_PK_ECKEY_DH || pk_alg == MBEDTLS_PK_ECKEY )
-    {
-        ret = pk_use_ecparams( &alg_params, &mbedtls_pk_ec( *pk )->grp );
-        if( ret == 0 )
-            ret = pk_get_ecpubkey( p, end, mbedtls_pk_ec( *pk ) );
-    } else
-#endif /* MBEDTLS_ECP_C */
-        ret = MBEDTLS_ERR_PK_UNKNOWN_PK_ALG;
-
-    if( ret == 0 && *p != end )
-        ret = MBEDTLS_ERR_PK_INVALID_PUBKEY +
-              MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
-
-    if( ret != 0 )
-        mbedtls_pk_free( pk );
-
-    return( ret );
-}
-
-#if defined(MBEDTLS_RSA_C)
-/*
- * Wrapper around mbedtls_asn1_get_mpi() that rejects zero.
- *
- * The value zero is:
- * - never a valid value for an RSA parameter
- * - interpreted as "omitted, please reconstruct" by mbedtls_rsa_complete().
- *
- * Since values can't be omitted in PKCS#1, passing a zero value to
- * rsa_complete() would be incorrect, so reject zero values early.
- */
-static int asn1_get_nonzero_mpi( unsigned char **p,
-                                 const unsigned char *end,
-                                 mbedtls_mpi *X )
-{
-    int ret;
-
-    ret = mbedtls_asn1_get_mpi( p, end, X );
-    if( ret != 0 )
-        return( ret );
-
-    if( mbedtls_mpi_cmp_int( X, 0 ) == 0 )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
-
-    return( 0 );
-}
-
-/*
- * Parse a PKCS#1 encoded private RSA key
- */
-static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa,
-                                   const unsigned char *key,
-                                   size_t keylen )
-{
-    int ret, version;
-    size_t len;
-    unsigned char *p, *end;
-
-    mbedtls_mpi T;
-    mbedtls_mpi_init( &T );
-
-    p = (unsigned char *) key;
-    end = p + keylen;
-
-    /*
-     * This function parses the RSAPrivateKey (PKCS#1)
-     *
-     *  RSAPrivateKey ::= SEQUENCE {
-     *      version           Version,
-     *      modulus           INTEGER,  -- n
-     *      publicExponent    INTEGER,  -- e
-     *      privateExponent   INTEGER,  -- d
-     *      prime1            INTEGER,  -- p
-     *      prime2            INTEGER,  -- q
-     *      exponent1         INTEGER,  -- d mod (p-1)
-     *      exponent2         INTEGER,  -- d mod (q-1)
-     *      coefficient       INTEGER,  -- (inverse of q) mod p
-     *      otherPrimeInfos   OtherPrimeInfos OPTIONAL
-     *  }
-     */
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-    }
-
-    end = p + len;
-
-    if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 )
-    {
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-    }
-
-    if( version != 0 )
-    {
-        return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION );
-    }
-
-    /* Import N */
-    if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
-        ( ret = mbedtls_rsa_import( rsa, &T, NULL, NULL,
-                                        NULL, NULL ) ) != 0 )
-        goto cleanup;
-
-    /* Import E */
-    if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
-        ( ret = mbedtls_rsa_import( rsa, NULL, NULL, NULL,
-                                        NULL, &T ) ) != 0 )
-        goto cleanup;
-
-    /* Import D */
-    if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
-        ( ret = mbedtls_rsa_import( rsa, NULL, NULL, NULL,
-                                        &T, NULL ) ) != 0 )
-        goto cleanup;
-
-    /* Import P */
-    if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
-        ( ret = mbedtls_rsa_import( rsa, NULL, &T, NULL,
-                                        NULL, NULL ) ) != 0 )
-        goto cleanup;
-
-    /* Import Q */
-    if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
-        ( ret = mbedtls_rsa_import( rsa, NULL, NULL, &T,
-                                        NULL, NULL ) ) != 0 )
-        goto cleanup;
-
-#if !defined(MBEDTLS_RSA_NO_CRT) && !defined(MBEDTLS_RSA_ALT)
-    /*
-    * The RSA CRT parameters DP, DQ and QP are nominally redundant, in
-    * that they can be easily recomputed from D, P and Q. However by
-    * parsing them from the PKCS1 structure it is possible to avoid
-    * recalculating them which both reduces the overhead of loading
-    * RSA private keys into memory and also avoids side channels which
-    * can arise when computing those values, since all of D, P, and Q
-    * are secret. See https://eprint.iacr.org/2020/055 for a
-    * description of one such attack.
-    */
-
-    /* Import DP */
-    if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
-        ( ret = mbedtls_mpi_copy( &rsa->DP, &T ) ) != 0 )
-       goto cleanup;
-
-    /* Import DQ */
-    if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
-        ( ret = mbedtls_mpi_copy( &rsa->DQ, &T ) ) != 0 )
-       goto cleanup;
-
-    /* Import QP */
-    if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
-        ( ret = mbedtls_mpi_copy( &rsa->QP, &T ) ) != 0 )
-       goto cleanup;
-
-#else
-    /* Verify existance of the CRT params */
-    if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
-        ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
-        ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 )
-       goto cleanup;
-#endif
-
-    /* rsa_complete() doesn't complete anything with the default
-     * implementation but is still called:
-     * - for the benefit of alternative implementation that may want to
-     *   pre-compute stuff beyond what's provided (eg Montgomery factors)
-     * - as is also sanity-checks the key
-     *
-     * Furthermore, we also check the public part for consistency with
-     * mbedtls_pk_parse_pubkey(), as it includes size minima for example.
-     */
-    if( ( ret = mbedtls_rsa_complete( rsa ) ) != 0 ||
-        ( ret = mbedtls_rsa_check_pubkey( rsa ) ) != 0 )
-    {
-        goto cleanup;
-    }
-
-    if( p != end )
-    {
-        ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
-              MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ;
-    }
-
-cleanup:
-
-    mbedtls_mpi_free( &T );
-
-    if( ret != 0 )
-    {
-        /* Wrap error code if it's coming from a lower level */
-        if( ( ret & 0xff80 ) == 0 )
-            ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret;
-        else
-            ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
-
-        mbedtls_rsa_free( rsa );
-    }
-
-    return( ret );
-}
-#endif /* MBEDTLS_RSA_C */
-
-#if defined(MBEDTLS_ECP_C)
-/*
- * Parse a SEC1 encoded private EC key
- */
-static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck,
-                                  const unsigned char *key,
-                                  size_t keylen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    int version, pubkey_done;
-    size_t len;
-    mbedtls_asn1_buf params;
-    unsigned char *p = (unsigned char *) key;
-    unsigned char *end = p + keylen;
-    unsigned char *end2;
-
-    /*
-     * RFC 5915, or SEC1 Appendix C.4
-     *
-     * ECPrivateKey ::= SEQUENCE {
-     *      version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
-     *      privateKey     OCTET STRING,
-     *      parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
-     *      publicKey  [1] BIT STRING OPTIONAL
-     *    }
-     */
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-    }
-
-    end = p + len;
-
-    if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-
-    if( version != 1 )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION );
-
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-
-    if( ( ret = mbedtls_mpi_read_binary( &eck->d, p, len ) ) != 0 )
-    {
-        mbedtls_ecp_keypair_free( eck );
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-    }
-
-    p += len;
-
-    pubkey_done = 0;
-    if( p != end )
-    {
-        /*
-         * Is 'parameters' present?
-         */
-        if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-                        MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) == 0 )
-        {
-            if( ( ret = pk_get_ecparams( &p, p + len, &params) ) != 0 ||
-                ( ret = pk_use_ecparams( &params, &eck->grp )  ) != 0 )
-            {
-                mbedtls_ecp_keypair_free( eck );
-                return( ret );
-            }
-        }
-        else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
-        {
-            mbedtls_ecp_keypair_free( eck );
-            return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-        }
-    }
-
-    if( p != end )
-    {
-        /*
-         * Is 'publickey' present? If not, or if we can't read it (eg because it
-         * is compressed), create it from the private key.
-         */
-        if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-                        MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) ) == 0 )
-        {
-            end2 = p + len;
-
-            if( ( ret = mbedtls_asn1_get_bitstring_null( &p, end2, &len ) ) != 0 )
-                return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-
-            if( p + len != end2 )
-                return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
-                        MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-            if( ( ret = pk_get_ecpubkey( &p, end2, eck ) ) == 0 )
-                pubkey_done = 1;
-            else
-            {
-                /*
-                 * The only acceptable failure mode of pk_get_ecpubkey() above
-                 * is if the point format is not recognized.
-                 */
-                if( ret != MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE )
-                    return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
-            }
-        }
-        else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
-        {
-            mbedtls_ecp_keypair_free( eck );
-            return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-        }
-    }
-
-    if( ! pubkey_done &&
-        ( ret = mbedtls_ecp_mul( &eck->grp, &eck->Q, &eck->d, &eck->grp.G,
-                                                      NULL, NULL ) ) != 0 )
-    {
-        mbedtls_ecp_keypair_free( eck );
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-    }
-
-    if( ( ret = mbedtls_ecp_check_privkey( &eck->grp, &eck->d ) ) != 0 )
-    {
-        mbedtls_ecp_keypair_free( eck );
-        return( ret );
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_ECP_C */
-
-/*
- * Parse an unencrypted PKCS#8 encoded private key
- *
- * Notes:
- *
- * - This function does not own the key buffer. It is the
- *   responsibility of the caller to take care of zeroizing
- *   and freeing it after use.
- *
- * - The function is responsible for freeing the provided
- *   PK context on failure.
- *
- */
-static int pk_parse_key_pkcs8_unencrypted_der(
-                                    mbedtls_pk_context *pk,
-                                    const unsigned char* key,
-                                    size_t keylen )
-{
-    int ret, version;
-    size_t len;
-    mbedtls_asn1_buf params;
-    unsigned char *p = (unsigned char *) key;
-    unsigned char *end = p + keylen;
-    mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE;
-    const mbedtls_pk_info_t *pk_info;
-
-    /*
-     * This function parses the PrivateKeyInfo object (PKCS#8 v1.2 = RFC 5208)
-     *
-     *    PrivateKeyInfo ::= SEQUENCE {
-     *      version                   Version,
-     *      privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
-     *      privateKey                PrivateKey,
-     *      attributes           [0]  IMPLICIT Attributes OPTIONAL }
-     *
-     *    Version ::= INTEGER
-     *    PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
-     *    PrivateKey ::= OCTET STRING
-     *
-     *  The PrivateKey OCTET STRING is a SEC1 ECPrivateKey
-     */
-
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-    }
-
-    end = p + len;
-
-    if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-
-    if( version != 0 )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION + ret );
-
-    if( ( ret = pk_get_pk_alg( &p, end, &pk_alg, &params ) ) != 0 )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-
-    if( len < 1 )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
-                MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
-    if( ( pk_info = mbedtls_pk_info_from_type( pk_alg ) ) == NULL )
-        return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
-
-    if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 )
-        return( ret );
-
-#if defined(MBEDTLS_RSA_C)
-    if( pk_alg == MBEDTLS_PK_RSA )
-    {
-        if( ( ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ), p, len ) ) != 0 )
-        {
-            mbedtls_pk_free( pk );
-            return( ret );
-        }
-    } else
-#endif /* MBEDTLS_RSA_C */
-#if defined(MBEDTLS_ECP_C)
-    if( pk_alg == MBEDTLS_PK_ECKEY || pk_alg == MBEDTLS_PK_ECKEY_DH )
-    {
-        if( ( ret = pk_use_ecparams( &params, &mbedtls_pk_ec( *pk )->grp ) ) != 0 ||
-            ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), p, len )  ) != 0 )
-        {
-            mbedtls_pk_free( pk );
-            return( ret );
-        }
-    } else
-#endif /* MBEDTLS_ECP_C */
-        return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
-
-    return( 0 );
-}
-
-/*
- * Parse an encrypted PKCS#8 encoded private key
- *
- * To save space, the decryption happens in-place on the given key buffer.
- * Also, while this function may modify the keybuffer, it doesn't own it,
- * and instead it is the responsibility of the caller to zeroize and properly
- * free it after use.
- *
- */
-#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
-static int pk_parse_key_pkcs8_encrypted_der(
-                                    mbedtls_pk_context *pk,
-                                    unsigned char *key, size_t keylen,
-                                    const unsigned char *pwd, size_t pwdlen )
-{
-    int ret, decrypted = 0;
-    size_t len;
-    unsigned char *buf;
-    unsigned char *p, *end;
-    mbedtls_asn1_buf pbe_alg_oid, pbe_params;
-#if defined(MBEDTLS_PKCS12_C)
-    mbedtls_cipher_type_t cipher_alg;
-    mbedtls_md_type_t md_alg;
-#endif
-
-    p = key;
-    end = p + keylen;
-
-    if( pwdlen == 0 )
-        return( MBEDTLS_ERR_PK_PASSWORD_REQUIRED );
-
-    /*
-     * This function parses the EncryptedPrivateKeyInfo object (PKCS#8)
-     *
-     *  EncryptedPrivateKeyInfo ::= SEQUENCE {
-     *    encryptionAlgorithm  EncryptionAlgorithmIdentifier,
-     *    encryptedData        EncryptedData
-     *  }
-     *
-     *  EncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
-     *
-     *  EncryptedData ::= OCTET STRING
-     *
-     *  The EncryptedData OCTET STRING is a PKCS#8 PrivateKeyInfo
-     *
-     */
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-    }
-
-    end = p + len;
-
-    if( ( ret = mbedtls_asn1_get_alg( &p, end, &pbe_alg_oid, &pbe_params ) ) != 0 )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
-
-    buf = p;
-
-    /*
-     * Decrypt EncryptedData with appropriate PBE
-     */
-#if defined(MBEDTLS_PKCS12_C)
-    if( mbedtls_oid_get_pkcs12_pbe_alg( &pbe_alg_oid, &md_alg, &cipher_alg ) == 0 )
-    {
-        if( ( ret = mbedtls_pkcs12_pbe( &pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT,
-                                cipher_alg, md_alg,
-                                pwd, pwdlen, p, len, buf ) ) != 0 )
-        {
-            if( ret == MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH )
-                return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH );
-
-            return( ret );
-        }
-
-        decrypted = 1;
-    }
-    else if( MBEDTLS_OID_CMP( MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128, &pbe_alg_oid ) == 0 )
-    {
-        if( ( ret = mbedtls_pkcs12_pbe_sha1_rc4_128( &pbe_params,
-                                             MBEDTLS_PKCS12_PBE_DECRYPT,
-                                             pwd, pwdlen,
-                                             p, len, buf ) ) != 0 )
-        {
-            return( ret );
-        }
-
-        // Best guess for password mismatch when using RC4. If first tag is
-        // not MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE
-        //
-        if( *buf != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
-            return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH );
-
-        decrypted = 1;
-    }
-    else
-#endif /* MBEDTLS_PKCS12_C */
-#if defined(MBEDTLS_PKCS5_C)
-    if( MBEDTLS_OID_CMP( MBEDTLS_OID_PKCS5_PBES2, &pbe_alg_oid ) == 0 )
-    {
-        if( ( ret = mbedtls_pkcs5_pbes2( &pbe_params, MBEDTLS_PKCS5_DECRYPT, pwd, pwdlen,
-                                  p, len, buf ) ) != 0 )
-        {
-            if( ret == MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH )
-                return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH );
-
-            return( ret );
-        }
-
-        decrypted = 1;
-    }
-    else
-#endif /* MBEDTLS_PKCS5_C */
-    {
-        ((void) pwd);
-    }
-
-    if( decrypted == 0 )
-        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
-
-    return( pk_parse_key_pkcs8_unencrypted_der( pk, buf, len ) );
-}
-#endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */
-
-/*
- * Parse a private key
- */
-int mbedtls_pk_parse_key( mbedtls_pk_context *pk,
-                  const unsigned char *key, size_t keylen,
-                  const unsigned char *pwd, size_t pwdlen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const mbedtls_pk_info_t *pk_info;
-#if defined(MBEDTLS_PEM_PARSE_C)
-    size_t len;
-    mbedtls_pem_context pem;
-#endif
-
-    PK_VALIDATE_RET( pk != NULL );
-    if( keylen == 0 )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
-    PK_VALIDATE_RET( key != NULL );
-
-#if defined(MBEDTLS_PEM_PARSE_C)
-   mbedtls_pem_init( &pem );
-
-#if defined(MBEDTLS_RSA_C)
-    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
-    if( key[keylen - 1] != '\0' )
-        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
-    else
-        ret = mbedtls_pem_read_buffer( &pem,
-                               "-----BEGIN RSA PRIVATE KEY-----",
-                               "-----END RSA PRIVATE KEY-----",
-                               key, pwd, pwdlen, &len );
-
-    if( ret == 0 )
-    {
-        pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA );
-        if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
-            ( ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ),
-                                            pem.buf, pem.buflen ) ) != 0 )
-        {
-            mbedtls_pk_free( pk );
-        }
-
-        mbedtls_pem_free( &pem );
-        return( ret );
-    }
-    else if( ret == MBEDTLS_ERR_PEM_PASSWORD_MISMATCH )
-        return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH );
-    else if( ret == MBEDTLS_ERR_PEM_PASSWORD_REQUIRED )
-        return( MBEDTLS_ERR_PK_PASSWORD_REQUIRED );
-    else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
-        return( ret );
-#endif /* MBEDTLS_RSA_C */
-
-#if defined(MBEDTLS_ECP_C)
-    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
-    if( key[keylen - 1] != '\0' )
-        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
-    else
-        ret = mbedtls_pem_read_buffer( &pem,
-                               "-----BEGIN EC PRIVATE KEY-----",
-                               "-----END EC PRIVATE KEY-----",
-                               key, pwd, pwdlen, &len );
-    if( ret == 0 )
-    {
-        pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY );
-
-        if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
-            ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ),
-                                           pem.buf, pem.buflen ) ) != 0 )
-        {
-            mbedtls_pk_free( pk );
-        }
-
-        mbedtls_pem_free( &pem );
-        return( ret );
-    }
-    else if( ret == MBEDTLS_ERR_PEM_PASSWORD_MISMATCH )
-        return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH );
-    else if( ret == MBEDTLS_ERR_PEM_PASSWORD_REQUIRED )
-        return( MBEDTLS_ERR_PK_PASSWORD_REQUIRED );
-    else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
-        return( ret );
-#endif /* MBEDTLS_ECP_C */
-
-    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
-    if( key[keylen - 1] != '\0' )
-        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
-    else
-        ret = mbedtls_pem_read_buffer( &pem,
-                               "-----BEGIN PRIVATE KEY-----",
-                               "-----END PRIVATE KEY-----",
-                               key, NULL, 0, &len );
-    if( ret == 0 )
-    {
-        if( ( ret = pk_parse_key_pkcs8_unencrypted_der( pk,
-                                                pem.buf, pem.buflen ) ) != 0 )
-        {
-            mbedtls_pk_free( pk );
-        }
-
-        mbedtls_pem_free( &pem );
-        return( ret );
-    }
-    else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
-        return( ret );
-
-#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
-    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
-    if( key[keylen - 1] != '\0' )
-        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
-    else
-        ret = mbedtls_pem_read_buffer( &pem,
-                               "-----BEGIN ENCRYPTED PRIVATE KEY-----",
-                               "-----END ENCRYPTED PRIVATE KEY-----",
-                               key, NULL, 0, &len );
-    if( ret == 0 )
-    {
-        if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk,
-                                                      pem.buf, pem.buflen,
-                                                      pwd, pwdlen ) ) != 0 )
-        {
-            mbedtls_pk_free( pk );
-        }
-
-        mbedtls_pem_free( &pem );
-        return( ret );
-    }
-    else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
-        return( ret );
-#endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */
-#else
-    ((void) pwd);
-    ((void) pwdlen);
-#endif /* MBEDTLS_PEM_PARSE_C */
-
-    /*
-     * At this point we only know it's not a PEM formatted key. Could be any
-     * of the known DER encoded private key formats
-     *
-     * We try the different DER format parsers to see if one passes without
-     * error
-     */
-#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
-    {
-        unsigned char *key_copy;
-
-        if( ( key_copy = mbedtls_calloc( 1, keylen ) ) == NULL )
-            return( MBEDTLS_ERR_PK_ALLOC_FAILED );
-
-        memcpy( key_copy, key, keylen );
-
-        ret = pk_parse_key_pkcs8_encrypted_der( pk, key_copy, keylen,
-                                                pwd, pwdlen );
-
-        mbedtls_platform_zeroize( key_copy, keylen );
-        mbedtls_free( key_copy );
-    }
-
-    if( ret == 0 )
-        return( 0 );
-
-    mbedtls_pk_free( pk );
-    mbedtls_pk_init( pk );
-
-    if( ret == MBEDTLS_ERR_PK_PASSWORD_MISMATCH )
-    {
-        return( ret );
-    }
-#endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */
-
-    if( ( ret = pk_parse_key_pkcs8_unencrypted_der( pk, key, keylen ) ) == 0 )
-        return( 0 );
-
-    mbedtls_pk_free( pk );
-    mbedtls_pk_init( pk );
-
-#if defined(MBEDTLS_RSA_C)
-
-    pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA );
-    if( mbedtls_pk_setup( pk, pk_info ) == 0 &&
-        pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ), key, keylen ) == 0 )
-    {
-        return( 0 );
-    }
-
-    mbedtls_pk_free( pk );
-    mbedtls_pk_init( pk );
-#endif /* MBEDTLS_RSA_C */
-
-#if defined(MBEDTLS_ECP_C)
-    pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY );
-    if( mbedtls_pk_setup( pk, pk_info ) == 0 &&
-        pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ),
-                               key, keylen ) == 0 )
-    {
-        return( 0 );
-    }
-    mbedtls_pk_free( pk );
-#endif /* MBEDTLS_ECP_C */
-
-    /* If MBEDTLS_RSA_C is defined but MBEDTLS_ECP_C isn't,
-     * it is ok to leave the PK context initialized but not
-     * freed: It is the caller's responsibility to call pk_init()
-     * before calling this function, and to call pk_free()
-     * when it fails. If MBEDTLS_ECP_C is defined but MBEDTLS_RSA_C
-     * isn't, this leads to mbedtls_pk_free() being called
-     * twice, once here and once by the caller, but this is
-     * also ok and in line with the mbedtls_pk_free() calls
-     * on failed PEM parsing attempts. */
-
-    return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
-}
-
-/*
- * Parse a public key
- */
-int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
-                         const unsigned char *key, size_t keylen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *p;
-#if defined(MBEDTLS_RSA_C)
-    const mbedtls_pk_info_t *pk_info;
-#endif
-#if defined(MBEDTLS_PEM_PARSE_C)
-    size_t len;
-    mbedtls_pem_context pem;
-#endif
-
-    PK_VALIDATE_RET( ctx != NULL );
-    if( keylen == 0 )
-        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
-    PK_VALIDATE_RET( key != NULL || keylen == 0 );
-
-#if defined(MBEDTLS_PEM_PARSE_C)
-    mbedtls_pem_init( &pem );
-#if defined(MBEDTLS_RSA_C)
-    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
-    if( key[keylen - 1] != '\0' )
-        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
-    else
-        ret = mbedtls_pem_read_buffer( &pem,
-                               "-----BEGIN RSA PUBLIC KEY-----",
-                               "-----END RSA PUBLIC KEY-----",
-                               key, NULL, 0, &len );
-
-    if( ret == 0 )
-    {
-        p = pem.buf;
-        if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == NULL )
-            return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
-
-        if( ( ret = mbedtls_pk_setup( ctx, pk_info ) ) != 0 )
-            return( ret );
-
-        if ( ( ret = pk_get_rsapubkey( &p, p + pem.buflen, mbedtls_pk_rsa( *ctx ) ) ) != 0 )
-            mbedtls_pk_free( ctx );
-
-        mbedtls_pem_free( &pem );
-        return( ret );
-    }
-    else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
-    {
-        mbedtls_pem_free( &pem );
-        return( ret );
-    }
-#endif /* MBEDTLS_RSA_C */
-
-    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
-    if( key[keylen - 1] != '\0' )
-        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
-    else
-        ret = mbedtls_pem_read_buffer( &pem,
-                "-----BEGIN PUBLIC KEY-----",
-                "-----END PUBLIC KEY-----",
-                key, NULL, 0, &len );
-
-    if( ret == 0 )
-    {
-        /*
-         * Was PEM encoded
-         */
-        p = pem.buf;
-
-        ret = mbedtls_pk_parse_subpubkey( &p,  p + pem.buflen, ctx );
-        mbedtls_pem_free( &pem );
-        return( ret );
-    }
-    else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
-    {
-        mbedtls_pem_free( &pem );
-        return( ret );
-    }
-    mbedtls_pem_free( &pem );
-#endif /* MBEDTLS_PEM_PARSE_C */
-
-#if defined(MBEDTLS_RSA_C)
-    if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == NULL )
-        return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
-
-    if( ( ret = mbedtls_pk_setup( ctx, pk_info ) ) != 0 )
-        return( ret );
-
-    p = (unsigned char *)key;
-    ret = pk_get_rsapubkey( &p, p + keylen, mbedtls_pk_rsa( *ctx ) );
-    if( ret == 0 )
-    {
-        return( ret );
-    }
-    mbedtls_pk_free( ctx );
-    if( ret != ( MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) )
-    {
-        return( ret );
-    }
-#endif /* MBEDTLS_RSA_C */
-    p = (unsigned char *) key;
-
-    ret = mbedtls_pk_parse_subpubkey( &p, p + keylen, ctx );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_PK_PARSE_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/pkwrite.c b/3rdparty/mbedtls-2.25.0/library/pkwrite.c
deleted file mode 100644
index 0da3698..0000000
--- a/3rdparty/mbedtls-2.25.0/library/pkwrite.c
+++ /dev/null
@@ -1,623 +0,0 @@
-/*
- *  Public Key layer for writing key files and structures
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_PK_WRITE_C)
-
-#include "mbedtls/pk.h"
-#include "mbedtls/asn1write.h"
-#include "mbedtls/oid.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_RSA_C)
-#include "mbedtls/rsa.h"
-#endif
-#if defined(MBEDTLS_ECP_C)
-#include "mbedtls/bignum.h"
-#include "mbedtls/ecp.h"
-#include "mbedtls/platform_util.h"
-#endif
-#if defined(MBEDTLS_ECDSA_C)
-#include "mbedtls/ecdsa.h"
-#endif
-#if defined(MBEDTLS_PEM_WRITE_C)
-#include "mbedtls/pem.h"
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "psa/crypto.h"
-#include "mbedtls/psa_util.h"
-#endif
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc    calloc
-#define mbedtls_free       free
-#endif
-
-/* Parameter validation macros based on platform_util.h */
-#define PK_VALIDATE_RET( cond )    \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA )
-#define PK_VALIDATE( cond )        \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-#if defined(MBEDTLS_RSA_C)
-/*
- *  RSAPublicKey ::= SEQUENCE {
- *      modulus           INTEGER,  -- n
- *      publicExponent    INTEGER   -- e
- *  }
- */
-static int pk_write_rsa_pubkey( unsigned char **p, unsigned char *start,
-                                mbedtls_rsa_context *rsa )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-    mbedtls_mpi T;
-
-    mbedtls_mpi_init( &T );
-
-    /* Export E */
-    if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL, NULL, NULL, &T ) ) != 0 ||
-         ( ret = mbedtls_asn1_write_mpi( p, start, &T ) ) < 0 )
-        goto end_of_export;
-    len += ret;
-
-    /* Export N */
-    if ( ( ret = mbedtls_rsa_export( rsa, &T, NULL, NULL, NULL, NULL ) ) != 0 ||
-         ( ret = mbedtls_asn1_write_mpi( p, start, &T ) ) < 0 )
-        goto end_of_export;
-    len += ret;
-
-end_of_export:
-
-    mbedtls_mpi_free( &T );
-    if( ret < 0 )
-        return( ret );
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED |
-                                                 MBEDTLS_ASN1_SEQUENCE ) );
-
-    return( (int) len );
-}
-#endif /* MBEDTLS_RSA_C */
-
-#if defined(MBEDTLS_ECP_C)
-/*
- * EC public key is an EC point
- */
-static int pk_write_ec_pubkey( unsigned char **p, unsigned char *start,
-                               mbedtls_ecp_keypair *ec )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-    unsigned char buf[MBEDTLS_ECP_MAX_PT_LEN];
-
-    if( ( ret = mbedtls_ecp_point_write_binary( &ec->grp, &ec->Q,
-                                        MBEDTLS_ECP_PF_UNCOMPRESSED,
-                                        &len, buf, sizeof( buf ) ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    if( *p < start || (size_t)( *p - start ) < len )
-        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-    *p -= len;
-    memcpy( *p, buf, len );
-
-    return( (int) len );
-}
-
-/*
- * ECParameters ::= CHOICE {
- *   namedCurve         OBJECT IDENTIFIER
- * }
- */
-static int pk_write_ec_param( unsigned char **p, unsigned char *start,
-                              mbedtls_ecp_keypair *ec )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-    const char *oid;
-    size_t oid_len;
-
-    if( ( ret = mbedtls_oid_get_oid_by_ec_grp( ec->grp.id, &oid, &oid_len ) ) != 0 )
-        return( ret );
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) );
-
-    return( (int) len );
-}
-
-/*
- * privateKey  OCTET STRING -- always of length ceil(log2(n)/8)
- */
-static int pk_write_ec_private( unsigned char **p, unsigned char *start,
-                                mbedtls_ecp_keypair *ec )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t byte_length = ( ec->grp.pbits + 7 ) / 8;
-    unsigned char tmp[MBEDTLS_ECP_MAX_BYTES];
-
-    ret = mbedtls_ecp_write_key( ec, tmp, byte_length );
-    if( ret != 0 )
-        goto exit;
-    ret = mbedtls_asn1_write_octet_string( p, start, tmp, byte_length );
-
-exit:
-    mbedtls_platform_zeroize( tmp, byte_length );
-    return( ret );
-}
-#endif /* MBEDTLS_ECP_C */
-
-int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
-                             const mbedtls_pk_context *key )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-
-    PK_VALIDATE_RET( p != NULL );
-    PK_VALIDATE_RET( *p != NULL );
-    PK_VALIDATE_RET( start != NULL );
-    PK_VALIDATE_RET( key != NULL );
-
-#if defined(MBEDTLS_RSA_C)
-    if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA )
-        MBEDTLS_ASN1_CHK_ADD( len, pk_write_rsa_pubkey( p, start, mbedtls_pk_rsa( *key ) ) );
-    else
-#endif
-#if defined(MBEDTLS_ECP_C)
-    if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY )
-        MBEDTLS_ASN1_CHK_ADD( len, pk_write_ec_pubkey( p, start, mbedtls_pk_ec( *key ) ) );
-    else
-#endif
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_OPAQUE )
-    {
-        size_t buffer_size;
-        psa_key_id_t* key_id = (psa_key_id_t*) key->pk_ctx;
-
-        if ( *p < start )
-            return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-        buffer_size = (size_t)( *p - start );
-        if ( psa_export_public_key( *key_id, start, buffer_size, &len )
-             != PSA_SUCCESS )
-        {
-            return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-        }
-        else
-        {
-            *p -= len;
-            memmove( *p, start, len );
-        }
-    }
-    else
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
-
-    return( (int) len );
-}
-
-int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, size_t size )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *c;
-    size_t len = 0, par_len = 0, oid_len;
-    mbedtls_pk_type_t pk_type;
-    const char *oid;
-
-    PK_VALIDATE_RET( key != NULL );
-    if( size == 0 )
-        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-    PK_VALIDATE_RET( buf != NULL );
-
-    c = buf + size;
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, key ) );
-
-    if( c - buf < 1 )
-        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-    /*
-     *  SubjectPublicKeyInfo  ::=  SEQUENCE  {
-     *       algorithm            AlgorithmIdentifier,
-     *       subjectPublicKey     BIT STRING }
-     */
-    *--c = 0;
-    len += 1;
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_BIT_STRING ) );
-
-    pk_type = mbedtls_pk_get_type( key );
-#if defined(MBEDTLS_ECP_C)
-    if( pk_type == MBEDTLS_PK_ECKEY )
-    {
-        MBEDTLS_ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, mbedtls_pk_ec( *key ) ) );
-    }
-#endif
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( pk_type == MBEDTLS_PK_OPAQUE )
-    {
-        psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-        psa_key_type_t key_type;
-        psa_key_id_t key_id;
-        psa_ecc_family_t curve;
-        size_t bits;
-
-        key_id = *((psa_key_id_t*) key->pk_ctx );
-        if( PSA_SUCCESS != psa_get_key_attributes( key_id, &attributes ) )
-            return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
-        key_type = psa_get_key_type( &attributes );
-        bits = psa_get_key_bits( &attributes );
-        psa_reset_key_attributes( &attributes );
-
-        curve = PSA_KEY_TYPE_ECC_GET_FAMILY( key_type );
-        if( curve == 0 )
-            return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
-
-        ret = mbedtls_psa_get_ecc_oid_from_id( curve, bits, &oid, &oid_len );
-        if( ret != 0 )
-            return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
-
-        /* Write EC algorithm parameters; that's akin
-         * to pk_write_ec_param() above. */
-        MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_oid( &c, buf,
-                                                               oid, oid_len ) );
-
-        /* The rest of the function works as for legacy EC contexts. */
-        pk_type = MBEDTLS_PK_ECKEY;
-    }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-    if( ( ret = mbedtls_oid_get_oid_by_pk_alg( pk_type, &oid,
-                                               &oid_len ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( &c, buf, oid, oid_len,
-                                                        par_len ) );
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED |
-                                                MBEDTLS_ASN1_SEQUENCE ) );
-
-    return( (int) len );
-}
-
-int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_t size )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *c;
-    size_t len = 0;
-
-    PK_VALIDATE_RET( key != NULL );
-    if( size == 0 )
-        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-    PK_VALIDATE_RET( buf != NULL );
-
-    c = buf + size;
-
-#if defined(MBEDTLS_RSA_C)
-    if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA )
-    {
-        mbedtls_mpi T; /* Temporary holding the exported parameters */
-        mbedtls_rsa_context *rsa = mbedtls_pk_rsa( *key );
-
-        /*
-         * Export the parameters one after another to avoid simultaneous copies.
-         */
-
-        mbedtls_mpi_init( &T );
-
-        /* Export QP */
-        if( ( ret = mbedtls_rsa_export_crt( rsa, NULL, NULL, &T ) ) != 0 ||
-            ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
-            goto end_of_export;
-        len += ret;
-
-        /* Export DQ */
-        if( ( ret = mbedtls_rsa_export_crt( rsa, NULL, &T, NULL ) ) != 0 ||
-            ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
-            goto end_of_export;
-        len += ret;
-
-        /* Export DP */
-        if( ( ret = mbedtls_rsa_export_crt( rsa, &T, NULL, NULL ) ) != 0 ||
-            ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
-            goto end_of_export;
-        len += ret;
-
-        /* Export Q */
-        if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL,
-                                         &T, NULL, NULL ) ) != 0 ||
-             ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
-            goto end_of_export;
-        len += ret;
-
-        /* Export P */
-        if ( ( ret = mbedtls_rsa_export( rsa, NULL, &T,
-                                         NULL, NULL, NULL ) ) != 0 ||
-             ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
-            goto end_of_export;
-        len += ret;
-
-        /* Export D */
-        if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL,
-                                         NULL, &T, NULL ) ) != 0 ||
-             ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
-            goto end_of_export;
-        len += ret;
-
-        /* Export E */
-        if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL,
-                                         NULL, NULL, &T ) ) != 0 ||
-             ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
-            goto end_of_export;
-        len += ret;
-
-        /* Export N */
-        if ( ( ret = mbedtls_rsa_export( rsa, &T, NULL,
-                                         NULL, NULL, NULL ) ) != 0 ||
-             ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
-            goto end_of_export;
-        len += ret;
-
-    end_of_export:
-
-        mbedtls_mpi_free( &T );
-        if( ret < 0 )
-            return( ret );
-
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 0 ) );
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c,
-                                               buf, MBEDTLS_ASN1_CONSTRUCTED |
-                                               MBEDTLS_ASN1_SEQUENCE ) );
-    }
-    else
-#endif /* MBEDTLS_RSA_C */
-#if defined(MBEDTLS_ECP_C)
-    if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY )
-    {
-        mbedtls_ecp_keypair *ec = mbedtls_pk_ec( *key );
-        size_t pub_len = 0, par_len = 0;
-
-        /*
-         * RFC 5915, or SEC1 Appendix C.4
-         *
-         * ECPrivateKey ::= SEQUENCE {
-         *      version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
-         *      privateKey     OCTET STRING,
-         *      parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
-         *      publicKey  [1] BIT STRING OPTIONAL
-         *    }
-         */
-
-        /* publicKey */
-        MBEDTLS_ASN1_CHK_ADD( pub_len, pk_write_ec_pubkey( &c, buf, ec ) );
-
-        if( c - buf < 1 )
-            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-        *--c = 0;
-        pub_len += 1;
-
-        MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_len( &c, buf, pub_len ) );
-        MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_BIT_STRING ) );
-
-        MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_len( &c, buf, pub_len ) );
-        MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_tag( &c, buf,
-                            MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) );
-        len += pub_len;
-
-        /* parameters */
-        MBEDTLS_ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, ec ) );
-
-        MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_len( &c, buf, par_len ) );
-        MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_tag( &c, buf,
-                            MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) );
-        len += par_len;
-
-        /* privateKey */
-        MBEDTLS_ASN1_CHK_ADD( len, pk_write_ec_private( &c, buf, ec ) );
-
-        /* version */
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 1 ) );
-
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED |
-                                                    MBEDTLS_ASN1_SEQUENCE ) );
-    }
-    else
-#endif /* MBEDTLS_ECP_C */
-        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
-
-    return( (int) len );
-}
-
-#if defined(MBEDTLS_PEM_WRITE_C)
-
-#define PEM_BEGIN_PUBLIC_KEY    "-----BEGIN PUBLIC KEY-----\n"
-#define PEM_END_PUBLIC_KEY      "-----END PUBLIC KEY-----\n"
-
-#define PEM_BEGIN_PRIVATE_KEY_RSA   "-----BEGIN RSA PRIVATE KEY-----\n"
-#define PEM_END_PRIVATE_KEY_RSA     "-----END RSA PRIVATE KEY-----\n"
-#define PEM_BEGIN_PRIVATE_KEY_EC    "-----BEGIN EC PRIVATE KEY-----\n"
-#define PEM_END_PRIVATE_KEY_EC      "-----END EC PRIVATE KEY-----\n"
-
-/*
- * Max sizes of key per types. Shown as tag + len (+ content).
- */
-
-#if defined(MBEDTLS_RSA_C)
-/*
- * RSA public keys:
- *  SubjectPublicKeyInfo  ::=  SEQUENCE  {          1 + 3
- *       algorithm            AlgorithmIdentifier,  1 + 1 (sequence)
- *                                                + 1 + 1 + 9 (rsa oid)
- *                                                + 1 + 1 (params null)
- *       subjectPublicKey     BIT STRING }          1 + 3 + (1 + below)
- *  RSAPublicKey ::= SEQUENCE {                     1 + 3
- *      modulus           INTEGER,  -- n            1 + 3 + MPI_MAX + 1
- *      publicExponent    INTEGER   -- e            1 + 3 + MPI_MAX + 1
- *  }
- */
-#define RSA_PUB_DER_MAX_BYTES   38 + 2 * MBEDTLS_MPI_MAX_SIZE
-
-/*
- * RSA private keys:
- *  RSAPrivateKey ::= SEQUENCE {                    1 + 3
- *      version           Version,                  1 + 1 + 1
- *      modulus           INTEGER,                  1 + 3 + MPI_MAX + 1
- *      publicExponent    INTEGER,                  1 + 3 + MPI_MAX + 1
- *      privateExponent   INTEGER,                  1 + 3 + MPI_MAX + 1
- *      prime1            INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
- *      prime2            INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
- *      exponent1         INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
- *      exponent2         INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
- *      coefficient       INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
- *      otherPrimeInfos   OtherPrimeInfos OPTIONAL  0 (not supported)
- *  }
- */
-#define MPI_MAX_SIZE_2          MBEDTLS_MPI_MAX_SIZE / 2 + \
-                                MBEDTLS_MPI_MAX_SIZE % 2
-#define RSA_PRV_DER_MAX_BYTES   47 + 3 * MBEDTLS_MPI_MAX_SIZE \
-                                   + 5 * MPI_MAX_SIZE_2
-
-#else /* MBEDTLS_RSA_C */
-
-#define RSA_PUB_DER_MAX_BYTES   0
-#define RSA_PRV_DER_MAX_BYTES   0
-
-#endif /* MBEDTLS_RSA_C */
-
-#if defined(MBEDTLS_ECP_C)
-/*
- * EC public keys:
- *  SubjectPublicKeyInfo  ::=  SEQUENCE  {      1 + 2
- *    algorithm         AlgorithmIdentifier,    1 + 1 (sequence)
- *                                            + 1 + 1 + 7 (ec oid)
- *                                            + 1 + 1 + 9 (namedCurve oid)
- *    subjectPublicKey  BIT STRING              1 + 2 + 1               [1]
- *                                            + 1 (point format)        [1]
- *                                            + 2 * ECP_MAX (coords)    [1]
- *  }
- */
-#define ECP_PUB_DER_MAX_BYTES   30 + 2 * MBEDTLS_ECP_MAX_BYTES
-
-/*
- * EC private keys:
- * ECPrivateKey ::= SEQUENCE {                  1 + 2
- *      version        INTEGER ,                1 + 1 + 1
- *      privateKey     OCTET STRING,            1 + 1 + ECP_MAX
- *      parameters [0] ECParameters OPTIONAL,   1 + 1 + (1 + 1 + 9)
- *      publicKey  [1] BIT STRING OPTIONAL      1 + 2 + [1] above
- *    }
- */
-#define ECP_PRV_DER_MAX_BYTES   29 + 3 * MBEDTLS_ECP_MAX_BYTES
-
-#else /* MBEDTLS_ECP_C */
-
-#define ECP_PUB_DER_MAX_BYTES   0
-#define ECP_PRV_DER_MAX_BYTES   0
-
-#endif /* MBEDTLS_ECP_C */
-
-#define PUB_DER_MAX_BYTES   RSA_PUB_DER_MAX_BYTES > ECP_PUB_DER_MAX_BYTES ? \
-                            RSA_PUB_DER_MAX_BYTES : ECP_PUB_DER_MAX_BYTES
-#define PRV_DER_MAX_BYTES   RSA_PRV_DER_MAX_BYTES > ECP_PRV_DER_MAX_BYTES ? \
-                            RSA_PRV_DER_MAX_BYTES : ECP_PRV_DER_MAX_BYTES
-
-int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *key, unsigned char *buf, size_t size )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char output_buf[PUB_DER_MAX_BYTES];
-    size_t olen = 0;
-
-    PK_VALIDATE_RET( key != NULL );
-    PK_VALIDATE_RET( buf != NULL || size == 0 );
-
-    if( ( ret = mbedtls_pk_write_pubkey_der( key, output_buf,
-                                     sizeof(output_buf) ) ) < 0 )
-    {
-        return( ret );
-    }
-
-    if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY,
-                                  output_buf + sizeof(output_buf) - ret,
-                                  ret, buf, size, &olen ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    return( 0 );
-}
-
-int mbedtls_pk_write_key_pem( mbedtls_pk_context *key, unsigned char *buf, size_t size )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char output_buf[PRV_DER_MAX_BYTES];
-    const char *begin, *end;
-    size_t olen = 0;
-
-    PK_VALIDATE_RET( key != NULL );
-    PK_VALIDATE_RET( buf != NULL || size == 0 );
-
-    if( ( ret = mbedtls_pk_write_key_der( key, output_buf, sizeof(output_buf) ) ) < 0 )
-        return( ret );
-
-#if defined(MBEDTLS_RSA_C)
-    if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA )
-    {
-        begin = PEM_BEGIN_PRIVATE_KEY_RSA;
-        end = PEM_END_PRIVATE_KEY_RSA;
-    }
-    else
-#endif
-#if defined(MBEDTLS_ECP_C)
-    if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY )
-    {
-        begin = PEM_BEGIN_PRIVATE_KEY_EC;
-        end = PEM_END_PRIVATE_KEY_EC;
-    }
-    else
-#endif
-        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
-
-    if( ( ret = mbedtls_pem_write_buffer( begin, end,
-                                  output_buf + sizeof(output_buf) - ret,
-                                  ret, buf, size, &olen ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_PEM_WRITE_C */
-
-#endif /* MBEDTLS_PK_WRITE_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/platform.c b/3rdparty/mbedtls-2.25.0/library/platform.c
deleted file mode 100644
index e742fde..0000000
--- a/3rdparty/mbedtls-2.25.0/library/platform.c
+++ /dev/null
@@ -1,386 +0,0 @@
-/*
- *  Platform abstraction layer
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_PLATFORM_C)
-
-#include "mbedtls/platform.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-/* The compile time configuration of memory allocation via the macros
- * MBEDTLS_PLATFORM_{FREE/CALLOC}_MACRO takes precedence over the runtime
- * configuration via mbedtls_platform_set_calloc_free(). So, omit everything
- * related to the latter if MBEDTLS_PLATFORM_{FREE/CALLOC}_MACRO are defined. */
-#if defined(MBEDTLS_PLATFORM_MEMORY) &&                 \
-    !( defined(MBEDTLS_PLATFORM_CALLOC_MACRO) &&        \
-       defined(MBEDTLS_PLATFORM_FREE_MACRO) )
-
-#if !defined(MBEDTLS_PLATFORM_STD_CALLOC)
-static void *platform_calloc_uninit( size_t n, size_t size )
-{
-    ((void) n);
-    ((void) size);
-    return( NULL );
-}
-
-#define MBEDTLS_PLATFORM_STD_CALLOC   platform_calloc_uninit
-#endif /* !MBEDTLS_PLATFORM_STD_CALLOC */
-
-#if !defined(MBEDTLS_PLATFORM_STD_FREE)
-static void platform_free_uninit( void *ptr )
-{
-    ((void) ptr);
-}
-
-#define MBEDTLS_PLATFORM_STD_FREE     platform_free_uninit
-#endif /* !MBEDTLS_PLATFORM_STD_FREE */
-
-static void * (*mbedtls_calloc_func)( size_t, size_t ) = MBEDTLS_PLATFORM_STD_CALLOC;
-static void (*mbedtls_free_func)( void * ) = MBEDTLS_PLATFORM_STD_FREE;
-
-void * mbedtls_calloc( size_t nmemb, size_t size )
-{
-    return (*mbedtls_calloc_func)( nmemb, size );
-}
-
-void mbedtls_free( void * ptr )
-{
-    (*mbedtls_free_func)( ptr );
-}
-
-int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ),
-                              void (*free_func)( void * ) )
-{
-    mbedtls_calloc_func = calloc_func;
-    mbedtls_free_func = free_func;
-    return( 0 );
-}
-#endif /* MBEDTLS_PLATFORM_MEMORY &&
-          !( defined(MBEDTLS_PLATFORM_CALLOC_MACRO) &&
-             defined(MBEDTLS_PLATFORM_FREE_MACRO) ) */
-
-#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF)
-#include <stdarg.h>
-int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    va_list argp;
-
-    va_start( argp, fmt );
-    ret = mbedtls_vsnprintf( s, n, fmt, argp );
-    va_end( argp );
-
-    return( ret );
-}
-#endif
-
-#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
-#if !defined(MBEDTLS_PLATFORM_STD_SNPRINTF)
-/*
- * Make dummy function to prevent NULL pointer dereferences
- */
-static int platform_snprintf_uninit( char * s, size_t n,
-                                     const char * format, ... )
-{
-    ((void) s);
-    ((void) n);
-    ((void) format);
-    return( 0 );
-}
-
-#define MBEDTLS_PLATFORM_STD_SNPRINTF    platform_snprintf_uninit
-#endif /* !MBEDTLS_PLATFORM_STD_SNPRINTF */
-
-int (*mbedtls_snprintf)( char * s, size_t n,
-                          const char * format,
-                          ... ) = MBEDTLS_PLATFORM_STD_SNPRINTF;
-
-int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n,
-                                                 const char * format,
-                                                 ... ) )
-{
-    mbedtls_snprintf = snprintf_func;
-    return( 0 );
-}
-#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
-
-#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF)
-#include <stdarg.h>
-int mbedtls_platform_win32_vsnprintf( char *s, size_t n, const char *fmt, va_list arg )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    /* Avoid calling the invalid parameter handler by checking ourselves */
-    if( s == NULL || n == 0 || fmt == NULL )
-        return( -1 );
-
-#if defined(_TRUNCATE)
-    ret = vsnprintf_s( s, n, _TRUNCATE, fmt, arg );
-#else
-    ret = vsnprintf( s, n, fmt, arg );
-    if( ret < 0 || (size_t) ret == n )
-    {
-        s[n-1] = '\0';
-        ret = -1;
-    }
-#endif
-
-    return( ret );
-}
-#endif
-
-#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT)
-#if !defined(MBEDTLS_PLATFORM_STD_VSNPRINTF)
-/*
- * Make dummy function to prevent NULL pointer dereferences
- */
-static int platform_vsnprintf_uninit( char * s, size_t n,
-                                     const char * format, va_list arg )
-{
-    ((void) s);
-    ((void) n);
-    ((void) format);
-    ((void) arg);
-    return( -1 );
-}
-
-#define MBEDTLS_PLATFORM_STD_VSNPRINTF    platform_vsnprintf_uninit
-#endif /* !MBEDTLS_PLATFORM_STD_VSNPRINTF */
-
-int (*mbedtls_vsnprintf)( char * s, size_t n,
-                          const char * format,
-                          va_list arg ) = MBEDTLS_PLATFORM_STD_VSNPRINTF;
-
-int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n,
-                                                 const char * format,
-                                                 va_list arg ) )
-{
-    mbedtls_vsnprintf = vsnprintf_func;
-    return( 0 );
-}
-#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
-
-#if defined(MBEDTLS_PLATFORM_PRINTF_ALT)
-#if !defined(MBEDTLS_PLATFORM_STD_PRINTF)
-/*
- * Make dummy function to prevent NULL pointer dereferences
- */
-static int platform_printf_uninit( const char *format, ... )
-{
-    ((void) format);
-    return( 0 );
-}
-
-#define MBEDTLS_PLATFORM_STD_PRINTF    platform_printf_uninit
-#endif /* !MBEDTLS_PLATFORM_STD_PRINTF */
-
-int (*mbedtls_printf)( const char *, ... ) = MBEDTLS_PLATFORM_STD_PRINTF;
-
-int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) )
-{
-    mbedtls_printf = printf_func;
-    return( 0 );
-}
-#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */
-
-#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
-#if !defined(MBEDTLS_PLATFORM_STD_FPRINTF)
-/*
- * Make dummy function to prevent NULL pointer dereferences
- */
-static int platform_fprintf_uninit( FILE *stream, const char *format, ... )
-{
-    ((void) stream);
-    ((void) format);
-    return( 0 );
-}
-
-#define MBEDTLS_PLATFORM_STD_FPRINTF   platform_fprintf_uninit
-#endif /* !MBEDTLS_PLATFORM_STD_FPRINTF */
-
-int (*mbedtls_fprintf)( FILE *, const char *, ... ) =
-                                        MBEDTLS_PLATFORM_STD_FPRINTF;
-
-int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *, const char *, ... ) )
-{
-    mbedtls_fprintf = fprintf_func;
-    return( 0 );
-}
-#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */
-
-#if defined(MBEDTLS_PLATFORM_EXIT_ALT)
-#if !defined(MBEDTLS_PLATFORM_STD_EXIT)
-/*
- * Make dummy function to prevent NULL pointer dereferences
- */
-static void platform_exit_uninit( int status )
-{
-    ((void) status);
-}
-
-#define MBEDTLS_PLATFORM_STD_EXIT   platform_exit_uninit
-#endif /* !MBEDTLS_PLATFORM_STD_EXIT */
-
-void (*mbedtls_exit)( int status ) = MBEDTLS_PLATFORM_STD_EXIT;
-
-int mbedtls_platform_set_exit( void (*exit_func)( int status ) )
-{
-    mbedtls_exit = exit_func;
-    return( 0 );
-}
-#endif /* MBEDTLS_PLATFORM_EXIT_ALT */
-
-#if defined(MBEDTLS_HAVE_TIME)
-
-#if defined(MBEDTLS_PLATFORM_TIME_ALT)
-#if !defined(MBEDTLS_PLATFORM_STD_TIME)
-/*
- * Make dummy function to prevent NULL pointer dereferences
- */
-static mbedtls_time_t platform_time_uninit( mbedtls_time_t* timer )
-{
-    ((void) timer);
-    return( 0 );
-}
-
-#define MBEDTLS_PLATFORM_STD_TIME   platform_time_uninit
-#endif /* !MBEDTLS_PLATFORM_STD_TIME */
-
-mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* timer ) = MBEDTLS_PLATFORM_STD_TIME;
-
-int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t* timer ) )
-{
-    mbedtls_time = time_func;
-    return( 0 );
-}
-#endif /* MBEDTLS_PLATFORM_TIME_ALT */
-
-#endif /* MBEDTLS_HAVE_TIME */
-
-#if defined(MBEDTLS_ENTROPY_NV_SEED)
-#if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) && defined(MBEDTLS_FS_IO)
-/* Default implementations for the platform independent seed functions use
- * standard libc file functions to read from and write to a pre-defined filename
- */
-int mbedtls_platform_std_nv_seed_read( unsigned char *buf, size_t buf_len )
-{
-    FILE *file;
-    size_t n;
-
-    if( ( file = fopen( MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "rb" ) ) == NULL )
-        return( -1 );
-
-    if( ( n = fread( buf, 1, buf_len, file ) ) != buf_len )
-    {
-        fclose( file );
-        mbedtls_platform_zeroize( buf, buf_len );
-        return( -1 );
-    }
-
-    fclose( file );
-    return( (int)n );
-}
-
-int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len )
-{
-    FILE *file;
-    size_t n;
-
-    if( ( file = fopen( MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "w" ) ) == NULL )
-        return -1;
-
-    if( ( n = fwrite( buf, 1, buf_len, file ) ) != buf_len )
-    {
-        fclose( file );
-        return -1;
-    }
-
-    fclose( file );
-    return( (int)n );
-}
-#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */
-
-#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
-#if !defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ)
-/*
- * Make dummy function to prevent NULL pointer dereferences
- */
-static int platform_nv_seed_read_uninit( unsigned char *buf, size_t buf_len )
-{
-    ((void) buf);
-    ((void) buf_len);
-    return( -1 );
-}
-
-#define MBEDTLS_PLATFORM_STD_NV_SEED_READ   platform_nv_seed_read_uninit
-#endif /* !MBEDTLS_PLATFORM_STD_NV_SEED_READ */
-
-#if !defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE)
-/*
- * Make dummy function to prevent NULL pointer dereferences
- */
-static int platform_nv_seed_write_uninit( unsigned char *buf, size_t buf_len )
-{
-    ((void) buf);
-    ((void) buf_len);
-    return( -1 );
-}
-
-#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE   platform_nv_seed_write_uninit
-#endif /* !MBEDTLS_PLATFORM_STD_NV_SEED_WRITE */
-
-int (*mbedtls_nv_seed_read)( unsigned char *buf, size_t buf_len ) =
-            MBEDTLS_PLATFORM_STD_NV_SEED_READ;
-int (*mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len ) =
-            MBEDTLS_PLATFORM_STD_NV_SEED_WRITE;
-
-int mbedtls_platform_set_nv_seed(
-        int (*nv_seed_read_func)( unsigned char *buf, size_t buf_len ),
-        int (*nv_seed_write_func)( unsigned char *buf, size_t buf_len ) )
-{
-    mbedtls_nv_seed_read = nv_seed_read_func;
-    mbedtls_nv_seed_write = nv_seed_write_func;
-    return( 0 );
-}
-#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */
-#endif /* MBEDTLS_ENTROPY_NV_SEED */
-
-#if !defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT)
-/*
- * Placeholder platform setup that does nothing by default
- */
-int mbedtls_platform_setup( mbedtls_platform_context *ctx )
-{
-    (void)ctx;
-
-    return( 0 );
-}
-
-/*
- * Placeholder platform teardown that does nothing by default
- */
-void mbedtls_platform_teardown( mbedtls_platform_context *ctx )
-{
-    (void)ctx;
-}
-#endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */
-
-#endif /* MBEDTLS_PLATFORM_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/platform_util.c b/3rdparty/mbedtls-2.25.0/library/platform_util.c
deleted file mode 100644
index 98fe5de..0000000
--- a/3rdparty/mbedtls-2.25.0/library/platform_util.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * Common and shared functions used by multiple modules in the Mbed TLS
- * library.
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- * Ensure gmtime_r is available even with -std=c99; must be defined before
- * config.h, which pulls in glibc's features.h. Harmless on other platforms.
- */
-#if !defined(_POSIX_C_SOURCE)
-#define _POSIX_C_SOURCE 200112L
-#endif
-
-#include "common.h"
-
-#include "mbedtls/platform_util.h"
-#include "mbedtls/platform.h"
-#include "mbedtls/threading.h"
-
-#include <stddef.h>
-#include <string.h>
-
-#if !defined(MBEDTLS_PLATFORM_ZEROIZE_ALT)
-/*
- * This implementation should never be optimized out by the compiler
- *
- * This implementation for mbedtls_platform_zeroize() was inspired from Colin
- * Percival's blog article at:
- *
- * http://www.daemonology.net/blog/2014-09-04-how-to-zero-a-buffer.html
- *
- * It uses a volatile function pointer to the standard memset(). Because the
- * pointer is volatile the compiler expects it to change at
- * any time and will not optimize out the call that could potentially perform
- * other operations on the input buffer instead of just setting it to 0.
- * Nevertheless, as pointed out by davidtgoldblatt on Hacker News
- * (refer to http://www.daemonology.net/blog/2014-09-05-erratum.html for
- * details), optimizations of the following form are still possible:
- *
- * if( memset_func != memset )
- *     memset_func( buf, 0, len );
- *
- * Note that it is extremely difficult to guarantee that
- * mbedtls_platform_zeroize() will not be optimized out by aggressive compilers
- * in a portable way. For this reason, Mbed TLS also provides the configuration
- * option MBEDTLS_PLATFORM_ZEROIZE_ALT, which allows users to configure
- * mbedtls_platform_zeroize() to use a suitable implementation for their
- * platform and needs.
- */
-static void * (* const volatile memset_func)( void *, int, size_t ) = memset;
-
-void mbedtls_platform_zeroize( void *buf, size_t len )
-{
-    MBEDTLS_INTERNAL_VALIDATE( len == 0 || buf != NULL );
-
-    if( len > 0 )
-        memset_func( buf, 0, len );
-}
-#endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */
-
-#if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_PLATFORM_GMTIME_R_ALT)
-#include <time.h>
-#if !defined(_WIN32) && (defined(unix) || \
-    defined(__unix) || defined(__unix__) || (defined(__APPLE__) && \
-    defined(__MACH__)))
-#include <unistd.h>
-#endif /* !_WIN32 && (unix || __unix || __unix__ ||
-        * (__APPLE__ && __MACH__)) */
-
-#if !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) ||     \
-       ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) &&                     \
-         _POSIX_THREAD_SAFE_FUNCTIONS >= 200112L ) )
-/*
- * This is a convenience shorthand macro to avoid checking the long
- * preprocessor conditions above. Ideally, we could expose this macro in
- * platform_util.h and simply use it in platform_util.c, threading.c and
- * threading.h. However, this macro is not part of the Mbed TLS public API, so
- * we keep it private by only defining it in this file
- */
-#if ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) )
-#define PLATFORM_UTIL_USE_GMTIME
-#endif /* ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) ) */
-
-#endif /* !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) ||     \
-             ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) &&                     \
-                _POSIX_THREAD_SAFE_FUNCTIONS >= 200112L ) ) */
-
-struct tm *mbedtls_platform_gmtime_r( const mbedtls_time_t *tt,
-                                      struct tm *tm_buf )
-{
-#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
-    return( ( gmtime_s( tm_buf, tt ) == 0 ) ? tm_buf : NULL );
-#elif !defined(PLATFORM_UTIL_USE_GMTIME)
-    return( gmtime_r( tt, tm_buf ) );
-#else
-    struct tm *lt;
-
-#if defined(MBEDTLS_THREADING_C)
-    if( mbedtls_mutex_lock( &mbedtls_threading_gmtime_mutex ) != 0 )
-        return( NULL );
-#endif /* MBEDTLS_THREADING_C */
-
-    lt = gmtime( tt );
-
-    if( lt != NULL )
-    {
-        memcpy( tm_buf, lt, sizeof( struct tm ) );
-    }
-
-#if defined(MBEDTLS_THREADING_C)
-    if( mbedtls_mutex_unlock( &mbedtls_threading_gmtime_mutex ) != 0 )
-        return( NULL );
-#endif /* MBEDTLS_THREADING_C */
-
-    return( ( lt == NULL ) ? NULL : tm_buf );
-#endif /* _WIN32 && !EFIX64 && !EFI32 */
-}
-#endif /* MBEDTLS_HAVE_TIME_DATE && MBEDTLS_PLATFORM_GMTIME_R_ALT */
diff --git a/3rdparty/mbedtls-2.25.0/library/poly1305.c b/3rdparty/mbedtls-2.25.0/library/poly1305.c
deleted file mode 100644
index 492d145..0000000
--- a/3rdparty/mbedtls-2.25.0/library/poly1305.c
+++ /dev/null
@@ -1,557 +0,0 @@
-/**
- * \file poly1305.c
- *
- * \brief Poly1305 authentication algorithm.
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#include "common.h"
-
-#if defined(MBEDTLS_POLY1305_C)
-
-#include "mbedtls/poly1305.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_POLY1305_ALT)
-
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
-    !defined(inline) && !defined(__cplusplus)
-#define inline __inline
-#endif
-
-/* Parameter validation macros */
-#define POLY1305_VALIDATE_RET( cond )                                       \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA )
-#define POLY1305_VALIDATE( cond )                                           \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-#define POLY1305_BLOCK_SIZE_BYTES ( 16U )
-
-#define BYTES_TO_U32_LE( data, offset )                           \
-    ( (uint32_t) (data)[offset]                                     \
-          | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 )   \
-          | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 )  \
-          | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 )  \
-    )
-
-/*
- * Our implementation is tuned for 32-bit platforms with a 64-bit multiplier.
- * However we provided an alternative for platforms without such a multiplier.
- */
-#if defined(MBEDTLS_NO_64BIT_MULTIPLICATION)
-static uint64_t mul64( uint32_t a, uint32_t b )
-{
-    /* a = al + 2**16 ah, b = bl + 2**16 bh */
-    const uint16_t al = (uint16_t) a;
-    const uint16_t bl = (uint16_t) b;
-    const uint16_t ah = a >> 16;
-    const uint16_t bh = b >> 16;
-
-    /* ab = al*bl + 2**16 (ah*bl + bl*bh) + 2**32 ah*bh */
-    const uint32_t lo = (uint32_t) al * bl;
-    const uint64_t me = (uint64_t)( (uint32_t) ah * bl ) + (uint32_t) al * bh;
-    const uint32_t hi = (uint32_t) ah * bh;
-
-    return( lo + ( me << 16 ) + ( (uint64_t) hi << 32 ) );
-}
-#else
-static inline uint64_t mul64( uint32_t a, uint32_t b )
-{
-    return( (uint64_t) a * b );
-}
-#endif
-
-
-/**
- * \brief                   Process blocks with Poly1305.
- *
- * \param ctx               The Poly1305 context.
- * \param nblocks           Number of blocks to process. Note that this
- *                          function only processes full blocks.
- * \param input             Buffer containing the input block(s).
- * \param needs_padding     Set to 0 if the padding bit has already been
- *                          applied to the input data before calling this
- *                          function.  Otherwise, set this parameter to 1.
- */
-static void poly1305_process( mbedtls_poly1305_context *ctx,
-                              size_t nblocks,
-                              const unsigned char *input,
-                              uint32_t needs_padding )
-{
-    uint64_t d0, d1, d2, d3;
-    uint32_t acc0, acc1, acc2, acc3, acc4;
-    uint32_t r0, r1, r2, r3;
-    uint32_t rs1, rs2, rs3;
-    size_t offset  = 0U;
-    size_t i;
-
-    r0 = ctx->r[0];
-    r1 = ctx->r[1];
-    r2 = ctx->r[2];
-    r3 = ctx->r[3];
-
-    rs1 = r1 + ( r1 >> 2U );
-    rs2 = r2 + ( r2 >> 2U );
-    rs3 = r3 + ( r3 >> 2U );
-
-    acc0 = ctx->acc[0];
-    acc1 = ctx->acc[1];
-    acc2 = ctx->acc[2];
-    acc3 = ctx->acc[3];
-    acc4 = ctx->acc[4];
-
-    /* Process full blocks */
-    for( i = 0U; i < nblocks; i++ )
-    {
-        /* The input block is treated as a 128-bit little-endian integer */
-        d0   = BYTES_TO_U32_LE( input, offset + 0  );
-        d1   = BYTES_TO_U32_LE( input, offset + 4  );
-        d2   = BYTES_TO_U32_LE( input, offset + 8  );
-        d3   = BYTES_TO_U32_LE( input, offset + 12 );
-
-        /* Compute: acc += (padded) block as a 130-bit integer */
-        d0  += (uint64_t) acc0;
-        d1  += (uint64_t) acc1 + ( d0 >> 32U );
-        d2  += (uint64_t) acc2 + ( d1 >> 32U );
-        d3  += (uint64_t) acc3 + ( d2 >> 32U );
-        acc0 = (uint32_t) d0;
-        acc1 = (uint32_t) d1;
-        acc2 = (uint32_t) d2;
-        acc3 = (uint32_t) d3;
-        acc4 += (uint32_t) ( d3 >> 32U ) + needs_padding;
-
-        /* Compute: acc *= r */
-        d0 = mul64( acc0, r0  ) +
-             mul64( acc1, rs3 ) +
-             mul64( acc2, rs2 ) +
-             mul64( acc3, rs1 );
-        d1 = mul64( acc0, r1  ) +
-             mul64( acc1, r0  ) +
-             mul64( acc2, rs3 ) +
-             mul64( acc3, rs2 ) +
-             mul64( acc4, rs1 );
-        d2 = mul64( acc0, r2  ) +
-             mul64( acc1, r1  ) +
-             mul64( acc2, r0  ) +
-             mul64( acc3, rs3 ) +
-             mul64( acc4, rs2 );
-        d3 = mul64( acc0, r3  ) +
-             mul64( acc1, r2  ) +
-             mul64( acc2, r1  ) +
-             mul64( acc3, r0  ) +
-             mul64( acc4, rs3 );
-        acc4 *= r0;
-
-        /* Compute: acc %= (2^130 - 5) (partial remainder) */
-        d1 += ( d0 >> 32 );
-        d2 += ( d1 >> 32 );
-        d3 += ( d2 >> 32 );
-        acc0 = (uint32_t) d0;
-        acc1 = (uint32_t) d1;
-        acc2 = (uint32_t) d2;
-        acc3 = (uint32_t) d3;
-        acc4 = (uint32_t) ( d3 >> 32 ) + acc4;
-
-        d0 = (uint64_t) acc0 + ( acc4 >> 2 ) + ( acc4 & 0xFFFFFFFCU );
-        acc4 &= 3U;
-        acc0 = (uint32_t) d0;
-        d0 = (uint64_t) acc1 + ( d0 >> 32U );
-        acc1 = (uint32_t) d0;
-        d0 = (uint64_t) acc2 + ( d0 >> 32U );
-        acc2 = (uint32_t) d0;
-        d0 = (uint64_t) acc3 + ( d0 >> 32U );
-        acc3 = (uint32_t) d0;
-        d0 = (uint64_t) acc4 + ( d0 >> 32U );
-        acc4 = (uint32_t) d0;
-
-        offset    += POLY1305_BLOCK_SIZE_BYTES;
-    }
-
-    ctx->acc[0] = acc0;
-    ctx->acc[1] = acc1;
-    ctx->acc[2] = acc2;
-    ctx->acc[3] = acc3;
-    ctx->acc[4] = acc4;
-}
-
-/**
- * \brief                   Compute the Poly1305 MAC
- *
- * \param ctx               The Poly1305 context.
- * \param mac               The buffer to where the MAC is written. Must be
- *                          big enough to contain the 16-byte MAC.
- */
-static void poly1305_compute_mac( const mbedtls_poly1305_context *ctx,
-                                  unsigned char mac[16] )
-{
-    uint64_t d;
-    uint32_t g0, g1, g2, g3, g4;
-    uint32_t acc0, acc1, acc2, acc3, acc4;
-    uint32_t mask;
-    uint32_t mask_inv;
-
-    acc0 = ctx->acc[0];
-    acc1 = ctx->acc[1];
-    acc2 = ctx->acc[2];
-    acc3 = ctx->acc[3];
-    acc4 = ctx->acc[4];
-
-    /* Before adding 's' we ensure that the accumulator is mod 2^130 - 5.
-     * We do this by calculating acc - (2^130 - 5), then checking if
-     * the 131st bit is set. If it is, then reduce: acc -= (2^130 - 5)
-     */
-
-    /* Calculate acc + -(2^130 - 5) */
-    d  = ( (uint64_t) acc0 + 5U );
-    g0 = (uint32_t) d;
-    d  = ( (uint64_t) acc1 + ( d >> 32 ) );
-    g1 = (uint32_t) d;
-    d  = ( (uint64_t) acc2 + ( d >> 32 ) );
-    g2 = (uint32_t) d;
-    d  = ( (uint64_t) acc3 + ( d >> 32 ) );
-    g3 = (uint32_t) d;
-    g4 = acc4 + (uint32_t) ( d >> 32U );
-
-    /* mask == 0xFFFFFFFF if 131st bit is set, otherwise mask == 0 */
-    mask = (uint32_t) 0U - ( g4 >> 2U );
-    mask_inv = ~mask;
-
-    /* If 131st bit is set then acc=g, otherwise, acc is unmodified */
-    acc0 = ( acc0 & mask_inv ) | ( g0 & mask );
-    acc1 = ( acc1 & mask_inv ) | ( g1 & mask );
-    acc2 = ( acc2 & mask_inv ) | ( g2 & mask );
-    acc3 = ( acc3 & mask_inv ) | ( g3 & mask );
-
-    /* Add 's' */
-    d = (uint64_t) acc0 + ctx->s[0];
-    acc0 = (uint32_t) d;
-    d = (uint64_t) acc1 + ctx->s[1] + ( d >> 32U );
-    acc1 = (uint32_t) d;
-    d = (uint64_t) acc2 + ctx->s[2] + ( d >> 32U );
-    acc2 = (uint32_t) d;
-    acc3 += ctx->s[3] + (uint32_t) ( d >> 32U );
-
-    /* Compute MAC (128 least significant bits of the accumulator) */
-    mac[ 0] = (unsigned char)( acc0       );
-    mac[ 1] = (unsigned char)( acc0 >>  8 );
-    mac[ 2] = (unsigned char)( acc0 >> 16 );
-    mac[ 3] = (unsigned char)( acc0 >> 24 );
-    mac[ 4] = (unsigned char)( acc1       );
-    mac[ 5] = (unsigned char)( acc1 >>  8 );
-    mac[ 6] = (unsigned char)( acc1 >> 16 );
-    mac[ 7] = (unsigned char)( acc1 >> 24 );
-    mac[ 8] = (unsigned char)( acc2       );
-    mac[ 9] = (unsigned char)( acc2 >>  8 );
-    mac[10] = (unsigned char)( acc2 >> 16 );
-    mac[11] = (unsigned char)( acc2 >> 24 );
-    mac[12] = (unsigned char)( acc3       );
-    mac[13] = (unsigned char)( acc3 >>  8 );
-    mac[14] = (unsigned char)( acc3 >> 16 );
-    mac[15] = (unsigned char)( acc3 >> 24 );
-}
-
-void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx )
-{
-    POLY1305_VALIDATE( ctx != NULL );
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_poly1305_context ) );
-}
-
-void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_poly1305_context ) );
-}
-
-int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx,
-                             const unsigned char key[32] )
-{
-    POLY1305_VALIDATE_RET( ctx != NULL );
-    POLY1305_VALIDATE_RET( key != NULL );
-
-    /* r &= 0x0ffffffc0ffffffc0ffffffc0fffffff */
-    ctx->r[0] = BYTES_TO_U32_LE( key, 0 )  & 0x0FFFFFFFU;
-    ctx->r[1] = BYTES_TO_U32_LE( key, 4 )  & 0x0FFFFFFCU;
-    ctx->r[2] = BYTES_TO_U32_LE( key, 8 )  & 0x0FFFFFFCU;
-    ctx->r[3] = BYTES_TO_U32_LE( key, 12 ) & 0x0FFFFFFCU;
-
-    ctx->s[0] = BYTES_TO_U32_LE( key, 16 );
-    ctx->s[1] = BYTES_TO_U32_LE( key, 20 );
-    ctx->s[2] = BYTES_TO_U32_LE( key, 24 );
-    ctx->s[3] = BYTES_TO_U32_LE( key, 28 );
-
-    /* Initial accumulator state */
-    ctx->acc[0] = 0U;
-    ctx->acc[1] = 0U;
-    ctx->acc[2] = 0U;
-    ctx->acc[3] = 0U;
-    ctx->acc[4] = 0U;
-
-    /* Queue initially empty */
-    mbedtls_platform_zeroize( ctx->queue, sizeof( ctx->queue ) );
-    ctx->queue_len = 0U;
-
-    return( 0 );
-}
-
-int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx,
-                             const unsigned char *input,
-                             size_t ilen )
-{
-    size_t offset    = 0U;
-    size_t remaining = ilen;
-    size_t queue_free_len;
-    size_t nblocks;
-    POLY1305_VALIDATE_RET( ctx != NULL );
-    POLY1305_VALIDATE_RET( ilen == 0 || input != NULL );
-
-    if( ( remaining > 0U ) && ( ctx->queue_len > 0U ) )
-    {
-        queue_free_len = ( POLY1305_BLOCK_SIZE_BYTES - ctx->queue_len );
-
-        if( ilen < queue_free_len )
-        {
-            /* Not enough data to complete the block.
-             * Store this data with the other leftovers.
-             */
-            memcpy( &ctx->queue[ctx->queue_len],
-                    input,
-                    ilen );
-
-            ctx->queue_len += ilen;
-
-            remaining = 0U;
-        }
-        else
-        {
-            /* Enough data to produce a complete block */
-            memcpy( &ctx->queue[ctx->queue_len],
-                    input,
-                    queue_free_len );
-
-            ctx->queue_len = 0U;
-
-            poly1305_process( ctx, 1U, ctx->queue, 1U ); /* add padding bit */
-
-            offset    += queue_free_len;
-            remaining -= queue_free_len;
-        }
-    }
-
-    if( remaining >= POLY1305_BLOCK_SIZE_BYTES )
-    {
-        nblocks = remaining / POLY1305_BLOCK_SIZE_BYTES;
-
-        poly1305_process( ctx, nblocks, &input[offset], 1U );
-
-        offset += nblocks * POLY1305_BLOCK_SIZE_BYTES;
-        remaining %= POLY1305_BLOCK_SIZE_BYTES;
-    }
-
-    if( remaining > 0U )
-    {
-        /* Store partial block */
-        ctx->queue_len = remaining;
-        memcpy( ctx->queue, &input[offset], remaining );
-    }
-
-    return( 0 );
-}
-
-int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx,
-                             unsigned char mac[16] )
-{
-    POLY1305_VALIDATE_RET( ctx != NULL );
-    POLY1305_VALIDATE_RET( mac != NULL );
-
-    /* Process any leftover data */
-    if( ctx->queue_len > 0U )
-    {
-        /* Add padding bit */
-        ctx->queue[ctx->queue_len] = 1U;
-        ctx->queue_len++;
-
-        /* Pad with zeroes */
-        memset( &ctx->queue[ctx->queue_len],
-                0,
-                POLY1305_BLOCK_SIZE_BYTES - ctx->queue_len );
-
-        poly1305_process( ctx, 1U,          /* Process 1 block */
-                          ctx->queue, 0U ); /* Already padded above */
-    }
-
-    poly1305_compute_mac( ctx, mac );
-
-    return( 0 );
-}
-
-int mbedtls_poly1305_mac( const unsigned char key[32],
-                          const unsigned char *input,
-                          size_t ilen,
-                          unsigned char mac[16] )
-{
-    mbedtls_poly1305_context ctx;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    POLY1305_VALIDATE_RET( key != NULL );
-    POLY1305_VALIDATE_RET( mac != NULL );
-    POLY1305_VALIDATE_RET( ilen == 0 || input != NULL );
-
-    mbedtls_poly1305_init( &ctx );
-
-    ret = mbedtls_poly1305_starts( &ctx, key );
-    if( ret != 0 )
-        goto cleanup;
-
-    ret = mbedtls_poly1305_update( &ctx, input, ilen );
-    if( ret != 0 )
-        goto cleanup;
-
-    ret = mbedtls_poly1305_finish( &ctx, mac );
-
-cleanup:
-    mbedtls_poly1305_free( &ctx );
-    return( ret );
-}
-
-#endif /* MBEDTLS_POLY1305_ALT */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-static const unsigned char test_keys[2][32] =
-{
-    {
-        0x85, 0xd6, 0xbe, 0x78, 0x57, 0x55, 0x6d, 0x33,
-        0x7f, 0x44, 0x52, 0xfe, 0x42, 0xd5, 0x06, 0xa8,
-        0x01, 0x03, 0x80, 0x8a, 0xfb, 0x0d, 0xb2, 0xfd,
-        0x4a, 0xbf, 0xf6, 0xaf, 0x41, 0x49, 0xf5, 0x1b
-    },
-    {
-        0x1c, 0x92, 0x40, 0xa5, 0xeb, 0x55, 0xd3, 0x8a,
-        0xf3, 0x33, 0x88, 0x86, 0x04, 0xf6, 0xb5, 0xf0,
-        0x47, 0x39, 0x17, 0xc1, 0x40, 0x2b, 0x80, 0x09,
-        0x9d, 0xca, 0x5c, 0xbc, 0x20, 0x70, 0x75, 0xc0
-    }
-};
-
-static const unsigned char test_data[2][127] =
-{
-    {
-        0x43, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x67, 0x72,
-        0x61, 0x70, 0x68, 0x69, 0x63, 0x20, 0x46, 0x6f,
-        0x72, 0x75, 0x6d, 0x20, 0x52, 0x65, 0x73, 0x65,
-        0x61, 0x72, 0x63, 0x68, 0x20, 0x47, 0x72, 0x6f,
-        0x75, 0x70
-    },
-    {
-        0x27, 0x54, 0x77, 0x61, 0x73, 0x20, 0x62, 0x72,
-        0x69, 0x6c, 0x6c, 0x69, 0x67, 0x2c, 0x20, 0x61,
-        0x6e, 0x64, 0x20, 0x74, 0x68, 0x65, 0x20, 0x73,
-        0x6c, 0x69, 0x74, 0x68, 0x79, 0x20, 0x74, 0x6f,
-        0x76, 0x65, 0x73, 0x0a, 0x44, 0x69, 0x64, 0x20,
-        0x67, 0x79, 0x72, 0x65, 0x20, 0x61, 0x6e, 0x64,
-        0x20, 0x67, 0x69, 0x6d, 0x62, 0x6c, 0x65, 0x20,
-        0x69, 0x6e, 0x20, 0x74, 0x68, 0x65, 0x20, 0x77,
-        0x61, 0x62, 0x65, 0x3a, 0x0a, 0x41, 0x6c, 0x6c,
-        0x20, 0x6d, 0x69, 0x6d, 0x73, 0x79, 0x20, 0x77,
-        0x65, 0x72, 0x65, 0x20, 0x74, 0x68, 0x65, 0x20,
-        0x62, 0x6f, 0x72, 0x6f, 0x67, 0x6f, 0x76, 0x65,
-        0x73, 0x2c, 0x0a, 0x41, 0x6e, 0x64, 0x20, 0x74,
-        0x68, 0x65, 0x20, 0x6d, 0x6f, 0x6d, 0x65, 0x20,
-        0x72, 0x61, 0x74, 0x68, 0x73, 0x20, 0x6f, 0x75,
-        0x74, 0x67, 0x72, 0x61, 0x62, 0x65, 0x2e
-    }
-};
-
-static const size_t test_data_len[2] =
-{
-    34U,
-    127U
-};
-
-static const unsigned char test_mac[2][16] =
-{
-    {
-        0xa8, 0x06, 0x1d, 0xc1, 0x30, 0x51, 0x36, 0xc6,
-        0xc2, 0x2b, 0x8b, 0xaf, 0x0c, 0x01, 0x27, 0xa9
-    },
-    {
-        0x45, 0x41, 0x66, 0x9a, 0x7e, 0xaa, 0xee, 0x61,
-        0xe7, 0x08, 0xdc, 0x7c, 0xbc, 0xc5, 0xeb, 0x62
-    }
-};
-
-/* Make sure no other definition is already present. */
-#undef ASSERT
-
-#define ASSERT( cond, args )            \
-    do                                  \
-    {                                   \
-        if( ! ( cond ) )                \
-        {                               \
-            if( verbose != 0 )          \
-                mbedtls_printf args;    \
-                                        \
-            return( -1 );               \
-        }                               \
-    }                                   \
-    while( 0 )
-
-int mbedtls_poly1305_self_test( int verbose )
-{
-    unsigned char mac[16];
-    unsigned i;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    for( i = 0U; i < 2U; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  Poly1305 test %u ", i );
-
-        ret = mbedtls_poly1305_mac( test_keys[i],
-                                    test_data[i],
-                                    test_data_len[i],
-                                    mac );
-        ASSERT( 0 == ret, ( "error code: %i\n", ret ) );
-
-        ASSERT( 0 == memcmp( mac, test_mac[i], 16U ), ( "failed (mac)\n" ) );
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-    return( 0 );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_POLY1305_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/psa_crypto.c b/3rdparty/mbedtls-2.25.0/library/psa_crypto.c
deleted file mode 100644
index 82b95dc..0000000
--- a/3rdparty/mbedtls-2.25.0/library/psa_crypto.c
+++ /dev/null
@@ -1,6706 +0,0 @@
-/*
- *  PSA crypto layer on top of Mbed TLS crypto
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_PSA_CRYPTO_C)
-
-#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
-#include "check_crypto_config.h"
-#endif
-
-#include "psa_crypto_service_integration.h"
-#include "psa/crypto.h"
-
-#include "psa_crypto_core.h"
-#include "psa_crypto_invasive.h"
-#include "psa_crypto_driver_wrappers.h"
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-#include "psa_crypto_se.h"
-#endif
-#include "psa_crypto_slot_management.h"
-/* Include internal declarations that are useful for implementing persistently
- * stored keys. */
-#include "psa_crypto_storage.h"
-
-#include <assert.h>
-#include <stdlib.h>
-#include <string.h>
-#include "mbedtls/platform.h"
-#if !defined(MBEDTLS_PLATFORM_C)
-#define mbedtls_calloc calloc
-#define mbedtls_free   free
-#endif
-
-#include "mbedtls/arc4.h"
-#include "mbedtls/asn1.h"
-#include "mbedtls/asn1write.h"
-#include "mbedtls/bignum.h"
-#include "mbedtls/blowfish.h"
-#include "mbedtls/camellia.h"
-#include "mbedtls/chacha20.h"
-#include "mbedtls/chachapoly.h"
-#include "mbedtls/cipher.h"
-#include "mbedtls/ccm.h"
-#include "mbedtls/cmac.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/des.h"
-#include "mbedtls/ecdh.h"
-#include "mbedtls/ecp.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/error.h"
-#include "mbedtls/gcm.h"
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
-#include "mbedtls/md5.h"
-#include "mbedtls/md.h"
-#include "mbedtls/md_internal.h"
-#include "mbedtls/pk.h"
-#include "mbedtls/pk_internal.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-#include "mbedtls/ripemd160.h"
-#include "mbedtls/rsa.h"
-#include "mbedtls/sha1.h"
-#include "mbedtls/sha256.h"
-#include "mbedtls/sha512.h"
-#include "mbedtls/xtea.h"
-
-#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
-
-/* constant-time buffer comparison */
-static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n )
-{
-    size_t i;
-    unsigned char diff = 0;
-
-    for( i = 0; i < n; i++ )
-        diff |= a[i] ^ b[i];
-
-    return( diff );
-}
-
-
-
-/****************************************************************/
-/* Global data, support functions and library management */
-/****************************************************************/
-
-static int key_type_is_raw_bytes( psa_key_type_t type )
-{
-    return( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) );
-}
-
-/* Values for psa_global_data_t::rng_state */
-#define RNG_NOT_INITIALIZED 0
-#define RNG_INITIALIZED 1
-#define RNG_SEEDED 2
-
-typedef struct
-{
-    void (* entropy_init )( mbedtls_entropy_context *ctx );
-    void (* entropy_free )( mbedtls_entropy_context *ctx );
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    unsigned initialized : 1;
-    unsigned rng_state : 2;
-} psa_global_data_t;
-
-static psa_global_data_t global_data;
-
-#define GUARD_MODULE_INITIALIZED        \
-    if( global_data.initialized == 0 )  \
-        return( PSA_ERROR_BAD_STATE );
-
-psa_status_t mbedtls_to_psa_error( int ret )
-{
-    /* If there's both a high-level code and low-level code, dispatch on
-     * the high-level code. */
-    switch( ret < -0x7f ? - ( -ret & 0x7f80 ) : ret )
-    {
-        case 0:
-            return( PSA_SUCCESS );
-
-        case MBEDTLS_ERR_AES_INVALID_KEY_LENGTH:
-        case MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH:
-        case MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE:
-            return( PSA_ERROR_NOT_SUPPORTED );
-        case MBEDTLS_ERR_AES_HW_ACCEL_FAILED:
-            return( PSA_ERROR_HARDWARE_FAILURE );
-
-        case MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED:
-            return( PSA_ERROR_HARDWARE_FAILURE );
-
-        case MBEDTLS_ERR_ASN1_OUT_OF_DATA:
-        case MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:
-        case MBEDTLS_ERR_ASN1_INVALID_LENGTH:
-        case MBEDTLS_ERR_ASN1_LENGTH_MISMATCH:
-        case MBEDTLS_ERR_ASN1_INVALID_DATA:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        case MBEDTLS_ERR_ASN1_ALLOC_FAILED:
-            return( PSA_ERROR_INSUFFICIENT_MEMORY );
-        case MBEDTLS_ERR_ASN1_BUF_TOO_SMALL:
-            return( PSA_ERROR_BUFFER_TOO_SMALL );
-
-#if defined(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA)
-        case MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA:
-#elif defined(MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH)
-        case MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH:
-#endif
-        case MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH:
-            return( PSA_ERROR_NOT_SUPPORTED );
-        case MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED:
-            return( PSA_ERROR_HARDWARE_FAILURE );
-
-#if defined(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA)
-        case MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA:
-#elif defined(MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH)
-        case MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH:
-#endif
-        case MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH:
-            return( PSA_ERROR_NOT_SUPPORTED );
-        case MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED:
-            return( PSA_ERROR_HARDWARE_FAILURE );
-
-        case MBEDTLS_ERR_CCM_BAD_INPUT:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        case MBEDTLS_ERR_CCM_AUTH_FAILED:
-            return( PSA_ERROR_INVALID_SIGNATURE );
-        case MBEDTLS_ERR_CCM_HW_ACCEL_FAILED:
-            return( PSA_ERROR_HARDWARE_FAILURE );
-
-        case MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-
-        case MBEDTLS_ERR_CHACHAPOLY_BAD_STATE:
-            return( PSA_ERROR_BAD_STATE );
-        case MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED:
-            return( PSA_ERROR_INVALID_SIGNATURE );
-
-        case MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:
-            return( PSA_ERROR_NOT_SUPPORTED );
-        case MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        case MBEDTLS_ERR_CIPHER_ALLOC_FAILED:
-            return( PSA_ERROR_INSUFFICIENT_MEMORY );
-        case MBEDTLS_ERR_CIPHER_INVALID_PADDING:
-            return( PSA_ERROR_INVALID_PADDING );
-        case MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        case MBEDTLS_ERR_CIPHER_AUTH_FAILED:
-            return( PSA_ERROR_INVALID_SIGNATURE );
-        case MBEDTLS_ERR_CIPHER_INVALID_CONTEXT:
-            return( PSA_ERROR_CORRUPTION_DETECTED );
-        case MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED:
-            return( PSA_ERROR_HARDWARE_FAILURE );
-
-        case MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED:
-            return( PSA_ERROR_HARDWARE_FAILURE );
-
-        case MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED:
-            return( PSA_ERROR_INSUFFICIENT_ENTROPY );
-        case MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG:
-        case MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG:
-            return( PSA_ERROR_NOT_SUPPORTED );
-        case MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR:
-            return( PSA_ERROR_INSUFFICIENT_ENTROPY );
-
-        case MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH:
-            return( PSA_ERROR_NOT_SUPPORTED );
-        case MBEDTLS_ERR_DES_HW_ACCEL_FAILED:
-            return( PSA_ERROR_HARDWARE_FAILURE );
-
-        case MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED:
-        case MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE:
-        case MBEDTLS_ERR_ENTROPY_SOURCE_FAILED:
-            return( PSA_ERROR_INSUFFICIENT_ENTROPY );
-
-        case MBEDTLS_ERR_GCM_AUTH_FAILED:
-            return( PSA_ERROR_INVALID_SIGNATURE );
-        case MBEDTLS_ERR_GCM_BAD_INPUT:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        case MBEDTLS_ERR_GCM_HW_ACCEL_FAILED:
-            return( PSA_ERROR_HARDWARE_FAILURE );
-
-        case MBEDTLS_ERR_MD2_HW_ACCEL_FAILED:
-        case MBEDTLS_ERR_MD4_HW_ACCEL_FAILED:
-        case MBEDTLS_ERR_MD5_HW_ACCEL_FAILED:
-            return( PSA_ERROR_HARDWARE_FAILURE );
-
-        case MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE:
-            return( PSA_ERROR_NOT_SUPPORTED );
-        case MBEDTLS_ERR_MD_BAD_INPUT_DATA:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        case MBEDTLS_ERR_MD_ALLOC_FAILED:
-            return( PSA_ERROR_INSUFFICIENT_MEMORY );
-        case MBEDTLS_ERR_MD_FILE_IO_ERROR:
-            return( PSA_ERROR_STORAGE_FAILURE );
-        case MBEDTLS_ERR_MD_HW_ACCEL_FAILED:
-            return( PSA_ERROR_HARDWARE_FAILURE );
-
-        case MBEDTLS_ERR_MPI_FILE_IO_ERROR:
-            return( PSA_ERROR_STORAGE_FAILURE );
-        case MBEDTLS_ERR_MPI_BAD_INPUT_DATA:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        case MBEDTLS_ERR_MPI_INVALID_CHARACTER:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        case MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL:
-            return( PSA_ERROR_BUFFER_TOO_SMALL );
-        case MBEDTLS_ERR_MPI_NEGATIVE_VALUE:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        case MBEDTLS_ERR_MPI_DIVISION_BY_ZERO:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        case MBEDTLS_ERR_MPI_NOT_ACCEPTABLE:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        case MBEDTLS_ERR_MPI_ALLOC_FAILED:
-            return( PSA_ERROR_INSUFFICIENT_MEMORY );
-
-        case MBEDTLS_ERR_PK_ALLOC_FAILED:
-            return( PSA_ERROR_INSUFFICIENT_MEMORY );
-        case MBEDTLS_ERR_PK_TYPE_MISMATCH:
-        case MBEDTLS_ERR_PK_BAD_INPUT_DATA:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        case MBEDTLS_ERR_PK_FILE_IO_ERROR:
-            return( PSA_ERROR_STORAGE_FAILURE );
-        case MBEDTLS_ERR_PK_KEY_INVALID_VERSION:
-        case MBEDTLS_ERR_PK_KEY_INVALID_FORMAT:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        case MBEDTLS_ERR_PK_UNKNOWN_PK_ALG:
-            return( PSA_ERROR_NOT_SUPPORTED );
-        case MBEDTLS_ERR_PK_PASSWORD_REQUIRED:
-        case MBEDTLS_ERR_PK_PASSWORD_MISMATCH:
-            return( PSA_ERROR_NOT_PERMITTED );
-        case MBEDTLS_ERR_PK_INVALID_PUBKEY:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        case MBEDTLS_ERR_PK_INVALID_ALG:
-        case MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE:
-        case MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE:
-            return( PSA_ERROR_NOT_SUPPORTED );
-        case MBEDTLS_ERR_PK_SIG_LEN_MISMATCH:
-            return( PSA_ERROR_INVALID_SIGNATURE );
-        case MBEDTLS_ERR_PK_HW_ACCEL_FAILED:
-            return( PSA_ERROR_HARDWARE_FAILURE );
-
-        case MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED:
-            return( PSA_ERROR_HARDWARE_FAILURE );
-        case MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED:
-            return( PSA_ERROR_NOT_SUPPORTED );
-
-        case MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED:
-            return( PSA_ERROR_HARDWARE_FAILURE );
-
-        case MBEDTLS_ERR_RSA_BAD_INPUT_DATA:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        case MBEDTLS_ERR_RSA_INVALID_PADDING:
-            return( PSA_ERROR_INVALID_PADDING );
-        case MBEDTLS_ERR_RSA_KEY_GEN_FAILED:
-            return( PSA_ERROR_HARDWARE_FAILURE );
-        case MBEDTLS_ERR_RSA_KEY_CHECK_FAILED:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        case MBEDTLS_ERR_RSA_PUBLIC_FAILED:
-        case MBEDTLS_ERR_RSA_PRIVATE_FAILED:
-            return( PSA_ERROR_CORRUPTION_DETECTED );
-        case MBEDTLS_ERR_RSA_VERIFY_FAILED:
-            return( PSA_ERROR_INVALID_SIGNATURE );
-        case MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE:
-            return( PSA_ERROR_BUFFER_TOO_SMALL );
-        case MBEDTLS_ERR_RSA_RNG_FAILED:
-            return( PSA_ERROR_INSUFFICIENT_MEMORY );
-        case MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION:
-            return( PSA_ERROR_NOT_SUPPORTED );
-        case MBEDTLS_ERR_RSA_HW_ACCEL_FAILED:
-            return( PSA_ERROR_HARDWARE_FAILURE );
-
-        case MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED:
-        case MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED:
-        case MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED:
-            return( PSA_ERROR_HARDWARE_FAILURE );
-
-        case MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        case MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED:
-            return( PSA_ERROR_HARDWARE_FAILURE );
-
-        case MBEDTLS_ERR_ECP_BAD_INPUT_DATA:
-        case MBEDTLS_ERR_ECP_INVALID_KEY:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        case MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL:
-            return( PSA_ERROR_BUFFER_TOO_SMALL );
-        case MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:
-            return( PSA_ERROR_NOT_SUPPORTED );
-        case MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH:
-        case MBEDTLS_ERR_ECP_VERIFY_FAILED:
-            return( PSA_ERROR_INVALID_SIGNATURE );
-        case MBEDTLS_ERR_ECP_ALLOC_FAILED:
-            return( PSA_ERROR_INSUFFICIENT_MEMORY );
-        case MBEDTLS_ERR_ECP_HW_ACCEL_FAILED:
-            return( PSA_ERROR_HARDWARE_FAILURE );
-        case MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED:
-            return( PSA_ERROR_CORRUPTION_DETECTED );
-
-        default:
-            return( PSA_ERROR_GENERIC_ERROR );
-    }
-}
-
-
-
-
-/****************************************************************/
-/* Key management */
-/****************************************************************/
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-static inline int psa_key_slot_is_external( const psa_key_slot_t *slot )
-{
-    return( psa_key_lifetime_is_external( slot->attr.lifetime ) );
-}
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-
-/* For now the MBEDTLS_PSA_ACCEL_ guards are also used here since the
- * current test driver in key_management.c is using this function
- * when accelerators are used for ECC key pair and public key.
- * Once that dependency is resolved these guards can be removed.
- */
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
-    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
-    defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
-    defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
-mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve,
-                                               size_t byte_length )
-{
-    switch( curve )
-    {
-        case PSA_ECC_FAMILY_SECP_R1:
-            switch( byte_length )
-            {
-                case PSA_BITS_TO_BYTES( 192 ):
-                    return( MBEDTLS_ECP_DP_SECP192R1 );
-                case PSA_BITS_TO_BYTES( 224 ):
-                    return( MBEDTLS_ECP_DP_SECP224R1 );
-                case PSA_BITS_TO_BYTES( 256 ):
-                    return( MBEDTLS_ECP_DP_SECP256R1 );
-                case PSA_BITS_TO_BYTES( 384 ):
-                    return( MBEDTLS_ECP_DP_SECP384R1 );
-                case PSA_BITS_TO_BYTES( 521 ):
-                    return( MBEDTLS_ECP_DP_SECP521R1 );
-                default:
-                    return( MBEDTLS_ECP_DP_NONE );
-            }
-            break;
-
-        case PSA_ECC_FAMILY_BRAINPOOL_P_R1:
-            switch( byte_length )
-            {
-                case PSA_BITS_TO_BYTES( 256 ):
-                    return( MBEDTLS_ECP_DP_BP256R1 );
-                case PSA_BITS_TO_BYTES( 384 ):
-                    return( MBEDTLS_ECP_DP_BP384R1 );
-                case PSA_BITS_TO_BYTES( 512 ):
-                    return( MBEDTLS_ECP_DP_BP512R1 );
-                default:
-                    return( MBEDTLS_ECP_DP_NONE );
-            }
-            break;
-
-        case PSA_ECC_FAMILY_MONTGOMERY:
-            switch( byte_length )
-            {
-                case PSA_BITS_TO_BYTES( 255 ):
-                    return( MBEDTLS_ECP_DP_CURVE25519 );
-                case PSA_BITS_TO_BYTES( 448 ):
-                    return( MBEDTLS_ECP_DP_CURVE448 );
-                default:
-                    return( MBEDTLS_ECP_DP_NONE );
-            }
-            break;
-
-        case PSA_ECC_FAMILY_SECP_K1:
-            switch( byte_length )
-            {
-                case PSA_BITS_TO_BYTES( 192 ):
-                    return( MBEDTLS_ECP_DP_SECP192K1 );
-                case PSA_BITS_TO_BYTES( 224 ):
-                    return( MBEDTLS_ECP_DP_SECP224K1 );
-                case PSA_BITS_TO_BYTES( 256 ):
-                    return( MBEDTLS_ECP_DP_SECP256K1 );
-                default:
-                    return( MBEDTLS_ECP_DP_NONE );
-            }
-            break;
-
-        default:
-            return( MBEDTLS_ECP_DP_NONE );
-    }
-}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
-        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ||
-        * defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) ||
-        * defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) */
-
-static psa_status_t validate_unstructured_key_bit_size( psa_key_type_t type,
-                                                        size_t bits )
-{
-    /* Check that the bit size is acceptable for the key type */
-    switch( type )
-    {
-        case PSA_KEY_TYPE_RAW_DATA:
-        case PSA_KEY_TYPE_HMAC:
-        case PSA_KEY_TYPE_DERIVE:
-            break;
-#if defined(MBEDTLS_AES_C)
-        case PSA_KEY_TYPE_AES:
-            if( bits != 128 && bits != 192 && bits != 256 )
-                return( PSA_ERROR_INVALID_ARGUMENT );
-            break;
-#endif
-#if defined(MBEDTLS_CAMELLIA_C)
-        case PSA_KEY_TYPE_CAMELLIA:
-            if( bits != 128 && bits != 192 && bits != 256 )
-                return( PSA_ERROR_INVALID_ARGUMENT );
-            break;
-#endif
-#if defined(MBEDTLS_DES_C)
-        case PSA_KEY_TYPE_DES:
-            if( bits != 64 && bits != 128 && bits != 192 )
-                return( PSA_ERROR_INVALID_ARGUMENT );
-            break;
-#endif
-#if defined(MBEDTLS_ARC4_C)
-        case PSA_KEY_TYPE_ARC4:
-            if( bits < 8 || bits > 2048 )
-                return( PSA_ERROR_INVALID_ARGUMENT );
-            break;
-#endif
-#if defined(MBEDTLS_CHACHA20_C)
-        case PSA_KEY_TYPE_CHACHA20:
-            if( bits != 256 )
-                return( PSA_ERROR_INVALID_ARGUMENT );
-            break;
-#endif
-        default:
-            return( PSA_ERROR_NOT_SUPPORTED );
-    }
-    if( bits % 8 != 0 )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
-    return( PSA_SUCCESS );
-}
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
-    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
-    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
-
-/* Mbed TLS doesn't support non-byte-aligned key sizes (i.e. key sizes
- * that are not a multiple of 8) well. For example, there is only
- * mbedtls_rsa_get_len(), which returns a number of bytes, and no
- * way to return the exact bit size of a key.
- * To keep things simple, reject non-byte-aligned key sizes. */
-static psa_status_t psa_check_rsa_key_byte_aligned(
-    const mbedtls_rsa_context *rsa )
-{
-    mbedtls_mpi n;
-    psa_status_t status;
-    mbedtls_mpi_init( &n );
-    status = mbedtls_to_psa_error(
-        mbedtls_rsa_export( rsa, &n, NULL, NULL, NULL, NULL ) );
-    if( status == PSA_SUCCESS )
-    {
-        if( mbedtls_mpi_bitlen( &n ) % 8 != 0 )
-            status = PSA_ERROR_NOT_SUPPORTED;
-    }
-    mbedtls_mpi_free( &n );
-    return( status );
-}
-
-/** Load the contents of a key buffer into an internal RSA representation
- *
- * \param[in] type          The type of key contained in \p data.
- * \param[in] data          The buffer from which to load the representation.
- * \param[in] data_length   The size in bytes of \p data.
- * \param[out] p_rsa        Returns a pointer to an RSA context on success.
- *                          The caller is responsible for freeing both the
- *                          contents of the context and the context itself
- *                          when done.
- */
-static psa_status_t psa_load_rsa_representation( psa_key_type_t type,
-                                                 const uint8_t *data,
-                                                 size_t data_length,
-                                                 mbedtls_rsa_context **p_rsa )
-{
-    psa_status_t status;
-    mbedtls_pk_context ctx;
-    size_t bits;
-    mbedtls_pk_init( &ctx );
-
-    /* Parse the data. */
-    if( PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
-        status = mbedtls_to_psa_error(
-            mbedtls_pk_parse_key( &ctx, data, data_length, NULL, 0 ) );
-    else
-        status = mbedtls_to_psa_error(
-            mbedtls_pk_parse_public_key( &ctx, data, data_length ) );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    /* We have something that the pkparse module recognizes. If it is a
-     * valid RSA key, store it. */
-    if( mbedtls_pk_get_type( &ctx ) != MBEDTLS_PK_RSA )
-    {
-        status = PSA_ERROR_INVALID_ARGUMENT;
-        goto exit;
-    }
-
-    /* The size of an RSA key doesn't have to be a multiple of 8. Mbed TLS
-     * supports non-byte-aligned key sizes, but not well. For example,
-     * mbedtls_rsa_get_len() returns the key size in bytes, not in bits. */
-    bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( mbedtls_pk_rsa( ctx ) ) );
-    if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
-    {
-        status = PSA_ERROR_NOT_SUPPORTED;
-        goto exit;
-    }
-    status = psa_check_rsa_key_byte_aligned( mbedtls_pk_rsa( ctx ) );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    /* Copy out the pointer to the RSA context, and reset the PK context
-     * such that pk_free doesn't free the RSA context we just grabbed. */
-    *p_rsa = mbedtls_pk_rsa( ctx );
-    ctx.pk_info = NULL;
-
-exit:
-    mbedtls_pk_free( &ctx );
-    return( status );
-}
-
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
-        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
-        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
-        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ||
-        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
-        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
-
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
-    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
-
-/** Export an RSA key to export representation
- *
- * \param[in] type          The type of key (public/private) to export
- * \param[in] rsa           The internal RSA representation from which to export
- * \param[out] data         The buffer to export to
- * \param[in] data_size     The length of the buffer to export to
- * \param[out] data_length  The amount of bytes written to \p data
- */
-static psa_status_t psa_export_rsa_key( psa_key_type_t type,
-                                        mbedtls_rsa_context *rsa,
-                                        uint8_t *data,
-                                        size_t data_size,
-                                        size_t *data_length )
-{
-#if defined(MBEDTLS_PK_WRITE_C)
-    int ret;
-    mbedtls_pk_context pk;
-    uint8_t *pos = data + data_size;
-
-    mbedtls_pk_init( &pk );
-    pk.pk_info = &mbedtls_rsa_info;
-    pk.pk_ctx = rsa;
-
-    /* PSA Crypto API defines the format of an RSA key as a DER-encoded
-     * representation of the non-encrypted PKCS#1 RSAPrivateKey for a
-     * private key and of the RFC3279 RSAPublicKey for a public key. */
-    if( PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
-        ret = mbedtls_pk_write_key_der( &pk, data, data_size );
-    else
-        ret = mbedtls_pk_write_pubkey( &pos, data, &pk );
-
-    if( ret < 0 )
-    {
-        /* Clean up in case pk_write failed halfway through. */
-        memset( data, 0, data_size );
-        return( mbedtls_to_psa_error( ret ) );
-    }
-
-    /* The mbedtls_pk_xxx functions write to the end of the buffer.
-     * Move the data to the beginning and erase remaining data
-     * at the original location. */
-    if( 2 * (size_t) ret <= data_size )
-    {
-        memcpy( data, data + data_size - ret, ret );
-        memset( data + data_size - ret, 0, ret );
-    }
-    else if( (size_t) ret < data_size )
-    {
-        memmove( data, data + data_size - ret, ret );
-        memset( data + ret, 0, data_size - ret );
-    }
-
-    *data_length = ret;
-    return( PSA_SUCCESS );
-#else
-    (void) type;
-    (void) rsa;
-    (void) data;
-    (void) data_size;
-    (void) data_length;
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* MBEDTLS_PK_WRITE_C */
-}
-
-/** Import an RSA key from import representation to a slot
- *
- * \param[in,out] slot      The slot where to store the export representation to
- * \param[in] data          The buffer containing the import representation
- * \param[in] data_length   The amount of bytes in \p data
- */
-static psa_status_t psa_import_rsa_key( psa_key_slot_t *slot,
-                                        const uint8_t *data,
-                                        size_t data_length )
-{
-    psa_status_t status;
-    uint8_t* output = NULL;
-    mbedtls_rsa_context *rsa = NULL;
-
-    /* Parse input */
-    status = psa_load_rsa_representation( slot->attr.type,
-                                          data,
-                                          data_length,
-                                          &rsa );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    slot->attr.bits = (psa_key_bits_t) PSA_BYTES_TO_BITS(
-        mbedtls_rsa_get_len( rsa ) );
-
-    /* Re-export the data to PSA export format, such that we can store export
-     * representation in the key slot. Export representation in case of RSA is
-     * the smallest representation that's allowed as input, so a straight-up
-     * allocation of the same size as the input buffer will be large enough. */
-    output = mbedtls_calloc( 1, data_length );
-    if( output == NULL )
-    {
-        status = PSA_ERROR_INSUFFICIENT_MEMORY;
-        goto exit;
-    }
-
-    status = psa_export_rsa_key( slot->attr.type,
-                                 rsa,
-                                 output,
-                                 data_length,
-                                 &data_length);
-exit:
-    /* Always free the RSA object */
-    mbedtls_rsa_free( rsa );
-    mbedtls_free( rsa );
-
-    /* Free the allocated buffer only on error. */
-    if( status != PSA_SUCCESS )
-    {
-        mbedtls_free( output );
-        return( status );
-    }
-
-    /* On success, store the allocated export-formatted key. */
-    slot->data.key.data = output;
-    slot->data.key.bytes = data_length;
-
-    return( PSA_SUCCESS );
-}
-
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
-        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
-
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
-    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
-/** Load the contents of a key buffer into an internal ECP representation
- *
- * \param[in] type          The type of key contained in \p data.
- * \param[in] data          The buffer from which to load the representation.
- * \param[in] data_length   The size in bytes of \p data.
- * \param[out] p_ecp        Returns a pointer to an ECP context on success.
- *                          The caller is responsible for freeing both the
- *                          contents of the context and the context itself
- *                          when done.
- */
-static psa_status_t psa_load_ecp_representation( psa_key_type_t type,
-                                                 const uint8_t *data,
-                                                 size_t data_length,
-                                                 mbedtls_ecp_keypair **p_ecp )
-{
-    mbedtls_ecp_group_id grp_id = MBEDTLS_ECP_DP_NONE;
-    psa_status_t status;
-    mbedtls_ecp_keypair *ecp = NULL;
-    size_t curve_size = data_length;
-
-    if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) &&
-        PSA_KEY_TYPE_ECC_GET_FAMILY( type ) != PSA_ECC_FAMILY_MONTGOMERY )
-    {
-        /* A Weierstrass public key is represented as:
-         * - The byte 0x04;
-         * - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
-         * - `y_P` as a `ceiling(m/8)`-byte string, big-endian.
-         * So its data length is 2m+1 where m is the curve size in bits.
-         */
-        if( ( data_length & 1 ) == 0 )
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        curve_size = data_length / 2;
-
-        /* Montgomery public keys are represented in compressed format, meaning
-         * their curve_size is equal to the amount of input. */
-
-        /* Private keys are represented in uncompressed private random integer
-         * format, meaning their curve_size is equal to the amount of input. */
-    }
-
-    /* Allocate and initialize a key representation. */
-    ecp = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) );
-    if( ecp == NULL )
-        return( PSA_ERROR_INSUFFICIENT_MEMORY );
-    mbedtls_ecp_keypair_init( ecp );
-
-    /* Load the group. */
-    grp_id = mbedtls_ecc_group_of_psa( PSA_KEY_TYPE_ECC_GET_FAMILY( type ),
-                                       curve_size );
-    if( grp_id == MBEDTLS_ECP_DP_NONE )
-    {
-        status = PSA_ERROR_INVALID_ARGUMENT;
-        goto exit;
-    }
-
-    status = mbedtls_to_psa_error(
-                mbedtls_ecp_group_load( &ecp->grp, grp_id ) );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    /* Load the key material. */
-    if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
-    {
-        /* Load the public value. */
-        status = mbedtls_to_psa_error(
-            mbedtls_ecp_point_read_binary( &ecp->grp, &ecp->Q,
-                                           data,
-                                           data_length ) );
-        if( status != PSA_SUCCESS )
-            goto exit;
-
-        /* Check that the point is on the curve. */
-        status = mbedtls_to_psa_error(
-            mbedtls_ecp_check_pubkey( &ecp->grp, &ecp->Q ) );
-        if( status != PSA_SUCCESS )
-            goto exit;
-    }
-    else
-    {
-        /* Load and validate the secret value. */
-        status = mbedtls_to_psa_error(
-            mbedtls_ecp_read_key( ecp->grp.id,
-                                  ecp,
-                                  data,
-                                  data_length ) );
-        if( status != PSA_SUCCESS )
-            goto exit;
-    }
-
-    *p_ecp = ecp;
-exit:
-    if( status != PSA_SUCCESS )
-    {
-        mbedtls_ecp_keypair_free( ecp );
-        mbedtls_free( ecp );
-    }
-
-    return( status );
-}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
-        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ||
-        * defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
-        * defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) ||
-        * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
-
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
-    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
-/** Export an ECP key to export representation
- *
- * \param[in] type          The type of key (public/private) to export
- * \param[in] ecp           The internal ECP representation from which to export
- * \param[out] data         The buffer to export to
- * \param[in] data_size     The length of the buffer to export to
- * \param[out] data_length  The amount of bytes written to \p data
- */
-static psa_status_t psa_export_ecp_key( psa_key_type_t type,
-                                        mbedtls_ecp_keypair *ecp,
-                                        uint8_t *data,
-                                        size_t data_size,
-                                        size_t *data_length )
-{
-    psa_status_t status;
-
-    if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
-    {
-        /* Check whether the public part is loaded */
-        if( mbedtls_ecp_is_zero( &ecp->Q ) )
-        {
-            /* Calculate the public key */
-            status = mbedtls_to_psa_error(
-                mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G,
-                                 mbedtls_ctr_drbg_random, &global_data.ctr_drbg ) );
-            if( status != PSA_SUCCESS )
-                return( status );
-        }
-
-        status = mbedtls_to_psa_error(
-                    mbedtls_ecp_point_write_binary( &ecp->grp, &ecp->Q,
-                                                    MBEDTLS_ECP_PF_UNCOMPRESSED,
-                                                    data_length,
-                                                    data,
-                                                    data_size ) );
-        if( status != PSA_SUCCESS )
-            memset( data, 0, data_size );
-
-        return( status );
-    }
-    else
-    {
-        if( data_size < PSA_BITS_TO_BYTES( ecp->grp.nbits ) )
-            return( PSA_ERROR_BUFFER_TOO_SMALL );
-
-        status = mbedtls_to_psa_error(
-                    mbedtls_ecp_write_key( ecp,
-                                           data,
-                                           PSA_BITS_TO_BYTES( ecp->grp.nbits ) ) );
-        if( status == PSA_SUCCESS )
-            *data_length = PSA_BITS_TO_BYTES( ecp->grp.nbits );
-        else
-            memset( data, 0, data_size );
-
-        return( status );
-    }
-}
-
-/** Import an ECP key from import representation to a slot
- *
- * \param[in,out] slot      The slot where to store the export representation to
- * \param[in] data          The buffer containing the import representation
- * \param[in] data_length   The amount of bytes in \p data
- */
-static psa_status_t psa_import_ecp_key( psa_key_slot_t *slot,
-                                        const uint8_t *data,
-                                        size_t data_length )
-{
-    psa_status_t status;
-    uint8_t* output = NULL;
-    mbedtls_ecp_keypair *ecp = NULL;
-
-    /* Parse input */
-    status = psa_load_ecp_representation( slot->attr.type,
-                                          data,
-                                          data_length,
-                                          &ecp );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    if( PSA_KEY_TYPE_ECC_GET_FAMILY( slot->attr.type ) == PSA_ECC_FAMILY_MONTGOMERY)
-        slot->attr.bits = (psa_key_bits_t) ecp->grp.nbits + 1;
-    else
-        slot->attr.bits = (psa_key_bits_t) ecp->grp.nbits;
-
-    /* Re-export the data to PSA export format. There is currently no support
-     * for other input formats then the export format, so this is a 1-1
-     * copy operation. */
-    output = mbedtls_calloc( 1, data_length );
-    if( output == NULL )
-    {
-        status = PSA_ERROR_INSUFFICIENT_MEMORY;
-        goto exit;
-    }
-
-    status = psa_export_ecp_key( slot->attr.type,
-                                 ecp,
-                                 output,
-                                 data_length,
-                                 &data_length);
-exit:
-    /* Always free the PK object (will also free contained ECP context) */
-    mbedtls_ecp_keypair_free( ecp );
-    mbedtls_free( ecp );
-
-    /* Free the allocated buffer only on error. */
-    if( status != PSA_SUCCESS )
-    {
-        mbedtls_free( output );
-        return( status );
-    }
-
-    /* On success, store the allocated export-formatted key. */
-    slot->data.key.data = output;
-    slot->data.key.bytes = data_length;
-
-    return( PSA_SUCCESS );
-}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
-        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */
-
-/** Return the size of the key in the given slot, in bits.
- *
- * \param[in] slot      A key slot.
- *
- * \return The key size in bits, read from the metadata in the slot.
- */
-static inline size_t psa_get_key_slot_bits( const psa_key_slot_t *slot )
-{
-    return( slot->attr.bits );
-}
-
-/** Try to allocate a buffer to an empty key slot.
- *
- * \param[in,out] slot          Key slot to attach buffer to.
- * \param[in] buffer_length     Requested size of the buffer.
- *
- * \retval #PSA_SUCCESS
- *         The buffer has been successfully allocated.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- *         Not enough memory was available for allocation.
- * \retval #PSA_ERROR_ALREADY_EXISTS
- *         Trying to allocate a buffer to a non-empty key slot.
- */
-static psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot,
-                                                 size_t buffer_length )
-{
-    if( slot->data.key.data != NULL )
-        return( PSA_ERROR_ALREADY_EXISTS );
-
-    slot->data.key.data = mbedtls_calloc( 1, buffer_length );
-    if( slot->data.key.data == NULL )
-        return( PSA_ERROR_INSUFFICIENT_MEMORY );
-
-    slot->data.key.bytes = buffer_length;
-    return( PSA_SUCCESS );
-}
-
-psa_status_t psa_copy_key_material_into_slot( psa_key_slot_t *slot,
-                                              const uint8_t* data,
-                                              size_t data_length )
-{
-    psa_status_t status = psa_allocate_buffer_to_slot( slot,
-                                                       data_length );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    memcpy( slot->data.key.data, data, data_length );
-    return( PSA_SUCCESS );
-}
-
-/** Import key data into a slot.
- *
- * `slot->type` must have been set previously.
- * This function assumes that the slot does not contain any key material yet.
- * On failure, the slot content is unchanged.
- *
- * Persistent storage is not affected.
- *
- * \param[in,out] slot  The key slot to import data into.
- *                      Its `type` field must have previously been set to
- *                      the desired key type.
- *                      It must not contain any key material yet.
- * \param[in] data      Buffer containing the key material to parse and import.
- * \param data_length   Size of \p data in bytes.
- *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- * \retval #PSA_ERROR_NOT_SUPPORTED
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- */
-static psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
-                                              const uint8_t *data,
-                                              size_t data_length )
-{
-    psa_status_t status = PSA_SUCCESS;
-    size_t bit_size;
-
-    /* zero-length keys are never supported. */
-    if( data_length == 0 )
-        return( PSA_ERROR_NOT_SUPPORTED );
-
-    if( key_type_is_raw_bytes( slot->attr.type ) )
-    {
-        bit_size = PSA_BYTES_TO_BITS( data_length );
-
-        /* Ensure that the bytes-to-bits conversion hasn't overflown. */
-        if( data_length > SIZE_MAX / 8 )
-            return( PSA_ERROR_NOT_SUPPORTED );
-
-        /* Enforce a size limit, and in particular ensure that the bit
-         * size fits in its representation type. */
-        if( bit_size > PSA_MAX_KEY_BITS )
-            return( PSA_ERROR_NOT_SUPPORTED );
-
-        status = validate_unstructured_key_bit_size( slot->attr.type, bit_size );
-        if( status != PSA_SUCCESS )
-            return( status );
-
-        /* Allocate memory for the key */
-        status = psa_copy_key_material_into_slot( slot, data, data_length );
-        if( status != PSA_SUCCESS )
-            return( status );
-
-        /* Write the actual key size to the slot.
-         * psa_start_key_creation() wrote the size declared by the
-         * caller, which may be 0 (meaning unspecified) or wrong. */
-        slot->attr.bits = (psa_key_bits_t) bit_size;
-
-        return( PSA_SUCCESS );
-    }
-    else if( PSA_KEY_TYPE_IS_ASYMMETRIC( slot->attr.type ) )
-    {
-        /* Try validation through accelerators first. */
-        bit_size = slot->attr.bits;
-        psa_key_attributes_t attributes = {
-          .core = slot->attr
-        };
-        status = psa_driver_wrapper_validate_key( &attributes,
-                                                  data,
-                                                  data_length,
-                                                  &bit_size );
-        if( status == PSA_SUCCESS )
-        {
-            /* Key has been validated successfully by an accelerator.
-             * Copy key material into slot. */
-            status = psa_copy_key_material_into_slot( slot, data, data_length );
-            if( status != PSA_SUCCESS )
-                return( status );
-
-            slot->attr.bits = (psa_key_bits_t) bit_size;
-            return( PSA_SUCCESS );
-        }
-        else if( status != PSA_ERROR_NOT_SUPPORTED )
-            return( status );
-
-        /* Key format is not supported by any accelerator, try software fallback
-         * if present. */
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
-    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
-        if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
-        {
-            return( psa_import_ecp_key( slot, data, data_length ) );
-        }
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
-        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
-    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
-        if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
-        {
-            return( psa_import_rsa_key( slot, data, data_length ) );
-        }
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
-        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
-
-        /* Fell through the fallback as well, so have nothing else to try. */
-        return( PSA_ERROR_NOT_SUPPORTED );
-    }
-    else
-    {
-        /* Unknown key type */
-        return( PSA_ERROR_NOT_SUPPORTED );
-    }
-}
-
-/** Calculate the intersection of two algorithm usage policies.
- *
- * Return 0 (which allows no operation) on incompatibility.
- */
-static psa_algorithm_t psa_key_policy_algorithm_intersection(
-    psa_algorithm_t alg1,
-    psa_algorithm_t alg2 )
-{
-    /* Common case: both sides actually specify the same policy. */
-    if( alg1 == alg2 )
-        return( alg1 );
-    /* If the policies are from the same hash-and-sign family, check
-     * if one is a wildcard. If so the other has the specific algorithm. */
-    if( PSA_ALG_IS_HASH_AND_SIGN( alg1 ) &&
-        PSA_ALG_IS_HASH_AND_SIGN( alg2 ) &&
-        ( alg1 & ~PSA_ALG_HASH_MASK ) == ( alg2 & ~PSA_ALG_HASH_MASK ) )
-    {
-        if( PSA_ALG_SIGN_GET_HASH( alg1 ) == PSA_ALG_ANY_HASH )
-            return( alg2 );
-        if( PSA_ALG_SIGN_GET_HASH( alg2 ) == PSA_ALG_ANY_HASH )
-            return( alg1 );
-    }
-    /* If the policies are incompatible, allow nothing. */
-    return( 0 );
-}
-
-static int psa_key_algorithm_permits( psa_algorithm_t policy_alg,
-                                      psa_algorithm_t requested_alg )
-{
-    /* Common case: the policy only allows requested_alg. */
-    if( requested_alg == policy_alg )
-        return( 1 );
-    /* If policy_alg is a hash-and-sign with a wildcard for the hash,
-     * and requested_alg is the same hash-and-sign family with any hash,
-     * then requested_alg is compliant with policy_alg. */
-    if( PSA_ALG_IS_HASH_AND_SIGN( requested_alg ) &&
-        PSA_ALG_SIGN_GET_HASH( policy_alg ) == PSA_ALG_ANY_HASH )
-    {
-        return( ( policy_alg & ~PSA_ALG_HASH_MASK ) ==
-                ( requested_alg & ~PSA_ALG_HASH_MASK ) );
-    }
-    /* If policy_alg is a generic key agreement operation, then using it for
-     * a key derivation with that key agreement should also be allowed. This
-     * behaviour is expected to be defined in a future specification version. */
-    if( PSA_ALG_IS_RAW_KEY_AGREEMENT( policy_alg ) &&
-        PSA_ALG_IS_KEY_AGREEMENT( requested_alg ) )
-    {
-        return( PSA_ALG_KEY_AGREEMENT_GET_BASE( requested_alg ) ==
-                policy_alg );
-    }
-    /* If it isn't permitted, it's forbidden. */
-    return( 0 );
-}
-
-/** Test whether a policy permits an algorithm.
- *
- * The caller must test usage flags separately.
- */
-static int psa_key_policy_permits( const psa_key_policy_t *policy,
-                                   psa_algorithm_t alg )
-{
-    return( psa_key_algorithm_permits( policy->alg, alg ) ||
-            psa_key_algorithm_permits( policy->alg2, alg ) );
-}
-
-/** Restrict a key policy based on a constraint.
- *
- * \param[in,out] policy    The policy to restrict.
- * \param[in] constraint    The policy constraint to apply.
- *
- * \retval #PSA_SUCCESS
- *         \c *policy contains the intersection of the original value of
- *         \c *policy and \c *constraint.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         \c *policy and \c *constraint are incompatible.
- *         \c *policy is unchanged.
- */
-static psa_status_t psa_restrict_key_policy(
-    psa_key_policy_t *policy,
-    const psa_key_policy_t *constraint )
-{
-    psa_algorithm_t intersection_alg =
-        psa_key_policy_algorithm_intersection( policy->alg, constraint->alg );
-    psa_algorithm_t intersection_alg2 =
-        psa_key_policy_algorithm_intersection( policy->alg2, constraint->alg2 );
-    if( intersection_alg == 0 && policy->alg != 0 && constraint->alg != 0 )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    if( intersection_alg2 == 0 && policy->alg2 != 0 && constraint->alg2 != 0 )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    policy->usage &= constraint->usage;
-    policy->alg = intersection_alg;
-    policy->alg2 = intersection_alg2;
-    return( PSA_SUCCESS );
-}
-
-/** Get the description of a key given its identifier and policy constraints
- *  and lock it.
- *
- * The key must have allow all the usage flags set in \p usage. If \p alg is
- * nonzero, the key must allow operations with this algorithm.
- *
- * In case of a persistent key, the function loads the description of the key
- * into a key slot if not already done.
- *
- * On success, the returned key slot is locked. It is the responsibility of
- * the caller to unlock the key slot when it does not access it anymore.
- */
-static psa_status_t psa_get_and_lock_key_slot_with_policy(
-    mbedtls_svc_key_id_t key,
-    psa_key_slot_t **p_slot,
-    psa_key_usage_t usage,
-    psa_algorithm_t alg )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_key_slot_t *slot;
-
-    status = psa_get_and_lock_key_slot( key, p_slot );
-    if( status != PSA_SUCCESS )
-        return( status );
-    slot = *p_slot;
-
-    /* Enforce that usage policy for the key slot contains all the flags
-     * required by the usage parameter. There is one exception: public
-     * keys can always be exported, so we treat public key objects as
-     * if they had the export flag. */
-    if( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->attr.type ) )
-        usage &= ~PSA_KEY_USAGE_EXPORT;
-
-    status = PSA_ERROR_NOT_PERMITTED;
-    if( ( slot->attr.policy.usage & usage ) != usage )
-        goto error;
-
-    /* Enforce that the usage policy permits the requested algortihm. */
-    if( alg != 0 && ! psa_key_policy_permits( &slot->attr.policy, alg ) )
-        goto error;
-
-    return( PSA_SUCCESS );
-
-error:
-    *p_slot = NULL;
-    psa_unlock_key_slot( slot );
-
-    return( status );
-}
-
-/** Get a key slot containing a transparent key and lock it.
- *
- * A transparent key is a key for which the key material is directly
- * available, as opposed to a key in a secure element.
- *
- * This is a temporary function to use instead of
- * psa_get_and_lock_key_slot_with_policy() until secure element support is
- * fully implemented.
- *
- * On success, the returned key slot is locked. It is the responsibility of the
- * caller to unlock the key slot when it does not access it anymore.
- */
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy(
-    mbedtls_svc_key_id_t key,
-    psa_key_slot_t **p_slot,
-    psa_key_usage_t usage,
-    psa_algorithm_t alg )
-{
-    psa_status_t status = psa_get_and_lock_key_slot_with_policy( key, p_slot,
-                                                                 usage, alg );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    if( psa_key_slot_is_external( *p_slot ) )
-    {
-        psa_unlock_key_slot( *p_slot );
-        *p_slot = NULL;
-        return( PSA_ERROR_NOT_SUPPORTED );
-    }
-
-    return( PSA_SUCCESS );
-}
-#else /* MBEDTLS_PSA_CRYPTO_SE_C */
-/* With no secure element support, all keys are transparent. */
-#define psa_get_and_lock_transparent_key_slot_with_policy( key, p_slot, usage, alg )   \
-    psa_get_and_lock_key_slot_with_policy( key, p_slot, usage, alg )
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-
-/** Wipe key data from a slot. Preserve metadata such as the policy. */
-static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot )
-{
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    if( psa_key_slot_is_external( slot ) )
-    {
-        /* No key material to clean. */
-    }
-    else
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-    {
-        /* Data pointer will always be either a valid pointer or NULL in an
-         * initialized slot, so we can just free it. */
-        if( slot->data.key.data != NULL )
-            mbedtls_platform_zeroize( slot->data.key.data, slot->data.key.bytes);
-        mbedtls_free( slot->data.key.data );
-        slot->data.key.data = NULL;
-        slot->data.key.bytes = 0;
-    }
-
-    return( PSA_SUCCESS );
-}
-
-/** Completely wipe a slot in memory, including its policy.
- * Persistent storage is not affected. */
-psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot )
-{
-    psa_status_t status = psa_remove_key_data_from_memory( slot );
-
-    /*
-     * As the return error code may not be handled in case of multiple errors,
-     * do our best to report an unexpected lock counter: if available
-     * call MBEDTLS_PARAM_FAILED that may terminate execution (if called as
-     * part of the execution of a test suite this will stop the test suite
-     * execution).
-     */
-    if( slot->lock_count != 1 )
-    {
-#ifdef MBEDTLS_CHECK_PARAMS
-        MBEDTLS_PARAM_FAILED( slot->lock_count == 1 );
-#endif
-        status = PSA_ERROR_CORRUPTION_DETECTED;
-    }
-
-    /* Multipart operations may still be using the key. This is safe
-     * because all multipart operation objects are independent from
-     * the key slot: if they need to access the key after the setup
-     * phase, they have a copy of the key. Note that this means that
-     * key material can linger until all operations are completed. */
-    /* At this point, key material and other type-specific content has
-     * been wiped. Clear remaining metadata. We can call memset and not
-     * zeroize because the metadata is not particularly sensitive. */
-    memset( slot, 0, sizeof( *slot ) );
-    return( status );
-}
-
-psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key )
-{
-    psa_key_slot_t *slot;
-    psa_status_t status; /* status of the last operation */
-    psa_status_t overall_status = PSA_SUCCESS;
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    psa_se_drv_table_entry_t *driver;
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-
-    if( mbedtls_svc_key_id_is_null( key ) )
-        return( PSA_SUCCESS );
-
-    /*
-     * Get the description of the key in a key slot. In case of a persistent
-     * key, this will load the key description from persistent memory if not
-     * done yet. We cannot avoid this loading as without it we don't know if
-     * the key is operated by an SE or not and this information is needed by
-     * the current implementation.
-     */
-    status = psa_get_and_lock_key_slot( key, &slot );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    /*
-     * If the key slot containing the key description is under access by the
-     * library (apart from the present access), the key cannot be destroyed
-     * yet. For the time being, just return in error. Eventually (to be
-     * implemented), the key should be destroyed when all accesses have
-     * stopped.
-     */
-    if( slot->lock_count > 1 )
-    {
-       psa_unlock_key_slot( slot );
-       return( PSA_ERROR_GENERIC_ERROR );
-    }
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    driver = psa_get_se_driver_entry( slot->attr.lifetime );
-    if( driver != NULL )
-    {
-        /* For a key in a secure element, we need to do three things:
-         * remove the key file in internal storage, destroy the
-         * key inside the secure element, and update the driver's
-         * persistent data. Start a transaction that will encompass these
-         * three actions. */
-        psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_DESTROY_KEY );
-        psa_crypto_transaction.key.lifetime = slot->attr.lifetime;
-        psa_crypto_transaction.key.slot = slot->data.se.slot_number;
-        psa_crypto_transaction.key.id = slot->attr.id;
-        status = psa_crypto_save_transaction( );
-        if( status != PSA_SUCCESS )
-        {
-            (void) psa_crypto_stop_transaction( );
-            /* We should still try to destroy the key in the secure
-             * element and the key metadata in storage. This is especially
-             * important if the error is that the storage is full.
-             * But how to do it exactly without risking an inconsistent
-             * state after a reset?
-             * https://github.com/ARMmbed/mbed-crypto/issues/215
-             */
-            overall_status = status;
-            goto exit;
-        }
-
-        status = psa_destroy_se_key( driver, slot->data.se.slot_number );
-        if( overall_status == PSA_SUCCESS )
-            overall_status = status;
-    }
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-    if( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) )
-    {
-        status = psa_destroy_persistent_key( slot->attr.id );
-        if( overall_status == PSA_SUCCESS )
-            overall_status = status;
-
-        /* TODO: other slots may have a copy of the same key. We should
-         * invalidate them.
-         * https://github.com/ARMmbed/mbed-crypto/issues/214
-         */
-    }
-#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    if( driver != NULL )
-    {
-        status = psa_save_se_persistent_data( driver );
-        if( overall_status == PSA_SUCCESS )
-            overall_status = status;
-        status = psa_crypto_stop_transaction( );
-        if( overall_status == PSA_SUCCESS )
-            overall_status = status;
-    }
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-exit:
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-    status = psa_wipe_key_slot( slot );
-    /* Prioritize CORRUPTION_DETECTED from wiping over a storage error */
-    if( overall_status == PSA_SUCCESS )
-        overall_status = status;
-    return( overall_status );
-}
-
-void psa_reset_key_attributes( psa_key_attributes_t *attributes )
-{
-    mbedtls_free( attributes->domain_parameters );
-    memset( attributes, 0, sizeof( *attributes ) );
-}
-
-psa_status_t psa_set_key_domain_parameters( psa_key_attributes_t *attributes,
-                                            psa_key_type_t type,
-                                            const uint8_t *data,
-                                            size_t data_length )
-{
-    uint8_t *copy = NULL;
-
-    if( data_length != 0 )
-    {
-        copy = mbedtls_calloc( 1, data_length );
-        if( copy == NULL )
-            return( PSA_ERROR_INSUFFICIENT_MEMORY );
-        memcpy( copy, data, data_length );
-    }
-    /* After this point, this function is guaranteed to succeed, so it
-     * can start modifying `*attributes`. */
-
-    if( attributes->domain_parameters != NULL )
-    {
-        mbedtls_free( attributes->domain_parameters );
-        attributes->domain_parameters = NULL;
-        attributes->domain_parameters_size = 0;
-    }
-
-    attributes->domain_parameters = copy;
-    attributes->domain_parameters_size = data_length;
-    attributes->core.type = type;
-    return( PSA_SUCCESS );
-}
-
-psa_status_t psa_get_key_domain_parameters(
-    const psa_key_attributes_t *attributes,
-    uint8_t *data, size_t data_size, size_t *data_length )
-{
-    if( attributes->domain_parameters_size > data_size )
-        return( PSA_ERROR_BUFFER_TOO_SMALL );
-    *data_length = attributes->domain_parameters_size;
-    if( attributes->domain_parameters_size != 0 )
-        memcpy( data, attributes->domain_parameters,
-                attributes->domain_parameters_size );
-    return( PSA_SUCCESS );
-}
-
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
-    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
-static psa_status_t psa_get_rsa_public_exponent(
-    const mbedtls_rsa_context *rsa,
-    psa_key_attributes_t *attributes )
-{
-    mbedtls_mpi mpi;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    uint8_t *buffer = NULL;
-    size_t buflen;
-    mbedtls_mpi_init( &mpi );
-
-    ret = mbedtls_rsa_export( rsa, NULL, NULL, NULL, NULL, &mpi );
-    if( ret != 0 )
-        goto exit;
-    if( mbedtls_mpi_cmp_int( &mpi, 65537 ) == 0 )
-    {
-        /* It's the default value, which is reported as an empty string,
-         * so there's nothing to do. */
-        goto exit;
-    }
-
-    buflen = mbedtls_mpi_size( &mpi );
-    buffer = mbedtls_calloc( 1, buflen );
-    if( buffer == NULL )
-    {
-        ret = MBEDTLS_ERR_MPI_ALLOC_FAILED;
-        goto exit;
-    }
-    ret = mbedtls_mpi_write_binary( &mpi, buffer, buflen );
-    if( ret != 0 )
-        goto exit;
-    attributes->domain_parameters = buffer;
-    attributes->domain_parameters_size = buflen;
-
-exit:
-    mbedtls_mpi_free( &mpi );
-    if( ret != 0 )
-        mbedtls_free( buffer );
-    return( mbedtls_to_psa_error( ret ) );
-}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
-        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
-
-/** Retrieve all the publicly-accessible attributes of a key.
- */
-psa_status_t psa_get_key_attributes( mbedtls_svc_key_id_t key,
-                                     psa_key_attributes_t *attributes )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_key_slot_t *slot;
-
-    psa_reset_key_attributes( attributes );
-
-    status = psa_get_and_lock_key_slot_with_policy( key, &slot, 0, 0 );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    attributes->core = slot->attr;
-    attributes->core.flags &= ( MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY |
-                                MBEDTLS_PSA_KA_MASK_DUAL_USE );
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    if( psa_key_slot_is_external( slot ) )
-        psa_set_key_slot_number( attributes, slot->data.se.slot_number );
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-
-    switch( slot->attr.type )
-    {
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
-    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
-        case PSA_KEY_TYPE_RSA_KEY_PAIR:
-        case PSA_KEY_TYPE_RSA_PUBLIC_KEY:
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-            /* TODO: reporting the public exponent for opaque keys
-             * is not yet implemented.
-             * https://github.com/ARMmbed/mbed-crypto/issues/216
-             */
-            if( psa_key_slot_is_external( slot ) )
-                break;
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-            {
-                mbedtls_rsa_context *rsa = NULL;
-
-                status = psa_load_rsa_representation( slot->attr.type,
-                                                      slot->data.key.data,
-                                                      slot->data.key.bytes,
-                                                      &rsa );
-                if( status != PSA_SUCCESS )
-                    break;
-
-                status = psa_get_rsa_public_exponent( rsa,
-                                                      attributes );
-                mbedtls_rsa_free( rsa );
-                mbedtls_free( rsa );
-            }
-            break;
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
-        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
-        default:
-            /* Nothing else to do. */
-            break;
-    }
-
-    if( status != PSA_SUCCESS )
-        psa_reset_key_attributes( attributes );
-
-    unlock_status = psa_unlock_key_slot( slot );
-
-    return( ( status == PSA_SUCCESS ) ? unlock_status : status );
-}
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-psa_status_t psa_get_key_slot_number(
-    const psa_key_attributes_t *attributes,
-    psa_key_slot_number_t *slot_number )
-{
-    if( attributes->core.flags & MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER )
-    {
-        *slot_number = attributes->slot_number;
-        return( PSA_SUCCESS );
-    }
-    else
-        return( PSA_ERROR_INVALID_ARGUMENT );
-}
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-
-static psa_status_t psa_internal_export_key_buffer( const psa_key_slot_t *slot,
-                                                    uint8_t *data,
-                                                    size_t data_size,
-                                                    size_t *data_length )
-{
-    if( slot->data.key.bytes > data_size )
-        return( PSA_ERROR_BUFFER_TOO_SMALL );
-    memcpy( data, slot->data.key.data, slot->data.key.bytes );
-    memset( data + slot->data.key.bytes, 0,
-            data_size - slot->data.key.bytes );
-    *data_length = slot->data.key.bytes;
-    return( PSA_SUCCESS );
-}
-
-static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot,
-                                             uint8_t *data,
-                                             size_t data_size,
-                                             size_t *data_length,
-                                             int export_public_key )
-{
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    const psa_drv_se_t *drv;
-    psa_drv_se_context_t *drv_context;
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-
-    *data_length = 0;
-
-    if( export_public_key && ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->attr.type ) )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
-    /* Reject a zero-length output buffer now, since this can never be a
-     * valid key representation. This way we know that data must be a valid
-     * pointer and we can do things like memset(data, ..., data_size). */
-    if( data_size == 0 )
-        return( PSA_ERROR_BUFFER_TOO_SMALL );
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) )
-    {
-        psa_drv_se_export_key_t method;
-        if( drv->key_management == NULL )
-            return( PSA_ERROR_NOT_SUPPORTED );
-        method = ( export_public_key ?
-                   drv->key_management->p_export_public :
-                   drv->key_management->p_export );
-        if( method == NULL )
-            return( PSA_ERROR_NOT_SUPPORTED );
-        return( method( drv_context,
-                        slot->data.se.slot_number,
-                        data, data_size, data_length ) );
-    }
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-
-    if( key_type_is_raw_bytes( slot->attr.type ) )
-    {
-        return( psa_internal_export_key_buffer( slot, data, data_size, data_length ) );
-    }
-    else if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ||
-             PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
-    {
-        if( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->attr.type ) )
-        {
-            /* Exporting public -> public */
-            return( psa_internal_export_key_buffer( slot, data, data_size, data_length ) );
-        }
-        else if( !export_public_key )
-        {
-            /* Exporting private -> private */
-            return( psa_internal_export_key_buffer( slot, data, data_size, data_length ) );
-        }
-
-        /* Need to export the public part of a private key,
-         * so conversion is needed. Try the accelerators first. */
-        psa_status_t status = psa_driver_wrapper_export_public_key( slot,
-                                                                    data,
-                                                                    data_size,
-                                                                    data_length );
-
-        if( status != PSA_ERROR_NOT_SUPPORTED ||
-            psa_key_lifetime_is_external( slot->attr.lifetime ) )
-            return( status );
-
-        if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
-        {
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
-    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
-            mbedtls_rsa_context *rsa = NULL;
-            status = psa_load_rsa_representation(
-                                    slot->attr.type,
-                                    slot->data.key.data,
-                                    slot->data.key.bytes,
-                                    &rsa );
-            if( status != PSA_SUCCESS )
-                return( status );
-
-            status = psa_export_rsa_key( PSA_KEY_TYPE_RSA_PUBLIC_KEY,
-                                         rsa,
-                                         data,
-                                         data_size,
-                                         data_length );
-
-            mbedtls_rsa_free( rsa );
-            mbedtls_free( rsa );
-
-            return( status );
-#else
-            /* We don't know how to convert a private RSA key to public. */
-            return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
-        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
-        }
-        else
-        {
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
-    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
-            mbedtls_ecp_keypair *ecp = NULL;
-            status = psa_load_ecp_representation(
-                                    slot->attr.type,
-                                    slot->data.key.data,
-                                    slot->data.key.bytes,
-                                    &ecp );
-            if( status != PSA_SUCCESS )
-                return( status );
-
-            status = psa_export_ecp_key( PSA_KEY_TYPE_ECC_PUBLIC_KEY(
-                                            PSA_KEY_TYPE_ECC_GET_FAMILY(
-                                                slot->attr.type ) ),
-                                         ecp,
-                                         data,
-                                         data_size,
-                                         data_length );
-
-            mbedtls_ecp_keypair_free( ecp );
-            mbedtls_free( ecp );
-            return( status );
-#else
-            /* We don't know how to convert a private ECC key to public */
-            return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
-        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */
-        }
-    }
-    else
-    {
-        /* This shouldn't happen in the reference implementation, but
-           it is valid for a special-purpose implementation to omit
-           support for exporting certain key types. */
-        return( PSA_ERROR_NOT_SUPPORTED );
-    }
-}
-
-psa_status_t psa_export_key( mbedtls_svc_key_id_t key,
-                             uint8_t *data,
-                             size_t data_size,
-                             size_t *data_length )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_key_slot_t *slot;
-
-    /* Set the key to empty now, so that even when there are errors, we always
-     * set data_length to a value between 0 and data_size. On error, setting
-     * the key to empty is a good choice because an empty key representation is
-     * unlikely to be accepted anywhere. */
-    *data_length = 0;
-
-    /* Export requires the EXPORT flag. There is an exception for public keys,
-     * which don't require any flag, but
-     * psa_get_and_lock_key_slot_with_policy() takes care of this.
-     */
-    status = psa_get_and_lock_key_slot_with_policy( key, &slot,
-                                                    PSA_KEY_USAGE_EXPORT, 0 );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    status = psa_internal_export_key( slot, data, data_size, data_length, 0 );
-    unlock_status = psa_unlock_key_slot( slot );
-
-    return( ( status == PSA_SUCCESS ) ? unlock_status : status );
-}
-
-psa_status_t psa_export_public_key( mbedtls_svc_key_id_t key,
-                                    uint8_t *data,
-                                    size_t data_size,
-                                    size_t *data_length )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_key_slot_t *slot;
-
-    /* Set the key to empty now, so that even when there are errors, we always
-     * set data_length to a value between 0 and data_size. On error, setting
-     * the key to empty is a good choice because an empty key representation is
-     * unlikely to be accepted anywhere. */
-    *data_length = 0;
-
-    /* Exporting a public key doesn't require a usage flag. */
-    status = psa_get_and_lock_key_slot_with_policy( key, &slot, 0, 0 );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    status = psa_internal_export_key( slot, data, data_size, data_length, 1 );
-    unlock_status = psa_unlock_key_slot( slot );
-
-    return( ( status == PSA_SUCCESS ) ? unlock_status : status );
-}
-
-#if defined(static_assert)
-static_assert( ( MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE ) == 0,
-               "One or more key attribute flag is listed as both external-only and dual-use" );
-static_assert( ( PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE ) == 0,
-               "One or more key attribute flag is listed as both internal-only and dual-use" );
-static_assert( ( PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ) == 0,
-               "One or more key attribute flag is listed as both internal-only and external-only" );
-#endif
-
-/** Validate that a key policy is internally well-formed.
- *
- * This function only rejects invalid policies. It does not validate the
- * consistency of the policy with respect to other attributes of the key
- * such as the key type.
- */
-static psa_status_t psa_validate_key_policy( const psa_key_policy_t *policy )
-{
-    if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT |
-                             PSA_KEY_USAGE_COPY |
-                             PSA_KEY_USAGE_ENCRYPT |
-                             PSA_KEY_USAGE_DECRYPT |
-                             PSA_KEY_USAGE_SIGN_HASH |
-                             PSA_KEY_USAGE_VERIFY_HASH |
-                             PSA_KEY_USAGE_DERIVE ) ) != 0 )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
-    return( PSA_SUCCESS );
-}
-
-/** Validate the internal consistency of key attributes.
- *
- * This function only rejects invalid attribute values. If does not
- * validate the consistency of the attributes with any key data that may
- * be involved in the creation of the key.
- *
- * Call this function early in the key creation process.
- *
- * \param[in] attributes    Key attributes for the new key.
- * \param[out] p_drv        On any return, the driver for the key, if any.
- *                          NULL for a transparent key.
- *
- */
-static psa_status_t psa_validate_key_attributes(
-    const psa_key_attributes_t *attributes,
-    psa_se_drv_table_entry_t **p_drv )
-{
-    psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
-    psa_key_lifetime_t lifetime = psa_get_key_lifetime( attributes );
-    mbedtls_svc_key_id_t key = psa_get_key_id( attributes );
-
-    status = psa_validate_key_location( lifetime, p_drv );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    status = psa_validate_key_persistence( lifetime );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    if ( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
-    {
-        if( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ) != 0 )
-            return( PSA_ERROR_INVALID_ARGUMENT );
-    }
-    else
-    {
-        status = psa_validate_key_id( psa_get_key_id( attributes ), 0 );
-        if( status != PSA_SUCCESS )
-            return( status );
-    }
-
-    status = psa_validate_key_policy( &attributes->core.policy );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    /* Refuse to create overly large keys.
-     * Note that this doesn't trigger on import if the attributes don't
-     * explicitly specify a size (so psa_get_key_bits returns 0), so
-     * psa_import_key() needs its own checks. */
-    if( psa_get_key_bits( attributes ) > PSA_MAX_KEY_BITS )
-        return( PSA_ERROR_NOT_SUPPORTED );
-
-    /* Reject invalid flags. These should not be reachable through the API. */
-    if( attributes->core.flags & ~ ( MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY |
-                                     MBEDTLS_PSA_KA_MASK_DUAL_USE ) )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
-    return( PSA_SUCCESS );
-}
-
-/** Prepare a key slot to receive key material.
- *
- * This function allocates a key slot and sets its metadata.
- *
- * If this function fails, call psa_fail_key_creation().
- *
- * This function is intended to be used as follows:
- * -# Call psa_start_key_creation() to allocate a key slot, prepare
- *    it with the specified attributes, and in case of a volatile key assign it
- *    a volatile key identifier.
- * -# Populate the slot with the key material.
- * -# Call psa_finish_key_creation() to finalize the creation of the slot.
- * In case of failure at any step, stop the sequence and call
- * psa_fail_key_creation().
- *
- * On success, the key slot is locked. It is the responsibility of the caller
- * to unlock the key slot when it does not access it anymore.
- *
- * \param method            An identification of the calling function.
- * \param[in] attributes    Key attributes for the new key.
- * \param[out] p_slot       On success, a pointer to the prepared slot.
- * \param[out] p_drv        On any return, the driver for the key, if any.
- *                          NULL for a transparent key.
- *
- * \retval #PSA_SUCCESS
- *         The key slot is ready to receive key material.
- * \return If this function fails, the key slot is an invalid state.
- *         You must call psa_fail_key_creation() to wipe and free the slot.
- */
-static psa_status_t psa_start_key_creation(
-    psa_key_creation_method_t method,
-    const psa_key_attributes_t *attributes,
-    psa_key_slot_t **p_slot,
-    psa_se_drv_table_entry_t **p_drv )
-{
-    psa_status_t status;
-    psa_key_id_t volatile_key_id;
-    psa_key_slot_t *slot;
-
-    (void) method;
-    *p_drv = NULL;
-
-    status = psa_validate_key_attributes( attributes, p_drv );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    status = psa_get_empty_key_slot( &volatile_key_id, p_slot );
-    if( status != PSA_SUCCESS )
-        return( status );
-    slot = *p_slot;
-
-    /* We're storing the declared bit-size of the key. It's up to each
-     * creation mechanism to verify that this information is correct.
-     * It's automatically correct for mechanisms that use the bit-size as
-     * an input (generate, device) but not for those where the bit-size
-     * is optional (import, copy). In case of a volatile key, assign it the
-     * volatile key identifier associated to the slot returned to contain its
-     * definition. */
-
-    slot->attr = attributes->core;
-    if( PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) )
-    {
-#if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
-        slot->attr.id = volatile_key_id;
-#else
-        slot->attr.id.key_id = volatile_key_id;
-#endif
-    }
-
-    /* Erase external-only flags from the internal copy. To access
-     * external-only flags, query `attributes`. Thanks to the check
-     * in psa_validate_key_attributes(), this leaves the dual-use
-     * flags and any internal flag that psa_get_empty_key_slot()
-     * may have set. */
-    slot->attr.flags &= ~MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY;
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    /* For a key in a secure element, we need to do three things
-     * when creating or registering a persistent key:
-     * create the key file in internal storage, create the
-     * key inside the secure element, and update the driver's
-     * persistent data. This is done by starting a transaction that will
-     * encompass these three actions.
-     * For registering a volatile key, we just need to find an appropriate
-     * slot number inside the SE. Since the key is designated volatile, creating
-     * a transaction is not required. */
-    /* The first thing to do is to find a slot number for the new key.
-     * We save the slot number in persistent storage as part of the
-     * transaction data. It will be needed to recover if the power
-     * fails during the key creation process, to clean up on the secure
-     * element side after restarting. Obtaining a slot number from the
-     * secure element driver updates its persistent state, but we do not yet
-     * save the driver's persistent state, so that if the power fails,
-     * we can roll back to a state where the key doesn't exist. */
-    if( *p_drv != NULL )
-    {
-        status = psa_find_se_slot_for_key( attributes, method, *p_drv,
-                                           &slot->data.se.slot_number );
-        if( status != PSA_SUCCESS )
-            return( status );
-
-        if( ! PSA_KEY_LIFETIME_IS_VOLATILE( attributes->core.lifetime ) )
-        {
-            psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_CREATE_KEY );
-            psa_crypto_transaction.key.lifetime = slot->attr.lifetime;
-            psa_crypto_transaction.key.slot = slot->data.se.slot_number;
-            psa_crypto_transaction.key.id = slot->attr.id;
-            status = psa_crypto_save_transaction( );
-            if( status != PSA_SUCCESS )
-            {
-                (void) psa_crypto_stop_transaction( );
-                return( status );
-            }
-        }
-    }
-
-    if( *p_drv == NULL && method == PSA_KEY_CREATION_REGISTER )
-    {
-        /* Key registration only makes sense with a secure element. */
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    }
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-
-    return( PSA_SUCCESS );
-}
-
-/** Finalize the creation of a key once its key material has been set.
- *
- * This entails writing the key to persistent storage.
- *
- * If this function fails, call psa_fail_key_creation().
- * See the documentation of psa_start_key_creation() for the intended use
- * of this function.
- *
- * If the finalization succeeds, the function unlocks the key slot (it was
- * locked by psa_start_key_creation()) and the key slot cannot be accessed
- * anymore as part of the key creation process.
- *
- * \param[in,out] slot  Pointer to the slot with key material.
- * \param[in] driver    The secure element driver for the key,
- *                      or NULL for a transparent key.
- * \param[out] key      On success, identifier of the key. Note that the
- *                      key identifier is also stored in the key slot.
- *
- * \retval #PSA_SUCCESS
- *         The key was successfully created.
- * \return If this function fails, the key slot is an invalid state.
- *         You must call psa_fail_key_creation() to wipe and free the slot.
- */
-static psa_status_t psa_finish_key_creation(
-    psa_key_slot_t *slot,
-    psa_se_drv_table_entry_t *driver,
-    mbedtls_svc_key_id_t *key)
-{
-    psa_status_t status = PSA_SUCCESS;
-    (void) slot;
-    (void) driver;
-
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-    if( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) )
-    {
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-        if( driver != NULL )
-        {
-            psa_se_key_data_storage_t data;
-#if defined(static_assert)
-            static_assert( sizeof( slot->data.se.slot_number ) ==
-                           sizeof( data.slot_number ),
-                           "Slot number size does not match psa_se_key_data_storage_t" );
-#endif
-            memcpy( &data.slot_number, &slot->data.se.slot_number,
-                    sizeof( slot->data.se.slot_number ) );
-            status = psa_save_persistent_key( &slot->attr,
-                                              (uint8_t*) &data,
-                                              sizeof( data ) );
-        }
-        else
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-        {
-            /* Key material is saved in export representation in the slot, so
-             * just pass the slot buffer for storage. */
-            status = psa_save_persistent_key( &slot->attr,
-                                              slot->data.key.data,
-                                              slot->data.key.bytes );
-        }
-    }
-#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    /* Finish the transaction for a key creation. This does not
-     * happen when registering an existing key. Detect this case
-     * by checking whether a transaction is in progress (actual
-     * creation of a persistent key in a secure element requires a transaction,
-     * but registration or volatile key creation doesn't use one). */
-    if( driver != NULL &&
-        psa_crypto_transaction.unknown.type == PSA_CRYPTO_TRANSACTION_CREATE_KEY )
-    {
-        status = psa_save_se_persistent_data( driver );
-        if( status != PSA_SUCCESS )
-        {
-            psa_destroy_persistent_key( slot->attr.id );
-            return( status );
-        }
-        status = psa_crypto_stop_transaction( );
-    }
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-
-    if( status == PSA_SUCCESS )
-    {
-        *key = slot->attr.id;
-        status = psa_unlock_key_slot( slot );
-        if( status != PSA_SUCCESS )
-            *key = MBEDTLS_SVC_KEY_ID_INIT;
-    }
-
-    return( status );
-}
-
-/** Abort the creation of a key.
- *
- * You may call this function after calling psa_start_key_creation(),
- * or after psa_finish_key_creation() fails. In other circumstances, this
- * function may not clean up persistent storage.
- * See the documentation of psa_start_key_creation() for the intended use
- * of this function.
- *
- * \param[in,out] slot  Pointer to the slot with key material.
- * \param[in] driver    The secure element driver for the key,
- *                      or NULL for a transparent key.
- */
-static void psa_fail_key_creation( psa_key_slot_t *slot,
-                                   psa_se_drv_table_entry_t *driver )
-{
-    (void) driver;
-
-    if( slot == NULL )
-        return;
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    /* TODO: If the key has already been created in the secure
-     * element, and the failure happened later (when saving metadata
-     * to internal storage), we need to destroy the key in the secure
-     * element.
-     * https://github.com/ARMmbed/mbed-crypto/issues/217
-     */
-
-    /* Abort the ongoing transaction if any (there may not be one if
-     * the creation process failed before starting one, or if the
-     * key creation is a registration of a key in a secure element).
-     * Earlier functions must already have done what it takes to undo any
-     * partial creation. All that's left is to update the transaction data
-     * itself. */
-    (void) psa_crypto_stop_transaction( );
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-
-    psa_wipe_key_slot( slot );
-}
-
-/** Validate optional attributes during key creation.
- *
- * Some key attributes are optional during key creation. If they are
- * specified in the attributes structure, check that they are consistent
- * with the data in the slot.
- *
- * This function should be called near the end of key creation, after
- * the slot in memory is fully populated but before saving persistent data.
- */
-static psa_status_t psa_validate_optional_attributes(
-    const psa_key_slot_t *slot,
-    const psa_key_attributes_t *attributes )
-{
-    if( attributes->core.type != 0 )
-    {
-        if( attributes->core.type != slot->attr.type )
-            return( PSA_ERROR_INVALID_ARGUMENT );
-    }
-
-    if( attributes->domain_parameters_size != 0 )
-    {
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
-    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
-        if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
-        {
-            mbedtls_rsa_context *rsa = NULL;
-            mbedtls_mpi actual, required;
-            int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-            psa_status_t status = psa_load_rsa_representation(
-                                    slot->attr.type,
-                                    slot->data.key.data,
-                                    slot->data.key.bytes,
-                                    &rsa );
-            if( status != PSA_SUCCESS )
-                return( status );
-
-            mbedtls_mpi_init( &actual );
-            mbedtls_mpi_init( &required );
-            ret = mbedtls_rsa_export( rsa,
-                                      NULL, NULL, NULL, NULL, &actual );
-            mbedtls_rsa_free( rsa );
-            mbedtls_free( rsa );
-            if( ret != 0 )
-                goto rsa_exit;
-            ret = mbedtls_mpi_read_binary( &required,
-                                           attributes->domain_parameters,
-                                           attributes->domain_parameters_size );
-            if( ret != 0 )
-                goto rsa_exit;
-            if( mbedtls_mpi_cmp_mpi( &actual, &required ) != 0 )
-                ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
-        rsa_exit:
-            mbedtls_mpi_free( &actual );
-            mbedtls_mpi_free( &required );
-            if( ret != 0)
-                return( mbedtls_to_psa_error( ret ) );
-        }
-        else
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
-        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
-        {
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        }
-    }
-
-    if( attributes->core.bits != 0 )
-    {
-        if( attributes->core.bits != slot->attr.bits )
-            return( PSA_ERROR_INVALID_ARGUMENT );
-    }
-
-    return( PSA_SUCCESS );
-}
-
-psa_status_t psa_import_key( const psa_key_attributes_t *attributes,
-                             const uint8_t *data,
-                             size_t data_length,
-                             mbedtls_svc_key_id_t *key )
-{
-    psa_status_t status;
-    psa_key_slot_t *slot = NULL;
-    psa_se_drv_table_entry_t *driver = NULL;
-
-    *key = MBEDTLS_SVC_KEY_ID_INIT;
-
-    /* Reject zero-length symmetric keys (including raw data key objects).
-     * This also rejects any key which might be encoded as an empty string,
-     * which is never valid. */
-    if( data_length == 0 )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
-    status = psa_start_key_creation( PSA_KEY_CREATION_IMPORT, attributes,
-                                     &slot, &driver );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    if( driver != NULL )
-    {
-        const psa_drv_se_t *drv = psa_get_se_driver_methods( driver );
-        /* The driver should set the number of key bits, however in
-         * case it doesn't, we initialize bits to an invalid value. */
-        size_t bits = PSA_MAX_KEY_BITS + 1;
-        if( drv->key_management == NULL ||
-            drv->key_management->p_import == NULL )
-        {
-            status = PSA_ERROR_NOT_SUPPORTED;
-            goto exit;
-        }
-        status = drv->key_management->p_import(
-            psa_get_se_driver_context( driver ),
-            slot->data.se.slot_number, attributes, data, data_length,
-            &bits );
-        if( status != PSA_SUCCESS )
-            goto exit;
-        if( bits > PSA_MAX_KEY_BITS )
-        {
-            status = PSA_ERROR_NOT_SUPPORTED;
-            goto exit;
-        }
-        slot->attr.bits = (psa_key_bits_t) bits;
-    }
-    else
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-    {
-        status = psa_import_key_into_slot( slot, data, data_length );
-        if( status != PSA_SUCCESS )
-            goto exit;
-    }
-    status = psa_validate_optional_attributes( slot, attributes );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    status = psa_finish_key_creation( slot, driver, key );
-exit:
-    if( status != PSA_SUCCESS )
-        psa_fail_key_creation( slot, driver );
-
-    return( status );
-}
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-psa_status_t mbedtls_psa_register_se_key(
-    const psa_key_attributes_t *attributes )
-{
-    psa_status_t status;
-    psa_key_slot_t *slot = NULL;
-    psa_se_drv_table_entry_t *driver = NULL;
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-
-    /* Leaving attributes unspecified is not currently supported.
-     * It could make sense to query the key type and size from the
-     * secure element, but not all secure elements support this
-     * and the driver HAL doesn't currently support it. */
-    if( psa_get_key_type( attributes ) == PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_NOT_SUPPORTED );
-    if( psa_get_key_bits( attributes ) == 0 )
-        return( PSA_ERROR_NOT_SUPPORTED );
-
-    status = psa_start_key_creation( PSA_KEY_CREATION_REGISTER, attributes,
-                                     &slot, &driver );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    status = psa_finish_key_creation( slot, driver, &key );
-
-exit:
-    if( status != PSA_SUCCESS )
-        psa_fail_key_creation( slot, driver );
-
-    /* Registration doesn't keep the key in RAM. */
-    psa_close_key( key );
-    return( status );
-}
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-
-static psa_status_t psa_copy_key_material( const psa_key_slot_t *source,
-                                           psa_key_slot_t *target )
-{
-    psa_status_t status = psa_copy_key_material_into_slot( target,
-                                                           source->data.key.data,
-                                                           source->data.key.bytes );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    target->attr.type = source->attr.type;
-    target->attr.bits = source->attr.bits;
-
-    return( PSA_SUCCESS );
-}
-
-psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key,
-                           const psa_key_attributes_t *specified_attributes,
-                           mbedtls_svc_key_id_t *target_key )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_key_slot_t *source_slot = NULL;
-    psa_key_slot_t *target_slot = NULL;
-    psa_key_attributes_t actual_attributes = *specified_attributes;
-    psa_se_drv_table_entry_t *driver = NULL;
-
-    *target_key = MBEDTLS_SVC_KEY_ID_INIT;
-
-    status = psa_get_and_lock_transparent_key_slot_with_policy(
-                 source_key, &source_slot, PSA_KEY_USAGE_COPY, 0 );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    status = psa_validate_optional_attributes( source_slot,
-                                               specified_attributes );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    status = psa_restrict_key_policy( &actual_attributes.core.policy,
-                                      &source_slot->attr.policy );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    status = psa_start_key_creation( PSA_KEY_CREATION_COPY, &actual_attributes,
-                                     &target_slot, &driver );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    if( driver != NULL )
-    {
-        /* Copying to a secure element is not implemented yet. */
-        status = PSA_ERROR_NOT_SUPPORTED;
-        goto exit;
-    }
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-
-    status = psa_copy_key_material( source_slot, target_slot );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    status = psa_finish_key_creation( target_slot, driver, target_key );
-exit:
-    if( status != PSA_SUCCESS )
-        psa_fail_key_creation( target_slot, driver );
-
-    unlock_status = psa_unlock_key_slot( source_slot );
-
-    return( ( status == PSA_SUCCESS ) ? unlock_status : status );
-}
-
-
-
-/****************************************************************/
-/* Message digests */
-/****************************************************************/
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
-static const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg )
-{
-    switch( alg )
-    {
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
-        case PSA_ALG_MD2:
-            return( &mbedtls_md2_info );
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
-        case PSA_ALG_MD4:
-            return( &mbedtls_md4_info );
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
-        case PSA_ALG_MD5:
-            return( &mbedtls_md5_info );
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
-        case PSA_ALG_RIPEMD160:
-            return( &mbedtls_ripemd160_info );
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
-        case PSA_ALG_SHA_1:
-            return( &mbedtls_sha1_info );
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
-        case PSA_ALG_SHA_224:
-            return( &mbedtls_sha224_info );
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
-        case PSA_ALG_SHA_256:
-            return( &mbedtls_sha256_info );
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
-        case PSA_ALG_SHA_384:
-            return( &mbedtls_sha384_info );
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
-        case PSA_ALG_SHA_512:
-            return( &mbedtls_sha512_info );
-#endif
-        default:
-            return( NULL );
-    }
-}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
-        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
-        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ||
-        * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
-
-psa_status_t psa_hash_abort( psa_hash_operation_t *operation )
-{
-    switch( operation->alg )
-    {
-        case 0:
-            /* The object has (apparently) been initialized but it is not
-             * in use. It's ok to call abort on such an object, and there's
-             * nothing to do. */
-            break;
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
-        case PSA_ALG_MD2:
-            mbedtls_md2_free( &operation->ctx.md2 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
-        case PSA_ALG_MD4:
-            mbedtls_md4_free( &operation->ctx.md4 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
-        case PSA_ALG_MD5:
-            mbedtls_md5_free( &operation->ctx.md5 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
-        case PSA_ALG_RIPEMD160:
-            mbedtls_ripemd160_free( &operation->ctx.ripemd160 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
-        case PSA_ALG_SHA_1:
-            mbedtls_sha1_free( &operation->ctx.sha1 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
-        case PSA_ALG_SHA_224:
-            mbedtls_sha256_free( &operation->ctx.sha256 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
-        case PSA_ALG_SHA_256:
-            mbedtls_sha256_free( &operation->ctx.sha256 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
-        case PSA_ALG_SHA_384:
-            mbedtls_sha512_free( &operation->ctx.sha512 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
-        case PSA_ALG_SHA_512:
-            mbedtls_sha512_free( &operation->ctx.sha512 );
-            break;
-#endif
-        default:
-            return( PSA_ERROR_BAD_STATE );
-    }
-    operation->alg = 0;
-    return( PSA_SUCCESS );
-}
-
-psa_status_t psa_hash_setup( psa_hash_operation_t *operation,
-                             psa_algorithm_t alg )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    /* A context must be freshly initialized before it can be set up. */
-    if( operation->alg != 0 )
-    {
-        return( PSA_ERROR_BAD_STATE );
-    }
-
-    switch( alg )
-    {
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
-        case PSA_ALG_MD2:
-            mbedtls_md2_init( &operation->ctx.md2 );
-            ret = mbedtls_md2_starts_ret( &operation->ctx.md2 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
-        case PSA_ALG_MD4:
-            mbedtls_md4_init( &operation->ctx.md4 );
-            ret = mbedtls_md4_starts_ret( &operation->ctx.md4 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
-        case PSA_ALG_MD5:
-            mbedtls_md5_init( &operation->ctx.md5 );
-            ret = mbedtls_md5_starts_ret( &operation->ctx.md5 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
-        case PSA_ALG_RIPEMD160:
-            mbedtls_ripemd160_init( &operation->ctx.ripemd160 );
-            ret = mbedtls_ripemd160_starts_ret( &operation->ctx.ripemd160 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
-        case PSA_ALG_SHA_1:
-            mbedtls_sha1_init( &operation->ctx.sha1 );
-            ret = mbedtls_sha1_starts_ret( &operation->ctx.sha1 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
-        case PSA_ALG_SHA_224:
-            mbedtls_sha256_init( &operation->ctx.sha256 );
-            ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 1 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
-        case PSA_ALG_SHA_256:
-            mbedtls_sha256_init( &operation->ctx.sha256 );
-            ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 0 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
-        case PSA_ALG_SHA_384:
-            mbedtls_sha512_init( &operation->ctx.sha512 );
-            ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 1 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
-        case PSA_ALG_SHA_512:
-            mbedtls_sha512_init( &operation->ctx.sha512 );
-            ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 0 );
-            break;
-#endif
-        default:
-            return( PSA_ALG_IS_HASH( alg ) ?
-                    PSA_ERROR_NOT_SUPPORTED :
-                    PSA_ERROR_INVALID_ARGUMENT );
-    }
-    if( ret == 0 )
-        operation->alg = alg;
-    else
-        psa_hash_abort( operation );
-    return( mbedtls_to_psa_error( ret ) );
-}
-
-psa_status_t psa_hash_update( psa_hash_operation_t *operation,
-                              const uint8_t *input,
-                              size_t input_length )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    /* Don't require hash implementations to behave correctly on a
-     * zero-length input, which may have an invalid pointer. */
-    if( input_length == 0 )
-        return( PSA_SUCCESS );
-
-    switch( operation->alg )
-    {
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
-        case PSA_ALG_MD2:
-            ret = mbedtls_md2_update_ret( &operation->ctx.md2,
-                                          input, input_length );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
-        case PSA_ALG_MD4:
-            ret = mbedtls_md4_update_ret( &operation->ctx.md4,
-                                          input, input_length );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
-        case PSA_ALG_MD5:
-            ret = mbedtls_md5_update_ret( &operation->ctx.md5,
-                                          input, input_length );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
-        case PSA_ALG_RIPEMD160:
-            ret = mbedtls_ripemd160_update_ret( &operation->ctx.ripemd160,
-                                                input, input_length );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
-        case PSA_ALG_SHA_1:
-            ret = mbedtls_sha1_update_ret( &operation->ctx.sha1,
-                                           input, input_length );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
-        case PSA_ALG_SHA_224:
-            ret = mbedtls_sha256_update_ret( &operation->ctx.sha256,
-                                             input, input_length );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
-        case PSA_ALG_SHA_256:
-            ret = mbedtls_sha256_update_ret( &operation->ctx.sha256,
-                                             input, input_length );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
-        case PSA_ALG_SHA_384:
-            ret = mbedtls_sha512_update_ret( &operation->ctx.sha512,
-                                             input, input_length );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
-        case PSA_ALG_SHA_512:
-            ret = mbedtls_sha512_update_ret( &operation->ctx.sha512,
-                                             input, input_length );
-            break;
-#endif
-        default:
-            (void)input;
-            return( PSA_ERROR_BAD_STATE );
-    }
-
-    if( ret != 0 )
-        psa_hash_abort( operation );
-    return( mbedtls_to_psa_error( ret ) );
-}
-
-psa_status_t psa_hash_finish( psa_hash_operation_t *operation,
-                              uint8_t *hash,
-                              size_t hash_size,
-                              size_t *hash_length )
-{
-    psa_status_t status;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t actual_hash_length = PSA_HASH_SIZE( operation->alg );
-
-    /* Fill the output buffer with something that isn't a valid hash
-     * (barring an attack on the hash and deliberately-crafted input),
-     * in case the caller doesn't check the return status properly. */
-    *hash_length = hash_size;
-    /* If hash_size is 0 then hash may be NULL and then the
-     * call to memset would have undefined behavior. */
-    if( hash_size != 0 )
-        memset( hash, '!', hash_size );
-
-    if( hash_size < actual_hash_length )
-    {
-        status = PSA_ERROR_BUFFER_TOO_SMALL;
-        goto exit;
-    }
-
-    switch( operation->alg )
-    {
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
-        case PSA_ALG_MD2:
-            ret = mbedtls_md2_finish_ret( &operation->ctx.md2, hash );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
-        case PSA_ALG_MD4:
-            ret = mbedtls_md4_finish_ret( &operation->ctx.md4, hash );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
-        case PSA_ALG_MD5:
-            ret = mbedtls_md5_finish_ret( &operation->ctx.md5, hash );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
-        case PSA_ALG_RIPEMD160:
-            ret = mbedtls_ripemd160_finish_ret( &operation->ctx.ripemd160, hash );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
-        case PSA_ALG_SHA_1:
-            ret = mbedtls_sha1_finish_ret( &operation->ctx.sha1, hash );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
-        case PSA_ALG_SHA_224:
-            ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
-        case PSA_ALG_SHA_256:
-            ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
-        case PSA_ALG_SHA_384:
-            ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
-        case PSA_ALG_SHA_512:
-            ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash );
-            break;
-#endif
-        default:
-            return( PSA_ERROR_BAD_STATE );
-    }
-    status = mbedtls_to_psa_error( ret );
-
-exit:
-    if( status == PSA_SUCCESS )
-    {
-        *hash_length = actual_hash_length;
-        return( psa_hash_abort( operation ) );
-    }
-    else
-    {
-        psa_hash_abort( operation );
-        return( status );
-    }
-}
-
-psa_status_t psa_hash_verify( psa_hash_operation_t *operation,
-                              const uint8_t *hash,
-                              size_t hash_length )
-{
-    uint8_t actual_hash[MBEDTLS_MD_MAX_SIZE];
-    size_t actual_hash_length;
-    psa_status_t status = psa_hash_finish( operation,
-                                           actual_hash, sizeof( actual_hash ),
-                                           &actual_hash_length );
-    if( status != PSA_SUCCESS )
-        return( status );
-    if( actual_hash_length != hash_length )
-        return( PSA_ERROR_INVALID_SIGNATURE );
-    if( safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 )
-        return( PSA_ERROR_INVALID_SIGNATURE );
-    return( PSA_SUCCESS );
-}
-
-psa_status_t psa_hash_compute( psa_algorithm_t alg,
-                               const uint8_t *input, size_t input_length,
-                               uint8_t *hash, size_t hash_size,
-                               size_t *hash_length )
-{
-    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-
-    *hash_length = hash_size;
-    status = psa_hash_setup( &operation, alg );
-    if( status != PSA_SUCCESS )
-        goto exit;
-    status = psa_hash_update( &operation, input, input_length );
-    if( status != PSA_SUCCESS )
-        goto exit;
-    status = psa_hash_finish( &operation, hash, hash_size, hash_length );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-exit:
-    if( status == PSA_SUCCESS )
-        status = psa_hash_abort( &operation );
-    else
-        psa_hash_abort( &operation );
-    return( status );
-}
-
-psa_status_t psa_hash_compare( psa_algorithm_t alg,
-                               const uint8_t *input, size_t input_length,
-                               const uint8_t *hash, size_t hash_length )
-{
-    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-
-    status = psa_hash_setup( &operation, alg );
-    if( status != PSA_SUCCESS )
-        goto exit;
-    status = psa_hash_update( &operation, input, input_length );
-    if( status != PSA_SUCCESS )
-        goto exit;
-    status = psa_hash_verify( &operation, hash, hash_length );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-exit:
-    if( status == PSA_SUCCESS )
-        status = psa_hash_abort( &operation );
-    else
-        psa_hash_abort( &operation );
-    return( status );
-}
-
-psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation,
-                             psa_hash_operation_t *target_operation )
-{
-    if( target_operation->alg != 0 )
-        return( PSA_ERROR_BAD_STATE );
-
-    switch( source_operation->alg )
-    {
-        case 0:
-            return( PSA_ERROR_BAD_STATE );
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
-        case PSA_ALG_MD2:
-            mbedtls_md2_clone( &target_operation->ctx.md2,
-                               &source_operation->ctx.md2 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
-        case PSA_ALG_MD4:
-            mbedtls_md4_clone( &target_operation->ctx.md4,
-                               &source_operation->ctx.md4 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
-        case PSA_ALG_MD5:
-            mbedtls_md5_clone( &target_operation->ctx.md5,
-                               &source_operation->ctx.md5 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
-        case PSA_ALG_RIPEMD160:
-            mbedtls_ripemd160_clone( &target_operation->ctx.ripemd160,
-                                     &source_operation->ctx.ripemd160 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
-        case PSA_ALG_SHA_1:
-            mbedtls_sha1_clone( &target_operation->ctx.sha1,
-                                &source_operation->ctx.sha1 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
-        case PSA_ALG_SHA_224:
-            mbedtls_sha256_clone( &target_operation->ctx.sha256,
-                                  &source_operation->ctx.sha256 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
-        case PSA_ALG_SHA_256:
-            mbedtls_sha256_clone( &target_operation->ctx.sha256,
-                                  &source_operation->ctx.sha256 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
-        case PSA_ALG_SHA_384:
-            mbedtls_sha512_clone( &target_operation->ctx.sha512,
-                                  &source_operation->ctx.sha512 );
-            break;
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
-        case PSA_ALG_SHA_512:
-            mbedtls_sha512_clone( &target_operation->ctx.sha512,
-                                  &source_operation->ctx.sha512 );
-            break;
-#endif
-        default:
-            return( PSA_ERROR_NOT_SUPPORTED );
-    }
-
-    target_operation->alg = source_operation->alg;
-    return( PSA_SUCCESS );
-}
-
-
-/****************************************************************/
-/* MAC */
-/****************************************************************/
-
-static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
-    psa_algorithm_t alg,
-    psa_key_type_t key_type,
-    size_t key_bits,
-    mbedtls_cipher_id_t* cipher_id )
-{
-    mbedtls_cipher_mode_t mode;
-    mbedtls_cipher_id_t cipher_id_tmp;
-
-    if( PSA_ALG_IS_AEAD( alg ) )
-        alg = PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 0 );
-
-    if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) )
-    {
-        switch( alg )
-        {
-            case PSA_ALG_STREAM_CIPHER:
-                mode = MBEDTLS_MODE_STREAM;
-                break;
-            case PSA_ALG_CTR:
-                mode = MBEDTLS_MODE_CTR;
-                break;
-            case PSA_ALG_CFB:
-                mode = MBEDTLS_MODE_CFB;
-                break;
-            case PSA_ALG_OFB:
-                mode = MBEDTLS_MODE_OFB;
-                break;
-            case PSA_ALG_ECB_NO_PADDING:
-                mode = MBEDTLS_MODE_ECB;
-                break;
-            case PSA_ALG_CBC_NO_PADDING:
-                mode = MBEDTLS_MODE_CBC;
-                break;
-            case PSA_ALG_CBC_PKCS7:
-                mode = MBEDTLS_MODE_CBC;
-                break;
-            case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 0 ):
-                mode = MBEDTLS_MODE_CCM;
-                break;
-            case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 0 ):
-                mode = MBEDTLS_MODE_GCM;
-                break;
-            case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CHACHA20_POLY1305, 0 ):
-                mode = MBEDTLS_MODE_CHACHAPOLY;
-                break;
-            default:
-                return( NULL );
-        }
-    }
-    else if( alg == PSA_ALG_CMAC )
-        mode = MBEDTLS_MODE_ECB;
-    else
-        return( NULL );
-
-    switch( key_type )
-    {
-        case PSA_KEY_TYPE_AES:
-            cipher_id_tmp = MBEDTLS_CIPHER_ID_AES;
-            break;
-        case PSA_KEY_TYPE_DES:
-            /* key_bits is 64 for Single-DES, 128 for two-key Triple-DES,
-             * and 192 for three-key Triple-DES. */
-            if( key_bits == 64 )
-                cipher_id_tmp = MBEDTLS_CIPHER_ID_DES;
-            else
-                cipher_id_tmp = MBEDTLS_CIPHER_ID_3DES;
-            /* mbedtls doesn't recognize two-key Triple-DES as an algorithm,
-             * but two-key Triple-DES is functionally three-key Triple-DES
-             * with K1=K3, so that's how we present it to mbedtls. */
-            if( key_bits == 128 )
-                key_bits = 192;
-            break;
-        case PSA_KEY_TYPE_CAMELLIA:
-            cipher_id_tmp = MBEDTLS_CIPHER_ID_CAMELLIA;
-            break;
-        case PSA_KEY_TYPE_ARC4:
-            cipher_id_tmp = MBEDTLS_CIPHER_ID_ARC4;
-            break;
-        case PSA_KEY_TYPE_CHACHA20:
-            cipher_id_tmp = MBEDTLS_CIPHER_ID_CHACHA20;
-            break;
-        default:
-            return( NULL );
-    }
-    if( cipher_id != NULL )
-        *cipher_id = cipher_id_tmp;
-
-    return( mbedtls_cipher_info_from_values( cipher_id_tmp,
-                                             (int) key_bits, mode ) );
-}
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
-static size_t psa_get_hash_block_size( psa_algorithm_t alg )
-{
-    switch( alg )
-    {
-        case PSA_ALG_MD2:
-            return( 16 );
-        case PSA_ALG_MD4:
-            return( 64 );
-        case PSA_ALG_MD5:
-            return( 64 );
-        case PSA_ALG_RIPEMD160:
-            return( 64 );
-        case PSA_ALG_SHA_1:
-            return( 64 );
-        case PSA_ALG_SHA_224:
-            return( 64 );
-        case PSA_ALG_SHA_256:
-            return( 64 );
-        case PSA_ALG_SHA_384:
-            return( 128 );
-        case PSA_ALG_SHA_512:
-            return( 128 );
-        default:
-            return( 0 );
-    }
-}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) */
-
-/* Initialize the MAC operation structure. Once this function has been
- * called, psa_mac_abort can run and will do the right thing. */
-static psa_status_t psa_mac_init( psa_mac_operation_t *operation,
-                                  psa_algorithm_t alg )
-{
-    psa_status_t status = PSA_ERROR_NOT_SUPPORTED;
-
-    operation->alg = alg;
-    operation->key_set = 0;
-    operation->iv_set = 0;
-    operation->iv_required = 0;
-    operation->has_input = 0;
-    operation->is_sign = 0;
-
-#if defined(MBEDTLS_CMAC_C)
-    if( alg == PSA_ALG_CMAC )
-    {
-        operation->iv_required = 0;
-        mbedtls_cipher_init( &operation->ctx.cmac );
-        status = PSA_SUCCESS;
-    }
-    else
-#endif /* MBEDTLS_CMAC_C */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
-    if( PSA_ALG_IS_HMAC( operation->alg ) )
-    {
-        /* We'll set up the hash operation later in psa_hmac_setup_internal. */
-        operation->ctx.hmac.hash_ctx.alg = 0;
-        status = PSA_SUCCESS;
-    }
-    else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
-    {
-        if( ! PSA_ALG_IS_MAC( alg ) )
-            status = PSA_ERROR_INVALID_ARGUMENT;
-    }
-
-    if( status != PSA_SUCCESS )
-        memset( operation, 0, sizeof( *operation ) );
-    return( status );
-}
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
-static psa_status_t psa_hmac_abort_internal( psa_hmac_internal_data *hmac )
-{
-    mbedtls_platform_zeroize( hmac->opad, sizeof( hmac->opad ) );
-    return( psa_hash_abort( &hmac->hash_ctx ) );
-}
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
-
-psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
-{
-    if( operation->alg == 0 )
-    {
-        /* The object has (apparently) been initialized but it is not
-         * in use. It's ok to call abort on such an object, and there's
-         * nothing to do. */
-        return( PSA_SUCCESS );
-    }
-    else
-#if defined(MBEDTLS_CMAC_C)
-    if( operation->alg == PSA_ALG_CMAC )
-    {
-        mbedtls_cipher_free( &operation->ctx.cmac );
-    }
-    else
-#endif /* MBEDTLS_CMAC_C */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
-    if( PSA_ALG_IS_HMAC( operation->alg ) )
-    {
-        psa_hmac_abort_internal( &operation->ctx.hmac );
-    }
-    else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
-    {
-        /* Sanity check (shouldn't happen: operation->alg should
-         * always have been initialized to a valid value). */
-        goto bad_state;
-    }
-
-    operation->alg = 0;
-    operation->key_set = 0;
-    operation->iv_set = 0;
-    operation->iv_required = 0;
-    operation->has_input = 0;
-    operation->is_sign = 0;
-
-    return( PSA_SUCCESS );
-
-bad_state:
-    /* If abort is called on an uninitialized object, we can't trust
-     * anything. Wipe the object in case it contains confidential data.
-     * This may result in a memory leak if a pointer gets overwritten,
-     * but it's too late to do anything about this. */
-    memset( operation, 0, sizeof( *operation ) );
-    return( PSA_ERROR_BAD_STATE );
-}
-
-#if defined(MBEDTLS_CMAC_C)
-static int psa_cmac_setup( psa_mac_operation_t *operation,
-                           size_t key_bits,
-                           psa_key_slot_t *slot,
-                           const mbedtls_cipher_info_t *cipher_info )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    operation->mac_size = cipher_info->block_size;
-
-    ret = mbedtls_cipher_setup( &operation->ctx.cmac, cipher_info );
-    if( ret != 0 )
-        return( ret );
-
-    ret = mbedtls_cipher_cmac_starts( &operation->ctx.cmac,
-                                      slot->data.key.data,
-                                      key_bits );
-    return( ret );
-}
-#endif /* MBEDTLS_CMAC_C */
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
-static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac,
-                                             const uint8_t *key,
-                                             size_t key_length,
-                                             psa_algorithm_t hash_alg )
-{
-    uint8_t ipad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
-    size_t i;
-    size_t hash_size = PSA_HASH_SIZE( hash_alg );
-    size_t block_size = psa_get_hash_block_size( hash_alg );
-    psa_status_t status;
-
-    /* Sanity checks on block_size, to guarantee that there won't be a buffer
-     * overflow below. This should never trigger if the hash algorithm
-     * is implemented correctly. */
-    /* The size checks against the ipad and opad buffers cannot be written
-     * `block_size > sizeof( ipad ) || block_size > sizeof( hmac->opad )`
-     * because that triggers -Wlogical-op on GCC 7.3. */
-    if( block_size > sizeof( ipad ) )
-        return( PSA_ERROR_NOT_SUPPORTED );
-    if( block_size > sizeof( hmac->opad ) )
-        return( PSA_ERROR_NOT_SUPPORTED );
-    if( block_size < hash_size )
-        return( PSA_ERROR_NOT_SUPPORTED );
-
-    if( key_length > block_size )
-    {
-        status = psa_hash_compute( hash_alg, key, key_length,
-                                   ipad, sizeof( ipad ), &key_length );
-        if( status != PSA_SUCCESS )
-            goto cleanup;
-    }
-    /* A 0-length key is not commonly used in HMAC when used as a MAC,
-     * but it is permitted. It is common when HMAC is used in HKDF, for
-     * example. Don't call `memcpy` in the 0-length because `key` could be
-     * an invalid pointer which would make the behavior undefined. */
-    else if( key_length != 0 )
-        memcpy( ipad, key, key_length );
-
-    /* ipad contains the key followed by garbage. Xor and fill with 0x36
-     * to create the ipad value. */
-    for( i = 0; i < key_length; i++ )
-        ipad[i] ^= 0x36;
-    memset( ipad + key_length, 0x36, block_size - key_length );
-
-    /* Copy the key material from ipad to opad, flipping the requisite bits,
-     * and filling the rest of opad with the requisite constant. */
-    for( i = 0; i < key_length; i++ )
-        hmac->opad[i] = ipad[i] ^ 0x36 ^ 0x5C;
-    memset( hmac->opad + key_length, 0x5C, block_size - key_length );
-
-    status = psa_hash_setup( &hmac->hash_ctx, hash_alg );
-    if( status != PSA_SUCCESS )
-        goto cleanup;
-
-    status = psa_hash_update( &hmac->hash_ctx, ipad, block_size );
-
-cleanup:
-    mbedtls_platform_zeroize( ipad, sizeof( ipad ) );
-
-    return( status );
-}
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
-
-static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
-                                   mbedtls_svc_key_id_t key,
-                                   psa_algorithm_t alg,
-                                   int is_sign )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_key_slot_t *slot;
-    size_t key_bits;
-    psa_key_usage_t usage =
-        is_sign ? PSA_KEY_USAGE_SIGN_HASH : PSA_KEY_USAGE_VERIFY_HASH;
-    uint8_t truncated = PSA_MAC_TRUNCATED_LENGTH( alg );
-    psa_algorithm_t full_length_alg = PSA_ALG_FULL_LENGTH_MAC( alg );
-
-    /* A context must be freshly initialized before it can be set up. */
-    if( operation->alg != 0 )
-    {
-        return( PSA_ERROR_BAD_STATE );
-    }
-
-    status = psa_mac_init( operation, full_length_alg );
-    if( status != PSA_SUCCESS )
-        return( status );
-    if( is_sign )
-        operation->is_sign = 1;
-
-    status = psa_get_and_lock_transparent_key_slot_with_policy(
-                 key, &slot, usage, alg );
-    if( status != PSA_SUCCESS )
-        goto exit;
-    key_bits = psa_get_key_slot_bits( slot );
-
-#if defined(MBEDTLS_CMAC_C)
-    if( full_length_alg == PSA_ALG_CMAC )
-    {
-        const mbedtls_cipher_info_t *cipher_info =
-            mbedtls_cipher_info_from_psa( full_length_alg,
-                                          slot->attr.type, key_bits, NULL );
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-        if( cipher_info == NULL )
-        {
-            status = PSA_ERROR_NOT_SUPPORTED;
-            goto exit;
-        }
-        operation->mac_size = cipher_info->block_size;
-        ret = psa_cmac_setup( operation, key_bits, slot, cipher_info );
-        status = mbedtls_to_psa_error( ret );
-    }
-    else
-#endif /* MBEDTLS_CMAC_C */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
-    if( PSA_ALG_IS_HMAC( full_length_alg ) )
-    {
-        psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg );
-        if( hash_alg == 0 )
-        {
-            status = PSA_ERROR_NOT_SUPPORTED;
-            goto exit;
-        }
-
-        operation->mac_size = PSA_HASH_SIZE( hash_alg );
-        /* Sanity check. This shouldn't fail on a valid configuration. */
-        if( operation->mac_size == 0 ||
-            operation->mac_size > sizeof( operation->ctx.hmac.opad ) )
-        {
-            status = PSA_ERROR_NOT_SUPPORTED;
-            goto exit;
-        }
-
-        if( slot->attr.type != PSA_KEY_TYPE_HMAC )
-        {
-            status = PSA_ERROR_INVALID_ARGUMENT;
-            goto exit;
-        }
-
-        status = psa_hmac_setup_internal( &operation->ctx.hmac,
-                                          slot->data.key.data,
-                                          slot->data.key.bytes,
-                                          hash_alg );
-    }
-    else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
-    {
-        (void) key_bits;
-        status = PSA_ERROR_NOT_SUPPORTED;
-    }
-
-    if( truncated == 0 )
-    {
-        /* The "normal" case: untruncated algorithm. Nothing to do. */
-    }
-    else if( truncated < 4 )
-    {
-        /* A very short MAC is too short for security since it can be
-         * brute-forced. Ancient protocols with 32-bit MACs do exist,
-         * so we make this our minimum, even though 32 bits is still
-         * too small for security. */
-        status = PSA_ERROR_NOT_SUPPORTED;
-    }
-    else if( truncated > operation->mac_size )
-    {
-        /* It's impossible to "truncate" to a larger length. */
-        status = PSA_ERROR_INVALID_ARGUMENT;
-    }
-    else
-        operation->mac_size = truncated;
-
-exit:
-    if( status != PSA_SUCCESS )
-    {
-        psa_mac_abort( operation );
-    }
-    else
-    {
-        operation->key_set = 1;
-    }
-
-    unlock_status = psa_unlock_key_slot( slot );
-
-    return( ( status == PSA_SUCCESS ) ? unlock_status : status );
-}
-
-psa_status_t psa_mac_sign_setup( psa_mac_operation_t *operation,
-                                 mbedtls_svc_key_id_t key,
-                                 psa_algorithm_t alg )
-{
-    return( psa_mac_setup( operation, key, alg, 1 ) );
-}
-
-psa_status_t psa_mac_verify_setup( psa_mac_operation_t *operation,
-                                   mbedtls_svc_key_id_t key,
-                                   psa_algorithm_t alg )
-{
-    return( psa_mac_setup( operation, key, alg, 0 ) );
-}
-
-psa_status_t psa_mac_update( psa_mac_operation_t *operation,
-                             const uint8_t *input,
-                             size_t input_length )
-{
-    psa_status_t status = PSA_ERROR_BAD_STATE;
-    if( ! operation->key_set )
-        return( PSA_ERROR_BAD_STATE );
-    if( operation->iv_required && ! operation->iv_set )
-        return( PSA_ERROR_BAD_STATE );
-    operation->has_input = 1;
-
-#if defined(MBEDTLS_CMAC_C)
-    if( operation->alg == PSA_ALG_CMAC )
-    {
-        int ret = mbedtls_cipher_cmac_update( &operation->ctx.cmac,
-                                              input, input_length );
-        status = mbedtls_to_psa_error( ret );
-    }
-    else
-#endif /* MBEDTLS_CMAC_C */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
-    if( PSA_ALG_IS_HMAC( operation->alg ) )
-    {
-        status = psa_hash_update( &operation->ctx.hmac.hash_ctx, input,
-                                  input_length );
-    }
-    else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
-    {
-        /* This shouldn't happen if `operation` was initialized by
-         * a setup function. */
-        return( PSA_ERROR_BAD_STATE );
-    }
-
-    if( status != PSA_SUCCESS )
-        psa_mac_abort( operation );
-    return( status );
-}
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
-static psa_status_t psa_hmac_finish_internal( psa_hmac_internal_data *hmac,
-                                              uint8_t *mac,
-                                              size_t mac_size )
-{
-    uint8_t tmp[MBEDTLS_MD_MAX_SIZE];
-    psa_algorithm_t hash_alg = hmac->hash_ctx.alg;
-    size_t hash_size = 0;
-    size_t block_size = psa_get_hash_block_size( hash_alg );
-    psa_status_t status;
-
-    status = psa_hash_finish( &hmac->hash_ctx, tmp, sizeof( tmp ), &hash_size );
-    if( status != PSA_SUCCESS )
-        return( status );
-    /* From here on, tmp needs to be wiped. */
-
-    status = psa_hash_setup( &hmac->hash_ctx, hash_alg );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    status = psa_hash_update( &hmac->hash_ctx, hmac->opad, block_size );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    status = psa_hash_update( &hmac->hash_ctx, tmp, hash_size );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    status = psa_hash_finish( &hmac->hash_ctx, tmp, sizeof( tmp ), &hash_size );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    memcpy( mac, tmp, mac_size );
-
-exit:
-    mbedtls_platform_zeroize( tmp, hash_size );
-    return( status );
-}
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
-
-static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
-                                             uint8_t *mac,
-                                             size_t mac_size )
-{
-    if( ! operation->key_set )
-        return( PSA_ERROR_BAD_STATE );
-    if( operation->iv_required && ! operation->iv_set )
-        return( PSA_ERROR_BAD_STATE );
-
-    if( mac_size < operation->mac_size )
-        return( PSA_ERROR_BUFFER_TOO_SMALL );
-
-#if defined(MBEDTLS_CMAC_C)
-    if( operation->alg == PSA_ALG_CMAC )
-    {
-        uint8_t tmp[PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE];
-        int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, tmp );
-        if( ret == 0 )
-            memcpy( mac, tmp, operation->mac_size );
-        mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
-        return( mbedtls_to_psa_error( ret ) );
-    }
-    else
-#endif /* MBEDTLS_CMAC_C */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
-    if( PSA_ALG_IS_HMAC( operation->alg ) )
-    {
-        return( psa_hmac_finish_internal( &operation->ctx.hmac,
-                                          mac, operation->mac_size ) );
-    }
-    else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
-    {
-        /* This shouldn't happen if `operation` was initialized by
-         * a setup function. */
-        return( PSA_ERROR_BAD_STATE );
-    }
-}
-
-psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation,
-                                  uint8_t *mac,
-                                  size_t mac_size,
-                                  size_t *mac_length )
-{
-    psa_status_t status;
-
-    if( operation->alg == 0 )
-    {
-        return( PSA_ERROR_BAD_STATE );
-    }
-
-    /* Fill the output buffer with something that isn't a valid mac
-     * (barring an attack on the mac and deliberately-crafted input),
-     * in case the caller doesn't check the return status properly. */
-    *mac_length = mac_size;
-    /* If mac_size is 0 then mac may be NULL and then the
-     * call to memset would have undefined behavior. */
-    if( mac_size != 0 )
-        memset( mac, '!', mac_size );
-
-    if( ! operation->is_sign )
-    {
-        return( PSA_ERROR_BAD_STATE );
-    }
-
-    status = psa_mac_finish_internal( operation, mac, mac_size );
-
-    if( status == PSA_SUCCESS )
-    {
-        status = psa_mac_abort( operation );
-        if( status == PSA_SUCCESS )
-            *mac_length = operation->mac_size;
-        else
-            memset( mac, '!', mac_size );
-    }
-    else
-        psa_mac_abort( operation );
-    return( status );
-}
-
-psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation,
-                                    const uint8_t *mac,
-                                    size_t mac_length )
-{
-    uint8_t actual_mac[PSA_MAC_MAX_SIZE];
-    psa_status_t status;
-
-    if( operation->alg == 0 )
-    {
-        return( PSA_ERROR_BAD_STATE );
-    }
-
-    if( operation->is_sign )
-    {
-        return( PSA_ERROR_BAD_STATE );
-    }
-    if( operation->mac_size != mac_length )
-    {
-        status = PSA_ERROR_INVALID_SIGNATURE;
-        goto cleanup;
-    }
-
-    status = psa_mac_finish_internal( operation,
-                                      actual_mac, sizeof( actual_mac ) );
-    if( status != PSA_SUCCESS )
-        goto cleanup;
-
-    if( safer_memcmp( mac, actual_mac, mac_length ) != 0 )
-        status = PSA_ERROR_INVALID_SIGNATURE;
-
-cleanup:
-    if( status == PSA_SUCCESS )
-        status = psa_mac_abort( operation );
-    else
-        psa_mac_abort( operation );
-
-    mbedtls_platform_zeroize( actual_mac, sizeof( actual_mac ) );
-
-    return( status );
-}
-
-
-
-/****************************************************************/
-/* Asymmetric cryptography */
-/****************************************************************/
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
-/* Decode the hash algorithm from alg and store the mbedtls encoding in
- * md_alg. Verify that the hash length is acceptable. */
-static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
-                                            size_t hash_length,
-                                            mbedtls_md_type_t *md_alg )
-{
-    psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
-    const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
-    *md_alg = mbedtls_md_get_type( md_info );
-
-    /* The Mbed TLS RSA module uses an unsigned int for hash length
-     * parameters. Validate that it fits so that we don't risk an
-     * overflow later. */
-#if SIZE_MAX > UINT_MAX
-    if( hash_length > UINT_MAX )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-#endif
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
-    /* For PKCS#1 v1.5 signature, if using a hash, the hash length
-     * must be correct. */
-    if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) &&
-        alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW )
-    {
-        if( md_info == NULL )
-            return( PSA_ERROR_NOT_SUPPORTED );
-        if( mbedtls_md_get_size( md_info ) != hash_length )
-            return( PSA_ERROR_INVALID_ARGUMENT );
-    }
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
-    /* PSS requires a hash internally. */
-    if( PSA_ALG_IS_RSA_PSS( alg ) )
-    {
-        if( md_info == NULL )
-            return( PSA_ERROR_NOT_SUPPORTED );
-    }
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
-
-    return( PSA_SUCCESS );
-}
-
-static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa,
-                                  psa_algorithm_t alg,
-                                  const uint8_t *hash,
-                                  size_t hash_length,
-                                  uint8_t *signature,
-                                  size_t signature_size,
-                                  size_t *signature_length )
-{
-    psa_status_t status;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_md_type_t md_alg;
-
-    status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    if( signature_size < mbedtls_rsa_get_len( rsa ) )
-        return( PSA_ERROR_BUFFER_TOO_SMALL );
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
-    if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
-    {
-        mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
-                                 MBEDTLS_MD_NONE );
-        ret = mbedtls_rsa_pkcs1_sign( rsa,
-                                      mbedtls_ctr_drbg_random,
-                                      &global_data.ctr_drbg,
-                                      MBEDTLS_RSA_PRIVATE,
-                                      md_alg,
-                                      (unsigned int) hash_length,
-                                      hash,
-                                      signature );
-    }
-    else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
-    if( PSA_ALG_IS_RSA_PSS( alg ) )
-    {
-        mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
-        ret = mbedtls_rsa_rsassa_pss_sign( rsa,
-                                           mbedtls_ctr_drbg_random,
-                                           &global_data.ctr_drbg,
-                                           MBEDTLS_RSA_PRIVATE,
-                                           MBEDTLS_MD_NONE,
-                                           (unsigned int) hash_length,
-                                           hash,
-                                           signature );
-    }
-    else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
-    {
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    }
-
-    if( ret == 0 )
-        *signature_length = mbedtls_rsa_get_len( rsa );
-    return( mbedtls_to_psa_error( ret ) );
-}
-
-static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa,
-                                    psa_algorithm_t alg,
-                                    const uint8_t *hash,
-                                    size_t hash_length,
-                                    const uint8_t *signature,
-                                    size_t signature_length )
-{
-    psa_status_t status;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_md_type_t md_alg;
-
-    status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    if( signature_length != mbedtls_rsa_get_len( rsa ) )
-        return( PSA_ERROR_INVALID_SIGNATURE );
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
-    if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
-    {
-        mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
-                                 MBEDTLS_MD_NONE );
-        ret = mbedtls_rsa_pkcs1_verify( rsa,
-                                        mbedtls_ctr_drbg_random,
-                                        &global_data.ctr_drbg,
-                                        MBEDTLS_RSA_PUBLIC,
-                                        md_alg,
-                                        (unsigned int) hash_length,
-                                        hash,
-                                        signature );
-    }
-    else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
-    if( PSA_ALG_IS_RSA_PSS( alg ) )
-    {
-        mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
-        ret = mbedtls_rsa_rsassa_pss_verify( rsa,
-                                             mbedtls_ctr_drbg_random,
-                                             &global_data.ctr_drbg,
-                                             MBEDTLS_RSA_PUBLIC,
-                                             MBEDTLS_MD_NONE,
-                                             (unsigned int) hash_length,
-                                             hash,
-                                             signature );
-    }
-    else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
-    {
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    }
-
-    /* Mbed TLS distinguishes "invalid padding" from "valid padding but
-     * the rest of the signature is invalid". This has little use in
-     * practice and PSA doesn't report this distinction. */
-    if( ret == MBEDTLS_ERR_RSA_INVALID_PADDING )
-        return( PSA_ERROR_INVALID_SIGNATURE );
-    return( mbedtls_to_psa_error( ret ) );
-}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
-        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
-/* `ecp` cannot be const because `ecp->grp` needs to be non-const
- * for mbedtls_ecdsa_sign() and mbedtls_ecdsa_sign_det()
- * (even though these functions don't modify it). */
-static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp,
-                                    psa_algorithm_t alg,
-                                    const uint8_t *hash,
-                                    size_t hash_length,
-                                    uint8_t *signature,
-                                    size_t signature_size,
-                                    size_t *signature_length )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_mpi r, s;
-    size_t curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits );
-    mbedtls_mpi_init( &r );
-    mbedtls_mpi_init( &s );
-
-    if( signature_size < 2 * curve_bytes )
-    {
-        ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
-        goto cleanup;
-    }
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
-    if( PSA_ALG_DSA_IS_DETERMINISTIC( alg ) )
-    {
-        psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
-        const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
-        mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info );
-        MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det_ext( &ecp->grp, &r, &s,
-                                                     &ecp->d, hash,
-                                                     hash_length, md_alg,
-                                                     mbedtls_ctr_drbg_random,
-                                                     &global_data.ctr_drbg ) );
-    }
-    else
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
-    {
-        (void) alg;
-        MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ecp->grp, &r, &s, &ecp->d,
-                                             hash, hash_length,
-                                             mbedtls_ctr_drbg_random,
-                                             &global_data.ctr_drbg ) );
-    }
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &r,
-                                               signature,
-                                               curve_bytes ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &s,
-                                               signature + curve_bytes,
-                                               curve_bytes ) );
-
-cleanup:
-    mbedtls_mpi_free( &r );
-    mbedtls_mpi_free( &s );
-    if( ret == 0 )
-        *signature_length = 2 * curve_bytes;
-    return( mbedtls_to_psa_error( ret ) );
-}
-
-static psa_status_t psa_ecdsa_verify( mbedtls_ecp_keypair *ecp,
-                                      const uint8_t *hash,
-                                      size_t hash_length,
-                                      const uint8_t *signature,
-                                      size_t signature_length )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_mpi r, s;
-    size_t curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits );
-    mbedtls_mpi_init( &r );
-    mbedtls_mpi_init( &s );
-
-    if( signature_length != 2 * curve_bytes )
-        return( PSA_ERROR_INVALID_SIGNATURE );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &r,
-                                              signature,
-                                              curve_bytes ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &s,
-                                              signature + curve_bytes,
-                                              curve_bytes ) );
-
-    /* Check whether the public part is loaded. If not, load it. */
-    if( mbedtls_ecp_is_zero( &ecp->Q ) )
-    {
-        MBEDTLS_MPI_CHK(
-            mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G,
-                             mbedtls_ctr_drbg_random, &global_data.ctr_drbg ) );
-    }
-
-    ret = mbedtls_ecdsa_verify( &ecp->grp, hash, hash_length,
-                                &ecp->Q, &r, &s );
-
-cleanup:
-    mbedtls_mpi_free( &r );
-    mbedtls_mpi_free( &s );
-    return( mbedtls_to_psa_error( ret ) );
-}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
-        * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
-
-psa_status_t psa_sign_hash( mbedtls_svc_key_id_t key,
-                            psa_algorithm_t alg,
-                            const uint8_t *hash,
-                            size_t hash_length,
-                            uint8_t *signature,
-                            size_t signature_size,
-                            size_t *signature_length )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_key_slot_t *slot;
-
-    *signature_length = signature_size;
-    /* Immediately reject a zero-length signature buffer. This guarantees
-     * that signature must be a valid pointer. (On the other hand, the hash
-     * buffer can in principle be empty since it doesn't actually have
-     * to be a hash.) */
-    if( signature_size == 0 )
-        return( PSA_ERROR_BUFFER_TOO_SMALL );
-
-    status = psa_get_and_lock_key_slot_with_policy( key, &slot,
-                                                    PSA_KEY_USAGE_SIGN_HASH,
-                                                    alg );
-    if( status != PSA_SUCCESS )
-        goto exit;
-    if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) )
-    {
-        status = PSA_ERROR_INVALID_ARGUMENT;
-        goto exit;
-    }
-
-    /* Try any of the available accelerators first */
-    status = psa_driver_wrapper_sign_hash( slot,
-                                           alg,
-                                           hash,
-                                           hash_length,
-                                           signature,
-                                           signature_size,
-                                           signature_length );
-    if( status != PSA_ERROR_NOT_SUPPORTED ||
-        psa_key_lifetime_is_external( slot->attr.lifetime ) )
-        goto exit;
-
-    /* If the operation was not supported by any accelerator, try fallback. */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
-    if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
-    {
-        mbedtls_rsa_context *rsa = NULL;
-
-        status = psa_load_rsa_representation( slot->attr.type,
-                                              slot->data.key.data,
-                                              slot->data.key.bytes,
-                                              &rsa );
-        if( status != PSA_SUCCESS )
-            goto exit;
-
-        status = psa_rsa_sign( rsa,
-                               alg,
-                               hash, hash_length,
-                               signature, signature_size,
-                               signature_length );
-
-        mbedtls_rsa_free( rsa );
-        mbedtls_free( rsa );
-    }
-    else
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
-        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
-    if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
-    {
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
-        if(
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
-            PSA_ALG_IS_ECDSA( alg )
-#else
-            PSA_ALG_IS_RANDOMIZED_ECDSA( alg )
-#endif
-            )
-        {
-            mbedtls_ecp_keypair *ecp = NULL;
-            status = psa_load_ecp_representation( slot->attr.type,
-                                                  slot->data.key.data,
-                                                  slot->data.key.bytes,
-                                                  &ecp );
-            if( status != PSA_SUCCESS )
-                goto exit;
-            status = psa_ecdsa_sign( ecp,
-                                     alg,
-                                     hash, hash_length,
-                                     signature, signature_size,
-                                     signature_length );
-            mbedtls_ecp_keypair_free( ecp );
-            mbedtls_free( ecp );
-        }
-        else
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
-        * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
-        {
-            status = PSA_ERROR_INVALID_ARGUMENT;
-        }
-    }
-    else
-    {
-        status = PSA_ERROR_NOT_SUPPORTED;
-    }
-
-exit:
-    /* Fill the unused part of the output buffer (the whole buffer on error,
-     * the trailing part on success) with something that isn't a valid mac
-     * (barring an attack on the mac and deliberately-crafted input),
-     * in case the caller doesn't check the return status properly. */
-    if( status == PSA_SUCCESS )
-        memset( signature + *signature_length, '!',
-                signature_size - *signature_length );
-    else
-        memset( signature, '!', signature_size );
-    /* If signature_size is 0 then we have nothing to do. We must not call
-     * memset because signature may be NULL in this case. */
-
-    unlock_status = psa_unlock_key_slot( slot );
-
-    return( ( status == PSA_SUCCESS ) ? unlock_status : status );
-}
-
-psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key,
-                              psa_algorithm_t alg,
-                              const uint8_t *hash,
-                              size_t hash_length,
-                              const uint8_t *signature,
-                              size_t signature_length )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_key_slot_t *slot;
-
-    status = psa_get_and_lock_key_slot_with_policy( key, &slot,
-                                                    PSA_KEY_USAGE_VERIFY_HASH,
-                                                    alg );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    /* Try any of the available accelerators first */
-    status = psa_driver_wrapper_verify_hash( slot,
-                                             alg,
-                                             hash,
-                                             hash_length,
-                                             signature,
-                                             signature_length );
-    if( status != PSA_ERROR_NOT_SUPPORTED ||
-        psa_key_lifetime_is_external( slot->attr.lifetime ) )
-        goto exit;
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
-    if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
-    {
-        mbedtls_rsa_context *rsa = NULL;
-
-        status = psa_load_rsa_representation( slot->attr.type,
-                                              slot->data.key.data,
-                                              slot->data.key.bytes,
-                                              &rsa );
-        if( status != PSA_SUCCESS )
-            goto exit;
-
-        status = psa_rsa_verify( rsa,
-                                 alg,
-                                 hash, hash_length,
-                                 signature, signature_length );
-        mbedtls_rsa_free( rsa );
-        mbedtls_free( rsa );
-        goto exit;
-    }
-    else
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
-        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
-    if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
-    {
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
-        if( PSA_ALG_IS_ECDSA( alg ) )
-        {
-            mbedtls_ecp_keypair *ecp = NULL;
-            status = psa_load_ecp_representation( slot->attr.type,
-                                                  slot->data.key.data,
-                                                  slot->data.key.bytes,
-                                                  &ecp );
-            if( status != PSA_SUCCESS )
-                goto exit;
-            status = psa_ecdsa_verify( ecp,
-                                       hash, hash_length,
-                                       signature, signature_length );
-            mbedtls_ecp_keypair_free( ecp );
-            mbedtls_free( ecp );
-            goto exit;
-        }
-        else
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
-        * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
-        {
-            status =  PSA_ERROR_INVALID_ARGUMENT;
-            goto exit;
-        }
-    }
-    else
-    {
-        status = PSA_ERROR_NOT_SUPPORTED;
-    }
-
-exit:
-    unlock_status = psa_unlock_key_slot( slot );
-
-    return( ( status == PSA_SUCCESS ) ? unlock_status : status );
-}
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
-static void psa_rsa_oaep_set_padding_mode( psa_algorithm_t alg,
-                                           mbedtls_rsa_context *rsa )
-{
-    psa_algorithm_t hash_alg = PSA_ALG_RSA_OAEP_GET_HASH( alg );
-    const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
-    mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info );
-    mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
-}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
-
-psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key,
-                                     psa_algorithm_t alg,
-                                     const uint8_t *input,
-                                     size_t input_length,
-                                     const uint8_t *salt,
-                                     size_t salt_length,
-                                     uint8_t *output,
-                                     size_t output_size,
-                                     size_t *output_length )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_key_slot_t *slot;
-
-    (void) input;
-    (void) input_length;
-    (void) salt;
-    (void) output;
-    (void) output_size;
-
-    *output_length = 0;
-
-    if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
-    status = psa_get_and_lock_transparent_key_slot_with_policy(
-                 key, &slot, PSA_KEY_USAGE_ENCRYPT, alg );
-    if( status != PSA_SUCCESS )
-        return( status );
-    if( ! ( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->attr.type ) ||
-            PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) )
-    {
-        status = PSA_ERROR_INVALID_ARGUMENT;
-        goto exit;
-    }
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
-    if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
-    {
-        mbedtls_rsa_context *rsa = NULL;
-        status = psa_load_rsa_representation( slot->attr.type,
-                                              slot->data.key.data,
-                                              slot->data.key.bytes,
-                                              &rsa );
-        if( status != PSA_SUCCESS )
-            goto rsa_exit;
-
-        if( output_size < mbedtls_rsa_get_len( rsa ) )
-        {
-            status = PSA_ERROR_BUFFER_TOO_SMALL;
-            goto rsa_exit;
-        }
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT)
-        if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT )
-        {
-            status = mbedtls_to_psa_error(
-                    mbedtls_rsa_pkcs1_encrypt( rsa,
-                                               mbedtls_ctr_drbg_random,
-                                               &global_data.ctr_drbg,
-                                               MBEDTLS_RSA_PUBLIC,
-                                               input_length,
-                                               input,
-                                               output ) );
-        }
-        else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
-        if( PSA_ALG_IS_RSA_OAEP( alg ) )
-        {
-            psa_rsa_oaep_set_padding_mode( alg, rsa );
-            status = mbedtls_to_psa_error(
-                mbedtls_rsa_rsaes_oaep_encrypt( rsa,
-                                                mbedtls_ctr_drbg_random,
-                                                &global_data.ctr_drbg,
-                                                MBEDTLS_RSA_PUBLIC,
-                                                salt, salt_length,
-                                                input_length,
-                                                input,
-                                                output ) );
-        }
-        else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */
-        {
-            status = PSA_ERROR_INVALID_ARGUMENT;
-            goto rsa_exit;
-        }
-rsa_exit:
-        if( status == PSA_SUCCESS )
-            *output_length = mbedtls_rsa_get_len( rsa );
-
-        mbedtls_rsa_free( rsa );
-        mbedtls_free( rsa );
-    }
-    else
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
-        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
-    {
-        status = PSA_ERROR_NOT_SUPPORTED;
-    }
-
-exit:
-    unlock_status = psa_unlock_key_slot( slot );
-
-    return( ( status == PSA_SUCCESS ) ? unlock_status : status );
-}
-
-psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key,
-                                     psa_algorithm_t alg,
-                                     const uint8_t *input,
-                                     size_t input_length,
-                                     const uint8_t *salt,
-                                     size_t salt_length,
-                                     uint8_t *output,
-                                     size_t output_size,
-                                     size_t *output_length )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_key_slot_t *slot;
-
-    (void) input;
-    (void) input_length;
-    (void) salt;
-    (void) output;
-    (void) output_size;
-
-    *output_length = 0;
-
-    if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
-    status = psa_get_and_lock_transparent_key_slot_with_policy(
-                 key, &slot, PSA_KEY_USAGE_DECRYPT, alg );
-    if( status != PSA_SUCCESS )
-        return( status );
-    if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) )
-    {
-        status = PSA_ERROR_INVALID_ARGUMENT;
-        goto exit;
-    }
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
-    if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
-    {
-        mbedtls_rsa_context *rsa = NULL;
-        status = psa_load_rsa_representation( slot->attr.type,
-                                              slot->data.key.data,
-                                              slot->data.key.bytes,
-                                              &rsa );
-        if( status != PSA_SUCCESS )
-            goto exit;
-
-        if( input_length != mbedtls_rsa_get_len( rsa ) )
-        {
-            status = PSA_ERROR_INVALID_ARGUMENT;
-            goto rsa_exit;
-        }
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT)
-        if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT )
-        {
-            status = mbedtls_to_psa_error(
-                mbedtls_rsa_pkcs1_decrypt( rsa,
-                                           mbedtls_ctr_drbg_random,
-                                           &global_data.ctr_drbg,
-                                           MBEDTLS_RSA_PRIVATE,
-                                           output_length,
-                                           input,
-                                           output,
-                                           output_size ) );
-        }
-        else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
-        if( PSA_ALG_IS_RSA_OAEP( alg ) )
-        {
-            psa_rsa_oaep_set_padding_mode( alg, rsa );
-            status = mbedtls_to_psa_error(
-                mbedtls_rsa_rsaes_oaep_decrypt( rsa,
-                                                mbedtls_ctr_drbg_random,
-                                                &global_data.ctr_drbg,
-                                                MBEDTLS_RSA_PRIVATE,
-                                                salt, salt_length,
-                                                output_length,
-                                                input,
-                                                output,
-                                                output_size ) );
-        }
-        else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */
-        {
-            status = PSA_ERROR_INVALID_ARGUMENT;
-        }
-
-rsa_exit:
-        mbedtls_rsa_free( rsa );
-        mbedtls_free( rsa );
-    }
-    else
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
-        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
-    {
-        status = PSA_ERROR_NOT_SUPPORTED;
-    }
-
-exit:
-    unlock_status = psa_unlock_key_slot( slot );
-
-    return( ( status == PSA_SUCCESS ) ? unlock_status : status );
-}
-
-
-
-/****************************************************************/
-/* Symmetric cryptography */
-/****************************************************************/
-
-static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
-                                      mbedtls_svc_key_id_t key,
-                                      psa_algorithm_t alg,
-                                      mbedtls_operation_t cipher_operation )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
-    int ret = 0;
-    psa_key_slot_t *slot;
-    size_t key_bits;
-    const mbedtls_cipher_info_t *cipher_info = NULL;
-    psa_key_usage_t usage = ( cipher_operation == MBEDTLS_ENCRYPT ?
-                              PSA_KEY_USAGE_ENCRYPT :
-                              PSA_KEY_USAGE_DECRYPT );
-
-    /* A context must be freshly initialized before it can be set up. */
-    if( operation->alg != 0 )
-        return( PSA_ERROR_BAD_STATE );
-
-    /* The requested algorithm must be one that can be processed by cipher. */
-    if( ! PSA_ALG_IS_CIPHER( alg ) )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
-    /* Fetch key material from key storage. */
-    status = psa_get_and_lock_key_slot_with_policy( key, &slot, usage, alg );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    /* Initialize the operation struct members, except for alg. The alg member
-     * is used to indicate to psa_cipher_abort that there are resources to free,
-     * so we only set it after resources have been allocated/initialized. */
-    operation->key_set = 0;
-    operation->iv_set = 0;
-    operation->mbedtls_in_use = 0;
-    operation->iv_size = 0;
-    operation->block_size = 0;
-    if( alg == PSA_ALG_ECB_NO_PADDING )
-        operation->iv_required = 0;
-    else
-        operation->iv_required = 1;
-
-    /* Try doing the operation through a driver before using software fallback. */
-    if( cipher_operation == MBEDTLS_ENCRYPT )
-        status = psa_driver_wrapper_cipher_encrypt_setup( &operation->ctx.driver,
-                                                          slot,
-                                                          alg );
-    else
-        status = psa_driver_wrapper_cipher_decrypt_setup( &operation->ctx.driver,
-                                                          slot,
-                                                          alg );
-
-    if( status == PSA_SUCCESS )
-    {
-        /* Once the driver context is initialised, it needs to be freed using
-        * psa_cipher_abort. Indicate this through setting alg. */
-        operation->alg = alg;
-    }
-
-    if( status != PSA_ERROR_NOT_SUPPORTED ||
-        psa_key_lifetime_is_external( slot->attr.lifetime ) )
-        goto exit;
-
-    /* Proceed with initializing an mbed TLS cipher context if no driver is
-     * available for the given algorithm & key. */
-    mbedtls_cipher_init( &operation->ctx.cipher );
-
-    /* Once the cipher context is initialised, it needs to be freed using
-     * psa_cipher_abort. Indicate there is something to be freed through setting
-     * alg, and indicate the operation is being done using mbedtls crypto through
-     * setting mbedtls_in_use. */
-    operation->alg = alg;
-    operation->mbedtls_in_use = 1;
-
-    key_bits = psa_get_key_slot_bits( slot );
-    cipher_info = mbedtls_cipher_info_from_psa( alg, slot->attr.type, key_bits, NULL );
-    if( cipher_info == NULL )
-    {
-        status = PSA_ERROR_NOT_SUPPORTED;
-        goto exit;
-    }
-
-    ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info );
-    if( ret != 0 )
-        goto exit;
-
-#if defined(MBEDTLS_DES_C)
-    if( slot->attr.type == PSA_KEY_TYPE_DES && key_bits == 128 )
-    {
-        /* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */
-        uint8_t keys[24];
-        memcpy( keys, slot->data.key.data, 16 );
-        memcpy( keys + 16, slot->data.key.data, 8 );
-        ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
-                                     keys,
-                                     192, cipher_operation );
-    }
-    else
-#endif
-    {
-        ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
-                                     slot->data.key.data,
-                                     (int) key_bits, cipher_operation );
-    }
-    if( ret != 0 )
-        goto exit;
-
-#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
-    switch( alg )
-    {
-        case PSA_ALG_CBC_NO_PADDING:
-            ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher,
-                                                   MBEDTLS_PADDING_NONE );
-            break;
-        case PSA_ALG_CBC_PKCS7:
-            ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher,
-                                                   MBEDTLS_PADDING_PKCS7 );
-            break;
-        default:
-            /* The algorithm doesn't involve padding. */
-            ret = 0;
-            break;
-    }
-    if( ret != 0 )
-        goto exit;
-#endif //MBEDTLS_CIPHER_MODE_WITH_PADDING
-
-    operation->block_size = ( PSA_ALG_IS_STREAM_CIPHER( alg ) ? 1 :
-                              PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->attr.type ) );
-    if( ( alg & PSA_ALG_CIPHER_FROM_BLOCK_FLAG ) != 0 &&
-        alg != PSA_ALG_ECB_NO_PADDING )
-    {
-        operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->attr.type );
-    }
-#if defined(MBEDTLS_CHACHA20_C)
-    else
-    if( alg == PSA_ALG_STREAM_CIPHER && slot->attr.type == PSA_KEY_TYPE_CHACHA20 )
-        operation->iv_size = 12;
-#endif
-
-    status = PSA_SUCCESS;
-
-exit:
-    if( ret != 0 )
-        status = mbedtls_to_psa_error( ret );
-    if( status == PSA_SUCCESS )
-    {
-        /* Update operation flags for both driver and software implementations */
-        operation->key_set = 1;
-    }
-    else
-        psa_cipher_abort( operation );
-
-    unlock_status = psa_unlock_key_slot( slot );
-
-    return( ( status == PSA_SUCCESS ) ? unlock_status : status );
-}
-
-psa_status_t psa_cipher_encrypt_setup( psa_cipher_operation_t *operation,
-                                       mbedtls_svc_key_id_t key,
-                                       psa_algorithm_t alg )
-{
-    return( psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT ) );
-}
-
-psa_status_t psa_cipher_decrypt_setup( psa_cipher_operation_t *operation,
-                                       mbedtls_svc_key_id_t key,
-                                       psa_algorithm_t alg )
-{
-    return( psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT ) );
-}
-
-psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation,
-                                     uint8_t *iv,
-                                     size_t iv_size,
-                                     size_t *iv_length )
-{
-    psa_status_t status;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    if( operation->iv_set || ! operation->iv_required )
-    {
-        return( PSA_ERROR_BAD_STATE );
-    }
-
-    if( operation->mbedtls_in_use == 0 )
-    {
-        status = psa_driver_wrapper_cipher_generate_iv( &operation->ctx.driver,
-                                                        iv,
-                                                        iv_size,
-                                                        iv_length );
-        goto exit;
-    }
-
-    if( iv_size < operation->iv_size )
-    {
-        status = PSA_ERROR_BUFFER_TOO_SMALL;
-        goto exit;
-    }
-    ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg,
-                                   iv, operation->iv_size );
-    if( ret != 0 )
-    {
-        status = mbedtls_to_psa_error( ret );
-        goto exit;
-    }
-
-    *iv_length = operation->iv_size;
-    status = psa_cipher_set_iv( operation, iv, *iv_length );
-
-exit:
-    if( status == PSA_SUCCESS )
-        operation->iv_set = 1;
-    else
-        psa_cipher_abort( operation );
-    return( status );
-}
-
-psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation,
-                                const uint8_t *iv,
-                                size_t iv_length )
-{
-    psa_status_t status;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    if( operation->iv_set || ! operation->iv_required )
-    {
-        return( PSA_ERROR_BAD_STATE );
-    }
-
-    if( operation->mbedtls_in_use == 0 )
-    {
-        status = psa_driver_wrapper_cipher_set_iv( &operation->ctx.driver,
-                                                   iv,
-                                                   iv_length );
-        goto exit;
-    }
-
-    if( iv_length != operation->iv_size )
-    {
-        status = PSA_ERROR_INVALID_ARGUMENT;
-        goto exit;
-    }
-    ret = mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length );
-    status = mbedtls_to_psa_error( ret );
-exit:
-    if( status == PSA_SUCCESS )
-        operation->iv_set = 1;
-    else
-        psa_cipher_abort( operation );
-    return( status );
-}
-
-/* Process input for which the algorithm is set to ECB mode. This requires
- * manual processing, since the PSA API is defined as being able to process
- * arbitrary-length calls to psa_cipher_update() with ECB mode, but the
- * underlying mbedtls_cipher_update only takes full blocks. */
-static psa_status_t psa_cipher_update_ecb_internal(
-    mbedtls_cipher_context_t *ctx,
-    const uint8_t *input,
-    size_t input_length,
-    uint8_t *output,
-    size_t output_size,
-    size_t *output_length )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    size_t block_size = ctx->cipher_info->block_size;
-    size_t internal_output_length = 0;
-    *output_length = 0;
-
-    if( input_length == 0 )
-    {
-        status = PSA_SUCCESS;
-        goto exit;
-    }
-
-    if( ctx->unprocessed_len > 0 )
-    {
-        /* Fill up to block size, and run the block if there's a full one. */
-        size_t bytes_to_copy = block_size - ctx->unprocessed_len;
-
-        if( input_length < bytes_to_copy )
-            bytes_to_copy = input_length;
-
-        memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ),
-                input, bytes_to_copy );
-        input_length -= bytes_to_copy;
-        input += bytes_to_copy;
-        ctx->unprocessed_len += bytes_to_copy;
-
-        if( ctx->unprocessed_len == block_size )
-        {
-            status = mbedtls_to_psa_error(
-                mbedtls_cipher_update( ctx,
-                                       ctx->unprocessed_data,
-                                       block_size,
-                                       output, &internal_output_length ) );
-
-            if( status != PSA_SUCCESS )
-                goto exit;
-
-            output += internal_output_length;
-            output_size -= internal_output_length;
-            *output_length += internal_output_length;
-            ctx->unprocessed_len = 0;
-        }
-    }
-
-    while( input_length >= block_size )
-    {
-        /* Run all full blocks we have, one by one */
-        status = mbedtls_to_psa_error(
-            mbedtls_cipher_update( ctx, input,
-                                   block_size,
-                                   output, &internal_output_length ) );
-
-        if( status != PSA_SUCCESS )
-            goto exit;
-
-        input_length -= block_size;
-        input += block_size;
-
-        output += internal_output_length;
-        output_size -= internal_output_length;
-        *output_length += internal_output_length;
-    }
-
-    if( input_length > 0 )
-    {
-        /* Save unprocessed bytes for later processing */
-        memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ),
-                input, input_length );
-        ctx->unprocessed_len += input_length;
-    }
-
-    status = PSA_SUCCESS;
-
-exit:
-    return( status );
-}
-
-psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
-                                const uint8_t *input,
-                                size_t input_length,
-                                uint8_t *output,
-                                size_t output_size,
-                                size_t *output_length )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    size_t expected_output_size;
-    if( operation->alg == 0 )
-    {
-        return( PSA_ERROR_BAD_STATE );
-    }
-    if( operation->iv_required && ! operation->iv_set )
-    {
-        return( PSA_ERROR_BAD_STATE );
-    }
-
-    if( operation->mbedtls_in_use == 0 )
-    {
-        status = psa_driver_wrapper_cipher_update( &operation->ctx.driver,
-                                                   input,
-                                                   input_length,
-                                                   output,
-                                                   output_size,
-                                                   output_length );
-        goto exit;
-    }
-
-    if( ! PSA_ALG_IS_STREAM_CIPHER( operation->alg ) )
-    {
-        /* Take the unprocessed partial block left over from previous
-         * update calls, if any, plus the input to this call. Remove
-         * the last partial block, if any. You get the data that will be
-         * output in this call. */
-        expected_output_size =
-            ( operation->ctx.cipher.unprocessed_len + input_length )
-            / operation->block_size * operation->block_size;
-    }
-    else
-    {
-        expected_output_size = input_length;
-    }
-
-    if( output_size < expected_output_size )
-    {
-        status = PSA_ERROR_BUFFER_TOO_SMALL;
-        goto exit;
-    }
-
-    if( operation->alg == PSA_ALG_ECB_NO_PADDING )
-    {
-        /* mbedtls_cipher_update has an API inconsistency: it will only
-        * process a single block at a time in ECB mode. Abstract away that
-        * inconsistency here to match the PSA API behaviour. */
-        status = psa_cipher_update_ecb_internal( &operation->ctx.cipher,
-                                                 input,
-                                                 input_length,
-                                                 output,
-                                                 output_size,
-                                                 output_length );
-    }
-    else
-    {
-        status = mbedtls_to_psa_error(
-            mbedtls_cipher_update( &operation->ctx.cipher, input,
-                                   input_length, output, output_length ) );
-    }
-exit:
-    if( status != PSA_SUCCESS )
-        psa_cipher_abort( operation );
-    return( status );
-}
-
-psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,
-                                uint8_t *output,
-                                size_t output_size,
-                                size_t *output_length )
-{
-    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
-    uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH];
-    if( operation->alg == 0 )
-    {
-        return( PSA_ERROR_BAD_STATE );
-    }
-    if( operation->iv_required && ! operation->iv_set )
-    {
-        return( PSA_ERROR_BAD_STATE );
-    }
-
-    if( operation->mbedtls_in_use == 0 )
-    {
-        status = psa_driver_wrapper_cipher_finish( &operation->ctx.driver,
-                                                   output,
-                                                   output_size,
-                                                   output_length );
-        goto exit;
-    }
-
-    if( operation->ctx.cipher.unprocessed_len != 0 )
-    {
-        if( operation->alg == PSA_ALG_ECB_NO_PADDING ||
-            operation->alg == PSA_ALG_CBC_NO_PADDING )
-        {
-            status = PSA_ERROR_INVALID_ARGUMENT;
-            goto exit;
-        }
-    }
-
-    status = mbedtls_to_psa_error(
-        mbedtls_cipher_finish( &operation->ctx.cipher,
-                               temp_output_buffer,
-                               output_length ) );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    if( *output_length == 0 )
-        ; /* Nothing to copy. Note that output may be NULL in this case. */
-    else if( output_size >= *output_length )
-        memcpy( output, temp_output_buffer, *output_length );
-    else
-        status = PSA_ERROR_BUFFER_TOO_SMALL;
-
-exit:
-    if( operation->mbedtls_in_use == 1 )
-        mbedtls_platform_zeroize( temp_output_buffer, sizeof( temp_output_buffer ) );
-
-    if( status == PSA_SUCCESS )
-        return( psa_cipher_abort( operation ) );
-    else
-    {
-        *output_length = 0;
-        (void) psa_cipher_abort( operation );
-
-        return( status );
-    }
-}
-
-psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation )
-{
-    if( operation->alg == 0 )
-    {
-        /* The object has (apparently) been initialized but it is not (yet)
-         * in use. It's ok to call abort on such an object, and there's
-         * nothing to do. */
-        return( PSA_SUCCESS );
-    }
-
-    /* Sanity check (shouldn't happen: operation->alg should
-     * always have been initialized to a valid value). */
-    if( ! PSA_ALG_IS_CIPHER( operation->alg ) )
-        return( PSA_ERROR_BAD_STATE );
-
-    if( operation->mbedtls_in_use == 0 )
-        psa_driver_wrapper_cipher_abort( &operation->ctx.driver );
-    else
-        mbedtls_cipher_free( &operation->ctx.cipher );
-
-    operation->alg = 0;
-    operation->key_set = 0;
-    operation->iv_set = 0;
-    operation->mbedtls_in_use = 0;
-    operation->iv_size = 0;
-    operation->block_size = 0;
-    operation->iv_required = 0;
-
-    return( PSA_SUCCESS );
-}
-
-
-
-
-/****************************************************************/
-/* AEAD */
-/****************************************************************/
-
-typedef struct
-{
-    psa_key_slot_t *slot;
-    const mbedtls_cipher_info_t *cipher_info;
-    union
-    {
-        unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
-#if defined(MBEDTLS_CCM_C)
-        mbedtls_ccm_context ccm;
-#endif /* MBEDTLS_CCM_C */
-#if defined(MBEDTLS_GCM_C)
-        mbedtls_gcm_context gcm;
-#endif /* MBEDTLS_GCM_C */
-#if defined(MBEDTLS_CHACHAPOLY_C)
-        mbedtls_chachapoly_context chachapoly;
-#endif /* MBEDTLS_CHACHAPOLY_C */
-    } ctx;
-    psa_algorithm_t core_alg;
-    uint8_t full_tag_length;
-    uint8_t tag_length;
-} aead_operation_t;
-
-#define AEAD_OPERATION_INIT {0, 0, {0}, 0, 0, 0}
-
-static void psa_aead_abort_internal( aead_operation_t *operation )
-{
-    switch( operation->core_alg )
-    {
-#if defined(MBEDTLS_CCM_C)
-        case PSA_ALG_CCM:
-            mbedtls_ccm_free( &operation->ctx.ccm );
-            break;
-#endif /* MBEDTLS_CCM_C */
-#if defined(MBEDTLS_GCM_C)
-        case PSA_ALG_GCM:
-            mbedtls_gcm_free( &operation->ctx.gcm );
-            break;
-#endif /* MBEDTLS_GCM_C */
-    }
-
-    psa_unlock_key_slot( operation->slot );
-}
-
-static psa_status_t psa_aead_setup( aead_operation_t *operation,
-                                    mbedtls_svc_key_id_t key,
-                                    psa_key_usage_t usage,
-                                    psa_algorithm_t alg )
-{
-    psa_status_t status;
-    size_t key_bits;
-    mbedtls_cipher_id_t cipher_id;
-
-    status = psa_get_and_lock_transparent_key_slot_with_policy(
-                 key, &operation->slot, usage, alg );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    key_bits = psa_get_key_slot_bits( operation->slot );
-
-    operation->cipher_info =
-        mbedtls_cipher_info_from_psa( alg, operation->slot->attr.type, key_bits,
-                                      &cipher_id );
-    if( operation->cipher_info == NULL )
-    {
-        status = PSA_ERROR_NOT_SUPPORTED;
-        goto cleanup;
-    }
-
-    switch( PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 0 ) )
-    {
-#if defined(MBEDTLS_CCM_C)
-        case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 0 ):
-            operation->core_alg = PSA_ALG_CCM;
-            operation->full_tag_length = 16;
-            /* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16.
-             * The call to mbedtls_ccm_encrypt_and_tag or
-             * mbedtls_ccm_auth_decrypt will validate the tag length. */
-            if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->attr.type ) != 16 )
-            {
-                status = PSA_ERROR_INVALID_ARGUMENT;
-                goto cleanup;
-            }
-            mbedtls_ccm_init( &operation->ctx.ccm );
-            status = mbedtls_to_psa_error(
-                mbedtls_ccm_setkey( &operation->ctx.ccm, cipher_id,
-                                    operation->slot->data.key.data,
-                                    (unsigned int) key_bits ) );
-            if( status != 0 )
-                goto cleanup;
-            break;
-#endif /* MBEDTLS_CCM_C */
-
-#if defined(MBEDTLS_GCM_C)
-        case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 0 ):
-            operation->core_alg = PSA_ALG_GCM;
-            operation->full_tag_length = 16;
-            /* GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16.
-             * The call to mbedtls_gcm_crypt_and_tag or
-             * mbedtls_gcm_auth_decrypt will validate the tag length. */
-            if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->attr.type ) != 16 )
-            {
-                status = PSA_ERROR_INVALID_ARGUMENT;
-                goto cleanup;
-            }
-            mbedtls_gcm_init( &operation->ctx.gcm );
-            status = mbedtls_to_psa_error(
-                mbedtls_gcm_setkey( &operation->ctx.gcm, cipher_id,
-                                    operation->slot->data.key.data,
-                                    (unsigned int) key_bits ) );
-            if( status != 0 )
-                goto cleanup;
-            break;
-#endif /* MBEDTLS_GCM_C */
-
-#if defined(MBEDTLS_CHACHAPOLY_C)
-        case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CHACHA20_POLY1305, 0 ):
-            operation->core_alg = PSA_ALG_CHACHA20_POLY1305;
-            operation->full_tag_length = 16;
-            /* We only support the default tag length. */
-            if( alg != PSA_ALG_CHACHA20_POLY1305 )
-            {
-                status = PSA_ERROR_NOT_SUPPORTED;
-                goto cleanup;
-            }
-            mbedtls_chachapoly_init( &operation->ctx.chachapoly );
-            status = mbedtls_to_psa_error(
-                mbedtls_chachapoly_setkey( &operation->ctx.chachapoly,
-                                           operation->slot->data.key.data ) );
-            if( status != 0 )
-                goto cleanup;
-            break;
-#endif /* MBEDTLS_CHACHAPOLY_C */
-
-        default:
-            status = PSA_ERROR_NOT_SUPPORTED;
-            goto cleanup;
-    }
-
-    if( PSA_AEAD_TAG_LENGTH( alg ) > operation->full_tag_length )
-    {
-        status = PSA_ERROR_INVALID_ARGUMENT;
-        goto cleanup;
-    }
-    operation->tag_length = PSA_AEAD_TAG_LENGTH( alg );
-
-    return( PSA_SUCCESS );
-
-cleanup:
-    psa_aead_abort_internal( operation );
-    return( status );
-}
-
-psa_status_t psa_aead_encrypt( mbedtls_svc_key_id_t key,
-                               psa_algorithm_t alg,
-                               const uint8_t *nonce,
-                               size_t nonce_length,
-                               const uint8_t *additional_data,
-                               size_t additional_data_length,
-                               const uint8_t *plaintext,
-                               size_t plaintext_length,
-                               uint8_t *ciphertext,
-                               size_t ciphertext_size,
-                               size_t *ciphertext_length )
-{
-    psa_status_t status;
-    aead_operation_t operation = AEAD_OPERATION_INIT;
-    uint8_t *tag;
-
-    *ciphertext_length = 0;
-
-    status = psa_aead_setup( &operation, key, PSA_KEY_USAGE_ENCRYPT, alg );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    /* For all currently supported modes, the tag is at the end of the
-     * ciphertext. */
-    if( ciphertext_size < ( plaintext_length + operation.tag_length ) )
-    {
-        status = PSA_ERROR_BUFFER_TOO_SMALL;
-        goto exit;
-    }
-    tag = ciphertext + plaintext_length;
-
-#if defined(MBEDTLS_GCM_C)
-    if( operation.core_alg == PSA_ALG_GCM )
-    {
-        status = mbedtls_to_psa_error(
-            mbedtls_gcm_crypt_and_tag( &operation.ctx.gcm,
-                                       MBEDTLS_GCM_ENCRYPT,
-                                       plaintext_length,
-                                       nonce, nonce_length,
-                                       additional_data, additional_data_length,
-                                       plaintext, ciphertext,
-                                       operation.tag_length, tag ) );
-    }
-    else
-#endif /* MBEDTLS_GCM_C */
-#if defined(MBEDTLS_CCM_C)
-    if( operation.core_alg == PSA_ALG_CCM )
-    {
-        status = mbedtls_to_psa_error(
-            mbedtls_ccm_encrypt_and_tag( &operation.ctx.ccm,
-                                         plaintext_length,
-                                         nonce, nonce_length,
-                                         additional_data,
-                                         additional_data_length,
-                                         plaintext, ciphertext,
-                                         tag, operation.tag_length ) );
-    }
-    else
-#endif /* MBEDTLS_CCM_C */
-#if defined(MBEDTLS_CHACHAPOLY_C)
-    if( operation.core_alg == PSA_ALG_CHACHA20_POLY1305 )
-    {
-        if( nonce_length != 12 || operation.tag_length != 16 )
-        {
-            status = PSA_ERROR_NOT_SUPPORTED;
-            goto exit;
-        }
-        status = mbedtls_to_psa_error(
-            mbedtls_chachapoly_encrypt_and_tag( &operation.ctx.chachapoly,
-                                                plaintext_length,
-                                                nonce,
-                                                additional_data,
-                                                additional_data_length,
-                                                plaintext,
-                                                ciphertext,
-                                                tag ) );
-    }
-    else
-#endif /* MBEDTLS_CHACHAPOLY_C */
-    {
-        return( PSA_ERROR_NOT_SUPPORTED );
-    }
-
-    if( status != PSA_SUCCESS && ciphertext_size != 0 )
-        memset( ciphertext, 0, ciphertext_size );
-
-exit:
-    psa_aead_abort_internal( &operation );
-    if( status == PSA_SUCCESS )
-        *ciphertext_length = plaintext_length + operation.tag_length;
-    return( status );
-}
-
-/* Locate the tag in a ciphertext buffer containing the encrypted data
- * followed by the tag. Return the length of the part preceding the tag in
- * *plaintext_length. This is the size of the plaintext in modes where
- * the encrypted data has the same size as the plaintext, such as
- * CCM and GCM. */
-static psa_status_t psa_aead_unpadded_locate_tag( size_t tag_length,
-                                                  const uint8_t *ciphertext,
-                                                  size_t ciphertext_length,
-                                                  size_t plaintext_size,
-                                                  const uint8_t **p_tag )
-{
-    size_t payload_length;
-    if( tag_length > ciphertext_length )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    payload_length = ciphertext_length - tag_length;
-    if( payload_length > plaintext_size )
-        return( PSA_ERROR_BUFFER_TOO_SMALL );
-    *p_tag = ciphertext + payload_length;
-    return( PSA_SUCCESS );
-}
-
-psa_status_t psa_aead_decrypt( mbedtls_svc_key_id_t key,
-                               psa_algorithm_t alg,
-                               const uint8_t *nonce,
-                               size_t nonce_length,
-                               const uint8_t *additional_data,
-                               size_t additional_data_length,
-                               const uint8_t *ciphertext,
-                               size_t ciphertext_length,
-                               uint8_t *plaintext,
-                               size_t plaintext_size,
-                               size_t *plaintext_length )
-{
-    psa_status_t status;
-    aead_operation_t operation = AEAD_OPERATION_INIT;
-    const uint8_t *tag = NULL;
-
-    *plaintext_length = 0;
-
-    status = psa_aead_setup( &operation, key, PSA_KEY_USAGE_DECRYPT, alg );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    status = psa_aead_unpadded_locate_tag( operation.tag_length,
-                                           ciphertext, ciphertext_length,
-                                           plaintext_size, &tag );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-#if defined(MBEDTLS_GCM_C)
-    if( operation.core_alg == PSA_ALG_GCM )
-    {
-        status = mbedtls_to_psa_error(
-            mbedtls_gcm_auth_decrypt( &operation.ctx.gcm,
-                                      ciphertext_length - operation.tag_length,
-                                      nonce, nonce_length,
-                                      additional_data,
-                                      additional_data_length,
-                                      tag, operation.tag_length,
-                                      ciphertext, plaintext ) );
-    }
-    else
-#endif /* MBEDTLS_GCM_C */
-#if defined(MBEDTLS_CCM_C)
-    if( operation.core_alg == PSA_ALG_CCM )
-    {
-        status = mbedtls_to_psa_error(
-            mbedtls_ccm_auth_decrypt( &operation.ctx.ccm,
-                                      ciphertext_length - operation.tag_length,
-                                      nonce, nonce_length,
-                                      additional_data,
-                                      additional_data_length,
-                                      ciphertext, plaintext,
-                                      tag, operation.tag_length ) );
-    }
-    else
-#endif /* MBEDTLS_CCM_C */
-#if defined(MBEDTLS_CHACHAPOLY_C)
-    if( operation.core_alg == PSA_ALG_CHACHA20_POLY1305 )
-    {
-        if( nonce_length != 12 || operation.tag_length != 16 )
-        {
-            status = PSA_ERROR_NOT_SUPPORTED;
-            goto exit;
-        }
-        status = mbedtls_to_psa_error(
-            mbedtls_chachapoly_auth_decrypt( &operation.ctx.chachapoly,
-                                             ciphertext_length - operation.tag_length,
-                                             nonce,
-                                             additional_data,
-                                             additional_data_length,
-                                             tag,
-                                             ciphertext,
-                                             plaintext ) );
-    }
-    else
-#endif /* MBEDTLS_CHACHAPOLY_C */
-    {
-        return( PSA_ERROR_NOT_SUPPORTED );
-    }
-
-    if( status != PSA_SUCCESS && plaintext_size != 0 )
-        memset( plaintext, 0, plaintext_size );
-
-exit:
-    psa_aead_abort_internal( &operation );
-    if( status == PSA_SUCCESS )
-        *plaintext_length = ciphertext_length - operation.tag_length;
-    return( status );
-}
-
-
-
-/****************************************************************/
-/* Generators */
-/****************************************************************/
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
-#define AT_LEAST_ONE_BUILTIN_KDF
-#endif
-
-#define HKDF_STATE_INIT 0 /* no input yet */
-#define HKDF_STATE_STARTED 1 /* got salt */
-#define HKDF_STATE_KEYED 2 /* got key */
-#define HKDF_STATE_OUTPUT 3 /* output started */
-
-static psa_algorithm_t psa_key_derivation_get_kdf_alg(
-    const psa_key_derivation_operation_t *operation )
-{
-    if ( PSA_ALG_IS_KEY_AGREEMENT( operation->alg ) )
-        return( PSA_ALG_KEY_AGREEMENT_GET_KDF( operation->alg ) );
-    else
-        return( operation->alg );
-}
-
-psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation )
-{
-    psa_status_t status = PSA_SUCCESS;
-    psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation );
-    if( kdf_alg == 0 )
-    {
-        /* The object has (apparently) been initialized but it is not
-         * in use. It's ok to call abort on such an object, and there's
-         * nothing to do. */
-    }
-    else
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
-    if( PSA_ALG_IS_HKDF( kdf_alg ) )
-    {
-        mbedtls_free( operation->ctx.hkdf.info );
-        status = psa_hmac_abort_internal( &operation->ctx.hkdf.hmac );
-    }
-    else
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
-    if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) ||
-             /* TLS-1.2 PSK-to-MS KDF uses the same core as TLS-1.2 PRF */
-             PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) )
-    {
-        if( operation->ctx.tls12_prf.seed != NULL )
-        {
-            mbedtls_platform_zeroize( operation->ctx.tls12_prf.seed,
-                                      operation->ctx.tls12_prf.seed_length );
-            mbedtls_free( operation->ctx.tls12_prf.seed );
-        }
-
-        if( operation->ctx.tls12_prf.label != NULL )
-        {
-            mbedtls_platform_zeroize( operation->ctx.tls12_prf.label,
-                                      operation->ctx.tls12_prf.label_length );
-            mbedtls_free( operation->ctx.tls12_prf.label );
-        }
-
-        status = psa_hmac_abort_internal( &operation->ctx.tls12_prf.hmac );
-
-        /* We leave the fields Ai and output_block to be erased safely by the
-         * mbedtls_platform_zeroize() in the end of this function. */
-    }
-    else
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) ||
-        * defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) */
-    {
-        status = PSA_ERROR_BAD_STATE;
-    }
-    mbedtls_platform_zeroize( operation, sizeof( *operation ) );
-    return( status );
-}
-
-psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_t *operation,
-                                        size_t *capacity)
-{
-    if( operation->alg == 0 )
-    {
-        /* This is a blank key derivation operation. */
-        return( PSA_ERROR_BAD_STATE );
-    }
-
-    *capacity = operation->capacity;
-    return( PSA_SUCCESS );
-}
-
-psa_status_t psa_key_derivation_set_capacity( psa_key_derivation_operation_t *operation,
-                                         size_t capacity )
-{
-    if( operation->alg == 0 )
-        return( PSA_ERROR_BAD_STATE );
-    if( capacity > operation->capacity )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    operation->capacity = capacity;
-    return( PSA_SUCCESS );
-}
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
-/* Read some bytes from an HKDF-based operation. This performs a chunk
- * of the expand phase of the HKDF algorithm. */
-static psa_status_t psa_key_derivation_hkdf_read( psa_hkdf_key_derivation_t *hkdf,
-                                             psa_algorithm_t hash_alg,
-                                             uint8_t *output,
-                                             size_t output_length )
-{
-    uint8_t hash_length = PSA_HASH_SIZE( hash_alg );
-    psa_status_t status;
-
-    if( hkdf->state < HKDF_STATE_KEYED || ! hkdf->info_set )
-        return( PSA_ERROR_BAD_STATE );
-    hkdf->state = HKDF_STATE_OUTPUT;
-
-    while( output_length != 0 )
-    {
-        /* Copy what remains of the current block */
-        uint8_t n = hash_length - hkdf->offset_in_block;
-        if( n > output_length )
-            n = (uint8_t) output_length;
-        memcpy( output, hkdf->output_block + hkdf->offset_in_block, n );
-        output += n;
-        output_length -= n;
-        hkdf->offset_in_block += n;
-        if( output_length == 0 )
-            break;
-        /* We can't be wanting more output after block 0xff, otherwise
-         * the capacity check in psa_key_derivation_output_bytes() would have
-         * prevented this call. It could happen only if the operation
-         * object was corrupted or if this function is called directly
-         * inside the library. */
-        if( hkdf->block_number == 0xff )
-            return( PSA_ERROR_BAD_STATE );
-
-        /* We need a new block */
-        ++hkdf->block_number;
-        hkdf->offset_in_block = 0;
-        status = psa_hmac_setup_internal( &hkdf->hmac,
-                                          hkdf->prk, hash_length,
-                                          hash_alg );
-        if( status != PSA_SUCCESS )
-            return( status );
-        if( hkdf->block_number != 1 )
-        {
-            status = psa_hash_update( &hkdf->hmac.hash_ctx,
-                                      hkdf->output_block,
-                                      hash_length );
-            if( status != PSA_SUCCESS )
-                return( status );
-        }
-        status = psa_hash_update( &hkdf->hmac.hash_ctx,
-                                  hkdf->info,
-                                  hkdf->info_length );
-        if( status != PSA_SUCCESS )
-            return( status );
-        status = psa_hash_update( &hkdf->hmac.hash_ctx,
-                                  &hkdf->block_number, 1 );
-        if( status != PSA_SUCCESS )
-            return( status );
-        status = psa_hmac_finish_internal( &hkdf->hmac,
-                                           hkdf->output_block,
-                                           sizeof( hkdf->output_block ) );
-        if( status != PSA_SUCCESS )
-            return( status );
-    }
-
-    return( PSA_SUCCESS );
-}
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
-static psa_status_t psa_key_derivation_tls12_prf_generate_next_block(
-    psa_tls12_prf_key_derivation_t *tls12_prf,
-    psa_algorithm_t alg )
-{
-    psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg );
-    uint8_t hash_length = PSA_HASH_SIZE( hash_alg );
-    psa_hash_operation_t backup = PSA_HASH_OPERATION_INIT;
-    psa_status_t status, cleanup_status;
-
-    /* We can't be wanting more output after block 0xff, otherwise
-     * the capacity check in psa_key_derivation_output_bytes() would have
-     * prevented this call. It could happen only if the operation
-     * object was corrupted or if this function is called directly
-     * inside the library. */
-    if( tls12_prf->block_number == 0xff )
-        return( PSA_ERROR_CORRUPTION_DETECTED );
-
-    /* We need a new block */
-    ++tls12_prf->block_number;
-    tls12_prf->left_in_block = hash_length;
-
-    /* Recall the definition of the TLS-1.2-PRF from RFC 5246:
-     *
-     * PRF(secret, label, seed) = P_<hash>(secret, label + seed)
-     *
-     * P_hash(secret, seed) = HMAC_hash(secret, A(1) + seed) +
-     *                        HMAC_hash(secret, A(2) + seed) +
-     *                        HMAC_hash(secret, A(3) + seed) + ...
-     *
-     * A(0) = seed
-     * A(i) = HMAC_hash(secret, A(i-1))
-     *
-     * The `psa_tls12_prf_key_derivation` structure saves the block
-     * `HMAC_hash(secret, A(i) + seed)` from which the output
-     * is currently extracted as `output_block` and where i is
-     * `block_number`.
-     */
-
-    /* Save the hash context before using it, to preserve the hash state with
-     * only the inner padding in it. We need this, because inner padding depends
-     * on the key (secret in the RFC's terminology). */
-    status = psa_hash_clone( &tls12_prf->hmac.hash_ctx, &backup );
-    if( status != PSA_SUCCESS )
-        goto cleanup;
-
-    /* Calculate A(i) where i = tls12_prf->block_number. */
-    if( tls12_prf->block_number == 1 )
-    {
-        /* A(1) = HMAC_hash(secret, A(0)), where A(0) = seed. (The RFC overloads
-         * the variable seed and in this instance means it in the context of the
-         * P_hash function, where seed = label + seed.) */
-        status = psa_hash_update( &tls12_prf->hmac.hash_ctx,
-                                  tls12_prf->label, tls12_prf->label_length );
-        if( status != PSA_SUCCESS )
-            goto cleanup;
-        status = psa_hash_update( &tls12_prf->hmac.hash_ctx,
-                                  tls12_prf->seed, tls12_prf->seed_length );
-        if( status != PSA_SUCCESS )
-            goto cleanup;
-    }
-    else
-    {
-        /* A(i) = HMAC_hash(secret, A(i-1)) */
-        status = psa_hash_update( &tls12_prf->hmac.hash_ctx,
-                                  tls12_prf->Ai, hash_length );
-        if( status != PSA_SUCCESS )
-            goto cleanup;
-    }
-
-    status = psa_hmac_finish_internal( &tls12_prf->hmac,
-                                       tls12_prf->Ai, hash_length );
-    if( status != PSA_SUCCESS )
-        goto cleanup;
-    status = psa_hash_clone( &backup, &tls12_prf->hmac.hash_ctx );
-    if( status != PSA_SUCCESS )
-        goto cleanup;
-
-    /* Calculate HMAC_hash(secret, A(i) + label + seed). */
-    status = psa_hash_update( &tls12_prf->hmac.hash_ctx,
-                              tls12_prf->Ai, hash_length );
-    if( status != PSA_SUCCESS )
-        goto cleanup;
-    status = psa_hash_update( &tls12_prf->hmac.hash_ctx,
-                              tls12_prf->label, tls12_prf->label_length );
-    if( status != PSA_SUCCESS )
-        goto cleanup;
-    status = psa_hash_update( &tls12_prf->hmac.hash_ctx,
-                              tls12_prf->seed, tls12_prf->seed_length );
-    if( status != PSA_SUCCESS )
-        goto cleanup;
-    status = psa_hmac_finish_internal( &tls12_prf->hmac,
-                                       tls12_prf->output_block, hash_length );
-    if( status != PSA_SUCCESS )
-        goto cleanup;
-    status = psa_hash_clone( &backup, &tls12_prf->hmac.hash_ctx );
-    if( status != PSA_SUCCESS )
-        goto cleanup;
-
-
-cleanup:
-
-    cleanup_status = psa_hash_abort( &backup );
-    if( status == PSA_SUCCESS && cleanup_status != PSA_SUCCESS )
-        status = cleanup_status;
-
-    return( status );
-}
-
-static psa_status_t psa_key_derivation_tls12_prf_read(
-    psa_tls12_prf_key_derivation_t *tls12_prf,
-    psa_algorithm_t alg,
-    uint8_t *output,
-    size_t output_length )
-{
-    psa_algorithm_t hash_alg = PSA_ALG_TLS12_PRF_GET_HASH( alg );
-    uint8_t hash_length = PSA_HASH_SIZE( hash_alg );
-    psa_status_t status;
-    uint8_t offset, length;
-
-    while( output_length != 0 )
-    {
-        /* Check if we have fully processed the current block. */
-        if( tls12_prf->left_in_block == 0 )
-        {
-            status = psa_key_derivation_tls12_prf_generate_next_block( tls12_prf,
-                                                                       alg );
-            if( status != PSA_SUCCESS )
-                return( status );
-
-            continue;
-        }
-
-        if( tls12_prf->left_in_block > output_length )
-            length = (uint8_t) output_length;
-        else
-            length = tls12_prf->left_in_block;
-
-        offset = hash_length - tls12_prf->left_in_block;
-        memcpy( output, tls12_prf->output_block + offset, length );
-        output += length;
-        output_length -= length;
-        tls12_prf->left_in_block -= length;
-    }
-
-    return( PSA_SUCCESS );
-}
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF ||
-        * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
-
-psa_status_t psa_key_derivation_output_bytes(
-    psa_key_derivation_operation_t *operation,
-    uint8_t *output,
-    size_t output_length )
-{
-    psa_status_t status;
-    psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation );
-
-    if( operation->alg == 0 )
-    {
-        /* This is a blank operation. */
-        return( PSA_ERROR_BAD_STATE );
-    }
-
-    if( output_length > operation->capacity )
-    {
-        operation->capacity = 0;
-        /* Go through the error path to wipe all confidential data now
-         * that the operation object is useless. */
-        status = PSA_ERROR_INSUFFICIENT_DATA;
-        goto exit;
-    }
-    if( output_length == 0 && operation->capacity == 0 )
-    {
-        /* Edge case: this is a finished operation, and 0 bytes
-         * were requested. The right error in this case could
-         * be either INSUFFICIENT_CAPACITY or BAD_STATE. Return
-         * INSUFFICIENT_CAPACITY, which is right for a finished
-         * operation, for consistency with the case when
-         * output_length > 0. */
-        return( PSA_ERROR_INSUFFICIENT_DATA );
-    }
-    operation->capacity -= output_length;
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
-    if( PSA_ALG_IS_HKDF( kdf_alg ) )
-    {
-        psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( kdf_alg );
-        status = psa_key_derivation_hkdf_read( &operation->ctx.hkdf, hash_alg,
-                                          output, output_length );
-    }
-    else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
-    if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) ||
-        PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) )
-    {
-        status = psa_key_derivation_tls12_prf_read( &operation->ctx.tls12_prf,
-                                               kdf_alg, output,
-                                               output_length );
-    }
-    else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF ||
-        * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
-    {
-        return( PSA_ERROR_BAD_STATE );
-    }
-
-exit:
-    if( status != PSA_SUCCESS )
-    {
-        /* Preserve the algorithm upon errors, but clear all sensitive state.
-         * This allows us to differentiate between exhausted operations and
-         * blank operations, so we can return PSA_ERROR_BAD_STATE on blank
-         * operations. */
-        psa_algorithm_t alg = operation->alg;
-        psa_key_derivation_abort( operation );
-        operation->alg = alg;
-        memset( output, '!', output_length );
-    }
-    return( status );
-}
-
-#if defined(MBEDTLS_DES_C)
-static void psa_des_set_key_parity( uint8_t *data, size_t data_size )
-{
-    if( data_size >= 8 )
-        mbedtls_des_key_set_parity( data );
-    if( data_size >= 16 )
-        mbedtls_des_key_set_parity( data + 8 );
-    if( data_size >= 24 )
-        mbedtls_des_key_set_parity( data + 16 );
-}
-#endif /* MBEDTLS_DES_C */
-
-static psa_status_t psa_generate_derived_key_internal(
-    psa_key_slot_t *slot,
-    size_t bits,
-    psa_key_derivation_operation_t *operation )
-{
-    uint8_t *data = NULL;
-    size_t bytes = PSA_BITS_TO_BYTES( bits );
-    psa_status_t status;
-
-    if( ! key_type_is_raw_bytes( slot->attr.type ) )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    if( bits % 8 != 0 )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    data = mbedtls_calloc( 1, bytes );
-    if( data == NULL )
-        return( PSA_ERROR_INSUFFICIENT_MEMORY );
-
-    status = psa_key_derivation_output_bytes( operation, data, bytes );
-    if( status != PSA_SUCCESS )
-        goto exit;
-#if defined(MBEDTLS_DES_C)
-    if( slot->attr.type == PSA_KEY_TYPE_DES )
-        psa_des_set_key_parity( data, bytes );
-#endif /* MBEDTLS_DES_C */
-    status = psa_import_key_into_slot( slot, data, bytes );
-
-exit:
-    mbedtls_free( data );
-    return( status );
-}
-
-psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attributes,
-                                       psa_key_derivation_operation_t *operation,
-                                       mbedtls_svc_key_id_t *key )
-{
-    psa_status_t status;
-    psa_key_slot_t *slot = NULL;
-    psa_se_drv_table_entry_t *driver = NULL;
-
-    *key = MBEDTLS_SVC_KEY_ID_INIT;
-
-    /* Reject any attempt to create a zero-length key so that we don't
-     * risk tripping up later, e.g. on a malloc(0) that returns NULL. */
-    if( psa_get_key_bits( attributes ) == 0 )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
-    if( ! operation->can_output_key )
-        return( PSA_ERROR_NOT_PERMITTED );
-
-    status = psa_start_key_creation( PSA_KEY_CREATION_DERIVE, attributes,
-                                     &slot, &driver );
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    if( driver != NULL )
-    {
-        /* Deriving a key in a secure element is not implemented yet. */
-        status = PSA_ERROR_NOT_SUPPORTED;
-    }
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-    if( status == PSA_SUCCESS )
-    {
-        status = psa_generate_derived_key_internal( slot,
-                                                    attributes->core.bits,
-                                                    operation );
-    }
-    if( status == PSA_SUCCESS )
-        status = psa_finish_key_creation( slot, driver, key );
-    if( status != PSA_SUCCESS )
-        psa_fail_key_creation( slot, driver );
-
-    return( status );
-}
-
-
-
-/****************************************************************/
-/* Key derivation */
-/****************************************************************/
-
-#ifdef AT_LEAST_ONE_BUILTIN_KDF
-static psa_status_t psa_key_derivation_setup_kdf(
-    psa_key_derivation_operation_t *operation,
-    psa_algorithm_t kdf_alg )
-{
-    int is_kdf_alg_supported;
-
-    /* Make sure that operation->ctx is properly zero-initialised. (Macro
-     * initialisers for this union leave some bytes unspecified.) */
-    memset( &operation->ctx, 0, sizeof( operation->ctx ) );
-
-    /* Make sure that kdf_alg is a supported key derivation algorithm. */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
-    if( PSA_ALG_IS_HKDF( kdf_alg ) )
-        is_kdf_alg_supported = 1;
-    else
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF)
-    if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) )
-        is_kdf_alg_supported = 1;
-    else
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
-    if( PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) )
-        is_kdf_alg_supported = 1;
-    else
-#endif
-    is_kdf_alg_supported = 0;
-
-    if( is_kdf_alg_supported )
-    {
-        psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( kdf_alg );
-        size_t hash_size = PSA_HASH_SIZE( hash_alg );
-        if( hash_size == 0 )
-            return( PSA_ERROR_NOT_SUPPORTED );
-        if( ( PSA_ALG_IS_TLS12_PRF( kdf_alg ) ||
-              PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) &&
-            ! ( hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384 ) )
-        {
-            return( PSA_ERROR_NOT_SUPPORTED );
-        }
-        operation->capacity = 255 * hash_size;
-        return( PSA_SUCCESS );
-    }
-
-    return( PSA_ERROR_NOT_SUPPORTED );
-}
-#endif /* AT_LEAST_ONE_BUILTIN_KDF */
-
-psa_status_t psa_key_derivation_setup( psa_key_derivation_operation_t *operation,
-                                       psa_algorithm_t alg )
-{
-    psa_status_t status;
-
-    if( operation->alg != 0 )
-        return( PSA_ERROR_BAD_STATE );
-
-    if( PSA_ALG_IS_RAW_KEY_AGREEMENT( alg ) )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-#ifdef AT_LEAST_ONE_BUILTIN_KDF
-    else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) )
-    {
-        psa_algorithm_t kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF( alg );
-        status = psa_key_derivation_setup_kdf( operation, kdf_alg );
-    }
-    else if( PSA_ALG_IS_KEY_DERIVATION( alg ) )
-    {
-        status = psa_key_derivation_setup_kdf( operation, alg );
-    }
-#endif
-    else
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
-    if( status == PSA_SUCCESS )
-        operation->alg = alg;
-    return( status );
-}
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
-static psa_status_t psa_hkdf_input( psa_hkdf_key_derivation_t *hkdf,
-                                    psa_algorithm_t hash_alg,
-                                    psa_key_derivation_step_t step,
-                                    const uint8_t *data,
-                                    size_t data_length )
-{
-    psa_status_t status;
-    switch( step )
-    {
-        case PSA_KEY_DERIVATION_INPUT_SALT:
-            if( hkdf->state != HKDF_STATE_INIT )
-                return( PSA_ERROR_BAD_STATE );
-            status = psa_hmac_setup_internal( &hkdf->hmac,
-                                              data, data_length,
-                                              hash_alg );
-            if( status != PSA_SUCCESS )
-                return( status );
-            hkdf->state = HKDF_STATE_STARTED;
-            return( PSA_SUCCESS );
-        case PSA_KEY_DERIVATION_INPUT_SECRET:
-            /* If no salt was provided, use an empty salt. */
-            if( hkdf->state == HKDF_STATE_INIT )
-            {
-                status = psa_hmac_setup_internal( &hkdf->hmac,
-                                                  NULL, 0,
-                                                  hash_alg );
-                if( status != PSA_SUCCESS )
-                    return( status );
-                hkdf->state = HKDF_STATE_STARTED;
-            }
-            if( hkdf->state != HKDF_STATE_STARTED )
-                return( PSA_ERROR_BAD_STATE );
-            status = psa_hash_update( &hkdf->hmac.hash_ctx,
-                                      data, data_length );
-            if( status != PSA_SUCCESS )
-                return( status );
-            status = psa_hmac_finish_internal( &hkdf->hmac,
-                                               hkdf->prk,
-                                               sizeof( hkdf->prk ) );
-            if( status != PSA_SUCCESS )
-                return( status );
-            hkdf->offset_in_block = PSA_HASH_SIZE( hash_alg );
-            hkdf->block_number = 0;
-            hkdf->state = HKDF_STATE_KEYED;
-            return( PSA_SUCCESS );
-        case PSA_KEY_DERIVATION_INPUT_INFO:
-            if( hkdf->state == HKDF_STATE_OUTPUT )
-                return( PSA_ERROR_BAD_STATE );
-            if( hkdf->info_set )
-                return( PSA_ERROR_BAD_STATE );
-            hkdf->info_length = data_length;
-            if( data_length != 0 )
-            {
-                hkdf->info = mbedtls_calloc( 1, data_length );
-                if( hkdf->info == NULL )
-                    return( PSA_ERROR_INSUFFICIENT_MEMORY );
-                memcpy( hkdf->info, data, data_length );
-            }
-            hkdf->info_set = 1;
-            return( PSA_SUCCESS );
-        default:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-    }
-}
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
-static psa_status_t psa_tls12_prf_set_seed( psa_tls12_prf_key_derivation_t *prf,
-                                            const uint8_t *data,
-                                            size_t data_length )
-{
-    if( prf->state != TLS12_PRF_STATE_INIT )
-        return( PSA_ERROR_BAD_STATE );
-
-    if( data_length != 0 )
-    {
-        prf->seed = mbedtls_calloc( 1, data_length );
-        if( prf->seed == NULL )
-            return( PSA_ERROR_INSUFFICIENT_MEMORY );
-
-        memcpy( prf->seed, data, data_length );
-        prf->seed_length = data_length;
-    }
-
-    prf->state = TLS12_PRF_STATE_SEED_SET;
-
-    return( PSA_SUCCESS );
-}
-
-static psa_status_t psa_tls12_prf_set_key( psa_tls12_prf_key_derivation_t *prf,
-                                           psa_algorithm_t hash_alg,
-                                           const uint8_t *data,
-                                           size_t data_length )
-{
-    psa_status_t status;
-    if( prf->state != TLS12_PRF_STATE_SEED_SET )
-        return( PSA_ERROR_BAD_STATE );
-
-    status = psa_hmac_setup_internal( &prf->hmac, data, data_length, hash_alg );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    prf->state = TLS12_PRF_STATE_KEY_SET;
-
-    return( PSA_SUCCESS );
-}
-
-static psa_status_t psa_tls12_prf_set_label( psa_tls12_prf_key_derivation_t *prf,
-                                             const uint8_t *data,
-                                             size_t data_length )
-{
-    if( prf->state != TLS12_PRF_STATE_KEY_SET )
-        return( PSA_ERROR_BAD_STATE );
-
-    if( data_length != 0 )
-    {
-        prf->label = mbedtls_calloc( 1, data_length );
-        if( prf->label == NULL )
-            return( PSA_ERROR_INSUFFICIENT_MEMORY );
-
-        memcpy( prf->label, data, data_length );
-        prf->label_length = data_length;
-    }
-
-    prf->state = TLS12_PRF_STATE_LABEL_SET;
-
-    return( PSA_SUCCESS );
-}
-
-static psa_status_t psa_tls12_prf_input( psa_tls12_prf_key_derivation_t *prf,
-                                         psa_algorithm_t hash_alg,
-                                         psa_key_derivation_step_t step,
-                                         const uint8_t *data,
-                                         size_t data_length )
-{
-    switch( step )
-    {
-        case PSA_KEY_DERIVATION_INPUT_SEED:
-            return( psa_tls12_prf_set_seed( prf, data, data_length ) );
-        case PSA_KEY_DERIVATION_INPUT_SECRET:
-            return( psa_tls12_prf_set_key( prf, hash_alg, data, data_length ) );
-        case PSA_KEY_DERIVATION_INPUT_LABEL:
-            return( psa_tls12_prf_set_label( prf, data, data_length ) );
-        default:
-            return( PSA_ERROR_INVALID_ARGUMENT );
-    }
-}
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) ||
-        * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
-static psa_status_t psa_tls12_prf_psk_to_ms_set_key(
-    psa_tls12_prf_key_derivation_t *prf,
-    psa_algorithm_t hash_alg,
-    const uint8_t *data,
-    size_t data_length )
-{
-    psa_status_t status;
-    uint8_t pms[ 4 + 2 * PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ];
-    uint8_t *cur = pms;
-
-    if( data_length > PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
-    /* Quoting RFC 4279, Section 2:
-     *
-     * The premaster secret is formed as follows: if the PSK is N octets
-     * long, concatenate a uint16 with the value N, N zero octets, a second
-     * uint16 with the value N, and the PSK itself.
-     */
-
-    *cur++ = ( data_length >> 8 ) & 0xff;
-    *cur++ = ( data_length >> 0 ) & 0xff;
-    memset( cur, 0, data_length );
-    cur += data_length;
-    *cur++ = pms[0];
-    *cur++ = pms[1];
-    memcpy( cur, data, data_length );
-    cur += data_length;
-
-    status = psa_tls12_prf_set_key( prf, hash_alg, pms, cur - pms );
-
-    mbedtls_platform_zeroize( pms, sizeof( pms ) );
-    return( status );
-}
-
-static psa_status_t psa_tls12_prf_psk_to_ms_input(
-    psa_tls12_prf_key_derivation_t *prf,
-    psa_algorithm_t hash_alg,
-    psa_key_derivation_step_t step,
-    const uint8_t *data,
-    size_t data_length )
-{
-    if( step == PSA_KEY_DERIVATION_INPUT_SECRET )
-    {
-        return( psa_tls12_prf_psk_to_ms_set_key( prf, hash_alg,
-                                                 data, data_length ) );
-    }
-
-    return( psa_tls12_prf_input( prf, hash_alg, step, data, data_length ) );
-}
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
-
-/** Check whether the given key type is acceptable for the given
- * input step of a key derivation.
- *
- * Secret inputs must have the type #PSA_KEY_TYPE_DERIVE.
- * Non-secret inputs must have the type #PSA_KEY_TYPE_RAW_DATA.
- * Both secret and non-secret inputs can alternatively have the type
- * #PSA_KEY_TYPE_NONE, which is never the type of a key object, meaning
- * that the input was passed as a buffer rather than via a key object.
- */
-static int psa_key_derivation_check_input_type(
-    psa_key_derivation_step_t step,
-    psa_key_type_t key_type )
-{
-    switch( step )
-    {
-        case PSA_KEY_DERIVATION_INPUT_SECRET:
-            if( key_type == PSA_KEY_TYPE_DERIVE )
-                return( PSA_SUCCESS );
-            if( key_type == PSA_KEY_TYPE_NONE )
-                return( PSA_SUCCESS );
-            break;
-        case PSA_KEY_DERIVATION_INPUT_LABEL:
-        case PSA_KEY_DERIVATION_INPUT_SALT:
-        case PSA_KEY_DERIVATION_INPUT_INFO:
-        case PSA_KEY_DERIVATION_INPUT_SEED:
-            if( key_type == PSA_KEY_TYPE_RAW_DATA )
-                return( PSA_SUCCESS );
-            if( key_type == PSA_KEY_TYPE_NONE )
-                return( PSA_SUCCESS );
-            break;
-    }
-    return( PSA_ERROR_INVALID_ARGUMENT );
-}
-
-static psa_status_t psa_key_derivation_input_internal(
-    psa_key_derivation_operation_t *operation,
-    psa_key_derivation_step_t step,
-    psa_key_type_t key_type,
-    const uint8_t *data,
-    size_t data_length )
-{
-    psa_status_t status;
-    psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation );
-
-    status = psa_key_derivation_check_input_type( step, key_type );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
-    if( PSA_ALG_IS_HKDF( kdf_alg ) )
-    {
-        status = psa_hkdf_input( &operation->ctx.hkdf,
-                                 PSA_ALG_HKDF_GET_HASH( kdf_alg ),
-                                 step, data, data_length );
-    }
-    else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF)
-    if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) )
-    {
-        status = psa_tls12_prf_input( &operation->ctx.tls12_prf,
-                                      PSA_ALG_HKDF_GET_HASH( kdf_alg ),
-                                      step, data, data_length );
-    }
-    else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
-    if( PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) )
-    {
-        status = psa_tls12_prf_psk_to_ms_input( &operation->ctx.tls12_prf,
-                                                PSA_ALG_HKDF_GET_HASH( kdf_alg ),
-                                                step, data, data_length );
-    }
-    else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
-    {
-        /* This can't happen unless the operation object was not initialized */
-        return( PSA_ERROR_BAD_STATE );
-    }
-
-exit:
-    if( status != PSA_SUCCESS )
-        psa_key_derivation_abort( operation );
-    return( status );
-}
-
-psa_status_t psa_key_derivation_input_bytes(
-    psa_key_derivation_operation_t *operation,
-    psa_key_derivation_step_t step,
-    const uint8_t *data,
-    size_t data_length )
-{
-    return( psa_key_derivation_input_internal( operation, step,
-                                               PSA_KEY_TYPE_NONE,
-                                               data, data_length ) );
-}
-
-psa_status_t psa_key_derivation_input_key(
-    psa_key_derivation_operation_t *operation,
-    psa_key_derivation_step_t step,
-    mbedtls_svc_key_id_t key )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_key_slot_t *slot;
-
-    status = psa_get_and_lock_transparent_key_slot_with_policy(
-                 key, &slot, PSA_KEY_USAGE_DERIVE, operation->alg );
-    if( status != PSA_SUCCESS )
-    {
-        psa_key_derivation_abort( operation );
-        return( status );
-    }
-
-    /* Passing a key object as a SECRET input unlocks the permission
-     * to output to a key object. */
-    if( step == PSA_KEY_DERIVATION_INPUT_SECRET )
-        operation->can_output_key = 1;
-
-    status = psa_key_derivation_input_internal( operation,
-                                                step, slot->attr.type,
-                                                slot->data.key.data,
-                                                slot->data.key.bytes );
-
-    unlock_status = psa_unlock_key_slot( slot );
-
-    return( ( status == PSA_SUCCESS ) ? unlock_status : status );
-}
-
-
-
-/****************************************************************/
-/* Key agreement */
-/****************************************************************/
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH)
-static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key,
-                                            size_t peer_key_length,
-                                            const mbedtls_ecp_keypair *our_key,
-                                            uint8_t *shared_secret,
-                                            size_t shared_secret_size,
-                                            size_t *shared_secret_length )
-{
-    mbedtls_ecp_keypair *their_key = NULL;
-    mbedtls_ecdh_context ecdh;
-    psa_status_t status;
-    size_t bits = 0;
-    psa_ecc_family_t curve = mbedtls_ecc_group_to_psa( our_key->grp.id, &bits );
-    mbedtls_ecdh_init( &ecdh );
-
-    status = psa_load_ecp_representation( PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve),
-                                          peer_key,
-                                          peer_key_length,
-                                          &their_key );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    status = mbedtls_to_psa_error(
-        mbedtls_ecdh_get_params( &ecdh, their_key, MBEDTLS_ECDH_THEIRS ) );
-    if( status != PSA_SUCCESS )
-        goto exit;
-    status = mbedtls_to_psa_error(
-        mbedtls_ecdh_get_params( &ecdh, our_key, MBEDTLS_ECDH_OURS ) );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    status = mbedtls_to_psa_error(
-        mbedtls_ecdh_calc_secret( &ecdh,
-                                  shared_secret_length,
-                                  shared_secret, shared_secret_size,
-                                  mbedtls_ctr_drbg_random,
-                                  &global_data.ctr_drbg ) );
-    if( status != PSA_SUCCESS )
-        goto exit;
-    if( PSA_BITS_TO_BYTES( bits ) != *shared_secret_length )
-        status = PSA_ERROR_CORRUPTION_DETECTED;
-
-exit:
-    if( status != PSA_SUCCESS )
-        mbedtls_platform_zeroize( shared_secret, shared_secret_size );
-    mbedtls_ecdh_free( &ecdh );
-    mbedtls_ecp_keypair_free( their_key );
-    mbedtls_free( their_key );
-
-    return( status );
-}
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_ECDH */
-
-#define PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE MBEDTLS_ECP_MAX_BYTES
-
-static psa_status_t psa_key_agreement_raw_internal( psa_algorithm_t alg,
-                                                    psa_key_slot_t *private_key,
-                                                    const uint8_t *peer_key,
-                                                    size_t peer_key_length,
-                                                    uint8_t *shared_secret,
-                                                    size_t shared_secret_size,
-                                                    size_t *shared_secret_length )
-{
-    switch( alg )
-    {
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH)
-        case PSA_ALG_ECDH:
-            if( ! PSA_KEY_TYPE_IS_ECC_KEY_PAIR( private_key->attr.type ) )
-                return( PSA_ERROR_INVALID_ARGUMENT );
-            mbedtls_ecp_keypair *ecp = NULL;
-            psa_status_t status = psa_load_ecp_representation(
-                                    private_key->attr.type,
-                                    private_key->data.key.data,
-                                    private_key->data.key.bytes,
-                                    &ecp );
-            if( status != PSA_SUCCESS )
-                return( status );
-            status = psa_key_agreement_ecdh( peer_key, peer_key_length,
-                                             ecp,
-                                             shared_secret, shared_secret_size,
-                                             shared_secret_length );
-            mbedtls_ecp_keypair_free( ecp );
-            mbedtls_free( ecp );
-            return( status );
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_ECDH */
-        default:
-            (void) private_key;
-            (void) peer_key;
-            (void) peer_key_length;
-            (void) shared_secret;
-            (void) shared_secret_size;
-            (void) shared_secret_length;
-            return( PSA_ERROR_NOT_SUPPORTED );
-    }
-}
-
-/* Note that if this function fails, you must call psa_key_derivation_abort()
- * to potentially free embedded data structures and wipe confidential data.
- */
-static psa_status_t psa_key_agreement_internal( psa_key_derivation_operation_t *operation,
-                                                psa_key_derivation_step_t step,
-                                                psa_key_slot_t *private_key,
-                                                const uint8_t *peer_key,
-                                                size_t peer_key_length )
-{
-    psa_status_t status;
-    uint8_t shared_secret[PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE];
-    size_t shared_secret_length = 0;
-    psa_algorithm_t ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE( operation->alg );
-
-    /* Step 1: run the secret agreement algorithm to generate the shared
-     * secret. */
-    status = psa_key_agreement_raw_internal( ka_alg,
-                                             private_key,
-                                             peer_key, peer_key_length,
-                                             shared_secret,
-                                             sizeof( shared_secret ),
-                                             &shared_secret_length );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    /* Step 2: set up the key derivation to generate key material from
-     * the shared secret. A shared secret is permitted wherever a key
-     * of type DERIVE is permitted. */
-    status = psa_key_derivation_input_internal( operation, step,
-                                                PSA_KEY_TYPE_DERIVE,
-                                                shared_secret,
-                                                shared_secret_length );
-exit:
-    mbedtls_platform_zeroize( shared_secret, shared_secret_length );
-    return( status );
-}
-
-psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *operation,
-                                               psa_key_derivation_step_t step,
-                                               mbedtls_svc_key_id_t private_key,
-                                               const uint8_t *peer_key,
-                                               size_t peer_key_length )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_key_slot_t *slot;
-
-    if( ! PSA_ALG_IS_KEY_AGREEMENT( operation->alg ) )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    status = psa_get_and_lock_transparent_key_slot_with_policy(
-                 private_key, &slot, PSA_KEY_USAGE_DERIVE, operation->alg );
-    if( status != PSA_SUCCESS )
-        return( status );
-    status = psa_key_agreement_internal( operation, step,
-                                         slot,
-                                         peer_key, peer_key_length );
-    if( status != PSA_SUCCESS )
-        psa_key_derivation_abort( operation );
-    else
-    {
-        /* If a private key has been added as SECRET, we allow the derived
-         * key material to be used as a key in PSA Crypto. */
-        if( step == PSA_KEY_DERIVATION_INPUT_SECRET )
-            operation->can_output_key = 1;
-    }
-
-    unlock_status = psa_unlock_key_slot( slot );
-
-    return( ( status == PSA_SUCCESS ) ? unlock_status : status );
-}
-
-psa_status_t psa_raw_key_agreement( psa_algorithm_t alg,
-                                    mbedtls_svc_key_id_t private_key,
-                                    const uint8_t *peer_key,
-                                    size_t peer_key_length,
-                                    uint8_t *output,
-                                    size_t output_size,
-                                    size_t *output_length )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_key_slot_t *slot = NULL;
-
-    if( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) )
-    {
-        status = PSA_ERROR_INVALID_ARGUMENT;
-        goto exit;
-    }
-    status = psa_get_and_lock_transparent_key_slot_with_policy(
-                 private_key, &slot, PSA_KEY_USAGE_DERIVE, alg );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    status = psa_key_agreement_raw_internal( alg, slot,
-                                             peer_key, peer_key_length,
-                                             output, output_size,
-                                             output_length );
-
-exit:
-    if( status != PSA_SUCCESS )
-    {
-        /* If an error happens and is not handled properly, the output
-         * may be used as a key to protect sensitive data. Arrange for such
-         * a key to be random, which is likely to result in decryption or
-         * verification errors. This is better than filling the buffer with
-         * some constant data such as zeros, which would result in the data
-         * being protected with a reproducible, easily knowable key.
-         */
-        psa_generate_random( output, output_size );
-        *output_length = output_size;
-    }
-
-    unlock_status = psa_unlock_key_slot( slot );
-
-    return( ( status == PSA_SUCCESS ) ? unlock_status : status );
-}
-
-
-/****************************************************************/
-/* Random generation */
-/****************************************************************/
-
-psa_status_t psa_generate_random( uint8_t *output,
-                                  size_t output_size )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    GUARD_MODULE_INITIALIZED;
-
-    while( output_size > MBEDTLS_CTR_DRBG_MAX_REQUEST )
-    {
-        ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg,
-                                       output,
-                                       MBEDTLS_CTR_DRBG_MAX_REQUEST );
-        if( ret != 0 )
-            return( mbedtls_to_psa_error( ret ) );
-        output += MBEDTLS_CTR_DRBG_MAX_REQUEST;
-        output_size -= MBEDTLS_CTR_DRBG_MAX_REQUEST;
-    }
-
-    ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, output, output_size );
-    return( mbedtls_to_psa_error( ret ) );
-}
-
-#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
-#include "mbedtls/entropy_poll.h"
-
-psa_status_t mbedtls_psa_inject_entropy( const uint8_t *seed,
-                                         size_t seed_size )
-{
-    if( global_data.initialized )
-        return( PSA_ERROR_NOT_PERMITTED );
-
-    if( ( ( seed_size < MBEDTLS_ENTROPY_MIN_PLATFORM ) ||
-          ( seed_size < MBEDTLS_ENTROPY_BLOCK_SIZE ) ) ||
-          ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) )
-            return( PSA_ERROR_INVALID_ARGUMENT );
-
-    return( mbedtls_psa_storage_inject_entropy( seed, seed_size ) );
-}
-#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
-
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
-static psa_status_t psa_read_rsa_exponent( const uint8_t *domain_parameters,
-                                           size_t domain_parameters_size,
-                                           int *exponent )
-{
-    size_t i;
-    uint32_t acc = 0;
-
-    if( domain_parameters_size == 0 )
-    {
-        *exponent = 65537;
-        return( PSA_SUCCESS );
-    }
-
-    /* Mbed TLS encodes the public exponent as an int. For simplicity, only
-     * support values that fit in a 32-bit integer, which is larger than
-     * int on just about every platform anyway. */
-    if( domain_parameters_size > sizeof( acc ) )
-        return( PSA_ERROR_NOT_SUPPORTED );
-    for( i = 0; i < domain_parameters_size; i++ )
-        acc = ( acc << 8 ) | domain_parameters[i];
-    if( acc > INT_MAX )
-        return( PSA_ERROR_NOT_SUPPORTED );
-    *exponent = acc;
-    return( PSA_SUCCESS );
-}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */
-
-static psa_status_t psa_generate_key_internal(
-    psa_key_slot_t *slot, size_t bits,
-    const uint8_t *domain_parameters, size_t domain_parameters_size )
-{
-    psa_key_type_t type = slot->attr.type;
-
-    if( domain_parameters == NULL && domain_parameters_size != 0 )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
-    if( key_type_is_raw_bytes( type ) )
-    {
-        psa_status_t status;
-
-        status = validate_unstructured_key_bit_size( slot->attr.type, bits );
-        if( status != PSA_SUCCESS )
-            return( status );
-
-        /* Allocate memory for the key */
-        status = psa_allocate_buffer_to_slot( slot, PSA_BITS_TO_BYTES( bits ) );
-        if( status != PSA_SUCCESS )
-            return( status );
-
-        status = psa_generate_random( slot->data.key.data,
-                                      slot->data.key.bytes );
-        if( status != PSA_SUCCESS )
-            return( status );
-
-        slot->attr.bits = (psa_key_bits_t) bits;
-#if defined(MBEDTLS_DES_C)
-        if( type == PSA_KEY_TYPE_DES )
-            psa_des_set_key_parity( slot->data.key.data,
-                                    slot->data.key.bytes );
-#endif /* MBEDTLS_DES_C */
-    }
-    else
-
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
-    if ( type == PSA_KEY_TYPE_RSA_KEY_PAIR )
-    {
-        mbedtls_rsa_context rsa;
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-        int exponent;
-        psa_status_t status;
-        if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
-            return( PSA_ERROR_NOT_SUPPORTED );
-        /* Accept only byte-aligned keys, for the same reasons as
-         * in psa_import_rsa_key(). */
-        if( bits % 8 != 0 )
-            return( PSA_ERROR_NOT_SUPPORTED );
-        status = psa_read_rsa_exponent( domain_parameters,
-                                        domain_parameters_size,
-                                        &exponent );
-        if( status != PSA_SUCCESS )
-            return( status );
-        mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE );
-        ret = mbedtls_rsa_gen_key( &rsa,
-                                   mbedtls_ctr_drbg_random,
-                                   &global_data.ctr_drbg,
-                                   (unsigned int) bits,
-                                   exponent );
-        if( ret != 0 )
-            return( mbedtls_to_psa_error( ret ) );
-
-        /* Make sure to always have an export representation available */
-        size_t bytes = PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE( bits );
-
-        status = psa_allocate_buffer_to_slot( slot, bytes );
-        if( status != PSA_SUCCESS )
-        {
-            mbedtls_rsa_free( &rsa );
-            return( status );
-        }
-
-        status = psa_export_rsa_key( type,
-                                     &rsa,
-                                     slot->data.key.data,
-                                     bytes,
-                                     &slot->data.key.bytes );
-        mbedtls_rsa_free( &rsa );
-        if( status != PSA_SUCCESS )
-            psa_remove_key_data_from_memory( slot );
-        return( status );
-    }
-    else
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */
-
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
-    if ( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
-    {
-        psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY( type );
-        mbedtls_ecp_group_id grp_id =
-            mbedtls_ecc_group_of_psa( curve, PSA_BITS_TO_BYTES( bits ) );
-        const mbedtls_ecp_curve_info *curve_info =
-            mbedtls_ecp_curve_info_from_grp_id( grp_id );
-        mbedtls_ecp_keypair ecp;
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-        if( domain_parameters_size != 0 )
-            return( PSA_ERROR_NOT_SUPPORTED );
-        if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
-            return( PSA_ERROR_NOT_SUPPORTED );
-        mbedtls_ecp_keypair_init( &ecp );
-        ret = mbedtls_ecp_gen_key( grp_id, &ecp,
-                                   mbedtls_ctr_drbg_random,
-                                   &global_data.ctr_drbg );
-        if( ret != 0 )
-        {
-            mbedtls_ecp_keypair_free( &ecp );
-            return( mbedtls_to_psa_error( ret ) );
-        }
-
-
-        /* Make sure to always have an export representation available */
-        size_t bytes = PSA_BITS_TO_BYTES( bits );
-        psa_status_t status = psa_allocate_buffer_to_slot( slot, bytes );
-        if( status != PSA_SUCCESS )
-        {
-            mbedtls_ecp_keypair_free( &ecp );
-            return( status );
-        }
-
-        status = mbedtls_to_psa_error(
-            mbedtls_ecp_write_key( &ecp, slot->data.key.data, bytes ) );
-
-        mbedtls_ecp_keypair_free( &ecp );
-        if( status != PSA_SUCCESS ) {
-            memset( slot->data.key.data, 0, bytes );
-            psa_remove_key_data_from_memory( slot );
-        }
-        return( status );
-    }
-    else
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */
-    {
-        return( PSA_ERROR_NOT_SUPPORTED );
-    }
-
-    return( PSA_SUCCESS );
-}
-
-psa_status_t psa_generate_key( const psa_key_attributes_t *attributes,
-                               mbedtls_svc_key_id_t *key )
-{
-    psa_status_t status;
-    psa_key_slot_t *slot = NULL;
-    psa_se_drv_table_entry_t *driver = NULL;
-
-    *key = MBEDTLS_SVC_KEY_ID_INIT;
-
-    /* Reject any attempt to create a zero-length key so that we don't
-     * risk tripping up later, e.g. on a malloc(0) that returns NULL. */
-    if( psa_get_key_bits( attributes ) == 0 )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
-    status = psa_start_key_creation( PSA_KEY_CREATION_GENERATE, attributes,
-                                     &slot, &driver );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    status = psa_driver_wrapper_generate_key( attributes,
-                                              slot );
-    if( status != PSA_ERROR_NOT_SUPPORTED ||
-        psa_key_lifetime_is_external( attributes->core.lifetime ) )
-        goto exit;
-
-    status = psa_generate_key_internal(
-        slot, attributes->core.bits,
-        attributes->domain_parameters, attributes->domain_parameters_size );
-
-exit:
-    if( status == PSA_SUCCESS )
-        status = psa_finish_key_creation( slot, driver, key );
-    if( status != PSA_SUCCESS )
-        psa_fail_key_creation( slot, driver );
-
-    return( status );
-}
-
-
-
-/****************************************************************/
-/* Module setup */
-/****************************************************************/
-
-psa_status_t mbedtls_psa_crypto_configure_entropy_sources(
-    void (* entropy_init )( mbedtls_entropy_context *ctx ),
-    void (* entropy_free )( mbedtls_entropy_context *ctx ) )
-{
-    if( global_data.rng_state != RNG_NOT_INITIALIZED )
-        return( PSA_ERROR_BAD_STATE );
-    global_data.entropy_init = entropy_init;
-    global_data.entropy_free = entropy_free;
-    return( PSA_SUCCESS );
-}
-
-void mbedtls_psa_crypto_free( void )
-{
-    psa_wipe_all_key_slots( );
-    if( global_data.rng_state != RNG_NOT_INITIALIZED )
-    {
-        mbedtls_ctr_drbg_free( &global_data.ctr_drbg );
-        global_data.entropy_free( &global_data.entropy );
-    }
-    /* Wipe all remaining data, including configuration.
-     * In particular, this sets all state indicator to the value
-     * indicating "uninitialized". */
-    mbedtls_platform_zeroize( &global_data, sizeof( global_data ) );
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    /* Unregister all secure element drivers, so that we restart from
-     * a pristine state. */
-    psa_unregister_all_se_drivers( );
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-}
-
-#if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS)
-/** Recover a transaction that was interrupted by a power failure.
- *
- * This function is called during initialization, before psa_crypto_init()
- * returns. If this function returns a failure status, the initialization
- * fails.
- */
-static psa_status_t psa_crypto_recover_transaction(
-    const psa_crypto_transaction_t *transaction )
-{
-    switch( transaction->unknown.type )
-    {
-        case PSA_CRYPTO_TRANSACTION_CREATE_KEY:
-        case PSA_CRYPTO_TRANSACTION_DESTROY_KEY:
-            /* TODO - fall through to the failure case until this
-             * is implemented.
-             * https://github.com/ARMmbed/mbed-crypto/issues/218
-             */
-        default:
-            /* We found an unsupported transaction in the storage.
-             * We don't know what state the storage is in. Give up. */
-            return( PSA_ERROR_STORAGE_FAILURE );
-    }
-}
-#endif /* PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS */
-
-psa_status_t psa_crypto_init( void )
-{
-    psa_status_t status;
-    const unsigned char drbg_seed[] = "PSA";
-
-    /* Double initialization is explicitly allowed. */
-    if( global_data.initialized != 0 )
-        return( PSA_SUCCESS );
-
-    /* Set default configuration if
-     * mbedtls_psa_crypto_configure_entropy_sources() hasn't been called. */
-    if( global_data.entropy_init == NULL )
-        global_data.entropy_init = mbedtls_entropy_init;
-    if( global_data.entropy_free == NULL )
-        global_data.entropy_free = mbedtls_entropy_free;
-
-    /* Initialize the random generator. */
-    global_data.entropy_init( &global_data.entropy );
-#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \
-    defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
-    /* The PSA entropy injection feature depends on using NV seed as an entropy
-     * source. Add NV seed as an entropy source for PSA entropy injection. */
-    mbedtls_entropy_add_source( &global_data.entropy,
-                                mbedtls_nv_seed_poll, NULL,
-                                MBEDTLS_ENTROPY_BLOCK_SIZE,
-                                MBEDTLS_ENTROPY_SOURCE_STRONG );
-#endif
-    mbedtls_ctr_drbg_init( &global_data.ctr_drbg );
-    global_data.rng_state = RNG_INITIALIZED;
-    status = mbedtls_to_psa_error(
-        mbedtls_ctr_drbg_seed( &global_data.ctr_drbg,
-                               mbedtls_entropy_func,
-                               &global_data.entropy,
-                               drbg_seed, sizeof( drbg_seed ) - 1 ) );
-    if( status != PSA_SUCCESS )
-        goto exit;
-    global_data.rng_state = RNG_SEEDED;
-
-    status = psa_initialize_key_slots( );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    status = psa_init_all_se_drivers( );
-    if( status != PSA_SUCCESS )
-        goto exit;
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-
-#if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS)
-    status = psa_crypto_load_transaction( );
-    if( status == PSA_SUCCESS )
-    {
-        status = psa_crypto_recover_transaction( &psa_crypto_transaction );
-        if( status != PSA_SUCCESS )
-            goto exit;
-        status = psa_crypto_stop_transaction( );
-    }
-    else if( status == PSA_ERROR_DOES_NOT_EXIST )
-    {
-        /* There's no transaction to complete. It's all good. */
-        status = PSA_SUCCESS;
-    }
-#endif /* PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS */
-
-    /* All done. */
-    global_data.initialized = 1;
-
-exit:
-    if( status != PSA_SUCCESS )
-        mbedtls_psa_crypto_free( );
-    return( status );
-}
-
-#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/psa_crypto_core.h b/3rdparty/mbedtls-2.25.0/library/psa_crypto_core.h
deleted file mode 100644
index f61ef95..0000000
--- a/3rdparty/mbedtls-2.25.0/library/psa_crypto_core.h
+++ /dev/null
@@ -1,211 +0,0 @@
-/*
- *  PSA crypto core internal interfaces
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_CORE_H
-#define PSA_CRYPTO_CORE_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "psa/crypto.h"
-#include "psa/crypto_se_driver.h"
-
-/** The data structure representing a key slot, containing key material
- * and metadata for one key.
- */
-typedef struct
-{
-    psa_core_key_attributes_t attr;
-
-    /*
-     * Number of locks on the key slot held by the library.
-     *
-     * This counter is incremented by one each time a library function
-     * retrieves through one of the dedicated internal API a pointer to the
-     * key slot.
-     *
-     * This counter is decremented by one each time a library function stops
-     * accessing the key slot and states it by calling the
-     * psa_unlock_key_slot() API.
-     *
-     * This counter is used to prevent resetting the key slot while the library
-     * may access it. For example, such control is needed in the following
-     * scenarios:
-     * . In case of key slot starvation, all key slots contain the description
-     *   of a key, and the library asks for the description of a persistent
-     *   key not present in the key slots, the key slots currently accessed by
-     *   the library cannot be reclaimed to free a key slot to load the
-     *   persistent key.
-     * . In case of a multi-threaded application where one thread asks to close
-     *   or purge or destroy a key while it is in used by the library through
-     *   another thread.
-     */
-    size_t lock_count;
-
-    union
-    {
-        /* Dynamically allocated key data buffer.
-         * Format as specified in psa_export_key(). */
-        struct key_data
-        {
-            uint8_t *data;
-            size_t bytes;
-        } key;
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-        /* Any key type in a secure element */
-        struct se
-        {
-            psa_key_slot_number_t slot_number;
-        } se;
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-    } data;
-} psa_key_slot_t;
-
-/* A mask of key attribute flags used only internally.
- * Currently there aren't any. */
-#define PSA_KA_MASK_INTERNAL_ONLY (     \
-        0 )
-
-/** Test whether a key slot is occupied.
- *
- * A key slot is occupied iff the key type is nonzero. This works because
- * no valid key can have 0 as its key type.
- *
- * \param[in] slot      The key slot to test.
- *
- * \return 1 if the slot is occupied, 0 otherwise.
- */
-static inline int psa_is_key_slot_occupied( const psa_key_slot_t *slot )
-{
-    return( slot->attr.type != 0 );
-}
-
-/** Test whether a key slot is locked.
- *
- * A key slot is locked iff its lock counter is strictly greater than 0.
- *
- * \param[in] slot  The key slot to test.
- *
- * \return 1 if the slot is locked, 0 otherwise.
- */
-static inline int psa_is_key_slot_locked( const psa_key_slot_t *slot )
-{
-    return( slot->lock_count > 0 );
-}
-
-/** Retrieve flags from psa_key_slot_t::attr::core::flags.
- *
- * \param[in] slot      The key slot to query.
- * \param mask          The mask of bits to extract.
- *
- * \return The key attribute flags in the given slot,
- *         bitwise-anded with \p mask.
- */
-static inline uint16_t psa_key_slot_get_flags( const psa_key_slot_t *slot,
-                                               uint16_t mask )
-{
-    return( slot->attr.flags & mask );
-}
-
-/** Set flags in psa_key_slot_t::attr::core::flags.
- *
- * \param[in,out] slot  The key slot to modify.
- * \param mask          The mask of bits to modify.
- * \param value         The new value of the selected bits.
- */
-static inline void psa_key_slot_set_flags( psa_key_slot_t *slot,
-                                           uint16_t mask,
-                                           uint16_t value )
-{
-    slot->attr.flags = ( ( ~mask & slot->attr.flags ) |
-                              ( mask & value ) );
-}
-
-/** Turn on flags in psa_key_slot_t::attr::core::flags.
- *
- * \param[in,out] slot  The key slot to modify.
- * \param mask          The mask of bits to set.
- */
-static inline void psa_key_slot_set_bits_in_flags( psa_key_slot_t *slot,
-                                                   uint16_t mask )
-{
-    slot->attr.flags |= mask;
-}
-
-/** Turn off flags in psa_key_slot_t::attr::core::flags.
- *
- * \param[in,out] slot  The key slot to modify.
- * \param mask          The mask of bits to clear.
- */
-static inline void psa_key_slot_clear_bits( psa_key_slot_t *slot,
-                                            uint16_t mask )
-{
-    slot->attr.flags &= ~mask;
-}
-
-/** Completely wipe a slot in memory, including its policy.
- *
- * Persistent storage is not affected.
- *
- * \param[in,out] slot  The key slot to wipe.
- *
- * \retval #PSA_SUCCESS
- *         Success. This includes the case of a key slot that was
- *         already fully wiped.
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- */
-psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot );
-
-/** Copy key data (in export format) into an empty key slot.
- *
- * This function assumes that the slot does not contain
- * any key material yet. On failure, the slot content is unchanged.
- *
- * \param[in,out] slot          Key slot to copy the key into.
- * \param[in] data              Buffer containing the key material.
- * \param data_length           Size of the key buffer.
- *
- * \retval #PSA_SUCCESS
- *         The key has been copied successfully.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- *         Not enough memory was available for allocation of the
- *         copy buffer.
- * \retval #PSA_ERROR_ALREADY_EXISTS
- *         There was other key material already present in the slot.
- */
-psa_status_t psa_copy_key_material_into_slot( psa_key_slot_t *slot,
-                                              const uint8_t *data,
-                                              size_t data_length );
-
-/** Convert an mbed TLS error code to a PSA error code
- *
- * \note This function is provided solely for the convenience of
- *       Mbed TLS and may be removed at any time without notice.
- *
- * \param ret           An mbed TLS-thrown error code
- *
- * \return              The corresponding PSA error code
- */
-psa_status_t mbedtls_to_psa_error( int ret );
-
-#endif /* PSA_CRYPTO_CORE_H */
diff --git a/3rdparty/mbedtls-2.25.0/library/psa_crypto_driver_wrappers.c b/3rdparty/mbedtls-2.25.0/library/psa_crypto_driver_wrappers.c
deleted file mode 100644
index c3ea6f1..0000000
--- a/3rdparty/mbedtls-2.25.0/library/psa_crypto_driver_wrappers.c
+++ /dev/null
@@ -1,993 +0,0 @@
-/*
- *  Functions to delegate cryptographic operations to an available
- *  and appropriate accelerator.
- *  Warning: This file will be auto-generated in the future.
- */
-/*  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "psa_crypto_core.h"
-#include "psa_crypto_driver_wrappers.h"
-#include "mbedtls/platform.h"
-
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
-
-/* Include test driver definition when running tests */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-#ifndef PSA_CRYPTO_DRIVER_PRESENT
-#define PSA_CRYPTO_DRIVER_PRESENT
-#endif
-#ifndef PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT
-#define PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT
-#endif
-#include "test/drivers/test_driver.h"
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-
-/* Repeat above block for each JSON-declared driver during autogeneration */
-
-/* Auto-generated values depending on which drivers are registered. ID 0 is
- * reserved for unallocated operations. */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-#define PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID (1)
-#define PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID (2)
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */
-
-/* Support the 'old' SE interface when asked to */
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-/* PSA_CRYPTO_DRIVER_PRESENT is defined when either a new-style or old-style
- * SE driver is present, to avoid unused argument errors at compile time. */
-#ifndef PSA_CRYPTO_DRIVER_PRESENT
-#define PSA_CRYPTO_DRIVER_PRESENT
-#endif
-#include "psa_crypto_se.h"
-#endif
-
-/* Start delegation functions */
-psa_status_t psa_driver_wrapper_sign_hash( psa_key_slot_t *slot,
-                                           psa_algorithm_t alg,
-                                           const uint8_t *hash,
-                                           size_t hash_length,
-                                           uint8_t *signature,
-                                           size_t signature_size,
-                                           size_t *signature_length )
-{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT)
-    /* Try dynamically-registered SE interface first */
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    const psa_drv_se_t *drv;
-    psa_drv_se_context_t *drv_context;
-
-    if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) )
-    {
-        if( drv->asymmetric == NULL ||
-            drv->asymmetric->p_sign == NULL )
-        {
-            /* Key is defined in SE, but we have no way to exercise it */
-            return( PSA_ERROR_NOT_SUPPORTED );
-        }
-        return( drv->asymmetric->p_sign( drv_context,
-                                         slot->data.se.slot_number,
-                                         alg,
-                                         hash, hash_length,
-                                         signature, signature_size,
-                                         signature_length ) );
-    }
-#endif /* PSA_CRYPTO_SE_C */
-
-    /* Then try accelerator API */
-#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-    psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
-    psa_key_attributes_t attributes = {
-      .core = slot->attr
-    };
-
-    switch( location )
-    {
-        case PSA_KEY_LOCATION_LOCAL_STORAGE:
-            /* Key is stored in the slot in export representation, so
-             * cycle through all known transparent accelerators */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-            status = test_transparent_signature_sign_hash( &attributes,
-                                                           slot->data.key.data,
-                                                           slot->data.key.bytes,
-                                                           alg,
-                                                           hash,
-                                                           hash_length,
-                                                           signature,
-                                                           signature_size,
-                                                           signature_length );
-            /* Declared with fallback == true */
-            if( status != PSA_ERROR_NOT_SUPPORTED )
-                return( status );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-            /* Fell through, meaning no accelerator supports this operation */
-            return( PSA_ERROR_NOT_SUPPORTED );
-        /* Add cases for opaque driver here */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-        case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
-            return( test_opaque_signature_sign_hash( &attributes,
-                                                     slot->data.key.data,
-                                                     slot->data.key.bytes,
-                                                     alg,
-                                                     hash,
-                                                     hash_length,
-                                                     signature,
-                                                     signature_size,
-                                                     signature_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-        default:
-            /* Key is declared with a lifetime not known to us */
-            return( status );
-    }
-#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
-    (void)slot;
-    (void)alg;
-    (void)hash;
-    (void)hash_length;
-    (void)signature;
-    (void)signature_size;
-    (void)signature_length;
-
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
-}
-
-psa_status_t psa_driver_wrapper_verify_hash( psa_key_slot_t *slot,
-                                             psa_algorithm_t alg,
-                                             const uint8_t *hash,
-                                             size_t hash_length,
-                                             const uint8_t *signature,
-                                             size_t signature_length )
-{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT)
-    /* Try dynamically-registered SE interface first */
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    const psa_drv_se_t *drv;
-    psa_drv_se_context_t *drv_context;
-
-    if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) )
-    {
-        if( drv->asymmetric == NULL ||
-            drv->asymmetric->p_verify == NULL )
-        {
-            /* Key is defined in SE, but we have no way to exercise it */
-            return( PSA_ERROR_NOT_SUPPORTED );
-        }
-        return( drv->asymmetric->p_verify( drv_context,
-                                           slot->data.se.slot_number,
-                                           alg,
-                                           hash, hash_length,
-                                           signature, signature_length ) );
-    }
-#endif /* PSA_CRYPTO_SE_C */
-
-    /* Then try accelerator API */
-#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-    psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
-    psa_key_attributes_t attributes = {
-      .core = slot->attr
-    };
-
-    switch( location )
-    {
-        case PSA_KEY_LOCATION_LOCAL_STORAGE:
-            /* Key is stored in the slot in export representation, so
-             * cycle through all known transparent accelerators */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-            status = test_transparent_signature_verify_hash( &attributes,
-                                                             slot->data.key.data,
-                                                             slot->data.key.bytes,
-                                                             alg,
-                                                             hash,
-                                                             hash_length,
-                                                             signature,
-                                                             signature_length );
-            /* Declared with fallback == true */
-            if( status != PSA_ERROR_NOT_SUPPORTED )
-                return( status );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-            /* Fell through, meaning no accelerator supports this operation */
-            return( PSA_ERROR_NOT_SUPPORTED );
-        /* Add cases for opaque driver here */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-        case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
-            return( test_opaque_signature_verify_hash( &attributes,
-                                                       slot->data.key.data,
-                                                       slot->data.key.bytes,
-                                                       alg,
-                                                       hash,
-                                                       hash_length,
-                                                       signature,
-                                                       signature_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-        default:
-            /* Key is declared with a lifetime not known to us */
-            return( status );
-    }
-#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
-    (void)slot;
-    (void)alg;
-    (void)hash;
-    (void)hash_length;
-    (void)signature;
-    (void)signature_length;
-
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
-}
-
-#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-/** Calculate the size to allocate for buffering a key with given attributes.
- *
- * This function provides a way to get the expected size for storing a key with
- * the given attributes. This will be the size of the export representation for
- * cleartext keys, and a driver-defined size for keys stored by opaque drivers.
- *
- * \param[in] attributes        The key attribute structure of the key to store.
- * \param[out] expected_size    On success, a byte size large enough to contain
- *                              the declared key.
- *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_NOT_SUPPORTED
- */
-static psa_status_t get_expected_key_size( const psa_key_attributes_t *attributes,
-                                           size_t *expected_size )
-{
-    size_t buffer_size = 0;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
-    psa_key_type_t key_type = attributes->core.type;
-    size_t key_bits = attributes->core.bits;
-
-    switch( location )
-    {
-        case PSA_KEY_LOCATION_LOCAL_STORAGE:
-            buffer_size = PSA_KEY_EXPORT_MAX_SIZE( key_type, key_bits );
-
-            if( buffer_size == 0 )
-                return( PSA_ERROR_NOT_SUPPORTED );
-
-            *expected_size = buffer_size;
-            return( PSA_SUCCESS );
-
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-        case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
-#ifdef TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION
-            *expected_size = test_size_function( key_type, key_bits );
-            return( PSA_SUCCESS );
-#else /* TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */
-            if( PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) )
-            {
-                int public_key_overhead = ( ( TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY == 1 ) ?
-                                           PSA_KEY_EXPORT_MAX_SIZE( key_type, key_bits ) : 0 );
-                *expected_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE
-                                 + TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE
-                                 + public_key_overhead;
-            }
-            else if( PSA_KEY_TYPE_IS_PUBLIC_KEY( attributes->core.type ) )
-            {
-                *expected_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE
-                                 + TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE;
-            }
-            else if ( !PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) &&
-                      !PSA_KEY_TYPE_IS_PUBLIC_KEY ( attributes->core.type ) )
-            {
-                *expected_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE
-                                 + TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR
-                                 * ( ( key_bits + 7 ) / 8 );
-            }
-            else
-            {
-                return( PSA_ERROR_NOT_SUPPORTED );
-            }
-            return( PSA_SUCCESS );
-#endif /* TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-
-        default:
-            return( PSA_ERROR_NOT_SUPPORTED );
-    }
-}
-#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
-
-psa_status_t psa_driver_wrapper_generate_key( const psa_key_attributes_t *attributes,
-                                              psa_key_slot_t *slot )
-{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT)
-    /* Try dynamically-registered SE interface first */
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    const psa_drv_se_t *drv;
-    psa_drv_se_context_t *drv_context;
-
-    if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) )
-    {
-        size_t pubkey_length = 0; /* We don't support this feature yet */
-        if( drv->key_management == NULL ||
-            drv->key_management->p_generate == NULL )
-        {
-            /* Key is defined as being in SE, but we have no way to generate it */
-            return( PSA_ERROR_NOT_SUPPORTED );
-        }
-        return( drv->key_management->p_generate(
-            drv_context,
-            slot->data.se.slot_number, attributes,
-            NULL, 0, &pubkey_length ) );
-    }
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-
-    /* Then try accelerator API */
-#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-    psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
-    size_t export_size = 0;
-
-    status = get_expected_key_size( attributes, &export_size );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    slot->data.key.data = mbedtls_calloc(1, export_size);
-    if( slot->data.key.data == NULL )
-        return( PSA_ERROR_INSUFFICIENT_MEMORY );
-    slot->data.key.bytes = export_size;
-
-    switch( location )
-    {
-        case PSA_KEY_LOCATION_LOCAL_STORAGE:
-            /* Key is stored in the slot in export representation, so
-             * cycle through all known transparent accelerators */
-
-            /* Transparent drivers are limited to generating asymmetric keys */
-            if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->attr.type ) )
-            {
-                status = PSA_ERROR_NOT_SUPPORTED;
-                break;
-            }
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-            status = test_transparent_generate_key( attributes,
-                                                    slot->data.key.data,
-                                                    slot->data.key.bytes,
-                                                    &slot->data.key.bytes );
-            /* Declared with fallback == true */
-            if( status != PSA_ERROR_NOT_SUPPORTED )
-                break;
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-            /* Fell through, meaning no accelerator supports this operation */
-            status = PSA_ERROR_NOT_SUPPORTED;
-            break;
-        /* Add cases for opaque driver here */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-        case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
-            status = test_opaque_generate_key( attributes,
-                                               slot->data.key.data,
-                                               slot->data.key.bytes,
-                                               &slot->data.key.bytes );
-            break;
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-        default:
-            /* Key is declared with a lifetime not known to us */
-            status = PSA_ERROR_INVALID_ARGUMENT;
-            break;
-    }
-
-    if( status != PSA_SUCCESS )
-    {
-        /* free allocated buffer */
-        mbedtls_free( slot->data.key.data );
-        slot->data.key.data = NULL;
-        slot->data.key.bytes = 0;
-    }
-
-    return( status );
-#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
-    (void) attributes;
-    (void) slot;
-
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
-}
-
-psa_status_t psa_driver_wrapper_validate_key( const psa_key_attributes_t *attributes,
-                                              const uint8_t *data,
-                                              size_t data_length,
-                                              size_t *bits )
-{
-#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    /* Try accelerators in turn */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-    status = test_transparent_validate_key( attributes,
-                                            data,
-                                            data_length,
-                                            bits );
-    /* Declared with fallback == true */
-    if( status != PSA_ERROR_NOT_SUPPORTED )
-        return( status );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-
-    return( PSA_ERROR_NOT_SUPPORTED );
-#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
-    (void) attributes;
-    (void) data;
-    (void) data_length;
-    (void) bits;
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
-}
-
-psa_status_t psa_driver_wrapper_export_public_key( const psa_key_slot_t *slot,
-                                                   uint8_t *data,
-                                                   size_t data_size,
-                                                   size_t *data_length )
-{
-#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-    psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
-    psa_key_attributes_t attributes = {
-      .core = slot->attr
-    };
-
-    switch( location )
-    {
-        case PSA_KEY_LOCATION_LOCAL_STORAGE:
-            /* Key is stored in the slot in export representation, so
-             * cycle through all known transparent accelerators */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-            status = test_transparent_export_public_key( &attributes,
-                                                         slot->data.key.data,
-                                                         slot->data.key.bytes,
-                                                         data,
-                                                         data_size,
-                                                         data_length );
-            /* Declared with fallback == true */
-            if( status != PSA_ERROR_NOT_SUPPORTED )
-                return( status );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-            /* Fell through, meaning no accelerator supports this operation */
-            return( PSA_ERROR_NOT_SUPPORTED );
-        /* Add cases for opaque driver here */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-        case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
-            return( test_opaque_export_public_key( &attributes,
-                                                   slot->data.key.data,
-                                                   slot->data.key.bytes,
-                                                   data,
-                                                   data_size,
-                                                   data_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-        default:
-            /* Key is declared with a lifetime not known to us */
-            return( status );
-    }
-#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
-    (void) slot;
-    (void) data;
-    (void) data_size;
-    (void) data_length;
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
-}
-
-/*
- * Cipher functions
- */
-psa_status_t psa_driver_wrapper_cipher_encrypt(
-    psa_key_slot_t *slot,
-    psa_algorithm_t alg,
-    const uint8_t *input,
-    size_t input_length,
-    uint8_t *output,
-    size_t output_size,
-    size_t *output_length )
-{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-    psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
-    psa_key_attributes_t attributes = {
-      .core = slot->attr
-    };
-
-    switch( location )
-    {
-        case PSA_KEY_LOCATION_LOCAL_STORAGE:
-            /* Key is stored in the slot in export representation, so
-             * cycle through all known transparent accelerators */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-            status = test_transparent_cipher_encrypt( &attributes,
-                                                      slot->data.key.data,
-                                                      slot->data.key.bytes,
-                                                      alg,
-                                                      input,
-                                                      input_length,
-                                                      output,
-                                                      output_size,
-                                                      output_length );
-            /* Declared with fallback == true */
-            if( status != PSA_ERROR_NOT_SUPPORTED )
-                return( status );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-            /* Fell through, meaning no accelerator supports this operation */
-            return( PSA_ERROR_NOT_SUPPORTED );
-        /* Add cases for opaque driver here */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-        case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
-            return( test_opaque_cipher_encrypt( &attributes,
-                                                slot->data.key.data,
-                                                slot->data.key.bytes,
-                                                alg,
-                                                input,
-                                                input_length,
-                                                output,
-                                                output_size,
-                                                output_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-        default:
-            /* Key is declared with a lifetime not known to us */
-            return( status );
-    }
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
-    (void) slot;
-    (void) alg;
-    (void) input;
-    (void) input_length;
-    (void) output;
-    (void) output_size;
-    (void) output_length;
-
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
-}
-
-psa_status_t psa_driver_wrapper_cipher_decrypt(
-    psa_key_slot_t *slot,
-    psa_algorithm_t alg,
-    const uint8_t *input,
-    size_t input_length,
-    uint8_t *output,
-    size_t output_size,
-    size_t *output_length )
-{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-    psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
-    psa_key_attributes_t attributes = {
-      .core = slot->attr
-    };
-
-    switch( location )
-    {
-        case PSA_KEY_LOCATION_LOCAL_STORAGE:
-            /* Key is stored in the slot in export representation, so
-             * cycle through all known transparent accelerators */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-            status = test_transparent_cipher_decrypt( &attributes,
-                                                      slot->data.key.data,
-                                                      slot->data.key.bytes,
-                                                      alg,
-                                                      input,
-                                                      input_length,
-                                                      output,
-                                                      output_size,
-                                                      output_length );
-            /* Declared with fallback == true */
-            if( status != PSA_ERROR_NOT_SUPPORTED )
-                return( status );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-            /* Fell through, meaning no accelerator supports this operation */
-            return( PSA_ERROR_NOT_SUPPORTED );
-        /* Add cases for opaque driver here */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-        case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
-            return( test_opaque_cipher_decrypt( &attributes,
-                                                slot->data.key.data,
-                                                slot->data.key.bytes,
-                                                alg,
-                                                input,
-                                                input_length,
-                                                output,
-                                                output_size,
-                                                output_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-        default:
-            /* Key is declared with a lifetime not known to us */
-            return( status );
-    }
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
-    (void) slot;
-    (void) alg;
-    (void) input;
-    (void) input_length;
-    (void) output;
-    (void) output_size;
-    (void) output_length;
-
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
-}
-
-psa_status_t psa_driver_wrapper_cipher_encrypt_setup(
-    psa_operation_driver_context_t *operation,
-    psa_key_slot_t *slot,
-    psa_algorithm_t alg )
-{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-    psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
-    psa_key_attributes_t attributes = {
-      .core = slot->attr
-    };
-
-    switch( location )
-    {
-        case PSA_KEY_LOCATION_LOCAL_STORAGE:
-            /* Key is stored in the slot in export representation, so
-             * cycle through all known transparent accelerators */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-            operation->ctx = mbedtls_calloc( 1, sizeof(test_transparent_cipher_operation_t) );
-            if( operation->ctx == NULL )
-                return PSA_ERROR_INSUFFICIENT_MEMORY;
-
-            status = test_transparent_cipher_encrypt_setup( operation->ctx,
-                                                            &attributes,
-                                                            slot->data.key.data,
-                                                            slot->data.key.bytes,
-                                                            alg );
-            /* Declared with fallback == true */
-            if( status == PSA_SUCCESS )
-                operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
-            else
-            {
-                mbedtls_platform_zeroize(
-                    operation->ctx,
-                    sizeof( test_transparent_cipher_operation_t ) );
-                mbedtls_free( operation->ctx );
-                operation->ctx = NULL;
-            }
-
-            return( status );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-            /* Fell through, meaning no accelerator supports this operation */
-            return( PSA_ERROR_NOT_SUPPORTED );
-        /* Add cases for opaque driver here */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-        case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
-            operation->ctx = mbedtls_calloc( 1, sizeof(test_opaque_cipher_operation_t) );
-            if( operation->ctx == NULL )
-                return( PSA_ERROR_INSUFFICIENT_MEMORY );
-
-            status = test_opaque_cipher_encrypt_setup( operation->ctx,
-                                                       &attributes,
-                                                       slot->data.key.data,
-                                                       slot->data.key.bytes,
-                                                       alg );
-            if( status == PSA_SUCCESS )
-                operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
-            else
-            {
-                mbedtls_platform_zeroize(
-                    operation->ctx,
-                    sizeof( test_opaque_cipher_operation_t ) );
-                mbedtls_free( operation->ctx );
-                operation->ctx = NULL;
-            }
-
-            return( status );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-        default:
-            /* Key is declared with a lifetime not known to us */
-            return( PSA_ERROR_NOT_SUPPORTED );
-    }
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
-    (void)slot;
-    (void)alg;
-    (void)operation;
-
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
-}
-
-psa_status_t psa_driver_wrapper_cipher_decrypt_setup(
-    psa_operation_driver_context_t *operation,
-    psa_key_slot_t *slot,
-    psa_algorithm_t alg )
-{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-    psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
-    psa_key_attributes_t attributes = {
-      .core = slot->attr
-    };
-
-    switch( location )
-    {
-        case PSA_KEY_LOCATION_LOCAL_STORAGE:
-            /* Key is stored in the slot in export representation, so
-             * cycle through all known transparent accelerators */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-            operation->ctx = mbedtls_calloc( 1, sizeof(test_transparent_cipher_operation_t) );
-            if( operation->ctx == NULL )
-                return( PSA_ERROR_INSUFFICIENT_MEMORY );
-
-            status = test_transparent_cipher_decrypt_setup( operation->ctx,
-                                                            &attributes,
-                                                            slot->data.key.data,
-                                                            slot->data.key.bytes,
-                                                            alg );
-            /* Declared with fallback == true */
-            if( status == PSA_SUCCESS )
-                operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
-            else
-            {
-                mbedtls_platform_zeroize(
-                    operation->ctx,
-                    sizeof( test_transparent_cipher_operation_t ) );
-                mbedtls_free( operation->ctx );
-                operation->ctx = NULL;
-            }
-
-            return( status );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-            /* Fell through, meaning no accelerator supports this operation */
-            return( PSA_ERROR_NOT_SUPPORTED );
-        /* Add cases for opaque driver here */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-        case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
-            operation->ctx = mbedtls_calloc( 1, sizeof(test_opaque_cipher_operation_t) );
-            if( operation->ctx == NULL )
-                return PSA_ERROR_INSUFFICIENT_MEMORY;
-
-            status = test_opaque_cipher_decrypt_setup( operation->ctx,
-                                                       &attributes,
-                                                       slot->data.key.data,
-                                                       slot->data.key.bytes,
-                                                       alg );
-            if( status == PSA_SUCCESS )
-                operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
-            else
-            {
-                mbedtls_platform_zeroize(
-                    operation->ctx,
-                    sizeof( test_opaque_cipher_operation_t ) );
-                mbedtls_free( operation->ctx );
-                operation->ctx = NULL;
-            }
-
-            return( status );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-        default:
-            /* Key is declared with a lifetime not known to us */
-            return( PSA_ERROR_NOT_SUPPORTED );
-    }
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
-    (void)slot;
-    (void)alg;
-    (void)operation;
-
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
-}
-
-psa_status_t psa_driver_wrapper_cipher_generate_iv(
-    psa_operation_driver_context_t *operation,
-    uint8_t *iv,
-    size_t iv_size,
-    size_t *iv_length )
-{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-    switch( operation->id )
-    {
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-        case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
-            return( test_transparent_cipher_generate_iv( operation->ctx,
-                                                         iv,
-                                                         iv_size,
-                                                         iv_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-        case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
-            return( test_opaque_cipher_generate_iv( operation->ctx,
-                                                    iv,
-                                                    iv_size,
-                                                    iv_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-        default:
-            /* Key is attached to a driver not known to us */
-            return( PSA_ERROR_BAD_STATE );
-    }
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
-    (void) operation;
-    (void) iv;
-    (void) iv_size;
-    (void) iv_length;
-
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
-}
-
-psa_status_t psa_driver_wrapper_cipher_set_iv(
-    psa_operation_driver_context_t *operation,
-    const uint8_t *iv,
-    size_t iv_length )
-{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-    switch( operation->id )
-    {
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-        case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
-            return( test_transparent_cipher_set_iv( operation->ctx,
-                                                    iv,
-                                                    iv_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-        case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
-            return( test_opaque_cipher_set_iv( operation->ctx,
-                                               iv,
-                                               iv_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-        default:
-            /* Key is attached to a driver not known to us */
-            return( PSA_ERROR_BAD_STATE );
-    }
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
-    (void) operation;
-    (void) iv;
-    (void) iv_length;
-
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
-}
-
-psa_status_t psa_driver_wrapper_cipher_update(
-    psa_operation_driver_context_t *operation,
-    const uint8_t *input,
-    size_t input_length,
-    uint8_t *output,
-    size_t output_size,
-    size_t *output_length )
-{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-    switch( operation->id )
-    {
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-        case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
-            return( test_transparent_cipher_update( operation->ctx,
-                                                    input,
-                                                    input_length,
-                                                    output,
-                                                    output_size,
-                                                    output_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-        case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
-            return( test_opaque_cipher_update( operation->ctx,
-                                               input,
-                                               input_length,
-                                               output,
-                                               output_size,
-                                               output_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-        default:
-            /* Key is attached to a driver not known to us */
-            return( PSA_ERROR_BAD_STATE );
-    }
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
-    (void) operation;
-    (void) input;
-    (void) input_length;
-    (void) output;
-    (void) output_length;
-    (void) output_size;
-
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
-}
-
-psa_status_t psa_driver_wrapper_cipher_finish(
-    psa_operation_driver_context_t *operation,
-    uint8_t *output,
-    size_t output_size,
-    size_t *output_length )
-{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-    switch( operation->id )
-    {
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-        case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
-            return( test_transparent_cipher_finish( operation->ctx,
-                                                    output,
-                                                    output_size,
-                                                    output_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-        case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
-            return( test_opaque_cipher_finish( operation->ctx,
-                                               output,
-                                               output_size,
-                                               output_length ) );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-        default:
-            /* Key is attached to a driver not known to us */
-            return( PSA_ERROR_BAD_STATE );
-    }
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
-    (void) operation;
-    (void) output;
-    (void) output_size;
-    (void) output_length;
-
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
-}
-
-psa_status_t psa_driver_wrapper_cipher_abort(
-    psa_operation_driver_context_t *operation )
-{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-    psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
-
-    /* The object has (apparently) been initialized but it is not in use. It's
-     * ok to call abort on such an object, and there's nothing to do. */
-    if( operation->ctx == NULL && operation->id == 0 )
-        return( PSA_SUCCESS );
-
-    switch( operation->id )
-    {
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-        case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
-            status = test_transparent_cipher_abort( operation->ctx );
-            mbedtls_platform_zeroize(
-                operation->ctx,
-                sizeof( test_transparent_cipher_operation_t ) );
-            mbedtls_free( operation->ctx );
-            operation->ctx = NULL;
-            operation->id = 0;
-
-            return( status );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-        case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
-            status = test_opaque_cipher_abort( operation->ctx );
-            mbedtls_platform_zeroize(
-                operation->ctx,
-                sizeof( test_opaque_cipher_operation_t ) );
-            mbedtls_free( operation->ctx );
-            operation->ctx = NULL;
-            operation->id = 0;
-
-            return( status );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-        default:
-            /* Operation is attached to a driver not known to us */
-            return( PSA_ERROR_BAD_STATE );
-    }
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
-    (void)operation;
-
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
-}
-
-/* End of automatically generated file. */
diff --git a/3rdparty/mbedtls-2.25.0/library/psa_crypto_driver_wrappers.h b/3rdparty/mbedtls-2.25.0/library/psa_crypto_driver_wrappers.h
deleted file mode 100644
index 6b51437..0000000
--- a/3rdparty/mbedtls-2.25.0/library/psa_crypto_driver_wrappers.h
+++ /dev/null
@@ -1,124 +0,0 @@
-/*
- *  Function signatures for functionality that can be provided by
- *  cryptographic accelerators.
- *  Warning: This file will be auto-generated in the future.
- */
-/*  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_DRIVER_WRAPPERS_H
-#define PSA_CRYPTO_DRIVER_WRAPPERS_H
-
-#include "psa/crypto.h"
-#include "psa/crypto_driver_common.h"
-
-/*
- * Signature functions
- */
-psa_status_t psa_driver_wrapper_sign_hash( psa_key_slot_t *slot,
-                                           psa_algorithm_t alg,
-                                           const uint8_t *hash,
-                                           size_t hash_length,
-                                           uint8_t *signature,
-                                           size_t signature_size,
-                                           size_t *signature_length );
-
-psa_status_t psa_driver_wrapper_verify_hash( psa_key_slot_t *slot,
-                                             psa_algorithm_t alg,
-                                             const uint8_t *hash,
-                                             size_t hash_length,
-                                             const uint8_t *signature,
-                                             size_t signature_length );
-
-/*
- * Key handling functions
- */
-
-psa_status_t psa_driver_wrapper_generate_key( const psa_key_attributes_t *attributes,
-                                              psa_key_slot_t *slot );
-
-psa_status_t psa_driver_wrapper_validate_key( const psa_key_attributes_t *attributes,
-                                              const uint8_t *data,
-                                              size_t data_length,
-                                              size_t *bits );
-
-psa_status_t psa_driver_wrapper_export_public_key( const psa_key_slot_t *slot,
-                                                   uint8_t *data,
-                                                   size_t data_size,
-                                                   size_t *data_length );
-
-/*
- * Cipher functions
- */
-psa_status_t psa_driver_wrapper_cipher_encrypt(
-    psa_key_slot_t *slot,
-    psa_algorithm_t alg,
-    const uint8_t *input,
-    size_t input_length,
-    uint8_t *output,
-    size_t output_size,
-    size_t *output_length );
-
-psa_status_t psa_driver_wrapper_cipher_decrypt(
-    psa_key_slot_t *slot,
-    psa_algorithm_t alg,
-    const uint8_t *input,
-    size_t input_length,
-    uint8_t *output,
-    size_t output_size,
-    size_t *output_length );
-
-psa_status_t psa_driver_wrapper_cipher_encrypt_setup(
-    psa_operation_driver_context_t *operation,
-    psa_key_slot_t *slot,
-    psa_algorithm_t alg );
-
-psa_status_t psa_driver_wrapper_cipher_decrypt_setup(
-    psa_operation_driver_context_t *operation,
-    psa_key_slot_t *slot,
-    psa_algorithm_t alg );
-
-psa_status_t psa_driver_wrapper_cipher_generate_iv(
-    psa_operation_driver_context_t *operation,
-    uint8_t *iv,
-    size_t iv_size,
-    size_t *iv_length );
-
-psa_status_t psa_driver_wrapper_cipher_set_iv(
-    psa_operation_driver_context_t *operation,
-    const uint8_t *iv,
-    size_t iv_length );
-
-psa_status_t psa_driver_wrapper_cipher_update(
-    psa_operation_driver_context_t *operation,
-    const uint8_t *input,
-    size_t input_length,
-    uint8_t *output,
-    size_t output_size,
-    size_t *output_length );
-
-psa_status_t psa_driver_wrapper_cipher_finish(
-    psa_operation_driver_context_t *operation,
-    uint8_t *output,
-    size_t output_size,
-    size_t *output_length );
-
-psa_status_t psa_driver_wrapper_cipher_abort(
-    psa_operation_driver_context_t *operation );
-
-#endif /* PSA_CRYPTO_DRIVER_WRAPPERS_H */
-
-/* End of automatically generated file. */
diff --git a/3rdparty/mbedtls-2.25.0/library/psa_crypto_its.h b/3rdparty/mbedtls-2.25.0/library/psa_crypto_its.h
deleted file mode 100644
index 11703a0..0000000
--- a/3rdparty/mbedtls-2.25.0/library/psa_crypto_its.h
+++ /dev/null
@@ -1,149 +0,0 @@
-/** \file psa_crypto_its.h
- * \brief Interface of trusted storage that crypto is built on.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_ITS_H
-#define PSA_CRYPTO_ITS_H
-
-#include <stddef.h>
-#include <stdint.h>
-
-#include <psa/crypto_types.h>
-#include <psa/crypto_values.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/** \brief Flags used when creating a data entry
- */
-typedef uint32_t psa_storage_create_flags_t;
-
-/** \brief A type for UIDs used for identifying data
- */
-typedef uint64_t psa_storage_uid_t;
-
-#define PSA_STORAGE_FLAG_NONE        0         /**< No flags to pass */
-#define PSA_STORAGE_FLAG_WRITE_ONCE (1 << 0) /**< The data associated with the uid will not be able to be modified or deleted. Intended to be used to set bits in `psa_storage_create_flags_t`*/
-
-/**
- * \brief A container for metadata associated with a specific uid
- */
-struct psa_storage_info_t
-{
-    uint32_t size;                  /**< The size of the data associated with a uid **/
-    psa_storage_create_flags_t flags;    /**< The flags set when the uid was created **/
-};
-
-/** Flag indicating that \ref psa_storage_create and \ref psa_storage_set_extended are supported */
-#define PSA_STORAGE_SUPPORT_SET_EXTENDED (1 << 0)
-
-/** \brief PSA storage specific error codes
- */
-#define PSA_ERROR_INVALID_SIGNATURE     ((psa_status_t)-149)
-#define PSA_ERROR_DATA_CORRUPT          ((psa_status_t)-152)
-
-#define PSA_ITS_API_VERSION_MAJOR  1  /**< The major version number of the PSA ITS API. It will be incremented on significant updates that may include breaking changes */
-#define PSA_ITS_API_VERSION_MINOR  1  /**< The minor version number of the PSA ITS API. It will be incremented in small updates that are unlikely to include breaking changes */
-
-/**
- * \brief create a new or modify an existing uid/value pair
- *
- * \param[in] uid           the identifier for the data
- * \param[in] data_length   The size in bytes of the data in `p_data`
- * \param[in] p_data        A buffer containing the data
- * \param[in] create_flags  The flags that the data will be stored with
- *
- * \return      A status indicating the success/failure of the operation
- *
- * \retval     #PSA_SUCCESS                      The operation completed successfully
- * \retval     #PSA_ERROR_NOT_PERMITTED          The operation failed because the provided `uid` value was already created with PSA_STORAGE_WRITE_ONCE_FLAG
- * \retval     #PSA_ERROR_NOT_SUPPORTED          The operation failed because one or more of the flags provided in `create_flags` is not supported or is not valid
- * \retval     #PSA_ERROR_INSUFFICIENT_STORAGE   The operation failed because there was insufficient space on the storage medium
- * \retval     #PSA_ERROR_STORAGE_FAILURE        The operation failed because the physical storage has failed (Fatal error)
- * \retval     #PSA_ERROR_INVALID_ARGUMENT       The operation failed because one of the provided pointers(`p_data`)
- *                                               is invalid, for example is `NULL` or references memory the caller cannot access
- */
-psa_status_t psa_its_set(psa_storage_uid_t uid,
-                         uint32_t data_length,
-                         const void *p_data,
-                         psa_storage_create_flags_t create_flags);
-
-/**
- * \brief Retrieve the value associated with a provided uid
- *
- * \param[in] uid               The uid value
- * \param[in] data_offset       The starting offset of the data requested
- * \param[in] data_length       the amount of data requested (and the minimum allocated size of the `p_data` buffer)
- * \param[out] p_data           The buffer where the data will be placed upon successful completion
- * \param[out] p_data_length    The amount of data returned in the p_data buffer
- *
- *
- * \return      A status indicating the success/failure of the operation
- *
- * \retval     #PSA_SUCCESS                  The operation completed successfully
- * \retval     #PSA_ERROR_DOES_NOT_EXIST     The operation failed because the provided `uid` value was not found in the storage
- * \retval     #PSA_ERROR_INVALID_SIZE       The operation failed because the data associated with provided uid is larger than `data_size`
- * \retval     #PSA_ERROR_STORAGE_FAILURE    The operation failed because the physical storage has failed (Fatal error)
- * \retval     #PSA_ERROR_INVALID_ARGUMENT   The operation failed because one of the provided pointers(`p_data`, `p_data_length`)
- *                                           is invalid. For example is `NULL` or references memory the caller cannot access.
- *                                           In addition, this can also happen if an invalid offset was provided.
- */
-psa_status_t psa_its_get(psa_storage_uid_t uid,
-                         uint32_t data_offset,
-                         uint32_t data_length,
-                         void *p_data,
-                         size_t *p_data_length );
-
-/**
- * \brief Retrieve the metadata about the provided uid
- *
- * \param[in] uid           The uid value
- * \param[out] p_info       A pointer to the `psa_storage_info_t` struct that will be populated with the metadata
- *
- * \return      A status indicating the success/failure of the operation
- *
- * \retval     #PSA_SUCCESS                  The operation completed successfully
- * \retval     #PSA_ERROR_DOES_NOT_EXIST     The operation failed because the provided uid value was not found in the storage
- * \retval     #PSA_ERROR_STORAGE_FAILURE    The operation failed because the physical storage has failed (Fatal error)
- * \retval     #PSA_ERROR_INVALID_ARGUMENT   The operation failed because one of the provided pointers(`p_info`)
- *                                           is invalid, for example is `NULL` or references memory the caller cannot access
- */
-psa_status_t psa_its_get_info(psa_storage_uid_t uid,
-                              struct psa_storage_info_t *p_info);
-
-/**
- * \brief Remove the provided key and its associated data from the storage
- *
- * \param[in] uid   The uid value
- *
- * \return  A status indicating the success/failure of the operation
- *
- * \retval     #PSA_SUCCESS                  The operation completed successfully
- * \retval     #PSA_ERROR_DOES_NOT_EXIST     The operation failed because the provided key value was not found in the storage
- * \retval     #PSA_ERROR_NOT_PERMITTED      The operation failed because the provided key value was created with PSA_STORAGE_WRITE_ONCE_FLAG
- * \retval     #PSA_ERROR_STORAGE_FAILURE    The operation failed because the physical storage has failed (Fatal error)
- */
-psa_status_t psa_its_remove(psa_storage_uid_t uid);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* PSA_CRYPTO_ITS_H */
diff --git a/3rdparty/mbedtls-2.25.0/library/psa_crypto_se.c b/3rdparty/mbedtls-2.25.0/library/psa_crypto_se.c
deleted file mode 100644
index 56678d6..0000000
--- a/3rdparty/mbedtls-2.25.0/library/psa_crypto_se.c
+++ /dev/null
@@ -1,383 +0,0 @@
-/*
- *  PSA crypto support for secure element drivers
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-
-#include <assert.h>
-#include <stdint.h>
-#include <string.h>
-
-#include "psa/crypto_se_driver.h"
-
-#include "psa_crypto_se.h"
-
-#if defined(MBEDTLS_PSA_ITS_FILE_C)
-#include "psa_crypto_its.h"
-#else /* Native ITS implementation */
-#include "psa/error.h"
-#include "psa/internal_trusted_storage.h"
-#endif
-
-#include "mbedtls/platform.h"
-#if !defined(MBEDTLS_PLATFORM_C)
-#define mbedtls_calloc calloc
-#define mbedtls_free   free
-#endif
-
-
-
-/****************************************************************/
-/* Driver lookup */
-/****************************************************************/
-
-/* This structure is identical to psa_drv_se_context_t declared in
- * `crypto_se_driver.h`, except that some parts are writable here
- * (non-const, or pointer to non-const). */
-typedef struct
-{
-    void *persistent_data;
-    size_t persistent_data_size;
-    uintptr_t transient_data;
-} psa_drv_se_internal_context_t;
-
-struct psa_se_drv_table_entry_s
-{
-    psa_key_location_t location;
-    const psa_drv_se_t *methods;
-    union
-    {
-        psa_drv_se_internal_context_t internal;
-        psa_drv_se_context_t context;
-    } u;
-};
-
-static psa_se_drv_table_entry_t driver_table[PSA_MAX_SE_DRIVERS];
-
-psa_se_drv_table_entry_t *psa_get_se_driver_entry(
-    psa_key_lifetime_t lifetime )
-{
-    size_t i;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
-    /* In the driver table, location=0 means an entry that isn't used.
-     * No driver has a location of 0 because it's a reserved value
-     * (which designates transparent keys). Make sure we never return
-     * a driver entry for location 0. */
-    if( location == 0 )
-        return( NULL );
-    for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ )
-    {
-        if( driver_table[i].location == location )
-            return( &driver_table[i] );
-    }
-    return( NULL );
-}
-
-const psa_drv_se_t *psa_get_se_driver_methods(
-    const psa_se_drv_table_entry_t *driver )
-{
-    return( driver->methods );
-}
-
-psa_drv_se_context_t *psa_get_se_driver_context(
-    psa_se_drv_table_entry_t *driver )
-{
-    return( &driver->u.context );
-}
-
-int psa_get_se_driver( psa_key_lifetime_t lifetime,
-                       const psa_drv_se_t **p_methods,
-                       psa_drv_se_context_t **p_drv_context)
-{
-    psa_se_drv_table_entry_t *driver = psa_get_se_driver_entry( lifetime );
-    if( p_methods != NULL )
-        *p_methods = ( driver ? driver->methods : NULL );
-    if( p_drv_context != NULL )
-        *p_drv_context = ( driver ? &driver->u.context : NULL );
-    return( driver != NULL );
-}
-
-
-
-/****************************************************************/
-/* Persistent data management */
-/****************************************************************/
-
-static psa_status_t psa_get_se_driver_its_file_uid(
-    const psa_se_drv_table_entry_t *driver,
-    psa_storage_uid_t *uid )
-{
-    if( driver->location > PSA_MAX_SE_LOCATION )
-        return( PSA_ERROR_NOT_SUPPORTED );
-
-#if SIZE_MAX > UINT32_MAX
-    /* ITS file sizes are limited to 32 bits. */
-    if( driver->u.internal.persistent_data_size > UINT32_MAX )
-        return( PSA_ERROR_NOT_SUPPORTED );
-#endif
-
-    /* See the documentation of PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE. */
-    *uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + driver->location;
-    return( PSA_SUCCESS );
-}
-
-psa_status_t psa_load_se_persistent_data(
-    const psa_se_drv_table_entry_t *driver )
-{
-    psa_status_t status;
-    psa_storage_uid_t uid;
-    size_t length;
-
-    status = psa_get_se_driver_its_file_uid( driver, &uid );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    /* Read the amount of persistent data that the driver requests.
-     * If the data in storage is larger, it is truncated. If the data
-     * in storage is smaller, silently keep what is already at the end
-     * of the output buffer. */
-    /* psa_get_se_driver_its_file_uid ensures that the size_t
-     * persistent_data_size is in range, but compilers don't know that,
-     * so cast to reassure them. */
-    return( psa_its_get( uid, 0,
-                         (uint32_t) driver->u.internal.persistent_data_size,
-                         driver->u.internal.persistent_data,
-                         &length ) );
-}
-
-psa_status_t psa_save_se_persistent_data(
-    const psa_se_drv_table_entry_t *driver )
-{
-    psa_status_t status;
-    psa_storage_uid_t uid;
-
-    status = psa_get_se_driver_its_file_uid( driver, &uid );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    /* psa_get_se_driver_its_file_uid ensures that the size_t
-     * persistent_data_size is in range, but compilers don't know that,
-     * so cast to reassure them. */
-    return( psa_its_set( uid,
-                         (uint32_t) driver->u.internal.persistent_data_size,
-                         driver->u.internal.persistent_data,
-                         0 ) );
-}
-
-psa_status_t psa_destroy_se_persistent_data( psa_key_location_t location )
-{
-    psa_storage_uid_t uid;
-    if( location > PSA_MAX_SE_LOCATION )
-        return( PSA_ERROR_NOT_SUPPORTED );
-    uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + location;
-    return( psa_its_remove( uid ) );
-}
-
-psa_status_t psa_find_se_slot_for_key(
-    const psa_key_attributes_t *attributes,
-    psa_key_creation_method_t method,
-    psa_se_drv_table_entry_t *driver,
-    psa_key_slot_number_t *slot_number )
-{
-    psa_status_t status;
-    psa_key_location_t key_location =
-        PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime( attributes ) );
-
-    /* If the location is wrong, it's a bug in the library. */
-    if( driver->location != key_location )
-        return( PSA_ERROR_CORRUPTION_DETECTED );
-
-    /* If the driver doesn't support key creation in any way, give up now. */
-    if( driver->methods->key_management == NULL )
-        return( PSA_ERROR_NOT_SUPPORTED );
-
-    if( psa_get_key_slot_number( attributes, slot_number ) == PSA_SUCCESS )
-    {
-        /* The application wants to use a specific slot. Allow it if
-         * the driver supports it. On a system with isolation,
-         * the crypto service must check that the application is
-         * permitted to request this slot. */
-        psa_drv_se_validate_slot_number_t p_validate_slot_number =
-            driver->methods->key_management->p_validate_slot_number;
-        if( p_validate_slot_number == NULL )
-            return( PSA_ERROR_NOT_SUPPORTED );
-        status = p_validate_slot_number( &driver->u.context,
-                                         driver->u.internal.persistent_data,
-                                         attributes, method,
-                                         *slot_number );
-    }
-    else if( method == PSA_KEY_CREATION_REGISTER )
-    {
-        /* The application didn't specify a slot number. This doesn't
-         * make sense when registering a slot. */
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    }
-    else
-    {
-        /* The application didn't tell us which slot to use. Let the driver
-         * choose. This is the normal case. */
-        psa_drv_se_allocate_key_t p_allocate =
-            driver->methods->key_management->p_allocate;
-        if( p_allocate == NULL )
-            return( PSA_ERROR_NOT_SUPPORTED );
-        status = p_allocate( &driver->u.context,
-                             driver->u.internal.persistent_data,
-                             attributes, method,
-                             slot_number );
-    }
-    return( status );
-}
-
-psa_status_t psa_destroy_se_key( psa_se_drv_table_entry_t *driver,
-                                 psa_key_slot_number_t slot_number )
-{
-    psa_status_t status;
-    psa_status_t storage_status;
-    /* Normally a missing method would mean that the action is not
-     * supported. But psa_destroy_key() is not supposed to return
-     * PSA_ERROR_NOT_SUPPORTED: if you can create a key, you should
-     * be able to destroy it. The only use case for a driver that
-     * does not have a way to destroy keys at all is if the keys are
-     * locked in a read-only state: we can use the keys but not
-     * destroy them. Hence, if the driver doesn't support destroying
-     * keys, it's really a lack of permission. */
-    if( driver->methods->key_management == NULL ||
-        driver->methods->key_management->p_destroy == NULL )
-        return( PSA_ERROR_NOT_PERMITTED );
-    status = driver->methods->key_management->p_destroy(
-        &driver->u.context,
-        driver->u.internal.persistent_data,
-        slot_number );
-    storage_status = psa_save_se_persistent_data( driver );
-    return( status == PSA_SUCCESS ? storage_status : status );
-}
-
-psa_status_t psa_init_all_se_drivers( void )
-{
-    size_t i;
-    for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ )
-    {
-        psa_se_drv_table_entry_t *driver = &driver_table[i];
-        if( driver->location == 0 )
-            continue; /* skipping unused entry */
-        const psa_drv_se_t *methods = psa_get_se_driver_methods( driver );
-        if( methods->p_init != NULL )
-        {
-            psa_status_t status = methods->p_init(
-                &driver->u.context,
-                driver->u.internal.persistent_data,
-                driver->location );
-            if( status != PSA_SUCCESS )
-                return( status );
-            status = psa_save_se_persistent_data( driver );
-            if( status != PSA_SUCCESS )
-                return( status );
-        }
-    }
-    return( PSA_SUCCESS );
-}
-
-
-
-/****************************************************************/
-/* Driver registration */
-/****************************************************************/
-
-psa_status_t psa_register_se_driver(
-    psa_key_location_t location,
-    const psa_drv_se_t *methods)
-{
-    size_t i;
-    psa_status_t status;
-
-    if( methods->hal_version != PSA_DRV_SE_HAL_VERSION )
-        return( PSA_ERROR_NOT_SUPPORTED );
-    /* Driver table entries are 0-initialized. 0 is not a valid driver
-     * location because it means a transparent key. */
-#if defined(static_assert)
-    static_assert( PSA_KEY_LOCATION_LOCAL_STORAGE == 0,
-                   "Secure element support requires 0 to mean a local key" );
-#endif
-    if( location == PSA_KEY_LOCATION_LOCAL_STORAGE )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    if( location > PSA_MAX_SE_LOCATION )
-        return( PSA_ERROR_NOT_SUPPORTED );
-
-    for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ )
-    {
-        if( driver_table[i].location == 0 )
-            break;
-        /* Check that location isn't already in use up to the first free
-         * entry. Since entries are created in order and never deleted,
-         * there can't be a used entry after the first free entry. */
-        if( driver_table[i].location == location )
-            return( PSA_ERROR_ALREADY_EXISTS );
-    }
-    if( i == PSA_MAX_SE_DRIVERS )
-        return( PSA_ERROR_INSUFFICIENT_MEMORY );
-
-    driver_table[i].location = location;
-    driver_table[i].methods = methods;
-    driver_table[i].u.internal.persistent_data_size =
-        methods->persistent_data_size;
-
-    if( methods->persistent_data_size != 0 )
-    {
-        driver_table[i].u.internal.persistent_data =
-            mbedtls_calloc( 1, methods->persistent_data_size );
-        if( driver_table[i].u.internal.persistent_data == NULL )
-        {
-            status = PSA_ERROR_INSUFFICIENT_MEMORY;
-            goto error;
-        }
-        /* Load the driver's persistent data. On first use, the persistent
-         * data does not exist in storage, and is initialized to
-         * all-bits-zero by the calloc call just above. */
-        status = psa_load_se_persistent_data( &driver_table[i] );
-        if( status != PSA_SUCCESS && status != PSA_ERROR_DOES_NOT_EXIST )
-            goto error;
-    }
-
-    return( PSA_SUCCESS );
-
-error:
-    memset( &driver_table[i], 0, sizeof( driver_table[i] ) );
-    return( status );
-}
-
-void psa_unregister_all_se_drivers( void )
-{
-    size_t i;
-    for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ )
-    {
-        if( driver_table[i].u.internal.persistent_data != NULL )
-            mbedtls_free( driver_table[i].u.internal.persistent_data );
-    }
-    memset( driver_table, 0, sizeof( driver_table ) );
-}
-
-
-
-/****************************************************************/
-/* The end */
-/****************************************************************/
-
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/psa_crypto_service_integration.h b/3rdparty/mbedtls-2.25.0/library/psa_crypto_service_integration.h
deleted file mode 100644
index 87889af..0000000
--- a/3rdparty/mbedtls-2.25.0/library/psa_crypto_service_integration.h
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_SERVICE_INTEGRATION_H
-#define PSA_CRYPTO_SERVICE_INTEGRATION_H
-
-/*
- * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM
- * (Secure Partition Manager) integration which separates the code into two
- * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing
- * Environment). When building for the SPE, an additional header file should be
- * included.
- */
-#if defined(MBEDTLS_PSA_CRYPTO_SPM)
-/*
- * PSA_CRYPTO_SECURE means that the file which included this file is being
- * compiled for SPE. The files crypto_structs.h and crypto_types.h have
- * different implementations for NSPE and SPE and are compiled according to this
- * flag.
- */
-#define PSA_CRYPTO_SECURE 1
-#include "crypto_spe.h"
-#endif // MBEDTLS_PSA_CRYPTO_SPM
-
-#endif // PSA_CRYPTO_SERVICE_INTEGRATION_H
diff --git a/3rdparty/mbedtls-2.25.0/library/psa_crypto_slot_management.c b/3rdparty/mbedtls-2.25.0/library/psa_crypto_slot_management.c
deleted file mode 100644
index 4c4ad03..0000000
--- a/3rdparty/mbedtls-2.25.0/library/psa_crypto_slot_management.c
+++ /dev/null
@@ -1,478 +0,0 @@
-/*
- *  PSA crypto layer on top of Mbed TLS crypto
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_PSA_CRYPTO_C)
-
-#include "psa_crypto_service_integration.h"
-#include "psa/crypto.h"
-
-#include "psa_crypto_core.h"
-#include "psa_crypto_slot_management.h"
-#include "psa_crypto_storage.h"
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-#include "psa_crypto_se.h"
-#endif
-
-#include <stdlib.h>
-#include <string.h>
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#define mbedtls_calloc calloc
-#define mbedtls_free   free
-#endif
-
-#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
-
-typedef struct
-{
-    psa_key_slot_t key_slots[PSA_KEY_SLOT_COUNT];
-    unsigned key_slots_initialized : 1;
-} psa_global_data_t;
-
-static psa_global_data_t global_data;
-
-psa_status_t psa_validate_key_id(
-    mbedtls_svc_key_id_t key, int vendor_ok )
-{
-    psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key );
-
-    if( ( PSA_KEY_ID_USER_MIN <= key_id ) &&
-        ( key_id <= PSA_KEY_ID_USER_MAX ) )
-        return( PSA_SUCCESS );
-
-    if( vendor_ok &&
-        ( PSA_KEY_ID_VENDOR_MIN <= key_id ) &&
-        ( key_id <= PSA_KEY_ID_VENDOR_MAX ) )
-        return( PSA_SUCCESS );
-
-    return( PSA_ERROR_INVALID_HANDLE );
-}
-
-/** Get the description in memory of a key given its identifier and lock it.
- *
- * The descriptions of volatile keys and loaded persistent keys are
- * stored in key slots. This function returns a pointer to the key slot
- * containing the description of a key given its identifier.
- *
- * The function searches the key slots containing the description of the key
- * with \p key identifier. The function does only read accesses to the key
- * slots. The function does not load any persistent key thus does not access
- * any storage.
- *
- * For volatile key identifiers, only one key slot is queried as a volatile
- * key with identifier key_id can only be stored in slot of index
- * ( key_id - #PSA_KEY_ID_VOLATILE_MIN ).
- *
- * On success, the function locks the key slot. It is the responsibility of
- * the caller to unlock the key slot when it does not access it anymore.
- *
- * \param key           Key identifier to query.
- * \param[out] p_slot   On success, `*p_slot` contains a pointer to the
- *                      key slot containing the description of the key
- *                      identified by \p key.
- *
- * \retval #PSA_SUCCESS
- *         The pointer to the key slot containing the description of the key
- *         identified by \p key was returned.
- * \retval #PSA_ERROR_INVALID_HANDLE
- *         \p key is not a valid key identifier.
- * \retval #PSA_ERROR_DOES_NOT_EXIST
- *         There is no key with key identifier \p key in the key slots.
- */
-static psa_status_t psa_get_and_lock_key_slot_in_memory(
-    mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key );
-    size_t slot_idx;
-    psa_key_slot_t *slot = NULL;
-
-    if( psa_key_id_is_volatile( key_id ) )
-    {
-        slot = &global_data.key_slots[ key_id - PSA_KEY_ID_VOLATILE_MIN ];
-
-        /*
-         * Check if both the PSA key identifier key_id and the owner
-         * identifier of key match those of the key slot.
-         *
-         * Note that, if the key slot is not occupied, its PSA key identifier
-         * is equal to zero. This is an invalid value for a PSA key identifier
-         * and thus cannot be equal to the valid PSA key identifier key_id.
-         */
-        status = mbedtls_svc_key_id_equal( key, slot->attr.id ) ?
-                 PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST;
-    }
-    else
-    {
-        status = psa_validate_key_id( key, 1 );
-        if( status != PSA_SUCCESS )
-            return( status );
-
-        for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
-        {
-            slot = &global_data.key_slots[ slot_idx ];
-            if( mbedtls_svc_key_id_equal( key, slot->attr.id ) )
-                break;
-        }
-        status = ( slot_idx < PSA_KEY_SLOT_COUNT ) ?
-                 PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST;
-    }
-
-    if( status == PSA_SUCCESS )
-    {
-        status = psa_lock_key_slot( slot );
-        if( status == PSA_SUCCESS )
-            *p_slot = slot;
-    }
-
-    return( status );
-}
-
-psa_status_t psa_initialize_key_slots( void )
-{
-    /* Nothing to do: program startup and psa_wipe_all_key_slots() both
-     * guarantee that the key slots are initialized to all-zero, which
-     * means that all the key slots are in a valid, empty state. */
-    global_data.key_slots_initialized = 1;
-    return( PSA_SUCCESS );
-}
-
-void psa_wipe_all_key_slots( void )
-{
-    size_t slot_idx;
-
-    for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
-    {
-        psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ];
-        slot->lock_count = 1;
-        (void) psa_wipe_key_slot( slot );
-    }
-    global_data.key_slots_initialized = 0;
-}
-
-psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id,
-                                     psa_key_slot_t **p_slot )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    size_t slot_idx;
-    psa_key_slot_t *selected_slot, *unlocked_persistent_key_slot;
-
-    if( ! global_data.key_slots_initialized )
-    {
-        status = PSA_ERROR_BAD_STATE;
-        goto error;
-    }
-
-    selected_slot = unlocked_persistent_key_slot = NULL;
-    for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
-    {
-        psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ];
-        if( ! psa_is_key_slot_occupied( slot ) )
-        {
-            selected_slot = slot;
-            break;
-        }
-
-        if( ( unlocked_persistent_key_slot == NULL ) &&
-            ( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) &&
-            ( ! psa_is_key_slot_locked( slot ) ) )
-            unlocked_persistent_key_slot = slot;
-    }
-
-    /*
-     * If there is no unused key slot and there is at least one unlocked key
-     * slot containing the description of a persistent key, recycle the first
-     * such key slot we encountered. If we later need to operate on the
-     * persistent key we are evicting now, we will reload its description from
-     * storage.
-     */
-    if( ( selected_slot == NULL ) &&
-        ( unlocked_persistent_key_slot != NULL ) )
-    {
-        selected_slot = unlocked_persistent_key_slot;
-        selected_slot->lock_count = 1;
-        psa_wipe_key_slot( selected_slot );
-    }
-
-    if( selected_slot != NULL )
-    {
-       status = psa_lock_key_slot( selected_slot );
-       if( status != PSA_SUCCESS )
-           goto error;
-
-        *volatile_key_id = PSA_KEY_ID_VOLATILE_MIN +
-            ( (psa_key_id_t)( selected_slot - global_data.key_slots ) );
-        *p_slot = selected_slot;
-
-        return( PSA_SUCCESS );
-    }
-    status = PSA_ERROR_INSUFFICIENT_MEMORY;
-
-error:
-    *p_slot = NULL;
-    *volatile_key_id = 0;
-
-    return( status );
-}
-
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *slot )
-{
-    psa_status_t status = PSA_SUCCESS;
-    uint8_t *key_data = NULL;
-    size_t key_data_length = 0;
-
-    status = psa_load_persistent_key( &slot->attr,
-                                      &key_data, &key_data_length );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    if( psa_key_lifetime_is_external( slot->attr.lifetime ) )
-    {
-        psa_se_key_data_storage_t *data;
-        if( key_data_length != sizeof( *data ) )
-        {
-            status = PSA_ERROR_STORAGE_FAILURE;
-            goto exit;
-        }
-        data = (psa_se_key_data_storage_t *) key_data;
-        memcpy( &slot->data.se.slot_number, &data->slot_number,
-                sizeof( slot->data.se.slot_number ) );
-    }
-    else
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-    {
-        status = psa_copy_key_material_into_slot( slot, key_data, key_data_length );
-        if( status != PSA_SUCCESS )
-            goto exit;
-    }
-
-exit:
-    psa_free_persistent_key_data( key_data, key_data_length );
-    return( status );
-}
-#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
-
-psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key,
-                                        psa_key_slot_t **p_slot )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-
-    *p_slot = NULL;
-    if( ! global_data.key_slots_initialized )
-        return( PSA_ERROR_BAD_STATE );
-
-    /*
-     * On success, the pointer to the slot is passed directly to the caller
-     * thus no need to unlock the key slot here.
-     */
-    status = psa_get_and_lock_key_slot_in_memory( key, p_slot );
-    if( status != PSA_ERROR_DOES_NOT_EXIST )
-        return( status );
-
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-    psa_key_id_t volatile_key_id;
-
-    status = psa_get_empty_key_slot( &volatile_key_id, p_slot );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    (*p_slot)->attr.lifetime = PSA_KEY_LIFETIME_PERSISTENT;
-    (*p_slot)->attr.id = key;
-
-    status = psa_load_persistent_key_into_slot( *p_slot );
-    if( status != PSA_SUCCESS )
-        psa_wipe_key_slot( *p_slot );
-
-    return( status );
-#else
-    return( PSA_ERROR_DOES_NOT_EXIST );
-#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
-
-}
-
-psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot )
-{
-    if( slot == NULL )
-        return( PSA_SUCCESS );
-
-    if( slot->lock_count > 0 )
-    {
-        slot->lock_count--;
-        return( PSA_SUCCESS );
-    }
-
-    /*
-     * As the return error code may not be handled in case of multiple errors,
-     * do our best to report if the lock counter is equal to zero: if
-     * available call MBEDTLS_PARAM_FAILED that may terminate execution (if
-     * called as part of the execution of a unit test suite this will stop the
-     * test suite execution).
-     */
-#ifdef MBEDTLS_CHECK_PARAMS
-    MBEDTLS_PARAM_FAILED( slot->lock_count > 0 );
-#endif
-
-    return( PSA_ERROR_CORRUPTION_DETECTED );
-}
-
-psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime,
-                                        psa_se_drv_table_entry_t **p_drv )
-{
-    if ( psa_key_lifetime_is_external( lifetime ) )
-    {
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-        psa_se_drv_table_entry_t *driver = psa_get_se_driver_entry( lifetime );
-        if( driver == NULL )
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        else
-        {
-            if (p_drv != NULL)
-                *p_drv = driver;
-            return( PSA_SUCCESS );
-        }
-#else
-        (void) p_drv;
-        return( PSA_ERROR_INVALID_ARGUMENT );
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-    }
-    else
-        /* Local/internal keys are always valid */
-        return( PSA_SUCCESS );
-}
-
-psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime )
-{
-    if ( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
-    {
-        /* Volatile keys are always supported */
-        return( PSA_SUCCESS );
-    }
-    else
-    {
-        /* Persistent keys require storage support */
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-        return( PSA_SUCCESS );
-#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
-        return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */
-    }
-}
-
-psa_status_t psa_open_key( mbedtls_svc_key_id_t key, psa_key_handle_t *handle )
-{
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-    psa_status_t status;
-    psa_key_slot_t *slot;
-
-    status = psa_get_and_lock_key_slot( key, &slot );
-    if( status != PSA_SUCCESS )
-    {
-        *handle = PSA_KEY_HANDLE_INIT;
-        return( status );
-    }
-
-    *handle = key;
-
-    return( psa_unlock_key_slot( slot ) );
-
-#else /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
-    (void) key;
-    *handle = PSA_KEY_HANDLE_INIT;
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* !defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
-}
-
-psa_status_t psa_close_key( psa_key_handle_t handle )
-{
-    psa_status_t status;
-    psa_key_slot_t *slot;
-
-    if( psa_key_handle_is_null( handle ) )
-        return( PSA_SUCCESS );
-
-    status = psa_get_and_lock_key_slot_in_memory( handle, &slot );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    if( slot->lock_count <= 1 )
-        return( psa_wipe_key_slot( slot ) );
-    else
-        return( psa_unlock_key_slot( slot ) );
-}
-
-psa_status_t psa_purge_key( mbedtls_svc_key_id_t key )
-{
-    psa_status_t status;
-    psa_key_slot_t *slot;
-
-    status = psa_get_and_lock_key_slot_in_memory( key, &slot );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    if( ( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) &&
-        ( slot->lock_count <= 1 ) )
-        return( psa_wipe_key_slot( slot ) );
-    else
-        return( psa_unlock_key_slot( slot ) );
-}
-
-void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats )
-{
-    size_t slot_idx;
-
-    memset( stats, 0, sizeof( *stats ) );
-
-    for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
-    {
-        const psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ];
-        if( psa_is_key_slot_locked( slot ) )
-        {
-            ++stats->locked_slots;
-        }
-        if( ! psa_is_key_slot_occupied( slot ) )
-        {
-            ++stats->empty_slots;
-            continue;
-        }
-        if( slot->attr.lifetime == PSA_KEY_LIFETIME_VOLATILE )
-            ++stats->volatile_slots;
-        else if( slot->attr.lifetime == PSA_KEY_LIFETIME_PERSISTENT )
-        {
-            psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id );
-            ++stats->persistent_slots;
-            if( id > stats->max_open_internal_key_id )
-                stats->max_open_internal_key_id = id;
-        }
-        else
-        {
-            psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id );
-            ++stats->external_slots;
-            if( id > stats->max_open_external_key_id )
-                stats->max_open_external_key_id = id;
-        }
-    }
-}
-
-#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/psa_crypto_slot_management.h b/3rdparty/mbedtls-2.25.0/library/psa_crypto_slot_management.h
deleted file mode 100644
index ef0814a..0000000
--- a/3rdparty/mbedtls-2.25.0/library/psa_crypto_slot_management.h
+++ /dev/null
@@ -1,229 +0,0 @@
-/*
- *  PSA crypto layer on top of Mbed TLS crypto
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_SLOT_MANAGEMENT_H
-#define PSA_CRYPTO_SLOT_MANAGEMENT_H
-
-#include "psa/crypto.h"
-#include "psa_crypto_core.h"
-#include "psa_crypto_se.h"
-
-/* Number of key slots (plus one because 0 is not used).
- * The value is a compile-time constant for now, for simplicity. */
-#define PSA_KEY_SLOT_COUNT 32
-
-/** Range of volatile key identifiers.
- *
- *  The last PSA_KEY_SLOT_COUNT identifiers of the implementation range
- *  of key identifiers are reserved for volatile key identifiers.
- *  A volatile key identifier is equal to #PSA_KEY_ID_VOLATILE_MIN plus the
- *  index of the key slot containing the volatile key definition.
- */
-
-/** The minimum value for a volatile key identifier.
- */
-#define PSA_KEY_ID_VOLATILE_MIN  ( PSA_KEY_ID_VENDOR_MAX - \
-                                   PSA_KEY_SLOT_COUNT + 1 )
-
-/** The maximum value for a volatile key identifier.
- */
-#define PSA_KEY_ID_VOLATILE_MAX  PSA_KEY_ID_VENDOR_MAX
-
-/** Test whether a key identifier is a volatile key identifier.
- *
- * \param key_id  Key identifier to test.
- *
- * \retval 1
- *         The key identifier is a volatile key identifier.
- * \retval 0
- *         The key identifier is not a volatile key identifier.
- */
-static inline int psa_key_id_is_volatile( psa_key_id_t key_id )
-{
-    return( ( key_id >= PSA_KEY_ID_VOLATILE_MIN ) &&
-            ( key_id <= PSA_KEY_ID_VOLATILE_MAX ) );
-}
-
-/** Get the description of a key given its identifier and lock it.
- *
- * The descriptions of volatile keys and loaded persistent keys are stored in
- * key slots. This function returns a pointer to the key slot containing the
- * description of a key given its identifier.
- *
- * In case of a persistent key, the function loads the description of the key
- * into a key slot if not already done.
- *
- * On success, the returned key slot is locked. It is the responsibility of
- * the caller to unlock the key slot when it does not access it anymore.
- *
- * \param key           Key identifier to query.
- * \param[out] p_slot   On success, `*p_slot` contains a pointer to the
- *                      key slot containing the description of the key
- *                      identified by \p key.
- *
- * \retval #PSA_SUCCESS
- *         \p *p_slot contains a pointer to the key slot containing the
- *         description of the key identified by \p key.
- *         The key slot counter has been incremented.
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been initialized.
- * \retval #PSA_ERROR_INVALID_HANDLE
- *         \p key is not a valid key identifier.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- *         \p key is a persistent key identifier. The implementation does not
- *         have sufficient resources to load the persistent key. This can be
- *         due to a lack of empty key slot, or available memory.
- * \retval #PSA_ERROR_DOES_NOT_EXIST
- *         There is no key with key identifier \p key.
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_DATA_CORRUPT
- */
-psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key,
-                                        psa_key_slot_t **p_slot );
-
-/** Initialize the key slot structures.
- *
- * \retval #PSA_SUCCESS
- *         Currently this function always succeeds.
- */
-psa_status_t psa_initialize_key_slots( void );
-
-/** Delete all data from key slots in memory.
- *
- * This does not affect persistent storage. */
-void psa_wipe_all_key_slots( void );
-
-/** Find a free key slot.
- *
- * This function returns a key slot that is available for use and is in its
- * ground state (all-bits-zero). On success, the key slot is locked. It is
- * the responsibility of the caller to unlock the key slot when it does not
- * access it anymore.
- *
- * \param[out] volatile_key_id   On success, volatile key identifier
- *                               associated to the returned slot.
- * \param[out] p_slot            On success, a pointer to the slot.
- *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_BAD_STATE
- */
-psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id,
-                                     psa_key_slot_t **p_slot );
-
-/** Lock a key slot.
- *
- * This function increments the key slot lock counter by one.
- *
- * \param[in] slot  The key slot.
- *
- * \retval #PSA_SUCCESS
-               The key slot lock counter was incremented.
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- *             The lock counter already reached its maximum value and was not
- *             increased.
- */
-static inline psa_status_t psa_lock_key_slot( psa_key_slot_t *slot )
-{
-    if( slot->lock_count >= SIZE_MAX )
-        return( PSA_ERROR_CORRUPTION_DETECTED );
-
-    slot->lock_count++;
-
-    return( PSA_SUCCESS );
-}
-
-/** Unlock a key slot.
- *
- * This function decrements the key slot lock counter by one.
- *
- * \note To ease the handling of errors in retrieving a key slot
- *       a NULL input pointer is valid, and the function returns
- *       successfully without doing anything in that case.
- *
- * \param[in] slot  The key slot.
- * \retval #PSA_SUCCESS
- *             \p slot is NULL or the key slot lock counter has been
- *             decremented successfully.
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- *             The lock counter was equal to 0.
- *
- */
-psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot );
-
-/** Test whether a lifetime designates a key in an external cryptoprocessor.
- *
- * \param lifetime      The lifetime to test.
- *
- * \retval 1
- *         The lifetime designates an external key. There should be a
- *         registered driver for this lifetime, otherwise the key cannot
- *         be created or manipulated.
- * \retval 0
- *         The lifetime designates a key that is volatile or in internal
- *         storage.
- */
-static inline int psa_key_lifetime_is_external( psa_key_lifetime_t lifetime )
-{
-    return( PSA_KEY_LIFETIME_GET_LOCATION( lifetime )
-                != PSA_KEY_LOCATION_LOCAL_STORAGE );
-}
-
-/** Validate a key's location.
- *
- * This function checks whether the key's attributes point to a location that
- * is known to the PSA Core, and returns the driver function table if the key
- * is to be found in an external location.
- *
- * \param[in] lifetime      The key lifetime attribute.
- * \param[out] p_drv        On success, when a key is located in external
- *                          storage, returns a pointer to the driver table
- *                          associated with the key's storage location.
- *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- */
-psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime,
-                                        psa_se_drv_table_entry_t **p_drv );
-
-/** Validate the persistence of a key.
- *
- * \param[in] lifetime  The key lifetime attribute.
- *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INVALID_ARGUMENT The key is persistent but persistent
- *         keys are not supported.
- */
-psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime );
-
-/** Validate a key identifier.
- *
- * \param[in] key           The key identifier.
- * \param[in] vendor_ok     Non-zero to indicate that key identifiers in the
- *                          vendor range are allowed, volatile key identifiers
- *                          excepted \c 0 otherwise.
- *
- * \retval #PSA_SUCCESS The identifier is valid.
- * \retval #PSA_ERROR_INVALID_ARGUMENT The key identifier is not valid.
- */
-psa_status_t psa_validate_key_id( mbedtls_svc_key_id_t key, int vendor_ok );
-
-#endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */
diff --git a/3rdparty/mbedtls-2.25.0/library/psa_crypto_storage.c b/3rdparty/mbedtls-2.25.0/library/psa_crypto_storage.c
deleted file mode 100644
index 1ebd20e..0000000
--- a/3rdparty/mbedtls-2.25.0/library/psa_crypto_storage.c
+++ /dev/null
@@ -1,523 +0,0 @@
-/*
- *  PSA persistent key storage
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if defined(MBEDTLS_CONFIG_FILE)
-#include MBEDTLS_CONFIG_FILE
-#else
-#include "mbedtls/config.h"
-#endif
-
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-
-#include <stdlib.h>
-#include <string.h>
-
-#include "psa_crypto_service_integration.h"
-#include "psa/crypto.h"
-#include "psa_crypto_storage.h"
-#include "mbedtls/platform_util.h"
-
-#if defined(MBEDTLS_PSA_ITS_FILE_C)
-#include "psa_crypto_its.h"
-#else /* Native ITS implementation */
-#include "psa/error.h"
-#include "psa/internal_trusted_storage.h"
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc   calloc
-#define mbedtls_free     free
-#endif
-
-
-
-/****************************************************************/
-/* Key storage */
-/****************************************************************/
-
-/* Determine a file name (ITS file identifier) for the given key identifier.
- * The file name must be distinct from any file that is used for a purpose
- * other than storing a key. Currently, the only such file is the random seed
- * file whose name is PSA_CRYPTO_ITS_RANDOM_SEED_UID and whose value is
- * 0xFFFFFF52. */
-static psa_storage_uid_t psa_its_identifier_of_slot( mbedtls_svc_key_id_t key )
-{
-#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
-    /* Encode the owner in the upper 32 bits. This means that if
-     * owner values are nonzero (as they are on a PSA platform),
-     * no key file will ever have a value less than 0x100000000, so
-     * the whole range 0..0xffffffff is available for non-key files. */
-    uint32_t unsigned_owner_id = MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( key );
-    return(  ( (uint64_t) unsigned_owner_id << 32 ) |
-             MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ) );
-#else
-    /* Use the key id directly as a file name.
-     * psa_is_key_id_valid() in psa_crypto_slot_management.c
-     * is responsible for ensuring that key identifiers do not have a
-     * value that is reserved for non-key files. */
-    return( key );
-#endif
-}
-
-/**
- * \brief Load persistent data for the given key slot number.
- *
- * This function reads data from a storage backend and returns the data in a
- * buffer.
- *
- * \param key               Persistent identifier of the key to be loaded. This
- *                          should be an occupied storage location.
- * \param[out] data         Buffer where the data is to be written.
- * \param data_size         Size of the \c data buffer in bytes.
- *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_DOES_NOT_EXIST
- */
-static psa_status_t psa_crypto_storage_load(
-    const mbedtls_svc_key_id_t key, uint8_t *data, size_t data_size )
-{
-    psa_status_t status;
-    psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
-    struct psa_storage_info_t data_identifier_info;
-    size_t data_length = 0;
-
-    status = psa_its_get_info( data_identifier, &data_identifier_info );
-    if( status  != PSA_SUCCESS )
-        return( status );
-
-    status = psa_its_get( data_identifier, 0, (uint32_t) data_size, data, &data_length );
-    if( data_size  != data_length )
-        return( PSA_ERROR_STORAGE_FAILURE );
-
-    return( status );
-}
-
-int psa_is_key_present_in_storage( const mbedtls_svc_key_id_t key )
-{
-    psa_status_t ret;
-    psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
-    struct psa_storage_info_t data_identifier_info;
-
-    ret = psa_its_get_info( data_identifier, &data_identifier_info );
-
-    if( ret == PSA_ERROR_DOES_NOT_EXIST )
-        return( 0 );
-    return( 1 );
-}
-
-/**
- * \brief Store persistent data for the given key slot number.
- *
- * This function stores the given data buffer to a persistent storage.
- *
- * \param key           Persistent identifier of the key to be stored. This
- *                      should be an unoccupied storage location.
- * \param[in] data      Buffer containing the data to be stored.
- * \param data_length   The number of bytes
- *                      that make up the data.
- *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_ALREADY_EXISTS
- */
-static psa_status_t psa_crypto_storage_store( const mbedtls_svc_key_id_t key,
-                                              const uint8_t *data,
-                                              size_t data_length )
-{
-    psa_status_t status;
-    psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
-    struct psa_storage_info_t data_identifier_info;
-
-    if( psa_is_key_present_in_storage( key ) == 1 )
-        return( PSA_ERROR_ALREADY_EXISTS );
-
-    status = psa_its_set( data_identifier, (uint32_t) data_length, data, 0 );
-    if( status != PSA_SUCCESS )
-    {
-        return( PSA_ERROR_STORAGE_FAILURE );
-    }
-
-    status = psa_its_get_info( data_identifier, &data_identifier_info );
-    if( status != PSA_SUCCESS )
-    {
-        goto exit;
-    }
-
-    if( data_identifier_info.size != data_length )
-    {
-        status = PSA_ERROR_STORAGE_FAILURE;
-        goto exit;
-    }
-
-exit:
-    if( status != PSA_SUCCESS )
-    {
-        /* Remove the file in case we managed to create it but something
-         * went wrong. It's ok if the file doesn't exist. If the file exists
-         * but the removal fails, we're already reporting an error so there's
-         * nothing else we can do. */
-        (void) psa_its_remove( data_identifier );
-    }
-    return( status );
-}
-
-psa_status_t psa_destroy_persistent_key( const mbedtls_svc_key_id_t key )
-{
-    psa_status_t ret;
-    psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
-    struct psa_storage_info_t data_identifier_info;
-
-    ret = psa_its_get_info( data_identifier, &data_identifier_info );
-    if( ret == PSA_ERROR_DOES_NOT_EXIST )
-        return( PSA_SUCCESS );
-
-    if( psa_its_remove( data_identifier ) != PSA_SUCCESS )
-        return( PSA_ERROR_STORAGE_FAILURE );
-
-    ret = psa_its_get_info( data_identifier, &data_identifier_info );
-    if( ret != PSA_ERROR_DOES_NOT_EXIST )
-        return( PSA_ERROR_STORAGE_FAILURE );
-
-    return( PSA_SUCCESS );
-}
-
-/**
- * \brief Get data length for given key slot number.
- *
- * \param key               Persistent identifier whose stored data length
- *                          is to be obtained.
- * \param[out] data_length  The number of bytes that make up the data.
- *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_STORAGE_FAILURE
- */
-static psa_status_t psa_crypto_storage_get_data_length(
-    const mbedtls_svc_key_id_t key,
-    size_t *data_length )
-{
-    psa_status_t status;
-    psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
-    struct psa_storage_info_t data_identifier_info;
-
-    status = psa_its_get_info( data_identifier, &data_identifier_info );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    *data_length = (size_t) data_identifier_info.size;
-
-    return( PSA_SUCCESS );
-}
-
-/*
- * 32-bit integer manipulation macros (little endian)
- */
-#ifndef GET_UINT32_LE
-#define GET_UINT32_LE( n, b, i )                        \
-{                                                       \
-    (n) = ( (uint32_t) (b)[(i)    ]       )             \
-        | ( (uint32_t) (b)[(i) + 1] <<  8 )             \
-        | ( (uint32_t) (b)[(i) + 2] << 16 )             \
-        | ( (uint32_t) (b)[(i) + 3] << 24 );            \
-}
-#endif
-
-#ifndef PUT_UINT32_LE
-#define PUT_UINT32_LE( n, b, i )                                \
-{                                                               \
-    (b)[(i)    ] = (unsigned char) ( ( (n)       ) & 0xFF );    \
-    (b)[(i) + 1] = (unsigned char) ( ( (n) >>  8 ) & 0xFF );    \
-    (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF );    \
-    (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF );    \
-}
-#endif
-
-/*
- * 16-bit integer manipulation macros (little endian)
- */
-#ifndef GET_UINT16_LE
-#define GET_UINT16_LE( n, b, i )                        \
-{                                                       \
-    (n) = ( (uint16_t) (b)[(i)    ]       )             \
-        | ( (uint16_t) (b)[(i) + 1] <<  8 );            \
-}
-#endif
-
-#ifndef PUT_UINT16_LE
-#define PUT_UINT16_LE( n, b, i )                                \
-{                                                               \
-    (b)[(i)    ] = (unsigned char) ( ( (n)       ) & 0xFF );    \
-    (b)[(i) + 1] = (unsigned char) ( ( (n) >>  8 ) & 0xFF );    \
-}
-#endif
-
-/**
- * Persistent key storage magic header.
- */
-#define PSA_KEY_STORAGE_MAGIC_HEADER "PSA\0KEY"
-#define PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ( sizeof( PSA_KEY_STORAGE_MAGIC_HEADER ) )
-
-typedef struct {
-    uint8_t magic[PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH];
-    uint8_t version[4];
-    uint8_t lifetime[sizeof( psa_key_lifetime_t )];
-    uint8_t type[2];
-    uint8_t bits[2];
-    uint8_t policy[sizeof( psa_key_policy_t )];
-    uint8_t data_len[4];
-    uint8_t key_data[];
-} psa_persistent_key_storage_format;
-
-void psa_format_key_data_for_storage( const uint8_t *data,
-                                      const size_t data_length,
-                                      const psa_core_key_attributes_t *attr,
-                                      uint8_t *storage_data )
-{
-    psa_persistent_key_storage_format *storage_format =
-        (psa_persistent_key_storage_format *) storage_data;
-
-    memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH );
-    PUT_UINT32_LE( 0, storage_format->version, 0 );
-    PUT_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 );
-    PUT_UINT16_LE( (uint16_t) attr->type, storage_format->type, 0 );
-    PUT_UINT16_LE( (uint16_t) attr->bits, storage_format->bits, 0 );
-    PUT_UINT32_LE( attr->policy.usage, storage_format->policy, 0 );
-    PUT_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) );
-    PUT_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) );
-    PUT_UINT32_LE( data_length, storage_format->data_len, 0 );
-    memcpy( storage_format->key_data, data, data_length );
-}
-
-static psa_status_t check_magic_header( const uint8_t *data )
-{
-    if( memcmp( data, PSA_KEY_STORAGE_MAGIC_HEADER,
-                PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ) != 0 )
-        return( PSA_ERROR_STORAGE_FAILURE );
-    return( PSA_SUCCESS );
-}
-
-psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data,
-                                              size_t storage_data_length,
-                                              uint8_t **key_data,
-                                              size_t *key_data_length,
-                                              psa_core_key_attributes_t *attr )
-{
-    psa_status_t status;
-    const psa_persistent_key_storage_format *storage_format =
-        (const psa_persistent_key_storage_format *)storage_data;
-    uint32_t version;
-
-    if( storage_data_length < sizeof(*storage_format) )
-        return( PSA_ERROR_STORAGE_FAILURE );
-
-    status = check_magic_header( storage_data );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    GET_UINT32_LE( version, storage_format->version, 0 );
-    if( version != 0 )
-        return( PSA_ERROR_STORAGE_FAILURE );
-
-    GET_UINT32_LE( *key_data_length, storage_format->data_len, 0 );
-    if( *key_data_length > ( storage_data_length - sizeof(*storage_format) ) ||
-        *key_data_length > PSA_CRYPTO_MAX_STORAGE_SIZE )
-        return( PSA_ERROR_STORAGE_FAILURE );
-
-    if( *key_data_length == 0 )
-    {
-        *key_data = NULL;
-    }
-    else
-    {
-        *key_data = mbedtls_calloc( 1, *key_data_length );
-        if( *key_data == NULL )
-            return( PSA_ERROR_INSUFFICIENT_MEMORY );
-        memcpy( *key_data, storage_format->key_data, *key_data_length );
-    }
-
-    GET_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 );
-    GET_UINT16_LE( attr->type, storage_format->type, 0 );
-    GET_UINT16_LE( attr->bits, storage_format->bits, 0 );
-    GET_UINT32_LE( attr->policy.usage, storage_format->policy, 0 );
-    GET_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) );
-    GET_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) );
-
-    return( PSA_SUCCESS );
-}
-
-psa_status_t psa_save_persistent_key( const psa_core_key_attributes_t *attr,
-                                      const uint8_t *data,
-                                      const size_t data_length )
-{
-    size_t storage_data_length;
-    uint8_t *storage_data;
-    psa_status_t status;
-
-    if( data_length > PSA_CRYPTO_MAX_STORAGE_SIZE )
-        return PSA_ERROR_INSUFFICIENT_STORAGE;
-    storage_data_length = data_length + sizeof( psa_persistent_key_storage_format );
-
-    storage_data = mbedtls_calloc( 1, storage_data_length );
-    if( storage_data == NULL )
-        return( PSA_ERROR_INSUFFICIENT_MEMORY );
-
-    psa_format_key_data_for_storage( data, data_length, attr, storage_data );
-
-    status = psa_crypto_storage_store( attr->id,
-                                       storage_data, storage_data_length );
-
-    mbedtls_free( storage_data );
-
-    return( status );
-}
-
-void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length )
-{
-    if( key_data != NULL )
-    {
-        mbedtls_platform_zeroize( key_data, key_data_length );
-    }
-    mbedtls_free( key_data );
-}
-
-psa_status_t psa_load_persistent_key( psa_core_key_attributes_t *attr,
-                                      uint8_t **data,
-                                      size_t *data_length )
-{
-    psa_status_t status = PSA_SUCCESS;
-    uint8_t *loaded_data;
-    size_t storage_data_length = 0;
-    mbedtls_svc_key_id_t key = attr->id;
-
-    status = psa_crypto_storage_get_data_length( key, &storage_data_length );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    loaded_data = mbedtls_calloc( 1, storage_data_length );
-
-    if( loaded_data == NULL )
-        return( PSA_ERROR_INSUFFICIENT_MEMORY );
-
-    status = psa_crypto_storage_load( key, loaded_data, storage_data_length );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    status = psa_parse_key_data_from_storage( loaded_data, storage_data_length,
-                                              data, data_length, attr );
-
-exit:
-    mbedtls_free( loaded_data );
-    return( status );
-}
-
-
-
-/****************************************************************/
-/* Transactions */
-/****************************************************************/
-
-#if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS)
-
-psa_crypto_transaction_t psa_crypto_transaction;
-
-psa_status_t psa_crypto_save_transaction( void )
-{
-    struct psa_storage_info_t p_info;
-    psa_status_t status;
-    status = psa_its_get_info( PSA_CRYPTO_ITS_TRANSACTION_UID, &p_info );
-    if( status == PSA_SUCCESS )
-    {
-        /* This shouldn't happen: we're trying to start a transaction while
-         * there is still a transaction that hasn't been replayed. */
-        return( PSA_ERROR_CORRUPTION_DETECTED );
-    }
-    else if( status != PSA_ERROR_DOES_NOT_EXIST )
-        return( status );
-    return( psa_its_set( PSA_CRYPTO_ITS_TRANSACTION_UID,
-                         sizeof( psa_crypto_transaction ),
-                         &psa_crypto_transaction,
-                         0 ) );
-}
-
-psa_status_t psa_crypto_load_transaction( void )
-{
-    psa_status_t status;
-    size_t length;
-    status = psa_its_get( PSA_CRYPTO_ITS_TRANSACTION_UID, 0,
-                          sizeof( psa_crypto_transaction ),
-                          &psa_crypto_transaction, &length );
-    if( status != PSA_SUCCESS )
-        return( status );
-    if( length != sizeof( psa_crypto_transaction ) )
-        return( PSA_ERROR_STORAGE_FAILURE );
-    return( PSA_SUCCESS );
-}
-
-psa_status_t psa_crypto_stop_transaction( void )
-{
-    psa_status_t status = psa_its_remove( PSA_CRYPTO_ITS_TRANSACTION_UID );
-    /* Whether or not updating the storage succeeded, the transaction is
-     * finished now. It's too late to go back, so zero out the in-memory
-     * data. */
-    memset( &psa_crypto_transaction, 0, sizeof( psa_crypto_transaction ) );
-    return( status );
-}
-
-#endif /* PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS */
-
-
-
-/****************************************************************/
-/* Random generator state */
-/****************************************************************/
-
-#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
-psa_status_t mbedtls_psa_storage_inject_entropy( const unsigned char *seed,
-                                                 size_t seed_size )
-{
-    psa_status_t status;
-    struct psa_storage_info_t p_info;
-
-    status = psa_its_get_info( PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info );
-
-    if( PSA_ERROR_DOES_NOT_EXIST == status ) /* No seed exists */
-    {
-        status = psa_its_set( PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0 );
-    }
-    else if( PSA_SUCCESS == status )
-    {
-        /* You should not be here. Seed needs to be injected only once */
-        status = PSA_ERROR_NOT_PERMITTED;
-    }
-    return( status );
-}
-#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
-
-
-
-/****************************************************************/
-/* The end */
-/****************************************************************/
-
-#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/psa_crypto_storage.h b/3rdparty/mbedtls-2.25.0/library/psa_crypto_storage.h
deleted file mode 100644
index fbc94fc..0000000
--- a/3rdparty/mbedtls-2.25.0/library/psa_crypto_storage.h
+++ /dev/null
@@ -1,389 +0,0 @@
-/**
- * \file psa_crypto_storage.h
- *
- * \brief PSA cryptography module: Mbed TLS key storage
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_STORAGE_H
-#define PSA_CRYPTO_STORAGE_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include "psa/crypto.h"
-#include "psa/crypto_se_driver.h"
-
-#include <stdint.h>
-#include <string.h>
-
-/* Limit the maximum key size in storage. This should have no effect
- * since the key size is limited in memory. */
-#define PSA_CRYPTO_MAX_STORAGE_SIZE ( PSA_BITS_TO_BYTES( PSA_MAX_KEY_BITS ) )
-/* Sanity check: a file size must fit in 32 bits. Allow a generous
- * 64kB of metadata. */
-#if PSA_CRYPTO_MAX_STORAGE_SIZE > 0xffff0000
-#error PSA_CRYPTO_MAX_STORAGE_SIZE > 0xffff0000
-#endif
-
-/** The maximum permitted persistent slot number.
- *
- * In Mbed Crypto 0.1.0b:
- * - Using the file backend, all key ids are ok except 0.
- * - Using the ITS backend, all key ids are ok except 0xFFFFFF52
- *   (#PSA_CRYPTO_ITS_RANDOM_SEED_UID) for which the file contains the
- *   device's random seed (if this feature is enabled).
- * - Only key ids from 1 to #PSA_KEY_SLOT_COUNT are actually used.
- *
- * Since we need to preserve the random seed, avoid using that key slot.
- * Reserve a whole range of key slots just in case something else comes up.
- *
- * This limitation will probably become moot when we implement client
- * separation for key storage.
- */
-#define PSA_MAX_PERSISTENT_KEY_IDENTIFIER PSA_KEY_ID_VENDOR_MAX
-
-/**
- * \brief Checks if persistent data is stored for the given key slot number
- *
- * This function checks if any key data or metadata exists for the key slot in
- * the persistent storage.
- *
- * \param key           Persistent identifier to check.
- *
- * \retval 0
- *         No persistent data present for slot number
- * \retval 1
- *         Persistent data present for slot number
- */
-int psa_is_key_present_in_storage( const mbedtls_svc_key_id_t key );
-
-/**
- * \brief Format key data and metadata and save to a location for given key
- *        slot.
- *
- * This function formats the key data and metadata and saves it to a
- * persistent storage backend. The storage location corresponding to the
- * key slot must be empty, otherwise this function will fail. This function
- * should be called after loading the key into an internal slot to ensure the
- * persistent key is not saved into a storage location corresponding to an
- * already occupied non-persistent key, as well as ensuring the key data is
- * validated.
- *
- *
- * \param[in] attr          The attributes of the key to save.
- *                          The key identifier field in the attributes
- *                          determines the key's location.
- * \param[in] data          Buffer containing the key data.
- * \param data_length       The number of bytes that make up the key data.
- *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_ALREADY_EXISTS
- */
-psa_status_t psa_save_persistent_key( const psa_core_key_attributes_t *attr,
-                                      const uint8_t *data,
-                                      const size_t data_length );
-
-/**
- * \brief Parses key data and metadata and load persistent key for given
- * key slot number.
- *
- * This function reads from a storage backend, parses the key data and
- * metadata and writes them to the appropriate output parameters.
- *
- * Note: This function allocates a buffer and returns a pointer to it through
- * the data parameter. psa_free_persistent_key_data() must be called after
- * this function to zeroize and free this buffer, regardless of whether this
- * function succeeds or fails.
- *
- * \param[in,out] attr      On input, the key identifier field identifies
- *                          the key to load. Other fields are ignored.
- *                          On success, the attribute structure contains
- *                          the key metadata that was loaded from storage.
- * \param[out] data         Pointer to an allocated key data buffer on return.
- * \param[out] data_length  The number of bytes that make up the key data.
- *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_DOES_NOT_EXIST
- */
-psa_status_t psa_load_persistent_key( psa_core_key_attributes_t *attr,
-                                      uint8_t **data,
-                                      size_t *data_length );
-
-/**
- * \brief Remove persistent data for the given key slot number.
- *
- * \param key           Persistent identifier of the key to remove
- *                      from persistent storage.
- *
- * \retval #PSA_SUCCESS
- *         The key was successfully removed,
- *         or the key did not exist.
- * \retval #PSA_ERROR_STORAGE_FAILURE
- */
-psa_status_t psa_destroy_persistent_key( const mbedtls_svc_key_id_t key );
-
-/**
- * \brief Free the temporary buffer allocated by psa_load_persistent_key().
- *
- * This function must be called at some point after psa_load_persistent_key()
- * to zeroize and free the memory allocated to the buffer in that function.
- *
- * \param key_data        Buffer for the key data.
- * \param key_data_length Size of the key data buffer.
- *
- */
-void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length );
-
-/**
- * \brief Formats key data and metadata for persistent storage
- *
- * \param[in] data          Buffer containing the key data.
- * \param data_length       Length of the key data buffer.
- * \param[in] attr          The core attributes of the key.
- * \param[out] storage_data Output buffer for the formatted data.
- *
- */
-void psa_format_key_data_for_storage( const uint8_t *data,
-                                      const size_t data_length,
-                                      const psa_core_key_attributes_t *attr,
-                                      uint8_t *storage_data );
-
-/**
- * \brief Parses persistent storage data into key data and metadata
- *
- * \param[in] storage_data     Buffer for the storage data.
- * \param storage_data_length  Length of the storage data buffer
- * \param[out] key_data        On output, pointer to a newly allocated buffer
- *                             containing the key data. This must be freed
- *                             using psa_free_persistent_key_data()
- * \param[out] key_data_length Length of the key data buffer
- * \param[out] attr            On success, the attribute structure is filled
- *                             with the loaded key metadata.
- *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_STORAGE_FAILURE
- */
-psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data,
-                                              size_t storage_data_length,
-                                              uint8_t **key_data,
-                                              size_t *key_data_length,
-                                              psa_core_key_attributes_t *attr );
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-/** This symbol is defined if transaction support is required. */
-#define PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS
-#endif
-
-#if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS)
-
-/** The type of transaction that is in progress.
- */
-/* This is an integer type rather than an enum for two reasons: to support
- * unknown values when loading a transaction file, and to ensure that the
- * type has a known size.
- */
-typedef uint16_t psa_crypto_transaction_type_t;
-
-/** No transaction is in progress.
- *
- * This has the value 0, so zero-initialization sets a transaction's type to
- * this value.
- */
-#define PSA_CRYPTO_TRANSACTION_NONE             ( (psa_crypto_transaction_type_t) 0x0000 )
-
-/** A key creation transaction.
- *
- * This is only used for keys in an external cryptoprocessor (secure element).
- * Keys in RAM or in internal storage are created atomically in storage
- * (simple file creation), so they do not need a transaction mechanism.
- */
-#define PSA_CRYPTO_TRANSACTION_CREATE_KEY       ( (psa_crypto_transaction_type_t) 0x0001 )
-
-/** A key destruction transaction.
- *
- * This is only used for keys in an external cryptoprocessor (secure element).
- * Keys in RAM or in internal storage are destroyed atomically in storage
- * (simple file deletion), so they do not need a transaction mechanism.
- */
-#define PSA_CRYPTO_TRANSACTION_DESTROY_KEY      ( (psa_crypto_transaction_type_t) 0x0002 )
-
-/** Transaction data.
- *
- * This type is designed to be serialized by writing the memory representation
- * and reading it back on the same device.
- *
- * \note The transaction mechanism is designed for a single active transaction
- *       at a time. The transaction object is #psa_crypto_transaction.
- *
- * \note If an API call starts a transaction, it must complete this transaction
- *       before returning to the application.
- *
- * The lifetime of a transaction is the following (note that only one
- * transaction may be active at a time):
- *
- * -# Call psa_crypto_prepare_transaction() to initialize the transaction
- *    object in memory and declare the type of transaction that is starting.
- * -# Fill in the type-specific fields of #psa_crypto_transaction.
- * -# Call psa_crypto_save_transaction() to start the transaction. This
- *    saves the transaction data to internal storage.
- * -# Perform the work of the transaction by modifying files, contacting
- *    external entities, or whatever needs doing. Note that the transaction
- *    may be interrupted by a power failure, so you need to have a way
- *    recover from interruptions either by undoing what has been done
- *    so far or by resuming where you left off.
- * -# If there are intermediate stages in the transaction, update
- *    the fields of #psa_crypto_transaction and call
- *    psa_crypto_save_transaction() again when each stage is reached.
- * -# When the transaction is over, call psa_crypto_stop_transaction() to
- *    remove the transaction data in storage and in memory.
- *
- * If the system crashes while a transaction is in progress, psa_crypto_init()
- * calls psa_crypto_load_transaction() and takes care of completing or
- * rewinding the transaction. This is done in psa_crypto_recover_transaction()
- * in psa_crypto.c. If you add a new type of transaction, be
- * sure to add code for it in psa_crypto_recover_transaction().
- */
-typedef union
-{
-    /* Each element of this union must have the following properties
-     * to facilitate serialization and deserialization:
-     *
-     * - The element is a struct.
-     * - The first field of the struct is `psa_crypto_transaction_type_t type`.
-     * - Elements of the struct are arranged such a way that there is
-     *   no padding.
-     */
-    struct psa_crypto_transaction_unknown_s
-    {
-        psa_crypto_transaction_type_t type;
-        uint16_t unused1;
-        uint32_t unused2;
-        uint64_t unused3;
-        uint64_t unused4;
-    } unknown;
-    /* ::type is #PSA_CRYPTO_TRANSACTION_CREATE_KEY or
-     * #PSA_CRYPTO_TRANSACTION_DESTROY_KEY. */
-    struct psa_crypto_transaction_key_s
-    {
-        psa_crypto_transaction_type_t type;
-        uint16_t unused1;
-        psa_key_lifetime_t lifetime;
-        psa_key_slot_number_t slot;
-        mbedtls_svc_key_id_t id;
-    } key;
-} psa_crypto_transaction_t;
-
-/** The single active transaction.
- */
-extern psa_crypto_transaction_t psa_crypto_transaction;
-
-/** Prepare for a transaction.
- *
- * There must not be an ongoing transaction.
- *
- * \param type          The type of transaction to start.
- */
-static inline void psa_crypto_prepare_transaction(
-    psa_crypto_transaction_type_t type )
-{
-    psa_crypto_transaction.unknown.type = type;
-}
-
-/** Save the transaction data to storage.
- *
- * You may call this function multiple times during a transaction to
- * atomically update the transaction state.
- *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
- * \retval #PSA_ERROR_STORAGE_FAILURE
- */
-psa_status_t psa_crypto_save_transaction( void );
-
-/** Load the transaction data from storage, if any.
- *
- * This function is meant to be called from psa_crypto_init() to recover
- * in case a transaction was interrupted by a system crash.
- *
- * \retval #PSA_SUCCESS
- *         The data about the ongoing transaction has been loaded to
- *         #psa_crypto_transaction.
- * \retval #PSA_ERROR_DOES_NOT_EXIST
- *         There is no ongoing transaction.
- * \retval #PSA_ERROR_STORAGE_FAILURE
- */
-psa_status_t psa_crypto_load_transaction( void );
-
-/** Indicate that the current transaction is finished.
- *
- * Call this function at the very end of transaction processing.
- * This function does not "commit" or "abort" the transaction: the storage
- * subsystem has no concept of "commit" and "abort", just saving and
- * removing the transaction information in storage.
- *
- * This function erases the transaction data in storage (if any) and
- * resets the transaction data in memory.
- *
- * \retval #PSA_SUCCESS
- *         There was transaction data in storage.
- * \retval #PSA_ERROR_DOES_NOT_EXIST
- *         There was no transaction data in storage.
- * \retval #PSA_ERROR_STORAGE_FAILURE
- *         It was impossible to determine whether there was transaction data
- *         in storage, or the transaction data could not be erased.
- */
-psa_status_t psa_crypto_stop_transaction( void );
-
-/** The ITS file identifier for the transaction data.
- *
- * 0xffffffNN = special file; 0x74 = 't' for transaction.
- */
-#define PSA_CRYPTO_ITS_TRANSACTION_UID ( (psa_key_id_t) 0xffffff74 )
-
-#endif /* PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS */
-
-#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
-/** Backend side of mbedtls_psa_inject_entropy().
- *
- * This function stores the supplied data into the entropy seed file.
- *
- * \retval #PSA_SUCCESS
- *         Success
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
- * \retval #PSA_ERROR_NOT_PERMITTED
- *         The entropy seed file already exists.
- */
-psa_status_t mbedtls_psa_storage_inject_entropy( const unsigned char *seed,
-                                                 size_t seed_size );
-#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* PSA_CRYPTO_STORAGE_H */
diff --git a/3rdparty/mbedtls-2.25.0/library/psa_its_file.c b/3rdparty/mbedtls-2.25.0/library/psa_its_file.c
deleted file mode 100644
index 2fbff20..0000000
--- a/3rdparty/mbedtls-2.25.0/library/psa_its_file.c
+++ /dev/null
@@ -1,259 +0,0 @@
-/*
- *  PSA ITS simulator over stdio files.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if defined(MBEDTLS_CONFIG_FILE)
-#include MBEDTLS_CONFIG_FILE
-#else
-#include "mbedtls/config.h"
-#endif
-
-#if defined(MBEDTLS_PSA_ITS_FILE_C)
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#define mbedtls_snprintf   snprintf
-#endif
-
-#if defined(_WIN32)
-#include <windows.h>
-#endif
-
-#include "psa_crypto_its.h"
-
-#include <limits.h>
-#include <stdint.h>
-#include <stdio.h>
-#include <string.h>
-
-#if !defined(PSA_ITS_STORAGE_PREFIX)
-#define PSA_ITS_STORAGE_PREFIX ""
-#endif
-
-#define PSA_ITS_STORAGE_FILENAME_PATTERN "%08lx%08lx"
-#define PSA_ITS_STORAGE_SUFFIX ".psa_its"
-#define PSA_ITS_STORAGE_FILENAME_LENGTH         \
-    ( sizeof( PSA_ITS_STORAGE_PREFIX ) - 1 + /*prefix without terminating 0*/ \
-      16 + /*UID (64-bit number in hex)*/                               \
-      sizeof( PSA_ITS_STORAGE_SUFFIX ) - 1 + /*suffix without terminating 0*/ \
-      1 /*terminating null byte*/ )
-#define PSA_ITS_STORAGE_TEMP \
-    PSA_ITS_STORAGE_PREFIX "tempfile" PSA_ITS_STORAGE_SUFFIX
-
-/* The maximum value of psa_storage_info_t.size */
-#define PSA_ITS_MAX_SIZE 0xffffffff
-
-#define PSA_ITS_MAGIC_STRING "PSA\0ITS\0"
-#define PSA_ITS_MAGIC_LENGTH 8
-
-/* As rename fails on Windows if the new filepath already exists,
- * use MoveFileExA with the MOVEFILE_REPLACE_EXISTING flag instead.
- * Returns 0 on success, nonzero on failure. */
-#if defined(_WIN32)
-#define rename_replace_existing( oldpath, newpath ) \
-    ( ! MoveFileExA( oldpath, newpath, MOVEFILE_REPLACE_EXISTING ) )
-#else
-#define rename_replace_existing( oldpath, newpath ) rename( oldpath, newpath )
-#endif
-
-typedef struct
-{
-    uint8_t magic[PSA_ITS_MAGIC_LENGTH];
-    uint8_t size[sizeof( uint32_t )];
-    uint8_t flags[sizeof( psa_storage_create_flags_t )];
-} psa_its_file_header_t;
-
-static void psa_its_fill_filename( psa_storage_uid_t uid, char *filename )
-{
-    /* Break up the UID into two 32-bit pieces so as not to rely on
-     * long long support in snprintf. */
-    mbedtls_snprintf( filename, PSA_ITS_STORAGE_FILENAME_LENGTH,
-                      "%s" PSA_ITS_STORAGE_FILENAME_PATTERN "%s",
-                      PSA_ITS_STORAGE_PREFIX,
-                      (unsigned long) ( uid >> 32 ),
-                      (unsigned long) ( uid & 0xffffffff ),
-                      PSA_ITS_STORAGE_SUFFIX );
-}
-
-static psa_status_t psa_its_read_file( psa_storage_uid_t uid,
-                                       struct psa_storage_info_t *p_info,
-                                       FILE **p_stream )
-{
-    char filename[PSA_ITS_STORAGE_FILENAME_LENGTH];
-    psa_its_file_header_t header;
-    size_t n;
-
-    *p_stream = NULL;
-    psa_its_fill_filename( uid, filename );
-    *p_stream = fopen( filename, "rb" );
-    if( *p_stream == NULL )
-        return( PSA_ERROR_DOES_NOT_EXIST );
-
-    n = fread( &header, 1, sizeof( header ), *p_stream );
-    if( n != sizeof( header ) )
-        return( PSA_ERROR_DATA_CORRUPT );
-    if( memcmp( header.magic, PSA_ITS_MAGIC_STRING,
-                PSA_ITS_MAGIC_LENGTH ) != 0 )
-        return( PSA_ERROR_DATA_CORRUPT );
-
-    p_info->size = ( header.size[0] |
-                     header.size[1] << 8 |
-                     header.size[2] << 16 |
-                     header.size[3] << 24 );
-    p_info->flags = ( header.flags[0] |
-                      header.flags[1] << 8 |
-                      header.flags[2] << 16 |
-                      header.flags[3] << 24 );
-    return( PSA_SUCCESS );
-}
-
-psa_status_t psa_its_get_info( psa_storage_uid_t uid,
-                               struct psa_storage_info_t *p_info )
-{
-    psa_status_t status;
-    FILE *stream = NULL;
-    status = psa_its_read_file( uid, p_info, &stream );
-    if( stream != NULL )
-        fclose( stream );
-    return( status );
-}
-
-psa_status_t psa_its_get( psa_storage_uid_t uid,
-                          uint32_t data_offset,
-                          uint32_t data_length,
-                          void *p_data,
-                          size_t *p_data_length )
-{
-    psa_status_t status;
-    FILE *stream = NULL;
-    size_t n;
-    struct psa_storage_info_t info;
-
-    status = psa_its_read_file( uid, &info, &stream );
-    if( status != PSA_SUCCESS )
-        goto exit;
-    status = PSA_ERROR_INVALID_ARGUMENT;
-    if( data_offset + data_length < data_offset )
-        goto exit;
-#if SIZE_MAX < 0xffffffff
-    if( data_offset + data_length > SIZE_MAX )
-        goto exit;
-#endif
-    if( data_offset + data_length > info.size )
-        goto exit;
-
-    status = PSA_ERROR_STORAGE_FAILURE;
-#if LONG_MAX < 0xffffffff
-    while( data_offset > LONG_MAX )
-    {
-        if( fseek( stream, LONG_MAX, SEEK_CUR ) != 0 )
-            goto exit;
-        data_offset -= LONG_MAX;
-    }
-#endif
-    if( fseek( stream, data_offset, SEEK_CUR ) != 0 )
-        goto exit;
-    n = fread( p_data, 1, data_length, stream );
-    if( n != data_length )
-        goto exit;
-    status = PSA_SUCCESS;
-    if( p_data_length != NULL )
-        *p_data_length = n;
-
-exit:
-    if( stream != NULL )
-        fclose( stream );
-    return( status );
-}
-
-psa_status_t psa_its_set( psa_storage_uid_t uid,
-                          uint32_t data_length,
-                          const void *p_data,
-                          psa_storage_create_flags_t create_flags )
-{
-    psa_status_t status = PSA_ERROR_STORAGE_FAILURE;
-    char filename[PSA_ITS_STORAGE_FILENAME_LENGTH];
-    FILE *stream = NULL;
-    psa_its_file_header_t header;
-    size_t n;
-
-    memcpy( header.magic, PSA_ITS_MAGIC_STRING, PSA_ITS_MAGIC_LENGTH );
-    header.size[0] = data_length & 0xff;
-    header.size[1] = ( data_length >> 8 ) & 0xff;
-    header.size[2] = ( data_length >> 16 ) & 0xff;
-    header.size[3] = ( data_length >> 24 ) & 0xff;
-    header.flags[0] = create_flags & 0xff;
-    header.flags[1] = ( create_flags >> 8 ) & 0xff;
-    header.flags[2] = ( create_flags >> 16 ) & 0xff;
-    header.flags[3] = ( create_flags >> 24 ) & 0xff;
-
-    psa_its_fill_filename( uid, filename );
-    stream = fopen( PSA_ITS_STORAGE_TEMP, "wb" );
-    if( stream == NULL )
-        goto exit;
-
-    status = PSA_ERROR_INSUFFICIENT_STORAGE;
-    n = fwrite( &header, 1, sizeof( header ), stream );
-    if( n != sizeof( header ) )
-        goto exit;
-    if( data_length != 0 )
-    {
-        n = fwrite( p_data, 1, data_length, stream );
-        if( n != data_length )
-            goto exit;
-    }
-    status = PSA_SUCCESS;
-
-exit:
-    if( stream != NULL )
-    {
-        int ret = fclose( stream );
-        if( status == PSA_SUCCESS && ret != 0 )
-            status = PSA_ERROR_INSUFFICIENT_STORAGE;
-    }
-    if( status == PSA_SUCCESS )
-    {
-        if( rename_replace_existing( PSA_ITS_STORAGE_TEMP, filename ) != 0 )
-            status = PSA_ERROR_STORAGE_FAILURE;
-    }
-    /* The temporary file may still exist, but only in failure cases where
-     * we're already reporting an error. So there's nothing we can do on
-     * failure. If the function succeeded, and in some error cases, the
-     * temporary file doesn't exist and so remove() is expected to fail.
-     * Thus we just ignore the return status of remove(). */
-    (void) remove( PSA_ITS_STORAGE_TEMP );
-    return( status );
-}
-
-psa_status_t psa_its_remove( psa_storage_uid_t uid )
-{
-    char filename[PSA_ITS_STORAGE_FILENAME_LENGTH];
-    FILE *stream;
-    psa_its_fill_filename( uid, filename );
-    stream = fopen( filename, "rb" );
-    if( stream == NULL )
-        return( PSA_ERROR_DOES_NOT_EXIST );
-    fclose( stream );
-    if( remove( filename ) != 0 )
-        return( PSA_ERROR_STORAGE_FAILURE );
-    return( PSA_SUCCESS );
-}
-
-#endif /* MBEDTLS_PSA_ITS_FILE_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/ripemd160.c b/3rdparty/mbedtls-2.25.0/library/ripemd160.c
deleted file mode 100644
index ae4dee4..0000000
--- a/3rdparty/mbedtls-2.25.0/library/ripemd160.c
+++ /dev/null
@@ -1,559 +0,0 @@
-/*
- *  RIPE MD-160 implementation
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- *  The RIPEMD-160 algorithm was designed by RIPE in 1996
- *  http://homes.esat.kuleuven.be/~bosselae/mbedtls_ripemd160.html
- *  http://ehash.iaik.tugraz.at/wiki/RIPEMD-160
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_RIPEMD160_C)
-
-#include "mbedtls/ripemd160.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_RIPEMD160_ALT)
-
-/*
- * 32-bit integer manipulation macros (little endian)
- */
-#ifndef GET_UINT32_LE
-#define GET_UINT32_LE(n,b,i)                            \
-{                                                       \
-    (n) = ( (uint32_t) (b)[(i)    ]       )             \
-        | ( (uint32_t) (b)[(i) + 1] <<  8 )             \
-        | ( (uint32_t) (b)[(i) + 2] << 16 )             \
-        | ( (uint32_t) (b)[(i) + 3] << 24 );            \
-}
-#endif
-
-#ifndef PUT_UINT32_LE
-#define PUT_UINT32_LE(n,b,i)                                    \
-{                                                               \
-    (b)[(i)    ] = (unsigned char) ( ( (n)       ) & 0xFF );    \
-    (b)[(i) + 1] = (unsigned char) ( ( (n) >>  8 ) & 0xFF );    \
-    (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF );    \
-    (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF );    \
-}
-#endif
-
-void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx )
-{
-    memset( ctx, 0, sizeof( mbedtls_ripemd160_context ) );
-}
-
-void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ripemd160_context ) );
-}
-
-void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst,
-                        const mbedtls_ripemd160_context *src )
-{
-    *dst = *src;
-}
-
-/*
- * RIPEMD-160 context setup
- */
-int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx )
-{
-    ctx->total[0] = 0;
-    ctx->total[1] = 0;
-
-    ctx->state[0] = 0x67452301;
-    ctx->state[1] = 0xEFCDAB89;
-    ctx->state[2] = 0x98BADCFE;
-    ctx->state[3] = 0x10325476;
-    ctx->state[4] = 0xC3D2E1F0;
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx )
-{
-    mbedtls_ripemd160_starts_ret( ctx );
-}
-#endif
-
-#if !defined(MBEDTLS_RIPEMD160_PROCESS_ALT)
-/*
- * Process one block
- */
-int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
-                                        const unsigned char data[64] )
-{
-    struct
-    {
-        uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16];
-    } local;
-
-    GET_UINT32_LE( local.X[ 0], data,  0 );
-    GET_UINT32_LE( local.X[ 1], data,  4 );
-    GET_UINT32_LE( local.X[ 2], data,  8 );
-    GET_UINT32_LE( local.X[ 3], data, 12 );
-    GET_UINT32_LE( local.X[ 4], data, 16 );
-    GET_UINT32_LE( local.X[ 5], data, 20 );
-    GET_UINT32_LE( local.X[ 6], data, 24 );
-    GET_UINT32_LE( local.X[ 7], data, 28 );
-    GET_UINT32_LE( local.X[ 8], data, 32 );
-    GET_UINT32_LE( local.X[ 9], data, 36 );
-    GET_UINT32_LE( local.X[10], data, 40 );
-    GET_UINT32_LE( local.X[11], data, 44 );
-    GET_UINT32_LE( local.X[12], data, 48 );
-    GET_UINT32_LE( local.X[13], data, 52 );
-    GET_UINT32_LE( local.X[14], data, 56 );
-    GET_UINT32_LE( local.X[15], data, 60 );
-
-    local.A = local.Ap = ctx->state[0];
-    local.B = local.Bp = ctx->state[1];
-    local.C = local.Cp = ctx->state[2];
-    local.D = local.Dp = ctx->state[3];
-    local.E = local.Ep = ctx->state[4];
-
-#define F1( x, y, z )   ( (x) ^ (y) ^ (z) )
-#define F2( x, y, z )   ( ( (x) & (y) ) | ( ~(x) & (z) ) )
-#define F3( x, y, z )   ( ( (x) | ~(y) ) ^ (z) )
-#define F4( x, y, z )   ( ( (x) & (z) ) | ( (y) & ~(z) ) )
-#define F5( x, y, z )   ( (x) ^ ( (y) | ~(z) ) )
-
-#define S( x, n ) ( ( (x) << (n) ) | ( (x) >> (32 - (n)) ) )
-
-#define P( a, b, c, d, e, r, s, f, k )                      \
-    do                                                      \
-    {                                                       \
-        (a) += f( (b), (c), (d) ) + local.X[r] + (k);       \
-        (a) = S( (a), (s) ) + (e);                          \
-        (c) = S( (c), 10 );                                 \
-    } while( 0 )
-
-#define P2( a, b, c, d, e, r, s, rp, sp )                               \
-    do                                                                  \
-    {                                                                   \
-        P( (a), (b), (c), (d), (e), (r), (s), F, K );                   \
-        P( a ## p, b ## p, c ## p, d ## p, e ## p,                      \
-           (rp), (sp), Fp, Kp );                                        \
-    } while( 0 )
-
-#define F   F1
-#define K   0x00000000
-#define Fp  F5
-#define Kp  0x50A28BE6
-    P2( local.A, local.B, local.C, local.D, local.E,  0, 11,  5,  8 );
-    P2( local.E, local.A, local.B, local.C, local.D,  1, 14, 14,  9 );
-    P2( local.D, local.E, local.A, local.B, local.C,  2, 15,  7,  9 );
-    P2( local.C, local.D, local.E, local.A, local.B,  3, 12,  0, 11 );
-    P2( local.B, local.C, local.D, local.E, local.A,  4,  5,  9, 13 );
-    P2( local.A, local.B, local.C, local.D, local.E,  5,  8,  2, 15 );
-    P2( local.E, local.A, local.B, local.C, local.D,  6,  7, 11, 15 );
-    P2( local.D, local.E, local.A, local.B, local.C,  7,  9,  4,  5 );
-    P2( local.C, local.D, local.E, local.A, local.B,  8, 11, 13,  7 );
-    P2( local.B, local.C, local.D, local.E, local.A,  9, 13,  6,  7 );
-    P2( local.A, local.B, local.C, local.D, local.E, 10, 14, 15,  8 );
-    P2( local.E, local.A, local.B, local.C, local.D, 11, 15,  8, 11 );
-    P2( local.D, local.E, local.A, local.B, local.C, 12,  6,  1, 14 );
-    P2( local.C, local.D, local.E, local.A, local.B, 13,  7, 10, 14 );
-    P2( local.B, local.C, local.D, local.E, local.A, 14,  9,  3, 12 );
-    P2( local.A, local.B, local.C, local.D, local.E, 15,  8, 12,  6 );
-#undef F
-#undef K
-#undef Fp
-#undef Kp
-
-#define F   F2
-#define K   0x5A827999
-#define Fp  F4
-#define Kp  0x5C4DD124
-    P2( local.E, local.A, local.B, local.C, local.D,  7,  7,  6,  9 );
-    P2( local.D, local.E, local.A, local.B, local.C,  4,  6, 11, 13 );
-    P2( local.C, local.D, local.E, local.A, local.B, 13,  8,  3, 15 );
-    P2( local.B, local.C, local.D, local.E, local.A,  1, 13,  7,  7 );
-    P2( local.A, local.B, local.C, local.D, local.E, 10, 11,  0, 12 );
-    P2( local.E, local.A, local.B, local.C, local.D,  6,  9, 13,  8 );
-    P2( local.D, local.E, local.A, local.B, local.C, 15,  7,  5,  9 );
-    P2( local.C, local.D, local.E, local.A, local.B,  3, 15, 10, 11 );
-    P2( local.B, local.C, local.D, local.E, local.A, 12,  7, 14,  7 );
-    P2( local.A, local.B, local.C, local.D, local.E,  0, 12, 15,  7 );
-    P2( local.E, local.A, local.B, local.C, local.D,  9, 15,  8, 12 );
-    P2( local.D, local.E, local.A, local.B, local.C,  5,  9, 12,  7 );
-    P2( local.C, local.D, local.E, local.A, local.B,  2, 11,  4,  6 );
-    P2( local.B, local.C, local.D, local.E, local.A, 14,  7,  9, 15 );
-    P2( local.A, local.B, local.C, local.D, local.E, 11, 13,  1, 13 );
-    P2( local.E, local.A, local.B, local.C, local.D,  8, 12,  2, 11 );
-#undef F
-#undef K
-#undef Fp
-#undef Kp
-
-#define F   F3
-#define K   0x6ED9EBA1
-#define Fp  F3
-#define Kp  0x6D703EF3
-    P2( local.D, local.E, local.A, local.B, local.C,  3, 11, 15,  9 );
-    P2( local.C, local.D, local.E, local.A, local.B, 10, 13,  5,  7 );
-    P2( local.B, local.C, local.D, local.E, local.A, 14,  6,  1, 15 );
-    P2( local.A, local.B, local.C, local.D, local.E,  4,  7,  3, 11 );
-    P2( local.E, local.A, local.B, local.C, local.D,  9, 14,  7,  8 );
-    P2( local.D, local.E, local.A, local.B, local.C, 15,  9, 14,  6 );
-    P2( local.C, local.D, local.E, local.A, local.B,  8, 13,  6,  6 );
-    P2( local.B, local.C, local.D, local.E, local.A,  1, 15,  9, 14 );
-    P2( local.A, local.B, local.C, local.D, local.E,  2, 14, 11, 12 );
-    P2( local.E, local.A, local.B, local.C, local.D,  7,  8,  8, 13 );
-    P2( local.D, local.E, local.A, local.B, local.C,  0, 13, 12,  5 );
-    P2( local.C, local.D, local.E, local.A, local.B,  6,  6,  2, 14 );
-    P2( local.B, local.C, local.D, local.E, local.A, 13,  5, 10, 13 );
-    P2( local.A, local.B, local.C, local.D, local.E, 11, 12,  0, 13 );
-    P2( local.E, local.A, local.B, local.C, local.D,  5,  7,  4,  7 );
-    P2( local.D, local.E, local.A, local.B, local.C, 12,  5, 13,  5 );
-#undef F
-#undef K
-#undef Fp
-#undef Kp
-
-#define F   F4
-#define K   0x8F1BBCDC
-#define Fp  F2
-#define Kp  0x7A6D76E9
-    P2( local.C, local.D, local.E, local.A, local.B,  1, 11,  8, 15 );
-    P2( local.B, local.C, local.D, local.E, local.A,  9, 12,  6,  5 );
-    P2( local.A, local.B, local.C, local.D, local.E, 11, 14,  4,  8 );
-    P2( local.E, local.A, local.B, local.C, local.D, 10, 15,  1, 11 );
-    P2( local.D, local.E, local.A, local.B, local.C,  0, 14,  3, 14 );
-    P2( local.C, local.D, local.E, local.A, local.B,  8, 15, 11, 14 );
-    P2( local.B, local.C, local.D, local.E, local.A, 12,  9, 15,  6 );
-    P2( local.A, local.B, local.C, local.D, local.E,  4,  8,  0, 14 );
-    P2( local.E, local.A, local.B, local.C, local.D, 13,  9,  5,  6 );
-    P2( local.D, local.E, local.A, local.B, local.C,  3, 14, 12,  9 );
-    P2( local.C, local.D, local.E, local.A, local.B,  7,  5,  2, 12 );
-    P2( local.B, local.C, local.D, local.E, local.A, 15,  6, 13,  9 );
-    P2( local.A, local.B, local.C, local.D, local.E, 14,  8,  9, 12 );
-    P2( local.E, local.A, local.B, local.C, local.D,  5,  6,  7,  5 );
-    P2( local.D, local.E, local.A, local.B, local.C,  6,  5, 10, 15 );
-    P2( local.C, local.D, local.E, local.A, local.B,  2, 12, 14,  8 );
-#undef F
-#undef K
-#undef Fp
-#undef Kp
-
-#define F   F5
-#define K   0xA953FD4E
-#define Fp  F1
-#define Kp  0x00000000
-    P2( local.B, local.C, local.D, local.E, local.A,  4,  9, 12,  8 );
-    P2( local.A, local.B, local.C, local.D, local.E,  0, 15, 15,  5 );
-    P2( local.E, local.A, local.B, local.C, local.D,  5,  5, 10, 12 );
-    P2( local.D, local.E, local.A, local.B, local.C,  9, 11,  4,  9 );
-    P2( local.C, local.D, local.E, local.A, local.B,  7,  6,  1, 12 );
-    P2( local.B, local.C, local.D, local.E, local.A, 12,  8,  5,  5 );
-    P2( local.A, local.B, local.C, local.D, local.E,  2, 13,  8, 14 );
-    P2( local.E, local.A, local.B, local.C, local.D, 10, 12,  7,  6 );
-    P2( local.D, local.E, local.A, local.B, local.C, 14,  5,  6,  8 );
-    P2( local.C, local.D, local.E, local.A, local.B,  1, 12,  2, 13 );
-    P2( local.B, local.C, local.D, local.E, local.A,  3, 13, 13,  6 );
-    P2( local.A, local.B, local.C, local.D, local.E,  8, 14, 14,  5 );
-    P2( local.E, local.A, local.B, local.C, local.D, 11, 11,  0, 15 );
-    P2( local.D, local.E, local.A, local.B, local.C,  6,  8,  3, 13 );
-    P2( local.C, local.D, local.E, local.A, local.B, 15,  5,  9, 11 );
-    P2( local.B, local.C, local.D, local.E, local.A, 13,  6, 11, 11 );
-#undef F
-#undef K
-#undef Fp
-#undef Kp
-
-    local.C       = ctx->state[1] + local.C + local.Dp;
-    ctx->state[1] = ctx->state[2] + local.D + local.Ep;
-    ctx->state[2] = ctx->state[3] + local.E + local.Ap;
-    ctx->state[3] = ctx->state[4] + local.A + local.Bp;
-    ctx->state[4] = ctx->state[0] + local.B + local.Cp;
-    ctx->state[0] = local.C;
-
-    /* Zeroise variables to clear sensitive data from memory. */
-    mbedtls_platform_zeroize( &local, sizeof( local ) );
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_ripemd160_process( mbedtls_ripemd160_context *ctx,
-                                const unsigned char data[64] )
-{
-    mbedtls_internal_ripemd160_process( ctx, data );
-}
-#endif
-#endif /* !MBEDTLS_RIPEMD160_PROCESS_ALT */
-
-/*
- * RIPEMD-160 process buffer
- */
-int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx,
-                                  const unsigned char *input,
-                                  size_t ilen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t fill;
-    uint32_t left;
-
-    if( ilen == 0 )
-        return( 0 );
-
-    left = ctx->total[0] & 0x3F;
-    fill = 64 - left;
-
-    ctx->total[0] += (uint32_t) ilen;
-    ctx->total[0] &= 0xFFFFFFFF;
-
-    if( ctx->total[0] < (uint32_t) ilen )
-        ctx->total[1]++;
-
-    if( left && ilen >= fill )
-    {
-        memcpy( (void *) (ctx->buffer + left), input, fill );
-
-        if( ( ret = mbedtls_internal_ripemd160_process( ctx, ctx->buffer ) ) != 0 )
-            return( ret );
-
-        input += fill;
-        ilen  -= fill;
-        left = 0;
-    }
-
-    while( ilen >= 64 )
-    {
-        if( ( ret = mbedtls_internal_ripemd160_process( ctx, input ) ) != 0 )
-            return( ret );
-
-        input += 64;
-        ilen  -= 64;
-    }
-
-    if( ilen > 0 )
-    {
-        memcpy( (void *) (ctx->buffer + left), input, ilen );
-    }
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx,
-                               const unsigned char *input,
-                               size_t ilen )
-{
-    mbedtls_ripemd160_update_ret( ctx, input, ilen );
-}
-#endif
-
-static const unsigned char ripemd160_padding[64] =
-{
- 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-};
-
-/*
- * RIPEMD-160 final digest
- */
-int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx,
-                                  unsigned char output[20] )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    uint32_t last, padn;
-    uint32_t high, low;
-    unsigned char msglen[8];
-
-    high = ( ctx->total[0] >> 29 )
-         | ( ctx->total[1] <<  3 );
-    low  = ( ctx->total[0] <<  3 );
-
-    PUT_UINT32_LE( low,  msglen, 0 );
-    PUT_UINT32_LE( high, msglen, 4 );
-
-    last = ctx->total[0] & 0x3F;
-    padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
-
-    ret = mbedtls_ripemd160_update_ret( ctx, ripemd160_padding, padn );
-    if( ret != 0 )
-        return( ret );
-
-    ret = mbedtls_ripemd160_update_ret( ctx, msglen, 8 );
-    if( ret != 0 )
-        return( ret );
-
-    PUT_UINT32_LE( ctx->state[0], output,  0 );
-    PUT_UINT32_LE( ctx->state[1], output,  4 );
-    PUT_UINT32_LE( ctx->state[2], output,  8 );
-    PUT_UINT32_LE( ctx->state[3], output, 12 );
-    PUT_UINT32_LE( ctx->state[4], output, 16 );
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx,
-                               unsigned char output[20] )
-{
-    mbedtls_ripemd160_finish_ret( ctx, output );
-}
-#endif
-
-#endif /* ! MBEDTLS_RIPEMD160_ALT */
-
-/*
- * output = RIPEMD-160( input buffer )
- */
-int mbedtls_ripemd160_ret( const unsigned char *input,
-                           size_t ilen,
-                           unsigned char output[20] )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ripemd160_context ctx;
-
-    mbedtls_ripemd160_init( &ctx );
-
-    if( ( ret = mbedtls_ripemd160_starts_ret( &ctx ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_ripemd160_update_ret( &ctx, input, ilen ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_ripemd160_finish_ret( &ctx, output ) ) != 0 )
-        goto exit;
-
-exit:
-    mbedtls_ripemd160_free( &ctx );
-
-    return( ret );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_ripemd160( const unsigned char *input,
-                        size_t ilen,
-                        unsigned char output[20] )
-{
-    mbedtls_ripemd160_ret( input, ilen, output );
-}
-#endif
-
-#if defined(MBEDTLS_SELF_TEST)
-/*
- * Test vectors from the RIPEMD-160 paper and
- * http://homes.esat.kuleuven.be/~bosselae/mbedtls_ripemd160.html#HMAC
- */
-#define TESTS   8
-static const unsigned char ripemd160_test_str[TESTS][81] =
-{
-    { "" },
-    { "a" },
-    { "abc" },
-    { "message digest" },
-    { "abcdefghijklmnopqrstuvwxyz" },
-    { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
-    { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
-    { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" },
-};
-
-static const size_t ripemd160_test_strlen[TESTS] =
-{
-    0, 1, 3, 14, 26, 56, 62, 80
-};
-
-static const unsigned char ripemd160_test_md[TESTS][20] =
-{
-    { 0x9c, 0x11, 0x85, 0xa5, 0xc5, 0xe9, 0xfc, 0x54, 0x61, 0x28,
-      0x08, 0x97, 0x7e, 0xe8, 0xf5, 0x48, 0xb2, 0x25, 0x8d, 0x31 },
-    { 0x0b, 0xdc, 0x9d, 0x2d, 0x25, 0x6b, 0x3e, 0xe9, 0xda, 0xae,
-      0x34, 0x7b, 0xe6, 0xf4, 0xdc, 0x83, 0x5a, 0x46, 0x7f, 0xfe },
-    { 0x8e, 0xb2, 0x08, 0xf7, 0xe0, 0x5d, 0x98, 0x7a, 0x9b, 0x04,
-      0x4a, 0x8e, 0x98, 0xc6, 0xb0, 0x87, 0xf1, 0x5a, 0x0b, 0xfc },
-    { 0x5d, 0x06, 0x89, 0xef, 0x49, 0xd2, 0xfa, 0xe5, 0x72, 0xb8,
-      0x81, 0xb1, 0x23, 0xa8, 0x5f, 0xfa, 0x21, 0x59, 0x5f, 0x36 },
-    { 0xf7, 0x1c, 0x27, 0x10, 0x9c, 0x69, 0x2c, 0x1b, 0x56, 0xbb,
-      0xdc, 0xeb, 0x5b, 0x9d, 0x28, 0x65, 0xb3, 0x70, 0x8d, 0xbc },
-    { 0x12, 0xa0, 0x53, 0x38, 0x4a, 0x9c, 0x0c, 0x88, 0xe4, 0x05,
-      0xa0, 0x6c, 0x27, 0xdc, 0xf4, 0x9a, 0xda, 0x62, 0xeb, 0x2b },
-    { 0xb0, 0xe2, 0x0b, 0x6e, 0x31, 0x16, 0x64, 0x02, 0x86, 0xed,
-      0x3a, 0x87, 0xa5, 0x71, 0x30, 0x79, 0xb2, 0x1f, 0x51, 0x89 },
-    { 0x9b, 0x75, 0x2e, 0x45, 0x57, 0x3d, 0x4b, 0x39, 0xf4, 0xdb,
-      0xd3, 0x32, 0x3c, 0xab, 0x82, 0xbf, 0x63, 0x32, 0x6b, 0xfb },
-};
-
-/*
- * Checkup routine
- */
-int mbedtls_ripemd160_self_test( int verbose )
-{
-    int i, ret = 0;
-    unsigned char output[20];
-
-    memset( output, 0, sizeof output );
-
-    for( i = 0; i < TESTS; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  RIPEMD-160 test #%d: ", i + 1 );
-
-        ret = mbedtls_ripemd160_ret( ripemd160_test_str[i],
-                                     ripemd160_test_strlen[i], output );
-        if( ret != 0 )
-            goto fail;
-
-        if( memcmp( output, ripemd160_test_md[i], 20 ) != 0 )
-        {
-            ret = 1;
-            goto fail;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-    return( 0 );
-
-fail:
-    if( verbose != 0 )
-        mbedtls_printf( "failed\n" );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_RIPEMD160_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/rsa.c b/3rdparty/mbedtls-2.25.0/library/rsa.c
deleted file mode 100644
index d6abd65..0000000
--- a/3rdparty/mbedtls-2.25.0/library/rsa.c
+++ /dev/null
@@ -1,2758 +0,0 @@
-/*
- *  The RSA public-key cryptosystem
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- *  The following sources were referenced in the design of this implementation
- *  of the RSA algorithm:
- *
- *  [1] A method for obtaining digital signatures and public-key cryptosystems
- *      R Rivest, A Shamir, and L Adleman
- *      http://people.csail.mit.edu/rivest/pubs.html#RSA78
- *
- *  [2] Handbook of Applied Cryptography - 1997, Chapter 8
- *      Menezes, van Oorschot and Vanstone
- *
- *  [3] Malware Guard Extension: Using SGX to Conceal Cache Attacks
- *      Michael Schwarz, Samuel Weiser, Daniel Gruss, Clémentine Maurice and
- *      Stefan Mangard
- *      https://arxiv.org/abs/1702.08719v2
- *
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_RSA_C)
-
-#include "mbedtls/rsa.h"
-#include "mbedtls/rsa_internal.h"
-#include "mbedtls/oid.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_PKCS1_V21)
-#include "mbedtls/md.h"
-#endif
-
-#if defined(MBEDTLS_PKCS1_V15) && !defined(__OpenBSD__) && !defined(__NetBSD__)
-#include <stdlib.h>
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#define mbedtls_calloc calloc
-#define mbedtls_free   free
-#endif
-
-#if !defined(MBEDTLS_RSA_ALT)
-
-/* Parameter validation macros */
-#define RSA_VALIDATE_RET( cond )                                       \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_RSA_BAD_INPUT_DATA )
-#define RSA_VALIDATE( cond )                                           \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
-
-#if defined(MBEDTLS_PKCS1_V15)
-/* constant-time buffer comparison */
-static inline int mbedtls_safer_memcmp( const void *a, const void *b, size_t n )
-{
-    size_t i;
-    const unsigned char *A = (const unsigned char *) a;
-    const unsigned char *B = (const unsigned char *) b;
-    unsigned char diff = 0;
-
-    for( i = 0; i < n; i++ )
-        diff |= A[i] ^ B[i];
-
-    return( diff );
-}
-#endif /* MBEDTLS_PKCS1_V15 */
-
-int mbedtls_rsa_import( mbedtls_rsa_context *ctx,
-                        const mbedtls_mpi *N,
-                        const mbedtls_mpi *P, const mbedtls_mpi *Q,
-                        const mbedtls_mpi *D, const mbedtls_mpi *E )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    RSA_VALIDATE_RET( ctx != NULL );
-
-    if( ( N != NULL && ( ret = mbedtls_mpi_copy( &ctx->N, N ) ) != 0 ) ||
-        ( P != NULL && ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 ) ||
-        ( Q != NULL && ( ret = mbedtls_mpi_copy( &ctx->Q, Q ) ) != 0 ) ||
-        ( D != NULL && ( ret = mbedtls_mpi_copy( &ctx->D, D ) ) != 0 ) ||
-        ( E != NULL && ( ret = mbedtls_mpi_copy( &ctx->E, E ) ) != 0 ) )
-    {
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
-    }
-
-    if( N != NULL )
-        ctx->len = mbedtls_mpi_size( &ctx->N );
-
-    return( 0 );
-}
-
-int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx,
-                            unsigned char const *N, size_t N_len,
-                            unsigned char const *P, size_t P_len,
-                            unsigned char const *Q, size_t Q_len,
-                            unsigned char const *D, size_t D_len,
-                            unsigned char const *E, size_t E_len )
-{
-    int ret = 0;
-    RSA_VALIDATE_RET( ctx != NULL );
-
-    if( N != NULL )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->N, N, N_len ) );
-        ctx->len = mbedtls_mpi_size( &ctx->N );
-    }
-
-    if( P != NULL )
-        MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->P, P, P_len ) );
-
-    if( Q != NULL )
-        MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->Q, Q, Q_len ) );
-
-    if( D != NULL )
-        MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->D, D, D_len ) );
-
-    if( E != NULL )
-        MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->E, E, E_len ) );
-
-cleanup:
-
-    if( ret != 0 )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
-
-    return( 0 );
-}
-
-/*
- * Checks whether the context fields are set in such a way
- * that the RSA primitives will be able to execute without error.
- * It does *not* make guarantees for consistency of the parameters.
- */
-static int rsa_check_context( mbedtls_rsa_context const *ctx, int is_priv,
-                              int blinding_needed )
-{
-#if !defined(MBEDTLS_RSA_NO_CRT)
-    /* blinding_needed is only used for NO_CRT to decide whether
-     * P,Q need to be present or not. */
-    ((void) blinding_needed);
-#endif
-
-    if( ctx->len != mbedtls_mpi_size( &ctx->N ) ||
-        ctx->len > MBEDTLS_MPI_MAX_SIZE )
-    {
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-    }
-
-    /*
-     * 1. Modular exponentiation needs positive, odd moduli.
-     */
-
-    /* Modular exponentiation wrt. N is always used for
-     * RSA public key operations. */
-    if( mbedtls_mpi_cmp_int( &ctx->N, 0 ) <= 0 ||
-        mbedtls_mpi_get_bit( &ctx->N, 0 ) == 0  )
-    {
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-    }
-
-#if !defined(MBEDTLS_RSA_NO_CRT)
-    /* Modular exponentiation for P and Q is only
-     * used for private key operations and if CRT
-     * is used. */
-    if( is_priv &&
-        ( mbedtls_mpi_cmp_int( &ctx->P, 0 ) <= 0 ||
-          mbedtls_mpi_get_bit( &ctx->P, 0 ) == 0 ||
-          mbedtls_mpi_cmp_int( &ctx->Q, 0 ) <= 0 ||
-          mbedtls_mpi_get_bit( &ctx->Q, 0 ) == 0  ) )
-    {
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-    }
-#endif /* !MBEDTLS_RSA_NO_CRT */
-
-    /*
-     * 2. Exponents must be positive
-     */
-
-    /* Always need E for public key operations */
-    if( mbedtls_mpi_cmp_int( &ctx->E, 0 ) <= 0 )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_RSA_NO_CRT)
-    /* For private key operations, use D or DP & DQ
-     * as (unblinded) exponents. */
-    if( is_priv && mbedtls_mpi_cmp_int( &ctx->D, 0 ) <= 0 )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-#else
-    if( is_priv &&
-        ( mbedtls_mpi_cmp_int( &ctx->DP, 0 ) <= 0 ||
-          mbedtls_mpi_cmp_int( &ctx->DQ, 0 ) <= 0  ) )
-    {
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-    }
-#endif /* MBEDTLS_RSA_NO_CRT */
-
-    /* Blinding shouldn't make exponents negative either,
-     * so check that P, Q >= 1 if that hasn't yet been
-     * done as part of 1. */
-#if defined(MBEDTLS_RSA_NO_CRT)
-    if( is_priv && blinding_needed &&
-        ( mbedtls_mpi_cmp_int( &ctx->P, 0 ) <= 0 ||
-          mbedtls_mpi_cmp_int( &ctx->Q, 0 ) <= 0 ) )
-    {
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-    }
-#endif
-
-    /* It wouldn't lead to an error if it wasn't satisfied,
-     * but check for QP >= 1 nonetheless. */
-#if !defined(MBEDTLS_RSA_NO_CRT)
-    if( is_priv &&
-        mbedtls_mpi_cmp_int( &ctx->QP, 0 ) <= 0 )
-    {
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-    }
-#endif
-
-    return( 0 );
-}
-
-int mbedtls_rsa_complete( mbedtls_rsa_context *ctx )
-{
-    int ret = 0;
-    int have_N, have_P, have_Q, have_D, have_E;
-#if !defined(MBEDTLS_RSA_NO_CRT)
-    int have_DP, have_DQ, have_QP;
-#endif
-    int n_missing, pq_missing, d_missing, is_pub, is_priv;
-
-    RSA_VALIDATE_RET( ctx != NULL );
-
-    have_N = ( mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 );
-    have_P = ( mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 );
-    have_Q = ( mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 );
-    have_D = ( mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 );
-    have_E = ( mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0 );
-
-#if !defined(MBEDTLS_RSA_NO_CRT)
-    have_DP = ( mbedtls_mpi_cmp_int( &ctx->DP, 0 ) != 0 );
-    have_DQ = ( mbedtls_mpi_cmp_int( &ctx->DQ, 0 ) != 0 );
-    have_QP = ( mbedtls_mpi_cmp_int( &ctx->QP, 0 ) != 0 );
-#endif
-
-    /*
-     * Check whether provided parameters are enough
-     * to deduce all others. The following incomplete
-     * parameter sets for private keys are supported:
-     *
-     * (1) P, Q missing.
-     * (2) D and potentially N missing.
-     *
-     */
-
-    n_missing  =              have_P &&  have_Q &&  have_D && have_E;
-    pq_missing =   have_N && !have_P && !have_Q &&  have_D && have_E;
-    d_missing  =              have_P &&  have_Q && !have_D && have_E;
-    is_pub     =   have_N && !have_P && !have_Q && !have_D && have_E;
-
-    /* These three alternatives are mutually exclusive */
-    is_priv = n_missing || pq_missing || d_missing;
-
-    if( !is_priv && !is_pub )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    /*
-     * Step 1: Deduce N if P, Q are provided.
-     */
-
-    if( !have_N && have_P && have_Q )
-    {
-        if( ( ret = mbedtls_mpi_mul_mpi( &ctx->N, &ctx->P,
-                                         &ctx->Q ) ) != 0 )
-        {
-            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
-        }
-
-        ctx->len = mbedtls_mpi_size( &ctx->N );
-    }
-
-    /*
-     * Step 2: Deduce and verify all remaining core parameters.
-     */
-
-    if( pq_missing )
-    {
-        ret = mbedtls_rsa_deduce_primes( &ctx->N, &ctx->E, &ctx->D,
-                                         &ctx->P, &ctx->Q );
-        if( ret != 0 )
-            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
-
-    }
-    else if( d_missing )
-    {
-        if( ( ret = mbedtls_rsa_deduce_private_exponent( &ctx->P,
-                                                         &ctx->Q,
-                                                         &ctx->E,
-                                                         &ctx->D ) ) != 0 )
-        {
-            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
-        }
-    }
-
-    /*
-     * Step 3: Deduce all additional parameters specific
-     *         to our current RSA implementation.
-     */
-
-#if !defined(MBEDTLS_RSA_NO_CRT)
-    if( is_priv && ! ( have_DP && have_DQ && have_QP ) )
-    {
-        ret = mbedtls_rsa_deduce_crt( &ctx->P,  &ctx->Q,  &ctx->D,
-                                      &ctx->DP, &ctx->DQ, &ctx->QP );
-        if( ret != 0 )
-            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
-    }
-#endif /* MBEDTLS_RSA_NO_CRT */
-
-    /*
-     * Step 3: Basic sanity checks
-     */
-
-    return( rsa_check_context( ctx, is_priv, 1 ) );
-}
-
-int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx,
-                            unsigned char *N, size_t N_len,
-                            unsigned char *P, size_t P_len,
-                            unsigned char *Q, size_t Q_len,
-                            unsigned char *D, size_t D_len,
-                            unsigned char *E, size_t E_len )
-{
-    int ret = 0;
-    int is_priv;
-    RSA_VALIDATE_RET( ctx != NULL );
-
-    /* Check if key is private or public */
-    is_priv =
-        mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 &&
-        mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 &&
-        mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 &&
-        mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 &&
-        mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0;
-
-    if( !is_priv )
-    {
-        /* If we're trying to export private parameters for a public key,
-         * something must be wrong. */
-        if( P != NULL || Q != NULL || D != NULL )
-            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    }
-
-    if( N != NULL )
-        MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->N, N, N_len ) );
-
-    if( P != NULL )
-        MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->P, P, P_len ) );
-
-    if( Q != NULL )
-        MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->Q, Q, Q_len ) );
-
-    if( D != NULL )
-        MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->D, D, D_len ) );
-
-    if( E != NULL )
-        MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->E, E, E_len ) );
-
-cleanup:
-
-    return( ret );
-}
-
-int mbedtls_rsa_export( const mbedtls_rsa_context *ctx,
-                        mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q,
-                        mbedtls_mpi *D, mbedtls_mpi *E )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    int is_priv;
-    RSA_VALIDATE_RET( ctx != NULL );
-
-    /* Check if key is private or public */
-    is_priv =
-        mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 &&
-        mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 &&
-        mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 &&
-        mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 &&
-        mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0;
-
-    if( !is_priv )
-    {
-        /* If we're trying to export private parameters for a public key,
-         * something must be wrong. */
-        if( P != NULL || Q != NULL || D != NULL )
-            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    }
-
-    /* Export all requested core parameters. */
-
-    if( ( N != NULL && ( ret = mbedtls_mpi_copy( N, &ctx->N ) ) != 0 ) ||
-        ( P != NULL && ( ret = mbedtls_mpi_copy( P, &ctx->P ) ) != 0 ) ||
-        ( Q != NULL && ( ret = mbedtls_mpi_copy( Q, &ctx->Q ) ) != 0 ) ||
-        ( D != NULL && ( ret = mbedtls_mpi_copy( D, &ctx->D ) ) != 0 ) ||
-        ( E != NULL && ( ret = mbedtls_mpi_copy( E, &ctx->E ) ) != 0 ) )
-    {
-        return( ret );
-    }
-
-    return( 0 );
-}
-
-/*
- * Export CRT parameters
- * This must also be implemented if CRT is not used, for being able to
- * write DER encoded RSA keys. The helper function mbedtls_rsa_deduce_crt
- * can be used in this case.
- */
-int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx,
-                            mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    int is_priv;
-    RSA_VALIDATE_RET( ctx != NULL );
-
-    /* Check if key is private or public */
-    is_priv =
-        mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 &&
-        mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 &&
-        mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 &&
-        mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 &&
-        mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0;
-
-    if( !is_priv )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-#if !defined(MBEDTLS_RSA_NO_CRT)
-    /* Export all requested blinding parameters. */
-    if( ( DP != NULL && ( ret = mbedtls_mpi_copy( DP, &ctx->DP ) ) != 0 ) ||
-        ( DQ != NULL && ( ret = mbedtls_mpi_copy( DQ, &ctx->DQ ) ) != 0 ) ||
-        ( QP != NULL && ( ret = mbedtls_mpi_copy( QP, &ctx->QP ) ) != 0 ) )
-    {
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
-    }
-#else
-    if( ( ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D,
-                                        DP, DQ, QP ) ) != 0 )
-    {
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
-    }
-#endif
-
-    return( 0 );
-}
-
-/*
- * Initialize an RSA context
- */
-void mbedtls_rsa_init( mbedtls_rsa_context *ctx,
-               int padding,
-               int hash_id )
-{
-    RSA_VALIDATE( ctx != NULL );
-    RSA_VALIDATE( padding == MBEDTLS_RSA_PKCS_V15 ||
-                  padding == MBEDTLS_RSA_PKCS_V21 );
-
-    memset( ctx, 0, sizeof( mbedtls_rsa_context ) );
-
-    mbedtls_rsa_set_padding( ctx, padding, hash_id );
-
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_mutex_init( &ctx->mutex );
-#endif
-}
-
-/*
- * Set padding for an existing RSA context
- */
-void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding,
-                              int hash_id )
-{
-    RSA_VALIDATE( ctx != NULL );
-    RSA_VALIDATE( padding == MBEDTLS_RSA_PKCS_V15 ||
-                  padding == MBEDTLS_RSA_PKCS_V21 );
-
-    ctx->padding = padding;
-    ctx->hash_id = hash_id;
-}
-
-/*
- * Get length in bytes of RSA modulus
- */
-
-size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx )
-{
-    return( ctx->len );
-}
-
-
-#if defined(MBEDTLS_GENPRIME)
-
-/*
- * Generate an RSA keypair
- *
- * This generation method follows the RSA key pair generation procedure of
- * FIPS 186-4 if 2^16 < exponent < 2^256 and nbits = 2048 or nbits = 3072.
- */
-int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
-                 int (*f_rng)(void *, unsigned char *, size_t),
-                 void *p_rng,
-                 unsigned int nbits, int exponent )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_mpi H, G, L;
-    int prime_quality = 0;
-    RSA_VALIDATE_RET( ctx != NULL );
-    RSA_VALIDATE_RET( f_rng != NULL );
-
-    if( nbits < 128 || exponent < 3 || nbits % 2 != 0 )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    /*
-     * If the modulus is 1024 bit long or shorter, then the security strength of
-     * the RSA algorithm is less than or equal to 80 bits and therefore an error
-     * rate of 2^-80 is sufficient.
-     */
-    if( nbits > 1024 )
-        prime_quality = MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR;
-
-    mbedtls_mpi_init( &H );
-    mbedtls_mpi_init( &G );
-    mbedtls_mpi_init( &L );
-
-    /*
-     * find primes P and Q with Q < P so that:
-     * 1.  |P-Q| > 2^( nbits / 2 - 100 )
-     * 2.  GCD( E, (P-1)*(Q-1) ) == 1
-     * 3.  E^-1 mod LCM(P-1, Q-1) > 2^( nbits / 2 )
-     */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->E, exponent ) );
-
-    do
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->P, nbits >> 1,
-                                                prime_quality, f_rng, p_rng ) );
-
-        MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, nbits >> 1,
-                                                prime_quality, f_rng, p_rng ) );
-
-        /* make sure the difference between p and q is not too small (FIPS 186-4 §B.3.3 step 5.4) */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &H, &ctx->P, &ctx->Q ) );
-        if( mbedtls_mpi_bitlen( &H ) <= ( ( nbits >= 200 ) ? ( ( nbits >> 1 ) - 99 ) : 0 ) )
-            continue;
-
-        /* not required by any standards, but some users rely on the fact that P > Q */
-        if( H.s < 0 )
-            mbedtls_mpi_swap( &ctx->P, &ctx->Q );
-
-        /* Temporarily replace P,Q by P-1, Q-1 */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &ctx->P, &ctx->P, 1 ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &ctx->Q, &ctx->Q, 1 ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &H, &ctx->P, &ctx->Q ) );
-
-        /* check GCD( E, (P-1)*(Q-1) ) == 1 (FIPS 186-4 §B.3.1 criterion 2(a)) */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &G, &ctx->E, &H  ) );
-        if( mbedtls_mpi_cmp_int( &G, 1 ) != 0 )
-            continue;
-
-        /* compute smallest possible D = E^-1 mod LCM(P-1, Q-1) (FIPS 186-4 §B.3.1 criterion 3(b)) */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &G, &ctx->P, &ctx->Q ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( &L, NULL, &H, &G ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &ctx->D, &ctx->E, &L ) );
-
-        if( mbedtls_mpi_bitlen( &ctx->D ) <= ( ( nbits + 1 ) / 2 ) ) // (FIPS 186-4 §B.3.1 criterion 3(a))
-            continue;
-
-        break;
-    }
-    while( 1 );
-
-    /* Restore P,Q */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &ctx->P,  &ctx->P, 1 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &ctx->Q,  &ctx->Q, 1 ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->N, &ctx->P, &ctx->Q ) );
-
-    ctx->len = mbedtls_mpi_size( &ctx->N );
-
-#if !defined(MBEDTLS_RSA_NO_CRT)
-    /*
-     * DP = D mod (P - 1)
-     * DQ = D mod (Q - 1)
-     * QP = Q^-1 mod P
-     */
-    MBEDTLS_MPI_CHK( mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D,
-                                             &ctx->DP, &ctx->DQ, &ctx->QP ) );
-#endif /* MBEDTLS_RSA_NO_CRT */
-
-    /* Double-check */
-    MBEDTLS_MPI_CHK( mbedtls_rsa_check_privkey( ctx ) );
-
-cleanup:
-
-    mbedtls_mpi_free( &H );
-    mbedtls_mpi_free( &G );
-    mbedtls_mpi_free( &L );
-
-    if( ret != 0 )
-    {
-        mbedtls_rsa_free( ctx );
-        return( MBEDTLS_ERR_RSA_KEY_GEN_FAILED + ret );
-    }
-
-    return( 0 );
-}
-
-#endif /* MBEDTLS_GENPRIME */
-
-/*
- * Check a public RSA key
- */
-int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx )
-{
-    RSA_VALIDATE_RET( ctx != NULL );
-
-    if( rsa_check_context( ctx, 0 /* public */, 0 /* no blinding */ ) != 0 )
-        return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
-
-    if( mbedtls_mpi_bitlen( &ctx->N ) < 128 )
-    {
-        return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
-    }
-
-    if( mbedtls_mpi_get_bit( &ctx->E, 0 ) == 0 ||
-        mbedtls_mpi_bitlen( &ctx->E )     < 2  ||
-        mbedtls_mpi_cmp_mpi( &ctx->E, &ctx->N ) >= 0 )
-    {
-        return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
-    }
-
-    return( 0 );
-}
-
-/*
- * Check for the consistency of all fields in an RSA private key context
- */
-int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx )
-{
-    RSA_VALIDATE_RET( ctx != NULL );
-
-    if( mbedtls_rsa_check_pubkey( ctx ) != 0 ||
-        rsa_check_context( ctx, 1 /* private */, 1 /* blinding */ ) != 0 )
-    {
-        return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
-    }
-
-    if( mbedtls_rsa_validate_params( &ctx->N, &ctx->P, &ctx->Q,
-                                     &ctx->D, &ctx->E, NULL, NULL ) != 0 )
-    {
-        return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
-    }
-
-#if !defined(MBEDTLS_RSA_NO_CRT)
-    else if( mbedtls_rsa_validate_crt( &ctx->P, &ctx->Q, &ctx->D,
-                                       &ctx->DP, &ctx->DQ, &ctx->QP ) != 0 )
-    {
-        return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
-    }
-#endif
-
-    return( 0 );
-}
-
-/*
- * Check if contexts holding a public and private key match
- */
-int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub,
-                                const mbedtls_rsa_context *prv )
-{
-    RSA_VALIDATE_RET( pub != NULL );
-    RSA_VALIDATE_RET( prv != NULL );
-
-    if( mbedtls_rsa_check_pubkey( pub )  != 0 ||
-        mbedtls_rsa_check_privkey( prv ) != 0 )
-    {
-        return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
-    }
-
-    if( mbedtls_mpi_cmp_mpi( &pub->N, &prv->N ) != 0 ||
-        mbedtls_mpi_cmp_mpi( &pub->E, &prv->E ) != 0 )
-    {
-        return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
-    }
-
-    return( 0 );
-}
-
-/*
- * Do an RSA public key operation
- */
-int mbedtls_rsa_public( mbedtls_rsa_context *ctx,
-                const unsigned char *input,
-                unsigned char *output )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t olen;
-    mbedtls_mpi T;
-    RSA_VALIDATE_RET( ctx != NULL );
-    RSA_VALIDATE_RET( input != NULL );
-    RSA_VALIDATE_RET( output != NULL );
-
-    if( rsa_check_context( ctx, 0 /* public */, 0 /* no blinding */ ) )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    mbedtls_mpi_init( &T );
-
-#if defined(MBEDTLS_THREADING_C)
-    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
-        return( ret );
-#endif
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &T, input, ctx->len ) );
-
-    if( mbedtls_mpi_cmp_mpi( &T, &ctx->N ) >= 0 )
-    {
-        ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
-        goto cleanup;
-    }
-
-    olen = ctx->len;
-    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &T, &T, &ctx->E, &ctx->N, &ctx->RN ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &T, output, olen ) );
-
-cleanup:
-#if defined(MBEDTLS_THREADING_C)
-    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
-        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
-#endif
-
-    mbedtls_mpi_free( &T );
-
-    if( ret != 0 )
-        return( MBEDTLS_ERR_RSA_PUBLIC_FAILED + ret );
-
-    return( 0 );
-}
-
-/*
- * Generate or update blinding values, see section 10 of:
- *  KOCHER, Paul C. Timing attacks on implementations of Diffie-Hellman, RSA,
- *  DSS, and other systems. In : Advances in Cryptology-CRYPTO'96. Springer
- *  Berlin Heidelberg, 1996. p. 104-113.
- */
-static int rsa_prepare_blinding( mbedtls_rsa_context *ctx,
-                 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-    int ret, count = 0;
-    mbedtls_mpi R;
-
-    mbedtls_mpi_init( &R );
-
-    if( ctx->Vf.p != NULL )
-    {
-        /* We already have blinding values, just update them by squaring */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->N ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->N ) );
-
-        goto cleanup;
-    }
-
-    /* Unblinding value: Vf = random number, invertible mod N */
-    do {
-        if( count++ > 10 )
-        {
-            ret = MBEDTLS_ERR_RSA_RNG_FAILED;
-            goto cleanup;
-        }
-
-        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &ctx->Vf, ctx->len - 1, f_rng, p_rng ) );
-
-        /* Compute Vf^-1 as R * (R Vf)^-1 to avoid leaks from inv_mod. */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, ctx->len - 1, f_rng, p_rng ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vf, &R ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->N ) );
-
-        /* At this point, Vi is invertible mod N if and only if both Vf and R
-         * are invertible mod N. If one of them isn't, we don't need to know
-         * which one, we just loop and choose new values for both of them.
-         * (Each iteration succeeds with overwhelming probability.) */
-        ret = mbedtls_mpi_inv_mod( &ctx->Vi, &ctx->Vi, &ctx->N );
-        if( ret != 0 && ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE )
-            goto cleanup;
-
-    } while( ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE );
-
-    /* Finish the computation of Vf^-1 = R * (R Vf)^-1 */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &R ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->N ) );
-
-    /* Blinding value: Vi = Vf^(-e) mod N
-     * (Vi already contains Vf^-1 at this point) */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->Vi, &ctx->Vi, &ctx->E, &ctx->N, &ctx->RN ) );
-
-
-cleanup:
-    mbedtls_mpi_free( &R );
-
-    return( ret );
-}
-
-/*
- * Exponent blinding supposed to prevent side-channel attacks using multiple
- * traces of measurements to recover the RSA key. The more collisions are there,
- * the more bits of the key can be recovered. See [3].
- *
- * Collecting n collisions with m bit long blinding value requires 2^(m-m/n)
- * observations on avarage.
- *
- * For example with 28 byte blinding to achieve 2 collisions the adversary has
- * to make 2^112 observations on avarage.
- *
- * (With the currently (as of 2017 April) known best algorithms breaking 2048
- * bit RSA requires approximately as much time as trying out 2^112 random keys.
- * Thus in this sense with 28 byte blinding the security is not reduced by
- * side-channel attacks like the one in [3])
- *
- * This countermeasure does not help if the key recovery is possible with a
- * single trace.
- */
-#define RSA_EXPONENT_BLINDING 28
-
-/*
- * Do an RSA private key operation
- */
-int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
-                 int (*f_rng)(void *, unsigned char *, size_t),
-                 void *p_rng,
-                 const unsigned char *input,
-                 unsigned char *output )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t olen;
-
-    /* Temporary holding the result */
-    mbedtls_mpi T;
-
-    /* Temporaries holding P-1, Q-1 and the
-     * exponent blinding factor, respectively. */
-    mbedtls_mpi P1, Q1, R;
-
-#if !defined(MBEDTLS_RSA_NO_CRT)
-    /* Temporaries holding the results mod p resp. mod q. */
-    mbedtls_mpi TP, TQ;
-
-    /* Temporaries holding the blinded exponents for
-     * the mod p resp. mod q computation (if used). */
-    mbedtls_mpi DP_blind, DQ_blind;
-
-    /* Pointers to actual exponents to be used - either the unblinded
-     * or the blinded ones, depending on the presence of a PRNG. */
-    mbedtls_mpi *DP = &ctx->DP;
-    mbedtls_mpi *DQ = &ctx->DQ;
-#else
-    /* Temporary holding the blinded exponent (if used). */
-    mbedtls_mpi D_blind;
-
-    /* Pointer to actual exponent to be used - either the unblinded
-     * or the blinded one, depending on the presence of a PRNG. */
-    mbedtls_mpi *D = &ctx->D;
-#endif /* MBEDTLS_RSA_NO_CRT */
-
-    /* Temporaries holding the initial input and the double
-     * checked result; should be the same in the end. */
-    mbedtls_mpi I, C;
-
-    RSA_VALIDATE_RET( ctx != NULL );
-    RSA_VALIDATE_RET( input  != NULL );
-    RSA_VALIDATE_RET( output != NULL );
-
-    if( rsa_check_context( ctx, 1             /* private key checks */,
-                                f_rng != NULL /* blinding y/n       */ ) != 0 )
-    {
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-    }
-
-#if defined(MBEDTLS_THREADING_C)
-    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
-        return( ret );
-#endif
-
-    /* MPI Initialization */
-    mbedtls_mpi_init( &T );
-
-    mbedtls_mpi_init( &P1 );
-    mbedtls_mpi_init( &Q1 );
-    mbedtls_mpi_init( &R );
-
-    if( f_rng != NULL )
-    {
-#if defined(MBEDTLS_RSA_NO_CRT)
-        mbedtls_mpi_init( &D_blind );
-#else
-        mbedtls_mpi_init( &DP_blind );
-        mbedtls_mpi_init( &DQ_blind );
-#endif
-    }
-
-#if !defined(MBEDTLS_RSA_NO_CRT)
-    mbedtls_mpi_init( &TP ); mbedtls_mpi_init( &TQ );
-#endif
-
-    mbedtls_mpi_init( &I );
-    mbedtls_mpi_init( &C );
-
-    /* End of MPI initialization */
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &T, input, ctx->len ) );
-    if( mbedtls_mpi_cmp_mpi( &T, &ctx->N ) >= 0 )
-    {
-        ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
-        goto cleanup;
-    }
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &I, &T ) );
-
-    if( f_rng != NULL )
-    {
-        /*
-         * Blinding
-         * T = T * Vi mod N
-         */
-        MBEDTLS_MPI_CHK( rsa_prepare_blinding( ctx, f_rng, p_rng ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vi ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) );
-
-        /*
-         * Exponent blinding
-         */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &P1, &ctx->P, 1 ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &Q1, &ctx->Q, 1 ) );
-
-#if defined(MBEDTLS_RSA_NO_CRT)
-        /*
-         * D_blind = ( P - 1 ) * ( Q - 1 ) * R + D
-         */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING,
-                         f_rng, p_rng ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &D_blind, &P1, &Q1 ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &D_blind, &D_blind, &R ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &D_blind, &D_blind, &ctx->D ) );
-
-        D = &D_blind;
-#else
-        /*
-         * DP_blind = ( P - 1 ) * R + DP
-         */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING,
-                         f_rng, p_rng ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DP_blind, &P1, &R ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &DP_blind, &DP_blind,
-                    &ctx->DP ) );
-
-        DP = &DP_blind;
-
-        /*
-         * DQ_blind = ( Q - 1 ) * R + DQ
-         */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING,
-                         f_rng, p_rng ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DQ_blind, &Q1, &R ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &DQ_blind, &DQ_blind,
-                    &ctx->DQ ) );
-
-        DQ = &DQ_blind;
-#endif /* MBEDTLS_RSA_NO_CRT */
-    }
-
-#if defined(MBEDTLS_RSA_NO_CRT)
-    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &T, &T, D, &ctx->N, &ctx->RN ) );
-#else
-    /*
-     * Faster decryption using the CRT
-     *
-     * TP = input ^ dP mod P
-     * TQ = input ^ dQ mod Q
-     */
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &TP, &T, DP, &ctx->P, &ctx->RP ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &TQ, &T, DQ, &ctx->Q, &ctx->RQ ) );
-
-    /*
-     * T = (TP - TQ) * (Q^-1 mod P) mod P
-     */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &T, &TP, &TQ ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &TP, &T, &ctx->QP ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &TP, &ctx->P ) );
-
-    /*
-     * T = TQ + T * Q
-     */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &TP, &T, &ctx->Q ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &T, &TQ, &TP ) );
-#endif /* MBEDTLS_RSA_NO_CRT */
-
-    if( f_rng != NULL )
-    {
-        /*
-         * Unblind
-         * T = T * Vf mod N
-         */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vf ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) );
-    }
-
-    /* Verify the result to prevent glitching attacks. */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &C, &T, &ctx->E,
-                                          &ctx->N, &ctx->RN ) );
-    if( mbedtls_mpi_cmp_mpi( &C, &I ) != 0 )
-    {
-        ret = MBEDTLS_ERR_RSA_VERIFY_FAILED;
-        goto cleanup;
-    }
-
-    olen = ctx->len;
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &T, output, olen ) );
-
-cleanup:
-#if defined(MBEDTLS_THREADING_C)
-    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
-        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
-#endif
-
-    mbedtls_mpi_free( &P1 );
-    mbedtls_mpi_free( &Q1 );
-    mbedtls_mpi_free( &R );
-
-    if( f_rng != NULL )
-    {
-#if defined(MBEDTLS_RSA_NO_CRT)
-        mbedtls_mpi_free( &D_blind );
-#else
-        mbedtls_mpi_free( &DP_blind );
-        mbedtls_mpi_free( &DQ_blind );
-#endif
-    }
-
-    mbedtls_mpi_free( &T );
-
-#if !defined(MBEDTLS_RSA_NO_CRT)
-    mbedtls_mpi_free( &TP ); mbedtls_mpi_free( &TQ );
-#endif
-
-    mbedtls_mpi_free( &C );
-    mbedtls_mpi_free( &I );
-
-    if( ret != 0 )
-        return( MBEDTLS_ERR_RSA_PRIVATE_FAILED + ret );
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_PKCS1_V21)
-/**
- * Generate and apply the MGF1 operation (from PKCS#1 v2.1) to a buffer.
- *
- * \param dst       buffer to mask
- * \param dlen      length of destination buffer
- * \param src       source of the mask generation
- * \param slen      length of the source buffer
- * \param md_ctx    message digest context to use
- */
-static int mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src,
-                      size_t slen, mbedtls_md_context_t *md_ctx )
-{
-    unsigned char mask[MBEDTLS_MD_MAX_SIZE];
-    unsigned char counter[4];
-    unsigned char *p;
-    unsigned int hlen;
-    size_t i, use_len;
-    int ret = 0;
-
-    memset( mask, 0, MBEDTLS_MD_MAX_SIZE );
-    memset( counter, 0, 4 );
-
-    hlen = mbedtls_md_get_size( md_ctx->md_info );
-
-    /* Generate and apply dbMask */
-    p = dst;
-
-    while( dlen > 0 )
-    {
-        use_len = hlen;
-        if( dlen < hlen )
-            use_len = dlen;
-
-        if( ( ret = mbedtls_md_starts( md_ctx ) ) != 0 )
-            goto exit;
-        if( ( ret = mbedtls_md_update( md_ctx, src, slen ) ) != 0 )
-            goto exit;
-        if( ( ret = mbedtls_md_update( md_ctx, counter, 4 ) ) != 0 )
-            goto exit;
-        if( ( ret = mbedtls_md_finish( md_ctx, mask ) ) != 0 )
-            goto exit;
-
-        for( i = 0; i < use_len; ++i )
-            *p++ ^= mask[i];
-
-        counter[3]++;
-
-        dlen -= use_len;
-    }
-
-exit:
-    mbedtls_platform_zeroize( mask, sizeof( mask ) );
-
-    return( ret );
-}
-#endif /* MBEDTLS_PKCS1_V21 */
-
-#if defined(MBEDTLS_PKCS1_V21)
-/*
- * Implementation of the PKCS#1 v2.1 RSAES-OAEP-ENCRYPT function
- */
-int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
-                            int (*f_rng)(void *, unsigned char *, size_t),
-                            void *p_rng,
-                            int mode,
-                            const unsigned char *label, size_t label_len,
-                            size_t ilen,
-                            const unsigned char *input,
-                            unsigned char *output )
-{
-    size_t olen;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *p = output;
-    unsigned int hlen;
-    const mbedtls_md_info_t *md_info;
-    mbedtls_md_context_t md_ctx;
-
-    RSA_VALIDATE_RET( ctx != NULL );
-    RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
-                      mode == MBEDTLS_RSA_PUBLIC );
-    RSA_VALIDATE_RET( output != NULL );
-    RSA_VALIDATE_RET( ilen == 0 || input != NULL );
-    RSA_VALIDATE_RET( label_len == 0 || label != NULL );
-
-    if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    if( f_rng == NULL )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id );
-    if( md_info == NULL )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    olen = ctx->len;
-    hlen = mbedtls_md_get_size( md_info );
-
-    /* first comparison checks for overflow */
-    if( ilen + 2 * hlen + 2 < ilen || olen < ilen + 2 * hlen + 2 )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    memset( output, 0, olen );
-
-    *p++ = 0;
-
-    /* Generate a random octet string seed */
-    if( ( ret = f_rng( p_rng, p, hlen ) ) != 0 )
-        return( MBEDTLS_ERR_RSA_RNG_FAILED + ret );
-
-    p += hlen;
-
-    /* Construct DB */
-    if( ( ret = mbedtls_md( md_info, label, label_len, p ) ) != 0 )
-        return( ret );
-    p += hlen;
-    p += olen - 2 * hlen - 2 - ilen;
-    *p++ = 1;
-    if( ilen != 0 )
-        memcpy( p, input, ilen );
-
-    mbedtls_md_init( &md_ctx );
-    if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
-        goto exit;
-
-    /* maskedDB: Apply dbMask to DB */
-    if( ( ret = mgf_mask( output + hlen + 1, olen - hlen - 1, output + 1, hlen,
-                          &md_ctx ) ) != 0 )
-        goto exit;
-
-    /* maskedSeed: Apply seedMask to seed */
-    if( ( ret = mgf_mask( output + 1, hlen, output + hlen + 1, olen - hlen - 1,
-                          &md_ctx ) ) != 0 )
-        goto exit;
-
-exit:
-    mbedtls_md_free( &md_ctx );
-
-    if( ret != 0 )
-        return( ret );
-
-    return( ( mode == MBEDTLS_RSA_PUBLIC )
-            ? mbedtls_rsa_public(  ctx, output, output )
-            : mbedtls_rsa_private( ctx, f_rng, p_rng, output, output ) );
-}
-#endif /* MBEDTLS_PKCS1_V21 */
-
-#if defined(MBEDTLS_PKCS1_V15)
-/*
- * Implementation of the PKCS#1 v2.1 RSAES-PKCS1-V1_5-ENCRYPT function
- */
-int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
-                                 int (*f_rng)(void *, unsigned char *, size_t),
-                                 void *p_rng,
-                                 int mode, size_t ilen,
-                                 const unsigned char *input,
-                                 unsigned char *output )
-{
-    size_t nb_pad, olen;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *p = output;
-
-    RSA_VALIDATE_RET( ctx != NULL );
-    RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
-                      mode == MBEDTLS_RSA_PUBLIC );
-    RSA_VALIDATE_RET( output != NULL );
-    RSA_VALIDATE_RET( ilen == 0 || input != NULL );
-
-    if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    olen = ctx->len;
-
-    /* first comparison checks for overflow */
-    if( ilen + 11 < ilen || olen < ilen + 11 )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    nb_pad = olen - 3 - ilen;
-
-    *p++ = 0;
-    if( mode == MBEDTLS_RSA_PUBLIC )
-    {
-        if( f_rng == NULL )
-            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-        *p++ = MBEDTLS_RSA_CRYPT;
-
-        while( nb_pad-- > 0 )
-        {
-            int rng_dl = 100;
-
-            do {
-                ret = f_rng( p_rng, p, 1 );
-            } while( *p == 0 && --rng_dl && ret == 0 );
-
-            /* Check if RNG failed to generate data */
-            if( rng_dl == 0 || ret != 0 )
-                return( MBEDTLS_ERR_RSA_RNG_FAILED + ret );
-
-            p++;
-        }
-    }
-    else
-    {
-        *p++ = MBEDTLS_RSA_SIGN;
-
-        while( nb_pad-- > 0 )
-            *p++ = 0xFF;
-    }
-
-    *p++ = 0;
-    if( ilen != 0 )
-        memcpy( p, input, ilen );
-
-    return( ( mode == MBEDTLS_RSA_PUBLIC )
-            ? mbedtls_rsa_public(  ctx, output, output )
-            : mbedtls_rsa_private( ctx, f_rng, p_rng, output, output ) );
-}
-#endif /* MBEDTLS_PKCS1_V15 */
-
-/*
- * Add the message padding, then do an RSA operation
- */
-int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
-                       int (*f_rng)(void *, unsigned char *, size_t),
-                       void *p_rng,
-                       int mode, size_t ilen,
-                       const unsigned char *input,
-                       unsigned char *output )
-{
-    RSA_VALIDATE_RET( ctx != NULL );
-    RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
-                      mode == MBEDTLS_RSA_PUBLIC );
-    RSA_VALIDATE_RET( output != NULL );
-    RSA_VALIDATE_RET( ilen == 0 || input != NULL );
-
-    switch( ctx->padding )
-    {
-#if defined(MBEDTLS_PKCS1_V15)
-        case MBEDTLS_RSA_PKCS_V15:
-            return mbedtls_rsa_rsaes_pkcs1_v15_encrypt( ctx, f_rng, p_rng, mode, ilen,
-                                                input, output );
-#endif
-
-#if defined(MBEDTLS_PKCS1_V21)
-        case MBEDTLS_RSA_PKCS_V21:
-            return mbedtls_rsa_rsaes_oaep_encrypt( ctx, f_rng, p_rng, mode, NULL, 0,
-                                           ilen, input, output );
-#endif
-
-        default:
-            return( MBEDTLS_ERR_RSA_INVALID_PADDING );
-    }
-}
-
-#if defined(MBEDTLS_PKCS1_V21)
-/*
- * Implementation of the PKCS#1 v2.1 RSAES-OAEP-DECRYPT function
- */
-int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
-                            int (*f_rng)(void *, unsigned char *, size_t),
-                            void *p_rng,
-                            int mode,
-                            const unsigned char *label, size_t label_len,
-                            size_t *olen,
-                            const unsigned char *input,
-                            unsigned char *output,
-                            size_t output_max_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t ilen, i, pad_len;
-    unsigned char *p, bad, pad_done;
-    unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
-    unsigned char lhash[MBEDTLS_MD_MAX_SIZE];
-    unsigned int hlen;
-    const mbedtls_md_info_t *md_info;
-    mbedtls_md_context_t md_ctx;
-
-    RSA_VALIDATE_RET( ctx != NULL );
-    RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
-                      mode == MBEDTLS_RSA_PUBLIC );
-    RSA_VALIDATE_RET( output_max_len == 0 || output != NULL );
-    RSA_VALIDATE_RET( label_len == 0 || label != NULL );
-    RSA_VALIDATE_RET( input != NULL );
-    RSA_VALIDATE_RET( olen != NULL );
-
-    /*
-     * Parameters sanity checks
-     */
-    if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    ilen = ctx->len;
-
-    if( ilen < 16 || ilen > sizeof( buf ) )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id );
-    if( md_info == NULL )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    hlen = mbedtls_md_get_size( md_info );
-
-    // checking for integer underflow
-    if( 2 * hlen + 2 > ilen )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    /*
-     * RSA operation
-     */
-    ret = ( mode == MBEDTLS_RSA_PUBLIC )
-          ? mbedtls_rsa_public(  ctx, input, buf )
-          : mbedtls_rsa_private( ctx, f_rng, p_rng, input, buf );
-
-    if( ret != 0 )
-        goto cleanup;
-
-    /*
-     * Unmask data and generate lHash
-     */
-    mbedtls_md_init( &md_ctx );
-    if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
-    {
-        mbedtls_md_free( &md_ctx );
-        goto cleanup;
-    }
-
-    /* seed: Apply seedMask to maskedSeed */
-    if( ( ret = mgf_mask( buf + 1, hlen, buf + hlen + 1, ilen - hlen - 1,
-                          &md_ctx ) ) != 0 ||
-    /* DB: Apply dbMask to maskedDB */
-        ( ret = mgf_mask( buf + hlen + 1, ilen - hlen - 1, buf + 1, hlen,
-                          &md_ctx ) ) != 0 )
-    {
-        mbedtls_md_free( &md_ctx );
-        goto cleanup;
-    }
-
-    mbedtls_md_free( &md_ctx );
-
-    /* Generate lHash */
-    if( ( ret = mbedtls_md( md_info, label, label_len, lhash ) ) != 0 )
-        goto cleanup;
-
-    /*
-     * Check contents, in "constant-time"
-     */
-    p = buf;
-    bad = 0;
-
-    bad |= *p++; /* First byte must be 0 */
-
-    p += hlen; /* Skip seed */
-
-    /* Check lHash */
-    for( i = 0; i < hlen; i++ )
-        bad |= lhash[i] ^ *p++;
-
-    /* Get zero-padding len, but always read till end of buffer
-     * (minus one, for the 01 byte) */
-    pad_len = 0;
-    pad_done = 0;
-    for( i = 0; i < ilen - 2 * hlen - 2; i++ )
-    {
-        pad_done |= p[i];
-        pad_len += ((pad_done | (unsigned char)-pad_done) >> 7) ^ 1;
-    }
-
-    p += pad_len;
-    bad |= *p++ ^ 0x01;
-
-    /*
-     * The only information "leaked" is whether the padding was correct or not
-     * (eg, no data is copied if it was not correct). This meets the
-     * recommendations in PKCS#1 v2.2: an opponent cannot distinguish between
-     * the different error conditions.
-     */
-    if( bad != 0 )
-    {
-        ret = MBEDTLS_ERR_RSA_INVALID_PADDING;
-        goto cleanup;
-    }
-
-    if( ilen - ( p - buf ) > output_max_len )
-    {
-        ret = MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE;
-        goto cleanup;
-    }
-
-    *olen = ilen - (p - buf);
-    if( *olen != 0 )
-        memcpy( output, p, *olen );
-    ret = 0;
-
-cleanup:
-    mbedtls_platform_zeroize( buf, sizeof( buf ) );
-    mbedtls_platform_zeroize( lhash, sizeof( lhash ) );
-
-    return( ret );
-}
-#endif /* MBEDTLS_PKCS1_V21 */
-
-#if defined(MBEDTLS_PKCS1_V15)
-/** Turn zero-or-nonzero into zero-or-all-bits-one, without branches.
- *
- * \param value     The value to analyze.
- * \return          Zero if \p value is zero, otherwise all-bits-one.
- */
-static unsigned all_or_nothing_int( unsigned value )
-{
-    /* MSVC has a warning about unary minus on unsigned, but this is
-     * well-defined and precisely what we want to do here */
-#if defined(_MSC_VER)
-#pragma warning( push )
-#pragma warning( disable : 4146 )
-#endif
-    return( - ( ( value | - value ) >> ( sizeof( value ) * 8 - 1 ) ) );
-#if defined(_MSC_VER)
-#pragma warning( pop )
-#endif
-}
-
-/** Check whether a size is out of bounds, without branches.
- *
- * This is equivalent to `size > max`, but is likely to be compiled to
- * to code using bitwise operation rather than a branch.
- *
- * \param size      Size to check.
- * \param max       Maximum desired value for \p size.
- * \return          \c 0 if `size <= max`.
- * \return          \c 1 if `size > max`.
- */
-static unsigned size_greater_than( size_t size, size_t max )
-{
-    /* Return the sign bit (1 for negative) of (max - size). */
-    return( ( max - size ) >> ( sizeof( size_t ) * 8 - 1 ) );
-}
-
-/** Choose between two integer values, without branches.
- *
- * This is equivalent to `cond ? if1 : if0`, but is likely to be compiled
- * to code using bitwise operation rather than a branch.
- *
- * \param cond      Condition to test.
- * \param if1       Value to use if \p cond is nonzero.
- * \param if0       Value to use if \p cond is zero.
- * \return          \c if1 if \p cond is nonzero, otherwise \c if0.
- */
-static unsigned if_int( unsigned cond, unsigned if1, unsigned if0 )
-{
-    unsigned mask = all_or_nothing_int( cond );
-    return( ( mask & if1 ) | (~mask & if0 ) );
-}
-
-/** Shift some data towards the left inside a buffer without leaking
- * the length of the data through side channels.
- *
- * `mem_move_to_left(start, total, offset)` is functionally equivalent to
- * ```
- * memmove(start, start + offset, total - offset);
- * memset(start + offset, 0, total - offset);
- * ```
- * but it strives to use a memory access pattern (and thus total timing)
- * that does not depend on \p offset. This timing independence comes at
- * the expense of performance.
- *
- * \param start     Pointer to the start of the buffer.
- * \param total     Total size of the buffer.
- * \param offset    Offset from which to copy \p total - \p offset bytes.
- */
-static void mem_move_to_left( void *start,
-                              size_t total,
-                              size_t offset )
-{
-    volatile unsigned char *buf = start;
-    size_t i, n;
-    if( total == 0 )
-        return;
-    for( i = 0; i < total; i++ )
-    {
-        unsigned no_op = size_greater_than( total - offset, i );
-        /* The first `total - offset` passes are a no-op. The last
-         * `offset` passes shift the data one byte to the left and
-         * zero out the last byte. */
-        for( n = 0; n < total - 1; n++ )
-        {
-            unsigned char current = buf[n];
-            unsigned char next = buf[n+1];
-            buf[n] = if_int( no_op, current, next );
-        }
-        buf[total-1] = if_int( no_op, buf[total-1], 0 );
-    }
-}
-
-/*
- * Implementation of the PKCS#1 v2.1 RSAES-PKCS1-V1_5-DECRYPT function
- */
-int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx,
-                                 int (*f_rng)(void *, unsigned char *, size_t),
-                                 void *p_rng,
-                                 int mode, size_t *olen,
-                                 const unsigned char *input,
-                                 unsigned char *output,
-                                 size_t output_max_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t ilen, i, plaintext_max_size;
-    unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
-    /* The following variables take sensitive values: their value must
-     * not leak into the observable behavior of the function other than
-     * the designated outputs (output, olen, return value). Otherwise
-     * this would open the execution of the function to
-     * side-channel-based variants of the Bleichenbacher padding oracle
-     * attack. Potential side channels include overall timing, memory
-     * access patterns (especially visible to an adversary who has access
-     * to a shared memory cache), and branches (especially visible to
-     * an adversary who has access to a shared code cache or to a shared
-     * branch predictor). */
-    size_t pad_count = 0;
-    unsigned bad = 0;
-    unsigned char pad_done = 0;
-    size_t plaintext_size = 0;
-    unsigned output_too_large;
-
-    RSA_VALIDATE_RET( ctx != NULL );
-    RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
-                      mode == MBEDTLS_RSA_PUBLIC );
-    RSA_VALIDATE_RET( output_max_len == 0 || output != NULL );
-    RSA_VALIDATE_RET( input != NULL );
-    RSA_VALIDATE_RET( olen != NULL );
-
-    ilen = ctx->len;
-    plaintext_max_size = ( output_max_len > ilen - 11 ?
-                           ilen - 11 :
-                           output_max_len );
-
-    if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    if( ilen < 16 || ilen > sizeof( buf ) )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    ret = ( mode == MBEDTLS_RSA_PUBLIC )
-          ? mbedtls_rsa_public(  ctx, input, buf )
-          : mbedtls_rsa_private( ctx, f_rng, p_rng, input, buf );
-
-    if( ret != 0 )
-        goto cleanup;
-
-    /* Check and get padding length in constant time and constant
-     * memory trace. The first byte must be 0. */
-    bad |= buf[0];
-
-    if( mode == MBEDTLS_RSA_PRIVATE )
-    {
-        /* Decode EME-PKCS1-v1_5 padding: 0x00 || 0x02 || PS || 0x00
-         * where PS must be at least 8 nonzero bytes. */
-        bad |= buf[1] ^ MBEDTLS_RSA_CRYPT;
-
-        /* Read the whole buffer. Set pad_done to nonzero if we find
-         * the 0x00 byte and remember the padding length in pad_count. */
-        for( i = 2; i < ilen; i++ )
-        {
-            pad_done  |= ((buf[i] | (unsigned char)-buf[i]) >> 7) ^ 1;
-            pad_count += ((pad_done | (unsigned char)-pad_done) >> 7) ^ 1;
-        }
-    }
-    else
-    {
-        /* Decode EMSA-PKCS1-v1_5 padding: 0x00 || 0x01 || PS || 0x00
-         * where PS must be at least 8 bytes with the value 0xFF. */
-        bad |= buf[1] ^ MBEDTLS_RSA_SIGN;
-
-        /* Read the whole buffer. Set pad_done to nonzero if we find
-         * the 0x00 byte and remember the padding length in pad_count.
-         * If there's a non-0xff byte in the padding, the padding is bad. */
-        for( i = 2; i < ilen; i++ )
-        {
-            pad_done |= if_int( buf[i], 0, 1 );
-            pad_count += if_int( pad_done, 0, 1 );
-            bad |= if_int( pad_done, 0, buf[i] ^ 0xFF );
-        }
-    }
-
-    /* If pad_done is still zero, there's no data, only unfinished padding. */
-    bad |= if_int( pad_done, 0, 1 );
-
-    /* There must be at least 8 bytes of padding. */
-    bad |= size_greater_than( 8, pad_count );
-
-    /* If the padding is valid, set plaintext_size to the number of
-     * remaining bytes after stripping the padding. If the padding
-     * is invalid, avoid leaking this fact through the size of the
-     * output: use the maximum message size that fits in the output
-     * buffer. Do it without branches to avoid leaking the padding
-     * validity through timing. RSA keys are small enough that all the
-     * size_t values involved fit in unsigned int. */
-    plaintext_size = if_int( bad,
-                             (unsigned) plaintext_max_size,
-                             (unsigned) ( ilen - pad_count - 3 ) );
-
-    /* Set output_too_large to 0 if the plaintext fits in the output
-     * buffer and to 1 otherwise. */
-    output_too_large = size_greater_than( plaintext_size,
-                                          plaintext_max_size );
-
-    /* Set ret without branches to avoid timing attacks. Return:
-     * - INVALID_PADDING if the padding is bad (bad != 0).
-     * - OUTPUT_TOO_LARGE if the padding is good but the decrypted
-     *   plaintext does not fit in the output buffer.
-     * - 0 if the padding is correct. */
-    ret = - (int) if_int( bad, - MBEDTLS_ERR_RSA_INVALID_PADDING,
-                  if_int( output_too_large, - MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE,
-                          0 ) );
-
-    /* If the padding is bad or the plaintext is too large, zero the
-     * data that we're about to copy to the output buffer.
-     * We need to copy the same amount of data
-     * from the same buffer whether the padding is good or not to
-     * avoid leaking the padding validity through overall timing or
-     * through memory or cache access patterns. */
-    bad = all_or_nothing_int( bad | output_too_large );
-    for( i = 11; i < ilen; i++ )
-        buf[i] &= ~bad;
-
-    /* If the plaintext is too large, truncate it to the buffer size.
-     * Copy anyway to avoid revealing the length through timing, because
-     * revealing the length is as bad as revealing the padding validity
-     * for a Bleichenbacher attack. */
-    plaintext_size = if_int( output_too_large,
-                             (unsigned) plaintext_max_size,
-                             (unsigned) plaintext_size );
-
-    /* Move the plaintext to the leftmost position where it can start in
-     * the working buffer, i.e. make it start plaintext_max_size from
-     * the end of the buffer. Do this with a memory access trace that
-     * does not depend on the plaintext size. After this move, the
-     * starting location of the plaintext is no longer sensitive
-     * information. */
-    mem_move_to_left( buf + ilen - plaintext_max_size,
-                      plaintext_max_size,
-                      plaintext_max_size - plaintext_size );
-
-    /* Finally copy the decrypted plaintext plus trailing zeros into the output
-     * buffer. If output_max_len is 0, then output may be an invalid pointer
-     * and the result of memcpy() would be undefined; prevent undefined
-     * behavior making sure to depend only on output_max_len (the size of the
-     * user-provided output buffer), which is independent from plaintext
-     * length, validity of padding, success of the decryption, and other
-     * secrets. */
-    if( output_max_len != 0 )
-        memcpy( output, buf + ilen - plaintext_max_size, plaintext_max_size );
-
-    /* Report the amount of data we copied to the output buffer. In case
-     * of errors (bad padding or output too large), the value of *olen
-     * when this function returns is not specified. Making it equivalent
-     * to the good case limits the risks of leaking the padding validity. */
-    *olen = plaintext_size;
-
-cleanup:
-    mbedtls_platform_zeroize( buf, sizeof( buf ) );
-
-    return( ret );
-}
-#endif /* MBEDTLS_PKCS1_V15 */
-
-/*
- * Do an RSA operation, then remove the message padding
- */
-int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx,
-                       int (*f_rng)(void *, unsigned char *, size_t),
-                       void *p_rng,
-                       int mode, size_t *olen,
-                       const unsigned char *input,
-                       unsigned char *output,
-                       size_t output_max_len)
-{
-    RSA_VALIDATE_RET( ctx != NULL );
-    RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
-                      mode == MBEDTLS_RSA_PUBLIC );
-    RSA_VALIDATE_RET( output_max_len == 0 || output != NULL );
-    RSA_VALIDATE_RET( input != NULL );
-    RSA_VALIDATE_RET( olen != NULL );
-
-    switch( ctx->padding )
-    {
-#if defined(MBEDTLS_PKCS1_V15)
-        case MBEDTLS_RSA_PKCS_V15:
-            return mbedtls_rsa_rsaes_pkcs1_v15_decrypt( ctx, f_rng, p_rng, mode, olen,
-                                                input, output, output_max_len );
-#endif
-
-#if defined(MBEDTLS_PKCS1_V21)
-        case MBEDTLS_RSA_PKCS_V21:
-            return mbedtls_rsa_rsaes_oaep_decrypt( ctx, f_rng, p_rng, mode, NULL, 0,
-                                           olen, input, output,
-                                           output_max_len );
-#endif
-
-        default:
-            return( MBEDTLS_ERR_RSA_INVALID_PADDING );
-    }
-}
-
-#if defined(MBEDTLS_PKCS1_V21)
-/*
- * Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function
- */
-int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
-                         int (*f_rng)(void *, unsigned char *, size_t),
-                         void *p_rng,
-                         int mode,
-                         mbedtls_md_type_t md_alg,
-                         unsigned int hashlen,
-                         const unsigned char *hash,
-                         unsigned char *sig )
-{
-    size_t olen;
-    unsigned char *p = sig;
-    unsigned char salt[MBEDTLS_MD_MAX_SIZE];
-    size_t slen, min_slen, hlen, offset = 0;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t msb;
-    const mbedtls_md_info_t *md_info;
-    mbedtls_md_context_t md_ctx;
-    RSA_VALIDATE_RET( ctx != NULL );
-    RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
-                      mode == MBEDTLS_RSA_PUBLIC );
-    RSA_VALIDATE_RET( ( md_alg  == MBEDTLS_MD_NONE &&
-                        hashlen == 0 ) ||
-                      hash != NULL );
-    RSA_VALIDATE_RET( sig != NULL );
-
-    if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    if( f_rng == NULL )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    olen = ctx->len;
-
-    if( md_alg != MBEDTLS_MD_NONE )
-    {
-        /* Gather length of hash to sign */
-        md_info = mbedtls_md_info_from_type( md_alg );
-        if( md_info == NULL )
-            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-        hashlen = mbedtls_md_get_size( md_info );
-    }
-
-    md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id );
-    if( md_info == NULL )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    hlen = mbedtls_md_get_size( md_info );
-
-    /* Calculate the largest possible salt length. Normally this is the hash
-     * length, which is the maximum length the salt can have. If there is not
-     * enough room, use the maximum salt length that fits. The constraint is
-     * that the hash length plus the salt length plus 2 bytes must be at most
-     * the key length. This complies with FIPS 186-4 §5.5 (e) and RFC 8017
-     * (PKCS#1 v2.2) §9.1.1 step 3. */
-    min_slen = hlen - 2;
-    if( olen < hlen + min_slen + 2 )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-    else if( olen >= hlen + hlen + 2 )
-        slen = hlen;
-    else
-        slen = olen - hlen - 2;
-
-    memset( sig, 0, olen );
-
-    /* Generate salt of length slen */
-    if( ( ret = f_rng( p_rng, salt, slen ) ) != 0 )
-        return( MBEDTLS_ERR_RSA_RNG_FAILED + ret );
-
-    /* Note: EMSA-PSS encoding is over the length of N - 1 bits */
-    msb = mbedtls_mpi_bitlen( &ctx->N ) - 1;
-    p += olen - hlen - slen - 2;
-    *p++ = 0x01;
-    memcpy( p, salt, slen );
-    p += slen;
-
-    mbedtls_md_init( &md_ctx );
-    if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
-        goto exit;
-
-    /* Generate H = Hash( M' ) */
-    if( ( ret = mbedtls_md_starts( &md_ctx ) ) != 0 )
-        goto exit;
-    if( ( ret = mbedtls_md_update( &md_ctx, p, 8 ) ) != 0 )
-        goto exit;
-    if( ( ret = mbedtls_md_update( &md_ctx, hash, hashlen ) ) != 0 )
-        goto exit;
-    if( ( ret = mbedtls_md_update( &md_ctx, salt, slen ) ) != 0 )
-        goto exit;
-    if( ( ret = mbedtls_md_finish( &md_ctx, p ) ) != 0 )
-        goto exit;
-
-    /* Compensate for boundary condition when applying mask */
-    if( msb % 8 == 0 )
-        offset = 1;
-
-    /* maskedDB: Apply dbMask to DB */
-    if( ( ret = mgf_mask( sig + offset, olen - hlen - 1 - offset, p, hlen,
-                          &md_ctx ) ) != 0 )
-        goto exit;
-
-    msb = mbedtls_mpi_bitlen( &ctx->N ) - 1;
-    sig[0] &= 0xFF >> ( olen * 8 - msb );
-
-    p += hlen;
-    *p++ = 0xBC;
-
-    mbedtls_platform_zeroize( salt, sizeof( salt ) );
-
-exit:
-    mbedtls_md_free( &md_ctx );
-
-    if( ret != 0 )
-        return( ret );
-
-    return( ( mode == MBEDTLS_RSA_PUBLIC )
-            ? mbedtls_rsa_public(  ctx, sig, sig )
-            : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig ) );
-}
-#endif /* MBEDTLS_PKCS1_V21 */
-
-#if defined(MBEDTLS_PKCS1_V15)
-/*
- * Implementation of the PKCS#1 v2.1 RSASSA-PKCS1-V1_5-SIGN function
- */
-
-/* Construct a PKCS v1.5 encoding of a hashed message
- *
- * This is used both for signature generation and verification.
- *
- * Parameters:
- * - md_alg:  Identifies the hash algorithm used to generate the given hash;
- *            MBEDTLS_MD_NONE if raw data is signed.
- * - hashlen: Length of hash in case hashlen is MBEDTLS_MD_NONE.
- * - hash:    Buffer containing the hashed message or the raw data.
- * - dst_len: Length of the encoded message.
- * - dst:     Buffer to hold the encoded message.
- *
- * Assumptions:
- * - hash has size hashlen if md_alg == MBEDTLS_MD_NONE.
- * - hash has size corresponding to md_alg if md_alg != MBEDTLS_MD_NONE.
- * - dst points to a buffer of size at least dst_len.
- *
- */
-static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg,
-                                        unsigned int hashlen,
-                                        const unsigned char *hash,
-                                        size_t dst_len,
-                                        unsigned char *dst )
-{
-    size_t oid_size  = 0;
-    size_t nb_pad    = dst_len;
-    unsigned char *p = dst;
-    const char *oid  = NULL;
-
-    /* Are we signing hashed or raw data? */
-    if( md_alg != MBEDTLS_MD_NONE )
-    {
-        const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
-        if( md_info == NULL )
-            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-        if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 )
-            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-        hashlen = mbedtls_md_get_size( md_info );
-
-        /* Double-check that 8 + hashlen + oid_size can be used as a
-         * 1-byte ASN.1 length encoding and that there's no overflow. */
-        if( 8 + hashlen + oid_size  >= 0x80         ||
-            10 + hashlen            <  hashlen      ||
-            10 + hashlen + oid_size <  10 + hashlen )
-            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-        /*
-         * Static bounds check:
-         * - Need 10 bytes for five tag-length pairs.
-         *   (Insist on 1-byte length encodings to protect against variants of
-         *    Bleichenbacher's forgery attack against lax PKCS#1v1.5 verification)
-         * - Need hashlen bytes for hash
-         * - Need oid_size bytes for hash alg OID.
-         */
-        if( nb_pad < 10 + hashlen + oid_size )
-            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-        nb_pad -= 10 + hashlen + oid_size;
-    }
-    else
-    {
-        if( nb_pad < hashlen )
-            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-        nb_pad -= hashlen;
-    }
-
-    /* Need space for signature header and padding delimiter (3 bytes),
-     * and 8 bytes for the minimal padding */
-    if( nb_pad < 3 + 8 )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-    nb_pad -= 3;
-
-    /* Now nb_pad is the amount of memory to be filled
-     * with padding, and at least 8 bytes long. */
-
-    /* Write signature header and padding */
-    *p++ = 0;
-    *p++ = MBEDTLS_RSA_SIGN;
-    memset( p, 0xFF, nb_pad );
-    p += nb_pad;
-    *p++ = 0;
-
-    /* Are we signing raw data? */
-    if( md_alg == MBEDTLS_MD_NONE )
-    {
-        memcpy( p, hash, hashlen );
-        return( 0 );
-    }
-
-    /* Signing hashed data, add corresponding ASN.1 structure
-     *
-     * DigestInfo ::= SEQUENCE {
-     *   digestAlgorithm DigestAlgorithmIdentifier,
-     *   digest Digest }
-     * DigestAlgorithmIdentifier ::= AlgorithmIdentifier
-     * Digest ::= OCTET STRING
-     *
-     * Schematic:
-     * TAG-SEQ + LEN [ TAG-SEQ + LEN [ TAG-OID  + LEN [ OID  ]
-     *                                 TAG-NULL + LEN [ NULL ] ]
-     *                 TAG-OCTET + LEN [ HASH ] ]
-     */
-    *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED;
-    *p++ = (unsigned char)( 0x08 + oid_size + hashlen );
-    *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED;
-    *p++ = (unsigned char)( 0x04 + oid_size );
-    *p++ = MBEDTLS_ASN1_OID;
-    *p++ = (unsigned char) oid_size;
-    memcpy( p, oid, oid_size );
-    p += oid_size;
-    *p++ = MBEDTLS_ASN1_NULL;
-    *p++ = 0x00;
-    *p++ = MBEDTLS_ASN1_OCTET_STRING;
-    *p++ = (unsigned char) hashlen;
-    memcpy( p, hash, hashlen );
-    p += hashlen;
-
-    /* Just a sanity-check, should be automatic
-     * after the initial bounds check. */
-    if( p != dst + dst_len )
-    {
-        mbedtls_platform_zeroize( dst, dst_len );
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-    }
-
-    return( 0 );
-}
-
-/*
- * Do an RSA operation to sign the message digest
- */
-int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
-                               int (*f_rng)(void *, unsigned char *, size_t),
-                               void *p_rng,
-                               int mode,
-                               mbedtls_md_type_t md_alg,
-                               unsigned int hashlen,
-                               const unsigned char *hash,
-                               unsigned char *sig )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *sig_try = NULL, *verif = NULL;
-
-    RSA_VALIDATE_RET( ctx != NULL );
-    RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
-                      mode == MBEDTLS_RSA_PUBLIC );
-    RSA_VALIDATE_RET( ( md_alg  == MBEDTLS_MD_NONE &&
-                        hashlen == 0 ) ||
-                      hash != NULL );
-    RSA_VALIDATE_RET( sig != NULL );
-
-    if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    /*
-     * Prepare PKCS1-v1.5 encoding (padding and hash identifier)
-     */
-
-    if( ( ret = rsa_rsassa_pkcs1_v15_encode( md_alg, hashlen, hash,
-                                             ctx->len, sig ) ) != 0 )
-        return( ret );
-
-    /*
-     * Call respective RSA primitive
-     */
-
-    if( mode == MBEDTLS_RSA_PUBLIC )
-    {
-        /* Skip verification on a public key operation */
-        return( mbedtls_rsa_public( ctx, sig, sig ) );
-    }
-
-    /* Private key operation
-     *
-     * In order to prevent Lenstra's attack, make the signature in a
-     * temporary buffer and check it before returning it.
-     */
-
-    sig_try = mbedtls_calloc( 1, ctx->len );
-    if( sig_try == NULL )
-        return( MBEDTLS_ERR_MPI_ALLOC_FAILED );
-
-    verif = mbedtls_calloc( 1, ctx->len );
-    if( verif == NULL )
-    {
-        mbedtls_free( sig_try );
-        return( MBEDTLS_ERR_MPI_ALLOC_FAILED );
-    }
-
-    MBEDTLS_MPI_CHK( mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig_try ) );
-    MBEDTLS_MPI_CHK( mbedtls_rsa_public( ctx, sig_try, verif ) );
-
-    if( mbedtls_safer_memcmp( verif, sig, ctx->len ) != 0 )
-    {
-        ret = MBEDTLS_ERR_RSA_PRIVATE_FAILED;
-        goto cleanup;
-    }
-
-    memcpy( sig, sig_try, ctx->len );
-
-cleanup:
-    mbedtls_free( sig_try );
-    mbedtls_free( verif );
-
-    return( ret );
-}
-#endif /* MBEDTLS_PKCS1_V15 */
-
-/*
- * Do an RSA operation to sign the message digest
- */
-int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
-                    int (*f_rng)(void *, unsigned char *, size_t),
-                    void *p_rng,
-                    int mode,
-                    mbedtls_md_type_t md_alg,
-                    unsigned int hashlen,
-                    const unsigned char *hash,
-                    unsigned char *sig )
-{
-    RSA_VALIDATE_RET( ctx != NULL );
-    RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
-                      mode == MBEDTLS_RSA_PUBLIC );
-    RSA_VALIDATE_RET( ( md_alg  == MBEDTLS_MD_NONE &&
-                        hashlen == 0 ) ||
-                      hash != NULL );
-    RSA_VALIDATE_RET( sig != NULL );
-
-    switch( ctx->padding )
-    {
-#if defined(MBEDTLS_PKCS1_V15)
-        case MBEDTLS_RSA_PKCS_V15:
-            return mbedtls_rsa_rsassa_pkcs1_v15_sign( ctx, f_rng, p_rng, mode, md_alg,
-                                              hashlen, hash, sig );
-#endif
-
-#if defined(MBEDTLS_PKCS1_V21)
-        case MBEDTLS_RSA_PKCS_V21:
-            return mbedtls_rsa_rsassa_pss_sign( ctx, f_rng, p_rng, mode, md_alg,
-                                        hashlen, hash, sig );
-#endif
-
-        default:
-            return( MBEDTLS_ERR_RSA_INVALID_PADDING );
-    }
-}
-
-#if defined(MBEDTLS_PKCS1_V21)
-/*
- * Implementation of the PKCS#1 v2.1 RSASSA-PSS-VERIFY function
- */
-int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
-                               int (*f_rng)(void *, unsigned char *, size_t),
-                               void *p_rng,
-                               int mode,
-                               mbedtls_md_type_t md_alg,
-                               unsigned int hashlen,
-                               const unsigned char *hash,
-                               mbedtls_md_type_t mgf1_hash_id,
-                               int expected_salt_len,
-                               const unsigned char *sig )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t siglen;
-    unsigned char *p;
-    unsigned char *hash_start;
-    unsigned char result[MBEDTLS_MD_MAX_SIZE];
-    unsigned char zeros[8];
-    unsigned int hlen;
-    size_t observed_salt_len, msb;
-    const mbedtls_md_info_t *md_info;
-    mbedtls_md_context_t md_ctx;
-    unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
-
-    RSA_VALIDATE_RET( ctx != NULL );
-    RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
-                      mode == MBEDTLS_RSA_PUBLIC );
-    RSA_VALIDATE_RET( sig != NULL );
-    RSA_VALIDATE_RET( ( md_alg  == MBEDTLS_MD_NONE &&
-                        hashlen == 0 ) ||
-                      hash != NULL );
-
-    if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    siglen = ctx->len;
-
-    if( siglen < 16 || siglen > sizeof( buf ) )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    ret = ( mode == MBEDTLS_RSA_PUBLIC )
-          ? mbedtls_rsa_public(  ctx, sig, buf )
-          : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, buf );
-
-    if( ret != 0 )
-        return( ret );
-
-    p = buf;
-
-    if( buf[siglen - 1] != 0xBC )
-        return( MBEDTLS_ERR_RSA_INVALID_PADDING );
-
-    if( md_alg != MBEDTLS_MD_NONE )
-    {
-        /* Gather length of hash to sign */
-        md_info = mbedtls_md_info_from_type( md_alg );
-        if( md_info == NULL )
-            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-        hashlen = mbedtls_md_get_size( md_info );
-    }
-
-    md_info = mbedtls_md_info_from_type( mgf1_hash_id );
-    if( md_info == NULL )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    hlen = mbedtls_md_get_size( md_info );
-
-    memset( zeros, 0, 8 );
-
-    /*
-     * Note: EMSA-PSS verification is over the length of N - 1 bits
-     */
-    msb = mbedtls_mpi_bitlen( &ctx->N ) - 1;
-
-    if( buf[0] >> ( 8 - siglen * 8 + msb ) )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    /* Compensate for boundary condition when applying mask */
-    if( msb % 8 == 0 )
-    {
-        p++;
-        siglen -= 1;
-    }
-
-    if( siglen < hlen + 2 )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-    hash_start = p + siglen - hlen - 1;
-
-    mbedtls_md_init( &md_ctx );
-    if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
-        goto exit;
-
-    ret = mgf_mask( p, siglen - hlen - 1, hash_start, hlen, &md_ctx );
-    if( ret != 0 )
-        goto exit;
-
-    buf[0] &= 0xFF >> ( siglen * 8 - msb );
-
-    while( p < hash_start - 1 && *p == 0 )
-        p++;
-
-    if( *p++ != 0x01 )
-    {
-        ret = MBEDTLS_ERR_RSA_INVALID_PADDING;
-        goto exit;
-    }
-
-    observed_salt_len = hash_start - p;
-
-    if( expected_salt_len != MBEDTLS_RSA_SALT_LEN_ANY &&
-        observed_salt_len != (size_t) expected_salt_len )
-    {
-        ret = MBEDTLS_ERR_RSA_INVALID_PADDING;
-        goto exit;
-    }
-
-    /*
-     * Generate H = Hash( M' )
-     */
-    ret = mbedtls_md_starts( &md_ctx );
-    if ( ret != 0 )
-        goto exit;
-    ret = mbedtls_md_update( &md_ctx, zeros, 8 );
-    if ( ret != 0 )
-        goto exit;
-    ret = mbedtls_md_update( &md_ctx, hash, hashlen );
-    if ( ret != 0 )
-        goto exit;
-    ret = mbedtls_md_update( &md_ctx, p, observed_salt_len );
-    if ( ret != 0 )
-        goto exit;
-    ret = mbedtls_md_finish( &md_ctx, result );
-    if ( ret != 0 )
-        goto exit;
-
-    if( memcmp( hash_start, result, hlen ) != 0 )
-    {
-        ret = MBEDTLS_ERR_RSA_VERIFY_FAILED;
-        goto exit;
-    }
-
-exit:
-    mbedtls_md_free( &md_ctx );
-
-    return( ret );
-}
-
-/*
- * Simplified PKCS#1 v2.1 RSASSA-PSS-VERIFY function
- */
-int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
-                           int (*f_rng)(void *, unsigned char *, size_t),
-                           void *p_rng,
-                           int mode,
-                           mbedtls_md_type_t md_alg,
-                           unsigned int hashlen,
-                           const unsigned char *hash,
-                           const unsigned char *sig )
-{
-    mbedtls_md_type_t mgf1_hash_id;
-    RSA_VALIDATE_RET( ctx != NULL );
-    RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
-                      mode == MBEDTLS_RSA_PUBLIC );
-    RSA_VALIDATE_RET( sig != NULL );
-    RSA_VALIDATE_RET( ( md_alg  == MBEDTLS_MD_NONE &&
-                        hashlen == 0 ) ||
-                      hash != NULL );
-
-    mgf1_hash_id = ( ctx->hash_id != MBEDTLS_MD_NONE )
-                             ? (mbedtls_md_type_t) ctx->hash_id
-                             : md_alg;
-
-    return( mbedtls_rsa_rsassa_pss_verify_ext( ctx, f_rng, p_rng, mode,
-                                       md_alg, hashlen, hash,
-                                       mgf1_hash_id, MBEDTLS_RSA_SALT_LEN_ANY,
-                                       sig ) );
-
-}
-#endif /* MBEDTLS_PKCS1_V21 */
-
-#if defined(MBEDTLS_PKCS1_V15)
-/*
- * Implementation of the PKCS#1 v2.1 RSASSA-PKCS1-v1_5-VERIFY function
- */
-int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
-                                 int (*f_rng)(void *, unsigned char *, size_t),
-                                 void *p_rng,
-                                 int mode,
-                                 mbedtls_md_type_t md_alg,
-                                 unsigned int hashlen,
-                                 const unsigned char *hash,
-                                 const unsigned char *sig )
-{
-    int ret = 0;
-    size_t sig_len;
-    unsigned char *encoded = NULL, *encoded_expected = NULL;
-
-    RSA_VALIDATE_RET( ctx != NULL );
-    RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
-                      mode == MBEDTLS_RSA_PUBLIC );
-    RSA_VALIDATE_RET( sig != NULL );
-    RSA_VALIDATE_RET( ( md_alg  == MBEDTLS_MD_NONE &&
-                        hashlen == 0 ) ||
-                      hash != NULL );
-
-    sig_len = ctx->len;
-
-    if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 )
-        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
-
-    /*
-     * Prepare expected PKCS1 v1.5 encoding of hash.
-     */
-
-    if( ( encoded          = mbedtls_calloc( 1, sig_len ) ) == NULL ||
-        ( encoded_expected = mbedtls_calloc( 1, sig_len ) ) == NULL )
-    {
-        ret = MBEDTLS_ERR_MPI_ALLOC_FAILED;
-        goto cleanup;
-    }
-
-    if( ( ret = rsa_rsassa_pkcs1_v15_encode( md_alg, hashlen, hash, sig_len,
-                                             encoded_expected ) ) != 0 )
-        goto cleanup;
-
-    /*
-     * Apply RSA primitive to get what should be PKCS1 encoded hash.
-     */
-
-    ret = ( mode == MBEDTLS_RSA_PUBLIC )
-          ? mbedtls_rsa_public(  ctx, sig, encoded )
-          : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, encoded );
-    if( ret != 0 )
-        goto cleanup;
-
-    /*
-     * Compare
-     */
-
-    if( ( ret = mbedtls_safer_memcmp( encoded, encoded_expected,
-                                      sig_len ) ) != 0 )
-    {
-        ret = MBEDTLS_ERR_RSA_VERIFY_FAILED;
-        goto cleanup;
-    }
-
-cleanup:
-
-    if( encoded != NULL )
-    {
-        mbedtls_platform_zeroize( encoded, sig_len );
-        mbedtls_free( encoded );
-    }
-
-    if( encoded_expected != NULL )
-    {
-        mbedtls_platform_zeroize( encoded_expected, sig_len );
-        mbedtls_free( encoded_expected );
-    }
-
-    return( ret );
-}
-#endif /* MBEDTLS_PKCS1_V15 */
-
-/*
- * Do an RSA operation and check the message digest
- */
-int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
-                      int (*f_rng)(void *, unsigned char *, size_t),
-                      void *p_rng,
-                      int mode,
-                      mbedtls_md_type_t md_alg,
-                      unsigned int hashlen,
-                      const unsigned char *hash,
-                      const unsigned char *sig )
-{
-    RSA_VALIDATE_RET( ctx != NULL );
-    RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
-                      mode == MBEDTLS_RSA_PUBLIC );
-    RSA_VALIDATE_RET( sig != NULL );
-    RSA_VALIDATE_RET( ( md_alg  == MBEDTLS_MD_NONE &&
-                        hashlen == 0 ) ||
-                      hash != NULL );
-
-    switch( ctx->padding )
-    {
-#if defined(MBEDTLS_PKCS1_V15)
-        case MBEDTLS_RSA_PKCS_V15:
-            return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, f_rng, p_rng, mode, md_alg,
-                                                hashlen, hash, sig );
-#endif
-
-#if defined(MBEDTLS_PKCS1_V21)
-        case MBEDTLS_RSA_PKCS_V21:
-            return mbedtls_rsa_rsassa_pss_verify( ctx, f_rng, p_rng, mode, md_alg,
-                                          hashlen, hash, sig );
-#endif
-
-        default:
-            return( MBEDTLS_ERR_RSA_INVALID_PADDING );
-    }
-}
-
-/*
- * Copy the components of an RSA key
- */
-int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    RSA_VALIDATE_RET( dst != NULL );
-    RSA_VALIDATE_RET( src != NULL );
-
-    dst->ver = src->ver;
-    dst->len = src->len;
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->N, &src->N ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->E, &src->E ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->D, &src->D ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->P, &src->P ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->Q, &src->Q ) );
-
-#if !defined(MBEDTLS_RSA_NO_CRT)
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->DP, &src->DP ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->DQ, &src->DQ ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->QP, &src->QP ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->RP, &src->RP ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->RQ, &src->RQ ) );
-#endif
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->RN, &src->RN ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->Vi, &src->Vi ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->Vf, &src->Vf ) );
-
-    dst->padding = src->padding;
-    dst->hash_id = src->hash_id;
-
-cleanup:
-    if( ret != 0 )
-        mbedtls_rsa_free( dst );
-
-    return( ret );
-}
-
-/*
- * Free the components of an RSA key
- */
-void mbedtls_rsa_free( mbedtls_rsa_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_mpi_free( &ctx->Vi );
-    mbedtls_mpi_free( &ctx->Vf );
-    mbedtls_mpi_free( &ctx->RN );
-    mbedtls_mpi_free( &ctx->D  );
-    mbedtls_mpi_free( &ctx->Q  );
-    mbedtls_mpi_free( &ctx->P  );
-    mbedtls_mpi_free( &ctx->E  );
-    mbedtls_mpi_free( &ctx->N  );
-
-#if !defined(MBEDTLS_RSA_NO_CRT)
-    mbedtls_mpi_free( &ctx->RQ );
-    mbedtls_mpi_free( &ctx->RP );
-    mbedtls_mpi_free( &ctx->QP );
-    mbedtls_mpi_free( &ctx->DQ );
-    mbedtls_mpi_free( &ctx->DP );
-#endif /* MBEDTLS_RSA_NO_CRT */
-
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_mutex_free( &ctx->mutex );
-#endif
-}
-
-#endif /* !MBEDTLS_RSA_ALT */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-#include "mbedtls/sha1.h"
-
-/*
- * Example RSA-1024 keypair, for test purposes
- */
-#define KEY_LEN 128
-
-#define RSA_N   "9292758453063D803DD603D5E777D788" \
-                "8ED1D5BF35786190FA2F23EBC0848AEA" \
-                "DDA92CA6C3D80B32C4D109BE0F36D6AE" \
-                "7130B9CED7ACDF54CFC7555AC14EEBAB" \
-                "93A89813FBF3C4F8066D2D800F7C38A8" \
-                "1AE31942917403FF4946B0A83D3D3E05" \
-                "EE57C6F5F5606FB5D4BC6CD34EE0801A" \
-                "5E94BB77B07507233A0BC7BAC8F90F79"
-
-#define RSA_E   "10001"
-
-#define RSA_D   "24BF6185468786FDD303083D25E64EFC" \
-                "66CA472BC44D253102F8B4A9D3BFA750" \
-                "91386C0077937FE33FA3252D28855837" \
-                "AE1B484A8A9A45F7EE8C0C634F99E8CD" \
-                "DF79C5CE07EE72C7F123142198164234" \
-                "CABB724CF78B8173B9F880FC86322407" \
-                "AF1FEDFDDE2BEB674CA15F3E81A1521E" \
-                "071513A1E85B5DFA031F21ECAE91A34D"
-
-#define RSA_P   "C36D0EB7FCD285223CFB5AABA5BDA3D8" \
-                "2C01CAD19EA484A87EA4377637E75500" \
-                "FCB2005C5C7DD6EC4AC023CDA285D796" \
-                "C3D9E75E1EFC42488BB4F1D13AC30A57"
-
-#define RSA_Q   "C000DF51A7C77AE8D7C7370C1FF55B69" \
-                "E211C2B9E5DB1ED0BF61D0D9899620F4" \
-                "910E4168387E3C30AA1E00C339A79508" \
-                "8452DD96A9A5EA5D9DCA68DA636032AF"
-
-#define PT_LEN  24
-#define RSA_PT  "\xAA\xBB\xCC\x03\x02\x01\x00\xFF\xFF\xFF\xFF\xFF" \
-                "\x11\x22\x33\x0A\x0B\x0C\xCC\xDD\xDD\xDD\xDD\xDD"
-
-#if defined(MBEDTLS_PKCS1_V15)
-static int myrand( void *rng_state, unsigned char *output, size_t len )
-{
-#if !defined(__OpenBSD__) && !defined(__NetBSD__)
-    size_t i;
-
-    if( rng_state != NULL )
-        rng_state  = NULL;
-
-    for( i = 0; i < len; ++i )
-        output[i] = rand();
-#else
-    if( rng_state != NULL )
-        rng_state = NULL;
-
-    arc4random_buf( output, len );
-#endif /* !OpenBSD && !NetBSD */
-
-    return( 0 );
-}
-#endif /* MBEDTLS_PKCS1_V15 */
-
-/*
- * Checkup routine
- */
-int mbedtls_rsa_self_test( int verbose )
-{
-    int ret = 0;
-#if defined(MBEDTLS_PKCS1_V15)
-    size_t len;
-    mbedtls_rsa_context rsa;
-    unsigned char rsa_plaintext[PT_LEN];
-    unsigned char rsa_decrypted[PT_LEN];
-    unsigned char rsa_ciphertext[KEY_LEN];
-#if defined(MBEDTLS_SHA1_C)
-    unsigned char sha1sum[20];
-#endif
-
-    mbedtls_mpi K;
-
-    mbedtls_mpi_init( &K );
-    mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_N  ) );
-    MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, &K, NULL, NULL, NULL, NULL ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_P  ) );
-    MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, NULL, &K, NULL, NULL, NULL ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_Q  ) );
-    MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, NULL, NULL, &K, NULL, NULL ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_D  ) );
-    MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, NULL, NULL, NULL, &K, NULL ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_E  ) );
-    MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, NULL, NULL, NULL, NULL, &K ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_rsa_complete( &rsa ) );
-
-    if( verbose != 0 )
-        mbedtls_printf( "  RSA key validation: " );
-
-    if( mbedtls_rsa_check_pubkey(  &rsa ) != 0 ||
-        mbedtls_rsa_check_privkey( &rsa ) != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
-
-        ret = 1;
-        goto cleanup;
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n  PKCS#1 encryption : " );
-
-    memcpy( rsa_plaintext, RSA_PT, PT_LEN );
-
-    if( mbedtls_rsa_pkcs1_encrypt( &rsa, myrand, NULL, MBEDTLS_RSA_PUBLIC,
-                                   PT_LEN, rsa_plaintext,
-                                   rsa_ciphertext ) != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
-
-        ret = 1;
-        goto cleanup;
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n  PKCS#1 decryption : " );
-
-    if( mbedtls_rsa_pkcs1_decrypt( &rsa, myrand, NULL, MBEDTLS_RSA_PRIVATE,
-                                   &len, rsa_ciphertext, rsa_decrypted,
-                                   sizeof(rsa_decrypted) ) != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
-
-        ret = 1;
-        goto cleanup;
-    }
-
-    if( memcmp( rsa_decrypted, rsa_plaintext, len ) != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
-
-        ret = 1;
-        goto cleanup;
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-
-#if defined(MBEDTLS_SHA1_C)
-    if( verbose != 0 )
-        mbedtls_printf( "  PKCS#1 data sign  : " );
-
-    if( mbedtls_sha1_ret( rsa_plaintext, PT_LEN, sha1sum ) != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
-
-        return( 1 );
-    }
-
-    if( mbedtls_rsa_pkcs1_sign( &rsa, myrand, NULL,
-                                MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA1, 0,
-                                sha1sum, rsa_ciphertext ) != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
-
-        ret = 1;
-        goto cleanup;
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n  PKCS#1 sig. verify: " );
-
-    if( mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL,
-                                  MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0,
-                                  sha1sum, rsa_ciphertext ) != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
-
-        ret = 1;
-        goto cleanup;
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-#endif /* MBEDTLS_SHA1_C */
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-cleanup:
-    mbedtls_mpi_free( &K );
-    mbedtls_rsa_free( &rsa );
-#else /* MBEDTLS_PKCS1_V15 */
-    ((void) verbose);
-#endif /* MBEDTLS_PKCS1_V15 */
-    return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_RSA_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/rsa_internal.c b/3rdparty/mbedtls-2.25.0/library/rsa_internal.c
deleted file mode 100644
index d6ba97a..0000000
--- a/3rdparty/mbedtls-2.25.0/library/rsa_internal.c
+++ /dev/null
@@ -1,486 +0,0 @@
-/*
- *  Helper functions for the RSA module
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- *
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_RSA_C)
-
-#include "mbedtls/rsa.h"
-#include "mbedtls/bignum.h"
-#include "mbedtls/rsa_internal.h"
-
-/*
- * Compute RSA prime factors from public and private exponents
- *
- * Summary of algorithm:
- * Setting F := lcm(P-1,Q-1), the idea is as follows:
- *
- * (a) For any 1 <= X < N with gcd(X,N)=1, we have X^F = 1 modulo N, so X^(F/2)
- *     is a square root of 1 in Z/NZ. Since Z/NZ ~= Z/PZ x Z/QZ by CRT and the
- *     square roots of 1 in Z/PZ and Z/QZ are +1 and -1, this leaves the four
- *     possibilities X^(F/2) = (+-1, +-1). If it happens that X^(F/2) = (-1,+1)
- *     or (+1,-1), then gcd(X^(F/2) + 1, N) will be equal to one of the prime
- *     factors of N.
- *
- * (b) If we don't know F/2 but (F/2) * K for some odd (!) K, then the same
- *     construction still applies since (-)^K is the identity on the set of
- *     roots of 1 in Z/NZ.
- *
- * The public and private key primitives (-)^E and (-)^D are mutually inverse
- * bijections on Z/NZ if and only if (-)^(DE) is the identity on Z/NZ, i.e.
- * if and only if DE - 1 is a multiple of F, say DE - 1 = F * L.
- * Splitting L = 2^t * K with K odd, we have
- *
- *   DE - 1 = FL = (F/2) * (2^(t+1)) * K,
- *
- * so (F / 2) * K is among the numbers
- *
- *   (DE - 1) >> 1, (DE - 1) >> 2, ..., (DE - 1) >> ord
- *
- * where ord is the order of 2 in (DE - 1).
- * We can therefore iterate through these numbers apply the construction
- * of (a) and (b) above to attempt to factor N.
- *
- */
-int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N,
-                     mbedtls_mpi const *E, mbedtls_mpi const *D,
-                     mbedtls_mpi *P, mbedtls_mpi *Q )
-{
-    int ret = 0;
-
-    uint16_t attempt;  /* Number of current attempt  */
-    uint16_t iter;     /* Number of squares computed in the current attempt */
-
-    uint16_t order;    /* Order of 2 in DE - 1 */
-
-    mbedtls_mpi T;  /* Holds largest odd divisor of DE - 1     */
-    mbedtls_mpi K;  /* Temporary holding the current candidate */
-
-    const unsigned char primes[] = { 2,
-           3,    5,    7,   11,   13,   17,   19,   23,
-          29,   31,   37,   41,   43,   47,   53,   59,
-          61,   67,   71,   73,   79,   83,   89,   97,
-         101,  103,  107,  109,  113,  127,  131,  137,
-         139,  149,  151,  157,  163,  167,  173,  179,
-         181,  191,  193,  197,  199,  211,  223,  227,
-         229,  233,  239,  241,  251
-    };
-
-    const size_t num_primes = sizeof( primes ) / sizeof( *primes );
-
-    if( P == NULL || Q == NULL || P->p != NULL || Q->p != NULL )
-        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
-
-    if( mbedtls_mpi_cmp_int( N, 0 ) <= 0 ||
-        mbedtls_mpi_cmp_int( D, 1 ) <= 0 ||
-        mbedtls_mpi_cmp_mpi( D, N ) >= 0 ||
-        mbedtls_mpi_cmp_int( E, 1 ) <= 0 ||
-        mbedtls_mpi_cmp_mpi( E, N ) >= 0 )
-    {
-        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
-    }
-
-    /*
-     * Initializations and temporary changes
-     */
-
-    mbedtls_mpi_init( &K );
-    mbedtls_mpi_init( &T );
-
-    /* T := DE - 1 */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, D,  E ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &T, &T, 1 ) );
-
-    if( ( order = (uint16_t) mbedtls_mpi_lsb( &T ) ) == 0 )
-    {
-        ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
-        goto cleanup;
-    }
-
-    /* After this operation, T holds the largest odd divisor of DE - 1. */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &T, order ) );
-
-    /*
-     * Actual work
-     */
-
-    /* Skip trying 2 if N == 1 mod 8 */
-    attempt = 0;
-    if( N->p[0] % 8 == 1 )
-        attempt = 1;
-
-    for( ; attempt < num_primes; ++attempt )
-    {
-        mbedtls_mpi_lset( &K, primes[attempt] );
-
-        /* Check if gcd(K,N) = 1 */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( P, &K, N ) );
-        if( mbedtls_mpi_cmp_int( P, 1 ) != 0 )
-            continue;
-
-        /* Go through K^T + 1, K^(2T) + 1, K^(4T) + 1, ...
-         * and check whether they have nontrivial GCD with N. */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &K, &K, &T, N,
-                             Q /* temporarily use Q for storing Montgomery
-                                * multiplication helper values */ ) );
-
-        for( iter = 1; iter <= order; ++iter )
-        {
-            /* If we reach 1 prematurely, there's no point
-             * in continuing to square K */
-            if( mbedtls_mpi_cmp_int( &K, 1 ) == 0 )
-                break;
-
-            MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &K, &K, 1 ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( P, &K, N ) );
-
-            if( mbedtls_mpi_cmp_int( P, 1 ) ==  1 &&
-                mbedtls_mpi_cmp_mpi( P, N ) == -1 )
-            {
-                /*
-                 * Have found a nontrivial divisor P of N.
-                 * Set Q := N / P.
-                 */
-
-                MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( Q, NULL, N, P ) );
-                goto cleanup;
-            }
-
-            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, &K, 1 ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, &K, &K ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &K, &K, N ) );
-        }
-
-        /*
-         * If we get here, then either we prematurely aborted the loop because
-         * we reached 1, or K holds primes[attempt]^(DE - 1) mod N, which must
-         * be 1 if D,E,N were consistent.
-         * Check if that's the case and abort if not, to avoid very long,
-         * yet eventually failing, computations if N,D,E were not sane.
-         */
-        if( mbedtls_mpi_cmp_int( &K, 1 ) != 0 )
-        {
-            break;
-        }
-    }
-
-    ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
-
-cleanup:
-
-    mbedtls_mpi_free( &K );
-    mbedtls_mpi_free( &T );
-    return( ret );
-}
-
-/*
- * Given P, Q and the public exponent E, deduce D.
- * This is essentially a modular inversion.
- */
-int mbedtls_rsa_deduce_private_exponent( mbedtls_mpi const *P,
-                                         mbedtls_mpi const *Q,
-                                         mbedtls_mpi const *E,
-                                         mbedtls_mpi *D )
-{
-    int ret = 0;
-    mbedtls_mpi K, L;
-
-    if( D == NULL || mbedtls_mpi_cmp_int( D, 0 ) != 0 )
-        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
-
-    if( mbedtls_mpi_cmp_int( P, 1 ) <= 0 ||
-        mbedtls_mpi_cmp_int( Q, 1 ) <= 0 ||
-        mbedtls_mpi_cmp_int( E, 0 ) == 0 )
-    {
-        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
-    }
-
-    mbedtls_mpi_init( &K );
-    mbedtls_mpi_init( &L );
-
-    /* Temporarily put K := P-1 and L := Q-1 */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, P, 1 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &L, Q, 1 ) );
-
-    /* Temporarily put D := gcd(P-1, Q-1) */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( D, &K, &L ) );
-
-    /* K := LCM(P-1, Q-1) */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, &K, &L ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( &K, NULL, &K, D ) );
-
-    /* Compute modular inverse of E in LCM(P-1, Q-1) */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( D, E, &K ) );
-
-cleanup:
-
-    mbedtls_mpi_free( &K );
-    mbedtls_mpi_free( &L );
-
-    return( ret );
-}
-
-/*
- * Check that RSA CRT parameters are in accordance with core parameters.
- */
-int mbedtls_rsa_validate_crt( const mbedtls_mpi *P,  const mbedtls_mpi *Q,
-                              const mbedtls_mpi *D,  const mbedtls_mpi *DP,
-                              const mbedtls_mpi *DQ, const mbedtls_mpi *QP )
-{
-    int ret = 0;
-
-    mbedtls_mpi K, L;
-    mbedtls_mpi_init( &K );
-    mbedtls_mpi_init( &L );
-
-    /* Check that DP - D == 0 mod P - 1 */
-    if( DP != NULL )
-    {
-        if( P == NULL )
-        {
-            ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
-            goto cleanup;
-        }
-
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, P, 1 ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &L, DP, D ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &L, &L, &K ) );
-
-        if( mbedtls_mpi_cmp_int( &L, 0 ) != 0 )
-        {
-            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
-            goto cleanup;
-        }
-    }
-
-    /* Check that DQ - D == 0 mod Q - 1 */
-    if( DQ != NULL )
-    {
-        if( Q == NULL )
-        {
-            ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
-            goto cleanup;
-        }
-
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, Q, 1 ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &L, DQ, D ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &L, &L, &K ) );
-
-        if( mbedtls_mpi_cmp_int( &L, 0 ) != 0 )
-        {
-            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
-            goto cleanup;
-        }
-    }
-
-    /* Check that QP * Q - 1 == 0 mod P */
-    if( QP != NULL )
-    {
-        if( P == NULL || Q == NULL )
-        {
-            ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
-            goto cleanup;
-        }
-
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, QP, Q ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, &K, 1 ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &K, &K, P ) );
-        if( mbedtls_mpi_cmp_int( &K, 0 ) != 0 )
-        {
-            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
-            goto cleanup;
-        }
-    }
-
-cleanup:
-
-    /* Wrap MPI error codes by RSA check failure error code */
-    if( ret != 0 &&
-        ret != MBEDTLS_ERR_RSA_KEY_CHECK_FAILED &&
-        ret != MBEDTLS_ERR_RSA_BAD_INPUT_DATA )
-    {
-        ret += MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
-    }
-
-    mbedtls_mpi_free( &K );
-    mbedtls_mpi_free( &L );
-
-    return( ret );
-}
-
-/*
- * Check that core RSA parameters are sane.
- */
-int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P,
-                                 const mbedtls_mpi *Q, const mbedtls_mpi *D,
-                                 const mbedtls_mpi *E,
-                                 int (*f_rng)(void *, unsigned char *, size_t),
-                                 void *p_rng )
-{
-    int ret = 0;
-    mbedtls_mpi K, L;
-
-    mbedtls_mpi_init( &K );
-    mbedtls_mpi_init( &L );
-
-    /*
-     * Step 1: If PRNG provided, check that P and Q are prime
-     */
-
-#if defined(MBEDTLS_GENPRIME)
-    /*
-     * When generating keys, the strongest security we support aims for an error
-     * rate of at most 2^-100 and we are aiming for the same certainty here as
-     * well.
-     */
-    if( f_rng != NULL && P != NULL &&
-        ( ret = mbedtls_mpi_is_prime_ext( P, 50, f_rng, p_rng ) ) != 0 )
-    {
-        ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
-        goto cleanup;
-    }
-
-    if( f_rng != NULL && Q != NULL &&
-        ( ret = mbedtls_mpi_is_prime_ext( Q, 50, f_rng, p_rng ) ) != 0 )
-    {
-        ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
-        goto cleanup;
-    }
-#else
-    ((void) f_rng);
-    ((void) p_rng);
-#endif /* MBEDTLS_GENPRIME */
-
-    /*
-     * Step 2: Check that 1 < N = P * Q
-     */
-
-    if( P != NULL && Q != NULL && N != NULL )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, P, Q ) );
-        if( mbedtls_mpi_cmp_int( N, 1 )  <= 0 ||
-            mbedtls_mpi_cmp_mpi( &K, N ) != 0 )
-        {
-            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
-            goto cleanup;
-        }
-    }
-
-    /*
-     * Step 3: Check and 1 < D, E < N if present.
-     */
-
-    if( N != NULL && D != NULL && E != NULL )
-    {
-        if ( mbedtls_mpi_cmp_int( D, 1 ) <= 0 ||
-             mbedtls_mpi_cmp_int( E, 1 ) <= 0 ||
-             mbedtls_mpi_cmp_mpi( D, N ) >= 0 ||
-             mbedtls_mpi_cmp_mpi( E, N ) >= 0 )
-        {
-            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
-            goto cleanup;
-        }
-    }
-
-    /*
-     * Step 4: Check that D, E are inverse modulo P-1 and Q-1
-     */
-
-    if( P != NULL && Q != NULL && D != NULL && E != NULL )
-    {
-        if( mbedtls_mpi_cmp_int( P, 1 ) <= 0 ||
-            mbedtls_mpi_cmp_int( Q, 1 ) <= 0 )
-        {
-            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
-            goto cleanup;
-        }
-
-        /* Compute DE-1 mod P-1 */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, D, E ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, &K, 1 ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &L, P, 1 ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &K, &K, &L ) );
-        if( mbedtls_mpi_cmp_int( &K, 0 ) != 0 )
-        {
-            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
-            goto cleanup;
-        }
-
-        /* Compute DE-1 mod Q-1 */
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, D, E ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, &K, 1 ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &L, Q, 1 ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &K, &K, &L ) );
-        if( mbedtls_mpi_cmp_int( &K, 0 ) != 0 )
-        {
-            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
-            goto cleanup;
-        }
-    }
-
-cleanup:
-
-    mbedtls_mpi_free( &K );
-    mbedtls_mpi_free( &L );
-
-    /* Wrap MPI error codes by RSA check failure error code */
-    if( ret != 0 && ret != MBEDTLS_ERR_RSA_KEY_CHECK_FAILED )
-    {
-        ret += MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
-    }
-
-    return( ret );
-}
-
-int mbedtls_rsa_deduce_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q,
-                            const mbedtls_mpi *D, mbedtls_mpi *DP,
-                            mbedtls_mpi *DQ, mbedtls_mpi *QP )
-{
-    int ret = 0;
-    mbedtls_mpi K;
-    mbedtls_mpi_init( &K );
-
-    /* DP = D mod P-1 */
-    if( DP != NULL )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, P, 1  ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( DP, D, &K ) );
-    }
-
-    /* DQ = D mod Q-1 */
-    if( DQ != NULL )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, Q, 1  ) );
-        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( DQ, D, &K ) );
-    }
-
-    /* QP = Q^{-1} mod P */
-    if( QP != NULL )
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( QP, Q, P ) );
-    }
-
-cleanup:
-    mbedtls_mpi_free( &K );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_RSA_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/sha1.c b/3rdparty/mbedtls-2.25.0/library/sha1.c
deleted file mode 100644
index 6b0f58e..0000000
--- a/3rdparty/mbedtls-2.25.0/library/sha1.c
+++ /dev/null
@@ -1,576 +0,0 @@
-/*
- *  FIPS-180-1 compliant SHA-1 implementation
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  The SHA-1 standard was published by NIST in 1993.
- *
- *  http://www.itl.nist.gov/fipspubs/fip180-1.htm
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_SHA1_C)
-
-#include "mbedtls/sha1.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#define SHA1_VALIDATE_RET(cond)                             \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA1_BAD_INPUT_DATA )
-
-#define SHA1_VALIDATE(cond)  MBEDTLS_INTERNAL_VALIDATE( cond )
-
-#if !defined(MBEDTLS_SHA1_ALT)
-
-/*
- * 32-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i)                            \
-{                                                       \
-    (n) = ( (uint32_t) (b)[(i)    ] << 24 )             \
-        | ( (uint32_t) (b)[(i) + 1] << 16 )             \
-        | ( (uint32_t) (b)[(i) + 2] <<  8 )             \
-        | ( (uint32_t) (b)[(i) + 3]       );            \
-}
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i)                            \
-{                                                       \
-    (b)[(i)    ] = (unsigned char) ( (n) >> 24 );       \
-    (b)[(i) + 1] = (unsigned char) ( (n) >> 16 );       \
-    (b)[(i) + 2] = (unsigned char) ( (n) >>  8 );       \
-    (b)[(i) + 3] = (unsigned char) ( (n)       );       \
-}
-#endif
-
-void mbedtls_sha1_init( mbedtls_sha1_context *ctx )
-{
-    SHA1_VALIDATE( ctx != NULL );
-
-    memset( ctx, 0, sizeof( mbedtls_sha1_context ) );
-}
-
-void mbedtls_sha1_free( mbedtls_sha1_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_sha1_context ) );
-}
-
-void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
-                         const mbedtls_sha1_context *src )
-{
-    SHA1_VALIDATE( dst != NULL );
-    SHA1_VALIDATE( src != NULL );
-
-    *dst = *src;
-}
-
-/*
- * SHA-1 context setup
- */
-int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx )
-{
-    SHA1_VALIDATE_RET( ctx != NULL );
-
-    ctx->total[0] = 0;
-    ctx->total[1] = 0;
-
-    ctx->state[0] = 0x67452301;
-    ctx->state[1] = 0xEFCDAB89;
-    ctx->state[2] = 0x98BADCFE;
-    ctx->state[3] = 0x10325476;
-    ctx->state[4] = 0xC3D2E1F0;
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_sha1_starts( mbedtls_sha1_context *ctx )
-{
-    mbedtls_sha1_starts_ret( ctx );
-}
-#endif
-
-#if !defined(MBEDTLS_SHA1_PROCESS_ALT)
-int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
-                                   const unsigned char data[64] )
-{
-    struct
-    {
-        uint32_t temp, W[16], A, B, C, D, E;
-    } local;
-
-    SHA1_VALIDATE_RET( ctx != NULL );
-    SHA1_VALIDATE_RET( (const unsigned char *)data != NULL );
-
-    GET_UINT32_BE( local.W[ 0], data,  0 );
-    GET_UINT32_BE( local.W[ 1], data,  4 );
-    GET_UINT32_BE( local.W[ 2], data,  8 );
-    GET_UINT32_BE( local.W[ 3], data, 12 );
-    GET_UINT32_BE( local.W[ 4], data, 16 );
-    GET_UINT32_BE( local.W[ 5], data, 20 );
-    GET_UINT32_BE( local.W[ 6], data, 24 );
-    GET_UINT32_BE( local.W[ 7], data, 28 );
-    GET_UINT32_BE( local.W[ 8], data, 32 );
-    GET_UINT32_BE( local.W[ 9], data, 36 );
-    GET_UINT32_BE( local.W[10], data, 40 );
-    GET_UINT32_BE( local.W[11], data, 44 );
-    GET_UINT32_BE( local.W[12], data, 48 );
-    GET_UINT32_BE( local.W[13], data, 52 );
-    GET_UINT32_BE( local.W[14], data, 56 );
-    GET_UINT32_BE( local.W[15], data, 60 );
-
-#define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n))))
-
-#define R(t)                                                    \
-    (                                                           \
-        local.temp = local.W[( (t) -  3 ) & 0x0F] ^             \
-                     local.W[( (t) -  8 ) & 0x0F] ^             \
-                     local.W[( (t) - 14 ) & 0x0F] ^             \
-                     local.W[  (t)        & 0x0F],              \
-        ( local.W[(t) & 0x0F] = S(local.temp,1) )               \
-    )
-
-#define P(a,b,c,d,e,x)                                          \
-    do                                                          \
-    {                                                           \
-        (e) += S((a),5) + F((b),(c),(d)) + K + (x);             \
-        (b) = S((b),30);                                        \
-    } while( 0 )
-
-    local.A = ctx->state[0];
-    local.B = ctx->state[1];
-    local.C = ctx->state[2];
-    local.D = ctx->state[3];
-    local.E = ctx->state[4];
-
-#define F(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
-#define K 0x5A827999
-
-    P( local.A, local.B, local.C, local.D, local.E, local.W[0]  );
-    P( local.E, local.A, local.B, local.C, local.D, local.W[1]  );
-    P( local.D, local.E, local.A, local.B, local.C, local.W[2]  );
-    P( local.C, local.D, local.E, local.A, local.B, local.W[3]  );
-    P( local.B, local.C, local.D, local.E, local.A, local.W[4]  );
-    P( local.A, local.B, local.C, local.D, local.E, local.W[5]  );
-    P( local.E, local.A, local.B, local.C, local.D, local.W[6]  );
-    P( local.D, local.E, local.A, local.B, local.C, local.W[7]  );
-    P( local.C, local.D, local.E, local.A, local.B, local.W[8]  );
-    P( local.B, local.C, local.D, local.E, local.A, local.W[9]  );
-    P( local.A, local.B, local.C, local.D, local.E, local.W[10] );
-    P( local.E, local.A, local.B, local.C, local.D, local.W[11] );
-    P( local.D, local.E, local.A, local.B, local.C, local.W[12] );
-    P( local.C, local.D, local.E, local.A, local.B, local.W[13] );
-    P( local.B, local.C, local.D, local.E, local.A, local.W[14] );
-    P( local.A, local.B, local.C, local.D, local.E, local.W[15] );
-    P( local.E, local.A, local.B, local.C, local.D, R(16) );
-    P( local.D, local.E, local.A, local.B, local.C, R(17) );
-    P( local.C, local.D, local.E, local.A, local.B, R(18) );
-    P( local.B, local.C, local.D, local.E, local.A, R(19) );
-
-#undef K
-#undef F
-
-#define F(x,y,z) ((x) ^ (y) ^ (z))
-#define K 0x6ED9EBA1
-
-    P( local.A, local.B, local.C, local.D, local.E, R(20) );
-    P( local.E, local.A, local.B, local.C, local.D, R(21) );
-    P( local.D, local.E, local.A, local.B, local.C, R(22) );
-    P( local.C, local.D, local.E, local.A, local.B, R(23) );
-    P( local.B, local.C, local.D, local.E, local.A, R(24) );
-    P( local.A, local.B, local.C, local.D, local.E, R(25) );
-    P( local.E, local.A, local.B, local.C, local.D, R(26) );
-    P( local.D, local.E, local.A, local.B, local.C, R(27) );
-    P( local.C, local.D, local.E, local.A, local.B, R(28) );
-    P( local.B, local.C, local.D, local.E, local.A, R(29) );
-    P( local.A, local.B, local.C, local.D, local.E, R(30) );
-    P( local.E, local.A, local.B, local.C, local.D, R(31) );
-    P( local.D, local.E, local.A, local.B, local.C, R(32) );
-    P( local.C, local.D, local.E, local.A, local.B, R(33) );
-    P( local.B, local.C, local.D, local.E, local.A, R(34) );
-    P( local.A, local.B, local.C, local.D, local.E, R(35) );
-    P( local.E, local.A, local.B, local.C, local.D, R(36) );
-    P( local.D, local.E, local.A, local.B, local.C, R(37) );
-    P( local.C, local.D, local.E, local.A, local.B, R(38) );
-    P( local.B, local.C, local.D, local.E, local.A, R(39) );
-
-#undef K
-#undef F
-
-#define F(x,y,z) (((x) & (y)) | ((z) & ((x) | (y))))
-#define K 0x8F1BBCDC
-
-    P( local.A, local.B, local.C, local.D, local.E, R(40) );
-    P( local.E, local.A, local.B, local.C, local.D, R(41) );
-    P( local.D, local.E, local.A, local.B, local.C, R(42) );
-    P( local.C, local.D, local.E, local.A, local.B, R(43) );
-    P( local.B, local.C, local.D, local.E, local.A, R(44) );
-    P( local.A, local.B, local.C, local.D, local.E, R(45) );
-    P( local.E, local.A, local.B, local.C, local.D, R(46) );
-    P( local.D, local.E, local.A, local.B, local.C, R(47) );
-    P( local.C, local.D, local.E, local.A, local.B, R(48) );
-    P( local.B, local.C, local.D, local.E, local.A, R(49) );
-    P( local.A, local.B, local.C, local.D, local.E, R(50) );
-    P( local.E, local.A, local.B, local.C, local.D, R(51) );
-    P( local.D, local.E, local.A, local.B, local.C, R(52) );
-    P( local.C, local.D, local.E, local.A, local.B, R(53) );
-    P( local.B, local.C, local.D, local.E, local.A, R(54) );
-    P( local.A, local.B, local.C, local.D, local.E, R(55) );
-    P( local.E, local.A, local.B, local.C, local.D, R(56) );
-    P( local.D, local.E, local.A, local.B, local.C, R(57) );
-    P( local.C, local.D, local.E, local.A, local.B, R(58) );
-    P( local.B, local.C, local.D, local.E, local.A, R(59) );
-
-#undef K
-#undef F
-
-#define F(x,y,z) ((x) ^ (y) ^ (z))
-#define K 0xCA62C1D6
-
-    P( local.A, local.B, local.C, local.D, local.E, R(60) );
-    P( local.E, local.A, local.B, local.C, local.D, R(61) );
-    P( local.D, local.E, local.A, local.B, local.C, R(62) );
-    P( local.C, local.D, local.E, local.A, local.B, R(63) );
-    P( local.B, local.C, local.D, local.E, local.A, R(64) );
-    P( local.A, local.B, local.C, local.D, local.E, R(65) );
-    P( local.E, local.A, local.B, local.C, local.D, R(66) );
-    P( local.D, local.E, local.A, local.B, local.C, R(67) );
-    P( local.C, local.D, local.E, local.A, local.B, R(68) );
-    P( local.B, local.C, local.D, local.E, local.A, R(69) );
-    P( local.A, local.B, local.C, local.D, local.E, R(70) );
-    P( local.E, local.A, local.B, local.C, local.D, R(71) );
-    P( local.D, local.E, local.A, local.B, local.C, R(72) );
-    P( local.C, local.D, local.E, local.A, local.B, R(73) );
-    P( local.B, local.C, local.D, local.E, local.A, R(74) );
-    P( local.A, local.B, local.C, local.D, local.E, R(75) );
-    P( local.E, local.A, local.B, local.C, local.D, R(76) );
-    P( local.D, local.E, local.A, local.B, local.C, R(77) );
-    P( local.C, local.D, local.E, local.A, local.B, R(78) );
-    P( local.B, local.C, local.D, local.E, local.A, R(79) );
-
-#undef K
-#undef F
-
-    ctx->state[0] += local.A;
-    ctx->state[1] += local.B;
-    ctx->state[2] += local.C;
-    ctx->state[3] += local.D;
-    ctx->state[4] += local.E;
-
-    /* Zeroise buffers and variables to clear sensitive data from memory. */
-    mbedtls_platform_zeroize( &local, sizeof( local ) );
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_sha1_process( mbedtls_sha1_context *ctx,
-                           const unsigned char data[64] )
-{
-    mbedtls_internal_sha1_process( ctx, data );
-}
-#endif
-#endif /* !MBEDTLS_SHA1_PROCESS_ALT */
-
-/*
- * SHA-1 process buffer
- */
-int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
-                             const unsigned char *input,
-                             size_t ilen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t fill;
-    uint32_t left;
-
-    SHA1_VALIDATE_RET( ctx != NULL );
-    SHA1_VALIDATE_RET( ilen == 0 || input != NULL );
-
-    if( ilen == 0 )
-        return( 0 );
-
-    left = ctx->total[0] & 0x3F;
-    fill = 64 - left;
-
-    ctx->total[0] += (uint32_t) ilen;
-    ctx->total[0] &= 0xFFFFFFFF;
-
-    if( ctx->total[0] < (uint32_t) ilen )
-        ctx->total[1]++;
-
-    if( left && ilen >= fill )
-    {
-        memcpy( (void *) (ctx->buffer + left), input, fill );
-
-        if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 )
-            return( ret );
-
-        input += fill;
-        ilen  -= fill;
-        left = 0;
-    }
-
-    while( ilen >= 64 )
-    {
-        if( ( ret = mbedtls_internal_sha1_process( ctx, input ) ) != 0 )
-            return( ret );
-
-        input += 64;
-        ilen  -= 64;
-    }
-
-    if( ilen > 0 )
-        memcpy( (void *) (ctx->buffer + left), input, ilen );
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_sha1_update( mbedtls_sha1_context *ctx,
-                          const unsigned char *input,
-                          size_t ilen )
-{
-    mbedtls_sha1_update_ret( ctx, input, ilen );
-}
-#endif
-
-/*
- * SHA-1 final digest
- */
-int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
-                             unsigned char output[20] )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    uint32_t used;
-    uint32_t high, low;
-
-    SHA1_VALIDATE_RET( ctx != NULL );
-    SHA1_VALIDATE_RET( (unsigned char *)output != NULL );
-
-    /*
-     * Add padding: 0x80 then 0x00 until 8 bytes remain for the length
-     */
-    used = ctx->total[0] & 0x3F;
-
-    ctx->buffer[used++] = 0x80;
-
-    if( used <= 56 )
-    {
-        /* Enough room for padding + length in current block */
-        memset( ctx->buffer + used, 0, 56 - used );
-    }
-    else
-    {
-        /* We'll need an extra block */
-        memset( ctx->buffer + used, 0, 64 - used );
-
-        if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 )
-            return( ret );
-
-        memset( ctx->buffer, 0, 56 );
-    }
-
-    /*
-     * Add message length
-     */
-    high = ( ctx->total[0] >> 29 )
-         | ( ctx->total[1] <<  3 );
-    low  = ( ctx->total[0] <<  3 );
-
-    PUT_UINT32_BE( high, ctx->buffer, 56 );
-    PUT_UINT32_BE( low,  ctx->buffer, 60 );
-
-    if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 )
-        return( ret );
-
-    /*
-     * Output final state
-     */
-    PUT_UINT32_BE( ctx->state[0], output,  0 );
-    PUT_UINT32_BE( ctx->state[1], output,  4 );
-    PUT_UINT32_BE( ctx->state[2], output,  8 );
-    PUT_UINT32_BE( ctx->state[3], output, 12 );
-    PUT_UINT32_BE( ctx->state[4], output, 16 );
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
-                          unsigned char output[20] )
-{
-    mbedtls_sha1_finish_ret( ctx, output );
-}
-#endif
-
-#endif /* !MBEDTLS_SHA1_ALT */
-
-/*
- * output = SHA-1( input buffer )
- */
-int mbedtls_sha1_ret( const unsigned char *input,
-                      size_t ilen,
-                      unsigned char output[20] )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_sha1_context ctx;
-
-    SHA1_VALIDATE_RET( ilen == 0 || input != NULL );
-    SHA1_VALIDATE_RET( (unsigned char *)output != NULL );
-
-    mbedtls_sha1_init( &ctx );
-
-    if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_sha1_update_ret( &ctx, input, ilen ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_sha1_finish_ret( &ctx, output ) ) != 0 )
-        goto exit;
-
-exit:
-    mbedtls_sha1_free( &ctx );
-
-    return( ret );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_sha1( const unsigned char *input,
-                   size_t ilen,
-                   unsigned char output[20] )
-{
-    mbedtls_sha1_ret( input, ilen, output );
-}
-#endif
-
-#if defined(MBEDTLS_SELF_TEST)
-/*
- * FIPS-180-1 test vectors
- */
-static const unsigned char sha1_test_buf[3][57] =
-{
-    { "abc" },
-    { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
-    { "" }
-};
-
-static const size_t sha1_test_buflen[3] =
-{
-    3, 56, 1000
-};
-
-static const unsigned char sha1_test_sum[3][20] =
-{
-    { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E,
-      0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D },
-    { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE,
-      0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 },
-    { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E,
-      0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F }
-};
-
-/*
- * Checkup routine
- */
-int mbedtls_sha1_self_test( int verbose )
-{
-    int i, j, buflen, ret = 0;
-    unsigned char buf[1024];
-    unsigned char sha1sum[20];
-    mbedtls_sha1_context ctx;
-
-    mbedtls_sha1_init( &ctx );
-
-    /*
-     * SHA-1
-     */
-    for( i = 0; i < 3; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  SHA-1 test #%d: ", i + 1 );
-
-        if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 )
-            goto fail;
-
-        if( i == 2 )
-        {
-            memset( buf, 'a', buflen = 1000 );
-
-            for( j = 0; j < 1000; j++ )
-            {
-                ret = mbedtls_sha1_update_ret( &ctx, buf, buflen );
-                if( ret != 0 )
-                    goto fail;
-            }
-        }
-        else
-        {
-            ret = mbedtls_sha1_update_ret( &ctx, sha1_test_buf[i],
-                                           sha1_test_buflen[i] );
-            if( ret != 0 )
-                goto fail;
-        }
-
-        if( ( ret = mbedtls_sha1_finish_ret( &ctx, sha1sum ) ) != 0 )
-            goto fail;
-
-        if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 )
-        {
-            ret = 1;
-            goto fail;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-    goto exit;
-
-fail:
-    if( verbose != 0 )
-        mbedtls_printf( "failed\n" );
-
-exit:
-    mbedtls_sha1_free( &ctx );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_SHA1_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/sha256.c b/3rdparty/mbedtls-2.25.0/library/sha256.c
deleted file mode 100644
index be373d9..0000000
--- a/3rdparty/mbedtls-2.25.0/library/sha256.c
+++ /dev/null
@@ -1,608 +0,0 @@
-/*
- *  FIPS-180-2 compliant SHA-256 implementation
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  The SHA-256 Secure Hash Standard was published by NIST in 2002.
- *
- *  http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_SHA256_C)
-
-#include "mbedtls/sha256.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf printf
-#define mbedtls_calloc    calloc
-#define mbedtls_free       free
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#define SHA256_VALIDATE_RET(cond)                           \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA256_BAD_INPUT_DATA )
-#define SHA256_VALIDATE(cond)  MBEDTLS_INTERNAL_VALIDATE( cond )
-
-#if !defined(MBEDTLS_SHA256_ALT)
-
-/*
- * 32-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i)                            \
-do {                                                    \
-    (n) = ( (uint32_t) (b)[(i)    ] << 24 )             \
-        | ( (uint32_t) (b)[(i) + 1] << 16 )             \
-        | ( (uint32_t) (b)[(i) + 2] <<  8 )             \
-        | ( (uint32_t) (b)[(i) + 3]       );            \
-} while( 0 )
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i)                            \
-do {                                                    \
-    (b)[(i)    ] = (unsigned char) ( (n) >> 24 );       \
-    (b)[(i) + 1] = (unsigned char) ( (n) >> 16 );       \
-    (b)[(i) + 2] = (unsigned char) ( (n) >>  8 );       \
-    (b)[(i) + 3] = (unsigned char) ( (n)       );       \
-} while( 0 )
-#endif
-
-void mbedtls_sha256_init( mbedtls_sha256_context *ctx )
-{
-    SHA256_VALIDATE( ctx != NULL );
-
-    memset( ctx, 0, sizeof( mbedtls_sha256_context ) );
-}
-
-void mbedtls_sha256_free( mbedtls_sha256_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_sha256_context ) );
-}
-
-void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
-                           const mbedtls_sha256_context *src )
-{
-    SHA256_VALIDATE( dst != NULL );
-    SHA256_VALIDATE( src != NULL );
-
-    *dst = *src;
-}
-
-/*
- * SHA-256 context setup
- */
-int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 )
-{
-    SHA256_VALIDATE_RET( ctx != NULL );
-    SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 );
-
-    ctx->total[0] = 0;
-    ctx->total[1] = 0;
-
-    if( is224 == 0 )
-    {
-        /* SHA-256 */
-        ctx->state[0] = 0x6A09E667;
-        ctx->state[1] = 0xBB67AE85;
-        ctx->state[2] = 0x3C6EF372;
-        ctx->state[3] = 0xA54FF53A;
-        ctx->state[4] = 0x510E527F;
-        ctx->state[5] = 0x9B05688C;
-        ctx->state[6] = 0x1F83D9AB;
-        ctx->state[7] = 0x5BE0CD19;
-    }
-    else
-    {
-        /* SHA-224 */
-        ctx->state[0] = 0xC1059ED8;
-        ctx->state[1] = 0x367CD507;
-        ctx->state[2] = 0x3070DD17;
-        ctx->state[3] = 0xF70E5939;
-        ctx->state[4] = 0xFFC00B31;
-        ctx->state[5] = 0x68581511;
-        ctx->state[6] = 0x64F98FA7;
-        ctx->state[7] = 0xBEFA4FA4;
-    }
-
-    ctx->is224 = is224;
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_sha256_starts( mbedtls_sha256_context *ctx,
-                            int is224 )
-{
-    mbedtls_sha256_starts_ret( ctx, is224 );
-}
-#endif
-
-#if !defined(MBEDTLS_SHA256_PROCESS_ALT)
-static const uint32_t K[] =
-{
-    0x428A2F98, 0x71374491, 0xB5C0FBCF, 0xE9B5DBA5,
-    0x3956C25B, 0x59F111F1, 0x923F82A4, 0xAB1C5ED5,
-    0xD807AA98, 0x12835B01, 0x243185BE, 0x550C7DC3,
-    0x72BE5D74, 0x80DEB1FE, 0x9BDC06A7, 0xC19BF174,
-    0xE49B69C1, 0xEFBE4786, 0x0FC19DC6, 0x240CA1CC,
-    0x2DE92C6F, 0x4A7484AA, 0x5CB0A9DC, 0x76F988DA,
-    0x983E5152, 0xA831C66D, 0xB00327C8, 0xBF597FC7,
-    0xC6E00BF3, 0xD5A79147, 0x06CA6351, 0x14292967,
-    0x27B70A85, 0x2E1B2138, 0x4D2C6DFC, 0x53380D13,
-    0x650A7354, 0x766A0ABB, 0x81C2C92E, 0x92722C85,
-    0xA2BFE8A1, 0xA81A664B, 0xC24B8B70, 0xC76C51A3,
-    0xD192E819, 0xD6990624, 0xF40E3585, 0x106AA070,
-    0x19A4C116, 0x1E376C08, 0x2748774C, 0x34B0BCB5,
-    0x391C0CB3, 0x4ED8AA4A, 0x5B9CCA4F, 0x682E6FF3,
-    0x748F82EE, 0x78A5636F, 0x84C87814, 0x8CC70208,
-    0x90BEFFFA, 0xA4506CEB, 0xBEF9A3F7, 0xC67178F2,
-};
-
-#define  SHR(x,n) (((x) & 0xFFFFFFFF) >> (n))
-#define ROTR(x,n) (SHR(x,n) | ((x) << (32 - (n))))
-
-#define S0(x) (ROTR(x, 7) ^ ROTR(x,18) ^  SHR(x, 3))
-#define S1(x) (ROTR(x,17) ^ ROTR(x,19) ^  SHR(x,10))
-
-#define S2(x) (ROTR(x, 2) ^ ROTR(x,13) ^ ROTR(x,22))
-#define S3(x) (ROTR(x, 6) ^ ROTR(x,11) ^ ROTR(x,25))
-
-#define F0(x,y,z) (((x) & (y)) | ((z) & ((x) | (y))))
-#define F1(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
-
-#define R(t)                                                        \
-    (                                                               \
-        local.W[t] = S1(local.W[(t) -  2]) + local.W[(t) -  7] +    \
-                     S0(local.W[(t) - 15]) + local.W[(t) - 16]      \
-    )
-
-#define P(a,b,c,d,e,f,g,h,x,K)                                      \
-    do                                                              \
-    {                                                               \
-        local.temp1 = (h) + S3(e) + F1((e),(f),(g)) + (K) + (x);    \
-        local.temp2 = S2(a) + F0((a),(b),(c));                      \
-        (d) += local.temp1; (h) = local.temp1 + local.temp2;        \
-    } while( 0 )
-
-int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
-                                const unsigned char data[64] )
-{
-    struct
-    {
-        uint32_t temp1, temp2, W[64];
-        uint32_t A[8];
-    } local;
-
-    unsigned int i;
-
-    SHA256_VALIDATE_RET( ctx != NULL );
-    SHA256_VALIDATE_RET( (const unsigned char *)data != NULL );
-
-    for( i = 0; i < 8; i++ )
-        local.A[i] = ctx->state[i];
-
-#if defined(MBEDTLS_SHA256_SMALLER)
-    for( i = 0; i < 64; i++ )
-    {
-        if( i < 16 )
-            GET_UINT32_BE( local.W[i], data, 4 * i );
-        else
-            R( i );
-
-        P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4],
-           local.A[5], local.A[6], local.A[7], local.W[i], K[i] );
-
-        local.temp1 = local.A[7]; local.A[7] = local.A[6];
-        local.A[6] = local.A[5]; local.A[5] = local.A[4];
-        local.A[4] = local.A[3]; local.A[3] = local.A[2];
-        local.A[2] = local.A[1]; local.A[1] = local.A[0];
-        local.A[0] = local.temp1;
-    }
-#else /* MBEDTLS_SHA256_SMALLER */
-    for( i = 0; i < 16; i++ )
-        GET_UINT32_BE( local.W[i], data, 4 * i );
-
-    for( i = 0; i < 16; i += 8 )
-    {
-        P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4],
-           local.A[5], local.A[6], local.A[7], local.W[i+0], K[i+0] );
-        P( local.A[7], local.A[0], local.A[1], local.A[2], local.A[3],
-           local.A[4], local.A[5], local.A[6], local.W[i+1], K[i+1] );
-        P( local.A[6], local.A[7], local.A[0], local.A[1], local.A[2],
-           local.A[3], local.A[4], local.A[5], local.W[i+2], K[i+2] );
-        P( local.A[5], local.A[6], local.A[7], local.A[0], local.A[1],
-           local.A[2], local.A[3], local.A[4], local.W[i+3], K[i+3] );
-        P( local.A[4], local.A[5], local.A[6], local.A[7], local.A[0],
-           local.A[1], local.A[2], local.A[3], local.W[i+4], K[i+4] );
-        P( local.A[3], local.A[4], local.A[5], local.A[6], local.A[7],
-           local.A[0], local.A[1], local.A[2], local.W[i+5], K[i+5] );
-        P( local.A[2], local.A[3], local.A[4], local.A[5], local.A[6],
-           local.A[7], local.A[0], local.A[1], local.W[i+6], K[i+6] );
-        P( local.A[1], local.A[2], local.A[3], local.A[4], local.A[5],
-           local.A[6], local.A[7], local.A[0], local.W[i+7], K[i+7] );
-    }
-
-    for( i = 16; i < 64; i += 8 )
-    {
-        P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4],
-           local.A[5], local.A[6], local.A[7], R(i+0), K[i+0] );
-        P( local.A[7], local.A[0], local.A[1], local.A[2], local.A[3],
-           local.A[4], local.A[5], local.A[6], R(i+1), K[i+1] );
-        P( local.A[6], local.A[7], local.A[0], local.A[1], local.A[2],
-           local.A[3], local.A[4], local.A[5], R(i+2), K[i+2] );
-        P( local.A[5], local.A[6], local.A[7], local.A[0], local.A[1],
-           local.A[2], local.A[3], local.A[4], R(i+3), K[i+3] );
-        P( local.A[4], local.A[5], local.A[6], local.A[7], local.A[0],
-           local.A[1], local.A[2], local.A[3], R(i+4), K[i+4] );
-        P( local.A[3], local.A[4], local.A[5], local.A[6], local.A[7],
-           local.A[0], local.A[1], local.A[2], R(i+5), K[i+5] );
-        P( local.A[2], local.A[3], local.A[4], local.A[5], local.A[6],
-           local.A[7], local.A[0], local.A[1], R(i+6), K[i+6] );
-        P( local.A[1], local.A[2], local.A[3], local.A[4], local.A[5],
-           local.A[6], local.A[7], local.A[0], R(i+7), K[i+7] );
-    }
-#endif /* MBEDTLS_SHA256_SMALLER */
-
-    for( i = 0; i < 8; i++ )
-        ctx->state[i] += local.A[i];
-
-    /* Zeroise buffers and variables to clear sensitive data from memory. */
-    mbedtls_platform_zeroize( &local, sizeof( local ) );
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_sha256_process( mbedtls_sha256_context *ctx,
-                             const unsigned char data[64] )
-{
-    mbedtls_internal_sha256_process( ctx, data );
-}
-#endif
-#endif /* !MBEDTLS_SHA256_PROCESS_ALT */
-
-/*
- * SHA-256 process buffer
- */
-int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
-                               const unsigned char *input,
-                               size_t ilen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t fill;
-    uint32_t left;
-
-    SHA256_VALIDATE_RET( ctx != NULL );
-    SHA256_VALIDATE_RET( ilen == 0 || input != NULL );
-
-    if( ilen == 0 )
-        return( 0 );
-
-    left = ctx->total[0] & 0x3F;
-    fill = 64 - left;
-
-    ctx->total[0] += (uint32_t) ilen;
-    ctx->total[0] &= 0xFFFFFFFF;
-
-    if( ctx->total[0] < (uint32_t) ilen )
-        ctx->total[1]++;
-
-    if( left && ilen >= fill )
-    {
-        memcpy( (void *) (ctx->buffer + left), input, fill );
-
-        if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 )
-            return( ret );
-
-        input += fill;
-        ilen  -= fill;
-        left = 0;
-    }
-
-    while( ilen >= 64 )
-    {
-        if( ( ret = mbedtls_internal_sha256_process( ctx, input ) ) != 0 )
-            return( ret );
-
-        input += 64;
-        ilen  -= 64;
-    }
-
-    if( ilen > 0 )
-        memcpy( (void *) (ctx->buffer + left), input, ilen );
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_sha256_update( mbedtls_sha256_context *ctx,
-                            const unsigned char *input,
-                            size_t ilen )
-{
-    mbedtls_sha256_update_ret( ctx, input, ilen );
-}
-#endif
-
-/*
- * SHA-256 final digest
- */
-int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
-                               unsigned char output[32] )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    uint32_t used;
-    uint32_t high, low;
-
-    SHA256_VALIDATE_RET( ctx != NULL );
-    SHA256_VALIDATE_RET( (unsigned char *)output != NULL );
-
-    /*
-     * Add padding: 0x80 then 0x00 until 8 bytes remain for the length
-     */
-    used = ctx->total[0] & 0x3F;
-
-    ctx->buffer[used++] = 0x80;
-
-    if( used <= 56 )
-    {
-        /* Enough room for padding + length in current block */
-        memset( ctx->buffer + used, 0, 56 - used );
-    }
-    else
-    {
-        /* We'll need an extra block */
-        memset( ctx->buffer + used, 0, 64 - used );
-
-        if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 )
-            return( ret );
-
-        memset( ctx->buffer, 0, 56 );
-    }
-
-    /*
-     * Add message length
-     */
-    high = ( ctx->total[0] >> 29 )
-         | ( ctx->total[1] <<  3 );
-    low  = ( ctx->total[0] <<  3 );
-
-    PUT_UINT32_BE( high, ctx->buffer, 56 );
-    PUT_UINT32_BE( low,  ctx->buffer, 60 );
-
-    if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 )
-        return( ret );
-
-    /*
-     * Output final state
-     */
-    PUT_UINT32_BE( ctx->state[0], output,  0 );
-    PUT_UINT32_BE( ctx->state[1], output,  4 );
-    PUT_UINT32_BE( ctx->state[2], output,  8 );
-    PUT_UINT32_BE( ctx->state[3], output, 12 );
-    PUT_UINT32_BE( ctx->state[4], output, 16 );
-    PUT_UINT32_BE( ctx->state[5], output, 20 );
-    PUT_UINT32_BE( ctx->state[6], output, 24 );
-
-    if( ctx->is224 == 0 )
-        PUT_UINT32_BE( ctx->state[7], output, 28 );
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
-                            unsigned char output[32] )
-{
-    mbedtls_sha256_finish_ret( ctx, output );
-}
-#endif
-
-#endif /* !MBEDTLS_SHA256_ALT */
-
-/*
- * output = SHA-256( input buffer )
- */
-int mbedtls_sha256_ret( const unsigned char *input,
-                        size_t ilen,
-                        unsigned char output[32],
-                        int is224 )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_sha256_context ctx;
-
-    SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 );
-    SHA256_VALIDATE_RET( ilen == 0 || input != NULL );
-    SHA256_VALIDATE_RET( (unsigned char *)output != NULL );
-
-    mbedtls_sha256_init( &ctx );
-
-    if( ( ret = mbedtls_sha256_starts_ret( &ctx, is224 ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_sha256_update_ret( &ctx, input, ilen ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_sha256_finish_ret( &ctx, output ) ) != 0 )
-        goto exit;
-
-exit:
-    mbedtls_sha256_free( &ctx );
-
-    return( ret );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_sha256( const unsigned char *input,
-                     size_t ilen,
-                     unsigned char output[32],
-                     int is224 )
-{
-    mbedtls_sha256_ret( input, ilen, output, is224 );
-}
-#endif
-
-#if defined(MBEDTLS_SELF_TEST)
-/*
- * FIPS-180-2 test vectors
- */
-static const unsigned char sha256_test_buf[3][57] =
-{
-    { "abc" },
-    { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
-    { "" }
-};
-
-static const size_t sha256_test_buflen[3] =
-{
-    3, 56, 1000
-};
-
-static const unsigned char sha256_test_sum[6][32] =
-{
-    /*
-     * SHA-224 test vectors
-     */
-    { 0x23, 0x09, 0x7D, 0x22, 0x34, 0x05, 0xD8, 0x22,
-      0x86, 0x42, 0xA4, 0x77, 0xBD, 0xA2, 0x55, 0xB3,
-      0x2A, 0xAD, 0xBC, 0xE4, 0xBD, 0xA0, 0xB3, 0xF7,
-      0xE3, 0x6C, 0x9D, 0xA7 },
-    { 0x75, 0x38, 0x8B, 0x16, 0x51, 0x27, 0x76, 0xCC,
-      0x5D, 0xBA, 0x5D, 0xA1, 0xFD, 0x89, 0x01, 0x50,
-      0xB0, 0xC6, 0x45, 0x5C, 0xB4, 0xF5, 0x8B, 0x19,
-      0x52, 0x52, 0x25, 0x25 },
-    { 0x20, 0x79, 0x46, 0x55, 0x98, 0x0C, 0x91, 0xD8,
-      0xBB, 0xB4, 0xC1, 0xEA, 0x97, 0x61, 0x8A, 0x4B,
-      0xF0, 0x3F, 0x42, 0x58, 0x19, 0x48, 0xB2, 0xEE,
-      0x4E, 0xE7, 0xAD, 0x67 },
-
-    /*
-     * SHA-256 test vectors
-     */
-    { 0xBA, 0x78, 0x16, 0xBF, 0x8F, 0x01, 0xCF, 0xEA,
-      0x41, 0x41, 0x40, 0xDE, 0x5D, 0xAE, 0x22, 0x23,
-      0xB0, 0x03, 0x61, 0xA3, 0x96, 0x17, 0x7A, 0x9C,
-      0xB4, 0x10, 0xFF, 0x61, 0xF2, 0x00, 0x15, 0xAD },
-    { 0x24, 0x8D, 0x6A, 0x61, 0xD2, 0x06, 0x38, 0xB8,
-      0xE5, 0xC0, 0x26, 0x93, 0x0C, 0x3E, 0x60, 0x39,
-      0xA3, 0x3C, 0xE4, 0x59, 0x64, 0xFF, 0x21, 0x67,
-      0xF6, 0xEC, 0xED, 0xD4, 0x19, 0xDB, 0x06, 0xC1 },
-    { 0xCD, 0xC7, 0x6E, 0x5C, 0x99, 0x14, 0xFB, 0x92,
-      0x81, 0xA1, 0xC7, 0xE2, 0x84, 0xD7, 0x3E, 0x67,
-      0xF1, 0x80, 0x9A, 0x48, 0xA4, 0x97, 0x20, 0x0E,
-      0x04, 0x6D, 0x39, 0xCC, 0xC7, 0x11, 0x2C, 0xD0 }
-};
-
-/*
- * Checkup routine
- */
-int mbedtls_sha256_self_test( int verbose )
-{
-    int i, j, k, buflen, ret = 0;
-    unsigned char *buf;
-    unsigned char sha256sum[32];
-    mbedtls_sha256_context ctx;
-
-    buf = mbedtls_calloc( 1024, sizeof(unsigned char) );
-    if( NULL == buf )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "Buffer allocation failed\n" );
-
-        return( 1 );
-    }
-
-    mbedtls_sha256_init( &ctx );
-
-    for( i = 0; i < 6; i++ )
-    {
-        j = i % 3;
-        k = i < 3;
-
-        if( verbose != 0 )
-            mbedtls_printf( "  SHA-%d test #%d: ", 256 - k * 32, j + 1 );
-
-        if( ( ret = mbedtls_sha256_starts_ret( &ctx, k ) ) != 0 )
-            goto fail;
-
-        if( j == 2 )
-        {
-            memset( buf, 'a', buflen = 1000 );
-
-            for( j = 0; j < 1000; j++ )
-            {
-                ret = mbedtls_sha256_update_ret( &ctx, buf, buflen );
-                if( ret != 0 )
-                    goto fail;
-            }
-
-        }
-        else
-        {
-            ret = mbedtls_sha256_update_ret( &ctx, sha256_test_buf[j],
-                                             sha256_test_buflen[j] );
-            if( ret != 0 )
-                 goto fail;
-        }
-
-        if( ( ret = mbedtls_sha256_finish_ret( &ctx, sha256sum ) ) != 0 )
-            goto fail;
-
-
-        if( memcmp( sha256sum, sha256_test_sum[i], 32 - k * 4 ) != 0 )
-        {
-            ret = 1;
-            goto fail;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-    goto exit;
-
-fail:
-    if( verbose != 0 )
-        mbedtls_printf( "failed\n" );
-
-exit:
-    mbedtls_sha256_free( &ctx );
-    mbedtls_free( buf );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_SHA256_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/sha512.c b/3rdparty/mbedtls-2.25.0/library/sha512.c
deleted file mode 100644
index 06a628a..0000000
--- a/3rdparty/mbedtls-2.25.0/library/sha512.c
+++ /dev/null
@@ -1,691 +0,0 @@
-/*
- *  FIPS-180-2 compliant SHA-384/512 implementation
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  The SHA-512 Secure Hash Standard was published by NIST in 2002.
- *
- *  http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_SHA512_C)
-
-#include "mbedtls/sha512.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#if defined(_MSC_VER) || defined(__WATCOMC__)
-  #define UL64(x) x##ui64
-#else
-  #define UL64(x) x##ULL
-#endif
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf printf
-#define mbedtls_calloc    calloc
-#define mbedtls_free       free
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#define SHA512_VALIDATE_RET(cond)                           \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA512_BAD_INPUT_DATA )
-#define SHA512_VALIDATE(cond)  MBEDTLS_INTERNAL_VALIDATE( cond )
-
-#if !defined(MBEDTLS_SHA512_ALT)
-
-/*
- * 64-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT64_BE
-#define GET_UINT64_BE(n,b,i)                            \
-{                                                       \
-    (n) = ( (uint64_t) (b)[(i)    ] << 56 )       \
-        | ( (uint64_t) (b)[(i) + 1] << 48 )       \
-        | ( (uint64_t) (b)[(i) + 2] << 40 )       \
-        | ( (uint64_t) (b)[(i) + 3] << 32 )       \
-        | ( (uint64_t) (b)[(i) + 4] << 24 )       \
-        | ( (uint64_t) (b)[(i) + 5] << 16 )       \
-        | ( (uint64_t) (b)[(i) + 6] <<  8 )       \
-        | ( (uint64_t) (b)[(i) + 7]       );      \
-}
-#endif /* GET_UINT64_BE */
-
-#ifndef PUT_UINT64_BE
-#define PUT_UINT64_BE(n,b,i)                            \
-{                                                       \
-    (b)[(i)    ] = (unsigned char) ( (n) >> 56 );       \
-    (b)[(i) + 1] = (unsigned char) ( (n) >> 48 );       \
-    (b)[(i) + 2] = (unsigned char) ( (n) >> 40 );       \
-    (b)[(i) + 3] = (unsigned char) ( (n) >> 32 );       \
-    (b)[(i) + 4] = (unsigned char) ( (n) >> 24 );       \
-    (b)[(i) + 5] = (unsigned char) ( (n) >> 16 );       \
-    (b)[(i) + 6] = (unsigned char) ( (n) >>  8 );       \
-    (b)[(i) + 7] = (unsigned char) ( (n)       );       \
-}
-#endif /* PUT_UINT64_BE */
-
-#if defined(MBEDTLS_SHA512_SMALLER)
-static void sha512_put_uint64_be( uint64_t n, unsigned char *b, uint8_t i )
-{
-    PUT_UINT64_BE(n, b, i);
-}
-#else
-#define sha512_put_uint64_be    PUT_UINT64_BE
-#endif /* MBEDTLS_SHA512_SMALLER */
-
-void mbedtls_sha512_init( mbedtls_sha512_context *ctx )
-{
-    SHA512_VALIDATE( ctx != NULL );
-
-    memset( ctx, 0, sizeof( mbedtls_sha512_context ) );
-}
-
-void mbedtls_sha512_free( mbedtls_sha512_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_sha512_context ) );
-}
-
-void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
-                           const mbedtls_sha512_context *src )
-{
-    SHA512_VALIDATE( dst != NULL );
-    SHA512_VALIDATE( src != NULL );
-
-    *dst = *src;
-}
-
-/*
- * SHA-512 context setup
- */
-int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 )
-{
-    SHA512_VALIDATE_RET( ctx != NULL );
-#if !defined(MBEDTLS_SHA512_NO_SHA384)
-    SHA512_VALIDATE_RET( is384 == 0 || is384 == 1 );
-#else
-    SHA512_VALIDATE_RET( is384 == 0 );
-#endif
-
-    ctx->total[0] = 0;
-    ctx->total[1] = 0;
-
-    if( is384 == 0 )
-    {
-        /* SHA-512 */
-        ctx->state[0] = UL64(0x6A09E667F3BCC908);
-        ctx->state[1] = UL64(0xBB67AE8584CAA73B);
-        ctx->state[2] = UL64(0x3C6EF372FE94F82B);
-        ctx->state[3] = UL64(0xA54FF53A5F1D36F1);
-        ctx->state[4] = UL64(0x510E527FADE682D1);
-        ctx->state[5] = UL64(0x9B05688C2B3E6C1F);
-        ctx->state[6] = UL64(0x1F83D9ABFB41BD6B);
-        ctx->state[7] = UL64(0x5BE0CD19137E2179);
-    }
-    else
-    {
-#if defined(MBEDTLS_SHA512_NO_SHA384)
-        return( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA );
-#else
-        /* SHA-384 */
-        ctx->state[0] = UL64(0xCBBB9D5DC1059ED8);
-        ctx->state[1] = UL64(0x629A292A367CD507);
-        ctx->state[2] = UL64(0x9159015A3070DD17);
-        ctx->state[3] = UL64(0x152FECD8F70E5939);
-        ctx->state[4] = UL64(0x67332667FFC00B31);
-        ctx->state[5] = UL64(0x8EB44A8768581511);
-        ctx->state[6] = UL64(0xDB0C2E0D64F98FA7);
-        ctx->state[7] = UL64(0x47B5481DBEFA4FA4);
-#endif /* MBEDTLS_SHA512_NO_SHA384 */
-    }
-
-#if !defined(MBEDTLS_SHA512_NO_SHA384)
-    ctx->is384 = is384;
-#endif
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_sha512_starts( mbedtls_sha512_context *ctx,
-                            int is384 )
-{
-    mbedtls_sha512_starts_ret( ctx, is384 );
-}
-#endif
-
-#if !defined(MBEDTLS_SHA512_PROCESS_ALT)
-
-/*
- * Round constants
- */
-static const uint64_t K[80] =
-{
-    UL64(0x428A2F98D728AE22),  UL64(0x7137449123EF65CD),
-    UL64(0xB5C0FBCFEC4D3B2F),  UL64(0xE9B5DBA58189DBBC),
-    UL64(0x3956C25BF348B538),  UL64(0x59F111F1B605D019),
-    UL64(0x923F82A4AF194F9B),  UL64(0xAB1C5ED5DA6D8118),
-    UL64(0xD807AA98A3030242),  UL64(0x12835B0145706FBE),
-    UL64(0x243185BE4EE4B28C),  UL64(0x550C7DC3D5FFB4E2),
-    UL64(0x72BE5D74F27B896F),  UL64(0x80DEB1FE3B1696B1),
-    UL64(0x9BDC06A725C71235),  UL64(0xC19BF174CF692694),
-    UL64(0xE49B69C19EF14AD2),  UL64(0xEFBE4786384F25E3),
-    UL64(0x0FC19DC68B8CD5B5),  UL64(0x240CA1CC77AC9C65),
-    UL64(0x2DE92C6F592B0275),  UL64(0x4A7484AA6EA6E483),
-    UL64(0x5CB0A9DCBD41FBD4),  UL64(0x76F988DA831153B5),
-    UL64(0x983E5152EE66DFAB),  UL64(0xA831C66D2DB43210),
-    UL64(0xB00327C898FB213F),  UL64(0xBF597FC7BEEF0EE4),
-    UL64(0xC6E00BF33DA88FC2),  UL64(0xD5A79147930AA725),
-    UL64(0x06CA6351E003826F),  UL64(0x142929670A0E6E70),
-    UL64(0x27B70A8546D22FFC),  UL64(0x2E1B21385C26C926),
-    UL64(0x4D2C6DFC5AC42AED),  UL64(0x53380D139D95B3DF),
-    UL64(0x650A73548BAF63DE),  UL64(0x766A0ABB3C77B2A8),
-    UL64(0x81C2C92E47EDAEE6),  UL64(0x92722C851482353B),
-    UL64(0xA2BFE8A14CF10364),  UL64(0xA81A664BBC423001),
-    UL64(0xC24B8B70D0F89791),  UL64(0xC76C51A30654BE30),
-    UL64(0xD192E819D6EF5218),  UL64(0xD69906245565A910),
-    UL64(0xF40E35855771202A),  UL64(0x106AA07032BBD1B8),
-    UL64(0x19A4C116B8D2D0C8),  UL64(0x1E376C085141AB53),
-    UL64(0x2748774CDF8EEB99),  UL64(0x34B0BCB5E19B48A8),
-    UL64(0x391C0CB3C5C95A63),  UL64(0x4ED8AA4AE3418ACB),
-    UL64(0x5B9CCA4F7763E373),  UL64(0x682E6FF3D6B2B8A3),
-    UL64(0x748F82EE5DEFB2FC),  UL64(0x78A5636F43172F60),
-    UL64(0x84C87814A1F0AB72),  UL64(0x8CC702081A6439EC),
-    UL64(0x90BEFFFA23631E28),  UL64(0xA4506CEBDE82BDE9),
-    UL64(0xBEF9A3F7B2C67915),  UL64(0xC67178F2E372532B),
-    UL64(0xCA273ECEEA26619C),  UL64(0xD186B8C721C0C207),
-    UL64(0xEADA7DD6CDE0EB1E),  UL64(0xF57D4F7FEE6ED178),
-    UL64(0x06F067AA72176FBA),  UL64(0x0A637DC5A2C898A6),
-    UL64(0x113F9804BEF90DAE),  UL64(0x1B710B35131C471B),
-    UL64(0x28DB77F523047D84),  UL64(0x32CAAB7B40C72493),
-    UL64(0x3C9EBE0A15C9BEBC),  UL64(0x431D67C49C100D4C),
-    UL64(0x4CC5D4BECB3E42B6),  UL64(0x597F299CFC657E2A),
-    UL64(0x5FCB6FAB3AD6FAEC),  UL64(0x6C44198C4A475817)
-};
-
-int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
-                                     const unsigned char data[128] )
-{
-    int i;
-    struct
-    {
-        uint64_t temp1, temp2, W[80];
-        uint64_t A[8];
-    } local;
-
-    SHA512_VALIDATE_RET( ctx != NULL );
-    SHA512_VALIDATE_RET( (const unsigned char *)data != NULL );
-
-#define  SHR(x,n) ((x) >> (n))
-#define ROTR(x,n) (SHR((x),(n)) | ((x) << (64 - (n))))
-
-#define S0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^  SHR(x, 7))
-#define S1(x) (ROTR(x,19) ^ ROTR(x,61) ^  SHR(x, 6))
-
-#define S2(x) (ROTR(x,28) ^ ROTR(x,34) ^ ROTR(x,39))
-#define S3(x) (ROTR(x,14) ^ ROTR(x,18) ^ ROTR(x,41))
-
-#define F0(x,y,z) (((x) & (y)) | ((z) & ((x) | (y))))
-#define F1(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
-
-#define P(a,b,c,d,e,f,g,h,x,K)                                      \
-    do                                                              \
-    {                                                               \
-        local.temp1 = (h) + S3(e) + F1((e),(f),(g)) + (K) + (x);    \
-        local.temp2 = S2(a) + F0((a),(b),(c));                      \
-        (d) += local.temp1; (h) = local.temp1 + local.temp2;        \
-    } while( 0 )
-
-    for( i = 0; i < 8; i++ )
-        local.A[i] = ctx->state[i];
-
-#if defined(MBEDTLS_SHA512_SMALLER)
-    for( i = 0; i < 80; i++ )
-    {
-        if( i < 16 )
-        {
-            GET_UINT64_BE( local.W[i], data, i << 3 );
-        }
-        else
-        {
-            local.W[i] = S1(local.W[i -  2]) + local.W[i -  7] +
-                   S0(local.W[i - 15]) + local.W[i - 16];
-        }
-
-        P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4],
-           local.A[5], local.A[6], local.A[7], local.W[i], K[i] );
-
-        local.temp1 = local.A[7]; local.A[7] = local.A[6];
-        local.A[6] = local.A[5]; local.A[5] = local.A[4];
-        local.A[4] = local.A[3]; local.A[3] = local.A[2];
-        local.A[2] = local.A[1]; local.A[1] = local.A[0];
-        local.A[0] = local.temp1;
-    }
-#else /* MBEDTLS_SHA512_SMALLER */
-    for( i = 0; i < 16; i++ )
-    {
-        GET_UINT64_BE( local.W[i], data, i << 3 );
-    }
-
-    for( ; i < 80; i++ )
-    {
-        local.W[i] = S1(local.W[i -  2]) + local.W[i -  7] +
-               S0(local.W[i - 15]) + local.W[i - 16];
-    }
-
-    i = 0;
-    do
-    {
-        P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4],
-           local.A[5], local.A[6], local.A[7], local.W[i], K[i] ); i++;
-        P( local.A[7], local.A[0], local.A[1], local.A[2], local.A[3],
-           local.A[4], local.A[5], local.A[6], local.W[i], K[i] ); i++;
-        P( local.A[6], local.A[7], local.A[0], local.A[1], local.A[2],
-           local.A[3], local.A[4], local.A[5], local.W[i], K[i] ); i++;
-        P( local.A[5], local.A[6], local.A[7], local.A[0], local.A[1],
-           local.A[2], local.A[3], local.A[4], local.W[i], K[i] ); i++;
-        P( local.A[4], local.A[5], local.A[6], local.A[7], local.A[0],
-           local.A[1], local.A[2], local.A[3], local.W[i], K[i] ); i++;
-        P( local.A[3], local.A[4], local.A[5], local.A[6], local.A[7],
-           local.A[0], local.A[1], local.A[2], local.W[i], K[i] ); i++;
-        P( local.A[2], local.A[3], local.A[4], local.A[5], local.A[6],
-           local.A[7], local.A[0], local.A[1], local.W[i], K[i] ); i++;
-        P( local.A[1], local.A[2], local.A[3], local.A[4], local.A[5],
-           local.A[6], local.A[7], local.A[0], local.W[i], K[i] ); i++;
-    }
-    while( i < 80 );
-#endif /* MBEDTLS_SHA512_SMALLER */
-
-    for( i = 0; i < 8; i++ )
-        ctx->state[i] += local.A[i];
-
-    /* Zeroise buffers and variables to clear sensitive data from memory. */
-    mbedtls_platform_zeroize( &local, sizeof( local ) );
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_sha512_process( mbedtls_sha512_context *ctx,
-                             const unsigned char data[128] )
-{
-    mbedtls_internal_sha512_process( ctx, data );
-}
-#endif
-#endif /* !MBEDTLS_SHA512_PROCESS_ALT */
-
-/*
- * SHA-512 process buffer
- */
-int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx,
-                               const unsigned char *input,
-                               size_t ilen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t fill;
-    unsigned int left;
-
-    SHA512_VALIDATE_RET( ctx != NULL );
-    SHA512_VALIDATE_RET( ilen == 0 || input != NULL );
-
-    if( ilen == 0 )
-        return( 0 );
-
-    left = (unsigned int) (ctx->total[0] & 0x7F);
-    fill = 128 - left;
-
-    ctx->total[0] += (uint64_t) ilen;
-
-    if( ctx->total[0] < (uint64_t) ilen )
-        ctx->total[1]++;
-
-    if( left && ilen >= fill )
-    {
-        memcpy( (void *) (ctx->buffer + left), input, fill );
-
-        if( ( ret = mbedtls_internal_sha512_process( ctx, ctx->buffer ) ) != 0 )
-            return( ret );
-
-        input += fill;
-        ilen  -= fill;
-        left = 0;
-    }
-
-    while( ilen >= 128 )
-    {
-        if( ( ret = mbedtls_internal_sha512_process( ctx, input ) ) != 0 )
-            return( ret );
-
-        input += 128;
-        ilen  -= 128;
-    }
-
-    if( ilen > 0 )
-        memcpy( (void *) (ctx->buffer + left), input, ilen );
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_sha512_update( mbedtls_sha512_context *ctx,
-                            const unsigned char *input,
-                            size_t ilen )
-{
-    mbedtls_sha512_update_ret( ctx, input, ilen );
-}
-#endif
-
-/*
- * SHA-512 final digest
- */
-int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx,
-                               unsigned char output[64] )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned used;
-    uint64_t high, low;
-
-    SHA512_VALIDATE_RET( ctx != NULL );
-    SHA512_VALIDATE_RET( (unsigned char *)output != NULL );
-
-    /*
-     * Add padding: 0x80 then 0x00 until 16 bytes remain for the length
-     */
-    used = ctx->total[0] & 0x7F;
-
-    ctx->buffer[used++] = 0x80;
-
-    if( used <= 112 )
-    {
-        /* Enough room for padding + length in current block */
-        memset( ctx->buffer + used, 0, 112 - used );
-    }
-    else
-    {
-        /* We'll need an extra block */
-        memset( ctx->buffer + used, 0, 128 - used );
-
-        if( ( ret = mbedtls_internal_sha512_process( ctx, ctx->buffer ) ) != 0 )
-            return( ret );
-
-        memset( ctx->buffer, 0, 112 );
-    }
-
-    /*
-     * Add message length
-     */
-    high = ( ctx->total[0] >> 61 )
-         | ( ctx->total[1] <<  3 );
-    low  = ( ctx->total[0] <<  3 );
-
-    sha512_put_uint64_be( high, ctx->buffer, 112 );
-    sha512_put_uint64_be( low,  ctx->buffer, 120 );
-
-    if( ( ret = mbedtls_internal_sha512_process( ctx, ctx->buffer ) ) != 0 )
-        return( ret );
-
-    /*
-     * Output final state
-     */
-    sha512_put_uint64_be( ctx->state[0], output,  0 );
-    sha512_put_uint64_be( ctx->state[1], output,  8 );
-    sha512_put_uint64_be( ctx->state[2], output, 16 );
-    sha512_put_uint64_be( ctx->state[3], output, 24 );
-    sha512_put_uint64_be( ctx->state[4], output, 32 );
-    sha512_put_uint64_be( ctx->state[5], output, 40 );
-
-#if !defined(MBEDTLS_SHA512_NO_SHA384)
-    if( ctx->is384 == 0 )
-#endif
-    {
-        sha512_put_uint64_be( ctx->state[6], output, 48 );
-        sha512_put_uint64_be( ctx->state[7], output, 56 );
-    }
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_sha512_finish( mbedtls_sha512_context *ctx,
-                            unsigned char output[64] )
-{
-    mbedtls_sha512_finish_ret( ctx, output );
-}
-#endif
-
-#endif /* !MBEDTLS_SHA512_ALT */
-
-/*
- * output = SHA-512( input buffer )
- */
-int mbedtls_sha512_ret( const unsigned char *input,
-                    size_t ilen,
-                    unsigned char output[64],
-                    int is384 )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_sha512_context ctx;
-
-#if !defined(MBEDTLS_SHA512_NO_SHA384)
-    SHA512_VALIDATE_RET( is384 == 0 || is384 == 1 );
-#else
-    SHA512_VALIDATE_RET( is384 == 0 );
-#endif
-    SHA512_VALIDATE_RET( ilen == 0 || input != NULL );
-    SHA512_VALIDATE_RET( (unsigned char *)output != NULL );
-
-    mbedtls_sha512_init( &ctx );
-
-    if( ( ret = mbedtls_sha512_starts_ret( &ctx, is384 ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_sha512_update_ret( &ctx, input, ilen ) ) != 0 )
-        goto exit;
-
-    if( ( ret = mbedtls_sha512_finish_ret( &ctx, output ) ) != 0 )
-        goto exit;
-
-exit:
-    mbedtls_sha512_free( &ctx );
-
-    return( ret );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-void mbedtls_sha512( const unsigned char *input,
-                     size_t ilen,
-                     unsigned char output[64],
-                     int is384 )
-{
-    mbedtls_sha512_ret( input, ilen, output, is384 );
-}
-#endif
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/*
- * FIPS-180-2 test vectors
- */
-static const unsigned char sha512_test_buf[3][113] =
-{
-    { "abc" },
-    { "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" },
-    { "" }
-};
-
-static const size_t sha512_test_buflen[3] =
-{
-    3, 112, 1000
-};
-
-static const unsigned char sha512_test_sum[][64] =
-{
-#if !defined(MBEDTLS_SHA512_NO_SHA384)
-    /*
-     * SHA-384 test vectors
-     */
-    { 0xCB, 0x00, 0x75, 0x3F, 0x45, 0xA3, 0x5E, 0x8B,
-      0xB5, 0xA0, 0x3D, 0x69, 0x9A, 0xC6, 0x50, 0x07,
-      0x27, 0x2C, 0x32, 0xAB, 0x0E, 0xDE, 0xD1, 0x63,
-      0x1A, 0x8B, 0x60, 0x5A, 0x43, 0xFF, 0x5B, 0xED,
-      0x80, 0x86, 0x07, 0x2B, 0xA1, 0xE7, 0xCC, 0x23,
-      0x58, 0xBA, 0xEC, 0xA1, 0x34, 0xC8, 0x25, 0xA7 },
-    { 0x09, 0x33, 0x0C, 0x33, 0xF7, 0x11, 0x47, 0xE8,
-      0x3D, 0x19, 0x2F, 0xC7, 0x82, 0xCD, 0x1B, 0x47,
-      0x53, 0x11, 0x1B, 0x17, 0x3B, 0x3B, 0x05, 0xD2,
-      0x2F, 0xA0, 0x80, 0x86, 0xE3, 0xB0, 0xF7, 0x12,
-      0xFC, 0xC7, 0xC7, 0x1A, 0x55, 0x7E, 0x2D, 0xB9,
-      0x66, 0xC3, 0xE9, 0xFA, 0x91, 0x74, 0x60, 0x39 },
-    { 0x9D, 0x0E, 0x18, 0x09, 0x71, 0x64, 0x74, 0xCB,
-      0x08, 0x6E, 0x83, 0x4E, 0x31, 0x0A, 0x4A, 0x1C,
-      0xED, 0x14, 0x9E, 0x9C, 0x00, 0xF2, 0x48, 0x52,
-      0x79, 0x72, 0xCE, 0xC5, 0x70, 0x4C, 0x2A, 0x5B,
-      0x07, 0xB8, 0xB3, 0xDC, 0x38, 0xEC, 0xC4, 0xEB,
-      0xAE, 0x97, 0xDD, 0xD8, 0x7F, 0x3D, 0x89, 0x85 },
-#endif /* !MBEDTLS_SHA512_NO_SHA384 */
-
-    /*
-     * SHA-512 test vectors
-     */
-    { 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA,
-      0xCC, 0x41, 0x73, 0x49, 0xAE, 0x20, 0x41, 0x31,
-      0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
-      0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A,
-      0x21, 0x92, 0x99, 0x2A, 0x27, 0x4F, 0xC1, 0xA8,
-      0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD,
-      0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E,
-      0x2A, 0x9A, 0xC9, 0x4F, 0xA5, 0x4C, 0xA4, 0x9F },
-    { 0x8E, 0x95, 0x9B, 0x75, 0xDA, 0xE3, 0x13, 0xDA,
-      0x8C, 0xF4, 0xF7, 0x28, 0x14, 0xFC, 0x14, 0x3F,
-      0x8F, 0x77, 0x79, 0xC6, 0xEB, 0x9F, 0x7F, 0xA1,
-      0x72, 0x99, 0xAE, 0xAD, 0xB6, 0x88, 0x90, 0x18,
-      0x50, 0x1D, 0x28, 0x9E, 0x49, 0x00, 0xF7, 0xE4,
-      0x33, 0x1B, 0x99, 0xDE, 0xC4, 0xB5, 0x43, 0x3A,
-      0xC7, 0xD3, 0x29, 0xEE, 0xB6, 0xDD, 0x26, 0x54,
-      0x5E, 0x96, 0xE5, 0x5B, 0x87, 0x4B, 0xE9, 0x09 },
-    { 0xE7, 0x18, 0x48, 0x3D, 0x0C, 0xE7, 0x69, 0x64,
-      0x4E, 0x2E, 0x42, 0xC7, 0xBC, 0x15, 0xB4, 0x63,
-      0x8E, 0x1F, 0x98, 0xB1, 0x3B, 0x20, 0x44, 0x28,
-      0x56, 0x32, 0xA8, 0x03, 0xAF, 0xA9, 0x73, 0xEB,
-      0xDE, 0x0F, 0xF2, 0x44, 0x87, 0x7E, 0xA6, 0x0A,
-      0x4C, 0xB0, 0x43, 0x2C, 0xE5, 0x77, 0xC3, 0x1B,
-      0xEB, 0x00, 0x9C, 0x5C, 0x2C, 0x49, 0xAA, 0x2E,
-      0x4E, 0xAD, 0xB2, 0x17, 0xAD, 0x8C, 0xC0, 0x9B }
-};
-
-#define ARRAY_LENGTH( a )   ( sizeof( a ) / sizeof( ( a )[0] ) )
-
-/*
- * Checkup routine
- */
-int mbedtls_sha512_self_test( int verbose )
-{
-    int i, j, k, buflen, ret = 0;
-    unsigned char *buf;
-    unsigned char sha512sum[64];
-    mbedtls_sha512_context ctx;
-
-    buf = mbedtls_calloc( 1024, sizeof(unsigned char) );
-    if( NULL == buf )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "Buffer allocation failed\n" );
-
-        return( 1 );
-    }
-
-    mbedtls_sha512_init( &ctx );
-
-    for( i = 0; i < (int) ARRAY_LENGTH(sha512_test_sum); i++ )
-    {
-        j = i % 3;
-#if !defined(MBEDTLS_SHA512_NO_SHA384)
-        k = i < 3;
-#else
-        k = 0;
-#endif
-
-        if( verbose != 0 )
-            mbedtls_printf( "  SHA-%d test #%d: ", 512 - k * 128, j + 1 );
-
-        if( ( ret = mbedtls_sha512_starts_ret( &ctx, k ) ) != 0 )
-            goto fail;
-
-        if( j == 2 )
-        {
-            memset( buf, 'a', buflen = 1000 );
-
-            for( j = 0; j < 1000; j++ )
-            {
-                ret = mbedtls_sha512_update_ret( &ctx, buf, buflen );
-                if( ret != 0 )
-                    goto fail;
-            }
-        }
-        else
-        {
-            ret = mbedtls_sha512_update_ret( &ctx, sha512_test_buf[j],
-                                             sha512_test_buflen[j] );
-            if( ret != 0 )
-                goto fail;
-        }
-
-        if( ( ret = mbedtls_sha512_finish_ret( &ctx, sha512sum ) ) != 0 )
-            goto fail;
-
-        if( memcmp( sha512sum, sha512_test_sum[i], 64 - k * 16 ) != 0 )
-        {
-            ret = 1;
-            goto fail;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-    goto exit;
-
-fail:
-    if( verbose != 0 )
-        mbedtls_printf( "failed\n" );
-
-exit:
-    mbedtls_sha512_free( &ctx );
-    mbedtls_free( buf );
-
-    return( ret );
-}
-
-#undef ARRAY_LENGTH
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_SHA512_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/ssl_cache.c b/3rdparty/mbedtls-2.25.0/library/ssl_cache.c
deleted file mode 100644
index 7e9d4da..0000000
--- a/3rdparty/mbedtls-2.25.0/library/ssl_cache.c
+++ /dev/null
@@ -1,347 +0,0 @@
-/*
- *  SSL session cache implementation
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- * These session callbacks use a simple chained list
- * to store and retrieve the session information.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_SSL_CACHE_C)
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc    calloc
-#define mbedtls_free      free
-#endif
-
-#include "mbedtls/ssl_cache.h"
-#include "mbedtls/ssl_internal.h"
-
-#include <string.h>
-
-void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache )
-{
-    memset( cache, 0, sizeof( mbedtls_ssl_cache_context ) );
-
-    cache->timeout = MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT;
-    cache->max_entries = MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES;
-
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_mutex_init( &cache->mutex );
-#endif
-}
-
-int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session )
-{
-    int ret = 1;
-#if defined(MBEDTLS_HAVE_TIME)
-    mbedtls_time_t t = mbedtls_time( NULL );
-#endif
-    mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data;
-    mbedtls_ssl_cache_entry *cur, *entry;
-
-#if defined(MBEDTLS_THREADING_C)
-    if( mbedtls_mutex_lock( &cache->mutex ) != 0 )
-        return( 1 );
-#endif
-
-    cur = cache->chain;
-    entry = NULL;
-
-    while( cur != NULL )
-    {
-        entry = cur;
-        cur = cur->next;
-
-#if defined(MBEDTLS_HAVE_TIME)
-        if( cache->timeout != 0 &&
-            (int) ( t - entry->timestamp ) > cache->timeout )
-            continue;
-#endif
-
-        if( session->ciphersuite != entry->session.ciphersuite ||
-            session->compression != entry->session.compression ||
-            session->id_len != entry->session.id_len )
-            continue;
-
-        if( memcmp( session->id, entry->session.id,
-                    entry->session.id_len ) != 0 )
-            continue;
-
-        ret = mbedtls_ssl_session_copy( session, &entry->session );
-        if( ret != 0 )
-        {
-            ret = 1;
-            goto exit;
-        }
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
-    defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-        /*
-         * Restore peer certificate (without rest of the original chain)
-         */
-        if( entry->peer_cert.p != NULL )
-        {
-            /* `session->peer_cert` is NULL after the call to
-             * mbedtls_ssl_session_copy(), because cache entries
-             * have the `peer_cert` field set to NULL. */
-
-            if( ( session->peer_cert = mbedtls_calloc( 1,
-                                 sizeof(mbedtls_x509_crt) ) ) == NULL )
-            {
-                ret = 1;
-                goto exit;
-            }
-
-            mbedtls_x509_crt_init( session->peer_cert );
-            if( mbedtls_x509_crt_parse( session->peer_cert, entry->peer_cert.p,
-                                entry->peer_cert.len ) != 0 )
-            {
-                mbedtls_free( session->peer_cert );
-                session->peer_cert = NULL;
-                ret = 1;
-                goto exit;
-            }
-        }
-#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-
-        ret = 0;
-        goto exit;
-    }
-
-exit:
-#if defined(MBEDTLS_THREADING_C)
-    if( mbedtls_mutex_unlock( &cache->mutex ) != 0 )
-        ret = 1;
-#endif
-
-    return( ret );
-}
-
-int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session )
-{
-    int ret = 1;
-#if defined(MBEDTLS_HAVE_TIME)
-    mbedtls_time_t t = mbedtls_time( NULL ), oldest = 0;
-    mbedtls_ssl_cache_entry *old = NULL;
-#endif
-    mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data;
-    mbedtls_ssl_cache_entry *cur, *prv;
-    int count = 0;
-
-#if defined(MBEDTLS_THREADING_C)
-    if( ( ret = mbedtls_mutex_lock( &cache->mutex ) ) != 0 )
-        return( ret );
-#endif
-
-    cur = cache->chain;
-    prv = NULL;
-
-    while( cur != NULL )
-    {
-        count++;
-
-#if defined(MBEDTLS_HAVE_TIME)
-        if( cache->timeout != 0 &&
-            (int) ( t - cur->timestamp ) > cache->timeout )
-        {
-            cur->timestamp = t;
-            break; /* expired, reuse this slot, update timestamp */
-        }
-#endif
-
-        if( memcmp( session->id, cur->session.id, cur->session.id_len ) == 0 )
-            break; /* client reconnected, keep timestamp for session id */
-
-#if defined(MBEDTLS_HAVE_TIME)
-        if( oldest == 0 || cur->timestamp < oldest )
-        {
-            oldest = cur->timestamp;
-            old = cur;
-        }
-#endif
-
-        prv = cur;
-        cur = cur->next;
-    }
-
-    if( cur == NULL )
-    {
-#if defined(MBEDTLS_HAVE_TIME)
-        /*
-         * Reuse oldest entry if max_entries reached
-         */
-        if( count >= cache->max_entries )
-        {
-            if( old == NULL )
-            {
-                ret = 1;
-                goto exit;
-            }
-
-            cur = old;
-        }
-#else /* MBEDTLS_HAVE_TIME */
-        /*
-         * Reuse first entry in chain if max_entries reached,
-         * but move to last place
-         */
-        if( count >= cache->max_entries )
-        {
-            if( cache->chain == NULL )
-            {
-                ret = 1;
-                goto exit;
-            }
-
-            cur = cache->chain;
-            cache->chain = cur->next;
-            cur->next = NULL;
-            prv->next = cur;
-        }
-#endif /* MBEDTLS_HAVE_TIME */
-        else
-        {
-            /*
-             * max_entries not reached, create new entry
-             */
-            cur = mbedtls_calloc( 1, sizeof(mbedtls_ssl_cache_entry) );
-            if( cur == NULL )
-            {
-                ret = 1;
-                goto exit;
-            }
-
-            if( prv == NULL )
-                cache->chain = cur;
-            else
-                prv->next = cur;
-        }
-
-#if defined(MBEDTLS_HAVE_TIME)
-        cur->timestamp = t;
-#endif
-    }
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
-    defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    /*
-     * If we're reusing an entry, free its certificate first
-     */
-    if( cur->peer_cert.p != NULL )
-    {
-        mbedtls_free( cur->peer_cert.p );
-        memset( &cur->peer_cert, 0, sizeof(mbedtls_x509_buf) );
-    }
-#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-
-    /* Copy the entire session; this temporarily makes a copy of the
-     * X.509 CRT structure even though we only want to store the raw CRT.
-     * This inefficiency will go away as soon as we implement on-demand
-     * parsing of CRTs, in which case there's no need for the `peer_cert`
-     * field anymore in the first place, and we're done after this call. */
-    ret = mbedtls_ssl_session_copy( &cur->session, session );
-    if( ret != 0 )
-    {
-        ret = 1;
-        goto exit;
-    }
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
-    defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    /* If present, free the X.509 structure and only store the raw CRT data. */
-    if( cur->session.peer_cert != NULL )
-    {
-        cur->peer_cert.p =
-            mbedtls_calloc( 1, cur->session.peer_cert->raw.len );
-        if( cur->peer_cert.p == NULL )
-        {
-            ret = 1;
-            goto exit;
-        }
-
-        memcpy( cur->peer_cert.p,
-                cur->session.peer_cert->raw.p,
-                cur->session.peer_cert->raw.len );
-        cur->peer_cert.len = session->peer_cert->raw.len;
-
-        mbedtls_x509_crt_free( cur->session.peer_cert );
-        mbedtls_free( cur->session.peer_cert );
-        cur->session.peer_cert = NULL;
-    }
-#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-
-    ret = 0;
-
-exit:
-#if defined(MBEDTLS_THREADING_C)
-    if( mbedtls_mutex_unlock( &cache->mutex ) != 0 )
-        ret = 1;
-#endif
-
-    return( ret );
-}
-
-#if defined(MBEDTLS_HAVE_TIME)
-void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout )
-{
-    if( timeout < 0 ) timeout = 0;
-
-    cache->timeout = timeout;
-}
-#endif /* MBEDTLS_HAVE_TIME */
-
-void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max )
-{
-    if( max < 0 ) max = 0;
-
-    cache->max_entries = max;
-}
-
-void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache )
-{
-    mbedtls_ssl_cache_entry *cur, *prv;
-
-    cur = cache->chain;
-
-    while( cur != NULL )
-    {
-        prv = cur;
-        cur = cur->next;
-
-        mbedtls_ssl_session_free( &prv->session );
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
-    defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-        mbedtls_free( prv->peer_cert.p );
-#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-
-        mbedtls_free( prv );
-    }
-
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_mutex_free( &cache->mutex );
-#endif
-    cache->chain = NULL;
-}
-
-#endif /* MBEDTLS_SSL_CACHE_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/ssl_cli.c b/3rdparty/mbedtls-2.25.0/library/ssl_cli.c
deleted file mode 100644
index a8331d9..0000000
--- a/3rdparty/mbedtls-2.25.0/library/ssl_cli.c
+++ /dev/null
@@ -1,4542 +0,0 @@
-/*
- *  SSLv3/TLSv1 client-side functions
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_SSL_CLI_C)
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc    calloc
-#define mbedtls_free      free
-#endif
-
-#include "mbedtls/ssl.h"
-#include "mbedtls/ssl_internal.h"
-#include "mbedtls/debug.h"
-#include "mbedtls/error.h"
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "mbedtls/psa_util.h"
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#include <string.h>
-
-#include <stdint.h>
-
-#if defined(MBEDTLS_HAVE_TIME)
-#include "mbedtls/platform_time.h"
-#endif
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-#include "mbedtls/platform_util.h"
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-static int ssl_conf_has_static_psk( mbedtls_ssl_config const *conf )
-{
-    if( conf->psk_identity     == NULL ||
-        conf->psk_identity_len == 0     )
-    {
-        return( 0 );
-    }
-
-    if( conf->psk != NULL && conf->psk_len != 0 )
-        return( 1 );
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) )
-        return( 1 );
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-static int ssl_conf_has_static_raw_psk( mbedtls_ssl_config const *conf )
-{
-    if( conf->psk_identity     == NULL ||
-        conf->psk_identity_len == 0     )
-    {
-        return( 0 );
-    }
-
-    if( conf->psk != NULL && conf->psk_len != 0 )
-        return( 1 );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl,
-                                   unsigned char *buf,
-                                   const unsigned char *end,
-                                   size_t *olen )
-{
-    unsigned char *p = buf;
-    size_t hostname_len;
-
-    *olen = 0;
-
-    if( ssl->hostname == NULL )
-        return( 0 );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3,
-        ( "client hello, adding server name extension: %s",
-          ssl->hostname ) );
-
-    hostname_len = strlen( ssl->hostname );
-
-    MBEDTLS_SSL_CHK_BUF_PTR( p, end, hostname_len + 9 );
-
-    /*
-     * Sect. 3, RFC 6066 (TLS Extensions Definitions)
-     *
-     * In order to provide any of the server names, clients MAY include an
-     * extension of type "server_name" in the (extended) client hello. The
-     * "extension_data" field of this extension SHALL contain
-     * "ServerNameList" where:
-     *
-     * struct {
-     *     NameType name_type;
-     *     select (name_type) {
-     *         case host_name: HostName;
-     *     } name;
-     * } ServerName;
-     *
-     * enum {
-     *     host_name(0), (255)
-     * } NameType;
-     *
-     * opaque HostName<1..2^16-1>;
-     *
-     * struct {
-     *     ServerName server_name_list<1..2^16-1>
-     * } ServerNameList;
-     *
-     */
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME      ) & 0xFF );
-
-    *p++ = (unsigned char)( ( (hostname_len + 5) >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( (hostname_len + 5)      ) & 0xFF );
-
-    *p++ = (unsigned char)( ( (hostname_len + 3) >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( (hostname_len + 3)      ) & 0xFF );
-
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF );
-    *p++ = (unsigned char)( ( hostname_len >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( hostname_len      ) & 0xFF );
-
-    memcpy( p, ssl->hostname, hostname_len );
-
-    *olen = hostname_len + 9;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl,
-                                        unsigned char *buf,
-                                        const unsigned char *end,
-                                        size_t *olen )
-{
-    unsigned char *p = buf;
-
-    *olen = 0;
-
-    /* We're always including an TLS_EMPTY_RENEGOTIATION_INFO_SCSV in the
-     * initial ClientHello, in which case also adding the renegotiation
-     * info extension is NOT RECOMMENDED as per RFC 5746 Section 3.4. */
-    if( ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
-        return( 0 );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3,
-        ( "client hello, adding renegotiation extension" ) );
-
-    MBEDTLS_SSL_CHK_BUF_PTR( p, end, 5 + ssl->verify_data_len );
-
-    /*
-     * Secure renegotiation
-     */
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 )
-                            & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO      )
-                            & 0xFF );
-
-    *p++ = 0x00;
-    *p++ = ( ssl->verify_data_len + 1 ) & 0xFF;
-    *p++ = ssl->verify_data_len & 0xFF;
-
-    memcpy( p, ssl->own_verify_data, ssl->verify_data_len );
-
-    *olen = 5 + ssl->verify_data_len;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-
-/*
- * Only if we handle at least one key exchange that needs signatures.
- */
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
-    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-static int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl,
-                                               unsigned char *buf,
-                                               const unsigned char *end,
-                                               size_t *olen )
-{
-    unsigned char *p = buf;
-    size_t sig_alg_len = 0;
-    const int *md;
-
-#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_C)
-    unsigned char *sig_alg_list = buf + 6;
-#endif
-
-    *olen = 0;
-
-    if( ssl->conf->max_minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 )
-        return( 0 );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3,
-        ( "client hello, adding signature_algorithms extension" ) );
-
-    if( ssl->conf->sig_hashes == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_CONFIG );
-
-    for( md = ssl->conf->sig_hashes; *md != MBEDTLS_MD_NONE; md++ )
-    {
-#if defined(MBEDTLS_ECDSA_C)
-        sig_alg_len += 2;
-#endif
-#if defined(MBEDTLS_RSA_C)
-        sig_alg_len += 2;
-#endif
-        if( sig_alg_len > MBEDTLS_SSL_MAX_SIG_HASH_ALG_LIST_LEN )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3,
-                ( "length in bytes of sig-hash-alg extension too big" ) );
-            return( MBEDTLS_ERR_SSL_BAD_CONFIG );
-        }
-    }
-
-    /* Empty signature algorithms list, this is a configuration error. */
-    if( sig_alg_len == 0 )
-        return( MBEDTLS_ERR_SSL_BAD_CONFIG );
-
-    MBEDTLS_SSL_CHK_BUF_PTR( p, end, sig_alg_len + 6 );
-
-    /*
-     * Prepare signature_algorithms extension (TLS 1.2)
-     */
-    sig_alg_len = 0;
-
-    for( md = ssl->conf->sig_hashes; *md != MBEDTLS_MD_NONE; md++ )
-    {
-#if defined(MBEDTLS_ECDSA_C)
-        sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg( *md );
-        sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_ECDSA;
-#endif
-#if defined(MBEDTLS_RSA_C)
-        sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg( *md );
-        sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_RSA;
-#endif
-    }
-
-    /*
-     * enum {
-     *     none(0), md5(1), sha1(2), sha224(3), sha256(4), sha384(5),
-     *     sha512(6), (255)
-     * } HashAlgorithm;
-     *
-     * enum { anonymous(0), rsa(1), dsa(2), ecdsa(3), (255) }
-     *   SignatureAlgorithm;
-     *
-     * struct {
-     *     HashAlgorithm hash;
-     *     SignatureAlgorithm signature;
-     * } SignatureAndHashAlgorithm;
-     *
-     * SignatureAndHashAlgorithm
-     *   supported_signature_algorithms<2..2^16-2>;
-     */
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG      ) & 0xFF );
-
-    *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( ( sig_alg_len + 2 )      ) & 0xFF );
-
-    *p++ = (unsigned char)( ( sig_alg_len >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( sig_alg_len      ) & 0xFF );
-
-    *olen = 6 + sig_alg_len;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
-          MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
-
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
-    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-static int ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl,
-                                                    unsigned char *buf,
-                                                    const unsigned char *end,
-                                                    size_t *olen )
-{
-    unsigned char *p = buf;
-    unsigned char *elliptic_curve_list = p + 6;
-    size_t elliptic_curve_len = 0;
-    const mbedtls_ecp_curve_info *info;
-    const mbedtls_ecp_group_id *grp_id;
-
-    *olen = 0;
-
-    MBEDTLS_SSL_DEBUG_MSG( 3,
-        ( "client hello, adding supported_elliptic_curves extension" ) );
-
-    if( ssl->conf->curve_list == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_CONFIG );
-
-    for( grp_id = ssl->conf->curve_list;
-         *grp_id != MBEDTLS_ECP_DP_NONE;
-         grp_id++ )
-    {
-        info = mbedtls_ecp_curve_info_from_grp_id( *grp_id );
-        if( info == NULL )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1,
-                ( "invalid curve in ssl configuration" ) );
-            return( MBEDTLS_ERR_SSL_BAD_CONFIG );
-        }
-        elliptic_curve_len += 2;
-
-        if( elliptic_curve_len > MBEDTLS_SSL_MAX_CURVE_LIST_LEN )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3,
-                ( "malformed supported_elliptic_curves extension in config" ) );
-            return( MBEDTLS_ERR_SSL_BAD_CONFIG );
-        }
-    }
-
-    /* Empty elliptic curve list, this is a configuration error. */
-    if( elliptic_curve_len == 0 )
-        return( MBEDTLS_ERR_SSL_BAD_CONFIG );
-
-    MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 + elliptic_curve_len );
-
-    elliptic_curve_len = 0;
-
-    for( grp_id = ssl->conf->curve_list;
-         *grp_id != MBEDTLS_ECP_DP_NONE;
-         grp_id++ )
-    {
-        info = mbedtls_ecp_curve_info_from_grp_id( *grp_id );
-        elliptic_curve_list[elliptic_curve_len++] = info->tls_id >> 8;
-        elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF;
-    }
-
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES >> 8 )
-                            & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES      )
-                            & 0xFF );
-
-    *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 )      ) & 0xFF );
-
-    *p++ = (unsigned char)( ( ( elliptic_curve_len     ) >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( ( elliptic_curve_len     )      ) & 0xFF );
-
-    *olen = 6 + elliptic_curve_len;
-
-    return( 0 );
-}
-
-static int ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl,
-                                                  unsigned char *buf,
-                                                  const unsigned char *end,
-                                                  size_t *olen )
-{
-    unsigned char *p = buf;
-    (void) ssl; /* ssl used for debugging only */
-
-    *olen = 0;
-
-    MBEDTLS_SSL_DEBUG_MSG( 3,
-        ( "client hello, adding supported_point_formats extension" ) );
-    MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 );
-
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 )
-                            & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS      )
-                            & 0xFF );
-
-    *p++ = 0x00;
-    *p++ = 2;
-
-    *p++ = 1;
-    *p++ = MBEDTLS_ECP_PF_UNCOMPRESSED;
-
-    *olen = 6;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
-          MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl,
-                                       unsigned char *buf,
-                                       const unsigned char *end,
-                                       size_t *olen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *p = buf;
-    size_t kkpp_len;
-
-    *olen = 0;
-
-    /* Skip costly extension if we can't use EC J-PAKE anyway */
-    if( mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 )
-        return( 0 );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3,
-        ( "client hello, adding ecjpake_kkpp extension" ) );
-
-    MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 );
-
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP      ) & 0xFF );
-
-    /*
-     * We may need to send ClientHello multiple times for Hello verification.
-     * We don't want to compute fresh values every time (both for performance
-     * and consistency reasons), so cache the extension content.
-     */
-    if( ssl->handshake->ecjpake_cache == NULL ||
-        ssl->handshake->ecjpake_cache_len == 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "generating new ecjpake parameters" ) );
-
-        ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx,
-                                               p + 2, end - p - 2, &kkpp_len,
-                                               ssl->conf->f_rng, ssl->conf->p_rng );
-        if( ret != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1 ,
-                "mbedtls_ecjpake_write_round_one", ret );
-            return( ret );
-        }
-
-        ssl->handshake->ecjpake_cache = mbedtls_calloc( 1, kkpp_len );
-        if( ssl->handshake->ecjpake_cache == NULL )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "allocation failed" ) );
-            return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-        }
-
-        memcpy( ssl->handshake->ecjpake_cache, p + 2, kkpp_len );
-        ssl->handshake->ecjpake_cache_len = kkpp_len;
-    }
-    else
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "re-using cached ecjpake parameters" ) );
-
-        kkpp_len = ssl->handshake->ecjpake_cache_len;
-        MBEDTLS_SSL_CHK_BUF_PTR( p + 2, end, kkpp_len );
-
-        memcpy( p + 2, ssl->handshake->ecjpake_cache, kkpp_len );
-    }
-
-    *p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( kkpp_len      ) & 0xFF );
-
-    *olen = kkpp_len + 4;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-static int ssl_write_cid_ext( mbedtls_ssl_context *ssl,
-                              unsigned char *buf,
-                              const unsigned char *end,
-                              size_t *olen )
-{
-    unsigned char *p = buf;
-    size_t ext_len;
-
-    /*
-     * Quoting draft-ietf-tls-dtls-connection-id-05
-     * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05
-     *
-     *   struct {
-     *      opaque cid<0..2^8-1>;
-     *   } ConnectionId;
-    */
-
-    *olen = 0;
-    if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ||
-        ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED )
-    {
-        return( 0 );
-    }
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding CID extension" ) );
-
-    /* ssl->own_cid_len is at most MBEDTLS_SSL_CID_IN_LEN_MAX
-     * which is at most 255, so the increment cannot overflow. */
-    MBEDTLS_SSL_CHK_BUF_PTR( p, end, (unsigned)( ssl->own_cid_len + 5 ) );
-
-    /* Add extension ID + size */
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID      ) & 0xFF );
-    ext_len = (size_t) ssl->own_cid_len + 1;
-    *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( ext_len      ) & 0xFF );
-
-    *p++ = (uint8_t) ssl->own_cid_len;
-    memcpy( p, ssl->own_cid, ssl->own_cid_len );
-
-    *olen = ssl->own_cid_len + 5;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl,
-                                              unsigned char *buf,
-                                              const unsigned char *end,
-                                              size_t *olen )
-{
-    unsigned char *p = buf;
-
-    *olen = 0;
-
-    if( ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE )
-        return( 0 );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3,
-        ( "client hello, adding max_fragment_length extension" ) );
-
-    MBEDTLS_SSL_CHK_BUF_PTR( p, end, 5 );
-
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 )
-                            & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH      )
-                            & 0xFF );
-
-    *p++ = 0x00;
-    *p++ = 1;
-
-    *p++ = ssl->conf->mfl_code;
-
-    *olen = 5;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-static int ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl,
-                                         unsigned char *buf,
-                                         const unsigned char *end,
-                                         size_t *olen )
-{
-    unsigned char *p = buf;
-
-    *olen = 0;
-
-    if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED )
-        return( 0 );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3,
-        ( "client hello, adding truncated_hmac extension" ) );
-
-    MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 );
-
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC      ) & 0xFF );
-
-    *p++ = 0x00;
-    *p++ = 0x00;
-
-    *olen = 4;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
-                                           unsigned char *buf,
-                                           const unsigned char *end,
-                                           size_t *olen )
-{
-    unsigned char *p = buf;
-
-    *olen = 0;
-
-    if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED ||
-        ssl->conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
-        return( 0 );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3,
-        ( "client hello, adding encrypt_then_mac extension" ) );
-
-    MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 );
-
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC      ) & 0xFF );
-
-    *p++ = 0x00;
-    *p++ = 0x00;
-
-    *olen = 4;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
-
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-static int ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl,
-                                      unsigned char *buf,
-                                      const unsigned char *end,
-                                      size_t *olen )
-{
-    unsigned char *p = buf;
-
-    *olen = 0;
-
-    if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED ||
-        ssl->conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
-        return( 0 );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3,
-        ( "client hello, adding extended_master_secret extension" ) );
-
-    MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 );
-
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 )
-                            & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET      )
-                            & 0xFF );
-
-    *p++ = 0x00;
-    *p++ = 0x00;
-
-    *olen = 4;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-static int ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl,
-                                         unsigned char *buf,
-                                         const unsigned char *end,
-                                         size_t *olen )
-{
-    unsigned char *p = buf;
-    size_t tlen = ssl->session_negotiate->ticket_len;
-
-    *olen = 0;
-
-    if( ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED )
-        return( 0 );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3,
-        ( "client hello, adding session ticket extension" ) );
-
-    /* The addition is safe here since the ticket length is 16 bit. */
-    MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 + tlen );
-
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET      ) & 0xFF );
-
-    *p++ = (unsigned char)( ( tlen >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( tlen      ) & 0xFF );
-
-    *olen = 4;
-
-    if( ssl->session_negotiate->ticket == NULL || tlen == 0 )
-        return( 0 );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3,
-        ( "sending session ticket of length %d", tlen ) );
-
-    memcpy( p, ssl->session_negotiate->ticket, tlen );
-
-    *olen += tlen;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
-
-#if defined(MBEDTLS_SSL_ALPN)
-static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl,
-                               unsigned char *buf,
-                               const unsigned char *end,
-                               size_t *olen )
-{
-    unsigned char *p = buf;
-    size_t alpnlen = 0;
-    const char **cur;
-
-    *olen = 0;
-
-    if( ssl->conf->alpn_list == NULL )
-        return( 0 );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding alpn extension" ) );
-
-    for( cur = ssl->conf->alpn_list; *cur != NULL; cur++ )
-        alpnlen += strlen( *cur ) + 1;
-
-    MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 + alpnlen );
-
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN      ) & 0xFF );
-
-    /*
-     * opaque ProtocolName<1..2^8-1>;
-     *
-     * struct {
-     *     ProtocolName protocol_name_list<2..2^16-1>
-     * } ProtocolNameList;
-     */
-
-    /* Skip writing extension and list length for now */
-    p += 4;
-
-    for( cur = ssl->conf->alpn_list; *cur != NULL; cur++ )
-    {
-        /*
-         * mbedtls_ssl_conf_set_alpn_protocols() checked that the length of
-         * protocol names is less than 255.
-         */
-        *p = (unsigned char)strlen( *cur );
-        memcpy( p + 1, *cur, *p );
-        p += 1 + *p;
-    }
-
-    *olen = p - buf;
-
-    /* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */
-    buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF );
-    buf[5] = (unsigned char)( ( ( *olen - 6 )      ) & 0xFF );
-
-    /* Extension length = olen - 2 (ext_type) - 2 (ext_len) */
-    buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF );
-    buf[3] = (unsigned char)( ( ( *olen - 4 )      ) & 0xFF );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_ALPN */
-
-#if defined(MBEDTLS_SSL_DTLS_SRTP)
-static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl,
-                                   unsigned char *buf,
-                                   const unsigned char *end,
-                                   size_t *olen )
-{
-    unsigned char *p = buf;
-    size_t protection_profiles_index = 0, ext_len = 0;
-    uint16_t mki_len = 0, profile_value = 0;
-
-    *olen = 0;
-
-    if( ( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) ||
-        ( ssl->conf->dtls_srtp_profile_list == NULL ) ||
-        ( ssl->conf->dtls_srtp_profile_list_len == 0 ) )
-    {
-        return( 0 );
-    }
-
-    /* RFC 5764 section 4.1.1
-     * uint8 SRTPProtectionProfile[2];
-     *
-     * struct {
-     *   SRTPProtectionProfiles SRTPProtectionProfiles;
-     *   opaque srtp_mki<0..255>;
-     * } UseSRTPData;
-     * SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1>;
-     */
-    if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED )
-    {
-        mki_len = ssl->dtls_srtp_info.mki_len;
-    }
-    /* Extension length = 2 bytes for profiles length,
-     *                    ssl->conf->dtls_srtp_profile_list_len * 2 (each profile is 2 bytes length ),
-     *                    1 byte for srtp_mki vector length and the mki_len value
-     */
-    ext_len = 2 + 2 * ( ssl->conf->dtls_srtp_profile_list_len ) + 1 + mki_len;
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding use_srtp extension" ) );
-
-    /* Check there is room in the buffer for the extension + 4 bytes
-     * - the extension tag (2 bytes)
-     * - the extension length (2 bytes)
-     */
-    MBEDTLS_SSL_CHK_BUF_PTR( p, end, ext_len + 4 );
-
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP      ) & 0xFF );
-
-
-    *p++ = (unsigned char)( ( ( ext_len & 0xFF00 ) >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ext_len & 0xFF );
-
-    /* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */
-    /* micro-optimization:
-     * the list size is limited to MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH
-     * which is lower than 127, so the upper byte of the length is always 0
-     * For the documentation, the more generic code is left in comments
-     * *p++ = (unsigned char)( ( ( 2 * ssl->conf->dtls_srtp_profile_list_len )
-     *                        >> 8 ) & 0xFF );
-     */
-    *p++ = 0;
-    *p++ = (unsigned char)( ( 2 * ssl->conf->dtls_srtp_profile_list_len )
-                            & 0xFF );
-
-    for( protection_profiles_index=0;
-         protection_profiles_index < ssl->conf->dtls_srtp_profile_list_len;
-         protection_profiles_index++ )
-    {
-        profile_value = mbedtls_ssl_check_srtp_profile_value
-                ( ssl->conf->dtls_srtp_profile_list[protection_profiles_index] );
-        if( profile_value != MBEDTLS_TLS_SRTP_UNSET )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_write_use_srtp_ext, add profile: %04x",
-                                        profile_value ) );
-            *p++ = ( ( profile_value >> 8 ) & 0xFF );
-            *p++ = ( profile_value & 0xFF );
-        }
-        else
-        {
-            /*
-             * Note: we shall never arrive here as protection profiles
-             * is checked by mbedtls_ssl_conf_dtls_srtp_protection_profiles function
-             */
-            MBEDTLS_SSL_DEBUG_MSG( 3,
-                    ( "client hello, "
-                      "illegal DTLS-SRTP protection profile %d",
-                      ssl->conf->dtls_srtp_profile_list[protection_profiles_index]
-                    ) );
-            return( MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED );
-        }
-    }
-
-    *p++ = mki_len & 0xFF;
-
-    if( mki_len != 0 )
-    {
-        memcpy( p, ssl->dtls_srtp_info.mki_value, mki_len );
-        /*
-         * Increment p to point to the current position.
-         */
-        p += mki_len;
-        MBEDTLS_SSL_DEBUG_BUF( 3, "sending mki",  ssl->dtls_srtp_info.mki_value,
-                               ssl->dtls_srtp_info.mki_len );
-    }
-
-    /*
-     * total extension length: extension type (2 bytes)
-     *                         + extension length (2 bytes)
-     *                         + protection profile length (2 bytes)
-     *                         + 2 * number of protection profiles
-     *                         + srtp_mki vector length(1 byte)
-     *                         + mki value
-     */
-    *olen = p - buf;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-
-/*
- * Generate random bytes for ClientHello
- */
-static int ssl_generate_random( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *p = ssl->handshake->randbytes;
-#if defined(MBEDTLS_HAVE_TIME)
-    mbedtls_time_t t;
-#endif
-
-    /*
-     * When responding to a verify request, MUST reuse random (RFC 6347 4.2.1)
-     */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-        ssl->handshake->verify_cookie != NULL )
-    {
-        return( 0 );
-    }
-#endif
-
-#if defined(MBEDTLS_HAVE_TIME)
-    t = mbedtls_time( NULL );
-    *p++ = (unsigned char)( t >> 24 );
-    *p++ = (unsigned char)( t >> 16 );
-    *p++ = (unsigned char)( t >>  8 );
-    *p++ = (unsigned char)( t       );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, current time: %lu", t ) );
-#else
-    if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 )
-        return( ret );
-
-    p += 4;
-#endif /* MBEDTLS_HAVE_TIME */
-
-    if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 28 ) ) != 0 )
-        return( ret );
-
-    return( 0 );
-}
-
-/**
- * \brief           Validate cipher suite against config in SSL context.
- *
- * \param suite_info    cipher suite to validate
- * \param ssl           SSL context
- * \param min_minor_ver Minimal minor version to accept a cipher suite
- * \param max_minor_ver Maximal minor version to accept a cipher suite
- *
- * \return          0 if valid, else 1
- */
-static int ssl_validate_ciphersuite(
-    const mbedtls_ssl_ciphersuite_t * suite_info,
-    const mbedtls_ssl_context * ssl,
-    int min_minor_ver, int max_minor_ver )
-{
-    (void) ssl;
-    if( suite_info == NULL )
-        return( 1 );
-
-    if( suite_info->min_minor_ver > max_minor_ver ||
-            suite_info->max_minor_ver < min_minor_ver )
-        return( 1 );
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-            ( suite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS ) )
-        return( 1 );
-#endif
-
-#if defined(MBEDTLS_ARC4_C)
-    if( ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED &&
-            suite_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
-        return( 1 );
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-    if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE &&
-            mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 )
-        return( 1 );
-#endif
-
-    /* Don't suggest PSK-based ciphersuite if no PSK is available. */
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-    if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) &&
-        ssl_conf_has_static_psk( ssl->conf ) == 0 )
-    {
-        return( 1 );
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-
-    return( 0 );
-}
-
-static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t i, n, olen, ext_len = 0;
-
-    unsigned char *buf;
-    unsigned char *p, *q;
-    const unsigned char *end;
-
-    unsigned char offer_compress;
-    const int *ciphersuites;
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
-    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-    int uses_ec = 0;
-#endif
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) );
-
-    if( ssl->conf->f_rng == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided") );
-        return( MBEDTLS_ERR_SSL_NO_RNG );
-    }
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE )
-#endif
-    {
-        ssl->major_ver = ssl->conf->min_major_ver;
-        ssl->minor_ver = ssl->conf->min_minor_ver;
-    }
-
-    if( ssl->conf->max_major_ver == 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "configured max major version is invalid, consider using mbedtls_ssl_config_defaults()" ) );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    buf = ssl->out_msg;
-    end = buf + MBEDTLS_SSL_OUT_CONTENT_LEN;
-
-    /*
-     * Check if there's enough space for the first part of the ClientHello
-     * consisting of the 38 bytes described below, the session identifier (at
-     * most 32 bytes) and its length (1 byte).
-     *
-     * Use static upper bounds instead of the actual values
-     * to allow the compiler to optimize this away.
-     */
-    MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 38 + 1 + 32 );
-
-    /*
-     * The 38 first bytes of the ClientHello:
-     *     0  .   0   handshake type (written later)
-     *     1  .   3   handshake length (written later)
-     *     4  .   5   highest version supported
-     *     6  .   9   current UNIX time
-     *    10  .  37   random bytes
-     *
-     * The current UNIX time (4 bytes) and following 28 random bytes are written
-     * by ssl_generate_random() into ssl->handshake->randbytes buffer and then
-     * copied from there into the output buffer.
-     */
-
-    p = buf + 4;
-    mbedtls_ssl_write_version( ssl->conf->max_major_ver,
-                               ssl->conf->max_minor_ver,
-                               ssl->conf->transport, p );
-    p += 2;
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, max version: [%d:%d]",
-                   buf[4], buf[5] ) );
-
-    if( ( ret = ssl_generate_random( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_generate_random", ret );
-        return( ret );
-    }
-
-    memcpy( p, ssl->handshake->randbytes, 32 );
-    MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", p, 32 );
-    p += 32;
-
-    /*
-     *    38  .  38   session id length
-     *    39  . 39+n  session id
-     *   39+n . 39+n  DTLS only: cookie length (1 byte)
-     *   40+n .  ..   DTLS only: cookie
-     *   ..   . ..    ciphersuitelist length (2 bytes)
-     *   ..   . ..    ciphersuitelist
-     *   ..   . ..    compression methods length (1 byte)
-     *   ..   . ..    compression methods
-     *   ..   . ..    extensions length (2 bytes)
-     *   ..   . ..    extensions
-     */
-    n = ssl->session_negotiate->id_len;
-
-    if( n < 16 || n > 32 ||
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-        ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ||
-#endif
-        ssl->handshake->resume == 0 )
-    {
-        n = 0;
-    }
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    /*
-     * RFC 5077 section 3.4: "When presenting a ticket, the client MAY
-     * generate and include a Session ID in the TLS ClientHello."
-     */
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE )
-#endif
-    {
-        if( ssl->session_negotiate->ticket != NULL &&
-                ssl->session_negotiate->ticket_len != 0 )
-        {
-            ret = ssl->conf->f_rng( ssl->conf->p_rng,
-                                    ssl->session_negotiate->id, 32 );
-
-            if( ret != 0 )
-                return( ret );
-
-            ssl->session_negotiate->id_len = n = 32;
-        }
-    }
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
-
-    /*
-     * The first check of the output buffer size above (
-     * MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 38 + 1 + 32 );)
-     * has checked that there is enough space in the output buffer for the
-     * session identifier length byte and the session identifier (n <= 32).
-     */
-    *p++ = (unsigned char) n;
-
-    for( i = 0; i < n; i++ )
-        *p++ = ssl->session_negotiate->id[i];
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, session id len.: %d", n ) );
-    MBEDTLS_SSL_DEBUG_BUF( 3,   "client hello, session id", buf + 39, n );
-
-    /*
-     *   With 'n' being the length of the session identifier
-     *
-     *   39+n . 39+n  DTLS only: cookie length (1 byte)
-     *   40+n .  ..   DTLS only: cookie
-     *   ..   . ..    ciphersuitelist length (2 bytes)
-     *   ..   . ..    ciphersuitelist
-     *   ..   . ..    compression methods length (1 byte)
-     *   ..   . ..    compression methods
-     *   ..   . ..    extensions length (2 bytes)
-     *   ..   . ..    extensions
-     */
-
-    /*
-     * DTLS cookie
-     */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        MBEDTLS_SSL_CHK_BUF_PTR( p, end, 1 );
-
-        if( ssl->handshake->verify_cookie == NULL )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "no verify cookie to send" ) );
-            *p++ = 0;
-        }
-        else
-        {
-            MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, cookie",
-                              ssl->handshake->verify_cookie,
-                              ssl->handshake->verify_cookie_len );
-
-            *p++ = ssl->handshake->verify_cookie_len;
-
-            MBEDTLS_SSL_CHK_BUF_PTR( p, end,
-                                     ssl->handshake->verify_cookie_len );
-            memcpy( p, ssl->handshake->verify_cookie,
-                       ssl->handshake->verify_cookie_len );
-            p += ssl->handshake->verify_cookie_len;
-        }
-    }
-#endif
-
-    /*
-     * Ciphersuite list
-     */
-    ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver];
-
-    /* Skip writing ciphersuite length for now */
-    n = 0;
-    q = p;
-
-    MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
-    p += 2;
-
-    for( i = 0; ciphersuites[i] != 0; i++ )
-    {
-        ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] );
-
-        if( ssl_validate_ciphersuite( ciphersuite_info, ssl,
-                                      ssl->conf->min_minor_ver,
-                                      ssl->conf->max_minor_ver ) != 0 )
-            continue;
-
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %#04x (%s)",
-                                    ciphersuites[i], ciphersuite_info->name ) );
-
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
-    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-        uses_ec |= mbedtls_ssl_ciphersuite_uses_ec( ciphersuite_info );
-#endif
-
-        MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
-
-        n++;
-        *p++ = (unsigned char)( ciphersuites[i] >> 8 );
-        *p++ = (unsigned char)( ciphersuites[i]      );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3,
-        ( "client hello, got %d ciphersuites (excluding SCSVs)", n ) );
-
-    /*
-     * Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV
-     */
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE )
-#endif
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding EMPTY_RENEGOTIATION_INFO_SCSV" ) );
-        MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
-        *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO >> 8 );
-        *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO      );
-        n++;
-    }
-
-    /* Some versions of OpenSSL don't handle it correctly if not at end */
-#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
-    if( ssl->conf->fallback == MBEDTLS_SSL_IS_FALLBACK )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding FALLBACK_SCSV" ) );
-
-        MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
-        *p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 );
-        *p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE      );
-        n++;
-    }
-#endif
-
-    *q++ = (unsigned char)( n >> 7 );
-    *q++ = (unsigned char)( n << 1 );
-
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-    offer_compress = 1;
-#else
-    offer_compress = 0;
-#endif
-
-    /*
-     * We don't support compression with DTLS right now: if many records come
-     * in the same datagram, uncompressing one could overwrite the next one.
-     * We don't want to add complexity for handling that case unless there is
-     * an actual need for it.
-     */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        offer_compress = 0;
-#endif
-
-    if( offer_compress )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress len.: %d", 2 ) );
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d %d",
-                                    MBEDTLS_SSL_COMPRESS_DEFLATE,
-                                    MBEDTLS_SSL_COMPRESS_NULL ) );
-
-        MBEDTLS_SSL_CHK_BUF_PTR( p, end, 3 );
-        *p++ = 2;
-        *p++ = MBEDTLS_SSL_COMPRESS_DEFLATE;
-        *p++ = MBEDTLS_SSL_COMPRESS_NULL;
-    }
-    else
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress len.: %d", 1 ) );
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d",
-                            MBEDTLS_SSL_COMPRESS_NULL ) );
-
-        MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
-        *p++ = 1;
-        *p++ = MBEDTLS_SSL_COMPRESS_NULL;
-    }
-
-    /* First write extensions, then the total length */
-
-    MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
-
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-    if( ( ret = ssl_write_hostname_ext( ssl, p + 2 + ext_len,
-                                        end, &olen ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_hostname_ext", ret );
-        return( ret );
-    }
-    ext_len += olen;
-#endif
-
-    /* Note that TLS_EMPTY_RENEGOTIATION_INFO_SCSV is always added
-     * even if MBEDTLS_SSL_RENEGOTIATION is not defined. */
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( ( ret = ssl_write_renegotiation_ext( ssl, p + 2 + ext_len,
-                                             end, &olen ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_renegotiation_ext", ret );
-        return( ret );
-    }
-    ext_len += olen;
-#endif
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
-    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-    if( ( ret = ssl_write_signature_algorithms_ext( ssl, p + 2 + ext_len,
-                                                    end, &olen ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_signature_algorithms_ext", ret );
-        return( ret );
-    }
-    ext_len += olen;
-#endif
-
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
-    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-    if( uses_ec )
-    {
-        if( ( ret = ssl_write_supported_elliptic_curves_ext( ssl, p + 2 + ext_len,
-                                                             end, &olen ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_supported_elliptic_curves_ext", ret );
-            return( ret );
-        }
-        ext_len += olen;
-
-        if( ( ret = ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len,
-                                                           end, &olen ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_supported_point_formats_ext", ret );
-            return( ret );
-        }
-        ext_len += olen;
-    }
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-    if( ( ret = ssl_write_ecjpake_kkpp_ext( ssl, p + 2 + ext_len,
-                                            end, &olen ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_ecjpake_kkpp_ext", ret );
-        return( ret );
-    }
-    ext_len += olen;
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    if( ( ret = ssl_write_cid_ext( ssl, p + 2 + ext_len, end, &olen ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_cid_ext", ret );
-        return( ret );
-    }
-    ext_len += olen;
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-    if( ( ret = ssl_write_max_fragment_length_ext( ssl, p + 2 + ext_len,
-                                                   end, &olen ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_max_fragment_length_ext", ret );
-        return( ret );
-    }
-    ext_len += olen;
-#endif
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-    if( ( ret = ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len,
-                                              end, &olen ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_truncated_hmac_ext", ret );
-        return( ret );
-    }
-    ext_len += olen;
-#endif
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-    if( ( ret = ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len,
-                                                end, &olen ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_encrypt_then_mac_ext", ret );
-        return( ret );
-    }
-    ext_len += olen;
-#endif
-
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-    if( ( ret = ssl_write_extended_ms_ext( ssl, p + 2 + ext_len,
-                                           end, &olen ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_extended_ms_ext", ret );
-        return( ret );
-    }
-    ext_len += olen;
-#endif
-
-#if defined(MBEDTLS_SSL_ALPN)
-    if( ( ret = ssl_write_alpn_ext( ssl, p + 2 + ext_len,
-                                    end, &olen ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_alpn_ext", ret );
-        return( ret );
-    }
-    ext_len += olen;
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_SRTP)
-    if( ( ret = ssl_write_use_srtp_ext( ssl, p + 2 + ext_len,
-                                        end, &olen ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_use_srtp_ext", ret );
-        return( ret );
-    }
-    ext_len += olen;
-#endif
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    if( ( ret = ssl_write_session_ticket_ext( ssl, p + 2 + ext_len,
-                                              end, &olen ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_session_ticket_ext", ret );
-        return( ret );
-    }
-    ext_len += olen;
-#endif
-
-    /* olen unused if all extensions are disabled */
-    ((void) olen);
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %d",
-                                ext_len ) );
-
-    if( ext_len > 0 )
-    {
-        /* No need to check for space here, because the extension
-         * writing functions already took care of that. */
-        *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
-        *p++ = (unsigned char)( ( ext_len      ) & 0xFF );
-        p += ext_len;
-    }
-
-    ssl->out_msglen  = p - buf;
-    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
-    ssl->out_msg[0]  = MBEDTLS_SSL_HS_CLIENT_HELLO;
-
-    ssl->state++;
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        mbedtls_ssl_send_flight_completed( ssl );
-#endif
-
-    if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
-        return( ret );
-    }
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-        ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret );
-        return( ret );
-    }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client hello" ) );
-
-    return( 0 );
-}
-
-static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl,
-                                         const unsigned char *buf,
-                                         size_t len )
-{
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
-    {
-        /* Check verify-data in constant-time. The length OTOH is no secret */
-        if( len    != 1 + ssl->verify_data_len * 2 ||
-            buf[0] !=     ssl->verify_data_len * 2 ||
-            mbedtls_ssl_safer_memcmp( buf + 1,
-                          ssl->own_verify_data, ssl->verify_data_len ) != 0 ||
-            mbedtls_ssl_safer_memcmp( buf + 1 + ssl->verify_data_len,
-                          ssl->peer_verify_data, ssl->verify_data_len ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) );
-            mbedtls_ssl_send_alert_message(
-                ssl,
-                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-        }
-    }
-    else
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-    {
-        if( len != 1 || buf[0] != 0x00 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1,
-                ( "non-zero length renegotiation info" ) );
-            mbedtls_ssl_send_alert_message(
-                ssl,
-                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-        }
-
-        ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION;
-    }
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl,
-                                              const unsigned char *buf,
-                                              size_t len )
-{
-    /*
-     * server should use the extension only if we did,
-     * and if so the server's value should match ours (and len is always 1)
-     */
-    if( ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE ||
-        len != 1 ||
-        buf[0] != ssl->conf->mfl_code )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "non-matching max fragment length extension" ) );
-        mbedtls_ssl_send_alert_message(
-            ssl,
-            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-            MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl,
-                                         const unsigned char *buf,
-                                         size_t len )
-{
-    if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED ||
-        len != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "non-matching truncated HMAC extension" ) );
-        mbedtls_ssl_send_alert_message(
-            ssl,
-            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-            MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-
-    ((void) buf);
-
-    ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl,
-                              const unsigned char *buf,
-                              size_t len )
-{
-    size_t peer_cid_len;
-
-    if( /* CID extension only makes sense in DTLS */
-        ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ||
-        /* The server must only send the CID extension if we have offered it. */
-        ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension unexpected" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                     MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-
-    if( len == 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension invalid" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                     MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-
-    peer_cid_len = *buf++;
-    len--;
-
-    if( peer_cid_len > MBEDTLS_SSL_CID_OUT_LEN_MAX )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension invalid" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                     MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-
-    if( len != peer_cid_len )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension invalid" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                     MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-
-    ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED;
-    ssl->handshake->peer_cid_len = (uint8_t) peer_cid_len;
-    memcpy( ssl->handshake->peer_cid, buf, peer_cid_len );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use of CID extension negotiated" ) );
-    MBEDTLS_SSL_DEBUG_BUF( 3, "Server CID", buf, peer_cid_len );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
-                                         const unsigned char *buf,
-                                         size_t len )
-{
-    if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED ||
-        ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ||
-        len != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "non-matching encrypt-then-MAC extension" ) );
-        mbedtls_ssl_send_alert_message(
-            ssl,
-            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-            MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-
-    ((void) buf);
-
-    ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
-
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl,
-                                         const unsigned char *buf,
-                                         size_t len )
-{
-    if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED ||
-        ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ||
-        len != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "non-matching extended master secret extension" ) );
-        mbedtls_ssl_send_alert_message(
-            ssl,
-            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-            MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-
-    ((void) buf);
-
-    ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl,
-                                         const unsigned char *buf,
-                                         size_t len )
-{
-    if( ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED ||
-        len != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "non-matching session ticket extension" ) );
-        mbedtls_ssl_send_alert_message(
-            ssl,
-            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-            MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-
-    ((void) buf);
-
-    ssl->handshake->new_session_ticket = 1;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
-
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
-    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl,
-                                                  const unsigned char *buf,
-                                                  size_t len )
-{
-    size_t list_size;
-    const unsigned char *p;
-
-    if( len == 0 || (size_t)( buf[0] + 1 ) != len )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-    list_size = buf[0];
-
-    p = buf + 1;
-    while( list_size > 0 )
-    {
-        if( p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED ||
-            p[0] == MBEDTLS_ECP_PF_COMPRESSED )
-        {
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
-            ssl->handshake->ecdh_ctx.point_format = p[0];
-#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-            ssl->handshake->ecjpake_ctx.point_format = p[0];
-#endif
-            MBEDTLS_SSL_DEBUG_MSG( 4, ( "point format selected: %d", p[0] ) );
-            return( 0 );
-        }
-
-        list_size--;
-        p++;
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 1, ( "no point format in common" ) );
-    mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                    MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-    return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-}
-#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
-          MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl,
-                                   const unsigned char *buf,
-                                   size_t len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ssl->handshake->ciphersuite_info->key_exchange !=
-        MBEDTLS_KEY_EXCHANGE_ECJPAKE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip ecjpake kkpp extension" ) );
-        return( 0 );
-    }
-
-    /* If we got here, we no longer need our cached extension */
-    mbedtls_free( ssl->handshake->ecjpake_cache );
-    ssl->handshake->ecjpake_cache = NULL;
-    ssl->handshake->ecjpake_cache_len = 0;
-
-    if( ( ret = mbedtls_ecjpake_read_round_one( &ssl->handshake->ecjpake_ctx,
-                                                buf, len ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_one", ret );
-        mbedtls_ssl_send_alert_message(
-            ssl,
-            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-            MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-        return( ret );
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-
-#if defined(MBEDTLS_SSL_ALPN)
-static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl,
-                               const unsigned char *buf, size_t len )
-{
-    size_t list_len, name_len;
-    const char **p;
-
-    /* If we didn't send it, the server shouldn't send it */
-    if( ssl->conf->alpn_list == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching ALPN extension" ) );
-        mbedtls_ssl_send_alert_message(
-            ssl,
-            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-            MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-
-    /*
-     * opaque ProtocolName<1..2^8-1>;
-     *
-     * struct {
-     *     ProtocolName protocol_name_list<2..2^16-1>
-     * } ProtocolNameList;
-     *
-     * the "ProtocolNameList" MUST contain exactly one "ProtocolName"
-     */
-
-    /* Min length is 2 (list_len) + 1 (name_len) + 1 (name) */
-    if( len < 4 )
-    {
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-
-    list_len = ( buf[0] << 8 ) | buf[1];
-    if( list_len != len - 2 )
-    {
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-
-    name_len = buf[2];
-    if( name_len != list_len - 1 )
-    {
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-
-    /* Check that the server chosen protocol was in our list and save it */
-    for( p = ssl->conf->alpn_list; *p != NULL; p++ )
-    {
-        if( name_len == strlen( *p ) &&
-            memcmp( buf + 3, *p, name_len ) == 0 )
-        {
-            ssl->alpn_chosen = *p;
-            return( 0 );
-        }
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 1, ( "ALPN extension: no matching protocol" ) );
-    mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                    MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-    return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-}
-#endif /* MBEDTLS_SSL_ALPN */
-
-#if defined(MBEDTLS_SSL_DTLS_SRTP)
-static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl,
-                                   const unsigned char *buf,
-                                   size_t len )
-{
-    mbedtls_ssl_srtp_profile server_protection = MBEDTLS_TLS_SRTP_UNSET;
-    size_t i, mki_len = 0;
-    uint16_t server_protection_profile_value = 0;
-
-    /* If use_srtp is not configured, just ignore the extension */
-    if( ( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) ||
-        ( ssl->conf->dtls_srtp_profile_list == NULL ) ||
-        ( ssl->conf->dtls_srtp_profile_list_len == 0 ) )
-        return( 0 );
-
-    /* RFC 5764 section 4.1.1
-     * uint8 SRTPProtectionProfile[2];
-     *
-     * struct {
-     *   SRTPProtectionProfiles SRTPProtectionProfiles;
-     *   opaque srtp_mki<0..255>;
-     * } UseSRTPData;
-
-     * SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1>;
-     *
-     */
-    if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED )
-    {
-        mki_len = ssl->dtls_srtp_info.mki_len;
-    }
-
-    /*
-     * Length is 5 + optional mki_value : one protection profile length (2 bytes)
-     *                                      + protection profile (2 bytes)
-     *                                      + mki_len(1 byte)
-     *                                      and optional srtp_mki
-     */
-    if( ( len < 5 ) || ( len != ( buf[4] + 5u ) ) )
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-
-    /*
-     * get the server protection profile
-     */
-
-    /*
-     * protection profile length must be 0x0002 as we must have only
-     * one protection profile in server Hello
-     */
-    if( (  buf[0] != 0 ) || ( buf[1] != 2 ) )
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-
-    server_protection_profile_value = ( buf[2] << 8 ) | buf[3];
-    server_protection = mbedtls_ssl_check_srtp_profile_value(
-                    server_protection_profile_value );
-    if( server_protection != MBEDTLS_TLS_SRTP_UNSET )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "found srtp profile: %s",
-                                      mbedtls_ssl_get_srtp_profile_as_string(
-                                              server_protection ) ) );
-    }
-
-    ssl->dtls_srtp_info.chosen_dtls_srtp_profile = MBEDTLS_TLS_SRTP_UNSET;
-
-    /*
-     * Check we have the server profile in our list
-     */
-    for( i=0; i < ssl->conf->dtls_srtp_profile_list_len; i++)
-    {
-        if( server_protection == ssl->conf->dtls_srtp_profile_list[i] )
-        {
-            ssl->dtls_srtp_info.chosen_dtls_srtp_profile = ssl->conf->dtls_srtp_profile_list[i];
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "selected srtp profile: %s",
-                                      mbedtls_ssl_get_srtp_profile_as_string(
-                                              server_protection ) ) );
-            break;
-        }
-    }
-
-    /* If no match was found : server problem, it shall never answer with incompatible profile */
-    if( ssl->dtls_srtp_info.chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET )
-    {
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-
-    /* If server does not use mki in its reply, make sure the client won't keep
-     * one as negotiated */
-    if( len == 5 )
-    {
-        ssl->dtls_srtp_info.mki_len = 0;
-    }
-
-    /*
-     * RFC5764:
-     *  If the client detects a nonzero-length MKI in the server's response
-     *  that is different than the one the client offered, then the client
-     *  MUST abort the handshake and SHOULD send an invalid_parameter alert.
-     */
-    if( len > 5  && ( buf[4] != mki_len ||
-        ( memcmp( ssl->dtls_srtp_info.mki_value, &buf[5], mki_len ) ) ) )
-    {
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-#if defined (MBEDTLS_DEBUG_C)
-    if( len > 5 )
-    {
-        MBEDTLS_SSL_DEBUG_BUF( 3, "received mki", ssl->dtls_srtp_info.mki_value,
-                                                  ssl->dtls_srtp_info.mki_len );
-    }
-#endif
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-
-/*
- * Parse HelloVerifyRequest.  Only called after verifying the HS type.
- */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl )
-{
-    const unsigned char *p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl );
-    int major_ver, minor_ver;
-    unsigned char cookie_len;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse hello verify request" ) );
-
-    /* Check that there is enough room for:
-     * - 2 bytes of version
-     * - 1 byte of cookie_len
-     */
-    if( mbedtls_ssl_hs_hdr_len( ssl ) + 3 > ssl->in_msglen )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "incoming HelloVerifyRequest message is too short" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                    MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-
-    /*
-     * struct {
-     *   ProtocolVersion server_version;
-     *   opaque cookie<0..2^8-1>;
-     * } HelloVerifyRequest;
-     */
-    MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p, 2 );
-    mbedtls_ssl_read_version( &major_ver, &minor_ver, ssl->conf->transport, p );
-    p += 2;
-
-    /*
-     * Since the RFC is not clear on this point, accept DTLS 1.0 (TLS 1.1)
-     * even is lower than our min version.
-     */
-    if( major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 ||
-        minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ||
-        major_ver > ssl->conf->max_major_ver  ||
-        minor_ver > ssl->conf->max_minor_ver  )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server version" ) );
-
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                     MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION );
-
-        return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION );
-    }
-
-    cookie_len = *p++;
-    if( ( ssl->in_msg + ssl->in_msglen ) - p < cookie_len )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "cookie length does not match incoming message size" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                    MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-    MBEDTLS_SSL_DEBUG_BUF( 3, "cookie", p, cookie_len );
-
-    mbedtls_free( ssl->handshake->verify_cookie );
-
-    ssl->handshake->verify_cookie = mbedtls_calloc( 1, cookie_len );
-    if( ssl->handshake->verify_cookie  == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc failed (%d bytes)", cookie_len ) );
-        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-    }
-
-    memcpy( ssl->handshake->verify_cookie, p, cookie_len );
-    ssl->handshake->verify_cookie_len = cookie_len;
-
-    /* Start over at ClientHello */
-    ssl->state = MBEDTLS_SSL_CLIENT_HELLO;
-    mbedtls_ssl_reset_checksum( ssl );
-
-    mbedtls_ssl_recv_flight_completed( ssl );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse hello verify request" ) );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
-{
-    int ret, i;
-    size_t n;
-    size_t ext_len;
-    unsigned char *buf, *ext;
-    unsigned char comp;
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-    int accept_comp;
-#endif
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    int renegotiation_info_seen = 0;
-#endif
-    int handshake_failure = 0;
-    const mbedtls_ssl_ciphersuite_t *suite_info;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello" ) );
-
-    if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
-    {
-        /* No alert on a read error. */
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
-        return( ret );
-    }
-
-    buf = ssl->in_msg;
-
-    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE )
-    {
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-        if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
-        {
-            ssl->renego_records_seen++;
-
-            if( ssl->conf->renego_max_records >= 0 &&
-                ssl->renego_records_seen > ssl->conf->renego_max_records )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1,
-                    ( "renegotiation requested, but not honored by server" ) );
-                return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
-            }
-
-            MBEDTLS_SSL_DEBUG_MSG( 1,
-                ( "non-handshake message during renegotiation" ) );
-
-            ssl->keep_current_message = 1;
-            return( MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO );
-        }
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
-        mbedtls_ssl_send_alert_message(
-            ssl,
-            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-            MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
-        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
-    }
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        if( buf[0] == MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "received hello verify request" ) );
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello" ) );
-            return( ssl_parse_hello_verify_request( ssl ) );
-        }
-        else
-        {
-            /* We made it through the verification process */
-            mbedtls_free( ssl->handshake->verify_cookie );
-            ssl->handshake->verify_cookie = NULL;
-            ssl->handshake->verify_cookie_len = 0;
-        }
-    }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-    if( ssl->in_hslen < 38 + mbedtls_ssl_hs_hdr_len( ssl ) ||
-        buf[0] != MBEDTLS_SSL_HS_SERVER_HELLO )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-
-    /*
-     *  0   .  1    server_version
-     *  2   . 33    random (maybe including 4 bytes of Unix time)
-     * 34   . 34    session_id length = n
-     * 35   . 34+n  session_id
-     * 35+n . 36+n  cipher_suite
-     * 37+n . 37+n  compression_method
-     *
-     * 38+n . 39+n  extensions length (optional)
-     * 40+n .  ..   extensions
-     */
-    buf += mbedtls_ssl_hs_hdr_len( ssl );
-
-    MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, version", buf + 0, 2 );
-    mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver,
-                      ssl->conf->transport, buf + 0 );
-
-    if( ssl->major_ver < ssl->conf->min_major_ver ||
-        ssl->minor_ver < ssl->conf->min_minor_ver ||
-        ssl->major_ver > ssl->conf->max_major_ver ||
-        ssl->minor_ver > ssl->conf->max_minor_ver )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "server version out of bounds -  min: [%d:%d], server: [%d:%d], max: [%d:%d]",
-              ssl->conf->min_major_ver,
-              ssl->conf->min_minor_ver,
-              ssl->major_ver, ssl->minor_ver,
-              ssl->conf->max_major_ver,
-              ssl->conf->max_minor_ver ) );
-
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                     MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION );
-
-        return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu",
-                           ( (uint32_t) buf[2] << 24 ) |
-                           ( (uint32_t) buf[3] << 16 ) |
-                           ( (uint32_t) buf[4] <<  8 ) |
-                           ( (uint32_t) buf[5]       ) ) );
-
-    memcpy( ssl->handshake->randbytes + 32, buf + 2, 32 );
-
-    n = buf[34];
-
-    MBEDTLS_SSL_DEBUG_BUF( 3,   "server hello, random bytes", buf + 2, 32 );
-
-    if( n > 32 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-
-    if( ssl->in_hslen > mbedtls_ssl_hs_hdr_len( ssl ) + 39 + n )
-    {
-        ext_len = ( ( buf[38 + n] <<  8 )
-                  | ( buf[39 + n]       ) );
-
-        if( ( ext_len > 0 && ext_len < 4 ) ||
-            ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + 40 + n + ext_len )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
-            mbedtls_ssl_send_alert_message(
-                ssl,
-                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-        }
-    }
-    else if( ssl->in_hslen == mbedtls_ssl_hs_hdr_len( ssl ) + 38 + n )
-    {
-        ext_len = 0;
-    }
-    else
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-
-    /* ciphersuite (used later) */
-    i = ( buf[35 + n] << 8 ) | buf[36 + n];
-
-    /*
-     * Read and check compression
-     */
-    comp = buf[37 + n];
-
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-    /* See comments in ssl_write_client_hello() */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        accept_comp = 0;
-    else
-#endif
-        accept_comp = 1;
-
-    if( comp != MBEDTLS_SSL_COMPRESS_NULL &&
-        ( comp != MBEDTLS_SSL_COMPRESS_DEFLATE || accept_comp == 0 ) )
-#else /* MBEDTLS_ZLIB_SUPPORT */
-    if( comp != MBEDTLS_SSL_COMPRESS_NULL )
-#endif/* MBEDTLS_ZLIB_SUPPORT */
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "server hello, bad compression: %d", comp ) );
-        mbedtls_ssl_send_alert_message(
-            ssl,
-            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-            MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-        return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-    }
-
-    /*
-     * Initialize update checksum functions
-     */
-    ssl->handshake->ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( i );
-    if( ssl->handshake->ciphersuite_info == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "ciphersuite info for %04x not found", i ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    mbedtls_ssl_optimize_checksum( ssl, ssl->handshake->ciphersuite_info );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %d", n ) );
-    MBEDTLS_SSL_DEBUG_BUF( 3,   "server hello, session id", buf + 35, n );
-
-    /*
-     * Check if the session can be resumed
-     */
-    if( ssl->handshake->resume == 0 || n == 0 ||
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-        ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ||
-#endif
-        ssl->session_negotiate->ciphersuite != i ||
-        ssl->session_negotiate->compression != comp ||
-        ssl->session_negotiate->id_len != n ||
-        memcmp( ssl->session_negotiate->id, buf + 35, n ) != 0 )
-    {
-        ssl->state++;
-        ssl->handshake->resume = 0;
-#if defined(MBEDTLS_HAVE_TIME)
-        ssl->session_negotiate->start = mbedtls_time( NULL );
-#endif
-        ssl->session_negotiate->ciphersuite = i;
-        ssl->session_negotiate->compression = comp;
-        ssl->session_negotiate->id_len = n;
-        memcpy( ssl->session_negotiate->id, buf + 35, n );
-    }
-    else
-    {
-        ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC;
-
-        if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret );
-            mbedtls_ssl_send_alert_message(
-                ssl,
-                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
-            return( ret );
-        }
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed",
-                   ssl->handshake->resume ? "a" : "no" ) );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %04x", i ) );
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: %d",
-                                buf[37 + n] ) );
-
-    /*
-     * Perform cipher suite validation in same way as in ssl_write_client_hello.
-     */
-    i = 0;
-    while( 1 )
-    {
-        if( ssl->conf->ciphersuite_list[ssl->minor_ver][i] == 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
-            mbedtls_ssl_send_alert_message(
-                ssl,
-                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-        }
-
-        if( ssl->conf->ciphersuite_list[ssl->minor_ver][i++] ==
-            ssl->session_negotiate->ciphersuite )
-        {
-            break;
-        }
-    }
-
-    suite_info = mbedtls_ssl_ciphersuite_from_id(
-        ssl->session_negotiate->ciphersuite );
-    if( ssl_validate_ciphersuite( suite_info, ssl, ssl->minor_ver,
-                                  ssl->minor_ver ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
-        mbedtls_ssl_send_alert_message(
-            ssl,
-            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-            MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3,
-        ( "server hello, chosen ciphersuite: %s", suite_info->name ) );
-
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-    if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA &&
-        ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
-    {
-        ssl->handshake->ecrs_enabled = 1;
-    }
-#endif
-
-    if( comp != MBEDTLS_SSL_COMPRESS_NULL
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-        && comp != MBEDTLS_SSL_COMPRESS_DEFLATE
-#endif
-      )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
-        mbedtls_ssl_send_alert_message(
-            ssl,
-            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-            MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-    ssl->session_negotiate->compression = comp;
-
-    ext = buf + 40 + n;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2,
-        ( "server hello, total extension length: %d", ext_len ) );
-
-    while( ext_len )
-    {
-        unsigned int ext_id   = ( ( ext[0] <<  8 )
-                                | ( ext[1]       ) );
-        unsigned int ext_size = ( ( ext[2] <<  8 )
-                                | ( ext[3]       ) );
-
-        if( ext_size + 4 > ext_len )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
-            mbedtls_ssl_send_alert_message(
-                ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-        }
-
-        switch( ext_id )
-        {
-        case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO:
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) );
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-            renegotiation_info_seen = 1;
-#endif
-
-            if( ( ret = ssl_parse_renegotiation_info( ssl, ext + 4,
-                                                      ext_size ) ) != 0 )
-                return( ret );
-
-            break;
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-        case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH:
-            MBEDTLS_SSL_DEBUG_MSG( 3,
-                ( "found max_fragment_length extension" ) );
-
-            if( ( ret = ssl_parse_max_fragment_length_ext( ssl,
-                            ext + 4, ext_size ) ) != 0 )
-            {
-                return( ret );
-            }
-
-            break;
-#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-        case MBEDTLS_TLS_EXT_TRUNCATED_HMAC:
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated_hmac extension" ) );
-
-            if( ( ret = ssl_parse_truncated_hmac_ext( ssl,
-                            ext + 4, ext_size ) ) != 0 )
-            {
-                return( ret );
-            }
-
-            break;
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-        case MBEDTLS_TLS_EXT_CID:
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) );
-
-            if( ( ret = ssl_parse_cid_ext( ssl,
-                                           ext + 4,
-                                           ext_size ) ) != 0 )
-            {
-                return( ret );
-            }
-
-            break;
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-        case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC:
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "found encrypt_then_mac extension" ) );
-
-            if( ( ret = ssl_parse_encrypt_then_mac_ext( ssl,
-                            ext + 4, ext_size ) ) != 0 )
-            {
-                return( ret );
-            }
-
-            break;
-#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
-
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-        case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET:
-            MBEDTLS_SSL_DEBUG_MSG( 3,
-                ( "found extended_master_secret extension" ) );
-
-            if( ( ret = ssl_parse_extended_ms_ext( ssl,
-                            ext + 4, ext_size ) ) != 0 )
-            {
-                return( ret );
-            }
-
-            break;
-#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-        case MBEDTLS_TLS_EXT_SESSION_TICKET:
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "found session_ticket extension" ) );
-
-            if( ( ret = ssl_parse_session_ticket_ext( ssl,
-                            ext + 4, ext_size ) ) != 0 )
-            {
-                return( ret );
-            }
-
-            break;
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
-
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
-    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-        case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS:
-            MBEDTLS_SSL_DEBUG_MSG( 3,
-                ( "found supported_point_formats extension" ) );
-
-            if( ( ret = ssl_parse_supported_point_formats_ext( ssl,
-                            ext + 4, ext_size ) ) != 0 )
-            {
-                return( ret );
-            }
-
-            break;
-#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
-          MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-        case MBEDTLS_TLS_EXT_ECJPAKE_KKPP:
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ecjpake_kkpp extension" ) );
-
-            if( ( ret = ssl_parse_ecjpake_kkpp( ssl,
-                            ext + 4, ext_size ) ) != 0 )
-            {
-                return( ret );
-            }
-
-            break;
-#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-
-#if defined(MBEDTLS_SSL_ALPN)
-        case MBEDTLS_TLS_EXT_ALPN:
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) );
-
-            if( ( ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size ) ) != 0 )
-                return( ret );
-
-            break;
-#endif /* MBEDTLS_SSL_ALPN */
-
-#if defined(MBEDTLS_SSL_DTLS_SRTP)
-        case MBEDTLS_TLS_EXT_USE_SRTP:
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "found use_srtp extension" ) );
-
-            if( ( ret = ssl_parse_use_srtp_ext( ssl, ext + 4, ext_size ) ) != 0 )
-                return( ret );
-
-            break;
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-
-        default:
-            MBEDTLS_SSL_DEBUG_MSG( 3,
-                ( "unknown extension found: %d (ignoring)", ext_id ) );
-        }
-
-        ext_len -= 4 + ext_size;
-        ext += 4 + ext_size;
-
-        if( ext_len > 0 && ext_len < 4 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
-            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-        }
-    }
-
-    /*
-     * Renegotiation security checks
-     */
-    if( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
-        ssl->conf->allow_legacy_renegotiation ==
-        MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "legacy renegotiation, breaking off handshake" ) );
-        handshake_failure = 1;
-    }
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
-             ssl->secure_renegotiation == MBEDTLS_SSL_SECURE_RENEGOTIATION &&
-             renegotiation_info_seen == 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "renegotiation_info extension missing (secure)" ) );
-        handshake_failure = 1;
-    }
-    else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
-             ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
-             ssl->conf->allow_legacy_renegotiation ==
-             MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) );
-        handshake_failure = 1;
-    }
-    else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
-             ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
-             renegotiation_info_seen == 1 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "renegotiation_info extension present (legacy)" ) );
-        handshake_failure = 1;
-    }
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-
-    if( handshake_failure == 1 )
-    {
-        mbedtls_ssl_send_alert_message(
-            ssl,
-            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-            MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello" ) );
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) ||                       \
-    defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
-static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl,
-                                       unsigned char **p,
-                                       unsigned char *end )
-{
-    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
-
-    /*
-     * Ephemeral DH parameters:
-     *
-     * struct {
-     *     opaque dh_p<1..2^16-1>;
-     *     opaque dh_g<1..2^16-1>;
-     *     opaque dh_Ys<1..2^16-1>;
-     * } ServerDHParams;
-     */
-    if( ( ret = mbedtls_dhm_read_params( &ssl->handshake->dhm_ctx,
-                                         p, end ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 2, ( "mbedtls_dhm_read_params" ), ret );
-        return( ret );
-    }
-
-    if( ssl->handshake->dhm_ctx.len * 8 < ssl->conf->dhm_min_bitlen )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "DHM prime too short: %d < %d",
-                                    ssl->handshake->dhm_ctx.len * 8,
-                                    ssl->conf->dhm_min_bitlen ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-    }
-
-    MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P  );
-    MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G  );
-    MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY );
-
-    return( ret );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||                     \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ||                   \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) ||                     \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) ||                      \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
-static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl )
-{
-    const mbedtls_ecp_curve_info *curve_info;
-    mbedtls_ecp_group_id grp_id;
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    grp_id = ssl->handshake->ecdh_ctx.grp.id;
-#else
-    grp_id = ssl->handshake->ecdh_ctx.grp_id;
-#endif
-
-    curve_info = mbedtls_ecp_curve_info_from_grp_id( grp_id );
-    if( curve_info == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) );
-
-#if defined(MBEDTLS_ECP_C)
-    if( mbedtls_ssl_check_curve( ssl, grp_id ) != 0 )
-#else
-    if( ssl->handshake->ecdh_ctx.grp.nbits < 163 ||
-        ssl->handshake->ecdh_ctx.grp.nbits > 521 )
-#endif
-        return( -1 );
-
-    MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
-                            MBEDTLS_DEBUG_ECDH_QP );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO) &&                           \
-        ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||     \
-          defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) )
-static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl,
-                                             unsigned char **p,
-                                             unsigned char *end )
-{
-    uint16_t tls_id;
-    size_t ecdh_bits = 0;
-    uint8_t ecpoint_len;
-    mbedtls_ssl_handshake_params *handshake = ssl->handshake;
-
-    /*
-     * Parse ECC group
-     */
-
-    if( end - *p < 4 )
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-
-    /* First byte is curve_type; only named_curve is handled */
-    if( *(*p)++ != MBEDTLS_ECP_TLS_NAMED_CURVE )
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-
-    /* Next two bytes are the namedcurve value */
-    tls_id = *(*p)++;
-    tls_id <<= 8;
-    tls_id |= *(*p)++;
-
-    /* Convert EC group to PSA key type. */
-    if( ( handshake->ecdh_psa_type =
-          mbedtls_psa_parse_tls_ecc_group( tls_id, &ecdh_bits ) ) == 0 )
-    {
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-    }
-    if( ecdh_bits > 0xffff )
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-    handshake->ecdh_bits = (uint16_t) ecdh_bits;
-
-    /*
-     * Put peer's ECDH public key in the format understood by PSA.
-     */
-
-    ecpoint_len = *(*p)++;
-    if( (size_t)( end - *p ) < ecpoint_len )
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-
-    if( mbedtls_psa_tls_ecpoint_to_psa_ec(
-                                    *p, ecpoint_len,
-                                    handshake->ecdh_psa_peerkey,
-                                    sizeof( handshake->ecdh_psa_peerkey ),
-                                    &handshake->ecdh_psa_peerkey_len ) != 0 )
-    {
-        return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-    }
-
-    *p += ecpoint_len;
-    return( 0 );
-}
-#endif /* MBEDTLS_USE_PSA_CRYPTO &&
-            ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
-              MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||                     \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ||                   \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
-static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl,
-                                         unsigned char **p,
-                                         unsigned char *end )
-{
-    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
-
-    /*
-     * Ephemeral ECDH parameters:
-     *
-     * struct {
-     *     ECParameters curve_params;
-     *     ECPoint      public;
-     * } ServerECDHParams;
-     */
-    if( ( ret = mbedtls_ecdh_read_params( &ssl->handshake->ecdh_ctx,
-                                  (const unsigned char **) p, end ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_read_params" ), ret );
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-        if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
-            ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS;
-#endif
-        return( ret );
-    }
-
-    if( ssl_check_server_ecdh_params( ssl ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "bad server key exchange message (ECDHE curve)" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-    }
-
-    return( ret );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl,
-                                      unsigned char **p,
-                                      unsigned char *end )
-{
-    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
-    uint16_t  len;
-    ((void) ssl);
-
-    /*
-     * PSK parameters:
-     *
-     * opaque psk_identity_hint<0..2^16-1>;
-     */
-    if( end - (*p) < 2 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "bad server key exchange message (psk_identity_hint length)" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-    }
-    len = (*p)[0] << 8 | (*p)[1];
-    *p += 2;
-
-    if( end - (*p) < len )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "bad server key exchange message (psk_identity_hint length)" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-    }
-
-    /*
-     * Note: we currently ignore the PKS identity hint, as we only allow one
-     * PSK to be provisionned on the client. This could be changed later if
-     * someone needs that feature.
-     */
-    *p += len;
-    ret = 0;
-
-    return( ret );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) ||                           \
-    defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
-/*
- * Generate a pre-master secret and encrypt it with the server's RSA key
- */
-static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl,
-                                    size_t offset, size_t *olen,
-                                    size_t pms_offset )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len_bytes = ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ? 0 : 2;
-    unsigned char *p = ssl->handshake->premaster + pms_offset;
-    mbedtls_pk_context * peer_pk;
-
-    if( offset + len_bytes > MBEDTLS_SSL_OUT_CONTENT_LEN )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small for encrypted pms" ) );
-        return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-    }
-
-    /*
-     * Generate (part of) the pre-master as
-     *  struct {
-     *      ProtocolVersion client_version;
-     *      opaque random[46];
-     *  } PreMasterSecret;
-     */
-    mbedtls_ssl_write_version( ssl->conf->max_major_ver,
-                               ssl->conf->max_minor_ver,
-                               ssl->conf->transport, p );
-
-    if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p + 2, 46 ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "f_rng", ret );
-        return( ret );
-    }
-
-    ssl->handshake->pmslen = 48;
-
-#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    peer_pk = &ssl->handshake->peer_pubkey;
-#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-    if( ssl->session_negotiate->peer_cert == NULL )
-    {
-        /* Should never happen */
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-    peer_pk = &ssl->session_negotiate->peer_cert->pk;
-#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-
-    /*
-     * Now write it out, encrypted
-     */
-    if( ! mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_RSA ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "certificate key type mismatch" ) );
-        return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH );
-    }
-
-    if( ( ret = mbedtls_pk_encrypt( peer_pk,
-                            p, ssl->handshake->pmslen,
-                            ssl->out_msg + offset + len_bytes, olen,
-                            MBEDTLS_SSL_OUT_CONTENT_LEN - offset - len_bytes,
-                            ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_rsa_pkcs1_encrypt", ret );
-        return( ret );
-    }
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_2)
-    if( len_bytes == 2 )
-    {
-        ssl->out_msg[offset+0] = (unsigned char)( *olen >> 8 );
-        ssl->out_msg[offset+1] = (unsigned char)( *olen      );
-        *olen += 2;
-    }
-#endif
-
-#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    /* We don't need the peer's public key anymore. Free it. */
-    mbedtls_pk_free( peer_pk );
-#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-    return( 0 );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) ||                       \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||                     \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
-static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl,
-                                          unsigned char **p,
-                                          unsigned char *end,
-                                          mbedtls_md_type_t *md_alg,
-                                          mbedtls_pk_type_t *pk_alg )
-{
-    ((void) ssl);
-    *md_alg = MBEDTLS_MD_NONE;
-    *pk_alg = MBEDTLS_PK_NONE;
-
-    /* Only in TLS 1.2 */
-    if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 )
-    {
-        return( 0 );
-    }
-
-    if( (*p) + 2 > end )
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-
-    /*
-     * Get hash algorithm
-     */
-    if( ( *md_alg = mbedtls_ssl_md_alg_from_hash( (*p)[0] ) )
-        == MBEDTLS_MD_NONE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "Server used unsupported HashAlgorithm %d", *(p)[0] ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-    }
-
-    /*
-     * Get signature algorithm
-     */
-    if( ( *pk_alg = mbedtls_ssl_pk_alg_from_sig( (*p)[1] ) )
-        == MBEDTLS_PK_NONE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "server used unsupported SignatureAlgorithm %d", (*p)[1] ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-    }
-
-    /*
-     * Check if the hash is acceptable
-     */
-    if( mbedtls_ssl_check_sig_hash( ssl, *md_alg ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "server used HashAlgorithm %d that was not offered", *(p)[0] ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used SignatureAlgorithm %d",
-                                (*p)[1] ) );
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used HashAlgorithm %d",
-                                (*p)[0] ) );
-    *p += 2;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
-static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const mbedtls_ecp_keypair *peer_key;
-    mbedtls_pk_context * peer_pk;
-
-#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    peer_pk = &ssl->handshake->peer_pubkey;
-#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-    if( ssl->session_negotiate->peer_cert == NULL )
-    {
-        /* Should never happen */
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-    peer_pk = &ssl->session_negotiate->peer_cert->pk;
-#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-
-    if( ! mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_ECKEY ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key not ECDH capable" ) );
-        return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH );
-    }
-
-    peer_key = mbedtls_pk_ec( *peer_pk );
-
-    if( ( ret = mbedtls_ecdh_get_params( &ssl->handshake->ecdh_ctx, peer_key,
-                                 MBEDTLS_ECDH_THEIRS ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_get_params" ), ret );
-        return( ret );
-    }
-
-    if( ssl_check_server_ecdh_params( ssl ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server certificate (ECDH curve)" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
-    }
-
-#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    /* We don't need the peer's public key anymore. Free it,
-     * so that more RAM is available for upcoming expensive
-     * operations like ECDHE. */
-    mbedtls_pk_free( peer_pk );
-#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-
-    return( ret );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) ||
-          MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
-
-static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
-        ssl->handshake->ciphersuite_info;
-    unsigned char *p = NULL, *end = NULL;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) );
-
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) );
-        ssl->state++;
-        return( 0 );
-    }
-    ((void) p);
-    ((void) end);
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA ||
-        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA )
-    {
-        if( ( ret = ssl_get_ecdh_params_from_cert( ssl ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "ssl_get_ecdh_params_from_cert", ret );
-            mbedtls_ssl_send_alert_message(
-                ssl,
-                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-            return( ret );
-        }
-
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) );
-        ssl->state++;
-        return( 0 );
-    }
-    ((void) p);
-    ((void) end);
-#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
-
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-    if( ssl->handshake->ecrs_enabled &&
-        ssl->handshake->ecrs_state == ssl_ecrs_ske_start_processing )
-    {
-        goto start_processing;
-    }
-#endif
-
-    if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
-        return( ret );
-    }
-
-    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
-        mbedtls_ssl_send_alert_message(
-            ssl,
-            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-            MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
-        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
-    }
-
-    /*
-     * ServerKeyExchange may be skipped with PSK and RSA-PSK when the server
-     * doesn't use a psk_identity_hint
-     */
-    if( ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE )
-    {
-        if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
-            ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK )
-        {
-            /* Current message is probably either
-             * CertificateRequest or ServerHelloDone */
-            ssl->keep_current_message = 1;
-            goto exit;
-        }
-
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "server key exchange message must not be skipped" ) );
-        mbedtls_ssl_send_alert_message(
-            ssl,
-            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-            MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
-
-        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
-    }
-
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-    if( ssl->handshake->ecrs_enabled )
-        ssl->handshake->ecrs_state = ssl_ecrs_ske_start_processing;
-
-start_processing:
-#endif
-    p   = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl );
-    end = ssl->in_msg + ssl->in_hslen;
-    MBEDTLS_SSL_DEBUG_BUF( 3,   "server key exchange", p, end - p );
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
-        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
-        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
-        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
-    {
-        if( ssl_parse_server_psk_hint( ssl, &p, end ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
-            mbedtls_ssl_send_alert_message(
-                ssl,
-                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-        }
-    } /* FALLTROUGH */
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) ||                       \
-    defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
-        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK )
-        ; /* nothing more to do */
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) ||                       \
-    defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA ||
-        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK )
-    {
-        if( ssl_parse_server_dh_params( ssl, &p, end ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
-            mbedtls_ssl_send_alert_message(
-                ssl,
-                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-        }
-    }
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
-#if defined(MBEDTLS_USE_PSA_CRYPTO) &&                           \
-        ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||     \
-          defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) )
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
-        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA )
-    {
-        if( ssl_parse_server_ecdh_params_psa( ssl, &p, end ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
-            mbedtls_ssl_send_alert_message(
-                ssl,
-                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-        }
-    }
-    else
-#endif /* MBEDTLS_USE_PSA_CRYPTO &&
-            ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
-              MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */
-#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||                     \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) ||                     \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
-        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
-        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA )
-    {
-        if( ssl_parse_server_ecdh_params( ssl, &p, end ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
-            mbedtls_ssl_send_alert_message(
-                ssl,
-                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-        }
-    }
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
-    {
-        ret = mbedtls_ecjpake_read_round_two( &ssl->handshake->ecjpake_ctx,
-                                              p, end - p );
-        if( ret != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_two", ret );
-            mbedtls_ssl_send_alert_message(
-                ssl,
-                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-        }
-    }
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
-    if( mbedtls_ssl_ciphersuite_uses_server_signature( ciphersuite_info ) )
-    {
-        size_t sig_len, hashlen;
-        unsigned char hash[64];
-        mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
-        mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE;
-        unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl );
-        size_t params_len = p - params;
-        void *rs_ctx = NULL;
-
-        mbedtls_pk_context * peer_pk;
-
-        /*
-         * Handle the digitally-signed structure
-         */
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-        if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
-        {
-            if( ssl_parse_signature_algorithm( ssl, &p, end,
-                                               &md_alg, &pk_alg ) != 0 )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1,
-                    ( "bad server key exchange message" ) );
-                mbedtls_ssl_send_alert_message(
-                    ssl,
-                    MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                    MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-                return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-            }
-
-            if( pk_alg !=
-                mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ) )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1,
-                    ( "bad server key exchange message" ) );
-                mbedtls_ssl_send_alert_message(
-                    ssl,
-                    MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                    MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-                return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-            }
-        }
-        else
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_1)
-        if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 )
-        {
-            pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info );
-
-            /* Default hash for ECDSA is SHA-1 */
-            if( pk_alg == MBEDTLS_PK_ECDSA && md_alg == MBEDTLS_MD_NONE )
-                md_alg = MBEDTLS_MD_SHA1;
-        }
-        else
-#endif
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-
-        /*
-         * Read signature
-         */
-
-        if( p > end - 2 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
-            mbedtls_ssl_send_alert_message(
-                ssl,
-                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-        }
-        sig_len = ( p[0] << 8 ) | p[1];
-        p += 2;
-
-        if( p != end - sig_len )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
-            mbedtls_ssl_send_alert_message(
-                ssl,
-                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-        }
-
-        MBEDTLS_SSL_DEBUG_BUF( 3, "signature", p, sig_len );
-
-        /*
-         * Compute the hash that has been signed
-         */
-#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_1)
-        if( md_alg == MBEDTLS_MD_NONE )
-        {
-            hashlen = 36;
-            ret = mbedtls_ssl_get_key_exchange_md_ssl_tls( ssl, hash, params,
-                                                           params_len );
-            if( ret != 0 )
-                return( ret );
-        }
-        else
-#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
-          MBEDTLS_SSL_PROTO_TLS1_1 */
-#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_2)
-        if( md_alg != MBEDTLS_MD_NONE )
-        {
-            ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, &hashlen,
-                                                          params, params_len,
-                                                          md_alg );
-            if( ret != 0 )
-                return( ret );
-        }
-        else
-#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
-          MBEDTLS_SSL_PROTO_TLS1_2 */
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-
-        MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen );
-
-#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-        peer_pk = &ssl->handshake->peer_pubkey;
-#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-        if( ssl->session_negotiate->peer_cert == NULL )
-        {
-            /* Should never happen */
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-        peer_pk = &ssl->session_negotiate->peer_cert->pk;
-#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-
-        /*
-         * Verify signature
-         */
-        if( !mbedtls_pk_can_do( peer_pk, pk_alg ) )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
-            mbedtls_ssl_send_alert_message(
-                ssl,
-                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-            return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH );
-        }
-
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-        if( ssl->handshake->ecrs_enabled )
-            rs_ctx = &ssl->handshake->ecrs_ctx.pk;
-#endif
-
-        if( ( ret = mbedtls_pk_verify_restartable( peer_pk,
-                        md_alg, hash, hashlen, p, sig_len, rs_ctx ) ) != 0 )
-        {
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-            if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
-#endif
-                mbedtls_ssl_send_alert_message(
-                    ssl,
-                    MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                    MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR );
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_verify", ret );
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-            if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
-                ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS;
-#endif
-            return( ret );
-        }
-
-#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-        /* We don't need the peer's public key anymore. Free it,
-         * so that more RAM is available for upcoming expensive
-         * operations like ECDHE. */
-        mbedtls_pk_free( peer_pk );
-#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */
-
-exit:
-    ssl->state++;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server key exchange" ) );
-
-    return( 0 );
-}
-
-#if ! defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED)
-static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
-{
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
-        ssl->handshake->ciphersuite_info;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) );
-
-    if( ! mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) );
-        ssl->state++;
-        return( 0 );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-    return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-}
-#else /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
-static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *buf;
-    size_t n = 0;
-    size_t cert_type_len = 0, dn_len = 0;
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
-        ssl->handshake->ciphersuite_info;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) );
-
-    if( ! mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) );
-        ssl->state++;
-        return( 0 );
-    }
-
-    if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
-        return( ret );
-    }
-
-    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) );
-        mbedtls_ssl_send_alert_message(
-            ssl,
-            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-            MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
-        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
-    }
-
-    ssl->state++;
-    ssl->client_auth = ( ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "got %s certificate request",
-                        ssl->client_auth ? "a" : "no" ) );
-
-    if( ssl->client_auth == 0 )
-    {
-        /* Current message is probably the ServerHelloDone */
-        ssl->keep_current_message = 1;
-        goto exit;
-    }
-
-    /*
-     *  struct {
-     *      ClientCertificateType certificate_types<1..2^8-1>;
-     *      SignatureAndHashAlgorithm
-     *        supported_signature_algorithms<2^16-1>; -- TLS 1.2 only
-     *      DistinguishedName certificate_authorities<0..2^16-1>;
-     *  } CertificateRequest;
-     *
-     *  Since we only support a single certificate on clients, let's just
-     *  ignore all the information that's supposed to help us pick a
-     *  certificate.
-     *
-     *  We could check that our certificate matches the request, and bail out
-     *  if it doesn't, but it's simpler to just send the certificate anyway,
-     *  and give the server the opportunity to decide if it should terminate
-     *  the connection when it doesn't like our certificate.
-     *
-     *  Same goes for the hash in TLS 1.2's signature_algorithms: at this
-     *  point we only have one hash available (see comments in
-     *  write_certificate_verify), so let's just use what we have.
-     *
-     *  However, we still minimally parse the message to check it is at least
-     *  superficially sane.
-     */
-    buf = ssl->in_msg;
-
-    /* certificate_types */
-    if( ssl->in_hslen <= mbedtls_ssl_hs_hdr_len( ssl ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST );
-    }
-    cert_type_len = buf[mbedtls_ssl_hs_hdr_len( ssl )];
-    n = cert_type_len;
-
-    /*
-     * In the subsequent code there are two paths that read from buf:
-     *     * the length of the signature algorithms field (if minor version of
-     *       SSL is 3),
-     *     * distinguished name length otherwise.
-     * Both reach at most the index:
-     *    ...hdr_len + 2 + n,
-     * therefore the buffer length at this point must be greater than that
-     * regardless of the actual code path.
-     */
-    if( ssl->in_hslen <= mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST );
-    }
-
-    /* supported_signature_algorithms */
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
-    {
-        size_t sig_alg_len =
-            ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] <<  8 )
-              | ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n]   ) );
-#if defined(MBEDTLS_DEBUG_C)
-        unsigned char* sig_alg;
-        size_t i;
-#endif
-
-        /*
-         * The furthest access in buf is in the loop few lines below:
-         *     sig_alg[i + 1],
-         * where:
-         *     sig_alg = buf + ...hdr_len + 3 + n,
-         *     max(i) = sig_alg_len - 1.
-         * Therefore the furthest access is:
-         *     buf[...hdr_len + 3 + n + sig_alg_len - 1 + 1],
-         * which reduces to:
-         *     buf[...hdr_len + 3 + n + sig_alg_len],
-         * which is one less than we need the buf to be.
-         */
-        if( ssl->in_hslen <= mbedtls_ssl_hs_hdr_len( ssl )
-                                + 3 + n + sig_alg_len )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) );
-            mbedtls_ssl_send_alert_message(
-                ssl,
-                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST );
-        }
-
-#if defined(MBEDTLS_DEBUG_C)
-        sig_alg = buf + mbedtls_ssl_hs_hdr_len( ssl ) + 3 + n;
-        for( i = 0; i < sig_alg_len; i += 2 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3,
-                ( "Supported Signature Algorithm found: %d,%d",
-                  sig_alg[i], sig_alg[i + 1]  ) );
-        }
-#endif
-
-        n += 2 + sig_alg_len;
-    }
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-
-    /* certificate_authorities */
-    dn_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] <<  8 )
-             | ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n]       ) );
-
-    n += dn_len;
-    if( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + 3 + n )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST );
-    }
-
-exit:
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate request" ) );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
-
-static int ssl_parse_server_hello_done( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello done" ) );
-
-    if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
-        return( ret );
-    }
-
-    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello done message" ) );
-        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
-    }
-
-    if( ssl->in_hslen  != mbedtls_ssl_hs_hdr_len( ssl ) ||
-        ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_HELLO_DONE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello done message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE );
-    }
-
-    ssl->state++;
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        mbedtls_ssl_recv_flight_completed( ssl );
-#endif
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello done" ) );
-
-    return( 0 );
-}
-
-static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    size_t header_len;
-    size_t content_len;
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
-        ssl->handshake->ciphersuite_info;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client key exchange" ) );
-
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA )
-    {
-        /*
-         * DHM key exchange -- send G^X mod P
-         */
-        content_len = ssl->handshake->dhm_ctx.len;
-
-        ssl->out_msg[4] = (unsigned char)( content_len >> 8 );
-        ssl->out_msg[5] = (unsigned char)( content_len      );
-        header_len = 6;
-
-        ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx,
-                          (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ),
-                          &ssl->out_msg[header_len], content_len,
-                          ssl->conf->f_rng, ssl->conf->p_rng );
-        if( ret != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret );
-            return( ret );
-        }
-
-        MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X  );
-        MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX );
-
-        if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx,
-                                  ssl->handshake->premaster,
-                                  MBEDTLS_PREMASTER_SIZE,
-                                  &ssl->handshake->pmslen,
-                                  ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret );
-            return( ret );
-        }
-
-        MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K  );
-    }
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
-#if defined(MBEDTLS_USE_PSA_CRYPTO) &&                           \
-        ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||     \
-          defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) )
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
-        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA )
-    {
-        psa_status_t status;
-        psa_key_attributes_t key_attributes;
-
-        mbedtls_ssl_handshake_params *handshake = ssl->handshake;
-
-        unsigned char own_pubkey[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH];
-        size_t own_pubkey_len;
-        unsigned char *own_pubkey_ecpoint;
-        size_t own_pubkey_ecpoint_len;
-
-        header_len = 4;
-
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Perform PSA-based ECDH computation." ) );
-
-        /*
-         * Generate EC private key for ECDHE exchange.
-         */
-
-        /* The master secret is obtained from the shared ECDH secret by
-         * applying the TLS 1.2 PRF with a specific salt and label. While
-         * the PSA Crypto API encourages combining key agreement schemes
-         * such as ECDH with fixed KDFs such as TLS 1.2 PRF, it does not
-         * yet support the provisioning of salt + label to the KDF.
-         * For the time being, we therefore need to split the computation
-         * of the ECDH secret and the application of the TLS 1.2 PRF. */
-        key_attributes = psa_key_attributes_init();
-        psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE );
-        psa_set_key_algorithm( &key_attributes, PSA_ALG_ECDH );
-        psa_set_key_type( &key_attributes, handshake->ecdh_psa_type );
-        psa_set_key_bits( &key_attributes, handshake->ecdh_bits );
-
-        /* Generate ECDH private key. */
-        status = psa_generate_key( &key_attributes,
-                                   &handshake->ecdh_psa_privkey );
-        if( status != PSA_SUCCESS )
-            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-
-        /* Export the public part of the ECDH private key from PSA
-         * and convert it to ECPoint format used in ClientKeyExchange. */
-        status = psa_export_public_key( handshake->ecdh_psa_privkey,
-                                        own_pubkey, sizeof( own_pubkey ),
-                                        &own_pubkey_len );
-        if( status != PSA_SUCCESS )
-            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-
-        if( mbedtls_psa_tls_psa_ec_to_ecpoint( own_pubkey,
-                                               own_pubkey_len,
-                                               &own_pubkey_ecpoint,
-                                               &own_pubkey_ecpoint_len ) != 0 )
-        {
-            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-        }
-
-        /* Copy ECPoint structure to outgoing message buffer. */
-        ssl->out_msg[header_len] = (unsigned char) own_pubkey_ecpoint_len;
-        memcpy( ssl->out_msg + header_len + 1,
-                own_pubkey_ecpoint, own_pubkey_ecpoint_len );
-        content_len = own_pubkey_ecpoint_len + 1;
-
-        /* The ECDH secret is the premaster secret used for key derivation. */
-
-        /* Compute ECDH shared secret. */
-        status = psa_raw_key_agreement( PSA_ALG_ECDH,
-                                        handshake->ecdh_psa_privkey,
-                                        handshake->ecdh_psa_peerkey,
-                                        handshake->ecdh_psa_peerkey_len,
-                                        ssl->handshake->premaster,
-                                        sizeof( ssl->handshake->premaster ),
-                                        &ssl->handshake->pmslen );
-        if( status != PSA_SUCCESS )
-            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-
-        status = psa_destroy_key( handshake->ecdh_psa_privkey );
-        if( status != PSA_SUCCESS )
-            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-        handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
-    }
-    else
-#endif /* MBEDTLS_USE_PSA_CRYPTO &&
-            ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
-              MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */
-#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||                     \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ||                   \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) ||                      \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
-        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
-        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA ||
-        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA )
-    {
-        /*
-         * ECDH key exchange -- send client public value
-         */
-        header_len = 4;
-
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-        if( ssl->handshake->ecrs_enabled )
-        {
-            if( ssl->handshake->ecrs_state == ssl_ecrs_cke_ecdh_calc_secret )
-                goto ecdh_calc_secret;
-
-            mbedtls_ecdh_enable_restart( &ssl->handshake->ecdh_ctx );
-        }
-#endif
-
-        ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx,
-                                &content_len,
-                                &ssl->out_msg[header_len], 1000,
-                                ssl->conf->f_rng, ssl->conf->p_rng );
-        if( ret != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_public", ret );
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-            if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
-                ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS;
-#endif
-            return( ret );
-        }
-
-        MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
-                                MBEDTLS_DEBUG_ECDH_Q );
-
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-        if( ssl->handshake->ecrs_enabled )
-        {
-            ssl->handshake->ecrs_n = content_len;
-            ssl->handshake->ecrs_state = ssl_ecrs_cke_ecdh_calc_secret;
-        }
-
-ecdh_calc_secret:
-        if( ssl->handshake->ecrs_enabled )
-            content_len = ssl->handshake->ecrs_n;
-#endif
-        if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx,
-                                  &ssl->handshake->pmslen,
-                                  ssl->handshake->premaster,
-                                  MBEDTLS_MPI_MAX_SIZE,
-                                  ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret );
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-            if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
-                ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS;
-#endif
-            return( ret );
-        }
-
-        MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
-                                MBEDTLS_DEBUG_ECDH_Z );
-    }
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-    if( mbedtls_ssl_ciphersuite_uses_psk( ciphersuite_info ) )
-    {
-        /*
-         * opaque psk_identity<0..2^16-1>;
-         */
-        if( ssl_conf_has_static_psk( ssl->conf ) == 0 )
-        {
-            /* We don't offer PSK suites if we don't have a PSK,
-             * and we check that the server's choice is among the
-             * ciphersuites we offered, so this should never happen. */
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-
-        header_len = 4;
-        content_len = ssl->conf->psk_identity_len;
-
-        if( header_len + 2 + content_len > MBEDTLS_SSL_OUT_CONTENT_LEN )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1,
-                ( "psk identity too long or SSL buffer too short" ) );
-            return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-        }
-
-        ssl->out_msg[header_len++] = (unsigned char)( content_len >> 8 );
-        ssl->out_msg[header_len++] = (unsigned char)( content_len      );
-
-        memcpy( ssl->out_msg + header_len,
-                ssl->conf->psk_identity,
-                ssl->conf->psk_identity_len );
-        header_len += ssl->conf->psk_identity_len;
-
-#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
-        if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK )
-        {
-            content_len = 0;
-        }
-        else
-#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
-        if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK )
-        {
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-            /* Opaque PSKs are currently only supported for PSK-only suites. */
-            if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 )
-                return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-            if( ( ret = ssl_write_encrypted_pms( ssl, header_len,
-                                                 &content_len, 2 ) ) != 0 )
-                return( ret );
-        }
-        else
-#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
-        if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK )
-        {
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-            /* Opaque PSKs are currently only supported for PSK-only suites. */
-            if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 )
-                return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-            /*
-             * ClientDiffieHellmanPublic public (DHM send G^X mod P)
-             */
-            content_len = ssl->handshake->dhm_ctx.len;
-
-            if( header_len + 2 + content_len >
-                MBEDTLS_SSL_OUT_CONTENT_LEN )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1,
-                    ( "psk identity or DHM size too long or SSL buffer too short" ) );
-                return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-            }
-
-            ssl->out_msg[header_len++] = (unsigned char)( content_len >> 8 );
-            ssl->out_msg[header_len++] = (unsigned char)( content_len      );
-
-            ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx,
-                    (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ),
-                    &ssl->out_msg[header_len], content_len,
-                    ssl->conf->f_rng, ssl->conf->p_rng );
-            if( ret != 0 )
-            {
-                MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret );
-                return( ret );
-            }
-        }
-        else
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
-        if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
-        {
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-            /* Opaque PSKs are currently only supported for PSK-only suites. */
-            if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 )
-                return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-            /*
-             * ClientECDiffieHellmanPublic public;
-             */
-            ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx,
-                    &content_len,
-                    &ssl->out_msg[header_len],
-                    MBEDTLS_SSL_OUT_CONTENT_LEN - header_len,
-                    ssl->conf->f_rng, ssl->conf->p_rng );
-            if( ret != 0 )
-            {
-                MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_public", ret );
-                return( ret );
-            }
-
-            MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
-                                    MBEDTLS_DEBUG_ECDH_Q );
-        }
-        else
-#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO) &&          \
-    defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
-        if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK &&
-            ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 &&
-            ssl_conf_has_static_raw_psk( ssl->conf ) == 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1,
-                ( "skip PMS generation for opaque PSK" ) );
-        }
-        else
-#endif /* MBEDTLS_USE_PSA_CRYPTO &&
-          MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
-        if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
-                        ciphersuite_info->key_exchange ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1,
-                "mbedtls_ssl_psk_derive_premaster", ret );
-            return( ret );
-        }
-    }
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA )
-    {
-        header_len = 4;
-        if( ( ret = ssl_write_encrypted_pms( ssl, header_len,
-                                             &content_len, 0 ) ) != 0 )
-            return( ret );
-    }
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
-    {
-        header_len = 4;
-
-        ret = mbedtls_ecjpake_write_round_two( &ssl->handshake->ecjpake_ctx,
-                ssl->out_msg + header_len,
-                MBEDTLS_SSL_OUT_CONTENT_LEN - header_len,
-                &content_len,
-                ssl->conf->f_rng, ssl->conf->p_rng );
-        if( ret != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_write_round_two", ret );
-            return( ret );
-        }
-
-        ret = mbedtls_ecjpake_derive_secret( &ssl->handshake->ecjpake_ctx,
-                ssl->handshake->premaster, 32, &ssl->handshake->pmslen,
-                ssl->conf->f_rng, ssl->conf->p_rng );
-        if( ret != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_derive_secret", ret );
-            return( ret );
-        }
-    }
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
-    {
-        ((void) ciphersuite_info);
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    ssl->out_msglen  = header_len + content_len;
-    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
-    ssl->out_msg[0]  = MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE;
-
-    ssl->state++;
-
-    if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
-        return( ret );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client key exchange" ) );
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED)
-static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
-{
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
-        ssl->handshake->ciphersuite_info;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) );
-
-    if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret );
-        return( ret );
-    }
-
-    if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
-        ssl->state++;
-        return( 0 );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-    return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-}
-#else /* !MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
-static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
-        ssl->handshake->ciphersuite_info;
-    size_t n = 0, offset = 0;
-    unsigned char hash[48];
-    unsigned char *hash_start = hash;
-    mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
-    size_t hashlen;
-    void *rs_ctx = NULL;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) );
-
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-    if( ssl->handshake->ecrs_enabled &&
-        ssl->handshake->ecrs_state == ssl_ecrs_crt_vrfy_sign )
-    {
-        goto sign;
-    }
-#endif
-
-    if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret );
-        return( ret );
-    }
-
-    if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
-        ssl->state++;
-        return( 0 );
-    }
-
-    if( ssl->client_auth == 0 || mbedtls_ssl_own_cert( ssl ) == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
-        ssl->state++;
-        return( 0 );
-    }
-
-    if( mbedtls_ssl_own_key( ssl ) == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no private key for certificate" ) );
-        return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED );
-    }
-
-    /*
-     * Make a signature of the handshake digests
-     */
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-    if( ssl->handshake->ecrs_enabled )
-        ssl->handshake->ecrs_state = ssl_ecrs_crt_vrfy_sign;
-
-sign:
-#endif
-
-    ssl->handshake->calc_verify( ssl, hash, &hashlen );
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_1)
-    if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 )
-    {
-        /*
-         * digitally-signed struct {
-         *     opaque md5_hash[16];
-         *     opaque sha_hash[20];
-         * };
-         *
-         * md5_hash
-         *     MD5(handshake_messages);
-         *
-         * sha_hash
-         *     SHA(handshake_messages);
-         */
-        md_alg = MBEDTLS_MD_NONE;
-
-        /*
-         * For ECDSA, default hash is SHA-1 only
-         */
-        if( mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_ECDSA ) )
-        {
-            hash_start += 16;
-            hashlen -= 16;
-            md_alg = MBEDTLS_MD_SHA1;
-        }
-    }
-    else
-#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
-          MBEDTLS_SSL_PROTO_TLS1_1 */
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
-    {
-        /*
-         * digitally-signed struct {
-         *     opaque handshake_messages[handshake_messages_length];
-         * };
-         *
-         * Taking shortcut here. We assume that the server always allows the
-         * PRF Hash function and has sent it in the allowed signature
-         * algorithms list received in the Certificate Request message.
-         *
-         * Until we encounter a server that does not, we will take this
-         * shortcut.
-         *
-         * Reason: Otherwise we should have running hashes for SHA512 and
-         *         SHA224 in order to satisfy 'weird' needs from the server
-         *         side.
-         */
-        if( ssl->handshake->ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
-        {
-            md_alg = MBEDTLS_MD_SHA384;
-            ssl->out_msg[4] = MBEDTLS_SSL_HASH_SHA384;
-        }
-        else
-        {
-            md_alg = MBEDTLS_MD_SHA256;
-            ssl->out_msg[4] = MBEDTLS_SSL_HASH_SHA256;
-        }
-        ssl->out_msg[5] = mbedtls_ssl_sig_from_pk( mbedtls_ssl_own_key( ssl ) );
-
-        /* Info from md_alg will be used instead */
-        hashlen = 0;
-        offset = 2;
-    }
-    else
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-    if( ssl->handshake->ecrs_enabled )
-        rs_ctx = &ssl->handshake->ecrs_ctx.pk;
-#endif
-
-    if( ( ret = mbedtls_pk_sign_restartable( mbedtls_ssl_own_key( ssl ),
-                         md_alg, hash_start, hashlen,
-                         ssl->out_msg + 6 + offset, &n,
-                         ssl->conf->f_rng, ssl->conf->p_rng, rs_ctx ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret );
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-        if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
-            ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS;
-#endif
-        return( ret );
-    }
-
-    ssl->out_msg[4 + offset] = (unsigned char)( n >> 8 );
-    ssl->out_msg[5 + offset] = (unsigned char)( n      );
-
-    ssl->out_msglen  = 6 + n + offset;
-    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
-    ssl->out_msg[0]  = MBEDTLS_SSL_HS_CERTIFICATE_VERIFY;
-
-    ssl->state++;
-
-    if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
-        return( ret );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate verify" ) );
-
-    return( ret );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    uint32_t lifetime;
-    size_t ticket_len;
-    unsigned char *ticket;
-    const unsigned char *msg;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse new session ticket" ) );
-
-    if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
-        return( ret );
-    }
-
-    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) );
-        mbedtls_ssl_send_alert_message(
-            ssl,
-            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-            MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
-        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
-    }
-
-    /*
-     * struct {
-     *     uint32 ticket_lifetime_hint;
-     *     opaque ticket<0..2^16-1>;
-     * } NewSessionTicket;
-     *
-     * 0  .  3   ticket_lifetime_hint
-     * 4  .  5   ticket_len (n)
-     * 6  .  5+n ticket content
-     */
-    if( ssl->in_msg[0] != MBEDTLS_SSL_HS_NEW_SESSION_TICKET ||
-        ssl->in_hslen < 6 + mbedtls_ssl_hs_hdr_len( ssl ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET );
-    }
-
-    msg = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl );
-
-    lifetime = ( ((uint32_t) msg[0]) << 24 ) | ( msg[1] << 16 ) |
-               ( msg[2] << 8 ) | ( msg[3] );
-
-    ticket_len = ( msg[4] << 8 ) | ( msg[5] );
-
-    if( ticket_len + 6 + mbedtls_ssl_hs_hdr_len( ssl ) != ssl->in_hslen )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket length: %d", ticket_len ) );
-
-    /* We're not waiting for a NewSessionTicket message any more */
-    ssl->handshake->new_session_ticket = 0;
-    ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC;
-
-    /*
-     * Zero-length ticket means the server changed his mind and doesn't want
-     * to send a ticket after all, so just forget it
-     */
-    if( ticket_len == 0 )
-        return( 0 );
-
-    if( ssl->session != NULL && ssl->session->ticket != NULL )
-    {
-        mbedtls_platform_zeroize( ssl->session->ticket,
-                                  ssl->session->ticket_len );
-        mbedtls_free( ssl->session->ticket );
-        ssl->session->ticket = NULL;
-        ssl->session->ticket_len = 0;
-    }
-
-    mbedtls_platform_zeroize( ssl->session_negotiate->ticket,
-                              ssl->session_negotiate->ticket_len );
-    mbedtls_free( ssl->session_negotiate->ticket );
-    ssl->session_negotiate->ticket = NULL;
-    ssl->session_negotiate->ticket_len = 0;
-
-    if( ( ticket = mbedtls_calloc( 1, ticket_len ) ) == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "ticket alloc failed" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
-        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-    }
-
-    memcpy( ticket, msg + 6, ticket_len );
-
-    ssl->session_negotiate->ticket = ticket;
-    ssl->session_negotiate->ticket_len = ticket_len;
-    ssl->session_negotiate->ticket_lifetime = lifetime;
-
-    /*
-     * RFC 5077 section 3.4:
-     * "If the client receives a session ticket from the server, then it
-     * discards any Session ID that was sent in the ServerHello."
-     */
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket in use, discarding session id" ) );
-    ssl->session_negotiate->id_len = 0;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse new session ticket" ) );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
-
-/*
- * SSL handshake -- client side -- single step
- */
-int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl )
-{
-    int ret = 0;
-
-    if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) );
-
-    if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
-        return( ret );
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-        ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING )
-    {
-        if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
-            return( ret );
-    }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-    /* Change state now, so that it is right in mbedtls_ssl_read_record(), used
-     * by DTLS for dropping out-of-sequence ChangeCipherSpec records */
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    if( ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC &&
-        ssl->handshake->new_session_ticket != 0 )
-    {
-        ssl->state = MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET;
-    }
-#endif
-
-    switch( ssl->state )
-    {
-        case MBEDTLS_SSL_HELLO_REQUEST:
-            ssl->state = MBEDTLS_SSL_CLIENT_HELLO;
-            break;
-
-       /*
-        *  ==>   ClientHello
-        */
-       case MBEDTLS_SSL_CLIENT_HELLO:
-           ret = ssl_write_client_hello( ssl );
-           break;
-
-       /*
-        *  <==   ServerHello
-        *        Certificate
-        *      ( ServerKeyExchange  )
-        *      ( CertificateRequest )
-        *        ServerHelloDone
-        */
-       case MBEDTLS_SSL_SERVER_HELLO:
-           ret = ssl_parse_server_hello( ssl );
-           break;
-
-       case MBEDTLS_SSL_SERVER_CERTIFICATE:
-           ret = mbedtls_ssl_parse_certificate( ssl );
-           break;
-
-       case MBEDTLS_SSL_SERVER_KEY_EXCHANGE:
-           ret = ssl_parse_server_key_exchange( ssl );
-           break;
-
-       case MBEDTLS_SSL_CERTIFICATE_REQUEST:
-           ret = ssl_parse_certificate_request( ssl );
-           break;
-
-       case MBEDTLS_SSL_SERVER_HELLO_DONE:
-           ret = ssl_parse_server_hello_done( ssl );
-           break;
-
-       /*
-        *  ==> ( Certificate/Alert  )
-        *        ClientKeyExchange
-        *      ( CertificateVerify  )
-        *        ChangeCipherSpec
-        *        Finished
-        */
-       case MBEDTLS_SSL_CLIENT_CERTIFICATE:
-           ret = mbedtls_ssl_write_certificate( ssl );
-           break;
-
-       case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE:
-           ret = ssl_write_client_key_exchange( ssl );
-           break;
-
-       case MBEDTLS_SSL_CERTIFICATE_VERIFY:
-           ret = ssl_write_certificate_verify( ssl );
-           break;
-
-       case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC:
-           ret = mbedtls_ssl_write_change_cipher_spec( ssl );
-           break;
-
-       case MBEDTLS_SSL_CLIENT_FINISHED:
-           ret = mbedtls_ssl_write_finished( ssl );
-           break;
-
-       /*
-        *  <==   ( NewSessionTicket )
-        *        ChangeCipherSpec
-        *        Finished
-        */
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-       case MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET:
-           ret = ssl_parse_new_session_ticket( ssl );
-           break;
-#endif
-
-       case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC:
-           ret = mbedtls_ssl_parse_change_cipher_spec( ssl );
-           break;
-
-       case MBEDTLS_SSL_SERVER_FINISHED:
-           ret = mbedtls_ssl_parse_finished( ssl );
-           break;
-
-       case MBEDTLS_SSL_FLUSH_BUFFERS:
-           MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) );
-           ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP;
-           break;
-
-       case MBEDTLS_SSL_HANDSHAKE_WRAPUP:
-           mbedtls_ssl_handshake_wrapup( ssl );
-           break;
-
-       default:
-           MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) );
-           return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-   }
-
-    return( ret );
-}
-#endif /* MBEDTLS_SSL_CLI_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/ssl_cookie.c b/3rdparty/mbedtls-2.25.0/library/ssl_cookie.c
deleted file mode 100644
index c8bd1bd..0000000
--- a/3rdparty/mbedtls-2.25.0/library/ssl_cookie.c
+++ /dev/null
@@ -1,249 +0,0 @@
-/*
- *  DTLS cookie callbacks implementation
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- * These session callbacks use a simple chained list
- * to store and retrieve the session information.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_SSL_COOKIE_C)
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#define mbedtls_calloc    calloc
-#define mbedtls_free      free
-#endif
-
-#include "mbedtls/ssl_cookie.h"
-#include "mbedtls/ssl_internal.h"
-#include "mbedtls/error.h"
-#include "mbedtls/platform_util.h"
-
-#include <string.h>
-
-/*
- * If DTLS is in use, then at least one of SHA-1, SHA-256, SHA-512 is
- * available. Try SHA-256 first, 512 wastes resources since we need to stay
- * with max 32 bytes of cookie for DTLS 1.0
- */
-#if defined(MBEDTLS_SHA256_C)
-#define COOKIE_MD           MBEDTLS_MD_SHA224
-#define COOKIE_MD_OUTLEN    32
-#define COOKIE_HMAC_LEN     28
-#elif defined(MBEDTLS_SHA512_C)
-#define COOKIE_MD           MBEDTLS_MD_SHA384
-#define COOKIE_MD_OUTLEN    48
-#define COOKIE_HMAC_LEN     28
-#elif defined(MBEDTLS_SHA1_C)
-#define COOKIE_MD           MBEDTLS_MD_SHA1
-#define COOKIE_MD_OUTLEN    20
-#define COOKIE_HMAC_LEN     20
-#else
-#error "DTLS hello verify needs SHA-1 or SHA-2"
-#endif
-
-/*
- * Cookies are formed of a 4-bytes timestamp (or serial number) and
- * an HMAC of timestemp and client ID.
- */
-#define COOKIE_LEN      ( 4 + COOKIE_HMAC_LEN )
-
-void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx )
-{
-    mbedtls_md_init( &ctx->hmac_ctx );
-#if !defined(MBEDTLS_HAVE_TIME)
-    ctx->serial = 0;
-#endif
-    ctx->timeout = MBEDTLS_SSL_COOKIE_TIMEOUT;
-
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_mutex_init( &ctx->mutex );
-#endif
-}
-
-void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay )
-{
-    ctx->timeout = delay;
-}
-
-void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx )
-{
-    mbedtls_md_free( &ctx->hmac_ctx );
-
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_mutex_free( &ctx->mutex );
-#endif
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ssl_cookie_ctx ) );
-}
-
-int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
-                      int (*f_rng)(void *, unsigned char *, size_t),
-                      void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char key[COOKIE_MD_OUTLEN];
-
-    if( ( ret = f_rng( p_rng, key, sizeof( key ) ) ) != 0 )
-        return( ret );
-
-    ret = mbedtls_md_setup( &ctx->hmac_ctx, mbedtls_md_info_from_type( COOKIE_MD ), 1 );
-    if( ret != 0 )
-        return( ret );
-
-    ret = mbedtls_md_hmac_starts( &ctx->hmac_ctx, key, sizeof( key ) );
-    if( ret != 0 )
-        return( ret );
-
-    mbedtls_platform_zeroize( key, sizeof( key ) );
-
-    return( 0 );
-}
-
-/*
- * Generate the HMAC part of a cookie
- */
-static int ssl_cookie_hmac( mbedtls_md_context_t *hmac_ctx,
-                            const unsigned char time[4],
-                            unsigned char **p, unsigned char *end,
-                            const unsigned char *cli_id, size_t cli_id_len )
-{
-    unsigned char hmac_out[COOKIE_MD_OUTLEN];
-
-    MBEDTLS_SSL_CHK_BUF_PTR( *p, end, COOKIE_HMAC_LEN );
-
-    if( mbedtls_md_hmac_reset(  hmac_ctx ) != 0 ||
-        mbedtls_md_hmac_update( hmac_ctx, time, 4 ) != 0 ||
-        mbedtls_md_hmac_update( hmac_ctx, cli_id, cli_id_len ) != 0 ||
-        mbedtls_md_hmac_finish( hmac_ctx, hmac_out ) != 0 )
-    {
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    memcpy( *p, hmac_out, COOKIE_HMAC_LEN );
-    *p += COOKIE_HMAC_LEN;
-
-    return( 0 );
-}
-
-/*
- * Generate cookie for DTLS ClientHello verification
- */
-int mbedtls_ssl_cookie_write( void *p_ctx,
-                      unsigned char **p, unsigned char *end,
-                      const unsigned char *cli_id, size_t cli_id_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx;
-    unsigned long t;
-
-    if( ctx == NULL || cli_id == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    MBEDTLS_SSL_CHK_BUF_PTR( *p, end, COOKIE_LEN );
-
-#if defined(MBEDTLS_HAVE_TIME)
-    t = (unsigned long) mbedtls_time( NULL );
-#else
-    t = ctx->serial++;
-#endif
-
-    (*p)[0] = (unsigned char)( t >> 24 );
-    (*p)[1] = (unsigned char)( t >> 16 );
-    (*p)[2] = (unsigned char)( t >>  8 );
-    (*p)[3] = (unsigned char)( t       );
-    *p += 4;
-
-#if defined(MBEDTLS_THREADING_C)
-    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + ret );
-#endif
-
-    ret = ssl_cookie_hmac( &ctx->hmac_ctx, *p - 4,
-                           p, end, cli_id, cli_id_len );
-
-#if defined(MBEDTLS_THREADING_C)
-    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR +
-                MBEDTLS_ERR_THREADING_MUTEX_ERROR );
-#endif
-
-    return( ret );
-}
-
-/*
- * Check a cookie
- */
-int mbedtls_ssl_cookie_check( void *p_ctx,
-                      const unsigned char *cookie, size_t cookie_len,
-                      const unsigned char *cli_id, size_t cli_id_len )
-{
-    unsigned char ref_hmac[COOKIE_HMAC_LEN];
-    int ret = 0;
-    unsigned char *p = ref_hmac;
-    mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx;
-    unsigned long cur_time, cookie_time;
-
-    if( ctx == NULL || cli_id == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    if( cookie_len != COOKIE_LEN )
-        return( -1 );
-
-#if defined(MBEDTLS_THREADING_C)
-    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + ret );
-#endif
-
-    if( ssl_cookie_hmac( &ctx->hmac_ctx, cookie,
-                         &p, p + sizeof( ref_hmac ),
-                         cli_id, cli_id_len ) != 0 )
-        ret = -1;
-
-#if defined(MBEDTLS_THREADING_C)
-    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR +
-                MBEDTLS_ERR_THREADING_MUTEX_ERROR );
-#endif
-
-    if( ret != 0 )
-        return( ret );
-
-    if( mbedtls_ssl_safer_memcmp( cookie + 4, ref_hmac, sizeof( ref_hmac ) ) != 0 )
-        return( -1 );
-
-#if defined(MBEDTLS_HAVE_TIME)
-    cur_time = (unsigned long) mbedtls_time( NULL );
-#else
-    cur_time = ctx->serial;
-#endif
-
-    cookie_time = ( (unsigned long) cookie[0] << 24 ) |
-                  ( (unsigned long) cookie[1] << 16 ) |
-                  ( (unsigned long) cookie[2] <<  8 ) |
-                  ( (unsigned long) cookie[3]       );
-
-    if( ctx->timeout != 0 && cur_time - cookie_time > ctx->timeout )
-        return( -1 );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_COOKIE_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/ssl_invasive.h b/3rdparty/mbedtls-2.25.0/library/ssl_invasive.h
deleted file mode 100644
index babbc27..0000000
--- a/3rdparty/mbedtls-2.25.0/library/ssl_invasive.h
+++ /dev/null
@@ -1,100 +0,0 @@
-/**
- * \file ssl_invasive.h
- *
- * \brief SSL module: interfaces for invasive testing only.
- *
- * The interfaces in this file are intended for testing purposes only.
- * They SHOULD NOT be made available in library integrations except when
- * building the library for testing.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#ifndef MBEDTLS_SSL_INVASIVE_H
-#define MBEDTLS_SSL_INVASIVE_H
-
-#include "common.h"
-#include "mbedtls/md.h"
-
-#if defined(MBEDTLS_TEST_HOOKS) &&              \
-    defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC)
-/** \brief Compute the HMAC of variable-length data with constant flow.
- *
- * This function computes the HMAC of the concatenation of \p add_data and \p
- * data, and does with a code flow and memory access pattern that does not
- * depend on \p data_len_secret, but only on \p min_data_len and \p
- * max_data_len. In particular, this function always reads exactly \p
- * max_data_len bytes from \p data.
- *
- * \param ctx               The HMAC context. It must have keys configured
- *                          with mbedtls_md_hmac_starts() and use one of the
- *                          following hashes: SHA-384, SHA-256, SHA-1 or MD-5.
- *                          It is reset using mbedtls_md_hmac_reset() after
- *                          the computation is complete to prepare for the
- *                          next computation.
- * \param add_data          The additional data prepended to \p data. This
- *                          must point to a readable buffer of \p add_data_len
- *                          bytes.
- * \param add_data_len      The length of \p add_data in bytes.
- * \param data              The data appended to \p add_data. This must point
- *                          to a readable buffer of \p max_data_len bytes.
- * \param data_len_secret   The length of the data to process in \p data.
- *                          This must be no less than \p min_data_len and no
- *                          greater than \p max_data_len.
- * \param min_data_len      The minimal length of \p data in bytes.
- * \param max_data_len      The maximal length of \p data in bytes.
- * \param output            The HMAC will be written here. This must point to
- *                          a writable buffer of sufficient size to hold the
- *                          HMAC value.
- *
- * \retval 0
- *         Success.
- * \retval MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED
- *         The hardware accelerator failed.
- */
-int mbedtls_ssl_cf_hmac(
-        mbedtls_md_context_t *ctx,
-        const unsigned char *add_data, size_t add_data_len,
-        const unsigned char *data, size_t data_len_secret,
-        size_t min_data_len, size_t max_data_len,
-        unsigned char *output );
-
-/** \brief Copy data from a secret position with constant flow.
- *
- * This function copies \p len bytes from \p src_base + \p offset_secret to \p
- * dst, with a code flow and memory access pattern that does not depend on \p
- * offset_secret, but only on \p offset_min, \p offset_max and \p len.
- *
- * \param dst           The destination buffer. This must point to a writable
- *                      buffer of at least \p len bytes.
- * \param src_base      The base of the source buffer. This must point to a
- *                      readable buffer of at least \p offset_max + \p len
- *                      bytes.
- * \param offset_secret The offset in the source buffer from which to copy.
- *                      This must be no less than \p offset_min and no greater
- *                      than \p offset_max.
- * \param offset_min    The minimal value of \p offset_secret.
- * \param offset_max    The maximal value of \p offset_secret.
- * \param len           The number of bytes to copy.
- */
-void mbedtls_ssl_cf_memcpy_offset( unsigned char *dst,
-                                   const unsigned char *src_base,
-                                   size_t offset_secret,
-                                   size_t offset_min, size_t offset_max,
-                                   size_t len );
-#endif /* MBEDTLS_TEST_HOOKS && MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */
-
-#endif /* MBEDTLS_SSL_INVASIVE_H */
diff --git a/3rdparty/mbedtls-2.25.0/library/ssl_msg.c b/3rdparty/mbedtls-2.25.0/library/ssl_msg.c
deleted file mode 100644
index 72f09bb..0000000
--- a/3rdparty/mbedtls-2.25.0/library/ssl_msg.c
+++ /dev/null
@@ -1,6037 +0,0 @@
-/*
- *  Generic SSL/TLS messaging layer functions
- *  (record layer + retransmission state machine)
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  The SSL 3.0 specification was drafted by Netscape in 1996,
- *  and became an IETF standard in 1999.
- *
- *  http://wp.netscape.com/eng/ssl3/
- *  http://www.ietf.org/rfc/rfc2246.txt
- *  http://www.ietf.org/rfc/rfc4346.txt
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_SSL_TLS_C)
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc    calloc
-#define mbedtls_free      free
-#endif
-
-#include "mbedtls/ssl.h"
-#include "mbedtls/ssl_internal.h"
-#include "mbedtls/debug.h"
-#include "mbedtls/error.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/version.h"
-
-#include "ssl_invasive.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "mbedtls/psa_util.h"
-#include "psa/crypto.h"
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-#include "mbedtls/oid.h"
-#endif
-
-static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context const *ssl );
-
-/*
- * Start a timer.
- * Passing millisecs = 0 cancels a running timer.
- */
-void mbedtls_ssl_set_timer( mbedtls_ssl_context *ssl, uint32_t millisecs )
-{
-    if( ssl->f_set_timer == NULL )
-        return;
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "set_timer to %d ms", (int) millisecs ) );
-    ssl->f_set_timer( ssl->p_timer, millisecs / 4, millisecs );
-}
-
-/*
- * Return -1 is timer is expired, 0 if it isn't.
- */
-int mbedtls_ssl_check_timer( mbedtls_ssl_context *ssl )
-{
-    if( ssl->f_get_timer == NULL )
-        return( 0 );
-
-    if( ssl->f_get_timer( ssl->p_timer ) == 2 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "timer expired" ) );
-        return( -1 );
-    }
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
-static int ssl_parse_record_header( mbedtls_ssl_context const *ssl,
-                                    unsigned char *buf,
-                                    size_t len,
-                                    mbedtls_record *rec );
-
-int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl,
-                              unsigned char *buf,
-                              size_t buflen )
-{
-    int ret = 0;
-    MBEDTLS_SSL_DEBUG_MSG( 1, ( "=> mbedtls_ssl_check_record" ) );
-    MBEDTLS_SSL_DEBUG_BUF( 3, "record buffer", buf, buflen );
-
-    /* We don't support record checking in TLS because
-     * (a) there doesn't seem to be a usecase for it, and
-     * (b) In SSLv3 and TLS 1.0, CBC record decryption has state
-     *     and we'd need to backup the transform here.
-     */
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM )
-    {
-        ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
-        goto exit;
-    }
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    else
-    {
-        mbedtls_record rec;
-
-        ret = ssl_parse_record_header( ssl, buf, buflen, &rec );
-        if( ret != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 3, "ssl_parse_record_header", ret );
-            goto exit;
-        }
-
-        if( ssl->transform_in != NULL )
-        {
-            ret = mbedtls_ssl_decrypt_buf( ssl, ssl->transform_in, &rec );
-            if( ret != 0 )
-            {
-                MBEDTLS_SSL_DEBUG_RET( 3, "mbedtls_ssl_decrypt_buf", ret );
-                goto exit;
-            }
-        }
-    }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-exit:
-    /* On success, we have decrypted the buffer in-place, so make
-     * sure we don't leak any plaintext data. */
-    mbedtls_platform_zeroize( buf, buflen );
-
-    /* For the purpose of this API, treat messages with unexpected CID
-     * as well as such from future epochs as unexpected. */
-    if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_CID ||
-        ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE )
-    {
-        ret = MBEDTLS_ERR_SSL_UNEXPECTED_RECORD;
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 1, ( "<= mbedtls_ssl_check_record" ) );
-    return( ret );
-}
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */
-
-#define SSL_DONT_FORCE_FLUSH 0
-#define SSL_FORCE_FLUSH      1
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-
-/* Forward declarations for functions related to message buffering. */
-static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl,
-                                     uint8_t slot );
-static void ssl_free_buffered_record( mbedtls_ssl_context *ssl );
-static int ssl_load_buffered_message( mbedtls_ssl_context *ssl );
-static int ssl_load_buffered_record( mbedtls_ssl_context *ssl );
-static int ssl_buffer_message( mbedtls_ssl_context *ssl );
-static int ssl_buffer_future_record( mbedtls_ssl_context *ssl,
-                                     mbedtls_record const *rec );
-static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl );
-
-static size_t ssl_get_maximum_datagram_size( mbedtls_ssl_context const *ssl )
-{
-    size_t mtu = mbedtls_ssl_get_current_mtu( ssl );
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-    size_t out_buf_len = ssl->out_buf_len;
-#else
-    size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN;
-#endif
-
-    if( mtu != 0 && mtu < out_buf_len )
-        return( mtu );
-
-    return( out_buf_len );
-}
-
-static int ssl_get_remaining_space_in_datagram( mbedtls_ssl_context const *ssl )
-{
-    size_t const bytes_written = ssl->out_left;
-    size_t const mtu           = ssl_get_maximum_datagram_size( ssl );
-
-    /* Double-check that the write-index hasn't gone
-     * past what we can transmit in a single datagram. */
-    if( bytes_written > mtu )
-    {
-        /* Should never happen... */
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    return( (int) ( mtu - bytes_written ) );
-}
-
-static int ssl_get_remaining_payload_in_datagram( mbedtls_ssl_context const *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t remaining, expansion;
-    size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN;
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-    const size_t mfl = mbedtls_ssl_get_output_max_frag_len( ssl );
-
-    if( max_len > mfl )
-        max_len = mfl;
-
-    /* By the standard (RFC 6066 Sect. 4), the MFL extension
-     * only limits the maximum record payload size, so in theory
-     * we would be allowed to pack multiple records of payload size
-     * MFL into a single datagram. However, this would mean that there's
-     * no way to explicitly communicate MTU restrictions to the peer.
-     *
-     * The following reduction of max_len makes sure that we never
-     * write datagrams larger than MFL + Record Expansion Overhead.
-     */
-    if( max_len <= ssl->out_left )
-        return( 0 );
-
-    max_len -= ssl->out_left;
-#endif
-
-    ret = ssl_get_remaining_space_in_datagram( ssl );
-    if( ret < 0 )
-        return( ret );
-    remaining = (size_t) ret;
-
-    ret = mbedtls_ssl_get_record_expansion( ssl );
-    if( ret < 0 )
-        return( ret );
-    expansion = (size_t) ret;
-
-    if( remaining <= expansion )
-        return( 0 );
-
-    remaining -= expansion;
-    if( remaining >= max_len )
-        remaining = max_len;
-
-    return( (int) remaining );
-}
-
-/*
- * Double the retransmit timeout value, within the allowed range,
- * returning -1 if the maximum value has already been reached.
- */
-static int ssl_double_retransmit_timeout( mbedtls_ssl_context *ssl )
-{
-    uint32_t new_timeout;
-
-    if( ssl->handshake->retransmit_timeout >= ssl->conf->hs_timeout_max )
-        return( -1 );
-
-    /* Implement the final paragraph of RFC 6347 section 4.1.1.1
-     * in the following way: after the initial transmission and a first
-     * retransmission, back off to a temporary estimated MTU of 508 bytes.
-     * This value is guaranteed to be deliverable (if not guaranteed to be
-     * delivered) of any compliant IPv4 (and IPv6) network, and should work
-     * on most non-IP stacks too. */
-    if( ssl->handshake->retransmit_timeout != ssl->conf->hs_timeout_min )
-    {
-        ssl->handshake->mtu = 508;
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "mtu autoreduction to %d bytes", ssl->handshake->mtu ) );
-    }
-
-    new_timeout = 2 * ssl->handshake->retransmit_timeout;
-
-    /* Avoid arithmetic overflow and range overflow */
-    if( new_timeout < ssl->handshake->retransmit_timeout ||
-        new_timeout > ssl->conf->hs_timeout_max )
-    {
-        new_timeout = ssl->conf->hs_timeout_max;
-    }
-
-    ssl->handshake->retransmit_timeout = new_timeout;
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %d millisecs",
-                        ssl->handshake->retransmit_timeout ) );
-
-    return( 0 );
-}
-
-static void ssl_reset_retransmit_timeout( mbedtls_ssl_context *ssl )
-{
-    ssl->handshake->retransmit_timeout = ssl->conf->hs_timeout_min;
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %d millisecs",
-                        ssl->handshake->retransmit_timeout ) );
-}
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
-int (*mbedtls_ssl_hw_record_init)( mbedtls_ssl_context *ssl,
-                     const unsigned char *key_enc, const unsigned char *key_dec,
-                     size_t keylen,
-                     const unsigned char *iv_enc,  const unsigned char *iv_dec,
-                     size_t ivlen,
-                     const unsigned char *mac_enc, const unsigned char *mac_dec,
-                     size_t maclen ) = NULL;
-int (*mbedtls_ssl_hw_record_activate)( mbedtls_ssl_context *ssl, int direction) = NULL;
-int (*mbedtls_ssl_hw_record_reset)( mbedtls_ssl_context *ssl ) = NULL;
-int (*mbedtls_ssl_hw_record_write)( mbedtls_ssl_context *ssl ) = NULL;
-int (*mbedtls_ssl_hw_record_read)( mbedtls_ssl_context *ssl ) = NULL;
-int (*mbedtls_ssl_hw_record_finish)( mbedtls_ssl_context *ssl ) = NULL;
-#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
-
-/*
- * Encryption/decryption functions
- */
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) ||  \
-    defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
-
-static size_t ssl_compute_padding_length( size_t len,
-                                          size_t granularity )
-{
-    return( ( granularity - ( len + 1 ) % granularity ) % granularity );
-}
-
-/* This functions transforms a (D)TLS plaintext fragment and a record content
- * type into an instance of the (D)TLSInnerPlaintext structure. This is used
- * in DTLS 1.2 + CID and within TLS 1.3 to allow flexible padding and to protect
- * a record's content type.
- *
- *        struct {
- *            opaque content[DTLSPlaintext.length];
- *            ContentType real_type;
- *            uint8 zeros[length_of_padding];
- *        } (D)TLSInnerPlaintext;
- *
- *  Input:
- *  - `content`: The beginning of the buffer holding the
- *               plaintext to be wrapped.
- *  - `*content_size`: The length of the plaintext in Bytes.
- *  - `max_len`: The number of Bytes available starting from
- *               `content`. This must be `>= *content_size`.
- *  - `rec_type`: The desired record content type.
- *
- *  Output:
- *  - `content`: The beginning of the resulting (D)TLSInnerPlaintext structure.
- *  - `*content_size`: The length of the resulting (D)TLSInnerPlaintext structure.
- *
- *  Returns:
- *  - `0` on success.
- *  - A negative error code if `max_len` didn't offer enough space
- *    for the expansion.
- */
-static int ssl_build_inner_plaintext( unsigned char *content,
-                                      size_t *content_size,
-                                      size_t remaining,
-                                      uint8_t rec_type,
-                                      size_t pad )
-{
-    size_t len = *content_size;
-
-    /* Write real content type */
-    if( remaining == 0 )
-        return( -1 );
-    content[ len ] = rec_type;
-    len++;
-    remaining--;
-
-    if( remaining < pad )
-        return( -1 );
-    memset( content + len, 0, pad );
-    len += pad;
-    remaining -= pad;
-
-    *content_size = len;
-    return( 0 );
-}
-
-/* This function parses a (D)TLSInnerPlaintext structure.
- * See ssl_build_inner_plaintext() for details. */
-static int ssl_parse_inner_plaintext( unsigned char const *content,
-                                          size_t *content_size,
-                                          uint8_t *rec_type )
-{
-    size_t remaining = *content_size;
-
-    /* Determine length of padding by skipping zeroes from the back. */
-    do
-    {
-        if( remaining == 0 )
-            return( -1 );
-        remaining--;
-    } while( content[ remaining ] == 0 );
-
-    *content_size = remaining;
-    *rec_type = content[ remaining ];
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID ||
-          MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-
-/* `add_data` must have size 13 Bytes if the CID extension is disabled,
- * and 13 + 1 + CID-length Bytes if the CID extension is enabled. */
-static void ssl_extract_add_data_from_record( unsigned char* add_data,
-                                              size_t *add_data_len,
-                                              mbedtls_record *rec,
-                                              unsigned minor_ver )
-{
-    /* Quoting RFC 5246 (TLS 1.2):
-     *
-     *    additional_data = seq_num + TLSCompressed.type +
-     *                      TLSCompressed.version + TLSCompressed.length;
-     *
-     * For the CID extension, this is extended as follows
-     * (quoting draft-ietf-tls-dtls-connection-id-05,
-     *  https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05):
-     *
-     *       additional_data = seq_num + DTLSPlaintext.type +
-     *                         DTLSPlaintext.version +
-     *                         cid +
-     *                         cid_length +
-     *                         length_of_DTLSInnerPlaintext;
-     *
-     * For TLS 1.3, the record sequence number is dropped from the AAD
-     * and encoded within the nonce of the AEAD operation instead.
-     */
-
-    unsigned char *cur = add_data;
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
-    if( minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 )
-#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-    {
-        ((void) minor_ver);
-        memcpy( cur, rec->ctr, sizeof( rec->ctr ) );
-        cur += sizeof( rec->ctr );
-    }
-
-    *cur = rec->type;
-    cur++;
-
-    memcpy( cur, rec->ver, sizeof( rec->ver ) );
-    cur += sizeof( rec->ver );
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    if( rec->cid_len != 0 )
-    {
-        memcpy( cur, rec->cid, rec->cid_len );
-        cur += rec->cid_len;
-
-        *cur = rec->cid_len;
-        cur++;
-
-        cur[0] = ( rec->data_len >> 8 ) & 0xFF;
-        cur[1] = ( rec->data_len >> 0 ) & 0xFF;
-        cur += 2;
-    }
-    else
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-    {
-        cur[0] = ( rec->data_len >> 8 ) & 0xFF;
-        cur[1] = ( rec->data_len >> 0 ) & 0xFF;
-        cur += 2;
-    }
-
-    *add_data_len = cur - add_data;
-}
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-
-#define SSL3_MAC_MAX_BYTES   20  /* MD-5 or SHA-1 */
-
-/*
- * SSLv3.0 MAC functions
- */
-static void ssl_mac( mbedtls_md_context_t *md_ctx,
-                     const unsigned char *secret,
-                     const unsigned char *buf, size_t len,
-                     const unsigned char *ctr, int type,
-                     unsigned char out[SSL3_MAC_MAX_BYTES] )
-{
-    unsigned char header[11];
-    unsigned char padding[48];
-    int padlen;
-    int md_size = mbedtls_md_get_size( md_ctx->md_info );
-    int md_type = mbedtls_md_get_type( md_ctx->md_info );
-
-    /* Only MD5 and SHA-1 supported */
-    if( md_type == MBEDTLS_MD_MD5 )
-        padlen = 48;
-    else
-        padlen = 40;
-
-    memcpy( header, ctr, 8 );
-    header[ 8] = (unsigned char)  type;
-    header[ 9] = (unsigned char)( len >> 8 );
-    header[10] = (unsigned char)( len      );
-
-    memset( padding, 0x36, padlen );
-    mbedtls_md_starts( md_ctx );
-    mbedtls_md_update( md_ctx, secret,  md_size );
-    mbedtls_md_update( md_ctx, padding, padlen  );
-    mbedtls_md_update( md_ctx, header,  11      );
-    mbedtls_md_update( md_ctx, buf,     len     );
-    mbedtls_md_finish( md_ctx, out              );
-
-    memset( padding, 0x5C, padlen );
-    mbedtls_md_starts( md_ctx );
-    mbedtls_md_update( md_ctx, secret,    md_size );
-    mbedtls_md_update( md_ctx, padding,   padlen  );
-    mbedtls_md_update( md_ctx, out,       md_size );
-    mbedtls_md_finish( md_ctx, out                );
-}
-#endif /* MBEDTLS_SSL_PROTO_SSL3 */
-
-#if defined(MBEDTLS_GCM_C) || \
-    defined(MBEDTLS_CCM_C) || \
-    defined(MBEDTLS_CHACHAPOLY_C)
-static int ssl_transform_aead_dynamic_iv_is_explicit(
-                                mbedtls_ssl_transform const *transform )
-{
-    return( transform->ivlen != transform->fixed_ivlen );
-}
-
-/* Compute IV := ( fixed_iv || 0 ) XOR ( 0 || dynamic_IV )
- *
- * Concretely, this occurs in two variants:
- *
- * a) Fixed and dynamic IV lengths add up to total IV length, giving
- *       IV = fixed_iv || dynamic_iv
- *
- *    This variant is used in TLS 1.2 when used with GCM or CCM.
- *
- * b) Fixed IV lengths matches total IV length, giving
- *       IV = fixed_iv XOR ( 0 || dynamic_iv )
- *
- *    This variant occurs in TLS 1.3 and for TLS 1.2 when using ChaChaPoly.
- *
- * See also the documentation of mbedtls_ssl_transform.
- *
- * This function has the precondition that
- *
- *     dst_iv_len >= max( fixed_iv_len, dynamic_iv_len )
- *
- * which has to be ensured by the caller. If this precondition
- * violated, the behavior of this function is undefined.
- */
-static void ssl_build_record_nonce( unsigned char *dst_iv,
-                                    size_t dst_iv_len,
-                                    unsigned char const *fixed_iv,
-                                    size_t fixed_iv_len,
-                                    unsigned char const *dynamic_iv,
-                                    size_t dynamic_iv_len )
-{
-    size_t i;
-
-    /* Start with Fixed IV || 0 */
-    memset( dst_iv, 0, dst_iv_len );
-    memcpy( dst_iv, fixed_iv, fixed_iv_len );
-
-    dst_iv += dst_iv_len - dynamic_iv_len;
-    for( i = 0; i < dynamic_iv_len; i++ )
-        dst_iv[i] ^= dynamic_iv[i];
-}
-#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */
-
-int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
-                             mbedtls_ssl_transform *transform,
-                             mbedtls_record *rec,
-                             int (*f_rng)(void *, unsigned char *, size_t),
-                             void *p_rng )
-{
-    mbedtls_cipher_mode_t mode;
-    int auth_done = 0;
-    unsigned char * data;
-    unsigned char add_data[13 + 1 + MBEDTLS_SSL_CID_OUT_LEN_MAX ];
-    size_t add_data_len;
-    size_t post_avail;
-
-    /* The SSL context is only used for debugging purposes! */
-#if !defined(MBEDTLS_DEBUG_C)
-    ssl = NULL; /* make sure we don't use it except for debug */
-    ((void) ssl);
-#endif
-
-    /* The PRNG is used for dynamic IV generation that's used
-     * for CBC transformations in TLS 1.1 and TLS 1.2. */
-#if !( defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) && \
-       ( defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) ) )
-    ((void) f_rng);
-    ((void) p_rng);
-#endif
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> encrypt buf" ) );
-
-    if( transform == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "no transform provided to encrypt_buf" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-    if( rec == NULL
-        || rec->buf == NULL
-        || rec->buf_len < rec->data_offset
-        || rec->buf_len - rec->data_offset < rec->data_len
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-        || rec->cid_len != 0
-#endif
-        )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad record structure provided to encrypt_buf" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    data = rec->buf + rec->data_offset;
-    post_avail = rec->buf_len - ( rec->data_len + rec->data_offset );
-    MBEDTLS_SSL_DEBUG_BUF( 4, "before encrypt: output payload",
-                           data, rec->data_len );
-
-    mode = mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc );
-
-    if( rec->data_len > MBEDTLS_SSL_OUT_CONTENT_LEN )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Record content %u too large, maximum %d",
-                                    (unsigned) rec->data_len,
-                                    MBEDTLS_SSL_OUT_CONTENT_LEN ) );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    /* The following two code paths implement the (D)TLSInnerPlaintext
-     * structure present in TLS 1.3 and DTLS 1.2 + CID.
-     *
-     * See ssl_build_inner_plaintext() for more information.
-     *
-     * Note that this changes `rec->data_len`, and hence
-     * `post_avail` needs to be recalculated afterwards.
-     *
-     * Note also that the two code paths cannot occur simultaneously
-     * since they apply to different versions of the protocol. There
-     * is hence no risk of double-addition of the inner plaintext.
-     */
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
-    if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
-    {
-        size_t padding =
-            ssl_compute_padding_length( rec->data_len,
-                                        MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY );
-        if( ssl_build_inner_plaintext( data,
-                                       &rec->data_len,
-                                       post_avail,
-                                       rec->type,
-                                       padding ) != 0 )
-        {
-            return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-        }
-
-        rec->type = MBEDTLS_SSL_MSG_APPLICATION_DATA;
-    }
-#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    /*
-     * Add CID information
-     */
-    rec->cid_len = transform->out_cid_len;
-    memcpy( rec->cid, transform->out_cid, transform->out_cid_len );
-    MBEDTLS_SSL_DEBUG_BUF( 3, "CID", rec->cid, rec->cid_len );
-
-    if( rec->cid_len != 0 )
-    {
-        size_t padding =
-            ssl_compute_padding_length( rec->data_len,
-                                        MBEDTLS_SSL_CID_PADDING_GRANULARITY );
-        /*
-         * Wrap plaintext into DTLSInnerPlaintext structure.
-         * See ssl_build_inner_plaintext() for more information.
-         *
-         * Note that this changes `rec->data_len`, and hence
-         * `post_avail` needs to be recalculated afterwards.
-         */
-        if( ssl_build_inner_plaintext( data,
-                        &rec->data_len,
-                        post_avail,
-                        rec->type,
-                        padding ) != 0 )
-        {
-            return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-        }
-
-        rec->type = MBEDTLS_SSL_MSG_CID;
-    }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-    post_avail = rec->buf_len - ( rec->data_len + rec->data_offset );
-
-    /*
-     * Add MAC before if needed
-     */
-#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
-    if( mode == MBEDTLS_MODE_STREAM ||
-        ( mode == MBEDTLS_MODE_CBC
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-          && transform->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED
-#endif
-        ) )
-    {
-        if( post_avail < transform->maclen )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) );
-            return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-        }
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-        if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
-        {
-            unsigned char mac[SSL3_MAC_MAX_BYTES];
-            ssl_mac( &transform->md_ctx_enc, transform->mac_enc,
-                     data, rec->data_len, rec->ctr, rec->type, mac );
-            memcpy( data + rec->data_len, mac, transform->maclen );
-        }
-        else
-#endif
-#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
-        defined(MBEDTLS_SSL_PROTO_TLS1_2)
-        if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 )
-        {
-            unsigned char mac[MBEDTLS_SSL_MAC_ADD];
-
-            ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
-                                              transform->minor_ver );
-
-            mbedtls_md_hmac_update( &transform->md_ctx_enc, add_data,
-                                    add_data_len );
-            mbedtls_md_hmac_update( &transform->md_ctx_enc,
-                                    data, rec->data_len );
-            mbedtls_md_hmac_finish( &transform->md_ctx_enc, mac );
-            mbedtls_md_hmac_reset( &transform->md_ctx_enc );
-
-            memcpy( data + rec->data_len, mac, transform->maclen );
-        }
-        else
-#endif
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-
-        MBEDTLS_SSL_DEBUG_BUF( 4, "computed mac", data + rec->data_len,
-                               transform->maclen );
-
-        rec->data_len += transform->maclen;
-        post_avail -= transform->maclen;
-        auth_done++;
-    }
-#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
-
-    /*
-     * Encrypt
-     */
-#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
-    if( mode == MBEDTLS_MODE_STREAM )
-    {
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-        size_t olen;
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, "
-                                    "including %d bytes of padding",
-                                    rec->data_len, 0 ) );
-
-        if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_enc,
-                                   transform->iv_enc, transform->ivlen,
-                                   data, rec->data_len,
-                                   data, &olen ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
-            return( ret );
-        }
-
-        if( rec->data_len != olen )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-    }
-    else
-#endif /* MBEDTLS_ARC4_C || MBEDTLS_CIPHER_NULL_CIPHER */
-
-#if defined(MBEDTLS_GCM_C) || \
-    defined(MBEDTLS_CCM_C) || \
-    defined(MBEDTLS_CHACHAPOLY_C)
-    if( mode == MBEDTLS_MODE_GCM ||
-        mode == MBEDTLS_MODE_CCM ||
-        mode == MBEDTLS_MODE_CHACHAPOLY )
-    {
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-        unsigned char iv[12];
-        unsigned char *dynamic_iv;
-        size_t dynamic_iv_len;
-        int dynamic_iv_is_explicit =
-            ssl_transform_aead_dynamic_iv_is_explicit( transform );
-
-        /* Check that there's space for the authentication tag. */
-        if( post_avail < transform->taglen )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) );
-            return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-        }
-
-        /*
-         * Build nonce for AEAD encryption.
-         *
-         * Note: In the case of CCM and GCM in TLS 1.2, the dynamic
-         *       part of the IV is prepended to the ciphertext and
-         *       can be chosen freely - in particular, it need not
-         *       agree with the record sequence number.
-         *       However, since ChaChaPoly as well as all AEAD modes
-         *       in TLS 1.3 use the record sequence number as the
-         *       dynamic part of the nonce, we uniformly use the
-         *       record sequence number here in all cases.
-         */
-        dynamic_iv     = rec->ctr;
-        dynamic_iv_len = sizeof( rec->ctr );
-
-        ssl_build_record_nonce( iv, sizeof( iv ),
-                                transform->iv_enc,
-                                transform->fixed_ivlen,
-                                dynamic_iv,
-                                dynamic_iv_len );
-
-        /*
-         * Build additional data for AEAD encryption.
-         * This depends on the TLS version.
-         */
-        ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
-                                          transform->minor_ver );
-
-        MBEDTLS_SSL_DEBUG_BUF( 4, "IV used (internal)",
-                               iv, transform->ivlen );
-        MBEDTLS_SSL_DEBUG_BUF( 4, "IV used (transmitted)",
-                               dynamic_iv,
-                               dynamic_iv_is_explicit ? dynamic_iv_len : 0 );
-        MBEDTLS_SSL_DEBUG_BUF( 4, "additional data used for AEAD",
-                               add_data, add_data_len );
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, "
-                                    "including 0 bytes of padding",
-                                    rec->data_len ) );
-
-        /*
-         * Encrypt and authenticate
-         */
-
-        if( ( ret = mbedtls_cipher_auth_encrypt_ext( &transform->cipher_ctx_enc,
-                   iv, transform->ivlen,
-                   add_data, add_data_len,
-                   data, rec->data_len,                     /* src */
-                   data, rec->buf_len - (data - rec->buf),  /* dst */
-                   &rec->data_len,
-                   transform->taglen ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_encrypt", ret );
-            return( ret );
-        }
-        MBEDTLS_SSL_DEBUG_BUF( 4, "after encrypt: tag",
-                               data + rec->data_len - transform->taglen,
-                               transform->taglen );
-        /* Account for authentication tag. */
-        post_avail -= transform->taglen;
-
-        /*
-         * Prefix record content with dynamic IV in case it is explicit.
-         */
-        if( dynamic_iv_is_explicit != 0 )
-        {
-            if( rec->data_offset < dynamic_iv_len )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) );
-                return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-            }
-
-            memcpy( data - dynamic_iv_len, dynamic_iv, dynamic_iv_len );
-            rec->data_offset -= dynamic_iv_len;
-            rec->data_len    += dynamic_iv_len;
-        }
-
-        auth_done++;
-    }
-    else
-#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */
-#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC)
-    if( mode == MBEDTLS_MODE_CBC )
-    {
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-        size_t padlen, i;
-        size_t olen;
-
-        /* Currently we're always using minimal padding
-         * (up to 255 bytes would be allowed). */
-        padlen = transform->ivlen - ( rec->data_len + 1 ) % transform->ivlen;
-        if( padlen == transform->ivlen )
-            padlen = 0;
-
-        /* Check there's enough space in the buffer for the padding. */
-        if( post_avail < padlen + 1 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) );
-            return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-        }
-
-        for( i = 0; i <= padlen; i++ )
-            data[rec->data_len + i] = (unsigned char) padlen;
-
-        rec->data_len += padlen + 1;
-        post_avail -= padlen + 1;
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
-        /*
-         * Prepend per-record IV for block cipher in TLS v1.1 and up as per
-         * Method 1 (6.2.3.2. in RFC4346 and RFC5246)
-         */
-        if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
-        {
-            if( f_rng == NULL )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "No PRNG provided to encrypt_record routine" ) );
-                return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-            }
-
-            if( rec->data_offset < transform->ivlen )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) );
-                return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-            }
-
-            /*
-             * Generate IV
-             */
-            ret = f_rng( p_rng, transform->iv_enc, transform->ivlen );
-            if( ret != 0 )
-                return( ret );
-
-            memcpy( data - transform->ivlen, transform->iv_enc,
-                    transform->ivlen );
-
-        }
-#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */
-
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, "
-                            "including %d bytes of IV and %d bytes of padding",
-                            rec->data_len, transform->ivlen,
-                            padlen + 1 ) );
-
-        if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_enc,
-                                   transform->iv_enc,
-                                   transform->ivlen,
-                                   data, rec->data_len,
-                                   data, &olen ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
-            return( ret );
-        }
-
-        if( rec->data_len != olen )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1)
-        if( transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 )
-        {
-            /*
-             * Save IV in SSL3 and TLS1
-             */
-            memcpy( transform->iv_enc, transform->cipher_ctx_enc.iv,
-                    transform->ivlen );
-        }
-        else
-#endif
-        {
-            data             -= transform->ivlen;
-            rec->data_offset -= transform->ivlen;
-            rec->data_len    += transform->ivlen;
-        }
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-        if( auth_done == 0 )
-        {
-            unsigned char mac[MBEDTLS_SSL_MAC_ADD];
-
-            /*
-             * MAC(MAC_write_key, seq_num +
-             *     TLSCipherText.type +
-             *     TLSCipherText.version +
-             *     length_of( (IV +) ENC(...) ) +
-             *     IV + // except for TLS 1.0
-             *     ENC(content + padding + padding_length));
-             */
-
-            if( post_avail < transform->maclen)
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) );
-                return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-            }
-
-            ssl_extract_add_data_from_record( add_data, &add_data_len,
-                                              rec, transform->minor_ver );
-
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) );
-            MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", add_data,
-                                   add_data_len );
-
-            mbedtls_md_hmac_update( &transform->md_ctx_enc, add_data,
-                                    add_data_len );
-            mbedtls_md_hmac_update( &transform->md_ctx_enc,
-                                    data, rec->data_len );
-            mbedtls_md_hmac_finish( &transform->md_ctx_enc, mac );
-            mbedtls_md_hmac_reset( &transform->md_ctx_enc );
-
-            memcpy( data + rec->data_len, mac, transform->maclen );
-
-            rec->data_len += transform->maclen;
-            post_avail -= transform->maclen;
-            auth_done++;
-        }
-#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
-    }
-    else
-#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC) */
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    /* Make extra sure authentication was performed, exactly once */
-    if( auth_done != 1 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= encrypt buf" ) );
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC)
-/*
- * Turn a bit into a mask:
- * - if bit == 1, return the all-bits 1 mask, aka (size_t) -1
- * - if bit == 0, return the all-bits 0 mask, aka 0
- *
- * This function can be used to write constant-time code by replacing branches
- * with bit operations using masks.
- *
- * This function is implemented without using comparison operators, as those
- * might be translated to branches by some compilers on some platforms.
- */
-static size_t mbedtls_ssl_cf_mask_from_bit( size_t bit )
-{
-    /* MSVC has a warning about unary minus on unsigned integer types,
-     * but this is well-defined and precisely what we want to do here. */
-#if defined(_MSC_VER)
-#pragma warning( push )
-#pragma warning( disable : 4146 )
-#endif
-    return -bit;
-#if defined(_MSC_VER)
-#pragma warning( pop )
-#endif
-}
-
-/*
- * Constant-flow mask generation for "less than" comparison:
- * - if x < y,  return all bits 1, that is (size_t) -1
- * - otherwise, return all bits 0, that is 0
- *
- * This function can be used to write constant-time code by replacing branches
- * with bit operations using masks.
- *
- * This function is implemented without using comparison operators, as those
- * might be translated to branches by some compilers on some platforms.
- */
-static size_t mbedtls_ssl_cf_mask_lt( size_t x, size_t y )
-{
-    /* This has the most significant bit set if and only if x < y */
-    const size_t sub = x - y;
-
-    /* sub1 = (x < y) ? 1 : 0 */
-    const size_t sub1 = sub >> ( sizeof( sub ) * 8 - 1 );
-
-    /* mask = (x < y) ? 0xff... : 0x00... */
-    const size_t mask = mbedtls_ssl_cf_mask_from_bit( sub1 );
-
-    return( mask );
-}
-
-/*
- * Constant-flow mask generation for "greater or equal" comparison:
- * - if x >= y, return all bits 1, that is (size_t) -1
- * - otherwise, return all bits 0, that is 0
- *
- * This function can be used to write constant-time code by replacing branches
- * with bit operations using masks.
- *
- * This function is implemented without using comparison operators, as those
- * might be translated to branches by some compilers on some platforms.
- */
-static size_t mbedtls_ssl_cf_mask_ge( size_t x, size_t y )
-{
-    return( ~mbedtls_ssl_cf_mask_lt( x, y ) );
-}
-
-/*
- * Constant-flow boolean "equal" comparison:
- * return x == y
- *
- * This function can be used to write constant-time code by replacing branches
- * with bit operations - it can be used in conjunction with
- * mbedtls_ssl_cf_mask_from_bit().
- *
- * This function is implemented without using comparison operators, as those
- * might be translated to branches by some compilers on some platforms.
- */
-static size_t mbedtls_ssl_cf_bool_eq( size_t x, size_t y )
-{
-    /* diff = 0 if x == y, non-zero otherwise */
-    const size_t diff = x ^ y;
-
-    /* MSVC has a warning about unary minus on unsigned integer types,
-     * but this is well-defined and precisely what we want to do here. */
-#if defined(_MSC_VER)
-#pragma warning( push )
-#pragma warning( disable : 4146 )
-#endif
-
-    /* diff_msb's most significant bit is equal to x != y */
-    const size_t diff_msb = ( diff | -diff );
-
-#if defined(_MSC_VER)
-#pragma warning( pop )
-#endif
-
-    /* diff1 = (x != y) ? 1 : 0 */
-    const size_t diff1 = diff_msb >> ( sizeof( diff_msb ) * 8 - 1 );
-
-    return( 1 ^ diff1 );
-}
-
-/*
- * Constant-flow conditional memcpy:
- *  - if c1 == c2, equivalent to memcpy(dst, src, len),
- *  - otherwise, a no-op,
- * but with execution flow independent of the values of c1 and c2.
- *
- * This function is implemented without using comparison operators, as those
- * might be translated to branches by some compilers on some platforms.
- */
-static void mbedtls_ssl_cf_memcpy_if_eq( unsigned char *dst,
-                                         const unsigned char *src,
-                                         size_t len,
-                                         size_t c1, size_t c2 )
-{
-    /* mask = c1 == c2 ? 0xff : 0x00 */
-    const size_t equal = mbedtls_ssl_cf_bool_eq( c1, c2 );
-    const unsigned char mask = (unsigned char) mbedtls_ssl_cf_mask_from_bit( equal );
-
-    /* dst[i] = c1 == c2 ? src[i] : dst[i] */
-    for( size_t i = 0; i < len; i++ )
-        dst[i] = ( src[i] & mask ) | ( dst[i] & ~mask );
-}
-
-/*
- * Compute HMAC of variable-length data with constant flow.
- *
- * Only works with MD-5, SHA-1, SHA-256 and SHA-384.
- * (Otherwise, computation of block_size needs to be adapted.)
- */
-MBEDTLS_STATIC_TESTABLE int mbedtls_ssl_cf_hmac(
-        mbedtls_md_context_t *ctx,
-        const unsigned char *add_data, size_t add_data_len,
-        const unsigned char *data, size_t data_len_secret,
-        size_t min_data_len, size_t max_data_len,
-        unsigned char *output )
-{
-    /*
-     * This function breaks the HMAC abstraction and uses the md_clone()
-     * extension to the MD API in order to get constant-flow behaviour.
-     *
-     * HMAC(msg) is defined as HASH(okey + HASH(ikey + msg)) where + means
-     * concatenation, and okey/ikey are the XOR of the key with some fixed bit
-     * patterns (see RFC 2104, sec. 2), which are stored in ctx->hmac_ctx.
-     *
-     * We'll first compute inner_hash = HASH(ikey + msg) by hashing up to
-     * minlen, then cloning the context, and for each byte up to maxlen
-     * finishing up the hash computation, keeping only the correct result.
-     *
-     * Then we only need to compute HASH(okey + inner_hash) and we're done.
-     */
-    const mbedtls_md_type_t md_alg = mbedtls_md_get_type( ctx->md_info );
-    /* TLS 1.0-1.2 only support SHA-384, SHA-256, SHA-1, MD-5,
-     * all of which have the same block size except SHA-384. */
-    const size_t block_size = md_alg == MBEDTLS_MD_SHA384 ? 128 : 64;
-    const unsigned char * const ikey = ctx->hmac_ctx;
-    const unsigned char * const okey = ikey + block_size;
-    const size_t hash_size = mbedtls_md_get_size( ctx->md_info );
-
-    unsigned char aux_out[MBEDTLS_MD_MAX_SIZE];
-    mbedtls_md_context_t aux;
-    size_t offset;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    mbedtls_md_init( &aux );
-
-#define MD_CHK( func_call ) \
-    do {                    \
-        ret = (func_call);  \
-        if( ret != 0 )      \
-            goto cleanup;   \
-    } while( 0 )
-
-    MD_CHK( mbedtls_md_setup( &aux, ctx->md_info, 0 ) );
-
-    /* After hmac_start() of hmac_reset(), ikey has already been hashed,
-     * so we can start directly with the message */
-    MD_CHK( mbedtls_md_update( ctx, add_data, add_data_len ) );
-    MD_CHK( mbedtls_md_update( ctx, data, min_data_len ) );
-
-    /* For each possible length, compute the hash up to that point */
-    for( offset = min_data_len; offset <= max_data_len; offset++ )
-    {
-        MD_CHK( mbedtls_md_clone( &aux, ctx ) );
-        MD_CHK( mbedtls_md_finish( &aux, aux_out ) );
-        /* Keep only the correct inner_hash in the output buffer */
-        mbedtls_ssl_cf_memcpy_if_eq( output, aux_out, hash_size,
-                                     offset, data_len_secret );
-
-        if( offset < max_data_len )
-            MD_CHK( mbedtls_md_update( ctx, data + offset, 1 ) );
-    }
-
-    /* Now compute HASH(okey + inner_hash) */
-    MD_CHK( mbedtls_md_starts( ctx ) );
-    MD_CHK( mbedtls_md_update( ctx, okey, block_size ) );
-    MD_CHK( mbedtls_md_update( ctx, output, hash_size ) );
-    MD_CHK( mbedtls_md_finish( ctx, output ) );
-
-    /* Done, get ready for next time */
-    MD_CHK( mbedtls_md_hmac_reset( ctx ) );
-
-#undef MD_CHK
-
-cleanup:
-    mbedtls_md_free( &aux );
-    return( ret );
-}
-
-/*
- * Constant-flow memcpy from variable position in buffer.
- * - functionally equivalent to memcpy(dst, src + offset_secret, len)
- * - but with execution flow independent from the value of offset_secret.
- */
-MBEDTLS_STATIC_TESTABLE void mbedtls_ssl_cf_memcpy_offset(
-                                   unsigned char *dst,
-                                   const unsigned char *src_base,
-                                   size_t offset_secret,
-                                   size_t offset_min, size_t offset_max,
-                                   size_t len )
-{
-    size_t offset;
-
-    for( offset = offset_min; offset <= offset_max; offset++ )
-    {
-        mbedtls_ssl_cf_memcpy_if_eq( dst, src_base + offset, len,
-                                     offset, offset_secret );
-    }
-}
-#endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */
-
-int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
-                             mbedtls_ssl_transform *transform,
-                             mbedtls_record *rec )
-{
-    size_t olen;
-    mbedtls_cipher_mode_t mode;
-    int ret, auth_done = 0;
-#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
-    size_t padlen = 0, correct = 1;
-#endif
-    unsigned char* data;
-    unsigned char add_data[13 + 1 + MBEDTLS_SSL_CID_IN_LEN_MAX ];
-    size_t add_data_len;
-
-#if !defined(MBEDTLS_DEBUG_C)
-    ssl = NULL; /* make sure we don't use it except for debug */
-    ((void) ssl);
-#endif
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> decrypt buf" ) );
-    if( rec == NULL                     ||
-        rec->buf == NULL                ||
-        rec->buf_len < rec->data_offset ||
-        rec->buf_len - rec->data_offset < rec->data_len )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad record structure provided to decrypt_buf" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    data = rec->buf + rec->data_offset;
-    mode = mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_dec );
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    /*
-     * Match record's CID with incoming CID.
-     */
-    if( rec->cid_len != transform->in_cid_len ||
-        memcmp( rec->cid, transform->in_cid, rec->cid_len ) != 0 )
-    {
-        return( MBEDTLS_ERR_SSL_UNEXPECTED_CID );
-    }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
-    if( mode == MBEDTLS_MODE_STREAM )
-    {
-        padlen = 0;
-        if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_dec,
-                                   transform->iv_dec,
-                                   transform->ivlen,
-                                   data, rec->data_len,
-                                   data, &olen ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
-            return( ret );
-        }
-
-        if( rec->data_len != olen )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-    }
-    else
-#endif /* MBEDTLS_ARC4_C || MBEDTLS_CIPHER_NULL_CIPHER */
-#if defined(MBEDTLS_GCM_C) || \
-    defined(MBEDTLS_CCM_C) || \
-    defined(MBEDTLS_CHACHAPOLY_C)
-    if( mode == MBEDTLS_MODE_GCM ||
-        mode == MBEDTLS_MODE_CCM ||
-        mode == MBEDTLS_MODE_CHACHAPOLY )
-    {
-        unsigned char iv[12];
-        unsigned char *dynamic_iv;
-        size_t dynamic_iv_len;
-
-        /*
-         * Extract dynamic part of nonce for AEAD decryption.
-         *
-         * Note: In the case of CCM and GCM in TLS 1.2, the dynamic
-         *       part of the IV is prepended to the ciphertext and
-         *       can be chosen freely - in particular, it need not
-         *       agree with the record sequence number.
-         */
-        dynamic_iv_len = sizeof( rec->ctr );
-        if( ssl_transform_aead_dynamic_iv_is_explicit( transform ) == 1 )
-        {
-            if( rec->data_len < dynamic_iv_len )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < explicit_iv_len (%d) ",
-                                            rec->data_len,
-                                            dynamic_iv_len ) );
-                return( MBEDTLS_ERR_SSL_INVALID_MAC );
-            }
-            dynamic_iv = data;
-
-            data += dynamic_iv_len;
-            rec->data_offset += dynamic_iv_len;
-            rec->data_len    -= dynamic_iv_len;
-        }
-        else
-        {
-            dynamic_iv = rec->ctr;
-        }
-
-        /* Check that there's space for the authentication tag. */
-        if( rec->data_len < transform->taglen )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < taglen (%d) ",
-                                        rec->data_len,
-                                        transform->taglen ) );
-            return( MBEDTLS_ERR_SSL_INVALID_MAC );
-        }
-        rec->data_len -= transform->taglen;
-
-        /*
-         * Prepare nonce from dynamic and static parts.
-         */
-        ssl_build_record_nonce( iv, sizeof( iv ),
-                                transform->iv_dec,
-                                transform->fixed_ivlen,
-                                dynamic_iv,
-                                dynamic_iv_len );
-
-        /*
-         * Build additional data for AEAD encryption.
-         * This depends on the TLS version.
-         */
-        ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
-                                          transform->minor_ver );
-        MBEDTLS_SSL_DEBUG_BUF( 4, "additional data used for AEAD",
-                               add_data, add_data_len );
-
-        /* Because of the check above, we know that there are
-         * explicit_iv_len Bytes preceeding data, and taglen
-         * bytes following data + data_len. This justifies
-         * the debug message and the invocation of
-         * mbedtls_cipher_auth_decrypt() below. */
-
-        MBEDTLS_SSL_DEBUG_BUF( 4, "IV used", iv, transform->ivlen );
-        MBEDTLS_SSL_DEBUG_BUF( 4, "TAG used", data + rec->data_len,
-                               transform->taglen );
-
-        /*
-         * Decrypt and authenticate
-         */
-        if( ( ret = mbedtls_cipher_auth_decrypt_ext( &transform->cipher_ctx_dec,
-                  iv, transform->ivlen,
-                  add_data, add_data_len,
-                  data, rec->data_len + transform->taglen,          /* src */
-                  data, rec->buf_len - (data - rec->buf), &olen,    /* dst */
-                  transform->taglen ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_decrypt", ret );
-
-            if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED )
-                return( MBEDTLS_ERR_SSL_INVALID_MAC );
-
-            return( ret );
-        }
-        auth_done++;
-
-        /* Double-check that AEAD decryption doesn't change content length. */
-        if( olen != rec->data_len )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-    }
-    else
-#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C */
-#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC)
-    if( mode == MBEDTLS_MODE_CBC )
-    {
-        size_t minlen = 0;
-
-        /*
-         * Check immediate ciphertext sanity
-         */
-#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
-        if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
-        {
-            /* The ciphertext is prefixed with the CBC IV. */
-            minlen += transform->ivlen;
-        }
-#endif
-
-        /* Size considerations:
-         *
-         * - The CBC cipher text must not be empty and hence
-         *   at least of size transform->ivlen.
-         *
-         * Together with the potential IV-prefix, this explains
-         * the first of the two checks below.
-         *
-         * - The record must contain a MAC, either in plain or
-         *   encrypted, depending on whether Encrypt-then-MAC
-         *   is used or not.
-         *   - If it is, the message contains the IV-prefix,
-         *     the CBC ciphertext, and the MAC.
-         *   - If it is not, the padded plaintext, and hence
-         *     the CBC ciphertext, has at least length maclen + 1
-         *     because there is at least the padding length byte.
-         *
-         * As the CBC ciphertext is not empty, both cases give the
-         * lower bound minlen + maclen + 1 on the record size, which
-         * we test for in the second check below.
-         */
-        if( rec->data_len < minlen + transform->ivlen ||
-            rec->data_len < minlen + transform->maclen + 1 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < max( ivlen(%d), maclen (%d) "
-                                "+ 1 ) ( + expl IV )", rec->data_len,
-                                transform->ivlen,
-                                transform->maclen ) );
-            return( MBEDTLS_ERR_SSL_INVALID_MAC );
-        }
-
-        /*
-         * Authenticate before decrypt if enabled
-         */
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-        if( transform->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED )
-        {
-            unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD];
-
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) );
-
-            /* Update data_len in tandem with add_data.
-             *
-             * The subtraction is safe because of the previous check
-             * data_len >= minlen + maclen + 1.
-             *
-             * Afterwards, we know that data + data_len is followed by at
-             * least maclen Bytes, which justifies the call to
-             * mbedtls_ssl_safer_memcmp() below.
-             *
-             * Further, we still know that data_len > minlen */
-            rec->data_len -= transform->maclen;
-            ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
-                                              transform->minor_ver );
-
-            /* Calculate expected MAC. */
-            MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", add_data,
-                                   add_data_len );
-            mbedtls_md_hmac_update( &transform->md_ctx_dec, add_data,
-                                    add_data_len );
-            mbedtls_md_hmac_update( &transform->md_ctx_dec,
-                                    data, rec->data_len );
-            mbedtls_md_hmac_finish( &transform->md_ctx_dec, mac_expect );
-            mbedtls_md_hmac_reset( &transform->md_ctx_dec );
-
-            MBEDTLS_SSL_DEBUG_BUF( 4, "message  mac", data + rec->data_len,
-                                   transform->maclen );
-            MBEDTLS_SSL_DEBUG_BUF( 4, "expected mac", mac_expect,
-                                   transform->maclen );
-
-            /* Compare expected MAC with MAC at the end of the record. */
-            if( mbedtls_ssl_safer_memcmp( data + rec->data_len, mac_expect,
-                                          transform->maclen ) != 0 )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) );
-                return( MBEDTLS_ERR_SSL_INVALID_MAC );
-            }
-            auth_done++;
-        }
-#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
-
-        /*
-         * Check length sanity
-         */
-
-        /* We know from above that data_len > minlen >= 0,
-         * so the following check in particular implies that
-         * data_len >= minlen + ivlen ( = minlen or 2 * minlen ). */
-        if( rec->data_len % transform->ivlen != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) %% ivlen (%d) != 0",
-                                        rec->data_len, transform->ivlen ) );
-            return( MBEDTLS_ERR_SSL_INVALID_MAC );
-        }
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
-        /*
-         * Initialize for prepended IV for block cipher in TLS v1.1 and up
-         */
-        if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
-        {
-            /* Safe because data_len >= minlen + ivlen = 2 * ivlen. */
-            memcpy( transform->iv_dec, data, transform->ivlen );
-
-            data += transform->ivlen;
-            rec->data_offset += transform->ivlen;
-            rec->data_len -= transform->ivlen;
-        }
-#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */
-
-        /* We still have data_len % ivlen == 0 and data_len >= ivlen here. */
-
-        if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_dec,
-                                   transform->iv_dec, transform->ivlen,
-                                   data, rec->data_len, data, &olen ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
-            return( ret );
-        }
-
-        /* Double-check that length hasn't changed during decryption. */
-        if( rec->data_len != olen )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1)
-        if( transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 )
-        {
-            /*
-             * Save IV in SSL3 and TLS1, where CBC decryption of consecutive
-             * records is equivalent to CBC decryption of the concatenation
-             * of the records; in other words, IVs are maintained across
-             * record decryptions.
-             */
-            memcpy( transform->iv_dec, transform->cipher_ctx_dec.iv,
-                    transform->ivlen );
-        }
-#endif
-
-        /* Safe since data_len >= minlen + maclen + 1, so after having
-         * subtracted at most minlen and maclen up to this point,
-         * data_len > 0 (because of data_len % ivlen == 0, it's actually
-         * >= ivlen ). */
-        padlen = data[rec->data_len - 1];
-
-        if( auth_done == 1 )
-        {
-            const size_t mask = mbedtls_ssl_cf_mask_ge(
-                                rec->data_len,
-                                padlen + 1 );
-            correct &= mask;
-            padlen  &= mask;
-        }
-        else
-        {
-#if defined(MBEDTLS_SSL_DEBUG_ALL)
-            if( rec->data_len < transform->maclen + padlen + 1 )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < maclen (%d) + padlen (%d)",
-                                            rec->data_len,
-                                            transform->maclen,
-                                            padlen + 1 ) );
-            }
-#endif
-
-            const size_t mask = mbedtls_ssl_cf_mask_ge(
-                                rec->data_len,
-                                transform->maclen + padlen + 1 );
-            correct &= mask;
-            padlen  &= mask;
-        }
-
-        padlen++;
-
-        /* Regardless of the validity of the padding,
-         * we have data_len >= padlen here. */
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-        if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
-        {
-            /* This is the SSL 3.0 path, we don't have to worry about Lucky
-             * 13, because there's a strictly worse padding attack built in
-             * the protocol (known as part of POODLE), so we don't care if the
-             * code is not constant-time, in particular branches are OK. */
-            if( padlen > transform->ivlen )
-            {
-#if defined(MBEDTLS_SSL_DEBUG_ALL)
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad padding length: is %d, "
-                                            "should be no more than %d",
-                                            padlen, transform->ivlen ) );
-#endif
-                correct = 0;
-            }
-        }
-        else
-#endif /* MBEDTLS_SSL_PROTO_SSL3 */
-#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_2)
-        if( transform->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0 )
-        {
-            /* The padding check involves a series of up to 256
-             * consecutive memory reads at the end of the record
-             * plaintext buffer. In order to hide the length and
-             * validity of the padding, always perform exactly
-             * `min(256,plaintext_len)` reads (but take into account
-             * only the last `padlen` bytes for the padding check). */
-            size_t pad_count = 0;
-            volatile unsigned char* const check = data;
-
-            /* Index of first padding byte; it has been ensured above
-             * that the subtraction is safe. */
-            size_t const padding_idx = rec->data_len - padlen;
-            size_t const num_checks = rec->data_len <= 256 ? rec->data_len : 256;
-            size_t const start_idx = rec->data_len - num_checks;
-            size_t idx;
-
-            for( idx = start_idx; idx < rec->data_len; idx++ )
-            {
-                /* pad_count += (idx >= padding_idx) &&
-                 *              (check[idx] == padlen - 1);
-                 */
-                const size_t mask = mbedtls_ssl_cf_mask_ge( idx, padding_idx );
-                const size_t equal = mbedtls_ssl_cf_bool_eq( check[idx],
-                                                             padlen - 1 );
-                pad_count += mask & equal;
-            }
-            correct &= mbedtls_ssl_cf_bool_eq( pad_count, padlen );
-
-#if defined(MBEDTLS_SSL_DEBUG_ALL)
-            if( padlen > 0 && correct == 0 )
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad padding byte detected" ) );
-#endif
-            padlen &= mbedtls_ssl_cf_mask_from_bit( correct );
-        }
-        else
-#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
-          MBEDTLS_SSL_PROTO_TLS1_2 */
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-
-        /* If the padding was found to be invalid, padlen == 0
-         * and the subtraction is safe. If the padding was found valid,
-         * padlen hasn't been changed and the previous assertion
-         * data_len >= padlen still holds. */
-        rec->data_len -= padlen;
-    }
-    else
-#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC */
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-#if defined(MBEDTLS_SSL_DEBUG_ALL)
-    MBEDTLS_SSL_DEBUG_BUF( 4, "raw buffer after decryption",
-                           data, rec->data_len );
-#endif
-
-    /*
-     * Authenticate if not done yet.
-     * Compute the MAC regardless of the padding result (RFC4346, CBCTIME).
-     */
-#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
-    if( auth_done == 0 )
-    {
-        unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD];
-        unsigned char mac_peer[MBEDTLS_SSL_MAC_ADD];
-
-        /* If the initial value of padlen was such that
-         * data_len < maclen + padlen + 1, then padlen
-         * got reset to 1, and the initial check
-         * data_len >= minlen + maclen + 1
-         * guarantees that at this point we still
-         * have at least data_len >= maclen.
-         *
-         * If the initial value of padlen was such that
-         * data_len >= maclen + padlen + 1, then we have
-         * subtracted either padlen + 1 (if the padding was correct)
-         * or 0 (if the padding was incorrect) since then,
-         * hence data_len >= maclen in any case.
-         */
-        rec->data_len -= transform->maclen;
-        ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
-                                          transform->minor_ver );
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-        if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
-        {
-            ssl_mac( &transform->md_ctx_dec,
-                     transform->mac_dec,
-                     data, rec->data_len,
-                     rec->ctr, rec->type,
-                     mac_expect );
-            memcpy( mac_peer, data + rec->data_len, transform->maclen );
-        }
-        else
-#endif /* MBEDTLS_SSL_PROTO_SSL3 */
-#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
-        defined(MBEDTLS_SSL_PROTO_TLS1_2)
-        if( transform->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0 )
-        {
-            /*
-             * The next two sizes are the minimum and maximum values of
-             * data_len over all padlen values.
-             *
-             * They're independent of padlen, since we previously did
-             * data_len -= padlen.
-             *
-             * Note that max_len + maclen is never more than the buffer
-             * length, as we previously did in_msglen -= maclen too.
-             */
-            const size_t max_len = rec->data_len + padlen;
-            const size_t min_len = ( max_len > 256 ) ? max_len - 256 : 0;
-
-            ret = mbedtls_ssl_cf_hmac( &transform->md_ctx_dec,
-                                       add_data, add_data_len,
-                                       data, rec->data_len, min_len, max_len,
-                                       mac_expect );
-            if( ret != 0 )
-            {
-                MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_cf_hmac", ret );
-                return( ret );
-            }
-
-            mbedtls_ssl_cf_memcpy_offset( mac_peer, data,
-                                          rec->data_len,
-                                          min_len, max_len,
-                                          transform->maclen );
-        }
-        else
-#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
-              MBEDTLS_SSL_PROTO_TLS1_2 */
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-
-#if defined(MBEDTLS_SSL_DEBUG_ALL)
-        MBEDTLS_SSL_DEBUG_BUF( 4, "expected mac", mac_expect, transform->maclen );
-        MBEDTLS_SSL_DEBUG_BUF( 4, "message  mac", mac_peer, transform->maclen );
-#endif
-
-        if( mbedtls_ssl_safer_memcmp( mac_peer, mac_expect,
-                                      transform->maclen ) != 0 )
-        {
-#if defined(MBEDTLS_SSL_DEBUG_ALL)
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) );
-#endif
-            correct = 0;
-        }
-        auth_done++;
-    }
-
-    /*
-     * Finally check the correct flag
-     */
-    if( correct == 0 )
-        return( MBEDTLS_ERR_SSL_INVALID_MAC );
-#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
-
-    /* Make extra sure authentication was performed, exactly once */
-    if( auth_done != 1 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
-    if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
-    {
-        /* Remove inner padding and infer true content type. */
-        ret = ssl_parse_inner_plaintext( data, &rec->data_len,
-                                         &rec->type );
-
-        if( ret != 0 )
-            return( MBEDTLS_ERR_SSL_INVALID_RECORD );
-    }
-#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    if( rec->cid_len != 0 )
-    {
-        ret = ssl_parse_inner_plaintext( data, &rec->data_len,
-                                         &rec->type );
-        if( ret != 0 )
-            return( MBEDTLS_ERR_SSL_INVALID_RECORD );
-    }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= decrypt buf" ) );
-
-    return( 0 );
-}
-
-#undef MAC_NONE
-#undef MAC_PLAINTEXT
-#undef MAC_CIPHERTEXT
-
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-/*
- * Compression/decompression functions
- */
-static int ssl_compress_buf( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *msg_post = ssl->out_msg;
-    ptrdiff_t bytes_written = ssl->out_msg - ssl->out_buf;
-    size_t len_pre = ssl->out_msglen;
-    unsigned char *msg_pre = ssl->compress_buf;
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-    size_t out_buf_len = ssl->out_buf_len;
-#else
-    size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN;
-#endif
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> compress buf" ) );
-
-    if( len_pre == 0 )
-        return( 0 );
-
-    memcpy( msg_pre, ssl->out_msg, len_pre );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "before compression: msglen = %d, ",
-                   ssl->out_msglen ) );
-
-    MBEDTLS_SSL_DEBUG_BUF( 4, "before compression: output payload",
-                   ssl->out_msg, ssl->out_msglen );
-
-    ssl->transform_out->ctx_deflate.next_in = msg_pre;
-    ssl->transform_out->ctx_deflate.avail_in = len_pre;
-    ssl->transform_out->ctx_deflate.next_out = msg_post;
-    ssl->transform_out->ctx_deflate.avail_out = out_buf_len - bytes_written;
-
-    ret = deflate( &ssl->transform_out->ctx_deflate, Z_SYNC_FLUSH );
-    if( ret != Z_OK )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "failed to perform compression (%d)", ret ) );
-        return( MBEDTLS_ERR_SSL_COMPRESSION_FAILED );
-    }
-
-    ssl->out_msglen = out_buf_len -
-                      ssl->transform_out->ctx_deflate.avail_out - bytes_written;
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "after compression: msglen = %d, ",
-                   ssl->out_msglen ) );
-
-    MBEDTLS_SSL_DEBUG_BUF( 4, "after compression: output payload",
-                   ssl->out_msg, ssl->out_msglen );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= compress buf" ) );
-
-    return( 0 );
-}
-
-static int ssl_decompress_buf( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *msg_post = ssl->in_msg;
-    ptrdiff_t header_bytes = ssl->in_msg - ssl->in_buf;
-    size_t len_pre = ssl->in_msglen;
-    unsigned char *msg_pre = ssl->compress_buf;
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-    size_t in_buf_len = ssl->in_buf_len;
-#else
-    size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN;
-#endif
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> decompress buf" ) );
-
-    if( len_pre == 0 )
-        return( 0 );
-
-    memcpy( msg_pre, ssl->in_msg, len_pre );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "before decompression: msglen = %d, ",
-                   ssl->in_msglen ) );
-
-    MBEDTLS_SSL_DEBUG_BUF( 4, "before decompression: input payload",
-                   ssl->in_msg, ssl->in_msglen );
-
-    ssl->transform_in->ctx_inflate.next_in = msg_pre;
-    ssl->transform_in->ctx_inflate.avail_in = len_pre;
-    ssl->transform_in->ctx_inflate.next_out = msg_post;
-    ssl->transform_in->ctx_inflate.avail_out = in_buf_len - header_bytes;
-
-    ret = inflate( &ssl->transform_in->ctx_inflate, Z_SYNC_FLUSH );
-    if( ret != Z_OK )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "failed to perform decompression (%d)", ret ) );
-        return( MBEDTLS_ERR_SSL_COMPRESSION_FAILED );
-    }
-
-    ssl->in_msglen = in_buf_len -
-                     ssl->transform_in->ctx_inflate.avail_out - header_bytes;
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "after decompression: msglen = %d, ",
-                   ssl->in_msglen ) );
-
-    MBEDTLS_SSL_DEBUG_BUF( 4, "after decompression: input payload",
-                   ssl->in_msg, ssl->in_msglen );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= decompress buf" ) );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_ZLIB_SUPPORT */
-
-/*
- * Fill the input message buffer by appending data to it.
- * The amount of data already fetched is in ssl->in_left.
- *
- * If we return 0, is it guaranteed that (at least) nb_want bytes are
- * available (from this read and/or a previous one). Otherwise, an error code
- * is returned (possibly EOF or WANT_READ).
- *
- * With stream transport (TLS) on success ssl->in_left == nb_want, but
- * with datagram transport (DTLS) on success ssl->in_left >= nb_want,
- * since we always read a whole datagram at once.
- *
- * For DTLS, it is up to the caller to set ssl->next_record_offset when
- * they're done reading a record.
- */
-int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-    size_t in_buf_len = ssl->in_buf_len;
-#else
-    size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN;
-#endif
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> fetch input" ) );
-
-    if( ssl->f_recv == NULL && ssl->f_recv_timeout == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Bad usage of mbedtls_ssl_set_bio() "
-                            "or mbedtls_ssl_set_bio()" ) );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    if( nb_want > in_buf_len - (size_t)( ssl->in_hdr - ssl->in_buf ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "requesting more data than fits" ) );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        uint32_t timeout;
-
-        /*
-         * The point is, we need to always read a full datagram at once, so we
-         * sometimes read more then requested, and handle the additional data.
-         * It could be the rest of the current record (while fetching the
-         * header) and/or some other records in the same datagram.
-         */
-
-        /*
-         * Move to the next record in the already read datagram if applicable
-         */
-        if( ssl->next_record_offset != 0 )
-        {
-            if( ssl->in_left < ssl->next_record_offset )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-                return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-            }
-
-            ssl->in_left -= ssl->next_record_offset;
-
-            if( ssl->in_left != 0 )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 2, ( "next record in same datagram, offset: %d",
-                                    ssl->next_record_offset ) );
-                memmove( ssl->in_hdr,
-                         ssl->in_hdr + ssl->next_record_offset,
-                         ssl->in_left );
-            }
-
-            ssl->next_record_offset = 0;
-        }
-
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %d, nb_want: %d",
-                       ssl->in_left, nb_want ) );
-
-        /*
-         * Done if we already have enough data.
-         */
-        if( nb_want <= ssl->in_left)
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= fetch input" ) );
-            return( 0 );
-        }
-
-        /*
-         * A record can't be split across datagrams. If we need to read but
-         * are not at the beginning of a new record, the caller did something
-         * wrong.
-         */
-        if( ssl->in_left != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-
-        /*
-         * Don't even try to read if time's out already.
-         * This avoids by-passing the timer when repeatedly receiving messages
-         * that will end up being dropped.
-         */
-        if( mbedtls_ssl_check_timer( ssl ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "timer has expired" ) );
-            ret = MBEDTLS_ERR_SSL_TIMEOUT;
-        }
-        else
-        {
-            len = in_buf_len - ( ssl->in_hdr - ssl->in_buf );
-
-            if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
-                timeout = ssl->handshake->retransmit_timeout;
-            else
-                timeout = ssl->conf->read_timeout;
-
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "f_recv_timeout: %u ms", timeout ) );
-
-            if( ssl->f_recv_timeout != NULL )
-                ret = ssl->f_recv_timeout( ssl->p_bio, ssl->in_hdr, len,
-                                                                    timeout );
-            else
-                ret = ssl->f_recv( ssl->p_bio, ssl->in_hdr, len );
-
-            MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_recv(_timeout)", ret );
-
-            if( ret == 0 )
-                return( MBEDTLS_ERR_SSL_CONN_EOF );
-        }
-
-        if( ret == MBEDTLS_ERR_SSL_TIMEOUT )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "timeout" ) );
-            mbedtls_ssl_set_timer( ssl, 0 );
-
-            if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
-            {
-                if( ssl_double_retransmit_timeout( ssl ) != 0 )
-                {
-                    MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake timeout" ) );
-                    return( MBEDTLS_ERR_SSL_TIMEOUT );
-                }
-
-                if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 )
-                {
-                    MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend", ret );
-                    return( ret );
-                }
-
-                return( MBEDTLS_ERR_SSL_WANT_READ );
-            }
-#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION)
-            else if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
-                     ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING )
-            {
-                if( ( ret = mbedtls_ssl_resend_hello_request( ssl ) ) != 0 )
-                {
-                    MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend_hello_request",
-                                           ret );
-                    return( ret );
-                }
-
-                return( MBEDTLS_ERR_SSL_WANT_READ );
-            }
-#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */
-        }
-
-        if( ret < 0 )
-            return( ret );
-
-        ssl->in_left = ret;
-    }
-    else
-#endif
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %d, nb_want: %d",
-                       ssl->in_left, nb_want ) );
-
-        while( ssl->in_left < nb_want )
-        {
-            len = nb_want - ssl->in_left;
-
-            if( mbedtls_ssl_check_timer( ssl ) != 0 )
-                ret = MBEDTLS_ERR_SSL_TIMEOUT;
-            else
-            {
-                if( ssl->f_recv_timeout != NULL )
-                {
-                    ret = ssl->f_recv_timeout( ssl->p_bio,
-                                               ssl->in_hdr + ssl->in_left, len,
-                                               ssl->conf->read_timeout );
-                }
-                else
-                {
-                    ret = ssl->f_recv( ssl->p_bio,
-                                       ssl->in_hdr + ssl->in_left, len );
-                }
-            }
-
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %d, nb_want: %d",
-                                        ssl->in_left, nb_want ) );
-            MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_recv(_timeout)", ret );
-
-            if( ret == 0 )
-                return( MBEDTLS_ERR_SSL_CONN_EOF );
-
-            if( ret < 0 )
-                return( ret );
-
-            if ( (size_t)ret > len || ( INT_MAX > SIZE_MAX && ret > (int)SIZE_MAX ) )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1,
-                    ( "f_recv returned %d bytes but only %lu were requested",
-                    ret, (unsigned long)len ) );
-                return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-            }
-
-            ssl->in_left += ret;
-        }
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= fetch input" ) );
-
-    return( 0 );
-}
-
-/*
- * Flush any data not yet written
- */
-int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *buf;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> flush output" ) );
-
-    if( ssl->f_send == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Bad usage of mbedtls_ssl_set_bio() "
-                            "or mbedtls_ssl_set_bio()" ) );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    /* Avoid incrementing counter if data is flushed */
-    if( ssl->out_left == 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= flush output" ) );
-        return( 0 );
-    }
-
-    while( ssl->out_left > 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "message length: %d, out_left: %d",
-                       mbedtls_ssl_out_hdr_len( ssl ) + ssl->out_msglen, ssl->out_left ) );
-
-        buf = ssl->out_hdr - ssl->out_left;
-        ret = ssl->f_send( ssl->p_bio, buf, ssl->out_left );
-
-        MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_send", ret );
-
-        if( ret <= 0 )
-            return( ret );
-
-        if( (size_t)ret > ssl->out_left || ( INT_MAX > SIZE_MAX && ret > (int)SIZE_MAX ) )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1,
-                ( "f_send returned %d bytes but only %lu bytes were sent",
-                ret, (unsigned long)ssl->out_left ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-
-        ssl->out_left -= ret;
-    }
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        ssl->out_hdr = ssl->out_buf;
-    }
-    else
-#endif
-    {
-        ssl->out_hdr = ssl->out_buf + 8;
-    }
-    mbedtls_ssl_update_out_pointers( ssl, ssl->transform_out );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= flush output" ) );
-
-    return( 0 );
-}
-
-/*
- * Functions to handle the DTLS retransmission state machine
- */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-/*
- * Append current handshake message to current outgoing flight
- */
-static int ssl_flight_append( mbedtls_ssl_context *ssl )
-{
-    mbedtls_ssl_flight_item *msg;
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_flight_append" ) );
-    MBEDTLS_SSL_DEBUG_BUF( 4, "message appended to flight",
-                           ssl->out_msg, ssl->out_msglen );
-
-    /* Allocate space for current message */
-    if( ( msg = mbedtls_calloc( 1, sizeof(  mbedtls_ssl_flight_item ) ) ) == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc %d bytes failed",
-                            sizeof( mbedtls_ssl_flight_item ) ) );
-        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-    }
-
-    if( ( msg->p = mbedtls_calloc( 1, ssl->out_msglen ) ) == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc %d bytes failed", ssl->out_msglen ) );
-        mbedtls_free( msg );
-        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-    }
-
-    /* Copy current handshake message with headers */
-    memcpy( msg->p, ssl->out_msg, ssl->out_msglen );
-    msg->len = ssl->out_msglen;
-    msg->type = ssl->out_msgtype;
-    msg->next = NULL;
-
-    /* Append to the current flight */
-    if( ssl->handshake->flight == NULL )
-        ssl->handshake->flight = msg;
-    else
-    {
-        mbedtls_ssl_flight_item *cur = ssl->handshake->flight;
-        while( cur->next != NULL )
-            cur = cur->next;
-        cur->next = msg;
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_flight_append" ) );
-    return( 0 );
-}
-
-/*
- * Free the current flight of handshake messages
- */
-void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight )
-{
-    mbedtls_ssl_flight_item *cur = flight;
-    mbedtls_ssl_flight_item *next;
-
-    while( cur != NULL )
-    {
-        next = cur->next;
-
-        mbedtls_free( cur->p );
-        mbedtls_free( cur );
-
-        cur = next;
-    }
-}
-
-/*
- * Swap transform_out and out_ctr with the alternative ones
- */
-static int ssl_swap_epochs( mbedtls_ssl_context *ssl )
-{
-    mbedtls_ssl_transform *tmp_transform;
-    unsigned char tmp_out_ctr[8];
-
-    if( ssl->transform_out == ssl->handshake->alt_transform_out )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip swap epochs" ) );
-        return( 0 );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "swap epochs" ) );
-
-    /* Swap transforms */
-    tmp_transform                     = ssl->transform_out;
-    ssl->transform_out                = ssl->handshake->alt_transform_out;
-    ssl->handshake->alt_transform_out = tmp_transform;
-
-    /* Swap epoch + sequence_number */
-    memcpy( tmp_out_ctr,                 ssl->cur_out_ctr,            8 );
-    memcpy( ssl->cur_out_ctr,            ssl->handshake->alt_out_ctr, 8 );
-    memcpy( ssl->handshake->alt_out_ctr, tmp_out_ctr,                 8 );
-
-    /* Adjust to the newly activated transform */
-    mbedtls_ssl_update_out_pointers( ssl, ssl->transform_out );
-
-#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
-    if( mbedtls_ssl_hw_record_activate != NULL )
-    {
-        int ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND );
-        if( ret != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret );
-            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-        }
-    }
-#endif
-
-    return( 0 );
-}
-
-/*
- * Retransmit the current flight of messages.
- */
-int mbedtls_ssl_resend( mbedtls_ssl_context *ssl )
-{
-    int ret = 0;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_resend" ) );
-
-    ret = mbedtls_ssl_flight_transmit( ssl );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_resend" ) );
-
-    return( ret );
-}
-
-/*
- * Transmit or retransmit the current flight of messages.
- *
- * Need to remember the current message in case flush_output returns
- * WANT_WRITE, causing us to exit this function and come back later.
- * This function must be called until state is no longer SENDING.
- */
-int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_flight_transmit" ) );
-
-    if( ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialise flight transmission" ) );
-
-        ssl->handshake->cur_msg = ssl->handshake->flight;
-        ssl->handshake->cur_msg_p = ssl->handshake->flight->p + 12;
-        ret = ssl_swap_epochs( ssl );
-        if( ret != 0 )
-            return( ret );
-
-        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_SENDING;
-    }
-
-    while( ssl->handshake->cur_msg != NULL )
-    {
-        size_t max_frag_len;
-        const mbedtls_ssl_flight_item * const cur = ssl->handshake->cur_msg;
-
-        int const is_finished =
-            ( cur->type == MBEDTLS_SSL_MSG_HANDSHAKE &&
-              cur->p[0] == MBEDTLS_SSL_HS_FINISHED );
-
-        uint8_t const force_flush = ssl->disable_datagram_packing == 1 ?
-            SSL_FORCE_FLUSH : SSL_DONT_FORCE_FLUSH;
-
-        /* Swap epochs before sending Finished: we can't do it after
-         * sending ChangeCipherSpec, in case write returns WANT_READ.
-         * Must be done before copying, may change out_msg pointer */
-        if( is_finished && ssl->handshake->cur_msg_p == ( cur->p + 12 ) )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "swap epochs to send finished message" ) );
-            ret = ssl_swap_epochs( ssl );
-            if( ret != 0 )
-                return( ret );
-        }
-
-        ret = ssl_get_remaining_payload_in_datagram( ssl );
-        if( ret < 0 )
-            return( ret );
-        max_frag_len = (size_t) ret;
-
-        /* CCS is copied as is, while HS messages may need fragmentation */
-        if( cur->type == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC )
-        {
-            if( max_frag_len == 0 )
-            {
-                if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
-                    return( ret );
-
-                continue;
-            }
-
-            memcpy( ssl->out_msg, cur->p, cur->len );
-            ssl->out_msglen  = cur->len;
-            ssl->out_msgtype = cur->type;
-
-            /* Update position inside current message */
-            ssl->handshake->cur_msg_p += cur->len;
-        }
-        else
-        {
-            const unsigned char * const p = ssl->handshake->cur_msg_p;
-            const size_t hs_len = cur->len - 12;
-            const size_t frag_off = p - ( cur->p + 12 );
-            const size_t rem_len = hs_len - frag_off;
-            size_t cur_hs_frag_len, max_hs_frag_len;
-
-            if( ( max_frag_len < 12 ) || ( max_frag_len == 12 && hs_len != 0 ) )
-            {
-                if( is_finished )
-                {
-                    ret = ssl_swap_epochs( ssl );
-                    if( ret != 0 )
-                        return( ret );
-                }
-
-                if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
-                    return( ret );
-
-                continue;
-            }
-            max_hs_frag_len = max_frag_len - 12;
-
-            cur_hs_frag_len = rem_len > max_hs_frag_len ?
-                max_hs_frag_len : rem_len;
-
-            if( frag_off == 0 && cur_hs_frag_len != hs_len )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 2, ( "fragmenting handshake message (%u > %u)",
-                                            (unsigned) cur_hs_frag_len,
-                                            (unsigned) max_hs_frag_len ) );
-            }
-
-            /* Messages are stored with handshake headers as if not fragmented,
-             * copy beginning of headers then fill fragmentation fields.
-             * Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */
-            memcpy( ssl->out_msg, cur->p, 6 );
-
-            ssl->out_msg[6] = ( ( frag_off >> 16 ) & 0xff );
-            ssl->out_msg[7] = ( ( frag_off >>  8 ) & 0xff );
-            ssl->out_msg[8] = ( ( frag_off       ) & 0xff );
-
-            ssl->out_msg[ 9] = ( ( cur_hs_frag_len >> 16 ) & 0xff );
-            ssl->out_msg[10] = ( ( cur_hs_frag_len >>  8 ) & 0xff );
-            ssl->out_msg[11] = ( ( cur_hs_frag_len       ) & 0xff );
-
-            MBEDTLS_SSL_DEBUG_BUF( 3, "handshake header", ssl->out_msg, 12 );
-
-            /* Copy the handshake message content and set records fields */
-            memcpy( ssl->out_msg + 12, p, cur_hs_frag_len );
-            ssl->out_msglen = cur_hs_frag_len + 12;
-            ssl->out_msgtype = cur->type;
-
-            /* Update position inside current message */
-            ssl->handshake->cur_msg_p += cur_hs_frag_len;
-        }
-
-        /* If done with the current message move to the next one if any */
-        if( ssl->handshake->cur_msg_p >= cur->p + cur->len )
-        {
-            if( cur->next != NULL )
-            {
-                ssl->handshake->cur_msg = cur->next;
-                ssl->handshake->cur_msg_p = cur->next->p + 12;
-            }
-            else
-            {
-                ssl->handshake->cur_msg = NULL;
-                ssl->handshake->cur_msg_p = NULL;
-            }
-        }
-
-        /* Actually send the message out */
-        if( ( ret = mbedtls_ssl_write_record( ssl, force_flush ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
-            return( ret );
-        }
-    }
-
-    if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
-        return( ret );
-
-    /* Update state and set timer */
-    if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER )
-        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED;
-    else
-    {
-        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING;
-        mbedtls_ssl_set_timer( ssl, ssl->handshake->retransmit_timeout );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_flight_transmit" ) );
-
-    return( 0 );
-}
-
-/*
- * To be called when the last message of an incoming flight is received.
- */
-void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl )
-{
-    /* We won't need to resend that one any more */
-    mbedtls_ssl_flight_free( ssl->handshake->flight );
-    ssl->handshake->flight = NULL;
-    ssl->handshake->cur_msg = NULL;
-
-    /* The next incoming flight will start with this msg_seq */
-    ssl->handshake->in_flight_start_seq = ssl->handshake->in_msg_seq;
-
-    /* We don't want to remember CCS's across flight boundaries. */
-    ssl->handshake->buffering.seen_ccs = 0;
-
-    /* Clear future message buffering structure. */
-    mbedtls_ssl_buffering_free( ssl );
-
-    /* Cancel timer */
-    mbedtls_ssl_set_timer( ssl, 0 );
-
-    if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
-        ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED )
-    {
-        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED;
-    }
-    else
-        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING;
-}
-
-/*
- * To be called when the last message of an outgoing flight is send.
- */
-void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl )
-{
-    ssl_reset_retransmit_timeout( ssl );
-    mbedtls_ssl_set_timer( ssl, ssl->handshake->retransmit_timeout );
-
-    if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
-        ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED )
-    {
-        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED;
-    }
-    else
-        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING;
-}
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-/*
- * Handshake layer functions
- */
-
-/*
- * Write (DTLS: or queue) current handshake (including CCS) message.
- *
- *  - fill in handshake headers
- *  - update handshake checksum
- *  - DTLS: save message for resending
- *  - then pass to the record layer
- *
- * DTLS: except for HelloRequest, messages are only queued, and will only be
- * actually sent when calling flight_transmit() or resend().
- *
- * Inputs:
- *  - ssl->out_msglen: 4 + actual handshake message len
- *      (4 is the size of handshake headers for TLS)
- *  - ssl->out_msg[0]: the handshake type (ClientHello, ServerHello, etc)
- *  - ssl->out_msg + 4: the handshake message body
- *
- * Outputs, ie state before passing to flight_append() or write_record():
- *   - ssl->out_msglen: the length of the record contents
- *      (including handshake headers but excluding record headers)
- *   - ssl->out_msg: the record contents (handshake headers + content)
- */
-int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const size_t hs_len = ssl->out_msglen - 4;
-    const unsigned char hs_type = ssl->out_msg[0];
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write handshake message" ) );
-
-    /*
-     * Sanity checks
-     */
-    if( ssl->out_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE          &&
-        ssl->out_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC )
-    {
-        /* In SSLv3, the client might send a NoCertificate alert. */
-#if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_CLI_C)
-        if( ! ( ssl->minor_ver      == MBEDTLS_SSL_MINOR_VERSION_0 &&
-                ssl->out_msgtype    == MBEDTLS_SSL_MSG_ALERT       &&
-                ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) )
-#endif /* MBEDTLS_SSL_PROTO_SSL3 && MBEDTLS_SSL_SRV_C */
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-    }
-
-    /* Whenever we send anything different from a
-     * HelloRequest we should be in a handshake - double check. */
-    if( ! ( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
-            hs_type          == MBEDTLS_SSL_HS_HELLO_REQUEST ) &&
-        ssl->handshake == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-        ssl->handshake != NULL &&
-        ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-#endif
-
-    /* Double-check that we did not exceed the bounds
-     * of the outgoing record buffer.
-     * This should never fail as the various message
-     * writing functions must obey the bounds of the
-     * outgoing record buffer, but better be safe.
-     *
-     * Note: We deliberately do not check for the MTU or MFL here.
-     */
-    if( ssl->out_msglen > MBEDTLS_SSL_OUT_CONTENT_LEN )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Record too large: "
-                                    "size %u, maximum %u",
-                                    (unsigned) ssl->out_msglen,
-                                    (unsigned) MBEDTLS_SSL_OUT_CONTENT_LEN ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    /*
-     * Fill handshake headers
-     */
-    if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE )
-    {
-        ssl->out_msg[1] = (unsigned char)( hs_len >> 16 );
-        ssl->out_msg[2] = (unsigned char)( hs_len >>  8 );
-        ssl->out_msg[3] = (unsigned char)( hs_len       );
-
-        /*
-         * DTLS has additional fields in the Handshake layer,
-         * between the length field and the actual payload:
-         *      uint16 message_seq;
-         *      uint24 fragment_offset;
-         *      uint24 fragment_length;
-         */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-        if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        {
-            /* Make room for the additional DTLS fields */
-            if( MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen < 8 )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS handshake message too large: "
-                              "size %u, maximum %u",
-                               (unsigned) ( hs_len ),
-                               (unsigned) ( MBEDTLS_SSL_OUT_CONTENT_LEN - 12 ) ) );
-                return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-            }
-
-            memmove( ssl->out_msg + 12, ssl->out_msg + 4, hs_len );
-            ssl->out_msglen += 8;
-
-            /* Write message_seq and update it, except for HelloRequest */
-            if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
-            {
-                ssl->out_msg[4] = ( ssl->handshake->out_msg_seq >> 8 ) & 0xFF;
-                ssl->out_msg[5] = ( ssl->handshake->out_msg_seq      ) & 0xFF;
-                ++( ssl->handshake->out_msg_seq );
-            }
-            else
-            {
-                ssl->out_msg[4] = 0;
-                ssl->out_msg[5] = 0;
-            }
-
-            /* Handshake hashes are computed without fragmentation,
-             * so set frag_offset = 0 and frag_len = hs_len for now */
-            memset( ssl->out_msg + 6, 0x00, 3 );
-            memcpy( ssl->out_msg + 9, ssl->out_msg + 1, 3 );
-        }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-        /* Update running hashes of handshake messages seen */
-        if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
-            ssl->handshake->update_checksum( ssl, ssl->out_msg, ssl->out_msglen );
-    }
-
-    /* Either send now, or just save to be sent (and resent) later */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-        ! ( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
-            hs_type          == MBEDTLS_SSL_HS_HELLO_REQUEST ) )
-    {
-        if( ( ret = ssl_flight_append( ssl ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "ssl_flight_append", ret );
-            return( ret );
-        }
-    }
-    else
-#endif
-    {
-        if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_record", ret );
-            return( ret );
-        }
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write handshake message" ) );
-
-    return( 0 );
-}
-
-/*
- * Record layer functions
- */
-
-/*
- * Write current record.
- *
- * Uses:
- *  - ssl->out_msgtype: type of the message (AppData, Handshake, Alert, CCS)
- *  - ssl->out_msglen: length of the record content (excl headers)
- *  - ssl->out_msg: record content
- */
-int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush )
-{
-    int ret, done = 0;
-    size_t len = ssl->out_msglen;
-    uint8_t flush = force_flush;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write record" ) );
-
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-    if( ssl->transform_out != NULL &&
-        ssl->session_out->compression == MBEDTLS_SSL_COMPRESS_DEFLATE )
-    {
-        if( ( ret = ssl_compress_buf( ssl ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "ssl_compress_buf", ret );
-            return( ret );
-        }
-
-        len = ssl->out_msglen;
-    }
-#endif /*MBEDTLS_ZLIB_SUPPORT */
-
-#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
-    if( mbedtls_ssl_hw_record_write != NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_write()" ) );
-
-        ret = mbedtls_ssl_hw_record_write( ssl );
-        if( ret != 0 && ret != MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_write", ret );
-            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-        }
-
-        if( ret == 0 )
-            done = 1;
-    }
-#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
-    if( !done )
-    {
-        unsigned i;
-        size_t protected_record_size;
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-        size_t out_buf_len = ssl->out_buf_len;
-#else
-        size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN;
-#endif
-        /* Skip writing the record content type to after the encryption,
-         * as it may change when using the CID extension. */
-
-        mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
-                           ssl->conf->transport, ssl->out_hdr + 1 );
-
-        memcpy( ssl->out_ctr, ssl->cur_out_ctr, 8 );
-        ssl->out_len[0] = (unsigned char)( len >> 8 );
-        ssl->out_len[1] = (unsigned char)( len      );
-
-        if( ssl->transform_out != NULL )
-        {
-            mbedtls_record rec;
-
-            rec.buf         = ssl->out_iv;
-            rec.buf_len     = out_buf_len - ( ssl->out_iv - ssl->out_buf );
-            rec.data_len    = ssl->out_msglen;
-            rec.data_offset = ssl->out_msg - rec.buf;
-
-            memcpy( &rec.ctr[0], ssl->out_ctr, 8 );
-            mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
-                                       ssl->conf->transport, rec.ver );
-            rec.type = ssl->out_msgtype;
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-            /* The CID is set by mbedtls_ssl_encrypt_buf(). */
-            rec.cid_len = 0;
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-            if( ( ret = mbedtls_ssl_encrypt_buf( ssl, ssl->transform_out, &rec,
-                                         ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
-            {
-                MBEDTLS_SSL_DEBUG_RET( 1, "ssl_encrypt_buf", ret );
-                return( ret );
-            }
-
-            if( rec.data_offset != 0 )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-                return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-            }
-
-            /* Update the record content type and CID. */
-            ssl->out_msgtype = rec.type;
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID )
-            memcpy( ssl->out_cid, rec.cid, rec.cid_len );
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-            ssl->out_msglen = len = rec.data_len;
-            ssl->out_len[0] = (unsigned char)( rec.data_len >> 8 );
-            ssl->out_len[1] = (unsigned char)( rec.data_len      );
-        }
-
-        protected_record_size = len + mbedtls_ssl_out_hdr_len( ssl );
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-        /* In case of DTLS, double-check that we don't exceed
-         * the remaining space in the datagram. */
-        if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        {
-            ret = ssl_get_remaining_space_in_datagram( ssl );
-            if( ret < 0 )
-                return( ret );
-
-            if( protected_record_size > (size_t) ret )
-            {
-                /* Should never happen */
-                return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-            }
-        }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-        /* Now write the potentially updated record content type. */
-        ssl->out_hdr[0] = (unsigned char) ssl->out_msgtype;
-
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "output record: msgtype = %d, "
-                                    "version = [%d:%d], msglen = %d",
-                                    ssl->out_hdr[0], ssl->out_hdr[1],
-                                    ssl->out_hdr[2], len ) );
-
-        MBEDTLS_SSL_DEBUG_BUF( 4, "output record sent to network",
-                               ssl->out_hdr, protected_record_size );
-
-        ssl->out_left += protected_record_size;
-        ssl->out_hdr  += protected_record_size;
-        mbedtls_ssl_update_out_pointers( ssl, ssl->transform_out );
-
-        for( i = 8; i > mbedtls_ssl_ep_len( ssl ); i-- )
-            if( ++ssl->cur_out_ctr[i - 1] != 0 )
-                break;
-
-        /* The loop goes to its end iff the counter is wrapping */
-        if( i == mbedtls_ssl_ep_len( ssl ) )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "outgoing message counter would wrap" ) );
-            return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING );
-        }
-    }
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-        flush == SSL_DONT_FORCE_FLUSH )
-    {
-        size_t remaining;
-        ret = ssl_get_remaining_payload_in_datagram( ssl );
-        if( ret < 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "ssl_get_remaining_payload_in_datagram",
-                                   ret );
-            return( ret );
-        }
-
-        remaining = (size_t) ret;
-        if( remaining == 0 )
-        {
-            flush = SSL_FORCE_FLUSH;
-        }
-        else
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "Still %u bytes available in current datagram", (unsigned) remaining ) );
-        }
-    }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-    if( ( flush == SSL_FORCE_FLUSH ) &&
-        ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flush_output", ret );
-        return( ret );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write record" ) );
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-
-static int ssl_hs_is_proper_fragment( mbedtls_ssl_context *ssl )
-{
-    if( ssl->in_msglen < ssl->in_hslen ||
-        memcmp( ssl->in_msg + 6, "\0\0\0",        3 ) != 0 ||
-        memcmp( ssl->in_msg + 9, ssl->in_msg + 1, 3 ) != 0 )
-    {
-        return( 1 );
-    }
-    return( 0 );
-}
-
-static uint32_t ssl_get_hs_frag_len( mbedtls_ssl_context const *ssl )
-{
-    return( ( ssl->in_msg[9] << 16  ) |
-            ( ssl->in_msg[10] << 8  ) |
-              ssl->in_msg[11] );
-}
-
-static uint32_t ssl_get_hs_frag_off( mbedtls_ssl_context const *ssl )
-{
-    return( ( ssl->in_msg[6] << 16 ) |
-            ( ssl->in_msg[7] << 8  ) |
-              ssl->in_msg[8] );
-}
-
-static int ssl_check_hs_header( mbedtls_ssl_context const *ssl )
-{
-    uint32_t msg_len, frag_off, frag_len;
-
-    msg_len  = ssl_get_hs_total_len( ssl );
-    frag_off = ssl_get_hs_frag_off( ssl );
-    frag_len = ssl_get_hs_frag_len( ssl );
-
-    if( frag_off > msg_len )
-        return( -1 );
-
-    if( frag_len > msg_len - frag_off )
-        return( -1 );
-
-    if( frag_len + 12 > ssl->in_msglen )
-        return( -1 );
-
-    return( 0 );
-}
-
-/*
- * Mark bits in bitmask (used for DTLS HS reassembly)
- */
-static void ssl_bitmask_set( unsigned char *mask, size_t offset, size_t len )
-{
-    unsigned int start_bits, end_bits;
-
-    start_bits = 8 - ( offset % 8 );
-    if( start_bits != 8 )
-    {
-        size_t first_byte_idx = offset / 8;
-
-        /* Special case */
-        if( len <= start_bits )
-        {
-            for( ; len != 0; len-- )
-                mask[first_byte_idx] |= 1 << ( start_bits - len );
-
-            /* Avoid potential issues with offset or len becoming invalid */
-            return;
-        }
-
-        offset += start_bits; /* Now offset % 8 == 0 */
-        len -= start_bits;
-
-        for( ; start_bits != 0; start_bits-- )
-            mask[first_byte_idx] |= 1 << ( start_bits - 1 );
-    }
-
-    end_bits = len % 8;
-    if( end_bits != 0 )
-    {
-        size_t last_byte_idx = ( offset + len ) / 8;
-
-        len -= end_bits; /* Now len % 8 == 0 */
-
-        for( ; end_bits != 0; end_bits-- )
-            mask[last_byte_idx] |= 1 << ( 8 - end_bits );
-    }
-
-    memset( mask + offset / 8, 0xFF, len / 8 );
-}
-
-/*
- * Check that bitmask is full
- */
-static int ssl_bitmask_check( unsigned char *mask, size_t len )
-{
-    size_t i;
-
-    for( i = 0; i < len / 8; i++ )
-        if( mask[i] != 0xFF )
-            return( -1 );
-
-    for( i = 0; i < len % 8; i++ )
-        if( ( mask[len / 8] & ( 1 << ( 7 - i ) ) ) == 0 )
-            return( -1 );
-
-    return( 0 );
-}
-
-/* msg_len does not include the handshake header */
-static size_t ssl_get_reassembly_buffer_size( size_t msg_len,
-                                              unsigned add_bitmap )
-{
-    size_t alloc_len;
-
-    alloc_len  = 12;                                 /* Handshake header */
-    alloc_len += msg_len;                            /* Content buffer   */
-
-    if( add_bitmap )
-        alloc_len += msg_len / 8 + ( msg_len % 8 != 0 ); /* Bitmap       */
-
-    return( alloc_len );
-}
-
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context const *ssl )
-{
-    return( ( ssl->in_msg[1] << 16 ) |
-            ( ssl->in_msg[2] << 8  ) |
-              ssl->in_msg[3] );
-}
-
-int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl )
-{
-    if( ssl->in_msglen < mbedtls_ssl_hs_hdr_len( ssl ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake message too short: %d",
-                            ssl->in_msglen ) );
-        return( MBEDTLS_ERR_SSL_INVALID_RECORD );
-    }
-
-    ssl->in_hslen = mbedtls_ssl_hs_hdr_len( ssl ) + ssl_get_hs_total_len( ssl );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "handshake message: msglen ="
-                        " %d, type = %d, hslen = %d",
-                        ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen ) );
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-        unsigned int recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5];
-
-        if( ssl_check_hs_header( ssl ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid handshake header" ) );
-            return( MBEDTLS_ERR_SSL_INVALID_RECORD );
-        }
-
-        if( ssl->handshake != NULL &&
-            ( ( ssl->state   != MBEDTLS_SSL_HANDSHAKE_OVER &&
-                recv_msg_seq != ssl->handshake->in_msg_seq ) ||
-              ( ssl->state  == MBEDTLS_SSL_HANDSHAKE_OVER &&
-                ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) ) )
-        {
-            if( recv_msg_seq > ssl->handshake->in_msg_seq )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 2, ( "received future handshake message of sequence number %u (next %u)",
-                                            recv_msg_seq,
-                                            ssl->handshake->in_msg_seq ) );
-                return( MBEDTLS_ERR_SSL_EARLY_MESSAGE );
-            }
-
-            /* Retransmit only on last message from previous flight, to avoid
-             * too many retransmissions.
-             * Besides, No sane server ever retransmits HelloVerifyRequest */
-            if( recv_msg_seq == ssl->handshake->in_flight_start_seq - 1 &&
-                ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 2, ( "received message from last flight, "
-                                    "message_seq = %d, start_of_flight = %d",
-                                    recv_msg_seq,
-                                    ssl->handshake->in_flight_start_seq ) );
-
-                if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 )
-                {
-                    MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend", ret );
-                    return( ret );
-                }
-            }
-            else
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 2, ( "dropping out-of-sequence message: "
-                                    "message_seq = %d, expected = %d",
-                                    recv_msg_seq,
-                                    ssl->handshake->in_msg_seq ) );
-            }
-
-            return( MBEDTLS_ERR_SSL_CONTINUE_PROCESSING );
-        }
-        /* Wait until message completion to increment in_msg_seq */
-
-        /* Message reassembly is handled alongside buffering of future
-         * messages; the commonality is that both handshake fragments and
-         * future messages cannot be forwarded immediately to the
-         * handshake logic layer. */
-        if( ssl_hs_is_proper_fragment( ssl ) == 1 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "found fragmented DTLS handshake message" ) );
-            return( MBEDTLS_ERR_SSL_EARLY_MESSAGE );
-        }
-    }
-    else
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-    /* With TLS we don't handle fragmentation (for now) */
-    if( ssl->in_msglen < ssl->in_hslen )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLS handshake fragmentation not supported" ) );
-        return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-    }
-
-    return( 0 );
-}
-
-void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl )
-{
-    mbedtls_ssl_handshake_params * const hs = ssl->handshake;
-
-    if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && hs != NULL )
-    {
-        ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen );
-    }
-
-    /* Handshake message is complete, increment counter */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-        ssl->handshake != NULL )
-    {
-        unsigned offset;
-        mbedtls_ssl_hs_buffer *hs_buf;
-
-        /* Increment handshake sequence number */
-        hs->in_msg_seq++;
-
-        /*
-         * Clear up handshake buffering and reassembly structure.
-         */
-
-        /* Free first entry */
-        ssl_buffering_free_slot( ssl, 0 );
-
-        /* Shift all other entries */
-        for( offset = 0, hs_buf = &hs->buffering.hs[0];
-             offset + 1 < MBEDTLS_SSL_MAX_BUFFERED_HS;
-             offset++, hs_buf++ )
-        {
-            *hs_buf = *(hs_buf + 1);
-        }
-
-        /* Create a fresh last entry */
-        memset( hs_buf, 0, sizeof( mbedtls_ssl_hs_buffer ) );
-    }
-#endif
-}
-
-/*
- * DTLS anti-replay: RFC 6347 4.1.2.6
- *
- * in_window is a field of bits numbered from 0 (lsb) to 63 (msb).
- * Bit n is set iff record number in_window_top - n has been seen.
- *
- * Usually, in_window_top is the last record number seen and the lsb of
- * in_window is set. The only exception is the initial state (record number 0
- * not seen yet).
- */
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-void mbedtls_ssl_dtls_replay_reset( mbedtls_ssl_context *ssl )
-{
-    ssl->in_window_top = 0;
-    ssl->in_window = 0;
-}
-
-static inline uint64_t ssl_load_six_bytes( unsigned char *buf )
-{
-    return( ( (uint64_t) buf[0] << 40 ) |
-            ( (uint64_t) buf[1] << 32 ) |
-            ( (uint64_t) buf[2] << 24 ) |
-            ( (uint64_t) buf[3] << 16 ) |
-            ( (uint64_t) buf[4] <<  8 ) |
-            ( (uint64_t) buf[5]       ) );
-}
-
-static int mbedtls_ssl_dtls_record_replay_check( mbedtls_ssl_context *ssl, uint8_t *record_in_ctr )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *original_in_ctr;
-
-    // save original in_ctr
-    original_in_ctr = ssl->in_ctr;
-
-    // use counter from record
-    ssl->in_ctr = record_in_ctr;
-
-    ret = mbedtls_ssl_dtls_replay_check( (mbedtls_ssl_context const *) ssl );
-
-    // restore the counter
-    ssl->in_ctr = original_in_ctr;
-
-    return ret;
-}
-
-/*
- * Return 0 if sequence number is acceptable, -1 otherwise
- */
-int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context const *ssl )
-{
-    uint64_t rec_seqnum = ssl_load_six_bytes( ssl->in_ctr + 2 );
-    uint64_t bit;
-
-    if( ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED )
-        return( 0 );
-
-    if( rec_seqnum > ssl->in_window_top )
-        return( 0 );
-
-    bit = ssl->in_window_top - rec_seqnum;
-
-    if( bit >= 64 )
-        return( -1 );
-
-    if( ( ssl->in_window & ( (uint64_t) 1 << bit ) ) != 0 )
-        return( -1 );
-
-    return( 0 );
-}
-
-/*
- * Update replay window on new validated record
- */
-void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl )
-{
-    uint64_t rec_seqnum = ssl_load_six_bytes( ssl->in_ctr + 2 );
-
-    if( ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED )
-        return;
-
-    if( rec_seqnum > ssl->in_window_top )
-    {
-        /* Update window_top and the contents of the window */
-        uint64_t shift = rec_seqnum - ssl->in_window_top;
-
-        if( shift >= 64 )
-            ssl->in_window = 1;
-        else
-        {
-            ssl->in_window <<= shift;
-            ssl->in_window |= 1;
-        }
-
-        ssl->in_window_top = rec_seqnum;
-    }
-    else
-    {
-        /* Mark that number as seen in the current window */
-        uint64_t bit = ssl->in_window_top - rec_seqnum;
-
-        if( bit < 64 ) /* Always true, but be extra sure */
-            ssl->in_window |= (uint64_t) 1 << bit;
-    }
-}
-#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
-
-#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C)
-/*
- * Without any SSL context, check if a datagram looks like a ClientHello with
- * a valid cookie, and if it doesn't, generate a HelloVerifyRequest message.
- * Both input and output include full DTLS headers.
- *
- * - if cookie is valid, return 0
- * - if ClientHello looks superficially valid but cookie is not,
- *   fill obuf and set olen, then
- *   return MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED
- * - otherwise return a specific error code
- */
-static int ssl_check_dtls_clihlo_cookie(
-                           mbedtls_ssl_cookie_write_t *f_cookie_write,
-                           mbedtls_ssl_cookie_check_t *f_cookie_check,
-                           void *p_cookie,
-                           const unsigned char *cli_id, size_t cli_id_len,
-                           const unsigned char *in, size_t in_len,
-                           unsigned char *obuf, size_t buf_len, size_t *olen )
-{
-    size_t sid_len, cookie_len;
-    unsigned char *p;
-
-    /*
-     * Structure of ClientHello with record and handshake headers,
-     * and expected values. We don't need to check a lot, more checks will be
-     * done when actually parsing the ClientHello - skipping those checks
-     * avoids code duplication and does not make cookie forging any easier.
-     *
-     *  0-0  ContentType type;                  copied, must be handshake
-     *  1-2  ProtocolVersion version;           copied
-     *  3-4  uint16 epoch;                      copied, must be 0
-     *  5-10 uint48 sequence_number;            copied
-     * 11-12 uint16 length;                     (ignored)
-     *
-     * 13-13 HandshakeType msg_type;            (ignored)
-     * 14-16 uint24 length;                     (ignored)
-     * 17-18 uint16 message_seq;                copied
-     * 19-21 uint24 fragment_offset;            copied, must be 0
-     * 22-24 uint24 fragment_length;            (ignored)
-     *
-     * 25-26 ProtocolVersion client_version;    (ignored)
-     * 27-58 Random random;                     (ignored)
-     * 59-xx SessionID session_id;              1 byte len + sid_len content
-     * 60+   opaque cookie<0..2^8-1>;           1 byte len + content
-     *       ...
-     *
-     * Minimum length is 61 bytes.
-     */
-    if( in_len < 61 ||
-        in[0] != MBEDTLS_SSL_MSG_HANDSHAKE ||
-        in[3] != 0 || in[4] != 0 ||
-        in[19] != 0 || in[20] != 0 || in[21] != 0 )
-    {
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    sid_len = in[59];
-    if( sid_len > in_len - 61 )
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-
-    cookie_len = in[60 + sid_len];
-    if( cookie_len > in_len - 60 )
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-
-    if( f_cookie_check( p_cookie, in + sid_len + 61, cookie_len,
-                        cli_id, cli_id_len ) == 0 )
-    {
-        /* Valid cookie */
-        return( 0 );
-    }
-
-    /*
-     * If we get here, we've got an invalid cookie, let's prepare HVR.
-     *
-     *  0-0  ContentType type;                  copied
-     *  1-2  ProtocolVersion version;           copied
-     *  3-4  uint16 epoch;                      copied
-     *  5-10 uint48 sequence_number;            copied
-     * 11-12 uint16 length;                     olen - 13
-     *
-     * 13-13 HandshakeType msg_type;            hello_verify_request
-     * 14-16 uint24 length;                     olen - 25
-     * 17-18 uint16 message_seq;                copied
-     * 19-21 uint24 fragment_offset;            copied
-     * 22-24 uint24 fragment_length;            olen - 25
-     *
-     * 25-26 ProtocolVersion server_version;    0xfe 0xff
-     * 27-27 opaque cookie<0..2^8-1>;           cookie_len = olen - 27, cookie
-     *
-     * Minimum length is 28.
-     */
-    if( buf_len < 28 )
-        return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-
-    /* Copy most fields and adapt others */
-    memcpy( obuf, in, 25 );
-    obuf[13] = MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST;
-    obuf[25] = 0xfe;
-    obuf[26] = 0xff;
-
-    /* Generate and write actual cookie */
-    p = obuf + 28;
-    if( f_cookie_write( p_cookie,
-                        &p, obuf + buf_len, cli_id, cli_id_len ) != 0 )
-    {
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    *olen = p - obuf;
-
-    /* Go back and fill length fields */
-    obuf[27] = (unsigned char)( *olen - 28 );
-
-    obuf[14] = obuf[22] = (unsigned char)( ( *olen - 25 ) >> 16 );
-    obuf[15] = obuf[23] = (unsigned char)( ( *olen - 25 ) >>  8 );
-    obuf[16] = obuf[24] = (unsigned char)( ( *olen - 25 )       );
-
-    obuf[11] = (unsigned char)( ( *olen - 13 ) >>  8 );
-    obuf[12] = (unsigned char)( ( *olen - 13 )       );
-
-    return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED );
-}
-
-/*
- * Handle possible client reconnect with the same UDP quadruplet
- * (RFC 6347 Section 4.2.8).
- *
- * Called by ssl_parse_record_header() in case we receive an epoch 0 record
- * that looks like a ClientHello.
- *
- * - if the input looks like a ClientHello without cookies,
- *   send back HelloVerifyRequest, then return 0
- * - if the input looks like a ClientHello with a valid cookie,
- *   reset the session of the current context, and
- *   return MBEDTLS_ERR_SSL_CLIENT_RECONNECT
- * - if anything goes wrong, return a specific error code
- *
- * This function is called (through ssl_check_client_reconnect()) when an
- * unexpected record is found in ssl_get_next_record(), which will discard the
- * record if we return 0, and bubble up the return value otherwise (this
- * includes the case of MBEDTLS_ERR_SSL_CLIENT_RECONNECT and of unexpected
- * errors, and is the right thing to do in both cases).
- */
-static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-
-    if( ssl->conf->f_cookie_write == NULL ||
-        ssl->conf->f_cookie_check == NULL )
-    {
-        /* If we can't use cookies to verify reachability of the peer,
-         * drop the record. */
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "no cookie callbacks, "
-                                    "can't check reconnect validity" ) );
-        return( 0 );
-    }
-
-    ret = ssl_check_dtls_clihlo_cookie(
-            ssl->conf->f_cookie_write,
-            ssl->conf->f_cookie_check,
-            ssl->conf->p_cookie,
-            ssl->cli_id, ssl->cli_id_len,
-            ssl->in_buf, ssl->in_left,
-            ssl->out_buf, MBEDTLS_SSL_OUT_CONTENT_LEN, &len );
-
-    MBEDTLS_SSL_DEBUG_RET( 2, "ssl_check_dtls_clihlo_cookie", ret );
-
-    if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED )
-    {
-        int send_ret;
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "sending HelloVerifyRequest" ) );
-        MBEDTLS_SSL_DEBUG_BUF( 4, "output record sent to network",
-                                  ssl->out_buf, len );
-        /* Don't check write errors as we can't do anything here.
-         * If the error is permanent we'll catch it later,
-         * if it's not, then hopefully it'll work next time. */
-        send_ret = ssl->f_send( ssl->p_bio, ssl->out_buf, len );
-        MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_send", send_ret );
-        (void) send_ret;
-
-        return( 0 );
-    }
-
-    if( ret == 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "cookie is valid, resetting context" ) );
-        if( ( ret = mbedtls_ssl_session_reset_int( ssl, 1 ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "reset", ret );
-            return( ret );
-        }
-
-        return( MBEDTLS_ERR_SSL_CLIENT_RECONNECT );
-    }
-
-    return( ret );
-}
-#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */
-
-static int ssl_check_record_type( uint8_t record_type )
-{
-    if( record_type != MBEDTLS_SSL_MSG_HANDSHAKE &&
-        record_type != MBEDTLS_SSL_MSG_ALERT &&
-        record_type != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC &&
-        record_type != MBEDTLS_SSL_MSG_APPLICATION_DATA )
-    {
-        return( MBEDTLS_ERR_SSL_INVALID_RECORD );
-    }
-
-    return( 0 );
-}
-
-/*
- * ContentType type;
- * ProtocolVersion version;
- * uint16 epoch;            // DTLS only
- * uint48 sequence_number;  // DTLS only
- * uint16 length;
- *
- * Return 0 if header looks sane (and, for DTLS, the record is expected)
- * MBEDTLS_ERR_SSL_INVALID_RECORD if the header looks bad,
- * MBEDTLS_ERR_SSL_UNEXPECTED_RECORD (DTLS only) if sane but unexpected.
- *
- * With DTLS, mbedtls_ssl_read_record() will:
- * 1. proceed with the record if this function returns 0
- * 2. drop only the current record if this function returns UNEXPECTED_RECORD
- * 3. return CLIENT_RECONNECT if this function return that value
- * 4. drop the whole datagram if this function returns anything else.
- * Point 2 is needed when the peer is resending, and we have already received
- * the first record from a datagram but are still waiting for the others.
- */
-static int ssl_parse_record_header( mbedtls_ssl_context const *ssl,
-                                    unsigned char *buf,
-                                    size_t len,
-                                    mbedtls_record *rec )
-{
-    int major_ver, minor_ver;
-
-    size_t const rec_hdr_type_offset    = 0;
-    size_t const rec_hdr_type_len       = 1;
-
-    size_t const rec_hdr_version_offset = rec_hdr_type_offset +
-                                          rec_hdr_type_len;
-    size_t const rec_hdr_version_len    = 2;
-
-    size_t const rec_hdr_ctr_len        = 8;
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    uint32_t     rec_epoch;
-    size_t const rec_hdr_ctr_offset     = rec_hdr_version_offset +
-                                          rec_hdr_version_len;
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    size_t const rec_hdr_cid_offset     = rec_hdr_ctr_offset +
-                                          rec_hdr_ctr_len;
-    size_t       rec_hdr_cid_len        = 0;
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-    size_t       rec_hdr_len_offset; /* To be determined */
-    size_t const rec_hdr_len_len    = 2;
-
-    /*
-     * Check minimum lengths for record header.
-     */
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        rec_hdr_len_offset = rec_hdr_ctr_offset + rec_hdr_ctr_len;
-    }
-    else
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-    {
-        rec_hdr_len_offset = rec_hdr_version_offset + rec_hdr_version_len;
-    }
-
-    if( len < rec_hdr_len_offset + rec_hdr_len_len )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "datagram of length %u too small to hold DTLS record header of length %u",
-                 (unsigned) len,
-                 (unsigned)( rec_hdr_len_len + rec_hdr_len_len ) ) );
-        return( MBEDTLS_ERR_SSL_INVALID_RECORD );
-    }
-
-    /*
-     * Parse and validate record content type
-     */
-
-    rec->type = buf[ rec_hdr_type_offset ];
-
-    /* Check record content type */
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    rec->cid_len = 0;
-
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-        ssl->conf->cid_len != 0                                &&
-        rec->type == MBEDTLS_SSL_MSG_CID )
-    {
-        /* Shift pointers to account for record header including CID
-         * struct {
-         *   ContentType special_type = tls12_cid;
-         *   ProtocolVersion version;
-         *   uint16 epoch;
-         *   uint48 sequence_number;
-         *   opaque cid[cid_length]; // Additional field compared to
-         *                           // default DTLS record format
-         *   uint16 length;
-         *   opaque enc_content[DTLSCiphertext.length];
-         * } DTLSCiphertext;
-         */
-
-        /* So far, we only support static CID lengths
-         * fixed in the configuration. */
-        rec_hdr_cid_len = ssl->conf->cid_len;
-        rec_hdr_len_offset += rec_hdr_cid_len;
-
-        if( len < rec_hdr_len_offset + rec_hdr_len_len )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "datagram of length %u too small to hold DTLS record header including CID, length %u",
-                (unsigned) len,
-                (unsigned)( rec_hdr_len_offset + rec_hdr_len_len ) ) );
-            return( MBEDTLS_ERR_SSL_INVALID_RECORD );
-        }
-
-        /* configured CID len is guaranteed at most 255, see
-         * MBEDTLS_SSL_CID_OUT_LEN_MAX in check_config.h */
-        rec->cid_len = (uint8_t) rec_hdr_cid_len;
-        memcpy( rec->cid, buf + rec_hdr_cid_offset, rec_hdr_cid_len );
-    }
-    else
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-    {
-        if( ssl_check_record_type( rec->type ) )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "unknown record type %u",
-                                        (unsigned) rec->type ) );
-            return( MBEDTLS_ERR_SSL_INVALID_RECORD );
-        }
-    }
-
-    /*
-     * Parse and validate record version
-     */
-
-    rec->ver[0] = buf[ rec_hdr_version_offset + 0 ];
-    rec->ver[1] = buf[ rec_hdr_version_offset + 1 ];
-    mbedtls_ssl_read_version( &major_ver, &minor_ver,
-                              ssl->conf->transport,
-                              &rec->ver[0] );
-
-    if( major_ver != ssl->major_ver )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "major version mismatch" ) );
-        return( MBEDTLS_ERR_SSL_INVALID_RECORD );
-    }
-
-    if( minor_ver > ssl->conf->max_minor_ver )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "minor version mismatch" ) );
-        return( MBEDTLS_ERR_SSL_INVALID_RECORD );
-    }
-
-    /*
-     * Parse/Copy record sequence number.
-     */
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        /* Copy explicit record sequence number from input buffer. */
-        memcpy( &rec->ctr[0], buf + rec_hdr_ctr_offset,
-                rec_hdr_ctr_len );
-    }
-    else
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-    {
-        /* Copy implicit record sequence number from SSL context structure. */
-        memcpy( &rec->ctr[0], ssl->in_ctr, rec_hdr_ctr_len );
-    }
-
-    /*
-     * Parse record length.
-     */
-
-    rec->data_offset = rec_hdr_len_offset + rec_hdr_len_len;
-    rec->data_len    = ( (size_t) buf[ rec_hdr_len_offset + 0 ] << 8 ) |
-                       ( (size_t) buf[ rec_hdr_len_offset + 1 ] << 0 );
-    MBEDTLS_SSL_DEBUG_BUF( 4, "input record header", buf, rec->data_offset );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "input record: msgtype = %d, "
-                                "version = [%d:%d], msglen = %d",
-                                rec->type,
-                                major_ver, minor_ver, rec->data_len ) );
-
-    rec->buf     = buf;
-    rec->buf_len = rec->data_offset + rec->data_len;
-
-    if( rec->data_len == 0 )
-        return( MBEDTLS_ERR_SSL_INVALID_RECORD );
-
-    /*
-     * DTLS-related tests.
-     * Check epoch before checking length constraint because
-     * the latter varies with the epoch. E.g., if a ChangeCipherSpec
-     * message gets duplicated before the corresponding Finished message,
-     * the second ChangeCipherSpec should be discarded because it belongs
-     * to an old epoch, but not because its length is shorter than
-     * the minimum record length for packets using the new record transform.
-     * Note that these two kinds of failures are handled differently,
-     * as an unexpected record is silently skipped but an invalid
-     * record leads to the entire datagram being dropped.
-     */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        rec_epoch = ( rec->ctr[0] << 8 ) | rec->ctr[1];
-
-        /* Check that the datagram is large enough to contain a record
-         * of the advertised length. */
-        if( len < rec->data_offset + rec->data_len )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "Datagram of length %u too small to contain record of advertised length %u.",
-                             (unsigned) len,
-                             (unsigned)( rec->data_offset + rec->data_len ) ) );
-            return( MBEDTLS_ERR_SSL_INVALID_RECORD );
-        }
-
-        /* Records from other, non-matching epochs are silently discarded.
-         * (The case of same-port Client reconnects must be considered in
-         *  the caller). */
-        if( rec_epoch != ssl->in_epoch )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "record from another epoch: "
-                                        "expected %d, received %d",
-                                        ssl->in_epoch, rec_epoch ) );
-
-            /* Records from the next epoch are considered for buffering
-             * (concretely: early Finished messages). */
-            if( rec_epoch == (unsigned) ssl->in_epoch + 1 )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 2, ( "Consider record for buffering" ) );
-                return( MBEDTLS_ERR_SSL_EARLY_MESSAGE );
-            }
-
-            return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD );
-        }
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-        /* For records from the correct epoch, check whether their
-         * sequence number has been seen before. */
-        else if( mbedtls_ssl_dtls_record_replay_check( (mbedtls_ssl_context *) ssl,
-            &rec->ctr[0] ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "replayed record" ) );
-            return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD );
-        }
-#endif
-    }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-    return( 0 );
-}
-
-
-#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C)
-static int ssl_check_client_reconnect( mbedtls_ssl_context *ssl )
-{
-    unsigned int rec_epoch = ( ssl->in_ctr[0] << 8 ) | ssl->in_ctr[1];
-
-    /*
-     * Check for an epoch 0 ClientHello. We can't use in_msg here to
-     * access the first byte of record content (handshake type), as we
-     * have an active transform (possibly iv_len != 0), so use the
-     * fact that the record header len is 13 instead.
-     */
-    if( rec_epoch == 0 &&
-        ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
-        ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER &&
-        ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
-        ssl->in_left > 13 &&
-        ssl->in_buf[13] == MBEDTLS_SSL_HS_CLIENT_HELLO )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "possible client reconnect "
-                                    "from the same port" ) );
-        return( ssl_handle_possible_reconnect( ssl ) );
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */
-
-/*
- * If applicable, decrypt record content
- */
-static int ssl_prepare_record_content( mbedtls_ssl_context *ssl,
-                                       mbedtls_record *rec )
-{
-    int ret, done = 0;
-
-    MBEDTLS_SSL_DEBUG_BUF( 4, "input record from network",
-                           rec->buf, rec->buf_len );
-
-#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
-    if( mbedtls_ssl_hw_record_read != NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_read()" ) );
-
-        ret = mbedtls_ssl_hw_record_read( ssl );
-        if( ret != 0 && ret != MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_read", ret );
-            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-        }
-
-        if( ret == 0 )
-            done = 1;
-    }
-#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
-    if( !done && ssl->transform_in != NULL )
-    {
-        unsigned char const old_msg_type = rec->type;
-
-        if( ( ret = mbedtls_ssl_decrypt_buf( ssl, ssl->transform_in,
-                                             rec ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decrypt_buf", ret );
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-            if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_CID &&
-                ssl->conf->ignore_unexpected_cid
-                    == MBEDTLS_SSL_UNEXPECTED_CID_IGNORE )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 3, ( "ignoring unexpected CID" ) );
-                ret = MBEDTLS_ERR_SSL_CONTINUE_PROCESSING;
-            }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-            return( ret );
-        }
-
-        if( old_msg_type != rec->type )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 4, ( "record type after decrypt (before %d): %d",
-                                        old_msg_type, rec->type ) );
-        }
-
-        MBEDTLS_SSL_DEBUG_BUF( 4, "input payload after decrypt",
-                               rec->buf + rec->data_offset, rec->data_len );
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-        /* We have already checked the record content type
-         * in ssl_parse_record_header(), failing or silently
-         * dropping the record in the case of an unknown type.
-         *
-         * Since with the use of CIDs, the record content type
-         * might change during decryption, re-check the record
-         * content type, but treat a failure as fatal this time. */
-        if( ssl_check_record_type( rec->type ) )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "unknown record type" ) );
-            return( MBEDTLS_ERR_SSL_INVALID_RECORD );
-        }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-        if( rec->data_len == 0 )
-        {
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-            if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3
-                && rec->type != MBEDTLS_SSL_MSG_APPLICATION_DATA )
-            {
-                /* TLS v1.2 explicitly disallows zero-length messages which are not application data */
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid zero-length message type: %d", ssl->in_msgtype ) );
-                return( MBEDTLS_ERR_SSL_INVALID_RECORD );
-            }
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-
-            ssl->nb_zero++;
-
-            /*
-             * Three or more empty messages may be a DoS attack
-             * (excessive CPU consumption).
-             */
-            if( ssl->nb_zero > 3 )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "received four consecutive empty "
-                                            "messages, possible DoS attack" ) );
-                /* Treat the records as if they were not properly authenticated,
-                 * thereby failing the connection if we see more than allowed
-                 * by the configured bad MAC threshold. */
-                return( MBEDTLS_ERR_SSL_INVALID_MAC );
-            }
-        }
-        else
-            ssl->nb_zero = 0;
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-        if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        {
-            ; /* in_ctr read from peer, not maintained internally */
-        }
-        else
-#endif
-        {
-            unsigned i;
-            for( i = 8; i > mbedtls_ssl_ep_len( ssl ); i-- )
-                if( ++ssl->in_ctr[i - 1] != 0 )
-                    break;
-
-            /* The loop goes to its end iff the counter is wrapping */
-            if( i == mbedtls_ssl_ep_len( ssl ) )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "incoming message counter would wrap" ) );
-                return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING );
-            }
-        }
-
-    }
-
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        mbedtls_ssl_dtls_replay_update( ssl );
-    }
-#endif
-
-    /* Check actual (decrypted) record content length against
-     * configured maximum. */
-    if( ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) );
-        return( MBEDTLS_ERR_SSL_INVALID_RECORD );
-    }
-
-    return( 0 );
-}
-
-/*
- * Read a record.
- *
- * Silently ignore non-fatal alert (and for DTLS, invalid records as well,
- * RFC 6347 4.1.2.7) and continue reading until a valid record is found.
- *
- */
-
-/* Helper functions for mbedtls_ssl_read_record(). */
-static int ssl_consume_current_message( mbedtls_ssl_context *ssl );
-static int ssl_get_next_record( mbedtls_ssl_context *ssl );
-static int ssl_record_is_in_progress( mbedtls_ssl_context *ssl );
-
-int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl,
-                             unsigned update_hs_digest )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> read record" ) );
-
-    if( ssl->keep_current_message == 0 )
-    {
-        do {
-
-            ret = ssl_consume_current_message( ssl );
-            if( ret != 0 )
-                return( ret );
-
-            if( ssl_record_is_in_progress( ssl ) == 0 )
-            {
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-                int have_buffered = 0;
-
-                /* We only check for buffered messages if the
-                 * current datagram is fully consumed. */
-                if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-                    ssl_next_record_is_in_datagram( ssl ) == 0 )
-                {
-                    if( ssl_load_buffered_message( ssl ) == 0 )
-                        have_buffered = 1;
-                }
-
-                if( have_buffered == 0 )
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-                {
-                    ret = ssl_get_next_record( ssl );
-                    if( ret == MBEDTLS_ERR_SSL_CONTINUE_PROCESSING )
-                        continue;
-
-                    if( ret != 0 )
-                    {
-                        MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_get_next_record" ), ret );
-                        return( ret );
-                    }
-                }
-            }
-
-            ret = mbedtls_ssl_handle_message_type( ssl );
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-            if( ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE )
-            {
-                /* Buffer future message */
-                ret = ssl_buffer_message( ssl );
-                if( ret != 0 )
-                    return( ret );
-
-                ret = MBEDTLS_ERR_SSL_CONTINUE_PROCESSING;
-            }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-        } while( MBEDTLS_ERR_SSL_NON_FATAL           == ret  ||
-                 MBEDTLS_ERR_SSL_CONTINUE_PROCESSING == ret );
-
-        if( 0 != ret )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_handle_message_type" ), ret );
-            return( ret );
-        }
-
-        if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
-            update_hs_digest == 1 )
-        {
-            mbedtls_ssl_update_handshake_status( ssl );
-        }
-    }
-    else
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "reuse previously read message" ) );
-        ssl->keep_current_message = 0;
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= read record" ) );
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl )
-{
-    if( ssl->in_left > ssl->next_record_offset )
-        return( 1 );
-
-    return( 0 );
-}
-
-static int ssl_load_buffered_message( mbedtls_ssl_context *ssl )
-{
-    mbedtls_ssl_handshake_params * const hs = ssl->handshake;
-    mbedtls_ssl_hs_buffer * hs_buf;
-    int ret = 0;
-
-    if( hs == NULL )
-        return( -1 );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_load_buffered_messsage" ) );
-
-    if( ssl->state == MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC ||
-        ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC )
-    {
-        /* Check if we have seen a ChangeCipherSpec before.
-         * If yes, synthesize a CCS record. */
-        if( !hs->buffering.seen_ccs )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "CCS not seen in the current flight" ) );
-            ret = -1;
-            goto exit;
-        }
-
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "Injecting buffered CCS message" ) );
-        ssl->in_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC;
-        ssl->in_msglen = 1;
-        ssl->in_msg[0] = 1;
-
-        /* As long as they are equal, the exact value doesn't matter. */
-        ssl->in_left            = 0;
-        ssl->next_record_offset = 0;
-
-        hs->buffering.seen_ccs = 0;
-        goto exit;
-    }
-
-#if defined(MBEDTLS_DEBUG_C)
-    /* Debug only */
-    {
-        unsigned offset;
-        for( offset = 1; offset < MBEDTLS_SSL_MAX_BUFFERED_HS; offset++ )
-        {
-            hs_buf = &hs->buffering.hs[offset];
-            if( hs_buf->is_valid == 1 )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 2, ( "Future message with sequence number %u %s buffered.",
-                            hs->in_msg_seq + offset,
-                            hs_buf->is_complete ? "fully" : "partially" ) );
-            }
-        }
-    }
-#endif /* MBEDTLS_DEBUG_C */
-
-    /* Check if we have buffered and/or fully reassembled the
-     * next handshake message. */
-    hs_buf = &hs->buffering.hs[0];
-    if( ( hs_buf->is_valid == 1 ) && ( hs_buf->is_complete == 1 ) )
-    {
-        /* Synthesize a record containing the buffered HS message. */
-        size_t msg_len = ( hs_buf->data[1] << 16 ) |
-                         ( hs_buf->data[2] << 8  ) |
-                           hs_buf->data[3];
-
-        /* Double-check that we haven't accidentally buffered
-         * a message that doesn't fit into the input buffer. */
-        if( msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "Next handshake message has been buffered - load" ) );
-        MBEDTLS_SSL_DEBUG_BUF( 3, "Buffered handshake message (incl. header)",
-                               hs_buf->data, msg_len + 12 );
-
-        ssl->in_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
-        ssl->in_hslen   = msg_len + 12;
-        ssl->in_msglen  = msg_len + 12;
-        memcpy( ssl->in_msg, hs_buf->data, ssl->in_hslen );
-
-        ret = 0;
-        goto exit;
-    }
-    else
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "Next handshake message %u not or only partially bufffered",
-                                    hs->in_msg_seq ) );
-    }
-
-    ret = -1;
-
-exit:
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_load_buffered_message" ) );
-    return( ret );
-}
-
-static int ssl_buffer_make_space( mbedtls_ssl_context *ssl,
-                                  size_t desired )
-{
-    int offset;
-    mbedtls_ssl_handshake_params * const hs = ssl->handshake;
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "Attempt to free buffered messages to have %u bytes available",
-                                (unsigned) desired ) );
-
-    /* Get rid of future records epoch first, if such exist. */
-    ssl_free_buffered_record( ssl );
-
-    /* Check if we have enough space available now. */
-    if( desired <= ( MBEDTLS_SSL_DTLS_MAX_BUFFERING -
-                     hs->buffering.total_bytes_buffered ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "Enough space available after freeing future epoch record" ) );
-        return( 0 );
-    }
-
-    /* We don't have enough space to buffer the next expected handshake
-     * message. Remove buffers used for future messages to gain space,
-     * starting with the most distant one. */
-    for( offset = MBEDTLS_SSL_MAX_BUFFERED_HS - 1;
-         offset >= 0; offset-- )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "Free buffering slot %d to make space for reassembly of next handshake message",
-                                    offset ) );
-
-        ssl_buffering_free_slot( ssl, (uint8_t) offset );
-
-        /* Check if we have enough space available now. */
-        if( desired <= ( MBEDTLS_SSL_DTLS_MAX_BUFFERING -
-                         hs->buffering.total_bytes_buffered ) )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "Enough space available after freeing buffered HS messages" ) );
-            return( 0 );
-        }
-    }
-
-    return( -1 );
-}
-
-static int ssl_buffer_message( mbedtls_ssl_context *ssl )
-{
-    int ret = 0;
-    mbedtls_ssl_handshake_params * const hs = ssl->handshake;
-
-    if( hs == NULL )
-        return( 0 );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_buffer_message" ) );
-
-    switch( ssl->in_msgtype )
-    {
-        case MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC:
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "Remember CCS message" ) );
-
-            hs->buffering.seen_ccs = 1;
-            break;
-
-        case MBEDTLS_SSL_MSG_HANDSHAKE:
-        {
-            unsigned recv_msg_seq_offset;
-            unsigned recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5];
-            mbedtls_ssl_hs_buffer *hs_buf;
-            size_t msg_len = ssl->in_hslen - 12;
-
-            /* We should never receive an old handshake
-             * message - double-check nonetheless. */
-            if( recv_msg_seq < ssl->handshake->in_msg_seq )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-                return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-            }
-
-            recv_msg_seq_offset = recv_msg_seq - ssl->handshake->in_msg_seq;
-            if( recv_msg_seq_offset >= MBEDTLS_SSL_MAX_BUFFERED_HS )
-            {
-                /* Silently ignore -- message too far in the future */
-                MBEDTLS_SSL_DEBUG_MSG( 2,
-                 ( "Ignore future HS message with sequence number %u, "
-                   "buffering window %u - %u",
-                   recv_msg_seq, ssl->handshake->in_msg_seq,
-                   ssl->handshake->in_msg_seq + MBEDTLS_SSL_MAX_BUFFERED_HS - 1 ) );
-
-                goto exit;
-            }
-
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering HS message with sequence number %u, offset %u ",
-                                        recv_msg_seq, recv_msg_seq_offset ) );
-
-            hs_buf = &hs->buffering.hs[ recv_msg_seq_offset ];
-
-            /* Check if the buffering for this seq nr has already commenced. */
-            if( !hs_buf->is_valid )
-            {
-                size_t reassembly_buf_sz;
-
-                hs_buf->is_fragmented =
-                    ( ssl_hs_is_proper_fragment( ssl ) == 1 );
-
-                /* We copy the message back into the input buffer
-                 * after reassembly, so check that it's not too large.
-                 * This is an implementation-specific limitation
-                 * and not one from the standard, hence it is not
-                 * checked in ssl_check_hs_header(). */
-                if( msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN )
-                {
-                    /* Ignore message */
-                    goto exit;
-                }
-
-                /* Check if we have enough space to buffer the message. */
-                if( hs->buffering.total_bytes_buffered >
-                    MBEDTLS_SSL_DTLS_MAX_BUFFERING )
-                {
-                    MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-                    return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-                }
-
-                reassembly_buf_sz = ssl_get_reassembly_buffer_size( msg_len,
-                                                       hs_buf->is_fragmented );
-
-                if( reassembly_buf_sz > ( MBEDTLS_SSL_DTLS_MAX_BUFFERING -
-                                          hs->buffering.total_bytes_buffered ) )
-                {
-                    if( recv_msg_seq_offset > 0 )
-                    {
-                        /* If we can't buffer a future message because
-                         * of space limitations -- ignore. */
-                        MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future message of size %u would exceed the compile-time limit %u (already %u bytes buffered) -- ignore\n",
-                             (unsigned) msg_len, MBEDTLS_SSL_DTLS_MAX_BUFFERING,
-                             (unsigned) hs->buffering.total_bytes_buffered ) );
-                        goto exit;
-                    }
-                    else
-                    {
-                        MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future message of size %u would exceed the compile-time limit %u (already %u bytes buffered) -- attempt to make space by freeing buffered future messages\n",
-                             (unsigned) msg_len, MBEDTLS_SSL_DTLS_MAX_BUFFERING,
-                             (unsigned) hs->buffering.total_bytes_buffered ) );
-                    }
-
-                    if( ssl_buffer_make_space( ssl, reassembly_buf_sz ) != 0 )
-                    {
-                        MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reassembly of next message of size %u (%u with bitmap) would exceed the compile-time limit %u (already %u bytes buffered) -- fail\n",
-                             (unsigned) msg_len,
-                             (unsigned) reassembly_buf_sz,
-                             MBEDTLS_SSL_DTLS_MAX_BUFFERING,
-                             (unsigned) hs->buffering.total_bytes_buffered ) );
-                        ret = MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
-                        goto exit;
-                    }
-                }
-
-                MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialize reassembly, total length = %d",
-                                            msg_len ) );
-
-                hs_buf->data = mbedtls_calloc( 1, reassembly_buf_sz );
-                if( hs_buf->data == NULL )
-                {
-                    ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
-                    goto exit;
-                }
-                hs_buf->data_len = reassembly_buf_sz;
-
-                /* Prepare final header: copy msg_type, length and message_seq,
-                 * then add standardised fragment_offset and fragment_length */
-                memcpy( hs_buf->data, ssl->in_msg, 6 );
-                memset( hs_buf->data + 6, 0, 3 );
-                memcpy( hs_buf->data + 9, hs_buf->data + 1, 3 );
-
-                hs_buf->is_valid = 1;
-
-                hs->buffering.total_bytes_buffered += reassembly_buf_sz;
-            }
-            else
-            {
-                /* Make sure msg_type and length are consistent */
-                if( memcmp( hs_buf->data, ssl->in_msg, 4 ) != 0 )
-                {
-                    MBEDTLS_SSL_DEBUG_MSG( 1, ( "Fragment header mismatch - ignore" ) );
-                    /* Ignore */
-                    goto exit;
-                }
-            }
-
-            if( !hs_buf->is_complete )
-            {
-                size_t frag_len, frag_off;
-                unsigned char * const msg = hs_buf->data + 12;
-
-                /*
-                 * Check and copy current fragment
-                 */
-
-                /* Validation of header fields already done in
-                 * mbedtls_ssl_prepare_handshake_record(). */
-                frag_off = ssl_get_hs_frag_off( ssl );
-                frag_len = ssl_get_hs_frag_len( ssl );
-
-                MBEDTLS_SSL_DEBUG_MSG( 2, ( "adding fragment, offset = %d, length = %d",
-                                            frag_off, frag_len ) );
-                memcpy( msg + frag_off, ssl->in_msg + 12, frag_len );
-
-                if( hs_buf->is_fragmented )
-                {
-                    unsigned char * const bitmask = msg + msg_len;
-                    ssl_bitmask_set( bitmask, frag_off, frag_len );
-                    hs_buf->is_complete = ( ssl_bitmask_check( bitmask,
-                                                               msg_len ) == 0 );
-                }
-                else
-                {
-                    hs_buf->is_complete = 1;
-                }
-
-                MBEDTLS_SSL_DEBUG_MSG( 2, ( "message %scomplete",
-                                   hs_buf->is_complete ? "" : "not yet " ) );
-            }
-
-            break;
-        }
-
-        default:
-            /* We don't buffer other types of messages. */
-            break;
-    }
-
-exit:
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_buffer_message" ) );
-    return( ret );
-}
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-static int ssl_consume_current_message( mbedtls_ssl_context *ssl )
-{
-    /*
-     * Consume last content-layer message and potentially
-     * update in_msglen which keeps track of the contents'
-     * consumption state.
-     *
-     * (1) Handshake messages:
-     *     Remove last handshake message, move content
-     *     and adapt in_msglen.
-     *
-     * (2) Alert messages:
-     *     Consume whole record content, in_msglen = 0.
-     *
-     * (3) Change cipher spec:
-     *     Consume whole record content, in_msglen = 0.
-     *
-     * (4) Application data:
-     *     Don't do anything - the record layer provides
-     *     the application data as a stream transport
-     *     and consumes through mbedtls_ssl_read only.
-     *
-     */
-
-    /* Case (1): Handshake messages */
-    if( ssl->in_hslen != 0 )
-    {
-        /* Hard assertion to be sure that no application data
-         * is in flight, as corrupting ssl->in_msglen during
-         * ssl->in_offt != NULL is fatal. */
-        if( ssl->in_offt != NULL )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-
-        /*
-         * Get next Handshake message in the current record
-         */
-
-        /* Notes:
-         * (1) in_hslen is not necessarily the size of the
-         *     current handshake content: If DTLS handshake
-         *     fragmentation is used, that's the fragment
-         *     size instead. Using the total handshake message
-         *     size here is faulty and should be changed at
-         *     some point.
-         * (2) While it doesn't seem to cause problems, one
-         *     has to be very careful not to assume that in_hslen
-         *     is always <= in_msglen in a sensible communication.
-         *     Again, it's wrong for DTLS handshake fragmentation.
-         *     The following check is therefore mandatory, and
-         *     should not be treated as a silently corrected assertion.
-         *     Additionally, ssl->in_hslen might be arbitrarily out of
-         *     bounds after handling a DTLS message with an unexpected
-         *     sequence number, see mbedtls_ssl_prepare_handshake_record.
-         */
-        if( ssl->in_hslen < ssl->in_msglen )
-        {
-            ssl->in_msglen -= ssl->in_hslen;
-            memmove( ssl->in_msg, ssl->in_msg + ssl->in_hslen,
-                     ssl->in_msglen );
-
-            MBEDTLS_SSL_DEBUG_BUF( 4, "remaining content in record",
-                                   ssl->in_msg, ssl->in_msglen );
-        }
-        else
-        {
-            ssl->in_msglen = 0;
-        }
-
-        ssl->in_hslen   = 0;
-    }
-    /* Case (4): Application data */
-    else if( ssl->in_offt != NULL )
-    {
-        return( 0 );
-    }
-    /* Everything else (CCS & Alerts) */
-    else
-    {
-        ssl->in_msglen = 0;
-    }
-
-    return( 0 );
-}
-
-static int ssl_record_is_in_progress( mbedtls_ssl_context *ssl )
-{
-    if( ssl->in_msglen > 0 )
-        return( 1 );
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-
-static void ssl_free_buffered_record( mbedtls_ssl_context *ssl )
-{
-    mbedtls_ssl_handshake_params * const hs = ssl->handshake;
-    if( hs == NULL )
-        return;
-
-    if( hs->buffering.future_record.data != NULL )
-    {
-        hs->buffering.total_bytes_buffered -=
-            hs->buffering.future_record.len;
-
-        mbedtls_free( hs->buffering.future_record.data );
-        hs->buffering.future_record.data = NULL;
-    }
-}
-
-static int ssl_load_buffered_record( mbedtls_ssl_context *ssl )
-{
-    mbedtls_ssl_handshake_params * const hs = ssl->handshake;
-    unsigned char * rec;
-    size_t rec_len;
-    unsigned rec_epoch;
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-    size_t in_buf_len = ssl->in_buf_len;
-#else
-    size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN;
-#endif
-    if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        return( 0 );
-
-    if( hs == NULL )
-        return( 0 );
-
-    rec       = hs->buffering.future_record.data;
-    rec_len   = hs->buffering.future_record.len;
-    rec_epoch = hs->buffering.future_record.epoch;
-
-    if( rec == NULL )
-        return( 0 );
-
-    /* Only consider loading future records if the
-     * input buffer is empty. */
-    if( ssl_next_record_is_in_datagram( ssl ) == 1 )
-        return( 0 );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_load_buffered_record" ) );
-
-    if( rec_epoch != ssl->in_epoch )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffered record not from current epoch." ) );
-        goto exit;
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "Found buffered record from current epoch - load" ) );
-
-    /* Double-check that the record is not too large */
-    if( rec_len > in_buf_len - (size_t)( ssl->in_hdr - ssl->in_buf ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    memcpy( ssl->in_hdr, rec, rec_len );
-    ssl->in_left = rec_len;
-    ssl->next_record_offset = 0;
-
-    ssl_free_buffered_record( ssl );
-
-exit:
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_load_buffered_record" ) );
-    return( 0 );
-}
-
-static int ssl_buffer_future_record( mbedtls_ssl_context *ssl,
-                                     mbedtls_record const *rec )
-{
-    mbedtls_ssl_handshake_params * const hs = ssl->handshake;
-
-    /* Don't buffer future records outside handshakes. */
-    if( hs == NULL )
-        return( 0 );
-
-    /* Only buffer handshake records (we are only interested
-     * in Finished messages). */
-    if( rec->type != MBEDTLS_SSL_MSG_HANDSHAKE )
-        return( 0 );
-
-    /* Don't buffer more than one future epoch record. */
-    if( hs->buffering.future_record.data != NULL )
-        return( 0 );
-
-    /* Don't buffer record if there's not enough buffering space remaining. */
-    if( rec->buf_len > ( MBEDTLS_SSL_DTLS_MAX_BUFFERING -
-                         hs->buffering.total_bytes_buffered ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future epoch record of size %u would exceed the compile-time limit %u (already %u bytes buffered) -- ignore\n",
-                        (unsigned) rec->buf_len, MBEDTLS_SSL_DTLS_MAX_BUFFERING,
-                        (unsigned) hs->buffering.total_bytes_buffered ) );
-        return( 0 );
-    }
-
-    /* Buffer record */
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffer record from epoch %u",
-                                ssl->in_epoch + 1 ) );
-    MBEDTLS_SSL_DEBUG_BUF( 3, "Buffered record", rec->buf, rec->buf_len );
-
-    /* ssl_parse_record_header() only considers records
-     * of the next epoch as candidates for buffering. */
-    hs->buffering.future_record.epoch = ssl->in_epoch + 1;
-    hs->buffering.future_record.len   = rec->buf_len;
-
-    hs->buffering.future_record.data =
-        mbedtls_calloc( 1, hs->buffering.future_record.len );
-    if( hs->buffering.future_record.data == NULL )
-    {
-        /* If we run out of RAM trying to buffer a
-         * record from the next epoch, just ignore. */
-        return( 0 );
-    }
-
-    memcpy( hs->buffering.future_record.data, rec->buf, rec->buf_len );
-
-    hs->buffering.total_bytes_buffered += rec->buf_len;
-    return( 0 );
-}
-
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-static int ssl_get_next_record( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_record rec;
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    /* We might have buffered a future record; if so,
-     * and if the epoch matches now, load it.
-     * On success, this call will set ssl->in_left to
-     * the length of the buffered record, so that
-     * the calls to ssl_fetch_input() below will
-     * essentially be no-ops. */
-    ret = ssl_load_buffered_record( ssl );
-    if( ret != 0 )
-        return( ret );
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-    /* Ensure that we have enough space available for the default form
-     * of TLS / DTLS record headers (5 Bytes for TLS, 13 Bytes for DTLS,
-     * with no space for CIDs counted in). */
-    ret = mbedtls_ssl_fetch_input( ssl, mbedtls_ssl_in_hdr_len( ssl ) );
-    if( ret != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret );
-        return( ret );
-    }
-
-    ret = ssl_parse_record_header( ssl, ssl->in_hdr, ssl->in_left, &rec );
-    if( ret != 0 )
-    {
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-        if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        {
-            if( ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE )
-            {
-                ret = ssl_buffer_future_record( ssl, &rec );
-                if( ret != 0 )
-                    return( ret );
-
-                /* Fall through to handling of unexpected records */
-                ret = MBEDTLS_ERR_SSL_UNEXPECTED_RECORD;
-            }
-
-            if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_RECORD )
-            {
-#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C)
-                /* Reset in pointers to default state for TLS/DTLS records,
-                 * assuming no CID and no offset between record content and
-                 * record plaintext. */
-                mbedtls_ssl_update_in_pointers( ssl );
-
-                /* Setup internal message pointers from record structure. */
-                ssl->in_msgtype = rec.type;
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-                ssl->in_len = ssl->in_cid + rec.cid_len;
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-                ssl->in_iv  = ssl->in_msg = ssl->in_len + 2;
-                ssl->in_msglen = rec.data_len;
-
-                ret = ssl_check_client_reconnect( ssl );
-                MBEDTLS_SSL_DEBUG_RET( 2, "ssl_check_client_reconnect", ret );
-                if( ret != 0 )
-                    return( ret );
-#endif
-
-                /* Skip unexpected record (but not whole datagram) */
-                ssl->next_record_offset = rec.buf_len;
-
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "discarding unexpected record "
-                                            "(header)" ) );
-            }
-            else
-            {
-                /* Skip invalid record and the rest of the datagram */
-                ssl->next_record_offset = 0;
-                ssl->in_left = 0;
-
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "discarding invalid record "
-                                            "(header)" ) );
-            }
-
-            /* Get next record */
-            return( MBEDTLS_ERR_SSL_CONTINUE_PROCESSING );
-        }
-        else
-#endif
-        {
-            return( ret );
-        }
-    }
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        /* Remember offset of next record within datagram. */
-        ssl->next_record_offset = rec.buf_len;
-        if( ssl->next_record_offset < ssl->in_left )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "more than one record within datagram" ) );
-        }
-    }
-    else
-#endif
-    {
-        /*
-         * Fetch record contents from underlying transport.
-         */
-        ret = mbedtls_ssl_fetch_input( ssl, rec.buf_len );
-        if( ret != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret );
-            return( ret );
-        }
-
-        ssl->in_left = 0;
-    }
-
-    /*
-     * Decrypt record contents.
-     */
-
-    if( ( ret = ssl_prepare_record_content( ssl, &rec ) ) != 0 )
-    {
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-        if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        {
-            /* Silently discard invalid records */
-            if( ret == MBEDTLS_ERR_SSL_INVALID_MAC )
-            {
-                /* Except when waiting for Finished as a bad mac here
-                 * probably means something went wrong in the handshake
-                 * (eg wrong psk used, mitm downgrade attempt, etc.) */
-                if( ssl->state == MBEDTLS_SSL_CLIENT_FINISHED ||
-                    ssl->state == MBEDTLS_SSL_SERVER_FINISHED )
-                {
-#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES)
-                    if( ret == MBEDTLS_ERR_SSL_INVALID_MAC )
-                    {
-                        mbedtls_ssl_send_alert_message( ssl,
-                                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC );
-                    }
-#endif
-                    return( ret );
-                }
-
-#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
-                if( ssl->conf->badmac_limit != 0 &&
-                    ++ssl->badmac_seen >= ssl->conf->badmac_limit )
-                {
-                    MBEDTLS_SSL_DEBUG_MSG( 1, ( "too many records with bad MAC" ) );
-                    return( MBEDTLS_ERR_SSL_INVALID_MAC );
-                }
-#endif
-
-                /* As above, invalid records cause
-                 * dismissal of the whole datagram. */
-
-                ssl->next_record_offset = 0;
-                ssl->in_left = 0;
-
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "discarding invalid record (mac)" ) );
-                return( MBEDTLS_ERR_SSL_CONTINUE_PROCESSING );
-            }
-
-            return( ret );
-        }
-        else
-#endif
-        {
-            /* Error out (and send alert) on invalid records */
-#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES)
-            if( ret == MBEDTLS_ERR_SSL_INVALID_MAC )
-            {
-                mbedtls_ssl_send_alert_message( ssl,
-                        MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                        MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC );
-            }
-#endif
-            return( ret );
-        }
-    }
-
-
-    /* Reset in pointers to default state for TLS/DTLS records,
-     * assuming no CID and no offset between record content and
-     * record plaintext. */
-    mbedtls_ssl_update_in_pointers( ssl );
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    ssl->in_len = ssl->in_cid + rec.cid_len;
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-    ssl->in_iv  = ssl->in_len + 2;
-
-    /* The record content type may change during decryption,
-     * so re-read it. */
-    ssl->in_msgtype = rec.type;
-    /* Also update the input buffer, because unfortunately
-     * the server-side ssl_parse_client_hello() reparses the
-     * record header when receiving a ClientHello initiating
-     * a renegotiation. */
-    ssl->in_hdr[0] = rec.type;
-    ssl->in_msg    = rec.buf + rec.data_offset;
-    ssl->in_msglen = rec.data_len;
-    ssl->in_len[0] = (unsigned char)( rec.data_len >> 8 );
-    ssl->in_len[1] = (unsigned char)( rec.data_len      );
-
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-    if( ssl->transform_in != NULL &&
-        ssl->session_in->compression == MBEDTLS_SSL_COMPRESS_DEFLATE )
-    {
-        if( ( ret = ssl_decompress_buf( ssl ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decompress_buf", ret );
-            return( ret );
-        }
-
-        /* Check actual (decompress) record content length against
-         * configured maximum. */
-        if( ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) );
-            return( MBEDTLS_ERR_SSL_INVALID_RECORD );
-        }
-    }
-#endif /* MBEDTLS_ZLIB_SUPPORT */
-
-    return( 0 );
-}
-
-int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    /*
-     * Handle particular types of records
-     */
-    if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE )
-    {
-        if( ( ret = mbedtls_ssl_prepare_handshake_record( ssl ) ) != 0 )
-        {
-            return( ret );
-        }
-    }
-
-    if( ssl->in_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC )
-    {
-        if( ssl->in_msglen != 1 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid CCS message, len: %d",
-                           ssl->in_msglen ) );
-            return( MBEDTLS_ERR_SSL_INVALID_RECORD );
-        }
-
-        if( ssl->in_msg[0] != 1 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid CCS message, content: %02x",
-                                        ssl->in_msg[0] ) );
-            return( MBEDTLS_ERR_SSL_INVALID_RECORD );
-        }
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-        if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-            ssl->state != MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC    &&
-            ssl->state != MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC )
-        {
-            if( ssl->handshake == NULL )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "dropping ChangeCipherSpec outside handshake" ) );
-                return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD );
-            }
-
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "received out-of-order ChangeCipherSpec - remember" ) );
-            return( MBEDTLS_ERR_SSL_EARLY_MESSAGE );
-        }
-#endif
-    }
-
-    if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT )
-    {
-        if( ssl->in_msglen != 2 )
-        {
-            /* Note: Standard allows for more than one 2 byte alert
-               to be packed in a single message, but Mbed TLS doesn't
-               currently support this. */
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid alert message, len: %d",
-                           ssl->in_msglen ) );
-            return( MBEDTLS_ERR_SSL_INVALID_RECORD );
-        }
-
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "got an alert message, type: [%d:%d]",
-                       ssl->in_msg[0], ssl->in_msg[1] ) );
-
-        /*
-         * Ignore non-fatal alerts, except close_notify and no_renegotiation
-         */
-        if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_FATAL )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "is a fatal alert message (msg %d)",
-                           ssl->in_msg[1] ) );
-            return( MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE );
-        }
-
-        if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING &&
-            ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "is a close notify message" ) );
-            return( MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY );
-        }
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION_ENABLED)
-        if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING &&
-            ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "is a SSLv3 no renegotiation alert" ) );
-            /* Will be handled when trying to parse ServerHello */
-            return( 0 );
-        }
-#endif
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_SRV_C)
-        if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 &&
-            ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
-            ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING &&
-            ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_CERT )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "is a SSLv3 no_cert" ) );
-            /* Will be handled in mbedtls_ssl_parse_certificate() */
-            return( 0 );
-        }
-#endif /* MBEDTLS_SSL_PROTO_SSL3 && MBEDTLS_SSL_SRV_C */
-
-        /* Silently ignore: fetch new message */
-        return MBEDTLS_ERR_SSL_NON_FATAL;
-    }
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        /* Drop unexpected ApplicationData records,
-         * except at the beginning of renegotiations */
-        if( ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA &&
-            ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-            && ! ( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
-                   ssl->state == MBEDTLS_SSL_SERVER_HELLO )
-#endif
-            )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "dropping unexpected ApplicationData" ) );
-            return( MBEDTLS_ERR_SSL_NON_FATAL );
-        }
-
-        if( ssl->handshake != NULL &&
-            ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER  )
-        {
-            mbedtls_ssl_handshake_wrapup_free_hs_transform( ssl );
-        }
-    }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-    return( 0 );
-}
-
-int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl )
-{
-    return( mbedtls_ssl_send_alert_message( ssl,
-                  MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                  MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ) );
-}
-
-int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl,
-                            unsigned char level,
-                            unsigned char message )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ssl == NULL || ssl->conf == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> send alert message" ) );
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "send alert level=%u message=%u", level, message ));
-
-    ssl->out_msgtype = MBEDTLS_SSL_MSG_ALERT;
-    ssl->out_msglen = 2;
-    ssl->out_msg[0] = level;
-    ssl->out_msg[1] = message;
-
-    if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
-        return( ret );
-    }
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= send alert message" ) );
-
-    return( 0 );
-}
-
-int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write change cipher spec" ) );
-
-    ssl->out_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC;
-    ssl->out_msglen  = 1;
-    ssl->out_msg[0]  = 1;
-
-    ssl->state++;
-
-    if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
-        return( ret );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write change cipher spec" ) );
-
-    return( 0 );
-}
-
-int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse change cipher spec" ) );
-
-    if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
-        return( ret );
-    }
-
-    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad change cipher spec message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
-        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
-    }
-
-    /* CCS records are only accepted if they have length 1 and content '1',
-     * so we don't need to check this here. */
-
-    /*
-     * Switch to our negotiated transform and session parameters for inbound
-     * data.
-     */
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for inbound data" ) );
-    ssl->transform_in = ssl->transform_negotiate;
-    ssl->session_in = ssl->session_negotiate;
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-        mbedtls_ssl_dtls_replay_reset( ssl );
-#endif
-
-        /* Increment epoch */
-        if( ++ssl->in_epoch == 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS epoch would wrap" ) );
-            /* This is highly unlikely to happen for legitimate reasons, so
-               treat it as an attack and don't send an alert. */
-            return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING );
-        }
-    }
-    else
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-    memset( ssl->in_ctr, 0, 8 );
-
-    mbedtls_ssl_update_in_pointers( ssl );
-
-#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
-    if( mbedtls_ssl_hw_record_activate != NULL )
-    {
-        if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_INBOUND ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret );
-            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                            MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
-            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-        }
-    }
-#endif
-
-    ssl->state++;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse change cipher spec" ) );
-
-    return( 0 );
-}
-
-/* Once ssl->out_hdr as the address of the beginning of the
- * next outgoing record is set, deduce the other pointers.
- *
- * Note: For TLS, we save the implicit record sequence number
- *       (entering MAC computation) in the 8 bytes before ssl->out_hdr,
- *       and the caller has to make sure there's space for this.
- */
-
-static size_t ssl_transform_get_explicit_iv_len(
-                        mbedtls_ssl_transform const *transform )
-{
-    if( transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 )
-        return( 0 );
-
-    return( transform->ivlen - transform->fixed_ivlen );
-}
-
-void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context *ssl,
-                                      mbedtls_ssl_transform *transform )
-{
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        ssl->out_ctr = ssl->out_hdr +  3;
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-        ssl->out_cid = ssl->out_ctr +  8;
-        ssl->out_len = ssl->out_cid;
-        if( transform != NULL )
-            ssl->out_len += transform->out_cid_len;
-#else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-        ssl->out_len = ssl->out_ctr + 8;
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-        ssl->out_iv  = ssl->out_len + 2;
-    }
-    else
-#endif
-    {
-        ssl->out_ctr = ssl->out_hdr - 8;
-        ssl->out_len = ssl->out_hdr + 3;
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-        ssl->out_cid = ssl->out_len;
-#endif
-        ssl->out_iv  = ssl->out_hdr + 5;
-    }
-
-    ssl->out_msg = ssl->out_iv;
-    /* Adjust out_msg to make space for explicit IV, if used. */
-    if( transform != NULL )
-        ssl->out_msg += ssl_transform_get_explicit_iv_len( transform );
-}
-
-/* Once ssl->in_hdr as the address of the beginning of the
- * next incoming record is set, deduce the other pointers.
- *
- * Note: For TLS, we save the implicit record sequence number
- *       (entering MAC computation) in the 8 bytes before ssl->in_hdr,
- *       and the caller has to make sure there's space for this.
- */
-
-void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context *ssl )
-{
-    /* This function sets the pointers to match the case
-     * of unprotected TLS/DTLS records, with both  ssl->in_iv
-     * and ssl->in_msg pointing to the beginning of the record
-     * content.
-     *
-     * When decrypting a protected record, ssl->in_msg
-     * will be shifted to point to the beginning of the
-     * record plaintext.
-     */
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        /* This sets the header pointers to match records
-         * without CID. When we receive a record containing
-         * a CID, the fields are shifted accordingly in
-         * ssl_parse_record_header(). */
-        ssl->in_ctr = ssl->in_hdr +  3;
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-        ssl->in_cid = ssl->in_ctr +  8;
-        ssl->in_len = ssl->in_cid; /* Default: no CID */
-#else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-        ssl->in_len = ssl->in_ctr + 8;
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-        ssl->in_iv  = ssl->in_len + 2;
-    }
-    else
-#endif
-    {
-        ssl->in_ctr = ssl->in_hdr - 8;
-        ssl->in_len = ssl->in_hdr + 3;
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-        ssl->in_cid = ssl->in_len;
-#endif
-        ssl->in_iv  = ssl->in_hdr + 5;
-    }
-
-    /* This will be adjusted at record decryption time. */
-    ssl->in_msg = ssl->in_iv;
-}
-
-/*
- * Setup an SSL context
- */
-
-void mbedtls_ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl )
-{
-    /* Set the incoming and outgoing record pointers. */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        ssl->out_hdr = ssl->out_buf;
-        ssl->in_hdr  = ssl->in_buf;
-    }
-    else
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-    {
-        ssl->out_hdr = ssl->out_buf + 8;
-        ssl->in_hdr  = ssl->in_buf  + 8;
-    }
-
-    /* Derive other internal pointers. */
-    mbedtls_ssl_update_out_pointers( ssl, NULL /* no transform enabled */ );
-    mbedtls_ssl_update_in_pointers ( ssl );
-}
-
-/*
- * SSL get accessors
- */
-size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl )
-{
-    return( ssl->in_offt == NULL ? 0 : ssl->in_msglen );
-}
-
-int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl )
-{
-    /*
-     * Case A: We're currently holding back
-     * a message for further processing.
-     */
-
-    if( ssl->keep_current_message == 1 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: record held back for processing" ) );
-        return( 1 );
-    }
-
-    /*
-     * Case B: Further records are pending in the current datagram.
-     */
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-        ssl->in_left > ssl->next_record_offset )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: more records within current datagram" ) );
-        return( 1 );
-    }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-    /*
-     * Case C: A handshake message is being processed.
-     */
-
-    if( ssl->in_hslen > 0 && ssl->in_hslen < ssl->in_msglen )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: more handshake messages within current record" ) );
-        return( 1 );
-    }
-
-    /*
-     * Case D: An application data message is being processed
-     */
-    if( ssl->in_offt != NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: application data record is being processed" ) );
-        return( 1 );
-    }
-
-    /*
-     * In all other cases, the rest of the message can be dropped.
-     * As in ssl_get_next_record, this needs to be adapted if
-     * we implement support for multiple alerts in single records.
-     */
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: nothing pending" ) );
-    return( 0 );
-}
-
-
-int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl )
-{
-    size_t transform_expansion = 0;
-    const mbedtls_ssl_transform *transform = ssl->transform_out;
-    unsigned block_size;
-
-    size_t out_hdr_len = mbedtls_ssl_out_hdr_len( ssl );
-
-    if( transform == NULL )
-        return( (int) out_hdr_len );
-
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-    if( ssl->session_out->compression != MBEDTLS_SSL_COMPRESS_NULL )
-        return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-#endif
-
-    switch( mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc ) )
-    {
-        case MBEDTLS_MODE_GCM:
-        case MBEDTLS_MODE_CCM:
-        case MBEDTLS_MODE_CHACHAPOLY:
-        case MBEDTLS_MODE_STREAM:
-            transform_expansion = transform->minlen;
-            break;
-
-        case MBEDTLS_MODE_CBC:
-
-            block_size = mbedtls_cipher_get_block_size(
-                &transform->cipher_ctx_enc );
-
-            /* Expansion due to the addition of the MAC. */
-            transform_expansion += transform->maclen;
-
-            /* Expansion due to the addition of CBC padding;
-             * Theoretically up to 256 bytes, but we never use
-             * more than the block size of the underlying cipher. */
-            transform_expansion += block_size;
-
-            /* For TLS 1.1 or higher, an explicit IV is added
-             * after the record header. */
-#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
-            if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
-                transform_expansion += block_size;
-#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */
-
-            break;
-
-        default:
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    if( transform->out_cid_len != 0 )
-        transform_expansion += MBEDTLS_SSL_MAX_CID_EXPANSION;
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-    return( (int)( out_hdr_len + transform_expansion ) );
-}
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-/*
- * Check record counters and renegotiate if they're above the limit.
- */
-static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl )
-{
-    size_t ep_len = mbedtls_ssl_ep_len( ssl );
-    int in_ctr_cmp;
-    int out_ctr_cmp;
-
-    if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ||
-        ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ||
-        ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED )
-    {
-        return( 0 );
-    }
-
-    in_ctr_cmp = memcmp( ssl->in_ctr + ep_len,
-                        ssl->conf->renego_period + ep_len, 8 - ep_len );
-    out_ctr_cmp = memcmp( ssl->cur_out_ctr + ep_len,
-                          ssl->conf->renego_period + ep_len, 8 - ep_len );
-
-    if( in_ctr_cmp <= 0 && out_ctr_cmp <= 0 )
-    {
-        return( 0 );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 1, ( "record counter limit reached: renegotiate" ) );
-    return( mbedtls_ssl_renegotiate( ssl ) );
-}
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-
-/*
- * Receive application data decrypted from the SSL layer
- */
-int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t n;
-
-    if( ssl == NULL || ssl->conf == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> read" ) );
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
-            return( ret );
-
-        if( ssl->handshake != NULL &&
-            ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING )
-        {
-            if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
-                return( ret );
-        }
-    }
-#endif
-
-    /*
-     * Check if renegotiation is necessary and/or handshake is
-     * in process. If yes, perform/continue, and fall through
-     * if an unexpected packet is received while the client
-     * is waiting for the ServerHello.
-     *
-     * (There is no equivalent to the last condition on
-     *  the server-side as it is not treated as within
-     *  a handshake while waiting for the ClientHello
-     *  after a renegotiation request.)
-     */
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    ret = ssl_check_ctr_renegotiate( ssl );
-    if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO &&
-        ret != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_check_ctr_renegotiate", ret );
-        return( ret );
-    }
-#endif
-
-    if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
-    {
-        ret = mbedtls_ssl_handshake( ssl );
-        if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO &&
-            ret != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret );
-            return( ret );
-        }
-    }
-
-    /* Loop as long as no application data record is available */
-    while( ssl->in_offt == NULL )
-    {
-        /* Start timer if not already running */
-        if( ssl->f_get_timer != NULL &&
-            ssl->f_get_timer( ssl->p_timer ) == -1 )
-        {
-            mbedtls_ssl_set_timer( ssl, ssl->conf->read_timeout );
-        }
-
-        if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
-        {
-            if( ret == MBEDTLS_ERR_SSL_CONN_EOF )
-                return( 0 );
-
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
-            return( ret );
-        }
-
-        if( ssl->in_msglen  == 0 &&
-            ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA )
-        {
-            /*
-             * OpenSSL sends empty messages to randomize the IV
-             */
-            if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
-            {
-                if( ret == MBEDTLS_ERR_SSL_CONN_EOF )
-                    return( 0 );
-
-                MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
-                return( ret );
-            }
-        }
-
-        if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "received handshake message" ) );
-
-            /*
-             * - For client-side, expect SERVER_HELLO_REQUEST.
-             * - For server-side, expect CLIENT_HELLO.
-             * - Fail (TLS) or silently drop record (DTLS) in other cases.
-             */
-
-#if defined(MBEDTLS_SSL_CLI_C)
-            if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT &&
-                ( ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST ||
-                  ssl->in_hslen  != mbedtls_ssl_hs_hdr_len( ssl ) ) )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not HelloRequest)" ) );
-
-                /* With DTLS, drop the packet (probably from last handshake) */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-                if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-                {
-                    continue;
-                }
-#endif
-                return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
-            }
-#endif /* MBEDTLS_SSL_CLI_C */
-
-#if defined(MBEDTLS_SSL_SRV_C)
-            if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
-                ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not ClientHello)" ) );
-
-                /* With DTLS, drop the packet (probably from last handshake) */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-                if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-                {
-                    continue;
-                }
-#endif
-                return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
-            }
-#endif /* MBEDTLS_SSL_SRV_C */
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-            /* Determine whether renegotiation attempt should be accepted */
-            if( ! ( ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED ||
-                    ( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
-                      ssl->conf->allow_legacy_renegotiation ==
-                                                   MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) ) )
-            {
-                /*
-                 * Accept renegotiation request
-                 */
-
-                /* DTLS clients need to know renego is server-initiated */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-                if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-                    ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
-                {
-                    ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING;
-                }
-#endif
-                ret = mbedtls_ssl_start_renegotiation( ssl );
-                if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO &&
-                    ret != 0 )
-                {
-                    MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_start_renegotiation",
-                                           ret );
-                    return( ret );
-                }
-            }
-            else
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-            {
-                /*
-                 * Refuse renegotiation
-                 */
-
-                MBEDTLS_SSL_DEBUG_MSG( 3, ( "refusing renegotiation, sending alert" ) );
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-                if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
-                {
-                    /* SSLv3 does not have a "no_renegotiation" warning, so
-                       we send a fatal alert and abort the connection. */
-                    mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                                    MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
-                    return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
-                }
-                else
-#endif /* MBEDTLS_SSL_PROTO_SSL3 */
-#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_2)
-                if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 )
-                {
-                    if( ( ret = mbedtls_ssl_send_alert_message( ssl,
-                                    MBEDTLS_SSL_ALERT_LEVEL_WARNING,
-                                    MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION ) ) != 0 )
-                    {
-                        return( ret );
-                    }
-                }
-                else
-#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 ||
-          MBEDTLS_SSL_PROTO_TLS1_2 */
-                {
-                    MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-                    return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-                }
-            }
-
-            /* At this point, we don't know whether the renegotiation has been
-             * completed or not. The cases to consider are the following:
-             * 1) The renegotiation is complete. In this case, no new record
-             *    has been read yet.
-             * 2) The renegotiation is incomplete because the client received
-             *    an application data record while awaiting the ServerHello.
-             * 3) The renegotiation is incomplete because the client received
-             *    a non-handshake, non-application data message while awaiting
-             *    the ServerHello.
-             * In each of these case, looping will be the proper action:
-             * - For 1), the next iteration will read a new record and check
-             *   if it's application data.
-             * - For 2), the loop condition isn't satisfied as application data
-             *   is present, hence continue is the same as break
-             * - For 3), the loop condition is satisfied and read_record
-             *   will re-deliver the message that was held back by the client
-             *   when expecting the ServerHello.
-             */
-            continue;
-        }
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-        else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING )
-        {
-            if( ssl->conf->renego_max_records >= 0 )
-            {
-                if( ++ssl->renego_records_seen > ssl->conf->renego_max_records )
-                {
-                    MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation requested, "
-                                        "but not honored by client" ) );
-                    return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
-                }
-            }
-        }
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-
-        /* Fatal and closure alerts handled by mbedtls_ssl_read_record() */
-        if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "ignoring non-fatal non-closure alert" ) );
-            return( MBEDTLS_ERR_SSL_WANT_READ );
-        }
-
-        if( ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad application data message" ) );
-            return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
-        }
-
-        ssl->in_offt = ssl->in_msg;
-
-        /* We're going to return something now, cancel timer,
-         * except if handshake (renegotiation) is in progress */
-        if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER )
-            mbedtls_ssl_set_timer( ssl, 0 );
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-        /* If we requested renego but received AppData, resend HelloRequest.
-         * Do it now, after setting in_offt, to avoid taking this branch
-         * again if ssl_write_hello_request() returns WANT_WRITE */
-#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION)
-        if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
-            ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING )
-        {
-            if( ( ret = mbedtls_ssl_resend_hello_request( ssl ) ) != 0 )
-            {
-                MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend_hello_request",
-                                       ret );
-                return( ret );
-            }
-        }
-#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-    }
-
-    n = ( len < ssl->in_msglen )
-        ? len : ssl->in_msglen;
-
-    memcpy( buf, ssl->in_offt, n );
-    ssl->in_msglen -= n;
-
-    /* Zeroising the plaintext buffer to erase unused application data
-       from the memory. */
-    mbedtls_platform_zeroize( ssl->in_offt, n );
-
-    if( ssl->in_msglen == 0 )
-    {
-        /* all bytes consumed */
-        ssl->in_offt = NULL;
-        ssl->keep_current_message = 0;
-    }
-    else
-    {
-        /* more data available */
-        ssl->in_offt += n;
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= read" ) );
-
-    return( (int) n );
-}
-
-/*
- * Send application data to be encrypted by the SSL layer, taking care of max
- * fragment length and buffer size.
- *
- * According to RFC 5246 Section 6.2.1:
- *
- *      Zero-length fragments of Application data MAY be sent as they are
- *      potentially useful as a traffic analysis countermeasure.
- *
- * Therefore, it is possible that the input message length is 0 and the
- * corresponding return code is 0 on success.
- */
-static int ssl_write_real( mbedtls_ssl_context *ssl,
-                           const unsigned char *buf, size_t len )
-{
-    int ret = mbedtls_ssl_get_max_out_record_payload( ssl );
-    const size_t max_len = (size_t) ret;
-
-    if( ret < 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_get_max_out_record_payload", ret );
-        return( ret );
-    }
-
-    if( len > max_len )
-    {
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-        if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "fragment larger than the (negotiated) "
-                                "maximum fragment length: %d > %d",
-                                len, max_len ) );
-            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-        }
-        else
-#endif
-            len = max_len;
-    }
-
-    if( ssl->out_left != 0 )
-    {
-        /*
-         * The user has previously tried to send the data and
-         * MBEDTLS_ERR_SSL_WANT_WRITE or the message was only partially
-         * written. In this case, we expect the high-level write function
-         * (e.g. mbedtls_ssl_write()) to be called with the same parameters
-         */
-        if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flush_output", ret );
-            return( ret );
-        }
-    }
-    else
-    {
-        /*
-         * The user is trying to send a message the first time, so we need to
-         * copy the data into the internal buffers and setup the data structure
-         * to keep track of partial writes
-         */
-        ssl->out_msglen  = len;
-        ssl->out_msgtype = MBEDTLS_SSL_MSG_APPLICATION_DATA;
-        memcpy( ssl->out_msg, buf, len );
-
-        if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
-            return( ret );
-        }
-    }
-
-    return( (int) len );
-}
-
-/*
- * Write application data, doing 1/n-1 splitting if necessary.
- *
- * With non-blocking I/O, ssl_write_real() may return WANT_WRITE,
- * then the caller will call us again with the same arguments, so
- * remember whether we already did the split or not.
- */
-#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
-static int ssl_write_split( mbedtls_ssl_context *ssl,
-                            const unsigned char *buf, size_t len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ssl->conf->cbc_record_splitting ==
-            MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ||
-        len <= 1 ||
-        ssl->minor_ver > MBEDTLS_SSL_MINOR_VERSION_1 ||
-        mbedtls_cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx_enc )
-                                != MBEDTLS_MODE_CBC )
-    {
-        return( ssl_write_real( ssl, buf, len ) );
-    }
-
-    if( ssl->split_done == 0 )
-    {
-        if( ( ret = ssl_write_real( ssl, buf, 1 ) ) <= 0 )
-            return( ret );
-        ssl->split_done = 1;
-    }
-
-    if( ( ret = ssl_write_real( ssl, buf + 1, len - 1 ) ) <= 0 )
-        return( ret );
-    ssl->split_done = 0;
-
-    return( ret + 1 );
-}
-#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */
-
-/*
- * Write application data (public-facing wrapper)
- */
-int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write" ) );
-
-    if( ssl == NULL || ssl->conf == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( ( ret = ssl_check_ctr_renegotiate( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_check_ctr_renegotiate", ret );
-        return( ret );
-    }
-#endif
-
-    if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
-    {
-        if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret );
-            return( ret );
-        }
-    }
-
-#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
-    ret = ssl_write_split( ssl, buf, len );
-#else
-    ret = ssl_write_real( ssl, buf, len );
-#endif
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write" ) );
-
-    return( ret );
-}
-
-/*
- * Notify the peer that the connection is being closed
- */
-int mbedtls_ssl_close_notify( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ssl == NULL || ssl->conf == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write close notify" ) );
-
-    if( ssl->out_left != 0 )
-        return( mbedtls_ssl_flush_output( ssl ) );
-
-    if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER )
-    {
-        if( ( ret = mbedtls_ssl_send_alert_message( ssl,
-                        MBEDTLS_SSL_ALERT_LEVEL_WARNING,
-                        MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_send_alert_message", ret );
-            return( ret );
-        }
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write close notify" ) );
-
-    return( 0 );
-}
-
-void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform )
-{
-    if( transform == NULL )
-        return;
-
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-    deflateEnd( &transform->ctx_deflate );
-    inflateEnd( &transform->ctx_inflate );
-#endif
-
-    mbedtls_cipher_free( &transform->cipher_ctx_enc );
-    mbedtls_cipher_free( &transform->cipher_ctx_dec );
-
-#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
-    mbedtls_md_free( &transform->md_ctx_enc );
-    mbedtls_md_free( &transform->md_ctx_dec );
-#endif
-
-    mbedtls_platform_zeroize( transform, sizeof( mbedtls_ssl_transform ) );
-}
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-
-void mbedtls_ssl_buffering_free( mbedtls_ssl_context *ssl )
-{
-    unsigned offset;
-    mbedtls_ssl_handshake_params * const hs = ssl->handshake;
-
-    if( hs == NULL )
-        return;
-
-    ssl_free_buffered_record( ssl );
-
-    for( offset = 0; offset < MBEDTLS_SSL_MAX_BUFFERED_HS; offset++ )
-        ssl_buffering_free_slot( ssl, offset );
-}
-
-static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl,
-                                     uint8_t slot )
-{
-    mbedtls_ssl_handshake_params * const hs = ssl->handshake;
-    mbedtls_ssl_hs_buffer * const hs_buf = &hs->buffering.hs[slot];
-
-    if( slot >= MBEDTLS_SSL_MAX_BUFFERED_HS )
-        return;
-
-    if( hs_buf->is_valid == 1 )
-    {
-        hs->buffering.total_bytes_buffered -= hs_buf->data_len;
-        mbedtls_platform_zeroize( hs_buf->data, hs_buf->data_len );
-        mbedtls_free( hs_buf->data );
-        memset( hs_buf, 0, sizeof( mbedtls_ssl_hs_buffer ) );
-    }
-}
-
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-/*
- * Convert version numbers to/from wire format
- * and, for DTLS, to/from TLS equivalent.
- *
- * For TLS this is the identity.
- * For DTLS, use 1's complement (v -> 255 - v, and then map as follows:
- * 1.0 <-> 3.2      (DTLS 1.0 is based on TLS 1.1)
- * 1.x <-> 3.x+1    for x != 0 (DTLS 1.2 based on TLS 1.2)
- */
-void mbedtls_ssl_write_version( int major, int minor, int transport,
-                        unsigned char ver[2] )
-{
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        if( minor == MBEDTLS_SSL_MINOR_VERSION_2 )
-            --minor; /* DTLS 1.0 stored as TLS 1.1 internally */
-
-        ver[0] = (unsigned char)( 255 - ( major - 2 ) );
-        ver[1] = (unsigned char)( 255 - ( minor - 1 ) );
-    }
-    else
-#else
-    ((void) transport);
-#endif
-    {
-        ver[0] = (unsigned char) major;
-        ver[1] = (unsigned char) minor;
-    }
-}
-
-void mbedtls_ssl_read_version( int *major, int *minor, int transport,
-                       const unsigned char ver[2] )
-{
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        *major = 255 - ver[0] + 2;
-        *minor = 255 - ver[1] + 1;
-
-        if( *minor == MBEDTLS_SSL_MINOR_VERSION_1 )
-            ++*minor; /* DTLS 1.0 stored as TLS 1.1 internally */
-    }
-    else
-#else
-    ((void) transport);
-#endif
-    {
-        *major = ver[0];
-        *minor = ver[1];
-    }
-}
-
-#endif /* MBEDTLS_SSL_TLS_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/ssl_srv.c b/3rdparty/mbedtls-2.25.0/library/ssl_srv.c
deleted file mode 100644
index e33b828..0000000
--- a/3rdparty/mbedtls-2.25.0/library/ssl_srv.c
+++ /dev/null
@@ -1,4781 +0,0 @@
-/*
- *  SSLv3/TLSv1 server-side functions
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_SSL_SRV_C)
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc    calloc
-#define mbedtls_free      free
-#endif
-
-#include "mbedtls/ssl.h"
-#include "mbedtls/ssl_internal.h"
-#include "mbedtls/debug.h"
-#include "mbedtls/error.h"
-#include "mbedtls/platform_util.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_ECP_C)
-#include "mbedtls/ecp.h"
-#endif
-
-#if defined(MBEDTLS_HAVE_TIME)
-#include "mbedtls/platform_time.h"
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
-int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl,
-                                 const unsigned char *info,
-                                 size_t ilen )
-{
-    if( ssl->conf->endpoint != MBEDTLS_SSL_IS_SERVER )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    mbedtls_free( ssl->cli_id );
-
-    if( ( ssl->cli_id = mbedtls_calloc( 1, ilen ) ) == NULL )
-        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-
-    memcpy( ssl->cli_id, info, ilen );
-    ssl->cli_id_len = ilen;
-
-    return( 0 );
-}
-
-void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf,
-                           mbedtls_ssl_cookie_write_t *f_cookie_write,
-                           mbedtls_ssl_cookie_check_t *f_cookie_check,
-                           void *p_cookie )
-{
-    conf->f_cookie_write = f_cookie_write;
-    conf->f_cookie_check = f_cookie_check;
-    conf->p_cookie       = p_cookie;
-}
-#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
-
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl,
-                                     const unsigned char *buf,
-                                     size_t len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t servername_list_size, hostname_len;
-    const unsigned char *p;
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "parse ServerName extension" ) );
-
-    if( len < 2 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-    servername_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) );
-    if( servername_list_size + 2 != len )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    p = buf + 2;
-    while( servername_list_size > 2 )
-    {
-        hostname_len = ( ( p[1] << 8 ) | p[2] );
-        if( hostname_len + 3 > servername_list_size )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                            MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-        }
-
-        if( p[0] == MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME )
-        {
-            ret = ssl->conf->f_sni( ssl->conf->p_sni,
-                                    ssl, p + 3, hostname_len );
-            if( ret != 0 )
-            {
-                MBEDTLS_SSL_DEBUG_RET( 1, "ssl_sni_wrapper", ret );
-                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                        MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME );
-                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-            }
-            return( 0 );
-        }
-
-        servername_list_size -= hostname_len + 3;
-        p += hostname_len + 3;
-    }
-
-    if( servername_list_size != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-static int ssl_conf_has_psk_or_cb( mbedtls_ssl_config const *conf )
-{
-    if( conf->f_psk != NULL )
-        return( 1 );
-
-    if( conf->psk_identity_len == 0 || conf->psk_identity == NULL )
-        return( 0 );
-
-    if( conf->psk != NULL && conf->psk_len != 0 )
-        return( 1 );
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) )
-        return( 1 );
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl )
-{
-    if( ssl->conf->f_psk != NULL )
-    {
-        /* If we've used a callback to select the PSK,
-         * the static configuration is irrelevant. */
-
-        if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) )
-            return( 1 );
-
-        return( 0 );
-    }
-
-    if( ! mbedtls_svc_key_id_is_null( ssl->conf->psk_opaque ) )
-        return( 1 );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-
-static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl,
-                                         const unsigned char *buf,
-                                         size_t len )
-{
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
-    {
-        /* Check verify-data in constant-time. The length OTOH is no secret */
-        if( len    != 1 + ssl->verify_data_len ||
-            buf[0] !=     ssl->verify_data_len ||
-            mbedtls_ssl_safer_memcmp( buf + 1, ssl->peer_verify_data,
-                          ssl->verify_data_len ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) );
-            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                            MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-        }
-    }
-    else
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-    {
-        if( len != 1 || buf[0] != 0x0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-zero length renegotiation info" ) );
-            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                            MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-        }
-
-        ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION;
-    }
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
-    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-
-/*
- * Status of the implementation of signature-algorithms extension:
- *
- * Currently, we are only considering the signature-algorithm extension
- * to pick a ciphersuite which allows us to send the ServerKeyExchange
- * message with a signature-hash combination that the user allows.
- *
- * We do *not* check whether all certificates in our certificate
- * chain are signed with an allowed signature-hash pair.
- * This needs to be done at a later stage.
- *
- */
-static int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl,
-                                               const unsigned char *buf,
-                                               size_t len )
-{
-    size_t sig_alg_list_size;
-
-    const unsigned char *p;
-    const unsigned char *end = buf + len;
-
-    mbedtls_md_type_t md_cur;
-    mbedtls_pk_type_t sig_cur;
-
-    if ( len < 2 ) {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-    sig_alg_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) );
-    if( sig_alg_list_size + 2 != len ||
-        sig_alg_list_size % 2 != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    /* Currently we only guarantee signing the ServerKeyExchange message according
-     * to the constraints specified in this extension (see above), so it suffices
-     * to remember only one suitable hash for each possible signature algorithm.
-     *
-     * This will change when we also consider certificate signatures,
-     * in which case we will need to remember the whole signature-hash
-     * pair list from the extension.
-     */
-
-    for( p = buf + 2; p < end; p += 2 )
-    {
-        /* Silently ignore unknown signature or hash algorithms. */
-
-        if( ( sig_cur = mbedtls_ssl_pk_alg_from_sig( p[1] ) ) == MBEDTLS_PK_NONE )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext"
-                                        " unknown sig alg encoding %d", p[1] ) );
-            continue;
-        }
-
-        /* Check if we support the hash the user proposes */
-        md_cur = mbedtls_ssl_md_alg_from_hash( p[0] );
-        if( md_cur == MBEDTLS_MD_NONE )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext:"
-                                        " unknown hash alg encoding %d", p[0] ) );
-            continue;
-        }
-
-        if( mbedtls_ssl_check_sig_hash( ssl, md_cur ) == 0 )
-        {
-            mbedtls_ssl_sig_hash_set_add( &ssl->handshake->hash_algs, sig_cur, md_cur );
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext:"
-                                        " match sig %d and hash %d",
-                                        sig_cur, md_cur ) );
-        }
-        else
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext: "
-                                        "hash alg %d not supported", md_cur ) );
-        }
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
-          MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
-
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
-    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-static int ssl_parse_supported_elliptic_curves( mbedtls_ssl_context *ssl,
-                                                const unsigned char *buf,
-                                                size_t len )
-{
-    size_t list_size, our_size;
-    const unsigned char *p;
-    const mbedtls_ecp_curve_info *curve_info, **curves;
-
-    if ( len < 2 ) {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-    list_size = ( ( buf[0] << 8 ) | ( buf[1] ) );
-    if( list_size + 2 != len ||
-        list_size % 2 != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    /* Should never happen unless client duplicates the extension */
-    if( ssl->handshake->curves != NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    /* Don't allow our peer to make us allocate too much memory,
-     * and leave room for a final 0 */
-    our_size = list_size / 2 + 1;
-    if( our_size > MBEDTLS_ECP_DP_MAX )
-        our_size = MBEDTLS_ECP_DP_MAX;
-
-    if( ( curves = mbedtls_calloc( our_size, sizeof( *curves ) ) ) == NULL )
-    {
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
-        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-    }
-
-    ssl->handshake->curves = curves;
-
-    p = buf + 2;
-    while( list_size > 0 && our_size > 1 )
-    {
-        curve_info = mbedtls_ecp_curve_info_from_tls_id( ( p[0] << 8 ) | p[1] );
-
-        if( curve_info != NULL )
-        {
-            *curves++ = curve_info;
-            our_size--;
-        }
-
-        list_size -= 2;
-        p += 2;
-    }
-
-    return( 0 );
-}
-
-static int ssl_parse_supported_point_formats( mbedtls_ssl_context *ssl,
-                                              const unsigned char *buf,
-                                              size_t len )
-{
-    size_t list_size;
-    const unsigned char *p;
-
-    if( len == 0 || (size_t)( buf[0] + 1 ) != len )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-    list_size = buf[0];
-
-    p = buf + 1;
-    while( list_size > 0 )
-    {
-        if( p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED ||
-            p[0] == MBEDTLS_ECP_PF_COMPRESSED )
-        {
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
-            ssl->handshake->ecdh_ctx.point_format = p[0];
-#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-            ssl->handshake->ecjpake_ctx.point_format = p[0];
-#endif
-            MBEDTLS_SSL_DEBUG_MSG( 4, ( "point format selected: %d", p[0] ) );
-            return( 0 );
-        }
-
-        list_size--;
-        p++;
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
-          MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl,
-                                   const unsigned char *buf,
-                                   size_t len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip ecjpake kkpp extension" ) );
-        return( 0 );
-    }
-
-    if( ( ret = mbedtls_ecjpake_read_round_one( &ssl->handshake->ecjpake_ctx,
-                                                buf, len ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_one", ret );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-        return( ret );
-    }
-
-    /* Only mark the extension as OK when we're sure it is */
-    ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl,
-                                              const unsigned char *buf,
-                                              size_t len )
-{
-    if( len != 1 || buf[0] >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    ssl->session_negotiate->mfl_code = buf[0];
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl,
-                              const unsigned char *buf,
-                              size_t len )
-{
-    size_t peer_cid_len;
-
-    /* CID extension only makes sense in DTLS */
-    if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    /*
-     * Quoting draft-ietf-tls-dtls-connection-id-05
-     * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05
-     *
-     *   struct {
-     *      opaque cid<0..2^8-1>;
-     *   } ConnectionId;
-    */
-
-    if( len < 1 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    peer_cid_len = *buf++;
-    len--;
-
-    if( len != peer_cid_len )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    /* Ignore CID if the user has disabled its use. */
-    if( ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED )
-    {
-        /* Leave ssl->handshake->cid_in_use in its default
-         * value of MBEDTLS_SSL_CID_DISABLED. */
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "Client sent CID extension, but CID disabled" ) );
-        return( 0 );
-    }
-
-    if( peer_cid_len > MBEDTLS_SSL_CID_OUT_LEN_MAX )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED;
-    ssl->handshake->peer_cid_len = (uint8_t) peer_cid_len;
-    memcpy( ssl->handshake->peer_cid, buf, peer_cid_len );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use of CID extension negotiated" ) );
-    MBEDTLS_SSL_DEBUG_BUF( 3, "Client CID", buf, peer_cid_len );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl,
-                                         const unsigned char *buf,
-                                         size_t len )
-{
-    if( len != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    ((void) buf);
-
-    if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED )
-        ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
-                                      const unsigned char *buf,
-                                      size_t len )
-{
-    if( len != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    ((void) buf);
-
-    if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED &&
-        ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 )
-    {
-        ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED;
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
-
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl,
-                                      const unsigned char *buf,
-                                      size_t len )
-{
-    if( len != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    ((void) buf);
-
-    if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED &&
-        ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 )
-    {
-        ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED;
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl,
-                                         unsigned char *buf,
-                                         size_t len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ssl_session session;
-
-    mbedtls_ssl_session_init( &session );
-
-    if( ssl->conf->f_ticket_parse == NULL ||
-        ssl->conf->f_ticket_write == NULL )
-    {
-        return( 0 );
-    }
-
-    /* Remember the client asked us to send a new ticket */
-    ssl->handshake->new_session_ticket = 1;
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket length: %d", len ) );
-
-    if( len == 0 )
-        return( 0 );
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket rejected: renegotiating" ) );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-
-    /*
-     * Failures are ok: just ignore the ticket and proceed.
-     */
-    if( ( ret = ssl->conf->f_ticket_parse( ssl->conf->p_ticket, &session,
-                                           buf, len ) ) != 0 )
-    {
-        mbedtls_ssl_session_free( &session );
-
-        if( ret == MBEDTLS_ERR_SSL_INVALID_MAC )
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket is not authentic" ) );
-        else if( ret == MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED )
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket is expired" ) );
-        else
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_ticket_parse", ret );
-
-        return( 0 );
-    }
-
-    /*
-     * Keep the session ID sent by the client, since we MUST send it back to
-     * inform them we're accepting the ticket  (RFC 5077 section 3.4)
-     */
-    session.id_len = ssl->session_negotiate->id_len;
-    memcpy( &session.id, ssl->session_negotiate->id, session.id_len );
-
-    mbedtls_ssl_session_free( ssl->session_negotiate );
-    memcpy( ssl->session_negotiate, &session, sizeof( mbedtls_ssl_session ) );
-
-    /* Zeroize instead of free as we copied the content */
-    mbedtls_platform_zeroize( &session, sizeof( mbedtls_ssl_session ) );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from ticket" ) );
-
-    ssl->handshake->resume = 1;
-
-    /* Don't send a new ticket after all, this one is OK */
-    ssl->handshake->new_session_ticket = 0;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
-
-#if defined(MBEDTLS_SSL_ALPN)
-static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl,
-                               const unsigned char *buf, size_t len )
-{
-    size_t list_len, cur_len, ours_len;
-    const unsigned char *theirs, *start, *end;
-    const char **ours;
-
-    /* If ALPN not configured, just ignore the extension */
-    if( ssl->conf->alpn_list == NULL )
-        return( 0 );
-
-    /*
-     * opaque ProtocolName<1..2^8-1>;
-     *
-     * struct {
-     *     ProtocolName protocol_name_list<2..2^16-1>
-     * } ProtocolNameList;
-     */
-
-    /* Min length is 2 (list_len) + 1 (name_len) + 1 (name) */
-    if( len < 4 )
-    {
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    list_len = ( buf[0] << 8 ) | buf[1];
-    if( list_len != len - 2 )
-    {
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    /*
-     * Validate peer's list (lengths)
-     */
-    start = buf + 2;
-    end = buf + len;
-    for( theirs = start; theirs != end; theirs += cur_len )
-    {
-        cur_len = *theirs++;
-
-        /* Current identifier must fit in list */
-        if( cur_len > (size_t)( end - theirs ) )
-        {
-            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                            MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-        }
-
-        /* Empty strings MUST NOT be included */
-        if( cur_len == 0 )
-        {
-            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                            MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-        }
-    }
-
-    /*
-     * Use our order of preference
-     */
-    for( ours = ssl->conf->alpn_list; *ours != NULL; ours++ )
-    {
-        ours_len = strlen( *ours );
-        for( theirs = start; theirs != end; theirs += cur_len )
-        {
-            cur_len = *theirs++;
-
-            if( cur_len == ours_len &&
-                memcmp( theirs, *ours, cur_len ) == 0 )
-            {
-                ssl->alpn_chosen = *ours;
-                return( 0 );
-            }
-        }
-    }
-
-    /* If we get there, no match was found */
-    mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                            MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL );
-    return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-}
-#endif /* MBEDTLS_SSL_ALPN */
-
-#if defined(MBEDTLS_SSL_DTLS_SRTP)
-static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl,
-                                   const unsigned char *buf,
-                                   size_t len )
-{
-    mbedtls_ssl_srtp_profile client_protection = MBEDTLS_TLS_SRTP_UNSET;
-    size_t i,j;
-    size_t profile_length;
-    uint16_t mki_length;
-    /*! 2 bytes for profile length and 1 byte for mki len */
-    const size_t size_of_lengths = 3;
-
-    /* If use_srtp is not configured, just ignore the extension */
-    if( ( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) ||
-        ( ssl->conf->dtls_srtp_profile_list == NULL ) ||
-        ( ssl->conf->dtls_srtp_profile_list_len == 0 ) )
-    {
-        return( 0 );
-    }
-
-    /* RFC5764 section 4.1.1
-     * uint8 SRTPProtectionProfile[2];
-     *
-     * struct {
-     *   SRTPProtectionProfiles SRTPProtectionProfiles;
-     *   opaque srtp_mki<0..255>;
-     * } UseSRTPData;
-
-     * SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1>;
-     */
-
-    /*
-     * Min length is 5: at least one protection profile(2 bytes)
-     *                  and length(2 bytes) + srtp_mki length(1 byte)
-     * Check here that we have at least 2 bytes of protection profiles length
-     * and one of srtp_mki length
-     */
-    if( len < size_of_lengths )
-    {
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-   ssl->dtls_srtp_info.chosen_dtls_srtp_profile = MBEDTLS_TLS_SRTP_UNSET;
-
-    /* first 2 bytes are protection profile length(in bytes) */
-    profile_length = ( buf[0] << 8 ) | buf[1];
-    buf += 2;
-
-    /* The profile length cannot be bigger than input buffer size - lengths fields */
-    if( profile_length > len - size_of_lengths ||
-        profile_length % 2 != 0 ) /* profiles are 2 bytes long, so the length must be even */
-    {
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-    /*
-     * parse the extension list values are defined in
-     * http://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml
-     */
-    for( j = 0; j < profile_length; j += 2 )
-    {
-        uint16_t protection_profile_value = buf[j] << 8 | buf[j + 1];
-        client_protection = mbedtls_ssl_check_srtp_profile_value( protection_profile_value );
-
-        if( client_protection != MBEDTLS_TLS_SRTP_UNSET )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "found srtp profile: %s",
-                                    mbedtls_ssl_get_srtp_profile_as_string(
-                                            client_protection ) ) );
-        }
-        else
-        {
-            continue;
-        }
-        /* check if suggested profile is in our list */
-        for( i = 0; i < ssl->conf->dtls_srtp_profile_list_len; i++)
-        {
-            if( client_protection == ssl->conf->dtls_srtp_profile_list[i] )
-            {
-                ssl->dtls_srtp_info.chosen_dtls_srtp_profile = ssl->conf->dtls_srtp_profile_list[i];
-                MBEDTLS_SSL_DEBUG_MSG( 3, ( "selected srtp profile: %s",
-                                            mbedtls_ssl_get_srtp_profile_as_string(
-                                                    client_protection ) ) );
-                break;
-            }
-        }
-        if( ssl->dtls_srtp_info.chosen_dtls_srtp_profile != MBEDTLS_TLS_SRTP_UNSET )
-            break;
-    }
-    buf += profile_length; /* buf points to the mki length */
-    mki_length = *buf;
-    buf++;
-
-    if( mki_length > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH ||
-        mki_length + profile_length + size_of_lengths != len )
-    {
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    /* Parse the mki only if present and mki is supported locally */
-    if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED &&
-          mki_length > 0 )
-    {
-        ssl->dtls_srtp_info.mki_len = mki_length;
-
-        memcpy( ssl->dtls_srtp_info.mki_value, buf, mki_length );
-
-        MBEDTLS_SSL_DEBUG_BUF( 3, "using mki",  ssl->dtls_srtp_info.mki_value,
-                                                ssl->dtls_srtp_info.mki_len );
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-
-/*
- * Auxiliary functions for ServerHello parsing and related actions
- */
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-/*
- * Return 0 if the given key uses one of the acceptable curves, -1 otherwise
- */
-#if defined(MBEDTLS_ECDSA_C)
-static int ssl_check_key_curve( mbedtls_pk_context *pk,
-                                const mbedtls_ecp_curve_info **curves )
-{
-    const mbedtls_ecp_curve_info **crv = curves;
-    mbedtls_ecp_group_id grp_id = mbedtls_pk_ec( *pk )->grp.id;
-
-    while( *crv != NULL )
-    {
-        if( (*crv)->grp_id == grp_id )
-            return( 0 );
-        crv++;
-    }
-
-    return( -1 );
-}
-#endif /* MBEDTLS_ECDSA_C */
-
-/*
- * Try picking a certificate for this ciphersuite,
- * return 0 on success and -1 on failure.
- */
-static int ssl_pick_cert( mbedtls_ssl_context *ssl,
-                          const mbedtls_ssl_ciphersuite_t * ciphersuite_info )
-{
-    mbedtls_ssl_key_cert *cur, *list, *fallback = NULL;
-    mbedtls_pk_type_t pk_alg =
-        mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info );
-    uint32_t flags;
-
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-    if( ssl->handshake->sni_key_cert != NULL )
-        list = ssl->handshake->sni_key_cert;
-    else
-#endif
-        list = ssl->conf->key_cert;
-
-    if( pk_alg == MBEDTLS_PK_NONE )
-        return( 0 );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite requires certificate" ) );
-
-    if( list == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "server has no certificate" ) );
-        return( -1 );
-    }
-
-    for( cur = list; cur != NULL; cur = cur->next )
-    {
-        flags = 0;
-        MBEDTLS_SSL_DEBUG_CRT( 3, "candidate certificate chain, certificate",
-                          cur->cert );
-
-        if( ! mbedtls_pk_can_do( &cur->cert->pk, pk_alg ) )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: key type" ) );
-            continue;
-        }
-
-        /*
-         * This avoids sending the client a cert it'll reject based on
-         * keyUsage or other extensions.
-         *
-         * It also allows the user to provision different certificates for
-         * different uses based on keyUsage, eg if they want to avoid signing
-         * and decrypting with the same RSA key.
-         */
-        if( mbedtls_ssl_check_cert_usage( cur->cert, ciphersuite_info,
-                                  MBEDTLS_SSL_IS_SERVER, &flags ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: "
-                                "(extended) key usage extension" ) );
-            continue;
-        }
-
-#if defined(MBEDTLS_ECDSA_C)
-        if( pk_alg == MBEDTLS_PK_ECDSA &&
-            ssl_check_key_curve( &cur->cert->pk, ssl->handshake->curves ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: elliptic curve" ) );
-            continue;
-        }
-#endif
-
-        /*
-         * Try to select a SHA-1 certificate for pre-1.2 clients, but still
-         * present them a SHA-higher cert rather than failing if it's the only
-         * one we got that satisfies the other conditions.
-         */
-        if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 &&
-            cur->cert->sig_md != MBEDTLS_MD_SHA1 )
-        {
-            if( fallback == NULL )
-                fallback = cur;
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate not preferred: "
-                                    "sha-2 with pre-TLS 1.2 client" ) );
-            continue;
-            }
-        }
-
-        /* If we get there, we got a winner */
-        break;
-    }
-
-    if( cur == NULL )
-        cur = fallback;
-
-    /* Do not update ssl->handshake->key_cert unless there is a match */
-    if( cur != NULL )
-    {
-        ssl->handshake->key_cert = cur;
-        MBEDTLS_SSL_DEBUG_CRT( 3, "selected certificate chain, certificate",
-                          ssl->handshake->key_cert->cert );
-        return( 0 );
-    }
-
-    return( -1 );
-}
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-/*
- * Check if a given ciphersuite is suitable for use with our config/keys/etc
- * Sets ciphersuite_info only if the suite matches.
- */
-static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id,
-                                  const mbedtls_ssl_ciphersuite_t **ciphersuite_info )
-{
-    const mbedtls_ssl_ciphersuite_t *suite_info;
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
-    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-    mbedtls_pk_type_t sig_type;
-#endif
-
-    suite_info = mbedtls_ssl_ciphersuite_from_id( suite_id );
-    if( suite_info == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "trying ciphersuite: %#04x (%s)",
-                                suite_id, suite_info->name ) );
-
-    if( suite_info->min_minor_ver > ssl->minor_ver ||
-        suite_info->max_minor_ver < ssl->minor_ver )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: version" ) );
-        return( 0 );
-    }
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-        ( suite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS ) )
-        return( 0 );
-#endif
-
-#if defined(MBEDTLS_ARC4_C)
-    if( ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED &&
-            suite_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: rc4" ) );
-        return( 0 );
-    }
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-    if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE &&
-        ( ssl->handshake->cli_exts & MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK ) == 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: ecjpake "
-                                    "not configured or ext missing" ) );
-        return( 0 );
-    }
-#endif
-
-
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
-    if( mbedtls_ssl_ciphersuite_uses_ec( suite_info ) &&
-        ( ssl->handshake->curves == NULL ||
-          ssl->handshake->curves[0] == NULL ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: "
-                            "no common elliptic curve" ) );
-        return( 0 );
-    }
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-    /* If the ciphersuite requires a pre-shared key and we don't
-     * have one, skip it now rather than failing later */
-    if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) &&
-        ssl_conf_has_psk_or_cb( ssl->conf ) == 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no pre-shared key" ) );
-        return( 0 );
-    }
-#endif
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
-    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-    /* If the ciphersuite requires signing, check whether
-     * a suitable hash algorithm is present. */
-    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
-    {
-        sig_type = mbedtls_ssl_get_ciphersuite_sig_alg( suite_info );
-        if( sig_type != MBEDTLS_PK_NONE &&
-            mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, sig_type ) == MBEDTLS_MD_NONE )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no suitable hash algorithm "
-                                        "for signature algorithm %d", sig_type ) );
-            return( 0 );
-        }
-    }
-
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
-          MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    /*
-     * Final check: if ciphersuite requires us to have a
-     * certificate/key of a particular type:
-     * - select the appropriate certificate if we have one, or
-     * - try the next ciphersuite if we don't
-     * This must be done last since we modify the key_cert list.
-     */
-    if( ssl_pick_cert( ssl, suite_info ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: "
-                            "no suitable certificate" ) );
-        return( 0 );
-    }
-#endif
-
-    *ciphersuite_info = suite_info;
-    return( 0 );
-}
-
-#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO)
-static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl )
-{
-    int ret, got_common_suite;
-    unsigned int i, j;
-    size_t n;
-    unsigned int ciph_len, sess_len, chal_len;
-    unsigned char *buf, *p;
-    const int *ciphersuites;
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client hello v2" ) );
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "client hello v2 illegal for renegotiation" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-
-    buf = ssl->in_hdr;
-
-    MBEDTLS_SSL_DEBUG_BUF( 4, "record header", buf, 5 );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, message type: %d",
-                   buf[2] ) );
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, message len.: %d",
-                   ( ( buf[0] & 0x7F ) << 8 ) | buf[1] ) );
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, max. version: [%d:%d]",
-                   buf[3], buf[4] ) );
-
-    /*
-     * SSLv2 Client Hello
-     *
-     * Record layer:
-     *     0  .   1   message length
-     *
-     * SSL layer:
-     *     2  .   2   message type
-     *     3  .   4   protocol version
-     */
-    if( buf[2] != MBEDTLS_SSL_HS_CLIENT_HELLO ||
-        buf[3] != MBEDTLS_SSL_MAJOR_VERSION_3 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    n = ( ( buf[0] << 8 ) | buf[1] ) & 0x7FFF;
-
-    if( n < 17 || n > 512 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    ssl->major_ver = MBEDTLS_SSL_MAJOR_VERSION_3;
-    ssl->minor_ver = ( buf[4] <= ssl->conf->max_minor_ver )
-                     ? buf[4]  : ssl->conf->max_minor_ver;
-
-    if( ssl->minor_ver < ssl->conf->min_minor_ver )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum"
-                            " [%d:%d] < [%d:%d]",
-                            ssl->major_ver, ssl->minor_ver,
-                            ssl->conf->min_major_ver, ssl->conf->min_minor_ver ) );
-
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                     MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION );
-        return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION );
-    }
-
-    ssl->handshake->max_major_ver = buf[3];
-    ssl->handshake->max_minor_ver = buf[4];
-
-    if( ( ret = mbedtls_ssl_fetch_input( ssl, 2 + n ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret );
-        return( ret );
-    }
-
-    ssl->handshake->update_checksum( ssl, buf + 2, n );
-
-    buf = ssl->in_msg;
-    n = ssl->in_left - 5;
-
-    /*
-     *    0  .   1   ciphersuitelist length
-     *    2  .   3   session id length
-     *    4  .   5   challenge length
-     *    6  .  ..   ciphersuitelist
-     *   ..  .  ..   session id
-     *   ..  .  ..   challenge
-     */
-    MBEDTLS_SSL_DEBUG_BUF( 4, "record contents", buf, n );
-
-    ciph_len = ( buf[0] << 8 ) | buf[1];
-    sess_len = ( buf[2] << 8 ) | buf[3];
-    chal_len = ( buf[4] << 8 ) | buf[5];
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciph_len: %d, sess_len: %d, chal_len: %d",
-                   ciph_len, sess_len, chal_len ) );
-
-    /*
-     * Make sure each parameter length is valid
-     */
-    if( ciph_len < 3 || ( ciph_len % 3 ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    if( sess_len > 32 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    if( chal_len < 8 || chal_len > 32 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    if( n != 6 + ciph_len + sess_len + chal_len )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist",
-                   buf + 6, ciph_len );
-    MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id",
-                   buf + 6 + ciph_len, sess_len );
-    MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, challenge",
-                   buf + 6 + ciph_len + sess_len, chal_len );
-
-    p = buf + 6 + ciph_len;
-    ssl->session_negotiate->id_len = sess_len;
-    memset( ssl->session_negotiate->id, 0,
-            sizeof( ssl->session_negotiate->id ) );
-    memcpy( ssl->session_negotiate->id, p, ssl->session_negotiate->id_len );
-
-    p += sess_len;
-    memset( ssl->handshake->randbytes, 0, 64 );
-    memcpy( ssl->handshake->randbytes + 32 - chal_len, p, chal_len );
-
-    /*
-     * Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV
-     */
-    for( i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3 )
-    {
-        if( p[0] == 0 && p[1] == 0 && p[2] == MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) );
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-            if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV "
-                                    "during renegotiation" ) );
-
-                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                                MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-            }
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-            ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION;
-            break;
-        }
-    }
-
-#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
-    for( i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3 )
-    {
-        if( p[0] == 0 &&
-            p[1] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 ) & 0xff ) &&
-            p[2] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE      ) & 0xff ) )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "received FALLBACK_SCSV" ) );
-
-            if( ssl->minor_ver < ssl->conf->max_minor_ver )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "inapropriate fallback" ) );
-
-                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK );
-
-                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-            }
-
-            break;
-        }
-    }
-#endif /* MBEDTLS_SSL_FALLBACK_SCSV */
-
-    got_common_suite = 0;
-    ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver];
-    ciphersuite_info = NULL;
-#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE)
-    for( j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3 )
-        for( i = 0; ciphersuites[i] != 0; i++ )
-#else
-    for( i = 0; ciphersuites[i] != 0; i++ )
-        for( j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3 )
-#endif
-        {
-            if( p[0] != 0 ||
-                p[1] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) ||
-                p[2] != ( ( ciphersuites[i]      ) & 0xFF ) )
-                continue;
-
-            got_common_suite = 1;
-
-            if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i],
-                                               &ciphersuite_info ) ) != 0 )
-                return( ret );
-
-            if( ciphersuite_info != NULL )
-                goto have_ciphersuite_v2;
-        }
-
-    if( got_common_suite )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "got ciphersuites in common, "
-                            "but none of them usable" ) );
-        return( MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE );
-    }
-    else
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) );
-        return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN );
-    }
-
-have_ciphersuite_v2:
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", ciphersuite_info->name ) );
-
-    ssl->session_negotiate->ciphersuite = ciphersuites[i];
-    ssl->handshake->ciphersuite_info = ciphersuite_info;
-
-    /*
-     * SSLv2 Client Hello relevant renegotiation security checks
-     */
-    if( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
-        ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    ssl->in_left = 0;
-    ssl->state++;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client hello v2" ) );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */
-
-/* This function doesn't alert on errors that happen early during
-   ClientHello parsing because they might indicate that the client is
-   not talking SSL/TLS at all and would not understand our alert. */
-static int ssl_parse_client_hello( mbedtls_ssl_context *ssl )
-{
-    int ret, got_common_suite;
-    size_t i, j;
-    size_t ciph_offset, comp_offset, ext_offset;
-    size_t msg_len, ciph_len, sess_len, comp_len, ext_len;
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    size_t cookie_offset, cookie_len;
-#endif
-    unsigned char *buf, *p, *ext;
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    int renegotiation_info_seen = 0;
-#endif
-    int handshake_failure = 0;
-    const int *ciphersuites;
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
-    int major, minor;
-
-    /* If there is no signature-algorithm extension present,
-     * we need to fall back to the default values for allowed
-     * signature-hash pairs. */
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
-    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-    int sig_hash_alg_ext_present = 0;
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
-          MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) );
-
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-read_record_header:
-#endif
-    /*
-     * If renegotiating, then the input was read with mbedtls_ssl_read_record(),
-     * otherwise read it ourselves manually in order to support SSLv2
-     * ClientHello, which doesn't use the same record layer format.
-     */
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE )
-#endif
-    {
-        if( ( ret = mbedtls_ssl_fetch_input( ssl, 5 ) ) != 0 )
-        {
-            /* No alert on a read error. */
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret );
-            return( ret );
-        }
-    }
-
-    buf = ssl->in_hdr;
-
-#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO)
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM )
-#endif
-        if( ( buf[0] & 0x80 ) != 0 )
-            return( ssl_parse_client_hello_v2( ssl ) );
-#endif
-
-    MBEDTLS_SSL_DEBUG_BUF( 4, "record header", buf, mbedtls_ssl_in_hdr_len( ssl ) );
-
-    /*
-     * SSLv3/TLS Client Hello
-     *
-     * Record layer:
-     *     0  .   0   message type
-     *     1  .   2   protocol version
-     *     3  .   11  DTLS: epoch + record sequence number
-     *     3  .   4   message length
-     */
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, message type: %d",
-                   buf[0] ) );
-
-    if( buf[0] != MBEDTLS_SSL_MSG_HANDSHAKE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, message len.: %d",
-                   ( ssl->in_len[0] << 8 ) | ssl->in_len[1] ) );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, protocol version: [%d:%d]",
-                   buf[1], buf[2] ) );
-
-    mbedtls_ssl_read_version( &major, &minor, ssl->conf->transport, buf + 1 );
-
-    /* According to RFC 5246 Appendix E.1, the version here is typically
-     * "{03,00}, the lowest version number supported by the client, [or] the
-     * value of ClientHello.client_version", so the only meaningful check here
-     * is the major version shouldn't be less than 3 */
-    if( major < MBEDTLS_SSL_MAJOR_VERSION_3 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    /* For DTLS if this is the initial handshake, remember the client sequence
-     * number to use it in our next message (RFC 6347 4.2.1) */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-        && ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE
-#endif
-        )
-    {
-        /* Epoch should be 0 for initial handshakes */
-        if( ssl->in_ctr[0] != 0 || ssl->in_ctr[1] != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-        }
-
-        memcpy( ssl->cur_out_ctr + 2, ssl->in_ctr + 2, 6 );
-
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-        if( mbedtls_ssl_dtls_replay_check( ssl ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "replayed record, discarding" ) );
-            ssl->next_record_offset = 0;
-            ssl->in_left = 0;
-            goto read_record_header;
-        }
-
-        /* No MAC to check yet, so we can update right now */
-        mbedtls_ssl_dtls_replay_update( ssl );
-#endif
-    }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-    msg_len = ( ssl->in_len[0] << 8 ) | ssl->in_len[1];
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
-    {
-        /* Set by mbedtls_ssl_read_record() */
-        msg_len = ssl->in_hslen;
-    }
-    else
-#endif
-    {
-        if( msg_len > MBEDTLS_SSL_IN_CONTENT_LEN )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-        }
-
-        if( ( ret = mbedtls_ssl_fetch_input( ssl,
-                       mbedtls_ssl_in_hdr_len( ssl ) + msg_len ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret );
-            return( ret );
-        }
-
-    /* Done reading this record, get ready for the next one */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-        if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-            ssl->next_record_offset = msg_len + mbedtls_ssl_in_hdr_len( ssl );
-        else
-#endif
-            ssl->in_left = 0;
-    }
-
-    buf = ssl->in_msg;
-
-    MBEDTLS_SSL_DEBUG_BUF( 4, "record contents", buf, msg_len );
-
-    ssl->handshake->update_checksum( ssl, buf, msg_len );
-
-    /*
-     * Handshake layer:
-     *     0  .   0   handshake type
-     *     1  .   3   handshake length
-     *     4  .   5   DTLS only: message seqence number
-     *     6  .   8   DTLS only: fragment offset
-     *     9  .  11   DTLS only: fragment length
-     */
-    if( msg_len < mbedtls_ssl_hs_hdr_len( ssl ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake type: %d", buf[0] ) );
-
-    if( buf[0] != MBEDTLS_SSL_HS_CLIENT_HELLO )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake len.: %d",
-                   ( buf[1] << 16 ) | ( buf[2] << 8 ) | buf[3] ) );
-
-    /* We don't support fragmentation of ClientHello (yet?) */
-    if( buf[1] != 0 ||
-        msg_len != mbedtls_ssl_hs_hdr_len( ssl ) + ( ( buf[2] << 8 ) | buf[3] ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        /*
-         * Copy the client's handshake message_seq on initial handshakes,
-         * check sequence number on renego.
-         */
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-        if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
-        {
-            /* This couldn't be done in ssl_prepare_handshake_record() */
-            unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) |
-                                         ssl->in_msg[5];
-
-            if( cli_msg_seq != ssl->handshake->in_msg_seq )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message_seq: "
-                                    "%d (expected %d)", cli_msg_seq,
-                                    ssl->handshake->in_msg_seq ) );
-                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-            }
-
-            ssl->handshake->in_msg_seq++;
-        }
-        else
-#endif
-        {
-            unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) |
-                                         ssl->in_msg[5];
-            ssl->handshake->out_msg_seq = cli_msg_seq;
-            ssl->handshake->in_msg_seq  = cli_msg_seq + 1;
-        }
-
-        /*
-         * For now we don't support fragmentation, so make sure
-         * fragment_offset == 0 and fragment_length == length
-         */
-        if( ssl->in_msg[6] != 0 || ssl->in_msg[7] != 0 || ssl->in_msg[8] != 0 ||
-            memcmp( ssl->in_msg + 1, ssl->in_msg + 9, 3 ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "ClientHello fragmentation not supported" ) );
-            return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-        }
-    }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-    buf += mbedtls_ssl_hs_hdr_len( ssl );
-    msg_len -= mbedtls_ssl_hs_hdr_len( ssl );
-
-    /*
-     * ClientHello layer:
-     *     0  .   1   protocol version
-     *     2  .  33   random bytes (starting with 4 bytes of Unix time)
-     *    34  .  35   session id length (1 byte)
-     *    35  . 34+x  session id
-     *   35+x . 35+x  DTLS only: cookie length (1 byte)
-     *   36+x .  ..   DTLS only: cookie
-     *    ..  .  ..   ciphersuite list length (2 bytes)
-     *    ..  .  ..   ciphersuite list
-     *    ..  .  ..   compression alg. list length (1 byte)
-     *    ..  .  ..   compression alg. list
-     *    ..  .  ..   extensions length (2 bytes, optional)
-     *    ..  .  ..   extensions (optional)
-     */
-
-    /*
-     * Minimal length (with everything empty and extensions omitted) is
-     * 2 + 32 + 1 + 2 + 1 = 38 bytes. Check that first, so that we can
-     * read at least up to session id length without worrying.
-     */
-    if( msg_len < 38 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    /*
-     * Check and save the protocol version
-     */
-    MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, version", buf, 2 );
-
-    mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver,
-                      ssl->conf->transport, buf );
-
-    ssl->handshake->max_major_ver = ssl->major_ver;
-    ssl->handshake->max_minor_ver = ssl->minor_ver;
-
-    if( ssl->major_ver < ssl->conf->min_major_ver ||
-        ssl->minor_ver < ssl->conf->min_minor_ver )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum"
-                            " [%d:%d] < [%d:%d]",
-                            ssl->major_ver, ssl->minor_ver,
-                            ssl->conf->min_major_ver, ssl->conf->min_minor_ver ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                     MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION );
-        return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION );
-    }
-
-    if( ssl->major_ver > ssl->conf->max_major_ver )
-    {
-        ssl->major_ver = ssl->conf->max_major_ver;
-        ssl->minor_ver = ssl->conf->max_minor_ver;
-    }
-    else if( ssl->minor_ver > ssl->conf->max_minor_ver )
-        ssl->minor_ver = ssl->conf->max_minor_ver;
-
-    /*
-     * Save client random (inc. Unix time)
-     */
-    MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", buf + 2, 32 );
-
-    memcpy( ssl->handshake->randbytes, buf + 2, 32 );
-
-    /*
-     * Check the session ID length and save session ID
-     */
-    sess_len = buf[34];
-
-    if( sess_len > sizeof( ssl->session_negotiate->id ) ||
-        sess_len + 34 + 2 > msg_len ) /* 2 for cipherlist length field */
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", buf + 35, sess_len );
-
-    ssl->session_negotiate->id_len = sess_len;
-    memset( ssl->session_negotiate->id, 0,
-            sizeof( ssl->session_negotiate->id ) );
-    memcpy( ssl->session_negotiate->id, buf + 35,
-            ssl->session_negotiate->id_len );
-
-    /*
-     * Check the cookie length and content
-     */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        cookie_offset = 35 + sess_len;
-        cookie_len = buf[cookie_offset];
-
-        if( cookie_offset + 1 + cookie_len + 2 > msg_len )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                            MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-        }
-
-        MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, cookie",
-                       buf + cookie_offset + 1, cookie_len );
-
-#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
-        if( ssl->conf->f_cookie_check != NULL
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-            && ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE
-#endif
-            )
-        {
-            if( ssl->conf->f_cookie_check( ssl->conf->p_cookie,
-                                     buf + cookie_offset + 1, cookie_len,
-                                     ssl->cli_id, ssl->cli_id_len ) != 0 )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification failed" ) );
-                ssl->handshake->verify_cookie_len = 1;
-            }
-            else
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification passed" ) );
-                ssl->handshake->verify_cookie_len = 0;
-            }
-        }
-        else
-#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
-        {
-            /* We know we didn't send a cookie, so it should be empty */
-            if( cookie_len != 0 )
-            {
-                /* This may be an attacker's probe, so don't send an alert */
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-            }
-
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification skipped" ) );
-        }
-
-    /*
-     * Check the ciphersuitelist length (will be parsed later)
-     */
-        ciph_offset = cookie_offset + 1 + cookie_len;
-    }
-    else
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-        ciph_offset = 35 + sess_len;
-
-    ciph_len = ( buf[ciph_offset + 0] << 8 )
-             | ( buf[ciph_offset + 1]      );
-
-    if( ciph_len < 2 ||
-        ciph_len + 2 + ciph_offset + 1 > msg_len || /* 1 for comp. alg. len */
-        ( ciph_len % 2 ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist",
-                   buf + ciph_offset + 2,  ciph_len );
-
-    /*
-     * Check the compression algorithms length and pick one
-     */
-    comp_offset = ciph_offset + 2 + ciph_len;
-
-    comp_len = buf[comp_offset];
-
-    if( comp_len < 1 ||
-        comp_len > 16 ||
-        comp_len + comp_offset + 1 > msg_len )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, compression",
-                      buf + comp_offset + 1, comp_len );
-
-    ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL;
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-    for( i = 0; i < comp_len; ++i )
-    {
-        if( buf[comp_offset + 1 + i] == MBEDTLS_SSL_COMPRESS_DEFLATE )
-        {
-            ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_DEFLATE;
-            break;
-        }
-    }
-#endif
-
-    /* See comments in ssl_write_client_hello() */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL;
-#endif
-
-    /* Do not parse the extensions if the protocol is SSLv3 */
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-    if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) )
-    {
-#endif
-        /*
-         * Check the extension length
-         */
-        ext_offset = comp_offset + 1 + comp_len;
-        if( msg_len > ext_offset )
-        {
-            if( msg_len < ext_offset + 2 )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                                MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-            }
-
-            ext_len = ( buf[ext_offset + 0] << 8 )
-                    | ( buf[ext_offset + 1]      );
-
-            if( ( ext_len > 0 && ext_len < 4 ) ||
-                msg_len != ext_offset + 2 + ext_len )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                                MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-            }
-        }
-        else
-            ext_len = 0;
-
-        ext = buf + ext_offset + 2;
-        MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", ext, ext_len );
-
-        while( ext_len != 0 )
-        {
-            unsigned int ext_id;
-            unsigned int ext_size;
-            if ( ext_len < 4 ) {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                               MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-            }
-            ext_id   = ( ( ext[0] <<  8 ) | ( ext[1] ) );
-            ext_size = ( ( ext[2] <<  8 ) | ( ext[3] ) );
-
-            if( ext_size + 4 > ext_len )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                                MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-            }
-            switch( ext_id )
-            {
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-            case MBEDTLS_TLS_EXT_SERVERNAME:
-                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ServerName extension" ) );
-                if( ssl->conf->f_sni == NULL )
-                    break;
-
-                ret = ssl_parse_servername_ext( ssl, ext + 4, ext_size );
-                if( ret != 0 )
-                    return( ret );
-                break;
-#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
-
-            case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO:
-                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) );
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-                renegotiation_info_seen = 1;
-#endif
-
-                ret = ssl_parse_renegotiation_info( ssl, ext + 4, ext_size );
-                if( ret != 0 )
-                    return( ret );
-                break;
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
-    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-            case MBEDTLS_TLS_EXT_SIG_ALG:
-                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) );
-
-                ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, ext_size );
-                if( ret != 0 )
-                    return( ret );
-
-                sig_hash_alg_ext_present = 1;
-                break;
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
-          MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
-
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
-    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-            case MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES:
-                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported elliptic curves extension" ) );
-
-                ret = ssl_parse_supported_elliptic_curves( ssl, ext + 4, ext_size );
-                if( ret != 0 )
-                    return( ret );
-                break;
-
-            case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS:
-                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported point formats extension" ) );
-                ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT;
-
-                ret = ssl_parse_supported_point_formats( ssl, ext + 4, ext_size );
-                if( ret != 0 )
-                    return( ret );
-                break;
-#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
-          MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-            case MBEDTLS_TLS_EXT_ECJPAKE_KKPP:
-                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ecjpake kkpp extension" ) );
-
-                ret = ssl_parse_ecjpake_kkpp( ssl, ext + 4, ext_size );
-                if( ret != 0 )
-                    return( ret );
-                break;
-#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-            case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH:
-                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max fragment length extension" ) );
-
-                ret = ssl_parse_max_fragment_length_ext( ssl, ext + 4, ext_size );
-                if( ret != 0 )
-                    return( ret );
-                break;
-#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-            case MBEDTLS_TLS_EXT_TRUNCATED_HMAC:
-                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated hmac extension" ) );
-
-                ret = ssl_parse_truncated_hmac_ext( ssl, ext + 4, ext_size );
-                if( ret != 0 )
-                    return( ret );
-                break;
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-            case MBEDTLS_TLS_EXT_CID:
-                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) );
-
-                ret = ssl_parse_cid_ext( ssl, ext + 4, ext_size );
-                if( ret != 0 )
-                    return( ret );
-                break;
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-            case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC:
-                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found encrypt then mac extension" ) );
-
-                ret = ssl_parse_encrypt_then_mac_ext( ssl, ext + 4, ext_size );
-                if( ret != 0 )
-                    return( ret );
-                break;
-#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
-
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-            case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET:
-                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found extended master secret extension" ) );
-
-                ret = ssl_parse_extended_ms_ext( ssl, ext + 4, ext_size );
-                if( ret != 0 )
-                    return( ret );
-                break;
-#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-            case MBEDTLS_TLS_EXT_SESSION_TICKET:
-                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found session ticket extension" ) );
-
-                ret = ssl_parse_session_ticket_ext( ssl, ext + 4, ext_size );
-                if( ret != 0 )
-                    return( ret );
-                break;
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
-
-#if defined(MBEDTLS_SSL_ALPN)
-            case MBEDTLS_TLS_EXT_ALPN:
-                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) );
-
-                ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size );
-                if( ret != 0 )
-                    return( ret );
-                break;
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
-
-#if defined(MBEDTLS_SSL_DTLS_SRTP)
-            case MBEDTLS_TLS_EXT_USE_SRTP:
-                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found use_srtp extension" ) );
-
-                ret = ssl_parse_use_srtp_ext( ssl, ext + 4, ext_size );
-                if( ret != 0 )
-                    return( ret );
-                break;
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-
-            default:
-                MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)",
-                               ext_id ) );
-            }
-
-            ext_len -= 4 + ext_size;
-            ext += 4 + ext_size;
-
-            if( ext_len > 0 && ext_len < 4 )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
-                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                                MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-            }
-        }
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-    }
-#endif
-
-#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
-    for( i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2 )
-    {
-        if( p[0] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 ) & 0xff ) &&
-            p[1] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE      ) & 0xff ) )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "received FALLBACK_SCSV" ) );
-
-            if( ssl->minor_ver < ssl->conf->max_minor_ver )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "inapropriate fallback" ) );
-
-                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK );
-
-                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-            }
-
-            break;
-        }
-    }
-#endif /* MBEDTLS_SSL_FALLBACK_SCSV */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
-    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-
-    /*
-     * Try to fall back to default hash SHA1 if the client
-     * hasn't provided any preferred signature-hash combinations.
-     */
-    if( sig_hash_alg_ext_present == 0 )
-    {
-        mbedtls_md_type_t md_default = MBEDTLS_MD_SHA1;
-
-        if( mbedtls_ssl_check_sig_hash( ssl, md_default ) != 0 )
-            md_default = MBEDTLS_MD_NONE;
-
-        mbedtls_ssl_sig_hash_set_const_hash( &ssl->handshake->hash_algs, md_default );
-    }
-
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
-          MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
-
-    /*
-     * Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV
-     */
-    for( i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2 )
-    {
-        if( p[0] == 0 && p[1] == MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) );
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-            if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV "
-                                            "during renegotiation" ) );
-                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                                MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-            }
-#endif
-            ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION;
-            break;
-        }
-    }
-
-    /*
-     * Renegotiation security checks
-     */
-    if( ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION &&
-        ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) );
-        handshake_failure = 1;
-    }
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
-             ssl->secure_renegotiation == MBEDTLS_SSL_SECURE_RENEGOTIATION &&
-             renegotiation_info_seen == 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) );
-        handshake_failure = 1;
-    }
-    else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
-             ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
-             ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) );
-        handshake_failure = 1;
-    }
-    else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
-             ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
-             renegotiation_info_seen == 1 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension present (legacy)" ) );
-        handshake_failure = 1;
-    }
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-
-    if( handshake_failure == 1 )
-    {
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
-    }
-
-    /*
-     * Search for a matching ciphersuite
-     * (At the end because we need information from the EC-based extensions
-     * and certificate from the SNI callback triggered by the SNI extension.)
-     */
-    got_common_suite = 0;
-    ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver];
-    ciphersuite_info = NULL;
-#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE)
-    for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 )
-        for( i = 0; ciphersuites[i] != 0; i++ )
-#else
-    for( i = 0; ciphersuites[i] != 0; i++ )
-        for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 )
-#endif
-        {
-            if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) ||
-                p[1] != ( ( ciphersuites[i]      ) & 0xFF ) )
-                continue;
-
-            got_common_suite = 1;
-
-            if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i],
-                                               &ciphersuite_info ) ) != 0 )
-                return( ret );
-
-            if( ciphersuite_info != NULL )
-                goto have_ciphersuite;
-        }
-
-    if( got_common_suite )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "got ciphersuites in common, "
-                            "but none of them usable" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-        return( MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE );
-    }
-    else
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
-        return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN );
-    }
-
-have_ciphersuite:
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", ciphersuite_info->name ) );
-
-    ssl->session_negotiate->ciphersuite = ciphersuites[i];
-    ssl->handshake->ciphersuite_info = ciphersuite_info;
-
-    ssl->state++;
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        mbedtls_ssl_recv_flight_completed( ssl );
-#endif
-
-    /* Debugging-only output for testsuite */
-#if defined(MBEDTLS_DEBUG_C)                         && \
-    defined(MBEDTLS_SSL_PROTO_TLS1_2)                && \
-    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
-    {
-        mbedtls_pk_type_t sig_alg = mbedtls_ssl_get_ciphersuite_sig_alg( ciphersuite_info );
-        if( sig_alg != MBEDTLS_PK_NONE )
-        {
-            mbedtls_md_type_t md_alg = mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs,
-                                                                  sig_alg );
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext: %d",
-                                        mbedtls_ssl_hash_from_md_alg( md_alg ) ) );
-        }
-        else
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "no hash algorithm for signature algorithm "
-                                        "%d - should not happen", sig_alg ) );
-        }
-    }
-#endif
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client hello" ) );
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl,
-                                          unsigned char *buf,
-                                          size_t *olen )
-{
-    unsigned char *p = buf;
-
-    if( ssl->session_negotiate->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED )
-    {
-        *olen = 0;
-        return;
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding truncated hmac extension" ) );
-
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC      ) & 0xFF );
-
-    *p++ = 0x00;
-    *p++ = 0x00;
-
-    *olen = 4;
-}
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-static void ssl_write_cid_ext( mbedtls_ssl_context *ssl,
-                               unsigned char *buf,
-                               size_t *olen )
-{
-    unsigned char *p = buf;
-    size_t ext_len;
-    const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
-
-    *olen = 0;
-
-    /* Skip writing the extension if we don't want to use it or if
-     * the client hasn't offered it. */
-    if( ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_DISABLED )
-        return;
-
-    /* ssl->own_cid_len is at most MBEDTLS_SSL_CID_IN_LEN_MAX
-     * which is at most 255, so the increment cannot overflow. */
-    if( end < p || (size_t)( end - p ) < (unsigned)( ssl->own_cid_len + 5 ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
-        return;
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding CID extension" ) );
-
-    /*
-     * Quoting draft-ietf-tls-dtls-connection-id-05
-     * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05
-     *
-     *   struct {
-     *      opaque cid<0..2^8-1>;
-     *   } ConnectionId;
-    */
-
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID      ) & 0xFF );
-    ext_len = (size_t) ssl->own_cid_len + 1;
-    *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( ext_len      ) & 0xFF );
-
-    *p++ = (uint8_t) ssl->own_cid_len;
-    memcpy( p, ssl->own_cid, ssl->own_cid_len );
-
-    *olen = ssl->own_cid_len + 5;
-}
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
-                                            unsigned char *buf,
-                                            size_t *olen )
-{
-    unsigned char *p = buf;
-    const mbedtls_ssl_ciphersuite_t *suite = NULL;
-    const mbedtls_cipher_info_t *cipher = NULL;
-
-    if( ssl->session_negotiate->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED ||
-        ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
-    {
-        *olen = 0;
-        return;
-    }
-
-    /*
-     * RFC 7366: "If a server receives an encrypt-then-MAC request extension
-     * from a client and then selects a stream or Authenticated Encryption
-     * with Associated Data (AEAD) ciphersuite, it MUST NOT send an
-     * encrypt-then-MAC response extension back to the client."
-     */
-    if( ( suite = mbedtls_ssl_ciphersuite_from_id(
-                    ssl->session_negotiate->ciphersuite ) ) == NULL ||
-        ( cipher = mbedtls_cipher_info_from_type( suite->cipher ) ) == NULL ||
-        cipher->mode != MBEDTLS_MODE_CBC )
-    {
-        *olen = 0;
-        return;
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) );
-
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC      ) & 0xFF );
-
-    *p++ = 0x00;
-    *p++ = 0x00;
-
-    *olen = 4;
-}
-#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
-
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl,
-                                       unsigned char *buf,
-                                       size_t *olen )
-{
-    unsigned char *p = buf;
-
-    if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED ||
-        ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
-    {
-        *olen = 0;
-        return;
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret "
-                        "extension" ) );
-
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET      ) & 0xFF );
-
-    *p++ = 0x00;
-    *p++ = 0x00;
-
-    *olen = 4;
-}
-#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl,
-                                          unsigned char *buf,
-                                          size_t *olen )
-{
-    unsigned char *p = buf;
-
-    if( ssl->handshake->new_session_ticket == 0 )
-    {
-        *olen = 0;
-        return;
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) );
-
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET      ) & 0xFF );
-
-    *p++ = 0x00;
-    *p++ = 0x00;
-
-    *olen = 4;
-}
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
-
-static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl,
-                                         unsigned char *buf,
-                                         size_t *olen )
-{
-    unsigned char *p = buf;
-
-    if( ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION )
-    {
-        *olen = 0;
-        return;
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) );
-
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO      ) & 0xFF );
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
-    {
-        *p++ = 0x00;
-        *p++ = ( ssl->verify_data_len * 2 + 1 ) & 0xFF;
-        *p++ = ssl->verify_data_len * 2 & 0xFF;
-
-        memcpy( p, ssl->peer_verify_data, ssl->verify_data_len );
-        p += ssl->verify_data_len;
-        memcpy( p, ssl->own_verify_data, ssl->verify_data_len );
-        p += ssl->verify_data_len;
-    }
-    else
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-    {
-        *p++ = 0x00;
-        *p++ = 0x01;
-        *p++ = 0x00;
-    }
-
-    *olen = p - buf;
-}
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl,
-                                               unsigned char *buf,
-                                               size_t *olen )
-{
-    unsigned char *p = buf;
-
-    if( ssl->session_negotiate->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE )
-    {
-        *olen = 0;
-        return;
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) );
-
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH      ) & 0xFF );
-
-    *p++ = 0x00;
-    *p++ = 1;
-
-    *p++ = ssl->session_negotiate->mfl_code;
-
-    *olen = 5;
-}
-#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
-    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl,
-                                                   unsigned char *buf,
-                                                   size_t *olen )
-{
-    unsigned char *p = buf;
-    ((void) ssl);
-
-    if( ( ssl->handshake->cli_exts &
-          MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT ) == 0 )
-    {
-        *olen = 0;
-        return;
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) );
-
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS      ) & 0xFF );
-
-    *p++ = 0x00;
-    *p++ = 2;
-
-    *p++ = 1;
-    *p++ = MBEDTLS_ECP_PF_UNCOMPRESSED;
-
-    *olen = 6;
-}
-#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl,
-                                        unsigned char *buf,
-                                        size_t *olen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *p = buf;
-    const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
-    size_t kkpp_len;
-
-    *olen = 0;
-
-    /* Skip costly computation if not needed */
-    if( ssl->handshake->ciphersuite_info->key_exchange !=
-        MBEDTLS_KEY_EXCHANGE_ECJPAKE )
-        return;
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, ecjpake kkpp extension" ) );
-
-    if( end - p < 4 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
-        return;
-    }
-
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP      ) & 0xFF );
-
-    ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx,
-                                        p + 2, end - p - 2, &kkpp_len,
-                                        ssl->conf->f_rng, ssl->conf->p_rng );
-    if( ret != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1 , "mbedtls_ecjpake_write_round_one", ret );
-        return;
-    }
-
-    *p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( kkpp_len      ) & 0xFF );
-
-    *olen = kkpp_len + 4;
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-
-#if defined(MBEDTLS_SSL_ALPN )
-static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl,
-                                unsigned char *buf, size_t *olen )
-{
-    if( ssl->alpn_chosen == NULL )
-    {
-        *olen = 0;
-        return;
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding alpn extension" ) );
-
-    /*
-     * 0 . 1    ext identifier
-     * 2 . 3    ext length
-     * 4 . 5    protocol list length
-     * 6 . 6    protocol name length
-     * 7 . 7+n  protocol name
-     */
-    buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF );
-    buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN      ) & 0xFF );
-
-    *olen = 7 + strlen( ssl->alpn_chosen );
-
-    buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF );
-    buf[3] = (unsigned char)( ( ( *olen - 4 )      ) & 0xFF );
-
-    buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF );
-    buf[5] = (unsigned char)( ( ( *olen - 6 )      ) & 0xFF );
-
-    buf[6] = (unsigned char)( ( ( *olen - 7 )      ) & 0xFF );
-
-    memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 );
-}
-#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */
-
-#if defined(MBEDTLS_SSL_DTLS_SRTP ) && defined(MBEDTLS_SSL_PROTO_DTLS)
-static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl,
-                                    unsigned char *buf,
-                                    size_t *olen )
-{
-    size_t mki_len = 0, ext_len = 0;
-    uint16_t profile_value = 0;
-    const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
-
-    *olen = 0;
-
-    if( ( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) ||
-        ( ssl->dtls_srtp_info.chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET ) )
-    {
-        return;
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding use_srtp extension" ) );
-
-    if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED )
-    {
-        mki_len = ssl->dtls_srtp_info.mki_len;
-    }
-
-    /* The extension total size is 9 bytes :
-     * - 2 bytes for the extension tag
-     * - 2 bytes for the total size
-     * - 2 bytes for the protection profile length
-     * - 2 bytes for the protection profile
-     * - 1 byte for the mki length
-     * +  the actual mki length
-     * Check we have enough room in the output buffer */
-    if( (size_t)( end - buf ) < mki_len + 9 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
-        return;
-    }
-
-    /* extension */
-    buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP >> 8 ) & 0xFF );
-    buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP      ) & 0xFF );
-    /*
-     * total length 5 and mki value: only one profile(2 bytes)
-     *              and length(2 bytes) and srtp_mki  )
-     */
-    ext_len = 5 + mki_len;
-    buf[2] = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
-    buf[3] = (unsigned char)( ext_len & 0xFF );
-
-    /* protection profile length: 2 */
-    buf[4] = 0x00;
-    buf[5] = 0x02;
-    profile_value = mbedtls_ssl_check_srtp_profile_value(
-                                ssl->dtls_srtp_info.chosen_dtls_srtp_profile );
-    if( profile_value != MBEDTLS_TLS_SRTP_UNSET )
-    {
-        buf[6] = (unsigned char)( ( profile_value >> 8 ) & 0xFF );
-        buf[7] = (unsigned char)( profile_value & 0xFF );
-    }
-    else
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "use_srtp extension invalid profile" ) );
-        return;
-    }
-
-    buf[8] = mki_len & 0xFF;
-    memcpy( &buf[9], ssl->dtls_srtp_info.mki_value, mki_len );
-
-    *olen = 9 + mki_len;
-}
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-
-#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
-static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *p = ssl->out_msg + 4;
-    unsigned char *cookie_len_byte;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write hello verify request" ) );
-
-    /*
-     * struct {
-     *   ProtocolVersion server_version;
-     *   opaque cookie<0..2^8-1>;
-     * } HelloVerifyRequest;
-     */
-
-    /* The RFC is not clear on this point, but sending the actual negotiated
-     * version looks like the most interoperable thing to do. */
-    mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
-                       ssl->conf->transport, p );
-    MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p, 2 );
-    p += 2;
-
-    /* If we get here, f_cookie_check is not null */
-    if( ssl->conf->f_cookie_write == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "inconsistent cookie callbacks" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    /* Skip length byte until we know the length */
-    cookie_len_byte = p++;
-
-    if( ( ret = ssl->conf->f_cookie_write( ssl->conf->p_cookie,
-                                     &p, ssl->out_buf + MBEDTLS_SSL_OUT_BUFFER_LEN,
-                                     ssl->cli_id, ssl->cli_id_len ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "f_cookie_write", ret );
-        return( ret );
-    }
-
-    *cookie_len_byte = (unsigned char)( p - ( cookie_len_byte + 1 ) );
-
-    MBEDTLS_SSL_DEBUG_BUF( 3, "cookie sent", cookie_len_byte + 1, *cookie_len_byte );
-
-    ssl->out_msglen  = p - ssl->out_msg;
-    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
-    ssl->out_msg[0]  = MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST;
-
-    ssl->state = MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT;
-
-    if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
-        return( ret );
-    }
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-        ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret );
-        return( ret );
-    }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write hello verify request" ) );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
-
-static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
-{
-#if defined(MBEDTLS_HAVE_TIME)
-    mbedtls_time_t t;
-#endif
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t olen, ext_len = 0, n;
-    unsigned char *buf, *p;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server hello" ) );
-
-#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-        ssl->handshake->verify_cookie_len != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "client hello was not authenticated" ) );
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello" ) );
-
-        return( ssl_write_hello_verify_request( ssl ) );
-    }
-#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
-
-    if( ssl->conf->f_rng == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided") );
-        return( MBEDTLS_ERR_SSL_NO_RNG );
-    }
-
-    /*
-     *     0  .   0   handshake type
-     *     1  .   3   handshake length
-     *     4  .   5   protocol version
-     *     6  .   9   UNIX time()
-     *    10  .  37   random bytes
-     */
-    buf = ssl->out_msg;
-    p = buf + 4;
-
-    mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
-                       ssl->conf->transport, p );
-    p += 2;
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [%d:%d]",
-                        buf[4], buf[5] ) );
-
-#if defined(MBEDTLS_HAVE_TIME)
-    t = mbedtls_time( NULL );
-    *p++ = (unsigned char)( t >> 24 );
-    *p++ = (unsigned char)( t >> 16 );
-    *p++ = (unsigned char)( t >>  8 );
-    *p++ = (unsigned char)( t       );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) );
-#else
-    if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 )
-        return( ret );
-
-    p += 4;
-#endif /* MBEDTLS_HAVE_TIME */
-
-    if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 28 ) ) != 0 )
-        return( ret );
-
-    p += 28;
-
-    memcpy( ssl->handshake->randbytes + 32, buf + 6, 32 );
-
-    MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 6, 32 );
-
-    /*
-     * Resume is 0  by default, see ssl_handshake_init().
-     * It may be already set to 1 by ssl_parse_session_ticket_ext().
-     * If not, try looking up session ID in our cache.
-     */
-    if( ssl->handshake->resume == 0 &&
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-        ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE &&
-#endif
-        ssl->session_negotiate->id_len != 0 &&
-        ssl->conf->f_get_cache != NULL &&
-        ssl->conf->f_get_cache( ssl->conf->p_cache, ssl->session_negotiate ) == 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from cache" ) );
-        ssl->handshake->resume = 1;
-    }
-
-    if( ssl->handshake->resume == 0 )
-    {
-        /*
-         * New session, create a new session id,
-         * unless we're about to issue a session ticket
-         */
-        ssl->state++;
-
-#if defined(MBEDTLS_HAVE_TIME)
-        ssl->session_negotiate->start = mbedtls_time( NULL );
-#endif
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-        if( ssl->handshake->new_session_ticket != 0 )
-        {
-            ssl->session_negotiate->id_len = n = 0;
-            memset( ssl->session_negotiate->id, 0, 32 );
-        }
-        else
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
-        {
-            ssl->session_negotiate->id_len = n = 32;
-            if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->session_negotiate->id,
-                                    n ) ) != 0 )
-                return( ret );
-        }
-    }
-    else
-    {
-        /*
-         * Resuming a session
-         */
-        n = ssl->session_negotiate->id_len;
-        ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC;
-
-        if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret );
-            return( ret );
-        }
-    }
-
-    /*
-     *    38  .  38     session id length
-     *    39  . 38+n    session id
-     *   39+n . 40+n    chosen ciphersuite
-     *   41+n . 41+n    chosen compression alg.
-     *   42+n . 43+n    extensions length
-     *   44+n . 43+n+m  extensions
-     */
-    *p++ = (unsigned char) ssl->session_negotiate->id_len;
-    memcpy( p, ssl->session_negotiate->id, ssl->session_negotiate->id_len );
-    p += ssl->session_negotiate->id_len;
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %d", n ) );
-    MBEDTLS_SSL_DEBUG_BUF( 3,   "server hello, session id", buf + 39, n );
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed",
-                   ssl->handshake->resume ? "a" : "no" ) );
-
-    *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite >> 8 );
-    *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite      );
-    *p++ = (unsigned char)( ssl->session_negotiate->compression      );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s",
-           mbedtls_ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ) ) );
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: 0x%02X",
-                   ssl->session_negotiate->compression ) );
-
-    /* Do not write the extensions if the protocol is SSLv3 */
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-    if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) )
-    {
-#endif
-
-    /*
-     *  First write extensions, then the total length
-     */
-    ssl_write_renegotiation_ext( ssl, p + 2 + ext_len, &olen );
-    ext_len += olen;
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-    ssl_write_max_fragment_length_ext( ssl, p + 2 + ext_len, &olen );
-    ext_len += olen;
-#endif
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-    ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, &olen );
-    ext_len += olen;
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    ssl_write_cid_ext( ssl, p + 2 + ext_len, &olen );
-    ext_len += olen;
-#endif
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-    ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len, &olen );
-    ext_len += olen;
-#endif
-
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-    ssl_write_extended_ms_ext( ssl, p + 2 + ext_len, &olen );
-    ext_len += olen;
-#endif
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    ssl_write_session_ticket_ext( ssl, p + 2 + ext_len, &olen );
-    ext_len += olen;
-#endif
-
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
-    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-    if ( mbedtls_ssl_ciphersuite_uses_ec(
-         mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite ) ) )
-    {
-        ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen );
-        ext_len += olen;
-    }
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-    ssl_write_ecjpake_kkpp_ext( ssl, p + 2 + ext_len, &olen );
-    ext_len += olen;
-#endif
-
-#if defined(MBEDTLS_SSL_ALPN)
-    ssl_write_alpn_ext( ssl, p + 2 + ext_len, &olen );
-    ext_len += olen;
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_SRTP)
-    ssl_write_use_srtp_ext( ssl, p + 2 + ext_len, &olen );
-    ext_len += olen;
-#endif
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %d", ext_len ) );
-
-    if( ext_len > 0 )
-    {
-        *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
-        *p++ = (unsigned char)( ( ext_len      ) & 0xFF );
-        p += ext_len;
-    }
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-    }
-#endif
-
-    ssl->out_msglen  = p - buf;
-    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
-    ssl->out_msg[0]  = MBEDTLS_SSL_HS_SERVER_HELLO;
-
-    ret = mbedtls_ssl_write_handshake_msg( ssl );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello" ) );
-
-    return( ret );
-}
-
-#if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED)
-static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
-{
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
-        ssl->handshake->ciphersuite_info;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) );
-
-    if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) );
-        ssl->state++;
-        return( 0 );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-    return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-}
-#else /* !MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
-static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
-        ssl->handshake->ciphersuite_info;
-    uint16_t dn_size, total_dn_size; /* excluding length bytes */
-    size_t ct_len, sa_len; /* including length bytes */
-    unsigned char *buf, *p;
-    const unsigned char * const end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
-    const mbedtls_x509_crt *crt;
-    int authmode;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) );
-
-    ssl->state++;
-
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-    if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET )
-        authmode = ssl->handshake->sni_authmode;
-    else
-#endif
-        authmode = ssl->conf->authmode;
-
-    if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ||
-        authmode == MBEDTLS_SSL_VERIFY_NONE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) );
-        return( 0 );
-    }
-
-    /*
-     *     0  .   0   handshake type
-     *     1  .   3   handshake length
-     *     4  .   4   cert type count
-     *     5  .. m-1  cert types
-     *     m  .. m+1  sig alg length (TLS 1.2 only)
-     *    m+1 .. n-1  SignatureAndHashAlgorithms (TLS 1.2 only)
-     *     n  .. n+1  length of all DNs
-     *    n+2 .. n+3  length of DN 1
-     *    n+4 .. ...  Distinguished Name #1
-     *    ... .. ...  length of DN 2, etc.
-     */
-    buf = ssl->out_msg;
-    p = buf + 4;
-
-    /*
-     * Supported certificate types
-     *
-     *     ClientCertificateType certificate_types<1..2^8-1>;
-     *     enum { (255) } ClientCertificateType;
-     */
-    ct_len = 0;
-
-#if defined(MBEDTLS_RSA_C)
-    p[1 + ct_len++] = MBEDTLS_SSL_CERT_TYPE_RSA_SIGN;
-#endif
-#if defined(MBEDTLS_ECDSA_C)
-    p[1 + ct_len++] = MBEDTLS_SSL_CERT_TYPE_ECDSA_SIGN;
-#endif
-
-    p[0] = (unsigned char) ct_len++;
-    p += ct_len;
-
-    sa_len = 0;
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-    /*
-     * Add signature_algorithms for verify (TLS 1.2)
-     *
-     *     SignatureAndHashAlgorithm supported_signature_algorithms<2..2^16-2>;
-     *
-     *     struct {
-     *           HashAlgorithm hash;
-     *           SignatureAlgorithm signature;
-     *     } SignatureAndHashAlgorithm;
-     *
-     *     enum { (255) } HashAlgorithm;
-     *     enum { (255) } SignatureAlgorithm;
-     */
-    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
-    {
-        const int *cur;
-
-        /*
-         * Supported signature algorithms
-         */
-        for( cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++ )
-        {
-            unsigned char hash = mbedtls_ssl_hash_from_md_alg( *cur );
-
-            if( MBEDTLS_SSL_HASH_NONE == hash || mbedtls_ssl_set_calc_verify_md( ssl, hash ) )
-                continue;
-
-#if defined(MBEDTLS_RSA_C)
-            p[2 + sa_len++] = hash;
-            p[2 + sa_len++] = MBEDTLS_SSL_SIG_RSA;
-#endif
-#if defined(MBEDTLS_ECDSA_C)
-            p[2 + sa_len++] = hash;
-            p[2 + sa_len++] = MBEDTLS_SSL_SIG_ECDSA;
-#endif
-        }
-
-        p[0] = (unsigned char)( sa_len >> 8 );
-        p[1] = (unsigned char)( sa_len      );
-        sa_len += 2;
-        p += sa_len;
-    }
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-
-    /*
-     * DistinguishedName certificate_authorities<0..2^16-1>;
-     * opaque DistinguishedName<1..2^16-1>;
-     */
-    p += 2;
-
-    total_dn_size = 0;
-
-    if( ssl->conf->cert_req_ca_list ==  MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED )
-    {
-        /* NOTE: If trusted certificates are provisioned
-         *       via a CA callback (configured through
-         *       `mbedtls_ssl_conf_ca_cb()`, then the
-         *       CertificateRequest is currently left empty. */
-
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-        if( ssl->handshake->sni_ca_chain != NULL )
-            crt = ssl->handshake->sni_ca_chain;
-        else
-#endif
-            crt = ssl->conf->ca_chain;
-
-        while( crt != NULL && crt->version != 0 )
-        {
-            /* It follows from RFC 5280 A.1 that this length
-             * can be represented in at most 11 bits. */
-            dn_size = (uint16_t) crt->subject_raw.len;
-
-            if( end < p || (size_t)( end - p ) < 2 + (size_t) dn_size )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "skipping CAs: buffer too short" ) );
-                break;
-            }
-
-            *p++ = (unsigned char)( dn_size >> 8 );
-            *p++ = (unsigned char)( dn_size      );
-            memcpy( p, crt->subject_raw.p, dn_size );
-            p += dn_size;
-
-            MBEDTLS_SSL_DEBUG_BUF( 3, "requested DN", p - dn_size, dn_size );
-
-            total_dn_size += 2 + dn_size;
-            crt = crt->next;
-        }
-    }
-
-    ssl->out_msglen  = p - buf;
-    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
-    ssl->out_msg[0]  = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST;
-    ssl->out_msg[4 + ct_len + sa_len] = (unsigned char)( total_dn_size  >> 8 );
-    ssl->out_msg[5 + ct_len + sa_len] = (unsigned char)( total_dn_size       );
-
-    ret = mbedtls_ssl_write_handshake_msg( ssl );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate request" ) );
-
-    return( ret );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
-static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ! mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_ECKEY ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key not ECDH capable" ) );
-        return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH );
-    }
-
-    if( ( ret = mbedtls_ecdh_get_params( &ssl->handshake->ecdh_ctx,
-                                 mbedtls_pk_ec( *mbedtls_ssl_own_key( ssl ) ),
-                                 MBEDTLS_ECDH_OURS ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_get_params" ), ret );
-        return( ret );
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) ||
-          MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) && \
-    defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-static int ssl_resume_server_key_exchange( mbedtls_ssl_context *ssl,
-                                           size_t *signature_len )
-{
-    /* Append the signature to ssl->out_msg, leaving 2 bytes for the
-     * signature length which will be added in ssl_write_server_key_exchange
-     * after the call to ssl_prepare_server_key_exchange.
-     * ssl_write_server_key_exchange also takes care of incrementing
-     * ssl->out_msglen. */
-    unsigned char *sig_start = ssl->out_msg + ssl->out_msglen + 2;
-    size_t sig_max_len = ( ssl->out_buf + MBEDTLS_SSL_OUT_CONTENT_LEN
-                           - sig_start );
-    int ret = ssl->conf->f_async_resume( ssl,
-                                         sig_start, signature_len, sig_max_len );
-    if( ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS )
-    {
-        ssl->handshake->async_in_progress = 0;
-        mbedtls_ssl_set_async_operation_data( ssl, NULL );
-    }
-    MBEDTLS_SSL_DEBUG_RET( 2, "ssl_resume_server_key_exchange", ret );
-    return( ret );
-}
-#endif /* defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) &&
-          defined(MBEDTLS_SSL_ASYNC_PRIVATE) */
-
-/* Prepare the ServerKeyExchange message, up to and including
- * calculating the signature if any, but excluding formatting the
- * signature and sending the message. */
-static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl,
-                                            size_t *signature_len )
-{
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
-        ssl->handshake->ciphersuite_info;
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED)
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
-    unsigned char *dig_signed = NULL;
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED */
-
-    (void) ciphersuite_info; /* unused in some configurations */
-#if !defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
-    (void) signature_len;
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */
-
-    ssl->out_msglen = 4; /* header (type:1, length:3) to be written later */
-
-    /*
-     *
-     * Part 1: Provide key exchange parameters for chosen ciphersuite.
-     *
-     */
-
-    /*
-     * - ECJPAKE key exchanges
-     */
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
-    {
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-        size_t len = 0;
-
-        ret = mbedtls_ecjpake_write_round_two(
-            &ssl->handshake->ecjpake_ctx,
-            ssl->out_msg + ssl->out_msglen,
-            MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen, &len,
-            ssl->conf->f_rng, ssl->conf->p_rng );
-        if( ret != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_write_round_two", ret );
-            return( ret );
-        }
-
-        ssl->out_msglen += len;
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-
-    /*
-     * For (EC)DHE key exchanges with PSK, parameters are prefixed by support
-     * identity hint (RFC 4279, Sec. 3). Until someone needs this feature,
-     * we use empty support identity hints here.
-     **/
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)   || \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
-        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
-    {
-        ssl->out_msg[ssl->out_msglen++] = 0x00;
-        ssl->out_msg[ssl->out_msglen++] = 0x00;
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
-
-    /*
-     * - DHE key exchanges
-     */
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED)
-    if( mbedtls_ssl_ciphersuite_uses_dhe( ciphersuite_info ) )
-    {
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-        size_t len = 0;
-
-        if( ssl->conf->dhm_P.p == NULL || ssl->conf->dhm_G.p == NULL )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "no DH parameters set" ) );
-            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-        }
-
-        /*
-         * Ephemeral DH parameters:
-         *
-         * struct {
-         *     opaque dh_p<1..2^16-1>;
-         *     opaque dh_g<1..2^16-1>;
-         *     opaque dh_Ys<1..2^16-1>;
-         * } ServerDHParams;
-         */
-        if( ( ret = mbedtls_dhm_set_group( &ssl->handshake->dhm_ctx,
-                                           &ssl->conf->dhm_P,
-                                           &ssl->conf->dhm_G ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_set_group", ret );
-            return( ret );
-        }
-
-        if( ( ret = mbedtls_dhm_make_params(
-                  &ssl->handshake->dhm_ctx,
-                  (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ),
-                  ssl->out_msg + ssl->out_msglen, &len,
-                  ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_params", ret );
-            return( ret );
-        }
-
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
-        dig_signed = ssl->out_msg + ssl->out_msglen;
-#endif
-
-        ssl->out_msglen += len;
-
-        MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X  );
-        MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P  );
-        MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G  );
-        MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX );
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED */
-
-    /*
-     * - ECDHE key exchanges
-     */
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
-    if( mbedtls_ssl_ciphersuite_uses_ecdhe( ciphersuite_info ) )
-    {
-        /*
-         * Ephemeral ECDH parameters:
-         *
-         * struct {
-         *     ECParameters curve_params;
-         *     ECPoint      public;
-         * } ServerECDHParams;
-         */
-        const mbedtls_ecp_curve_info **curve = NULL;
-        const mbedtls_ecp_group_id *gid;
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-        size_t len = 0;
-
-        /* Match our preference list against the offered curves */
-        for( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ )
-            for( curve = ssl->handshake->curves; *curve != NULL; curve++ )
-                if( (*curve)->grp_id == *gid )
-                    goto curve_matching_done;
-
-curve_matching_done:
-        if( curve == NULL || *curve == NULL )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "no matching curve for ECDHE" ) );
-            return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN );
-        }
-
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDHE curve: %s", (*curve)->name ) );
-
-        if( ( ret = mbedtls_ecdh_setup( &ssl->handshake->ecdh_ctx,
-                                        (*curve)->grp_id ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecp_group_load", ret );
-            return( ret );
-        }
-
-        if( ( ret = mbedtls_ecdh_make_params(
-                  &ssl->handshake->ecdh_ctx, &len,
-                  ssl->out_msg + ssl->out_msglen,
-                  MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen,
-                  ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_params", ret );
-            return( ret );
-        }
-
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
-        dig_signed = ssl->out_msg + ssl->out_msglen;
-#endif
-
-        ssl->out_msglen += len;
-
-        MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
-                                MBEDTLS_DEBUG_ECDH_Q );
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED */
-
-    /*
-     *
-     * Part 2: For key exchanges involving the server signing the
-     *         exchange parameters, compute and add the signature here.
-     *
-     */
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
-    if( mbedtls_ssl_ciphersuite_uses_server_signature( ciphersuite_info ) )
-    {
-        size_t dig_signed_len = ssl->out_msg + ssl->out_msglen - dig_signed;
-        size_t hashlen = 0;
-        unsigned char hash[MBEDTLS_MD_MAX_SIZE];
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-        /*
-         * 2.1: Choose hash algorithm:
-         * A: For TLS 1.2, obey signature-hash-algorithm extension
-         *    to choose appropriate hash.
-         * B: For SSL3, TLS1.0, TLS1.1 and ECDHE_ECDSA, use SHA1
-         *    (RFC 4492, Sec. 5.4)
-         * C: Otherwise, use MD5 + SHA1 (RFC 4346, Sec. 7.4.3)
-         */
-
-        mbedtls_md_type_t md_alg;
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-        mbedtls_pk_type_t sig_alg =
-            mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info );
-        if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
-        {
-            /* A: For TLS 1.2, obey signature-hash-algorithm extension
-             *    (RFC 5246, Sec. 7.4.1.4.1). */
-            if( sig_alg == MBEDTLS_PK_NONE ||
-                ( md_alg = mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs,
-                                                          sig_alg ) ) == MBEDTLS_MD_NONE )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-                /* (... because we choose a cipher suite
-                 *      only if there is a matching hash.) */
-                return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-            }
-        }
-        else
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_1)
-        if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA )
-        {
-            /* B: Default hash SHA1 */
-            md_alg = MBEDTLS_MD_SHA1;
-        }
-        else
-#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
-          MBEDTLS_SSL_PROTO_TLS1_1 */
-        {
-            /* C: MD5 + SHA1 */
-            md_alg = MBEDTLS_MD_NONE;
-        }
-
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "pick hash algorithm %d for signing", md_alg ) );
-
-        /*
-         * 2.2: Compute the hash to be signed
-         */
-#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_1)
-        if( md_alg == MBEDTLS_MD_NONE )
-        {
-            hashlen = 36;
-            ret = mbedtls_ssl_get_key_exchange_md_ssl_tls( ssl, hash,
-                                                           dig_signed,
-                                                           dig_signed_len );
-            if( ret != 0 )
-                return( ret );
-        }
-        else
-#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
-          MBEDTLS_SSL_PROTO_TLS1_1 */
-#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_2)
-        if( md_alg != MBEDTLS_MD_NONE )
-        {
-            ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, &hashlen,
-                                                          dig_signed,
-                                                          dig_signed_len,
-                                                          md_alg );
-            if( ret != 0 )
-                return( ret );
-        }
-        else
-#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
-          MBEDTLS_SSL_PROTO_TLS1_2 */
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-
-        MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen );
-
-        /*
-         * 2.3: Compute and add the signature
-         */
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-        if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
-        {
-            /*
-             * For TLS 1.2, we need to specify signature and hash algorithm
-             * explicitly through a prefix to the signature.
-             *
-             * struct {
-             *    HashAlgorithm hash;
-             *    SignatureAlgorithm signature;
-             * } SignatureAndHashAlgorithm;
-             *
-             * struct {
-             *    SignatureAndHashAlgorithm algorithm;
-             *    opaque signature<0..2^16-1>;
-             * } DigitallySigned;
-             *
-             */
-
-            ssl->out_msg[ssl->out_msglen++] =
-                mbedtls_ssl_hash_from_md_alg( md_alg );
-            ssl->out_msg[ssl->out_msglen++] =
-                mbedtls_ssl_sig_from_pk_alg( sig_alg );
-        }
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-        if( ssl->conf->f_async_sign_start != NULL )
-        {
-            ret = ssl->conf->f_async_sign_start( ssl,
-                                                 mbedtls_ssl_own_cert( ssl ),
-                                                 md_alg, hash, hashlen );
-            switch( ret )
-            {
-            case MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH:
-                /* act as if f_async_sign was null */
-                break;
-            case 0:
-                ssl->handshake->async_in_progress = 1;
-                return( ssl_resume_server_key_exchange( ssl, signature_len ) );
-            case MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS:
-                ssl->handshake->async_in_progress = 1;
-                return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS );
-            default:
-                MBEDTLS_SSL_DEBUG_RET( 1, "f_async_sign_start", ret );
-                return( ret );
-            }
-        }
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-
-        if( mbedtls_ssl_own_key( ssl ) == NULL )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no private key" ) );
-            return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED );
-        }
-
-        /* Append the signature to ssl->out_msg, leaving 2 bytes for the
-         * signature length which will be added in ssl_write_server_key_exchange
-         * after the call to ssl_prepare_server_key_exchange.
-         * ssl_write_server_key_exchange also takes care of incrementing
-         * ssl->out_msglen. */
-        if( ( ret = mbedtls_pk_sign( mbedtls_ssl_own_key( ssl ),
-                                     md_alg, hash, hashlen,
-                                     ssl->out_msg + ssl->out_msglen + 2,
-                                     signature_len,
-                                     ssl->conf->f_rng,
-                                     ssl->conf->p_rng ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret );
-            return( ret );
-        }
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */
-
-    return( 0 );
-}
-
-/* Prepare the ServerKeyExchange message and send it. For ciphersuites
- * that do not include a ServerKeyExchange message, do nothing. Either
- * way, if successful, move on to the next step in the SSL state
- * machine. */
-static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t signature_len = 0;
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED)
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
-                            ssl->handshake->ciphersuite_info;
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server key exchange" ) );
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED)
-    /* Extract static ECDH parameters and abort if ServerKeyExchange
-     * is not needed. */
-    if( mbedtls_ssl_ciphersuite_no_pfs( ciphersuite_info ) )
-    {
-        /* For suites involving ECDH, extract DH parameters
-         * from certificate at this point. */
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED)
-        if( mbedtls_ssl_ciphersuite_uses_ecdh( ciphersuite_info ) )
-        {
-            ssl_get_ecdh_params_from_cert( ssl );
-        }
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */
-
-        /* Key exchanges not involving ephemeral keys don't use
-         * ServerKeyExchange, so end here. */
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) );
-        ssl->state++;
-        return( 0 );
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) && \
-    defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-    /* If we have already prepared the message and there is an ongoing
-     * signature operation, resume signing. */
-    if( ssl->handshake->async_in_progress != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "resuming signature operation" ) );
-        ret = ssl_resume_server_key_exchange( ssl, &signature_len );
-    }
-    else
-#endif /* defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) &&
-          defined(MBEDTLS_SSL_ASYNC_PRIVATE) */
-    {
-        /* ServerKeyExchange is needed. Prepare the message. */
-        ret = ssl_prepare_server_key_exchange( ssl, &signature_len );
-    }
-
-    if( ret != 0 )
-    {
-        /* If we're starting to write a new message, set ssl->out_msglen
-         * to 0. But if we're resuming after an asynchronous message,
-         * out_msglen is the amount of data written so far and mst be
-         * preserved. */
-        if( ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS )
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server key exchange (pending)" ) );
-        else
-            ssl->out_msglen = 0;
-        return( ret );
-    }
-
-    /* If there is a signature, write its length.
-     * ssl_prepare_server_key_exchange already wrote the signature
-     * itself at its proper place in the output buffer. */
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
-    if( signature_len != 0 )
-    {
-        ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len >> 8 );
-        ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len      );
-
-        MBEDTLS_SSL_DEBUG_BUF( 3, "my signature",
-                               ssl->out_msg + ssl->out_msglen,
-                               signature_len );
-
-        /* Skip over the already-written signature */
-        ssl->out_msglen += signature_len;
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */
-
-    /* Add header and send. */
-    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
-    ssl->out_msg[0]  = MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE;
-
-    ssl->state++;
-
-    if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
-        return( ret );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server key exchange" ) );
-    return( 0 );
-}
-
-static int ssl_write_server_hello_done( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server hello done" ) );
-
-    ssl->out_msglen  = 4;
-    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
-    ssl->out_msg[0]  = MBEDTLS_SSL_HS_SERVER_HELLO_DONE;
-
-    ssl->state++;
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        mbedtls_ssl_send_flight_completed( ssl );
-#endif
-
-    if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
-        return( ret );
-    }
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-        ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret );
-        return( ret );
-    }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello done" ) );
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) ||                       \
-    defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
-static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char **p,
-                                       const unsigned char *end )
-{
-    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
-    size_t n;
-
-    /*
-     * Receive G^Y mod P, premaster = (G^Y)^X mod P
-     */
-    if( *p + 2 > end )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
-    }
-
-    n = ( (*p)[0] << 8 ) | (*p)[1];
-    *p += 2;
-
-    if( *p + n > end )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
-    }
-
-    if( ( ret = mbedtls_dhm_read_public( &ssl->handshake->dhm_ctx, *p, n ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_read_public", ret );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP );
-    }
-
-    *p += n;
-
-    MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY );
-
-    return( ret );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) ||                           \
-    defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
-
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-static int ssl_resume_decrypt_pms( mbedtls_ssl_context *ssl,
-                                   unsigned char *peer_pms,
-                                   size_t *peer_pmslen,
-                                   size_t peer_pmssize )
-{
-    int ret = ssl->conf->f_async_resume( ssl,
-                                         peer_pms, peer_pmslen, peer_pmssize );
-    if( ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS )
-    {
-        ssl->handshake->async_in_progress = 0;
-        mbedtls_ssl_set_async_operation_data( ssl, NULL );
-    }
-    MBEDTLS_SSL_DEBUG_RET( 2, "ssl_decrypt_encrypted_pms", ret );
-    return( ret );
-}
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-
-static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl,
-                                      const unsigned char *p,
-                                      const unsigned char *end,
-                                      unsigned char *peer_pms,
-                                      size_t *peer_pmslen,
-                                      size_t peer_pmssize )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_pk_context *private_key = mbedtls_ssl_own_key( ssl );
-    mbedtls_pk_context *public_key = &mbedtls_ssl_own_cert( ssl )->pk;
-    size_t len = mbedtls_pk_get_len( public_key );
-
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-    /* If we have already started decoding the message and there is an ongoing
-     * decryption operation, resume signing. */
-    if( ssl->handshake->async_in_progress != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "resuming decryption operation" ) );
-        return( ssl_resume_decrypt_pms( ssl,
-                                        peer_pms, peer_pmslen, peer_pmssize ) );
-    }
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-
-    /*
-     * Prepare to decrypt the premaster using own private RSA key
-     */
-#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_2)
-    if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 )
-    {
-        if ( p + 2 > end ) {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
-        }
-        if( *p++ != ( ( len >> 8 ) & 0xFF ) ||
-            *p++ != ( ( len      ) & 0xFF ) )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
-        }
-    }
-#endif
-
-    if( p + len != end )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
-    }
-
-    /*
-     * Decrypt the premaster secret
-     */
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-    if( ssl->conf->f_async_decrypt_start != NULL )
-    {
-        ret = ssl->conf->f_async_decrypt_start( ssl,
-                                                mbedtls_ssl_own_cert( ssl ),
-                                                p, len );
-        switch( ret )
-        {
-        case MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH:
-            /* act as if f_async_decrypt_start was null */
-            break;
-        case 0:
-            ssl->handshake->async_in_progress = 1;
-            return( ssl_resume_decrypt_pms( ssl,
-                                            peer_pms,
-                                            peer_pmslen,
-                                            peer_pmssize ) );
-        case MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS:
-            ssl->handshake->async_in_progress = 1;
-            return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS );
-        default:
-            MBEDTLS_SSL_DEBUG_RET( 1, "f_async_decrypt_start", ret );
-            return( ret );
-        }
-    }
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-
-    if( ! mbedtls_pk_can_do( private_key, MBEDTLS_PK_RSA ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no RSA private key" ) );
-        return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED );
-    }
-
-    ret = mbedtls_pk_decrypt( private_key, p, len,
-                              peer_pms, peer_pmslen, peer_pmssize,
-                              ssl->conf->f_rng, ssl->conf->p_rng );
-    return( ret );
-}
-
-static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl,
-                                    const unsigned char *p,
-                                    const unsigned char *end,
-                                    size_t pms_offset )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *pms = ssl->handshake->premaster + pms_offset;
-    unsigned char ver[2];
-    unsigned char fake_pms[48], peer_pms[48];
-    unsigned char mask;
-    size_t i, peer_pmslen;
-    unsigned int diff;
-
-    /* In case of a failure in decryption, the decryption may write less than
-     * 2 bytes of output, but we always read the first two bytes. It doesn't
-     * matter in the end because diff will be nonzero in that case due to
-     * ret being nonzero, and we only care whether diff is 0.
-     * But do initialize peer_pms and peer_pmslen for robustness anyway. This
-     * also makes memory analyzers happy (don't access uninitialized memory,
-     * even if it's an unsigned char). */
-    peer_pms[0] = peer_pms[1] = ~0;
-    peer_pmslen = 0;
-
-    ret = ssl_decrypt_encrypted_pms( ssl, p, end,
-                                     peer_pms,
-                                     &peer_pmslen,
-                                     sizeof( peer_pms ) );
-
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-    if ( ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS )
-        return( ret );
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-
-    mbedtls_ssl_write_version( ssl->handshake->max_major_ver,
-                               ssl->handshake->max_minor_ver,
-                               ssl->conf->transport, ver );
-
-    /* Avoid data-dependent branches while checking for invalid
-     * padding, to protect against timing-based Bleichenbacher-type
-     * attacks. */
-    diff  = (unsigned int) ret;
-    diff |= peer_pmslen ^ 48;
-    diff |= peer_pms[0] ^ ver[0];
-    diff |= peer_pms[1] ^ ver[1];
-
-    /* mask = diff ? 0xff : 0x00 using bit operations to avoid branches */
-    /* MSVC has a warning about unary minus on unsigned, but this is
-     * well-defined and precisely what we want to do here */
-#if defined(_MSC_VER)
-#pragma warning( push )
-#pragma warning( disable : 4146 )
-#endif
-    mask = - ( ( diff | - diff ) >> ( sizeof( unsigned int ) * 8 - 1 ) );
-#if defined(_MSC_VER)
-#pragma warning( pop )
-#endif
-
-    /*
-     * Protection against Bleichenbacher's attack: invalid PKCS#1 v1.5 padding
-     * must not cause the connection to end immediately; instead, send a
-     * bad_record_mac later in the handshake.
-     * To protect against timing-based variants of the attack, we must
-     * not have any branch that depends on whether the decryption was
-     * successful. In particular, always generate the fake premaster secret,
-     * regardless of whether it will ultimately influence the output or not.
-     */
-    ret = ssl->conf->f_rng( ssl->conf->p_rng, fake_pms, sizeof( fake_pms ) );
-    if( ret != 0 )
-    {
-        /* It's ok to abort on an RNG failure, since this does not reveal
-         * anything about the RSA decryption. */
-        return( ret );
-    }
-
-#if defined(MBEDTLS_SSL_DEBUG_ALL)
-    if( diff != 0 )
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
-#endif
-
-    if( sizeof( ssl->handshake->premaster ) < pms_offset ||
-        sizeof( ssl->handshake->premaster ) - pms_offset < 48 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-    ssl->handshake->pmslen = 48;
-
-    /* Set pms to either the true or the fake PMS, without
-     * data-dependent branches. */
-    for( i = 0; i < ssl->handshake->pmslen; i++ )
-        pms[i] = ( mask & fake_pms[i] ) | ( (~mask) & peer_pms[i] );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned char **p,
-                                          const unsigned char *end )
-{
-    int ret = 0;
-    uint16_t n;
-
-    if( ssl_conf_has_psk_or_cb( ssl->conf ) == 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no pre-shared key" ) );
-        return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED );
-    }
-
-    /*
-     * Receive client pre-shared key identity name
-     */
-    if( end - *p < 2 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
-    }
-
-    n = ( (*p)[0] << 8 ) | (*p)[1];
-    *p += 2;
-
-    if( n == 0 || n > end - *p )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
-    }
-
-    if( ssl->conf->f_psk != NULL )
-    {
-        if( ssl->conf->f_psk( ssl->conf->p_psk, ssl, *p, n ) != 0 )
-            ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY;
-    }
-    else
-    {
-        /* Identity is not a big secret since clients send it in the clear,
-         * but treat it carefully anyway, just in case */
-        if( n != ssl->conf->psk_identity_len ||
-            mbedtls_ssl_safer_memcmp( ssl->conf->psk_identity, *p, n ) != 0 )
-        {
-            ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY;
-        }
-    }
-
-    if( ret == MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY )
-    {
-        MBEDTLS_SSL_DEBUG_BUF( 3, "Unknown PSK identity", *p, n );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY );
-        return( MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY );
-    }
-
-    *p += n;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-
-static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
-    unsigned char *p, *end;
-
-    ciphersuite_info = ssl->handshake->ciphersuite_info;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client key exchange" ) );
-
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) && \
-    ( defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
-      defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) )
-    if( ( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
-          ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) &&
-        ( ssl->handshake->async_in_progress != 0 ) )
-    {
-        /* We've already read a record and there is an asynchronous
-         * operation in progress to decrypt it. So skip reading the
-         * record. */
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "will resume decryption of previously-read record" ) );
-    }
-    else
-#endif
-    if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
-        return( ret );
-    }
-
-    p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl );
-    end = ssl->in_msg + ssl->in_hslen;
-
-    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
-    }
-
-    if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
-    }
-
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA )
-    {
-        if( ( ret = ssl_parse_client_dh_public( ssl, &p, end ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_dh_public" ), ret );
-            return( ret );
-        }
-
-        if( p != end )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
-        }
-
-        if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx,
-                                      ssl->handshake->premaster,
-                                      MBEDTLS_PREMASTER_SIZE,
-                                     &ssl->handshake->pmslen,
-                                      ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS );
-        }
-
-        MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K  );
-    }
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||                     \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ||                   \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) ||                      \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
-        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
-        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA ||
-        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA )
-    {
-        if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx,
-                                      p, end - p) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_read_public", ret );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP );
-        }
-
-        MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
-                                MBEDTLS_DEBUG_ECDH_QP );
-
-        if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx,
-                                      &ssl->handshake->pmslen,
-                                       ssl->handshake->premaster,
-                                       MBEDTLS_MPI_MAX_SIZE,
-                                       ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS );
-        }
-
-        MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
-                                MBEDTLS_DEBUG_ECDH_Z );
-    }
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
-          MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK )
-    {
-        if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret );
-            return( ret );
-        }
-
-        if( p != end )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
-        }
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-        /* For opaque PSKs, we perform the PSK-to-MS derivation atomatically
-         * and skip the intermediate PMS. */
-        if( ssl_use_opaque_psk( ssl ) == 1 )
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "skip PMS generation for opaque PSK" ) );
-        else
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-        if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
-                        ciphersuite_info->key_exchange ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret );
-            return( ret );
-        }
-    }
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK )
-    {
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-        if ( ssl->handshake->async_in_progress != 0 )
-        {
-            /* There is an asynchronous operation in progress to
-             * decrypt the encrypted premaster secret, so skip
-             * directly to resuming this operation. */
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "PSK identity already parsed" ) );
-            /* Update p to skip the PSK identity. ssl_parse_encrypted_pms
-             * won't actually use it, but maintain p anyway for robustness. */
-            p += ssl->conf->psk_identity_len + 2;
-        }
-        else
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-        if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret );
-            return( ret );
-        }
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-        /* Opaque PSKs are currently only supported for PSK-only. */
-        if( ssl_use_opaque_psk( ssl ) == 1 )
-            return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-#endif
-
-        if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 2 ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_encrypted_pms" ), ret );
-            return( ret );
-        }
-
-        if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
-                        ciphersuite_info->key_exchange ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret );
-            return( ret );
-        }
-    }
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK )
-    {
-        if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret );
-            return( ret );
-        }
-        if( ( ret = ssl_parse_client_dh_public( ssl, &p, end ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_dh_public" ), ret );
-            return( ret );
-        }
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-        /* Opaque PSKs are currently only supported for PSK-only. */
-        if( ssl_use_opaque_psk( ssl ) == 1 )
-            return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-#endif
-
-        if( p != end )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
-        }
-
-        if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
-                        ciphersuite_info->key_exchange ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret );
-            return( ret );
-        }
-    }
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
-    {
-        if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret );
-            return( ret );
-        }
-
-        if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx,
-                                       p, end - p ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_read_public", ret );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP );
-        }
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-        /* Opaque PSKs are currently only supported for PSK-only. */
-        if( ssl_use_opaque_psk( ssl ) == 1 )
-            return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-#endif
-
-        MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
-                                MBEDTLS_DEBUG_ECDH_QP );
-
-        if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
-                        ciphersuite_info->key_exchange ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret );
-            return( ret );
-        }
-    }
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA )
-    {
-        if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 0 ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_parse_encrypted_pms_secret" ), ret );
-            return( ret );
-        }
-    }
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
-    {
-        ret = mbedtls_ecjpake_read_round_two( &ssl->handshake->ecjpake_ctx,
-                                              p, end - p );
-        if( ret != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_two", ret );
-            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
-        }
-
-        ret = mbedtls_ecjpake_derive_secret( &ssl->handshake->ecjpake_ctx,
-                ssl->handshake->premaster, 32, &ssl->handshake->pmslen,
-                ssl->conf->f_rng, ssl->conf->p_rng );
-        if( ret != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_derive_secret", ret );
-            return( ret );
-        }
-    }
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret );
-        return( ret );
-    }
-
-    ssl->state++;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client key exchange" ) );
-
-    return( 0 );
-}
-
-#if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED)
-static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
-{
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
-        ssl->handshake->ciphersuite_info;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) );
-
-    if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
-        ssl->state++;
-        return( 0 );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-    return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-}
-#else /* !MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
-static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
-    size_t i, sig_len;
-    unsigned char hash[48];
-    unsigned char *hash_start = hash;
-    size_t hashlen;
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-    mbedtls_pk_type_t pk_alg;
-#endif
-    mbedtls_md_type_t md_alg;
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
-        ssl->handshake->ciphersuite_info;
-    mbedtls_pk_context * peer_pk;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) );
-
-    if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
-        ssl->state++;
-        return( 0 );
-    }
-
-#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    if( ssl->session_negotiate->peer_cert == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
-        ssl->state++;
-        return( 0 );
-    }
-#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-    if( ssl->session_negotiate->peer_cert_digest == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
-        ssl->state++;
-        return( 0 );
-    }
-#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-
-    /* Read the message without adding it to the checksum */
-    ret = mbedtls_ssl_read_record( ssl, 0 /* no checksum update */ );
-    if( 0 != ret )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_read_record" ), ret );
-        return( ret );
-    }
-
-    ssl->state++;
-
-    /* Process the message contents */
-    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ||
-        ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE_VERIFY )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
-    }
-
-    i = mbedtls_ssl_hs_hdr_len( ssl );
-
-#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    peer_pk = &ssl->handshake->peer_pubkey;
-#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-    if( ssl->session_negotiate->peer_cert == NULL )
-    {
-        /* Should never happen */
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-    peer_pk = &ssl->session_negotiate->peer_cert->pk;
-#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-
-    /*
-     *  struct {
-     *     SignatureAndHashAlgorithm algorithm; -- TLS 1.2 only
-     *     opaque signature<0..2^16-1>;
-     *  } DigitallySigned;
-     */
-#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_1)
-    if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 )
-    {
-        md_alg = MBEDTLS_MD_NONE;
-        hashlen = 36;
-
-        /* For ECDSA, use SHA-1, not MD-5 + SHA-1 */
-        if( mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_ECDSA ) )
-        {
-            hash_start += 16;
-            hashlen -= 16;
-            md_alg = MBEDTLS_MD_SHA1;
-        }
-    }
-    else
-#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 ||
-          MBEDTLS_SSL_PROTO_TLS1_1 */
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
-    {
-        if( i + 2 > ssl->in_hslen )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
-        }
-
-        /*
-         * Hash
-         */
-        md_alg = mbedtls_ssl_md_alg_from_hash( ssl->in_msg[i] );
-
-        if( md_alg == MBEDTLS_MD_NONE || mbedtls_ssl_set_calc_verify_md( ssl, ssl->in_msg[i] ) )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg"
-                                " for verify message" ) );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
-        }
-
-#if !defined(MBEDTLS_MD_SHA1)
-        if( MBEDTLS_MD_SHA1 == md_alg )
-            hash_start += 16;
-#endif
-
-        /* Info from md_alg will be used instead */
-        hashlen = 0;
-
-        i++;
-
-        /*
-         * Signature
-         */
-        if( ( pk_alg = mbedtls_ssl_pk_alg_from_sig( ssl->in_msg[i] ) )
-                        == MBEDTLS_PK_NONE )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg"
-                                " for verify message" ) );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
-        }
-
-        /*
-         * Check the certificate's key type matches the signature alg
-         */
-        if( !mbedtls_pk_can_do( peer_pk, pk_alg ) )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "sig_alg doesn't match cert key" ) );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
-        }
-
-        i++;
-    }
-    else
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    if( i + 2 > ssl->in_hslen )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
-    }
-
-    sig_len = ( ssl->in_msg[i] << 8 ) | ssl->in_msg[i+1];
-    i += 2;
-
-    if( i + sig_len != ssl->in_hslen )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
-    }
-
-    /* Calculate hash and verify signature */
-    {
-        size_t dummy_hlen;
-        ssl->handshake->calc_verify( ssl, hash, &dummy_hlen );
-    }
-
-    if( ( ret = mbedtls_pk_verify( peer_pk,
-                           md_alg, hash_start, hashlen,
-                           ssl->in_msg + i, sig_len ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_verify", ret );
-        return( ret );
-    }
-
-    mbedtls_ssl_update_handshake_status( ssl );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate verify" ) );
-
-    return( ret );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t tlen;
-    uint32_t lifetime;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write new session ticket" ) );
-
-    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
-    ssl->out_msg[0]  = MBEDTLS_SSL_HS_NEW_SESSION_TICKET;
-
-    /*
-     * struct {
-     *     uint32 ticket_lifetime_hint;
-     *     opaque ticket<0..2^16-1>;
-     * } NewSessionTicket;
-     *
-     * 4  .  7   ticket_lifetime_hint (0 = unspecified)
-     * 8  .  9   ticket_len (n)
-     * 10 .  9+n ticket content
-     */
-
-    if( ( ret = ssl->conf->f_ticket_write( ssl->conf->p_ticket,
-                                ssl->session_negotiate,
-                                ssl->out_msg + 10,
-                                ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN,
-                                &tlen, &lifetime ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_ticket_write", ret );
-        tlen = 0;
-    }
-
-    ssl->out_msg[4] = ( lifetime >> 24 ) & 0xFF;
-    ssl->out_msg[5] = ( lifetime >> 16 ) & 0xFF;
-    ssl->out_msg[6] = ( lifetime >>  8 ) & 0xFF;
-    ssl->out_msg[7] = ( lifetime       ) & 0xFF;
-
-    ssl->out_msg[8] = (unsigned char)( ( tlen >> 8 ) & 0xFF );
-    ssl->out_msg[9] = (unsigned char)( ( tlen      ) & 0xFF );
-
-    ssl->out_msglen = 10 + tlen;
-
-    /*
-     * Morally equivalent to updating ssl->state, but NewSessionTicket and
-     * ChangeCipherSpec share the same state.
-     */
-    ssl->handshake->new_session_ticket = 0;
-
-    if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
-        return( ret );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write new session ticket" ) );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
-
-/*
- * SSL handshake -- server side -- single step
- */
-int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl )
-{
-    int ret = 0;
-
-    if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "server state: %d", ssl->state ) );
-
-    if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
-        return( ret );
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-        ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING )
-    {
-        if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
-            return( ret );
-    }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-    switch( ssl->state )
-    {
-        case MBEDTLS_SSL_HELLO_REQUEST:
-            ssl->state = MBEDTLS_SSL_CLIENT_HELLO;
-            break;
-
-        /*
-         *  <==   ClientHello
-         */
-        case MBEDTLS_SSL_CLIENT_HELLO:
-            ret = ssl_parse_client_hello( ssl );
-            break;
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-        case MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT:
-            return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED );
-#endif
-
-        /*
-         *  ==>   ServerHello
-         *        Certificate
-         *      ( ServerKeyExchange  )
-         *      ( CertificateRequest )
-         *        ServerHelloDone
-         */
-        case MBEDTLS_SSL_SERVER_HELLO:
-            ret = ssl_write_server_hello( ssl );
-            break;
-
-        case MBEDTLS_SSL_SERVER_CERTIFICATE:
-            ret = mbedtls_ssl_write_certificate( ssl );
-            break;
-
-        case MBEDTLS_SSL_SERVER_KEY_EXCHANGE:
-            ret = ssl_write_server_key_exchange( ssl );
-            break;
-
-        case MBEDTLS_SSL_CERTIFICATE_REQUEST:
-            ret = ssl_write_certificate_request( ssl );
-            break;
-
-        case MBEDTLS_SSL_SERVER_HELLO_DONE:
-            ret = ssl_write_server_hello_done( ssl );
-            break;
-
-        /*
-         *  <== ( Certificate/Alert  )
-         *        ClientKeyExchange
-         *      ( CertificateVerify  )
-         *        ChangeCipherSpec
-         *        Finished
-         */
-        case MBEDTLS_SSL_CLIENT_CERTIFICATE:
-            ret = mbedtls_ssl_parse_certificate( ssl );
-            break;
-
-        case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE:
-            ret = ssl_parse_client_key_exchange( ssl );
-            break;
-
-        case MBEDTLS_SSL_CERTIFICATE_VERIFY:
-            ret = ssl_parse_certificate_verify( ssl );
-            break;
-
-        case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC:
-            ret = mbedtls_ssl_parse_change_cipher_spec( ssl );
-            break;
-
-        case MBEDTLS_SSL_CLIENT_FINISHED:
-            ret = mbedtls_ssl_parse_finished( ssl );
-            break;
-
-        /*
-         *  ==> ( NewSessionTicket )
-         *        ChangeCipherSpec
-         *        Finished
-         */
-        case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC:
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-            if( ssl->handshake->new_session_ticket != 0 )
-                ret = ssl_write_new_session_ticket( ssl );
-            else
-#endif
-                ret = mbedtls_ssl_write_change_cipher_spec( ssl );
-            break;
-
-        case MBEDTLS_SSL_SERVER_FINISHED:
-            ret = mbedtls_ssl_write_finished( ssl );
-            break;
-
-        case MBEDTLS_SSL_FLUSH_BUFFERS:
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) );
-            ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP;
-            break;
-
-        case MBEDTLS_SSL_HANDSHAKE_WRAPUP:
-            mbedtls_ssl_handshake_wrapup( ssl );
-            break;
-
-        default:
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) );
-            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    return( ret );
-}
-#endif /* MBEDTLS_SSL_SRV_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/ssl_ticket.c b/3rdparty/mbedtls-2.25.0/library/ssl_ticket.c
deleted file mode 100644
index 626d137..0000000
--- a/3rdparty/mbedtls-2.25.0/library/ssl_ticket.c
+++ /dev/null
@@ -1,405 +0,0 @@
-/*
- *  TLS server tickets callbacks implementation
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_SSL_TICKET_C)
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc    calloc
-#define mbedtls_free      free
-#endif
-
-#include "mbedtls/ssl_internal.h"
-#include "mbedtls/ssl_ticket.h"
-#include "mbedtls/error.h"
-#include "mbedtls/platform_util.h"
-
-#include <string.h>
-
-/*
- * Initialze context
- */
-void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx )
-{
-    memset( ctx, 0, sizeof( mbedtls_ssl_ticket_context ) );
-
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_mutex_init( &ctx->mutex );
-#endif
-}
-
-#define MAX_KEY_BYTES 32    /* 256 bits */
-
-#define TICKET_KEY_NAME_BYTES    4
-#define TICKET_IV_BYTES         12
-#define TICKET_CRYPT_LEN_BYTES   2
-#define TICKET_AUTH_TAG_BYTES   16
-
-#define TICKET_MIN_LEN ( TICKET_KEY_NAME_BYTES  +        \
-                         TICKET_IV_BYTES        +        \
-                         TICKET_CRYPT_LEN_BYTES +        \
-                         TICKET_AUTH_TAG_BYTES )
-#define TICKET_ADD_DATA_LEN ( TICKET_KEY_NAME_BYTES  +        \
-                              TICKET_IV_BYTES        +        \
-                              TICKET_CRYPT_LEN_BYTES )
-
-/*
- * Generate/update a key
- */
-static int ssl_ticket_gen_key( mbedtls_ssl_ticket_context *ctx,
-                               unsigned char index )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char buf[MAX_KEY_BYTES];
-    mbedtls_ssl_ticket_key *key = ctx->keys + index;
-
-#if defined(MBEDTLS_HAVE_TIME)
-    key->generation_time = (uint32_t) mbedtls_time( NULL );
-#endif
-
-    if( ( ret = ctx->f_rng( ctx->p_rng, key->name, sizeof( key->name ) ) ) != 0 )
-        return( ret );
-
-    if( ( ret = ctx->f_rng( ctx->p_rng, buf, sizeof( buf ) ) ) != 0 )
-        return( ret );
-
-    /* With GCM and CCM, same context can encrypt & decrypt */
-    ret = mbedtls_cipher_setkey( &key->ctx, buf,
-                                 mbedtls_cipher_get_key_bitlen( &key->ctx ),
-                                 MBEDTLS_ENCRYPT );
-
-    mbedtls_platform_zeroize( buf, sizeof( buf ) );
-
-    return( ret );
-}
-
-/*
- * Rotate/generate keys if necessary
- */
-static int ssl_ticket_update_keys( mbedtls_ssl_ticket_context *ctx )
-{
-#if !defined(MBEDTLS_HAVE_TIME)
-    ((void) ctx);
-#else
-    if( ctx->ticket_lifetime != 0 )
-    {
-        uint32_t current_time = (uint32_t) mbedtls_time( NULL );
-        uint32_t key_time = ctx->keys[ctx->active].generation_time;
-
-        if( current_time >= key_time &&
-            current_time - key_time < ctx->ticket_lifetime )
-        {
-            return( 0 );
-        }
-
-        ctx->active = 1 - ctx->active;
-
-        return( ssl_ticket_gen_key( ctx, ctx->active ) );
-    }
-    else
-#endif /* MBEDTLS_HAVE_TIME */
-        return( 0 );
-}
-
-/*
- * Setup context for actual use
- */
-int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
-    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-    mbedtls_cipher_type_t cipher,
-    uint32_t lifetime )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const mbedtls_cipher_info_t *cipher_info;
-
-    ctx->f_rng = f_rng;
-    ctx->p_rng = p_rng;
-
-    ctx->ticket_lifetime = lifetime;
-
-    cipher_info = mbedtls_cipher_info_from_type( cipher);
-    if( cipher_info == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    if( cipher_info->mode != MBEDTLS_MODE_GCM &&
-        cipher_info->mode != MBEDTLS_MODE_CCM )
-    {
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    if( cipher_info->key_bitlen > 8 * MAX_KEY_BYTES )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    ret = mbedtls_cipher_setup_psa( &ctx->keys[0].ctx,
-                                    cipher_info, TICKET_AUTH_TAG_BYTES );
-    if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
-        return( ret );
-    /* We don't yet expect to support all ciphers through PSA,
-     * so allow fallback to ordinary mbedtls_cipher_setup(). */
-    if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-    if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) ) != 0 )
-        return( ret );
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    ret = mbedtls_cipher_setup_psa( &ctx->keys[1].ctx,
-                                    cipher_info, TICKET_AUTH_TAG_BYTES );
-    if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
-        return( ret );
-    if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-    if( ( ret = mbedtls_cipher_setup( &ctx->keys[1].ctx, cipher_info ) ) != 0 )
-        return( ret );
-
-    if( ( ret = ssl_ticket_gen_key( ctx, 0 ) ) != 0 ||
-        ( ret = ssl_ticket_gen_key( ctx, 1 ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    return( 0 );
-}
-
-/*
- * Create session ticket, with the following structure:
- *
- *    struct {
- *        opaque key_name[4];
- *        opaque iv[12];
- *        opaque encrypted_state<0..2^16-1>;
- *        opaque tag[16];
- *    } ticket;
- *
- * The key_name, iv, and length of encrypted_state are the additional
- * authenticated data.
- */
-
-int mbedtls_ssl_ticket_write( void *p_ticket,
-                              const mbedtls_ssl_session *session,
-                              unsigned char *start,
-                              const unsigned char *end,
-                              size_t *tlen,
-                              uint32_t *ticket_lifetime )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ssl_ticket_context *ctx = p_ticket;
-    mbedtls_ssl_ticket_key *key;
-    unsigned char *key_name = start;
-    unsigned char *iv = start + TICKET_KEY_NAME_BYTES;
-    unsigned char *state_len_bytes = iv + TICKET_IV_BYTES;
-    unsigned char *state = state_len_bytes + TICKET_CRYPT_LEN_BYTES;
-    size_t clear_len, ciph_len;
-
-    *tlen = 0;
-
-    if( ctx == NULL || ctx->f_rng == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    /* We need at least 4 bytes for key_name, 12 for IV, 2 for len 16 for tag,
-     * in addition to session itself, that will be checked when writing it. */
-    MBEDTLS_SSL_CHK_BUF_PTR( start, end, TICKET_MIN_LEN );
-
-#if defined(MBEDTLS_THREADING_C)
-    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
-        return( ret );
-#endif
-
-    if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 )
-        goto cleanup;
-
-    key = &ctx->keys[ctx->active];
-
-    *ticket_lifetime = ctx->ticket_lifetime;
-
-    memcpy( key_name, key->name, TICKET_KEY_NAME_BYTES );
-
-    if( ( ret = ctx->f_rng( ctx->p_rng, iv, TICKET_IV_BYTES ) ) != 0 )
-        goto cleanup;
-
-    /* Dump session state */
-    if( ( ret = mbedtls_ssl_session_save( session,
-                                          state, end - state,
-                                          &clear_len ) ) != 0 ||
-        (unsigned long) clear_len > 65535 )
-    {
-         goto cleanup;
-    }
-    state_len_bytes[0] = ( clear_len >> 8 ) & 0xff;
-    state_len_bytes[1] = ( clear_len      ) & 0xff;
-
-    /* Encrypt and authenticate */
-    if( ( ret = mbedtls_cipher_auth_encrypt_ext( &key->ctx,
-                    iv, TICKET_IV_BYTES,
-                    /* Additional data: key name, IV and length */
-                    key_name, TICKET_ADD_DATA_LEN,
-                    state, clear_len,
-                    state, end - state, &ciph_len,
-                    TICKET_AUTH_TAG_BYTES ) ) != 0 )
-    {
-        goto cleanup;
-    }
-    if( ciph_len != clear_len + TICKET_AUTH_TAG_BYTES )
-    {
-        ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
-        goto cleanup;
-    }
-
-    *tlen = TICKET_MIN_LEN + ciph_len - TICKET_AUTH_TAG_BYTES;
-
-cleanup:
-#if defined(MBEDTLS_THREADING_C)
-    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
-        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
-#endif
-
-    return( ret );
-}
-
-/*
- * Select key based on name
- */
-static mbedtls_ssl_ticket_key *ssl_ticket_select_key(
-        mbedtls_ssl_ticket_context *ctx,
-        const unsigned char name[4] )
-{
-    unsigned char i;
-
-    for( i = 0; i < sizeof( ctx->keys ) / sizeof( *ctx->keys ); i++ )
-        if( memcmp( name, ctx->keys[i].name, 4 ) == 0 )
-            return( &ctx->keys[i] );
-
-    return( NULL );
-}
-
-/*
- * Load session ticket (see mbedtls_ssl_ticket_write for structure)
- */
-int mbedtls_ssl_ticket_parse( void *p_ticket,
-                              mbedtls_ssl_session *session,
-                              unsigned char *buf,
-                              size_t len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_ssl_ticket_context *ctx = p_ticket;
-    mbedtls_ssl_ticket_key *key;
-    unsigned char *key_name = buf;
-    unsigned char *iv = buf + TICKET_KEY_NAME_BYTES;
-    unsigned char *enc_len_p = iv + TICKET_IV_BYTES;
-    unsigned char *ticket = enc_len_p + TICKET_CRYPT_LEN_BYTES;
-    size_t enc_len, clear_len;
-
-    if( ctx == NULL || ctx->f_rng == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    if( len < TICKET_MIN_LEN )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_THREADING_C)
-    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
-        return( ret );
-#endif
-
-    if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 )
-        goto cleanup;
-
-    enc_len = ( enc_len_p[0] << 8 ) | enc_len_p[1];
-
-    if( len != TICKET_MIN_LEN + enc_len )
-    {
-        ret = MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
-        goto cleanup;
-    }
-
-    /* Select key */
-    if( ( key = ssl_ticket_select_key( ctx, key_name ) ) == NULL )
-    {
-        /* We can't know for sure but this is a likely option unless we're
-         * under attack - this is only informative anyway */
-        ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED;
-        goto cleanup;
-    }
-
-    /* Decrypt and authenticate */
-    if( ( ret = mbedtls_cipher_auth_decrypt_ext( &key->ctx,
-                    iv, TICKET_IV_BYTES,
-                    /* Additional data: key name, IV and length */
-                    key_name, TICKET_ADD_DATA_LEN,
-                    ticket, enc_len + TICKET_AUTH_TAG_BYTES,
-                    ticket, enc_len, &clear_len,
-                    TICKET_AUTH_TAG_BYTES ) ) != 0 )
-    {
-        if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED )
-            ret = MBEDTLS_ERR_SSL_INVALID_MAC;
-
-        goto cleanup;
-    }
-    if( clear_len != enc_len )
-    {
-        ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
-        goto cleanup;
-    }
-
-    /* Actually load session */
-    if( ( ret = mbedtls_ssl_session_load( session, ticket, clear_len ) ) != 0 )
-        goto cleanup;
-
-#if defined(MBEDTLS_HAVE_TIME)
-    {
-        /* Check for expiration */
-        mbedtls_time_t current_time = mbedtls_time( NULL );
-
-        if( current_time < session->start ||
-            (uint32_t)( current_time - session->start ) > ctx->ticket_lifetime )
-        {
-            ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED;
-            goto cleanup;
-        }
-    }
-#endif
-
-cleanup:
-#if defined(MBEDTLS_THREADING_C)
-    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
-        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
-#endif
-
-    return( ret );
-}
-
-/*
- * Free context
- */
-void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx )
-{
-    mbedtls_cipher_free( &ctx->keys[0].ctx );
-    mbedtls_cipher_free( &ctx->keys[1].ctx );
-
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_mutex_free( &ctx->mutex );
-#endif
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ssl_ticket_context ) );
-}
-
-#endif /* MBEDTLS_SSL_TICKET_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/ssl_tls.c b/3rdparty/mbedtls-2.25.0/library/ssl_tls.c
deleted file mode 100644
index a1a5859..0000000
--- a/3rdparty/mbedtls-2.25.0/library/ssl_tls.c
+++ /dev/null
@@ -1,7685 +0,0 @@
-/*
- *  SSLv3/TLSv1 shared functions
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  The SSL 3.0 specification was drafted by Netscape in 1996,
- *  and became an IETF standard in 1999.
- *
- *  http://wp.netscape.com/eng/ssl3/
- *  http://www.ietf.org/rfc/rfc2246.txt
- *  http://www.ietf.org/rfc/rfc4346.txt
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_SSL_TLS_C)
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc    calloc
-#define mbedtls_free      free
-#endif
-
-#include "mbedtls/ssl.h"
-#include "mbedtls/ssl_internal.h"
-#include "mbedtls/debug.h"
-#include "mbedtls/error.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/version.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "mbedtls/psa_util.h"
-#include "psa/crypto.h"
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-#include "mbedtls/oid.h"
-#endif
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-/* Top-level Connection ID API */
-
-int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf,
-                          size_t len,
-                          int ignore_other_cid )
-{
-    if( len > MBEDTLS_SSL_CID_IN_LEN_MAX )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    if( ignore_other_cid != MBEDTLS_SSL_UNEXPECTED_CID_FAIL &&
-        ignore_other_cid != MBEDTLS_SSL_UNEXPECTED_CID_IGNORE )
-    {
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    conf->ignore_unexpected_cid = ignore_other_cid;
-    conf->cid_len = len;
-    return( 0 );
-}
-
-int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl,
-                         int enable,
-                         unsigned char const *own_cid,
-                         size_t own_cid_len )
-{
-    if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    ssl->negotiate_cid = enable;
-    if( enable == MBEDTLS_SSL_CID_DISABLED )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "Disable use of CID extension." ) );
-        return( 0 );
-    }
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "Enable use of CID extension." ) );
-    MBEDTLS_SSL_DEBUG_BUF( 3, "Own CID", own_cid, own_cid_len );
-
-    if( own_cid_len != ssl->conf->cid_len )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "CID length %u does not match CID length %u in config",
-                                    (unsigned) own_cid_len,
-                                    (unsigned) ssl->conf->cid_len ) );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    memcpy( ssl->own_cid, own_cid, own_cid_len );
-    /* Truncation is not an issue here because
-     * MBEDTLS_SSL_CID_IN_LEN_MAX at most 255. */
-    ssl->own_cid_len = (uint8_t) own_cid_len;
-
-    return( 0 );
-}
-
-int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl,
-                     int *enabled,
-                     unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ],
-                     size_t *peer_cid_len )
-{
-    *enabled = MBEDTLS_SSL_CID_DISABLED;
-
-    if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ||
-        ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
-    {
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    /* We report MBEDTLS_SSL_CID_DISABLED in case the CID extensions
-     * were used, but client and server requested the empty CID.
-     * This is indistinguishable from not using the CID extension
-     * in the first place. */
-    if( ssl->transform_in->in_cid_len  == 0 &&
-        ssl->transform_in->out_cid_len == 0 )
-    {
-        return( 0 );
-    }
-
-    if( peer_cid_len != NULL )
-    {
-        *peer_cid_len = ssl->transform_in->out_cid_len;
-        if( peer_cid != NULL )
-        {
-            memcpy( peer_cid, ssl->transform_in->out_cid,
-                    ssl->transform_in->out_cid_len );
-        }
-    }
-
-    *enabled = MBEDTLS_SSL_CID_ENABLED;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-/*
- * Convert max_fragment_length codes to length.
- * RFC 6066 says:
- *    enum{
- *        2^9(1), 2^10(2), 2^11(3), 2^12(4), (255)
- *    } MaxFragmentLength;
- * and we add 0 -> extension unused
- */
-static unsigned int ssl_mfl_code_to_length( int mfl )
-{
-    switch( mfl )
-    {
-    case MBEDTLS_SSL_MAX_FRAG_LEN_NONE:
-        return ( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN );
-    case MBEDTLS_SSL_MAX_FRAG_LEN_512:
-        return 512;
-    case MBEDTLS_SSL_MAX_FRAG_LEN_1024:
-        return 1024;
-    case MBEDTLS_SSL_MAX_FRAG_LEN_2048:
-        return 2048;
-    case MBEDTLS_SSL_MAX_FRAG_LEN_4096:
-        return 4096;
-    default:
-        return ( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN );
-    }
-}
-#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-
-int mbedtls_ssl_session_copy( mbedtls_ssl_session *dst,
-                              const mbedtls_ssl_session *src )
-{
-    mbedtls_ssl_session_free( dst );
-    memcpy( dst, src, sizeof( mbedtls_ssl_session ) );
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-
-#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    if( src->peer_cert != NULL )
-    {
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-        dst->peer_cert = mbedtls_calloc( 1, sizeof(mbedtls_x509_crt) );
-        if( dst->peer_cert == NULL )
-            return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-
-        mbedtls_x509_crt_init( dst->peer_cert );
-
-        if( ( ret = mbedtls_x509_crt_parse_der( dst->peer_cert, src->peer_cert->raw.p,
-                                        src->peer_cert->raw.len ) ) != 0 )
-        {
-            mbedtls_free( dst->peer_cert );
-            dst->peer_cert = NULL;
-            return( ret );
-        }
-    }
-#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-    if( src->peer_cert_digest != NULL )
-    {
-        dst->peer_cert_digest =
-            mbedtls_calloc( 1, src->peer_cert_digest_len );
-        if( dst->peer_cert_digest == NULL )
-            return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-
-        memcpy( dst->peer_cert_digest, src->peer_cert_digest,
-                src->peer_cert_digest_len );
-        dst->peer_cert_digest_type = src->peer_cert_digest_type;
-        dst->peer_cert_digest_len = src->peer_cert_digest_len;
-    }
-#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
-    if( src->ticket != NULL )
-    {
-        dst->ticket = mbedtls_calloc( 1, src->ticket_len );
-        if( dst->ticket == NULL )
-            return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-
-        memcpy( dst->ticket, src->ticket, src->ticket_len );
-    }
-#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-static int resize_buffer( unsigned char **buffer, size_t len_new, size_t *len_old )
-{
-    unsigned char* resized_buffer = mbedtls_calloc( 1, len_new );
-    if( resized_buffer == NULL )
-        return -1;
-
-    /* We want to copy len_new bytes when downsizing the buffer, and
-     * len_old bytes when upsizing, so we choose the smaller of two sizes,
-     * to fit one buffer into another. Size checks, ensuring that no data is
-     * lost, are done outside of this function. */
-    memcpy( resized_buffer, *buffer,
-            ( len_new < *len_old ) ? len_new : *len_old );
-    mbedtls_platform_zeroize( *buffer, *len_old );
-    mbedtls_free( *buffer );
-
-    *buffer = resized_buffer;
-    *len_old = len_new;
-
-    return 0;
-}
-#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */
-
-/*
- * Key material generation
- */
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-static int ssl3_prf( const unsigned char *secret, size_t slen,
-                     const char *label,
-                     const unsigned char *random, size_t rlen,
-                     unsigned char *dstbuf, size_t dlen )
-{
-    int ret = 0;
-    size_t i;
-    mbedtls_md5_context md5;
-    mbedtls_sha1_context sha1;
-    unsigned char padding[16];
-    unsigned char sha1sum[20];
-    ((void)label);
-
-    mbedtls_md5_init(  &md5  );
-    mbedtls_sha1_init( &sha1 );
-
-    /*
-     *  SSLv3:
-     *    block =
-     *      MD5( secret + SHA1( 'A'    + secret + random ) ) +
-     *      MD5( secret + SHA1( 'BB'   + secret + random ) ) +
-     *      MD5( secret + SHA1( 'CCC'  + secret + random ) ) +
-     *      ...
-     */
-    for( i = 0; i < dlen / 16; i++ )
-    {
-        memset( padding, (unsigned char) ('A' + i), 1 + i );
-
-        if( ( ret = mbedtls_sha1_starts_ret( &sha1 ) ) != 0 )
-            goto exit;
-        if( ( ret = mbedtls_sha1_update_ret( &sha1, padding, 1 + i ) ) != 0 )
-            goto exit;
-        if( ( ret = mbedtls_sha1_update_ret( &sha1, secret, slen ) ) != 0 )
-            goto exit;
-        if( ( ret = mbedtls_sha1_update_ret( &sha1, random, rlen ) ) != 0 )
-            goto exit;
-        if( ( ret = mbedtls_sha1_finish_ret( &sha1, sha1sum ) ) != 0 )
-            goto exit;
-
-        if( ( ret = mbedtls_md5_starts_ret( &md5 ) ) != 0 )
-            goto exit;
-        if( ( ret = mbedtls_md5_update_ret( &md5, secret, slen ) ) != 0 )
-            goto exit;
-        if( ( ret = mbedtls_md5_update_ret( &md5, sha1sum, 20 ) ) != 0 )
-            goto exit;
-        if( ( ret = mbedtls_md5_finish_ret( &md5, dstbuf + i * 16 ) ) != 0 )
-            goto exit;
-    }
-
-exit:
-    mbedtls_md5_free(  &md5  );
-    mbedtls_sha1_free( &sha1 );
-
-    mbedtls_platform_zeroize( padding, sizeof( padding ) );
-    mbedtls_platform_zeroize( sha1sum, sizeof( sha1sum ) );
-
-    return( ret );
-}
-#endif /* MBEDTLS_SSL_PROTO_SSL3 */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
-static int tls1_prf( const unsigned char *secret, size_t slen,
-                     const char *label,
-                     const unsigned char *random, size_t rlen,
-                     unsigned char *dstbuf, size_t dlen )
-{
-    size_t nb, hs;
-    size_t i, j, k;
-    const unsigned char *S1, *S2;
-    unsigned char *tmp;
-    size_t tmp_len = 0;
-    unsigned char h_i[20];
-    const mbedtls_md_info_t *md_info;
-    mbedtls_md_context_t md_ctx;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    mbedtls_md_init( &md_ctx );
-
-    tmp_len = 20 + strlen( label ) + rlen;
-    tmp = mbedtls_calloc( 1, tmp_len );
-    if( tmp == NULL )
-    {
-        ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
-        goto exit;
-    }
-
-    hs = ( slen + 1 ) / 2;
-    S1 = secret;
-    S2 = secret + slen - hs;
-
-    nb = strlen( label );
-    memcpy( tmp + 20, label, nb );
-    memcpy( tmp + 20 + nb, random, rlen );
-    nb += rlen;
-
-    /*
-     * First compute P_md5(secret,label+random)[0..dlen]
-     */
-    if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ) ) == NULL )
-    {
-        ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 )
-    {
-        goto exit;
-    }
-
-    mbedtls_md_hmac_starts( &md_ctx, S1, hs );
-    mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb );
-    mbedtls_md_hmac_finish( &md_ctx, 4 + tmp );
-
-    for( i = 0; i < dlen; i += 16 )
-    {
-        mbedtls_md_hmac_reset ( &md_ctx );
-        mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 + nb );
-        mbedtls_md_hmac_finish( &md_ctx, h_i );
-
-        mbedtls_md_hmac_reset ( &md_ctx );
-        mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 );
-        mbedtls_md_hmac_finish( &md_ctx, 4 + tmp );
-
-        k = ( i + 16 > dlen ) ? dlen % 16 : 16;
-
-        for( j = 0; j < k; j++ )
-            dstbuf[i + j]  = h_i[j];
-    }
-
-    mbedtls_md_free( &md_ctx );
-
-    /*
-     * XOR out with P_sha1(secret,label+random)[0..dlen]
-     */
-    if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL )
-    {
-        ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 )
-    {
-        goto exit;
-    }
-
-    mbedtls_md_hmac_starts( &md_ctx, S2, hs );
-    mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb );
-    mbedtls_md_hmac_finish( &md_ctx, tmp );
-
-    for( i = 0; i < dlen; i += 20 )
-    {
-        mbedtls_md_hmac_reset ( &md_ctx );
-        mbedtls_md_hmac_update( &md_ctx, tmp, 20 + nb );
-        mbedtls_md_hmac_finish( &md_ctx, h_i );
-
-        mbedtls_md_hmac_reset ( &md_ctx );
-        mbedtls_md_hmac_update( &md_ctx, tmp, 20 );
-        mbedtls_md_hmac_finish( &md_ctx, tmp );
-
-        k = ( i + 20 > dlen ) ? dlen % 20 : 20;
-
-        for( j = 0; j < k; j++ )
-            dstbuf[i + j] = (unsigned char)( dstbuf[i + j] ^ h_i[j] );
-    }
-
-exit:
-    mbedtls_md_free( &md_ctx );
-
-    mbedtls_platform_zeroize( tmp, tmp_len );
-    mbedtls_platform_zeroize( h_i, sizeof( h_i ) );
-
-    mbedtls_free( tmp );
-    return( ret );
-}
-#endif /* MBEDTLS_SSL_PROTO_TLS1) || MBEDTLS_SSL_PROTO_TLS1_1 */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-
-static psa_status_t setup_psa_key_derivation( psa_key_derivation_operation_t* derivation,
-                                              psa_key_id_t key,
-                                              psa_algorithm_t alg,
-                                              const unsigned char* seed, size_t seed_length,
-                                              const unsigned char* label, size_t label_length,
-                                              size_t capacity )
-{
-    psa_status_t status;
-
-    status = psa_key_derivation_setup( derivation, alg );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    if( PSA_ALG_IS_TLS12_PRF( alg ) || PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) )
-    {
-        status = psa_key_derivation_input_bytes( derivation,
-                                                 PSA_KEY_DERIVATION_INPUT_SEED,
-                                                 seed, seed_length );
-        if( status != PSA_SUCCESS )
-            return( status );
-
-        if( mbedtls_svc_key_id_is_null( key ) )
-        {
-            status = psa_key_derivation_input_bytes(
-                derivation, PSA_KEY_DERIVATION_INPUT_SECRET,
-                NULL, 0 );
-        }
-        else
-        {
-            status = psa_key_derivation_input_key(
-                derivation, PSA_KEY_DERIVATION_INPUT_SECRET, key );
-        }
-        if( status != PSA_SUCCESS )
-            return( status );
-
-        status = psa_key_derivation_input_bytes( derivation,
-                                                 PSA_KEY_DERIVATION_INPUT_LABEL,
-                                                 label, label_length );
-        if( status != PSA_SUCCESS )
-            return( status );
-    }
-    else
-    {
-        return( PSA_ERROR_NOT_SUPPORTED );
-    }
-
-    status = psa_key_derivation_set_capacity( derivation, capacity );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    return( PSA_SUCCESS );
-}
-
-static int tls_prf_generic( mbedtls_md_type_t md_type,
-                            const unsigned char *secret, size_t slen,
-                            const char *label,
-                            const unsigned char *random, size_t rlen,
-                            unsigned char *dstbuf, size_t dlen )
-{
-    psa_status_t status;
-    psa_algorithm_t alg;
-    psa_key_id_t master_key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_derivation_operation_t derivation =
-        PSA_KEY_DERIVATION_OPERATION_INIT;
-
-    if( md_type == MBEDTLS_MD_SHA384 )
-        alg = PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384);
-    else
-        alg = PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256);
-
-    /* Normally a "secret" should be long enough to be impossible to
-     * find by brute force, and in particular should not be empty. But
-     * this PRF is also used to derive an IV, in particular in EAP-TLS,
-     * and for this use case it makes sense to have a 0-length "secret".
-     * Since the key API doesn't allow importing a key of length 0,
-     * keep master_key=0, which setup_psa_key_derivation() understands
-     * to mean a 0-length "secret" input. */
-    if( slen != 0 )
-    {
-        psa_key_attributes_t key_attributes = psa_key_attributes_init();
-        psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE );
-        psa_set_key_algorithm( &key_attributes, alg );
-        psa_set_key_type( &key_attributes, PSA_KEY_TYPE_DERIVE );
-
-        status = psa_import_key( &key_attributes, secret, slen, &master_key );
-        if( status != PSA_SUCCESS )
-            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-    }
-
-    status = setup_psa_key_derivation( &derivation,
-                                       master_key, alg,
-                                       random, rlen,
-                                       (unsigned char const *) label,
-                                       (size_t) strlen( label ),
-                                       dlen );
-    if( status != PSA_SUCCESS )
-    {
-        psa_key_derivation_abort( &derivation );
-        psa_destroy_key( master_key );
-        return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-    }
-
-    status = psa_key_derivation_output_bytes( &derivation, dstbuf, dlen );
-    if( status != PSA_SUCCESS )
-    {
-        psa_key_derivation_abort( &derivation );
-        psa_destroy_key( master_key );
-        return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-    }
-
-    status = psa_key_derivation_abort( &derivation );
-    if( status != PSA_SUCCESS )
-    {
-        psa_destroy_key( master_key );
-        return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-    }
-
-    if( ! mbedtls_svc_key_id_is_null( master_key ) )
-        status = psa_destroy_key( master_key );
-    if( status != PSA_SUCCESS )
-        return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-
-    return( 0 );
-}
-
-#else /* MBEDTLS_USE_PSA_CRYPTO */
-
-static int tls_prf_generic( mbedtls_md_type_t md_type,
-                            const unsigned char *secret, size_t slen,
-                            const char *label,
-                            const unsigned char *random, size_t rlen,
-                            unsigned char *dstbuf, size_t dlen )
-{
-    size_t nb;
-    size_t i, j, k, md_len;
-    unsigned char *tmp;
-    size_t tmp_len = 0;
-    unsigned char h_i[MBEDTLS_MD_MAX_SIZE];
-    const mbedtls_md_info_t *md_info;
-    mbedtls_md_context_t md_ctx;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    mbedtls_md_init( &md_ctx );
-
-    if( ( md_info = mbedtls_md_info_from_type( md_type ) ) == NULL )
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-
-    md_len = mbedtls_md_get_size( md_info );
-
-    tmp_len = md_len + strlen( label ) + rlen;
-    tmp = mbedtls_calloc( 1, tmp_len );
-    if( tmp == NULL )
-    {
-        ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
-        goto exit;
-    }
-
-    nb = strlen( label );
-    memcpy( tmp + md_len, label, nb );
-    memcpy( tmp + md_len + nb, random, rlen );
-    nb += rlen;
-
-    /*
-     * Compute P_<hash>(secret, label + random)[0..dlen]
-     */
-    if ( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 )
-        goto exit;
-
-    mbedtls_md_hmac_starts( &md_ctx, secret, slen );
-    mbedtls_md_hmac_update( &md_ctx, tmp + md_len, nb );
-    mbedtls_md_hmac_finish( &md_ctx, tmp );
-
-    for( i = 0; i < dlen; i += md_len )
-    {
-        mbedtls_md_hmac_reset ( &md_ctx );
-        mbedtls_md_hmac_update( &md_ctx, tmp, md_len + nb );
-        mbedtls_md_hmac_finish( &md_ctx, h_i );
-
-        mbedtls_md_hmac_reset ( &md_ctx );
-        mbedtls_md_hmac_update( &md_ctx, tmp, md_len );
-        mbedtls_md_hmac_finish( &md_ctx, tmp );
-
-        k = ( i + md_len > dlen ) ? dlen % md_len : md_len;
-
-        for( j = 0; j < k; j++ )
-            dstbuf[i + j]  = h_i[j];
-    }
-
-exit:
-    mbedtls_md_free( &md_ctx );
-
-    mbedtls_platform_zeroize( tmp, tmp_len );
-    mbedtls_platform_zeroize( h_i, sizeof( h_i ) );
-
-    mbedtls_free( tmp );
-
-    return( ret );
-}
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-#if defined(MBEDTLS_SHA256_C)
-static int tls_prf_sha256( const unsigned char *secret, size_t slen,
-                           const char *label,
-                           const unsigned char *random, size_t rlen,
-                           unsigned char *dstbuf, size_t dlen )
-{
-    return( tls_prf_generic( MBEDTLS_MD_SHA256, secret, slen,
-                             label, random, rlen, dstbuf, dlen ) );
-}
-#endif /* MBEDTLS_SHA256_C */
-
-#if defined(MBEDTLS_SHA512_C)
-static int tls_prf_sha384( const unsigned char *secret, size_t slen,
-                           const char *label,
-                           const unsigned char *random, size_t rlen,
-                           unsigned char *dstbuf, size_t dlen )
-{
-    return( tls_prf_generic( MBEDTLS_MD_SHA384, secret, slen,
-                             label, random, rlen, dstbuf, dlen ) );
-}
-#endif /* MBEDTLS_SHA512_C */
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-
-static void ssl_update_checksum_start( mbedtls_ssl_context *, const unsigned char *, size_t );
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_1)
-static void ssl_update_checksum_md5sha1( mbedtls_ssl_context *, const unsigned char *, size_t );
-#endif
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-static void ssl_calc_verify_ssl( const mbedtls_ssl_context *, unsigned char *, size_t * );
-static void ssl_calc_finished_ssl( mbedtls_ssl_context *, unsigned char *, int );
-#endif
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
-static void ssl_calc_verify_tls( const mbedtls_ssl_context *, unsigned char*, size_t * );
-static void ssl_calc_finished_tls( mbedtls_ssl_context *, unsigned char *, int );
-#endif
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#if defined(MBEDTLS_SHA256_C)
-static void ssl_update_checksum_sha256( mbedtls_ssl_context *, const unsigned char *, size_t );
-static void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *,unsigned char*, size_t * );
-static void ssl_calc_finished_tls_sha256( mbedtls_ssl_context *,unsigned char *, int );
-#endif
-
-#if defined(MBEDTLS_SHA512_C)
-static void ssl_update_checksum_sha384( mbedtls_ssl_context *, const unsigned char *, size_t );
-static void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *, unsigned char*, size_t * );
-static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *, unsigned char *, int );
-#endif
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) && \
-    defined(MBEDTLS_USE_PSA_CRYPTO)
-static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl )
-{
-    if( ssl->conf->f_psk != NULL )
-    {
-        /* If we've used a callback to select the PSK,
-         * the static configuration is irrelevant. */
-        if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) )
-            return( 1 );
-
-        return( 0 );
-    }
-
-    if( ! mbedtls_svc_key_id_is_null( ssl->conf->psk_opaque ) )
-        return( 1 );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_USE_PSA_CRYPTO &&
-          MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
-
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-static mbedtls_tls_prf_types tls_prf_get_type( mbedtls_ssl_tls_prf_cb *tls_prf )
-{
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-    if( tls_prf == ssl3_prf )
-    {
-        return( MBEDTLS_SSL_TLS_PRF_SSL3 );
-    }
-    else
-#endif
-#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
-    if( tls_prf == tls1_prf )
-    {
-        return( MBEDTLS_SSL_TLS_PRF_TLS1 );
-    }
-    else
-#endif
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#if defined(MBEDTLS_SHA512_C)
-    if( tls_prf == tls_prf_sha384 )
-    {
-        return( MBEDTLS_SSL_TLS_PRF_SHA384 );
-    }
-    else
-#endif
-#if defined(MBEDTLS_SHA256_C)
-    if( tls_prf == tls_prf_sha256 )
-    {
-        return( MBEDTLS_SSL_TLS_PRF_SHA256 );
-    }
-    else
-#endif
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-    return( MBEDTLS_SSL_TLS_PRF_NONE );
-}
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */
-
-int  mbedtls_ssl_tls_prf( const mbedtls_tls_prf_types prf,
-                          const unsigned char *secret, size_t slen,
-                          const char *label,
-                          const unsigned char *random, size_t rlen,
-                          unsigned char *dstbuf, size_t dlen )
-{
-    mbedtls_ssl_tls_prf_cb *tls_prf = NULL;
-
-    switch( prf )
-    {
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-        case MBEDTLS_SSL_TLS_PRF_SSL3:
-            tls_prf = ssl3_prf;
-        break;
-#endif /* MBEDTLS_SSL_PROTO_SSL3 */
-#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
-        case MBEDTLS_SSL_TLS_PRF_TLS1:
-            tls_prf = tls1_prf;
-        break;
-#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#if defined(MBEDTLS_SHA512_C)
-        case MBEDTLS_SSL_TLS_PRF_SHA384:
-            tls_prf = tls_prf_sha384;
-        break;
-#endif /* MBEDTLS_SHA512_C */
-#if defined(MBEDTLS_SHA256_C)
-        case MBEDTLS_SSL_TLS_PRF_SHA256:
-            tls_prf = tls_prf_sha256;
-        break;
-#endif /* MBEDTLS_SHA256_C */
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-    default:
-        return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-    }
-
-    return( tls_prf( secret, slen, label, random, rlen, dstbuf, dlen ) );
-}
-
-/* Type for the TLS PRF */
-typedef int ssl_tls_prf_t(const unsigned char *, size_t, const char *,
-                          const unsigned char *, size_t,
-                          unsigned char *, size_t);
-
-/*
- * Populate a transform structure with session keys and all the other
- * necessary information.
- *
- * Parameters:
- * - [in/out]: transform: structure to populate
- *      [in] must be just initialised with mbedtls_ssl_transform_init()
- *      [out] fully populated, ready for use by mbedtls_ssl_{en,de}crypt_buf()
- * - [in] ciphersuite
- * - [in] master
- * - [in] encrypt_then_mac
- * - [in] trunc_hmac
- * - [in] compression
- * - [in] tls_prf: pointer to PRF to use for key derivation
- * - [in] randbytes: buffer holding ServerHello.random + ClientHello.random
- * - [in] minor_ver: SSL/TLS minor version
- * - [in] endpoint: client or server
- * - [in] ssl: optionally used for:
- *        - MBEDTLS_SSL_HW_RECORD_ACCEL: whole context (non-const)
- *        - MBEDTLS_SSL_EXPORT_KEYS: ssl->conf->{f,p}_export_keys
- *        - MBEDTLS_DEBUG_C: ssl->conf->{f,p}_dbg
- */
-static int ssl_populate_transform( mbedtls_ssl_transform *transform,
-                                   int ciphersuite,
-                                   const unsigned char master[48],
-#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-                                   int encrypt_then_mac,
-#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-                                   int trunc_hmac,
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-                                   int compression,
-#endif
-                                   ssl_tls_prf_t tls_prf,
-                                   const unsigned char randbytes[64],
-                                   int minor_ver,
-                                   unsigned endpoint,
-#if !defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
-                                   const
-#endif
-                                   mbedtls_ssl_context *ssl )
-{
-    int ret = 0;
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    int psa_fallthrough;
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-    unsigned char keyblk[256];
-    unsigned char *key1;
-    unsigned char *key2;
-    unsigned char *mac_enc;
-    unsigned char *mac_dec;
-    size_t mac_key_len = 0;
-    size_t iv_copy_len;
-    unsigned keylen;
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
-    const mbedtls_cipher_info_t *cipher_info;
-    const mbedtls_md_info_t *md_info;
-
-#if !defined(MBEDTLS_SSL_HW_RECORD_ACCEL) && \
-    !defined(MBEDTLS_SSL_EXPORT_KEYS) && \
-    !defined(MBEDTLS_DEBUG_C)
-    ssl = NULL; /* make sure we don't use it except for those cases */
-    (void) ssl;
-#endif
-
-    /*
-     * Some data just needs copying into the structure
-     */
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \
-    defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
-    transform->encrypt_then_mac = encrypt_then_mac;
-#endif
-    transform->minor_ver = minor_ver;
-
-#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
-    memcpy( transform->randbytes, randbytes, sizeof( transform->randbytes ) );
-#endif
-
-    /*
-     * Get various info structures
-     */
-    ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuite );
-    if( ciphersuite_info == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "ciphersuite info for %d not found",
-                                    ciphersuite ) );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    cipher_info = mbedtls_cipher_info_from_type( ciphersuite_info->cipher );
-    if( cipher_info == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "cipher info for %d not found",
-                                    ciphersuite_info->cipher ) );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    md_info = mbedtls_md_info_from_type( ciphersuite_info->mac );
-    if( md_info == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_md info for %d not found",
-                            ciphersuite_info->mac ) );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    /* Copy own and peer's CID if the use of the CID
-     * extension has been negotiated. */
-    if( ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_ENABLED )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "Copy CIDs into SSL transform" ) );
-
-        transform->in_cid_len = ssl->own_cid_len;
-        memcpy( transform->in_cid, ssl->own_cid, ssl->own_cid_len );
-        MBEDTLS_SSL_DEBUG_BUF( 3, "Incoming CID", transform->in_cid,
-                               transform->in_cid_len );
-
-        transform->out_cid_len = ssl->handshake->peer_cid_len;
-        memcpy( transform->out_cid, ssl->handshake->peer_cid,
-                ssl->handshake->peer_cid_len );
-        MBEDTLS_SSL_DEBUG_BUF( 3, "Outgoing CID", transform->out_cid,
-                               transform->out_cid_len );
-    }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-    /*
-     * Compute key block using the PRF
-     */
-    ret = tls_prf( master, 48, "key expansion", randbytes, 64, keyblk, 256 );
-    if( ret != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret );
-        return( ret );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite = %s",
-                           mbedtls_ssl_get_ciphersuite_name( ciphersuite ) ) );
-    MBEDTLS_SSL_DEBUG_BUF( 3, "master secret", master, 48 );
-    MBEDTLS_SSL_DEBUG_BUF( 4, "random bytes", randbytes, 64 );
-    MBEDTLS_SSL_DEBUG_BUF( 4, "key block", keyblk, 256 );
-
-    /*
-     * Determine the appropriate key, IV and MAC length.
-     */
-
-    keylen = cipher_info->key_bitlen / 8;
-
-#if defined(MBEDTLS_GCM_C) ||                           \
-    defined(MBEDTLS_CCM_C) ||                           \
-    defined(MBEDTLS_CHACHAPOLY_C)
-    if( cipher_info->mode == MBEDTLS_MODE_GCM ||
-        cipher_info->mode == MBEDTLS_MODE_CCM ||
-        cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY )
-    {
-        size_t explicit_ivlen;
-
-        transform->maclen = 0;
-        mac_key_len = 0;
-        transform->taglen =
-            ciphersuite_info->flags & MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16;
-
-        /* All modes haves 96-bit IVs, but the length of the static parts vary
-         * with mode and version:
-         * - For GCM and CCM in TLS 1.2, there's a static IV of 4 Bytes
-         *   (to be concatenated with a dynamically chosen IV of 8 Bytes)
-         * - For ChaChaPoly in TLS 1.2, and all modes in TLS 1.3, there's
-         *   a static IV of 12 Bytes (to be XOR'ed with the 8 Byte record
-         *   sequence number).
-         */
-        transform->ivlen = 12;
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
-        if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
-        {
-            transform->fixed_ivlen = 12;
-        }
-        else
-#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-        {
-            if( cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY )
-                transform->fixed_ivlen = 12;
-            else
-                transform->fixed_ivlen = 4;
-        }
-
-        /* Minimum length of encrypted record */
-        explicit_ivlen = transform->ivlen - transform->fixed_ivlen;
-        transform->minlen = explicit_ivlen + transform->taglen;
-    }
-    else
-#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */
-#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
-    if( cipher_info->mode == MBEDTLS_MODE_STREAM ||
-        cipher_info->mode == MBEDTLS_MODE_CBC )
-    {
-        /* Initialize HMAC contexts */
-        if( ( ret = mbedtls_md_setup( &transform->md_ctx_enc, md_info, 1 ) ) != 0 ||
-            ( ret = mbedtls_md_setup( &transform->md_ctx_dec, md_info, 1 ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_setup", ret );
-            goto end;
-        }
-
-        /* Get MAC length */
-        mac_key_len = mbedtls_md_get_size( md_info );
-        transform->maclen = mac_key_len;
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-        /*
-         * If HMAC is to be truncated, we shall keep the leftmost bytes,
-         * (rfc 6066 page 13 or rfc 2104 section 4),
-         * so we only need to adjust the length here.
-         */
-        if( trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED )
-        {
-            transform->maclen = MBEDTLS_SSL_TRUNCATED_HMAC_LEN;
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT)
-            /* Fall back to old, non-compliant version of the truncated
-             * HMAC implementation which also truncates the key
-             * (Mbed TLS versions from 1.3 to 2.6.0) */
-            mac_key_len = transform->maclen;
-#endif
-        }
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
-        /* IV length */
-        transform->ivlen = cipher_info->iv_size;
-
-        /* Minimum length */
-        if( cipher_info->mode == MBEDTLS_MODE_STREAM )
-            transform->minlen = transform->maclen;
-        else
-        {
-            /*
-             * GenericBlockCipher:
-             * 1. if EtM is in use: one block plus MAC
-             *    otherwise: * first multiple of blocklen greater than maclen
-             * 2. IV except for SSL3 and TLS 1.0
-             */
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-            if( encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED )
-            {
-                transform->minlen = transform->maclen
-                                  + cipher_info->block_size;
-            }
-            else
-#endif
-            {
-                transform->minlen = transform->maclen
-                                  + cipher_info->block_size
-                                  - transform->maclen % cipher_info->block_size;
-            }
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1)
-            if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ||
-                minor_ver == MBEDTLS_SSL_MINOR_VERSION_1 )
-                ; /* No need to adjust minlen */
-            else
-#endif
-#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
-            if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_2 ||
-                minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
-            {
-                transform->minlen += transform->ivlen;
-            }
-            else
-#endif
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-                ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
-                goto end;
-            }
-        }
-    }
-    else
-#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "keylen: %u, minlen: %u, ivlen: %u, maclen: %u",
-                                (unsigned) keylen,
-                                (unsigned) transform->minlen,
-                                (unsigned) transform->ivlen,
-                                (unsigned) transform->maclen ) );
-
-    /*
-     * Finally setup the cipher contexts, IVs and MAC secrets.
-     */
-#if defined(MBEDTLS_SSL_CLI_C)
-    if( endpoint == MBEDTLS_SSL_IS_CLIENT )
-    {
-        key1 = keyblk + mac_key_len * 2;
-        key2 = keyblk + mac_key_len * 2 + keylen;
-
-        mac_enc = keyblk;
-        mac_dec = keyblk + mac_key_len;
-
-        /*
-         * This is not used in TLS v1.1.
-         */
-        iv_copy_len = ( transform->fixed_ivlen ) ?
-                            transform->fixed_ivlen : transform->ivlen;
-        memcpy( transform->iv_enc, key2 + keylen,  iv_copy_len );
-        memcpy( transform->iv_dec, key2 + keylen + iv_copy_len,
-                iv_copy_len );
-    }
-    else
-#endif /* MBEDTLS_SSL_CLI_C */
-#if defined(MBEDTLS_SSL_SRV_C)
-    if( endpoint == MBEDTLS_SSL_IS_SERVER )
-    {
-        key1 = keyblk + mac_key_len * 2 + keylen;
-        key2 = keyblk + mac_key_len * 2;
-
-        mac_enc = keyblk + mac_key_len;
-        mac_dec = keyblk;
-
-        /*
-         * This is not used in TLS v1.1.
-         */
-        iv_copy_len = ( transform->fixed_ivlen ) ?
-                            transform->fixed_ivlen : transform->ivlen;
-        memcpy( transform->iv_dec, key1 + keylen,  iv_copy_len );
-        memcpy( transform->iv_enc, key1 + keylen + iv_copy_len,
-                iv_copy_len );
-    }
-    else
-#endif /* MBEDTLS_SSL_SRV_C */
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
-        goto end;
-    }
-
-#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-    if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
-    {
-        if( mac_key_len > sizeof( transform->mac_enc ) )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-            ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
-            goto end;
-        }
-
-        memcpy( transform->mac_enc, mac_enc, mac_key_len );
-        memcpy( transform->mac_dec, mac_dec, mac_key_len );
-    }
-    else
-#endif /* MBEDTLS_SSL_PROTO_SSL3 */
-#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_2)
-    if( minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 )
-    {
-        /* For HMAC-based ciphersuites, initialize the HMAC transforms.
-           For AEAD-based ciphersuites, there is nothing to do here. */
-        if( mac_key_len != 0 )
-        {
-            mbedtls_md_hmac_starts( &transform->md_ctx_enc, mac_enc, mac_key_len );
-            mbedtls_md_hmac_starts( &transform->md_ctx_dec, mac_dec, mac_key_len );
-        }
-    }
-    else
-#endif
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
-        goto end;
-    }
-#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
-
-#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
-    if( mbedtls_ssl_hw_record_init != NULL )
-    {
-        ret = 0;
-
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_init()" ) );
-
-        if( ( ret = mbedtls_ssl_hw_record_init( ssl, key1, key2, keylen,
-                                        transform->iv_enc, transform->iv_dec,
-                                        iv_copy_len,
-                                        mac_enc, mac_dec,
-                                        mac_key_len ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_init", ret );
-            ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
-            goto end;
-        }
-    }
-#else
-    ((void) mac_dec);
-    ((void) mac_enc);
-#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
-
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-    if( ssl->conf->f_export_keys != NULL )
-    {
-        ssl->conf->f_export_keys( ssl->conf->p_export_keys,
-                                  master, keyblk,
-                                  mac_key_len, keylen,
-                                  iv_copy_len );
-    }
-
-    if( ssl->conf->f_export_keys_ext != NULL )
-    {
-        ssl->conf->f_export_keys_ext( ssl->conf->p_export_keys,
-                                      master, keyblk,
-                                      mac_key_len, keylen,
-                                      iv_copy_len,
-                                      randbytes + 32,
-                                      randbytes,
-                                      tls_prf_get_type( tls_prf ) );
-    }
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-
-    /* Only use PSA-based ciphers for TLS-1.2.
-     * That's relevant at least for TLS-1.0, where
-     * we assume that mbedtls_cipher_crypt() updates
-     * the structure field for the IV, which the PSA-based
-     * implementation currently doesn't. */
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
-    {
-        ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_enc,
-                                        cipher_info, transform->taglen );
-        if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret );
-            goto end;
-        }
-
-        if( ret == 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "Successfully setup PSA-based encryption cipher context" ) );
-            psa_fallthrough = 0;
-        }
-        else
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record encryption - fall through to default setup." ) );
-            psa_fallthrough = 1;
-        }
-    }
-    else
-        psa_fallthrough = 1;
-#else
-    psa_fallthrough = 1;
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-
-    if( psa_fallthrough == 1 )
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-    if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc,
-                                 cipher_info ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret );
-        goto end;
-    }
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    /* Only use PSA-based ciphers for TLS-1.2.
-     * That's relevant at least for TLS-1.0, where
-     * we assume that mbedtls_cipher_crypt() updates
-     * the structure field for the IV, which the PSA-based
-     * implementation currently doesn't. */
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
-    {
-        ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_dec,
-                                        cipher_info, transform->taglen );
-        if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret );
-            goto end;
-        }
-
-        if( ret == 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "Successfully setup PSA-based decryption cipher context" ) );
-            psa_fallthrough = 0;
-        }
-        else
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record decryption - fall through to default setup." ) );
-            psa_fallthrough = 1;
-        }
-    }
-    else
-        psa_fallthrough = 1;
-#else
-    psa_fallthrough = 1;
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-
-    if( psa_fallthrough == 1 )
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-    if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_dec,
-                                 cipher_info ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret );
-        goto end;
-    }
-
-    if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_enc, key1,
-                               cipher_info->key_bitlen,
-                               MBEDTLS_ENCRYPT ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
-        goto end;
-    }
-
-    if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_dec, key2,
-                               cipher_info->key_bitlen,
-                               MBEDTLS_DECRYPT ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
-        goto end;
-    }
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    if( cipher_info->mode == MBEDTLS_MODE_CBC )
-    {
-        if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx_enc,
-                                             MBEDTLS_PADDING_NONE ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_set_padding_mode", ret );
-            goto end;
-        }
-
-        if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx_dec,
-                                             MBEDTLS_PADDING_NONE ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_set_padding_mode", ret );
-            goto end;
-        }
-    }
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-
-    /* Initialize Zlib contexts */
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-    if( compression == MBEDTLS_SSL_COMPRESS_DEFLATE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "Initializing zlib states" ) );
-
-        memset( &transform->ctx_deflate, 0, sizeof( transform->ctx_deflate ) );
-        memset( &transform->ctx_inflate, 0, sizeof( transform->ctx_inflate ) );
-
-        if( deflateInit( &transform->ctx_deflate,
-                         Z_DEFAULT_COMPRESSION )   != Z_OK ||
-            inflateInit( &transform->ctx_inflate ) != Z_OK )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to initialize compression" ) );
-            ret = MBEDTLS_ERR_SSL_COMPRESSION_FAILED;
-            goto end;
-        }
-    }
-#endif /* MBEDTLS_ZLIB_SUPPORT */
-
-end:
-    mbedtls_platform_zeroize( keyblk, sizeof( keyblk ) );
-    return( ret );
-}
-
-/*
- * Set appropriate PRF function and other SSL / TLS 1.0/1.1 / TLS1.2 functions
- *
- * Inputs:
- * - SSL/TLS minor version
- * - hash associated with the ciphersuite (only used by TLS 1.2)
- *
- * Outputs:
- * - the tls_prf, calc_verify and calc_finished members of handshake structure
- */
-static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake,
-                                   int minor_ver,
-                                   mbedtls_md_type_t hash )
-{
-#if !defined(MBEDTLS_SSL_PROTO_TLS1_2) || !defined(MBEDTLS_SHA512_C)
-    (void) hash;
-#endif
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-    if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
-    {
-        handshake->tls_prf = ssl3_prf;
-        handshake->calc_verify = ssl_calc_verify_ssl;
-        handshake->calc_finished = ssl_calc_finished_ssl;
-    }
-    else
-#endif
-#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
-    if( minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 )
-    {
-        handshake->tls_prf = tls1_prf;
-        handshake->calc_verify = ssl_calc_verify_tls;
-        handshake->calc_finished = ssl_calc_finished_tls;
-    }
-    else
-#endif
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#if defined(MBEDTLS_SHA512_C)
-    if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 &&
-        hash == MBEDTLS_MD_SHA384 )
-    {
-        handshake->tls_prf = tls_prf_sha384;
-        handshake->calc_verify = ssl_calc_verify_tls_sha384;
-        handshake->calc_finished = ssl_calc_finished_tls_sha384;
-    }
-    else
-#endif
-#if defined(MBEDTLS_SHA256_C)
-    if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
-    {
-        handshake->tls_prf = tls_prf_sha256;
-        handshake->calc_verify = ssl_calc_verify_tls_sha256;
-        handshake->calc_finished = ssl_calc_finished_tls_sha256;
-    }
-    else
-#endif
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-    {
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    return( 0 );
-}
-
-/*
- * Compute master secret if needed
- *
- * Parameters:
- * [in/out] handshake
- *          [in] resume, premaster, extended_ms, calc_verify, tls_prf
- *               (PSA-PSK) ciphersuite_info, psk_opaque
- *          [out] premaster (cleared)
- * [out] master
- * [in] ssl: optionally used for debugging, EMS and PSA-PSK
- *      debug: conf->f_dbg, conf->p_dbg
- *      EMS: passed to calc_verify (debug + (SSL3) session_negotiate)
- *      PSA-PSA: minor_ver, conf
- */
-static int ssl_compute_master( mbedtls_ssl_handshake_params *handshake,
-                               unsigned char *master,
-                               const mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    /* cf. RFC 5246, Section 8.1:
-     * "The master secret is always exactly 48 bytes in length." */
-    size_t const master_secret_len = 48;
-
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-    unsigned char session_hash[48];
-#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
-
-    /* The label for the KDF used for key expansion.
-     * This is either "master secret" or "extended master secret"
-     * depending on whether the Extended Master Secret extension
-     * is used. */
-    char const *lbl = "master secret";
-
-    /* The salt for the KDF used for key expansion.
-     * - If the Extended Master Secret extension is not used,
-     *   this is ClientHello.Random + ServerHello.Random
-     *   (see Sect. 8.1 in RFC 5246).
-     * - If the Extended Master Secret extension is used,
-     *   this is the transcript of the handshake so far.
-     *   (see Sect. 4 in RFC 7627). */
-    unsigned char const *salt = handshake->randbytes;
-    size_t salt_len = 64;
-
-#if !defined(MBEDTLS_DEBUG_C) &&                    \
-    !defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) && \
-    !(defined(MBEDTLS_USE_PSA_CRYPTO) &&            \
-      defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED))
-    ssl = NULL; /* make sure we don't use it except for those cases */
-    (void) ssl;
-#endif
-
-    if( handshake->resume != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) );
-        return( 0 );
-    }
-
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-    if( handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED )
-    {
-        lbl  = "extended master secret";
-        salt = session_hash;
-        handshake->calc_verify( ssl, session_hash, &salt_len );
-
-        MBEDTLS_SSL_DEBUG_BUF( 3, "session hash for extended master secret",
-                                  session_hash, salt_len );
-    }
-#endif /* MBEDTLS_SSL_EXTENDED_MS_ENABLED */
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO) &&          \
-    defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
-    if( handshake->ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK &&
-        ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 &&
-        ssl_use_opaque_psk( ssl ) == 1 )
-    {
-        /* Perform PSK-to-MS expansion in a single step. */
-        psa_status_t status;
-        psa_algorithm_t alg;
-        psa_key_id_t psk;
-        psa_key_derivation_operation_t derivation =
-            PSA_KEY_DERIVATION_OPERATION_INIT;
-        mbedtls_md_type_t hash_alg = handshake->ciphersuite_info->mac;
-
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "perform PSA-based PSK-to-MS expansion" ) );
-
-        psk = mbedtls_ssl_get_opaque_psk( ssl );
-
-        if( hash_alg == MBEDTLS_MD_SHA384 )
-            alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384);
-        else
-            alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
-
-        status = setup_psa_key_derivation( &derivation, psk, alg,
-                                           salt, salt_len,
-                                           (unsigned char const *) lbl,
-                                           (size_t) strlen( lbl ),
-                                           master_secret_len );
-        if( status != PSA_SUCCESS )
-        {
-            psa_key_derivation_abort( &derivation );
-            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-        }
-
-        status = psa_key_derivation_output_bytes( &derivation,
-                                                  master,
-                                                  master_secret_len );
-        if( status != PSA_SUCCESS )
-        {
-            psa_key_derivation_abort( &derivation );
-            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-        }
-
-        status = psa_key_derivation_abort( &derivation );
-        if( status != PSA_SUCCESS )
-            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-    }
-    else
-#endif
-    {
-        ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
-                                  lbl, salt, salt_len,
-                                  master,
-                                  master_secret_len );
-        if( ret != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret );
-            return( ret );
-        }
-
-        MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret",
-                               handshake->premaster,
-                               handshake->pmslen );
-
-        mbedtls_platform_zeroize( handshake->premaster,
-                                  sizeof(handshake->premaster) );
-    }
-
-    return( 0 );
-}
-
-int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const mbedtls_ssl_ciphersuite_t * const ciphersuite_info =
-        ssl->handshake->ciphersuite_info;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> derive keys" ) );
-
-    /* Set PRF, calc_verify and calc_finished function pointers */
-    ret = ssl_set_handshake_prfs( ssl->handshake,
-                                  ssl->minor_ver,
-                                  ciphersuite_info->mac );
-    if( ret != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_set_handshake_prfs", ret );
-        return( ret );
-    }
-
-    /* Compute master secret if needed */
-    ret = ssl_compute_master( ssl->handshake,
-                              ssl->session_negotiate->master,
-                              ssl );
-    if( ret != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_compute_master", ret );
-        return( ret );
-    }
-
-    /* Swap the client and server random values:
-     * - MS derivation wanted client+server (RFC 5246 8.1)
-     * - key derivation wants server+client (RFC 5246 6.3) */
-    {
-        unsigned char tmp[64];
-        memcpy( tmp, ssl->handshake->randbytes, 64 );
-        memcpy( ssl->handshake->randbytes, tmp + 32, 32 );
-        memcpy( ssl->handshake->randbytes + 32, tmp, 32 );
-        mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
-    }
-
-    /* Populate transform structure */
-    ret = ssl_populate_transform( ssl->transform_negotiate,
-                                  ssl->session_negotiate->ciphersuite,
-                                  ssl->session_negotiate->master,
-#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-                                  ssl->session_negotiate->encrypt_then_mac,
-#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-                                  ssl->session_negotiate->trunc_hmac,
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-                                  ssl->session_negotiate->compression,
-#endif
-                                  ssl->handshake->tls_prf,
-                                  ssl->handshake->randbytes,
-                                  ssl->minor_ver,
-                                  ssl->conf->endpoint,
-                                  ssl );
-    if( ret != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_populate_transform", ret );
-        return( ret );
-    }
-
-    /* We no longer need Server/ClientHello.random values */
-    mbedtls_platform_zeroize( ssl->handshake->randbytes,
-                      sizeof( ssl->handshake->randbytes ) );
-
-    /* Allocate compression buffer */
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-    if( ssl->session_negotiate->compression == MBEDTLS_SSL_COMPRESS_DEFLATE &&
-        ssl->compress_buf == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "Allocating compression buffer" ) );
-        ssl->compress_buf = mbedtls_calloc( 1, MBEDTLS_SSL_COMPRESS_BUFFER_LEN );
-        if( ssl->compress_buf == NULL )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed",
-                                        MBEDTLS_SSL_COMPRESS_BUFFER_LEN ) );
-            return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-        }
-    }
-#endif
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= derive keys" ) );
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-void ssl_calc_verify_ssl( const mbedtls_ssl_context *ssl,
-                          unsigned char *hash,
-                          size_t *hlen )
-{
-    mbedtls_md5_context md5;
-    mbedtls_sha1_context sha1;
-    unsigned char pad_1[48];
-    unsigned char pad_2[48];
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify ssl" ) );
-
-    mbedtls_md5_init( &md5 );
-    mbedtls_sha1_init( &sha1 );
-
-    mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 );
-    mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 );
-
-    memset( pad_1, 0x36, 48 );
-    memset( pad_2, 0x5C, 48 );
-
-    mbedtls_md5_update_ret( &md5, ssl->session_negotiate->master, 48 );
-    mbedtls_md5_update_ret( &md5, pad_1, 48 );
-    mbedtls_md5_finish_ret( &md5, hash );
-
-    mbedtls_md5_starts_ret( &md5 );
-    mbedtls_md5_update_ret( &md5, ssl->session_negotiate->master, 48 );
-    mbedtls_md5_update_ret( &md5, pad_2, 48 );
-    mbedtls_md5_update_ret( &md5, hash,  16 );
-    mbedtls_md5_finish_ret( &md5, hash );
-
-    mbedtls_sha1_update_ret( &sha1, ssl->session_negotiate->master, 48 );
-    mbedtls_sha1_update_ret( &sha1, pad_1, 40 );
-    mbedtls_sha1_finish_ret( &sha1, hash + 16 );
-
-    mbedtls_sha1_starts_ret( &sha1 );
-    mbedtls_sha1_update_ret( &sha1, ssl->session_negotiate->master, 48 );
-    mbedtls_sha1_update_ret( &sha1, pad_2, 40 );
-    mbedtls_sha1_update_ret( &sha1, hash + 16, 20 );
-    mbedtls_sha1_finish_ret( &sha1, hash + 16 );
-
-    *hlen = 36;
-
-    MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, *hlen );
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
-
-    mbedtls_md5_free(  &md5  );
-    mbedtls_sha1_free( &sha1 );
-
-    return;
-}
-#endif /* MBEDTLS_SSL_PROTO_SSL3 */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
-void ssl_calc_verify_tls( const mbedtls_ssl_context *ssl,
-                          unsigned char *hash,
-                          size_t *hlen )
-{
-    mbedtls_md5_context md5;
-    mbedtls_sha1_context sha1;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify tls" ) );
-
-    mbedtls_md5_init( &md5 );
-    mbedtls_sha1_init( &sha1 );
-
-    mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 );
-    mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 );
-
-    mbedtls_md5_finish_ret( &md5,  hash );
-    mbedtls_sha1_finish_ret( &sha1, hash + 16 );
-
-    *hlen = 36;
-
-    MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, *hlen );
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
-
-    mbedtls_md5_free(  &md5  );
-    mbedtls_sha1_free( &sha1 );
-
-    return;
-}
-#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#if defined(MBEDTLS_SHA256_C)
-void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *ssl,
-                                 unsigned char *hash,
-                                 size_t *hlen )
-{
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    size_t hash_size;
-    psa_status_t status;
-    psa_hash_operation_t sha256_psa = psa_hash_operation_init();
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> PSA calc verify sha256" ) );
-    status = psa_hash_clone( &ssl->handshake->fin_sha256_psa, &sha256_psa );
-    if( status != PSA_SUCCESS )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) );
-        return;
-    }
-
-    status = psa_hash_finish( &sha256_psa, hash, 32, &hash_size );
-    if( status != PSA_SUCCESS )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) );
-        return;
-    }
-
-    *hlen = 32;
-    MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated verify result", hash, *hlen );
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= PSA calc verify" ) );
-#else
-    mbedtls_sha256_context sha256;
-
-    mbedtls_sha256_init( &sha256 );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha256" ) );
-
-    mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 );
-    mbedtls_sha256_finish_ret( &sha256, hash );
-
-    *hlen = 32;
-
-    MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, *hlen );
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
-
-    mbedtls_sha256_free( &sha256 );
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-    return;
-}
-#endif /* MBEDTLS_SHA256_C */
-
-#if defined(MBEDTLS_SHA512_C)
-void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *ssl,
-                                 unsigned char *hash,
-                                 size_t *hlen )
-{
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    size_t hash_size;
-    psa_status_t status;
-    psa_hash_operation_t sha384_psa = psa_hash_operation_init();
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> PSA calc verify sha384" ) );
-    status = psa_hash_clone( &ssl->handshake->fin_sha384_psa, &sha384_psa );
-    if( status != PSA_SUCCESS )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) );
-        return;
-    }
-
-    status = psa_hash_finish( &sha384_psa, hash, 48, &hash_size );
-    if( status != PSA_SUCCESS )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) );
-        return;
-    }
-
-    *hlen = 48;
-    MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated verify result", hash, *hlen );
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= PSA calc verify" ) );
-#else
-    mbedtls_sha512_context sha512;
-
-    mbedtls_sha512_init( &sha512 );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha384" ) );
-
-    mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 );
-    mbedtls_sha512_finish_ret( &sha512, hash );
-
-    *hlen = 48;
-
-    MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, *hlen );
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
-
-    mbedtls_sha512_free( &sha512 );
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-    return;
-}
-#endif /* MBEDTLS_SHA512_C */
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex )
-{
-    unsigned char *p = ssl->handshake->premaster;
-    unsigned char *end = p + sizeof( ssl->handshake->premaster );
-    const unsigned char *psk = NULL;
-    size_t psk_len = 0;
-
-    if( mbedtls_ssl_get_psk( ssl, &psk, &psk_len )
-            == MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED )
-    {
-        /*
-         * This should never happen because the existence of a PSK is always
-         * checked before calling this function
-         */
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    /*
-     * PMS = struct {
-     *     opaque other_secret<0..2^16-1>;
-     *     opaque psk<0..2^16-1>;
-     * };
-     * with "other_secret" depending on the particular key exchange
-     */
-#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
-    if( key_ex == MBEDTLS_KEY_EXCHANGE_PSK )
-    {
-        if( end - p < 2 )
-            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-        *(p++) = (unsigned char)( psk_len >> 8 );
-        *(p++) = (unsigned char)( psk_len      );
-
-        if( end < p || (size_t)( end - p ) < psk_len )
-            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-        memset( p, 0, psk_len );
-        p += psk_len;
-    }
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
-    if( key_ex == MBEDTLS_KEY_EXCHANGE_RSA_PSK )
-    {
-        /*
-         * other_secret already set by the ClientKeyExchange message,
-         * and is 48 bytes long
-         */
-        if( end - p < 2 )
-            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-        *p++ = 0;
-        *p++ = 48;
-        p += 48;
-    }
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
-    if( key_ex == MBEDTLS_KEY_EXCHANGE_DHE_PSK )
-    {
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-        size_t len;
-
-        /* Write length only when we know the actual value */
-        if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx,
-                                      p + 2, end - ( p + 2 ), &len,
-                                      ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret );
-            return( ret );
-        }
-        *(p++) = (unsigned char)( len >> 8 );
-        *(p++) = (unsigned char)( len );
-        p += len;
-
-        MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K  );
-    }
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
-    if( key_ex == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
-    {
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-        size_t zlen;
-
-        if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &zlen,
-                                       p + 2, end - ( p + 2 ),
-                                       ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret );
-            return( ret );
-        }
-
-        *(p++) = (unsigned char)( zlen >> 8 );
-        *(p++) = (unsigned char)( zlen      );
-        p += zlen;
-
-        MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
-                                MBEDTLS_DEBUG_ECDH_Z );
-    }
-    else
-#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    /* opaque psk<0..2^16-1>; */
-    if( end - p < 2 )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    *(p++) = (unsigned char)( psk_len >> 8 );
-    *(p++) = (unsigned char)( psk_len      );
-
-    if( end < p || (size_t)( end - p ) < psk_len )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    memcpy( p, psk, psk_len );
-    p += psk_len;
-
-    ssl->handshake->pmslen = p - ssl->handshake->premaster;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-
-#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION)
-static int ssl_write_hello_request( mbedtls_ssl_context *ssl );
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-int mbedtls_ssl_resend_hello_request( mbedtls_ssl_context *ssl )
-{
-    /* If renegotiation is not enforced, retransmit until we would reach max
-     * timeout if we were using the usual handshake doubling scheme */
-    if( ssl->conf->renego_max_records < 0 )
-    {
-        uint32_t ratio = ssl->conf->hs_timeout_max / ssl->conf->hs_timeout_min + 1;
-        unsigned char doublings = 1;
-
-        while( ratio != 0 )
-        {
-            ++doublings;
-            ratio >>= 1;
-        }
-
-        if( ++ssl->renego_records_seen > doublings )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "no longer retransmitting hello request" ) );
-            return( 0 );
-        }
-    }
-
-    return( ssl_write_hello_request( ssl ) );
-}
-#endif
-#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-static void ssl_clear_peer_cert( mbedtls_ssl_session *session )
-{
-#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    if( session->peer_cert != NULL )
-    {
-        mbedtls_x509_crt_free( session->peer_cert );
-        mbedtls_free( session->peer_cert );
-        session->peer_cert = NULL;
-    }
-#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-    if( session->peer_cert_digest != NULL )
-    {
-        /* Zeroization is not necessary. */
-        mbedtls_free( session->peer_cert_digest );
-        session->peer_cert_digest      = NULL;
-        session->peer_cert_digest_type = MBEDTLS_MD_NONE;
-        session->peer_cert_digest_len  = 0;
-    }
-#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-}
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-/*
- * Handshake functions
- */
-#if !defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-/* No certificate support -> dummy functions */
-int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl )
-{
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
-        ssl->handshake->ciphersuite_info;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate" ) );
-
-    if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) );
-        ssl->state++;
-        return( 0 );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-    return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-}
-
-int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
-{
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
-        ssl->handshake->ciphersuite_info;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) );
-
-    if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
-        ssl->state++;
-        return( 0 );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-    return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-}
-
-#else /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
-/* Some certificate support -> implement write and parse */
-
-int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
-    size_t i, n;
-    const mbedtls_x509_crt *crt;
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
-        ssl->handshake->ciphersuite_info;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate" ) );
-
-    if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) );
-        ssl->state++;
-        return( 0 );
-    }
-
-#if defined(MBEDTLS_SSL_CLI_C)
-    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
-    {
-        if( ssl->client_auth == 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) );
-            ssl->state++;
-            return( 0 );
-        }
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-        /*
-         * If using SSLv3 and got no cert, send an Alert message
-         * (otherwise an empty Certificate message will be sent).
-         */
-        if( mbedtls_ssl_own_cert( ssl )  == NULL &&
-            ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
-        {
-            ssl->out_msglen  = 2;
-            ssl->out_msgtype = MBEDTLS_SSL_MSG_ALERT;
-            ssl->out_msg[0]  = MBEDTLS_SSL_ALERT_LEVEL_WARNING;
-            ssl->out_msg[1]  = MBEDTLS_SSL_ALERT_MSG_NO_CERT;
-
-            MBEDTLS_SSL_DEBUG_MSG( 2, ( "got no certificate to send" ) );
-            goto write_msg;
-        }
-#endif /* MBEDTLS_SSL_PROTO_SSL3 */
-    }
-#endif /* MBEDTLS_SSL_CLI_C */
-#if defined(MBEDTLS_SSL_SRV_C)
-    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
-    {
-        if( mbedtls_ssl_own_cert( ssl ) == NULL )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no certificate to send" ) );
-            return( MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED );
-        }
-    }
-#endif
-
-    MBEDTLS_SSL_DEBUG_CRT( 3, "own certificate", mbedtls_ssl_own_cert( ssl ) );
-
-    /*
-     *     0  .  0    handshake type
-     *     1  .  3    handshake length
-     *     4  .  6    length of all certs
-     *     7  .  9    length of cert. 1
-     *    10  . n-1   peer certificate
-     *     n  . n+2   length of cert. 2
-     *    n+3 . ...   upper level cert, etc.
-     */
-    i = 7;
-    crt = mbedtls_ssl_own_cert( ssl );
-
-    while( crt != NULL )
-    {
-        n = crt->raw.len;
-        if( n > MBEDTLS_SSL_OUT_CONTENT_LEN - 3 - i )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "certificate too large, %d > %d",
-                           i + 3 + n, MBEDTLS_SSL_OUT_CONTENT_LEN ) );
-            return( MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE );
-        }
-
-        ssl->out_msg[i    ] = (unsigned char)( n >> 16 );
-        ssl->out_msg[i + 1] = (unsigned char)( n >>  8 );
-        ssl->out_msg[i + 2] = (unsigned char)( n       );
-
-        i += 3; memcpy( ssl->out_msg + i, crt->raw.p, n );
-        i += n; crt = crt->next;
-    }
-
-    ssl->out_msg[4]  = (unsigned char)( ( i - 7 ) >> 16 );
-    ssl->out_msg[5]  = (unsigned char)( ( i - 7 ) >>  8 );
-    ssl->out_msg[6]  = (unsigned char)( ( i - 7 )       );
-
-    ssl->out_msglen  = i;
-    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
-    ssl->out_msg[0]  = MBEDTLS_SSL_HS_CERTIFICATE;
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_CLI_C)
-write_msg:
-#endif
-
-    ssl->state++;
-
-    if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
-        return( ret );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate" ) );
-
-    return( ret );
-}
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C)
-
-#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl,
-                                         unsigned char *crt_buf,
-                                         size_t crt_buf_len )
-{
-    mbedtls_x509_crt const * const peer_crt = ssl->session->peer_cert;
-
-    if( peer_crt == NULL )
-        return( -1 );
-
-    if( peer_crt->raw.len != crt_buf_len )
-        return( -1 );
-
-    return( memcmp( peer_crt->raw.p, crt_buf, peer_crt->raw.len ) );
-}
-#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl,
-                                         unsigned char *crt_buf,
-                                         size_t crt_buf_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char const * const peer_cert_digest =
-        ssl->session->peer_cert_digest;
-    mbedtls_md_type_t const peer_cert_digest_type =
-        ssl->session->peer_cert_digest_type;
-    mbedtls_md_info_t const * const digest_info =
-        mbedtls_md_info_from_type( peer_cert_digest_type );
-    unsigned char tmp_digest[MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN];
-    size_t digest_len;
-
-    if( peer_cert_digest == NULL || digest_info == NULL )
-        return( -1 );
-
-    digest_len = mbedtls_md_get_size( digest_info );
-    if( digest_len > MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN )
-        return( -1 );
-
-    ret = mbedtls_md( digest_info, crt_buf, crt_buf_len, tmp_digest );
-    if( ret != 0 )
-        return( -1 );
-
-    return( memcmp( tmp_digest, peer_cert_digest, digest_len ) );
-}
-#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-#endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */
-
-/*
- * Once the certificate message is read, parse it into a cert chain and
- * perform basic checks, but leave actual verification to the caller
- */
-static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl,
-                                        mbedtls_x509_crt *chain )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-#if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C)
-    int crt_cnt=0;
-#endif
-    size_t i, n;
-    uint8_t alert;
-
-    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
-        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
-    }
-
-    if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE ||
-        ssl->in_hslen < mbedtls_ssl_hs_hdr_len( ssl ) + 3 + 3 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
-    }
-
-    i = mbedtls_ssl_hs_hdr_len( ssl );
-
-    /*
-     * Same message structure as in mbedtls_ssl_write_certificate()
-     */
-    n = ( ssl->in_msg[i+1] << 8 ) | ssl->in_msg[i+2];
-
-    if( ssl->in_msg[i] != 0 ||
-        ssl->in_hslen != n + 3 + mbedtls_ssl_hs_hdr_len( ssl ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
-    }
-
-    /* Make &ssl->in_msg[i] point to the beginning of the CRT chain. */
-    i += 3;
-
-    /* Iterate through and parse the CRTs in the provided chain. */
-    while( i < ssl->in_hslen )
-    {
-        /* Check that there's room for the next CRT's length fields. */
-        if ( i + 3 > ssl->in_hslen ) {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) );
-            mbedtls_ssl_send_alert_message( ssl,
-                              MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                              MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
-        }
-        /* In theory, the CRT can be up to 2**24 Bytes, but we don't support
-         * anything beyond 2**16 ~ 64K. */
-        if( ssl->in_msg[i] != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) );
-            mbedtls_ssl_send_alert_message( ssl,
-                            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                            MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
-        }
-
-        /* Read length of the next CRT in the chain. */
-        n = ( (unsigned int) ssl->in_msg[i + 1] << 8 )
-            | (unsigned int) ssl->in_msg[i + 2];
-        i += 3;
-
-        if( n < 128 || i + n > ssl->in_hslen )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) );
-            mbedtls_ssl_send_alert_message( ssl,
-                                 MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                 MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-            return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
-        }
-
-        /* Check if we're handling the first CRT in the chain. */
-#if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C)
-        if( crt_cnt++ == 0 &&
-            ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT &&
-            ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
-        {
-            /* During client-side renegotiation, check that the server's
-             * end-CRTs hasn't changed compared to the initial handshake,
-             * mitigating the triple handshake attack. On success, reuse
-             * the original end-CRT instead of parsing it again. */
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "Check that peer CRT hasn't changed during renegotiation" ) );
-            if( ssl_check_peer_crt_unchanged( ssl,
-                                              &ssl->in_msg[i],
-                                              n ) != 0 )
-            {
-                MBEDTLS_SSL_DEBUG_MSG( 1, ( "new server cert during renegotiation" ) );
-                mbedtls_ssl_send_alert_message( ssl,
-                                                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                                MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED );
-                return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
-            }
-
-            /* Now we can safely free the original chain. */
-            ssl_clear_peer_cert( ssl->session );
-        }
-#endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */
-
-        /* Parse the next certificate in the chain. */
-#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-        ret = mbedtls_x509_crt_parse_der( chain, ssl->in_msg + i, n );
-#else
-        /* If we don't need to store the CRT chain permanently, parse
-         * it in-place from the input buffer instead of making a copy. */
-        ret = mbedtls_x509_crt_parse_der_nocopy( chain, ssl->in_msg + i, n );
-#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-        switch( ret )
-        {
-            case 0: /*ok*/
-            case MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + MBEDTLS_ERR_OID_NOT_FOUND:
-                /* Ignore certificate with an unknown algorithm: maybe a
-                   prior certificate was already trusted. */
-                break;
-
-            case MBEDTLS_ERR_X509_ALLOC_FAILED:
-                alert = MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR;
-                goto crt_parse_der_failed;
-
-            case MBEDTLS_ERR_X509_UNKNOWN_VERSION:
-                alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT;
-                goto crt_parse_der_failed;
-
-            default:
-                alert = MBEDTLS_SSL_ALERT_MSG_BAD_CERT;
-            crt_parse_der_failed:
-                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, alert );
-                MBEDTLS_SSL_DEBUG_RET( 1, " mbedtls_x509_crt_parse_der", ret );
-                return( ret );
-        }
-
-        i += n;
-    }
-
-    MBEDTLS_SSL_DEBUG_CRT( 3, "peer certificate", chain );
-    return( 0 );
-}
-
-#if defined(MBEDTLS_SSL_SRV_C)
-static int ssl_srv_check_client_no_crt_notification( mbedtls_ssl_context *ssl )
-{
-    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
-        return( -1 );
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-    /*
-     * Check if the client sent an empty certificate
-     */
-    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
-    {
-        if( ssl->in_msglen  == 2                        &&
-            ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT            &&
-            ssl->in_msg[0]  == MBEDTLS_SSL_ALERT_LEVEL_WARNING  &&
-            ssl->in_msg[1]  == MBEDTLS_SSL_ALERT_MSG_NO_CERT )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "SSLv3 client has no certificate" ) );
-            return( 0 );
-        }
-
-        return( -1 );
-    }
-#endif /* MBEDTLS_SSL_PROTO_SSL3 */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_2)
-    if( ssl->in_hslen   == 3 + mbedtls_ssl_hs_hdr_len( ssl ) &&
-        ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE    &&
-        ssl->in_msg[0]  == MBEDTLS_SSL_HS_CERTIFICATE   &&
-        memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), "\0\0\0", 3 ) == 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLSv1 client has no certificate" ) );
-        return( 0 );
-    }
-
-    return( -1 );
-#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
-          MBEDTLS_SSL_PROTO_TLS1_2 */
-}
-#endif /* MBEDTLS_SSL_SRV_C */
-
-/* Check if a certificate message is expected.
- * Return either
- * - SSL_CERTIFICATE_EXPECTED, or
- * - SSL_CERTIFICATE_SKIP
- * indicating whether a Certificate message is expected or not.
- */
-#define SSL_CERTIFICATE_EXPECTED 0
-#define SSL_CERTIFICATE_SKIP     1
-static int ssl_parse_certificate_coordinate( mbedtls_ssl_context *ssl,
-                                             int authmode )
-{
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
-        ssl->handshake->ciphersuite_info;
-
-    if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) )
-        return( SSL_CERTIFICATE_SKIP );
-
-#if defined(MBEDTLS_SSL_SRV_C)
-    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
-    {
-        if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK )
-            return( SSL_CERTIFICATE_SKIP );
-
-        if( authmode == MBEDTLS_SSL_VERIFY_NONE )
-        {
-            ssl->session_negotiate->verify_result =
-                MBEDTLS_X509_BADCERT_SKIP_VERIFY;
-            return( SSL_CERTIFICATE_SKIP );
-        }
-    }
-#else
-    ((void) authmode);
-#endif /* MBEDTLS_SSL_SRV_C */
-
-    return( SSL_CERTIFICATE_EXPECTED );
-}
-
-static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl,
-                                         int authmode,
-                                         mbedtls_x509_crt *chain,
-                                         void *rs_ctx )
-{
-    int ret = 0;
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
-        ssl->handshake->ciphersuite_info;
-    int have_ca_chain = 0;
-
-    int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *);
-    void *p_vrfy;
-
-    if( authmode == MBEDTLS_SSL_VERIFY_NONE )
-        return( 0 );
-
-    if( ssl->f_vrfy != NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use context-specific verification callback" ) );
-        f_vrfy = ssl->f_vrfy;
-        p_vrfy = ssl->p_vrfy;
-    }
-    else
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use configuration-specific verification callback" ) );
-        f_vrfy = ssl->conf->f_vrfy;
-        p_vrfy = ssl->conf->p_vrfy;
-    }
-
-    /*
-     * Main check: verify certificate
-     */
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-    if( ssl->conf->f_ca_cb != NULL )
-    {
-        ((void) rs_ctx);
-        have_ca_chain = 1;
-
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "use CA callback for X.509 CRT verification" ) );
-        ret = mbedtls_x509_crt_verify_with_ca_cb(
-            chain,
-            ssl->conf->f_ca_cb,
-            ssl->conf->p_ca_cb,
-            ssl->conf->cert_profile,
-            ssl->hostname,
-            &ssl->session_negotiate->verify_result,
-            f_vrfy, p_vrfy );
-    }
-    else
-#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
-    {
-        mbedtls_x509_crt *ca_chain;
-        mbedtls_x509_crl *ca_crl;
-
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-        if( ssl->handshake->sni_ca_chain != NULL )
-        {
-            ca_chain = ssl->handshake->sni_ca_chain;
-            ca_crl   = ssl->handshake->sni_ca_crl;
-        }
-        else
-#endif
-        {
-            ca_chain = ssl->conf->ca_chain;
-            ca_crl   = ssl->conf->ca_crl;
-        }
-
-        if( ca_chain != NULL )
-            have_ca_chain = 1;
-
-        ret = mbedtls_x509_crt_verify_restartable(
-            chain,
-            ca_chain, ca_crl,
-            ssl->conf->cert_profile,
-            ssl->hostname,
-            &ssl->session_negotiate->verify_result,
-            f_vrfy, p_vrfy, rs_ctx );
-    }
-
-    if( ret != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "x509_verify_cert", ret );
-    }
-
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-    if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
-        return( MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS );
-#endif
-
-    /*
-     * Secondary checks: always done, but change 'ret' only if it was 0
-     */
-
-#if defined(MBEDTLS_ECP_C)
-    {
-        const mbedtls_pk_context *pk = &chain->pk;
-
-        /* If certificate uses an EC key, make sure the curve is OK */
-        if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECKEY ) &&
-            mbedtls_ssl_check_curve( ssl, mbedtls_pk_ec( *pk )->grp.id ) != 0 )
-        {
-            ssl->session_negotiate->verify_result |= MBEDTLS_X509_BADCERT_BAD_KEY;
-
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (EC key curve)" ) );
-            if( ret == 0 )
-                ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE;
-        }
-    }
-#endif /* MBEDTLS_ECP_C */
-
-    if( mbedtls_ssl_check_cert_usage( chain,
-                                      ciphersuite_info,
-                                      ! ssl->conf->endpoint,
-                                      &ssl->session_negotiate->verify_result ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (usage extensions)" ) );
-        if( ret == 0 )
-            ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE;
-    }
-
-    /* mbedtls_x509_crt_verify_with_profile is supposed to report a
-     * verification failure through MBEDTLS_ERR_X509_CERT_VERIFY_FAILED,
-     * with details encoded in the verification flags. All other kinds
-     * of error codes, including those from the user provided f_vrfy
-     * functions, are treated as fatal and lead to a failure of
-     * ssl_parse_certificate even if verification was optional. */
-    if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL &&
-        ( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ||
-          ret == MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ) )
-    {
-        ret = 0;
-    }
-
-    if( have_ca_chain == 0 && authmode == MBEDTLS_SSL_VERIFY_REQUIRED )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no CA chain" ) );
-        ret = MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED;
-    }
-
-    if( ret != 0 )
-    {
-        uint8_t alert;
-
-        /* The certificate may have been rejected for several reasons.
-           Pick one and send the corresponding alert. Which alert to send
-           may be a subject of debate in some cases. */
-        if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_OTHER )
-            alert = MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED;
-        else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_CN_MISMATCH )
-            alert = MBEDTLS_SSL_ALERT_MSG_BAD_CERT;
-        else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_KEY_USAGE )
-            alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT;
-        else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXT_KEY_USAGE )
-            alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT;
-        else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NS_CERT_TYPE )
-            alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT;
-        else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_PK )
-            alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT;
-        else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_KEY )
-            alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT;
-        else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXPIRED )
-            alert = MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED;
-        else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_REVOKED )
-            alert = MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED;
-        else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NOT_TRUSTED )
-            alert = MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA;
-        else
-            alert = MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN;
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        alert );
-    }
-
-#if defined(MBEDTLS_DEBUG_C)
-    if( ssl->session_negotiate->verify_result != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "! Certificate verification flags %x",
-                                    ssl->session_negotiate->verify_result ) );
-    }
-    else
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "Certificate verification flags clear" ) );
-    }
-#endif /* MBEDTLS_DEBUG_C */
-
-    return( ret );
-}
-
-#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-static int ssl_remember_peer_crt_digest( mbedtls_ssl_context *ssl,
-                                         unsigned char *start, size_t len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    /* Remember digest of the peer's end-CRT. */
-    ssl->session_negotiate->peer_cert_digest =
-        mbedtls_calloc( 1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN );
-    if( ssl->session_negotiate->peer_cert_digest == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed",
-                                    MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN ) );
-        mbedtls_ssl_send_alert_message( ssl,
-                                        MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
-
-        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-    }
-
-    ret = mbedtls_md( mbedtls_md_info_from_type(
-                          MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE ),
-                      start, len,
-                      ssl->session_negotiate->peer_cert_digest );
-
-    ssl->session_negotiate->peer_cert_digest_type =
-        MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE;
-    ssl->session_negotiate->peer_cert_digest_len =
-        MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN;
-
-    return( ret );
-}
-
-static int ssl_remember_peer_pubkey( mbedtls_ssl_context *ssl,
-                                     unsigned char *start, size_t len )
-{
-    unsigned char *end = start + len;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    /* Make a copy of the peer's raw public key. */
-    mbedtls_pk_init( &ssl->handshake->peer_pubkey );
-    ret = mbedtls_pk_parse_subpubkey( &start, end,
-                                      &ssl->handshake->peer_pubkey );
-    if( ret != 0 )
-    {
-        /* We should have parsed the public key before. */
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    return( 0 );
-}
-#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-
-int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
-{
-    int ret = 0;
-    int crt_expected;
-#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-    const int authmode = ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET
-                       ? ssl->handshake->sni_authmode
-                       : ssl->conf->authmode;
-#else
-    const int authmode = ssl->conf->authmode;
-#endif
-    void *rs_ctx = NULL;
-    mbedtls_x509_crt *chain = NULL;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) );
-
-    crt_expected = ssl_parse_certificate_coordinate( ssl, authmode );
-    if( crt_expected == SSL_CERTIFICATE_SKIP )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
-        goto exit;
-    }
-
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-    if( ssl->handshake->ecrs_enabled &&
-        ssl->handshake->ecrs_state == ssl_ecrs_crt_verify )
-    {
-        chain = ssl->handshake->ecrs_peer_cert;
-        ssl->handshake->ecrs_peer_cert = NULL;
-        goto crt_verify;
-    }
-#endif
-
-    if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
-    {
-        /* mbedtls_ssl_read_record may have sent an alert already. We
-           let it decide whether to alert. */
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
-        goto exit;
-    }
-
-#if defined(MBEDTLS_SSL_SRV_C)
-    if( ssl_srv_check_client_no_crt_notification( ssl ) == 0 )
-    {
-        ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING;
-
-        if( authmode != MBEDTLS_SSL_VERIFY_OPTIONAL )
-            ret = MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE;
-
-        goto exit;
-    }
-#endif /* MBEDTLS_SSL_SRV_C */
-
-    /* Clear existing peer CRT structure in case we tried to
-     * reuse a session but it failed, and allocate a new one. */
-    ssl_clear_peer_cert( ssl->session_negotiate );
-
-    chain = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
-    if( chain == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed",
-                                    sizeof( mbedtls_x509_crt ) ) );
-        mbedtls_ssl_send_alert_message( ssl,
-                                        MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
-
-        ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
-        goto exit;
-    }
-    mbedtls_x509_crt_init( chain );
-
-    ret = ssl_parse_certificate_chain( ssl, chain );
-    if( ret != 0 )
-        goto exit;
-
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-    if( ssl->handshake->ecrs_enabled)
-        ssl->handshake->ecrs_state = ssl_ecrs_crt_verify;
-
-crt_verify:
-    if( ssl->handshake->ecrs_enabled)
-        rs_ctx = &ssl->handshake->ecrs_ctx;
-#endif
-
-    ret = ssl_parse_certificate_verify( ssl, authmode,
-                                        chain, rs_ctx );
-    if( ret != 0 )
-        goto exit;
-
-#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    {
-        unsigned char *crt_start, *pk_start;
-        size_t crt_len, pk_len;
-
-        /* We parse the CRT chain without copying, so
-         * these pointers point into the input buffer,
-         * and are hence still valid after freeing the
-         * CRT chain. */
-
-        crt_start = chain->raw.p;
-        crt_len   = chain->raw.len;
-
-        pk_start = chain->pk_raw.p;
-        pk_len   = chain->pk_raw.len;
-
-        /* Free the CRT structures before computing
-         * digest and copying the peer's public key. */
-        mbedtls_x509_crt_free( chain );
-        mbedtls_free( chain );
-        chain = NULL;
-
-        ret = ssl_remember_peer_crt_digest( ssl, crt_start, crt_len );
-        if( ret != 0 )
-            goto exit;
-
-        ret = ssl_remember_peer_pubkey( ssl, pk_start, pk_len );
-        if( ret != 0 )
-            goto exit;
-    }
-#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-    /* Pass ownership to session structure. */
-    ssl->session_negotiate->peer_cert = chain;
-    chain = NULL;
-#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate" ) );
-
-exit:
-
-    if( ret == 0 )
-        ssl->state++;
-
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-    if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
-    {
-        ssl->handshake->ecrs_peer_cert = chain;
-        chain = NULL;
-    }
-#endif
-
-    if( chain != NULL )
-    {
-        mbedtls_x509_crt_free( chain );
-        mbedtls_free( chain );
-    }
-
-    return( ret );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
-
-void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl,
-                            const mbedtls_ssl_ciphersuite_t *ciphersuite_info )
-{
-    ((void) ciphersuite_info);
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_1)
-    if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 )
-        ssl->handshake->update_checksum = ssl_update_checksum_md5sha1;
-    else
-#endif
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#if defined(MBEDTLS_SHA512_C)
-    if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
-        ssl->handshake->update_checksum = ssl_update_checksum_sha384;
-    else
-#endif
-#if defined(MBEDTLS_SHA256_C)
-    if( ciphersuite_info->mac != MBEDTLS_MD_SHA384 )
-        ssl->handshake->update_checksum = ssl_update_checksum_sha256;
-    else
-#endif
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return;
-    }
-}
-
-void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl )
-{
-#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_1)
-     mbedtls_md5_starts_ret( &ssl->handshake->fin_md5  );
-    mbedtls_sha1_starts_ret( &ssl->handshake->fin_sha1 );
-#endif
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#if defined(MBEDTLS_SHA256_C)
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_hash_abort( &ssl->handshake->fin_sha256_psa );
-    psa_hash_setup( &ssl->handshake->fin_sha256_psa, PSA_ALG_SHA_256 );
-#else
-    mbedtls_sha256_starts_ret( &ssl->handshake->fin_sha256, 0 );
-#endif
-#endif
-#if defined(MBEDTLS_SHA512_C)
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_hash_abort( &ssl->handshake->fin_sha384_psa );
-    psa_hash_setup( &ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384 );
-#else
-    mbedtls_sha512_starts_ret( &ssl->handshake->fin_sha512, 1 );
-#endif
-#endif
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-}
-
-static void ssl_update_checksum_start( mbedtls_ssl_context *ssl,
-                                       const unsigned char *buf, size_t len )
-{
-#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_1)
-     mbedtls_md5_update_ret( &ssl->handshake->fin_md5 , buf, len );
-    mbedtls_sha1_update_ret( &ssl->handshake->fin_sha1, buf, len );
-#endif
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#if defined(MBEDTLS_SHA256_C)
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_hash_update( &ssl->handshake->fin_sha256_psa, buf, len );
-#else
-    mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len );
-#endif
-#endif
-#if defined(MBEDTLS_SHA512_C)
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len );
-#else
-    mbedtls_sha512_update_ret( &ssl->handshake->fin_sha512, buf, len );
-#endif
-#endif
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-}
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_1)
-static void ssl_update_checksum_md5sha1( mbedtls_ssl_context *ssl,
-                                         const unsigned char *buf, size_t len )
-{
-     mbedtls_md5_update_ret( &ssl->handshake->fin_md5 , buf, len );
-    mbedtls_sha1_update_ret( &ssl->handshake->fin_sha1, buf, len );
-}
-#endif
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#if defined(MBEDTLS_SHA256_C)
-static void ssl_update_checksum_sha256( mbedtls_ssl_context *ssl,
-                                        const unsigned char *buf, size_t len )
-{
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_hash_update( &ssl->handshake->fin_sha256_psa, buf, len );
-#else
-    mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len );
-#endif
-}
-#endif
-
-#if defined(MBEDTLS_SHA512_C)
-static void ssl_update_checksum_sha384( mbedtls_ssl_context *ssl,
-                                        const unsigned char *buf, size_t len )
-{
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len );
-#else
-    mbedtls_sha512_update_ret( &ssl->handshake->fin_sha512, buf, len );
-#endif
-}
-#endif
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-static void ssl_calc_finished_ssl(
-                mbedtls_ssl_context *ssl, unsigned char *buf, int from )
-{
-    const char *sender;
-    mbedtls_md5_context  md5;
-    mbedtls_sha1_context sha1;
-
-    unsigned char padbuf[48];
-    unsigned char md5sum[16];
-    unsigned char sha1sum[20];
-
-    mbedtls_ssl_session *session = ssl->session_negotiate;
-    if( !session )
-        session = ssl->session;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc  finished ssl" ) );
-
-    mbedtls_md5_init( &md5 );
-    mbedtls_sha1_init( &sha1 );
-
-    mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 );
-    mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 );
-
-    /*
-     * SSLv3:
-     *   hash =
-     *      MD5( master + pad2 +
-     *          MD5( handshake + sender + master + pad1 ) )
-     *   + SHA1( master + pad2 +
-     *         SHA1( handshake + sender + master + pad1 ) )
-     */
-
-#if !defined(MBEDTLS_MD5_ALT)
-    MBEDTLS_SSL_DEBUG_BUF( 4, "finished  md5 state", (unsigned char *)
-                    md5.state, sizeof(  md5.state ) );
-#endif
-
-#if !defined(MBEDTLS_SHA1_ALT)
-    MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *)
-                   sha1.state, sizeof( sha1.state ) );
-#endif
-
-    sender = ( from == MBEDTLS_SSL_IS_CLIENT ) ? "CLNT"
-                                       : "SRVR";
-
-    memset( padbuf, 0x36, 48 );
-
-    mbedtls_md5_update_ret( &md5, (const unsigned char *) sender, 4 );
-    mbedtls_md5_update_ret( &md5, session->master, 48 );
-    mbedtls_md5_update_ret( &md5, padbuf, 48 );
-    mbedtls_md5_finish_ret( &md5, md5sum );
-
-    mbedtls_sha1_update_ret( &sha1, (const unsigned char *) sender, 4 );
-    mbedtls_sha1_update_ret( &sha1, session->master, 48 );
-    mbedtls_sha1_update_ret( &sha1, padbuf, 40 );
-    mbedtls_sha1_finish_ret( &sha1, sha1sum );
-
-    memset( padbuf, 0x5C, 48 );
-
-    mbedtls_md5_starts_ret( &md5 );
-    mbedtls_md5_update_ret( &md5, session->master, 48 );
-    mbedtls_md5_update_ret( &md5, padbuf, 48 );
-    mbedtls_md5_update_ret( &md5, md5sum, 16 );
-    mbedtls_md5_finish_ret( &md5, buf );
-
-    mbedtls_sha1_starts_ret( &sha1 );
-    mbedtls_sha1_update_ret( &sha1, session->master, 48 );
-    mbedtls_sha1_update_ret( &sha1, padbuf , 40 );
-    mbedtls_sha1_update_ret( &sha1, sha1sum, 20 );
-    mbedtls_sha1_finish_ret( &sha1, buf + 16 );
-
-    MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, 36 );
-
-    mbedtls_md5_free(  &md5  );
-    mbedtls_sha1_free( &sha1 );
-
-    mbedtls_platform_zeroize(  padbuf, sizeof(  padbuf ) );
-    mbedtls_platform_zeroize(  md5sum, sizeof(  md5sum ) );
-    mbedtls_platform_zeroize( sha1sum, sizeof( sha1sum ) );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc  finished" ) );
-}
-#endif /* MBEDTLS_SSL_PROTO_SSL3 */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
-static void ssl_calc_finished_tls(
-                mbedtls_ssl_context *ssl, unsigned char *buf, int from )
-{
-    int len = 12;
-    const char *sender;
-    mbedtls_md5_context  md5;
-    mbedtls_sha1_context sha1;
-    unsigned char padbuf[36];
-
-    mbedtls_ssl_session *session = ssl->session_negotiate;
-    if( !session )
-        session = ssl->session;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc  finished tls" ) );
-
-    mbedtls_md5_init( &md5 );
-    mbedtls_sha1_init( &sha1 );
-
-    mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 );
-    mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 );
-
-    /*
-     * TLSv1:
-     *   hash = PRF( master, finished_label,
-     *               MD5( handshake ) + SHA1( handshake ) )[0..11]
-     */
-
-#if !defined(MBEDTLS_MD5_ALT)
-    MBEDTLS_SSL_DEBUG_BUF( 4, "finished  md5 state", (unsigned char *)
-                    md5.state, sizeof(  md5.state ) );
-#endif
-
-#if !defined(MBEDTLS_SHA1_ALT)
-    MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *)
-                   sha1.state, sizeof( sha1.state ) );
-#endif
-
-    sender = ( from == MBEDTLS_SSL_IS_CLIENT )
-             ? "client finished"
-             : "server finished";
-
-    mbedtls_md5_finish_ret(  &md5, padbuf );
-    mbedtls_sha1_finish_ret( &sha1, padbuf + 16 );
-
-    ssl->handshake->tls_prf( session->master, 48, sender,
-                             padbuf, 36, buf, len );
-
-    MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
-
-    mbedtls_md5_free(  &md5  );
-    mbedtls_sha1_free( &sha1 );
-
-    mbedtls_platform_zeroize(  padbuf, sizeof(  padbuf ) );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc  finished" ) );
-}
-#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#if defined(MBEDTLS_SHA256_C)
-static void ssl_calc_finished_tls_sha256(
-                mbedtls_ssl_context *ssl, unsigned char *buf, int from )
-{
-    int len = 12;
-    const char *sender;
-    unsigned char padbuf[32];
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    size_t hash_size;
-    psa_hash_operation_t sha256_psa = PSA_HASH_OPERATION_INIT;
-    psa_status_t status;
-#else
-    mbedtls_sha256_context sha256;
-#endif
-
-    mbedtls_ssl_session *session = ssl->session_negotiate;
-    if( !session )
-        session = ssl->session;
-
-    sender = ( from == MBEDTLS_SSL_IS_CLIENT )
-             ? "client finished"
-             : "server finished";
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    sha256_psa = psa_hash_operation_init();
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc PSA finished tls sha256" ) );
-
-    status = psa_hash_clone( &ssl->handshake->fin_sha256_psa, &sha256_psa );
-    if( status != PSA_SUCCESS )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) );
-        return;
-    }
-
-    status = psa_hash_finish( &sha256_psa, padbuf, sizeof( padbuf ), &hash_size );
-    if( status != PSA_SUCCESS )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) );
-        return;
-    }
-    MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated padbuf", padbuf, 32 );
-#else
-
-    mbedtls_sha256_init( &sha256 );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc  finished tls sha256" ) );
-
-    mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 );
-
-    /*
-     * TLSv1.2:
-     *   hash = PRF( master, finished_label,
-     *               Hash( handshake ) )[0.11]
-     */
-
-#if !defined(MBEDTLS_SHA256_ALT)
-    MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha2 state", (unsigned char *)
-                   sha256.state, sizeof( sha256.state ) );
-#endif
-
-    mbedtls_sha256_finish_ret( &sha256, padbuf );
-    mbedtls_sha256_free( &sha256 );
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-    ssl->handshake->tls_prf( session->master, 48, sender,
-                             padbuf, 32, buf, len );
-
-    MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
-
-    mbedtls_platform_zeroize(  padbuf, sizeof(  padbuf ) );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc  finished" ) );
-}
-#endif /* MBEDTLS_SHA256_C */
-
-#if defined(MBEDTLS_SHA512_C)
-
-typedef int (*finish_sha384_t)(mbedtls_sha512_context*, unsigned char*);
-
-static void ssl_calc_finished_tls_sha384(
-                mbedtls_ssl_context *ssl, unsigned char *buf, int from )
-{
-    int len = 12;
-    const char *sender;
-    unsigned char padbuf[48];
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    size_t hash_size;
-    psa_hash_operation_t sha384_psa = PSA_HASH_OPERATION_INIT;
-    psa_status_t status;
-#else
-    mbedtls_sha512_context sha512;
-#endif
-
-    mbedtls_ssl_session *session = ssl->session_negotiate;
-    if( !session )
-        session = ssl->session;
-
-    sender = ( from == MBEDTLS_SSL_IS_CLIENT )
-                ? "client finished"
-                : "server finished";
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    sha384_psa = psa_hash_operation_init();
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc PSA finished tls sha384" ) );
-
-    status = psa_hash_clone( &ssl->handshake->fin_sha384_psa, &sha384_psa );
-    if( status != PSA_SUCCESS )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) );
-        return;
-    }
-
-    status = psa_hash_finish( &sha384_psa, padbuf, sizeof( padbuf ), &hash_size );
-    if( status != PSA_SUCCESS )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) );
-        return;
-    }
-    MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated padbuf", padbuf, 48 );
-#else
-    mbedtls_sha512_init( &sha512 );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc  finished tls sha384" ) );
-
-    mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 );
-
-    /*
-     * TLSv1.2:
-     *   hash = PRF( master, finished_label,
-     *               Hash( handshake ) )[0.11]
-     */
-
-#if !defined(MBEDTLS_SHA512_ALT)
-    MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha512 state", (unsigned char *)
-                   sha512.state, sizeof( sha512.state ) );
-#endif
-    /*
-     * For SHA-384, we can save 16 bytes by keeping padbuf 48 bytes long.
-     * However, to avoid stringop-overflow warning in gcc, we have to cast
-     * mbedtls_sha512_finish_ret().
-     */
-    finish_sha384_t finish = (finish_sha384_t)mbedtls_sha512_finish_ret;
-    finish( &sha512, padbuf );
-
-    mbedtls_sha512_free( &sha512 );
-#endif
-
-    ssl->handshake->tls_prf( session->master, 48, sender,
-                             padbuf, 48, buf, len );
-
-    MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
-
-    mbedtls_platform_zeroize(  padbuf, sizeof( padbuf ) );
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc  finished" ) );
-}
-#endif /* MBEDTLS_SHA512_C */
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-
-void mbedtls_ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl )
-{
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "=> handshake wrapup: final free" ) );
-
-    /*
-     * Free our handshake params
-     */
-    mbedtls_ssl_handshake_free( ssl );
-    mbedtls_free( ssl->handshake );
-    ssl->handshake = NULL;
-
-    /*
-     * Free the previous transform and swith in the current one
-     */
-    if( ssl->transform )
-    {
-        mbedtls_ssl_transform_free( ssl->transform );
-        mbedtls_free( ssl->transform );
-    }
-    ssl->transform = ssl->transform_negotiate;
-    ssl->transform_negotiate = NULL;
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= handshake wrapup: final free" ) );
-}
-
-void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl )
-{
-    int resume = ssl->handshake->resume;
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "=> handshake wrapup" ) );
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
-    {
-        ssl->renego_status =  MBEDTLS_SSL_RENEGOTIATION_DONE;
-        ssl->renego_records_seen = 0;
-    }
-#endif
-
-    /*
-     * Free the previous session and switch in the current one
-     */
-    if( ssl->session )
-    {
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-        /* RFC 7366 3.1: keep the EtM state */
-        ssl->session_negotiate->encrypt_then_mac =
-                  ssl->session->encrypt_then_mac;
-#endif
-
-        mbedtls_ssl_session_free( ssl->session );
-        mbedtls_free( ssl->session );
-    }
-    ssl->session = ssl->session_negotiate;
-    ssl->session_negotiate = NULL;
-
-    /*
-     * Add cache entry
-     */
-    if( ssl->conf->f_set_cache != NULL &&
-        ssl->session->id_len != 0 &&
-        resume == 0 )
-    {
-        if( ssl->conf->f_set_cache( ssl->conf->p_cache, ssl->session ) != 0 )
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "cache did not store session" ) );
-    }
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-        ssl->handshake->flight != NULL )
-    {
-        /* Cancel handshake timer */
-        mbedtls_ssl_set_timer( ssl, 0 );
-
-        /* Keep last flight around in case we need to resend it:
-         * we need the handshake and transform structures for that */
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip freeing handshake and transform" ) );
-    }
-    else
-#endif
-        mbedtls_ssl_handshake_wrapup_free_hs_transform( ssl );
-
-    ssl->state++;
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= handshake wrapup" ) );
-}
-
-int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl )
-{
-    int ret, hash_len;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write finished" ) );
-
-    mbedtls_ssl_update_out_pointers( ssl, ssl->transform_negotiate );
-
-    ssl->handshake->calc_finished( ssl, ssl->out_msg + 4, ssl->conf->endpoint );
-
-    /*
-     * RFC 5246 7.4.9 (Page 63) says 12 is the default length and ciphersuites
-     * may define some other value. Currently (early 2016), no defined
-     * ciphersuite does this (and this is unlikely to change as activity has
-     * moved to TLS 1.3 now) so we can keep the hardcoded 12 here.
-     */
-    hash_len = ( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) ? 36 : 12;
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    ssl->verify_data_len = hash_len;
-    memcpy( ssl->own_verify_data, ssl->out_msg + 4, hash_len );
-#endif
-
-    ssl->out_msglen  = 4 + hash_len;
-    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
-    ssl->out_msg[0]  = MBEDTLS_SSL_HS_FINISHED;
-
-    /*
-     * In case of session resuming, invert the client and server
-     * ChangeCipherSpec messages order.
-     */
-    if( ssl->handshake->resume != 0 )
-    {
-#if defined(MBEDTLS_SSL_CLI_C)
-        if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
-            ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP;
-#endif
-#if defined(MBEDTLS_SSL_SRV_C)
-        if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
-            ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC;
-#endif
-    }
-    else
-        ssl->state++;
-
-    /*
-     * Switch to our negotiated transform and session parameters for outbound
-     * data.
-     */
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for outbound data" ) );
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        unsigned char i;
-
-        /* Remember current epoch settings for resending */
-        ssl->handshake->alt_transform_out = ssl->transform_out;
-        memcpy( ssl->handshake->alt_out_ctr, ssl->cur_out_ctr, 8 );
-
-        /* Set sequence_number to zero */
-        memset( ssl->cur_out_ctr + 2, 0, 6 );
-
-        /* Increment epoch */
-        for( i = 2; i > 0; i-- )
-            if( ++ssl->cur_out_ctr[i - 1] != 0 )
-                break;
-
-        /* The loop goes to its end iff the counter is wrapping */
-        if( i == 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS epoch would wrap" ) );
-            return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING );
-        }
-    }
-    else
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-    memset( ssl->cur_out_ctr, 0, 8 );
-
-    ssl->transform_out = ssl->transform_negotiate;
-    ssl->session_out = ssl->session_negotiate;
-
-#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
-    if( mbedtls_ssl_hw_record_activate != NULL )
-    {
-        if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret );
-            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-        }
-    }
-#endif
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        mbedtls_ssl_send_flight_completed( ssl );
-#endif
-
-    if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
-        return( ret );
-    }
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-        ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret );
-        return( ret );
-    }
-#endif
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write finished" ) );
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-#define SSL_MAX_HASH_LEN 36
-#else
-#define SSL_MAX_HASH_LEN 12
-#endif
-
-int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned int hash_len;
-    unsigned char buf[SSL_MAX_HASH_LEN];
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished" ) );
-
-    ssl->handshake->calc_finished( ssl, buf, ssl->conf->endpoint ^ 1 );
-
-    if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
-        return( ret );
-    }
-
-    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
-        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
-    }
-
-    /* There is currently no ciphersuite using another length with TLS 1.2 */
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
-        hash_len = 36;
-    else
-#endif
-        hash_len = 12;
-
-    if( ssl->in_msg[0] != MBEDTLS_SSL_HS_FINISHED ||
-        ssl->in_hslen  != mbedtls_ssl_hs_hdr_len( ssl ) + hash_len )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED );
-    }
-
-    if( mbedtls_ssl_safer_memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ),
-                      buf, hash_len ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
-        return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED );
-    }
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    ssl->verify_data_len = hash_len;
-    memcpy( ssl->peer_verify_data, buf, hash_len );
-#endif
-
-    if( ssl->handshake->resume != 0 )
-    {
-#if defined(MBEDTLS_SSL_CLI_C)
-        if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
-            ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC;
-#endif
-#if defined(MBEDTLS_SSL_SRV_C)
-        if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
-            ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP;
-#endif
-    }
-    else
-        ssl->state++;
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        mbedtls_ssl_recv_flight_completed( ssl );
-#endif
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse finished" ) );
-
-    return( 0 );
-}
-
-static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake )
-{
-    memset( handshake, 0, sizeof( mbedtls_ssl_handshake_params ) );
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_1)
-     mbedtls_md5_init(   &handshake->fin_md5  );
-    mbedtls_sha1_init(   &handshake->fin_sha1 );
-     mbedtls_md5_starts_ret( &handshake->fin_md5  );
-    mbedtls_sha1_starts_ret( &handshake->fin_sha1 );
-#endif
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#if defined(MBEDTLS_SHA256_C)
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    handshake->fin_sha256_psa = psa_hash_operation_init();
-    psa_hash_setup( &handshake->fin_sha256_psa, PSA_ALG_SHA_256 );
-#else
-    mbedtls_sha256_init(   &handshake->fin_sha256    );
-    mbedtls_sha256_starts_ret( &handshake->fin_sha256, 0 );
-#endif
-#endif
-#if defined(MBEDTLS_SHA512_C)
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    handshake->fin_sha384_psa = psa_hash_operation_init();
-    psa_hash_setup( &handshake->fin_sha384_psa, PSA_ALG_SHA_384 );
-#else
-    mbedtls_sha512_init(   &handshake->fin_sha512    );
-    mbedtls_sha512_starts_ret( &handshake->fin_sha512, 1 );
-#endif
-#endif
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-
-    handshake->update_checksum = ssl_update_checksum_start;
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
-    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-    mbedtls_ssl_sig_hash_set_init( &handshake->hash_algs );
-#endif
-
-#if defined(MBEDTLS_DHM_C)
-    mbedtls_dhm_init( &handshake->dhm_ctx );
-#endif
-#if defined(MBEDTLS_ECDH_C)
-    mbedtls_ecdh_init( &handshake->ecdh_ctx );
-#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-    mbedtls_ecjpake_init( &handshake->ecjpake_ctx );
-#if defined(MBEDTLS_SSL_CLI_C)
-    handshake->ecjpake_cache = NULL;
-    handshake->ecjpake_cache_len = 0;
-#endif
-#endif
-
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-    mbedtls_x509_crt_restart_init( &handshake->ecrs_ctx );
-#endif
-
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-    handshake->sni_authmode = MBEDTLS_SSL_VERIFY_UNSET;
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
-    !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    mbedtls_pk_init( &handshake->peer_pubkey );
-#endif
-}
-
-void mbedtls_ssl_transform_init( mbedtls_ssl_transform *transform )
-{
-    memset( transform, 0, sizeof(mbedtls_ssl_transform) );
-
-    mbedtls_cipher_init( &transform->cipher_ctx_enc );
-    mbedtls_cipher_init( &transform->cipher_ctx_dec );
-
-#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
-    mbedtls_md_init( &transform->md_ctx_enc );
-    mbedtls_md_init( &transform->md_ctx_dec );
-#endif
-}
-
-void mbedtls_ssl_session_init( mbedtls_ssl_session *session )
-{
-    memset( session, 0, sizeof(mbedtls_ssl_session) );
-}
-
-static int ssl_handshake_init( mbedtls_ssl_context *ssl )
-{
-    /* Clear old handshake information if present */
-    if( ssl->transform_negotiate )
-        mbedtls_ssl_transform_free( ssl->transform_negotiate );
-    if( ssl->session_negotiate )
-        mbedtls_ssl_session_free( ssl->session_negotiate );
-    if( ssl->handshake )
-        mbedtls_ssl_handshake_free( ssl );
-
-    /*
-     * Either the pointers are now NULL or cleared properly and can be freed.
-     * Now allocate missing structures.
-     */
-    if( ssl->transform_negotiate == NULL )
-    {
-        ssl->transform_negotiate = mbedtls_calloc( 1, sizeof(mbedtls_ssl_transform) );
-    }
-
-    if( ssl->session_negotiate == NULL )
-    {
-        ssl->session_negotiate = mbedtls_calloc( 1, sizeof(mbedtls_ssl_session) );
-    }
-
-    if( ssl->handshake == NULL )
-    {
-        ssl->handshake = mbedtls_calloc( 1, sizeof(mbedtls_ssl_handshake_params) );
-    }
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-    /* If the buffers are too small - reallocate */
-    {
-        int modified = 0;
-        size_t written_in = 0, iv_offset_in = 0, len_offset_in = 0;
-        size_t written_out = 0, iv_offset_out = 0, len_offset_out = 0;
-        if( ssl->in_buf != NULL )
-        {
-            written_in = ssl->in_msg - ssl->in_buf;
-            iv_offset_in = ssl->in_iv - ssl->in_buf;
-            len_offset_in = ssl->in_len - ssl->in_buf;
-            if( ssl->in_buf_len < MBEDTLS_SSL_IN_BUFFER_LEN )
-            {
-                if( resize_buffer( &ssl->in_buf, MBEDTLS_SSL_IN_BUFFER_LEN,
-                                   &ssl->in_buf_len ) != 0 )
-                {
-                    MBEDTLS_SSL_DEBUG_MSG( 1, ( "input buffer resizing failed - out of memory" ) );
-                }
-                else
-                {
-                    MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reallocating in_buf to %d", MBEDTLS_SSL_IN_BUFFER_LEN ) );
-                    modified = 1;
-                }
-            }
-        }
-
-        if( ssl->out_buf != NULL )
-        {
-            written_out = ssl->out_msg - ssl->out_buf;
-            iv_offset_out = ssl->out_iv - ssl->out_buf;
-            len_offset_out = ssl->out_len - ssl->out_buf;
-            if( ssl->out_buf_len < MBEDTLS_SSL_OUT_BUFFER_LEN )
-            {
-                if( resize_buffer( &ssl->out_buf, MBEDTLS_SSL_OUT_BUFFER_LEN,
-                                   &ssl->out_buf_len ) != 0 )
-                {
-                    MBEDTLS_SSL_DEBUG_MSG( 1, ( "output buffer resizing failed - out of memory" ) );
-                }
-                else
-                {
-                    MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reallocating out_buf to %d", MBEDTLS_SSL_OUT_BUFFER_LEN ) );
-                    modified = 1;
-                }
-            }
-        }
-        if( modified )
-        {
-            /* Update pointers here to avoid doing it twice. */
-            mbedtls_ssl_reset_in_out_pointers( ssl );
-            /* Fields below might not be properly updated with record
-             * splitting or with CID, so they are manually updated here. */
-            ssl->out_msg = ssl->out_buf + written_out;
-            ssl->out_len = ssl->out_buf + len_offset_out;
-            ssl->out_iv = ssl->out_buf + iv_offset_out;
-
-            ssl->in_msg = ssl->in_buf + written_in;
-            ssl->in_len = ssl->in_buf + len_offset_in;
-            ssl->in_iv = ssl->in_buf + iv_offset_in;
-        }
-    }
-#endif
-
-    /* All pointers should exist and can be directly freed without issue */
-    if( ssl->handshake == NULL ||
-        ssl->transform_negotiate == NULL ||
-        ssl->session_negotiate == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc() of ssl sub-contexts failed" ) );
-
-        mbedtls_free( ssl->handshake );
-        mbedtls_free( ssl->transform_negotiate );
-        mbedtls_free( ssl->session_negotiate );
-
-        ssl->handshake = NULL;
-        ssl->transform_negotiate = NULL;
-        ssl->session_negotiate = NULL;
-
-        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-    }
-
-    /* Initialize structures */
-    mbedtls_ssl_session_init( ssl->session_negotiate );
-    mbedtls_ssl_transform_init( ssl->transform_negotiate );
-    ssl_handshake_params_init( ssl->handshake );
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        ssl->handshake->alt_transform_out = ssl->transform_out;
-
-        if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
-            ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING;
-        else
-            ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING;
-
-        mbedtls_ssl_set_timer( ssl, 0 );
-    }
-#endif
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
-/* Dummy cookie callbacks for defaults */
-static int ssl_cookie_write_dummy( void *ctx,
-                      unsigned char **p, unsigned char *end,
-                      const unsigned char *cli_id, size_t cli_id_len )
-{
-    ((void) ctx);
-    ((void) p);
-    ((void) end);
-    ((void) cli_id);
-    ((void) cli_id_len);
-
-    return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-}
-
-static int ssl_cookie_check_dummy( void *ctx,
-                      const unsigned char *cookie, size_t cookie_len,
-                      const unsigned char *cli_id, size_t cli_id_len )
-{
-    ((void) ctx);
-    ((void) cookie);
-    ((void) cookie_len);
-    ((void) cli_id);
-    ((void) cli_id_len);
-
-    return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-}
-#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */
-
-/*
- * Initialize an SSL context
- */
-void mbedtls_ssl_init( mbedtls_ssl_context *ssl )
-{
-    memset( ssl, 0, sizeof( mbedtls_ssl_context ) );
-}
-
-/*
- * Setup an SSL context
- */
-
-int mbedtls_ssl_setup( mbedtls_ssl_context *ssl,
-                       const mbedtls_ssl_config *conf )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN;
-    size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN;
-
-    ssl->conf = conf;
-
-    /*
-     * Prepare base structures
-     */
-
-    /* Set to NULL in case of an error condition */
-    ssl->out_buf = NULL;
-
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-    ssl->in_buf_len = in_buf_len;
-#endif
-    ssl->in_buf = mbedtls_calloc( 1, in_buf_len );
-    if( ssl->in_buf == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", in_buf_len ) );
-        ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
-        goto error;
-    }
-
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-    ssl->out_buf_len = out_buf_len;
-#endif
-    ssl->out_buf = mbedtls_calloc( 1, out_buf_len );
-    if( ssl->out_buf == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", out_buf_len ) );
-        ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
-        goto error;
-    }
-
-    mbedtls_ssl_reset_in_out_pointers( ssl );
-
-#if defined(MBEDTLS_SSL_DTLS_SRTP)
-    memset( &ssl->dtls_srtp_info, 0, sizeof(ssl->dtls_srtp_info) );
-#endif
-
-    if( ( ret = ssl_handshake_init( ssl ) ) != 0 )
-        goto error;
-
-    return( 0 );
-
-error:
-    mbedtls_free( ssl->in_buf );
-    mbedtls_free( ssl->out_buf );
-
-    ssl->conf = NULL;
-
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-    ssl->in_buf_len = 0;
-    ssl->out_buf_len = 0;
-#endif
-    ssl->in_buf = NULL;
-    ssl->out_buf = NULL;
-
-    ssl->in_hdr = NULL;
-    ssl->in_ctr = NULL;
-    ssl->in_len = NULL;
-    ssl->in_iv = NULL;
-    ssl->in_msg = NULL;
-
-    ssl->out_hdr = NULL;
-    ssl->out_ctr = NULL;
-    ssl->out_len = NULL;
-    ssl->out_iv = NULL;
-    ssl->out_msg = NULL;
-
-    return( ret );
-}
-
-/*
- * Reset an initialized and used SSL context for re-use while retaining
- * all application-set variables, function pointers and data.
- *
- * If partial is non-zero, keep data in the input buffer and client ID.
- * (Use when a DTLS client reconnects from the same port.)
- */
-int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-    size_t in_buf_len = ssl->in_buf_len;
-    size_t out_buf_len = ssl->out_buf_len;
-#else
-    size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN;
-    size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN;
-#endif
-
-#if !defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) ||     \
-    !defined(MBEDTLS_SSL_SRV_C)
-    ((void) partial);
-#endif
-
-    ssl->state = MBEDTLS_SSL_HELLO_REQUEST;
-
-    /* Cancel any possibly running timer */
-    mbedtls_ssl_set_timer( ssl, 0 );
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    ssl->renego_status = MBEDTLS_SSL_INITIAL_HANDSHAKE;
-    ssl->renego_records_seen = 0;
-
-    ssl->verify_data_len = 0;
-    memset( ssl->own_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN );
-    memset( ssl->peer_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN );
-#endif
-    ssl->secure_renegotiation = MBEDTLS_SSL_LEGACY_RENEGOTIATION;
-
-    ssl->in_offt = NULL;
-    mbedtls_ssl_reset_in_out_pointers( ssl );
-
-    ssl->in_msgtype = 0;
-    ssl->in_msglen = 0;
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    ssl->next_record_offset = 0;
-    ssl->in_epoch = 0;
-#endif
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-    mbedtls_ssl_dtls_replay_reset( ssl );
-#endif
-
-    ssl->in_hslen = 0;
-    ssl->nb_zero = 0;
-
-    ssl->keep_current_message = 0;
-
-    ssl->out_msgtype = 0;
-    ssl->out_msglen = 0;
-    ssl->out_left = 0;
-#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
-    if( ssl->split_done != MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED )
-        ssl->split_done = 0;
-#endif
-
-    memset( ssl->cur_out_ctr, 0, sizeof( ssl->cur_out_ctr ) );
-
-    ssl->transform_in = NULL;
-    ssl->transform_out = NULL;
-
-    ssl->session_in = NULL;
-    ssl->session_out = NULL;
-
-    memset( ssl->out_buf, 0, out_buf_len );
-
-#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C)
-    if( partial == 0 )
-#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */
-    {
-        ssl->in_left = 0;
-        memset( ssl->in_buf, 0, in_buf_len );
-    }
-
-#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
-    if( mbedtls_ssl_hw_record_reset != NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_reset()" ) );
-        if( ( ret = mbedtls_ssl_hw_record_reset( ssl ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_reset", ret );
-            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-        }
-    }
-#endif
-
-    if( ssl->transform )
-    {
-        mbedtls_ssl_transform_free( ssl->transform );
-        mbedtls_free( ssl->transform );
-        ssl->transform = NULL;
-    }
-
-    if( ssl->session )
-    {
-        mbedtls_ssl_session_free( ssl->session );
-        mbedtls_free( ssl->session );
-        ssl->session = NULL;
-    }
-
-#if defined(MBEDTLS_SSL_ALPN)
-    ssl->alpn_chosen = NULL;
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
-#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE)
-    if( partial == 0 )
-#endif
-    {
-        mbedtls_free( ssl->cli_id );
-        ssl->cli_id = NULL;
-        ssl->cli_id_len = 0;
-    }
-#endif
-
-    if( ( ret = ssl_handshake_init( ssl ) ) != 0 )
-        return( ret );
-
-    return( 0 );
-}
-
-/*
- * Reset an initialized and used SSL context for re-use while retaining
- * all application-set variables, function pointers and data.
- */
-int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl )
-{
-    return( mbedtls_ssl_session_reset_int( ssl, 0 ) );
-}
-
-/*
- * SSL set accessors
- */
-void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint )
-{
-    conf->endpoint   = endpoint;
-}
-
-void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport )
-{
-    conf->transport = transport;
-}
-
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode )
-{
-    conf->anti_replay = mode;
-}
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
-void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit )
-{
-    conf->badmac_limit = limit;
-}
-#endif
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-
-void mbedtls_ssl_set_datagram_packing( mbedtls_ssl_context *ssl,
-                                       unsigned allow_packing )
-{
-    ssl->disable_datagram_packing = !allow_packing;
-}
-
-void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf,
-                                         uint32_t min, uint32_t max )
-{
-    conf->hs_timeout_min = min;
-    conf->hs_timeout_max = max;
-}
-#endif
-
-void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode )
-{
-    conf->authmode   = authmode;
-}
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf,
-                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
-                     void *p_vrfy )
-{
-    conf->f_vrfy      = f_vrfy;
-    conf->p_vrfy      = p_vrfy;
-}
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf,
-                  int (*f_rng)(void *, unsigned char *, size_t),
-                  void *p_rng )
-{
-    conf->f_rng      = f_rng;
-    conf->p_rng      = p_rng;
-}
-
-void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf,
-                  void (*f_dbg)(void *, int, const char *, int, const char *),
-                  void  *p_dbg )
-{
-    conf->f_dbg      = f_dbg;
-    conf->p_dbg      = p_dbg;
-}
-
-void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl,
-        void *p_bio,
-        mbedtls_ssl_send_t *f_send,
-        mbedtls_ssl_recv_t *f_recv,
-        mbedtls_ssl_recv_timeout_t *f_recv_timeout )
-{
-    ssl->p_bio          = p_bio;
-    ssl->f_send         = f_send;
-    ssl->f_recv         = f_recv;
-    ssl->f_recv_timeout = f_recv_timeout;
-}
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-void mbedtls_ssl_set_mtu( mbedtls_ssl_context *ssl, uint16_t mtu )
-{
-    ssl->mtu = mtu;
-}
-#endif
-
-void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout )
-{
-    conf->read_timeout   = timeout;
-}
-
-void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl,
-                               void *p_timer,
-                               mbedtls_ssl_set_timer_t *f_set_timer,
-                               mbedtls_ssl_get_timer_t *f_get_timer )
-{
-    ssl->p_timer        = p_timer;
-    ssl->f_set_timer    = f_set_timer;
-    ssl->f_get_timer    = f_get_timer;
-
-    /* Make sure we start with no timer running */
-    mbedtls_ssl_set_timer( ssl, 0 );
-}
-
-#if defined(MBEDTLS_SSL_SRV_C)
-void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf,
-        void *p_cache,
-        int (*f_get_cache)(void *, mbedtls_ssl_session *),
-        int (*f_set_cache)(void *, const mbedtls_ssl_session *) )
-{
-    conf->p_cache = p_cache;
-    conf->f_get_cache = f_get_cache;
-    conf->f_set_cache = f_set_cache;
-}
-#endif /* MBEDTLS_SSL_SRV_C */
-
-#if defined(MBEDTLS_SSL_CLI_C)
-int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ssl == NULL ||
-        session == NULL ||
-        ssl->session_negotiate == NULL ||
-        ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT )
-    {
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    if( ( ret = mbedtls_ssl_session_copy( ssl->session_negotiate,
-                                          session ) ) != 0 )
-        return( ret );
-
-    ssl->handshake->resume = 1;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_CLI_C */
-
-void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
-                                   const int *ciphersuites )
-{
-    conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = ciphersuites;
-    conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = ciphersuites;
-    conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = ciphersuites;
-    conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = ciphersuites;
-}
-
-void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
-                                       const int *ciphersuites,
-                                       int major, int minor )
-{
-    if( major != MBEDTLS_SSL_MAJOR_VERSION_3 )
-        return;
-
-    if( minor < MBEDTLS_SSL_MINOR_VERSION_0 || minor > MBEDTLS_SSL_MINOR_VERSION_3 )
-        return;
-
-    conf->ciphersuite_list[minor] = ciphersuites;
-}
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf,
-                                    const mbedtls_x509_crt_profile *profile )
-{
-    conf->cert_profile = profile;
-}
-
-/* Append a new keycert entry to a (possibly empty) list */
-static int ssl_append_key_cert( mbedtls_ssl_key_cert **head,
-                                mbedtls_x509_crt *cert,
-                                mbedtls_pk_context *key )
-{
-    mbedtls_ssl_key_cert *new_cert;
-
-    new_cert = mbedtls_calloc( 1, sizeof( mbedtls_ssl_key_cert ) );
-    if( new_cert == NULL )
-        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-
-    new_cert->cert = cert;
-    new_cert->key  = key;
-    new_cert->next = NULL;
-
-    /* Update head is the list was null, else add to the end */
-    if( *head == NULL )
-    {
-        *head = new_cert;
-    }
-    else
-    {
-        mbedtls_ssl_key_cert *cur = *head;
-        while( cur->next != NULL )
-            cur = cur->next;
-        cur->next = new_cert;
-    }
-
-    return( 0 );
-}
-
-int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf,
-                              mbedtls_x509_crt *own_cert,
-                              mbedtls_pk_context *pk_key )
-{
-    return( ssl_append_key_cert( &conf->key_cert, own_cert, pk_key ) );
-}
-
-void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf,
-                               mbedtls_x509_crt *ca_chain,
-                               mbedtls_x509_crl *ca_crl )
-{
-    conf->ca_chain   = ca_chain;
-    conf->ca_crl     = ca_crl;
-
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-    /* mbedtls_ssl_conf_ca_chain() and mbedtls_ssl_conf_ca_cb()
-     * cannot be used together. */
-    conf->f_ca_cb = NULL;
-    conf->p_ca_cb = NULL;
-#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
-}
-
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-void mbedtls_ssl_conf_ca_cb( mbedtls_ssl_config *conf,
-                             mbedtls_x509_crt_ca_cb_t f_ca_cb,
-                             void *p_ca_cb )
-{
-    conf->f_ca_cb = f_ca_cb;
-    conf->p_ca_cb = p_ca_cb;
-
-    /* mbedtls_ssl_conf_ca_chain() and mbedtls_ssl_conf_ca_cb()
-     * cannot be used together. */
-    conf->ca_chain   = NULL;
-    conf->ca_crl     = NULL;
-}
-#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl,
-                                 mbedtls_x509_crt *own_cert,
-                                 mbedtls_pk_context *pk_key )
-{
-    return( ssl_append_key_cert( &ssl->handshake->sni_key_cert,
-                                 own_cert, pk_key ) );
-}
-
-void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl,
-                                  mbedtls_x509_crt *ca_chain,
-                                  mbedtls_x509_crl *ca_crl )
-{
-    ssl->handshake->sni_ca_chain   = ca_chain;
-    ssl->handshake->sni_ca_crl     = ca_crl;
-}
-
-void mbedtls_ssl_set_hs_authmode( mbedtls_ssl_context *ssl,
-                                  int authmode )
-{
-    ssl->handshake->sni_authmode = authmode;
-}
-#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl,
-                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
-                     void *p_vrfy )
-{
-    ssl->f_vrfy = f_vrfy;
-    ssl->p_vrfy = p_vrfy;
-}
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-/*
- * Set EC J-PAKE password for current handshake
- */
-int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl,
-                                         const unsigned char *pw,
-                                         size_t pw_len )
-{
-    mbedtls_ecjpake_role role;
-
-    if( ssl->handshake == NULL || ssl->conf == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
-        role = MBEDTLS_ECJPAKE_SERVER;
-    else
-        role = MBEDTLS_ECJPAKE_CLIENT;
-
-    return( mbedtls_ecjpake_setup( &ssl->handshake->ecjpake_ctx,
-                                   role,
-                                   MBEDTLS_MD_SHA256,
-                                   MBEDTLS_ECP_DP_SECP256R1,
-                                   pw, pw_len ) );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-
-static void ssl_conf_remove_psk( mbedtls_ssl_config *conf )
-{
-    /* Remove reference to existing PSK, if any. */
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) )
-    {
-        /* The maintenance of the PSK key slot is the
-         * user's responsibility. */
-        conf->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT;
-    }
-    /* This and the following branch should never
-     * be taken simultaenously as we maintain the
-     * invariant that raw and opaque PSKs are never
-     * configured simultaneously. As a safeguard,
-     * though, `else` is omitted here. */
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-    if( conf->psk != NULL )
-    {
-        mbedtls_platform_zeroize( conf->psk, conf->psk_len );
-
-        mbedtls_free( conf->psk );
-        conf->psk = NULL;
-        conf->psk_len = 0;
-    }
-
-    /* Remove reference to PSK identity, if any. */
-    if( conf->psk_identity != NULL )
-    {
-        mbedtls_free( conf->psk_identity );
-        conf->psk_identity = NULL;
-        conf->psk_identity_len = 0;
-    }
-}
-
-/* This function assumes that PSK identity in the SSL config is unset.
- * It checks that the provided identity is well-formed and attempts
- * to make a copy of it in the SSL config.
- * On failure, the PSK identity in the config remains unset. */
-static int ssl_conf_set_psk_identity( mbedtls_ssl_config *conf,
-                                      unsigned char const *psk_identity,
-                                      size_t psk_identity_len )
-{
-    /* Identity len will be encoded on two bytes */
-    if( psk_identity               == NULL ||
-        ( psk_identity_len >> 16 ) != 0    ||
-        psk_identity_len > MBEDTLS_SSL_OUT_CONTENT_LEN )
-    {
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    conf->psk_identity = mbedtls_calloc( 1, psk_identity_len );
-    if( conf->psk_identity == NULL )
-        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-
-    conf->psk_identity_len = psk_identity_len;
-    memcpy( conf->psk_identity, psk_identity, conf->psk_identity_len );
-
-    return( 0 );
-}
-
-int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
-                const unsigned char *psk, size_t psk_len,
-                const unsigned char *psk_identity, size_t psk_identity_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    /* Remove opaque/raw PSK + PSK Identity */
-    ssl_conf_remove_psk( conf );
-
-    /* Check and set raw PSK */
-    if( psk == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    if( psk_len == 0 )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    if( psk_len > MBEDTLS_PSK_MAX_LEN )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL )
-        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-    conf->psk_len = psk_len;
-    memcpy( conf->psk, psk, conf->psk_len );
-
-    /* Check and set PSK Identity */
-    ret = ssl_conf_set_psk_identity( conf, psk_identity, psk_identity_len );
-    if( ret != 0 )
-        ssl_conf_remove_psk( conf );
-
-    return( ret );
-}
-
-static void ssl_remove_psk( mbedtls_ssl_context *ssl )
-{
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) )
-    {
-        ssl->handshake->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT;
-    }
-    else
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-    if( ssl->handshake->psk != NULL )
-    {
-        mbedtls_platform_zeroize( ssl->handshake->psk,
-                                  ssl->handshake->psk_len );
-        mbedtls_free( ssl->handshake->psk );
-        ssl->handshake->psk_len = 0;
-    }
-}
-
-int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl,
-                            const unsigned char *psk, size_t psk_len )
-{
-    if( psk == NULL || ssl->handshake == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    if( psk_len > MBEDTLS_PSK_MAX_LEN )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    ssl_remove_psk( ssl );
-
-    if( ( ssl->handshake->psk = mbedtls_calloc( 1, psk_len ) ) == NULL )
-        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-
-    ssl->handshake->psk_len = psk_len;
-    memcpy( ssl->handshake->psk, psk, ssl->handshake->psk_len );
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf,
-                                 psa_key_id_t psk,
-                                 const unsigned char *psk_identity,
-                                 size_t psk_identity_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    /* Clear opaque/raw PSK + PSK Identity, if present. */
-    ssl_conf_remove_psk( conf );
-
-    /* Check and set opaque PSK */
-    if( mbedtls_svc_key_id_is_null( psk ) )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    conf->psk_opaque = psk;
-
-    /* Check and set PSK Identity */
-    ret = ssl_conf_set_psk_identity( conf, psk_identity,
-                                     psk_identity_len );
-    if( ret != 0 )
-        ssl_conf_remove_psk( conf );
-
-    return( ret );
-}
-
-int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl,
-                                   psa_key_id_t psk )
-{
-    if( ( mbedtls_svc_key_id_is_null( psk ) ) ||
-        ( ssl->handshake == NULL ) )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    ssl_remove_psk( ssl );
-    ssl->handshake->psk_opaque = psk;
-    return( 0 );
-}
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf,
-                     int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *,
-                     size_t),
-                     void *p_psk )
-{
-    conf->f_psk = f_psk;
-    conf->p_psk = p_psk;
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ( ret = mbedtls_mpi_read_string( &conf->dhm_P, 16, dhm_P ) ) != 0 ||
-        ( ret = mbedtls_mpi_read_string( &conf->dhm_G, 16, dhm_G ) ) != 0 )
-    {
-        mbedtls_mpi_free( &conf->dhm_P );
-        mbedtls_mpi_free( &conf->dhm_G );
-        return( ret );
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_DEPRECATED_REMOVED */
-
-int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf,
-                                   const unsigned char *dhm_P, size_t P_len,
-                                   const unsigned char *dhm_G, size_t G_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ( ret = mbedtls_mpi_read_binary( &conf->dhm_P, dhm_P, P_len ) ) != 0 ||
-        ( ret = mbedtls_mpi_read_binary( &conf->dhm_G, dhm_G, G_len ) ) != 0 )
-    {
-        mbedtls_mpi_free( &conf->dhm_P );
-        mbedtls_mpi_free( &conf->dhm_G );
-        return( ret );
-    }
-
-    return( 0 );
-}
-
-int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ( ret = mbedtls_mpi_copy( &conf->dhm_P, &dhm_ctx->P ) ) != 0 ||
-        ( ret = mbedtls_mpi_copy( &conf->dhm_G, &dhm_ctx->G ) ) != 0 )
-    {
-        mbedtls_mpi_free( &conf->dhm_P );
-        mbedtls_mpi_free( &conf->dhm_G );
-        return( ret );
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_SRV_C */
-
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
-/*
- * Set the minimum length for Diffie-Hellman parameters
- */
-void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf,
-                                      unsigned int bitlen )
-{
-    conf->dhm_min_bitlen = bitlen;
-}
-#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-/*
- * Set allowed/preferred hashes for handshake signatures
- */
-void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf,
-                                  const int *hashes )
-{
-    conf->sig_hashes = hashes;
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
-
-#if defined(MBEDTLS_ECP_C)
-/*
- * Set the allowed elliptic curves
- */
-void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf,
-                             const mbedtls_ecp_group_id *curve_list )
-{
-    conf->curve_list = curve_list;
-}
-#endif /* MBEDTLS_ECP_C */
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname )
-{
-    /* Initialize to suppress unnecessary compiler warning */
-    size_t hostname_len = 0;
-
-    /* Check if new hostname is valid before
-     * making any change to current one */
-    if( hostname != NULL )
-    {
-        hostname_len = strlen( hostname );
-
-        if( hostname_len > MBEDTLS_SSL_MAX_HOST_NAME_LEN )
-            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    /* Now it's clear that we will overwrite the old hostname,
-     * so we can free it safely */
-
-    if( ssl->hostname != NULL )
-    {
-        mbedtls_platform_zeroize( ssl->hostname, strlen( ssl->hostname ) );
-        mbedtls_free( ssl->hostname );
-    }
-
-    /* Passing NULL as hostname shall clear the old one */
-
-    if( hostname == NULL )
-    {
-        ssl->hostname = NULL;
-    }
-    else
-    {
-        ssl->hostname = mbedtls_calloc( 1, hostname_len + 1 );
-        if( ssl->hostname == NULL )
-            return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-
-        memcpy( ssl->hostname, hostname, hostname_len );
-
-        ssl->hostname[hostname_len] = '\0';
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf,
-                  int (*f_sni)(void *, mbedtls_ssl_context *,
-                                const unsigned char *, size_t),
-                  void *p_sni )
-{
-    conf->f_sni = f_sni;
-    conf->p_sni = p_sni;
-}
-#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
-
-#if defined(MBEDTLS_SSL_ALPN)
-int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos )
-{
-    size_t cur_len, tot_len;
-    const char **p;
-
-    /*
-     * RFC 7301 3.1: "Empty strings MUST NOT be included and byte strings
-     * MUST NOT be truncated."
-     * We check lengths now rather than later.
-     */
-    tot_len = 0;
-    for( p = protos; *p != NULL; p++ )
-    {
-        cur_len = strlen( *p );
-        tot_len += cur_len;
-
-        if( ( cur_len == 0 ) ||
-            ( cur_len > MBEDTLS_SSL_MAX_ALPN_NAME_LEN ) ||
-            ( tot_len > MBEDTLS_SSL_MAX_ALPN_LIST_LEN ) )
-            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    conf->alpn_list = protos;
-
-    return( 0 );
-}
-
-const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl )
-{
-    return( ssl->alpn_chosen );
-}
-#endif /* MBEDTLS_SSL_ALPN */
-
-#if defined(MBEDTLS_SSL_DTLS_SRTP)
-void mbedtls_ssl_conf_srtp_mki_value_supported( mbedtls_ssl_config *conf,
-                                                int support_mki_value )
-{
-    conf->dtls_srtp_mki_support = support_mki_value;
-}
-
-int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
-                                         unsigned char *mki_value,
-                                         uint16_t mki_len )
-{
-    if( mki_len > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH )
-    {
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED )
-    {
-        return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-    }
-
-    memcpy( ssl->dtls_srtp_info.mki_value, mki_value, mki_len );
-    ssl->dtls_srtp_info.mki_len = mki_len;
-    return( 0 );
-}
-
-int mbedtls_ssl_conf_dtls_srtp_protection_profiles( mbedtls_ssl_config *conf,
-                                                    const mbedtls_ssl_srtp_profile *profiles )
-{
-    const mbedtls_ssl_srtp_profile *p;
-    size_t list_size = 0;
-
-    /* check the profiles list: all entry must be valid,
-     * its size cannot be more than the total number of supported profiles, currently 4 */
-    for( p = profiles; *p != MBEDTLS_TLS_SRTP_UNSET &&
-                       list_size <= MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH;
-         p++ )
-    {
-        if( mbedtls_ssl_check_srtp_profile_value( *p ) != MBEDTLS_TLS_SRTP_UNSET )
-        {
-            list_size++;
-        }
-        else
-        {
-            /* unsupported value, stop parsing and set the size to an error value */
-            list_size = MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH + 1;
-        }
-    }
-
-    if( list_size > MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH )
-    {
-                conf->dtls_srtp_profile_list = NULL;
-                conf->dtls_srtp_profile_list_len = 0;
-                return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    conf->dtls_srtp_profile_list = profiles;
-    conf->dtls_srtp_profile_list_len = list_size;
-
-    return( 0 );
-}
-
-void mbedtls_ssl_get_dtls_srtp_negotiation_result( const mbedtls_ssl_context *ssl,
-                                                   mbedtls_dtls_srtp_info *dtls_srtp_info )
-{
-    dtls_srtp_info->chosen_dtls_srtp_profile = ssl->dtls_srtp_info.chosen_dtls_srtp_profile;
-    /* do not copy the mki value if there is no chosen profile */
-    if( dtls_srtp_info->chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET )
-    {
-        dtls_srtp_info->mki_len = 0;
-    }
-    else
-    {
-        dtls_srtp_info->mki_len = ssl->dtls_srtp_info.mki_len;
-        memcpy( dtls_srtp_info->mki_value, ssl->dtls_srtp_info.mki_value,
-                ssl->dtls_srtp_info.mki_len );
-    }
-}
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-
-void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor )
-{
-    conf->max_major_ver = major;
-    conf->max_minor_ver = minor;
-}
-
-void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor )
-{
-    conf->min_major_ver = major;
-    conf->min_minor_ver = minor;
-}
-
-#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
-void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback )
-{
-    conf->fallback = fallback;
-}
-#endif
-
-#if defined(MBEDTLS_SSL_SRV_C)
-void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf,
-                                          char cert_req_ca_list )
-{
-    conf->cert_req_ca_list = cert_req_ca_list;
-}
-#endif
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm )
-{
-    conf->encrypt_then_mac = etm;
-}
-#endif
-
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems )
-{
-    conf->extended_ms = ems;
-}
-#endif
-
-#if defined(MBEDTLS_ARC4_C)
-void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 )
-{
-    conf->arc4_disabled = arc4;
-}
-#endif
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code )
-{
-    if( mfl_code >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID ||
-        ssl_mfl_code_to_length( mfl_code ) > MBEDTLS_TLS_EXT_ADV_CONTENT_LEN )
-    {
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    conf->mfl_code = mfl_code;
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate )
-{
-    conf->trunc_hmac = truncate;
-}
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
-#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
-void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split )
-{
-    conf->cbc_record_splitting = split;
-}
-#endif
-
-void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy )
-{
-    conf->allow_legacy_renegotiation = allow_legacy;
-}
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation )
-{
-    conf->disable_renegotiation = renegotiation;
-}
-
-void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records )
-{
-    conf->renego_max_records = max_records;
-}
-
-void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf,
-                                   const unsigned char period[8] )
-{
-    memcpy( conf->renego_period, period, 8 );
-}
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-#if defined(MBEDTLS_SSL_CLI_C)
-void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets )
-{
-    conf->session_tickets = use_tickets;
-}
-#endif
-
-#if defined(MBEDTLS_SSL_SRV_C)
-void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf,
-        mbedtls_ssl_ticket_write_t *f_ticket_write,
-        mbedtls_ssl_ticket_parse_t *f_ticket_parse,
-        void *p_ticket )
-{
-    conf->f_ticket_write = f_ticket_write;
-    conf->f_ticket_parse = f_ticket_parse;
-    conf->p_ticket       = p_ticket;
-}
-#endif
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
-
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf,
-        mbedtls_ssl_export_keys_t *f_export_keys,
-        void *p_export_keys )
-{
-    conf->f_export_keys = f_export_keys;
-    conf->p_export_keys = p_export_keys;
-}
-
-void mbedtls_ssl_conf_export_keys_ext_cb( mbedtls_ssl_config *conf,
-        mbedtls_ssl_export_keys_ext_t *f_export_keys_ext,
-        void *p_export_keys )
-{
-    conf->f_export_keys_ext = f_export_keys_ext;
-    conf->p_export_keys = p_export_keys;
-}
-#endif
-
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-void mbedtls_ssl_conf_async_private_cb(
-    mbedtls_ssl_config *conf,
-    mbedtls_ssl_async_sign_t *f_async_sign,
-    mbedtls_ssl_async_decrypt_t *f_async_decrypt,
-    mbedtls_ssl_async_resume_t *f_async_resume,
-    mbedtls_ssl_async_cancel_t *f_async_cancel,
-    void *async_config_data )
-{
-    conf->f_async_sign_start = f_async_sign;
-    conf->f_async_decrypt_start = f_async_decrypt;
-    conf->f_async_resume = f_async_resume;
-    conf->f_async_cancel = f_async_cancel;
-    conf->p_async_config_data = async_config_data;
-}
-
-void *mbedtls_ssl_conf_get_async_config_data( const mbedtls_ssl_config *conf )
-{
-    return( conf->p_async_config_data );
-}
-
-void *mbedtls_ssl_get_async_operation_data( const mbedtls_ssl_context *ssl )
-{
-    if( ssl->handshake == NULL )
-        return( NULL );
-    else
-        return( ssl->handshake->user_async_ctx );
-}
-
-void mbedtls_ssl_set_async_operation_data( mbedtls_ssl_context *ssl,
-                                 void *ctx )
-{
-    if( ssl->handshake != NULL )
-        ssl->handshake->user_async_ctx = ctx;
-}
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-
-/*
- * SSL get accessors
- */
-uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl )
-{
-    if( ssl->session != NULL )
-        return( ssl->session->verify_result );
-
-    if( ssl->session_negotiate != NULL )
-        return( ssl->session_negotiate->verify_result );
-
-    return( 0xFFFFFFFF );
-}
-
-const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl )
-{
-    if( ssl == NULL || ssl->session == NULL )
-        return( NULL );
-
-    return mbedtls_ssl_get_ciphersuite_name( ssl->session->ciphersuite );
-}
-
-const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl )
-{
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        switch( ssl->minor_ver )
-        {
-            case MBEDTLS_SSL_MINOR_VERSION_2:
-                return( "DTLSv1.0" );
-
-            case MBEDTLS_SSL_MINOR_VERSION_3:
-                return( "DTLSv1.2" );
-
-            default:
-                return( "unknown (DTLS)" );
-        }
-    }
-#endif
-
-    switch( ssl->minor_ver )
-    {
-        case MBEDTLS_SSL_MINOR_VERSION_0:
-            return( "SSLv3.0" );
-
-        case MBEDTLS_SSL_MINOR_VERSION_1:
-            return( "TLSv1.0" );
-
-        case MBEDTLS_SSL_MINOR_VERSION_2:
-            return( "TLSv1.1" );
-
-        case MBEDTLS_SSL_MINOR_VERSION_3:
-            return( "TLSv1.2" );
-
-        default:
-            return( "unknown" );
-    }
-}
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-size_t mbedtls_ssl_get_input_max_frag_len( const mbedtls_ssl_context *ssl )
-{
-    size_t max_len = MBEDTLS_SSL_MAX_CONTENT_LEN;
-    size_t read_mfl;
-
-    /* Use the configured MFL for the client if we're past SERVER_HELLO_DONE */
-    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT &&
-        ssl->state >= MBEDTLS_SSL_SERVER_HELLO_DONE )
-    {
-        return ssl_mfl_code_to_length( ssl->conf->mfl_code );
-    }
-
-    /* Check if a smaller max length was negotiated */
-    if( ssl->session_out != NULL )
-    {
-        read_mfl = ssl_mfl_code_to_length( ssl->session_out->mfl_code );
-        if( read_mfl < max_len )
-        {
-            max_len = read_mfl;
-        }
-    }
-
-    // During a handshake, use the value being negotiated
-    if( ssl->session_negotiate != NULL )
-    {
-        read_mfl = ssl_mfl_code_to_length( ssl->session_negotiate->mfl_code );
-        if( read_mfl < max_len )
-        {
-            max_len = read_mfl;
-        }
-    }
-
-    return( max_len );
-}
-
-size_t mbedtls_ssl_get_output_max_frag_len( const mbedtls_ssl_context *ssl )
-{
-    size_t max_len;
-
-    /*
-     * Assume mfl_code is correct since it was checked when set
-     */
-    max_len = ssl_mfl_code_to_length( ssl->conf->mfl_code );
-
-    /* Check if a smaller max length was negotiated */
-    if( ssl->session_out != NULL &&
-        ssl_mfl_code_to_length( ssl->session_out->mfl_code ) < max_len )
-    {
-        max_len = ssl_mfl_code_to_length( ssl->session_out->mfl_code );
-    }
-
-    /* During a handshake, use the value being negotiated */
-    if( ssl->session_negotiate != NULL &&
-        ssl_mfl_code_to_length( ssl->session_negotiate->mfl_code ) < max_len )
-    {
-        max_len = ssl_mfl_code_to_length( ssl->session_negotiate->mfl_code );
-    }
-
-    return( max_len );
-}
-
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
-size_t mbedtls_ssl_get_max_frag_len( const mbedtls_ssl_context *ssl )
-{
-    return mbedtls_ssl_get_output_max_frag_len( ssl );
-}
-#endif /* !MBEDTLS_DEPRECATED_REMOVED */
-#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-size_t mbedtls_ssl_get_current_mtu( const mbedtls_ssl_context *ssl )
-{
-    /* Return unlimited mtu for client hello messages to avoid fragmentation. */
-    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT &&
-        ( ssl->state == MBEDTLS_SSL_CLIENT_HELLO ||
-          ssl->state == MBEDTLS_SSL_SERVER_HELLO ) )
-        return ( 0 );
-
-    if( ssl->handshake == NULL || ssl->handshake->mtu == 0 )
-        return( ssl->mtu );
-
-    if( ssl->mtu == 0 )
-        return( ssl->handshake->mtu );
-
-    return( ssl->mtu < ssl->handshake->mtu ?
-            ssl->mtu : ssl->handshake->mtu );
-}
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl )
-{
-    size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN;
-
-#if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && \
-    !defined(MBEDTLS_SSL_PROTO_DTLS)
-    (void) ssl;
-#endif
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-    const size_t mfl = mbedtls_ssl_get_output_max_frag_len( ssl );
-
-    if( max_len > mfl )
-        max_len = mfl;
-#endif
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( mbedtls_ssl_get_current_mtu( ssl ) != 0 )
-    {
-        const size_t mtu = mbedtls_ssl_get_current_mtu( ssl );
-        const int ret = mbedtls_ssl_get_record_expansion( ssl );
-        const size_t overhead = (size_t) ret;
-
-        if( ret < 0 )
-            return( ret );
-
-        if( mtu <= overhead )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "MTU too low for record expansion" ) );
-            return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-        }
-
-        if( max_len > mtu - overhead )
-            max_len = mtu - overhead;
-    }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-#if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) &&        \
-    !defined(MBEDTLS_SSL_PROTO_DTLS)
-    ((void) ssl);
-#endif
-
-    return( (int) max_len );
-}
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl )
-{
-    if( ssl == NULL || ssl->session == NULL )
-        return( NULL );
-
-#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    return( ssl->session->peer_cert );
-#else
-    return( NULL );
-#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-}
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-#if defined(MBEDTLS_SSL_CLI_C)
-int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl,
-                             mbedtls_ssl_session *dst )
-{
-    if( ssl == NULL ||
-        dst == NULL ||
-        ssl->session == NULL ||
-        ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT )
-    {
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    return( mbedtls_ssl_session_copy( dst, ssl->session ) );
-}
-#endif /* MBEDTLS_SSL_CLI_C */
-
-const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl )
-{
-    if( ssl == NULL )
-        return( NULL );
-
-    return( ssl->session );
-}
-
-/*
- * Define ticket header determining Mbed TLS version
- * and structure of the ticket.
- */
-
-/*
- * Define bitflag determining compile-time settings influencing
- * structure of serialized SSL sessions.
- */
-
-#if defined(MBEDTLS_HAVE_TIME)
-#define SSL_SERIALIZED_SESSION_CONFIG_TIME 1
-#else
-#define SSL_SERIALIZED_SESSION_CONFIG_TIME 0
-#endif /* MBEDTLS_HAVE_TIME */
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-#define SSL_SERIALIZED_SESSION_CONFIG_CRT 1
-#else
-#define SSL_SERIALIZED_SESSION_CONFIG_CRT 0
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-#if defined(MBEDTLS_SSL_CLI_C) && defined(MBEDTLS_SSL_SESSION_TICKETS)
-#define SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET 1
-#else
-#define SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET 0
-#endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_SESSION_TICKETS */
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-#define SSL_SERIALIZED_SESSION_CONFIG_MFL 1
-#else
-#define SSL_SERIALIZED_SESSION_CONFIG_MFL 0
-#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-#define SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC 1
-#else
-#define SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC 0
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-#define SSL_SERIALIZED_SESSION_CONFIG_ETM 1
-#else
-#define SSL_SERIALIZED_SESSION_CONFIG_ETM 0
-#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-#define SSL_SERIALIZED_SESSION_CONFIG_TICKET 1
-#else
-#define SSL_SERIALIZED_SESSION_CONFIG_TICKET 0
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
-
-#define SSL_SERIALIZED_SESSION_CONFIG_TIME_BIT          0
-#define SSL_SERIALIZED_SESSION_CONFIG_CRT_BIT           1
-#define SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET_BIT 2
-#define SSL_SERIALIZED_SESSION_CONFIG_MFL_BIT           3
-#define SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC_BIT    4
-#define SSL_SERIALIZED_SESSION_CONFIG_ETM_BIT           5
-#define SSL_SERIALIZED_SESSION_CONFIG_TICKET_BIT        6
-
-#define SSL_SERIALIZED_SESSION_CONFIG_BITFLAG                           \
-    ( (uint16_t) (                                                      \
-        ( SSL_SERIALIZED_SESSION_CONFIG_TIME          << SSL_SERIALIZED_SESSION_CONFIG_TIME_BIT          ) | \
-        ( SSL_SERIALIZED_SESSION_CONFIG_CRT           << SSL_SERIALIZED_SESSION_CONFIG_CRT_BIT           ) | \
-        ( SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET << SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET_BIT ) | \
-        ( SSL_SERIALIZED_SESSION_CONFIG_MFL           << SSL_SERIALIZED_SESSION_CONFIG_MFL_BIT           ) | \
-        ( SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC    << SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC_BIT    ) | \
-        ( SSL_SERIALIZED_SESSION_CONFIG_ETM           << SSL_SERIALIZED_SESSION_CONFIG_ETM_BIT           ) | \
-        ( SSL_SERIALIZED_SESSION_CONFIG_TICKET        << SSL_SERIALIZED_SESSION_CONFIG_TICKET_BIT        ) ) )
-
-static unsigned char ssl_serialized_session_header[] = {
-    MBEDTLS_VERSION_MAJOR,
-    MBEDTLS_VERSION_MINOR,
-    MBEDTLS_VERSION_PATCH,
-    ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 8 ) & 0xFF,
-    ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 0 ) & 0xFF,
-};
-
-/*
- * Serialize a session in the following format:
- * (in the presentation language of TLS, RFC 8446 section 3)
- *
- *  opaque mbedtls_version[3];   // major, minor, patch
- *  opaque session_format[2];    // version-specific 16-bit field determining
- *                               // the format of the remaining
- *                               // serialized data.
- *
- *  Note: When updating the format, remember to keep
- *        these version+format bytes.
- *
- *                               // In this version, `session_format` determines
- *                               // the setting of those compile-time
- *                               // configuration options which influence
- *                               // the structure of mbedtls_ssl_session.
- *  uint64 start_time;
- *  uint8 ciphersuite[2];        // defined by the standard
- *  uint8 compression;           // 0 or 1
- *  uint8 session_id_len;        // at most 32
- *  opaque session_id[32];
- *  opaque master[48];           // fixed length in the standard
- *  uint32 verify_result;
- *  opaque peer_cert<0..2^24-1>; // length 0 means no peer cert
- *  opaque ticket<0..2^24-1>;    // length 0 means no ticket
- *  uint32 ticket_lifetime;
- *  uint8 mfl_code;              // up to 255 according to standard
- *  uint8 trunc_hmac;            // 0 or 1
- *  uint8 encrypt_then_mac;      // 0 or 1
- *
- * The order is the same as in the definition of the structure, except
- * verify_result is put before peer_cert so that all mandatory fields come
- * together in one block.
- */
-static int ssl_session_save( const mbedtls_ssl_session *session,
-                             unsigned char omit_header,
-                             unsigned char *buf,
-                             size_t buf_len,
-                             size_t *olen )
-{
-    unsigned char *p = buf;
-    size_t used = 0;
-#if defined(MBEDTLS_HAVE_TIME)
-    uint64_t start;
-#endif
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    size_t cert_len;
-#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-
-    if( !omit_header )
-    {
-        /*
-         * Add version identifier
-         */
-
-        used += sizeof( ssl_serialized_session_header );
-
-        if( used <= buf_len )
-        {
-            memcpy( p, ssl_serialized_session_header,
-                    sizeof( ssl_serialized_session_header ) );
-            p += sizeof( ssl_serialized_session_header );
-        }
-    }
-
-    /*
-     * Time
-     */
-#if defined(MBEDTLS_HAVE_TIME)
-    used += 8;
-
-    if( used <= buf_len )
-    {
-        start = (uint64_t) session->start;
-
-        *p++ = (unsigned char)( ( start >> 56 ) & 0xFF );
-        *p++ = (unsigned char)( ( start >> 48 ) & 0xFF );
-        *p++ = (unsigned char)( ( start >> 40 ) & 0xFF );
-        *p++ = (unsigned char)( ( start >> 32 ) & 0xFF );
-        *p++ = (unsigned char)( ( start >> 24 ) & 0xFF );
-        *p++ = (unsigned char)( ( start >> 16 ) & 0xFF );
-        *p++ = (unsigned char)( ( start >>  8 ) & 0xFF );
-        *p++ = (unsigned char)( ( start       ) & 0xFF );
-    }
-#endif /* MBEDTLS_HAVE_TIME */
-
-    /*
-     * Basic mandatory fields
-     */
-    used += 2   /* ciphersuite */
-          + 1   /* compression */
-          + 1   /* id_len */
-          + sizeof( session->id )
-          + sizeof( session->master )
-          + 4;  /* verify_result */
-
-    if( used <= buf_len )
-    {
-        *p++ = (unsigned char)( ( session->ciphersuite >> 8 ) & 0xFF );
-        *p++ = (unsigned char)( ( session->ciphersuite      ) & 0xFF );
-
-        *p++ = (unsigned char)( session->compression & 0xFF );
-
-        *p++ = (unsigned char)( session->id_len & 0xFF );
-        memcpy( p, session->id, 32 );
-        p += 32;
-
-        memcpy( p, session->master, 48 );
-        p += 48;
-
-        *p++ = (unsigned char)( ( session->verify_result >> 24 ) & 0xFF );
-        *p++ = (unsigned char)( ( session->verify_result >> 16 ) & 0xFF );
-        *p++ = (unsigned char)( ( session->verify_result >>  8 ) & 0xFF );
-        *p++ = (unsigned char)( ( session->verify_result       ) & 0xFF );
-    }
-
-    /*
-     * Peer's end-entity certificate
-     */
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    if( session->peer_cert == NULL )
-        cert_len = 0;
-    else
-        cert_len = session->peer_cert->raw.len;
-
-    used += 3 + cert_len;
-
-    if( used <= buf_len )
-    {
-        *p++ = (unsigned char)( ( cert_len >> 16 ) & 0xFF );
-        *p++ = (unsigned char)( ( cert_len >>  8 ) & 0xFF );
-        *p++ = (unsigned char)( ( cert_len       ) & 0xFF );
-
-        if( session->peer_cert != NULL )
-        {
-            memcpy( p, session->peer_cert->raw.p, cert_len );
-            p += cert_len;
-        }
-    }
-#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-    if( session->peer_cert_digest != NULL )
-    {
-        used += 1 /* type */ + 1 /* length */ + session->peer_cert_digest_len;
-        if( used <= buf_len )
-        {
-            *p++ = (unsigned char) session->peer_cert_digest_type;
-            *p++ = (unsigned char) session->peer_cert_digest_len;
-            memcpy( p, session->peer_cert_digest,
-                    session->peer_cert_digest_len );
-            p += session->peer_cert_digest_len;
-        }
-    }
-    else
-    {
-        used += 2;
-        if( used <= buf_len )
-        {
-            *p++ = (unsigned char) MBEDTLS_MD_NONE;
-            *p++ = 0;
-        }
-    }
-#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-    /*
-     * Session ticket if any, plus associated data
-     */
-#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
-    used += 3 + session->ticket_len + 4; /* len + ticket + lifetime */
-
-    if( used <= buf_len )
-    {
-        *p++ = (unsigned char)( ( session->ticket_len >> 16 ) & 0xFF );
-        *p++ = (unsigned char)( ( session->ticket_len >>  8 ) & 0xFF );
-        *p++ = (unsigned char)( ( session->ticket_len       ) & 0xFF );
-
-        if( session->ticket != NULL )
-        {
-            memcpy( p, session->ticket, session->ticket_len );
-            p += session->ticket_len;
-        }
-
-        *p++ = (unsigned char)( ( session->ticket_lifetime >> 24 ) & 0xFF );
-        *p++ = (unsigned char)( ( session->ticket_lifetime >> 16 ) & 0xFF );
-        *p++ = (unsigned char)( ( session->ticket_lifetime >>  8 ) & 0xFF );
-        *p++ = (unsigned char)( ( session->ticket_lifetime       ) & 0xFF );
-    }
-#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
-
-    /*
-     * Misc extension-related info
-     */
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-    used += 1;
-
-    if( used <= buf_len )
-        *p++ = session->mfl_code;
-#endif
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-    used += 1;
-
-    if( used <= buf_len )
-        *p++ = (unsigned char)( ( session->trunc_hmac ) & 0xFF );
-#endif
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-    used += 1;
-
-    if( used <= buf_len )
-        *p++ = (unsigned char)( ( session->encrypt_then_mac ) & 0xFF );
-#endif
-
-    /* Done */
-    *olen = used;
-
-    if( used > buf_len )
-        return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-
-    return( 0 );
-}
-
-/*
- * Public wrapper for ssl_session_save()
- */
-int mbedtls_ssl_session_save( const mbedtls_ssl_session *session,
-                              unsigned char *buf,
-                              size_t buf_len,
-                              size_t *olen )
-{
-    return( ssl_session_save( session, 0, buf, buf_len, olen ) );
-}
-
-/*
- * Deserialize session, see mbedtls_ssl_session_save() for format.
- *
- * This internal version is wrapped by a public function that cleans up in
- * case of error, and has an extra option omit_header.
- */
-static int ssl_session_load( mbedtls_ssl_session *session,
-                             unsigned char omit_header,
-                             const unsigned char *buf,
-                             size_t len )
-{
-    const unsigned char *p = buf;
-    const unsigned char * const end = buf + len;
-#if defined(MBEDTLS_HAVE_TIME)
-    uint64_t start;
-#endif
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    size_t cert_len;
-#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-    if( !omit_header )
-    {
-        /*
-         * Check version identifier
-         */
-
-        if( (size_t)( end - p ) < sizeof( ssl_serialized_session_header ) )
-            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-        if( memcmp( p, ssl_serialized_session_header,
-                    sizeof( ssl_serialized_session_header ) ) != 0 )
-        {
-            return( MBEDTLS_ERR_SSL_VERSION_MISMATCH );
-        }
-        p += sizeof( ssl_serialized_session_header );
-    }
-
-    /*
-     * Time
-     */
-#if defined(MBEDTLS_HAVE_TIME)
-    if( 8 > (size_t)( end - p ) )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    start = ( (uint64_t) p[0] << 56 ) |
-            ( (uint64_t) p[1] << 48 ) |
-            ( (uint64_t) p[2] << 40 ) |
-            ( (uint64_t) p[3] << 32 ) |
-            ( (uint64_t) p[4] << 24 ) |
-            ( (uint64_t) p[5] << 16 ) |
-            ( (uint64_t) p[6] <<  8 ) |
-            ( (uint64_t) p[7]       );
-    p += 8;
-
-    session->start = (time_t) start;
-#endif /* MBEDTLS_HAVE_TIME */
-
-    /*
-     * Basic mandatory fields
-     */
-    if( 2 + 1 + 1 + 32 + 48 + 4 > (size_t)( end - p ) )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    session->ciphersuite = ( p[0] << 8 ) | p[1];
-    p += 2;
-
-    session->compression = *p++;
-
-    session->id_len = *p++;
-    memcpy( session->id, p, 32 );
-    p += 32;
-
-    memcpy( session->master, p, 48 );
-    p += 48;
-
-    session->verify_result = ( (uint32_t) p[0] << 24 ) |
-                             ( (uint32_t) p[1] << 16 ) |
-                             ( (uint32_t) p[2] <<  8 ) |
-                             ( (uint32_t) p[3]       );
-    p += 4;
-
-    /* Immediately clear invalid pointer values that have been read, in case
-     * we exit early before we replaced them with valid ones. */
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    session->peer_cert = NULL;
-#else
-    session->peer_cert_digest = NULL;
-#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
-    session->ticket = NULL;
-#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
-
-    /*
-     * Peer certificate
-     */
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    /* Deserialize CRT from the end of the ticket. */
-    if( 3 > (size_t)( end - p ) )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    cert_len = ( p[0] << 16 ) | ( p[1] << 8 ) | p[2];
-    p += 3;
-
-    if( cert_len != 0 )
-    {
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-        if( cert_len > (size_t)( end - p ) )
-            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-        session->peer_cert = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
-
-        if( session->peer_cert == NULL )
-            return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-
-        mbedtls_x509_crt_init( session->peer_cert );
-
-        if( ( ret = mbedtls_x509_crt_parse_der( session->peer_cert,
-                                                p, cert_len ) ) != 0 )
-        {
-            mbedtls_x509_crt_free( session->peer_cert );
-            mbedtls_free( session->peer_cert );
-            session->peer_cert = NULL;
-            return( ret );
-        }
-
-        p += cert_len;
-    }
-#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-    /* Deserialize CRT digest from the end of the ticket. */
-    if( 2 > (size_t)( end - p ) )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    session->peer_cert_digest_type = (mbedtls_md_type_t) *p++;
-    session->peer_cert_digest_len  = (size_t) *p++;
-
-    if( session->peer_cert_digest_len != 0 )
-    {
-        const mbedtls_md_info_t *md_info =
-            mbedtls_md_info_from_type( session->peer_cert_digest_type );
-        if( md_info == NULL )
-            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-        if( session->peer_cert_digest_len != mbedtls_md_get_size( md_info ) )
-            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-        if( session->peer_cert_digest_len > (size_t)( end - p ) )
-            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-        session->peer_cert_digest =
-            mbedtls_calloc( 1, session->peer_cert_digest_len );
-        if( session->peer_cert_digest == NULL )
-            return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-
-        memcpy( session->peer_cert_digest, p,
-                session->peer_cert_digest_len );
-        p += session->peer_cert_digest_len;
-    }
-#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-    /*
-     * Session ticket and associated data
-     */
-#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
-    if( 3 > (size_t)( end - p ) )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    session->ticket_len = ( p[0] << 16 ) | ( p[1] << 8 ) | p[2];
-    p += 3;
-
-    if( session->ticket_len != 0 )
-    {
-        if( session->ticket_len > (size_t)( end - p ) )
-            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-        session->ticket = mbedtls_calloc( 1, session->ticket_len );
-        if( session->ticket == NULL )
-            return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-
-        memcpy( session->ticket, p, session->ticket_len );
-        p += session->ticket_len;
-    }
-
-    if( 4 > (size_t)( end - p ) )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    session->ticket_lifetime = ( (uint32_t) p[0] << 24 ) |
-                               ( (uint32_t) p[1] << 16 ) |
-                               ( (uint32_t) p[2] <<  8 ) |
-                               ( (uint32_t) p[3]       );
-    p += 4;
-#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
-
-    /*
-     * Misc extension-related info
-     */
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-    if( 1 > (size_t)( end - p ) )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    session->mfl_code = *p++;
-#endif
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-    if( 1 > (size_t)( end - p ) )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    session->trunc_hmac = *p++;
-#endif
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-    if( 1 > (size_t)( end - p ) )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    session->encrypt_then_mac = *p++;
-#endif
-
-    /* Done, should have consumed entire buffer */
-    if( p != end )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    return( 0 );
-}
-
-/*
- * Deserialize session: public wrapper for error cleaning
- */
-int mbedtls_ssl_session_load( mbedtls_ssl_session *session,
-                              const unsigned char *buf,
-                              size_t len )
-{
-    int ret = ssl_session_load( session, 0, buf, len );
-
-    if( ret != 0 )
-        mbedtls_ssl_session_free( session );
-
-    return( ret );
-}
-
-/*
- * Perform a single step of the SSL handshake
- */
-int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
-
-    if( ssl == NULL || ssl->conf == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_SSL_CLI_C)
-    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
-        ret = mbedtls_ssl_handshake_client_step( ssl );
-#endif
-#if defined(MBEDTLS_SSL_SRV_C)
-    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
-        ret = mbedtls_ssl_handshake_server_step( ssl );
-#endif
-
-    return( ret );
-}
-
-/*
- * Perform the SSL handshake
- */
-int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl )
-{
-    int ret = 0;
-
-    /* Sanity checks */
-
-    if( ssl == NULL || ssl->conf == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-        ( ssl->f_set_timer == NULL || ssl->f_get_timer == NULL ) )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "You must use "
-                                     "mbedtls_ssl_set_timer_cb() for DTLS" ) );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> handshake" ) );
-
-    /* Main handshake loop */
-    while( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
-    {
-        ret = mbedtls_ssl_handshake_step( ssl );
-
-        if( ret != 0 )
-            break;
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= handshake" ) );
-
-    return( ret );
-}
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-#if defined(MBEDTLS_SSL_SRV_C)
-/*
- * Write HelloRequest to request renegotiation on server
- */
-static int ssl_write_hello_request( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write hello request" ) );
-
-    ssl->out_msglen  = 4;
-    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
-    ssl->out_msg[0]  = MBEDTLS_SSL_HS_HELLO_REQUEST;
-
-    if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret );
-        return( ret );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write hello request" ) );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_SRV_C */
-
-/*
- * Actually renegotiate current connection, triggered by either:
- * - any side: calling mbedtls_ssl_renegotiate(),
- * - client: receiving a HelloRequest during mbedtls_ssl_read(),
- * - server: receiving any handshake message on server during mbedtls_ssl_read() after
- *   the initial handshake is completed.
- * If the handshake doesn't complete due to waiting for I/O, it will continue
- * during the next calls to mbedtls_ssl_renegotiate() or mbedtls_ssl_read() respectively.
- */
-int mbedtls_ssl_start_renegotiation( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> renegotiate" ) );
-
-    if( ( ret = ssl_handshake_init( ssl ) ) != 0 )
-        return( ret );
-
-    /* RFC 6347 4.2.2: "[...] the HelloRequest will have message_seq = 0 and
-     * the ServerHello will have message_seq = 1" */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-        ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING )
-    {
-        if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
-            ssl->handshake->out_msg_seq = 1;
-        else
-            ssl->handshake->in_msg_seq = 1;
-    }
-#endif
-
-    ssl->state = MBEDTLS_SSL_HELLO_REQUEST;
-    ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS;
-
-    if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret );
-        return( ret );
-    }
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= renegotiate" ) );
-
-    return( 0 );
-}
-
-/*
- * Renegotiate current connection on client,
- * or request renegotiation on server
- */
-int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl )
-{
-    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
-
-    if( ssl == NULL || ssl->conf == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_SSL_SRV_C)
-    /* On server, just send the request */
-    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
-    {
-        if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
-            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-        ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING;
-
-        /* Did we already try/start sending HelloRequest? */
-        if( ssl->out_left != 0 )
-            return( mbedtls_ssl_flush_output( ssl ) );
-
-        return( ssl_write_hello_request( ssl ) );
-    }
-#endif /* MBEDTLS_SSL_SRV_C */
-
-#if defined(MBEDTLS_SSL_CLI_C)
-    /*
-     * On client, either start the renegotiation process or,
-     * if already in progress, continue the handshake
-     */
-    if( ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
-    {
-        if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
-            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-        if( ( ret = mbedtls_ssl_start_renegotiation( ssl ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_start_renegotiation", ret );
-            return( ret );
-        }
-    }
-    else
-    {
-        if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret );
-            return( ret );
-        }
-    }
-#endif /* MBEDTLS_SSL_CLI_C */
-
-    return( ret );
-}
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-static void ssl_key_cert_free( mbedtls_ssl_key_cert *key_cert )
-{
-    mbedtls_ssl_key_cert *cur = key_cert, *next;
-
-    while( cur != NULL )
-    {
-        next = cur->next;
-        mbedtls_free( cur );
-        cur = next;
-    }
-}
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl )
-{
-    mbedtls_ssl_handshake_params *handshake = ssl->handshake;
-
-    if( handshake == NULL )
-        return;
-
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-    if( ssl->conf->f_async_cancel != NULL && handshake->async_in_progress != 0 )
-    {
-        ssl->conf->f_async_cancel( ssl );
-        handshake->async_in_progress = 0;
-    }
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_1)
-    mbedtls_md5_free(    &handshake->fin_md5  );
-    mbedtls_sha1_free(   &handshake->fin_sha1 );
-#endif
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#if defined(MBEDTLS_SHA256_C)
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_hash_abort( &handshake->fin_sha256_psa );
-#else
-    mbedtls_sha256_free(   &handshake->fin_sha256    );
-#endif
-#endif
-#if defined(MBEDTLS_SHA512_C)
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_hash_abort( &handshake->fin_sha384_psa );
-#else
-    mbedtls_sha512_free(   &handshake->fin_sha512    );
-#endif
-#endif
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-
-#if defined(MBEDTLS_DHM_C)
-    mbedtls_dhm_free( &handshake->dhm_ctx );
-#endif
-#if defined(MBEDTLS_ECDH_C)
-    mbedtls_ecdh_free( &handshake->ecdh_ctx );
-#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-    mbedtls_ecjpake_free( &handshake->ecjpake_ctx );
-#if defined(MBEDTLS_SSL_CLI_C)
-    mbedtls_free( handshake->ecjpake_cache );
-    handshake->ecjpake_cache = NULL;
-    handshake->ecjpake_cache_len = 0;
-#endif
-#endif
-
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
-    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-    /* explicit void pointer cast for buggy MS compiler */
-    mbedtls_free( (void *) handshake->curves );
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-    if( handshake->psk != NULL )
-    {
-        mbedtls_platform_zeroize( handshake->psk, handshake->psk_len );
-        mbedtls_free( handshake->psk );
-    }
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
-    defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-    /*
-     * Free only the linked list wrapper, not the keys themselves
-     * since the belong to the SNI callback
-     */
-    if( handshake->sni_key_cert != NULL )
-    {
-        mbedtls_ssl_key_cert *cur = handshake->sni_key_cert, *next;
-
-        while( cur != NULL )
-        {
-            next = cur->next;
-            mbedtls_free( cur );
-            cur = next;
-        }
-    }
-#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_SERVER_NAME_INDICATION */
-
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-    mbedtls_x509_crt_restart_free( &handshake->ecrs_ctx );
-    if( handshake->ecrs_peer_cert != NULL )
-    {
-        mbedtls_x509_crt_free( handshake->ecrs_peer_cert );
-        mbedtls_free( handshake->ecrs_peer_cert );
-    }
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) &&        \
-    !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    mbedtls_pk_free( &handshake->peer_pubkey );
-#endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    mbedtls_free( handshake->verify_cookie );
-    mbedtls_ssl_flight_free( handshake->flight );
-    mbedtls_ssl_buffering_free( ssl );
-#endif
-
-#if defined(MBEDTLS_ECDH_C) &&                  \
-    defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_destroy_key( handshake->ecdh_psa_privkey );
-#endif /* MBEDTLS_ECDH_C && MBEDTLS_USE_PSA_CRYPTO */
-
-    mbedtls_platform_zeroize( handshake,
-                              sizeof( mbedtls_ssl_handshake_params ) );
-
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-    /* If the buffers are too big - reallocate. Because of the way Mbed TLS
-     * processes datagrams and the fact that a datagram is allowed to have
-     * several records in it, it is possible that the I/O buffers are not
-     * empty at this stage */
-    {
-        int modified = 0;
-        uint32_t buf_len = mbedtls_ssl_get_input_buflen( ssl );
-        size_t written_in = 0, iv_offset_in = 0, len_offset_in = 0;
-        size_t written_out = 0, iv_offset_out = 0, len_offset_out = 0;
-        if( ssl->in_buf != NULL )
-        {
-            written_in = ssl->in_msg - ssl->in_buf;
-            iv_offset_in = ssl->in_iv - ssl->in_buf;
-            len_offset_in = ssl->in_len - ssl->in_buf;
-            if( ssl->in_buf_len > buf_len && ssl->in_left < buf_len )
-            {
-                if( resize_buffer( &ssl->in_buf, buf_len, &ssl->in_buf_len ) != 0 )
-                {
-                    MBEDTLS_SSL_DEBUG_MSG( 1, ( "input buffer resizing failed - out of memory" ) );
-                }
-                else
-                {
-                    MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reallocating in_buf to %d", buf_len ) );
-                    modified = 1;
-                }
-            }
-        }
-
-
-        buf_len = mbedtls_ssl_get_output_buflen( ssl );
-        if(ssl->out_buf != NULL )
-        {
-            written_out = ssl->out_msg - ssl->out_buf;
-            iv_offset_out = ssl->out_iv - ssl->out_buf;
-            len_offset_out = ssl->out_len - ssl->out_buf;
-            if( ssl->out_buf_len > mbedtls_ssl_get_output_buflen( ssl ) &&
-                ssl->out_left < buf_len )
-            {
-                if( resize_buffer( &ssl->out_buf, buf_len, &ssl->out_buf_len ) != 0 )
-                {
-                    MBEDTLS_SSL_DEBUG_MSG( 1, ( "output buffer resizing failed - out of memory" ) );
-                }
-                else
-                {
-                    MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reallocating out_buf to %d", buf_len ) );
-                    modified = 1;
-                }
-            }
-        }
-        if( modified )
-        {
-            /* Update pointers here to avoid doing it twice. */
-            mbedtls_ssl_reset_in_out_pointers( ssl );
-            /* Fields below might not be properly updated with record
-             * splitting or with CID, so they are manually updated here. */
-            ssl->out_msg = ssl->out_buf + written_out;
-            ssl->out_len = ssl->out_buf + len_offset_out;
-            ssl->out_iv = ssl->out_buf + iv_offset_out;
-
-            ssl->in_msg = ssl->in_buf + written_in;
-            ssl->in_len = ssl->in_buf + len_offset_in;
-            ssl->in_iv = ssl->in_buf + iv_offset_in;
-        }
-    }
-#endif
-}
-
-void mbedtls_ssl_session_free( mbedtls_ssl_session *session )
-{
-    if( session == NULL )
-        return;
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    ssl_clear_peer_cert( session );
-#endif
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
-    mbedtls_free( session->ticket );
-#endif
-
-    mbedtls_platform_zeroize( session, sizeof( mbedtls_ssl_session ) );
-}
-
-#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-#define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_CONNECTION_ID 1u
-#else
-#define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_CONNECTION_ID 0u
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
-#define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_BADMAC_LIMIT 1u
-#else
-#define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_BADMAC_LIMIT 0u
-#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
-
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-#define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_ANTI_REPLAY 1u
-#else
-#define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_ANTI_REPLAY 0u
-#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
-
-#if defined(MBEDTLS_SSL_ALPN)
-#define SSL_SERIALIZED_CONTEXT_CONFIG_ALPN 1u
-#else
-#define SSL_SERIALIZED_CONTEXT_CONFIG_ALPN 0u
-#endif /* MBEDTLS_SSL_ALPN */
-
-#define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT    0
-#define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT     1
-#define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT      2
-#define SSL_SERIALIZED_CONTEXT_CONFIG_ALPN_BIT                  3
-
-#define SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG   \
-    ( (uint32_t) (                              \
-        ( SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_CONNECTION_ID     << SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT     ) | \
-        ( SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_BADMAC_LIMIT      << SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT      ) | \
-        ( SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_ANTI_REPLAY       << SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT       ) | \
-        ( SSL_SERIALIZED_CONTEXT_CONFIG_ALPN                   << SSL_SERIALIZED_CONTEXT_CONFIG_ALPN_BIT                   ) | \
-        0u ) )
-
-static unsigned char ssl_serialized_context_header[] = {
-    MBEDTLS_VERSION_MAJOR,
-    MBEDTLS_VERSION_MINOR,
-    MBEDTLS_VERSION_PATCH,
-    ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 8 ) & 0xFF,
-    ( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG >> 0 ) & 0xFF,
-    ( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG >> 16 ) & 0xFF,
-    ( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG >>  8 ) & 0xFF,
-    ( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG >>  0 ) & 0xFF,
-};
-
-/*
- * Serialize a full SSL context
- *
- * The format of the serialized data is:
- * (in the presentation language of TLS, RFC 8446 section 3)
- *
- *  // header
- *  opaque mbedtls_version[3];   // major, minor, patch
- *  opaque context_format[5];    // version-specific field determining
- *                               // the format of the remaining
- *                               // serialized data.
- *  Note: When updating the format, remember to keep these
- *        version+format bytes. (We may make their size part of the API.)
- *
- *  // session sub-structure
- *  opaque session<1..2^32-1>;  // see mbedtls_ssl_session_save()
- *  // transform sub-structure
- *  uint8 random[64];           // ServerHello.random+ClientHello.random
- *  uint8 in_cid<0..2^8-1>      // Connection ID: expected incoming value
- *  uint8 out_cid<0..2^8-1>     // Connection ID: outgoing value to use
- *  // fields from ssl_context
- *  uint32 badmac_seen;         // DTLS: number of records with failing MAC
- *  uint64 in_window_top;       // DTLS: last validated record seq_num
- *  uint64 in_window;           // DTLS: bitmask for replay protection
- *  uint8 disable_datagram_packing; // DTLS: only one record per datagram
- *  uint64 cur_out_ctr;         // Record layer: outgoing sequence number
- *  uint16 mtu;                 // DTLS: path mtu (max outgoing fragment size)
- *  uint8 alpn_chosen<0..2^8-1> // ALPN: negotiated application protocol
- *
- * Note that many fields of the ssl_context or sub-structures are not
- * serialized, as they fall in one of the following categories:
- *
- *  1. forced value (eg in_left must be 0)
- *  2. pointer to dynamically-allocated memory (eg session, transform)
- *  3. value can be re-derived from other data (eg session keys from MS)
- *  4. value was temporary (eg content of input buffer)
- *  5. value will be provided by the user again (eg I/O callbacks and context)
- */
-int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl,
-                              unsigned char *buf,
-                              size_t buf_len,
-                              size_t *olen )
-{
-    unsigned char *p = buf;
-    size_t used = 0;
-    size_t session_len;
-    int ret = 0;
-
-    /*
-     * Enforce usage restrictions, see "return BAD_INPUT_DATA" in
-     * this function's documentation.
-     *
-     * These are due to assumptions/limitations in the implementation. Some of
-     * them are likely to stay (no handshake in progress) some might go away
-     * (only DTLS) but are currently used to simplify the implementation.
-     */
-    /* The initial handshake must be over */
-    if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Initial handshake isn't over" ) );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-    if( ssl->handshake != NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Handshake isn't completed" ) );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-    /* Double-check that sub-structures are indeed ready */
-    if( ssl->transform == NULL || ssl->session == NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Serialised structures aren't ready" ) );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-    /* There must be no pending incoming or outgoing data */
-    if( mbedtls_ssl_check_pending( ssl ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "There is pending incoming data" ) );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-    if( ssl->out_left != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "There is pending outgoing data" ) );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-    /* Protocol must be DLTS, not TLS */
-    if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Only DTLS is supported" ) );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-    /* Version must be 1.2 */
-    if( ssl->major_ver != MBEDTLS_SSL_MAJOR_VERSION_3 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Only version 1.2 supported" ) );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-    if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Only version 1.2 supported" ) );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-    /* We must be using an AEAD ciphersuite */
-    if( mbedtls_ssl_transform_uses_aead( ssl->transform ) != 1 )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Only AEAD ciphersuites supported" ) );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-    /* Renegotiation must not be enabled */
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( ssl->conf->disable_renegotiation != MBEDTLS_SSL_RENEGOTIATION_DISABLED )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Renegotiation must not be enabled" ) );
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-#endif
-
-    /*
-     * Version and format identifier
-     */
-    used += sizeof( ssl_serialized_context_header );
-
-    if( used <= buf_len )
-    {
-        memcpy( p, ssl_serialized_context_header,
-                sizeof( ssl_serialized_context_header ) );
-        p += sizeof( ssl_serialized_context_header );
-    }
-
-    /*
-     * Session (length + data)
-     */
-    ret = ssl_session_save( ssl->session, 1, NULL, 0, &session_len );
-    if( ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL )
-        return( ret );
-
-    used += 4 + session_len;
-    if( used <= buf_len )
-    {
-        *p++ = (unsigned char)( ( session_len >> 24 ) & 0xFF );
-        *p++ = (unsigned char)( ( session_len >> 16 ) & 0xFF );
-        *p++ = (unsigned char)( ( session_len >>  8 ) & 0xFF );
-        *p++ = (unsigned char)( ( session_len       ) & 0xFF );
-
-        ret = ssl_session_save( ssl->session, 1,
-                                p, session_len, &session_len );
-        if( ret != 0 )
-            return( ret );
-
-        p += session_len;
-    }
-
-    /*
-     * Transform
-     */
-    used += sizeof( ssl->transform->randbytes );
-    if( used <= buf_len )
-    {
-        memcpy( p, ssl->transform->randbytes,
-           sizeof( ssl->transform->randbytes ) );
-        p += sizeof( ssl->transform->randbytes );
-    }
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    used += 2 + ssl->transform->in_cid_len + ssl->transform->out_cid_len;
-    if( used <= buf_len )
-    {
-        *p++ = ssl->transform->in_cid_len;
-        memcpy( p, ssl->transform->in_cid, ssl->transform->in_cid_len );
-        p += ssl->transform->in_cid_len;
-
-        *p++ = ssl->transform->out_cid_len;
-        memcpy( p, ssl->transform->out_cid, ssl->transform->out_cid_len );
-        p += ssl->transform->out_cid_len;
-    }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-    /*
-     * Saved fields from top-level ssl_context structure
-     */
-#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
-    used += 4;
-    if( used <= buf_len )
-    {
-        *p++ = (unsigned char)( ( ssl->badmac_seen >> 24 ) & 0xFF );
-        *p++ = (unsigned char)( ( ssl->badmac_seen >> 16 ) & 0xFF );
-        *p++ = (unsigned char)( ( ssl->badmac_seen >>  8 ) & 0xFF );
-        *p++ = (unsigned char)( ( ssl->badmac_seen       ) & 0xFF );
-    }
-#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
-
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-    used += 16;
-    if( used <= buf_len )
-    {
-        *p++ = (unsigned char)( ( ssl->in_window_top >> 56 ) & 0xFF );
-        *p++ = (unsigned char)( ( ssl->in_window_top >> 48 ) & 0xFF );
-        *p++ = (unsigned char)( ( ssl->in_window_top >> 40 ) & 0xFF );
-        *p++ = (unsigned char)( ( ssl->in_window_top >> 32 ) & 0xFF );
-        *p++ = (unsigned char)( ( ssl->in_window_top >> 24 ) & 0xFF );
-        *p++ = (unsigned char)( ( ssl->in_window_top >> 16 ) & 0xFF );
-        *p++ = (unsigned char)( ( ssl->in_window_top >>  8 ) & 0xFF );
-        *p++ = (unsigned char)( ( ssl->in_window_top       ) & 0xFF );
-
-        *p++ = (unsigned char)( ( ssl->in_window >> 56 ) & 0xFF );
-        *p++ = (unsigned char)( ( ssl->in_window >> 48 ) & 0xFF );
-        *p++ = (unsigned char)( ( ssl->in_window >> 40 ) & 0xFF );
-        *p++ = (unsigned char)( ( ssl->in_window >> 32 ) & 0xFF );
-        *p++ = (unsigned char)( ( ssl->in_window >> 24 ) & 0xFF );
-        *p++ = (unsigned char)( ( ssl->in_window >> 16 ) & 0xFF );
-        *p++ = (unsigned char)( ( ssl->in_window >>  8 ) & 0xFF );
-        *p++ = (unsigned char)( ( ssl->in_window       ) & 0xFF );
-    }
-#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    used += 1;
-    if( used <= buf_len )
-    {
-        *p++ = ssl->disable_datagram_packing;
-    }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-    used += 8;
-    if( used <= buf_len )
-    {
-        memcpy( p, ssl->cur_out_ctr, 8 );
-        p += 8;
-    }
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    used += 2;
-    if( used <= buf_len )
-    {
-        *p++ = (unsigned char)( ( ssl->mtu >>  8 ) & 0xFF );
-        *p++ = (unsigned char)( ( ssl->mtu       ) & 0xFF );
-    }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-#if defined(MBEDTLS_SSL_ALPN)
-    {
-        const uint8_t alpn_len = ssl->alpn_chosen
-                               ? (uint8_t) strlen( ssl->alpn_chosen )
-                               : 0;
-
-        used += 1 + alpn_len;
-        if( used <= buf_len )
-        {
-            *p++ = alpn_len;
-
-            if( ssl->alpn_chosen != NULL )
-            {
-                memcpy( p, ssl->alpn_chosen, alpn_len );
-                p += alpn_len;
-            }
-        }
-    }
-#endif /* MBEDTLS_SSL_ALPN */
-
-    /*
-     * Done
-     */
-    *olen = used;
-
-    if( used > buf_len )
-        return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-
-    MBEDTLS_SSL_DEBUG_BUF( 4, "saved context", buf, used );
-
-    return( mbedtls_ssl_session_reset_int( ssl, 0 ) );
-}
-
-/*
- * Helper to get TLS 1.2 PRF from ciphersuite
- * (Duplicates bits of logic from ssl_set_handshake_prfs().)
- */
-typedef int (*tls_prf_fn)( const unsigned char *secret, size_t slen,
-                           const char *label,
-                           const unsigned char *random, size_t rlen,
-                           unsigned char *dstbuf, size_t dlen );
-static tls_prf_fn ssl_tls12prf_from_cs( int ciphersuite_id )
-{
-#if defined(MBEDTLS_SHA512_C)
-    const mbedtls_ssl_ciphersuite_t * const ciphersuite_info =
-         mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
-
-    if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
-        return( tls_prf_sha384 );
-#else
-    (void) ciphersuite_id;
-#endif
-    return( tls_prf_sha256 );
-}
-
-/*
- * Deserialize context, see mbedtls_ssl_context_save() for format.
- *
- * This internal version is wrapped by a public function that cleans up in
- * case of error.
- */
-static int ssl_context_load( mbedtls_ssl_context *ssl,
-                             const unsigned char *buf,
-                             size_t len )
-{
-    const unsigned char *p = buf;
-    const unsigned char * const end = buf + len;
-    size_t session_len;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    /*
-     * The context should have been freshly setup or reset.
-     * Give the user an error in case of obvious misuse.
-     * (Checking session is useful because it won't be NULL if we're
-     * renegotiating, or if the user mistakenly loaded a session first.)
-     */
-    if( ssl->state != MBEDTLS_SSL_HELLO_REQUEST ||
-        ssl->session != NULL )
-    {
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    /*
-     * We can't check that the config matches the initial one, but we can at
-     * least check it matches the requirements for serializing.
-     */
-    if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ||
-        ssl->conf->max_major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 ||
-        ssl->conf->min_major_ver > MBEDTLS_SSL_MAJOR_VERSION_3 ||
-        ssl->conf->max_minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ||
-        ssl->conf->min_minor_ver > MBEDTLS_SSL_MINOR_VERSION_3 ||
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-        ssl->conf->disable_renegotiation != MBEDTLS_SSL_RENEGOTIATION_DISABLED ||
-#endif
-        0 )
-    {
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-    MBEDTLS_SSL_DEBUG_BUF( 4, "context to load", buf, len );
-
-    /*
-     * Check version identifier
-     */
-    if( (size_t)( end - p ) < sizeof( ssl_serialized_context_header ) )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    if( memcmp( p, ssl_serialized_context_header,
-                sizeof( ssl_serialized_context_header ) ) != 0 )
-    {
-        return( MBEDTLS_ERR_SSL_VERSION_MISMATCH );
-    }
-    p += sizeof( ssl_serialized_context_header );
-
-    /*
-     * Session
-     */
-    if( (size_t)( end - p ) < 4 )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    session_len = ( (size_t) p[0] << 24 ) |
-                  ( (size_t) p[1] << 16 ) |
-                  ( (size_t) p[2] <<  8 ) |
-                  ( (size_t) p[3]       );
-    p += 4;
-
-    /* This has been allocated by ssl_handshake_init(), called by
-     * by either mbedtls_ssl_session_reset_int() or mbedtls_ssl_setup(). */
-    ssl->session = ssl->session_negotiate;
-    ssl->session_in = ssl->session;
-    ssl->session_out = ssl->session;
-    ssl->session_negotiate = NULL;
-
-    if( (size_t)( end - p ) < session_len )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    ret = ssl_session_load( ssl->session, 1, p, session_len );
-    if( ret != 0 )
-    {
-        mbedtls_ssl_session_free( ssl->session );
-        return( ret );
-    }
-
-    p += session_len;
-
-    /*
-     * Transform
-     */
-
-    /* This has been allocated by ssl_handshake_init(), called by
-     * by either mbedtls_ssl_session_reset_int() or mbedtls_ssl_setup(). */
-    ssl->transform = ssl->transform_negotiate;
-    ssl->transform_in = ssl->transform;
-    ssl->transform_out = ssl->transform;
-    ssl->transform_negotiate = NULL;
-
-    /* Read random bytes and populate structure */
-    if( (size_t)( end - p ) < sizeof( ssl->transform->randbytes ) )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    ret = ssl_populate_transform( ssl->transform,
-                  ssl->session->ciphersuite,
-                  ssl->session->master,
-#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-                  ssl->session->encrypt_then_mac,
-#endif
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-                  ssl->session->trunc_hmac,
-#endif
-#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-                  ssl->session->compression,
-#endif
-                  ssl_tls12prf_from_cs( ssl->session->ciphersuite ),
-                  p, /* currently pointing to randbytes */
-                  MBEDTLS_SSL_MINOR_VERSION_3, /* (D)TLS 1.2 is forced */
-                  ssl->conf->endpoint,
-                  ssl );
-    if( ret != 0 )
-        return( ret );
-
-    p += sizeof( ssl->transform->randbytes );
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    /* Read connection IDs and store them */
-    if( (size_t)( end - p ) < 1 )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    ssl->transform->in_cid_len = *p++;
-
-    if( (size_t)( end - p ) < ssl->transform->in_cid_len + 1u )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    memcpy( ssl->transform->in_cid, p, ssl->transform->in_cid_len );
-    p += ssl->transform->in_cid_len;
-
-    ssl->transform->out_cid_len = *p++;
-
-    if( (size_t)( end - p ) < ssl->transform->out_cid_len )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    memcpy( ssl->transform->out_cid, p, ssl->transform->out_cid_len );
-    p += ssl->transform->out_cid_len;
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-    /*
-     * Saved fields from top-level ssl_context structure
-     */
-#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
-    if( (size_t)( end - p ) < 4 )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    ssl->badmac_seen = ( (uint32_t) p[0] << 24 ) |
-                       ( (uint32_t) p[1] << 16 ) |
-                       ( (uint32_t) p[2] <<  8 ) |
-                       ( (uint32_t) p[3]       );
-    p += 4;
-#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
-
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-    if( (size_t)( end - p ) < 16 )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    ssl->in_window_top = ( (uint64_t) p[0] << 56 ) |
-                         ( (uint64_t) p[1] << 48 ) |
-                         ( (uint64_t) p[2] << 40 ) |
-                         ( (uint64_t) p[3] << 32 ) |
-                         ( (uint64_t) p[4] << 24 ) |
-                         ( (uint64_t) p[5] << 16 ) |
-                         ( (uint64_t) p[6] <<  8 ) |
-                         ( (uint64_t) p[7]       );
-    p += 8;
-
-    ssl->in_window = ( (uint64_t) p[0] << 56 ) |
-                     ( (uint64_t) p[1] << 48 ) |
-                     ( (uint64_t) p[2] << 40 ) |
-                     ( (uint64_t) p[3] << 32 ) |
-                     ( (uint64_t) p[4] << 24 ) |
-                     ( (uint64_t) p[5] << 16 ) |
-                     ( (uint64_t) p[6] <<  8 ) |
-                     ( (uint64_t) p[7]       );
-    p += 8;
-#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( (size_t)( end - p ) < 1 )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    ssl->disable_datagram_packing = *p++;
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-    if( (size_t)( end - p ) < 8 )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    memcpy( ssl->cur_out_ctr, p, 8 );
-    p += 8;
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( (size_t)( end - p ) < 2 )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    ssl->mtu = ( p[0] << 8 ) | p[1];
-    p += 2;
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-#if defined(MBEDTLS_SSL_ALPN)
-    {
-        uint8_t alpn_len;
-        const char **cur;
-
-        if( (size_t)( end - p ) < 1 )
-            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-        alpn_len = *p++;
-
-        if( alpn_len != 0 && ssl->conf->alpn_list != NULL )
-        {
-            /* alpn_chosen should point to an item in the configured list */
-            for( cur = ssl->conf->alpn_list; *cur != NULL; cur++ )
-            {
-                if( strlen( *cur ) == alpn_len &&
-                    memcmp( p, cur, alpn_len ) == 0 )
-                {
-                    ssl->alpn_chosen = *cur;
-                    break;
-                }
-            }
-        }
-
-        /* can only happen on conf mismatch */
-        if( alpn_len != 0 && ssl->alpn_chosen == NULL )
-            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-        p += alpn_len;
-    }
-#endif /* MBEDTLS_SSL_ALPN */
-
-    /*
-     * Forced fields from top-level ssl_context structure
-     *
-     * Most of them already set to the correct value by mbedtls_ssl_init() and
-     * mbedtls_ssl_reset(), so we only need to set the remaining ones.
-     */
-    ssl->state = MBEDTLS_SSL_HANDSHAKE_OVER;
-
-    ssl->major_ver = MBEDTLS_SSL_MAJOR_VERSION_3;
-    ssl->minor_ver = MBEDTLS_SSL_MINOR_VERSION_3;
-
-    /* Adjust pointers for header fields of outgoing records to
-     * the given transform, accounting for explicit IV and CID. */
-    mbedtls_ssl_update_out_pointers( ssl, ssl->transform );
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    ssl->in_epoch = 1;
-#endif
-
-    /* mbedtls_ssl_reset() leaves the handshake sub-structure allocated,
-     * which we don't want - otherwise we'd end up freeing the wrong transform
-     * by calling mbedtls_ssl_handshake_wrapup_free_hs_transform()
-     * inappropriately. */
-    if( ssl->handshake != NULL )
-    {
-        mbedtls_ssl_handshake_free( ssl );
-        mbedtls_free( ssl->handshake );
-        ssl->handshake = NULL;
-    }
-
-    /*
-     * Done - should have consumed entire buffer
-     */
-    if( p != end )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    return( 0 );
-}
-
-/*
- * Deserialize context: public wrapper for error cleaning
- */
-int mbedtls_ssl_context_load( mbedtls_ssl_context *context,
-                              const unsigned char *buf,
-                              size_t len )
-{
-    int ret = ssl_context_load( context, buf, len );
-
-    if( ret != 0 )
-        mbedtls_ssl_free( context );
-
-    return( ret );
-}
-#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
-
-/*
- * Free an SSL context
- */
-void mbedtls_ssl_free( mbedtls_ssl_context *ssl )
-{
-    if( ssl == NULL )
-        return;
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> free" ) );
-
-    if( ssl->out_buf != NULL )
-    {
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-        size_t out_buf_len = ssl->out_buf_len;
-#else
-        size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN;
-#endif
-
-        mbedtls_platform_zeroize( ssl->out_buf, out_buf_len );
-        mbedtls_free( ssl->out_buf );
-        ssl->out_buf = NULL;
-    }
-
-    if( ssl->in_buf != NULL )
-    {
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-        size_t in_buf_len = ssl->in_buf_len;
-#else
-        size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN;
-#endif
-
-        mbedtls_platform_zeroize( ssl->in_buf, in_buf_len );
-        mbedtls_free( ssl->in_buf );
-        ssl->in_buf = NULL;
-    }
-
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-    if( ssl->compress_buf != NULL )
-    {
-        mbedtls_platform_zeroize( ssl->compress_buf, MBEDTLS_SSL_COMPRESS_BUFFER_LEN );
-        mbedtls_free( ssl->compress_buf );
-    }
-#endif
-
-    if( ssl->transform )
-    {
-        mbedtls_ssl_transform_free( ssl->transform );
-        mbedtls_free( ssl->transform );
-    }
-
-    if( ssl->handshake )
-    {
-        mbedtls_ssl_handshake_free( ssl );
-        mbedtls_ssl_transform_free( ssl->transform_negotiate );
-        mbedtls_ssl_session_free( ssl->session_negotiate );
-
-        mbedtls_free( ssl->handshake );
-        mbedtls_free( ssl->transform_negotiate );
-        mbedtls_free( ssl->session_negotiate );
-    }
-
-    if( ssl->session )
-    {
-        mbedtls_ssl_session_free( ssl->session );
-        mbedtls_free( ssl->session );
-    }
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    if( ssl->hostname != NULL )
-    {
-        mbedtls_platform_zeroize( ssl->hostname, strlen( ssl->hostname ) );
-        mbedtls_free( ssl->hostname );
-    }
-#endif
-
-#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
-    if( mbedtls_ssl_hw_record_finish != NULL )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_finish()" ) );
-        mbedtls_ssl_hw_record_finish( ssl );
-    }
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
-    mbedtls_free( ssl->cli_id );
-#endif
-
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= free" ) );
-
-    /* Actually clear after last debug message */
-    mbedtls_platform_zeroize( ssl, sizeof( mbedtls_ssl_context ) );
-}
-
-/*
- * Initialze mbedtls_ssl_config
- */
-void mbedtls_ssl_config_init( mbedtls_ssl_config *conf )
-{
-    memset( conf, 0, sizeof( mbedtls_ssl_config ) );
-}
-
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-static int ssl_preset_default_hashes[] = {
-#if defined(MBEDTLS_SHA512_C)
-    MBEDTLS_MD_SHA512,
-    MBEDTLS_MD_SHA384,
-#endif
-#if defined(MBEDTLS_SHA256_C)
-    MBEDTLS_MD_SHA256,
-    MBEDTLS_MD_SHA224,
-#endif
-#if defined(MBEDTLS_SHA1_C) && defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE)
-    MBEDTLS_MD_SHA1,
-#endif
-    MBEDTLS_MD_NONE
-};
-#endif
-
-static int ssl_preset_suiteb_ciphersuites[] = {
-    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
-    0
-};
-
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-static int ssl_preset_suiteb_hashes[] = {
-    MBEDTLS_MD_SHA256,
-    MBEDTLS_MD_SHA384,
-    MBEDTLS_MD_NONE
-};
-#endif
-
-#if defined(MBEDTLS_ECP_C)
-static mbedtls_ecp_group_id ssl_preset_suiteb_curves[] = {
-#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
-    MBEDTLS_ECP_DP_SECP256R1,
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
-    MBEDTLS_ECP_DP_SECP384R1,
-#endif
-    MBEDTLS_ECP_DP_NONE
-};
-#endif
-
-/*
- * Load default in mbedtls_ssl_config
- */
-int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
-                                 int endpoint, int transport, int preset )
-{
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-#endif
-
-    /* Use the functions here so that they are covered in tests,
-     * but otherwise access member directly for efficiency */
-    mbedtls_ssl_conf_endpoint( conf, endpoint );
-    mbedtls_ssl_conf_transport( conf, transport );
-
-    /*
-     * Things that are common to all presets
-     */
-#if defined(MBEDTLS_SSL_CLI_C)
-    if( endpoint == MBEDTLS_SSL_IS_CLIENT )
-    {
-        conf->authmode = MBEDTLS_SSL_VERIFY_REQUIRED;
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-        conf->session_tickets = MBEDTLS_SSL_SESSION_TICKETS_ENABLED;
-#endif
-    }
-#endif
-
-#if defined(MBEDTLS_ARC4_C)
-    conf->arc4_disabled = MBEDTLS_SSL_ARC4_DISABLED;
-#endif
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-    conf->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED;
-#endif
-
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-    conf->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED;
-#endif
-
-#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
-    conf->cbc_record_splitting = MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED;
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
-    conf->f_cookie_write = ssl_cookie_write_dummy;
-    conf->f_cookie_check = ssl_cookie_check_dummy;
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-    conf->anti_replay = MBEDTLS_SSL_ANTI_REPLAY_ENABLED;
-#endif
-
-#if defined(MBEDTLS_SSL_SRV_C)
-    conf->cert_req_ca_list = MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED;
-#endif
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    conf->hs_timeout_min = MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MIN;
-    conf->hs_timeout_max = MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MAX;
-#endif
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    conf->renego_max_records = MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT;
-    memset( conf->renego_period,     0x00, 2 );
-    memset( conf->renego_period + 2, 0xFF, 6 );
-#endif
-
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
-            if( endpoint == MBEDTLS_SSL_IS_SERVER )
-            {
-                const unsigned char dhm_p[] =
-                    MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN;
-                const unsigned char dhm_g[] =
-                    MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN;
-
-                if ( ( ret = mbedtls_ssl_conf_dh_param_bin( conf,
-                                               dhm_p, sizeof( dhm_p ),
-                                               dhm_g, sizeof( dhm_g ) ) ) != 0 )
-                {
-                    return( ret );
-                }
-            }
-#endif
-
-    /*
-     * Preset-specific defaults
-     */
-    switch( preset )
-    {
-        /*
-         * NSA Suite B
-         */
-        case MBEDTLS_SSL_PRESET_SUITEB:
-            conf->min_major_ver = MBEDTLS_SSL_MAJOR_VERSION_3;
-            conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_3; /* TLS 1.2 */
-            conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION;
-            conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION;
-
-            conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] =
-            conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] =
-            conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] =
-            conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] =
-                                   ssl_preset_suiteb_ciphersuites;
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-            conf->cert_profile = &mbedtls_x509_crt_profile_suiteb;
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-            conf->sig_hashes = ssl_preset_suiteb_hashes;
-#endif
-
-#if defined(MBEDTLS_ECP_C)
-            conf->curve_list = ssl_preset_suiteb_curves;
-#endif
-            break;
-
-        /*
-         * Default
-         */
-        default:
-            conf->min_major_ver = ( MBEDTLS_SSL_MIN_MAJOR_VERSION >
-                                    MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION ) ?
-                                    MBEDTLS_SSL_MIN_MAJOR_VERSION :
-                                    MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION;
-            conf->min_minor_ver = ( MBEDTLS_SSL_MIN_MINOR_VERSION >
-                                    MBEDTLS_SSL_MIN_VALID_MINOR_VERSION ) ?
-                                    MBEDTLS_SSL_MIN_MINOR_VERSION :
-                                    MBEDTLS_SSL_MIN_VALID_MINOR_VERSION;
-            conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION;
-            conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION;
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-            if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-                conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_2;
-#endif
-
-            conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] =
-            conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] =
-            conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] =
-            conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] =
-                                   mbedtls_ssl_list_ciphersuites();
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-            conf->cert_profile = &mbedtls_x509_crt_profile_default;
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-            conf->sig_hashes = ssl_preset_default_hashes;
-#endif
-
-#if defined(MBEDTLS_ECP_C)
-            conf->curve_list = mbedtls_ecp_grp_id_list();
-#endif
-
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
-            conf->dhm_min_bitlen = 1024;
-#endif
-    }
-
-    return( 0 );
-}
-
-/*
- * Free mbedtls_ssl_config
- */
-void mbedtls_ssl_config_free( mbedtls_ssl_config *conf )
-{
-#if defined(MBEDTLS_DHM_C)
-    mbedtls_mpi_free( &conf->dhm_P );
-    mbedtls_mpi_free( &conf->dhm_G );
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-    if( conf->psk != NULL )
-    {
-        mbedtls_platform_zeroize( conf->psk, conf->psk_len );
-        mbedtls_free( conf->psk );
-        conf->psk = NULL;
-        conf->psk_len = 0;
-    }
-
-    if( conf->psk_identity != NULL )
-    {
-        mbedtls_platform_zeroize( conf->psk_identity, conf->psk_identity_len );
-        mbedtls_free( conf->psk_identity );
-        conf->psk_identity = NULL;
-        conf->psk_identity_len = 0;
-    }
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    ssl_key_cert_free( conf->key_cert );
-#endif
-
-    mbedtls_platform_zeroize( conf, sizeof( mbedtls_ssl_config ) );
-}
-
-#if defined(MBEDTLS_PK_C) && \
-    ( defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_C) )
-/*
- * Convert between MBEDTLS_PK_XXX and SSL_SIG_XXX
- */
-unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk )
-{
-#if defined(MBEDTLS_RSA_C)
-    if( mbedtls_pk_can_do( pk, MBEDTLS_PK_RSA ) )
-        return( MBEDTLS_SSL_SIG_RSA );
-#endif
-#if defined(MBEDTLS_ECDSA_C)
-    if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECDSA ) )
-        return( MBEDTLS_SSL_SIG_ECDSA );
-#endif
-    return( MBEDTLS_SSL_SIG_ANON );
-}
-
-unsigned char mbedtls_ssl_sig_from_pk_alg( mbedtls_pk_type_t type )
-{
-    switch( type ) {
-        case MBEDTLS_PK_RSA:
-            return( MBEDTLS_SSL_SIG_RSA );
-        case MBEDTLS_PK_ECDSA:
-        case MBEDTLS_PK_ECKEY:
-            return( MBEDTLS_SSL_SIG_ECDSA );
-        default:
-            return( MBEDTLS_SSL_SIG_ANON );
-    }
-}
-
-mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig )
-{
-    switch( sig )
-    {
-#if defined(MBEDTLS_RSA_C)
-        case MBEDTLS_SSL_SIG_RSA:
-            return( MBEDTLS_PK_RSA );
-#endif
-#if defined(MBEDTLS_ECDSA_C)
-        case MBEDTLS_SSL_SIG_ECDSA:
-            return( MBEDTLS_PK_ECDSA );
-#endif
-        default:
-            return( MBEDTLS_PK_NONE );
-    }
-}
-#endif /* MBEDTLS_PK_C && ( MBEDTLS_RSA_C || MBEDTLS_ECDSA_C ) */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
-    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-
-/* Find an entry in a signature-hash set matching a given hash algorithm. */
-mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find( mbedtls_ssl_sig_hash_set_t *set,
-                                                 mbedtls_pk_type_t sig_alg )
-{
-    switch( sig_alg )
-    {
-        case MBEDTLS_PK_RSA:
-            return( set->rsa );
-        case MBEDTLS_PK_ECDSA:
-            return( set->ecdsa );
-        default:
-            return( MBEDTLS_MD_NONE );
-    }
-}
-
-/* Add a signature-hash-pair to a signature-hash set */
-void mbedtls_ssl_sig_hash_set_add( mbedtls_ssl_sig_hash_set_t *set,
-                                   mbedtls_pk_type_t sig_alg,
-                                   mbedtls_md_type_t md_alg )
-{
-    switch( sig_alg )
-    {
-        case MBEDTLS_PK_RSA:
-            if( set->rsa == MBEDTLS_MD_NONE )
-                set->rsa = md_alg;
-            break;
-
-        case MBEDTLS_PK_ECDSA:
-            if( set->ecdsa == MBEDTLS_MD_NONE )
-                set->ecdsa = md_alg;
-            break;
-
-        default:
-            break;
-    }
-}
-
-/* Allow exactly one hash algorithm for each signature. */
-void mbedtls_ssl_sig_hash_set_const_hash( mbedtls_ssl_sig_hash_set_t *set,
-                                          mbedtls_md_type_t md_alg )
-{
-    set->rsa   = md_alg;
-    set->ecdsa = md_alg;
-}
-
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2) &&
-          MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
-
-/*
- * Convert from MBEDTLS_SSL_HASH_XXX to MBEDTLS_MD_XXX
- */
-mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash )
-{
-    switch( hash )
-    {
-#if defined(MBEDTLS_MD5_C)
-        case MBEDTLS_SSL_HASH_MD5:
-            return( MBEDTLS_MD_MD5 );
-#endif
-#if defined(MBEDTLS_SHA1_C)
-        case MBEDTLS_SSL_HASH_SHA1:
-            return( MBEDTLS_MD_SHA1 );
-#endif
-#if defined(MBEDTLS_SHA256_C)
-        case MBEDTLS_SSL_HASH_SHA224:
-            return( MBEDTLS_MD_SHA224 );
-        case MBEDTLS_SSL_HASH_SHA256:
-            return( MBEDTLS_MD_SHA256 );
-#endif
-#if defined(MBEDTLS_SHA512_C)
-        case MBEDTLS_SSL_HASH_SHA384:
-            return( MBEDTLS_MD_SHA384 );
-        case MBEDTLS_SSL_HASH_SHA512:
-            return( MBEDTLS_MD_SHA512 );
-#endif
-        default:
-            return( MBEDTLS_MD_NONE );
-    }
-}
-
-/*
- * Convert from MBEDTLS_MD_XXX to MBEDTLS_SSL_HASH_XXX
- */
-unsigned char mbedtls_ssl_hash_from_md_alg( int md )
-{
-    switch( md )
-    {
-#if defined(MBEDTLS_MD5_C)
-        case MBEDTLS_MD_MD5:
-            return( MBEDTLS_SSL_HASH_MD5 );
-#endif
-#if defined(MBEDTLS_SHA1_C)
-        case MBEDTLS_MD_SHA1:
-            return( MBEDTLS_SSL_HASH_SHA1 );
-#endif
-#if defined(MBEDTLS_SHA256_C)
-        case MBEDTLS_MD_SHA224:
-            return( MBEDTLS_SSL_HASH_SHA224 );
-        case MBEDTLS_MD_SHA256:
-            return( MBEDTLS_SSL_HASH_SHA256 );
-#endif
-#if defined(MBEDTLS_SHA512_C)
-        case MBEDTLS_MD_SHA384:
-            return( MBEDTLS_SSL_HASH_SHA384 );
-        case MBEDTLS_MD_SHA512:
-            return( MBEDTLS_SSL_HASH_SHA512 );
-#endif
-        default:
-            return( MBEDTLS_SSL_HASH_NONE );
-    }
-}
-
-#if defined(MBEDTLS_ECP_C)
-/*
- * Check if a curve proposed by the peer is in our list.
- * Return 0 if we're willing to use it, -1 otherwise.
- */
-int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id )
-{
-    const mbedtls_ecp_group_id *gid;
-
-    if( ssl->conf->curve_list == NULL )
-        return( -1 );
-
-    for( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ )
-        if( *gid == grp_id )
-            return( 0 );
-
-    return( -1 );
-}
-#endif /* MBEDTLS_ECP_C */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-/*
- * Check if a hash proposed by the peer is in our list.
- * Return 0 if we're willing to use it, -1 otherwise.
- */
-int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl,
-                                mbedtls_md_type_t md )
-{
-    const int *cur;
-
-    if( ssl->conf->sig_hashes == NULL )
-        return( -1 );
-
-    for( cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++ )
-        if( *cur == (int) md )
-            return( 0 );
-
-    return( -1 );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
-                          const mbedtls_ssl_ciphersuite_t *ciphersuite,
-                          int cert_endpoint,
-                          uint32_t *flags )
-{
-    int ret = 0;
-#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
-    int usage = 0;
-#endif
-#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
-    const char *ext_oid;
-    size_t ext_len;
-#endif
-
-#if !defined(MBEDTLS_X509_CHECK_KEY_USAGE) &&          \
-    !defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
-    ((void) cert);
-    ((void) cert_endpoint);
-    ((void) flags);
-#endif
-
-#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
-    if( cert_endpoint == MBEDTLS_SSL_IS_SERVER )
-    {
-        /* Server part of the key exchange */
-        switch( ciphersuite->key_exchange )
-        {
-            case MBEDTLS_KEY_EXCHANGE_RSA:
-            case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
-                usage = MBEDTLS_X509_KU_KEY_ENCIPHERMENT;
-                break;
-
-            case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
-            case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
-            case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
-                usage = MBEDTLS_X509_KU_DIGITAL_SIGNATURE;
-                break;
-
-            case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
-            case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
-                usage = MBEDTLS_X509_KU_KEY_AGREEMENT;
-                break;
-
-            /* Don't use default: we want warnings when adding new values */
-            case MBEDTLS_KEY_EXCHANGE_NONE:
-            case MBEDTLS_KEY_EXCHANGE_PSK:
-            case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
-            case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
-            case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
-                usage = 0;
-        }
-    }
-    else
-    {
-        /* Client auth: we only implement rsa_sign and mbedtls_ecdsa_sign for now */
-        usage = MBEDTLS_X509_KU_DIGITAL_SIGNATURE;
-    }
-
-    if( mbedtls_x509_crt_check_key_usage( cert, usage ) != 0 )
-    {
-        *flags |= MBEDTLS_X509_BADCERT_KEY_USAGE;
-        ret = -1;
-    }
-#else
-    ((void) ciphersuite);
-#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */
-
-#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
-    if( cert_endpoint == MBEDTLS_SSL_IS_SERVER )
-    {
-        ext_oid = MBEDTLS_OID_SERVER_AUTH;
-        ext_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_SERVER_AUTH );
-    }
-    else
-    {
-        ext_oid = MBEDTLS_OID_CLIENT_AUTH;
-        ext_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_CLIENT_AUTH );
-    }
-
-    if( mbedtls_x509_crt_check_extended_key_usage( cert, ext_oid, ext_len ) != 0 )
-    {
-        *flags |= MBEDTLS_X509_BADCERT_EXT_KEY_USAGE;
-        ret = -1;
-    }
-#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
-
-    return( ret );
-}
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md )
-{
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-    if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 )
-        return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
-
-    switch( md )
-    {
-#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
-#if defined(MBEDTLS_MD5_C)
-        case MBEDTLS_SSL_HASH_MD5:
-            return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
-#endif
-#if defined(MBEDTLS_SHA1_C)
-        case MBEDTLS_SSL_HASH_SHA1:
-            ssl->handshake->calc_verify = ssl_calc_verify_tls;
-            break;
-#endif
-#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */
-#if defined(MBEDTLS_SHA512_C)
-        case MBEDTLS_SSL_HASH_SHA384:
-            ssl->handshake->calc_verify = ssl_calc_verify_tls_sha384;
-            break;
-#endif
-#if defined(MBEDTLS_SHA256_C)
-        case MBEDTLS_SSL_HASH_SHA256:
-            ssl->handshake->calc_verify = ssl_calc_verify_tls_sha256;
-            break;
-#endif
-        default:
-            return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
-    }
-
-    return 0;
-#else /* !MBEDTLS_SSL_PROTO_TLS1_2 */
-    (void) ssl;
-    (void) md;
-
-    return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-}
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_1)
-int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl,
-                                        unsigned char *output,
-                                        unsigned char *data, size_t data_len )
-{
-    int ret = 0;
-    mbedtls_md5_context mbedtls_md5;
-    mbedtls_sha1_context mbedtls_sha1;
-
-    mbedtls_md5_init( &mbedtls_md5 );
-    mbedtls_sha1_init( &mbedtls_sha1 );
-
-    /*
-     * digitally-signed struct {
-     *     opaque md5_hash[16];
-     *     opaque sha_hash[20];
-     * };
-     *
-     * md5_hash
-     *     MD5(ClientHello.random + ServerHello.random
-     *                            + ServerParams);
-     * sha_hash
-     *     SHA(ClientHello.random + ServerHello.random
-     *                            + ServerParams);
-     */
-    if( ( ret = mbedtls_md5_starts_ret( &mbedtls_md5 ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_starts_ret", ret );
-        goto exit;
-    }
-    if( ( ret = mbedtls_md5_update_ret( &mbedtls_md5,
-                                        ssl->handshake->randbytes, 64 ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_update_ret", ret );
-        goto exit;
-    }
-    if( ( ret = mbedtls_md5_update_ret( &mbedtls_md5, data, data_len ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_update_ret", ret );
-        goto exit;
-    }
-    if( ( ret = mbedtls_md5_finish_ret( &mbedtls_md5, output ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_finish_ret", ret );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_sha1_starts_ret( &mbedtls_sha1 ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_starts_ret", ret );
-        goto exit;
-    }
-    if( ( ret = mbedtls_sha1_update_ret( &mbedtls_sha1,
-                                         ssl->handshake->randbytes, 64 ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_update_ret", ret );
-        goto exit;
-    }
-    if( ( ret = mbedtls_sha1_update_ret( &mbedtls_sha1, data,
-                                         data_len ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_update_ret", ret );
-        goto exit;
-    }
-    if( ( ret = mbedtls_sha1_finish_ret( &mbedtls_sha1,
-                                         output + 16 ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_finish_ret", ret );
-        goto exit;
-    }
-
-exit:
-    mbedtls_md5_free( &mbedtls_md5 );
-    mbedtls_sha1_free( &mbedtls_sha1 );
-
-    if( ret != 0 )
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
-
-    return( ret );
-
-}
-#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
-          MBEDTLS_SSL_PROTO_TLS1_1 */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
-    defined(MBEDTLS_SSL_PROTO_TLS1_2)
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
-                                            unsigned char *hash, size_t *hashlen,
-                                            unsigned char *data, size_t data_len,
-                                            mbedtls_md_type_t md_alg )
-{
-    psa_status_t status;
-    psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT;
-    psa_algorithm_t hash_alg = mbedtls_psa_translate_md( md_alg );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "Perform PSA-based computation of digest of ServerKeyExchange" ) );
-
-    if( ( status = psa_hash_setup( &hash_operation,
-                                   hash_alg ) ) != PSA_SUCCESS )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_setup", status );
-        goto exit;
-    }
-
-    if( ( status = psa_hash_update( &hash_operation, ssl->handshake->randbytes,
-                                    64 ) ) != PSA_SUCCESS )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_update", status );
-        goto exit;
-    }
-
-    if( ( status = psa_hash_update( &hash_operation,
-                                    data, data_len ) ) != PSA_SUCCESS )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_update", status );
-        goto exit;
-    }
-
-    if( ( status = psa_hash_finish( &hash_operation, hash, MBEDTLS_MD_MAX_SIZE,
-                                    hashlen ) ) != PSA_SUCCESS )
-    {
-         MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_finish", status );
-         goto exit;
-    }
-
-exit:
-    if( status != PSA_SUCCESS )
-    {
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
-        switch( status )
-        {
-            case PSA_ERROR_NOT_SUPPORTED:
-                return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
-            case PSA_ERROR_BAD_STATE: /* Intentional fallthrough */
-            case PSA_ERROR_BUFFER_TOO_SMALL:
-                return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-            case PSA_ERROR_INSUFFICIENT_MEMORY:
-                return( MBEDTLS_ERR_MD_ALLOC_FAILED );
-            default:
-                return( MBEDTLS_ERR_MD_HW_ACCEL_FAILED );
-        }
-    }
-    return( 0 );
-}
-
-#else
-
-int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
-                                            unsigned char *hash, size_t *hashlen,
-                                            unsigned char *data, size_t data_len,
-                                            mbedtls_md_type_t md_alg )
-{
-    int ret = 0;
-    mbedtls_md_context_t ctx;
-    const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
-    *hashlen = mbedtls_md_get_size( md_info );
-
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "Perform mbedtls-based computation of digest of ServerKeyExchange" ) );
-
-    mbedtls_md_init( &ctx );
-
-    /*
-     * digitally-signed struct {
-     *     opaque client_random[32];
-     *     opaque server_random[32];
-     *     ServerDHParams params;
-     * };
-     */
-    if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_setup", ret );
-        goto exit;
-    }
-    if( ( ret = mbedtls_md_starts( &ctx ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_starts", ret );
-        goto exit;
-    }
-    if( ( ret = mbedtls_md_update( &ctx, ssl->handshake->randbytes, 64 ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_update", ret );
-        goto exit;
-    }
-    if( ( ret = mbedtls_md_update( &ctx, data, data_len ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_update", ret );
-        goto exit;
-    }
-    if( ( ret = mbedtls_md_finish( &ctx, hash ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_finish", ret );
-        goto exit;
-    }
-
-exit:
-    mbedtls_md_free( &ctx );
-
-    if( ret != 0 )
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
-
-    return( ret );
-}
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
-          MBEDTLS_SSL_PROTO_TLS1_2 */
-
-#endif /* MBEDTLS_SSL_TLS_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/ssl_tls13_keys.c b/3rdparty/mbedtls-2.25.0/library/ssl_tls13_keys.c
deleted file mode 100644
index c39e032..0000000
--- a/3rdparty/mbedtls-2.25.0/library/ssl_tls13_keys.c
+++ /dev/null
@@ -1,349 +0,0 @@
-/*
- *  TLS 1.3 key schedule
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 ( the "License" ); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
-
-#include "mbedtls/hkdf.h"
-#include "mbedtls/ssl_internal.h"
-#include "ssl_tls13_keys.h"
-
-#include <stdint.h>
-#include <string.h>
-
-#define MBEDTLS_SSL_TLS1_3_LABEL( name, string )       \
-    .name = string,
-
-struct mbedtls_ssl_tls1_3_labels_struct const mbedtls_ssl_tls1_3_labels =
-{
-    /* This seems to work in C, despite the string literal being one
-     * character too long due to the 0-termination. */
-    MBEDTLS_SSL_TLS1_3_LABEL_LIST
-};
-
-#undef MBEDTLS_SSL_TLS1_3_LABEL
-
-/*
- * This function creates a HkdfLabel structure used in the TLS 1.3 key schedule.
- *
- * The HkdfLabel is specified in RFC 8446 as follows:
- *
- * struct HkdfLabel {
- *   uint16 length;            // Length of expanded key material
- *   opaque label<7..255>;     // Always prefixed by "tls13 "
- *   opaque context<0..255>;   // Usually a communication transcript hash
- * };
- *
- * Parameters:
- * - desired_length: Length of expanded key material
- *                   Even though the standard allows expansion to up to
- *                   2**16 Bytes, TLS 1.3 never uses expansion to more than
- *                   255 Bytes, so we require `desired_length` to be at most
- *                   255. This allows us to save a few Bytes of code by
- *                   hardcoding the writing of the high bytes.
- * - (label, llen): label + label length, without "tls13 " prefix
- *                  The label length MUST be less than or equal to
- *                  MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN
- *                  It is the caller's responsibility to ensure this.
- *                  All (label, label length) pairs used in TLS 1.3
- *                  can be obtained via MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN().
- * - (ctx, clen): context + context length
- *                The context length MUST be less than or equal to
- *                MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN
- *                It is the caller's responsibility to ensure this.
- * - dst: Target buffer for HkdfLabel structure,
- *        This MUST be a writable buffer of size
- *        at least SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN Bytes.
- * - dlen: Pointer at which to store the actual length of
- *         the HkdfLabel structure on success.
- */
-
-static const char tls1_3_label_prefix[6] = "tls13 ";
-
-#define SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN( label_len, context_len ) \
-    (   2                  /* expansion length           */ \
-      + 1                  /* label length               */ \
-      + label_len                                           \
-      + 1                  /* context length             */ \
-      + context_len )
-
-#define SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN                      \
-    SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN(                             \
-                     sizeof(tls1_3_label_prefix) +                      \
-                     MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN,     \
-                     MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN )
-
-static void ssl_tls1_3_hkdf_encode_label(
-                            size_t desired_length,
-                            const unsigned char *label, size_t llen,
-                            const unsigned char *ctx, size_t clen,
-                            unsigned char *dst, size_t *dlen )
-{
-    size_t total_label_len =
-        sizeof(tls1_3_label_prefix) + llen;
-    size_t total_hkdf_lbl_len =
-        SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN( total_label_len, clen );
-
-    unsigned char *p = dst;
-
-    /* Add the size of the expanded key material.
-     * We're hardcoding the high byte to 0 here assuming that we never use
-     * TLS 1.3 HKDF key expansion to more than 255 Bytes. */
-#if MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN > 255
-#error "The implementation of ssl_tls1_3_hkdf_encode_label() is not fit for the \
-        value of MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN"
-#endif
-
-    *p++ = 0;
-    *p++ = (unsigned char)( ( desired_length >> 0 ) & 0xFF );
-
-    /* Add label incl. prefix */
-    *p++ = (unsigned char)( total_label_len & 0xFF );
-    memcpy( p, tls1_3_label_prefix, sizeof(tls1_3_label_prefix) );
-    p += sizeof(tls1_3_label_prefix);
-    memcpy( p, label, llen );
-    p += llen;
-
-    /* Add context value */
-    *p++ = (unsigned char)( clen & 0xFF );
-    if( clen != 0 )
-        memcpy( p, ctx, clen );
-
-    /* Return total length to the caller.  */
-    *dlen = total_hkdf_lbl_len;
-}
-
-int mbedtls_ssl_tls1_3_hkdf_expand_label(
-                     mbedtls_md_type_t hash_alg,
-                     const unsigned char *secret, size_t slen,
-                     const unsigned char *label, size_t llen,
-                     const unsigned char *ctx, size_t clen,
-                     unsigned char *buf, size_t blen )
-{
-    const mbedtls_md_info_t *md;
-    unsigned char hkdf_label[ SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN ];
-    size_t hkdf_label_len;
-
-    if( llen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN )
-    {
-        /* Should never happen since this is an internal
-         * function, and we know statically which labels
-         * are allowed. */
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    if( clen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN )
-    {
-        /* Should not happen, as above. */
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    if( blen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN )
-    {
-        /* Should not happen, as above. */
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-
-    md = mbedtls_md_info_from_type( hash_alg );
-    if( md == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    ssl_tls1_3_hkdf_encode_label( blen,
-                                  label, llen,
-                                  ctx, clen,
-                                  hkdf_label,
-                                  &hkdf_label_len );
-
-    return( mbedtls_hkdf_expand( md,
-                                 secret, slen,
-                                 hkdf_label, hkdf_label_len,
-                                 buf, blen ) );
-}
-
-/*
- * The traffic keying material is generated from the following inputs:
- *
- *  - One secret value per sender.
- *  - A purpose value indicating the specific value being generated
- *  - The desired lengths of key and IV.
- *
- * The expansion itself is based on HKDF:
- *
- *   [sender]_write_key = HKDF-Expand-Label( Secret, "key", "", key_length )
- *   [sender]_write_iv  = HKDF-Expand-Label( Secret, "iv" , "", iv_length )
- *
- * [sender] denotes the sending side and the Secret value is provided
- * by the function caller. Note that we generate server and client side
- * keys in a single function call.
- */
-int mbedtls_ssl_tls1_3_make_traffic_keys(
-                     mbedtls_md_type_t hash_alg,
-                     const unsigned char *client_secret,
-                     const unsigned char *server_secret,
-                     size_t slen, size_t key_len, size_t iv_len,
-                     mbedtls_ssl_key_set *keys )
-{
-    int ret = 0;
-
-    ret = mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg,
-                    client_secret, slen,
-                    MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( key ),
-                    NULL, 0,
-                    keys->client_write_key, key_len );
-    if( ret != 0 )
-        return( ret );
-
-    ret = mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg,
-                    server_secret, slen,
-                    MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( key ),
-                    NULL, 0,
-                    keys->server_write_key, key_len );
-    if( ret != 0 )
-        return( ret );
-
-    ret = mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg,
-                    client_secret, slen,
-                    MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( iv ),
-                    NULL, 0,
-                    keys->client_write_iv, iv_len );
-    if( ret != 0 )
-        return( ret );
-
-    ret = mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg,
-                    server_secret, slen,
-                    MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( iv ),
-                    NULL, 0,
-                    keys->server_write_iv, iv_len );
-    if( ret != 0 )
-        return( ret );
-
-    keys->key_len = key_len;
-    keys->iv_len = iv_len;
-
-    return( 0 );
-}
-
-int mbedtls_ssl_tls1_3_derive_secret(
-                   mbedtls_md_type_t hash_alg,
-                   const unsigned char *secret, size_t slen,
-                   const unsigned char *label, size_t llen,
-                   const unsigned char *ctx, size_t clen,
-                   int ctx_hashed,
-                   unsigned char *dstbuf, size_t buflen )
-{
-    int ret;
-    unsigned char hashed_context[ MBEDTLS_MD_MAX_SIZE ];
-
-    const mbedtls_md_info_t *md;
-    md = mbedtls_md_info_from_type( hash_alg );
-    if( md == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    if( ctx_hashed == MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED )
-    {
-        ret = mbedtls_md( md, ctx, clen, hashed_context );
-        if( ret != 0 )
-            return( ret );
-        clen = mbedtls_md_get_size( md );
-    }
-    else
-    {
-        if( clen > sizeof(hashed_context) )
-        {
-            /* This should never happen since this function is internal
-             * and the code sets `ctx_hashed` correctly.
-             * Let's double-check nonetheless to not run at the risk
-             * of getting a stack overflow. */
-            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-        }
-
-        memcpy( hashed_context, ctx, clen );
-    }
-
-    return( mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg,
-                                                  secret, slen,
-                                                  label, llen,
-                                                  hashed_context, clen,
-                                                  dstbuf, buflen ) );
-}
-
-int mbedtls_ssl_tls1_3_evolve_secret(
-                   mbedtls_md_type_t hash_alg,
-                   const unsigned char *secret_old,
-                   const unsigned char *input, size_t input_len,
-                   unsigned char *secret_new )
-{
-    int ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
-    size_t hlen, ilen;
-    unsigned char tmp_secret[ MBEDTLS_MD_MAX_SIZE ] = { 0 };
-    unsigned char tmp_input [ MBEDTLS_MD_MAX_SIZE ] = { 0 };
-
-    const mbedtls_md_info_t *md;
-    md = mbedtls_md_info_from_type( hash_alg );
-    if( md == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    hlen = mbedtls_md_get_size( md );
-
-    /* For non-initial runs, call Derive-Secret( ., "derived", "")
-     * on the old secret. */
-    if( secret_old != NULL )
-    {
-        ret = mbedtls_ssl_tls1_3_derive_secret(
-                   hash_alg,
-                   secret_old, hlen,
-                   MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( derived ),
-                   NULL, 0, /* context */
-                   MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED,
-                   tmp_secret, hlen );
-        if( ret != 0 )
-            goto cleanup;
-    }
-
-    if( input != NULL )
-    {
-        memcpy( tmp_input, input, input_len );
-        ilen = input_len;
-    }
-    else
-    {
-        ilen = hlen;
-    }
-
-    /* HKDF-Extract takes a salt and input key material.
-     * The salt is the old secret, and the input key material
-     * is the input secret (PSK / ECDHE). */
-    ret = mbedtls_hkdf_extract( md,
-                    tmp_secret, hlen,
-                    tmp_input, ilen,
-                    secret_new );
-    if( ret != 0 )
-        goto cleanup;
-
-    ret = 0;
-
- cleanup:
-
-    mbedtls_platform_zeroize( tmp_secret, sizeof(tmp_secret) );
-    mbedtls_platform_zeroize( tmp_input,  sizeof(tmp_input)  );
-    return( ret );
-}
-
-#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
diff --git a/3rdparty/mbedtls-2.25.0/library/ssl_tls13_keys.h b/3rdparty/mbedtls-2.25.0/library/ssl_tls13_keys.h
deleted file mode 100644
index 7089049..0000000
--- a/3rdparty/mbedtls-2.25.0/library/ssl_tls13_keys.h
+++ /dev/null
@@ -1,274 +0,0 @@
-/*
- *  TLS 1.3 key schedule
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 ( the "License" ); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-#if !defined(MBEDTLS_SSL_TLS1_3_KEYS_H)
-#define MBEDTLS_SSL_TLS1_3_KEYS_H
-
-/* This requires MBEDTLS_SSL_TLS1_3_LABEL( idx, name, string ) to be defined at
- * the point of use. See e.g. the definition of mbedtls_ssl_tls1_3_labels_union
- * below. */
-#define MBEDTLS_SSL_TLS1_3_LABEL_LIST                               \
-    MBEDTLS_SSL_TLS1_3_LABEL( finished    , "finished"     ) \
-    MBEDTLS_SSL_TLS1_3_LABEL( resumption  , "resumption"   ) \
-    MBEDTLS_SSL_TLS1_3_LABEL( traffic_upd , "traffic upd"  ) \
-    MBEDTLS_SSL_TLS1_3_LABEL( exporter    , "exporter"     ) \
-    MBEDTLS_SSL_TLS1_3_LABEL( key         , "key"          ) \
-    MBEDTLS_SSL_TLS1_3_LABEL( iv          , "iv"           ) \
-    MBEDTLS_SSL_TLS1_3_LABEL( c_hs_traffic, "c hs traffic" ) \
-    MBEDTLS_SSL_TLS1_3_LABEL( c_ap_traffic, "c ap traffic" ) \
-    MBEDTLS_SSL_TLS1_3_LABEL( c_e_traffic , "c e traffic"  ) \
-    MBEDTLS_SSL_TLS1_3_LABEL( s_hs_traffic, "s hs traffic" ) \
-    MBEDTLS_SSL_TLS1_3_LABEL( s_ap_traffic, "s ap traffic" ) \
-    MBEDTLS_SSL_TLS1_3_LABEL( s_e_traffic , "s e traffic"  ) \
-    MBEDTLS_SSL_TLS1_3_LABEL( e_exp_master, "e exp master" ) \
-    MBEDTLS_SSL_TLS1_3_LABEL( res_master  , "res master"   ) \
-    MBEDTLS_SSL_TLS1_3_LABEL( exp_master  , "exp master"   ) \
-    MBEDTLS_SSL_TLS1_3_LABEL( ext_binder  , "ext binder"   ) \
-    MBEDTLS_SSL_TLS1_3_LABEL( res_binder  , "res binder"   ) \
-    MBEDTLS_SSL_TLS1_3_LABEL( derived     , "derived"      )
-
-#define MBEDTLS_SSL_TLS1_3_LABEL( name, string )       \
-    const unsigned char name    [ sizeof(string) - 1 ];
-
-union mbedtls_ssl_tls1_3_labels_union
-{
-    MBEDTLS_SSL_TLS1_3_LABEL_LIST
-};
-struct mbedtls_ssl_tls1_3_labels_struct
-{
-    MBEDTLS_SSL_TLS1_3_LABEL_LIST
-};
-#undef MBEDTLS_SSL_TLS1_3_LABEL
-
-extern const struct mbedtls_ssl_tls1_3_labels_struct mbedtls_ssl_tls1_3_labels;
-
-#define MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( LABEL )  \
-    mbedtls_ssl_tls1_3_labels.LABEL,              \
-    sizeof(mbedtls_ssl_tls1_3_labels.LABEL)
-
-#define MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN  \
-    sizeof( union mbedtls_ssl_tls1_3_labels_union )
-
-/* The maximum length of HKDF contexts used in the TLS 1.3 standard.
- * Since contexts are always hashes of message transcripts, this can
- * be approximated from above by the maximum hash size. */
-#define MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN  \
-    MBEDTLS_MD_MAX_SIZE
-
-/* Maximum desired length for expanded key material generated
- * by HKDF-Expand-Label.
- *
- * Warning: If this ever needs to be increased, the implementation
- * ssl_tls1_3_hkdf_encode_label() in ssl_tls13_keys.c needs to be
- * adjusted since it currently assumes that HKDF key expansion
- * is never used with more than 255 Bytes of output. */
-#define MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN 255
-
-/**
- * \brief           The \c HKDF-Expand-Label function from
- *                  the TLS 1.3 standard RFC 8446.
- *
- * <tt>
- *                  HKDF-Expand-Label( Secret, Label, Context, Length ) =
- *                       HKDF-Expand( Secret, HkdfLabel, Length )
- * </tt>
- *
- * \param hash_alg  The identifier for the hash algorithm to use.
- * \param secret    The \c Secret argument to \c HKDF-Expand-Label.
- *                  This must be a readable buffer of length \p slen Bytes.
- * \param slen      The length of \p secret in Bytes.
- * \param label     The \c Label argument to \c HKDF-Expand-Label.
- *                  This must be a readable buffer of length \p llen Bytes.
- * \param llen      The length of \p label in Bytes.
- * \param ctx       The \c Context argument to \c HKDF-Expand-Label.
- *                  This must be a readable buffer of length \p clen Bytes.
- * \param clen      The length of \p context in Bytes.
- * \param buf       The destination buffer to hold the expanded secret.
- *                  This must be a writable buffer of length \p blen Bytes.
- * \param blen      The desired size of the expanded secret in Bytes.
- *
- * \returns         \c 0 on success.
- * \return          A negative error code on failure.
- */
-
-int mbedtls_ssl_tls1_3_hkdf_expand_label(
-                     mbedtls_md_type_t hash_alg,
-                     const unsigned char *secret, size_t slen,
-                     const unsigned char *label, size_t llen,
-                     const unsigned char *ctx, size_t clen,
-                     unsigned char *buf, size_t blen );
-
-/**
- * \brief           This function is part of the TLS 1.3 key schedule.
- *                  It extracts key and IV for the actual client/server traffic
- *                  from the client/server traffic secrets.
- *
- * From RFC 8446:
- *
- * <tt>
- *   [sender]_write_key = HKDF-Expand-Label(Secret, "key", "", key_length)
- *   [sender]_write_iv  = HKDF-Expand-Label(Secret, "iv", "", iv_length)*
- * </tt>
- *
- * \param hash_alg      The identifier for the hash algorithm to be used
- *                      for the HKDF-based expansion of the secret.
- * \param client_secret The client traffic secret.
- *                      This must be a readable buffer of size \p slen Bytes
- * \param server_secret The server traffic secret.
- *                      This must be a readable buffer of size \p slen Bytes
- * \param slen          Length of the secrets \p client_secret and
- *                      \p server_secret in Bytes.
- * \param key_len       The desired length of the key to be extracted in Bytes.
- * \param iv_len        The desired length of the IV to be extracted in Bytes.
- * \param keys          The address of the structure holding the generated
- *                      keys and IVs.
- *
- * \returns             \c 0 on success.
- * \returns             A negative error code on failure.
- */
-
-int mbedtls_ssl_tls1_3_make_traffic_keys(
-                     mbedtls_md_type_t hash_alg,
-                     const unsigned char *client_secret,
-                     const unsigned char *server_secret,
-                     size_t slen, size_t key_len, size_t iv_len,
-                     mbedtls_ssl_key_set *keys );
-
-
-#define MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED 0
-#define MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED   1
-
-/**
- * \brief The \c Derive-Secret function from the TLS 1.3 standard RFC 8446.
- *
- * <tt>
- *   Derive-Secret( Secret, Label, Messages ) =
- *      HKDF-Expand-Label( Secret, Label,
- *                         Hash( Messages ),
- *                         Hash.Length ) )
- * </tt>
- *
- * \param hash_alg   The identifier for the hash function used for the
- *                   applications of HKDF.
- * \param secret     The \c Secret argument to the \c Derive-Secret function.
- *                   This must be a readable buffer of length \p slen Bytes.
- * \param slen       The length of \p secret in Bytes.
- * \param label      The \c Label argument to the \c Derive-Secret function.
- *                   This must be a readable buffer of length \p llen Bytes.
- * \param llen       The length of \p label in Bytes.
- * \param ctx        The hash of the \c Messages argument to the
- *                   \c Derive-Secret function, or the \c Messages argument
- *                   itself, depending on \p context_already_hashed.
- * \param clen       The length of \p hash.
- * \param ctx_hashed This indicates whether the \p ctx contains the hash of
- *                   the \c Messages argument in the application of the
- *                   \c Derive-Secret function
- *                   (value MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED), or whether
- *                   it is the content of \c Messages itself, in which case
- *                   the function takes care of the hashing
- *                   (value MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED).
- * \param dstbuf     The target buffer to write the output of
- *                   \c Derive-Secret to. This must be a writable buffer of
- *                   size \p buflen Bytes.
- * \param buflen     The length of \p dstbuf in Bytes.
- *
- * \returns        \c 0 on success.
- * \returns        A negative error code on failure.
- */
-int mbedtls_ssl_tls1_3_derive_secret(
-                   mbedtls_md_type_t hash_alg,
-                   const unsigned char *secret, size_t slen,
-                   const unsigned char *label, size_t llen,
-                   const unsigned char *ctx, size_t clen,
-                   int ctx_hashed,
-                   unsigned char *dstbuf, size_t buflen );
-
-/**
- * \brief Compute the next secret in the TLS 1.3 key schedule
- *
- * The TLS 1.3 key schedule proceeds as follows to compute
- * the three main secrets during the handshake: The early
- * secret for early data, the handshake secret for all
- * other encrypted handshake messages, and the master
- * secret for all application traffic.
- *
- * <tt>
- *                    0
- *                    |
- *                    v
- *     PSK ->  HKDF-Extract = Early Secret
- *                    |
- *                    v
- *     Derive-Secret( ., "derived", "" )
- *                    |
- *                    v
- *  (EC)DHE -> HKDF-Extract = Handshake Secret
- *                    |
- *                    v
- *     Derive-Secret( ., "derived", "" )
- *                    |
- *                    v
- *     0 -> HKDF-Extract = Master Secret
- * </tt>
- *
- * Each of the three secrets in turn is the basis for further
- * key derivations, such as the derivation of traffic keys and IVs;
- * see e.g. mbedtls_ssl_tls1_3_make_traffic_keys().
- *
- * This function implements one step in this evolution of secrets:
- *
- * <tt>
- *                old_secret
- *                    |
- *                    v
- *     Derive-Secret( ., "derived", "" )
- *                    |
- *                    v
- *     input -> HKDF-Extract = new_secret
- * </tt>
- *
- * \param hash_alg    The identifier for the hash function used for the
- *                    applications of HKDF.
- * \param secret_old  The address of the buffer holding the old secret
- *                    on function entry. If not \c NULL, this must be a
- *                    readable buffer whose size matches the output size
- *                    of the hash function represented by \p hash_alg.
- *                    If \c NULL, an all \c 0 array will be used instead.
- * \param input       The address of the buffer holding the additional
- *                    input for the key derivation (e.g., the PSK or the
- *                    ephemeral (EC)DH secret). If not \c NULL, this must be
- *                    a readable buffer whose size \p input_len Bytes.
- *                    If \c NULL, an all \c 0 array will be used instead.
- * \param input_len   The length of \p input in Bytes.
- * \param secret_new  The address of the buffer holding the new secret
- *                    on function exit. This must be a writable buffer
- *                    whose size matches the output size of the hash
- *                    function represented by \p hash_alg.
- *                    This may be the same as \p secret_old.
- *
- * \returns           \c 0 on success.
- * \returns           A negative error code on failure.
- */
-
-int mbedtls_ssl_tls1_3_evolve_secret(
-                   mbedtls_md_type_t hash_alg,
-                   const unsigned char *secret_old,
-                   const unsigned char *input, size_t input_len,
-                   unsigned char *secret_new );
-
-#endif /* MBEDTLS_SSL_TLS1_3_KEYS_H */
diff --git a/3rdparty/mbedtls-2.25.0/library/threading.c b/3rdparty/mbedtls-2.25.0/library/threading.c
deleted file mode 100644
index 2bb932d..0000000
--- a/3rdparty/mbedtls-2.25.0/library/threading.c
+++ /dev/null
@@ -1,181 +0,0 @@
-/*
- *  Threading abstraction layer
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- * Ensure gmtime_r is available even with -std=c99; must be defined before
- * config.h, which pulls in glibc's features.h. Harmless on other platforms.
- */
-#if !defined(_POSIX_C_SOURCE)
-#define _POSIX_C_SOURCE 200112L
-#endif
-
-#include "common.h"
-
-#if defined(MBEDTLS_THREADING_C)
-
-#include "mbedtls/threading.h"
-
-#if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_PLATFORM_GMTIME_R_ALT)
-
-#if !defined(_WIN32) && (defined(unix) || \
-    defined(__unix) || defined(__unix__) || (defined(__APPLE__) && \
-    defined(__MACH__)))
-#include <unistd.h>
-#endif /* !_WIN32 && (unix || __unix || __unix__ ||
-        * (__APPLE__ && __MACH__)) */
-
-#if !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) ||     \
-       ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) &&                     \
-         _POSIX_THREAD_SAFE_FUNCTIONS >= 200112L ) )
-/*
- * This is a convenience shorthand macro to avoid checking the long
- * preprocessor conditions above. Ideally, we could expose this macro in
- * platform_util.h and simply use it in platform_util.c, threading.c and
- * threading.h. However, this macro is not part of the Mbed TLS public API, so
- * we keep it private by only defining it in this file
- */
-
-#if ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) )
-#define THREADING_USE_GMTIME
-#endif /* ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) ) */
-
-#endif /* !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) ||     \
-             ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) &&                     \
-                _POSIX_THREAD_SAFE_FUNCTIONS >= 200112L ) ) */
-
-#endif /* MBEDTLS_HAVE_TIME_DATE && !MBEDTLS_PLATFORM_GMTIME_R_ALT */
-
-#if defined(MBEDTLS_THREADING_PTHREAD)
-static void threading_mutex_init_pthread( mbedtls_threading_mutex_t *mutex )
-{
-    if( mutex == NULL )
-        return;
-
-    mutex->is_valid = pthread_mutex_init( &mutex->mutex, NULL ) == 0;
-}
-
-static void threading_mutex_free_pthread( mbedtls_threading_mutex_t *mutex )
-{
-    if( mutex == NULL || !mutex->is_valid )
-        return;
-
-    (void) pthread_mutex_destroy( &mutex->mutex );
-    mutex->is_valid = 0;
-}
-
-static int threading_mutex_lock_pthread( mbedtls_threading_mutex_t *mutex )
-{
-    if( mutex == NULL || ! mutex->is_valid )
-        return( MBEDTLS_ERR_THREADING_BAD_INPUT_DATA );
-
-    if( pthread_mutex_lock( &mutex->mutex ) != 0 )
-        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
-
-    return( 0 );
-}
-
-static int threading_mutex_unlock_pthread( mbedtls_threading_mutex_t *mutex )
-{
-    if( mutex == NULL || ! mutex->is_valid )
-        return( MBEDTLS_ERR_THREADING_BAD_INPUT_DATA );
-
-    if( pthread_mutex_unlock( &mutex->mutex ) != 0 )
-        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
-
-    return( 0 );
-}
-
-void (*mbedtls_mutex_init)( mbedtls_threading_mutex_t * ) = threading_mutex_init_pthread;
-void (*mbedtls_mutex_free)( mbedtls_threading_mutex_t * ) = threading_mutex_free_pthread;
-int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t * ) = threading_mutex_lock_pthread;
-int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t * ) = threading_mutex_unlock_pthread;
-
-/*
- * With phtreads we can statically initialize mutexes
- */
-#define MUTEX_INIT  = { PTHREAD_MUTEX_INITIALIZER, 1 }
-
-#endif /* MBEDTLS_THREADING_PTHREAD */
-
-#if defined(MBEDTLS_THREADING_ALT)
-static int threading_mutex_fail( mbedtls_threading_mutex_t *mutex )
-{
-    ((void) mutex );
-    return( MBEDTLS_ERR_THREADING_BAD_INPUT_DATA );
-}
-static void threading_mutex_dummy( mbedtls_threading_mutex_t *mutex )
-{
-    ((void) mutex );
-    return;
-}
-
-void (*mbedtls_mutex_init)( mbedtls_threading_mutex_t * ) = threading_mutex_dummy;
-void (*mbedtls_mutex_free)( mbedtls_threading_mutex_t * ) = threading_mutex_dummy;
-int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t * ) = threading_mutex_fail;
-int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t * ) = threading_mutex_fail;
-
-/*
- * Set functions pointers and initialize global mutexes
- */
-void mbedtls_threading_set_alt( void (*mutex_init)( mbedtls_threading_mutex_t * ),
-                       void (*mutex_free)( mbedtls_threading_mutex_t * ),
-                       int (*mutex_lock)( mbedtls_threading_mutex_t * ),
-                       int (*mutex_unlock)( mbedtls_threading_mutex_t * ) )
-{
-    mbedtls_mutex_init = mutex_init;
-    mbedtls_mutex_free = mutex_free;
-    mbedtls_mutex_lock = mutex_lock;
-    mbedtls_mutex_unlock = mutex_unlock;
-
-#if defined(MBEDTLS_FS_IO)
-    mbedtls_mutex_init( &mbedtls_threading_readdir_mutex );
-#endif
-#if defined(THREADING_USE_GMTIME)
-    mbedtls_mutex_init( &mbedtls_threading_gmtime_mutex );
-#endif
-}
-
-/*
- * Free global mutexes
- */
-void mbedtls_threading_free_alt( void )
-{
-#if defined(MBEDTLS_FS_IO)
-    mbedtls_mutex_free( &mbedtls_threading_readdir_mutex );
-#endif
-#if defined(THREADING_USE_GMTIME)
-    mbedtls_mutex_free( &mbedtls_threading_gmtime_mutex );
-#endif
-}
-#endif /* MBEDTLS_THREADING_ALT */
-
-/*
- * Define global mutexes
- */
-#ifndef MUTEX_INIT
-#define MUTEX_INIT
-#endif
-#if defined(MBEDTLS_FS_IO)
-mbedtls_threading_mutex_t mbedtls_threading_readdir_mutex MUTEX_INIT;
-#endif
-#if defined(THREADING_USE_GMTIME)
-mbedtls_threading_mutex_t mbedtls_threading_gmtime_mutex MUTEX_INIT;
-#endif
-
-#endif /* MBEDTLS_THREADING_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/timing.c b/3rdparty/mbedtls-2.25.0/library/timing.c
deleted file mode 100644
index eb41461..0000000
--- a/3rdparty/mbedtls-2.25.0/library/timing.c
+++ /dev/null
@@ -1,530 +0,0 @@
-/*
- *  Portable interface to the CPU cycle counter
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf     printf
-#endif
-
-#if defined(MBEDTLS_TIMING_C)
-
-#include "mbedtls/timing.h"
-
-#if !defined(MBEDTLS_TIMING_ALT)
-
-#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \
-    !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \
-    !defined(__HAIKU__) && !defined(__midipix__)
-#error "This module only works on Unix and Windows, see MBEDTLS_TIMING_C in config.h"
-#endif
-
-#ifndef asm
-#define asm __asm
-#endif
-
-#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
-
-#include <windows.h>
-#include <process.h>
-
-struct _hr_time
-{
-    LARGE_INTEGER start;
-};
-
-#else
-
-#include <unistd.h>
-#include <sys/types.h>
-#include <sys/time.h>
-#include <signal.h>
-#include <time.h>
-
-struct _hr_time
-{
-    struct timeval start;
-};
-
-#endif /* _WIN32 && !EFIX64 && !EFI32 */
-
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
-    ( defined(_MSC_VER) && defined(_M_IX86) ) || defined(__WATCOMC__)
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
-    unsigned long tsc;
-    __asm   rdtsc
-    __asm   mov  [tsc], eax
-    return( tsc );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
-          ( _MSC_VER && _M_IX86 ) || __WATCOMC__ */
-
-/* some versions of mingw-64 have 32-bit longs even on x84_64 */
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
-    defined(__GNUC__) && ( defined(__i386__) || (                       \
-    ( defined(__amd64__) || defined( __x86_64__) ) && __SIZEOF_LONG__ == 4 ) )
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
-    unsigned long lo, hi;
-    asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) );
-    return( lo );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
-          __GNUC__ && __i386__ */
-
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
-    defined(__GNUC__) && ( defined(__amd64__) || defined(__x86_64__) )
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
-    unsigned long lo, hi;
-    asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) );
-    return( lo | ( hi << 32 ) );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
-          __GNUC__ && ( __amd64__ || __x86_64__ ) */
-
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
-    defined(__GNUC__) && ( defined(__powerpc__) || defined(__ppc__) )
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
-    unsigned long tbl, tbu0, tbu1;
-
-    do
-    {
-        asm volatile( "mftbu %0" : "=r" (tbu0) );
-        asm volatile( "mftb  %0" : "=r" (tbl ) );
-        asm volatile( "mftbu %0" : "=r" (tbu1) );
-    }
-    while( tbu0 != tbu1 );
-
-    return( tbl );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
-          __GNUC__ && ( __powerpc__ || __ppc__ ) */
-
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
-    defined(__GNUC__) && defined(__sparc64__)
-
-#if defined(__OpenBSD__)
-#warning OpenBSD does not allow access to tick register using software version instead
-#else
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
-    unsigned long tick;
-    asm volatile( "rdpr %%tick, %0;" : "=&r" (tick) );
-    return( tick );
-}
-#endif /* __OpenBSD__ */
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
-          __GNUC__ && __sparc64__ */
-
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
-    defined(__GNUC__) && defined(__sparc__) && !defined(__sparc64__)
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
-    unsigned long tick;
-    asm volatile( ".byte 0x83, 0x41, 0x00, 0x00" );
-    asm volatile( "mov   %%g1, %0" : "=r" (tick) );
-    return( tick );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
-          __GNUC__ && __sparc__ && !__sparc64__ */
-
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&      \
-    defined(__GNUC__) && defined(__alpha__)
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
-    unsigned long cc;
-    asm volatile( "rpcc %0" : "=r" (cc) );
-    return( cc & 0xFFFFFFFF );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
-          __GNUC__ && __alpha__ */
-
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&      \
-    defined(__GNUC__) && defined(__ia64__)
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
-    unsigned long itc;
-    asm volatile( "mov %0 = ar.itc" : "=r" (itc) );
-    return( itc );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
-          __GNUC__ && __ia64__ */
-
-#if !defined(HAVE_HARDCLOCK) && defined(_MSC_VER) && \
-    !defined(EFIX64) && !defined(EFI32)
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
-    LARGE_INTEGER offset;
-
-    QueryPerformanceCounter( &offset );
-
-    return( (unsigned long)( offset.QuadPart ) );
-}
-#endif /* !HAVE_HARDCLOCK && _MSC_VER && !EFIX64 && !EFI32 */
-
-#if !defined(HAVE_HARDCLOCK)
-
-#define HAVE_HARDCLOCK
-
-static int hardclock_init = 0;
-static struct timeval tv_init;
-
-unsigned long mbedtls_timing_hardclock( void )
-{
-    struct timeval tv_cur;
-
-    if( hardclock_init == 0 )
-    {
-        gettimeofday( &tv_init, NULL );
-        hardclock_init = 1;
-    }
-
-    gettimeofday( &tv_cur, NULL );
-    return( ( tv_cur.tv_sec  - tv_init.tv_sec  ) * 1000000
-          + ( tv_cur.tv_usec - tv_init.tv_usec ) );
-}
-#endif /* !HAVE_HARDCLOCK */
-
-volatile int mbedtls_timing_alarmed = 0;
-
-#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
-
-unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset )
-{
-    struct _hr_time *t = (struct _hr_time *) val;
-
-    if( reset )
-    {
-        QueryPerformanceCounter( &t->start );
-        return( 0 );
-    }
-    else
-    {
-        unsigned long delta;
-        LARGE_INTEGER now, hfreq;
-        QueryPerformanceCounter(  &now );
-        QueryPerformanceFrequency( &hfreq );
-        delta = (unsigned long)( ( now.QuadPart - t->start.QuadPart ) * 1000ul
-                                 / hfreq.QuadPart );
-        return( delta );
-    }
-}
-
-/* It's OK to use a global because alarm() is supposed to be global anyway */
-static DWORD alarmMs;
-
-static void TimerProc( void *TimerContext )
-{
-    (void) TimerContext;
-    Sleep( alarmMs );
-    mbedtls_timing_alarmed = 1;
-    /* _endthread will be called implicitly on return
-     * That ensures execution of thread funcition's epilogue */
-}
-
-void mbedtls_set_alarm( int seconds )
-{
-    if( seconds == 0 )
-    {
-        /* No need to create a thread for this simple case.
-         * Also, this shorcut is more reliable at least on MinGW32 */
-        mbedtls_timing_alarmed = 1;
-        return;
-    }
-
-    mbedtls_timing_alarmed = 0;
-    alarmMs = seconds * 1000;
-    (void) _beginthread( TimerProc, 0, NULL );
-}
-
-#else /* _WIN32 && !EFIX64 && !EFI32 */
-
-unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset )
-{
-    struct _hr_time *t = (struct _hr_time *) val;
-
-    if( reset )
-    {
-        gettimeofday( &t->start, NULL );
-        return( 0 );
-    }
-    else
-    {
-        unsigned long delta;
-        struct timeval now;
-        gettimeofday( &now, NULL );
-        delta = ( now.tv_sec  - t->start.tv_sec  ) * 1000ul
-              + ( now.tv_usec - t->start.tv_usec ) / 1000;
-        return( delta );
-    }
-}
-
-static void sighandler( int signum )
-{
-    mbedtls_timing_alarmed = 1;
-    signal( signum, sighandler );
-}
-
-void mbedtls_set_alarm( int seconds )
-{
-    mbedtls_timing_alarmed = 0;
-    signal( SIGALRM, sighandler );
-    alarm( seconds );
-    if( seconds == 0 )
-    {
-        /* alarm(0) cancelled any previous pending alarm, but the
-           handler won't fire, so raise the flag straight away. */
-        mbedtls_timing_alarmed = 1;
-    }
-}
-
-#endif /* _WIN32 && !EFIX64 && !EFI32 */
-
-/*
- * Set delays to watch
- */
-void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms )
-{
-    mbedtls_timing_delay_context *ctx = (mbedtls_timing_delay_context *) data;
-
-    ctx->int_ms = int_ms;
-    ctx->fin_ms = fin_ms;
-
-    if( fin_ms != 0 )
-        (void) mbedtls_timing_get_timer( &ctx->timer, 1 );
-}
-
-/*
- * Get number of delays expired
- */
-int mbedtls_timing_get_delay( void *data )
-{
-    mbedtls_timing_delay_context *ctx = (mbedtls_timing_delay_context *) data;
-    unsigned long elapsed_ms;
-
-    if( ctx->fin_ms == 0 )
-        return( -1 );
-
-    elapsed_ms = mbedtls_timing_get_timer( &ctx->timer, 0 );
-
-    if( elapsed_ms >= ctx->fin_ms )
-        return( 2 );
-
-    if( elapsed_ms >= ctx->int_ms )
-        return( 1 );
-
-    return( 0 );
-}
-
-#endif /* !MBEDTLS_TIMING_ALT */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/*
- * Busy-waits for the given number of milliseconds.
- * Used for testing mbedtls_timing_hardclock.
- */
-static void busy_msleep( unsigned long msec )
-{
-    struct mbedtls_timing_hr_time hires;
-    unsigned long i = 0; /* for busy-waiting */
-    volatile unsigned long j; /* to prevent optimisation */
-
-    (void) mbedtls_timing_get_timer( &hires, 1 );
-
-    while( mbedtls_timing_get_timer( &hires, 0 ) < msec )
-        i++;
-
-    j = i;
-    (void) j;
-}
-
-#define FAIL    do                                                      \
-    {                                                                   \
-        if( verbose != 0 )                                              \
-        {                                                               \
-            mbedtls_printf( "failed at line %d\n", __LINE__ );          \
-            mbedtls_printf( " cycles=%lu ratio=%lu millisecs=%lu secs=%lu hardfail=%d a=%lu b=%lu\n", \
-                            cycles, ratio, millisecs, secs, hardfail,   \
-                            (unsigned long) a, (unsigned long) b );     \
-            mbedtls_printf( " elapsed(hires)=%lu elapsed(ctx)=%lu status(ctx)=%d\n", \
-                            mbedtls_timing_get_timer( &hires, 0 ),      \
-                            mbedtls_timing_get_timer( &ctx.timer, 0 ),  \
-                            mbedtls_timing_get_delay( &ctx ) );         \
-        }                                                               \
-        return( 1 );                                                    \
-    } while( 0 )
-
-/*
- * Checkup routine
- *
- * Warning: this is work in progress, some tests may not be reliable enough
- * yet! False positives may happen.
- */
-int mbedtls_timing_self_test( int verbose )
-{
-    unsigned long cycles = 0, ratio = 0;
-    unsigned long millisecs = 0, secs = 0;
-    int hardfail = 0;
-    struct mbedtls_timing_hr_time hires;
-    uint32_t a = 0, b = 0;
-    mbedtls_timing_delay_context ctx;
-
-    if( verbose != 0 )
-        mbedtls_printf( "  TIMING tests note: will take some time!\n" );
-
-    if( verbose != 0 )
-        mbedtls_printf( "  TIMING test #1 (set_alarm / get_timer): " );
-
-    {
-        secs = 1;
-
-        (void) mbedtls_timing_get_timer( &hires, 1 );
-
-        mbedtls_set_alarm( (int) secs );
-        while( !mbedtls_timing_alarmed )
-            ;
-
-        millisecs = mbedtls_timing_get_timer( &hires, 0 );
-
-        /* For some reason on Windows it looks like alarm has an extra delay
-         * (maybe related to creating a new thread). Allow some room here. */
-        if( millisecs < 800 * secs || millisecs > 1200 * secs + 300 )
-            FAIL;
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-
-    if( verbose != 0 )
-        mbedtls_printf( "  TIMING test #2 (set/get_delay        ): " );
-
-    {
-        a = 800;
-        b = 400;
-        mbedtls_timing_set_delay( &ctx, a, a + b );          /* T = 0 */
-
-        busy_msleep( a - a / 4 );                      /* T = a - a/4 */
-        if( mbedtls_timing_get_delay( &ctx ) != 0 )
-            FAIL;
-
-        busy_msleep( a / 4 + b / 4 );                  /* T = a + b/4 */
-        if( mbedtls_timing_get_delay( &ctx ) != 1 )
-            FAIL;
-
-        busy_msleep( b );                          /* T = a + b + b/4 */
-        if( mbedtls_timing_get_delay( &ctx ) != 2 )
-            FAIL;
-    }
-
-    mbedtls_timing_set_delay( &ctx, 0, 0 );
-    busy_msleep( 200 );
-    if( mbedtls_timing_get_delay( &ctx ) != -1 )
-        FAIL;
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-
-    if( verbose != 0 )
-        mbedtls_printf( "  TIMING test #3 (hardclock / get_timer): " );
-
-    /*
-     * Allow one failure for possible counter wrapping.
-     * On a 4Ghz 32-bit machine the cycle counter wraps about once per second;
-     * since the whole test is about 10ms, it shouldn't happen twice in a row.
-     */
-
-hard_test:
-    if( hardfail > 1 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed (ignored)\n" );
-
-        goto hard_test_done;
-    }
-
-    /* Get a reference ratio cycles/ms */
-    millisecs = 1;
-    cycles = mbedtls_timing_hardclock();
-    busy_msleep( millisecs );
-    cycles = mbedtls_timing_hardclock() - cycles;
-    ratio = cycles / millisecs;
-
-    /* Check that the ratio is mostly constant */
-    for( millisecs = 2; millisecs <= 4; millisecs++ )
-    {
-        cycles = mbedtls_timing_hardclock();
-        busy_msleep( millisecs );
-        cycles = mbedtls_timing_hardclock() - cycles;
-
-        /* Allow variation up to 20% */
-        if( cycles / millisecs < ratio - ratio / 5 ||
-            cycles / millisecs > ratio + ratio / 5 )
-        {
-            hardfail++;
-            goto hard_test;
-        }
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
-
-hard_test_done:
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-    return( 0 );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_TIMING_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/version.c b/3rdparty/mbedtls-2.25.0/library/version.c
deleted file mode 100644
index 32a0d7d..0000000
--- a/3rdparty/mbedtls-2.25.0/library/version.c
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- *  Version information
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_VERSION_C)
-
-#include "mbedtls/version.h"
-#include <string.h>
-
-unsigned int mbedtls_version_get_number( void )
-{
-    return( MBEDTLS_VERSION_NUMBER );
-}
-
-void mbedtls_version_get_string( char *string )
-{
-    memcpy( string, MBEDTLS_VERSION_STRING,
-            sizeof( MBEDTLS_VERSION_STRING ) );
-}
-
-void mbedtls_version_get_string_full( char *string )
-{
-    memcpy( string, MBEDTLS_VERSION_STRING_FULL,
-            sizeof( MBEDTLS_VERSION_STRING_FULL ) );
-}
-
-#endif /* MBEDTLS_VERSION_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/x509.c b/3rdparty/mbedtls-2.25.0/library/x509.c
deleted file mode 100644
index 2a7be32..0000000
--- a/3rdparty/mbedtls-2.25.0/library/x509.c
+++ /dev/null
@@ -1,1067 +0,0 @@
-/*
- *  X.509 common functions for parsing and verification
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  The ITU-T X.509 standard defines a certificate format for PKI.
- *
- *  http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs)
- *  http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs)
- *  http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10)
- *
- *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
- *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_X509_USE_C)
-
-#include "mbedtls/x509.h"
-#include "mbedtls/asn1.h"
-#include "mbedtls/error.h"
-#include "mbedtls/oid.h"
-
-#include <stdio.h>
-#include <string.h>
-
-#if defined(MBEDTLS_PEM_PARSE_C)
-#include "mbedtls/pem.h"
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_free      free
-#define mbedtls_calloc    calloc
-#define mbedtls_printf    printf
-#define mbedtls_snprintf  snprintf
-#endif
-
-#if defined(MBEDTLS_HAVE_TIME)
-#include "mbedtls/platform_time.h"
-#endif
-#if defined(MBEDTLS_HAVE_TIME_DATE)
-#include "mbedtls/platform_util.h"
-#include <time.h>
-#endif
-
-#define CHECK(code) if( ( ret = ( code ) ) != 0 ){ return( ret ); }
-#define CHECK_RANGE(min, max, val)                      \
-    do                                                  \
-    {                                                   \
-        if( ( val ) < ( min ) || ( val ) > ( max ) )    \
-        {                                               \
-            return( ret );                              \
-        }                                               \
-    } while( 0 )
-
-/*
- *  CertificateSerialNumber  ::=  INTEGER
- */
-int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end,
-                     mbedtls_x509_buf *serial )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ( end - *p ) < 1 )
-        return( MBEDTLS_ERR_X509_INVALID_SERIAL +
-                MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
-    if( **p != ( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_PRIMITIVE | 2 ) &&
-        **p !=   MBEDTLS_ASN1_INTEGER )
-        return( MBEDTLS_ERR_X509_INVALID_SERIAL +
-                MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
-
-    serial->tag = *(*p)++;
-
-    if( ( ret = mbedtls_asn1_get_len( p, end, &serial->len ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_SERIAL + ret );
-
-    serial->p = *p;
-    *p += serial->len;
-
-    return( 0 );
-}
-
-/* Get an algorithm identifier without parameters (eg for signatures)
- *
- *  AlgorithmIdentifier  ::=  SEQUENCE  {
- *       algorithm               OBJECT IDENTIFIER,
- *       parameters              ANY DEFINED BY algorithm OPTIONAL  }
- */
-int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end,
-                       mbedtls_x509_buf *alg )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ( ret = mbedtls_asn1_get_alg_null( p, end, alg ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
-
-    return( 0 );
-}
-
-/*
- * Parse an algorithm identifier with (optional) parameters
- */
-int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end,
-                  mbedtls_x509_buf *alg, mbedtls_x509_buf *params )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ( ret = mbedtls_asn1_get_alg( p, end, alg, params ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
-/*
- * HashAlgorithm ::= AlgorithmIdentifier
- *
- * AlgorithmIdentifier  ::=  SEQUENCE  {
- *      algorithm               OBJECT IDENTIFIER,
- *      parameters              ANY DEFINED BY algorithm OPTIONAL  }
- *
- * For HashAlgorithm, parameters MUST be NULL or absent.
- */
-static int x509_get_hash_alg( const mbedtls_x509_buf *alg, mbedtls_md_type_t *md_alg )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *p;
-    const unsigned char *end;
-    mbedtls_x509_buf md_oid;
-    size_t len;
-
-    /* Make sure we got a SEQUENCE and setup bounds */
-    if( alg->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
-        return( MBEDTLS_ERR_X509_INVALID_ALG +
-                MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
-
-    p = alg->p;
-    end = p + alg->len;
-
-    if( p >= end )
-        return( MBEDTLS_ERR_X509_INVALID_ALG +
-                MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
-    /* Parse md_oid */
-    md_oid.tag = *p;
-
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &md_oid.len, MBEDTLS_ASN1_OID ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
-
-    md_oid.p = p;
-    p += md_oid.len;
-
-    /* Get md_alg from md_oid */
-    if( ( ret = mbedtls_oid_get_md_alg( &md_oid, md_alg ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
-
-    /* Make sure params is absent of NULL */
-    if( p == end )
-        return( 0 );
-
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_NULL ) ) != 0 || len != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
-
-    if( p != end )
-        return( MBEDTLS_ERR_X509_INVALID_ALG +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    return( 0 );
-}
-
-/*
- *    RSASSA-PSS-params  ::=  SEQUENCE  {
- *       hashAlgorithm     [0] HashAlgorithm DEFAULT sha1Identifier,
- *       maskGenAlgorithm  [1] MaskGenAlgorithm DEFAULT mgf1SHA1Identifier,
- *       saltLength        [2] INTEGER DEFAULT 20,
- *       trailerField      [3] INTEGER DEFAULT 1  }
- *    -- Note that the tags in this Sequence are explicit.
- *
- * RFC 4055 (which defines use of RSASSA-PSS in PKIX) states that the value
- * of trailerField MUST be 1, and PKCS#1 v2.2 doesn't even define any other
- * option. Enfore this at parsing time.
- */
-int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params,
-                                mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md,
-                                int *salt_len )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char *p;
-    const unsigned char *end, *end2;
-    size_t len;
-    mbedtls_x509_buf alg_id, alg_params;
-
-    /* First set everything to defaults */
-    *md_alg = MBEDTLS_MD_SHA1;
-    *mgf_md = MBEDTLS_MD_SHA1;
-    *salt_len = 20;
-
-    /* Make sure params is a SEQUENCE and setup bounds */
-    if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
-        return( MBEDTLS_ERR_X509_INVALID_ALG +
-                MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
-
-    p = (unsigned char *) params->p;
-    end = p + params->len;
-
-    if( p == end )
-        return( 0 );
-
-    /*
-     * HashAlgorithm
-     */
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-                    MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) == 0 )
-    {
-        end2 = p + len;
-
-        /* HashAlgorithm ::= AlgorithmIdentifier (without parameters) */
-        if( ( ret = mbedtls_x509_get_alg_null( &p, end2, &alg_id ) ) != 0 )
-            return( ret );
-
-        if( ( ret = mbedtls_oid_get_md_alg( &alg_id, md_alg ) ) != 0 )
-            return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
-
-        if( p != end2 )
-            return( MBEDTLS_ERR_X509_INVALID_ALG +
-                    MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-    }
-    else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
-        return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
-
-    if( p == end )
-        return( 0 );
-
-    /*
-     * MaskGenAlgorithm
-     */
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-                    MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) ) == 0 )
-    {
-        end2 = p + len;
-
-        /* MaskGenAlgorithm ::= AlgorithmIdentifier (params = HashAlgorithm) */
-        if( ( ret = mbedtls_x509_get_alg( &p, end2, &alg_id, &alg_params ) ) != 0 )
-            return( ret );
-
-        /* Only MFG1 is recognised for now */
-        if( MBEDTLS_OID_CMP( MBEDTLS_OID_MGF1, &alg_id ) != 0 )
-            return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE +
-                    MBEDTLS_ERR_OID_NOT_FOUND );
-
-        /* Parse HashAlgorithm */
-        if( ( ret = x509_get_hash_alg( &alg_params, mgf_md ) ) != 0 )
-            return( ret );
-
-        if( p != end2 )
-            return( MBEDTLS_ERR_X509_INVALID_ALG +
-                    MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-    }
-    else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
-        return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
-
-    if( p == end )
-        return( 0 );
-
-    /*
-     * salt_len
-     */
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-                    MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 2 ) ) == 0 )
-    {
-        end2 = p + len;
-
-        if( ( ret = mbedtls_asn1_get_int( &p, end2, salt_len ) ) != 0 )
-            return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
-
-        if( p != end2 )
-            return( MBEDTLS_ERR_X509_INVALID_ALG +
-                    MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-    }
-    else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
-        return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
-
-    if( p == end )
-        return( 0 );
-
-    /*
-     * trailer_field (if present, must be 1)
-     */
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-                    MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 3 ) ) == 0 )
-    {
-        int trailer_field;
-
-        end2 = p + len;
-
-        if( ( ret = mbedtls_asn1_get_int( &p, end2, &trailer_field ) ) != 0 )
-            return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
-
-        if( p != end2 )
-            return( MBEDTLS_ERR_X509_INVALID_ALG +
-                    MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-        if( trailer_field != 1 )
-            return( MBEDTLS_ERR_X509_INVALID_ALG );
-    }
-    else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
-        return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
-
-    if( p != end )
-        return( MBEDTLS_ERR_X509_INVALID_ALG +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
-
-/*
- *  AttributeTypeAndValue ::= SEQUENCE {
- *    type     AttributeType,
- *    value    AttributeValue }
- *
- *  AttributeType ::= OBJECT IDENTIFIER
- *
- *  AttributeValue ::= ANY DEFINED BY AttributeType
- */
-static int x509_get_attr_type_value( unsigned char **p,
-                                     const unsigned char *end,
-                                     mbedtls_x509_name *cur )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-    mbedtls_x509_buf *oid;
-    mbedtls_x509_buf *val;
-
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_NAME + ret );
-
-    end = *p + len;
-
-    if( ( end - *p ) < 1 )
-        return( MBEDTLS_ERR_X509_INVALID_NAME +
-                MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
-    oid = &cur->oid;
-    oid->tag = **p;
-
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &oid->len, MBEDTLS_ASN1_OID ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_NAME + ret );
-
-    oid->p = *p;
-    *p += oid->len;
-
-    if( ( end - *p ) < 1 )
-        return( MBEDTLS_ERR_X509_INVALID_NAME +
-                MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
-    if( **p != MBEDTLS_ASN1_BMP_STRING && **p != MBEDTLS_ASN1_UTF8_STRING      &&
-        **p != MBEDTLS_ASN1_T61_STRING && **p != MBEDTLS_ASN1_PRINTABLE_STRING &&
-        **p != MBEDTLS_ASN1_IA5_STRING && **p != MBEDTLS_ASN1_UNIVERSAL_STRING &&
-        **p != MBEDTLS_ASN1_BIT_STRING )
-        return( MBEDTLS_ERR_X509_INVALID_NAME +
-                MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
-
-    val = &cur->val;
-    val->tag = *(*p)++;
-
-    if( ( ret = mbedtls_asn1_get_len( p, end, &val->len ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_NAME + ret );
-
-    val->p = *p;
-    *p += val->len;
-
-    if( *p != end )
-    {
-        return( MBEDTLS_ERR_X509_INVALID_NAME +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-    }
-
-    cur->next = NULL;
-
-    return( 0 );
-}
-
-/*
- *  Name ::= CHOICE { -- only one possibility for now --
- *       rdnSequence  RDNSequence }
- *
- *  RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
- *
- *  RelativeDistinguishedName ::=
- *    SET OF AttributeTypeAndValue
- *
- *  AttributeTypeAndValue ::= SEQUENCE {
- *    type     AttributeType,
- *    value    AttributeValue }
- *
- *  AttributeType ::= OBJECT IDENTIFIER
- *
- *  AttributeValue ::= ANY DEFINED BY AttributeType
- *
- * The data structure is optimized for the common case where each RDN has only
- * one element, which is represented as a list of AttributeTypeAndValue.
- * For the general case we still use a flat list, but we mark elements of the
- * same set so that they are "merged" together in the functions that consume
- * this list, eg mbedtls_x509_dn_gets().
- */
-int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end,
-                   mbedtls_x509_name *cur )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t set_len;
-    const unsigned char *end_set;
-
-    /* don't use recursion, we'd risk stack overflow if not optimized */
-    while( 1 )
-    {
-        /*
-         * parse SET
-         */
-        if( ( ret = mbedtls_asn1_get_tag( p, end, &set_len,
-                MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) ) != 0 )
-            return( MBEDTLS_ERR_X509_INVALID_NAME + ret );
-
-        end_set  = *p + set_len;
-
-        while( 1 )
-        {
-            if( ( ret = x509_get_attr_type_value( p, end_set, cur ) ) != 0 )
-                return( ret );
-
-            if( *p == end_set )
-                break;
-
-            /* Mark this item as being no the only one in a set */
-            cur->next_merged = 1;
-
-            cur->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_name ) );
-
-            if( cur->next == NULL )
-                return( MBEDTLS_ERR_X509_ALLOC_FAILED );
-
-            cur = cur->next;
-        }
-
-        /*
-         * continue until end of SEQUENCE is reached
-         */
-        if( *p == end )
-            return( 0 );
-
-        cur->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_name ) );
-
-        if( cur->next == NULL )
-            return( MBEDTLS_ERR_X509_ALLOC_FAILED );
-
-        cur = cur->next;
-    }
-}
-
-static int x509_parse_int( unsigned char **p, size_t n, int *res )
-{
-    *res = 0;
-
-    for( ; n > 0; --n )
-    {
-        if( ( **p < '0') || ( **p > '9' ) )
-            return ( MBEDTLS_ERR_X509_INVALID_DATE );
-
-        *res *= 10;
-        *res += ( *(*p)++ - '0' );
-    }
-
-    return( 0 );
-}
-
-static int x509_date_is_valid(const mbedtls_x509_time *t )
-{
-    int ret = MBEDTLS_ERR_X509_INVALID_DATE;
-    int month_len;
-
-    CHECK_RANGE( 0, 9999, t->year );
-    CHECK_RANGE( 0, 23,   t->hour );
-    CHECK_RANGE( 0, 59,   t->min  );
-    CHECK_RANGE( 0, 59,   t->sec  );
-
-    switch( t->mon )
-    {
-        case 1: case 3: case 5: case 7: case 8: case 10: case 12:
-            month_len = 31;
-            break;
-        case 4: case 6: case 9: case 11:
-            month_len = 30;
-            break;
-        case 2:
-            if( ( !( t->year % 4 ) && t->year % 100 ) ||
-                !( t->year % 400 ) )
-                month_len = 29;
-            else
-                month_len = 28;
-            break;
-        default:
-            return( ret );
-    }
-    CHECK_RANGE( 1, month_len, t->day );
-
-    return( 0 );
-}
-
-/*
- * Parse an ASN1_UTC_TIME (yearlen=2) or ASN1_GENERALIZED_TIME (yearlen=4)
- * field.
- */
-static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen,
-                            mbedtls_x509_time *tm )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    /*
-     * Minimum length is 10 or 12 depending on yearlen
-     */
-    if ( len < yearlen + 8 )
-        return ( MBEDTLS_ERR_X509_INVALID_DATE );
-    len -= yearlen + 8;
-
-    /*
-     * Parse year, month, day, hour, minute
-     */
-    CHECK( x509_parse_int( p, yearlen, &tm->year ) );
-    if ( 2 == yearlen )
-    {
-        if ( tm->year < 50 )
-            tm->year += 100;
-
-        tm->year += 1900;
-    }
-
-    CHECK( x509_parse_int( p, 2, &tm->mon ) );
-    CHECK( x509_parse_int( p, 2, &tm->day ) );
-    CHECK( x509_parse_int( p, 2, &tm->hour ) );
-    CHECK( x509_parse_int( p, 2, &tm->min ) );
-
-    /*
-     * Parse seconds if present
-     */
-    if ( len >= 2 )
-    {
-        CHECK( x509_parse_int( p, 2, &tm->sec ) );
-        len -= 2;
-    }
-    else
-        return ( MBEDTLS_ERR_X509_INVALID_DATE );
-
-    /*
-     * Parse trailing 'Z' if present
-     */
-    if ( 1 == len && 'Z' == **p )
-    {
-        (*p)++;
-        len--;
-    }
-
-    /*
-     * We should have parsed all characters at this point
-     */
-    if ( 0 != len )
-        return ( MBEDTLS_ERR_X509_INVALID_DATE );
-
-    CHECK( x509_date_is_valid( tm ) );
-
-    return ( 0 );
-}
-
-/*
- *  Time ::= CHOICE {
- *       utcTime        UTCTime,
- *       generalTime    GeneralizedTime }
- */
-int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end,
-                           mbedtls_x509_time *tm )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len, year_len;
-    unsigned char tag;
-
-    if( ( end - *p ) < 1 )
-        return( MBEDTLS_ERR_X509_INVALID_DATE +
-                MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
-    tag = **p;
-
-    if( tag == MBEDTLS_ASN1_UTC_TIME )
-        year_len = 2;
-    else if( tag == MBEDTLS_ASN1_GENERALIZED_TIME )
-        year_len = 4;
-    else
-        return( MBEDTLS_ERR_X509_INVALID_DATE +
-                MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
-
-    (*p)++;
-    ret = mbedtls_asn1_get_len( p, end, &len );
-
-    if( ret != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_DATE + ret );
-
-    return x509_parse_time( p, len, year_len, tm );
-}
-
-int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-    int tag_type;
-
-    if( ( end - *p ) < 1 )
-        return( MBEDTLS_ERR_X509_INVALID_SIGNATURE +
-                MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
-    tag_type = **p;
-
-    if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + ret );
-
-    sig->tag = tag_type;
-    sig->len = len;
-    sig->p = *p;
-
-    *p += len;
-
-    return( 0 );
-}
-
-/*
- * Get signature algorithm from alg OID and optional parameters
- */
-int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
-                      mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg,
-                      void **sig_opts )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( *sig_opts != NULL )
-        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
-
-    if( ( ret = mbedtls_oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 )
-        return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + ret );
-
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
-    if( *pk_alg == MBEDTLS_PK_RSASSA_PSS )
-    {
-        mbedtls_pk_rsassa_pss_options *pss_opts;
-
-        pss_opts = mbedtls_calloc( 1, sizeof( mbedtls_pk_rsassa_pss_options ) );
-        if( pss_opts == NULL )
-            return( MBEDTLS_ERR_X509_ALLOC_FAILED );
-
-        ret = mbedtls_x509_get_rsassa_pss_params( sig_params,
-                                          md_alg,
-                                          &pss_opts->mgf1_hash_id,
-                                          &pss_opts->expected_salt_len );
-        if( ret != 0 )
-        {
-            mbedtls_free( pss_opts );
-            return( ret );
-        }
-
-        *sig_opts = (void *) pss_opts;
-    }
-    else
-#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
-    {
-        /* Make sure parameters are absent or NULL */
-        if( ( sig_params->tag != MBEDTLS_ASN1_NULL && sig_params->tag != 0 ) ||
-              sig_params->len != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_ALG );
-    }
-
-    return( 0 );
-}
-
-/*
- * X.509 Extensions (No parsing of extensions, pointer should
- * be either manually updated or extensions should be parsed!)
- */
-int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end,
-                          mbedtls_x509_buf *ext, int tag )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-
-    /* Extension structure use EXPLICIT tagging. That is, the actual
-     * `Extensions` structure is wrapped by a tag-length pair using
-     * the respective context-specific tag. */
-    ret = mbedtls_asn1_get_tag( p, end, &ext->len,
-              MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag );
-    if( ret != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-    ext->tag = MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag;
-    ext->p   = *p;
-    end      = *p + ext->len;
-
-    /*
-     * Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
-     */
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-    if( end != *p + len )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    return( 0 );
-}
-
-/*
- * Store the name in printable form into buf; no more
- * than size characters will be written
- */
-int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t i, n;
-    unsigned char c, merge = 0;
-    const mbedtls_x509_name *name;
-    const char *short_name = NULL;
-    char s[MBEDTLS_X509_MAX_DN_NAME_SIZE], *p;
-
-    memset( s, 0, sizeof( s ) );
-
-    name = dn;
-    p = buf;
-    n = size;
-
-    while( name != NULL )
-    {
-        if( !name->oid.p )
-        {
-            name = name->next;
-            continue;
-        }
-
-        if( name != dn )
-        {
-            ret = mbedtls_snprintf( p, n, merge ? " + " : ", " );
-            MBEDTLS_X509_SAFE_SNPRINTF;
-        }
-
-        ret = mbedtls_oid_get_attr_short_name( &name->oid, &short_name );
-
-        if( ret == 0 )
-            ret = mbedtls_snprintf( p, n, "%s=", short_name );
-        else
-            ret = mbedtls_snprintf( p, n, "\?\?=" );
-        MBEDTLS_X509_SAFE_SNPRINTF;
-
-        for( i = 0; i < name->val.len; i++ )
-        {
-            if( i >= sizeof( s ) - 1 )
-                break;
-
-            c = name->val.p[i];
-            if( c < 32 || c >= 127 )
-                 s[i] = '?';
-            else s[i] = c;
-        }
-        s[i] = '\0';
-        ret = mbedtls_snprintf( p, n, "%s", s );
-        MBEDTLS_X509_SAFE_SNPRINTF;
-
-        merge = name->next_merged;
-        name = name->next;
-    }
-
-    return( (int) ( size - n ) );
-}
-
-/*
- * Store the serial in printable form into buf; no more
- * than size characters will be written
- */
-int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t i, n, nr;
-    char *p;
-
-    p = buf;
-    n = size;
-
-    nr = ( serial->len <= 32 )
-        ? serial->len  : 28;
-
-    for( i = 0; i < nr; i++ )
-    {
-        if( i == 0 && nr > 1 && serial->p[i] == 0x0 )
-            continue;
-
-        ret = mbedtls_snprintf( p, n, "%02X%s",
-                serial->p[i], ( i < nr - 1 ) ? ":" : "" );
-        MBEDTLS_X509_SAFE_SNPRINTF;
-    }
-
-    if( nr != serial->len )
-    {
-        ret = mbedtls_snprintf( p, n, "...." );
-        MBEDTLS_X509_SAFE_SNPRINTF;
-    }
-
-    return( (int) ( size - n ) );
-}
-
-/*
- * Helper for writing signature algorithms
- */
-int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
-                       mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
-                       const void *sig_opts )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    char *p = buf;
-    size_t n = size;
-    const char *desc = NULL;
-
-    ret = mbedtls_oid_get_sig_alg_desc( sig_oid, &desc );
-    if( ret != 0 )
-        ret = mbedtls_snprintf( p, n, "???"  );
-    else
-        ret = mbedtls_snprintf( p, n, "%s", desc );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
-    if( pk_alg == MBEDTLS_PK_RSASSA_PSS )
-    {
-        const mbedtls_pk_rsassa_pss_options *pss_opts;
-        const mbedtls_md_info_t *md_info, *mgf_md_info;
-
-        pss_opts = (const mbedtls_pk_rsassa_pss_options *) sig_opts;
-
-        md_info = mbedtls_md_info_from_type( md_alg );
-        mgf_md_info = mbedtls_md_info_from_type( pss_opts->mgf1_hash_id );
-
-        ret = mbedtls_snprintf( p, n, " (%s, MGF1-%s, 0x%02X)",
-                              md_info ? mbedtls_md_get_name( md_info ) : "???",
-                              mgf_md_info ? mbedtls_md_get_name( mgf_md_info ) : "???",
-                              (unsigned int) pss_opts->expected_salt_len );
-        MBEDTLS_X509_SAFE_SNPRINTF;
-    }
-#else
-    ((void) pk_alg);
-    ((void) md_alg);
-    ((void) sig_opts);
-#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
-
-    return( (int)( size - n ) );
-}
-
-/*
- * Helper for writing "RSA key size", "EC key size", etc
- */
-int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name )
-{
-    char *p = buf;
-    size_t n = buf_size;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    ret = mbedtls_snprintf( p, n, "%s key size", name );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_HAVE_TIME_DATE)
-/*
- * Set the time structure to the current time.
- * Return 0 on success, non-zero on failure.
- */
-static int x509_get_current_time( mbedtls_x509_time *now )
-{
-    struct tm *lt, tm_buf;
-    mbedtls_time_t tt;
-    int ret = 0;
-
-    tt = mbedtls_time( NULL );
-    lt = mbedtls_platform_gmtime_r( &tt, &tm_buf );
-
-    if( lt == NULL )
-        ret = -1;
-    else
-    {
-        now->year = lt->tm_year + 1900;
-        now->mon  = lt->tm_mon  + 1;
-        now->day  = lt->tm_mday;
-        now->hour = lt->tm_hour;
-        now->min  = lt->tm_min;
-        now->sec  = lt->tm_sec;
-    }
-
-    return( ret );
-}
-
-/*
- * Return 0 if before <= after, 1 otherwise
- */
-static int x509_check_time( const mbedtls_x509_time *before, const mbedtls_x509_time *after )
-{
-    if( before->year  > after->year )
-        return( 1 );
-
-    if( before->year == after->year &&
-        before->mon   > after->mon )
-        return( 1 );
-
-    if( before->year == after->year &&
-        before->mon  == after->mon  &&
-        before->day   > after->day )
-        return( 1 );
-
-    if( before->year == after->year &&
-        before->mon  == after->mon  &&
-        before->day  == after->day  &&
-        before->hour  > after->hour )
-        return( 1 );
-
-    if( before->year == after->year &&
-        before->mon  == after->mon  &&
-        before->day  == after->day  &&
-        before->hour == after->hour &&
-        before->min   > after->min  )
-        return( 1 );
-
-    if( before->year == after->year &&
-        before->mon  == after->mon  &&
-        before->day  == after->day  &&
-        before->hour == after->hour &&
-        before->min  == after->min  &&
-        before->sec   > after->sec  )
-        return( 1 );
-
-    return( 0 );
-}
-
-int mbedtls_x509_time_is_past( const mbedtls_x509_time *to )
-{
-    mbedtls_x509_time now;
-
-    if( x509_get_current_time( &now ) != 0 )
-        return( 1 );
-
-    return( x509_check_time( &now, to ) );
-}
-
-int mbedtls_x509_time_is_future( const mbedtls_x509_time *from )
-{
-    mbedtls_x509_time now;
-
-    if( x509_get_current_time( &now ) != 0 )
-        return( 1 );
-
-    return( x509_check_time( from, &now ) );
-}
-
-#else  /* MBEDTLS_HAVE_TIME_DATE */
-
-int mbedtls_x509_time_is_past( const mbedtls_x509_time *to )
-{
-    ((void) to);
-    return( 0 );
-}
-
-int mbedtls_x509_time_is_future( const mbedtls_x509_time *from )
-{
-    ((void) from);
-    return( 0 );
-}
-#endif /* MBEDTLS_HAVE_TIME_DATE */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-#include "mbedtls/x509_crt.h"
-#include "mbedtls/certs.h"
-
-/*
- * Checkup routine
- */
-int mbedtls_x509_self_test( int verbose )
-{
-    int ret = 0;
-#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_SHA256_C)
-    uint32_t flags;
-    mbedtls_x509_crt cacert;
-    mbedtls_x509_crt clicert;
-
-    if( verbose != 0 )
-        mbedtls_printf( "  X.509 certificate load: " );
-
-    mbedtls_x509_crt_init( &cacert );
-    mbedtls_x509_crt_init( &clicert );
-
-    ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt,
-                           mbedtls_test_cli_crt_len );
-    if( ret != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
-
-        goto cleanup;
-    }
-
-    ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_ca_crt,
-                          mbedtls_test_ca_crt_len );
-    if( ret != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
-
-        goto cleanup;
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n  X.509 signature verify: ");
-
-    ret = mbedtls_x509_crt_verify( &clicert, &cacert, NULL, NULL, &flags, NULL, NULL );
-    if( ret != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
-
-        goto cleanup;
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n\n");
-
-cleanup:
-    mbedtls_x509_crt_free( &cacert  );
-    mbedtls_x509_crt_free( &clicert );
-#else
-    ((void) verbose);
-#endif /* MBEDTLS_CERTS_C && MBEDTLS_SHA256_C */
-    return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_X509_USE_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/x509_create.c b/3rdparty/mbedtls-2.25.0/library/x509_create.c
deleted file mode 100644
index 056bbaa..0000000
--- a/3rdparty/mbedtls-2.25.0/library/x509_create.c
+++ /dev/null
@@ -1,374 +0,0 @@
-/*
- *  X.509 base functions for creating certificates / CSRs
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_X509_CREATE_C)
-
-#include "mbedtls/x509.h"
-#include "mbedtls/asn1write.h"
-#include "mbedtls/error.h"
-#include "mbedtls/oid.h"
-
-#include <string.h>
-
-/* Structure linking OIDs for X.509 DN AttributeTypes to their
- * string representations and default string encodings used by Mbed TLS. */
-typedef struct {
-   const char *name; /* String representation of AttributeType, e.g.
-                      * "CN" or "emailAddress". */
-   size_t name_len;  /* Length of 'name', without trailing 0 byte. */
-   const char *oid;  /* String representation of OID of AttributeType,
-                      * as per RFC 5280, Appendix A.1. */
-   int default_tag;  /* The default character encoding used for the
-                      * given attribute type, e.g.
-                      * MBEDTLS_ASN1_UTF8_STRING for UTF-8. */
-} x509_attr_descriptor_t;
-
-#define ADD_STRLEN( s )     s, sizeof( s ) - 1
-
-/* X.509 DN attributes from RFC 5280, Appendix A.1. */
-static const x509_attr_descriptor_t x509_attrs[] =
-{
-    { ADD_STRLEN( "CN" ),
-      MBEDTLS_OID_AT_CN, MBEDTLS_ASN1_UTF8_STRING },
-    { ADD_STRLEN( "commonName" ),
-      MBEDTLS_OID_AT_CN, MBEDTLS_ASN1_UTF8_STRING },
-    { ADD_STRLEN( "C" ),
-      MBEDTLS_OID_AT_COUNTRY, MBEDTLS_ASN1_PRINTABLE_STRING },
-    { ADD_STRLEN( "countryName" ),
-      MBEDTLS_OID_AT_COUNTRY, MBEDTLS_ASN1_PRINTABLE_STRING },
-    { ADD_STRLEN( "O" ),
-      MBEDTLS_OID_AT_ORGANIZATION, MBEDTLS_ASN1_UTF8_STRING },
-    { ADD_STRLEN( "organizationName" ),
-      MBEDTLS_OID_AT_ORGANIZATION, MBEDTLS_ASN1_UTF8_STRING },
-    { ADD_STRLEN( "L" ),
-      MBEDTLS_OID_AT_LOCALITY, MBEDTLS_ASN1_UTF8_STRING },
-    { ADD_STRLEN( "locality" ),
-      MBEDTLS_OID_AT_LOCALITY, MBEDTLS_ASN1_UTF8_STRING },
-    { ADD_STRLEN( "R" ),
-      MBEDTLS_OID_PKCS9_EMAIL, MBEDTLS_ASN1_IA5_STRING },
-    { ADD_STRLEN( "OU" ),
-      MBEDTLS_OID_AT_ORG_UNIT, MBEDTLS_ASN1_UTF8_STRING },
-    { ADD_STRLEN( "organizationalUnitName" ),
-      MBEDTLS_OID_AT_ORG_UNIT, MBEDTLS_ASN1_UTF8_STRING },
-    { ADD_STRLEN( "ST" ),
-      MBEDTLS_OID_AT_STATE, MBEDTLS_ASN1_UTF8_STRING },
-    { ADD_STRLEN( "stateOrProvinceName" ),
-      MBEDTLS_OID_AT_STATE, MBEDTLS_ASN1_UTF8_STRING },
-    { ADD_STRLEN( "emailAddress" ),
-      MBEDTLS_OID_PKCS9_EMAIL, MBEDTLS_ASN1_IA5_STRING },
-    { ADD_STRLEN( "serialNumber" ),
-      MBEDTLS_OID_AT_SERIAL_NUMBER, MBEDTLS_ASN1_PRINTABLE_STRING },
-    { ADD_STRLEN( "postalAddress" ),
-      MBEDTLS_OID_AT_POSTAL_ADDRESS, MBEDTLS_ASN1_PRINTABLE_STRING },
-    { ADD_STRLEN( "postalCode" ),
-      MBEDTLS_OID_AT_POSTAL_CODE, MBEDTLS_ASN1_PRINTABLE_STRING },
-    { ADD_STRLEN( "dnQualifier" ),
-      MBEDTLS_OID_AT_DN_QUALIFIER, MBEDTLS_ASN1_PRINTABLE_STRING },
-    { ADD_STRLEN( "title" ),
-      MBEDTLS_OID_AT_TITLE, MBEDTLS_ASN1_UTF8_STRING },
-    { ADD_STRLEN( "surName" ),
-      MBEDTLS_OID_AT_SUR_NAME, MBEDTLS_ASN1_UTF8_STRING },
-    { ADD_STRLEN( "SN" ),
-      MBEDTLS_OID_AT_SUR_NAME, MBEDTLS_ASN1_UTF8_STRING },
-    { ADD_STRLEN( "givenName" ),
-      MBEDTLS_OID_AT_GIVEN_NAME, MBEDTLS_ASN1_UTF8_STRING },
-    { ADD_STRLEN( "GN" ),
-      MBEDTLS_OID_AT_GIVEN_NAME, MBEDTLS_ASN1_UTF8_STRING },
-    { ADD_STRLEN( "initials" ),
-      MBEDTLS_OID_AT_INITIALS, MBEDTLS_ASN1_UTF8_STRING },
-    { ADD_STRLEN( "pseudonym" ),
-      MBEDTLS_OID_AT_PSEUDONYM, MBEDTLS_ASN1_UTF8_STRING },
-    { ADD_STRLEN( "generationQualifier" ),
-      MBEDTLS_OID_AT_GENERATION_QUALIFIER, MBEDTLS_ASN1_UTF8_STRING },
-    { ADD_STRLEN( "domainComponent" ),
-      MBEDTLS_OID_DOMAIN_COMPONENT, MBEDTLS_ASN1_IA5_STRING },
-    { ADD_STRLEN( "DC" ),
-      MBEDTLS_OID_DOMAIN_COMPONENT,   MBEDTLS_ASN1_IA5_STRING },
-    { NULL, 0, NULL, MBEDTLS_ASN1_NULL }
-};
-
-static const x509_attr_descriptor_t *x509_attr_descr_from_name( const char *name, size_t name_len )
-{
-    const x509_attr_descriptor_t *cur;
-
-    for( cur = x509_attrs; cur->name != NULL; cur++ )
-        if( cur->name_len == name_len &&
-            strncmp( cur->name, name, name_len ) == 0 )
-            break;
-
-    if ( cur->name == NULL )
-        return( NULL );
-
-    return( cur );
-}
-
-int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name )
-{
-    int ret = 0;
-    const char *s = name, *c = s;
-    const char *end = s + strlen( s );
-    const char *oid = NULL;
-    const x509_attr_descriptor_t* attr_descr = NULL;
-    int in_tag = 1;
-    char data[MBEDTLS_X509_MAX_DN_NAME_SIZE];
-    char *d = data;
-
-    /* Clear existing chain if present */
-    mbedtls_asn1_free_named_data_list( head );
-
-    while( c <= end )
-    {
-        if( in_tag && *c == '=' )
-        {
-            if( ( attr_descr = x509_attr_descr_from_name( s, c - s ) ) == NULL )
-            {
-                ret = MBEDTLS_ERR_X509_UNKNOWN_OID;
-                goto exit;
-            }
-
-            oid = attr_descr->oid;
-            s = c + 1;
-            in_tag = 0;
-            d = data;
-        }
-
-        if( !in_tag && *c == '\\' && c != end )
-        {
-            c++;
-
-            /* Check for valid escaped characters */
-            if( c == end || *c != ',' )
-            {
-                ret = MBEDTLS_ERR_X509_INVALID_NAME;
-                goto exit;
-            }
-        }
-        else if( !in_tag && ( *c == ',' || c == end ) )
-        {
-            mbedtls_asn1_named_data* cur =
-                mbedtls_asn1_store_named_data( head, oid, strlen( oid ),
-                                               (unsigned char *) data,
-                                               d - data );
-
-            if(cur == NULL )
-            {
-                return( MBEDTLS_ERR_X509_ALLOC_FAILED );
-            }
-
-            // set tagType
-            cur->val.tag = attr_descr->default_tag;
-
-            while( c < end && *(c + 1) == ' ' )
-                c++;
-
-            s = c + 1;
-            in_tag = 1;
-        }
-
-        if( !in_tag && s != c + 1 )
-        {
-            *(d++) = *c;
-
-            if( d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE )
-            {
-                ret = MBEDTLS_ERR_X509_INVALID_NAME;
-                goto exit;
-            }
-        }
-
-        c++;
-    }
-
-exit:
-
-    return( ret );
-}
-
-/* The first byte of the value in the mbedtls_asn1_named_data structure is reserved
- * to store the critical boolean for us
- */
-int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,
-                        int critical, const unsigned char *val, size_t val_len )
-{
-    mbedtls_asn1_named_data *cur;
-
-    if( ( cur = mbedtls_asn1_store_named_data( head, oid, oid_len,
-                                       NULL, val_len + 1 ) ) == NULL )
-    {
-        return( MBEDTLS_ERR_X509_ALLOC_FAILED );
-    }
-
-    cur->val.p[0] = critical;
-    memcpy( cur->val.p + 1, val, val_len );
-
-    return( 0 );
-}
-
-/*
- *  RelativeDistinguishedName ::=
- *    SET OF AttributeTypeAndValue
- *
- *  AttributeTypeAndValue ::= SEQUENCE {
- *    type     AttributeType,
- *    value    AttributeValue }
- *
- *  AttributeType ::= OBJECT IDENTIFIER
- *
- *  AttributeValue ::= ANY DEFINED BY AttributeType
- */
-static int x509_write_name( unsigned char **p, unsigned char *start, mbedtls_asn1_named_data* cur_name)
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-    const char *oid             = (const char*)cur_name->oid.p;
-    size_t oid_len              = cur_name->oid.len;
-    const unsigned char *name   = cur_name->val.p;
-    size_t name_len             = cur_name->val.len;
-
-    // Write correct string tag and value
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tagged_string( p, start,
-                                                       cur_name->val.tag,
-                                                       (const char *) name,
-                                                       name_len ) );
-    // Write OID
-    //
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid,
-                                                       oid_len ) );
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start,
-                                                    MBEDTLS_ASN1_CONSTRUCTED |
-                                                    MBEDTLS_ASN1_SEQUENCE ) );
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start,
-                                                 MBEDTLS_ASN1_CONSTRUCTED |
-                                                 MBEDTLS_ASN1_SET ) );
-
-    return( (int) len );
-}
-
-int mbedtls_x509_write_names( unsigned char **p, unsigned char *start,
-                              mbedtls_asn1_named_data *first )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-    mbedtls_asn1_named_data *cur = first;
-
-    while( cur != NULL )
-    {
-        MBEDTLS_ASN1_CHK_ADD( len, x509_write_name( p, start, cur ) );
-        cur = cur->next;
-    }
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED |
-                                                 MBEDTLS_ASN1_SEQUENCE ) );
-
-    return( (int) len );
-}
-
-int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start,
-                    const char *oid, size_t oid_len,
-                    unsigned char *sig, size_t size )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-
-    if( *p < start || (size_t)( *p - start ) < size )
-        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-    len = size;
-    (*p) -= len;
-    memcpy( *p, sig, len );
-
-    if( *p - start < 1 )
-        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-    *--(*p) = 0;
-    len += 1;
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) );
-
-    // Write OID
-    //
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( p, start, oid,
-                                                        oid_len, 0 ) );
-
-    return( (int) len );
-}
-
-static int x509_write_extension( unsigned char **p, unsigned char *start,
-                                 mbedtls_asn1_named_data *ext )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, ext->val.p + 1,
-                                              ext->val.len - 1 ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, ext->val.len - 1 ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) );
-
-    if( ext->val.p[0] != 0 )
-    {
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_bool( p, start, 1 ) );
-    }
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, ext->oid.p,
-                                              ext->oid.len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, ext->oid.len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) );
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED |
-                                                 MBEDTLS_ASN1_SEQUENCE ) );
-
-    return( (int) len );
-}
-
-/*
- * Extension  ::=  SEQUENCE  {
- *     extnID      OBJECT IDENTIFIER,
- *     critical    BOOLEAN DEFAULT FALSE,
- *     extnValue   OCTET STRING
- *                 -- contains the DER encoding of an ASN.1 value
- *                 -- corresponding to the extension type identified
- *                 -- by extnID
- *     }
- */
-int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start,
-                           mbedtls_asn1_named_data *first )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-    mbedtls_asn1_named_data *cur_ext = first;
-
-    while( cur_ext != NULL )
-    {
-        MBEDTLS_ASN1_CHK_ADD( len, x509_write_extension( p, start, cur_ext ) );
-        cur_ext = cur_ext->next;
-    }
-
-    return( (int) len );
-}
-
-#endif /* MBEDTLS_X509_CREATE_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/x509_crl.c b/3rdparty/mbedtls-2.25.0/library/x509_crl.c
deleted file mode 100644
index edeb39b..0000000
--- a/3rdparty/mbedtls-2.25.0/library/x509_crl.c
+++ /dev/null
@@ -1,768 +0,0 @@
-/*
- *  X.509 Certidicate Revocation List (CRL) parsing
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  The ITU-T X.509 standard defines a certificate format for PKI.
- *
- *  http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs)
- *  http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs)
- *  http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10)
- *
- *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
- *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_X509_CRL_PARSE_C)
-
-#include "mbedtls/x509_crl.h"
-#include "mbedtls/error.h"
-#include "mbedtls/oid.h"
-#include "mbedtls/platform_util.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_PEM_PARSE_C)
-#include "mbedtls/pem.h"
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#include <stdio.h>
-#define mbedtls_free       free
-#define mbedtls_calloc    calloc
-#define mbedtls_snprintf   snprintf
-#endif
-
-#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
-#include <windows.h>
-#else
-#include <time.h>
-#endif
-
-#if defined(MBEDTLS_FS_IO) || defined(EFIX64) || defined(EFI32)
-#include <stdio.h>
-#endif
-
-/*
- *  Version  ::=  INTEGER  {  v1(0), v2(1)  }
- */
-static int x509_crl_get_version( unsigned char **p,
-                             const unsigned char *end,
-                             int *ver )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 )
-    {
-        if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
-        {
-            *ver = 0;
-            return( 0 );
-        }
-
-        return( MBEDTLS_ERR_X509_INVALID_VERSION + ret );
-    }
-
-    return( 0 );
-}
-
-/*
- * X.509 CRL v2 extensions
- *
- * We currently don't parse any extension's content, but we do check that the
- * list of extensions is well-formed and abort on critical extensions (that
- * are unsupported as we don't support any extension so far)
- */
-static int x509_get_crl_ext( unsigned char **p,
-                             const unsigned char *end,
-                             mbedtls_x509_buf *ext )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( *p == end )
-        return( 0 );
-
-    /*
-     * crlExtensions           [0]  EXPLICIT Extensions OPTIONAL
-     *                              -- if present, version MUST be v2
-     */
-    if( ( ret = mbedtls_x509_get_ext( p, end, ext, 0 ) ) != 0 )
-        return( ret );
-
-    end = ext->p + ext->len;
-
-    while( *p < end )
-    {
-        /*
-         * Extension  ::=  SEQUENCE  {
-         *      extnID      OBJECT IDENTIFIER,
-         *      critical    BOOLEAN DEFAULT FALSE,
-         *      extnValue   OCTET STRING  }
-         */
-        int is_critical = 0;
-        const unsigned char *end_ext_data;
-        size_t len;
-
-        /* Get enclosing sequence tag */
-        if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
-                MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-        end_ext_data = *p + len;
-
-        /* Get OID (currently ignored) */
-        if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len,
-                                          MBEDTLS_ASN1_OID ) ) != 0 )
-        {
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-        }
-        *p += len;
-
-        /* Get optional critical */
-        if( ( ret = mbedtls_asn1_get_bool( p, end_ext_data,
-                                           &is_critical ) ) != 0 &&
-            ( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) )
-        {
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-        }
-
-        /* Data should be octet string type */
-        if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len,
-                MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-        /* Ignore data so far and just check its length */
-        *p += len;
-        if( *p != end_ext_data )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                    MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-        /* Abort on (unsupported) critical extensions */
-        if( is_critical )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                    MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
-    }
-
-    if( *p != end )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    return( 0 );
-}
-
-/*
- * X.509 CRL v2 entry extensions (no extensions parsed yet.)
- */
-static int x509_get_crl_entry_ext( unsigned char **p,
-                             const unsigned char *end,
-                             mbedtls_x509_buf *ext )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-
-    /* OPTIONAL */
-    if( end <= *p )
-        return( 0 );
-
-    ext->tag = **p;
-    ext->p = *p;
-
-    /*
-     * Get CRL-entry extension sequence header
-     * crlEntryExtensions      Extensions OPTIONAL  -- if present, MUST be v2
-     */
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &ext->len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
-        {
-            ext->p = NULL;
-            return( 0 );
-        }
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-    }
-
-    end = *p + ext->len;
-
-    if( end != *p + ext->len )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    while( *p < end )
-    {
-        if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
-                MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-        *p += len;
-    }
-
-    if( *p != end )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    return( 0 );
-}
-
-/*
- * X.509 CRL Entries
- */
-static int x509_get_entries( unsigned char **p,
-                             const unsigned char *end,
-                             mbedtls_x509_crl_entry *entry )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t entry_len;
-    mbedtls_x509_crl_entry *cur_entry = entry;
-
-    if( *p == end )
-        return( 0 );
-
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &entry_len,
-            MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED ) ) != 0 )
-    {
-        if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
-            return( 0 );
-
-        return( ret );
-    }
-
-    end = *p + entry_len;
-
-    while( *p < end )
-    {
-        size_t len2;
-        const unsigned char *end2;
-
-        cur_entry->raw.tag = **p;
-        if( ( ret = mbedtls_asn1_get_tag( p, end, &len2,
-                MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED ) ) != 0 )
-        {
-            return( ret );
-        }
-
-        cur_entry->raw.p = *p;
-        cur_entry->raw.len = len2;
-        end2 = *p + len2;
-
-        if( ( ret = mbedtls_x509_get_serial( p, end2, &cur_entry->serial ) ) != 0 )
-            return( ret );
-
-        if( ( ret = mbedtls_x509_get_time( p, end2,
-                                   &cur_entry->revocation_date ) ) != 0 )
-            return( ret );
-
-        if( ( ret = x509_get_crl_entry_ext( p, end2,
-                                            &cur_entry->entry_ext ) ) != 0 )
-            return( ret );
-
-        if( *p < end )
-        {
-            cur_entry->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl_entry ) );
-
-            if( cur_entry->next == NULL )
-                return( MBEDTLS_ERR_X509_ALLOC_FAILED );
-
-            cur_entry = cur_entry->next;
-        }
-    }
-
-    return( 0 );
-}
-
-/*
- * Parse one  CRLs in DER format and append it to the chained list
- */
-int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,
-                        const unsigned char *buf, size_t buflen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-    unsigned char *p = NULL, *end = NULL;
-    mbedtls_x509_buf sig_params1, sig_params2, sig_oid2;
-    mbedtls_x509_crl *crl = chain;
-
-    /*
-     * Check for valid input
-     */
-    if( crl == NULL || buf == NULL )
-        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
-
-    memset( &sig_params1, 0, sizeof( mbedtls_x509_buf ) );
-    memset( &sig_params2, 0, sizeof( mbedtls_x509_buf ) );
-    memset( &sig_oid2, 0, sizeof( mbedtls_x509_buf ) );
-
-    /*
-     * Add new CRL on the end of the chain if needed.
-     */
-    while( crl->version != 0 && crl->next != NULL )
-        crl = crl->next;
-
-    if( crl->version != 0 && crl->next == NULL )
-    {
-        crl->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl ) );
-
-        if( crl->next == NULL )
-        {
-            mbedtls_x509_crl_free( crl );
-            return( MBEDTLS_ERR_X509_ALLOC_FAILED );
-        }
-
-        mbedtls_x509_crl_init( crl->next );
-        crl = crl->next;
-    }
-
-    /*
-     * Copy raw DER-encoded CRL
-     */
-    if( buflen == 0 )
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT );
-
-    p = mbedtls_calloc( 1, buflen );
-    if( p == NULL )
-        return( MBEDTLS_ERR_X509_ALLOC_FAILED );
-
-    memcpy( p, buf, buflen );
-
-    crl->raw.p = p;
-    crl->raw.len = buflen;
-
-    end = p + buflen;
-
-    /*
-     * CertificateList  ::=  SEQUENCE  {
-     *      tbsCertList          TBSCertList,
-     *      signatureAlgorithm   AlgorithmIdentifier,
-     *      signatureValue       BIT STRING  }
-     */
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        mbedtls_x509_crl_free( crl );
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT );
-    }
-
-    if( len != (size_t) ( end - p ) )
-    {
-        mbedtls_x509_crl_free( crl );
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-    }
-
-    /*
-     * TBSCertList  ::=  SEQUENCE  {
-     */
-    crl->tbs.p = p;
-
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        mbedtls_x509_crl_free( crl );
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
-    }
-
-    end = p + len;
-    crl->tbs.len = end - crl->tbs.p;
-
-    /*
-     * Version  ::=  INTEGER  OPTIONAL {  v1(0), v2(1)  }
-     *               -- if present, MUST be v2
-     *
-     * signature            AlgorithmIdentifier
-     */
-    if( ( ret = x509_crl_get_version( &p, end, &crl->version ) ) != 0 ||
-        ( ret = mbedtls_x509_get_alg( &p, end, &crl->sig_oid, &sig_params1 ) ) != 0 )
-    {
-        mbedtls_x509_crl_free( crl );
-        return( ret );
-    }
-
-    if( crl->version < 0 || crl->version > 1 )
-    {
-        mbedtls_x509_crl_free( crl );
-        return( MBEDTLS_ERR_X509_UNKNOWN_VERSION );
-    }
-
-    crl->version++;
-
-    if( ( ret = mbedtls_x509_get_sig_alg( &crl->sig_oid, &sig_params1,
-                                  &crl->sig_md, &crl->sig_pk,
-                                  &crl->sig_opts ) ) != 0 )
-    {
-        mbedtls_x509_crl_free( crl );
-        return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG );
-    }
-
-    /*
-     * issuer               Name
-     */
-    crl->issuer_raw.p = p;
-
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        mbedtls_x509_crl_free( crl );
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
-    }
-
-    if( ( ret = mbedtls_x509_get_name( &p, p + len, &crl->issuer ) ) != 0 )
-    {
-        mbedtls_x509_crl_free( crl );
-        return( ret );
-    }
-
-    crl->issuer_raw.len = p - crl->issuer_raw.p;
-
-    /*
-     * thisUpdate          Time
-     * nextUpdate          Time OPTIONAL
-     */
-    if( ( ret = mbedtls_x509_get_time( &p, end, &crl->this_update ) ) != 0 )
-    {
-        mbedtls_x509_crl_free( crl );
-        return( ret );
-    }
-
-    if( ( ret = mbedtls_x509_get_time( &p, end, &crl->next_update ) ) != 0 )
-    {
-        if( ret != ( MBEDTLS_ERR_X509_INVALID_DATE +
-                        MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) &&
-            ret != ( MBEDTLS_ERR_X509_INVALID_DATE +
-                        MBEDTLS_ERR_ASN1_OUT_OF_DATA ) )
-        {
-            mbedtls_x509_crl_free( crl );
-            return( ret );
-        }
-    }
-
-    /*
-     * revokedCertificates    SEQUENCE OF SEQUENCE   {
-     *      userCertificate        CertificateSerialNumber,
-     *      revocationDate         Time,
-     *      crlEntryExtensions     Extensions OPTIONAL
-     *                                   -- if present, MUST be v2
-     *                        } OPTIONAL
-     */
-    if( ( ret = x509_get_entries( &p, end, &crl->entry ) ) != 0 )
-    {
-        mbedtls_x509_crl_free( crl );
-        return( ret );
-    }
-
-    /*
-     * crlExtensions          EXPLICIT Extensions OPTIONAL
-     *                              -- if present, MUST be v2
-     */
-    if( crl->version == 2 )
-    {
-        ret = x509_get_crl_ext( &p, end, &crl->crl_ext );
-
-        if( ret != 0 )
-        {
-            mbedtls_x509_crl_free( crl );
-            return( ret );
-        }
-    }
-
-    if( p != end )
-    {
-        mbedtls_x509_crl_free( crl );
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-    }
-
-    end = crl->raw.p + crl->raw.len;
-
-    /*
-     *  signatureAlgorithm   AlgorithmIdentifier,
-     *  signatureValue       BIT STRING
-     */
-    if( ( ret = mbedtls_x509_get_alg( &p, end, &sig_oid2, &sig_params2 ) ) != 0 )
-    {
-        mbedtls_x509_crl_free( crl );
-        return( ret );
-    }
-
-    if( crl->sig_oid.len != sig_oid2.len ||
-        memcmp( crl->sig_oid.p, sig_oid2.p, crl->sig_oid.len ) != 0 ||
-        sig_params1.len != sig_params2.len ||
-        ( sig_params1.len != 0 &&
-          memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 ) )
-    {
-        mbedtls_x509_crl_free( crl );
-        return( MBEDTLS_ERR_X509_SIG_MISMATCH );
-    }
-
-    if( ( ret = mbedtls_x509_get_sig( &p, end, &crl->sig ) ) != 0 )
-    {
-        mbedtls_x509_crl_free( crl );
-        return( ret );
-    }
-
-    if( p != end )
-    {
-        mbedtls_x509_crl_free( crl );
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-    }
-
-    return( 0 );
-}
-
-/*
- * Parse one or more CRLs and add them to the chained list
- */
-int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen )
-{
-#if defined(MBEDTLS_PEM_PARSE_C)
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t use_len = 0;
-    mbedtls_pem_context pem;
-    int is_pem = 0;
-
-    if( chain == NULL || buf == NULL )
-        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
-
-    do
-    {
-        mbedtls_pem_init( &pem );
-
-        // Avoid calling mbedtls_pem_read_buffer() on non-null-terminated
-        // string
-        if( buflen == 0 || buf[buflen - 1] != '\0' )
-            ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
-        else
-            ret = mbedtls_pem_read_buffer( &pem,
-                                           "-----BEGIN X509 CRL-----",
-                                           "-----END X509 CRL-----",
-                                            buf, NULL, 0, &use_len );
-
-        if( ret == 0 )
-        {
-            /*
-             * Was PEM encoded
-             */
-            is_pem = 1;
-
-            buflen -= use_len;
-            buf += use_len;
-
-            if( ( ret = mbedtls_x509_crl_parse_der( chain,
-                                            pem.buf, pem.buflen ) ) != 0 )
-            {
-                mbedtls_pem_free( &pem );
-                return( ret );
-            }
-        }
-        else if( is_pem )
-        {
-            mbedtls_pem_free( &pem );
-            return( ret );
-        }
-
-        mbedtls_pem_free( &pem );
-    }
-    /* In the PEM case, buflen is 1 at the end, for the terminated NULL byte.
-     * And a valid CRL cannot be less than 1 byte anyway. */
-    while( is_pem && buflen > 1 );
-
-    if( is_pem )
-        return( 0 );
-    else
-#endif /* MBEDTLS_PEM_PARSE_C */
-        return( mbedtls_x509_crl_parse_der( chain, buf, buflen ) );
-}
-
-#if defined(MBEDTLS_FS_IO)
-/*
- * Load one or more CRLs and add them to the chained list
- */
-int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t n;
-    unsigned char *buf;
-
-    if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 )
-        return( ret );
-
-    ret = mbedtls_x509_crl_parse( chain, buf, n );
-
-    mbedtls_platform_zeroize( buf, n );
-    mbedtls_free( buf );
-
-    return( ret );
-}
-#endif /* MBEDTLS_FS_IO */
-
-/*
- * Return an informational string about the certificate.
- */
-#define BEFORE_COLON    14
-#define BC              "14"
-/*
- * Return an informational string about the CRL.
- */
-int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix,
-                   const mbedtls_x509_crl *crl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t n;
-    char *p;
-    const mbedtls_x509_crl_entry *entry;
-
-    p = buf;
-    n = size;
-
-    ret = mbedtls_snprintf( p, n, "%sCRL version   : %d",
-                               prefix, crl->version );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    ret = mbedtls_snprintf( p, n, "\n%sissuer name   : ", prefix );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-    ret = mbedtls_x509_dn_gets( p, n, &crl->issuer );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    ret = mbedtls_snprintf( p, n, "\n%sthis update   : " \
-                   "%04d-%02d-%02d %02d:%02d:%02d", prefix,
-                   crl->this_update.year, crl->this_update.mon,
-                   crl->this_update.day,  crl->this_update.hour,
-                   crl->this_update.min,  crl->this_update.sec );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    ret = mbedtls_snprintf( p, n, "\n%snext update   : " \
-                   "%04d-%02d-%02d %02d:%02d:%02d", prefix,
-                   crl->next_update.year, crl->next_update.mon,
-                   crl->next_update.day,  crl->next_update.hour,
-                   crl->next_update.min,  crl->next_update.sec );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    entry = &crl->entry;
-
-    ret = mbedtls_snprintf( p, n, "\n%sRevoked certificates:",
-                               prefix );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    while( entry != NULL && entry->raw.len != 0 )
-    {
-        ret = mbedtls_snprintf( p, n, "\n%sserial number: ",
-                               prefix );
-        MBEDTLS_X509_SAFE_SNPRINTF;
-
-        ret = mbedtls_x509_serial_gets( p, n, &entry->serial );
-        MBEDTLS_X509_SAFE_SNPRINTF;
-
-        ret = mbedtls_snprintf( p, n, " revocation date: " \
-                   "%04d-%02d-%02d %02d:%02d:%02d",
-                   entry->revocation_date.year, entry->revocation_date.mon,
-                   entry->revocation_date.day,  entry->revocation_date.hour,
-                   entry->revocation_date.min,  entry->revocation_date.sec );
-        MBEDTLS_X509_SAFE_SNPRINTF;
-
-        entry = entry->next;
-    }
-
-    ret = mbedtls_snprintf( p, n, "\n%ssigned using  : ", prefix );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    ret = mbedtls_x509_sig_alg_gets( p, n, &crl->sig_oid, crl->sig_pk, crl->sig_md,
-                             crl->sig_opts );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    ret = mbedtls_snprintf( p, n, "\n" );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    return( (int) ( size - n ) );
-}
-
-/*
- * Initialize a CRL chain
- */
-void mbedtls_x509_crl_init( mbedtls_x509_crl *crl )
-{
-    memset( crl, 0, sizeof(mbedtls_x509_crl) );
-}
-
-/*
- * Unallocate all CRL data
- */
-void mbedtls_x509_crl_free( mbedtls_x509_crl *crl )
-{
-    mbedtls_x509_crl *crl_cur = crl;
-    mbedtls_x509_crl *crl_prv;
-    mbedtls_x509_name *name_cur;
-    mbedtls_x509_name *name_prv;
-    mbedtls_x509_crl_entry *entry_cur;
-    mbedtls_x509_crl_entry *entry_prv;
-
-    if( crl == NULL )
-        return;
-
-    do
-    {
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
-        mbedtls_free( crl_cur->sig_opts );
-#endif
-
-        name_cur = crl_cur->issuer.next;
-        while( name_cur != NULL )
-        {
-            name_prv = name_cur;
-            name_cur = name_cur->next;
-            mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) );
-            mbedtls_free( name_prv );
-        }
-
-        entry_cur = crl_cur->entry.next;
-        while( entry_cur != NULL )
-        {
-            entry_prv = entry_cur;
-            entry_cur = entry_cur->next;
-            mbedtls_platform_zeroize( entry_prv,
-                                      sizeof( mbedtls_x509_crl_entry ) );
-            mbedtls_free( entry_prv );
-        }
-
-        if( crl_cur->raw.p != NULL )
-        {
-            mbedtls_platform_zeroize( crl_cur->raw.p, crl_cur->raw.len );
-            mbedtls_free( crl_cur->raw.p );
-        }
-
-        crl_cur = crl_cur->next;
-    }
-    while( crl_cur != NULL );
-
-    crl_cur = crl;
-    do
-    {
-        crl_prv = crl_cur;
-        crl_cur = crl_cur->next;
-
-        mbedtls_platform_zeroize( crl_prv, sizeof( mbedtls_x509_crl ) );
-        if( crl_prv != crl )
-            mbedtls_free( crl_prv );
-    }
-    while( crl_cur != NULL );
-}
-
-#endif /* MBEDTLS_X509_CRL_PARSE_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/x509_crt.c b/3rdparty/mbedtls-2.25.0/library/x509_crt.c
deleted file mode 100644
index a623c57..0000000
--- a/3rdparty/mbedtls-2.25.0/library/x509_crt.c
+++ /dev/null
@@ -1,3400 +0,0 @@
-/*
- *  X.509 certificate parsing and verification
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  The ITU-T X.509 standard defines a certificate format for PKI.
- *
- *  http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs)
- *  http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs)
- *  http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10)
- *
- *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
- *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
- *
- *  [SIRO] https://cabforum.org/wp-content/uploads/Chunghwatelecom201503cabforumV4.pdf
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-
-#include "mbedtls/x509_crt.h"
-#include "mbedtls/error.h"
-#include "mbedtls/oid.h"
-#include "mbedtls/platform_util.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_PEM_PARSE_C)
-#include "mbedtls/pem.h"
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "psa/crypto.h"
-#include "mbedtls/psa_util.h"
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_free       free
-#define mbedtls_calloc    calloc
-#define mbedtls_snprintf   snprintf
-#endif
-
-#if defined(MBEDTLS_THREADING_C)
-#include "mbedtls/threading.h"
-#endif
-
-#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
-#include <windows.h>
-#else
-#include <time.h>
-#endif
-
-#if defined(MBEDTLS_FS_IO)
-#include <stdio.h>
-#if !defined(_WIN32) || defined(EFIX64) || defined(EFI32)
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <dirent.h>
-#endif /* !_WIN32 || EFIX64 || EFI32 */
-#endif
-
-/*
- * Item in a verification chain: cert and flags for it
- */
-typedef struct {
-    mbedtls_x509_crt *crt;
-    uint32_t flags;
-} x509_crt_verify_chain_item;
-
-/*
- * Max size of verification chain: end-entity + intermediates + trusted root
- */
-#define X509_MAX_VERIFY_CHAIN_SIZE    ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 )
-
-/*
- * Default profile
- */
-const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default =
-{
-#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES)
-    /* Allow SHA-1 (weak, but still safe in controlled environments) */
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) |
-#endif
-    /* Only SHA-2 hashes */
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ),
-    0xFFFFFFF, /* Any PK alg    */
-    0xFFFFFFF, /* Any curve     */
-    2048,
-};
-
-/*
- * Next-default profile
- */
-const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next =
-{
-    /* Hashes from SHA-256 and above */
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ),
-    0xFFFFFFF, /* Any PK alg    */
-#if defined(MBEDTLS_ECP_C)
-    /* Curves at or above 128-bit security level */
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP521R1 ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP256R1 ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP384R1 ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP512R1 ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256K1 ),
-#else
-    0,
-#endif
-    2048,
-};
-
-/*
- * NSA Suite B Profile
- */
-const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb =
-{
-    /* Only SHA-256 and 384 */
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ),
-    /* Only ECDSA */
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_ECDSA ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_ECKEY ),
-#if defined(MBEDTLS_ECP_C)
-    /* Only NIST P-256 and P-384 */
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ),
-#else
-    0,
-#endif
-    0,
-};
-
-/*
- * Check md_alg against profile
- * Return 0 if md_alg is acceptable for this profile, -1 otherwise
- */
-static int x509_profile_check_md_alg( const mbedtls_x509_crt_profile *profile,
-                                      mbedtls_md_type_t md_alg )
-{
-    if( md_alg == MBEDTLS_MD_NONE )
-        return( -1 );
-
-    if( ( profile->allowed_mds & MBEDTLS_X509_ID_FLAG( md_alg ) ) != 0 )
-        return( 0 );
-
-    return( -1 );
-}
-
-/*
- * Check pk_alg against profile
- * Return 0 if pk_alg is acceptable for this profile, -1 otherwise
- */
-static int x509_profile_check_pk_alg( const mbedtls_x509_crt_profile *profile,
-                                      mbedtls_pk_type_t pk_alg )
-{
-    if( pk_alg == MBEDTLS_PK_NONE )
-        return( -1 );
-
-    if( ( profile->allowed_pks & MBEDTLS_X509_ID_FLAG( pk_alg ) ) != 0 )
-        return( 0 );
-
-    return( -1 );
-}
-
-/*
- * Check key against profile
- * Return 0 if pk is acceptable for this profile, -1 otherwise
- */
-static int x509_profile_check_key( const mbedtls_x509_crt_profile *profile,
-                                   const mbedtls_pk_context *pk )
-{
-    const mbedtls_pk_type_t pk_alg = mbedtls_pk_get_type( pk );
-
-#if defined(MBEDTLS_RSA_C)
-    if( pk_alg == MBEDTLS_PK_RSA || pk_alg == MBEDTLS_PK_RSASSA_PSS )
-    {
-        if( mbedtls_pk_get_bitlen( pk ) >= profile->rsa_min_bitlen )
-            return( 0 );
-
-        return( -1 );
-    }
-#endif
-
-#if defined(MBEDTLS_ECP_C)
-    if( pk_alg == MBEDTLS_PK_ECDSA ||
-        pk_alg == MBEDTLS_PK_ECKEY ||
-        pk_alg == MBEDTLS_PK_ECKEY_DH )
-    {
-        const mbedtls_ecp_group_id gid = mbedtls_pk_ec( *pk )->grp.id;
-
-        if( gid == MBEDTLS_ECP_DP_NONE )
-            return( -1 );
-
-        if( ( profile->allowed_curves & MBEDTLS_X509_ID_FLAG( gid ) ) != 0 )
-            return( 0 );
-
-        return( -1 );
-    }
-#endif
-
-    return( -1 );
-}
-
-/*
- * Like memcmp, but case-insensitive and always returns -1 if different
- */
-static int x509_memcasecmp( const void *s1, const void *s2, size_t len )
-{
-    size_t i;
-    unsigned char diff;
-    const unsigned char *n1 = s1, *n2 = s2;
-
-    for( i = 0; i < len; i++ )
-    {
-        diff = n1[i] ^ n2[i];
-
-        if( diff == 0 )
-            continue;
-
-        if( diff == 32 &&
-            ( ( n1[i] >= 'a' && n1[i] <= 'z' ) ||
-              ( n1[i] >= 'A' && n1[i] <= 'Z' ) ) )
-        {
-            continue;
-        }
-
-        return( -1 );
-    }
-
-    return( 0 );
-}
-
-/*
- * Return 0 if name matches wildcard, -1 otherwise
- */
-static int x509_check_wildcard( const char *cn, const mbedtls_x509_buf *name )
-{
-    size_t i;
-    size_t cn_idx = 0, cn_len = strlen( cn );
-
-    /* We can't have a match if there is no wildcard to match */
-    if( name->len < 3 || name->p[0] != '*' || name->p[1] != '.' )
-        return( -1 );
-
-    for( i = 0; i < cn_len; ++i )
-    {
-        if( cn[i] == '.' )
-        {
-            cn_idx = i;
-            break;
-        }
-    }
-
-    if( cn_idx == 0 )
-        return( -1 );
-
-    if( cn_len - cn_idx == name->len - 1 &&
-        x509_memcasecmp( name->p + 1, cn + cn_idx, name->len - 1 ) == 0 )
-    {
-        return( 0 );
-    }
-
-    return( -1 );
-}
-
-/*
- * Compare two X.509 strings, case-insensitive, and allowing for some encoding
- * variations (but not all).
- *
- * Return 0 if equal, -1 otherwise.
- */
-static int x509_string_cmp( const mbedtls_x509_buf *a, const mbedtls_x509_buf *b )
-{
-    if( a->tag == b->tag &&
-        a->len == b->len &&
-        memcmp( a->p, b->p, b->len ) == 0 )
-    {
-        return( 0 );
-    }
-
-    if( ( a->tag == MBEDTLS_ASN1_UTF8_STRING || a->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) &&
-        ( b->tag == MBEDTLS_ASN1_UTF8_STRING || b->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) &&
-        a->len == b->len &&
-        x509_memcasecmp( a->p, b->p, b->len ) == 0 )
-    {
-        return( 0 );
-    }
-
-    return( -1 );
-}
-
-/*
- * Compare two X.509 Names (aka rdnSequence).
- *
- * See RFC 5280 section 7.1, though we don't implement the whole algorithm:
- * we sometimes return unequal when the full algorithm would return equal,
- * but never the other way. (In particular, we don't do Unicode normalisation
- * or space folding.)
- *
- * Return 0 if equal, -1 otherwise.
- */
-static int x509_name_cmp( const mbedtls_x509_name *a, const mbedtls_x509_name *b )
-{
-    /* Avoid recursion, it might not be optimised by the compiler */
-    while( a != NULL || b != NULL )
-    {
-        if( a == NULL || b == NULL )
-            return( -1 );
-
-        /* type */
-        if( a->oid.tag != b->oid.tag ||
-            a->oid.len != b->oid.len ||
-            memcmp( a->oid.p, b->oid.p, b->oid.len ) != 0 )
-        {
-            return( -1 );
-        }
-
-        /* value */
-        if( x509_string_cmp( &a->val, &b->val ) != 0 )
-            return( -1 );
-
-        /* structure of the list of sets */
-        if( a->next_merged != b->next_merged )
-            return( -1 );
-
-        a = a->next;
-        b = b->next;
-    }
-
-    /* a == NULL == b */
-    return( 0 );
-}
-
-/*
- * Reset (init or clear) a verify_chain
- */
-static void x509_crt_verify_chain_reset(
-    mbedtls_x509_crt_verify_chain *ver_chain )
-{
-    size_t i;
-
-    for( i = 0; i < MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE; i++ )
-    {
-        ver_chain->items[i].crt = NULL;
-        ver_chain->items[i].flags = (uint32_t) -1;
-    }
-
-    ver_chain->len = 0;
-
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-    ver_chain->trust_ca_cb_result = NULL;
-#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
-}
-
-/*
- *  Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
- */
-static int x509_get_version( unsigned char **p,
-                             const unsigned char *end,
-                             int *ver )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
-            MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) != 0 )
-    {
-        if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
-        {
-            *ver = 0;
-            return( 0 );
-        }
-
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
-    }
-
-    end = *p + len;
-
-    if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_VERSION + ret );
-
-    if( *p != end )
-        return( MBEDTLS_ERR_X509_INVALID_VERSION +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    return( 0 );
-}
-
-/*
- *  Validity ::= SEQUENCE {
- *       notBefore      Time,
- *       notAfter       Time }
- */
-static int x509_get_dates( unsigned char **p,
-                           const unsigned char *end,
-                           mbedtls_x509_time *from,
-                           mbedtls_x509_time *to )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_DATE + ret );
-
-    end = *p + len;
-
-    if( ( ret = mbedtls_x509_get_time( p, end, from ) ) != 0 )
-        return( ret );
-
-    if( ( ret = mbedtls_x509_get_time( p, end, to ) ) != 0 )
-        return( ret );
-
-    if( *p != end )
-        return( MBEDTLS_ERR_X509_INVALID_DATE +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    return( 0 );
-}
-
-/*
- * X.509 v2/v3 unique identifier (not parsed)
- */
-static int x509_get_uid( unsigned char **p,
-                         const unsigned char *end,
-                         mbedtls_x509_buf *uid, int n )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( *p == end )
-        return( 0 );
-
-    uid->tag = **p;
-
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &uid->len,
-            MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | n ) ) != 0 )
-    {
-        if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
-            return( 0 );
-
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
-    }
-
-    uid->p = *p;
-    *p += uid->len;
-
-    return( 0 );
-}
-
-static int x509_get_basic_constraints( unsigned char **p,
-                                       const unsigned char *end,
-                                       int *ca_istrue,
-                                       int *max_pathlen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-
-    /*
-     * BasicConstraints ::= SEQUENCE {
-     *      cA                      BOOLEAN DEFAULT FALSE,
-     *      pathLenConstraint       INTEGER (0..MAX) OPTIONAL }
-     */
-    *ca_istrue = 0; /* DEFAULT FALSE */
-    *max_pathlen = 0; /* endless */
-
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-    if( *p == end )
-        return( 0 );
-
-    if( ( ret = mbedtls_asn1_get_bool( p, end, ca_istrue ) ) != 0 )
-    {
-        if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
-            ret = mbedtls_asn1_get_int( p, end, ca_istrue );
-
-        if( ret != 0 )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-        if( *ca_istrue != 0 )
-            *ca_istrue = 1;
-    }
-
-    if( *p == end )
-        return( 0 );
-
-    if( ( ret = mbedtls_asn1_get_int( p, end, max_pathlen ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-    if( *p != end )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    /* Do not accept max_pathlen equal to INT_MAX to avoid a signed integer
-     * overflow, which is an undefined behavior. */
-    if( *max_pathlen == INT_MAX )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                MBEDTLS_ERR_ASN1_INVALID_LENGTH );
-
-    (*max_pathlen)++;
-
-    return( 0 );
-}
-
-static int x509_get_ns_cert_type( unsigned char **p,
-                                       const unsigned char *end,
-                                       unsigned char *ns_cert_type)
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_x509_bitstring bs = { 0, 0, NULL };
-
-    if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-    if( bs.len != 1 )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                MBEDTLS_ERR_ASN1_INVALID_LENGTH );
-
-    /* Get actual bitstring */
-    *ns_cert_type = *bs.p;
-    return( 0 );
-}
-
-static int x509_get_key_usage( unsigned char **p,
-                               const unsigned char *end,
-                               unsigned int *key_usage)
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t i;
-    mbedtls_x509_bitstring bs = { 0, 0, NULL };
-
-    if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-    if( bs.len < 1 )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                MBEDTLS_ERR_ASN1_INVALID_LENGTH );
-
-    /* Get actual bitstring */
-    *key_usage = 0;
-    for( i = 0; i < bs.len && i < sizeof( unsigned int ); i++ )
-    {
-        *key_usage |= (unsigned int) bs.p[i] << (8*i);
-    }
-
-    return( 0 );
-}
-
-/*
- * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
- *
- * KeyPurposeId ::= OBJECT IDENTIFIER
- */
-static int x509_get_ext_key_usage( unsigned char **p,
-                               const unsigned char *end,
-                               mbedtls_x509_sequence *ext_key_usage)
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ( ret = mbedtls_asn1_get_sequence_of( p, end, ext_key_usage, MBEDTLS_ASN1_OID ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-    /* Sequence length must be >= 1 */
-    if( ext_key_usage->buf.p == NULL )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                MBEDTLS_ERR_ASN1_INVALID_LENGTH );
-
-    return( 0 );
-}
-
-/*
- * SubjectAltName ::= GeneralNames
- *
- * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
- *
- * GeneralName ::= CHOICE {
- *      otherName                       [0]     OtherName,
- *      rfc822Name                      [1]     IA5String,
- *      dNSName                         [2]     IA5String,
- *      x400Address                     [3]     ORAddress,
- *      directoryName                   [4]     Name,
- *      ediPartyName                    [5]     EDIPartyName,
- *      uniformResourceIdentifier       [6]     IA5String,
- *      iPAddress                       [7]     OCTET STRING,
- *      registeredID                    [8]     OBJECT IDENTIFIER }
- *
- * OtherName ::= SEQUENCE {
- *      type-id    OBJECT IDENTIFIER,
- *      value      [0] EXPLICIT ANY DEFINED BY type-id }
- *
- * EDIPartyName ::= SEQUENCE {
- *      nameAssigner            [0]     DirectoryString OPTIONAL,
- *      partyName               [1]     DirectoryString }
- *
- * NOTE: we list all types, but only use dNSName and otherName
- * of type HwModuleName, as defined in RFC 4108, at this point.
- */
-static int x509_get_subject_alt_name( unsigned char **p,
-                                      const unsigned char *end,
-                                      mbedtls_x509_sequence *subject_alt_name )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len, tag_len;
-    mbedtls_asn1_buf *buf;
-    unsigned char tag;
-    mbedtls_asn1_sequence *cur = subject_alt_name;
-
-    /* Get main sequence tag */
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-    if( *p + len != end )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    while( *p < end )
-    {
-        mbedtls_x509_subject_alternative_name dummy_san_buf;
-        memset( &dummy_san_buf, 0, sizeof( dummy_san_buf ) );
-
-        tag = **p;
-        (*p)++;
-        if( ( ret = mbedtls_asn1_get_len( p, end, &tag_len ) ) != 0 )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-        if( ( tag & MBEDTLS_ASN1_TAG_CLASS_MASK ) !=
-                MBEDTLS_ASN1_CONTEXT_SPECIFIC )
-        {
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                    MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
-        }
-
-        /*
-         * Check that the SAN is structured correctly.
-         */
-        ret = mbedtls_x509_parse_subject_alt_name( &(cur->buf), &dummy_san_buf );
-        /*
-         * In case the extension is malformed, return an error,
-         * and clear the allocated sequences.
-         */
-        if( ret != 0 && ret != MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE )
-        {
-            mbedtls_x509_sequence *seq_cur = subject_alt_name->next;
-            mbedtls_x509_sequence *seq_prv;
-            while( seq_cur != NULL )
-            {
-                seq_prv = seq_cur;
-                seq_cur = seq_cur->next;
-                mbedtls_platform_zeroize( seq_prv,
-                                          sizeof( mbedtls_x509_sequence ) );
-                mbedtls_free( seq_prv );
-            }
-            subject_alt_name->next = NULL;
-            return( ret );
-        }
-
-        /* Allocate and assign next pointer */
-        if( cur->buf.p != NULL )
-        {
-            if( cur->next != NULL )
-                return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS );
-
-            cur->next = mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) );
-
-            if( cur->next == NULL )
-                return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                        MBEDTLS_ERR_ASN1_ALLOC_FAILED );
-
-            cur = cur->next;
-        }
-
-        buf = &(cur->buf);
-        buf->tag = tag;
-        buf->p = *p;
-        buf->len = tag_len;
-        *p += buf->len;
-    }
-
-    /* Set final sequence entry's next pointer to NULL */
-    cur->next = NULL;
-
-    if( *p != end )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    return( 0 );
-}
-
-/*
- * id-ce-certificatePolicies OBJECT IDENTIFIER ::=  { id-ce 32 }
- *
- * anyPolicy OBJECT IDENTIFIER ::= { id-ce-certificatePolicies 0 }
- *
- * certificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
- *
- * PolicyInformation ::= SEQUENCE {
- *     policyIdentifier   CertPolicyId,
- *     policyQualifiers   SEQUENCE SIZE (1..MAX) OF
- *                             PolicyQualifierInfo OPTIONAL }
- *
- * CertPolicyId ::= OBJECT IDENTIFIER
- *
- * PolicyQualifierInfo ::= SEQUENCE {
- *      policyQualifierId  PolicyQualifierId,
- *      qualifier          ANY DEFINED BY policyQualifierId }
- *
- * -- policyQualifierIds for Internet policy qualifiers
- *
- * id-qt          OBJECT IDENTIFIER ::=  { id-pkix 2 }
- * id-qt-cps      OBJECT IDENTIFIER ::=  { id-qt 1 }
- * id-qt-unotice  OBJECT IDENTIFIER ::=  { id-qt 2 }
- *
- * PolicyQualifierId ::= OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
- *
- * Qualifier ::= CHOICE {
- *      cPSuri           CPSuri,
- *      userNotice       UserNotice }
- *
- * CPSuri ::= IA5String
- *
- * UserNotice ::= SEQUENCE {
- *      noticeRef        NoticeReference OPTIONAL,
- *      explicitText     DisplayText OPTIONAL }
- *
- * NoticeReference ::= SEQUENCE {
- *      organization     DisplayText,
- *      noticeNumbers    SEQUENCE OF INTEGER }
- *
- * DisplayText ::= CHOICE {
- *      ia5String        IA5String      (SIZE (1..200)),
- *      visibleString    VisibleString  (SIZE (1..200)),
- *      bmpString        BMPString      (SIZE (1..200)),
- *      utf8String       UTF8String     (SIZE (1..200)) }
- *
- * NOTE: we only parse and use anyPolicy without qualifiers at this point
- * as defined in RFC 5280.
- */
-static int x509_get_certificate_policies( unsigned char **p,
-                                          const unsigned char *end,
-                                          mbedtls_x509_sequence *certificate_policies )
-{
-    int ret, parse_ret = 0;
-    size_t len;
-    mbedtls_asn1_buf *buf;
-    mbedtls_asn1_sequence *cur = certificate_policies;
-
-    /* Get main sequence tag */
-    ret = mbedtls_asn1_get_tag( p, end, &len,
-                             MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE );
-    if( ret != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-    if( *p + len != end )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    /*
-     * Cannot be an empty sequence.
-     */
-    if( len == 0 )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    while( *p < end )
-    {
-        mbedtls_x509_buf policy_oid;
-        const unsigned char *policy_end;
-
-        /*
-         * Get the policy sequence
-         */
-        if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
-                MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-        policy_end = *p + len;
-
-        if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len,
-                                          MBEDTLS_ASN1_OID ) ) != 0 )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-        policy_oid.tag = MBEDTLS_ASN1_OID;
-        policy_oid.len = len;
-        policy_oid.p = *p;
-
-        /*
-         * Only AnyPolicy is currently supported when enforcing policy.
-         */
-        if( MBEDTLS_OID_CMP( MBEDTLS_OID_ANY_POLICY, &policy_oid ) != 0 )
-        {
-            /*
-             * Set the parsing return code but continue parsing, in case this
-             * extension is critical and MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
-             * is configured.
-             */
-            parse_ret = MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE;
-        }
-
-        /* Allocate and assign next pointer */
-        if( cur->buf.p != NULL )
-        {
-            if( cur->next != NULL )
-                return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS );
-
-            cur->next = mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) );
-
-            if( cur->next == NULL )
-                return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                        MBEDTLS_ERR_ASN1_ALLOC_FAILED );
-
-            cur = cur->next;
-        }
-
-        buf = &( cur->buf );
-        buf->tag = policy_oid.tag;
-        buf->p = policy_oid.p;
-        buf->len = policy_oid.len;
-
-        *p += len;
-
-       /*
-        * If there is an optional qualifier, then *p < policy_end
-        * Check the Qualifier len to verify it doesn't exceed policy_end.
-        */
-        if( *p < policy_end )
-        {
-            if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len,
-                     MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-                return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-            /*
-             * Skip the optional policy qualifiers.
-             */
-            *p += len;
-        }
-
-        if( *p != policy_end )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                    MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-    }
-
-    /* Set final sequence entry's next pointer to NULL */
-    cur->next = NULL;
-
-    if( *p != end )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    return( parse_ret );
-}
-
-/*
- * X.509 v3 extensions
- *
- */
-static int x509_get_crt_ext( unsigned char **p,
-                             const unsigned char *end,
-                             mbedtls_x509_crt *crt,
-                             mbedtls_x509_crt_ext_cb_t cb,
-                             void *p_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-    unsigned char *end_ext_data, *start_ext_octet, *end_ext_octet;
-
-    if( *p == end )
-        return( 0 );
-
-    if( ( ret = mbedtls_x509_get_ext( p, end, &crt->v3_ext, 3 ) ) != 0 )
-        return( ret );
-
-    end = crt->v3_ext.p + crt->v3_ext.len;
-    while( *p < end )
-    {
-        /*
-         * Extension  ::=  SEQUENCE  {
-         *      extnID      OBJECT IDENTIFIER,
-         *      critical    BOOLEAN DEFAULT FALSE,
-         *      extnValue   OCTET STRING  }
-         */
-        mbedtls_x509_buf extn_oid = {0, 0, NULL};
-        int is_critical = 0; /* DEFAULT FALSE */
-        int ext_type = 0;
-
-        if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
-                MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-        end_ext_data = *p + len;
-
-        /* Get extension ID */
-        if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &extn_oid.len,
-                                          MBEDTLS_ASN1_OID ) ) != 0 )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-        extn_oid.tag = MBEDTLS_ASN1_OID;
-        extn_oid.p = *p;
-        *p += extn_oid.len;
-
-        /* Get optional critical */
-        if( ( ret = mbedtls_asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 &&
-            ( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-        /* Data should be octet string type */
-        if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len,
-                MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-        start_ext_octet = *p;
-        end_ext_octet = *p + len;
-
-        if( end_ext_octet != end_ext_data )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                    MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-        /*
-         * Detect supported extensions
-         */
-        ret = mbedtls_oid_get_x509_ext_type( &extn_oid, &ext_type );
-
-        if( ret != 0 )
-        {
-            /* Give the callback (if any) a chance to handle the extension */
-            if( cb != NULL )
-            {
-                ret = cb( p_ctx, crt, &extn_oid, is_critical, *p, end_ext_octet );
-                if( ret != 0 && is_critical )
-                    return( ret );
-                *p = end_ext_octet;
-                continue;
-            }
-
-            /* No parser found, skip extension */
-            *p = end_ext_octet;
-
-#if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
-            if( is_critical )
-            {
-                /* Data is marked as critical: fail */
-                return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                        MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
-            }
-#endif
-            continue;
-        }
-
-        /* Forbid repeated extensions */
-        if( ( crt->ext_types & ext_type ) != 0 )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS );
-
-        crt->ext_types |= ext_type;
-
-        switch( ext_type )
-        {
-        case MBEDTLS_X509_EXT_BASIC_CONSTRAINTS:
-            /* Parse basic constraints */
-            if( ( ret = x509_get_basic_constraints( p, end_ext_octet,
-                    &crt->ca_istrue, &crt->max_pathlen ) ) != 0 )
-                return( ret );
-            break;
-
-        case MBEDTLS_X509_EXT_KEY_USAGE:
-            /* Parse key usage */
-            if( ( ret = x509_get_key_usage( p, end_ext_octet,
-                    &crt->key_usage ) ) != 0 )
-                return( ret );
-            break;
-
-        case MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE:
-            /* Parse extended key usage */
-            if( ( ret = x509_get_ext_key_usage( p, end_ext_octet,
-                    &crt->ext_key_usage ) ) != 0 )
-                return( ret );
-            break;
-
-        case MBEDTLS_X509_EXT_SUBJECT_ALT_NAME:
-            /* Parse subject alt name */
-            if( ( ret = x509_get_subject_alt_name( p, end_ext_octet,
-                    &crt->subject_alt_names ) ) != 0 )
-                return( ret );
-            break;
-
-        case MBEDTLS_X509_EXT_NS_CERT_TYPE:
-            /* Parse netscape certificate type */
-            if( ( ret = x509_get_ns_cert_type( p, end_ext_octet,
-                    &crt->ns_cert_type ) ) != 0 )
-                return( ret );
-            break;
-
-        case MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES:
-            /* Parse certificate policies type */
-            if( ( ret = x509_get_certificate_policies( p, end_ext_octet,
-                    &crt->certificate_policies ) ) != 0 )
-            {
-                /* Give the callback (if any) a chance to handle the extension
-                 * if it contains unsupported policies */
-                if( ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE && cb != NULL &&
-                    cb( p_ctx, crt, &extn_oid, is_critical,
-                        start_ext_octet, end_ext_octet ) == 0 )
-                    break;
-
-#if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
-                if( is_critical )
-                    return( ret );
-                else
-#endif
-                /*
-                 * If MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE is returned, then we
-                 * cannot interpret or enforce the policy. However, it is up to
-                 * the user to choose how to enforce the policies,
-                 * unless the extension is critical.
-                 */
-                if( ret != MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE )
-                    return( ret );
-            }
-            break;
-
-        default:
-            /*
-             * If this is a non-critical extension, which the oid layer
-             * supports, but there isn't an x509 parser for it,
-             * skip the extension.
-             */
-#if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
-            if( is_critical )
-                return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE );
-            else
-#endif
-                *p = end_ext_octet;
-        }
-    }
-
-    if( *p != end )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-    return( 0 );
-}
-
-/*
- * Parse and fill a single X.509 certificate in DER format
- */
-static int x509_crt_parse_der_core( mbedtls_x509_crt *crt,
-                                    const unsigned char *buf,
-                                    size_t buflen,
-                                    int make_copy,
-                                    mbedtls_x509_crt_ext_cb_t cb,
-                                    void *p_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-    unsigned char *p, *end, *crt_end;
-    mbedtls_x509_buf sig_params1, sig_params2, sig_oid2;
-
-    memset( &sig_params1, 0, sizeof( mbedtls_x509_buf ) );
-    memset( &sig_params2, 0, sizeof( mbedtls_x509_buf ) );
-    memset( &sig_oid2, 0, sizeof( mbedtls_x509_buf ) );
-
-    /*
-     * Check for valid input
-     */
-    if( crt == NULL || buf == NULL )
-        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
-
-    /* Use the original buffer until we figure out actual length. */
-    p = (unsigned char*) buf;
-    len = buflen;
-    end = p + len;
-
-    /*
-     * Certificate  ::=  SEQUENCE  {
-     *      tbsCertificate       TBSCertificate,
-     *      signatureAlgorithm   AlgorithmIdentifier,
-     *      signatureValue       BIT STRING  }
-     */
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        mbedtls_x509_crt_free( crt );
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT );
-    }
-
-    end = crt_end = p + len;
-    crt->raw.len = crt_end - buf;
-    if( make_copy != 0 )
-    {
-        /* Create and populate a new buffer for the raw field. */
-        crt->raw.p = p = mbedtls_calloc( 1, crt->raw.len );
-        if( crt->raw.p == NULL )
-            return( MBEDTLS_ERR_X509_ALLOC_FAILED );
-
-        memcpy( crt->raw.p, buf, crt->raw.len );
-        crt->own_buffer = 1;
-
-        p += crt->raw.len - len;
-        end = crt_end = p + len;
-    }
-    else
-    {
-        crt->raw.p = (unsigned char*) buf;
-        crt->own_buffer = 0;
-    }
-
-    /*
-     * TBSCertificate  ::=  SEQUENCE  {
-     */
-    crt->tbs.p = p;
-
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        mbedtls_x509_crt_free( crt );
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
-    }
-
-    end = p + len;
-    crt->tbs.len = end - crt->tbs.p;
-
-    /*
-     * Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
-     *
-     * CertificateSerialNumber  ::=  INTEGER
-     *
-     * signature            AlgorithmIdentifier
-     */
-    if( ( ret = x509_get_version(  &p, end, &crt->version  ) ) != 0 ||
-        ( ret = mbedtls_x509_get_serial(   &p, end, &crt->serial   ) ) != 0 ||
-        ( ret = mbedtls_x509_get_alg(      &p, end, &crt->sig_oid,
-                                            &sig_params1 ) ) != 0 )
-    {
-        mbedtls_x509_crt_free( crt );
-        return( ret );
-    }
-
-    if( crt->version < 0 || crt->version > 2 )
-    {
-        mbedtls_x509_crt_free( crt );
-        return( MBEDTLS_ERR_X509_UNKNOWN_VERSION );
-    }
-
-    crt->version++;
-
-    if( ( ret = mbedtls_x509_get_sig_alg( &crt->sig_oid, &sig_params1,
-                                  &crt->sig_md, &crt->sig_pk,
-                                  &crt->sig_opts ) ) != 0 )
-    {
-        mbedtls_x509_crt_free( crt );
-        return( ret );
-    }
-
-    /*
-     * issuer               Name
-     */
-    crt->issuer_raw.p = p;
-
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        mbedtls_x509_crt_free( crt );
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
-    }
-
-    if( ( ret = mbedtls_x509_get_name( &p, p + len, &crt->issuer ) ) != 0 )
-    {
-        mbedtls_x509_crt_free( crt );
-        return( ret );
-    }
-
-    crt->issuer_raw.len = p - crt->issuer_raw.p;
-
-    /*
-     * Validity ::= SEQUENCE {
-     *      notBefore      Time,
-     *      notAfter       Time }
-     *
-     */
-    if( ( ret = x509_get_dates( &p, end, &crt->valid_from,
-                                         &crt->valid_to ) ) != 0 )
-    {
-        mbedtls_x509_crt_free( crt );
-        return( ret );
-    }
-
-    /*
-     * subject              Name
-     */
-    crt->subject_raw.p = p;
-
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        mbedtls_x509_crt_free( crt );
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
-    }
-
-    if( len && ( ret = mbedtls_x509_get_name( &p, p + len, &crt->subject ) ) != 0 )
-    {
-        mbedtls_x509_crt_free( crt );
-        return( ret );
-    }
-
-    crt->subject_raw.len = p - crt->subject_raw.p;
-
-    /*
-     * SubjectPublicKeyInfo
-     */
-    crt->pk_raw.p = p;
-    if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &crt->pk ) ) != 0 )
-    {
-        mbedtls_x509_crt_free( crt );
-        return( ret );
-    }
-    crt->pk_raw.len = p - crt->pk_raw.p;
-
-    /*
-     *  issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
-     *                       -- If present, version shall be v2 or v3
-     *  subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
-     *                       -- If present, version shall be v2 or v3
-     *  extensions      [3]  EXPLICIT Extensions OPTIONAL
-     *                       -- If present, version shall be v3
-     */
-    if( crt->version == 2 || crt->version == 3 )
-    {
-        ret = x509_get_uid( &p, end, &crt->issuer_id,  1 );
-        if( ret != 0 )
-        {
-            mbedtls_x509_crt_free( crt );
-            return( ret );
-        }
-    }
-
-    if( crt->version == 2 || crt->version == 3 )
-    {
-        ret = x509_get_uid( &p, end, &crt->subject_id,  2 );
-        if( ret != 0 )
-        {
-            mbedtls_x509_crt_free( crt );
-            return( ret );
-        }
-    }
-
-#if !defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3)
-    if( crt->version == 3 )
-#endif
-    {
-        ret = x509_get_crt_ext( &p, end, crt, cb, p_ctx );
-        if( ret != 0 )
-        {
-            mbedtls_x509_crt_free( crt );
-            return( ret );
-        }
-    }
-
-    if( p != end )
-    {
-        mbedtls_x509_crt_free( crt );
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-    }
-
-    end = crt_end;
-
-    /*
-     *  }
-     *  -- end of TBSCertificate
-     *
-     *  signatureAlgorithm   AlgorithmIdentifier,
-     *  signatureValue       BIT STRING
-     */
-    if( ( ret = mbedtls_x509_get_alg( &p, end, &sig_oid2, &sig_params2 ) ) != 0 )
-    {
-        mbedtls_x509_crt_free( crt );
-        return( ret );
-    }
-
-    if( crt->sig_oid.len != sig_oid2.len ||
-        memcmp( crt->sig_oid.p, sig_oid2.p, crt->sig_oid.len ) != 0 ||
-        sig_params1.tag != sig_params2.tag ||
-        sig_params1.len != sig_params2.len ||
-        ( sig_params1.len != 0 &&
-          memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 ) )
-    {
-        mbedtls_x509_crt_free( crt );
-        return( MBEDTLS_ERR_X509_SIG_MISMATCH );
-    }
-
-    if( ( ret = mbedtls_x509_get_sig( &p, end, &crt->sig ) ) != 0 )
-    {
-        mbedtls_x509_crt_free( crt );
-        return( ret );
-    }
-
-    if( p != end )
-    {
-        mbedtls_x509_crt_free( crt );
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-    }
-
-    return( 0 );
-}
-
-/*
- * Parse one X.509 certificate in DER format from a buffer and add them to a
- * chained list
- */
-static int mbedtls_x509_crt_parse_der_internal( mbedtls_x509_crt *chain,
-                                                const unsigned char *buf,
-                                                size_t buflen,
-                                                int make_copy,
-                                                mbedtls_x509_crt_ext_cb_t cb,
-                                                void *p_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_x509_crt *crt = chain, *prev = NULL;
-
-    /*
-     * Check for valid input
-     */
-    if( crt == NULL || buf == NULL )
-        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
-
-    while( crt->version != 0 && crt->next != NULL )
-    {
-        prev = crt;
-        crt = crt->next;
-    }
-
-    /*
-     * Add new certificate on the end of the chain if needed.
-     */
-    if( crt->version != 0 && crt->next == NULL )
-    {
-        crt->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
-
-        if( crt->next == NULL )
-            return( MBEDTLS_ERR_X509_ALLOC_FAILED );
-
-        prev = crt;
-        mbedtls_x509_crt_init( crt->next );
-        crt = crt->next;
-    }
-
-    ret = x509_crt_parse_der_core( crt, buf, buflen, make_copy, cb, p_ctx );
-    if( ret != 0 )
-    {
-        if( prev )
-            prev->next = NULL;
-
-        if( crt != chain )
-            mbedtls_free( crt );
-
-        return( ret );
-    }
-
-    return( 0 );
-}
-
-int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain,
-                                       const unsigned char *buf,
-                                       size_t buflen )
-{
-    return( mbedtls_x509_crt_parse_der_internal( chain, buf, buflen, 0, NULL, NULL ) );
-}
-
-int mbedtls_x509_crt_parse_der_with_ext_cb( mbedtls_x509_crt *chain,
-                                            const unsigned char *buf,
-                                            size_t buflen,
-                                            int make_copy,
-                                            mbedtls_x509_crt_ext_cb_t cb,
-                                            void *p_ctx )
-{
-    return( mbedtls_x509_crt_parse_der_internal( chain, buf, buflen, make_copy, cb, p_ctx ) );
-}
-
-int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain,
-                                const unsigned char *buf,
-                                size_t buflen )
-{
-    return( mbedtls_x509_crt_parse_der_internal( chain, buf, buflen, 1, NULL, NULL ) );
-}
-
-/*
- * Parse one or more PEM certificates from a buffer and add them to the chained
- * list
- */
-int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain,
-                            const unsigned char *buf,
-                            size_t buflen )
-{
-#if defined(MBEDTLS_PEM_PARSE_C)
-    int success = 0, first_error = 0, total_failed = 0;
-    int buf_format = MBEDTLS_X509_FORMAT_DER;
-#endif
-
-    /*
-     * Check for valid input
-     */
-    if( chain == NULL || buf == NULL )
-        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
-
-    /*
-     * Determine buffer content. Buffer contains either one DER certificate or
-     * one or more PEM certificates.
-     */
-#if defined(MBEDTLS_PEM_PARSE_C)
-    if( buflen != 0 && buf[buflen - 1] == '\0' &&
-        strstr( (const char *) buf, "-----BEGIN CERTIFICATE-----" ) != NULL )
-    {
-        buf_format = MBEDTLS_X509_FORMAT_PEM;
-    }
-
-    if( buf_format == MBEDTLS_X509_FORMAT_DER )
-        return mbedtls_x509_crt_parse_der( chain, buf, buflen );
-#else
-    return mbedtls_x509_crt_parse_der( chain, buf, buflen );
-#endif
-
-#if defined(MBEDTLS_PEM_PARSE_C)
-    if( buf_format == MBEDTLS_X509_FORMAT_PEM )
-    {
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-        mbedtls_pem_context pem;
-
-        /* 1 rather than 0 since the terminating NULL byte is counted in */
-        while( buflen > 1 )
-        {
-            size_t use_len;
-            mbedtls_pem_init( &pem );
-
-            /* If we get there, we know the string is null-terminated */
-            ret = mbedtls_pem_read_buffer( &pem,
-                           "-----BEGIN CERTIFICATE-----",
-                           "-----END CERTIFICATE-----",
-                           buf, NULL, 0, &use_len );
-
-            if( ret == 0 )
-            {
-                /*
-                 * Was PEM encoded
-                 */
-                buflen -= use_len;
-                buf += use_len;
-            }
-            else if( ret == MBEDTLS_ERR_PEM_BAD_INPUT_DATA )
-            {
-                return( ret );
-            }
-            else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
-            {
-                mbedtls_pem_free( &pem );
-
-                /*
-                 * PEM header and footer were found
-                 */
-                buflen -= use_len;
-                buf += use_len;
-
-                if( first_error == 0 )
-                    first_error = ret;
-
-                total_failed++;
-                continue;
-            }
-            else
-                break;
-
-            ret = mbedtls_x509_crt_parse_der( chain, pem.buf, pem.buflen );
-
-            mbedtls_pem_free( &pem );
-
-            if( ret != 0 )
-            {
-                /*
-                 * Quit parsing on a memory error
-                 */
-                if( ret == MBEDTLS_ERR_X509_ALLOC_FAILED )
-                    return( ret );
-
-                if( first_error == 0 )
-                    first_error = ret;
-
-                total_failed++;
-                continue;
-            }
-
-            success = 1;
-        }
-    }
-
-    if( success )
-        return( total_failed );
-    else if( first_error )
-        return( first_error );
-    else
-        return( MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT );
-#endif /* MBEDTLS_PEM_PARSE_C */
-}
-
-#if defined(MBEDTLS_FS_IO)
-/*
- * Load one or more certificates and add them to the chained list
- */
-int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t n;
-    unsigned char *buf;
-
-    if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 )
-        return( ret );
-
-    ret = mbedtls_x509_crt_parse( chain, buf, n );
-
-    mbedtls_platform_zeroize( buf, n );
-    mbedtls_free( buf );
-
-    return( ret );
-}
-
-int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
-{
-    int ret = 0;
-#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
-    int w_ret;
-    WCHAR szDir[MAX_PATH];
-    char filename[MAX_PATH];
-    char *p;
-    size_t len = strlen( path );
-
-    WIN32_FIND_DATAW file_data;
-    HANDLE hFind;
-
-    if( len > MAX_PATH - 3 )
-        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
-
-    memset( szDir, 0, sizeof(szDir) );
-    memset( filename, 0, MAX_PATH );
-    memcpy( filename, path, len );
-    filename[len++] = '\\';
-    p = filename + len;
-    filename[len++] = '*';
-
-    w_ret = MultiByteToWideChar( CP_ACP, 0, filename, (int)len, szDir,
-                                 MAX_PATH - 3 );
-    if( w_ret == 0 )
-        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
-
-    hFind = FindFirstFileW( szDir, &file_data );
-    if( hFind == INVALID_HANDLE_VALUE )
-        return( MBEDTLS_ERR_X509_FILE_IO_ERROR );
-
-    len = MAX_PATH - len;
-    do
-    {
-        memset( p, 0, len );
-
-        if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY )
-            continue;
-
-        w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName,
-                                     lstrlenW( file_data.cFileName ),
-                                     p, (int) len - 1,
-                                     NULL, NULL );
-        if( w_ret == 0 )
-        {
-            ret = MBEDTLS_ERR_X509_FILE_IO_ERROR;
-            goto cleanup;
-        }
-
-        w_ret = mbedtls_x509_crt_parse_file( chain, filename );
-        if( w_ret < 0 )
-            ret++;
-        else
-            ret += w_ret;
-    }
-    while( FindNextFileW( hFind, &file_data ) != 0 );
-
-    if( GetLastError() != ERROR_NO_MORE_FILES )
-        ret = MBEDTLS_ERR_X509_FILE_IO_ERROR;
-
-cleanup:
-    FindClose( hFind );
-#else /* _WIN32 */
-    int t_ret;
-    int snp_ret;
-    struct stat sb;
-    struct dirent *entry;
-    char entry_name[MBEDTLS_X509_MAX_FILE_PATH_LEN];
-    DIR *dir = opendir( path );
-
-    if( dir == NULL )
-        return( MBEDTLS_ERR_X509_FILE_IO_ERROR );
-
-#if defined(MBEDTLS_THREADING_C)
-    if( ( ret = mbedtls_mutex_lock( &mbedtls_threading_readdir_mutex ) ) != 0 )
-    {
-        closedir( dir );
-        return( ret );
-    }
-#endif /* MBEDTLS_THREADING_C */
-
-    while( ( entry = readdir( dir ) ) != NULL )
-    {
-        snp_ret = mbedtls_snprintf( entry_name, sizeof entry_name,
-                                    "%s/%s", path, entry->d_name );
-
-        if( snp_ret < 0 || (size_t)snp_ret >= sizeof entry_name )
-        {
-            ret = MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
-            goto cleanup;
-        }
-        else if( stat( entry_name, &sb ) == -1 )
-        {
-            ret = MBEDTLS_ERR_X509_FILE_IO_ERROR;
-            goto cleanup;
-        }
-
-        if( !S_ISREG( sb.st_mode ) )
-            continue;
-
-        // Ignore parse errors
-        //
-        t_ret = mbedtls_x509_crt_parse_file( chain, entry_name );
-        if( t_ret < 0 )
-            ret++;
-        else
-            ret += t_ret;
-    }
-
-cleanup:
-    closedir( dir );
-
-#if defined(MBEDTLS_THREADING_C)
-    if( mbedtls_mutex_unlock( &mbedtls_threading_readdir_mutex ) != 0 )
-        ret = MBEDTLS_ERR_THREADING_MUTEX_ERROR;
-#endif /* MBEDTLS_THREADING_C */
-
-#endif /* _WIN32 */
-
-    return( ret );
-}
-#endif /* MBEDTLS_FS_IO */
-
-/*
- * OtherName ::= SEQUENCE {
- *      type-id    OBJECT IDENTIFIER,
- *      value      [0] EXPLICIT ANY DEFINED BY type-id }
- *
- * HardwareModuleName ::= SEQUENCE {
- *                           hwType OBJECT IDENTIFIER,
- *                           hwSerialNum OCTET STRING }
- *
- * NOTE: we currently only parse and use otherName of type HwModuleName,
- * as defined in RFC 4108.
- */
-static int x509_get_other_name( const mbedtls_x509_buf *subject_alt_name,
-                                mbedtls_x509_san_other_name *other_name )
-{
-    int ret = 0;
-    size_t len;
-    unsigned char *p = subject_alt_name->p;
-    const unsigned char *end = p + subject_alt_name->len;
-    mbedtls_x509_buf cur_oid;
-
-    if( ( subject_alt_name->tag &
-        ( MBEDTLS_ASN1_TAG_CLASS_MASK | MBEDTLS_ASN1_TAG_VALUE_MASK ) ) !=
-        ( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_OTHER_NAME ) )
-    {
-        /*
-         * The given subject alternative name is not of type "othername".
-         */
-        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
-    }
-
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-                                      MBEDTLS_ASN1_OID ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-    cur_oid.tag = MBEDTLS_ASN1_OID;
-    cur_oid.p = p;
-    cur_oid.len = len;
-
-    /*
-     * Only HwModuleName is currently supported.
-     */
-    if( MBEDTLS_OID_CMP( MBEDTLS_OID_ON_HW_MODULE_NAME, &cur_oid ) != 0 )
-    {
-        return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE );
-    }
-
-    if( p + len >= end )
-    {
-        mbedtls_platform_zeroize( other_name, sizeof( *other_name ) );
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-    }
-    p += len;
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-                     MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-       return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OID ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-    other_name->value.hardware_module_name.oid.tag = MBEDTLS_ASN1_OID;
-    other_name->value.hardware_module_name.oid.p = p;
-    other_name->value.hardware_module_name.oid.len = len;
-
-    if( p + len >= end )
-    {
-        mbedtls_platform_zeroize( other_name, sizeof( *other_name ) );
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-    }
-    p += len;
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-                                      MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-    other_name->value.hardware_module_name.val.tag = MBEDTLS_ASN1_OCTET_STRING;
-    other_name->value.hardware_module_name.val.p = p;
-    other_name->value.hardware_module_name.val.len = len;
-    p += len;
-    if( p != end )
-    {
-        mbedtls_platform_zeroize( other_name,
-                                  sizeof( *other_name ) );
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-    }
-    return( 0 );
-}
-
-static int x509_info_subject_alt_name( char **buf, size_t *size,
-                                       const mbedtls_x509_sequence
-                                                    *subject_alt_name,
-                                       const char *prefix )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t n = *size;
-    char *p = *buf;
-    const mbedtls_x509_sequence *cur = subject_alt_name;
-    mbedtls_x509_subject_alternative_name san;
-    int parse_ret;
-
-    while( cur != NULL )
-    {
-        memset( &san, 0, sizeof( san ) );
-        parse_ret = mbedtls_x509_parse_subject_alt_name( &cur->buf, &san );
-        if( parse_ret != 0 )
-        {
-            if( parse_ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE )
-            {
-                ret = mbedtls_snprintf( p, n, "\n%s    <unsupported>", prefix );
-                MBEDTLS_X509_SAFE_SNPRINTF;
-            }
-            else
-            {
-                ret = mbedtls_snprintf( p, n, "\n%s    <malformed>", prefix );
-                MBEDTLS_X509_SAFE_SNPRINTF;
-            }
-            cur = cur->next;
-            continue;
-        }
-
-        switch( san.type )
-        {
-            /*
-             * otherName
-             */
-            case MBEDTLS_X509_SAN_OTHER_NAME:
-            {
-                mbedtls_x509_san_other_name *other_name = &san.san.other_name;
-
-                ret = mbedtls_snprintf( p, n, "\n%s    otherName :", prefix );
-                MBEDTLS_X509_SAFE_SNPRINTF;
-
-                if( MBEDTLS_OID_CMP( MBEDTLS_OID_ON_HW_MODULE_NAME,
-                                     &other_name->value.hardware_module_name.oid ) != 0 )
-                {
-                    ret = mbedtls_snprintf( p, n, "\n%s        hardware module name :", prefix );
-                    MBEDTLS_X509_SAFE_SNPRINTF;
-                    ret = mbedtls_snprintf( p, n, "\n%s            hardware type          : ", prefix );
-                    MBEDTLS_X509_SAFE_SNPRINTF;
-
-                    ret = mbedtls_oid_get_numeric_string( p, n, &other_name->value.hardware_module_name.oid );
-                    MBEDTLS_X509_SAFE_SNPRINTF;
-
-                    ret = mbedtls_snprintf( p, n, "\n%s            hardware serial number : ", prefix );
-                    MBEDTLS_X509_SAFE_SNPRINTF;
-
-                    if( other_name->value.hardware_module_name.val.len >= n )
-                    {
-                        *p = '\0';
-                        return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL );
-                    }
-
-                    memcpy( p, other_name->value.hardware_module_name.val.p,
-                            other_name->value.hardware_module_name.val.len );
-                    p += other_name->value.hardware_module_name.val.len;
-
-                    n -= other_name->value.hardware_module_name.val.len;
-
-                }/* MBEDTLS_OID_ON_HW_MODULE_NAME */
-            }
-            break;
-
-            /*
-             * dNSName
-             */
-            case MBEDTLS_X509_SAN_DNS_NAME:
-            {
-                ret = mbedtls_snprintf( p, n, "\n%s    dNSName : ", prefix );
-                MBEDTLS_X509_SAFE_SNPRINTF;
-                if( san.san.unstructured_name.len >= n )
-                {
-                    *p = '\0';
-                    return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL );
-                }
-
-                memcpy( p, san.san.unstructured_name.p, san.san.unstructured_name.len );
-                p += san.san.unstructured_name.len;
-                n -= san.san.unstructured_name.len;
-            }
-            break;
-
-            /*
-             * Type not supported, skip item.
-             */
-            default:
-                ret = mbedtls_snprintf( p, n, "\n%s    <unsupported>", prefix );
-                MBEDTLS_X509_SAFE_SNPRINTF;
-                break;
-        }
-
-        cur = cur->next;
-    }
-
-    *p = '\0';
-
-    *size = n;
-    *buf = p;
-
-    return( 0 );
-}
-
-int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf,
-                                         mbedtls_x509_subject_alternative_name *san )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    switch( san_buf->tag &
-            ( MBEDTLS_ASN1_TAG_CLASS_MASK |
-              MBEDTLS_ASN1_TAG_VALUE_MASK ) )
-    {
-        /*
-         * otherName
-         */
-        case( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_OTHER_NAME ):
-        {
-            mbedtls_x509_san_other_name other_name;
-
-            ret = x509_get_other_name( san_buf, &other_name );
-            if( ret != 0 )
-                return( ret );
-
-            memset( san, 0, sizeof( mbedtls_x509_subject_alternative_name ) );
-            san->type = MBEDTLS_X509_SAN_OTHER_NAME;
-            memcpy( &san->san.other_name,
-                    &other_name, sizeof( other_name ) );
-
-        }
-        break;
-
-        /*
-         * dNSName
-         */
-        case( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_DNS_NAME ):
-        {
-            memset( san, 0, sizeof( mbedtls_x509_subject_alternative_name ) );
-            san->type = MBEDTLS_X509_SAN_DNS_NAME;
-
-            memcpy( &san->san.unstructured_name,
-                    san_buf, sizeof( *san_buf ) );
-
-        }
-        break;
-
-        /*
-         * Type not supported
-         */
-        default:
-            return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE );
-    }
-    return( 0 );
-}
-
-#define PRINT_ITEM(i)                           \
-    {                                           \
-        ret = mbedtls_snprintf( p, n, "%s" i, sep );    \
-        MBEDTLS_X509_SAFE_SNPRINTF;                        \
-        sep = ", ";                             \
-    }
-
-#define CERT_TYPE(type,name)                    \
-    if( ns_cert_type & (type) )                 \
-        PRINT_ITEM( name );
-
-static int x509_info_cert_type( char **buf, size_t *size,
-                                unsigned char ns_cert_type )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t n = *size;
-    char *p = *buf;
-    const char *sep = "";
-
-    CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT,         "SSL Client" );
-    CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER,         "SSL Server" );
-    CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_EMAIL,              "Email" );
-    CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING,     "Object Signing" );
-    CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_RESERVED,           "Reserved" );
-    CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_CA,             "SSL CA" );
-    CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA,           "Email CA" );
-    CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA,  "Object Signing CA" );
-
-    *size = n;
-    *buf = p;
-
-    return( 0 );
-}
-
-#define KEY_USAGE(code,name)    \
-    if( key_usage & (code) )    \
-        PRINT_ITEM( name );
-
-static int x509_info_key_usage( char **buf, size_t *size,
-                                unsigned int key_usage )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t n = *size;
-    char *p = *buf;
-    const char *sep = "";
-
-    KEY_USAGE( MBEDTLS_X509_KU_DIGITAL_SIGNATURE,    "Digital Signature" );
-    KEY_USAGE( MBEDTLS_X509_KU_NON_REPUDIATION,      "Non Repudiation" );
-    KEY_USAGE( MBEDTLS_X509_KU_KEY_ENCIPHERMENT,     "Key Encipherment" );
-    KEY_USAGE( MBEDTLS_X509_KU_DATA_ENCIPHERMENT,    "Data Encipherment" );
-    KEY_USAGE( MBEDTLS_X509_KU_KEY_AGREEMENT,        "Key Agreement" );
-    KEY_USAGE( MBEDTLS_X509_KU_KEY_CERT_SIGN,        "Key Cert Sign" );
-    KEY_USAGE( MBEDTLS_X509_KU_CRL_SIGN,             "CRL Sign" );
-    KEY_USAGE( MBEDTLS_X509_KU_ENCIPHER_ONLY,        "Encipher Only" );
-    KEY_USAGE( MBEDTLS_X509_KU_DECIPHER_ONLY,        "Decipher Only" );
-
-    *size = n;
-    *buf = p;
-
-    return( 0 );
-}
-
-static int x509_info_ext_key_usage( char **buf, size_t *size,
-                                    const mbedtls_x509_sequence *extended_key_usage )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const char *desc;
-    size_t n = *size;
-    char *p = *buf;
-    const mbedtls_x509_sequence *cur = extended_key_usage;
-    const char *sep = "";
-
-    while( cur != NULL )
-    {
-        if( mbedtls_oid_get_extended_key_usage( &cur->buf, &desc ) != 0 )
-            desc = "???";
-
-        ret = mbedtls_snprintf( p, n, "%s%s", sep, desc );
-        MBEDTLS_X509_SAFE_SNPRINTF;
-
-        sep = ", ";
-
-        cur = cur->next;
-    }
-
-    *size = n;
-    *buf = p;
-
-    return( 0 );
-}
-
-static int x509_info_cert_policies( char **buf, size_t *size,
-                                    const mbedtls_x509_sequence *certificate_policies )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const char *desc;
-    size_t n = *size;
-    char *p = *buf;
-    const mbedtls_x509_sequence *cur = certificate_policies;
-    const char *sep = "";
-
-    while( cur != NULL )
-    {
-        if( mbedtls_oid_get_certificate_policies( &cur->buf, &desc ) != 0 )
-            desc = "???";
-
-        ret = mbedtls_snprintf( p, n, "%s%s", sep, desc );
-        MBEDTLS_X509_SAFE_SNPRINTF;
-
-        sep = ", ";
-
-        cur = cur->next;
-    }
-
-    *size = n;
-    *buf = p;
-
-    return( 0 );
-}
-
-/*
- * Return an informational string about the certificate.
- */
-#define BEFORE_COLON    18
-#define BC              "18"
-int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
-                   const mbedtls_x509_crt *crt )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t n;
-    char *p;
-    char key_size_str[BEFORE_COLON];
-
-    p = buf;
-    n = size;
-
-    if( NULL == crt )
-    {
-        ret = mbedtls_snprintf( p, n, "\nCertificate is uninitialised!\n" );
-        MBEDTLS_X509_SAFE_SNPRINTF;
-
-        return( (int) ( size - n ) );
-    }
-
-    ret = mbedtls_snprintf( p, n, "%scert. version     : %d\n",
-                               prefix, crt->version );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-    ret = mbedtls_snprintf( p, n, "%sserial number     : ",
-                               prefix );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    ret = mbedtls_x509_serial_gets( p, n, &crt->serial );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    ret = mbedtls_snprintf( p, n, "\n%sissuer name       : ", prefix );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-    ret = mbedtls_x509_dn_gets( p, n, &crt->issuer  );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    ret = mbedtls_snprintf( p, n, "\n%ssubject name      : ", prefix );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-    ret = mbedtls_x509_dn_gets( p, n, &crt->subject );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    ret = mbedtls_snprintf( p, n, "\n%sissued  on        : " \
-                   "%04d-%02d-%02d %02d:%02d:%02d", prefix,
-                   crt->valid_from.year, crt->valid_from.mon,
-                   crt->valid_from.day,  crt->valid_from.hour,
-                   crt->valid_from.min,  crt->valid_from.sec );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    ret = mbedtls_snprintf( p, n, "\n%sexpires on        : " \
-                   "%04d-%02d-%02d %02d:%02d:%02d", prefix,
-                   crt->valid_to.year, crt->valid_to.mon,
-                   crt->valid_to.day,  crt->valid_to.hour,
-                   crt->valid_to.min,  crt->valid_to.sec );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    ret = mbedtls_snprintf( p, n, "\n%ssigned using      : ", prefix );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    ret = mbedtls_x509_sig_alg_gets( p, n, &crt->sig_oid, crt->sig_pk,
-                             crt->sig_md, crt->sig_opts );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    /* Key size */
-    if( ( ret = mbedtls_x509_key_size_helper( key_size_str, BEFORE_COLON,
-                                      mbedtls_pk_get_name( &crt->pk ) ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    ret = mbedtls_snprintf( p, n, "\n%s%-" BC "s: %d bits", prefix, key_size_str,
-                          (int) mbedtls_pk_get_bitlen( &crt->pk ) );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    /*
-     * Optional extensions
-     */
-
-    if( crt->ext_types & MBEDTLS_X509_EXT_BASIC_CONSTRAINTS )
-    {
-        ret = mbedtls_snprintf( p, n, "\n%sbasic constraints : CA=%s", prefix,
-                        crt->ca_istrue ? "true" : "false" );
-        MBEDTLS_X509_SAFE_SNPRINTF;
-
-        if( crt->max_pathlen > 0 )
-        {
-            ret = mbedtls_snprintf( p, n, ", max_pathlen=%d", crt->max_pathlen - 1 );
-            MBEDTLS_X509_SAFE_SNPRINTF;
-        }
-    }
-
-    if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME )
-    {
-        ret = mbedtls_snprintf( p, n, "\n%ssubject alt name  :", prefix );
-        MBEDTLS_X509_SAFE_SNPRINTF;
-
-        if( ( ret = x509_info_subject_alt_name( &p, &n,
-                                                &crt->subject_alt_names,
-                                                prefix ) ) != 0 )
-            return( ret );
-    }
-
-    if( crt->ext_types & MBEDTLS_X509_EXT_NS_CERT_TYPE )
-    {
-        ret = mbedtls_snprintf( p, n, "\n%scert. type        : ", prefix );
-        MBEDTLS_X509_SAFE_SNPRINTF;
-
-        if( ( ret = x509_info_cert_type( &p, &n, crt->ns_cert_type ) ) != 0 )
-            return( ret );
-    }
-
-    if( crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE )
-    {
-        ret = mbedtls_snprintf( p, n, "\n%skey usage         : ", prefix );
-        MBEDTLS_X509_SAFE_SNPRINTF;
-
-        if( ( ret = x509_info_key_usage( &p, &n, crt->key_usage ) ) != 0 )
-            return( ret );
-    }
-
-    if( crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE )
-    {
-        ret = mbedtls_snprintf( p, n, "\n%sext key usage     : ", prefix );
-        MBEDTLS_X509_SAFE_SNPRINTF;
-
-        if( ( ret = x509_info_ext_key_usage( &p, &n,
-                                             &crt->ext_key_usage ) ) != 0 )
-            return( ret );
-    }
-
-    if( crt->ext_types & MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES )
-    {
-        ret = mbedtls_snprintf( p, n, "\n%scertificate policies : ", prefix );
-        MBEDTLS_X509_SAFE_SNPRINTF;
-
-        if( ( ret = x509_info_cert_policies( &p, &n,
-                                             &crt->certificate_policies ) ) != 0 )
-            return( ret );
-    }
-
-    ret = mbedtls_snprintf( p, n, "\n" );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    return( (int) ( size - n ) );
-}
-
-struct x509_crt_verify_string {
-    int code;
-    const char *string;
-};
-
-static const struct x509_crt_verify_string x509_crt_verify_strings[] = {
-    { MBEDTLS_X509_BADCERT_EXPIRED,       "The certificate validity has expired" },
-    { MBEDTLS_X509_BADCERT_REVOKED,       "The certificate has been revoked (is on a CRL)" },
-    { MBEDTLS_X509_BADCERT_CN_MISMATCH,   "The certificate Common Name (CN) does not match with the expected CN" },
-    { MBEDTLS_X509_BADCERT_NOT_TRUSTED,   "The certificate is not correctly signed by the trusted CA" },
-    { MBEDTLS_X509_BADCRL_NOT_TRUSTED,    "The CRL is not correctly signed by the trusted CA" },
-    { MBEDTLS_X509_BADCRL_EXPIRED,        "The CRL is expired" },
-    { MBEDTLS_X509_BADCERT_MISSING,       "Certificate was missing" },
-    { MBEDTLS_X509_BADCERT_SKIP_VERIFY,   "Certificate verification was skipped" },
-    { MBEDTLS_X509_BADCERT_OTHER,         "Other reason (can be used by verify callback)" },
-    { MBEDTLS_X509_BADCERT_FUTURE,        "The certificate validity starts in the future" },
-    { MBEDTLS_X509_BADCRL_FUTURE,         "The CRL is from the future" },
-    { MBEDTLS_X509_BADCERT_KEY_USAGE,     "Usage does not match the keyUsage extension" },
-    { MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, "Usage does not match the extendedKeyUsage extension" },
-    { MBEDTLS_X509_BADCERT_NS_CERT_TYPE,  "Usage does not match the nsCertType extension" },
-    { MBEDTLS_X509_BADCERT_BAD_MD,        "The certificate is signed with an unacceptable hash." },
-    { MBEDTLS_X509_BADCERT_BAD_PK,        "The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA)." },
-    { MBEDTLS_X509_BADCERT_BAD_KEY,       "The certificate is signed with an unacceptable key (eg bad curve, RSA too short)." },
-    { MBEDTLS_X509_BADCRL_BAD_MD,         "The CRL is signed with an unacceptable hash." },
-    { MBEDTLS_X509_BADCRL_BAD_PK,         "The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA)." },
-    { MBEDTLS_X509_BADCRL_BAD_KEY,        "The CRL is signed with an unacceptable key (eg bad curve, RSA too short)." },
-    { 0, NULL }
-};
-
-int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
-                          uint32_t flags )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const struct x509_crt_verify_string *cur;
-    char *p = buf;
-    size_t n = size;
-
-    for( cur = x509_crt_verify_strings; cur->string != NULL ; cur++ )
-    {
-        if( ( flags & cur->code ) == 0 )
-            continue;
-
-        ret = mbedtls_snprintf( p, n, "%s%s\n", prefix, cur->string );
-        MBEDTLS_X509_SAFE_SNPRINTF;
-        flags ^= cur->code;
-    }
-
-    if( flags != 0 )
-    {
-        ret = mbedtls_snprintf( p, n, "%sUnknown reason "
-                                       "(this should not happen)\n", prefix );
-        MBEDTLS_X509_SAFE_SNPRINTF;
-    }
-
-    return( (int) ( size - n ) );
-}
-
-#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
-int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt,
-                                      unsigned int usage )
-{
-    unsigned int usage_must, usage_may;
-    unsigned int may_mask = MBEDTLS_X509_KU_ENCIPHER_ONLY
-                          | MBEDTLS_X509_KU_DECIPHER_ONLY;
-
-    if( ( crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE ) == 0 )
-        return( 0 );
-
-    usage_must = usage & ~may_mask;
-
-    if( ( ( crt->key_usage & ~may_mask ) & usage_must ) != usage_must )
-        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
-
-    usage_may = usage & may_mask;
-
-    if( ( ( crt->key_usage & may_mask ) | usage_may ) != usage_may )
-        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
-
-    return( 0 );
-}
-#endif
-
-#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
-int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt,
-                                       const char *usage_oid,
-                                       size_t usage_len )
-{
-    const mbedtls_x509_sequence *cur;
-
-    /* Extension is not mandatory, absent means no restriction */
-    if( ( crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE ) == 0 )
-        return( 0 );
-
-    /*
-     * Look for the requested usage (or wildcard ANY) in our list
-     */
-    for( cur = &crt->ext_key_usage; cur != NULL; cur = cur->next )
-    {
-        const mbedtls_x509_buf *cur_oid = &cur->buf;
-
-        if( cur_oid->len == usage_len &&
-            memcmp( cur_oid->p, usage_oid, usage_len ) == 0 )
-        {
-            return( 0 );
-        }
-
-        if( MBEDTLS_OID_CMP( MBEDTLS_OID_ANY_EXTENDED_KEY_USAGE, cur_oid ) == 0 )
-            return( 0 );
-    }
-
-    return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
-}
-#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
-
-#if defined(MBEDTLS_X509_CRL_PARSE_C)
-/*
- * Return 1 if the certificate is revoked, or 0 otherwise.
- */
-int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl )
-{
-    const mbedtls_x509_crl_entry *cur = &crl->entry;
-
-    while( cur != NULL && cur->serial.len != 0 )
-    {
-        if( crt->serial.len == cur->serial.len &&
-            memcmp( crt->serial.p, cur->serial.p, crt->serial.len ) == 0 )
-        {
-            return( 1 );
-        }
-
-        cur = cur->next;
-    }
-
-    return( 0 );
-}
-
-/*
- * Check that the given certificate is not revoked according to the CRL.
- * Skip validation if no CRL for the given CA is present.
- */
-static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
-                               mbedtls_x509_crl *crl_list,
-                               const mbedtls_x509_crt_profile *profile )
-{
-    int flags = 0;
-    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
-    const mbedtls_md_info_t *md_info;
-
-    if( ca == NULL )
-        return( flags );
-
-    while( crl_list != NULL )
-    {
-        if( crl_list->version == 0 ||
-            x509_name_cmp( &crl_list->issuer, &ca->subject ) != 0 )
-        {
-            crl_list = crl_list->next;
-            continue;
-        }
-
-        /*
-         * Check if the CA is configured to sign CRLs
-         */
-#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
-        if( mbedtls_x509_crt_check_key_usage( ca,
-                                              MBEDTLS_X509_KU_CRL_SIGN ) != 0 )
-        {
-            flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED;
-            break;
-        }
-#endif
-
-        /*
-         * Check if CRL is correctly signed by the trusted CA
-         */
-        if( x509_profile_check_md_alg( profile, crl_list->sig_md ) != 0 )
-            flags |= MBEDTLS_X509_BADCRL_BAD_MD;
-
-        if( x509_profile_check_pk_alg( profile, crl_list->sig_pk ) != 0 )
-            flags |= MBEDTLS_X509_BADCRL_BAD_PK;
-
-        md_info = mbedtls_md_info_from_type( crl_list->sig_md );
-        if( mbedtls_md( md_info, crl_list->tbs.p, crl_list->tbs.len, hash ) != 0 )
-        {
-            /* Note: this can't happen except after an internal error */
-            flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED;
-            break;
-        }
-
-        if( x509_profile_check_key( profile, &ca->pk ) != 0 )
-            flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
-
-        if( mbedtls_pk_verify_ext( crl_list->sig_pk, crl_list->sig_opts, &ca->pk,
-                           crl_list->sig_md, hash, mbedtls_md_get_size( md_info ),
-                           crl_list->sig.p, crl_list->sig.len ) != 0 )
-        {
-            flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED;
-            break;
-        }
-
-        /*
-         * Check for validity of CRL (Do not drop out)
-         */
-        if( mbedtls_x509_time_is_past( &crl_list->next_update ) )
-            flags |= MBEDTLS_X509_BADCRL_EXPIRED;
-
-        if( mbedtls_x509_time_is_future( &crl_list->this_update ) )
-            flags |= MBEDTLS_X509_BADCRL_FUTURE;
-
-        /*
-         * Check if certificate is revoked
-         */
-        if( mbedtls_x509_crt_is_revoked( crt, crl_list ) )
-        {
-            flags |= MBEDTLS_X509_BADCERT_REVOKED;
-            break;
-        }
-
-        crl_list = crl_list->next;
-    }
-
-    return( flags );
-}
-#endif /* MBEDTLS_X509_CRL_PARSE_C */
-
-/*
- * Check the signature of a certificate by its parent
- */
-static int x509_crt_check_signature( const mbedtls_x509_crt *child,
-                                     mbedtls_x509_crt *parent,
-                                     mbedtls_x509_crt_restart_ctx *rs_ctx )
-{
-    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
-    size_t hash_len;
-#if !defined(MBEDTLS_USE_PSA_CRYPTO)
-    const mbedtls_md_info_t *md_info;
-    md_info = mbedtls_md_info_from_type( child->sig_md );
-    hash_len = mbedtls_md_get_size( md_info );
-
-    /* Note: hash errors can happen only after an internal error */
-    if( mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash ) != 0 )
-        return( -1 );
-#else
-    psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT;
-    psa_algorithm_t hash_alg = mbedtls_psa_translate_md( child->sig_md );
-
-    if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS )
-        return( -1 );
-
-    if( psa_hash_update( &hash_operation, child->tbs.p, child->tbs.len )
-        != PSA_SUCCESS )
-    {
-        return( -1 );
-    }
-
-    if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len )
-        != PSA_SUCCESS )
-    {
-        return( -1 );
-    }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-    /* Skip expensive computation on obvious mismatch */
-    if( ! mbedtls_pk_can_do( &parent->pk, child->sig_pk ) )
-        return( -1 );
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && child->sig_pk == MBEDTLS_PK_ECDSA )
-    {
-        return( mbedtls_pk_verify_restartable( &parent->pk,
-                    child->sig_md, hash, hash_len,
-                    child->sig.p, child->sig.len, &rs_ctx->pk ) );
-    }
-#else
-    (void) rs_ctx;
-#endif
-
-    return( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk,
-                child->sig_md, hash, hash_len,
-                child->sig.p, child->sig.len ) );
-}
-
-/*
- * Check if 'parent' is a suitable parent (signing CA) for 'child'.
- * Return 0 if yes, -1 if not.
- *
- * top means parent is a locally-trusted certificate
- */
-static int x509_crt_check_parent( const mbedtls_x509_crt *child,
-                                  const mbedtls_x509_crt *parent,
-                                  int top )
-{
-    int need_ca_bit;
-
-    /* Parent must be the issuer */
-    if( x509_name_cmp( &child->issuer, &parent->subject ) != 0 )
-        return( -1 );
-
-    /* Parent must have the basicConstraints CA bit set as a general rule */
-    need_ca_bit = 1;
-
-    /* Exception: v1/v2 certificates that are locally trusted. */
-    if( top && parent->version < 3 )
-        need_ca_bit = 0;
-
-    if( need_ca_bit && ! parent->ca_istrue )
-        return( -1 );
-
-#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
-    if( need_ca_bit &&
-        mbedtls_x509_crt_check_key_usage( parent, MBEDTLS_X509_KU_KEY_CERT_SIGN ) != 0 )
-    {
-        return( -1 );
-    }
-#endif
-
-    return( 0 );
-}
-
-/*
- * Find a suitable parent for child in candidates, or return NULL.
- *
- * Here suitable is defined as:
- *  1. subject name matches child's issuer
- *  2. if necessary, the CA bit is set and key usage allows signing certs
- *  3. for trusted roots, the signature is correct
- *     (for intermediates, the signature is checked and the result reported)
- *  4. pathlen constraints are satisfied
- *
- * If there's a suitable candidate which is also time-valid, return the first
- * such. Otherwise, return the first suitable candidate (or NULL if there is
- * none).
- *
- * The rationale for this rule is that someone could have a list of trusted
- * roots with two versions on the same root with different validity periods.
- * (At least one user reported having such a list and wanted it to just work.)
- * The reason we don't just require time-validity is that generally there is
- * only one version, and if it's expired we want the flags to state that
- * rather than NOT_TRUSTED, as would be the case if we required it here.
- *
- * The rationale for rule 3 (signature for trusted roots) is that users might
- * have two versions of the same CA with different keys in their list, and the
- * way we select the correct one is by checking the signature (as we don't
- * rely on key identifier extensions). (This is one way users might choose to
- * handle key rollover, another relies on self-issued certs, see [SIRO].)
- *
- * Arguments:
- *  - [in] child: certificate for which we're looking for a parent
- *  - [in] candidates: chained list of potential parents
- *  - [out] r_parent: parent found (or NULL)
- *  - [out] r_signature_is_good: 1 if child signature by parent is valid, or 0
- *  - [in] top: 1 if candidates consists of trusted roots, ie we're at the top
- *         of the chain, 0 otherwise
- *  - [in] path_cnt: number of intermediates seen so far
- *  - [in] self_cnt: number of self-signed intermediates seen so far
- *         (will never be greater than path_cnt)
- *  - [in-out] rs_ctx: context for restarting operations
- *
- * Return value:
- *  - 0 on success
- *  - MBEDTLS_ERR_ECP_IN_PROGRESS otherwise
- */
-static int x509_crt_find_parent_in(
-                        mbedtls_x509_crt *child,
-                        mbedtls_x509_crt *candidates,
-                        mbedtls_x509_crt **r_parent,
-                        int *r_signature_is_good,
-                        int top,
-                        unsigned path_cnt,
-                        unsigned self_cnt,
-                        mbedtls_x509_crt_restart_ctx *rs_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_x509_crt *parent, *fallback_parent;
-    int signature_is_good = 0, fallback_signature_is_good;
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    /* did we have something in progress? */
-    if( rs_ctx != NULL && rs_ctx->parent != NULL )
-    {
-        /* restore saved state */
-        parent = rs_ctx->parent;
-        fallback_parent = rs_ctx->fallback_parent;
-        fallback_signature_is_good = rs_ctx->fallback_signature_is_good;
-
-        /* clear saved state */
-        rs_ctx->parent = NULL;
-        rs_ctx->fallback_parent = NULL;
-        rs_ctx->fallback_signature_is_good = 0;
-
-        /* resume where we left */
-        goto check_signature;
-    }
-#endif
-
-    fallback_parent = NULL;
-    fallback_signature_is_good = 0;
-
-    for( parent = candidates; parent != NULL; parent = parent->next )
-    {
-        /* basic parenting skills (name, CA bit, key usage) */
-        if( x509_crt_check_parent( child, parent, top ) != 0 )
-            continue;
-
-        /* +1 because stored max_pathlen is 1 higher that the actual value */
-        if( parent->max_pathlen > 0 &&
-            (size_t) parent->max_pathlen < 1 + path_cnt - self_cnt )
-        {
-            continue;
-        }
-
-        /* Signature */
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-check_signature:
-#endif
-        ret = x509_crt_check_signature( child, parent, rs_ctx );
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-        if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
-        {
-            /* save state */
-            rs_ctx->parent = parent;
-            rs_ctx->fallback_parent = fallback_parent;
-            rs_ctx->fallback_signature_is_good = fallback_signature_is_good;
-
-            return( ret );
-        }
-#else
-        (void) ret;
-#endif
-
-        signature_is_good = ret == 0;
-        if( top && ! signature_is_good )
-            continue;
-
-        /* optional time check */
-        if( mbedtls_x509_time_is_past( &parent->valid_to ) ||
-            mbedtls_x509_time_is_future( &parent->valid_from ) )
-        {
-            if( fallback_parent == NULL )
-            {
-                fallback_parent = parent;
-                fallback_signature_is_good = signature_is_good;
-            }
-
-            continue;
-        }
-
-        *r_parent = parent;
-        *r_signature_is_good = signature_is_good;
-
-        break;
-    }
-
-    if( parent == NULL )
-    {
-        *r_parent = fallback_parent;
-        *r_signature_is_good = fallback_signature_is_good;
-    }
-
-    return( 0 );
-}
-
-/*
- * Find a parent in trusted CAs or the provided chain, or return NULL.
- *
- * Searches in trusted CAs first, and return the first suitable parent found
- * (see find_parent_in() for definition of suitable).
- *
- * Arguments:
- *  - [in] child: certificate for which we're looking for a parent, followed
- *         by a chain of possible intermediates
- *  - [in] trust_ca: list of locally trusted certificates
- *  - [out] parent: parent found (or NULL)
- *  - [out] parent_is_trusted: 1 if returned `parent` is trusted, or 0
- *  - [out] signature_is_good: 1 if child signature by parent is valid, or 0
- *  - [in] path_cnt: number of links in the chain so far (EE -> ... -> child)
- *  - [in] self_cnt: number of self-signed certs in the chain so far
- *         (will always be no greater than path_cnt)
- *  - [in-out] rs_ctx: context for restarting operations
- *
- * Return value:
- *  - 0 on success
- *  - MBEDTLS_ERR_ECP_IN_PROGRESS otherwise
- */
-static int x509_crt_find_parent(
-                        mbedtls_x509_crt *child,
-                        mbedtls_x509_crt *trust_ca,
-                        mbedtls_x509_crt **parent,
-                        int *parent_is_trusted,
-                        int *signature_is_good,
-                        unsigned path_cnt,
-                        unsigned self_cnt,
-                        mbedtls_x509_crt_restart_ctx *rs_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_x509_crt *search_list;
-
-    *parent_is_trusted = 1;
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    /* restore then clear saved state if we have some stored */
-    if( rs_ctx != NULL && rs_ctx->parent_is_trusted != -1 )
-    {
-        *parent_is_trusted = rs_ctx->parent_is_trusted;
-        rs_ctx->parent_is_trusted = -1;
-    }
-#endif
-
-    while( 1 ) {
-        search_list = *parent_is_trusted ? trust_ca : child->next;
-
-        ret = x509_crt_find_parent_in( child, search_list,
-                                       parent, signature_is_good,
-                                       *parent_is_trusted,
-                                       path_cnt, self_cnt, rs_ctx );
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-        if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
-        {
-            /* save state */
-            rs_ctx->parent_is_trusted = *parent_is_trusted;
-            return( ret );
-        }
-#else
-        (void) ret;
-#endif
-
-        /* stop here if found or already in second iteration */
-        if( *parent != NULL || *parent_is_trusted == 0 )
-            break;
-
-        /* prepare second iteration */
-        *parent_is_trusted = 0;
-    }
-
-    /* extra precaution against mistakes in the caller */
-    if( *parent == NULL )
-    {
-        *parent_is_trusted = 0;
-        *signature_is_good = 0;
-    }
-
-    return( 0 );
-}
-
-/*
- * Check if an end-entity certificate is locally trusted
- *
- * Currently we require such certificates to be self-signed (actually only
- * check for self-issued as self-signatures are not checked)
- */
-static int x509_crt_check_ee_locally_trusted(
-                    mbedtls_x509_crt *crt,
-                    mbedtls_x509_crt *trust_ca )
-{
-    mbedtls_x509_crt *cur;
-
-    /* must be self-issued */
-    if( x509_name_cmp( &crt->issuer, &crt->subject ) != 0 )
-        return( -1 );
-
-    /* look for an exact match with trusted cert */
-    for( cur = trust_ca; cur != NULL; cur = cur->next )
-    {
-        if( crt->raw.len == cur->raw.len &&
-            memcmp( crt->raw.p, cur->raw.p, crt->raw.len ) == 0 )
-        {
-            return( 0 );
-        }
-    }
-
-    /* too bad */
-    return( -1 );
-}
-
-/*
- * Build and verify a certificate chain
- *
- * Given a peer-provided list of certificates EE, C1, ..., Cn and
- * a list of trusted certs R1, ... Rp, try to build and verify a chain
- *      EE, Ci1, ... Ciq [, Rj]
- * such that every cert in the chain is a child of the next one,
- * jumping to a trusted root as early as possible.
- *
- * Verify that chain and return it with flags for all issues found.
- *
- * Special cases:
- * - EE == Rj -> return a one-element list containing it
- * - EE, Ci1, ..., Ciq cannot be continued with a trusted root
- *   -> return that chain with NOT_TRUSTED set on Ciq
- *
- * Tests for (aspects of) this function should include at least:
- * - trusted EE
- * - EE -> trusted root
- * - EE -> intermediate CA -> trusted root
- * - if relevant: EE untrusted
- * - if relevant: EE -> intermediate, untrusted
- * with the aspect under test checked at each relevant level (EE, int, root).
- * For some aspects longer chains are required, but usually length 2 is
- * enough (but length 1 is not in general).
- *
- * Arguments:
- *  - [in] crt: the cert list EE, C1, ..., Cn
- *  - [in] trust_ca: the trusted list R1, ..., Rp
- *  - [in] ca_crl, profile: as in verify_with_profile()
- *  - [out] ver_chain: the built and verified chain
- *      Only valid when return value is 0, may contain garbage otherwise!
- *      Restart note: need not be the same when calling again to resume.
- *  - [in-out] rs_ctx: context for restarting operations
- *
- * Return value:
- *  - non-zero if the chain could not be fully built and examined
- *  - 0 is the chain was successfully built and examined,
- *      even if it was found to be invalid
- */
-static int x509_crt_verify_chain(
-                mbedtls_x509_crt *crt,
-                mbedtls_x509_crt *trust_ca,
-                mbedtls_x509_crl *ca_crl,
-                mbedtls_x509_crt_ca_cb_t f_ca_cb,
-                void *p_ca_cb,
-                const mbedtls_x509_crt_profile *profile,
-                mbedtls_x509_crt_verify_chain *ver_chain,
-                mbedtls_x509_crt_restart_ctx *rs_ctx )
-{
-    /* Don't initialize any of those variables here, so that the compiler can
-     * catch potential issues with jumping ahead when restarting */
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    uint32_t *flags;
-    mbedtls_x509_crt_verify_chain_item *cur;
-    mbedtls_x509_crt *child;
-    mbedtls_x509_crt *parent;
-    int parent_is_trusted;
-    int child_is_trusted;
-    int signature_is_good;
-    unsigned self_cnt;
-    mbedtls_x509_crt *cur_trust_ca = NULL;
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    /* resume if we had an operation in progress */
-    if( rs_ctx != NULL && rs_ctx->in_progress == x509_crt_rs_find_parent )
-    {
-        /* restore saved state */
-        *ver_chain = rs_ctx->ver_chain; /* struct copy */
-        self_cnt = rs_ctx->self_cnt;
-
-        /* restore derived state */
-        cur = &ver_chain->items[ver_chain->len - 1];
-        child = cur->crt;
-        flags = &cur->flags;
-
-        goto find_parent;
-    }
-#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
-
-    child = crt;
-    self_cnt = 0;
-    parent_is_trusted = 0;
-    child_is_trusted = 0;
-
-    while( 1 ) {
-        /* Add certificate to the verification chain */
-        cur = &ver_chain->items[ver_chain->len];
-        cur->crt = child;
-        cur->flags = 0;
-        ver_chain->len++;
-        flags = &cur->flags;
-
-        /* Check time-validity (all certificates) */
-        if( mbedtls_x509_time_is_past( &child->valid_to ) )
-            *flags |= MBEDTLS_X509_BADCERT_EXPIRED;
-
-        if( mbedtls_x509_time_is_future( &child->valid_from ) )
-            *flags |= MBEDTLS_X509_BADCERT_FUTURE;
-
-        /* Stop here for trusted roots (but not for trusted EE certs) */
-        if( child_is_trusted )
-            return( 0 );
-
-        /* Check signature algorithm: MD & PK algs */
-        if( x509_profile_check_md_alg( profile, child->sig_md ) != 0 )
-            *flags |= MBEDTLS_X509_BADCERT_BAD_MD;
-
-        if( x509_profile_check_pk_alg( profile, child->sig_pk ) != 0 )
-            *flags |= MBEDTLS_X509_BADCERT_BAD_PK;
-
-        /* Special case: EE certs that are locally trusted */
-        if( ver_chain->len == 1 &&
-            x509_crt_check_ee_locally_trusted( child, trust_ca ) == 0 )
-        {
-            return( 0 );
-        }
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-find_parent:
-#endif
-
-        /* Obtain list of potential trusted signers from CA callback,
-         * or use statically provided list. */
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-        if( f_ca_cb != NULL )
-        {
-            mbedtls_x509_crt_free( ver_chain->trust_ca_cb_result );
-            mbedtls_free( ver_chain->trust_ca_cb_result );
-            ver_chain->trust_ca_cb_result = NULL;
-
-            ret = f_ca_cb( p_ca_cb, child, &ver_chain->trust_ca_cb_result );
-            if( ret != 0 )
-                return( MBEDTLS_ERR_X509_FATAL_ERROR );
-
-            cur_trust_ca = ver_chain->trust_ca_cb_result;
-        }
-        else
-#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
-        {
-            ((void) f_ca_cb);
-            ((void) p_ca_cb);
-            cur_trust_ca = trust_ca;
-        }
-
-        /* Look for a parent in trusted CAs or up the chain */
-        ret = x509_crt_find_parent( child, cur_trust_ca, &parent,
-                                       &parent_is_trusted, &signature_is_good,
-                                       ver_chain->len - 1, self_cnt, rs_ctx );
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-        if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
-        {
-            /* save state */
-            rs_ctx->in_progress = x509_crt_rs_find_parent;
-            rs_ctx->self_cnt = self_cnt;
-            rs_ctx->ver_chain = *ver_chain; /* struct copy */
-
-            return( ret );
-        }
-#else
-        (void) ret;
-#endif
-
-        /* No parent? We're done here */
-        if( parent == NULL )
-        {
-            *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED;
-            return( 0 );
-        }
-
-        /* Count intermediate self-issued (not necessarily self-signed) certs.
-         * These can occur with some strategies for key rollover, see [SIRO],
-         * and should be excluded from max_pathlen checks. */
-        if( ver_chain->len != 1 &&
-            x509_name_cmp( &child->issuer, &child->subject ) == 0 )
-        {
-            self_cnt++;
-        }
-
-        /* path_cnt is 0 for the first intermediate CA,
-         * and if parent is trusted it's not an intermediate CA */
-        if( ! parent_is_trusted &&
-            ver_chain->len > MBEDTLS_X509_MAX_INTERMEDIATE_CA )
-        {
-            /* return immediately to avoid overflow the chain array */
-            return( MBEDTLS_ERR_X509_FATAL_ERROR );
-        }
-
-        /* signature was checked while searching parent */
-        if( ! signature_is_good )
-            *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED;
-
-        /* check size of signing key */
-        if( x509_profile_check_key( profile, &parent->pk ) != 0 )
-            *flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
-
-#if defined(MBEDTLS_X509_CRL_PARSE_C)
-        /* Check trusted CA's CRL for the given crt */
-        *flags |= x509_crt_verifycrl( child, parent, ca_crl, profile );
-#else
-        (void) ca_crl;
-#endif
-
-        /* prepare for next iteration */
-        child = parent;
-        parent = NULL;
-        child_is_trusted = parent_is_trusted;
-        signature_is_good = 0;
-    }
-}
-
-/*
- * Check for CN match
- */
-static int x509_crt_check_cn( const mbedtls_x509_buf *name,
-                              const char *cn, size_t cn_len )
-{
-    /* try exact match */
-    if( name->len == cn_len &&
-        x509_memcasecmp( cn, name->p, cn_len ) == 0 )
-    {
-        return( 0 );
-    }
-
-    /* try wildcard match */
-    if( x509_check_wildcard( cn, name ) == 0 )
-    {
-        return( 0 );
-    }
-
-    return( -1 );
-}
-
-/*
- * Check for SAN match, see RFC 5280 Section 4.2.1.6
- */
-static int x509_crt_check_san( const mbedtls_x509_buf *name,
-                               const char *cn, size_t cn_len )
-{
-    const unsigned char san_type = (unsigned char) name->tag &
-                                   MBEDTLS_ASN1_TAG_VALUE_MASK;
-
-    /* dNSName */
-    if( san_type == MBEDTLS_X509_SAN_DNS_NAME )
-        return( x509_crt_check_cn( name, cn, cn_len ) );
-
-    /* (We may handle other types here later.) */
-
-    /* Unrecognized type */
-    return( -1 );
-}
-
-/*
- * Verify the requested CN - only call this if cn is not NULL!
- */
-static void x509_crt_verify_name( const mbedtls_x509_crt *crt,
-                                  const char *cn,
-                                  uint32_t *flags )
-{
-    const mbedtls_x509_name *name;
-    const mbedtls_x509_sequence *cur;
-    size_t cn_len = strlen( cn );
-
-    if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME )
-    {
-        for( cur = &crt->subject_alt_names; cur != NULL; cur = cur->next )
-        {
-            if( x509_crt_check_san( &cur->buf, cn, cn_len ) == 0 )
-                break;
-        }
-
-        if( cur == NULL )
-            *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH;
-    }
-    else
-    {
-        for( name = &crt->subject; name != NULL; name = name->next )
-        {
-            if( MBEDTLS_OID_CMP( MBEDTLS_OID_AT_CN, &name->oid ) == 0 &&
-                x509_crt_check_cn( &name->val, cn, cn_len ) == 0 )
-            {
-                break;
-            }
-        }
-
-        if( name == NULL )
-            *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH;
-    }
-}
-
-/*
- * Merge the flags for all certs in the chain, after calling callback
- */
-static int x509_crt_merge_flags_with_cb(
-           uint32_t *flags,
-           const mbedtls_x509_crt_verify_chain *ver_chain,
-           int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
-           void *p_vrfy )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned i;
-    uint32_t cur_flags;
-    const mbedtls_x509_crt_verify_chain_item *cur;
-
-    for( i = ver_chain->len; i != 0; --i )
-    {
-        cur = &ver_chain->items[i-1];
-        cur_flags = cur->flags;
-
-        if( NULL != f_vrfy )
-            if( ( ret = f_vrfy( p_vrfy, cur->crt, (int) i-1, &cur_flags ) ) != 0 )
-                return( ret );
-
-        *flags |= cur_flags;
-    }
-
-    return( 0 );
-}
-
-/*
- * Verify the certificate validity, with profile, restartable version
- *
- * This function:
- *  - checks the requested CN (if any)
- *  - checks the type and size of the EE cert's key,
- *    as that isn't done as part of chain building/verification currently
- *  - builds and verifies the chain
- *  - then calls the callback and merges the flags
- *
- * The parameters pairs `trust_ca`, `ca_crl` and `f_ca_cb`, `p_ca_cb`
- * are mutually exclusive: If `f_ca_cb != NULL`, it will be used by the
- * verification routine to search for trusted signers, and CRLs will
- * be disabled. Otherwise, `trust_ca` will be used as the static list
- * of trusted signers, and `ca_crl` will be use as the static list
- * of CRLs.
- */
-static int x509_crt_verify_restartable_ca_cb( mbedtls_x509_crt *crt,
-                     mbedtls_x509_crt *trust_ca,
-                     mbedtls_x509_crl *ca_crl,
-                     mbedtls_x509_crt_ca_cb_t f_ca_cb,
-                     void *p_ca_cb,
-                     const mbedtls_x509_crt_profile *profile,
-                     const char *cn, uint32_t *flags,
-                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
-                     void *p_vrfy,
-                     mbedtls_x509_crt_restart_ctx *rs_ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    mbedtls_pk_type_t pk_type;
-    mbedtls_x509_crt_verify_chain ver_chain;
-    uint32_t ee_flags;
-
-    *flags = 0;
-    ee_flags = 0;
-    x509_crt_verify_chain_reset( &ver_chain );
-
-    if( profile == NULL )
-    {
-        ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA;
-        goto exit;
-    }
-
-    /* check name if requested */
-    if( cn != NULL )
-        x509_crt_verify_name( crt, cn, &ee_flags );
-
-    /* Check the type and size of the key */
-    pk_type = mbedtls_pk_get_type( &crt->pk );
-
-    if( x509_profile_check_pk_alg( profile, pk_type ) != 0 )
-        ee_flags |= MBEDTLS_X509_BADCERT_BAD_PK;
-
-    if( x509_profile_check_key( profile, &crt->pk ) != 0 )
-        ee_flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
-
-    /* Check the chain */
-    ret = x509_crt_verify_chain( crt, trust_ca, ca_crl,
-                                 f_ca_cb, p_ca_cb, profile,
-                                 &ver_chain, rs_ctx );
-
-    if( ret != 0 )
-        goto exit;
-
-    /* Merge end-entity flags */
-    ver_chain.items[0].flags |= ee_flags;
-
-    /* Build final flags, calling callback on the way if any */
-    ret = x509_crt_merge_flags_with_cb( flags, &ver_chain, f_vrfy, p_vrfy );
-
-exit:
-
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-    mbedtls_x509_crt_free( ver_chain.trust_ca_cb_result );
-    mbedtls_free( ver_chain.trust_ca_cb_result );
-    ver_chain.trust_ca_cb_result = NULL;
-#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx != NULL && ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
-        mbedtls_x509_crt_restart_free( rs_ctx );
-#endif
-
-    /* prevent misuse of the vrfy callback - VERIFY_FAILED would be ignored by
-     * the SSL module for authmode optional, but non-zero return from the
-     * callback means a fatal error so it shouldn't be ignored */
-    if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED )
-        ret = MBEDTLS_ERR_X509_FATAL_ERROR;
-
-    if( ret != 0 )
-    {
-        *flags = (uint32_t) -1;
-        return( ret );
-    }
-
-    if( *flags != 0 )
-        return( MBEDTLS_ERR_X509_CERT_VERIFY_FAILED );
-
-    return( 0 );
-}
-
-
-/*
- * Verify the certificate validity (default profile, not restartable)
- */
-int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
-                     mbedtls_x509_crt *trust_ca,
-                     mbedtls_x509_crl *ca_crl,
-                     const char *cn, uint32_t *flags,
-                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
-                     void *p_vrfy )
-{
-    return( x509_crt_verify_restartable_ca_cb( crt, trust_ca, ca_crl,
-                                         NULL, NULL,
-                                         &mbedtls_x509_crt_profile_default,
-                                         cn, flags,
-                                         f_vrfy, p_vrfy, NULL ) );
-}
-
-/*
- * Verify the certificate validity (user-chosen profile, not restartable)
- */
-int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
-                     mbedtls_x509_crt *trust_ca,
-                     mbedtls_x509_crl *ca_crl,
-                     const mbedtls_x509_crt_profile *profile,
-                     const char *cn, uint32_t *flags,
-                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
-                     void *p_vrfy )
-{
-    return( x509_crt_verify_restartable_ca_cb( crt, trust_ca, ca_crl,
-                                                 NULL, NULL,
-                                                 profile, cn, flags,
-                                                 f_vrfy, p_vrfy, NULL ) );
-}
-
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-/*
- * Verify the certificate validity (user-chosen profile, CA callback,
- *                                  not restartable).
- */
-int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt,
-                     mbedtls_x509_crt_ca_cb_t f_ca_cb,
-                     void *p_ca_cb,
-                     const mbedtls_x509_crt_profile *profile,
-                     const char *cn, uint32_t *flags,
-                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
-                     void *p_vrfy )
-{
-    return( x509_crt_verify_restartable_ca_cb( crt, NULL, NULL,
-                                                 f_ca_cb, p_ca_cb,
-                                                 profile, cn, flags,
-                                                 f_vrfy, p_vrfy, NULL ) );
-}
-#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
-
-int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt,
-                     mbedtls_x509_crt *trust_ca,
-                     mbedtls_x509_crl *ca_crl,
-                     const mbedtls_x509_crt_profile *profile,
-                     const char *cn, uint32_t *flags,
-                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
-                     void *p_vrfy,
-                     mbedtls_x509_crt_restart_ctx *rs_ctx )
-{
-    return( x509_crt_verify_restartable_ca_cb( crt, trust_ca, ca_crl,
-                                                 NULL, NULL,
-                                                 profile, cn, flags,
-                                                 f_vrfy, p_vrfy, rs_ctx ) );
-}
-
-
-/*
- * Initialize a certificate chain
- */
-void mbedtls_x509_crt_init( mbedtls_x509_crt *crt )
-{
-    memset( crt, 0, sizeof(mbedtls_x509_crt) );
-}
-
-/*
- * Unallocate all certificate data
- */
-void mbedtls_x509_crt_free( mbedtls_x509_crt *crt )
-{
-    mbedtls_x509_crt *cert_cur = crt;
-    mbedtls_x509_crt *cert_prv;
-    mbedtls_x509_name *name_cur;
-    mbedtls_x509_name *name_prv;
-    mbedtls_x509_sequence *seq_cur;
-    mbedtls_x509_sequence *seq_prv;
-
-    if( crt == NULL )
-        return;
-
-    do
-    {
-        mbedtls_pk_free( &cert_cur->pk );
-
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
-        mbedtls_free( cert_cur->sig_opts );
-#endif
-
-        name_cur = cert_cur->issuer.next;
-        while( name_cur != NULL )
-        {
-            name_prv = name_cur;
-            name_cur = name_cur->next;
-            mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) );
-            mbedtls_free( name_prv );
-        }
-
-        name_cur = cert_cur->subject.next;
-        while( name_cur != NULL )
-        {
-            name_prv = name_cur;
-            name_cur = name_cur->next;
-            mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) );
-            mbedtls_free( name_prv );
-        }
-
-        seq_cur = cert_cur->ext_key_usage.next;
-        while( seq_cur != NULL )
-        {
-            seq_prv = seq_cur;
-            seq_cur = seq_cur->next;
-            mbedtls_platform_zeroize( seq_prv,
-                                      sizeof( mbedtls_x509_sequence ) );
-            mbedtls_free( seq_prv );
-        }
-
-        seq_cur = cert_cur->subject_alt_names.next;
-        while( seq_cur != NULL )
-        {
-            seq_prv = seq_cur;
-            seq_cur = seq_cur->next;
-            mbedtls_platform_zeroize( seq_prv,
-                                      sizeof( mbedtls_x509_sequence ) );
-            mbedtls_free( seq_prv );
-        }
-
-        seq_cur = cert_cur->certificate_policies.next;
-        while( seq_cur != NULL )
-        {
-            seq_prv = seq_cur;
-            seq_cur = seq_cur->next;
-            mbedtls_platform_zeroize( seq_prv,
-                                      sizeof( mbedtls_x509_sequence ) );
-            mbedtls_free( seq_prv );
-        }
-
-        if( cert_cur->raw.p != NULL && cert_cur->own_buffer )
-        {
-            mbedtls_platform_zeroize( cert_cur->raw.p, cert_cur->raw.len );
-            mbedtls_free( cert_cur->raw.p );
-        }
-
-        cert_cur = cert_cur->next;
-    }
-    while( cert_cur != NULL );
-
-    cert_cur = crt;
-    do
-    {
-        cert_prv = cert_cur;
-        cert_cur = cert_cur->next;
-
-        mbedtls_platform_zeroize( cert_prv, sizeof( mbedtls_x509_crt ) );
-        if( cert_prv != crt )
-            mbedtls_free( cert_prv );
-    }
-    while( cert_cur != NULL );
-}
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-/*
- * Initialize a restart context
- */
-void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx )
-{
-    mbedtls_pk_restart_init( &ctx->pk );
-
-    ctx->parent = NULL;
-    ctx->fallback_parent = NULL;
-    ctx->fallback_signature_is_good = 0;
-
-    ctx->parent_is_trusted = -1;
-
-    ctx->in_progress = x509_crt_rs_none;
-    ctx->self_cnt = 0;
-    x509_crt_verify_chain_reset( &ctx->ver_chain );
-}
-
-/*
- * Free the components of a restart context
- */
-void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_pk_restart_free( &ctx->pk );
-    mbedtls_x509_crt_restart_init( ctx );
-}
-#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
-
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/x509_csr.c b/3rdparty/mbedtls-2.25.0/library/x509_csr.c
deleted file mode 100644
index 5463f8a..0000000
--- a/3rdparty/mbedtls-2.25.0/library/x509_csr.c
+++ /dev/null
@@ -1,414 +0,0 @@
-/*
- *  X.509 Certificate Signing Request (CSR) parsing
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- *  The ITU-T X.509 standard defines a certificate format for PKI.
- *
- *  http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs)
- *  http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs)
- *  http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10)
- *
- *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
- *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_X509_CSR_PARSE_C)
-
-#include "mbedtls/x509_csr.h"
-#include "mbedtls/error.h"
-#include "mbedtls/oid.h"
-#include "mbedtls/platform_util.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_PEM_PARSE_C)
-#include "mbedtls/pem.h"
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#include <stdio.h>
-#define mbedtls_free       free
-#define mbedtls_calloc    calloc
-#define mbedtls_snprintf   snprintf
-#endif
-
-#if defined(MBEDTLS_FS_IO) || defined(EFIX64) || defined(EFI32)
-#include <stdio.h>
-#endif
-
-/*
- *  Version  ::=  INTEGER  {  v1(0)  }
- */
-static int x509_csr_get_version( unsigned char **p,
-                             const unsigned char *end,
-                             int *ver )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 )
-    {
-        if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
-        {
-            *ver = 0;
-            return( 0 );
-        }
-
-        return( MBEDTLS_ERR_X509_INVALID_VERSION + ret );
-    }
-
-    return( 0 );
-}
-
-/*
- * Parse a CSR in DER format
- */
-int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr,
-                        const unsigned char *buf, size_t buflen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len;
-    unsigned char *p, *end;
-    mbedtls_x509_buf sig_params;
-
-    memset( &sig_params, 0, sizeof( mbedtls_x509_buf ) );
-
-    /*
-     * Check for valid input
-     */
-    if( csr == NULL || buf == NULL || buflen == 0 )
-        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
-
-    mbedtls_x509_csr_init( csr );
-
-    /*
-     * first copy the raw DER data
-     */
-    p = mbedtls_calloc( 1, len = buflen );
-
-    if( p == NULL )
-        return( MBEDTLS_ERR_X509_ALLOC_FAILED );
-
-    memcpy( p, buf, buflen );
-
-    csr->raw.p = p;
-    csr->raw.len = len;
-    end = p + len;
-
-    /*
-     *  CertificationRequest ::= SEQUENCE {
-     *       certificationRequestInfo CertificationRequestInfo,
-     *       signatureAlgorithm AlgorithmIdentifier,
-     *       signature          BIT STRING
-     *  }
-     */
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        mbedtls_x509_csr_free( csr );
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT );
-    }
-
-    if( len != (size_t) ( end - p ) )
-    {
-        mbedtls_x509_csr_free( csr );
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-    }
-
-    /*
-     *  CertificationRequestInfo ::= SEQUENCE {
-     */
-    csr->cri.p = p;
-
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        mbedtls_x509_csr_free( csr );
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
-    }
-
-    end = p + len;
-    csr->cri.len = end - csr->cri.p;
-
-    /*
-     *  Version  ::=  INTEGER {  v1(0) }
-     */
-    if( ( ret = x509_csr_get_version( &p, end, &csr->version ) ) != 0 )
-    {
-        mbedtls_x509_csr_free( csr );
-        return( ret );
-    }
-
-    if( csr->version != 0 )
-    {
-        mbedtls_x509_csr_free( csr );
-        return( MBEDTLS_ERR_X509_UNKNOWN_VERSION );
-    }
-
-    csr->version++;
-
-    /*
-     *  subject               Name
-     */
-    csr->subject_raw.p = p;
-
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        mbedtls_x509_csr_free( csr );
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
-    }
-
-    if( ( ret = mbedtls_x509_get_name( &p, p + len, &csr->subject ) ) != 0 )
-    {
-        mbedtls_x509_csr_free( csr );
-        return( ret );
-    }
-
-    csr->subject_raw.len = p - csr->subject_raw.p;
-
-    /*
-     *  subjectPKInfo SubjectPublicKeyInfo
-     */
-    if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &csr->pk ) ) != 0 )
-    {
-        mbedtls_x509_csr_free( csr );
-        return( ret );
-    }
-
-    /*
-     *  attributes    [0] Attributes
-     *
-     *  The list of possible attributes is open-ended, though RFC 2985
-     *  (PKCS#9) defines a few in section 5.4. We currently don't support any,
-     *  so we just ignore them. This is a safe thing to do as the worst thing
-     *  that could happen is that we issue a certificate that does not match
-     *  the requester's expectations - this cannot cause a violation of our
-     *  signature policies.
-     */
-    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ) != 0 )
-    {
-        mbedtls_x509_csr_free( csr );
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
-    }
-
-    p += len;
-
-    end = csr->raw.p + csr->raw.len;
-
-    /*
-     *  signatureAlgorithm   AlgorithmIdentifier,
-     *  signature            BIT STRING
-     */
-    if( ( ret = mbedtls_x509_get_alg( &p, end, &csr->sig_oid, &sig_params ) ) != 0 )
-    {
-        mbedtls_x509_csr_free( csr );
-        return( ret );
-    }
-
-    if( ( ret = mbedtls_x509_get_sig_alg( &csr->sig_oid, &sig_params,
-                                  &csr->sig_md, &csr->sig_pk,
-                                  &csr->sig_opts ) ) != 0 )
-    {
-        mbedtls_x509_csr_free( csr );
-        return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG );
-    }
-
-    if( ( ret = mbedtls_x509_get_sig( &p, end, &csr->sig ) ) != 0 )
-    {
-        mbedtls_x509_csr_free( csr );
-        return( ret );
-    }
-
-    if( p != end )
-    {
-        mbedtls_x509_csr_free( csr );
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT +
-                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-    }
-
-    return( 0 );
-}
-
-/*
- * Parse a CSR, allowing for PEM or raw DER encoding
- */
-int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen )
-{
-#if defined(MBEDTLS_PEM_PARSE_C)
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t use_len;
-    mbedtls_pem_context pem;
-#endif
-
-    /*
-     * Check for valid input
-     */
-    if( csr == NULL || buf == NULL || buflen == 0 )
-        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_PEM_PARSE_C)
-    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
-    if( buf[buflen - 1] == '\0' )
-    {
-        mbedtls_pem_init( &pem );
-        ret = mbedtls_pem_read_buffer( &pem,
-                                       "-----BEGIN CERTIFICATE REQUEST-----",
-                                       "-----END CERTIFICATE REQUEST-----",
-                                       buf, NULL, 0, &use_len );
-        if( ret == MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
-        {
-            ret = mbedtls_pem_read_buffer( &pem,
-                                           "-----BEGIN NEW CERTIFICATE REQUEST-----",
-                                           "-----END NEW CERTIFICATE REQUEST-----",
-                                           buf, NULL, 0, &use_len );
-        }
-
-        if( ret == 0 )
-        {
-            /*
-             * Was PEM encoded, parse the result
-             */
-            ret = mbedtls_x509_csr_parse_der( csr, pem.buf, pem.buflen );
-        }
-
-        mbedtls_pem_free( &pem );
-        if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
-            return( ret );
-    }
-#endif /* MBEDTLS_PEM_PARSE_C */
-    return( mbedtls_x509_csr_parse_der( csr, buf, buflen ) );
-}
-
-#if defined(MBEDTLS_FS_IO)
-/*
- * Load a CSR into the structure
- */
-int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t n;
-    unsigned char *buf;
-
-    if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 )
-        return( ret );
-
-    ret = mbedtls_x509_csr_parse( csr, buf, n );
-
-    mbedtls_platform_zeroize( buf, n );
-    mbedtls_free( buf );
-
-    return( ret );
-}
-#endif /* MBEDTLS_FS_IO */
-
-#define BEFORE_COLON    14
-#define BC              "14"
-/*
- * Return an informational string about the CSR.
- */
-int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix,
-                   const mbedtls_x509_csr *csr )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t n;
-    char *p;
-    char key_size_str[BEFORE_COLON];
-
-    p = buf;
-    n = size;
-
-    ret = mbedtls_snprintf( p, n, "%sCSR version   : %d",
-                               prefix, csr->version );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    ret = mbedtls_snprintf( p, n, "\n%ssubject name  : ", prefix );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-    ret = mbedtls_x509_dn_gets( p, n, &csr->subject );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    ret = mbedtls_snprintf( p, n, "\n%ssigned using  : ", prefix );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    ret = mbedtls_x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md,
-                             csr->sig_opts );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    if( ( ret = mbedtls_x509_key_size_helper( key_size_str, BEFORE_COLON,
-                                      mbedtls_pk_get_name( &csr->pk ) ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    ret = mbedtls_snprintf( p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str,
-                          (int) mbedtls_pk_get_bitlen( &csr->pk ) );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    return( (int) ( size - n ) );
-}
-
-/*
- * Initialize a CSR
- */
-void mbedtls_x509_csr_init( mbedtls_x509_csr *csr )
-{
-    memset( csr, 0, sizeof(mbedtls_x509_csr) );
-}
-
-/*
- * Unallocate all CSR data
- */
-void mbedtls_x509_csr_free( mbedtls_x509_csr *csr )
-{
-    mbedtls_x509_name *name_cur;
-    mbedtls_x509_name *name_prv;
-
-    if( csr == NULL )
-        return;
-
-    mbedtls_pk_free( &csr->pk );
-
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
-    mbedtls_free( csr->sig_opts );
-#endif
-
-    name_cur = csr->subject.next;
-    while( name_cur != NULL )
-    {
-        name_prv = name_cur;
-        name_cur = name_cur->next;
-        mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) );
-        mbedtls_free( name_prv );
-    }
-
-    if( csr->raw.p != NULL )
-    {
-        mbedtls_platform_zeroize( csr->raw.p, csr->raw.len );
-        mbedtls_free( csr->raw.p );
-    }
-
-    mbedtls_platform_zeroize( csr, sizeof( mbedtls_x509_csr ) );
-}
-
-#endif /* MBEDTLS_X509_CSR_PARSE_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/x509write_crt.c b/3rdparty/mbedtls-2.25.0/library/x509write_crt.c
deleted file mode 100644
index 32c6550..0000000
--- a/3rdparty/mbedtls-2.25.0/library/x509write_crt.c
+++ /dev/null
@@ -1,544 +0,0 @@
-/*
- *  X.509 certificate writing
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- * References:
- * - certificates: RFC 5280, updated by RFC 6818
- * - CSRs: PKCS#10 v1.7 aka RFC 2986
- * - attributes: PKCS#9 v2.0 aka RFC 2985
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_X509_CRT_WRITE_C)
-
-#include "mbedtls/x509_crt.h"
-#include "mbedtls/asn1write.h"
-#include "mbedtls/error.h"
-#include "mbedtls/oid.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/sha1.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_PEM_WRITE_C)
-#include "mbedtls/pem.h"
-#endif /* MBEDTLS_PEM_WRITE_C */
-
-void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx )
-{
-    memset( ctx, 0, sizeof( mbedtls_x509write_cert ) );
-
-    mbedtls_mpi_init( &ctx->serial );
-    ctx->version = MBEDTLS_X509_CRT_VERSION_3;
-}
-
-void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx )
-{
-    mbedtls_mpi_free( &ctx->serial );
-
-    mbedtls_asn1_free_named_data_list( &ctx->subject );
-    mbedtls_asn1_free_named_data_list( &ctx->issuer );
-    mbedtls_asn1_free_named_data_list( &ctx->extensions );
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_x509write_cert ) );
-}
-
-void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx,
-                                        int version )
-{
-    ctx->version = version;
-}
-
-void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx,
-                                       mbedtls_md_type_t md_alg )
-{
-    ctx->md_alg = md_alg;
-}
-
-void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx,
-                                            mbedtls_pk_context *key )
-{
-    ctx->subject_key = key;
-}
-
-void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx,
-                                           mbedtls_pk_context *key )
-{
-    ctx->issuer_key = key;
-}
-
-int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx,
-                                            const char *subject_name )
-{
-    return mbedtls_x509_string_to_names( &ctx->subject, subject_name );
-}
-
-int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx,
-                                           const char *issuer_name )
-{
-    return mbedtls_x509_string_to_names( &ctx->issuer, issuer_name );
-}
-
-int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx,
-                                      const mbedtls_mpi *serial )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    if( ( ret = mbedtls_mpi_copy( &ctx->serial, serial ) ) != 0 )
-        return( ret );
-
-    return( 0 );
-}
-
-int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx,
-                                        const char *not_before,
-                                        const char *not_after )
-{
-    if( strlen( not_before ) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 ||
-        strlen( not_after )  != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 )
-    {
-        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
-    }
-    strncpy( ctx->not_before, not_before, MBEDTLS_X509_RFC5280_UTC_TIME_LEN );
-    strncpy( ctx->not_after , not_after , MBEDTLS_X509_RFC5280_UTC_TIME_LEN );
-    ctx->not_before[MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1] = 'Z';
-    ctx->not_after[MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1] = 'Z';
-
-    return( 0 );
-}
-
-int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx,
-                                 const char *oid, size_t oid_len,
-                                 int critical,
-                                 const unsigned char *val, size_t val_len )
-{
-    return( mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len,
-                                        critical, val, val_len ) );
-}
-
-int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
-                                                 int is_ca, int max_pathlen )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char buf[9];
-    unsigned char *c = buf + sizeof(buf);
-    size_t len = 0;
-
-    memset( buf, 0, sizeof(buf) );
-
-    if( is_ca && max_pathlen > 127 )
-        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
-
-    if( is_ca )
-    {
-        if( max_pathlen >= 0 )
-        {
-            MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf,
-                                                               max_pathlen ) );
-        }
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_bool( &c, buf, 1 ) );
-    }
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf,
-                                                MBEDTLS_ASN1_CONSTRUCTED |
-                                                MBEDTLS_ASN1_SEQUENCE ) );
-
-    return(
-        mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_BASIC_CONSTRAINTS,
-                             MBEDTLS_OID_SIZE( MBEDTLS_OID_BASIC_CONSTRAINTS ),
-                             0, buf + sizeof(buf) - len, len ) );
-}
-
-#if defined(MBEDTLS_SHA1_C)
-int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */
-    unsigned char *c = buf + sizeof(buf);
-    size_t len = 0;
-
-    memset( buf, 0, sizeof(buf) );
-    MBEDTLS_ASN1_CHK_ADD( len,
-                mbedtls_pk_write_pubkey( &c, buf, ctx->subject_key ) );
-
-    ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len,
-                            buf + sizeof( buf ) - 20 );
-    if( ret != 0 )
-        return( ret );
-    c = buf + sizeof( buf ) - 20;
-    len = 20;
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len,
-            mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_OCTET_STRING ) );
-
-    return mbedtls_x509write_crt_set_extension( ctx,
-                 MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER,
-                 MBEDTLS_OID_SIZE( MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER ),
-                 0, buf + sizeof(buf) - len, len );
-}
-
-int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */
-    unsigned char *c = buf + sizeof( buf );
-    size_t len = 0;
-
-    memset( buf, 0, sizeof(buf) );
-    MBEDTLS_ASN1_CHK_ADD( len,
-                          mbedtls_pk_write_pubkey( &c, buf, ctx->issuer_key ) );
-
-    ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len,
-                            buf + sizeof( buf ) - 20 );
-    if( ret != 0 )
-        return( ret );
-    c = buf + sizeof( buf ) - 20;
-    len = 20;
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len,
-        mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0 ) );
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len,
-                          mbedtls_asn1_write_tag( &c, buf,
-                                                  MBEDTLS_ASN1_CONSTRUCTED |
-                                                  MBEDTLS_ASN1_SEQUENCE ) );
-
-    return mbedtls_x509write_crt_set_extension(
-        ctx, MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER,
-        MBEDTLS_OID_SIZE( MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER ),
-        0, buf + sizeof( buf ) - len, len );
-}
-#endif /* MBEDTLS_SHA1_C */
-
-int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
-                                         unsigned int key_usage )
-{
-    unsigned char buf[5], ku[2];
-    unsigned char *c;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const unsigned int allowed_bits = MBEDTLS_X509_KU_DIGITAL_SIGNATURE |
-        MBEDTLS_X509_KU_NON_REPUDIATION   |
-        MBEDTLS_X509_KU_KEY_ENCIPHERMENT  |
-        MBEDTLS_X509_KU_DATA_ENCIPHERMENT |
-        MBEDTLS_X509_KU_KEY_AGREEMENT     |
-        MBEDTLS_X509_KU_KEY_CERT_SIGN     |
-        MBEDTLS_X509_KU_CRL_SIGN          |
-        MBEDTLS_X509_KU_ENCIPHER_ONLY     |
-        MBEDTLS_X509_KU_DECIPHER_ONLY;
-
-    /* Check that nothing other than the allowed flags is set */
-    if( ( key_usage & ~allowed_bits ) != 0 )
-        return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE );
-
-    c = buf + 5;
-    ku[0] = (unsigned char)( key_usage      );
-    ku[1] = (unsigned char)( key_usage >> 8 );
-    ret = mbedtls_asn1_write_named_bitstring( &c, buf, ku, 9 );
-
-    if( ret < 0 )
-        return( ret );
-    else if( ret < 3 || ret > 5 )
-        return( MBEDTLS_ERR_X509_INVALID_FORMAT );
-
-    ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_KEY_USAGE,
-                                   MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ),
-                                   1, c, (size_t)ret );
-    if( ret != 0 )
-        return( ret );
-
-    return( 0 );
-}
-
-int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx,
-                                    unsigned char ns_cert_type )
-{
-    unsigned char buf[4];
-    unsigned char *c;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    c = buf + 4;
-
-    ret = mbedtls_asn1_write_named_bitstring( &c, buf, &ns_cert_type, 8 );
-    if( ret < 3 || ret > 4 )
-        return( ret );
-
-    ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE,
-                                   MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ),
-                                   0, c, (size_t)ret );
-    if( ret != 0 )
-        return( ret );
-
-    return( 0 );
-}
-
-static int x509_write_time( unsigned char **p, unsigned char *start,
-                            const char *t, size_t size )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t len = 0;
-
-    /*
-     * write MBEDTLS_ASN1_UTC_TIME if year < 2050 (2 bytes shorter)
-     */
-    if( t[0] == '2' && t[1] == '0' && t[2] < '5' )
-    {
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
-                                             (const unsigned char *) t + 2,
-                                             size - 2 ) );
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start,
-                                             MBEDTLS_ASN1_UTC_TIME ) );
-    }
-    else
-    {
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
-                                                  (const unsigned char *) t,
-                                                  size ) );
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start,
-                                             MBEDTLS_ASN1_GENERALIZED_TIME ) );
-    }
-
-    return( (int) len );
-}
-
-int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx,
-                               unsigned char *buf, size_t size,
-                               int (*f_rng)(void *, unsigned char *, size_t),
-                               void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const char *sig_oid;
-    size_t sig_oid_len = 0;
-    unsigned char *c, *c2;
-    unsigned char hash[64];
-    unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
-    size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len;
-    size_t len = 0;
-    mbedtls_pk_type_t pk_alg;
-
-    /*
-     * Prepare data to be signed at the end of the target buffer
-     */
-    c = buf + size;
-
-    /* Signature algorithm needed in TBS, and later for actual signature */
-
-    /* There's no direct way of extracting a signature algorithm
-     * (represented as an element of mbedtls_pk_type_t) from a PK instance. */
-    if( mbedtls_pk_can_do( ctx->issuer_key, MBEDTLS_PK_RSA ) )
-        pk_alg = MBEDTLS_PK_RSA;
-    else if( mbedtls_pk_can_do( ctx->issuer_key, MBEDTLS_PK_ECDSA ) )
-        pk_alg = MBEDTLS_PK_ECDSA;
-    else
-        return( MBEDTLS_ERR_X509_INVALID_ALG );
-
-    if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg,
-                                          &sig_oid, &sig_oid_len ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    /*
-     *  Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
-     */
-
-    /* Only for v3 */
-    if( ctx->version == MBEDTLS_X509_CRT_VERSION_3 )
-    {
-        MBEDTLS_ASN1_CHK_ADD( len,
-                              mbedtls_x509_write_extensions( &c,
-                                                      buf, ctx->extensions ) );
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
-        MBEDTLS_ASN1_CHK_ADD( len,
-                              mbedtls_asn1_write_tag( &c, buf,
-                                                      MBEDTLS_ASN1_CONSTRUCTED |
-                                                      MBEDTLS_ASN1_SEQUENCE ) );
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
-        MBEDTLS_ASN1_CHK_ADD( len,
-                              mbedtls_asn1_write_tag( &c, buf,
-                                               MBEDTLS_ASN1_CONTEXT_SPECIFIC |
-                                               MBEDTLS_ASN1_CONSTRUCTED | 3 ) );
-    }
-
-    /*
-     *  SubjectPublicKeyInfo
-     */
-    MBEDTLS_ASN1_CHK_ADD( pub_len,
-                          mbedtls_pk_write_pubkey_der( ctx->subject_key,
-                                                       buf, c - buf ) );
-    c -= pub_len;
-    len += pub_len;
-
-    /*
-     *  Subject  ::=  Name
-     */
-    MBEDTLS_ASN1_CHK_ADD( len,
-                          mbedtls_x509_write_names( &c, buf,
-                                                    ctx->subject ) );
-
-    /*
-     *  Validity ::= SEQUENCE {
-     *       notBefore      Time,
-     *       notAfter       Time }
-     */
-    sub_len = 0;
-
-    MBEDTLS_ASN1_CHK_ADD( sub_len,
-                          x509_write_time( &c, buf, ctx->not_after,
-                                        MBEDTLS_X509_RFC5280_UTC_TIME_LEN ) );
-
-    MBEDTLS_ASN1_CHK_ADD( sub_len,
-                          x509_write_time( &c, buf, ctx->not_before,
-                                        MBEDTLS_X509_RFC5280_UTC_TIME_LEN ) );
-
-    len += sub_len;
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, sub_len ) );
-    MBEDTLS_ASN1_CHK_ADD( len,
-                          mbedtls_asn1_write_tag( &c, buf,
-                                                  MBEDTLS_ASN1_CONSTRUCTED |
-                                                  MBEDTLS_ASN1_SEQUENCE ) );
-
-    /*
-     *  Issuer  ::=  Name
-     */
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, buf,
-                                                         ctx->issuer ) );
-
-    /*
-     *  Signature   ::=  AlgorithmIdentifier
-     */
-    MBEDTLS_ASN1_CHK_ADD( len,
-                          mbedtls_asn1_write_algorithm_identifier( &c, buf,
-                                              sig_oid, strlen( sig_oid ), 0 ) );
-
-    /*
-     *  Serial   ::=  INTEGER
-     */
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf,
-                                                       &ctx->serial ) );
-
-    /*
-     *  Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
-     */
-
-    /* Can be omitted for v1 */
-    if( ctx->version != MBEDTLS_X509_CRT_VERSION_1 )
-    {
-        sub_len = 0;
-        MBEDTLS_ASN1_CHK_ADD( sub_len,
-                              mbedtls_asn1_write_int( &c, buf, ctx->version ) );
-        len += sub_len;
-        MBEDTLS_ASN1_CHK_ADD( len,
-                              mbedtls_asn1_write_len( &c, buf, sub_len ) );
-        MBEDTLS_ASN1_CHK_ADD( len,
-                              mbedtls_asn1_write_tag( &c, buf,
-                                               MBEDTLS_ASN1_CONTEXT_SPECIFIC |
-                                               MBEDTLS_ASN1_CONSTRUCTED | 0 ) );
-    }
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len,
-                mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED |
-                                                     MBEDTLS_ASN1_SEQUENCE ) );
-
-    /*
-     * Make signature
-     */
-
-    /* Compute hash of CRT. */
-    if( ( ret = mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c,
-                            len, hash ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    if( ( ret = mbedtls_pk_sign( ctx->issuer_key, ctx->md_alg,
-                                 hash, 0, sig, &sig_len,
-                                 f_rng, p_rng ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    /* Move CRT to the front of the buffer to have space
-     * for the signature. */
-    memmove( buf, c, len );
-    c = buf + len;
-
-    /* Add signature at the end of the buffer,
-     * making sure that it doesn't underflow
-     * into the CRT buffer. */
-    c2 = buf + size;
-    MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, mbedtls_x509_write_sig( &c2, c,
-                                        sig_oid, sig_oid_len, sig, sig_len ) );
-
-    /*
-     * Memory layout after this step:
-     *
-     * buf       c=buf+len                c2            buf+size
-     * [CRT0,...,CRTn, UNUSED, ..., UNUSED, SIG0, ..., SIGm]
-     */
-
-    /* Move raw CRT to just before the signature. */
-    c = c2 - len;
-    memmove( c, buf, len );
-
-    len += sig_and_oid_len;
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf,
-                                                 MBEDTLS_ASN1_CONSTRUCTED |
-                                                 MBEDTLS_ASN1_SEQUENCE ) );
-
-    return( (int) len );
-}
-
-#define PEM_BEGIN_CRT           "-----BEGIN CERTIFICATE-----\n"
-#define PEM_END_CRT             "-----END CERTIFICATE-----\n"
-
-#if defined(MBEDTLS_PEM_WRITE_C)
-int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *crt,
-                               unsigned char *buf, size_t size,
-                               int (*f_rng)(void *, unsigned char *, size_t),
-                               void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t olen;
-
-    if( ( ret = mbedtls_x509write_crt_der( crt, buf, size,
-                                   f_rng, p_rng ) ) < 0 )
-    {
-        return( ret );
-    }
-
-    if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CRT, PEM_END_CRT,
-                                          buf + size - ret, ret,
-                                          buf, size, &olen ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_PEM_WRITE_C */
-
-#endif /* MBEDTLS_X509_CRT_WRITE_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/x509write_csr.c b/3rdparty/mbedtls-2.25.0/library/x509write_csr.c
deleted file mode 100644
index c7c8032..0000000
--- a/3rdparty/mbedtls-2.25.0/library/x509write_csr.c
+++ /dev/null
@@ -1,341 +0,0 @@
-/*
- *  X.509 Certificate Signing Request writing
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-/*
- * References:
- * - CSRs: PKCS#10 v1.7 aka RFC 2986
- * - attributes: PKCS#9 v2.0 aka RFC 2985
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_X509_CSR_WRITE_C)
-
-#include "mbedtls/x509_csr.h"
-#include "mbedtls/asn1write.h"
-#include "mbedtls/error.h"
-#include "mbedtls/oid.h"
-#include "mbedtls/platform_util.h"
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "psa/crypto.h"
-#include "mbedtls/psa_util.h"
-#endif
-
-#include <string.h>
-#include <stdlib.h>
-
-#if defined(MBEDTLS_PEM_WRITE_C)
-#include "mbedtls/pem.h"
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc    calloc
-#define mbedtls_free      free
-#endif
-
-void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx )
-{
-    memset( ctx, 0, sizeof( mbedtls_x509write_csr ) );
-}
-
-void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx )
-{
-    mbedtls_asn1_free_named_data_list( &ctx->subject );
-    mbedtls_asn1_free_named_data_list( &ctx->extensions );
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_x509write_csr ) );
-}
-
-void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg )
-{
-    ctx->md_alg = md_alg;
-}
-
-void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key )
-{
-    ctx->key = key;
-}
-
-int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx,
-                                    const char *subject_name )
-{
-    return mbedtls_x509_string_to_names( &ctx->subject, subject_name );
-}
-
-int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx,
-                                 const char *oid, size_t oid_len,
-                                 const unsigned char *val, size_t val_len )
-{
-    return mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len,
-                               0, val, val_len );
-}
-
-int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage )
-{
-    unsigned char buf[4];
-    unsigned char *c;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    c = buf + 4;
-
-    ret = mbedtls_asn1_write_named_bitstring( &c, buf, &key_usage, 8 );
-    if( ret < 3 || ret > 4 )
-        return( ret );
-
-    ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_KEY_USAGE,
-                                       MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ),
-                                       c, (size_t)ret );
-    if( ret != 0 )
-        return( ret );
-
-    return( 0 );
-}
-
-int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx,
-                                    unsigned char ns_cert_type )
-{
-    unsigned char buf[4];
-    unsigned char *c;
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
-    c = buf + 4;
-
-    ret = mbedtls_asn1_write_named_bitstring( &c, buf, &ns_cert_type, 8 );
-    if( ret < 3 || ret > 4 )
-        return( ret );
-
-    ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE,
-                                       MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ),
-                                       c, (size_t)ret );
-    if( ret != 0 )
-        return( ret );
-
-    return( 0 );
-}
-
-static int x509write_csr_der_internal( mbedtls_x509write_csr *ctx,
-                                 unsigned char *buf,
-                                 size_t size,
-                                 unsigned char *sig,
-                                 int (*f_rng)(void *, unsigned char *, size_t),
-                                 void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    const char *sig_oid;
-    size_t sig_oid_len = 0;
-    unsigned char *c, *c2;
-    unsigned char hash[64];
-    size_t pub_len = 0, sig_and_oid_len = 0, sig_len;
-    size_t len = 0;
-    mbedtls_pk_type_t pk_alg;
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT;
-    size_t hash_len;
-    psa_algorithm_t hash_alg = mbedtls_psa_translate_md( ctx->md_alg );
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-    /* Write the CSR backwards starting from the end of buf */
-    c = buf + size;
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, buf,
-                                                           ctx->extensions ) );
-
-    if( len )
-    {
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
-        MBEDTLS_ASN1_CHK_ADD( len,
-            mbedtls_asn1_write_tag(
-                &c, buf,
-                MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
-
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
-        MBEDTLS_ASN1_CHK_ADD( len,
-            mbedtls_asn1_write_tag(
-                &c, buf,
-                MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) );
-
-        MBEDTLS_ASN1_CHK_ADD( len,
-            mbedtls_asn1_write_oid(
-                &c, buf, MBEDTLS_OID_PKCS9_CSR_EXT_REQ,
-                MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_CSR_EXT_REQ ) ) );
-
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
-        MBEDTLS_ASN1_CHK_ADD( len,
-            mbedtls_asn1_write_tag(
-                &c, buf,
-                MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
-    }
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len,
-        mbedtls_asn1_write_tag(
-            &c, buf,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) );
-
-    MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_pk_write_pubkey_der( ctx->key,
-                                                              buf, c - buf ) );
-    c -= pub_len;
-    len += pub_len;
-
-    /*
-     *  Subject  ::=  Name
-     */
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, buf,
-                                                         ctx->subject ) );
-
-    /*
-     *  Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
-     */
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 0 ) );
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len,
-        mbedtls_asn1_write_tag(
-            &c, buf,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
-
-    /*
-     * Sign the written CSR data into the sig buffer
-     * Note: hash errors can happen only after an internal error
-     */
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS )
-        return( MBEDTLS_ERR_X509_FATAL_ERROR );
-
-    if( psa_hash_update( &hash_operation, c, len ) != PSA_SUCCESS )
-        return( MBEDTLS_ERR_X509_FATAL_ERROR );
-
-    if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len )
-        != PSA_SUCCESS )
-    {
-        return( MBEDTLS_ERR_X509_FATAL_ERROR );
-    }
-#else /* MBEDTLS_USE_PSA_CRYPTO */
-    ret = mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash );
-    if( ret != 0 )
-        return( ret );
-#endif
-    if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len,
-                                 f_rng, p_rng ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_RSA ) )
-        pk_alg = MBEDTLS_PK_RSA;
-    else if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_ECDSA ) )
-        pk_alg = MBEDTLS_PK_ECDSA;
-    else
-        return( MBEDTLS_ERR_X509_INVALID_ALG );
-
-    if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg,
-                                              &sig_oid, &sig_oid_len ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    /*
-     * Move the written CSR data to the start of buf to create space for
-     * writing the signature into buf.
-     */
-    memmove( buf, c, len );
-
-    /*
-     * Write sig and its OID into buf backwards from the end of buf.
-     * Note: mbedtls_x509_write_sig will check for c2 - ( buf + len ) < sig_len
-     * and return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL if needed.
-     */
-    c2 = buf + size;
-    MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len,
-        mbedtls_x509_write_sig( &c2, buf + len, sig_oid, sig_oid_len,
-                                sig, sig_len ) );
-
-    /*
-     * Compact the space between the CSR data and signature by moving the
-     * CSR data to the start of the signature.
-     */
-    c2 -= len;
-    memmove( c2, buf, len );
-
-    /* ASN encode the total size and tag the CSR data with it. */
-    len += sig_and_oid_len;
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c2, buf, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len,
-        mbedtls_asn1_write_tag(
-            &c2, buf,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
-
-    /* Zero the unused bytes at the start of buf */
-    memset( buf, 0, c2 - buf);
-
-    return( (int) len );
-}
-
-int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf,
-                               size_t size,
-                               int (*f_rng)(void *, unsigned char *, size_t),
-                               void *p_rng )
-{
-    int ret;
-    unsigned char *sig;
-
-    if( ( sig = mbedtls_calloc( 1, MBEDTLS_PK_SIGNATURE_MAX_SIZE ) ) == NULL )
-    {
-        return( MBEDTLS_ERR_X509_ALLOC_FAILED );
-    }
-
-    ret = x509write_csr_der_internal( ctx, buf, size, sig, f_rng, p_rng );
-
-    mbedtls_free( sig );
-
-    return( ret );
-}
-
-#define PEM_BEGIN_CSR           "-----BEGIN CERTIFICATE REQUEST-----\n"
-#define PEM_END_CSR             "-----END CERTIFICATE REQUEST-----\n"
-
-#if defined(MBEDTLS_PEM_WRITE_C)
-int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
-                       int (*f_rng)(void *, unsigned char *, size_t),
-                       void *p_rng )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    size_t olen = 0;
-
-    if( ( ret = mbedtls_x509write_csr_der( ctx, buf, size,
-                                   f_rng, p_rng ) ) < 0 )
-    {
-        return( ret );
-    }
-
-    if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CSR, PEM_END_CSR,
-                                  buf + size - ret,
-                                  ret, buf, size, &olen ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_PEM_WRITE_C */
-
-#endif /* MBEDTLS_X509_CSR_WRITE_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/xtea.c b/3rdparty/mbedtls-2.25.0/library/xtea.c
deleted file mode 100644
index 4b8c9c0..0000000
--- a/3rdparty/mbedtls-2.25.0/library/xtea.c
+++ /dev/null
@@ -1,271 +0,0 @@
-/*
- *  An 32-bit implementation of the XTEA algorithm
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_XTEA_C)
-
-#include "mbedtls/xtea.h"
-#include "mbedtls/platform_util.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_XTEA_ALT)
-
-/*
- * 32-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i)                            \
-{                                                       \
-    (n) = ( (uint32_t) (b)[(i)    ] << 24 )             \
-        | ( (uint32_t) (b)[(i) + 1] << 16 )             \
-        | ( (uint32_t) (b)[(i) + 2] <<  8 )             \
-        | ( (uint32_t) (b)[(i) + 3]       );            \
-}
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i)                            \
-{                                                       \
-    (b)[(i)    ] = (unsigned char) ( (n) >> 24 );       \
-    (b)[(i) + 1] = (unsigned char) ( (n) >> 16 );       \
-    (b)[(i) + 2] = (unsigned char) ( (n) >>  8 );       \
-    (b)[(i) + 3] = (unsigned char) ( (n)       );       \
-}
-#endif
-
-void mbedtls_xtea_init( mbedtls_xtea_context *ctx )
-{
-    memset( ctx, 0, sizeof( mbedtls_xtea_context ) );
-}
-
-void mbedtls_xtea_free( mbedtls_xtea_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_xtea_context ) );
-}
-
-/*
- * XTEA key schedule
- */
-void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] )
-{
-    int i;
-
-    memset( ctx, 0, sizeof(mbedtls_xtea_context) );
-
-    for( i = 0; i < 4; i++ )
-    {
-        GET_UINT32_BE( ctx->k[i], key, i << 2 );
-    }
-}
-
-/*
- * XTEA encrypt function
- */
-int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx, int mode,
-                    const unsigned char input[8], unsigned char output[8])
-{
-    uint32_t *k, v0, v1, i;
-
-    k = ctx->k;
-
-    GET_UINT32_BE( v0, input, 0 );
-    GET_UINT32_BE( v1, input, 4 );
-
-    if( mode == MBEDTLS_XTEA_ENCRYPT )
-    {
-        uint32_t sum = 0, delta = 0x9E3779B9;
-
-        for( i = 0; i < 32; i++ )
-        {
-            v0 += (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
-            sum += delta;
-            v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
-        }
-    }
-    else /* MBEDTLS_XTEA_DECRYPT */
-    {
-        uint32_t delta = 0x9E3779B9, sum = delta * 32;
-
-        for( i = 0; i < 32; i++ )
-        {
-            v1 -= (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
-            sum -= delta;
-            v0 -= (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
-        }
-    }
-
-    PUT_UINT32_BE( v0, output, 0 );
-    PUT_UINT32_BE( v1, output, 4 );
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-/*
- * XTEA-CBC buffer encryption/decryption
- */
-int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx, int mode, size_t length,
-                    unsigned char iv[8], const unsigned char *input,
-                    unsigned char *output)
-{
-    int i;
-    unsigned char temp[8];
-
-    if( length % 8 )
-        return( MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH );
-
-    if( mode == MBEDTLS_XTEA_DECRYPT )
-    {
-        while( length > 0 )
-        {
-            memcpy( temp, input, 8 );
-            mbedtls_xtea_crypt_ecb( ctx, mode, input, output );
-
-            for( i = 0; i < 8; i++ )
-                output[i] = (unsigned char)( output[i] ^ iv[i] );
-
-            memcpy( iv, temp, 8 );
-
-            input  += 8;
-            output += 8;
-            length -= 8;
-        }
-    }
-    else
-    {
-        while( length > 0 )
-        {
-            for( i = 0; i < 8; i++ )
-                output[i] = (unsigned char)( input[i] ^ iv[i] );
-
-            mbedtls_xtea_crypt_ecb( ctx, mode, output, output );
-            memcpy( iv, output, 8 );
-
-            input  += 8;
-            output += 8;
-            length -= 8;
-        }
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-#endif /* !MBEDTLS_XTEA_ALT */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/*
- * XTEA tests vectors (non-official)
- */
-
-static const unsigned char xtea_test_key[6][16] =
-{
-   { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
-     0x0c, 0x0d, 0x0e, 0x0f },
-   { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
-     0x0c, 0x0d, 0x0e, 0x0f },
-   { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
-     0x0c, 0x0d, 0x0e, 0x0f },
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00 },
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00 },
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00 }
-};
-
-static const unsigned char xtea_test_pt[6][8] =
-{
-    { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 },
-    { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
-    { 0x5a, 0x5b, 0x6e, 0x27, 0x89, 0x48, 0xd7, 0x7f },
-    { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 },
-    { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
-    { 0x70, 0xe1, 0x22, 0x5d, 0x6e, 0x4e, 0x76, 0x55 }
-};
-
-static const unsigned char xtea_test_ct[6][8] =
-{
-    { 0x49, 0x7d, 0xf3, 0xd0, 0x72, 0x61, 0x2c, 0xb5 },
-    { 0xe7, 0x8f, 0x2d, 0x13, 0x74, 0x43, 0x41, 0xd8 },
-    { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
-    { 0xa0, 0x39, 0x05, 0x89, 0xf8, 0xb8, 0xef, 0xa5 },
-    { 0xed, 0x23, 0x37, 0x5a, 0x82, 0x1a, 0x8c, 0x2d },
-    { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 }
-};
-
-/*
- * Checkup routine
- */
-int mbedtls_xtea_self_test( int verbose )
-{
-    int i, ret = 0;
-    unsigned char buf[8];
-    mbedtls_xtea_context ctx;
-
-    mbedtls_xtea_init( &ctx );
-    for( i = 0; i < 6; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  XTEA test #%d: ", i + 1 );
-
-        memcpy( buf, xtea_test_pt[i], 8 );
-
-        mbedtls_xtea_setup( &ctx, xtea_test_key[i] );
-        mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_ENCRYPT, buf, buf );
-
-        if( memcmp( buf, xtea_test_ct[i], 8 ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
-
-            ret = 1;
-            goto exit;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-exit:
-    mbedtls_xtea_free( &ctx );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_XTEA_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/.gitignore b/3rdparty/mbedtls-2.25.0/programs/.gitignore
deleted file mode 100644
index 88fb9d5..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/.gitignore
+++ /dev/null
@@ -1,66 +0,0 @@
-*/Makefile
-*.sln
-*.vcxproj
-
-aes/aescrypt2
-aes/crypt_and_hash
-hash/generic_sum
-hash/hello
-hash/md5sum
-hash/sha1sum
-hash/sha2sum
-pkey/dh_client
-pkey/dh_genprime
-pkey/dh_server
-pkey/ecdh_curve25519
-pkey/ecdsa
-pkey/gen_key
-pkey/key_app
-pkey/key_app_writer
-pkey/mpi_demo
-pkey/pk_decrypt
-pkey/pk_encrypt
-pkey/pk_sign
-pkey/pk_verify
-pkey/rsa_decrypt
-pkey/rsa_encrypt
-pkey/rsa_genkey
-pkey/rsa_sign
-pkey/rsa_sign_pss
-pkey/rsa_verify
-pkey/rsa_verify_pss
-psa/crypto_examples
-psa/key_ladder_demo
-psa/psa_constant_names
-random/gen_entropy
-random/gen_random_ctr_drbg
-random/gen_random_havege
-ssl/dtls_client
-ssl/dtls_server
-ssl/mini_client
-ssl/ssl_client1
-ssl/ssl_client2
-ssl/ssl_context_info
-ssl/ssl_fork_server
-ssl/ssl_mail_client
-ssl/ssl_pthread_server
-ssl/ssl_server
-ssl/ssl_server2
-test/benchmark
-test/cpp_dummy_build
-test/ecp-bench
-test/query_compile_time_config
-test/selftest
-test/ssl_cert_test
-test/udp_proxy
-test/zeroize
-util/pem2der
-util/strerror
-x509/cert_app
-x509/cert_req
-x509/cert_write
-x509/crl_app
-x509/req_app
-
-# generated files
-pkey/keyfile.key
diff --git a/3rdparty/mbedtls-2.25.0/programs/Makefile b/3rdparty/mbedtls-2.25.0/programs/Makefile
deleted file mode 100644
index 9cbc471..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/Makefile
+++ /dev/null
@@ -1,370 +0,0 @@
-
-# To compile on SunOS: add "-lsocket -lnsl" to LDFLAGS
-# To compile with PKCS11: add "-lpkcs11-helper" to LDFLAGS
-
-CFLAGS	?= -O2
-WARNING_CFLAGS ?= -Wall -Wextra
-WARNING_CXXFLAGS ?= -Wall -Wextra
-LDFLAGS ?=
-
-MBEDTLS_TEST_PATH:=../tests/src
-MBEDTLS_TEST_OBJS:=$(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/*.c ${MBEDTLS_TEST_PATH}/drivers/*.c))
-
-LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../tests/include -I../include -D_FILE_OFFSET_BITS=64
-LOCAL_CXXFLAGS = $(WARNING_CXXFLAGS) -I../include -D_FILE_OFFSET_BITS=64
-LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} 		\
-		-L../library 			\
-		-lmbedtls$(SHARED_SUFFIX)	\
-		-lmbedx509$(SHARED_SUFFIX)	\
-		-lmbedcrypto$(SHARED_SUFFIX)
-
-include ../3rdparty/Makefile.inc
-LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES)
-
-ifndef SHARED
-MBEDLIBS=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a
-else
-MBEDLIBS=../library/libmbedcrypto.$(DLEXT) ../library/libmbedx509.$(DLEXT) ../library/libmbedtls.$(DLEXT)
-endif
-DEP=${MBEDLIBS} ${MBEDTLS_TEST_OBJS}
-
-ifdef DEBUG
-LOCAL_CFLAGS += -g3
-endif
-
-# if we're running on Windows, build for Windows
-ifdef WINDOWS
-WINDOWS_BUILD=1
-endif
-
-ifdef WINDOWS_BUILD
-DLEXT=dll
-EXEXT=.exe
-LOCAL_LDFLAGS += -lws2_32
-ifdef SHARED
-SHARED_SUFFIX=.$(DLEXT)
-endif
-else
-DLEXT ?= so
-EXEXT=
-SHARED_SUFFIX=
-endif
-
-# Zlib shared library extensions:
-ifdef ZLIB
-LOCAL_LDFLAGS += -lz
-endif
-
-APPS = \
-	aes/aescrypt2$(EXEXT) \
-	aes/crypt_and_hash$(EXEXT) \
-	hash/generic_sum$(EXEXT) \
-	hash/hello$(EXEXT) \
-	pkey/dh_client$(EXEXT) \
-	pkey/dh_genprime$(EXEXT) \
-	pkey/dh_server$(EXEXT) \
-	pkey/ecdh_curve25519$(EXEXT) \
-	pkey/ecdsa$(EXEXT) \
-	pkey/gen_key$(EXEXT) \
-	pkey/key_app$(EXEXT) \
-	pkey/key_app_writer$(EXEXT) \
-	pkey/mpi_demo$(EXEXT) \
-	pkey/pk_decrypt$(EXEXT) \
-	pkey/pk_encrypt$(EXEXT) \
-	pkey/pk_sign$(EXEXT) \
-	pkey/pk_verify$(EXEXT) \
-	pkey/rsa_decrypt$(EXEXT) \
-	pkey/rsa_encrypt$(EXEXT) \
-	pkey/rsa_genkey$(EXEXT) \
-	pkey/rsa_sign$(EXEXT) \
-	pkey/rsa_sign_pss$(EXEXT) \
-	pkey/rsa_verify$(EXEXT) \
-	pkey/rsa_verify_pss$(EXEXT) \
-	psa/crypto_examples$(EXEXT) \
-	psa/key_ladder_demo$(EXEXT) \
-	psa/psa_constant_names$(EXEXT) \
-	random/gen_entropy$(EXEXT) \
-	random/gen_random_ctr_drbg$(EXEXT) \
-	random/gen_random_havege$(EXEXT) \
-	ssl/dtls_client$(EXEXT) \
-	ssl/dtls_server$(EXEXT) \
-	ssl/mini_client$(EXEXT) \
-	ssl/ssl_client1$(EXEXT) \
-	ssl/ssl_client2$(EXEXT) \
-	ssl/ssl_context_info$(EXEXT) \
-	ssl/ssl_fork_server$(EXEXT) \
-	ssl/ssl_mail_client$(EXEXT) \
-	ssl/ssl_server$(EXEXT) \
-	ssl/ssl_server2$(EXEXT) \
-	test/benchmark$(EXEXT) \
-	test/query_compile_time_config$(EXEXT) \
-	test/selftest$(EXEXT) \
-	test/udp_proxy$(EXEXT) \
-	test/zeroize$(EXEXT) \
-	util/pem2der$(EXEXT) \
-	util/strerror$(EXEXT) \
-	x509/cert_app$(EXEXT) \
-	x509/cert_req$(EXEXT) \
-	x509/cert_write$(EXEXT) \
-	x509/crl_app$(EXEXT) \
-	x509/req_app$(EXEXT) \
-# End of APPS
-
-ifdef PTHREAD
-APPS +=	ssl/ssl_pthread_server$(EXEXT)
-endif
-
-ifdef TEST_CPP
-APPS += test/cpp_dummy_build$(EXEXT)
-endif
-
-.SILENT:
-
-.PHONY: all clean list fuzz
-
-all: $(APPS)
-ifndef WINDOWS
-# APPS doesn't include the fuzzing programs, which aren't "normal"
-# sample or test programs, and don't build with MSVC which is
-# warning about fopen
-all: fuzz
-endif
-
-fuzz: ${MBEDTLS_TEST_OBJS}
-	$(MAKE) -C fuzz THIRDPARTY_INCLUDES=$(THIRDPARTY_INCLUDES)
-
-$(MBEDLIBS):
-	$(MAKE) -C ../library
-
-${MBEDTLS_TEST_OBJS}:
-	$(MAKE) -C ../tests mbedtls_test
-
-aes/aescrypt2$(EXEXT): aes/aescrypt2.c $(DEP)
-	echo "  CC    aes/aescrypt2.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) aes/aescrypt2.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-aes/crypt_and_hash$(EXEXT): aes/crypt_and_hash.c $(DEP)
-	echo "  CC    aes/crypt_and_hash.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) aes/crypt_and_hash.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-hash/hello$(EXEXT): hash/hello.c $(DEP)
-	echo "  CC    hash/hello.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) hash/hello.c       $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-hash/generic_sum$(EXEXT): hash/generic_sum.c $(DEP)
-	echo "  CC    hash/generic_sum.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) hash/generic_sum.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/dh_client$(EXEXT): pkey/dh_client.c $(DEP)
-	echo "  CC    pkey/dh_client.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_client.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/dh_genprime$(EXEXT): pkey/dh_genprime.c $(DEP)
-	echo "  CC    pkey/dh_genprime.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_genprime.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/dh_server$(EXEXT): pkey/dh_server.c $(DEP)
-	echo "  CC    pkey/dh_server.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_server.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/ecdh_curve25519$(EXEXT): pkey/ecdh_curve25519.c $(DEP)
-	echo "  CC    pkey/ecdh_curve25519.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/ecdh_curve25519.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/ecdsa$(EXEXT): pkey/ecdsa.c $(DEP)
-	echo "  CC    pkey/ecdsa.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/ecdsa.c       $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/gen_key$(EXEXT): pkey/gen_key.c $(DEP)
-	echo "  CC    pkey/gen_key.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/gen_key.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/key_app$(EXEXT): pkey/key_app.c $(DEP)
-	echo "  CC    pkey/key_app.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/key_app.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/key_app_writer$(EXEXT): pkey/key_app_writer.c $(DEP)
-	echo "  CC    pkey/key_app_writer.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/key_app_writer.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/mpi_demo$(EXEXT): pkey/mpi_demo.c $(DEP)
-	echo "  CC    pkey/mpi_demo.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/mpi_demo.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/pk_decrypt$(EXEXT): pkey/pk_decrypt.c $(DEP)
-	echo "  CC    pkey/pk_decrypt.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/pk_decrypt.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/pk_encrypt$(EXEXT): pkey/pk_encrypt.c $(DEP)
-	echo "  CC    pkey/pk_encrypt.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/pk_encrypt.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/pk_sign$(EXEXT): pkey/pk_sign.c $(DEP)
-	echo "  CC    pkey/pk_sign.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/pk_sign.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/pk_verify$(EXEXT): pkey/pk_verify.c $(DEP)
-	echo "  CC    pkey/pk_verify.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/pk_verify.c  $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/rsa_genkey$(EXEXT): pkey/rsa_genkey.c $(DEP)
-	echo "  CC    pkey/rsa_genkey.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_genkey.c  $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/rsa_sign$(EXEXT): pkey/rsa_sign.c $(DEP)
-	echo "  CC    pkey/rsa_sign.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_sign.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/rsa_verify$(EXEXT): pkey/rsa_verify.c $(DEP)
-	echo "  CC    pkey/rsa_verify.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_verify.c  $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/rsa_sign_pss$(EXEXT): pkey/rsa_sign_pss.c $(DEP)
-	echo "  CC    pkey/rsa_sign_pss.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_sign_pss.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/rsa_verify_pss$(EXEXT): pkey/rsa_verify_pss.c $(DEP)
-	echo "  CC    pkey/rsa_verify_pss.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_verify_pss.c  $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/rsa_decrypt$(EXEXT): pkey/rsa_decrypt.c $(DEP)
-	echo "  CC    pkey/rsa_decrypt.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_decrypt.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-pkey/rsa_encrypt$(EXEXT): pkey/rsa_encrypt.c $(DEP)
-	echo "  CC    pkey/rsa_encrypt.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_encrypt.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-psa/key_ladder_demo$(EXEXT): psa/key_ladder_demo.c $(DEP)
-	echo "  CC    psa/key_ladder_demo.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/key_ladder_demo.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-psa/psa_constant_names$(EXEXT): psa/psa_constant_names.c $(DEP)
-	echo "  CC    psa/psa_constant_names.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/psa_constant_names.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-random/gen_entropy$(EXEXT): random/gen_entropy.c $(DEP)
-	echo "  CC    random/gen_entropy.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) random/gen_entropy.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-random/gen_random_havege$(EXEXT): random/gen_random_havege.c $(DEP)
-	echo "  CC    random/gen_random_havege.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) random/gen_random_havege.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-random/gen_random_ctr_drbg$(EXEXT): random/gen_random_ctr_drbg.c $(DEP)
-	echo "  CC    random/gen_random_ctr_drbg.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) random/gen_random_ctr_drbg.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-ssl/dtls_client$(EXEXT): ssl/dtls_client.c $(DEP)
-	echo "  CC    ssl/dtls_client.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/dtls_client.c  $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-ssl/dtls_server$(EXEXT): ssl/dtls_server.c $(DEP)
-	echo "  CC    ssl/dtls_server.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/dtls_server.c  $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-ssl/ssl_client1$(EXEXT): ssl/ssl_client1.c $(DEP)
-	echo "  CC    ssl/ssl_client1.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_client1.c  $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-ssl/ssl_client2$(EXEXT): ssl/ssl_client2.c test/query_config.c $(DEP)
-	echo "  CC    ssl/ssl_client2.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_client2.c test/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-ssl/ssl_server$(EXEXT): ssl/ssl_server.c $(DEP)
-	echo "  CC    ssl/ssl_server.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_server.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-ssl/ssl_server2$(EXEXT): ssl/ssl_server2.c test/query_config.c $(DEP)
-	echo "  CC    ssl/ssl_server2.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_server2.c test/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-ssl/ssl_context_info$(EXEXT): ssl/ssl_context_info.c test/query_config.c $(DEP)
-	echo "  CC    ssl/ssl_context_info.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_context_info.c test/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-ssl/ssl_fork_server$(EXEXT): ssl/ssl_fork_server.c $(DEP)
-	echo "  CC    ssl/ssl_fork_server.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_fork_server.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-ssl/ssl_pthread_server$(EXEXT): ssl/ssl_pthread_server.c $(DEP)
-	echo "  CC    ssl/ssl_pthread_server.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_pthread_server.c   $(LOCAL_LDFLAGS) -lpthread  $(LDFLAGS) -o $@
-
-ssl/ssl_mail_client$(EXEXT): ssl/ssl_mail_client.c $(DEP)
-	echo "  CC    ssl/ssl_mail_client.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_mail_client.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-ssl/mini_client$(EXEXT): ssl/mini_client.c $(DEP)
-	echo "  CC    ssl/mini_client.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/mini_client.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test/benchmark$(EXEXT): test/benchmark.c $(DEP)
-	echo "  CC    test/benchmark.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/benchmark.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test/cpp_dummy_build$(EXEXT): test/cpp_dummy_build.cpp $(DEP)
-	echo "  CXX   test/cpp_dummy_build.cpp"
-	$(CXX) $(LOCAL_CXXFLAGS) $(CXXFLAGS) test/cpp_dummy_build.cpp   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test/selftest$(EXEXT): test/selftest.c $(DEP)
-	echo "  CC    test/selftest.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/selftest.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test/udp_proxy$(EXEXT): test/udp_proxy.c $(DEP)
-	echo "  CC    test/udp_proxy.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/udp_proxy.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test/zeroize$(EXEXT): test/zeroize.c $(DEP)
-	echo "  CC    test/zeroize.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/zeroize.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-test/query_compile_time_config$(EXEXT): test/query_compile_time_config.c test/query_config.c $(DEP)
-	echo "  CC    test/query_compile_time_config.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/query_compile_time_config.c test/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-util/pem2der$(EXEXT): util/pem2der.c $(DEP)
-	echo "  CC    util/pem2der.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) util/pem2der.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-util/strerror$(EXEXT): util/strerror.c $(DEP)
-	echo "  CC    util/strerror.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) util/strerror.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-x509/cert_app$(EXEXT): x509/cert_app.c $(DEP)
-	echo "  CC    x509/cert_app.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/cert_app.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-x509/cert_write$(EXEXT): x509/cert_write.c $(DEP)
-	echo "  CC    x509/cert_write.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/cert_write.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-x509/crl_app$(EXEXT): x509/crl_app.c $(DEP)
-	echo "  CC    x509/crl_app.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/crl_app.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-x509/cert_req$(EXEXT): x509/cert_req.c $(DEP)
-	echo "  CC    x509/cert_req.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/cert_req.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-x509/req_app$(EXEXT): x509/req_app.c $(DEP)
-	echo "  CC    x509/req_app.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/req_app.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-psa/crypto_examples$(EXEXT): psa/crypto_examples.c $(DEP)
-	echo "  CC    psa/crypto_examples.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/crypto_examples.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-clean:
-ifndef WINDOWS
-	rm -f $(APPS)
-	-rm -f ssl/ssl_pthread_server$(EXEXT)
-	-rm -f test/cpp_dummy_build$(EXEXT)
-else
-	if exist *.o del /Q /F *.o
-	if exist *.exe del /Q /F *.exe
-endif
-	$(MAKE) -C fuzz clean
-
-list:
-	echo $(APPS)
diff --git a/3rdparty/mbedtls-2.25.0/programs/README.md b/3rdparty/mbedtls-2.25.0/programs/README.md
deleted file mode 100644
index d26349d..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/README.md
+++ /dev/null
@@ -1,123 +0,0 @@
-Mbed TLS sample programs
-========================
-
-This subdirectory mostly contains sample programs that illustrate specific features of the library, as well as a few test and support programs.
-
-## Symmetric cryptography (AES) examples
-
-* [`aes/aescrypt2.c`](aes/aescrypt2.c): file encryption and authentication with a key derived from a low-entropy secret, demonstrating the low-level AES interface, the digest interface and HMAC.  
-  Warning: this program illustrates how to use low-level functions in the library. It should not be taken as an example of how to build a secure encryption mechanism. To derive a key from a low-entropy secret such as a password, use a standard key stretching mechanism such as PBKDF2 (provided by the `pkcs5` module). To encrypt and authenticate data, use a standard mode such as GCM or CCM (both available as library module).
-
-* [`aes/crypt_and_hash.c`](aes/crypt_and_hash.c): file encryption and authentication, demonstrating the generic cipher interface and the generic hash interface.
-
-## Hash (digest) examples
-
-* [`hash/generic_sum.c`](hash/generic_sum.c): file hash calculator and verifier, demonstrating the message digest (`md`) interface.
-
-* [`hash/hello.c`](hash/hello.c): hello-world program for MD5.
-
-## Public-key cryptography examples
-
-### Generic public-key cryptography (`pk`) examples
-
-* [`pkey/gen_key.c`](pkey/gen_key.c): generates a key for any of the supported public-key algorithms (RSA or ECC) and writes it to a file that can be used by the other pk sample programs.
-
-* [`pkey/key_app.c`](pkey/key_app.c): loads a PEM or DER public key or private key file and dumps its content.
-
-* [`pkey/key_app_writer.c`](pkey/key_app_writer.c): loads a PEM or DER public key or private key file and writes it to a new PEM or DER file.
-
-* [`pkey/pk_encrypt.c`](pkey/pk_encrypt.c), [`pkey/pk_decrypt.c`](pkey/pk_decrypt.c): loads a PEM or DER public/private key file and uses the key to encrypt/decrypt a short string through the generic public-key interface.
-
-* [`pkey/pk_sign.c`](pkey/pk_sign.c), [`pkey/pk_verify.c`](pkey/pk_verify.c): loads a PEM or DER private/public key file and uses the key to sign/verify a short string.
-
-### ECDSA and RSA signature examples
-
-* [`pkey/ecdsa.c`](pkey/ecdsa.c): generates an ECDSA key, signs a fixed message and verifies the signature.
-
-* [`pkey/rsa_encrypt.c`](pkey/rsa_encrypt.c), [`pkey/rsa_decrypt.c`](pkey/rsa_decrypt.c): loads an RSA public/private key and uses it to encrypt/decrypt a short string through the low-level RSA interface.
-
-* [`pkey/rsa_genkey.c`](pkey/rsa_genkey.c): generates an RSA key and writes it to a file that can be used with the other RSA sample programs.
-
-* [`pkey/rsa_sign.c`](pkey/rsa_sign.c), [`pkey/rsa_verify.c`](pkey/rsa_verify.c): loads an RSA private/public key and uses it to sign/verify a short string with the RSA PKCS#1 v1.5 algorithm.
-
-* [`pkey/rsa_sign_pss.c`](pkey/rsa_sign_pss.c), [`pkey/rsa_verify_pss.c`](pkey/rsa_verify_pss.c): loads an RSA private/public key and uses it to sign/verify a short string with the RSASSA-PSS algorithm.
-
-### Diffie-Hellman key exchange examples
-
-* [`pkey/dh_client.c`](pkey/dh_client.c), [`pkey/dh_server.c`](pkey/dh_server.c): secure channel demonstrators (client, server). This pair of programs illustrates how to set up a secure channel using RSA for authentication and Diffie-Hellman to generate a shared AES session key.
-
-* [`pkey/ecdh_curve25519.c`](pkey/ecdh_curve25519.c): demonstration of a elliptic curve Diffie-Hellman (ECDH) key agreement.
-
-### Bignum (`mpi`) usage examples
-
-* [`pkey/dh_genprime.c`](pkey/dh_genprime.c): shows how to use the bignum (`mpi`) interface to generate Diffie-Hellman parameters.
-
-* [`pkey/mpi_demo.c`](pkey/mpi_demo.c): demonstrates operations on big integers.
-
-## Random number generator (RNG) examples
-
-* [`random/gen_entropy.c`](random/gen_entropy.c): shows how to use the default entropy sources to generate random data.  
-  Note: most applications should only use the entropy generator to seed a cryptographic pseudorandom generator, as illustrated by `random/gen_random_ctr_drbg.c`.
-
-* [`random/gen_random_ctr_drbg.c`](random/gen_random_ctr_drbg.c): shows how to use the default entropy sources to seed a pseudorandom generator, and how to use the resulting random generator to generate random data.
-
-* [`random/gen_random_havege.c`](random/gen_random_havege.c): demonstrates the HAVEGE entropy collector.
-
-## SSL/TLS examples
-
-### SSL/TLS sample applications
-
-* [`ssl/dtls_client.c`](ssl/dtls_client.c): a simple DTLS client program, which sends one datagram to the server and reads one datagram in response.
-
-* [`ssl/dtls_server.c`](ssl/dtls_server.c): a simple DTLS server program, which expects one datagram from the client and writes one datagram in response. This program supports DTLS cookies for hello verification.
-
-* [`ssl/mini_client.c`](ssl/mini_client.c): a minimalistic SSL client, which sends a short string and disconnects. This is primarily intended as a benchmark; for a better example of a typical TLS client, see `ssl/ssl_client1.c`.
-
-* [`ssl/ssl_client1.c`](ssl/ssl_client1.c): a simple HTTPS client that sends a fixed request and displays the response.
-
-* [`ssl/ssl_fork_server.c`](ssl/ssl_fork_server.c): a simple HTTPS server using one process per client to send a fixed response. This program requires a Unix/POSIX environment implementing the `fork` system call.
-
-* [`ssl/ssl_mail_client.c`](ssl/ssl_mail_client.c): a simple SMTP-over-TLS or SMTP-STARTTLS client. This client sends an email with fixed content.
-
-* [`ssl/ssl_pthread_server.c`](ssl/ssl_pthread_server.c): a simple HTTPS server using one thread per client to send a fixed response. This program requires the pthread library.
-
-* [`ssl/ssl_server.c`](ssl/ssl_server.c): a simple HTTPS server that sends a fixed response. It serves a single client at a time.
-
-### SSL/TLS feature demonstrators
-
-Note: unlike most of the other programs under the `programs/` directory, these two programs are not intended as a basis for writing an application. They combine most of the features supported by the library, and most applications require only a few features. To write a new application, we recommended that you start with `ssl_client1.c` or `ssl_server.c`, and then look inside `ssl/ssl_client2.c` or `ssl/ssl_server2.c` to see how to use the specific features that your application needs.
-
-* [`ssl/ssl_client2.c`](ssl/ssl_client2.c): an HTTPS client that sends a fixed request and displays the response, with options to select TLS protocol features and Mbed TLS library features.
-
-* [`ssl/ssl_server2.c`](ssl/ssl_server2.c): an HTTPS server that sends a fixed response, with options to select TLS protocol features and Mbed TLS library features.
-
-In addition to providing options for testing client-side features, the `ssl_client2` program has options that allow you to trigger certain behaviors in the server. For example, there are options to select ciphersuites, or to force a renegotiation. These options are useful for testing the corresponding features in a TLS server. Likewise, `ssl_server2` has options to activate certain behaviors that are useful for testing a TLS client.
-
-## Test utilities
-
-* [`test/benchmark.c`](test/benchmark.c): benchmark for cryptographic algorithms.
-
-* [`test/selftest.c`](test/selftest.c): runs the self-test function in each library module.
-
-* [`test/udp_proxy.c`](test/udp_proxy.c): a UDP proxy that can inject certain failures (delay, duplicate, drop). Useful for testing DTLS.
-
-* [`test/zeroize.c`](test/zeroize.c): a test program for `mbedtls_platform_zeroize`, used by [`tests/scripts/test_zeroize.gdb`](tests/scripts/test_zeroize.gdb).
-
-## Development utilities
-
-* [`util/pem2der.c`](util/pem2der.c): a PEM to DER converter. Mbed TLS can read PEM files directly, but this utility can be useful for interacting with other tools or with minimal Mbed TLS builds that lack PEM support.
-
-* [`util/strerror.c`](util/strerror.c): prints the error description corresponding to an integer status returned by an Mbed TLS function.
-
-## X.509 certificate examples
-
-* [`x509/cert_app.c`](x509/cert_app.c): connects to a TLS server and verifies its certificate chain.
-
-* [`x509/cert_req.c`](x509/cert_req.c): generates a certificate signing request (CSR) for a private key.
-
-* [`x509/cert_write.c`](x509/cert_write.c): signs a certificate signing request, or self-signs a certificate.
-
-* [`x509/crl_app.c`](x509/crl_app.c): loads and dumps a certificate revocation list (CRL).
-
-* [`x509/req_app.c`](x509/req_app.c): loads and dumps a certificate signing request (CSR).
-
diff --git a/3rdparty/mbedtls-2.25.0/programs/aes/CMakeLists.txt b/3rdparty/mbedtls-2.25.0/programs/aes/CMakeLists.txt
deleted file mode 100644
index 6b8ce2a..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/aes/CMakeLists.txt
+++ /dev/null
@@ -1,13 +0,0 @@
-set(executables
-    aescrypt2
-    crypt_and_hash
-)
-
-foreach(exe IN LISTS executables)
-    add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
-    target_link_libraries(${exe} ${mbedcrypto_target})
-endforeach()
-
-install(TARGETS ${executables}
-        DESTINATION "bin"
-        PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/3rdparty/mbedtls-2.25.0/programs/aes/aescrypt2.c b/3rdparty/mbedtls-2.25.0/programs/aes/aescrypt2.c
deleted file mode 100644
index 95d64d9..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/aes/aescrypt2.c
+++ /dev/null
@@ -1,468 +0,0 @@
-/*
- *  AES-256 file encryption program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/* Enable definition of fileno() even when compiling with -std=c99. Must be
- * set before config.h, which pulls in glibc's features.h indirectly.
- * Harmless on other platforms. */
-#define _POSIX_C_SOURCE 200112L
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_fprintf         fprintf
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#include "mbedtls/aes.h"
-#include "mbedtls/md.h"
-#include "mbedtls/platform_util.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#if defined(_WIN32)
-#include <windows.h>
-#if !defined(_WIN32_WCE)
-#include <io.h>
-#endif
-#else
-#include <sys/types.h>
-#include <unistd.h>
-#endif
-
-#define MODE_ENCRYPT    0
-#define MODE_DECRYPT    1
-
-#define USAGE   \
-    "\n  aescrypt2 <mode> <input filename> <output filename> <key>\n" \
-    "\n   <mode>: 0 = encrypt, 1 = decrypt\n" \
-    "\n  example: aescrypt2 0 file file.aes hex:E76B2413958B00E193\n" \
-    "\n"
-
-#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_SHA256_C) || \
-    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_MD_C)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_SHA256_C "
-                    "and/or MBEDTLS_FS_IO and/or MBEDTLS_MD_C "
-                    "not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-
-int main( int argc, char *argv[] )
-{
-    int ret = 0;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-
-    unsigned int i, n;
-    int mode, lastn;
-    size_t keylen;
-    FILE *fkey, *fin = NULL, *fout = NULL;
-
-    char *p;
-
-    unsigned char IV[16];
-    unsigned char tmp[16];
-    unsigned char key[512];
-    unsigned char digest[64];
-    unsigned char buffer[1024];
-    unsigned char diff;
-
-    mbedtls_aes_context aes_ctx;
-    mbedtls_md_context_t sha_ctx;
-
-#if defined(_WIN32_WCE)
-    long filesize, offset;
-#elif defined(_WIN32)
-       LARGE_INTEGER li_size;
-    __int64 filesize, offset;
-#else
-      off_t filesize, offset;
-#endif
-
-    mbedtls_aes_init( &aes_ctx );
-    mbedtls_md_init( &sha_ctx );
-
-    ret = mbedtls_md_setup( &sha_ctx, mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ), 1 );
-    if( ret != 0 )
-    {
-        mbedtls_printf( "  ! mbedtls_md_setup() returned -0x%04x\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-    /*
-     * Parse the command-line arguments.
-     */
-    if( argc != 5 )
-    {
-        mbedtls_printf( USAGE );
-
-#if defined(_WIN32)
-        mbedtls_printf( "\n  Press Enter to exit this program.\n" );
-        fflush( stdout ); getchar();
-#endif
-
-        goto exit;
-    }
-
-    mode = atoi( argv[1] );
-    memset( IV,     0, sizeof( IV ) );
-    memset( key,    0, sizeof( key ) );
-    memset( digest, 0, sizeof( digest ) );
-    memset( buffer, 0, sizeof( buffer ) );
-
-    if( mode != MODE_ENCRYPT && mode != MODE_DECRYPT )
-    {
-        mbedtls_fprintf( stderr, "invalide operation mode\n" );
-        goto exit;
-    }
-
-    if( strcmp( argv[2], argv[3] ) == 0 )
-    {
-        mbedtls_fprintf( stderr, "input and output filenames must differ\n" );
-        goto exit;
-    }
-
-    if( ( fin = fopen( argv[2], "rb" ) ) == NULL )
-    {
-        mbedtls_fprintf( stderr, "fopen(%s,rb) failed\n", argv[2] );
-        goto exit;
-    }
-
-    if( ( fout = fopen( argv[3], "wb+" ) ) == NULL )
-    {
-        mbedtls_fprintf( stderr, "fopen(%s,wb+) failed\n", argv[3] );
-        goto exit;
-    }
-
-    /*
-     * Read the secret key from file or command line
-     */
-    if( ( fkey = fopen( argv[4], "rb" ) ) != NULL )
-    {
-        keylen = fread( key, 1, sizeof( key ), fkey );
-        fclose( fkey );
-    }
-    else
-    {
-        if( memcmp( argv[4], "hex:", 4 ) == 0 )
-        {
-            p = &argv[4][4];
-            keylen = 0;
-
-            while( sscanf( p, "%02X", &n ) > 0 &&
-                   keylen < (int) sizeof( key ) )
-            {
-                key[keylen++] = (unsigned char) n;
-                p += 2;
-            }
-        }
-        else
-        {
-            keylen = strlen( argv[4] );
-
-            if( keylen > (int) sizeof( key ) )
-                keylen = (int) sizeof( key );
-
-            memcpy( key, argv[4], keylen );
-        }
-    }
-
-#if defined(_WIN32_WCE)
-    filesize = fseek( fin, 0L, SEEK_END );
-#else
-#if defined(_WIN32)
-    /*
-     * Support large files (> 2Gb) on Win32
-     */
-    li_size.QuadPart = 0;
-    li_size.LowPart  =
-        SetFilePointer( (HANDLE) _get_osfhandle( _fileno( fin ) ),
-                        li_size.LowPart, &li_size.HighPart, FILE_END );
-
-    if( li_size.LowPart == 0xFFFFFFFF && GetLastError() != NO_ERROR )
-    {
-        mbedtls_fprintf( stderr, "SetFilePointer(0,FILE_END) failed\n" );
-        goto exit;
-    }
-
-    filesize = li_size.QuadPart;
-#else
-    if( ( filesize = lseek( fileno( fin ), 0, SEEK_END ) ) < 0 )
-    {
-        perror( "lseek" );
-        goto exit;
-    }
-#endif
-#endif
-
-    if( fseek( fin, 0, SEEK_SET ) < 0 )
-    {
-        mbedtls_fprintf( stderr, "fseek(0,SEEK_SET) failed\n" );
-        goto exit;
-    }
-
-    if( mode == MODE_ENCRYPT )
-    {
-        /*
-         * Generate the initialization vector as:
-         * IV = SHA-256( filesize || filename )[0..15]
-         */
-        for( i = 0; i < 8; i++ )
-            buffer[i] = (unsigned char)( filesize >> ( i << 3 ) );
-
-        p = argv[2];
-
-        mbedtls_md_starts( &sha_ctx );
-        mbedtls_md_update( &sha_ctx, buffer, 8 );
-        mbedtls_md_update( &sha_ctx, (unsigned char *) p, strlen( p ) );
-        mbedtls_md_finish( &sha_ctx, digest );
-
-        memcpy( IV, digest, 16 );
-
-        /*
-         * The last four bits in the IV are actually used
-         * to store the file size modulo the AES block size.
-         */
-        lastn = (int)( filesize & 0x0F );
-
-        IV[15] = (unsigned char)
-            ( ( IV[15] & 0xF0 ) | lastn );
-
-        /*
-         * Append the IV at the beginning of the output.
-         */
-        if( fwrite( IV, 1, 16, fout ) != 16 )
-        {
-            mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 );
-            goto exit;
-        }
-
-        /*
-         * Hash the IV and the secret key together 8192 times
-         * using the result to setup the AES context and HMAC.
-         */
-        memset( digest, 0,  32 );
-        memcpy( digest, IV, 16 );
-
-        for( i = 0; i < 8192; i++ )
-        {
-            mbedtls_md_starts( &sha_ctx );
-            mbedtls_md_update( &sha_ctx, digest, 32 );
-            mbedtls_md_update( &sha_ctx, key, keylen );
-            mbedtls_md_finish( &sha_ctx, digest );
-        }
-
-        mbedtls_aes_setkey_enc( &aes_ctx, digest, 256 );
-        mbedtls_md_hmac_starts( &sha_ctx, digest, 32 );
-
-        /*
-         * Encrypt and write the ciphertext.
-         */
-        for( offset = 0; offset < filesize; offset += 16 )
-        {
-            n = ( filesize - offset > 16 ) ? 16 : (int)
-                ( filesize - offset );
-
-            if( fread( buffer, 1, n, fin ) != (size_t) n )
-            {
-                mbedtls_fprintf( stderr, "fread(%u bytes) failed\n", n );
-                goto exit;
-            }
-
-            for( i = 0; i < 16; i++ )
-                buffer[i] = (unsigned char)( buffer[i] ^ IV[i] );
-
-            mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, buffer, buffer );
-            mbedtls_md_hmac_update( &sha_ctx, buffer, 16 );
-
-            if( fwrite( buffer, 1, 16, fout ) != 16 )
-            {
-                mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 );
-                goto exit;
-            }
-
-            memcpy( IV, buffer, 16 );
-        }
-
-        /*
-         * Finally write the HMAC.
-         */
-        mbedtls_md_hmac_finish( &sha_ctx, digest );
-
-        if( fwrite( digest, 1, 32, fout ) != 32 )
-        {
-            mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 );
-            goto exit;
-        }
-    }
-
-    if( mode == MODE_DECRYPT )
-    {
-        /*
-         *  The encrypted file must be structured as follows:
-         *
-         *        00 .. 15              Initialization Vector
-         *        16 .. 31              AES Encrypted Block #1
-         *           ..
-         *      N*16 .. (N+1)*16 - 1    AES Encrypted Block #N
-         *  (N+1)*16 .. (N+1)*16 + 32   HMAC-SHA-256(ciphertext)
-         */
-        if( filesize < 48 )
-        {
-            mbedtls_fprintf( stderr, "File too short to be encrypted.\n" );
-            goto exit;
-        }
-
-        if( ( filesize & 0x0F ) != 0 )
-        {
-            mbedtls_fprintf( stderr, "File size not a multiple of 16.\n" );
-            goto exit;
-        }
-
-        /*
-         * Subtract the IV + HMAC length.
-         */
-        filesize -= ( 16 + 32 );
-
-        /*
-         * Read the IV and original filesize modulo 16.
-         */
-        if( fread( buffer, 1, 16, fin ) != 16 )
-        {
-            mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", 16 );
-            goto exit;
-        }
-
-        memcpy( IV, buffer, 16 );
-        lastn = IV[15] & 0x0F;
-
-        /*
-         * Hash the IV and the secret key together 8192 times
-         * using the result to setup the AES context and HMAC.
-         */
-        memset( digest, 0,  32 );
-        memcpy( digest, IV, 16 );
-
-        for( i = 0; i < 8192; i++ )
-        {
-            mbedtls_md_starts( &sha_ctx );
-            mbedtls_md_update( &sha_ctx, digest, 32 );
-            mbedtls_md_update( &sha_ctx, key, keylen );
-            mbedtls_md_finish( &sha_ctx, digest );
-        }
-
-        mbedtls_aes_setkey_dec( &aes_ctx, digest, 256 );
-        mbedtls_md_hmac_starts( &sha_ctx, digest, 32 );
-
-        /*
-         * Decrypt and write the plaintext.
-         */
-        for( offset = 0; offset < filesize; offset += 16 )
-        {
-            if( fread( buffer, 1, 16, fin ) != 16 )
-            {
-                mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", 16 );
-                goto exit;
-            }
-
-            memcpy( tmp, buffer, 16 );
-
-            mbedtls_md_hmac_update( &sha_ctx, buffer, 16 );
-            mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_DECRYPT, buffer, buffer );
-
-            for( i = 0; i < 16; i++ )
-                buffer[i] = (unsigned char)( buffer[i] ^ IV[i] );
-
-            memcpy( IV, tmp, 16 );
-
-            n = ( lastn > 0 && offset == filesize - 16 )
-                ? lastn : 16;
-
-            if( fwrite( buffer, 1, n, fout ) != (size_t) n )
-            {
-                mbedtls_fprintf( stderr, "fwrite(%u bytes) failed\n", n );
-                goto exit;
-            }
-        }
-
-        /*
-         * Verify the message authentication code.
-         */
-        mbedtls_md_hmac_finish( &sha_ctx, digest );
-
-        if( fread( buffer, 1, 32, fin ) != 32 )
-        {
-            mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", 32 );
-            goto exit;
-        }
-
-        /* Use constant-time buffer comparison */
-        diff = 0;
-        for( i = 0; i < 32; i++ )
-            diff |= digest[i] ^ buffer[i];
-
-        if( diff != 0 )
-        {
-            mbedtls_fprintf( stderr, "HMAC check failed: wrong key, "
-                             "or file corrupted.\n" );
-            goto exit;
-        }
-    }
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-    if( fin )
-        fclose( fin );
-    if( fout )
-        fclose( fout );
-
-    /* Zeroize all command line arguments to also cover
-       the case when the user has missed or reordered some,
-       in which case the key might not be in argv[4]. */
-    for( i = 0; i < (unsigned int) argc; i++ )
-        mbedtls_platform_zeroize( argv[i], strlen( argv[i] ) );
-
-    mbedtls_platform_zeroize( IV,     sizeof( IV ) );
-    mbedtls_platform_zeroize( key,    sizeof( key ) );
-    mbedtls_platform_zeroize( tmp,    sizeof( tmp ) );
-    mbedtls_platform_zeroize( buffer, sizeof( buffer ) );
-    mbedtls_platform_zeroize( digest, sizeof( digest ) );
-
-    mbedtls_aes_free( &aes_ctx );
-    mbedtls_md_free( &sha_ctx );
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_AES_C && MBEDTLS_SHA256_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.25.0/programs/aes/crypt_and_hash.c b/3rdparty/mbedtls-2.25.0/programs/aes/crypt_and_hash.c
deleted file mode 100644
index 63a1248..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/aes/crypt_and_hash.c
+++ /dev/null
@@ -1,566 +0,0 @@
-/*
- *  \brief  Generic file encryption program using generic wrappers for configured
- *          security.
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/* Enable definition of fileno() even when compiling with -std=c99. Must be
- * set before config.h, which pulls in glibc's features.h indirectly.
- * Harmless on other platforms. */
-#define _POSIX_C_SOURCE 200112L
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_fprintf         fprintf
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_CIPHER_C) && defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_FS_IO)
-#include "mbedtls/cipher.h"
-#include "mbedtls/md.h"
-#include "mbedtls/platform_util.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#endif
-
-#if defined(_WIN32)
-#include <windows.h>
-#if !defined(_WIN32_WCE)
-#include <io.h>
-#endif
-#else
-#include <sys/types.h>
-#include <unistd.h>
-#endif
-
-#define MODE_ENCRYPT    0
-#define MODE_DECRYPT    1
-
-#define USAGE   \
-    "\n  crypt_and_hash <mode> <input filename> <output filename> <cipher> <mbedtls_md> <key>\n" \
-    "\n   <mode>: 0 = encrypt, 1 = decrypt\n" \
-    "\n  example: crypt_and_hash 0 file file.aes AES-128-CBC SHA1 hex:E76B2413958B00E193\n" \
-    "\n"
-
-#if !defined(MBEDTLS_CIPHER_C) || !defined(MBEDTLS_MD_C) || \
-    !defined(MBEDTLS_FS_IO)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_CIPHER_C and/or MBEDTLS_MD_C and/or MBEDTLS_FS_IO not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-
-int main( int argc, char *argv[] )
-{
-    int ret = 1, i;
-    unsigned n;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    int mode;
-    size_t keylen, ilen, olen;
-    FILE *fkey, *fin = NULL, *fout = NULL;
-
-    char *p;
-    unsigned char IV[16];
-    unsigned char key[512];
-    unsigned char digest[MBEDTLS_MD_MAX_SIZE];
-    unsigned char buffer[1024];
-    unsigned char output[1024];
-    unsigned char diff;
-
-    const mbedtls_cipher_info_t *cipher_info;
-    const mbedtls_md_info_t *md_info;
-    mbedtls_cipher_context_t cipher_ctx;
-    mbedtls_md_context_t md_ctx;
-#if defined(_WIN32_WCE)
-    long filesize, offset;
-#elif defined(_WIN32)
-       LARGE_INTEGER li_size;
-    __int64 filesize, offset;
-#else
-      off_t filesize, offset;
-#endif
-
-    mbedtls_cipher_init( &cipher_ctx );
-    mbedtls_md_init( &md_ctx );
-
-    /*
-     * Parse the command-line arguments.
-     */
-    if( argc != 7 )
-    {
-        const int *list;
-
-        mbedtls_printf( USAGE );
-
-        mbedtls_printf( "Available ciphers:\n" );
-        list = mbedtls_cipher_list();
-        while( *list )
-        {
-            cipher_info = mbedtls_cipher_info_from_type( *list );
-            mbedtls_printf( "  %s\n", cipher_info->name );
-            list++;
-        }
-
-        mbedtls_printf( "\nAvailable message digests:\n" );
-        list = mbedtls_md_list();
-        while( *list )
-        {
-            md_info = mbedtls_md_info_from_type( *list );
-            mbedtls_printf( "  %s\n", mbedtls_md_get_name( md_info ) );
-            list++;
-        }
-
-#if defined(_WIN32)
-        mbedtls_printf( "\n  Press Enter to exit this program.\n" );
-        fflush( stdout ); getchar();
-#endif
-
-        goto exit;
-    }
-
-    mode = atoi( argv[1] );
-
-    if( mode != MODE_ENCRYPT && mode != MODE_DECRYPT )
-    {
-        mbedtls_fprintf( stderr, "invalid operation mode\n" );
-        goto exit;
-    }
-
-    if( strcmp( argv[2], argv[3] ) == 0 )
-    {
-        mbedtls_fprintf( stderr, "input and output filenames must differ\n" );
-        goto exit;
-    }
-
-    if( ( fin = fopen( argv[2], "rb" ) ) == NULL )
-    {
-        mbedtls_fprintf( stderr, "fopen(%s,rb) failed\n", argv[2] );
-        goto exit;
-    }
-
-    if( ( fout = fopen( argv[3], "wb+" ) ) == NULL )
-    {
-        mbedtls_fprintf( stderr, "fopen(%s,wb+) failed\n", argv[3] );
-        goto exit;
-    }
-
-    /*
-     * Read the Cipher and MD from the command line
-     */
-    cipher_info = mbedtls_cipher_info_from_string( argv[4] );
-    if( cipher_info == NULL )
-    {
-        mbedtls_fprintf( stderr, "Cipher '%s' not found\n", argv[4] );
-        goto exit;
-    }
-    if( ( ret = mbedtls_cipher_setup( &cipher_ctx, cipher_info) ) != 0 )
-    {
-        mbedtls_fprintf( stderr, "mbedtls_cipher_setup failed\n" );
-        goto exit;
-    }
-
-    md_info = mbedtls_md_info_from_string( argv[5] );
-    if( md_info == NULL )
-    {
-        mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[5] );
-        goto exit;
-    }
-
-    if( mbedtls_md_setup( &md_ctx, md_info, 1 ) != 0 )
-    {
-        mbedtls_fprintf( stderr, "mbedtls_md_setup failed\n" );
-        goto exit;
-    }
-
-    /*
-     * Read the secret key from file or command line
-     */
-    if( ( fkey = fopen( argv[6], "rb" ) ) != NULL )
-    {
-        keylen = fread( key, 1, sizeof( key ), fkey );
-        fclose( fkey );
-    }
-    else
-    {
-        if( memcmp( argv[6], "hex:", 4 ) == 0 )
-        {
-            p = &argv[6][4];
-            keylen = 0;
-
-            while( sscanf( p, "%02X", (unsigned int*) &n ) > 0 &&
-                   keylen < (int) sizeof( key ) )
-            {
-                key[keylen++] = (unsigned char) n;
-                p += 2;
-            }
-        }
-        else
-        {
-            keylen = strlen( argv[6] );
-
-            if( keylen > (int) sizeof( key ) )
-                keylen = (int) sizeof( key );
-
-            memcpy( key, argv[6], keylen );
-        }
-    }
-
-#if defined(_WIN32_WCE)
-    filesize = fseek( fin, 0L, SEEK_END );
-#else
-#if defined(_WIN32)
-    /*
-     * Support large files (> 2Gb) on Win32
-     */
-    li_size.QuadPart = 0;
-    li_size.LowPart  =
-        SetFilePointer( (HANDLE) _get_osfhandle( _fileno( fin ) ),
-                        li_size.LowPart, &li_size.HighPart, FILE_END );
-
-    if( li_size.LowPart == 0xFFFFFFFF && GetLastError() != NO_ERROR )
-    {
-        mbedtls_fprintf( stderr, "SetFilePointer(0,FILE_END) failed\n" );
-        goto exit;
-    }
-
-    filesize = li_size.QuadPart;
-#else
-    if( ( filesize = lseek( fileno( fin ), 0, SEEK_END ) ) < 0 )
-    {
-        perror( "lseek" );
-        goto exit;
-    }
-#endif
-#endif
-
-    if( fseek( fin, 0, SEEK_SET ) < 0 )
-    {
-        mbedtls_fprintf( stderr, "fseek(0,SEEK_SET) failed\n" );
-        goto exit;
-    }
-
-    if( mode == MODE_ENCRYPT )
-    {
-        /*
-         * Generate the initialization vector as:
-         * IV = MD( filesize || filename )[0..15]
-         */
-        for( i = 0; i < 8; i++ )
-            buffer[i] = (unsigned char)( filesize >> ( i << 3 ) );
-
-        p = argv[2];
-
-        mbedtls_md_starts( &md_ctx );
-        mbedtls_md_update( &md_ctx, buffer, 8 );
-        mbedtls_md_update( &md_ctx, (unsigned char *) p, strlen( p ) );
-        mbedtls_md_finish( &md_ctx, digest );
-
-        memcpy( IV, digest, 16 );
-
-        /*
-         * Append the IV at the beginning of the output.
-         */
-        if( fwrite( IV, 1, 16, fout ) != 16 )
-        {
-            mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 );
-            goto exit;
-        }
-
-        /*
-         * Hash the IV and the secret key together 8192 times
-         * using the result to setup the AES context and HMAC.
-         */
-        memset( digest, 0,  32 );
-        memcpy( digest, IV, 16 );
-
-        for( i = 0; i < 8192; i++ )
-        {
-            mbedtls_md_starts( &md_ctx );
-            mbedtls_md_update( &md_ctx, digest, 32 );
-            mbedtls_md_update( &md_ctx, key, keylen );
-            mbedtls_md_finish( &md_ctx, digest );
-
-        }
-
-        if( mbedtls_cipher_setkey( &cipher_ctx, digest, cipher_info->key_bitlen,
-                           MBEDTLS_ENCRYPT ) != 0 )
-        {
-            mbedtls_fprintf( stderr, "mbedtls_cipher_setkey() returned error\n");
-            goto exit;
-        }
-        if( mbedtls_cipher_set_iv( &cipher_ctx, IV, 16 ) != 0 )
-        {
-            mbedtls_fprintf( stderr, "mbedtls_cipher_set_iv() returned error\n");
-            goto exit;
-        }
-        if( mbedtls_cipher_reset( &cipher_ctx ) != 0 )
-        {
-            mbedtls_fprintf( stderr, "mbedtls_cipher_reset() returned error\n");
-            goto exit;
-        }
-
-        mbedtls_md_hmac_starts( &md_ctx, digest, 32 );
-
-        /*
-         * Encrypt and write the ciphertext.
-         */
-        for( offset = 0; offset < filesize; offset += mbedtls_cipher_get_block_size( &cipher_ctx ) )
-        {
-            ilen = ( (unsigned int) filesize - offset > mbedtls_cipher_get_block_size( &cipher_ctx ) ) ?
-                mbedtls_cipher_get_block_size( &cipher_ctx ) : (unsigned int) ( filesize - offset );
-
-            if( fread( buffer, 1, ilen, fin ) != ilen )
-            {
-                mbedtls_fprintf( stderr, "fread(%ld bytes) failed\n", (long) ilen );
-                goto exit;
-            }
-
-            if( mbedtls_cipher_update( &cipher_ctx, buffer, ilen, output, &olen ) != 0 )
-            {
-                mbedtls_fprintf( stderr, "mbedtls_cipher_update() returned error\n");
-                goto exit;
-            }
-
-            mbedtls_md_hmac_update( &md_ctx, output, olen );
-
-            if( fwrite( output, 1, olen, fout ) != olen )
-            {
-                mbedtls_fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen );
-                goto exit;
-            }
-        }
-
-        if( mbedtls_cipher_finish( &cipher_ctx, output, &olen ) != 0 )
-        {
-            mbedtls_fprintf( stderr, "mbedtls_cipher_finish() returned error\n" );
-            goto exit;
-        }
-        mbedtls_md_hmac_update( &md_ctx, output, olen );
-
-        if( fwrite( output, 1, olen, fout ) != olen )
-        {
-            mbedtls_fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen );
-            goto exit;
-        }
-
-        /*
-         * Finally write the HMAC.
-         */
-        mbedtls_md_hmac_finish( &md_ctx, digest );
-
-        if( fwrite( digest, 1, mbedtls_md_get_size( md_info ), fout ) != mbedtls_md_get_size( md_info ) )
-        {
-            mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", mbedtls_md_get_size( md_info ) );
-            goto exit;
-        }
-    }
-
-    if( mode == MODE_DECRYPT )
-    {
-        /*
-         *  The encrypted file must be structured as follows:
-         *
-         *        00 .. 15              Initialization Vector
-         *        16 .. 31              Encrypted Block #1
-         *           ..
-         *      N*16 .. (N+1)*16 - 1    Encrypted Block #N
-         *  (N+1)*16 .. (N+1)*16 + n    Hash(ciphertext)
-         */
-        if( filesize < 16 + mbedtls_md_get_size( md_info ) )
-        {
-            mbedtls_fprintf( stderr, "File too short to be encrypted.\n" );
-            goto exit;
-        }
-
-        if( mbedtls_cipher_get_block_size( &cipher_ctx ) == 0 )
-        {
-            mbedtls_fprintf( stderr, "Invalid cipher block size: 0. \n" );
-            goto exit;
-        }
-
-        /*
-         * Check the file size.
-         */
-        if( cipher_info->mode != MBEDTLS_MODE_GCM &&
-            ( ( filesize - mbedtls_md_get_size( md_info ) ) %
-                mbedtls_cipher_get_block_size( &cipher_ctx ) ) != 0 )
-        {
-            mbedtls_fprintf( stderr, "File content not a multiple of the block size (%u).\n",
-                     mbedtls_cipher_get_block_size( &cipher_ctx ));
-            goto exit;
-        }
-
-        /*
-         * Subtract the IV + HMAC length.
-         */
-        filesize -= ( 16 + mbedtls_md_get_size( md_info ) );
-
-        /*
-         * Read the IV and original filesize modulo 16.
-         */
-        if( fread( buffer, 1, 16, fin ) != 16 )
-        {
-            mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", 16 );
-            goto exit;
-        }
-
-        memcpy( IV, buffer, 16 );
-
-        /*
-         * Hash the IV and the secret key together 8192 times
-         * using the result to setup the AES context and HMAC.
-         */
-        memset( digest, 0,  32 );
-        memcpy( digest, IV, 16 );
-
-        for( i = 0; i < 8192; i++ )
-        {
-            mbedtls_md_starts( &md_ctx );
-            mbedtls_md_update( &md_ctx, digest, 32 );
-            mbedtls_md_update( &md_ctx, key, keylen );
-            mbedtls_md_finish( &md_ctx, digest );
-        }
-
-        if( mbedtls_cipher_setkey( &cipher_ctx, digest, cipher_info->key_bitlen,
-                           MBEDTLS_DECRYPT ) != 0 )
-        {
-            mbedtls_fprintf( stderr, "mbedtls_cipher_setkey() returned error\n" );
-            goto exit;
-        }
-
-        if( mbedtls_cipher_set_iv( &cipher_ctx, IV, 16 ) != 0 )
-        {
-            mbedtls_fprintf( stderr, "mbedtls_cipher_set_iv() returned error\n" );
-            goto exit;
-        }
-
-        if( mbedtls_cipher_reset( &cipher_ctx ) != 0 )
-        {
-            mbedtls_fprintf( stderr, "mbedtls_cipher_reset() returned error\n" );
-            goto exit;
-        }
-
-        mbedtls_md_hmac_starts( &md_ctx, digest, 32 );
-
-        /*
-         * Decrypt and write the plaintext.
-         */
-        for( offset = 0; offset < filesize; offset += mbedtls_cipher_get_block_size( &cipher_ctx ) )
-        {
-            ilen = ( (unsigned int) filesize - offset > mbedtls_cipher_get_block_size( &cipher_ctx ) ) ?
-                mbedtls_cipher_get_block_size( &cipher_ctx ) : (unsigned int) ( filesize - offset );
-
-            if( fread( buffer, 1, ilen, fin ) != ilen )
-            {
-                mbedtls_fprintf( stderr, "fread(%u bytes) failed\n",
-                    mbedtls_cipher_get_block_size( &cipher_ctx ) );
-                goto exit;
-            }
-
-            mbedtls_md_hmac_update( &md_ctx, buffer, ilen );
-            if( mbedtls_cipher_update( &cipher_ctx, buffer, ilen, output,
-                                       &olen ) != 0 )
-            {
-                mbedtls_fprintf( stderr, "mbedtls_cipher_update() returned error\n" );
-                goto exit;
-            }
-
-            if( fwrite( output, 1, olen, fout ) != olen )
-            {
-                mbedtls_fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen );
-                goto exit;
-            }
-        }
-
-        /*
-         * Verify the message authentication code.
-         */
-        mbedtls_md_hmac_finish( &md_ctx, digest );
-
-        if( fread( buffer, 1, mbedtls_md_get_size( md_info ), fin ) != mbedtls_md_get_size( md_info ) )
-        {
-            mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", mbedtls_md_get_size( md_info ) );
-            goto exit;
-        }
-
-        /* Use constant-time buffer comparison */
-        diff = 0;
-        for( i = 0; i < mbedtls_md_get_size( md_info ); i++ )
-            diff |= digest[i] ^ buffer[i];
-
-        if( diff != 0 )
-        {
-            mbedtls_fprintf( stderr, "HMAC check failed: wrong key, "
-                             "or file corrupted.\n" );
-            goto exit;
-        }
-
-        /*
-         * Write the final block of data
-         */
-        mbedtls_cipher_finish( &cipher_ctx, output, &olen );
-
-        if( fwrite( output, 1, olen, fout ) != olen )
-        {
-            mbedtls_fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen );
-            goto exit;
-        }
-    }
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-    if( fin )
-        fclose( fin );
-    if( fout )
-        fclose( fout );
-
-    /* Zeroize all command line arguments to also cover
-       the case when the user has missed or reordered some,
-       in which case the key might not be in argv[6]. */
-    for( i = 0; i < argc; i++ )
-        mbedtls_platform_zeroize( argv[i], strlen( argv[i] ) );
-
-    mbedtls_platform_zeroize( IV,     sizeof( IV ) );
-    mbedtls_platform_zeroize( key,    sizeof( key ) );
-    mbedtls_platform_zeroize( buffer, sizeof( buffer ) );
-    mbedtls_platform_zeroize( output, sizeof( output ) );
-    mbedtls_platform_zeroize( digest, sizeof( digest ) );
-
-    mbedtls_cipher_free( &cipher_ctx );
-    mbedtls_md_free( &md_ctx );
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_CIPHER_C && MBEDTLS_MD_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/.gitignore b/3rdparty/mbedtls-2.25.0/programs/fuzz/.gitignore
deleted file mode 100644
index 6fcc004..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/fuzz/.gitignore
+++ /dev/null
@@ -1,10 +0,0 @@
-*.o
-fuzz_client
-fuzz_dtlsclient
-fuzz_dtlsserver
-fuzz_privkey
-fuzz_pubkey
-fuzz_server
-fuzz_x509crl
-fuzz_x509crt
-fuzz_x509csr
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/CMakeLists.txt b/3rdparty/mbedtls-2.25.0/programs/fuzz/CMakeLists.txt
deleted file mode 100644
index f0e5705..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/fuzz/CMakeLists.txt
+++ /dev/null
@@ -1,51 +0,0 @@
-set(libs
-    ${mbedtls_target}
-)
-
-if(USE_PKCS11_HELPER_LIBRARY)
-    set(libs ${libs} pkcs11-helper)
-endif(USE_PKCS11_HELPER_LIBRARY)
-
-if(ENABLE_ZLIB_SUPPORT)
-    set(libs ${libs} ${ZLIB_LIBRARIES})
-endif(ENABLE_ZLIB_SUPPORT)
-
-find_library(FUZZINGENGINE_LIB FuzzingEngine)
-if(FUZZINGENGINE_LIB)
-    project(fuzz CXX)
-endif()
-
-set(executables_no_common_c
-    fuzz_privkey
-    fuzz_pubkey
-    fuzz_x509crl
-    fuzz_x509crt
-    fuzz_x509csr
-)
-
-set(executables_with_common_c
-    fuzz_client
-    fuzz_dtlsclient
-    fuzz_dtlsserver
-    fuzz_server
-)
-
-foreach(exe IN LISTS executables_no_common_c executables_with_common_c)
-
-    add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
-
-    if (NOT FUZZINGENGINE_LIB)
-        target_link_libraries(${exe} ${libs})
-        set_property(TARGET ${exe} APPEND PROPERTY SOURCES onefile.c)
-    else()
-        target_link_libraries(${exe} ${libs} FuzzingEngine)
-        SET_TARGET_PROPERTIES(${exe} PROPERTIES LINKER_LANGUAGE CXX)
-    endif()
-
-    # This emulates "if ( ... IN_LIST ... )" which becomes available in CMake 3.3
-    list(FIND executables_with_common_c ${exe} exe_index)
-    if (${exe_index} GREATER -1)
-        set_property(TARGET ${exe} APPEND PROPERTY SOURCES common.c)
-    endif()
-
-endforeach()
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/Makefile b/3rdparty/mbedtls-2.25.0/programs/fuzz/Makefile
deleted file mode 100644
index fa17918..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/fuzz/Makefile
+++ /dev/null
@@ -1,74 +0,0 @@
-MBEDTLS_TEST_PATH:=../../tests/src
-MBEDTLS_TEST_OBJS:=$(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/*.c ${MBEDTLS_TEST_PATH}/drivers/*.c))
-
-LOCAL_CFLAGS = -I../../tests/include -I../../include -D_FILE_OFFSET_BITS=64
-LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS}		\
-		-L../../library			\
-		-lmbedtls$(SHARED_SUFFIX)	\
-		-lmbedx509$(SHARED_SUFFIX)	\
-		-lmbedcrypto$(SHARED_SUFFIX)
-
-LOCAL_CFLAGS += $(patsubst -I../%,-I../../%,$(THIRDPARTY_INCLUDES))
-
-ifndef SHARED
-DEP=../../library/libmbedcrypto.a ../../library/libmbedx509.a ../../library/libmbedtls.a
-else
-DEP=../../library/libmbedcrypto.$(DLEXT) ../../library/libmbedx509.$(DLEXT) ../../library/libmbedtls.$(DLEXT)
-endif
-
-
-DLEXT ?= so
-EXEXT=
-SHARED_SUFFIX=
-# python2 for POSIX since FreeBSD has only python2 as default.
-PYTHON ?= python2
-
-# Zlib shared library extensions:
-ifdef ZLIB
-LOCAL_LDFLAGS += -lz
-endif
-
-ifdef FUZZINGENGINE
-LOCAL_LDFLAGS += -lFuzzingEngine
-endif
-
-# A test application is built for each suites/test_suite_*.data file.
-# Application name is same as .data file's base name and can be
-# constructed by stripping path 'suites/' and extension .data.
-APPS = $(basename $(wildcard fuzz_*.c))
-
-# Construct executable name by adding OS specific suffix $(EXEXT).
-BINARIES := $(addsuffix $(EXEXT),$(APPS))
-
-.SILENT:
-
-.PHONY: all check test clean
-
-all: $(BINARIES)
-
-$(DEP):
-	$(MAKE) -C ../../library
-
-C_FILES := $(addsuffix .c,$(APPS))
-
-%.o: %.c
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -c $<	-o $@
-
-
-ifdef FUZZINGENGINE
-$(BINARIES): %$(EXEXT): %.o common.o $(DEP)
-	echo " $(CC) common.o $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@"
-	$(CXX) common.o $<	$(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-else
-$(BINARIES): %$(EXEXT): %.o common.o onefile.o $(DEP)
-	echo " $(CC) common.o onefile.o $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@"
-	$(CC) common.o onefile.o $<	$(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-endif
-
-clean:
-ifndef WINDOWS
-	rm -rf $(BINARIES) *.o
-else
-	if exist *.o del /Q /F *.o
-	if exist *.exe del /Q /F *.exe
-endif
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/README.md b/3rdparty/mbedtls-2.25.0/programs/fuzz/README.md
deleted file mode 100644
index b6a4333..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/fuzz/README.md
+++ /dev/null
@@ -1,68 +0,0 @@
-What is it?
-------
-
-This directory contains fuzz targets.
-Fuzz targets are simple codes using the library.
-They are used with a so-called fuzz driver, which will generate inputs, try to process them with the fuzz target, and alert in case of an unwanted behavior (such as a buffer overflow for instance).
-
-These targets were meant to be used with oss-fuzz but can be used in other contexts.
-
-This code was contributed by Philippe Antoine ( Catena cyber ).
-
-How to run?
-------
-
-To run the fuzz targets like oss-fuzz:
-```
-git clone https://github.com/google/oss-fuzz
-cd oss-fuzz
-python infra/helper.py build_image mbedtls
-python infra/helper.py build_fuzzers --sanitizer address mbedtls
-python infra/helper.py run_fuzzer mbedtls fuzz_client
-```
-You can use `undefined` sanitizer as well as `address` sanitizer.
-And you can run any of the fuzz targets like `fuzz_client`.
-
-To run the fuzz targets without oss-fuzz, you first need to install one libFuzzingEngine (libFuzzer for instance).
-Then you need to compile the code with the compiler flags of the wished sanitizer.
-```
-perl scripts/config.py set MBEDTLS_PLATFORM_TIME_ALT
-mkdir build
-cd build
-cmake ..
-make
-```
-Finally, you can run the targets like `./test/fuzz/fuzz_client`.
-
-
-Corpus generation for network trafic targets
-------
-
-These targets use network trafic as inputs :
-* client : simulates a client against (fuzzed) server traffic
-* server : simulates a server against (fuzzed) client traffic
-* dtls_client
-* dtls_server
-
-They also use the last bytes as configuration options.
-
-To generate corpus for these targets, you can do the following, not fully automated steps :
-* Build mbedtls programs ssl_server2 and ssl_client2
-* Run them one against the other with `reproducible` option turned on while capturing trafic into test.pcap
-* Extract tcp payloads, for instance with tshark : `tshark -Tfields -e tcp.dstport -e tcp.payload -r test.pcap > test.txt`
-* Run a dummy python script to output either client or server corpus file like `python dummy.py test.txt > test.cor`
-* Finally, you can add the options by appending the last bytes to the file test.cor
-
-Here is an example of dummy.py for extracting payload from client to server (if we used `tcp.dstport` in tshark command)
-```
-import sys
-import binascii
-
-f = open(sys.argv[1])
-for l in f.readlines():
-    portAndPl=l.split()
-    if len(portAndPl) == 2:
-        # determine client or server based on port
-        if portAndPl[0] == "4433":
-            print(binascii.unhexlify(portAndPl[1].replace(":","")))
-```
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/common.c b/3rdparty/mbedtls-2.25.0/programs/fuzz/common.c
deleted file mode 100644
index ac39ee2..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/fuzz/common.c
+++ /dev/null
@@ -1,96 +0,0 @@
-#include "common.h"
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include "mbedtls/ctr_drbg.h"
-
-mbedtls_time_t dummy_constant_time( mbedtls_time_t* time )
-{
-    (void) time;
-    return 0x5af2a056;
-}
-
-void dummy_init()
-{
-#if defined(MBEDTLS_PLATFORM_TIME_ALT)
-    mbedtls_platform_set_time( dummy_constant_time );
-#else
-    fprintf(stderr, "Warning: fuzzing without constant time\n");
-#endif
-}
-
-int dummy_send( void *ctx, const unsigned char *buf, size_t len )
-{
-    //silence warning about unused parameter
-    (void) ctx;
-    (void) buf;
-
-    //pretends we wrote everything ok
-    if( len > INT_MAX ) {
-        return( -1 );
-    }
-    return( (int) len );
-}
-
-int fuzz_recv( void *ctx, unsigned char *buf, size_t len )
-{
-    //reads from the buffer from fuzzer
-    fuzzBufferOffset_t * biomemfuzz = (fuzzBufferOffset_t *) ctx;
-
-    if(biomemfuzz->Offset == biomemfuzz->Size) {
-        //EOF
-        return( 0 );
-    }
-    if( len > INT_MAX ) {
-        return( -1 );
-    }
-    if( len + biomemfuzz->Offset > biomemfuzz->Size ) {
-        //do not overflow
-        len = biomemfuzz->Size - biomemfuzz->Offset;
-    }
-    memcpy(buf, biomemfuzz->Data + biomemfuzz->Offset, len);
-    biomemfuzz->Offset += len;
-    return( (int) len );
-}
-
-int dummy_random( void *p_rng, unsigned char *output, size_t output_len )
-{
-    int ret;
-    size_t i;
-
-#if defined(MBEDTLS_CTR_DRBG_C)
-    //use mbedtls_ctr_drbg_random to find bugs in it
-    ret = mbedtls_ctr_drbg_random(p_rng, output, output_len);
-#else
-    (void) p_rng;
-    ret = 0;
-#endif
-    for (i=0; i<output_len; i++) {
-        //replace result with pseudo random
-        output[i] = (unsigned char) rand();
-    }
-    return( ret );
-}
-
-int dummy_entropy( void *data, unsigned char *output, size_t len )
-{
-    size_t i;
-    (void) data;
-
-    //use mbedtls_entropy_func to find bugs in it
-    //test performance impact of entropy
-    //ret = mbedtls_entropy_func(data, output, len);
-    for (i=0; i<len; i++) {
-        //replace result with pseudo random
-        output[i] = (unsigned char) rand();
-    }
-    return( 0 );
-}
-
-int fuzz_recv_timeout( void *ctx, unsigned char *buf, size_t len,
-                      uint32_t timeout )
-{
-    (void) timeout;
-
-    return fuzz_recv(ctx, buf, len);
-}
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/common.h b/3rdparty/mbedtls-2.25.0/programs/fuzz/common.h
deleted file mode 100644
index 5586c06..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/fuzz/common.h
+++ /dev/null
@@ -1,19 +0,0 @@
-#include "mbedtls/platform_time.h"
-#include <stdint.h>
-
-typedef struct fuzzBufferOffset
-{
-    const uint8_t *Data;
-    size_t Size;
-    size_t Offset;
-} fuzzBufferOffset_t;
-
-mbedtls_time_t dummy_constant_time( mbedtls_time_t* time );
-void dummy_init();
-
-int dummy_send( void *ctx, const unsigned char *buf, size_t len );
-int fuzz_recv( void *ctx, unsigned char *buf, size_t len );
-int dummy_random( void *p_rng, unsigned char *output, size_t output_len );
-int dummy_entropy( void *data, unsigned char *output, size_t len );
-int fuzz_recv_timeout( void *ctx, unsigned char *buf, size_t len,
-                      uint32_t timeout );
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_client.c b/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_client.c
deleted file mode 100644
index 270ae8a..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_client.c
+++ /dev/null
@@ -1,177 +0,0 @@
-#include "mbedtls/ssl.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/certs.h"
-#include "common.h"
-#include <string.h>
-#include <stdlib.h>
-#include <stdint.h>
-
-
-#if defined(MBEDTLS_SSL_CLI_C) && \
-    defined(MBEDTLS_ENTROPY_C) && \
-    defined(MBEDTLS_CTR_DRBG_C)
-static int initialized = 0;
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
-static mbedtls_x509_crt cacert;
-#endif
-const char *alpn_list[3];
-
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-const unsigned char psk[] = {
-    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
-};
-const char psk_id[] = "Client_identity";
-#endif
-
-const char *pers = "fuzz_client";
-#endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
-
-
-int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-#if defined(MBEDTLS_SSL_CLI_C) && \
-    defined(MBEDTLS_ENTROPY_C) && \
-    defined(MBEDTLS_CTR_DRBG_C)
-    int ret;
-    size_t len;
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_entropy_context entropy;
-    unsigned char buf[4096];
-    fuzzBufferOffset_t biomemfuzz;
-    uint16_t options;
-
-    if (initialized == 0) {
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
-        mbedtls_x509_crt_init( &cacert );
-        if (mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem,
-                                   mbedtls_test_cas_pem_len ) != 0)
-            return 1;
-#endif
-
-        alpn_list[0] = "HTTP";
-        alpn_list[1] = "fuzzalpn";
-        alpn_list[2] = NULL;
-
-        dummy_init();
-
-        initialized = 1;
-    }
-
-    //we take 1 byte as options input
-    if (Size < 2) {
-        return 0;
-    }
-    options = (Data[Size - 2] << 8) | Data[Size - 1];
-    //Avoid warnings if compile options imply no options
-    (void) options;
-
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_config_init( &conf );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-    mbedtls_entropy_init( &entropy );
-
-    if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
-                              (const unsigned char *) pers, strlen( pers ) ) != 0 )
-        goto exit;
-
-    if( mbedtls_ssl_config_defaults( &conf,
-                                    MBEDTLS_SSL_IS_CLIENT,
-                                    MBEDTLS_SSL_TRANSPORT_STREAM,
-                                    MBEDTLS_SSL_PRESET_DEFAULT ) != 0 )
-        goto exit;
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-    if (options & 2) {
-        mbedtls_ssl_conf_psk( &conf, psk, sizeof( psk ),
-                             (const unsigned char *) psk_id, sizeof( psk_id ) - 1 );
-    }
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
-    if (options & 4) {
-        mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
-        mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
-    } else
-#endif
-    {
-        mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE );
-    }
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-    mbedtls_ssl_conf_truncated_hmac( &conf, (options & 8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED);
-#endif
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-    mbedtls_ssl_conf_extended_master_secret( &conf, (options & 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED);
-#endif
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-    mbedtls_ssl_conf_encrypt_then_mac( &conf, (options & 0x20) ? MBEDTLS_SSL_ETM_DISABLED : MBEDTLS_SSL_ETM_ENABLED);
-#endif
-#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
-    mbedtls_ssl_conf_cbc_record_splitting( &conf, (options & 0x40) ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED );
-#endif
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    mbedtls_ssl_conf_renegotiation( &conf, (options & 0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED );
-#endif
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    mbedtls_ssl_conf_session_tickets( &conf, (options & 0x100) ? MBEDTLS_SSL_SESSION_TICKETS_DISABLED : MBEDTLS_SSL_SESSION_TICKETS_ENABLED );
-#endif
-#if defined(MBEDTLS_SSL_ALPN)
-    if (options & 0x200) {
-        mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list );
-    }
-#endif
-    //There may be other options to add :
-    // mbedtls_ssl_conf_cert_profile, mbedtls_ssl_conf_sig_hashes
-
-    srand(1);
-    mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg );
-
-    if( mbedtls_ssl_setup( &ssl, &conf ) != 0 )
-        goto exit;
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
-    if ((options & 1) == 0) {
-        if( mbedtls_ssl_set_hostname( &ssl, "localhost" ) != 0 )
-            goto exit;
-    }
-#endif
-
-    biomemfuzz.Data = Data;
-    biomemfuzz.Size = Size-2;
-    biomemfuzz.Offset = 0;
-    mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL );
-
-    ret = mbedtls_ssl_handshake( &ssl );
-    if( ret == 0 )
-    {
-        //keep reading data from server until the end
-        do
-        {
-            len = sizeof( buf ) - 1;
-            ret = mbedtls_ssl_read( &ssl, buf, len );
-
-            if( ret == MBEDTLS_ERR_SSL_WANT_READ )
-                continue;
-            else if( ret <= 0 )
-                //EOF or error
-                break;
-        }
-        while( 1 );
-    }
-
-exit:
-    mbedtls_entropy_free( &entropy );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_ssl_config_free( &conf );
-    mbedtls_ssl_free( &ssl );
-
-#else
-    (void) Data;
-    (void) Size;
-#endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
-
-    return 0;
-}
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_dtlsclient.c b/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_dtlsclient.c
deleted file mode 100644
index ff258bc..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_dtlsclient.c
+++ /dev/null
@@ -1,123 +0,0 @@
-#include <string.h>
-#include <stdlib.h>
-#include <stdint.h>
-#include "common.h"
-#include "mbedtls/ssl.h"
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/certs.h"
-#include "mbedtls/timing.h"
-
-
-#if defined(MBEDTLS_SSL_CLI_C) && \
-    defined(MBEDTLS_ENTROPY_C) && \
-    defined(MBEDTLS_CTR_DRBG_C) && \
-    defined(MBEDTLS_TIMING_C)
-static int initialized = 0;
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
-static mbedtls_x509_crt cacert;
-#endif
-
-const char *pers = "fuzz_dtlsclient";
-#endif
-#endif // MBEDTLS_SSL_PROTO_DTLS
-
-
-
-int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-#if defined(MBEDTLS_SSL_PROTO_DTLS) && \
-    defined(MBEDTLS_SSL_CLI_C) && \
-    defined(MBEDTLS_ENTROPY_C) && \
-    defined(MBEDTLS_CTR_DRBG_C) && \
-    defined(MBEDTLS_TIMING_C)
-    int ret;
-    size_t len;
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_entropy_context entropy;
-    mbedtls_timing_delay_context timer;
-    unsigned char buf[4096];
-    fuzzBufferOffset_t biomemfuzz;
-
-    if (initialized == 0) {
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
-        mbedtls_x509_crt_init( &cacert );
-        if (mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem,
-                                   mbedtls_test_cas_pem_len ) != 0)
-            return 1;
-#endif
-        dummy_init();
-
-        initialized = 1;
-    }
-
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_config_init( &conf );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-    mbedtls_entropy_init( &entropy );
-
-    srand(1);
-    if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
-                              (const unsigned char *) pers, strlen( pers ) ) != 0 )
-        goto exit;
-
-    if( mbedtls_ssl_config_defaults( &conf,
-                                    MBEDTLS_SSL_IS_CLIENT,
-                                    MBEDTLS_SSL_TRANSPORT_DATAGRAM,
-                                    MBEDTLS_SSL_PRESET_DEFAULT ) != 0 )
-        goto exit;
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
-    mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
-#endif
-    mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE );
-    mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg );
-
-    if( mbedtls_ssl_setup( &ssl, &conf ) != 0 )
-        goto exit;
-
-    mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay,
-                             mbedtls_timing_get_delay );
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
-    if( mbedtls_ssl_set_hostname( &ssl, "localhost" ) != 0 )
-        goto exit;
-#endif
-
-    biomemfuzz.Data = Data;
-    biomemfuzz.Size = Size;
-    biomemfuzz.Offset = 0;
-    mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout );
-
-    ret = mbedtls_ssl_handshake( &ssl );
-    if( ret == 0 )
-    {
-        //keep reading data from server until the end
-        do
-        {
-            len = sizeof( buf ) - 1;
-            ret = mbedtls_ssl_read( &ssl, buf, len );
-
-            if( ret == MBEDTLS_ERR_SSL_WANT_READ )
-                continue;
-            else if( ret <= 0 )
-                //EOF or error
-                break;
-        }
-        while( 1 );
-    }
-
-exit:
-    mbedtls_entropy_free( &entropy );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_ssl_config_free( &conf );
-    mbedtls_ssl_free( &ssl );
-
-#else
-    (void) Data;
-    (void) Size;
-#endif
-    return 0;
-}
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_dtlsserver.c b/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_dtlsserver.c
deleted file mode 100644
index 4cde1fe..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_dtlsserver.c
+++ /dev/null
@@ -1,148 +0,0 @@
-#include <string.h>
-#include <stdlib.h>
-#include <stdint.h>
-#include "common.h"
-#include "mbedtls/ssl.h"
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/certs.h"
-#include "mbedtls/timing.h"
-#include "mbedtls/ssl_cookie.h"
-
-
-#if defined(MBEDTLS_SSL_SRV_C) && \
-    defined(MBEDTLS_ENTROPY_C) && \
-    defined(MBEDTLS_CTR_DRBG_C) && \
-    defined(MBEDTLS_TIMING_C)
-const char *pers = "fuzz_dtlsserver";
-const unsigned char client_ip[4] = {0x7F, 0, 0, 1};
-static int initialized = 0;
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
-static mbedtls_x509_crt srvcert;
-static mbedtls_pk_context pkey;
-#endif
-#endif
-#endif // MBEDTLS_SSL_PROTO_DTLS
-
-int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-#if defined(MBEDTLS_SSL_PROTO_DTLS) && \
-    defined(MBEDTLS_SSL_SRV_C) && \
-    defined(MBEDTLS_ENTROPY_C) && \
-    defined(MBEDTLS_CTR_DRBG_C) && \
-    defined(MBEDTLS_TIMING_C)
-    int ret;
-    size_t len;
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_entropy_context entropy;
-    mbedtls_timing_delay_context timer;
-    mbedtls_ssl_cookie_ctx cookie_ctx;
-    unsigned char buf[4096];
-    fuzzBufferOffset_t biomemfuzz;
-
-    if (initialized == 0) {
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
-        mbedtls_x509_crt_init( &srvcert );
-        mbedtls_pk_init( &pkey );
-        if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt,
-                                   mbedtls_test_srv_crt_len ) != 0)
-            return 1;
-        if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem,
-                                   mbedtls_test_cas_pem_len ) != 0)
-            return 1;
-        if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
-                                 mbedtls_test_srv_key_len, NULL, 0 ) != 0)
-            return 1;
-#endif
-        dummy_init();
-
-        initialized = 1;
-    }
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_config_init( &conf );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-    mbedtls_entropy_init( &entropy );
-    mbedtls_ssl_cookie_init( &cookie_ctx );
-
-    if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
-                              (const unsigned char *) pers, strlen( pers ) ) != 0 )
-        goto exit;
-
-
-    if( mbedtls_ssl_config_defaults( &conf,
-                                    MBEDTLS_SSL_IS_SERVER,
-                                    MBEDTLS_SSL_TRANSPORT_DATAGRAM,
-                                    MBEDTLS_SSL_PRESET_DEFAULT ) != 0 )
-        goto exit;
-
-
-    srand(1);
-    mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg );
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
-    mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
-    if( mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) != 0 )
-        goto exit;
-#endif
-
-    if( mbedtls_ssl_cookie_setup( &cookie_ctx, dummy_random, &ctr_drbg ) != 0 )
-        goto exit;
-
-    mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, &cookie_ctx );
-
-    if( mbedtls_ssl_setup( &ssl, &conf ) != 0 )
-        goto exit;
-
-    mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay,
-                             mbedtls_timing_get_delay );
-
-    biomemfuzz.Data = Data;
-    biomemfuzz.Size = Size;
-    biomemfuzz.Offset = 0;
-    mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout );
-    if( mbedtls_ssl_set_client_transport_id( &ssl, client_ip, sizeof(client_ip) ) != 0 )
-        goto exit;
-
-    ret = mbedtls_ssl_handshake( &ssl );
-
-    if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) {
-        biomemfuzz.Offset = ssl.next_record_offset;
-        mbedtls_ssl_session_reset( &ssl );
-        mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout );
-        if( mbedtls_ssl_set_client_transport_id( &ssl, client_ip, sizeof(client_ip) ) != 0 )
-            goto exit;
-
-        ret = mbedtls_ssl_handshake( &ssl );
-
-        if( ret == 0 )
-        {
-            //keep reading data from server until the end
-            do
-            {
-                len = sizeof( buf ) - 1;
-                ret = mbedtls_ssl_read( &ssl, buf, len );
-                if( ret == MBEDTLS_ERR_SSL_WANT_READ )
-                    continue;
-                else if( ret <= 0 )
-                    //EOF or error
-                    break;
-            }
-            while( 1 );
-        }
-    }
-
-exit:
-    mbedtls_ssl_cookie_free( &cookie_ctx );
-    mbedtls_entropy_free( &entropy );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_ssl_config_free( &conf );
-    mbedtls_ssl_free( &ssl );
-
-#else
-    (void) Data;
-    (void) Size;
-#endif
-    return 0;
-}
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_privkey.c b/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_privkey.c
deleted file mode 100644
index 6c968fd..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_privkey.c
+++ /dev/null
@@ -1,75 +0,0 @@
-#include <stdint.h>
-#include <stdlib.h>
-#include "mbedtls/pk.h"
-
-//4 Kb should be enough for every bug ;-)
-#define MAX_LEN 0x1000
-
-
-int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-#ifdef MBEDTLS_PK_PARSE_C
-    int ret;
-    mbedtls_pk_context pk;
-
-    if (Size > MAX_LEN) {
-        //only work on small inputs
-        Size = MAX_LEN;
-    }
-
-    mbedtls_pk_init( &pk );
-    ret = mbedtls_pk_parse_key( &pk, Data, Size, NULL, 0 );
-    if (ret == 0) {
-#if defined(MBEDTLS_RSA_C)
-        if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA )
-        {
-            mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
-            mbedtls_rsa_context *rsa;
-
-            mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
-            mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
-            mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
-
-            rsa = mbedtls_pk_rsa( pk );
-            if ( mbedtls_rsa_export( rsa, &N, &P, &Q, &D, &E ) != 0 ) {
-                abort();
-            }
-            if ( mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) != 0 ) {
-                abort();
-            }
-
-            mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
-            mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );
-            mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP );
-        }
-        else
-#endif
-#if defined(MBEDTLS_ECP_C)
-        if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY ||
-            mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY_DH )
-        {
-            mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk );
-            mbedtls_ecp_group_id grp_id = ecp->grp.id;
-            const mbedtls_ecp_curve_info *curve_info =
-                mbedtls_ecp_curve_info_from_grp_id( grp_id );
-
-            /* If the curve is not supported, the key should not have been
-             * accepted. */
-            if( curve_info == NULL )
-                abort( );
-        }
-        else
-#endif
-        {
-            /* The key is valid but is not of a supported type.
-             * This should not happen. */
-            abort( );
-        }
-    }
-    mbedtls_pk_free( &pk );
-#else
-    (void) Data;
-    (void) Size;
-#endif //MBEDTLS_PK_PARSE_C
-
-    return 0;
-}
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_pubkey.c b/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_pubkey.c
deleted file mode 100644
index 9e80350..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_pubkey.c
+++ /dev/null
@@ -1,75 +0,0 @@
-#include <stdint.h>
-#include <stdlib.h>
-#include "mbedtls/pk.h"
-
-int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-#ifdef MBEDTLS_PK_PARSE_C
-    int ret;
-    mbedtls_pk_context pk;
-
-    mbedtls_pk_init( &pk );
-    ret = mbedtls_pk_parse_public_key( &pk, Data, Size );
-    if (ret == 0) {
-#if defined(MBEDTLS_RSA_C)
-        if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA )
-        {
-            mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
-            mbedtls_rsa_context *rsa;
-
-            mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
-            mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
-            mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
-
-            rsa = mbedtls_pk_rsa( pk );
-            if ( mbedtls_rsa_export( rsa, &N, NULL, NULL, NULL, &E ) != 0 ) {
-                abort();
-            }
-            if ( mbedtls_rsa_export( rsa, &N, &P, &Q, &D, &E ) != MBEDTLS_ERR_RSA_BAD_INPUT_DATA ) {
-                abort();
-            }
-            if ( mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) != MBEDTLS_ERR_RSA_BAD_INPUT_DATA ) {
-                abort();
-            }
-
-            mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
-            mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );
-            mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP );
-
-        }
-        else
-#endif
-#if defined(MBEDTLS_ECP_C)
-        if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY ||
-            mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY_DH )
-        {
-            mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk );
-            mbedtls_ecp_group_id grp_id = ecp->grp.id;
-            const mbedtls_ecp_curve_info *curve_info =
-                mbedtls_ecp_curve_info_from_grp_id( grp_id );
-
-            /* If the curve is not supported, the key should not have been
-             * accepted. */
-            if( curve_info == NULL )
-                abort( );
-
-            /* It's a public key, so the private value should not have
-             * been changed from its initialization to 0. */
-            if( mbedtls_mpi_cmp_int( &ecp->d, 0 ) != 0 )
-                abort( );
-        }
-        else
-#endif
-        {
-            /* The key is valid but is not of a supported type.
-             * This should not happen. */
-            abort( );
-        }
-    }
-    mbedtls_pk_free( &pk );
-#else
-    (void) Data;
-    (void) Size;
-#endif //MBEDTLS_PK_PARSE_C
-
-    return 0;
-}
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_server.c b/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_server.c
deleted file mode 100644
index 014f386..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_server.c
+++ /dev/null
@@ -1,189 +0,0 @@
-#include "mbedtls/ssl.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/certs.h"
-#include "mbedtls/ssl_ticket.h"
-#include "common.h"
-#include <string.h>
-#include <stdlib.h>
-#include <stdint.h>
-
-
-#if defined(MBEDTLS_SSL_SRV_C) && \
-    defined(MBEDTLS_ENTROPY_C) && \
-    defined(MBEDTLS_CTR_DRBG_C)
-const char *pers = "fuzz_server";
-static int initialized = 0;
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
-static mbedtls_x509_crt srvcert;
-static mbedtls_pk_context pkey;
-#endif
-const char *alpn_list[3];
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-const unsigned char psk[] = {
-    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
-};
-const char psk_id[] = "Client_identity";
-#endif
-#endif // MBEDTLS_SSL_SRV_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C
-
-
-int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-#if defined(MBEDTLS_SSL_SRV_C) && \
-    defined(MBEDTLS_ENTROPY_C) && \
-    defined(MBEDTLS_CTR_DRBG_C)
-    int ret;
-    size_t len;
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_entropy_context entropy;
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    mbedtls_ssl_ticket_context ticket_ctx;
-#endif
-    unsigned char buf[4096];
-    fuzzBufferOffset_t biomemfuzz;
-    uint8_t options;
-
-    //we take 1 byte as options input
-    if (Size < 1) {
-        return 0;
-    }
-    options = Data[Size - 1];
-
-    if (initialized == 0) {
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
-        mbedtls_x509_crt_init( &srvcert );
-        mbedtls_pk_init( &pkey );
-        if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt,
-                                   mbedtls_test_srv_crt_len ) != 0)
-            return 1;
-        if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem,
-                                   mbedtls_test_cas_pem_len ) != 0)
-            return 1;
-        if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
-                                 mbedtls_test_srv_key_len, NULL, 0 ) != 0)
-            return 1;
-#endif
-
-        alpn_list[0] = "HTTP";
-        alpn_list[1] = "fuzzalpn";
-        alpn_list[2] = NULL;
-
-        dummy_init();
-
-        initialized = 1;
-    }
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_config_init( &conf );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-    mbedtls_entropy_init( &entropy );
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    mbedtls_ssl_ticket_init( &ticket_ctx );
-#endif
-
-    if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
-                              (const unsigned char *) pers, strlen( pers ) ) != 0 )
-        goto exit;
-
-
-    if( mbedtls_ssl_config_defaults( &conf,
-                                    MBEDTLS_SSL_IS_SERVER,
-                                    MBEDTLS_SSL_TRANSPORT_STREAM,
-                                    MBEDTLS_SSL_PRESET_DEFAULT ) != 0 )
-        goto exit;
-
-    srand(1);
-    mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg );
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
-    mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
-    if( mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) != 0 )
-        goto exit;
-#endif
-
-    mbedtls_ssl_conf_cert_req_ca_list( &conf, (options & 0x1) ? MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED : MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED );
-#if defined(MBEDTLS_SSL_ALPN)
-    if (options & 0x2) {
-        mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list );
-    }
-#endif
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    if( options & 0x4 )
-    {
-        if( mbedtls_ssl_ticket_setup( &ticket_ctx,
-                                     dummy_random, &ctr_drbg,
-                                     MBEDTLS_CIPHER_AES_256_GCM,
-                                     86400 ) != 0 )
-            goto exit;
-
-        mbedtls_ssl_conf_session_tickets_cb( &conf,
-                                            mbedtls_ssl_ticket_write,
-                                            mbedtls_ssl_ticket_parse,
-                                            &ticket_ctx );
-    }
-#endif
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-    mbedtls_ssl_conf_truncated_hmac( &conf, (options & 0x8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED);
-#endif
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-    mbedtls_ssl_conf_extended_master_secret( &conf, (options & 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED);
-#endif
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-    mbedtls_ssl_conf_encrypt_then_mac( &conf, (options & 0x20) ? MBEDTLS_SSL_ETM_ENABLED : MBEDTLS_SSL_ETM_DISABLED);
-#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-    if (options & 0x40) {
-        mbedtls_ssl_conf_psk( &conf, psk, sizeof( psk ),
-                             (const unsigned char *) psk_id, sizeof( psk_id ) - 1 );
-    }
-#endif
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    mbedtls_ssl_conf_renegotiation( &conf, (options & 0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED );
-#endif
-
-    if( mbedtls_ssl_setup( &ssl, &conf ) != 0 )
-        goto exit;
-
-    biomemfuzz.Data = Data;
-    biomemfuzz.Size = Size-1;
-    biomemfuzz.Offset = 0;
-    mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL );
-
-    mbedtls_ssl_session_reset( &ssl );
-    ret = mbedtls_ssl_handshake( &ssl );
-    if( ret == 0 )
-    {
-        //keep reading data from server until the end
-        do
-        {
-            len = sizeof( buf ) - 1;
-            ret = mbedtls_ssl_read( &ssl, buf, len );
-
-            if( ret == MBEDTLS_ERR_SSL_WANT_READ )
-                continue;
-            else if( ret <= 0 )
-                //EOF or error
-                break;
-        }
-        while( 1 );
-    }
-
-exit:
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    mbedtls_ssl_ticket_free( &ticket_ctx );
-#endif
-    mbedtls_entropy_free( &entropy );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_ssl_config_free( &conf );
-    mbedtls_ssl_free( &ssl );
-
-#else
-    (void) Data;
-    (void) Size;
-#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
-
-    return 0;
-}
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_x509crl.c b/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_x509crl.c
deleted file mode 100644
index 02f521c..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_x509crl.c
+++ /dev/null
@@ -1,22 +0,0 @@
-#include <stdint.h>
-#include "mbedtls/x509_crl.h"
-
-int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-#ifdef MBEDTLS_X509_CRL_PARSE_C
-    int ret;
-    mbedtls_x509_crl crl;
-    unsigned char buf[4096];
-
-    mbedtls_x509_crl_init( &crl );
-    ret = mbedtls_x509_crl_parse( &crl, Data, Size );
-    if (ret == 0) {
-        ret = mbedtls_x509_crl_info( (char *) buf, sizeof( buf ) - 1, " ", &crl );
-    }
-    mbedtls_x509_crl_free( &crl );
-#else
-    (void) Data;
-    (void) Size;
-#endif
-
-    return 0;
-}
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_x509crt.c b/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_x509crt.c
deleted file mode 100644
index 8f593a1..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_x509crt.c
+++ /dev/null
@@ -1,22 +0,0 @@
-#include <stdint.h>
-#include "mbedtls/x509_crt.h"
-
-int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-#ifdef MBEDTLS_X509_CRT_PARSE_C
-    int ret;
-    mbedtls_x509_crt crt;
-    unsigned char buf[4096];
-
-    mbedtls_x509_crt_init( &crt );
-    ret = mbedtls_x509_crt_parse( &crt, Data, Size );
-    if (ret == 0) {
-        ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", &crt );
-    }
-    mbedtls_x509_crt_free( &crt );
-#else
-    (void) Data;
-    (void) Size;
-#endif
-
-    return 0;
-}
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_x509csr.c b/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_x509csr.c
deleted file mode 100644
index 3cf28a6..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_x509csr.c
+++ /dev/null
@@ -1,22 +0,0 @@
-#include <stdint.h>
-#include "mbedtls/x509_csr.h"
-
-int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-#ifdef MBEDTLS_X509_CSR_PARSE_C
-    int ret;
-    mbedtls_x509_csr csr;
-    unsigned char buf[4096];
-
-    mbedtls_x509_csr_init( &csr );
-    ret = mbedtls_x509_csr_parse( &csr, Data, Size );
-    if (ret == 0) {
-        ret = mbedtls_x509_csr_info( (char *) buf, sizeof( buf ) - 1, " ", &csr );
-    }
-    mbedtls_x509_csr_free( &csr );
-#else
-    (void) Data;
-    (void) Size;
-#endif
-
-    return 0;
-}
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/onefile.c b/3rdparty/mbedtls-2.25.0/programs/fuzz/onefile.c
deleted file mode 100644
index c845149..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/fuzz/onefile.c
+++ /dev/null
@@ -1,60 +0,0 @@
-#include <stdint.h>
-#include <stdlib.h>
-#include <stdio.h>
-
-/* This file doesn't use any Mbed TLS function, but grab config.h anyway
- * in case it contains platform-specific #defines related to malloc or
- * stdio functions. */
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);
-
-int main(int argc, char** argv)
-{
-    FILE * fp;
-    uint8_t *Data;
-    size_t Size;
-
-    if (argc != 2) {
-        return 1;
-    }
-    //opens the file, get its size, and reads it into a buffer
-    fp = fopen(argv[1], "rb");
-    if (fp == NULL) {
-        return 2;
-    }
-    if (fseek(fp, 0L, SEEK_END) != 0) {
-        fclose(fp);
-        return 2;
-    }
-    Size = ftell(fp);
-    if (Size == (size_t) -1) {
-        fclose(fp);
-        return 2;
-    }
-    if (fseek(fp, 0L, SEEK_SET) != 0) {
-        fclose(fp);
-        return 2;
-    }
-    Data = malloc(Size);
-    if (Data == NULL) {
-        fclose(fp);
-        return 2;
-    }
-    if (fread(Data, Size, 1, fp) != 1) {
-        free(Data);
-        fclose(fp);
-        return 2;
-    }
-
-    //lauch fuzzer
-    LLVMFuzzerTestOneInput(Data, Size);
-    free(Data);
-    fclose(fp);
-    return 0;
-}
-
diff --git a/3rdparty/mbedtls-2.25.0/programs/hash/generic_sum.c b/3rdparty/mbedtls-2.25.0/programs/hash/generic_sum.c
deleted file mode 100644
index f73e5f8..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/hash/generic_sum.c
+++ /dev/null
@@ -1,240 +0,0 @@
-/*
- *  generic message digest layer demonstration program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_fprintf         fprintf
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_MD_C) && defined(MBEDTLS_FS_IO)
-#include "mbedtls/md.h"
-
-#include <stdio.h>
-#include <string.h>
-#endif
-
-#if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_FS_IO)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_FS_IO not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-
-static int generic_wrapper( const mbedtls_md_info_t *md_info, char *filename, unsigned char *sum )
-{
-    int ret = mbedtls_md_file( md_info, filename, sum );
-
-    if( ret == 1 )
-        mbedtls_fprintf( stderr, "failed to open: %s\n", filename );
-
-    if( ret == 2 )
-        mbedtls_fprintf( stderr, "failed to read: %s\n", filename );
-
-    return( ret );
-}
-
-static int generic_print( const mbedtls_md_info_t *md_info, char *filename )
-{
-    int i;
-    unsigned char sum[MBEDTLS_MD_MAX_SIZE];
-
-    if( generic_wrapper( md_info, filename, sum ) != 0 )
-        return( 1 );
-
-    for( i = 0; i < mbedtls_md_get_size( md_info ); i++ )
-        mbedtls_printf( "%02x", sum[i] );
-
-    mbedtls_printf( "  %s\n", filename );
-    return( 0 );
-}
-
-static int generic_check( const mbedtls_md_info_t *md_info, char *filename )
-{
-    int i;
-    size_t n;
-    FILE *f;
-    int nb_err1, nb_err2;
-    int nb_tot1, nb_tot2;
-    unsigned char sum[MBEDTLS_MD_MAX_SIZE];
-    char line[1024];
-    char diff;
-#if defined(__clang_analyzer__)
-    char buf[MBEDTLS_MD_MAX_SIZE * 2 + 1] = { };
-#else
-    char buf[MBEDTLS_MD_MAX_SIZE * 2 + 1];
-#endif
-
-    if( ( f = fopen( filename, "rb" ) ) == NULL )
-    {
-        mbedtls_printf( "failed to open: %s\n", filename );
-        return( 1 );
-    }
-
-    nb_err1 = nb_err2 = 0;
-    nb_tot1 = nb_tot2 = 0;
-
-    memset( line, 0, sizeof( line ) );
-
-    n = sizeof( line );
-
-    while( fgets( line, (int) n - 1, f ) != NULL )
-    {
-        n = strlen( line );
-
-        if( n < (size_t) 2 * mbedtls_md_get_size( md_info ) + 4 )
-        {
-            mbedtls_printf("No '%s' hash found on line.\n", mbedtls_md_get_name( md_info ));
-            continue;
-        }
-
-        if( line[2 * mbedtls_md_get_size( md_info )] != ' ' || line[2 * mbedtls_md_get_size( md_info ) + 1] != ' ' )
-        {
-            mbedtls_printf("No '%s' hash found on line.\n", mbedtls_md_get_name( md_info ));
-            continue;
-        }
-
-        if( line[n - 1] == '\n' ) { n--; line[n] = '\0'; }
-        if( line[n - 1] == '\r' ) { n--; line[n] = '\0'; }
-
-        nb_tot1++;
-
-        if( generic_wrapper( md_info, line + 2 + 2 * mbedtls_md_get_size( md_info ), sum ) != 0 )
-        {
-            nb_err1++;
-            continue;
-        }
-
-        nb_tot2++;
-
-        for( i = 0; i < mbedtls_md_get_size( md_info ); i++ )
-            sprintf( buf + i * 2, "%02x", sum[i] );
-
-        /* Use constant-time buffer comparison */
-        diff = 0;
-        for( i = 0; i < 2 * mbedtls_md_get_size( md_info ); i++ )
-            diff |= line[i] ^ buf[i];
-
-        if( diff != 0 )
-        {
-            nb_err2++;
-            mbedtls_fprintf( stderr, "wrong checksum: %s\n", line + 66 );
-        }
-
-        n = sizeof( line );
-    }
-
-    if( nb_err1 != 0 )
-    {
-        mbedtls_printf( "WARNING: %d (out of %d) input files could "
-                "not be read\n", nb_err1, nb_tot1 );
-    }
-
-    if( nb_err2 != 0 )
-    {
-        mbedtls_printf( "WARNING: %d (out of %d) computed checksums did "
-                "not match\n", nb_err2, nb_tot2 );
-    }
-
-    fclose( f );
-
-    return( nb_err1 != 0 || nb_err2 != 0 );
-}
-
-int main( int argc, char *argv[] )
-{
-    int ret = 1, i;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    const mbedtls_md_info_t *md_info;
-    mbedtls_md_context_t md_ctx;
-
-    mbedtls_md_init( &md_ctx );
-
-    if( argc == 1 )
-    {
-        const int *list;
-
-        mbedtls_printf( "print mode:  generic_sum <mbedtls_md> <file> <file> ...\n" );
-        mbedtls_printf( "check mode:  generic_sum <mbedtls_md> -c <checksum file>\n" );
-
-        mbedtls_printf( "\nAvailable message digests:\n" );
-        list = mbedtls_md_list();
-        while( *list )
-        {
-            md_info = mbedtls_md_info_from_type( *list );
-            mbedtls_printf( "  %s\n", mbedtls_md_get_name( md_info ) );
-            list++;
-        }
-
-#if defined(_WIN32)
-        mbedtls_printf( "\n  Press Enter to exit this program.\n" );
-        fflush( stdout ); getchar();
-#endif
-
-        mbedtls_exit( exit_code );
-    }
-
-    /*
-     * Read the MD from the command line
-     */
-    md_info = mbedtls_md_info_from_string( argv[1] );
-    if( md_info == NULL )
-    {
-        mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[1] );
-        mbedtls_exit( exit_code );
-    }
-    if( mbedtls_md_setup( &md_ctx, md_info, 0 ) )
-    {
-        mbedtls_fprintf( stderr, "Failed to initialize context.\n" );
-        mbedtls_exit( exit_code );
-    }
-
-    ret = 0;
-    if( argc == 4 && strcmp( "-c", argv[2] ) == 0 )
-    {
-        ret |= generic_check( md_info, argv[3] );
-        goto exit;
-    }
-
-    for( i = 2; i < argc; i++ )
-        ret |= generic_print( md_info, argv[i] );
-
-    if ( ret == 0 )
-        exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-    mbedtls_md_free( &md_ctx );
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_MD_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.25.0/programs/hash/hello.c b/3rdparty/mbedtls-2.25.0/programs/hash/hello.c
deleted file mode 100644
index 70bea42..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/hash/hello.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- *  Classic "Hello, world" demonstration program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#include <stdio.h>
-#define mbedtls_printf       printf
-#define mbedtls_exit         exit
-#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
-#endif
-
-#if defined(MBEDTLS_MD5_C)
-#include "mbedtls/md5.h"
-#endif
-
-#if !defined(MBEDTLS_MD5_C)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_MD5_C not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-
-int main( void )
-{
-    int i, ret;
-    unsigned char digest[16];
-    char str[] = "Hello, world!";
-
-    mbedtls_printf( "\n  MD5('%s') = ", str );
-
-    if( ( ret = mbedtls_md5_ret( (unsigned char *) str, 13, digest ) ) != 0 )
-        mbedtls_exit( MBEDTLS_EXIT_FAILURE );
-
-    for( i = 0; i < 16; i++ )
-        mbedtls_printf( "%02x", digest[i] );
-
-    mbedtls_printf( "\n\n" );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( MBEDTLS_EXIT_SUCCESS );
-}
-#endif /* MBEDTLS_MD5_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/dh_client.c b/3rdparty/mbedtls-2.25.0/programs/pkey/dh_client.c
deleted file mode 100644
index d6e4990..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/pkey/dh_client.c
+++ /dev/null
@@ -1,312 +0,0 @@
-/*
- *  Diffie-Hellman-Merkle key exchange (client side)
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf          printf
-#define mbedtls_time_t          time_t
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \
-    defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \
-    defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \
-    defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \
-    defined(MBEDTLS_SHA1_C)
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/aes.h"
-#include "mbedtls/dhm.h"
-#include "mbedtls/rsa.h"
-#include "mbedtls/sha1.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <stdio.h>
-#include <string.h>
-#endif
-
-#define SERVER_NAME "localhost"
-#define SERVER_PORT "11999"
-
-#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) ||     \
-    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) ||  \
-    !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) ||    \
-    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \
-    !defined(MBEDTLS_SHA1_C)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C "
-           "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
-           "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or "
-           "MBEDTLS_CTR_DRBG_C not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-
-int main( void )
-{
-    FILE *f;
-
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    size_t n, buflen;
-    mbedtls_net_context server_fd;
-
-    unsigned char *p, *end;
-    unsigned char buf[2048];
-    unsigned char hash[32];
-    const char *pers = "dh_client";
-
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_rsa_context rsa;
-    mbedtls_dhm_context dhm;
-    mbedtls_aes_context aes;
-
-    mbedtls_net_init( &server_fd );
-    mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256 );
-    mbedtls_dhm_init( &dhm );
-    mbedtls_aes_init( &aes );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-
-    /*
-     * 1. Setup the RNG
-     */
-    mbedtls_printf( "\n  . Seeding the random number generator" );
-    fflush( stdout );
-
-    mbedtls_entropy_init( &entropy );
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               strlen( pers ) ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
-        goto exit;
-    }
-
-    /*
-     * 2. Read the server's public RSA key
-     */
-    mbedtls_printf( "\n  . Reading public key from rsa_pub.txt" );
-    fflush( stdout );
-
-    if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL )
-    {
-        mbedtls_printf( " failed\n  ! Could not open rsa_pub.txt\n" \
-                "  ! Please run rsa_genkey first\n\n" );
-        goto exit;
-    }
-
-    mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
-
-    if( ( ret = mbedtls_mpi_read_file( &rsa.N, 16, f ) ) != 0 ||
-        ( ret = mbedtls_mpi_read_file( &rsa.E, 16, f ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_mpi_read_file returned %d\n\n", ret );
-        fclose( f );
-        goto exit;
-    }
-
-    rsa.len = ( mbedtls_mpi_bitlen( &rsa.N ) + 7 ) >> 3;
-
-    fclose( f );
-
-    /*
-     * 3. Initiate the connection
-     */
-    mbedtls_printf( "\n  . Connecting to tcp/%s/%s", SERVER_NAME,
-                                             SERVER_PORT );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_net_connect( &server_fd, SERVER_NAME,
-                                         SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_connect returned %d\n\n", ret );
-        goto exit;
-    }
-
-    /*
-     * 4a. First get the buffer length
-     */
-    mbedtls_printf( "\n  . Receiving the server's DH parameters" );
-    fflush( stdout );
-
-    memset( buf, 0, sizeof( buf ) );
-
-    if( ( ret = mbedtls_net_recv( &server_fd, buf, 2 ) ) != 2 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_recv returned %d\n\n", ret );
-        goto exit;
-    }
-
-    n = buflen = ( buf[0] << 8 ) | buf[1];
-    if( buflen < 1 || buflen > sizeof( buf ) )
-    {
-        mbedtls_printf( " failed\n  ! Got an invalid buffer length\n\n" );
-        goto exit;
-    }
-
-    /*
-     * 4b. Get the DHM parameters: P, G and Ys = G^Xs mod P
-     */
-    memset( buf, 0, sizeof( buf ) );
-
-    if( ( ret = mbedtls_net_recv( &server_fd, buf, n ) ) != (int) n )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_recv returned %d\n\n", ret );
-        goto exit;
-    }
-
-    p = buf, end = buf + buflen;
-
-    if( ( ret = mbedtls_dhm_read_params( &dhm, &p, end ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_dhm_read_params returned %d\n\n", ret );
-        goto exit;
-    }
-
-    if( dhm.len < 64 || dhm.len > 512 )
-    {
-        mbedtls_printf( " failed\n  ! Invalid DHM modulus size\n\n" );
-        goto exit;
-    }
-
-    /*
-     * 5. Check that the server's RSA signature matches
-     *    the SHA-256 hash of (P,G,Ys)
-     */
-    mbedtls_printf( "\n  . Verifying the server's RSA signature" );
-    fflush( stdout );
-
-    p += 2;
-
-    if( ( n = (size_t) ( end - p ) ) != rsa.len )
-    {
-        mbedtls_printf( " failed\n  ! Invalid RSA signature size\n\n" );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_sha1_ret( buf, (int)( p - 2 - buf ), hash ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_sha1_ret returned %d\n\n", ret );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC,
-                                  MBEDTLS_MD_SHA256, 0, hash, p ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret );
-        goto exit;
-    }
-
-    /*
-     * 6. Send our public value: Yc = G ^ Xc mod P
-     */
-    mbedtls_printf( "\n  . Sending own public value to server" );
-    fflush( stdout );
-
-    n = dhm.len;
-    if( ( ret = mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, n,
-                                 mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_dhm_make_public returned %d\n\n", ret );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_net_send( &server_fd, buf, n ) ) != (int) n )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_send returned %d\n\n", ret );
-        goto exit;
-    }
-
-    /*
-     * 7. Derive the shared secret: K = Ys ^ Xc mod P
-     */
-    mbedtls_printf( "\n  . Shared secret: " );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &n,
-                                 mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_dhm_calc_secret returned %d\n\n", ret );
-        goto exit;
-    }
-
-    for( n = 0; n < 16; n++ )
-        mbedtls_printf( "%02x", buf[n] );
-
-    /*
-     * 8. Setup the AES-256 decryption key
-     *
-     * This is an overly simplified example; best practice is
-     * to hash the shared secret with a random value to derive
-     * the keying material for the encryption/decryption keys,
-     * IVs and MACs.
-     */
-    mbedtls_printf( "...\n  . Receiving and decrypting the ciphertext" );
-    fflush( stdout );
-
-    mbedtls_aes_setkey_dec( &aes, buf, 256 );
-
-    memset( buf, 0, sizeof( buf ) );
-
-    if( ( ret = mbedtls_net_recv( &server_fd, buf, 16 ) ) != 16 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_recv returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_aes_crypt_ecb( &aes, MBEDTLS_AES_DECRYPT, buf, buf );
-    buf[16] = '\0';
-    mbedtls_printf( "\n  . Plaintext is \"%s\"\n\n", (char *) buf );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
-    mbedtls_net_free( &server_fd );
-
-    mbedtls_aes_free( &aes );
-    mbedtls_rsa_free( &rsa );
-    mbedtls_dhm_free( &dhm );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C &&
-          MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
-          MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/dh_genprime.c b/3rdparty/mbedtls-2.25.0/programs/pkey/dh_genprime.c
deleted file mode 100644
index a481e32..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/pkey/dh_genprime.c
+++ /dev/null
@@ -1,201 +0,0 @@
-/*
- *  Diffie-Hellman-Merkle key exchange (prime generation)
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf          printf
-#define mbedtls_time_t          time_t
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) ||   \
-    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) ||     \
-    !defined(MBEDTLS_GENPRIME)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
-           "MBEDTLS_FS_IO and/or MBEDTLS_CTR_DRBG_C and/or "
-           "MBEDTLS_GENPRIME not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-#include "mbedtls/bignum.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <stdio.h>
-#include <string.h>
-
-#define USAGE \
-    "\n usage: dh_genprime param=<>...\n"                                   \
-    "\n acceprable parameters:\n"                                           \
-    "    bits=%%d           default: 2048\n"
-
-#define DFL_BITS    2048
-
-/*
- * Note: G = 4 is always a quadratic residue mod P,
- * so it is a generator of order Q (with P = 2*Q+1).
- */
-#define GENERATOR "4"
-
-
-int main( int argc, char **argv )
-{
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    mbedtls_mpi G, P, Q;
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    const char *pers = "dh_genprime";
-    FILE *fout;
-    int nbits = DFL_BITS;
-    int i;
-    char *p, *q;
-
-    mbedtls_mpi_init( &G ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-    mbedtls_entropy_init( &entropy );
-
-    if( argc == 0 )
-    {
-    usage:
-        mbedtls_printf( USAGE );
-        goto exit;
-    }
-
-    for( i = 1; i < argc; i++ )
-    {
-        p = argv[i];
-        if( ( q = strchr( p, '=' ) ) == NULL )
-            goto usage;
-        *q++ = '\0';
-
-        if( strcmp( p, "bits" ) == 0 )
-        {
-            nbits = atoi( q );
-            if( nbits < 0 || nbits > MBEDTLS_MPI_MAX_BITS )
-                goto usage;
-        }
-        else
-            goto usage;
-    }
-
-    if( ( ret = mbedtls_mpi_read_string( &G, 10, GENERATOR ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_mpi_read_string returned %d\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( "  ! Generating large primes may take minutes!\n" );
-
-    mbedtls_printf( "\n  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               strlen( pers ) ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n  . Generating the modulus, please wait..." );
-    fflush( stdout );
-
-    /*
-     * This can take a long time...
-     */
-    if( ( ret = mbedtls_mpi_gen_prime( &P, nbits, 1,
-                               mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_mpi_gen_prime returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n  . Verifying that Q = (P-1)/2 is prime..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_mpi_sub_int( &Q, &P, 1 ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_mpi_sub_int returned %d\n\n", ret );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_mpi_div_int( &Q, NULL, &Q, 2 ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_mpi_div_int returned %d\n\n", ret );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_mpi_is_prime_ext( &Q, 50, mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_mpi_is_prime returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n  . Exporting the value in dh_prime.txt..." );
-    fflush( stdout );
-
-    if( ( fout = fopen( "dh_prime.txt", "wb+" ) ) == NULL )
-    {
-        mbedtls_printf( " failed\n  ! Could not create dh_prime.txt\n\n" );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_mpi_write_file( "P = ", &P, 16, fout ) != 0 ) ||
-        ( ret = mbedtls_mpi_write_file( "G = ", &G, 16, fout ) != 0 ) )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_mpi_write_file returned %d\n\n", ret );
-        fclose( fout );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n\n" );
-    fclose( fout );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
-    mbedtls_mpi_free( &G ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_FS_IO &&
-          MBEDTLS_CTR_DRBG_C && MBEDTLS_GENPRIME */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/dh_server.c b/3rdparty/mbedtls-2.25.0/programs/pkey/dh_server.c
deleted file mode 100644
index dccf095..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/pkey/dh_server.c
+++ /dev/null
@@ -1,335 +0,0 @@
-/*
- *  Diffie-Hellman-Merkle key exchange (server side)
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf          printf
-#define mbedtls_time_t          time_t
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \
-    defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \
-    defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \
-    defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \
-    defined(MBEDTLS_SHA1_C)
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/aes.h"
-#include "mbedtls/dhm.h"
-#include "mbedtls/rsa.h"
-#include "mbedtls/sha1.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <stdio.h>
-#include <string.h>
-#endif
-
-#define SERVER_PORT "11999"
-#define PLAINTEXT "==Hello there!=="
-
-#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) ||     \
-    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) ||  \
-    !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) ||    \
-    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \
-    !defined(MBEDTLS_SHA1_C)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C "
-           "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
-           "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or "
-           "MBEDTLS_CTR_DRBG_C not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-
-int main( void )
-{
-    FILE *f;
-
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    size_t n, buflen;
-    mbedtls_net_context listen_fd, client_fd;
-
-    unsigned char buf[2048];
-    unsigned char hash[32];
-    unsigned char buf2[2];
-    const char *pers = "dh_server";
-
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_rsa_context rsa;
-    mbedtls_dhm_context dhm;
-    mbedtls_aes_context aes;
-
-    mbedtls_mpi N, P, Q, D, E;
-
-    mbedtls_net_init( &listen_fd );
-    mbedtls_net_init( &client_fd );
-    mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256 );
-    mbedtls_dhm_init( &dhm );
-    mbedtls_aes_init( &aes );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
-    mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
-
-    /*
-     * 1. Setup the RNG
-     */
-    mbedtls_printf( "\n  . Seeding the random number generator" );
-    fflush( stdout );
-
-    mbedtls_entropy_init( &entropy );
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               strlen( pers ) ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
-        goto exit;
-    }
-
-    /*
-     * 2a. Read the server's private RSA key
-     */
-    mbedtls_printf( "\n  . Reading private key from rsa_priv.txt" );
-    fflush( stdout );
-
-    if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL )
-    {
-        mbedtls_printf( " failed\n  ! Could not open rsa_priv.txt\n" \
-                "  ! Please run rsa_genkey first\n\n" );
-        goto exit;
-    }
-
-    mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
-
-    if( ( ret = mbedtls_mpi_read_file( &N , 16, f ) ) != 0 ||
-        ( ret = mbedtls_mpi_read_file( &E , 16, f ) ) != 0 ||
-        ( ret = mbedtls_mpi_read_file( &D , 16, f ) ) != 0 ||
-        ( ret = mbedtls_mpi_read_file( &P , 16, f ) ) != 0 ||
-        ( ret = mbedtls_mpi_read_file( &Q , 16, f ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_mpi_read_file returned %d\n\n",
-                        ret );
-        fclose( f );
-        goto exit;
-    }
-    fclose( f );
-
-    if( ( ret = mbedtls_rsa_import( &rsa, &N, &P, &Q, &D, &E ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_rsa_import returned %d\n\n",
-                        ret );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_rsa_complete( &rsa ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_rsa_complete returned %d\n\n",
-                        ret );
-        goto exit;
-    }
-
-    /*
-     * 2b. Get the DHM modulus and generator
-     */
-    mbedtls_printf( "\n  . Reading DH parameters from dh_prime.txt" );
-    fflush( stdout );
-
-    if( ( f = fopen( "dh_prime.txt", "rb" ) ) == NULL )
-    {
-        mbedtls_printf( " failed\n  ! Could not open dh_prime.txt\n" \
-                "  ! Please run dh_genprime first\n\n" );
-        goto exit;
-    }
-
-    if( mbedtls_mpi_read_file( &dhm.P, 16, f ) != 0 ||
-        mbedtls_mpi_read_file( &dhm.G, 16, f ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! Invalid DH parameter file\n\n" );
-        fclose( f );
-        goto exit;
-    }
-
-    fclose( f );
-
-    /*
-     * 3. Wait for a client to connect
-     */
-    mbedtls_printf( "\n  . Waiting for a remote connection" );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_net_bind( &listen_fd, NULL, SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_bind returned %d\n\n", ret );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
-                                    NULL, 0, NULL ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_accept returned %d\n\n", ret );
-        goto exit;
-    }
-
-    /*
-     * 4. Setup the DH parameters (P,G,Ys)
-     */
-    mbedtls_printf( "\n  . Sending the server's DH parameters" );
-    fflush( stdout );
-
-    memset( buf, 0, sizeof( buf ) );
-
-    if( ( ret = mbedtls_dhm_make_params( &dhm, (int) mbedtls_mpi_size( &dhm.P ), buf, &n,
-                                 mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_dhm_make_params returned %d\n\n", ret );
-        goto exit;
-    }
-
-    /*
-     * 5. Sign the parameters and send them
-     */
-    if( ( ret = mbedtls_sha1_ret( buf, n, hash ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_sha1_ret returned %d\n\n", ret );
-        goto exit;
-    }
-
-    buf[n    ] = (unsigned char)( rsa.len >> 8 );
-    buf[n + 1] = (unsigned char)( rsa.len      );
-
-    if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256,
-                                0, hash, buf + n + 2 ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_rsa_pkcs1_sign returned %d\n\n", ret );
-        goto exit;
-    }
-
-    buflen = n + 2 + rsa.len;
-    buf2[0] = (unsigned char)( buflen >> 8 );
-    buf2[1] = (unsigned char)( buflen      );
-
-    if( ( ret = mbedtls_net_send( &client_fd, buf2, 2 ) ) != 2 ||
-        ( ret = mbedtls_net_send( &client_fd, buf, buflen ) ) != (int) buflen )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_send returned %d\n\n", ret );
-        goto exit;
-    }
-
-    /*
-     * 6. Get the client's public value: Yc = G ^ Xc mod P
-     */
-    mbedtls_printf( "\n  . Receiving the client's public value" );
-    fflush( stdout );
-
-    memset( buf, 0, sizeof( buf ) );
-
-    n = dhm.len;
-    if( ( ret = mbedtls_net_recv( &client_fd, buf, n ) ) != (int) n )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_recv returned %d\n\n", ret );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_dhm_read_public( &dhm, buf, dhm.len ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_dhm_read_public returned %d\n\n", ret );
-        goto exit;
-    }
-
-    /*
-     * 7. Derive the shared secret: K = Ys ^ Xc mod P
-     */
-    mbedtls_printf( "\n  . Shared secret: " );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &n,
-                                 mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_dhm_calc_secret returned %d\n\n", ret );
-        goto exit;
-    }
-
-    for( n = 0; n < 16; n++ )
-        mbedtls_printf( "%02x", buf[n] );
-
-    /*
-     * 8. Setup the AES-256 encryption key
-     *
-     * This is an overly simplified example; best practice is
-     * to hash the shared secret with a random value to derive
-     * the keying material for the encryption/decryption keys
-     * and MACs.
-     */
-    mbedtls_printf( "...\n  . Encrypting and sending the ciphertext" );
-    fflush( stdout );
-
-    mbedtls_aes_setkey_enc( &aes, buf, 256 );
-    memcpy( buf, PLAINTEXT, 16 );
-    mbedtls_aes_crypt_ecb( &aes, MBEDTLS_AES_ENCRYPT, buf, buf );
-
-    if( ( ret = mbedtls_net_send( &client_fd, buf, 16 ) ) != 16 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_send returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( "\n\n" );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
-    mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
-
-    mbedtls_net_free( &client_fd );
-    mbedtls_net_free( &listen_fd );
-
-    mbedtls_aes_free( &aes );
-    mbedtls_rsa_free( &rsa );
-    mbedtls_dhm_free( &dhm );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C &&
-          MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
-          MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/ecdh_curve25519.c b/3rdparty/mbedtls-2.25.0/programs/pkey/ecdh_curve25519.c
deleted file mode 100644
index 67f1363..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/pkey/ecdh_curve25519.c
+++ /dev/null
@@ -1,242 +0,0 @@
-/*
- *  Example ECDHE with Curve25519 program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_ECDH_LEGACY_CONTEXT) || \
-    !defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || \
-    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C)
-int main( void )
-{
-    mbedtls_printf( "MBEDTLS_ECDH_C and/or MBEDTLS_ECDH_LEGACY_CONTEXT and/or "
-                    "MBEDTLS_ECP_DP_CURVE25519_ENABLED and/or "
-                    "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C "
-                    "not defined\n" );
-    mbedtls_exit( 0 );
-}
-#else
-
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/ecdh.h"
-
-
-int main( int argc, char *argv[] )
-{
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    mbedtls_ecdh_context ctx_cli, ctx_srv;
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    unsigned char cli_to_srv[32], srv_to_cli[32];
-    const char pers[] = "ecdh";
-    ((void) argc);
-    ((void) argv);
-
-    mbedtls_ecdh_init( &ctx_cli );
-    mbedtls_ecdh_init( &ctx_srv );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-
-    /*
-     * Initialize random number generation
-     */
-    mbedtls_printf( "  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    mbedtls_entropy_init( &entropy );
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               sizeof pers ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * Client: initialize context and generate keypair
-     */
-    mbedtls_printf( "  . Setting up client context..." );
-    fflush( stdout );
-
-    ret = mbedtls_ecp_group_load( &ctx_cli.grp, MBEDTLS_ECP_DP_CURVE25519 );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ecp_group_load returned %d\n", ret );
-        goto exit;
-    }
-
-    ret = mbedtls_ecdh_gen_public( &ctx_cli.grp, &ctx_cli.d, &ctx_cli.Q,
-                                   mbedtls_ctr_drbg_random, &ctr_drbg );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ecdh_gen_public returned %d\n", ret );
-        goto exit;
-    }
-
-    ret = mbedtls_mpi_write_binary( &ctx_cli.Q.X, cli_to_srv, 32 );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_mpi_write_binary returned %d\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * Server: initialize context and generate keypair
-     */
-    mbedtls_printf( "  . Setting up server context..." );
-    fflush( stdout );
-
-    ret = mbedtls_ecp_group_load( &ctx_srv.grp, MBEDTLS_ECP_DP_CURVE25519 );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ecp_group_load returned %d\n", ret );
-        goto exit;
-    }
-
-    ret = mbedtls_ecdh_gen_public( &ctx_srv.grp, &ctx_srv.d, &ctx_srv.Q,
-                                   mbedtls_ctr_drbg_random, &ctr_drbg );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ecdh_gen_public returned %d\n", ret );
-        goto exit;
-    }
-
-    ret = mbedtls_mpi_write_binary( &ctx_srv.Q.X, srv_to_cli, 32 );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_mpi_write_binary returned %d\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * Server: read peer's key and generate shared secret
-     */
-    mbedtls_printf( "  . Server reading client key and computing secret..." );
-    fflush( stdout );
-
-    ret = mbedtls_mpi_lset( &ctx_srv.Qp.Z, 1 );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_mpi_lset returned %d\n", ret );
-        goto exit;
-    }
-
-    ret = mbedtls_mpi_read_binary( &ctx_srv.Qp.X, cli_to_srv, 32 );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_mpi_read_binary returned %d\n", ret );
-        goto exit;
-    }
-
-    ret = mbedtls_ecdh_compute_shared( &ctx_srv.grp, &ctx_srv.z,
-                                       &ctx_srv.Qp, &ctx_srv.d,
-                                       mbedtls_ctr_drbg_random, &ctr_drbg );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ecdh_compute_shared returned %d\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * Client: read peer's key and generate shared secret
-     */
-    mbedtls_printf( "  . Client reading server key and computing secret..." );
-    fflush( stdout );
-
-    ret = mbedtls_mpi_lset( &ctx_cli.Qp.Z, 1 );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_mpi_lset returned %d\n", ret );
-        goto exit;
-    }
-
-    ret = mbedtls_mpi_read_binary( &ctx_cli.Qp.X, srv_to_cli, 32 );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_mpi_read_binary returned %d\n", ret );
-        goto exit;
-    }
-
-    ret = mbedtls_ecdh_compute_shared( &ctx_cli.grp, &ctx_cli.z,
-                                       &ctx_cli.Qp, &ctx_cli.d,
-                                       mbedtls_ctr_drbg_random, &ctr_drbg );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ecdh_compute_shared returned %d\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * Verification: are the computed secrets equal?
-     */
-    mbedtls_printf( "  . Checking if both computed secrets are equal..." );
-    fflush( stdout );
-
-    ret = mbedtls_mpi_cmp_mpi( &ctx_cli.z, &ctx_srv.z );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ecdh_compute_shared returned %d\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_ecdh_free( &ctx_srv );
-    mbedtls_ecdh_free( &ctx_cli );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_ECDH_C && MBEDTLS_ECP_DP_CURVE25519_ENABLED &&
-          MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/ecdsa.c b/3rdparty/mbedtls-2.25.0/programs/pkey/ecdsa.c
deleted file mode 100644
index 1bbf826..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/pkey/ecdsa.c
+++ /dev/null
@@ -1,252 +0,0 @@
-/*
- *  Example ECDSA program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_ECDSA_C) && \
-    defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/ecdsa.h"
-#include "mbedtls/sha256.h"
-
-#include <string.h>
-#endif
-
-/*
- * Uncomment to show key and signature details
- */
-#define VERBOSE
-
-/*
- * Uncomment to force use of a specific curve
- */
-#define ECPARAMS    MBEDTLS_ECP_DP_SECP192R1
-
-#if !defined(ECPARAMS)
-#define ECPARAMS    mbedtls_ecp_curve_list()->grp_id
-#endif
-
-#if !defined(MBEDTLS_ECDSA_C) || !defined(MBEDTLS_SHA256_C) || \
-    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_ECDSA_C and/or MBEDTLS_SHA256_C and/or "
-           "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C not defined\n");
-    mbedtls_exit( 0 );
-}
-#else
-#if defined(VERBOSE)
-static void dump_buf( const char *title, unsigned char *buf, size_t len )
-{
-    size_t i;
-
-    mbedtls_printf( "%s", title );
-    for( i = 0; i < len; i++ )
-        mbedtls_printf("%c%c", "0123456789ABCDEF" [buf[i] / 16],
-                       "0123456789ABCDEF" [buf[i] % 16] );
-    mbedtls_printf( "\n" );
-}
-
-static void dump_pubkey( const char *title, mbedtls_ecdsa_context *key )
-{
-    unsigned char buf[300];
-    size_t len;
-
-    if( mbedtls_ecp_point_write_binary( &key->grp, &key->Q,
-                MBEDTLS_ECP_PF_UNCOMPRESSED, &len, buf, sizeof buf ) != 0 )
-    {
-        mbedtls_printf("internal error\n");
-        return;
-    }
-
-    dump_buf( title, buf, len );
-}
-#else
-#define dump_buf( a, b, c )
-#define dump_pubkey( a, b )
-#endif
-
-
-int main( int argc, char *argv[] )
-{
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    mbedtls_ecdsa_context ctx_sign, ctx_verify;
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    unsigned char message[100];
-    unsigned char hash[32];
-    unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
-    size_t sig_len;
-    const char *pers = "ecdsa";
-    ((void) argv);
-
-    mbedtls_ecdsa_init( &ctx_sign );
-    mbedtls_ecdsa_init( &ctx_verify );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-
-    memset( sig, 0, sizeof( sig ) );
-    memset( message, 0x25, sizeof( message ) );
-
-    if( argc != 1 )
-    {
-        mbedtls_printf( "usage: ecdsa\n" );
-
-#if defined(_WIN32)
-        mbedtls_printf( "\n" );
-#endif
-
-        goto exit;
-    }
-
-    /*
-     * Generate a key pair for signing
-     */
-    mbedtls_printf( "\n  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    mbedtls_entropy_init( &entropy );
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               strlen( pers ) ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n  . Generating key pair..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ecdsa_genkey( &ctx_sign, ECPARAMS,
-                              mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ecdsa_genkey returned %d\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok (key size: %d bits)\n", (int) ctx_sign.grp.pbits );
-
-    dump_pubkey( "  + Public key: ", &ctx_sign );
-
-    /*
-     * Compute message hash
-     */
-    mbedtls_printf( "  . Computing message hash..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_sha256_ret( message, sizeof( message ), hash, 0 ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_sha256_ret returned %d\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    dump_buf( "  + Hash: ", hash, sizeof( hash ) );
-
-    /*
-     * Sign message hash
-     */
-    mbedtls_printf( "  . Signing message hash..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ecdsa_write_signature( &ctx_sign, MBEDTLS_MD_SHA256,
-                                       hash, sizeof( hash ),
-                                       sig, &sig_len,
-                                       mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ecdsa_write_signature returned %d\n", ret );
-        goto exit;
-    }
-    mbedtls_printf( " ok (signature length = %u)\n", (unsigned int) sig_len );
-
-    dump_buf( "  + Signature: ", sig, sig_len );
-
-    /*
-     * Transfer public information to verifying context
-     *
-     * We could use the same context for verification and signatures, but we
-     * chose to use a new one in order to make it clear that the verifying
-     * context only needs the public key (Q), and not the private key (d).
-     */
-    mbedtls_printf( "  . Preparing verification context..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ecp_group_copy( &ctx_verify.grp, &ctx_sign.grp ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ecp_group_copy returned %d\n", ret );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_ecp_copy( &ctx_verify.Q, &ctx_sign.Q ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ecp_copy returned %d\n", ret );
-        goto exit;
-    }
-
-    /*
-     * Verify signature
-     */
-    mbedtls_printf( " ok\n  . Verifying signature..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ecdsa_read_signature( &ctx_verify,
-                                      hash, sizeof( hash ),
-                                      sig, sig_len ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ecdsa_read_signature returned %d\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_ecdsa_free( &ctx_verify );
-    mbedtls_ecdsa_free( &ctx_sign );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
-          ECPARAMS */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/gen_key.c b/3rdparty/mbedtls-2.25.0/programs/pkey/gen_key.c
deleted file mode 100644
index 63cc11e..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/pkey/gen_key.c
+++ /dev/null
@@ -1,450 +0,0 @@
-/*
- *  Key generation application
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_FS_IO) && \
-    defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/error.h"
-#include "mbedtls/pk.h"
-#include "mbedtls/ecdsa.h"
-#include "mbedtls/rsa.h"
-#include "mbedtls/error.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#if !defined(_WIN32)
-#include <unistd.h>
-
-#define DEV_RANDOM_THRESHOLD        32
-
-int dev_random_entropy_poll( void *data, unsigned char *output,
-                             size_t len, size_t *olen )
-{
-    FILE *file;
-    size_t ret, left = len;
-    unsigned char *p = output;
-    ((void) data);
-
-    *olen = 0;
-
-    file = fopen( "/dev/random", "rb" );
-    if( file == NULL )
-        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
-
-    while( left > 0 )
-    {
-        /* /dev/random can return much less than requested. If so, try again */
-        ret = fread( p, 1, left, file );
-        if( ret == 0 && ferror( file ) )
-        {
-            fclose( file );
-            return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
-        }
-
-        p += ret;
-        left -= ret;
-        sleep( 1 );
-    }
-    fclose( file );
-    *olen = len;
-
-    return( 0 );
-}
-#endif /* !_WIN32 */
-#endif
-
-#if defined(MBEDTLS_ECP_C)
-#define DFL_EC_CURVE            mbedtls_ecp_curve_list()->grp_id
-#else
-#define DFL_EC_CURVE            0
-#endif
-
-#if !defined(_WIN32) && defined(MBEDTLS_FS_IO)
-#define USAGE_DEV_RANDOM \
-    "    use_dev_random=0|1    default: 0\n"
-#else
-#define USAGE_DEV_RANDOM ""
-#endif /* !_WIN32 && MBEDTLS_FS_IO */
-
-#define FORMAT_PEM              0
-#define FORMAT_DER              1
-
-#define DFL_TYPE                MBEDTLS_PK_RSA
-#define DFL_RSA_KEYSIZE         4096
-#define DFL_FILENAME            "keyfile.key"
-#define DFL_FORMAT              FORMAT_PEM
-#define DFL_USE_DEV_RANDOM      0
-
-#define USAGE \
-    "\n usage: gen_key param=<>...\n"                   \
-    "\n acceptable parameters:\n"                       \
-    "    type=rsa|ec           default: rsa\n"          \
-    "    rsa_keysize=%%d        default: 4096\n"        \
-    "    ec_curve=%%s           see below\n"            \
-    "    filename=%%s           default: keyfile.key\n" \
-    "    format=pem|der        default: pem\n"          \
-    USAGE_DEV_RANDOM                                    \
-    "\n"
-
-#if !defined(MBEDTLS_PK_WRITE_C) || !defined(MBEDTLS_PEM_WRITE_C) || \
-    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \
-    !defined(MBEDTLS_CTR_DRBG_C)
-int main( void )
-{
-    mbedtls_printf( "MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO and/or "
-            "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
-            "MBEDTLS_PEM_WRITE_C"
-            "not defined.\n" );
-    mbedtls_exit( 0 );
-}
-#else
-
-
-/*
- * global options
- */
-struct options
-{
-    int type;                   /* the type of key to generate          */
-    int rsa_keysize;            /* length of key in bits                */
-    int ec_curve;               /* curve identifier for EC keys         */
-    const char *filename;       /* filename of the key file             */
-    int format;                 /* the output format to use             */
-    int use_dev_random;         /* use /dev/random as entropy source    */
-} opt;
-
-static int write_private_key( mbedtls_pk_context *key, const char *output_file )
-{
-    int ret;
-    FILE *f;
-    unsigned char output_buf[16000];
-    unsigned char *c = output_buf;
-    size_t len = 0;
-
-    memset(output_buf, 0, 16000);
-    if( opt.format == FORMAT_PEM )
-    {
-        if( ( ret = mbedtls_pk_write_key_pem( key, output_buf, 16000 ) ) != 0 )
-            return( ret );
-
-        len = strlen( (char *) output_buf );
-    }
-    else
-    {
-        if( ( ret = mbedtls_pk_write_key_der( key, output_buf, 16000 ) ) < 0 )
-            return( ret );
-
-        len = ret;
-        c = output_buf + sizeof(output_buf) - len;
-    }
-
-    if( ( f = fopen( output_file, "wb" ) ) == NULL )
-        return( -1 );
-
-    if( fwrite( c, 1, len, f ) != len )
-    {
-        fclose( f );
-        return( -1 );
-    }
-
-    fclose( f );
-
-    return( 0 );
-}
-
-int main( int argc, char *argv[] )
-{
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    mbedtls_pk_context key;
-    char buf[1024];
-    int i;
-    char *p, *q;
-    mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    const char *pers = "gen_key";
-#if defined(MBEDTLS_ECP_C)
-    const mbedtls_ecp_curve_info *curve_info;
-#endif
-
-    /*
-     * Set to sane values
-     */
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
-    mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
-    mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
-
-    mbedtls_pk_init( &key );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-    memset( buf, 0, sizeof( buf ) );
-
-    if( argc == 0 )
-    {
-    usage:
-        mbedtls_printf( USAGE );
-#if defined(MBEDTLS_ECP_C)
-        mbedtls_printf( " available ec_curve values:\n" );
-        curve_info = mbedtls_ecp_curve_list();
-        mbedtls_printf( "    %s (default)\n", curve_info->name );
-        while( ( ++curve_info )->name != NULL )
-            mbedtls_printf( "    %s\n", curve_info->name );
-#endif /* MBEDTLS_ECP_C */
-        goto exit;
-    }
-
-    opt.type                = DFL_TYPE;
-    opt.rsa_keysize         = DFL_RSA_KEYSIZE;
-    opt.ec_curve            = DFL_EC_CURVE;
-    opt.filename            = DFL_FILENAME;
-    opt.format              = DFL_FORMAT;
-    opt.use_dev_random      = DFL_USE_DEV_RANDOM;
-
-    for( i = 1; i < argc; i++ )
-    {
-        p = argv[i];
-        if( ( q = strchr( p, '=' ) ) == NULL )
-            goto usage;
-        *q++ = '\0';
-
-        if( strcmp( p, "type" ) == 0 )
-        {
-            if( strcmp( q, "rsa" ) == 0 )
-                opt.type = MBEDTLS_PK_RSA;
-            else if( strcmp( q, "ec" ) == 0 )
-                opt.type = MBEDTLS_PK_ECKEY;
-            else
-                goto usage;
-        }
-        else if( strcmp( p, "format" ) == 0 )
-        {
-            if( strcmp( q, "pem" ) == 0 )
-                opt.format = FORMAT_PEM;
-            else if( strcmp( q, "der" ) == 0 )
-                opt.format = FORMAT_DER;
-            else
-                goto usage;
-        }
-        else if( strcmp( p, "rsa_keysize" ) == 0 )
-        {
-            opt.rsa_keysize = atoi( q );
-            if( opt.rsa_keysize < 1024 ||
-                opt.rsa_keysize > MBEDTLS_MPI_MAX_BITS )
-                goto usage;
-        }
-#if defined(MBEDTLS_ECP_C)
-        else if( strcmp( p, "ec_curve" ) == 0 )
-        {
-            if( ( curve_info = mbedtls_ecp_curve_info_from_name( q ) ) == NULL )
-                goto usage;
-            opt.ec_curve = curve_info->grp_id;
-        }
-#endif
-        else if( strcmp( p, "filename" ) == 0 )
-            opt.filename = q;
-        else if( strcmp( p, "use_dev_random" ) == 0 )
-        {
-            opt.use_dev_random = atoi( q );
-            if( opt.use_dev_random < 0 || opt.use_dev_random > 1 )
-                goto usage;
-        }
-        else
-            goto usage;
-    }
-
-    mbedtls_printf( "\n  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    mbedtls_entropy_init( &entropy );
-#if !defined(_WIN32) && defined(MBEDTLS_FS_IO)
-    if( opt.use_dev_random )
-    {
-        if( ( ret = mbedtls_entropy_add_source( &entropy, dev_random_entropy_poll,
-                                        NULL, DEV_RANDOM_THRESHOLD,
-                                        MBEDTLS_ENTROPY_SOURCE_STRONG ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_entropy_add_source returned -0x%04x\n", (unsigned int) -ret );
-            goto exit;
-        }
-
-        mbedtls_printf("\n    Using /dev/random, so can take a long time! " );
-        fflush( stdout );
-    }
-#endif /* !_WIN32 && MBEDTLS_FS_IO */
-
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               strlen( pers ) ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned -0x%04x\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-    /*
-     * 1.1. Generate the key
-     */
-    mbedtls_printf( "\n  . Generating the private key ..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_pk_setup( &key,
-            mbedtls_pk_info_from_type( (mbedtls_pk_type_t) opt.type ) ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_pk_setup returned -0x%04x", (unsigned int) -ret );
-        goto exit;
-    }
-
-#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
-    if( opt.type == MBEDTLS_PK_RSA )
-    {
-        ret = mbedtls_rsa_gen_key( mbedtls_pk_rsa( key ), mbedtls_ctr_drbg_random, &ctr_drbg,
-                                   opt.rsa_keysize, 65537 );
-        if( ret != 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_rsa_gen_key returned -0x%04x", (unsigned int) -ret );
-            goto exit;
-        }
-    }
-    else
-#endif /* MBEDTLS_RSA_C */
-#if defined(MBEDTLS_ECP_C)
-    if( opt.type == MBEDTLS_PK_ECKEY )
-    {
-        ret = mbedtls_ecp_gen_key( (mbedtls_ecp_group_id) opt.ec_curve,
-                                   mbedtls_pk_ec( key ),
-                                   mbedtls_ctr_drbg_random, &ctr_drbg );
-        if( ret != 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_ecp_gen_key returned -0x%04x", (unsigned int) -ret );
-            goto exit;
-        }
-    }
-    else
-#endif /* MBEDTLS_ECP_C */
-    {
-        mbedtls_printf( " failed\n  !  key type not supported\n" );
-        goto exit;
-    }
-
-    /*
-     * 1.2 Print the key
-     */
-    mbedtls_printf( " ok\n  . Key information:\n" );
-
-#if defined(MBEDTLS_RSA_C)
-    if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_RSA )
-    {
-        mbedtls_rsa_context *rsa = mbedtls_pk_rsa( key );
-
-        if( ( ret = mbedtls_rsa_export    ( rsa, &N, &P, &Q, &D, &E ) ) != 0 ||
-            ( ret = mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) )      != 0 )
-        {
-            mbedtls_printf( " failed\n  ! could not export RSA parameters\n\n" );
-            goto exit;
-        }
-
-        mbedtls_mpi_write_file( "N:  ",  &N,  16, NULL );
-        mbedtls_mpi_write_file( "E:  ",  &E,  16, NULL );
-        mbedtls_mpi_write_file( "D:  ",  &D,  16, NULL );
-        mbedtls_mpi_write_file( "P:  ",  &P,  16, NULL );
-        mbedtls_mpi_write_file( "Q:  ",  &Q,  16, NULL );
-        mbedtls_mpi_write_file( "DP: ",  &DP, 16, NULL );
-        mbedtls_mpi_write_file( "DQ:  ", &DQ, 16, NULL );
-        mbedtls_mpi_write_file( "QP:  ", &QP, 16, NULL );
-    }
-    else
-#endif
-#if defined(MBEDTLS_ECP_C)
-    if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_ECKEY )
-    {
-        mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( key );
-        mbedtls_printf( "curve: %s\n",
-                mbedtls_ecp_curve_info_from_grp_id( ecp->grp.id )->name );
-        mbedtls_mpi_write_file( "X_Q:   ", &ecp->Q.X, 16, NULL );
-        mbedtls_mpi_write_file( "Y_Q:   ", &ecp->Q.Y, 16, NULL );
-        mbedtls_mpi_write_file( "D:     ", &ecp->d  , 16, NULL );
-    }
-    else
-#endif
-        mbedtls_printf("  ! key type not supported\n");
-
-    /*
-     * 1.3 Export key
-     */
-    mbedtls_printf( "  . Writing key to file..." );
-
-    if( ( ret = write_private_key( &key, opt.filename ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n" );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
-    if( exit_code != MBEDTLS_EXIT_SUCCESS )
-    {
-#ifdef MBEDTLS_ERROR_C
-        mbedtls_strerror( ret, buf, sizeof( buf ) );
-        mbedtls_printf( " - %s\n", buf );
-#else
-        mbedtls_printf("\n");
-#endif
-    }
-
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
-    mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );
-    mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP );
-
-    mbedtls_pk_free( &key );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_PK_WRITE_C && MBEDTLS_PEM_WRITE_C && MBEDTLS_FS_IO &&
-        * MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/key_app.c b/3rdparty/mbedtls-2.25.0/programs/pkey/key_app.c
deleted file mode 100644
index 7f39e5c..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/pkey/key_app.c
+++ /dev/null
@@ -1,314 +0,0 @@
-/*
- *  Key reading application
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_BIGNUM_C) && \
-    defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_FS_IO)
-#include "mbedtls/error.h"
-#include "mbedtls/rsa.h"
-#include "mbedtls/pk.h"
-
-#include <string.h>
-#endif
-
-#define MODE_NONE               0
-#define MODE_PRIVATE            1
-#define MODE_PUBLIC             2
-
-#define DFL_MODE                MODE_NONE
-#define DFL_FILENAME            "keyfile.key"
-#define DFL_PASSWORD            ""
-#define DFL_PASSWORD_FILE       ""
-#define DFL_DEBUG_LEVEL         0
-
-#define USAGE \
-    "\n usage: key_app param=<>...\n"                   \
-    "\n acceptable parameters:\n"                       \
-    "    mode=private|public default: none\n"           \
-    "    filename=%%s         default: keyfile.key\n"   \
-    "    password=%%s         default: \"\"\n"          \
-    "    password_file=%%s    default: \"\"\n"          \
-    "\n"
-
-#if !defined(MBEDTLS_BIGNUM_C) ||                                  \
-    !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_BIGNUM_C and/or "
-           "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-
-/*
- * global options
- */
-struct options
-{
-    int mode;                   /* the mode to run the application in   */
-    const char *filename;       /* filename of the key file             */
-    const char *password;       /* password for the private key         */
-    const char *password_file;  /* password_file for the private key    */
-} opt;
-
-int main( int argc, char *argv[] )
-{
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    char buf[1024];
-    int i;
-    char *p, *q;
-
-    mbedtls_pk_context pk;
-    mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
-
-    /*
-     * Set to sane values
-     */
-    mbedtls_pk_init( &pk );
-    memset( buf, 0, sizeof(buf) );
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
-    mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
-    mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
-
-    if( argc == 0 )
-    {
-    usage:
-        mbedtls_printf( USAGE );
-        goto cleanup;
-    }
-
-    opt.mode                = DFL_MODE;
-    opt.filename            = DFL_FILENAME;
-    opt.password            = DFL_PASSWORD;
-    opt.password_file       = DFL_PASSWORD_FILE;
-
-    for( i = 1; i < argc; i++ )
-    {
-        p = argv[i];
-        if( ( q = strchr( p, '=' ) ) == NULL )
-            goto usage;
-        *q++ = '\0';
-
-        if( strcmp( p, "mode" ) == 0 )
-        {
-            if( strcmp( q, "private" ) == 0 )
-                opt.mode = MODE_PRIVATE;
-            else if( strcmp( q, "public" ) == 0 )
-                opt.mode = MODE_PUBLIC;
-            else
-                goto usage;
-        }
-        else if( strcmp( p, "filename" ) == 0 )
-            opt.filename = q;
-        else if( strcmp( p, "password" ) == 0 )
-            opt.password = q;
-        else if( strcmp( p, "password_file" ) == 0 )
-            opt.password_file = q;
-        else
-            goto usage;
-    }
-
-    if( opt.mode == MODE_PRIVATE )
-    {
-        if( strlen( opt.password ) && strlen( opt.password_file ) )
-        {
-            mbedtls_printf( "Error: cannot have both password and password_file\n" );
-            goto usage;
-        }
-
-        if( strlen( opt.password_file ) )
-        {
-            FILE *f;
-
-            mbedtls_printf( "\n  . Loading the password file ..." );
-            if( ( f = fopen( opt.password_file, "rb" ) ) == NULL )
-            {
-                mbedtls_printf( " failed\n  !  fopen returned NULL\n" );
-                goto cleanup;
-            }
-            if( fgets( buf, sizeof(buf), f ) == NULL )
-            {
-                fclose( f );
-                mbedtls_printf( "Error: fgets() failed to retrieve password\n" );
-                goto cleanup;
-            }
-            fclose( f );
-
-            i = (int) strlen( buf );
-            if( buf[i - 1] == '\n' ) buf[i - 1] = '\0';
-            if( buf[i - 2] == '\r' ) buf[i - 2] = '\0';
-            opt.password = buf;
-        }
-
-        /*
-         * 1.1. Load the key
-         */
-        mbedtls_printf( "\n  . Loading the private key ..." );
-        fflush( stdout );
-
-        ret = mbedtls_pk_parse_keyfile( &pk, opt.filename, opt.password );
-
-        if( ret != 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_pk_parse_keyfile returned -0x%04x\n", (unsigned int) -ret );
-            goto cleanup;
-        }
-
-        mbedtls_printf( " ok\n" );
-
-        /*
-         * 1.2 Print the key
-         */
-        mbedtls_printf( "  . Key information    ...\n" );
-#if defined(MBEDTLS_RSA_C)
-        if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA )
-        {
-            mbedtls_rsa_context *rsa = mbedtls_pk_rsa( pk );
-
-            if( ( ret = mbedtls_rsa_export    ( rsa, &N, &P, &Q, &D, &E ) ) != 0 ||
-                ( ret = mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) )      != 0 )
-            {
-                mbedtls_printf( " failed\n  ! could not export RSA parameters\n\n" );
-                goto cleanup;
-            }
-
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "N:  ", &N, 16, NULL ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "E:  ", &E, 16, NULL ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "D:  ", &D, 16, NULL ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "P:  ", &P, 16, NULL ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q:  ", &Q, 16, NULL ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "DP: ", &DP, 16, NULL ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "DQ:  ", &DQ, 16, NULL ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "QP:  ", &QP, 16, NULL ) );
-        }
-        else
-#endif
-#if defined(MBEDTLS_ECP_C)
-        if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY )
-        {
-            mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "D   : ", &ecp->d  , 16, NULL ) );
-        }
-        else
-#endif
-        {
-            mbedtls_printf("Do not know how to print key information for this type\n" );
-            goto cleanup;
-        }
-    }
-    else if( opt.mode == MODE_PUBLIC )
-    {
-        /*
-         * 1.1. Load the key
-         */
-        mbedtls_printf( "\n  . Loading the public key ..." );
-        fflush( stdout );
-
-        ret = mbedtls_pk_parse_public_keyfile( &pk, opt.filename );
-
-        if( ret != 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_pk_parse_public_keyfile returned -0x%04x\n", (unsigned int) -ret );
-            goto cleanup;
-        }
-
-        mbedtls_printf( " ok\n" );
-
-        mbedtls_printf( "  . Key information    ...\n" );
-#if defined(MBEDTLS_RSA_C)
-        if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA )
-        {
-            mbedtls_rsa_context *rsa = mbedtls_pk_rsa( pk );
-
-            if( ( ret = mbedtls_rsa_export( rsa, &N, NULL, NULL,
-                                            NULL, &E ) ) != 0 )
-            {
-                mbedtls_printf( " failed\n  ! could not export RSA parameters\n\n" );
-                goto cleanup;
-            }
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "N:  ", &N, 16, NULL ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "E:  ", &E, 16, NULL ) );
-        }
-        else
-#endif
-#if defined(MBEDTLS_ECP_C)
-        if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY )
-        {
-            mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ) );
-            MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ) );
-        }
-        else
-#endif
-        {
-            mbedtls_printf("Do not know how to print key information for this type\n" );
-            goto cleanup;
-        }
-    }
-    else
-        goto usage;
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-cleanup:
-
-#if defined(MBEDTLS_ERROR_C)
-    if( exit_code != MBEDTLS_EXIT_SUCCESS )
-    {
-        mbedtls_strerror( ret, buf, sizeof( buf ) );
-        mbedtls_printf( "  !  Last error was: %s\n", buf );
-    }
-#endif
-
-    mbedtls_pk_free( &pk );
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
-    mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );
-    mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/key_app_writer.c b/3rdparty/mbedtls-2.25.0/programs/pkey/key_app_writer.c
deleted file mode 100644
index 6a4d0e4..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/pkey/key_app_writer.c
+++ /dev/null
@@ -1,439 +0,0 @@
-/*
- *  Key writing application
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_FS_IO)
-#include "mbedtls/error.h"
-#include "mbedtls/pk.h"
-#include "mbedtls/error.h"
-
-#include <stdio.h>
-#include <string.h>
-#endif
-
-#if defined(MBEDTLS_PEM_WRITE_C)
-#define USAGE_OUT \
-    "    output_file=%%s      default: keyfile.pem\n"   \
-    "    output_format=pem|der default: pem\n"
-#else
-#define USAGE_OUT \
-    "    output_file=%%s      default: keyfile.der\n"   \
-    "    output_format=der     default: der\n"
-#endif
-
-#if defined(MBEDTLS_PEM_WRITE_C)
-#define DFL_OUTPUT_FILENAME     "keyfile.pem"
-#define DFL_OUTPUT_FORMAT       OUTPUT_FORMAT_PEM
-#else
-#define DFL_OUTPUT_FILENAME     "keyfile.der"
-#define DFL_OUTPUT_FORMAT       OUTPUT_FORMAT_DER
-#endif
-
-#define DFL_MODE                MODE_NONE
-#define DFL_FILENAME            "keyfile.key"
-#define DFL_DEBUG_LEVEL         0
-#define DFL_OUTPUT_MODE         OUTPUT_MODE_NONE
-
-#define MODE_NONE               0
-#define MODE_PRIVATE            1
-#define MODE_PUBLIC             2
-
-#define OUTPUT_MODE_NONE               0
-#define OUTPUT_MODE_PRIVATE            1
-#define OUTPUT_MODE_PUBLIC             2
-
-#define OUTPUT_FORMAT_PEM              0
-#define OUTPUT_FORMAT_DER              1
-
-#define USAGE \
-    "\n usage: key_app_writer param=<>...\n"            \
-    "\n acceptable parameters:\n"                       \
-    "    mode=private|public default: none\n"           \
-    "    filename=%%s         default: keyfile.key\n"   \
-    "    output_mode=private|public default: none\n"    \
-    USAGE_OUT                                           \
-    "\n"
-
-#if !defined(MBEDTLS_PK_PARSE_C) || \
-    !defined(MBEDTLS_PK_WRITE_C) || \
-    !defined(MBEDTLS_FS_IO)
-int main( void )
-{
-    mbedtls_printf( "MBEDTLS_PK_PARSE_C and/or MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO not defined.\n" );
-    mbedtls_exit( 0 );
-}
-#else
-
-
-/*
- * global options
- */
-struct options
-{
-    int mode;                   /* the mode to run the application in   */
-    const char *filename;       /* filename of the key file             */
-    int output_mode;            /* the output mode to use               */
-    const char *output_file;    /* where to store the constructed key file  */
-    int output_format;          /* the output format to use             */
-} opt;
-
-static int write_public_key( mbedtls_pk_context *key, const char *output_file )
-{
-    int ret;
-    FILE *f;
-    unsigned char output_buf[16000];
-    unsigned char *c = output_buf;
-    size_t len = 0;
-
-    memset(output_buf, 0, 16000);
-
-#if defined(MBEDTLS_PEM_WRITE_C)
-    if( opt.output_format == OUTPUT_FORMAT_PEM )
-    {
-        if( ( ret = mbedtls_pk_write_pubkey_pem( key, output_buf, 16000 ) ) != 0 )
-            return( ret );
-
-        len = strlen( (char *) output_buf );
-    }
-    else
-#endif
-    {
-        if( ( ret = mbedtls_pk_write_pubkey_der( key, output_buf, 16000 ) ) < 0 )
-            return( ret );
-
-        len = ret;
-        c = output_buf + sizeof(output_buf) - len;
-    }
-
-    if( ( f = fopen( output_file, "w" ) ) == NULL )
-        return( -1 );
-
-    if( fwrite( c, 1, len, f ) != len )
-    {
-        fclose( f );
-        return( -1 );
-    }
-
-    fclose( f );
-
-    return( 0 );
-}
-
-static int write_private_key( mbedtls_pk_context *key, const char *output_file )
-{
-    int ret;
-    FILE *f;
-    unsigned char output_buf[16000];
-    unsigned char *c = output_buf;
-    size_t len = 0;
-
-    memset(output_buf, 0, 16000);
-
-#if defined(MBEDTLS_PEM_WRITE_C)
-    if( opt.output_format == OUTPUT_FORMAT_PEM )
-    {
-        if( ( ret = mbedtls_pk_write_key_pem( key, output_buf, 16000 ) ) != 0 )
-            return( ret );
-
-        len = strlen( (char *) output_buf );
-    }
-    else
-#endif
-    {
-        if( ( ret = mbedtls_pk_write_key_der( key, output_buf, 16000 ) ) < 0 )
-            return( ret );
-
-        len = ret;
-        c = output_buf + sizeof(output_buf) - len;
-    }
-
-    if( ( f = fopen( output_file, "w" ) ) == NULL )
-        return( -1 );
-
-    if( fwrite( c, 1, len, f ) != len )
-    {
-        fclose( f );
-        return( -1 );
-    }
-
-    fclose( f );
-
-    return( 0 );
-}
-
-int main( int argc, char *argv[] )
-{
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    char buf[1024];
-    int i;
-    char *p, *q;
-
-    mbedtls_pk_context key;
-    mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
-
-    /*
-     * Set to sane values
-     */
-    mbedtls_pk_init( &key );
-    memset( buf, 0, sizeof( buf ) );
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
-    mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
-    mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
-
-    if( argc == 0 )
-    {
-    usage:
-        mbedtls_printf( USAGE );
-        goto exit;
-    }
-
-    opt.mode                = DFL_MODE;
-    opt.filename            = DFL_FILENAME;
-    opt.output_mode         = DFL_OUTPUT_MODE;
-    opt.output_file         = DFL_OUTPUT_FILENAME;
-    opt.output_format       = DFL_OUTPUT_FORMAT;
-
-    for( i = 1; i < argc; i++ )
-    {
-        p = argv[i];
-        if( ( q = strchr( p, '=' ) ) == NULL )
-            goto usage;
-        *q++ = '\0';
-
-        if( strcmp( p, "mode" ) == 0 )
-        {
-            if( strcmp( q, "private" ) == 0 )
-                opt.mode = MODE_PRIVATE;
-            else if( strcmp( q, "public" ) == 0 )
-                opt.mode = MODE_PUBLIC;
-            else
-                goto usage;
-        }
-        else if( strcmp( p, "output_mode" ) == 0 )
-        {
-            if( strcmp( q, "private" ) == 0 )
-                opt.output_mode = OUTPUT_MODE_PRIVATE;
-            else if( strcmp( q, "public" ) == 0 )
-                opt.output_mode = OUTPUT_MODE_PUBLIC;
-            else
-                goto usage;
-        }
-        else if( strcmp( p, "output_format" ) == 0 )
-        {
-#if defined(MBEDTLS_PEM_WRITE_C)
-            if( strcmp( q, "pem" ) == 0 )
-                opt.output_format = OUTPUT_FORMAT_PEM;
-            else
-#endif
-            if( strcmp( q, "der" ) == 0 )
-                opt.output_format = OUTPUT_FORMAT_DER;
-            else
-                goto usage;
-        }
-        else if( strcmp( p, "filename" ) == 0 )
-            opt.filename = q;
-        else if( strcmp( p, "output_file" ) == 0 )
-            opt.output_file = q;
-        else
-            goto usage;
-    }
-
-    if( opt.mode == MODE_NONE && opt.output_mode != OUTPUT_MODE_NONE )
-    {
-        mbedtls_printf( "\nCannot output a key without reading one.\n");
-        goto exit;
-    }
-
-    if( opt.mode == MODE_PUBLIC && opt.output_mode == OUTPUT_MODE_PRIVATE )
-    {
-        mbedtls_printf( "\nCannot output a private key from a public key.\n");
-        goto exit;
-    }
-
-    if( opt.mode == MODE_PRIVATE )
-    {
-        /*
-         * 1.1. Load the key
-         */
-        mbedtls_printf( "\n  . Loading the private key ..." );
-        fflush( stdout );
-
-        ret = mbedtls_pk_parse_keyfile( &key, opt.filename, NULL );
-
-        if( ret != 0 )
-        {
-            mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
-            mbedtls_printf( " failed\n  !  mbedtls_pk_parse_keyfile returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
-            goto exit;
-        }
-
-        mbedtls_printf( " ok\n" );
-
-        /*
-         * 1.2 Print the key
-         */
-        mbedtls_printf( "  . Key information    ...\n" );
-
-#if defined(MBEDTLS_RSA_C)
-        if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_RSA )
-        {
-            mbedtls_rsa_context *rsa = mbedtls_pk_rsa( key );
-
-            if( ( ret = mbedtls_rsa_export    ( rsa, &N, &P, &Q, &D, &E ) ) != 0 ||
-                ( ret = mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) )      != 0 )
-            {
-                mbedtls_printf( " failed\n  ! could not export RSA parameters\n\n" );
-                goto exit;
-            }
-
-            mbedtls_mpi_write_file( "N:  ",  &N,  16, NULL );
-            mbedtls_mpi_write_file( "E:  ",  &E,  16, NULL );
-            mbedtls_mpi_write_file( "D:  ",  &D,  16, NULL );
-            mbedtls_mpi_write_file( "P:  ",  &P,  16, NULL );
-            mbedtls_mpi_write_file( "Q:  ",  &Q,  16, NULL );
-            mbedtls_mpi_write_file( "DP: ",  &DP, 16, NULL );
-            mbedtls_mpi_write_file( "DQ:  ", &DQ, 16, NULL );
-            mbedtls_mpi_write_file( "QP:  ", &QP, 16, NULL );
-        }
-        else
-#endif
-#if defined(MBEDTLS_ECP_C)
-        if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_ECKEY )
-        {
-            mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( key );
-            mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL );
-            mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL );
-            mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL );
-            mbedtls_mpi_write_file( "D   : ", &ecp->d  , 16, NULL );
-        }
-        else
-#endif
-            mbedtls_printf("key type not supported yet\n");
-
-    }
-    else if( opt.mode == MODE_PUBLIC )
-    {
-        /*
-         * 1.1. Load the key
-         */
-        mbedtls_printf( "\n  . Loading the public key ..." );
-        fflush( stdout );
-
-        ret = mbedtls_pk_parse_public_keyfile( &key, opt.filename );
-
-        if( ret != 0 )
-        {
-            mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
-            mbedtls_printf( " failed\n  !  mbedtls_pk_parse_public_key returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
-            goto exit;
-        }
-
-        mbedtls_printf( " ok\n" );
-
-        /*
-         * 1.2 Print the key
-         */
-        mbedtls_printf( "  . Key information    ...\n" );
-
-#if defined(MBEDTLS_RSA_C)
-        if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_RSA )
-        {
-            mbedtls_rsa_context *rsa = mbedtls_pk_rsa( key );
-
-            if( ( ret = mbedtls_rsa_export( rsa, &N, NULL, NULL,
-                                            NULL, &E ) ) != 0 )
-            {
-                mbedtls_printf( " failed\n  ! could not export RSA parameters\n\n" );
-                goto exit;
-            }
-            mbedtls_mpi_write_file( "N: ", &N, 16, NULL );
-            mbedtls_mpi_write_file( "E: ", &E, 16, NULL );
-        }
-        else
-#endif
-#if defined(MBEDTLS_ECP_C)
-        if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_ECKEY )
-        {
-            mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( key );
-            mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL );
-            mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL );
-            mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL );
-        }
-        else
-#endif
-            mbedtls_printf("key type not supported yet\n");
-    }
-    else
-        goto usage;
-
-    if( opt.output_mode == OUTPUT_MODE_PUBLIC )
-    {
-        write_public_key( &key, opt.output_file );
-    }
-    if( opt.output_mode == OUTPUT_MODE_PRIVATE )
-    {
-        write_private_key( &key, opt.output_file );
-    }
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
-    if( exit_code != MBEDTLS_EXIT_SUCCESS )
-    {
-#ifdef MBEDTLS_ERROR_C
-        mbedtls_strerror( ret, buf, sizeof( buf ) );
-        mbedtls_printf( " - %s\n", buf );
-#else
-        mbedtls_printf("\n");
-#endif
-    }
-
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
-    mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );
-    mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP );
-
-    mbedtls_pk_free( &key );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_PK_PARSE_C && MBEDTLS_PK_WRITE_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/mpi_demo.c b/3rdparty/mbedtls-2.25.0/programs/pkey/mpi_demo.c
deleted file mode 100644
index 8245d01..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/pkey/mpi_demo.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/*
- *  Simple MPI demonstration program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_FS_IO)
-#include "mbedtls/bignum.h"
-
-#include <stdio.h>
-#endif
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_FS_IO)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_FS_IO not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-
-int main( void )
-{
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    mbedtls_mpi E, P, Q, N, H, D, X, Y, Z;
-
-    mbedtls_mpi_init( &E ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &N );
-    mbedtls_mpi_init( &H ); mbedtls_mpi_init( &D ); mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
-    mbedtls_mpi_init( &Z );
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &P, 10, "2789" ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &Q, 10, "3203" ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &E, 10,  "257" ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &N, &P, &Q ) );
-
-    mbedtls_printf( "\n  Public key:\n\n" );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "  N = ", &N, 10, NULL ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "  E = ", &E, 10, NULL ) );
-
-    mbedtls_printf( "\n  Private key:\n\n" );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "  P = ", &P, 10, NULL ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "  Q = ", &Q, 10, NULL ) );
-
-#if defined(MBEDTLS_GENPRIME)
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &P, &P, 1 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &Q, &Q, 1 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &H, &P, &Q ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &D, &E, &H ) );
-
-    mbedtls_mpi_write_file( "  D = E^-1 mod (P-1)*(Q-1) = ",
-                    &D, 10, NULL );
-#else
-    mbedtls_printf("\nTest skipped (MBEDTLS_GENPRIME not defined).\n\n");
-#endif
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &X, 10, "55555" ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &Y, &X, &E, &N, NULL ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &Z, &Y, &D, &N, NULL ) );
-
-    mbedtls_printf( "\n  RSA operation:\n\n" );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "  X (plaintext)  = ", &X, 10, NULL ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "  Y (ciphertext) = X^E mod N = ", &Y, 10, NULL ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "  Z (decrypted)  = Y^D mod N = ", &Z, 10, NULL ) );
-    mbedtls_printf( "\n" );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-cleanup:
-    mbedtls_mpi_free( &E ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &N );
-    mbedtls_mpi_free( &H ); mbedtls_mpi_free( &D ); mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
-    mbedtls_mpi_free( &Z );
-
-    if( exit_code != MBEDTLS_EXIT_SUCCESS )
-    {
-        mbedtls_printf( "\nAn error occurred.\n" );
-    }
-
-#if defined(_WIN32)
-    mbedtls_printf( "  Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/pk_decrypt.c b/3rdparty/mbedtls-2.25.0/programs/pkey/pk_decrypt.c
deleted file mode 100644
index 810d6fb..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/pkey/pk_decrypt.c
+++ /dev/null
@@ -1,176 +0,0 @@
-/*
- *  Public key-based simple decryption program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_PK_PARSE_C) && \
-    defined(MBEDTLS_FS_IO) && defined(MBEDTLS_ENTROPY_C) && \
-    defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/error.h"
-#include "mbedtls/pk.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <stdio.h>
-#include <string.h>
-#endif
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_PK_PARSE_C) ||  \
-    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \
-    !defined(MBEDTLS_CTR_DRBG_C)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_PK_PARSE_C and/or "
-           "MBEDTLS_FS_IO and/or MBEDTLS_ENTROPY_C and/or "
-           "MBEDTLS_CTR_DRBG_C not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-
-int main( int argc, char *argv[] )
-{
-    FILE *f;
-    int ret = 1;
-    unsigned c;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    size_t i, olen = 0;
-    mbedtls_pk_context pk;
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    unsigned char result[1024];
-    unsigned char buf[512];
-    const char *pers = "mbedtls_pk_decrypt";
-    ((void) argv);
-
-    mbedtls_pk_init( &pk );
-    mbedtls_entropy_init( &entropy );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-
-    memset(result, 0, sizeof( result ) );
-
-    if( argc != 2 )
-    {
-        mbedtls_printf( "usage: mbedtls_pk_decrypt <key_file>\n" );
-
-#if defined(_WIN32)
-        mbedtls_printf( "\n" );
-#endif
-
-        goto exit;
-    }
-
-    mbedtls_printf( "\n  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
-                                       &entropy, (const unsigned char *) pers,
-                                       strlen( pers ) ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned -0x%04x\n",
-                        (unsigned int) -ret );
-        goto exit;
-    }
-
-    mbedtls_printf( "\n  . Reading private key from '%s'", argv[1] );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_pk_parse_keyfile returned -0x%04x\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-    /*
-     * Extract the RSA encrypted value from the text file
-     */
-    if( ( f = fopen( "result-enc.txt", "rb" ) ) == NULL )
-    {
-        mbedtls_printf( "\n  ! Could not open %s\n\n", "result-enc.txt" );
-        ret = 1;
-        goto exit;
-    }
-
-    i = 0;
-    while( fscanf( f, "%02X", (unsigned int*) &c ) > 0 &&
-           i < (int) sizeof( buf ) )
-    {
-        buf[i++] = (unsigned char) c;
-    }
-
-    fclose( f );
-
-    /*
-     * Decrypt the encrypted RSA data and print the result.
-     */
-    mbedtls_printf( "\n  . Decrypting the encrypted data" );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_pk_decrypt( &pk, buf, i, result, &olen, sizeof(result),
-                            mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_pk_decrypt returned -0x%04x\n",
-                        (unsigned int) -ret );
-        goto exit;
-    }
-
-    mbedtls_printf( "\n  . OK\n\n" );
-
-    mbedtls_printf( "The decrypted result is: '%s'\n\n", result );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
-    mbedtls_pk_free( &pk );
-    mbedtls_entropy_free( &entropy );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-
-#if defined(MBEDTLS_ERROR_C)
-    if( exit_code != MBEDTLS_EXIT_SUCCESS )
-    {
-        mbedtls_strerror( ret, (char *) buf, sizeof( buf ) );
-        mbedtls_printf( "  !  Last error was: %s\n", buf );
-    }
-#endif
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
-          MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/pk_encrypt.c b/3rdparty/mbedtls-2.25.0/programs/pkey/pk_encrypt.c
deleted file mode 100644
index e629dc1..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/pkey/pk_encrypt.c
+++ /dev/null
@@ -1,180 +0,0 @@
-/*
- *  RSA simple data encryption program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_fprintf         fprintf
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_PK_PARSE_C) && \
-    defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_FS_IO) && \
-    defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/error.h"
-#include "mbedtls/pk.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <stdio.h>
-#include <string.h>
-#endif
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_PK_PARSE_C) ||  \
-    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_FS_IO) || \
-    !defined(MBEDTLS_CTR_DRBG_C)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_PK_PARSE_C and/or "
-           "MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO and/or "
-           "MBEDTLS_CTR_DRBG_C not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-
-int main( int argc, char *argv[] )
-{
-    FILE *f;
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    size_t i, olen = 0;
-    mbedtls_pk_context pk;
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    unsigned char input[1024];
-    unsigned char buf[512];
-    const char *pers = "mbedtls_pk_encrypt";
-
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-    mbedtls_entropy_init( &entropy );
-    mbedtls_pk_init( &pk );
-
-    if( argc != 3 )
-    {
-        mbedtls_printf( "usage: mbedtls_pk_encrypt <key_file> <string of max 100 characters>\n" );
-
-#if defined(_WIN32)
-        mbedtls_printf( "\n" );
-#endif
-
-        goto exit;
-    }
-
-    mbedtls_printf( "\n  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
-                                       &entropy, (const unsigned char *) pers,
-                                       strlen( pers ) ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned -0x%04x\n",
-                        (unsigned int) -ret );
-        goto exit;
-    }
-
-    mbedtls_printf( "\n  . Reading public key from '%s'", argv[1] );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-    if( strlen( argv[2] ) > 100 )
-    {
-        mbedtls_printf( " Input data larger than 100 characters.\n\n" );
-        goto exit;
-    }
-
-    memcpy( input, argv[2], strlen( argv[2] ) );
-
-    /*
-     * Calculate the RSA encryption of the hash.
-     */
-    mbedtls_printf( "\n  . Generating the encrypted value" );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_pk_encrypt( &pk, input, strlen( argv[2] ),
-                            buf, &olen, sizeof(buf),
-                            mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_pk_encrypt returned -0x%04x\n",
-                        (unsigned int) -ret );
-        goto exit;
-    }
-
-    /*
-     * Write the signature into result-enc.txt
-     */
-    if( ( f = fopen( "result-enc.txt", "wb+" ) ) == NULL )
-    {
-        mbedtls_printf( " failed\n  ! Could not create %s\n\n",
-                        "result-enc.txt" );
-        ret = 1;
-        goto exit;
-    }
-
-    for( i = 0; i < olen; i++ )
-    {
-        mbedtls_fprintf( f, "%02X%s", buf[i],
-                 ( i + 1 ) % 16 == 0 ? "\r\n" : " " );
-    }
-
-    fclose( f );
-
-    mbedtls_printf( "\n  . Done (created \"%s\")\n\n", "result-enc.txt" );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
-    mbedtls_pk_free( &pk );
-    mbedtls_entropy_free( &entropy );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-
-#if defined(MBEDTLS_ERROR_C)
-    if( exit_code != MBEDTLS_EXIT_SUCCESS )
-    {
-        mbedtls_strerror( ret, (char *) buf, sizeof( buf ) );
-        mbedtls_printf( "  !  Last error was: %s\n", buf );
-    }
-#endif
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_ENTROPY_C &&
-          MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/pk_sign.c b/3rdparty/mbedtls-2.25.0/programs/pkey/pk_sign.c
deleted file mode 100644
index 451e3de..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/pkey/pk_sign.c
+++ /dev/null
@@ -1,178 +0,0 @@
-/*
- *  Public key-based signature creation program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_snprintf        snprintf
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) ||  \
-    !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \
-    !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) ||    \
-    !defined(MBEDTLS_CTR_DRBG_C)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
-           "MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or "
-           "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or "
-           "MBEDTLS_CTR_DRBG_C not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-#include "mbedtls/error.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/md.h"
-#include "mbedtls/pk.h"
-
-#include <stdio.h>
-#include <string.h>
-
-int main( int argc, char *argv[] )
-{
-    FILE *f;
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    mbedtls_pk_context pk;
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    unsigned char hash[32];
-    unsigned char buf[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
-    char filename[512];
-    const char *pers = "mbedtls_pk_sign";
-    size_t olen = 0;
-
-    mbedtls_entropy_init( &entropy );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-    mbedtls_pk_init( &pk );
-
-    if( argc != 3 )
-    {
-        mbedtls_printf( "usage: mbedtls_pk_sign <key_file> <filename>\n" );
-
-#if defined(_WIN32)
-        mbedtls_printf( "\n" );
-#endif
-
-        goto exit;
-    }
-
-    mbedtls_printf( "\n  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               strlen( pers ) ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned -0x%04x\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-    mbedtls_printf( "\n  . Reading private key from '%s'", argv[1] );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! Could not parse '%s'\n", argv[1] );
-        goto exit;
-    }
-
-    /*
-     * Compute the SHA-256 hash of the input file,
-     * then calculate the signature of the hash.
-     */
-    mbedtls_printf( "\n  . Generating the SHA-256 signature" );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_md_file(
-                    mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ),
-                    argv[2], hash ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! Could not open or read %s\n\n", argv[2] );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, 0, buf, &olen,
-                         mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_pk_sign returned -0x%04x\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-    /*
-     * Write the signature into <filename>.sig
-     */
-    mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[2] );
-
-    if( ( f = fopen( filename, "wb+" ) ) == NULL )
-    {
-        mbedtls_printf( " failed\n  ! Could not create %s\n\n", filename );
-        goto exit;
-    }
-
-    if( fwrite( buf, 1, olen, f ) != olen )
-    {
-        mbedtls_printf( "failed\n  ! fwrite failed\n\n" );
-        fclose( f );
-        goto exit;
-    }
-
-    fclose( f );
-
-    mbedtls_printf( "\n  . Done (created \"%s\")\n\n", filename );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-    mbedtls_pk_free( &pk );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-#if defined(MBEDTLS_ERROR_C)
-    if( exit_code != MBEDTLS_EXIT_SUCCESS )
-    {
-        mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
-        mbedtls_printf( "  !  Last error was: %s\n", buf );
-    }
-#endif
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C &&
-          MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
-          MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/pk_verify.c b/3rdparty/mbedtls-2.25.0/programs/pkey/pk_verify.c
deleted file mode 100644
index ee72243..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/pkey/pk_verify.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/*
- *  Public key-based signature verification program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_snprintf        snprintf
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_MD_C) || \
-    !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_PK_PARSE_C) ||   \
-    !defined(MBEDTLS_FS_IO)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_MD_C and/or "
-           "MBEDTLS_SHA256_C and/or MBEDTLS_PK_PARSE_C and/or "
-           "MBEDTLS_FS_IO not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-#include "mbedtls/error.h"
-#include "mbedtls/md.h"
-#include "mbedtls/pk.h"
-
-#include <stdio.h>
-#include <string.h>
-
-
-int main( int argc, char *argv[] )
-{
-    FILE *f;
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    size_t i;
-    mbedtls_pk_context pk;
-    unsigned char hash[32];
-    unsigned char buf[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
-    char filename[512];
-
-    mbedtls_pk_init( &pk );
-
-    if( argc != 3 )
-    {
-        mbedtls_printf( "usage: mbedtls_pk_verify <key_file> <filename>\n" );
-
-#if defined(_WIN32)
-        mbedtls_printf( "\n" );
-#endif
-
-        goto exit;
-    }
-
-    mbedtls_printf( "\n  . Reading public key from '%s'", argv[1] );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-    /*
-     * Extract the signature from the file
-     */
-    mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[2] );
-
-    if( ( f = fopen( filename, "rb" ) ) == NULL )
-    {
-        mbedtls_printf( "\n  ! Could not open %s\n\n", filename );
-        goto exit;
-    }
-
-    i = fread( buf, 1, sizeof(buf), f );
-
-    fclose( f );
-
-    /*
-     * Compute the SHA-256 hash of the input file and
-     * verify the signature
-     */
-    mbedtls_printf( "\n  . Verifying the SHA-256 signature" );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_md_file(
-                    mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ),
-                    argv[2], hash ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! Could not open or read %s\n\n", argv[2] );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256, hash, 0,
-                           buf, i ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_pk_verify returned -0x%04x\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-    mbedtls_printf( "\n  . OK (the signature is valid)\n\n" );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-    mbedtls_pk_free( &pk );
-
-#if defined(MBEDTLS_ERROR_C)
-    if( exit_code != MBEDTLS_EXIT_SUCCESS )
-    {
-        mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
-        mbedtls_printf( "  !  Last error was: %s\n", buf );
-    }
-#endif
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_SHA256_C &&
-          MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_decrypt.c b/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_decrypt.c
deleted file mode 100644
index 01bf3a6..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_decrypt.c
+++ /dev/null
@@ -1,210 +0,0 @@
-/*
- *  RSA simple decryption program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf       printf
-#define mbedtls_exit         exit
-#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_RSA_C) && \
-    defined(MBEDTLS_FS_IO) && defined(MBEDTLS_ENTROPY_C) && \
-    defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/rsa.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <string.h>
-
-#endif
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) ||  \
-    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \
-    !defined(MBEDTLS_CTR_DRBG_C)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
-           "MBEDTLS_FS_IO and/or MBEDTLS_ENTROPY_C and/or "
-           "MBEDTLS_CTR_DRBG_C not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-
-int main( int argc, char *argv[] )
-{
-    FILE *f;
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    unsigned c;
-    size_t i;
-    mbedtls_rsa_context rsa;
-    mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    unsigned char result[1024];
-    unsigned char buf[512];
-    const char *pers = "rsa_decrypt";
-    ((void) argv);
-
-    memset(result, 0, sizeof( result ) );
-
-    if( argc != 1 )
-    {
-        mbedtls_printf( "usage: rsa_decrypt\n" );
-
-#if defined(_WIN32)
-        mbedtls_printf( "\n" );
-#endif
-
-        mbedtls_exit( exit_code );
-    }
-
-    mbedtls_printf( "\n  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-    mbedtls_entropy_init( &entropy );
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
-    mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
-    mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
-
-    ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
-                                        &entropy, (const unsigned char *) pers,
-                                        strlen( pers ) );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n",
-                        ret );
-        goto exit;
-    }
-
-    mbedtls_printf( "\n  . Reading private key from rsa_priv.txt" );
-    fflush( stdout );
-
-    if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL )
-    {
-        mbedtls_printf( " failed\n  ! Could not open rsa_priv.txt\n" \
-                "  ! Please run rsa_genkey first\n\n" );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_mpi_read_file( &N , 16, f ) )  != 0 ||
-        ( ret = mbedtls_mpi_read_file( &E , 16, f ) )  != 0 ||
-        ( ret = mbedtls_mpi_read_file( &D , 16, f ) )  != 0 ||
-        ( ret = mbedtls_mpi_read_file( &P , 16, f ) )  != 0 ||
-        ( ret = mbedtls_mpi_read_file( &Q , 16, f ) )  != 0 ||
-        ( ret = mbedtls_mpi_read_file( &DP , 16, f ) ) != 0 ||
-        ( ret = mbedtls_mpi_read_file( &DQ , 16, f ) ) != 0 ||
-        ( ret = mbedtls_mpi_read_file( &QP , 16, f ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_mpi_read_file returned %d\n\n",
-                        ret );
-        fclose( f );
-        goto exit;
-    }
-    fclose( f );
-
-    if( ( ret = mbedtls_rsa_import( &rsa, &N, &P, &Q, &D, &E ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_rsa_import returned %d\n\n",
-                        ret );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_rsa_complete( &rsa ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_rsa_complete returned %d\n\n",
-                        ret );
-        goto exit;
-    }
-
-    /*
-     * Extract the RSA encrypted value from the text file
-     */
-    if( ( f = fopen( "result-enc.txt", "rb" ) ) == NULL )
-    {
-        mbedtls_printf( "\n  ! Could not open %s\n\n", "result-enc.txt" );
-        goto exit;
-    }
-
-    i = 0;
-
-    while( fscanf( f, "%02X", (unsigned int*) &c ) > 0 &&
-           i < (int) sizeof( buf ) )
-        buf[i++] = (unsigned char) c;
-
-    fclose( f );
-
-    if( i != rsa.len )
-    {
-        mbedtls_printf( "\n  ! Invalid RSA signature format\n\n" );
-        goto exit;
-    }
-
-    /*
-     * Decrypt the encrypted RSA data and print the result.
-     */
-    mbedtls_printf( "\n  . Decrypting the encrypted data" );
-    fflush( stdout );
-
-    ret = mbedtls_rsa_pkcs1_decrypt( &rsa, mbedtls_ctr_drbg_random,
-                                            &ctr_drbg, MBEDTLS_RSA_PRIVATE, &i,
-                                            buf, result, 1024 );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_rsa_pkcs1_decrypt returned %d\n\n",
-                        ret );
-        goto exit;
-    }
-
-    mbedtls_printf( "\n  . OK\n\n" );
-
-    mbedtls_printf( "The decrypted result is: '%s'\n\n", result );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-    mbedtls_rsa_free( &rsa );
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
-    mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );
-    mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_encrypt.c b/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_encrypt.c
deleted file mode 100644
index ba01201..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_encrypt.c
+++ /dev/null
@@ -1,188 +0,0 @@
-/*
- *  RSA simple data encryption program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_fprintf         fprintf
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_RSA_C) && \
-    defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_FS_IO) && \
-    defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/rsa.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <string.h>
-#endif
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) ||  \
-    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_FS_IO) || \
-    !defined(MBEDTLS_CTR_DRBG_C)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
-           "MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO and/or "
-           "MBEDTLS_CTR_DRBG_C not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-
-int main( int argc, char *argv[] )
-{
-    FILE *f;
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    size_t i;
-    mbedtls_rsa_context rsa;
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    unsigned char input[1024];
-    unsigned char buf[512];
-    const char *pers = "rsa_encrypt";
-    mbedtls_mpi N, E;
-
-    if( argc != 2 )
-    {
-        mbedtls_printf( "usage: rsa_encrypt <string of max 100 characters>\n" );
-
-#if defined(_WIN32)
-        mbedtls_printf( "\n" );
-#endif
-
-        mbedtls_exit( exit_code );
-    }
-
-    mbedtls_printf( "\n  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
-    mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-    mbedtls_entropy_init( &entropy );
-
-    ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
-                                 &entropy, (const unsigned char *) pers,
-                                 strlen( pers ) );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n",
-                        ret );
-        goto exit;
-    }
-
-    mbedtls_printf( "\n  . Reading public key from rsa_pub.txt" );
-    fflush( stdout );
-
-    if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL )
-    {
-        mbedtls_printf( " failed\n  ! Could not open rsa_pub.txt\n" \
-                "  ! Please run rsa_genkey first\n\n" );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_mpi_read_file( &N, 16, f ) ) != 0 ||
-        ( ret = mbedtls_mpi_read_file( &E, 16, f ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_mpi_read_file returned %d\n\n",
-                        ret );
-        fclose( f );
-        goto exit;
-    }
-    fclose( f );
-
-    if( ( ret = mbedtls_rsa_import( &rsa, &N, NULL, NULL, NULL, &E ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_rsa_import returned %d\n\n",
-                        ret );
-        goto exit;
-    }
-
-    if( strlen( argv[1] ) > 100 )
-    {
-        mbedtls_printf( " Input data larger than 100 characters.\n\n" );
-        goto exit;
-    }
-
-    memcpy( input, argv[1], strlen( argv[1] ) );
-
-    /*
-     * Calculate the RSA encryption of the hash.
-     */
-    mbedtls_printf( "\n  . Generating the RSA encrypted value" );
-    fflush( stdout );
-
-    ret = mbedtls_rsa_pkcs1_encrypt( &rsa, mbedtls_ctr_drbg_random,
-                                     &ctr_drbg, MBEDTLS_RSA_PUBLIC,
-                                     strlen( argv[1] ), input, buf );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_rsa_pkcs1_encrypt returned %d\n\n",
-                        ret );
-        goto exit;
-    }
-
-    /*
-     * Write the signature into result-enc.txt
-     */
-    if( ( f = fopen( "result-enc.txt", "wb+" ) ) == NULL )
-    {
-        mbedtls_printf( " failed\n  ! Could not create %s\n\n", "result-enc.txt" );
-        goto exit;
-    }
-
-    for( i = 0; i < rsa.len; i++ )
-        mbedtls_fprintf( f, "%02X%s", buf[i],
-                 ( i + 1 ) % 16 == 0 ? "\r\n" : " " );
-
-    fclose( f );
-
-    mbedtls_printf( "\n  . Done (created \"%s\")\n\n", "result-enc.txt" );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-    mbedtls_rsa_free( &rsa );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_ENTROPY_C &&
-          MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_genkey.c b/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_genkey.c
deleted file mode 100644
index 26a8925..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_genkey.c
+++ /dev/null
@@ -1,176 +0,0 @@
-/*
- *  Example RSA key generation program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_ENTROPY_C) && \
-    defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) && \
-    defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/bignum.h"
-#include "mbedtls/rsa.h"
-
-#include <stdio.h>
-#include <string.h>
-#endif
-
-#define KEY_SIZE 2048
-#define EXPONENT 65537
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) ||   \
-    !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_GENPRIME) ||      \
-    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
-           "MBEDTLS_RSA_C and/or MBEDTLS_GENPRIME and/or "
-           "MBEDTLS_FS_IO and/or MBEDTLS_CTR_DRBG_C not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-
-int main( void )
-{
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    mbedtls_rsa_context rsa;
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
-    FILE *fpub  = NULL;
-    FILE *fpriv = NULL;
-    const char *pers = "rsa_genkey";
-
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-    mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
-    mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
-    mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
-
-    mbedtls_printf( "\n  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    mbedtls_entropy_init( &entropy );
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               strlen( pers ) ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n  . Generating the RSA key [ %d-bit ]...", KEY_SIZE );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_rsa_gen_key( &rsa, mbedtls_ctr_drbg_random, &ctr_drbg, KEY_SIZE,
-                                     EXPONENT ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_rsa_gen_key returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n  . Exporting the public  key in rsa_pub.txt...." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_rsa_export    ( &rsa, &N, &P, &Q, &D, &E ) ) != 0 ||
-        ( ret = mbedtls_rsa_export_crt( &rsa, &DP, &DQ, &QP ) )      != 0 )
-    {
-        mbedtls_printf( " failed\n  ! could not export RSA parameters\n\n" );
-        goto exit;
-    }
-
-    if( ( fpub = fopen( "rsa_pub.txt", "wb+" ) ) == NULL )
-    {
-        mbedtls_printf( " failed\n  ! could not open rsa_pub.txt for writing\n\n" );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_mpi_write_file( "N = ", &N, 16, fpub ) ) != 0 ||
-        ( ret = mbedtls_mpi_write_file( "E = ", &E, 16, fpub ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_mpi_write_file returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n  . Exporting the private key in rsa_priv.txt..." );
-    fflush( stdout );
-
-    if( ( fpriv = fopen( "rsa_priv.txt", "wb+" ) ) == NULL )
-    {
-        mbedtls_printf( " failed\n  ! could not open rsa_priv.txt for writing\n" );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_mpi_write_file( "N = " , &N , 16, fpriv ) ) != 0 ||
-        ( ret = mbedtls_mpi_write_file( "E = " , &E , 16, fpriv ) ) != 0 ||
-        ( ret = mbedtls_mpi_write_file( "D = " , &D , 16, fpriv ) ) != 0 ||
-        ( ret = mbedtls_mpi_write_file( "P = " , &P , 16, fpriv ) ) != 0 ||
-        ( ret = mbedtls_mpi_write_file( "Q = " , &Q , 16, fpriv ) ) != 0 ||
-        ( ret = mbedtls_mpi_write_file( "DP = ", &DP, 16, fpriv ) ) != 0 ||
-        ( ret = mbedtls_mpi_write_file( "DQ = ", &DQ, 16, fpriv ) ) != 0 ||
-        ( ret = mbedtls_mpi_write_file( "QP = ", &QP, 16, fpriv ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_mpi_write_file returned %d\n\n", ret );
-        goto exit;
-    }
-    mbedtls_printf( " ok\n\n" );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
-    if( fpub  != NULL )
-        fclose( fpub );
-
-    if( fpriv != NULL )
-        fclose( fpriv );
-
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
-    mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );
-    mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP );
-    mbedtls_rsa_free( &rsa );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C &&
-          MBEDTLS_GENPRIME && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_sign.c b/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_sign.c
deleted file mode 100644
index c9522c8..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_sign.c
+++ /dev/null
@@ -1,192 +0,0 @@
-/*
- *  RSA/SHA-256 signature creation program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_fprintf         fprintf
-#define mbedtls_printf          printf
-#define mbedtls_snprintf        snprintf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) ||  \
-    !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \
-    !defined(MBEDTLS_FS_IO)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
-            "MBEDTLS_MD_C and/or "
-            "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-#include "mbedtls/rsa.h"
-#include "mbedtls/md.h"
-
-#include <stdio.h>
-#include <string.h>
-
-
-int main( int argc, char *argv[] )
-{
-    FILE *f;
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    size_t i;
-    mbedtls_rsa_context rsa;
-    unsigned char hash[32];
-    unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
-    char filename[512];
-    mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
-
-    mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
-    mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
-    mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
-
-    if( argc != 2 )
-    {
-        mbedtls_printf( "usage: rsa_sign <filename>\n" );
-
-#if defined(_WIN32)
-        mbedtls_printf( "\n" );
-#endif
-
-        goto exit;
-    }
-
-    mbedtls_printf( "\n  . Reading private key from rsa_priv.txt" );
-    fflush( stdout );
-
-    if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL )
-    {
-        mbedtls_printf( " failed\n  ! Could not open rsa_priv.txt\n" \
-                "  ! Please run rsa_genkey first\n\n" );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_mpi_read_file( &N , 16, f ) ) != 0 ||
-        ( ret = mbedtls_mpi_read_file( &E , 16, f ) ) != 0 ||
-        ( ret = mbedtls_mpi_read_file( &D , 16, f ) ) != 0 ||
-        ( ret = mbedtls_mpi_read_file( &P , 16, f ) ) != 0 ||
-        ( ret = mbedtls_mpi_read_file( &Q , 16, f ) ) != 0 ||
-        ( ret = mbedtls_mpi_read_file( &DP , 16, f ) ) != 0 ||
-        ( ret = mbedtls_mpi_read_file( &DQ , 16, f ) ) != 0 ||
-        ( ret = mbedtls_mpi_read_file( &QP , 16, f ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_mpi_read_file returned %d\n\n", ret );
-        fclose( f );
-        goto exit;
-    }
-    fclose( f );
-
-    if( ( ret = mbedtls_rsa_import( &rsa, &N, &P, &Q, &D, &E ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_rsa_import returned %d\n\n",
-                        ret );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_rsa_complete( &rsa ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_rsa_complete returned %d\n\n",
-                        ret );
-        goto exit;
-    }
-
-    mbedtls_printf( "\n  . Checking the private key" );
-    fflush( stdout );
-    if( ( ret = mbedtls_rsa_check_privkey( &rsa ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_rsa_check_privkey failed with -0x%0x\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-    /*
-     * Compute the SHA-256 hash of the input file,
-     * then calculate the RSA signature of the hash.
-     */
-    mbedtls_printf( "\n  . Generating the RSA/SHA-256 signature" );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_md_file(
-                    mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ),
-                    argv[1], hash ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! Could not open or read %s\n\n", argv[1] );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256,
-                                20, hash, buf ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_rsa_pkcs1_sign returned -0x%0x\n\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-    /*
-     * Write the signature into <filename>.sig
-     */
-    mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[1] );
-
-    if( ( f = fopen( filename, "wb+" ) ) == NULL )
-    {
-        mbedtls_printf( " failed\n  ! Could not create %s\n\n", argv[1] );
-        goto exit;
-    }
-
-    for( i = 0; i < rsa.len; i++ )
-        mbedtls_fprintf( f, "%02X%s", buf[i],
-                 ( i + 1 ) % 16 == 0 ? "\r\n" : " " );
-
-    fclose( f );
-
-    mbedtls_printf( "\n  . Done (created \"%s\")\n\n", filename );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
-    mbedtls_rsa_free( &rsa );
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
-    mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );
-    mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
-          MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_sign_pss.c b/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_sign_pss.c
deleted file mode 100644
index 9d5053a..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_sign_pss.c
+++ /dev/null
@@ -1,180 +0,0 @@
-/*
- *  RSASSA-PSS/SHA-256 signature creation program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_snprintf        snprintf
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_ENTROPY_C) ||  \
-    !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) ||        \
-    !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) ||    \
-    !defined(MBEDTLS_CTR_DRBG_C)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_ENTROPY_C and/or "
-           "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or "
-           "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or "
-           "MBEDTLS_CTR_DRBG_C not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/md.h"
-#include "mbedtls/rsa.h"
-#include "mbedtls/pk.h"
-
-#include <stdio.h>
-#include <string.h>
-
-
-int main( int argc, char *argv[] )
-{
-    FILE *f;
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    mbedtls_pk_context pk;
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    unsigned char hash[32];
-    unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
-    char filename[512];
-    const char *pers = "rsa_sign_pss";
-    size_t olen = 0;
-
-    mbedtls_entropy_init( &entropy );
-    mbedtls_pk_init( &pk );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-
-    if( argc != 3 )
-    {
-        mbedtls_printf( "usage: rsa_sign_pss <key_file> <filename>\n" );
-
-#if defined(_WIN32)
-        mbedtls_printf( "\n" );
-#endif
-
-        goto exit;
-    }
-
-    mbedtls_printf( "\n  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               strlen( pers ) ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( "\n  . Reading private key from '%s'", argv[1] );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! Could not read key from '%s'\n", argv[1] );
-        mbedtls_printf( "  ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret );
-        goto exit;
-    }
-
-    if( !mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) )
-    {
-        mbedtls_printf( " failed\n  ! Key is not an RSA key\n" );
-        goto exit;
-    }
-
-    mbedtls_rsa_set_padding( mbedtls_pk_rsa( pk ), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256 );
-
-    /*
-     * Compute the SHA-256 hash of the input file,
-     * then calculate the RSA signature of the hash.
-     */
-    mbedtls_printf( "\n  . Generating the RSA/SHA-256 signature" );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_md_file(
-                    mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ),
-                    argv[2], hash ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! Could not open or read %s\n\n", argv[2] );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, 0, buf, &olen,
-                         mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_pk_sign returned %d\n\n", ret );
-        goto exit;
-    }
-
-    /*
-     * Write the signature into <filename>.sig
-     */
-    mbedtls_snprintf( filename, 512, "%s.sig", argv[2] );
-
-    if( ( f = fopen( filename, "wb+" ) ) == NULL )
-    {
-        mbedtls_printf( " failed\n  ! Could not create %s\n\n", filename );
-        goto exit;
-    }
-
-    if( fwrite( buf, 1, olen, f ) != olen )
-    {
-        mbedtls_printf( "failed\n  ! fwrite failed\n\n" );
-        fclose( f );
-        goto exit;
-    }
-
-    fclose( f );
-
-    mbedtls_printf( "\n  . Done (created \"%s\")\n\n", filename );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-    mbedtls_pk_free( &pk );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C &&
-          MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
-          MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_verify.c b/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_verify.c
deleted file mode 100644
index fbc0779..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_verify.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/*
- *  RSA/SHA-256 signature verification program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf          printf
-#define mbedtls_snprintf        snprintf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) ||  \
-    !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \
-    !defined(MBEDTLS_FS_IO)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
-            "MBEDTLS_MD_C and/or "
-            "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-#include "mbedtls/rsa.h"
-#include "mbedtls/md.h"
-
-#include <stdio.h>
-#include <string.h>
-
-
-int main( int argc, char *argv[] )
-{
-    FILE *f;
-    int ret = 1;
-    unsigned c;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    size_t i;
-    mbedtls_rsa_context rsa;
-    unsigned char hash[32];
-    unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
-    char filename[512];
-
-    mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
-
-    if( argc != 2 )
-    {
-        mbedtls_printf( "usage: rsa_verify <filename>\n" );
-
-#if defined(_WIN32)
-        mbedtls_printf( "\n" );
-#endif
-
-        goto exit;
-    }
-
-    mbedtls_printf( "\n  . Reading public key from rsa_pub.txt" );
-    fflush( stdout );
-
-    if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL )
-    {
-        mbedtls_printf( " failed\n  ! Could not open rsa_pub.txt\n" \
-                "  ! Please run rsa_genkey first\n\n" );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_mpi_read_file( &rsa.N, 16, f ) ) != 0 ||
-        ( ret = mbedtls_mpi_read_file( &rsa.E, 16, f ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_mpi_read_file returned %d\n\n", ret );
-        fclose( f );
-        goto exit;
-    }
-
-    rsa.len = ( mbedtls_mpi_bitlen( &rsa.N ) + 7 ) >> 3;
-
-    fclose( f );
-
-    /*
-     * Extract the RSA signature from the text file
-     */
-    mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[1] );
-
-    if( ( f = fopen( filename, "rb" ) ) == NULL )
-    {
-        mbedtls_printf( "\n  ! Could not open %s\n\n", filename );
-        goto exit;
-    }
-
-    i = 0;
-    while( fscanf( f, "%02X", (unsigned int*) &c ) > 0 &&
-           i < (int) sizeof( buf ) )
-        buf[i++] = (unsigned char) c;
-
-    fclose( f );
-
-    if( i != rsa.len )
-    {
-        mbedtls_printf( "\n  ! Invalid RSA signature format\n\n" );
-        goto exit;
-    }
-
-    /*
-     * Compute the SHA-256 hash of the input file and
-     * verify the signature
-     */
-    mbedtls_printf( "\n  . Verifying the RSA/SHA-256 signature" );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_md_file(
-                    mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ),
-                    argv[1], hash ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! Could not open or read %s\n\n", argv[1] );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC,
-                                  MBEDTLS_MD_SHA256, 20, hash, buf ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_rsa_pkcs1_verify returned -0x%0x\n\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-    mbedtls_printf( "\n  . OK (the signature is valid)\n\n" );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
-    mbedtls_rsa_free( &rsa );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
-          MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_verify_pss.c b/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_verify_pss.c
deleted file mode 100644
index 81b0fd6..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_verify_pss.c
+++ /dev/null
@@ -1,155 +0,0 @@
-/*
- *  RSASSA-PSS/SHA-256 signature verification program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_snprintf        snprintf
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_ENTROPY_C) ||  \
-    !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) ||        \
-    !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) ||    \
-    !defined(MBEDTLS_CTR_DRBG_C)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_ENTROPY_C and/or "
-           "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or "
-           "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or "
-           "MBEDTLS_CTR_DRBG_C not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-#include "mbedtls/md.h"
-#include "mbedtls/pem.h"
-#include "mbedtls/pk.h"
-#include "mbedtls/md.h"
-
-#include <stdio.h>
-#include <string.h>
-
-
-int main( int argc, char *argv[] )
-{
-    FILE *f;
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    size_t i;
-    mbedtls_pk_context pk;
-    unsigned char hash[32];
-    unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
-    char filename[512];
-
-    mbedtls_pk_init( &pk );
-
-    if( argc != 3 )
-    {
-        mbedtls_printf( "usage: rsa_verify_pss <key_file> <filename>\n" );
-
-#if defined(_WIN32)
-        mbedtls_printf( "\n" );
-#endif
-
-        goto exit;
-    }
-
-    mbedtls_printf( "\n  . Reading public key from '%s'", argv[1] );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! Could not read key from '%s'\n", argv[1] );
-        mbedtls_printf( "  ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret );
-        goto exit;
-    }
-
-    if( !mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) )
-    {
-        mbedtls_printf( " failed\n  ! Key is not an RSA key\n" );
-        goto exit;
-    }
-
-    mbedtls_rsa_set_padding( mbedtls_pk_rsa( pk ), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256 );
-
-    /*
-     * Extract the RSA signature from the file
-     */
-    mbedtls_snprintf( filename, 512, "%s.sig", argv[2] );
-
-    if( ( f = fopen( filename, "rb" ) ) == NULL )
-    {
-        mbedtls_printf( "\n  ! Could not open %s\n\n", filename );
-        goto exit;
-    }
-
-    i = fread( buf, 1, MBEDTLS_MPI_MAX_SIZE, f );
-
-    fclose( f );
-
-    /*
-     * Compute the SHA-256 hash of the input file and
-     * verify the signature
-     */
-    mbedtls_printf( "\n  . Verifying the RSA/SHA-256 signature" );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_md_file(
-                    mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ),
-                    argv[2], hash ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! Could not open or read %s\n\n", argv[2] );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256, hash, 0,
-                           buf, i ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_pk_verify returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( "\n  . OK (the signature is valid)\n\n" );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-    mbedtls_pk_free( &pk );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
-          MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.25.0/programs/psa/crypto_examples.c b/3rdparty/mbedtls-2.25.0/programs/psa/crypto_examples.c
deleted file mode 100644
index d165d2e..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/psa/crypto_examples.c
+++ /dev/null
@@ -1,331 +0,0 @@
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "psa/crypto.h"
-#include <string.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#define ASSERT( predicate )                                                   \
-    do                                                                        \
-    {                                                                         \
-        if( ! ( predicate ) )                                                 \
-        {                                                                     \
-            printf( "\tassertion failed at %s:%d - '%s'\r\n",         \
-                    __FILE__, __LINE__, #predicate);                  \
-            goto exit;                                                        \
-        }                                                                     \
-    } while ( 0 )
-
-#define ASSERT_STATUS( actual, expected )                                     \
-    do                                                                        \
-    {                                                                         \
-        if( ( actual ) != ( expected ) )                                      \
-        {                                                                     \
-            printf( "\tassertion failed at %s:%d - "                  \
-                    "actual:%d expected:%d\r\n", __FILE__, __LINE__,  \
-                            (psa_status_t) actual, (psa_status_t) expected ); \
-            goto exit;                                                        \
-        }                                                                     \
-    } while ( 0 )
-
-#if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_AES_C) || \
-    !defined(MBEDTLS_CIPHER_MODE_CBC) || !defined(MBEDTLS_CIPHER_MODE_CTR) || \
-    !defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) || \
-    defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
-int main( void )
-{
-    printf( "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_AES_C and/or "
-            "MBEDTLS_CIPHER_MODE_CBC and/or MBEDTLS_CIPHER_MODE_CTR "
-            "and/or MBEDTLS_CIPHER_MODE_WITH_PADDING "
-            "not defined and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER"
-            " defined.\r\n" );
-    return( 0 );
-}
-#else
-
-static psa_status_t cipher_operation( psa_cipher_operation_t *operation,
-                                      const uint8_t * input,
-                                      size_t input_size,
-                                      size_t part_size,
-                                      uint8_t * output,
-                                      size_t output_size,
-                                      size_t *output_len )
-{
-    psa_status_t status;
-    size_t bytes_to_write = 0, bytes_written = 0, len = 0;
-
-    *output_len = 0;
-    while( bytes_written != input_size )
-    {
-        bytes_to_write = ( input_size - bytes_written > part_size ?
-                           part_size :
-                           input_size - bytes_written );
-
-        status = psa_cipher_update( operation, input + bytes_written,
-                                    bytes_to_write, output + *output_len,
-                                    output_size - *output_len, &len );
-        ASSERT_STATUS( status, PSA_SUCCESS );
-
-        bytes_written += bytes_to_write;
-        *output_len += len;
-    }
-
-    status = psa_cipher_finish( operation, output + *output_len,
-                                output_size - *output_len, &len );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-    *output_len += len;
-
-exit:
-    return( status );
-}
-
-static psa_status_t cipher_encrypt( psa_key_id_t key,
-                                    psa_algorithm_t alg,
-                                    uint8_t * iv,
-                                    size_t iv_size,
-                                    const uint8_t * input,
-                                    size_t input_size,
-                                    size_t part_size,
-                                    uint8_t * output,
-                                    size_t output_size,
-                                    size_t *output_len )
-{
-    psa_status_t status;
-    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
-    size_t iv_len = 0;
-
-    memset( &operation, 0, sizeof( operation ) );
-    status = psa_cipher_encrypt_setup( &operation, key, alg );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-    status = psa_cipher_generate_iv( &operation, iv, iv_size, &iv_len );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-    status = cipher_operation( &operation, input, input_size, part_size,
-                               output, output_size, output_len );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-exit:
-    psa_cipher_abort( &operation );
-    return( status );
-}
-
-static psa_status_t cipher_decrypt( psa_key_id_t key,
-                                    psa_algorithm_t alg,
-                                    const uint8_t * iv,
-                                    size_t iv_size,
-                                    const uint8_t * input,
-                                    size_t input_size,
-                                    size_t part_size,
-                                    uint8_t * output,
-                                    size_t output_size,
-                                    size_t *output_len )
-{
-    psa_status_t status;
-    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
-
-    memset( &operation, 0, sizeof( operation ) );
-    status = psa_cipher_decrypt_setup( &operation, key, alg );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-    status = psa_cipher_set_iv( &operation, iv, iv_size );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-    status = cipher_operation( &operation, input, input_size, part_size,
-                               output, output_size, output_len );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-exit:
-    psa_cipher_abort( &operation );
-    return( status );
-}
-
-static psa_status_t
-cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void )
-{
-    enum {
-        block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( PSA_KEY_TYPE_AES ),
-        key_bits = 256,
-        part_size = block_size,
-    };
-    const psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING;
-
-    psa_status_t status;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_id_t key = 0;
-    size_t output_len = 0;
-    uint8_t iv[block_size];
-    uint8_t input[block_size];
-    uint8_t encrypt[block_size];
-    uint8_t decrypt[block_size];
-
-    status = psa_generate_random( input, sizeof( input ) );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-    psa_set_key_usage_flags( &attributes,
-                             PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_AES );
-    psa_set_key_bits( &attributes, key_bits );
-
-    status = psa_generate_key( &attributes, &key );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-    status = cipher_encrypt( key, alg, iv, sizeof( iv ),
-                             input, sizeof( input ), part_size,
-                             encrypt, sizeof( encrypt ), &output_len );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-    status = cipher_decrypt( key, alg, iv, sizeof( iv ),
-                             encrypt, output_len, part_size,
-                             decrypt, sizeof( decrypt ), &output_len );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-    status = memcmp( input, decrypt, sizeof( input ) );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-exit:
-    psa_destroy_key( key );
-    return( status );
-}
-
-static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void )
-{
-    enum {
-        block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( PSA_KEY_TYPE_AES ),
-        key_bits = 256,
-        input_size = 100,
-        part_size = 10,
-    };
-
-    const psa_algorithm_t alg = PSA_ALG_CBC_PKCS7;
-
-    psa_status_t status;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_id_t key = 0;
-    size_t output_len = 0;
-    uint8_t iv[block_size], input[input_size],
-            encrypt[input_size + block_size], decrypt[input_size + block_size];
-
-    status = psa_generate_random( input, sizeof( input ) );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-    psa_set_key_usage_flags( &attributes,
-                             PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_AES );
-    psa_set_key_bits( &attributes, key_bits );
-
-    status = psa_generate_key( &attributes, &key );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-    status = cipher_encrypt( key, alg, iv, sizeof( iv ),
-                             input, sizeof( input ), part_size,
-                             encrypt, sizeof( encrypt ), &output_len );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-    status = cipher_decrypt( key, alg, iv, sizeof( iv ),
-                             encrypt, output_len, part_size,
-                             decrypt, sizeof( decrypt ), &output_len );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-    status = memcmp( input, decrypt, sizeof( input ) );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-exit:
-    psa_destroy_key( key );
-    return( status );
-}
-
-static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void )
-{
-    enum {
-        block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( PSA_KEY_TYPE_AES ),
-        key_bits = 256,
-        input_size = 100,
-        part_size = 10,
-    };
-    const psa_algorithm_t alg = PSA_ALG_CTR;
-
-    psa_status_t status;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_id_t key = 0;
-    size_t output_len = 0;
-    uint8_t iv[block_size], input[input_size], encrypt[input_size],
-            decrypt[input_size];
-
-    status = psa_generate_random( input, sizeof( input ) );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-    psa_set_key_usage_flags( &attributes,
-                             PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_AES );
-    psa_set_key_bits( &attributes, key_bits );
-
-    status = psa_generate_key( &attributes, &key );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-    status = cipher_encrypt( key, alg, iv, sizeof( iv ),
-                             input, sizeof( input ), part_size,
-                             encrypt, sizeof( encrypt ), &output_len );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-    status = cipher_decrypt( key, alg, iv, sizeof( iv ),
-                             encrypt, output_len, part_size,
-                             decrypt, sizeof( decrypt ), &output_len );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-    status = memcmp( input, decrypt, sizeof( input ) );
-    ASSERT_STATUS( status, PSA_SUCCESS );
-
-exit:
-    psa_destroy_key( key );
-    return( status );
-}
-
-static void cipher_examples( void )
-{
-    psa_status_t status;
-
-    printf( "cipher encrypt/decrypt AES CBC no padding:\r\n" );
-    status = cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( );
-    if( status == PSA_SUCCESS )
-        printf( "\tsuccess!\r\n" );
-
-    printf( "cipher encrypt/decrypt AES CBC PKCS7 multipart:\r\n" );
-    status = cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( );
-    if( status == PSA_SUCCESS )
-        printf( "\tsuccess!\r\n" );
-
-    printf( "cipher encrypt/decrypt AES CTR multipart:\r\n" );
-    status = cipher_example_encrypt_decrypt_aes_ctr_multi( );
-    if( status == PSA_SUCCESS )
-        printf( "\tsuccess!\r\n" );
-}
-
-int main( void )
-{
-    ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-    cipher_examples( );
-exit:
-    mbedtls_psa_crypto_free( );
-    return( 0 );
-}
-#endif /* MBEDTLS_PSA_CRYPTO_C && MBEDTLS_AES_C && MBEDTLS_CIPHER_MODE_CBC &&
-          MBEDTLS_CIPHER_MODE_CTR && MBEDTLS_CIPHER_MODE_WITH_PADDING */
diff --git a/3rdparty/mbedtls-2.25.0/programs/psa/key_ladder_demo.c b/3rdparty/mbedtls-2.25.0/programs/psa/key_ladder_demo.c
deleted file mode 100644
index 47d5de6..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/psa/key_ladder_demo.c
+++ /dev/null
@@ -1,698 +0,0 @@
-/**
- * PSA API key derivation demonstration
- *
- * This program calculates a key ladder: a chain of secret material, each
- * derived from the previous one in a deterministic way based on a label.
- * Two keys are identical if and only if they are derived from the same key
- * using the same label.
- *
- * The initial key is called the master key. The master key is normally
- * randomly generated, but it could itself be derived from another key.
- *
- * This program derives a series of keys called intermediate keys.
- * The first intermediate key is derived from the master key using the
- * first label passed on the command line. Each subsequent intermediate
- * key is derived from the previous one using the next label passed
- * on the command line.
- *
- * This program has four modes of operation:
- *
- * - "generate": generate a random master key.
- * - "wrap": derive a wrapping key from the last intermediate key,
- *           and use that key to encrypt-and-authenticate some data.
- * - "unwrap": derive a wrapping key from the last intermediate key,
- *             and use that key to decrypt-and-authenticate some
- *             ciphertext created by wrap mode.
- * - "save": save the last intermediate key so that it can be reused as
- *           the master key in another run of the program.
- *
- * See the usage() output for the command line usage. See the file
- * `key_ladder_demo.sh` for an example run.
- */
-
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/* First include Mbed TLS headers to get the Mbed TLS configuration and
- * platform definitions that we'll use in this program. Also include
- * standard C headers for functions we'll use here. */
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-
-#include "mbedtls/platform_util.h" // for mbedtls_platform_zeroize
-
-#include <psa/crypto.h>
-
-/* If the build options we need are not enabled, compile a placeholder. */
-#if !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) ||      \
-    !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CCM_C) ||        \
-    !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO) || \
-    defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
-int main( void )
-{
-    printf( "MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or "
-            "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or "
-            "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO "
-            "not defined and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER "
-            "defined.\n" );
-    return( 0 );
-}
-#else
-
-/* The real program starts here. */
-
-/* Run a system function and bail out if it fails. */
-#define SYS_CHECK( expr )                                       \
-    do                                                          \
-    {                                                           \
-        if( ! ( expr ) )                                        \
-        {                                                       \
-            perror( #expr );                                    \
-            status = DEMO_ERROR;                                \
-            goto exit;                                          \
-        }                                                       \
-    }                                                           \
-    while( 0 )
-
-/* Run a PSA function and bail out if it fails. */
-#define PSA_CHECK( expr )                                       \
-    do                                                          \
-    {                                                           \
-        status = ( expr );                                      \
-        if( status != PSA_SUCCESS )                             \
-        {                                                       \
-            printf( "Error %d at line %d: %s\n",                \
-                    (int) status,                               \
-                    __LINE__,                                   \
-                    #expr );                                    \
-            goto exit;                                          \
-        }                                                       \
-    }                                                           \
-    while( 0 )
-
-/* To report operational errors in this program, use an error code that is
- * different from every PSA error code. */
-#define DEMO_ERROR 120
-
-/* The maximum supported key ladder depth. */
-#define MAX_LADDER_DEPTH 10
-
-/* Salt to use when deriving an intermediate key. */
-#define DERIVE_KEY_SALT ( (uint8_t *) "key_ladder_demo.derive" )
-#define DERIVE_KEY_SALT_LENGTH ( strlen( (const char*) DERIVE_KEY_SALT ) )
-
-/* Salt to use when deriving a wrapping key. */
-#define WRAPPING_KEY_SALT ( (uint8_t *) "key_ladder_demo.wrap" )
-#define WRAPPING_KEY_SALT_LENGTH ( strlen( (const char*) WRAPPING_KEY_SALT ) )
-
-/* Size of the key derivation keys (applies both to the master key and
- * to intermediate keys). */
-#define KEY_SIZE_BYTES 40
-
-/* Algorithm for key derivation. */
-#define KDF_ALG PSA_ALG_HKDF( PSA_ALG_SHA_256 )
-
-/* Type and size of the key used to wrap data. */
-#define WRAPPING_KEY_TYPE PSA_KEY_TYPE_AES
-#define WRAPPING_KEY_BITS 128
-
-/* Cipher mode used to wrap data. */
-#define WRAPPING_ALG PSA_ALG_CCM
-
-/* Nonce size used to wrap data. */
-#define WRAPPING_IV_SIZE 13
-
-/* Header used in files containing wrapped data. We'll save this header
- * directly without worrying about data representation issues such as
- * integer sizes and endianness, because the data is meant to be read
- * back by the same program on the same machine. */
-#define WRAPPED_DATA_MAGIC "key_ladder_demo" // including trailing null byte
-#define WRAPPED_DATA_MAGIC_LENGTH ( sizeof( WRAPPED_DATA_MAGIC ) )
-typedef struct
-{
-    char magic[WRAPPED_DATA_MAGIC_LENGTH];
-    size_t ad_size; /* Size of the additional data, which is this header. */
-    size_t payload_size; /* Size of the encrypted data. */
-    /* Store the IV inside the additional data. It's convenient. */
-    uint8_t iv[WRAPPING_IV_SIZE];
-} wrapped_data_header_t;
-
-/* The modes that this program can operate in (see usage). */
-enum program_mode
-{
-    MODE_GENERATE,
-    MODE_SAVE,
-    MODE_UNWRAP,
-    MODE_WRAP
-};
-
-/* Save a key to a file. In the real world, you may want to export a derived
- * key sometimes, to share it with another party. */
-static psa_status_t save_key( psa_key_id_t key,
-                              const char *output_file_name )
-{
-    psa_status_t status = PSA_SUCCESS;
-    uint8_t key_data[KEY_SIZE_BYTES];
-    size_t key_size;
-    FILE *key_file = NULL;
-
-    PSA_CHECK( psa_export_key( key,
-                               key_data, sizeof( key_data ),
-                               &key_size ) );
-    SYS_CHECK( ( key_file = fopen( output_file_name, "wb" ) ) != NULL );
-    SYS_CHECK( fwrite( key_data, 1, key_size, key_file ) == key_size );
-    SYS_CHECK( fclose( key_file ) == 0 );
-    key_file = NULL;
-
-exit:
-    if( key_file != NULL)
-        fclose( key_file );
-    return( status );
-}
-
-/* Generate a master key for use in this demo.
- *
- * Normally a master key would be non-exportable. For the purpose of this
- * demo, we want to save it to a file, to avoid relying on the keystore
- * capability of the PSA crypto library. */
-static psa_status_t generate( const char *key_file_name )
-{
-    psa_status_t status = PSA_SUCCESS;
-    psa_key_id_t key = 0;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    psa_set_key_usage_flags( &attributes,
-                             PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT );
-    psa_set_key_algorithm( &attributes, KDF_ALG );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE );
-    psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ) );
-
-    PSA_CHECK( psa_generate_key( &attributes, &key ) );
-
-    PSA_CHECK( save_key( key, key_file_name ) );
-
-exit:
-    (void) psa_destroy_key( key );
-    return( status );
-}
-
-/* Load the master key from a file.
- *
- * In the real world, this master key would be stored in an internal memory
- * and the storage would be managed by the keystore capability of the PSA
- * crypto library. */
-static psa_status_t import_key_from_file( psa_key_usage_t usage,
-                                          psa_algorithm_t alg,
-                                          const char *key_file_name,
-                                          psa_key_id_t *master_key )
-{
-    psa_status_t status = PSA_SUCCESS;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    uint8_t key_data[KEY_SIZE_BYTES];
-    size_t key_size;
-    FILE *key_file = NULL;
-    unsigned char extra_byte;
-
-    SYS_CHECK( ( key_file = fopen( key_file_name, "rb" ) ) != NULL );
-    SYS_CHECK( ( key_size = fread( key_data, 1, sizeof( key_data ),
-                                   key_file ) ) != 0 );
-    if( fread( &extra_byte, 1, 1, key_file ) != 0 )
-    {
-        printf( "Key file too large (max: %u).\n",
-                (unsigned) sizeof( key_data ) );
-        status = DEMO_ERROR;
-        goto exit;
-    }
-    SYS_CHECK( fclose( key_file ) == 0 );
-    key_file = NULL;
-
-    psa_set_key_usage_flags( &attributes, usage );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE );
-    PSA_CHECK( psa_import_key( &attributes, key_data, key_size, master_key ) );
-exit:
-    if( key_file != NULL )
-        fclose( key_file );
-    mbedtls_platform_zeroize( key_data, sizeof( key_data ) );
-    if( status != PSA_SUCCESS )
-    {
-        /* If the key creation hasn't happened yet or has failed,
-         * *master_key is null. psa_destroy_key( 0 ) is
-         * guaranteed to do nothing and return PSA_SUCCESS. */
-        (void) psa_destroy_key( *master_key );
-        *master_key = 0;
-    }
-    return( status );
-}
-
-/* Derive the intermediate keys, using the list of labels provided on
- * the command line. On input, *key is the master key identifier.
- * This function destroys the master key. On successful output, *key
- * is the identifier of the final derived key.
- */
-static psa_status_t derive_key_ladder( const char *ladder[],
-                                       size_t ladder_depth,
-                                       psa_key_id_t *key )
-{
-    psa_status_t status = PSA_SUCCESS;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-    size_t i;
-
-    psa_set_key_usage_flags( &attributes,
-                             PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT );
-    psa_set_key_algorithm( &attributes, KDF_ALG );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE );
-    psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ) );
-
-    /* For each label in turn, ... */
-    for( i = 0; i < ladder_depth; i++ )
-    {
-        /* Start deriving material from the master key (if i=0) or from
-         * the current intermediate key (if i>0). */
-        PSA_CHECK( psa_key_derivation_setup( &operation, KDF_ALG ) );
-        PSA_CHECK( psa_key_derivation_input_bytes(
-                       &operation, PSA_KEY_DERIVATION_INPUT_SALT,
-                       DERIVE_KEY_SALT, DERIVE_KEY_SALT_LENGTH ) );
-        PSA_CHECK( psa_key_derivation_input_key(
-                       &operation, PSA_KEY_DERIVATION_INPUT_SECRET,
-                       *key ) );
-        PSA_CHECK( psa_key_derivation_input_bytes(
-                       &operation, PSA_KEY_DERIVATION_INPUT_INFO,
-                       (uint8_t*) ladder[i], strlen( ladder[i] ) ) );
-        /* When the parent key is not the master key, destroy it,
-         * since it is no longer needed. */
-        PSA_CHECK( psa_destroy_key( *key ) );
-        *key = 0;
-        /* Derive the next intermediate key from the parent key. */
-        PSA_CHECK( psa_key_derivation_output_key( &attributes, &operation,
-                                                  key ) );
-        PSA_CHECK( psa_key_derivation_abort( &operation ) );
-    }
-
-exit:
-    psa_key_derivation_abort( &operation );
-    if( status != PSA_SUCCESS )
-    {
-        psa_destroy_key( *key );
-        *key = 0;
-    }
-    return( status );
-}
-
-/* Derive a wrapping key from the last intermediate key. */
-static psa_status_t derive_wrapping_key( psa_key_usage_t usage,
-                                         psa_key_id_t derived_key,
-                                         psa_key_id_t *wrapping_key )
-{
-    psa_status_t status = PSA_SUCCESS;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-
-    *wrapping_key = 0;
-
-    /* Set up a key derivation operation from the key derived from
-     * the master key. */
-    PSA_CHECK( psa_key_derivation_setup( &operation, KDF_ALG ) );
-    PSA_CHECK( psa_key_derivation_input_bytes(
-                   &operation, PSA_KEY_DERIVATION_INPUT_SALT,
-                   WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH ) );
-    PSA_CHECK( psa_key_derivation_input_key(
-                   &operation, PSA_KEY_DERIVATION_INPUT_SECRET,
-                   derived_key ) );
-    PSA_CHECK( psa_key_derivation_input_bytes(
-                   &operation, PSA_KEY_DERIVATION_INPUT_INFO,
-                   NULL, 0 ) );
-
-    /* Create the wrapping key. */
-    psa_set_key_usage_flags( &attributes, usage );
-    psa_set_key_algorithm( &attributes, WRAPPING_ALG );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_AES );
-    psa_set_key_bits( &attributes, WRAPPING_KEY_BITS );
-    PSA_CHECK( psa_key_derivation_output_key( &attributes, &operation,
-                                              wrapping_key ) );
-
-exit:
-    psa_key_derivation_abort( &operation );
-    return( status );
-}
-
-static psa_status_t wrap_data( const char *input_file_name,
-                               const char *output_file_name,
-                               psa_key_id_t wrapping_key )
-{
-    psa_status_t status;
-    FILE *input_file = NULL;
-    FILE *output_file = NULL;
-    long input_position;
-    size_t input_size;
-    size_t buffer_size = 0;
-    unsigned char *buffer = NULL;
-    size_t ciphertext_size;
-    wrapped_data_header_t header;
-
-    /* Find the size of the data to wrap. */
-    SYS_CHECK( ( input_file = fopen( input_file_name, "rb" ) ) != NULL );
-    SYS_CHECK( fseek( input_file, 0, SEEK_END ) == 0 );
-    SYS_CHECK( ( input_position = ftell( input_file ) ) != -1 );
-#if LONG_MAX > SIZE_MAX
-    if( input_position > SIZE_MAX )
-    {
-        printf( "Input file too large.\n" );
-        status = DEMO_ERROR;
-        goto exit;
-    }
-#endif
-    input_size = input_position;
-    buffer_size = PSA_AEAD_ENCRYPT_OUTPUT_SIZE( WRAPPING_ALG, input_size );
-    /* Check for integer overflow. */
-    if( buffer_size < input_size )
-    {
-        printf( "Input file too large.\n" );
-        status = DEMO_ERROR;
-        goto exit;
-    }
-
-    /* Load the data to wrap. */
-    SYS_CHECK( fseek( input_file, 0, SEEK_SET ) == 0 );
-    SYS_CHECK( ( buffer = calloc( 1, buffer_size ) ) != NULL );
-    SYS_CHECK( fread( buffer, 1, input_size, input_file ) == input_size );
-    SYS_CHECK( fclose( input_file ) == 0 );
-    input_file = NULL;
-
-    /* Construct a header. */
-    memcpy( &header.magic, WRAPPED_DATA_MAGIC, WRAPPED_DATA_MAGIC_LENGTH );
-    header.ad_size = sizeof( header );
-    header.payload_size = input_size;
-
-    /* Wrap the data. */
-    PSA_CHECK( psa_generate_random( header.iv, WRAPPING_IV_SIZE ) );
-    PSA_CHECK( psa_aead_encrypt( wrapping_key, WRAPPING_ALG,
-                                 header.iv, WRAPPING_IV_SIZE,
-                                 (uint8_t *) &header, sizeof( header ),
-                                 buffer, input_size,
-                                 buffer, buffer_size,
-                                 &ciphertext_size ) );
-
-    /* Write the output. */
-    SYS_CHECK( ( output_file = fopen( output_file_name, "wb" ) ) != NULL );
-    SYS_CHECK( fwrite( &header, 1, sizeof( header ),
-                       output_file ) == sizeof( header ) );
-    SYS_CHECK( fwrite( buffer, 1, ciphertext_size,
-                       output_file ) == ciphertext_size );
-    SYS_CHECK( fclose( output_file ) == 0 );
-    output_file = NULL;
-
-exit:
-    if( input_file != NULL )
-        fclose( input_file );
-    if( output_file != NULL )
-        fclose( output_file );
-    if( buffer != NULL )
-        mbedtls_platform_zeroize( buffer, buffer_size );
-    free( buffer );
-    return( status );
-}
-
-static psa_status_t unwrap_data( const char *input_file_name,
-                                 const char *output_file_name,
-                                 psa_key_id_t wrapping_key )
-{
-    psa_status_t status;
-    FILE *input_file = NULL;
-    FILE *output_file = NULL;
-    unsigned char *buffer = NULL;
-    size_t ciphertext_size = 0;
-    size_t plaintext_size;
-    wrapped_data_header_t header;
-    unsigned char extra_byte;
-
-    /* Load and validate the header. */
-    SYS_CHECK( ( input_file = fopen( input_file_name, "rb" ) ) != NULL );
-    SYS_CHECK( fread( &header, 1, sizeof( header ),
-                      input_file ) == sizeof( header ) );
-    if( memcmp( &header.magic, WRAPPED_DATA_MAGIC,
-                WRAPPED_DATA_MAGIC_LENGTH ) != 0 )
-    {
-        printf( "The input does not start with a valid magic header.\n" );
-        status = DEMO_ERROR;
-        goto exit;
-    }
-    if( header.ad_size != sizeof( header ) )
-    {
-        printf( "The header size is not correct.\n" );
-        status = DEMO_ERROR;
-        goto exit;
-    }
-    ciphertext_size =
-        PSA_AEAD_ENCRYPT_OUTPUT_SIZE( WRAPPING_ALG, header.payload_size );
-    /* Check for integer overflow. */
-    if( ciphertext_size < header.payload_size )
-    {
-        printf( "Input file too large.\n" );
-        status = DEMO_ERROR;
-        goto exit;
-    }
-
-    /* Load the payload data. */
-    SYS_CHECK( ( buffer = calloc( 1, ciphertext_size ) ) != NULL );
-    SYS_CHECK( fread( buffer, 1, ciphertext_size,
-                      input_file ) == ciphertext_size );
-    if( fread( &extra_byte, 1, 1, input_file ) != 0 )
-    {
-        printf( "Extra garbage after ciphertext\n" );
-        status = DEMO_ERROR;
-        goto exit;
-    }
-    SYS_CHECK( fclose( input_file ) == 0 );
-    input_file = NULL;
-
-    /* Unwrap the data. */
-    PSA_CHECK( psa_aead_decrypt( wrapping_key, WRAPPING_ALG,
-                                 header.iv, WRAPPING_IV_SIZE,
-                                 (uint8_t *) &header, sizeof( header ),
-                                 buffer, ciphertext_size,
-                                 buffer, ciphertext_size,
-                                 &plaintext_size ) );
-    if( plaintext_size != header.payload_size )
-    {
-        printf( "Incorrect payload size in the header.\n" );
-        status = DEMO_ERROR;
-        goto exit;
-    }
-
-    /* Write the output. */
-    SYS_CHECK( ( output_file = fopen( output_file_name, "wb" ) ) != NULL );
-    SYS_CHECK( fwrite( buffer, 1, plaintext_size,
-                       output_file ) == plaintext_size );
-    SYS_CHECK( fclose( output_file ) == 0 );
-    output_file = NULL;
-
-exit:
-    if( input_file != NULL )
-        fclose( input_file );
-    if( output_file != NULL )
-        fclose( output_file );
-    if( buffer != NULL )
-        mbedtls_platform_zeroize( buffer, ciphertext_size );
-    free( buffer );
-    return( status );
-}
-
-static psa_status_t run( enum program_mode mode,
-                         const char *key_file_name,
-                         const char *ladder[], size_t ladder_depth,
-                         const char *input_file_name,
-                         const char *output_file_name )
-{
-    psa_status_t status = PSA_SUCCESS;
-    psa_key_id_t derivation_key = 0;
-    psa_key_id_t wrapping_key = 0;
-
-    /* Initialize the PSA crypto library. */
-    PSA_CHECK( psa_crypto_init( ) );
-
-    /* Generate mode is unlike the others. Generate the master key and exit. */
-    if( mode == MODE_GENERATE )
-        return( generate( key_file_name ) );
-
-    /* Read the master key. */
-    PSA_CHECK( import_key_from_file( PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT,
-                                     KDF_ALG,
-                                     key_file_name,
-                                     &derivation_key ) );
-
-    /* Calculate the derived key for this session. */
-    PSA_CHECK( derive_key_ladder( ladder, ladder_depth,
-                                  &derivation_key ) );
-
-    switch( mode )
-    {
-        case MODE_SAVE:
-            PSA_CHECK( save_key( derivation_key, output_file_name ) );
-            break;
-        case MODE_UNWRAP:
-            PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_DECRYPT,
-                                            derivation_key,
-                                            &wrapping_key ) );
-            PSA_CHECK( unwrap_data( input_file_name, output_file_name,
-                                    wrapping_key ) );
-            break;
-        case MODE_WRAP:
-            PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_ENCRYPT,
-                                            derivation_key,
-                                            &wrapping_key ) );
-            PSA_CHECK( wrap_data( input_file_name, output_file_name,
-                                  wrapping_key ) );
-            break;
-        default:
-            /* Unreachable but some compilers don't realize it. */
-            break;
-    }
-
-exit:
-    /* Destroy any remaining key. Deinitializing the crypto library would do
-     * this anyway since they are volatile keys, but explicitly destroying
-     * keys makes the code easier to reuse. */
-    (void) psa_destroy_key( derivation_key );
-    (void) psa_destroy_key( wrapping_key );
-    /* Deinitialize the PSA crypto library. */
-    mbedtls_psa_crypto_free( );
-    return( status );
-}
-
-static void usage( void )
-{
-    printf( "Usage: key_ladder_demo MODE [OPTION=VALUE]...\n" );
-    printf( "Demonstrate the usage of a key derivation ladder.\n" );
-    printf( "\n" );
-    printf( "Modes:\n" );
-    printf( "  generate  Generate the master key\n" );
-    printf( "  save      Save the derived key\n" );
-    printf( "  unwrap    Unwrap (decrypt) input with the derived key\n" );
-    printf( "  wrap      Wrap (encrypt) input with the derived key\n" );
-    printf( "\n" );
-    printf( "Options:\n" );
-    printf( "  input=FILENAME    Input file (required for wrap/unwrap)\n" );
-    printf( "  master=FILENAME   File containing the master key (default: master.key)\n" );
-    printf( "  output=FILENAME   Output file (required for save/wrap/unwrap)\n" );
-    printf( "  label=TEXT        Label for the key derivation.\n" );
-    printf( "                    This may be repeated multiple times.\n" );
-    printf( "                    To get the same key, you must use the same master key\n" );
-    printf( "                    and the same sequence of labels.\n" );
-}
-
-int main( int argc, char *argv[] )
-{
-    const char *key_file_name = "master.key";
-    const char *input_file_name = NULL;
-    const char *output_file_name = NULL;
-    const char *ladder[MAX_LADDER_DEPTH];
-    size_t ladder_depth = 0;
-    int i;
-    enum program_mode mode;
-    psa_status_t status;
-
-    if( argc <= 1 ||
-        strcmp( argv[1], "help" ) == 0 ||
-        strcmp( argv[1], "-help" ) == 0 ||
-        strcmp( argv[1], "--help" ) == 0 )
-    {
-        usage( );
-        return( EXIT_SUCCESS );
-    }
-
-    for( i = 2; i < argc; i++ )
-    {
-        char *q = strchr( argv[i], '=' );
-        if( q == NULL )
-        {
-            printf( "Missing argument to option %s\n", argv[i] );
-            goto usage_failure;
-        }
-        *q = 0;
-        ++q;
-        if( strcmp( argv[i], "input" ) == 0 )
-            input_file_name = q;
-        else if( strcmp( argv[i], "label" ) == 0 )
-        {
-            if( ladder_depth == MAX_LADDER_DEPTH )
-            {
-                printf( "Maximum ladder depth %u exceeded.\n",
-                                (unsigned) MAX_LADDER_DEPTH );
-                return( EXIT_FAILURE );
-            }
-            ladder[ladder_depth] = q;
-            ++ladder_depth;
-        }
-        else if( strcmp( argv[i], "master" ) == 0 )
-            key_file_name = q;
-        else if( strcmp( argv[i], "output" ) == 0 )
-            output_file_name = q;
-        else
-        {
-            printf( "Unknown option: %s\n", argv[i] );
-            goto usage_failure;
-        }
-    }
-
-    if( strcmp( argv[1], "generate" ) == 0 )
-        mode = MODE_GENERATE;
-    else if( strcmp( argv[1], "save" ) == 0 )
-        mode = MODE_SAVE;
-    else if( strcmp( argv[1], "unwrap" ) == 0 )
-        mode = MODE_UNWRAP;
-    else if( strcmp( argv[1], "wrap" ) == 0 )
-        mode = MODE_WRAP;
-    else
-    {
-        printf( "Unknown action: %s\n", argv[1] );
-        goto usage_failure;
-    }
-
-    if( input_file_name == NULL &&
-        ( mode == MODE_WRAP || mode == MODE_UNWRAP ) )
-    {
-        printf( "Required argument missing: input\n" );
-        return( DEMO_ERROR );
-    }
-    if( output_file_name == NULL &&
-        ( mode == MODE_SAVE || mode == MODE_WRAP || mode == MODE_UNWRAP ) )
-    {
-        printf( "Required argument missing: output\n" );
-        return( DEMO_ERROR );
-    }
-
-    status = run( mode, key_file_name,
-                  ladder, ladder_depth,
-                  input_file_name, output_file_name );
-    return( status == PSA_SUCCESS ?
-            EXIT_SUCCESS :
-            EXIT_FAILURE );
-
-usage_failure:
-    usage( );
-    return( EXIT_FAILURE );
-}
-#endif /* MBEDTLS_SHA256_C && MBEDTLS_MD_C && MBEDTLS_AES_C && MBEDTLS_CCM_C && MBEDTLS_PSA_CRYPTO_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.25.0/programs/psa/key_ladder_demo.sh b/3rdparty/mbedtls-2.25.0/programs/psa/key_ladder_demo.sh
deleted file mode 100644
index 67de085..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/psa/key_ladder_demo.sh
+++ /dev/null
@@ -1,65 +0,0 @@
-#!/bin/sh
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-set -e -u
-
-program="${0%/*}"/key_ladder_demo
-files_to_clean=
-
-run () {
-    echo
-    echo "# $1"
-    shift
-    echo "+ $*"
-    "$@"
-}
-
-if [ -e master.key ]; then
-    echo "# Reusing the existing master.key file."
-else
-    files_to_clean="$files_to_clean master.key"
-    run "Generate a master key." \
-        "$program" generate master=master.key
-fi
-
-files_to_clean="$files_to_clean input.txt hello_world.wrap"
-echo "Here is some input. See it wrapped." >input.txt
-run "Derive a key and wrap some data with it." \
-    "$program" wrap master=master.key label=hello label=world \
-               input=input.txt output=hello_world.wrap
-
-files_to_clean="$files_to_clean hello_world.txt"
-run "Derive the same key again and unwrap the data." \
-    "$program" unwrap master=master.key label=hello label=world \
-               input=hello_world.wrap output=hello_world.txt
-run "Compare the unwrapped data with the original input." \
-    cmp input.txt hello_world.txt
-
-files_to_clean="$files_to_clean hellow_orld.txt"
-! run "Derive a different key and attempt to unwrap the data. This must fail." \
-  "$program" unwrap master=master.key input=hello_world.wrap output=hellow_orld.txt label=hellow label=orld
-
-files_to_clean="$files_to_clean hello.key"
-run "Save the first step of the key ladder, then load it as a master key and construct the rest of the ladder." \
-    "$program" save master=master.key label=hello \
-               input=hello_world.wrap output=hello.key
-run "Check that we get the same key by unwrapping data made by the other key." \
-    "$program" unwrap master=hello.key label=world \
-               input=hello_world.wrap output=hello_world.txt
-
-# Cleanup
-rm -f $files_to_clean
diff --git a/3rdparty/mbedtls-2.25.0/programs/random/gen_entropy.c b/3rdparty/mbedtls-2.25.0/programs/random/gen_entropy.c
deleted file mode 100644
index 0f27aaa..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/random/gen_entropy.c
+++ /dev/null
@@ -1,102 +0,0 @@
-/**
- *  \brief Use and generate multiple entropies calls into a file
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_fprintf         fprintf
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_FS_IO)
-#include "mbedtls/entropy.h"
-
-#include <stdio.h>
-#endif
-
-#if !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_FS_IO)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-
-int main( int argc, char *argv[] )
-{
-    FILE *f;
-    int i, k, ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    mbedtls_entropy_context entropy;
-    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
-
-    if( argc < 2 )
-    {
-        mbedtls_fprintf( stderr, "usage: %s <output filename>\n", argv[0] );
-        mbedtls_exit( exit_code );
-    }
-
-    if( ( f = fopen( argv[1], "wb+" ) ) == NULL )
-    {
-        mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] );
-        mbedtls_exit( exit_code );
-    }
-
-    mbedtls_entropy_init( &entropy );
-
-    for( i = 0, k = 768; i < k; i++ )
-    {
-        ret = mbedtls_entropy_func( &entropy, buf, sizeof( buf ) );
-        if( ret != 0 )
-        {
-            mbedtls_printf( "  failed\n  !  mbedtls_entropy_func returned -%04X\n",
-                            (unsigned int) ret );
-            goto cleanup;
-        }
-
-        fwrite( buf, 1, sizeof( buf ), f );
-
-        mbedtls_printf( "Generating %ldkb of data in file '%s'... %04.1f" \
-                "%% done\r", (long)(sizeof(buf) * k / 1024), argv[1], (100 * (float) (i + 1)) / k );
-        fflush( stdout );
-    }
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-cleanup:
-    mbedtls_printf( "\n" );
-
-    fclose( f );
-    mbedtls_entropy_free( &entropy );
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_ENTROPY_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/random/gen_random_ctr_drbg.c b/3rdparty/mbedtls-2.25.0/programs/random/gen_random_ctr_drbg.c
deleted file mode 100644
index 158a312..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/random/gen_random_ctr_drbg.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/**
- *  \brief Use and generate random data into a file via the CTR_DBRG based on AES
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_fprintf         fprintf
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_CTR_DRBG_C) && defined(MBEDTLS_ENTROPY_C) && \
- defined(MBEDTLS_FS_IO)
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <stdio.h>
-#endif
-
-#if !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_ENTROPY_C) || \
- !defined(MBEDTLS_FS_IO)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-
-int main( int argc, char *argv[] )
-{
-    FILE *f;
-    int i, k, ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_entropy_context entropy;
-    unsigned char buf[1024];
-
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-
-    if( argc < 2 )
-    {
-        mbedtls_fprintf( stderr, "usage: %s <output filename>\n", argv[0] );
-        mbedtls_exit( exit_code );
-    }
-
-    if( ( f = fopen( argv[1], "wb+" ) ) == NULL )
-    {
-        mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] );
-        mbedtls_exit( exit_code );
-    }
-
-    mbedtls_entropy_init( &entropy );
-    ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) "RANDOM_GEN", 10 );
-    if( ret != 0 )
-    {
-        mbedtls_printf( "failed in mbedtls_ctr_drbg_seed: %d\n", ret );
-        goto cleanup;
-    }
-    mbedtls_ctr_drbg_set_prediction_resistance( &ctr_drbg, MBEDTLS_CTR_DRBG_PR_OFF );
-
-#if defined(MBEDTLS_FS_IO)
-    ret = mbedtls_ctr_drbg_update_seed_file( &ctr_drbg, "seedfile" );
-
-    if( ret == MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR )
-    {
-        mbedtls_printf( "Failed to open seedfile. Generating one.\n" );
-        ret = mbedtls_ctr_drbg_write_seed_file( &ctr_drbg, "seedfile" );
-        if( ret != 0 )
-        {
-            mbedtls_printf( "failed in mbedtls_ctr_drbg_write_seed_file: %d\n", ret );
-            goto cleanup;
-        }
-    }
-    else if( ret != 0 )
-    {
-        mbedtls_printf( "failed in mbedtls_ctr_drbg_update_seed_file: %d\n", ret );
-        goto cleanup;
-    }
-#endif
-
-    for( i = 0, k = 768; i < k; i++ )
-    {
-        ret = mbedtls_ctr_drbg_random( &ctr_drbg, buf, sizeof( buf ) );
-        if( ret != 0 )
-        {
-            mbedtls_printf("failed!\n");
-            goto cleanup;
-        }
-
-        fwrite( buf, 1, sizeof( buf ), f );
-
-        mbedtls_printf( "Generating %ldkb of data in file '%s'... %04.1f" \
-                "%% done\r", (long)(sizeof(buf) * k / 1024), argv[1], (100 * (float) (i + 1)) / k );
-        fflush( stdout );
-    }
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-cleanup:
-    mbedtls_printf("\n");
-
-    fclose( f );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_CTR_DRBG_C && MBEDTLS_ENTROPY_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/random/gen_random_havege.c b/3rdparty/mbedtls-2.25.0/programs/random/gen_random_havege.c
deleted file mode 100644
index ccca7f3..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/random/gen_random_havege.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/**
- *  \brief Generate random data into a file
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_fprintf         fprintf
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_HAVEGE_C) && defined(MBEDTLS_FS_IO)
-#include "mbedtls/havege.h"
-
-#include <stdio.h>
-#include <time.h>
-#endif
-
-#if !defined(MBEDTLS_HAVEGE_C) || !defined(MBEDTLS_FS_IO)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_HAVEGE_C not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-
-int main( int argc, char *argv[] )
-{
-    FILE *f;
-    time_t t;
-    int i, k, ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    mbedtls_havege_state hs;
-    unsigned char buf[1024];
-
-    if( argc < 2 )
-    {
-        mbedtls_fprintf( stderr, "usage: %s <output filename>\n", argv[0] );
-        mbedtls_exit( exit_code );
-    }
-
-    if( ( f = fopen( argv[1], "wb+" ) ) == NULL )
-    {
-        mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] );
-        mbedtls_exit( exit_code );
-    }
-
-    mbedtls_havege_init( &hs );
-
-    t = time( NULL );
-
-    for( i = 0, k = 768; i < k; i++ )
-    {
-        if( ( ret = mbedtls_havege_random( &hs, buf, sizeof( buf ) ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_havege_random returned -0x%04X",
-                            -ret );
-            goto exit;
-        }
-
-        fwrite( buf, sizeof( buf ), 1, f );
-
-        mbedtls_printf( "Generating %ldkb of data in file '%s'... %04.1f" \
-                "%% done\r", (long)(sizeof(buf) * k / 1024), argv[1], (100 * (float) (i + 1)) / k );
-        fflush( stdout );
-    }
-
-    if( t == time( NULL ) )
-        t--;
-
-    mbedtls_printf(" \n ");
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-    mbedtls_havege_free( &hs );
-    fclose( f );
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_HAVEGE_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/ssl/CMakeLists.txt b/3rdparty/mbedtls-2.25.0/programs/ssl/CMakeLists.txt
deleted file mode 100644
index 149aa30..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/ssl/CMakeLists.txt
+++ /dev/null
@@ -1,46 +0,0 @@
-set(THREADS_USE_PTHREADS_WIN32 true)
-find_package(Threads)
-
-set(libs
-    ${mbedtls_target}
-)
-
-if(USE_PKCS11_HELPER_LIBRARY)
-    set(libs ${libs} pkcs11-helper)
-endif(USE_PKCS11_HELPER_LIBRARY)
-
-if(ENABLE_ZLIB_SUPPORT)
-    set(libs ${libs} ${ZLIB_LIBRARIES})
-endif(ENABLE_ZLIB_SUPPORT)
-
-set(executables
-    dtls_client
-    dtls_server
-    mini_client
-    ssl_client1
-    ssl_client2
-    ssl_context_info
-    ssl_fork_server
-    ssl_mail_client
-    ssl_server
-    ssl_server2
-)
-
-foreach(exe IN LISTS executables)
-    add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
-    target_link_libraries(${exe} ${libs})
-    target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
-endforeach()
-
-set_property(TARGET ssl_client2 APPEND PROPERTY SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
-set_property(TARGET ssl_server2 APPEND PROPERTY SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
-
-if(THREADS_FOUND)
-    add_executable(ssl_pthread_server ssl_pthread_server.c $<TARGET_OBJECTS:mbedtls_test>)
-    target_link_libraries(ssl_pthread_server ${libs} ${CMAKE_THREAD_LIBS_INIT})
-    list(APPEND executables ssl_pthread_server)
-endif(THREADS_FOUND)
-
-install(TARGETS ${executables}
-        DESTINATION "bin"
-        PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/3rdparty/mbedtls-2.25.0/programs/ssl/dtls_client.c b/3rdparty/mbedtls-2.25.0/programs/ssl/dtls_client.c
deleted file mode 100644
index 03a06ff..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/ssl/dtls_client.c
+++ /dev/null
@@ -1,362 +0,0 @@
-/*
- *  Simple DTLS client demonstration program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf     printf
-#define mbedtls_fprintf    fprintf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif
-
-#if !defined(MBEDTLS_SSL_CLI_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) ||    \
-    !defined(MBEDTLS_NET_C)  || !defined(MBEDTLS_TIMING_C) ||             \
-    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) ||        \
-    !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) ||      \
-    !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C)
-int main( void )
-{
-    mbedtls_printf( "MBEDTLS_SSL_CLI_C and/or MBEDTLS_SSL_PROTO_DTLS and/or "
-            "MBEDTLS_NET_C and/or MBEDTLS_TIMING_C and/or "
-            "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
-            "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or "
-            "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined.\n" );
-    mbedtls_exit( 0 );
-}
-#else
-
-#include <string.h>
-
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/debug.h"
-#include "mbedtls/ssl.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/error.h"
-#include "mbedtls/certs.h"
-#include "mbedtls/timing.h"
-
-/* Uncomment out the following line to default to IPv4 and disable IPv6 */
-//#define FORCE_IPV4
-
-#define SERVER_PORT "4433"
-#define SERVER_NAME "localhost"
-
-#ifdef FORCE_IPV4
-#define SERVER_ADDR "127.0.0.1"     /* Forces IPv4 */
-#else
-#define SERVER_ADDR "::1"
-#endif
-
-#define MESSAGE     "Echo this"
-
-#define READ_TIMEOUT_MS 1000
-#define MAX_RETRY       5
-
-#define DEBUG_LEVEL 0
-
-
-static void my_debug( void *ctx, int level,
-                      const char *file, int line,
-                      const char *str )
-{
-    ((void) level);
-
-    mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str );
-    fflush(  (FILE *) ctx  );
-}
-
-int main( int argc, char *argv[] )
-{
-    int ret, len;
-    mbedtls_net_context server_fd;
-    uint32_t flags;
-    unsigned char buf[1024];
-    const char *pers = "dtls_client";
-    int retry_left = MAX_RETRY;
-
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-    mbedtls_x509_crt cacert;
-    mbedtls_timing_delay_context timer;
-
-    ((void) argc);
-    ((void) argv);
-
-#if defined(MBEDTLS_DEBUG_C)
-    mbedtls_debug_set_threshold( DEBUG_LEVEL );
-#endif
-
-    /*
-     * 0. Initialize the RNG and the session data
-     */
-    mbedtls_net_init( &server_fd );
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_config_init( &conf );
-    mbedtls_x509_crt_init( &cacert );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-
-    mbedtls_printf( "\n  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    mbedtls_entropy_init( &entropy );
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               strlen( pers ) ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 0. Load certificates
-     */
-    mbedtls_printf( "  . Loading the CA root certificate ..." );
-    fflush( stdout );
-
-    ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem,
-                          mbedtls_test_cas_pem_len );
-    if( ret < 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse returned -0x%x\n\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok (%d skipped)\n", ret );
-
-    /*
-     * 1. Start the connection
-     */
-    mbedtls_printf( "  . Connecting to udp/%s/%s...", SERVER_NAME, SERVER_PORT );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_net_connect( &server_fd, SERVER_ADDR,
-                                         SERVER_PORT, MBEDTLS_NET_PROTO_UDP ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_connect returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 2. Setup stuff
-     */
-    mbedtls_printf( "  . Setting up the DTLS structure..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ssl_config_defaults( &conf,
-                   MBEDTLS_SSL_IS_CLIENT,
-                   MBEDTLS_SSL_TRANSPORT_DATAGRAM,
-                   MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
-        goto exit;
-    }
-
-    /* OPTIONAL is usually a bad choice for security, but makes interop easier
-     * in this simplified example, in which the ca chain is hardcoded.
-     * Production code should set a proper ca chain and use REQUIRED. */
-    mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
-    mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
-    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-    mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
-
-    if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_setup returned %d\n\n", ret );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_ssl_set_hostname( &ssl, SERVER_NAME ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_ssl_set_bio( &ssl, &server_fd,
-                         mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout );
-
-    mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay,
-                                            mbedtls_timing_get_delay );
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 4. Handshake
-     */
-    mbedtls_printf( "  . Performing the DTLS handshake..." );
-    fflush( stdout );
-
-    do ret = mbedtls_ssl_handshake( &ssl );
-    while( ret == MBEDTLS_ERR_SSL_WANT_READ ||
-           ret == MBEDTLS_ERR_SSL_WANT_WRITE );
-
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 5. Verify the server certificate
-     */
-    mbedtls_printf( "  . Verifying peer X.509 certificate..." );
-
-    /* In real life, we would have used MBEDTLS_SSL_VERIFY_REQUIRED so that the
-     * handshake would not succeed if the peer's cert is bad.  Even if we used
-     * MBEDTLS_SSL_VERIFY_OPTIONAL, we would bail out here if ret != 0 */
-    if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 )
-    {
-        char vrfy_buf[512];
-
-        mbedtls_printf( " failed\n" );
-
-        mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), "  ! ", flags );
-
-        mbedtls_printf( "%s\n", vrfy_buf );
-    }
-    else
-        mbedtls_printf( " ok\n" );
-
-    /*
-     * 6. Write the echo request
-     */
-send_request:
-    mbedtls_printf( "  > Write to server:" );
-    fflush( stdout );
-
-    len = sizeof( MESSAGE ) - 1;
-
-    do ret = mbedtls_ssl_write( &ssl, (unsigned char *) MESSAGE, len );
-    while( ret == MBEDTLS_ERR_SSL_WANT_READ ||
-           ret == MBEDTLS_ERR_SSL_WANT_WRITE );
-
-    if( ret < 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_write returned %d\n\n", ret );
-        goto exit;
-    }
-
-    len = ret;
-    mbedtls_printf( " %d bytes written\n\n%s\n\n", len, MESSAGE );
-
-    /*
-     * 7. Read the echo response
-     */
-    mbedtls_printf( "  < Read from server:" );
-    fflush( stdout );
-
-    len = sizeof( buf ) - 1;
-    memset( buf, 0, sizeof( buf ) );
-
-    do ret = mbedtls_ssl_read( &ssl, buf, len );
-    while( ret == MBEDTLS_ERR_SSL_WANT_READ ||
-           ret == MBEDTLS_ERR_SSL_WANT_WRITE );
-
-    if( ret <= 0 )
-    {
-        switch( ret )
-        {
-            case MBEDTLS_ERR_SSL_TIMEOUT:
-                mbedtls_printf( " timeout\n\n" );
-                if( retry_left-- > 0 )
-                    goto send_request;
-                goto exit;
-
-            case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
-                mbedtls_printf( " connection was closed gracefully\n" );
-                ret = 0;
-                goto close_notify;
-
-            default:
-                mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n\n", (unsigned int) -ret );
-                goto exit;
-        }
-    }
-
-    len = ret;
-    mbedtls_printf( " %d bytes read\n\n%s\n\n", len, buf );
-
-    /*
-     * 8. Done, cleanly close the connection
-     */
-close_notify:
-    mbedtls_printf( "  . Closing the connection..." );
-
-    /* No error checking, the connection might be closed already */
-    do ret = mbedtls_ssl_close_notify( &ssl );
-    while( ret == MBEDTLS_ERR_SSL_WANT_WRITE );
-    ret = 0;
-
-    mbedtls_printf( " done\n" );
-
-    /*
-     * 9. Final clean-ups and exit
-     */
-exit:
-
-#ifdef MBEDTLS_ERROR_C
-    if( ret != 0 )
-    {
-        char error_buf[100];
-        mbedtls_strerror( ret, error_buf, 100 );
-        mbedtls_printf( "Last error was: %d - %s\n\n", ret, error_buf );
-    }
-#endif
-
-    mbedtls_net_free( &server_fd );
-
-    mbedtls_x509_crt_free( &cacert );
-    mbedtls_ssl_free( &ssl );
-    mbedtls_ssl_config_free( &conf );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    /* Shell can not handle large exit numbers -> 1 for errors */
-    if( ret < 0 )
-        ret = 1;
-
-    mbedtls_exit( ret );
-}
-#endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_NET_C &&
-          MBEDTLD_TIMING_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
-          MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_RSA_C && MBEDTLS_CERTS_C &&
-          MBEDTLS_PEM_PARSE_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/ssl/dtls_server.c b/3rdparty/mbedtls-2.25.0/programs/ssl/dtls_server.c
deleted file mode 100644
index 22e3fc5..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/ssl/dtls_server.c
+++ /dev/null
@@ -1,437 +0,0 @@
-/*
- *  Simple DTLS server demonstration program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf     printf
-#define mbedtls_fprintf    fprintf
-#define mbedtls_time_t     time_t
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif
-
-/* Uncomment out the following line to default to IPv4 and disable IPv6 */
-//#define FORCE_IPV4
-
-#ifdef FORCE_IPV4
-#define BIND_IP     "0.0.0.0"     /* Forces IPv4 */
-#else
-#define BIND_IP     "::"
-#endif
-
-#if !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) ||    \
-    !defined(MBEDTLS_SSL_COOKIE_C) || !defined(MBEDTLS_NET_C) ||          \
-    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) ||        \
-    !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) ||      \
-    !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) ||         \
-    !defined(MBEDTLS_TIMING_C)
-
-int main( void )
-{
-    printf( "MBEDTLS_SSL_SRV_C and/or MBEDTLS_SSL_PROTO_DTLS and/or "
-            "MBEDTLS_SSL_COOKIE_C and/or MBEDTLS_NET_C and/or "
-            "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
-            "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or "
-            "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C and/or "
-            "MBEDTLS_TIMING_C not defined.\n" );
-    mbedtls_exit( 0 );
-}
-#else
-
-#if defined(_WIN32)
-#include <windows.h>
-#endif
-
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/certs.h"
-#include "mbedtls/x509.h"
-#include "mbedtls/ssl.h"
-#include "mbedtls/ssl_cookie.h"
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/error.h"
-#include "mbedtls/debug.h"
-#include "mbedtls/timing.h"
-
-#if defined(MBEDTLS_SSL_CACHE_C)
-#include "mbedtls/ssl_cache.h"
-#endif
-
-#define READ_TIMEOUT_MS 10000   /* 5 seconds */
-#define DEBUG_LEVEL 0
-
-
-static void my_debug( void *ctx, int level,
-                      const char *file, int line,
-                      const char *str )
-{
-    ((void) level);
-
-    mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str );
-    fflush(  (FILE *) ctx  );
-}
-
-int main( void )
-{
-    int ret, len;
-    mbedtls_net_context listen_fd, client_fd;
-    unsigned char buf[1024];
-    const char *pers = "dtls_server";
-    unsigned char client_ip[16] = { 0 };
-    size_t cliip_len;
-    mbedtls_ssl_cookie_ctx cookie_ctx;
-
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-    mbedtls_x509_crt srvcert;
-    mbedtls_pk_context pkey;
-    mbedtls_timing_delay_context timer;
-#if defined(MBEDTLS_SSL_CACHE_C)
-    mbedtls_ssl_cache_context cache;
-#endif
-
-    mbedtls_net_init( &listen_fd );
-    mbedtls_net_init( &client_fd );
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_config_init( &conf );
-    mbedtls_ssl_cookie_init( &cookie_ctx );
-#if defined(MBEDTLS_SSL_CACHE_C)
-    mbedtls_ssl_cache_init( &cache );
-#endif
-    mbedtls_x509_crt_init( &srvcert );
-    mbedtls_pk_init( &pkey );
-    mbedtls_entropy_init( &entropy );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-
-#if defined(MBEDTLS_DEBUG_C)
-    mbedtls_debug_set_threshold( DEBUG_LEVEL );
-#endif
-
-    /*
-     * 1. Load the certificates and private RSA key
-     */
-    printf( "\n  . Loading the server cert. and key..." );
-    fflush( stdout );
-
-    /*
-     * This demonstration program uses embedded test certificates.
-     * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the
-     * server and CA certificates, as well as mbedtls_pk_parse_keyfile().
-     */
-    ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt,
-                          mbedtls_test_srv_crt_len );
-    if( ret != 0 )
-    {
-        printf( " failed\n  !  mbedtls_x509_crt_parse returned %d\n\n", ret );
-        goto exit;
-    }
-
-    ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem,
-                          mbedtls_test_cas_pem_len );
-    if( ret != 0 )
-    {
-        printf( " failed\n  !  mbedtls_x509_crt_parse returned %d\n\n", ret );
-        goto exit;
-    }
-
-    ret =  mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
-                         mbedtls_test_srv_key_len, NULL, 0 );
-    if( ret != 0 )
-    {
-        printf( " failed\n  !  mbedtls_pk_parse_key returned %d\n\n", ret );
-        goto exit;
-    }
-
-    printf( " ok\n" );
-
-    /*
-     * 2. Setup the "listening" UDP socket
-     */
-    printf( "  . Bind on udp/*/4433 ..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_net_bind( &listen_fd, BIND_IP, "4433", MBEDTLS_NET_PROTO_UDP ) ) != 0 )
-    {
-        printf( " failed\n  ! mbedtls_net_bind returned %d\n\n", ret );
-        goto exit;
-    }
-
-    printf( " ok\n" );
-
-    /*
-     * 3. Seed the RNG
-     */
-    printf( "  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               strlen( pers ) ) ) != 0 )
-    {
-        printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
-        goto exit;
-    }
-
-    printf( " ok\n" );
-
-    /*
-     * 4. Setup stuff
-     */
-    printf( "  . Setting up the DTLS data..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ssl_config_defaults( &conf,
-                    MBEDTLS_SSL_IS_SERVER,
-                    MBEDTLS_SSL_TRANSPORT_DATAGRAM,
-                    MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-    mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
-
-#if defined(MBEDTLS_SSL_CACHE_C)
-    mbedtls_ssl_conf_session_cache( &conf, &cache,
-                                   mbedtls_ssl_cache_get,
-                                   mbedtls_ssl_cache_set );
-#endif
-
-    mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
-   if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
-    {
-        printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_ssl_cookie_setup( &cookie_ctx,
-                                  mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
-    {
-        printf( " failed\n  ! mbedtls_ssl_cookie_setup returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
-                               &cookie_ctx );
-
-    if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
-    {
-        printf( " failed\n  ! mbedtls_ssl_setup returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay,
-                                            mbedtls_timing_get_delay );
-
-    printf( " ok\n" );
-
-reset:
-#ifdef MBEDTLS_ERROR_C
-    if( ret != 0 )
-    {
-        char error_buf[100];
-        mbedtls_strerror( ret, error_buf, 100 );
-        printf("Last error was: %d - %s\n\n", ret, error_buf );
-    }
-#endif
-
-    mbedtls_net_free( &client_fd );
-
-    mbedtls_ssl_session_reset( &ssl );
-
-    /*
-     * 3. Wait until a client connects
-     */
-    printf( "  . Waiting for a remote connection ..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
-                    client_ip, sizeof( client_ip ), &cliip_len ) ) != 0 )
-    {
-        printf( " failed\n  ! mbedtls_net_accept returned %d\n\n", ret );
-        goto exit;
-    }
-
-    /* For HelloVerifyRequest cookies */
-    if( ( ret = mbedtls_ssl_set_client_transport_id( &ssl,
-                    client_ip, cliip_len ) ) != 0 )
-    {
-        printf( " failed\n  ! "
-                "mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-    mbedtls_ssl_set_bio( &ssl, &client_fd,
-                         mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout );
-
-    printf( " ok\n" );
-
-    /*
-     * 5. Handshake
-     */
-    printf( "  . Performing the DTLS handshake..." );
-    fflush( stdout );
-
-    do ret = mbedtls_ssl_handshake( &ssl );
-    while( ret == MBEDTLS_ERR_SSL_WANT_READ ||
-           ret == MBEDTLS_ERR_SSL_WANT_WRITE );
-
-    if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED )
-    {
-        printf( " hello verification requested\n" );
-        ret = 0;
-        goto reset;
-    }
-    else if( ret != 0 )
-    {
-        printf( " failed\n  ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret );
-        goto reset;
-    }
-
-    printf( " ok\n" );
-
-    /*
-     * 6. Read the echo Request
-     */
-    printf( "  < Read from client:" );
-    fflush( stdout );
-
-    len = sizeof( buf ) - 1;
-    memset( buf, 0, sizeof( buf ) );
-
-    do ret = mbedtls_ssl_read( &ssl, buf, len );
-    while( ret == MBEDTLS_ERR_SSL_WANT_READ ||
-           ret == MBEDTLS_ERR_SSL_WANT_WRITE );
-
-    if( ret <= 0 )
-    {
-        switch( ret )
-        {
-            case MBEDTLS_ERR_SSL_TIMEOUT:
-                printf( " timeout\n\n" );
-                goto reset;
-
-            case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
-                printf( " connection was closed gracefully\n" );
-                ret = 0;
-                goto close_notify;
-
-            default:
-                printf( " mbedtls_ssl_read returned -0x%x\n\n", (unsigned int) -ret );
-                goto reset;
-        }
-    }
-
-    len = ret;
-    printf( " %d bytes read\n\n%s\n\n", len, buf );
-
-    /*
-     * 7. Write the 200 Response
-     */
-    printf( "  > Write to client:" );
-    fflush( stdout );
-
-    do ret = mbedtls_ssl_write( &ssl, buf, len );
-    while( ret == MBEDTLS_ERR_SSL_WANT_READ ||
-           ret == MBEDTLS_ERR_SSL_WANT_WRITE );
-
-    if( ret < 0 )
-    {
-        printf( " failed\n  ! mbedtls_ssl_write returned %d\n\n", ret );
-        goto exit;
-    }
-
-    len = ret;
-    printf( " %d bytes written\n\n%s\n\n", len, buf );
-
-    /*
-     * 8. Done, cleanly close the connection
-     */
-close_notify:
-    printf( "  . Closing the connection..." );
-
-    /* No error checking, the connection might be closed already */
-    do ret = mbedtls_ssl_close_notify( &ssl );
-    while( ret == MBEDTLS_ERR_SSL_WANT_WRITE );
-    ret = 0;
-
-    printf( " done\n" );
-
-    goto reset;
-
-    /*
-     * Final clean-ups and exit
-     */
-exit:
-
-#ifdef MBEDTLS_ERROR_C
-    if( ret != 0 )
-    {
-        char error_buf[100];
-        mbedtls_strerror( ret, error_buf, 100 );
-        printf( "Last error was: %d - %s\n\n", ret, error_buf );
-    }
-#endif
-
-    mbedtls_net_free( &client_fd );
-    mbedtls_net_free( &listen_fd );
-
-    mbedtls_x509_crt_free( &srvcert );
-    mbedtls_pk_free( &pkey );
-    mbedtls_ssl_free( &ssl );
-    mbedtls_ssl_config_free( &conf );
-    mbedtls_ssl_cookie_free( &cookie_ctx );
-#if defined(MBEDTLS_SSL_CACHE_C)
-    mbedtls_ssl_cache_free( &cache );
-#endif
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-#if defined(_WIN32)
-    printf( "  Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    /* Shell can not handle large exit numbers -> 1 for errors */
-    if( ret < 0 )
-        ret = 1;
-
-    mbedtls_exit( ret );
-}
-#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_PROTO_DTLS &&
-          MBEDTLS_SSL_COOKIE_C && MBEDTLS_NET_C && MBEDTLS_ENTROPY_C &&
-          MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_RSA_C
-          && MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C && MBEDTLS_TIMING_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/ssl/mini_client.c b/3rdparty/mbedtls-2.25.0/programs/ssl/mini_client.c
deleted file mode 100644
index 0a9cc28..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/ssl/mini_client.c
+++ /dev/null
@@ -1,299 +0,0 @@
-/*
- *  Minimal SSL client, used for memory measurements.
- *  (meant to be used with config-suite-b.h or config-ccm-psk-tls1_2.h)
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif
-
-/*
- * We're creating and connecting the socket "manually" rather than using the
- * NET module, in order to avoid the overhead of getaddrinfo() which tends to
- * dominate memory usage in small configurations. For the sake of simplicity,
- * only a Unix version is implemented.
- *
- * Warning: we are breaking some of the abtractions from the NET layer here.
- * This is not a good example for general use. This programs has the specific
- * goal of minimizing use of the libc functions on full-blown OSes.
- */
-#if defined(unix) || defined(__unix__) || defined(__unix) || defined(__APPLE__)
-#define UNIX
-#endif
-
-#if !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_ENTROPY_C) || \
-    !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_SSL_CLI_C) || \
-    !defined(UNIX)
-
-int main( void )
-{
-    mbedtls_printf( "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or "
-            "MBEDTLS_NET_C and/or MBEDTLS_SSL_CLI_C and/or UNIX "
-            "not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-#include <string.h>
-
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/ssl.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-
-/*
- * Hardcoded values for server host and port
- */
-#define PORT_BE 0x1151      /* 4433 */
-#define PORT_LE 0x5111
-#define ADDR_BE 0x7f000001  /* 127.0.0.1 */
-#define ADDR_LE 0x0100007f
-#define HOSTNAME "localhost" /* for cert verification if enabled */
-
-#define GET_REQUEST "GET / HTTP/1.0\r\n\r\n"
-
-const char *pers = "mini_client";
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-const unsigned char psk[] = {
-    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
-};
-const char psk_id[] = "Client_identity";
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-/* This is tests/data_files/test-ca2.crt, a CA using EC secp384r1 */
-const unsigned char ca_cert[] = {
-    0x30, 0x82, 0x02, 0x52, 0x30, 0x82, 0x01, 0xd7, 0xa0, 0x03, 0x02, 0x01,
-    0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8,
-    0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02,
-    0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
-    0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a,
-    0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c,
-    0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c,
-    0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45,
-    0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x33, 0x30, 0x39,
-    0x32, 0x34, 0x31, 0x35, 0x34, 0x39, 0x34, 0x38, 0x5a, 0x17, 0x0d, 0x32,
-    0x33, 0x30, 0x39, 0x32, 0x32, 0x31, 0x35, 0x34, 0x39, 0x34, 0x38, 0x5a,
-    0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
-    0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a,
-    0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c,
-    0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c,
-    0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45,
-    0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86,
-    0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22,
-    0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37, 0x58, 0x2f,
-    0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e, 0xe0, 0x6e,
-    0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4, 0x91, 0x95,
-    0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc, 0x1a, 0x95,
-    0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf, 0xd6, 0x6a,
-    0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca, 0xe8, 0xb2,
-    0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75, 0xa7, 0x47,
-    0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20, 0xb4, 0x66,
-    0x16, 0x60, 0x33, 0x1e, 0xa3, 0x81, 0xa0, 0x30, 0x81, 0x9d, 0x30, 0x1d,
-    0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x9d, 0x6d, 0x20,
-    0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24,
-    0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23,
-    0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01,
-    0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb,
-    0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09,
-    0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30,
-    0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61,
-    0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04,
-    0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20,
-    0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09,
-    0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0c, 0x06,
-    0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30,
-    0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03,
-    0x69, 0x00, 0x30, 0x66, 0x02, 0x31, 0x00, 0xc3, 0xb4, 0x62, 0x73, 0x56,
-    0x28, 0x95, 0x00, 0x7d, 0x78, 0x12, 0x26, 0xd2, 0x71, 0x7b, 0x19, 0xf8,
-    0x8a, 0x98, 0x3e, 0x92, 0xfe, 0x33, 0x9e, 0xe4, 0x79, 0xd2, 0xfe, 0x7a,
-    0xb7, 0x87, 0x74, 0x3c, 0x2b, 0xb8, 0xd7, 0x69, 0x94, 0x0b, 0xa3, 0x67,
-    0x77, 0xb8, 0xb3, 0xbe, 0xd1, 0x36, 0x32, 0x02, 0x31, 0x00, 0xfd, 0x67,
-    0x9c, 0x94, 0x23, 0x67, 0xc0, 0x56, 0xba, 0x4b, 0x33, 0x15, 0x00, 0xc6,
-    0xe3, 0xcc, 0x31, 0x08, 0x2c, 0x9c, 0x8b, 0xda, 0xa9, 0x75, 0x23, 0x2f,
-    0xb8, 0x28, 0xe7, 0xf2, 0x9c, 0x14, 0x3a, 0x40, 0x01, 0x5c, 0xaf, 0x0c,
-    0xb2, 0xcf, 0x74, 0x7f, 0x30, 0x9f, 0x08, 0x43, 0xad, 0x20,
-};
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-enum exit_codes
-{
-    exit_ok = 0,
-    ctr_drbg_seed_failed,
-    ssl_config_defaults_failed,
-    ssl_setup_failed,
-    hostname_failed,
-    socket_failed,
-    connect_failed,
-    x509_crt_parse_failed,
-    ssl_handshake_failed,
-    ssl_write_failed,
-};
-
-
-int main( void )
-{
-    int ret = exit_ok;
-    mbedtls_net_context server_fd;
-    struct sockaddr_in addr;
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    mbedtls_x509_crt ca;
-#endif
-
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-
-    /*
-     * 0. Initialize and setup stuff
-     */
-    mbedtls_net_init( &server_fd );
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_config_init( &conf );
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    mbedtls_x509_crt_init( &ca );
-#endif
-
-    mbedtls_entropy_init( &entropy );
-    if( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                       (const unsigned char *) pers, strlen( pers ) ) != 0 )
-    {
-        ret = ctr_drbg_seed_failed;
-        goto exit;
-    }
-
-    if( mbedtls_ssl_config_defaults( &conf,
-                MBEDTLS_SSL_IS_CLIENT,
-                MBEDTLS_SSL_TRANSPORT_STREAM,
-                MBEDTLS_SSL_PRESET_DEFAULT ) != 0 )
-    {
-        ret = ssl_config_defaults_failed;
-        goto exit;
-    }
-
-    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-    mbedtls_ssl_conf_psk( &conf, psk, sizeof( psk ),
-                (const unsigned char *) psk_id, sizeof( psk_id ) - 1 );
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    if( mbedtls_x509_crt_parse_der( &ca, ca_cert, sizeof( ca_cert ) ) != 0 )
-    {
-        ret = x509_crt_parse_failed;
-        goto exit;
-    }
-
-    mbedtls_ssl_conf_ca_chain( &conf, &ca, NULL );
-    mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
-#endif
-
-    if( mbedtls_ssl_setup( &ssl, &conf ) != 0 )
-    {
-        ret = ssl_setup_failed;
-        goto exit;
-    }
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    if( mbedtls_ssl_set_hostname( &ssl, HOSTNAME ) != 0 )
-    {
-        ret = hostname_failed;
-        goto exit;
-    }
-#endif
-
-    /*
-     * 1. Start the connection
-     */
-    memset( &addr, 0, sizeof( addr ) );
-    addr.sin_family = AF_INET;
-
-    ret = 1; /* for endianness detection */
-    addr.sin_port = *((char *) &ret) == ret ? PORT_LE : PORT_BE;
-    addr.sin_addr.s_addr = *((char *) &ret) == ret ? ADDR_LE : ADDR_BE;
-    ret = 0;
-
-    if( ( server_fd.fd = socket( AF_INET, SOCK_STREAM, 0 ) ) < 0 )
-    {
-        ret = socket_failed;
-        goto exit;
-    }
-
-    if( connect( server_fd.fd,
-                (const struct sockaddr *) &addr, sizeof( addr ) ) < 0 )
-    {
-        ret = connect_failed;
-        goto exit;
-    }
-
-    mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
-
-    if( mbedtls_ssl_handshake( &ssl ) != 0 )
-    {
-        ret = ssl_handshake_failed;
-        goto exit;
-    }
-
-    /*
-     * 2. Write the GET request and close the connection
-     */
-    if( mbedtls_ssl_write( &ssl, (const unsigned char *) GET_REQUEST,
-                         sizeof( GET_REQUEST ) - 1 ) <= 0 )
-    {
-        ret = ssl_write_failed;
-        goto exit;
-    }
-
-    mbedtls_ssl_close_notify( &ssl );
-
-exit:
-    mbedtls_net_free( &server_fd );
-
-    mbedtls_ssl_free( &ssl );
-    mbedtls_ssl_config_free( &conf );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    mbedtls_x509_crt_free( &ca );
-#endif
-
-    mbedtls_exit( ret );
-}
-#endif
diff --git a/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_client1.c b/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_client1.c
deleted file mode 100644
index 61a849c..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_client1.c
+++ /dev/null
@@ -1,318 +0,0 @@
-/*
- *  SSL client demonstration program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_time            time
-#define mbedtls_time_t          time_t
-#define mbedtls_fprintf         fprintf
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) ||  \
-    !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
-    !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) ||         \
-    !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) || \
-    !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
-           "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
-           "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
-           "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
-           "not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/debug.h"
-#include "mbedtls/ssl.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/error.h"
-#include "mbedtls/certs.h"
-
-#include <string.h>
-
-#define SERVER_PORT "4433"
-#define SERVER_NAME "localhost"
-#define GET_REQUEST "GET / HTTP/1.0\r\n\r\n"
-
-#define DEBUG_LEVEL 1
-
-
-static void my_debug( void *ctx, int level,
-                      const char *file, int line,
-                      const char *str )
-{
-    ((void) level);
-
-    mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str );
-    fflush(  (FILE *) ctx  );
-}
-
-int main( void )
-{
-    int ret = 1, len;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    mbedtls_net_context server_fd;
-    uint32_t flags;
-    unsigned char buf[1024];
-    const char *pers = "ssl_client1";
-
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-    mbedtls_x509_crt cacert;
-
-#if defined(MBEDTLS_DEBUG_C)
-    mbedtls_debug_set_threshold( DEBUG_LEVEL );
-#endif
-
-    /*
-     * 0. Initialize the RNG and the session data
-     */
-    mbedtls_net_init( &server_fd );
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_config_init( &conf );
-    mbedtls_x509_crt_init( &cacert );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-
-    mbedtls_printf( "\n  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    mbedtls_entropy_init( &entropy );
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               strlen( pers ) ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 0. Initialize certificates
-     */
-    mbedtls_printf( "  . Loading the CA root certificate ..." );
-    fflush( stdout );
-
-    ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem,
-                          mbedtls_test_cas_pem_len );
-    if( ret < 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse returned -0x%x\n\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok (%d skipped)\n", ret );
-
-    /*
-     * 1. Start the connection
-     */
-    mbedtls_printf( "  . Connecting to tcp/%s/%s...", SERVER_NAME, SERVER_PORT );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_net_connect( &server_fd, SERVER_NAME,
-                                         SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_connect returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 2. Setup stuff
-     */
-    mbedtls_printf( "  . Setting up the SSL/TLS structure..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ssl_config_defaults( &conf,
-                    MBEDTLS_SSL_IS_CLIENT,
-                    MBEDTLS_SSL_TRANSPORT_STREAM,
-                    MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /* OPTIONAL is not optimal for security,
-     * but makes interop easier in this simplified example */
-    mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
-    mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
-    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-    mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
-
-    if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_setup returned %d\n\n", ret );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_ssl_set_hostname( &ssl, SERVER_NAME ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
-
-    /*
-     * 4. Handshake
-     */
-    mbedtls_printf( "  . Performing the SSL/TLS handshake..." );
-    fflush( stdout );
-
-    while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
-    {
-        if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret );
-            goto exit;
-        }
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 5. Verify the server certificate
-     */
-    mbedtls_printf( "  . Verifying peer X.509 certificate..." );
-
-    /* In real life, we probably want to bail out when ret != 0 */
-    if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 )
-    {
-        char vrfy_buf[512];
-
-        mbedtls_printf( " failed\n" );
-
-        mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), "  ! ", flags );
-
-        mbedtls_printf( "%s\n", vrfy_buf );
-    }
-    else
-        mbedtls_printf( " ok\n" );
-
-    /*
-     * 3. Write the GET request
-     */
-    mbedtls_printf( "  > Write to server:" );
-    fflush( stdout );
-
-    len = sprintf( (char *) buf, GET_REQUEST );
-
-    while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 )
-    {
-        if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_write returned %d\n\n", ret );
-            goto exit;
-        }
-    }
-
-    len = ret;
-    mbedtls_printf( " %d bytes written\n\n%s", len, (char *) buf );
-
-    /*
-     * 7. Read the HTTP response
-     */
-    mbedtls_printf( "  < Read from server:" );
-    fflush( stdout );
-
-    do
-    {
-        len = sizeof( buf ) - 1;
-        memset( buf, 0, sizeof( buf ) );
-        ret = mbedtls_ssl_read( &ssl, buf, len );
-
-        if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE )
-            continue;
-
-        if( ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY )
-            break;
-
-        if( ret < 0 )
-        {
-            mbedtls_printf( "failed\n  ! mbedtls_ssl_read returned %d\n\n", ret );
-            break;
-        }
-
-        if( ret == 0 )
-        {
-            mbedtls_printf( "\n\nEOF\n\n" );
-            break;
-        }
-
-        len = ret;
-        mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf );
-    }
-    while( 1 );
-
-    mbedtls_ssl_close_notify( &ssl );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
-#ifdef MBEDTLS_ERROR_C
-    if( exit_code != MBEDTLS_EXIT_SUCCESS )
-    {
-        char error_buf[100];
-        mbedtls_strerror( ret, error_buf, 100 );
-        mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf );
-    }
-#endif
-
-    mbedtls_net_free( &server_fd );
-
-    mbedtls_x509_crt_free( &cacert );
-    mbedtls_ssl_free( &ssl );
-    mbedtls_ssl_config_free( &conf );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
-          MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
-          MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C && MBEDTLS_CTR_DRBG_C &&
-          MBEDTLS_X509_CRT_PARSE_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_client2.c b/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_client2.c
deleted file mode 100644
index fc69061..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_client2.c
+++ /dev/null
@@ -1,3617 +0,0 @@
-/*
- *  SSL client with certificate authentication
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_time       time
-#define mbedtls_time_t     time_t
-#define mbedtls_printf     printf
-#define mbedtls_fprintf    fprintf
-#define mbedtls_snprintf   snprintf
-#define mbedtls_calloc     calloc
-#define mbedtls_free       free
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif
-
-#if !defined(MBEDTLS_ENTROPY_C) || \
-    !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
-    !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
-    defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
-int main( void )
-{
-    mbedtls_printf( "MBEDTLS_ENTROPY_C and/or "
-           "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
-           "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined "
-           " and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined.\n" );
-    mbedtls_exit( 0 );
-}
-#else
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-#include "mbedtls/memory_buffer_alloc.h"
-#endif
-
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/ssl.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/certs.h"
-#include "mbedtls/x509.h"
-#include "mbedtls/error.h"
-#include "mbedtls/debug.h"
-#include "mbedtls/timing.h"
-#include "mbedtls/base64.h"
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "psa/crypto.h"
-#include "mbedtls/psa_util.h"
-#endif
-
-#include <test/helpers.h>
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-/* Size of memory to be allocated for the heap, when using the library's memory
- * management and MBEDTLS_MEMORY_BUFFER_ALLOC_C is enabled. */
-#define MEMORY_HEAP_SIZE      120000
-
-#define MAX_REQUEST_SIZE      20000
-#define MAX_REQUEST_SIZE_STR "20000"
-
-#define DFL_SERVER_NAME         "localhost"
-#define DFL_SERVER_ADDR         NULL
-#define DFL_SERVER_PORT         "4433"
-#define DFL_REQUEST_PAGE        "/"
-#define DFL_REQUEST_SIZE        -1
-#define DFL_DEBUG_LEVEL         0
-#define DFL_CONTEXT_CRT_CB      0
-#define DFL_NBIO                0
-#define DFL_EVENT               0
-#define DFL_READ_TIMEOUT        0
-#define DFL_MAX_RESEND          0
-#define DFL_CA_FILE             ""
-#define DFL_CA_PATH             ""
-#define DFL_CRT_FILE            ""
-#define DFL_KEY_FILE            ""
-#define DFL_KEY_OPAQUE          0
-#define DFL_KEY_PWD             ""
-#define DFL_PSK                 ""
-#define DFL_PSK_OPAQUE          0
-#define DFL_PSK_IDENTITY        "Client_identity"
-#define DFL_ECJPAKE_PW          NULL
-#define DFL_EC_MAX_OPS          -1
-#define DFL_FORCE_CIPHER        0
-#define DFL_RENEGOTIATION       MBEDTLS_SSL_RENEGOTIATION_DISABLED
-#define DFL_ALLOW_LEGACY        -2
-#define DFL_RENEGOTIATE         0
-#define DFL_EXCHANGES           1
-#define DFL_MIN_VERSION         -1
-#define DFL_MAX_VERSION         -1
-#define DFL_ARC4                -1
-#define DFL_SHA1                -1
-#define DFL_AUTH_MODE           -1
-#define DFL_MFL_CODE            MBEDTLS_SSL_MAX_FRAG_LEN_NONE
-#define DFL_TRUNC_HMAC          -1
-#define DFL_RECSPLIT            -1
-#define DFL_DHMLEN              -1
-#define DFL_RECONNECT           0
-#define DFL_RECO_DELAY          0
-#define DFL_RECO_MODE           1
-#define DFL_CID_ENABLED         0
-#define DFL_CID_VALUE           ""
-#define DFL_CID_ENABLED_RENEGO  -1
-#define DFL_CID_VALUE_RENEGO    NULL
-#define DFL_RECONNECT_HARD      0
-#define DFL_TICKETS             MBEDTLS_SSL_SESSION_TICKETS_ENABLED
-#define DFL_ALPN_STRING         NULL
-#define DFL_CURVES              NULL
-#define DFL_TRANSPORT           MBEDTLS_SSL_TRANSPORT_STREAM
-#define DFL_HS_TO_MIN           0
-#define DFL_HS_TO_MAX           0
-#define DFL_DTLS_MTU            -1
-#define DFL_DGRAM_PACKING        1
-#define DFL_FALLBACK            -1
-#define DFL_EXTENDED_MS         -1
-#define DFL_ETM                 -1
-#define DFL_SERIALIZE           0
-#define DFL_CONTEXT_FILE        ""
-#define DFL_EXTENDED_MS_ENFORCE -1
-#define DFL_CA_CALLBACK         0
-#define DFL_EAP_TLS             0
-#define DFL_REPRODUCIBLE        0
-#define DFL_NSS_KEYLOG          0
-#define DFL_NSS_KEYLOG_FILE     NULL
-#define DFL_SKIP_CLOSE_NOTIFY   0
-#define DFL_QUERY_CONFIG_MODE   0
-#define DFL_USE_SRTP            0
-#define DFL_SRTP_FORCE_PROFILE  0
-#define DFL_SRTP_MKI            ""
-
-#define GET_REQUEST "GET %s HTTP/1.0\r\nExtra-header: "
-#define GET_REQUEST_END "\r\n\r\n"
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-#define USAGE_CONTEXT_CRT_CB \
-    "    context_crt_cb=%%d   This determines whether the CRT verification callback is bound\n" \
-    "                        to the SSL configuration of the SSL context.\n" \
-    "                        Possible values:\n"\
-    "                        - 0 (default): Use CRT callback bound to configuration\n" \
-    "                        - 1: Use CRT callback bound to SSL context\n"
-#else
-#define USAGE_CONTEXT_CRT_CB ""
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-#if defined(MBEDTLS_FS_IO)
-#define USAGE_IO \
-    "    ca_file=%%s          The single file containing the top-level CA(s) you fully trust\n" \
-    "                        default: \"\" (pre-loaded)\n" \
-    "                        use \"none\" to skip loading any top-level CAs.\n" \
-    "    ca_path=%%s          The path containing the top-level CA(s) you fully trust\n" \
-    "                        default: \"\" (pre-loaded) (overrides ca_file)\n" \
-    "                        use \"none\" to skip loading any top-level CAs.\n" \
-    "    crt_file=%%s         Your own cert and chain (in bottom to top order, top may be omitted)\n" \
-    "                        default: \"\" (pre-loaded)\n" \
-    "    key_file=%%s         default: \"\" (pre-loaded)\n"\
-    "    key_pwd=%%s          Password for key specified by key_file argument\n"\
-    "                        default: none\n"
-#else
-#define USAGE_IO \
-    "    No file operations available (MBEDTLS_FS_IO not defined)\n"
-#endif /* MBEDTLS_FS_IO */
-#else /* MBEDTLS_X509_CRT_PARSE_C */
-#define USAGE_IO ""
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C)
-#define USAGE_KEY_OPAQUE \
-    "    key_opaque=%%d       Handle your private key as if it were opaque\n" \
-    "                        default: 0 (disabled)\n"
-#else
-#define USAGE_KEY_OPAQUE ""
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-#define USAGE_CID \
-    "    cid=%%d             Disable (0) or enable (1) the use of the DTLS Connection ID extension.\n" \
-    "                       default: 0 (disabled)\n"     \
-    "    cid_renego=%%d      Disable (0) or enable (1) the use of the DTLS Connection ID extension during renegotiation.\n" \
-    "                       default: same as 'cid' parameter\n"     \
-    "    cid_val=%%s          The CID to use for incoming messages (in hex, without 0x).\n"  \
-    "                        default: \"\"\n" \
-    "    cid_val_renego=%%s   The CID to use for incoming messages (in hex, without 0x) after renegotiation.\n"  \
-    "                        default: same as 'cid_val' parameter\n"
-#else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-#define USAGE_CID ""
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-#define USAGE_PSK_RAW                                               \
-    "    psk=%%s              default: \"\" (disabled)\n"     \
-    "                          The PSK values are in hex, without 0x.\n" \
-    "    psk_identity=%%s     default: \"Client_identity\"\n"
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#define USAGE_PSK_SLOT                          \
-    "    psk_opaque=%%d       default: 0 (don't use opaque static PSK)\n"     \
-    "                          Enable this to store the PSK configured through command line\n" \
-    "                          parameter `psk` in a PSA-based key slot.\n" \
-    "                          Note: Currently only supported in conjunction with\n"                  \
-    "                          the use of min_version to force TLS 1.2 and force_ciphersuite \n"      \
-    "                          to force a particular PSK-only ciphersuite.\n"                         \
-    "                          Note: This is to test integration of PSA-based opaque PSKs with\n"     \
-    "                          Mbed TLS only. Production systems are likely to configure Mbed TLS\n"  \
-    "                          with prepopulated key slots instead of importing raw key material.\n"
-#else
-#define USAGE_PSK_SLOT ""
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-#define USAGE_PSK USAGE_PSK_RAW USAGE_PSK_SLOT
-#else
-#define USAGE_PSK ""
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-#define USAGE_CA_CALLBACK                       \
-    "   ca_callback=%%d       default: 0 (disabled)\n"      \
-    "                         Enable this to use the trusted certificate callback function\n"
-#else
-#define USAGE_CA_CALLBACK ""
-#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-#define USAGE_TICKETS                                       \
-    "    tickets=%%d          default: 1 (enabled)\n"
-#else
-#define USAGE_TICKETS ""
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
-
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-#define USAGE_EAP_TLS                                       \
-    "    eap_tls=%%d          default: 0 (disabled)\n"
-#define USAGE_NSS_KEYLOG                                    \
-    "    nss_keylog=%%d          default: 0 (disabled)\n"               \
-    "                             This cannot be used with eap_tls=1\n"
-#define USAGE_NSS_KEYLOG_FILE                               \
-    "    nss_keylog_file=%%s\n"
-#if defined(MBEDTLS_SSL_DTLS_SRTP)
-#define USAGE_SRTP \
-    "    use_srtp=%%d         default: 0 (disabled)\n" \
-    "                          This cannot be used with eap_tls=1 or "\
-    "                          nss_keylog=1\n"             \
-    "    srtp_force_profile=%%d  default: 0 (all enabled)\n"   \
-    "                        available profiles:\n"       \
-    "                        1 - SRTP_AES128_CM_HMAC_SHA1_80\n"  \
-    "                        2 - SRTP_AES128_CM_HMAC_SHA1_32\n"  \
-    "                        3 - SRTP_NULL_HMAC_SHA1_80\n"       \
-    "                        4 - SRTP_NULL_HMAC_SHA1_32\n"       \
-    "    mki=%%s              default: \"\" (in hex, without 0x)\n"
-#else /* MBEDTLS_SSL_DTLS_SRTP */
-#define USAGE_SRTP ""
-#endif
-#else /* MBEDTLS_SSL_EXPORT_KEYS */
-#define USAGE_EAP_TLS ""
-#define USAGE_NSS_KEYLOG ""
-#define USAGE_NSS_KEYLOG_FILE ""
-#define USAGE_SRTP ""
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-#define USAGE_TRUNC_HMAC                                    \
-    "    trunc_hmac=%%d       default: library default\n"
-#else
-#define USAGE_TRUNC_HMAC ""
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-#define USAGE_MAX_FRAG_LEN                                      \
-    "    max_frag_len=%%d     default: 16384 (tls default)\n"   \
-    "                        options: 512, 1024, 2048, 4096\n"
-#else
-#define USAGE_MAX_FRAG_LEN ""
-#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-
-#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
-#define USAGE_RECSPLIT \
-    "    recsplit=0/1        default: (library default: on)\n"
-#else
-#define USAGE_RECSPLIT
-#endif
-
-#if defined(MBEDTLS_DHM_C)
-#define USAGE_DHMLEN \
-    "    dhmlen=%%d           default: (library default: 1024 bits)\n"
-#else
-#define USAGE_DHMLEN
-#endif
-
-#if defined(MBEDTLS_SSL_ALPN)
-#define USAGE_ALPN \
-    "    alpn=%%s             default: \"\" (disabled)\n"   \
-    "                        example: spdy/1,http/1.1\n"
-#else
-#define USAGE_ALPN ""
-#endif /* MBEDTLS_SSL_ALPN */
-
-#if defined(MBEDTLS_ECP_C)
-#define USAGE_CURVES \
-    "    curves=a,b,c,d      default: \"default\" (library default)\n"  \
-    "                        example: \"secp521r1,brainpoolP512r1\"\n"  \
-    "                        - use \"none\" for empty list\n"           \
-    "                        - see mbedtls_ecp_curve_list()\n"          \
-    "                          for acceptable curve names\n"
-#else
-#define USAGE_CURVES ""
-#endif
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-#define USAGE_DTLS \
-    "    dtls=%%d             default: 0 (TLS)\n"                           \
-    "    hs_timeout=%%d-%%d    default: (library default: 1000-60000)\n"    \
-    "                        range of DTLS handshake timeouts in millisecs\n" \
-    "    mtu=%%d              default: (library default: unlimited)\n"  \
-    "    dgram_packing=%%d    default: 1 (allowed)\n"                   \
-    "                        allow or forbid packing of multiple\n" \
-    "                        records within a single datgram.\n"
-#else
-#define USAGE_DTLS ""
-#endif
-
-#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
-#define USAGE_FALLBACK \
-    "    fallback=0/1        default: (library default: off)\n"
-#else
-#define USAGE_FALLBACK ""
-#endif
-
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-#define USAGE_EMS \
-    "    extended_ms=0/1     default: (library default: on)\n"
-#else
-#define USAGE_EMS ""
-#endif
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-#define USAGE_ETM \
-    "    etm=0/1             default: (library default: on)\n"
-#else
-#define USAGE_ETM ""
-#endif
-
-#define USAGE_REPRODUCIBLE \
-    "    reproducible=0/1     default: 0 (disabled)\n"
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-#define USAGE_RENEGO \
-    "    renegotiation=%%d    default: 0 (disabled)\n"      \
-    "    renegotiate=%%d      default: 0 (disabled)\n"
-#else
-#define USAGE_RENEGO ""
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-#define USAGE_ECJPAKE \
-    "    ecjpake_pw=%%s       default: none (disabled)\n"
-#else
-#define USAGE_ECJPAKE ""
-#endif
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-#define USAGE_ECRESTART \
-    "    ec_max_ops=%%s       default: library default (restart disabled)\n"
-#else
-#define USAGE_ECRESTART ""
-#endif
-
-#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
-#define USAGE_SERIALIZATION \
-    "    serialize=%%d        default: 0 (do not serialize/deserialize)\n"     \
-    "                        options: 1 (serialize)\n"                         \
-    "                                 2 (serialize with re-initialization)\n"  \
-    "    context_file=%%s     The file path to write a serialized connection\n"\
-    "                        in the form of base64 code (serialize option\n"   \
-    "                        must be set)\n"                                   \
-    "                         default: \"\" (do nothing)\n"                    \
-    "                         option: a file path\n"
-#else
-#define USAGE_SERIALIZATION ""
-#endif
-
-/* USAGE is arbitrarily split to stay under the portable string literal
- * length limit: 4095 bytes in C99. */
-#define USAGE1 \
-    "\n usage: ssl_client2 param=<>...\n"                   \
-    "\n acceptable parameters:\n"                           \
-    "    server_name=%%s      default: localhost\n"         \
-    "    server_addr=%%s      default: given by name\n"     \
-    "    server_port=%%d      default: 4433\n"              \
-    "    request_page=%%s     default: \".\"\n"             \
-    "    request_size=%%d     default: about 34 (basic request)\n"           \
-    "                        (minimum: 0, max: " MAX_REQUEST_SIZE_STR ")\n"  \
-    "                        If 0, in the first exchange only an empty\n"    \
-    "                        application data message is sent followed by\n" \
-    "                        a second non-empty message before attempting\n" \
-    "                        to read a response from the server\n"           \
-    "    debug_level=%%d      default: 0 (disabled)\n"             \
-    "    nbio=%%d             default: 0 (blocking I/O)\n"         \
-    "                        options: 1 (non-blocking), 2 (added delays)\n"   \
-    "    event=%%d            default: 0 (loop)\n"                            \
-    "                        options: 1 (level-triggered, implies nbio=1),\n" \
-    "    read_timeout=%%d     default: 0 ms (no timeout)\n"        \
-    "    max_resend=%%d       default: 0 (no resend on timeout)\n" \
-    "    skip_close_notify=%%d default: 0 (send close_notify)\n" \
-    "\n"                                                    \
-    USAGE_DTLS                                              \
-    USAGE_CID                                               \
-    USAGE_SRTP                                              \
-    "\n"
-#define USAGE2 \
-    "    auth_mode=%%s        default: (library default: none)\n" \
-    "                        options: none, optional, required\n" \
-    USAGE_IO                                                \
-    USAGE_KEY_OPAQUE                                        \
-    USAGE_CA_CALLBACK                                       \
-    "\n"                                                    \
-    USAGE_PSK                                               \
-    USAGE_ECJPAKE                                           \
-    USAGE_ECRESTART                                         \
-    "\n"
-#define USAGE3 \
-    "    allow_legacy=%%d     default: (library default: no)\n"   \
-    USAGE_RENEGO                                            \
-    "    exchanges=%%d        default: 1\n"                 \
-    "    reconnect=%%d        number of reconnections using session resumption\n" \
-    "                        default: 0 (disabled)\n"      \
-    "    reco_delay=%%d       default: 0 seconds\n"         \
-    "    reco_mode=%%d        0: copy session, 1: serialize session\n" \
-    "                        default: 1\n"      \
-    "    reconnect_hard=%%d   default: 0 (disabled)\n"      \
-    USAGE_TICKETS                                           \
-    USAGE_EAP_TLS                                           \
-    USAGE_MAX_FRAG_LEN                                      \
-    USAGE_TRUNC_HMAC                                        \
-    USAGE_CONTEXT_CRT_CB                                    \
-    USAGE_ALPN                                              \
-    USAGE_FALLBACK                                          \
-    USAGE_EMS                                               \
-    USAGE_ETM                                               \
-    USAGE_REPRODUCIBLE                                      \
-    USAGE_CURVES                                            \
-    USAGE_RECSPLIT                                          \
-    USAGE_DHMLEN                                            \
-    "\n"
-#define USAGE4 \
-    "    arc4=%%d             default: (library default: 0)\n" \
-    "    allow_sha1=%%d       default: 0\n"                             \
-    "    min_version=%%s      default: (library default: tls1)\n"       \
-    "    max_version=%%s      default: (library default: tls1_2)\n"     \
-    "    force_version=%%s    default: \"\" (none)\n"       \
-    "                        options: ssl3, tls1, tls1_1, tls1_2, dtls1, dtls1_2\n" \
-    "\n"                                                    \
-    "    force_ciphersuite=<name>    default: all enabled\n"\
-    "    query_config=<name>         return 0 if the specified\n"       \
-    "                                configuration macro is defined and 1\n"  \
-    "                                otherwise. The expansion of the macro\n" \
-    "                                is printed if it is defined\n"     \
-    USAGE_SERIALIZATION                                     \
-    " acceptable ciphersuite names:\n"
-
-#define ALPN_LIST_SIZE  10
-#define CURVE_LIST_SIZE 20
-
-
-/*
- * global options
- */
-struct options
-{
-    const char *server_name;    /* hostname of the server (client only)     */
-    const char *server_addr;    /* address of the server (client only)      */
-    const char *server_port;    /* port on which the ssl service runs       */
-    int debug_level;            /* level of debugging                       */
-    int nbio;                   /* should I/O be blocking?                  */
-    int event;                  /* loop or event-driven IO? level or edge triggered? */
-    uint32_t read_timeout;      /* timeout on mbedtls_ssl_read() in milliseconds     */
-    int max_resend;             /* DTLS times to resend on read timeout     */
-    const char *request_page;   /* page on server to request                */
-    int request_size;           /* pad request with header to requested size */
-    const char *ca_file;        /* the file with the CA certificate(s)      */
-    const char *ca_path;        /* the path with the CA certificate(s) reside */
-    const char *crt_file;       /* the file with the client certificate     */
-    const char *key_file;       /* the file with the client key             */
-    int key_opaque;             /* handle private key as if it were opaque  */
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    int psk_opaque;
-#endif
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-    int ca_callback;            /* Use callback for trusted certificate list */
-#endif
-    const char *key_pwd;        /* the password for the client key          */
-    const char *psk;            /* the pre-shared key                       */
-    const char *psk_identity;   /* the pre-shared key identity              */
-    const char *ecjpake_pw;     /* the EC J-PAKE password                   */
-    int ec_max_ops;             /* EC consecutive operations limit          */
-    int force_ciphersuite[2];   /* protocol/ciphersuite to use, or all      */
-    int renegotiation;          /* enable / disable renegotiation           */
-    int allow_legacy;           /* allow legacy renegotiation               */
-    int renegotiate;            /* attempt renegotiation?                   */
-    int renego_delay;           /* delay before enforcing renegotiation     */
-    int exchanges;              /* number of data exchanges                 */
-    int min_version;            /* minimum protocol version accepted        */
-    int max_version;            /* maximum protocol version accepted        */
-    int arc4;                   /* flag for arc4 suites support             */
-    int allow_sha1;             /* flag for SHA-1 support                   */
-    int auth_mode;              /* verify mode for connection               */
-    unsigned char mfl_code;     /* code for maximum fragment length         */
-    int trunc_hmac;             /* negotiate truncated hmac or not          */
-    int recsplit;               /* enable record splitting?                 */
-    int dhmlen;                 /* minimum DHM params len in bits           */
-    int reconnect;              /* attempt to resume session                */
-    int reco_delay;             /* delay in seconds before resuming session */
-    int reco_mode;              /* how to keep the session around           */
-    int reconnect_hard;         /* unexpectedly reconnect from the same port */
-    int tickets;                /* enable / disable session tickets         */
-    const char *curves;         /* list of supported elliptic curves        */
-    const char *alpn_string;    /* ALPN supported protocols                 */
-    int transport;              /* TLS or DTLS?                             */
-    uint32_t hs_to_min;         /* Initial value of DTLS handshake timer    */
-    uint32_t hs_to_max;         /* Max value of DTLS handshake timer        */
-    int dtls_mtu;               /* UDP Maximum tranport unit for DTLS       */
-    int fallback;               /* is this a fallback connection?           */
-    int dgram_packing;          /* allow/forbid datagram packing            */
-    int extended_ms;            /* negotiate extended master secret?        */
-    int etm;                    /* negotiate encrypt then mac?              */
-    int context_crt_cb;         /* use context-specific CRT verify callback */
-    int eap_tls;                /* derive EAP-TLS keying material?          */
-    int nss_keylog;             /* export NSS key log material              */
-    const char *nss_keylog_file; /* NSS key log file                        */
-    int cid_enabled;            /* whether to use the CID extension or not  */
-    int cid_enabled_renego;     /* whether to use the CID extension or not
-                                 * during renegotiation                     */
-    const char *cid_val;        /* the CID to use for incoming messages     */
-    int serialize;              /* serialize/deserialize connection         */
-    const char *context_file;   /* the file to write a serialized connection
-                                 * in the form of base64 code (serialize
-                                 * option must be set)                      */
-    const char *cid_val_renego; /* the CID to use for incoming messages
-                                 * after renegotiation                      */
-    int reproducible;           /* make communication reproducible          */
-    int skip_close_notify;      /* skip sending the close_notify alert      */
-    int query_config_mode;      /* whether to read config                   */
-    int use_srtp;               /* Support SRTP                             */
-    int force_srtp_profile;     /* SRTP protection profile to use or all    */
-    const char *mki;            /* The dtls mki value to use                */
-} opt;
-
-int query_config( const char *config );
-
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-typedef struct eap_tls_keys
-{
-    unsigned char master_secret[48];
-    unsigned char randbytes[64];
-    mbedtls_tls_prf_types tls_prf_type;
-} eap_tls_keys;
-
-static int eap_tls_key_derivation ( void *p_expkey,
-                                    const unsigned char *ms,
-                                    const unsigned char *kb,
-                                    size_t maclen,
-                                    size_t keylen,
-                                    size_t ivlen,
-                                    const unsigned char client_random[32],
-                                    const unsigned char server_random[32],
-                                    mbedtls_tls_prf_types tls_prf_type )
-{
-    eap_tls_keys *keys = (eap_tls_keys *)p_expkey;
-
-    ( ( void ) kb );
-    memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
-    memcpy( keys->randbytes, client_random, 32 );
-    memcpy( keys->randbytes + 32, server_random, 32 );
-    keys->tls_prf_type = tls_prf_type;
-
-    if( opt.debug_level > 2 )
-    {
-        mbedtls_printf("exported maclen is %u\n", (unsigned)maclen);
-        mbedtls_printf("exported keylen is %u\n", (unsigned)keylen);
-        mbedtls_printf("exported ivlen is %u\n", (unsigned)ivlen);
-    }
-    return( 0 );
-}
-
-static int nss_keylog_export( void *p_expkey,
-                              const unsigned char *ms,
-                              const unsigned char *kb,
-                              size_t maclen,
-                              size_t keylen,
-                              size_t ivlen,
-                              const unsigned char client_random[32],
-                              const unsigned char server_random[32],
-                              mbedtls_tls_prf_types tls_prf_type )
-{
-    char nss_keylog_line[ 200 ];
-    size_t const client_random_len = 32;
-    size_t const master_secret_len = 48;
-    size_t len = 0;
-    size_t j;
-    int ret = 0;
-
-    ((void) p_expkey);
-    ((void) kb);
-    ((void) maclen);
-    ((void) keylen);
-    ((void) ivlen);
-    ((void) server_random);
-    ((void) tls_prf_type);
-
-    len += sprintf( nss_keylog_line + len,
-                    "%s", "CLIENT_RANDOM " );
-
-    for( j = 0; j < client_random_len; j++ )
-    {
-        len += sprintf( nss_keylog_line + len,
-                        "%02x", client_random[j] );
-    }
-
-    len += sprintf( nss_keylog_line + len, " " );
-
-    for( j = 0; j < master_secret_len; j++ )
-    {
-        len += sprintf( nss_keylog_line + len,
-                        "%02x", ms[j] );
-    }
-
-    len += sprintf( nss_keylog_line + len, "\n" );
-    nss_keylog_line[ len ] = '\0';
-
-    mbedtls_printf( "\n" );
-    mbedtls_printf( "---------------- NSS KEYLOG -----------------\n" );
-    mbedtls_printf( "%s", nss_keylog_line );
-    mbedtls_printf( "---------------------------------------------\n" );
-
-    if( opt.nss_keylog_file != NULL )
-    {
-        FILE *f;
-
-        if( ( f = fopen( opt.nss_keylog_file, "a" ) ) == NULL )
-        {
-            ret = -1;
-            goto exit;
-        }
-
-        if( fwrite( nss_keylog_line, 1, len, f ) != len )
-        {
-            ret = -1;
-            fclose( f );
-            goto exit;
-        }
-
-        fclose( f );
-    }
-
-exit:
-    mbedtls_platform_zeroize( nss_keylog_line,
-                              sizeof( nss_keylog_line ) );
-    return( ret );
-}
-
-#if defined( MBEDTLS_SSL_DTLS_SRTP )
-/* Supported SRTP mode needs a maximum of :
- * - 16 bytes for key (AES-128)
- * - 14 bytes SALT
- * One for sender, one for receiver context
- */
-#define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH    60
-typedef struct dtls_srtp_keys
-{
-    unsigned char master_secret[48];
-    unsigned char randbytes[64];
-    mbedtls_tls_prf_types tls_prf_type;
-} dtls_srtp_keys;
-
-static int dtls_srtp_key_derivation( void *p_expkey,
-                                     const unsigned char *ms,
-                                     const unsigned char *kb,
-                                     size_t maclen,
-                                     size_t keylen,
-                                     size_t ivlen,
-                                     const unsigned char client_random[32],
-                                     const unsigned char server_random[32],
-                                     mbedtls_tls_prf_types tls_prf_type )
-{
-    dtls_srtp_keys *keys = (dtls_srtp_keys *)p_expkey;
-
-    ( ( void ) kb );
-    memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
-    memcpy( keys->randbytes, client_random, 32 );
-    memcpy( keys->randbytes + 32, server_random, 32 );
-    keys->tls_prf_type = tls_prf_type;
-
-    if( opt.debug_level > 2 )
-    {
-        mbedtls_printf( "exported maclen is %u\n", (unsigned) maclen );
-        mbedtls_printf( "exported keylen is %u\n", (unsigned) keylen );
-        mbedtls_printf( "exported ivlen is %u\n", (unsigned) ivlen );
-    }
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */
-
-static void my_debug( void *ctx, int level,
-                      const char *file, int line,
-                      const char *str )
-{
-    const char *p, *basename;
-
-    /* Extract basename from file */
-    for( p = basename = file; *p != '\0'; p++ )
-        if( *p == '/' || *p == '\\' )
-            basename = p + 1;
-
-    mbedtls_fprintf( (FILE *) ctx, "%s:%04d: |%d| %s",
-                     basename, line, level, str );
-    fflush(  (FILE *) ctx  );
-}
-
-
-mbedtls_time_t dummy_constant_time( mbedtls_time_t* time )
-{
-    (void) time;
-    return 0x5af2a056;
-}
-
-int dummy_entropy( void *data, unsigned char *output, size_t len )
-{
-    size_t i;
-    int ret;
-    (void) data;
-
-    ret = mbedtls_entropy_func( data, output, len );
-    for ( i = 0; i < len; i++ )
-    {
-        //replace result with pseudo random
-        output[i] = (unsigned char) rand();
-    }
-    return( ret );
-}
-
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-int ca_callback( void *data, mbedtls_x509_crt const *child,
-                 mbedtls_x509_crt **candidates )
-{
-    int ret = 0;
-    mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data;
-    mbedtls_x509_crt *first;
-
-    /* This is a test-only implementation of the CA callback
-     * which always returns the entire list of trusted certificates.
-     * Production implementations managing a large number of CAs
-     * should use an efficient presentation and lookup for the
-     * set of trusted certificates (such as a hashtable) and only
-     * return those trusted certificates which satisfy basic
-     * parental checks, such as the matching of child `Issuer`
-     * and parent `Subject` field or matching key identifiers. */
-    ((void) child);
-
-    first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
-    if( first == NULL )
-    {
-        ret = -1;
-        goto exit;
-    }
-    mbedtls_x509_crt_init( first );
-
-    if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
-    {
-        ret = -1;
-        goto exit;
-    }
-
-    while( ca->next != NULL )
-    {
-        ca = ca->next;
-        if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
-        {
-            ret = -1;
-            goto exit;
-        }
-    }
-
-exit:
-
-    if( ret != 0 )
-    {
-        mbedtls_x509_crt_free( first );
-        mbedtls_free( first );
-        first = NULL;
-    }
-
-    *candidates = first;
-    return( ret );
-}
-#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
-
-/*
- * Test recv/send functions that make sure each try returns
- * WANT_READ/WANT_WRITE at least once before sucesseding
- */
-
-static int delayed_recv( void *ctx, unsigned char *buf, size_t len )
-{
-    static int first_try = 1;
-    int ret;
-
-    if( first_try )
-    {
-        first_try = 0;
-        return( MBEDTLS_ERR_SSL_WANT_READ );
-    }
-
-    ret = mbedtls_net_recv( ctx, buf, len );
-    if( ret != MBEDTLS_ERR_SSL_WANT_READ )
-        first_try = 1; /* Next call will be a new operation */
-    return( ret );
-}
-
-static int delayed_send( void *ctx, const unsigned char *buf, size_t len )
-{
-    static int first_try = 1;
-    int ret;
-
-    if( first_try )
-    {
-        first_try = 0;
-        return( MBEDTLS_ERR_SSL_WANT_WRITE );
-    }
-
-    ret = mbedtls_net_send( ctx, buf, len );
-    if( ret != MBEDTLS_ERR_SSL_WANT_WRITE )
-        first_try = 1; /* Next call will be a new operation */
-    return( ret );
-}
-
-typedef struct
-{
-    mbedtls_ssl_context *ssl;
-    mbedtls_net_context *net;
-} io_ctx_t;
-
-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
-static int ssl_check_record( mbedtls_ssl_context const *ssl,
-                             unsigned char const *buf, size_t len )
-{
-    int ret;
-    unsigned char *tmp_buf;
-
-    tmp_buf = mbedtls_calloc( 1, len );
-    if( tmp_buf == NULL )
-        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-    memcpy( tmp_buf, buf, len );
-
-    ret = mbedtls_ssl_check_record( ssl, tmp_buf, len );
-    if( ret != MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE )
-    {
-        int ret_repeated;
-
-        /* Test-only: Make sure that mbedtls_ssl_check_record()
-         *            doesn't alter state. */
-        memcpy( tmp_buf, buf, len ); /* Restore buffer */
-        ret_repeated = mbedtls_ssl_check_record( ssl, tmp_buf, len );
-        if( ret != ret_repeated )
-        {
-            mbedtls_printf( "mbedtls_ssl_check_record() returned inconsistent results.\n" );
-            return( -1 );
-        }
-
-        switch( ret )
-        {
-            case 0:
-                break;
-
-            case MBEDTLS_ERR_SSL_INVALID_RECORD:
-                if( opt.debug_level > 1 )
-                    mbedtls_printf( "mbedtls_ssl_check_record() detected invalid record.\n" );
-                break;
-
-            case MBEDTLS_ERR_SSL_INVALID_MAC:
-                if( opt.debug_level > 1 )
-                    mbedtls_printf( "mbedtls_ssl_check_record() detected unauthentic record.\n" );
-                break;
-
-            case MBEDTLS_ERR_SSL_UNEXPECTED_RECORD:
-                if( opt.debug_level > 1 )
-                    mbedtls_printf( "mbedtls_ssl_check_record() detected unexpected record.\n" );
-                break;
-
-            default:
-                mbedtls_printf( "mbedtls_ssl_check_record() failed fatally with -%#04x.\n", (unsigned int) -ret );
-                return( -1 );
-        }
-
-        /* Regardless of the outcome, forward the record to the stack. */
-    }
-
-    mbedtls_free( tmp_buf );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */
-
-static int recv_cb( void *ctx, unsigned char *buf, size_t len )
-{
-    io_ctx_t *io_ctx = (io_ctx_t*) ctx;
-    size_t recv_len;
-    int ret;
-
-    if( opt.nbio == 2 )
-        ret = delayed_recv( io_ctx->net, buf, len );
-    else
-        ret = mbedtls_net_recv( io_ctx->net, buf, len );
-    if( ret < 0 )
-        return( ret );
-    recv_len = (size_t) ret;
-
-    if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        /* Here's the place to do any datagram/record checking
-         * in between receiving the packet from the underlying
-         * transport and passing it on to the TLS stack. */
-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
-        if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
-            return( -1 );
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */
-    }
-
-    return( (int) recv_len );
-}
-
-static int recv_timeout_cb( void *ctx, unsigned char *buf, size_t len,
-                            uint32_t timeout )
-{
-    io_ctx_t *io_ctx = (io_ctx_t*) ctx;
-    int ret;
-    size_t recv_len;
-
-    ret = mbedtls_net_recv_timeout( io_ctx->net, buf, len, timeout );
-    if( ret < 0 )
-        return( ret );
-    recv_len = (size_t) ret;
-
-    if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        /* Here's the place to do any datagram/record checking
-         * in between receiving the packet from the underlying
-         * transport and passing it on to the TLS stack. */
-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
-        if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
-            return( -1 );
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */
-    }
-
-    return( (int) recv_len );
-}
-
-static int send_cb( void *ctx, unsigned char const *buf, size_t len )
-{
-    io_ctx_t *io_ctx = (io_ctx_t*) ctx;
-
-    if( opt.nbio == 2 )
-        return( delayed_send( io_ctx->net, buf, len ) );
-
-    return( mbedtls_net_send( io_ctx->net, buf, len ) );
-}
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-static unsigned char peer_crt_info[1024];
-
-/*
- * Enabled if debug_level > 1 in code below
- */
-static int my_verify( void *data, mbedtls_x509_crt *crt,
-                      int depth, uint32_t *flags )
-{
-    char buf[1024];
-    ((void) data);
-
-    mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
-    if( depth == 0 )
-        memcpy( peer_crt_info, buf, sizeof( buf ) );
-
-    if( opt.debug_level == 0 )
-        return( 0 );
-
-    mbedtls_printf( "\nVerify requested for (Depth %d):\n", depth );
-    mbedtls_printf( "%s", buf );
-
-    if ( ( *flags ) == 0 )
-        mbedtls_printf( "  This certificate has no flags\n" );
-    else
-    {
-        mbedtls_x509_crt_verify_info( buf, sizeof( buf ), "  ! ", *flags );
-        mbedtls_printf( "%s\n", buf );
-    }
-
-    return( 0 );
-}
-
-static int ssl_sig_hashes_for_test[] = {
-#if defined(MBEDTLS_SHA512_C)
-    MBEDTLS_MD_SHA512,
-    MBEDTLS_MD_SHA384,
-#endif
-#if defined(MBEDTLS_SHA256_C)
-    MBEDTLS_MD_SHA256,
-    MBEDTLS_MD_SHA224,
-#endif
-#if defined(MBEDTLS_SHA1_C)
-    /* Allow SHA-1 as we use it extensively in tests. */
-    MBEDTLS_MD_SHA1,
-#endif
-    MBEDTLS_MD_NONE
-};
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-/*
- * Wait for an event from the underlying transport or the timer
- * (Used in event-driven IO mode).
- */
-#if !defined(MBEDTLS_TIMING_C)
-int idle( mbedtls_net_context *fd,
-          int idle_reason )
-#else
-int idle( mbedtls_net_context *fd,
-          mbedtls_timing_delay_context *timer,
-          int idle_reason )
-#endif
-{
-
-    int ret;
-    int poll_type = 0;
-
-    if( idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE )
-        poll_type = MBEDTLS_NET_POLL_WRITE;
-    else if( idle_reason == MBEDTLS_ERR_SSL_WANT_READ )
-        poll_type = MBEDTLS_NET_POLL_READ;
-#if !defined(MBEDTLS_TIMING_C)
-    else
-        return( 0 );
-#endif
-
-    while( 1 )
-    {
-        /* Check if timer has expired */
-#if defined(MBEDTLS_TIMING_C)
-        if( timer != NULL &&
-            mbedtls_timing_get_delay( timer ) == 2 )
-        {
-            break;
-        }
-#endif /* MBEDTLS_TIMING_C */
-
-        /* Check if underlying transport became available */
-        if( poll_type != 0 )
-        {
-            ret = mbedtls_net_poll( fd, poll_type, 0 );
-            if( ret < 0 )
-                return( ret );
-            if( ret == poll_type )
-                break;
-        }
-    }
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-int report_cid_usage( mbedtls_ssl_context *ssl,
-                      const char *additional_description )
-{
-    int ret;
-    unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ];
-    size_t peer_cid_len;
-    int cid_negotiated;
-
-    if( opt.transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        return( 0 );
-
-    /* Check if the use of a CID has been negotiated,
-     * but don't ask for the CID value and length.
-     *
-     * Note: Here and below, we're demonstrating the various ways
-     *       in which mbedtls_ssl_get_peer_cid() can be called,
-     *       depending on whether or not the length/value of the
-     *       peer's CID is needed.
-     *
-     *       An actual application, however, should use
-     *       just one call to mbedtls_ssl_get_peer_cid(). */
-    ret = mbedtls_ssl_get_peer_cid( ssl, &cid_negotiated,
-                                    NULL, NULL );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n",
-                        (unsigned int) -ret );
-        return( ret );
-    }
-
-    if( cid_negotiated == MBEDTLS_SSL_CID_DISABLED )
-    {
-        if( opt.cid_enabled == MBEDTLS_SSL_CID_ENABLED )
-        {
-            mbedtls_printf( "(%s) Use of Connection ID was rejected by the server.\n",
-                            additional_description );
-        }
-    }
-    else
-    {
-        size_t idx=0;
-        mbedtls_printf( "(%s) Use of Connection ID has been negotiated.\n",
-                        additional_description );
-
-        /* Ask for just the length of the peer's CID. */
-        ret = mbedtls_ssl_get_peer_cid( ssl, &cid_negotiated,
-                                        NULL, &peer_cid_len );
-        if( ret != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n",
-                            (unsigned int) -ret );
-            return( ret );
-        }
-
-        /* Ask for just length + value of the peer's CID. */
-        ret = mbedtls_ssl_get_peer_cid( ssl, &cid_negotiated,
-                                        peer_cid, &peer_cid_len );
-        if( ret != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n",
-                            (unsigned int) -ret );
-            return( ret );
-        }
-        mbedtls_printf( "(%s) Peer CID (length %u Bytes): ",
-                        additional_description,
-                        (unsigned) peer_cid_len );
-        while( idx < peer_cid_len )
-        {
-            mbedtls_printf( "%02x ", peer_cid[ idx ] );
-            idx++;
-        }
-        mbedtls_printf( "\n" );
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-int main( int argc, char *argv[] )
-{
-    int ret = 0, len, tail_len, i, written, frags, retry_left;
-    int query_config_ret = 0;
-    mbedtls_net_context server_fd;
-    io_ctx_t io_ctx;
-
-    unsigned char buf[MAX_REQUEST_SIZE + 1];
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-    unsigned char psk[MBEDTLS_PSK_MAX_LEN];
-    size_t psk_len = 0;
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    unsigned char cid[MBEDTLS_SSL_CID_IN_LEN_MAX];
-    unsigned char cid_renego[MBEDTLS_SSL_CID_IN_LEN_MAX];
-    size_t cid_len = 0;
-    size_t cid_renego_len = 0;
-#endif
-
-#if defined(MBEDTLS_SSL_ALPN)
-    const char *alpn_list[ALPN_LIST_SIZE];
-#endif
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-    unsigned char alloc_buf[MEMORY_HEAP_SIZE];
-#endif
-
-#if defined(MBEDTLS_ECP_C)
-    mbedtls_ecp_group_id curve_list[CURVE_LIST_SIZE];
-    const mbedtls_ecp_curve_info *curve_cur;
-#endif
-#if defined(MBEDTLS_SSL_DTLS_SRTP)
-    unsigned char mki[MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH];
-    size_t mki_len=0;
-#endif
-
-    const char *pers = "ssl_client2";
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_key_id_t slot = 0;
-    psa_algorithm_t alg = 0;
-    psa_key_attributes_t key_attributes;
-    psa_status_t status;
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
-#endif
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-    mbedtls_ssl_session saved_session;
-    unsigned char *session_data = NULL;
-    size_t session_data_len = 0;
-#if defined(MBEDTLS_TIMING_C)
-    mbedtls_timing_delay_context timer;
-#endif
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    uint32_t flags;
-    mbedtls_x509_crt cacert;
-    mbedtls_x509_crt clicert;
-    mbedtls_pk_context pkey;
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_key_id_t key_slot = 0; /* invalid key slot */
-#endif
-#endif
-    char *p, *q;
-    const int *list;
-#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
-    unsigned char *context_buf = NULL;
-    size_t context_buf_len;
-#endif
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-    unsigned char eap_tls_keymaterial[16];
-    unsigned char eap_tls_iv[8];
-    const char* eap_tls_label = "client EAP encryption";
-    eap_tls_keys eap_tls_keying;
-#if defined( MBEDTLS_SSL_DTLS_SRTP )
-    /*! master keys and master salt for SRTP generated during handshake */
-    unsigned char dtls_srtp_key_material[MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH];
-    const char* dtls_srtp_label = "EXTRACTOR-dtls_srtp";
-    dtls_srtp_keys dtls_srtp_keying;
-    const mbedtls_ssl_srtp_profile default_profiles[] = {
-        MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80,
-        MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32,
-        MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80,
-        MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32,
-        MBEDTLS_TLS_SRTP_UNSET
-    };
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-    mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
-#endif
-
-    /*
-     * Make sure memory references are valid.
-     */
-    mbedtls_net_init( &server_fd );
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_config_init( &conf );
-    memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    mbedtls_x509_crt_init( &cacert );
-    mbedtls_x509_crt_init( &clicert );
-    mbedtls_pk_init( &pkey );
-#endif
-#if defined(MBEDTLS_SSL_ALPN)
-    memset( (void * ) alpn_list, 0, sizeof( alpn_list ) );
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    status = psa_crypto_init();
-    if( status != PSA_SUCCESS )
-    {
-        mbedtls_fprintf( stderr, "Failed to initialize PSA Crypto implementation: %d\n",
-                         (int) status );
-        ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
-        goto exit;
-    }
-#endif
-
-    if( argc == 0 )
-    {
-    usage:
-        if( ret == 0 )
-            ret = 1;
-
-        mbedtls_printf( USAGE1 );
-        mbedtls_printf( USAGE2 );
-        mbedtls_printf( USAGE3 );
-        mbedtls_printf( USAGE4 );
-
-        list = mbedtls_ssl_list_ciphersuites();
-        while( *list )
-        {
-            mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name( *list ) );
-            list++;
-            if( !*list )
-                break;
-            mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) );
-            list++;
-        }
-        mbedtls_printf("\n");
-        goto exit;
-    }
-
-    opt.server_name         = DFL_SERVER_NAME;
-    opt.server_addr         = DFL_SERVER_ADDR;
-    opt.server_port         = DFL_SERVER_PORT;
-    opt.debug_level         = DFL_DEBUG_LEVEL;
-    opt.cid_enabled         = DFL_CID_ENABLED;
-    opt.cid_val             = DFL_CID_VALUE;
-    opt.cid_enabled_renego  = DFL_CID_ENABLED_RENEGO;
-    opt.cid_val_renego      = DFL_CID_VALUE_RENEGO;
-    opt.nbio                = DFL_NBIO;
-    opt.event               = DFL_EVENT;
-    opt.context_crt_cb      = DFL_CONTEXT_CRT_CB;
-    opt.read_timeout        = DFL_READ_TIMEOUT;
-    opt.max_resend          = DFL_MAX_RESEND;
-    opt.request_page        = DFL_REQUEST_PAGE;
-    opt.request_size        = DFL_REQUEST_SIZE;
-    opt.ca_file             = DFL_CA_FILE;
-    opt.ca_path             = DFL_CA_PATH;
-    opt.crt_file            = DFL_CRT_FILE;
-    opt.key_file            = DFL_KEY_FILE;
-    opt.key_opaque          = DFL_KEY_OPAQUE;
-    opt.key_pwd             = DFL_KEY_PWD;
-    opt.psk                 = DFL_PSK;
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    opt.psk_opaque          = DFL_PSK_OPAQUE;
-#endif
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-    opt.ca_callback         = DFL_CA_CALLBACK;
-#endif
-    opt.psk_identity        = DFL_PSK_IDENTITY;
-    opt.ecjpake_pw          = DFL_ECJPAKE_PW;
-    opt.ec_max_ops          = DFL_EC_MAX_OPS;
-    opt.force_ciphersuite[0]= DFL_FORCE_CIPHER;
-    opt.renegotiation       = DFL_RENEGOTIATION;
-    opt.allow_legacy        = DFL_ALLOW_LEGACY;
-    opt.renegotiate         = DFL_RENEGOTIATE;
-    opt.exchanges           = DFL_EXCHANGES;
-    opt.min_version         = DFL_MIN_VERSION;
-    opt.max_version         = DFL_MAX_VERSION;
-    opt.arc4                = DFL_ARC4;
-    opt.allow_sha1          = DFL_SHA1;
-    opt.auth_mode           = DFL_AUTH_MODE;
-    opt.mfl_code            = DFL_MFL_CODE;
-    opt.trunc_hmac          = DFL_TRUNC_HMAC;
-    opt.recsplit            = DFL_RECSPLIT;
-    opt.dhmlen              = DFL_DHMLEN;
-    opt.reconnect           = DFL_RECONNECT;
-    opt.reco_delay          = DFL_RECO_DELAY;
-    opt.reco_mode           = DFL_RECO_MODE;
-    opt.reconnect_hard      = DFL_RECONNECT_HARD;
-    opt.tickets             = DFL_TICKETS;
-    opt.alpn_string         = DFL_ALPN_STRING;
-    opt.curves              = DFL_CURVES;
-    opt.transport           = DFL_TRANSPORT;
-    opt.hs_to_min           = DFL_HS_TO_MIN;
-    opt.hs_to_max           = DFL_HS_TO_MAX;
-    opt.dtls_mtu            = DFL_DTLS_MTU;
-    opt.fallback            = DFL_FALLBACK;
-    opt.extended_ms         = DFL_EXTENDED_MS;
-    opt.etm                 = DFL_ETM;
-    opt.dgram_packing       = DFL_DGRAM_PACKING;
-    opt.serialize           = DFL_SERIALIZE;
-    opt.context_file        = DFL_CONTEXT_FILE;
-    opt.eap_tls             = DFL_EAP_TLS;
-    opt.reproducible        = DFL_REPRODUCIBLE;
-    opt.nss_keylog          = DFL_NSS_KEYLOG;
-    opt.nss_keylog_file     = DFL_NSS_KEYLOG_FILE;
-    opt.skip_close_notify   = DFL_SKIP_CLOSE_NOTIFY;
-    opt.query_config_mode   = DFL_QUERY_CONFIG_MODE;
-    opt.use_srtp            = DFL_USE_SRTP;
-    opt.force_srtp_profile  = DFL_SRTP_FORCE_PROFILE;
-    opt.mki                 = DFL_SRTP_MKI;
-
-    for( i = 1; i < argc; i++ )
-    {
-        p = argv[i];
-        if( ( q = strchr( p, '=' ) ) == NULL )
-            goto usage;
-        *q++ = '\0';
-
-        if( strcmp( p, "server_name" ) == 0 )
-            opt.server_name = q;
-        else if( strcmp( p, "server_addr" ) == 0 )
-            opt.server_addr = q;
-        else if( strcmp( p, "server_port" ) == 0 )
-            opt.server_port = q;
-        else if( strcmp( p, "dtls" ) == 0 )
-        {
-            int t = atoi( q );
-            if( t == 0 )
-                opt.transport = MBEDTLS_SSL_TRANSPORT_STREAM;
-            else if( t == 1 )
-                opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
-            else
-                goto usage;
-        }
-        else if( strcmp( p, "debug_level" ) == 0 )
-        {
-            opt.debug_level = atoi( q );
-            if( opt.debug_level < 0 || opt.debug_level > 65535 )
-                goto usage;
-        }
-        else if( strcmp( p, "context_crt_cb" ) == 0 )
-        {
-            opt.context_crt_cb = atoi( q );
-            if( opt.context_crt_cb != 0 && opt.context_crt_cb != 1 )
-                goto usage;
-        }
-        else if( strcmp( p, "nbio" ) == 0 )
-        {
-            opt.nbio = atoi( q );
-            if( opt.nbio < 0 || opt.nbio > 2 )
-                goto usage;
-        }
-        else if( strcmp( p, "event" ) == 0 )
-        {
-            opt.event = atoi( q );
-            if( opt.event < 0 || opt.event > 2 )
-                goto usage;
-        }
-        else if( strcmp( p, "read_timeout" ) == 0 )
-            opt.read_timeout = atoi( q );
-        else if( strcmp( p, "max_resend" ) == 0 )
-        {
-            opt.max_resend = atoi( q );
-            if( opt.max_resend < 0 )
-                goto usage;
-        }
-        else if( strcmp( p, "request_page" ) == 0 )
-            opt.request_page = q;
-        else if( strcmp( p, "request_size" ) == 0 )
-        {
-            opt.request_size = atoi( q );
-            if( opt.request_size < 0 ||
-                opt.request_size > MAX_REQUEST_SIZE )
-                goto usage;
-        }
-        else if( strcmp( p, "ca_file" ) == 0 )
-            opt.ca_file = q;
-        else if( strcmp( p, "ca_path" ) == 0 )
-            opt.ca_path = q;
-        else if( strcmp( p, "crt_file" ) == 0 )
-            opt.crt_file = q;
-        else if( strcmp( p, "key_file" ) == 0 )
-            opt.key_file = q;
-        else if( strcmp( p, "key_pwd" ) == 0 )
-            opt.key_pwd = q;
-#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C)
-        else if( strcmp( p, "key_opaque" ) == 0 )
-            opt.key_opaque = atoi( q );
-#endif
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-        else if( strcmp( p, "cid" ) == 0 )
-        {
-            opt.cid_enabled = atoi( q );
-            if( opt.cid_enabled != 0 && opt.cid_enabled != 1 )
-                goto usage;
-        }
-        else if( strcmp( p, "cid_renego" ) == 0 )
-        {
-            opt.cid_enabled_renego = atoi( q );
-            if( opt.cid_enabled_renego != 0 && opt.cid_enabled_renego != 1 )
-                goto usage;
-        }
-        else if( strcmp( p, "cid_val" ) == 0 )
-        {
-            opt.cid_val = q;
-        }
-        else if( strcmp( p, "cid_val_renego" ) == 0 )
-        {
-            opt.cid_val_renego = q;
-        }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-        else if( strcmp( p, "psk" ) == 0 )
-            opt.psk = q;
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-        else if( strcmp( p, "psk_opaque" ) == 0 )
-            opt.psk_opaque = atoi( q );
-#endif
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-        else if( strcmp( p, "ca_callback" ) == 0)
-            opt.ca_callback = atoi( q );
-#endif
-        else if( strcmp( p, "psk_identity" ) == 0 )
-            opt.psk_identity = q;
-        else if( strcmp( p, "ecjpake_pw" ) == 0 )
-            opt.ecjpake_pw = q;
-        else if( strcmp( p, "ec_max_ops" ) == 0 )
-            opt.ec_max_ops = atoi( q );
-        else if( strcmp( p, "force_ciphersuite" ) == 0 )
-        {
-            opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q );
-
-            if( opt.force_ciphersuite[0] == 0 )
-            {
-                ret = 2;
-                goto usage;
-            }
-            opt.force_ciphersuite[1] = 0;
-        }
-        else if( strcmp( p, "renegotiation" ) == 0 )
-        {
-            opt.renegotiation = (atoi( q )) ?
-                MBEDTLS_SSL_RENEGOTIATION_ENABLED :
-                MBEDTLS_SSL_RENEGOTIATION_DISABLED;
-        }
-        else if( strcmp( p, "allow_legacy" ) == 0 )
-        {
-            switch( atoi( q ) )
-            {
-                case -1:
-                    opt.allow_legacy = MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE;
-                    break;
-                case 0:
-                    opt.allow_legacy = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION;
-                    break;
-                case 1:
-                    opt.allow_legacy = MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION;
-                    break;
-                default: goto usage;
-            }
-        }
-        else if( strcmp( p, "renegotiate" ) == 0 )
-        {
-            opt.renegotiate = atoi( q );
-            if( opt.renegotiate < 0 || opt.renegotiate > 1 )
-                goto usage;
-        }
-        else if( strcmp( p, "exchanges" ) == 0 )
-        {
-            opt.exchanges = atoi( q );
-            if( opt.exchanges < 1 )
-                goto usage;
-        }
-        else if( strcmp( p, "reconnect" ) == 0 )
-        {
-            opt.reconnect = atoi( q );
-            if( opt.reconnect < 0 || opt.reconnect > 2 )
-                goto usage;
-        }
-        else if( strcmp( p, "reco_delay" ) == 0 )
-        {
-            opt.reco_delay = atoi( q );
-            if( opt.reco_delay < 0 )
-                goto usage;
-        }
-        else if( strcmp( p, "reco_mode" ) == 0 )
-        {
-            opt.reco_mode = atoi( q );
-            if( opt.reco_mode < 0 )
-                goto usage;
-        }
-        else if( strcmp( p, "reconnect_hard" ) == 0 )
-        {
-            opt.reconnect_hard = atoi( q );
-            if( opt.reconnect_hard < 0 || opt.reconnect_hard > 1 )
-                goto usage;
-        }
-        else if( strcmp( p, "tickets" ) == 0 )
-        {
-            opt.tickets = atoi( q );
-            if( opt.tickets < 0 || opt.tickets > 2 )
-                goto usage;
-        }
-        else if( strcmp( p, "alpn" ) == 0 )
-        {
-            opt.alpn_string = q;
-        }
-        else if( strcmp( p, "fallback" ) == 0 )
-        {
-            switch( atoi( q ) )
-            {
-                case 0: opt.fallback = MBEDTLS_SSL_IS_NOT_FALLBACK; break;
-                case 1: opt.fallback = MBEDTLS_SSL_IS_FALLBACK; break;
-                default: goto usage;
-            }
-        }
-        else if( strcmp( p, "extended_ms" ) == 0 )
-        {
-            switch( atoi( q ) )
-            {
-                case 0:
-                    opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_DISABLED;
-                    break;
-                case 1:
-                    opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED;
-                    break;
-                default: goto usage;
-            }
-        }
-        else if( strcmp( p, "curves" ) == 0 )
-            opt.curves = q;
-        else if( strcmp( p, "etm" ) == 0 )
-        {
-            switch( atoi( q ) )
-            {
-                case 0: opt.etm = MBEDTLS_SSL_ETM_DISABLED; break;
-                case 1: opt.etm = MBEDTLS_SSL_ETM_ENABLED; break;
-                default: goto usage;
-            }
-        }
-        else if( strcmp( p, "min_version" ) == 0 )
-        {
-            if( strcmp( q, "ssl3" ) == 0 )
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0;
-            else if( strcmp( q, "tls1" ) == 0 )
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1;
-            else if( strcmp( q, "tls1_1" ) == 0 ||
-                     strcmp( q, "dtls1" ) == 0 )
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
-            else if( strcmp( q, "tls1_2" ) == 0 ||
-                     strcmp( q, "dtls1_2" ) == 0 )
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
-            else
-                goto usage;
-        }
-        else if( strcmp( p, "max_version" ) == 0 )
-        {
-            if( strcmp( q, "ssl3" ) == 0 )
-                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0;
-            else if( strcmp( q, "tls1" ) == 0 )
-                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1;
-            else if( strcmp( q, "tls1_1" ) == 0 ||
-                     strcmp( q, "dtls1" ) == 0 )
-                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2;
-            else if( strcmp( q, "tls1_2" ) == 0 ||
-                     strcmp( q, "dtls1_2" ) == 0 )
-                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
-            else
-                goto usage;
-        }
-        else if( strcmp( p, "arc4" ) == 0 )
-        {
-            switch( atoi( q ) )
-            {
-                case 0:     opt.arc4 = MBEDTLS_SSL_ARC4_DISABLED;   break;
-                case 1:     opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED;    break;
-                default:    goto usage;
-            }
-        }
-        else if( strcmp( p, "allow_sha1" ) == 0 )
-        {
-            switch( atoi( q ) )
-            {
-                case 0:     opt.allow_sha1 = 0;   break;
-                case 1:     opt.allow_sha1 = 1;    break;
-                default:    goto usage;
-            }
-        }
-        else if( strcmp( p, "force_version" ) == 0 )
-        {
-            if( strcmp( q, "ssl3" ) == 0 )
-            {
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0;
-                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0;
-            }
-            else if( strcmp( q, "tls1" ) == 0 )
-            {
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1;
-                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1;
-            }
-            else if( strcmp( q, "tls1_1" ) == 0 )
-            {
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
-                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2;
-            }
-            else if( strcmp( q, "tls1_2" ) == 0 )
-            {
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
-                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
-            }
-            else if( strcmp( q, "dtls1" ) == 0 )
-            {
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
-                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2;
-                opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
-            }
-            else if( strcmp( q, "dtls1_2" ) == 0 )
-            {
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
-                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
-                opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
-            }
-            else
-                goto usage;
-        }
-        else if( strcmp( p, "auth_mode" ) == 0 )
-        {
-            if( strcmp( q, "none" ) == 0 )
-                opt.auth_mode = MBEDTLS_SSL_VERIFY_NONE;
-            else if( strcmp( q, "optional" ) == 0 )
-                opt.auth_mode = MBEDTLS_SSL_VERIFY_OPTIONAL;
-            else if( strcmp( q, "required" ) == 0 )
-                opt.auth_mode = MBEDTLS_SSL_VERIFY_REQUIRED;
-            else
-                goto usage;
-        }
-        else if( strcmp( p, "max_frag_len" ) == 0 )
-        {
-            if( strcmp( q, "512" ) == 0 )
-                opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_512;
-            else if( strcmp( q, "1024" ) == 0 )
-                opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_1024;
-            else if( strcmp( q, "2048" ) == 0 )
-                opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_2048;
-            else if( strcmp( q, "4096" ) == 0 )
-                opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_4096;
-            else
-                goto usage;
-        }
-        else if( strcmp( p, "trunc_hmac" ) == 0 )
-        {
-            switch( atoi( q ) )
-            {
-                case 0: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_DISABLED; break;
-                case 1: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; break;
-                default: goto usage;
-            }
-        }
-        else if( strcmp( p, "hs_timeout" ) == 0 )
-        {
-            if( ( p = strchr( q, '-' ) ) == NULL )
-                goto usage;
-            *p++ = '\0';
-            opt.hs_to_min = atoi( q );
-            opt.hs_to_max = atoi( p );
-            if( opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min )
-                goto usage;
-        }
-        else if( strcmp( p, "mtu" ) == 0 )
-        {
-            opt.dtls_mtu = atoi( q );
-            if( opt.dtls_mtu < 0 )
-                goto usage;
-        }
-        else if( strcmp( p, "dgram_packing" ) == 0 )
-        {
-            opt.dgram_packing = atoi( q );
-            if( opt.dgram_packing != 0 &&
-                opt.dgram_packing != 1 )
-            {
-                goto usage;
-            }
-        }
-        else if( strcmp( p, "recsplit" ) == 0 )
-        {
-            opt.recsplit = atoi( q );
-            if( opt.recsplit < 0 || opt.recsplit > 1 )
-                goto usage;
-        }
-        else if( strcmp( p, "dhmlen" ) == 0 )
-        {
-            opt.dhmlen = atoi( q );
-            if( opt.dhmlen < 0 )
-                goto usage;
-        }
-        else if( strcmp( p, "query_config" ) == 0 )
-        {
-            opt.query_config_mode = 1;
-            query_config_ret = query_config( q );
-            goto exit;
-        }
-        else if( strcmp( p, "serialize") == 0 )
-        {
-            opt.serialize = atoi( q );
-            if( opt.serialize < 0 || opt.serialize > 2)
-                goto usage;
-        }
-        else if( strcmp( p, "context_file") == 0 )
-        {
-            opt.context_file = q;
-        }
-        else if( strcmp( p, "eap_tls" ) == 0 )
-        {
-            opt.eap_tls = atoi( q );
-            if( opt.eap_tls < 0 || opt.eap_tls > 1 )
-                goto usage;
-        }
-        else if( strcmp( p, "reproducible" ) == 0 )
-        {
-            opt.reproducible = 1;
-        }
-        else if( strcmp( p, "nss_keylog" ) == 0 )
-        {
-            opt.nss_keylog = atoi( q );
-            if( opt.nss_keylog < 0 || opt.nss_keylog > 1 )
-                goto usage;
-        }
-        else if( strcmp( p, "nss_keylog_file" ) == 0 )
-        {
-            opt.nss_keylog_file = q;
-        }
-        else if( strcmp( p, "skip_close_notify" ) == 0 )
-        {
-            opt.skip_close_notify = atoi( q );
-            if( opt.skip_close_notify < 0 || opt.skip_close_notify > 1 )
-                goto usage;
-        }
-        else if( strcmp( p, "use_srtp" ) == 0 )
-        {
-            opt.use_srtp = atoi ( q );
-        }
-        else if( strcmp( p, "srtp_force_profile" ) == 0 )
-        {
-            opt.force_srtp_profile = atoi( q );
-        }
-        else if( strcmp( p, "mki" ) == 0 )
-        {
-            opt.mki = q;
-        }
-        else
-            goto usage;
-    }
-
-    if( opt.nss_keylog != 0 && opt.eap_tls != 0 )
-    {
-        mbedtls_printf( "Error: eap_tls and nss_keylog options cannot be used together.\n" );
-        goto usage;
-    }
-
-    /* Event-driven IO is incompatible with the above custom
-     * receive and send functions, as the polling builds on
-     * refers to the underlying net_context. */
-    if( opt.event == 1 && opt.nbio != 1 )
-    {
-        mbedtls_printf( "Warning: event-driven IO mandates nbio=1 - overwrite\n" );
-        opt.nbio = 1;
-    }
-
-#if defined(MBEDTLS_DEBUG_C)
-    mbedtls_debug_set_threshold( opt.debug_level );
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-    /*
-     * Unhexify the pre-shared key if any is given
-     */
-    if( strlen( opt.psk ) )
-    {
-        if( mbedtls_test_unhexify( psk, sizeof( psk ),
-                                   opt.psk, &psk_len ) != 0 )
-        {
-            mbedtls_printf( "pre-shared key not valid\n" );
-            goto exit;
-        }
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( opt.psk_opaque != 0 )
-    {
-        if( opt.psk == NULL )
-        {
-            mbedtls_printf( "psk_opaque set but no psk to be imported specified.\n" );
-            ret = 2;
-            goto usage;
-        }
-
-        if( opt.force_ciphersuite[0] <= 0 )
-        {
-            mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
-            ret = 2;
-            goto usage;
-        }
-    }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-    if( opt.force_ciphersuite[0] > 0 )
-    {
-        const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
-        ciphersuite_info =
-            mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] );
-
-        if( opt.max_version != -1 &&
-            ciphersuite_info->min_minor_ver > opt.max_version )
-        {
-            mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
-            ret = 2;
-            goto usage;
-        }
-        if( opt.min_version != -1 &&
-            ciphersuite_info->max_minor_ver < opt.min_version )
-        {
-            mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
-            ret = 2;
-            goto usage;
-        }
-
-        /* If the server selects a version that's not supported by
-         * this suite, then there will be no common ciphersuite... */
-        if( opt.max_version == -1 ||
-            opt.max_version > ciphersuite_info->max_minor_ver )
-        {
-            opt.max_version = ciphersuite_info->max_minor_ver;
-        }
-        if( opt.min_version < ciphersuite_info->min_minor_ver )
-        {
-            opt.min_version = ciphersuite_info->min_minor_ver;
-            /* DTLS starts with TLS 1.1 */
-            if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-                opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 )
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
-        }
-
-        /* Enable RC4 if needed and not explicitly disabled */
-        if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
-        {
-            if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED )
-            {
-                mbedtls_printf( "forced RC4 ciphersuite with RC4 disabled\n" );
-                ret = 2;
-                goto usage;
-            }
-
-            opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED;
-        }
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-        if( opt.psk_opaque != 0 )
-        {
-            /* Ensure that the chosen ciphersuite is PSK-only; we must know
-             * the ciphersuite in advance to set the correct policy for the
-             * PSK key slot. This limitation might go away in the future. */
-            if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK ||
-                opt.min_version != MBEDTLS_SSL_MINOR_VERSION_3 )
-            {
-                mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
-                ret = 2;
-                goto usage;
-            }
-
-            /* Determine KDF algorithm the opaque PSK will be used in. */
-#if defined(MBEDTLS_SHA512_C)
-            if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
-                alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384);
-            else
-#endif /* MBEDTLS_SHA512_C */
-                alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
-        }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-    }
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    if( mbedtls_test_unhexify( cid, sizeof( cid ),
-                               opt.cid_val, &cid_len ) != 0 )
-    {
-        mbedtls_printf( "CID not valid\n" );
-        goto exit;
-    }
-
-    /* Keep CID settings for renegotiation unless
-     * specified otherwise. */
-    if( opt.cid_enabled_renego == DFL_CID_ENABLED_RENEGO )
-        opt.cid_enabled_renego = opt.cid_enabled;
-    if( opt.cid_val_renego == DFL_CID_VALUE_RENEGO )
-        opt.cid_val_renego = opt.cid_val;
-
-    if( mbedtls_test_unhexify( cid_renego, sizeof( cid_renego ),
-                               opt.cid_val_renego, &cid_renego_len ) != 0 )
-    {
-        mbedtls_printf( "CID not valid\n" );
-        goto exit;
-    }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#if defined(MBEDTLS_ECP_C)
-    if( opt.curves != NULL )
-    {
-        p = (char *) opt.curves;
-        i = 0;
-
-        if( strcmp( p, "none" ) == 0 )
-        {
-            curve_list[0] = MBEDTLS_ECP_DP_NONE;
-        }
-        else if( strcmp( p, "default" ) != 0 )
-        {
-            /* Leave room for a final NULL in curve list */
-            while( i < CURVE_LIST_SIZE - 1 && *p != '\0' )
-            {
-                q = p;
-
-                /* Terminate the current string */
-                while( *p != ',' && *p != '\0' )
-                    p++;
-                if( *p == ',' )
-                    *p++ = '\0';
-
-                if( ( curve_cur = mbedtls_ecp_curve_info_from_name( q ) ) != NULL )
-                {
-                    curve_list[i++] = curve_cur->grp_id;
-                }
-                else
-                {
-                    mbedtls_printf( "unknown curve %s\n", q );
-                    mbedtls_printf( "supported curves: " );
-                    for( curve_cur = mbedtls_ecp_curve_list();
-                         curve_cur->grp_id != MBEDTLS_ECP_DP_NONE;
-                         curve_cur++ )
-                    {
-                        mbedtls_printf( "%s ", curve_cur->name );
-                    }
-                    mbedtls_printf( "\n" );
-                    goto exit;
-                }
-            }
-
-            mbedtls_printf("Number of curves: %d\n", i );
-
-            if( i == CURVE_LIST_SIZE - 1 && *p != '\0' )
-            {
-                mbedtls_printf( "curves list too long, maximum %d",
-                                CURVE_LIST_SIZE - 1 );
-                goto exit;
-            }
-
-            curve_list[i] = MBEDTLS_ECP_DP_NONE;
-        }
-    }
-#endif /* MBEDTLS_ECP_C */
-
-#if defined(MBEDTLS_SSL_ALPN)
-    if( opt.alpn_string != NULL )
-    {
-        p = (char *) opt.alpn_string;
-        i = 0;
-
-        /* Leave room for a final NULL in alpn_list */
-        while( i < ALPN_LIST_SIZE - 1 && *p != '\0' )
-        {
-            alpn_list[i++] = p;
-
-            /* Terminate the current string and move on to next one */
-            while( *p != ',' && *p != '\0' )
-                p++;
-            if( *p == ',' )
-                *p++ = '\0';
-        }
-    }
-#endif /* MBEDTLS_SSL_ALPN */
-
-    /*
-     * 0. Initialize the RNG and the session data
-     */
-    mbedtls_printf( "\n  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    mbedtls_entropy_init( &entropy );
-    if (opt.reproducible)
-    {
-        srand( 1 );
-        if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy,
-                                           &entropy, (const unsigned char *) pers,
-                                           strlen( pers ) ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned -0x%x\n",
-                            (unsigned int) -ret );
-            goto exit;
-        }
-    }
-    else
-    {
-        if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
-                                           &entropy, (const unsigned char *) pers,
-                                           strlen( pers ) ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned -0x%x\n",
-                            (unsigned int) -ret );
-            goto exit;
-        }
-    }
-
-    mbedtls_printf( " ok\n" );
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    /*
-     * 1.1. Load the trusted CA
-     */
-    mbedtls_printf( "  . Loading the CA root certificate ..." );
-    fflush( stdout );
-
-    if( strcmp( opt.ca_path, "none" ) == 0 ||
-        strcmp( opt.ca_file, "none" ) == 0 )
-    {
-        ret = 0;
-    }
-    else
-#if defined(MBEDTLS_FS_IO)
-    if( strlen( opt.ca_path ) )
-        ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path );
-    else if( strlen( opt.ca_file ) )
-        ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file );
-    else
-#endif
-#if defined(MBEDTLS_CERTS_C)
-    {
-#if defined(MBEDTLS_PEM_PARSE_C)
-        for( i = 0; mbedtls_test_cas[i] != NULL; i++ )
-        {
-            ret = mbedtls_x509_crt_parse( &cacert,
-                                  (const unsigned char *) mbedtls_test_cas[i],
-                                  mbedtls_test_cas_len[i] );
-            if( ret != 0 )
-                break;
-        }
-        if( ret == 0 )
-#endif /* MBEDTLS_PEM_PARSE_C */
-        for( i = 0; mbedtls_test_cas_der[i] != NULL; i++ )
-        {
-            ret = mbedtls_x509_crt_parse_der( &cacert,
-                         (const unsigned char *) mbedtls_test_cas_der[i],
-                         mbedtls_test_cas_der_len[i] );
-            if( ret != 0 )
-                break;
-        }
-    }
-#else
-    {
-        ret = 1;
-        mbedtls_printf( "MBEDTLS_CERTS_C not defined." );
-    }
-#endif /* MBEDTLS_CERTS_C */
-    if( ret < 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse returned -0x%x\n\n",
-                        (unsigned int) -ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok (%d skipped)\n", ret );
-
-    /*
-     * 1.2. Load own certificate and private key
-     *
-     * (can be skipped if client authentication is not required)
-     */
-    mbedtls_printf( "  . Loading the client cert. and key..." );
-    fflush( stdout );
-
-    if( strcmp( opt.crt_file, "none" ) == 0 )
-        ret = 0;
-    else
-#if defined(MBEDTLS_FS_IO)
-    if( strlen( opt.crt_file ) )
-        ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file );
-    else
-#endif
-#if defined(MBEDTLS_CERTS_C)
-        ret = mbedtls_x509_crt_parse( &clicert,
-                (const unsigned char *) mbedtls_test_cli_crt,
-                mbedtls_test_cli_crt_len );
-#else
-    {
-        ret = 1;
-        mbedtls_printf( "MBEDTLS_CERTS_C not defined." );
-    }
-#endif
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse returned -0x%x\n\n",
-                        (unsigned int) -ret );
-        goto exit;
-    }
-
-    if( strcmp( opt.key_file, "none" ) == 0 )
-        ret = 0;
-    else
-#if defined(MBEDTLS_FS_IO)
-    if( strlen( opt.key_file ) )
-        ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, opt.key_pwd );
-    else
-#endif
-#if defined(MBEDTLS_CERTS_C)
-        ret = mbedtls_pk_parse_key( &pkey,
-                (const unsigned char *) mbedtls_test_cli_key,
-                mbedtls_test_cli_key_len, NULL, 0 );
-#else
-    {
-        ret = 1;
-        mbedtls_printf( "MBEDTLS_CERTS_C not defined." );
-    }
-#endif
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_pk_parse_key returned -0x%x\n\n",
-                        (unsigned int) -ret );
-        goto exit;
-    }
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( opt.key_opaque != 0 )
-    {
-        if( ( ret = mbedtls_pk_wrap_as_opaque( &pkey, &key_slot,
-                                               PSA_ALG_SHA_256 ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  !  "
-                            "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", -ret );
-            goto exit;
-        }
-    }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-    mbedtls_printf( " ok (key type: %s)\n", mbedtls_pk_get_name( &pkey ) );
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-    /*
-     * 2. Start the connection
-     */
-    if( opt.server_addr == NULL)
-        opt.server_addr = opt.server_name;
-
-    mbedtls_printf( "  . Connecting to %s/%s/%s...",
-            opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp",
-            opt.server_addr, opt.server_port );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_net_connect( &server_fd,
-                       opt.server_addr, opt.server_port,
-                       opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ?
-                       MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_connect returned -0x%x\n\n",
-                        (unsigned int) -ret );
-        goto exit;
-    }
-
-    if( opt.nbio > 0 )
-        ret = mbedtls_net_set_nonblock( &server_fd );
-    else
-        ret = mbedtls_net_set_block( &server_fd );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! net_set_(non)block() returned -0x%x\n\n",
-                        (unsigned int) -ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 3. Setup stuff
-     */
-    mbedtls_printf( "  . Setting up the SSL/TLS structure..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ssl_config_defaults( &conf,
-                    MBEDTLS_SSL_IS_CLIENT,
-                    opt.transport,
-                    MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned -0x%x\n\n",
-                        (unsigned int) -ret );
-        goto exit;
-    }
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    /* The default algorithms profile disables SHA-1, but our tests still
-       rely on it heavily. */
-    if( opt.allow_sha1 > 0 )
-    {
-        crt_profile_for_test.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 );
-        mbedtls_ssl_conf_cert_profile( &conf, &crt_profile_for_test );
-        mbedtls_ssl_conf_sig_hashes( &conf, ssl_sig_hashes_for_test );
-    }
-
-    if( opt.context_crt_cb == 0 )
-        mbedtls_ssl_conf_verify( &conf, my_verify, NULL );
-
-    memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    if( opt.cid_enabled == 1 || opt.cid_enabled_renego == 1 )
-    {
-        if( opt.cid_enabled == 1        &&
-            opt.cid_enabled_renego == 1 &&
-            cid_len != cid_renego_len )
-        {
-            mbedtls_printf( "CID length must not change during renegotiation\n" );
-            goto usage;
-        }
-
-        if( opt.cid_enabled == 1 )
-            ret = mbedtls_ssl_conf_cid( &conf, cid_len,
-                                        MBEDTLS_SSL_UNEXPECTED_CID_IGNORE );
-        else
-            ret = mbedtls_ssl_conf_cid( &conf, cid_renego_len,
-                                        MBEDTLS_SSL_UNEXPECTED_CID_IGNORE );
-
-        if( ret != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_cid_len returned -%#04x\n\n",
-                            (unsigned int) -ret );
-            goto exit;
-        }
-    }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-    if( opt.auth_mode != DFL_AUTH_MODE )
-        mbedtls_ssl_conf_authmode( &conf, opt.auth_mode );
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX )
-        mbedtls_ssl_conf_handshake_timeout( &conf, opt.hs_to_min,
-                                            opt.hs_to_max );
-
-    if( opt.dgram_packing != DFL_DGRAM_PACKING )
-        mbedtls_ssl_set_datagram_packing( &ssl, opt.dgram_packing );
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-    if( ( ret = mbedtls_ssl_conf_max_frag_len( &conf, opt.mfl_code ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_max_frag_len returned %d\n\n",
-                        ret );
-        goto exit;
-    }
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_SRTP)
-    if( opt.use_srtp == 1 )
-    {
-        if( opt.force_srtp_profile != 0 )
-        {
-            const mbedtls_ssl_srtp_profile forced_profile[] =
-                                        { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET };
-            ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles ( &conf, forced_profile );
-        }
-        else
-        {
-            ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles ( &conf, default_profiles );
-        }
-
-        if( ret != 0 )
-        {
-            mbedtls_printf( " failed\n  ! "
-                            "mbedtls_ssl_conf_dtls_srtp_protection_profiles returned %d\n\n",
-                            ret );
-            goto exit;
-        }
-
-    }
-    else if( opt.force_srtp_profile != 0 )
-    {
-        mbedtls_printf( " failed\n  ! must enable use_srtp to force srtp profile\n\n" );
-        goto exit;
-    }
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-    if( opt.trunc_hmac != DFL_TRUNC_HMAC )
-        mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac );
-#endif
-
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-    if( opt.extended_ms != DFL_EXTENDED_MS )
-        mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms );
-#endif
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-    if( opt.etm != DFL_ETM )
-        mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm );
-#endif
-
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-    if( opt.eap_tls != 0 )
-    {
-        mbedtls_ssl_conf_export_keys_ext_cb( &conf, eap_tls_key_derivation,
-                                             &eap_tls_keying );
-    }
-    else if( opt.nss_keylog != 0 )
-    {
-        mbedtls_ssl_conf_export_keys_ext_cb( &conf,
-                                             nss_keylog_export,
-                                             NULL );
-    }
-#if defined( MBEDTLS_SSL_DTLS_SRTP )
-    else if( opt.use_srtp != 0 )
-    {
-        mbedtls_ssl_conf_export_keys_ext_cb( &conf, dtls_srtp_key_derivation,
-                                             &dtls_srtp_keying );
-    }
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */
-
-#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
-    if( opt.recsplit != DFL_RECSPLIT )
-        mbedtls_ssl_conf_cbc_record_splitting( &conf, opt.recsplit
-                                  ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED
-                                  : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED );
-#endif
-
-#if defined(MBEDTLS_DHM_C)
-    if( opt.dhmlen != DFL_DHMLEN )
-        mbedtls_ssl_conf_dhm_min_bitlen( &conf, opt.dhmlen );
-#endif
-
-#if defined(MBEDTLS_SSL_ALPN)
-    if( opt.alpn_string != NULL )
-        if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n",
-                            ret );
-            goto exit;
-        }
-#endif
-
-    if (opt.reproducible)
-    {
-#if defined(MBEDTLS_HAVE_TIME)
-#if defined(MBEDTLS_PLATFORM_TIME_ALT)
-        mbedtls_platform_set_time( dummy_constant_time );
-#else
-        fprintf( stderr, "Warning: reproducible option used without constant time\n" );
-#endif
-#endif
-    }
-    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-    mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
-
-    mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout );
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    mbedtls_ssl_conf_session_tickets( &conf, opt.tickets );
-#endif
-
-    if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
-        mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite );
-
-#if defined(MBEDTLS_ARC4_C)
-    if( opt.arc4 != DFL_ARC4 )
-        mbedtls_ssl_conf_arc4_support( &conf, opt.arc4 );
-#endif
-
-    if( opt.allow_legacy != DFL_ALLOW_LEGACY )
-        mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy );
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    mbedtls_ssl_conf_renegotiation( &conf, opt.renegotiation );
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    if( strcmp( opt.ca_path, "none" ) != 0 &&
-        strcmp( opt.ca_file, "none" ) != 0 )
-    {
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-        if( opt.ca_callback != 0 )
-            mbedtls_ssl_conf_ca_cb( &conf, ca_callback, &cacert );
-        else
-#endif
-            mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
-    }
-    if( strcmp( opt.crt_file, "none" ) != 0 &&
-        strcmp( opt.key_file, "none" ) != 0 )
-    {
-        if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n",
-                            ret );
-            goto exit;
-        }
-    }
-#endif
-
-#if defined(MBEDTLS_ECP_C)
-    if( opt.curves != NULL &&
-        strcmp( opt.curves, "default" ) != 0 )
-    {
-        mbedtls_ssl_conf_curves( &conf, curve_list );
-    }
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( opt.psk_opaque != 0 )
-    {
-        key_attributes = psa_key_attributes_init();
-        psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE );
-        psa_set_key_algorithm( &key_attributes, alg );
-        psa_set_key_type( &key_attributes, PSA_KEY_TYPE_DERIVE );
-
-        status = psa_import_key( &key_attributes, psk, psk_len, &slot );
-        if( status != PSA_SUCCESS )
-        {
-            ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
-            goto exit;
-        }
-
-        if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, slot,
-                                  (const unsigned char *) opt.psk_identity,
-                                  strlen( opt.psk_identity ) ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_psk_opaque returned %d\n\n",
-                            ret );
-            goto exit;
-        }
-    }
-    else
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-    if( psk_len > 0 )
-    {
-        ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len,
-                             (const unsigned char *) opt.psk_identity,
-                             strlen( opt.psk_identity ) );
-        if( ret != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_psk returned %d\n\n", ret );
-            goto exit;
-        }
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-
-    if( opt.min_version != DFL_MIN_VERSION )
-        mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3,
-                                      opt.min_version );
-
-    if( opt.max_version != DFL_MAX_VERSION )
-        mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3,
-                                      opt.max_version );
-
-#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
-    if( opt.fallback != DFL_FALLBACK )
-        mbedtls_ssl_conf_fallback( &conf, opt.fallback );
-#endif
-
-    if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_setup returned -0x%x\n\n",
-                        (unsigned int) -ret );
-        goto exit;
-    }
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_set_hostname returned %d\n\n",
-                        ret );
-        goto exit;
-    }
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-    if( opt.ecjpake_pw != DFL_ECJPAKE_PW )
-    {
-        if( ( ret = mbedtls_ssl_set_hs_ecjpake_password( &ssl,
-                        (const unsigned char *) opt.ecjpake_pw,
-                                        strlen( opt.ecjpake_pw ) ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n",
-                            ret );
-            goto exit;
-        }
-    }
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    if( opt.context_crt_cb == 1 )
-        mbedtls_ssl_set_verify( &ssl, my_verify, NULL );
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-    io_ctx.ssl = &ssl;
-    io_ctx.net = &server_fd;
-    mbedtls_ssl_set_bio( &ssl, &io_ctx, send_cb, recv_cb,
-                         opt.nbio == 0 ? recv_timeout_cb : NULL );
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        if( ( ret = mbedtls_ssl_set_cid( &ssl, opt.cid_enabled,
-                                         cid, cid_len ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_set_cid returned %d\n\n",
-                            ret );
-            goto exit;
-        }
-    }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( opt.dtls_mtu != DFL_DTLS_MTU )
-        mbedtls_ssl_set_mtu( &ssl, opt.dtls_mtu );
-#endif
-
-#if defined(MBEDTLS_TIMING_C)
-    mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay,
-                                            mbedtls_timing_get_delay );
-#endif
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( opt.ec_max_ops != DFL_EC_MAX_OPS )
-        mbedtls_ecp_set_max_ops( opt.ec_max_ops );
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_SRTP)
-    if( opt.use_srtp != 0 && strlen( opt.mki ) != 0 )
-    {
-        if( mbedtls_test_unhexify( mki, sizeof( mki ),
-                                   opt.mki,&mki_len ) != 0 )
-        {
-            mbedtls_printf( "mki value not valid hex\n" );
-            goto exit;
-        }
-
-        mbedtls_ssl_conf_srtp_mki_value_supported( &conf, MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED );
-        if( ( ret = mbedtls_ssl_dtls_srtp_set_mki_value( &ssl, mki,
-                                                         (uint16_t) strlen( opt.mki ) / 2 ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_dtls_srtp_set_mki_value returned %d\n\n", ret );
-            goto exit;
-        }
-    }
-#endif
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 4. Handshake
-     */
-    mbedtls_printf( "  . Performing the SSL/TLS handshake..." );
-    fflush( stdout );
-
-    while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
-    {
-        if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
-            ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
-            ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned -0x%x\n",
-                            (unsigned int) -ret );
-            if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED )
-                mbedtls_printf(
-                    "    Unable to verify the server's certificate. "
-                        "Either it is invalid,\n"
-                    "    or you didn't set ca_file or ca_path "
-                        "to an appropriate value.\n"
-                    "    Alternatively, you may want to use "
-                        "auth_mode=optional for testing purposes.\n" );
-            mbedtls_printf( "\n" );
-            goto exit;
-        }
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-        if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
-            continue;
-#endif
-
-        /* For event-driven IO, wait for socket to become available */
-        if( opt.event == 1 /* level triggered IO */ )
-        {
-#if defined(MBEDTLS_TIMING_C)
-            ret = idle( &server_fd, &timer, ret );
-#else
-            ret = idle( &server_fd, ret );
-#endif
-            if( ret != 0 )
-                goto exit;
-        }
-    }
-
-    mbedtls_printf( " ok\n    [ Protocol is %s ]\n    [ Ciphersuite is %s ]\n",
-                    mbedtls_ssl_get_version( &ssl ),
-                    mbedtls_ssl_get_ciphersuite( &ssl ) );
-
-    if( ( ret = mbedtls_ssl_get_record_expansion( &ssl ) ) >= 0 )
-        mbedtls_printf( "    [ Record expansion is %d ]\n", ret );
-    else
-        mbedtls_printf( "    [ Record expansion is unknown (compression) ]\n" );
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-    mbedtls_printf( "    [ Maximum input fragment length is %u ]\n",
-                    (unsigned int) mbedtls_ssl_get_input_max_frag_len( &ssl ) );
-    mbedtls_printf( "    [ Maximum output fragment length is %u ]\n",
-                    (unsigned int) mbedtls_ssl_get_output_max_frag_len( &ssl ) );
-#endif
-
-#if defined(MBEDTLS_SSL_ALPN)
-    if( opt.alpn_string != NULL )
-    {
-        const char *alp = mbedtls_ssl_get_alpn_protocol( &ssl );
-        mbedtls_printf( "    [ Application Layer Protocol is %s ]\n",
-                alp ? alp : "(none)" );
-    }
-#endif
-
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-    if( opt.eap_tls != 0  )
-    {
-        size_t j = 0;
-
-        if( ( ret = mbedtls_ssl_tls_prf( eap_tls_keying.tls_prf_type,
-                                         eap_tls_keying.master_secret,
-                                         sizeof( eap_tls_keying.master_secret ),
-                                         eap_tls_label,
-                                         eap_tls_keying.randbytes,
-                                         sizeof( eap_tls_keying.randbytes ),
-                                         eap_tls_keymaterial,
-                                         sizeof( eap_tls_keymaterial ) ) )
-                                         != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
-                            (unsigned int) -ret );
-            goto exit;
-        }
-
-        mbedtls_printf( "    EAP-TLS key material is:" );
-        for( j = 0; j < sizeof( eap_tls_keymaterial ); j++ )
-        {
-            if( j % 8 == 0 )
-                mbedtls_printf("\n    ");
-            mbedtls_printf("%02x ", eap_tls_keymaterial[j] );
-        }
-        mbedtls_printf("\n");
-
-        if( ( ret = mbedtls_ssl_tls_prf( eap_tls_keying.tls_prf_type, NULL, 0,
-                                         eap_tls_label,
-                                         eap_tls_keying.randbytes,
-                                         sizeof( eap_tls_keying.randbytes ),
-                                         eap_tls_iv,
-                                         sizeof( eap_tls_iv ) ) ) != 0 )
-         {
-             mbedtls_printf( " failed\n  ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
-                             (unsigned int) -ret );
-             goto exit;
-         }
-
-        mbedtls_printf( "    EAP-TLS IV is:" );
-        for( j = 0; j < sizeof( eap_tls_iv ); j++ )
-        {
-            if( j % 8 == 0 )
-                mbedtls_printf("\n    ");
-            mbedtls_printf("%02x ", eap_tls_iv[j] );
-        }
-        mbedtls_printf("\n");
-    }
-
-#if defined( MBEDTLS_SSL_DTLS_SRTP )
-    else if( opt.use_srtp != 0  )
-    {
-        size_t j = 0;
-        mbedtls_dtls_srtp_info dtls_srtp_negotiation_result;
-        mbedtls_ssl_get_dtls_srtp_negotiation_result( &ssl, &dtls_srtp_negotiation_result );
-
-        if( dtls_srtp_negotiation_result.chosen_dtls_srtp_profile
-                                == MBEDTLS_TLS_SRTP_UNSET )
-        {
-            mbedtls_printf( "    Unable to negotiate "
-                            "the use of DTLS-SRTP\n" );
-        }
-        else
-        {
-            if( ( ret = mbedtls_ssl_tls_prf( dtls_srtp_keying.tls_prf_type,
-                                             dtls_srtp_keying.master_secret,
-                                             sizeof( dtls_srtp_keying.master_secret ),
-                                             dtls_srtp_label,
-                                             dtls_srtp_keying.randbytes,
-                                             sizeof( dtls_srtp_keying.randbytes ),
-                                             dtls_srtp_key_material,
-                                             sizeof( dtls_srtp_key_material ) ) )
-                                             != 0 )
-            {
-                mbedtls_printf( " failed\n  ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
-                                (unsigned int) -ret );
-                goto exit;
-            }
-
-            mbedtls_printf( "    DTLS-SRTP key material is:" );
-            for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ )
-            {
-                if( j % 8 == 0 )
-                    mbedtls_printf( "\n    " );
-                mbedtls_printf( "%02x ", dtls_srtp_key_material[j] );
-            }
-            mbedtls_printf( "\n" );
-
-            /* produce a less readable output used to perform automatic checks
-             * - compare client and server output
-             * - interop test with openssl which client produces this kind of output
-             */
-            mbedtls_printf( "    Keying material: " );
-            for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ )
-            {
-                mbedtls_printf( "%02X", dtls_srtp_key_material[j] );
-            }
-            mbedtls_printf( "\n" );
-
-            if ( dtls_srtp_negotiation_result.mki_len > 0 )
-            {
-                mbedtls_printf( "    DTLS-SRTP mki value: " );
-                for( j = 0; j < dtls_srtp_negotiation_result.mki_len; j++ )
-                {
-                    mbedtls_printf( "%02X", dtls_srtp_negotiation_result.mki_value[j] );
-                }
-            }
-            else
-            {
-                mbedtls_printf( "    DTLS-SRTP no mki value negotiated" );
-            }
-            mbedtls_printf( "\n" );
-        }
-    }
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */
-    if( opt.reconnect != 0 )
-    {
-        mbedtls_printf("  . Saving session for reuse..." );
-        fflush( stdout );
-
-        if( opt.reco_mode == 1 )
-        {
-            /* free any previously saved data */
-            if( session_data != NULL )
-            {
-                mbedtls_platform_zeroize( session_data, session_data_len );
-                mbedtls_free( session_data );
-                session_data = NULL;
-            }
-
-            /* get size of the buffer needed */
-            mbedtls_ssl_session_save( mbedtls_ssl_get_session_pointer( &ssl ),
-                                      NULL, 0, &session_data_len );
-            session_data = mbedtls_calloc( 1, session_data_len );
-            if( session_data == NULL )
-            {
-                mbedtls_printf( " failed\n  ! alloc %u bytes for session data\n",
-                                (unsigned) session_data_len );
-                ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
-                goto exit;
-            }
-
-            /* actually save session data */
-            if( ( ret = mbedtls_ssl_session_save( mbedtls_ssl_get_session_pointer( &ssl ),
-                                                  session_data, session_data_len,
-                                                  &session_data_len ) ) != 0 )
-            {
-                mbedtls_printf( " failed\n  ! mbedtls_ssl_session_saved returned -0x%04x\n\n",
-                                (unsigned int) -ret );
-                goto exit;
-            }
-        }
-        else
-        {
-            if( ( ret = mbedtls_ssl_get_session( &ssl, &saved_session ) ) != 0 )
-            {
-                mbedtls_printf( " failed\n  ! mbedtls_ssl_get_session returned -0x%x\n\n",
-                                (unsigned int) -ret );
-                goto exit;
-            }
-        }
-
-        mbedtls_printf( " ok\n" );
-
-        if( opt.reco_mode == 1 )
-        {
-            mbedtls_printf( "    [ Saved %u bytes of session data]\n",
-                            (unsigned) session_data_len );
-        }
-    }
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    /*
-     * 5. Verify the server certificate
-     */
-    mbedtls_printf( "  . Verifying peer X.509 certificate..." );
-
-    if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 )
-    {
-        char vrfy_buf[512];
-
-        mbedtls_printf( " failed\n" );
-
-        mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ),
-                                      "  ! ", flags );
-
-        mbedtls_printf( "%s\n", vrfy_buf );
-    }
-    else
-        mbedtls_printf( " ok\n" );
-
-    mbedtls_printf( "  . Peer certificate information    ...\n" );
-    mbedtls_printf( "%s\n", peer_crt_info );
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    ret = report_cid_usage( &ssl, "initial handshake" );
-    if( ret != 0 )
-        goto exit;
-
-    if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        if( ( ret = mbedtls_ssl_set_cid( &ssl, opt.cid_enabled_renego,
-                                         cid_renego,
-                                         cid_renego_len ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_set_cid returned %d\n\n",
-                            ret );
-            goto exit;
-        }
-    }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( opt.renegotiate )
-    {
-        /*
-         * Perform renegotiation (this must be done when the server is waiting
-         * for input from our side).
-         */
-        mbedtls_printf( "  . Performing renegotiation..." );
-        fflush( stdout );
-        while( ( ret = mbedtls_ssl_renegotiate( &ssl ) ) != 0 )
-        {
-            if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
-                ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
-                ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
-            {
-                mbedtls_printf( " failed\n  ! mbedtls_ssl_renegotiate returned %d\n\n",
-                                ret );
-                goto exit;
-            }
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-            if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
-                continue;
-#endif
-
-            /* For event-driven IO, wait for socket to become available */
-            if( opt.event == 1 /* level triggered IO */ )
-            {
-#if defined(MBEDTLS_TIMING_C)
-                idle( &server_fd, &timer, ret );
-#else
-                idle( &server_fd, ret );
-#endif
-            }
-
-        }
-        mbedtls_printf( " ok\n" );
-    }
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    ret = report_cid_usage( &ssl, "after renegotiation" );
-    if( ret != 0 )
-        goto exit;
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-    /*
-     * 6. Write the GET request
-     */
-    retry_left = opt.max_resend;
-send_request:
-    mbedtls_printf( "  > Write to server:" );
-    fflush( stdout );
-
-    len = mbedtls_snprintf( (char *) buf, sizeof( buf ) - 1, GET_REQUEST,
-                            opt.request_page );
-    tail_len = (int) strlen( GET_REQUEST_END );
-
-    /* Add padding to GET request to reach opt.request_size in length */
-    if( opt.request_size != DFL_REQUEST_SIZE &&
-        len + tail_len < opt.request_size )
-    {
-        memset( buf + len, 'A', opt.request_size - len - tail_len );
-        len += opt.request_size - len - tail_len;
-    }
-
-    strncpy( (char *) buf + len, GET_REQUEST_END, sizeof( buf ) - len - 1 );
-    len += tail_len;
-
-    /* Truncate if request size is smaller than the "natural" size */
-    if( opt.request_size != DFL_REQUEST_SIZE &&
-        len > opt.request_size )
-    {
-        len = opt.request_size;
-
-        /* Still end with \r\n unless that's really not possible */
-        if( len >= 2 ) buf[len - 2] = '\r';
-        if( len >= 1 ) buf[len - 1] = '\n';
-    }
-
-    if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM )
-    {
-        written = 0;
-        frags = 0;
-
-        do
-        {
-            while( ( ret = mbedtls_ssl_write( &ssl, buf + written,
-                                              len - written ) ) < 0 )
-            {
-                if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
-                    ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
-                    ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
-                {
-                    mbedtls_printf( " failed\n  ! mbedtls_ssl_write returned -0x%x\n\n",
-                                    (unsigned int) -ret );
-                    goto exit;
-                }
-
-                /* For event-driven IO, wait for socket to become available */
-                if( opt.event == 1 /* level triggered IO */ )
-                {
-#if defined(MBEDTLS_TIMING_C)
-                    idle( &server_fd, &timer, ret );
-#else
-                    idle( &server_fd, ret );
-#endif
-                }
-            }
-
-            frags++;
-            written += ret;
-        }
-        while( written < len );
-    }
-    else /* Not stream, so datagram */
-    {
-        while( 1 )
-        {
-            ret = mbedtls_ssl_write( &ssl, buf, len );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-            if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
-                continue;
-#endif
-
-            if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
-                ret != MBEDTLS_ERR_SSL_WANT_WRITE )
-                break;
-
-            /* For event-driven IO, wait for socket to become available */
-            if( opt.event == 1 /* level triggered IO */ )
-            {
-#if defined(MBEDTLS_TIMING_C)
-                idle( &server_fd, &timer, ret );
-#else
-                idle( &server_fd, ret );
-#endif
-            }
-        }
-
-        if( ret < 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_write returned %d\n\n",
-                            ret );
-            goto exit;
-        }
-
-        frags = 1;
-        written = ret;
-
-        if( written < len )
-        {
-            mbedtls_printf( " warning\n  ! request didn't fit into single datagram and "
-                            "was truncated to size %u", (unsigned) written );
-        }
-    }
-
-    buf[written] = '\0';
-    mbedtls_printf( " %d bytes written in %d fragments\n\n%s\n",
-                    written, frags, (char *) buf );
-
-    /* Send a non-empty request if request_size == 0 */
-    if ( len == 0 )
-    {
-        opt.request_size = DFL_REQUEST_SIZE;
-        goto send_request;
-    }
-
-    /*
-     * 7. Read the HTTP response
-     */
-    mbedtls_printf( "  < Read from server:" );
-    fflush( stdout );
-
-    /*
-     * TLS and DTLS need different reading styles (stream vs datagram)
-     */
-    if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM )
-    {
-        do
-        {
-            len = sizeof( buf ) - 1;
-            memset( buf, 0, sizeof( buf ) );
-            ret = mbedtls_ssl_read( &ssl, buf, len );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-            if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
-                continue;
-#endif
-
-            if( ret == MBEDTLS_ERR_SSL_WANT_READ ||
-                ret == MBEDTLS_ERR_SSL_WANT_WRITE )
-            {
-                /* For event-driven IO, wait for socket to become available */
-                if( opt.event == 1 /* level triggered IO */ )
-                {
-#if defined(MBEDTLS_TIMING_C)
-                    idle( &server_fd, &timer, ret );
-#else
-                    idle( &server_fd, ret );
-#endif
-                }
-                continue;
-            }
-
-            if( ret <= 0 )
-            {
-                switch( ret )
-                {
-                    case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
-                        mbedtls_printf( " connection was closed gracefully\n" );
-                        ret = 0;
-                        goto close_notify;
-
-                    case 0:
-                    case MBEDTLS_ERR_NET_CONN_RESET:
-                        mbedtls_printf( " connection was reset by peer\n" );
-                        ret = 0;
-                        goto reconnect;
-
-                    default:
-                        mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n",
-                                        (unsigned int) -ret );
-                        goto exit;
-                }
-            }
-
-            len = ret;
-            buf[len] = '\0';
-            mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf );
-
-            /* End of message should be detected according to the syntax of the
-             * application protocol (eg HTTP), just use a dummy test here. */
-            if( ret > 0 && buf[len-1] == '\n' )
-            {
-                ret = 0;
-                break;
-            }
-        }
-        while( 1 );
-    }
-    else /* Not stream, so datagram */
-    {
-        len = sizeof( buf ) - 1;
-        memset( buf, 0, sizeof( buf ) );
-
-        while( 1 )
-        {
-            ret = mbedtls_ssl_read( &ssl, buf, len );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-            if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
-                continue;
-#endif
-
-            if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
-                ret != MBEDTLS_ERR_SSL_WANT_WRITE )
-                break;
-
-            /* For event-driven IO, wait for socket to become available */
-            if( opt.event == 1 /* level triggered IO */ )
-            {
-#if defined(MBEDTLS_TIMING_C)
-                idle( &server_fd, &timer, ret );
-#else
-                idle( &server_fd, ret );
-#endif
-            }
-        }
-
-        if( ret <= 0 )
-        {
-            switch( ret )
-            {
-                case MBEDTLS_ERR_SSL_TIMEOUT:
-                    mbedtls_printf( " timeout\n" );
-                    if( retry_left-- > 0 )
-                        goto send_request;
-                    goto exit;
-
-                case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
-                    mbedtls_printf( " connection was closed gracefully\n" );
-                    ret = 0;
-                    goto close_notify;
-
-                default:
-                    mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret );
-                    goto exit;
-            }
-        }
-
-        len = ret;
-        buf[len] = '\0';
-        mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf );
-        ret = 0;
-    }
-
-    /*
-     * 7b. Simulate hard reset and reconnect from same port?
-     */
-    if( opt.reconnect_hard != 0 )
-    {
-        opt.reconnect_hard = 0;
-
-        mbedtls_printf( "  . Restarting connection from same port..." );
-        fflush( stdout );
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-        memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-        if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_session_reset returned -0x%x\n\n",
-                            (unsigned int) -ret );
-            goto exit;
-        }
-
-        while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
-        {
-            if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
-                ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
-                ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
-            {
-                mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned -0x%x\n\n",
-                                (unsigned int) -ret );
-                goto exit;
-            }
-
-            /* For event-driven IO, wait for socket to become available */
-            if( opt.event == 1 /* level triggered IO */ )
-            {
-#if defined(MBEDTLS_TIMING_C)
-                idle( &server_fd, &timer, ret );
-#else
-                idle( &server_fd, ret );
-#endif
-            }
-        }
-
-        mbedtls_printf( " ok\n" );
-
-        goto send_request;
-    }
-
-    /*
-     * 7c. Simulate serialize/deserialize and go back to data exchange
-     */
-#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
-    if( opt.serialize != 0 )
-    {
-        size_t buf_len;
-
-        mbedtls_printf( "  . Serializing live connection..." );
-
-        ret = mbedtls_ssl_context_save( &ssl, NULL, 0, &buf_len );
-        if( ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_context_save returned "
-                            "-0x%x\n\n", (unsigned int) -ret );
-
-            goto exit;
-        }
-
-        if( ( context_buf = mbedtls_calloc( 1, buf_len ) ) == NULL )
-        {
-            mbedtls_printf( " failed\n  ! Couldn't allocate buffer for "
-                            "serialized context" );
-
-            goto exit;
-        }
-        context_buf_len = buf_len;
-
-        if( ( ret = mbedtls_ssl_context_save( &ssl, context_buf,
-                                              buf_len, &buf_len ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_context_save returned "
-                            "-0x%x\n\n", (unsigned int) -ret );
-
-            goto exit;
-        }
-
-        mbedtls_printf( " ok\n" );
-
-        /* Save serialized context to the 'opt.context_file' as a base64 code */
-        if( 0 < strlen( opt.context_file ) )
-        {
-            FILE *b64_file;
-            uint8_t *b64_buf;
-            size_t b64_len;
-
-            mbedtls_printf( "  . Save serialized context to a file... " );
-
-            mbedtls_base64_encode( NULL, 0, &b64_len, context_buf, buf_len );
-
-            if( ( b64_buf = mbedtls_calloc( 1, b64_len ) ) == NULL )
-            {
-                mbedtls_printf( "failed\n  ! Couldn't allocate buffer for "
-                                "the base64 code\n" );
-                goto exit;
-            }
-
-            if( ( ret = mbedtls_base64_encode( b64_buf, b64_len, &b64_len,
-                                               context_buf, buf_len ) ) != 0 )
-            {
-                mbedtls_printf( "failed\n  ! mbedtls_base64_encode returned "
-                            "-0x%x\n", (unsigned int) -ret );
-                mbedtls_free( b64_buf );
-                goto exit;
-            }
-
-            if( ( b64_file = fopen( opt.context_file, "w" ) ) == NULL )
-            {
-                mbedtls_printf( "failed\n  ! Cannot open '%s' for writing.\n",
-                                opt.context_file );
-                mbedtls_free( b64_buf );
-                goto exit;
-            }
-
-            if( b64_len != fwrite( b64_buf, 1, b64_len, b64_file ) )
-            {
-                mbedtls_printf( "failed\n  ! fwrite(%ld bytes) failed\n",
-                                (long) b64_len );
-                mbedtls_free( b64_buf );
-                fclose( b64_file );
-                goto exit;
-            }
-
-            mbedtls_free( b64_buf );
-            fclose( b64_file );
-
-            mbedtls_printf( "ok\n" );
-        }
-
-        if( opt.serialize == 1 )
-        {
-            /* nothing to do here, done by context_save() already */
-            mbedtls_printf( "  . Context has been reset... ok\n" );
-        }
-
-        if( opt.serialize == 2 )
-        {
-            mbedtls_printf( "  . Freeing and reinitializing context..." );
-
-            mbedtls_ssl_free( &ssl );
-
-            mbedtls_ssl_init( &ssl );
-
-            if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
-            {
-                mbedtls_printf( " failed\n  ! mbedtls_ssl_setup returned "
-                                "-0x%x\n\n", (unsigned int) -ret );
-                goto exit;
-            }
-
-            if( opt.nbio == 2 )
-                mbedtls_ssl_set_bio( &ssl, &server_fd, delayed_send,
-                                     delayed_recv, NULL );
-            else
-                mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send,
-                            mbedtls_net_recv,
-                            opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL );
-
-#if defined(MBEDTLS_TIMING_C)
-                mbedtls_ssl_set_timer_cb( &ssl, &timer,
-                                          mbedtls_timing_set_delay,
-                                          mbedtls_timing_get_delay );
-#endif /* MBEDTLS_TIMING_C */
-
-            mbedtls_printf( " ok\n" );
-        }
-
-        mbedtls_printf( "  . Deserializing connection..." );
-
-        if( ( ret = mbedtls_ssl_context_load( &ssl, context_buf,
-                                              buf_len ) ) != 0 )
-        {
-            mbedtls_printf( "failed\n  ! mbedtls_ssl_context_load returned "
-                            "-0x%x\n\n", (unsigned int) -ret );
-
-            goto exit;
-        }
-
-        mbedtls_free( context_buf );
-        context_buf = NULL;
-        context_buf_len = 0;
-
-        mbedtls_printf( " ok\n" );
-    }
-#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
-
-    /*
-     * 7d. Continue doing data exchanges?
-     */
-    if( --opt.exchanges > 0 )
-        goto send_request;
-
-    /*
-     * 8. Done, cleanly close the connection
-     */
-close_notify:
-    mbedtls_printf( "  . Closing the connection..." );
-    fflush( stdout );
-
-    /*
-     * Most of the time sending a close_notify before closing is the right
-     * thing to do. However, when the server already knows how many messages
-     * are expected and closes the connection by itself, this alert becomes
-     * redundant. Sometimes with DTLS this redundancy becomes a problem by
-     * leading to a race condition where the server might close the connection
-     * before seeing the alert, and since UDP is connection-less when the
-     * alert arrives it will be seen as a new connection, which will fail as
-     * the alert is clearly not a valid ClientHello. This may cause spurious
-     * failures in tests that use DTLS and resumption with ssl_server2 in
-     * ssl-opt.sh, avoided by enabling skip_close_notify client-side.
-     */
-    if( opt.skip_close_notify == 0 )
-    {
-        /* No error checking, the connection might be closed already */
-        do ret = mbedtls_ssl_close_notify( &ssl );
-        while( ret == MBEDTLS_ERR_SSL_WANT_WRITE );
-        ret = 0;
-    }
-
-    mbedtls_printf( " done\n" );
-
-    /*
-     * 9. Reconnect?
-     */
-reconnect:
-    if( opt.reconnect != 0 )
-    {
-        --opt.reconnect;
-
-        mbedtls_net_free( &server_fd );
-
-#if defined(MBEDTLS_TIMING_C)
-        if( opt.reco_delay > 0 )
-            mbedtls_net_usleep( 1000000 * opt.reco_delay );
-#endif
-
-        mbedtls_printf( "  . Reconnecting with saved session..." );
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-        memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-        if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_session_reset returned -0x%x\n\n",
-                            (unsigned int) -ret );
-            goto exit;
-        }
-
-        if( opt.reco_mode == 1 )
-        {
-            if( ( ret = mbedtls_ssl_session_load( &saved_session,
-                                                  session_data,
-                                                  session_data_len ) ) != 0 )
-            {
-                mbedtls_printf( " failed\n  ! mbedtls_ssl_session_load returned -0x%x\n\n",
-                                (unsigned int) -ret );
-                goto exit;
-            }
-        }
-
-        if( ( ret = mbedtls_ssl_set_session( &ssl, &saved_session ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_set_session returned -0x%x\n\n",
-                            (unsigned int) -ret );
-            goto exit;
-        }
-
-        if( ( ret = mbedtls_net_connect( &server_fd,
-                        opt.server_addr, opt.server_port,
-                        opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ?
-                        MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_net_connect returned -0x%x\n\n",
-                            (unsigned int) -ret );
-            goto exit;
-        }
-
-        if( opt.nbio > 0 )
-            ret = mbedtls_net_set_nonblock( &server_fd );
-        else
-            ret = mbedtls_net_set_block( &server_fd );
-        if( ret != 0 )
-        {
-            mbedtls_printf( " failed\n  ! net_set_(non)block() returned -0x%x\n\n",
-                            (unsigned int) -ret );
-            goto exit;
-        }
-
-        while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
-        {
-            if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
-                ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
-                ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
-            {
-                mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned -0x%x\n\n",
-                                (unsigned int) -ret );
-                goto exit;
-            }
-        }
-
-        mbedtls_printf( " ok\n" );
-
-        goto send_request;
-    }
-
-    /*
-     * Cleanup and exit
-     */
-exit:
-#ifdef MBEDTLS_ERROR_C
-    if( ret != 0 )
-    {
-        char error_buf[100];
-        mbedtls_strerror( ret, error_buf, 100 );
-        mbedtls_printf("Last error was: -0x%X - %s\n\n", (unsigned int) -ret, error_buf );
-    }
-#endif
-
-    mbedtls_net_free( &server_fd );
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    mbedtls_x509_crt_free( &clicert );
-    mbedtls_x509_crt_free( &cacert );
-    mbedtls_pk_free( &pkey );
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_destroy_key( key_slot );
-#endif
-#endif
-    mbedtls_ssl_session_free( &saved_session );
-    mbedtls_ssl_free( &ssl );
-    mbedtls_ssl_config_free( &conf );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-    if( session_data != NULL )
-        mbedtls_platform_zeroize( session_data, session_data_len );
-    mbedtls_free( session_data );
-#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
-    if( context_buf != NULL )
-        mbedtls_platform_zeroize( context_buf, context_buf_len );
-    mbedtls_free( context_buf );
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) && \
-    defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( opt.psk_opaque != 0 )
-    {
-        /* This is ok even if the slot hasn't been
-         * initialized (we might have jumed here
-         * immediately because of bad cmd line params,
-         * for example). */
-        status = psa_destroy_key( slot );
-        if( ( status != PSA_SUCCESS ) &&
-            ( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) )
-        {
-            mbedtls_printf( "Failed to destroy key slot %u - error was %d",
-                            (unsigned) slot, (int) status );
-            if( ret == 0 )
-                ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
-        }
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED &&
-          MBEDTLS_USE_PSA_CRYPTO */
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-#if defined(MBEDTLS_MEMORY_DEBUG)
-    mbedtls_memory_buffer_alloc_status();
-#endif
-    mbedtls_memory_buffer_alloc_free();
-#endif
-
-#if defined(_WIN32)
-    if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE )
-    {
-        mbedtls_printf( "  + Press Enter to exit this program.\n" );
-        fflush( stdout ); getchar();
-    }
-#endif
-
-    // Shell can not handle large exit numbers -> 1 for errors
-    if( ret < 0 )
-        ret = 1;
-
-    if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE )
-        mbedtls_exit( ret );
-    else
-        mbedtls_exit( query_config_ret );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
-          MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
-          MBEDTLS_CTR_DRBG_C MBEDTLS_TIMING_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_context_info.c b/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_context_info.c
deleted file mode 100644
index a204d9e..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_context_info.c
+++ /dev/null
@@ -1,1112 +0,0 @@
-/*
- *  MbedTLS SSL context deserializer from base64 code
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#if !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_ERROR_C) || \
-    !defined(MBEDTLS_SSL_TLS_C)
-int main( void )
-{
-    printf("MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_ERROR_C and/or "
-           "MBEDTLS_SSL_TLS_C not defined.\n");
-    return( 0 );
-}
-#else
-
-#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
-#define _CRT_SECURE_NO_DEPRECATE 1
-#endif
-
-#include <stdint.h>
-#include <stdarg.h>
-#include <string.h>
-#include <time.h>
-#include "mbedtls/ssl.h"
-#include "mbedtls/error.h"
-#include "mbedtls/base64.h"
-#include "mbedtls/md.h"
-#include "mbedtls/md_internal.h"
-#include "mbedtls/x509_crt.h"
-#include "mbedtls/ssl_ciphersuites.h"
-
-/*
- * This program version
- */
-#define PROG_NAME "ssl_context_info"
-#define VER_MAJOR 0
-#define VER_MINOR 1
-
-/*
- * Flags copied from the Mbed TLS library.
- */
-#define SESSION_CONFIG_TIME_BIT          ( 1 << 0 )
-#define SESSION_CONFIG_CRT_BIT           ( 1 << 1 )
-#define SESSION_CONFIG_CLIENT_TICKET_BIT ( 1 << 2 )
-#define SESSION_CONFIG_MFL_BIT           ( 1 << 3 )
-#define SESSION_CONFIG_TRUNC_HMAC_BIT    ( 1 << 4 )
-#define SESSION_CONFIG_ETM_BIT           ( 1 << 5 )
-#define SESSION_CONFIG_TICKET_BIT        ( 1 << 6 )
-
-#define CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT    ( 1 << 0 )
-#define CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT     ( 1 << 1 )
-#define CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT      ( 1 << 2 )
-#define CONTEXT_CONFIG_ALPN_BIT                  ( 1 << 3 )
-
-#define TRANSFORM_RANDBYTE_LEN  64
-
-/*
- * Minimum and maximum number of bytes for specific data: context, sessions,
- * certificates, tickets and buffers in the program. The context and session
- * size values have been calculated based on the 'print_deserialized_ssl_context()'
- * and 'print_deserialized_ssl_session()' content.
- */
-#define MIN_CONTEXT_LEN     84
-#define MIN_SESSION_LEN     88
-
-#define MAX_CONTEXT_LEN     875     /* without session data */
-#define MAX_SESSION_LEN     109     /* without certificate and ticket data */
-#define MAX_CERTIFICATE_LEN ( ( 1 << 24 ) - 1 )
-#define MAX_TICKET_LEN      ( ( 1 << 24 ) - 1 )
-
-#define MIN_SERIALIZED_DATA ( MIN_CONTEXT_LEN + MIN_SESSION_LEN )
-#define MAX_SERIALIZED_DATA ( MAX_CONTEXT_LEN + MAX_SESSION_LEN + \
-                              MAX_CERTIFICATE_LEN + MAX_TICKET_LEN )
-
-#define MIN_BASE64_LEN      ( MIN_SERIALIZED_DATA * 4 / 3 )
-#define MAX_BASE64_LEN      ( MAX_SERIALIZED_DATA * 4 / 3 + 3 )
-
-/*
- * A macro that prevents from reading out of the ssl buffer range.
- */
-#define CHECK_SSL_END( LEN )            \
-do                                      \
-{                                       \
-    if( end - ssl < (int)( LEN ) )      \
-    {                                   \
-        printf_err( "%s", buf_ln_err ); \
-        return;                         \
-    }                                   \
-} while( 0 )
-
-/*
- * Global values
- */
-FILE *b64_file = NULL;                  /* file with base64 codes to deserialize */
-char conf_keep_peer_certificate = 1;    /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE from mbedTLS configuration */
-char conf_dtls_proto = 1;               /* MBEDTLS_SSL_PROTO_DTLS from mbedTLS configuration */
-char debug = 0;                         /* flag for debug messages */
-const char alloc_err[] = "Cannot allocate memory\n";
-const char buf_ln_err[] = "Buffer does not have enough data to complete the parsing\n";
-
-/*
- * Basic printing functions
- */
-void print_version( )
-{
-    printf( "%s v%d.%d\n", PROG_NAME, VER_MAJOR, VER_MINOR );
-}
-
-void print_usage( )
-{
-    print_version();
-    printf( "\nThis program is used to deserialize an Mbed TLS SSL session from the base64 code provided\n"
-            "in the text file. The program can deserialize many codes from one file, but they must be\n"
-            "separated, e.g. by a newline.\n\n" );
-    printf(
-        "Usage:\n"
-        "\t-f path            - Path to the file with base64 code\n"
-        "\t-v                 - Show version\n"
-        "\t-h                 - Show this usage\n"
-        "\t-d                 - Print more information\n"
-        "\t--keep-peer-cert=0 - Use this option if you know that the Mbed TLS library\n"
-        "\t                     has been compiled with the MBEDTLS_SSL_KEEP_PEER_CERTIFICATE\n"
-        "\t                     flag. You can also use it if there are some problems with reading\n"
-        "\t                     the information about certificate\n"
-        "\t--dtls-protocol=0  - Use this option if you know that the Mbed TLS library\n"
-        "\t                     has been compiled without the MBEDTLS_SSL_PROTO_DTLS flag\n"
-        "\n"
-    );
-}
-
-void printf_dbg( const char *str, ... )
-{
-    if( debug )
-    {
-        va_list args;
-        va_start( args, str );
-        printf( "debug: " );
-        vprintf( str, args );
-        fflush( stdout );
-        va_end( args );
-    }
-}
-
-void printf_err( const char *str, ... )
-{
-    va_list args;
-    va_start( args, str );
-    fflush( stdout );
-    fprintf( stderr, "ERROR: " );
-    vfprintf( stderr, str, args );
-    fflush( stderr );
-    va_end( args );
-}
-
-/*
- * Exit from the program in case of error
- */
-void error_exit()
-{
-    if( NULL != b64_file )
-    {
-        fclose( b64_file );
-    }
-    exit( -1 );
-}
-
-/*
- * This function takes the input arguments of this program
- */
-void parse_arguments( int argc, char *argv[] )
-{
-    int i = 1;
-
-    if( argc < 2 )
-    {
-        print_usage();
-        error_exit();
-    }
-
-    while( i < argc )
-    {
-        if( strcmp( argv[i], "-d" ) == 0 )
-        {
-            debug = 1;
-        }
-        else if( strcmp( argv[i], "-h" ) == 0 )
-        {
-            print_usage();
-        }
-        else if( strcmp( argv[i], "-v" ) == 0 )
-        {
-            print_version();
-        }
-        else if( strcmp( argv[i], "-f" ) == 0 )
-        {
-            if( ++i >= argc )
-            {
-                printf_err( "File path is empty\n" );
-                error_exit();
-            }
-
-            if( ( b64_file = fopen( argv[i], "r" ) ) == NULL )
-            {
-                printf_err( "Cannot find file \"%s\"\n", argv[i] );
-                error_exit();
-            }
-        }
-        else if( strcmp( argv[i], "--keep-peer-cert=0" ) == 0 )
-        {
-            conf_keep_peer_certificate = 0;
-        }
-        else if( strcmp( argv[i], "--dtls-protocol=0" ) == 0 )
-        {
-            conf_dtls_proto = 0;
-        }
-        else
-        {
-            print_usage();
-            error_exit();
-        }
-
-        i++;
-    }
-}
-
-/*
- * This function prints base64 code to the stdout
- */
-void print_b64( const uint8_t *b, size_t len )
-{
-    size_t i = 0;
-    const uint8_t *end = b + len;
-    printf("\t");
-    while( b < end )
-    {
-        if( ++i > 75 )
-        {
-            printf( "\n\t" );
-            i = 0;
-        }
-        printf( "%c", *b++ );
-    }
-    printf( "\n" );
-    fflush( stdout );
-}
-
-/*
- * This function prints hex code from the buffer to the stdout.
- *
- * /p b         buffer with data to print
- * /p len       number of bytes to print
- * /p in_line   number of bytes in one line
- * /p prefix    prefix for the new lines
- */
-void print_hex( const uint8_t *b, size_t len,
-                const size_t in_line, const char *prefix )
-{
-    size_t i = 0;
-    const uint8_t *end = b + len;
-
-    if( prefix == NULL )
-    {
-        prefix = "";
-    }
-
-    while( b < end )
-    {
-        if( ++i > in_line )
-        {
-            printf( "\n%s", prefix );
-            i = 1;
-        }
-        printf( "%02X ", (uint8_t) *b++ );
-    }
-    printf("\n");
-    fflush(stdout);
-}
-
-/*
- *  Print the value of time_t in format e.g. 2020-01-23 13:05:59
- */
-void print_time( const time_t *time )
-{
-    char buf[20];
-    struct tm *t = gmtime( time );
-    static const char format[] = "%Y-%m-%d %H:%M:%S";
-    if( NULL != t )
-    {
-        strftime( buf, sizeof( buf ), format, t );
-        printf( "%s\n", buf );
-    }
-    else
-    {
-        printf( "unknown\n" );
-    }
-}
-
-/*
- * Print the input string if the bit is set in the value
- */
-void print_if_bit( const char *str, int bit, int val )
-{
-    if( bit & val )
-    {
-        printf( "\t%s\n", str );
-    }
-}
-
-/*
- * Return pointer to hardcoded "enabled" or "disabled" depending on the input value
- */
-const char * get_enabled_str( int is_en )
-{
-    return ( is_en ) ? "enabled" : "disabled";
-}
-
-/*
- * Return pointer to hardcoded MFL string value depending on the MFL code at the input
- */
-const char * get_mfl_str( int mfl_code )
-{
-    switch( mfl_code )
-    {
-        case MBEDTLS_SSL_MAX_FRAG_LEN_NONE:
-            return "none";
-        case MBEDTLS_SSL_MAX_FRAG_LEN_512:
-            return "512";
-        case MBEDTLS_SSL_MAX_FRAG_LEN_1024:
-            return "1024";
-        case MBEDTLS_SSL_MAX_FRAG_LEN_2048:
-            return "2048";
-        case MBEDTLS_SSL_MAX_FRAG_LEN_4096:
-            return "4096";
-        default:
-            return "error";
-    }
-}
-
-/*
- * Read next base64 code from the 'b64_file'. The 'b64_file' must be opened
- * previously. After each call to this function, the internal file position
- * indicator of the global b64_file is advanced.
- *
- * Note - This function checks the size of the input buffer and if necessary,
- *        increases it to the maximum MAX_BASE64_LEN
- *
- * /p b64       pointer to the pointer of the buffer for input data
- * /p max_len   pointer to the current buffer capacity. It can be changed if
- *              the buffer needs to be increased
- *
- * \retval      number of bytes written in to the b64 buffer or 0 in case no more
- *              data was found
- */
-size_t read_next_b64_code( uint8_t **b64, size_t *max_len )
-{
-    int valid_balance = 0;  /* balance between valid and invalid characters */
-    size_t len = 0;
-    char pad = 0;
-    int c = 0;
-
-    while( EOF != c )
-    {
-        char c_valid = 0;
-
-        c = fgetc( b64_file );
-
-        if( pad > 0 )
-        {
-            if( c == '=' && pad == 1 )
-            {
-                c_valid = 1;
-                pad = 2;
-            }
-        }
-        else if( ( c >= 'A' && c <= 'Z' ) ||
-                 ( c >= 'a' && c <= 'z' ) ||
-                 ( c >= '0' && c <= '9' ) ||
-                   c == '+' || c == '/' )
-        {
-            c_valid = 1;
-        }
-        else if( c == '=' )
-        {
-            c_valid = 1;
-            pad = 1;
-        }
-        else if( c == '-' )
-        {
-            c = '+';
-            c_valid = 1;
-        }
-        else if( c == '_' )
-        {
-            c = '/';
-            c_valid = 1;
-        }
-
-        if( c_valid )
-        {
-            /* A string of characters that could be a base64 code. */
-            valid_balance++;
-
-            if( len < *max_len )
-            {
-                ( *b64 )[ len++ ] = c;
-            }
-            else if( *max_len < MAX_BASE64_LEN )
-            {
-                /* Current buffer is too small, but can be resized. */
-                void *ptr;
-                size_t new_size = ( MAX_BASE64_LEN - 4096 > *max_len ) ?
-                                  *max_len + 4096 : MAX_BASE64_LEN;
-
-                ptr = realloc( *b64, new_size );
-                if( NULL == ptr )
-                {
-                    printf_err( alloc_err );
-                    return 0;
-                }
-                *b64 = ptr;
-                *max_len = new_size;
-                ( *b64 )[ len++ ] = c;
-            }
-            else
-            {
-                /* Too much data so it will be treated as invalid */
-                len++;
-            }
-        }
-        else if( len > 0 )
-        {
-            /* End of a string that could be a base64 code, but need to check
-             * that the length of the characters is correct. */
-
-            valid_balance--;
-
-            if( len < MIN_CONTEXT_LEN )
-            {
-                printf_dbg( "The code found is too small to be a SSL context.\n" );
-                len = pad = 0;
-            }
-            else if( len > *max_len )
-            {
-                printf_err( "The code found is too large by %u bytes.\n", len - *max_len );
-                len = pad = 0;
-            }
-            else if( len % 4 != 0 )
-            {
-                printf_err( "The length of the base64 code found should be a multiple of 4.\n" );
-                len = pad = 0;
-            }
-            else
-            {
-                /* Base64 code with valid character length. */
-                return len;
-            }
-        }
-        else
-        {
-            valid_balance--;
-        }
-
-        /* Detection of potentially wrong file format like: binary, zip, ISO, etc. */
-        if( valid_balance < -100 )
-        {
-            printf_err( "Too many bad symbols detected. File check aborted.\n" );
-            return 0;
-        }
-    }
-
-    printf_dbg( "End of file\n" );
-    return 0;
-}
-
-/*
- * This function deserializes and prints to the stdout all obtained information
- * about the certificates from provided data.
- *
- * /p ssl   pointer to serialized certificate
- * /p len   number of bytes in the buffer
-*/
-void print_deserialized_ssl_cert( const uint8_t *ssl, uint32_t len )
-{
-    enum { STRLEN = 4096 };
-    mbedtls_x509_crt crt;
-    int ret;
-    char str[STRLEN];
-
-    printf( "\nCertificate:\n" );
-
-    mbedtls_x509_crt_init( &crt );
-    ret = mbedtls_x509_crt_parse_der( &crt, ssl, len );
-    if( 0 != ret )
-    {
-        mbedtls_strerror( ret, str, STRLEN );
-        printf_err( "Invalid format of X.509 - %s\n", str );
-        printf( "Cannot deserialize:\n\t" );
-        print_hex( ssl, len, 25, "\t" );
-    }
-    else
-    {
-        mbedtls_x509_crt *current = &crt;
-
-        while( current != NULL )
-        {
-            ret = mbedtls_x509_crt_info( str, STRLEN, "\t", current );
-            if( 0 > ret )
-            {
-                mbedtls_strerror( ret, str, STRLEN );
-                printf_err( "Cannot write to the output - %s\n", str );
-            }
-            else
-            {
-                printf( "%s", str );
-            }
-
-            current = current->next;
-
-            if( current )
-            {
-                printf( "\n" );
-            }
-
-        }
-    }
-
-   mbedtls_x509_crt_free( &crt );
-}
-
-/*
- * This function deserializes and prints to the stdout all obtained information
- * about the session from provided data. This function was built based on
- * mbedtls_ssl_session_load(). mbedtls_ssl_session_load() could not be used
- * due to dependencies on the mbedTLS configuration.
- *
- * The data structure in the buffer:
- *  uint64 start_time;
- *  uint8 ciphersuite[2];        // defined by the standard
- *  uint8 compression;           // 0 or 1
- *  uint8 session_id_len;        // at most 32
- *  opaque session_id[32];
- *  opaque master[48];           // fixed length in the standard
- *  uint32 verify_result;
- *  opaque peer_cert<0..2^24-1>; // length 0 means no peer cert
- *  opaque ticket<0..2^24-1>;    // length 0 means no ticket
- *  uint32 ticket_lifetime;
- *  uint8 mfl_code;              // up to 255 according to standard
- *  uint8 trunc_hmac;            // 0 or 1
- *  uint8 encrypt_then_mac;      // 0 or 1
- *
- * /p ssl               pointer to serialized session
- * /p len               number of bytes in the buffer
- * /p session_cfg_flag  session configuration flags
- */
-void print_deserialized_ssl_session( const uint8_t *ssl, uint32_t len,
-                                     int session_cfg_flag )
-{
-    const struct mbedtls_ssl_ciphersuite_t * ciphersuite_info;
-    int ciphersuite_id;
-    uint32_t cert_len, ticket_len;
-    uint32_t verify_result, ticket_lifetime;
-    const uint8_t *end = ssl + len;
-
-    printf( "\nSession info:\n" );
-
-    if( session_cfg_flag & SESSION_CONFIG_TIME_BIT )
-    {
-        uint64_t start;
-        CHECK_SSL_END( 8 );
-        start = ( (uint64_t) ssl[0] << 56 ) |
-                ( (uint64_t) ssl[1] << 48 ) |
-                ( (uint64_t) ssl[2] << 40 ) |
-                ( (uint64_t) ssl[3] << 32 ) |
-                ( (uint64_t) ssl[4] << 24 ) |
-                ( (uint64_t) ssl[5] << 16 ) |
-                ( (uint64_t) ssl[6] <<  8 ) |
-                ( (uint64_t) ssl[7] );
-        ssl += 8;
-        printf( "\tstart time     : " );
-        print_time( (time_t*) &start );
-    }
-
-    CHECK_SSL_END( 2 );
-    ciphersuite_id = ( (int) ssl[0] << 8 ) | (int) ssl[1];
-    printf_dbg( "Ciphersuite ID: %d\n", ciphersuite_id );
-    ssl += 2;
-
-    ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
-    if( ciphersuite_info == NULL )
-    {
-        printf_err( "Cannot find ciphersuite info\n" );
-    }
-    else
-    {
-        const mbedtls_cipher_info_t *cipher_info;
-        const mbedtls_md_info_t *md_info;
-
-        printf( "\tciphersuite    : %s\n", ciphersuite_info->name );
-        printf( "\tcipher flags   : 0x%02X\n", ciphersuite_info->flags );
-
-        cipher_info = mbedtls_cipher_info_from_type( ciphersuite_info->cipher );
-        if( cipher_info == NULL )
-        {
-            printf_err( "Cannot find cipher info\n" );
-        }
-        else
-        {
-            printf( "\tcipher         : %s\n", cipher_info->name );
-        }
-
-        md_info = mbedtls_md_info_from_type( ciphersuite_info->mac );
-        if( md_info == NULL )
-        {
-            printf_err( "Cannot find Message-Digest info\n" );
-        }
-        else
-        {
-            printf( "\tMessage-Digest : %s\n", md_info->name );
-        }
-    }
-
-    CHECK_SSL_END( 1 );
-    printf( "\tcompression    : %s\n", get_enabled_str( *ssl++ ) );
-
-    /* Note - Here we can get session ID length from serialized data, but we
-     * use hardcoded 32-bytes length. This approach was taken from
-     * 'mbedtls_ssl_session_load()'. */
-    CHECK_SSL_END( 1 + 32 );
-    printf_dbg( "Session id length: %u\n", (uint32_t) *ssl++ );
-    printf( "\tsession ID     : ");
-    print_hex( ssl, 32, 16, "\t                 " );
-    ssl += 32;
-
-    printf( "\tmaster secret  : ");
-    CHECK_SSL_END( 48 );
-    print_hex( ssl, 48, 16, "\t                 " );
-    ssl += 48;
-
-    CHECK_SSL_END( 4 );
-    verify_result = ( (uint32_t) ssl[0] << 24 ) |
-                    ( (uint32_t) ssl[1] << 16 ) |
-                    ( (uint32_t) ssl[2] <<  8 ) |
-                    ( (uint32_t) ssl[3] );
-    ssl += 4;
-    printf( "\tverify result  : 0x%08X\n", verify_result );
-
-    if( SESSION_CONFIG_CRT_BIT & session_cfg_flag )
-    {
-        if( conf_keep_peer_certificate )
-        {
-            CHECK_SSL_END( 3 );
-            cert_len = ( (uint32_t) ssl[0] << 16 ) |
-                       ( (uint32_t) ssl[1] <<  8 ) |
-                       ( (uint32_t) ssl[2] );
-            ssl += 3;
-            printf_dbg( "Certificate length: %u\n", cert_len );
-
-            if( cert_len > 0 )
-            {
-                CHECK_SSL_END( cert_len );
-                print_deserialized_ssl_cert( ssl, cert_len );
-                ssl += cert_len;
-            }
-        }
-        else
-        {
-            printf( "\tPeer digest    : " );
-
-            CHECK_SSL_END( 1 );
-            switch( (mbedtls_md_type_t) *ssl++ )
-            {
-                case MBEDTLS_MD_NONE:
-                    printf( "none\n" );
-                    break;
-                case MBEDTLS_MD_MD2:
-                    printf( "MD2\n" );
-                    break;
-                case MBEDTLS_MD_MD4:
-                    printf( "MD4\n" );
-                    break;
-                case MBEDTLS_MD_MD5:
-                    printf( "MD5\n" );
-                    break;
-                case MBEDTLS_MD_SHA1:
-                    printf( "SHA1\n" );
-                    break;
-                case MBEDTLS_MD_SHA224:
-                    printf( "SHA224\n" );
-                    break;
-                case MBEDTLS_MD_SHA256:
-                    printf( "SHA256\n" );
-                    break;
-                case MBEDTLS_MD_SHA384:
-                    printf( "SHA384\n" );
-                    break;
-                case MBEDTLS_MD_SHA512:
-                    printf( "SHA512\n" );
-                    break;
-                case MBEDTLS_MD_RIPEMD160:
-                    printf( "RIPEMD160\n" );
-                    break;
-                default:
-                    printf( "undefined or erroneous\n" );
-                    break;
-            }
-
-            CHECK_SSL_END( 1 );
-            cert_len  = (uint32_t) *ssl++;
-            printf_dbg( "Message-Digest length: %u\n", cert_len );
-
-            if( cert_len > 0 )
-            {
-                printf( "\tPeer digest cert : " );
-                CHECK_SSL_END( cert_len );
-                print_hex( ssl, cert_len, 16, "\t                   " );
-                ssl += cert_len;
-            }
-        }
-    }
-
-    if( SESSION_CONFIG_CLIENT_TICKET_BIT & session_cfg_flag )
-    {
-        printf( "\nTicket:\n" );
-
-        CHECK_SSL_END( 3 );
-        ticket_len = ( (uint32_t) ssl[0] << 16 ) |
-                     ( (uint32_t) ssl[1] <<  8 ) |
-                     ( (uint32_t) ssl[2] );
-        ssl += 3;
-        printf_dbg( "Ticket length: %u\n", ticket_len );
-
-        if( ticket_len > 0 )
-        {
-            printf( "\t" );
-            CHECK_SSL_END( ticket_len );
-            print_hex( ssl, ticket_len, 22, "\t" );
-            ssl += ticket_len;
-            printf( "\n" );
-        }
-
-        CHECK_SSL_END( 4 );
-        ticket_lifetime = ( (uint32_t) ssl[0] << 24 ) |
-                          ( (uint32_t) ssl[1] << 16 ) |
-                          ( (uint32_t) ssl[2] <<  8 ) |
-                          ( (uint32_t) ssl[3] );
-        ssl += 4;
-        printf( "\tlifetime : %u sec.\n", ticket_lifetime );
-    }
-
-    if( ssl < end )
-    {
-        printf( "\nSession others:\n" );
-    }
-
-    if( SESSION_CONFIG_MFL_BIT & session_cfg_flag )
-    {
-        CHECK_SSL_END( 1 );
-        printf( "\tMFL                      : %s\n", get_mfl_str( *ssl++ ) );
-    }
-
-    if( SESSION_CONFIG_TRUNC_HMAC_BIT & session_cfg_flag )
-    {
-        CHECK_SSL_END( 1 );
-        printf( "\tnegotiate truncated HMAC : %s\n", get_enabled_str( *ssl++ ) );
-    }
-
-    if( SESSION_CONFIG_ETM_BIT & session_cfg_flag )
-    {
-        CHECK_SSL_END( 1 );
-        printf( "\tEncrypt-then-MAC         : %s\n", get_enabled_str( *ssl++ ) );
-    }
-
-    if( 0 != ( end - ssl ) )
-    {
-        printf_err( "%i bytes left to analyze from session\n", (int32_t)( end - ssl ) );
-    }
-}
-
-/*
- * This function deserializes and prints to the stdout all obtained information
- * about the context from provided data. This function was built based on
- * mbedtls_ssl_context_load(). mbedtls_ssl_context_load() could not be used
- * due to dependencies on the mbedTLS configuration and the configuration of
- * the context when serialization was created.
- *
- * The data structure in the buffer:
- *  // header
- *  uint8 version[3];
- *  uint8 configuration[5];
- *  // session sub-structure
- *  uint32_t session_len;
- *  opaque session<1..2^32-1>;  // see mbedtls_ssl_session_save()
- *  // transform sub-structure
- *  uint8 random[64];           // ServerHello.random+ClientHello.random
- *  uint8 in_cid_len;
- *  uint8 in_cid<0..2^8-1>      // Connection ID: expected incoming value
- *  uint8 out_cid_len;
- *  uint8 out_cid<0..2^8-1>     // Connection ID: outgoing value to use
- *  // fields from ssl_context
- *  uint32 badmac_seen;         // DTLS: number of records with failing MAC
- *  uint64 in_window_top;       // DTLS: last validated record seq_num
- *  uint64 in_window;           // DTLS: bitmask for replay protection
- *  uint8 disable_datagram_packing; // DTLS: only one record per datagram
- *  uint64 cur_out_ctr;         // Record layer: outgoing sequence number
- *  uint16 mtu;                 // DTLS: path mtu (max outgoing fragment size)
- *  uint8 alpn_chosen_len;
- *  uint8 alpn_chosen<0..2^8-1> // ALPN: negotiated application protocol
- *
- * /p ssl   pointer to serialized session
- * /p len   number of bytes in the buffer
- */
-void print_deserialized_ssl_context( const uint8_t *ssl, size_t len )
-{
-    const uint8_t *end = ssl + len;
-    uint32_t session_len;
-    int session_cfg_flag;
-    int context_cfg_flag;
-
-    printf( "\nMbed TLS version:\n" );
-
-    CHECK_SSL_END( 3 + 2 + 3 );
-
-    printf( "\tmajor    %u\n", (uint32_t) *ssl++ );
-    printf( "\tminor    %u\n", (uint32_t) *ssl++ );
-    printf( "\tpath     %u\n", (uint32_t) *ssl++ );
-
-    printf( "\nEnabled session and context configuration:\n" );
-
-    session_cfg_flag = ( (int) ssl[0] << 8 ) | ( (int) ssl[1] );
-    ssl += 2;
-
-    context_cfg_flag = ( (int) ssl[0] << 16 ) |
-                       ( (int) ssl[1] <<  8 ) |
-                       ( (int) ssl[2] ) ;
-    ssl += 3;
-
-    printf_dbg( "Session config flags 0x%04X\n", session_cfg_flag );
-    printf_dbg( "Context config flags 0x%06X\n", context_cfg_flag );
-
-    print_if_bit( "MBEDTLS_HAVE_TIME", SESSION_CONFIG_TIME_BIT, session_cfg_flag );
-    print_if_bit( "MBEDTLS_X509_CRT_PARSE_C", SESSION_CONFIG_CRT_BIT, session_cfg_flag );
-    print_if_bit( "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", SESSION_CONFIG_MFL_BIT, session_cfg_flag );
-    print_if_bit( "MBEDTLS_SSL_TRUNCATED_HMAC", SESSION_CONFIG_TRUNC_HMAC_BIT, session_cfg_flag );
-    print_if_bit( "MBEDTLS_SSL_ENCRYPT_THEN_MAC", SESSION_CONFIG_ETM_BIT, session_cfg_flag );
-    print_if_bit( "MBEDTLS_SSL_SESSION_TICKETS", SESSION_CONFIG_TICKET_BIT, session_cfg_flag );
-    print_if_bit( "MBEDTLS_SSL_SESSION_TICKETS and client", SESSION_CONFIG_CLIENT_TICKET_BIT, session_cfg_flag );
-
-    print_if_bit( "MBEDTLS_SSL_DTLS_CONNECTION_ID", CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT, context_cfg_flag );
-    print_if_bit( "MBEDTLS_SSL_DTLS_BADMAC_LIMIT", CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT, context_cfg_flag );
-    print_if_bit( "MBEDTLS_SSL_DTLS_ANTI_REPLAY", CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT, context_cfg_flag );
-    print_if_bit( "MBEDTLS_SSL_ALPN", CONTEXT_CONFIG_ALPN_BIT, context_cfg_flag );
-
-    CHECK_SSL_END( 4 );
-    session_len = ( (uint32_t) ssl[0] << 24 ) |
-                  ( (uint32_t) ssl[1] << 16 ) |
-                  ( (uint32_t) ssl[2] <<  8 ) |
-                  ( (uint32_t) ssl[3] );
-    ssl += 4;
-    printf_dbg( "Session length %u\n", session_len );
-
-    CHECK_SSL_END( session_len );
-    print_deserialized_ssl_session( ssl, session_len, session_cfg_flag );
-    ssl += session_len;
-
-    printf( "\nRandom bytes:\n\t");
-
-    CHECK_SSL_END( TRANSFORM_RANDBYTE_LEN );
-    print_hex( ssl, TRANSFORM_RANDBYTE_LEN, 22, "\t" );
-    ssl += TRANSFORM_RANDBYTE_LEN;
-
-    printf( "\nContext others:\n" );
-
-    if( CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT & context_cfg_flag )
-    {
-        uint8_t cid_len;
-
-        CHECK_SSL_END( 1 );
-        cid_len = *ssl++;
-        printf_dbg( "In CID length %u\n", (uint32_t) cid_len );
-
-        printf( "\tin CID                             : " );
-        if( cid_len > 0 )
-        {
-            CHECK_SSL_END( cid_len );
-            print_hex( ssl, cid_len, 20, "\t" );
-            ssl += cid_len;
-        }
-        else
-        {
-            printf( "none\n" );
-        }
-
-        CHECK_SSL_END( 1 );
-        cid_len = *ssl++;
-        printf_dbg( "Out CID length %u\n", (uint32_t) cid_len );
-
-        printf( "\tout CID                            : " );
-        if( cid_len > 0 )
-        {
-            CHECK_SSL_END( cid_len );
-            print_hex( ssl, cid_len, 20, "\t" );
-            ssl += cid_len;
-        }
-        else
-        {
-            printf( "none\n" );
-        }
-    }
-
-    if( CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT & context_cfg_flag )
-    {
-        uint32_t badmac_seen;
-
-        CHECK_SSL_END( 4 );
-        badmac_seen = ( (uint32_t) ssl[0] << 24 ) |
-                      ( (uint32_t) ssl[1] << 16 ) |
-                      ( (uint32_t) ssl[2] <<  8 ) |
-                      ( (uint32_t) ssl[3] );
-        ssl += 4;
-        printf( "\tbad MAC seen number                : %u\n", badmac_seen );
-
-        /* value 'in_window_top' from mbedtls_ssl_context */
-        printf( "\tlast validated record sequence no. : " );
-        CHECK_SSL_END( 8 );
-        print_hex( ssl, 8, 20, "" );
-        ssl += 8;
-
-        /* value 'in_window' from mbedtls_ssl_context */
-        printf( "\tbitmask for replay detection       : " );
-        CHECK_SSL_END( 8 );
-        print_hex( ssl, 8, 20, "" );
-        ssl += 8;
-    }
-
-    if( conf_dtls_proto )
-    {
-        CHECK_SSL_END( 1 );
-        printf( "\tDTLS datagram packing              : %s\n",
-                get_enabled_str( ! ( *ssl++ ) ) );
-    }
-
-    /* value 'cur_out_ctr' from mbedtls_ssl_context */
-    printf( "\toutgoing record sequence no.       : ");
-    CHECK_SSL_END( 8 );
-    print_hex( ssl, 8, 20, "" );
-    ssl += 8;
-
-    if( conf_dtls_proto )
-    {
-        uint16_t mtu;
-        CHECK_SSL_END( 2 );
-        mtu = ( ssl[0] << 8 ) | ssl[1];
-        ssl += 2;
-        printf( "\tMTU                                : %u\n", mtu );
-    }
-
-
-    if( CONTEXT_CONFIG_ALPN_BIT & context_cfg_flag )
-    {
-        uint8_t alpn_len;
-
-        CHECK_SSL_END( 1 );
-        alpn_len = *ssl++;
-        printf_dbg( "ALPN length %u\n", (uint32_t) alpn_len );
-
-        printf( "\tALPN negotiation                   : " );
-        CHECK_SSL_END( alpn_len );
-        if( alpn_len > 0 )
-        {
-            if( strlen( (const char*) ssl ) == alpn_len )
-            {
-                printf( "%s\n", ssl );
-            }
-            else
-            {
-                printf( "\n" );
-                printf_err( "\tALPN negotiation is incorrect\n" );
-            }
-            ssl += alpn_len;
-        }
-        else
-        {
-            printf( "not selected\n" );
-        }
-    }
-
-    if( 0 != ( end - ssl ) )
-    {
-        printf_err( "%i bytes left to analyze from context\n", (int32_t)( end - ssl ) );
-    }
-    printf( "\n" );
-}
-
-int main( int argc, char *argv[] )
-{
-    enum { SSL_INIT_LEN = 4096 };
-
-    uint32_t b64_counter = 0;
-    uint8_t *b64_buf = NULL;
-    uint8_t *ssl_buf = NULL;
-    size_t b64_max_len = SSL_INIT_LEN;
-    size_t ssl_max_len = SSL_INIT_LEN;
-    size_t ssl_len = 0;
-
-     /* The 'b64_file' is opened when parsing arguments to check that the
-      * file name is correct */
-    parse_arguments( argc, argv );
-
-    if( NULL != b64_file )
-    {
-        b64_buf = malloc( SSL_INIT_LEN );
-        ssl_buf = malloc( SSL_INIT_LEN );
-
-        if( NULL == b64_buf || NULL == ssl_buf )
-        {
-            printf_err( alloc_err );
-            fclose( b64_file );
-            b64_file = NULL;
-        }
-    }
-
-    while( NULL != b64_file )
-    {
-        size_t b64_len = read_next_b64_code( &b64_buf, &b64_max_len );
-        if( b64_len > 0)
-        {
-            int ret;
-            size_t ssl_required_len = b64_len * 3 / 4 + 1;
-
-            /* Allocate more memory if necessary. */
-            if( ssl_required_len > ssl_max_len )
-            {
-                void *ptr = realloc( ssl_buf, ssl_required_len );
-                if( NULL == ptr )
-                {
-                    printf_err( alloc_err );
-                    fclose( b64_file );
-                    b64_file = NULL;
-                    break;
-                }
-                ssl_buf = ptr;
-                ssl_max_len = ssl_required_len;
-            }
-
-            printf( "\nDeserializing number %u:\n",  ++b64_counter );
-
-            printf( "\nBase64 code:\n" );
-            print_b64( b64_buf, b64_len );
-
-            ret = mbedtls_base64_decode( ssl_buf, ssl_max_len, &ssl_len, b64_buf, b64_len );
-            if( ret != 0)
-            {
-                mbedtls_strerror( ret, (char*) b64_buf, b64_max_len );
-                printf_err( "base64 code cannot be decoded - %s\n", b64_buf );
-                continue;
-            }
-
-            if( debug )
-            {
-                printf( "\nDecoded data in hex:\n\t");
-                print_hex( ssl_buf, ssl_len, 25, "\t" );
-            }
-
-            print_deserialized_ssl_context( ssl_buf, ssl_len );
-
-        }
-        else
-        {
-            fclose( b64_file );
-            b64_file = NULL;
-        }
-    }
-
-    free( b64_buf );
-    free( ssl_buf );
-
-    if( b64_counter > 0 )
-    {
-        printf_dbg( "Finished. Found %u base64 codes\n", b64_counter );
-    }
-    else
-    {
-        printf( "Finished. No valid base64 code found\n" );
-    }
-
-    return 0;
-}
-
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_fork_server.c b/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_fork_server.c
deleted file mode 100644
index 3a07179..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_fork_server.c
+++ /dev/null
@@ -1,423 +0,0 @@
-/*
- *  SSL server demonstration program using fork() for handling multiple clients
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_fprintf         fprintf
-#define mbedtls_printf          printf
-#define mbedtls_time_t          time_t
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) ||    \
-    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \
-    !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) ||     \
-    !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) ||    \
-    !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_TIMING_C) || \
-    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_PEM_PARSE_C)
-int main( int argc, char *argv[] )
-{
-    ((void) argc);
-    ((void) argv);
-
-    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C "
-           "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
-           "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
-           "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or "
-           "MBEDTLS_TIMING_C and/or MBEDTLS_PEM_PARSE_C not defined.\n");
-    mbedtls_exit( 0 );
-}
-#elif defined(_WIN32)
-int main( void )
-{
-    mbedtls_printf("_WIN32 defined. This application requires fork() and signals "
-           "to work correctly.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/certs.h"
-#include "mbedtls/x509.h"
-#include "mbedtls/ssl.h"
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/timing.h"
-
-#include <string.h>
-#include <signal.h>
-
-#if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32)
-#include <unistd.h>
-#endif
-
-#define HTTP_RESPONSE \
-    "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
-    "<h2>mbed TLS Test Server</h2>\r\n" \
-    "<p>Successful connection using: %s</p>\r\n"
-
-#define DEBUG_LEVEL 0
-
-
-static void my_debug( void *ctx, int level,
-                      const char *file, int line,
-                      const char *str )
-{
-    ((void) level);
-
-    mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str );
-    fflush(  (FILE *) ctx  );
-}
-
-int main( void )
-{
-    int ret = 1, len, cnt = 0, pid;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    mbedtls_net_context listen_fd, client_fd;
-    unsigned char buf[1024];
-    const char *pers = "ssl_fork_server";
-
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-    mbedtls_x509_crt srvcert;
-    mbedtls_pk_context pkey;
-
-    mbedtls_net_init( &listen_fd );
-    mbedtls_net_init( &client_fd );
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_config_init( &conf );
-    mbedtls_entropy_init( &entropy );
-    mbedtls_pk_init( &pkey );
-    mbedtls_x509_crt_init( &srvcert );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-
-    signal( SIGCHLD, SIG_IGN );
-
-    /*
-     * 0. Initial seeding of the RNG
-     */
-    mbedtls_printf( "\n  . Initial seeding of the random generator..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               strlen( pers ) ) ) != 0 )
-    {
-        mbedtls_printf( " failed!  mbedtls_ctr_drbg_seed returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 1. Load the certificates and private RSA key
-     */
-    mbedtls_printf( "  . Loading the server cert. and key..." );
-    fflush( stdout );
-
-    /*
-     * This demonstration program uses embedded test certificates.
-     * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the
-     * server and CA certificates, as well as mbedtls_pk_parse_keyfile().
-     */
-    ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt,
-                          mbedtls_test_srv_crt_len );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed!  mbedtls_x509_crt_parse returned %d\n\n", ret );
-        goto exit;
-    }
-
-    ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem,
-                          mbedtls_test_cas_pem_len );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed!  mbedtls_x509_crt_parse returned %d\n\n", ret );
-        goto exit;
-    }
-
-    ret =  mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
-                          mbedtls_test_srv_key_len, NULL, 0 );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed!  mbedtls_pk_parse_key returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 1b. Prepare SSL configuration
-     */
-    mbedtls_printf( "  . Configuring SSL..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ssl_config_defaults( &conf,
-                    MBEDTLS_SSL_IS_SERVER,
-                    MBEDTLS_SSL_TRANSPORT_STREAM,
-                    MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
-    {
-        mbedtls_printf( " failed!  mbedtls_ssl_config_defaults returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-    mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
-
-    mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
-    if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
-    {
-        mbedtls_printf( " failed!  mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 2. Setup the listening TCP socket
-     */
-    mbedtls_printf( "  . Bind on https://localhost:4433/ ..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 )
-    {
-        mbedtls_printf( " failed!  mbedtls_net_bind returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    while( 1 )
-    {
-        /*
-         * 3. Wait until a client connects
-         */
-        mbedtls_net_init( &client_fd );
-        mbedtls_ssl_init( &ssl );
-
-        mbedtls_printf( "  . Waiting for a remote connection ...\n" );
-        fflush( stdout );
-
-        if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
-                                        NULL, 0, NULL ) ) != 0 )
-        {
-            mbedtls_printf( " failed!  mbedtls_net_accept returned %d\n\n", ret );
-            goto exit;
-        }
-
-        /*
-         * 3.5. Forking server thread
-         */
-
-        mbedtls_printf( "  . Forking to handle connection ..." );
-        fflush( stdout );
-
-        pid = fork();
-
-        if( pid < 0 )
-        {
-            mbedtls_printf(" failed!  fork returned %d\n\n", pid );
-            goto exit;
-        }
-
-        if( pid != 0 )
-        {
-            mbedtls_printf( " ok\n" );
-            mbedtls_net_close( &client_fd );
-
-            if( ( ret = mbedtls_ctr_drbg_reseed( &ctr_drbg,
-                                         (const unsigned char *) "parent",
-                                         6 ) ) != 0 )
-            {
-                mbedtls_printf( " failed!  mbedtls_ctr_drbg_reseed returned %d\n\n", ret );
-                goto exit;
-            }
-
-            continue;
-        }
-
-        mbedtls_net_close( &listen_fd );
-
-        pid = getpid();
-
-        /*
-         * 4. Setup stuff
-         */
-        mbedtls_printf( "pid %d: Setting up the SSL data.\n", pid );
-        fflush( stdout );
-
-        if( ( ret = mbedtls_ctr_drbg_reseed( &ctr_drbg,
-                                     (const unsigned char *) "child",
-                                     5 ) ) != 0 )
-        {
-            mbedtls_printf(
-                    "pid %d: SSL setup failed!  mbedtls_ctr_drbg_reseed returned %d\n\n",
-                    pid, ret );
-            goto exit;
-        }
-
-        if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
-        {
-            mbedtls_printf(
-                    "pid %d: SSL setup failed!  mbedtls_ssl_setup returned %d\n\n",
-                    pid, ret );
-            goto exit;
-        }
-
-        mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
-
-        mbedtls_printf( "pid %d: SSL setup ok\n", pid );
-
-        /*
-         * 5. Handshake
-         */
-        mbedtls_printf( "pid %d: Performing the SSL/TLS handshake.\n", pid );
-        fflush( stdout );
-
-        while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
-        {
-            if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
-            {
-                mbedtls_printf(
-                        "pid %d: SSL handshake failed!  mbedtls_ssl_handshake returned %d\n\n",
-                        pid, ret );
-                goto exit;
-            }
-        }
-
-        mbedtls_printf( "pid %d: SSL handshake ok\n", pid );
-
-        /*
-         * 6. Read the HTTP Request
-         */
-        mbedtls_printf( "pid %d: Start reading from client.\n", pid );
-        fflush( stdout );
-
-        do
-        {
-            len = sizeof( buf ) - 1;
-            memset( buf, 0, sizeof( buf ) );
-            ret = mbedtls_ssl_read( &ssl, buf, len );
-
-            if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE )
-                continue;
-
-            if( ret <= 0 )
-            {
-                switch( ret )
-                {
-                    case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
-                        mbedtls_printf( "pid %d: connection was closed gracefully\n", pid );
-                        break;
-
-                    case MBEDTLS_ERR_NET_CONN_RESET:
-                        mbedtls_printf( "pid %d: connection was reset by peer\n", pid );
-                        break;
-
-                    default:
-                        mbedtls_printf( "pid %d: mbedtls_ssl_read returned %d\n", pid, ret );
-                        break;
-                }
-
-                break;
-            }
-
-            len = ret;
-            mbedtls_printf( "pid %d: %d bytes read\n\n%s", pid, len, (char *) buf );
-
-            if( ret > 0 )
-                break;
-        }
-        while( 1 );
-
-        /*
-         * 7. Write the 200 Response
-         */
-        mbedtls_printf( "pid %d: Start writing to client.\n", pid );
-        fflush( stdout );
-
-        len = sprintf( (char *) buf, HTTP_RESPONSE,
-                mbedtls_ssl_get_ciphersuite( &ssl ) );
-
-        while( cnt++ < 100 )
-        {
-            while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 )
-            {
-                if( ret == MBEDTLS_ERR_NET_CONN_RESET )
-                {
-                    mbedtls_printf(
-                            "pid %d: Write failed!  peer closed the connection\n\n", pid );
-                    goto exit;
-                }
-
-                if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
-                {
-                    mbedtls_printf(
-                            "pid %d: Write failed!  mbedtls_ssl_write returned %d\n\n",
-                            pid, ret );
-                    goto exit;
-                }
-            }
-            len = ret;
-            mbedtls_printf( "pid %d: %d bytes written\n\n%s\n", pid, len, (char *) buf );
-
-            mbedtls_net_usleep( 1000000 );
-        }
-
-        mbedtls_ssl_close_notify( &ssl );
-        goto exit;
-    }
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-    mbedtls_net_free( &client_fd );
-    mbedtls_net_free( &listen_fd );
-
-    mbedtls_x509_crt_free( &srvcert );
-    mbedtls_pk_free( &pkey );
-    mbedtls_ssl_free( &ssl );
-    mbedtls_ssl_config_free( &conf );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C &&
-          MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C &&
-          MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_PEM_PARSE_C &&
-          ! _WIN32 */
diff --git a/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_mail_client.c b/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_mail_client.c
deleted file mode 100644
index fb965f6..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_mail_client.c
+++ /dev/null
@@ -1,859 +0,0 @@
-/*
- *  SSL client for SMTP servers
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/* Enable definition of gethostname() even when compiling with -std=c99. Must
- * be set before config.h, which pulls in glibc's features.h indirectly.
- * Harmless on other platforms. */
-#define _POSIX_C_SOURCE 200112L
-#define _XOPEN_SOURCE 600
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_time            time
-#define mbedtls_time_t          time_t
-#define mbedtls_fprintf         fprintf
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) ||  \
-    !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
-    !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) ||         \
-    !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
-    !defined(MBEDTLS_FS_IO)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
-           "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
-           "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
-           "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
-           "not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-#include "mbedtls/base64.h"
-#include "mbedtls/error.h"
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/ssl.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/certs.h"
-#include "mbedtls/x509.h"
-
-#include <stdlib.h>
-#include <string.h>
-
-#if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32)
-#include <unistd.h>
-#else
-#include <io.h>
-#endif
-
-#if defined(_WIN32) || defined(_WIN32_WCE)
-#include <winsock2.h>
-#include <windows.h>
-
-#if defined(_MSC_VER)
-#if defined(_WIN32_WCE)
-#pragma comment( lib, "ws2.lib" )
-#else
-#pragma comment( lib, "ws2_32.lib" )
-#endif
-#endif /* _MSC_VER */
-#endif
-
-#define DFL_SERVER_NAME         "localhost"
-#define DFL_SERVER_PORT         "465"
-#define DFL_USER_NAME           "user"
-#define DFL_USER_PWD            "password"
-#define DFL_MAIL_FROM           ""
-#define DFL_MAIL_TO             ""
-#define DFL_DEBUG_LEVEL         0
-#define DFL_CA_FILE             ""
-#define DFL_CRT_FILE            ""
-#define DFL_KEY_FILE            ""
-#define DFL_FORCE_CIPHER        0
-#define DFL_MODE                0
-#define DFL_AUTHENTICATION      0
-
-#define MODE_SSL_TLS            0
-#define MODE_STARTTLS           0
-
-#if defined(MBEDTLS_BASE64_C)
-#define USAGE_AUTH \
-    "    authentication=%%d   default: 0 (disabled)\n"          \
-    "    user_name=%%s        default: \"" DFL_USER_NAME "\"\n" \
-    "    user_pwd=%%s         default: \"" DFL_USER_PWD "\"\n"
-#else
-#define USAGE_AUTH \
-    "    authentication options disabled. (Require MBEDTLS_BASE64_C)\n"
-#endif /* MBEDTLS_BASE64_C */
-
-#if defined(MBEDTLS_FS_IO)
-#define USAGE_IO \
-    "    ca_file=%%s          default: \"\" (pre-loaded)\n" \
-    "    crt_file=%%s         default: \"\" (pre-loaded)\n" \
-    "    key_file=%%s         default: \"\" (pre-loaded)\n"
-#else
-#define USAGE_IO \
-    "    No file operations available (MBEDTLS_FS_IO not defined)\n"
-#endif /* MBEDTLS_FS_IO */
-
-#define USAGE \
-    "\n usage: ssl_mail_client param=<>...\n"                 \
-    "\n acceptable parameters:\n"                             \
-    "    server_name=%%s      default: " DFL_SERVER_NAME "\n" \
-    "    server_port=%%d      default: " DFL_SERVER_PORT "\n" \
-    "    debug_level=%%d      default: 0 (disabled)\n"        \
-    "    mode=%%d             default: 0 (SSL/TLS) (1 for STARTTLS)\n"  \
-    USAGE_AUTH                                                \
-    "    mail_from=%%s        default: \"\"\n"                \
-    "    mail_to=%%s          default: \"\"\n"                \
-    USAGE_IO                                                  \
-    "    force_ciphersuite=<name>    default: all enabled\n"  \
-    " acceptable ciphersuite names:\n"
-
-
-/*
- * global options
- */
-struct options
-{
-    const char *server_name;    /* hostname of the server (client only)     */
-    const char *server_port;    /* port on which the ssl service runs       */
-    int debug_level;            /* level of debugging                       */
-    int authentication;         /* if authentication is required            */
-    int mode;                   /* SSL/TLS (0) or STARTTLS (1)              */
-    const char *user_name;      /* username to use for authentication       */
-    const char *user_pwd;       /* password to use for authentication       */
-    const char *mail_from;      /* E-Mail address to use as sender          */
-    const char *mail_to;        /* E-Mail address to use as recipient       */
-    const char *ca_file;        /* the file with the CA certificate(s)      */
-    const char *crt_file;       /* the file with the client certificate     */
-    const char *key_file;       /* the file with the client key             */
-    int force_ciphersuite[2];   /* protocol/ciphersuite to use, or all      */
-} opt;
-
-static void my_debug( void *ctx, int level,
-                      const char *file, int line,
-                      const char *str )
-{
-    ((void) level);
-
-    mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str );
-    fflush(  (FILE *) ctx  );
-}
-
-static int do_handshake( mbedtls_ssl_context *ssl )
-{
-    int ret;
-    uint32_t flags;
-    unsigned char buf[1024];
-    memset(buf, 0, 1024);
-
-    /*
-     * 4. Handshake
-     */
-    mbedtls_printf( "  . Performing the SSL/TLS handshake..." );
-    fflush( stdout );
-
-    while( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 )
-    {
-        if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
-        {
-#if defined(MBEDTLS_ERROR_C)
-            mbedtls_strerror( ret, (char *) buf, 1024 );
-#endif
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned %d: %s\n\n", ret, buf );
-            return( -1 );
-        }
-    }
-
-    mbedtls_printf( " ok\n    [ Ciphersuite is %s ]\n",
-            mbedtls_ssl_get_ciphersuite( ssl ) );
-
-    /*
-     * 5. Verify the server certificate
-     */
-    mbedtls_printf( "  . Verifying peer X.509 certificate..." );
-
-    /* In real life, we probably want to bail out when ret != 0 */
-    if( ( flags = mbedtls_ssl_get_verify_result( ssl ) ) != 0 )
-    {
-        char vrfy_buf[512];
-
-        mbedtls_printf( " failed\n" );
-
-        mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), "  ! ", flags );
-
-        mbedtls_printf( "%s\n", vrfy_buf );
-    }
-    else
-        mbedtls_printf( " ok\n" );
-
-    mbedtls_printf( "  . Peer certificate information    ...\n" );
-    mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, "      ",
-                   mbedtls_ssl_get_peer_cert( ssl ) );
-    mbedtls_printf( "%s\n", buf );
-
-    return( 0 );
-}
-
-static int write_ssl_data( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
-{
-    int ret;
-
-    mbedtls_printf("\n%s", buf);
-    while( len && ( ret = mbedtls_ssl_write( ssl, buf, len ) ) <= 0 )
-    {
-        if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_write returned %d\n\n", ret );
-            return -1;
-        }
-    }
-
-    return( 0 );
-}
-
-static int write_ssl_and_get_response( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
-{
-    int ret;
-    unsigned char data[128];
-    char code[4];
-    size_t i, idx = 0;
-
-    mbedtls_printf("\n%s", buf);
-    while( len && ( ret = mbedtls_ssl_write( ssl, buf, len ) ) <= 0 )
-    {
-        if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_write returned %d\n\n", ret );
-            return -1;
-        }
-    }
-
-    do
-    {
-        len = sizeof( data ) - 1;
-        memset( data, 0, sizeof( data ) );
-        ret = mbedtls_ssl_read( ssl, data, len );
-
-        if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE )
-            continue;
-
-        if( ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY )
-            return -1;
-
-        if( ret <= 0 )
-        {
-            mbedtls_printf( "failed\n  ! mbedtls_ssl_read returned %d\n\n", ret );
-            return -1;
-        }
-
-        mbedtls_printf("\n%s", data);
-        len = ret;
-        for( i = 0; i < len; i++ )
-        {
-            if( data[i] != '\n' )
-            {
-                if( idx < 4 )
-                    code[ idx++ ] = data[i];
-                continue;
-            }
-
-            if( idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ' )
-            {
-                code[3] = '\0';
-                return atoi( code );
-            }
-
-            idx = 0;
-        }
-    }
-    while( 1 );
-}
-
-static int write_and_get_response( mbedtls_net_context *sock_fd, unsigned char *buf, size_t len )
-{
-    int ret;
-    unsigned char data[128];
-    char code[4];
-    size_t i, idx = 0;
-
-    mbedtls_printf("\n%s", buf);
-    if( len && ( ret = mbedtls_net_send( sock_fd, buf, len ) ) <= 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_send returned %d\n\n", ret );
-            return -1;
-    }
-
-    do
-    {
-        len = sizeof( data ) - 1;
-        memset( data, 0, sizeof( data ) );
-        ret = mbedtls_net_recv( sock_fd, data, len );
-
-        if( ret <= 0 )
-        {
-            mbedtls_printf( "failed\n  ! mbedtls_net_recv returned %d\n\n", ret );
-            return -1;
-        }
-
-        data[len] = '\0';
-        mbedtls_printf("\n%s", data);
-        len = ret;
-        for( i = 0; i < len; i++ )
-        {
-            if( data[i] != '\n' )
-            {
-                if( idx < 4 )
-                    code[ idx++ ] = data[i];
-                continue;
-            }
-
-            if( idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ' )
-            {
-                code[3] = '\0';
-                return atoi( code );
-            }
-
-            idx = 0;
-        }
-    }
-    while( 1 );
-}
-
-int main( int argc, char *argv[] )
-{
-    int ret = 1, len;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    mbedtls_net_context server_fd;
-#if defined(MBEDTLS_BASE64_C)
-    unsigned char base[1024];
-    /* buf is used as the destination buffer for printing base with the format:
-     * "%s\r\n". Hence, the size of buf should be at least the size of base
-     * plus 2 bytes for the \r and \n characters.
-     */
-    unsigned char buf[sizeof( base ) + 2];
-#else
-    unsigned char buf[1024];
-#endif
-    char hostname[32];
-    const char *pers = "ssl_mail_client";
-
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-    mbedtls_x509_crt cacert;
-    mbedtls_x509_crt clicert;
-    mbedtls_pk_context pkey;
-    int i;
-    size_t n;
-    char *p, *q;
-    const int *list;
-
-    /*
-     * Make sure memory references are valid in case we exit early.
-     */
-    mbedtls_net_init( &server_fd );
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_config_init( &conf );
-    memset( &buf, 0, sizeof( buf ) );
-    mbedtls_x509_crt_init( &cacert );
-    mbedtls_x509_crt_init( &clicert );
-    mbedtls_pk_init( &pkey );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-
-    if( argc == 0 )
-    {
-    usage:
-        mbedtls_printf( USAGE );
-
-        list = mbedtls_ssl_list_ciphersuites();
-        while( *list )
-        {
-            mbedtls_printf("    %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) );
-            list++;
-        }
-        mbedtls_printf("\n");
-        goto exit;
-    }
-
-    opt.server_name         = DFL_SERVER_NAME;
-    opt.server_port         = DFL_SERVER_PORT;
-    opt.debug_level         = DFL_DEBUG_LEVEL;
-    opt.authentication      = DFL_AUTHENTICATION;
-    opt.mode                = DFL_MODE;
-    opt.user_name           = DFL_USER_NAME;
-    opt.user_pwd            = DFL_USER_PWD;
-    opt.mail_from           = DFL_MAIL_FROM;
-    opt.mail_to             = DFL_MAIL_TO;
-    opt.ca_file             = DFL_CA_FILE;
-    opt.crt_file            = DFL_CRT_FILE;
-    opt.key_file            = DFL_KEY_FILE;
-    opt.force_ciphersuite[0]= DFL_FORCE_CIPHER;
-
-    for( i = 1; i < argc; i++ )
-    {
-        p = argv[i];
-        if( ( q = strchr( p, '=' ) ) == NULL )
-            goto usage;
-        *q++ = '\0';
-
-        if( strcmp( p, "server_name" ) == 0 )
-            opt.server_name = q;
-        else if( strcmp( p, "server_port" ) == 0 )
-            opt.server_port = q;
-        else if( strcmp( p, "debug_level" ) == 0 )
-        {
-            opt.debug_level = atoi( q );
-            if( opt.debug_level < 0 || opt.debug_level > 65535 )
-                goto usage;
-        }
-        else if( strcmp( p, "authentication" ) == 0 )
-        {
-            opt.authentication = atoi( q );
-            if( opt.authentication < 0 || opt.authentication > 1 )
-                goto usage;
-        }
-        else if( strcmp( p, "mode" ) == 0 )
-        {
-            opt.mode = atoi( q );
-            if( opt.mode < 0 || opt.mode > 1 )
-                goto usage;
-        }
-        else if( strcmp( p, "user_name" ) == 0 )
-            opt.user_name = q;
-        else if( strcmp( p, "user_pwd" ) == 0 )
-            opt.user_pwd = q;
-        else if( strcmp( p, "mail_from" ) == 0 )
-            opt.mail_from = q;
-        else if( strcmp( p, "mail_to" ) == 0 )
-            opt.mail_to = q;
-        else if( strcmp( p, "ca_file" ) == 0 )
-            opt.ca_file = q;
-        else if( strcmp( p, "crt_file" ) == 0 )
-            opt.crt_file = q;
-        else if( strcmp( p, "key_file" ) == 0 )
-            opt.key_file = q;
-        else if( strcmp( p, "force_ciphersuite" ) == 0 )
-        {
-            opt.force_ciphersuite[0] = -1;
-
-            opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q );
-
-            if( opt.force_ciphersuite[0] <= 0 )
-                goto usage;
-
-            opt.force_ciphersuite[1] = 0;
-        }
-        else
-            goto usage;
-    }
-
-    /*
-     * 0. Initialize the RNG and the session data
-     */
-    mbedtls_printf( "\n  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    mbedtls_entropy_init( &entropy );
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               strlen( pers ) ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 1.1. Load the trusted CA
-     */
-    mbedtls_printf( "  . Loading the CA root certificate ..." );
-    fflush( stdout );
-
-#if defined(MBEDTLS_FS_IO)
-    if( strlen( opt.ca_file ) )
-        ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file );
-    else
-#endif
-#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C)
-        ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem,
-                              mbedtls_test_cas_pem_len );
-#else
-    {
-        mbedtls_printf("MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined.");
-        goto exit;
-    }
-#endif
-    if( ret < 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok (%d skipped)\n", ret );
-
-    /*
-     * 1.2. Load own certificate and private key
-     *
-     * (can be skipped if client authentication is not required)
-     */
-    mbedtls_printf( "  . Loading the client cert. and key..." );
-    fflush( stdout );
-
-#if defined(MBEDTLS_FS_IO)
-    if( strlen( opt.crt_file ) )
-        ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file );
-    else
-#endif
-#if defined(MBEDTLS_CERTS_C)
-        ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt,
-                              mbedtls_test_cli_crt_len );
-#else
-    {
-        mbedtls_printf("MBEDTLS_CERTS_C not defined.");
-        goto exit;
-    }
-#endif
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse returned %d\n\n", ret );
-        goto exit;
-    }
-
-#if defined(MBEDTLS_FS_IO)
-    if( strlen( opt.key_file ) )
-        ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" );
-    else
-#endif
-#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C)
-        ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_cli_key,
-                mbedtls_test_cli_key_len, NULL, 0 );
-#else
-    {
-        mbedtls_printf("MBEDTLS_CERTS_C or MBEDTLS_PEM_PARSE_C not defined.");
-        goto exit;
-    }
-#endif
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_pk_parse_key returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 2. Start the connection
-     */
-    mbedtls_printf( "  . Connecting to tcp/%s/%s...", opt.server_name,
-                                                opt.server_port );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_net_connect( &server_fd, opt.server_name,
-                             opt.server_port, MBEDTLS_NET_PROTO_TCP ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_connect returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 3. Setup stuff
-     */
-    mbedtls_printf( "  . Setting up the SSL/TLS structure..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ssl_config_defaults( &conf,
-                    MBEDTLS_SSL_IS_CLIENT,
-                    MBEDTLS_SSL_TRANSPORT_STREAM,
-                    MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
-        goto exit;
-    }
-
-    /* OPTIONAL is not optimal for security,
-     * but makes interop easier in this simplified example */
-    mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
-
-    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-    mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
-
-    if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
-        mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite );
-
-    mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
-    if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_setup returned %d\n\n", ret );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
-
-    mbedtls_printf( " ok\n" );
-
-    if( opt.mode == MODE_SSL_TLS )
-    {
-        if( do_handshake( &ssl ) != 0 )
-            goto exit;
-
-        mbedtls_printf( "  > Get header from server:" );
-        fflush( stdout );
-
-        ret = write_ssl_and_get_response( &ssl, buf, 0 );
-        if( ret < 200 || ret > 299 )
-        {
-            mbedtls_printf( " failed\n  ! server responded with %d\n\n", ret );
-            goto exit;
-        }
-
-        mbedtls_printf(" ok\n" );
-
-        mbedtls_printf( "  > Write EHLO to server:" );
-        fflush( stdout );
-
-        gethostname( hostname, 32 );
-        len = sprintf( (char *) buf, "EHLO %s\r\n", hostname );
-        ret = write_ssl_and_get_response( &ssl, buf, len );
-        if( ret < 200 || ret > 299 )
-        {
-            mbedtls_printf( " failed\n  ! server responded with %d\n\n", ret );
-            goto exit;
-        }
-    }
-    else
-    {
-        mbedtls_printf( "  > Get header from server:" );
-        fflush( stdout );
-
-        ret = write_and_get_response( &server_fd, buf, 0 );
-        if( ret < 200 || ret > 299 )
-        {
-            mbedtls_printf( " failed\n  ! server responded with %d\n\n", ret );
-            goto exit;
-        }
-
-        mbedtls_printf(" ok\n" );
-
-        mbedtls_printf( "  > Write EHLO to server:" );
-        fflush( stdout );
-
-        gethostname( hostname, 32 );
-        len = sprintf( (char *) buf, "EHLO %s\r\n", hostname );
-        ret = write_and_get_response( &server_fd, buf, len );
-        if( ret < 200 || ret > 299 )
-        {
-            mbedtls_printf( " failed\n  ! server responded with %d\n\n", ret );
-            goto exit;
-        }
-
-        mbedtls_printf(" ok\n" );
-
-        mbedtls_printf( "  > Write STARTTLS to server:" );
-        fflush( stdout );
-
-        gethostname( hostname, 32 );
-        len = sprintf( (char *) buf, "STARTTLS\r\n" );
-        ret = write_and_get_response( &server_fd, buf, len );
-        if( ret < 200 || ret > 299 )
-        {
-            mbedtls_printf( " failed\n  ! server responded with %d\n\n", ret );
-            goto exit;
-        }
-
-        mbedtls_printf(" ok\n" );
-
-        if( do_handshake( &ssl ) != 0 )
-            goto exit;
-    }
-
-#if defined(MBEDTLS_BASE64_C)
-    if( opt.authentication )
-    {
-        mbedtls_printf( "  > Write AUTH LOGIN to server:" );
-        fflush( stdout );
-
-        len = sprintf( (char *) buf, "AUTH LOGIN\r\n" );
-        ret = write_ssl_and_get_response( &ssl, buf, len );
-        if( ret < 200 || ret > 399 )
-        {
-            mbedtls_printf( " failed\n  ! server responded with %d\n\n", ret );
-            goto exit;
-        }
-
-        mbedtls_printf(" ok\n" );
-
-        mbedtls_printf( "  > Write username to server: %s", opt.user_name );
-        fflush( stdout );
-
-        ret = mbedtls_base64_encode( base, sizeof( base ), &n, (const unsigned char *) opt.user_name,
-                             strlen( opt.user_name ) );
-
-        if( ret != 0 ) {
-            mbedtls_printf( " failed\n  ! mbedtls_base64_encode returned %d\n\n", ret );
-            goto exit;
-        }
-        len = sprintf( (char *) buf, "%s\r\n", base );
-        ret = write_ssl_and_get_response( &ssl, buf, len );
-        if( ret < 300 || ret > 399 )
-        {
-            mbedtls_printf( " failed\n  ! server responded with %d\n\n", ret );
-            goto exit;
-        }
-
-        mbedtls_printf(" ok\n" );
-
-        mbedtls_printf( "  > Write password to server: %s", opt.user_pwd );
-        fflush( stdout );
-
-        ret = mbedtls_base64_encode( base, sizeof( base ), &n, (const unsigned char *) opt.user_pwd,
-                             strlen( opt.user_pwd ) );
-
-        if( ret != 0 ) {
-            mbedtls_printf( " failed\n  ! mbedtls_base64_encode returned %d\n\n", ret );
-            goto exit;
-        }
-        len = sprintf( (char *) buf, "%s\r\n", base );
-        ret = write_ssl_and_get_response( &ssl, buf, len );
-        if( ret < 200 || ret > 399 )
-        {
-            mbedtls_printf( " failed\n  ! server responded with %d\n\n", ret );
-            goto exit;
-        }
-
-        mbedtls_printf(" ok\n" );
-    }
-#endif
-
-    mbedtls_printf( "  > Write MAIL FROM to server:" );
-    fflush( stdout );
-
-    len = sprintf( (char *) buf, "MAIL FROM:<%s>\r\n", opt.mail_from );
-    ret = write_ssl_and_get_response( &ssl, buf, len );
-    if( ret < 200 || ret > 299 )
-    {
-        mbedtls_printf( " failed\n  ! server responded with %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf(" ok\n" );
-
-    mbedtls_printf( "  > Write RCPT TO to server:" );
-    fflush( stdout );
-
-    len = sprintf( (char *) buf, "RCPT TO:<%s>\r\n", opt.mail_to );
-    ret = write_ssl_and_get_response( &ssl, buf, len );
-    if( ret < 200 || ret > 299 )
-    {
-        mbedtls_printf( " failed\n  ! server responded with %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf(" ok\n" );
-
-    mbedtls_printf( "  > Write DATA to server:" );
-    fflush( stdout );
-
-    len = sprintf( (char *) buf, "DATA\r\n" );
-    ret = write_ssl_and_get_response( &ssl, buf, len );
-    if( ret < 300 || ret > 399 )
-    {
-        mbedtls_printf( " failed\n  ! server responded with %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf(" ok\n" );
-
-    mbedtls_printf( "  > Write content to server:" );
-    fflush( stdout );
-
-    len = sprintf( (char *) buf, "From: %s\r\nSubject: mbed TLS Test mail\r\n\r\n"
-            "This is a simple test mail from the "
-            "mbed TLS mail client example.\r\n"
-            "\r\n"
-            "Enjoy!", opt.mail_from );
-    ret = write_ssl_data( &ssl, buf, len );
-
-    len = sprintf( (char *) buf, "\r\n.\r\n");
-    ret = write_ssl_and_get_response( &ssl, buf, len );
-    if( ret < 200 || ret > 299 )
-    {
-        mbedtls_printf( " failed\n  ! server responded with %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf(" ok\n" );
-
-    mbedtls_ssl_close_notify( &ssl );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
-    mbedtls_net_free( &server_fd );
-    mbedtls_x509_crt_free( &clicert );
-    mbedtls_x509_crt_free( &cacert );
-    mbedtls_pk_free( &pkey );
-    mbedtls_ssl_free( &ssl );
-    mbedtls_ssl_config_free( &conf );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
-          MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C **
-          MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_pthread_server.c b/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_pthread_server.c
deleted file mode 100644
index c8ab215..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_pthread_server.c
+++ /dev/null
@@ -1,531 +0,0 @@
-/*
- *  SSL server demonstration program using pthread for handling multiple
- *  clients.
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_fprintf    fprintf
-#define mbedtls_printf     printf
-#define mbedtls_snprintf   snprintf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) ||            \
-    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) ||         \
-    !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) ||             \
-    !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) ||            \
-    !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) ||      \
-    !defined(MBEDTLS_THREADING_C) || !defined(MBEDTLS_THREADING_PTHREAD) || \
-    !defined(MBEDTLS_PEM_PARSE_C)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C "
-           "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
-           "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
-           "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or "
-           "MBEDTLS_THREADING_C and/or MBEDTLS_THREADING_PTHREAD "
-           "and/or MBEDTLS_PEM_PARSE_C not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-#include <stdlib.h>
-#include <string.h>
-
-#if defined(_WIN32)
-#include <windows.h>
-#endif
-
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/certs.h"
-#include "mbedtls/x509.h"
-#include "mbedtls/ssl.h"
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/error.h"
-
-#if defined(MBEDTLS_SSL_CACHE_C)
-#include "mbedtls/ssl_cache.h"
-#endif
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-#include "mbedtls/memory_buffer_alloc.h"
-#endif
-
-
-#define HTTP_RESPONSE \
-    "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
-    "<h2>mbed TLS Test Server</h2>\r\n" \
-    "<p>Successful connection using: %s</p>\r\n"
-
-#define DEBUG_LEVEL 0
-
-#define MAX_NUM_THREADS 5
-
-mbedtls_threading_mutex_t debug_mutex;
-
-static void my_mutexed_debug( void *ctx, int level,
-                      const char *file, int line,
-                      const char *str )
-{
-    long int thread_id = (long int) pthread_self();
-
-    mbedtls_mutex_lock( &debug_mutex );
-
-    ((void) level);
-    mbedtls_fprintf( (FILE *) ctx, "%s:%04d: [ #%ld ] %s",
-                                    file, line, thread_id, str );
-    fflush(  (FILE *) ctx  );
-
-    mbedtls_mutex_unlock( &debug_mutex );
-}
-
-typedef struct {
-    mbedtls_net_context client_fd;
-    int thread_complete;
-    const mbedtls_ssl_config *config;
-} thread_info_t;
-
-typedef struct {
-    int active;
-    thread_info_t   data;
-    pthread_t       thread;
-} pthread_info_t;
-
-static thread_info_t    base_info;
-static pthread_info_t   threads[MAX_NUM_THREADS];
-
-static void *handle_ssl_connection( void *data )
-{
-    int ret, len;
-    thread_info_t *thread_info = (thread_info_t *) data;
-    mbedtls_net_context *client_fd = &thread_info->client_fd;
-    long int thread_id = (long int) pthread_self();
-    unsigned char buf[1024];
-    mbedtls_ssl_context ssl;
-
-    /* Make sure memory references are valid */
-    mbedtls_ssl_init( &ssl );
-
-    mbedtls_printf( "  [ #%ld ]  Setting up SSL/TLS data\n", thread_id );
-
-    /*
-     * 4. Get the SSL context ready
-     */
-    if( ( ret = mbedtls_ssl_setup( &ssl, thread_info->config ) ) != 0 )
-    {
-        mbedtls_printf( "  [ #%ld ]  failed: mbedtls_ssl_setup returned -0x%04x\n",
-                thread_id, -ret );
-        goto thread_exit;
-    }
-
-    mbedtls_ssl_set_bio( &ssl, client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
-
-    /*
-     * 5. Handshake
-     */
-    mbedtls_printf( "  [ #%ld ]  Performing the SSL/TLS handshake\n", thread_id );
-
-    while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
-    {
-        if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
-        {
-            mbedtls_printf( "  [ #%ld ]  failed: mbedtls_ssl_handshake returned -0x%04x\n",
-                    thread_id, -ret );
-            goto thread_exit;
-        }
-    }
-
-    mbedtls_printf( "  [ #%ld ]  ok\n", thread_id );
-
-    /*
-     * 6. Read the HTTP Request
-     */
-    mbedtls_printf( "  [ #%ld ]  < Read from client\n", thread_id );
-
-    do
-    {
-        len = sizeof( buf ) - 1;
-        memset( buf, 0, sizeof( buf ) );
-        ret = mbedtls_ssl_read( &ssl, buf, len );
-
-        if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE )
-            continue;
-
-        if( ret <= 0 )
-        {
-            switch( ret )
-            {
-                case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
-                    mbedtls_printf( "  [ #%ld ]  connection was closed gracefully\n",
-                            thread_id );
-                    goto thread_exit;
-
-                case MBEDTLS_ERR_NET_CONN_RESET:
-                    mbedtls_printf( "  [ #%ld ]  connection was reset by peer\n",
-                            thread_id );
-                    goto thread_exit;
-
-                default:
-                    mbedtls_printf( "  [ #%ld ]  mbedtls_ssl_read returned -0x%04x\n",
-                            thread_id, -ret );
-                    goto thread_exit;
-            }
-        }
-
-        len = ret;
-        mbedtls_printf( "  [ #%ld ]  %d bytes read\n=====\n%s\n=====\n",
-                thread_id, len, (char *) buf );
-
-        if( ret > 0 )
-            break;
-    }
-    while( 1 );
-
-    /*
-     * 7. Write the 200 Response
-     */
-    mbedtls_printf( "  [ #%ld ]  > Write to client:\n", thread_id );
-
-    len = sprintf( (char *) buf, HTTP_RESPONSE,
-                   mbedtls_ssl_get_ciphersuite( &ssl ) );
-
-    while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 )
-    {
-        if( ret == MBEDTLS_ERR_NET_CONN_RESET )
-        {
-            mbedtls_printf( "  [ #%ld ]  failed: peer closed the connection\n",
-                    thread_id );
-            goto thread_exit;
-        }
-
-        if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
-        {
-            mbedtls_printf( "  [ #%ld ]  failed: mbedtls_ssl_write returned -0x%04x\n",
-                    thread_id, ret );
-            goto thread_exit;
-        }
-    }
-
-    len = ret;
-    mbedtls_printf( "  [ #%ld ]  %d bytes written\n=====\n%s\n=====\n",
-            thread_id, len, (char *) buf );
-
-    mbedtls_printf( "  [ #%ld ]  . Closing the connection...", thread_id );
-
-    while( ( ret = mbedtls_ssl_close_notify( &ssl ) ) < 0 )
-    {
-        if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
-            ret != MBEDTLS_ERR_SSL_WANT_WRITE )
-        {
-            mbedtls_printf( "  [ #%ld ]  failed: mbedtls_ssl_close_notify returned -0x%04x\n",
-                    thread_id, ret );
-            goto thread_exit;
-        }
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    ret = 0;
-
-thread_exit:
-
-#ifdef MBEDTLS_ERROR_C
-    if( ret != 0 )
-    {
-        char error_buf[100];
-        mbedtls_strerror( ret, error_buf, 100 );
-        mbedtls_printf("  [ #%ld ]  Last error was: -0x%04x - %s\n\n",
-               thread_id, -ret, error_buf );
-    }
-#endif
-
-    mbedtls_net_free( client_fd );
-    mbedtls_ssl_free( &ssl );
-
-    thread_info->thread_complete = 1;
-
-    return( NULL );
-}
-
-static int thread_create( mbedtls_net_context *client_fd )
-{
-    int ret, i;
-
-    /*
-     * Find in-active or finished thread slot
-     */
-    for( i = 0; i < MAX_NUM_THREADS; i++ )
-    {
-        if( threads[i].active == 0 )
-            break;
-
-        if( threads[i].data.thread_complete == 1 )
-        {
-            mbedtls_printf( "  [ main ]  Cleaning up thread %d\n", i );
-            pthread_join(threads[i].thread, NULL );
-            memset( &threads[i], 0, sizeof(pthread_info_t) );
-            break;
-        }
-    }
-
-    if( i == MAX_NUM_THREADS )
-        return( -1 );
-
-    /*
-     * Fill thread-info for thread
-     */
-    memcpy( &threads[i].data, &base_info, sizeof(base_info) );
-    threads[i].active = 1;
-    memcpy( &threads[i].data.client_fd, client_fd, sizeof( mbedtls_net_context ) );
-
-    if( ( ret = pthread_create( &threads[i].thread, NULL, handle_ssl_connection,
-                                &threads[i].data ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    return( 0 );
-}
-
-int main( void )
-{
-    int ret;
-    mbedtls_net_context listen_fd, client_fd;
-    const char pers[] = "ssl_pthread_server";
-
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_ssl_config conf;
-    mbedtls_x509_crt srvcert;
-    mbedtls_x509_crt cachain;
-    mbedtls_pk_context pkey;
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-    unsigned char alloc_buf[100000];
-#endif
-#if defined(MBEDTLS_SSL_CACHE_C)
-    mbedtls_ssl_cache_context cache;
-#endif
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-    mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
-#endif
-
-#if defined(MBEDTLS_SSL_CACHE_C)
-    mbedtls_ssl_cache_init( &cache );
-#endif
-
-    mbedtls_x509_crt_init( &srvcert );
-    mbedtls_x509_crt_init( &cachain );
-
-    mbedtls_ssl_config_init( &conf );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-    memset( threads, 0, sizeof(threads) );
-    mbedtls_net_init( &listen_fd );
-    mbedtls_net_init( &client_fd );
-
-    mbedtls_mutex_init( &debug_mutex );
-
-    base_info.config = &conf;
-
-    /*
-     * We use only a single entropy source that is used in all the threads.
-     */
-    mbedtls_entropy_init( &entropy );
-
-    /*
-     * 1. Load the certificates and private RSA key
-     */
-    mbedtls_printf( "\n  . Loading the server cert. and key..." );
-    fflush( stdout );
-
-    /*
-     * This demonstration program uses embedded test certificates.
-     * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the
-     * server and CA certificates, as well as mbedtls_pk_parse_keyfile().
-     */
-    ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt,
-                          mbedtls_test_srv_crt_len );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse returned %d\n\n", ret );
-        goto exit;
-    }
-
-    ret = mbedtls_x509_crt_parse( &cachain, (const unsigned char *) mbedtls_test_cas_pem,
-                          mbedtls_test_cas_pem_len );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_pk_init( &pkey );
-    ret =  mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
-                         mbedtls_test_srv_key_len, NULL, 0 );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_pk_parse_key returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 1b. Seed the random number generator
-     */
-    mbedtls_printf( "  . Seeding the random number generator..." );
-
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               strlen( pers ) ) ) != 0 )
-    {
-        mbedtls_printf( " failed: mbedtls_ctr_drbg_seed returned -0x%04x\n",
-                -ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 1c. Prepare SSL configuration
-     */
-    mbedtls_printf( "  . Setting up the SSL data...." );
-
-    if( ( ret = mbedtls_ssl_config_defaults( &conf,
-                    MBEDTLS_SSL_IS_SERVER,
-                    MBEDTLS_SSL_TRANSPORT_STREAM,
-                    MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
-    {
-        mbedtls_printf( " failed: mbedtls_ssl_config_defaults returned -0x%04x\n",
-                -ret );
-        goto exit;
-    }
-
-    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-    mbedtls_ssl_conf_dbg( &conf, my_mutexed_debug, stdout );
-
-    /* mbedtls_ssl_cache_get() and mbedtls_ssl_cache_set() are thread-safe if
-     * MBEDTLS_THREADING_C is set.
-     */
-#if defined(MBEDTLS_SSL_CACHE_C)
-    mbedtls_ssl_conf_session_cache( &conf, &cache,
-                                   mbedtls_ssl_cache_get,
-                                   mbedtls_ssl_cache_set );
-#endif
-
-    mbedtls_ssl_conf_ca_chain( &conf, &cachain, NULL );
-    if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 2. Setup the listening TCP socket
-     */
-    mbedtls_printf( "  . Bind on https://localhost:4433/ ..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_bind returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-reset:
-#ifdef MBEDTLS_ERROR_C
-    if( ret != 0 )
-    {
-        char error_buf[100];
-        mbedtls_strerror( ret, error_buf, 100 );
-        mbedtls_printf( "  [ main ]  Last error was: -0x%04x - %s\n", -ret, error_buf );
-    }
-#endif
-
-    /*
-     * 3. Wait until a client connects
-     */
-    mbedtls_printf( "  [ main ]  Waiting for a remote connection\n" );
-
-    if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
-                                    NULL, 0, NULL ) ) != 0 )
-    {
-        mbedtls_printf( "  [ main ] failed: mbedtls_net_accept returned -0x%04x\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( "  [ main ]  ok\n" );
-    mbedtls_printf( "  [ main ]  Creating a new thread\n" );
-
-    if( ( ret = thread_create( &client_fd ) ) != 0 )
-    {
-        mbedtls_printf( "  [ main ]  failed: thread_create returned %d\n", ret );
-        mbedtls_net_free( &client_fd );
-        goto reset;
-    }
-
-    ret = 0;
-    goto reset;
-
-exit:
-    mbedtls_x509_crt_free( &srvcert );
-    mbedtls_pk_free( &pkey );
-#if defined(MBEDTLS_SSL_CACHE_C)
-    mbedtls_ssl_cache_free( &cache );
-#endif
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-    mbedtls_ssl_config_free( &conf );
-
-    mbedtls_net_free( &listen_fd );
-
-    mbedtls_mutex_free( &debug_mutex );
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-    mbedtls_memory_buffer_alloc_free();
-#endif
-
-#if defined(_WIN32)
-    mbedtls_printf( "  Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( ret );
-}
-
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C &&
-          MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C &&
-          MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_THREADING_C &&
-          MBEDTLS_THREADING_PTHREAD && MBEDTLS_PEM_PARSE_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_server.c b/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_server.c
deleted file mode 100644
index 0124338..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_server.c
+++ /dev/null
@@ -1,403 +0,0 @@
-/*
- *  SSL server demonstration program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_time       time
-#define mbedtls_time_t     time_t
-#define mbedtls_fprintf    fprintf
-#define mbedtls_printf     printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) ||    \
-    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \
-    !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) ||     \
-    !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) ||    \
-    !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
-    !defined(MBEDTLS_PEM_PARSE_C)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C "
-           "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
-           "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
-           "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
-           "and/or MBEDTLS_PEM_PARSE_C not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-#include <stdlib.h>
-#include <string.h>
-
-#if defined(_WIN32)
-#include <windows.h>
-#endif
-
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/certs.h"
-#include "mbedtls/x509.h"
-#include "mbedtls/ssl.h"
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/error.h"
-#include "mbedtls/debug.h"
-
-#if defined(MBEDTLS_SSL_CACHE_C)
-#include "mbedtls/ssl_cache.h"
-#endif
-
-#define HTTP_RESPONSE \
-    "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
-    "<h2>mbed TLS Test Server</h2>\r\n" \
-    "<p>Successful connection using: %s</p>\r\n"
-
-#define DEBUG_LEVEL 0
-
-
-static void my_debug( void *ctx, int level,
-                      const char *file, int line,
-                      const char *str )
-{
-    ((void) level);
-
-    mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str );
-    fflush(  (FILE *) ctx  );
-}
-
-int main( void )
-{
-    int ret, len;
-    mbedtls_net_context listen_fd, client_fd;
-    unsigned char buf[1024];
-    const char *pers = "ssl_server";
-
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-    mbedtls_x509_crt srvcert;
-    mbedtls_pk_context pkey;
-#if defined(MBEDTLS_SSL_CACHE_C)
-    mbedtls_ssl_cache_context cache;
-#endif
-
-    mbedtls_net_init( &listen_fd );
-    mbedtls_net_init( &client_fd );
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_config_init( &conf );
-#if defined(MBEDTLS_SSL_CACHE_C)
-    mbedtls_ssl_cache_init( &cache );
-#endif
-    mbedtls_x509_crt_init( &srvcert );
-    mbedtls_pk_init( &pkey );
-    mbedtls_entropy_init( &entropy );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-
-#if defined(MBEDTLS_DEBUG_C)
-    mbedtls_debug_set_threshold( DEBUG_LEVEL );
-#endif
-
-    /*
-     * 1. Load the certificates and private RSA key
-     */
-    mbedtls_printf( "\n  . Loading the server cert. and key..." );
-    fflush( stdout );
-
-    /*
-     * This demonstration program uses embedded test certificates.
-     * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the
-     * server and CA certificates, as well as mbedtls_pk_parse_keyfile().
-     */
-    ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt,
-                          mbedtls_test_srv_crt_len );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse returned %d\n\n", ret );
-        goto exit;
-    }
-
-    ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem,
-                          mbedtls_test_cas_pem_len );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse returned %d\n\n", ret );
-        goto exit;
-    }
-
-    ret =  mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
-                         mbedtls_test_srv_key_len, NULL, 0 );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_pk_parse_key returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 2. Setup the listening TCP socket
-     */
-    mbedtls_printf( "  . Bind on https://localhost:4433/ ..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_bind returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 3. Seed the RNG
-     */
-    mbedtls_printf( "  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               strlen( pers ) ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 4. Setup stuff
-     */
-    mbedtls_printf( "  . Setting up the SSL data...." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ssl_config_defaults( &conf,
-                    MBEDTLS_SSL_IS_SERVER,
-                    MBEDTLS_SSL_TRANSPORT_STREAM,
-                    MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-    mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
-
-#if defined(MBEDTLS_SSL_CACHE_C)
-    mbedtls_ssl_conf_session_cache( &conf, &cache,
-                                   mbedtls_ssl_cache_get,
-                                   mbedtls_ssl_cache_set );
-#endif
-
-    mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
-    if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_setup returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-reset:
-#ifdef MBEDTLS_ERROR_C
-    if( ret != 0 )
-    {
-        char error_buf[100];
-        mbedtls_strerror( ret, error_buf, 100 );
-        mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf );
-    }
-#endif
-
-    mbedtls_net_free( &client_fd );
-
-    mbedtls_ssl_session_reset( &ssl );
-
-    /*
-     * 3. Wait until a client connects
-     */
-    mbedtls_printf( "  . Waiting for a remote connection ..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
-                                    NULL, 0, NULL ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_accept returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 5. Handshake
-     */
-    mbedtls_printf( "  . Performing the SSL/TLS handshake..." );
-    fflush( stdout );
-
-    while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
-    {
-        if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned %d\n\n", ret );
-            goto reset;
-        }
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 6. Read the HTTP Request
-     */
-    mbedtls_printf( "  < Read from client:" );
-    fflush( stdout );
-
-    do
-    {
-        len = sizeof( buf ) - 1;
-        memset( buf, 0, sizeof( buf ) );
-        ret = mbedtls_ssl_read( &ssl, buf, len );
-
-        if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE )
-            continue;
-
-        if( ret <= 0 )
-        {
-            switch( ret )
-            {
-                case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
-                    mbedtls_printf( " connection was closed gracefully\n" );
-                    break;
-
-                case MBEDTLS_ERR_NET_CONN_RESET:
-                    mbedtls_printf( " connection was reset by peer\n" );
-                    break;
-
-                default:
-                    mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret );
-                    break;
-            }
-
-            break;
-        }
-
-        len = ret;
-        mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf );
-
-        if( ret > 0 )
-            break;
-    }
-    while( 1 );
-
-    /*
-     * 7. Write the 200 Response
-     */
-    mbedtls_printf( "  > Write to client:" );
-    fflush( stdout );
-
-    len = sprintf( (char *) buf, HTTP_RESPONSE,
-                   mbedtls_ssl_get_ciphersuite( &ssl ) );
-
-    while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 )
-    {
-        if( ret == MBEDTLS_ERR_NET_CONN_RESET )
-        {
-            mbedtls_printf( " failed\n  ! peer closed the connection\n\n" );
-            goto reset;
-        }
-
-        if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_write returned %d\n\n", ret );
-            goto exit;
-        }
-    }
-
-    len = ret;
-    mbedtls_printf( " %d bytes written\n\n%s\n", len, (char *) buf );
-
-    mbedtls_printf( "  . Closing the connection..." );
-
-    while( ( ret = mbedtls_ssl_close_notify( &ssl ) ) < 0 )
-    {
-        if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
-            ret != MBEDTLS_ERR_SSL_WANT_WRITE )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_close_notify returned %d\n\n", ret );
-            goto reset;
-        }
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    ret = 0;
-    goto reset;
-
-exit:
-
-#ifdef MBEDTLS_ERROR_C
-    if( ret != 0 )
-    {
-        char error_buf[100];
-        mbedtls_strerror( ret, error_buf, 100 );
-        mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf );
-    }
-#endif
-
-    mbedtls_net_free( &client_fd );
-    mbedtls_net_free( &listen_fd );
-
-    mbedtls_x509_crt_free( &srvcert );
-    mbedtls_pk_free( &pkey );
-    mbedtls_ssl_free( &ssl );
-    mbedtls_ssl_config_free( &conf );
-#if defined(MBEDTLS_SSL_CACHE_C)
-    mbedtls_ssl_cache_free( &cache );
-#endif
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( ret );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C &&
-          MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C &&
-          MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C
-          && MBEDTLS_FS_IO && MBEDTLS_PEM_PARSE_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_server2.c b/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_server2.c
deleted file mode 100644
index ceeb224..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/ssl/ssl_server2.c
+++ /dev/null
@@ -1,4581 +0,0 @@
-/*
- *  SSL client with options
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_calloc     calloc
-#define mbedtls_free       free
-#define mbedtls_time       time
-#define mbedtls_time_t     time_t
-#define mbedtls_calloc    calloc
-#define mbedtls_fprintf    fprintf
-#define mbedtls_printf     printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif
-
-#if !defined(MBEDTLS_ENTROPY_C) || \
-    !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_SRV_C) || \
-    !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
-    defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
-int main( void )
-{
-    mbedtls_printf( "MBEDTLS_ENTROPY_C and/or "
-           "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
-           "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined "
-           " and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined.\n" );
-    mbedtls_exit( 0 );
-}
-#else
-
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/ssl.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/certs.h"
-#include "mbedtls/x509.h"
-#include "mbedtls/error.h"
-#include "mbedtls/debug.h"
-#include "mbedtls/timing.h"
-#include "mbedtls/base64.h"
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "psa/crypto.h"
-#include "mbedtls/psa_util.h"
-#endif
-
-#include <test/helpers.h>
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <stdint.h>
-
-#if !defined(_MSC_VER)
-#include <inttypes.h>
-#endif
-
-#if !defined(_WIN32)
-#include <signal.h>
-#endif
-
-#if defined(MBEDTLS_SSL_CACHE_C)
-#include "mbedtls/ssl_cache.h"
-#endif
-
-#if defined(MBEDTLS_SSL_TICKET_C)
-#include "mbedtls/ssl_ticket.h"
-#endif
-
-#if defined(MBEDTLS_SSL_COOKIE_C)
-#include "mbedtls/ssl_cookie.h"
-#endif
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-#include "mbedtls/memory_buffer_alloc.h"
-#endif
-
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && defined(MBEDTLS_FS_IO)
-#define SNI_OPTION
-#endif
-
-#if defined(_WIN32)
-#include <windows.h>
-#endif
-
-/* Size of memory to be allocated for the heap, when using the library's memory
- * management and MBEDTLS_MEMORY_BUFFER_ALLOC_C is enabled. */
-#define MEMORY_HEAP_SIZE        120000
-
-#define DFL_SERVER_ADDR         NULL
-#define DFL_SERVER_PORT         "4433"
-#define DFL_RESPONSE_SIZE       -1
-#define DFL_DEBUG_LEVEL         0
-#define DFL_NBIO                0
-#define DFL_EVENT               0
-#define DFL_READ_TIMEOUT        0
-#define DFL_CA_FILE             ""
-#define DFL_CA_PATH             ""
-#define DFL_CRT_FILE            ""
-#define DFL_KEY_FILE            ""
-#define DFL_KEY_PWD             ""
-#define DFL_CRT_FILE2           ""
-#define DFL_KEY_FILE2           ""
-#define DFL_KEY_PWD2            ""
-#define DFL_ASYNC_OPERATIONS    "-"
-#define DFL_ASYNC_PRIVATE_DELAY1 ( -1 )
-#define DFL_ASYNC_PRIVATE_DELAY2 ( -1 )
-#define DFL_ASYNC_PRIVATE_ERROR  ( 0 )
-#define DFL_PSK                 ""
-#define DFL_PSK_OPAQUE          0
-#define DFL_PSK_LIST_OPAQUE     0
-#define DFL_PSK_IDENTITY        "Client_identity"
-#define DFL_ECJPAKE_PW          NULL
-#define DFL_PSK_LIST            NULL
-#define DFL_FORCE_CIPHER        0
-#define DFL_VERSION_SUITES      NULL
-#define DFL_RENEGOTIATION       MBEDTLS_SSL_RENEGOTIATION_DISABLED
-#define DFL_ALLOW_LEGACY        -2
-#define DFL_RENEGOTIATE         0
-#define DFL_RENEGO_DELAY        -2
-#define DFL_RENEGO_PERIOD       ( (uint64_t)-1 )
-#define DFL_EXCHANGES           1
-#define DFL_MIN_VERSION         -1
-#define DFL_MAX_VERSION         -1
-#define DFL_ARC4                -1
-#define DFL_SHA1                -1
-#define DFL_CID_ENABLED         0
-#define DFL_CID_VALUE           ""
-#define DFL_CID_ENABLED_RENEGO  -1
-#define DFL_CID_VALUE_RENEGO    NULL
-#define DFL_AUTH_MODE           -1
-#define DFL_CERT_REQ_CA_LIST    MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED
-#define DFL_MFL_CODE            MBEDTLS_SSL_MAX_FRAG_LEN_NONE
-#define DFL_TRUNC_HMAC          -1
-#define DFL_TICKETS             MBEDTLS_SSL_SESSION_TICKETS_ENABLED
-#define DFL_TICKET_TIMEOUT      86400
-#define DFL_CACHE_MAX           -1
-#define DFL_CACHE_TIMEOUT       -1
-#define DFL_SNI                 NULL
-#define DFL_ALPN_STRING         NULL
-#define DFL_CURVES              NULL
-#define DFL_DHM_FILE            NULL
-#define DFL_TRANSPORT           MBEDTLS_SSL_TRANSPORT_STREAM
-#define DFL_COOKIES             1
-#define DFL_ANTI_REPLAY         -1
-#define DFL_HS_TO_MIN           0
-#define DFL_HS_TO_MAX           0
-#define DFL_DTLS_MTU            -1
-#define DFL_BADMAC_LIMIT        -1
-#define DFL_DGRAM_PACKING        1
-#define DFL_EXTENDED_MS         -1
-#define DFL_ETM                 -1
-#define DFL_SERIALIZE           0
-#define DFL_CONTEXT_FILE        ""
-#define DFL_EXTENDED_MS_ENFORCE -1
-#define DFL_CA_CALLBACK         0
-#define DFL_EAP_TLS             0
-#define DFL_REPRODUCIBLE        0
-#define DFL_NSS_KEYLOG          0
-#define DFL_NSS_KEYLOG_FILE     NULL
-#define DFL_QUERY_CONFIG_MODE   0
-#define DFL_USE_SRTP            0
-#define DFL_SRTP_FORCE_PROFILE  0
-#define DFL_SRTP_SUPPORT_MKI    0
-
-#define LONG_RESPONSE "<p>01-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
-    "02-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n"  \
-    "03-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n"  \
-    "04-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n"  \
-    "05-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n"  \
-    "06-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n"  \
-    "07-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah</p>\r\n"
-
-/* Uncomment LONG_RESPONSE at the end of HTTP_RESPONSE to test sending longer
- * packets (for fragmentation purposes) */
-#define HTTP_RESPONSE \
-    "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
-    "<h2>mbed TLS Test Server</h2>\r\n" \
-    "<p>Successful connection using: %s</p>\r\n" // LONG_RESPONSE
-
-/*
- * Size of the basic I/O buffer. Able to hold our default response.
- *
- * You will need to adapt the mbedtls_ssl_get_bytes_avail() test in ssl-opt.sh
- * if you change this value to something outside the range <= 100 or > 500
- */
-#define DFL_IO_BUF_LEN      200
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-#if defined(MBEDTLS_FS_IO)
-#define USAGE_IO \
-    "    ca_file=%%s          The single file containing the top-level CA(s) you fully trust\n" \
-    "                        default: \"\" (pre-loaded)\n" \
-    "                        use \"none\" to skip loading any top-level CAs.\n" \
-    "    ca_path=%%s          The path containing the top-level CA(s) you fully trust\n" \
-    "                        default: \"\" (pre-loaded) (overrides ca_file)\n" \
-    "                        use \"none\" to skip loading any top-level CAs.\n" \
-    "    crt_file=%%s         Your own cert and chain (in bottom to top order, top may be omitted)\n" \
-    "                        default: see note after key_file2\n" \
-    "    key_file=%%s         default: see note after key_file2\n" \
-    "    key_pwd=%%s          Password for key specified by key_file argument\n"\
-    "                        default: none\n" \
-    "    crt_file2=%%s        Your second cert and chain (in bottom to top order, top may be omitted)\n" \
-    "                        default: see note after key_file2\n" \
-    "    key_file2=%%s        default: see note below\n" \
-    "                        note: if neither crt_file/key_file nor crt_file2/key_file2 are used,\n" \
-    "                              preloaded certificate(s) and key(s) are used if available\n" \
-    "    key_pwd2=%%s         Password for key specified by key_file2 argument\n"\
-    "                        default: none\n" \
-    "    dhm_file=%%s        File containing Diffie-Hellman parameters\n" \
-    "                       default: preloaded parameters\n"
-#else
-#define USAGE_IO \
-    "\n"                                                    \
-    "    No file operations available (MBEDTLS_FS_IO not defined)\n" \
-    "\n"
-#endif /* MBEDTLS_FS_IO */
-#else
-#define USAGE_IO ""
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-#define USAGE_SSL_ASYNC \
-    "    async_operations=%%c...   d=decrypt, s=sign (default: -=off)\n" \
-    "    async_private_delay1=%%d  Asynchronous delay for key_file or preloaded key\n" \
-    "    async_private_delay2=%%d  Asynchronous delay for key_file2 and sni\n" \
-    "                              default: -1 (not asynchronous)\n" \
-    "    async_private_error=%%d   Async callback error injection (default=0=none,\n" \
-    "                              1=start, 2=cancel, 3=resume, negative=first time only)"
-#else
-#define USAGE_SSL_ASYNC ""
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-#define USAGE_CID \
-    "    cid=%%d             Disable (0) or enable (1) the use of the DTLS Connection ID extension.\n" \
-    "                       default: 0 (disabled)\n"     \
-    "    cid_renego=%%d      Disable (0) or enable (1) the use of the DTLS Connection ID extension during renegotiation.\n" \
-    "                       default: same as 'cid' parameter\n"     \
-    "    cid_val=%%s          The CID to use for incoming messages (in hex, without 0x).\n"  \
-    "                        default: \"\"\n" \
-    "    cid_val_renego=%%s   The CID to use for incoming messages (in hex, without 0x) after renegotiation.\n"  \
-    "                        default: same as 'cid_val' parameter\n"
-#else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-#define USAGE_CID ""
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-#define USAGE_PSK_RAW                                               \
-    "    psk=%%s              default: \"\" (disabled)\n"     \
-    "                          The PSK values are in hex, without 0x.\n" \
-    "    psk_list=%%s         default: \"\"\n"                          \
-    "                          A list of (PSK identity, PSK value) pairs.\n" \
-    "                          The PSK values are in hex, without 0x.\n" \
-    "                          id1,psk1[,id2,psk2[,...]]\n"             \
-    "    psk_identity=%%s     default: \"Client_identity\"\n"
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#define USAGE_PSK_SLOT                          \
-    "    psk_opaque=%%d       default: 0 (don't use opaque static PSK)\n"     \
-    "                          Enable this to store the PSK configured through command line\n" \
-    "                          parameter `psk` in a PSA-based key slot.\n" \
-    "                          Note: Currently only supported in conjunction with\n"                  \
-    "                          the use of min_version to force TLS 1.2 and force_ciphersuite \n"      \
-    "                          to force a particular PSK-only ciphersuite.\n"                         \
-    "                          Note: This is to test integration of PSA-based opaque PSKs with\n"     \
-    "                          Mbed TLS only. Production systems are likely to configure Mbed TLS\n"  \
-    "                          with prepopulated key slots instead of importing raw key material.\n" \
-    "    psk_list_opaque=%%d  default: 0 (don't use opaque dynamic PSKs)\n"     \
-    "                          Enable this to store the list of dynamically chosen PSKs configured\n" \
-    "                          through the command line parameter `psk_list` in PSA-based key slots.\n" \
-    "                          Note: Currently only supported in conjunction with\n" \
-    "                          the use of min_version to force TLS 1.2 and force_ciphersuite \n" \
-    "                          to force a particular PSK-only ciphersuite.\n" \
-    "                          Note: This is to test integration of PSA-based opaque PSKs with\n" \
-    "                          Mbed TLS only. Production systems are likely to configure Mbed TLS\n" \
-    "                          with prepopulated key slots instead of importing raw key material.\n"
-#else
-#define USAGE_PSK_SLOT ""
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-#define USAGE_PSK USAGE_PSK_RAW USAGE_PSK_SLOT
-#else
-#define USAGE_PSK ""
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-#define USAGE_CA_CALLBACK                       \
-    "   ca_callback=%%d       default: 0 (disabled)\n"      \
-    "                         Enable this to use the trusted certificate callback function\n"
-#else
-#define USAGE_CA_CALLBACK ""
-#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-#define USAGE_TICKETS                                       \
-    "    tickets=%%d          default: 1 (enabled)\n"       \
-    "    ticket_timeout=%%d   default: 86400 (one day)\n"
-#else
-#define USAGE_TICKETS ""
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
-
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-#define USAGE_EAP_TLS                                       \
-    "    eap_tls=%%d          default: 0 (disabled)\n"
-#define USAGE_NSS_KEYLOG                                    \
-    "    nss_keylog=%%d          default: 0 (disabled)\n"   \
-    "                             This cannot be used with eap_tls=1\n"
-#define USAGE_NSS_KEYLOG_FILE                               \
-    "    nss_keylog_file=%%s\n"
-#if defined(MBEDTLS_SSL_DTLS_SRTP)
-#define USAGE_SRTP \
-    "    use_srtp=%%d         default: 0 (disabled)\n" \
-    "    srtp_force_profile=%%d  default: 0 (all enabled)\n"   \
-    "                        available profiles:\n"       \
-    "                        1 - SRTP_AES128_CM_HMAC_SHA1_80\n"  \
-    "                        2 - SRTP_AES128_CM_HMAC_SHA1_32\n"  \
-    "                        3 - SRTP_NULL_HMAC_SHA1_80\n"       \
-    "                        4 - SRTP_NULL_HMAC_SHA1_32\n"       \
-    "    support_mki=%%d     default: 0 (not supported)\n"
-#else /* MBEDTLS_SSL_DTLS_SRTP */
-#define USAGE_SRTP ""
-#endif
-#else /* MBEDTLS_SSL_EXPORT_KEYS */
-#define USAGE_EAP_TLS ""
-#define USAGE_NSS_KEYLOG ""
-#define USAGE_NSS_KEYLOG_FILE ""
-#define USAGE_SRTP ""
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */
-
-#if defined(MBEDTLS_SSL_CACHE_C)
-#define USAGE_CACHE                                             \
-    "    cache_max=%%d        default: cache default (50)\n"    \
-    "    cache_timeout=%%d    default: cache default (1d)\n"
-#else
-#define USAGE_CACHE ""
-#endif /* MBEDTLS_SSL_CACHE_C */
-
-#if defined(SNI_OPTION)
-#if defined(MBEDTLS_X509_CRL_PARSE_C)
-#define SNI_CRL              ",crl"
-#else
-#define SNI_CRL              ""
-#endif
-
-#define USAGE_SNI                                                           \
-    "    sni=%%s              name1,cert1,key1,ca1"SNI_CRL",auth1[,...]\n"  \
-    "                        default: disabled\n"
-#else
-#define USAGE_SNI ""
-#endif /* SNI_OPTION */
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-#define USAGE_MAX_FRAG_LEN                                      \
-    "    max_frag_len=%%d     default: 16384 (tls default)\n"   \
-    "                        options: 512, 1024, 2048, 4096\n"
-#else
-#define USAGE_MAX_FRAG_LEN ""
-#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-#define USAGE_TRUNC_HMAC \
-    "    trunc_hmac=%%d       default: library default\n"
-#else
-#define USAGE_TRUNC_HMAC ""
-#endif
-
-#if defined(MBEDTLS_SSL_ALPN)
-#define USAGE_ALPN \
-    "    alpn=%%s             default: \"\" (disabled)\n"   \
-    "                        example: spdy/1,http/1.1\n"
-#else
-#define USAGE_ALPN ""
-#endif /* MBEDTLS_SSL_ALPN */
-
-#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
-#define USAGE_COOKIES \
-    "    cookies=0/1/-1      default: 1 (enabled)\n"        \
-    "                        0: disabled, -1: library default (broken)\n"
-#else
-#define USAGE_COOKIES ""
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-#define USAGE_ANTI_REPLAY \
-    "    anti_replay=0/1     default: (library default: enabled)\n"
-#else
-#define USAGE_ANTI_REPLAY ""
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
-#define USAGE_BADMAC_LIMIT \
-    "    badmac_limit=%%d     default: (library default: disabled)\n"
-#else
-#define USAGE_BADMAC_LIMIT ""
-#endif
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-#define USAGE_DTLS \
-    "    dtls=%%d             default: 0 (TLS)\n"                           \
-    "    hs_timeout=%%d-%%d    default: (library default: 1000-60000)\n"    \
-    "                        range of DTLS handshake timeouts in millisecs\n" \
-    "    mtu=%%d              default: (library default: unlimited)\n"  \
-    "    dgram_packing=%%d    default: 1 (allowed)\n"                   \
-    "                        allow or forbid packing of multiple\n" \
-    "                        records within a single datgram.\n"
-#else
-#define USAGE_DTLS ""
-#endif
-
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-#define USAGE_EMS \
-    "    extended_ms=0/1     default: (library default: on)\n"
-#else
-#define USAGE_EMS ""
-#endif
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-#define USAGE_ETM \
-    "    etm=0/1             default: (library default: on)\n"
-#else
-#define USAGE_ETM ""
-#endif
-
-#define USAGE_REPRODUCIBLE \
-    "    reproducible=0/1     default: 0 (disabled)\n"
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-#define USAGE_RENEGO \
-    "    renegotiation=%%d    default: 0 (disabled)\n"      \
-    "    renegotiate=%%d      default: 0 (disabled)\n"      \
-    "    renego_delay=%%d     default: -2 (library default)\n" \
-    "    renego_period=%%d    default: (2^64 - 1 for TLS, 2^48 - 1 for DTLS)\n"
-#else
-#define USAGE_RENEGO ""
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-#define USAGE_ECJPAKE \
-    "    ecjpake_pw=%%s       default: none (disabled)\n"
-#else
-#define USAGE_ECJPAKE ""
-#endif
-
-#if defined(MBEDTLS_ECP_C)
-#define USAGE_CURVES \
-    "    curves=a,b,c,d      default: \"default\" (library default)\n"  \
-    "                        example: \"secp521r1,brainpoolP512r1\"\n"  \
-    "                        - use \"none\" for empty list\n"           \
-    "                        - see mbedtls_ecp_curve_list()\n"          \
-    "                          for acceptable curve names\n"
-#else
-#define USAGE_CURVES ""
-#endif
-
-#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
-#define USAGE_SERIALIZATION \
-    "    serialize=%%d        default: 0 (do not serialize/deserialize)\n"     \
-    "                        options: 1 (serialize)\n"                         \
-    "                                 2 (serialize with re-initialization)\n"  \
-    "    context_file=%%s     The file path to write a serialized connection\n"\
-    "                        in the form of base64 code (serialize option\n"   \
-    "                        must be set)\n"                                   \
-    "                         default: \"\" (do nothing)\n"                    \
-    "                         option: a file path\n"
-#else
-#define USAGE_SERIALIZATION ""
-#endif
-
-/* USAGE is arbitrarily split to stay under the portable string literal
- * length limit: 4095 bytes in C99. */
-#define USAGE1 \
-    "\n usage: ssl_server2 param=<>...\n"                   \
-    "\n acceptable parameters:\n"                           \
-    "    server_addr=%%s      default: (all interfaces)\n"  \
-    "    server_port=%%d      default: 4433\n"              \
-    "    debug_level=%%d      default: 0 (disabled)\n"      \
-    "    buffer_size=%%d      default: 200 \n" \
-    "                         (minimum: 1, max: 16385)\n" \
-    "    response_size=%%d    default: about 152 (basic response)\n" \
-    "                          (minimum: 0, max: 16384)\n" \
-    "                          increases buffer_size if bigger\n"\
-    "    nbio=%%d             default: 0 (blocking I/O)\n"  \
-    "                        options: 1 (non-blocking), 2 (added delays)\n" \
-    "    event=%%d            default: 0 (loop)\n"                            \
-    "                        options: 1 (level-triggered, implies nbio=1),\n" \
-    "    read_timeout=%%d     default: 0 ms (no timeout)\n"    \
-    "\n"                                                    \
-    USAGE_DTLS                                              \
-    USAGE_SRTP                                              \
-    USAGE_COOKIES                                           \
-    USAGE_ANTI_REPLAY                                       \
-    USAGE_BADMAC_LIMIT                                      \
-    "\n"
-#define USAGE2 \
-    "    auth_mode=%%s        default: (library default: none)\n"      \
-    "                        options: none, optional, required\n" \
-    "    cert_req_ca_list=%%d default: 1 (send ca list)\n"  \
-    "                        options: 1 (send ca list), 0 (don't send)\n" \
-    USAGE_IO                                                \
-    "\n"                                                    \
-    USAGE_PSK                                               \
-    USAGE_CA_CALLBACK                                       \
-    USAGE_ECJPAKE                                           \
-    "\n"
-#define USAGE3 \
-    "    allow_legacy=%%d     default: (library default: no)\n"      \
-    USAGE_RENEGO                                            \
-    "    exchanges=%%d        default: 1\n"                 \
-    "\n"                                                    \
-    USAGE_TICKETS                                           \
-    USAGE_EAP_TLS                                           \
-    USAGE_REPRODUCIBLE                                      \
-    USAGE_NSS_KEYLOG                                        \
-    USAGE_NSS_KEYLOG_FILE                                   \
-    USAGE_CACHE                                             \
-    USAGE_MAX_FRAG_LEN                                      \
-    USAGE_TRUNC_HMAC                                        \
-    USAGE_ALPN                                              \
-    USAGE_EMS                                               \
-    USAGE_ETM                                               \
-    USAGE_CURVES                                            \
-    "\n"
-#define USAGE4 \
-    USAGE_SSL_ASYNC                                         \
-    USAGE_SNI                                               \
-    "    arc4=%%d             default: (library default: 0)\n" \
-    "    allow_sha1=%%d       default: 0\n"                             \
-    "    min_version=%%s      default: (library default: tls1)\n"       \
-    "    max_version=%%s      default: (library default: tls1_2)\n"     \
-    "    force_version=%%s    default: \"\" (none)\n"       \
-    "                        options: ssl3, tls1, tls1_1, tls1_2, dtls1, dtls1_2\n" \
-    "\n"                                                                \
-    "    version_suites=a,b,c,d      per-version ciphersuites\n"        \
-    "                                in order from ssl3 to tls1_2\n"    \
-    "                                default: all enabled\n"            \
-    "    force_ciphersuite=<name>    default: all enabled\n"            \
-    "    query_config=<name>         return 0 if the specified\n"       \
-    "                                configuration macro is defined and 1\n"  \
-    "                                otherwise. The expansion of the macro\n" \
-    "                                is printed if it is defined\n"     \
-    USAGE_SERIALIZATION                                     \
-    " acceptable ciphersuite names:\n"
-
-#define ALPN_LIST_SIZE  10
-#define CURVE_LIST_SIZE 20
-
-#define PUT_UINT64_BE(out_be,in_le,i)                                   \
-{                                                                       \
-    (out_be)[(i) + 0] = (unsigned char)( ( (in_le) >> 56 ) & 0xFF );    \
-    (out_be)[(i) + 1] = (unsigned char)( ( (in_le) >> 48 ) & 0xFF );    \
-    (out_be)[(i) + 2] = (unsigned char)( ( (in_le) >> 40 ) & 0xFF );    \
-    (out_be)[(i) + 3] = (unsigned char)( ( (in_le) >> 32 ) & 0xFF );    \
-    (out_be)[(i) + 4] = (unsigned char)( ( (in_le) >> 24 ) & 0xFF );    \
-    (out_be)[(i) + 5] = (unsigned char)( ( (in_le) >> 16 ) & 0xFF );    \
-    (out_be)[(i) + 6] = (unsigned char)( ( (in_le) >> 8  ) & 0xFF );    \
-    (out_be)[(i) + 7] = (unsigned char)( ( (in_le) >> 0  ) & 0xFF );    \
-}
-
-
-/*
- * global options
- */
-struct options
-{
-    const char *server_addr;    /* address on which the ssl service runs    */
-    const char *server_port;    /* port on which the ssl service runs       */
-    int debug_level;            /* level of debugging                       */
-    int nbio;                   /* should I/O be blocking?                  */
-    int event;                  /* loop or event-driven IO? level or edge triggered? */
-    uint32_t read_timeout;      /* timeout on mbedtls_ssl_read() in milliseconds    */
-    int response_size;          /* pad response with header to requested size */
-    uint16_t buffer_size;       /* IO buffer size */
-    const char *ca_file;        /* the file with the CA certificate(s)      */
-    const char *ca_path;        /* the path with the CA certificate(s) reside */
-    const char *crt_file;       /* the file with the server certificate     */
-    const char *key_file;       /* the file with the server key             */
-    const char *key_pwd;        /* the password for the server key          */
-    const char *crt_file2;      /* the file with the 2nd server certificate */
-    const char *key_file2;      /* the file with the 2nd server key         */
-    const char *key_pwd2;       /* the password for the 2nd server key      */
-    const char *async_operations; /* supported SSL asynchronous operations  */
-    int async_private_delay1;   /* number of times f_async_resume needs to be called for key 1, or -1 for no async */
-    int async_private_delay2;   /* number of times f_async_resume needs to be called for key 2, or -1 for no async */
-    int async_private_error;    /* inject error in async private callback */
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    int psk_opaque;
-    int psk_list_opaque;
-#endif
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-    int ca_callback;            /* Use callback for trusted certificate list */
-#endif
-    const char *psk;            /* the pre-shared key                       */
-    const char *psk_identity;   /* the pre-shared key identity              */
-    char *psk_list;             /* list of PSK id/key pairs for callback    */
-    const char *ecjpake_pw;     /* the EC J-PAKE password                   */
-    int force_ciphersuite[2];   /* protocol/ciphersuite to use, or all      */
-    const char *version_suites; /* per-version ciphersuites                 */
-    int renegotiation;          /* enable / disable renegotiation           */
-    int allow_legacy;           /* allow legacy renegotiation               */
-    int renegotiate;            /* attempt renegotiation?                   */
-    int renego_delay;           /* delay before enforcing renegotiation     */
-    uint64_t renego_period;     /* period for automatic renegotiation       */
-    int exchanges;              /* number of data exchanges                 */
-    int min_version;            /* minimum protocol version accepted        */
-    int max_version;            /* maximum protocol version accepted        */
-    int arc4;                   /* flag for arc4 suites support             */
-    int allow_sha1;             /* flag for SHA-1 support                   */
-    int auth_mode;              /* verify mode for connection               */
-    int cert_req_ca_list;       /* should we send the CA list?              */
-    unsigned char mfl_code;     /* code for maximum fragment length         */
-    int trunc_hmac;             /* accept truncated hmac?                   */
-    int tickets;                /* enable / disable session tickets         */
-    int ticket_timeout;         /* session ticket lifetime                  */
-    int cache_max;              /* max number of session cache entries      */
-    int cache_timeout;          /* expiration delay of session cache entries */
-    char *sni;                  /* string describing sni information        */
-    const char *curves;         /* list of supported elliptic curves        */
-    const char *alpn_string;    /* ALPN supported protocols                 */
-    const char *dhm_file;       /* the file with the DH parameters          */
-    int extended_ms;            /* allow negotiation of extended MS?        */
-    int etm;                    /* allow negotiation of encrypt-then-MAC?   */
-    int transport;              /* TLS or DTLS?                             */
-    int cookies;                /* Use cookies for DTLS? -1 to break them   */
-    int anti_replay;            /* Use anti-replay for DTLS? -1 for default */
-    uint32_t hs_to_min;         /* Initial value of DTLS handshake timer    */
-    uint32_t hs_to_max;         /* Max value of DTLS handshake timer        */
-    int dtls_mtu;               /* UDP Maximum tranport unit for DTLS       */
-    int dgram_packing;          /* allow/forbid datagram packing            */
-    int badmac_limit;           /* Limit of records with bad MAC            */
-    int eap_tls;                /* derive EAP-TLS keying material?          */
-    int nss_keylog;             /* export NSS key log material              */
-    const char *nss_keylog_file; /* NSS key log file                        */
-    int cid_enabled;            /* whether to use the CID extension or not  */
-    int cid_enabled_renego;     /* whether to use the CID extension or not
-                                 * during renegotiation                     */
-    const char *cid_val;        /* the CID to use for incoming messages     */
-    int serialize;              /* serialize/deserialize connection         */
-    const char *context_file;   /* the file to write a serialized connection
-                                 * in the form of base64 code (serialize
-                                 * option must be set)                      */
-    const char *cid_val_renego; /* the CID to use for incoming messages
-                                 * after renegotiation                      */
-    int reproducible;           /* make communication reproducible          */
-    int query_config_mode;      /* whether to read config                   */
-    int use_srtp;               /* Support SRTP                             */
-    int force_srtp_profile;     /* SRTP protection profile to use or all    */
-    int support_mki;            /* The dtls mki mki support                 */
-} opt;
-
-int query_config( const char *config );
-
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-typedef struct eap_tls_keys
-{
-    unsigned char master_secret[48];
-    unsigned char randbytes[64];
-    mbedtls_tls_prf_types tls_prf_type;
-} eap_tls_keys;
-
-static int eap_tls_key_derivation ( void *p_expkey,
-                                    const unsigned char *ms,
-                                    const unsigned char *kb,
-                                    size_t maclen,
-                                    size_t keylen,
-                                    size_t ivlen,
-                                    const unsigned char client_random[32],
-                                    const unsigned char server_random[32],
-                                    mbedtls_tls_prf_types tls_prf_type )
-{
-    eap_tls_keys *keys = (eap_tls_keys *)p_expkey;
-
-    ( ( void ) kb );
-    memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
-    memcpy( keys->randbytes, client_random, 32 );
-    memcpy( keys->randbytes + 32, server_random, 32 );
-    keys->tls_prf_type = tls_prf_type;
-
-    if( opt.debug_level > 2 )
-    {
-        mbedtls_printf("exported maclen is %u\n", (unsigned)maclen);
-        mbedtls_printf("exported keylen is %u\n", (unsigned)keylen);
-        mbedtls_printf("exported ivlen is %u\n", (unsigned)ivlen);
-    }
-    return( 0 );
-}
-
-static int nss_keylog_export( void *p_expkey,
-                              const unsigned char *ms,
-                              const unsigned char *kb,
-                              size_t maclen,
-                              size_t keylen,
-                              size_t ivlen,
-                              const unsigned char client_random[32],
-                              const unsigned char server_random[32],
-                              mbedtls_tls_prf_types tls_prf_type )
-{
-    char nss_keylog_line[ 200 ];
-    size_t const client_random_len = 32;
-    size_t const master_secret_len = 48;
-    size_t len = 0;
-    size_t j;
-    int ret = 0;
-
-    ((void) p_expkey);
-    ((void) kb);
-    ((void) maclen);
-    ((void) keylen);
-    ((void) ivlen);
-    ((void) server_random);
-    ((void) tls_prf_type);
-
-    len += sprintf( nss_keylog_line + len,
-                    "%s", "CLIENT_RANDOM " );
-
-    for( j = 0; j < client_random_len; j++ )
-    {
-        len += sprintf( nss_keylog_line + len,
-                        "%02x", client_random[j] );
-    }
-
-    len += sprintf( nss_keylog_line + len, " " );
-
-    for( j = 0; j < master_secret_len; j++ )
-    {
-        len += sprintf( nss_keylog_line + len,
-                        "%02x", ms[j] );
-    }
-
-    len += sprintf( nss_keylog_line + len, "\n" );
-    nss_keylog_line[ len ] = '\0';
-
-    mbedtls_printf( "\n" );
-    mbedtls_printf( "---------------- NSS KEYLOG -----------------\n" );
-    mbedtls_printf( "%s", nss_keylog_line );
-    mbedtls_printf( "---------------------------------------------\n" );
-
-    if( opt.nss_keylog_file != NULL )
-    {
-        FILE *f;
-
-        if( ( f = fopen( opt.nss_keylog_file, "a" ) ) == NULL )
-        {
-            ret = -1;
-            goto exit;
-        }
-
-        if( fwrite( nss_keylog_line, 1, len, f ) != len )
-        {
-            ret = -1;
-            fclose( f );
-            goto exit;
-        }
-
-        fclose( f );
-    }
-
-exit:
-    mbedtls_platform_zeroize( nss_keylog_line,
-                              sizeof( nss_keylog_line ) );
-    return( ret );
-}
-
-#if defined( MBEDTLS_SSL_DTLS_SRTP )
-/* Supported SRTP mode needs a maximum of :
- * - 16 bytes for key (AES-128)
- * - 14 bytes SALT
- * One for sender, one for receiver context
- */
-#define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH    60
-typedef struct dtls_srtp_keys
-{
-    unsigned char master_secret[48];
-    unsigned char randbytes[64];
-    mbedtls_tls_prf_types tls_prf_type;
-} dtls_srtp_keys;
-
-static int dtls_srtp_key_derivation( void *p_expkey,
-                                     const unsigned char *ms,
-                                     const unsigned char *kb,
-                                     size_t maclen,
-                                     size_t keylen,
-                                     size_t ivlen,
-                                     const unsigned char client_random[32],
-                                     const unsigned char server_random[32],
-                                     mbedtls_tls_prf_types tls_prf_type )
-{
-    dtls_srtp_keys *keys = (dtls_srtp_keys *)p_expkey;
-
-    ( ( void ) kb );
-    memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
-    memcpy( keys->randbytes, client_random, 32 );
-    memcpy( keys->randbytes + 32, server_random, 32 );
-    keys->tls_prf_type = tls_prf_type;
-
-    if( opt.debug_level > 2 )
-    {
-        mbedtls_printf( "exported maclen is %u\n", (unsigned) maclen );
-        mbedtls_printf( "exported keylen is %u\n", (unsigned) keylen );
-        mbedtls_printf( "exported ivlen is %u\n", (unsigned) ivlen );
-    }
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */
-
-static void my_debug( void *ctx, int level,
-                      const char *file, int line,
-                      const char *str )
-{
-    const char *p, *basename;
-
-    /* Extract basename from file */
-    for( p = basename = file; *p != '\0'; p++ )
-        if( *p == '/' || *p == '\\' )
-            basename = p + 1;
-
-    mbedtls_fprintf( (FILE *) ctx, "%s:%04d: |%d| %s", basename, line, level, str );
-    fflush(  (FILE *) ctx  );
-}
-
-mbedtls_time_t dummy_constant_time( mbedtls_time_t* time )
-{
-    (void) time;
-    return 0x5af2a056;
-}
-
-int dummy_entropy( void *data, unsigned char *output, size_t len )
-{
-    size_t i;
-    int ret;
-    (void) data;
-
-    ret = mbedtls_entropy_func( data, output, len );
-    for (i = 0; i < len; i++ ) {
-        //replace result with pseudo random
-        output[i] = (unsigned char) rand();
-    }
-    return( ret );
-}
-
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-int ca_callback( void *data, mbedtls_x509_crt const *child,
-                 mbedtls_x509_crt **candidates)
-{
-    int ret = 0;
-    mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data;
-    mbedtls_x509_crt *first;
-
-    /* This is a test-only implementation of the CA callback
-     * which always returns the entire list of trusted certificates.
-     * Production implementations managing a large number of CAs
-     * should use an efficient presentation and lookup for the
-     * set of trusted certificates (such as a hashtable) and only
-     * return those trusted certificates which satisfy basic
-     * parental checks, such as the matching of child `Issuer`
-     * and parent `Subject` field. */
-    ((void) child);
-
-    first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
-    if( first == NULL )
-    {
-        ret = -1;
-        goto exit;
-    }
-    mbedtls_x509_crt_init( first );
-
-    if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
-    {
-        ret = -1;
-        goto exit;
-    }
-
-    while( ca->next != NULL )
-    {
-        ca = ca->next;
-        if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
-        {
-            ret = -1;
-            goto exit;
-        }
-    }
-
-exit:
-
-    if( ret != 0 )
-    {
-        mbedtls_x509_crt_free( first );
-        mbedtls_free( first );
-        first = NULL;
-    }
-
-    *candidates = first;
-    return( ret );
-}
-#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
-
-/*
- * Test recv/send functions that make sure each try returns
- * WANT_READ/WANT_WRITE at least once before sucesseding
- */
-static int delayed_recv( void *ctx, unsigned char *buf, size_t len )
-{
-    static int first_try = 1;
-    int ret;
-
-    if( first_try )
-    {
-        first_try = 0;
-        return( MBEDTLS_ERR_SSL_WANT_READ );
-    }
-
-    ret = mbedtls_net_recv( ctx, buf, len );
-    if( ret != MBEDTLS_ERR_SSL_WANT_READ )
-        first_try = 1; /* Next call will be a new operation */
-    return( ret );
-}
-
-static int delayed_send( void *ctx, const unsigned char *buf, size_t len )
-{
-    static int first_try = 1;
-    int ret;
-
-    if( first_try )
-    {
-        first_try = 0;
-        return( MBEDTLS_ERR_SSL_WANT_WRITE );
-    }
-
-    ret = mbedtls_net_send( ctx, buf, len );
-    if( ret != MBEDTLS_ERR_SSL_WANT_WRITE )
-        first_try = 1; /* Next call will be a new operation */
-    return( ret );
-}
-
-typedef struct
-{
-    mbedtls_ssl_context *ssl;
-    mbedtls_net_context *net;
-} io_ctx_t;
-
-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
-static int ssl_check_record( mbedtls_ssl_context const *ssl,
-                             unsigned char const *buf, size_t len )
-{
-    int ret;
-    unsigned char *tmp_buf;
-
-    /* Record checking may modify the input buffer,
-     * so make a copy. */
-    tmp_buf = mbedtls_calloc( 1, len );
-    if( tmp_buf == NULL )
-        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-    memcpy( tmp_buf, buf, len );
-
-    ret = mbedtls_ssl_check_record( ssl, tmp_buf, len );
-    if( ret != MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE )
-    {
-        int ret_repeated;
-
-        /* Test-only: Make sure that mbedtls_ssl_check_record()
-         *            doesn't alter state. */
-        memcpy( tmp_buf, buf, len ); /* Restore buffer */
-        ret_repeated = mbedtls_ssl_check_record( ssl, tmp_buf, len );
-        if( ret != ret_repeated )
-        {
-            mbedtls_printf( "mbedtls_ssl_check_record() returned inconsistent results.\n" );
-            return( -1 );
-        }
-
-        switch( ret )
-        {
-            case 0:
-                break;
-
-            case MBEDTLS_ERR_SSL_INVALID_RECORD:
-                if( opt.debug_level > 1 )
-                    mbedtls_printf( "mbedtls_ssl_check_record() detected invalid record.\n" );
-                break;
-
-            case MBEDTLS_ERR_SSL_INVALID_MAC:
-                if( opt.debug_level > 1 )
-                    mbedtls_printf( "mbedtls_ssl_check_record() detected unauthentic record.\n" );
-                break;
-
-            case MBEDTLS_ERR_SSL_UNEXPECTED_RECORD:
-                if( opt.debug_level > 1 )
-                    mbedtls_printf( "mbedtls_ssl_check_record() detected unexpected record.\n" );
-                break;
-
-            default:
-                mbedtls_printf( "mbedtls_ssl_check_record() failed fatally with -%#04x.\n", (unsigned int) -ret );
-                return( -1 );
-        }
-
-        /* Regardless of the outcome, forward the record to the stack. */
-    }
-
-    mbedtls_free( tmp_buf );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */
-
-static int recv_cb( void *ctx, unsigned char *buf, size_t len )
-{
-    io_ctx_t *io_ctx = (io_ctx_t*) ctx;
-    size_t recv_len;
-    int ret;
-
-    if( opt.nbio == 2 )
-        ret = delayed_recv( io_ctx->net, buf, len );
-    else
-        ret = mbedtls_net_recv( io_ctx->net, buf, len );
-    if( ret < 0 )
-        return( ret );
-    recv_len = (size_t) ret;
-
-    if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        /* Here's the place to do any datagram/record checking
-         * in between receiving the packet from the underlying
-         * transport and passing it on to the TLS stack. */
-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
-        if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
-            return( -1 );
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */
-    }
-
-    return( (int) recv_len );
-}
-
-static int recv_timeout_cb( void *ctx, unsigned char *buf, size_t len,
-                            uint32_t timeout )
-{
-    io_ctx_t *io_ctx = (io_ctx_t*) ctx;
-    int ret;
-    size_t recv_len;
-
-    ret = mbedtls_net_recv_timeout( io_ctx->net, buf, len, timeout );
-    if( ret < 0 )
-        return( ret );
-    recv_len = (size_t) ret;
-
-    if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        /* Here's the place to do any datagram/record checking
-         * in between receiving the packet from the underlying
-         * transport and passing it on to the TLS stack. */
-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
-        if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
-            return( -1 );
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */
-    }
-
-    return( (int) recv_len );
-}
-
-static int send_cb( void *ctx, unsigned char const *buf, size_t len )
-{
-    io_ctx_t *io_ctx = (io_ctx_t*) ctx;
-
-    if( opt.nbio == 2 )
-        return( delayed_send( io_ctx->net, buf, len ) );
-
-    return( mbedtls_net_send( io_ctx->net, buf, len ) );
-}
-
-/*
- * Return authmode from string, or -1 on error
- */
-static int get_auth_mode( const char *s )
-{
-    if( strcmp( s, "none" ) == 0 )
-        return( MBEDTLS_SSL_VERIFY_NONE );
-    if( strcmp( s, "optional" ) == 0 )
-        return( MBEDTLS_SSL_VERIFY_OPTIONAL );
-    if( strcmp( s, "required" ) == 0 )
-        return( MBEDTLS_SSL_VERIFY_REQUIRED );
-
-    return( -1 );
-}
-
-/*
- * Used by sni_parse and psk_parse to handle coma-separated lists
- */
-#define GET_ITEM( dst )         \
-    do                          \
-    {                           \
-        (dst) = p;              \
-        while( *p != ',' )      \
-            if( ++p > end )     \
-                goto error;     \
-        *p++ = '\0';            \
-    } while( 0 )
-
-#if defined(SNI_OPTION)
-typedef struct _sni_entry sni_entry;
-
-struct _sni_entry {
-    const char *name;
-    mbedtls_x509_crt *cert;
-    mbedtls_pk_context *key;
-    mbedtls_x509_crt* ca;
-    mbedtls_x509_crl* crl;
-    int authmode;
-    sni_entry *next;
-};
-
-void sni_free( sni_entry *head )
-{
-    sni_entry *cur = head, *next;
-
-    while( cur != NULL )
-    {
-        mbedtls_x509_crt_free( cur->cert );
-        mbedtls_free( cur->cert );
-
-        mbedtls_pk_free( cur->key );
-        mbedtls_free( cur->key );
-
-        mbedtls_x509_crt_free( cur->ca );
-        mbedtls_free( cur->ca );
-#if defined(MBEDTLS_X509_CRL_PARSE_C)
-        mbedtls_x509_crl_free( cur->crl );
-        mbedtls_free( cur->crl );
-#endif
-        next = cur->next;
-        mbedtls_free( cur );
-        cur = next;
-    }
-}
-
-/*
- * Parse a string of sextuples name1,crt1,key1,ca1,crl1,auth1[,...]
- * into a usable sni_entry list. For ca1, crl1, auth1, the special value
- * '-' means unset. If ca1 is unset, then crl1 is ignored too.
- *
- * Modifies the input string! This is not production quality!
- */
-sni_entry *sni_parse( char *sni_string )
-{
-    sni_entry *cur = NULL, *new = NULL;
-    char *p = sni_string;
-    char *end = p;
-    char *crt_file, *key_file, *ca_file, *auth_str;
-#if defined(MBEDTLS_X509_CRL_PARSE_C)
-    char *crl_file;
-#endif
-
-    while( *end != '\0' )
-        ++end;
-    *end = ',';
-
-    while( p <= end )
-    {
-        if( ( new = mbedtls_calloc( 1, sizeof( sni_entry ) ) ) == NULL )
-        {
-            sni_free( cur );
-            return( NULL );
-        }
-
-        GET_ITEM( new->name );
-        GET_ITEM( crt_file );
-        GET_ITEM( key_file );
-        GET_ITEM( ca_file );
-#if defined(MBEDTLS_X509_CRL_PARSE_C)
-        GET_ITEM( crl_file );
-#endif
-        GET_ITEM( auth_str );
-
-        if( ( new->cert = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ) ) == NULL ||
-            ( new->key = mbedtls_calloc( 1, sizeof( mbedtls_pk_context ) ) ) == NULL )
-            goto error;
-
-        mbedtls_x509_crt_init( new->cert );
-        mbedtls_pk_init( new->key );
-
-        if( mbedtls_x509_crt_parse_file( new->cert, crt_file ) != 0 ||
-            mbedtls_pk_parse_keyfile( new->key, key_file, "" ) != 0 )
-            goto error;
-
-        if( strcmp( ca_file, "-" ) != 0 )
-        {
-            if( ( new->ca = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ) ) == NULL )
-                goto error;
-
-            mbedtls_x509_crt_init( new->ca );
-
-            if( mbedtls_x509_crt_parse_file( new->ca, ca_file ) != 0 )
-                goto error;
-        }
-
-#if defined(MBEDTLS_X509_CRL_PARSE_C)
-        if( strcmp( crl_file, "-" ) != 0 )
-        {
-            if( ( new->crl = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl ) ) ) == NULL )
-                goto error;
-
-            mbedtls_x509_crl_init( new->crl );
-
-            if( mbedtls_x509_crl_parse_file( new->crl, crl_file ) != 0 )
-                goto error;
-        }
-#endif
-
-        if( strcmp( auth_str, "-" ) != 0 )
-        {
-            if( ( new->authmode = get_auth_mode( auth_str ) ) < 0 )
-                goto error;
-        }
-        else
-            new->authmode = DFL_AUTH_MODE;
-
-        new->next = cur;
-        cur = new;
-    }
-
-    return( cur );
-
-error:
-    sni_free( new );
-    sni_free( cur );
-    return( NULL );
-}
-
-/*
- * SNI callback.
- */
-int sni_callback( void *p_info, mbedtls_ssl_context *ssl,
-                  const unsigned char *name, size_t name_len )
-{
-    const sni_entry *cur = (const sni_entry *) p_info;
-
-    while( cur != NULL )
-    {
-        if( name_len == strlen( cur->name ) &&
-            memcmp( name, cur->name, name_len ) == 0 )
-        {
-            if( cur->ca != NULL )
-                mbedtls_ssl_set_hs_ca_chain( ssl, cur->ca, cur->crl );
-
-            if( cur->authmode != DFL_AUTH_MODE )
-                mbedtls_ssl_set_hs_authmode( ssl, cur->authmode );
-
-            return( mbedtls_ssl_set_hs_own_cert( ssl, cur->cert, cur->key ) );
-        }
-
-        cur = cur->next;
-    }
-
-    return( -1 );
-}
-
-#endif /* SNI_OPTION */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-
-typedef struct _psk_entry psk_entry;
-
-struct _psk_entry
-{
-    const char *name;
-    size_t key_len;
-    unsigned char key[MBEDTLS_PSK_MAX_LEN];
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_key_id_t slot;
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-    psk_entry *next;
-};
-
-/*
- * Free a list of psk_entry's
- */
-int psk_free( psk_entry *head )
-{
-    psk_entry *next;
-
-    while( head != NULL )
-    {
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-        psa_status_t status;
-        psa_key_id_t const slot = head->slot;
-
-        if( slot != 0 )
-        {
-            status = psa_destroy_key( slot );
-            if( status != PSA_SUCCESS )
-                return( status );
-        }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-        next = head->next;
-        mbedtls_free( head );
-        head = next;
-    }
-
-    return( 0 );
-}
-
-/*
- * Parse a string of pairs name1,key1[,name2,key2[,...]]
- * into a usable psk_entry list.
- *
- * Modifies the input string! This is not production quality!
- */
-psk_entry *psk_parse( char *psk_string )
-{
-    psk_entry *cur = NULL, *new = NULL;
-    char *p = psk_string;
-    char *end = p;
-    char *key_hex;
-
-    while( *end != '\0' )
-        ++end;
-    *end = ',';
-
-    while( p <= end )
-    {
-        if( ( new = mbedtls_calloc( 1, sizeof( psk_entry ) ) ) == NULL )
-            goto error;
-
-        memset( new, 0, sizeof( psk_entry ) );
-
-        GET_ITEM( new->name );
-        GET_ITEM( key_hex );
-
-        if( mbedtls_test_unhexify( new->key, MBEDTLS_PSK_MAX_LEN,
-                                   key_hex, &new->key_len ) != 0 )
-            goto error;
-
-        new->next = cur;
-        cur = new;
-    }
-
-    return( cur );
-
-error:
-    psk_free( new );
-    psk_free( cur );
-    return( 0 );
-}
-
-/*
- * PSK callback
- */
-int psk_callback( void *p_info, mbedtls_ssl_context *ssl,
-                  const unsigned char *name, size_t name_len )
-{
-    psk_entry *cur = (psk_entry *) p_info;
-
-    while( cur != NULL )
-    {
-        if( name_len == strlen( cur->name ) &&
-            memcmp( name, cur->name, name_len ) == 0 )
-        {
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-            if( cur->slot != 0 )
-                return( mbedtls_ssl_set_hs_psk_opaque( ssl, cur->slot ) );
-            else
-#endif
-            return( mbedtls_ssl_set_hs_psk( ssl, cur->key, cur->key_len ) );
-        }
-
-        cur = cur->next;
-    }
-
-    return( -1 );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-
-static mbedtls_net_context listen_fd, client_fd;
-
-/* Interruption handler to ensure clean exit (for valgrind testing) */
-#if !defined(_WIN32)
-static int received_sigterm = 0;
-void term_handler( int sig )
-{
-    ((void) sig);
-    received_sigterm = 1;
-    mbedtls_net_free( &listen_fd ); /* causes mbedtls_net_accept() to abort */
-    mbedtls_net_free( &client_fd ); /* causes net_read() to abort */
-}
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-static int ssl_sig_hashes_for_test[] = {
-#if defined(MBEDTLS_SHA512_C)
-    MBEDTLS_MD_SHA512,
-    MBEDTLS_MD_SHA384,
-#endif
-#if defined(MBEDTLS_SHA256_C)
-    MBEDTLS_MD_SHA256,
-    MBEDTLS_MD_SHA224,
-#endif
-#if defined(MBEDTLS_SHA1_C)
-    /* Allow SHA-1 as we use it extensively in tests. */
-    MBEDTLS_MD_SHA1,
-#endif
-    MBEDTLS_MD_NONE
-};
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-/** Return true if \p ret is a status code indicating that there is an
- * operation in progress on an SSL connection, and false if it indicates
- * success or a fatal error.
- *
- * The possible operations in progress are:
- *
- * - A read, when the SSL input buffer does not contain a full message.
- * - A write, when the SSL output buffer contains some data that has not
- *   been sent over the network yet.
- * - An asynchronous callback that has not completed yet. */
-static int mbedtls_status_is_ssl_in_progress( int ret )
-{
-    return( ret == MBEDTLS_ERR_SSL_WANT_READ ||
-            ret == MBEDTLS_ERR_SSL_WANT_WRITE ||
-            ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS );
-}
-
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-typedef struct
-{
-    mbedtls_x509_crt *cert; /*!< Certificate corresponding to the key */
-    mbedtls_pk_context *pk; /*!< Private key */
-    unsigned delay; /*!< Number of resume steps to go through */
-    unsigned pk_owned : 1; /*!< Whether to free the pk object on exit */
-} ssl_async_key_slot_t;
-
-typedef enum {
-    SSL_ASYNC_INJECT_ERROR_NONE = 0, /*!< Let the callbacks succeed */
-    SSL_ASYNC_INJECT_ERROR_START, /*!< Inject error during start */
-    SSL_ASYNC_INJECT_ERROR_CANCEL, /*!< Close the connection after async start */
-    SSL_ASYNC_INJECT_ERROR_RESUME, /*!< Inject error during resume */
-#define SSL_ASYNC_INJECT_ERROR_MAX SSL_ASYNC_INJECT_ERROR_RESUME
-} ssl_async_inject_error_t;
-
-typedef struct
-{
-    ssl_async_key_slot_t slots[4]; /* key, key2, sni1, sni2 */
-    size_t slots_used;
-    ssl_async_inject_error_t inject_error;
-    int (*f_rng)(void *, unsigned char *, size_t);
-    void *p_rng;
-} ssl_async_key_context_t;
-
-int ssl_async_set_key( ssl_async_key_context_t *ctx,
-                       mbedtls_x509_crt *cert,
-                       mbedtls_pk_context *pk,
-                       int pk_take_ownership,
-                       unsigned delay )
-{
-    if( ctx->slots_used >= sizeof( ctx->slots ) / sizeof( *ctx->slots ) )
-        return( -1 );
-    ctx->slots[ctx->slots_used].cert = cert;
-    ctx->slots[ctx->slots_used].pk = pk;
-    ctx->slots[ctx->slots_used].delay = delay;
-    ctx->slots[ctx->slots_used].pk_owned = pk_take_ownership;
-    ++ctx->slots_used;
-    return( 0 );
-}
-
-#define SSL_ASYNC_INPUT_MAX_SIZE 512
-
-typedef enum
-{
-    ASYNC_OP_SIGN,
-    ASYNC_OP_DECRYPT,
-} ssl_async_operation_type_t;
-/* Note that the enum above and the array below need to be kept in sync!
- * `ssl_async_operation_names[op]` is the name of op for each value `op`
- * of type `ssl_async_operation_type_t`. */
-static const char *const ssl_async_operation_names[] =
-{
-    "sign",
-    "decrypt",
-};
-
-typedef struct
-{
-    unsigned slot;
-    ssl_async_operation_type_t operation_type;
-    mbedtls_md_type_t md_alg;
-    unsigned char input[SSL_ASYNC_INPUT_MAX_SIZE];
-    size_t input_len;
-    unsigned remaining_delay;
-} ssl_async_operation_context_t;
-
-static int ssl_async_start( mbedtls_ssl_context *ssl,
-                            mbedtls_x509_crt *cert,
-                            ssl_async_operation_type_t op_type,
-                            mbedtls_md_type_t md_alg,
-                            const unsigned char *input,
-                            size_t input_len )
-{
-    ssl_async_key_context_t *config_data =
-        mbedtls_ssl_conf_get_async_config_data( ssl->conf );
-    unsigned slot;
-    ssl_async_operation_context_t *ctx = NULL;
-    const char *op_name = ssl_async_operation_names[op_type];
-
-    {
-        char dn[100];
-        if( mbedtls_x509_dn_gets( dn, sizeof( dn ), &cert->subject ) > 0 )
-            mbedtls_printf( "Async %s callback: looking for DN=%s\n",
-                            op_name, dn );
-    }
-
-    /* Look for a private key that matches the public key in cert.
-     * Since this test code has the private key inside Mbed TLS,
-     * we call mbedtls_pk_check_pair to match a private key with the
-     * public key. */
-    for( slot = 0; slot < config_data->slots_used; slot++ )
-    {
-        if( mbedtls_pk_check_pair( &cert->pk,
-                                   config_data->slots[slot].pk ) == 0 )
-            break;
-    }
-    if( slot == config_data->slots_used )
-    {
-        mbedtls_printf( "Async %s callback: no key matches this certificate.\n",
-                        op_name );
-        return( MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH );
-    }
-    mbedtls_printf( "Async %s callback: using key slot %u, delay=%u.\n",
-                    op_name, slot, config_data->slots[slot].delay );
-
-    if( config_data->inject_error == SSL_ASYNC_INJECT_ERROR_START )
-    {
-        mbedtls_printf( "Async %s callback: injected error\n", op_name );
-        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
-    }
-
-    if( input_len > SSL_ASYNC_INPUT_MAX_SIZE )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    ctx = mbedtls_calloc( 1, sizeof( *ctx ) );
-    if( ctx == NULL )
-        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-    ctx->slot = slot;
-    ctx->operation_type = op_type;
-    ctx->md_alg = md_alg;
-    memcpy( ctx->input, input, input_len );
-    ctx->input_len = input_len;
-    ctx->remaining_delay = config_data->slots[slot].delay;
-    mbedtls_ssl_set_async_operation_data( ssl, ctx );
-
-    if( ctx->remaining_delay == 0 )
-        return( 0 );
-    else
-        return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS );
-}
-
-static int ssl_async_sign( mbedtls_ssl_context *ssl,
-                           mbedtls_x509_crt *cert,
-                           mbedtls_md_type_t md_alg,
-                           const unsigned char *hash,
-                           size_t hash_len )
-{
-    return( ssl_async_start( ssl, cert,
-                             ASYNC_OP_SIGN, md_alg,
-                             hash, hash_len ) );
-}
-
-static int ssl_async_decrypt( mbedtls_ssl_context *ssl,
-                              mbedtls_x509_crt *cert,
-                              const unsigned char *input,
-                              size_t input_len )
-{
-    return( ssl_async_start( ssl, cert,
-                             ASYNC_OP_DECRYPT, MBEDTLS_MD_NONE,
-                             input, input_len ) );
-}
-
-static int ssl_async_resume( mbedtls_ssl_context *ssl,
-                             unsigned char *output,
-                             size_t *output_len,
-                             size_t output_size )
-{
-    ssl_async_operation_context_t *ctx = mbedtls_ssl_get_async_operation_data( ssl );
-    ssl_async_key_context_t *config_data =
-        mbedtls_ssl_conf_get_async_config_data( ssl->conf );
-    ssl_async_key_slot_t *key_slot = &config_data->slots[ctx->slot];
-    int ret;
-    const char *op_name;
-
-    if( ctx->remaining_delay > 0 )
-    {
-        --ctx->remaining_delay;
-        mbedtls_printf( "Async resume (slot %u): call %u more times.\n",
-                        ctx->slot, ctx->remaining_delay );
-        return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS );
-    }
-
-    switch( ctx->operation_type )
-    {
-        case ASYNC_OP_DECRYPT:
-            ret = mbedtls_pk_decrypt( key_slot->pk,
-                                      ctx->input, ctx->input_len,
-                                      output, output_len, output_size,
-                                      config_data->f_rng, config_data->p_rng );
-            break;
-        case ASYNC_OP_SIGN:
-            ret = mbedtls_pk_sign( key_slot->pk,
-                                   ctx->md_alg,
-                                   ctx->input, ctx->input_len,
-                                   output, output_len,
-                                   config_data->f_rng, config_data->p_rng );
-            break;
-        default:
-            mbedtls_printf( "Async resume (slot %u): unknown operation type %ld. This shouldn't happen.\n",
-                            ctx->slot, (long) ctx->operation_type );
-            mbedtls_free( ctx );
-            return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
-            break;
-    }
-
-    op_name = ssl_async_operation_names[ctx->operation_type];
-
-    if( config_data->inject_error == SSL_ASYNC_INJECT_ERROR_RESUME )
-    {
-        mbedtls_printf( "Async resume callback: %s done but injected error\n",
-                        op_name );
-        mbedtls_free( ctx );
-        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
-    }
-
-    mbedtls_printf( "Async resume (slot %u): %s done, status=%d.\n",
-                    ctx->slot, op_name, ret );
-    mbedtls_free( ctx );
-    return( ret );
-}
-
-static void ssl_async_cancel( mbedtls_ssl_context *ssl )
-{
-    ssl_async_operation_context_t *ctx = mbedtls_ssl_get_async_operation_data( ssl );
-    mbedtls_printf( "Async cancel callback.\n" );
-    mbedtls_free( ctx );
-}
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-
-/*
- * Wait for an event from the underlying transport or the timer
- * (Used in event-driven IO mode).
- */
-#if !defined(MBEDTLS_TIMING_C)
-int idle( mbedtls_net_context *fd,
-          int idle_reason )
-#else
-int idle( mbedtls_net_context *fd,
-          mbedtls_timing_delay_context *timer,
-          int idle_reason )
-#endif
-{
-    int ret;
-    int poll_type = 0;
-
-    if( idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE )
-        poll_type = MBEDTLS_NET_POLL_WRITE;
-    else if( idle_reason == MBEDTLS_ERR_SSL_WANT_READ )
-        poll_type = MBEDTLS_NET_POLL_READ;
-#if !defined(MBEDTLS_TIMING_C)
-    else
-        return( 0 );
-#endif
-
-    while( 1 )
-    {
-        /* Check if timer has expired */
-#if defined(MBEDTLS_TIMING_C)
-        if( timer != NULL &&
-            mbedtls_timing_get_delay( timer ) == 2 )
-        {
-            break;
-        }
-#endif /* MBEDTLS_TIMING_C */
-
-        /* Check if underlying transport became available */
-        if( poll_type != 0 )
-        {
-            ret = mbedtls_net_poll( fd, poll_type, 0 );
-            if( ret < 0 )
-                return( ret );
-            if( ret == poll_type )
-                break;
-        }
-    }
-
-    return( 0 );
-}
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-static psa_status_t psa_setup_psk_key_slot( psa_key_id_t *slot,
-                                            psa_algorithm_t alg,
-                                            unsigned char *psk,
-                                            size_t psk_len )
-{
-    psa_status_t status;
-    psa_key_attributes_t key_attributes;
-
-    key_attributes = psa_key_attributes_init();
-    psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE );
-    psa_set_key_algorithm( &key_attributes, alg );
-    psa_set_key_type( &key_attributes, PSA_KEY_TYPE_DERIVE );
-
-    status = psa_import_key( &key_attributes, psk, psk_len, slot );
-    if( status != PSA_SUCCESS )
-    {
-        fprintf( stderr, "IMPORT\n" );
-        return( status );
-    }
-
-    return( PSA_SUCCESS );
-}
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-int report_cid_usage( mbedtls_ssl_context *ssl,
-                      const char *additional_description )
-{
-    int ret;
-    unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ];
-    size_t peer_cid_len;
-    int cid_negotiated;
-
-    if( opt.transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        return( 0 );
-
-    /* Check if the use of a CID has been negotiated */
-    ret = mbedtls_ssl_get_peer_cid( ssl, &cid_negotiated,
-                                    peer_cid, &peer_cid_len );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n",
-                        (unsigned int) -ret );
-        return( ret );
-    }
-
-    if( cid_negotiated == MBEDTLS_SSL_CID_DISABLED )
-    {
-        if( opt.cid_enabled == MBEDTLS_SSL_CID_ENABLED )
-        {
-            mbedtls_printf( "(%s) Use of Connection ID was not offered by client.\n",
-                            additional_description );
-        }
-    }
-    else
-    {
-        size_t idx=0;
-        mbedtls_printf( "(%s) Use of Connection ID has been negotiated.\n",
-                        additional_description );
-        mbedtls_printf( "(%s) Peer CID (length %u Bytes): ",
-                        additional_description,
-                        (unsigned) peer_cid_len );
-        while( idx < peer_cid_len )
-        {
-            mbedtls_printf( "%02x ", peer_cid[ idx ] );
-            idx++;
-        }
-        mbedtls_printf( "\n" );
-    }
-
-    return( 0 );
-}
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-int main( int argc, char *argv[] )
-{
-    int ret = 0, len, written, frags, exchanges_left;
-    int query_config_ret = 0;
-    int version_suites[4][2];
-    io_ctx_t io_ctx;
-    unsigned char* buf = 0;
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_algorithm_t alg = 0;
-    psa_key_id_t psk_slot = 0;
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-    unsigned char psk[MBEDTLS_PSK_MAX_LEN];
-    size_t psk_len = 0;
-    psk_entry *psk_info = NULL;
-#endif
-    const char *pers = "ssl_server2";
-    unsigned char client_ip[16] = { 0 };
-    size_t cliip_len;
-#if defined(MBEDTLS_SSL_COOKIE_C)
-    mbedtls_ssl_cookie_ctx cookie_ctx;
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
-#endif
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-#if defined(MBEDTLS_TIMING_C)
-    mbedtls_timing_delay_context timer;
-#endif
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    unsigned char renego_period[8] = { 0 };
-#endif
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    uint32_t flags;
-    mbedtls_x509_crt cacert;
-    mbedtls_x509_crt srvcert;
-    mbedtls_pk_context pkey;
-    mbedtls_x509_crt srvcert2;
-    mbedtls_pk_context pkey2;
-    int key_cert_init = 0, key_cert_init2 = 0;
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-    ssl_async_key_context_t ssl_async_keys;
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
-    mbedtls_dhm_context dhm;
-#endif
-#if defined(MBEDTLS_SSL_CACHE_C)
-    mbedtls_ssl_cache_context cache;
-#endif
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    mbedtls_ssl_ticket_context ticket_ctx;
-#endif
-#if defined(SNI_OPTION)
-    sni_entry *sni_info = NULL;
-#endif
-#if defined(MBEDTLS_ECP_C)
-    mbedtls_ecp_group_id curve_list[CURVE_LIST_SIZE];
-    const mbedtls_ecp_curve_info * curve_cur;
-#endif
-#if defined(MBEDTLS_SSL_ALPN)
-    const char *alpn_list[ALPN_LIST_SIZE];
-#endif
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-    unsigned char alloc_buf[MEMORY_HEAP_SIZE];
-#endif
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    unsigned char cid[MBEDTLS_SSL_CID_IN_LEN_MAX];
-    unsigned char cid_renego[MBEDTLS_SSL_CID_IN_LEN_MAX];
-    size_t cid_len = 0;
-    size_t cid_renego_len = 0;
-#endif
-#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
-    unsigned char *context_buf = NULL;
-    size_t context_buf_len = 0;
-#endif
-
-    int i;
-    char *p, *q;
-    const int *list;
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_status_t status;
-#endif
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-    unsigned char eap_tls_keymaterial[16];
-    unsigned char eap_tls_iv[8];
-    const char* eap_tls_label = "client EAP encryption";
-    eap_tls_keys eap_tls_keying;
-#if defined( MBEDTLS_SSL_DTLS_SRTP )
-    /*! master keys and master salt for SRTP generated during handshake */
-     unsigned char dtls_srtp_key_material[MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH];
-     const char* dtls_srtp_label = "EXTRACTOR-dtls_srtp";
-     dtls_srtp_keys dtls_srtp_keying;
-     const mbedtls_ssl_srtp_profile default_profiles[] = {
-         MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80,
-         MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32,
-         MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80,
-         MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32,
-         MBEDTLS_TLS_SRTP_UNSET
-     };
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-    mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
-#if defined(MBEDTLS_MEMORY_DEBUG)
-    size_t current_heap_memory, peak_heap_memory, heap_blocks;
-#endif  /* MBEDTLS_MEMORY_DEBUG */
-#endif  /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */
-
-    /*
-     * Make sure memory references are valid in case we exit early.
-     */
-    mbedtls_net_init( &client_fd );
-    mbedtls_net_init( &listen_fd );
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_config_init( &conf );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    mbedtls_x509_crt_init( &cacert );
-    mbedtls_x509_crt_init( &srvcert );
-    mbedtls_pk_init( &pkey );
-    mbedtls_x509_crt_init( &srvcert2 );
-    mbedtls_pk_init( &pkey2 );
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-    memset( &ssl_async_keys, 0, sizeof( ssl_async_keys ) );
-#endif
-#endif
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
-    mbedtls_dhm_init( &dhm );
-#endif
-#if defined(MBEDTLS_SSL_CACHE_C)
-    mbedtls_ssl_cache_init( &cache );
-#endif
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    mbedtls_ssl_ticket_init( &ticket_ctx );
-#endif
-#if defined(MBEDTLS_SSL_ALPN)
-    memset( (void *) alpn_list, 0, sizeof( alpn_list ) );
-#endif
-#if defined(MBEDTLS_SSL_COOKIE_C)
-    mbedtls_ssl_cookie_init( &cookie_ctx );
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    status = psa_crypto_init();
-    if( status != PSA_SUCCESS )
-    {
-        mbedtls_fprintf( stderr, "Failed to initialize PSA Crypto implementation: %d\n",
-                         (int) status );
-        ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
-        goto exit;
-    }
-#endif
-
-#if !defined(_WIN32)
-    /* Abort cleanly on SIGTERM and SIGINT */
-    signal( SIGTERM, term_handler );
-    signal( SIGINT, term_handler );
-#endif
-
-    if( argc == 0 )
-    {
-    usage:
-        if( ret == 0 )
-            ret = 1;
-
-        mbedtls_printf( USAGE1 );
-        mbedtls_printf( USAGE2 );
-        mbedtls_printf( USAGE3 );
-        mbedtls_printf( USAGE4 );
-
-        list = mbedtls_ssl_list_ciphersuites();
-        while( *list )
-        {
-            mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name( *list ) );
-            list++;
-            if( !*list )
-                break;
-            mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) );
-            list++;
-        }
-        mbedtls_printf("\n");
-        goto exit;
-    }
-
-    opt.buffer_size         = DFL_IO_BUF_LEN;
-    opt.server_addr         = DFL_SERVER_ADDR;
-    opt.server_port         = DFL_SERVER_PORT;
-    opt.debug_level         = DFL_DEBUG_LEVEL;
-    opt.event               = DFL_EVENT;
-    opt.response_size       = DFL_RESPONSE_SIZE;
-    opt.nbio                = DFL_NBIO;
-    opt.cid_enabled         = DFL_CID_ENABLED;
-    opt.cid_enabled_renego  = DFL_CID_ENABLED_RENEGO;
-    opt.cid_val             = DFL_CID_VALUE;
-    opt.cid_val_renego      = DFL_CID_VALUE_RENEGO;
-    opt.read_timeout        = DFL_READ_TIMEOUT;
-    opt.ca_file             = DFL_CA_FILE;
-    opt.ca_path             = DFL_CA_PATH;
-    opt.crt_file            = DFL_CRT_FILE;
-    opt.key_file            = DFL_KEY_FILE;
-    opt.key_pwd             = DFL_KEY_PWD;
-    opt.crt_file2           = DFL_CRT_FILE2;
-    opt.key_file2           = DFL_KEY_FILE2;
-    opt.key_pwd2            = DFL_KEY_PWD2;
-    opt.async_operations    = DFL_ASYNC_OPERATIONS;
-    opt.async_private_delay1 = DFL_ASYNC_PRIVATE_DELAY1;
-    opt.async_private_delay2 = DFL_ASYNC_PRIVATE_DELAY2;
-    opt.async_private_error = DFL_ASYNC_PRIVATE_ERROR;
-    opt.psk                 = DFL_PSK;
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    opt.psk_opaque          = DFL_PSK_OPAQUE;
-    opt.psk_list_opaque     = DFL_PSK_LIST_OPAQUE;
-#endif
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-    opt.ca_callback         = DFL_CA_CALLBACK;
-#endif
-    opt.psk_identity        = DFL_PSK_IDENTITY;
-    opt.psk_list            = DFL_PSK_LIST;
-    opt.ecjpake_pw          = DFL_ECJPAKE_PW;
-    opt.force_ciphersuite[0]= DFL_FORCE_CIPHER;
-    opt.version_suites      = DFL_VERSION_SUITES;
-    opt.renegotiation       = DFL_RENEGOTIATION;
-    opt.allow_legacy        = DFL_ALLOW_LEGACY;
-    opt.renegotiate         = DFL_RENEGOTIATE;
-    opt.renego_delay        = DFL_RENEGO_DELAY;
-    opt.renego_period       = DFL_RENEGO_PERIOD;
-    opt.exchanges           = DFL_EXCHANGES;
-    opt.min_version         = DFL_MIN_VERSION;
-    opt.max_version         = DFL_MAX_VERSION;
-    opt.arc4                = DFL_ARC4;
-    opt.allow_sha1          = DFL_SHA1;
-    opt.auth_mode           = DFL_AUTH_MODE;
-    opt.cert_req_ca_list    = DFL_CERT_REQ_CA_LIST;
-    opt.mfl_code            = DFL_MFL_CODE;
-    opt.trunc_hmac          = DFL_TRUNC_HMAC;
-    opt.tickets             = DFL_TICKETS;
-    opt.ticket_timeout      = DFL_TICKET_TIMEOUT;
-    opt.cache_max           = DFL_CACHE_MAX;
-    opt.cache_timeout       = DFL_CACHE_TIMEOUT;
-    opt.sni                 = DFL_SNI;
-    opt.alpn_string         = DFL_ALPN_STRING;
-    opt.curves              = DFL_CURVES;
-    opt.dhm_file            = DFL_DHM_FILE;
-    opt.transport           = DFL_TRANSPORT;
-    opt.cookies             = DFL_COOKIES;
-    opt.anti_replay         = DFL_ANTI_REPLAY;
-    opt.hs_to_min           = DFL_HS_TO_MIN;
-    opt.hs_to_max           = DFL_HS_TO_MAX;
-    opt.dtls_mtu            = DFL_DTLS_MTU;
-    opt.dgram_packing       = DFL_DGRAM_PACKING;
-    opt.badmac_limit        = DFL_BADMAC_LIMIT;
-    opt.extended_ms         = DFL_EXTENDED_MS;
-    opt.etm                 = DFL_ETM;
-    opt.serialize           = DFL_SERIALIZE;
-    opt.context_file        = DFL_CONTEXT_FILE;
-    opt.eap_tls             = DFL_EAP_TLS;
-    opt.reproducible        = DFL_REPRODUCIBLE;
-    opt.nss_keylog          = DFL_NSS_KEYLOG;
-    opt.nss_keylog_file     = DFL_NSS_KEYLOG_FILE;
-    opt.query_config_mode   = DFL_QUERY_CONFIG_MODE;
-    opt.use_srtp            = DFL_USE_SRTP;
-    opt.force_srtp_profile  = DFL_SRTP_FORCE_PROFILE;
-    opt.support_mki         = DFL_SRTP_SUPPORT_MKI;
-
-    for( i = 1; i < argc; i++ )
-    {
-        p = argv[i];
-        if( ( q = strchr( p, '=' ) ) == NULL )
-            goto usage;
-        *q++ = '\0';
-
-        if( strcmp( p, "server_port" ) == 0 )
-            opt.server_port = q;
-        else if( strcmp( p, "server_addr" ) == 0 )
-            opt.server_addr = q;
-        else if( strcmp( p, "dtls" ) == 0 )
-        {
-            int t = atoi( q );
-            if( t == 0 )
-                opt.transport = MBEDTLS_SSL_TRANSPORT_STREAM;
-            else if( t == 1 )
-                opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
-            else
-                goto usage;
-        }
-        else if( strcmp( p, "debug_level" ) == 0 )
-        {
-            opt.debug_level = atoi( q );
-            if( opt.debug_level < 0 || opt.debug_level > 65535 )
-                goto usage;
-        }
-        else if( strcmp( p, "nbio" ) == 0 )
-        {
-            opt.nbio = atoi( q );
-            if( opt.nbio < 0 || opt.nbio > 2 )
-                goto usage;
-        }
-        else if( strcmp( p, "event" ) == 0 )
-        {
-            opt.event = atoi( q );
-            if( opt.event < 0 || opt.event > 2 )
-                goto usage;
-        }
-        else if( strcmp( p, "read_timeout" ) == 0 )
-            opt.read_timeout = atoi( q );
-        else if( strcmp( p, "buffer_size" ) == 0 )
-        {
-            opt.buffer_size = atoi( q );
-            if( opt.buffer_size < 1 || opt.buffer_size > MBEDTLS_SSL_MAX_CONTENT_LEN + 1 )
-                goto usage;
-        }
-        else if( strcmp( p, "response_size" ) == 0 )
-        {
-            opt.response_size = atoi( q );
-            if( opt.response_size < 0 || opt.response_size > MBEDTLS_SSL_MAX_CONTENT_LEN )
-                goto usage;
-            if( opt.buffer_size < opt.response_size )
-                opt.buffer_size = opt.response_size;
-        }
-        else if( strcmp( p, "ca_file" ) == 0 )
-            opt.ca_file = q;
-        else if( strcmp( p, "ca_path" ) == 0 )
-            opt.ca_path = q;
-        else if( strcmp( p, "crt_file" ) == 0 )
-            opt.crt_file = q;
-        else if( strcmp( p, "key_file" ) == 0 )
-            opt.key_file = q;
-        else if( strcmp( p, "key_pwd" ) == 0 )
-            opt.key_pwd = q;
-        else if( strcmp( p, "crt_file2" ) == 0 )
-            opt.crt_file2 = q;
-        else if( strcmp( p, "key_file2" ) == 0 )
-            opt.key_file2 = q;
-        else if( strcmp( p, "key_pwd2" ) == 0 )
-            opt.key_pwd2 = q;
-        else if( strcmp( p, "dhm_file" ) == 0 )
-            opt.dhm_file = q;
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-        else if( strcmp( p, "async_operations" ) == 0 )
-            opt.async_operations = q;
-        else if( strcmp( p, "async_private_delay1" ) == 0 )
-            opt.async_private_delay1 = atoi( q );
-        else if( strcmp( p, "async_private_delay2" ) == 0 )
-            opt.async_private_delay2 = atoi( q );
-        else if( strcmp( p, "async_private_error" ) == 0 )
-        {
-            int n = atoi( q );
-            if( n < -SSL_ASYNC_INJECT_ERROR_MAX ||
-                n > SSL_ASYNC_INJECT_ERROR_MAX )
-            {
-                ret = 2;
-                goto usage;
-            }
-            opt.async_private_error = n;
-        }
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-        else if( strcmp( p, "cid" ) == 0 )
-        {
-            opt.cid_enabled = atoi( q );
-            if( opt.cid_enabled != 0 && opt.cid_enabled != 1 )
-                goto usage;
-        }
-        else if( strcmp( p, "cid_renego" ) == 0 )
-        {
-            opt.cid_enabled_renego = atoi( q );
-            if( opt.cid_enabled_renego != 0 && opt.cid_enabled_renego != 1 )
-                goto usage;
-        }
-        else if( strcmp( p, "cid_val" ) == 0 )
-        {
-            opt.cid_val = q;
-        }
-        else if( strcmp( p, "cid_val_renego" ) == 0 )
-        {
-            opt.cid_val_renego = q;
-        }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-        else if( strcmp( p, "psk" ) == 0 )
-            opt.psk = q;
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-        else if( strcmp( p, "psk_opaque" ) == 0 )
-            opt.psk_opaque = atoi( q );
-        else if( strcmp( p, "psk_list_opaque" ) == 0 )
-            opt.psk_list_opaque = atoi( q );
-#endif
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-        else if( strcmp( p, "ca_callback" ) == 0)
-            opt.ca_callback = atoi( q );
-#endif
-        else if( strcmp( p, "psk_identity" ) == 0 )
-            opt.psk_identity = q;
-        else if( strcmp( p, "psk_list" ) == 0 )
-            opt.psk_list = q;
-        else if( strcmp( p, "ecjpake_pw" ) == 0 )
-            opt.ecjpake_pw = q;
-        else if( strcmp( p, "force_ciphersuite" ) == 0 )
-        {
-            opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q );
-
-            if( opt.force_ciphersuite[0] == 0 )
-            {
-                ret = 2;
-                goto usage;
-            }
-            opt.force_ciphersuite[1] = 0;
-        }
-        else if( strcmp( p, "curves" ) == 0 )
-            opt.curves = q;
-        else if( strcmp( p, "version_suites" ) == 0 )
-            opt.version_suites = q;
-        else if( strcmp( p, "renegotiation" ) == 0 )
-        {
-            opt.renegotiation = (atoi( q )) ?
-                MBEDTLS_SSL_RENEGOTIATION_ENABLED :
-                MBEDTLS_SSL_RENEGOTIATION_DISABLED;
-        }
-        else if( strcmp( p, "allow_legacy" ) == 0 )
-        {
-            switch( atoi( q ) )
-            {
-                case -1:
-                    opt.allow_legacy = MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE;
-                    break;
-                case 0:
-                    opt.allow_legacy = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION;
-                    break;
-                case 1:
-                    opt.allow_legacy = MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION;
-                    break;
-                default: goto usage;
-            }
-        }
-        else if( strcmp( p, "renegotiate" ) == 0 )
-        {
-            opt.renegotiate = atoi( q );
-            if( opt.renegotiate < 0 || opt.renegotiate > 1 )
-                goto usage;
-        }
-        else if( strcmp( p, "renego_delay" ) == 0 )
-        {
-            opt.renego_delay = atoi( q );
-        }
-        else if( strcmp( p, "renego_period" ) == 0 )
-        {
-#if defined(_MSC_VER)
-            opt.renego_period = _strtoui64( q, NULL, 10 );
-#else
-            if( sscanf( q, "%" SCNu64, &opt.renego_period ) != 1 )
-                goto usage;
-#endif /* _MSC_VER */
-            if( opt.renego_period < 2 )
-                goto usage;
-        }
-        else if( strcmp( p, "exchanges" ) == 0 )
-        {
-            opt.exchanges = atoi( q );
-            if( opt.exchanges < 0 )
-                goto usage;
-        }
-        else if( strcmp( p, "min_version" ) == 0 )
-        {
-            if( strcmp( q, "ssl3" ) == 0 )
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0;
-            else if( strcmp( q, "tls1" ) == 0 )
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1;
-            else if( strcmp( q, "tls1_1" ) == 0 ||
-                     strcmp( q, "dtls1" ) == 0 )
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
-            else if( strcmp( q, "tls1_2" ) == 0 ||
-                     strcmp( q, "dtls1_2" ) == 0 )
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
-            else
-                goto usage;
-        }
-        else if( strcmp( p, "max_version" ) == 0 )
-        {
-            if( strcmp( q, "ssl3" ) == 0 )
-                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0;
-            else if( strcmp( q, "tls1" ) == 0 )
-                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1;
-            else if( strcmp( q, "tls1_1" ) == 0 ||
-                     strcmp( q, "dtls1" ) == 0 )
-                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2;
-            else if( strcmp( q, "tls1_2" ) == 0 ||
-                     strcmp( q, "dtls1_2" ) == 0 )
-                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
-            else
-                goto usage;
-        }
-        else if( strcmp( p, "arc4" ) == 0 )
-        {
-            switch( atoi( q ) )
-            {
-                case 0:     opt.arc4 = MBEDTLS_SSL_ARC4_DISABLED;   break;
-                case 1:     opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED;    break;
-                default:    goto usage;
-            }
-        }
-        else if( strcmp( p, "allow_sha1" ) == 0 )
-        {
-            switch( atoi( q ) )
-            {
-                case 0:     opt.allow_sha1 = 0;   break;
-                case 1:     opt.allow_sha1 = 1;    break;
-                default:    goto usage;
-            }
-        }
-        else if( strcmp( p, "force_version" ) == 0 )
-        {
-            if( strcmp( q, "ssl3" ) == 0 )
-            {
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0;
-                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0;
-            }
-            else if( strcmp( q, "tls1" ) == 0 )
-            {
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1;
-                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1;
-            }
-            else if( strcmp( q, "tls1_1" ) == 0 )
-            {
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
-                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2;
-            }
-            else if( strcmp( q, "tls1_2" ) == 0 )
-            {
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
-                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
-            }
-            else if( strcmp( q, "dtls1" ) == 0 )
-            {
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
-                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2;
-                opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
-            }
-            else if( strcmp( q, "dtls1_2" ) == 0 )
-            {
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
-                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
-                opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
-            }
-            else
-                goto usage;
-        }
-        else if( strcmp( p, "auth_mode" ) == 0 )
-        {
-            if( ( opt.auth_mode = get_auth_mode( q ) ) < 0 )
-                goto usage;
-        }
-        else if( strcmp( p, "cert_req_ca_list" ) == 0 )
-        {
-            opt.cert_req_ca_list = atoi( q );
-            if( opt.cert_req_ca_list < 0 || opt.cert_req_ca_list > 1 )
-                goto usage;
-        }
-        else if( strcmp( p, "max_frag_len" ) == 0 )
-        {
-            if( strcmp( q, "512" ) == 0 )
-                opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_512;
-            else if( strcmp( q, "1024" ) == 0 )
-                opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_1024;
-            else if( strcmp( q, "2048" ) == 0 )
-                opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_2048;
-            else if( strcmp( q, "4096" ) == 0 )
-                opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_4096;
-            else
-                goto usage;
-        }
-        else if( strcmp( p, "alpn" ) == 0 )
-        {
-            opt.alpn_string = q;
-        }
-        else if( strcmp( p, "trunc_hmac" ) == 0 )
-        {
-            switch( atoi( q ) )
-            {
-                case 0: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_DISABLED; break;
-                case 1: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; break;
-                default: goto usage;
-            }
-        }
-        else if( strcmp( p, "extended_ms" ) == 0 )
-        {
-            switch( atoi( q ) )
-            {
-                case 0:
-                    opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_DISABLED;
-                    break;
-                case 1:
-                    opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED;
-                    break;
-                default: goto usage;
-            }
-        }
-        else if( strcmp( p, "etm" ) == 0 )
-        {
-            switch( atoi( q ) )
-            {
-                case 0: opt.etm = MBEDTLS_SSL_ETM_DISABLED; break;
-                case 1: opt.etm = MBEDTLS_SSL_ETM_ENABLED; break;
-                default: goto usage;
-            }
-        }
-        else if( strcmp( p, "tickets" ) == 0 )
-        {
-            opt.tickets = atoi( q );
-            if( opt.tickets < 0 || opt.tickets > 1 )
-                goto usage;
-        }
-        else if( strcmp( p, "ticket_timeout" ) == 0 )
-        {
-            opt.ticket_timeout = atoi( q );
-            if( opt.ticket_timeout < 0 )
-                goto usage;
-        }
-        else if( strcmp( p, "cache_max" ) == 0 )
-        {
-            opt.cache_max = atoi( q );
-            if( opt.cache_max < 0 )
-                goto usage;
-        }
-        else if( strcmp( p, "cache_timeout" ) == 0 )
-        {
-            opt.cache_timeout = atoi( q );
-            if( opt.cache_timeout < 0 )
-                goto usage;
-        }
-        else if( strcmp( p, "cookies" ) == 0 )
-        {
-            opt.cookies = atoi( q );
-            if( opt.cookies < -1 || opt.cookies > 1)
-                goto usage;
-        }
-        else if( strcmp( p, "anti_replay" ) == 0 )
-        {
-            opt.anti_replay = atoi( q );
-            if( opt.anti_replay < 0 || opt.anti_replay > 1)
-                goto usage;
-        }
-        else if( strcmp( p, "badmac_limit" ) == 0 )
-        {
-            opt.badmac_limit = atoi( q );
-            if( opt.badmac_limit < 0 )
-                goto usage;
-        }
-        else if( strcmp( p, "hs_timeout" ) == 0 )
-        {
-            if( ( p = strchr( q, '-' ) ) == NULL )
-                goto usage;
-            *p++ = '\0';
-            opt.hs_to_min = atoi( q );
-            opt.hs_to_max = atoi( p );
-            if( opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min )
-                goto usage;
-        }
-        else if( strcmp( p, "mtu" ) == 0 )
-        {
-            opt.dtls_mtu = atoi( q );
-            if( opt.dtls_mtu < 0 )
-                goto usage;
-        }
-        else if( strcmp( p, "dgram_packing" ) == 0 )
-        {
-            opt.dgram_packing = atoi( q );
-            if( opt.dgram_packing != 0 &&
-                opt.dgram_packing != 1 )
-            {
-                goto usage;
-            }
-        }
-        else if( strcmp( p, "sni" ) == 0 )
-        {
-            opt.sni = q;
-        }
-        else if( strcmp( p, "query_config" ) == 0 )
-        {
-            opt.query_config_mode = 1;
-            query_config_ret = query_config( q );
-            goto exit;
-        }
-        else if( strcmp( p, "serialize") == 0 )
-        {
-            opt.serialize = atoi( q );
-            if( opt.serialize < 0 || opt.serialize > 2)
-                goto usage;
-        }
-        else if( strcmp( p, "context_file") == 0 )
-        {
-            opt.context_file = q;
-        }
-        else if( strcmp( p, "eap_tls" ) == 0 )
-        {
-            opt.eap_tls = atoi( q );
-            if( opt.eap_tls < 0 || opt.eap_tls > 1 )
-                goto usage;
-        }
-        else if( strcmp( p, "reproducible" ) == 0 )
-        {
-            opt.reproducible = 1;
-        }
-        else if( strcmp( p, "nss_keylog" ) == 0 )
-        {
-            opt.nss_keylog = atoi( q );
-            if( opt.nss_keylog < 0 || opt.nss_keylog > 1 )
-                goto usage;
-        }
-        else if( strcmp( p, "nss_keylog_file" ) == 0 )
-        {
-            opt.nss_keylog_file = q;
-        }
-        else if( strcmp( p, "use_srtp" ) == 0 )
-        {
-            opt.use_srtp = atoi ( q );
-        }
-        else if( strcmp( p, "srtp_force_profile" ) == 0 )
-        {
-            opt.force_srtp_profile = atoi( q );
-        }
-        else if( strcmp( p, "support_mki" ) == 0 )
-        {
-            opt.support_mki = atoi( q );
-        }
-        else
-            goto usage;
-    }
-
-    if( opt.nss_keylog != 0 && opt.eap_tls != 0 )
-    {
-        mbedtls_printf( "Error: eap_tls and nss_keylog options cannot be used together.\n" );
-        goto usage;
-    }
-
-    /* Event-driven IO is incompatible with the above custom
-     * receive and send functions, as the polling builds on
-     * refers to the underlying net_context. */
-    if( opt.event == 1 && opt.nbio != 1 )
-    {
-        mbedtls_printf( "Warning: event-driven IO mandates nbio=1 - overwrite\n" );
-        opt.nbio = 1;
-    }
-
-#if defined(MBEDTLS_DEBUG_C)
-    mbedtls_debug_set_threshold( opt.debug_level );
-#endif
-    buf = mbedtls_calloc( 1, opt.buffer_size + 1 );
-    if( buf == NULL )
-    {
-        mbedtls_printf( "Could not allocate %u bytes\n", opt.buffer_size );
-        ret = 3;
-        goto exit;
-    }
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( opt.psk_opaque != 0 )
-    {
-        if( strlen( opt.psk ) == 0 )
-        {
-            mbedtls_printf( "psk_opaque set but no psk to be imported specified.\n" );
-            ret = 2;
-            goto usage;
-        }
-
-        if( opt.force_ciphersuite[0] <= 0 )
-        {
-            mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
-            ret = 2;
-            goto usage;
-        }
-    }
-
-    if( opt.psk_list_opaque != 0 )
-    {
-        if( opt.psk_list == NULL )
-        {
-            mbedtls_printf( "psk_slot set but no psk to be imported specified.\n" );
-            ret = 2;
-            goto usage;
-        }
-
-        if( opt.force_ciphersuite[0] <= 0 )
-        {
-            mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
-            ret = 2;
-            goto usage;
-        }
-    }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-    if( opt.force_ciphersuite[0] > 0 )
-    {
-        const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
-        ciphersuite_info =
-            mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] );
-
-        if( opt.max_version != -1 &&
-            ciphersuite_info->min_minor_ver > opt.max_version )
-        {
-            mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
-            ret = 2;
-            goto usage;
-        }
-        if( opt.min_version != -1 &&
-            ciphersuite_info->max_minor_ver < opt.min_version )
-        {
-            mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
-            ret = 2;
-            goto usage;
-        }
-
-        /* If we select a version that's not supported by
-         * this suite, then there will be no common ciphersuite... */
-        if( opt.max_version == -1 ||
-            opt.max_version > ciphersuite_info->max_minor_ver )
-        {
-            opt.max_version = ciphersuite_info->max_minor_ver;
-        }
-        if( opt.min_version < ciphersuite_info->min_minor_ver )
-        {
-            opt.min_version = ciphersuite_info->min_minor_ver;
-            /* DTLS starts with TLS 1.1 */
-            if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-                opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 )
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
-        }
-
-        /* Enable RC4 if needed and not explicitly disabled */
-        if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
-        {
-            if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED )
-            {
-                mbedtls_printf("forced RC4 ciphersuite with RC4 disabled\n");
-                ret = 2;
-                goto usage;
-            }
-
-            opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED;
-        }
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-        if( opt.psk_opaque != 0 || opt.psk_list_opaque != 0 )
-        {
-            /* Ensure that the chosen ciphersuite is PSK-only; we must know
-             * the ciphersuite in advance to set the correct policy for the
-             * PSK key slot. This limitation might go away in the future. */
-            if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK ||
-                opt.min_version != MBEDTLS_SSL_MINOR_VERSION_3 )
-            {
-                mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
-                ret = 2;
-                goto usage;
-            }
-
-            /* Determine KDF algorithm the opaque PSK will be used in. */
-#if defined(MBEDTLS_SHA512_C)
-            if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
-                alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384);
-            else
-#endif /* MBEDTLS_SHA512_C */
-                alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
-        }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-    }
-
-    if( opt.version_suites != NULL )
-    {
-        const char *name[4] = { 0 };
-
-        /* Parse 4-element coma-separated list */
-        for( i = 0, p = (char *) opt.version_suites;
-             i < 4 && *p != '\0';
-             i++ )
-        {
-            name[i] = p;
-
-            /* Terminate the current string and move on to next one */
-            while( *p != ',' && *p != '\0' )
-                p++;
-            if( *p == ',' )
-                *p++ = '\0';
-        }
-
-        if( i != 4 )
-        {
-            mbedtls_printf( "too few values for version_suites\n" );
-            ret = 1;
-            goto exit;
-        }
-
-        memset( version_suites, 0, sizeof( version_suites ) );
-
-        /* Get the suites identifiers from their name */
-        for( i = 0; i < 4; i++ )
-        {
-            version_suites[i][0] = mbedtls_ssl_get_ciphersuite_id( name[i] );
-
-            if( version_suites[i][0] == 0 )
-            {
-                mbedtls_printf( "unknown ciphersuite: '%s'\n", name[i] );
-                ret = 2;
-                goto usage;
-            }
-        }
-    }
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    if( mbedtls_test_unhexify( cid, sizeof( cid ),
-                               opt.cid_val, &cid_len ) != 0 )
-    {
-        mbedtls_printf( "CID not valid hex\n" );
-        goto exit;
-    }
-
-    /* Keep CID settings for renegotiation unless
-     * specified otherwise. */
-    if( opt.cid_enabled_renego == DFL_CID_ENABLED_RENEGO )
-        opt.cid_enabled_renego = opt.cid_enabled;
-    if( opt.cid_val_renego == DFL_CID_VALUE_RENEGO )
-        opt.cid_val_renego = opt.cid_val;
-
-    if( mbedtls_test_unhexify( cid_renego, sizeof( cid_renego ),
-                               opt.cid_val_renego, &cid_renego_len ) != 0 )
-    {
-        mbedtls_printf( "CID not valid hex\n" );
-        goto exit;
-    }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-    /*
-     * Unhexify the pre-shared key and parse the list if any given
-     */
-    if( mbedtls_test_unhexify( psk, sizeof( psk ),
-                               opt.psk, &psk_len ) != 0 )
-    {
-        mbedtls_printf( "pre-shared key not valid hex\n" );
-        goto exit;
-    }
-
-    if( opt.psk_list != NULL )
-    {
-        if( ( psk_info = psk_parse( opt.psk_list ) ) == NULL )
-        {
-            mbedtls_printf( "psk_list invalid" );
-            goto exit;
-        }
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-
-#if defined(MBEDTLS_ECP_C)
-    if( opt.curves != NULL )
-    {
-        p = (char *) opt.curves;
-        i = 0;
-
-        if( strcmp( p, "none" ) == 0 )
-        {
-            curve_list[0] = MBEDTLS_ECP_DP_NONE;
-        }
-        else if( strcmp( p, "default" ) != 0 )
-        {
-            /* Leave room for a final NULL in curve list */
-            while( i < CURVE_LIST_SIZE - 1 && *p != '\0' )
-            {
-                q = p;
-
-                /* Terminate the current string */
-                while( *p != ',' && *p != '\0' )
-                    p++;
-                if( *p == ',' )
-                    *p++ = '\0';
-
-                if( ( curve_cur = mbedtls_ecp_curve_info_from_name( q ) ) != NULL )
-                {
-                    curve_list[i++] = curve_cur->grp_id;
-                }
-                else
-                {
-                    mbedtls_printf( "unknown curve %s\n", q );
-                    mbedtls_printf( "supported curves: " );
-                    for( curve_cur = mbedtls_ecp_curve_list();
-                         curve_cur->grp_id != MBEDTLS_ECP_DP_NONE;
-                         curve_cur++ )
-                    {
-                        mbedtls_printf( "%s ", curve_cur->name );
-                    }
-                    mbedtls_printf( "\n" );
-                    goto exit;
-                }
-            }
-
-            mbedtls_printf("Number of curves: %d\n", i );
-
-            if( i == CURVE_LIST_SIZE - 1 && *p != '\0' )
-            {
-                mbedtls_printf( "curves list too long, maximum %d",
-                                CURVE_LIST_SIZE - 1  );
-                goto exit;
-            }
-
-            curve_list[i] = MBEDTLS_ECP_DP_NONE;
-        }
-    }
-#endif /* MBEDTLS_ECP_C */
-
-#if defined(MBEDTLS_SSL_ALPN)
-    if( opt.alpn_string != NULL )
-    {
-        p = (char *) opt.alpn_string;
-        i = 0;
-
-        /* Leave room for a final NULL in alpn_list */
-        while( i < ALPN_LIST_SIZE - 1 && *p != '\0' )
-        {
-            alpn_list[i++] = p;
-
-            /* Terminate the current string and move on to next one */
-            while( *p != ',' && *p != '\0' )
-                p++;
-            if( *p == ',' )
-                *p++ = '\0';
-        }
-    }
-#endif /* MBEDTLS_SSL_ALPN */
-
-    /*
-     * 0. Initialize the RNG and the session data
-     */
-    mbedtls_printf( "\n  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    mbedtls_entropy_init( &entropy );
-    if (opt.reproducible)
-    {
-        srand( 1 );
-        if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy,
-                                           &entropy, (const unsigned char *) pers,
-                                           strlen( pers ) ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned -0x%x\n",
-                            (unsigned int) -ret );
-            goto exit;
-        }
-    }
-    else
-    {
-        if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
-                                           &entropy, (const unsigned char *) pers,
-                                           strlen( pers ) ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned -0x%x\n",
-                            (unsigned int) -ret );
-            goto exit;
-        }
-    }
-
-    mbedtls_printf( " ok\n" );
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    /*
-     * 1.1. Load the trusted CA
-     */
-    mbedtls_printf( "  . Loading the CA root certificate ..." );
-    fflush( stdout );
-
-    if( strcmp( opt.ca_path, "none" ) == 0 ||
-        strcmp( opt.ca_file, "none" ) == 0 )
-    {
-        ret = 0;
-    }
-    else
-#if defined(MBEDTLS_FS_IO)
-    if( strlen( opt.ca_path ) )
-        ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path );
-    else if( strlen( opt.ca_file ) )
-        ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file );
-    else
-#endif
-#if defined(MBEDTLS_CERTS_C)
-    {
-#if defined(MBEDTLS_PEM_PARSE_C)
-        for( i = 0; mbedtls_test_cas[i] != NULL; i++ )
-        {
-            ret = mbedtls_x509_crt_parse( &cacert,
-                                  (const unsigned char *) mbedtls_test_cas[i],
-                                  mbedtls_test_cas_len[i] );
-            if( ret != 0 )
-                break;
-        }
-        if( ret == 0 )
-#endif /* MBEDTLS_PEM_PARSE_C */
-        for( i = 0; mbedtls_test_cas_der[i] != NULL; i++ )
-        {
-            ret = mbedtls_x509_crt_parse_der( &cacert,
-                         (const unsigned char *) mbedtls_test_cas_der[i],
-                         mbedtls_test_cas_der_len[i] );
-            if( ret != 0 )
-                break;
-        }
-    }
-#else
-    {
-        ret = 1;
-        mbedtls_printf( "MBEDTLS_CERTS_C not defined." );
-    }
-#endif /* MBEDTLS_CERTS_C */
-    if( ret < 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse returned -0x%x\n\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok (%d skipped)\n", ret );
-
-    /*
-     * 1.2. Load own certificate and private key
-     */
-    mbedtls_printf( "  . Loading the server cert. and key..." );
-    fflush( stdout );
-
-#if defined(MBEDTLS_FS_IO)
-    if( strlen( opt.crt_file ) && strcmp( opt.crt_file, "none" ) != 0 )
-    {
-        key_cert_init++;
-        if( ( ret = mbedtls_x509_crt_parse_file( &srvcert, opt.crt_file ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse_file returned -0x%x\n\n",
-                    (unsigned int) -ret );
-            goto exit;
-        }
-    }
-    if( strlen( opt.key_file ) && strcmp( opt.key_file, "none" ) != 0 )
-    {
-        key_cert_init++;
-        if( ( ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file,
-                                              opt.key_pwd ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_pk_parse_keyfile returned -0x%x\n\n", (unsigned int) -ret );
-            goto exit;
-        }
-    }
-    if( key_cert_init == 1 )
-    {
-        mbedtls_printf( " failed\n  !  crt_file without key_file or vice-versa\n\n" );
-        goto exit;
-    }
-
-    if( strlen( opt.crt_file2 ) && strcmp( opt.crt_file2, "none" ) != 0 )
-    {
-        key_cert_init2++;
-        if( ( ret = mbedtls_x509_crt_parse_file( &srvcert2, opt.crt_file2 ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse_file(2) returned -0x%x\n\n",
-                    (unsigned int) -ret );
-            goto exit;
-        }
-    }
-    if( strlen( opt.key_file2 ) && strcmp( opt.key_file2, "none" ) != 0 )
-    {
-        key_cert_init2++;
-        if( ( ret = mbedtls_pk_parse_keyfile( &pkey2, opt.key_file2,
-                                              opt.key_pwd2 ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_pk_parse_keyfile(2) returned -0x%x\n\n",
-                            (unsigned int) -ret );
-            goto exit;
-        }
-    }
-    if( key_cert_init2 == 1 )
-    {
-        mbedtls_printf( " failed\n  !  crt_file2 without key_file2 or vice-versa\n\n" );
-        goto exit;
-    }
-#endif
-    if( key_cert_init == 0 &&
-        strcmp( opt.crt_file, "none" ) != 0 &&
-        strcmp( opt.key_file, "none" ) != 0 &&
-        key_cert_init2 == 0 &&
-        strcmp( opt.crt_file2, "none" ) != 0 &&
-        strcmp( opt.key_file2, "none" ) != 0 )
-    {
-#if !defined(MBEDTLS_CERTS_C)
-        mbedtls_printf( "Not certificated or key provided, and \nMBEDTLS_CERTS_C not defined!\n" );
-        goto exit;
-#else
-#if defined(MBEDTLS_RSA_C)
-        if( ( ret = mbedtls_x509_crt_parse( &srvcert,
-                                    (const unsigned char *) mbedtls_test_srv_crt_rsa,
-                                    mbedtls_test_srv_crt_rsa_len ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse returned -0x%x\n\n",
-                            (unsigned int) -ret );
-            goto exit;
-        }
-        if( ( ret = mbedtls_pk_parse_key( &pkey,
-                                  (const unsigned char *) mbedtls_test_srv_key_rsa,
-                                  mbedtls_test_srv_key_rsa_len, NULL, 0 ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_pk_parse_key returned -0x%x\n\n",
-                            (unsigned int) -ret );
-            goto exit;
-        }
-        key_cert_init = 2;
-#endif /* MBEDTLS_RSA_C */
-#if defined(MBEDTLS_ECDSA_C)
-        if( ( ret = mbedtls_x509_crt_parse( &srvcert2,
-                                    (const unsigned char *) mbedtls_test_srv_crt_ec,
-                                    mbedtls_test_srv_crt_ec_len ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  !  x509_crt_parse2 returned -0x%x\n\n",
-                            (unsigned int) -ret );
-            goto exit;
-        }
-        if( ( ret = mbedtls_pk_parse_key( &pkey2,
-                                  (const unsigned char *) mbedtls_test_srv_key_ec,
-                                  mbedtls_test_srv_key_ec_len, NULL, 0 ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  !  pk_parse_key2 returned -0x%x\n\n",
-                            (unsigned int) -ret );
-            goto exit;
-        }
-        key_cert_init2 = 2;
-#endif /* MBEDTLS_ECDSA_C */
-#endif /* MBEDTLS_CERTS_C */
-    }
-
-    mbedtls_printf( " ok\n" );
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
-    if( opt.dhm_file != NULL )
-    {
-        mbedtls_printf( "  . Loading DHM parameters..." );
-        fflush( stdout );
-
-        if( ( ret = mbedtls_dhm_parse_dhmfile( &dhm, opt.dhm_file ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_dhm_parse_dhmfile returned -0x%04X\n\n",
-                     (unsigned int) -ret );
-            goto exit;
-        }
-
-        mbedtls_printf( " ok\n" );
-    }
-#endif
-
-#if defined(SNI_OPTION)
-    if( opt.sni != NULL )
-    {
-        mbedtls_printf( "  . Setting up SNI information..." );
-        fflush( stdout );
-
-        if( ( sni_info = sni_parse( opt.sni ) ) == NULL )
-        {
-            mbedtls_printf( " failed\n" );
-            goto exit;
-        }
-
-        mbedtls_printf( " ok\n" );
-    }
-#endif /* SNI_OPTION */
-
-    /*
-     * 2. Setup the listening TCP socket
-     */
-    mbedtls_printf( "  . Bind on %s://%s:%s/ ...",
-            opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp",
-            opt.server_addr ? opt.server_addr : "*",
-            opt.server_port );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_net_bind( &listen_fd, opt.server_addr, opt.server_port,
-                          opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ?
-                          MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_bind returned -0x%x\n\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 3. Setup stuff
-     */
-    mbedtls_printf( "  . Setting up the SSL/TLS structure..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ssl_config_defaults( &conf,
-                    MBEDTLS_SSL_IS_SERVER,
-                    opt.transport,
-                    MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned -0x%x\n\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    /* The default algorithms profile disables SHA-1, but our tests still
-       rely on it heavily. Hence we allow it here. A real-world server
-       should use the default profile unless there is a good reason not to. */
-    if( opt.allow_sha1 > 0 )
-    {
-        crt_profile_for_test.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 );
-        mbedtls_ssl_conf_cert_profile( &conf, &crt_profile_for_test );
-        mbedtls_ssl_conf_sig_hashes( &conf, ssl_sig_hashes_for_test );
-    }
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-    if( opt.auth_mode != DFL_AUTH_MODE )
-        mbedtls_ssl_conf_authmode( &conf, opt.auth_mode );
-
-    if( opt.cert_req_ca_list != DFL_CERT_REQ_CA_LIST )
-        mbedtls_ssl_conf_cert_req_ca_list( &conf, opt.cert_req_ca_list );
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX )
-        mbedtls_ssl_conf_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max );
-
-    if( opt.dgram_packing != DFL_DGRAM_PACKING )
-        mbedtls_ssl_set_datagram_packing( &ssl, opt.dgram_packing );
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-    if( ( ret = mbedtls_ssl_conf_max_frag_len( &conf, opt.mfl_code ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", ret );
-        goto exit;
-    }
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    if( opt.cid_enabled == 1 || opt.cid_enabled_renego == 1 )
-    {
-        if( opt.cid_enabled == 1        &&
-            opt.cid_enabled_renego == 1 &&
-            cid_len != cid_renego_len )
-        {
-            mbedtls_printf( "CID length must not change during renegotiation\n" );
-            goto usage;
-        }
-
-        if( opt.cid_enabled == 1 )
-            ret = mbedtls_ssl_conf_cid( &conf, cid_len,
-                                        MBEDTLS_SSL_UNEXPECTED_CID_IGNORE );
-        else
-            ret = mbedtls_ssl_conf_cid( &conf, cid_renego_len,
-                                        MBEDTLS_SSL_UNEXPECTED_CID_IGNORE );
-
-        if( ret != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_cid_len returned -%#04x\n\n",
-                            (unsigned int) -ret );
-            goto exit;
-        }
-    }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#if defined(MBEDTLS_SSL_DTLS_SRTP)
-    if( opt.use_srtp == 1 )
-    {
-        if( opt.force_srtp_profile != 0 )
-        {
-            const mbedtls_ssl_srtp_profile forced_profile[] = { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET };
-            ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles( &conf, forced_profile );
-        }
-        else
-        {
-            ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles( &conf, default_profiles );
-        }
-
-        if( ret != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_dtls_srtp_protection_profiles returned %d\n\n", ret );
-            goto exit;
-        }
-
-        mbedtls_ssl_conf_srtp_mki_value_supported( &conf,
-                                                   opt.support_mki ?
-                                                   MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED :
-                                                   MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED );
-
-    }
-    else if( opt.force_srtp_profile != 0 )
-    {
-        mbedtls_printf( " failed\n  ! must enable use_srtp to force srtp profile\n\n" );
-        goto exit;
-    }
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-    if( opt.trunc_hmac != DFL_TRUNC_HMAC )
-        mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac );
-#endif
-
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-    if( opt.extended_ms != DFL_EXTENDED_MS )
-        mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms );
-#endif
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-    if( opt.etm != DFL_ETM )
-        mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm );
-#endif
-
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-    if( opt.eap_tls != 0 )
-    {
-        mbedtls_ssl_conf_export_keys_ext_cb( &conf, eap_tls_key_derivation,
-                                             &eap_tls_keying );
-    }
-    else if( opt.nss_keylog != 0 )
-    {
-        mbedtls_ssl_conf_export_keys_ext_cb( &conf,
-                                             nss_keylog_export,
-                                             NULL );
-    }
-#if defined( MBEDTLS_SSL_DTLS_SRTP )
-    else if( opt.use_srtp != 0 )
-    {
-        mbedtls_ssl_conf_export_keys_ext_cb( &conf, dtls_srtp_key_derivation,
-                                             &dtls_srtp_keying );
-    }
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */
-
-#if defined(MBEDTLS_SSL_ALPN)
-    if( opt.alpn_string != NULL )
-        if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", ret );
-            goto exit;
-        }
-#endif
-
-    if (opt.reproducible)
-    {
-#if defined(MBEDTLS_HAVE_TIME)
-#if defined(MBEDTLS_PLATFORM_TIME_ALT)
-        mbedtls_platform_set_time( dummy_constant_time );
-#else
-        fprintf( stderr, "Warning: reproducible option used without constant time\n" );
-#endif
-#endif
-    }
-    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-    mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
-
-#if defined(MBEDTLS_SSL_CACHE_C)
-    if( opt.cache_max != -1 )
-        mbedtls_ssl_cache_set_max_entries( &cache, opt.cache_max );
-
-    if( opt.cache_timeout != -1 )
-        mbedtls_ssl_cache_set_timeout( &cache, opt.cache_timeout );
-
-    mbedtls_ssl_conf_session_cache( &conf, &cache,
-                                   mbedtls_ssl_cache_get,
-                                   mbedtls_ssl_cache_set );
-#endif
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    if( opt.tickets == MBEDTLS_SSL_SESSION_TICKETS_ENABLED )
-    {
-        if( ( ret = mbedtls_ssl_ticket_setup( &ticket_ctx,
-                        mbedtls_ctr_drbg_random, &ctr_drbg,
-                        MBEDTLS_CIPHER_AES_256_GCM,
-                        opt.ticket_timeout ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_ticket_setup returned %d\n\n", ret );
-            goto exit;
-        }
-
-        mbedtls_ssl_conf_session_tickets_cb( &conf,
-                mbedtls_ssl_ticket_write,
-                mbedtls_ssl_ticket_parse,
-                &ticket_ctx );
-    }
-#endif
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-#if defined(MBEDTLS_SSL_COOKIE_C)
-        if( opt.cookies > 0 )
-        {
-            if( ( ret = mbedtls_ssl_cookie_setup( &cookie_ctx,
-                                          mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
-            {
-                mbedtls_printf( " failed\n  ! mbedtls_ssl_cookie_setup returned %d\n\n", ret );
-                goto exit;
-            }
-
-            mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
-                                       &cookie_ctx );
-        }
-        else
-#endif /* MBEDTLS_SSL_COOKIE_C */
-#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
-        if( opt.cookies == 0 )
-        {
-            mbedtls_ssl_conf_dtls_cookies( &conf, NULL, NULL, NULL );
-        }
-        else
-#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
-        {
-            ; /* Nothing to do */
-        }
-
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-        if( opt.anti_replay != DFL_ANTI_REPLAY )
-            mbedtls_ssl_conf_dtls_anti_replay( &conf, opt.anti_replay );
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
-        if( opt.badmac_limit != DFL_BADMAC_LIMIT )
-            mbedtls_ssl_conf_dtls_badmac_limit( &conf, opt.badmac_limit );
-#endif
-    }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-    if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
-        mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite );
-
-#if defined(MBEDTLS_ARC4_C)
-    if( opt.arc4 != DFL_ARC4 )
-        mbedtls_ssl_conf_arc4_support( &conf, opt.arc4 );
-#endif
-
-    if( opt.version_suites != NULL )
-    {
-        mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[0],
-                                          MBEDTLS_SSL_MAJOR_VERSION_3,
-                                          MBEDTLS_SSL_MINOR_VERSION_0 );
-        mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[1],
-                                          MBEDTLS_SSL_MAJOR_VERSION_3,
-                                          MBEDTLS_SSL_MINOR_VERSION_1 );
-        mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[2],
-                                          MBEDTLS_SSL_MAJOR_VERSION_3,
-                                          MBEDTLS_SSL_MINOR_VERSION_2 );
-        mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[3],
-                                          MBEDTLS_SSL_MAJOR_VERSION_3,
-                                          MBEDTLS_SSL_MINOR_VERSION_3 );
-    }
-
-    if( opt.allow_legacy != DFL_ALLOW_LEGACY )
-        mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy );
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    mbedtls_ssl_conf_renegotiation( &conf, opt.renegotiation );
-
-    if( opt.renego_delay != DFL_RENEGO_DELAY )
-        mbedtls_ssl_conf_renegotiation_enforced( &conf, opt.renego_delay );
-
-    if( opt.renego_period != DFL_RENEGO_PERIOD )
-    {
-        PUT_UINT64_BE( renego_period, opt.renego_period, 0 );
-        mbedtls_ssl_conf_renegotiation_period( &conf, renego_period );
-    }
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    if( strcmp( opt.ca_path, "none" ) != 0 &&
-        strcmp( opt.ca_file, "none" ) != 0 )
-    {
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-        if( opt.ca_callback != 0 )
-            mbedtls_ssl_conf_ca_cb( &conf, ca_callback, &cacert);
-        else
-#endif
-            mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
-    }
-    if( key_cert_init )
-    {
-        mbedtls_pk_context *pk = &pkey;
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-        if( opt.async_private_delay1 >= 0 )
-        {
-            ret = ssl_async_set_key( &ssl_async_keys, &srvcert, pk, 0,
-                                     opt.async_private_delay1 );
-            if( ret < 0 )
-            {
-                mbedtls_printf( "  Test error: ssl_async_set_key failed (%d)\n",
-                                ret );
-                goto exit;
-            }
-            pk = NULL;
-        }
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-        if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, pk ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
-            goto exit;
-        }
-    }
-    if( key_cert_init2 )
-    {
-        mbedtls_pk_context *pk = &pkey2;
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-        if( opt.async_private_delay2 >= 0 )
-        {
-            ret = ssl_async_set_key( &ssl_async_keys, &srvcert2, pk, 0,
-                                     opt.async_private_delay2 );
-            if( ret < 0 )
-            {
-                mbedtls_printf( "  Test error: ssl_async_set_key failed (%d)\n",
-                                ret );
-                goto exit;
-            }
-            pk = NULL;
-        }
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-        if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert2, pk ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
-            goto exit;
-        }
-    }
-
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-    if( opt.async_operations[0] != '-' )
-    {
-        mbedtls_ssl_async_sign_t *sign = NULL;
-        mbedtls_ssl_async_decrypt_t *decrypt = NULL;
-        const char *r;
-        for( r = opt.async_operations; *r; r++ )
-        {
-            switch( *r )
-            {
-            case 'd':
-                decrypt = ssl_async_decrypt;
-                break;
-            case 's':
-                sign = ssl_async_sign;
-                break;
-            }
-        }
-        ssl_async_keys.inject_error = ( opt.async_private_error < 0 ?
-                                        - opt.async_private_error :
-                                        opt.async_private_error );
-        ssl_async_keys.f_rng = mbedtls_ctr_drbg_random;
-        ssl_async_keys.p_rng = &ctr_drbg;
-        mbedtls_ssl_conf_async_private_cb( &conf,
-                                           sign,
-                                           decrypt,
-                                           ssl_async_resume,
-                                           ssl_async_cancel,
-                                           &ssl_async_keys );
-    }
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-#if defined(SNI_OPTION)
-    if( opt.sni != NULL )
-    {
-        mbedtls_ssl_conf_sni( &conf, sni_callback, sni_info );
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-        if( opt.async_private_delay2 >= 0 )
-        {
-            sni_entry *cur;
-            for( cur = sni_info; cur != NULL; cur = cur->next )
-            {
-                ret = ssl_async_set_key( &ssl_async_keys,
-                                         cur->cert, cur->key, 1,
-                                         opt.async_private_delay2 );
-                if( ret < 0 )
-                {
-                    mbedtls_printf( "  Test error: ssl_async_set_key failed (%d)\n",
-                                    ret );
-                    goto exit;
-                }
-                cur->key = NULL;
-            }
-        }
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-    }
-#endif
-
-#if defined(MBEDTLS_ECP_C)
-    if( opt.curves != NULL &&
-        strcmp( opt.curves, "default" ) != 0 )
-    {
-        mbedtls_ssl_conf_curves( &conf, curve_list );
-    }
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-
-    if( strlen( opt.psk ) != 0 && strlen( opt.psk_identity ) != 0 )
-    {
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-        if( opt.psk_opaque != 0 )
-        {
-            /* The algorithm has already been determined earlier. */
-            status = psa_setup_psk_key_slot( &psk_slot, alg, psk, psk_len );
-            if( status != PSA_SUCCESS )
-            {
-                fprintf( stderr, "SETUP FAIL\n" );
-                ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
-                goto exit;
-            }
-            if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, psk_slot,
-                             (const unsigned char *) opt.psk_identity,
-                             strlen( opt.psk_identity ) ) ) != 0 )
-            {
-                mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_psk_opaque returned %d\n\n",
-                                ret );
-                goto exit;
-            }
-        }
-        else
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-        if( psk_len > 0 )
-        {
-            ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len,
-                                     (const unsigned char *) opt.psk_identity,
-                                     strlen( opt.psk_identity ) );
-            if( ret != 0 )
-            {
-                mbedtls_printf( "  failed\n  mbedtls_ssl_conf_psk returned -0x%04X\n\n", (unsigned int) -ret );
-                goto exit;
-            }
-        }
-    }
-
-    if( opt.psk_list != NULL )
-    {
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-        if( opt.psk_list_opaque != 0 )
-        {
-            psk_entry *cur_psk;
-            for( cur_psk = psk_info; cur_psk != NULL; cur_psk = cur_psk->next )
-            {
-
-                status = psa_setup_psk_key_slot( &cur_psk->slot, alg,
-                                                 cur_psk->key,
-                                                 cur_psk->key_len );
-                if( status != PSA_SUCCESS )
-                {
-                    ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
-                    goto exit;
-                }
-            }
-        }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-        mbedtls_ssl_conf_psk_cb( &conf, psk_callback, psk_info );
-    }
-#endif
-
-#if defined(MBEDTLS_DHM_C)
-    /*
-     * Use different group than default DHM group
-     */
-#if defined(MBEDTLS_FS_IO)
-    if( opt.dhm_file != NULL )
-        ret = mbedtls_ssl_conf_dh_param_ctx( &conf, &dhm );
-#endif
-    if( ret != 0 )
-    {
-        mbedtls_printf( "  failed\n  mbedtls_ssl_conf_dh_param returned -0x%04X\n\n", (unsigned int) -ret );
-        goto exit;
-    }
-#endif
-
-    if( opt.min_version != DFL_MIN_VERSION )
-        mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
-
-    if( opt.max_version != DFL_MIN_VERSION )
-        mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
-
-    if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_setup returned -0x%x\n\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-    io_ctx.ssl = &ssl;
-    io_ctx.net = &client_fd;
-    mbedtls_ssl_set_bio( &ssl, &io_ctx, send_cb, recv_cb,
-                         opt.nbio == 0 ? recv_timeout_cb : NULL );
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        if( ( ret = mbedtls_ssl_set_cid( &ssl, opt.cid_enabled,
-                                         cid, cid_len ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_set_cid returned %d\n\n",
-                            ret );
-            goto exit;
-        }
-    }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( opt.dtls_mtu != DFL_DTLS_MTU )
-        mbedtls_ssl_set_mtu( &ssl, opt.dtls_mtu );
-#endif
-
-#if defined(MBEDTLS_TIMING_C)
-    mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay,
-                                            mbedtls_timing_get_delay );
-#endif
-
-    mbedtls_printf( " ok\n" );
-
-reset:
-#if !defined(_WIN32)
-    if( received_sigterm )
-    {
-        mbedtls_printf( " interrupted by SIGTERM (not in net_accept())\n" );
-        if( ret == MBEDTLS_ERR_NET_INVALID_CONTEXT )
-            ret = 0;
-
-        goto exit;
-    }
-#endif
-
-    if( ret == MBEDTLS_ERR_SSL_CLIENT_RECONNECT )
-    {
-        mbedtls_printf( "  ! Client initiated reconnection from same port\n" );
-        goto handshake;
-    }
-
-#ifdef MBEDTLS_ERROR_C
-    if( ret != 0 )
-    {
-        char error_buf[100];
-        mbedtls_strerror( ret, error_buf, 100 );
-        mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf );
-    }
-#endif
-
-    mbedtls_net_free( &client_fd );
-
-    mbedtls_ssl_session_reset( &ssl );
-
-    /*
-     * 3. Wait until a client connects
-     */
-    mbedtls_printf( "  . Waiting for a remote connection ..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
-                    client_ip, sizeof( client_ip ), &cliip_len ) ) != 0 )
-    {
-#if !defined(_WIN32)
-        if( received_sigterm )
-        {
-            mbedtls_printf( " interrupted by SIGTERM (in net_accept())\n" );
-            if( ret == MBEDTLS_ERR_NET_ACCEPT_FAILED )
-                ret = 0;
-
-            goto exit;
-        }
-#endif
-
-        mbedtls_printf( " failed\n  ! mbedtls_net_accept returned -0x%x\n\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-    if( opt.nbio > 0 )
-        ret = mbedtls_net_set_nonblock( &client_fd );
-    else
-        ret = mbedtls_net_set_block( &client_fd );
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! net_set_(non)block() returned -0x%x\n\n", (unsigned int) -ret );
-        goto exit;
-    }
-
-    mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout );
-
-#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
-    if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        if( ( ret = mbedtls_ssl_set_client_transport_id( &ssl,
-                        client_ip, cliip_len ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n",
-                            (unsigned int) -ret );
-            goto exit;
-        }
-    }
-#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-    if( opt.ecjpake_pw != DFL_ECJPAKE_PW )
-    {
-        if( ( ret = mbedtls_ssl_set_hs_ecjpake_password( &ssl,
-                        (const unsigned char *) opt.ecjpake_pw,
-                                        strlen( opt.ecjpake_pw ) ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n", ret );
-            goto exit;
-        }
-    }
-#endif
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 4. Handshake
-     */
-handshake:
-    mbedtls_printf( "  . Performing the SSL/TLS handshake..." );
-    fflush( stdout );
-
-    while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
-    {
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-        if( ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS &&
-            ssl_async_keys.inject_error == SSL_ASYNC_INJECT_ERROR_CANCEL )
-        {
-            mbedtls_printf( " cancelling on injected error\n" );
-            break;
-        }
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-
-        if( ! mbedtls_status_is_ssl_in_progress( ret ) )
-            break;
-
-        /* For event-driven IO, wait for socket to become available */
-        if( opt.event == 1 /* level triggered IO */ )
-        {
-#if defined(MBEDTLS_TIMING_C)
-            ret = idle( &client_fd, &timer, ret );
-#else
-            ret = idle( &client_fd, ret );
-#endif
-            if( ret != 0 )
-                goto reset;
-        }
-    }
-
-    if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED )
-    {
-        mbedtls_printf( " hello verification requested\n" );
-        ret = 0;
-        goto reset;
-    }
-    else if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret );
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-        if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED )
-        {
-            char vrfy_buf[512];
-            flags = mbedtls_ssl_get_verify_result( &ssl );
-
-            mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), "  ! ", flags );
-
-            mbedtls_printf( "%s\n", vrfy_buf );
-        }
-#endif
-
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-        if( opt.async_private_error < 0 )
-            /* Injected error only the first time round, to test reset */
-            ssl_async_keys.inject_error = SSL_ASYNC_INJECT_ERROR_NONE;
-#endif
-        goto reset;
-    }
-    else /* ret == 0 */
-    {
-        mbedtls_printf( " ok\n    [ Protocol is %s ]\n    [ Ciphersuite is %s ]\n",
-                mbedtls_ssl_get_version( &ssl ), mbedtls_ssl_get_ciphersuite( &ssl ) );
-    }
-
-    if( ( ret = mbedtls_ssl_get_record_expansion( &ssl ) ) >= 0 )
-        mbedtls_printf( "    [ Record expansion is %d ]\n", ret );
-    else
-        mbedtls_printf( "    [ Record expansion is unknown (compression) ]\n" );
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-    mbedtls_printf( "    [ Maximum input fragment length is %u ]\n",
-                    (unsigned int) mbedtls_ssl_get_input_max_frag_len( &ssl ) );
-    mbedtls_printf( "    [ Maximum output fragment length is %u ]\n",
-                    (unsigned int) mbedtls_ssl_get_output_max_frag_len( &ssl ) );
-#endif
-
-#if defined(MBEDTLS_SSL_ALPN)
-    if( opt.alpn_string != NULL )
-    {
-        const char *alp = mbedtls_ssl_get_alpn_protocol( &ssl );
-        mbedtls_printf( "    [ Application Layer Protocol is %s ]\n",
-                alp ? alp : "(none)" );
-    }
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    /*
-     * 5. Verify the client certificate
-     */
-    mbedtls_printf( "  . Verifying peer X.509 certificate..." );
-
-    if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 )
-    {
-        char vrfy_buf[512];
-
-        mbedtls_printf( " failed\n" );
-
-        mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), "  ! ", flags );
-
-        mbedtls_printf( "%s\n", vrfy_buf );
-    }
-    else
-        mbedtls_printf( " ok\n" );
-
-    if( mbedtls_ssl_get_peer_cert( &ssl ) != NULL )
-    {
-        char crt_buf[512];
-
-        mbedtls_printf( "  . Peer certificate information    ...\n" );
-        mbedtls_x509_crt_info( crt_buf, sizeof( crt_buf ), "      ",
-                       mbedtls_ssl_get_peer_cert( &ssl ) );
-        mbedtls_printf( "%s\n", crt_buf );
-    }
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-    if( opt.eap_tls != 0 )
-    {
-        size_t j = 0;
-
-        if( ( ret = mbedtls_ssl_tls_prf( eap_tls_keying.tls_prf_type,
-                                         eap_tls_keying.master_secret,
-                                         sizeof( eap_tls_keying.master_secret ),
-                                         eap_tls_label,
-                                         eap_tls_keying.randbytes,
-                                         sizeof( eap_tls_keying.randbytes ),
-                                         eap_tls_keymaterial,
-                                         sizeof( eap_tls_keymaterial ) ) )
-                                         != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
-                            (unsigned int) -ret );
-            goto reset;
-        }
-
-        mbedtls_printf( "    EAP-TLS key material is:" );
-        for( j = 0; j < sizeof( eap_tls_keymaterial ); j++ )
-        {
-            if( j % 8 == 0 )
-                mbedtls_printf("\n    ");
-            mbedtls_printf("%02x ", eap_tls_keymaterial[j] );
-        }
-        mbedtls_printf("\n");
-
-        if( ( ret = mbedtls_ssl_tls_prf( eap_tls_keying.tls_prf_type, NULL, 0,
-                                         eap_tls_label,
-                                         eap_tls_keying.randbytes,
-                                         sizeof( eap_tls_keying.randbytes ),
-                                         eap_tls_iv,
-                                         sizeof( eap_tls_iv ) ) ) != 0 )
-         {
-             mbedtls_printf( " failed\n  ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
-                             (unsigned int) -ret );
-             goto reset;
-         }
-
-        mbedtls_printf( "    EAP-TLS IV is:" );
-        for( j = 0; j < sizeof( eap_tls_iv ); j++ )
-        {
-            if( j % 8 == 0 )
-                mbedtls_printf("\n    ");
-            mbedtls_printf("%02x ", eap_tls_iv[j] );
-        }
-        mbedtls_printf("\n");
-    }
-
-#if defined( MBEDTLS_SSL_DTLS_SRTP )
-    else if( opt.use_srtp != 0  )
-    {
-        size_t j = 0;
-        mbedtls_dtls_srtp_info dtls_srtp_negotiation_result;
-        mbedtls_ssl_get_dtls_srtp_negotiation_result( &ssl, &dtls_srtp_negotiation_result );
-
-        if( dtls_srtp_negotiation_result.chosen_dtls_srtp_profile
-                                == MBEDTLS_TLS_SRTP_UNSET )
-        {
-            mbedtls_printf( "    Unable to negotiate "
-                            "the use of DTLS-SRTP\n" );
-        }
-        else
-        {
-            if( ( ret = mbedtls_ssl_tls_prf( dtls_srtp_keying.tls_prf_type,
-                                             dtls_srtp_keying.master_secret,
-                                             sizeof( dtls_srtp_keying.master_secret ),
-                                             dtls_srtp_label,
-                                             dtls_srtp_keying.randbytes,
-                                             sizeof( dtls_srtp_keying.randbytes ),
-                                             dtls_srtp_key_material,
-                                             sizeof( dtls_srtp_key_material ) ) )
-                                             != 0 )
-            {
-                mbedtls_printf( " failed\n  ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
-                                (unsigned int) -ret );
-                goto exit;
-            }
-
-            mbedtls_printf( "    DTLS-SRTP key material is:" );
-            for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ )
-            {
-                if( j % 8 == 0 )
-                    mbedtls_printf( "\n    " );
-                mbedtls_printf( "%02x ", dtls_srtp_key_material[j] );
-            }
-            mbedtls_printf( "\n" );
-
-            /* produce a less readable output used to perform automatic checks
-             * - compare client and server output
-             * - interop test with openssl which client produces this kind of output
-             */
-            mbedtls_printf( "    Keying material: " );
-            for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ )
-            {
-                mbedtls_printf( "%02X", dtls_srtp_key_material[j] );
-            }
-            mbedtls_printf( "\n" );
-
-            if ( dtls_srtp_negotiation_result.mki_len > 0 )
-            {
-                mbedtls_printf( "    DTLS-SRTP mki value: " );
-                for( j = 0; j < dtls_srtp_negotiation_result.mki_len; j++ )
-                {
-                    mbedtls_printf( "%02X", dtls_srtp_negotiation_result.mki_value[j] );
-                }
-            }
-            else
-            {
-                mbedtls_printf( "    DTLS-SRTP no mki value negotiated" );
-            }
-            mbedtls_printf( "\n" );
-
-        }
-    }
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    ret = report_cid_usage( &ssl, "initial handshake" );
-    if( ret != 0 )
-        goto exit;
-
-    if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        if( ( ret = mbedtls_ssl_set_cid( &ssl, opt.cid_enabled_renego,
-                                         cid_renego, cid_renego_len ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_set_cid returned %d\n\n",
-                            ret );
-            goto exit;
-        }
-    }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#if defined(MBEDTLS_MEMORY_DEBUG)
-    mbedtls_memory_buffer_alloc_cur_get( &current_heap_memory, &heap_blocks );
-    mbedtls_memory_buffer_alloc_max_get( &peak_heap_memory, &heap_blocks );
-    mbedtls_printf( "Heap memory usage after handshake: %lu bytes. Peak memory usage was %lu\n",
-                    (unsigned long) current_heap_memory, (unsigned long) peak_heap_memory );
-#endif  /* MBEDTLS_MEMORY_DEBUG */
-
-    if( opt.exchanges == 0 )
-        goto close_notify;
-
-    exchanges_left = opt.exchanges;
-data_exchange:
-    /*
-     * 6. Read the HTTP Request
-     */
-    mbedtls_printf( "  < Read from client:" );
-    fflush( stdout );
-
-    /*
-     * TLS and DTLS need different reading styles (stream vs datagram)
-     */
-    if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM )
-    {
-        do
-        {
-            int terminated = 0;
-            len = opt.buffer_size - 1;
-            memset( buf, 0, opt.buffer_size );
-            ret = mbedtls_ssl_read( &ssl, buf, len );
-
-            if( mbedtls_status_is_ssl_in_progress( ret ) )
-            {
-                if( opt.event == 1 /* level triggered IO */ )
-                {
-#if defined(MBEDTLS_TIMING_C)
-                    idle( &client_fd, &timer, ret );
-#else
-                    idle( &client_fd, ret );
-#endif
-                }
-
-                continue;
-            }
-
-            if( ret <= 0 )
-            {
-                switch( ret )
-                {
-                    case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
-                        mbedtls_printf( " connection was closed gracefully\n" );
-                        goto close_notify;
-
-                    case 0:
-                    case MBEDTLS_ERR_NET_CONN_RESET:
-                        mbedtls_printf( " connection was reset by peer\n" );
-                        ret = MBEDTLS_ERR_NET_CONN_RESET;
-                        goto reset;
-
-                    default:
-                        mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret );
-                        goto reset;
-                }
-            }
-
-            if( mbedtls_ssl_get_bytes_avail( &ssl ) == 0 )
-            {
-                len = ret;
-                buf[len] = '\0';
-                mbedtls_printf( " %d bytes read\n\n%s\n", len, (char *) buf );
-
-                /* End of message should be detected according to the syntax of the
-                 * application protocol (eg HTTP), just use a dummy test here. */
-                if( buf[len - 1] == '\n' )
-                    terminated = 1;
-            }
-            else
-            {
-                int extra_len, ori_len;
-                unsigned char *larger_buf;
-
-                ori_len = ret;
-                extra_len = (int) mbedtls_ssl_get_bytes_avail( &ssl );
-
-                larger_buf = mbedtls_calloc( 1, ori_len + extra_len + 1 );
-                if( larger_buf == NULL )
-                {
-                    mbedtls_printf( "  ! memory allocation failed\n" );
-                    ret = 1;
-                    goto reset;
-                }
-
-                memset( larger_buf, 0, ori_len + extra_len );
-                memcpy( larger_buf, buf, ori_len );
-
-                /* This read should never fail and get the whole cached data */
-                ret = mbedtls_ssl_read( &ssl, larger_buf + ori_len, extra_len );
-                if( ret != extra_len ||
-                    mbedtls_ssl_get_bytes_avail( &ssl ) != 0 )
-                {
-                    mbedtls_printf( "  ! mbedtls_ssl_read failed on cached data\n" );
-                    ret = 1;
-                    goto reset;
-                }
-
-                larger_buf[ori_len + extra_len] = '\0';
-                mbedtls_printf( " %d bytes read (%d + %d)\n\n%s\n",
-                        ori_len + extra_len, ori_len, extra_len,
-                        (char *) larger_buf );
-
-                /* End of message should be detected according to the syntax of the
-                 * application protocol (eg HTTP), just use a dummy test here. */
-                if( larger_buf[ori_len + extra_len - 1] == '\n' )
-                    terminated = 1;
-
-                mbedtls_free( larger_buf );
-            }
-
-            if( terminated )
-            {
-                ret = 0;
-                break;
-            }
-        }
-        while( 1 );
-    }
-    else /* Not stream, so datagram */
-    {
-        len = opt.buffer_size - 1;
-        memset( buf, 0, opt.buffer_size );
-
-        do
-        {
-            /* Without the call to `mbedtls_ssl_check_pending`, it might
-             * happen that the client sends application data in the same
-             * datagram as the Finished message concluding the handshake.
-             * In this case, the application data would be ready to be
-             * processed while the underlying transport wouldn't signal
-             * any further incoming data.
-             *
-             * See the test 'Event-driven I/O: session-id resume, UDP packing'
-             * in tests/ssl-opt.sh.
-             */
-
-            /* For event-driven IO, wait for socket to become available */
-            if( mbedtls_ssl_check_pending( &ssl ) == 0 &&
-                opt.event == 1 /* level triggered IO */ )
-            {
-#if defined(MBEDTLS_TIMING_C)
-                idle( &client_fd, &timer, MBEDTLS_ERR_SSL_WANT_READ );
-#else
-                idle( &client_fd, MBEDTLS_ERR_SSL_WANT_READ );
-#endif
-            }
-
-            ret = mbedtls_ssl_read( &ssl, buf, len );
-
-            /* Note that even if `mbedtls_ssl_check_pending` returns true,
-             * it can happen that the subsequent call to `mbedtls_ssl_read`
-             * returns `MBEDTLS_ERR_SSL_WANT_READ`, because the pending messages
-             * might be discarded (e.g. because they are retransmissions). */
-        }
-        while( mbedtls_status_is_ssl_in_progress( ret ) );
-
-        if( ret <= 0 )
-        {
-            switch( ret )
-            {
-                case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
-                    mbedtls_printf( " connection was closed gracefully\n" );
-                    ret = 0;
-                    goto close_notify;
-
-                default:
-                    mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret );
-                    goto reset;
-            }
-        }
-
-        len = ret;
-        buf[len] = '\0';
-        mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf );
-        ret = 0;
-    }
-
-    /*
-     * 7a. Request renegotiation while client is waiting for input from us.
-     * (only on the first exchange, to be able to test retransmission)
-     */
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( opt.renegotiate && exchanges_left == opt.exchanges )
-    {
-        mbedtls_printf( "  . Requestion renegotiation..." );
-        fflush( stdout );
-
-        while( ( ret = mbedtls_ssl_renegotiate( &ssl ) ) != 0 )
-        {
-            if( ! mbedtls_status_is_ssl_in_progress( ret ) )
-            {
-                mbedtls_printf( " failed\n  ! mbedtls_ssl_renegotiate returned %d\n\n", ret );
-                goto reset;
-            }
-
-            /* For event-driven IO, wait for socket to become available */
-            if( opt.event == 1 /* level triggered IO */ )
-            {
-#if defined(MBEDTLS_TIMING_C)
-                idle( &client_fd, &timer, ret );
-#else
-                idle( &client_fd, ret );
-#endif
-            }
-        }
-
-        mbedtls_printf( " ok\n" );
-    }
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    ret = report_cid_usage( &ssl, "after renegotiation" );
-    if( ret != 0 )
-        goto exit;
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-    /*
-     * 7. Write the 200 Response
-     */
-    mbedtls_printf( "  > Write to client:" );
-    fflush( stdout );
-
-    len = sprintf( (char *) buf, HTTP_RESPONSE,
-                   mbedtls_ssl_get_ciphersuite( &ssl ) );
-
-    /* Add padding to the response to reach opt.response_size in length */
-    if( opt.response_size != DFL_RESPONSE_SIZE &&
-        len < opt.response_size )
-    {
-        memset( buf + len, 'B', opt.response_size - len );
-        len += opt.response_size - len;
-    }
-
-    /* Truncate if response size is smaller than the "natural" size */
-    if( opt.response_size != DFL_RESPONSE_SIZE &&
-        len > opt.response_size )
-    {
-        len = opt.response_size;
-
-        /* Still end with \r\n unless that's really not possible */
-        if( len >= 2 ) buf[len - 2] = '\r';
-        if( len >= 1 ) buf[len - 1] = '\n';
-    }
-
-    if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM )
-    {
-        for( written = 0, frags = 0; written < len; written += ret, frags++ )
-        {
-            while( ( ret = mbedtls_ssl_write( &ssl, buf + written, len - written ) )
-                           <= 0 )
-            {
-                if( ret == MBEDTLS_ERR_NET_CONN_RESET )
-                {
-                    mbedtls_printf( " failed\n  ! peer closed the connection\n\n" );
-                    goto reset;
-                }
-
-                if( ! mbedtls_status_is_ssl_in_progress( ret ) )
-                {
-                    mbedtls_printf( " failed\n  ! mbedtls_ssl_write returned %d\n\n", ret );
-                    goto reset;
-                }
-
-                /* For event-driven IO, wait for socket to become available */
-                if( opt.event == 1 /* level triggered IO */ )
-                {
-#if defined(MBEDTLS_TIMING_C)
-                    idle( &client_fd, &timer, ret );
-#else
-                    idle( &client_fd, ret );
-#endif
-                }
-            }
-        }
-    }
-    else /* Not stream, so datagram */
-    {
-        while( 1 )
-        {
-            ret = mbedtls_ssl_write( &ssl, buf, len );
-
-            if( ! mbedtls_status_is_ssl_in_progress( ret ) )
-                break;
-
-            /* For event-driven IO, wait for socket to become available */
-            if( opt.event == 1 /* level triggered IO */ )
-            {
-#if defined(MBEDTLS_TIMING_C)
-                idle( &client_fd, &timer, ret );
-#else
-                idle( &client_fd, ret );
-#endif
-            }
-        }
-
-        if( ret < 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_write returned %d\n\n", ret );
-            goto reset;
-        }
-
-        frags = 1;
-        written = ret;
-    }
-
-    buf[written] = '\0';
-    mbedtls_printf( " %d bytes written in %d fragments\n\n%s\n", written, frags, (char *) buf );
-    ret = 0;
-
-    /*
-     * 7b. Simulate serialize/deserialize and go back to data exchange
-     */
-#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
-    if( opt.serialize != 0 )
-    {
-        size_t buf_len;
-
-        mbedtls_printf( "  . Serializing live connection..." );
-
-        ret = mbedtls_ssl_context_save( &ssl, NULL, 0, &buf_len );
-        if( ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_context_save returned "
-                            "-0x%x\n\n", (unsigned int) -ret );
-
-            goto exit;
-        }
-
-        if( ( context_buf = mbedtls_calloc( 1, buf_len ) ) == NULL )
-        {
-            mbedtls_printf( " failed\n  ! Couldn't allocate buffer for "
-                            "serialized context" );
-
-            goto exit;
-        }
-        context_buf_len = buf_len;
-
-        if( ( ret = mbedtls_ssl_context_save( &ssl, context_buf,
-                                              buf_len, &buf_len ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_context_save returned "
-                            "-0x%x\n\n", (unsigned int) -ret );
-
-            goto exit;
-        }
-
-        mbedtls_printf( " ok\n" );
-
-        /* Save serialized context to the 'opt.context_file' as a base64 code */
-        if( 0 < strlen( opt.context_file ) )
-        {
-            FILE *b64_file;
-            uint8_t *b64_buf;
-            size_t b64_len;
-
-            mbedtls_printf( "  . Save serialized context to a file... " );
-
-            mbedtls_base64_encode( NULL, 0, &b64_len, context_buf, buf_len );
-
-            if( ( b64_buf = mbedtls_calloc( 1, b64_len ) ) == NULL )
-            {
-                mbedtls_printf( "failed\n  ! Couldn't allocate buffer for "
-                                "the base64 code\n" );
-                goto exit;
-            }
-
-            if( ( ret = mbedtls_base64_encode( b64_buf, b64_len, &b64_len,
-                                               context_buf, buf_len ) ) != 0 )
-            {
-                mbedtls_printf( "failed\n  ! mbedtls_base64_encode returned "
-                            "-0x%x\n", (unsigned int) -ret );
-                mbedtls_free( b64_buf );
-                goto exit;
-            }
-
-            if( ( b64_file = fopen( opt.context_file, "w" ) ) == NULL )
-            {
-                mbedtls_printf( "failed\n  ! Cannot open '%s' for writing.\n",
-                                opt.context_file );
-                mbedtls_free( b64_buf );
-                goto exit;
-            }
-
-            if( b64_len != fwrite( b64_buf, 1, b64_len, b64_file ) )
-            {
-                mbedtls_printf( "failed\n  ! fwrite(%ld bytes) failed\n",
-                                (long) b64_len );
-                mbedtls_free( b64_buf );
-                fclose( b64_file );
-                goto exit;
-            }
-
-            mbedtls_free( b64_buf );
-            fclose( b64_file );
-
-            mbedtls_printf( "ok\n" );
-        }
-
-        /*
-         * This simulates a workflow where you have a long-lived server
-         * instance, potentially with a pool of ssl_context objects, and you
-         * just want to re-use one while the connection is inactive: in that
-         * case you can just reset() it, and then it's ready to receive
-         * serialized data from another connection (or the same here).
-         */
-        if( opt.serialize == 1 )
-        {
-            /* nothing to do here, done by context_save() already */
-            mbedtls_printf( "  . Context has been reset... ok\n" );
-        }
-
-        /*
-         * This simulates a workflow where you have one server instance per
-         * connection, and want to release it entire when the connection is
-         * inactive, and spawn it again when needed again - this would happen
-         * between ssl_free() and ssl_init() below, together with any other
-         * teardown/startup code needed - for example, preparing the
-         * ssl_config again (see section 3 "setup stuff" in this file).
-         */
-        if( opt.serialize == 2 )
-        {
-            mbedtls_printf( "  . Freeing and reinitializing context..." );
-
-            mbedtls_ssl_free( &ssl );
-
-            mbedtls_ssl_init( &ssl );
-
-            if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
-            {
-                mbedtls_printf( " failed\n  ! mbedtls_ssl_setup returned "
-                                "-0x%x\n\n", (unsigned int) -ret );
-                goto exit;
-            }
-
-            /*
-             * This illustrates the minimum amount of things you need to set
-             * up, however you could set up much more if desired, for example
-             * if you want to share your set up code between the case of
-             * establishing a new connection and this case.
-             */
-            if( opt.nbio == 2 )
-                mbedtls_ssl_set_bio( &ssl, &client_fd, delayed_send,
-                                     delayed_recv, NULL );
-            else
-                mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send,
-                            mbedtls_net_recv,
-                            opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL );
-
-#if defined(MBEDTLS_TIMING_C)
-                mbedtls_ssl_set_timer_cb( &ssl, &timer,
-                                          mbedtls_timing_set_delay,
-                                          mbedtls_timing_get_delay );
-#endif /* MBEDTLS_TIMING_C */
-
-            mbedtls_printf( " ok\n" );
-        }
-
-        mbedtls_printf( "  . Deserializing connection..." );
-
-        if( ( ret = mbedtls_ssl_context_load( &ssl, context_buf,
-                                              buf_len ) ) != 0 )
-        {
-            mbedtls_printf( "failed\n  ! mbedtls_ssl_context_load returned "
-                            "-0x%x\n\n", (unsigned int) -ret );
-
-            goto exit;
-        }
-
-        mbedtls_free( context_buf );
-        context_buf = NULL;
-        context_buf_len = 0;
-
-        mbedtls_printf( " ok\n" );
-    }
-#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
-
-    /*
-     * 7c. Continue doing data exchanges?
-     */
-    if( --exchanges_left > 0 )
-        goto data_exchange;
-
-    /*
-     * 8. Done, cleanly close the connection
-     */
-close_notify:
-    mbedtls_printf( "  . Closing the connection..." );
-
-    /* No error checking, the connection might be closed already */
-    do ret = mbedtls_ssl_close_notify( &ssl );
-    while( ret == MBEDTLS_ERR_SSL_WANT_WRITE );
-    ret = 0;
-
-    mbedtls_printf( " done\n" );
-
-    goto reset;
-
-    /*
-     * Cleanup and exit
-     */
-exit:
-#ifdef MBEDTLS_ERROR_C
-    if( ret != 0 )
-    {
-        char error_buf[100];
-        mbedtls_strerror( ret, error_buf, 100 );
-        mbedtls_printf("Last error was: -0x%X - %s\n\n", (unsigned int) -ret, error_buf );
-    }
-#endif
-
-    if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE )
-    {
-        mbedtls_printf( "  . Cleaning up..." );
-        fflush( stdout );
-    }
-
-    mbedtls_net_free( &client_fd );
-    mbedtls_net_free( &listen_fd );
-
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
-    mbedtls_dhm_free( &dhm );
-#endif
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    mbedtls_x509_crt_free( &cacert );
-    mbedtls_x509_crt_free( &srvcert );
-    mbedtls_pk_free( &pkey );
-    mbedtls_x509_crt_free( &srvcert2 );
-    mbedtls_pk_free( &pkey2 );
-#endif
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-    for( i = 0; (size_t) i < ssl_async_keys.slots_used; i++ )
-    {
-        if( ssl_async_keys.slots[i].pk_owned )
-        {
-            mbedtls_pk_free( ssl_async_keys.slots[i].pk );
-            mbedtls_free( ssl_async_keys.slots[i].pk );
-            ssl_async_keys.slots[i].pk = NULL;
-        }
-    }
-#endif
-#if defined(SNI_OPTION)
-    sni_free( sni_info );
-#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-    ret = psk_free( psk_info );
-    if( ( ret != 0 ) && ( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) )
-        mbedtls_printf( "Failed to list of opaque PSKs - error was %d\n", ret );
-#endif
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
-    mbedtls_dhm_free( &dhm );
-#endif
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) && \
-    defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( opt.psk_opaque != 0 )
-    {
-        /* This is ok even if the slot hasn't been
-         * initialized (we might have jumed here
-         * immediately because of bad cmd line params,
-         * for example). */
-        status = psa_destroy_key( psk_slot );
-        if( ( status != PSA_SUCCESS ) &&
-            ( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) )
-        {
-            mbedtls_printf( "Failed to destroy key slot %u - error was %d",
-                            (unsigned) psk_slot, (int) status );
-        }
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED &&
-          MBEDTLS_USE_PSA_CRYPTO */
-
-    mbedtls_ssl_free( &ssl );
-    mbedtls_ssl_config_free( &conf );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-#if defined(MBEDTLS_SSL_CACHE_C)
-    mbedtls_ssl_cache_free( &cache );
-#endif
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    mbedtls_ssl_ticket_free( &ticket_ctx );
-#endif
-#if defined(MBEDTLS_SSL_COOKIE_C)
-    mbedtls_ssl_cookie_free( &cookie_ctx );
-#endif
-
-    mbedtls_free( buf );
-
-#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
-    if( context_buf != NULL )
-        mbedtls_platform_zeroize( context_buf, context_buf_len );
-    mbedtls_free( context_buf );
-#endif
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-#if defined(MBEDTLS_MEMORY_DEBUG)
-    mbedtls_memory_buffer_alloc_status();
-#endif
-    mbedtls_memory_buffer_alloc_free();
-#endif
-
-    if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE )
-    {
-        mbedtls_printf( " done.\n" );
-
-#if defined(_WIN32)
-        mbedtls_printf( "  + Press Enter to exit this program.\n" );
-        fflush( stdout ); getchar();
-#endif
-    }
-
-    // Shell can not handle large exit numbers -> 1 for errors
-    if( ret < 0 )
-        ret = 1;
-
-    if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE )
-        mbedtls_exit( ret );
-    else
-        mbedtls_exit( query_config_ret );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
-          MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
-          MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/test/CMakeLists.txt b/3rdparty/mbedtls-2.25.0/programs/test/CMakeLists.txt
deleted file mode 100644
index 49b44e7..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/test/CMakeLists.txt
+++ /dev/null
@@ -1,45 +0,0 @@
-set(libs
-    ${mbedtls_target}
-)
-
-if(USE_PKCS11_HELPER_LIBRARY)
-    set(libs ${libs} pkcs11-helper)
-endif(USE_PKCS11_HELPER_LIBRARY)
-
-if(ENABLE_ZLIB_SUPPORT)
-    set(libs ${libs} ${ZLIB_LIBRARIES})
-endif(ENABLE_ZLIB_SUPPORT)
-
-set(executables_libs
-    selftest
-    udp_proxy
-)
-
-set(executables_mbedcrypto
-    benchmark
-    query_compile_time_config
-    zeroize
-)
-
-if(TEST_CPP)
-    list(APPEND executables_mbedcrypto cpp_dummy_build)
-endif()
-
-foreach(exe IN LISTS executables_libs executables_mbedcrypto)
-    add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
-
-    # This emulates "if ( ... IN_LIST ... )" which becomes available in CMake 3.3
-    list(FIND executables_libs ${exe} exe_index)
-    if (${exe_index} GREATER -1)
-        target_link_libraries(${exe} ${libs})
-    else()
-        target_link_libraries(${exe} ${mbedcrypto_target})
-    endif()
-endforeach()
-
-set_property(TARGET query_compile_time_config APPEND PROPERTY SOURCES
-             ${CMAKE_CURRENT_SOURCE_DIR}/query_config.c)
-
-install(TARGETS ${executables_libs} ${executables_mbedcrypto}
-        DESTINATION "bin"
-        PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/3rdparty/mbedtls-2.25.0/programs/test/benchmark.c b/3rdparty/mbedtls-2.25.0/programs/test/benchmark.c
deleted file mode 100644
index 251cbb6..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/test/benchmark.c
+++ /dev/null
@@ -1,1069 +0,0 @@
-/*
- *  Benchmark demonstration program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/platform.h"
-#if !defined(MBEDTLS_PLATFORM_C)
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_exit       exit
-#define mbedtls_printf     printf
-#define mbedtls_free       free
-#endif
-
-#if !defined(MBEDTLS_TIMING_C)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_TIMING_C not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-#include <string.h>
-#include <stdlib.h>
-
-#include "mbedtls/timing.h"
-
-#include "mbedtls/md4.h"
-#include "mbedtls/md5.h"
-#include "mbedtls/ripemd160.h"
-#include "mbedtls/sha1.h"
-#include "mbedtls/sha256.h"
-#include "mbedtls/sha512.h"
-
-#include "mbedtls/arc4.h"
-#include "mbedtls/des.h"
-#include "mbedtls/aes.h"
-#include "mbedtls/aria.h"
-#include "mbedtls/blowfish.h"
-#include "mbedtls/camellia.h"
-#include "mbedtls/chacha20.h"
-#include "mbedtls/gcm.h"
-#include "mbedtls/ccm.h"
-#include "mbedtls/chachapoly.h"
-#include "mbedtls/cmac.h"
-#include "mbedtls/poly1305.h"
-
-#include "mbedtls/havege.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/hmac_drbg.h"
-
-#include "mbedtls/rsa.h"
-#include "mbedtls/dhm.h"
-#include "mbedtls/ecdsa.h"
-#include "mbedtls/ecdh.h"
-
-#include "mbedtls/error.h"
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-#include "mbedtls/memory_buffer_alloc.h"
-#endif
-
-/*
- * For heap usage estimates, we need an estimate of the overhead per allocated
- * block. ptmalloc2/3 (used in gnu libc for instance) uses 2 size_t per block,
- * so use that as our baseline.
- */
-#define MEM_BLOCK_OVERHEAD  ( 2 * sizeof( size_t ) )
-
-/*
- * Size to use for the alloc buffer if MEMORY_BUFFER_ALLOC_C is defined.
- */
-#define HEAP_SIZE       (1u << 16)  /* 64k */
-
-#define BUFSIZE         1024
-#define HEADER_FORMAT   "  %-24s :  "
-#define TITLE_LEN       25
-
-#define OPTIONS                                                         \
-    "md4, md5, ripemd160, sha1, sha256, sha512,\n"                      \
-    "arc4, des3, des, camellia, blowfish, chacha20,\n"                  \
-    "aes_cbc, aes_gcm, aes_ccm, aes_xts, chachapoly,\n"                 \
-    "aes_cmac, des3_cmac, poly1305\n"                                   \
-    "havege, ctr_drbg, hmac_drbg\n"                                     \
-    "rsa, dhm, ecdsa, ecdh.\n"
-
-#if defined(MBEDTLS_ERROR_C)
-#define PRINT_ERROR                                                     \
-        mbedtls_strerror( ret, ( char * )tmp, sizeof( tmp ) );          \
-        mbedtls_printf( "FAILED: %s\n", tmp );
-#else
-#define PRINT_ERROR                                                     \
-        mbedtls_printf( "FAILED: -0x%04x\n", (unsigned int) -ret );
-#endif
-
-#define TIME_AND_TSC( TITLE, CODE )                                     \
-do {                                                                    \
-    unsigned long ii, jj, tsc;                                          \
-    int ret = 0;                                                        \
-                                                                        \
-    mbedtls_printf( HEADER_FORMAT, TITLE );                             \
-    fflush( stdout );                                                   \
-                                                                        \
-    mbedtls_set_alarm( 1 );                                             \
-    for( ii = 1; ret == 0 && ! mbedtls_timing_alarmed; ii++ )           \
-    {                                                                   \
-        ret = CODE;                                                     \
-    }                                                                   \
-                                                                        \
-    tsc = mbedtls_timing_hardclock();                                   \
-    for( jj = 0; ret == 0 && jj < 1024; jj++ )                          \
-    {                                                                   \
-        ret = CODE;                                                     \
-    }                                                                   \
-                                                                        \
-    if( ret != 0 )                                                      \
-    {                                                                   \
-        PRINT_ERROR;                                                    \
-    }                                                                   \
-    else                                                                \
-    {                                                                   \
-        mbedtls_printf( "%9lu KiB/s,  %9lu cycles/byte\n",              \
-                         ii * BUFSIZE / 1024,                           \
-                         ( mbedtls_timing_hardclock() - tsc )           \
-                         / ( jj * BUFSIZE ) );                          \
-    }                                                                   \
-} while( 0 )
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && defined(MBEDTLS_MEMORY_DEBUG)
-
-/* How much space to reserve for the title when printing heap usage results.
- * Updated manually as the output of the following command:
- *
- *  sed -n 's/.*[T]IME_PUBLIC.*"\(.*\)",/\1/p' programs/test/benchmark.c |
- *      awk '{print length+2}' | sort -rn | head -n1
- *
- * This computes the maximum length of a title +2 (because we appends "/s").
- * (If the value is too small, the only consequence is poor alignement.) */
-#define TITLE_SPACE 16
-
-#define MEMORY_MEASURE_INIT                                             \
-    size_t max_used, max_blocks, max_bytes;                             \
-    size_t prv_used, prv_blocks;                                        \
-    mbedtls_memory_buffer_alloc_cur_get( &prv_used, &prv_blocks );      \
-    mbedtls_memory_buffer_alloc_max_reset( );
-
-#define MEMORY_MEASURE_PRINT( title_len )                               \
-    mbedtls_memory_buffer_alloc_max_get( &max_used, &max_blocks );      \
-    ii = TITLE_SPACE > (title_len) ? TITLE_SPACE - (title_len) : 1;     \
-    while( ii-- ) mbedtls_printf( " " );                                \
-    max_used -= prv_used;                                               \
-    max_blocks -= prv_blocks;                                           \
-    max_bytes = max_used + MEM_BLOCK_OVERHEAD * max_blocks;             \
-    mbedtls_printf( "%6u heap bytes", (unsigned) max_bytes );
-
-#else
-#define MEMORY_MEASURE_INIT
-#define MEMORY_MEASURE_PRINT( title_len )
-#endif
-
-#define TIME_PUBLIC( TITLE, TYPE, CODE )                                \
-do {                                                                    \
-    unsigned long ii;                                                   \
-    int ret;                                                            \
-    MEMORY_MEASURE_INIT;                                                \
-                                                                        \
-    mbedtls_printf( HEADER_FORMAT, TITLE );                             \
-    fflush( stdout );                                                   \
-    mbedtls_set_alarm( 3 );                                             \
-                                                                        \
-    ret = 0;                                                            \
-    for( ii = 1; ! mbedtls_timing_alarmed && ! ret ; ii++ )             \
-    {                                                                   \
-        CODE;                                                           \
-    }                                                                   \
-                                                                        \
-    if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED )               \
-    {                                                                   \
-        mbedtls_printf( "Feature Not Supported. Skipping.\n" );         \
-        ret = 0;                                                        \
-    }                                                                   \
-    else if( ret != 0 )                                                 \
-    {                                                                   \
-        PRINT_ERROR;                                                    \
-    }                                                                   \
-    else                                                                \
-    {                                                                   \
-        mbedtls_printf( "%6lu " TYPE "/s", ii / 3 );                    \
-        MEMORY_MEASURE_PRINT( sizeof( TYPE ) + 1 );                     \
-        mbedtls_printf( "\n" );                                         \
-    }                                                                   \
-} while( 0 )
-
-static int myrand( void *rng_state, unsigned char *output, size_t len )
-{
-    size_t use_len;
-    int rnd;
-
-    if( rng_state != NULL )
-        rng_state  = NULL;
-
-    while( len > 0 )
-    {
-        use_len = len;
-        if( use_len > sizeof(int) )
-            use_len = sizeof(int);
-
-        rnd = rand();
-        memcpy( output, &rnd, use_len );
-        output += use_len;
-        len -= use_len;
-    }
-
-    return( 0 );
-}
-
-#define CHECK_AND_CONTINUE( R )                                         \
-    {                                                                   \
-        int CHECK_AND_CONTINUE_ret = ( R );                             \
-        if( CHECK_AND_CONTINUE_ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) { \
-            mbedtls_printf( "Feature not supported. Skipping.\n" );     \
-            continue;                                                   \
-        }                                                               \
-        else if( CHECK_AND_CONTINUE_ret != 0 ) {                        \
-            mbedtls_exit( 1 );                                          \
-        }                                                               \
-    }
-
-/*
- * Clear some memory that was used to prepare the context
- */
-#if defined(MBEDTLS_ECP_C)
-void ecp_clear_precomputed( mbedtls_ecp_group *grp )
-{
-    if( grp->T != NULL )
-    {
-        size_t i;
-        for( i = 0; i < grp->T_size; i++ )
-            mbedtls_ecp_point_free( &grp->T[i] );
-        mbedtls_free( grp->T );
-    }
-    grp->T = NULL;
-    grp->T_size = 0;
-}
-#else
-#define ecp_clear_precomputed( g )
-#endif
-
-unsigned char buf[BUFSIZE];
-
-typedef struct {
-    char md4, md5, ripemd160, sha1, sha256, sha512,
-         arc4, des3, des,
-         aes_cbc, aes_gcm, aes_ccm, aes_xts, chachapoly,
-         aes_cmac, des3_cmac,
-         aria, camellia, blowfish, chacha20,
-         poly1305,
-         havege, ctr_drbg, hmac_drbg,
-         rsa, dhm, ecdsa, ecdh;
-} todo_list;
-
-
-int main( int argc, char *argv[] )
-{
-    int i;
-    unsigned char tmp[200];
-    char title[TITLE_LEN];
-    todo_list todo;
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-    unsigned char alloc_buf[HEAP_SIZE] = { 0 };
-#endif
-
-    if( argc <= 1 )
-    {
-        memset( &todo, 1, sizeof( todo ) );
-    }
-    else
-    {
-        memset( &todo, 0, sizeof( todo ) );
-
-        for( i = 1; i < argc; i++ )
-        {
-            if( strcmp( argv[i], "md4" ) == 0 )
-                todo.md4 = 1;
-            else if( strcmp( argv[i], "md5" ) == 0 )
-                todo.md5 = 1;
-            else if( strcmp( argv[i], "ripemd160" ) == 0 )
-                todo.ripemd160 = 1;
-            else if( strcmp( argv[i], "sha1" ) == 0 )
-                todo.sha1 = 1;
-            else if( strcmp( argv[i], "sha256" ) == 0 )
-                todo.sha256 = 1;
-            else if( strcmp( argv[i], "sha512" ) == 0 )
-                todo.sha512 = 1;
-            else if( strcmp( argv[i], "arc4" ) == 0 )
-                todo.arc4 = 1;
-            else if( strcmp( argv[i], "des3" ) == 0 )
-                todo.des3 = 1;
-            else if( strcmp( argv[i], "des" ) == 0 )
-                todo.des = 1;
-            else if( strcmp( argv[i], "aes_cbc" ) == 0 )
-                todo.aes_cbc = 1;
-            else if( strcmp( argv[i], "aes_xts" ) == 0 )
-                todo.aes_xts = 1;
-            else if( strcmp( argv[i], "aes_gcm" ) == 0 )
-                todo.aes_gcm = 1;
-            else if( strcmp( argv[i], "aes_ccm" ) == 0 )
-                todo.aes_ccm = 1;
-            else if( strcmp( argv[i], "chachapoly" ) == 0 )
-                todo.chachapoly = 1;
-            else if( strcmp( argv[i], "aes_cmac" ) == 0 )
-                todo.aes_cmac = 1;
-            else if( strcmp( argv[i], "des3_cmac" ) == 0 )
-                todo.des3_cmac = 1;
-            else if( strcmp( argv[i], "aria" ) == 0 )
-                todo.aria = 1;
-            else if( strcmp( argv[i], "camellia" ) == 0 )
-                todo.camellia = 1;
-            else if( strcmp( argv[i], "blowfish" ) == 0 )
-                todo.blowfish = 1;
-            else if( strcmp( argv[i], "chacha20" ) == 0 )
-                todo.chacha20 = 1;
-            else if( strcmp( argv[i], "poly1305" ) == 0 )
-                todo.poly1305 = 1;
-            else if( strcmp( argv[i], "havege" ) == 0 )
-                todo.havege = 1;
-            else if( strcmp( argv[i], "ctr_drbg" ) == 0 )
-                todo.ctr_drbg = 1;
-            else if( strcmp( argv[i], "hmac_drbg" ) == 0 )
-                todo.hmac_drbg = 1;
-            else if( strcmp( argv[i], "rsa" ) == 0 )
-                todo.rsa = 1;
-            else if( strcmp( argv[i], "dhm" ) == 0 )
-                todo.dhm = 1;
-            else if( strcmp( argv[i], "ecdsa" ) == 0 )
-                todo.ecdsa = 1;
-            else if( strcmp( argv[i], "ecdh" ) == 0 )
-                todo.ecdh = 1;
-            else
-            {
-                mbedtls_printf( "Unrecognized option: %s\n", argv[i] );
-                mbedtls_printf( "Available options: " OPTIONS );
-            }
-        }
-    }
-
-    mbedtls_printf( "\n" );
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-    mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof( alloc_buf ) );
-#endif
-    memset( buf, 0xAA, sizeof( buf ) );
-    memset( tmp, 0xBB, sizeof( tmp ) );
-
-#if defined(MBEDTLS_MD4_C)
-    if( todo.md4 )
-        TIME_AND_TSC( "MD4", mbedtls_md4_ret( buf, BUFSIZE, tmp ) );
-#endif
-
-#if defined(MBEDTLS_MD5_C)
-    if( todo.md5 )
-        TIME_AND_TSC( "MD5", mbedtls_md5_ret( buf, BUFSIZE, tmp ) );
-#endif
-
-#if defined(MBEDTLS_RIPEMD160_C)
-    if( todo.ripemd160 )
-        TIME_AND_TSC( "RIPEMD160", mbedtls_ripemd160_ret( buf, BUFSIZE, tmp ) );
-#endif
-
-#if defined(MBEDTLS_SHA1_C)
-    if( todo.sha1 )
-        TIME_AND_TSC( "SHA-1", mbedtls_sha1_ret( buf, BUFSIZE, tmp ) );
-#endif
-
-#if defined(MBEDTLS_SHA256_C)
-    if( todo.sha256 )
-        TIME_AND_TSC( "SHA-256", mbedtls_sha256_ret( buf, BUFSIZE, tmp, 0 ) );
-#endif
-
-#if defined(MBEDTLS_SHA512_C)
-    if( todo.sha512 )
-        TIME_AND_TSC( "SHA-512", mbedtls_sha512_ret( buf, BUFSIZE, tmp, 0 ) );
-#endif
-
-#if defined(MBEDTLS_ARC4_C)
-    if( todo.arc4 )
-    {
-        mbedtls_arc4_context arc4;
-        mbedtls_arc4_init( &arc4 );
-        mbedtls_arc4_setup( &arc4, tmp, 32 );
-        TIME_AND_TSC( "ARC4", mbedtls_arc4_crypt( &arc4, BUFSIZE, buf, buf ) );
-        mbedtls_arc4_free( &arc4 );
-    }
-#endif
-
-#if defined(MBEDTLS_DES_C)
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    if( todo.des3 )
-    {
-        mbedtls_des3_context des3;
-        mbedtls_des3_init( &des3 );
-        mbedtls_des3_set3key_enc( &des3, tmp );
-        TIME_AND_TSC( "3DES",
-                mbedtls_des3_crypt_cbc( &des3, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
-        mbedtls_des3_free( &des3 );
-    }
-
-    if( todo.des )
-    {
-        mbedtls_des_context des;
-        mbedtls_des_init( &des );
-        mbedtls_des_setkey_enc( &des, tmp );
-        TIME_AND_TSC( "DES",
-                mbedtls_des_crypt_cbc( &des, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
-        mbedtls_des_free( &des );
-    }
-
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-#if defined(MBEDTLS_CMAC_C)
-    if( todo.des3_cmac )
-    {
-        unsigned char output[8];
-        const mbedtls_cipher_info_t *cipher_info;
-
-        memset( buf, 0, sizeof( buf ) );
-        memset( tmp, 0, sizeof( tmp ) );
-
-        cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_DES_EDE3_ECB );
-
-        TIME_AND_TSC( "3DES-CMAC",
-                      mbedtls_cipher_cmac( cipher_info, tmp, 192, buf,
-                      BUFSIZE, output ) );
-    }
-#endif /* MBEDTLS_CMAC_C */
-#endif /* MBEDTLS_DES_C */
-
-#if defined(MBEDTLS_AES_C)
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    if( todo.aes_cbc )
-    {
-        int keysize;
-        mbedtls_aes_context aes;
-        mbedtls_aes_init( &aes );
-        for( keysize = 128; keysize <= 256; keysize += 64 )
-        {
-            mbedtls_snprintf( title, sizeof( title ), "AES-CBC-%d", keysize );
-
-            memset( buf, 0, sizeof( buf ) );
-            memset( tmp, 0, sizeof( tmp ) );
-            mbedtls_aes_setkey_enc( &aes, tmp, keysize );
-
-            TIME_AND_TSC( title,
-                mbedtls_aes_crypt_cbc( &aes, MBEDTLS_AES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
-        }
-        mbedtls_aes_free( &aes );
-    }
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    if( todo.aes_xts )
-    {
-        int keysize;
-        mbedtls_aes_xts_context ctx;
-
-        mbedtls_aes_xts_init( &ctx );
-        for( keysize = 128; keysize <= 256; keysize += 128 )
-        {
-            mbedtls_snprintf( title, sizeof( title ), "AES-XTS-%d", keysize );
-
-            memset( buf, 0, sizeof( buf ) );
-            memset( tmp, 0, sizeof( tmp ) );
-            mbedtls_aes_xts_setkey_enc( &ctx, tmp, keysize * 2 );
-
-            TIME_AND_TSC( title,
-                    mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, BUFSIZE,
-                                           tmp, buf, buf ) );
-
-            mbedtls_aes_xts_free( &ctx );
-        }
-    }
-#endif
-#if defined(MBEDTLS_GCM_C)
-    if( todo.aes_gcm )
-    {
-        int keysize;
-        mbedtls_gcm_context gcm;
-
-        mbedtls_gcm_init( &gcm );
-        for( keysize = 128; keysize <= 256; keysize += 64 )
-        {
-            mbedtls_snprintf( title, sizeof( title ), "AES-GCM-%d", keysize );
-
-            memset( buf, 0, sizeof( buf ) );
-            memset( tmp, 0, sizeof( tmp ) );
-            mbedtls_gcm_setkey( &gcm, MBEDTLS_CIPHER_ID_AES, tmp, keysize );
-
-            TIME_AND_TSC( title,
-                    mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_ENCRYPT, BUFSIZE, tmp,
-                        12, NULL, 0, buf, buf, 16, tmp ) );
-
-            mbedtls_gcm_free( &gcm );
-        }
-    }
-#endif
-#if defined(MBEDTLS_CCM_C)
-    if( todo.aes_ccm )
-    {
-        int keysize;
-        mbedtls_ccm_context ccm;
-
-        mbedtls_ccm_init( &ccm );
-        for( keysize = 128; keysize <= 256; keysize += 64 )
-        {
-            mbedtls_snprintf( title, sizeof( title ), "AES-CCM-%d", keysize );
-
-            memset( buf, 0, sizeof( buf ) );
-            memset( tmp, 0, sizeof( tmp ) );
-            mbedtls_ccm_setkey( &ccm, MBEDTLS_CIPHER_ID_AES, tmp, keysize );
-
-            TIME_AND_TSC( title,
-                    mbedtls_ccm_encrypt_and_tag( &ccm, BUFSIZE, tmp,
-                        12, NULL, 0, buf, buf, tmp, 16 ) );
-
-            mbedtls_ccm_free( &ccm );
-        }
-    }
-#endif
-#if defined(MBEDTLS_CHACHAPOLY_C)
-    if( todo.chachapoly )
-    {
-        mbedtls_chachapoly_context chachapoly;
-
-        mbedtls_chachapoly_init( &chachapoly );
-        memset( buf, 0, sizeof( buf ) );
-        memset( tmp, 0, sizeof( tmp ) );
-
-        mbedtls_snprintf( title, sizeof( title ), "ChaCha20-Poly1305" );
-
-        mbedtls_chachapoly_setkey( &chachapoly, tmp );
-
-        TIME_AND_TSC( title,
-                mbedtls_chachapoly_encrypt_and_tag( &chachapoly,
-                    BUFSIZE, tmp, NULL, 0, buf, buf, tmp ) );
-
-        mbedtls_chachapoly_free( &chachapoly );
-    }
-#endif
-#if defined(MBEDTLS_CMAC_C)
-    if( todo.aes_cmac )
-    {
-        unsigned char output[16];
-        const mbedtls_cipher_info_t *cipher_info;
-        mbedtls_cipher_type_t cipher_type;
-        int keysize;
-
-        for( keysize = 128, cipher_type = MBEDTLS_CIPHER_AES_128_ECB;
-             keysize <= 256;
-             keysize += 64, cipher_type++ )
-        {
-            mbedtls_snprintf( title, sizeof( title ), "AES-CMAC-%d", keysize );
-
-            memset( buf, 0, sizeof( buf ) );
-            memset( tmp, 0, sizeof( tmp ) );
-
-            cipher_info = mbedtls_cipher_info_from_type( cipher_type );
-
-            TIME_AND_TSC( title,
-                          mbedtls_cipher_cmac( cipher_info, tmp, keysize,
-                                               buf, BUFSIZE, output ) );
-        }
-
-        memset( buf, 0, sizeof( buf ) );
-        memset( tmp, 0, sizeof( tmp ) );
-        TIME_AND_TSC( "AES-CMAC-PRF-128",
-                      mbedtls_aes_cmac_prf_128( tmp, 16, buf, BUFSIZE,
-                                                output ) );
-    }
-#endif /* MBEDTLS_CMAC_C */
-#endif /* MBEDTLS_AES_C */
-
-#if defined(MBEDTLS_ARIA_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
-    if( todo.aria )
-    {
-        int keysize;
-        mbedtls_aria_context aria;
-        mbedtls_aria_init( &aria );
-        for( keysize = 128; keysize <= 256; keysize += 64 )
-        {
-            mbedtls_snprintf( title, sizeof( title ), "ARIA-CBC-%d", keysize );
-
-            memset( buf, 0, sizeof( buf ) );
-            memset( tmp, 0, sizeof( tmp ) );
-            mbedtls_aria_setkey_enc( &aria, tmp, keysize );
-
-            TIME_AND_TSC( title,
-                    mbedtls_aria_crypt_cbc( &aria, MBEDTLS_ARIA_ENCRYPT,
-                        BUFSIZE, tmp, buf, buf ) );
-        }
-        mbedtls_aria_free( &aria );
-    }
-#endif
-
-#if defined(MBEDTLS_CAMELLIA_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
-    if( todo.camellia )
-    {
-        int keysize;
-        mbedtls_camellia_context camellia;
-        mbedtls_camellia_init( &camellia );
-        for( keysize = 128; keysize <= 256; keysize += 64 )
-        {
-            mbedtls_snprintf( title, sizeof( title ), "CAMELLIA-CBC-%d", keysize );
-
-            memset( buf, 0, sizeof( buf ) );
-            memset( tmp, 0, sizeof( tmp ) );
-            mbedtls_camellia_setkey_enc( &camellia, tmp, keysize );
-
-            TIME_AND_TSC( title,
-                    mbedtls_camellia_crypt_cbc( &camellia, MBEDTLS_CAMELLIA_ENCRYPT,
-                        BUFSIZE, tmp, buf, buf ) );
-        }
-        mbedtls_camellia_free( &camellia );
-    }
-#endif
-
-#if defined(MBEDTLS_CHACHA20_C)
-    if ( todo.chacha20 )
-    {
-        TIME_AND_TSC( "ChaCha20", mbedtls_chacha20_crypt( buf, buf, 0U, BUFSIZE, buf, buf ) );
-    }
-#endif
-
-#if defined(MBEDTLS_POLY1305_C)
-    if ( todo.poly1305 )
-    {
-        TIME_AND_TSC( "Poly1305", mbedtls_poly1305_mac( buf, buf, BUFSIZE, buf ) );
-    }
-#endif
-
-#if defined(MBEDTLS_BLOWFISH_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
-    if( todo.blowfish )
-    {
-        int keysize;
-        mbedtls_blowfish_context blowfish;
-        mbedtls_blowfish_init( &blowfish );
-
-        for( keysize = 128; keysize <= 256; keysize += 64 )
-        {
-            mbedtls_snprintf( title, sizeof( title ), "BLOWFISH-CBC-%d", keysize );
-
-            memset( buf, 0, sizeof( buf ) );
-            memset( tmp, 0, sizeof( tmp ) );
-            mbedtls_blowfish_setkey( &blowfish, tmp, keysize );
-
-            TIME_AND_TSC( title,
-                    mbedtls_blowfish_crypt_cbc( &blowfish, MBEDTLS_BLOWFISH_ENCRYPT, BUFSIZE,
-                        tmp, buf, buf ) );
-        }
-
-        mbedtls_blowfish_free( &blowfish );
-    }
-#endif
-
-#if defined(MBEDTLS_HAVEGE_C)
-    if( todo.havege )
-    {
-        mbedtls_havege_state hs;
-        mbedtls_havege_init( &hs );
-        TIME_AND_TSC( "HAVEGE", mbedtls_havege_random( &hs, buf, BUFSIZE ) );
-        mbedtls_havege_free( &hs );
-    }
-#endif
-
-#if defined(MBEDTLS_CTR_DRBG_C)
-    if( todo.ctr_drbg )
-    {
-        mbedtls_ctr_drbg_context ctr_drbg;
-
-        mbedtls_ctr_drbg_init( &ctr_drbg );
-        if( mbedtls_ctr_drbg_seed( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
-            mbedtls_exit(1);
-        TIME_AND_TSC( "CTR_DRBG (NOPR)",
-                mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) );
-        mbedtls_ctr_drbg_free( &ctr_drbg );
-
-        mbedtls_ctr_drbg_init( &ctr_drbg );
-        if( mbedtls_ctr_drbg_seed( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
-            mbedtls_exit(1);
-        mbedtls_ctr_drbg_set_prediction_resistance( &ctr_drbg, MBEDTLS_CTR_DRBG_PR_ON );
-        TIME_AND_TSC( "CTR_DRBG (PR)",
-                mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) );
-        mbedtls_ctr_drbg_free( &ctr_drbg );
-    }
-#endif
-
-#if defined(MBEDTLS_HMAC_DRBG_C)
-    if( todo.hmac_drbg )
-    {
-        mbedtls_hmac_drbg_context hmac_drbg;
-        const mbedtls_md_info_t *md_info;
-
-        mbedtls_hmac_drbg_init( &hmac_drbg );
-
-#if defined(MBEDTLS_SHA1_C)
-        if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL )
-            mbedtls_exit(1);
-
-        if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
-            mbedtls_exit(1);
-        TIME_AND_TSC( "HMAC_DRBG SHA-1 (NOPR)",
-                mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) );
-
-        if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
-            mbedtls_exit(1);
-        mbedtls_hmac_drbg_set_prediction_resistance( &hmac_drbg,
-                                             MBEDTLS_HMAC_DRBG_PR_ON );
-        TIME_AND_TSC( "HMAC_DRBG SHA-1 (PR)",
-                mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) );
-#endif
-
-#if defined(MBEDTLS_SHA256_C)
-        if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ) ) == NULL )
-            mbedtls_exit(1);
-
-        if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
-            mbedtls_exit(1);
-        TIME_AND_TSC( "HMAC_DRBG SHA-256 (NOPR)",
-                mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) );
-
-        if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
-            mbedtls_exit(1);
-        mbedtls_hmac_drbg_set_prediction_resistance( &hmac_drbg,
-                                             MBEDTLS_HMAC_DRBG_PR_ON );
-        TIME_AND_TSC( "HMAC_DRBG SHA-256 (PR)",
-                mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) );
-#endif
-        mbedtls_hmac_drbg_free( &hmac_drbg );
-    }
-#endif
-
-#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
-    if( todo.rsa )
-    {
-        int keysize;
-        mbedtls_rsa_context rsa;
-        for( keysize = 2048; keysize <= 4096; keysize *= 2 )
-        {
-            mbedtls_snprintf( title, sizeof( title ), "RSA-%d", keysize );
-
-            mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
-            mbedtls_rsa_gen_key( &rsa, myrand, NULL, keysize, 65537 );
-
-            TIME_PUBLIC( title, " public",
-                    buf[0] = 0;
-                    ret = mbedtls_rsa_public( &rsa, buf, buf ) );
-
-            TIME_PUBLIC( title, "private",
-                    buf[0] = 0;
-                    ret = mbedtls_rsa_private( &rsa, myrand, NULL, buf, buf ) );
-
-            mbedtls_rsa_free( &rsa );
-        }
-    }
-#endif
-
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_BIGNUM_C)
-    if( todo.dhm )
-    {
-        int dhm_sizes[] = { 2048, 3072 };
-        static const unsigned char dhm_P_2048[] =
-            MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN;
-        static const unsigned char dhm_P_3072[] =
-            MBEDTLS_DHM_RFC3526_MODP_3072_P_BIN;
-        static const unsigned char dhm_G_2048[] =
-            MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN;
-        static const unsigned char dhm_G_3072[] =
-            MBEDTLS_DHM_RFC3526_MODP_3072_G_BIN;
-
-        const unsigned char *dhm_P[] = { dhm_P_2048, dhm_P_3072 };
-        const size_t dhm_P_size[] = { sizeof( dhm_P_2048 ),
-                                      sizeof( dhm_P_3072 ) };
-
-        const unsigned char *dhm_G[] = { dhm_G_2048, dhm_G_3072 };
-        const size_t dhm_G_size[] = { sizeof( dhm_G_2048 ),
-                                      sizeof( dhm_G_3072 ) };
-
-        mbedtls_dhm_context dhm;
-        size_t olen;
-        for( i = 0; (size_t) i < sizeof( dhm_sizes ) / sizeof( dhm_sizes[0] ); i++ )
-        {
-            mbedtls_dhm_init( &dhm );
-
-            if( mbedtls_mpi_read_binary( &dhm.P, dhm_P[i],
-                                         dhm_P_size[i] ) != 0 ||
-                mbedtls_mpi_read_binary( &dhm.G, dhm_G[i],
-                                         dhm_G_size[i] ) != 0 )
-            {
-                mbedtls_exit( 1 );
-            }
-
-            dhm.len = mbedtls_mpi_size( &dhm.P );
-            mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len, myrand, NULL );
-            if( mbedtls_mpi_copy( &dhm.GY, &dhm.GX ) != 0 )
-                mbedtls_exit( 1 );
-
-            mbedtls_snprintf( title, sizeof( title ), "DHE-%d", dhm_sizes[i] );
-            TIME_PUBLIC( title, "handshake",
-                    ret |= mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len,
-                                            myrand, NULL );
-                    ret |= mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &olen, myrand, NULL ) );
-
-            mbedtls_snprintf( title, sizeof( title ), "DH-%d", dhm_sizes[i] );
-            TIME_PUBLIC( title, "handshake",
-                    ret |= mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &olen, myrand, NULL ) );
-
-            mbedtls_dhm_free( &dhm );
-        }
-    }
-#endif
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_SHA256_C)
-    if( todo.ecdsa )
-    {
-        mbedtls_ecdsa_context ecdsa;
-        const mbedtls_ecp_curve_info *curve_info;
-        size_t sig_len;
-
-        memset( buf, 0x2A, sizeof( buf ) );
-
-        for( curve_info = mbedtls_ecp_curve_list();
-             curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
-             curve_info++ )
-        {
-            if( ! mbedtls_ecdsa_can_do( curve_info->grp_id ) )
-                continue;
-
-            mbedtls_ecdsa_init( &ecdsa );
-
-            if( mbedtls_ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 )
-                mbedtls_exit( 1 );
-            ecp_clear_precomputed( &ecdsa.grp );
-
-            mbedtls_snprintf( title, sizeof( title ), "ECDSA-%s",
-                                              curve_info->name );
-            TIME_PUBLIC( title, "sign",
-                    ret = mbedtls_ecdsa_write_signature( &ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->bit_size,
-                                                tmp, &sig_len, myrand, NULL ) );
-
-            mbedtls_ecdsa_free( &ecdsa );
-        }
-
-        for( curve_info = mbedtls_ecp_curve_list();
-             curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
-             curve_info++ )
-        {
-            if( ! mbedtls_ecdsa_can_do( curve_info->grp_id ) )
-                continue;
-
-            mbedtls_ecdsa_init( &ecdsa );
-
-            if( mbedtls_ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 ||
-                mbedtls_ecdsa_write_signature( &ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->bit_size,
-                                               tmp, &sig_len, myrand, NULL ) != 0 )
-            {
-                mbedtls_exit( 1 );
-            }
-            ecp_clear_precomputed( &ecdsa.grp );
-
-            mbedtls_snprintf( title, sizeof( title ), "ECDSA-%s",
-                                              curve_info->name );
-            TIME_PUBLIC( title, "verify",
-                    ret = mbedtls_ecdsa_read_signature( &ecdsa, buf, curve_info->bit_size,
-                                                tmp, sig_len ) );
-
-            mbedtls_ecdsa_free( &ecdsa );
-        }
-    }
-#endif
-
-#if defined(MBEDTLS_ECDH_C) && defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    if( todo.ecdh )
-    {
-        mbedtls_ecdh_context ecdh;
-        mbedtls_mpi z;
-        const mbedtls_ecp_curve_info montgomery_curve_list[] = {
-#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
-            { MBEDTLS_ECP_DP_CURVE25519, 0, 0, "Curve25519" },
-#endif
-#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
-            { MBEDTLS_ECP_DP_CURVE448, 0, 0, "Curve448" },
-#endif
-            { MBEDTLS_ECP_DP_NONE, 0, 0, 0 }
-        };
-        const mbedtls_ecp_curve_info *curve_info;
-        size_t olen;
-
-        for( curve_info = mbedtls_ecp_curve_list();
-             curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
-             curve_info++ )
-        {
-            if( ! mbedtls_ecdh_can_do( curve_info->grp_id ) )
-                continue;
-
-            mbedtls_ecdh_init( &ecdh );
-
-            CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) );
-            CHECK_AND_CONTINUE( mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
-                                                    myrand, NULL ) );
-            CHECK_AND_CONTINUE( mbedtls_ecp_copy( &ecdh.Qp, &ecdh.Q ) );
-            ecp_clear_precomputed( &ecdh.grp );
-
-            mbedtls_snprintf( title, sizeof( title ), "ECDHE-%s",
-                                              curve_info->name );
-            TIME_PUBLIC( title, "handshake",
-                    CHECK_AND_CONTINUE( mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
-                                             myrand, NULL ) );
-                    CHECK_AND_CONTINUE( mbedtls_ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ),
-                                             myrand, NULL ) ) );
-            mbedtls_ecdh_free( &ecdh );
-        }
-
-        /* Montgomery curves need to be handled separately */
-        for ( curve_info = montgomery_curve_list;
-              curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
-              curve_info++ )
-        {
-            mbedtls_ecdh_init( &ecdh );
-            mbedtls_mpi_init( &z );
-
-            CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) );
-            CHECK_AND_CONTINUE( mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp, myrand, NULL ) );
-
-            mbedtls_snprintf( title, sizeof(title), "ECDHE-%s",
-                              curve_info->name );
-            TIME_PUBLIC(  title, "handshake",
-                    CHECK_AND_CONTINUE( mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q,
-                                            myrand, NULL ) );
-                    CHECK_AND_CONTINUE( mbedtls_ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d,
-                                                myrand, NULL ) ) );
-
-            mbedtls_ecdh_free( &ecdh );
-            mbedtls_mpi_free( &z );
-        }
-
-        for( curve_info = mbedtls_ecp_curve_list();
-             curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
-             curve_info++ )
-        {
-            if( ! mbedtls_ecdh_can_do( curve_info->grp_id ) )
-                continue;
-
-            mbedtls_ecdh_init( &ecdh );
-
-            CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) );
-            CHECK_AND_CONTINUE( mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
-                                  myrand, NULL ) );
-            CHECK_AND_CONTINUE( mbedtls_ecp_copy( &ecdh.Qp, &ecdh.Q ) );
-            CHECK_AND_CONTINUE( mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf),
-                                  myrand, NULL ) );
-            ecp_clear_precomputed( &ecdh.grp );
-
-            mbedtls_snprintf( title, sizeof( title ), "ECDH-%s",
-                                              curve_info->name );
-            TIME_PUBLIC( title, "handshake",
-                    CHECK_AND_CONTINUE( mbedtls_ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ),
-                                             myrand, NULL ) ) );
-            mbedtls_ecdh_free( &ecdh );
-        }
-
-        /* Montgomery curves need to be handled separately */
-        for ( curve_info = montgomery_curve_list;
-              curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
-              curve_info++)
-        {
-            mbedtls_ecdh_init( &ecdh );
-            mbedtls_mpi_init( &z );
-
-            CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) );
-            CHECK_AND_CONTINUE( mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp,
-                                 myrand, NULL ) );
-            CHECK_AND_CONTINUE( mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q, myrand, NULL ) );
-
-            mbedtls_snprintf( title, sizeof(title), "ECDH-%s",
-                              curve_info->name );
-            TIME_PUBLIC(  title, "handshake",
-                    CHECK_AND_CONTINUE( mbedtls_ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d,
-                                                myrand, NULL ) ) );
-
-            mbedtls_ecdh_free( &ecdh );
-            mbedtls_mpi_free( &z );
-        }
-    }
-#endif
-
-#if defined(MBEDTLS_ECDH_C)
-    if( todo.ecdh )
-    {
-        mbedtls_ecdh_context ecdh_srv, ecdh_cli;
-        unsigned char buf_srv[BUFSIZE], buf_cli[BUFSIZE];
-        const mbedtls_ecp_curve_info * curve_list = mbedtls_ecp_curve_list();
-        const mbedtls_ecp_curve_info *curve_info;
-        size_t olen;
-
-        for( curve_info = curve_list;
-            curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
-            curve_info++ )
-        {
-            if( ! mbedtls_ecdh_can_do( curve_info->grp_id ) )
-                continue;
-
-            mbedtls_ecdh_init( &ecdh_srv );
-            mbedtls_ecdh_init( &ecdh_cli );
-
-            mbedtls_snprintf( title, sizeof( title ), "ECDHE-%s", curve_info->name );
-            TIME_PUBLIC( title, "full handshake",
-                const unsigned char * p_srv = buf_srv;
-
-                CHECK_AND_CONTINUE( mbedtls_ecdh_setup( &ecdh_srv, curve_info->grp_id ) );
-                CHECK_AND_CONTINUE( mbedtls_ecdh_make_params( &ecdh_srv, &olen, buf_srv, sizeof( buf_srv ), myrand, NULL ) );
-
-                CHECK_AND_CONTINUE( mbedtls_ecdh_read_params( &ecdh_cli, &p_srv, p_srv + olen ) );
-                CHECK_AND_CONTINUE( mbedtls_ecdh_make_public( &ecdh_cli, &olen, buf_cli, sizeof( buf_cli ), myrand, NULL ) );
-
-                CHECK_AND_CONTINUE( mbedtls_ecdh_read_public( &ecdh_srv, buf_cli, olen ) );
-                CHECK_AND_CONTINUE( mbedtls_ecdh_calc_secret( &ecdh_srv, &olen, buf_srv, sizeof( buf_srv ), myrand, NULL ) );
-
-                CHECK_AND_CONTINUE( mbedtls_ecdh_calc_secret( &ecdh_cli, &olen, buf_cli, sizeof( buf_cli ), myrand, NULL ) );
-                mbedtls_ecdh_free( &ecdh_cli );
-
-                mbedtls_ecdh_free( &ecdh_srv );
-            );
-
-        }
-    }
-#endif
-
-    mbedtls_printf( "\n" );
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-    mbedtls_memory_buffer_alloc_free();
-#endif
-
-#if defined(_WIN32)
-    mbedtls_printf( "  Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( 0 );
-}
-
-#endif /* MBEDTLS_TIMING_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/test/cmake_subproject/cmake_subproject.c b/3rdparty/mbedtls-2.25.0/programs/test/cmake_subproject/cmake_subproject.c
deleted file mode 100644
index 6d81830..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/test/cmake_subproject/cmake_subproject.c
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- *  Simple program to test that CMake builds with Mbed TLS as a subdirectory
- *  work correctly.
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_fprintf         fprintf
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#include "mbedtls/version.h"
-
-/* The main reason to build this is for testing the CMake build, so the program
- * doesn't need to do very much. It calls a single library function to ensure
- * linkage works, but that is all. */
-int main()
-{
-    /* This version string is 18 bytes long, as advised by version.h. */
-    char version[18];
-
-    mbedtls_version_get_string_full( version );
-
-    mbedtls_printf( "Built against %s\n", version );
-
-    return( 0 );
-}
diff --git a/3rdparty/mbedtls-2.25.0/programs/test/cpp_dummy_build.cpp b/3rdparty/mbedtls-2.25.0/programs/test/cpp_dummy_build.cpp
deleted file mode 100644
index c69cd2b..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/test/cpp_dummy_build.cpp
+++ /dev/null
@@ -1,124 +0,0 @@
-/*
- *  This program is a dummy C++ program to ensure Mbed TLS library header files
- *  can be included and built with a C++ compiler.
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/aes.h"
-#include "mbedtls/aesni.h"
-#include "mbedtls/arc4.h"
-#include "mbedtls/aria.h"
-#include "mbedtls/asn1.h"
-#include "mbedtls/asn1write.h"
-#include "mbedtls/base64.h"
-#include "mbedtls/bignum.h"
-#include "mbedtls/blowfish.h"
-#include "mbedtls/bn_mul.h"
-#include "mbedtls/camellia.h"
-#include "mbedtls/ccm.h"
-#include "mbedtls/certs.h"
-#include "mbedtls/chacha20.h"
-#include "mbedtls/chachapoly.h"
-#include "mbedtls/check_config.h"
-#include "mbedtls/cipher.h"
-#include "mbedtls/cipher_internal.h"
-#include "mbedtls/cmac.h"
-#include "mbedtls/compat-1.3.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/debug.h"
-#include "mbedtls/des.h"
-#include "mbedtls/dhm.h"
-#include "mbedtls/ecdh.h"
-#include "mbedtls/ecdsa.h"
-#include "mbedtls/ecjpake.h"
-#include "mbedtls/ecp.h"
-#include "mbedtls/ecp_internal.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/entropy_poll.h"
-#include "mbedtls/error.h"
-#include "mbedtls/gcm.h"
-#include "mbedtls/havege.h"
-#include "mbedtls/hkdf.h"
-#include "mbedtls/hmac_drbg.h"
-#include "mbedtls/md.h"
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
-#include "mbedtls/md5.h"
-#include "mbedtls/md_internal.h"
-#include "mbedtls/net.h"
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/nist_kw.h"
-#include "mbedtls/oid.h"
-#include "mbedtls/padlock.h"
-#include "mbedtls/pem.h"
-#include "mbedtls/pk.h"
-#include "mbedtls/pk_internal.h"
-#include "mbedtls/pkcs11.h"
-#include "mbedtls/pkcs12.h"
-#include "mbedtls/pkcs5.h"
-#include "mbedtls/platform_time.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/poly1305.h"
-#include "mbedtls/psa_util.h"
-#include "mbedtls/ripemd160.h"
-#include "mbedtls/rsa.h"
-#include "mbedtls/rsa_internal.h"
-#include "mbedtls/sha1.h"
-#include "mbedtls/sha256.h"
-#include "mbedtls/sha512.h"
-#include "mbedtls/ssl.h"
-#include "mbedtls/ssl_cache.h"
-#include "mbedtls/ssl_ciphersuites.h"
-#include "mbedtls/ssl_cookie.h"
-#include "mbedtls/ssl_internal.h"
-#include "mbedtls/ssl_ticket.h"
-#include "mbedtls/threading.h"
-#include "mbedtls/timing.h"
-#include "mbedtls/version.h"
-#include "mbedtls/x509.h"
-#include "mbedtls/x509_crl.h"
-#include "mbedtls/x509_crt.h"
-#include "mbedtls/x509_csr.h"
-#include "mbedtls/xtea.h"
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#endif
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-#include "mbedtls/memory_buffer_alloc.h"
-#endif
-
-#include "psa/crypto.h"
-#include "psa/crypto_se_driver.h"
-#include "psa/crypto_entropy_driver.h"
-#include "psa/crypto_accel_driver.h"
-#include "../library/psa_crypto_its.h"
-
-int main()
-{
-    mbedtls_platform_context *ctx = NULL;
-    mbedtls_platform_setup(ctx);
-    mbedtls_printf("CPP Build test\n");
-    mbedtls_platform_teardown(ctx);
-}
diff --git a/3rdparty/mbedtls-2.25.0/programs/test/query_compile_time_config.c b/3rdparty/mbedtls-2.25.0/programs/test/query_compile_time_config.c
deleted file mode 100644
index abe8f76..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/test/query_compile_time_config.c
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- *  Query the Mbed TLS compile time configuration
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf       printf
-#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
-#endif
-
-#define USAGE                                                                \
-    "usage: %s <MBEDTLS_CONFIG>\n\n"                                         \
-    "This program takes one command line argument which corresponds to\n"    \
-    "the string representation of a Mbed TLS compile time configuration.\n"  \
-    "The value 0 will be returned if this configuration is defined in the\n" \
-    "Mbed TLS build and the macro expansion of that configuration will be\n" \
-    "printed (if any). Otherwise, 1 will be returned.\n"
-
-int query_config( const char *config );
-
-int main( int argc, char *argv[] )
-{
-    if ( argc != 2 )
-    {
-        mbedtls_printf( USAGE, argv[0] );
-        return( MBEDTLS_EXIT_FAILURE );
-    }
-
-    return( query_config( argv[1] ) );
-}
diff --git a/3rdparty/mbedtls-2.25.0/programs/test/query_config.c b/3rdparty/mbedtls-2.25.0/programs/test/query_config.c
deleted file mode 100644
index 1345b11..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/test/query_config.c
+++ /dev/null
@@ -1,2777 +0,0 @@
-/*
- *  Query Mbed TLS compile time configurations from config.h
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-
-/*
- * Include all the headers with public APIs in case they define a macro to its
- * default value when that configuration is not set in the config.h.
- */
-#include "mbedtls/aes.h"
-#include "mbedtls/aesni.h"
-#include "mbedtls/arc4.h"
-#include "mbedtls/aria.h"
-#include "mbedtls/asn1.h"
-#include "mbedtls/asn1write.h"
-#include "mbedtls/base64.h"
-#include "mbedtls/bignum.h"
-#include "mbedtls/blowfish.h"
-#include "mbedtls/camellia.h"
-#include "mbedtls/ccm.h"
-#include "mbedtls/certs.h"
-#include "mbedtls/chacha20.h"
-#include "mbedtls/chachapoly.h"
-#include "mbedtls/cipher.h"
-#include "mbedtls/cmac.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/debug.h"
-#include "mbedtls/des.h"
-#include "mbedtls/dhm.h"
-#include "mbedtls/ecdh.h"
-#include "mbedtls/ecdsa.h"
-#include "mbedtls/ecjpake.h"
-#include "mbedtls/ecp.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/entropy_poll.h"
-#include "mbedtls/error.h"
-#include "mbedtls/gcm.h"
-#include "mbedtls/havege.h"
-#include "mbedtls/hkdf.h"
-#include "mbedtls/hmac_drbg.h"
-#include "mbedtls/md.h"
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
-#include "mbedtls/md5.h"
-#include "mbedtls/memory_buffer_alloc.h"
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/nist_kw.h"
-#include "mbedtls/oid.h"
-#include "mbedtls/padlock.h"
-#include "mbedtls/pem.h"
-#include "mbedtls/pk.h"
-#include "mbedtls/pkcs11.h"
-#include "mbedtls/pkcs12.h"
-#include "mbedtls/pkcs5.h"
-#include "mbedtls/platform_time.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/poly1305.h"
-#include "mbedtls/ripemd160.h"
-#include "mbedtls/rsa.h"
-#include "mbedtls/sha1.h"
-#include "mbedtls/sha256.h"
-#include "mbedtls/sha512.h"
-#include "mbedtls/ssl.h"
-#include "mbedtls/ssl_cache.h"
-#include "mbedtls/ssl_ciphersuites.h"
-#include "mbedtls/ssl_cookie.h"
-#include "mbedtls/ssl_internal.h"
-#include "mbedtls/ssl_ticket.h"
-#include "mbedtls/threading.h"
-#include "mbedtls/timing.h"
-#include "mbedtls/version.h"
-#include "mbedtls/x509.h"
-#include "mbedtls/x509_crl.h"
-#include "mbedtls/x509_crt.h"
-#include "mbedtls/x509_csr.h"
-#include "mbedtls/xtea.h"
-
-#include <string.h>
-
-/*
- * Helper macros to convert a macro or its expansion into a string
- * WARNING: This does not work for expanding function-like macros. However,
- * Mbed TLS does not currently have configuration options used in this fashion.
- */
-#define MACRO_EXPANSION_TO_STR(macro)   MACRO_NAME_TO_STR(macro)
-#define MACRO_NAME_TO_STR(macro)                                        \
-    mbedtls_printf( "%s", strlen( #macro "" ) > 0 ? #macro "\n" : "" )
-
-#if defined(_MSC_VER)
-/*
- * Visual Studio throws the warning 4003 because many Mbed TLS feature macros
- * are defined empty. This means that from the preprocessor's point of view
- * the macro MBEDTLS_EXPANSION_TO_STR is being invoked without arguments as
- * some macros expand to nothing. We suppress that specific warning to get a
- * clean build and to ensure that tests treating warnings as errors do not
- * fail.
- */
-#pragma warning(push)
-#pragma warning(disable:4003)
-#endif /* _MSC_VER */
-
-int query_config( const char *config )
-{
-#if defined(MBEDTLS_HAVE_ASM)
-    if( strcmp( "MBEDTLS_HAVE_ASM", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_ASM );
-        return( 0 );
-    }
-#endif /* MBEDTLS_HAVE_ASM */
-
-#if defined(MBEDTLS_NO_UDBL_DIVISION)
-    if( strcmp( "MBEDTLS_NO_UDBL_DIVISION", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_NO_UDBL_DIVISION );
-        return( 0 );
-    }
-#endif /* MBEDTLS_NO_UDBL_DIVISION */
-
-#if defined(MBEDTLS_NO_64BIT_MULTIPLICATION)
-    if( strcmp( "MBEDTLS_NO_64BIT_MULTIPLICATION", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_NO_64BIT_MULTIPLICATION );
-        return( 0 );
-    }
-#endif /* MBEDTLS_NO_64BIT_MULTIPLICATION */
-
-#if defined(MBEDTLS_HAVE_SSE2)
-    if( strcmp( "MBEDTLS_HAVE_SSE2", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_SSE2 );
-        return( 0 );
-    }
-#endif /* MBEDTLS_HAVE_SSE2 */
-
-#if defined(MBEDTLS_HAVE_TIME)
-    if( strcmp( "MBEDTLS_HAVE_TIME", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_TIME );
-        return( 0 );
-    }
-#endif /* MBEDTLS_HAVE_TIME */
-
-#if defined(MBEDTLS_HAVE_TIME_DATE)
-    if( strcmp( "MBEDTLS_HAVE_TIME_DATE", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_TIME_DATE );
-        return( 0 );
-    }
-#endif /* MBEDTLS_HAVE_TIME_DATE */
-
-#if defined(MBEDTLS_PLATFORM_MEMORY)
-    if( strcmp( "MBEDTLS_PLATFORM_MEMORY", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_MEMORY );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_MEMORY */
-
-#if defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS)
-    if( strcmp( "MBEDTLS_PLATFORM_NO_STD_FUNCTIONS", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NO_STD_FUNCTIONS );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */
-
-#if defined(MBEDTLS_PLATFORM_EXIT_ALT)
-    if( strcmp( "MBEDTLS_PLATFORM_EXIT_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_EXIT_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_EXIT_ALT */
-
-#if defined(MBEDTLS_PLATFORM_TIME_ALT)
-    if( strcmp( "MBEDTLS_PLATFORM_TIME_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_TIME_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_TIME_ALT */
-
-#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
-    if( strcmp( "MBEDTLS_PLATFORM_FPRINTF_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_FPRINTF_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */
-
-#if defined(MBEDTLS_PLATFORM_PRINTF_ALT)
-    if( strcmp( "MBEDTLS_PLATFORM_PRINTF_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_PRINTF_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */
-
-#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
-    if( strcmp( "MBEDTLS_PLATFORM_SNPRINTF_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_SNPRINTF_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
-
-#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT)
-    if( strcmp( "MBEDTLS_PLATFORM_VSNPRINTF_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_VSNPRINTF_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
-
-#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
-    if( strcmp( "MBEDTLS_PLATFORM_NV_SEED_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NV_SEED_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */
-
-#if defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT)
-    if( strcmp( "MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */
-
-#if defined(MBEDTLS_DEPRECATED_WARNING)
-    if( strcmp( "MBEDTLS_DEPRECATED_WARNING", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_DEPRECATED_WARNING );
-        return( 0 );
-    }
-#endif /* MBEDTLS_DEPRECATED_WARNING */
-
-#if defined(MBEDTLS_DEPRECATED_REMOVED)
-    if( strcmp( "MBEDTLS_DEPRECATED_REMOVED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_DEPRECATED_REMOVED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_DEPRECATED_REMOVED */
-
-#if defined(MBEDTLS_CHECK_PARAMS)
-    if( strcmp( "MBEDTLS_CHECK_PARAMS", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CHECK_PARAMS );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CHECK_PARAMS */
-
-#if defined(MBEDTLS_CHECK_PARAMS_ASSERT)
-    if( strcmp( "MBEDTLS_CHECK_PARAMS_ASSERT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CHECK_PARAMS_ASSERT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CHECK_PARAMS_ASSERT */
-
-#if defined(MBEDTLS_TIMING_ALT)
-    if( strcmp( "MBEDTLS_TIMING_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_TIMING_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_TIMING_ALT */
-
-#if defined(MBEDTLS_AES_ALT)
-    if( strcmp( "MBEDTLS_AES_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_AES_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_AES_ALT */
-
-#if defined(MBEDTLS_ARC4_ALT)
-    if( strcmp( "MBEDTLS_ARC4_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ARC4_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ARC4_ALT */
-
-#if defined(MBEDTLS_ARIA_ALT)
-    if( strcmp( "MBEDTLS_ARIA_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ARIA_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ARIA_ALT */
-
-#if defined(MBEDTLS_BLOWFISH_ALT)
-    if( strcmp( "MBEDTLS_BLOWFISH_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_BLOWFISH_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_BLOWFISH_ALT */
-
-#if defined(MBEDTLS_CAMELLIA_ALT)
-    if( strcmp( "MBEDTLS_CAMELLIA_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CAMELLIA_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CAMELLIA_ALT */
-
-#if defined(MBEDTLS_CCM_ALT)
-    if( strcmp( "MBEDTLS_CCM_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CCM_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CCM_ALT */
-
-#if defined(MBEDTLS_CHACHA20_ALT)
-    if( strcmp( "MBEDTLS_CHACHA20_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHA20_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CHACHA20_ALT */
-
-#if defined(MBEDTLS_CHACHAPOLY_ALT)
-    if( strcmp( "MBEDTLS_CHACHAPOLY_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHAPOLY_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CHACHAPOLY_ALT */
-
-#if defined(MBEDTLS_CMAC_ALT)
-    if( strcmp( "MBEDTLS_CMAC_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CMAC_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CMAC_ALT */
-
-#if defined(MBEDTLS_DES_ALT)
-    if( strcmp( "MBEDTLS_DES_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_DES_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_DES_ALT */
-
-#if defined(MBEDTLS_DHM_ALT)
-    if( strcmp( "MBEDTLS_DHM_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_DHM_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_DHM_ALT */
-
-#if defined(MBEDTLS_ECJPAKE_ALT)
-    if( strcmp( "MBEDTLS_ECJPAKE_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECJPAKE_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECJPAKE_ALT */
-
-#if defined(MBEDTLS_GCM_ALT)
-    if( strcmp( "MBEDTLS_GCM_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_GCM_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_GCM_ALT */
-
-#if defined(MBEDTLS_NIST_KW_ALT)
-    if( strcmp( "MBEDTLS_NIST_KW_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_NIST_KW_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_NIST_KW_ALT */
-
-#if defined(MBEDTLS_MD2_ALT)
-    if( strcmp( "MBEDTLS_MD2_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_MD2_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_MD2_ALT */
-
-#if defined(MBEDTLS_MD4_ALT)
-    if( strcmp( "MBEDTLS_MD4_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_MD4_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_MD4_ALT */
-
-#if defined(MBEDTLS_MD5_ALT)
-    if( strcmp( "MBEDTLS_MD5_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_MD5_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_MD5_ALT */
-
-#if defined(MBEDTLS_POLY1305_ALT)
-    if( strcmp( "MBEDTLS_POLY1305_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_POLY1305_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_POLY1305_ALT */
-
-#if defined(MBEDTLS_RIPEMD160_ALT)
-    if( strcmp( "MBEDTLS_RIPEMD160_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_RIPEMD160_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_RIPEMD160_ALT */
-
-#if defined(MBEDTLS_RSA_ALT)
-    if( strcmp( "MBEDTLS_RSA_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_RSA_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_RSA_ALT */
-
-#if defined(MBEDTLS_SHA1_ALT)
-    if( strcmp( "MBEDTLS_SHA1_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA1_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SHA1_ALT */
-
-#if defined(MBEDTLS_SHA256_ALT)
-    if( strcmp( "MBEDTLS_SHA256_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SHA256_ALT */
-
-#if defined(MBEDTLS_SHA512_ALT)
-    if( strcmp( "MBEDTLS_SHA512_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SHA512_ALT */
-
-#if defined(MBEDTLS_XTEA_ALT)
-    if( strcmp( "MBEDTLS_XTEA_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_XTEA_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_XTEA_ALT */
-
-#if defined(MBEDTLS_ECP_ALT)
-    if( strcmp( "MBEDTLS_ECP_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_ALT */
-
-#if defined(MBEDTLS_MD2_PROCESS_ALT)
-    if( strcmp( "MBEDTLS_MD2_PROCESS_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_MD2_PROCESS_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_MD2_PROCESS_ALT */
-
-#if defined(MBEDTLS_MD4_PROCESS_ALT)
-    if( strcmp( "MBEDTLS_MD4_PROCESS_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_MD4_PROCESS_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_MD4_PROCESS_ALT */
-
-#if defined(MBEDTLS_MD5_PROCESS_ALT)
-    if( strcmp( "MBEDTLS_MD5_PROCESS_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_MD5_PROCESS_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_MD5_PROCESS_ALT */
-
-#if defined(MBEDTLS_RIPEMD160_PROCESS_ALT)
-    if( strcmp( "MBEDTLS_RIPEMD160_PROCESS_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_RIPEMD160_PROCESS_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_RIPEMD160_PROCESS_ALT */
-
-#if defined(MBEDTLS_SHA1_PROCESS_ALT)
-    if( strcmp( "MBEDTLS_SHA1_PROCESS_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA1_PROCESS_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SHA1_PROCESS_ALT */
-
-#if defined(MBEDTLS_SHA256_PROCESS_ALT)
-    if( strcmp( "MBEDTLS_SHA256_PROCESS_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_PROCESS_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SHA256_PROCESS_ALT */
-
-#if defined(MBEDTLS_SHA512_PROCESS_ALT)
-    if( strcmp( "MBEDTLS_SHA512_PROCESS_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_PROCESS_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SHA512_PROCESS_ALT */
-
-#if defined(MBEDTLS_DES_SETKEY_ALT)
-    if( strcmp( "MBEDTLS_DES_SETKEY_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_DES_SETKEY_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_DES_SETKEY_ALT */
-
-#if defined(MBEDTLS_DES_CRYPT_ECB_ALT)
-    if( strcmp( "MBEDTLS_DES_CRYPT_ECB_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_DES_CRYPT_ECB_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_DES_CRYPT_ECB_ALT */
-
-#if defined(MBEDTLS_DES3_CRYPT_ECB_ALT)
-    if( strcmp( "MBEDTLS_DES3_CRYPT_ECB_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_DES3_CRYPT_ECB_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_DES3_CRYPT_ECB_ALT */
-
-#if defined(MBEDTLS_AES_SETKEY_ENC_ALT)
-    if( strcmp( "MBEDTLS_AES_SETKEY_ENC_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_AES_SETKEY_ENC_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_AES_SETKEY_ENC_ALT */
-
-#if defined(MBEDTLS_AES_SETKEY_DEC_ALT)
-    if( strcmp( "MBEDTLS_AES_SETKEY_DEC_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_AES_SETKEY_DEC_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_AES_SETKEY_DEC_ALT */
-
-#if defined(MBEDTLS_AES_ENCRYPT_ALT)
-    if( strcmp( "MBEDTLS_AES_ENCRYPT_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_AES_ENCRYPT_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_AES_ENCRYPT_ALT */
-
-#if defined(MBEDTLS_AES_DECRYPT_ALT)
-    if( strcmp( "MBEDTLS_AES_DECRYPT_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_AES_DECRYPT_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_AES_DECRYPT_ALT */
-
-#if defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT)
-    if( strcmp( "MBEDTLS_ECDH_GEN_PUBLIC_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_GEN_PUBLIC_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */
-
-#if defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT)
-    if( strcmp( "MBEDTLS_ECDH_COMPUTE_SHARED_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_COMPUTE_SHARED_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */
-
-#if defined(MBEDTLS_ECDSA_VERIFY_ALT)
-    if( strcmp( "MBEDTLS_ECDSA_VERIFY_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_VERIFY_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECDSA_VERIFY_ALT */
-
-#if defined(MBEDTLS_ECDSA_SIGN_ALT)
-    if( strcmp( "MBEDTLS_ECDSA_SIGN_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_SIGN_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECDSA_SIGN_ALT */
-
-#if defined(MBEDTLS_ECDSA_GENKEY_ALT)
-    if( strcmp( "MBEDTLS_ECDSA_GENKEY_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_GENKEY_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECDSA_GENKEY_ALT */
-
-#if defined(MBEDTLS_ECP_INTERNAL_ALT)
-    if( strcmp( "MBEDTLS_ECP_INTERNAL_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_INTERNAL_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_INTERNAL_ALT */
-
-#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT)
-    if( strcmp( "MBEDTLS_ECP_RANDOMIZE_JAC_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_RANDOMIZE_JAC_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */
-
-#if defined(MBEDTLS_ECP_ADD_MIXED_ALT)
-    if( strcmp( "MBEDTLS_ECP_ADD_MIXED_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_ADD_MIXED_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_ADD_MIXED_ALT */
-
-#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT)
-    if( strcmp( "MBEDTLS_ECP_DOUBLE_JAC_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DOUBLE_JAC_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */
-
-#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT)
-    if( strcmp( "MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT */
-
-#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT)
-    if( strcmp( "MBEDTLS_ECP_NORMALIZE_JAC_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NORMALIZE_JAC_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */
-
-#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)
-    if( strcmp( "MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */
-
-#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT)
-    if( strcmp( "MBEDTLS_ECP_RANDOMIZE_MXZ_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_RANDOMIZE_MXZ_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */
-
-#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
-    if( strcmp( "MBEDTLS_ECP_NORMALIZE_MXZ_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NORMALIZE_MXZ_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */
-
-#if defined(MBEDTLS_TEST_NULL_ENTROPY)
-    if( strcmp( "MBEDTLS_TEST_NULL_ENTROPY", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_NULL_ENTROPY );
-        return( 0 );
-    }
-#endif /* MBEDTLS_TEST_NULL_ENTROPY */
-
-#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
-    if( strcmp( "MBEDTLS_ENTROPY_HARDWARE_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_HARDWARE_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */
-
-#if defined(MBEDTLS_AES_ROM_TABLES)
-    if( strcmp( "MBEDTLS_AES_ROM_TABLES", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_AES_ROM_TABLES );
-        return( 0 );
-    }
-#endif /* MBEDTLS_AES_ROM_TABLES */
-
-#if defined(MBEDTLS_AES_FEWER_TABLES)
-    if( strcmp( "MBEDTLS_AES_FEWER_TABLES", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_AES_FEWER_TABLES );
-        return( 0 );
-    }
-#endif /* MBEDTLS_AES_FEWER_TABLES */
-
-#if defined(MBEDTLS_CAMELLIA_SMALL_MEMORY)
-    if( strcmp( "MBEDTLS_CAMELLIA_SMALL_MEMORY", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CAMELLIA_SMALL_MEMORY );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CAMELLIA_SMALL_MEMORY */
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    if( strcmp( "MBEDTLS_CIPHER_MODE_CBC", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_CBC );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    if( strcmp( "MBEDTLS_CIPHER_MODE_CFB", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_CFB );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    if( strcmp( "MBEDTLS_CIPHER_MODE_CTR", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_CTR );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    if( strcmp( "MBEDTLS_CIPHER_MODE_OFB", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_OFB );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CIPHER_MODE_OFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    if( strcmp( "MBEDTLS_CIPHER_MODE_XTS", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_XTS );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CIPHER_MODE_XTS */
-
-#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
-    if( strcmp( "MBEDTLS_CIPHER_NULL_CIPHER", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_NULL_CIPHER );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
-
-#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
-    if( strcmp( "MBEDTLS_CIPHER_PADDING_PKCS7", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_PKCS7 );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */
-
-#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS)
-    if( strcmp( "MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */
-
-#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN)
-    if( strcmp( "MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */
-
-#if defined(MBEDTLS_CIPHER_PADDING_ZEROS)
-    if( strcmp( "MBEDTLS_CIPHER_PADDING_ZEROS", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_ZEROS );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CIPHER_PADDING_ZEROS */
-
-#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
-    if( strcmp( "MBEDTLS_CTR_DRBG_USE_128_BIT_KEY", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_USE_128_BIT_KEY );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */
-
-#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES)
-    if( strcmp( "MBEDTLS_ENABLE_WEAK_CIPHERSUITES", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ENABLE_WEAK_CIPHERSUITES );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */
-
-#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
-    if( strcmp( "MBEDTLS_REMOVE_ARC4_CIPHERSUITES", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_REMOVE_ARC4_CIPHERSUITES );
-        return( 0 );
-    }
-#endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */
-
-#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES)
-    if( strcmp( "MBEDTLS_REMOVE_3DES_CIPHERSUITES", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_REMOVE_3DES_CIPHERSUITES );
-        return( 0 );
-    }
-#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */
-
-#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
-    if( strcmp( "MBEDTLS_ECP_DP_SECP192R1_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP192R1_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
-    if( strcmp( "MBEDTLS_ECP_DP_SECP224R1_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP224R1_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
-    if( strcmp( "MBEDTLS_ECP_DP_SECP256R1_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP256R1_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
-    if( strcmp( "MBEDTLS_ECP_DP_SECP384R1_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP384R1_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
-    if( strcmp( "MBEDTLS_ECP_DP_SECP521R1_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP521R1_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
-    if( strcmp( "MBEDTLS_ECP_DP_SECP192K1_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP192K1_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
-    if( strcmp( "MBEDTLS_ECP_DP_SECP224K1_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP224K1_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
-    if( strcmp( "MBEDTLS_ECP_DP_SECP256K1_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP256K1_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
-    if( strcmp( "MBEDTLS_ECP_DP_BP256R1_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_BP256R1_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
-    if( strcmp( "MBEDTLS_ECP_DP_BP384R1_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_BP384R1_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
-    if( strcmp( "MBEDTLS_ECP_DP_BP512R1_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_BP512R1_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
-    if( strcmp( "MBEDTLS_ECP_DP_CURVE25519_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_CURVE25519_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */
-
-#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
-    if( strcmp( "MBEDTLS_ECP_DP_CURVE448_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_CURVE448_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */
-
-#if defined(MBEDTLS_ECP_NIST_OPTIM)
-    if( strcmp( "MBEDTLS_ECP_NIST_OPTIM", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NIST_OPTIM );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_NIST_OPTIM */
-
-#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-    if( strcmp( "MBEDTLS_ECP_NO_INTERNAL_RNG", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NO_INTERNAL_RNG );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( strcmp( "MBEDTLS_ECP_RESTARTABLE", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_RESTARTABLE );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_RESTARTABLE */
-
-#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    if( strcmp( "MBEDTLS_ECDH_LEGACY_CONTEXT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_LEGACY_CONTEXT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */
-
-#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
-    if( strcmp( "MBEDTLS_ECDSA_DETERMINISTIC", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_DETERMINISTIC );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
-    if( strcmp( "MBEDTLS_KEY_EXCHANGE_PSK_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_PSK_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
-    if( strcmp( "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
-    if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
-    if( strcmp( "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
-    if( strcmp( "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_RSA_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
-    if( strcmp( "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
-    if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
-    if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
-    if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
-    if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-    if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-
-#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED)
-    if( strcmp( "MBEDTLS_PK_PARSE_EC_EXTENDED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PK_PARSE_EC_EXTENDED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */
-
-#if defined(MBEDTLS_ERROR_STRERROR_DUMMY)
-    if( strcmp( "MBEDTLS_ERROR_STRERROR_DUMMY", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ERROR_STRERROR_DUMMY );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ERROR_STRERROR_DUMMY */
-
-#if defined(MBEDTLS_GENPRIME)
-    if( strcmp( "MBEDTLS_GENPRIME", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_GENPRIME );
-        return( 0 );
-    }
-#endif /* MBEDTLS_GENPRIME */
-
-#if defined(MBEDTLS_FS_IO)
-    if( strcmp( "MBEDTLS_FS_IO", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_FS_IO );
-        return( 0 );
-    }
-#endif /* MBEDTLS_FS_IO */
-
-#if defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
-    if( strcmp( "MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES );
-        return( 0 );
-    }
-#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */
-
-#if defined(MBEDTLS_NO_PLATFORM_ENTROPY)
-    if( strcmp( "MBEDTLS_NO_PLATFORM_ENTROPY", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_NO_PLATFORM_ENTROPY );
-        return( 0 );
-    }
-#endif /* MBEDTLS_NO_PLATFORM_ENTROPY */
-
-#if defined(MBEDTLS_ENTROPY_FORCE_SHA256)
-    if( strcmp( "MBEDTLS_ENTROPY_FORCE_SHA256", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_FORCE_SHA256 );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ENTROPY_FORCE_SHA256 */
-
-#if defined(MBEDTLS_ENTROPY_NV_SEED)
-    if( strcmp( "MBEDTLS_ENTROPY_NV_SEED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_NV_SEED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ENTROPY_NV_SEED */
-
-#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
-    if( strcmp( "MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
-
-#if defined(MBEDTLS_MEMORY_DEBUG)
-    if( strcmp( "MBEDTLS_MEMORY_DEBUG", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_DEBUG );
-        return( 0 );
-    }
-#endif /* MBEDTLS_MEMORY_DEBUG */
-
-#if defined(MBEDTLS_MEMORY_BACKTRACE)
-    if( strcmp( "MBEDTLS_MEMORY_BACKTRACE", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_BACKTRACE );
-        return( 0 );
-    }
-#endif /* MBEDTLS_MEMORY_BACKTRACE */
-
-#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
-    if( strcmp( "MBEDTLS_PK_RSA_ALT_SUPPORT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PK_RSA_ALT_SUPPORT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
-
-#if defined(MBEDTLS_PKCS1_V15)
-    if( strcmp( "MBEDTLS_PKCS1_V15", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS1_V15 );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PKCS1_V15 */
-
-#if defined(MBEDTLS_PKCS1_V21)
-    if( strcmp( "MBEDTLS_PKCS1_V21", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS1_V21 );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PKCS1_V21 */
-
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
-    if( strcmp( "MBEDTLS_PSA_CRYPTO_DRIVERS", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_DRIVERS );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */
-
-#if defined(MBEDTLS_PSA_CRYPTO_SPM)
-    if( strcmp( "MBEDTLS_PSA_CRYPTO_SPM", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_SPM );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PSA_CRYPTO_SPM */
-
-#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
-    if( strcmp( "MBEDTLS_PSA_INJECT_ENTROPY", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_INJECT_ENTROPY );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
-
-#if defined(MBEDTLS_RSA_NO_CRT)
-    if( strcmp( "MBEDTLS_RSA_NO_CRT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_RSA_NO_CRT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_RSA_NO_CRT */
-
-#if defined(MBEDTLS_SELF_TEST)
-    if( strcmp( "MBEDTLS_SELF_TEST", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SELF_TEST );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SELF_TEST */
-
-#if defined(MBEDTLS_SHA256_SMALLER)
-    if( strcmp( "MBEDTLS_SHA256_SMALLER", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_SMALLER );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SHA256_SMALLER */
-
-#if defined(MBEDTLS_SHA512_SMALLER)
-    if( strcmp( "MBEDTLS_SHA512_SMALLER", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_SMALLER );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SHA512_SMALLER */
-
-#if defined(MBEDTLS_SHA512_NO_SHA384)
-    if( strcmp( "MBEDTLS_SHA512_NO_SHA384", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_NO_SHA384 );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SHA512_NO_SHA384 */
-
-#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES)
-    if( strcmp( "MBEDTLS_SSL_ALL_ALERT_MESSAGES", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ALL_ALERT_MESSAGES );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */
-
-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
-    if( strcmp( "MBEDTLS_SSL_RECORD_CHECKING", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_RECORD_CHECKING );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    if( strcmp( "MBEDTLS_SSL_DTLS_CONNECTION_ID", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_CONNECTION_ID );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-    if( strcmp( "MBEDTLS_SSL_ASYNC_PRIVATE", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ASYNC_PRIVATE );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-
-#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
-    if( strcmp( "MBEDTLS_SSL_CONTEXT_SERIALIZATION", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CONTEXT_SERIALIZATION );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
-
-#if defined(MBEDTLS_SSL_DEBUG_ALL)
-    if( strcmp( "MBEDTLS_SSL_DEBUG_ALL", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DEBUG_ALL );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_DEBUG_ALL */
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-    if( strcmp( "MBEDTLS_SSL_ENCRYPT_THEN_MAC", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ENCRYPT_THEN_MAC );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
-
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-    if( strcmp( "MBEDTLS_SSL_EXTENDED_MASTER_SECRET", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_EXTENDED_MASTER_SECRET );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
-
-#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
-    if( strcmp( "MBEDTLS_SSL_FALLBACK_SCSV", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_FALLBACK_SCSV );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_FALLBACK_SCSV */
-
-#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    if( strcmp( "MBEDTLS_SSL_KEEP_PEER_CERTIFICATE", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_KEEP_PEER_CERTIFICATE );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-
-#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
-    if( strcmp( "MBEDTLS_SSL_HW_RECORD_ACCEL", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_HW_RECORD_ACCEL );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
-
-#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
-    if( strcmp( "MBEDTLS_SSL_CBC_RECORD_SPLITTING", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CBC_RECORD_SPLITTING );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( strcmp( "MBEDTLS_SSL_RENEGOTIATION", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_RENEGOTIATION );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-
-#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO)
-    if( strcmp( "MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */
-
-#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE)
-    if( strcmp( "MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE */
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-    if( strcmp( "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-    if( strcmp( "MBEDTLS_SSL_PROTO_SSL3", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_SSL3 );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_PROTO_SSL3 */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1)
-    if( strcmp( "MBEDTLS_SSL_PROTO_TLS1", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1 );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_PROTO_TLS1 */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_1)
-    if( strcmp( "MBEDTLS_SSL_PROTO_TLS1_1", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1_1 );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-    if( strcmp( "MBEDTLS_SSL_PROTO_TLS1_2", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1_2 );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
-    if( strcmp( "MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( strcmp( "MBEDTLS_SSL_PROTO_DTLS", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_DTLS );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-#if defined(MBEDTLS_SSL_ALPN)
-    if( strcmp( "MBEDTLS_SSL_ALPN", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ALPN );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_ALPN */
-
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-    if( strcmp( "MBEDTLS_SSL_DTLS_ANTI_REPLAY", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_ANTI_REPLAY );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
-
-#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
-    if( strcmp( "MBEDTLS_SSL_DTLS_HELLO_VERIFY", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_HELLO_VERIFY );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
-
-#if defined(MBEDTLS_SSL_DTLS_SRTP)
-    if( strcmp( "MBEDTLS_SSL_DTLS_SRTP", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_SRTP );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-
-#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE)
-    if( strcmp( "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */
-
-#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
-    if( strcmp( "MBEDTLS_SSL_DTLS_BADMAC_LIMIT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_BADMAC_LIMIT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    if( strcmp( "MBEDTLS_SSL_SESSION_TICKETS", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SESSION_TICKETS );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
-
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-    if( strcmp( "MBEDTLS_SSL_EXPORT_KEYS", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_EXPORT_KEYS );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */
-
-#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-    if( strcmp( "MBEDTLS_SSL_SERVER_NAME_INDICATION", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SERVER_NAME_INDICATION );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-    if( strcmp( "MBEDTLS_SSL_TRUNCATED_HMAC", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TRUNCATED_HMAC );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT)
-    if( strcmp( "MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT */
-
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-    if( strcmp( "MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */
-
-#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN)
-    if( strcmp( "MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN );
-        return( 0 );
-    }
-#endif /* MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN */
-
-#if defined(MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND)
-    if( strcmp( "MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND );
-        return( 0 );
-    }
-#endif /* MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND */
-
-#if defined(MBEDTLS_TEST_HOOKS)
-    if( strcmp( "MBEDTLS_TEST_HOOKS", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_HOOKS );
-        return( 0 );
-    }
-#endif /* MBEDTLS_TEST_HOOKS */
-
-#if defined(MBEDTLS_THREADING_ALT)
-    if( strcmp( "MBEDTLS_THREADING_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_THREADING_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_THREADING_ALT */
-
-#if defined(MBEDTLS_THREADING_PTHREAD)
-    if( strcmp( "MBEDTLS_THREADING_PTHREAD", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_THREADING_PTHREAD );
-        return( 0 );
-    }
-#endif /* MBEDTLS_THREADING_PTHREAD */
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( strcmp( "MBEDTLS_USE_PSA_CRYPTO", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_USE_PSA_CRYPTO );
-        return( 0 );
-    }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
-    if( strcmp( "MBEDTLS_PSA_CRYPTO_CONFIG", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_CONFIG );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */
-
-#if defined(MBEDTLS_VERSION_FEATURES)
-    if( strcmp( "MBEDTLS_VERSION_FEATURES", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_VERSION_FEATURES );
-        return( 0 );
-    }
-#endif /* MBEDTLS_VERSION_FEATURES */
-
-#if defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3)
-    if( strcmp( "MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 );
-        return( 0 );
-    }
-#endif /* MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 */
-
-#if defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
-    if( strcmp( "MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION );
-        return( 0 );
-    }
-#endif /* MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION */
-
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-    if( strcmp( "MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK );
-        return( 0 );
-    }
-#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
-
-#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
-    if( strcmp( "MBEDTLS_X509_CHECK_KEY_USAGE", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CHECK_KEY_USAGE );
-        return( 0 );
-    }
-#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */
-
-#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
-    if( strcmp( "MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE );
-        return( 0 );
-    }
-#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
-
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
-    if( strcmp( "MBEDTLS_X509_RSASSA_PSS_SUPPORT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_RSASSA_PSS_SUPPORT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
-
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-    if( strcmp( "MBEDTLS_ZLIB_SUPPORT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ZLIB_SUPPORT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ZLIB_SUPPORT */
-
-#if defined(MBEDTLS_AESNI_C)
-    if( strcmp( "MBEDTLS_AESNI_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_AESNI_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_AESNI_C */
-
-#if defined(MBEDTLS_AES_C)
-    if( strcmp( "MBEDTLS_AES_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_AES_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_AES_C */
-
-#if defined(MBEDTLS_ARC4_C)
-    if( strcmp( "MBEDTLS_ARC4_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ARC4_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ARC4_C */
-
-#if defined(MBEDTLS_ASN1_PARSE_C)
-    if( strcmp( "MBEDTLS_ASN1_PARSE_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ASN1_PARSE_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ASN1_PARSE_C */
-
-#if defined(MBEDTLS_ASN1_WRITE_C)
-    if( strcmp( "MBEDTLS_ASN1_WRITE_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ASN1_WRITE_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ASN1_WRITE_C */
-
-#if defined(MBEDTLS_BASE64_C)
-    if( strcmp( "MBEDTLS_BASE64_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_BASE64_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_BASE64_C */
-
-#if defined(MBEDTLS_BIGNUM_C)
-    if( strcmp( "MBEDTLS_BIGNUM_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_BIGNUM_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_BIGNUM_C */
-
-#if defined(MBEDTLS_BLOWFISH_C)
-    if( strcmp( "MBEDTLS_BLOWFISH_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_BLOWFISH_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_BLOWFISH_C */
-
-#if defined(MBEDTLS_CAMELLIA_C)
-    if( strcmp( "MBEDTLS_CAMELLIA_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CAMELLIA_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CAMELLIA_C */
-
-#if defined(MBEDTLS_ARIA_C)
-    if( strcmp( "MBEDTLS_ARIA_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ARIA_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ARIA_C */
-
-#if defined(MBEDTLS_CCM_C)
-    if( strcmp( "MBEDTLS_CCM_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CCM_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CCM_C */
-
-#if defined(MBEDTLS_CERTS_C)
-    if( strcmp( "MBEDTLS_CERTS_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CERTS_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CERTS_C */
-
-#if defined(MBEDTLS_CHACHA20_C)
-    if( strcmp( "MBEDTLS_CHACHA20_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHA20_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CHACHA20_C */
-
-#if defined(MBEDTLS_CHACHAPOLY_C)
-    if( strcmp( "MBEDTLS_CHACHAPOLY_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHAPOLY_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CHACHAPOLY_C */
-
-#if defined(MBEDTLS_CIPHER_C)
-    if( strcmp( "MBEDTLS_CIPHER_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CIPHER_C */
-
-#if defined(MBEDTLS_CMAC_C)
-    if( strcmp( "MBEDTLS_CMAC_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CMAC_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CMAC_C */
-
-#if defined(MBEDTLS_CTR_DRBG_C)
-    if( strcmp( "MBEDTLS_CTR_DRBG_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CTR_DRBG_C */
-
-#if defined(MBEDTLS_DEBUG_C)
-    if( strcmp( "MBEDTLS_DEBUG_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_DEBUG_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_DEBUG_C */
-
-#if defined(MBEDTLS_DES_C)
-    if( strcmp( "MBEDTLS_DES_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_DES_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_DES_C */
-
-#if defined(MBEDTLS_DHM_C)
-    if( strcmp( "MBEDTLS_DHM_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_DHM_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_DHM_C */
-
-#if defined(MBEDTLS_ECDH_C)
-    if( strcmp( "MBEDTLS_ECDH_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECDH_C */
-
-#if defined(MBEDTLS_ECDSA_C)
-    if( strcmp( "MBEDTLS_ECDSA_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECDSA_C */
-
-#if defined(MBEDTLS_ECJPAKE_C)
-    if( strcmp( "MBEDTLS_ECJPAKE_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECJPAKE_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECJPAKE_C */
-
-#if defined(MBEDTLS_ECP_C)
-    if( strcmp( "MBEDTLS_ECP_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_C */
-
-#if defined(MBEDTLS_ENTROPY_C)
-    if( strcmp( "MBEDTLS_ENTROPY_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ENTROPY_C */
-
-#if defined(MBEDTLS_ERROR_C)
-    if( strcmp( "MBEDTLS_ERROR_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ERROR_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ERROR_C */
-
-#if defined(MBEDTLS_GCM_C)
-    if( strcmp( "MBEDTLS_GCM_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_GCM_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_GCM_C */
-
-#if defined(MBEDTLS_HAVEGE_C)
-    if( strcmp( "MBEDTLS_HAVEGE_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_HAVEGE_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_HAVEGE_C */
-
-#if defined(MBEDTLS_HKDF_C)
-    if( strcmp( "MBEDTLS_HKDF_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_HKDF_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_HKDF_C */
-
-#if defined(MBEDTLS_HMAC_DRBG_C)
-    if( strcmp( "MBEDTLS_HMAC_DRBG_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_HMAC_DRBG_C */
-
-#if defined(MBEDTLS_NIST_KW_C)
-    if( strcmp( "MBEDTLS_NIST_KW_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_NIST_KW_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_NIST_KW_C */
-
-#if defined(MBEDTLS_MD_C)
-    if( strcmp( "MBEDTLS_MD_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_MD_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_MD_C */
-
-#if defined(MBEDTLS_MD2_C)
-    if( strcmp( "MBEDTLS_MD2_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_MD2_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_MD2_C */
-
-#if defined(MBEDTLS_MD4_C)
-    if( strcmp( "MBEDTLS_MD4_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_MD4_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_MD4_C */
-
-#if defined(MBEDTLS_MD5_C)
-    if( strcmp( "MBEDTLS_MD5_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_MD5_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_MD5_C */
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-    if( strcmp( "MBEDTLS_MEMORY_BUFFER_ALLOC_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_BUFFER_ALLOC_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */
-
-#if defined(MBEDTLS_NET_C)
-    if( strcmp( "MBEDTLS_NET_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_NET_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_NET_C */
-
-#if defined(MBEDTLS_OID_C)
-    if( strcmp( "MBEDTLS_OID_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_OID_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_OID_C */
-
-#if defined(MBEDTLS_PADLOCK_C)
-    if( strcmp( "MBEDTLS_PADLOCK_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PADLOCK_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PADLOCK_C */
-
-#if defined(MBEDTLS_PEM_PARSE_C)
-    if( strcmp( "MBEDTLS_PEM_PARSE_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PEM_PARSE_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PEM_PARSE_C */
-
-#if defined(MBEDTLS_PEM_WRITE_C)
-    if( strcmp( "MBEDTLS_PEM_WRITE_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PEM_WRITE_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PEM_WRITE_C */
-
-#if defined(MBEDTLS_PK_C)
-    if( strcmp( "MBEDTLS_PK_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PK_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PK_C */
-
-#if defined(MBEDTLS_PK_PARSE_C)
-    if( strcmp( "MBEDTLS_PK_PARSE_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PK_PARSE_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PK_PARSE_C */
-
-#if defined(MBEDTLS_PK_WRITE_C)
-    if( strcmp( "MBEDTLS_PK_WRITE_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PK_WRITE_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PK_WRITE_C */
-
-#if defined(MBEDTLS_PKCS5_C)
-    if( strcmp( "MBEDTLS_PKCS5_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS5_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PKCS5_C */
-
-#if defined(MBEDTLS_PKCS11_C)
-    if( strcmp( "MBEDTLS_PKCS11_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS11_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PKCS11_C */
-
-#if defined(MBEDTLS_PKCS12_C)
-    if( strcmp( "MBEDTLS_PKCS12_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS12_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PKCS12_C */
-
-#if defined(MBEDTLS_PLATFORM_C)
-    if( strcmp( "MBEDTLS_PLATFORM_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_POLY1305_C)
-    if( strcmp( "MBEDTLS_POLY1305_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_POLY1305_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_POLY1305_C */
-
-#if defined(MBEDTLS_PSA_CRYPTO_C)
-    if( strcmp( "MBEDTLS_PSA_CRYPTO_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PSA_CRYPTO_C */
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    if( strcmp( "MBEDTLS_PSA_CRYPTO_SE_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_SE_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-    if( strcmp( "MBEDTLS_PSA_CRYPTO_STORAGE_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_STORAGE_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
-
-#if defined(MBEDTLS_PSA_ITS_FILE_C)
-    if( strcmp( "MBEDTLS_PSA_ITS_FILE_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_ITS_FILE_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PSA_ITS_FILE_C */
-
-#if defined(MBEDTLS_RIPEMD160_C)
-    if( strcmp( "MBEDTLS_RIPEMD160_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_RIPEMD160_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_RIPEMD160_C */
-
-#if defined(MBEDTLS_RSA_C)
-    if( strcmp( "MBEDTLS_RSA_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_RSA_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_RSA_C */
-
-#if defined(MBEDTLS_SHA1_C)
-    if( strcmp( "MBEDTLS_SHA1_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA1_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SHA1_C */
-
-#if defined(MBEDTLS_SHA256_C)
-    if( strcmp( "MBEDTLS_SHA256_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SHA256_C */
-
-#if defined(MBEDTLS_SHA512_C)
-    if( strcmp( "MBEDTLS_SHA512_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SHA512_C */
-
-#if defined(MBEDTLS_SSL_CACHE_C)
-    if( strcmp( "MBEDTLS_SSL_CACHE_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_CACHE_C */
-
-#if defined(MBEDTLS_SSL_COOKIE_C)
-    if( strcmp( "MBEDTLS_SSL_COOKIE_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_COOKIE_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_COOKIE_C */
-
-#if defined(MBEDTLS_SSL_TICKET_C)
-    if( strcmp( "MBEDTLS_SSL_TICKET_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TICKET_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_TICKET_C */
-
-#if defined(MBEDTLS_SSL_CLI_C)
-    if( strcmp( "MBEDTLS_SSL_CLI_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CLI_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_CLI_C */
-
-#if defined(MBEDTLS_SSL_SRV_C)
-    if( strcmp( "MBEDTLS_SSL_SRV_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SRV_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_SRV_C */
-
-#if defined(MBEDTLS_SSL_TLS_C)
-    if( strcmp( "MBEDTLS_SSL_TLS_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TLS_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_TLS_C */
-
-#if defined(MBEDTLS_THREADING_C)
-    if( strcmp( "MBEDTLS_THREADING_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_THREADING_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_THREADING_C */
-
-#if defined(MBEDTLS_TIMING_C)
-    if( strcmp( "MBEDTLS_TIMING_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_TIMING_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_TIMING_C */
-
-#if defined(MBEDTLS_VERSION_C)
-    if( strcmp( "MBEDTLS_VERSION_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_VERSION_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_VERSION_C */
-
-#if defined(MBEDTLS_X509_USE_C)
-    if( strcmp( "MBEDTLS_X509_USE_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_USE_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_X509_USE_C */
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    if( strcmp( "MBEDTLS_X509_CRT_PARSE_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRT_PARSE_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
-#if defined(MBEDTLS_X509_CRL_PARSE_C)
-    if( strcmp( "MBEDTLS_X509_CRL_PARSE_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRL_PARSE_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_X509_CRL_PARSE_C */
-
-#if defined(MBEDTLS_X509_CSR_PARSE_C)
-    if( strcmp( "MBEDTLS_X509_CSR_PARSE_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CSR_PARSE_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_X509_CSR_PARSE_C */
-
-#if defined(MBEDTLS_X509_CREATE_C)
-    if( strcmp( "MBEDTLS_X509_CREATE_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CREATE_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_X509_CREATE_C */
-
-#if defined(MBEDTLS_X509_CRT_WRITE_C)
-    if( strcmp( "MBEDTLS_X509_CRT_WRITE_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRT_WRITE_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_X509_CRT_WRITE_C */
-
-#if defined(MBEDTLS_X509_CSR_WRITE_C)
-    if( strcmp( "MBEDTLS_X509_CSR_WRITE_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CSR_WRITE_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_X509_CSR_WRITE_C */
-
-#if defined(MBEDTLS_XTEA_C)
-    if( strcmp( "MBEDTLS_XTEA_C", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_XTEA_C );
-        return( 0 );
-    }
-#endif /* MBEDTLS_XTEA_C */
-
-#if defined(MBEDTLS_MPI_WINDOW_SIZE)
-    if( strcmp( "MBEDTLS_MPI_WINDOW_SIZE", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_MPI_WINDOW_SIZE );
-        return( 0 );
-    }
-#endif /* MBEDTLS_MPI_WINDOW_SIZE */
-
-#if defined(MBEDTLS_MPI_MAX_SIZE)
-    if( strcmp( "MBEDTLS_MPI_MAX_SIZE", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_MPI_MAX_SIZE );
-        return( 0 );
-    }
-#endif /* MBEDTLS_MPI_MAX_SIZE */
-
-#if defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN)
-    if( strcmp( "MBEDTLS_CTR_DRBG_ENTROPY_LEN", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_ENTROPY_LEN );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CTR_DRBG_ENTROPY_LEN */
-
-#if defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL)
-    if( strcmp( "MBEDTLS_CTR_DRBG_RESEED_INTERVAL", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_RESEED_INTERVAL );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CTR_DRBG_RESEED_INTERVAL */
-
-#if defined(MBEDTLS_CTR_DRBG_MAX_INPUT)
-    if( strcmp( "MBEDTLS_CTR_DRBG_MAX_INPUT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_MAX_INPUT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CTR_DRBG_MAX_INPUT */
-
-#if defined(MBEDTLS_CTR_DRBG_MAX_REQUEST)
-    if( strcmp( "MBEDTLS_CTR_DRBG_MAX_REQUEST", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_MAX_REQUEST );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CTR_DRBG_MAX_REQUEST */
-
-#if defined(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT)
-    if( strcmp( "MBEDTLS_CTR_DRBG_MAX_SEED_INPUT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_MAX_SEED_INPUT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_CTR_DRBG_MAX_SEED_INPUT */
-
-#if defined(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL)
-    if( strcmp( "MBEDTLS_HMAC_DRBG_RESEED_INTERVAL", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_RESEED_INTERVAL );
-        return( 0 );
-    }
-#endif /* MBEDTLS_HMAC_DRBG_RESEED_INTERVAL */
-
-#if defined(MBEDTLS_HMAC_DRBG_MAX_INPUT)
-    if( strcmp( "MBEDTLS_HMAC_DRBG_MAX_INPUT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_MAX_INPUT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_HMAC_DRBG_MAX_INPUT */
-
-#if defined(MBEDTLS_HMAC_DRBG_MAX_REQUEST)
-    if( strcmp( "MBEDTLS_HMAC_DRBG_MAX_REQUEST", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_MAX_REQUEST );
-        return( 0 );
-    }
-#endif /* MBEDTLS_HMAC_DRBG_MAX_REQUEST */
-
-#if defined(MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT)
-    if( strcmp( "MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT */
-
-#if defined(MBEDTLS_ECP_MAX_BITS)
-    if( strcmp( "MBEDTLS_ECP_MAX_BITS", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_MAX_BITS );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_MAX_BITS */
-
-#if defined(MBEDTLS_ECP_WINDOW_SIZE)
-    if( strcmp( "MBEDTLS_ECP_WINDOW_SIZE", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_WINDOW_SIZE );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_WINDOW_SIZE */
-
-#if defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)
-    if( strcmp( "MBEDTLS_ECP_FIXED_POINT_OPTIM", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_FIXED_POINT_OPTIM );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */
-
-#if defined(MBEDTLS_ENTROPY_MAX_SOURCES)
-    if( strcmp( "MBEDTLS_ENTROPY_MAX_SOURCES", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_MAX_SOURCES );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ENTROPY_MAX_SOURCES */
-
-#if defined(MBEDTLS_ENTROPY_MAX_GATHER)
-    if( strcmp( "MBEDTLS_ENTROPY_MAX_GATHER", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_MAX_GATHER );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ENTROPY_MAX_GATHER */
-
-#if defined(MBEDTLS_ENTROPY_MIN_HARDWARE)
-    if( strcmp( "MBEDTLS_ENTROPY_MIN_HARDWARE", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_MIN_HARDWARE );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ENTROPY_MIN_HARDWARE */
-
-#if defined(MBEDTLS_MEMORY_ALIGN_MULTIPLE)
-    if( strcmp( "MBEDTLS_MEMORY_ALIGN_MULTIPLE", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_ALIGN_MULTIPLE );
-        return( 0 );
-    }
-#endif /* MBEDTLS_MEMORY_ALIGN_MULTIPLE */
-
-#if defined(MBEDTLS_PLATFORM_STD_MEM_HDR)
-    if( strcmp( "MBEDTLS_PLATFORM_STD_MEM_HDR", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_MEM_HDR );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_STD_MEM_HDR */
-
-#if defined(MBEDTLS_PLATFORM_STD_CALLOC)
-    if( strcmp( "MBEDTLS_PLATFORM_STD_CALLOC", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_CALLOC );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_STD_CALLOC */
-
-#if defined(MBEDTLS_PLATFORM_STD_FREE)
-    if( strcmp( "MBEDTLS_PLATFORM_STD_FREE", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_FREE );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_STD_FREE */
-
-#if defined(MBEDTLS_PLATFORM_STD_EXIT)
-    if( strcmp( "MBEDTLS_PLATFORM_STD_EXIT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_EXIT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_STD_EXIT */
-
-#if defined(MBEDTLS_PLATFORM_STD_TIME)
-    if( strcmp( "MBEDTLS_PLATFORM_STD_TIME", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_TIME );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_STD_TIME */
-
-#if defined(MBEDTLS_PLATFORM_STD_FPRINTF)
-    if( strcmp( "MBEDTLS_PLATFORM_STD_FPRINTF", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_FPRINTF );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_STD_FPRINTF */
-
-#if defined(MBEDTLS_PLATFORM_STD_PRINTF)
-    if( strcmp( "MBEDTLS_PLATFORM_STD_PRINTF", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_PRINTF );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_STD_PRINTF */
-
-#if defined(MBEDTLS_PLATFORM_STD_SNPRINTF)
-    if( strcmp( "MBEDTLS_PLATFORM_STD_SNPRINTF", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_SNPRINTF );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_STD_SNPRINTF */
-
-#if defined(MBEDTLS_PLATFORM_STD_EXIT_SUCCESS)
-    if( strcmp( "MBEDTLS_PLATFORM_STD_EXIT_SUCCESS", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_EXIT_SUCCESS );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_STD_EXIT_SUCCESS */
-
-#if defined(MBEDTLS_PLATFORM_STD_EXIT_FAILURE)
-    if( strcmp( "MBEDTLS_PLATFORM_STD_EXIT_FAILURE", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_EXIT_FAILURE );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_STD_EXIT_FAILURE */
-
-#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ)
-    if( strcmp( "MBEDTLS_PLATFORM_STD_NV_SEED_READ", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_NV_SEED_READ );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_READ */
-
-#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE)
-    if( strcmp( "MBEDTLS_PLATFORM_STD_NV_SEED_WRITE", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_NV_SEED_WRITE );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_WRITE */
-
-#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_FILE)
-    if( strcmp( "MBEDTLS_PLATFORM_STD_NV_SEED_FILE", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_NV_SEED_FILE );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_FILE */
-
-#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO)
-    if( strcmp( "MBEDTLS_PLATFORM_CALLOC_MACRO", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_CALLOC_MACRO );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_CALLOC_MACRO */
-
-#if defined(MBEDTLS_PLATFORM_FREE_MACRO)
-    if( strcmp( "MBEDTLS_PLATFORM_FREE_MACRO", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_FREE_MACRO );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_FREE_MACRO */
-
-#if defined(MBEDTLS_PLATFORM_EXIT_MACRO)
-    if( strcmp( "MBEDTLS_PLATFORM_EXIT_MACRO", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_EXIT_MACRO );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_EXIT_MACRO */
-
-#if defined(MBEDTLS_PLATFORM_TIME_MACRO)
-    if( strcmp( "MBEDTLS_PLATFORM_TIME_MACRO", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_TIME_MACRO );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_TIME_MACRO */
-
-#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO)
-    if( strcmp( "MBEDTLS_PLATFORM_TIME_TYPE_MACRO", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_TIME_TYPE_MACRO );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_TIME_TYPE_MACRO */
-
-#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO)
-    if( strcmp( "MBEDTLS_PLATFORM_FPRINTF_MACRO", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_FPRINTF_MACRO );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_FPRINTF_MACRO */
-
-#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO)
-    if( strcmp( "MBEDTLS_PLATFORM_PRINTF_MACRO", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_PRINTF_MACRO );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_PRINTF_MACRO */
-
-#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
-    if( strcmp( "MBEDTLS_PLATFORM_SNPRINTF_MACRO", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_SNPRINTF_MACRO );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_SNPRINTF_MACRO */
-
-#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO)
-    if( strcmp( "MBEDTLS_PLATFORM_VSNPRINTF_MACRO", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_VSNPRINTF_MACRO );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_VSNPRINTF_MACRO */
-
-#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO)
-    if( strcmp( "MBEDTLS_PLATFORM_NV_SEED_READ_MACRO", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NV_SEED_READ_MACRO );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_NV_SEED_READ_MACRO */
-
-#if defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO)
-    if( strcmp( "MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO */
-
-#if defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT)
-    if( strcmp( "MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT */
-
-#if defined(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES)
-    if( strcmp( "MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES */
-
-#if defined(MBEDTLS_SSL_MAX_CONTENT_LEN)
-    if( strcmp( "MBEDTLS_SSL_MAX_CONTENT_LEN", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_MAX_CONTENT_LEN );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_MAX_CONTENT_LEN */
-
-#if defined(MBEDTLS_SSL_IN_CONTENT_LEN)
-    if( strcmp( "MBEDTLS_SSL_IN_CONTENT_LEN", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_IN_CONTENT_LEN );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_IN_CONTENT_LEN */
-
-#if defined(MBEDTLS_SSL_CID_IN_LEN_MAX)
-    if( strcmp( "MBEDTLS_SSL_CID_IN_LEN_MAX", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID_IN_LEN_MAX );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_CID_IN_LEN_MAX */
-
-#if defined(MBEDTLS_SSL_CID_OUT_LEN_MAX)
-    if( strcmp( "MBEDTLS_SSL_CID_OUT_LEN_MAX", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID_OUT_LEN_MAX );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_CID_OUT_LEN_MAX */
-
-#if defined(MBEDTLS_SSL_CID_PADDING_GRANULARITY)
-    if( strcmp( "MBEDTLS_SSL_CID_PADDING_GRANULARITY", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID_PADDING_GRANULARITY );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_CID_PADDING_GRANULARITY */
-
-#if defined(MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY)
-    if( strcmp( "MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY */
-
-#if defined(MBEDTLS_SSL_OUT_CONTENT_LEN)
-    if( strcmp( "MBEDTLS_SSL_OUT_CONTENT_LEN", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_OUT_CONTENT_LEN );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_OUT_CONTENT_LEN */
-
-#if defined(MBEDTLS_SSL_DTLS_MAX_BUFFERING)
-    if( strcmp( "MBEDTLS_SSL_DTLS_MAX_BUFFERING", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_MAX_BUFFERING );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_DTLS_MAX_BUFFERING */
-
-#if defined(MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME)
-    if( strcmp( "MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME */
-
-#if defined(MBEDTLS_PSK_MAX_LEN)
-    if( strcmp( "MBEDTLS_PSK_MAX_LEN", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PSK_MAX_LEN );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PSK_MAX_LEN */
-
-#if defined(MBEDTLS_SSL_COOKIE_TIMEOUT)
-    if( strcmp( "MBEDTLS_SSL_COOKIE_TIMEOUT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_COOKIE_TIMEOUT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_SSL_COOKIE_TIMEOUT */
-
-#if defined(MBEDTLS_X509_MAX_INTERMEDIATE_CA)
-    if( strcmp( "MBEDTLS_X509_MAX_INTERMEDIATE_CA", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_MAX_INTERMEDIATE_CA );
-        return( 0 );
-    }
-#endif /* MBEDTLS_X509_MAX_INTERMEDIATE_CA */
-
-#if defined(MBEDTLS_X509_MAX_FILE_PATH_LEN)
-    if( strcmp( "MBEDTLS_X509_MAX_FILE_PATH_LEN", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_MAX_FILE_PATH_LEN );
-        return( 0 );
-    }
-#endif /* MBEDTLS_X509_MAX_FILE_PATH_LEN */
-
-#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES)
-    if( strcmp( "MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES );
-        return( 0 );
-    }
-#endif /* MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES */
-
-#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE)
-    if( strcmp( "MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE );
-        return( 0 );
-    }
-#endif /* MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE */
-
-#if defined(MBEDTLS_PLATFORM_ZEROIZE_ALT)
-    if( strcmp( "MBEDTLS_PLATFORM_ZEROIZE_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_ZEROIZE_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */
-
-#if defined(MBEDTLS_PLATFORM_GMTIME_R_ALT)
-    if( strcmp( "MBEDTLS_PLATFORM_GMTIME_R_ALT", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_GMTIME_R_ALT );
-        return( 0 );
-    }
-#endif /* MBEDTLS_PLATFORM_GMTIME_R_ALT */
-
-#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
-    if( strcmp( "MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED", config ) == 0 )
-    {
-        MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED );
-        return( 0 );
-    }
-#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */
-
-    /* If the symbol is not found, return an error */
-    return( 1 );
-}
-
-#if defined(_MSC_VER)
-#pragma warning(pop)
-#endif /* _MSC_VER */
diff --git a/3rdparty/mbedtls-2.25.0/programs/test/selftest.c b/3rdparty/mbedtls-2.25.0/programs/test/selftest.c
deleted file mode 100644
index 41d7040..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/test/selftest.c
+++ /dev/null
@@ -1,502 +0,0 @@
-/*
- *  Self-test demonstration program
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/entropy.h"
-#include "mbedtls/entropy_poll.h"
-#include "mbedtls/hmac_drbg.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/dhm.h"
-#include "mbedtls/gcm.h"
-#include "mbedtls/ccm.h"
-#include "mbedtls/cmac.h"
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
-#include "mbedtls/md5.h"
-#include "mbedtls/ripemd160.h"
-#include "mbedtls/sha1.h"
-#include "mbedtls/sha256.h"
-#include "mbedtls/sha512.h"
-#include "mbedtls/arc4.h"
-#include "mbedtls/des.h"
-#include "mbedtls/aes.h"
-#include "mbedtls/camellia.h"
-#include "mbedtls/aria.h"
-#include "mbedtls/chacha20.h"
-#include "mbedtls/poly1305.h"
-#include "mbedtls/chachapoly.h"
-#include "mbedtls/base64.h"
-#include "mbedtls/bignum.h"
-#include "mbedtls/rsa.h"
-#include "mbedtls/x509.h"
-#include "mbedtls/xtea.h"
-#include "mbedtls/pkcs5.h"
-#include "mbedtls/ecp.h"
-#include "mbedtls/ecjpake.h"
-#include "mbedtls/timing.h"
-#include "mbedtls/nist_kw.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_calloc     calloc
-#define mbedtls_free       free
-#define mbedtls_printf     printf
-#define mbedtls_snprintf   snprintf
-#define mbedtls_exit       exit
-#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
-#endif
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-#include "mbedtls/memory_buffer_alloc.h"
-#endif
-
-
-#if defined MBEDTLS_SELF_TEST
-/* Sanity check for malloc. This is not expected to fail, and is rather
- * intended to display potentially useful information about the platform,
- * in particular the behavior of malloc(0). */
-static int calloc_self_test( int verbose )
-{
-    int failures = 0;
-    void *empty1 = mbedtls_calloc( 0, 1 );
-    void *empty2 = mbedtls_calloc( 0, 1 );
-    void *buffer1 = mbedtls_calloc( 1, 1 );
-    void *buffer2 = mbedtls_calloc( 1, 1 );
-    uintptr_t old_buffer1;
-
-    if( empty1 == NULL && empty2 == NULL )
-    {
-        if( verbose )
-            mbedtls_printf( "  CALLOC(0): passed (NULL)\n" );
-    }
-    else if( empty1 == NULL || empty2 == NULL )
-    {
-        if( verbose )
-            mbedtls_printf( "  CALLOC(0): failed (mix of NULL and non-NULL)\n" );
-        ++failures;
-    }
-    else if( empty1 == empty2 )
-    {
-        if( verbose )
-            mbedtls_printf( "  CALLOC(0): passed (same non-null)\n" );
-    }
-    else
-    {
-        if( verbose )
-            mbedtls_printf( "  CALLOC(0): passed (distinct non-null)\n" );
-    }
-
-    if( buffer1 == NULL || buffer2 == NULL )
-    {
-        if( verbose )
-            mbedtls_printf( "  CALLOC(1): failed (NULL)\n" );
-        ++failures;
-    }
-    else if( buffer1 == buffer2 )
-    {
-        if( verbose )
-            mbedtls_printf( "  CALLOC(1): failed (same buffer twice)\n" );
-        ++failures;
-    }
-    else
-    {
-        if( verbose )
-            mbedtls_printf( "  CALLOC(1): passed\n" );
-    }
-
-    old_buffer1 = (uintptr_t) buffer1;
-    mbedtls_free( buffer1 );
-    buffer1 = mbedtls_calloc( 1, 1 );
-    if( buffer1 == NULL )
-    {
-        if( verbose )
-            mbedtls_printf( "  CALLOC(1 again): failed (NULL)\n" );
-        ++failures;
-    }
-    else
-    {
-        if( verbose )
-            mbedtls_printf( "  CALLOC(1 again): passed (%s address)\n",
-                            (uintptr_t) old_buffer1 == (uintptr_t) buffer1 ?
-                            "same" : "different" );
-    }
-
-    if( verbose )
-        mbedtls_printf( "\n" );
-    mbedtls_free( empty1 );
-    mbedtls_free( empty2 );
-    mbedtls_free( buffer1 );
-    mbedtls_free( buffer2 );
-    return( failures );
-}
-#endif /* MBEDTLS_SELF_TEST */
-
-static int test_snprintf( size_t n, const char *ref_buf, int ref_ret )
-{
-    int ret;
-    char buf[10] = "xxxxxxxxx";
-    const char ref[10] = "xxxxxxxxx";
-
-    ret = mbedtls_snprintf( buf, n, "%s", "123" );
-    if( ret < 0 || (size_t) ret >= n )
-        ret = -1;
-
-    if( strncmp( ref_buf, buf, sizeof( buf ) ) != 0 ||
-        ref_ret != ret ||
-        memcmp( buf + n, ref + n, sizeof( buf ) - n ) != 0 )
-    {
-        return( 1 );
-    }
-
-    return( 0 );
-}
-
-static int run_test_snprintf( void )
-{
-    return( test_snprintf( 0, "xxxxxxxxx",  -1 ) != 0 ||
-            test_snprintf( 1, "",           -1 ) != 0 ||
-            test_snprintf( 2, "1",          -1 ) != 0 ||
-            test_snprintf( 3, "12",         -1 ) != 0 ||
-            test_snprintf( 4, "123",         3 ) != 0 ||
-            test_snprintf( 5, "123",         3 ) != 0 );
-}
-
-/*
- * Check if a seed file is present, and if not create one for the entropy
- * self-test. If this fails, we attempt the test anyway, so no error is passed
- * back.
- */
-#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_ENTROPY_C)
-#if defined(MBEDTLS_ENTROPY_NV_SEED) && !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
-static void create_entropy_seed_file( void )
-{
-    int result;
-    size_t output_len = 0;
-    unsigned char seed_value[MBEDTLS_ENTROPY_BLOCK_SIZE];
-
-    /* Attempt to read the entropy seed file. If this fails - attempt to write
-     * to the file to ensure one is present. */
-    result = mbedtls_platform_std_nv_seed_read( seed_value,
-                                                    MBEDTLS_ENTROPY_BLOCK_SIZE );
-    if( 0 == result )
-        return;
-
-    result = mbedtls_platform_entropy_poll( NULL,
-                                            seed_value,
-                                            MBEDTLS_ENTROPY_BLOCK_SIZE,
-                                            &output_len );
-    if( 0 != result )
-        return;
-
-    if( MBEDTLS_ENTROPY_BLOCK_SIZE != output_len )
-        return;
-
-    mbedtls_platform_std_nv_seed_write( seed_value, MBEDTLS_ENTROPY_BLOCK_SIZE );
-}
-#endif
-
-int mbedtls_entropy_self_test_wrapper( int verbose )
-{
-#if defined(MBEDTLS_ENTROPY_NV_SEED) && !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
-    create_entropy_seed_file( );
-#endif
-    return( mbedtls_entropy_self_test( verbose ) );
-}
-#endif
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-int mbedtls_memory_buffer_alloc_free_and_self_test( int verbose )
-{
-    if( verbose != 0 )
-    {
-#if defined(MBEDTLS_MEMORY_DEBUG)
-        mbedtls_memory_buffer_alloc_status( );
-#endif
-    }
-    mbedtls_memory_buffer_alloc_free( );
-    return( mbedtls_memory_buffer_alloc_self_test( verbose ) );
-}
-#endif
-
-typedef struct
-{
-    const char *name;
-    int ( *function )( int );
-} selftest_t;
-
-const selftest_t selftests[] =
-{
-    {"calloc", calloc_self_test},
-#if defined(MBEDTLS_MD2_C)
-    {"md2", mbedtls_md2_self_test},
-#endif
-#if defined(MBEDTLS_MD4_C)
-    {"md4", mbedtls_md4_self_test},
-#endif
-#if defined(MBEDTLS_MD5_C)
-    {"md5", mbedtls_md5_self_test},
-#endif
-#if defined(MBEDTLS_RIPEMD160_C)
-    {"ripemd160", mbedtls_ripemd160_self_test},
-#endif
-#if defined(MBEDTLS_SHA1_C)
-    {"sha1", mbedtls_sha1_self_test},
-#endif
-#if defined(MBEDTLS_SHA256_C)
-    {"sha256", mbedtls_sha256_self_test},
-#endif
-#if defined(MBEDTLS_SHA512_C)
-    {"sha512", mbedtls_sha512_self_test},
-#endif
-#if defined(MBEDTLS_ARC4_C)
-    {"arc4", mbedtls_arc4_self_test},
-#endif
-#if defined(MBEDTLS_DES_C)
-    {"des", mbedtls_des_self_test},
-#endif
-#if defined(MBEDTLS_AES_C)
-    {"aes", mbedtls_aes_self_test},
-#endif
-#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)
-    {"gcm", mbedtls_gcm_self_test},
-#endif
-#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)
-    {"ccm", mbedtls_ccm_self_test},
-#endif
-#if defined(MBEDTLS_NIST_KW_C) && defined(MBEDTLS_AES_C)
-    {"nist_kw", mbedtls_nist_kw_self_test},
-#endif
-#if defined(MBEDTLS_CMAC_C)
-    {"cmac", mbedtls_cmac_self_test},
-#endif
-#if defined(MBEDTLS_CHACHA20_C)
-    {"chacha20", mbedtls_chacha20_self_test},
-#endif
-#if defined(MBEDTLS_POLY1305_C)
-    {"poly1305", mbedtls_poly1305_self_test},
-#endif
-#if defined(MBEDTLS_CHACHAPOLY_C)
-    {"chacha20-poly1305", mbedtls_chachapoly_self_test},
-#endif
-#if defined(MBEDTLS_BASE64_C)
-    {"base64", mbedtls_base64_self_test},
-#endif
-#if defined(MBEDTLS_BIGNUM_C)
-    {"mpi", mbedtls_mpi_self_test},
-#endif
-#if defined(MBEDTLS_RSA_C)
-    {"rsa", mbedtls_rsa_self_test},
-#endif
-#if defined(MBEDTLS_X509_USE_C)
-    {"x509", mbedtls_x509_self_test},
-#endif
-#if defined(MBEDTLS_XTEA_C)
-    {"xtea", mbedtls_xtea_self_test},
-#endif
-#if defined(MBEDTLS_CAMELLIA_C)
-    {"camellia", mbedtls_camellia_self_test},
-#endif
-#if defined(MBEDTLS_ARIA_C)
-    {"aria", mbedtls_aria_self_test},
-#endif
-#if defined(MBEDTLS_CTR_DRBG_C)
-    {"ctr_drbg", mbedtls_ctr_drbg_self_test},
-#endif
-#if defined(MBEDTLS_HMAC_DRBG_C)
-    {"hmac_drbg", mbedtls_hmac_drbg_self_test},
-#endif
-#if defined(MBEDTLS_ECP_C)
-    {"ecp", mbedtls_ecp_self_test},
-#endif
-#if defined(MBEDTLS_ECJPAKE_C)
-    {"ecjpake", mbedtls_ecjpake_self_test},
-#endif
-#if defined(MBEDTLS_DHM_C)
-    {"dhm", mbedtls_dhm_self_test},
-#endif
-#if defined(MBEDTLS_ENTROPY_C)
-    {"entropy", mbedtls_entropy_self_test_wrapper},
-#endif
-#if defined(MBEDTLS_PKCS5_C)
-    {"pkcs5", mbedtls_pkcs5_self_test},
-#endif
-/* Slower test after the faster ones */
-#if defined(MBEDTLS_TIMING_C)
-    {"timing", mbedtls_timing_self_test},
-#endif
-/* Heap test comes last */
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-    {"memory_buffer_alloc", mbedtls_memory_buffer_alloc_free_and_self_test},
-#endif
-    {NULL, NULL}
-};
-#endif /* MBEDTLS_SELF_TEST */
-
-int main( int argc, char *argv[] )
-{
-#if defined(MBEDTLS_SELF_TEST)
-    const selftest_t *test;
-#endif /* MBEDTLS_SELF_TEST */
-    char **argp;
-    int v = 1; /* v=1 for verbose mode */
-    int exclude_mode = 0;
-    int suites_tested = 0, suites_failed = 0;
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && defined(MBEDTLS_SELF_TEST)
-    unsigned char buf[1000000];
-#endif
-    void *pointer;
-
-    /*
-     * The C standard doesn't guarantee that all-bits-0 is the representation
-     * of a NULL pointer. We do however use that in our code for initializing
-     * structures, which should work on every modern platform. Let's be sure.
-     */
-    memset( &pointer, 0, sizeof( void * ) );
-    if( pointer != NULL )
-    {
-        mbedtls_printf( "all-bits-zero is not a NULL pointer\n" );
-        mbedtls_exit( MBEDTLS_EXIT_FAILURE );
-    }
-
-    /*
-     * Make sure we have a snprintf that correctly zero-terminates
-     */
-    if( run_test_snprintf() != 0 )
-    {
-        mbedtls_printf( "the snprintf implementation is broken\n" );
-        mbedtls_exit( MBEDTLS_EXIT_FAILURE );
-    }
-
-    for( argp = argv + ( argc >= 1 ? 1 : argc ); *argp != NULL; ++argp )
-    {
-        if( strcmp( *argp, "--quiet" ) == 0 ||
-            strcmp( *argp, "-q" ) == 0 )
-        {
-            v = 0;
-        }
-        else if( strcmp( *argp, "--exclude" ) == 0 ||
-                 strcmp( *argp, "-x" ) == 0 )
-        {
-            exclude_mode = 1;
-        }
-        else
-            break;
-    }
-
-    if( v != 0 )
-        mbedtls_printf( "\n" );
-
-#if defined(MBEDTLS_SELF_TEST)
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-    mbedtls_memory_buffer_alloc_init( buf, sizeof(buf) );
-#endif
-
-    if( *argp != NULL && exclude_mode == 0 )
-    {
-        /* Run the specified tests */
-        for( ; *argp != NULL; argp++ )
-        {
-            for( test = selftests; test->name != NULL; test++ )
-            {
-                if( !strcmp( *argp, test->name ) )
-                {
-                    if( test->function( v )  != 0 )
-                    {
-                        suites_failed++;
-                    }
-                    suites_tested++;
-                    break;
-                }
-            }
-            if( test->name == NULL )
-            {
-                mbedtls_printf( "  Test suite %s not available -> failed\n\n", *argp );
-                suites_failed++;
-            }
-        }
-    }
-    else
-    {
-        /* Run all the tests except excluded ones */
-        for( test = selftests; test->name != NULL; test++ )
-        {
-            if( exclude_mode )
-            {
-                char **excluded;
-                for( excluded = argp; *excluded != NULL; ++excluded )
-                {
-                    if( !strcmp( *excluded, test->name ) )
-                        break;
-                }
-                if( *excluded )
-                {
-                    if( v )
-                        mbedtls_printf( "  Skip: %s\n", test->name );
-                    continue;
-                }
-            }
-            if( test->function( v )  != 0 )
-            {
-                suites_failed++;
-            }
-            suites_tested++;
-        }
-    }
-
-#else
-    (void) exclude_mode;
-    mbedtls_printf( " MBEDTLS_SELF_TEST not defined.\n" );
-#endif
-
-    if( v != 0 )
-    {
-        mbedtls_printf( "  Executed %d test suites\n\n", suites_tested );
-
-        if( suites_failed > 0)
-        {
-            mbedtls_printf( "  [ %d tests FAIL ]\n\n", suites_failed );
-        }
-        else
-        {
-            mbedtls_printf( "  [ All tests PASS ]\n\n" );
-        }
-#if defined(_WIN32)
-        mbedtls_printf( "  Press Enter to exit this program.\n" );
-        fflush( stdout ); getchar();
-#endif
-    }
-
-    if( suites_failed > 0)
-        mbedtls_exit( MBEDTLS_EXIT_FAILURE );
-
-    mbedtls_exit( MBEDTLS_EXIT_SUCCESS );
-}
diff --git a/3rdparty/mbedtls-2.25.0/programs/test/udp_proxy.c b/3rdparty/mbedtls-2.25.0/programs/test/udp_proxy.c
deleted file mode 100644
index 0b1bfd7..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/test/udp_proxy.c
+++ /dev/null
@@ -1,1024 +0,0 @@
-/*
- *  UDP proxy: emulate an unreliable UDP connexion for DTLS testing
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- * Warning: this is an internal utility program we use for tests.
- * It does break some abstractions from the NET layer, and is thus NOT an
- * example of good general usage.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#include <time.h>
-#define mbedtls_time            time
-#define mbedtls_time_t          time_t
-#define mbedtls_printf          printf
-#define mbedtls_calloc          calloc
-#define mbedtls_free            free
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if !defined(MBEDTLS_NET_C)
-int main( void )
-{
-    mbedtls_printf( "MBEDTLS_NET_C not defined.\n" );
-    mbedtls_exit( 0 );
-}
-#else
-
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/error.h"
-#include "mbedtls/ssl.h"
-#include "mbedtls/timing.h"
-
-#include <string.h>
-
-/* For select() */
-#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
-    !defined(EFI32)
-#include <winsock2.h>
-#include <windows.h>
-#if defined(_MSC_VER)
-#if defined(_WIN32_WCE)
-#pragma comment( lib, "ws2.lib" )
-#else
-#pragma comment( lib, "ws2_32.lib" )
-#endif
-#endif /* _MSC_VER */
-#else /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
-#include <sys/time.h>
-#include <sys/types.h>
-#include <unistd.h>
-#endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
-
-#define MAX_MSG_SIZE            16384 + 2048 /* max record/datagram size */
-
-#define DFL_SERVER_ADDR         "localhost"
-#define DFL_SERVER_PORT         "4433"
-#define DFL_LISTEN_ADDR         "localhost"
-#define DFL_LISTEN_PORT         "5556"
-#define DFL_PACK                0
-
-#if defined(MBEDTLS_TIMING_C)
-#define USAGE_PACK                                                          \
-    "    pack=%%d             default: 0     (don't pack)\n"                \
-    "                         options: t > 0 (pack for t milliseconds)\n"
-#else
-#define USAGE_PACK
-#endif
-
-#define USAGE                                                               \
-    "\n usage: udp_proxy param=<>...\n"                                     \
-    "\n acceptable parameters:\n"                                           \
-    "    server_addr=%%s      default: localhost\n"                         \
-    "    server_port=%%d      default: 4433\n"                              \
-    "    listen_addr=%%s      default: localhost\n"                         \
-    "    listen_port=%%d      default: 4433\n"                              \
-    "\n"                                                                    \
-    "    duplicate=%%d        default: 0 (no duplication)\n"                \
-    "                        duplicate about 1:N packets randomly\n"        \
-    "    delay=%%d            default: 0 (no delayed packets)\n"            \
-    "                        delay about 1:N packets randomly\n"            \
-    "    delay_ccs=0/1       default: 0 (don't delay ChangeCipherSpec)\n"   \
-    "    delay_cli=%%s        Handshake message from client that should be\n"\
-    "                        delayed. Possible values are 'ClientHello',\n" \
-    "                        'Certificate', 'CertificateVerify', and\n"     \
-    "                        'ClientKeyExchange'.\n"                        \
-    "                        May be used multiple times, even for the same\n"\
-    "                        message, in which case the respective message\n"\
-    "                        gets delayed multiple times.\n"                 \
-    "    delay_srv=%%s        Handshake message from server that should be\n"\
-    "                        delayed. Possible values are 'HelloRequest',\n"\
-    "                        'ServerHello', 'ServerHelloDone', 'Certificate'\n"\
-    "                        'ServerKeyExchange', 'NewSessionTicket',\n"\
-    "                        'HelloVerifyRequest' and ''CertificateRequest'.\n"\
-    "                        May be used multiple times, even for the same\n"\
-    "                        message, in which case the respective message\n"\
-    "                        gets delayed multiple times.\n"                 \
-    "    drop=%%d             default: 0 (no dropped packets)\n"            \
-    "                        drop about 1:N packets randomly\n"             \
-    "    mtu=%%d              default: 0 (unlimited)\n"                     \
-    "                        drop packets larger than N bytes\n"            \
-    "    bad_ad=0/1          default: 0 (don't add bad ApplicationData)\n"  \
-    "    bad_cid=%%d          default: 0 (don't corrupt Connection IDs)\n"   \
-    "                        duplicate 1:N packets containing a CID,\n" \
-    "                        modifying CID in first instance of the packet.\n" \
-    "    protect_hvr=0/1     default: 0 (don't protect HelloVerifyRequest)\n" \
-    "    protect_len=%%d      default: (don't protect packets of this size)\n" \
-    "    inject_clihlo=0/1   default: 0 (don't inject fake ClientHello)\n"  \
-    "\n"                                                                    \
-    "    seed=%%d             default: (use current time)\n"                \
-    USAGE_PACK                                                              \
-    "\n"
-
-/*
- * global options
- */
-
-#define MAX_DELAYED_HS 10
-
-static struct options
-{
-    const char *server_addr;    /* address to forward packets to            */
-    const char *server_port;    /* port to forward packets to               */
-    const char *listen_addr;    /* address for accepting client connections */
-    const char *listen_port;    /* port for accepting client connections    */
-
-    int duplicate;              /* duplicate 1 in N packets (none if 0)     */
-    int delay;                  /* delay 1 packet in N (none if 0)          */
-    int delay_ccs;              /* delay ChangeCipherSpec                   */
-    char* delay_cli[MAX_DELAYED_HS];  /* handshake types of messages from
-                                       * client that should be delayed.     */
-    uint8_t delay_cli_cnt;      /* Number of entries in delay_cli.          */
-    char* delay_srv[MAX_DELAYED_HS];  /* handshake types of messages from
-                                       * server that should be delayed.     */
-    uint8_t delay_srv_cnt;      /* Number of entries in delay_srv.          */
-    int drop;                   /* drop 1 packet in N (none if 0)           */
-    int mtu;                    /* drop packets larger than this            */
-    int bad_ad;                 /* inject corrupted ApplicationData record  */
-    unsigned bad_cid;           /* inject corrupted CID record              */
-    int protect_hvr;            /* never drop or delay HelloVerifyRequest   */
-    int protect_len;            /* never drop/delay packet of the given size*/
-    int inject_clihlo;          /* inject fake ClientHello after handshake  */
-    unsigned pack;              /* merge packets into single datagram for
-                                 * at most \c merge milliseconds if > 0     */
-    unsigned int seed;          /* seed for "random" events                 */
-} opt;
-
-static void exit_usage( const char *name, const char *value )
-{
-    if( value == NULL )
-        mbedtls_printf( " unknown option or missing value: %s\n", name );
-    else
-        mbedtls_printf( " option %s: illegal value: %s\n", name, value );
-
-    mbedtls_printf( USAGE );
-    mbedtls_exit( 1 );
-}
-
-static void get_options( int argc, char *argv[] )
-{
-    int i;
-    char *p, *q;
-
-    opt.server_addr    = DFL_SERVER_ADDR;
-    opt.server_port    = DFL_SERVER_PORT;
-    opt.listen_addr    = DFL_LISTEN_ADDR;
-    opt.listen_port    = DFL_LISTEN_PORT;
-    opt.pack           = DFL_PACK;
-    /* Other members default to 0 */
-
-    opt.delay_cli_cnt = 0;
-    opt.delay_srv_cnt = 0;
-    memset( opt.delay_cli, 0, sizeof( opt.delay_cli ) );
-    memset( opt.delay_srv, 0, sizeof( opt.delay_srv ) );
-
-    for( i = 1; i < argc; i++ )
-    {
-        p = argv[i];
-        if( ( q = strchr( p, '=' ) ) == NULL )
-            exit_usage( p, NULL );
-        *q++ = '\0';
-
-        if( strcmp( p, "server_addr" ) == 0 )
-            opt.server_addr = q;
-        else if( strcmp( p, "server_port" ) == 0 )
-            opt.server_port = q;
-        else if( strcmp( p, "listen_addr" ) == 0 )
-            opt.listen_addr = q;
-        else if( strcmp( p, "listen_port" ) == 0 )
-            opt.listen_port = q;
-        else if( strcmp( p, "duplicate" ) == 0 )
-        {
-            opt.duplicate = atoi( q );
-            if( opt.duplicate < 0 || opt.duplicate > 20 )
-                exit_usage( p, q );
-        }
-        else if( strcmp( p, "delay" ) == 0 )
-        {
-            opt.delay = atoi( q );
-            if( opt.delay < 0 || opt.delay > 20 || opt.delay == 1 )
-                exit_usage( p, q );
-        }
-        else if( strcmp( p, "delay_ccs" ) == 0 )
-        {
-            opt.delay_ccs = atoi( q );
-            if( opt.delay_ccs < 0 || opt.delay_ccs > 1 )
-                exit_usage( p, q );
-        }
-        else if( strcmp( p, "delay_cli" ) == 0 ||
-                 strcmp( p, "delay_srv" ) == 0 )
-        {
-            uint8_t *delay_cnt;
-            char **delay_list;
-            size_t len;
-            char *buf;
-
-            if( strcmp( p, "delay_cli" ) == 0 )
-            {
-                delay_cnt  = &opt.delay_cli_cnt;
-                delay_list = opt.delay_cli;
-            }
-            else
-            {
-                delay_cnt  = &opt.delay_srv_cnt;
-                delay_list = opt.delay_srv;
-            }
-
-            if( *delay_cnt == MAX_DELAYED_HS )
-            {
-                mbedtls_printf( " too many uses of %s: only %d allowed\n",
-                                p, MAX_DELAYED_HS );
-                exit_usage( p, NULL );
-            }
-
-            len = strlen( q );
-            buf = mbedtls_calloc( 1, len + 1 );
-            if( buf == NULL )
-            {
-                mbedtls_printf( " Allocation failure\n" );
-                exit( 1 );
-            }
-            memcpy( buf, q, len + 1 );
-
-            delay_list[ (*delay_cnt)++ ] = buf;
-        }
-        else if( strcmp( p, "drop" ) == 0 )
-        {
-            opt.drop = atoi( q );
-            if( opt.drop < 0 || opt.drop > 20 || opt.drop == 1 )
-                exit_usage( p, q );
-        }
-        else if( strcmp( p, "pack" ) == 0 )
-        {
-#if defined(MBEDTLS_TIMING_C)
-            opt.pack = (unsigned) atoi( q );
-#else
-            mbedtls_printf( " option pack only defined if MBEDTLS_TIMING_C is enabled\n" );
-            exit( 1 );
-#endif
-        }
-        else if( strcmp( p, "mtu" ) == 0 )
-        {
-            opt.mtu = atoi( q );
-            if( opt.mtu < 0 || opt.mtu > MAX_MSG_SIZE )
-                exit_usage( p, q );
-        }
-        else if( strcmp( p, "bad_ad" ) == 0 )
-        {
-            opt.bad_ad = atoi( q );
-            if( opt.bad_ad < 0 || opt.bad_ad > 1 )
-                exit_usage( p, q );
-        }
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-        else if( strcmp( p, "bad_cid" ) == 0 )
-        {
-            opt.bad_cid = (unsigned) atoi( q );
-        }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-        else if( strcmp( p, "protect_hvr" ) == 0 )
-        {
-            opt.protect_hvr = atoi( q );
-            if( opt.protect_hvr < 0 || opt.protect_hvr > 1 )
-                exit_usage( p, q );
-        }
-        else if( strcmp( p, "protect_len" ) == 0 )
-        {
-            opt.protect_len = atoi( q );
-            if( opt.protect_len < 0 )
-                exit_usage( p, q );
-        }
-        else if( strcmp( p, "inject_clihlo" ) == 0 )
-        {
-            opt.inject_clihlo = atoi( q );
-            if( opt.inject_clihlo < 0 || opt.inject_clihlo > 1 )
-                exit_usage( p, q );
-        }
-        else if( strcmp( p, "seed" ) == 0 )
-        {
-            opt.seed = atoi( q );
-            if( opt.seed == 0 )
-                exit_usage( p, q );
-        }
-        else
-            exit_usage( p, NULL );
-    }
-}
-
-static const char *msg_type( unsigned char *msg, size_t len )
-{
-    if( len < 1 )                           return( "Invalid" );
-    switch( msg[0] )
-    {
-        case MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC:    return( "ChangeCipherSpec" );
-        case MBEDTLS_SSL_MSG_ALERT:                 return( "Alert" );
-        case MBEDTLS_SSL_MSG_APPLICATION_DATA:      return( "ApplicationData" );
-        case MBEDTLS_SSL_MSG_CID:                   return( "CID" );
-        case MBEDTLS_SSL_MSG_HANDSHAKE:             break; /* See below */
-        default:                            return( "Unknown" );
-    }
-
-    if( len < 13 + 12 )                     return( "Invalid handshake" );
-
-    /*
-     * Our handshake message are less than 2^16 bytes long, so they should
-     * have 0 as the first byte of length, frag_offset and frag_length.
-     * Otherwise, assume they are encrypted.
-     */
-    if( msg[14] || msg[19] || msg[22] )     return( "Encrypted handshake" );
-
-    switch( msg[13] )
-    {
-        case MBEDTLS_SSL_HS_HELLO_REQUEST:          return( "HelloRequest" );
-        case MBEDTLS_SSL_HS_CLIENT_HELLO:           return( "ClientHello" );
-        case MBEDTLS_SSL_HS_SERVER_HELLO:           return( "ServerHello" );
-        case MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST:   return( "HelloVerifyRequest" );
-        case MBEDTLS_SSL_HS_NEW_SESSION_TICKET:     return( "NewSessionTicket" );
-        case MBEDTLS_SSL_HS_CERTIFICATE:            return( "Certificate" );
-        case MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE:    return( "ServerKeyExchange" );
-        case MBEDTLS_SSL_HS_CERTIFICATE_REQUEST:    return( "CertificateRequest" );
-        case MBEDTLS_SSL_HS_SERVER_HELLO_DONE:      return( "ServerHelloDone" );
-        case MBEDTLS_SSL_HS_CERTIFICATE_VERIFY:     return( "CertificateVerify" );
-        case MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE:    return( "ClientKeyExchange" );
-        case MBEDTLS_SSL_HS_FINISHED:               return( "Finished" );
-        default:                            return( "Unknown handshake" );
-    }
-}
-
-#if defined(MBEDTLS_TIMING_C)
-/* Return elapsed time in milliseconds since the first call */
-static unsigned ellapsed_time( void )
-{
-    static int initialized = 0;
-    static struct mbedtls_timing_hr_time hires;
-
-    if( initialized == 0 )
-    {
-        (void) mbedtls_timing_get_timer( &hires, 1 );
-        initialized = 1;
-        return( 0 );
-    }
-
-    return( mbedtls_timing_get_timer( &hires, 0 ) );
-}
-
-typedef struct
-{
-    mbedtls_net_context *ctx;
-
-    const char *description;
-
-    unsigned packet_lifetime;
-    unsigned num_datagrams;
-
-    unsigned char data[MAX_MSG_SIZE];
-    size_t len;
-
-} ctx_buffer;
-
-static ctx_buffer outbuf[2];
-
-static int ctx_buffer_flush( ctx_buffer *buf )
-{
-    int ret;
-
-    mbedtls_printf( "  %05u flush    %s: %u bytes, %u datagrams, last %u ms\n",
-                    ellapsed_time(), buf->description,
-                    (unsigned) buf->len, buf->num_datagrams,
-                    ellapsed_time() - buf->packet_lifetime );
-
-    ret = mbedtls_net_send( buf->ctx, buf->data, buf->len );
-
-    buf->len           = 0;
-    buf->num_datagrams = 0;
-
-    return( ret );
-}
-
-static unsigned ctx_buffer_time_remaining( ctx_buffer *buf )
-{
-    unsigned const cur_time = ellapsed_time();
-
-    if( buf->num_datagrams == 0 )
-        return( (unsigned) -1 );
-
-    if( cur_time - buf->packet_lifetime >= opt.pack )
-        return( 0 );
-
-    return( opt.pack - ( cur_time - buf->packet_lifetime ) );
-}
-
-static int ctx_buffer_append( ctx_buffer *buf,
-                              const unsigned char * data,
-                              size_t len )
-{
-    int ret;
-
-    if( len > (size_t) INT_MAX )
-        return( -1 );
-
-    if( len > sizeof( buf->data ) )
-    {
-        mbedtls_printf( "  ! buffer size %u too large (max %u)\n",
-                        (unsigned) len, (unsigned) sizeof( buf->data ) );
-        return( -1 );
-    }
-
-    if( sizeof( buf->data ) - buf->len < len )
-    {
-        if( ( ret = ctx_buffer_flush( buf ) ) <= 0 )
-        {
-            mbedtls_printf( "ctx_buffer_flush failed with -%#04x", (unsigned int) -ret );
-            return( ret );
-        }
-    }
-
-    memcpy( buf->data + buf->len, data, len );
-
-    buf->len += len;
-    if( ++buf->num_datagrams == 1 )
-        buf->packet_lifetime = ellapsed_time();
-
-    return( (int) len );
-}
-#endif /* MBEDTLS_TIMING_C */
-
-static int dispatch_data( mbedtls_net_context *ctx,
-                          const unsigned char * data,
-                          size_t len )
-{
-    int ret;
-#if defined(MBEDTLS_TIMING_C)
-    ctx_buffer *buf = NULL;
-    if( opt.pack > 0 )
-    {
-        if( outbuf[0].ctx == ctx )
-            buf = &outbuf[0];
-        else if( outbuf[1].ctx == ctx )
-            buf = &outbuf[1];
-
-        if( buf == NULL )
-            return( -1 );
-
-        return( ctx_buffer_append( buf, data, len ) );
-    }
-#endif /* MBEDTLS_TIMING_C */
-
-    ret = mbedtls_net_send( ctx, data, len );
-    if( ret < 0 )
-    {
-        mbedtls_printf( "net_send returned -%#04x\n", (unsigned int) -ret );
-    }
-    return( ret );
-}
-
-typedef struct
-{
-    mbedtls_net_context *dst;
-    const char *way;
-    const char *type;
-    unsigned len;
-    unsigned char buf[MAX_MSG_SIZE];
-} packet;
-
-/* Print packet. Outgoing packets come with a reason (forward, dupl, etc.) */
-void print_packet( const packet *p, const char *why )
-{
-#if defined(MBEDTLS_TIMING_C)
-    if( why == NULL )
-        mbedtls_printf( "  %05u dispatch %s %s (%u bytes)\n",
-                ellapsed_time(), p->way, p->type, p->len );
-    else
-        mbedtls_printf( "  %05u dispatch %s %s (%u bytes): %s\n",
-                ellapsed_time(), p->way, p->type, p->len, why );
-#else
-    if( why == NULL )
-        mbedtls_printf( "        dispatch %s %s (%u bytes)\n",
-                p->way, p->type, p->len );
-    else
-        mbedtls_printf( "        dispatch %s %s (%u bytes): %s\n",
-                p->way, p->type, p->len, why );
-#endif
-
-    fflush( stdout );
-}
-
-/*
- * In order to test the server's behaviour when receiving a ClientHello after
- * the connection is established (this could be a hard reset from the client,
- * but the server must not drop the existing connection before establishing
- * client reachability, see RFC 6347 Section 4.2.8), we memorize the first
- * ClientHello we see (which can't have a cookie), then replay it after the
- * first ApplicationData record - then we're done.
- *
- * This is controlled by the inject_clihlo option.
- *
- * We want an explicit state and a place to store the packet.
- */
-typedef enum {
-    ICH_INIT,       /* haven't seen the first ClientHello yet */
-    ICH_CACHED,     /* cached the initial ClientHello */
-    ICH_INJECTED,   /* ClientHello already injected, done */
-} inject_clihlo_state_t;
-
-static inject_clihlo_state_t inject_clihlo_state;
-static packet initial_clihlo;
-
-int send_packet( const packet *p, const char *why )
-{
-    int ret;
-    mbedtls_net_context *dst = p->dst;
-
-    /* save initial ClientHello? */
-    if( opt.inject_clihlo != 0 &&
-        inject_clihlo_state == ICH_INIT &&
-        strcmp( p->type, "ClientHello" ) == 0 )
-    {
-        memcpy( &initial_clihlo, p, sizeof( packet ) );
-        inject_clihlo_state = ICH_CACHED;
-    }
-
-    /* insert corrupted CID record? */
-    if( opt.bad_cid != 0 &&
-        strcmp( p->type, "CID" ) == 0 &&
-        ( rand() % opt.bad_cid ) == 0 )
-    {
-        unsigned char buf[MAX_MSG_SIZE];
-        memcpy( buf, p->buf, p->len );
-
-        /* The CID resides at offset 11 in the DTLS record header. */
-        buf[11] ^= 1;
-        print_packet( p, "modified CID" );
-
-        if( ( ret = dispatch_data( dst, buf, p->len ) ) <= 0 )
-        {
-            mbedtls_printf( "  ! dispatch returned %d\n", ret );
-            return( ret );
-        }
-    }
-
-    /* insert corrupted ApplicationData record? */
-    if( opt.bad_ad &&
-        strcmp( p->type, "ApplicationData" ) == 0 )
-    {
-        unsigned char buf[MAX_MSG_SIZE];
-        memcpy( buf, p->buf, p->len );
-
-        if( p->len <= 13 )
-        {
-            mbedtls_printf( "  ! can't corrupt empty AD record" );
-        }
-        else
-        {
-            ++buf[13];
-            print_packet( p, "corrupted" );
-        }
-
-        if( ( ret = dispatch_data( dst, buf, p->len ) ) <= 0 )
-        {
-            mbedtls_printf( "  ! dispatch returned %d\n", ret );
-            return( ret );
-        }
-    }
-
-    print_packet( p, why );
-    if( ( ret = dispatch_data( dst, p->buf, p->len ) ) <= 0 )
-    {
-        mbedtls_printf( "  ! dispatch returned %d\n", ret );
-        return( ret );
-    }
-
-    /* Don't duplicate Application Data, only handshake covered */
-    if( opt.duplicate != 0 &&
-        strcmp( p->type, "ApplicationData" ) != 0 &&
-        rand() % opt.duplicate == 0 )
-    {
-        print_packet( p, "duplicated" );
-
-        if( ( ret = dispatch_data( dst, p->buf, p->len ) ) <= 0 )
-        {
-            mbedtls_printf( "  ! dispatch returned %d\n", ret );
-            return( ret );
-        }
-    }
-
-    /* Inject ClientHello after first ApplicationData */
-    if( opt.inject_clihlo != 0 &&
-        inject_clihlo_state == ICH_CACHED &&
-        strcmp( p->type, "ApplicationData" ) == 0 )
-    {
-        print_packet( &initial_clihlo, "injected" );
-
-        if( ( ret = dispatch_data( dst, initial_clihlo.buf,
-                                        initial_clihlo.len ) ) <= 0 )
-        {
-            mbedtls_printf( "  ! dispatch returned %d\n", ret );
-            return( ret );
-        }
-
-        inject_clihlo_state = ICH_INJECTED;
-    }
-
-    return( 0 );
-}
-
-#define MAX_DELAYED_MSG 5
-static size_t prev_len;
-static packet prev[MAX_DELAYED_MSG];
-
-void clear_pending( void )
-{
-    memset( &prev, 0, sizeof( prev ) );
-    prev_len = 0;
-}
-
-void delay_packet( packet *delay )
-{
-    if( prev_len == MAX_DELAYED_MSG )
-        return;
-
-    memcpy( &prev[prev_len++], delay, sizeof( packet ) );
-}
-
-int send_delayed()
-{
-    uint8_t offset;
-    int ret;
-    for( offset = 0; offset < prev_len; offset++ )
-    {
-        ret = send_packet( &prev[offset], "delayed" );
-        if( ret != 0 )
-            return( ret );
-    }
-
-    clear_pending();
-    return( 0 );
-}
-
-/*
- * Avoid dropping or delaying a packet that was already dropped twice: this
- * only results in uninteresting timeouts. We can't rely on type to identify
- * packets, since during renegotiation they're all encrypted.  So, rely on
- * size mod 2048 (which is usually just size).
- */
-static unsigned char dropped[2048] = { 0 };
-#define DROP_MAX 2
-
-/* We only drop packets at the level of entire datagrams, not at the level
- * of records. In particular, if the peer changes the way it packs multiple
- * records into a single datagram, we don't necessarily count the number of
- * times a record has been dropped correctly. However, the only known reason
- * why a peer would change datagram packing is disabling the latter on
- * retransmission, in which case we'd drop involved records at most
- * DROP_MAX + 1 times. */
-void update_dropped( const packet *p )
-{
-    size_t id = p->len % sizeof( dropped );
-    ++dropped[id];
-}
-
-int handle_message( const char *way,
-                    mbedtls_net_context *dst,
-                    mbedtls_net_context *src )
-{
-    int ret;
-    packet cur;
-    size_t id;
-
-    uint8_t delay_idx;
-    char ** delay_list;
-    uint8_t delay_list_len;
-
-    /* receive packet */
-    if( ( ret = mbedtls_net_recv( src, cur.buf, sizeof( cur.buf ) ) ) <= 0 )
-    {
-        mbedtls_printf( "  ! mbedtls_net_recv returned %d\n", ret );
-        return( ret );
-    }
-
-    cur.len  = ret;
-    cur.type = msg_type( cur.buf, cur.len );
-    cur.way  = way;
-    cur.dst  = dst;
-    print_packet( &cur, NULL );
-
-    id = cur.len % sizeof( dropped );
-
-    if( strcmp( way, "S <- C" ) == 0 )
-    {
-        delay_list     = opt.delay_cli;
-        delay_list_len = opt.delay_cli_cnt;
-    }
-    else
-    {
-        delay_list     = opt.delay_srv;
-        delay_list_len = opt.delay_srv_cnt;
-    }
-
-    /* Check if message type is in the list of messages
-     * that should be delayed */
-    for( delay_idx = 0; delay_idx < delay_list_len; delay_idx++ )
-    {
-        if( delay_list[ delay_idx ] == NULL )
-            continue;
-
-        if( strcmp( delay_list[ delay_idx ], cur.type ) == 0 )
-        {
-            /* Delay message */
-            delay_packet( &cur );
-
-            /* Remove entry from list */
-            mbedtls_free( delay_list[delay_idx] );
-            delay_list[delay_idx] = NULL;
-
-            return( 0 );
-        }
-    }
-
-    /* do we want to drop, delay, or forward it? */
-    if( ( opt.mtu != 0 &&
-          cur.len > (unsigned) opt.mtu ) ||
-        ( opt.drop != 0 &&
-          strcmp( cur.type, "CID" ) != 0             &&
-          strcmp( cur.type, "ApplicationData" ) != 0 &&
-          ! ( opt.protect_hvr &&
-              strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) &&
-          cur.len != (size_t) opt.protect_len &&
-          dropped[id] < DROP_MAX &&
-          rand() % opt.drop == 0 ) )
-    {
-        update_dropped( &cur );
-    }
-    else if( ( opt.delay_ccs == 1 &&
-               strcmp( cur.type, "ChangeCipherSpec" ) == 0 ) ||
-             ( opt.delay != 0 &&
-               strcmp( cur.type, "CID" ) != 0             &&
-               strcmp( cur.type, "ApplicationData" ) != 0 &&
-               ! ( opt.protect_hvr &&
-                   strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) &&
-               cur.len != (size_t) opt.protect_len &&
-               dropped[id] < DROP_MAX &&
-               rand() % opt.delay == 0 ) )
-    {
-        delay_packet( &cur );
-    }
-    else
-    {
-        /* forward and possibly duplicate */
-        if( ( ret = send_packet( &cur, "forwarded" ) ) != 0 )
-            return( ret );
-
-        /* send previously delayed messages if any */
-        ret = send_delayed();
-        if( ret != 0 )
-            return( ret );
-    }
-
-    return( 0 );
-}
-
-int main( int argc, char *argv[] )
-{
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    uint8_t delay_idx;
-
-    mbedtls_net_context listen_fd, client_fd, server_fd;
-
-#if defined( MBEDTLS_TIMING_C )
-    struct timeval tm;
-#endif
-
-    struct timeval *tm_ptr = NULL;
-
-    int nb_fds;
-    fd_set read_fds;
-
-    mbedtls_net_init( &listen_fd );
-    mbedtls_net_init( &client_fd );
-    mbedtls_net_init( &server_fd );
-
-    get_options( argc, argv );
-
-    /*
-     * Decisions to drop/delay/duplicate packets are pseudo-random: dropping
-     * exactly 1 in N packets would lead to problems when a flight has exactly
-     * N packets: the same packet would be dropped on every resend.
-     *
-     * In order to be able to reproduce problems reliably, the seed may be
-     * specified explicitly.
-     */
-    if( opt.seed == 0 )
-    {
-        opt.seed = (unsigned int) time( NULL );
-        mbedtls_printf( "  . Pseudo-random seed: %u\n", opt.seed );
-    }
-
-    srand( opt.seed );
-
-    /*
-     * 0. "Connect" to the server
-     */
-    mbedtls_printf( "  . Connect to server on UDP/%s/%s ...",
-            opt.server_addr, opt.server_port );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_net_connect( &server_fd, opt.server_addr, opt.server_port,
-                             MBEDTLS_NET_PROTO_UDP ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_connect returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 1. Setup the "listening" UDP socket
-     */
-    mbedtls_printf( "  . Bind on UDP/%s/%s ...",
-            opt.listen_addr, opt.listen_port );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_net_bind( &listen_fd, opt.listen_addr, opt.listen_port,
-                          MBEDTLS_NET_PROTO_UDP ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_bind returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 2. Wait until a client connects
-     */
-accept:
-    mbedtls_net_free( &client_fd );
-
-    mbedtls_printf( "  . Waiting for a remote connection ..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
-                                    NULL, 0, NULL ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_net_accept returned %d\n\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 3. Forward packets forever (kill the process to terminate it)
-     */
-    clear_pending();
-    memset( dropped, 0, sizeof( dropped ) );
-
-    nb_fds = client_fd.fd;
-    if( nb_fds < server_fd.fd )
-        nb_fds = server_fd.fd;
-    if( nb_fds < listen_fd.fd )
-        nb_fds = listen_fd.fd;
-    ++nb_fds;
-
-#if defined(MBEDTLS_TIMING_C)
-    if( opt.pack > 0 )
-    {
-        outbuf[0].ctx = &server_fd;
-        outbuf[0].description = "S <- C";
-        outbuf[0].num_datagrams = 0;
-        outbuf[0].len = 0;
-
-        outbuf[1].ctx = &client_fd;
-        outbuf[1].description = "S -> C";
-        outbuf[1].num_datagrams = 0;
-        outbuf[1].len = 0;
-    }
-#endif /* MBEDTLS_TIMING_C */
-
-    while( 1 )
-    {
-#if defined(MBEDTLS_TIMING_C)
-        if( opt.pack > 0 )
-        {
-            unsigned max_wait_server, max_wait_client, max_wait;
-            max_wait_server = ctx_buffer_time_remaining( &outbuf[0] );
-            max_wait_client = ctx_buffer_time_remaining( &outbuf[1] );
-
-            max_wait = (unsigned) -1;
-
-            if( max_wait_server == 0 )
-                ctx_buffer_flush( &outbuf[0] );
-            else
-                max_wait = max_wait_server;
-
-            if( max_wait_client == 0 )
-                ctx_buffer_flush( &outbuf[1] );
-            else
-            {
-                if( max_wait_client < max_wait )
-                    max_wait = max_wait_client;
-            }
-
-            if( max_wait != (unsigned) -1 )
-            {
-                tm.tv_sec  = max_wait / 1000;
-                tm.tv_usec = ( max_wait % 1000 ) * 1000;
-
-                tm_ptr = &tm;
-            }
-            else
-            {
-                tm_ptr = NULL;
-            }
-        }
-#endif /* MBEDTLS_TIMING_C */
-
-        FD_ZERO( &read_fds );
-        FD_SET( server_fd.fd, &read_fds );
-        FD_SET( client_fd.fd, &read_fds );
-        FD_SET( listen_fd.fd, &read_fds );
-
-        if( ( ret = select( nb_fds, &read_fds, NULL, NULL, tm_ptr ) ) < 0 )
-        {
-            perror( "select" );
-            goto exit;
-        }
-
-        if( FD_ISSET( listen_fd.fd, &read_fds ) )
-            goto accept;
-
-        if( FD_ISSET( client_fd.fd, &read_fds ) )
-        {
-            if( ( ret = handle_message( "S <- C",
-                                        &server_fd, &client_fd ) ) != 0 )
-                goto accept;
-        }
-
-        if( FD_ISSET( server_fd.fd, &read_fds ) )
-        {
-            if( ( ret = handle_message( "S -> C",
-                                        &client_fd, &server_fd ) ) != 0 )
-                goto accept;
-        }
-
-    }
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
-#ifdef MBEDTLS_ERROR_C
-    if( exit_code != MBEDTLS_EXIT_SUCCESS )
-    {
-        char error_buf[100];
-        mbedtls_strerror( ret, error_buf, 100 );
-        mbedtls_printf( "Last error was: -0x%04X - %s\n\n", (unsigned int) -ret, error_buf );
-        fflush( stdout );
-    }
-#endif
-
-    for( delay_idx = 0; delay_idx < MAX_DELAYED_HS; delay_idx++ )
-    {
-        mbedtls_free( opt.delay_cli + delay_idx );
-        mbedtls_free( opt.delay_srv + delay_idx );
-    }
-
-    mbedtls_net_free( &client_fd );
-    mbedtls_net_free( &server_fd );
-    mbedtls_net_free( &listen_fd );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-
-#endif /* MBEDTLS_NET_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/test/zeroize.c b/3rdparty/mbedtls-2.25.0/programs/test/zeroize.c
deleted file mode 100644
index 5e6b58e..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/test/zeroize.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * Zeroize application for debugger-driven testing
- *
- * This is a simple test application used for debugger-driven testing to check
- * whether calls to mbedtls_platform_zeroize() are being eliminated by compiler
- * optimizations. This application is used by the GDB script at
- * tests/scripts/test_zeroize.gdb: the script sets a breakpoint at the last
- * return statement in the main() function of this program. The debugger
- * facilities are then used to manually inspect the memory and verify that the
- * call to mbedtls_platform_zeroize() was not eliminated.
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stdio.h>
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_printf     printf
-#define mbedtls_exit       exit
-#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
-#endif
-
-#include "mbedtls/platform_util.h"
-
-#define BUFFER_LEN 1024
-
-void usage( void )
-{
-    mbedtls_printf( "Zeroize is a simple program to assist with testing\n" );
-    mbedtls_printf( "the mbedtls_platform_zeroize() function by using the\n" );
-    mbedtls_printf( "debugger. This program takes a file as input and\n" );
-    mbedtls_printf( "prints the first %d characters. Usage:\n\n", BUFFER_LEN );
-    mbedtls_printf( "       zeroize <FILE>\n" );
-}
-
-int main( int argc, char** argv )
-{
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    FILE *fp;
-    char buf[BUFFER_LEN];
-    char *p = buf;
-    char *end = p + BUFFER_LEN;
-    int c;
-
-    if( argc != 2 )
-    {
-        mbedtls_printf( "This program takes exactly 1 agument\n" );
-        usage();
-        mbedtls_exit( exit_code );
-    }
-
-    fp = fopen( argv[1], "r" );
-    if( fp == NULL )
-    {
-        mbedtls_printf( "Could not open file '%s'\n", argv[1] );
-        mbedtls_exit( exit_code );
-    }
-
-    while( ( c = fgetc( fp ) ) != EOF && p < end - 1 )
-        *p++ = (char)c;
-    *p = '\0';
-
-    if( p - buf != 0 )
-    {
-        mbedtls_printf( "%s\n", buf );
-        exit_code = MBEDTLS_EXIT_SUCCESS;
-    }
-    else
-        mbedtls_printf( "The file is empty!\n" );
-
-    fclose( fp );
-    mbedtls_platform_zeroize( buf, sizeof( buf ) );
-
-    mbedtls_exit( exit_code ); // GDB_BREAK_HERE -- don't remove this comment!
-}
diff --git a/3rdparty/mbedtls-2.25.0/programs/util/pem2der.c b/3rdparty/mbedtls-2.25.0/programs/util/pem2der.c
deleted file mode 100644
index a2fd0fc..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/util/pem2der.c
+++ /dev/null
@@ -1,293 +0,0 @@
-/*
- *  Convert PEM to DER
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_free            free
-#define mbedtls_calloc          calloc
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if defined(MBEDTLS_BASE64_C) && defined(MBEDTLS_FS_IO)
-#include "mbedtls/error.h"
-#include "mbedtls/base64.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#endif
-
-#define DFL_FILENAME            "file.pem"
-#define DFL_OUTPUT_FILENAME     "file.der"
-
-#define USAGE \
-    "\n usage: pem2der param=<>...\n"                   \
-    "\n acceptable parameters:\n"                       \
-    "    filename=%%s         default: file.pem\n"      \
-    "    output_file=%%s      default: file.der\n"      \
-    "\n"
-
-#if !defined(MBEDTLS_BASE64_C) || !defined(MBEDTLS_FS_IO)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_BASE64_C and/or MBEDTLS_FS_IO not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-
-/*
- * global options
- */
-struct options
-{
-    const char *filename;       /* filename of the input file             */
-    const char *output_file;    /* where to store the output              */
-} opt;
-
-int convert_pem_to_der( const unsigned char *input, size_t ilen,
-                        unsigned char *output, size_t *olen )
-{
-    int ret;
-    const unsigned char *s1, *s2, *end = input + ilen;
-    size_t len = 0;
-
-    s1 = (unsigned char *) strstr( (const char *) input, "-----BEGIN" );
-    if( s1 == NULL )
-        return( -1 );
-
-    s2 = (unsigned char *) strstr( (const char *) input, "-----END" );
-    if( s2 == NULL )
-        return( -1 );
-
-    s1 += 10;
-    while( s1 < end && *s1 != '-' )
-        s1++;
-    while( s1 < end && *s1 == '-' )
-        s1++;
-    if( *s1 == '\r' ) s1++;
-    if( *s1 == '\n' ) s1++;
-
-    if( s2 <= s1 || s2 > end )
-        return( -1 );
-
-    ret = mbedtls_base64_decode( NULL, 0, &len, (const unsigned char *) s1, s2 - s1 );
-    if( ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER )
-        return( ret );
-
-    if( len > *olen )
-        return( -1 );
-
-    if( ( ret = mbedtls_base64_decode( output, len, &len, (const unsigned char *) s1,
-                               s2 - s1 ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    *olen = len;
-
-    return( 0 );
-}
-
-/*
- * Load all data from a file into a given buffer.
- */
-static int load_file( const char *path, unsigned char **buf, size_t *n )
-{
-    FILE *f;
-    long size;
-
-    if( ( f = fopen( path, "rb" ) ) == NULL )
-        return( -1 );
-
-    fseek( f, 0, SEEK_END );
-    if( ( size = ftell( f ) ) == -1 )
-    {
-        fclose( f );
-        return( -1 );
-    }
-    fseek( f, 0, SEEK_SET );
-
-    *n = (size_t) size;
-
-    if( *n + 1 == 0 ||
-        ( *buf = mbedtls_calloc( 1, *n + 1 ) ) == NULL )
-    {
-        fclose( f );
-        return( -1 );
-    }
-
-    if( fread( *buf, 1, *n, f ) != *n )
-    {
-        fclose( f );
-        free( *buf );
-        *buf = NULL;
-        return( -1 );
-    }
-
-    fclose( f );
-
-    (*buf)[*n] = '\0';
-
-    return( 0 );
-}
-
-/*
- * Write buffer to a file
- */
-static int write_file( const char *path, unsigned char *buf, size_t n )
-{
-    FILE *f;
-
-    if( ( f = fopen( path, "wb" ) ) == NULL )
-        return( -1 );
-
-    if( fwrite( buf, 1, n, f ) != n )
-    {
-        fclose( f );
-        return( -1 );
-    }
-
-    fclose( f );
-    return( 0 );
-}
-
-int main( int argc, char *argv[] )
-{
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    unsigned char *pem_buffer = NULL;
-    unsigned char der_buffer[4096];
-    char buf[1024];
-    size_t pem_size, der_size = sizeof(der_buffer);
-    int i;
-    char *p, *q;
-
-    /*
-     * Set to sane values
-     */
-    memset( buf, 0, sizeof(buf) );
-    memset( der_buffer, 0, sizeof(der_buffer) );
-
-    if( argc == 0 )
-    {
-    usage:
-        mbedtls_printf( USAGE );
-        goto exit;
-    }
-
-    opt.filename            = DFL_FILENAME;
-    opt.output_file         = DFL_OUTPUT_FILENAME;
-
-    for( i = 1; i < argc; i++ )
-    {
-
-        p = argv[i];
-        if( ( q = strchr( p, '=' ) ) == NULL )
-            goto usage;
-        *q++ = '\0';
-
-        if( strcmp( p, "filename" ) == 0 )
-            opt.filename = q;
-        else if( strcmp( p, "output_file" ) == 0 )
-            opt.output_file = q;
-        else
-            goto usage;
-    }
-
-    /*
-     * 1.1. Load the PEM file
-     */
-    mbedtls_printf( "\n  . Loading the PEM file ..." );
-    fflush( stdout );
-
-    ret = load_file( opt.filename, &pem_buffer, &pem_size );
-
-    if( ret != 0 )
-    {
-#ifdef MBEDTLS_ERROR_C
-        mbedtls_strerror( ret, buf, 1024 );
-#endif
-        mbedtls_printf( " failed\n  !  load_file returned %d - %s\n\n", ret, buf );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 1.2. Convert from PEM to DER
-     */
-    mbedtls_printf( "  . Converting from PEM to DER ..." );
-    fflush( stdout );
-
-    if( ( ret = convert_pem_to_der( pem_buffer, pem_size, der_buffer, &der_size ) ) != 0 )
-    {
-#ifdef MBEDTLS_ERROR_C
-        mbedtls_strerror( ret, buf, 1024 );
-#endif
-        mbedtls_printf( " failed\n  !  convert_pem_to_der %d - %s\n\n", ret, buf );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 1.3. Write the DER file
-     */
-    mbedtls_printf( "  . Writing the DER file ..." );
-    fflush( stdout );
-
-    ret = write_file( opt.output_file, der_buffer, der_size );
-
-    if( ret != 0 )
-    {
-#ifdef MBEDTLS_ERROR_C
-        mbedtls_strerror( ret, buf, 1024 );
-#endif
-        mbedtls_printf( " failed\n  !  write_file returned %d - %s\n\n", ret, buf );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-    free( pem_buffer );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BASE64_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.25.0/programs/util/strerror.c b/3rdparty/mbedtls-2.25.0/programs/util/strerror.c
deleted file mode 100644
index 6b7e448..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/util/strerror.c
+++ /dev/null
@@ -1,92 +0,0 @@
-/*
- *  Translate error code to error string
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf     printf
-#define mbedtls_exit       exit
-#endif
-
-#if defined(MBEDTLS_ERROR_C) || defined(MBEDTLS_ERROR_STRERROR_DUMMY)
-#include "mbedtls/error.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#endif
-
-#define USAGE \
-    "\n usage: strerror <errorcode>\n" \
-    "\n where <errorcode> can be a decimal or hexadecimal (starts with 0x or -0x)\n"
-
-#if !defined(MBEDTLS_ERROR_C) && !defined(MBEDTLS_ERROR_STRERROR_DUMMY)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_ERROR_C and/or MBEDTLS_ERROR_STRERROR_DUMMY not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-int main( int argc, char *argv[] )
-{
-    long int val;
-    char *end = argv[1];
-
-    if( argc != 2 )
-    {
-        mbedtls_printf( USAGE );
-        mbedtls_exit( 0 );
-    }
-
-    val = strtol( argv[1], &end, 10 );
-    if( *end != '\0' )
-    {
-        val = strtol( argv[1], &end, 16 );
-        if( *end != '\0' )
-        {
-            mbedtls_printf( USAGE );
-            return( 0 );
-        }
-    }
-    if( val > 0 )
-        val = -val;
-
-    if( val != 0 )
-    {
-        char error_buf[200];
-        mbedtls_strerror( val, error_buf, 200 );
-        mbedtls_printf("Last error was: -0x%04x - %s\n\n", (unsigned int) -val, error_buf );
-    }
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( val );
-}
-#endif /* MBEDTLS_ERROR_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/wince_main.c b/3rdparty/mbedtls-2.25.0/programs/wince_main.c
deleted file mode 100644
index 851012c..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/wince_main.c
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- *  Windows CE console application entry point
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if defined(_WIN32_WCE)
-
-#include <windows.h>
-
-extern int main( int, const char ** );
-
-int _tmain( int argc, _TCHAR* targv[] )
-{
-    char **argv;
-    int i;
-
-    argv = ( char ** ) calloc( argc, sizeof( char * ) );
-
-    for ( i = 0; i < argc; i++ ) {
-        size_t len;
-        len = _tcslen( targv[i] ) + 1;
-        argv[i] = ( char * ) calloc( len, sizeof( char ) );
-        wcstombs( argv[i], targv[i], len );
-    }
-
-    return main( argc, argv );
-}
-
-#endif  /* defined(_WIN32_WCE) */
diff --git a/3rdparty/mbedtls-2.25.0/programs/x509/CMakeLists.txt b/3rdparty/mbedtls-2.25.0/programs/x509/CMakeLists.txt
deleted file mode 100644
index 29cbeb8..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/x509/CMakeLists.txt
+++ /dev/null
@@ -1,30 +0,0 @@
-set(libs
-    ${mbedx509_target}
-)
-
-if(USE_PKCS11_HELPER_LIBRARY)
-    set(libs ${libs} pkcs11-helper)
-endif(USE_PKCS11_HELPER_LIBRARY)
-
-if(ENABLE_ZLIB_SUPPORT)
-    set(libs ${libs} ${ZLIB_LIBRARIES})
-endif(ENABLE_ZLIB_SUPPORT)
-
-set(executables
-    cert_app
-    cert_req
-    cert_write
-    crl_app
-    req_app
-)
-
-foreach(exe IN LISTS executables)
-    add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
-    target_link_libraries(${exe} ${libs})
-endforeach()
-
-target_link_libraries(cert_app ${mbedtls_target})
-
-install(TARGETS ${executables}
-        DESTINATION "bin"
-        PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/3rdparty/mbedtls-2.25.0/programs/x509/cert_app.c b/3rdparty/mbedtls-2.25.0/programs/x509/cert_app.c
deleted file mode 100644
index 89b25a8..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/x509/cert_app.c
+++ /dev/null
@@ -1,502 +0,0 @@
-/*
- *  Certificate reading application
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_time            time
-#define mbedtls_time_t          time_t
-#define mbedtls_fprintf         fprintf
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) ||  \
-    !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
-    !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) ||         \
-    !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) ||  \
-    !defined(MBEDTLS_CTR_DRBG_C)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
-           "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
-           "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
-           "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or "
-           "MBEDTLS_CTR_DRBG_C not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/ssl.h"
-#include "mbedtls/x509.h"
-#include "mbedtls/debug.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#define MODE_NONE               0
-#define MODE_FILE               1
-#define MODE_SSL                2
-
-#define DFL_MODE                MODE_NONE
-#define DFL_FILENAME            "cert.crt"
-#define DFL_CA_FILE             ""
-#define DFL_CRL_FILE            ""
-#define DFL_CA_PATH             ""
-#define DFL_SERVER_NAME         "localhost"
-#define DFL_SERVER_PORT         "4433"
-#define DFL_DEBUG_LEVEL         0
-#define DFL_PERMISSIVE          0
-
-#define USAGE_IO \
-    "    ca_file=%%s          The single file containing the top-level CA(s) you fully trust\n" \
-    "                        default: \"\" (none)\n" \
-    "    crl_file=%%s         The single CRL file you want to use\n" \
-    "                        default: \"\" (none)\n" \
-    "    ca_path=%%s          The path containing the top-level CA(s) you fully trust\n" \
-    "                        default: \"\" (none) (overrides ca_file)\n"
-
-#define USAGE \
-    "\n usage: cert_app param=<>...\n"                  \
-    "\n acceptable parameters:\n"                       \
-    "    mode=file|ssl       default: none\n"           \
-    "    filename=%%s         default: cert.crt\n"      \
-    USAGE_IO                                            \
-    "    server_name=%%s      default: localhost\n"     \
-    "    server_port=%%d      default: 4433\n"          \
-    "    debug_level=%%d      default: 0 (disabled)\n"  \
-    "    permissive=%%d       default: 0 (disabled)\n"  \
-    "\n"
-
-
-/*
- * global options
- */
-struct options
-{
-    int mode;                   /* the mode to run the application in   */
-    const char *filename;       /* filename of the certificate file     */
-    const char *ca_file;        /* the file with the CA certificate(s)  */
-    const char *crl_file;       /* the file with the CRL to use         */
-    const char *ca_path;        /* the path with the CA certificate(s) reside */
-    const char *server_name;    /* hostname of the server (client only) */
-    const char *server_port;    /* port on which the ssl service runs   */
-    int debug_level;            /* level of debugging                   */
-    int permissive;             /* permissive parsing                   */
-} opt;
-
-static void my_debug( void *ctx, int level,
-                      const char *file, int line,
-                      const char *str )
-{
-    ((void) level);
-
-    mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str );
-    fflush(  (FILE *) ctx  );
-}
-
-static int my_verify( void *data, mbedtls_x509_crt *crt, int depth, uint32_t *flags )
-{
-    char buf[1024];
-    ((void) data);
-
-    mbedtls_printf( "\nVerify requested for (Depth %d):\n", depth );
-    mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
-    mbedtls_printf( "%s", buf );
-
-    if ( ( *flags ) == 0 )
-        mbedtls_printf( "  This certificate has no flags\n" );
-    else
-    {
-        mbedtls_x509_crt_verify_info( buf, sizeof( buf ), "  ! ", *flags );
-        mbedtls_printf( "%s\n", buf );
-    }
-
-    return( 0 );
-}
-
-int main( int argc, char *argv[] )
-{
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    mbedtls_net_context server_fd;
-    unsigned char buf[1024];
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-    mbedtls_x509_crt cacert;
-    mbedtls_x509_crl cacrl;
-    int i, j;
-    uint32_t flags;
-    int verify = 0;
-    char *p, *q;
-    const char *pers = "cert_app";
-
-    /*
-     * Set to sane values
-     */
-    mbedtls_net_init( &server_fd );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_config_init( &conf );
-    mbedtls_x509_crt_init( &cacert );
-#if defined(MBEDTLS_X509_CRL_PARSE_C)
-    mbedtls_x509_crl_init( &cacrl );
-#else
-    /* Zeroize structure as CRL parsing is not supported and we have to pass
-       it to the verify function */
-    memset( &cacrl, 0, sizeof(mbedtls_x509_crl) );
-#endif
-
-    if( argc == 0 )
-    {
-    usage:
-        mbedtls_printf( USAGE );
-        goto exit;
-    }
-
-    opt.mode                = DFL_MODE;
-    opt.filename            = DFL_FILENAME;
-    opt.ca_file             = DFL_CA_FILE;
-    opt.crl_file            = DFL_CRL_FILE;
-    opt.ca_path             = DFL_CA_PATH;
-    opt.server_name         = DFL_SERVER_NAME;
-    opt.server_port         = DFL_SERVER_PORT;
-    opt.debug_level         = DFL_DEBUG_LEVEL;
-    opt.permissive          = DFL_PERMISSIVE;
-
-    for( i = 1; i < argc; i++ )
-    {
-        p = argv[i];
-        if( ( q = strchr( p, '=' ) ) == NULL )
-            goto usage;
-        *q++ = '\0';
-
-        for( j = 0; p + j < q; j++ )
-        {
-            if( argv[i][j] >= 'A' && argv[i][j] <= 'Z' )
-                argv[i][j] |= 0x20;
-        }
-
-        if( strcmp( p, "mode" ) == 0 )
-        {
-            if( strcmp( q, "file" ) == 0 )
-                opt.mode = MODE_FILE;
-            else if( strcmp( q, "ssl" ) == 0 )
-                opt.mode = MODE_SSL;
-            else
-                goto usage;
-        }
-        else if( strcmp( p, "filename" ) == 0 )
-            opt.filename = q;
-        else if( strcmp( p, "ca_file" ) == 0 )
-            opt.ca_file = q;
-        else if( strcmp( p, "crl_file" ) == 0 )
-            opt.crl_file = q;
-        else if( strcmp( p, "ca_path" ) == 0 )
-            opt.ca_path = q;
-        else if( strcmp( p, "server_name" ) == 0 )
-            opt.server_name = q;
-        else if( strcmp( p, "server_port" ) == 0 )
-            opt.server_port = q;
-        else if( strcmp( p, "debug_level" ) == 0 )
-        {
-            opt.debug_level = atoi( q );
-            if( opt.debug_level < 0 || opt.debug_level > 65535 )
-                goto usage;
-        }
-        else if( strcmp( p, "permissive" ) == 0 )
-        {
-            opt.permissive = atoi( q );
-            if( opt.permissive < 0 || opt.permissive > 1 )
-                goto usage;
-        }
-        else
-            goto usage;
-    }
-
-    /*
-     * 1.1. Load the trusted CA
-     */
-    mbedtls_printf( "  . Loading the CA root certificate ..." );
-    fflush( stdout );
-
-    if( strlen( opt.ca_path ) )
-    {
-        if( ( ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path ) ) < 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse_path returned -0x%x\n\n", (unsigned int) -ret );
-            goto exit;
-        }
-
-        verify = 1;
-    }
-    else if( strlen( opt.ca_file ) )
-    {
-        if( ( ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ) ) < 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse_file returned -0x%x\n\n", (unsigned int) -ret );
-            goto exit;
-        }
-
-        verify = 1;
-    }
-
-    mbedtls_printf( " ok (%d skipped)\n", ret );
-
-#if defined(MBEDTLS_X509_CRL_PARSE_C)
-    if( strlen( opt.crl_file ) )
-    {
-        if( ( ret = mbedtls_x509_crl_parse_file( &cacrl, opt.crl_file ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_x509_crl_parse returned -0x%x\n\n", (unsigned int) -ret );
-            goto exit;
-        }
-
-        verify = 1;
-    }
-#endif
-
-    if( opt.mode == MODE_FILE )
-    {
-        mbedtls_x509_crt crt;
-        mbedtls_x509_crt *cur = &crt;
-        mbedtls_x509_crt_init( &crt );
-
-        /*
-         * 1.1. Load the certificate(s)
-         */
-        mbedtls_printf( "\n  . Loading the certificate(s) ..." );
-        fflush( stdout );
-
-        ret = mbedtls_x509_crt_parse_file( &crt, opt.filename );
-
-        if( ret < 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse_file returned %d\n\n", ret );
-            mbedtls_x509_crt_free( &crt );
-            goto exit;
-        }
-
-        if( opt.permissive == 0 && ret > 0 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse failed to parse %d certificates\n\n", ret );
-            mbedtls_x509_crt_free( &crt );
-            goto exit;
-        }
-
-        mbedtls_printf( " ok\n" );
-
-        /*
-         * 1.2 Print the certificate(s)
-         */
-        while( cur != NULL )
-        {
-            mbedtls_printf( "  . Peer certificate information    ...\n" );
-            ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, "      ",
-                                 cur );
-            if( ret == -1 )
-            {
-                mbedtls_printf( " failed\n  !  mbedtls_x509_crt_info returned %d\n\n", ret );
-                mbedtls_x509_crt_free( &crt );
-                goto exit;
-            }
-
-            mbedtls_printf( "%s\n", buf );
-
-            cur = cur->next;
-        }
-
-        /*
-         * 1.3 Verify the certificate
-         */
-        if( verify )
-        {
-            mbedtls_printf( "  . Verifying X.509 certificate..." );
-
-            if( ( ret = mbedtls_x509_crt_verify( &crt, &cacert, &cacrl, NULL, &flags,
-                                         my_verify, NULL ) ) != 0 )
-            {
-                char vrfy_buf[512];
-
-                mbedtls_printf( " failed\n" );
-
-                mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), "  ! ", flags );
-
-                mbedtls_printf( "%s\n", vrfy_buf );
-            }
-            else
-                mbedtls_printf( " ok\n" );
-        }
-
-        mbedtls_x509_crt_free( &crt );
-    }
-    else if( opt.mode == MODE_SSL )
-    {
-        /*
-         * 1. Initialize the RNG and the session data
-         */
-        mbedtls_printf( "\n  . Seeding the random number generator..." );
-        fflush( stdout );
-
-        mbedtls_entropy_init( &entropy );
-        if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                                   (const unsigned char *) pers,
-                                   strlen( pers ) ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
-            goto ssl_exit;
-        }
-
-        mbedtls_printf( " ok\n" );
-
-#if defined(MBEDTLS_DEBUG_C)
-        mbedtls_debug_set_threshold( opt.debug_level );
-#endif
-
-        /*
-         * 2. Start the connection
-         */
-        mbedtls_printf( "  . SSL connection to tcp/%s/%s...", opt.server_name,
-                                                              opt.server_port );
-        fflush( stdout );
-
-        if( ( ret = mbedtls_net_connect( &server_fd, opt.server_name,
-                                 opt.server_port, MBEDTLS_NET_PROTO_TCP ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_net_connect returned %d\n\n", ret );
-            goto ssl_exit;
-        }
-
-        /*
-         * 3. Setup stuff
-         */
-        if( ( ret = mbedtls_ssl_config_defaults( &conf,
-                        MBEDTLS_SSL_IS_CLIENT,
-                        MBEDTLS_SSL_TRANSPORT_STREAM,
-                        MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
-            goto exit;
-        }
-
-        if( verify )
-        {
-            mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
-            mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
-            mbedtls_ssl_conf_verify( &conf, my_verify, NULL );
-        }
-        else
-            mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE );
-
-        mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-        mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
-
-        if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_setup returned %d\n\n", ret );
-            goto ssl_exit;
-        }
-
-        if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
-        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
-            goto ssl_exit;
-        }
-
-        mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
-
-        /*
-         * 4. Handshake
-         */
-        while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
-        {
-            if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
-            {
-                mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned %d\n\n", ret );
-                goto ssl_exit;
-            }
-        }
-
-        mbedtls_printf( " ok\n" );
-
-        /*
-         * 5. Print the certificate
-         */
-#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-        mbedtls_printf( "  . Peer certificate information    ... skipped\n" );
-#else
-        mbedtls_printf( "  . Peer certificate information    ...\n" );
-        ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, "      ",
-                                     mbedtls_ssl_get_peer_cert( &ssl ) );
-        if( ret == -1 )
-        {
-            mbedtls_printf( " failed\n  !  mbedtls_x509_crt_info returned %d\n\n", ret );
-            goto ssl_exit;
-        }
-
-        mbedtls_printf( "%s\n", buf );
-#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-
-        mbedtls_ssl_close_notify( &ssl );
-
-ssl_exit:
-        mbedtls_ssl_free( &ssl );
-        mbedtls_ssl_config_free( &conf );
-    }
-    else
-        goto usage;
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
-    mbedtls_net_free( &server_fd );
-    mbedtls_x509_crt_free( &cacert );
-#if defined(MBEDTLS_X509_CRL_PARSE_C)
-    mbedtls_x509_crl_free( &cacrl );
-#endif
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
-          MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
-          MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/x509/cert_req.c b/3rdparty/mbedtls-2.25.0/programs/x509/cert_req.c
deleted file mode 100644
index e8241a3..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/x509/cert_req.c
+++ /dev/null
@@ -1,403 +0,0 @@
-/*
- *  Certificate request generation
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if !defined(MBEDTLS_X509_CSR_WRITE_C) || !defined(MBEDTLS_FS_IO) ||  \
-    !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_SHA256_C) || \
-    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
-    !defined(MBEDTLS_PEM_WRITE_C)
-int main( void )
-{
-    mbedtls_printf( "MBEDTLS_X509_CSR_WRITE_C and/or MBEDTLS_FS_IO and/or "
-            "MBEDTLS_PK_PARSE_C and/or MBEDTLS_SHA256_C and/or "
-            "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C "
-            "not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-#include "mbedtls/x509_csr.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/error.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#define DFL_FILENAME            "keyfile.key"
-#define DFL_PASSWORD            NULL
-#define DFL_DEBUG_LEVEL         0
-#define DFL_OUTPUT_FILENAME     "cert.req"
-#define DFL_SUBJECT_NAME        "CN=Cert,O=mbed TLS,C=UK"
-#define DFL_KEY_USAGE           0
-#define DFL_FORCE_KEY_USAGE     0
-#define DFL_NS_CERT_TYPE        0
-#define DFL_FORCE_NS_CERT_TYPE  0
-#define DFL_MD_ALG              MBEDTLS_MD_SHA256
-
-#define USAGE \
-    "\n usage: cert_req param=<>...\n"                  \
-    "\n acceptable parameters:\n"                       \
-    "    filename=%%s         default: keyfile.key\n"   \
-    "    password=%%s         default: NULL\n"          \
-    "    debug_level=%%d      default: 0 (disabled)\n"  \
-    "    output_file=%%s      default: cert.req\n"      \
-    "    subject_name=%%s     default: CN=Cert,O=mbed TLS,C=UK\n"   \
-    "    key_usage=%%s        default: (empty)\n"       \
-    "                        Comma-separated-list of values:\n"     \
-    "                          digital_signature\n"     \
-    "                          non_repudiation\n"       \
-    "                          key_encipherment\n"      \
-    "                          data_encipherment\n"     \
-    "                          key_agreement\n"         \
-    "                          key_cert_sign\n"  \
-    "                          crl_sign\n"              \
-    "    force_key_usage=0/1  default: off\n"           \
-    "                          Add KeyUsage even if it is empty\n"  \
-    "    ns_cert_type=%%s     default: (empty)\n"       \
-    "                        Comma-separated-list of values:\n"     \
-    "                          ssl_client\n"            \
-    "                          ssl_server\n"            \
-    "                          email\n"                 \
-    "                          object_signing\n"        \
-    "                          ssl_ca\n"                \
-    "                          email_ca\n"              \
-    "                          object_signing_ca\n"     \
-    "    force_ns_cert_type=0/1 default: off\n"         \
-    "                          Add NsCertType even if it is empty\n"    \
-    "    md=%%s               default: SHA256\n"       \
-    "                          possible values:\n"     \
-    "                          MD2, MD4, MD5, RIPEMD160, SHA1,\n" \
-    "                          SHA224, SHA256, SHA384, SHA512\n" \
-    "\n"
-
-
-/*
- * global options
- */
-struct options
-{
-    const char *filename;       /* filename of the key file             */
-    const char *password;       /* password for the key file            */
-    int debug_level;            /* level of debugging                   */
-    const char *output_file;    /* where to store the constructed key file  */
-    const char *subject_name;   /* subject name for certificate request */
-    unsigned char key_usage;    /* key usage flags                      */
-    int force_key_usage;        /* Force adding the KeyUsage extension  */
-    unsigned char ns_cert_type; /* NS cert type                         */
-    int force_ns_cert_type;     /* Force adding NsCertType extension    */
-    mbedtls_md_type_t md_alg;   /* Hash algorithm used for signature.   */
-} opt;
-
-int write_certificate_request( mbedtls_x509write_csr *req, const char *output_file,
-                               int (*f_rng)(void *, unsigned char *, size_t),
-                               void *p_rng )
-{
-    int ret;
-    FILE *f;
-    unsigned char output_buf[4096];
-    size_t len = 0;
-
-    memset( output_buf, 0, 4096 );
-    if( ( ret = mbedtls_x509write_csr_pem( req, output_buf, 4096, f_rng, p_rng ) ) < 0 )
-        return( ret );
-
-    len = strlen( (char *) output_buf );
-
-    if( ( f = fopen( output_file, "w" ) ) == NULL )
-        return( -1 );
-
-    if( fwrite( output_buf, 1, len, f ) != len )
-    {
-        fclose( f );
-        return( -1 );
-    }
-
-    fclose( f );
-
-    return( 0 );
-}
-
-int main( int argc, char *argv[] )
-{
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    mbedtls_pk_context key;
-    char buf[1024];
-    int i;
-    char *p, *q, *r;
-    mbedtls_x509write_csr req;
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    const char *pers = "csr example app";
-
-    /*
-     * Set to sane values
-     */
-    mbedtls_x509write_csr_init( &req );
-    mbedtls_pk_init( &key );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-    memset( buf, 0, sizeof( buf ) );
-
-    if( argc == 0 )
-    {
-    usage:
-        mbedtls_printf( USAGE );
-        goto exit;
-    }
-
-    opt.filename            = DFL_FILENAME;
-    opt.password            = DFL_PASSWORD;
-    opt.debug_level         = DFL_DEBUG_LEVEL;
-    opt.output_file         = DFL_OUTPUT_FILENAME;
-    opt.subject_name        = DFL_SUBJECT_NAME;
-    opt.key_usage           = DFL_KEY_USAGE;
-    opt.force_key_usage     = DFL_FORCE_KEY_USAGE;
-    opt.ns_cert_type        = DFL_NS_CERT_TYPE;
-    opt.force_ns_cert_type  = DFL_FORCE_NS_CERT_TYPE;
-    opt.md_alg              = DFL_MD_ALG;
-
-    for( i = 1; i < argc; i++ )
-    {
-
-        p = argv[i];
-        if( ( q = strchr( p, '=' ) ) == NULL )
-            goto usage;
-        *q++ = '\0';
-
-        if( strcmp( p, "filename" ) == 0 )
-            opt.filename = q;
-        else if( strcmp( p, "password" ) == 0 )
-            opt.password = q;
-        else if( strcmp( p, "output_file" ) == 0 )
-            opt.output_file = q;
-        else if( strcmp( p, "debug_level" ) == 0 )
-        {
-            opt.debug_level = atoi( q );
-            if( opt.debug_level < 0 || opt.debug_level > 65535 )
-                goto usage;
-        }
-        else if( strcmp( p, "subject_name" ) == 0 )
-        {
-            opt.subject_name = q;
-        }
-        else if( strcmp( p, "md" ) == 0 )
-        {
-            const mbedtls_md_info_t *md_info =
-                mbedtls_md_info_from_string( q );
-            if( md_info == NULL )
-            {
-                mbedtls_printf( "Invalid argument for option %s\n", p );
-                goto usage;
-            }
-            opt.md_alg = mbedtls_md_get_type( md_info );
-        }
-        else if( strcmp( p, "key_usage" ) == 0 )
-        {
-            while( q != NULL )
-            {
-                if( ( r = strchr( q, ',' ) ) != NULL )
-                    *r++ = '\0';
-
-                if( strcmp( q, "digital_signature" ) == 0 )
-                    opt.key_usage |= MBEDTLS_X509_KU_DIGITAL_SIGNATURE;
-                else if( strcmp( q, "non_repudiation" ) == 0 )
-                    opt.key_usage |= MBEDTLS_X509_KU_NON_REPUDIATION;
-                else if( strcmp( q, "key_encipherment" ) == 0 )
-                    opt.key_usage |= MBEDTLS_X509_KU_KEY_ENCIPHERMENT;
-                else if( strcmp( q, "data_encipherment" ) == 0 )
-                    opt.key_usage |= MBEDTLS_X509_KU_DATA_ENCIPHERMENT;
-                else if( strcmp( q, "key_agreement" ) == 0 )
-                    opt.key_usage |= MBEDTLS_X509_KU_KEY_AGREEMENT;
-                else if( strcmp( q, "key_cert_sign" ) == 0 )
-                    opt.key_usage |= MBEDTLS_X509_KU_KEY_CERT_SIGN;
-                else if( strcmp( q, "crl_sign" ) == 0 )
-                    opt.key_usage |= MBEDTLS_X509_KU_CRL_SIGN;
-                else
-                    goto usage;
-
-                q = r;
-            }
-        }
-        else if( strcmp( p, "force_key_usage" ) == 0 )
-        {
-            switch( atoi( q ) )
-            {
-                case 0: opt.force_key_usage = 0; break;
-                case 1: opt.force_key_usage = 1; break;
-                default: goto usage;
-            }
-        }
-        else if( strcmp( p, "ns_cert_type" ) == 0 )
-        {
-            while( q != NULL )
-            {
-                if( ( r = strchr( q, ',' ) ) != NULL )
-                    *r++ = '\0';
-
-                if( strcmp( q, "ssl_client" ) == 0 )
-                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT;
-                else if( strcmp( q, "ssl_server" ) == 0 )
-                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER;
-                else if( strcmp( q, "email" ) == 0 )
-                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL;
-                else if( strcmp( q, "object_signing" ) == 0 )
-                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING;
-                else if( strcmp( q, "ssl_ca" ) == 0 )
-                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CA;
-                else if( strcmp( q, "email_ca" ) == 0 )
-                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA;
-                else if( strcmp( q, "object_signing_ca" ) == 0 )
-                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA;
-                else
-                    goto usage;
-
-                q = r;
-            }
-        }
-        else if( strcmp( p, "force_ns_cert_type" ) == 0 )
-        {
-            switch( atoi( q ) )
-            {
-                case 0: opt.force_ns_cert_type = 0; break;
-                case 1: opt.force_ns_cert_type = 1; break;
-                default: goto usage;
-            }
-        }
-        else
-            goto usage;
-    }
-
-    mbedtls_x509write_csr_set_md_alg( &req, opt.md_alg );
-
-    if( opt.key_usage || opt.force_key_usage == 1 )
-        mbedtls_x509write_csr_set_key_usage( &req, opt.key_usage );
-
-    if( opt.ns_cert_type || opt.force_ns_cert_type == 1 )
-        mbedtls_x509write_csr_set_ns_cert_type( &req, opt.ns_cert_type );
-
-    /*
-     * 0. Seed the PRNG
-     */
-    mbedtls_printf( "  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    mbedtls_entropy_init( &entropy );
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               strlen( pers ) ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_ctr_drbg_seed returned %d", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 1.0. Check the subject name for validity
-     */
-    mbedtls_printf( "  . Checking subject name..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_x509write_csr_set_subject_name( &req, opt.subject_name ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_x509write_csr_set_subject_name returned %d", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 1.1. Load the key
-     */
-    mbedtls_printf( "  . Loading the private key ..." );
-    fflush( stdout );
-
-    ret = mbedtls_pk_parse_keyfile( &key, opt.filename, opt.password );
-
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_pk_parse_keyfile returned %d", ret );
-        goto exit;
-    }
-
-    mbedtls_x509write_csr_set_key( &req, &key );
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 1.2. Writing the request
-     */
-    mbedtls_printf( "  . Writing the certificate request ..." );
-    fflush( stdout );
-
-    if( ( ret = write_certificate_request( &req, opt.output_file,
-                                           mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  !  write_certifcate_request %d", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
-    if( exit_code != MBEDTLS_EXIT_SUCCESS )
-    {
-#ifdef MBEDTLS_ERROR_C
-        mbedtls_strerror( ret, buf, sizeof( buf ) );
-        mbedtls_printf( " - %s\n", buf );
-#else
-        mbedtls_printf("\n");
-#endif
-    }
-
-    mbedtls_x509write_csr_free( &req );
-    mbedtls_pk_free( &key );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_X509_CSR_WRITE_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
-          MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_PEM_WRITE_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/x509/cert_write.c b/3rdparty/mbedtls-2.25.0/programs/x509/cert_write.c
deleted file mode 100644
index 18174d8..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/x509/cert_write.c
+++ /dev/null
@@ -1,808 +0,0 @@
-/*
- *  Certificate generation and signing
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if !defined(MBEDTLS_X509_CRT_WRITE_C) || \
-    !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
-    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
-    !defined(MBEDTLS_ERROR_C) || !defined(MBEDTLS_SHA256_C) || \
-    !defined(MBEDTLS_PEM_WRITE_C)
-int main( void )
-{
-    mbedtls_printf( "MBEDTLS_X509_CRT_WRITE_C and/or MBEDTLS_X509_CRT_PARSE_C and/or "
-            "MBEDTLS_FS_IO and/or MBEDTLS_SHA256_C and/or "
-            "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
-            "MBEDTLS_ERROR_C not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-#include "mbedtls/x509_crt.h"
-#include "mbedtls/x509_csr.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/md.h"
-#include "mbedtls/error.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#if defined(MBEDTLS_X509_CSR_PARSE_C)
-#define USAGE_CSR                                                           \
-    "    request_file=%%s         default: (empty)\n"                           \
-    "                            If request_file is specified, subject_key,\n"  \
-    "                            subject_pwd and subject_name are ignored!\n"
-#else
-#define USAGE_CSR ""
-#endif /* MBEDTLS_X509_CSR_PARSE_C */
-
-#define DFL_ISSUER_CRT          ""
-#define DFL_REQUEST_FILE        ""
-#define DFL_SUBJECT_KEY         "subject.key"
-#define DFL_ISSUER_KEY          "ca.key"
-#define DFL_SUBJECT_PWD         ""
-#define DFL_ISSUER_PWD          ""
-#define DFL_OUTPUT_FILENAME     "cert.crt"
-#define DFL_SUBJECT_NAME        "CN=Cert,O=mbed TLS,C=UK"
-#define DFL_ISSUER_NAME         "CN=CA,O=mbed TLS,C=UK"
-#define DFL_NOT_BEFORE          "20010101000000"
-#define DFL_NOT_AFTER           "20301231235959"
-#define DFL_SERIAL              "1"
-#define DFL_SELFSIGN            0
-#define DFL_IS_CA               0
-#define DFL_MAX_PATHLEN         -1
-#define DFL_KEY_USAGE           0
-#define DFL_NS_CERT_TYPE        0
-#define DFL_VERSION             3
-#define DFL_AUTH_IDENT          1
-#define DFL_SUBJ_IDENT          1
-#define DFL_CONSTRAINTS         1
-#define DFL_DIGEST              MBEDTLS_MD_SHA256
-
-#define USAGE \
-    "\n usage: cert_write param=<>...\n"                \
-    "\n acceptable parameters:\n"                       \
-    USAGE_CSR                                           \
-    "    subject_key=%%s          default: subject.key\n"   \
-    "    subject_pwd=%%s          default: (empty)\n"       \
-    "    subject_name=%%s         default: CN=Cert,O=mbed TLS,C=UK\n"   \
-    "\n"                                                \
-    "    issuer_crt=%%s           default: (empty)\n"       \
-    "                            If issuer_crt is specified, issuer_name is\n"  \
-    "                            ignored!\n"                \
-    "    issuer_name=%%s          default: CN=CA,O=mbed TLS,C=UK\n"     \
-    "\n"                                                \
-    "    selfsign=%%d             default: 0 (false)\n"     \
-    "                            If selfsign is enabled, issuer_name and\n" \
-    "                            issuer_key are required (issuer_crt and\n" \
-    "                            subject_* are ignored\n"   \
-    "    issuer_key=%%s           default: ca.key\n"        \
-    "    issuer_pwd=%%s           default: (empty)\n"       \
-    "    output_file=%%s          default: cert.crt\n"      \
-    "    serial=%%s               default: 1\n"             \
-    "    not_before=%%s           default: 20010101000000\n"\
-    "    not_after=%%s            default: 20301231235959\n"\
-    "    is_ca=%%d                default: 0 (disabled)\n"  \
-    "    max_pathlen=%%d          default: -1 (none)\n"     \
-    "    md=%%s                   default: SHA256\n"        \
-    "                            Supported values (if enabled):\n"      \
-    "                            MD2, MD4, MD5, RIPEMD160, SHA1,\n" \
-    "                            SHA224, SHA256, SHA384, SHA512\n" \
-    "    version=%%d              default: 3\n"            \
-    "                            Possible values: 1, 2, 3\n"\
-    "    subject_identifier=%%s   default: 1\n"             \
-    "                            Possible values: 0, 1\n"   \
-    "                            (Considered for v3 only)\n"\
-    "    authority_identifier=%%s default: 1\n"             \
-    "                            Possible values: 0, 1\n"   \
-    "                            (Considered for v3 only)\n"\
-    "    basic_constraints=%%d    default: 1\n"             \
-    "                            Possible values: 0, 1\n"   \
-    "                            (Considered for v3 only)\n"\
-    "    key_usage=%%s            default: (empty)\n"       \
-    "                            Comma-separated-list of values:\n"     \
-    "                            digital_signature\n"     \
-    "                            non_repudiation\n"       \
-    "                            key_encipherment\n"      \
-    "                            data_encipherment\n"     \
-    "                            key_agreement\n"         \
-    "                            key_cert_sign\n"  \
-    "                            crl_sign\n"              \
-    "                            (Considered for v3 only)\n"\
-    "    ns_cert_type=%%s         default: (empty)\n"       \
-    "                            Comma-separated-list of values:\n"     \
-    "                            ssl_client\n"            \
-    "                            ssl_server\n"            \
-    "                            email\n"                 \
-    "                            object_signing\n"        \
-    "                            ssl_ca\n"                \
-    "                            email_ca\n"              \
-    "                            object_signing_ca\n"     \
-    "\n"
-
-
-/*
- * global options
- */
-struct options
-{
-    const char *issuer_crt;     /* filename of the issuer certificate   */
-    const char *request_file;   /* filename of the certificate request  */
-    const char *subject_key;    /* filename of the subject key file     */
-    const char *issuer_key;     /* filename of the issuer key file      */
-    const char *subject_pwd;    /* password for the subject key file    */
-    const char *issuer_pwd;     /* password for the issuer key file     */
-    const char *output_file;    /* where to store the constructed CRT   */
-    const char *subject_name;   /* subject name for certificate         */
-    const char *issuer_name;    /* issuer name for certificate          */
-    const char *not_before;     /* validity period not before           */
-    const char *not_after;      /* validity period not after            */
-    const char *serial;         /* serial number string                 */
-    int selfsign;               /* selfsign the certificate             */
-    int is_ca;                  /* is a CA certificate                  */
-    int max_pathlen;            /* maximum CA path length               */
-    int authority_identifier;   /* add authority identifier to CRT      */
-    int subject_identifier;     /* add subject identifier to CRT        */
-    int basic_constraints;      /* add basic constraints ext to CRT     */
-    int version;                /* CRT version                          */
-    mbedtls_md_type_t md;       /* Hash used for signing                */
-    unsigned char key_usage;    /* key usage flags                      */
-    unsigned char ns_cert_type; /* NS cert type                         */
-} opt;
-
-int write_certificate( mbedtls_x509write_cert *crt, const char *output_file,
-                       int (*f_rng)(void *, unsigned char *, size_t),
-                       void *p_rng )
-{
-    int ret;
-    FILE *f;
-    unsigned char output_buf[4096];
-    size_t len = 0;
-
-    memset( output_buf, 0, 4096 );
-    if( ( ret = mbedtls_x509write_crt_pem( crt, output_buf, 4096,
-                                           f_rng, p_rng ) ) < 0 )
-        return( ret );
-
-    len = strlen( (char *) output_buf );
-
-    if( ( f = fopen( output_file, "w" ) ) == NULL )
-        return( -1 );
-
-    if( fwrite( output_buf, 1, len, f ) != len )
-    {
-        fclose( f );
-        return( -1 );
-    }
-
-    fclose( f );
-
-    return( 0 );
-}
-
-int main( int argc, char *argv[] )
-{
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    mbedtls_x509_crt issuer_crt;
-    mbedtls_pk_context loaded_issuer_key, loaded_subject_key;
-    mbedtls_pk_context *issuer_key = &loaded_issuer_key,
-                *subject_key = &loaded_subject_key;
-    char buf[1024];
-    char issuer_name[256];
-    int i;
-    char *p, *q, *r;
-#if defined(MBEDTLS_X509_CSR_PARSE_C)
-    char subject_name[256];
-    mbedtls_x509_csr csr;
-#endif
-    mbedtls_x509write_cert crt;
-    mbedtls_mpi serial;
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    const char *pers = "crt example app";
-
-    /*
-     * Set to sane values
-     */
-    mbedtls_x509write_crt_init( &crt );
-    mbedtls_pk_init( &loaded_issuer_key );
-    mbedtls_pk_init( &loaded_subject_key );
-    mbedtls_mpi_init( &serial );
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-    mbedtls_entropy_init( &entropy );
-#if defined(MBEDTLS_X509_CSR_PARSE_C)
-    mbedtls_x509_csr_init( &csr );
-#endif
-    mbedtls_x509_crt_init( &issuer_crt );
-    memset( buf, 0, 1024 );
-
-    if( argc == 0 )
-    {
-    usage:
-        mbedtls_printf( USAGE );
-        goto exit;
-    }
-
-    opt.issuer_crt          = DFL_ISSUER_CRT;
-    opt.request_file        = DFL_REQUEST_FILE;
-    opt.subject_key         = DFL_SUBJECT_KEY;
-    opt.issuer_key          = DFL_ISSUER_KEY;
-    opt.subject_pwd         = DFL_SUBJECT_PWD;
-    opt.issuer_pwd          = DFL_ISSUER_PWD;
-    opt.output_file         = DFL_OUTPUT_FILENAME;
-    opt.subject_name        = DFL_SUBJECT_NAME;
-    opt.issuer_name         = DFL_ISSUER_NAME;
-    opt.not_before          = DFL_NOT_BEFORE;
-    opt.not_after           = DFL_NOT_AFTER;
-    opt.serial              = DFL_SERIAL;
-    opt.selfsign            = DFL_SELFSIGN;
-    opt.is_ca               = DFL_IS_CA;
-    opt.max_pathlen         = DFL_MAX_PATHLEN;
-    opt.key_usage           = DFL_KEY_USAGE;
-    opt.ns_cert_type        = DFL_NS_CERT_TYPE;
-    opt.version             = DFL_VERSION - 1;
-    opt.md                  = DFL_DIGEST;
-    opt.subject_identifier   = DFL_SUBJ_IDENT;
-    opt.authority_identifier = DFL_AUTH_IDENT;
-    opt.basic_constraints    = DFL_CONSTRAINTS;
-
-    for( i = 1; i < argc; i++ )
-    {
-
-        p = argv[i];
-        if( ( q = strchr( p, '=' ) ) == NULL )
-            goto usage;
-        *q++ = '\0';
-
-        if( strcmp( p, "request_file" ) == 0 )
-            opt.request_file = q;
-        else if( strcmp( p, "subject_key" ) == 0 )
-            opt.subject_key = q;
-        else if( strcmp( p, "issuer_key" ) == 0 )
-            opt.issuer_key = q;
-        else if( strcmp( p, "subject_pwd" ) == 0 )
-            opt.subject_pwd = q;
-        else if( strcmp( p, "issuer_pwd" ) == 0 )
-            opt.issuer_pwd = q;
-        else if( strcmp( p, "issuer_crt" ) == 0 )
-            opt.issuer_crt = q;
-        else if( strcmp( p, "output_file" ) == 0 )
-            opt.output_file = q;
-        else if( strcmp( p, "subject_name" ) == 0 )
-        {
-            opt.subject_name = q;
-        }
-        else if( strcmp( p, "issuer_name" ) == 0 )
-        {
-            opt.issuer_name = q;
-        }
-        else if( strcmp( p, "not_before" ) == 0 )
-        {
-            opt.not_before = q;
-        }
-        else if( strcmp( p, "not_after" ) == 0 )
-        {
-            opt.not_after = q;
-        }
-        else if( strcmp( p, "serial" ) == 0 )
-        {
-            opt.serial = q;
-        }
-        else if( strcmp( p, "authority_identifier" ) == 0 )
-        {
-            opt.authority_identifier = atoi( q );
-            if( opt.authority_identifier != 0 &&
-                opt.authority_identifier != 1 )
-            {
-                mbedtls_printf( "Invalid argument for option %s\n", p );
-                goto usage;
-            }
-        }
-        else if( strcmp( p, "subject_identifier" ) == 0 )
-        {
-            opt.subject_identifier = atoi( q );
-            if( opt.subject_identifier != 0 &&
-                opt.subject_identifier != 1 )
-            {
-                mbedtls_printf( "Invalid argument for option %s\n", p );
-                goto usage;
-            }
-        }
-        else if( strcmp( p, "basic_constraints" ) == 0 )
-        {
-            opt.basic_constraints = atoi( q );
-            if( opt.basic_constraints != 0 &&
-                opt.basic_constraints != 1 )
-            {
-                mbedtls_printf( "Invalid argument for option %s\n", p );
-                goto usage;
-            }
-        }
-        else if( strcmp( p, "md" ) == 0 )
-        {
-            const mbedtls_md_info_t *md_info =
-                mbedtls_md_info_from_string( q );
-            if( md_info == NULL )
-            {
-                mbedtls_printf( "Invalid argument for option %s\n", p );
-                goto usage;
-            }
-            opt.md = mbedtls_md_get_type( md_info );
-        }
-        else if( strcmp( p, "version" ) == 0 )
-        {
-            opt.version = atoi( q );
-            if( opt.version < 1 || opt.version > 3 )
-            {
-                mbedtls_printf( "Invalid argument for option %s\n", p );
-                goto usage;
-            }
-            opt.version--;
-        }
-        else if( strcmp( p, "selfsign" ) == 0 )
-        {
-            opt.selfsign = atoi( q );
-            if( opt.selfsign < 0 || opt.selfsign > 1 )
-            {
-                mbedtls_printf( "Invalid argument for option %s\n", p );
-                goto usage;
-            }
-        }
-        else if( strcmp( p, "is_ca" ) == 0 )
-        {
-            opt.is_ca = atoi( q );
-            if( opt.is_ca < 0 || opt.is_ca > 1 )
-            {
-                mbedtls_printf( "Invalid argument for option %s\n", p );
-                goto usage;
-            }
-        }
-        else if( strcmp( p, "max_pathlen" ) == 0 )
-        {
-            opt.max_pathlen = atoi( q );
-            if( opt.max_pathlen < -1 || opt.max_pathlen > 127 )
-            {
-                mbedtls_printf( "Invalid argument for option %s\n", p );
-                goto usage;
-            }
-        }
-        else if( strcmp( p, "key_usage" ) == 0 )
-        {
-            while( q != NULL )
-            {
-                if( ( r = strchr( q, ',' ) ) != NULL )
-                    *r++ = '\0';
-
-                if( strcmp( q, "digital_signature" ) == 0 )
-                    opt.key_usage |= MBEDTLS_X509_KU_DIGITAL_SIGNATURE;
-                else if( strcmp( q, "non_repudiation" ) == 0 )
-                    opt.key_usage |= MBEDTLS_X509_KU_NON_REPUDIATION;
-                else if( strcmp( q, "key_encipherment" ) == 0 )
-                    opt.key_usage |= MBEDTLS_X509_KU_KEY_ENCIPHERMENT;
-                else if( strcmp( q, "data_encipherment" ) == 0 )
-                    opt.key_usage |= MBEDTLS_X509_KU_DATA_ENCIPHERMENT;
-                else if( strcmp( q, "key_agreement" ) == 0 )
-                    opt.key_usage |= MBEDTLS_X509_KU_KEY_AGREEMENT;
-                else if( strcmp( q, "key_cert_sign" ) == 0 )
-                    opt.key_usage |= MBEDTLS_X509_KU_KEY_CERT_SIGN;
-                else if( strcmp( q, "crl_sign" ) == 0 )
-                    opt.key_usage |= MBEDTLS_X509_KU_CRL_SIGN;
-                else
-                {
-                    mbedtls_printf( "Invalid argument for option %s\n", p );
-                    goto usage;
-                }
-
-                q = r;
-            }
-        }
-        else if( strcmp( p, "ns_cert_type" ) == 0 )
-        {
-            while( q != NULL )
-            {
-                if( ( r = strchr( q, ',' ) ) != NULL )
-                    *r++ = '\0';
-
-                if( strcmp( q, "ssl_client" ) == 0 )
-                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT;
-                else if( strcmp( q, "ssl_server" ) == 0 )
-                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER;
-                else if( strcmp( q, "email" ) == 0 )
-                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL;
-                else if( strcmp( q, "object_signing" ) == 0 )
-                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING;
-                else if( strcmp( q, "ssl_ca" ) == 0 )
-                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CA;
-                else if( strcmp( q, "email_ca" ) == 0 )
-                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA;
-                else if( strcmp( q, "object_signing_ca" ) == 0 )
-                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA;
-                else
-                {
-                    mbedtls_printf( "Invalid argument for option %s\n", p );
-                    goto usage;
-                }
-
-                q = r;
-            }
-        }
-        else
-            goto usage;
-    }
-
-    mbedtls_printf("\n");
-
-    /*
-     * 0. Seed the PRNG
-     */
-    mbedtls_printf( "  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               strlen( pers ) ) ) != 0 )
-    {
-        mbedtls_strerror( ret, buf, 1024 );
-        mbedtls_printf( " failed\n  !  mbedtls_ctr_drbg_seed returned %d - %s\n",
-                        ret, buf );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    // Parse serial to MPI
-    //
-    mbedtls_printf( "  . Reading serial number..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_mpi_read_string( &serial, 10, opt.serial ) ) != 0 )
-    {
-        mbedtls_strerror( ret, buf, 1024 );
-        mbedtls_printf( " failed\n  !  mbedtls_mpi_read_string "
-                        "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    // Parse issuer certificate if present
-    //
-    if( !opt.selfsign && strlen( opt.issuer_crt ) )
-    {
-        /*
-         * 1.0.a. Load the certificates
-         */
-        mbedtls_printf( "  . Loading the issuer certificate ..." );
-        fflush( stdout );
-
-        if( ( ret = mbedtls_x509_crt_parse_file( &issuer_crt, opt.issuer_crt ) ) != 0 )
-        {
-            mbedtls_strerror( ret, buf, 1024 );
-            mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse_file "
-                            "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
-            goto exit;
-        }
-
-        ret = mbedtls_x509_dn_gets( issuer_name, sizeof(issuer_name),
-                                 &issuer_crt.subject );
-        if( ret < 0 )
-        {
-            mbedtls_strerror( ret, buf, 1024 );
-            mbedtls_printf( " failed\n  !  mbedtls_x509_dn_gets "
-                            "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
-            goto exit;
-        }
-
-        opt.issuer_name = issuer_name;
-
-        mbedtls_printf( " ok\n" );
-    }
-
-#if defined(MBEDTLS_X509_CSR_PARSE_C)
-    // Parse certificate request if present
-    //
-    if( !opt.selfsign && strlen( opt.request_file ) )
-    {
-        /*
-         * 1.0.b. Load the CSR
-         */
-        mbedtls_printf( "  . Loading the certificate request ..." );
-        fflush( stdout );
-
-        if( ( ret = mbedtls_x509_csr_parse_file( &csr, opt.request_file ) ) != 0 )
-        {
-            mbedtls_strerror( ret, buf, 1024 );
-            mbedtls_printf( " failed\n  !  mbedtls_x509_csr_parse_file "
-                            "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
-            goto exit;
-        }
-
-        ret = mbedtls_x509_dn_gets( subject_name, sizeof(subject_name),
-                                 &csr.subject );
-        if( ret < 0 )
-        {
-            mbedtls_strerror( ret, buf, 1024 );
-            mbedtls_printf( " failed\n  !  mbedtls_x509_dn_gets "
-                            "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
-            goto exit;
-        }
-
-        opt.subject_name = subject_name;
-        subject_key = &csr.pk;
-
-        mbedtls_printf( " ok\n" );
-    }
-#endif /* MBEDTLS_X509_CSR_PARSE_C */
-
-    /*
-     * 1.1. Load the keys
-     */
-    if( !opt.selfsign && !strlen( opt.request_file ) )
-    {
-        mbedtls_printf( "  . Loading the subject key ..." );
-        fflush( stdout );
-
-        ret = mbedtls_pk_parse_keyfile( &loaded_subject_key, opt.subject_key,
-                                 opt.subject_pwd );
-        if( ret != 0 )
-        {
-            mbedtls_strerror( ret, buf, 1024 );
-            mbedtls_printf( " failed\n  !  mbedtls_pk_parse_keyfile "
-                            "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
-            goto exit;
-        }
-
-        mbedtls_printf( " ok\n" );
-    }
-
-    mbedtls_printf( "  . Loading the issuer key ..." );
-    fflush( stdout );
-
-    ret = mbedtls_pk_parse_keyfile( &loaded_issuer_key, opt.issuer_key,
-                             opt.issuer_pwd );
-    if( ret != 0 )
-    {
-        mbedtls_strerror( ret, buf, 1024 );
-        mbedtls_printf( " failed\n  !  mbedtls_pk_parse_keyfile "
-                        "returned -x%02x - %s\n\n", (unsigned int) -ret, buf );
-        goto exit;
-    }
-
-    // Check if key and issuer certificate match
-    //
-    if( strlen( opt.issuer_crt ) )
-    {
-        if( mbedtls_pk_check_pair( &issuer_crt.pk, issuer_key ) != 0 )
-        {
-            mbedtls_printf( " failed\n  !  issuer_key does not match "
-                            "issuer certificate\n\n" );
-            goto exit;
-        }
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    if( opt.selfsign )
-    {
-        opt.subject_name = opt.issuer_name;
-        subject_key = issuer_key;
-    }
-
-    mbedtls_x509write_crt_set_subject_key( &crt, subject_key );
-    mbedtls_x509write_crt_set_issuer_key( &crt, issuer_key );
-
-    /*
-     * 1.0. Check the names for validity
-     */
-    if( ( ret = mbedtls_x509write_crt_set_subject_name( &crt, opt.subject_name ) ) != 0 )
-    {
-        mbedtls_strerror( ret, buf, 1024 );
-        mbedtls_printf( " failed\n  !  mbedtls_x509write_crt_set_subject_name "
-                        "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
-        goto exit;
-    }
-
-    if( ( ret = mbedtls_x509write_crt_set_issuer_name( &crt, opt.issuer_name ) ) != 0 )
-    {
-        mbedtls_strerror( ret, buf, 1024 );
-        mbedtls_printf( " failed\n  !  mbedtls_x509write_crt_set_issuer_name "
-                        "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
-        goto exit;
-    }
-
-    mbedtls_printf( "  . Setting certificate values ..." );
-    fflush( stdout );
-
-    mbedtls_x509write_crt_set_version( &crt, opt.version );
-    mbedtls_x509write_crt_set_md_alg( &crt, opt.md );
-
-    ret = mbedtls_x509write_crt_set_serial( &crt, &serial );
-    if( ret != 0 )
-    {
-        mbedtls_strerror( ret, buf, 1024 );
-        mbedtls_printf( " failed\n  !  mbedtls_x509write_crt_set_serial "
-                        "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
-        goto exit;
-    }
-
-    ret = mbedtls_x509write_crt_set_validity( &crt, opt.not_before, opt.not_after );
-    if( ret != 0 )
-    {
-        mbedtls_strerror( ret, buf, 1024 );
-        mbedtls_printf( " failed\n  !  mbedtls_x509write_crt_set_validity "
-                        "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    if( opt.version == MBEDTLS_X509_CRT_VERSION_3 &&
-        opt.basic_constraints != 0 )
-    {
-        mbedtls_printf( "  . Adding the Basic Constraints extension ..." );
-        fflush( stdout );
-
-        ret = mbedtls_x509write_crt_set_basic_constraints( &crt, opt.is_ca,
-                                                           opt.max_pathlen );
-        if( ret != 0 )
-        {
-            mbedtls_strerror( ret, buf, 1024 );
-            mbedtls_printf( " failed\n  !  x509write_crt_set_basic_contraints "
-                            "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
-            goto exit;
-        }
-
-        mbedtls_printf( " ok\n" );
-    }
-
-#if defined(MBEDTLS_SHA1_C)
-    if( opt.version == MBEDTLS_X509_CRT_VERSION_3 &&
-        opt.subject_identifier != 0 )
-    {
-        mbedtls_printf( "  . Adding the Subject Key Identifier ..." );
-        fflush( stdout );
-
-        ret = mbedtls_x509write_crt_set_subject_key_identifier( &crt );
-        if( ret != 0 )
-        {
-            mbedtls_strerror( ret, buf, 1024 );
-            mbedtls_printf( " failed\n  !  mbedtls_x509write_crt_set_subject"
-                            "_key_identifier returned -0x%04x - %s\n\n",
-                            (unsigned int) -ret, buf );
-            goto exit;
-        }
-
-        mbedtls_printf( " ok\n" );
-    }
-
-    if( opt.version == MBEDTLS_X509_CRT_VERSION_3 &&
-        opt.authority_identifier != 0 )
-    {
-        mbedtls_printf( "  . Adding the Authority Key Identifier ..." );
-        fflush( stdout );
-
-        ret = mbedtls_x509write_crt_set_authority_key_identifier( &crt );
-        if( ret != 0 )
-        {
-            mbedtls_strerror( ret, buf, 1024 );
-            mbedtls_printf( " failed\n  !  mbedtls_x509write_crt_set_authority_"
-                            "key_identifier returned -0x%04x - %s\n\n",
-                            (unsigned int) -ret, buf );
-            goto exit;
-        }
-
-        mbedtls_printf( " ok\n" );
-    }
-#endif /* MBEDTLS_SHA1_C */
-
-    if( opt.version == MBEDTLS_X509_CRT_VERSION_3 &&
-        opt.key_usage != 0 )
-    {
-        mbedtls_printf( "  . Adding the Key Usage extension ..." );
-        fflush( stdout );
-
-        ret = mbedtls_x509write_crt_set_key_usage( &crt, opt.key_usage );
-        if( ret != 0 )
-        {
-            mbedtls_strerror( ret, buf, 1024 );
-            mbedtls_printf( " failed\n  !  mbedtls_x509write_crt_set_key_usage "
-                            "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
-            goto exit;
-        }
-
-        mbedtls_printf( " ok\n" );
-    }
-
-    if( opt.version == MBEDTLS_X509_CRT_VERSION_3 &&
-        opt.ns_cert_type != 0 )
-    {
-        mbedtls_printf( "  . Adding the NS Cert Type extension ..." );
-        fflush( stdout );
-
-        ret = mbedtls_x509write_crt_set_ns_cert_type( &crt, opt.ns_cert_type );
-        if( ret != 0 )
-        {
-            mbedtls_strerror( ret, buf, 1024 );
-            mbedtls_printf( " failed\n  !  mbedtls_x509write_crt_set_ns_cert_type "
-                            "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf );
-            goto exit;
-        }
-
-        mbedtls_printf( " ok\n" );
-    }
-
-    /*
-     * 1.2. Writing the certificate
-     */
-    mbedtls_printf( "  . Writing the certificate..." );
-    fflush( stdout );
-
-    if( ( ret = write_certificate( &crt, opt.output_file,
-                                   mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
-    {
-        mbedtls_strerror( ret, buf, 1024 );
-        mbedtls_printf( " failed\n  !  write_certificate -0x%04x - %s\n\n",
-                        (unsigned int) -ret, buf );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-#if defined(MBEDTLS_X509_CSR_PARSE_C)
-    mbedtls_x509_csr_free( &csr );
-#endif /* MBEDTLS_X509_CSR_PARSE_C */
-    mbedtls_x509_crt_free( &issuer_crt );
-    mbedtls_x509write_crt_free( &crt );
-    mbedtls_pk_free( &loaded_subject_key );
-    mbedtls_pk_free( &loaded_issuer_key );
-    mbedtls_mpi_free( &serial );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_X509_CRT_WRITE_C && MBEDTLS_X509_CRT_PARSE_C &&
-          MBEDTLS_FS_IO && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
-          MBEDTLS_ERROR_C && MBEDTLS_PEM_WRITE_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/x509/crl_app.c b/3rdparty/mbedtls-2.25.0/programs/x509/crl_app.c
deleted file mode 100644
index ffb539f..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/x509/crl_app.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/*
- *  CRL reading application
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) ||  \
-    !defined(MBEDTLS_X509_CRL_PARSE_C) || !defined(MBEDTLS_FS_IO)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
-           "MBEDTLS_X509_CRL_PARSE_C and/or MBEDTLS_FS_IO not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-#include "mbedtls/x509_crl.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#define DFL_FILENAME            "crl.pem"
-#define DFL_DEBUG_LEVEL         0
-
-#define USAGE \
-    "\n usage: crl_app param=<>...\n"                   \
-    "\n acceptable parameters:\n"                       \
-    "    filename=%%s         default: crl.pem\n"      \
-    "\n"
-
-
-/*
- * global options
- */
-struct options
-{
-    const char *filename;       /* filename of the certificate file     */
-} opt;
-
-int main( int argc, char *argv[] )
-{
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    unsigned char buf[100000];
-    mbedtls_x509_crl crl;
-    int i;
-    char *p, *q;
-
-    /*
-     * Set to sane values
-     */
-    mbedtls_x509_crl_init( &crl );
-
-    if( argc == 0 )
-    {
-    usage:
-        mbedtls_printf( USAGE );
-        goto exit;
-    }
-
-    opt.filename            = DFL_FILENAME;
-
-    for( i = 1; i < argc; i++ )
-    {
-        p = argv[i];
-        if( ( q = strchr( p, '=' ) ) == NULL )
-            goto usage;
-        *q++ = '\0';
-
-        if( strcmp( p, "filename" ) == 0 )
-            opt.filename = q;
-        else
-            goto usage;
-    }
-
-    /*
-     * 1.1. Load the CRL
-     */
-    mbedtls_printf( "\n  . Loading the CRL ..." );
-    fflush( stdout );
-
-    ret = mbedtls_x509_crl_parse_file( &crl, opt.filename );
-
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_x509_crl_parse_file returned %d\n\n", ret );
-        mbedtls_x509_crl_free( &crl );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 1.2 Print the CRL
-     */
-    mbedtls_printf( "  . CRL information    ...\n" );
-    ret = mbedtls_x509_crl_info( (char *) buf, sizeof( buf ) - 1, "      ", &crl );
-    if( ret == -1 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_x509_crl_info returned %d\n\n", ret );
-        mbedtls_x509_crl_free( &crl );
-        goto exit;
-    }
-
-    mbedtls_printf( "%s\n", buf );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-    mbedtls_x509_crl_free( &crl );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CRL_PARSE_C &&
-          MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.25.0/programs/x509/req_app.c b/3rdparty/mbedtls-2.25.0/programs/x509/req_app.c
deleted file mode 100644
index 0256a76..0000000
--- a/3rdparty/mbedtls-2.25.0/programs/x509/req_app.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/*
- *  Certificate request reading application
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_printf          printf
-#define mbedtls_exit            exit
-#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
-#endif /* MBEDTLS_PLATFORM_C */
-
-#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) ||  \
-    !defined(MBEDTLS_X509_CSR_PARSE_C) || !defined(MBEDTLS_FS_IO)
-int main( void )
-{
-    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
-           "MBEDTLS_X509_CSR_PARSE_C and/or MBEDTLS_FS_IO not defined.\n");
-    mbedtls_exit( 0 );
-}
-#else
-
-#include "mbedtls/x509_csr.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#define DFL_FILENAME            "cert.req"
-#define DFL_DEBUG_LEVEL         0
-
-#define USAGE \
-    "\n usage: req_app param=<>...\n"                   \
-    "\n acceptable parameters:\n"                       \
-    "    filename=%%s         default: cert.req\n"      \
-    "\n"
-
-
-/*
- * global options
- */
-struct options
-{
-    const char *filename;       /* filename of the certificate request  */
-} opt;
-
-int main( int argc, char *argv[] )
-{
-    int ret = 1;
-    int exit_code = MBEDTLS_EXIT_FAILURE;
-    unsigned char buf[100000];
-    mbedtls_x509_csr csr;
-    int i;
-    char *p, *q;
-
-    /*
-     * Set to sane values
-     */
-    mbedtls_x509_csr_init( &csr );
-
-    if( argc == 0 )
-    {
-    usage:
-        mbedtls_printf( USAGE );
-        goto exit;
-    }
-
-    opt.filename            = DFL_FILENAME;
-
-    for( i = 1; i < argc; i++ )
-    {
-        p = argv[i];
-        if( ( q = strchr( p, '=' ) ) == NULL )
-            goto usage;
-        *q++ = '\0';
-
-        if( strcmp( p, "filename" ) == 0 )
-            opt.filename = q;
-        else
-            goto usage;
-    }
-
-    /*
-     * 1.1. Load the CSR
-     */
-    mbedtls_printf( "\n  . Loading the CSR ..." );
-    fflush( stdout );
-
-    ret = mbedtls_x509_csr_parse_file( &csr, opt.filename );
-
-    if( ret != 0 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_x509_csr_parse_file returned %d\n\n", ret );
-        mbedtls_x509_csr_free( &csr );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
-    /*
-     * 1.2 Print the CSR
-     */
-    mbedtls_printf( "  . CSR information    ...\n" );
-    ret = mbedtls_x509_csr_info( (char *) buf, sizeof( buf ) - 1, "      ", &csr );
-    if( ret == -1 )
-    {
-        mbedtls_printf( " failed\n  !  mbedtls_x509_csr_info returned %d\n\n", ret );
-        mbedtls_x509_csr_free( &csr );
-        goto exit;
-    }
-
-    mbedtls_printf( "%s\n", buf );
-
-    exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-    mbedtls_x509_csr_free( &csr );
-
-#if defined(_WIN32)
-    mbedtls_printf( "  + Press Enter to exit this program.\n" );
-    fflush( stdout ); getchar();
-#endif
-
-    mbedtls_exit( exit_code );
-}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CSR_PARSE_C &&
-          MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.25.0/scripts/abi_check.py b/3rdparty/mbedtls-2.25.0/scripts/abi_check.py
deleted file mode 100644
index 3cfd95a..0000000
--- a/3rdparty/mbedtls-2.25.0/scripts/abi_check.py
+++ /dev/null
@@ -1,446 +0,0 @@
-#!/usr/bin/env python3
-"""
-Purpose
-
-This script is a small wrapper around the abi-compliance-checker and
-abi-dumper tools, applying them to compare the ABI and API of the library
-files from two different Git revisions within an Mbed TLS repository.
-The results of the comparison are either formatted as HTML and stored at
-a configurable location, or are given as a brief list of problems.
-Returns 0 on success, 1 on ABI/API non-compliance, and 2 if there is an error
-while running the script. Note: must be run from Mbed TLS root.
-"""
-
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-import os
-import sys
-import traceback
-import shutil
-import subprocess
-import argparse
-import logging
-import tempfile
-import fnmatch
-from types import SimpleNamespace
-
-import xml.etree.ElementTree as ET
-
-
-class AbiChecker:
-    """API and ABI checker."""
-
-    def __init__(self, old_version, new_version, configuration):
-        """Instantiate the API/ABI checker.
-
-        old_version: RepoVersion containing details to compare against
-        new_version: RepoVersion containing details to check
-        configuration.report_dir: directory for output files
-        configuration.keep_all_reports: if false, delete old reports
-        configuration.brief: if true, output shorter report to stdout
-        configuration.skip_file: path to file containing symbols and types to skip
-        """
-        self.repo_path = "."
-        self.log = None
-        self.verbose = configuration.verbose
-        self._setup_logger()
-        self.report_dir = os.path.abspath(configuration.report_dir)
-        self.keep_all_reports = configuration.keep_all_reports
-        self.can_remove_report_dir = not (os.path.exists(self.report_dir) or
-                                          self.keep_all_reports)
-        self.old_version = old_version
-        self.new_version = new_version
-        self.skip_file = configuration.skip_file
-        self.brief = configuration.brief
-        self.git_command = "git"
-        self.make_command = "make"
-
-    @staticmethod
-    def check_repo_path():
-        if not all(os.path.isdir(d) for d in ["include", "library", "tests"]):
-            raise Exception("Must be run from Mbed TLS root")
-
-    def _setup_logger(self):
-        self.log = logging.getLogger()
-        if self.verbose:
-            self.log.setLevel(logging.DEBUG)
-        else:
-            self.log.setLevel(logging.INFO)
-        self.log.addHandler(logging.StreamHandler())
-
-    @staticmethod
-    def check_abi_tools_are_installed():
-        for command in ["abi-dumper", "abi-compliance-checker"]:
-            if not shutil.which(command):
-                raise Exception("{} not installed, aborting".format(command))
-
-    def _get_clean_worktree_for_git_revision(self, version):
-        """Make a separate worktree with version.revision checked out.
-        Do not modify the current worktree."""
-        git_worktree_path = tempfile.mkdtemp()
-        if version.repository:
-            self.log.debug(
-                "Checking out git worktree for revision {} from {}".format(
-                    version.revision, version.repository
-                )
-            )
-            fetch_output = subprocess.check_output(
-                [self.git_command, "fetch",
-                 version.repository, version.revision],
-                cwd=self.repo_path,
-                stderr=subprocess.STDOUT
-            )
-            self.log.debug(fetch_output.decode("utf-8"))
-            worktree_rev = "FETCH_HEAD"
-        else:
-            self.log.debug("Checking out git worktree for revision {}".format(
-                version.revision
-            ))
-            worktree_rev = version.revision
-        worktree_output = subprocess.check_output(
-            [self.git_command, "worktree", "add", "--detach",
-             git_worktree_path, worktree_rev],
-            cwd=self.repo_path,
-            stderr=subprocess.STDOUT
-        )
-        self.log.debug(worktree_output.decode("utf-8"))
-        version.commit = subprocess.check_output(
-            [self.git_command, "rev-parse", "HEAD"],
-            cwd=git_worktree_path,
-            stderr=subprocess.STDOUT
-        ).decode("ascii").rstrip()
-        self.log.debug("Commit is {}".format(version.commit))
-        return git_worktree_path
-
-    def _update_git_submodules(self, git_worktree_path, version):
-        """If the crypto submodule is present, initialize it.
-        if version.crypto_revision exists, update it to that revision,
-        otherwise update it to the default revision"""
-        update_output = subprocess.check_output(
-            [self.git_command, "submodule", "update", "--init", '--recursive'],
-            cwd=git_worktree_path,
-            stderr=subprocess.STDOUT
-        )
-        self.log.debug(update_output.decode("utf-8"))
-        if not (os.path.exists(os.path.join(git_worktree_path, "crypto"))
-                and version.crypto_revision):
-            return
-
-        if version.crypto_repository:
-            fetch_output = subprocess.check_output(
-                [self.git_command, "fetch", version.crypto_repository,
-                 version.crypto_revision],
-                cwd=os.path.join(git_worktree_path, "crypto"),
-                stderr=subprocess.STDOUT
-            )
-            self.log.debug(fetch_output.decode("utf-8"))
-            crypto_rev = "FETCH_HEAD"
-        else:
-            crypto_rev = version.crypto_revision
-
-        checkout_output = subprocess.check_output(
-            [self.git_command, "checkout", crypto_rev],
-            cwd=os.path.join(git_worktree_path, "crypto"),
-            stderr=subprocess.STDOUT
-        )
-        self.log.debug(checkout_output.decode("utf-8"))
-
-    def _build_shared_libraries(self, git_worktree_path, version):
-        """Build the shared libraries in the specified worktree."""
-        my_environment = os.environ.copy()
-        my_environment["CFLAGS"] = "-g -Og"
-        my_environment["SHARED"] = "1"
-        if os.path.exists(os.path.join(git_worktree_path, "crypto")):
-            my_environment["USE_CRYPTO_SUBMODULE"] = "1"
-        make_output = subprocess.check_output(
-            [self.make_command, "lib"],
-            env=my_environment,
-            cwd=git_worktree_path,
-            stderr=subprocess.STDOUT
-        )
-        self.log.debug(make_output.decode("utf-8"))
-        for root, _dirs, files in os.walk(git_worktree_path):
-            for file in fnmatch.filter(files, "*.so"):
-                version.modules[os.path.splitext(file)[0]] = (
-                    os.path.join(root, file)
-                )
-
-    @staticmethod
-    def _pretty_revision(version):
-        if version.revision == version.commit:
-            return version.revision
-        else:
-            return "{} ({})".format(version.revision, version.commit)
-
-    def _get_abi_dumps_from_shared_libraries(self, version):
-        """Generate the ABI dumps for the specified git revision.
-        The shared libraries must have been built and the module paths
-        present in version.modules."""
-        for mbed_module, module_path in version.modules.items():
-            output_path = os.path.join(
-                self.report_dir, "{}-{}-{}.dump".format(
-                    mbed_module, version.revision, version.version
-                )
-            )
-            abi_dump_command = [
-                "abi-dumper",
-                module_path,
-                "-o", output_path,
-                "-lver", self._pretty_revision(version),
-            ]
-            abi_dump_output = subprocess.check_output(
-                abi_dump_command,
-                stderr=subprocess.STDOUT
-            )
-            self.log.debug(abi_dump_output.decode("utf-8"))
-            version.abi_dumps[mbed_module] = output_path
-
-    def _cleanup_worktree(self, git_worktree_path):
-        """Remove the specified git worktree."""
-        shutil.rmtree(git_worktree_path)
-        worktree_output = subprocess.check_output(
-            [self.git_command, "worktree", "prune"],
-            cwd=self.repo_path,
-            stderr=subprocess.STDOUT
-        )
-        self.log.debug(worktree_output.decode("utf-8"))
-
-    def _get_abi_dump_for_ref(self, version):
-        """Generate the ABI dumps for the specified git revision."""
-        git_worktree_path = self._get_clean_worktree_for_git_revision(version)
-        self._update_git_submodules(git_worktree_path, version)
-        self._build_shared_libraries(git_worktree_path, version)
-        self._get_abi_dumps_from_shared_libraries(version)
-        self._cleanup_worktree(git_worktree_path)
-
-    def _remove_children_with_tag(self, parent, tag):
-        children = parent.getchildren()
-        for child in children:
-            if child.tag == tag:
-                parent.remove(child)
-            else:
-                self._remove_children_with_tag(child, tag)
-
-    def _remove_extra_detail_from_report(self, report_root):
-        for tag in ['test_info', 'test_results', 'problem_summary',
-                    'added_symbols', 'affected']:
-            self._remove_children_with_tag(report_root, tag)
-
-        for report in report_root:
-            for problems in report.getchildren()[:]:
-                if not problems.getchildren():
-                    report.remove(problems)
-
-    def _abi_compliance_command(self, mbed_module, output_path):
-        """Build the command to run to analyze the library mbed_module.
-        The report will be placed in output_path."""
-        abi_compliance_command = [
-            "abi-compliance-checker",
-            "-l", mbed_module,
-            "-old", self.old_version.abi_dumps[mbed_module],
-            "-new", self.new_version.abi_dumps[mbed_module],
-            "-strict",
-            "-report-path", output_path,
-        ]
-        if self.skip_file:
-            abi_compliance_command += ["-skip-symbols", self.skip_file,
-                                       "-skip-types", self.skip_file]
-        if self.brief:
-            abi_compliance_command += ["-report-format", "xml",
-                                       "-stdout"]
-        return abi_compliance_command
-
-    def _is_library_compatible(self, mbed_module, compatibility_report):
-        """Test if the library mbed_module has remained compatible.
-        Append a message regarding compatibility to compatibility_report."""
-        output_path = os.path.join(
-            self.report_dir, "{}-{}-{}.html".format(
-                mbed_module, self.old_version.revision,
-                self.new_version.revision
-            )
-        )
-        try:
-            subprocess.check_output(
-                self._abi_compliance_command(mbed_module, output_path),
-                stderr=subprocess.STDOUT
-            )
-        except subprocess.CalledProcessError as err:
-            if err.returncode != 1:
-                raise err
-            if self.brief:
-                self.log.info(
-                    "Compatibility issues found for {}".format(mbed_module)
-                )
-                report_root = ET.fromstring(err.output.decode("utf-8"))
-                self._remove_extra_detail_from_report(report_root)
-                self.log.info(ET.tostring(report_root).decode("utf-8"))
-            else:
-                self.can_remove_report_dir = False
-                compatibility_report.append(
-                    "Compatibility issues found for {}, "
-                    "for details see {}".format(mbed_module, output_path)
-                )
-            return False
-        compatibility_report.append(
-            "No compatibility issues for {}".format(mbed_module)
-        )
-        if not (self.keep_all_reports or self.brief):
-            os.remove(output_path)
-        return True
-
-    def get_abi_compatibility_report(self):
-        """Generate a report of the differences between the reference ABI
-        and the new ABI. ABI dumps from self.old_version and self.new_version
-        must be available."""
-        compatibility_report = ["Checking evolution from {} to {}".format(
-            self._pretty_revision(self.old_version),
-            self._pretty_revision(self.new_version)
-        )]
-        compliance_return_code = 0
-        shared_modules = list(set(self.old_version.modules.keys()) &
-                              set(self.new_version.modules.keys()))
-        for mbed_module in shared_modules:
-            if not self._is_library_compatible(mbed_module,
-                                               compatibility_report):
-                compliance_return_code = 1
-        for version in [self.old_version, self.new_version]:
-            for mbed_module, mbed_module_dump in version.abi_dumps.items():
-                os.remove(mbed_module_dump)
-        if self.can_remove_report_dir:
-            os.rmdir(self.report_dir)
-        self.log.info("\n".join(compatibility_report))
-        return compliance_return_code
-
-    def check_for_abi_changes(self):
-        """Generate a report of ABI differences
-        between self.old_rev and self.new_rev."""
-        self.check_repo_path()
-        self.check_abi_tools_are_installed()
-        self._get_abi_dump_for_ref(self.old_version)
-        self._get_abi_dump_for_ref(self.new_version)
-        return self.get_abi_compatibility_report()
-
-
-def run_main():
-    try:
-        parser = argparse.ArgumentParser(
-            description=(
-                """This script is a small wrapper around the
-                abi-compliance-checker and abi-dumper tools, applying them
-                to compare the ABI and API of the library files from two
-                different Git revisions within an Mbed TLS repository.
-                The results of the comparison are either formatted as HTML and
-                stored at a configurable location, or are given as a brief list
-                of problems. Returns 0 on success, 1 on ABI/API non-compliance,
-                and 2 if there is an error while running the script.
-                Note: must be run from Mbed TLS root."""
-            )
-        )
-        parser.add_argument(
-            "-v", "--verbose", action="store_true",
-            help="set verbosity level",
-        )
-        parser.add_argument(
-            "-r", "--report-dir", type=str, default="reports",
-            help="directory where reports are stored, default is reports",
-        )
-        parser.add_argument(
-            "-k", "--keep-all-reports", action="store_true",
-            help="keep all reports, even if there are no compatibility issues",
-        )
-        parser.add_argument(
-            "-o", "--old-rev", type=str, help="revision for old version.",
-            required=True,
-        )
-        parser.add_argument(
-            "-or", "--old-repo", type=str, help="repository for old version."
-        )
-        parser.add_argument(
-            "-oc", "--old-crypto-rev", type=str,
-            help="revision for old crypto submodule."
-        )
-        parser.add_argument(
-            "-ocr", "--old-crypto-repo", type=str,
-            help="repository for old crypto submodule."
-        )
-        parser.add_argument(
-            "-n", "--new-rev", type=str, help="revision for new version",
-            required=True,
-        )
-        parser.add_argument(
-            "-nr", "--new-repo", type=str, help="repository for new version."
-        )
-        parser.add_argument(
-            "-nc", "--new-crypto-rev", type=str,
-            help="revision for new crypto version"
-        )
-        parser.add_argument(
-            "-ncr", "--new-crypto-repo", type=str,
-            help="repository for new crypto submodule."
-        )
-        parser.add_argument(
-            "-s", "--skip-file", type=str,
-            help=("path to file containing symbols and types to skip "
-                  "(typically \"-s identifiers\" after running "
-                  "\"tests/scripts/list-identifiers.sh --internal\")")
-        )
-        parser.add_argument(
-            "-b", "--brief", action="store_true",
-            help="output only the list of issues to stdout, instead of a full report",
-        )
-        abi_args = parser.parse_args()
-        if os.path.isfile(abi_args.report_dir):
-            print("Error: {} is not a directory".format(abi_args.report_dir))
-            parser.exit()
-        old_version = SimpleNamespace(
-            version="old",
-            repository=abi_args.old_repo,
-            revision=abi_args.old_rev,
-            commit=None,
-            crypto_repository=abi_args.old_crypto_repo,
-            crypto_revision=abi_args.old_crypto_rev,
-            abi_dumps={},
-            modules={}
-        )
-        new_version = SimpleNamespace(
-            version="new",
-            repository=abi_args.new_repo,
-            revision=abi_args.new_rev,
-            commit=None,
-            crypto_repository=abi_args.new_crypto_repo,
-            crypto_revision=abi_args.new_crypto_rev,
-            abi_dumps={},
-            modules={}
-        )
-        configuration = SimpleNamespace(
-            verbose=abi_args.verbose,
-            report_dir=abi_args.report_dir,
-            keep_all_reports=abi_args.keep_all_reports,
-            brief=abi_args.brief,
-            skip_file=abi_args.skip_file
-        )
-        abi_check = AbiChecker(old_version, new_version, configuration)
-        return_code = abi_check.check_for_abi_changes()
-        sys.exit(return_code)
-    except Exception: # pylint: disable=broad-except
-        # Print the backtrace and exit explicitly so as to exit with
-        # status 2, not 1.
-        traceback.print_exc()
-        sys.exit(2)
-
-
-if __name__ == "__main__":
-    run_main()
diff --git a/3rdparty/mbedtls-2.25.0/scripts/apidoc_full.sh b/3rdparty/mbedtls-2.25.0/scripts/apidoc_full.sh
deleted file mode 100644
index 03bbb64..0000000
--- a/3rdparty/mbedtls-2.25.0/scripts/apidoc_full.sh
+++ /dev/null
@@ -1,40 +0,0 @@
-#!/bin/sh
-
-# Generate doxygen documentation with a full config.h (this ensures that every
-# available flag is documented, and avoids warnings about documentation
-# without a corresponding #define).
-#
-# /!\ This must not be a Makefile target, as it would create a race condition
-# when multiple targets are invoked in the same parallel build.
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-set -eu
-
-CONFIG_H='include/mbedtls/config.h'
-
-if [ -r $CONFIG_H ]; then :; else
-    echo "$CONFIG_H not found" >&2
-    exit 1
-fi
-
-CONFIG_BAK=${CONFIG_H}.bak
-cp -p $CONFIG_H $CONFIG_BAK
-
-scripts/config.py realfull
-make apidoc
-
-mv $CONFIG_BAK $CONFIG_H
diff --git a/3rdparty/mbedtls-2.25.0/scripts/config.pl b/3rdparty/mbedtls-2.25.0/scripts/config.pl
deleted file mode 100644
index 5dd89d2..0000000
--- a/3rdparty/mbedtls-2.25.0/scripts/config.pl
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/usr/bin/env perl
-# Backward compatibility redirection
-
-## Copyright The Mbed TLS Contributors
-## SPDX-License-Identifier: Apache-2.0
-##
-## Licensed under the Apache License, Version 2.0 (the "License"); you may
-## not use this file except in compliance with the License.
-## You may obtain a copy of the License at
-##
-## http://www.apache.org/licenses/LICENSE-2.0
-##
-## Unless required by applicable law or agreed to in writing, software
-## distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-## WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-## See the License for the specific language governing permissions and
-## limitations under the License.
-
-my $py = $0;
-$py =~ s/\.pl$/.py/ or die "Unable to determine the name of the Python script";
-exec 'python3', $py, @ARGV;
-print STDERR "$0: python3: $!. Trying python instead.\n";
-exec 'python', $py, @ARGV;
-print STDERR "$0: python: $!\n";
-exit 127;
diff --git a/3rdparty/mbedtls-2.25.0/scripts/data_files/error.fmt b/3rdparty/mbedtls-2.25.0/scripts/data_files/error.fmt
deleted file mode 100644
index 9e479bb..0000000
--- a/3rdparty/mbedtls-2.25.0/scripts/data_files/error.fmt
+++ /dev/null
@@ -1,165 +0,0 @@
-/*
- *  Error message information
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#include "mbedtls/error.h"
-
-#if defined(MBEDTLS_ERROR_C) || defined(MBEDTLS_ERROR_STRERROR_DUMMY)
-
-#if defined(MBEDTLS_ERROR_C)
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#define mbedtls_snprintf snprintf
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-HEADER_INCLUDED
-
-const char * mbedtls_high_level_strerr( int error_code )
-{
-    int high_level_error_code;
-
-    if( error_code < 0 )
-        error_code = -error_code;
-
-    /* Extract the high-level part from the error code. */
-    high_level_error_code = error_code & 0xFF80;
-
-    switch( high_level_error_code )
-    {
-        /* Begin Auto-Generated Code. */
-HIGH_LEVEL_CODE_CHECKS
-        /* End Auto-Generated Code. */
-
-        default:
-            break;
-    }
-
-    return( NULL );
-}
-
-const char * mbedtls_low_level_strerr( int error_code )
-{
-    int low_level_error_code;
-
-    if( error_code < 0 )
-        error_code = -error_code;
-
-    /* Extract the low-level part from the error code. */
-    low_level_error_code = error_code & ~0xFF80;
-
-    switch( low_level_error_code )
-    {
-        /* Begin Auto-Generated Code. */
-LOW_LEVEL_CODE_CHECKS
-        /* End Auto-Generated Code. */
-
-        default:
-            break;
-    }
-
-    return( NULL );
-}
-
-void mbedtls_strerror( int ret, char *buf, size_t buflen )
-{
-    size_t len;
-    int use_ret;
-    const char * high_level_error_description = NULL;
-    const char * low_level_error_description = NULL;
-
-    if( buflen == 0 )
-        return;
-
-    memset( buf, 0x00, buflen );
-
-    if( ret < 0 )
-        ret = -ret;
-
-    if( ret & 0xFF80 )
-    {
-        use_ret = ret & 0xFF80;
-
-        // Translate high level error code.
-        high_level_error_description = mbedtls_high_level_strerr( ret );
-
-        if( high_level_error_description == NULL )
-            mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret );
-        else
-            mbedtls_snprintf( buf, buflen, "%s", high_level_error_description );
-
-#if defined(MBEDTLS_SSL_TLS_C)
-        // Early return in case of a fatal error - do not try to translate low
-        // level code.
-        if(use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE))
-            return;
-#endif /* MBEDTLS_SSL_TLS_C */
-    }
-
-    use_ret = ret & ~0xFF80;
-
-    if( use_ret == 0 )
-        return;
-
-    // If high level code is present, make a concatenation between both
-    // error strings.
-    //
-    len = strlen( buf );
-
-    if( len > 0 )
-    {
-        if( buflen - len < 5 )
-            return;
-
-        mbedtls_snprintf( buf + len, buflen - len, " : " );
-
-        buf += len + 3;
-        buflen -= len + 3;
-    }
-
-    // Translate low level error code.
-    low_level_error_description = mbedtls_low_level_strerr( ret );
-
-    if( low_level_error_description == NULL )
-        mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret );
-    else
-        mbedtls_snprintf( buf, buflen, "%s", low_level_error_description );
-}
-
-#else /* MBEDTLS_ERROR_C */
-
-/*
- * Provide an non-function in case MBEDTLS_ERROR_C is not defined
- */
-void mbedtls_strerror( int ret, char *buf, size_t buflen )
-{
-    ((void) ret);
-
-    if( buflen > 0 )
-        buf[0] = '\0';
-}
-
-#endif /* MBEDTLS_ERROR_C */
-
-#endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */
diff --git a/3rdparty/mbedtls-2.25.0/scripts/data_files/version_features.fmt b/3rdparty/mbedtls-2.25.0/scripts/data_files/version_features.fmt
deleted file mode 100644
index d4bf774..0000000
--- a/3rdparty/mbedtls-2.25.0/scripts/data_files/version_features.fmt
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- *  Version feature information
- *
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_VERSION_C)
-
-#include "mbedtls/version.h"
-
-#include <string.h>
-
-static const char * const features[] = {
-#if defined(MBEDTLS_VERSION_FEATURES)
-FEATURE_DEFINES
-#endif /* MBEDTLS_VERSION_FEATURES */
-    NULL
-};
-
-int mbedtls_version_check_feature( const char *feature )
-{
-    const char * const *idx = features;
-
-    if( *idx == NULL )
-        return( -2 );
-
-    if( feature == NULL )
-        return( -1 );
-
-    while( *idx != NULL )
-    {
-        if( !strcmp( *idx, feature ) )
-            return( 0 );
-        idx++;
-    }
-    return( -1 );
-}
-
-#endif /* MBEDTLS_VERSION_C */
diff --git a/3rdparty/mbedtls-2.25.0/scripts/ecc-heap.sh b/3rdparty/mbedtls-2.25.0/scripts/ecc-heap.sh
deleted file mode 100644
index 8d1beee..0000000
--- a/3rdparty/mbedtls-2.25.0/scripts/ecc-heap.sh
+++ /dev/null
@@ -1,89 +0,0 @@
-#!/bin/sh
-
-# Measure heap usage (and performance) of ECC operations with various values of
-# the relevant tunable compile-time parameters.
-#
-# Usage (preferably on a 32-bit platform):
-# cmake -D CMAKE_BUILD_TYPE=Release .
-# scripts/ecc-heap.sh | tee ecc-heap.log
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-set -eu
-
-CONFIG_H='include/mbedtls/config.h'
-
-if [ -r $CONFIG_H ]; then :; else
-    echo "$CONFIG_H not found" >&2
-    exit 1
-fi
-
-if grep -i cmake Makefile >/dev/null; then :; else
-    echo "Needs Cmake" >&2
-    exit 1
-fi
-
-if git status | grep -F $CONFIG_H >/dev/null 2>&1; then
-    echo "config.h not clean" >&2
-    exit 1
-fi
-
-CONFIG_BAK=${CONFIG_H}.bak
-cp $CONFIG_H $CONFIG_BAK
-
-cat << EOF >$CONFIG_H
-#define MBEDTLS_PLATFORM_C
-#define MBEDTLS_PLATFORM_MEMORY
-#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
-#define MBEDTLS_MEMORY_DEBUG
-
-#define MBEDTLS_TIMING_C
-
-#define MBEDTLS_BIGNUM_C
-#define MBEDTLS_ECP_C
-#define MBEDTLS_ASN1_PARSE_C
-#define MBEDTLS_ASN1_WRITE_C
-#define MBEDTLS_ECDSA_C
-#define MBEDTLS_ECDH_C
-
-#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
-#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
-#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
-#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
-#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
-#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
-
-#include "check_config.h"
-
-//#define MBEDTLS_ECP_WINDOW_SIZE            6
-//#define MBEDTLS_ECP_FIXED_POINT_OPTIM      1
-EOF
-
-for F in 0 1; do
-    for W in 2 3 4 5 6; do
-        scripts/config.py set MBEDTLS_ECP_WINDOW_SIZE $W
-        scripts/config.py set MBEDTLS_ECP_FIXED_POINT_OPTIM $F
-        make benchmark >/dev/null 2>&1
-        echo "fixed point optim = $F, max window size = $W"
-        echo "--------------------------------------------"
-        programs/test/benchmark
-    done
-done
-
-# cleanup
-
-mv $CONFIG_BAK $CONFIG_H
-make clean
diff --git a/3rdparty/mbedtls-2.25.0/scripts/generate_errors.pl b/3rdparty/mbedtls-2.25.0/scripts/generate_errors.pl
deleted file mode 100644
index ed17a0d..0000000
--- a/3rdparty/mbedtls-2.25.0/scripts/generate_errors.pl
+++ /dev/null
@@ -1,228 +0,0 @@
-#!/usr/bin/env perl
-
-# Generate error.c
-#
-# Usage: ./generate_errors.pl or scripts/generate_errors.pl without arguments,
-# or generate_errors.pl include_dir data_dir error_file
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-use strict;
-
-my ($include_dir, $data_dir, $error_file);
-
-if( @ARGV ) {
-    die "Invalid number of arguments" if scalar @ARGV != 3;
-    ($include_dir, $data_dir, $error_file) = @ARGV;
-
-    -d $include_dir or die "No such directory: $include_dir\n";
-    -d $data_dir or die "No such directory: $data_dir\n";
-} else {
-    $include_dir = 'include/mbedtls';
-    $data_dir = 'scripts/data_files';
-    $error_file = 'library/error.c';
-
-    unless( -d $include_dir && -d $data_dir ) {
-        chdir '..' or die;
-        -d $include_dir && -d $data_dir
-            or die "Without arguments, must be run from root or scripts\n"
-    }
-}
-
-my $error_format_file = $data_dir.'/error.fmt';
-
-my @low_level_modules = qw( AES ARC4 ARIA ASN1 BASE64 BIGNUM BLOWFISH
-                            CAMELLIA CCM CHACHA20 CHACHAPOLY CMAC CTR_DRBG DES
-                            ENTROPY ERROR GCM HKDF HMAC_DRBG MD2 MD4 MD5
-                            NET OID PADLOCK PBKDF2 PLATFORM POLY1305 RIPEMD160
-                            SHA1 SHA256 SHA512 THREADING XTEA );
-my @high_level_modules = qw( CIPHER DHM ECP MD
-                             PEM PK PKCS12 PKCS5
-                             RSA SSL X509 );
-
-my $line_separator = $/;
-undef $/;
-
-open(FORMAT_FILE, "$error_format_file") or die "Opening error format file '$error_format_file': $!";
-my $error_format = <FORMAT_FILE>;
-close(FORMAT_FILE);
-
-$/ = $line_separator;
-
-my @files = <$include_dir/*.h>;
-my @necessary_include_files;
-my @matches;
-foreach my $file (@files) {
-    open(FILE, "$file");
-    my @grep_res = grep(/^\s*#define\s+MBEDTLS_ERR_\w+\s+\-0x[0-9A-Fa-f]+/, <FILE>);
-    push(@matches, @grep_res);
-    close FILE;
-    my $include_name = $file;
-    $include_name =~ s!.*/!!;
-    push @necessary_include_files, $include_name if @grep_res;
-}
-
-my $ll_old_define = "";
-my $hl_old_define = "";
-
-my $ll_code_check = "";
-my $hl_code_check = "";
-
-my $headers = "";
-my %included_headers;
-
-my %error_codes_seen;
-
-foreach my $line (@matches)
-{
-    next if ($line =~ /compat-1.2.h/);
-    my ($error_name, $error_code) = $line =~ /(MBEDTLS_ERR_\w+)\s+\-(0x\w+)/;
-    my ($description) = $line =~ /\/\*\*< (.*?)\.? \*\//;
-
-    die "Duplicated error code: $error_code ($error_name)\n"
-        if( $error_codes_seen{$error_code}++ );
-
-    $description =~ s/\\/\\\\/g;
-    if ($description eq "") {
-        $description = "DESCRIPTION MISSING";
-        warn "Missing description for $error_name\n";
-    }
-
-    my ($module_name) = $error_name =~ /^MBEDTLS_ERR_([^_]+)/;
-
-    # Fix faulty ones
-    $module_name = "BIGNUM" if ($module_name eq "MPI");
-    $module_name = "CTR_DRBG" if ($module_name eq "CTR");
-    $module_name = "HMAC_DRBG" if ($module_name eq "HMAC");
-
-    my $define_name = $module_name;
-    $define_name = "X509_USE,X509_CREATE" if ($define_name eq "X509");
-    $define_name = "ASN1_PARSE" if ($define_name eq "ASN1");
-    $define_name = "SSL_TLS" if ($define_name eq "SSL");
-    $define_name = "PEM_PARSE,PEM_WRITE" if ($define_name eq "PEM");
-
-    my $include_name = $module_name;
-    $include_name =~ tr/A-Z/a-z/;
-
-    # Fix faulty ones
-    $include_name = "net_sockets" if ($module_name eq "NET");
-
-    $included_headers{"${include_name}.h"} = $module_name;
-
-    my $found_ll = grep $_ eq $module_name, @low_level_modules;
-    my $found_hl = grep $_ eq $module_name, @high_level_modules;
-    if (!$found_ll && !$found_hl)
-    {
-        printf("Error: Do not know how to handle: $module_name\n");
-        exit 1;
-    }
-
-    my $code_check;
-    my $old_define;
-    my $white_space;
-    my $first;
-
-    if ($found_ll)
-    {
-        $code_check = \$ll_code_check;
-        $old_define = \$ll_old_define;
-        $white_space = '        ';
-    }
-    else
-    {
-        $code_check = \$hl_code_check;
-        $old_define = \$hl_old_define;
-        $white_space = '        ';
-    }
-
-    if ($define_name ne ${$old_define})
-    {
-        if (${$old_define} ne "")
-        {
-            ${$code_check} .= "#endif /* ";
-            $first = 0;
-            foreach my $dep (split(/,/, ${$old_define}))
-            {
-                ${$code_check} .= " || " if ($first++);
-                ${$code_check} .= "MBEDTLS_${dep}_C";
-            }
-            ${$code_check} .= " */\n\n";
-        }
-
-        ${$code_check} .= "#if ";
-        $headers .= "#if " if ($include_name ne "");
-        $first = 0;
-        foreach my $dep (split(/,/, ${define_name}))
-        {
-            ${$code_check} .= " || " if ($first);
-            $headers       .= " || " if ($first++);
-
-            ${$code_check} .= "defined(MBEDTLS_${dep}_C)";
-            $headers       .= "defined(MBEDTLS_${dep}_C)" if
-                                                    ($include_name ne "");
-        }
-        ${$code_check} .= "\n";
-        $headers .= "\n#include \"mbedtls/${include_name}.h\"\n".
-                    "#endif\n\n" if ($include_name ne "");
-        ${$old_define} = $define_name;
-    }
-
-    ${$code_check} .= "${white_space}case -($error_name):\n".
-                      "${white_space}    return( \"$module_name - $description\" );\n"
-};
-
-if ($ll_old_define ne "")
-{
-    $ll_code_check .= "#endif /* ";
-    my $first = 0;
-    foreach my $dep (split(/,/, $ll_old_define))
-    {
-        $ll_code_check .= " || " if ($first++);
-        $ll_code_check .= "MBEDTLS_${dep}_C";
-    }
-    $ll_code_check .= " */\n";
-}
-if ($hl_old_define ne "")
-{
-    $hl_code_check .= "#endif /* ";
-    my $first = 0;
-    foreach my $dep (split(/,/, $hl_old_define))
-    {
-        $hl_code_check .= " || " if ($first++);
-        $hl_code_check .= "MBEDTLS_${dep}_C";
-    }
-    $hl_code_check .= " */\n";
-}
-
-$error_format =~ s/HEADER_INCLUDED\n/$headers/g;
-$error_format =~ s/LOW_LEVEL_CODE_CHECKS\n/$ll_code_check/g;
-$error_format =~ s/HIGH_LEVEL_CODE_CHECKS\n/$hl_code_check/g;
-
-open(ERROR_FILE, ">$error_file") or die "Opening destination file '$error_file': $!";
-print ERROR_FILE $error_format;
-close(ERROR_FILE);
-
-my $errors = 0;
-for my $include_name (@necessary_include_files)
-{
-    if (not $included_headers{$include_name})
-    {
-        print STDERR "The header file \"$include_name\" defines error codes but has not been included!\n";
-        ++$errors;
-    }
-}
-
-exit !!$errors;
diff --git a/3rdparty/mbedtls-2.25.0/scripts/generate_features.pl b/3rdparty/mbedtls-2.25.0/scripts/generate_features.pl
deleted file mode 100644
index 74a9527..0000000
--- a/3rdparty/mbedtls-2.25.0/scripts/generate_features.pl
+++ /dev/null
@@ -1,88 +0,0 @@
-#!/usr/bin/env perl
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-use strict;
-
-my ($include_dir, $data_dir, $feature_file);
-
-if( @ARGV ) {
-    die "Invalid number of arguments" if scalar @ARGV != 3;
-    ($include_dir, $data_dir, $feature_file) = @ARGV;
-
-    -d $include_dir or die "No such directory: $include_dir\n";
-    -d $data_dir or die "No such directory: $data_dir\n";
-} else {
-    $include_dir = 'include/mbedtls';
-    $data_dir = 'scripts/data_files';
-    $feature_file = 'library/version_features.c';
-
-    unless( -d $include_dir && -d $data_dir ) {
-        chdir '..' or die;
-        -d $include_dir && -d $data_dir
-            or die "Without arguments, must be run from root or scripts\n"
-    }
-}
-
-my $feature_format_file = $data_dir.'/version_features.fmt';
-
-my @sections = ( "System support", "mbed TLS modules",
-                 "mbed TLS feature support" );
-
-my $line_separator = $/;
-undef $/;
-
-open(FORMAT_FILE, "$feature_format_file") or die "Opening feature format file '$feature_format_file': $!";
-my $feature_format = <FORMAT_FILE>;
-close(FORMAT_FILE);
-
-$/ = $line_separator;
-
-open(CONFIG_H, "$include_dir/config.h") || die("Failure when opening config.h: $!");
-
-my $feature_defines = "";
-my $in_section = 0;
-
-while (my $line = <CONFIG_H>)
-{
-    next if ($in_section && $line !~ /#define/ && $line !~ /SECTION/);
-    next if (!$in_section && $line !~ /SECTION/);
-
-    if ($in_section) {
-        if ($line =~ /SECTION/) {
-            $in_section = 0;
-            next;
-        }
-
-        my ($define) = $line =~ /#define (\w+)/;
-        $feature_defines .= "#if defined(${define})\n";
-        $feature_defines .= "    \"${define}\",\n";
-        $feature_defines .= "#endif /* ${define} */\n";
-    }
-
-    if (!$in_section) {
-        my ($section_name) = $line =~ /SECTION: ([\w ]+)/;
-        my $found_section = grep $_ eq $section_name, @sections;
-
-        $in_section = 1 if ($found_section);
-    }
-};
-
-$feature_format =~ s/FEATURE_DEFINES\n/$feature_defines/g;
-
-open(ERROR_FILE, ">$feature_file") or die "Opening destination file '$feature_file': $!";
-print ERROR_FILE $feature_format;
-close(ERROR_FILE);
diff --git a/3rdparty/mbedtls-2.25.0/scripts/generate_psa_constants.py b/3rdparty/mbedtls-2.25.0/scripts/generate_psa_constants.py
deleted file mode 100644
index 01d3e3a..0000000
--- a/3rdparty/mbedtls-2.25.0/scripts/generate_psa_constants.py
+++ /dev/null
@@ -1,423 +0,0 @@
-#!/usr/bin/env python3
-
-"""Generate psa_constant_names_generated.c
-which is included by programs/psa/psa_constant_names.c.
-The code generated by this module is only meant to be used in the context
-of that program.
-
-An argument passed to this script will modify the output directory where the
-file is written:
-* by default (no arguments passed): writes to programs/psa/
-* OUTPUT_FILE_DIR passed: writes to OUTPUT_FILE_DIR/
-"""
-
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-import os
-import re
-import sys
-
-OUTPUT_TEMPLATE = '''\
-/* Automatically generated by generate_psa_constant.py. DO NOT EDIT. */
-
-static const char *psa_strerror(psa_status_t status)
-{
-    switch (status) {
-    %(status_cases)s
-    default: return NULL;
-    }
-}
-
-static const char *psa_ecc_family_name(psa_ecc_family_t curve)
-{
-    switch (curve) {
-    %(ecc_curve_cases)s
-    default: return NULL;
-    }
-}
-
-static const char *psa_dh_family_name(psa_dh_family_t group)
-{
-    switch (group) {
-    %(dh_group_cases)s
-    default: return NULL;
-    }
-}
-
-static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg)
-{
-    switch (hash_alg) {
-    %(hash_algorithm_cases)s
-    default: return NULL;
-    }
-}
-
-static const char *psa_ka_algorithm_name(psa_algorithm_t ka_alg)
-{
-    switch (ka_alg) {
-    %(ka_algorithm_cases)s
-    default: return NULL;
-    }
-}
-
-static int psa_snprint_key_type(char *buffer, size_t buffer_size,
-                                psa_key_type_t type)
-{
-    size_t required_size = 0;
-    switch (type) {
-    %(key_type_cases)s
-    default:
-        %(key_type_code)s{
-            return snprintf(buffer, buffer_size,
-                            "0x%%04x", (unsigned) type);
-        }
-        break;
-    }
-    buffer[0] = 0;
-    return (int) required_size;
-}
-
-#define NO_LENGTH_MODIFIER 0xfffffffflu
-static int psa_snprint_algorithm(char *buffer, size_t buffer_size,
-                                 psa_algorithm_t alg)
-{
-    size_t required_size = 0;
-    psa_algorithm_t core_alg = alg;
-    unsigned long length_modifier = NO_LENGTH_MODIFIER;
-    if (PSA_ALG_IS_MAC(alg)) {
-        core_alg = PSA_ALG_TRUNCATED_MAC(alg, 0);
-        if (core_alg != alg) {
-            append(&buffer, buffer_size, &required_size,
-                   "PSA_ALG_TRUNCATED_MAC(", 22);
-            length_modifier = PSA_MAC_TRUNCATED_LENGTH(alg);
-        }
-    } else if (PSA_ALG_IS_AEAD(alg)) {
-        core_alg = PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg);
-        if (core_alg == 0) {
-            /* For unknown AEAD algorithms, there is no "default tag length". */
-            core_alg = alg;
-        } else if (core_alg != alg) {
-            append(&buffer, buffer_size, &required_size,
-                   "PSA_ALG_AEAD_WITH_TAG_LENGTH(", 29);
-            length_modifier = PSA_AEAD_TAG_LENGTH(alg);
-        }
-    } else if (PSA_ALG_IS_KEY_AGREEMENT(alg) &&
-               !PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) {
-        core_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF(alg);
-        append(&buffer, buffer_size, &required_size,
-               "PSA_ALG_KEY_AGREEMENT(", 22);
-        append_with_alg(&buffer, buffer_size, &required_size,
-                        psa_ka_algorithm_name,
-                        PSA_ALG_KEY_AGREEMENT_GET_BASE(alg));
-        append(&buffer, buffer_size, &required_size, ", ", 2);
-    }
-    switch (core_alg) {
-    %(algorithm_cases)s
-    default:
-        %(algorithm_code)s{
-            append_integer(&buffer, buffer_size, &required_size,
-                           "0x%%08lx", (unsigned long) core_alg);
-        }
-        break;
-    }
-    if (core_alg != alg) {
-        if (length_modifier != NO_LENGTH_MODIFIER) {
-            append(&buffer, buffer_size, &required_size, ", ", 2);
-            append_integer(&buffer, buffer_size, &required_size,
-                           "%%lu", length_modifier);
-        }
-        append(&buffer, buffer_size, &required_size, ")", 1);
-    }
-    buffer[0] = 0;
-    return (int) required_size;
-}
-
-static int psa_snprint_key_usage(char *buffer, size_t buffer_size,
-                                 psa_key_usage_t usage)
-{
-    size_t required_size = 0;
-    if (usage == 0) {
-        if (buffer_size > 1) {
-            buffer[0] = '0';
-            buffer[1] = 0;
-        } else if (buffer_size == 1) {
-            buffer[0] = 0;
-        }
-        return 1;
-    }
-%(key_usage_code)s
-    if (usage != 0) {
-        if (required_size != 0) {
-            append(&buffer, buffer_size, &required_size, " | ", 3);
-        }
-        append_integer(&buffer, buffer_size, &required_size,
-                       "0x%%08lx", (unsigned long) usage);
-    } else {
-        buffer[0] = 0;
-    }
-    return (int) required_size;
-}
-
-/* End of automatically generated file. */
-'''
-
-KEY_TYPE_FROM_CURVE_TEMPLATE = '''if (%(tester)s(type)) {
-            append_with_curve(&buffer, buffer_size, &required_size,
-                              "%(builder)s", %(builder_length)s,
-                              PSA_KEY_TYPE_ECC_GET_FAMILY(type));
-        } else '''
-
-KEY_TYPE_FROM_GROUP_TEMPLATE = '''if (%(tester)s(type)) {
-            append_with_group(&buffer, buffer_size, &required_size,
-                              "%(builder)s", %(builder_length)s,
-                              PSA_KEY_TYPE_DH_GET_FAMILY(type));
-        } else '''
-
-ALGORITHM_FROM_HASH_TEMPLATE = '''if (%(tester)s(core_alg)) {
-            append(&buffer, buffer_size, &required_size,
-                   "%(builder)s(", %(builder_length)s + 1);
-            append_with_alg(&buffer, buffer_size, &required_size,
-                            psa_hash_algorithm_name,
-                            PSA_ALG_GET_HASH(core_alg));
-            append(&buffer, buffer_size, &required_size, ")", 1);
-        } else '''
-
-BIT_TEST_TEMPLATE = '''\
-    if (%(var)s & %(flag)s) {
-        if (required_size != 0) {
-            append(&buffer, buffer_size, &required_size, " | ", 3);
-        }
-        append(&buffer, buffer_size, &required_size, "%(flag)s", %(length)d);
-        %(var)s ^= %(flag)s;
-    }\
-'''
-
-class MacroCollector:
-    """Collect PSA crypto macro definitions from C header files.
-
-    1. Call `read_file` on the input header file(s).
-    2. Call `write_file` to write ``psa_constant_names_generated.c``.
-    """
-
-    def __init__(self):
-        self.statuses = set()
-        self.key_types = set()
-        self.key_types_from_curve = {}
-        self.key_types_from_group = {}
-        self.ecc_curves = set()
-        self.dh_groups = set()
-        self.algorithms = set()
-        self.hash_algorithms = set()
-        self.ka_algorithms = set()
-        self.algorithms_from_hash = {}
-        self.key_usages = set()
-
-    # "#define" followed by a macro name with either no parameters
-    # or a single parameter and a non-empty expansion.
-    # Grab the macro name in group 1, the parameter name if any in group 2
-    # and the expansion in group 3.
-    _define_directive_re = re.compile(r'\s*#\s*define\s+(\w+)' +
-                                      r'(?:\s+|\((\w+)\)\s*)' +
-                                      r'(.+)')
-    _deprecated_definition_re = re.compile(r'\s*MBEDTLS_DEPRECATED')
-
-    def read_line(self, line):
-        """Parse a C header line and record the PSA identifier it defines if any.
-        This function analyzes lines that start with "#define PSA_"
-        (up to non-significant whitespace) and skips all non-matching lines.
-        """
-        # pylint: disable=too-many-branches
-        m = re.match(self._define_directive_re, line)
-        if not m:
-            return
-        name, parameter, expansion = m.groups()
-        expansion = re.sub(r'/\*.*?\*/|//.*', r' ', expansion)
-        if re.match(self._deprecated_definition_re, expansion):
-            # Skip deprecated values, which are assumed to be
-            # backward compatibility aliases that share
-            # numerical values with non-deprecated values.
-            return
-        if name.endswith('_FLAG') or name.endswith('MASK'):
-            # Macro only to build actual values
-            return
-        elif (name.startswith('PSA_ERROR_') or name == 'PSA_SUCCESS') \
-           and not parameter:
-            self.statuses.add(name)
-        elif name.startswith('PSA_KEY_TYPE_') and not parameter:
-            self.key_types.add(name)
-        elif name.startswith('PSA_KEY_TYPE_') and parameter == 'curve':
-            self.key_types_from_curve[name] = name[:13] + 'IS_' + name[13:]
-        elif name.startswith('PSA_KEY_TYPE_') and parameter == 'group':
-            self.key_types_from_group[name] = name[:13] + 'IS_' + name[13:]
-        elif name.startswith('PSA_ECC_FAMILY_') and not parameter:
-            self.ecc_curves.add(name)
-        elif name.startswith('PSA_DH_FAMILY_') and not parameter:
-            self.dh_groups.add(name)
-        elif name.startswith('PSA_ALG_') and not parameter:
-            if name in ['PSA_ALG_ECDSA_BASE',
-                        'PSA_ALG_RSA_PKCS1V15_SIGN_BASE']:
-                # Ad hoc skipping of duplicate names for some numerical values
-                return
-            self.algorithms.add(name)
-            # Ad hoc detection of hash algorithms
-            if re.search(r'0x020000[0-9A-Fa-f]{2}', expansion):
-                self.hash_algorithms.add(name)
-            # Ad hoc detection of key agreement algorithms
-            if re.search(r'0x09[0-9A-Fa-f]{2}0000', expansion):
-                self.ka_algorithms.add(name)
-        elif name.startswith('PSA_ALG_') and parameter == 'hash_alg':
-            if name in ['PSA_ALG_DSA', 'PSA_ALG_ECDSA']:
-                # A naming irregularity
-                tester = name[:8] + 'IS_RANDOMIZED_' + name[8:]
-            else:
-                tester = name[:8] + 'IS_' + name[8:]
-            self.algorithms_from_hash[name] = tester
-        elif name.startswith('PSA_KEY_USAGE_') and not parameter:
-            self.key_usages.add(name)
-        else:
-            # Other macro without parameter
-            return
-
-    _nonascii_re = re.compile(rb'[^\x00-\x7f]+')
-    _continued_line_re = re.compile(rb'\\\r?\n\Z')
-    def read_file(self, header_file):
-        for line in header_file:
-            m = re.search(self._continued_line_re, line)
-            while m:
-                cont = next(header_file)
-                line = line[:m.start(0)] + cont
-                m = re.search(self._continued_line_re, line)
-            line = re.sub(self._nonascii_re, rb'', line).decode('ascii')
-            self.read_line(line)
-
-    @staticmethod
-    def _make_return_case(name):
-        return 'case %(name)s: return "%(name)s";' % {'name': name}
-
-    @staticmethod
-    def _make_append_case(name):
-        template = ('case %(name)s: '
-                    'append(&buffer, buffer_size, &required_size, "%(name)s", %(length)d); '
-                    'break;')
-        return template % {'name': name, 'length': len(name)}
-
-    @staticmethod
-    def _make_bit_test(var, flag):
-        return BIT_TEST_TEMPLATE % {'var': var,
-                                    'flag': flag,
-                                    'length': len(flag)}
-
-    def _make_status_cases(self):
-        return '\n    '.join(map(self._make_return_case,
-                                 sorted(self.statuses)))
-
-    def _make_ecc_curve_cases(self):
-        return '\n    '.join(map(self._make_return_case,
-                                 sorted(self.ecc_curves)))
-
-    def _make_dh_group_cases(self):
-        return '\n    '.join(map(self._make_return_case,
-                                 sorted(self.dh_groups)))
-
-    def _make_key_type_cases(self):
-        return '\n    '.join(map(self._make_append_case,
-                                 sorted(self.key_types)))
-
-    @staticmethod
-    def _make_key_type_from_curve_code(builder, tester):
-        return KEY_TYPE_FROM_CURVE_TEMPLATE % {'builder': builder,
-                                               'builder_length': len(builder),
-                                               'tester': tester}
-
-    @staticmethod
-    def _make_key_type_from_group_code(builder, tester):
-        return KEY_TYPE_FROM_GROUP_TEMPLATE % {'builder': builder,
-                                               'builder_length': len(builder),
-                                               'tester': tester}
-
-    def _make_ecc_key_type_code(self):
-        d = self.key_types_from_curve
-        make = self._make_key_type_from_curve_code
-        return ''.join([make(k, d[k]) for k in sorted(d.keys())])
-
-    def _make_dh_key_type_code(self):
-        d = self.key_types_from_group
-        make = self._make_key_type_from_group_code
-        return ''.join([make(k, d[k]) for k in sorted(d.keys())])
-
-    def _make_hash_algorithm_cases(self):
-        return '\n    '.join(map(self._make_return_case,
-                                 sorted(self.hash_algorithms)))
-
-    def _make_ka_algorithm_cases(self):
-        return '\n    '.join(map(self._make_return_case,
-                                 sorted(self.ka_algorithms)))
-
-    def _make_algorithm_cases(self):
-        return '\n    '.join(map(self._make_append_case,
-                                 sorted(self.algorithms)))
-
-    @staticmethod
-    def _make_algorithm_from_hash_code(builder, tester):
-        return ALGORITHM_FROM_HASH_TEMPLATE % {'builder': builder,
-                                               'builder_length': len(builder),
-                                               'tester': tester}
-
-    def _make_algorithm_code(self):
-        d = self.algorithms_from_hash
-        make = self._make_algorithm_from_hash_code
-        return ''.join([make(k, d[k]) for k in sorted(d.keys())])
-
-    def _make_key_usage_code(self):
-        return '\n'.join([self._make_bit_test('usage', bit)
-                          for bit in sorted(self.key_usages)])
-
-    def write_file(self, output_file):
-        """Generate the pretty-printer function code from the gathered
-        constant definitions.
-        """
-        data = {}
-        data['status_cases'] = self._make_status_cases()
-        data['ecc_curve_cases'] = self._make_ecc_curve_cases()
-        data['dh_group_cases'] = self._make_dh_group_cases()
-        data['key_type_cases'] = self._make_key_type_cases()
-        data['key_type_code'] = (self._make_ecc_key_type_code() +
-                                 self._make_dh_key_type_code())
-        data['hash_algorithm_cases'] = self._make_hash_algorithm_cases()
-        data['ka_algorithm_cases'] = self._make_ka_algorithm_cases()
-        data['algorithm_cases'] = self._make_algorithm_cases()
-        data['algorithm_code'] = self._make_algorithm_code()
-        data['key_usage_code'] = self._make_key_usage_code()
-        output_file.write(OUTPUT_TEMPLATE % data)
-
-def generate_psa_constants(header_file_names, output_file_name):
-    collector = MacroCollector()
-    for header_file_name in header_file_names:
-        with open(header_file_name, 'rb') as header_file:
-            collector.read_file(header_file)
-    temp_file_name = output_file_name + '.tmp'
-    with open(temp_file_name, 'w') as output_file:
-        collector.write_file(output_file)
-    os.replace(temp_file_name, output_file_name)
-
-if __name__ == '__main__':
-    if not os.path.isdir('programs') and os.path.isdir('../programs'):
-        os.chdir('..')
-    # Allow to change the directory where psa_constant_names_generated.c is written to.
-    OUTPUT_FILE_DIR = sys.argv[1] if len(sys.argv) == 2 else "programs/psa"
-    generate_psa_constants(['include/psa/crypto_values.h',
-                            'include/psa/crypto_extra.h'],
-                           OUTPUT_FILE_DIR + '/psa_constant_names_generated.c')
diff --git a/3rdparty/mbedtls-2.25.0/scripts/massif_max.pl b/3rdparty/mbedtls-2.25.0/scripts/massif_max.pl
deleted file mode 100644
index eaf56ae..0000000
--- a/3rdparty/mbedtls-2.25.0/scripts/massif_max.pl
+++ /dev/null
@@ -1,48 +0,0 @@
-#!/usr/bin/env perl
-
-# Parse a massif.out.xxx file and output peak total memory usage
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-use warnings;
-use strict;
-
-use utf8;
-use open qw(:std utf8);
-
-die unless @ARGV == 1;
-
-my @snaps;
-open my $fh, '<', $ARGV[0] or die;
-{ local $/ = 'snapshot='; @snaps = <$fh>; }
-close $fh or die;
-
-my ($max, $max_heap, $max_he, $max_stack) = (0, 0, 0, 0);
-for (@snaps)
-{
-    my ($heap, $heap_extra, $stack) = m{
-        mem_heap_B=(\d+)\n
-        mem_heap_extra_B=(\d+)\n
-        mem_stacks_B=(\d+)
-    }xm;
-    next unless defined $heap;
-    my $total = $heap + $heap_extra + $stack;
-    if( $total > $max ) {
-        ($max, $max_heap, $max_he, $max_stack) = ($total, $heap, $heap_extra, $stack);
-    }
-}
-
-printf "$max (heap $max_heap+$max_he, stack $max_stack)\n";
diff --git a/3rdparty/mbedtls-2.25.0/scripts/tmp_ignore_makefiles.sh b/3rdparty/mbedtls-2.25.0/scripts/tmp_ignore_makefiles.sh
deleted file mode 100644
index 558970f..0000000
--- a/3rdparty/mbedtls-2.25.0/scripts/tmp_ignore_makefiles.sh
+++ /dev/null
@@ -1,59 +0,0 @@
-#!/bin/bash
-
-# Temporarily (de)ignore Makefiles generated by CMake to allow easier
-# git development
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-IGNORE=""
-
-# Parse arguments
-#
-until [ -z "$1" ]
-do
-  case "$1" in
-    -u|--undo)
-      IGNORE="0"
-      ;;
-    -v|--verbose)
-      # Be verbose
-      VERBOSE="1"
-      ;;
-    -h|--help)
-      # print help
-      echo "Usage: $0"
-      echo -e "  -h|--help\t\tPrint this help."
-      echo -e "  -u|--undo\t\tRemove ignores and continue tracking."
-      echo -e "  -v|--verbose\t\tVerbose."
-      exit 1
-      ;;
-    *)
-      # print error
-      echo "Unknown argument: '$1'"
-      exit 1
-      ;;
-  esac
-  shift
-done
-
-if [ "X" = "X$IGNORE" ];
-then
-  [ $VERBOSE ] && echo "Ignoring Makefiles"
-  git update-index --assume-unchanged Makefile library/Makefile programs/Makefile tests/Makefile
-else
-  [ $VERBOSE ] && echo "Tracking Makefiles"
-  git update-index --no-assume-unchanged Makefile library/Makefile programs/Makefile tests/Makefile
-fi
diff --git a/3rdparty/mbedtls-2.25.0/tests/.gitignore b/3rdparty/mbedtls-2.25.0/tests/.gitignore
deleted file mode 100644
index d9f4b51..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/.gitignore
+++ /dev/null
@@ -1,15 +0,0 @@
-*.sln
-*.vcxproj
-
-*.log
-/test_suite*
-data_files/mpi_write
-data_files/hmac_drbg_seed
-data_files/ctr_drbg_seed
-data_files/entropy_seed
-
-include/test/instrument_record_status.h
-
-src/*.o
-src/drivers/*.o
-src/libmbed*
diff --git a/3rdparty/mbedtls-2.25.0/tests/CMakeLists.txt b/3rdparty/mbedtls-2.25.0/tests/CMakeLists.txt
deleted file mode 100644
index f8ce925..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/CMakeLists.txt
+++ /dev/null
@@ -1,174 +0,0 @@
-set(libs
-    ${mbedtls_target}
-)
-
-# Set the project root directory if it's not already defined, as may happen if
-# the tests folder is included directly by a parent project, without including
-# the top level CMakeLists.txt.
-if(NOT DEFINED MBEDTLS_DIR)
-    set(MBEDTLS_DIR ${CMAKE_SOURCE_DIR})
-endif()
-
-if(USE_PKCS11_HELPER_LIBRARY)
-    set(libs ${libs} pkcs11-helper)
-endif(USE_PKCS11_HELPER_LIBRARY)
-
-if(ENABLE_ZLIB_SUPPORT)
-    set(libs ${libs} ${ZLIB_LIBRARIES})
-endif(ENABLE_ZLIB_SUPPORT)
-
-if(NOT MBEDTLS_PYTHON_EXECUTABLE)
-    message(FATAL_ERROR "Cannot build test suites without Python 3")
-endif()
-
-# Enable definition of various functions used throughout the testsuite
-# (gethostname, strdup, fileno...) even when compiling with -std=c99. Harmless
-# on non-POSIX platforms.
-add_definitions("-D_POSIX_C_SOURCE=200809L")
-
-# Test suites caught by SKIP_TEST_SUITES are built but not executed.
-# "foo" as a skip pattern skips "test_suite_foo" and "test_suite_foo.bar"
-# but not "test_suite_foobar".
-string(REGEX REPLACE "[ ,;]" "|" SKIP_TEST_SUITES_REGEX "${SKIP_TEST_SUITES}")
-string(REPLACE "." "\\." SKIP_TEST_SUITES_REGEX "${SKIP_TEST_SUITES_REGEX}")
-set(SKIP_TEST_SUITES_REGEX "^(${SKIP_TEST_SUITES_REGEX})(\$|\\.)")
-
-function(add_test_suite suite_name)
-    if(ARGV1)
-        set(data_name ${ARGV1})
-    else()
-        set(data_name ${suite_name})
-    endif()
-
-    add_custom_command(
-        OUTPUT test_suite_${data_name}.c
-        COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py -f ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function -d ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data -t ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function -p ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function -s ${CMAKE_CURRENT_SOURCE_DIR}/suites --helpers-file ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function -o .
-        DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py ${mbedtls_target} ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data
-    )
-
-    add_executable(test_suite_${data_name} test_suite_${data_name}.c $<TARGET_OBJECTS:mbedtls_test>)
-    target_link_libraries(test_suite_${data_name} ${libs})
-    # Include test-specific header files from ./include and private header
-    # files (used by some invasive tests) from ../library. Public header
-    # files are automatically included because the library targets declare
-    # them as PUBLIC.
-    target_include_directories(test_suite_${data_name}
-        PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
-        PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../library)
-
-    if(${data_name} MATCHES ${SKIP_TEST_SUITES_REGEX})
-        message(STATUS "The test suite ${data_name} will not be executed.")
-    else()
-        add_test(${data_name}-suite test_suite_${data_name} --verbose)
-    endif()
-endfunction(add_test_suite)
-
-if(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_CLANG)
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-unused-function")
-endif(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_CLANG)
-
-if(MSVC)
-    # If a warning level has been defined, suppress all warnings for test code
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W0")
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX-")
-endif(MSVC)
-
-add_test_suite(aes aes.cbc)
-add_test_suite(aes aes.cfb)
-add_test_suite(aes aes.ecb)
-add_test_suite(aes aes.ofb)
-add_test_suite(aes aes.rest)
-add_test_suite(aes aes.xts)
-add_test_suite(arc4)
-add_test_suite(aria)
-add_test_suite(asn1parse)
-add_test_suite(asn1write)
-add_test_suite(base64)
-add_test_suite(blowfish)
-add_test_suite(camellia)
-add_test_suite(ccm)
-add_test_suite(chacha20)
-add_test_suite(chachapoly)
-add_test_suite(cipher cipher.aes)
-add_test_suite(cipher cipher.arc4)
-add_test_suite(cipher cipher.blowfish)
-add_test_suite(cipher cipher.camellia)
-add_test_suite(cipher cipher.ccm)
-add_test_suite(cipher cipher.chacha20)
-add_test_suite(cipher cipher.chachapoly)
-add_test_suite(cipher cipher.des)
-add_test_suite(cipher cipher.gcm)
-add_test_suite(cipher cipher.misc)
-add_test_suite(cipher cipher.nist_kw)
-add_test_suite(cipher cipher.null)
-add_test_suite(cipher cipher.padding)
-add_test_suite(cmac)
-add_test_suite(ctr_drbg)
-add_test_suite(debug)
-add_test_suite(des)
-add_test_suite(dhm)
-add_test_suite(ecdh)
-add_test_suite(ecdsa)
-add_test_suite(ecjpake)
-add_test_suite(ecp)
-add_test_suite(entropy)
-add_test_suite(error)
-add_test_suite(gcm gcm.aes128_de)
-add_test_suite(gcm gcm.aes128_en)
-add_test_suite(gcm gcm.aes192_de)
-add_test_suite(gcm gcm.aes192_en)
-add_test_suite(gcm gcm.aes256_de)
-add_test_suite(gcm gcm.aes256_en)
-add_test_suite(gcm gcm.camellia)
-add_test_suite(gcm gcm.misc)
-add_test_suite(hkdf)
-add_test_suite(hmac_drbg hmac_drbg.misc)
-add_test_suite(hmac_drbg hmac_drbg.no_reseed)
-add_test_suite(hmac_drbg hmac_drbg.nopr)
-add_test_suite(hmac_drbg hmac_drbg.pr)
-add_test_suite(md)
-add_test_suite(mdx)
-add_test_suite(memory_buffer_alloc)
-add_test_suite(mpi)
-add_test_suite(nist_kw)
-add_test_suite(oid)
-add_test_suite(pem)
-add_test_suite(pk)
-add_test_suite(pkcs1_v15)
-add_test_suite(pkcs1_v21)
-add_test_suite(pkcs5)
-add_test_suite(pkparse)
-add_test_suite(pkwrite)
-add_test_suite(poly1305)
-add_test_suite(psa_crypto)
-add_test_suite(psa_crypto_entropy)
-add_test_suite(psa_crypto_hash)
-add_test_suite(psa_crypto_init)
-add_test_suite(psa_crypto_metadata)
-add_test_suite(psa_crypto_persistent_key)
-add_test_suite(psa_crypto_se_driver_hal)
-add_test_suite(psa_crypto_se_driver_hal_mocks)
-add_test_suite(psa_crypto_slot_management)
-add_test_suite(psa_its)
-add_test_suite(rsa)
-add_test_suite(shax)
-add_test_suite(ssl)
-add_test_suite(timing)
-add_test_suite(version)
-add_test_suite(x509parse)
-add_test_suite(x509write)
-add_test_suite(xtea)
-
-# Make scripts and data files needed for testing available in an
-# out-of-source build.
-if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR})
-    if(EXISTS "${CMAKE_CURRENT_SOURCE_DIR}/seedfile")
-        link_to_source(seedfile)
-    endif()
-    link_to_source(compat.sh)
-    link_to_source(context-info.sh)
-    link_to_source(data_files)
-    link_to_source(scripts)
-    link_to_source(ssl-opt.sh)
-    link_to_source(suites)
-endif()
diff --git a/3rdparty/mbedtls-2.25.0/tests/Makefile b/3rdparty/mbedtls-2.25.0/tests/Makefile
deleted file mode 100644
index 511db9d..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/Makefile
+++ /dev/null
@@ -1,193 +0,0 @@
-
-# To compile on SunOS: add "-lsocket -lnsl" to LDFLAGS
-# To compile with PKCS11: add "-lpkcs11-helper" to LDFLAGS
-
-CFLAGS	?= -O2
-WARNING_CFLAGS ?= -Wall -Wextra
-LDFLAGS ?=
-
-# Include public header files from ../include, test-specific header files
-# from ./include, and private header files (used by some invasive tests)
-# from ../library.
-LOCAL_CFLAGS = $(WARNING_CFLAGS) -I./include -I../include -I../library -D_FILE_OFFSET_BITS=64
-LOCAL_LDFLAGS = -L../library			\
-		-lmbedtls$(SHARED_SUFFIX)	\
-		-lmbedx509$(SHARED_SUFFIX)	\
-		-lmbedcrypto$(SHARED_SUFFIX)
-
-include ../3rdparty/Makefile.inc
-LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES)
-
-# Enable definition of various functions used throughout the testsuite
-# (gethostname, strdup, fileno...) even when compiling with -std=c99. Harmless
-# on non-POSIX platforms.
-LOCAL_CFLAGS += -D_POSIX_C_SOURCE=200809L
-
-ifndef SHARED
-MBEDLIBS=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a
-else
-MBEDLIBS=../library/libmbedcrypto.$(DLEXT) ../library/libmbedx509.$(DLEXT) ../library/libmbedtls.$(DLEXT)
-endif
-
-ifdef DEBUG
-LOCAL_CFLAGS += -g3
-endif
-
-ifdef RECORD_PSA_STATUS_COVERAGE_LOG
-LOCAL_CFLAGS += -Werror -DRECORD_PSA_STATUS_COVERAGE_LOG
-endif
-
-# if we're running on Windows, build for Windows
-ifdef WINDOWS
-WINDOWS_BUILD=1
-endif
-
-ifdef WINDOWS_BUILD
-DLEXT=dll
-EXEXT=.exe
-LOCAL_LDFLAGS += -lws2_32
-ifdef SHARED
-SHARED_SUFFIX=.$(DLEXT)
-endif
-PYTHON ?= python
-else
-DLEXT ?= so
-EXEXT=
-SHARED_SUFFIX=
-# python2 for POSIX since FreeBSD has only python2 as default.
-PYTHON ?= python2
-endif
-
-# Zlib shared library extensions:
-ifdef ZLIB
-LOCAL_LDFLAGS += -lz
-endif
-
-# A test application is built for each suites/test_suite_*.data file.
-# Application name is same as .data file's base name and can be
-# constructed by stripping path 'suites/' and extension .data.
-APPS = $(basename $(subst suites/,,$(wildcard suites/test_suite_*.data)))
-
-# Construct executable name by adding OS specific suffix $(EXEXT).
-BINARIES := $(addsuffix $(EXEXT),$(APPS))
-
-.SILENT:
-
-.PHONY: all check test clean
-
-all: $(BINARIES)
-
-$(MBEDLIBS):
-	$(MAKE) -C ../library
-
-MBEDTLS_TEST_OBJS=$(patsubst %.c,%.o,$(wildcard src/*.c src/drivers/*.c))
-
-mbedtls_test: $(MBEDTLS_TEST_OBJS)
-
-# Rule to compile common test C files in src folder
-src/%.o : src/%.c
-	echo "  CC    $<"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $<
-
-src/drivers/%.o : src/drivers/%.c
-	echo "  CC    $<"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $<
-
-C_FILES := $(addsuffix .c,$(APPS))
-
-# Wildcard target for test code generation:
-# A .c file is generated for each .data file in the suites/ directory. Each .c
-# file depends on a .data and .function file from suites/ directory. Following
-# nameing convention is followed:
-#
-#     C file        |        Depends on
-#-----------------------------------------------------------------------------
-#  foo.c            | suites/foo.function suites/foo.data
-#  foo.bar.c        | suites/foo.function suites/foo.bar.data
-#
-# Note above that .c and .data files have same base name.
-# However, corresponding .function file's base name is the word before first
-# dot in .c file's base name.
-#
-.SECONDEXPANSION:
-%.c: suites/$$(firstword $$(subst ., ,$$*)).function suites/%.data scripts/generate_test_code.py suites/helpers.function suites/main_test.function suites/host_test.function
-	echo "  Gen   $@"
-	$(PYTHON) scripts/generate_test_code.py -f suites/$(firstword $(subst ., ,$*)).function \
-		-d suites/$*.data \
-		-t suites/main_test.function \
-		-p suites/host_test.function \
-		-s suites  \
-		--helpers-file suites/helpers.function \
-		-o .
-
-
-$(BINARIES): %$(EXEXT): %.c $(MBEDLIBS) $(MBEDTLS_TEST_OBJS)
-	echo "  CC    $<"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(MBEDTLS_TEST_OBJS) $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-# Some test suites require additional header files.
-$(filter test_suite_psa_crypto%, $(BINARIES)): include/test/psa_crypto_helpers.h
-$(addprefix embedded_,$(filter test_suite_psa_crypto%, $(APPS))): embedded_%: TESTS/mbedtls/%/psa_crypto_helpers.h
-$(filter test_suite_psa_%, $(BINARIES)): include/test/psa_helpers.h
-$(addprefix embedded_,$(filter test_suite_psa_%, $(APPS))): embedded_%: TESTS/mbedtls/%/psa_helpers.h
-
-clean:
-ifndef WINDOWS
-	rm -rf $(BINARIES) *.c *.datax TESTS
-	rm -f src/*.o src/drivers/*.o src/libmbed*
-else
-	if exist *.c del /Q /F *.c
-	if exist *.exe del /Q /F *.exe
-	if exist *.datax del /Q /F *.datax
-	if exist src/*.o del /Q /F src/*.o
-	if exist src/drivers/*.o del /Q /F src/drivers/*.o
-	if exist src/libmbed* del /Q /F src/libmed*
-ifneq ($(wildcard TESTS/.*),)
-	rmdir /Q /S TESTS
-endif
-endif
-
-# Test suites caught by SKIP_TEST_SUITES are built but not executed.
-check: $(BINARIES)
-	perl scripts/run-test-suites.pl --skip=$(SKIP_TEST_SUITES)
-
-test: check
-
-# Create separate targets for generating embedded tests.
-EMBEDDED_TESTS := $(addprefix embedded_,$(APPS))
-
-# Generate test code for target.
-
-.SECONDEXPANSION:
-$(EMBEDDED_TESTS): embedded_%: suites/$$(firstword $$(subst ., ,$$*)).function suites/%.data scripts/generate_test_code.py suites/helpers.function suites/main_test.function suites/target_test.function
-	echo "  Gen  ./TESTS/mbedtls/$*/$*.c"
-	$(PYTHON) scripts/generate_test_code.py -f suites/$(firstword $(subst ., ,$*)).function \
-		-d suites/$*.data \
-		-t suites/main_test.function \
-		-p suites/target_test.function \
-		-s suites  \
-		--helpers-file suites/helpers.function \
-		-o ./TESTS/mbedtls/$*
-
-generate-target-tests: $(EMBEDDED_TESTS)
-
-define copy_header_to_target
-TESTS/mbedtls/$(1)/$(2): include/test/$(2)
-	echo "  Copy ./$$@"
-ifndef WINDOWS
-	mkdir -p $$(@D)
-	cp $$< $$@
-else
-	mkdir $$(@D)
-	copy $$< $$@
-endif
-
-endef
-$(foreach app, $(APPS), $(foreach file, $(notdir $(wildcard include/test/*.h)), \
-	$(eval $(call copy_header_to_target,$(app),$(file)))))
-
-ifdef RECORD_PSA_STATUS_COVERAGE_LOG
-$(BINARIES): include/test/instrument_record_status.h
-include/test/instrument_record_status.h: ../include/psa/crypto.h Makefile
-	sed <../include/psa/crypto.h >$@ -n 's/^psa_status_t \([A-Za-z0-9_]*\)(.*/#define \1(...) RECORD_STATUS("\1", \1(__VA_ARGS__))/p'
-endif
diff --git a/3rdparty/mbedtls-2.25.0/tests/compat-in-docker.sh b/3rdparty/mbedtls-2.25.0/tests/compat-in-docker.sh
deleted file mode 100644
index aef0a07..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/compat-in-docker.sh
+++ /dev/null
@@ -1,63 +0,0 @@
-#!/bin/bash -eu
-
-# compat-in-docker.sh
-#
-# Purpose
-# -------
-# This runs compat.sh in a Docker container.
-#
-# Notes for users
-# ---------------
-# If OPENSSL_CMD, GNUTLS_CLI, or GNUTLS_SERV are specified the path must
-# correspond to an executable inside the Docker container. The special
-# values "next" (OpenSSL only) and "legacy" are also allowed as shorthand
-# for the installations inside the container.
-#
-# See also:
-# - scripts/docker_env.sh for general Docker prerequisites and other information.
-# - compat.sh for notes about invocation of that script.
-
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#  http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-source tests/scripts/docker_env.sh
-
-case "${OPENSSL_CMD:-default}" in
-    "legacy")  export OPENSSL_CMD="/usr/local/openssl-1.0.1j/bin/openssl";;
-    "next")    export OPENSSL_CMD="/usr/local/openssl-1.1.1a/bin/openssl";;
-    *) ;;
-esac
-
-case "${GNUTLS_CLI:-default}" in
-    "legacy")  export GNUTLS_CLI="/usr/local/gnutls-3.3.8/bin/gnutls-cli";;
-    "next")  export GNUTLS_CLI="/usr/local/gnutls-3.6.5/bin/gnutls-cli";;
-    *) ;;
-esac
-
-case "${GNUTLS_SERV:-default}" in
-    "legacy")  export GNUTLS_SERV="/usr/local/gnutls-3.3.8/bin/gnutls-serv";;
-    "next")  export GNUTLS_SERV="/usr/local/gnutls-3.6.5/bin/gnutls-serv";;
-    *) ;;
-esac
-
-run_in_docker \
-    -e M_CLI \
-    -e M_SRV \
-    -e GNUTLS_CLI \
-    -e GNUTLS_SERV \
-    -e OPENSSL_CMD \
-    -e OSSL_NO_DTLS \
-    tests/compat.sh \
-    $@
diff --git a/3rdparty/mbedtls-2.25.0/tests/configs/config-wrapper-malloc-0-null.h b/3rdparty/mbedtls-2.25.0/tests/configs/config-wrapper-malloc-0-null.h
deleted file mode 100644
index 69a9578..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/configs/config-wrapper-malloc-0-null.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/* config.h wrapper that forces calloc(0) to return NULL.
- * Used for testing.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef MBEDTLS_CONFIG_H
-/* Don't #define MBEDTLS_CONFIG_H, let config.h do it. */
-
-#include "mbedtls/config.h"
-
-#include <stdlib.h>
-static inline void *custom_calloc( size_t nmemb, size_t size )
-{
-    if( nmemb == 0 || size == 0 )
-        return( NULL );
-    return( calloc( nmemb, size ) );
-}
-
-#define MBEDTLS_PLATFORM_MEMORY
-#define MBEDTLS_PLATFORM_STD_CALLOC custom_calloc
-
-#endif /* MBEDTLS_CONFIG_H */
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/Makefile b/3rdparty/mbedtls-2.25.0/tests/data_files/Makefile
deleted file mode 100644
index b90ce74..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/Makefile
+++ /dev/null
@@ -1,1159 +0,0 @@
-## This file contains a record of how some of the test data was
-## generated. The final build products are committed to the repository
-## as well to make sure that the test data is identical. You do not
-## need to use this makefile unless you're extending mbed TLS's tests.
-
-## Many data files were generated prior to the existence of this
-## makefile, so the method of their generation was not recorded.
-
-## Note that in addition to depending on the version of the data
-## generation tool, many of the build outputs are randomized, so
-## running this makefile twice would not produce the same results.
-
-## Tools
-OPENSSL ?= openssl
-FAKETIME ?= faketime
-
-TOP_DIR = ../..
-MBEDTLS_CERT_WRITE ?= $(TOP_DIR)/programs/x509/cert_write
-MBEDTLS_CERT_REQ ?= $(TOP_DIR)/programs/x509/cert_req
-
-
-## Build the generated test data. Note that since the final outputs
-## are committed to the repository, this target should do nothing on a
-## fresh checkout. Furthermore, since the generation is randomized,
-## re-running the same targets may result in differing files. The goal
-## of this makefile is primarily to serve as a record of how the
-## targets were generated in the first place.
-default: all_final
-
-all_intermediate := # temporary files
-all_final := # files used by tests
-
-
-
-################################################################
-#### Generate certificates from existing keys
-################################################################
-
-test_ca_crt = test-ca.crt
-test_ca_key_file_rsa = test-ca.key
-test_ca_pwd_rsa = PolarSSLTest
-test_ca_config_file = test-ca.opensslconf
-
-test-ca.req.sha256: $(test_ca_key_file_rsa)
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_rsa) password=$(test_ca_pwd_rsa) subject_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" md=SHA256
-all_intermediate += test-ca.req.sha256
-
-test-ca.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
-	$(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@
-all_final += test-ca.crt
-
-test-ca.crt.der: test-ca.crt
-	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
-all_final += test-ca.crt.der
-
-test-ca.key.der: $(test_ca_key_file_rsa)
-	$(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER -passin "pass:$(test_ca_pwd_rsa)"
-all_final += test-ca.key.der
-
-test-ca-sha1.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
-	$(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@
-all_final += test-ca-sha1.crt
-
-test-ca-sha1.crt.der: test-ca-sha1.crt
-	$(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
-all_final += test-ca-sha1.crt.der
-
-test-ca-sha256.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
-	$(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA256 version=3 output_file=$@
-all_final += test-ca-sha256.crt
-
-test-ca-sha256.crt.der: test-ca-sha256.crt
-	$(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
-all_final += test-ca-sha256.crt.der
-
-test-ca_utf8.crt: $(test_ca_key_file_rsa)
-	$(OPENSSL) req -x509 -new -nodes -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 3 -config $(test_ca_config_file) -sha1 -days 3653 -utf8 -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test CA" -out $@
-all_final += test-ca_utf8.crt
-
-test-ca_printable.crt: $(test_ca_key_file_rsa)
-	$(OPENSSL) req -x509 -new -nodes -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 3 -config $(test_ca_config_file) -sha1 -days 3653 -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test CA" -out $@
-all_final += test-ca_printable.crt
-
-test-ca_uppercase.crt: $(test_ca_key_file_rsa)
-	$(OPENSSL) req -x509 -new -nodes -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 3 -config $(test_ca_config_file) -sha1 -days 3653 -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test CA" -out $@
-all_final += test-ca_uppercase.crt
-
-test_ca_key_file_rsa_alt = test-ca-alt.key
-
-cert_example_multi.csr: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=www.example.com" -set_serial 17 -config $(test_ca_config_file) -extensions dns_alt_names -days 3650 -key rsa_pkcs1_1024_clear.pem -out $@
-
-cert_example_multi.crt: cert_example_multi.csr
-	$(OPENSSL) x509 -req -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) -extfile $(test_ca_config_file) -extensions dns_alt_names -passin "pass:$(test_ca_pwd_rsa)" -set_serial 17 -days 3653 -sha256 -in $< > $@
-
-$(test_ca_key_file_rsa_alt):test-ca.opensslconf
-	$(OPENSSL) genrsa -out $@ 2048
-test-ca-alt.csr: $(test_ca_key_file_rsa_alt) $(test_ca_config_file)
-	$(OPENSSL) req -new -config $(test_ca_config_file) -key $(test_ca_key_file_rsa_alt) -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test CA" -out $@
-all_intermediate += test-ca-alt.csr
-test-ca-alt.crt: $(test_ca_key_file_rsa_alt) $(test_ca_config_file) test-ca-alt.csr
-	$(OPENSSL) req -x509 -config $(test_ca_config_file) -key $(test_ca_key_file_rsa_alt) -set_serial 0 -days 3653 -sha256 -in test-ca-alt.csr -out $@
-all_final += test-ca-alt.crt
-test-ca-alt-good.crt: test-ca-alt.crt test-ca-sha256.crt
-	cat test-ca-alt.crt test-ca-sha256.crt > $@
-all_final += test-ca-alt-good.crt
-test-ca-good-alt.crt: test-ca-alt.crt test-ca-sha256.crt
-	cat test-ca-sha256.crt test-ca-alt.crt > $@
-all_final += test-ca-good-alt.crt
-
-test_ca_crt_file_ec = test-ca2.crt
-test_ca_key_file_ec = test-ca2.key
-
-test-ca2.req.sha256: $(test_ca_key_file_ec)
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_ec) subject_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" md=SHA256
-all_intermediate += test-ca2.req.sha256
-
-test-ca2.crt: $(test_ca_key_file_ec) test-ca2.req.sha256
-	$(MBEDTLS_CERT_WRITE) is_ca=1 serial=13926223505202072808 request_file=test-ca2.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" issuer_key=$(test_ca_key_file_ec) not_before=20190210144400 not_after=20290210144400 md=SHA256 version=3 output_file=$@
-all_final += test-ca.crt
-
-test-ca-any_policy.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
-	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@
-all_final += test-ca-any_policy.crt
-
-test-ca-any_policy_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256
-	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_ca -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 -in test-ca.req_ec.sha256 -out $@
-all_final += test-ca-any_policy_ec.crt
-
-test-ca-any_policy_with_qualifier.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
-	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_qualifier_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@
-all_final += test-ca-any_policy_with_qualifier.crt
-
-test-ca-any_policy_with_qualifier_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256
-	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_qualifier_ca -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 -in test-ca.req_ec.sha256 -out $@
-all_final += test-ca-any_policy_with_qualifier_ec.crt
-
-test-ca-multi_policy.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
-	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_multi_policy_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@
-all_final += test-ca-multi_policy.crt
-
-test-ca-multi_policy_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256
-	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_multi_policy_ca -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 -in test-ca.req_ec.sha256 -out $@
-all_final += test-ca-multi_policy_ec.crt
-
-test-ca-unsupported_policy.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
-	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_unsupported_policy_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@
-all_final += test-ca-unsupported_policy.crt
-
-test-ca-unsupported_policy_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256
-	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_unsupported_policy_ca -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 -in test-ca.req_ec.sha256 -out $@
-all_final += test-ca-unsupported_policy_ec.crt
-
-test-ca.req_ec.sha256: $(test_ca_key_file_ec)
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_ec) subject_name="C=NL, O=PolarSSL, CN=Polarssl Test EC CA" md=SHA256
-all_intermediate += test-ca.req_ec.sha256
-
-test-ca2.crt.der: $(test_ca_crt_file_ec)
-	$(OPENSSL) x509 -in $(test_ca_crt_file_ec) -out $@ -inform PEM -outform DER
-all_final += test-ca2.crt.der
-
-test-ca2.key.der: $(test_ca_key_file_ec)
-	$(OPENSSL) pkey -in $(test_ca_key_file_ec) -out $@ -inform PEM -outform DER
-all_final += test-ca2.key.der
-
-test_ca_crt_cat12 = test-ca_cat12.crt
-$(test_ca_crt_cat12): $(test_ca_crt) $(test_ca_crt_file_ec)
-	cat $(test_ca_crt) $(test_ca_crt_file_ec) > $@
-all_final += $(test_ca_crt_cat12)
-
-test_ca_crt_cat21 = test-ca_cat21.crt
-$(test_ca_crt_cat21): $(test_ca_crt) $(test_ca_crt_file_ec)
-	cat $(test_ca_crt_file_ec) $(test_ca_crt) > $@
-all_final += $(test_ca_crt_cat21)
-
-test-int-ca.csr: test-int-ca.key $(test_ca_config_file)
-	$(OPENSSL) req -new -config $(test_ca_config_file) -key test-int-ca.key -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test Intermediate CA" -out $@
-all_intermediate += test-int-ca.csr
-test-int-ca-exp.crt: $(test_ca_crt_file_ec) $(test_ca_key_file_ec) $(test_ca_config_file) test-int-ca.csr
-	$(FAKETIME) -f -3653d $(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions v3_ca -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) -set_serial 14 -days 3653 -sha256 -in test-int-ca.csr -out $@
-all_final += test-int-ca-exp.crt
-
-enco-cert-utf8str.pem: rsa_pkcs1_1024_clear.pem
-	$(MBEDTLS_CERT_WRITE) subject_key=rsa_pkcs1_1024_clear.pem subject_name="CN=dw.yonan.net" issuer_crt=enco-ca-prstr.pem issuer_key=rsa_pkcs1_1024_clear.pem not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
-
-crl-idp.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file)
-	$(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_config_file) -name test_ca -md sha256 -crldays 3653 -crlexts crl_ext_idp -out $@
-all_final += crl-idp.pem
-crl-idpnc.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file)
-	$(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_config_file) -name test_ca -md sha256 -crldays 3653 -crlexts crl_ext_idp_nc -out $@
-all_final += crl-idpnc.pem
-
-cli_crt_key_file_rsa = cli-rsa.key
-cli_crt_extensions_file = cli.opensslconf
-
-cli-rsa.csr: $(cli_crt_key_file_rsa)
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Client 2" md=SHA1
-all_intermediate += cli-rsa.csr
-
-cli-rsa-sha1.crt: cli-rsa.csr
-	$(MBEDTLS_CERT_WRITE) request_file=$< serial=4 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
-
-cli-rsa-sha256.crt: cli-rsa.csr
-	$(MBEDTLS_CERT_WRITE) request_file=$< serial=4 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@
-all_final += cli-rsa-sha256.crt
-
-cli-rsa-sha256.crt.der: cli-rsa-sha256.crt
-	$(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
-all_final += cli-rsa-sha256.crt.der
-
-cli-rsa-sha256-badalg.crt.der: cli-rsa-sha256.crt.der
-	hexdump -ve '1/1 "%.2X"' $< | sed "s/06092A864886F70D01010B0500/06092A864886F70D01010B0900/2" | xxd -r -p > $@
-all_final += cli-rsa-sha256-badalg.crt.der
-
-cli-rsa.key.der: $(cli_crt_key_file_rsa)
-	$(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER
-all_final += cli-rsa.key.der
-
-test_ca_int_rsa1 = test-int-ca.crt
-
-server7.csr: server7.key
-	$(OPENSSL) req -new -key server7.key -subj "/C=NL/O=PolarSSL/CN=localhost" -out $@
-all_intermediate += server7.csr
-server7-expired.crt: server7.csr $(test_ca_int_rsa1)
-	$(FAKETIME) -f -3653d $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key -set_serial 16 -days 3653 -sha256 -in server7.csr | cat - $(test_ca_int_rsa1) > $@
-all_final += server7-expired.crt
-server7-future.crt: server7.csr $(test_ca_int_rsa1)
-	$(FAKETIME) -f +3653d $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key -set_serial 16 -days 3653 -sha256 -in server7.csr | cat - $(test_ca_int_rsa1) > $@
-all_final += server7-future.crt
-server7-badsign.crt: server7.crt $(test_ca_int_rsa1)
-	{ head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; cat $(test_ca_int_rsa1); } > $@
-all_final += server7-badsign.crt
-server7_int-ca-exp.crt: server7.crt test-int-ca-exp.crt
-	cat server7.crt test-int-ca-exp.crt > $@
-all_final += server7_int-ca-exp.crt
-
-cli2.req.sha256: cli2.key
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Test Client 2" md=SHA256
-
-all_final += server1.req.sha1
-cli2.crt: cli2.req.sha256
-	$(MBEDTLS_CERT_WRITE) request_file=cli2.req.sha256 serial=13 selfsign=0 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test EC CA" issuer_key=$(test_ca_key_file_ec) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA256 version=3 output_file=$@
-all_final += cli2.crt
-
-cli2.crt.der: cli2.crt
-	$(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
-all_final += cli2.crt.der
-
-cli2.key.der: cli2.key
-	$(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER
-all_final += cli2.key.der
-
-server5_pwd_ec = PolarSSLTest
-
-server5.crt.der: server5.crt
-	$(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
-all_final += server5.crt.der
-
-server5.key.der: server5.key
-	$(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER
-all_final += server5.key.der
-
-server5.key.enc: server5.key
-	$(OPENSSL) ec -aes256 -in $< -out $@ -passout "pass:$(server5_pwd_ec)"
-all_final += server5.key.enc
-
-server5-ss-expired.crt: server5.key
-	$(FAKETIME) -f -3653d $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/OU=testsuite/CN=localhost" -days 3653 -sha256 -key $< -out $@
-all_final += server5-ss-expired.crt
-
-# try to forge a copy of test-int-ca3 with different key
-server5-ss-forgeca.crt: server5.key
-	$(FAKETIME) '2015-09-01 14:08:43' $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" -set_serial 77 -config $(test_ca_config_file) -extensions noext_ca -days 3650 -sha256 -key $< -out $@
-all_final += server5-ss-forgeca.crt
-
-server5-othername.crt: server5.key
-	$(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions othername_san -days 3650 -sha256 -key $< -out $@
-
-server5-unsupported_othername.crt: server5.key
-	$(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS unsupported othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions unsupoported_othername_san -days 3650 -sha256 -key $< -out $@
-
-server5-fan.crt: server5.key
-	$(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS FAN" -set_serial 77 -config $(test_ca_config_file) -extensions fan_cert -days 3650 -sha256 -key server5.key -out $@
-
-server5-tricky-ip-san.crt: server5.key
-	$(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS Tricky IP SAN" -set_serial 77 -config $(test_ca_config_file) -extensions tricky_ip_san -days 3650 -sha256 -key server5.key -out $@
-all_final += server5-tricky-ip-san.crt
-
-server10-badsign.crt: server10.crt
-	{ head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@
-all_final += server10-badsign.crt
-server10-bs_int3.pem: server10-badsign.crt test-int-ca3.crt
-	cat server10-badsign.crt test-int-ca3.crt > $@
-all_final += server10-bs_int3.pem
-test-int-ca3-badsign.crt: test-int-ca3.crt
-	{ head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@
-all_final += test-int-ca3-badsign.crt
-server10_int3-bs.pem: server10.crt test-int-ca3-badsign.crt
-	cat server10.crt test-int-ca3-badsign.crt > $@
-all_final += server10_int3-bs.pem
-
-rsa_pkcs1_2048_public.pem: server8.key
-	$(OPENSSL)  rsa -in $< -outform PEM -RSAPublicKey_out -out $@
-all_final += rsa_pkcs1_2048_public.pem
-
-rsa_pkcs1_2048_public.der: rsa_pkcs1_2048_public.pem
-	$(OPENSSL) rsa -RSAPublicKey_in -in $< -outform DER -RSAPublicKey_out -out $@
-all_final += rsa_pkcs1_2048_public.der
-
-rsa_pkcs8_2048_public.pem: server8.key
-	$(OPENSSL)  rsa -in $< -outform PEM -pubout -out $@
-all_final += rsa_pkcs8_2048_public.pem
-
-rsa_pkcs8_2048_public.der: rsa_pkcs8_2048_public.pem
-	$(OPENSSL) rsa -pubin -in $< -outform DER -pubout -out $@
-all_final += rsa_pkcs8_2048_public.der
-
-################################################################
-#### Generate various RSA keys
-################################################################
-
-### Password used for PKCS1-encoded encrypted RSA keys
-keys_rsa_basic_pwd = testkey
-
-### Password used for PKCS8-encoded encrypted RSA keys
-keys_rsa_pkcs8_pwd = PolarSSLTest
-
-### Basic 1024-, 2048- and 4096-bit unencrypted RSA keys from which
-### all other encrypted RSA keys are derived.
-rsa_pkcs1_1024_clear.pem:
-	$(OPENSSL) genrsa -out $@ 1024
-all_final += rsa_pkcs1_1024_clear.pem
-rsa_pkcs1_2048_clear.pem:
-	$(OPENSSL) genrsa -out $@ 2048
-all_final += rsa_pkcs1_2048_clear.pem
-rsa_pkcs1_4096_clear.pem:
-	$(OPENSSL) genrsa -out $@ 4096
-all_final += rsa_pkcs1_4096_clear.pem
-
-###
-### PKCS1-encoded, encrypted RSA keys
-###
-
-### 1024-bit
-rsa_pkcs1_1024_des.pem: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
-all_final += rsa_pkcs1_1024_des.pem
-rsa_pkcs1_1024_3des.pem: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
-all_final += rsa_pkcs1_1024_3des.pem
-rsa_pkcs1_1024_aes128.pem: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
-all_final += rsa_pkcs1_1024_aes128.pem
-rsa_pkcs1_1024_aes192.pem: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
-all_final += rsa_pkcs1_1024_aes192.pem
-rsa_pkcs1_1024_aes256.pem: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
-all_final += rsa_pkcs1_1024_aes256.pem
-keys_rsa_enc_basic_1024: rsa_pkcs1_1024_des.pem rsa_pkcs1_1024_3des.pem rsa_pkcs1_1024_aes128.pem rsa_pkcs1_1024_aes192.pem rsa_pkcs1_1024_aes256.pem
-
-# 2048-bit
-rsa_pkcs1_2048_des.pem: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
-all_final += rsa_pkcs1_2048_des.pem
-rsa_pkcs1_2048_3des.pem: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
-all_final += rsa_pkcs1_2048_3des.pem
-rsa_pkcs1_2048_aes128.pem: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
-all_final += rsa_pkcs1_2048_aes128.pem
-rsa_pkcs1_2048_aes192.pem: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
-all_final += rsa_pkcs1_2048_aes192.pem
-rsa_pkcs1_2048_aes256.pem: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
-all_final += rsa_pkcs1_2048_aes256.pem
-keys_rsa_enc_basic_2048: rsa_pkcs1_2048_des.pem rsa_pkcs1_2048_3des.pem rsa_pkcs1_2048_aes128.pem rsa_pkcs1_2048_aes192.pem rsa_pkcs1_2048_aes256.pem
-
-# 4096-bit
-rsa_pkcs1_4096_des.pem: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
-all_final += rsa_pkcs1_4096_des.pem
-rsa_pkcs1_4096_3des.pem: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
-all_final += rsa_pkcs1_4096_3des.pem
-rsa_pkcs1_4096_aes128.pem: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
-all_final += rsa_pkcs1_4096_aes128.pem
-rsa_pkcs1_4096_aes192.pem: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
-all_final += rsa_pkcs1_4096_aes192.pem
-rsa_pkcs1_4096_aes256.pem: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
-all_final += rsa_pkcs1_4096_aes256.pem
-keys_rsa_enc_basic_4096: rsa_pkcs1_4096_des.pem rsa_pkcs1_4096_3des.pem rsa_pkcs1_4096_aes128.pem rsa_pkcs1_4096_aes192.pem rsa_pkcs1_4096_aes256.pem
-
-###
-### PKCS8-v1 encoded, encrypted RSA keys
-###
-
-### 1024-bit
-rsa_pkcs8_pbe_sha1_1024_3des.der: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
-all_final += rsa_pkcs8_pbe_sha1_1024_3des.der
-rsa_pkcs8_pbe_sha1_1024_3des.pem: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
-all_final += rsa_pkcs8_pbe_sha1_1024_3des.pem
-keys_rsa_enc_pkcs8_v1_1024_3des: rsa_pkcs8_pbe_sha1_1024_3des.pem rsa_pkcs8_pbe_sha1_1024_3des.der
-
-rsa_pkcs8_pbe_sha1_1024_2des.der: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
-all_final += rsa_pkcs8_pbe_sha1_1024_2des.der
-rsa_pkcs8_pbe_sha1_1024_2des.pem: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
-all_final += rsa_pkcs8_pbe_sha1_1024_2des.pem
-keys_rsa_enc_pkcs8_v1_1024_2des: rsa_pkcs8_pbe_sha1_1024_2des.pem rsa_pkcs8_pbe_sha1_1024_2des.der
-
-rsa_pkcs8_pbe_sha1_1024_rc4_128.der: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
-all_final += rsa_pkcs8_pbe_sha1_1024_rc4_128.der
-rsa_pkcs8_pbe_sha1_1024_rc4_128.pem: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
-all_final += rsa_pkcs8_pbe_sha1_1024_rc4_128.pem
-keys_rsa_enc_pkcs8_v1_1024_rc4_128: rsa_pkcs8_pbe_sha1_1024_rc4_128.pem rsa_pkcs8_pbe_sha1_1024_rc4_128.der
-
-keys_rsa_enc_pkcs8_v1_1024: keys_rsa_enc_pkcs8_v1_1024_3des keys_rsa_enc_pkcs8_v1_1024_2des keys_rsa_enc_pkcs8_v1_1024_rc4_128
-
-### 2048-bit
-rsa_pkcs8_pbe_sha1_2048_3des.der: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
-all_final += rsa_pkcs8_pbe_sha1_2048_3des.der
-rsa_pkcs8_pbe_sha1_2048_3des.pem: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
-all_final += rsa_pkcs8_pbe_sha1_2048_3des.pem
-keys_rsa_enc_pkcs8_v1_2048_3des: rsa_pkcs8_pbe_sha1_2048_3des.pem rsa_pkcs8_pbe_sha1_2048_3des.der
-
-rsa_pkcs8_pbe_sha1_2048_2des.der: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
-all_final += rsa_pkcs8_pbe_sha1_2048_2des.der
-rsa_pkcs8_pbe_sha1_2048_2des.pem: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
-all_final += rsa_pkcs8_pbe_sha1_2048_2des.pem
-keys_rsa_enc_pkcs8_v1_2048_2des: rsa_pkcs8_pbe_sha1_2048_2des.pem rsa_pkcs8_pbe_sha1_2048_2des.der
-
-rsa_pkcs8_pbe_sha1_2048_rc4_128.der: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
-all_final += rsa_pkcs8_pbe_sha1_2048_rc4_128.der
-rsa_pkcs8_pbe_sha1_2048_rc4_128.pem: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
-all_final += rsa_pkcs8_pbe_sha1_2048_rc4_128.pem
-keys_rsa_enc_pkcs8_v1_2048_rc4_128: rsa_pkcs8_pbe_sha1_2048_rc4_128.pem rsa_pkcs8_pbe_sha1_2048_rc4_128.der
-
-keys_rsa_enc_pkcs8_v1_2048: keys_rsa_enc_pkcs8_v1_2048_3des keys_rsa_enc_pkcs8_v1_2048_2des keys_rsa_enc_pkcs8_v1_2048_rc4_128
-
-### 4096-bit
-rsa_pkcs8_pbe_sha1_4096_3des.der: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
-all_final += rsa_pkcs8_pbe_sha1_4096_3des.der
-rsa_pkcs8_pbe_sha1_4096_3des.pem: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
-all_final += rsa_pkcs8_pbe_sha1_4096_3des.pem
-keys_rsa_enc_pkcs8_v1_4096_3des: rsa_pkcs8_pbe_sha1_4096_3des.pem rsa_pkcs8_pbe_sha1_4096_3des.der
-
-rsa_pkcs8_pbe_sha1_4096_2des.der: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
-all_final += rsa_pkcs8_pbe_sha1_4096_2des.der
-rsa_pkcs8_pbe_sha1_4096_2des.pem: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
-all_final += rsa_pkcs8_pbe_sha1_4096_2des.pem
-keys_rsa_enc_pkcs8_v1_4096_2des: rsa_pkcs8_pbe_sha1_4096_2des.pem rsa_pkcs8_pbe_sha1_4096_2des.der
-
-rsa_pkcs8_pbe_sha1_4096_rc4_128.der: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
-all_final += rsa_pkcs8_pbe_sha1_4096_rc4_128.der
-rsa_pkcs8_pbe_sha1_4096_rc4_128.pem: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
-all_final += rsa_pkcs8_pbe_sha1_4096_rc4_128.pem
-keys_rsa_enc_pkcs8_v1_4096_rc4_128: rsa_pkcs8_pbe_sha1_4096_rc4_128.pem rsa_pkcs8_pbe_sha1_4096_rc4_128.der
-
-keys_rsa_enc_pkcs8_v1_4096: keys_rsa_enc_pkcs8_v1_4096_3des keys_rsa_enc_pkcs8_v1_4096_2des keys_rsa_enc_pkcs8_v1_4096_rc4_128
-
-###
-### PKCS8-v2 encoded, encrypted RSA keys, no PRF specified (default for OpenSSL1.0: hmacWithSHA1)
-###
-
-### 1024-bit
-rsa_pkcs8_pbes2_pbkdf2_1024_3des.der: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des.der
-rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem
-keys_rsa_enc_pkcs8_v2_1024_3des: rsa_pkcs8_pbes2_pbkdf2_1024_3des.der rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem
-
-rsa_pkcs8_pbes2_pbkdf2_1024_des.der: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des.der
-rsa_pkcs8_pbes2_pbkdf2_1024_des.pem: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des.pem
-keys_rsa_enc_pkcs8_v2_1024_des: rsa_pkcs8_pbes2_pbkdf2_1024_des.der rsa_pkcs8_pbes2_pbkdf2_1024_des.pem
-
-keys_rsa_enc_pkcs8_v2_1024: keys_rsa_enc_pkcs8_v2_1024_3des keys_rsa_enc_pkcs8_v2_1024_des
-
-### 2048-bit
-rsa_pkcs8_pbes2_pbkdf2_2048_3des.der: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des.der
-rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem
-keys_rsa_enc_pkcs8_v2_2048_3des: rsa_pkcs8_pbes2_pbkdf2_2048_3des.der rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem
-
-rsa_pkcs8_pbes2_pbkdf2_2048_des.der: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des.der
-rsa_pkcs8_pbes2_pbkdf2_2048_des.pem: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des.pem
-keys_rsa_enc_pkcs8_v2_2048_des: rsa_pkcs8_pbes2_pbkdf2_2048_des.der rsa_pkcs8_pbes2_pbkdf2_2048_des.pem
-
-keys_rsa_enc_pkcs8_v2_2048: keys_rsa_enc_pkcs8_v2_2048_3des keys_rsa_enc_pkcs8_v2_2048_des
-
-### 4096-bit
-rsa_pkcs8_pbes2_pbkdf2_4096_3des.der: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des.der
-rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem
-keys_rsa_enc_pkcs8_v2_4096_3des: rsa_pkcs8_pbes2_pbkdf2_4096_3des.der rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem
-
-rsa_pkcs8_pbes2_pbkdf2_4096_des.der: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des.der
-rsa_pkcs8_pbes2_pbkdf2_4096_des.pem: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des.pem
-keys_rsa_enc_pkcs8_v2_4096_des: rsa_pkcs8_pbes2_pbkdf2_4096_des.der rsa_pkcs8_pbes2_pbkdf2_4096_des.pem
-
-keys_rsa_enc_pkcs8_v2_4096: keys_rsa_enc_pkcs8_v2_4096_3des keys_rsa_enc_pkcs8_v2_4096_des
-
-###
-### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA224
-###
-
-### 1024-bit
-rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der
-rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem
-keys_rsa_enc_pkcs8_v2_1024_3des_sha224: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem
-
-rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der
-rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem
-keys_rsa_enc_pkcs8_v2_1024_des_sha224: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem
-
-keys_rsa_enc_pkcs8_v2_1024_sha224: keys_rsa_enc_pkcs8_v2_1024_3des_sha224 keys_rsa_enc_pkcs8_v2_1024_des_sha224
-
-### 2048-bit
-rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der
-rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem
-keys_rsa_enc_pkcs8_v2_2048_3des_sha224: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem
-
-rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der
-rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem
-keys_rsa_enc_pkcs8_v2_2048_des_sha224: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem
-
-keys_rsa_enc_pkcs8_v2_2048_sha224: keys_rsa_enc_pkcs8_v2_2048_3des_sha224 keys_rsa_enc_pkcs8_v2_2048_des_sha224
-
-### 4096-bit
-rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der
-rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem
-keys_rsa_enc_pkcs8_v2_4096_3des_sha224: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem
-
-rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der
-rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem
-keys_rsa_enc_pkcs8_v2_4096_des_sha224: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem
-
-keys_rsa_enc_pkcs8_v2_4096_sha224: keys_rsa_enc_pkcs8_v2_4096_3des_sha224 keys_rsa_enc_pkcs8_v2_4096_des_sha224
-
-###
-### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA256
-###
-
-### 1024-bit
-rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der
-rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem
-keys_rsa_enc_pkcs8_v2_1024_3des_sha256: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem
-
-rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der
-rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem
-keys_rsa_enc_pkcs8_v2_1024_des_sha256: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem
-
-keys_rsa_enc_pkcs8_v2_1024_sha256: keys_rsa_enc_pkcs8_v2_1024_3des_sha256 keys_rsa_enc_pkcs8_v2_1024_des_sha256
-
-### 2048-bit
-rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der
-rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem
-keys_rsa_enc_pkcs8_v2_2048_3des_sha256: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem
-
-rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der
-rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem
-keys_rsa_enc_pkcs8_v2_2048_des_sha256: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem
-
-keys_rsa_enc_pkcs8_v2_2048_sha256: keys_rsa_enc_pkcs8_v2_2048_3des_sha256 keys_rsa_enc_pkcs8_v2_2048_des_sha256
-
-### 4096-bit
-rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der
-rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem
-keys_rsa_enc_pkcs8_v2_4096_3des_sha256: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem
-
-rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der
-rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem
-keys_rsa_enc_pkcs8_v2_4096_des_sha256: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem
-
-keys_rsa_enc_pkcs8_v2_4096_sha256: keys_rsa_enc_pkcs8_v2_4096_3des_sha256 keys_rsa_enc_pkcs8_v2_4096_des_sha256
-
-###
-### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA384
-###
-
-### 1024-bit
-rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der
-rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem
-keys_rsa_enc_pkcs8_v2_1024_3des_sha384: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem
-
-rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der
-rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem
-keys_rsa_enc_pkcs8_v2_1024_des_sha384: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem
-
-keys_rsa_enc_pkcs8_v2_1024_sha384: keys_rsa_enc_pkcs8_v2_1024_3des_sha384 keys_rsa_enc_pkcs8_v2_1024_des_sha384
-
-### 2048-bit
-rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der
-rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem
-keys_rsa_enc_pkcs8_v2_2048_3des_sha384: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem
-
-rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der
-rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem
-keys_rsa_enc_pkcs8_v2_2048_des_sha384: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem
-
-keys_rsa_enc_pkcs8_v2_2048_sha384: keys_rsa_enc_pkcs8_v2_2048_3des_sha384 keys_rsa_enc_pkcs8_v2_2048_des_sha384
-
-### 4096-bit
-rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der
-rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem
-keys_rsa_enc_pkcs8_v2_4096_3des_sha384: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem
-
-rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der
-rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem
-keys_rsa_enc_pkcs8_v2_4096_des_sha384: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem
-
-keys_rsa_enc_pkcs8_v2_4096_sha384: keys_rsa_enc_pkcs8_v2_4096_3des_sha384 keys_rsa_enc_pkcs8_v2_4096_des_sha384
-
-###
-### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA512
-###
-
-### 1024-bit
-rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der
-rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem
-keys_rsa_enc_pkcs8_v2_1024_3des_sha512: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem
-
-rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der
-rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem: rsa_pkcs1_1024_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem
-keys_rsa_enc_pkcs8_v2_1024_des_sha512: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem
-
-keys_rsa_enc_pkcs8_v2_1024_sha512: keys_rsa_enc_pkcs8_v2_1024_3des_sha512 keys_rsa_enc_pkcs8_v2_1024_des_sha512
-
-### 2048-bit
-rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der
-rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem
-keys_rsa_enc_pkcs8_v2_2048_3des_sha512: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem
-
-rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der
-rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem: rsa_pkcs1_2048_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem
-keys_rsa_enc_pkcs8_v2_2048_des_sha512: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem
-
-keys_rsa_enc_pkcs8_v2_2048_sha512: keys_rsa_enc_pkcs8_v2_2048_3des_sha512 keys_rsa_enc_pkcs8_v2_2048_des_sha512
-
-### 4096-bit
-rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der
-rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem
-keys_rsa_enc_pkcs8_v2_4096_3des_sha512: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem
-
-rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der
-rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem: rsa_pkcs1_4096_clear.pem
-	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
-all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem
-keys_rsa_enc_pkcs8_v2_4096_des_sha512: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem
-
-keys_rsa_enc_pkcs8_v2_4096_sha512: keys_rsa_enc_pkcs8_v2_4096_3des_sha512 keys_rsa_enc_pkcs8_v2_4096_des_sha512
-
-###
-### Rules to generate all RSA keys from a particular class
-###
-
-### Generate basic unencrypted RSA keys
-keys_rsa_unenc: rsa_pkcs1_1024_clear.pem rsa_pkcs1_2048_clear.pem rsa_pkcs1_4096_clear.pem
-
-### Generate PKCS1-encoded encrypted RSA keys
-keys_rsa_enc_basic: keys_rsa_enc_basic_1024 keys_rsa_enc_basic_2048 keys_rsa_enc_basic_4096
-
-### Generate PKCS8-v1 encrypted RSA keys
-keys_rsa_enc_pkcs8_v1: keys_rsa_enc_pkcs8_v1_1024 keys_rsa_enc_pkcs8_v1_2048 keys_rsa_enc_pkcs8_v1_4096
-
-### Generate PKCS8-v2 encrypted RSA keys
-keys_rsa_enc_pkcs8_v2: keys_rsa_enc_pkcs8_v2_1024 keys_rsa_enc_pkcs8_v2_2048 keys_rsa_enc_pkcs8_v2_4096 keys_rsa_enc_pkcs8_v2_1024_sha224 keys_rsa_enc_pkcs8_v2_2048_sha224 keys_rsa_enc_pkcs8_v2_4096_sha224 keys_rsa_enc_pkcs8_v2_1024_sha256 keys_rsa_enc_pkcs8_v2_2048_sha256 keys_rsa_enc_pkcs8_v2_4096_sha256 keys_rsa_enc_pkcs8_v2_1024_sha384 keys_rsa_enc_pkcs8_v2_2048_sha384 keys_rsa_enc_pkcs8_v2_4096_sha384 keys_rsa_enc_pkcs8_v2_1024_sha512 keys_rsa_enc_pkcs8_v2_2048_sha512 keys_rsa_enc_pkcs8_v2_4096_sha512
-
-### Generate all RSA keys
-keys_rsa_all: keys_rsa_unenc keys_rsa_enc_basic keys_rsa_enc_pkcs8_v1 keys_rsa_enc_pkcs8_v2
-
-################################################################
-#### Generate various EC keys
-################################################################
-
-###
-### PKCS8 encoded
-###
-
-ec_prv.pk8.der:
-	$(OPENSSL) genpkey -algorithm EC -pkeyopt ec_paramgen_curve:prime192v1 -pkeyopt ec_param_enc:named_curve -out $@ -outform DER
-all_final += ec_prv.pk8.der
-
-# ### Instructions for creating `ec_prv.pk8nopub.der`,
-# ### `ec_prv.pk8nopubparam.der`, and `ec_prv.pk8param.der` by hand from
-# ### `ec_prv.pk8.der`.
-#
-# These instructions assume you are familiar with ASN.1 DER encoding and can
-# use a hex editor to manipulate DER.
-#
-# The relevant ASN.1 definitions for a PKCS#8 encoded Elliptic Curve key are:
-#
-# PrivateKeyInfo ::= SEQUENCE {
-#   version                   Version,
-#   privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
-#   privateKey                PrivateKey,
-#   attributes           [0]  IMPLICIT Attributes OPTIONAL
-# }
-#
-# AlgorithmIdentifier  ::=  SEQUENCE  {
-#   algorithm   OBJECT IDENTIFIER,
-#   parameters  ANY DEFINED BY algorithm OPTIONAL
-# }
-#
-# ECParameters ::= CHOICE {
-#   namedCurve         OBJECT IDENTIFIER
-#   -- implicitCurve   NULL
-#   -- specifiedCurve  SpecifiedECDomain
-# }
-#
-# ECPrivateKey ::= SEQUENCE {
-#   version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
-#   privateKey     OCTET STRING,
-#   parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
-#   publicKey  [1] BIT STRING OPTIONAL
-# }
-#
-# `ec_prv.pk8.der` as generatde above by OpenSSL should have the following
-# fields:
-#
-# * privateKeyAlgorithm       namedCurve
-# * privateKey.parameters     NOT PRESENT
-# * privateKey.publicKey      PRESENT
-# * attributes                NOT PRESENT
-#
-# # ec_prv.pk8nopub.der
-#
-# Take `ec_prv.pk8.der` and remove `privateKey.publicKey`.
-#
-# # ec_prv.pk8nopubparam.der
-#
-# Take `ec_prv.pk8nopub.der` and add `privateKey.parameters`, the same value as
-# `privateKeyAlgorithm.namedCurve`. Don't forget to add the explicit tag.
-#
-# # ec_prv.pk8param.der
-#
-# Take `ec_prv.pk8.der` and add `privateKey.parameters`, the same value as
-# `privateKeyAlgorithm.namedCurve`. Don't forget to add the explicit tag.
-
-ec_prv.pk8.pem: ec_prv.pk8.der
-	$(OPENSSL) pkey -in $< -inform DER -out $@
-all_final += ec_prv.pk8.pem
-ec_prv.pk8nopub.pem: ec_prv.pk8nopub.der
-	$(OPENSSL) pkey -in $< -inform DER -out $@
-all_final += ec_prv.pk8nopub.pem
-ec_prv.pk8nopubparam.pem: ec_prv.pk8nopubparam.der
-	$(OPENSSL) pkey -in $< -inform DER -out $@
-all_final += ec_prv.pk8nopubparam.pem
-ec_prv.pk8param.pem: ec_prv.pk8param.der
-	$(OPENSSL) pkey -in $< -inform DER -out $@
-all_final += ec_prv.pk8param.pem
-
-################################################################
-### Generate CSRs for X.509 write test suite
-################################################################
-
-server1.req.sha1: server1.key
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
-all_final += server1.req.sha1
-
-server1.req.md4: server1.key
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=MD4
-all_final += server1.req.md4
-
-server1.req.md5: server1.key
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=MD5
-all_final += server1.req.md5
-
-server1.req.sha224: server1.key
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA224
-all_final += server1.req.sha224
-
-server1.req.sha256: server1.key
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA256
-all_final += server1.req.sha256
-
-server1.req.sha384: server1.key
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA384
-all_final += server1.req.sha384
-
-server1.req.sha512: server1.key
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA512
-all_final += server1.req.sha512
-
-server1.req.cert_type: server1.key
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< ns_cert_type=ssl_server subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
-all_final += server1.req.cert_type
-
-server1.req.key_usage: server1.key
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation,key_encipherment subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
-all_final += server1.req.key_usage
-
-server1.req.ku-ct: server1.key
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation,key_encipherment ns_cert_type=ssl_server subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
-all_final += server1.req.ku-ct
-
-server1.req.key_usage_empty: server1.key
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 force_key_usage=1
-all_final += server1.req.key_usage_empty
-
-server1.req.cert_type_empty: server1.key
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 force_ns_cert_type=1
-all_final += server1.req.cert_type_empty
-
-# server2*
-
-server2_pwd_ec = PolarSSLTest
-
-server2.req.sha256: server2.key
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=localhost" md=SHA256
-all_intermediate += server2.req.sha256
-
-server2.crt.der: server2.crt
-	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
-all_final += server2.crt.der
-
-server2-sha256.crt.der: server2-sha256.crt
-	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
-all_final += server2-sha256.crt.der
-
-server2.key.der: server2.key
-	$(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER
-all_final += server2.key.der
-
-server2.key.enc: server2.key
-	$(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(server2_pwd_ec)"
-all_final += server2.key.enc
-
-# server5*
-
-# The use of 'Server 1' in the DN is intentional here, as the DN is hardcoded in the x509_write test suite.'
-server5.req.ku.sha1: server5.key
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
-all_final += server5.req.ku.sha1
-
-################################################################
-### Generate certificates for CRT write check tests
-################################################################
-
-### The test files use the Mbed TLS generated certificates server1*.crt,
-### but for comparison with OpenSSL also rules for OpenSSL-generated
-### certificates server1*.crt.openssl are offered.
-###
-### Known differences:
-### * OpenSSL encodes trailing zero-bits in bit-strings occurring in X.509 extension
-###   as unused bits, while Mbed TLS doesn't.
-
-test_ca_server1_db = test-ca.server1.db
-test_ca_server1_serial = test-ca.server1.serial
-test_ca_server1_config_file = test-ca.server1.opensslconf
-
-# server1*
-
-server1.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
-	$(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
-server1.noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
-	$(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 authority_identifier=0 version=3 output_file=$@
-server1.crt.der: server1.crt
-	$(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 authority_identifier=0 version=3 output_file=$@
-server1.der: server1.crt
-	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
-all_final += server1.crt server1.noauthid.crt server1.crt.der
-
-server1.key_usage.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
-	$(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 key_usage=digital_signature,non_repudiation,key_encipherment version=3 output_file=$@
-server1.key_usage_noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
-	$(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 key_usage=digital_signature,non_repudiation,key_encipherment authority_identifier=0 version=3 output_file=$@
-server1.key_usage.der: server1.key_usage.crt
-	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
-all_final += server1.key_usage.crt server1.key_usage_noauthid.crt server1.key_usage.der
-
-server1.cert_type.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
-	$(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 ns_cert_type=ssl_server version=3 output_file=$@
-server1.cert_type_noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
-	$(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 ns_cert_type=ssl_server authority_identifier=0 version=3 output_file=$@
-server1.cert_type.der: server1.cert_type.crt
-	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
-all_final += server1.cert_type.crt server1.cert_type_noauthid.crt server1.cert_type.der
-
-server1.v1.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
-	$(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=1 output_file=$@
-server1.v1.der: server1.v1.crt
-	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
-all_final += server1.v1.crt server1.v1.der
-
-server1_ca.crt: server1.crt $(test_ca_crt)
-	cat server1.crt $(test_ca_crt) > $@
-all_final += server1_ca.crt
-
-cert_sha1.crt: server1.key
-	$(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1" serial=7 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
-all_final += cert_sha1.crt
-
-cert_sha224.crt: server1.key
-	$(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224" serial=8 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA224 version=3 output_file=$@
-all_final += cert_sha224.crt
-
-cert_sha256.crt: server1.key
-	$(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256" serial=9 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@
-all_final += cert_sha256.crt
-
-cert_sha384.crt: server1.key
-	$(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384" serial=10 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA384 version=3 output_file=$@
-all_final += cert_sha384.crt
-
-cert_sha512.crt: server1.key
-	$(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512" serial=11 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA512 version=3 output_file=$@
-all_final += cert_sha512.crt
-
-cert_example_wildcard.crt: server1.key
-	$(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=*.example.com" serial=12 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
-all_final += cert_example_wildcard.crt
-
-# OpenSSL-generated certificates for comparison
-# Also provide certificates in DER format to allow
-# direct binary comparison using e.g. dumpasn1
-server1.crt.openssl server1.key_usage.crt.openssl server1.cert_type.crt.openssl: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_server1_config_file)
-	echo "01" > $(test_ca_server1_serial)
-	rm -f $(test_ca_server1_db)
-	touch $(test_ca_server1_db)
-	$(OPENSSL) ca -batch -passin "pass:$(test_ca_pwd_rsa)" -config $(test_ca_server1_config_file) -in server1.req.sha256 -extensions v3_ext -extfile $@.v3_ext -out $@
-server1.der.openssl: server1.crt.openssl
-	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
-server1.key_usage.der.openssl: server1.key_usage.crt.openssl
-	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
-server1.cert_type.der.openssl: server1.cert_type.crt.openssl
-	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
-
-server1.v1.crt.openssl: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_server1_config_file)
-	echo "01" > $(test_ca_server1_serial)
-	rm -f $(test_ca_server1_db)
-	touch $(test_ca_server1_db)
-	$(OPENSSL) ca -batch -passin "pass:$(test_ca_pwd_rsa)" -config $(test_ca_server1_config_file) -in server1.req.sha256 -out $@
-server1.v1.der.openssl: server1.v1.crt.openssl
-	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
-
-# To revoke certificate in the openssl database:
-#
-# $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_server1_config_file) -md sha256 -crldays 365 -revoke server1.crt
-
-crl.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file)
-	$(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_server1_config_file) -md sha1 -crldays 3653 -out $@
-
-crl-futureRevocationDate.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file) test-ca.server1.future-crl.db  test-ca.server1.future-crl.opensslconf
-	$(FAKETIME) '2028-12-31' $(OPENSSL) ca -gencrl -config test-ca.server1.future-crl.opensslconf -crldays 365 -passin "pass:$(test_ca_pwd_rsa)" -out $@
-
-server1_all: crl.pem crl-futureRevocationDate.pem server1.crt server1.noauthid.crt server1.crt.openssl server1.v1.crt server1.v1.crt.openssl server1.key_usage.crt server1.key_usage_noauthid.crt server1.key_usage.crt.openssl server1.cert_type.crt server1.cert_type_noauthid.crt server1.cert_type.crt.openssl server1.der server1.der.openssl server1.v1.der server1.v1.der.openssl server1.key_usage.der server1.key_usage.der.openssl server1.cert_type.der server1.cert_type.der.openssl
-
-# server2*
-
-server2.crt: server2.req.sha256
-	$(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
-all_final += server2.crt
-
-server2.der: server2.crt
-	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
-all_final += server2.crt server2.der
-
-server2-sha256.crt: server2.req.sha256
-	$(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@
-all_final += server2-sha256.crt
-
-# MD2, MD4, MD5 test certificates
-
-cert_md_test_key = $(cli_crt_key_file_rsa)
-
-cert_md2.csr: $(cert_md_test_key)
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Cert MD2" md=MD2
-all_intermediate += cert_md2.csr
-
-cert_md2.crt: cert_md2.csr
-	$(MBEDTLS_CERT_WRITE) request_file=$< serial=9 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20000101121212 not_after=20300101121212 md=MD2 version=3 output_file=$@
-all_final += cert_md2.crt
-
-cert_md4.csr: $(cert_md_test_key)
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Cert MD4" md=MD4
-all_intermediate += cert_md4.csr
-
-cert_md4.crt: cert_md4.csr
-	$(MBEDTLS_CERT_WRITE) request_file=$< serial=5 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20000101121212 not_after=20300101121212 md=MD4 version=3 output_file=$@
-all_final += cert_md4.crt
-
-cert_md5.csr: $(cert_md_test_key)
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Cert MD5" md=MD5
-all_intermediate += cert_md5.csr
-
-cert_md5.crt: cert_md5.csr
-	$(MBEDTLS_CERT_WRITE) request_file=$< serial=6 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20000101121212 not_after=20300101121212 md=MD5 version=3 output_file=$@
-all_final += cert_md5.crt
-
-################################################################
-#### Meta targets
-################################################################
-
-all_final: $(all_final)
-all: $(all_intermediate) $(all_final)
-
-.PHONY: default all_final all
-.PHONY: keys_rsa_all
-.PHONY: keys_rsa_unenc keys_rsa_enc_basic
-.PHONY: keys_rsa_enc_pkcs8_v1 keys_rsa_enc_pkcs8_v2
-.PHONY: keys_rsa_enc_basic_1024 keys_rsa_enc_basic_2048 keys_rsa_enc_basic_4096
-.PHONY: keys_rsa_enc_pkcs8_v1_1024 keys_rsa_enc_pkcs8_v2_1024
-.PHONY: keys_rsa_enc_pkcs8_v1_2048 keys_rsa_enc_pkcs8_v2_2048
-.PHONY: keys_rsa_enc_pkcs8_v1_4096 keys_rsa_enc_pkcs8_v2_4096
-.PHONY: server1_all
-
-# These files should not be committed to the repository.
-list_intermediate:
-	@printf '%s\n' $(all_intermediate) | sort
-# These files should be committed to the repository so that the test data is
-# available upon checkout without running a randomized process depending on
-# third-party tools.
-list_final:
-	@printf '%s\n' $(all_final) | sort
-.PHONY: list_intermediate list_final
-
-## Remove intermediate files
-clean:
-	rm -f $(all_intermediate)
-## Remove all build products, even the ones that are committed
-neat: clean
-	rm -f $(all_final)
-.PHONY: clean neat
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl-rsa-pss-sha1-badsign.pem b/3rdparty/mbedtls-2.25.0/tests/data_files/crl-rsa-pss-sha1-badsign.pem
deleted file mode 100644
index 7e2a596..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/crl-rsa-pss-sha1-badsign.pem
+++ /dev/null
@@ -1,14 +0,0 @@
------BEGIN X509 CRL-----
-MIICJDCCAQYCAQEwEwYJKoZIhvcNAQEKMAaiBAICAOowOzELMAkGA1UEBhMCTkwx
-ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBFw0x
-NDAxMjAxMzQ2MzVaFw0yNDAxMTgxMzQ2MzVaMCgwEgIBChcNMTMwOTI0MTYyODM4
-WjASAgEWFw0xNDAxMjAxMzQzMDVaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5
-1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NM
-MRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQC
-AgDqA4IBAQB8ZBX0BEgRcx0lfk1ctELRu1AYoJ5BnsmQpq23Ca4YIP2yb2kTN1ZS
-4fR4SgYcNctgo2JJiNiUkCu1ZnRUOJUy8UlEio0+aeumTNz6CbeJEDhr5NC3oiV0
-MzvLn9rJVLPetOT9UrvvIy8iz5Pn1d8mu5rkt9BKQRq9NQx8riKnSIoTc91NLCMo
-mkCCB55DVbazODSWK19e6yQ0JS454RglOsqRtLJ/EDbi6lCsLXotFt3GEGMrob1O
-7Qck1Z59boaHxGYFEVnx90+4M3/qikVtwZdcBjLEmfuwYvszFw8J2y6Xwmg/HtUa
-y6li0JzWNHtkKUlCv2+SESZbD3NU8GQY
------END X509 CRL-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl.pem b/3rdparty/mbedtls-2.25.0/tests/data_files/crl.pem
deleted file mode 100644
index df7417e..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/crl.pem
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN X509 CRL-----
-MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwI
-UG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTE5MDIwNjE2MzQ0
-NloXDTI5MDIwNjE2MzQ0NlowKDASAgEBFw0xMTAyMTIxMjQ0MDdaMBICAQMXDTEx
-MDIxMjEyNDQwN1owDQYJKoZIhvcNAQEFBQADggEBAGHkRHGDz2HsoiXzfJDBpkfg
-I+yK34O9zoHMyGcDZbF9fj4NVyyNA6XCgY3IgQYe3boA1edO6+8ImjqiZjYK+GWt
-4ne7YhapRFAoFbKQY5hgy8mlpSRlNfmRVVCDDKannMac4tQff1LCFHN8msk/uG1b
-WHWAsL6dzLVojhbUFY6mZTb6nqjm5YgqcsNsz37n4dyrCDftB99FQdE/aAec2RXP
-Jgy9DnY5jMotPqHLZtMyfVNEoivDb7YJA5Vv6NSyiYVTjyWyTHNRsFEXRtHqjpqs
-oZdBgLZAAQsUvuVpMbDKQ4FrZjOaOW/xLtKPlh/HNA5p7hNtwIiCAIvp7uQti0w=
------END X509 CRL-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl_cat_ec-rsa.pem b/3rdparty/mbedtls-2.25.0/tests/data_files/crl_cat_ec-rsa.pem
deleted file mode 100644
index 3cda8ff..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/crl_cat_ec-rsa.pem
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN X509 CRL-----
-MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI
-UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2
-MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu
-BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC
-TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD
-IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAKuQ684s7gyhtxKJr6Ln
-S2BQ02f1jjPHrZVdXaZvm3C5tGi2cKkoK1aMiyC3LsRCuAIxAIMhj0TmcuIZr5fX
-g5RByD7zUnZBpoEAdgxFy4JPJ2IViWOPekSGh8b/JY1VNS6Zbw==
------END X509 CRL-----
------BEGIN X509 CRL-----
-MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI
-UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjI1
-OVoXDTE5MTEyNTEwMjI1OVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx
-MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAJYuWdKPdblMVWCnxpMnchuL
-dqWzK2BA0RelCaGjpxuwX3NmLDm+5hKja/DJxaRqTOf4RSC3kcX8CdIldsLO96dz
-//wAQdFPDhy6AFT5vKTO8ItPHDb7qFOqFqpeJi5XN1yoZGTB1ei0mgD3xBaKbp6U
-yCOZJSIFomt7piT4GcgWVHLUmpyHDDeodNhYPrN0jf2mr+ECd9fQJYdz1qm0Xx+Q
-NbKXDiPRmPX0qVleCZSeSp1JAmU4GoCO+96qQUpjgll+6xWya3UNj61f9sh0Zzr7
-5ug2LZo5uBM/LpNR1K3TLxNCcg7uUPTn9r143d7ivJhPl3tEJn4PXjv6mlLoOgU=
------END X509 CRL-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl_cat_rsa-ec.pem b/3rdparty/mbedtls-2.25.0/tests/data_files/crl_cat_rsa-ec.pem
deleted file mode 100644
index ded369d..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/crl_cat_rsa-ec.pem
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN X509 CRL-----
-MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI
-UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjI1
-OVoXDTE5MTEyNTEwMjI1OVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx
-MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAJYuWdKPdblMVWCnxpMnchuL
-dqWzK2BA0RelCaGjpxuwX3NmLDm+5hKja/DJxaRqTOf4RSC3kcX8CdIldsLO96dz
-//wAQdFPDhy6AFT5vKTO8ItPHDb7qFOqFqpeJi5XN1yoZGTB1ei0mgD3xBaKbp6U
-yCOZJSIFomt7piT4GcgWVHLUmpyHDDeodNhYPrN0jf2mr+ECd9fQJYdz1qm0Xx+Q
-NbKXDiPRmPX0qVleCZSeSp1JAmU4GoCO+96qQUpjgll+6xWya3UNj61f9sh0Zzr7
-5ug2LZo5uBM/LpNR1K3TLxNCcg7uUPTn9r143d7ivJhPl3tEJn4PXjv6mlLoOgU=
------END X509 CRL-----
------BEGIN X509 CRL-----
-MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI
-UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2
-MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu
-BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC
-TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD
-IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAKuQ684s7gyhtxKJr6Ln
-S2BQ02f1jjPHrZVdXaZvm3C5tGi2cKkoK1aMiyC3LsRCuAIxAIMhj0TmcuIZr5fX
-g5RByD7zUnZBpoEAdgxFy4JPJ2IViWOPekSGh8b/JY1VNS6Zbw==
------END X509 CRL-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/long.sh b/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/long.sh
deleted file mode 100644
index d7d8797..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/long.sh
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/bin/sh
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-set -eu
-
-: ${OPENSSL:=openssl}
-NB=20
-
-OPT="-days 3653 -sha256"
-
-# generate self-signed root
-$OPENSSL ecparam -name prime256v1 -genkey -out 00.key
-$OPENSSL req -new -x509 -subj "/C=UK/O=mbed TLS/CN=CA00" $OPT \
-             -key 00.key -out 00.crt
-
-# cXX.pem is the chain starting at XX
-cp 00.crt c00.pem
-
-# generate long chain
-i=1
-while [ $i -le $NB ]; do
-    UP=$( printf "%02d" $((i-1)) )
-    ME=$( printf "%02d" $i )
-
-    $OPENSSL ecparam -name prime256v1 -genkey -out ${ME}.key
-    $OPENSSL req -new -subj "/C=UK/O=mbed TLS/CN=CA${ME}" \
-                 -key ${ME}.key -out ${ME}.csr
-    $OPENSSL x509 -req -CA ${UP}.crt -CAkey ${UP}.key -set_serial 1 $OPT \
-                  -extfile int.opensslconf -extensions int \
-                  -in ${ME}.csr -out ${ME}.crt
-
-    cat ${ME}.crt c${UP}.pem > c${ME}.pem
-
-    rm ${ME}.csr
-    i=$((i+1))
-done
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_pub.der b/3rdparty/mbedtls-2.25.0/tests/data_files/ec_pub.der
deleted file mode 100644
index 74c5951..0000000
Binary files a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_pub.der and /dev/null differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/mpi_10 b/3rdparty/mbedtls-2.25.0/tests/data_files/mpi_10
deleted file mode 100644
index ab5e0d3..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/mpi_10
+++ /dev/null
@@ -1 +0,0 @@
-label_1234567890=643808006803554439230129854961492699151386107534013432918073439524138264842370630061369715394739134090922937332590384720397133335969549256322620979036686633213903952966175107096769180017646161851573147596390153
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/print_c.pl b/3rdparty/mbedtls-2.25.0/tests/data_files/print_c.pl
deleted file mode 100644
index ce8ed6f..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/print_c.pl
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/usr/bin/env perl
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-use strict;
-use warnings;
-
-if (!@ARGV || $ARGV[0] == '--help') {
-    print <<EOF;
-Usage: $0 mbedtls_test_foo <file.pem
-       $0 TEST_FOO mbedtls_test_foo <file.pem
-Print out a PEM file as C code defining a string constant.
-
-Used to include some of the test data in /library/certs.c for
-self-tests and sample programs.
-EOF
-    exit;
-}
-
-my $pp_name = @ARGV > 1 ? shift @ARGV : undef;
-my $name = shift @ARGV;
-
-my @lines = map {chomp; s/([\\"])/\\$1/g; "\"$_\\r\\n\""} <STDIN>;
-
-if (defined $pp_name) {
-    foreach ("#define $pp_name", @lines[0..@lines-2]) {
-        printf "%-72s\\\n", $_;
-    }
-    print "$lines[@lines-1]\n";
-    print "const char $name\[\] = $pp_name;\n";
-} else {
-    print "const char $name\[\] =";
-    foreach (@lines) {
-        print "\n$_";
-    }
-    print ";\n";
-}
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1-nospace.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server1-nospace.crt
deleted file mode 100644
index 932c236..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server1-nospace.crt
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDhDCCAmygAwIBAgIBHzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTQwMzI2MDkyMzEyWhcNMjQwMzIzMDkyMzEyWjA7MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEHBvbGFyc3NsLmV4YW1wbGUwggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpAh89QGrVVVOL/TbugmUuFWFeib+4
-6EWQ2+6IFlLT8UNQR5YSWWSHa/0r4Eb5c77dz5LhkVvtZqBviSl5RYDQg2rVQUN3
-Xzl8CQRHgrBXOXDto+wVGR6oMwhHwQVCqf1Mw7Tf3QYfTRBRQGdzEw9A+G2BJV8K
-sVPGMH4VOaz5Wu5/kp6mBVvnE5eFtSOS2dQkBtUJJYl1B92mGo8/CRm+rWUsZOuV
-m9z+QV4XptpsW2nMAroULBYknErczdD3Umdz8S2gI/1+9DHKLXDKiQsE2y6mT3Bu
-ns69WIniU1meblqSZeKIPwyUGaPd5eidlRPtKdurcBLcWsprF6tSglSxAgMBAAGj
-gZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQUH3TWPynBdHRFOwUSLD2ovUNZAqYw
-YwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBD
-QYIBADANBgkqhkiG9w0BAQsFAAOCAQEAXs4vQqlIlxrMbE6IwAHLcGJuz17Ru/en
-H9bUnnSh1pxa+NHMKZHBG3GT0iaxsVtXf56/tXH4+HL7ntJjrczGN1PbhMGPyt94
-556ZgDxkHT9k7KjPAIs9BrjFHvl9NyIZzcbwkiC0qGvdzjSfe3AiSYuhXI/9/Hog
-uUwReH+T2U/ICEHQ5O8aV5nvpgqL3EeEmyx3bu+YXtZMWQUYzX+ya4TnKVPdqwbf
-ebr6v1hLXrUFl6rZ3wEJ6MqUW3SGZRkCVNZUOD6Ky3+EiLwYFhuKGdFqSS0JAAD7
-ZO3yPu5hu3BhAQYavK4Yyfi9IQmubBqxopPwyzjG1HPw2lj+oapH0w==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1-v1.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server1-v1.crt
deleted file mode 100644
index 47f1fff..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server1-v1.crt
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDITCCAgkCDFOitscEzU2OvIALwTANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD
-ExNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLEwd0ZXN0aW5nMREwDwYDVQQK
-EwhQb2xhclNTTDELMAkGA1UEBhMCTkwwIhgPMjAxNDA2MTkxMDA5MTFaGA8yMDI0
-MDYxODEwMDkxMVowTjEaMBgGA1UEAxMRc2VydmVyMS9pbnQtY2EtdjExEDAOBgNV
-BAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIw
-DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6J
-v7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVB
-Q3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYEl
-XwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk
-65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZP
-cG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEA
-ATANBgkqhkiG9w0BAQsFAAOCAQEAPJl3fbVeTJ6gVAvCoLYM8JY5U7ZhrCCdBghw
-WuZBS/TWwf4WLP0G/ZtTyTOENcT0gWHf0/VnXtNPw2/yBjWsLtTXxN2XQlEVf3j/
-WcQxWgSESYdx/sT/uTW6qihuONPWkTQizmx7OG6vBuGx3g54s9/oeJKXOraNqud3
-G4KBrytOazliMfoKO2hnzaeydpaDtb2tZX8apN/6KqQpTAcXsWrZRW9XEHWq2sNz
-IR1nIE1F/9gnqi9Xy0HQprteLRUvM4tEQ35m4H20eS5Y9gJlE/DqXmMQ7aiU8DgP
-krj+Z18pcrssO+Etv0BOiPjmU9TWWpDMj34ef7U/OH5qJxkSrA==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server10-badsign.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server10-badsign.crt
deleted file mode 100644
index eca171f..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server10-badsign.crt
+++ /dev/null
@@ -1,10 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G
-A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp
-YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD
-VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq
-oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY
-Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io
-rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ
-AzO3pJx7WJAApZuBX10=
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server10-bs_int3.pem b/3rdparty/mbedtls-2.25.0/tests/data_files/server10-bs_int3.pem
deleted file mode 100644
index b84cee7..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server10-bs_int3.pem
+++ /dev/null
@@ -1,22 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G
-A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp
-YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD
-VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq
-oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY
-Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io
-rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ
-AzO3pJx7WJAApZuBX10=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG
-A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU
-ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
-732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9
-2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo
-ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt
-Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt
-pz590JvGWfM=
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server10.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server10.crt
deleted file mode 100644
index 96a4040..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server10.crt
+++ /dev/null
@@ -1,10 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G
-A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp
-YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD
-VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq
-oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY
-Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io
-rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ
-AzO3pJx7WJAApZuBX1Q=
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server10_int3-bs.pem b/3rdparty/mbedtls-2.25.0/tests/data_files/server10_int3-bs.pem
deleted file mode 100644
index a9e0615..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server10_int3-bs.pem
+++ /dev/null
@@ -1,22 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G
-A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp
-YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD
-VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq
-oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY
-Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io
-rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ
-AzO3pJx7WJAApZuBX1Q=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG
-A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU
-ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
-732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9
-2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo
-ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt
-Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt
-pz590JvGWf0=
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server10_int3_int-ca2.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server10_int3_int-ca2.crt
deleted file mode 100644
index 0df2c65..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server10_int3_int-ca2.crt
+++ /dev/null
@@ -1,40 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G
-A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp
-YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD
-VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq
-oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY
-Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io
-rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ
-AzO3pJx7WJAApZuBX1Q=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG
-A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU
-ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
-732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9
-2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo
-ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt
-Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt
-pz590JvGWfM=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl
-WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8
-ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW
-BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV
-D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw
-FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI
-hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6
-yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M
-ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf
-7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M
-CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut
-ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw=
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server10_int3_int-ca2_ca.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server10_int3_int-ca2_ca.crt
deleted file mode 100644
index c25482b..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server10_int3_int-ca2_ca.crt
+++ /dev/null
@@ -1,120 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G
-A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp
-YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD
-VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq
-oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY
-Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io
-rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ
-AzO3pJx7WJAApZuBX1Q=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG
-A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU
-ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
-732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9
-2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo
-ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt
-Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt
-pz590JvGWfM=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl
-WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8
-ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW
-BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV
-D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw
-FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI
-hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6
-yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M
-ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf
-7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M
-CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut
-ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw=
------END CERTIFICATE-----
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 0 (0x0)
-        Signature Algorithm: sha1WithRSAEncryption
-        Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA
-        Validity
-            Not Before: Feb 12 14:44:00 2011 GMT
-            Not After : Feb 12 14:44:00 2021 GMT
-        Subject: C=NL, O=PolarSSL, CN=PolarSSL Test CA
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (2048 bit)
-                Modulus (2048 bit):
-                    00:c0:df:37:fc:17:bb:e0:96:9d:3f:86:de:96:32:
-                    7d:44:a5:16:a0:cd:21:f1:99:d4:ec:ea:cb:7c:18:
-                    58:08:94:a5:ec:9b:c5:8b:df:1a:1e:99:38:99:87:
-                    1e:7b:c0:8d:39:df:38:5d:70:78:07:d3:9e:d9:93:
-                    e8:b9:72:51:c5:ce:a3:30:52:a9:f2:e7:40:70:14:
-                    cb:44:a2:72:0b:c2:e5:40:f9:3e:e5:a6:0e:b3:f9:
-                    ec:4a:63:c0:b8:29:00:74:9c:57:3b:a8:a5:04:90:
-                    71:f1:bd:83:d9:3f:d6:a5:e2:3c:2a:8f:ef:27:60:
-                    c3:c6:9f:cb:ba:ec:60:7d:b7:e6:84:32:be:4f:fb:
-                    58:26:22:03:5b:d4:b4:d5:fb:f5:e3:96:2e:70:c0:
-                    e4:2e:bd:fc:2e:ee:e2:41:55:c0:34:2e:7d:24:72:
-                    69:cb:47:b1:14:40:83:7d:67:f4:86:f6:31:ab:f1:
-                    79:a4:b2:b5:2e:12:f9:84:17:f0:62:6f:27:3e:13:
-                    58:b1:54:0d:21:9a:73:37:a1:30:cf:6f:92:dc:f6:
-                    e9:fc:ac:db:2e:28:d1:7e:02:4b:23:a0:15:f2:38:
-                    65:64:09:ea:0c:6e:8e:1b:17:a0:71:c8:b3:9b:c9:
-                    ab:e9:c3:f2:cf:87:96:8f:80:02:32:9e:99:58:6f:
-                    a2:d5
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:TRUE
-            X509v3 Subject Key Identifier: 
-                B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF
-            X509v3 Authority Key Identifier: 
-                keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF
-                DirName:/C=NL/O=PolarSSL/CN=PolarSSL Test CA
-                serial:00
-
-    Signature Algorithm: sha1WithRSAEncryption
-        b8:fd:54:d8:00:54:90:8b:25:b0:27:dd:95:cd:a2:f7:84:07:
-        1d:87:89:4a:c4:78:11:d8:07:b5:d7:22:50:8e:48:eb:62:7a:
-        32:89:be:63:47:53:ff:b6:be:f1:2e:8c:54:c0:99:3f:a0:b9:
-        37:23:72:5f:0d:46:59:8f:d8:47:cd:97:4c:9f:07:0c:12:62:
-        09:3a:24:e4:36:d9:e9:2c:da:38:d0:73:75:61:d7:c1:6c:26:
-        8b:9b:e0:d5:dc:67:ed:8c:6b:33:d7:74:22:3c:4c:db:b5:8d:
-        2a:ce:2c:0d:08:59:05:09:05:a6:39:9f:b3:67:1b:e2:83:e5:
-        e1:8f:53:f6:67:93:c7:f9:6f:76:44:58:12:e8:3a:d4:97:e7:
-        e9:c0:3e:a8:7a:72:3d:87:53:1f:e5:2c:84:84:e7:9a:9e:7f:
-        66:d9:1f:9b:f5:13:48:b0:4d:14:d1:de:b2:24:d9:78:7d:f5:
-        35:cc:58:19:d1:d2:99:ef:4d:73:f8:1f:89:d4:5a:d0:52:ce:
-        09:f5:b1:46:51:6a:00:8e:3b:cc:6f:63:01:00:99:ed:9d:a6:
-        08:60:cd:32:18:d0:73:e0:58:71:d9:e5:d2:53:d7:8d:d0:ca:
-        e9:5d:2a:0a:0d:5d:55:ec:21:50:17:16:e6:06:4a:cd:5e:de:
-        f7:e0:e9:54
------BEGIN CERTIFICATE-----
-MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx
-mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny
-50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n
-YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL
-R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu
-KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj
-gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH
-/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV
-BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz
-dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ
-SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H
-DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF
-pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf
-m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ
-7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server10_int3_spurious_int-ca2.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server10_int3_spurious_int-ca2.crt
deleted file mode 100644
index c9d6715..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server10_int3_spurious_int-ca2.crt
+++ /dev/null
@@ -1,64 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G
-A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp
-YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD
-VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq
-oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY
-Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io
-rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ
-AzO3pJx7WJAApZuBX1Q=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG
-A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU
-ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
-732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9
-2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo
-ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt
-Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt
-pz590JvGWfM=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq
-vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR
-wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF
-CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g
-Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q
-AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2
-qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM
-uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA
-kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P
-d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br
-Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg
-updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY
-a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
-NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE
-AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
-CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG
-i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9
-Af5cNR8KhzegznL6amRObGGKmX1F
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl
-WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8
-ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW
-BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV
-D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw
-FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI
-hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6
-yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M
-ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf
-7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M
-CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut
-ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw=
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server2-v1-chain.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server2-v1-chain.crt
deleted file mode 100644
index 84bb6b2..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server2-v1-chain.crt
+++ /dev/null
@@ -1,38 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDFTCCAf0CDFOittkjXbxFc/m3bDANBgkqhkiG9w0BAQsFADBOMRowGAYDVQQD
-ExFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECxMHdGVzdGluZzERMA8GA1UEChMI
-UG9sYXJTU0wxCzAJBgNVBAYTAk5MMCIYDzIwMTQwNjE5MTAwOTI5WhgPMjAyNDA2
-MTgxMDA5MjlaMEQxEDAOBgNVBAMTB3NlcnZlcjIxEDAOBgNVBAsTB3Rlc3Rpbmcx
-ETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTNowCI
-p+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKzNtSj
-+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kMtQCQ
-4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8PhYva
-i0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjyaHT4P
-6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAATANBgkqhkiG9w0B
-AQsFAAOCAQEAivCCMBfC5YNeozwp8vAWpiRUakhtO8ysvCfQsZD4tWLlSkrjoUtG
-3RNd9gDVDGb852GswtNMKHJC1AeZuXdh3eBoDBNTXnR/9UkHgWNBy5f+JH2irYrc
-ps5ofpYJZe7K6xQjl+RLc8nfUUaVfS3dJnyLr9k5kg4in48p+hEF6oXDBu2zdufF
-53k/U98FTvFkVisEDFzLXyKX0fAZxfMk4qnEoBflH4fEXfkuuaBUVdoGGIMRLNAW
-GIyRxr+zj+OJL+ZjjAkY4JqtEuUuLjODn//DHI/MkqE0LANOvbb4akpgZsyvSSO3
-o38d1wQHw5+bO+YDqdfIdQXguU5mtS1xAw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDITCCAgkCDFOitscEzU2OvIALwTANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD
-ExNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLEwd0ZXN0aW5nMREwDwYDVQQK
-EwhQb2xhclNTTDELMAkGA1UEBhMCTkwwIhgPMjAxNDA2MTkxMDA5MTFaGA8yMDI0
-MDYxODEwMDkxMVowTjEaMBgGA1UEAxMRc2VydmVyMS9pbnQtY2EtdjExEDAOBgNV
-BAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIw
-DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6J
-v7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVB
-Q3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYEl
-XwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk
-65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZP
-cG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEA
-ATANBgkqhkiG9w0BAQsFAAOCAQEAPJl3fbVeTJ6gVAvCoLYM8JY5U7ZhrCCdBghw
-WuZBS/TWwf4WLP0G/ZtTyTOENcT0gWHf0/VnXtNPw2/yBjWsLtTXxN2XQlEVf3j/
-WcQxWgSESYdx/sT/uTW6qihuONPWkTQizmx7OG6vBuGx3g54s9/oeJKXOraNqud3
-G4KBrytOazliMfoKO2hnzaeydpaDtb2tZX8apN/6KqQpTAcXsWrZRW9XEHWq2sNz
-IR1nIE1F/9gnqi9Xy0HQprteLRUvM4tEQ35m4H20eS5Y9gJlE/DqXmMQ7aiU8DgP
-krj+Z18pcrssO+Etv0BOiPjmU9TWWpDMj34ef7U/OH5qJxkSrA==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server2-v1.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server2-v1.crt
deleted file mode 100644
index 7ef7968..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server2-v1.crt
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDFTCCAf0CDFOittkjXbxFc/m3bDANBgkqhkiG9w0BAQsFADBOMRowGAYDVQQD
-ExFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECxMHdGVzdGluZzERMA8GA1UEChMI
-UG9sYXJTU0wxCzAJBgNVBAYTAk5MMCIYDzIwMTQwNjE5MTAwOTI5WhgPMjAyNDA2
-MTgxMDA5MjlaMEQxEDAOBgNVBAMTB3NlcnZlcjIxEDAOBgNVBAsTB3Rlc3Rpbmcx
-ETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTNowCI
-p+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKzNtSj
-+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kMtQCQ
-4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8PhYva
-i0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjyaHT4P
-6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAATANBgkqhkiG9w0B
-AQsFAAOCAQEAivCCMBfC5YNeozwp8vAWpiRUakhtO8ysvCfQsZD4tWLlSkrjoUtG
-3RNd9gDVDGb852GswtNMKHJC1AeZuXdh3eBoDBNTXnR/9UkHgWNBy5f+JH2irYrc
-ps5ofpYJZe7K6xQjl+RLc8nfUUaVfS3dJnyLr9k5kg4in48p+hEF6oXDBu2zdufF
-53k/U98FTvFkVisEDFzLXyKX0fAZxfMk4qnEoBflH4fEXfkuuaBUVdoGGIMRLNAW
-GIyRxr+zj+OJL+ZjjAkY4JqtEuUuLjODn//DHI/MkqE0LANOvbb4akpgZsyvSSO3
-o38d1wQHw5+bO+YDqdfIdQXguU5mtS1xAw==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server2.ku-ds.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server2.ku-ds.crt
deleted file mode 100644
index 3bd07d0..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server2.ku-ds.crt
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDijCCAnKgAwIBAgIBLDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTQwNDA5MDg0NDUxWhcNMjQwNDA2MDg0NDUxWjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN
-owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz
-NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM
-tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P
-hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya
-HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ
-BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME
-XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP
-BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG
-A1UdDwQEAwIHgDANBgkqhkiG9w0BAQUFAAOCAQEAc4kubASrFXFtplkYp6FUcnUn
-Pf/6laS1htI+3y+q1UHWe2PcagZtCHTCUGBSWLeUIiaIBheaIRqv+4sSFVuXB7hV
-0PGXpO5btth4R8BHzGqCdObKvPujp5BDq3xgcAFicA3HUMNsJoTDv/RYXY7je1Q5
-ntVyVPeji0AWMUYQjcqHTQQPGBgdJrRTMaYglZh15IhJ16ICNd9rWIeBA0h/+r0y
-QuFEBz0nfe7Dvpqct7gJCv+7/5tCujx4LT17z7oK8BZN5SePAGU2ykJsUXk8ZICT
-ongaQQVQwS6/GJ6A5V8ecaUvFrTby1h9+2sOW8n2NRGiaaG5gkvxVeayemcmOQ==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server2.ku-ds_ke.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server2.ku-ds_ke.crt
deleted file mode 100644
index ebee7e1..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server2.ku-ds_ke.crt
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDijCCAnKgAwIBAgIBMDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTQwNDA5MTAwMjQ5WhcNMjQwNDA2MTAwMjQ5WjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN
-owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz
-NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM
-tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P
-hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya
-HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ
-BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME
-XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP
-BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG
-A1UdDwQEAwIFoDANBgkqhkiG9w0BAQUFAAOCAQEAnW7+h85xBP2KJzFSpWfGirVe
-ApdC9bX0Z1sVMmD486N+ty9W6BP6kJRxLDX0fOuRc3x7mCy5qZg/Yj40+yQSoA0w
-bTNwJjuR8iMqWIqLw9hWR+E9T4lYLZWyGJVjlVTkO4i5wifwhoJE9Doohh/6crn5
-ImWgEkgT/wDVIHoamciO6KU36d0iAEEP2eYgxv2/sVHvjjsseTdvYh3D3VuOmQtS
-uUvFxc6H5kYoq/yodJWDaOn3RS8pEpDsiW+abcWyxNTPtHFroJV7e9aaVmhlRSzw
-sYDyD/ZyIlavoPSEiD3LTT/Tp6BIpz+zb4WHOHLEvUCsZputqxPVcNoEAi9xuA==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server2.ku-ka.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server2.ku-ka.crt
deleted file mode 100644
index 90f7c4a..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server2.ku-ka.crt
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDijCCAnKgAwIBAgIBKjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTQwNDA5MDg0NDIzWhcNMjQwNDA2MDg0NDIzWjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN
-owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz
-NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM
-tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P
-hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya
-HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ
-BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME
-XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP
-BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG
-A1UdDwQEAwIDCDANBgkqhkiG9w0BAQUFAAOCAQEAriPloIWfu7U8d1hls97C7OBI
-OiE2xFh2UmuN/9hTK2CyW6MtBf8aG3l4jQDrsutHO0gUyoR67ug4yj+s+0S/zETZ
-q6mPo7cBbVwjhGciQRiYgufFpdnbXR05HDgOVPK7qqjL6UOZnbu5caIEvIJgdwXn
-n8WB9x/Ii4/2S9ysmRdRhDBYekzgH3Ac2UnHJTMh1XaSL817MW6B9BDKHt4xa7pW
-cplDzrFKYbmxSSxzALE4Dr+zRvmDx4bcYpBkRRfOhnnR1caQBgaZzPcX/Vu+vw8e
-qs2nyBW5RBu8MBCBU1DpqOSo6jl0QTpuq3NzQZIouG9fyckqDJS5ibrxQTutPw==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server2.ku-ke.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server2.ku-ke.crt
deleted file mode 100644
index 8daa0c1..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server2.ku-ke.crt
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDijCCAnKgAwIBAgIBKzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTQwNDA5MDg0NDM5WhcNMjQwNDA2MDg0NDM5WjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN
-owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz
-NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM
-tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P
-hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya
-HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ
-BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME
-XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP
-BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG
-A1UdDwQEAwIFIDANBgkqhkiG9w0BAQUFAAOCAQEAqreLAIuxeLGKbhoEROYRqXxO
-ndaC6uDcpxhgmEW7B2DW6ZtX8155v3ov61MuMas8fEQjD5STDP9qERxNTePnhW3m
-kDZd2jUBE3ioHhTBv47i1PYU+DRe42kY6z0jUmNPK8TsTKfdbqTGXg9THe1KYB7q
-hdljqGS08IgBl/q2lK2OOSycu27xhfb9Mo0BcLBab92WgyBu+cFPQsKiL4mD7QyJ
-+73Ndb21EuANUjsRDQ3NPklssJcyJB2v85eekwk1acZUG21no3wdTvjxhVE/Xrdz
-zUP9WkvAVfUrwGjUzG4YHE8wkHO7xKbKixNt+nQmDhe+tHVbztZjVwFJ8010gg==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-badsign.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server5-badsign.crt
deleted file mode 100644
index 0c65072..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-badsign.crt
+++ /dev/null
@@ -1,14 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
-2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd
-BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB
-PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh
-clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG
-CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S
-C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V
-fGa5kHvHARBPc8YAIVIqDvHH1A==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der0.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der0.crt
deleted file mode 100644
index 08d8dd3..0000000
Binary files a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der0.crt and /dev/null differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der1a.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der1a.crt
deleted file mode 100644
index 015017b..0000000
Binary files a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der1a.crt and /dev/null differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der1b.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der1b.crt
deleted file mode 100644
index 6340d9e..0000000
Binary files a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der1b.crt and /dev/null differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der2.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der2.crt
deleted file mode 100644
index c6e320a..0000000
Binary files a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der2.crt and /dev/null differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der4.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der4.crt
deleted file mode 100644
index 4af05cc..0000000
Binary files a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der4.crt and /dev/null differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der8.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der8.crt
deleted file mode 100644
index 65be7dc..0000000
Binary files a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der8.crt and /dev/null differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der9.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der9.crt
deleted file mode 100644
index 4947f1f..0000000
Binary files a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-der9.crt and /dev/null differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-selfsigned.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server5-selfsigned.crt
deleted file mode 100644
index cb55647..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-selfsigned.crt
+++ /dev/null
@@ -1,12 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBzTCCAXKgAwIBAgIMU6LLSxJOrYN9qJSyMAoGCCqGSM49BAMCMEcxEzARBgNV
-BAMTCnNlbGZzaWduZWQxEDAOBgNVBAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFy
-U1NMMQswCQYDVQQGEwJOTDAiGA8yMDE0MDYxOTExMzY0M1oYDzIwMjQwNjE4MTEz
-NjQzWjBHMRMwEQYDVQQDEwpzZWxmc2lnbmVkMRAwDgYDVQQLEwd0ZXN0aW5nMREw
-DwYDVQQKEwhQb2xhclNTTDELMAkGA1UEBhMCTkwwWTATBgcqhkjOPQIBBggqhkjO
-PQMBBwNCAAQ3zFbZdgkeWnI+x1kt/yBu7nz5BpF00K0UtfdoIllikk7lANgjEf/q
-L9I0XV0WvYqIwmt3DVXNiioO+gHItO3/o0AwPjAMBgNVHRMBAf8EAjAAMA8GA1Ud
-DwEB/wQFAwMHgAAwHQYDVR0OBBYEFLZtURgXjmWq8uzV8wHkbFLCNB1bMAoGCCqG
-SM49BAMCA0kAMEYCIQCf/bzFoge0pCOIrtHrABgc1+Cl9kjlsICpduXhdHUMOwIh
-AOJ+nBHfaEGyF4PRJvn/jMDeIaH1zisinVzC2v+JQOWq
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-ss-forgeca.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server5-ss-forgeca.crt
deleted file mode 100644
index 2265bf5..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-ss-forgeca.crt
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBlDCCATmgAwIBAgIBTTAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G
-A1UECgwIbWJlZCBUTFMxKDAmBgNVBAMMH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp
-YXRlIENBIDMwHhcNMTUwOTAxMTEwODQzWhcNMjUwODI5MTEwODQzWjBKMQswCQYD
-VQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMxKDAmBgNVBAMMH21iZWQgVExTIFRl
-c3QgaW50ZXJtZWRpYXRlIENBIDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ3
-zFbZdgkeWnI+x1kt/yBu7nz5BpF00K0UtfdoIllikk7lANgjEf/qL9I0XV0WvYqI
-wmt3DVXNiioO+gHItO3/oxAwDjAMBgNVHRMEBTADAQH/MAoGCCqGSM49BAMCA0kA
-MEYCIQDBFcXh+IloVYbMiHfCFhw6cYJsj7PZXuTdDMMkNbyJNAIhALz7fBVAMYz9
-/g48bLdYT47LOc9QNuaboLIxsq5RseJL
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.crt.der b/3rdparty/mbedtls-2.25.0/tests/data_files/server5.crt.der
deleted file mode 100644
index 08d8dd3..0000000
Binary files a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.crt.der and /dev/null differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.eku-cli.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server5.eku-cli.crt
deleted file mode 100644
index 8aa2e44..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.eku-cli.crt
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB5DCCAWmgAwIBAgIBPDAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTQwNDEwMTcyMTIxWhcNMjQwNDA3MTcyMTIxWjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
-2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jYjBgMAkGA1UdEwQCMAAwHQYD
-VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r
-y3i1Gbx+JMnb+zZ8MBMGA1UdJQQMMAoGCCsGAQUFBwMCMAoGCCqGSM49BAMCA2kA
-MGYCMQCzHyEvd56zm1AzfDBi3psz3rDL/m0RN2WnbRBQJxIJqjwEXOrKazko9m9q
-owgau88CMQDuI0fsq5tnyiHPaDSAE21/6hlrCR6deNbwzB94OuPIbx1wIas9D1jc
-//iSmKtbl8Y=
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.eku-cs.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server5.eku-cs.crt
deleted file mode 100644
index db97b40..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.eku-cs.crt
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIBOjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTQwNDEwMTcyMDQxWhcNMjQwNDA3MTcyMDQxWjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
-2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jYjBgMAkGA1UdEwQCMAAwHQYD
-VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r
-y3i1Gbx+JMnb+zZ8MBMGA1UdJQQMMAoGCCsGAQUFBwMDMAoGCCqGSM49BAMCA2gA
-MGUCMQC294oVK6fUjH/abI1xzytTusi8dl7518L0Y19q8zi9K19OtxzPK09h7xyy
-gaJRvpUCMFS6hYhrht38yqwwhSVlnmTMVtira58mEUhL6v7Qzw1sz/Dm4aXkW3s6
-JQV1kqqbRw==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.eku-cs_any.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server5.eku-cs_any.crt
deleted file mode 100644
index 8fa8632..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.eku-cs_any.crt
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB6TCCAW+gAwIBAgIBOzAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTQwNDEwMTcyMDU4WhcNMjQwNDA3MTcyMDU4WjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
-2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jaDBmMAkGA1UdEwQCMAAwHQYD
-VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r
-y3i1Gbx+JMnb+zZ8MBkGA1UdJQQSMBAGCCsGAQUFBwMDBgRVHSUAMAoGCCqGSM49
-BAMCA2gAMGUCMQCSYaq/9IKOTkzIrU/eOtpha/3af3JwT6vKh4N3cSX62ksMz0GT
-Uxmq4UGMBt4VmBkCMBGpYqof6hS1o92ltNRpDSHuVQ+nke1lOsoQ1plZp4SI+bY1
-bUD/WrUSLlwikZAeng==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.eku-srv.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server5.eku-srv.crt
deleted file mode 100644
index 64312f6..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.eku-srv.crt
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB5DCCAWmgAwIBAgIBPjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTQwNDEwMTcyMTU0WhcNMjQwNDA3MTcyMTU0WjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
-2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jYjBgMAkGA1UdEwQCMAAwHQYD
-VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r
-y3i1Gbx+JMnb+zZ8MBMGA1UdJQQMMAoGCCsGAQUFBwMBMAoGCCqGSM49BAMCA2kA
-MGYCMQDQzjWB0xZs/8IsqJb7owYYtCiT17939Uuc/1yBF69pJRy7KV/qJlHNvlVu
-qwWVTx0CMQDNW/0dlX1gU6ashrZv5Ly4sijg/g645fFpfMKCNXysEb9xiBeEj5de
-2x5sX/0OSx4=
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.eku-srv_cli.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server5.eku-srv_cli.crt
deleted file mode 100644
index 9f58fed..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.eku-srv_cli.crt
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB7DCCAXOgAwIBAgIBPTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTQwNDEwMTcyMTQyWhcNMjQwNDA3MTcyMTQyWjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
-2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jbDBqMAkGA1UdEwQCMAAwHQYD
-VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r
-y3i1Gbx+JMnb+zZ8MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAKBggq
-hkjOPQQDAgNnADBkAjAmQjJxxC82ZhBpH/GQkOQXDmaaV/JHRHGok1cWn3j3Xj8A
-fqRZkp8JihpGIMse208CMFCMdNAfNd1tv+oPuynoK5Oh6/YlASX/otJT68voEIAN
-SmsT1m9VPQMIyUo/3RtYjg==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.ku-ds.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server5.ku-ds.crt
deleted file mode 100644
index 58dd071..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.ku-ds.crt
+++ /dev/null
@@ -1,14 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICLTCCAbKgAwIBAgIBLTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTQwNDA5MDg0ODM1WhcNMjQwNDA2MDg0ODM1WjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
-2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgaowgacwCQYDVR0TBAIwADAd
-BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB
-PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh
-clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAsG
-A1UdDwQEAwIHgDAKBggqhkjOPQQDAgNpADBmAjEAzp4DkFMq7eDB0x5FeS9gYDaG
-Ol8rVnWlRTLQzHZBQjKp+TcBdHZaBPoi8LyXtWA4AjEA6OWhsuTcv/qXOscQT0rL
-eEh8wcCQeJK1uNd78lNvx3W0Pcxdb6cd7AhaAKgXL+r4
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.ku-ka.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server5.ku-ka.crt
deleted file mode 100644
index 2447326..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.ku-ka.crt
+++ /dev/null
@@ -1,14 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICKzCCAbKgAwIBAgIBLjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTQwNDA5MDg0ODUwWhcNMjQwNDA2MDg0ODUwWjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
-2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgaowgacwCQYDVR0TBAIwADAd
-BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB
-PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh
-clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAsG
-A1UdDwQEAwIDCDAKBggqhkjOPQQDAgNnADBkAjACzKQ88/NvngMQBFc9rC484+gO
-BRkXP28BqRcj8sBt3EfmEGH23BuhkZuB1OFZuMICMC4/pHgbOQtaY9WZPUROUVVZ
-OuO6XsVbhiE0rb/mumqmUwuOrCtC/KFdvFZol4BNGA==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.ku-ke.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server5.ku-ke.crt
deleted file mode 100644
index 41ae5ad..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.ku-ke.crt
+++ /dev/null
@@ -1,14 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICKzCCAbKgAwIBAgIBLzAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTQwNDA5MDg0OTA0WhcNMjQwNDA2MDg0OTA0WjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
-2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgaowgacwCQYDVR0TBAIwADAd
-BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB
-PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh
-clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAsG
-A1UdDwQEAwIFIDAKBggqhkjOPQQDAgNnADBkAjAMl0Cjv9f45bHeJTul5XpYeJeT
-52ZaOLTa/uTLy948EnEIi6sj3nFb9fvsUbsOOjECMAXAMY64KOqzixefz3y3XS/d
-9miyeArPOmXU2JJ3LGuNbqqj9IbABawB1OD8v8gRmg==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.req.ku.sha1 b/3rdparty/mbedtls-2.25.0/tests/data_files/server5.req.ku.sha1
deleted file mode 100644
index 3281c94..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.req.ku.sha1
+++ /dev/null
@@ -1,8 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBFjCBvAIBADA8MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGjAY
-BgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
-QgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/6i/SNF1d
-Fr2KiMJrdw1VzYoqDvoByLTt/6AeMBwGCSqGSIb3DQEJDjEPMA0wCwYDVR0PBAQD
-AgbAMAsGByqGSM49BAEFAANIADBFAiEAnIKF+xKk0iEuN4MHd4FZWNvrznLQgkeg
-2n8ejjreTzcCIAH34z2TycuMpWQRhpV+YT988pBWR67LAg7REyZnjSAB
------END CERTIFICATE REQUEST-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server6-ss-child.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server6-ss-child.crt
deleted file mode 100644
index 3c6fd4d..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server6-ss-child.crt
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB8jCCAZmgAwIBAgIMU6LLWCI5lHSn7HnsMAoGCCqGSM49BAMCMEcxEzARBgNV
-BAMTCnNlbGZzaWduZWQxEDAOBgNVBAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFy
-U1NMMQswCQYDVQQGEwJOTDAiGA8yMDE0MDYxOTExMzY1NloYDzIwMjQwNjE4MTEz
-NjU2WjBNMRkwFwYDVQQDExBzZWxmc2lnbmVkLWNoaWxkMRAwDgYDVQQLEwd0ZXN0
-aW5nMREwDwYDVQQKEwhQb2xhclNTTDELMAkGA1UEBhMCTkwwWTATBgcqhkjOPQIB
-BggqhkjOPQMBBwNCAASBWTF2SST6Fa2roDFuDu0zEfqRJVXBsMGcA3I+mLotpHI3
-iR9DN40fjjrY8FfoL0/JAKT323MPssYElNFAOzjjo2EwXzAMBgNVHRMBAf8EAjAA
-MA8GA1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFDxZrEo+LvwCNi/afcvLnHqyiZlT
-MB8GA1UdIwQYMBaAFLZtURgXjmWq8uzV8wHkbFLCNB1bMAoGCCqGSM49BAMCA0cA
-MEQCIAMlQ59/NW7S0hP1cu5OTD2zqT087bEmnIfOTBYfj8UFAiBBrrz2dipODVYx
-vvTsQmSCzjrm+JtQQoWa+cdnAG3w5g==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server6.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server6.crt
deleted file mode 100644
index 6df6716..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server6.crt
+++ /dev/null
@@ -1,14 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICIDCCAaWgAwIBAgIBCjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABIFZMXZJJPoVraugMW4O7TMR+pElVcGwwZwDcj6Yui2kcjeJ
-H0M3jR+OOtjwV+gvT8kApPfbcw+yxgSU0UA7OOOjgZ0wgZowCQYDVR0TBAIwADAd
-BgNVHQ4EFgQUfmWPPjMDFOXhvmCy4IV/jOdgK3swbgYDVR0jBGcwZYAUnW0gJEkB
-PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh
-clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG
-CCqGSM49BAMCA2kAMGYCMQCsYTyleBFuI4nizuxo/ie5dxJnD0ynwCnRJ+84PZP4
-AQA3HdUz0qNYs4CZ2am9Gz0CMQDr2TNLFA3C3S3pmgXMT0eKzR1Ca1/Nulf0llQZ
-Xj09kLboxuemP40IIqhQnpYptMg=
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server7-badsign.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server7-badsign.crt
deleted file mode 100644
index 954b53a..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server7-badsign.crt
+++ /dev/null
@@ -1,47 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt
-ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG
-A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw
-WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m
-47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS
-MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud
-IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC
-AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr
-FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr
-8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj
-+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7
-QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm
-yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK
-TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e
-deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM
-0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b
-OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj
-VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp
-a8Si6UK0
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq
-vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR
-wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF
-CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g
-Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q
-AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2
-qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM
-uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA
-kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P
-d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br
-Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg
-updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY
-a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
-NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE
-AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
-CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG
-i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9
-Af5cNR8KhzegznL6amRObGGKmX1F
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server7-expired.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server7-expired.crt
deleted file mode 100644
index a25ce4b..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server7-expired.crt
+++ /dev/null
@@ -1,47 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt
-ZWRpYXRlIENBMB4XDTA3MDYwNTA4MTQwM1oXDTE3MDYwNTA4MTQwM1owNDELMAkG
-A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw
-WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m
-47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS
-MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr
-d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBv
-bGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC
-MAAwDQYJKoZIhvcNAQELBQADggIBAHcG1ysT8yImc0x3Z2O0SOtSYYjCPS1Gc89j
-fWdBSoS5YhPHLgEjHQgDA6XdDNL0eUo3afhucEvSexhqLUABLu89cmi7ST+TsTEb
-/lu8qZUgpa1bcMOk1+whl0JllfcDEq2y0aclkO0/6M6JftNNJ3egq2qVBDEszTtY
-zcYZIr1o04TNp0fAtmPUH6zjpBkNB0DQyKFhgYPJNwTapj6ZDVi1zBK3wwFfZfgK
-s3QvwhWNNbHL4B0sPec/6TiF5dY3SeUM4L8oAGdT7/ELE6E74rFyS/EpjJdVzXDs
-FfQvUDPb6PJuWZbr4mNg/FANeGPa3VENcPz+4fj+Azi1vV3wD4OKT7W0zIkRZ+Wq
-1hLFuwa/JCSHsn1GWFyWd3+qHIoFJUSU3HNxWho+MZqta0Jx/PGvMdOxnJ2az1QX
-TaRwrilvN3KwvjGJ+cvGa7V9x8y9seRHZwfXXOx1ZZ0uEYquZ0jxKpBp/SdhRbA5
-zLmq088npt7tgi+LcrXydorgltBaGZA7P+/OJA2JkbIBBwdSjyfG6T07y4pgQ90h
-CeRqzu4jFcZE7mjpTdEyxAQRJa2dhHkhFB7Muq7ZTi3jlml5LZnlbUdPlR5iTgOU
-yueZsAAEb//A6EU008WmG/K+EY230JxEUzGNf2l1j1H94HcP9OwjY4bn2PJdVzcb
-B8PmaiMB
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq
-vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR
-wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF
-CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g
-Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q
-AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2
-qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM
-uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA
-kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P
-d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br
-Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg
-updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY
-a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
-NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE
-AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
-CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG
-i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9
-Af5cNR8KhzegznL6amRObGGKmX1F
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server7-future.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server7-future.crt
deleted file mode 100644
index eeb596f..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server7-future.crt
+++ /dev/null
@@ -1,47 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt
-ZWRpYXRlIENBMB4XDTI3MDYwNjA4MTQwM1oXDTM3MDYwNjA4MTQwM1owNDELMAkG
-A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw
-WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m
-47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS
-MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr
-d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBv
-bGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC
-MAAwDQYJKoZIhvcNAQELBQADggIBAHF4y9PmCUF1yOlBIUCUAAFMZmXJwOGsMNKI
-u0+At0sbs+W8J06PVyYt4UxL4TyIxHM6SOvKndFdCQxG7NQY0KU+HBdLVUM1iZy0
-Kopg7yHvEAZ0YWPptgCd10C/wmTz0b0R3cxhSb8FZjlBjNB7dJKhRQsh0za+GMx/
-LXunH/t0oP5an4yO3zTog+4+7bDGGEY7SymQJ9Z8t2gdZpn/r60j9IGhL5XI2BS/
-+cU96DMF3cMmFk24vAfduYicKc8KowhUpGCsIP0bl+TY8Vq6kepBA2lnj7/YOkDs
-/f+wIS/Id/hdw9KxRUPX+cQLUt0/C7JktDVudZ5zLt1y0A971R+23ARtJGUBJGSp
-5tkVX8+hK8sT6AVOkcvA51IOBsVxmuoWk/WcjBDdOjyIK2JFdbcJYvR8cpRbL+j8
-HdQEu+LorvGp28m3Q5mBTKZLKgyUeQWrbYDqeub1OvYYkuvZPZWFEDP2VYcS7AXN
-IoUSTcMyhLNuncQl/z0Jbkto59+il6cQ2HIqkubLBk2X8uwMw2tloROlmklweHqR
-ta6aRlLxBMgccJpK7cU5H8TMb6aR9GJGyzQJ2vET3jPBq/uEwbvK8HRVJ7Ld68k6
-ZMCwXGdTeYuDWt0ngAhf+i+GNexJRSLvzRGt18DOrpmj2X3naarNSTfRArm4EINW
-WKW7hd8h
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq
-vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR
-wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF
-CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g
-Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q
-AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2
-qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM
-uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA
-kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P
-d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br
-Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg
-updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY
-a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
-NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE
-AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
-CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG
-i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9
-Af5cNR8KhzegznL6amRObGGKmX1F
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server7.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server7.crt
deleted file mode 100644
index ed087ef..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server7.crt
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt
-ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG
-A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw
-WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m
-47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS
-MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud
-IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC
-AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr
-FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr
-8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj
-+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7
-QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm
-yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK
-TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e
-deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM
-0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b
-OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj
-VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp
-a8Si6UK5
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server7_int-ca-exp.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server7_int-ca-exp.crt
deleted file mode 100644
index fc00517..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server7_int-ca-exp.crt
+++ /dev/null
@@ -1,47 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt
-ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG
-A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw
-WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m
-47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS
-MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud
-IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC
-AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr
-FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr
-8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj
-+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7
-QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm
-yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK
-TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e
-deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM
-0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b
-OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj
-VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp
-a8Si6UK5
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MDcwNjI3MTAzODM3WhcNMTcwNjI3MTAzODM3WjBIMQswCQYDVQQGEwJOTDERMA8G
-A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq
-vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR
-wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF
-CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g
-Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q
-AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2
-qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM
-uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA
-kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P
-d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br
-Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg
-updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY
-a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
-NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE
-AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
-CgYIKoZIzj0EAwIDaAAwZQIxAPu/FDEPvIC/BnzPQDAr1bQakGiwBsE9zGKRgXgX
-Y3Q+XJKhMEKZ8h1m+S5c6taO0gIwNB14zmJ1gJ9X3+tPDfriWrVaNMG54Kr57/Ep
-773Ap7Gxpk168id1EFhvW22YabKs
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server7_int-ca_ca2.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server7_int-ca_ca2.crt
deleted file mode 100644
index c289c0a..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server7_int-ca_ca2.crt
+++ /dev/null
@@ -1,62 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt
-ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG
-A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw
-WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m
-47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS
-MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud
-IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC
-AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr
-FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr
-8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj
-+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7
-QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm
-yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK
-TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e
-deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM
-0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b
-OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj
-VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp
-a8Si6UK5
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq
-vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR
-wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF
-CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g
-Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q
-AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2
-qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM
-uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA
-kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P
-d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br
-Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg
-updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY
-a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
-NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE
-AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
-CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG
-i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9
-Af5cNR8KhzegznL6amRObGGKmX1F
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu
-ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy
-aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g
-JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
-NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE
-AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
-CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56
-t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv
-uCjn8pwUOkABXK8Mss90fzCfCEOtIA==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server7_spurious_int-ca.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server7_spurious_int-ca.crt
deleted file mode 100644
index 632c4fd..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server7_spurious_int-ca.crt
+++ /dev/null
@@ -1,65 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt
-ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG
-A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw
-WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m
-47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS
-MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud
-IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC
-AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr
-FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr
-8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj
-+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7
-QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm
-yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK
-TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e
-deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM
-0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b
-OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj
-VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp
-a8Si6UK5
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl
-WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8
-ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW
-BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV
-D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw
-FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI
-hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6
-yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M
-ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf
-7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M
-CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut
-ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq
-vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR
-wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF
-CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g
-Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q
-AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2
-qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM
-uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA
-kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P
-d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br
-Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg
-updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY
-a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
-NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE
-AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
-CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG
-i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9
-Af5cNR8KhzegznL6amRObGGKmX1F
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server8.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server8.crt
deleted file mode 100644
index b435b2d..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server8.crt
+++ /dev/null
@@ -1,18 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIC6zCCAnKgAwIBAgIBETAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIEVDIENBMB4XDTEzMDkyNDE2MTI1NloXDTIzMDkyMjE2MTI1NlowNDELMAkG
-A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbHH8uC82/ztF1EKCiuM59
-quIF4HrYRGOPtb3AsBm5N7gZSg7xXXSAZ0aHBt5bfwYDvcGNXgcV1Fv03OXPPfnB
-ESyuarmKvR1nZhfqTr3bFZqCh+TweMOjhYew/Z+pmV/jM+zM6gu1YV7xSX4/oy3q
-AQzMQpp2m8TQN9OxFwFhARZZfhwXw1P90XLLTGAV2n3i6q1Q747ii9Rqd1XWcNlr
-u/HuOQQ4o73i0eBma+KcR5npKOa2/C7KZ0OE6NWD1p2YawE+gdw8esr585z31igb
-J3h8w9DVY6eBNImtJWq98urt+lf85TTGwQ9xLdIIEButREHg/nmgY5OKsV3psO5v
-AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU4j/mLfTnuKaM3G0XpxhA
-J2F2Dx0wYwYDVR0jBFwwWoAUD4m9Y0Hry14XKP9oMD3BiNCcWDmhP6Q9MDsxCzAJ
-BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg
-VGVzdCBDQYIBDzAKBggqhkjOPQQDAgNnADBkAjBkP1bGlZvxnYySZjdBq4m8lkyz
-2cjfqjYs8COEkRkONaVz7888HvFdGpL98uQeFvECMHCyCrHprkGzvq/L9kUnx9Bh
-2IHbCzbbi9moYC1XcOxgfsEKmhtVF/uQdf8+3VtGqA==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server8_int-ca2.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server8_int-ca2.crt
deleted file mode 100644
index 7a8da71..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server8_int-ca2.crt
+++ /dev/null
@@ -1,36 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIC6zCCAnKgAwIBAgIBETAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIEVDIENBMB4XDTEzMDkyNDE2MTI1NloXDTIzMDkyMjE2MTI1NlowNDELMAkG
-A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbHH8uC82/ztF1EKCiuM59
-quIF4HrYRGOPtb3AsBm5N7gZSg7xXXSAZ0aHBt5bfwYDvcGNXgcV1Fv03OXPPfnB
-ESyuarmKvR1nZhfqTr3bFZqCh+TweMOjhYew/Z+pmV/jM+zM6gu1YV7xSX4/oy3q
-AQzMQpp2m8TQN9OxFwFhARZZfhwXw1P90XLLTGAV2n3i6q1Q747ii9Rqd1XWcNlr
-u/HuOQQ4o73i0eBma+KcR5npKOa2/C7KZ0OE6NWD1p2YawE+gdw8esr585z31igb
-J3h8w9DVY6eBNImtJWq98urt+lf85TTGwQ9xLdIIEButREHg/nmgY5OKsV3psO5v
-AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU4j/mLfTnuKaM3G0XpxhA
-J2F2Dx0wYwYDVR0jBFwwWoAUD4m9Y0Hry14XKP9oMD3BiNCcWDmhP6Q9MDsxCzAJ
-BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg
-VGVzdCBDQYIBDzAKBggqhkjOPQQDAgNnADBkAjBkP1bGlZvxnYySZjdBq4m8lkyz
-2cjfqjYs8COEkRkONaVz7888HvFdGpL98uQeFvECMHCyCrHprkGzvq/L9kUnx9Bh
-2IHbCzbbi9moYC1XcOxgfsEKmhtVF/uQdf8+3VtGqA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl
-WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8
-ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW
-BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV
-D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw
-FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI
-hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6
-yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M
-ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf
-7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M
-CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut
-ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw=
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server9-bad-mgfhash.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server9-bad-mgfhash.crt
deleted file mode 100644
index 34ef69e..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server9-bad-mgfhash.crt
+++ /dev/null
@@ -1,20 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa
-MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAN4wOzELMAkGA1UEBhMCTkwx
-ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X
-DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP
-BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN
-AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C
-uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI
-i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV
-AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy
-36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ
-BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg
-VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG
-SIb3DQEBCDALBglghkgBZQMEAgSiBAICAN4DggEBAIfliohNjz4CLGbHWgWRBFQ3
-Difn027ZnULTvokT67ii1sJzESzqaIakyyu8GRwfoFRNh/rbGfe4C6e9SkwKbnDg
-WE9SWbK6ukIQbMy69C+CVqFlRUHbONw/dmcneAWyZYGx/2Sf4D5kkpIWNDBeKuaV
-H69XPZCeN3QAACmdAfo4NYW0I69a1OSaUrTyGT1nBOrzQ8Y0aJBnCJAte49bhQEW
-KJv0kMj+8ZG1X0RoSdklf3GqdLUbsfJ2txu14GGAxy4C1gl2JWzoBHN5LMLf0cZ9
-uEYui7N/5bkSv8KXdbGvSzgn6zZ0MiCJMiiGEf0L1FxBiBCVsK4C2idpiZH+e28=
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server9-bad-saltlen.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server9-bad-saltlen.crt
deleted file mode 100644
index f4da883..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server9-bad-saltlen.crt
+++ /dev/null
@@ -1,20 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa
-MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4wOzELMAkGA1UEBhMCTkwx
-ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X
-DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP
-BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN
-AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C
-uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI
-i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV
-AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy
-36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ
-BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg
-VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG
-SIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAE7T54cyUf0ByNr34JaojFam
-hV0T9QSc4wJ17sX67rxYIorXU8MynaneJzFxD9utOD3dq2TON18VswhT2McDgefl
-XMwivCC0nWod8Pk638QaHxbaqC7XSq0QRBfOMXwV7knLNxI8smc9UJaco39VEcGD
-yCkq4By/VCWTpvJ+1hx4zZ8WoXpFJFM5m5y9oEz4lgNv/6Wu7ILztyOk2yJiSR8r
-YooC4zVeUOZuDO6At/NXZuSvmKmr+tfFrFA1AA/7yR5odQbqFVNSJ+u0x1Jv8Ra6
-JXA4cXsnaDaRe+Wm0L0p+2PtQWXE5npXYIbFHAA9EOC3Ab8oaP9M/F6yQMa/2is=
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server9-badsign.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server9-badsign.crt
deleted file mode 100644
index 9e56541..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server9-badsign.crt
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG
-EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg
-Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO
-TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq
-hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g
-HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo
-r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0
-qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ
-wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w
-OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh
-clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR
-vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6
-te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW
-Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj
-88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw
-JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1
-o4Hl/lqjwCFG
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server9-defaults.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server9-defaults.crt
deleted file mode 100644
index 4ce5c87..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server9-defaults.crt
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDBjCCAe6gAwIBAgIBSDANBgkqhkiG9w0BAQowADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTQwNjA1MTU1NjUzWhcNMjQwNjAyMTU1NjUzWjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0B
-AQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2gHqroDsK7
-E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOor+c4mwiL
-Y5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0qQvaQJUC
-AwEAAaOBnzCBnDAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJwdMiY7Lf
-p869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkG
-A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBU
-ZXN0IENBggEAMAsGA1UdDwQEAwIFoDANBgkqhkiG9w0BAQowAAOCAQEAGUdim4uy
-/rBDFMF8qhjH1qsv0o8ON4HgP3YXbdKdIMfd+p5KtoqHQnrkixWxaIvfORnR4mGm
-f8H5BimwIkNLxy7zS88TVDOYel8g7B2yl0nq4biki83NStNBYZJjxKT0ud5O5mGd
-jHdy9vTEc7h8q+SHzRdgpNFXyKY5OQYng1LHco8h1UR8/nmPMuDtocHMnmMXu68a
-69+TtZxx90/V4gJZOoL1iCi8HEsKoJzm/L8ji54OYt7FxgFfE3VmLsXeMaWYO8GS
-BUxh5kqZ25O8hQXK5ywfuVK83Do/SsoClbgx9mboybseGVFIJaxs9e66GFDMoI3B
-09JqWv4DoLNnwg==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server9-with-ca.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/server9-with-ca.crt
deleted file mode 100644
index 0478cff..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/server9-with-ca.crt
+++ /dev/null
@@ -1,99 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG
-EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg
-Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO
-TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq
-hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g
-HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo
-r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0
-qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ
-wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w
-OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh
-clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR
-vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6
-te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW
-Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj
-88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw
-JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1
-o4Hl/lqjwCEG
------END CERTIFICATE-----
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 0 (0x0)
-        Signature Algorithm: sha1WithRSAEncryption
-        Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA
-        Validity
-            Not Before: Feb 12 14:44:00 2011 GMT
-            Not After : Feb 12 14:44:00 2021 GMT
-        Subject: C=NL, O=PolarSSL, CN=PolarSSL Test CA
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (2048 bit)
-                Modulus (2048 bit):
-                    00:c0:df:37:fc:17:bb:e0:96:9d:3f:86:de:96:32:
-                    7d:44:a5:16:a0:cd:21:f1:99:d4:ec:ea:cb:7c:18:
-                    58:08:94:a5:ec:9b:c5:8b:df:1a:1e:99:38:99:87:
-                    1e:7b:c0:8d:39:df:38:5d:70:78:07:d3:9e:d9:93:
-                    e8:b9:72:51:c5:ce:a3:30:52:a9:f2:e7:40:70:14:
-                    cb:44:a2:72:0b:c2:e5:40:f9:3e:e5:a6:0e:b3:f9:
-                    ec:4a:63:c0:b8:29:00:74:9c:57:3b:a8:a5:04:90:
-                    71:f1:bd:83:d9:3f:d6:a5:e2:3c:2a:8f:ef:27:60:
-                    c3:c6:9f:cb:ba:ec:60:7d:b7:e6:84:32:be:4f:fb:
-                    58:26:22:03:5b:d4:b4:d5:fb:f5:e3:96:2e:70:c0:
-                    e4:2e:bd:fc:2e:ee:e2:41:55:c0:34:2e:7d:24:72:
-                    69:cb:47:b1:14:40:83:7d:67:f4:86:f6:31:ab:f1:
-                    79:a4:b2:b5:2e:12:f9:84:17:f0:62:6f:27:3e:13:
-                    58:b1:54:0d:21:9a:73:37:a1:30:cf:6f:92:dc:f6:
-                    e9:fc:ac:db:2e:28:d1:7e:02:4b:23:a0:15:f2:38:
-                    65:64:09:ea:0c:6e:8e:1b:17:a0:71:c8:b3:9b:c9:
-                    ab:e9:c3:f2:cf:87:96:8f:80:02:32:9e:99:58:6f:
-                    a2:d5
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:TRUE
-            X509v3 Subject Key Identifier: 
-                B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF
-            X509v3 Authority Key Identifier: 
-                keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF
-                DirName:/C=NL/O=PolarSSL/CN=PolarSSL Test CA
-                serial:00
-
-    Signature Algorithm: sha1WithRSAEncryption
-        b8:fd:54:d8:00:54:90:8b:25:b0:27:dd:95:cd:a2:f7:84:07:
-        1d:87:89:4a:c4:78:11:d8:07:b5:d7:22:50:8e:48:eb:62:7a:
-        32:89:be:63:47:53:ff:b6:be:f1:2e:8c:54:c0:99:3f:a0:b9:
-        37:23:72:5f:0d:46:59:8f:d8:47:cd:97:4c:9f:07:0c:12:62:
-        09:3a:24:e4:36:d9:e9:2c:da:38:d0:73:75:61:d7:c1:6c:26:
-        8b:9b:e0:d5:dc:67:ed:8c:6b:33:d7:74:22:3c:4c:db:b5:8d:
-        2a:ce:2c:0d:08:59:05:09:05:a6:39:9f:b3:67:1b:e2:83:e5:
-        e1:8f:53:f6:67:93:c7:f9:6f:76:44:58:12:e8:3a:d4:97:e7:
-        e9:c0:3e:a8:7a:72:3d:87:53:1f:e5:2c:84:84:e7:9a:9e:7f:
-        66:d9:1f:9b:f5:13:48:b0:4d:14:d1:de:b2:24:d9:78:7d:f5:
-        35:cc:58:19:d1:d2:99:ef:4d:73:f8:1f:89:d4:5a:d0:52:ce:
-        09:f5:b1:46:51:6a:00:8e:3b:cc:6f:63:01:00:99:ed:9d:a6:
-        08:60:cd:32:18:d0:73:e0:58:71:d9:e5:d2:53:d7:8d:d0:ca:
-        e9:5d:2a:0a:0d:5d:55:ec:21:50:17:16:e6:06:4a:cd:5e:de:
-        f7:e0:e9:54
------BEGIN CERTIFICATE-----
-MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx
-mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny
-50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n
-YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL
-R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu
-KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj
-gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH
-/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV
-BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz
-dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ
-SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H
-DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF
-pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf
-m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ
-7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-v1.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-v1.crt
deleted file mode 100644
index e5a3b1c..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-v1.crt
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDIzCCAgsCDFOito4FQA5VXJOV5TANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD
-ExNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLEwd0ZXN0aW5nMREwDwYDVQQK
-EwhQb2xhclNTTDELMAkGA1UEBhMCTkwwIhgPMjAxNDA2MTkxMDA4MTRaGA8yMDI0
-MDYxODEwMDgxNFowUDEcMBoGA1UEAxMTUG9sYXJTU0wgVGVzdCBDQSB2MTEQMA4G
-A1UECxMHdGVzdGluZzERMA8GA1UEChMIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIB
-IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN83/Be74JadP4beljJ9RKUW
-oM0h8ZnU7OrLfBhYCJSl7JvFi98aHpk4mYcee8CNOd84XXB4B9Oe2ZPouXJRxc6j
-MFKp8udAcBTLRKJyC8LlQPk+5aYOs/nsSmPAuCkAdJxXO6ilBJBx8b2D2T/WpeI8
-Ko/vJ2DDxp/LuuxgfbfmhDK+T/tYJiIDW9S01fv145YucMDkLr38Lu7iQVXANC59
-JHJpy0exFECDfWf0hvYxq/F5pLK1LhL5hBfwYm8nPhNYsVQNIZpzN6Ewz2+S3Pbp
-/KzbLijRfgJLI6AV8jhlZAnqDG6OGxegccizm8mr6cPyz4eWj4ACMp6ZWG+i1QID
-AQABMA0GCSqGSIb3DQEBCwUAA4IBAQBoXC5AlXI5azyOPvmNse2qHhO7BrXOEjH+
-9g5P/VsrVADhsUGv6x0A2oLoWXtOjGDIWWH53BWHkCUCu4T5D5C6+I47rXWl4pAr
-J+h+tQVZo6J0AJxfPse/NnrjsboUSWhunmo/iTrU6S4KJBguIKP6T1DZoD/8EYgU
-x+fXDmvRO+MTesWDiY+p+FHEzsu3b9EBtG9dUiR/zzXi/ktFCfrgstKGSuW6+j7m
-lcduTxsogi6Uc3tWKtn6qpSGR0uBoCz6emFO7Smmy/tIyVA88lH0+3UnxOvu4TAK
-uvjYkOcZqhprDiMfhxBB7pxbfiviEANTbgSfCtZewSNz2RUJ9ocy
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.key b/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.key
deleted file mode 100644
index 1614e22..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.key
+++ /dev/null
@@ -1,30 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,A8A95B05D5B7206B
-
-9Qd9GeArejl1GDVh2lLV1bHt0cPtfbh5h/5zVpAVaFpqtSPMrElp50Rntn9et+JA
-7VOyboR+Iy2t/HU4WvA687k3Bppe9GwKHjHhtl//8xFKwZr3Xb5yO5JUP8AUctQq
-Nb8CLlZyuUC+52REAAthdWgsX+7dJO4yabzUcQ22Tp9JSD0hiL43BlkWYUNK3dAo
-PZlmiptjnzVTjg1MxsBSydZinWOLBV8/JQgxSPo2yD4uEfig28qbvQ2wNIn0pnAb
-GxnSAOazkongEGfvcjIIs+LZN9gXFhxcOh6kc4Q/c99B7QWETwLLkYgZ+z1a9VY9
-gEU7CwCxYCD+h9hY6FPmsK0/lC4O7aeRKpYq00rPPxs6i7phiexg6ax6yTMmArQq
-QmK3TAsJm8V/J5AWpLEV6jAFgRGymGGHnof0DXzVWZidrcZJWTNuGEX90nB3ee2w
-PXJEFWKoD3K3aFcSLdHYr3mLGxP7H9ThQai9VsycxZKS5kwvBKQ//YMrmFfwPk8x
-vTeY4KZMaUrveEel5tWZC94RSMKgxR6cyE1nBXyTQnDOGbfpNNgBKxyKbINWoOJU
-WJZAwlsQn+QzCDwpri7+sV1mS3gBE6UY7aQmnmiiaC2V3Hbphxct/en5QsfDOt1X
-JczSfpRWLlbPznZg8OQh/VgCMA58N5DjOzTIK7sJJ5r+94ZBTCpgAMbF588f0NTR
-KCe4yrxGJR7X02M4nvD4IwOlpsQ8xQxZtOSgXv4LkxvdU9XJJKWZ/XNKJeWztxSe
-Z1vdTc2YfsDBA2SEv33vxHx2g1vqtw8SjDRT2RaQSS0QuSaMJimdOX6mTOCBKk1J
-9Q5mXTrER+/LnK0jEmXsBXWA5bqqVZIyahXSx4VYZ7l7w/PHiUDtDgyRhMMKi4n2
-iQvQcWSQTjrpnlJbca1/DkpRt3YwrvJwdqb8asZU2VrNETh5x0QVefDRLFiVpif/
-tUaeAe/P1F8OkS7OIZDs1SUbv/sD2vMbhNkUoCms3/PvNtdnvgL4F0zhaDpKCmlT
-P8vx49E7v5CyRNmED9zZg4o3wmMqrQO93PtTug3Eu9oVx1zPQM1NVMyBa2+f29DL
-1nuTCeXdo9+ni45xx+jAI4DCwrRdhJ9uzZyC6962H37H6D+5naNvClFR1s6li1Gb
-nqPoiy/OBsEx9CaDGcqQBp5Wme/3XW+6z1ISOx+igwNTVCT14mHdBMbya0eIKft5
-X+GnwtgEMyCYyyWuUct8g4RzErcY9+yW9Om5Hzpx4zOuW4NPZgPDTgK+t2RSL/Yq
-rE1njrgeGYcVeG3f+OftH4s6fPbq7t1A5ZgUscbLMBqr9tK+OqygR4EgKBPsH6Cz
-L6zlv/2RV0qAHvVuDJcIDIgwY5rJtINEm32rhOeFNJwZS5MNIC1czXZx5//ugX7l
-I4sy5nbVhwSjtAk8Xg5dZbdTZ6mIrb7xqH+fdakZor1khG7bC2uIwibD3cSl2XkR
-wN48lslbHnqqagr6Xm1nNOSVl8C/6kbJEsMpLhAezfRtGwvOucoaE+WbeUNolGde
-P/eQiddSf0brnpiLJRh7qZrl9XuqYdpUqnoEdMAfotDOID8OtV7gt8a48ad8VPW2
------END RSA PRIVATE KEY-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.opensslconf b/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.opensslconf
deleted file mode 100644
index 64347de..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.opensslconf
+++ /dev/null
@@ -1,77 +0,0 @@
-[req]
-x509_extensions = v3_ca
-distinguished_name = req_dn
-
-[req_dn]
-countryName = NL
-organizationalUnitName = PolarSSL
-commonName = PolarSSL Test CA
-
-[v3_ca]
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid:always,issuer:always
-basicConstraints = CA:true
-
-[othername_san]
-subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:hw_module_name
-
-[unsupoported_othername_san]
-subjectAltName=otherName:1.2.3.4;UTF8:some other identifier
-
-[dns_alt_names]
-subjectAltName=DNS:example.com, DNS:example.net, DNS:*.example.org
-
-[alt_names]
-DNS.1=example.com
-otherName.1=1.3.6.1.5.5.7.8.4;SEQ:hw_module_name
-DNS.2=example.net
-DNS.3=*.example.org
-
-[multiple_san]
-subjectAltName=@alt_names
-
-[hw_module_name]
-hwtype = OID:1.3.6.1.4.1.17.3
-hwserial = OCT:123456
-
-[v3_any_policy_ca]
-basicConstraints = CA:true
-certificatePolicies = 2.5.29.32.0
-
-[v3_any_policy_qualifier_ca]
-basicConstraints = CA:true
-certificatePolicies = @policy_info
-
-[v3_multi_policy_ca]
-basicConstraints = CA:true
-certificatePolicies = 1.2.3.4,2.5.29.32.0
-
-[v3_unsupported_policy_ca]
-basicConstraints = CA:true
-certificatePolicies = 1.2.3.4
-
-[policy_info]
-policyIdentifier = 2.5.29.32.0
-CPS.1 ="CPS uri string"
-
-[fan_cert]
-extendedKeyUsage = 1.3.6.1.4.1.45605.1
-
-[noext_ca]
-basicConstraints = CA:true
-
-[test_ca]
-database = /dev/null
-
-[crl_ext_idp]
-issuingDistributionPoint=critical, @idpdata
-
-[crl_ext_idp_nc]
-issuingDistributionPoint=@idpdata
-
-[idpdata]
-fullname=URI:http://pki.example.com/
-
-# these IPs are the ascii values for 'abcd' and 'abcd.example.com'
-[tricky_ip_san]
-subjectAltName=IP:97.98.99.100,IP:6162:6364:2e65:7861:6d70:6c65:2e63:6f6d
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.ku-crl.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.ku-crl.crt
deleted file mode 100644
index 4fb4083..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.ku-crl.crt
+++ /dev/null
@@ -1,12 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBzDCCAVOgAwIBAgIJAP6mZLzh0IPSMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTAeFw0xNDA0MDkxMTIzMzhaFw0yNDA0MDYxMTIzMzhaMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu
-ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy
-aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqMdMBswDAYDVR0TBAUwAwEB/zAL
-BgNVHQ8EBAMCAQIwCgYIKoZIzj0EAwIDZwAwZAIwZOCKY0EHXYzI4cQsFnfOrxm1
-ufvNeZ4ZcSZWrkTBazW2OBCuCP9SLznec3SFOUvvAjAKe/qycfxkHivjieCEG1Kt
-m2D4QKSJELUhTHr4zdkeqbzgui0y3iouaoyWsKvetNg=
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.ku-crt.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.ku-crt.crt
deleted file mode 100644
index edacc64..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.ku-crt.crt
+++ /dev/null
@@ -1,12 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBzTCCAVOgAwIBAgIJAODh6PAeD9/vMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTAeFw0xNDA0MDkxMTIzNTRaFw0yNDA0MDYxMTIzNTRaMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu
-ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy
-aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqMdMBswDAYDVR0TBAUwAwEB/zAL
-BgNVHQ8EBAMCAgQwCgYIKoZIzj0EAwIDaAAwZQIwGGlbynd1jU3WkUx6Irhk9Lob
-z2B+1eIO6+eu3En8B3rh8Ipfxo0e0hpfaRFYP1MUAjEAjxxBchRWJAzZ6/47Wg/7
-UoasRINgP5B/uJhTnftS1bqyuWHastb4LW5/YLOvPbMQ
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.ku-crt_crl.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.ku-crt_crl.crt
deleted file mode 100644
index ac74e40..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.ku-crt_crl.crt
+++ /dev/null
@@ -1,12 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBzDCCAVOgAwIBAgIJAPejOupCJS65MAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTAeFw0xNDA0MDkxMTIyMjVaFw0yNDA0MDYxMTIyMjVaMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu
-ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy
-aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqMdMBswDAYDVR0TBAUwAwEB/zAL
-BgNVHQ8EBAMCAQYwCgYIKoZIzj0EAwIDZwAwZAIwMKLVXB4YBQ0Ha4dEvFPcJtau
-TS5Vd4UqG3xQ10YcJogweuqaGHSFgdnEUfoX+4p5AjApMnYXFfUjSmlyfJmTaswO
-gaR5sUnnw33NA9j1ercem3asCYz6a8T0zo8/rR33XVU=
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.ku-ds.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.ku-ds.crt
deleted file mode 100644
index c28e17b..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.ku-ds.crt
+++ /dev/null
@@ -1,12 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBzDCCAVOgAwIBAgIJAPOkPR3wsvm5MAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTAeFw0xNDA0MDkxMTI0MTNaFw0yNDA0MDYxMTI0MTNaMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu
-ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy
-aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqMdMBswDAYDVR0TBAUwAwEB/zAL
-BgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDZwAwZAIwGRCmU/rWNjW13g8ITuq3pMXb
-jgwTFJHVlbMDiFJwUrRvytPV9doJOfzJ8nAQ0cZ1AjAbJ8QAV2e+DmYZpWc/p6Ug
-nQdac59ev+lH+ju6wET3jNDjUthUPrdgqa54+UWQ5r4=
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2_cat-future-invalid.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2_cat-future-invalid.crt
deleted file mode 100644
index b1cfbf0..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2_cat-future-invalid.crt
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICIDCCAaWgAwIBAgIBCjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABIFZMXZJJPoVraugMW4O7TMR+pElVcGwwZwDcj6Yui2kcjeJ
-H0M3jR+OOtjwV+gvT8kApPfbcw+yxgSU0UA7OOOjgZ0wgZowCQYDVR0TBAIwADAd
-BgNVHQ4EFgQUfmWPPjMDFOXhvmCy4IV/jOdgK3swbgYDVR0jBGcwZYAUnW0gJEkB
-PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh
-clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG
-CCqGSM49BAMCA2kAMGYCMQCsYTyleBFuI4nizuxo/ie5dxJnD0ynwCnRJ+84PZP4
-AQA3HdUz0qNYs4CZ2am9Gz0CMQDr2TNLFA3C3S3pmgXMT0eKzR1Ca1/Nulf0llQZ
-Xj09kLboxuemP40IIqhQnpYptMg=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIB+zCCAYCgAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
-DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
-Fw0yMzA5MjIxNTQ5NDlaFw0zMDEyMzEyMzU5NTlaMD4xCzAJBgNVBAYTAk5MMREw
-DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTB2
-MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBuww5XUzM5
-WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiyaY7zQa0p
-w7RfdadHb9UZKVVpmlM7ILRmFmAzHqNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4E
-FgQUnW0gJEkBPyvLeLUZvH4kydv7NnwwHwYDVR0jBBgwFoAUnW0gJEkBPyvLeLUZ
-vH4kydv7NnwwDAYIKoZIzj0EAwIFAANnADBkAjB1ZNdOM7KRJiPo45hP17A1sJSH
-qHFPEJbml6KdNevoVZ1HqvP8AoFGcPJRpQVtzC0CMDa7JEqn0dOss8EmW9pVF/N2
-+XvzNczj89mWMgPhJJlT+MONQx3LFQO+TMSI9hLdkw==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2_cat-future-present.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2_cat-future-present.crt
deleted file mode 100644
index 776e725..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2_cat-future-present.crt
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB+zCCAYCgAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
-DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
-Fw0yMzA5MjIxNTQ5NDlaFw0zMDEyMzEyMzU5NTlaMD4xCzAJBgNVBAYTAk5MMREw
-DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTB2
-MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBuww5XUzM5
-WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiyaY7zQa0p
-w7RfdadHb9UZKVVpmlM7ILRmFmAzHqNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4E
-FgQUnW0gJEkBPyvLeLUZvH4kydv7NnwwHwYDVR0jBBgwFoAUnW0gJEkBPyvLeLUZ
-vH4kydv7NnwwDAYIKoZIzj0EAwIFAANnADBkAjB1ZNdOM7KRJiPo45hP17A1sJSH
-qHFPEJbml6KdNevoVZ1HqvP8AoFGcPJRpQVtzC0CMDa7JEqn0dOss8EmW9pVF/N2
-+XvzNczj89mWMgPhJJlT+MONQx3LFQO+TMSI9hLdkw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu
-ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy
-aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g
-JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
-NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE
-AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
-CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56
-t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv
-uCjn8pwUOkABXK8Mss90fzCfCEOtIA==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2_cat-past-invalid.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2_cat-past-invalid.crt
deleted file mode 100644
index febad74..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2_cat-past-invalid.crt
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB/TCCAYCgAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
-DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
-Fw0wMzA5MjQxNTQ5NDhaFw0xMzA5MjQxNTQ5NDhaMD4xCzAJBgNVBAYTAk5MMREw
-DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTB2
-MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBuww5XUzM5
-WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiyaY7zQa0p
-w7RfdadHb9UZKVVpmlM7ILRmFmAzHqNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4E
-FgQUnW0gJEkBPyvLeLUZvH4kydv7NnwwHwYDVR0jBBgwFoAUnW0gJEkBPyvLeLUZ
-vH4kydv7NnwwDAYIKoZIzj0EAwIFAANpADBmAjEAvQ/49lXXrLYdOIGtTaYWjpZP
-tRBXQiGPMzUvmKBk7gM7bF4iFPsdJikyXHmuwv3RAjEA8vtUX8fAAB3fbh5dEXRm
-l7tz0Sw/RW6AHFtaIauGkhHqeKIaKIi6WSgHu6x97uyg
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICIDCCAaWgAwIBAgIBCjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABIFZMXZJJPoVraugMW4O7TMR+pElVcGwwZwDcj6Yui2kcjeJ
-H0M3jR+OOtjwV+gvT8kApPfbcw+yxgSU0UA7OOOjgZ0wgZowCQYDVR0TBAIwADAd
-BgNVHQ4EFgQUfmWPPjMDFOXhvmCy4IV/jOdgK3swbgYDVR0jBGcwZYAUnW0gJEkB
-PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh
-clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG
-CCqGSM49BAMCA2kAMGYCMQCsYTyleBFuI4nizuxo/ie5dxJnD0ynwCnRJ+84PZP4
-AQA3HdUz0qNYs4CZ2am9Gz0CMQDr2TNLFA3C3S3pmgXMT0eKzR1Ca1/Nulf0llQZ
-Xj09kLboxuemP40IIqhQnpYptMg=
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2_cat-past-present.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2_cat-past-present.crt
deleted file mode 100644
index bc1ba9a..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2_cat-past-present.crt
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB/TCCAYCgAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
-DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
-Fw0wMzA5MjQxNTQ5NDhaFw0xMzA5MjQxNTQ5NDhaMD4xCzAJBgNVBAYTAk5MMREw
-DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTB2
-MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBuww5XUzM5
-WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiyaY7zQa0p
-w7RfdadHb9UZKVVpmlM7ILRmFmAzHqNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4E
-FgQUnW0gJEkBPyvLeLUZvH4kydv7NnwwHwYDVR0jBBgwFoAUnW0gJEkBPyvLeLUZ
-vH4kydv7NnwwDAYIKoZIzj0EAwIFAANpADBmAjEAvQ/49lXXrLYdOIGtTaYWjpZP
-tRBXQiGPMzUvmKBk7gM7bF4iFPsdJikyXHmuwv3RAjEA8vtUX8fAAB3fbh5dEXRm
-l7tz0Sw/RW6AHFtaIauGkhHqeKIaKIi6WSgHu6x97uyg
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu
-ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy
-aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g
-JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
-NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE
-AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
-CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56
-t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv
-uCjn8pwUOkABXK8Mss90fzCfCEOtIA==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2_cat-present-future.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2_cat-present-future.crt
deleted file mode 100644
index d62ed09..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2_cat-present-future.crt
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu
-ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy
-aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g
-JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
-NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE
-AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
-CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56
-t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv
-uCjn8pwUOkABXK8Mss90fzCfCEOtIA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIB+zCCAYCgAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
-DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
-Fw0yMzA5MjIxNTQ5NDlaFw0zMDEyMzEyMzU5NTlaMD4xCzAJBgNVBAYTAk5MMREw
-DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTB2
-MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBuww5XUzM5
-WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiyaY7zQa0p
-w7RfdadHb9UZKVVpmlM7ILRmFmAzHqNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4E
-FgQUnW0gJEkBPyvLeLUZvH4kydv7NnwwHwYDVR0jBBgwFoAUnW0gJEkBPyvLeLUZ
-vH4kydv7NnwwDAYIKoZIzj0EAwIFAANnADBkAjB1ZNdOM7KRJiPo45hP17A1sJSH
-qHFPEJbml6KdNevoVZ1HqvP8AoFGcPJRpQVtzC0CMDa7JEqn0dOss8EmW9pVF/N2
-+XvzNczj89mWMgPhJJlT+MONQx3LFQO+TMSI9hLdkw==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2_cat-present-past.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2_cat-present-past.crt
deleted file mode 100644
index a321d5d..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2_cat-present-past.crt
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu
-ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy
-aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g
-JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
-NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE
-AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
-CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56
-t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv
-uCjn8pwUOkABXK8Mss90fzCfCEOtIA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIB/TCCAYCgAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
-DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
-Fw0wMzA5MjQxNTQ5NDhaFw0xMzA5MjQxNTQ5NDhaMD4xCzAJBgNVBAYTAk5MMREw
-DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTB2
-MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBuww5XUzM5
-WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiyaY7zQa0p
-w7RfdadHb9UZKVVpmlM7ILRmFmAzHqNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4E
-FgQUnW0gJEkBPyvLeLUZvH4kydv7NnwwHwYDVR0jBBgwFoAUnW0gJEkBPyvLeLUZ
-vH4kydv7NnwwDAYIKoZIzj0EAwIFAANpADBmAjEAvQ/49lXXrLYdOIGtTaYWjpZP
-tRBXQiGPMzUvmKBk7gM7bF4iFPsdJikyXHmuwv3RAjEA8vtUX8fAAB3fbh5dEXRm
-l7tz0Sw/RW6AHFtaIauGkhHqeKIaKIi6WSgHu6x97uyg
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca_cat12.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca_cat12.crt
deleted file mode 100644
index 8928144..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca_cat12.crt
+++ /dev/null
@@ -1,35 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G
-A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx
-mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny
-50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n
-YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL
-R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu
-KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj
-UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/
-MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA
-A4IBAQB0ZiNRFdia6kskaPnhrqejIRq8YMEGAf2oIPnyZ78xoyERgc35lHGyMtsL
-hWicNjP4d/hS9As4j5KA2gdNGi5ETA1X7SowWOGsryivSpMSHVy1+HdfWlsYQOzm
-8o+faQNUm8XzPVmttfAVspxeHSxJZ36Oo+QWZ5wZlCIEyjEdLUId+Tm4Bz3B5jRD
-zZa/SaqDokq66N2zpbgKKAl3GU2O++fBqP2dSkdQykmTxhLLWRN8FJqhYATyQntZ
-0QSi3W9HfSZPnFTcPIXeoiPd2pLlxt1hZu8dws2LTXE63uP6MM4LHvWxiuJaWkP/
-mtxyUALj2pQxRitopORFQdn7AOY5
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu
-ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy
-aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g
-JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
-NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE
-AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
-CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56
-t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv
-uCjn8pwUOkABXK8Mss90fzCfCEOtIA==
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca_cat21.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca_cat21.crt
deleted file mode 100644
index 7234863..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca_cat21.crt
+++ /dev/null
@@ -1,35 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu
-ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy
-aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g
-JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
-NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE
-AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
-CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56
-t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv
-uCjn8pwUOkABXK8Mss90fzCfCEOtIA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G
-A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx
-mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny
-50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n
-YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL
-R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu
-KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj
-UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/
-MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA
-A4IBAQB0ZiNRFdia6kskaPnhrqejIRq8YMEGAf2oIPnyZ78xoyERgc35lHGyMtsL
-hWicNjP4d/hS9As4j5KA2gdNGi5ETA1X7SowWOGsryivSpMSHVy1+HdfWlsYQOzm
-8o+faQNUm8XzPVmttfAVspxeHSxJZ36Oo+QWZ5wZlCIEyjEdLUId+Tm4Bz3B5jRD
-zZa/SaqDokq66N2zpbgKKAl3GU2O++fBqP2dSkdQykmTxhLLWRN8FJqhYATyQntZ
-0QSi3W9HfSZPnFTcPIXeoiPd2pLlxt1hZu8dws2LTXE63uP6MM4LHvWxiuJaWkP/
-mtxyUALj2pQxRitopORFQdn7AOY5
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca-exp.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca-exp.crt
deleted file mode 100644
index c549654..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca-exp.crt
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MDcwNjI3MTAzODM3WhcNMTcwNjI3MTAzODM3WjBIMQswCQYDVQQGEwJOTDERMA8G
-A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq
-vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR
-wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF
-CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g
-Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q
-AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2
-qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM
-uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA
-kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P
-d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br
-Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg
-updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY
-a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
-NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE
-AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
-CgYIKoZIzj0EAwIDaAAwZQIxAPu/FDEPvIC/BnzPQDAr1bQakGiwBsE9zGKRgXgX
-Y3Q+XJKhMEKZ8h1m+S5c6taO0gIwNB14zmJ1gJ9X3+tPDfriWrVaNMG54Kr57/Ep
-773Ap7Gxpk168id1EFhvW22YabKs
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca.crt
deleted file mode 100644
index cbe99e0..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca.crt
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq
-vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR
-wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF
-CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g
-Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q
-AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2
-qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM
-uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA
-kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P
-d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br
-Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg
-updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY
-a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
-NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE
-AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
-CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG
-i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9
-Af5cNR8KhzegznL6amRObGGKmX1F
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca2.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca2.crt
deleted file mode 100644
index 9ce44c2..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca2.crt
+++ /dev/null
@@ -1,18 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl
-WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8
-ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW
-BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV
-D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw
-FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI
-hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6
-yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M
-ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf
-7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M
-CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut
-ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw=
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca3-badsign.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca3-badsign.crt
deleted file mode 100644
index 2087056..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca3-badsign.crt
+++ /dev/null
@@ -1,12 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG
-A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU
-ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
-732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9
-2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo
-ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt
-Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt
-pz590JvGWf0=
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca3.crt b/3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca3.crt
deleted file mode 100644
index 7e724b2..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca3.crt
+++ /dev/null
@@ -1,12 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
-YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG
-A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU
-ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
-732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9
-2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo
-ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt
-Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt
-pz590JvGWfM=
------END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/git-scripts/README.md b/3rdparty/mbedtls-2.25.0/tests/git-scripts/README.md
deleted file mode 100644
index 29d7501..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/git-scripts/README.md
+++ /dev/null
@@ -1,16 +0,0 @@
-README for git hooks script
-===========================
-git has a way to run scripts, which are invoked by specific git commands.
-The git hooks are located in `<mbed TLS root>/.git/hooks`, and as such are not under version control
-for more information, see the [git documentation](https://git-scm.com/docs/githooks).
-
-The mbed TLS git hooks are located in `<mbed TLS root>/tests/git-scripts` directory, and one must create a soft link from `<mbed TLS root>/.git/hooks` to `<mbed TLS root>/tesst/git-scripts`, in order to make the hook scripts successfully work.
-
-Example:
-
-Execute the following command to create a link on linux from the mbed TLS `.git/hooks` directory:  
-`ln -s ../../tests/git-scripts/pre-push.sh pre-push`
-
-**Note: Currently the mbed TLS git hooks work only on a GNU platform. If using a non-GNU platform, don't enable these hooks!**
-
-These scripts can also be used independently.
diff --git a/3rdparty/mbedtls-2.25.0/tests/git-scripts/pre-commit.sh b/3rdparty/mbedtls-2.25.0/tests/git-scripts/pre-commit.sh
deleted file mode 100644
index fb28dad..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/git-scripts/pre-commit.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/bin/sh
-
-# pre-commit.sh
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Purpose
-#
-# This script does quick sanity checks before commiting:
-#   - check that generated files are up-to-date.
-#
-# It is meant to be called as a git pre-commit hook, see README.md.
-#
-# From the git sample pre-commit hook:
-#   Called by "git commit" with no arguments.  The hook should
-#   exit with non-zero status after issuing an appropriate message if
-#   it wants to stop the commit.
-
-set -eu
-
-tests/scripts/check-generated-files.sh
diff --git a/3rdparty/mbedtls-2.25.0/tests/git-scripts/pre-push.sh b/3rdparty/mbedtls-2.25.0/tests/git-scripts/pre-push.sh
deleted file mode 100644
index ce43467..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/git-scripts/pre-push.sh
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/bin/sh
-# pre-push.sh
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Purpose
-#
-# Called by "git push" after it has checked the remote status, but before anything has been
-# pushed.  If this script exits with a non-zero status nothing will be pushed.
-# This script can also be used independently, not using git.
-#
-# This hook is called with the following parameters:
-#
-# $1 -- Name of the remote to which the push is being done
-# $2 -- URL to which the push is being done
-#
-# If pushing without using a named remote those arguments will be equal.
-#
-# Information about the commits which are being pushed is supplied as lines to
-# the standard input in the form:
-#
-#   <local ref> <local sha1> <remote ref> <remote sha1>
-#
-
-REMOTE="$1"
-URL="$2"
-
-echo "REMOTE is $REMOTE"
-echo "URL is $URL"
-
-set -eu
-
-tests/scripts/all.sh -q -k 'check_*'
diff --git a/3rdparty/mbedtls-2.25.0/tests/include/test/drivers/cipher.h b/3rdparty/mbedtls-2.25.0/tests/include/test/drivers/cipher.h
deleted file mode 100644
index ef787f7..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/include/test/drivers/cipher.h
+++ /dev/null
@@ -1,180 +0,0 @@
-/*
- * Test driver for cipher functions
- */
-/*  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_TEST_DRIVERS_CIPHER_H
-#define PSA_CRYPTO_TEST_DRIVERS_CIPHER_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-#include <psa/crypto_driver_common.h>
-
-#include "mbedtls/cipher.h"
-typedef struct {
-    psa_algorithm_t alg;
-    unsigned int key_set : 1;
-    unsigned int iv_required : 1;
-    unsigned int iv_set : 1;
-    uint8_t iv_size;
-    uint8_t block_size;
-    mbedtls_cipher_context_t cipher;
-} test_transparent_cipher_operation_t;
-
-typedef struct{
-    unsigned int initialised : 1;
-    test_transparent_cipher_operation_t ctx;
-} test_opaque_cipher_operation_t;
-
-typedef struct {
-    /* If non-null, on success, copy this to the output. */
-    void *forced_output;
-    size_t forced_output_length;
-    /* If not PSA_SUCCESS, return this error code instead of processing the
-     * function call. */
-    psa_status_t forced_status;
-    /* Count the amount of times one of the cipher driver functions is called. */
-    unsigned long hits;
-} test_driver_cipher_hooks_t;
-
-#define TEST_DRIVER_CIPHER_INIT { NULL, 0, PSA_SUCCESS, 0 }
-static inline test_driver_cipher_hooks_t test_driver_cipher_hooks_init( void )
-{
-    const test_driver_cipher_hooks_t v = TEST_DRIVER_CIPHER_INIT;
-    return( v );
-}
-
-extern test_driver_cipher_hooks_t test_driver_cipher_hooks;
-
-psa_status_t test_transparent_cipher_encrypt(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg,
-    const uint8_t *input, size_t input_length,
-    uint8_t *output, size_t output_size, size_t *output_length);
-
-psa_status_t test_transparent_cipher_decrypt(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg,
-    const uint8_t *input, size_t input_length,
-    uint8_t *output, size_t output_size, size_t *output_length);
-
-psa_status_t test_transparent_cipher_encrypt_setup(
-    test_transparent_cipher_operation_t *operation,
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg);
-
-psa_status_t test_transparent_cipher_decrypt_setup(
-    test_transparent_cipher_operation_t *operation,
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg);
-
-psa_status_t test_transparent_cipher_abort(
-    test_transparent_cipher_operation_t *operation);
-
-psa_status_t test_transparent_cipher_generate_iv(
-    test_transparent_cipher_operation_t *operation,
-    uint8_t *iv,
-    size_t iv_size,
-    size_t *iv_length);
-
-psa_status_t test_transparent_cipher_set_iv(
-    test_transparent_cipher_operation_t *operation,
-    const uint8_t *iv,
-    size_t iv_length);
-
-psa_status_t test_transparent_cipher_update(
-    test_transparent_cipher_operation_t *operation,
-    const uint8_t *input,
-    size_t input_length,
-    uint8_t *output,
-    size_t output_size,
-    size_t *output_length);
-
-psa_status_t test_transparent_cipher_finish(
-    test_transparent_cipher_operation_t *operation,
-    uint8_t *output,
-    size_t output_size,
-    size_t *output_length);
-
-/*
- * opaque versions
- */
-psa_status_t test_opaque_cipher_encrypt(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg,
-    const uint8_t *input, size_t input_length,
-    uint8_t *output, size_t output_size, size_t *output_length);
-
-psa_status_t test_opaque_cipher_decrypt(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg,
-    const uint8_t *input, size_t input_length,
-    uint8_t *output, size_t output_size, size_t *output_length);
-
-psa_status_t test_opaque_cipher_encrypt_setup(
-    test_opaque_cipher_operation_t *operation,
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg);
-
-psa_status_t test_opaque_cipher_decrypt_setup(
-    test_opaque_cipher_operation_t *operation,
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg);
-
-psa_status_t test_opaque_cipher_abort(
-    test_opaque_cipher_operation_t *operation);
-
-psa_status_t test_opaque_cipher_generate_iv(
-    test_opaque_cipher_operation_t *operation,
-    uint8_t *iv,
-    size_t iv_size,
-    size_t *iv_length);
-
-psa_status_t test_opaque_cipher_set_iv(
-    test_opaque_cipher_operation_t *operation,
-    const uint8_t *iv,
-    size_t iv_length);
-
-psa_status_t test_opaque_cipher_update(
-    test_opaque_cipher_operation_t *operation,
-    const uint8_t *input,
-    size_t input_length,
-    uint8_t *output,
-    size_t output_size,
-    size_t *output_length);
-
-psa_status_t test_opaque_cipher_finish(
-    test_opaque_cipher_operation_t *operation,
-    uint8_t *output,
-    size_t output_size,
-    size_t *output_length);
-
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-#endif /* PSA_CRYPTO_TEST_DRIVERS_CIPHER_H */
diff --git a/3rdparty/mbedtls-2.25.0/tests/include/test/drivers/key_management.h b/3rdparty/mbedtls-2.25.0/tests/include/test/drivers/key_management.h
deleted file mode 100644
index 90f8c58..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/include/test/drivers/key_management.h
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * Test driver for generating and verifying keys.
- */
-/*  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H
-#define PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-#include <psa/crypto_driver_common.h>
-
-typedef struct {
-    /* If non-null, on success, copy this to the output. */
-    void *forced_output;
-    size_t forced_output_length;
-    /* If not PSA_SUCCESS, return this error code instead of processing the
-     * function call. */
-    psa_status_t forced_status;
-    /* Count the amount of times one of the key management driver functions
-     * is called. */
-    unsigned long hits;
-} test_driver_key_management_hooks_t;
-
-#define TEST_DRIVER_KEY_MANAGEMENT_INIT { NULL, 0, PSA_ERROR_NOT_SUPPORTED, 0 }
-static inline test_driver_key_management_hooks_t test_driver_key_management_hooks_init( void )
-{
-    const test_driver_key_management_hooks_t v = TEST_DRIVER_KEY_MANAGEMENT_INIT;
-    return( v );
-}
-
-extern test_driver_key_management_hooks_t test_driver_key_management_hooks;
-
-psa_status_t test_transparent_generate_key(
-    const psa_key_attributes_t *attributes,
-    uint8_t *key, size_t key_size, size_t *key_length );
-
-psa_status_t test_opaque_generate_key(
-    const psa_key_attributes_t *attributes,
-    uint8_t *key, size_t key_size, size_t *key_length );
-
-psa_status_t test_transparent_validate_key(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *data,
-    size_t data_length,
-    size_t *bits);
-
-psa_status_t test_transparent_export_public_key(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    uint8_t *data, size_t data_size, size_t *data_length );
-
-psa_status_t test_opaque_export_public_key(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    uint8_t *data, size_t data_size, size_t *data_length );
-
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-#endif /* PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H */
diff --git a/3rdparty/mbedtls-2.25.0/tests/include/test/drivers/signature.h b/3rdparty/mbedtls-2.25.0/tests/include/test/drivers/signature.h
deleted file mode 100644
index 8abcb11..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/include/test/drivers/signature.h
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * Test driver for signature functions.
- */
-/*  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H
-#define PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-#include <psa/crypto_driver_common.h>
-
-typedef struct {
-    /* If non-null, on success, copy this to the output. */
-    void *forced_output;
-    size_t forced_output_length;
-    /* If not PSA_SUCCESS, return this error code instead of processing the
-     * function call. */
-    psa_status_t forced_status;
-    /* Count the amount of times one of the signature driver functions is called. */
-    unsigned long hits;
-} test_driver_signature_hooks_t;
-
-#define TEST_DRIVER_SIGNATURE_INIT { NULL, 0, PSA_ERROR_NOT_SUPPORTED, 0 }
-static inline test_driver_signature_hooks_t test_driver_signature_hooks_init( void )
-{
-    const test_driver_signature_hooks_t v = TEST_DRIVER_SIGNATURE_INIT;
-    return( v );
-}
-
-extern test_driver_signature_hooks_t test_driver_signature_sign_hooks;
-extern test_driver_signature_hooks_t test_driver_signature_verify_hooks;
-
-psa_status_t test_transparent_signature_sign_hash(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg,
-    const uint8_t *hash, size_t hash_length,
-    uint8_t *signature, size_t signature_size, size_t *signature_length );
-
-psa_status_t test_opaque_signature_sign_hash(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg,
-    const uint8_t *hash, size_t hash_length,
-    uint8_t *signature, size_t signature_size, size_t *signature_length );
-
-psa_status_t test_transparent_signature_verify_hash(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg,
-    const uint8_t *hash, size_t hash_length,
-    const uint8_t *signature, size_t signature_length );
-
-psa_status_t test_opaque_signature_verify_hash(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg,
-    const uint8_t *hash, size_t hash_length,
-    const uint8_t *signature, size_t signature_length );
-
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-#endif /* PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H */
diff --git a/3rdparty/mbedtls-2.25.0/tests/include/test/drivers/size.h b/3rdparty/mbedtls-2.25.0/tests/include/test/drivers/size.h
deleted file mode 100644
index 4bfe986..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/include/test/drivers/size.h
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
- * Test driver for context size functions
- */
-/*  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_TEST_DRIVERS_SIZE_H
-#define PSA_CRYPTO_TEST_DRIVERS_SIZE_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-#include <psa/crypto_driver_common.h>
-
-typedef struct {
-    unsigned int context;
-} test_driver_key_context_t;
-
-/** \def TEST_DRIVER_KEY_CONTEXT_BASE_SIZE
- *
- * This macro returns the base size for the key context. It is the size of the
- * driver specific information stored in each key context.
- */
-#define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE          sizeof( test_driver_key_context_t )
-
-/** \def TEST_DRIVER_KEY_CONTEXT_KEY_PAIR_SIZE
- *
- * Number of bytes included in every key context for a key pair.
- *
- * This pair size is for an ECC 256-bit private/public key pair.
- * Based on this value, the size of the private key can be derived by
- * subtracting the public key size below from this one.
- */
-
-#define TEST_DRIVER_KEY_CONTEXT_KEY_PAIR_SIZE      65
-
-/** \def TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE
- *
- * Number of bytes included in every key context for a public key.
- *
- * For ECC public keys, it needs 257 bits so 33 bytes.
- */
-#define TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE    33
-
-/** \def TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR
- *
- * Every key context for a symmetric key includes this many times the key size.
- */
-#define TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR   0
-
-/** \def TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY
- *
- * If this is true for a key pair, the key context includes space for the public key.
- * If this is false, no additional space is added for the public key.
- *
- * For this instance, store the public key with the private one.
- */
-#define TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY   1
-
-/** \def TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION
- *
- * If TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION is defined, the test driver
- * provides a size_function entry point, otherwise, it does not.
- *
- * Some opaque drivers have the need to support a custom size for the storage
- * of key and context information. The size_function provides the ability to
- * provide that customization.
- */
-//#define TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION
-
-#ifdef TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION
-size_t test_size_function(
-    const psa_key_type_t key_type,
-    const size_t key_bits );
-#endif /* TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */
-
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-#endif /* PSA_CRYPTO_TEST_DRIVERS_SIZE_H */
diff --git a/3rdparty/mbedtls-2.25.0/tests/include/test/drivers/test_driver.h b/3rdparty/mbedtls-2.25.0/tests/include/test/drivers/test_driver.h
deleted file mode 100644
index f26b795..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/include/test/drivers/test_driver.h
+++ /dev/null
@@ -1,30 +0,0 @@
-/*
- * Umbrella include for all of the test driver functionality
- */
-/*  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_TEST_DRIVER_H
-#define PSA_CRYPTO_TEST_DRIVER_H
-
-#define PSA_CRYPTO_TEST_DRIVER_LIFETIME 0x7fffff
-
-#include "test/drivers/signature.h"
-#include "test/drivers/key_management.h"
-#include "test/drivers/cipher.h"
-#include "test/drivers/size.h"
-
-#endif /* PSA_CRYPTO_TEST_DRIVER_H */
diff --git a/3rdparty/mbedtls-2.25.0/tests/include/test/helpers.h b/3rdparty/mbedtls-2.25.0/tests/include/test/helpers.h
deleted file mode 100644
index 2c7b179..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/include/test/helpers.h
+++ /dev/null
@@ -1,193 +0,0 @@
-/**
- * \file helpers.h
- *
- * \brief   This file contains the prototypes of helper functions for the
- *          purpose of testing.
- */
-
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef TEST_HELPERS_H
-#define TEST_HELPERS_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_fprintf    fprintf
-#define mbedtls_snprintf   snprintf
-#define mbedtls_calloc     calloc
-#define mbedtls_free       free
-#define mbedtls_exit       exit
-#define mbedtls_time       time
-#define mbedtls_time_t     time_t
-#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
-#endif
-
-#include <stddef.h>
-#include <stdint.h>
-
-int mbedtls_test_platform_setup( void );
-void mbedtls_test_platform_teardown( void );
-
-/**
- * \brief          This function decodes the hexadecimal representation of
- *                 data.
- *
- * \note           The output buffer can be the same as the input buffer. For
- *                 any other overlapping of the input and output buffers, the
- *                 behavior is undefined.
- *
- * \param obuf     Output buffer.
- * \param obufmax  Size in number of bytes of \p obuf.
- * \param ibuf     Input buffer.
- * \param len      The number of unsigned char written in \p obuf. This must
- *                 not be \c NULL.
- *
- * \return         \c 0 on success.
- * \return         \c -1 if the output buffer is too small or the input string
- *                 is not a valid hexadecimal representation.
- */
-int mbedtls_test_unhexify( unsigned char *obuf, size_t obufmax,
-                           const char *ibuf, size_t *len );
-
-void mbedtls_test_hexify( unsigned char *obuf,
-                          const unsigned char *ibuf,
-                          int len );
-
-/**
- * Allocate and zeroize a buffer.
- *
- * If the size if zero, a pointer to a zeroized 1-byte buffer is returned.
- *
- * For convenience, dies if allocation fails.
- */
-unsigned char *mbedtls_test_zero_alloc( size_t len );
-
-/**
- * Allocate and fill a buffer from hex data.
- *
- * The buffer is sized exactly as needed. This allows to detect buffer
- * overruns (including overreads) when running the test suite under valgrind.
- *
- * If the size if zero, a pointer to a zeroized 1-byte buffer is returned.
- *
- * For convenience, dies if allocation fails.
- */
-unsigned char *mbedtls_test_unhexify_alloc( const char *ibuf, size_t *olen );
-
-int mbedtls_test_hexcmp( uint8_t * a, uint8_t * b,
-                         uint32_t a_len, uint32_t b_len );
-
-#if defined(MBEDTLS_CHECK_PARAMS)
-
-typedef struct
-{
-    const char *failure_condition;
-    const char *file;
-    int line;
-}
-mbedtls_test_param_failed_location_record_t;
-
-/**
- * \brief   Get the location record of the last call to
- *          mbedtls_test_param_failed().
- *
- * \note    The call expectation is set up and active until the next call to
- *          mbedtls_test_param_failed_check_expected_call() or
- *          mbedtls_param_failed() that cancels it.
- */
-void mbedtls_test_param_failed_get_location_record(
-         mbedtls_test_param_failed_location_record_t *location_record );
-
-/**
- * \brief   State that a call to mbedtls_param_failed() is expected.
- *
- * \note    The call expectation is set up and active until the next call to
- *          mbedtls_test_param_failed_check_expected_call() or
- *          mbedtls_param_failed that cancel it.
- */
-void mbedtls_test_param_failed_expect_call( void );
-
-/**
- * \brief   Check whether mbedtls_param_failed() has been called as expected.
- *
- * \note    Check whether mbedtls_param_failed() has been called between the
- *          last call to mbedtls_test_param_failed_expect_call() and the call
- *          to this function.
- *
- * \return  \c 0 Since the last call to mbedtls_param_failed_expect_call(),
- *               mbedtls_param_failed() has been called.
- *          \c -1 Otherwise.
- */
-int mbedtls_test_param_failed_check_expected_call( void );
-
-/**
- * \brief   Get the address of the object of type jmp_buf holding the execution
- *          state information used by mbedtls_param_failed() to do a long jump.
- *
- * \note    If a call to mbedtls_param_failed() is not expected in the sense
- *          that there is no call to mbedtls_test_param_failed_expect_call()
- *          preceding it, then mbedtls_param_failed() will try to restore the
- *          execution to the state stored in the jmp_buf object whose address
- *          is returned by the present function.
- *
- * \note    This function is intended to provide the parameter of the
- *          setjmp() function to set-up where mbedtls_param_failed() should
- *          long-jump if it has to. It is foreseen to be used as:
- *
- *          setjmp( mbedtls_test_param_failed_get_state_buf() ).
- *
- * \note    The type of the returned value is not jmp_buf as jmp_buf is an
- *          an array type (C specification) and a function cannot return an
- *          array type.
- *
- * \note    The type of the returned value is not jmp_buf* as then the return
- *          value couldn't be used by setjmp(), as its parameter's type is
- *          jmp_buf.
- *
- * \return  Address of the object of type jmp_buf holding the execution state
- *          information used by mbedtls_param_failed() to do a long jump.
- */
-void* mbedtls_test_param_failed_get_state_buf( void );
-
-/**
- * \brief   Reset the execution state used by mbedtls_param_failed() to do a
- *          long jump.
- *
- * \note    If a call to mbedtls_param_failed() is not expected in the sense
- *          that there is no call to mbedtls_test_param_failed_expect_call()
- *          preceding it, then mbedtls_param_failed() will try to restore the
- *          execution state that this function reset.
- *
- * \note    It is recommended to reset the execution state when the state
- *          is not relevant anymore. That way an unexpected call to
- *          mbedtls_param_failed() will not trigger a long jump with
- *          undefined behavior but rather a long jump that will rather fault.
- */
-void mbedtls_test_param_failed_reset_state( void );
-#endif /* MBEDTLS_CHECK_PARAMS */
-
-#endif /* TEST_HELPERS_H */
diff --git a/3rdparty/mbedtls-2.25.0/tests/include/test/macros.h b/3rdparty/mbedtls-2.25.0/tests/include/test/macros.h
deleted file mode 100644
index f404780..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/include/test/macros.h
+++ /dev/null
@@ -1,136 +0,0 @@
-/**
- * \file macros.h
- *
- * \brief   This file contains generic macros for the purpose of testing.
- */
-
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef TEST_MACROS_H
-#define TEST_MACROS_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stdlib.h>
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_fprintf    fprintf
-#define mbedtls_snprintf   snprintf
-#define mbedtls_calloc     calloc
-#define mbedtls_free       free
-#define mbedtls_exit       exit
-#define mbedtls_time       time
-#define mbedtls_time_t     time_t
-#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
-#endif
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-#include "mbedtls/memory_buffer_alloc.h"
-#endif
-
-#define TEST_HELPER_ASSERT(a) if( !( a ) )                          \
-{                                                                   \
-    mbedtls_fprintf( stderr, "Assertion Failed at %s:%d - %s\n",    \
-                             __FILE__, __LINE__, #a );              \
-    mbedtls_exit( 1 );                                              \
-}
-
-#if defined(__GNUC__)
-/* Test if arg and &(arg)[0] have the same type. This is true if arg is
- * an array but not if it's a pointer. */
-#define IS_ARRAY_NOT_POINTER( arg )                                     \
-    ( ! __builtin_types_compatible_p( __typeof__( arg ),                \
-                                      __typeof__( &( arg )[0] ) ) )
-#else
-/* On platforms where we don't know how to implement this check,
- * omit it. Oh well, a non-portable check is better than nothing. */
-#define IS_ARRAY_NOT_POINTER( arg ) 1
-#endif
-
-/* A compile-time constant with the value 0. If `const_expr` is not a
- * compile-time constant with a nonzero value, cause a compile-time error. */
-#define STATIC_ASSERT_EXPR( const_expr )                                \
-    ( 0 && sizeof( struct { unsigned int STATIC_ASSERT : 1 - 2 * ! ( const_expr ); } ) )
-/* Return the scalar value `value` (possibly promoted). This is a compile-time
- * constant if `value` is. `condition` must be a compile-time constant.
- * If `condition` is false, arrange to cause a compile-time error. */
-#define STATIC_ASSERT_THEN_RETURN( condition, value )   \
-    ( STATIC_ASSERT_EXPR( condition ) ? 0 : ( value ) )
-
-#define ARRAY_LENGTH_UNSAFE( array )            \
-    ( sizeof( array ) / sizeof( *( array ) ) )
-/** Return the number of elements of a static or stack array.
- *
- * \param array         A value of array (not pointer) type.
- *
- * \return The number of elements of the array.
- */
-#define ARRAY_LENGTH( array )                                           \
-    ( STATIC_ASSERT_THEN_RETURN( IS_ARRAY_NOT_POINTER( array ),         \
-                                 ARRAY_LENGTH_UNSAFE( array ) ) )
-
-/** Return the smaller of two values.
- *
- * \param x         An integer-valued expression without side effects.
- * \param y         An integer-valued expression without side effects.
- *
- * \return The smaller of \p x and \p y.
- */
-#define MIN( x, y ) ( ( x ) < ( y ) ? ( x ) : ( y ) )
-
-/** Return the larger of two values.
- *
- * \param x         An integer-valued expression without side effects.
- * \param y         An integer-valued expression without side effects.
- *
- * \return The larger of \p x and \p y.
- */
-#define MAX( x, y ) ( ( x ) > ( y ) ? ( x ) : ( y ) )
-
-/*
- * 32-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i)                            \
-{                                                       \
-    (n) = ( (uint32_t) (b)[(i)    ] << 24 )             \
-        | ( (uint32_t) (b)[(i) + 1] << 16 )             \
-        | ( (uint32_t) (b)[(i) + 2] <<  8 )             \
-        | ( (uint32_t) (b)[(i) + 3]       );            \
-}
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i)                            \
-{                                                       \
-    (b)[(i)    ] = (unsigned char) ( (n) >> 24 );       \
-    (b)[(i) + 1] = (unsigned char) ( (n) >> 16 );       \
-    (b)[(i) + 2] = (unsigned char) ( (n) >>  8 );       \
-    (b)[(i) + 3] = (unsigned char) ( (n)       );       \
-}
-#endif
-
-#endif /* TEST_MACROS_H */
diff --git a/3rdparty/mbedtls-2.25.0/tests/include/test/psa_crypto_helpers.h b/3rdparty/mbedtls-2.25.0/tests/include/test/psa_crypto_helpers.h
deleted file mode 100644
index 01b0547..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/include/test/psa_crypto_helpers.h
+++ /dev/null
@@ -1,134 +0,0 @@
-/*
- * Helper functions for tests that use the PSA Crypto API.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_HELPERS_H
-#define PSA_CRYPTO_HELPERS_H
-
-#include "test/psa_helpers.h"
-
-#include <psa/crypto.h>
-#include <psa_crypto_slot_management.h>
-
-static int test_helper_is_psa_pristine( int line, const char *file )
-{
-    mbedtls_psa_stats_t stats;
-    const char *msg = NULL;
-
-    mbedtls_psa_get_stats( &stats );
-
-    if( stats.volatile_slots != 0 )
-        msg = "A volatile slot has not been closed properly.";
-    else if( stats.persistent_slots != 0 )
-        msg = "A persistent slot has not been closed properly.";
-    else if( stats.external_slots != 0 )
-        msg = "An external slot has not been closed properly.";
-    else if( stats.half_filled_slots != 0 )
-        msg = "A half-filled slot has not been cleared properly.";
-    else if( stats.locked_slots != 0 )
-    {
-        msg = "Some slots are still marked as locked.";
-    }
-
-    /* If the test has already failed, don't overwrite the failure
-     * information. Do keep the stats lookup above, because it can be
-     * convenient to break on it when debugging a failure. */
-    if( msg != NULL && test_info.result == TEST_RESULT_SUCCESS )
-        test_fail( msg, line, file );
-
-    return( msg == NULL );
-}
-
-/** Check that no PSA Crypto key slots are in use.
- */
-#define ASSERT_PSA_PRISTINE( )                                    \
-    do                                                            \
-    {                                                             \
-        if( ! test_helper_is_psa_pristine( __LINE__, __FILE__ ) ) \
-            goto exit;                                            \
-    }                                                             \
-    while( 0 )
-
-static void test_helper_psa_done( int line, const char *file )
-{
-    (void) test_helper_is_psa_pristine( line, file );
-    mbedtls_psa_crypto_free( );
-}
-
-/** Shut down the PSA Crypto subsystem. Expect a clean shutdown, with no slots
- * in use.
- */
-#define PSA_DONE( ) test_helper_psa_done( __LINE__, __FILE__ )
-
-
-
-#if defined(RECORD_PSA_STATUS_COVERAGE_LOG)
-#include <psa/crypto.h>
-
-/** Name of the file where return statuses are logged by #RECORD_STATUS. */
-#define STATUS_LOG_FILE_NAME "statuses.log"
-
-static psa_status_t record_status( psa_status_t status,
-                                   const char *func,
-                                   const char *file, int line,
-                                   const char *expr )
-{
-    /* We open the log file on first use.
-     * We never close the log file, so the record_status feature is not
-     * compatible with resource leak detectors such as Asan.
-     */
-    static FILE *log;
-    if( log == NULL )
-        log = fopen( STATUS_LOG_FILE_NAME, "a" );
-    fprintf( log, "%d:%s:%s:%d:%s\n", (int) status, func, file, line, expr );
-    return( status );
-}
-
-/** Return value logging wrapper macro.
- *
- * Evaluate \p expr. Write a line recording its value to the log file
- * #STATUS_LOG_FILE_NAME and return the value. The line is a colon-separated
- * list of fields:
- * ```
- * value of expr:string:__FILE__:__LINE__:expr
- * ```
- *
- * The test code does not call this macro explicitly because that would
- * be very invasive. Instead, we instrument the source code by defining
- * a bunch of wrapper macros like
- * ```
- * #define psa_crypto_init() RECORD_STATUS("psa_crypto_init", psa_crypto_init())
- * ```
- * These macro definitions must be present in `instrument_record_status.h`
- * when building the test suites.
- *
- * \param string    A string, normally a function name.
- * \param expr      An expression to evaluate, normally a call of the function
- *                  whose name is in \p string. This expression must return
- *                  a value of type #psa_status_t.
- * \return          The value of \p expr.
- */
-#define RECORD_STATUS( string, expr )                                   \
-    record_status( ( expr ), string, __FILE__, __LINE__, #expr )
-
-#include "instrument_record_status.h"
-
-#endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */
-
-#endif /* PSA_CRYPTO_HELPERS_H */
diff --git a/3rdparty/mbedtls-2.25.0/tests/include/test/psa_helpers.h b/3rdparty/mbedtls-2.25.0/tests/include/test/psa_helpers.h
deleted file mode 100644
index f438a71..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/include/test/psa_helpers.h
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
- * Helper functions for tests that use any PSA API.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef PSA_HELPERS_H
-#define PSA_HELPERS_H
-
-#if defined(MBEDTLS_PSA_CRYPTO_SPM)
-#include "spm/psa_defs.h"
-#endif
-
-/** Evaluate an expression and fail the test case if it returns an error.
- *
- * \param expr      The expression to evaluate. This is typically a call
- *                  to a \c psa_xxx function that returns a value of type
- *                  #psa_status_t.
- */
-#define PSA_ASSERT( expr ) TEST_EQUAL( ( expr ), PSA_SUCCESS )
-
-#endif /* PSA_HELPERS_H */
diff --git a/3rdparty/mbedtls-2.25.0/tests/include/test/random.h b/3rdparty/mbedtls-2.25.0/tests/include/test/random.h
deleted file mode 100644
index 5e7e4e6..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/include/test/random.h
+++ /dev/null
@@ -1,105 +0,0 @@
-/**
- * \file random.h
- *
- * \brief   This file contains the prototypes of helper functions to generate
- *          random numbers for the purpose of testing.
- */
-
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef TEST_RANDOM_H
-#define TEST_RANDOM_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-#include <stdint.h>
-
-typedef struct
-{
-    unsigned char *buf;
-    size_t length;
-} mbedtls_test_rnd_buf_info;
-
-/**
- * Info structure for the pseudo random function
- *
- * Key should be set at the start to a test-unique value.
- * Do not forget endianness!
- * State( v0, v1 ) should be set to zero.
- */
-typedef struct
-{
-    uint32_t key[16];
-    uint32_t v0, v1;
-} mbedtls_test_rnd_pseudo_info;
-
-/**
- * This function just returns data from rand().
- * Although predictable and often similar on multiple
- * runs, this does not result in identical random on
- * each run. So do not use this if the results of a
- * test depend on the random data that is generated.
- *
- * rng_state shall be NULL.
- */
-int mbedtls_test_rnd_std_rand( void *rng_state,
-                               unsigned char *output,
-                               size_t len );
-
-/**
- * This function only returns zeros
- *
- * rng_state shall be NULL.
- */
-int mbedtls_test_rnd_zero_rand( void *rng_state,
-                                unsigned char *output,
-                                size_t len );
-
-/**
- * This function returns random based on a buffer it receives.
- *
- * rng_state shall be a pointer to a rnd_buf_info structure.
- *
- * The number of bytes released from the buffer on each call to
- * the random function is specified by per_call. (Can be between
- * 1 and 4)
- *
- * After the buffer is empty it will return rand();
- */
-int mbedtls_test_rnd_buffer_rand( void *rng_state,
-                                  unsigned char *output,
-                                  size_t len );
-
-/**
- * This function returns random based on a pseudo random function.
- * This means the results should be identical on all systems.
- * Pseudo random is based on the XTEA encryption algorithm to
- * generate pseudorandom.
- *
- * rng_state shall be a pointer to a rnd_pseudo_info structure.
- */
-int mbedtls_test_rnd_pseudo_rand( void *rng_state,
-                                  unsigned char *output,
-                                  size_t len );
-
-#endif /* TEST_RANDOM_H */
diff --git a/3rdparty/mbedtls-2.25.0/tests/make-in-docker.sh b/3rdparty/mbedtls-2.25.0/tests/make-in-docker.sh
deleted file mode 100644
index 77dc8ab..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/make-in-docker.sh
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/bash -eu
-
-# make-in-docker.sh
-#
-# Purpose
-# -------
-# This runs make in a Docker container.
-#
-# See also:
-# - scripts/docker_env.sh for general Docker prerequisites and other information.
-
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#  http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-source tests/scripts/docker_env.sh
-
-run_in_docker make $@
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/all-in-docker.sh b/3rdparty/mbedtls-2.25.0/tests/scripts/all-in-docker.sh
deleted file mode 100644
index 8c9ff47..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/all-in-docker.sh
+++ /dev/null
@@ -1,35 +0,0 @@
-#!/bin/bash -eu
-
-# all-in-docker.sh
-#
-# Purpose
-# -------
-# This runs all.sh (except for armcc) in a Docker container.
-#
-# Notes for users
-# ---------------
-# See docker_env.sh for prerequisites and other information.
-#
-# See also all.sh for notes about invocation of that script.
-
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#  http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-source tests/scripts/docker_env.sh
-
-# Run tests that are possible with openly available compilers
-run_in_docker tests/scripts/all.sh \
-    --no-armcc \
-    $@
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/all.sh b/3rdparty/mbedtls-2.25.0/tests/scripts/all.sh
deleted file mode 100644
index af59c62..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/all.sh
+++ /dev/null
@@ -1,2593 +0,0 @@
-#! /usr/bin/env sh
-
-# all.sh
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-
-################################################################
-#### Documentation
-################################################################
-
-# Purpose
-# -------
-#
-# To run all tests possible or available on the platform.
-#
-# Notes for users
-# ---------------
-#
-# Warning: the test is destructive. It includes various build modes and
-# configurations, and can and will arbitrarily change the current CMake
-# configuration. The following files must be committed into git:
-#    * include/mbedtls/config.h
-#    * Makefile, library/Makefile, programs/Makefile, tests/Makefile,
-#      programs/fuzz/Makefile
-# After running this script, the CMake cache will be lost and CMake
-# will no longer be initialised.
-#
-# The script assumes the presence of a number of tools:
-#   * Basic Unix tools (Windows users note: a Unix-style find must be before
-#     the Windows find in the PATH)
-#   * Perl
-#   * GNU Make
-#   * CMake
-#   * GCC and Clang (recent enough for using ASan with gcc and MemSan with clang, or valgrind)
-#   * G++
-#   * arm-gcc and mingw-gcc
-#   * ArmCC 5 and ArmCC 6, unless invoked with --no-armcc
-#   * OpenSSL and GnuTLS command line tools, recent enough for the
-#     interoperability tests. If they don't support SSLv3 then a legacy
-#     version of these tools must be present as well (search for LEGACY
-#     below).
-# See the invocation of check_tools below for details.
-#
-# This script must be invoked from the toplevel directory of a git
-# working copy of Mbed TLS.
-#
-# Note that the output is not saved. You may want to run
-#   script -c tests/scripts/all.sh
-# or
-#   tests/scripts/all.sh >all.log 2>&1
-#
-# Notes for maintainers
-# ---------------------
-#
-# The bulk of the code is organized into functions that follow one of the
-# following naming conventions:
-#  * pre_XXX: things to do before running the tests, in order.
-#  * component_XXX: independent components. They can be run in any order.
-#      * component_check_XXX: quick tests that aren't worth parallelizing.
-#      * component_build_XXX: build things but don't run them.
-#      * component_test_XXX: build and test.
-#  * support_XXX: if support_XXX exists and returns false then
-#    component_XXX is not run by default.
-#  * post_XXX: things to do after running the tests.
-#  * other: miscellaneous support functions.
-#
-# Each component must start by invoking `msg` with a short informative message.
-#
-# The framework performs some cleanup tasks after each component. This
-# means that components can assume that the working directory is in a
-# cleaned-up state, and don't need to perform the cleanup themselves.
-# * Run `make clean`.
-# * Restore `include/mbedtks/config.h` from a backup made before running
-#   the component.
-# * Check out `Makefile`, `library/Makefile`, `programs/Makefile`,
-#   `tests/Makefile` and `programs/fuzz/Makefile` from git.
-#   This cleans up after an in-tree use of CMake.
-#
-# Any command that is expected to fail must be protected so that the
-# script keeps running in --keep-going mode despite `set -e`. In keep-going
-# mode, if a protected command fails, this is logged as a failure and the
-# script will exit with a failure status once it has run all components.
-# Commands can be protected in any of the following ways:
-# * `make` is a function which runs the `make` command with protection.
-#   Note that you must write `make VAR=value`, not `VAR=value make`,
-#   because the `VAR=value make` syntax doesn't work with functions.
-# * Put `report_status` before the command to protect it.
-# * Put `if_build_successful` before a command. This protects it, and
-#   additionally skips it if a prior invocation of `make` in the same
-#   component failed.
-#
-# The tests are roughly in order from fastest to slowest. This doesn't
-# have to be exact, but in general you should add slower tests towards
-# the end and fast checks near the beginning.
-
-
-
-################################################################
-#### Initialization and command line parsing
-################################################################
-
-# Abort on errors (and uninitialised variables)
-set -eu
-
-pre_check_environment () {
-    if [ -d library -a -d include -a -d tests ]; then :; else
-        echo "Must be run from mbed TLS root" >&2
-        exit 1
-    fi
-}
-
-pre_initialize_variables () {
-    CONFIG_H='include/mbedtls/config.h'
-    CONFIG_BAK="$CONFIG_H.bak"
-    CRYPTO_CONFIG_H='include/psa/crypto_config.h'
-    CRYPTO_CONFIG_BAK="$CRYPTO_CONFIG_H.bak"
-
-    append_outcome=0
-    MEMORY=0
-    FORCE=0
-    QUIET=0
-    KEEP_GOING=0
-
-    # Seed value used with the --release-test option.
-    #
-    # See also RELEASE_SEED in basic-build-test.sh. Debugging is easier if
-    # both values are kept in sync. If you change the value here because it
-    # breaks some tests, you'll definitely want to change it in
-    # basic-build-test.sh as well.
-    RELEASE_SEED=1
-
-    : ${MBEDTLS_TEST_OUTCOME_FILE=}
-    : ${MBEDTLS_TEST_PLATFORM="$(uname -s | tr -c \\n0-9A-Za-z _)-$(uname -m | tr -c \\n0-9A-Za-z _)"}
-    export MBEDTLS_TEST_OUTCOME_FILE
-    export MBEDTLS_TEST_PLATFORM
-
-    # Default commands, can be overridden by the environment
-    : ${OPENSSL:="openssl"}
-    : ${OPENSSL_LEGACY:="$OPENSSL"}
-    : ${OPENSSL_NEXT:="$OPENSSL"}
-    : ${GNUTLS_CLI:="gnutls-cli"}
-    : ${GNUTLS_SERV:="gnutls-serv"}
-    : ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"}
-    : ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"}
-    : ${OUT_OF_SOURCE_DIR:=./mbedtls_out_of_source_build}
-    : ${ARMC5_BIN_DIR:=/usr/bin}
-    : ${ARMC6_BIN_DIR:=/usr/bin}
-    : ${ARM_NONE_EABI_GCC_PREFIX:=arm-none-eabi-}
-
-    # if MAKEFLAGS is not set add the -j option to speed up invocations of make
-    if [ -z "${MAKEFLAGS+set}" ]; then
-        export MAKEFLAGS="-j"
-    fi
-
-    # Include more verbose output for failing tests run by CMake
-    export CTEST_OUTPUT_ON_FAILURE=1
-
-    # CFLAGS and LDFLAGS for Asan builds that don't use CMake
-    ASAN_CFLAGS='-Werror -Wall -Wextra -fsanitize=address,undefined -fno-sanitize-recover=all'
-
-    # Gather the list of available components. These are the functions
-    # defined in this script whose name starts with "component_".
-    # Parse the script with sed, because in sh there is no way to list
-    # defined functions.
-    ALL_COMPONENTS=$(sed -n 's/^ *component_\([0-9A-Z_a-z]*\) *().*/\1/p' <"$0")
-
-    # Exclude components that are not supported on this platform.
-    SUPPORTED_COMPONENTS=
-    for component in $ALL_COMPONENTS; do
-        case $(type "support_$component" 2>&1) in
-            *' function'*)
-                if ! support_$component; then continue; fi;;
-        esac
-        SUPPORTED_COMPONENTS="$SUPPORTED_COMPONENTS $component"
-    done
-}
-
-# Test whether the component $1 is included in the command line patterns.
-is_component_included()
-{
-    set -f
-    for pattern in $COMMAND_LINE_COMPONENTS; do
-        set +f
-        case ${1#component_} in $pattern) return 0;; esac
-    done
-    set +f
-    return 1
-}
-
-usage()
-{
-    cat <<EOF
-Usage: $0 [OPTION]... [COMPONENT]...
-Run mbedtls release validation tests.
-By default, run all tests. With one or more COMPONENT, run only those.
-COMPONENT can be the name of a component or a shell wildcard pattern.
-
-Examples:
-  $0 "check_*"
-    Run all sanity checks.
-  $0 --no-armcc --except test_memsan
-    Run everything except builds that require armcc and MemSan.
-
-Special options:
-  -h|--help             Print this help and exit.
-  --list-all-components List all available test components and exit.
-  --list-components     List components supported on this platform and exit.
-
-General options:
-  -q|--quiet            Only output component names, and errors if any.
-  -f|--force            Force the tests to overwrite any modified files.
-  -k|--keep-going       Run all tests and report errors at the end.
-  -m|--memory           Additional optional memory tests.
-     --append-outcome   Append to the outcome file (if used).
-     --arm-none-eabi-gcc-prefix=<string>
-                        Prefix for a cross-compiler for arm-none-eabi
-                        (default: "${ARM_NONE_EABI_GCC_PREFIX}")
-     --armcc            Run ARM Compiler builds (on by default).
-     --except           Exclude the COMPONENTs listed on the command line,
-                        instead of running only those.
-     --no-append-outcome    Write a new outcome file and analyze it (default).
-     --no-armcc         Skip ARM Compiler builds.
-     --no-force         Refuse to overwrite modified files (default).
-     --no-keep-going    Stop at the first error (default).
-     --no-memory        No additional memory tests (default).
-     --no-quiet         Print full ouput from components.
-     --out-of-source-dir=<path>  Directory used for CMake out-of-source build tests.
-     --outcome-file=<path>  File where test outcomes are written (not done if
-                            empty; default: \$MBEDTLS_TEST_OUTCOME_FILE).
-     --random-seed      Use a random seed value for randomized tests (default).
-  -r|--release-test     Run this script in release mode. This fixes the seed value to ${RELEASE_SEED}.
-  -s|--seed             Integer seed value to use for this test run.
-
-Tool path options:
-     --armc5-bin-dir=<ARMC5_bin_dir_path>       ARM Compiler 5 bin directory.
-     --armc6-bin-dir=<ARMC6_bin_dir_path>       ARM Compiler 6 bin directory.
-     --gnutls-cli=<GnuTLS_cli_path>             GnuTLS client executable to use for most tests.
-     --gnutls-serv=<GnuTLS_serv_path>           GnuTLS server executable to use for most tests.
-     --gnutls-legacy-cli=<GnuTLS_cli_path>      GnuTLS client executable to use for legacy tests.
-     --gnutls-legacy-serv=<GnuTLS_serv_path>    GnuTLS server executable to use for legacy tests.
-     --openssl=<OpenSSL_path>                   OpenSSL executable to use for most tests.
-     --openssl-legacy=<OpenSSL_path>            OpenSSL executable to use for legacy tests e.g. SSLv3.
-     --openssl-next=<OpenSSL_path>              OpenSSL executable to use for recent things like ARIA
-EOF
-}
-
-# remove built files as well as the cmake cache/config
-cleanup()
-{
-    if [ -n "${MBEDTLS_ROOT_DIR+set}" ]; then
-        cd "$MBEDTLS_ROOT_DIR"
-    fi
-
-    command make clean
-
-    # Remove CMake artefacts
-    find . -name .git -prune -o \
-           -iname CMakeFiles -exec rm -rf {} \+ -o \
-           \( -iname cmake_install.cmake -o \
-              -iname CTestTestfile.cmake -o \
-              -iname CMakeCache.txt \) -exec rm {} \+
-    # Recover files overwritten by in-tree CMake builds
-    rm -f include/Makefile include/mbedtls/Makefile programs/*/Makefile
-    git update-index --no-skip-worktree Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile
-    git checkout -- Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile
-
-    # Remove any artifacts from the component_test_cmake_as_subdirectory test.
-    rm -rf programs/test/cmake_subproject/build
-    rm -f programs/test/cmake_subproject/Makefile
-    rm -f programs/test/cmake_subproject/cmake_subproject
-
-    if [ -f "$CONFIG_BAK" ]; then
-        mv "$CONFIG_BAK" "$CONFIG_H"
-    fi
-
-    if [ -f "$CRYPTO_CONFIG_BAK" ]; then
-        mv "$CRYPTO_CONFIG_BAK" "$CRYPTO_CONFIG_H"
-    fi
-}
-
-# Executed on exit. May be redefined depending on command line options.
-final_report () {
-    :
-}
-
-fatal_signal () {
-    cleanup
-    final_report $1
-    trap - $1
-    kill -$1 $$
-}
-
-trap 'fatal_signal HUP' HUP
-trap 'fatal_signal INT' INT
-trap 'fatal_signal TERM' TERM
-
-msg()
-{
-    if [ -n "${current_component:-}" ]; then
-        current_section="${current_component#component_}: $1"
-    else
-        current_section="$1"
-    fi
-
-    if [ $QUIET -eq 1 ]; then
-        return
-    fi
-
-    echo ""
-    echo "******************************************************************"
-    echo "* $current_section "
-    printf "* "; date
-    echo "******************************************************************"
-}
-
-armc6_build_test()
-{
-    FLAGS="$1"
-
-    msg "build: ARM Compiler 6 ($FLAGS)"
-    ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" CFLAGS="$FLAGS" \
-                    WARNING_CFLAGS='-xc -std=c99' make lib
-
-    msg "size: ARM Compiler 6 ($FLAGS)"
-    "$ARMC6_FROMELF" -z library/*.o
-
-    make clean
-}
-
-err_msg()
-{
-    echo "$1" >&2
-}
-
-check_tools()
-{
-    for TOOL in "$@"; do
-        if ! `type "$TOOL" >/dev/null 2>&1`; then
-            err_msg "$TOOL not found!"
-            exit 1
-        fi
-    done
-}
-
-check_headers_in_cpp () {
-    ls include/mbedtls | grep "\.h$" >headers.txt
-    <programs/test/cpp_dummy_build.cpp sed -n 's/"$//; s!^#include "mbedtls/!!p' |
-    sort |
-    diff headers.txt -
-    rm headers.txt
-}
-
-pre_parse_command_line () {
-    COMMAND_LINE_COMPONENTS=
-    all_except=0
-    no_armcc=
-
-    # Note that legacy options are ignored instead of being omitted from this
-    # list of options, so invocations that worked with previous version of
-    # all.sh will still run and work properly.
-    while [ $# -gt 0 ]; do
-        case "$1" in
-            --append-outcome) append_outcome=1;;
-            --arm-none-eabi-gcc-prefix) shift; ARM_NONE_EABI_GCC_PREFIX="$1";;
-            --armcc) no_armcc=;;
-            --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";;
-            --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";;
-            --except) all_except=1;;
-            --force|-f) FORCE=1;;
-            --gnutls-cli) shift; GNUTLS_CLI="$1";;
-            --gnutls-legacy-cli) shift; GNUTLS_LEGACY_CLI="$1";;
-            --gnutls-legacy-serv) shift; GNUTLS_LEGACY_SERV="$1";;
-            --gnutls-serv) shift; GNUTLS_SERV="$1";;
-            --help|-h) usage; exit;;
-            --keep-going|-k) KEEP_GOING=1;;
-            --list-all-components) printf '%s\n' $ALL_COMPONENTS; exit;;
-            --list-components) printf '%s\n' $SUPPORTED_COMPONENTS; exit;;
-            --memory|-m) MEMORY=1;;
-            --no-append-outcome) append_outcome=0;;
-            --no-armcc) no_armcc=1;;
-            --no-force) FORCE=0;;
-            --no-keep-going) KEEP_GOING=0;;
-            --no-memory) MEMORY=0;;
-            --no-quiet) QUIET=0;;
-            --openssl) shift; OPENSSL="$1";;
-            --openssl-legacy) shift; OPENSSL_LEGACY="$1";;
-            --openssl-next) shift; OPENSSL_NEXT="$1";;
-            --outcome-file) shift; MBEDTLS_TEST_OUTCOME_FILE="$1";;
-            --out-of-source-dir) shift; OUT_OF_SOURCE_DIR="$1";;
-            --quiet|-q) QUIET=1;;
-            --random-seed) unset SEED;;
-            --release-test|-r) SEED=$RELEASE_SEED;;
-            --seed|-s) shift; SEED="$1";;
-            -*)
-                echo >&2 "Unknown option: $1"
-                echo >&2 "Run $0 --help for usage."
-                exit 120
-                ;;
-            *) COMMAND_LINE_COMPONENTS="$COMMAND_LINE_COMPONENTS $1";;
-        esac
-        shift
-    done
-
-    # With no list of components, run everything.
-    if [ -z "$COMMAND_LINE_COMPONENTS" ]; then
-        all_except=1
-    fi
-
-    # --no-armcc is a legacy option. The modern way is --except '*_armcc*'.
-    # Ignore it if components are listed explicitly on the command line.
-    if [ -n "$no_armcc" ] && [ $all_except -eq 1 ]; then
-        COMMAND_LINE_COMPONENTS="$COMMAND_LINE_COMPONENTS *_armcc*"
-    fi
-
-    # Build the list of components to run.
-    RUN_COMPONENTS=
-    for component in $SUPPORTED_COMPONENTS; do
-        if is_component_included "$component"; [ $? -eq $all_except ]; then
-            RUN_COMPONENTS="$RUN_COMPONENTS $component"
-        fi
-    done
-
-    unset all_except
-    unset no_armcc
-}
-
-pre_check_git () {
-    if [ $FORCE -eq 1 ]; then
-        rm -rf "$OUT_OF_SOURCE_DIR"
-        git checkout-index -f -q $CONFIG_H
-        cleanup
-    else
-
-        if [ -d "$OUT_OF_SOURCE_DIR" ]; then
-            echo "Warning - there is an existing directory at '$OUT_OF_SOURCE_DIR'" >&2
-            echo "You can either delete this directory manually, or force the test by rerunning"
-            echo "the script as: $0 --force --out-of-source-dir $OUT_OF_SOURCE_DIR"
-            exit 1
-        fi
-
-        if ! git diff --quiet include/mbedtls/config.h; then
-            err_msg "Warning - the configuration file 'include/mbedtls/config.h' has been edited. "
-            echo "You can either delete or preserve your work, or force the test by rerunning the"
-            echo "script as: $0 --force"
-            exit 1
-        fi
-    fi
-}
-
-pre_setup_keep_going () {
-    failure_summary=
-    failure_count=0
-    start_red=
-    end_color=
-    if [ -t 1 ]; then
-        case "${TERM:-}" in
-            *color*|cygwin|linux|rxvt*|screen|[Eex]term*)
-                start_red=$(printf '\033[31m')
-                end_color=$(printf '\033[0m')
-                ;;
-        esac
-    fi
-    record_status () {
-        if "$@"; then
-            last_status=0
-        else
-            last_status=$?
-            text="$current_section: $* -> $last_status"
-            failure_summary="$failure_summary
-$text"
-            failure_count=$((failure_count + 1))
-            echo "${start_red}^^^^$text^^^^${end_color}" >&2
-        fi
-    }
-    make () {
-        case "$*" in
-            *test|*check)
-                if [ $build_status -eq 0 ]; then
-                    record_status command make "$@"
-                else
-                    echo "(skipped because the build failed)"
-                fi
-                ;;
-            *)
-                record_status command make "$@"
-                build_status=$last_status
-                ;;
-        esac
-    }
-    final_report () {
-        if [ $failure_count -gt 0 ]; then
-            echo
-            echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
-            echo "${start_red}FAILED: $failure_count${end_color}$failure_summary"
-            echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
-            exit 1
-        elif [ -z "${1-}" ]; then
-            echo "SUCCESS :)"
-        fi
-        if [ -n "${1-}" ]; then
-            echo "Killed by SIG$1."
-        fi
-    }
-}
-
-if_build_succeeded () {
-    if [ $build_status -eq 0 ]; then
-        record_status "$@"
-    fi
-}
-
-# to be used instead of ! for commands run with
-# record_status or if_build_succeeded
-not() {
-    ! "$@"
-}
-
-pre_setup_quiet_redirect () {
-    if [ $QUIET -ne 1 ]; then
-        redirect_out () {
-            "$@"
-        }
-        redirect_err () {
-            "$@"
-        }
-    else
-        redirect_out () {
-            "$@" >/dev/null
-        }
-        redirect_err () {
-            "$@" 2>/dev/null
-        }
-    fi
-}
-
-pre_prepare_outcome_file () {
-    case "$MBEDTLS_TEST_OUTCOME_FILE" in
-      [!/]*) MBEDTLS_TEST_OUTCOME_FILE="$PWD/$MBEDTLS_TEST_OUTCOME_FILE";;
-    esac
-    if [ -n "$MBEDTLS_TEST_OUTCOME_FILE" ] && [ "$append_outcome" -eq 0 ]; then
-        rm -f "$MBEDTLS_TEST_OUTCOME_FILE"
-    fi
-}
-
-pre_print_configuration () {
-    if [ $QUIET -eq 1 ]; then
-        return
-    fi
-
-    msg "info: $0 configuration"
-    echo "MEMORY: $MEMORY"
-    echo "FORCE: $FORCE"
-    echo "MBEDTLS_TEST_OUTCOME_FILE: ${MBEDTLS_TEST_OUTCOME_FILE:-(none)}"
-    echo "SEED: ${SEED-"UNSET"}"
-    echo
-    echo "OPENSSL: $OPENSSL"
-    echo "OPENSSL_LEGACY: $OPENSSL_LEGACY"
-    echo "OPENSSL_NEXT: $OPENSSL_NEXT"
-    echo "GNUTLS_CLI: $GNUTLS_CLI"
-    echo "GNUTLS_SERV: $GNUTLS_SERV"
-    echo "GNUTLS_LEGACY_CLI: $GNUTLS_LEGACY_CLI"
-    echo "GNUTLS_LEGACY_SERV: $GNUTLS_LEGACY_SERV"
-    echo "ARMC5_BIN_DIR: $ARMC5_BIN_DIR"
-    echo "ARMC6_BIN_DIR: $ARMC6_BIN_DIR"
-}
-
-# Make sure the tools we need are available.
-pre_check_tools () {
-    # Build the list of variables to pass to output_env.sh.
-    set env
-
-    case " $RUN_COMPONENTS " in
-        # Require OpenSSL and GnuTLS if running any tests (as opposed to
-        # only doing builds). Not all tests run OpenSSL and GnuTLS, but this
-        # is a good enough approximation in practice.
-        *" test_"*)
-            # To avoid setting OpenSSL and GnuTLS for each call to compat.sh
-            # and ssl-opt.sh, we just export the variables they require.
-            export OPENSSL_CMD="$OPENSSL"
-            export GNUTLS_CLI="$GNUTLS_CLI"
-            export GNUTLS_SERV="$GNUTLS_SERV"
-            # Avoid passing --seed flag in every call to ssl-opt.sh
-            if [ -n "${SEED-}" ]; then
-                export SEED
-            fi
-            set "$@" OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY"
-            set "$@" GNUTLS_CLI="$GNUTLS_CLI" GNUTLS_SERV="$GNUTLS_SERV"
-            set "$@" GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI"
-            set "$@" GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV"
-            check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$OPENSSL_NEXT" \
-                        "$GNUTLS_CLI" "$GNUTLS_SERV" \
-                        "$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV"
-            ;;
-    esac
-
-    case " $RUN_COMPONENTS " in
-        *_doxygen[_\ ]*) check_tools "doxygen" "dot";;
-    esac
-
-    case " $RUN_COMPONENTS " in
-        *_arm_none_eabi_gcc[_\ ]*) check_tools "${ARM_NONE_EABI_GCC_PREFIX}gcc";;
-    esac
-
-    case " $RUN_COMPONENTS " in
-        *_mingw[_\ ]*) check_tools "i686-w64-mingw32-gcc";;
-    esac
-
-    case " $RUN_COMPONENTS " in
-        *" test_zeroize "*) check_tools "gdb";;
-    esac
-
-    case " $RUN_COMPONENTS " in
-        *_armcc*)
-            ARMC5_CC="$ARMC5_BIN_DIR/armcc"
-            ARMC5_AR="$ARMC5_BIN_DIR/armar"
-            ARMC5_FROMELF="$ARMC5_BIN_DIR/fromelf"
-            ARMC6_CC="$ARMC6_BIN_DIR/armclang"
-            ARMC6_AR="$ARMC6_BIN_DIR/armar"
-            ARMC6_FROMELF="$ARMC6_BIN_DIR/fromelf"
-            check_tools "$ARMC5_CC" "$ARMC5_AR" "$ARMC5_FROMELF" \
-                        "$ARMC6_CC" "$ARMC6_AR" "$ARMC6_FROMELF";;
-    esac
-
-    # past this point, no call to check_tool, only printing output
-    if [ $QUIET -eq 1 ]; then
-        return
-    fi
-
-    msg "info: output_env.sh"
-    case $RUN_COMPONENTS in
-        *_armcc*)
-            set "$@" ARMC5_CC="$ARMC5_CC" ARMC6_CC="$ARMC6_CC" RUN_ARMCC=1;;
-        *) set "$@" RUN_ARMCC=0;;
-    esac
-    "$@" scripts/output_env.sh
-}
-
-
-
-################################################################
-#### Basic checks
-################################################################
-
-#
-# Test Suites to be executed
-#
-# The test ordering tries to optimize for the following criteria:
-# 1. Catch possible problems early, by running first tests that run quickly
-#    and/or are more likely to fail than others (eg I use Clang most of the
-#    time, so start with a GCC build).
-# 2. Minimize total running time, by avoiding useless rebuilds
-#
-# Indicative running times are given for reference.
-
-component_check_recursion () {
-    msg "Check: recursion.pl" # < 1s
-    record_status tests/scripts/recursion.pl library/*.c
-}
-
-component_check_generated_files () {
-    msg "Check: freshness of generated source files" # < 1s
-    record_status tests/scripts/check-generated-files.sh
-}
-
-component_check_doxy_blocks () {
-    msg "Check: doxygen markup outside doxygen blocks" # < 1s
-    record_status tests/scripts/check-doxy-blocks.pl
-}
-
-component_check_files () {
-    msg "Check: file sanity checks (permissions, encodings)" # < 1s
-    record_status tests/scripts/check_files.py
-}
-
-component_check_changelog () {
-    msg "Check: changelog entries" # < 1s
-    rm -f ChangeLog.new
-    record_status scripts/assemble_changelog.py -o ChangeLog.new
-    if [ -e ChangeLog.new ]; then
-        # Show the diff for information. It isn't an error if the diff is
-        # non-empty.
-        diff -u ChangeLog ChangeLog.new || true
-        rm ChangeLog.new
-    fi
-}
-
-component_check_names () {
-    msg "Check: declared and exported names (builds the library)" # < 3s
-    record_status tests/scripts/check-names.sh -v
-}
-
-component_check_test_cases () {
-    msg "Check: test case descriptions" # < 1s
-    if [ $QUIET -eq 1 ]; then
-        opt='--quiet'
-    else
-        opt=''
-    fi
-    record_status tests/scripts/check_test_cases.py $opt
-    unset opt
-}
-
-component_check_doxygen_warnings () {
-    msg "Check: doxygen warnings (builds the documentation)" # ~ 3s
-    record_status tests/scripts/doxygen.sh
-}
-
-
-
-################################################################
-#### Build and test many configurations and targets
-################################################################
-
-component_test_default_out_of_box () {
-    msg "build: make, default config (out-of-box)" # ~1min
-    make
-    # Disable fancy stuff
-    SAVE_MBEDTLS_TEST_OUTCOME_FILE="$MBEDTLS_TEST_OUTCOME_FILE"
-    unset MBEDTLS_TEST_OUTCOME_FILE
-
-    msg "test: main suites make, default config (out-of-box)" # ~10s
-    make test
-
-    msg "selftest: make, default config (out-of-box)" # ~10s
-    if_build_succeeded programs/test/selftest
-
-    export MBEDTLS_TEST_OUTCOME_FILE="$SAVE_MBEDTLS_TEST_OUTCOME_FILE"
-    unset SAVE_MBEDTLS_TEST_OUTCOME_FILE
-}
-
-component_test_default_cmake_gcc_asan () {
-    msg "build: cmake, gcc, ASan" # ~ 1 min 50s
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s
-    make test
-
-    msg "test: selftest (ASan build)" # ~ 10s
-    if_build_succeeded programs/test/selftest
-
-    msg "test: ssl-opt.sh (ASan build)" # ~ 1 min
-    if_build_succeeded tests/ssl-opt.sh
-
-    msg "test: compat.sh (ASan build)" # ~ 6 min
-    if_build_succeeded tests/compat.sh
-
-    msg "test: context-info.sh (ASan build)" # ~ 15 sec
-    if_build_succeeded tests/context-info.sh
-}
-
-component_test_full_cmake_gcc_asan () {
-    msg "build: full config, cmake, gcc, ASan"
-    scripts/config.py full
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: main suites (inc. selftests) (full config, ASan build)"
-    make test
-
-    msg "test: selftest (ASan build)" # ~ 10s
-    if_build_succeeded programs/test/selftest
-
-    msg "test: ssl-opt.sh (full config, ASan build)"
-    if_build_succeeded tests/ssl-opt.sh
-
-    msg "test: compat.sh (full config, ASan build)"
-    if_build_succeeded tests/compat.sh
-
-    msg "test: context-info.sh (full config, ASan build)" # ~ 15 sec
-    if_build_succeeded tests/context-info.sh
-}
-
-component_test_psa_crypto_key_id_encodes_owner () {
-    msg "build: full config - USE_PSA_CRYPTO + PSA_CRYPTO_KEY_ID_ENCODES_OWNER, cmake, gcc, ASan"
-    scripts/config.py full
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: full config - USE_PSA_CRYPTO + PSA_CRYPTO_KEY_ID_ENCODES_OWNER, cmake, gcc, ASan"
-    make test
-}
-
-component_test_zlib_make() {
-    msg "build: zlib enabled, make"
-    scripts/config.py set MBEDTLS_ZLIB_SUPPORT
-    make ZLIB=1 CFLAGS='-Werror -O1'
-
-    msg "test: main suites (zlib, make)"
-    make test
-
-    msg "test: ssl-opt.sh (zlib, make)"
-    if_build_succeeded tests/ssl-opt.sh
-}
-support_test_zlib_make () {
-    base=support_test_zlib_$$
-    cat <<'EOF' > ${base}.c
-#include "zlib.h"
-int main(void) { return 0; }
-EOF
-    gcc -o ${base}.exe ${base}.c -lz 2>/dev/null
-    ret=$?
-    rm -f ${base}.*
-    return $ret
-}
-
-component_test_zlib_cmake() {
-    msg "build: zlib enabled, cmake"
-    scripts/config.py set MBEDTLS_ZLIB_SUPPORT
-    cmake -D ENABLE_ZLIB_SUPPORT=On -D CMAKE_BUILD_TYPE:String=Check .
-    make
-
-    msg "test: main suites (zlib, cmake)"
-    make test
-
-    msg "test: ssl-opt.sh (zlib, cmake)"
-    if_build_succeeded tests/ssl-opt.sh
-}
-support_test_zlib_cmake () {
-    support_test_zlib_make "$@"
-}
-
-component_test_ref_configs () {
-    msg "test/build: ref-configs (ASan build)" # ~ 6 min 20s
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    record_status tests/scripts/test-ref-configs.pl
-}
-
-component_test_sslv3 () {
-    msg "build: Default + SSLv3 (ASan build)" # ~ 6 min
-    scripts/config.py set MBEDTLS_SSL_PROTO_SSL3
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: SSLv3 - main suites (inc. selftests) (ASan build)" # ~ 50s
-    make test
-
-    msg "build: SSLv3 - compat.sh (ASan build)" # ~ 6 min
-    if_build_succeeded tests/compat.sh -m 'tls1 tls1_1 tls1_2 dtls1 dtls1_2'
-    if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3'
-
-    msg "build: SSLv3 - ssl-opt.sh (ASan build)" # ~ 6 min
-    if_build_succeeded tests/ssl-opt.sh
-
-    msg "build: SSLv3 - context-info.sh (ASan build)" # ~ 15 sec
-    if_build_succeeded tests/context-info.sh
-}
-
-component_test_no_renegotiation () {
-    msg "build: Default + !MBEDTLS_SSL_RENEGOTIATION (ASan build)" # ~ 6 min
-    scripts/config.py unset MBEDTLS_SSL_RENEGOTIATION
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: !MBEDTLS_SSL_RENEGOTIATION - main suites (inc. selftests) (ASan build)" # ~ 50s
-    make test
-
-    msg "test: !MBEDTLS_SSL_RENEGOTIATION - ssl-opt.sh (ASan build)" # ~ 6 min
-    if_build_succeeded tests/ssl-opt.sh
-}
-
-component_test_no_pem_no_fs () {
-    msg "build: Default + !MBEDTLS_PEM_PARSE_C + !MBEDTLS_FS_IO (ASan build)"
-    scripts/config.py unset MBEDTLS_PEM_PARSE_C
-    scripts/config.py unset MBEDTLS_FS_IO
-    scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C # requires a filesystem
-    scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA ITS
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: !MBEDTLS_PEM_PARSE_C !MBEDTLS_FS_IO - main suites (inc. selftests) (ASan build)" # ~ 50s
-    make test
-
-    msg "test: !MBEDTLS_PEM_PARSE_C !MBEDTLS_FS_IO - ssl-opt.sh (ASan build)" # ~ 6 min
-    if_build_succeeded tests/ssl-opt.sh
-}
-
-component_test_rsa_no_crt () {
-    msg "build: Default + RSA_NO_CRT (ASan build)" # ~ 6 min
-    scripts/config.py set MBEDTLS_RSA_NO_CRT
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: RSA_NO_CRT - main suites (inc. selftests) (ASan build)" # ~ 50s
-    make test
-
-    msg "test: RSA_NO_CRT - RSA-related part of ssl-opt.sh (ASan build)" # ~ 5s
-    if_build_succeeded tests/ssl-opt.sh -f RSA
-
-    msg "test: RSA_NO_CRT - RSA-related part of compat.sh (ASan build)" # ~ 3 min
-    if_build_succeeded tests/compat.sh -t RSA
-
-    msg "test: RSA_NO_CRT - RSA-related part of context-info.sh (ASan build)" # ~ 15 sec
-    if_build_succeeded tests/context-info.sh
-}
-
-component_test_no_ctr_drbg () {
-    msg "build: Full minus CTR_DRBG"
-    scripts/config.py full
-    scripts/config.py unset MBEDTLS_CTR_DRBG_C
-    scripts/config.py unset MBEDTLS_PSA_CRYPTO_C # requires CTR_DRBG
-    scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA Crypto
-    scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C # requires PSA Crypto
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO # requires PSA Crypto
-
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: no CTR_DRBG"
-    make test
-
-    # no ssl-opt.sh/compat.sh as they all depend on CTR_DRBG so far
-}
-
-component_test_no_hmac_drbg () {
-    msg "build: Full minus HMAC_DRBG"
-    scripts/config.py full
-    scripts/config.py unset MBEDTLS_HMAC_DRBG_C
-    scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
-
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: no HMAC_DRBG"
-    make test
-
-    # No ssl-opt.sh/compat.sh as they never use HMAC_DRBG so far,
-    # so there's little value in running those lengthy tests here.
-}
-
-component_test_ecp_no_internal_rng () {
-    msg "build: Default plus ECP_NO_INTERNAL_RNG minus DRBG modules"
-    scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG
-    scripts/config.py unset MBEDTLS_CTR_DRBG_C
-    scripts/config.py unset MBEDTLS_HMAC_DRBG_C
-    scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
-    scripts/config.py unset MBEDTLS_PSA_CRYPTO_C # requires a DRBG
-    scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA Crypto
-
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: ECP_NO_INTERNAL_RNG, no DRBG module"
-    make test
-
-    # no SSL tests as they all depend on having a DRBG
-}
-
-component_test_ecp_restartable_no_internal_rng () {
-    msg "build: Default plus ECP_RESTARTABLE and ECP_NO_INTERNAL_RNG, no DRBG"
-    scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG
-    scripts/config.py set MBEDTLS_ECP_RESTARTABLE
-    scripts/config.py unset MBEDTLS_CTR_DRBG_C
-    scripts/config.py unset MBEDTLS_HMAC_DRBG_C
-    scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
-    scripts/config.py unset MBEDTLS_PSA_CRYPTO_C # requires CTR_DRBG
-    scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA Crypto
-
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: ECP_RESTARTABLE and ECP_NO_INTERNAL_RNG, no DRBG module"
-    make test
-
-    # no SSL tests as they all depend on having a DRBG
-}
-
-component_test_new_ecdh_context () {
-    msg "build: new ECDH context (ASan build)" # ~ 6 min
-    scripts/config.py unset MBEDTLS_ECDH_LEGACY_CONTEXT
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: new ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s
-    make test
-
-    msg "test: new ECDH context - ECDH-related part of ssl-opt.sh (ASan build)" # ~ 5s
-    if_build_succeeded tests/ssl-opt.sh -f ECDH
-
-    msg "test: new ECDH context - compat.sh with some ECDH ciphersuites (ASan build)" # ~ 3 min
-    # Exclude some symmetric ciphers that are redundant here to gain time.
-    if_build_succeeded tests/compat.sh -f ECDH -V NO -e 'ARCFOUR\|ARIA\|CAMELLIA\|CHACHA\|DES\|RC4'
-}
-
-component_test_everest () {
-    msg "build: Everest ECDH context (ASan build)" # ~ 6 min
-    scripts/config.py unset MBEDTLS_ECDH_LEGACY_CONTEXT
-    scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
-    CC=clang cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s
-    make test
-
-    msg "test: Everest ECDH context - ECDH-related part of ssl-opt.sh (ASan build)" # ~ 5s
-    if_build_succeeded tests/ssl-opt.sh -f ECDH
-
-    msg "test: Everest ECDH context - compat.sh with some ECDH ciphersuites (ASan build)" # ~ 3 min
-    # Exclude some symmetric ciphers that are redundant here to gain time.
-    if_build_succeeded tests/compat.sh -f ECDH -V NO -e 'ARCFOUR\|ARIA\|CAMELLIA\|CHACHA\|DES\|RC4'
-}
-
-component_test_everest_curve25519_only () {
-    msg "build: Everest ECDH context, only Curve25519" # ~ 6 min
-    scripts/config.py unset MBEDTLS_ECDH_LEGACY_CONTEXT
-    scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
-    scripts/config.py unset MBEDTLS_ECDSA_C
-    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
-    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
-    # Disable all curves
-    for c in $(sed -n 's/#define \(MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED\).*/\1/p' <"$CONFIG_H"); do
-        scripts/config.py unset "$c"
-    done
-    scripts/config.py set MBEDTLS_ECP_DP_CURVE25519_ENABLED
-
-    make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
-
-    msg "test: Everest ECDH context, only Curve25519" # ~ 50s
-    make test
-}
-
-component_test_small_ssl_out_content_len () {
-    msg "build: small SSL_OUT_CONTENT_LEN (ASan build)"
-    scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 16384
-    scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 4096
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: small SSL_OUT_CONTENT_LEN - ssl-opt.sh MFL and large packet tests"
-    if_build_succeeded tests/ssl-opt.sh -f "Max fragment\|Large packet"
-}
-
-component_test_small_ssl_in_content_len () {
-    msg "build: small SSL_IN_CONTENT_LEN (ASan build)"
-    scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 4096
-    scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 16384
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: small SSL_IN_CONTENT_LEN - ssl-opt.sh MFL tests"
-    if_build_succeeded tests/ssl-opt.sh -f "Max fragment"
-}
-
-component_test_small_ssl_dtls_max_buffering () {
-    msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0"
-    scripts/config.py set MBEDTLS_SSL_DTLS_MAX_BUFFERING 1000
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0 - ssl-opt.sh specific reordering test"
-    if_build_succeeded tests/ssl-opt.sh -f "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg"
-}
-
-component_test_small_mbedtls_ssl_dtls_max_buffering () {
-    msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1"
-    scripts/config.py set MBEDTLS_SSL_DTLS_MAX_BUFFERING 190
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1 - ssl-opt.sh specific reordering test"
-    if_build_succeeded tests/ssl-opt.sh -f "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket"
-}
-
-component_test_psa_collect_statuses () {
-  msg "build+test: psa_collect_statuses" # ~30s
-  scripts/config.py full
-  record_status tests/scripts/psa_collect_statuses.py
-  # Check that psa_crypto_init() succeeded at least once
-  record_status grep -q '^0:psa_crypto_init:' tests/statuses.log
-  rm -f tests/statuses.log
-}
-
-component_test_full_cmake_clang () {
-    msg "build: cmake, full config, clang" # ~ 50s
-    scripts/config.py full
-    CC=clang cmake -D CMAKE_BUILD_TYPE:String=Check -D ENABLE_TESTING=On .
-    make
-
-    msg "test: main suites (full config, clang)" # ~ 5s
-    make test
-
-    msg "test: psa_constant_names (full config, clang)" # ~ 1s
-    record_status tests/scripts/test_psa_constant_names.py
-
-    msg "test: ssl-opt.sh default, ECJPAKE, SSL async (full config)" # ~ 1s
-    if_build_succeeded tests/ssl-opt.sh -f 'Default\|ECJPAKE\|SSL async private'
-
-    msg "test: compat.sh RC4, DES, 3DES & NULL (full config)" # ~ 2 min
-    if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '^$' -f 'NULL\|DES\|RC4\|ARCFOUR'
-
-    msg "test: compat.sh ARIA + ChachaPoly"
-    if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
-}
-
-component_test_memsan_constant_flow () {
-    # This tests both (1) accesses to undefined memory, and (2) branches or
-    # memory access depending on secret values. To distinguish between those:
-    # - unset MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN - does the failure persist?
-    # - or alternatively, change the build type to MemSanDbg, which enables
-    # origin tracking and nicer stack traces (which are useful for debugging
-    # anyway), and check if the origin was TEST_CF_SECRET() or something else.
-    msg "build: cmake MSan (clang), full config with constant flow testing"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
-    scripts/config.py unset MBEDTLS_AESNI_C # memsan doesn't grok asm
-    CC=clang cmake -D CMAKE_BUILD_TYPE:String=MemSan .
-    make
-
-    msg "test: main suites (Msan + constant flow)"
-    make test
-}
-
-component_test_valgrind_constant_flow () {
-    # This tests both (1) everything that valgrind's memcheck usually checks
-    # (heap buffer overflows, use of uninitialized memory, use-after-free,
-    # etc.) and (2) branches or memory access depending on secret values,
-    # which will be reported as uninitialized memory. To distinguish between
-    # secret and actually uninitialized:
-    # - unset MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND - does the failure persist?
-    # - or alternatively, build with debug info and manually run the offending
-    # test suite with valgrind --track-origins=yes, then check if the origin
-    # was TEST_CF_SECRET() or something else.
-    msg "build: cmake release GCC, full config with constant flow testing"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND
-    cmake -D CMAKE_BUILD_TYPE:String=Release .
-    make
-
-    # this only shows a summary of the results (how many of each type)
-    # details are left in Testing/<date>/DynamicAnalysis.xml
-    msg "test: main suites (valgrind + constant flow)"
-    make memcheck
-}
-
-component_test_default_no_deprecated () {
-    # Test that removing the deprecated features from the default
-    # configuration leaves something consistent.
-    msg "build: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 30s
-    scripts/config.py set MBEDTLS_DEPRECATED_REMOVED
-    make CC=gcc CFLAGS='-O -Werror -Wall -Wextra'
-
-    msg "test: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 5s
-    make test
-}
-
-component_test_full_no_deprecated () {
-    msg "build: make, full_no_deprecated config" # ~ 30s
-    scripts/config.py full_no_deprecated
-    make CC=gcc CFLAGS='-O -Werror -Wall -Wextra'
-
-    msg "test: make, full_no_deprecated config" # ~ 5s
-    make test
-}
-
-component_test_full_no_deprecated_deprecated_warning () {
-    # Test that there is nothing deprecated in "full_no_deprecated".
-    # A deprecated feature would trigger a warning (made fatal) from
-    # MBEDTLS_DEPRECATED_WARNING.
-    msg "build: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 30s
-    scripts/config.py full_no_deprecated
-    scripts/config.py unset MBEDTLS_DEPRECATED_REMOVED
-    scripts/config.py set MBEDTLS_DEPRECATED_WARNING
-    make CC=gcc CFLAGS='-O -Werror -Wall -Wextra'
-
-    msg "test: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 5s
-    make test
-}
-
-component_test_full_deprecated_warning () {
-    # Test that when MBEDTLS_DEPRECATED_WARNING is enabled, the build passes
-    # with only certain whitelisted types of warnings.
-    msg "build: make, full config + MBEDTLS_DEPRECATED_WARNING, expect warnings" # ~ 30s
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_DEPRECATED_WARNING
-    # Expect warnings from '#warning' directives in check_config.h.
-    make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=cpp' lib programs
-
-    msg "build: make tests, full config + MBEDTLS_DEPRECATED_WARNING, expect warnings" # ~ 30s
-    # Set MBEDTLS_TEST_DEPRECATED to enable tests for deprecated features.
-    # By default those are disabled when MBEDTLS_DEPRECATED_WARNING is set.
-    # Expect warnings from '#warning' directives in check_config.h and
-    # from the use of deprecated functions in test suites.
-    make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -Wno-error=cpp -DMBEDTLS_TEST_DEPRECATED' tests
-
-    msg "test: full config + MBEDTLS_TEST_DEPRECATED" # ~ 30s
-    make test
-}
-
-# Check that the specified libraries exist and are empty.
-are_empty_libraries () {
-  nm "$@" >/dev/null 2>/dev/null
-  ! nm "$@" 2>/dev/null | grep -v ':$' | grep .
-}
-
-component_build_crypto_default () {
-  msg "build: make, crypto only"
-  scripts/config.py crypto
-  make CFLAGS='-O1 -Werror'
-  if_build_succeeded are_empty_libraries library/libmbedx509.* library/libmbedtls.*
-}
-
-component_build_crypto_full () {
-  msg "build: make, crypto only, full config"
-  scripts/config.py crypto_full
-  make CFLAGS='-O1 -Werror'
-  if_build_succeeded are_empty_libraries library/libmbedx509.* library/libmbedtls.*
-}
-
-component_build_crypto_baremetal () {
-  msg "build: make, crypto only, baremetal config"
-  scripts/config.py crypto_baremetal
-  make CFLAGS='-O1 -Werror'
-  if_build_succeeded are_empty_libraries library/libmbedx509.* library/libmbedtls.*
-}
-
-component_test_depends_curves () {
-    msg "test/build: curves.pl (gcc)" # ~ 4 min
-    record_status tests/scripts/curves.pl
-}
-
-component_test_depends_curves_psa () {
-    msg "test/build: curves.pl with MBEDTLS_USE_PSA_CRYPTO defined (gcc)"
-    scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
-    record_status tests/scripts/curves.pl
-}
-
-component_test_depends_hashes () {
-    msg "test/build: depends-hashes.pl (gcc)" # ~ 2 min
-    record_status tests/scripts/depends-hashes.pl
-}
-
-component_test_depends_hashes_psa () {
-    msg "test/build: depends-hashes.pl with MBEDTLS_USE_PSA_CRYPTO defined (gcc)"
-    scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
-    record_status tests/scripts/depends-hashes.pl
-}
-
-component_test_depends_pkalgs () {
-    msg "test/build: depends-pkalgs.pl (gcc)" # ~ 2 min
-    record_status tests/scripts/depends-pkalgs.pl
-}
-
-component_test_depends_pkalgs_psa () {
-    msg "test/build: depends-pkalgs.pl with MBEDTLS_USE_PSA_CRYPTO defined (gcc)"
-    scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
-    record_status tests/scripts/depends-pkalgs.pl
-}
-
-component_build_key_exchanges () {
-    msg "test/build: key-exchanges (gcc)" # ~ 1 min
-    record_status tests/scripts/key-exchanges.pl
-}
-
-component_build_default_make_gcc_and_cxx () {
-    msg "build: Unix make, -Os (gcc)" # ~ 30s
-    make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os'
-
-    msg "test: verify header list in cpp_dummy_build.cpp"
-    record_status check_headers_in_cpp
-
-    msg "build: Unix make, incremental g++"
-    make TEST_CPP=1
-}
-
-component_test_no_use_psa_crypto_full_cmake_asan() {
-    # full minus MBEDTLS_USE_PSA_CRYPTO: run the same set of tests as basic-build-test.sh
-    msg "build: cmake, full config minus MBEDTLS_USE_PSA_CRYPTO, ASan"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_ECP_RESTARTABLE  # not using PSA, so enable restartable ECC
-    scripts/config.py unset MBEDTLS_PSA_CRYPTO_C
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C
-    scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C
-    scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: main suites (full minus MBEDTLS_USE_PSA_CRYPTO)"
-    make test
-
-    msg "test: ssl-opt.sh (full minus MBEDTLS_USE_PSA_CRYPTO)"
-    if_build_succeeded tests/ssl-opt.sh
-
-    msg "test: compat.sh default (full minus MBEDTLS_USE_PSA_CRYPTO)"
-    if_build_succeeded tests/compat.sh
-
-    msg "test: compat.sh RC4, DES & NULL (full minus MBEDTLS_USE_PSA_CRYPTO)"
-    if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR'
-
-    msg "test: compat.sh ARIA + ChachaPoly (full minus MBEDTLS_USE_PSA_CRYPTO)"
-    if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
-}
-
-component_test_psa_crypto_config_basic() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-
-    msg "test: full + MBEDTLS_PSA_CRYPTO_CONFIG"
-    make test
-}
-
-component_test_psa_crypto_config_no_driver() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py unset MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
-
-    msg "test: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS"
-    make test
-}
-
-# This should be renamed to test and updated once the accelerator ECDSA code is in place and ready to test.
-component_build_psa_accel_alg_ecdsa() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_ECDSA
-    # without MBEDTLS_ECDSA_C
-    # PSA_WANT_ALG_ECDSA and PSA_WANT_ALG_DETERMINISTIC_ECDSA are already
-    # set in include/psa/crypto_config.h
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_ECDSA without MBEDTLS_ECDSA_C"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py unset MBEDTLS_ECDSA_C
-    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
-    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDSA -DMBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator ECDH code is in place and ready to test.
-component_build_psa_accel_alg_ecdh() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_ECDH
-    # without MBEDTLS_ECDH_C
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_ECDH without MBEDTLS_ECDH_C"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py unset MBEDTLS_ECDH_C
-    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
-    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
-    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
-    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
-    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDH -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator ECC key pair code is in place and ready to test.
-component_build_psa_accel_key_type_ecc_key_pair() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_KEY_TYPE_ECC_KEY_PAIR"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1
-    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator ECC public key code is in place and ready to test.
-component_build_psa_accel_key_type_ecc_public_key() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator HMAC code is in place and ready to test.
-component_build_psa_accel_alg_hmac() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_HMAC
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_HMAC"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HMAC -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator HKDF code is in place and ready to test.
-component_build_psa_accel_alg_hkdf() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_HKDF
-    # without MBEDTLS_HKDF_C
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_HKDF without MBEDTLS_HKDF_C"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py unset MBEDTLS_HKDF_C
-    # Make sure to unset TLS1_3_EXPERIMENTAL since it requires HKDF_C and will not build properly without it.
-    scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator MD2 code is in place and ready to test.
-component_build_psa_accel_alg_md2() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_MD2 without other hashes
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_MD2 - other hashes"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD2 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator MD4 code is in place and ready to test.
-component_build_psa_accel_alg_md4() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_MD4 without other hashes
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_MD4 - other hashes"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD4 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator MD5 code is in place and ready to test.
-component_build_psa_accel_alg_md5() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_MD5 without other hashes
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_MD5 - other hashes"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD5 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator RIPEMD160 code is in place and ready to test.
-component_build_psa_accel_alg_ripemd160() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_RIPEMD160 without other hashes
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_RIPEMD160 - other hashes"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator SHA1 code is in place and ready to test.
-component_build_psa_accel_alg_sha1() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_SHA_1 without other hashes
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_SHA_1 - other hashes"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_1 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator SHA224 code is in place and ready to test.
-component_build_psa_accel_alg_sha224() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_SHA_224 without other hashes
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_SHA_224 - other hashes"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_224 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator SHA256 code is in place and ready to test.
-component_build_psa_accel_alg_sha256() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_SHA_256 without other hashes
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_SHA_256 - other hashes"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_256 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator SHA384 code is in place and ready to test.
-component_build_psa_accel_alg_sha384() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_SHA_384 without other hashes
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_SHA_384 - other hashes"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_384 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator SHA512 code is in place and ready to test.
-component_build_psa_accel_alg_sha512() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_SHA_512 without other hashes
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_SHA_512 - other hashes"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_512 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
-component_build_psa_accel_alg_rsa_pkcs1v15_crypt() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_RSA_PKCS1V15_CRYPT
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_RSA_PKCS1V15_CRYPT + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_OAEP
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PSS
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
-component_build_psa_accel_alg_rsa_pkcs1v15_sign() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_RSA_PKCS1V15_SIGN and PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_RSA_PKCS1V15_SIGN + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_OAEP
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PSS
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
-component_build_psa_accel_alg_rsa_oaep() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_RSA_OAEP and PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_RSA_OAEP + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_OAEP 1
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PSS
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_OAEP -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
-component_build_psa_accel_alg_rsa_pss() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_RSA_PSS and PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_RSA_PSS + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_PSS 1
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN
-    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_OAEP
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
-component_build_psa_accel_key_type_rsa_key_pair() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_KEY_TYPE_RSA_KEY_PAIR and PSA_WANT_ALG_RSA_PSS
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_KEY_TYPE_RSA_KEY_PAIR + PSA_WANT_ALG_RSA_PSS"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_PSS 1
-    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
-component_build_psa_accel_key_type_rsa_public_key() {
-    # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY and PSA_WANT_ALG_RSA_PSS
-    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY + PSA_WANT_ALG_RSA_PSS"
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
-    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_PSS 1
-    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-component_test_check_params_functionality () {
-    msg "build+test: MBEDTLS_CHECK_PARAMS functionality"
-    scripts/config.py full # includes CHECK_PARAMS
-    # Make MBEDTLS_PARAM_FAILED call mbedtls_param_failed().
-    scripts/config.py unset MBEDTLS_CHECK_PARAMS_ASSERT
-    make CC=gcc CFLAGS='-Werror -O1' all test
-}
-
-component_test_check_params_without_platform () {
-    msg "build+test: MBEDTLS_CHECK_PARAMS without MBEDTLS_PLATFORM_C"
-    scripts/config.py full # includes CHECK_PARAMS
-    # Keep MBEDTLS_PARAM_FAILED as assert.
-    scripts/config.py unset MBEDTLS_PLATFORM_EXIT_ALT
-    scripts/config.py unset MBEDTLS_PLATFORM_TIME_ALT
-    scripts/config.py unset MBEDTLS_PLATFORM_FPRINTF_ALT
-    scripts/config.py unset MBEDTLS_PLATFORM_MEMORY
-    scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
-    scripts/config.py unset MBEDTLS_PLATFORM_PRINTF_ALT
-    scripts/config.py unset MBEDTLS_PLATFORM_SNPRINTF_ALT
-    scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
-    scripts/config.py unset MBEDTLS_PLATFORM_C
-    make CC=gcc CFLAGS='-Werror -O1' all test
-}
-
-component_test_check_params_silent () {
-    msg "build+test: MBEDTLS_CHECK_PARAMS with alternative MBEDTLS_PARAM_FAILED()"
-    scripts/config.py full # includes CHECK_PARAMS
-    # Set MBEDTLS_PARAM_FAILED to nothing.
-    sed -i 's/.*\(#define MBEDTLS_PARAM_FAILED( cond )\).*/\1/' "$CONFIG_H"
-    make CC=gcc CFLAGS='-Werror -O1' all test
-}
-
-component_test_no_platform () {
-    # Full configuration build, without platform support, file IO and net sockets.
-    # This should catch missing mbedtls_printf definitions, and by disabling file
-    # IO, it should catch missing '#include <stdio.h>'
-    msg "build: full config except platform/fsio/net, make, gcc, C99" # ~ 30s
-    scripts/config.py full
-    scripts/config.py unset MBEDTLS_PLATFORM_C
-    scripts/config.py unset MBEDTLS_NET_C
-    scripts/config.py unset MBEDTLS_PLATFORM_MEMORY
-    scripts/config.py unset MBEDTLS_PLATFORM_PRINTF_ALT
-    scripts/config.py unset MBEDTLS_PLATFORM_FPRINTF_ALT
-    scripts/config.py unset MBEDTLS_PLATFORM_SNPRINTF_ALT
-    scripts/config.py unset MBEDTLS_PLATFORM_TIME_ALT
-    scripts/config.py unset MBEDTLS_PLATFORM_EXIT_ALT
-    scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
-    scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
-    scripts/config.py unset MBEDTLS_FS_IO
-    scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C
-    scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C
-    scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C
-    # Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19,
-    # to re-enable platform integration features otherwise disabled in C99 builds
-    make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -Os -D_DEFAULT_SOURCE' lib programs
-    make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' test
-}
-
-component_build_no_std_function () {
-    # catch compile bugs in _uninit functions
-    msg "build: full config with NO_STD_FUNCTION, make, gcc" # ~ 30s
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
-    scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
-    scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
-    make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os'
-}
-
-component_build_no_ssl_srv () {
-    msg "build: full config except ssl_srv.c, make, gcc" # ~ 30s
-    scripts/config.py full
-    scripts/config.py unset MBEDTLS_SSL_SRV_C
-    make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1'
-}
-
-component_build_no_ssl_cli () {
-    msg "build: full config except ssl_cli.c, make, gcc" # ~ 30s
-    scripts/config.py full
-    scripts/config.py unset MBEDTLS_SSL_CLI_C
-    make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1'
-}
-
-component_build_no_sockets () {
-    # Note, C99 compliance can also be tested with the sockets support disabled,
-    # as that requires a POSIX platform (which isn't the same as C99).
-    msg "build: full config except net_sockets.c, make, gcc -std=c99 -pedantic" # ~ 30s
-    scripts/config.py full
-    scripts/config.py unset MBEDTLS_NET_C # getaddrinfo() undeclared, etc.
-    scripts/config.py set MBEDTLS_NO_PLATFORM_ENTROPY # uses syscall() on GNU/Linux
-    make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1 -std=c99 -pedantic' lib
-}
-
-component_test_memory_buffer_allocator_backtrace () {
-    msg "build: default config with memory buffer allocator and backtrace enabled"
-    scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C
-    scripts/config.py set MBEDTLS_PLATFORM_MEMORY
-    scripts/config.py set MBEDTLS_MEMORY_BACKTRACE
-    scripts/config.py set MBEDTLS_MEMORY_DEBUG
-    CC=gcc cmake .
-    make
-
-    msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C and MBEDTLS_MEMORY_BACKTRACE"
-    make test
-}
-
-component_test_memory_buffer_allocator () {
-    msg "build: default config with memory buffer allocator"
-    scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C
-    scripts/config.py set MBEDTLS_PLATFORM_MEMORY
-    CC=gcc cmake .
-    make
-
-    msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C"
-    make test
-
-    msg "test: ssl-opt.sh, MBEDTLS_MEMORY_BUFFER_ALLOC_C"
-    # MBEDTLS_MEMORY_BUFFER_ALLOC is slow. Skip tests that tend to time out.
-    if_build_succeeded tests/ssl-opt.sh -e '^DTLS proxy'
-}
-
-component_test_no_max_fragment_length () {
-    # Run max fragment length tests with MFL disabled
-    msg "build: default config except MFL extension (ASan build)" # ~ 30s
-    scripts/config.py unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: ssl-opt.sh, MFL-related tests"
-    if_build_succeeded tests/ssl-opt.sh -f "Max fragment length"
-}
-
-component_test_asan_remove_peer_certificate () {
-    msg "build: default config with MBEDTLS_SSL_KEEP_PEER_CERTIFICATE disabled (ASan build)"
-    scripts/config.py unset MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE"
-    make test
-
-    msg "test: ssl-opt.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE"
-    if_build_succeeded tests/ssl-opt.sh
-
-    msg "test: compat.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE"
-    if_build_succeeded tests/compat.sh
-
-    msg "test: context-info.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE"
-    if_build_succeeded tests/context-info.sh
-}
-
-component_test_no_max_fragment_length_small_ssl_out_content_len () {
-    msg "build: no MFL extension, small SSL_OUT_CONTENT_LEN (ASan build)"
-    scripts/config.py unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
-    scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 16384
-    scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 4096
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: MFL tests (disabled MFL extension case) & large packet tests"
-    if_build_succeeded tests/ssl-opt.sh -f "Max fragment length\|Large buffer"
-
-    msg "test: context-info.sh (disabled MFL extension case)"
-    if_build_succeeded tests/context-info.sh
-}
-
-component_test_variable_ssl_in_out_buffer_len () {
-    msg "build: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled (ASan build)"
-    scripts/config.py set MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled"
-    make test
-
-    msg "test: ssl-opt.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled"
-    if_build_succeeded tests/ssl-opt.sh
-
-    msg "test: compat.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled"
-    if_build_succeeded tests/compat.sh
-}
-
-component_test_variable_ssl_in_out_buffer_len_CID () {
-    msg "build: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_DTLS_CONNECTION_ID enabled (ASan build)"
-    scripts/config.py set MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
-    scripts/config.py set MBEDTLS_SSL_DTLS_CONNECTION_ID
-
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_DTLS_CONNECTION_ID"
-    make test
-
-    msg "test: ssl-opt.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_DTLS_CONNECTION_ID enabled"
-    if_build_succeeded tests/ssl-opt.sh
-
-    msg "test: compat.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_DTLS_CONNECTION_ID enabled"
-    if_build_succeeded tests/compat.sh
-}
-
-component_test_variable_ssl_in_out_buffer_len_record_splitting () {
-    msg "build: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_CBC_RECORD_SPLITTING enabled (ASan build)"
-    scripts/config.py set MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
-    scripts/config.py set MBEDTLS_SSL_CBC_RECORD_SPLITTING
-
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_CBC_RECORD_SPLITTING"
-    make test
-
-    msg "test: ssl-opt.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_CBC_RECORD_SPLITTING enabled"
-    if_build_succeeded tests/ssl-opt.sh
-
-    msg "test: compat.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_CBC_RECORD_SPLITTING enabled"
-    if_build_succeeded tests/compat.sh
-}
-
-component_test_ssl_alloc_buffer_and_mfl () {
-    msg "build: default config with memory buffer allocator and MFL extension"
-    scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C
-    scripts/config.py set MBEDTLS_PLATFORM_MEMORY
-    scripts/config.py set MBEDTLS_MEMORY_DEBUG
-    scripts/config.py set MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
-    scripts/config.py set MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
-    CC=gcc cmake .
-    make
-
-    msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH, MBEDTLS_MEMORY_BUFFER_ALLOC_C, MBEDTLS_MEMORY_DEBUG and MBEDTLS_SSL_MAX_FRAGMENT_LENGTH"
-    make test
-
-    msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH, MBEDTLS_MEMORY_BUFFER_ALLOC_C, MBEDTLS_MEMORY_DEBUG and MBEDTLS_SSL_MAX_FRAGMENT_LENGTH"
-    if_build_succeeded tests/ssl-opt.sh -f "Handshake memory usage"
-}
-
-component_test_when_no_ciphersuites_have_mac () {
-    msg "build: when no ciphersuites have MAC"
-    scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER
-    scripts/config.py unset MBEDTLS_ARC4_C
-    scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC
-    make
-
-    msg "test: !MBEDTLS_SSL_SOME_MODES_USE_MAC"
-    make test
-
-    msg "test ssl-opt.sh: !MBEDTLS_SSL_SOME_MODES_USE_MAC"
-    if_build_succeeded tests/ssl-opt.sh -f 'Default\|EtM' -e 'without EtM'
-}
-
-component_test_null_entropy () {
-    msg "build: default config with  MBEDTLS_TEST_NULL_ENTROPY (ASan build)"
-    scripts/config.py set MBEDTLS_TEST_NULL_ENTROPY
-    scripts/config.py set MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
-    scripts/config.py set MBEDTLS_ENTROPY_C
-    scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
-    scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
-    scripts/config.py unset MBEDTLS_ENTROPY_HARDWARE_ALT
-    scripts/config.py unset MBEDTLS_HAVEGE_C
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan -D UNSAFE_BUILD=ON .
-    make
-
-    msg "test: MBEDTLS_TEST_NULL_ENTROPY - main suites (inc. selftests) (ASan build)"
-    make test
-}
-
-component_test_no_date_time () {
-    msg "build: default config without MBEDTLS_HAVE_TIME_DATE"
-    scripts/config.py unset MBEDTLS_HAVE_TIME_DATE
-    CC=gcc cmake
-    make
-
-    msg "test: !MBEDTLS_HAVE_TIME_DATE - main suites"
-    make test
-}
-
-component_test_platform_calloc_macro () {
-    msg "build: MBEDTLS_PLATFORM_{CALLOC/FREE}_MACRO enabled (ASan build)"
-    scripts/config.py set MBEDTLS_PLATFORM_MEMORY
-    scripts/config.py set MBEDTLS_PLATFORM_CALLOC_MACRO calloc
-    scripts/config.py set MBEDTLS_PLATFORM_FREE_MACRO   free
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: MBEDTLS_PLATFORM_{CALLOC/FREE}_MACRO enabled (ASan build)"
-    make test
-}
-
-component_test_malloc_0_null () {
-    msg "build: malloc(0) returns NULL (ASan+UBSan build)"
-    scripts/config.py full
-    make CC=gcc CFLAGS="'-DMBEDTLS_CONFIG_FILE=\"$PWD/tests/configs/config-wrapper-malloc-0-null.h\"' $ASAN_CFLAGS -O" LDFLAGS="$ASAN_CFLAGS"
-
-    msg "test: malloc(0) returns NULL (ASan+UBSan build)"
-    make test
-
-    msg "selftest: malloc(0) returns NULL (ASan+UBSan build)"
-    # Just the calloc selftest. "make test" ran the others as part of the
-    # test suites.
-    if_build_succeeded programs/test/selftest calloc
-
-    msg "test ssl-opt.sh: malloc(0) returns NULL (ASan+UBSan build)"
-    # Run a subset of the tests. The choice is a balance between coverage
-    # and time (including time indirectly wasted due to flaky tests).
-    # The current choice is to skip tests whose description includes
-    # "proxy", which is an approximation of skipping tests that use the
-    # UDP proxy, which tend to be slower and flakier.
-    if_build_succeeded tests/ssl-opt.sh -e 'proxy'
-}
-
-component_test_aes_fewer_tables () {
-    msg "build: default config with AES_FEWER_TABLES enabled"
-    scripts/config.py set MBEDTLS_AES_FEWER_TABLES
-    make CC=gcc CFLAGS='-Werror -Wall -Wextra'
-
-    msg "test: AES_FEWER_TABLES"
-    make test
-}
-
-component_test_aes_rom_tables () {
-    msg "build: default config with AES_ROM_TABLES enabled"
-    scripts/config.py set MBEDTLS_AES_ROM_TABLES
-    make CC=gcc CFLAGS='-Werror -Wall -Wextra'
-
-    msg "test: AES_ROM_TABLES"
-    make test
-}
-
-component_test_aes_fewer_tables_and_rom_tables () {
-    msg "build: default config with AES_ROM_TABLES and AES_FEWER_TABLES enabled"
-    scripts/config.py set MBEDTLS_AES_FEWER_TABLES
-    scripts/config.py set MBEDTLS_AES_ROM_TABLES
-    make CC=gcc CFLAGS='-Werror -Wall -Wextra'
-
-    msg "test: AES_FEWER_TABLES + AES_ROM_TABLES"
-    make test
-}
-
-component_test_ctr_drbg_aes_256_sha_256 () {
-    msg "build: full + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)"
-    scripts/config.py full
-    scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
-    scripts/config.py set MBEDTLS_ENTROPY_FORCE_SHA256
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: full + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)"
-    make test
-}
-
-component_test_ctr_drbg_aes_128_sha_512 () {
-    msg "build: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY (ASan build)"
-    scripts/config.py full
-    scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
-    scripts/config.py set MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY (ASan build)"
-    make test
-}
-
-component_test_ctr_drbg_aes_128_sha_256 () {
-    msg "build: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)"
-    scripts/config.py full
-    scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
-    scripts/config.py set MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
-    scripts/config.py set MBEDTLS_ENTROPY_FORCE_SHA256
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)"
-    make test
-}
-
-component_test_se_default () {
-    msg "build: default config + MBEDTLS_PSA_CRYPTO_SE_C"
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_SE_C
-    make CC=clang CFLAGS="$ASAN_CFLAGS -Os" LDFLAGS="$ASAN_CFLAGS"
-
-    msg "test: default config + MBEDTLS_PSA_CRYPTO_SE_C"
-    make test
-}
-
-component_test_psa_crypto_drivers () {
-    msg "build: MBEDTLS_PSA_CRYPTO_DRIVERS w/ driver hooks"
-    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
-    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-
-    msg "test: MBEDTLS_PSA_CRYPTO_DRIVERS, signature"
-    make test
-}
-
-component_test_make_shared () {
-    msg "build/test: make shared" # ~ 40s
-    make SHARED=1 all check
-    ldd programs/util/strerror | grep libmbedcrypto
-}
-
-component_test_cmake_shared () {
-    msg "build/test: cmake shared" # ~ 2min
-    cmake -DUSE_SHARED_MBEDTLS_LIBRARY=On .
-    make
-    ldd programs/util/strerror | grep libmbedcrypto
-    make test
-}
-
-test_build_opt () {
-    info=$1 cc=$2; shift 2
-    for opt in "$@"; do
-          msg "build/test: $cc $opt, $info" # ~ 30s
-          make CC="$cc" CFLAGS="$opt -std=c99 -pedantic -Wall -Wextra -Werror"
-          # We're confident enough in compilers to not run _all_ the tests,
-          # but at least run the unit tests. In particular, runs with
-          # optimizations use inline assembly whereas runs with -O0
-          # skip inline assembly.
-          make test # ~30s
-          make clean
-    done
-}
-
-component_test_clang_opt () {
-    scripts/config.py full
-    test_build_opt 'full config' clang -O0 -Os -O2
-}
-
-component_test_gcc_opt () {
-    scripts/config.py full
-    test_build_opt 'full config' gcc -O0 -Os -O2
-}
-
-component_build_mbedtls_config_file () {
-    msg "build: make with MBEDTLS_CONFIG_FILE" # ~40s
-    # Use the full config so as to catch a maximum of places where
-    # the check of MBEDTLS_CONFIG_FILE might be missing.
-    scripts/config.py full
-    sed 's!"check_config.h"!"mbedtls/check_config.h"!' <"$CONFIG_H" >full_config.h
-    echo '#error "MBEDTLS_CONFIG_FILE is not working"' >"$CONFIG_H"
-    make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"'"
-    rm -f full_config.h
-}
-
-component_test_m32_o0 () {
-    # Build once with -O0, to compile out the i386 specific inline assembly
-    msg "build: i386, make, gcc -O0 (ASan build)" # ~ 30s
-    scripts/config.py full
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O0" LDFLAGS="-m32 $ASAN_CFLAGS"
-
-    msg "test: i386, make, gcc -O0 (ASan build)"
-    make test
-}
-support_test_m32_o0 () {
-    case $(uname -m) in
-        *64*) true;;
-        *) false;;
-    esac
-}
-
-component_test_m32_o1 () {
-    # Build again with -O1, to compile in the i386 specific inline assembly
-    msg "build: i386, make, gcc -O1 (ASan build)" # ~ 30s
-    scripts/config.py full
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O1" LDFLAGS="-m32 $ASAN_CFLAGS"
-
-    msg "test: i386, make, gcc -O1 (ASan build)"
-    make test
-
-    msg "test ssl-opt.sh, i386, make, gcc-O1"
-    if_build_succeeded tests/ssl-opt.sh
-}
-support_test_m32_o1 () {
-    support_test_m32_o0 "$@"
-}
-
-component_test_m32_everest () {
-    msg "build: i386, Everest ECDH context (ASan build)" # ~ 6 min
-    scripts/config.py unset MBEDTLS_ECDH_LEGACY_CONTEXT
-    scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
-
-    msg "test: i386, Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s
-    make test
-
-    msg "test: i386, Everest ECDH context - ECDH-related part of ssl-opt.sh (ASan build)" # ~ 5s
-    if_build_succeeded tests/ssl-opt.sh -f ECDH
-
-    msg "test: i386, Everest ECDH context - compat.sh with some ECDH ciphersuites (ASan build)" # ~ 3 min
-    # Exclude some symmetric ciphers that are redundant here to gain time.
-    if_build_succeeded tests/compat.sh -f ECDH -V NO -e 'ARCFOUR\|ARIA\|CAMELLIA\|CHACHA\|DES\|RC4'
-}
-support_test_m32_everest () {
-    support_test_m32_o0 "$@"
-}
-
-component_test_mx32 () {
-    msg "build: 64-bit ILP32, make, gcc" # ~ 30s
-    scripts/config.py full
-    make CC=gcc CFLAGS='-Werror -Wall -Wextra -mx32' LDFLAGS='-mx32'
-
-    msg "test: 64-bit ILP32, make, gcc"
-    make test
-}
-support_test_mx32 () {
-    case $(uname -m) in
-        amd64|x86_64) true;;
-        *) false;;
-    esac
-}
-
-component_test_min_mpi_window_size () {
-    msg "build: Default + MBEDTLS_MPI_WINDOW_SIZE=1 (ASan build)" # ~ 10s
-    scripts/config.py set MBEDTLS_MPI_WINDOW_SIZE 1
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-
-    msg "test: MBEDTLS_MPI_WINDOW_SIZE=1 - main suites (inc. selftests) (ASan build)" # ~ 10s
-    make test
-}
-
-component_test_have_int32 () {
-    msg "build: gcc, force 32-bit bignum limbs"
-    scripts/config.py unset MBEDTLS_HAVE_ASM
-    scripts/config.py unset MBEDTLS_AESNI_C
-    scripts/config.py unset MBEDTLS_PADLOCK_C
-    make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT32'
-
-    msg "test: gcc, force 32-bit bignum limbs"
-    make test
-}
-
-component_test_have_int64 () {
-    msg "build: gcc, force 64-bit bignum limbs"
-    scripts/config.py unset MBEDTLS_HAVE_ASM
-    scripts/config.py unset MBEDTLS_AESNI_C
-    scripts/config.py unset MBEDTLS_PADLOCK_C
-    make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT64'
-
-    msg "test: gcc, force 64-bit bignum limbs"
-    make test
-}
-
-component_test_no_udbl_division () {
-    msg "build: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_NO_UDBL_DIVISION
-    make CFLAGS='-Werror -O1'
-
-    msg "test: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s
-    make test
-}
-
-component_test_no_64bit_multiplication () {
-    msg "build: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s
-    scripts/config.py full
-    scripts/config.py set MBEDTLS_NO_64BIT_MULTIPLICATION
-    make CFLAGS='-Werror -O1'
-
-    msg "test: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s
-    make test
-}
-
-component_test_no_strings () {
-    msg "build: no strings" # ~10s
-    scripts/config.py full
-    # Disable options that activate a large amount of string constants.
-    scripts/config.py unset MBEDTLS_DEBUG_C
-    scripts/config.py unset MBEDTLS_ERROR_C
-    scripts/config.py set MBEDTLS_ERROR_STRERROR_DUMMY
-    scripts/config.py unset MBEDTLS_VERSION_FEATURES
-    make CFLAGS='-Werror -Os'
-
-    msg "test: no strings" # ~ 10s
-    make test
-}
-
-component_build_arm_none_eabi_gcc () {
-    msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -O1" # ~ 10s
-    scripts/config.py baremetal
-    make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-std=c99 -Werror -Wall -Wextra -O1' lib
-
-    msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -O1"
-    ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o
-}
-
-component_build_arm_none_eabi_gcc_arm5vte () {
-    msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=arm5vte" # ~ 10s
-    scripts/config.py baremetal
-    # Build for a target platform that's close to what Debian uses
-    # for its "armel" distribution (https://wiki.debian.org/ArmEabiPort).
-    # See https://github.com/ARMmbed/mbedtls/pull/2169 and comments.
-    # It would be better to build with arm-linux-gnueabi-gcc but
-    # we don't have that on our CI at this time.
-    make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" CFLAGS='-std=c99 -Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' SHELL='sh -x' lib
-
-    msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=armv5te -O1"
-    ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o
-}
-
-component_build_arm_none_eabi_gcc_m0plus () {
-    msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -mthumb -mcpu=cortex-m0plus" # ~ 10s
-    scripts/config.py baremetal
-    make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-std=c99 -Werror -Wall -Wextra -mthumb -mcpu=cortex-m0plus -Os' lib
-
-    msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -mthumb -mcpu=cortex-m0plus -Os"
-    ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o
-}
-
-component_build_arm_none_eabi_gcc_no_udbl_division () {
-    msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -DMBEDTLS_NO_UDBL_DIVISION, make" # ~ 10s
-    scripts/config.py baremetal
-    scripts/config.py set MBEDTLS_NO_UDBL_DIVISION
-    make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-std=c99 -Werror -Wall -Wextra' lib
-    echo "Checking that software 64-bit division is not required"
-    if_build_succeeded not grep __aeabi_uldiv library/*.o
-}
-
-component_build_arm_none_eabi_gcc_no_64bit_multiplication () {
-    msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc MBEDTLS_NO_64BIT_MULTIPLICATION, make" # ~ 10s
-    scripts/config.py baremetal
-    scripts/config.py set MBEDTLS_NO_64BIT_MULTIPLICATION
-    make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-std=c99 -Werror -O1 -march=armv6-m -mthumb' lib
-    echo "Checking that software 64-bit multiplication is not required"
-    if_build_succeeded not grep __aeabi_lmul library/*.o
-}
-
-component_build_armcc () {
-    msg "build: ARM Compiler 5"
-    scripts/config.py baremetal
-    make CC="$ARMC5_CC" AR="$ARMC5_AR" WARNING_CFLAGS='--strict --c99' lib
-
-    msg "size: ARM Compiler 5"
-    "$ARMC5_FROMELF" -z library/*.o
-
-    make clean
-
-    # ARM Compiler 6 - Target ARMv7-A
-    armc6_build_test "--target=arm-arm-none-eabi -march=armv7-a"
-
-    # ARM Compiler 6 - Target ARMv7-M
-    armc6_build_test "--target=arm-arm-none-eabi -march=armv7-m"
-
-    # ARM Compiler 6 - Target ARMv8-A - AArch32
-    armc6_build_test "--target=arm-arm-none-eabi -march=armv8.2-a"
-
-    # ARM Compiler 6 - Target ARMv8-M
-    armc6_build_test "--target=arm-arm-none-eabi -march=armv8-m.main"
-
-    # ARM Compiler 6 - Target ARMv8-A - AArch64
-    armc6_build_test "--target=aarch64-arm-none-eabi -march=armv8.2-a"
-}
-
-component_build_ssl_hw_record_accel() {
-    msg "build: default config with MBEDTLS_SSL_HW_RECORD_ACCEL enabled"
-    scripts/config.pl set MBEDTLS_SSL_HW_RECORD_ACCEL
-    make CFLAGS='-Werror -O1'
-}
-
-component_test_allow_sha1 () {
-    msg "build: allow SHA1 in certificates by default"
-    scripts/config.py set MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
-    make CFLAGS='-Werror -Wall -Wextra'
-    msg "test: allow SHA1 in certificates by default"
-    make test
-    if_build_succeeded tests/ssl-opt.sh -f SHA-1
-}
-
-component_test_tls13_experimental () {
-    msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled"
-    scripts/config.pl set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
-    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-    make
-    msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled"
-    make test
-}
-
-component_build_mingw () {
-    msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s
-    make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib programs
-
-    # note Make tests only builds the tests, but doesn't run them
-    make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror' WINDOWS_BUILD=1 tests
-    make WINDOWS_BUILD=1 clean
-
-    msg "build: Windows cross build - mingw64, make (DLL)" # ~ 30s
-    make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 lib programs
-    make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 tests
-    make WINDOWS_BUILD=1 clean
-}
-support_build_mingw() {
-    case $(i686-w64-mingw32-gcc -dumpversion) in
-        [0-5]*) false;;
-        *) true;;
-    esac
-}
-
-component_test_memsan () {
-    msg "build: MSan (clang)" # ~ 1 min 20s
-    scripts/config.py unset MBEDTLS_AESNI_C # memsan doesn't grok asm
-    CC=clang cmake -D CMAKE_BUILD_TYPE:String=MemSan .
-    make
-
-    msg "test: main suites (MSan)" # ~ 10s
-    make test
-
-    msg "test: ssl-opt.sh (MSan)" # ~ 1 min
-    if_build_succeeded tests/ssl-opt.sh
-
-    # Optional part(s)
-
-    if [ "$MEMORY" -gt 0 ]; then
-        msg "test: compat.sh (MSan)" # ~ 6 min 20s
-        if_build_succeeded tests/compat.sh
-    fi
-}
-
-component_test_valgrind () {
-    msg "build: Release (clang)"
-    CC=clang cmake -D CMAKE_BUILD_TYPE:String=Release .
-    make
-
-    msg "test: main suites valgrind (Release)"
-    make memcheck
-
-    # Optional parts (slow; currently broken on OS X because programs don't
-    # seem to receive signals under valgrind on OS X).
-    if [ "$MEMORY" -gt 0 ]; then
-        msg "test: ssl-opt.sh --memcheck (Release)"
-        if_build_succeeded tests/ssl-opt.sh --memcheck
-    fi
-
-    if [ "$MEMORY" -gt 1 ]; then
-        msg "test: compat.sh --memcheck (Release)"
-        if_build_succeeded tests/compat.sh --memcheck
-    fi
-
-    if [ "$MEMORY" -gt 0 ]; then
-        msg "test: context-info.sh --memcheck (Release)"
-        if_build_succeeded tests/context-info.sh --memcheck
-    fi
-}
-
-component_test_cmake_out_of_source () {
-    msg "build: cmake 'out-of-source' build"
-    MBEDTLS_ROOT_DIR="$PWD"
-    mkdir "$OUT_OF_SOURCE_DIR"
-    cd "$OUT_OF_SOURCE_DIR"
-    cmake "$MBEDTLS_ROOT_DIR"
-    make
-
-    msg "test: cmake 'out-of-source' build"
-    make test
-    # Test an SSL option that requires an auxiliary script in test/scripts/.
-    # Also ensure that there are no error messages such as
-    # "No such file or directory", which would indicate that some required
-    # file is missing (ssl-opt.sh tolerates the absence of some files so
-    # may exit with status 0 but emit errors).
-    if_build_succeeded ./tests/ssl-opt.sh -f 'Fallback SCSV: beginning of list' 2>ssl-opt.err
-    if [ -s ssl-opt.err ]; then
-        cat ssl-opt.err >&2
-        record_status [ ! -s ssl-opt.err ]
-        rm ssl-opt.err
-    fi
-    cd "$MBEDTLS_ROOT_DIR"
-    rm -rf "$OUT_OF_SOURCE_DIR"
-    unset MBEDTLS_ROOT_DIR
-}
-
-component_test_cmake_as_subdirectory () {
-    msg "build: cmake 'as-subdirectory' build"
-    MBEDTLS_ROOT_DIR="$PWD"
-
-    cd programs/test/cmake_subproject
-    cmake .
-    make
-    if_build_succeeded ./cmake_subproject
-
-    cd "$MBEDTLS_ROOT_DIR"
-    unset MBEDTLS_ROOT_DIR
-}
-
-component_test_zeroize () {
-    # Test that the function mbedtls_platform_zeroize() is not optimized away by
-    # different combinations of compilers and optimization flags by using an
-    # auxiliary GDB script. Unfortunately, GDB does not return error values to the
-    # system in all cases that the script fails, so we must manually search the
-    # output to check whether the pass string is present and no failure strings
-    # were printed.
-
-    # Don't try to disable ASLR. We don't care about ASLR here. We do care
-    # about a spurious message if Gdb tries and fails, so suppress that.
-    gdb_disable_aslr=
-    if [ -z "$(gdb -batch -nw -ex 'set disable-randomization off' 2>&1)" ]; then
-        gdb_disable_aslr='set disable-randomization off'
-    fi
-
-    for optimization_flag in -O2 -O3 -Ofast -Os; do
-        for compiler in clang gcc; do
-            msg "test: $compiler $optimization_flag, mbedtls_platform_zeroize()"
-            make programs CC="$compiler" DEBUG=1 CFLAGS="$optimization_flag"
-            if_build_succeeded gdb -ex "$gdb_disable_aslr" -x tests/scripts/test_zeroize.gdb -nw -batch -nx 2>&1 | tee test_zeroize.log
-            if_build_succeeded grep "The buffer was correctly zeroized" test_zeroize.log
-            if_build_succeeded not grep -i "error" test_zeroize.log
-            rm -f test_zeroize.log
-            make clean
-        done
-    done
-
-    unset gdb_disable_aslr
-}
-
-component_check_python_files () {
-    msg "Lint: Python scripts"
-    record_status tests/scripts/check-python-files.sh
-}
-
-component_check_generate_test_code () {
-    msg "uint test: generate_test_code.py"
-    # unittest writes out mundane stuff like number or tests run on stderr.
-    # Our convention is to reserve stderr for actual errors, and write
-    # harmless info on stdout so it can be suppress with --quiet.
-    record_status ./tests/scripts/test_generate_test_code.py 2>&1
-}
-
-################################################################
-#### Termination
-################################################################
-
-post_report () {
-    msg "Done, cleaning up"
-    cleanup
-
-    final_report
-}
-
-
-
-################################################################
-#### Run all the things
-################################################################
-
-# Run one component and clean up afterwards.
-run_component () {
-    # Back up the configuration in case the component modifies it.
-    # The cleanup function will restore it.
-    cp -p "$CONFIG_H" "$CONFIG_BAK"
-    cp -p "$CRYPTO_CONFIG_H" "$CRYPTO_CONFIG_BAK"
-    current_component="$1"
-    export MBEDTLS_TEST_CONFIGURATION="$current_component"
-
-    # Unconditionally create a seedfile that's sufficiently long.
-    # Do this before each component, because a previous component may
-    # have messed it up or shortened it.
-    redirect_err dd if=/dev/urandom of=./tests/seedfile bs=64 count=1
-
-    # Run the component code.
-    if [ $QUIET -eq 1 ]; then
-        # msg() is silenced, so just print the component name here
-        echo "${current_component#component_}"
-    fi
-    redirect_out "$@"
-
-    # Restore the build tree to a clean state.
-    cleanup
-    unset current_component
-}
-
-# Preliminary setup
-pre_check_environment
-pre_initialize_variables
-pre_parse_command_line "$@"
-
-pre_check_git
-
-build_status=0
-if [ $KEEP_GOING -eq 1 ]; then
-    pre_setup_keep_going
-else
-    record_status () {
-        "$@"
-    }
-fi
-pre_setup_quiet_redirect
-pre_prepare_outcome_file
-pre_print_configuration
-pre_check_tools
-cleanup
-
-# Run the requested tests.
-for component in $RUN_COMPONENTS; do
-    run_component "component_$component"
-done
-
-# We're done.
-post_report
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/analyze_outcomes.py b/3rdparty/mbedtls-2.25.0/tests/scripts/analyze_outcomes.py
deleted file mode 100644
index 73f16bd..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/analyze_outcomes.py
+++ /dev/null
@@ -1,131 +0,0 @@
-#!/usr/bin/env python3
-
-"""Analyze the test outcomes from a full CI run.
-
-This script can also run on outcomes from a partial run, but the results are
-less likely to be useful.
-"""
-
-import argparse
-import re
-import sys
-import traceback
-
-import check_test_cases
-
-class Results:
-    """Process analysis results."""
-
-    def __init__(self):
-        self.error_count = 0
-        self.warning_count = 0
-
-    @staticmethod
-    def log(fmt, *args, **kwargs):
-        sys.stderr.write((fmt + '\n').format(*args, **kwargs))
-
-    def error(self, fmt, *args, **kwargs):
-        self.log('Error: ' + fmt, *args, **kwargs)
-        self.error_count += 1
-
-    def warning(self, fmt, *args, **kwargs):
-        self.log('Warning: ' + fmt, *args, **kwargs)
-        self.warning_count += 1
-
-class TestCaseOutcomes:
-    """The outcomes of one test case across many configurations."""
-    # pylint: disable=too-few-public-methods
-
-    def __init__(self):
-        # Collect a list of witnesses of the test case succeeding or failing.
-        # Currently we don't do anything with witnesses except count them.
-        # The format of a witness is determined by the read_outcome_file
-        # function; it's the platform and configuration joined by ';'.
-        self.successes = []
-        self.failures = []
-
-    def hits(self):
-        """Return the number of times a test case has been run.
-
-        This includes passes and failures, but not skips.
-        """
-        return len(self.successes) + len(self.failures)
-
-class TestDescriptions(check_test_cases.TestDescriptionExplorer):
-    """Collect the available test cases."""
-
-    def __init__(self):
-        super().__init__()
-        self.descriptions = set()
-
-    def process_test_case(self, _per_file_state,
-                          file_name, _line_number, description):
-        """Record an available test case."""
-        base_name = re.sub(r'\.[^.]*$', '', re.sub(r'.*/', '', file_name))
-        key = ';'.join([base_name, description.decode('utf-8')])
-        self.descriptions.add(key)
-
-def collect_available_test_cases():
-    """Collect the available test cases."""
-    explorer = TestDescriptions()
-    explorer.walk_all()
-    return sorted(explorer.descriptions)
-
-def analyze_coverage(results, outcomes):
-    """Check that all available test cases are executed at least once."""
-    available = collect_available_test_cases()
-    for key in available:
-        hits = outcomes[key].hits() if key in outcomes else 0
-        if hits == 0:
-            # Make this a warning, not an error, as long as we haven't
-            # fixed this branch to have full coverage of test cases.
-            results.warning('Test case not executed: {}', key)
-
-def analyze_outcomes(outcomes):
-    """Run all analyses on the given outcome collection."""
-    results = Results()
-    analyze_coverage(results, outcomes)
-    return results
-
-def read_outcome_file(outcome_file):
-    """Parse an outcome file and return an outcome collection.
-
-An outcome collection is a dictionary mapping keys to TestCaseOutcomes objects.
-The keys are the test suite name and the test case description, separated
-by a semicolon.
-"""
-    outcomes = {}
-    with open(outcome_file, 'r', encoding='utf-8') as input_file:
-        for line in input_file:
-            (platform, config, suite, case, result, _cause) = line.split(';')
-            key = ';'.join([suite, case])
-            setup = ';'.join([platform, config])
-            if key not in outcomes:
-                outcomes[key] = TestCaseOutcomes()
-            if result == 'PASS':
-                outcomes[key].successes.append(setup)
-            elif result == 'FAIL':
-                outcomes[key].failures.append(setup)
-    return outcomes
-
-def analyze_outcome_file(outcome_file):
-    """Analyze the given outcome file."""
-    outcomes = read_outcome_file(outcome_file)
-    return analyze_outcomes(outcomes)
-
-def main():
-    try:
-        parser = argparse.ArgumentParser(description=__doc__)
-        parser.add_argument('outcomes', metavar='OUTCOMES.CSV',
-                            help='Outcome file to analyze')
-        options = parser.parse_args()
-        results = analyze_outcome_file(options.outcomes)
-        if results.error_count > 0:
-            sys.exit(1)
-    except Exception: # pylint: disable=broad-except
-        # Print the backtrace and exit explicitly with our chosen status.
-        traceback.print_exc()
-        sys.exit(120)
-
-if __name__ == '__main__':
-    main()
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/basic-build-test.sh b/3rdparty/mbedtls-2.25.0/tests/scripts/basic-build-test.sh
deleted file mode 100644
index 64ed145..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/basic-build-test.sh
+++ /dev/null
@@ -1,276 +0,0 @@
-#!/bin/sh
-
-# basic-build-tests.sh
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Purpose
-#
-# Executes the basic test suites, captures the results, and generates a simple
-# test report and code coverage report.
-#
-# The tests include:
-#   * Unit tests                - executed using tests/scripts/run-test-suite.pl
-#   * Self-tests                - executed using the test suites above
-#   * System tests              - executed using tests/ssl-opt.sh
-#   * Interoperability tests    - executed using tests/compat.sh
-#
-# The tests focus on functionality and do not consider performance.
-#
-# Note the tests self-adapt due to configurations in include/mbedtls/config.h
-# which can lead to some tests being skipped, and can cause the number of
-# available tests to fluctuate.
-#
-# This script has been written to be generic and should work on any shell.
-#
-# Usage: basic-build-tests.sh
-#
-
-# Abort on errors (and uninitiliased variables)
-set -eu
-
-if [ -d library -a -d include -a -d tests ]; then :; else
-    echo "Must be run from mbed TLS root" >&2
-    exit 1
-fi
-
-: ${OPENSSL:="openssl"}
-: ${OPENSSL_LEGACY:="$OPENSSL"}
-: ${GNUTLS_CLI:="gnutls-cli"}
-: ${GNUTLS_SERV:="gnutls-serv"}
-: ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"}
-: ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"}
-
-# Used to make ssl-opt.sh deterministic.
-#
-# See also RELEASE_SEED in all.sh. Debugging is easier if both values are kept
-# in sync. If you change the value here because it breaks some tests, you'll
-# definitely want to change it in all.sh as well.
-: ${SEED:=1}
-export SEED
-
-# To avoid setting OpenSSL and GnuTLS for each call to compat.sh and ssl-opt.sh
-# we just export the variables they require
-export OPENSSL_CMD="$OPENSSL"
-export GNUTLS_CLI="$GNUTLS_CLI"
-export GNUTLS_SERV="$GNUTLS_SERV"
-
-CONFIG_H='include/mbedtls/config.h'
-CONFIG_BAK="$CONFIG_H.bak"
-
-# Step 0 - print build environment info
-OPENSSL="$OPENSSL"                           \
-    OPENSSL_LEGACY="$OPENSSL_LEGACY"         \
-    GNUTLS_CLI="$GNUTLS_CLI"                 \
-    GNUTLS_SERV="$GNUTLS_SERV"               \
-    GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI"   \
-    GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" \
-    scripts/output_env.sh
-echo
-
-# Step 1 - Make and instrumented build for code coverage
-export CFLAGS=' --coverage -g3 -O0 '
-export LDFLAGS=' --coverage'
-make clean
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.py full
-make -j
-
-
-# Step 2 - Execute the tests
-TEST_OUTPUT=out_${PPID}
-cd tests
-if [ ! -f "seedfile" ]; then
-    dd if=/dev/urandom of="seedfile" bs=64 count=1
-fi
-echo
-
-# Step 2a - Unit Tests (keep going even if some tests fail)
-echo '################ Unit tests ################'
-perl scripts/run-test-suites.pl -v 2 |tee unit-test-$TEST_OUTPUT
-echo '^^^^^^^^^^^^^^^^ Unit tests ^^^^^^^^^^^^^^^^'
-echo
-
-# Step 2b - System Tests (keep going even if some tests fail)
-echo
-echo '################ ssl-opt.sh ################'
-sh ssl-opt.sh |tee sys-test-$TEST_OUTPUT
-echo '^^^^^^^^^^^^^^^^ ssl-opt.sh ^^^^^^^^^^^^^^^^'
-echo
-
-# Step 2c - Compatibility tests (keep going even if some tests fail)
-echo '################ compat.sh ################'
-{
-    echo '#### compat.sh: Default versions'
-    sh compat.sh -m 'tls1 tls1_1 tls1_2 dtls1 dtls1_2'
-    echo
-
-    echo '#### compat.sh: legacy (SSLv3)'
-    OPENSSL_CMD="$OPENSSL_LEGACY" sh compat.sh -m 'ssl3'
-    echo
-
-    echo '#### compat.sh: legacy (null, DES, RC4)'
-    OPENSSL_CMD="$OPENSSL_LEGACY" \
-    GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" \
-    sh compat.sh -e '^$' -f 'NULL\|DES\|RC4\|ARCFOUR'
-    echo
-
-    echo '#### compat.sh: next (ARIA, ChaCha)'
-    OPENSSL_CMD="$OPENSSL_NEXT" sh compat.sh -e '^$' -f 'ARIA\|CHACHA'
-    echo
-} | tee compat-test-$TEST_OUTPUT
-echo '^^^^^^^^^^^^^^^^ compat.sh ^^^^^^^^^^^^^^^^'
-echo
-
-# Step 3 - Process the coverage report
-cd ..
-{
-    make lcov
-    echo SUCCESS
-} | tee tests/cov-$TEST_OUTPUT
-
-if [ "$(tail -n1 tests/cov-$TEST_OUTPUT)" != "SUCCESS" ]; then
-    echo >&2 "Fatal: 'make lcov' failed"
-    exit 2
-fi
-
-
-# Step 4 - Summarise the test report
-echo
-echo "========================================================================="
-echo "Test Report Summary"
-echo
-
-cd tests
-
-# Step 4a - Unit tests
-echo "Unit tests - tests/scripts/run-test-suites.pl"
-
-PASSED_TESTS=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/test cases passed :[\t]*\([0-9]*\)/\1/p'| tr -d ' ')
-SKIPPED_TESTS=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/skipped :[ \t]*\([0-9]*\)/\1/p'| tr -d ' ')
-TOTAL_SUITES=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/.* (\([0-9]*\) .*, [0-9]* tests run)/\1/p'| tr -d ' ')
-FAILED_TESTS=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/failed :[\t]*\([0-9]*\)/\1/p' |tr -d ' ')
-
-echo "No test suites     : $TOTAL_SUITES"
-echo "Passed             : $PASSED_TESTS"
-echo "Failed             : $FAILED_TESTS"
-echo "Skipped            : $SKIPPED_TESTS"
-echo "Total exec'd tests : $(($PASSED_TESTS + $FAILED_TESTS))"
-echo "Total avail tests  : $(($PASSED_TESTS + $FAILED_TESTS + $SKIPPED_TESTS))"
-echo
-
-TOTAL_PASS=$PASSED_TESTS
-TOTAL_FAIL=$FAILED_TESTS
-TOTAL_SKIP=$SKIPPED_TESTS
-TOTAL_AVAIL=$(($PASSED_TESTS + $FAILED_TESTS + $SKIPPED_TESTS))
-TOTAL_EXED=$(($PASSED_TESTS + $FAILED_TESTS))
-
-# Step 4b - TLS Options tests
-echo "TLS Options tests - tests/ssl-opt.sh"
-
-PASSED_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* (\([0-9]*\) \/ [0-9]* tests ([0-9]* skipped))$/\1/p')
-SKIPPED_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* ([0-9]* \/ [0-9]* tests (\([0-9]*\) skipped))$/\1/p')
-TOTAL_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* ([0-9]* \/ \([0-9]*\) tests ([0-9]* skipped))$/\1/p')
-FAILED_TESTS=$(($TOTAL_TESTS - $PASSED_TESTS))
-
-echo "Passed             : $PASSED_TESTS"
-echo "Failed             : $FAILED_TESTS"
-echo "Skipped            : $SKIPPED_TESTS"
-echo "Total exec'd tests : $TOTAL_TESTS"
-echo "Total avail tests  : $(($TOTAL_TESTS + $SKIPPED_TESTS))"
-echo
-
-TOTAL_PASS=$(($TOTAL_PASS+$PASSED_TESTS))
-TOTAL_FAIL=$(($TOTAL_FAIL+$FAILED_TESTS))
-TOTAL_SKIP=$(($TOTAL_SKIP+$SKIPPED_TESTS))
-TOTAL_AVAIL=$(($TOTAL_AVAIL + $TOTAL_TESTS + $SKIPPED_TESTS))
-TOTAL_EXED=$(($TOTAL_EXED + $TOTAL_TESTS))
-
-
-# Step 4c - System Compatibility tests
-echo "System/Compatibility tests - tests/compat.sh"
-
-PASSED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* (\([0-9]*\) \/ [0-9]* tests ([0-9]* skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }')
-SKIPPED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* ([0-9]* \/ [0-9]* tests (\([0-9]*\) skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }')
-EXED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* ([0-9]* \/ \([0-9]*\) tests ([0-9]* skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }')
-FAILED_TESTS=$(($EXED_TESTS - $PASSED_TESTS))
-
-echo "Passed             : $PASSED_TESTS"
-echo "Failed             : $FAILED_TESTS"
-echo "Skipped            : $SKIPPED_TESTS"
-echo "Total exec'd tests : $EXED_TESTS"
-echo "Total avail tests  : $(($EXED_TESTS + $SKIPPED_TESTS))"
-echo
-
-TOTAL_PASS=$(($TOTAL_PASS+$PASSED_TESTS))
-TOTAL_FAIL=$(($TOTAL_FAIL+$FAILED_TESTS))
-TOTAL_SKIP=$(($TOTAL_SKIP+$SKIPPED_TESTS))
-TOTAL_AVAIL=$(($TOTAL_AVAIL + $EXED_TESTS + $SKIPPED_TESTS))
-TOTAL_EXED=$(($TOTAL_EXED + $EXED_TESTS))
-
-
-# Step 4d - Grand totals
-echo "-------------------------------------------------------------------------"
-echo "Total tests"
-
-echo "Total Passed       : $TOTAL_PASS"
-echo "Total Failed       : $TOTAL_FAIL"
-echo "Total Skipped      : $TOTAL_SKIP"
-echo "Total exec'd tests : $TOTAL_EXED"
-echo "Total avail tests  : $TOTAL_AVAIL"
-echo
-
-
-# Step 4e - Coverage
-echo "Coverage"
-
-LINES_TESTED=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/  lines......: [0-9]*.[0-9]% (\([0-9]*\) of [0-9]* lines)/\1/p')
-LINES_TOTAL=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/  lines......: [0-9]*.[0-9]% ([0-9]* of \([0-9]*\) lines)/\1/p')
-FUNCS_TESTED=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/  functions..: [0-9]*.[0-9]% (\([0-9]*\) of [0-9]* functions)$/\1/p')
-FUNCS_TOTAL=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/  functions..: [0-9]*.[0-9]% ([0-9]* of \([0-9]*\) functions)$/\1/p')
-BRANCHES_TESTED=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/  branches...: [0-9]*.[0-9]% (\([0-9]*\) of [0-9]* branches)$/\1/p')
-BRANCHES_TOTAL=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/  branches...: [0-9]*.[0-9]% ([0-9]* of \([0-9]*\) branches)$/\1/p')
-
-LINES_PERCENT=$((1000*$LINES_TESTED/$LINES_TOTAL))
-LINES_PERCENT="$(($LINES_PERCENT/10)).$(($LINES_PERCENT-($LINES_PERCENT/10)*10))"
-
-FUNCS_PERCENT=$((1000*$FUNCS_TESTED/$FUNCS_TOTAL))
-FUNCS_PERCENT="$(($FUNCS_PERCENT/10)).$(($FUNCS_PERCENT-($FUNCS_PERCENT/10)*10))"
-
-BRANCHES_PERCENT=$((1000*$BRANCHES_TESTED/$BRANCHES_TOTAL))
-BRANCHES_PERCENT="$(($BRANCHES_PERCENT/10)).$(($BRANCHES_PERCENT-($BRANCHES_PERCENT/10)*10))"
-
-echo "Lines Tested       : $LINES_TESTED of $LINES_TOTAL $LINES_PERCENT%"
-echo "Functions Tested   : $FUNCS_TESTED of $FUNCS_TOTAL $FUNCS_PERCENT%"
-echo "Branches Tested    : $BRANCHES_TESTED of $BRANCHES_TOTAL $BRANCHES_PERCENT%"
-echo
-
-rm unit-test-$TEST_OUTPUT
-rm sys-test-$TEST_OUTPUT
-rm compat-test-$TEST_OUTPUT
-rm cov-$TEST_OUTPUT
-
-cd ..
-
-make clean
-
-if [ -f "$CONFIG_BAK" ]; then
-    mv "$CONFIG_BAK" "$CONFIG_H"
-fi
-
-if [ $TOTAL_FAIL -ne 0 ]; then
-    exit 1
-fi
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/basic-in-docker.sh b/3rdparty/mbedtls-2.25.0/tests/scripts/basic-in-docker.sh
deleted file mode 100644
index 50bcb05..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/basic-in-docker.sh
+++ /dev/null
@@ -1,45 +0,0 @@
-#!/bin/bash -eu
-
-# basic-in-docker.sh
-#
-# Purpose
-# -------
-# This runs sanity checks and library tests in a Docker container. The tests
-# are run for both clang and gcc. The testing includes a full test run
-# in the default configuration, partial test runs in the reference
-# configurations, and some dependency tests.
-#
-# Notes for users
-# ---------------
-# See docker_env.sh for prerequisites and other information.
-
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#  http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-source tests/scripts/docker_env.sh
-
-run_in_docker tests/scripts/all.sh 'check_*'
-
-for compiler in clang gcc; do
-    run_in_docker -e CC=${compiler} cmake -D CMAKE_BUILD_TYPE:String="Check" .
-    run_in_docker -e CC=${compiler} make
-    run_in_docker -e CC=${compiler} make test
-    run_in_docker programs/test/selftest
-    run_in_docker -e OSSL_NO_DTLS=1 tests/compat.sh
-    run_in_docker tests/ssl-opt.sh -e '\(DTLS\|SCSV\).*openssl'
-    run_in_docker tests/scripts/test-ref-configs.pl
-    run_in_docker tests/scripts/curves.pl
-    run_in_docker tests/scripts/key-exchanges.pl
-done
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/check-doxy-blocks.pl b/3rdparty/mbedtls-2.25.0/tests/scripts/check-doxy-blocks.pl
deleted file mode 100644
index 3ed7069..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/check-doxy-blocks.pl
+++ /dev/null
@@ -1,79 +0,0 @@
-#!/usr/bin/env perl
-
-# Detect comment blocks that are likely meant to be doxygen blocks but aren't.
-#
-# More precisely, look for normal comment block containing '\'.
-# Of course one could use doxygen warnings, eg with:
-#   sed -e '/EXTRACT/s/YES/NO/' doxygen/mbedtls.doxyfile | doxygen -
-# but that would warn about any undocumented item, while our goal is to find
-# items that are documented, but not marked as such by mistake.
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-use warnings;
-use strict;
-use File::Basename;
-
-# C/header files in the following directories will be checked
-my @directories = qw(include/mbedtls library doxygen/input);
-
-# very naive pattern to find directives:
-# everything with a backslach except '\0' and backslash at EOL
-my $doxy_re = qr/\\(?!0|\n)/;
-
-# Return an error code to the environment if a potential error in the
-# source code is found.
-my $exit_code = 0;
-
-sub check_file {
-    my ($fname) = @_;
-    open my $fh, '<', $fname or die "Failed to open '$fname': $!\n";
-
-    # first line of the last normal comment block,
-    # or 0 if not in a normal comment block
-    my $block_start = 0;
-    while (my $line = <$fh>) {
-        $block_start = $.   if $line =~ m/\/\*(?![*!])/;
-        $block_start = 0    if $line =~ m/\*\//;
-        if ($block_start and $line =~ m/$doxy_re/) {
-            print "$fname:$block_start: directive on line $.\n";
-            $block_start = 0; # report only one directive per block
-            $exit_code = 1;
-        }
-    }
-
-    close $fh;
-}
-
-sub check_dir {
-    my ($dirname) = @_;
-    for my $file (<$dirname/*.[ch]>) {
-        check_file($file);
-    }
-}
-
-# Check that the script is being run from the project's root directory.
-for my $dir (@directories) {
-    if (! -d $dir) {
-        die "This script must be run from the mbed TLS root directory";
-    } else {
-        check_dir($dir)
-    }
-}
-
-exit $exit_code;
-
-__END__
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/check-generated-files.sh b/3rdparty/mbedtls-2.25.0/tests/scripts/check-generated-files.sh
deleted file mode 100644
index 845d1c6..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/check-generated-files.sh
+++ /dev/null
@@ -1,108 +0,0 @@
-#! /usr/bin/env sh
-
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Purpose
-#
-# Check if generated files are up-to-date.
-
-set -eu
-
-if [ $# -ne 0 ] && [ "$1" = "--help" ]; then
-    cat <<EOF
-$0 [-u]
-This script checks that all generated file are up-to-date. If some aren't, by
-default the scripts reports it and exits in error; with the -u option, it just
-updates them instead.
-
-  -u    Update the files rather than return an error for out-of-date files.
-EOF
-    exit
-fi
-
-if [ -d library -a -d include -a -d tests ]; then :; else
-    echo "Must be run from mbed TLS root" >&2
-    exit 1
-fi
-
-UPDATE=
-if [ $# -ne 0 ] && [ "$1" = "-u" ]; then
-    shift
-    UPDATE='y'
-fi
-
-check()
-{
-    SCRIPT=$1
-    TO_CHECK=$2
-    PATTERN=""
-    FILES=""
-
-    if [ -d $TO_CHECK ]; then
-        for FILE in $TO_CHECK/*; do
-            FILES="$FILE $FILES"
-        done
-    else
-        FILES=$TO_CHECK
-    fi
-
-    for FILE in $FILES; do
-        cp $FILE $FILE.bak
-    done
-
-    $SCRIPT
-
-    # Compare the script output to the old files and remove backups
-    for FILE in $FILES; do
-        if ! diff $FILE $FILE.bak >/dev/null 2>&1; then
-            echo "'$FILE' was either modified or deleted by '$SCRIPT'"
-            if [ -z "$UPDATE" ]; then
-                exit 1
-            fi
-        fi
-        if [ -z "$UPDATE" ]; then
-            mv $FILE.bak $FILE
-        else
-            rm $FILE.bak
-        fi
-
-        if [ -d $TO_CHECK ]; then
-            # Create a grep regular expression that we can check against the
-            # directory contents to test whether new files have been created
-            if [ -z $PATTERN ]; then
-                PATTERN="$(basename $FILE)"
-            else
-                PATTERN="$PATTERN\|$(basename $FILE)"
-            fi
-        fi
-    done
-
-    if [ -d $TO_CHECK ]; then
-        # Check if there are any new files
-        if ls -1 $TO_CHECK | grep -v "$PATTERN" >/dev/null 2>&1; then
-            echo "Files were created by '$SCRIPT'"
-            if [ -z "$UPDATE" ]; then
-                exit 1
-            fi
-        fi
-    fi
-}
-
-check scripts/generate_errors.pl library/error.c
-check scripts/generate_query_config.pl programs/test/query_config.c
-check scripts/generate_features.pl library/version_features.c
-check scripts/generate_visualc_files.pl visualc/VS2010
-check scripts/generate_psa_constants.py programs/psa/psa_constant_names_generated.c
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/check-names.sh b/3rdparty/mbedtls-2.25.0/tests/scripts/check-names.sh
deleted file mode 100644
index 55f76da..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/check-names.sh
+++ /dev/null
@@ -1,133 +0,0 @@
-#!/bin/sh
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-set -eu
-
-if [ $# -ne 0 ] && [ "$1" = "--help" ]; then
-    cat <<EOF
-$0 [-v]
-This script confirms that the naming of all symbols and identifiers in mbed
-TLS are consistent with the house style and are also self-consistent.
-
-  -v    If the script fails unexpectedly, print a command trace.
-EOF
-    exit
-fi
-
-if grep --version|head -n1|grep GNU >/dev/null; then :; else
-    echo "This script requires GNU grep.">&2
-    exit 1
-fi
-
-trace=
-if [ $# -ne 0 ] && [ "$1" = "-v" ]; then
-  shift
-  trace='-x'
-  exec 2>check-names.err
-  trap 'echo "FAILED UNEXPECTEDLY, status=$?";
-        cat check-names.err' EXIT
-  set -x
-fi
-
-printf "Analysing source code...\n"
-
-sh $trace tests/scripts/list-macros.sh
-tests/scripts/list-enum-consts.pl
-sh $trace tests/scripts/list-identifiers.sh
-sh $trace tests/scripts/list-symbols.sh
-
-FAIL=0
-
-printf "\nExported symbols declared in header: "
-UNDECLARED=$( diff exported-symbols identifiers | sed -n -e 's/^< //p' )
-if [ "x$UNDECLARED" = "x" ]; then
-    echo "PASS"
-else
-    echo "FAIL"
-    echo "$UNDECLARED"
-    FAIL=1
-fi
-
-diff macros identifiers | sed -n -e 's/< //p' > actual-macros
-
-for THING in actual-macros enum-consts; do
-    printf 'Names of %s: ' "$THING"
-    test -r $THING
-    BAD=$( grep -E -v '^(MBEDTLS|PSA)_[0-9A-Z_]*[0-9A-Z]$' $THING || true )
-    UNDERSCORES=$( grep -E '.*__.*' $THING || true )
-
-    if [ "x$BAD" = "x" ] && [ "x$UNDERSCORES" = "x" ]; then
-        echo "PASS"
-    else
-        echo "FAIL"
-        echo "$BAD"
-        echo "$UNDERSCORES"
-        FAIL=1
-    fi
-done
-
-for THING in identifiers; do
-    printf 'Names of %s: ' "$THING"
-    test -r $THING
-    BAD=$( grep -E -v '^(mbedtls|psa)_[0-9a-z_]*[0-9a-z]$' $THING || true )
-    if [ "x$BAD" = "x" ]; then
-        echo "PASS"
-    else
-        echo "FAIL"
-        echo "$BAD"
-        FAIL=1
-    fi
-done
-
-printf "Likely typos: "
-sort -u actual-macros enum-consts > _caps
-HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-1\.3\.h' )
-HEADERS="$HEADERS library/*.h"
-HEADERS="$HEADERS 3rdparty/everest/include/everest/everest.h 3rdparty/everest/include/everest/x25519.h"
-LIBRARY="$( ls library/*.c )"
-LIBRARY="$LIBRARY 3rdparty/everest/library/everest.c 3rdparty/everest/library/x25519.c"
-NL='
-'
-sed -n 's/MBED..._[A-Z0-9_]*/\'"$NL"'&\'"$NL"/gp \
-    $HEADERS $LIBRARY \
-    | grep MBEDTLS | sort -u > _MBEDTLS_XXX
-TYPOS=$( diff _caps _MBEDTLS_XXX | sed -n 's/^> //p' \
-            | egrep -v 'XXX|__|_$|^MBEDTLS_.*CONFIG_FILE$' || true )
-rm _MBEDTLS_XXX _caps
-if [ "x$TYPOS" = "x" ]; then
-    echo "PASS"
-else
-    echo "FAIL"
-    echo "$TYPOS"
-    FAIL=1
-fi
-
-if [ -n "$trace" ]; then
-  set +x
-  trap - EXIT
-  rm check-names.err
-fi
-
-printf "\nOverall: "
-if [ "$FAIL" -eq 0 ]; then
-    rm macros actual-macros enum-consts identifiers exported-symbols
-    echo "PASSED"
-    exit 0
-else
-    echo "FAILED"
-    exit 1
-fi
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/check-python-files.sh b/3rdparty/mbedtls-2.25.0/tests/scripts/check-python-files.sh
deleted file mode 100644
index 518c423..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/check-python-files.sh
+++ /dev/null
@@ -1,29 +0,0 @@
-#! /usr/bin/env sh
-
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Purpose:
-#
-# Run 'pylint' on Python files for programming errors and helps enforcing
-# PEP8 coding standards.
-
-if type python3 >/dev/null 2>/dev/null; then
-    PYTHON=python3
-else
-    PYTHON=python
-fi
-
-$PYTHON -m pylint -j 2 scripts/*.py tests/scripts/*.py
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/check_files.py b/3rdparty/mbedtls-2.25.0/tests/scripts/check_files.py
deleted file mode 100644
index 13fee9d..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/check_files.py
+++ /dev/null
@@ -1,354 +0,0 @@
-#!/usr/bin/env python3
-
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""
-This script checks the current state of the source code for minor issues,
-including incorrect file permissions, presence of tabs, non-Unix line endings,
-trailing whitespace, and presence of UTF-8 BOM.
-Note: requires python 3, must be run from Mbed TLS root.
-"""
-
-import os
-import argparse
-import logging
-import codecs
-import re
-import subprocess
-import sys
-
-
-class FileIssueTracker:
-    """Base class for file-wide issue tracking.
-
-    To implement a checker that processes a file as a whole, inherit from
-    this class and implement `check_file_for_issue` and define ``heading``.
-
-    ``suffix_exemptions``: files whose name ends with a string in this set
-     will not be checked.
-
-    ``path_exemptions``: files whose path (relative to the root of the source
-    tree) matches this regular expression will not be checked. This can be
-    ``None`` to match no path. Paths are normalized and converted to ``/``
-    separators before matching.
-
-    ``heading``: human-readable description of the issue
-    """
-
-    suffix_exemptions = frozenset()
-    path_exemptions = None
-    # heading must be defined in derived classes.
-    # pylint: disable=no-member
-
-    def __init__(self):
-        self.files_with_issues = {}
-
-    @staticmethod
-    def normalize_path(filepath):
-        """Normalize ``filepath`` with / as the directory separator."""
-        filepath = os.path.normpath(filepath)
-        # On Windows, we may have backslashes to separate directories.
-        # We need slashes to match exemption lists.
-        seps = os.path.sep
-        if os.path.altsep is not None:
-            seps += os.path.altsep
-        return '/'.join(filepath.split(seps))
-
-    def should_check_file(self, filepath):
-        """Whether the given file name should be checked.
-
-        Files whose name ends with a string listed in ``self.suffix_exemptions``
-        or whose path matches ``self.path_exemptions`` will not be checked.
-        """
-        for files_exemption in self.suffix_exemptions:
-            if filepath.endswith(files_exemption):
-                return False
-        if self.path_exemptions and \
-           re.match(self.path_exemptions, self.normalize_path(filepath)):
-            return False
-        return True
-
-    def check_file_for_issue(self, filepath):
-        """Check the specified file for the issue that this class is for.
-
-        Subclasses must implement this method.
-        """
-        raise NotImplementedError
-
-    def record_issue(self, filepath, line_number):
-        """Record that an issue was found at the specified location."""
-        if filepath not in self.files_with_issues.keys():
-            self.files_with_issues[filepath] = []
-        self.files_with_issues[filepath].append(line_number)
-
-    def output_file_issues(self, logger):
-        """Log all the locations where the issue was found."""
-        if self.files_with_issues.values():
-            logger.info(self.heading)
-            for filename, lines in sorted(self.files_with_issues.items()):
-                if lines:
-                    logger.info("{}: {}".format(
-                        filename, ", ".join(str(x) for x in lines)
-                    ))
-                else:
-                    logger.info(filename)
-            logger.info("")
-
-BINARY_FILE_PATH_RE_LIST = [
-    r'docs/.*\.pdf\Z',
-    r'programs/fuzz/corpuses/[^.]+\Z',
-    r'tests/data_files/[^.]+\Z',
-    r'tests/data_files/.*\.(crt|csr|db|der|key|pubkey)\Z',
-    r'tests/data_files/.*\.req\.[^/]+\Z',
-    r'tests/data_files/.*malformed[^/]+\Z',
-    r'tests/data_files/format_pkcs12\.fmt\Z',
-]
-BINARY_FILE_PATH_RE = re.compile('|'.join(BINARY_FILE_PATH_RE_LIST))
-
-class LineIssueTracker(FileIssueTracker):
-    """Base class for line-by-line issue tracking.
-
-    To implement a checker that processes files line by line, inherit from
-    this class and implement `line_with_issue`.
-    """
-
-    # Exclude binary files.
-    path_exemptions = BINARY_FILE_PATH_RE
-
-    def issue_with_line(self, line, filepath):
-        """Check the specified line for the issue that this class is for.
-
-        Subclasses must implement this method.
-        """
-        raise NotImplementedError
-
-    def check_file_line(self, filepath, line, line_number):
-        if self.issue_with_line(line, filepath):
-            self.record_issue(filepath, line_number)
-
-    def check_file_for_issue(self, filepath):
-        """Check the lines of the specified file.
-
-        Subclasses must implement the ``issue_with_line`` method.
-        """
-        with open(filepath, "rb") as f:
-            for i, line in enumerate(iter(f.readline, b"")):
-                self.check_file_line(filepath, line, i + 1)
-
-
-def is_windows_file(filepath):
-    _root, ext = os.path.splitext(filepath)
-    return ext in ('.bat', '.dsp', '.dsw', '.sln', '.vcxproj')
-
-
-class PermissionIssueTracker(FileIssueTracker):
-    """Track files with bad permissions.
-
-    Files that are not executable scripts must not be executable."""
-
-    heading = "Incorrect permissions:"
-
-    def check_file_for_issue(self, filepath):
-        is_executable = os.access(filepath, os.X_OK)
-        should_be_executable = filepath.endswith((".sh", ".pl", ".py"))
-        if is_executable != should_be_executable:
-            self.files_with_issues[filepath] = None
-
-
-class EndOfFileNewlineIssueTracker(FileIssueTracker):
-    """Track files that end with an incomplete line
-    (no newline character at the end of the last line)."""
-
-    heading = "Missing newline at end of file:"
-
-    path_exemptions = BINARY_FILE_PATH_RE
-
-    def check_file_for_issue(self, filepath):
-        with open(filepath, "rb") as f:
-            try:
-                f.seek(-1, 2)
-            except OSError:
-                # This script only works on regular files. If we can't seek
-                # 1 before the end, it means that this position is before
-                # the beginning of the file, i.e. that the file is empty.
-                return
-            if f.read(1) != b"\n":
-                self.files_with_issues[filepath] = None
-
-
-class Utf8BomIssueTracker(FileIssueTracker):
-    """Track files that start with a UTF-8 BOM.
-    Files should be ASCII or UTF-8. Valid UTF-8 does not start with a BOM."""
-
-    heading = "UTF-8 BOM present:"
-
-    suffix_exemptions = frozenset([".vcxproj", ".sln"])
-    path_exemptions = BINARY_FILE_PATH_RE
-
-    def check_file_for_issue(self, filepath):
-        with open(filepath, "rb") as f:
-            if f.read().startswith(codecs.BOM_UTF8):
-                self.files_with_issues[filepath] = None
-
-
-class UnixLineEndingIssueTracker(LineIssueTracker):
-    """Track files with non-Unix line endings (i.e. files with CR)."""
-
-    heading = "Non-Unix line endings:"
-
-    def should_check_file(self, filepath):
-        if not super().should_check_file(filepath):
-            return False
-        return not is_windows_file(filepath)
-
-    def issue_with_line(self, line, _filepath):
-        return b"\r" in line
-
-
-class WindowsLineEndingIssueTracker(LineIssueTracker):
-    """Track files with non-Windows line endings (i.e. CR or LF not in CRLF)."""
-
-    heading = "Non-Windows line endings:"
-
-    def should_check_file(self, filepath):
-        if not super().should_check_file(filepath):
-            return False
-        return is_windows_file(filepath)
-
-    def issue_with_line(self, line, _filepath):
-        return not line.endswith(b"\r\n") or b"\r" in line[:-2]
-
-
-class TrailingWhitespaceIssueTracker(LineIssueTracker):
-    """Track lines with trailing whitespace."""
-
-    heading = "Trailing whitespace:"
-    suffix_exemptions = frozenset([".dsp", ".md"])
-
-    def issue_with_line(self, line, _filepath):
-        return line.rstrip(b"\r\n") != line.rstrip()
-
-
-class TabIssueTracker(LineIssueTracker):
-    """Track lines with tabs."""
-
-    heading = "Tabs present:"
-    suffix_exemptions = frozenset([
-        ".pem", # some openssl dumps have tabs
-        ".sln",
-        "/Makefile",
-        "/Makefile.inc",
-        "/generate_visualc_files.pl",
-    ])
-
-    def issue_with_line(self, line, _filepath):
-        return b"\t" in line
-
-
-class MergeArtifactIssueTracker(LineIssueTracker):
-    """Track lines with merge artifacts.
-    These are leftovers from a ``git merge`` that wasn't fully edited."""
-
-    heading = "Merge artifact:"
-
-    def issue_with_line(self, line, _filepath):
-        # Detect leftover git conflict markers.
-        if line.startswith(b'<<<<<<< ') or line.startswith(b'>>>>>>> '):
-            return True
-        if line.startswith(b'||||||| '): # from merge.conflictStyle=diff3
-            return True
-        if line.rstrip(b'\r\n') == b'=======' and \
-           not _filepath.endswith('.md'):
-            return True
-        return False
-
-
-class IntegrityChecker:
-    """Sanity-check files under the current directory."""
-
-    def __init__(self, log_file):
-        """Instantiate the sanity checker.
-        Check files under the current directory.
-        Write a report of issues to log_file."""
-        self.check_repo_path()
-        self.logger = None
-        self.setup_logger(log_file)
-        self.issues_to_check = [
-            PermissionIssueTracker(),
-            EndOfFileNewlineIssueTracker(),
-            Utf8BomIssueTracker(),
-            UnixLineEndingIssueTracker(),
-            WindowsLineEndingIssueTracker(),
-            TrailingWhitespaceIssueTracker(),
-            TabIssueTracker(),
-            MergeArtifactIssueTracker(),
-        ]
-
-    @staticmethod
-    def check_repo_path():
-        if not all(os.path.isdir(d) for d in ["include", "library", "tests"]):
-            raise Exception("Must be run from Mbed TLS root")
-
-    def setup_logger(self, log_file, level=logging.INFO):
-        self.logger = logging.getLogger()
-        self.logger.setLevel(level)
-        if log_file:
-            handler = logging.FileHandler(log_file)
-            self.logger.addHandler(handler)
-        else:
-            console = logging.StreamHandler()
-            self.logger.addHandler(console)
-
-    @staticmethod
-    def collect_files():
-        bytes_output = subprocess.check_output(['git', 'ls-files', '-z'])
-        bytes_filepaths = bytes_output.split(b'\0')[:-1]
-        ascii_filepaths = map(lambda fp: fp.decode('ascii'), bytes_filepaths)
-        # Prepend './' to files in the top-level directory so that
-        # something like `'/Makefile' in fp` matches in the top-level
-        # directory as well as in subdirectories.
-        return [fp if os.path.dirname(fp) else os.path.join(os.curdir, fp)
-                for fp in ascii_filepaths]
-
-    def check_files(self):
-        for issue_to_check in self.issues_to_check:
-            for filepath in self.collect_files():
-                if issue_to_check.should_check_file(filepath):
-                    issue_to_check.check_file_for_issue(filepath)
-
-    def output_issues(self):
-        integrity_return_code = 0
-        for issue_to_check in self.issues_to_check:
-            if issue_to_check.files_with_issues:
-                integrity_return_code = 1
-            issue_to_check.output_file_issues(self.logger)
-        return integrity_return_code
-
-
-def run_main():
-    parser = argparse.ArgumentParser(description=__doc__)
-    parser.add_argument(
-        "-l", "--log_file", type=str, help="path to optional output log",
-    )
-    check_args = parser.parse_args()
-    integrity_check = IntegrityChecker(check_args.log_file)
-    integrity_check.check_files()
-    return_code = integrity_check.output_issues()
-    sys.exit(return_code)
-
-
-if __name__ == "__main__":
-    run_main()
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/curves.pl b/3rdparty/mbedtls-2.25.0/tests/scripts/curves.pl
deleted file mode 100644
index 188bd29..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/curves.pl
+++ /dev/null
@@ -1,144 +0,0 @@
-#!/usr/bin/env perl
-
-# curves.pl
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Purpose
-#
-# The purpose of this test script is to validate that the library works
-# with any combination of elliptic curves. To this effect, build the library
-# and run the test suite with each tested combination of elliptic curves.
-#
-# Testing all 2^n combinations would be too much, so we only test 2*n:
-#
-# 1. Test with a single curve, for each curve. This validates that the
-#    library works with any curve, and in particular that curve-specific
-#    code is guarded by the proper preprocessor conditionals.
-# 2. Test with all curves except one, for each curve. This validates that
-#    the test cases have correct dependencies. Testing with a single curve
-#    doesn't validate this for tests that require more than one curve.
-
-# Usage: tests/scripts/curves.pl
-#
-# This script should be executed from the root of the project directory.
-#
-# Only curves that are enabled in config.h will be tested.
-#
-# For best effect, run either with cmake disabled, or cmake enabled in a mode
-# that includes -Werror.
-
-use warnings;
-use strict;
-
--d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n";
-
-my $sed_cmd = 's/^#define \(MBEDTLS_ECP_DP.*_ENABLED\)/\1/p';
-my $config_h = 'include/mbedtls/config.h';
-my @curves = split( /\s+/, `sed -n -e '$sed_cmd' $config_h` );
-
-# Determine which curves support ECDSA by checking the dependencies of
-# ECDSA in check_config.h.
-my %curve_supports_ecdsa = ();
-{
-    local $/ = "";
-    local *CHECK_CONFIG;
-    open(CHECK_CONFIG, '<', 'include/mbedtls/check_config.h')
-        or die "open include/mbedtls/check_config.h: $!";
-    while (my $stanza = <CHECK_CONFIG>) {
-        if ($stanza =~ /\A#if defined\(MBEDTLS_ECDSA_C\)/) {
-            for my $curve ($stanza =~ /(?<=\()MBEDTLS_ECP_DP_\w+_ENABLED(?=\))/g) {
-                $curve_supports_ecdsa{$curve} = 1;
-            }
-            last;
-        }
-    }
-    close(CHECK_CONFIG);
-}
-
-system( "cp $config_h $config_h.bak" ) and die;
-sub abort {
-    system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
-    # use an exit code between 1 and 124 for git bisect (die returns 255)
-    warn $_[0];
-    exit 1;
-}
-
-# Disable all the curves. We'll then re-enable them one by one.
-for my $curve (@curves) {
-    system( "scripts/config.pl unset $curve" )
-        and abort "Failed to disable $curve\n";
-}
-# Depends on a specific curve. Also, ignore error if it wasn't enabled.
-system( "scripts/config.pl unset MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED" );
-
-# Test with only $curve enabled, for each $curve.
-for my $curve (@curves) {
-    system( "make clean" ) and die;
-
-    print "\n******************************************\n";
-    print "* Testing with only curve: $curve\n";
-    print "******************************************\n";
-    $ENV{MBEDTLS_TEST_CONFIGURATION} = "$curve";
-
-    system( "scripts/config.pl set $curve" )
-        and abort "Failed to enable $curve\n";
-
-    my $ecdsa = $curve_supports_ecdsa{$curve} ? "set" : "unset";
-    for my $dep (qw(MBEDTLS_ECDSA_C
-                    MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
-                    MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)) {
-        system( "scripts/config.pl $ecdsa $dep" )
-            and abort "Failed to $ecdsa $dep\n";
-    }
-
-    system( "CFLAGS='-Werror -Wall -Wextra' make" )
-        and abort "Failed to build: only $curve\n";
-    system( "make test" )
-        and abort "Failed test suite: only $curve\n";
-
-    system( "scripts/config.pl unset $curve" )
-        and abort "Failed to disable $curve\n";
-}
-
-system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n";
-
-# Test with $curve disabled but the others enabled, for each $curve.
-for my $curve (@curves) {
-    system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n";
-    system( "make clean" ) and die;
-
-    # depends on a specific curve. Also, ignore error if it wasn't enabled
-    system( "scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED" );
-
-    print "\n******************************************\n";
-    print "* Testing without curve: $curve\n";
-    print "******************************************\n";
-    $ENV{MBEDTLS_TEST_CONFIGURATION} = "-$curve";
-
-    system( "scripts/config.py unset $curve" )
-        and abort "Failed to disable $curve\n";
-
-    system( "CFLAGS='-Werror -Wall -Wextra' make" )
-        and abort "Failed to build: all but $curve\n";
-    system( "make test" )
-        and abort "Failed test suite: all but $curve\n";
-
-}
-
-system( "mv $config_h.bak $config_h" ) and die "$config_h not restored\n";
-system( "make clean" ) and die;
-exit 0;
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/depends-hashes.pl b/3rdparty/mbedtls-2.25.0/tests/scripts/depends-hashes.pl
deleted file mode 100644
index f5de7d9..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/depends-hashes.pl
+++ /dev/null
@@ -1,101 +0,0 @@
-#!/usr/bin/env perl
-
-# depends-hashes.pl
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Purpose
-#
-# To test the code dependencies on individual hashes in each test suite. This
-# is a verification step to ensure we don't ship test suites that do not work
-# for some build options.
-#
-# The process is:
-#       for each possible hash
-#           build the library and test suites with the hash disabled
-#           execute the test suites
-#
-# And any test suite with the wrong dependencies will fail.
-#
-# Usage: tests/scripts/depends-hashes.pl
-#
-# This script should be executed from the root of the project directory.
-#
-# For best effect, run either with cmake disabled, or cmake enabled in a mode
-# that includes -Werror.
-
-use warnings;
-use strict;
-
--d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n";
-
-my $config_h = 'include/mbedtls/config.h';
-
-# as many SSL options depend on specific hashes,
-# and SSL is not in the test suites anyways,
-# disable it to avoid dependcies issues
-my $ssl_sed_cmd = 's/^#define \(MBEDTLS_SSL.*\)/\1/p';
-my @ssl = split( /\s+/, `sed -n -e '$ssl_sed_cmd' $config_h` );
-
-# for md we want to catch MD5_C but not MD_C, hence the extra dot
-my $mdx_sed_cmd = 's/^#define \(MBEDTLS_MD..*_C\)/\1/p';
-my $sha_sed_cmd = 's/^#define \(MBEDTLS_SHA.*_C\)/\1/p';
-my @hash_modules = split( /\s+/,
-                    `sed -n -e '$mdx_sed_cmd' -e '$sha_sed_cmd' $config_h` );
-
-# there are also negative options for truncated variants, disabled by default
-my $sha_trunc_sed_cmd = 's/^\/\/#define \(MBEDTLS_SHA..._NO_.*\)/\1/p';
-my @hash_negatives = split( /\s+/,
-                    `sed -n -e '$sha_trunc_sed_cmd' $config_h` );
-
-# list hash options with corresponding actions
-my @hashes = ((map { "unset $_" } @hash_modules),
-              (map { "set $_" } @hash_negatives));
-
-system( "cp $config_h $config_h.bak" ) and die;
-sub abort {
-    system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
-    # use an exit code between 1 and 124 for git bisect (die returns 255)
-    warn $_[0];
-    exit 1;
-}
-
-for my $hash (@hashes) {
-    system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n";
-    system( "make clean" ) and die;
-
-    print "\n******************************************\n";
-    print "* Testing hash option: $hash\n";
-    print "******************************************\n";
-    $ENV{MBEDTLS_TEST_CONFIGURATION} = "-$hash";
-
-    system( "scripts/config.py $hash" )
-        and abort "Failed to $hash\n";
-
-    for my $opt (@ssl) {
-        system( "scripts/config.py unset $opt" )
-            and abort "Failed to disable $opt\n";
-    }
-
-    system( "CFLAGS='-Werror -Wall -Wextra' make lib" )
-        and abort "Failed to build lib: $hash\n";
-    system( "cd tests && make" ) and abort "Failed to build tests: $hash\n";
-    system( "make test" ) and abort "Failed test suite: $hash\n";
-}
-
-system( "mv $config_h.bak $config_h" ) and die "$config_h not restored\n";
-system( "make clean" ) and die;
-exit 0;
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/depends-pkalgs.pl b/3rdparty/mbedtls-2.25.0/tests/scripts/depends-pkalgs.pl
deleted file mode 100644
index 2ad4a7c..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/depends-pkalgs.pl
+++ /dev/null
@@ -1,107 +0,0 @@
-#!/usr/bin/env perl
-
-# depends-pkalgs.pl
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Purpose
-#
-# To test the code dependencies on individual PK algs (those that can be used
-# from the PK layer, so currently signature and encryption but not key
-# exchange) in each test suite. This is a verification step to ensure we don't
-# ship test suites that do not work for some build options.
-#
-# The process is:
-#       for each possible PK alg
-#           build the library and test suites with that alg disabled
-#           execute the test suites
-#
-# And any test suite with the wrong dependencies will fail.
-#
-# Usage: tests/scripts/depends-pkalgs.pl
-#
-# This script should be executed from the root of the project directory.
-#
-# For best effect, run either with cmake disabled, or cmake enabled in a mode
-# that includes -Werror.
-
-use warnings;
-use strict;
-
--d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n";
-
-my $config_h = 'include/mbedtls/config.h';
-
-# Some algorithms can't be disabled on their own as others depend on them, so
-# we list those reverse-dependencies here to keep check_config.h happy.
-my %algs = (
-    'MBEDTLS_ECDSA_C'   => ['MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED'],
-    'MBEDTLS_ECP_C'     => ['MBEDTLS_ECDSA_C',
-                            'MBEDTLS_ECDH_C',
-                            'MBEDTLS_ECJPAKE_C',
-                            'MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED'],
-    'MBEDTLS_X509_RSASSA_PSS_SUPPORT'   => [],
-    'MBEDTLS_PKCS1_V21' => ['MBEDTLS_X509_RSASSA_PSS_SUPPORT'],
-    'MBEDTLS_PKCS1_V15' => ['MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED'],
-    'MBEDTLS_RSA_C'     => ['MBEDTLS_X509_RSASSA_PSS_SUPPORT',
-                            'MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED'],
-);
-
-system( "cp $config_h $config_h.bak" ) and die;
-sub abort {
-    system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
-    # use an exit code between 1 and 124 for git bisect (die returns 255)
-    warn $_[0];
-    exit 1;
-}
-
-while( my ($alg, $extras) = each %algs ) {
-    system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n";
-    system( "make clean" ) and die;
-
-    print "\n******************************************\n";
-    print "* Testing without alg: $alg\n";
-    print "******************************************\n";
-    $ENV{MBEDTLS_TEST_CONFIGURATION} = "-$alg";
-
-    system( "scripts/config.py unset $alg" )
-        and abort "Failed to disable $alg\n";
-    for my $opt (@$extras) {
-        system( "scripts/config.py unset $opt" )
-            and abort "Failed to disable $opt\n";
-    }
-
-    system( "CFLAGS='-Werror -Wall -Wextra' make lib" )
-        and abort "Failed to build lib: $alg\n";
-    system( "cd tests && make" ) and abort "Failed to build tests: $alg\n";
-    system( "make test" ) and abort "Failed test suite: $alg\n";
-}
-
-system( "mv $config_h.bak $config_h" ) and die "$config_h not restored\n";
-system( "make clean" ) and die;
-exit 0;
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/doxygen.sh b/3rdparty/mbedtls-2.25.0/tests/scripts/doxygen.sh
deleted file mode 100644
index 2c523ba..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/doxygen.sh
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/bin/sh
-
-# Make sure the doxygen documentation builds without warnings
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Abort on errors (and uninitiliased variables)
-set -eu
-
-if [ -d library -a -d include -a -d tests ]; then :; else
-    echo "Must be run from mbed TLS root" >&2
-    exit 1
-fi
-
-if scripts/apidoc_full.sh > doc.out 2>doc.err; then :; else
-    cat doc.err
-    echo "FAIL" >&2
-    exit 1;
-fi
-
-cat doc.out doc.err | \
-    grep -v "warning: ignoring unsupported tag" \
-    > doc.filtered
-
-if egrep "(warning|error):" doc.filtered; then
-    echo "FAIL" >&2
-    exit 1;
-fi
-
-make apidoc_clean
-rm -f doc.out doc.err doc.filtered
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/gen_pkcs1_v21_sign_verify.pl b/3rdparty/mbedtls-2.25.0/tests/scripts/gen_pkcs1_v21_sign_verify.pl
deleted file mode 100644
index 609e558..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/gen_pkcs1_v21_sign_verify.pl
+++ /dev/null
@@ -1,86 +0,0 @@
-#!/usr/bin/env perl
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-use strict;
-
-my $file = shift;
-
-open(TEST_DATA, "$file") or die "Opening test cases '$file': $!";
-
-sub get_val($$)
-{
-    my $str = shift;
-    my $name = shift;
-    my $val = "";
-
-    while(my $line = <TEST_DATA>)
-    {
-        next if($line !~ /^# $str/);
-        last;
-    }
-
-    while(my $line = <TEST_DATA>)
-    {
-        last if($line eq "\r\n");
-        $val .= $line;
-    }
-
-    $val =~ s/[ \r\n]//g;
-
-    return $val;
-}
-
-my $state = 0;
-my $val_n = "";
-my $val_e = "";
-my $val_p = "";
-my $val_q = "";
-my $mod = 0;
-my $cnt = 1;
-while (my $line = <TEST_DATA>)
-{
-    next if ($line !~ /^# Example/);
-
-    ( $mod ) = ($line =~ /A (\d+)/);
-    $val_n = get_val("RSA modulus n", "N");
-    $val_e = get_val("RSA public exponent e", "E");
-    $val_p = get_val("Prime p", "P");
-    $val_q = get_val("Prime q", "Q");
-
-    for(my $i = 1; $i <= 6; $i++)
-    {
-        my $val_m = get_val("Message to be", "M");
-        my $val_salt = get_val("Salt", "Salt");
-        my $val_sig = get_val("Signature", "Sig");
-
-        print("RSASSA-PSS Signature Example ${cnt}_${i}\n");
-        print("pkcs1_rsassa_pss_sign:$mod:16:\"$val_p\":16:\"$val_q\":16:\"$val_n\":16:\"$val_e\":SIG_RSA_SHA1:MBEDTLS_MD_SHA1");
-        print(":\"$val_m\"");
-        print(":\"$val_salt\"");
-        print(":\"$val_sig\":0");
-        print("\n\n");
-
-        print("RSASSA-PSS Signature Example ${cnt}_${i} (verify)\n");
-        print("pkcs1_rsassa_pss_verify:$mod:16:\"$val_n\":16:\"$val_e\":SIG_RSA_SHA1:MBEDTLS_MD_SHA1");
-        print(":\"$val_m\"");
-        print(":\"$val_salt\"");
-        print(":\"$val_sig\":0");
-        print("\n\n");
-    }
-    $cnt++;
-}
-close(TEST_DATA);
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/generate-afl-tests.sh b/3rdparty/mbedtls-2.25.0/tests/scripts/generate-afl-tests.sh
deleted file mode 100644
index 7c9f432..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/generate-afl-tests.sh
+++ /dev/null
@@ -1,83 +0,0 @@
-#!/bin/sh
-
-# This script splits the data test files containing the test cases into
-# individual files (one test case per file) suitable for use with afl
-# (American Fuzzy Lop). http://lcamtuf.coredump.cx/afl/
-#
-# Usage: generate-afl-tests.sh <test data file path>
-#  <test data file path> - should be the path to one of the test suite files
-#                          such as 'test_suite_mpi.data'
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Abort on errors
-set -e
-
-if [ -z $1 ]
-then
-    echo " [!] No test file specified" >&2
-    echo "Usage: $0 <test data file>" >&2
-    exit 1
-fi
-
-SRC_FILEPATH=$(dirname $1)/$(basename $1)
-TESTSUITE=$(basename $1 .data)
-
-THIS_DIR=$(basename $PWD)
-
-if [ -d ../library -a -d ../include -a -d ../tests -a $THIS_DIR == "tests" ];
-then :;
-else
-    echo " [!] Must be run from mbed TLS tests directory" >&2
-    exit 1
-fi
-
-DEST_TESTCASE_DIR=$TESTSUITE-afl-tests
-DEST_OUTPUT_DIR=$TESTSUITE-afl-out
-
-echo " [+] Creating output directories" >&2
-
-if [ -e $DEST_OUTPUT_DIR/* ];
-then :
-    echo " [!] Test output files already exist." >&2
-    exit 1
-else
-    mkdir -p $DEST_OUTPUT_DIR
-fi
-
-if [ -e $DEST_TESTCASE_DIR/* ];
-then :
-    echo " [!] Test output files already exist." >&2
-else
-    mkdir -p $DEST_TESTCASE_DIR
-fi
-
-echo " [+] Creating test cases" >&2
-cd $DEST_TESTCASE_DIR
-
-split -p '^\s*$' ../$SRC_FILEPATH
-
-for f in *;
-do
-    # Strip out any blank lines (no trim on OS X)
-    sed '/^\s*$/d' $f >testcase_$f
-    rm $f
-done
-
-cd ..
-
-echo " [+] Test cases in $DEST_TESTCASE_DIR" >&2
-
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/key-exchanges.pl b/3rdparty/mbedtls-2.25.0/tests/scripts/key-exchanges.pl
deleted file mode 100644
index 20f3aa6..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/key-exchanges.pl
+++ /dev/null
@@ -1,76 +0,0 @@
-#!/usr/bin/env perl
-
-# key-exchanges.pl
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Purpose
-#
-# To test the code dependencies on individual key exchanges in the SSL module.
-# is a verification step to ensure we don't ship SSL code that do not work
-# for some build options.
-#
-# The process is:
-#       for each possible key exchange
-#           build the library with all but that key exchange disabled
-#
-# Usage: tests/scripts/key-exchanges.pl
-#
-# This script should be executed from the root of the project directory.
-#
-# For best effect, run either with cmake disabled, or cmake enabled in a mode
-# that includes -Werror.
-
-use warnings;
-use strict;
-
--d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n";
-
-my $sed_cmd = 's/^#define \(MBEDTLS_KEY_EXCHANGE_.*_ENABLED\)/\1/p';
-my $config_h = 'include/mbedtls/config.h';
-my @kexes = split( /\s+/, `sed -n -e '$sed_cmd' $config_h` );
-
-system( "cp $config_h $config_h.bak" ) and die;
-sub abort {
-    system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
-    # use an exit code between 1 and 124 for git bisect (die returns 255)
-    warn $_[0];
-    exit 1;
-}
-
-for my $kex (@kexes) {
-    system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n";
-    system( "make clean" ) and die;
-
-    print "\n******************************************\n";
-    print "* Testing with key exchange: $kex\n";
-    print "******************************************\n";
-    $ENV{MBEDTLS_TEST_CONFIGURATION} = $kex;
-
-    # full config with all key exchanges disabled except one
-    system( "scripts/config.py full" ) and abort "Failed config full\n";
-    for my $k (@kexes) {
-        next if $k eq $kex;
-        system( "scripts/config.py unset $k" )
-            and abort "Failed to disable $k\n";
-    }
-
-    system( "make lib CFLAGS='-Os -Werror'" ) and abort "Failed to build lib: $kex\n";
-}
-
-system( "mv $config_h.bak $config_h" ) and die "$config_h not restored\n";
-system( "make clean" ) and die;
-exit 0;
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/list-enum-consts.pl b/3rdparty/mbedtls-2.25.0/tests/scripts/list-enum-consts.pl
deleted file mode 100644
index 3d8df10..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/list-enum-consts.pl
+++ /dev/null
@@ -1,53 +0,0 @@
-#!/usr/bin/env perl
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-use warnings;
-use strict;
-
-use utf8;
-use open qw(:std utf8);
-
--d 'include/mbedtls' or die "$0: must be run from root\n";
-
-@ARGV = grep { ! /compat-1\.3\.h/ } <include/mbedtls/*.h>;
-push @ARGV, "3rdparty/everest/include/everest/everest.h";
-push @ARGV, "3rdparty/everest/include/everest/x25519.h";
-
-
-my @consts;
-my $state = 'out';
-while (<>)
-{
-    if( $state eq 'out' and /^(typedef )?enum \{/ ) {
-        $state = 'in';
-    } elsif( $state eq 'out' and /^(typedef )?enum/ ) {
-        $state = 'start';
-    } elsif( $state eq 'start' and /{/ ) {
-        $state = 'in';
-    } elsif( $state eq 'in' and /}/ ) {
-        $state = 'out';
-    } elsif( $state eq 'in' and not /^#/) {
-        s/=.*//; s!/\*.*!!; s/,.*//; s/\s+//g; chomp;
-        push @consts, $_ if $_;
-    }
-}
-
-open my $fh, '>', 'enum-consts' or die;
-print $fh "$_\n" for sort @consts;
-close $fh or die;
-
-printf "%8d enum-consts\n", scalar @consts;
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/list-identifiers.sh b/3rdparty/mbedtls-2.25.0/tests/scripts/list-identifiers.sh
deleted file mode 100644
index a1c3d2d..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/list-identifiers.sh
+++ /dev/null
@@ -1,78 +0,0 @@
-#!/bin/bash
-#
-# Create a file named identifiers containing identifiers from internal header
-# files or all header files, based on --internal flag.
-# Outputs the line count of the file to stdout.
-#
-# Usage: list-identifiers.sh [ -i | --internal ]
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-set -eu
-
-if [ -d include/mbedtls ]; then :; else
-    echo "$0: must be run from root" >&2
-    exit 1
-fi
-
-INTERNAL=""
-
-until [ -z "${1-}" ]
-do
-  case "$1" in
-    -i|--internal)
-      INTERNAL="1"
-      ;;
-    *)
-      # print error
-      echo "Unknown argument: '$1'"
-      exit 1
-      ;;
-  esac
-  shift
-done
-
-if [ $INTERNAL ]
-then
-    HEADERS=$( ls include/mbedtls/*_internal.h library/*.h | egrep -v 'compat-1\.3\.h|bn_mul' )
-else
-    HEADERS=$( ls include/mbedtls/*.h include/psa/*.h library/*.h | egrep -v 'compat-1\.3\.h|bn_mul' )
-    HEADERS="$HEADERS 3rdparty/everest/include/everest/everest.h 3rdparty/everest/include/everest/x25519.h"
-fi
-
-rm -f identifiers
-
-grep '^[^ /#{]' $HEADERS | \
-    sed -e 's/^[^:]*://' | \
-    egrep -v '^(extern "C"|(typedef )?(struct|union|enum)( {)?$|};?$)' \
-    > _decls
-
-if true; then
-sed -n -e 's/.* \**\([a-zA-Z_][a-zA-Z0-9_]*\)(.*/\1/p' \
-       -e 's/.*(\*\(.*\))(.*/\1/p' _decls
-grep -v '(' _decls | sed -e 's/\([a-zA-Z0-9_]*\)[;[].*/\1/' -e 's/.* \**//'
-fi > _identifiers
-
-if [ $( wc -l < _identifiers ) -eq $( wc -l < _decls ) ]; then
-    rm _decls
-    egrep -v '^(u?int(16|32|64)_t)$' _identifiers | sort > identifiers
-    rm _identifiers
-else
-    echo "$0: oops, lost some identifiers" 2>&1
-    exit 1
-fi
-
-wc -l identifiers
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/list-macros.sh b/3rdparty/mbedtls-2.25.0/tests/scripts/list-macros.sh
deleted file mode 100644
index a8617a0..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/list-macros.sh
+++ /dev/null
@@ -1,39 +0,0 @@
-#!/bin/sh
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-set -eu
-
-if [ -d include/mbedtls ]; then :; else
-    echo "$0: must be run from root" >&2
-    exit 1
-fi
-
-HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-1\.3\.h' )
-HEADERS="$HEADERS library/*.h"
-HEADERS="$HEADERS 3rdparty/everest/include/everest/everest.h 3rdparty/everest/include/everest/x25519.h"
-
-sed -n -e 's/.*#define \([a-zA-Z0-9_]*\).*/\1/p' $HEADERS \
-    | egrep -v '^(asm|inline|EMIT|_CRT_SECURE_NO_DEPRECATE)$|^MULADDC_' \
-    | sort -u > macros
-
-# For include/mbedtls/config_psa.h need to ignore the MBEDTLS_xxx define
-# in that file since they may not be defined in include/psa/crypto_config.h
-# This line renames the potentially missing defines to ones that should
-# be present.
-sed -ne 's/^MBEDTLS_PSA_BUILTIN_/MBEDTLS_PSA_ACCEL_/p' <macros >>macros
-
-wc -l macros
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/list-symbols.sh b/3rdparty/mbedtls-2.25.0/tests/scripts/list-symbols.sh
deleted file mode 100644
index 8bdc55f..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/list-symbols.sh
+++ /dev/null
@@ -1,54 +0,0 @@
-#!/bin/sh
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-set -eu
-
-if [ -d include/mbedtls ]; then :; else
-    echo "$0: must be run from root" >&2
-    exit 1
-fi
-
-if grep -i cmake Makefile >/dev/null; then
-    echo "$0: not compatible with cmake" >&2
-    exit 1
-fi
-
-cp include/mbedtls/config.h include/mbedtls/config.h.bak
-scripts/config.py full
-make clean
-make_ret=
-CFLAGS=-fno-asynchronous-unwind-tables make lib \
-      >list-symbols.make.log 2>&1 ||
-  {
-    make_ret=$?
-    echo "Build failure: CFLAGS=-fno-asynchronous-unwind-tables make lib"
-    cat list-symbols.make.log >&2
-  }
-rm list-symbols.make.log
-mv include/mbedtls/config.h.bak include/mbedtls/config.h
-if [ -n "$make_ret" ]; then
-    exit "$make_ret"
-fi
-
-if uname | grep -F Darwin >/dev/null; then
-    nm -gUj library/libmbed*.a 2>/dev/null | sed -n -e 's/^_//p' | grep -v -e ^FStar -e ^Hacl
-elif uname | grep -F Linux >/dev/null; then
-    nm -og library/libmbed*.a | grep -v '^[^ ]*: *U \|^$\|^[^ ]*:$' | sed 's/^[^ ]* . //' | grep -v -e ^FStar -e ^Hacl
-fi | sort > exported-symbols
-make clean
-
-wc -l exported-symbols
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/mbedtls_test.py b/3rdparty/mbedtls-2.25.0/tests/scripts/mbedtls_test.py
deleted file mode 100644
index a5d0940..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/mbedtls_test.py
+++ /dev/null
@@ -1,382 +0,0 @@
-#!/usr/bin/env python3
-
-# Greentea host test script for Mbed TLS on-target test suite testing.
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-"""
-Mbed TLS on-target test suite tests are implemented as Greentea
-tests. Greentea tests are implemented in two parts: target test and
-host test. Target test is a C application that is built for the
-target platform and executes on the target. Host test is a Python
-class derived from mbed_host_tests.BaseHostTest. Target communicates
-with the host over serial for the test data and sends back the result.
-
-Python tool mbedgt (Greentea) is responsible for flashing the test
-binary on to the target and dynamically loading this host test module.
-
-Greentea documentation can be found here:
-https://github.com/ARMmbed/greentea
-"""
-
-
-import re
-import os
-import binascii
-
-from mbed_host_tests import BaseHostTest, event_callback # pylint: disable=import-error
-
-
-class TestDataParserError(Exception):
-    """Indicates error in test data, read from .data file."""
-    pass
-
-
-class TestDataParser:
-    """
-    Parses test name, dependencies, test function name and test parameters
-    from the data file.
-    """
-
-    def __init__(self):
-        """
-        Constructor
-        """
-        self.tests = []
-
-    def parse(self, data_file):
-        """
-        Data file parser.
-
-        :param data_file: Data file path
-        """
-        with open(data_file, 'r') as data_f:
-            self.__parse(data_f)
-
-    @staticmethod
-    def __escaped_split(inp_str, split_char):
-        """
-        Splits inp_str on split_char except when escaped.
-
-        :param inp_str: String to split
-        :param split_char: Split character
-        :return: List of splits
-        """
-        split_colon_fn = lambda x: re.sub(r'\\' + split_char, split_char, x)
-        if len(split_char) > 1:
-            raise ValueError('Expected split character. Found string!')
-        out = list(map(split_colon_fn, re.split(r'(?<!\\)' + split_char, inp_str)))
-        out = [x for x in out if x]
-        return out
-
-    def __parse(self, data_f):
-        """
-        Parses data file using supplied file object.
-
-        :param data_f: Data file object
-        :return:
-        """
-        for line in data_f:
-            line = line.strip()
-            if not line:
-                continue
-            # Read test name
-            name = line
-
-            # Check dependencies
-            dependencies = []
-            line = next(data_f).strip()
-            match = re.search('depends_on:(.*)', line)
-            if match:
-                dependencies = [int(x) for x in match.group(1).split(':')]
-                line = next(data_f).strip()
-
-            # Read test vectors
-            line = line.replace('\\n', '\n')
-            parts = self.__escaped_split(line, ':')
-            function_name = int(parts[0])
-            args = parts[1:]
-            args_count = len(args)
-            if args_count % 2 != 0:
-                err_str_fmt = "Number of test arguments({}) should be even: {}"
-                raise TestDataParserError(err_str_fmt.format(args_count, line))
-            grouped_args = [(args[i * 2], args[(i * 2) + 1])
-                            for i in range(int(len(args)/2))]
-            self.tests.append((name, function_name, dependencies,
-                               grouped_args))
-
-    def get_test_data(self):
-        """
-        Returns test data.
-        """
-        return self.tests
-
-
-class MbedTlsTest(BaseHostTest):
-    """
-    Host test for Mbed TLS unit tests. This script is loaded at
-    run time by Greentea for executing Mbed TLS test suites. Each
-    communication from the target is received in this object as
-    an event, which is then handled by the event handler method
-    decorated by the associated event. Ex: @event_callback('GO').
-
-    Target test sends requests for dispatching next test. It reads
-    tests from the intermediate data file and sends test function
-    identifier, dependency identifiers, expression identifiers and
-    the test data in binary form. Target test checks dependencies
-    , evaluate integer constant expressions and dispatches the test
-    function with received test parameters. After test function is
-    finished, target sends the result. This class handles the result
-    event and prints verdict in the form that Greentea understands.
-
-    """
-    # status/error codes from suites/helpers.function
-    DEPENDENCY_SUPPORTED = 0
-    KEY_VALUE_MAPPING_FOUND = DEPENDENCY_SUPPORTED
-    DISPATCH_TEST_SUCCESS = DEPENDENCY_SUPPORTED
-
-    KEY_VALUE_MAPPING_NOT_FOUND = -1    # Expression Id not found.
-    DEPENDENCY_NOT_SUPPORTED = -2       # Dependency not supported.
-    DISPATCH_TEST_FN_NOT_FOUND = -3     # Test function not found.
-    DISPATCH_INVALID_TEST_DATA = -4     # Invalid parameter type.
-    DISPATCH_UNSUPPORTED_SUITE = -5     # Test suite not supported/enabled.
-
-    def __init__(self):
-        """
-        Constructor initialises test index to 0.
-        """
-        super(MbedTlsTest, self).__init__()
-        self.tests = []
-        self.test_index = -1
-        self.dep_index = 0
-        self.suite_passed = True
-        self.error_str = dict()
-        self.error_str[self.DEPENDENCY_SUPPORTED] = \
-            'DEPENDENCY_SUPPORTED'
-        self.error_str[self.KEY_VALUE_MAPPING_NOT_FOUND] = \
-            'KEY_VALUE_MAPPING_NOT_FOUND'
-        self.error_str[self.DEPENDENCY_NOT_SUPPORTED] = \
-            'DEPENDENCY_NOT_SUPPORTED'
-        self.error_str[self.DISPATCH_TEST_FN_NOT_FOUND] = \
-            'DISPATCH_TEST_FN_NOT_FOUND'
-        self.error_str[self.DISPATCH_INVALID_TEST_DATA] = \
-            'DISPATCH_INVALID_TEST_DATA'
-        self.error_str[self.DISPATCH_UNSUPPORTED_SUITE] = \
-            'DISPATCH_UNSUPPORTED_SUITE'
-
-    def setup(self):
-        """
-        Setup hook implementation. Reads test suite data file and parses out
-        tests.
-        """
-        binary_path = self.get_config_item('image_path')
-        script_dir = os.path.split(os.path.abspath(__file__))[0]
-        suite_name = os.path.splitext(os.path.basename(binary_path))[0]
-        data_file = ".".join((suite_name, 'datax'))
-        data_file = os.path.join(script_dir, '..', 'mbedtls',
-                                 suite_name, data_file)
-        if os.path.exists(data_file):
-            self.log("Running tests from %s" % data_file)
-            parser = TestDataParser()
-            parser.parse(data_file)
-            self.tests = parser.get_test_data()
-            self.print_test_info()
-        else:
-            self.log("Data file not found: %s" % data_file)
-            self.notify_complete(False)
-
-    def print_test_info(self):
-        """
-        Prints test summary read by Greentea to detect test cases.
-        """
-        self.log('{{__testcase_count;%d}}' % len(self.tests))
-        for name, _, _, _ in self.tests:
-            self.log('{{__testcase_name;%s}}' % name)
-
-    @staticmethod
-    def align_32bit(data_bytes):
-        """
-        4 byte aligns input byte array.
-
-        :return:
-        """
-        data_bytes += bytearray((4 - (len(data_bytes))) % 4)
-
-    @staticmethod
-    def hex_str_bytes(hex_str):
-        """
-        Converts Hex string representation to byte array
-
-        :param hex_str: Hex in string format.
-        :return: Output Byte array
-        """
-        if hex_str[0] != '"' or hex_str[len(hex_str) - 1] != '"':
-            raise TestDataParserError("HEX test parameter missing '\"':"
-                                      " %s" % hex_str)
-        hex_str = hex_str.strip('"')
-        if len(hex_str) % 2 != 0:
-            raise TestDataParserError("HEX parameter len should be mod of "
-                                      "2: %s" % hex_str)
-
-        data_bytes = binascii.unhexlify(hex_str)
-        return data_bytes
-
-    @staticmethod
-    def int32_to_big_endian_bytes(i):
-        """
-        Coverts i to byte array in big endian format.
-
-        :param i: Input integer
-        :return: Output bytes array in big endian or network order
-        """
-        data_bytes = bytearray([((i >> x) & 0xff) for x in [24, 16, 8, 0]])
-        return data_bytes
-
-    def test_vector_to_bytes(self, function_id, dependencies, parameters):
-        """
-        Converts test vector into a byte array that can be sent to the target.
-
-        :param function_id: Test Function Identifier
-        :param dependencies: Dependency list
-        :param parameters: Test function input parameters
-        :return: Byte array and its length
-        """
-        data_bytes = bytearray([len(dependencies)])
-        if dependencies:
-            data_bytes += bytearray(dependencies)
-        data_bytes += bytearray([function_id, len(parameters)])
-        for typ, param in parameters:
-            if typ in ('int', 'exp'):
-                i = int(param, 0)
-                data_bytes += b'I' if typ == 'int' else b'E'
-                self.align_32bit(data_bytes)
-                data_bytes += self.int32_to_big_endian_bytes(i)
-            elif typ == 'char*':
-                param = param.strip('"')
-                i = len(param) + 1  # + 1 for null termination
-                data_bytes += b'S'
-                self.align_32bit(data_bytes)
-                data_bytes += self.int32_to_big_endian_bytes(i)
-                data_bytes += bytearray(param, encoding='ascii')
-                data_bytes += b'\0'   # Null terminate
-            elif typ == 'hex':
-                binary_data = self.hex_str_bytes(param)
-                data_bytes += b'H'
-                self.align_32bit(data_bytes)
-                i = len(binary_data)
-                data_bytes += self.int32_to_big_endian_bytes(i)
-                data_bytes += binary_data
-        length = self.int32_to_big_endian_bytes(len(data_bytes))
-        return data_bytes, length
-
-    def run_next_test(self):
-        """
-        Fetch next test information and execute the test.
-
-        """
-        self.test_index += 1
-        self.dep_index = 0
-        if self.test_index < len(self.tests):
-            name, function_id, dependencies, args = self.tests[self.test_index]
-            self.run_test(name, function_id, dependencies, args)
-        else:
-            self.notify_complete(self.suite_passed)
-
-    def run_test(self, name, function_id, dependencies, args):
-        """
-        Execute the test on target by sending next test information.
-
-        :param name: Test name
-        :param function_id: function identifier
-        :param dependencies: Dependencies list
-        :param args: test parameters
-        :return:
-        """
-        self.log("Running: %s" % name)
-
-        param_bytes, length = self.test_vector_to_bytes(function_id,
-                                                        dependencies, args)
-        self.send_kv(
-            ''.join('{:02x}'.format(x) for x in length),
-            ''.join('{:02x}'.format(x) for x in param_bytes)
-        )
-
-    @staticmethod
-    def get_result(value):
-        """
-        Converts result from string type to integer
-        :param value: Result code in string
-        :return: Integer result code. Value is from the test status
-                 constants defined under the MbedTlsTest class.
-        """
-        try:
-            return int(value)
-        except ValueError:
-            ValueError("Result should return error number. "
-                       "Instead received %s" % value)
-
-    @event_callback('GO')
-    def on_go(self, _key, _value, _timestamp):
-        """
-        Sent by the target to start first test.
-
-        :param _key: Event key
-        :param _value: Value. ignored
-        :param _timestamp: Timestamp ignored.
-        :return:
-        """
-        self.run_next_test()
-
-    @event_callback("R")
-    def on_result(self, _key, value, _timestamp):
-        """
-        Handle result. Prints test start, finish required by Greentea
-        to detect test execution.
-
-        :param _key: Event key
-        :param value: Value. ignored
-        :param _timestamp: Timestamp ignored.
-        :return:
-        """
-        int_val = self.get_result(value)
-        name, _, _, _ = self.tests[self.test_index]
-        self.log('{{__testcase_start;%s}}' % name)
-        self.log('{{__testcase_finish;%s;%d;%d}}' % (name, int_val == 0,
-                                                     int_val != 0))
-        if int_val != 0:
-            self.suite_passed = False
-        self.run_next_test()
-
-    @event_callback("F")
-    def on_failure(self, _key, value, _timestamp):
-        """
-        Handles test execution failure. That means dependency not supported or
-        Test function not supported. Hence marking test as skipped.
-
-        :param _key: Event key
-        :param value: Value. ignored
-        :param _timestamp: Timestamp ignored.
-        :return:
-        """
-        int_val = self.get_result(value)
-        if int_val in self.error_str:
-            err = self.error_str[int_val]
-        else:
-            err = 'Unknown error'
-        # For skip status, do not write {{__testcase_finish;...}}
-        self.log("Error: %s" % err)
-        self.run_next_test()
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/recursion.pl b/3rdparty/mbedtls-2.25.0/tests/scripts/recursion.pl
deleted file mode 100644
index e4b2d94..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/recursion.pl
+++ /dev/null
@@ -1,59 +0,0 @@
-#!/usr/bin/env perl
-
-# Find functions making recursive calls to themselves.
-# (Multiple recursion where a() calls b() which calls a() not covered.)
-#
-# When the recursion depth might depend on data controlled by the attacker in
-# an unbounded way, those functions should use interation instead.
-#
-# Typical usage: scripts/recursion.pl library/*.c
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-use warnings;
-use strict;
-
-use utf8;
-use open qw(:std utf8);
-
-# exclude functions that are ok:
-# - mpi_write_hlp: bounded by size of mbedtls_mpi, a compile-time constant
-# - x509_crt_verify_child: bounded by MBEDTLS_X509_MAX_INTERMEDIATE_CA
-my $known_ok = qr/mpi_write_hlp|x509_crt_verify_child/;
-
-my $cur_name;
-my $inside;
-my @funcs;
-
-die "Usage: $0 file.c [...]\n" unless @ARGV;
-
-while (<>)
-{
-    if( /^[^\/#{}\s]/ && ! /\[.*]/ ) {
-        chomp( $cur_name = $_ ) unless $inside;
-    } elsif( /^{/ && $cur_name ) {
-        $inside = 1;
-        $cur_name =~ s/.* ([^ ]*)\(.*/$1/;
-    } elsif( /^}/ && $inside ) {
-        undef $inside;
-        undef $cur_name;
-    } elsif( $inside && /\b\Q$cur_name\E\([^)]/ ) {
-        push @funcs, $cur_name unless /$known_ok/;
-    }
-}
-
-print "$_\n" for @funcs;
-exit @funcs;
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/test-ref-configs.pl b/3rdparty/mbedtls-2.25.0/tests/scripts/test-ref-configs.pl
deleted file mode 100644
index cf4175a..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/test-ref-configs.pl
+++ /dev/null
@@ -1,129 +0,0 @@
-#!/usr/bin/env perl
-
-# test-ref-configs.pl
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Purpose
-#
-# For each reference configuration file in the configs directory, build the
-# configuration, run the test suites and compat.sh
-#
-# Usage: tests/scripts/test-ref-configs.pl [config-name [...]]
-
-use warnings;
-use strict;
-
-my %configs = (
-    'config-ccm-psk-tls1_2.h' => {
-        'compat' => '-m tls1_2 -f \'^TLS-PSK-WITH-AES-...-CCM-8\'',
-    },
-    'config-mini-tls1_1.h' => {
-        'compat' => '-m tls1_1 -f \'^DES-CBC3-SHA$\|^TLS-RSA-WITH-3DES-EDE-CBC-SHA$\'', #'
-    },
-    'config-no-entropy.h' => {
-    },
-    'config-psa-crypto.h' => {
-    },
-    'config-suite-b.h' => {
-        'compat' => "-m tls1_2 -f 'ECDHE-ECDSA.*AES.*GCM' -p mbedTLS",
-    },
-    'config-symmetric-only.h' => {
-    },
-    'config-thread.h' => {
-        'opt' => '-f ECJPAKE.*nolog',
-    },
-);
-
-# If no config-name is provided, use all known configs.
-# Otherwise, use the provided names only.
-if ($#ARGV >= 0) {
-    my %configs_ori = ( %configs );
-    %configs = ();
-
-    foreach my $conf_name (@ARGV) {
-        if( ! exists $configs_ori{$conf_name} ) {
-            die "Unknown configuration: $conf_name\n";
-        } else {
-            $configs{$conf_name} = $configs_ori{$conf_name};
-        }
-    }
-}
-
--d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n";
-
-my $config_h = 'include/mbedtls/config.h';
-
-system( "cp $config_h $config_h.bak" ) and die;
-sub abort {
-    system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
-    # use an exit code between 1 and 124 for git bisect (die returns 255)
-    warn $_[0];
-    exit 1;
-}
-
-# Create a seedfile for configurations that enable MBEDTLS_ENTROPY_NV_SEED.
-# For test purposes, this doesn't have to be cryptographically random.
-if (!-e "tests/seedfile" || -s "tests/seedfile" < 64) {
-    local *SEEDFILE;
-    open SEEDFILE, ">tests/seedfile" or die;
-    print SEEDFILE "*" x 64 or die;
-    close SEEDFILE or die;
-}
-
-while( my ($conf, $data) = each %configs ) {
-    system( "cp $config_h.bak $config_h" ) and die;
-    system( "make clean" ) and die;
-
-    print "\n******************************************\n";
-    print "* Testing configuration: $conf\n";
-    print "******************************************\n";
-    $ENV{MBEDTLS_TEST_CONFIGURATION} = $conf;
-
-    system( "cp configs/$conf $config_h" )
-        and abort "Failed to activate $conf\n";
-
-    system( "CFLAGS='-Os -Werror -Wall -Wextra' make" ) and abort "Failed to build: $conf\n";
-    system( "make test" ) and abort "Failed test suite: $conf\n";
-
-    my $compat = $data->{'compat'};
-    if( $compat )
-    {
-        print "\nrunning compat.sh $compat\n";
-        system( "tests/compat.sh $compat" )
-            and abort "Failed compat.sh: $conf\n";
-    }
-    else
-    {
-        print "\nskipping compat.sh\n";
-    }
-
-    my $opt = $data->{'opt'};
-    if( $opt )
-    {
-        print "\nrunning ssl-opt.sh $opt\n";
-        system( "tests/ssl-opt.sh $opt" )
-            and abort "Failed ssl-opt.sh: $conf\n";
-    }
-    else
-    {
-        print "\nskipping ssl-opt.sh\n";
-    }
-}
-
-system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
-system( "make clean" );
-exit 0;
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/test_psa_constant_names.py b/3rdparty/mbedtls-2.25.0/tests/scripts/test_psa_constant_names.py
deleted file mode 100644
index c7011a7..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/test_psa_constant_names.py
+++ /dev/null
@@ -1,474 +0,0 @@
-#!/usr/bin/env python3
-"""Test the program psa_constant_names.
-Gather constant names from header files and test cases. Compile a C program
-to print out their numerical values, feed these numerical values to
-psa_constant_names, and check that the output is the original name.
-Return 0 if all test cases pass, 1 if the output was not always as expected,
-or 1 (with a Python backtrace) if there was an operational error.
-"""
-
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-import argparse
-from collections import namedtuple
-import itertools
-import os
-import platform
-import re
-import subprocess
-import sys
-import tempfile
-
-class ReadFileLineException(Exception):
-    def __init__(self, filename, line_number):
-        message = 'in {} at {}'.format(filename, line_number)
-        super(ReadFileLineException, self).__init__(message)
-        self.filename = filename
-        self.line_number = line_number
-
-class read_file_lines:
-    # Dear Pylint, conventionally, a context manager class name is lowercase.
-    # pylint: disable=invalid-name,too-few-public-methods
-    """Context manager to read a text file line by line.
-
-    ```
-    with read_file_lines(filename) as lines:
-        for line in lines:
-            process(line)
-    ```
-    is equivalent to
-    ```
-    with open(filename, 'r') as input_file:
-        for line in input_file:
-            process(line)
-    ```
-    except that if process(line) raises an exception, then the read_file_lines
-    snippet annotates the exception with the file name and line number.
-    """
-    def __init__(self, filename, binary=False):
-        self.filename = filename
-        self.line_number = 'entry'
-        self.generator = None
-        self.binary = binary
-    def __enter__(self):
-        self.generator = enumerate(open(self.filename,
-                                        'rb' if self.binary else 'r'))
-        return self
-    def __iter__(self):
-        for line_number, content in self.generator:
-            self.line_number = line_number
-            yield content
-        self.line_number = 'exit'
-    def __exit__(self, exc_type, exc_value, exc_traceback):
-        if exc_type is not None:
-            raise ReadFileLineException(self.filename, self.line_number) \
-                from exc_value
-
-class Inputs:
-    # pylint: disable=too-many-instance-attributes
-    """Accumulate information about macros to test.
-
-    This includes macro names as well as information about their arguments
-    when applicable.
-    """
-
-    def __init__(self):
-        self.all_declared = set()
-        # Sets of names per type
-        self.statuses = set(['PSA_SUCCESS'])
-        self.algorithms = set(['0xffffffff'])
-        self.ecc_curves = set(['0xff'])
-        self.dh_groups = set(['0xff'])
-        self.key_types = set(['0xffff'])
-        self.key_usage_flags = set(['0x80000000'])
-        # Hard-coded value for unknown algorithms
-        self.hash_algorithms = set(['0x020000fe'])
-        self.mac_algorithms = set(['0x0300ffff'])
-        self.ka_algorithms = set(['0x09fc0000'])
-        self.kdf_algorithms = set(['0x080000ff'])
-        # For AEAD algorithms, the only variability is over the tag length,
-        # and this only applies to known algorithms, so don't test an
-        # unknown algorithm.
-        self.aead_algorithms = set()
-        # Identifier prefixes
-        self.table_by_prefix = {
-            'ERROR': self.statuses,
-            'ALG': self.algorithms,
-            'ECC_CURVE': self.ecc_curves,
-            'DH_GROUP': self.dh_groups,
-            'KEY_TYPE': self.key_types,
-            'KEY_USAGE': self.key_usage_flags,
-        }
-        # Test functions
-        self.table_by_test_function = {
-            # Any function ending in _algorithm also gets added to
-            # self.algorithms.
-            'key_type': [self.key_types],
-            'block_cipher_key_type': [self.key_types],
-            'stream_cipher_key_type': [self.key_types],
-            'ecc_key_family': [self.ecc_curves],
-            'ecc_key_types': [self.ecc_curves],
-            'dh_key_family': [self.dh_groups],
-            'dh_key_types': [self.dh_groups],
-            'hash_algorithm': [self.hash_algorithms],
-            'mac_algorithm': [self.mac_algorithms],
-            'cipher_algorithm': [],
-            'hmac_algorithm': [self.mac_algorithms],
-            'aead_algorithm': [self.aead_algorithms],
-            'key_derivation_algorithm': [self.kdf_algorithms],
-            'key_agreement_algorithm': [self.ka_algorithms],
-            'asymmetric_signature_algorithm': [],
-            'asymmetric_signature_wildcard': [self.algorithms],
-            'asymmetric_encryption_algorithm': [],
-            'other_algorithm': [],
-        }
-        # macro name -> list of argument names
-        self.argspecs = {}
-        # argument name -> list of values
-        self.arguments_for = {
-            'mac_length': ['1', '63'],
-            'tag_length': ['1', '63'],
-        }
-
-    def get_names(self, type_word):
-        """Return the set of known names of values of the given type."""
-        return {
-            'status': self.statuses,
-            'algorithm': self.algorithms,
-            'ecc_curve': self.ecc_curves,
-            'dh_group': self.dh_groups,
-            'key_type': self.key_types,
-            'key_usage': self.key_usage_flags,
-        }[type_word]
-
-    def gather_arguments(self):
-        """Populate the list of values for macro arguments.
-
-        Call this after parsing all the inputs.
-        """
-        self.arguments_for['hash_alg'] = sorted(self.hash_algorithms)
-        self.arguments_for['mac_alg'] = sorted(self.mac_algorithms)
-        self.arguments_for['ka_alg'] = sorted(self.ka_algorithms)
-        self.arguments_for['kdf_alg'] = sorted(self.kdf_algorithms)
-        self.arguments_for['aead_alg'] = sorted(self.aead_algorithms)
-        self.arguments_for['curve'] = sorted(self.ecc_curves)
-        self.arguments_for['group'] = sorted(self.dh_groups)
-
-    @staticmethod
-    def _format_arguments(name, arguments):
-        """Format a macro call with arguments.."""
-        return name + '(' + ', '.join(arguments) + ')'
-
-    def distribute_arguments(self, name):
-        """Generate macro calls with each tested argument set.
-
-        If name is a macro without arguments, just yield "name".
-        If name is a macro with arguments, yield a series of
-        "name(arg1,...,argN)" where each argument takes each possible
-        value at least once.
-        """
-        try:
-            if name not in self.argspecs:
-                yield name
-                return
-            argspec = self.argspecs[name]
-            if argspec == []:
-                yield name + '()'
-                return
-            argument_lists = [self.arguments_for[arg] for arg in argspec]
-            arguments = [values[0] for values in argument_lists]
-            yield self._format_arguments(name, arguments)
-            # Dear Pylint, enumerate won't work here since we're modifying
-            # the array.
-            # pylint: disable=consider-using-enumerate
-            for i in range(len(arguments)):
-                for value in argument_lists[i][1:]:
-                    arguments[i] = value
-                    yield self._format_arguments(name, arguments)
-                arguments[i] = argument_lists[0][0]
-        except BaseException as e:
-            raise Exception('distribute_arguments({})'.format(name)) from e
-
-    def generate_expressions(self, names):
-        return itertools.chain(*map(self.distribute_arguments, names))
-
-    _argument_split_re = re.compile(r' *, *')
-    @classmethod
-    def _argument_split(cls, arguments):
-        return re.split(cls._argument_split_re, arguments)
-
-    # Regex for interesting header lines.
-    # Groups: 1=macro name, 2=type, 3=argument list (optional).
-    _header_line_re = \
-        re.compile(r'#define +' +
-                   r'(PSA_((?:(?:DH|ECC|KEY)_)?[A-Z]+)_\w+)' +
-                   r'(?:\(([^\n()]*)\))?')
-    # Regex of macro names to exclude.
-    _excluded_name_re = re.compile(r'_(?:GET|IS|OF)_|_(?:BASE|FLAG|MASK)\Z')
-    # Additional excluded macros.
-    _excluded_names = set([
-        # Macros that provide an alternative way to build the same
-        # algorithm as another macro.
-        'PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH',
-        'PSA_ALG_FULL_LENGTH_MAC',
-        # Auxiliary macro whose name doesn't fit the usual patterns for
-        # auxiliary macros.
-        'PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE',
-    ])
-    def parse_header_line(self, line):
-        """Parse a C header line, looking for "#define PSA_xxx"."""
-        m = re.match(self._header_line_re, line)
-        if not m:
-            return
-        name = m.group(1)
-        self.all_declared.add(name)
-        if re.search(self._excluded_name_re, name) or \
-           name in self._excluded_names:
-            return
-        dest = self.table_by_prefix.get(m.group(2))
-        if dest is None:
-            return
-        dest.add(name)
-        if m.group(3):
-            self.argspecs[name] = self._argument_split(m.group(3))
-
-    _nonascii_re = re.compile(rb'[^\x00-\x7f]+')
-    def parse_header(self, filename):
-        """Parse a C header file, looking for "#define PSA_xxx"."""
-        with read_file_lines(filename, binary=True) as lines:
-            for line in lines:
-                line = re.sub(self._nonascii_re, rb'', line).decode('ascii')
-                self.parse_header_line(line)
-
-    _macro_identifier_re = re.compile(r'[A-Z]\w+')
-    def generate_undeclared_names(self, expr):
-        for name in re.findall(self._macro_identifier_re, expr):
-            if name not in self.all_declared:
-                yield name
-
-    def accept_test_case_line(self, function, argument):
-        #pylint: disable=unused-argument
-        undeclared = list(self.generate_undeclared_names(argument))
-        if undeclared:
-            raise Exception('Undeclared names in test case', undeclared)
-        return True
-
-    def add_test_case_line(self, function, argument):
-        """Parse a test case data line, looking for algorithm metadata tests."""
-        sets = []
-        if function.endswith('_algorithm'):
-            sets.append(self.algorithms)
-            if function == 'key_agreement_algorithm' and \
-               argument.startswith('PSA_ALG_KEY_AGREEMENT('):
-                # We only want *raw* key agreement algorithms as such, so
-                # exclude ones that are already chained with a KDF.
-                # Keep the expression as one to test as an algorithm.
-                function = 'other_algorithm'
-        sets += self.table_by_test_function[function]
-        if self.accept_test_case_line(function, argument):
-            for s in sets:
-                s.add(argument)
-
-    # Regex matching a *.data line containing a test function call and
-    # its arguments. The actual definition is partly positional, but this
-    # regex is good enough in practice.
-    _test_case_line_re = re.compile(r'(?!depends_on:)(\w+):([^\n :][^:\n]*)')
-    def parse_test_cases(self, filename):
-        """Parse a test case file (*.data), looking for algorithm metadata tests."""
-        with read_file_lines(filename) as lines:
-            for line in lines:
-                m = re.match(self._test_case_line_re, line)
-                if m:
-                    self.add_test_case_line(m.group(1), m.group(2))
-
-def gather_inputs(headers, test_suites, inputs_class=Inputs):
-    """Read the list of inputs to test psa_constant_names with."""
-    inputs = inputs_class()
-    for header in headers:
-        inputs.parse_header(header)
-    for test_cases in test_suites:
-        inputs.parse_test_cases(test_cases)
-    inputs.gather_arguments()
-    return inputs
-
-def remove_file_if_exists(filename):
-    """Remove the specified file, ignoring errors."""
-    if not filename:
-        return
-    try:
-        os.remove(filename)
-    except OSError:
-        pass
-
-def run_c(type_word, expressions, include_path=None, keep_c=False):
-    """Generate and run a program to print out numerical values for expressions."""
-    if include_path is None:
-        include_path = []
-    if type_word == 'status':
-        cast_to = 'long'
-        printf_format = '%ld'
-    else:
-        cast_to = 'unsigned long'
-        printf_format = '0x%08lx'
-    c_name = None
-    exe_name = None
-    try:
-        c_fd, c_name = tempfile.mkstemp(prefix='tmp-{}-'.format(type_word),
-                                        suffix='.c',
-                                        dir='programs/psa')
-        exe_suffix = '.exe' if platform.system() == 'Windows' else ''
-        exe_name = c_name[:-2] + exe_suffix
-        remove_file_if_exists(exe_name)
-        c_file = os.fdopen(c_fd, 'w', encoding='ascii')
-        c_file.write('/* Generated by test_psa_constant_names.py for {} values */'
-                     .format(type_word))
-        c_file.write('''
-#include <stdio.h>
-#include <psa/crypto.h>
-int main(void)
-{
-''')
-        for expr in expressions:
-            c_file.write('    printf("{}\\n", ({}) {});\n'
-                         .format(printf_format, cast_to, expr))
-        c_file.write('''    return 0;
-}
-''')
-        c_file.close()
-        cc = os.getenv('CC', 'cc')
-        subprocess.check_call([cc] +
-                              ['-I' + dir for dir in include_path] +
-                              ['-o', exe_name, c_name])
-        if keep_c:
-            sys.stderr.write('List of {} tests kept at {}\n'
-                             .format(type_word, c_name))
-        else:
-            os.remove(c_name)
-        output = subprocess.check_output([exe_name])
-        return output.decode('ascii').strip().split('\n')
-    finally:
-        remove_file_if_exists(exe_name)
-
-NORMALIZE_STRIP_RE = re.compile(r'\s+')
-def normalize(expr):
-    """Normalize the C expression so as not to care about trivial differences.
-
-    Currently "trivial differences" means whitespace.
-    """
-    return re.sub(NORMALIZE_STRIP_RE, '', expr)
-
-def collect_values(inputs, type_word, include_path=None, keep_c=False):
-    """Generate expressions using known macro names and calculate their values.
-
-    Return a list of pairs of (expr, value) where expr is an expression and
-    value is a string representation of its integer value.
-    """
-    names = inputs.get_names(type_word)
-    expressions = sorted(inputs.generate_expressions(names))
-    values = run_c(type_word, expressions,
-                   include_path=include_path, keep_c=keep_c)
-    return expressions, values
-
-class Tests:
-    """An object representing tests and their results."""
-
-    Error = namedtuple('Error',
-                       ['type', 'expression', 'value', 'output'])
-
-    def __init__(self, options):
-        self.options = options
-        self.count = 0
-        self.errors = []
-
-    def run_one(self, inputs, type_word):
-        """Test psa_constant_names for the specified type.
-
-        Run the program on the names for this type.
-        Use the inputs to figure out what arguments to pass to macros that
-        take arguments.
-        """
-        expressions, values = collect_values(inputs, type_word,
-                                             include_path=self.options.include,
-                                             keep_c=self.options.keep_c)
-        output = subprocess.check_output([self.options.program, type_word] +
-                                         values)
-        outputs = output.decode('ascii').strip().split('\n')
-        self.count += len(expressions)
-        for expr, value, output in zip(expressions, values, outputs):
-            if self.options.show:
-                sys.stdout.write('{} {}\t{}\n'.format(type_word, value, output))
-            if normalize(expr) != normalize(output):
-                self.errors.append(self.Error(type=type_word,
-                                              expression=expr,
-                                              value=value,
-                                              output=output))
-
-    def run_all(self, inputs):
-        """Run psa_constant_names on all the gathered inputs."""
-        for type_word in ['status', 'algorithm', 'ecc_curve', 'dh_group',
-                          'key_type', 'key_usage']:
-            self.run_one(inputs, type_word)
-
-    def report(self, out):
-        """Describe each case where the output is not as expected.
-
-        Write the errors to ``out``.
-        Also write a total.
-        """
-        for error in self.errors:
-            out.write('For {} "{}", got "{}" (value: {})\n'
-                      .format(error.type, error.expression,
-                              error.output, error.value))
-        out.write('{} test cases'.format(self.count))
-        if self.errors:
-            out.write(', {} FAIL\n'.format(len(self.errors)))
-        else:
-            out.write(' PASS\n')
-
-HEADERS = ['psa/crypto.h', 'psa/crypto_extra.h', 'psa/crypto_values.h']
-TEST_SUITES = ['tests/suites/test_suite_psa_crypto_metadata.data']
-
-def main():
-    parser = argparse.ArgumentParser(description=globals()['__doc__'])
-    parser.add_argument('--include', '-I',
-                        action='append', default=['include'],
-                        help='Directory for header files')
-    parser.add_argument('--keep-c',
-                        action='store_true', dest='keep_c', default=False,
-                        help='Keep the intermediate C file')
-    parser.add_argument('--no-keep-c',
-                        action='store_false', dest='keep_c',
-                        help='Don\'t keep the intermediate C file (default)')
-    parser.add_argument('--program',
-                        default='programs/psa/psa_constant_names',
-                        help='Program to test')
-    parser.add_argument('--show',
-                        action='store_true',
-                        help='Keep the intermediate C file')
-    parser.add_argument('--no-show',
-                        action='store_false', dest='show',
-                        help='Don\'t show tested values (default)')
-    options = parser.parse_args()
-    headers = [os.path.join(options.include[0], h) for h in HEADERS]
-    inputs = gather_inputs(headers, TEST_SUITES)
-    tests = Tests(options)
-    tests.run_all(inputs)
-    tests.report(sys.stdout)
-    if tests.errors:
-        sys.exit(1)
-
-if __name__ == '__main__':
-    main()
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/travis-log-failure.sh b/3rdparty/mbedtls-2.25.0/tests/scripts/travis-log-failure.sh
deleted file mode 100644
index 249b3f8..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/travis-log-failure.sh
+++ /dev/null
@@ -1,47 +0,0 @@
-#!/bin/sh
-
-# travis-log-failure.sh
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Purpose
-#
-# List the server and client logs on failed ssl-opt.sh and compat.sh tests.
-# This script is used to make the logs show up in the Travis test results.
-#
-# Some of the logs can be very long: this means usually a couple of megabytes
-# but it can be much more. For example, the client log of test 273 in ssl-opt.sh
-# is more than 630 Megabytes long.
-
-if [ -d include/mbedtls ]; then :; else
-    echo "$0: must be run from root" >&2
-    exit 1
-fi
-
-FILES="o-srv-*.log o-cli-*.log c-srv-*.log c-cli-*.log o-pxy-*.log"
-MAX_LOG_SIZE=1048576
-
-for PATTERN in $FILES; do
-    for LOG in $( ls tests/$PATTERN 2>/dev/null ); do
-        echo
-        echo "****** BEGIN file: $LOG ******"
-        echo
-        tail -c $MAX_LOG_SIZE $LOG
-        echo "****** END file: $LOG ******"
-        echo
-        rm $LOG
-    done
-done
diff --git a/3rdparty/mbedtls-2.25.0/tests/src/drivers/cipher.c b/3rdparty/mbedtls-2.25.0/tests/src/drivers/cipher.c
deleted file mode 100644
index fa7c6a9..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/src/drivers/cipher.c
+++ /dev/null
@@ -1,611 +0,0 @@
-/*
- * Test driver for cipher functions.
- * Currently only supports multi-part operations using AES-CTR.
- */
-/*  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
-#include "psa/crypto.h"
-#include "psa_crypto_core.h"
-#include "mbedtls/cipher.h"
-
-#include "test/drivers/cipher.h"
-
-#include "test/random.h"
-
-#include <string.h>
-
-/* Test driver implements AES-CTR only. Its default behaviour (when its return
- * status is not overridden through the hooks) is to take care of all AES-CTR
- * operations, and return PSA_ERROR_NOT_SUPPORTED for all others.
- * Set test_driver_cipher_hooks.forced_status to PSA_ERROR_NOT_SUPPORTED to use
- * fallback even for AES-CTR. */
-test_driver_cipher_hooks_t test_driver_cipher_hooks = TEST_DRIVER_CIPHER_INIT;
-
-static psa_status_t test_transparent_cipher_oneshot(
-    mbedtls_operation_t direction,
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg,
-    const uint8_t *input, size_t input_length,
-    uint8_t *output, size_t output_size, size_t *output_length)
-{
-    test_driver_cipher_hooks.hits++;
-
-    /* Test driver supports AES-CTR only, to verify operation calls. */
-    if( alg != PSA_ALG_CTR ||
-        psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES )
-        return( PSA_ERROR_NOT_SUPPORTED );
-
-    /* If test driver response code is not SUCCESS, we can return early */
-    if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
-        return( test_driver_cipher_hooks.forced_status );
-
-    /* If test driver output is overridden, we don't need to do actual crypto */
-    if( test_driver_cipher_hooks.forced_output != NULL )
-    {
-        if( output_size < test_driver_cipher_hooks.forced_output_length )
-            return( PSA_ERROR_BUFFER_TOO_SMALL );
-
-        memcpy( output,
-                test_driver_cipher_hooks.forced_output,
-                test_driver_cipher_hooks.forced_output_length );
-        *output_length = test_driver_cipher_hooks.forced_output_length;
-
-        return( test_driver_cipher_hooks.forced_status );
-    }
-
-    /* Run AES-CTR using the cipher module */
-    {
-        mbedtls_test_rnd_pseudo_info rnd_info;
-        memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-        const mbedtls_cipher_info_t *cipher_info =
-            mbedtls_cipher_info_from_values( MBEDTLS_CIPHER_ID_AES,
-                                             key_length * 8,
-                                             MBEDTLS_MODE_CTR );
-        mbedtls_cipher_context_t cipher;
-        int ret = 0;
-        uint8_t temp_output_buffer[16] = {0};
-        size_t temp_output_length = 0;
-
-        if( direction == MBEDTLS_ENCRYPT )
-        {
-            /* Oneshot encrypt needs to prepend the IV to the output */
-            if( output_size < ( input_length + 16 ) )
-                return( PSA_ERROR_BUFFER_TOO_SMALL );
-        }
-        else
-        {
-            /* Oneshot decrypt has the IV prepended to the input */
-            if( output_size < ( input_length - 16 ) )
-                return( PSA_ERROR_BUFFER_TOO_SMALL );
-        }
-
-        if( cipher_info == NULL )
-            return( PSA_ERROR_NOT_SUPPORTED );
-
-        mbedtls_cipher_init( &cipher );
-        ret = mbedtls_cipher_setup( &cipher, cipher_info );
-        if( ret != 0 )
-            goto exit;
-
-        ret = mbedtls_cipher_setkey( &cipher,
-                                     key,
-                                     key_length * 8, direction );
-        if( ret != 0 )
-            goto exit;
-
-        if( direction == MBEDTLS_ENCRYPT )
-        {
-            mbedtls_test_rnd_pseudo_info rnd_info;
-            memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-            ret = mbedtls_test_rnd_pseudo_rand( &rnd_info,
-                                                temp_output_buffer,
-                                                16 );
-            if( ret != 0 )
-                goto exit;
-
-            ret = mbedtls_cipher_set_iv( &cipher, temp_output_buffer, 16 );
-        }
-        else
-            ret = mbedtls_cipher_set_iv( &cipher, input, 16 );
-
-        if( ret != 0 )
-            goto exit;
-
-        if( direction == MBEDTLS_ENCRYPT )
-        {
-            ret = mbedtls_cipher_update( &cipher,
-                                         input, input_length,
-                                         &output[16], output_length );
-            if( ret == 0 )
-            {
-                memcpy( output, temp_output_buffer, 16 );
-                *output_length += 16;
-            }
-        }
-        else
-            ret = mbedtls_cipher_update( &cipher,
-                                         &input[16], input_length - 16,
-                                         output, output_length );
-
-        if( ret != 0 )
-            goto exit;
-
-        ret = mbedtls_cipher_finish( &cipher,
-                                     temp_output_buffer,
-                                     &temp_output_length );
-
-exit:
-        if( ret != 0 )
-        {
-            *output_length = 0;
-            memset(output, 0, output_size);
-        }
-
-        mbedtls_cipher_free( &cipher );
-        return( mbedtls_to_psa_error( ret ) );
-    }
-}
-
-psa_status_t test_transparent_cipher_encrypt(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg,
-    const uint8_t *input, size_t input_length,
-    uint8_t *output, size_t output_size, size_t *output_length)
-{
-    return (
-        test_transparent_cipher_oneshot(
-            MBEDTLS_ENCRYPT,
-            attributes,
-            key, key_length,
-            alg,
-            input, input_length,
-            output, output_size, output_length) );
-}
-
-psa_status_t test_transparent_cipher_decrypt(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg,
-    const uint8_t *input, size_t input_length,
-    uint8_t *output, size_t output_size, size_t *output_length)
-{
-    return (
-        test_transparent_cipher_oneshot(
-            MBEDTLS_DECRYPT,
-            attributes,
-            key, key_length,
-            alg,
-            input, input_length,
-            output, output_size, output_length) );
-}
-
-static psa_status_t test_transparent_cipher_setup(
-    mbedtls_operation_t direction,
-    test_transparent_cipher_operation_t *operation,
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg)
-{
-    const mbedtls_cipher_info_t *cipher_info = NULL;
-    int ret = 0;
-
-    test_driver_cipher_hooks.hits++;
-
-    if( operation->alg != 0 )
-        return( PSA_ERROR_BAD_STATE );
-
-    /* Wiping the entire struct here, instead of member-by-member. This is useful
-     * for the test suite, since it gives a chance of catching memory corruption
-     * errors should the core not have allocated (enough) memory for our context
-     * struct. */
-    memset( operation, 0, sizeof( *operation ) );
-
-    /* Allow overriding return value for testing purposes */
-    if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
-        return( test_driver_cipher_hooks.forced_status );
-
-    /* Test driver supports AES-CTR only, to verify operation calls. */
-    if( alg != PSA_ALG_CTR ||
-        psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES )
-        return( PSA_ERROR_NOT_SUPPORTED );
-
-    operation->alg = alg;
-    operation->iv_size = 16;
-
-    cipher_info = mbedtls_cipher_info_from_values( MBEDTLS_CIPHER_ID_AES,
-                                                   key_length * 8,
-                                                   MBEDTLS_MODE_CTR );
-    if( cipher_info == NULL )
-        return( PSA_ERROR_NOT_SUPPORTED );
-
-    mbedtls_cipher_init( &operation->cipher );
-    ret = mbedtls_cipher_setup( &operation->cipher, cipher_info );
-    if( ret != 0 ) {
-        mbedtls_cipher_free( &operation->cipher );
-        return( mbedtls_to_psa_error( ret ) );
-    }
-
-    ret = mbedtls_cipher_setkey( &operation->cipher,
-                                 key,
-                                 key_length * 8, direction );
-    if( ret != 0 ) {
-        mbedtls_cipher_free( &operation->cipher );
-        return( mbedtls_to_psa_error( ret ) );
-    }
-
-    operation->iv_set = 0;
-    operation->iv_required = 1;
-    operation->key_set = 1;
-
-    return( test_driver_cipher_hooks.forced_status );
-}
-
-psa_status_t test_transparent_cipher_encrypt_setup(
-    test_transparent_cipher_operation_t *operation,
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg)
-{
-    return ( test_transparent_cipher_setup( MBEDTLS_ENCRYPT,
-                                            operation,
-                                            attributes,
-                                            key,
-                                            key_length,
-                                            alg ) );
-}
-
-psa_status_t test_transparent_cipher_decrypt_setup(
-    test_transparent_cipher_operation_t *operation,
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg)
-{
-    return ( test_transparent_cipher_setup( MBEDTLS_DECRYPT,
-                                            operation,
-                                            attributes,
-                                            key,
-                                            key_length,
-                                            alg ) );
-}
-
-psa_status_t test_transparent_cipher_abort(
-    test_transparent_cipher_operation_t *operation)
-{
-    test_driver_cipher_hooks.hits++;
-
-    if( operation->alg == 0 )
-        return( PSA_SUCCESS );
-    if( operation->alg != PSA_ALG_CTR )
-        return( PSA_ERROR_BAD_STATE );
-
-    mbedtls_cipher_free( &operation->cipher );
-
-    /* Wiping the entire struct here, instead of member-by-member. This is useful
-     * for the test suite, since it gives a chance of catching memory corruption
-     * errors should the core not have allocated (enough) memory for our context
-     * struct. */
-    memset( operation, 0, sizeof( *operation ) );
-
-    return( PSA_SUCCESS );
-}
-
-psa_status_t test_transparent_cipher_generate_iv(
-    test_transparent_cipher_operation_t *operation,
-    uint8_t *iv,
-    size_t iv_size,
-    size_t *iv_length)
-{
-    psa_status_t status;
-    mbedtls_test_rnd_pseudo_info rnd_info;
-    memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-    test_driver_cipher_hooks.hits++;
-
-    if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
-        return( test_driver_cipher_hooks.forced_status );
-
-    if( operation->alg != PSA_ALG_CTR )
-        return( PSA_ERROR_BAD_STATE );
-
-    if( operation->iv_set || ! operation->iv_required )
-        return( PSA_ERROR_BAD_STATE );
-
-    if( iv_size < operation->iv_size )
-        return( PSA_ERROR_BUFFER_TOO_SMALL );
-
-    status = mbedtls_to_psa_error(
-        mbedtls_test_rnd_pseudo_rand( &rnd_info,
-                                      iv,
-                                      operation->iv_size ) );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    *iv_length = operation->iv_size;
-    status = test_transparent_cipher_set_iv( operation, iv, *iv_length );
-
-    return( status );
-}
-
-psa_status_t test_transparent_cipher_set_iv(
-    test_transparent_cipher_operation_t *operation,
-    const uint8_t *iv,
-    size_t iv_length)
-{
-    psa_status_t status;
-
-    test_driver_cipher_hooks.hits++;
-
-    if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
-        return( test_driver_cipher_hooks.forced_status );
-
-    if( operation->alg != PSA_ALG_CTR )
-        return( PSA_ERROR_BAD_STATE );
-
-    if( operation->iv_set || ! operation->iv_required )
-        return( PSA_ERROR_BAD_STATE );
-
-    if( iv_length != operation->iv_size )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
-    status = mbedtls_to_psa_error(
-        mbedtls_cipher_set_iv( &operation->cipher, iv, iv_length ) );
-
-    if( status == PSA_SUCCESS )
-        operation->iv_set = 1;
-
-    return( status );
-}
-
-psa_status_t test_transparent_cipher_update(
-    test_transparent_cipher_operation_t *operation,
-    const uint8_t *input,
-    size_t input_length,
-    uint8_t *output,
-    size_t output_size,
-    size_t *output_length)
-{
-    psa_status_t status;
-
-    test_driver_cipher_hooks.hits++;
-
-    if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
-        return( test_driver_cipher_hooks.forced_status );
-
-    if( operation->alg != PSA_ALG_CTR )
-        return( PSA_ERROR_BAD_STATE );
-
-    /* CTR is a stream cipher, so data in and out are always the same size */
-    if( output_size < input_length )
-        return( PSA_ERROR_BUFFER_TOO_SMALL );
-
-    status = mbedtls_to_psa_error(
-        mbedtls_cipher_update( &operation->cipher, input,
-                               input_length, output, output_length ) );
-
-    if( status != PSA_SUCCESS )
-        return status;
-
-    if( test_driver_cipher_hooks.forced_output != NULL )
-    {
-        if( output_size < test_driver_cipher_hooks.forced_output_length )
-            return PSA_ERROR_BUFFER_TOO_SMALL;
-
-        memcpy( output,
-                test_driver_cipher_hooks.forced_output,
-                test_driver_cipher_hooks.forced_output_length );
-        *output_length = test_driver_cipher_hooks.forced_output_length;
-    }
-
-    return( test_driver_cipher_hooks.forced_status );
-}
-
-psa_status_t test_transparent_cipher_finish(
-    test_transparent_cipher_operation_t *operation,
-    uint8_t *output,
-    size_t output_size,
-    size_t *output_length)
-{
-    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
-    uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH];
-
-    test_driver_cipher_hooks.hits++;
-
-    if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
-        return( test_driver_cipher_hooks.forced_status );
-
-    if( operation->alg != PSA_ALG_CTR )
-        return( PSA_ERROR_BAD_STATE );
-
-    if( ! operation->key_set )
-        return( PSA_ERROR_BAD_STATE );
-
-    if( operation->iv_required && ! operation->iv_set )
-        return( PSA_ERROR_BAD_STATE );
-
-    status = mbedtls_to_psa_error(
-        mbedtls_cipher_finish( &operation->cipher,
-                               temp_output_buffer,
-                               output_length ) );
-
-    mbedtls_cipher_free( &operation->cipher );
-
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    if( *output_length == 0 )
-        ; /* Nothing to copy. Note that output may be NULL in this case. */
-    else if( output_size >= *output_length )
-        memcpy( output, temp_output_buffer, *output_length );
-    else
-        return( PSA_ERROR_BUFFER_TOO_SMALL );
-
-
-    if( test_driver_cipher_hooks.forced_output != NULL )
-    {
-        if( output_size < test_driver_cipher_hooks.forced_output_length )
-            return PSA_ERROR_BUFFER_TOO_SMALL;
-
-        memcpy( output,
-                test_driver_cipher_hooks.forced_output,
-                test_driver_cipher_hooks.forced_output_length );
-        *output_length = test_driver_cipher_hooks.forced_output_length;
-    }
-
-    return( test_driver_cipher_hooks.forced_status );
-}
-
-/*
- * opaque versions, to do
- */
-psa_status_t test_opaque_cipher_encrypt(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg,
-    const uint8_t *input, size_t input_length,
-    uint8_t *output, size_t output_size, size_t *output_length)
-{
-    (void) attributes;
-    (void) key;
-    (void) key_length;
-    (void) alg;
-    (void) input;
-    (void) input_length;
-    (void) output;
-    (void) output_size;
-    (void) output_length;
-    return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_cipher_decrypt(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg,
-    const uint8_t *input, size_t input_length,
-    uint8_t *output, size_t output_size, size_t *output_length)
-{
-    (void) attributes;
-    (void) key;
-    (void) key_length;
-    (void) alg;
-    (void) input;
-    (void) input_length;
-    (void) output;
-    (void) output_size;
-    (void) output_length;
-    return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_cipher_encrypt_setup(
-    test_opaque_cipher_operation_t *operation,
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg)
-{
-    (void) operation;
-    (void) attributes;
-    (void) key;
-    (void) key_length;
-    (void) alg;
-    return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_cipher_decrypt_setup(
-    test_opaque_cipher_operation_t *operation,
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg)
-{
-    (void) operation;
-    (void) attributes;
-    (void) key;
-    (void) key_length;
-    (void) alg;
-    return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_cipher_abort(
-    test_opaque_cipher_operation_t *operation)
-{
-    (void) operation;
-    return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_cipher_generate_iv(
-    test_opaque_cipher_operation_t *operation,
-    uint8_t *iv,
-    size_t iv_size,
-    size_t *iv_length)
-{
-    (void) operation;
-    (void) iv;
-    (void) iv_size;
-    (void) iv_length;
-    return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_cipher_set_iv(
-    test_opaque_cipher_operation_t *operation,
-    const uint8_t *iv,
-    size_t iv_length)
-{
-    (void) operation;
-    (void) iv;
-    (void) iv_length;
-    return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_cipher_update(
-    test_opaque_cipher_operation_t *operation,
-    const uint8_t *input,
-    size_t input_length,
-    uint8_t *output,
-    size_t output_size,
-    size_t *output_length)
-{
-    (void) operation;
-    (void) input;
-    (void) input_length;
-    (void) output;
-    (void) output_size;
-    (void) output_length;
-    return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_cipher_finish(
-    test_opaque_cipher_operation_t *operation,
-    uint8_t *output,
-    size_t output_size,
-    size_t *output_length)
-{
-    (void) operation;
-    (void) output;
-    (void) output_size;
-    (void) output_length;
-    return( PSA_ERROR_NOT_SUPPORTED );
-}
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/3rdparty/mbedtls-2.25.0/tests/src/drivers/key_management.c b/3rdparty/mbedtls-2.25.0/tests/src/drivers/key_management.c
deleted file mode 100644
index 00d2b45..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/src/drivers/key_management.c
+++ /dev/null
@@ -1,355 +0,0 @@
-/*
- * Test driver for generating and verifying keys.
- * Currently only supports generating and verifying ECC keys.
- */
-/*  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
-#include "psa/crypto.h"
-#include "psa_crypto_core.h"
-#include "mbedtls/ecp.h"
-#include "mbedtls/error.h"
-
-#include "test/drivers/key_management.h"
-
-#include "test/random.h"
-
-#include <string.h>
-
-test_driver_key_management_hooks_t test_driver_key_management_hooks =
-    TEST_DRIVER_KEY_MANAGEMENT_INIT;
-
-psa_status_t test_transparent_generate_key(
-    const psa_key_attributes_t *attributes,
-    uint8_t *key, size_t key_size, size_t *key_length )
-{
-#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) && \
-    !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
-    (void)attributes;
-#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR &&
-        * !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY */
-    ++test_driver_key_management_hooks.hits;
-
-    if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
-        return( test_driver_key_management_hooks.forced_status );
-
-    if( test_driver_key_management_hooks.forced_output != NULL )
-    {
-        if( test_driver_key_management_hooks.forced_output_length > key_size )
-            return( PSA_ERROR_BUFFER_TOO_SMALL );
-        memcpy( key, test_driver_key_management_hooks.forced_output,
-                test_driver_key_management_hooks.forced_output_length );
-        *key_length = test_driver_key_management_hooks.forced_output_length;
-        return( PSA_SUCCESS );
-    }
-
-    /* Copied from psa_crypto.c */
-#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
-    defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
-    if ( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) )
-         && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) )
-    {
-        psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY(
-            psa_get_key_type( attributes ) );
-        mbedtls_ecp_group_id grp_id =
-            mbedtls_ecc_group_of_psa(
-                curve,
-                PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) ) );
-        const mbedtls_ecp_curve_info *curve_info =
-            mbedtls_ecp_curve_info_from_grp_id( grp_id );
-        mbedtls_ecp_keypair ecp;
-        mbedtls_test_rnd_pseudo_info rnd_info;
-        memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-        if( attributes->domain_parameters_size != 0 )
-            return( PSA_ERROR_NOT_SUPPORTED );
-        if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
-            return( PSA_ERROR_NOT_SUPPORTED );
-        if( curve_info->bit_size != psa_get_key_bits( attributes ) )
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        mbedtls_ecp_keypair_init( &ecp );
-        ret = mbedtls_ecp_gen_key( grp_id, &ecp,
-                                   &mbedtls_test_rnd_pseudo_rand,
-                                   &rnd_info );
-        if( ret != 0 )
-        {
-            mbedtls_ecp_keypair_free( &ecp );
-            return( mbedtls_to_psa_error( ret ) );
-        }
-
-        /* Make sure to use export representation */
-        size_t bytes = PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) );
-        if( key_size < bytes )
-        {
-            mbedtls_ecp_keypair_free( &ecp );
-            return( PSA_ERROR_BUFFER_TOO_SMALL );
-        }
-        psa_status_t status = mbedtls_to_psa_error(
-            mbedtls_mpi_write_binary( &ecp.d, key, bytes ) );
-
-        if( status == PSA_SUCCESS )
-        {
-            *key_length = bytes;
-        }
-        else
-        {
-            memset( key, 0, bytes );
-        }
-
-        mbedtls_ecp_keypair_free( &ecp );
-        return( status );
-    }
-    else
-#endif /* MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR ||
-        * MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY */
-    return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_generate_key(
-    const psa_key_attributes_t *attributes,
-    uint8_t *key, size_t key_size, size_t *key_length )
-{
-    (void) attributes;
-    (void) key;
-    (void) key_size;
-    (void) key_length;
-    return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_transparent_validate_key(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *data,
-    size_t data_length,
-    size_t *bits )
-{
-    ++test_driver_key_management_hooks.hits;
-
-    if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
-        return( test_driver_key_management_hooks.forced_status );
-
-#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
-    defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
-    psa_key_type_t type = psa_get_key_type( attributes );
-    if ( PSA_KEY_TYPE_IS_ECC( type ) )
-    {
-        // Code mostly copied from psa_load_ecp_representation
-        psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY( type );
-        mbedtls_ecp_group_id grp_id;
-        mbedtls_ecp_keypair ecp;
-        psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-
-        if( psa_get_key_bits( attributes ) == 0 )
-        {
-            // Attempt auto-detect of curve bit size
-            size_t curve_size = data_length;
-
-            if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) &&
-                PSA_KEY_TYPE_ECC_GET_FAMILY( type ) != PSA_ECC_FAMILY_MONTGOMERY )
-            {
-                /* A Weierstrass public key is represented as:
-                 * - The byte 0x04;
-                 * - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
-                 * - `y_P` as a `ceiling(m/8)`-byte string, big-endian.
-                 * So its data length is 2m+1 where m is the curve size in bits.
-                 */
-                if( ( data_length & 1 ) == 0 )
-                    return( PSA_ERROR_INVALID_ARGUMENT );
-                curve_size = data_length / 2;
-
-                /* Montgomery public keys are represented in compressed format, meaning
-                 * their curve_size is equal to the amount of input. */
-
-                /* Private keys are represented in uncompressed private random integer
-                 * format, meaning their curve_size is equal to the amount of input. */
-            }
-
-            grp_id = mbedtls_ecc_group_of_psa( curve, curve_size );
-        }
-        else
-        {
-            grp_id = mbedtls_ecc_group_of_psa( curve,
-                PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) ) );
-        }
-
-        const mbedtls_ecp_curve_info *curve_info =
-            mbedtls_ecp_curve_info_from_grp_id( grp_id );
-
-        if( attributes->domain_parameters_size != 0 )
-            return( PSA_ERROR_NOT_SUPPORTED );
-        if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
-            return( PSA_ERROR_NOT_SUPPORTED );
-
-        *bits = curve_info->bit_size;
-
-        mbedtls_ecp_keypair_init( &ecp );
-
-        status = mbedtls_to_psa_error(
-                    mbedtls_ecp_group_load( &ecp.grp, grp_id ) );
-        if( status != PSA_SUCCESS )
-            goto ecp_exit;
-
-        /* Load the key material. */
-        if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
-        {
-            /* Load the public value. */
-            status = mbedtls_to_psa_error(
-                mbedtls_ecp_point_read_binary( &ecp.grp, &ecp.Q,
-                                               data,
-                                               data_length ) );
-            if( status != PSA_SUCCESS )
-                goto ecp_exit;
-
-            /* Check that the point is on the curve. */
-            status = mbedtls_to_psa_error(
-                mbedtls_ecp_check_pubkey( &ecp.grp, &ecp.Q ) );
-        }
-        else
-        {
-            /* Load and validate the secret value. */
-            status = mbedtls_to_psa_error(
-                mbedtls_ecp_read_key( ecp.grp.id,
-                                      &ecp,
-                                      data,
-                                      data_length ) );
-        }
-
-ecp_exit:
-        mbedtls_ecp_keypair_free( &ecp );
-        return( status );
-    }
-    return( PSA_ERROR_NOT_SUPPORTED );
-#else
-    (void) attributes;
-    (void) data;
-    (void) data_length;
-    (void) bits;
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR ||
-        * MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY */
-}
-
-psa_status_t test_transparent_export_public_key(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    uint8_t *data, size_t data_size, size_t *data_length )
-{
-    ++test_driver_key_management_hooks.hits;
-
-    if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
-        return( test_driver_key_management_hooks.forced_status );
-
-    if( test_driver_key_management_hooks.forced_output != NULL )
-    {
-        if( test_driver_key_management_hooks.forced_output_length > data_size )
-            return( PSA_ERROR_BUFFER_TOO_SMALL );
-        memcpy( data, test_driver_key_management_hooks.forced_output,
-                test_driver_key_management_hooks.forced_output_length );
-        *data_length = test_driver_key_management_hooks.forced_output_length;
-        return( PSA_SUCCESS );
-    }
-
-    if( key == NULL || key_length == 0 )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
-    psa_key_type_t keytype = psa_get_key_type( attributes );
-    (void) keytype;
-
-#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
-    defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
-    if( PSA_KEY_TYPE_IS_ECC( keytype ) )
-    {
-        if( !PSA_KEY_TYPE_IS_KEY_PAIR( keytype ) )
-            return( PSA_ERROR_INVALID_ARGUMENT );
-
-        /* Mostly copied from psa_crypto.c */
-        mbedtls_ecp_group_id grp_id = MBEDTLS_ECP_DP_NONE;
-        psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-        mbedtls_ecp_keypair ecp;
-        mbedtls_test_rnd_pseudo_info rnd_info;
-        memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-        if( attributes->domain_parameters_size != 0 )
-            return( PSA_ERROR_NOT_SUPPORTED );
-
-        grp_id = mbedtls_ecc_group_of_psa( PSA_KEY_TYPE_ECC_GET_FAMILY( keytype ),
-                                           PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) ) );
-        if( grp_id == MBEDTLS_ECP_DP_NONE )
-            return( PSA_ERROR_NOT_SUPPORTED );
-
-        mbedtls_ecp_keypair_init( &ecp );
-
-        status = mbedtls_to_psa_error(
-                    mbedtls_ecp_group_load( &ecp.grp, grp_id ) );
-        if( status != PSA_SUCCESS )
-            goto ecp_exit;
-
-        status = mbedtls_to_psa_error(
-            mbedtls_ecp_read_key( ecp.grp.id,
-                                  &ecp,
-                                  key,
-                                  key_length ) );
-        if( status != PSA_SUCCESS )
-            goto ecp_exit;
-
-        /* Calculate the public key */
-        status = mbedtls_to_psa_error(
-            mbedtls_ecp_mul( &ecp.grp, &ecp.Q, &ecp.d, &ecp.grp.G,
-                             &mbedtls_test_rnd_pseudo_rand,
-                             &rnd_info ) );
-        if( status != PSA_SUCCESS )
-            goto ecp_exit;
-
-        status = mbedtls_to_psa_error(
-                    mbedtls_ecp_point_write_binary( &ecp.grp, &ecp.Q,
-                                                    MBEDTLS_ECP_PF_UNCOMPRESSED,
-                                                    data_length,
-                                                    data,
-                                                    data_size ) );
-        if( status != PSA_SUCCESS )
-            memset( data, 0, data_size );
-ecp_exit:
-        mbedtls_ecp_keypair_free( &ecp );
-        return( status );
-    }
-#endif /* MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR ||
-        * MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY */
-
-    return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_export_public_key(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    uint8_t *data, size_t data_size, size_t *data_length )
-{
-    (void) attributes;
-    (void) key;
-    (void) key_length;
-    (void) data;
-    (void) data_size;
-    (void) data_length;
-    return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/3rdparty/mbedtls-2.25.0/tests/src/drivers/signature.c b/3rdparty/mbedtls-2.25.0/tests/src/drivers/signature.c
deleted file mode 100644
index cea0351..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/src/drivers/signature.c
+++ /dev/null
@@ -1,291 +0,0 @@
-/*
- * Test driver for signature functions.
- * Currently supports signing and verifying precalculated hashes, using
- * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1.
- */
-/*  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
-#include "psa/crypto.h"
-#include "psa_crypto_core.h"
-#include "mbedtls/ecp.h"
-
-#include "test/drivers/signature.h"
-
-#include "mbedtls/md.h"
-#include "mbedtls/ecdsa.h"
-
-#include "test/random.h"
-
-#include <string.h>
-
-test_driver_signature_hooks_t test_driver_signature_sign_hooks = TEST_DRIVER_SIGNATURE_INIT;
-test_driver_signature_hooks_t test_driver_signature_verify_hooks = TEST_DRIVER_SIGNATURE_INIT;
-
-psa_status_t test_transparent_signature_sign_hash(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg,
-    const uint8_t *hash, size_t hash_length,
-    uint8_t *signature, size_t signature_size, size_t *signature_length )
-{
-    ++test_driver_signature_sign_hooks.hits;
-
-    if( test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS )
-        return( test_driver_signature_sign_hooks.forced_status );
-
-    if( test_driver_signature_sign_hooks.forced_output != NULL )
-    {
-        if( test_driver_signature_sign_hooks.forced_output_length > signature_size )
-            return( PSA_ERROR_BUFFER_TOO_SMALL );
-        memcpy( signature, test_driver_signature_sign_hooks.forced_output,
-                test_driver_signature_sign_hooks.forced_output_length );
-        *signature_length = test_driver_signature_sign_hooks.forced_output_length;
-        return( PSA_SUCCESS );
-    }
-
-    psa_status_t status = PSA_ERROR_NOT_SUPPORTED;
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
-    defined(MBEDTLS_SHA256_C)
-    if( alg != PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ) )
-        return( PSA_ERROR_NOT_SUPPORTED );
-    mbedtls_ecp_group_id grp_id;
-    switch( psa_get_key_type( attributes ) )
-    {
-        case PSA_ECC_CURVE_SECP_R1:
-            switch( psa_get_key_bits( attributes ) )
-            {
-                case 256:
-                    grp_id = MBEDTLS_ECP_DP_SECP256R1;
-                    break;
-                case 384:
-                    grp_id = MBEDTLS_ECP_DP_SECP384R1;
-                    break;
-                case 521:
-                    grp_id = MBEDTLS_ECP_DP_SECP521R1;
-                    break;
-                default:
-                    return( PSA_ERROR_NOT_SUPPORTED );
-            }
-            break;
-        default:
-            return( PSA_ERROR_NOT_SUPPORTED );
-    }
-
-    /* Beyond this point, the driver is actually doing the work of
-     * calculating the signature. */
-
-    status = PSA_ERROR_GENERIC_ERROR;
-    int ret = 0;
-    mbedtls_mpi r, s;
-    mbedtls_mpi_init( &r );
-    mbedtls_mpi_init( &s );
-    mbedtls_ecp_keypair ecp;
-    mbedtls_ecp_keypair_init( &ecp );
-    size_t curve_bytes = PSA_BITS_TO_BYTES( ecp.grp.pbits );
-
-    MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ecp.grp, grp_id ) );
-    MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( &ecp.grp, &ecp.Q,
-                                                    key, key_length ) );
-
-    /* Code adapted from psa_ecdsa_sign() in psa_crypto.c. */
-    mbedtls_md_type_t md_alg = MBEDTLS_MD_SHA256;
-    if( signature_size < 2 * curve_bytes )
-    {
-        status = PSA_ERROR_BUFFER_TOO_SMALL;
-        goto cleanup;
-    }
-    MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det( &ecp.grp, &r, &s, &ecp.d,
-                                  hash, hash_length, md_alg ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &r,
-                                               signature,
-                                               curve_bytes ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &s,
-                                               signature + curve_bytes,
-                                               curve_bytes ) );
-cleanup:
-    status = mbedtls_to_psa_error( ret );
-    mbedtls_mpi_free( &r );
-    mbedtls_mpi_free( &s );
-    mbedtls_ecp_keypair_free( &ecp );
-    if( status == PSA_SUCCESS )
-        *signature_length = 2 * curve_bytes;
-#else /* defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
-         defined(MBEDTLS_SHA256_C) */
-    (void) attributes;
-    (void) key;
-    (void) key_length;
-    (void) alg;
-    (void) hash;
-    (void) hash_length;
-#endif /* defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
-          defined(MBEDTLS_SHA256_C) */
-
-    return( status );
-}
-
-psa_status_t test_opaque_signature_sign_hash(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg,
-    const uint8_t *hash, size_t hash_length,
-    uint8_t *signature, size_t signature_size, size_t *signature_length )
-{
-    (void) attributes;
-    (void) key;
-    (void) key_length;
-    (void) alg;
-    (void) hash;
-    (void) hash_length;
-    (void) signature;
-    (void) signature_size;
-    (void) signature_length;
-    return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_transparent_signature_verify_hash(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg,
-    const uint8_t *hash, size_t hash_length,
-    const uint8_t *signature, size_t signature_length )
-{
-    ++test_driver_signature_verify_hooks.hits;
-
-    if( test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
-        return( test_driver_signature_verify_hooks.forced_status );
-
-    psa_status_t status = PSA_ERROR_NOT_SUPPORTED;
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
-    defined(MBEDTLS_SHA256_C)
-    if( alg != PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ) )
-        return( PSA_ERROR_NOT_SUPPORTED );
-    mbedtls_ecp_group_id grp_id;
-    switch( psa_get_key_type( attributes ) )
-    {
-        case PSA_ECC_CURVE_SECP_R1:
-            switch( psa_get_key_bits( attributes ) )
-            {
-                case 256:
-                    grp_id = MBEDTLS_ECP_DP_SECP256R1;
-                    break;
-                case 384:
-                    grp_id = MBEDTLS_ECP_DP_SECP384R1;
-                    break;
-                case 521:
-                    grp_id = MBEDTLS_ECP_DP_SECP521R1;
-                    break;
-                default:
-                    return( PSA_ERROR_NOT_SUPPORTED );
-            }
-            break;
-        default:
-            return( PSA_ERROR_NOT_SUPPORTED );
-    }
-
-    /* Beyond this point, the driver is actually doing the work of
-     * calculating the signature. */
-
-    status = PSA_ERROR_GENERIC_ERROR;
-    int ret = 0;
-    mbedtls_mpi r, s;
-    mbedtls_mpi_init( &r );
-    mbedtls_mpi_init( &s );
-    mbedtls_ecp_keypair ecp;
-    mbedtls_ecp_keypair_init( &ecp );
-    mbedtls_test_rnd_pseudo_info rnd_info;
-    memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
-    size_t curve_bytes = PSA_BITS_TO_BYTES( ecp.grp.pbits );
-
-    MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ecp.grp, grp_id ) );
-
-    /* Code adapted from psa_ecdsa_verify() in psa_crypto.c. */
-    if( signature_length < 2 * curve_bytes )
-    {
-        status = PSA_ERROR_BUFFER_TOO_SMALL;
-        goto cleanup;
-    }
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &r,
-                                              signature,
-                                              curve_bytes ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &s,
-                                              signature + curve_bytes,
-                                              curve_bytes ) );
-
-    if( PSA_KEY_TYPE_IS_PUBLIC_KEY( psa_get_key_type( attributes ) ) )
-        MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( &ecp.grp, &ecp.Q,
-                                                    key, key_length ) );
-    else
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ecp.d, key, key_length ) );
-        MBEDTLS_MPI_CHK(
-            mbedtls_ecp_mul( &ecp.grp, &ecp.Q, &ecp.d, &ecp.grp.G,
-                             &mbedtls_test_rnd_pseudo_rand,
-                             &rnd_info ) );
-    }
-
-    MBEDTLS_MPI_CHK( mbedtls_ecdsa_verify( &ecp.grp, hash, hash_length,
-                                &ecp.Q, &r, &s ) );
-cleanup:
-    status = mbedtls_to_psa_error( ret );
-    mbedtls_mpi_free( &r );
-    mbedtls_mpi_free( &s );
-    mbedtls_ecp_keypair_free( &ecp );
-#else /* defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
-         defined(MBEDTLS_SHA256_C) */
-    (void) attributes;
-    (void) key;
-    (void) key_length;
-    (void) alg;
-    (void) hash;
-    (void) hash_length;
-    (void) signature;
-    (void) signature_length;
-#endif /* defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
-          defined(MBEDTLS_SHA256_C) */
-
-    return( status );
-}
-
-psa_status_t test_opaque_signature_verify_hash(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *key, size_t key_length,
-    psa_algorithm_t alg,
-    const uint8_t *hash, size_t hash_length,
-    const uint8_t *signature, size_t signature_length )
-{
-    (void) attributes;
-    (void) key;
-    (void) key_length;
-    (void) alg;
-    (void) hash;
-    (void) hash_length;
-    (void) signature;
-    (void) signature_length;
-    return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/3rdparty/mbedtls-2.25.0/tests/src/drivers/size.c b/3rdparty/mbedtls-2.25.0/tests/src/drivers/size.c
deleted file mode 100644
index 16a8692..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/src/drivers/size.c
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Test driver for retrieving key context size.
- * Only used by opaque drivers.
- */
-/*  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
-
-#include "test/drivers/size.h"
-
-#ifdef TEST_KEY_CONTEXT_SIZE_FUNCTION
-size_t test_size_function(
-    const psa_key_type_t key_type,
-    const size_t key_bits )
-{
-    (void) key_type;
-    (void) key_bits;
-    return 0;
-}
-#endif /*TEST_KEY_CONTEXT_SIZE_FUNCTION */
-
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/3rdparty/mbedtls-2.25.0/tests/src/helpers.c b/3rdparty/mbedtls-2.25.0/tests/src/helpers.c
deleted file mode 100644
index a18f1d4..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/src/helpers.c
+++ /dev/null
@@ -1,246 +0,0 @@
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include <test/helpers.h>
-#include <test/macros.h>
-#include <string.h>
-
-#if defined(MBEDTLS_CHECK_PARAMS)
-#include <setjmp.h>
-#endif
-
-/*----------------------------------------------------------------------------*/
-/* Static global variables */
-
-#if defined(MBEDTLS_CHECK_PARAMS)
-typedef struct
-{
-    uint8_t expected_call;
-    uint8_t expected_call_happened;
-
-    jmp_buf state;
-
-    mbedtls_test_param_failed_location_record_t location_record;
-}
-param_failed_ctx_t;
-static param_failed_ctx_t param_failed_ctx;
-#endif
-
-#if defined(MBEDTLS_PLATFORM_C)
-static mbedtls_platform_context platform_ctx;
-#endif
-
-/*----------------------------------------------------------------------------*/
-/* Helper Functions */
-
-int mbedtls_test_platform_setup( void )
-{
-    int ret = 0;
-#if defined(MBEDTLS_PLATFORM_C)
-    ret = mbedtls_platform_setup( &platform_ctx );
-#endif /* MBEDTLS_PLATFORM_C */
-    return( ret );
-}
-
-void mbedtls_test_platform_teardown( void )
-{
-#if defined(MBEDTLS_PLATFORM_C)
-    mbedtls_platform_teardown( &platform_ctx );
-#endif /* MBEDTLS_PLATFORM_C */
-}
-
-static int ascii2uc(const char c, unsigned char *uc)
-{
-    if( ( c >= '0' ) && ( c <= '9' ) )
-        *uc = c - '0';
-    else if( ( c >= 'a' ) && ( c <= 'f' ) )
-        *uc = c - 'a' + 10;
-    else if( ( c >= 'A' ) && ( c <= 'F' ) )
-        *uc = c - 'A' + 10;
-    else
-        return( -1 );
-
-    return( 0 );
-}
-
-int mbedtls_test_unhexify( unsigned char *obuf,
-                           size_t obufmax,
-                           const char *ibuf,
-                           size_t *len )
-{
-    unsigned char uc, uc2;
-
-    *len = strlen( ibuf );
-
-    /* Must be even number of bytes. */
-    if ( ( *len ) & 1 )
-        return( -1 );
-    *len /= 2;
-
-    if ( (*len) > obufmax )
-        return( -1 );
-
-    while( *ibuf != 0 )
-    {
-        if ( ascii2uc( *(ibuf++), &uc ) != 0 )
-            return( -1 );
-
-        if ( ascii2uc( *(ibuf++), &uc2 ) != 0 )
-            return( -1 );
-
-        *(obuf++) = ( uc << 4 ) | uc2;
-    }
-
-    return( 0 );
-}
-
-void mbedtls_test_hexify( unsigned char *obuf,
-                          const unsigned char *ibuf,
-                          int len )
-{
-    unsigned char l, h;
-
-    while( len != 0 )
-    {
-        h = *ibuf / 16;
-        l = *ibuf % 16;
-
-        if( h < 10 )
-            *obuf++ = '0' + h;
-        else
-            *obuf++ = 'a' + h - 10;
-
-        if( l < 10 )
-            *obuf++ = '0' + l;
-        else
-            *obuf++ = 'a' + l - 10;
-
-        ++ibuf;
-        len--;
-    }
-}
-
-unsigned char *mbedtls_test_zero_alloc( size_t len )
-{
-    void *p;
-    size_t actual_len = ( len != 0 ) ? len : 1;
-
-    p = mbedtls_calloc( 1, actual_len );
-    TEST_HELPER_ASSERT( p != NULL );
-
-    memset( p, 0x00, actual_len );
-
-    return( p );
-}
-
-unsigned char *mbedtls_test_unhexify_alloc( const char *ibuf, size_t *olen )
-{
-    unsigned char *obuf;
-    size_t len;
-
-    *olen = strlen( ibuf ) / 2;
-
-    if( *olen == 0 )
-        return( mbedtls_test_zero_alloc( *olen ) );
-
-    obuf = mbedtls_calloc( 1, *olen );
-    TEST_HELPER_ASSERT( obuf != NULL );
-    TEST_HELPER_ASSERT( mbedtls_test_unhexify( obuf, *olen, ibuf, &len ) == 0 );
-
-    return( obuf );
-}
-
-int mbedtls_test_hexcmp( uint8_t * a, uint8_t * b,
-                         uint32_t a_len, uint32_t b_len )
-{
-    int ret = 0;
-    uint32_t i = 0;
-
-    if( a_len != b_len )
-        return( -1 );
-
-    for( i = 0; i < a_len; i++ )
-    {
-        if( a[i] != b[i] )
-        {
-            ret = -1;
-            break;
-        }
-    }
-    return ret;
-}
-
-#if defined(MBEDTLS_CHECK_PARAMS)
-void mbedtls_test_param_failed_get_location_record(
-         mbedtls_test_param_failed_location_record_t *location_record )
-{
-    *location_record = param_failed_ctx.location_record;
-}
-
-void mbedtls_test_param_failed_expect_call( void )
-{
-    param_failed_ctx.expected_call_happened = 0;
-    param_failed_ctx.expected_call = 1;
-}
-
-int mbedtls_test_param_failed_check_expected_call( void )
-{
-    param_failed_ctx.expected_call = 0;
-
-    if( param_failed_ctx.expected_call_happened != 0 )
-        return( 0 );
-
-    return( -1 );
-}
-
-void* mbedtls_test_param_failed_get_state_buf( void )
-{
-    return &param_failed_ctx.state;
-}
-
-void mbedtls_test_param_failed_reset_state( void )
-{
-    memset( param_failed_ctx.state, 0, sizeof( param_failed_ctx.state ) );
-}
-
-void mbedtls_param_failed( const char *failure_condition,
-                           const char *file,
-                           int line )
-{
-    /* Record the location of the failure */
-    param_failed_ctx.location_record.failure_condition = failure_condition;
-    param_failed_ctx.location_record.file = file;
-    param_failed_ctx.location_record.line = line;
-
-    /* If we are testing the callback function...  */
-    if( param_failed_ctx.expected_call != 0 )
-    {
-        param_failed_ctx.expected_call = 0;
-        param_failed_ctx.expected_call_happened = 1;
-    }
-    else
-    {
-        /* ...else try a long jump. If the execution state has not been set-up
-         * or reset then the long jump buffer is all zero's and the call will
-         * with high probability fault, emphasizing there is something to look
-         * at.
-         */
-
-        longjmp( param_failed_ctx.state, 1 );
-    }
-}
-#endif /* MBEDTLS_CHECK_PARAMS */
diff --git a/3rdparty/mbedtls-2.25.0/tests/src/random.c b/3rdparty/mbedtls-2.25.0/tests/src/random.c
deleted file mode 100644
index e01bd4d..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/src/random.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/**
- * \file random.c
- *
- * \brief   This file contains the helper functions to generate random numbers
- *          for the purpose of testing.
- */
-
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- * for arc4random_buf() from <stdlib.h>
- */
-#if defined(__NetBSD__)
-#define _NETBSD_SOURCE 1
-#elif defined(__OpenBSD__)
-#define _BSD_SOURCE 1
-#endif
-
-#include <test/macros.h>
-#include <test/random.h>
-#include <string.h>
-
-int mbedtls_test_rnd_std_rand( void *rng_state,
-                               unsigned char *output,
-                               size_t len )
-{
-#if !defined(__OpenBSD__) && !defined(__NetBSD__)
-    size_t i;
-
-    if( rng_state != NULL )
-        rng_state  = NULL;
-
-    for( i = 0; i < len; ++i )
-        output[i] = rand();
-#else
-    if( rng_state != NULL )
-        rng_state = NULL;
-
-    arc4random_buf( output, len );
-#endif /* !OpenBSD && !NetBSD */
-
-    return( 0 );
-}
-
-int mbedtls_test_rnd_zero_rand( void *rng_state,
-                                unsigned char *output,
-                                size_t len )
-{
-    if( rng_state != NULL )
-        rng_state  = NULL;
-
-    memset( output, 0, len );
-
-    return( 0 );
-}
-
-int mbedtls_test_rnd_buffer_rand( void *rng_state,
-                                  unsigned char *output,
-                                  size_t len )
-{
-    mbedtls_test_rnd_buf_info *info = (mbedtls_test_rnd_buf_info *) rng_state;
-    size_t use_len;
-
-    if( rng_state == NULL )
-        return( mbedtls_test_rnd_std_rand( NULL, output, len ) );
-
-    use_len = len;
-    if( len > info->length )
-        use_len = info->length;
-
-    if( use_len )
-    {
-        memcpy( output, info->buf, use_len );
-        info->buf += use_len;
-        info->length -= use_len;
-    }
-
-    if( len - use_len > 0 )
-        return( mbedtls_test_rnd_std_rand( NULL, output + use_len,
-                                           len - use_len ) );
-
-    return( 0 );
-}
-
-int mbedtls_test_rnd_pseudo_rand( void *rng_state,
-                                  unsigned char *output,
-                                  size_t len )
-{
-    mbedtls_test_rnd_pseudo_info *info =
-        (mbedtls_test_rnd_pseudo_info *) rng_state;
-    uint32_t i, *k, sum, delta=0x9E3779B9;
-    unsigned char result[4], *out = output;
-
-    if( rng_state == NULL )
-        return( mbedtls_test_rnd_std_rand( NULL, output, len ) );
-
-    k = info->key;
-
-    while( len > 0 )
-    {
-        size_t use_len = ( len > 4 ) ? 4 : len;
-        sum = 0;
-
-        for( i = 0; i < 32; i++ )
-        {
-            info->v0 += ( ( ( info->v1 << 4 ) ^ ( info->v1 >> 5 ) )
-                            + info->v1 ) ^ ( sum + k[sum & 3] );
-            sum += delta;
-            info->v1 += ( ( ( info->v0 << 4 ) ^ ( info->v0 >> 5 ) )
-                            + info->v0 ) ^ ( sum + k[( sum>>11 ) & 3] );
-        }
-
-        PUT_UINT32_BE( info->v0, result, 0 );
-        memcpy( out, result, use_len );
-        len -= use_len;
-        out += 4;
-    }
-
-    return( 0 );
-}
diff --git a/3rdparty/mbedtls-2.25.0/tests/ssl-opt-in-docker.sh b/3rdparty/mbedtls-2.25.0/tests/ssl-opt-in-docker.sh
deleted file mode 100644
index 401a69c..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/ssl-opt-in-docker.sh
+++ /dev/null
@@ -1,63 +0,0 @@
-#!/bin/bash -eu
-
-# ssl-opt-in-docker.sh
-#
-# Purpose
-# -------
-# This runs ssl-opt.sh in a Docker container.
-#
-# Notes for users
-# ---------------
-# If OPENSSL_CMD, GNUTLS_CLI, or GNUTLS_SERV are specified, the path must
-# correspond to an executable inside the Docker container. The special
-# values "next" and "legacy" are also allowed as shorthand for the
-# installations inside the container.
-#
-# See also:
-# - scripts/docker_env.sh for general Docker prerequisites and other information.
-# - ssl-opt.sh for notes about invocation of that script.
-
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#  http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-source tests/scripts/docker_env.sh
-
-case "${OPENSSL_CMD:-default}" in
-    "legacy")  export OPENSSL_CMD="/usr/local/openssl-1.0.1j/bin/openssl";;
-    "next")    export OPENSSL_CMD="/usr/local/openssl-1.1.1a/bin/openssl";;
-    *) ;;
-esac
-
-case "${GNUTLS_CLI:-default}" in
-    "legacy")  export GNUTLS_CLI="/usr/local/gnutls-3.3.8/bin/gnutls-cli";;
-    "next")  export GNUTLS_CLI="/usr/local/gnutls-3.6.5/bin/gnutls-cli";;
-    *) ;;
-esac
-
-case "${GNUTLS_SERV:-default}" in
-    "legacy")  export GNUTLS_SERV="/usr/local/gnutls-3.3.8/bin/gnutls-serv";;
-    "next")  export GNUTLS_SERV="/usr/local/gnutls-3.6.5/bin/gnutls-serv";;
-    *) ;;
-esac
-
-run_in_docker \
-    -e P_SRV \
-    -e P_CLI \
-    -e P_PXY \
-    -e GNUTLS_CLI \
-    -e GNUTLS_SERV \
-    -e OPENSSL_CMD \
-    tests/ssl-opt.sh \
-    $@
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/helpers.function b/3rdparty/mbedtls-2.25.0/tests/suites/helpers.function
deleted file mode 100644
index aafcf5c..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/helpers.function
+++ /dev/null
@@ -1,469 +0,0 @@
-#line 2 "suites/helpers.function"
-/*----------------------------------------------------------------------------*/
-/* Headers */
-
-#include <test/macros.h>
-#include <test/helpers.h>
-#include <test/random.h>
-
-#include <stdlib.h>
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_fprintf    fprintf
-#define mbedtls_snprintf   snprintf
-#define mbedtls_calloc     calloc
-#define mbedtls_free       free
-#define mbedtls_exit       exit
-#define mbedtls_time       time
-#define mbedtls_time_t     time_t
-#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
-#endif
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-#include "mbedtls/memory_buffer_alloc.h"
-#endif
-
-#if defined(MBEDTLS_CHECK_PARAMS)
-#include "mbedtls/platform_util.h"
-#include <setjmp.h>
-#endif
-
-#ifdef _MSC_VER
-#include <basetsd.h>
-typedef UINT8 uint8_t;
-typedef INT32 int32_t;
-typedef UINT32 uint32_t;
-#define strncasecmp _strnicmp
-#define strcasecmp _stricmp
-#else
-#include <stdint.h>
-#endif
-
-#include <string.h>
-
-#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
-#include <unistd.h>
-#include <strings.h>
-#endif
-
-/* Type for Hex parameters */
-typedef struct data_tag
-{
-    uint8_t *   x;
-    uint32_t    len;
-} data_t;
-
-/*----------------------------------------------------------------------------*/
-/* Status and error constants */
-
-#define DEPENDENCY_SUPPORTED            0   /* Dependency supported by build */
-#define KEY_VALUE_MAPPING_FOUND         0   /* Integer expression found */
-#define DISPATCH_TEST_SUCCESS           0   /* Test dispatch successful */
-
-#define KEY_VALUE_MAPPING_NOT_FOUND     -1  /* Integer expression not found */
-#define DEPENDENCY_NOT_SUPPORTED        -2  /* Dependency not supported */
-#define DISPATCH_TEST_FN_NOT_FOUND      -3  /* Test function not found */
-#define DISPATCH_INVALID_TEST_DATA      -4  /* Invalid test parameter type.
-                                               Only int, string, binary data
-                                               and integer expressions are
-                                               allowed */
-#define DISPATCH_UNSUPPORTED_SUITE      -5  /* Test suite not supported by the
-                                               build */
-
-/*----------------------------------------------------------------------------*/
-/* Macros */
-
-/**
- * \brief   This macro tests the expression passed to it as a test step or
- *          individual test in a test case.
- *
- *          It allows a library function to return a value and return an error
- *          code that can be tested.
- *
- *          When MBEDTLS_CHECK_PARAMS is enabled, calls to the parameter failure
- *          callback, MBEDTLS_PARAM_FAILED(), will be assumed to be a test
- *          failure.
- *
- *          This macro is not suitable for negative parameter validation tests,
- *          as it assumes the test step will not create an error.
- *
- *          Failing the test means:
- *          - Mark this test case as failed.
- *          - Print a message identifying the failure.
- *          - Jump to the \c exit label.
- *
- *          This macro expands to an instruction, not an expression.
- *          It may jump to the \c exit label.
- *
- * \param   TEST    The test expression to be tested.
- */
-#define TEST_ASSERT( TEST )                                 \
-    do {                                                    \
-       if( ! (TEST) )                                       \
-       {                                                    \
-          test_fail( #TEST, __LINE__, __FILE__ );           \
-          goto exit;                                        \
-       }                                                    \
-    } while( 0 )
-
-/** Evaluate two expressions and fail the test case if they have different
- * values.
- *
- * \param expr1     An expression to evaluate.
- * \param expr2     The expected value of \p expr1. This can be any
- *                  expression, but it is typically a constant.
- */
-#define TEST_EQUAL( expr1, expr2 )              \
-    TEST_ASSERT( ( expr1 ) == ( expr2 ) )
-
-/** Allocate memory dynamically and fail the test case if this fails.
- * The allocated memory will be filled with zeros.
- *
- * You must set \p pointer to \c NULL before calling this macro and
- * put `mbedtls_free( pointer )` in the test's cleanup code.
- *
- * If \p length is zero, the resulting \p pointer will be \c NULL.
- * This is usually what we want in tests since API functions are
- * supposed to accept null pointers when a buffer size is zero.
- *
- * This macro expands to an instruction, not an expression.
- * It may jump to the \c exit label.
- *
- * \param pointer   An lvalue where the address of the allocated buffer
- *                  will be stored.
- *                  This expression may be evaluated multiple times.
- * \param length    Number of elements to allocate.
- *                  This expression may be evaluated multiple times.
- *
- */
-#define ASSERT_ALLOC( pointer, length )                           \
-    do                                                            \
-    {                                                             \
-        TEST_ASSERT( ( pointer ) == NULL );                       \
-        if( ( length ) != 0 )                                     \
-        {                                                         \
-            ( pointer ) = mbedtls_calloc( sizeof( *( pointer ) ), \
-                                          ( length ) );           \
-            TEST_ASSERT( ( pointer ) != NULL );                   \
-        }                                                         \
-    }                                                             \
-    while( 0 )
-
-/** Allocate memory dynamically. If the allocation fails, skip the test case.
- *
- * This macro behaves like #ASSERT_ALLOC, except that if the allocation
- * fails, it marks the test as skipped rather than failed.
- */
-#define ASSERT_ALLOC_WEAK( pointer, length )                      \
-    do                                                            \
-    {                                                             \
-        TEST_ASSERT( ( pointer ) == NULL );                       \
-        if( ( length ) != 0 )                                     \
-        {                                                         \
-            ( pointer ) = mbedtls_calloc( sizeof( *( pointer ) ), \
-                                          ( length ) );           \
-            TEST_ASSUME( ( pointer ) != NULL );                   \
-        }                                                         \
-    }                                                             \
-    while( 0 )
-
-/** Compare two buffers and fail the test case if they differ.
- *
- * This macro expands to an instruction, not an expression.
- * It may jump to the \c exit label.
- *
- * \param p1        Pointer to the start of the first buffer.
- * \param size1     Size of the first buffer in bytes.
- *                  This expression may be evaluated multiple times.
- * \param p2        Pointer to the start of the second buffer.
- * \param size2     Size of the second buffer in bytes.
- *                  This expression may be evaluated multiple times.
- */
-#define ASSERT_COMPARE( p1, size1, p2, size2 )                          \
-    do                                                                  \
-    {                                                                   \
-        TEST_ASSERT( ( size1 ) == ( size2 ) );                          \
-        if( ( size1 ) != 0 )                                            \
-            TEST_ASSERT( memcmp( ( p1 ), ( p2 ), ( size1 ) ) == 0 );    \
-    }                                                                   \
-    while( 0 )
-
-/**
- * \brief   This macro tests the expression passed to it and skips the
- *          running test if it doesn't evaluate to 'true'.
- *
- * \param   TEST    The test expression to be tested.
- */
-#define TEST_ASSUME( TEST )                         \
-    do {                                            \
-        if( ! (TEST) )                              \
-        {                                           \
-            test_skip( #TEST, __LINE__, __FILE__ ); \
-            goto exit;                              \
-        }                                           \
-    } while( 0 )
-
-#if defined(MBEDTLS_CHECK_PARAMS) && !defined(MBEDTLS_PARAM_FAILED_ALT)
-/**
- * \brief   This macro tests the statement passed to it as a test step or
- *          individual test in a test case. The macro assumes the test will fail
- *          and will generate an error.
- *
- *          It allows a library function to return a value and tests the return
- *          code on return to confirm the given error code was returned.
- *
- *          When MBEDTLS_CHECK_PARAMS is enabled, calls to the parameter failure
- *          callback, MBEDTLS_PARAM_FAILED(), are assumed to indicate the
- *          expected failure, and the test will pass.
- *
- *          This macro is intended for negative parameter validation tests,
- *          where the failing function may return an error value or call
- *          MBEDTLS_PARAM_FAILED() to indicate the error.
- *
- * \param   PARAM_ERROR_VALUE   The expected error code.
- *
- * \param   TEST                The test expression to be tested.
- */
-#define TEST_INVALID_PARAM_RET( PARAM_ERR_VALUE, TEST )                 \
-    do {                                                                \
-        mbedtls_test_param_failed_expect_call( );                       \
-        if( ( ( TEST ) != ( PARAM_ERR_VALUE ) ) ||                      \
-            ( mbedtls_test_param_failed_check_expected_call( ) != 0 ) ) \
-        {                                                               \
-            test_fail( #TEST, __LINE__, __FILE__ );                     \
-            goto exit;                                                  \
-        }                                                               \
-        mbedtls_test_param_failed_check_expected_call( );               \
-   } while( 0 )
-
-/**
- * \brief   This macro tests the statement passed to it as a test step or
- *          individual test in a test case. The macro assumes the test will fail
- *          and will generate an error.
- *
- *          It assumes the library function under test cannot return a value and
- *          assumes errors can only be indicated byt calls to
- *          MBEDTLS_PARAM_FAILED().
- *
- *          When MBEDTLS_CHECK_PARAMS is enabled, calls to the parameter failure
- *          callback, MBEDTLS_PARAM_FAILED(), are assumed to indicate the
- *          expected failure. If MBEDTLS_CHECK_PARAMS is not enabled, no test
- *          can be made.
- *
- *          This macro is intended for negative parameter validation tests,
- *          where the failing function can only return an error by calling
- *          MBEDTLS_PARAM_FAILED() to indicate the error.
- *
- * \param   TEST                The test expression to be tested.
- */
-#define TEST_INVALID_PARAM( TEST )                                       \
-    do {                                                                 \
-        memcpy( jmp_tmp, mbedtls_test_param_failed_get_state_buf( ),     \
-                sizeof( jmp_tmp ) );                                     \
-        if( setjmp(  mbedtls_test_param_failed_get_state_buf( ) ) == 0 ) \
-        {                                                                \
-            TEST;                                                        \
-            test_fail( #TEST, __LINE__, __FILE__ );                      \
-            goto exit;                                                   \
-        }                                                                \
-        mbedtls_test_param_failed_reset_state( );                        \
-    } while( 0 )
-#endif /* MBEDTLS_CHECK_PARAMS && !MBEDTLS_PARAM_FAILED_ALT */
-
-/**
- * \brief   This macro tests the statement passed to it as a test step or
- *          individual test in a test case. The macro assumes the test will not fail.
- *
- *          It assumes the library function under test cannot return a value and
- *          assumes errors can only be indicated by calls to
- *          MBEDTLS_PARAM_FAILED().
- *
- *          When MBEDTLS_CHECK_PARAMS is enabled, calls to the parameter failure
- *          callback, MBEDTLS_PARAM_FAILED(), are assumed to indicate the
- *          expected failure. If MBEDTLS_CHECK_PARAMS is not enabled, no test
- *          can be made.
- *
- *          This macro is intended to test that functions returning void
- *          accept all of the parameter values they're supposed to accept - eg
- *          that they don't call MBEDTLS_PARAM_FAILED() when a parameter
- *          that's allowed to be NULL happens to be NULL.
- *
- *          Note: for functions that return something other that void,
- *          checking that they accept all the parameters they're supposed to
- *          accept is best done by using TEST_ASSERT() and checking the return
- *          value as well.
- *
- *          Note: this macro is available even when #MBEDTLS_CHECK_PARAMS is
- *          disabled, as it makes sense to check that the functions accept all
- *          legal values even if this option is disabled - only in that case,
- *          the test is more about whether the function segfaults than about
- *          whether it invokes MBEDTLS_PARAM_FAILED().
- *
- * \param   TEST                The test expression to be tested.
- */
-#define TEST_VALID_PARAM( TEST )                                    \
-    TEST_ASSERT( ( TEST, 1 ) );
-
-/** Allocate memory dynamically and fail the test case if this fails.
- *
- * You must set \p pointer to \c NULL before calling this macro and
- * put `mbedtls_free( pointer )` in the test's cleanup code.
- *
- * If \p length is zero, the resulting \p pointer will be \c NULL.
- * This is usually what we want in tests since API functions are
- * supposed to accept null pointers when a buffer size is zero.
- *
- * This macro expands to an instruction, not an expression.
- * It may jump to the \c exit label.
- *
- * \param pointer   An lvalue where the address of the allocated buffer
- *                  will be stored.
- *                  This expression may be evaluated multiple times.
- * \param length    Number of elements to allocate.
- *                  This expression may be evaluated multiple times.
- *
- */
-#define ASSERT_ALLOC( pointer, length )                           \
-    do                                                            \
-    {                                                             \
-        TEST_ASSERT( ( pointer ) == NULL );                       \
-        if( ( length ) != 0 )                                     \
-        {                                                         \
-            ( pointer ) = mbedtls_calloc( sizeof( *( pointer ) ), \
-                                          ( length ) );           \
-            TEST_ASSERT( ( pointer ) != NULL );                   \
-        }                                                         \
-    }                                                             \
-    while( 0 )
-
-/*----------------------------------------------------------------------------*/
-/* Global variables */
-
-typedef enum
-{
-    TEST_RESULT_SUCCESS = 0,
-    TEST_RESULT_FAILED,
-    TEST_RESULT_SKIPPED
-} test_result_t;
-
-typedef struct
-{
-    test_result_t result;
-    const char *test;
-    const char *filename;
-    int line_no;
-    unsigned long step;
-}
-test_info_t;
-static test_info_t test_info;
-
-#if defined(MBEDTLS_CHECK_PARAMS)
-jmp_buf jmp_tmp;
-#endif
-
-/*----------------------------------------------------------------------------*/
-/* Helper flags for complex dependencies */
-
-/* Indicates whether we expect mbedtls_entropy_init
- * to initialize some strong entropy source. */
-#if defined(MBEDTLS_TEST_NULL_ENTROPY) ||             \
-    ( !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) && \
-      ( !defined(MBEDTLS_NO_PLATFORM_ENTROPY)  ||     \
-         defined(MBEDTLS_HAVEGE_C)             ||     \
-         defined(MBEDTLS_ENTROPY_HARDWARE_ALT) ||     \
-         defined(ENTROPY_NV_SEED) ) )
-#define ENTROPY_HAVE_STRONG
-#endif
-
-
-/*----------------------------------------------------------------------------*/
-/* Helper Functions */
-
-/** Set the test step number for failure reports.
- *
- * Call this function to display "step NNN" in addition to the line number
- * and file name if a test fails. Typically the "step number" is the index
- * of a for loop but it can be whatever you want.
- *
- * \param step  The step number to report.
- */
-void test_set_step( unsigned long step )
-{
-    test_info.step = step;
-}
-
-void test_fail( const char *test, int line_no, const char* filename )
-{
-    if( test_info.result == TEST_RESULT_FAILED )
-    {
-        /* We've already recorded the test as having failed. Don't
-         * overwrite any previous information about the failure. */
-        return;
-    }
-    test_info.result = TEST_RESULT_FAILED;
-    test_info.test = test;
-    test_info.line_no = line_no;
-    test_info.filename = filename;
-}
-
-void test_skip( const char *test, int line_no, const char* filename )
-{
-    test_info.result = TEST_RESULT_SKIPPED;
-    test_info.test = test;
-    test_info.line_no = line_no;
-    test_info.filename = filename;
-}
-
-#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
-static int redirect_output( FILE* out_stream, const char* path )
-{
-    int out_fd, dup_fd;
-    FILE* path_stream;
-
-    out_fd = fileno( out_stream );
-    dup_fd = dup( out_fd );
-
-    if( dup_fd == -1 )
-    {
-        return( -1 );
-    }
-
-    path_stream = fopen( path, "w" );
-    if( path_stream == NULL )
-    {
-        close( dup_fd );
-        return( -1 );
-    }
-
-    fflush( out_stream );
-    if( dup2( fileno( path_stream ), out_fd ) == -1 )
-    {
-        close( dup_fd );
-        fclose( path_stream );
-        return( -1 );
-    }
-
-    fclose( path_stream );
-    return( dup_fd );
-}
-
-static int restore_output( FILE* out_stream, int dup_fd )
-{
-    int out_fd = fileno( out_stream );
-
-    fflush( out_stream );
-    if( dup2( dup_fd, out_fd ) == -1 )
-    {
-        close( out_fd );
-        close( dup_fd );
-        return( -1 );
-    }
-
-    close( dup_fd );
-    return( 0 );
-}
-#endif /* __unix__ || __APPLE__ __MACH__ */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/host_test.function b/3rdparty/mbedtls-2.25.0/tests/suites/host_test.function
deleted file mode 100644
index 872a3a4..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/host_test.function
+++ /dev/null
@@ -1,820 +0,0 @@
-#line 2 "suites/host_test.function"
-
-/**
- * \brief       Verifies that string is in string parameter format i.e. "<str>"
- *              It also strips enclosing '"' from the input string.
- *
- * \param str   String parameter.
- *
- * \return      0 if success else 1
- */
-int verify_string( char **str )
-{
-    if( ( *str )[0] != '"' ||
-        ( *str )[strlen( *str ) - 1] != '"' )
-    {
-        mbedtls_fprintf( stderr,
-            "Expected string (with \"\") for parameter and got: %s\n", *str );
-        return( -1 );
-    }
-
-    ( *str )++;
-    ( *str )[strlen( *str ) - 1] = '\0';
-
-    return( 0 );
-}
-
-/**
- * \brief       Verifies that string is an integer. Also gives the converted
- *              integer value.
- *
- * \param str   Input string.
- * \param value Pointer to int for output value.
- *
- * \return      0 if success else 1
- */
-int verify_int( char *str, int *value )
-{
-    size_t i;
-    int minus = 0;
-    int digits = 1;
-    int hex = 0;
-
-    for( i = 0; i < strlen( str ); i++ )
-    {
-        if( i == 0 && str[i] == '-' )
-        {
-            minus = 1;
-            continue;
-        }
-
-        if( ( ( minus && i == 2 ) || ( !minus && i == 1 ) ) &&
-            str[i - 1] == '0' && ( str[i] == 'x' || str[i] == 'X' ) )
-        {
-            hex = 1;
-            continue;
-        }
-
-        if( ! ( ( str[i] >= '0' && str[i] <= '9' ) ||
-                ( hex && ( ( str[i] >= 'a' && str[i] <= 'f' ) ||
-                           ( str[i] >= 'A' && str[i] <= 'F' ) ) ) ) )
-        {
-            digits = 0;
-            break;
-        }
-    }
-
-    if( digits )
-    {
-        if( hex )
-            *value = strtol( str, NULL, 16 );
-        else
-            *value = strtol( str, NULL, 10 );
-
-        return( 0 );
-    }
-
-    mbedtls_fprintf( stderr,
-                    "Expected integer for parameter and got: %s\n", str );
-    return( KEY_VALUE_MAPPING_NOT_FOUND );
-}
-
-
-/**
- * \brief       Usage string.
- *
- */
-#define USAGE \
-    "Usage: %s [OPTIONS] files...\n\n" \
-    "   Command line arguments:\n" \
-    "     files...          One or more test data files. If no file is\n" \
-    "                       specified the following default test case\n" \
-    "                       file is used:\n" \
-    "                           %s\n\n" \
-    "   Options:\n" \
-    "     -v | --verbose    Display full information about each test\n" \
-    "     -h | --help       Display this information\n\n", \
-    argv[0], \
-    "TESTCASE_FILENAME"
-
-
-/**
- * \brief       Read a line from the passed file pointer.
- *
- * \param f     FILE pointer
- * \param buf   Pointer to memory to hold read line.
- * \param len   Length of the buf.
- *
- * \return      0 if success else -1
- */
-int get_line( FILE *f, char *buf, size_t len )
-{
-    char *ret;
-    int i = 0, str_len = 0, has_string = 0;
-
-    /* Read until we get a valid line */
-    do
-    {
-        ret = fgets( buf, len, f );
-        if( ret == NULL )
-            return( -1 );
-
-        str_len = strlen( buf );
-
-        /* Skip empty line and comment */
-        if ( str_len == 0 || buf[0] == '#' )
-            continue;
-        has_string = 0;
-        for ( i = 0; i < str_len; i++ )
-        {
-            char c = buf[i];
-            if ( c != ' ' && c != '\t' && c != '\n' &&
-                 c != '\v' && c != '\f' && c != '\r' )
-            {
-                has_string = 1;
-                break;
-            }
-        }
-    } while( !has_string );
-
-    /* Strip new line and carriage return */
-    ret = buf + strlen( buf );
-    if( ret-- > buf && *ret == '\n' )
-        *ret = '\0';
-    if( ret-- > buf && *ret == '\r' )
-        *ret = '\0';
-
-    return( 0 );
-}
-
-/**
- * \brief       Splits string delimited by ':'. Ignores '\:'.
- *
- * \param buf           Input string
- * \param len           Input string length
- * \param params        Out params found
- * \param params_len    Out params array len
- *
- * \return      Count of strings found.
- */
-static int parse_arguments( char *buf, size_t len, char **params,
-                            size_t params_len )
-{
-    size_t cnt = 0, i;
-    char *cur = buf;
-    char *p = buf, *q;
-
-    params[cnt++] = cur;
-
-    while( *p != '\0' && p < ( buf + len ) )
-    {
-        if( *p == '\\' )
-        {
-            p++;
-            p++;
-            continue;
-        }
-        if( *p == ':' )
-        {
-            if( p + 1 < buf + len )
-            {
-                cur = p + 1;
-                TEST_HELPER_ASSERT( cnt < params_len );
-                params[cnt++] = cur;
-            }
-            *p = '\0';
-        }
-
-        p++;
-    }
-
-    /* Replace newlines, question marks and colons in strings */
-    for( i = 0; i < cnt; i++ )
-    {
-        p = params[i];
-        q = params[i];
-
-        while( *p != '\0' )
-        {
-            if( *p == '\\' && *( p + 1 ) == 'n' )
-            {
-                p += 2;
-                *( q++ ) = '\n';
-            }
-            else if( *p == '\\' && *( p + 1 ) == ':' )
-            {
-                p += 2;
-                *( q++ ) = ':';
-            }
-            else if( *p == '\\' && *( p + 1 ) == '?' )
-            {
-                p += 2;
-                *( q++ ) = '?';
-            }
-            else
-                *( q++ ) = *( p++ );
-        }
-        *q = '\0';
-    }
-
-    return( cnt );
-}
-
-/**
- * \brief       Converts parameters into test function consumable parameters.
- *              Example: Input:  {"int", "0", "char*", "Hello",
- *                                "hex", "abef", "exp", "1"}
- *                      Output:  {
- *                                0,                // Verified int
- *                                "Hello",          // Verified string
- *                                2, { 0xab, 0xef },// Converted len,hex pair
- *                                9600              // Evaluated expression
- *                               }
- *
- *
- * \param cnt               Parameter array count.
- * \param params            Out array of found parameters.
- * \param int_params_store  Memory for storing processed integer parameters.
- *
- * \return      0 for success else 1
- */
-static int convert_params( size_t cnt , char ** params , int * int_params_store )
-{
-    char ** cur = params;
-    char ** out = params;
-    int ret = DISPATCH_TEST_SUCCESS;
-
-    while ( cur < params + cnt )
-    {
-        char * type = *cur++;
-        char * val = *cur++;
-
-        if ( strcmp( type, "char*" ) == 0 )
-        {
-            if ( verify_string( &val ) == 0 )
-            {
-              *out++ = val;
-            }
-            else
-            {
-                ret = ( DISPATCH_INVALID_TEST_DATA );
-                break;
-            }
-        }
-        else if ( strcmp( type, "int" ) == 0 )
-        {
-            if ( verify_int( val, int_params_store ) == 0 )
-            {
-              *out++ = (char *) int_params_store++;
-            }
-            else
-            {
-                ret = ( DISPATCH_INVALID_TEST_DATA );
-                break;
-            }
-        }
-        else if ( strcmp( type, "hex" ) == 0 )
-        {
-            if ( verify_string( &val ) == 0 )
-            {
-                size_t len;
-
-                TEST_HELPER_ASSERT(
-                  mbedtls_test_unhexify( (unsigned char *) val, strlen( val ),
-                                         val, &len ) == 0 );
-
-                *int_params_store = len;
-                *out++ = val;
-                *out++ = (char *)(int_params_store++);
-            }
-            else
-            {
-                ret = ( DISPATCH_INVALID_TEST_DATA );
-                break;
-            }
-        }
-        else if ( strcmp( type, "exp" ) == 0 )
-        {
-            int exp_id = strtol( val, NULL, 10 );
-            if ( get_expression ( exp_id, int_params_store ) == 0 )
-            {
-              *out++ = (char *)int_params_store++;
-            }
-            else
-            {
-              ret = ( DISPATCH_INVALID_TEST_DATA );
-              break;
-            }
-        }
-        else
-        {
-          ret = ( DISPATCH_INVALID_TEST_DATA );
-          break;
-        }
-    }
-    return( ret );
-}
-
-/**
- * \brief       Tests snprintf implementation with test input.
- *
- * \note
- * At high optimization levels (e.g. gcc -O3), this function may be
- * inlined in run_test_snprintf. This can trigger a spurious warning about
- * potential misuse of snprintf from gcc -Wformat-truncation (observed with
- * gcc 7.2). This warning makes tests in run_test_snprintf redundant on gcc
- * only. They are still valid for other compilers. Avoid this warning by
- * forbidding inlining of this function by gcc.
- *
- * \param n         Buffer test length.
- * \param ref_buf   Expected buffer.
- * \param ref_ret   Expected snprintf return value.
- *
- * \return      0 for success else 1
- */
-#if defined(__GNUC__)
-__attribute__((__noinline__))
-#endif
-static int test_snprintf( size_t n, const char *ref_buf, int ref_ret )
-{
-    int ret;
-    char buf[10] = "xxxxxxxxx";
-    const char ref[10] = "xxxxxxxxx";
-
-    if( n >= sizeof( buf ) )
-        return( -1 );
-    ret = mbedtls_snprintf( buf, n, "%s", "123" );
-    if( ret < 0 || (size_t) ret >= n )
-        ret = -1;
-
-    if( strncmp( ref_buf, buf, sizeof( buf ) ) != 0 ||
-        ref_ret != ret ||
-        memcmp( buf + n, ref + n, sizeof( buf ) - n ) != 0 )
-    {
-        return( 1 );
-    }
-
-    return( 0 );
-}
-
-/**
- * \brief       Tests snprintf implementation.
- *
- * \param none
- *
- * \return      0 for success else 1
- */
-static int run_test_snprintf( void )
-{
-    return( test_snprintf( 0, "xxxxxxxxx",  -1 ) != 0 ||
-            test_snprintf( 1, "",           -1 ) != 0 ||
-            test_snprintf( 2, "1",          -1 ) != 0 ||
-            test_snprintf( 3, "12",         -1 ) != 0 ||
-            test_snprintf( 4, "123",         3 ) != 0 ||
-            test_snprintf( 5, "123",         3 ) != 0 );
-}
-
-/** \brief Write the description of the test case to the outcome CSV file.
- *
- * \param outcome_file  The file to write to.
- *                      If this is \c NULL, this function does nothing.
- * \param argv0         The test suite name.
- * \param test_case     The test case description.
- */
-static void write_outcome_entry( FILE *outcome_file,
-                                 const char *argv0,
-                                 const char *test_case )
-{
-    /* The non-varying fields are initialized on first use. */
-    static const char *platform = NULL;
-    static const char *configuration = NULL;
-    static const char *test_suite = NULL;
-
-    if( outcome_file == NULL )
-        return;
-
-    if( platform == NULL )
-    {
-        platform = getenv( "MBEDTLS_TEST_PLATFORM" );
-        if( platform == NULL )
-            platform = "unknown";
-    }
-    if( configuration == NULL )
-    {
-        configuration = getenv( "MBEDTLS_TEST_CONFIGURATION" );
-        if( configuration == NULL )
-            configuration = "unknown";
-    }
-    if( test_suite == NULL )
-    {
-        test_suite = strrchr( argv0, '/' );
-        if( test_suite != NULL )
-            test_suite += 1; // skip the '/'
-        else
-            test_suite = argv0;
-    }
-
-    /* Write the beginning of the outcome line.
-     * Ignore errors: writing the outcome file is on a best-effort basis. */
-    mbedtls_fprintf( outcome_file, "%s;%s;%s;%s;",
-                     platform, configuration, test_suite, test_case );
-}
-
-/** \brief Write the result of the test case to the outcome CSV file.
- *
- * \param outcome_file  The file to write to.
- *                      If this is \c NULL, this function does nothing.
- * \param unmet_dep_count            The number of unmet dependencies.
- * \param unmet_dependencies         The array of unmet dependencies.
- * \param missing_unmet_dependencies Non-zero if there was a problem tracking
- *                                   all unmet dependencies, 0 otherwise.
- * \param ret           The test dispatch status (DISPATCH_xxx).
- * \param test_info     A pointer to the test info structure.
- */
-static void write_outcome_result( FILE *outcome_file,
-                                  size_t unmet_dep_count,
-                                  int unmet_dependencies[],
-                                  int missing_unmet_dependencies,
-                                  int ret,
-                                  const test_info_t *info )
-{
-    if( outcome_file == NULL )
-        return;
-
-    /* Write the end of the outcome line.
-     * Ignore errors: writing the outcome file is on a best-effort basis. */
-    switch( ret )
-    {
-        case DISPATCH_TEST_SUCCESS:
-            if( unmet_dep_count > 0 )
-            {
-                size_t i;
-                mbedtls_fprintf( outcome_file, "SKIP" );
-                for( i = 0; i < unmet_dep_count; i++ )
-                {
-                    mbedtls_fprintf( outcome_file, "%c%d",
-                                     i == 0 ? ';' : ':',
-                                     unmet_dependencies[i] );
-                }
-                if( missing_unmet_dependencies )
-                    mbedtls_fprintf( outcome_file, ":..." );
-                break;
-            }
-            switch( info->result )
-            {
-                case TEST_RESULT_SUCCESS:
-                    mbedtls_fprintf( outcome_file, "PASS;" );
-                    break;
-                case TEST_RESULT_SKIPPED:
-                    mbedtls_fprintf( outcome_file, "SKIP;Runtime skip" );
-                    break;
-                default:
-                    mbedtls_fprintf( outcome_file, "FAIL;%s:%d:%s",
-                                     info->filename, info->line_no,
-                                     info->test );
-                    break;
-            }
-            break;
-        case DISPATCH_TEST_FN_NOT_FOUND:
-            mbedtls_fprintf( outcome_file, "FAIL;Test function not found" );
-            break;
-        case DISPATCH_INVALID_TEST_DATA:
-            mbedtls_fprintf( outcome_file, "FAIL;Invalid test data" );
-            break;
-        case DISPATCH_UNSUPPORTED_SUITE:
-            mbedtls_fprintf( outcome_file, "SKIP;Unsupported suite" );
-            break;
-        default:
-            mbedtls_fprintf( outcome_file, "FAIL;Unknown cause" );
-            break;
-    }
-    mbedtls_fprintf( outcome_file, "\n" );
-    fflush( outcome_file );
-}
-
-/**
- * \brief       Desktop implementation of execute_tests().
- *              Parses command line and executes tests from
- *              supplied or default data file.
- *
- * \param argc  Command line argument count.
- * \param argv  Argument array.
- *
- * \return      Program exit status.
- */
-int execute_tests( int argc , const char ** argv )
-{
-    /* Local Configurations and options */
-    const char *default_filename = "DATA_FILE";
-    const char *test_filename = NULL;
-    const char **test_files = NULL;
-    size_t testfile_count = 0;
-    int option_verbose = 0;
-    size_t function_id = 0;
-
-    /* Other Local variables */
-    int arg_index = 1;
-    const char *next_arg;
-    size_t testfile_index, i, cnt;
-    int ret;
-    unsigned total_errors = 0, total_tests = 0, total_skipped = 0;
-    FILE *file;
-    char buf[5000];
-    char *params[50];
-    /* Store for proccessed integer params. */
-    int int_params[50];
-    void *pointer;
-#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
-    int stdout_fd = -1;
-#endif /* __unix__ || __APPLE__ __MACH__ */
-    const char *outcome_file_name = getenv( "MBEDTLS_TEST_OUTCOME_FILE" );
-    FILE *outcome_file = NULL;
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \
-    !defined(TEST_SUITE_MEMORY_BUFFER_ALLOC)
-    unsigned char alloc_buf[1000000];
-    mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof( alloc_buf ) );
-#endif
-
-    /*
-     * The C standard doesn't guarantee that all-bits-0 is the representation
-     * of a NULL pointer. We do however use that in our code for initializing
-     * structures, which should work on every modern platform. Let's be sure.
-     */
-    memset( &pointer, 0, sizeof( void * ) );
-    if( pointer != NULL )
-    {
-        mbedtls_fprintf( stderr, "all-bits-zero is not a NULL pointer\n" );
-        return( 1 );
-    }
-
-    /*
-     * Make sure we have a snprintf that correctly zero-terminates
-     */
-    if( run_test_snprintf() != 0 )
-    {
-        mbedtls_fprintf( stderr, "the snprintf implementation is broken\n" );
-        return( 1 );
-    }
-
-    if( outcome_file_name != NULL && *outcome_file_name != '\0' )
-    {
-        outcome_file = fopen( outcome_file_name, "a" );
-        if( outcome_file == NULL )
-        {
-            mbedtls_fprintf( stderr, "Unable to open outcome file. Continuing anyway.\n" );
-        }
-    }
-
-    while( arg_index < argc )
-    {
-        next_arg = argv[arg_index];
-
-        if( strcmp( next_arg, "--verbose" ) == 0 ||
-                 strcmp( next_arg, "-v" ) == 0 )
-        {
-            option_verbose = 1;
-        }
-        else if( strcmp(next_arg, "--help" ) == 0 ||
-                 strcmp(next_arg, "-h" ) == 0 )
-        {
-            mbedtls_fprintf( stdout, USAGE );
-            mbedtls_exit( EXIT_SUCCESS );
-        }
-        else
-        {
-            /* Not an option, therefore treat all further arguments as the file
-             * list.
-             */
-            test_files = &argv[ arg_index ];
-            testfile_count = argc - arg_index;
-        }
-
-        arg_index++;
-    }
-
-    /* If no files were specified, assume a default */
-    if ( test_files == NULL || testfile_count == 0 )
-    {
-        test_files = &default_filename;
-        testfile_count = 1;
-    }
-
-    /* Initialize the struct that holds information about the last test */
-    memset( &test_info, 0, sizeof( test_info ) );
-
-    /* Now begin to execute the tests in the testfiles */
-    for ( testfile_index = 0;
-          testfile_index < testfile_count;
-          testfile_index++ )
-    {
-        size_t unmet_dep_count = 0;
-        int unmet_dependencies[20];
-        int missing_unmet_dependencies = 0;
-
-        test_filename = test_files[ testfile_index ];
-
-        file = fopen( test_filename, "r" );
-        if( file == NULL )
-        {
-            mbedtls_fprintf( stderr, "Failed to open test file: %s\n",
-                             test_filename );
-            if( outcome_file != NULL )
-                fclose( outcome_file );
-            return( 1 );
-        }
-
-        while( !feof( file ) )
-        {
-            if( unmet_dep_count > 0 )
-            {
-                mbedtls_fprintf( stderr,
-                    "FATAL: Dep count larger than zero at start of loop\n" );
-                mbedtls_exit( MBEDTLS_EXIT_FAILURE );
-            }
-            unmet_dep_count = 0;
-            missing_unmet_dependencies = 0;
-
-            if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
-                break;
-            mbedtls_fprintf( stdout, "%s%.66s",
-                    test_info.result == TEST_RESULT_FAILED ? "\n" : "", buf );
-            mbedtls_fprintf( stdout, " " );
-            for( i = strlen( buf ) + 1; i < 67; i++ )
-                mbedtls_fprintf( stdout, "." );
-            mbedtls_fprintf( stdout, " " );
-            fflush( stdout );
-            write_outcome_entry( outcome_file, argv[0], buf );
-
-            total_tests++;
-
-            if( ( ret = get_line( file, buf, sizeof( buf ) ) ) != 0 )
-                break;
-            cnt = parse_arguments( buf, strlen( buf ), params,
-                                   sizeof( params ) / sizeof( params[0] ) );
-
-            if( strcmp( params[0], "depends_on" ) == 0 )
-            {
-                for( i = 1; i < cnt; i++ )
-                {
-                    int dep_id = strtol( params[i], NULL, 10 );
-                    if( dep_check( dep_id ) != DEPENDENCY_SUPPORTED )
-                    {
-                        if( unmet_dep_count <
-                            ARRAY_LENGTH( unmet_dependencies ) )
-                        {
-                            unmet_dependencies[unmet_dep_count] = dep_id;
-                            unmet_dep_count++;
-                        }
-                        else
-                        {
-                            missing_unmet_dependencies = 1;
-                        }
-                    }
-                }
-
-                if( ( ret = get_line( file, buf, sizeof( buf ) ) ) != 0 )
-                    break;
-                cnt = parse_arguments( buf, strlen( buf ), params,
-                                       sizeof( params ) / sizeof( params[0] ) );
-            }
-
-            // If there are no unmet dependencies execute the test
-            if( unmet_dep_count == 0 )
-            {
-                test_info.result = TEST_RESULT_SUCCESS;
-                test_info.step = (unsigned long)( -1 );
-
-#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
-                /* Suppress all output from the library unless we're verbose
-                 * mode
-                 */
-                if( !option_verbose )
-                {
-                    stdout_fd = redirect_output( stdout, "/dev/null" );
-                    if( stdout_fd == -1 )
-                    {
-                        /* Redirection has failed with no stdout so exit */
-                        exit( 1 );
-                    }
-                }
-#endif /* __unix__ || __APPLE__ __MACH__ */
-
-                function_id = strtoul( params[0], NULL, 10 );
-                if ( (ret = check_test( function_id )) == DISPATCH_TEST_SUCCESS )
-                {
-                    ret = convert_params( cnt - 1, params + 1, int_params );
-                    if ( DISPATCH_TEST_SUCCESS == ret )
-                    {
-                        ret = dispatch_test( function_id, (void **)( params + 1 ) );
-                    }
-                }
-
-#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
-                if( !option_verbose && restore_output( stdout, stdout_fd ) )
-                {
-                        /* Redirection has failed with no stdout so exit */
-                        exit( 1 );
-                }
-#endif /* __unix__ || __APPLE__ __MACH__ */
-
-            }
-
-            write_outcome_result( outcome_file,
-                                  unmet_dep_count, unmet_dependencies,
-                                  missing_unmet_dependencies,
-                                  ret, &test_info );
-            if( unmet_dep_count > 0 || ret == DISPATCH_UNSUPPORTED_SUITE )
-            {
-                total_skipped++;
-                mbedtls_fprintf( stdout, "----" );
-
-                if( 1 == option_verbose && ret == DISPATCH_UNSUPPORTED_SUITE )
-                {
-                    mbedtls_fprintf( stdout, "\n   Test Suite not enabled" );
-                }
-
-                if( 1 == option_verbose && unmet_dep_count > 0 )
-                {
-                    mbedtls_fprintf( stdout, "\n   Unmet dependencies: " );
-                    for( i = 0; i < unmet_dep_count; i++ )
-                    {
-                        mbedtls_fprintf( stdout, "%d ",
-                                        unmet_dependencies[i] );
-                    }
-                    if( missing_unmet_dependencies )
-                        mbedtls_fprintf( stdout, "..." );
-                }
-                mbedtls_fprintf( stdout, "\n" );
-                fflush( stdout );
-
-                unmet_dep_count = 0;
-                missing_unmet_dependencies = 0;
-            }
-            else if( ret == DISPATCH_TEST_SUCCESS )
-            {
-                if( test_info.result == TEST_RESULT_SUCCESS )
-                {
-                    mbedtls_fprintf( stdout, "PASS\n" );
-                }
-                else if( test_info.result == TEST_RESULT_SKIPPED )
-                {
-                    mbedtls_fprintf( stdout, "----\n" );
-                    total_skipped++;
-                }
-                else
-                {
-                    total_errors++;
-                    mbedtls_fprintf( stdout, "FAILED\n" );
-                    mbedtls_fprintf( stdout, "  %s\n  at ",
-                                     test_info.test );
-                    if( test_info.step != (unsigned long)( -1 ) )
-                    {
-                        mbedtls_fprintf( stdout, "step %lu, ",
-                                         test_info.step );
-                    }
-                    mbedtls_fprintf( stdout, "line %d, %s",
-                                     test_info.line_no, test_info.filename );
-                }
-                fflush( stdout );
-            }
-            else if( ret == DISPATCH_INVALID_TEST_DATA )
-            {
-                mbedtls_fprintf( stderr, "FAILED: FATAL PARSE ERROR\n" );
-                fclose( file );
-                mbedtls_exit( 2 );
-            }
-            else if( ret == DISPATCH_TEST_FN_NOT_FOUND )
-            {
-                mbedtls_fprintf( stderr, "FAILED: FATAL TEST FUNCTION NOT FOUND\n" );
-                fclose( file );
-                mbedtls_exit( 2 );
-            }
-            else
-                total_errors++;
-        }
-        fclose( file );
-    }
-
-    if( outcome_file != NULL )
-        fclose( outcome_file );
-
-    mbedtls_fprintf( stdout, "\n----------------------------------------------------------------------------\n\n");
-    if( total_errors == 0 )
-        mbedtls_fprintf( stdout, "PASSED" );
-    else
-        mbedtls_fprintf( stdout, "FAILED" );
-
-    mbedtls_fprintf( stdout, " (%u / %u tests (%u skipped))\n",
-                     total_tests - total_errors, total_tests, total_skipped );
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \
-    !defined(TEST_SUITE_MEMORY_BUFFER_ALLOC)
-#if defined(MBEDTLS_MEMORY_DEBUG)
-    mbedtls_memory_buffer_alloc_status();
-#endif
-    mbedtls_memory_buffer_alloc_free();
-#endif
-
-    return( total_errors != 0 );
-}
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/main_test.function b/3rdparty/mbedtls-2.25.0/tests/suites/main_test.function
deleted file mode 100644
index 256224e..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/main_test.function
+++ /dev/null
@@ -1,280 +0,0 @@
-#line 2 "suites/main_test.function"
-/*
- * *** THIS FILE HAS BEEN MACHINE GENERATED ***
- *
- * This file has been machine generated using the script:
- * $generator_script
- *
- * Test file      : $test_file
- *
- * The following files were used to create this file.
- *
- *      Main code file      : $test_main_file
- *      Platform code file  : $test_platform_file
- *      Helper file         : $test_common_helper_file
- *      Test suite file     : $test_case_file
- *      Test suite data     : $test_case_data_file
- *
- */
-
-#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
-#if !defined(_POSIX_C_SOURCE)
-#define _POSIX_C_SOURCE 200112L // for fileno() from <stdio.h>
-#endif
-#endif
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include <mbedtls/config.h>
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "psa/crypto.h"
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
-/* Test code may use deprecated identifiers only if the preprocessor symbol
- * MBEDTLS_TEST_DEPRECATED is defined. When building tests, set
- * MBEDTLS_TEST_DEPRECATED explicitly if MBEDTLS_DEPRECATED_WARNING is
- * enabled but the corresponding warnings are not treated as errors.
- */
-#if !defined(MBEDTLS_DEPRECATED_REMOVED) && !defined(MBEDTLS_DEPRECATED_WARNING)
-#define MBEDTLS_TEST_DEPRECATED
-#endif
-
-/*----------------------------------------------------------------------------*/
-/* Common helper code */
-
-$test_common_helpers
-
-#line $line_no "suites/main_test.function"
-
-
-/*----------------------------------------------------------------------------*/
-/* Test Suite Code */
-
-
-#define TEST_SUITE_ACTIVE
-
-$functions_code
-
-#line $line_no "suites/main_test.function"
-
-
-/*----------------------------------------------------------------------------*/
-/* Test dispatch code */
-
-
-/**
- * \brief       Evaluates an expression/macro into its literal integer value.
- *              For optimizing space for embedded targets each expression/macro
- *              is identified by a unique identifier instead of string literals.
- *              Identifiers and evaluation code is generated by script:
- *              $generator_script
- *
- * \param exp_id    Expression identifier.
- * \param out_value Pointer to int to hold the integer.
- *
- * \return       0 if exp_id is found. 1 otherwise.
- */
-int get_expression( int32_t exp_id, int32_t * out_value )
-{
-    int ret = KEY_VALUE_MAPPING_FOUND;
-
-    (void) exp_id;
-    (void) out_value;
-
-    switch( exp_id )
-    {
-$expression_code
-#line $line_no "suites/main_test.function"
-        default:
-           {
-                ret = KEY_VALUE_MAPPING_NOT_FOUND;
-           }
-           break;
-    }
-    return( ret );
-}
-
-
-/**
- * \brief       Checks if the dependency i.e. the compile flag is set.
- *              For optimizing space for embedded targets each dependency
- *              is identified by a unique identifier instead of string literals.
- *              Identifiers and check code is generated by script:
- *              $generator_script
- *
- * \param exp_id    Dependency identifier.
- *
- * \return       DEPENDENCY_SUPPORTED if set else DEPENDENCY_NOT_SUPPORTED
- */
-int dep_check( int dep_id )
-{
-    int ret = DEPENDENCY_NOT_SUPPORTED;
-
-    (void) dep_id;
-
-    switch( dep_id )
-    {
-$dep_check_code
-#line $line_no "suites/main_test.function"
-        default:
-            break;
-    }
-    return( ret );
-}
-
-
-/**
- * \brief       Function pointer type for test function wrappers.
- *
- *
- * \param void **   Pointer to void pointers. Represents an array of test
- *                  function parameters.
- *
- * \return       void
- */
-typedef void (*TestWrapper_t)( void ** );
-
-
-/**
- * \brief       Table of test function wrappers. Used by dispatch_test().
- *              This table is populated by script:
- *              $generator_script
- *
- */
-TestWrapper_t test_funcs[] =
-{
-$dispatch_code
-#line $line_no "suites/main_test.function"
-};
-
-/**
- * \brief        Execute the test function.
- *
- *               This is a wrapper function around the test function execution
- *               to allow the setjmp() call used to catch any calls to the
- *               parameter failure callback, to be used. Calls to setjmp()
- *               can invalidate the state of any local auto variables.
- *
- * \param fp     Function pointer to the test function
- * \param params Parameters to pass
- *
- */
-void execute_function_ptr(TestWrapper_t fp, void **params)
-{
-#if defined(MBEDTLS_CHECK_PARAMS)
-    mbedtls_test_param_failed_location_record_t location_record;
-
-    if ( setjmp( mbedtls_test_param_failed_get_state_buf( ) ) == 0 )
-    {
-        fp( params );
-    }
-    else
-    {
-        /* Unexpected parameter validation error */
-        mbedtls_test_param_failed_get_location_record( &location_record );
-        test_fail( location_record.failure_condition,
-                   location_record.line,
-                   location_record.file );
-        test_info.result = TEST_RESULT_FAILED;
-    }
-
-    mbedtls_test_param_failed_reset_state( );
-#else
-    fp( params );
-#endif
-}
-
-/**
- * \brief        Dispatches test functions based on function index.
- *
- * \param exp_id    Test function index.
- *
- * \return       DISPATCH_TEST_SUCCESS if found
- *               DISPATCH_TEST_FN_NOT_FOUND if not found
- *               DISPATCH_UNSUPPORTED_SUITE if not compile time enabled.
- */
-int dispatch_test( size_t func_idx, void ** params )
-{
-    int ret = DISPATCH_TEST_SUCCESS;
-    TestWrapper_t fp = NULL;
-
-    if ( func_idx < (int)( sizeof( test_funcs ) / sizeof( TestWrapper_t ) ) )
-    {
-        fp = test_funcs[func_idx];
-        if ( fp )
-            execute_function_ptr(fp, params);
-        else
-            ret = DISPATCH_UNSUPPORTED_SUITE;
-    }
-    else
-    {
-        ret = DISPATCH_TEST_FN_NOT_FOUND;
-    }
-
-    return( ret );
-}
-
-
-/**
- * \brief       Checks if test function is supported
- *
- * \param exp_id    Test function index.
- *
- * \return       DISPATCH_TEST_SUCCESS if found
- *               DISPATCH_TEST_FN_NOT_FOUND if not found
- *               DISPATCH_UNSUPPORTED_SUITE if not compile time enabled.
- */
-int check_test( size_t func_idx )
-{
-    int ret = DISPATCH_TEST_SUCCESS;
-    TestWrapper_t fp = NULL;
-
-    if ( func_idx < (int)( sizeof(test_funcs)/sizeof( TestWrapper_t ) ) )
-    {
-        fp = test_funcs[func_idx];
-        if ( fp == NULL )
-            ret = DISPATCH_UNSUPPORTED_SUITE;
-    }
-    else
-    {
-        ret = DISPATCH_TEST_FN_NOT_FOUND;
-    }
-
-    return( ret );
-}
-
-
-$platform_code
-
-#line $line_no "suites/main_test.function"
-
-/*----------------------------------------------------------------------------*/
-/* Main Test code */
-
-
-/**
- * \brief       Program main. Invokes platform specific execute_tests().
- *
- * \param argc      Command line arguments count.
- * \param argv      Array of command line arguments.
- *
- * \return       Exit code.
- */
-int main( int argc, const char *argv[] )
-{
-    int ret = mbedtls_test_platform_setup();
-    if( ret != 0 )
-    {
-        mbedtls_fprintf( stderr,
-                         "FATAL: Failed to initialize platform - error %d\n",
-                         ret );
-        return( -1 );
-    }
-
-    ret = execute_tests( argc, argv );
-    mbedtls_test_platform_teardown();
-    return( ret );
-}
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/target_test.function b/3rdparty/mbedtls-2.25.0/tests/suites/target_test.function
deleted file mode 100644
index 8354b96..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/target_test.function
+++ /dev/null
@@ -1,450 +0,0 @@
-#line 2 "suites/target_test.function"
-
-#include "greentea-client/test_env.h"
-
-/**
- * \brief       Increments pointer and asserts that it does not overflow.
- *
- * \param p     Pointer to byte array
- * \param start Pointer to start of byte array
- * \param len   Length of byte array
- * \param step  Increment size
- *
- */
-#define INCR_ASSERT(p, start, len, step) do                     \
-{                                                               \
-    TEST_HELPER_ASSERT( ( p ) >= ( start ) );                               \
-    TEST_HELPER_ASSERT( sizeof( *( p ) ) == sizeof( *( start ) ) );         \
-    /* <= is checked to support use inside a loop where         \
-       pointer is incremented after reading data.       */      \
-    TEST_HELPER_ASSERT( (uint32_t)( ( ( p ) - ( start ) ) + ( step ) ) <= ( len ) );\
-    ( p ) += ( step );                                          \
-}                                                               \
-while( 0 )
-
-
-/**
- * \brief       4 byte align unsigned char pointer
- *
- * \param p     Pointer to byte array
- * \param start Pointer to start of byte array
- * \param len   Length of byte array
- *
- */
-#define ALIGN_32BIT(p, start, len) do               \
-{                                                   \
-    uint32_t align = ( - (uintptr_t)( p ) ) % 4;    \
-    INCR_ASSERT( ( p ), ( start ), ( len ), align );\
-}                                                   \
-while( 0 )
-
-
-/**
- * \brief       Verify dependencies. Dependency identifiers are
- *              encoded in the buffer as 8 bit unsigned integers.
- *
- * \param count     Number of dependencies.
- * \param dep_p     Pointer to buffer.
- *
- * \return          DEPENDENCY_SUPPORTED if success else DEPENDENCY_NOT_SUPPORTED.
- */
-int verify_dependencies( uint8_t count, uint8_t * dep_p )
-{
-    uint8_t i;
-    for ( i = 0; i < count; i++ )
-    {
-        if ( dep_check( (int)(dep_p[i]) ) != DEPENDENCY_SUPPORTED )
-            return( DEPENDENCY_NOT_SUPPORTED );
-    }
-    return( DEPENDENCY_SUPPORTED );
-}
-
-/**
- * \brief       Receives hex string on serial interface, and converts to a byte.
- *
- * \param none
- *
- * \return      unsigned int8
- */
-uint8_t receive_byte()
-{
-    uint8_t byte;
-    uint8_t c[3];
-    size_t len;
-
-    c[0] = greentea_getc();
-    c[1] = greentea_getc();
-    c[2] = '\0';
-
-    TEST_HELPER_ASSERT( mbedtls_test_unhexify( &byte, sizeof( byte ),
-                                               c, &len ) == 0 );
-    TEST_HELPER_ASSERT( len != 2 );
-
-    return( byte );
-}
-
-/**
- * \brief       Receives unsigned integer on serial interface.
- *              Integers are encoded in network order, and sent as hex ascii string.
- *
- * \param none
- *
- * \return      unsigned int
- */
-uint32_t receive_uint32()
-{
-    uint32_t value;
-    size_t len;
-    const uint8_t c_be[8] = { greentea_getc(),
-                              greentea_getc(),
-                              greentea_getc(),
-                              greentea_getc(),
-                              greentea_getc(),
-                              greentea_getc(),
-                              greentea_getc(),
-                              greentea_getc()
-                             };
-    const uint8_t c[9] = { c_be[6], c_be[7], c_be[4], c_be[5], c_be[2],
-                           c_be[3], c_be[0], c_be[1], '\0' };
-
-    TEST_HELPER_ASSERT( mbedtls_test_unhexify( (uint8_t*)&value, sizeof( value ),
-                                               c, &len ) == 0 );
-    TEST_HELPER_ASSERT( len != 8 );
-
-    return( value );
-}
-
-/**
- * \brief       Parses out an unsigned 32 int value from the byte array.
- *              Integers are encoded in network order.
- *
- * \param p     Pointer to byte array
- *
- * \return      unsigned int
- */
-uint32_t parse_uint32( uint8_t * p )
-{
-    uint32_t value;
-    value =  *p++ << 24;
-    value |= *p++ << 16;
-    value |= *p++ << 8;
-    value |= *p;
-    return( value );
-}
-
-
-/**
- * \brief       Receives test data on serial as greentea key,value pair:
- *              {{<length>;<byte array>}}
- *
- * \param data_len  Out pointer to hold received data length.
- *
- * \return      Byte array.
- */
-uint8_t * receive_data( uint32_t * data_len )
-{
-    uint32_t i = 0, errors = 0;
-    char c;
-    uint8_t * data = NULL;
-
-    /* Read opening braces */
-    i = 0;
-    while ( i < 2 )
-    {
-        c = greentea_getc();
-        /* Ignore any prevous CR LF characters */
-        if ( c == '\n' || c == '\r' )
-            continue;
-        i++;
-        if ( c != '{' )
-            return( NULL );
-    }
-
-    /* Read data length */
-    *data_len = receive_uint32();
-    data = (uint8_t *)malloc( *data_len );
-    TEST_HELPER_ASSERT( data != NULL );
-
-    greentea_getc(); // read ';' received after key i.e. *data_len
-
-    for( i = 0; i < *data_len; i++ )
-        data[i] = receive_byte();
-
-    /* Read closing braces */
-    for( i = 0; i < 2; i++ )
-    {
-        c = greentea_getc();
-        if ( c != '}' )
-        {
-            errors++;
-            break;
-        }
-    }
-
-    if ( errors )
-    {
-        free( data );
-        data = NULL;
-        *data_len = 0;
-    }
-
-    return( data );
-}
-
-/**
- * \brief       Parse the received byte array and count the number of arguments
- *              to the test function passed as type hex.
- *
- * \param count     Parameter count
- * \param data      Received Byte array
- * \param data_len  Byte array length
- *
- * \return      count of hex params
- */
-uint32_t find_hex_count( uint8_t count, uint8_t * data, uint32_t data_len )
-{
-    uint32_t i = 0, sz = 0;
-    char c;
-    uint8_t * p = NULL;
-    uint32_t hex_count = 0;
-
-    p = data;
-
-    for( i = 0; i < count; i++ )
-    {
-        c = (char)*p;
-        INCR_ASSERT( p, data, data_len, 1 );
-
-        /* Align p to 4 bytes for int, expression, string len or hex length */
-        ALIGN_32BIT( p, data, data_len );
-
-        /* Network to host conversion */
-        sz = (int32_t)parse_uint32( p );
-
-        INCR_ASSERT( p, data, data_len, sizeof( int32_t ) );
-
-        if ( c == 'H' || c == 'S' )
-        {
-            INCR_ASSERT( p, data, data_len, sz );
-            hex_count += ( c == 'H' )?1:0;
-        }
-    }
-
-    return( hex_count );
-}
-
-/**
- * \brief       Parses received byte array for test parameters.
- *
- * \param count     Parameter count
- * \param data      Received Byte array
- * \param data_len  Byte array length
- * \param error     Parsing error out variable.
- *
- * \return      Array of parsed parameters allocated on heap.
- *              Note: Caller has the responsibility to delete
- *                    the memory after use.
- */
-void ** parse_parameters( uint8_t count, uint8_t * data, uint32_t data_len,
-                          int * error )
-{
-    uint32_t i = 0, hex_count = 0;
-    char c;
-    void ** params = NULL;
-    void ** cur = NULL;
-    uint8_t * p = NULL;
-
-    hex_count = find_hex_count(count, data, data_len);
-
-    params = (void **)malloc( sizeof( void *) * ( count + hex_count ) );
-    TEST_HELPER_ASSERT( params != NULL );
-    cur = params;
-
-    p = data;
-
-    /* Parameters */
-    for( i = 0; i < count; i++ )
-    {
-        c = (char)*p;
-        INCR_ASSERT( p, data, data_len, 1 );
-
-        /* Align p to 4 bytes for int, expression, string len or hex length */
-        ALIGN_32BIT( p, data, data_len );
-
-        /* Network to host conversion */
-        *( (int32_t *)p ) = (int32_t)parse_uint32( p );
-
-        switch( c )
-        {
-            case 'E':
-                {
-                    if ( get_expression( *( (int32_t *)p ), (int32_t *)p ) )
-                    {
-                        *error = KEY_VALUE_MAPPING_NOT_FOUND;
-                        goto exit;
-                    }
-                } /* Intentional fall through */
-            case 'I':
-                {
-                    *cur++ = (void *)p;
-                    INCR_ASSERT( p, data, data_len, sizeof( int32_t ) );
-                }
-                break;
-            case 'H': /* Intentional fall through */
-            case 'S':
-                {
-                    uint32_t * sz = (uint32_t *)p;
-                    INCR_ASSERT( p, data, data_len, sizeof( int32_t ) );
-                    *cur++ = (void *)p;
-                    if ( c == 'H' )
-                        *cur++ = (void *)sz;
-                    INCR_ASSERT( p, data, data_len, ( *sz ) );
-                }
-                break;
-            default:
-                    {
-                        *error = DISPATCH_INVALID_TEST_DATA;
-                        goto exit;
-                    }
-                break;
-        }
-    }
-
-exit:
-    if ( *error )
-    {
-        free( params );
-        params = NULL;
-    }
-
-    return( params );
-}
-
-/**
- * \brief       Sends greentea key and int value pair to host.
- *
- * \param key   key string
- * \param value integer value
- *
- * \return      void
- */
-void send_key_integer( char * key, int value )
-{
-    char str[50];
-    snprintf( str, sizeof( str ), "%d", value );
-    greentea_send_kv( key, str );
-}
-
-/**
- * \brief       Sends test setup failure to the host.
- *
- * \param failure   Test set failure
- *
- * \return      void
- */
-void send_failure( int failure )
-{
-    send_key_integer( "F", failure );
-}
-
-/**
- * \brief       Sends test status to the host.
- *
- * \param status    Test status (PASS=0/FAIL=!0)
- *
- * \return      void
- */
-void send_status( int status )
-{
-    send_key_integer( "R", status );
-}
-
-
-/**
- * \brief       Embedded implementation of execute_tests().
- *              Ignores command line and received test data
- *              on serial.
- *
- * \param argc  not used
- * \param argv  not used
- *
- * \return      Program exit status.
- */
-int execute_tests( int args, const char ** argv )
-{
-    int ret = 0;
-    uint32_t data_len = 0;
-    uint8_t count = 0, function_id;
-    void ** params = NULL;
-    uint8_t * data = NULL, * p = NULL;
-
-    GREENTEA_SETUP( 800, "mbedtls_test" );
-    greentea_send_kv( "GO", " " );
-
-    while ( 1 )
-    {
-        ret = 0;
-        test_info.result = TEST_RESULT_SUCCESS;
-        test_info.step = (unsigned long)( -1 );
-        data_len = 0;
-
-        data = receive_data( &data_len );
-        if ( data == NULL )
-            continue;
-        p = data;
-
-        do
-        {
-            /* Read dependency count */
-            count = *p;
-            TEST_HELPER_ASSERT( count < data_len );
-            INCR_ASSERT( p, data, data_len, sizeof( uint8_t ) );
-            ret = verify_dependencies( count, p );
-            if ( ret != DEPENDENCY_SUPPORTED )
-                break;
-
-            if ( count )
-                INCR_ASSERT( p, data, data_len, count );
-
-            /* Read function id */
-            function_id = *p;
-            INCR_ASSERT( p, data, data_len, sizeof( uint8_t ) );
-            if ( ( ret = check_test( function_id ) ) != DISPATCH_TEST_SUCCESS )
-                break;
-
-            /* Read number of parameters */
-            count = *p;
-            INCR_ASSERT( p, data, data_len, sizeof( uint8_t ) );
-
-            /* Parse parameters if present */
-            if ( count )
-            {
-                params = parse_parameters( count, p, data_len - ( p - data ), &ret );
-                if ( ret )
-                    break;
-            }
-
-            ret = dispatch_test( function_id, params );
-        }
-        while ( 0 );
-
-        if ( data )
-        {
-            free( data );
-            data = NULL;
-        }
-
-        if ( params )
-        {
-            free( params );
-            params = NULL;
-        }
-
-        if ( ret )
-            send_failure( ret );
-        else
-            send_status( test_info.result );
-    }
-    return( 0 );
-}
-
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aes.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aes.function
deleted file mode 100644
index 754a167..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aes.function
+++ /dev/null
@@ -1,620 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/aes.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_AES_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void aes_encrypt_ecb( data_t * key_str, data_t * src_str,
-                      data_t * dst, int setkey_result )
-{
-    unsigned char output[100];
-    mbedtls_aes_context ctx;
-
-    memset(output, 0x00, 100);
-
-    mbedtls_aes_init( &ctx );
-
-    TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) == setkey_result );
-    if( setkey_result == 0 )
-    {
-        TEST_ASSERT( mbedtls_aes_crypt_ecb( &ctx, MBEDTLS_AES_ENCRYPT, src_str->x, output ) == 0 );
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 );
-    }
-
-exit:
-    mbedtls_aes_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void aes_decrypt_ecb( data_t * key_str, data_t * src_str,
-                      data_t * dst, int setkey_result )
-{
-    unsigned char output[100];
-    mbedtls_aes_context ctx;
-
-    memset(output, 0x00, 100);
-
-    mbedtls_aes_init( &ctx );
-
-    TEST_ASSERT( mbedtls_aes_setkey_dec( &ctx, key_str->x, key_str->len * 8 ) == setkey_result );
-    if( setkey_result == 0 )
-    {
-        TEST_ASSERT( mbedtls_aes_crypt_ecb( &ctx, MBEDTLS_AES_DECRYPT, src_str->x, output ) == 0 );
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 );
-    }
-
-exit:
-    mbedtls_aes_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void aes_encrypt_cbc( data_t * key_str, data_t * iv_str,
-                      data_t * src_str, data_t * dst,
-                      int cbc_result )
-{
-    unsigned char output[100];
-    mbedtls_aes_context ctx;
-
-    memset(output, 0x00, 100);
-
-    mbedtls_aes_init( &ctx );
-
-    mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
-    TEST_ASSERT( mbedtls_aes_crypt_cbc( &ctx, MBEDTLS_AES_ENCRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result );
-    if( cbc_result == 0 )
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x,
-                                          src_str->len, dst->len ) == 0 );
-    }
-
-exit:
-    mbedtls_aes_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void aes_decrypt_cbc( data_t * key_str, data_t * iv_str,
-                      data_t * src_str, data_t * dst,
-                      int cbc_result )
-{
-    unsigned char output[100];
-    mbedtls_aes_context ctx;
-
-    memset(output, 0x00, 100);
-    mbedtls_aes_init( &ctx );
-
-    mbedtls_aes_setkey_dec( &ctx, key_str->x, key_str->len * 8 );
-    TEST_ASSERT( mbedtls_aes_crypt_cbc( &ctx, MBEDTLS_AES_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result );
-    if( cbc_result == 0)
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x,
-                                          src_str->len, dst->len ) == 0 );
-    }
-
-exit:
-    mbedtls_aes_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
-void aes_encrypt_xts( char *hex_key_string, char *hex_data_unit_string,
-                      char *hex_src_string, char *hex_dst_string )
-{
-    enum { AES_BLOCK_SIZE = 16 };
-    unsigned char *data_unit = NULL;
-    unsigned char *key = NULL;
-    unsigned char *src = NULL;
-    unsigned char *dst = NULL;
-    unsigned char *output = NULL;
-    mbedtls_aes_xts_context ctx;
-    size_t key_len, src_len, dst_len, data_unit_len;
-
-    mbedtls_aes_xts_init( &ctx );
-
-    data_unit = mbedtls_test_unhexify_alloc( hex_data_unit_string,
-                                             &data_unit_len );
-    TEST_ASSERT( data_unit_len == AES_BLOCK_SIZE );
-
-    key = mbedtls_test_unhexify_alloc( hex_key_string, &key_len );
-    TEST_ASSERT( key_len % 2 == 0 );
-
-    src = mbedtls_test_unhexify_alloc( hex_src_string, &src_len );
-    dst = mbedtls_test_unhexify_alloc( hex_dst_string, &dst_len );
-    TEST_ASSERT( src_len == dst_len );
-
-    output = mbedtls_test_zero_alloc( dst_len );
-
-    TEST_ASSERT( mbedtls_aes_xts_setkey_enc( &ctx, key, key_len * 8 ) == 0 );
-    TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, src_len,
-                                        data_unit, src, output ) == 0 );
-
-    TEST_ASSERT( memcmp( output, dst, dst_len ) == 0 );
-
-exit:
-    mbedtls_aes_xts_free( &ctx );
-    mbedtls_free( data_unit );
-    mbedtls_free( key );
-    mbedtls_free( src );
-    mbedtls_free( dst );
-    mbedtls_free( output );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
-void aes_decrypt_xts( char *hex_key_string, char *hex_data_unit_string,
-                      char *hex_dst_string, char *hex_src_string )
-{
-    enum { AES_BLOCK_SIZE = 16 };
-    unsigned char *data_unit = NULL;
-    unsigned char *key = NULL;
-    unsigned char *src = NULL;
-    unsigned char *dst = NULL;
-    unsigned char *output = NULL;
-    mbedtls_aes_xts_context ctx;
-    size_t key_len, src_len, dst_len, data_unit_len;
-
-    mbedtls_aes_xts_init( &ctx );
-
-    data_unit = mbedtls_test_unhexify_alloc( hex_data_unit_string,
-                                             &data_unit_len );
-    TEST_ASSERT( data_unit_len == AES_BLOCK_SIZE );
-
-    key = mbedtls_test_unhexify_alloc( hex_key_string, &key_len );
-    TEST_ASSERT( key_len % 2 == 0 );
-
-    src = mbedtls_test_unhexify_alloc( hex_src_string, &src_len );
-    dst = mbedtls_test_unhexify_alloc( hex_dst_string, &dst_len );
-    TEST_ASSERT( src_len == dst_len );
-
-    output = mbedtls_test_zero_alloc( dst_len );
-
-    TEST_ASSERT( mbedtls_aes_xts_setkey_dec( &ctx, key, key_len * 8 ) == 0 );
-    TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_DECRYPT, src_len,
-                                        data_unit, src, output ) == 0 );
-
-    TEST_ASSERT( memcmp( output, dst, dst_len ) == 0 );
-
-exit:
-    mbedtls_aes_xts_free( &ctx );
-    mbedtls_free( data_unit );
-    mbedtls_free( key );
-    mbedtls_free( src );
-    mbedtls_free( dst );
-    mbedtls_free( output );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
-void aes_crypt_xts_size( int size, int retval )
-{
-    mbedtls_aes_xts_context ctx;
-    const unsigned char src[16] = { 0 };
-    unsigned char output[16];
-    unsigned char data_unit[16];
-    size_t length = size;
-
-    mbedtls_aes_xts_init( &ctx );
-    memset( data_unit, 0x00, sizeof( data_unit ) );
-
-
-    /* Valid pointers are passed for builds with MBEDTLS_CHECK_PARAMS, as
-     * otherwise we wouldn't get to the size check we're interested in. */
-    TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src, output ) == retval );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
-void aes_crypt_xts_keysize( int size, int retval )
-{
-    mbedtls_aes_xts_context ctx;
-    const unsigned char key[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 };
-    size_t key_len = size;
-
-    mbedtls_aes_xts_init( &ctx );
-
-    TEST_ASSERT( mbedtls_aes_xts_setkey_enc( &ctx, key, key_len * 8 ) == retval );
-    TEST_ASSERT( mbedtls_aes_xts_setkey_dec( &ctx, key, key_len * 8 ) == retval );
-exit:
-    mbedtls_aes_xts_free( &ctx );
-}
-/* END_CASE */
-
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void aes_encrypt_cfb128( data_t * key_str, data_t * iv_str,
-                         data_t * src_str, data_t * dst )
-{
-    unsigned char output[100];
-    mbedtls_aes_context ctx;
-    size_t iv_offset = 0;
-
-    memset(output, 0x00, 100);
-    mbedtls_aes_init( &ctx );
-
-
-    mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
-    TEST_ASSERT( mbedtls_aes_crypt_cfb128( &ctx, MBEDTLS_AES_ENCRYPT, 16, &iv_offset, iv_str->x, src_str->x, output ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 );
-
-exit:
-    mbedtls_aes_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void aes_decrypt_cfb128( data_t * key_str, data_t * iv_str,
-                         data_t * src_str, data_t * dst )
-{
-    unsigned char output[100];
-    mbedtls_aes_context ctx;
-    size_t iv_offset = 0;
-
-    memset(output, 0x00, 100);
-    mbedtls_aes_init( &ctx );
-
-
-    mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
-    TEST_ASSERT( mbedtls_aes_crypt_cfb128( &ctx, MBEDTLS_AES_DECRYPT, 16, &iv_offset, iv_str->x, src_str->x, output ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 );
-
-exit:
-    mbedtls_aes_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void aes_encrypt_cfb8( data_t * key_str, data_t * iv_str,
-                       data_t * src_str, data_t * dst )
-{
-    unsigned char output[100];
-    mbedtls_aes_context ctx;
-
-    memset(output, 0x00, 100);
-    mbedtls_aes_init( &ctx );
-
-
-    mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
-    TEST_ASSERT( mbedtls_aes_crypt_cfb8( &ctx, MBEDTLS_AES_ENCRYPT, src_str->len, iv_str->x, src_str->x, output ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x,
-                                      src_str->len, dst->len ) == 0 );
-
-exit:
-    mbedtls_aes_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void aes_decrypt_cfb8( data_t * key_str, data_t * iv_str,
-                       data_t * src_str, data_t * dst )
-{
-    unsigned char output[100];
-    mbedtls_aes_context ctx;
-
-    memset(output, 0x00, 100);
-    mbedtls_aes_init( &ctx );
-
-
-    mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
-    TEST_ASSERT( mbedtls_aes_crypt_cfb8( &ctx, MBEDTLS_AES_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x,
-                                      src_str->len, dst->len ) == 0 );
-
-exit:
-    mbedtls_aes_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_OFB */
-void aes_encrypt_ofb( int fragment_size, data_t *key_str,
-                      data_t *iv_str, data_t *src_str,
-                      data_t *expected_output )
-{
-    unsigned char output[32];
-    mbedtls_aes_context ctx;
-    size_t iv_offset = 0;
-    int in_buffer_len;
-    unsigned char* src_str_next;
-
-    memset( output, 0x00, sizeof( output ) );
-    mbedtls_aes_init( &ctx );
-
-    TEST_ASSERT( (size_t)fragment_size < sizeof( output ) );
-
-    TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x,
-                                         key_str->len * 8 ) == 0 );
-    in_buffer_len = src_str->len;
-    src_str_next = src_str->x;
-
-    while( in_buffer_len > 0 )
-    {
-        TEST_ASSERT( mbedtls_aes_crypt_ofb( &ctx, fragment_size, &iv_offset,
-                                            iv_str->x, src_str_next, output ) == 0 );
-
-        TEST_ASSERT( memcmp( output, expected_output->x, fragment_size ) == 0 );
-
-        in_buffer_len -= fragment_size;
-        expected_output->x += fragment_size;
-        src_str_next += fragment_size;
-
-        if( in_buffer_len < fragment_size )
-            fragment_size = in_buffer_len;
-    }
-
-exit:
-    mbedtls_aes_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void aes_check_params( )
-{
-    mbedtls_aes_context aes_ctx;
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    mbedtls_aes_xts_context xts_ctx;
-#endif
-    const unsigned char key[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 };
-    const unsigned char in[16] = { 0 };
-    unsigned char out[16];
-    size_t size;
-    const int valid_mode = MBEDTLS_AES_ENCRYPT;
-    const int invalid_mode = 42;
-
-    TEST_INVALID_PARAM( mbedtls_aes_init( NULL ) );
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    TEST_INVALID_PARAM( mbedtls_aes_xts_init( NULL ) );
-#endif
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_setkey_enc( NULL, key, 128 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_setkey_enc( &aes_ctx, NULL, 128 ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_setkey_dec( NULL, key, 128 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_setkey_dec( &aes_ctx, NULL, 128 ) );
-
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_xts_setkey_enc( NULL, key, 128 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_xts_setkey_enc( &xts_ctx, NULL, 128 ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_xts_setkey_dec( NULL, key, 128 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_xts_setkey_dec( &xts_ctx, NULL, 128 ) );
-#endif
-
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_ecb( NULL,
-                                                   valid_mode, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_ecb( &aes_ctx,
-                                                   invalid_mode, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_ecb( &aes_ctx,
-                                                   valid_mode, NULL, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_ecb( &aes_ctx,
-                                                   valid_mode, in, NULL ) );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_cbc( NULL,
-                                                   valid_mode, 16,
-                                                   out, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_cbc( &aes_ctx,
-                                                   invalid_mode, 16,
-                                                   out, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_cbc( &aes_ctx,
-                                                   valid_mode, 16,
-                                                   NULL, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_cbc( &aes_ctx,
-                                                   valid_mode, 16,
-                                                   out, NULL, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_cbc( &aes_ctx,
-                                                   valid_mode, 16,
-                                                   out, in, NULL ) );
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_xts( NULL,
-                                                   valid_mode, 16,
-                                                   in, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_xts( &xts_ctx,
-                                                   invalid_mode, 16,
-                                                   in, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_xts( &xts_ctx,
-                                                   valid_mode, 16,
-                                                   NULL, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_xts( &xts_ctx,
-                                                   valid_mode, 16,
-                                                   in, NULL, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_xts( &xts_ctx,
-                                                   valid_mode, 16,
-                                                   in, in, NULL ) );
-#endif /* MBEDTLS_CIPHER_MODE_XTS */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_cfb128( NULL,
-                                                      valid_mode, 16,
-                                                      &size, out, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_cfb128( &aes_ctx,
-                                                      invalid_mode, 16,
-                                                      &size, out, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_cfb128( &aes_ctx,
-                                                      valid_mode, 16,
-                                                      NULL, out, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_cfb128( &aes_ctx,
-                                                      valid_mode, 16,
-                                                      &size, NULL, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_cfb128( &aes_ctx,
-                                                      valid_mode, 16,
-                                                      &size, out, NULL, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_cfb128( &aes_ctx,
-                                                      valid_mode, 16,
-                                                      &size, out, in, NULL ) );
-
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_cfb8( NULL,
-                                                    valid_mode, 16,
-                                                    out, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_cfb8( &aes_ctx,
-                                                    invalid_mode, 16,
-                                                    out, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_cfb8( &aes_ctx,
-                                                    valid_mode, 16,
-                                                    NULL, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_cfb8( &aes_ctx,
-                                                    valid_mode, 16,
-                                                    out, NULL, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_cfb8( &aes_ctx,
-                                                    valid_mode, 16,
-                                                    out, in, NULL ) );
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_ofb( NULL, 16,
-                                                   &size, out, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_ofb( &aes_ctx, 16,
-                                                   NULL, out, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_ofb( &aes_ctx, 16,
-                                                   &size, NULL, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_ofb( &aes_ctx, 16,
-                                                   &size, out, NULL, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_ofb( &aes_ctx, 16,
-                                                   &size, out, in, NULL ) );
-#endif /* MBEDTLS_CIPHER_MODE_OFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_ctr( NULL, 16, &size, out,
-                                                   out, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_ctr( &aes_ctx, 16, NULL, out,
-                                                   out, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, NULL,
-                                                   out, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out,
-                                                   NULL, in, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out,
-                                                   out, NULL, out ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
-                            mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out,
-                                                   out, in, NULL ) );
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void aes_misc_params( )
-{
-#if defined(MBEDTLS_CIPHER_MODE_CBC) || \
-    defined(MBEDTLS_CIPHER_MODE_XTS) || \
-    defined(MBEDTLS_CIPHER_MODE_CFB) || \
-    defined(MBEDTLS_CIPHER_MODE_OFB)
-    mbedtls_aes_context aes_ctx;
-    const unsigned char in[16] = { 0 };
-    unsigned char out[16];
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    mbedtls_aes_xts_context xts_ctx;
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB) || \
-    defined(MBEDTLS_CIPHER_MODE_OFB)
-    size_t size;
-#endif
-
-    /* These calls accept NULL */
-    TEST_VALID_PARAM( mbedtls_aes_free( NULL ) );
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    TEST_VALID_PARAM( mbedtls_aes_xts_free( NULL ) );
-#endif
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    TEST_ASSERT( mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_ENCRYPT,
-                                        15,
-                                        out, in, out )
-                 == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
-    TEST_ASSERT( mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_ENCRYPT,
-                                        17,
-                                        out, in, out )
-                 == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
-#endif
-
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
-    TEST_ASSERT( mbedtls_aes_crypt_xts( &xts_ctx, MBEDTLS_AES_ENCRYPT,
-                                        15,
-                                        in, in, out )
-                 == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
-    TEST_ASSERT( mbedtls_aes_crypt_xts( &xts_ctx, MBEDTLS_AES_ENCRYPT,
-                                        (1 << 24) + 1,
-                                        in, in, out )
-                 == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
-#endif
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    size = 16;
-    TEST_ASSERT( mbedtls_aes_crypt_cfb128( &aes_ctx, MBEDTLS_AES_ENCRYPT, 16,
-                                           &size, out, in, out )
-                 == MBEDTLS_ERR_AES_BAD_INPUT_DATA );
-#endif
-
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
-    size = 16;
-    TEST_ASSERT( mbedtls_aes_crypt_ofb( &aes_ctx, 16, &size, out, in, out )
-                 == MBEDTLS_ERR_AES_BAD_INPUT_DATA );
-#endif
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void aes_selftest(  )
-{
-    TEST_ASSERT( mbedtls_aes_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_arc4.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_arc4.function
deleted file mode 100644
index c1e2386..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_arc4.function
+++ /dev/null
@@ -1,37 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/arc4.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_ARC4_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void mbedtls_arc4_crypt( data_t * src_str, data_t * key_str, data_t * dst )
-{
-    unsigned char dst_str[1000];
-    mbedtls_arc4_context ctx;
-
-    memset(dst_str, 0x00, 1000);
-    mbedtls_arc4_init( &ctx );
-
-
-    mbedtls_arc4_setup(&ctx, key_str->x, key_str->len);
-    TEST_ASSERT( mbedtls_arc4_crypt(&ctx, src_str->len,
-                                    src_str->x, dst_str ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( dst_str, dst->x,
-                                      src_str->len, dst->len ) == 0 );
-
-exit:
-    mbedtls_arc4_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void arc4_selftest(  )
-{
-    TEST_ASSERT( mbedtls_arc4_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aria.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aria.function
deleted file mode 100644
index 6d6a203..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aria.function
+++ /dev/null
@@ -1,429 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/aria.h"
-
-/* Maxium size of data used by test vectors
- * WARNING: to be adapted if and when adding larger test cases */
-#define ARIA_MAX_DATASIZE  160
-
-/* Maximum sizes of hexified things */
-#define ARIA_MAX_KEY_STR    ( 2 * MBEDTLS_ARIA_MAX_KEYSIZE + 1 )
-#define ARIA_BLOCK_STR      ( 2 * MBEDTLS_ARIA_BLOCKSIZE + 1 )
-#define ARIA_MAX_DATA_STR   ( 2 * ARIA_MAX_DATASIZE + 1 )
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_ARIA_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void aria_valid_param( )
-{
-    TEST_VALID_PARAM( mbedtls_aria_free( NULL ) );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void aria_invalid_param( )
-{
-    mbedtls_aria_context ctx;
-    unsigned char key[128 / 8] = { 0 };
-    unsigned char input[MBEDTLS_ARIA_BLOCKSIZE] = { 0 };
-    unsigned char output[MBEDTLS_ARIA_BLOCKSIZE] = { 0 };
-    unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE] = { 0 };
-    size_t iv_off = 0;
-
-    ((void) iv_off);
-    ((void) iv);
-
-    TEST_INVALID_PARAM( mbedtls_aria_init( NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_setkey_enc( NULL, key,
-                                                     sizeof( key ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_setkey_enc( &ctx, NULL,
-                                                     sizeof( key ) ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_setkey_dec( NULL, key,
-                                                     sizeof( key ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_setkey_dec( &ctx, NULL,
-                                                     sizeof( key ) ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_crypt_ecb( NULL, input, output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_crypt_ecb( &ctx, NULL, output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_crypt_ecb( &ctx, input, NULL ) );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_crypt_cbc( NULL,
-                                                    MBEDTLS_ARIA_ENCRYPT,
-                                                    sizeof( input ),
-                                                    iv,
-                                                    input,
-                                                    output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_crypt_cbc( &ctx,
-                                                    42 /* invalid mode */,
-                                                    sizeof( input ),
-                                                    iv,
-                                                    input,
-                                                    output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_crypt_cbc( &ctx,
-                                                    MBEDTLS_ARIA_ENCRYPT,
-                                                    sizeof( input ),
-                                                    NULL,
-                                                    input,
-                                                    output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_crypt_cbc( &ctx,
-                                                    MBEDTLS_ARIA_ENCRYPT,
-                                                    sizeof( input ),
-                                                    iv,
-                                                    NULL,
-                                                    output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_crypt_cbc( &ctx,
-                                                    MBEDTLS_ARIA_ENCRYPT,
-                                                    sizeof( input ),
-                                                    iv,
-                                                    input,
-                                                    NULL ) );
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_crypt_cfb128( NULL,
-                                                    MBEDTLS_ARIA_ENCRYPT,
-                                                    sizeof( input ),
-                                                    &iv_off,
-                                                    iv,
-                                                    input,
-                                                    output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_crypt_cfb128( &ctx,
-                                                    42, /* invalid mode */
-                                                    sizeof( input ),
-                                                    &iv_off,
-                                                    iv,
-                                                    input,
-                                                    output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_crypt_cfb128( &ctx,
-                                                    MBEDTLS_ARIA_ENCRYPT,
-                                                    sizeof( input ),
-                                                    NULL,
-                                                    iv,
-                                                    input,
-                                                    output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_crypt_cfb128( &ctx,
-                                                    MBEDTLS_ARIA_ENCRYPT,
-                                                    sizeof( input ),
-                                                    &iv_off,
-                                                    NULL,
-                                                    input,
-                                                    output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_crypt_cfb128( &ctx,
-                                                    MBEDTLS_ARIA_ENCRYPT,
-                                                    sizeof( input ),
-                                                    &iv_off,
-                                                    iv,
-                                                    NULL,
-                                                    output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_crypt_cfb128( &ctx,
-                                                    MBEDTLS_ARIA_ENCRYPT,
-                                                    sizeof( input ),
-                                                    &iv_off,
-                                                    iv,
-                                                    input,
-                                                    NULL ) );
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_crypt_ctr( NULL,
-                                                    sizeof( input ),
-                                                    &iv_off,
-                                                    iv,
-                                                    iv,
-                                                    input,
-                                                    output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_crypt_ctr( &ctx,
-                                                    sizeof( input ),
-                                                    NULL,
-                                                    iv,
-                                                    iv,
-                                                    input,
-                                                    output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_crypt_ctr( &ctx,
-                                                    sizeof( input ),
-                                                    &iv_off,
-                                                    NULL,
-                                                    iv,
-                                                    input,
-                                                    output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_crypt_ctr( &ctx,
-                                                    sizeof( input ),
-                                                    &iv_off,
-                                                    iv,
-                                                    NULL,
-                                                    input,
-                                                    output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_crypt_ctr( &ctx,
-                                                    sizeof( input ),
-                                                    &iv_off,
-                                                    iv,
-                                                    iv,
-                                                    NULL,
-                                                    output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
-                            mbedtls_aria_crypt_ctr( &ctx,
-                                                    sizeof( input ),
-                                                    &iv_off,
-                                                    iv,
-                                                    iv,
-                                                    input,
-                                                    NULL ) );
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-exit:
-    return;
-
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void aria_encrypt_ecb( data_t *key_str, data_t *src_str,
-                       data_t *expected_output, int setkey_result )
-{
-    unsigned char output[ARIA_MAX_DATASIZE];
-    mbedtls_aria_context ctx;
-    size_t i;
-
-    memset( output, 0x00, sizeof( output ) );
-    mbedtls_aria_init( &ctx );
-
-    TEST_ASSERT( mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 )
-                 == setkey_result );
-    if( setkey_result == 0 )
-    {
-        for( i = 0; i < src_str->len; i += MBEDTLS_ARIA_BLOCKSIZE )
-        {
-            TEST_ASSERT( mbedtls_aria_crypt_ecb( &ctx, src_str->x + i,
-                                                 output + i ) == 0 );
-        }
-
-        ASSERT_COMPARE( output, expected_output->len,
-                        expected_output->x, expected_output->len );
-    }
-
-exit:
-    mbedtls_aria_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void aria_decrypt_ecb( data_t *key_str, data_t *src_str,
-                       data_t *expected_output, int setkey_result )
-{
-    unsigned char output[ARIA_MAX_DATASIZE];
-    mbedtls_aria_context ctx;
-    size_t i;
-
-    memset( output, 0x00, sizeof( output ) );
-    mbedtls_aria_init( &ctx );
-
-    TEST_ASSERT( mbedtls_aria_setkey_dec( &ctx, key_str->x, key_str->len * 8 )
-                 == setkey_result );
-    if( setkey_result == 0 )
-    {
-        for( i = 0; i < src_str->len; i += MBEDTLS_ARIA_BLOCKSIZE )
-        {
-            TEST_ASSERT( mbedtls_aria_crypt_ecb( &ctx, src_str->x + i,
-                                                 output + i ) == 0 );
-        }
-
-        ASSERT_COMPARE( output, expected_output->len,
-                        expected_output->x, expected_output->len );
-    }
-
-exit:
-    mbedtls_aria_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void aria_encrypt_cbc( data_t *key_str, data_t *iv_str,
-                       data_t *src_str, data_t *expected_output,
-                       int cbc_result )
-{
-    unsigned char output[ARIA_MAX_DATASIZE];
-    mbedtls_aria_context ctx;
-
-    memset( output, 0x00, sizeof( output ) );
-    mbedtls_aria_init( &ctx );
-
-    mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
-    TEST_ASSERT( mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT,
-                                         src_str->len, iv_str->x, src_str->x,
-                                         output ) == cbc_result );
-    if( cbc_result == 0 )
-    {
-        ASSERT_COMPARE( output, expected_output->len,
-                        expected_output->x, expected_output->len );
-    }
-
-exit:
-    mbedtls_aria_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void aria_decrypt_cbc( data_t *key_str, data_t *iv_str,
-                       data_t *src_str, data_t *expected_output,
-                       int cbc_result )
-{
-    unsigned char output[ARIA_MAX_DATASIZE];
-    mbedtls_aria_context ctx;
-
-    memset( output, 0x00, sizeof( output ) );
-    mbedtls_aria_init( &ctx );
-
-    mbedtls_aria_setkey_dec( &ctx, key_str->x, key_str->len * 8 );
-    TEST_ASSERT( mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT,
-                                         src_str->len, iv_str->x, src_str->x,
-                                         output ) == cbc_result );
-    if( cbc_result == 0 )
-    {
-        ASSERT_COMPARE( output, expected_output->len,
-                        expected_output->x, expected_output->len );
-    }
-
-exit:
-    mbedtls_aria_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void aria_encrypt_cfb128( data_t *key_str, data_t *iv_str,
-                          data_t *src_str, data_t *expected_output,
-                          int result )
-{
-    unsigned char output[ARIA_MAX_DATASIZE];
-    mbedtls_aria_context ctx;
-    size_t iv_offset = 0;
-
-    memset( output, 0x00, sizeof( output ) );
-    mbedtls_aria_init( &ctx );
-
-    mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
-    TEST_ASSERT( mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_ENCRYPT,
-                                            src_str->len, &iv_offset,
-                                            iv_str->x, src_str->x, output )
-                 == result );
-
-    ASSERT_COMPARE( output, expected_output->len,
-                    expected_output->x, expected_output->len );
-
-exit:
-    mbedtls_aria_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void aria_decrypt_cfb128( data_t *key_str, data_t *iv_str,
-                          data_t *src_str, data_t *expected_output,
-                          int result  )
-{
-    unsigned char output[ARIA_MAX_DATASIZE];
-    mbedtls_aria_context ctx;
-    size_t iv_offset = 0;
-
-    memset( output, 0x00, sizeof( output ) );
-    mbedtls_aria_init( &ctx );
-
-    mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
-    TEST_ASSERT( mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_DECRYPT,
-                                            src_str->len, &iv_offset,
-                                            iv_str->x, src_str->x, output )
-                 == result );
-
-    ASSERT_COMPARE( output, expected_output->len,
-                    expected_output->x, expected_output->len );
-
-exit:
-    mbedtls_aria_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */
-void aria_encrypt_ctr( data_t *key_str, data_t *iv_str,
-                       data_t *src_str, data_t *expected_output,
-                       int result )
-{
-    unsigned char output[ARIA_MAX_DATASIZE];
-    unsigned char blk[MBEDTLS_ARIA_BLOCKSIZE];
-    mbedtls_aria_context ctx;
-    size_t iv_offset = 0;
-
-    memset( output, 0x00, sizeof( output ) );
-    mbedtls_aria_init( &ctx );
-
-    mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
-    TEST_ASSERT( mbedtls_aria_crypt_ctr( &ctx, src_str->len, &iv_offset,
-                                         iv_str->x, blk, src_str->x, output )
-                 == result );
-
-    ASSERT_COMPARE( output, expected_output->len,
-                    expected_output->x, expected_output->len );
-
-exit:
-    mbedtls_aria_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */
-void aria_decrypt_ctr( data_t *key_str, data_t *iv_str,
-                       data_t *src_str, data_t *expected_output,
-                       int result )
-{
-    unsigned char output[ARIA_MAX_DATASIZE];
-    unsigned char blk[MBEDTLS_ARIA_BLOCKSIZE];
-    mbedtls_aria_context ctx;
-    size_t iv_offset = 0;
-
-    memset( output, 0x00, sizeof( output ) );
-    mbedtls_aria_init( &ctx );
-
-    mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
-    TEST_ASSERT( mbedtls_aria_crypt_ctr( &ctx, src_str->len, &iv_offset,
-                                         iv_str->x, blk, src_str->x, output )
-                 == result );
-
-    ASSERT_COMPARE( output, expected_output->len,
-                    expected_output->x, expected_output->len );
-
-exit:
-    mbedtls_aria_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void aria_selftest()
-{
-    TEST_ASSERT( mbedtls_aria_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_asn1parse.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_asn1parse.function
deleted file mode 100644
index 990f343..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_asn1parse.function
+++ /dev/null
@@ -1,793 +0,0 @@
-/* BEGIN_HEADER */
-#include <errno.h>
-#include <stdlib.h>
-#include <limits.h>
-
-#include "mbedtls/bignum.h"
-#include "mbedtls/asn1.h"
-#if defined(MBEDTLS_ASN1_WRITE_C)
-#include "mbedtls/asn1write.h"
-#endif
-
-/* Used internally to report an error that indicates a bug in a parsing function. */
-#define ERR_PARSE_INCONSISTENCY INT_MAX
-
-/* Use this magic value in some tests to indicate that the expected result
- * should not be checked. */
-#define UNPREDICTABLE_RESULT 0x5552
-
-static int nested_parse( unsigned char **const p,
-                         const unsigned char *const end )
-{
-    int ret;
-    size_t len = 0;
-    size_t len2 = 0;
-    unsigned char *const start = *p;
-    unsigned char *content_start;
-    unsigned char tag;
-
-    /* First get the length, skipping over the tag. */
-    content_start = start + 1;
-    ret = mbedtls_asn1_get_len( &content_start, end, &len );
-    TEST_ASSERT( content_start <= end );
-    if( ret != 0 )
-        return( ret );
-
-    /* Since we have a valid element start (tag and length), retrieve and
-     * check the tag. */
-    tag = start[0];
-    TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len2, tag ^ 1 ),
-                MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
-    *p = start;
-    TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len2, tag ), 0 );
-    TEST_EQUAL( len, len2 );
-    TEST_ASSERT( *p == content_start );
-    *p = content_start;
-
-    switch( tag & 0x1f )
-    {
-        case MBEDTLS_ASN1_BOOLEAN:
-        {
-            int val = -257;
-            *p = start;
-            ret = mbedtls_asn1_get_bool( p, end, &val );
-            if( ret == 0 )
-                TEST_ASSERT( val == 0 || val == 1 );
-            break;
-        }
-
-        case MBEDTLS_ASN1_INTEGER:
-        {
-#if defined(MBEDTLS_BIGNUM_C)
-            mbedtls_mpi mpi;
-            mbedtls_mpi_init( &mpi );
-            *p = start;
-            ret = mbedtls_asn1_get_mpi( p, end, &mpi );
-            mbedtls_mpi_free( &mpi );
-#else
-            *p = start + 1;
-            ret = mbedtls_asn1_get_len( p, end, &len );
-            *p += len;
-#endif
-            /* If we're sure that the number fits in an int, also
-             * call mbedtls_asn1_get_int(). */
-            if( ret == 0 && len < sizeof( int ) )
-            {
-                int val = -257;
-                unsigned char *q = start;
-                ret = mbedtls_asn1_get_int( &q, end, &val );
-                TEST_ASSERT( *p == q );
-            }
-            break;
-        }
-
-        case MBEDTLS_ASN1_BIT_STRING:
-        {
-            mbedtls_asn1_bitstring bs;
-            *p = start;
-            ret = mbedtls_asn1_get_bitstring( p, end, &bs );
-            break;
-        }
-
-        case MBEDTLS_ASN1_SEQUENCE:
-        {
-            while( *p <= end && *p < content_start + len && ret == 0 )
-                ret = nested_parse( p, content_start + len );
-            break;
-        }
-
-        case MBEDTLS_ASN1_OCTET_STRING:
-        case MBEDTLS_ASN1_NULL:
-        case MBEDTLS_ASN1_OID:
-        case MBEDTLS_ASN1_UTF8_STRING:
-        case MBEDTLS_ASN1_SET:
-        case MBEDTLS_ASN1_PRINTABLE_STRING:
-        case MBEDTLS_ASN1_T61_STRING:
-        case MBEDTLS_ASN1_IA5_STRING:
-        case MBEDTLS_ASN1_UTC_TIME:
-        case MBEDTLS_ASN1_GENERALIZED_TIME:
-        case MBEDTLS_ASN1_UNIVERSAL_STRING:
-        case MBEDTLS_ASN1_BMP_STRING:
-        default:
-            /* No further testing implemented for this tag. */
-            *p += len;
-            return( 0 );
-    }
-
-    TEST_ASSERT( *p <= end );
-    return( ret );
-
-exit:
-    return( ERR_PARSE_INCONSISTENCY );
-}
-
-int get_len_step( const data_t *input, size_t buffer_size,
-                  size_t actual_length )
-{
-    unsigned char *buf = NULL;
-    unsigned char *p = NULL;
-    unsigned char *end;
-    size_t parsed_length;
-    int ret;
-
-    test_set_step( buffer_size );
-    /* Allocate a new buffer of exactly the length to parse each time.
-     * This gives memory sanitizers a chance to catch buffer overreads. */
-    if( buffer_size == 0 )
-    {
-        ASSERT_ALLOC( buf, 1 );
-        end = buf + 1;
-        p = end;
-    }
-    else
-    {
-        ASSERT_ALLOC_WEAK( buf, buffer_size );
-        if( buffer_size > input->len )
-        {
-            memcpy( buf, input->x, input->len );
-            memset( buf + input->len, 'A', buffer_size - input->len );
-        }
-        else
-        {
-            memcpy( buf, input->x, buffer_size );
-        }
-        p = buf;
-        end = buf + buffer_size;
-    }
-
-    ret = mbedtls_asn1_get_len( &p, end, &parsed_length );
-
-    if( buffer_size >= input->len + actual_length )
-    {
-        TEST_EQUAL( ret, 0 );
-        TEST_ASSERT( p == buf + input->len );
-        TEST_EQUAL( parsed_length, actual_length );
-    }
-    else
-    {
-        TEST_EQUAL( ret, MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-    }
-    mbedtls_free( buf );
-    return( 1 );
-
-exit:
-    mbedtls_free( buf );
-    return( 0 );
-}
-
-typedef struct
-{
-    const unsigned char *input_start;
-    const char *description;
-} traverse_state_t;
-
-/* Value returned by traverse_callback if description runs out. */
-#define RET_TRAVERSE_STOP 1
-/* Value returned by traverse_callback if description has an invalid format
- * (see traverse_sequence_of). */
-#define RET_TRAVERSE_ERROR 2
-
-
-static int traverse_callback( void *ctx, int tag,
-                              unsigned char *content, size_t len )
-{
-    traverse_state_t *state = ctx;
-    size_t offset;
-    const char *rest = state->description;
-    unsigned long n;
-
-    TEST_ASSERT( content > state->input_start );
-    offset = content - state->input_start;
-    test_set_step( offset );
-
-    if( *rest == 0 )
-        return( RET_TRAVERSE_STOP );
-    n = strtoul( rest, (char **) &rest, 0 );
-    TEST_EQUAL( n, offset );
-    TEST_EQUAL( *rest, ',' );
-    ++rest;
-    n = strtoul( rest, (char **) &rest, 0 );
-    TEST_EQUAL( n, (unsigned) tag );
-    TEST_EQUAL( *rest, ',' );
-    ++rest;
-    n = strtoul( rest, (char **) &rest, 0 );
-    TEST_EQUAL( n, len );
-    if( *rest == ',' )
-        ++rest;
-
-    state->description = rest;
-    return( 0 );
-
-exit:
-    return( RET_TRAVERSE_ERROR );
-}
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_ASN1_PARSE_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void parse_prefixes( const data_t *input,
-                     int full_result,
-                     int overfull_result )
-{
-    /* full_result: expected result from parsing the given string. */
-    /* overfull_result: expected_result from parsing the given string plus
-     * some trailing garbage. This may be UNPREDICTABLE_RESULT to accept
-     * any result: use this for invalid inputs that may or may not become
-     * valid depending on what the trailing garbage is. */
-
-    unsigned char *buf = NULL;
-    unsigned char *p = NULL;
-    size_t buffer_size;
-    int ret;
-
-    /* Test every prefix of the input, except the empty string.
-     * The first byte of the string is the tag. Without a tag byte,
-     * we wouldn't know what to parse the input as.
-     * Also test the input followed by an extra byte.
-     */
-    for( buffer_size = 1; buffer_size <= input->len + 1; buffer_size++ )
-    {
-        test_set_step( buffer_size );
-        /* Allocate a new buffer of exactly the length to parse each time.
-         * This gives memory sanitizers a chance to catch buffer overreads. */
-        ASSERT_ALLOC( buf, buffer_size );
-        memcpy( buf, input->x, buffer_size );
-        p = buf;
-        ret = nested_parse( &p, buf + buffer_size );
-
-        if( ret == ERR_PARSE_INCONSISTENCY )
-            goto exit;
-        if( buffer_size < input->len )
-        {
-            TEST_EQUAL( ret, MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-        }
-        else if( buffer_size == input->len )
-        {
-            TEST_EQUAL( ret, full_result );
-        }
-        else /* ( buffer_size > input->len ) */
-        {
-            if( overfull_result != UNPREDICTABLE_RESULT )
-                TEST_EQUAL( ret, overfull_result );
-        }
-        if( ret == 0 )
-            TEST_ASSERT( p == buf + input->len );
-
-        mbedtls_free( buf );
-        buf = NULL;
-    }
-
-exit:
-    mbedtls_free( buf );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void get_len( const data_t *input, int actual_length_arg )
-{
-    size_t actual_length = actual_length_arg;
-    size_t buffer_size;
-
-    /* Test prefixes of a buffer containing the given length string
-     * followed by `actual_length` bytes of payload. To save a bit of
-     * time, we skip some "boring" prefixes: we don't test prefixes where
-     * the payload is truncated more than one byte away from either end,
-     * and we only test the empty string on a 1-byte input.
-     */
-    for( buffer_size = 1; buffer_size <= input->len + 1; buffer_size++ )
-    {
-        if( ! get_len_step( input, buffer_size, actual_length ) )
-            goto exit;
-    }
-    if( ! get_len_step( input, input->len + actual_length - 1, actual_length ) )
-        goto exit;
-    if( ! get_len_step( input, input->len + actual_length, actual_length ) )
-        goto exit;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void get_boolean( const data_t *input,
-                  int expected_value, int expected_result )
-{
-    unsigned char *p = input->x;
-    int val;
-    int ret;
-    ret = mbedtls_asn1_get_bool( &p, input->x + input->len, &val );
-    TEST_EQUAL( ret, expected_result );
-    if( expected_result == 0 )
-    {
-        TEST_EQUAL( val, expected_value );
-        TEST_ASSERT( p == input->x + input->len );
-    }
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void empty_integer( const data_t *input )
-{
-    unsigned char *p;
-#if defined(MBEDTLS_BIGNUM_C)
-    mbedtls_mpi actual_mpi;
-#endif
-    int val;
-
-#if defined(MBEDTLS_BIGNUM_C)
-    mbedtls_mpi_init( & actual_mpi );
-#endif
-
-    /* An INTEGER with no content is not valid. */
-    p = input->x;
-    TEST_EQUAL( mbedtls_asn1_get_int( &p, input->x + input->len, &val ),
-                MBEDTLS_ERR_ASN1_INVALID_LENGTH );
-
-#if defined(MBEDTLS_BIGNUM_C)
-    /* INTEGERs are sometimes abused as bitstrings, so the library accepts
-     * an INTEGER with empty content and gives it the value 0. */
-    p = input->x;
-    TEST_EQUAL( mbedtls_asn1_get_mpi( &p, input->x + input->len, &actual_mpi ),
-                0 );
-    TEST_EQUAL( mbedtls_mpi_cmp_int( &actual_mpi, 0 ), 0 );
-#endif
-
-exit:
-#if defined(MBEDTLS_BIGNUM_C)
-    mbedtls_mpi_free( &actual_mpi );
-#endif
-    /*empty cleanup in some configurations*/ ;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void get_integer( const data_t *input,
-                  const char *expected_hex, int expected_result )
-{
-    unsigned char *p;
-#if defined(MBEDTLS_BIGNUM_C)
-    mbedtls_mpi expected_mpi;
-    mbedtls_mpi actual_mpi;
-    mbedtls_mpi complement;
-    int expected_result_for_mpi = expected_result;
-#endif
-    long expected_value;
-    int expected_result_for_int = expected_result;
-    int val;
-    int ret;
-
-#if defined(MBEDTLS_BIGNUM_C)
-    mbedtls_mpi_init( &expected_mpi );
-    mbedtls_mpi_init( &actual_mpi );
-    mbedtls_mpi_init( &complement );
-#endif
-
-    errno = 0;
-    expected_value = strtol( expected_hex, NULL, 16 );
-    if( expected_result == 0 &&
-        ( errno == ERANGE
-#if LONG_MAX > INT_MAX
-          || expected_value > INT_MAX || expected_value < INT_MIN
-#endif
-            ) )
-    {
-        /* The library returns the dubious error code INVALID_LENGTH
-         * for integers that are out of range. */
-        expected_result_for_int = MBEDTLS_ERR_ASN1_INVALID_LENGTH;
-    }
-    if( expected_result == 0 && expected_value < 0 )
-    {
-        /* The library does not support negative INTEGERs and
-         * returns the dubious error code INVALID_LENGTH.
-         * Test that we preserve the historical behavior. If we
-         * decide to change the behavior, we'll also change this test. */
-        expected_result_for_int = MBEDTLS_ERR_ASN1_INVALID_LENGTH;
-    }
-
-    p = input->x;
-    ret = mbedtls_asn1_get_int( &p, input->x + input->len, &val );
-    TEST_EQUAL( ret, expected_result_for_int );
-    if( ret == 0 )
-    {
-        TEST_EQUAL( val, expected_value );
-        TEST_ASSERT( p == input->x + input->len );
-    }
-
-#if defined(MBEDTLS_BIGNUM_C)
-    ret = mbedtls_mpi_read_string( &expected_mpi, 16, expected_hex );
-    TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
-    if( ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA )
-    {
-        /* The data overflows the maximum MPI size. */
-        expected_result_for_mpi = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
-    }
-    p = input->x;
-    ret = mbedtls_asn1_get_mpi( &p, input->x + input->len, &actual_mpi );
-    TEST_EQUAL( ret, expected_result_for_mpi );
-    if( ret == 0 )
-    {
-        if( expected_value >= 0 )
-        {
-            TEST_ASSERT( mbedtls_mpi_cmp_mpi( &actual_mpi,
-                                              &expected_mpi ) == 0 );
-        }
-        else
-        {
-            /* The library ignores the sign bit in ASN.1 INTEGERs
-             * (which makes sense insofar as INTEGERs are sometimes
-             * abused as bit strings), so the result of parsing them
-             * is a positive integer such that expected_mpi +
-             * actual_mpi = 2^n where n is the length of the content
-             * of the INTEGER. (Leading ff octets don't matter for the
-             * expected value, but they matter for the actual value.)
-             * Test that we don't change from this behavior. If we
-             * decide to fix the library to change the behavior on
-             * negative INTEGERs, we'll fix this test code. */
-            unsigned char *q = input->x + 1;
-            size_t len;
-            TEST_ASSERT( mbedtls_asn1_get_len( &q, input->x + input->len,
-                                               &len ) == 0 );
-            TEST_ASSERT( mbedtls_mpi_lset( &complement, 1 ) == 0 );
-            TEST_ASSERT( mbedtls_mpi_shift_l( &complement, len * 8 ) == 0 );
-            TEST_ASSERT( mbedtls_mpi_add_mpi( &complement, &complement,
-                                              &expected_mpi ) == 0 );
-            TEST_ASSERT( mbedtls_mpi_cmp_mpi( &complement,
-                                              &actual_mpi ) == 0 );
-        }
-        TEST_ASSERT( p == input->x + input->len );
-    }
-#endif
-
-exit:
-#if defined(MBEDTLS_BIGNUM_C)
-    mbedtls_mpi_free( &expected_mpi );
-    mbedtls_mpi_free( &actual_mpi );
-    mbedtls_mpi_free( &complement );
-#endif
-    /*empty cleanup in some configurations*/ ;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void get_enum( const data_t *input,
-               const char *expected_hex, int expected_result )
-{
-    unsigned char *p;
-    long expected_value;
-    int expected_result_for_enum = expected_result;
-    int val;
-    int ret;
-
-    errno = 0;
-    expected_value = strtol( expected_hex, NULL, 16 );
-    if( expected_result == 0 &&
-        ( errno == ERANGE
-#if LONG_MAX > INT_MAX
-          || expected_value > INT_MAX || expected_value < INT_MIN
-#endif
-            ) )
-    {
-        /* The library returns the dubious error code INVALID_LENGTH
-         * for integers that are out of range. */
-        expected_result_for_enum = MBEDTLS_ERR_ASN1_INVALID_LENGTH;
-    }
-    if( expected_result == 0 && expected_value < 0 )
-    {
-        /* The library does not support negative INTEGERs and
-         * returns the dubious error code INVALID_LENGTH.
-         * Test that we preserve the historical behavior. If we
-         * decide to change the behavior, we'll also change this test. */
-        expected_result_for_enum = MBEDTLS_ERR_ASN1_INVALID_LENGTH;
-    }
-
-    p = input->x;
-    ret = mbedtls_asn1_get_enum( &p, input->x + input->len, &val );
-    TEST_EQUAL( ret, expected_result_for_enum );
-    if( ret == 0 )
-    {
-        TEST_EQUAL( val, expected_value );
-        TEST_ASSERT( p == input->x + input->len );
-    }
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */
-void get_mpi_too_large( )
-{
-    unsigned char *buf = NULL;
-    unsigned char *p;
-    mbedtls_mpi actual_mpi;
-    size_t too_many_octets =
-        MBEDTLS_MPI_MAX_LIMBS * sizeof(mbedtls_mpi_uint) + 1;
-    size_t size = too_many_octets + 6;
-
-    mbedtls_mpi_init( &actual_mpi );
-
-    ASSERT_ALLOC( buf, size );
-    buf[0] = 0x02; /* tag: INTEGER */
-    buf[1] = 0x84; /* 4-octet length */
-    buf[2] = ( too_many_octets >> 24 ) & 0xff;
-    buf[3] = ( too_many_octets >> 16 ) & 0xff;
-    buf[4] = ( too_many_octets >> 8 ) & 0xff;
-    buf[5] = too_many_octets & 0xff;
-    buf[6] = 0x01; /* most significant octet */
-
-    p = buf;
-    TEST_EQUAL( mbedtls_asn1_get_mpi( &p, buf + size, &actual_mpi ),
-                MBEDTLS_ERR_MPI_ALLOC_FAILED );
-
-exit:
-    mbedtls_mpi_free( &actual_mpi );
-    mbedtls_free( buf );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void get_bitstring( const data_t *input,
-                    int expected_length, int expected_unused_bits,
-                    int expected_result, int expected_result_null )
-{
-    mbedtls_asn1_bitstring bs = { 0xdead, 0x21, NULL };
-    unsigned char *p = input->x;
-
-    TEST_EQUAL( mbedtls_asn1_get_bitstring( &p, input->x + input->len, &bs ),
-                expected_result );
-    if( expected_result == 0 )
-    {
-        TEST_EQUAL( bs.len, (size_t) expected_length );
-        TEST_EQUAL( bs.unused_bits, expected_unused_bits );
-        TEST_ASSERT( bs.p != NULL );
-        TEST_EQUAL( bs.p - input->x + bs.len, input->len );
-        TEST_ASSERT( p == input->x + input->len );
-    }
-
-    p = input->x;
-    TEST_EQUAL( mbedtls_asn1_get_bitstring_null( &p, input->x + input->len,
-                                                 &bs.len ),
-                expected_result_null );
-    if( expected_result_null == 0 )
-    {
-        TEST_EQUAL( bs.len, (size_t) expected_length );
-        if( expected_result == 0 )
-            TEST_ASSERT( p == input->x + input->len - bs.len );
-    }
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void get_sequence_of( const data_t *input, int tag,
-                      const char *description,
-                      int expected_result )
-{
-    /* The description string is a comma-separated list of integers.
-     * For each element in the SEQUENCE in input, description contains
-     * two integers: the offset of the element (offset from the start
-     * of input to the tag of the element) and the length of the
-     * element's contents.
-     * "offset1,length1,..." */
-
-    mbedtls_asn1_sequence head = { { 0, 0, NULL }, NULL };
-    mbedtls_asn1_sequence *cur;
-    unsigned char *p = input->x;
-    const char *rest = description;
-    unsigned long n;
-
-    TEST_EQUAL( mbedtls_asn1_get_sequence_of( &p, input->x + input->len,
-                                              &head, tag ),
-                expected_result );
-    if( expected_result == 0 )
-    {
-        TEST_ASSERT( p == input->x + input->len );
-
-        if( ! *rest )
-        {
-            TEST_EQUAL( head.buf.tag, 0 );
-            TEST_ASSERT( head.buf.p == NULL );
-            TEST_EQUAL( head.buf.len, 0 );
-            TEST_ASSERT( head.next == NULL );
-        }
-        else
-        {
-            cur = &head;
-            while( *rest )
-            {
-                ++test_info.step;
-                TEST_ASSERT( cur != NULL );
-                TEST_EQUAL( cur->buf.tag, tag );
-                n = strtoul( rest, (char **) &rest, 0 );
-                TEST_EQUAL( n, (size_t)( cur->buf.p - input->x ) );
-                ++rest;
-                n = strtoul( rest, (char **) &rest, 0 );
-                TEST_EQUAL( n, cur->buf.len );
-                if( *rest )
-                    ++rest;
-                cur = cur->next;
-            }
-            TEST_ASSERT( cur == NULL );
-        }
-    }
-
-exit:
-    mbedtls_asn1_sequence_free( head.next );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void traverse_sequence_of( const data_t *input,
-                           int tag_must_mask, int tag_must_val,
-                           int tag_may_mask, int tag_may_val,
-                           const char *description,
-                           int expected_result )
-{
-    /* The description string is a comma-separated list of integers.
-     * For each element in the SEQUENCE in input, description contains
-     * three integers: the offset of the element's content (offset from
-     * the start of input to the content of the element), the element's tag,
-     * and the length of the element's contents.
-     * "offset1,tag1,length1,..." */
-
-    unsigned char *p = input->x;
-    traverse_state_t traverse_state = {input->x, description};
-    int ret;
-
-    ret = mbedtls_asn1_traverse_sequence_of( &p, input->x + input->len,
-                                             (uint8_t) tag_must_mask, (uint8_t) tag_must_val,
-                                             (uint8_t) tag_may_mask, (uint8_t) tag_may_val,
-                                             traverse_callback, &traverse_state );
-    if( ret == RET_TRAVERSE_ERROR )
-        goto exit;
-    TEST_EQUAL( ret, expected_result );
-    TEST_EQUAL( *traverse_state.description, 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void get_alg( const data_t *input,
-              int oid_offset, int oid_length,
-              int params_tag, int params_offset, int params_length,
-              int total_length,
-              int expected_result )
-{
-    mbedtls_asn1_buf oid = { -1, 0, NULL };
-    mbedtls_asn1_buf params = { -1, 0, NULL };
-    unsigned char *p = input->x;
-    int ret;
-
-    TEST_EQUAL( mbedtls_asn1_get_alg( &p, input->x + input->len,
-                                      &oid, &params ),
-                expected_result );
-    if( expected_result == 0 )
-    {
-        TEST_EQUAL( oid.tag, MBEDTLS_ASN1_OID );
-        TEST_EQUAL( oid.p - input->x, oid_offset );
-        TEST_EQUAL( oid.len, (size_t) oid_length );
-        TEST_EQUAL( params.tag, params_tag );
-        if( params_offset != 0 )
-            TEST_EQUAL( params.p - input->x, params_offset );
-        else
-            TEST_ASSERT( params.p == NULL );
-        TEST_EQUAL( params.len, (size_t) params_length );
-        TEST_EQUAL( p - input->x, total_length );
-    }
-
-    ret = mbedtls_asn1_get_alg_null( &p, input->x + input->len, &oid );
-    if( expected_result == 0 && params_offset == 0 )
-    {
-        TEST_EQUAL( oid.tag, MBEDTLS_ASN1_OID );
-        TEST_EQUAL( oid.p - input->x, oid_offset );
-        TEST_EQUAL( oid.len, (size_t) oid_length );
-        TEST_EQUAL( p - input->x, total_length );
-    }
-    else
-        TEST_ASSERT( ret != 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void find_named_data( data_t *oid0, data_t *oid1, data_t *oid2, data_t *oid3,
-                      data_t *needle, int from, int position )
-{
-    mbedtls_asn1_named_data nd[] ={
-        { {0x06, oid0->len, oid0->x}, {0, 0, NULL}, NULL, 0 },
-        { {0x06, oid1->len, oid1->x}, {0, 0, NULL}, NULL, 0 },
-        { {0x06, oid2->len, oid2->x}, {0, 0, NULL}, NULL, 0 },
-        { {0x06, oid3->len, oid3->x}, {0, 0, NULL}, NULL, 0 },
-    };
-    mbedtls_asn1_named_data *pointers[ARRAY_LENGTH( nd ) + 1];
-    size_t i;
-    mbedtls_asn1_named_data *found;
-
-    for( i = 0; i < ARRAY_LENGTH( nd ); i++ )
-        pointers[i] = &nd[i];
-    pointers[ARRAY_LENGTH( nd )] = NULL;
-    for( i = 0; i < ARRAY_LENGTH( nd ); i++ )
-        nd[i].next = pointers[i+1];
-
-    found = mbedtls_asn1_find_named_data( pointers[from],
-                                          (const char *) needle->x,
-                                          needle->len );
-    TEST_ASSERT( found == pointers[position] );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void free_named_data_null( )
-{
-    mbedtls_asn1_free_named_data( NULL );
-    goto exit; /* Silence unused label warning */
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void free_named_data( int with_oid, int with_val, int with_next )
-{
-    mbedtls_asn1_named_data next =
-        { {0x06, 0, NULL}, {0, 0xcafe, NULL}, NULL, 0 };
-    mbedtls_asn1_named_data head =
-        { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 };
-
-    if( with_oid )
-        ASSERT_ALLOC( head.oid.p, 1 );
-    if( with_val )
-        ASSERT_ALLOC( head.val.p, 1 );
-    if( with_next )
-        head.next = &next;
-
-    mbedtls_asn1_free_named_data( &head );
-    TEST_ASSERT( head.oid.p == NULL );
-    TEST_ASSERT( head.val.p == NULL );
-    TEST_ASSERT( head.next == NULL );
-    TEST_ASSERT( next.val.len == 0xcafe );
-
-exit:
-    mbedtls_free( head.oid.p );
-    mbedtls_free( head.val.p );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void free_named_data_list( int length )
-{
-    mbedtls_asn1_named_data *head = NULL;
-    int i;
-
-    for( i = 0; i < length; i++ )
-    {
-        mbedtls_asn1_named_data *new = NULL;
-        ASSERT_ALLOC( new, sizeof( mbedtls_asn1_named_data ) );
-        new->next = head;
-        head = new;
-    }
-
-    mbedtls_asn1_free_named_data_list( &head );
-    TEST_ASSERT( head == NULL );
-    /* Most of the point of the test is that it doesn't leak memory.
-     * So this test is only really useful under a memory leak detection
-     * framework. */
-exit:
-    mbedtls_asn1_free_named_data_list( &head );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_asn1write.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_asn1write.function
deleted file mode 100644
index 21465c7..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_asn1write.function
+++ /dev/null
@@ -1,473 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/asn1write.h"
-
-#define GUARD_LEN 4
-#define GUARD_VAL 0x2a
-
-typedef struct
-{
-    unsigned char *output;
-    unsigned char *start;
-    unsigned char *end;
-    unsigned char *p;
-    size_t size;
-} generic_write_data_t;
-
-int generic_write_start_step( generic_write_data_t *data )
-{
-    test_set_step( data->size );
-    ASSERT_ALLOC( data->output, data->size == 0 ? 1 : data->size );
-    data->end = data->output + data->size;
-    data->p = data->end;
-    data->start = data->end - data->size;
-    return( 1 );
-exit:
-    return( 0 );
-}
-
-int generic_write_finish_step( generic_write_data_t *data,
-                               const data_t *expected, int ret )
-{
-    int ok = 0;
-
-    if( data->size < expected->len )
-    {
-        TEST_EQUAL( ret, MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-    }
-    else
-    {
-        TEST_EQUAL( ret, data->end - data->p );
-        TEST_ASSERT( data->p >= data->start );
-        TEST_ASSERT( data->p <= data->end );
-        ASSERT_COMPARE( data->p, (size_t)( data->end - data->p ),
-                        expected->x, expected->len );
-    }
-    ok = 1;
-
-exit:
-    mbedtls_free( data->output );
-    data->output = NULL;
-    return( ok );
-}
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_ASN1_WRITE_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void mbedtls_asn1_write_null( data_t *expected )
-{
-    generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 };
-    int ret;
-
-    for( data.size = 0; data.size < expected->len + 1; data.size++ )
-    {
-        if( ! generic_write_start_step( &data ) )
-            goto exit;
-        ret = mbedtls_asn1_write_null( &data.p, data.start );
-        if( ! generic_write_finish_step( &data, expected, ret ) )
-            goto exit;
-    }
-
-exit:
-    mbedtls_free( data.output );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_asn1_write_bool( int val, data_t *expected )
-{
-    generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 };
-    int ret;
-
-    for( data.size = 0; data.size < expected->len + 1; data.size++ )
-    {
-        if( ! generic_write_start_step( &data ) )
-            goto exit;
-        ret = mbedtls_asn1_write_bool( &data.p, data.start, val );
-        if( ! generic_write_finish_step( &data, expected, ret ) )
-            goto exit;
-    }
-
-exit:
-    mbedtls_free( data.output );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_asn1_write_int( int val, data_t *expected )
-{
-    generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 };
-    int ret;
-
-    for( data.size = 0; data.size < expected->len + 1; data.size++ )
-    {
-        if( ! generic_write_start_step( &data ) )
-            goto exit;
-        ret = mbedtls_asn1_write_int( &data.p, data.start, val );
-        if( ! generic_write_finish_step( &data, expected, ret ) )
-            goto exit;
-    }
-
-exit:
-    mbedtls_free( data.output );
-}
-/* END_CASE */
-
-
-/* BEGIN_CASE */
-void mbedtls_asn1_write_enum( int val, data_t *expected )
-{
-    generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 };
-    int ret;
-
-    for( data.size = 0; data.size < expected->len + 1; data.size++ )
-    {
-        if( ! generic_write_start_step( &data ) )
-            goto exit;
-        ret = mbedtls_asn1_write_enum( &data.p, data.start, val );
-        if( ! generic_write_finish_step( &data, expected, ret ) )
-            goto exit;
-    }
-
-exit:
-    mbedtls_free( data.output );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */
-void mbedtls_asn1_write_mpi( data_t *val, data_t *expected )
-{
-    generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 };
-    mbedtls_mpi mpi;
-    int ret;
-
-    mbedtls_mpi_init( &mpi );
-    TEST_ASSERT( mbedtls_mpi_read_binary( &mpi, val->x, val->len ) == 0 );
-
-    for( data.size = 0; data.size < expected->len + 1; data.size++ )
-    {
-        if( ! generic_write_start_step( &data ) )
-            goto exit;
-        ret = mbedtls_asn1_write_mpi( &data.p, data.start, &mpi );
-        if( ! generic_write_finish_step( &data, expected, ret ) )
-            goto exit;
-        if( expected->len > 10 && data.size == 8 )
-            data.size = expected->len - 2;
-    }
-
-exit:
-    mbedtls_mpi_free( &mpi );
-    mbedtls_free( data.output );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_asn1_write_string( int tag, data_t *content, data_t *expected )
-{
-    generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 };
-    int ret;
-
-    for( data.size = 0; data.size < expected->len + 1; data.size++ )
-    {
-        if( ! generic_write_start_step( &data ) )
-            goto exit;
-        switch( tag )
-        {
-            case MBEDTLS_ASN1_OCTET_STRING:
-                ret = mbedtls_asn1_write_octet_string(
-                    &data.p, data.start, content->x, content->len );
-                break;
-            case MBEDTLS_ASN1_OID:
-                ret = mbedtls_asn1_write_oid(
-                    &data.p, data.start,
-                    (const char *) content->x, content->len );
-                break;
-            case MBEDTLS_ASN1_UTF8_STRING:
-                ret = mbedtls_asn1_write_utf8_string(
-                    &data.p, data.start,
-                    (const char *) content->x, content->len );
-                break;
-            case MBEDTLS_ASN1_PRINTABLE_STRING:
-                ret = mbedtls_asn1_write_printable_string(
-                    &data.p, data.start,
-                    (const char *) content->x, content->len );
-                break;
-            case MBEDTLS_ASN1_IA5_STRING:
-                ret = mbedtls_asn1_write_ia5_string(
-                    &data.p, data.start,
-                    (const char *) content->x, content->len );
-                break;
-            default:
-                ret = mbedtls_asn1_write_tagged_string(
-                    &data.p, data.start, tag,
-                    (const char *) content->x, content->len );
-        }
-        if( ! generic_write_finish_step( &data, expected, ret ) )
-            goto exit;
-        if( expected->len > 10 && data.size == 8 )
-            data.size = expected->len - 2;
-    }
-
-exit:
-    mbedtls_free( data.output );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_asn1_write_algorithm_identifier( data_t *oid,
-                                              int par_len,
-                                              data_t *expected )
-{
-    generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 };
-    int ret;
-
-    for( data.size = 0; data.size < expected->len + 1; data.size++ )
-    {
-        if( ! generic_write_start_step( &data ) )
-            goto exit;
-        ret = mbedtls_asn1_write_algorithm_identifier(
-            &data.p, data.start,
-            (const char *) oid->x, oid->len, par_len );
-        /* If params_len != 0, mbedtls_asn1_write_algorithm_identifier()
-         * assumes that the parameters are already present in the buffer
-         * and returns a length that accounts for this, but our test
-         * data omits the parameters. */
-        if( ret >= 0 )
-            ret -= par_len;
-        if( ! generic_write_finish_step( &data, expected, ret ) )
-            goto exit;
-    }
-
-exit:
-    mbedtls_free( data.output );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */
-void mbedtls_asn1_write_len( int len, data_t * asn1, int buf_len,
-                             int result )
-{
-    int ret;
-    unsigned char buf[150];
-    unsigned char *p;
-    size_t i;
-    size_t read_len;
-
-    memset( buf, GUARD_VAL, sizeof( buf ) );
-
-    p = buf + GUARD_LEN + buf_len;
-
-    ret = mbedtls_asn1_write_len( &p, buf + GUARD_LEN, (size_t) len );
-
-    TEST_ASSERT( ret == result );
-
-    /* Check for buffer overwrite on both sides */
-    for( i = 0; i < GUARD_LEN; i++ )
-    {
-        TEST_ASSERT( buf[i] == GUARD_VAL );
-        TEST_ASSERT( buf[GUARD_LEN + buf_len + i] == GUARD_VAL );
-    }
-
-    if( result >= 0 )
-    {
-        TEST_ASSERT( p + asn1->len == buf + GUARD_LEN + buf_len );
-
-        TEST_ASSERT( memcmp( p, asn1->x, asn1->len ) == 0 );
-
-        /* Read back with mbedtls_asn1_get_len() to check */
-        ret = mbedtls_asn1_get_len( &p, buf + GUARD_LEN + buf_len, &read_len );
-
-        if( len == 0 )
-        {
-            TEST_ASSERT( ret == 0 );
-        }
-        else
-        {
-            /* Return will be MBEDTLS_ERR_ASN1_OUT_OF_DATA because the rest of
-             * the buffer is missing
-             */
-            TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-        }
-        TEST_ASSERT( read_len == (size_t) len );
-        TEST_ASSERT( p == buf + GUARD_LEN + buf_len );
-    }
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void test_asn1_write_bitstrings( data_t *bitstring, int bits,
-                                 data_t *expected, int is_named )
-{
-    generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 };
-    int ret;
-    int ( *func )( unsigned char **p, unsigned char *start,
-                   const unsigned char *buf, size_t bits ) =
-        ( is_named ? mbedtls_asn1_write_named_bitstring :
-          mbedtls_asn1_write_bitstring );
-
-    for( data.size = 0; data.size < expected->len + 1; data.size++ )
-    {
-        if( ! generic_write_start_step( &data ) )
-            goto exit;
-        ret = ( *func )( &data.p, data.start, bitstring->x, bits );
-        if( ! generic_write_finish_step( &data, expected, ret ) )
-            goto exit;
-    }
-
-exit:
-    mbedtls_free( data.output );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void store_named_data_find( data_t *oid0, data_t *oid1,
-                            data_t *oid2, data_t *oid3,
-                            data_t *needle, int from, int position )
-{
-    data_t *oid[4] = {oid0, oid1, oid2, oid3};
-    mbedtls_asn1_named_data nd[] ={
-        { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 },
-        { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 },
-        { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 },
-        { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 },
-    };
-    mbedtls_asn1_named_data *pointers[ARRAY_LENGTH( nd ) + 1];
-    size_t i;
-    mbedtls_asn1_named_data *head = NULL;
-    mbedtls_asn1_named_data *found = NULL;
-
-    for( i = 0; i < ARRAY_LENGTH( nd ); i++ )
-        pointers[i] = &nd[i];
-    pointers[ARRAY_LENGTH( nd )] = NULL;
-    for( i = 0; i < ARRAY_LENGTH( nd ); i++ )
-    {
-        ASSERT_ALLOC( nd[i].oid.p, oid[i]->len );
-        memcpy( nd[i].oid.p, oid[i]->x, oid[i]->len );
-        nd[i].oid.len = oid[i]->len;
-        nd[i].next = pointers[i+1];
-    }
-
-    head = pointers[from];
-    found = mbedtls_asn1_store_named_data( &head,
-                                           (const char *) needle->x,
-                                           needle->len,
-                                           NULL, 0 );
-
-    /* In any case, the existing list structure must be unchanged. */
-    for( i = 0; i < ARRAY_LENGTH( nd ); i++ )
-        TEST_ASSERT( nd[i].next == pointers[i+1] );
-
-    if( position >= 0 )
-    {
-        /* position should have been found and modified. */
-        TEST_ASSERT( head == pointers[from] );
-        TEST_ASSERT( found == pointers[position] );
-    }
-    else
-    {
-        /* A new entry should have been created. */
-        TEST_ASSERT( found == head );
-        TEST_ASSERT( head->next == pointers[from] );
-        for( i = 0; i < ARRAY_LENGTH( nd ); i++ )
-            TEST_ASSERT( found != &nd[i] );
-    }
-
-exit:
-    if( found != NULL && found == head && found != pointers[from] )
-    {
-        mbedtls_free( found->oid.p );
-        mbedtls_free( found );
-    }
-    for( i = 0; i < ARRAY_LENGTH( nd ); i++ )
-        mbedtls_free( nd[i].oid.p );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void store_named_data_val_found( int old_len, int new_len )
-{
-    mbedtls_asn1_named_data nd =
-        { {0x06, 3, (unsigned char *) "OID"}, {0, 0, NULL}, NULL, 0 };
-    mbedtls_asn1_named_data *head = &nd;
-    mbedtls_asn1_named_data *found = NULL;
-    unsigned char *old_val = NULL;
-    unsigned char *new_val = (unsigned char *) "new value";
-
-    if( old_len != 0 )
-    {
-        ASSERT_ALLOC( nd.val.p, (size_t) old_len );
-        old_val = nd.val.p;
-        nd.val.len = old_len;
-        memset( old_val, 'x', old_len );
-    }
-    if( new_len <= 0 )
-    {
-        new_len = - new_len;
-        new_val = NULL;
-    }
-
-    found = mbedtls_asn1_store_named_data( &head, "OID", 3,
-                                           new_val, new_len );
-    TEST_ASSERT( head == &nd );
-    TEST_ASSERT( found == head );
-
-    if( new_val != NULL)
-        ASSERT_COMPARE( found->val.p, found->val.len,
-                        new_val, (size_t) new_len );
-    if( new_len == 0)
-        TEST_ASSERT( found->val.p == NULL );
-    else if( new_len == old_len )
-        TEST_ASSERT( found->val.p == old_val );
-    else
-        TEST_ASSERT( found->val.p != old_val );
-
-exit:
-    mbedtls_free( nd.val.p );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void store_named_data_val_new( int new_len )
-{
-    mbedtls_asn1_named_data *head = NULL;
-    mbedtls_asn1_named_data *found = NULL;
-    const unsigned char *oid = (unsigned char *) "OID";
-    size_t oid_len = strlen( (const char *) oid );
-    const unsigned char *new_val = (unsigned char *) "new value";
-
-    if( new_len <= 0 )
-        new_val = NULL;
-    if( new_len < 0 )
-        new_len = - new_len;
-
-    found = mbedtls_asn1_store_named_data( &head,
-                                           (const char *) oid, oid_len,
-                                           new_val, (size_t) new_len );
-    TEST_ASSERT( found != NULL );
-    TEST_ASSERT( found == head );
-    TEST_ASSERT( found->oid.p != oid );
-    ASSERT_COMPARE( found->oid.p, found->oid.len, oid, oid_len );
-    if( new_len == 0 )
-        TEST_ASSERT( found->val.p == NULL );
-    else if( new_val == NULL )
-        TEST_ASSERT( found->val.p != NULL );
-    else
-    {
-        TEST_ASSERT( found->val.p != new_val );
-        ASSERT_COMPARE( found->val.p, found->val.len,
-                        new_val, (size_t) new_len );
-    }
-
-exit:
-    if( found != NULL )
-    {
-        mbedtls_free( found->oid.p );
-        mbedtls_free( found->val.p );
-    }
-    mbedtls_free( found );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_base64.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_base64.data
deleted file mode 100644
index da99ffa..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_base64.data
+++ /dev/null
@@ -1,172 +0,0 @@
-Test case mbedtls_base64_encode #1 buffer just right
-mbedtls_base64_encode:"":"":0:0
-
-Test case mbedtls_base64_encode #2 buffer just right
-mbedtls_base64_encode:"f":"Zg==":5:0
-
-Test case mbedtls_base64_encode #2 buffer too small
-mbedtls_base64_encode:"f":"Zg==":4:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
-
-Test case mbedtls_base64_encode #3 buffer just right
-mbedtls_base64_encode:"fo":"Zm8=":5:0
-
-Test case mbedtls_base64_encode #3 buffer too small
-mbedtls_base64_encode:"fo":"Zm8=":4:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
-
-Test case mbedtls_base64_encode #4 buffer just right
-mbedtls_base64_encode:"foo":"Zm9v":5:0
-
-Test case mbedtls_base64_encode #4 buffer too small
-mbedtls_base64_encode:"foo":"Zm9v":4:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
-
-Test case mbedtls_base64_encode #5 buffer just right
-mbedtls_base64_encode:"foob":"Zm9vYg==":9:0
-
-Test case mbedtls_base64_encode #5 buffer too small
-mbedtls_base64_encode:"foob":"Zm9vYg==":8:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
-
-Test case mbedtls_base64_encode #6 buffer just right
-mbedtls_base64_encode:"fooba":"Zm9vYmE=":9:0
-
-Test case mbedtls_base64_encode #6 buffer too small
-mbedtls_base64_encode:"fooba":"Zm9vYmE=":8:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
-
-Test case mbedtls_base64_encode #7 buffer just right
-mbedtls_base64_encode:"foobar":"Zm9vYmFy":9:0
-
-Test case mbedtls_base64_encode #7 buffer too small
-mbedtls_base64_encode:"foobar":"Zm9vYmFy":8:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
-
-Test case mbedtls_base64_decode #1
-mbedtls_base64_decode:"":"":0
-
-Test case mbedtls_base64_decode #2
-mbedtls_base64_decode:"Zg==":"f":0
-
-Test case mbedtls_base64_decode #3
-mbedtls_base64_decode:"Zm8=":"fo":0
-
-Test case mbedtls_base64_decode #4
-mbedtls_base64_decode:"Zm9v":"foo":0
-
-Test case mbedtls_base64_decode #5
-mbedtls_base64_decode:"Zm9vYg==":"foob":0
-
-Test case mbedtls_base64_decode #6
-mbedtls_base64_decode:"Zm9vYmE=":"fooba":0
-
-Test case mbedtls_base64_decode #7
-mbedtls_base64_decode:"Zm9vYmFy":"foobar":0
-
-Base64 decode (Illegal character)
-mbedtls_base64_decode:"zm#=":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
-
-Base64 decode (Too much equal signs)
-mbedtls_base64_decode:"zm===":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
-
-Base64 decode (Invalid char after equal signs)
-mbedtls_base64_decode:"zm=masd":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
-
-Base64 decode (Space inside string)
-mbedtls_base64_decode:"zm masd":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
-
-Base64 decode "Zm9vYmFy" (no newline nor '\0' at end)
-base64_decode_hex_src:"5a6d3976596d4679":"foobar":0
-
-Base64 decode "Zm9vYmFy\n" (LF at end)
-base64_decode_hex_src:"5a6d3976596d46790a":"foobar":0
-
-Base64 decode "Zm9vYmFy\r\n" (CRLF at end)
-base64_decode_hex_src:"5a6d3976596d46790d0a":"foobar":0
-
-Base64 decode "Zm9vYmFy\r" (CR at end)
-base64_decode_hex_src:"5a6d3976596d46790d":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
-
-Base64 decode "Zm9vYmFy " (SP at end)
-base64_decode_hex_src:"5a6d3976596d467920":"foobar":0
-
-Base64 decode "Zm9vYmFy \n" (SP+LF at end)
-base64_decode_hex_src:"5a6d3976596d4679200a":"foobar":0
-
-Base64 decode "Zm9vYmFy \r\n" (SP+CRLF at end)
-base64_decode_hex_src:"5a6d3976596d4679200d0a":"foobar":0
-
-Base64 decode "Zm9vYmFy \r" (SP+CR at end)
-base64_decode_hex_src:"5a6d3976596d4679200d":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
-
-Base64 decode "Zm9vYmFy  " (2SP at end)
-base64_decode_hex_src:"5a6d3976596d46792020":"foobar":0
-
-Base64 decode "Zm9vYmFy  \n" (2SP+LF at end)
-base64_decode_hex_src:"5a6d3976596d467920200a":"foobar":0
-
-Base64 decode "Zm9vYmFy  \r\n" (2SP+CRLF at end)
-base64_decode_hex_src:"5a6d3976596d467920200d0a":"foobar":0
-
-Base64 decode "Zm9vYmFy  \r" (2SP+CR at end)
-base64_decode_hex_src:"5a6d3976596d467920200d":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
-
-Base64 decode "Zm9vYmF\ny" (LF inside)
-base64_decode_hex_src:"5a6d3976596d460a79":"foobar":0
-
-Base64 decode "Zm9vYmF\ry" (CRLF inside)
-base64_decode_hex_src:"5a6d3976596d460d0a79":"foobar":0
-
-Base64 decode "Zm9vYmF\ry" (CR inside)
-base64_decode_hex_src:"5a6d3976596d460d79":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
-
-Base64 decode "Zm9vYmF y" (SP inside)
-base64_decode_hex_src:"5a6d3976596d462079":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
-
-Base64 decode "Zm9vYmF \ny" (SP+LF inside)
-base64_decode_hex_src:"5a6d3976596d46200a79":"foobar":0
-
-Base64 decode "Zm9vYmF \ry" (SP+CRLF inside)
-base64_decode_hex_src:"5a6d3976596d46200d0a79":"foobar":0
-
-Base64 decode "Zm9vYmF \ry" (SP+CR inside)
-base64_decode_hex_src:"5a6d3976596d46200d79":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
-
-Base64 decode "Zm9vYmF  y" (2SP inside)
-base64_decode_hex_src:"5a6d3976596d46202079":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
-
-Base64 decode "Zm9vYmF  \ny" (2SP+LF inside)
-base64_decode_hex_src:"5a6d3976596d4620200a79":"foobar":0
-
-Base64 decode "Zm9vYmF  \ry" (2SP+CRLF inside)
-base64_decode_hex_src:"5a6d3976596d4620200d0a79":"foobar":0
-
-Base64 decode "Zm9vYmF  \ry" (2SP+CR inside)
-base64_decode_hex_src:"5a6d3976596d4620200d79":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
-
-Base64 encode hex #1
-base64_encode_hex:"010203040506070809":"AQIDBAUGBwgJ":13:0
-
-Base64 encode hex #2 (buffer too small)
-base64_encode_hex:"010203040506070809":"AQIDBAUGBwgJ":12:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
-
-Base64 encode hex #3
-base64_encode_hex:"0102030405060708":"AQIDBAUGBwg=":13:0
-
-Base64 encode hex #4
-base64_encode_hex:"01020304050607":"AQIDBAUGBw==":13:0
-
-Base64 decode hex #1
-base64_decode_hex:"AQIDBAUGBwgJ":"010203040506070809":9:0
-
-Base64 decode hex #2 (buffer too small)
-base64_decode_hex:"AQIDBAUGBwgJ":"010203040506070809":8:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
-
-Base64 decode hex #3
-base64_decode_hex:"AQIDBAUGBwg=":"0102030405060708":8:0
-
-Base64 decode hex #4
-base64_decode_hex:"AQIDBAUGBw==":"01020304050607":7:0
-
-Base64 decode hex #5 (buffer too small)
-base64_decode_hex:"AQIDBAUGBw==":"01020304050607":6:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
-
-Base64 Selftest
-depends_on:MBEDTLS_SELF_TEST
-base64_selftest:
-
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_base64.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_base64.function
deleted file mode 100644
index dc6ec15..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_base64.function
+++ /dev/null
@@ -1,117 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/base64.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_BASE64_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void mbedtls_base64_encode( char * src_string, char * dst_string,
-                            int dst_buf_size, int result )
-{
-    unsigned char src_str[1000];
-    unsigned char dst_str[1000];
-    size_t len;
-
-    memset(src_str, 0x00, 1000);
-    memset(dst_str, 0x00, 1000);
-
-    strncpy( (char *) src_str, src_string, sizeof(src_str) - 1 );
-    TEST_ASSERT( mbedtls_base64_encode( dst_str, dst_buf_size, &len, src_str, strlen( (char *) src_str ) ) == result );
-    if( result == 0 )
-    {
-        TEST_ASSERT( strcmp( (char *) dst_str, dst_string ) == 0 );
-    }
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_base64_decode( char * src_string, char * dst_string, int result )
-{
-    unsigned char src_str[1000];
-    unsigned char dst_str[1000];
-    size_t len;
-    int res;
-
-    memset(src_str, 0x00, 1000);
-    memset(dst_str, 0x00, 1000);
-
-    strncpy( (char *) src_str, src_string, sizeof(src_str) - 1 );
-    res = mbedtls_base64_decode( dst_str, sizeof( dst_str ), &len, src_str, strlen( (char *) src_str ) );
-    TEST_ASSERT( res == result );
-    if( result == 0 )
-    {
-        TEST_ASSERT( strcmp( (char *) dst_str, dst_string ) == 0 );
-    }
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void base64_encode_hex( data_t * src, char * dst, int dst_buf_size,
-                        int result )
-{
-    unsigned char *res = NULL;
-    size_t len;
-
-    res = mbedtls_test_zero_alloc( dst_buf_size );
-
-    TEST_ASSERT( mbedtls_base64_encode( res, dst_buf_size, &len, src->x, src->len ) == result );
-    if( result == 0 )
-    {
-        TEST_ASSERT( len == strlen( dst ) );
-        TEST_ASSERT( memcmp( dst, res, len ) == 0 );
-    }
-
-exit:
-    mbedtls_free( res );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void base64_decode_hex( char * src, data_t * dst, int dst_buf_size,
-                        int result )
-{
-    unsigned char *res = NULL;
-    size_t len;
-
-    res = mbedtls_test_zero_alloc( dst_buf_size );
-
-    TEST_ASSERT( mbedtls_base64_decode( res, dst_buf_size, &len, (unsigned char *) src,
-                                strlen( src ) ) == result );
-    if( result == 0 )
-    {
-        TEST_ASSERT( len == dst->len );
-        TEST_ASSERT( memcmp( dst->x, res, len ) == 0 );
-    }
-
-exit:
-    mbedtls_free( res );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void base64_decode_hex_src( data_t * src, char * dst_ref, int result )
-{
-    unsigned char dst[1000] = { 0 };
-    size_t len;
-
-    TEST_ASSERT( mbedtls_base64_decode( dst, sizeof( dst ), &len, src->x, src->len ) == result );
-    if( result == 0 )
-    {
-        TEST_ASSERT( len == strlen( dst_ref ) );
-        TEST_ASSERT( memcmp( dst, dst_ref, len ) == 0 );
-    }
-
-exit:
-    ;;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void base64_selftest(  )
-{
-    TEST_ASSERT( mbedtls_base64_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_blowfish.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_blowfish.function
deleted file mode 100644
index f89353c..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_blowfish.function
+++ /dev/null
@@ -1,338 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/blowfish.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_BLOWFISH_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void blowfish_valid_param( )
-{
-    TEST_VALID_PARAM( mbedtls_blowfish_free( NULL ) );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void blowfish_invalid_param( )
-{
-    mbedtls_blowfish_context ctx;
-    unsigned char buf[16] = { 0 };
-    size_t const valid_keylength = sizeof( buf ) * 8;
-    size_t valid_mode = MBEDTLS_BLOWFISH_ENCRYPT;
-    size_t invalid_mode = 42;
-    size_t off;
-    ((void) off);
-
-    TEST_INVALID_PARAM( mbedtls_blowfish_init( NULL ) );
-    TEST_VALID_PARAM( mbedtls_blowfish_free( NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_setkey( NULL,
-                                                     buf,
-                                                     valid_keylength ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_setkey( &ctx,
-                                                     NULL,
-                                                     valid_keylength ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_ecb( NULL,
-                                                     valid_mode,
-                                                     buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_ecb( &ctx,
-                                                        invalid_mode,
-                                                        buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_ecb( &ctx,
-                                                        valid_mode,
-                                                        NULL, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_ecb( &ctx,
-                                                        valid_mode,
-                                                        buf, NULL ) );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_cbc( NULL,
-                                                        valid_mode,
-                                                        sizeof( buf ),
-                                                        buf, buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_cbc( &ctx,
-                                                        invalid_mode,
-                                                        sizeof( buf ),
-                                                        buf, buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_cbc( &ctx,
-                                                        valid_mode,
-                                                        sizeof( buf ),
-                                                        NULL, buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_cbc( &ctx,
-                                                        valid_mode,
-                                                        sizeof( buf ),
-                                                        buf, NULL, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_cbc( &ctx,
-                                                        valid_mode,
-                                                        sizeof( buf ),
-                                                        buf, buf, NULL ) );
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_cfb64( NULL,
-                                                          valid_mode,
-                                                          sizeof( buf ),
-                                                          &off, buf,
-                                                          buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_cfb64( &ctx,
-                                                          invalid_mode,
-                                                          sizeof( buf ),
-                                                          &off, buf,
-                                                          buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_cfb64( &ctx,
-                                                          valid_mode,
-                                                          sizeof( buf ),
-                                                          NULL, buf,
-                                                          buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_cfb64( &ctx,
-                                                          valid_mode,
-                                                          sizeof( buf ),
-                                                          &off, NULL,
-                                                          buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_cfb64( &ctx,
-                                                          valid_mode,
-                                                          sizeof( buf ),
-                                                          &off, buf,
-                                                          NULL, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_cfb64( &ctx,
-                                                          valid_mode,
-                                                          sizeof( buf ),
-                                                          &off, buf,
-                                                          buf, NULL ) );
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_ctr( NULL,
-                                                        sizeof( buf ),
-                                                        &off,
-                                                        buf, buf,
-                                                        buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_ctr( &ctx,
-                                                        sizeof( buf ),
-                                                        NULL,
-                                                        buf, buf,
-                                                        buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_ctr( &ctx,
-                                                        sizeof( buf ),
-                                                        &off,
-                                                        NULL, buf,
-                                                        buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_ctr( &ctx,
-                                                        sizeof( buf ),
-                                                        &off,
-                                                        buf, NULL,
-                                                        buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_ctr( &ctx,
-                                                        sizeof( buf ),
-                                                        &off,
-                                                        buf, buf,
-                                                        NULL, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
-                            mbedtls_blowfish_crypt_ctr( &ctx,
-                                                        sizeof( buf ),
-                                                        &off,
-                                                        buf, buf,
-                                                        buf, NULL ) );
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-exit:
-    return;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void blowfish_encrypt_ecb( data_t * key_str, data_t * src_str,
-                           data_t * dst, int setkey_result )
-{
-    unsigned char output[100];
-    mbedtls_blowfish_context ctx;
-
-    memset(output, 0x00, 100);
-    mbedtls_blowfish_init( &ctx );
-
-
-    TEST_ASSERT( mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ) == setkey_result );
-    if( setkey_result == 0 )
-    {
-        TEST_ASSERT( mbedtls_blowfish_crypt_ecb( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->x, output ) == 0 );
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 );
-    }
-
-exit:
-    mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void blowfish_decrypt_ecb( data_t * key_str, data_t * src_str,
-                           data_t * dst, int setkey_result )
-{
-    unsigned char output[100];
-    mbedtls_blowfish_context ctx;
-
-    memset(output, 0x00, 100);
-    mbedtls_blowfish_init( &ctx );
-
-
-    TEST_ASSERT( mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ) == setkey_result );
-    if( setkey_result == 0 )
-    {
-        TEST_ASSERT( mbedtls_blowfish_crypt_ecb( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->x, output ) == 0 );
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 );
-    }
-
-exit:
-    mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void blowfish_encrypt_cbc( data_t * key_str, data_t * iv_str,
-                           data_t * src_str, data_t * dst,
-                           int cbc_result )
-{
-    unsigned char output[100];
-    mbedtls_blowfish_context ctx;
-
-    memset(output, 0x00, 100);
-    mbedtls_blowfish_init( &ctx );
-
-
-    mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 );
-
-    TEST_ASSERT( mbedtls_blowfish_crypt_cbc( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->len , iv_str->x, src_str->x, output ) == cbc_result );
-    if( cbc_result == 0 )
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x,
-                                          src_str->len, dst->len ) == 0 );
-    }
-
-exit:
-    mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void blowfish_decrypt_cbc( data_t * key_str, data_t * iv_str,
-                           data_t * src_str, data_t * dst,
-                           int cbc_result )
-{
-    unsigned char output[100];
-    mbedtls_blowfish_context ctx;
-
-    memset(output, 0x00, 100);
-    mbedtls_blowfish_init( &ctx );
-
-
-    mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 );
-    TEST_ASSERT( mbedtls_blowfish_crypt_cbc( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->len , iv_str->x, src_str->x, output ) == cbc_result );
-    if( cbc_result == 0)
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len,
-                                          dst->len ) == 0 );
-    }
-
-exit:
-    mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void blowfish_encrypt_cfb64( data_t * key_str, data_t * iv_str,
-                             data_t * src_str, data_t * dst )
-{
-    unsigned char output[100];
-    mbedtls_blowfish_context ctx;
-    size_t iv_offset = 0;
-
-    memset(output, 0x00, 100);
-    mbedtls_blowfish_init( &ctx );
-
-
-    mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 );
-    TEST_ASSERT( mbedtls_blowfish_crypt_cfb64( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->len, &iv_offset, iv_str->x, src_str->x, output ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len,
-                                      dst->len ) == 0 );
-
-exit:
-    mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void blowfish_decrypt_cfb64( data_t * key_str, data_t * iv_str,
-                             data_t * src_str, data_t * dst )
-{
-    unsigned char output[100];
-    mbedtls_blowfish_context ctx;
-    size_t iv_offset = 0;
-
-    memset(output, 0x00, 100);
-    mbedtls_blowfish_init( &ctx );
-
-
-    mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 );
-    TEST_ASSERT( mbedtls_blowfish_crypt_cfb64( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->len, &iv_offset, iv_str->x, src_str->x, output ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len,
-                                      dst->len ) == 0 );
-
-exit:
-    mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */
-void blowfish_encrypt_ctr( data_t * key_str, data_t * iv_str,
-                           data_t * src_str, data_t * dst )
-{
-    unsigned char stream_str[100];
-    unsigned char output[100];
-    mbedtls_blowfish_context ctx;
-    size_t iv_offset = 0;
-
-    memset(stream_str, 0x00, 100);
-    memset(output, 0x00, 100);
-    mbedtls_blowfish_init( &ctx );
-
-
-    mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 );
-    TEST_ASSERT( mbedtls_blowfish_crypt_ctr( &ctx, src_str->len, &iv_offset, iv_str->x, stream_str, src_str->x, output ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len,
-                                      dst->len ) == 0 );
-
-exit:
-    mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_camellia.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_camellia.function
deleted file mode 100644
index 312495c..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_camellia.function
+++ /dev/null
@@ -1,325 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/camellia.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_CAMELLIA_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void camellia_valid_param( )
-{
-    TEST_VALID_PARAM( mbedtls_camellia_free( NULL ) );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void camellia_invalid_param( )
-{
-    mbedtls_camellia_context ctx;
-    unsigned char buf[16] = { 0 };
-    const size_t valid_keybits   = 128;
-    const int invalid_mode = 42;
-    const int valid_mode = MBEDTLS_CAMELLIA_ENCRYPT;
-    size_t off;
-    ((void) off);
-
-    TEST_INVALID_PARAM( mbedtls_camellia_init( NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_setkey_enc( NULL,
-                                                         buf,
-                                                         valid_keybits ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_setkey_enc( &ctx,
-                                                         NULL,
-                                                         valid_keybits ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_setkey_dec( NULL,
-                                                         buf,
-                                                         valid_keybits ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_setkey_dec( &ctx,
-                                                         NULL,
-                                                         valid_keybits ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_ecb( NULL,
-                                                        valid_mode,
-                                                        buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_ecb( &ctx,
-                                                        invalid_mode,
-                                                        buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_ecb( &ctx,
-                                                        valid_mode,
-                                                        NULL, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_ecb( &ctx,
-                                                        valid_mode,
-                                                        buf, NULL ) );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_cbc( NULL,
-                                                        valid_mode,
-                                                        sizeof( buf ),
-                                                        buf, buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_cbc( &ctx,
-                                                        invalid_mode,
-                                                        sizeof( buf ),
-                                                        buf, buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_cbc( &ctx,
-                                                        valid_mode,
-                                                        sizeof( buf ),
-                                                        NULL, buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_cbc( &ctx,
-                                                        valid_mode,
-                                                        sizeof( buf ),
-                                                        buf, NULL, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_cbc( &ctx,
-                                                        valid_mode,
-                                                        sizeof( buf ),
-                                                        buf, buf, NULL ) );
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_cfb128( NULL,
-                                                           valid_mode,
-                                                           sizeof( buf ),
-                                                           &off, buf,
-                                                           buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_cfb128( &ctx,
-                                                           invalid_mode,
-                                                           sizeof( buf ),
-                                                           &off, buf,
-                                                           buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_cfb128( &ctx,
-                                                           valid_mode,
-                                                           sizeof( buf ),
-                                                           NULL, buf,
-                                                           buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_cfb128( &ctx,
-                                                           valid_mode,
-                                                           sizeof( buf ),
-                                                           &off, NULL,
-                                                           buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_cfb128( &ctx,
-                                                           valid_mode,
-                                                           sizeof( buf ),
-                                                           &off, buf,
-                                                           NULL, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_cfb128( &ctx,
-                                                           valid_mode,
-                                                           sizeof( buf ),
-                                                           &off, buf,
-                                                           buf, NULL ) );
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_ctr( NULL,
-                                                        sizeof( buf ),
-                                                        &off,
-                                                        buf, buf,
-                                                        buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_ctr( &ctx,
-                                                        sizeof( buf ),
-                                                        NULL,
-                                                        buf, buf,
-                                                        buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_ctr( &ctx,
-                                                        sizeof( buf ),
-                                                        &off,
-                                                        NULL, buf,
-                                                        buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_ctr( &ctx,
-                                                        sizeof( buf ),
-                                                        &off,
-                                                        buf, NULL,
-                                                        buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_ctr( &ctx,
-                                                        sizeof( buf ),
-                                                        &off,
-                                                        buf, buf,
-                                                        NULL, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
-                            mbedtls_camellia_crypt_ctr( &ctx,
-                                                        sizeof( buf ),
-                                                        &off,
-                                                        buf, buf,
-                                                        buf, NULL ) );
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-exit:
-    return;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void camellia_encrypt_ecb( data_t * key_str, data_t * src_str,
-                           data_t * dst, int setkey_result )
-{
-    unsigned char output[100];
-    mbedtls_camellia_context ctx;
-
-    memset(output, 0x00, 100);
-    mbedtls_camellia_init( &ctx );
-
-
-    TEST_ASSERT( mbedtls_camellia_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) == setkey_result );
-    if( setkey_result == 0 )
-    {
-        TEST_ASSERT( mbedtls_camellia_crypt_ecb( &ctx, MBEDTLS_CAMELLIA_ENCRYPT, src_str->x, output ) == 0 );
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 );
-    }
-
-exit:
-    mbedtls_camellia_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void camellia_decrypt_ecb( data_t * key_str, data_t * src_str,
-                           data_t * dst, int setkey_result )
-{
-    unsigned char output[100];
-    mbedtls_camellia_context ctx;
-
-    memset(output, 0x00, 100);
-    mbedtls_camellia_init( &ctx );
-
-
-    TEST_ASSERT( mbedtls_camellia_setkey_dec( &ctx, key_str->x, key_str->len * 8 ) == setkey_result );
-    if( setkey_result == 0 )
-    {
-        TEST_ASSERT( mbedtls_camellia_crypt_ecb( &ctx, MBEDTLS_CAMELLIA_DECRYPT, src_str->x, output ) == 0 );
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 );
-    }
-
-exit:
-    mbedtls_camellia_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void camellia_encrypt_cbc( data_t * key_str, data_t * iv_str,
-                           data_t * src_str, data_t * dst, int cbc_result )
-{
-    unsigned char output[100];
-    mbedtls_camellia_context ctx;
-
-    memset(output, 0x00, 100);
-    mbedtls_camellia_init( &ctx );
-
-
-    mbedtls_camellia_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
-    TEST_ASSERT( mbedtls_camellia_crypt_cbc( &ctx, MBEDTLS_CAMELLIA_ENCRYPT, src_str->len, iv_str->x, src_str->x, output) == cbc_result );
-    if( cbc_result == 0 )
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len,
-                                          dst->len ) == 0 );
-    }
-
-exit:
-    mbedtls_camellia_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void camellia_decrypt_cbc( data_t * key_str, data_t * iv_str,
-                           data_t * src_str, data_t * dst,
-                           int cbc_result )
-{
-    unsigned char output[100];
-    mbedtls_camellia_context ctx;
-
-    memset(output, 0x00, 100);
-    mbedtls_camellia_init( &ctx );
-
-
-    mbedtls_camellia_setkey_dec( &ctx, key_str->x, key_str->len * 8 );
-    TEST_ASSERT( mbedtls_camellia_crypt_cbc( &ctx, MBEDTLS_CAMELLIA_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result );
-    if( cbc_result == 0 )
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len,
-                                          dst->len ) == 0 );
-    }
-
-exit:
-    mbedtls_camellia_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void camellia_encrypt_cfb128( data_t * key_str, data_t * iv_str,
-                              data_t * src_str, data_t * dst )
-{
-    unsigned char output[100];
-    mbedtls_camellia_context ctx;
-    size_t iv_offset = 0;
-
-    memset(output, 0x00, 100);
-    mbedtls_camellia_init( &ctx );
-
-
-    mbedtls_camellia_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
-    TEST_ASSERT( mbedtls_camellia_crypt_cfb128( &ctx, MBEDTLS_CAMELLIA_ENCRYPT, 16, &iv_offset, iv_str->x, src_str->x, output ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 );
-
-exit:
-    mbedtls_camellia_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void camellia_decrypt_cfb128( data_t * key_str, data_t * iv_str,
-                              data_t * src_str,
-                              data_t * dst )
-{
-    unsigned char output[100];
-    mbedtls_camellia_context ctx;
-    size_t iv_offset = 0;
-
-    memset(output, 0x00, 100);
-    mbedtls_camellia_init( &ctx );
-
-
-    mbedtls_camellia_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
-    TEST_ASSERT( mbedtls_camellia_crypt_cfb128( &ctx, MBEDTLS_CAMELLIA_DECRYPT, 16, &iv_offset, iv_str->x, src_str->x, output ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 );
-
-exit:
-    mbedtls_camellia_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void camellia_selftest(  )
-{
-    TEST_ASSERT( mbedtls_camellia_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ccm.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ccm.function
deleted file mode 100644
index faa7e13..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ccm.function
+++ /dev/null
@@ -1,511 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/ccm.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_CCM_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */
-void mbedtls_ccm_self_test(  )
-{
-    TEST_ASSERT( mbedtls_ccm_self_test( 1 ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_ccm_setkey( int cipher_id, int key_size, int result )
-{
-    mbedtls_ccm_context ctx;
-    unsigned char key[32];
-    int ret;
-
-    mbedtls_ccm_init( &ctx );
-
-    memset( key, 0x2A, sizeof( key ) );
-    TEST_ASSERT( (unsigned) key_size <= 8 * sizeof( key ) );
-
-    ret = mbedtls_ccm_setkey( &ctx, cipher_id, key, key_size );
-    TEST_ASSERT( ret == result );
-
-exit:
-    mbedtls_ccm_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
-void ccm_lengths( int msg_len, int iv_len, int add_len, int tag_len, int res )
-{
-    mbedtls_ccm_context ctx;
-    unsigned char key[16];
-    unsigned char msg[10];
-    unsigned char iv[14];
-    unsigned char *add = NULL;
-    unsigned char out[10];
-    unsigned char tag[18];
-    int decrypt_ret;
-
-    mbedtls_ccm_init( &ctx );
-
-    ASSERT_ALLOC_WEAK( add, add_len );
-    memset( key, 0, sizeof( key ) );
-    memset( msg, 0, sizeof( msg ) );
-    memset( iv, 0, sizeof( iv ) );
-    memset( out, 0, sizeof( out ) );
-    memset( tag, 0, sizeof( tag ) );
-
-    TEST_ASSERT( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
-                                 key, 8 * sizeof( key ) ) == 0 );
-
-    TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg_len, iv, iv_len, add, add_len,
-                                      msg, out, tag, tag_len ) == res );
-
-    decrypt_ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len, iv, iv_len, add, add_len,
-                                    msg, out, tag, tag_len );
-
-    if( res == 0 )
-        TEST_ASSERT( decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED );
-    else
-        TEST_ASSERT( decrypt_ret == res );
-
-exit:
-    mbedtls_free( add );
-    mbedtls_ccm_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
-void ccm_star_lengths( int msg_len, int iv_len, int add_len, int tag_len,
-                       int res )
-{
-    mbedtls_ccm_context ctx;
-    unsigned char key[16];
-    unsigned char msg[10];
-    unsigned char iv[14];
-    unsigned char add[10];
-    unsigned char out[10];
-    unsigned char tag[18];
-    int decrypt_ret;
-
-    mbedtls_ccm_init( &ctx );
-
-    memset( key, 0, sizeof( key ) );
-    memset( msg, 0, sizeof( msg ) );
-    memset( iv, 0, sizeof( iv ) );
-    memset( add, 0, sizeof( add ) );
-    memset( out, 0, sizeof( out ) );
-    memset( tag, 0, sizeof( tag ) );
-
-    TEST_ASSERT( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
-                                 key, 8 * sizeof( key ) ) == 0 );
-
-    TEST_ASSERT( mbedtls_ccm_star_encrypt_and_tag( &ctx, msg_len, iv, iv_len,
-                 add, add_len, msg, out, tag, tag_len ) == res );
-
-    decrypt_ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg_len, iv, iv_len, add,
-                  add_len, msg, out, tag, tag_len );
-
-    if( res == 0 && tag_len != 0 )
-        TEST_ASSERT( decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED );
-    else
-        TEST_ASSERT( decrypt_ret == res );
-
-exit:
-    mbedtls_ccm_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_ccm_encrypt_and_tag( int cipher_id, data_t * key,
-                                  data_t * msg, data_t * iv,
-                                  data_t * add, data_t * result )
-{
-    mbedtls_ccm_context ctx;
-    size_t tag_len;
-    uint8_t * msg_n_tag = (uint8_t *)malloc( result->len + 2 );
-
-    mbedtls_ccm_init( &ctx );
-
-    memset( msg_n_tag, 0, result->len + 2 );
-    memcpy( msg_n_tag, msg->x, msg->len );
-
-    tag_len = result->len - msg->len;
-
-    TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 );
-
-    /* Test with input == output */
-    TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg->len, iv->x, iv->len, add->x, add->len,
-                 msg_n_tag, msg_n_tag, msg_n_tag + msg->len, tag_len ) == 0 );
-
-    TEST_ASSERT( memcmp( msg_n_tag, result->x, result->len ) == 0 );
-
-    /* Check we didn't write past the end */
-    TEST_ASSERT( msg_n_tag[result->len] == 0 && msg_n_tag[result->len + 1] == 0 );
-
-exit:
-    mbedtls_ccm_free( &ctx );
-    free( msg_n_tag );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_ccm_auth_decrypt( int cipher_id, data_t * key,
-                               data_t * msg, data_t * iv,
-                               data_t * add, int tag_len, int result,
-                               data_t * expected_msg )
-{
-    unsigned char tag[16];
-    mbedtls_ccm_context ctx;
-
-    mbedtls_ccm_init( &ctx );
-
-    memset( tag, 0x00, sizeof( tag ) );
-
-    msg->len -= tag_len;
-    memcpy( tag, msg->x + msg->len, tag_len );
-
-    TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 );
-
-    /* Test with input == output */
-    TEST_ASSERT( mbedtls_ccm_auth_decrypt( &ctx, msg->len, iv->x, iv->len, add->x, add->len,
-                 msg->x, msg->x, msg->x + msg->len, tag_len ) == result );
-
-    if( result == 0 )
-    {
-        TEST_ASSERT( memcmp( msg->x, expected_msg->x, expected_msg->len ) == 0 );
-    }
-    else
-    {
-        size_t i;
-
-        for( i = 0; i < msg->len; i++ )
-            TEST_ASSERT( msg->x[i] == 0 );
-    }
-
-    /* Check we didn't write past the end (where the original tag is) */
-    TEST_ASSERT( memcmp( msg->x + msg->len, tag, tag_len ) == 0 );
-
-exit:
-    mbedtls_ccm_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_ccm_star_encrypt_and_tag( int cipher_id,
-                            data_t *key, data_t *msg,
-                            data_t *source_address, data_t *frame_counter,
-                            int sec_level, data_t *add,
-                            data_t *expected_result, int output_ret )
-{
-    unsigned char iv[13];
-    unsigned char result[50];
-    mbedtls_ccm_context ctx;
-    size_t i, iv_len, tag_len;
-    int ret;
-
-    mbedtls_ccm_init( &ctx );
-
-    memset( iv, 0x00, sizeof( iv ) );
-    memset( result, 0x00, sizeof( result ) );
-
-    if( sec_level % 4 == 0)
-        tag_len = 0;
-    else
-        tag_len = 1 << ( sec_level % 4 + 1);
-
-    for( i = 0; i < source_address->len; i++ )
-        iv[i] = source_address->x[i];
-
-    for( i = 0; i < frame_counter->len; i++ )
-        iv[source_address->len + i] = frame_counter->x[i];
-
-    iv[source_address->len + frame_counter->len] = sec_level;
-    iv_len = sizeof( iv );
-
-    TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id,
-                                     key->x, key->len * 8 ) == 0 );
-
-    ret = mbedtls_ccm_star_encrypt_and_tag( &ctx, msg->len, iv, iv_len,
-                                            add->x, add->len, msg->x,
-                                            result, result + msg->len, tag_len );
-
-    TEST_ASSERT( ret == output_ret );
-
-    TEST_ASSERT( memcmp( result,
-                         expected_result->x, expected_result->len ) == 0 );
-
-    /* Check we didn't write past the end */
-    TEST_ASSERT( result[expected_result->len] == 0 &&
-                 result[expected_result->len + 1] == 0 );
-
-exit:
-    mbedtls_ccm_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_ccm_star_auth_decrypt( int cipher_id,
-                            data_t *key, data_t *msg,
-                            data_t *source_address, data_t *frame_counter,
-                            int sec_level, data_t *add,
-                            data_t *expected_result, int output_ret )
-{
-    unsigned char iv[13];
-    unsigned char result[50];
-    mbedtls_ccm_context ctx;
-    size_t i, iv_len, tag_len;
-    int ret;
-
-    mbedtls_ccm_init( &ctx );
-
-    memset( iv, 0x00, sizeof( iv ) );
-    memset( result, '+', sizeof( result ) );
-
-    if( sec_level % 4 == 0)
-        tag_len = 0;
-    else
-        tag_len = 1 << ( sec_level % 4 + 1);
-
-    for( i = 0; i < source_address->len; i++ )
-        iv[i] = source_address->x[i];
-
-    for( i = 0; i < frame_counter->len; i++ )
-        iv[source_address->len + i] = frame_counter->x[i];
-
-    iv[source_address->len + frame_counter->len] = sec_level;
-    iv_len = sizeof( iv );
-
-    TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 );
-
-    ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg->len - tag_len, iv, iv_len,
-                                         add->x, add->len, msg->x, result,
-                                         msg->x + msg->len - tag_len, tag_len );
-
-    TEST_ASSERT( ret == output_ret );
-
-    TEST_ASSERT( memcmp( result, expected_result->x,
-                                 expected_result->len ) == 0 );
-
-    /* Check we didn't write past the end (where the original tag is) */
-    TEST_ASSERT( ( msg->len + 2 ) <= sizeof( result ) );
-    TEST_EQUAL( result[msg->len], '+' );
-    TEST_EQUAL( result[msg->len + 1], '+' );
-
-exit:
-    mbedtls_ccm_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void ccm_invalid_param( )
-{
-    struct mbedtls_ccm_context ctx;
-    unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 };
-    mbedtls_cipher_id_t valid_cipher = MBEDTLS_CIPHER_ID_AES;
-    int valid_len = sizeof(valid_buffer);
-    int valid_bitlen = valid_len * 8;
-
-    mbedtls_ccm_init( &ctx );
-
-    /* mbedtls_ccm_init() */
-    TEST_INVALID_PARAM( mbedtls_ccm_init( NULL ) );
-
-    /* mbedtls_ccm_setkey() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_setkey( NULL, valid_cipher, valid_buffer, valid_bitlen ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_setkey( &ctx, valid_cipher, NULL, valid_bitlen ) );
-
-    /* mbedtls_ccm_encrypt_and_tag() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_encrypt_and_tag( NULL, valid_len,
-                                     valid_buffer, valid_len,
-                                     valid_buffer, valid_len,
-                                     valid_buffer, valid_buffer,
-                                     valid_buffer, valid_len ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_encrypt_and_tag( &ctx, valid_len,
-                                     NULL, valid_len,
-                                     valid_buffer, valid_len,
-                                     valid_buffer, valid_buffer,
-                                     valid_buffer, valid_len ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_encrypt_and_tag( &ctx, valid_len,
-                                     valid_buffer, valid_len,
-                                     NULL, valid_len,
-                                     valid_buffer, valid_buffer,
-                                     valid_buffer, valid_len ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_encrypt_and_tag( &ctx, valid_len,
-                                     valid_buffer, valid_len,
-                                     valid_buffer, valid_len,
-                                     NULL, valid_buffer,
-                                     valid_buffer, valid_len ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_encrypt_and_tag( &ctx, valid_len,
-                                     valid_buffer, valid_len,
-                                     valid_buffer, valid_len,
-                                     valid_buffer, NULL,
-                                     valid_buffer, valid_len ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_encrypt_and_tag( &ctx, valid_len,
-                                     valid_buffer, valid_len,
-                                     valid_buffer, valid_len,
-                                     valid_buffer, valid_buffer,
-                                     NULL, valid_len ) );
-
-    /* mbedtls_ccm_star_encrypt_and_tag() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_star_encrypt_and_tag( NULL, valid_len,
-                                          valid_buffer, valid_len,
-                                          valid_buffer, valid_len,
-                                          valid_buffer, valid_buffer,
-                                          valid_buffer, valid_len) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len,
-                                          NULL, valid_len,
-                                          valid_buffer, valid_len,
-                                          valid_buffer, valid_buffer,
-                                          valid_buffer, valid_len ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len,
-                                          valid_buffer, valid_len,
-                                          NULL, valid_len,
-                                          valid_buffer, valid_buffer,
-                                          valid_buffer, valid_len ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len,
-                                          valid_buffer, valid_len,
-                                          valid_buffer, valid_len,
-                                          NULL, valid_buffer,
-                                          valid_buffer, valid_len ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len,
-                                          valid_buffer, valid_len,
-                                          valid_buffer, valid_len,
-                                          valid_buffer, NULL,
-                                          valid_buffer, valid_len ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len,
-                                          valid_buffer, valid_len,
-                                          valid_buffer, valid_len,
-                                          valid_buffer, valid_buffer,
-                                          NULL, valid_len ) );
-
-    /* mbedtls_ccm_auth_decrypt() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_auth_decrypt( NULL, valid_len,
-                                  valid_buffer, valid_len,
-                                  valid_buffer, valid_len,
-                                  valid_buffer, valid_buffer,
-                                  valid_buffer, valid_len ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_auth_decrypt( &ctx, valid_len,
-                                  NULL, valid_len,
-                                  valid_buffer, valid_len,
-                                  valid_buffer, valid_buffer,
-                                  valid_buffer, valid_len ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_auth_decrypt( &ctx, valid_len,
-                                  valid_buffer, valid_len,
-                                  NULL, valid_len,
-                                  valid_buffer, valid_buffer,
-                                  valid_buffer, valid_len ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_auth_decrypt( &ctx, valid_len,
-                                  valid_buffer, valid_len,
-                                  valid_buffer, valid_len,
-                                  NULL, valid_buffer,
-                                  valid_buffer, valid_len ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_auth_decrypt( &ctx, valid_len,
-                                  valid_buffer, valid_len,
-                                  valid_buffer, valid_len,
-                                  valid_buffer, NULL,
-                                  valid_buffer, valid_len ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_auth_decrypt( &ctx, valid_len,
-                                  valid_buffer, valid_len,
-                                  valid_buffer, valid_len,
-                                  valid_buffer, valid_buffer,
-                                  NULL, valid_len ) );
-
-    /* mbedtls_ccm_star_auth_decrypt() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_star_auth_decrypt( NULL, valid_len,
-                                       valid_buffer, valid_len,
-                                       valid_buffer, valid_len,
-                                       valid_buffer, valid_buffer,
-                                       valid_buffer, valid_len ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_star_auth_decrypt( &ctx, valid_len,
-                                       NULL, valid_len,
-                                       valid_buffer, valid_len,
-                                       valid_buffer, valid_buffer,
-                                       valid_buffer, valid_len ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_star_auth_decrypt( &ctx, valid_len,
-                                       valid_buffer, valid_len,
-                                       NULL, valid_len,
-                                       valid_buffer, valid_buffer,
-                                       valid_buffer, valid_len ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_star_auth_decrypt( &ctx, valid_len,
-                                       valid_buffer, valid_len,
-                                       valid_buffer, valid_len,
-                                       NULL, valid_buffer,
-                                       valid_buffer, valid_len ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_star_auth_decrypt( &ctx, valid_len,
-                                       valid_buffer, valid_len,
-                                       valid_buffer, valid_len,
-                                       valid_buffer, NULL,
-                                       valid_buffer, valid_len ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CCM_BAD_INPUT,
-        mbedtls_ccm_star_auth_decrypt( &ctx, valid_len,
-                                       valid_buffer, valid_len,
-                                       valid_buffer, valid_len,
-                                       valid_buffer, valid_buffer,
-                                       NULL, valid_len ) );
-
-exit:
-    mbedtls_ccm_free( &ctx );
-    return;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ccm_valid_param( )
-{
-    TEST_VALID_PARAM( mbedtls_ccm_free( NULL ) );
-exit:
-    return;
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_chacha20.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_chacha20.function
deleted file mode 100644
index 67c8de2..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_chacha20.function
+++ /dev/null
@@ -1,120 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/chacha20.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_CHACHA20_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void chacha20_crypt( data_t *key_str,
-                     data_t *nonce_str,
-                     int counter,
-                     data_t *src_str,
-                     data_t *expected_output_str )
-{
-    unsigned char output[375];
-    mbedtls_chacha20_context ctx;
-
-    memset( output, 0x00, sizeof( output ) );
-
-    TEST_ASSERT( src_str->len   == expected_output_str->len );
-    TEST_ASSERT( key_str->len   == 32U );
-    TEST_ASSERT( nonce_str->len == 12U );
-
-    /*
-     * Test the integrated API
-     */
-    TEST_ASSERT( mbedtls_chacha20_crypt( key_str->x, nonce_str->x, counter, src_str->len, src_str->x, output ) == 0 );
-
-    ASSERT_COMPARE( output, expected_output_str->len,
-                    expected_output_str->x, expected_output_str->len );
-
-    /*
-     * Test the streaming API
-     */
-    mbedtls_chacha20_init( &ctx );
-
-    TEST_ASSERT( mbedtls_chacha20_setkey( &ctx, key_str->x ) == 0 );
-
-    TEST_ASSERT( mbedtls_chacha20_starts( &ctx, nonce_str->x, counter ) == 0 );
-
-    memset( output, 0x00, sizeof( output ) );
-    TEST_ASSERT( mbedtls_chacha20_update( &ctx, src_str->len, src_str->x, output ) == 0 );
-
-    ASSERT_COMPARE( output, expected_output_str->len,
-                    expected_output_str->x, expected_output_str->len );
-
-    /*
-     * Test the streaming API again, piecewise
-     */
-
-    /* Don't free/init the context nor set the key again,
-     * in order to test that starts() does the right thing. */
-    TEST_ASSERT( mbedtls_chacha20_starts( &ctx, nonce_str->x, counter ) == 0 );
-
-    memset( output, 0x00, sizeof( output ) );
-    TEST_ASSERT( mbedtls_chacha20_update( &ctx, 1, src_str->x, output ) == 0 );
-    TEST_ASSERT( mbedtls_chacha20_update( &ctx, src_str->len - 1,
-                                          src_str->x + 1, output + 1 ) == 0 );
-
-    ASSERT_COMPARE( output, expected_output_str->len,
-                    expected_output_str->x, expected_output_str->len );
-
-    mbedtls_chacha20_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void chacha20_bad_params()
-{
-    unsigned char key[32];
-    unsigned char nonce[12];
-    unsigned char src[1];
-    unsigned char dst[1];
-    uint32_t counter = 0;
-    size_t len = sizeof( src );
-    mbedtls_chacha20_context ctx;
-
-    TEST_INVALID_PARAM( mbedtls_chacha20_init( NULL ) );
-    TEST_VALID_PARAM( mbedtls_chacha20_free( NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
-                            mbedtls_chacha20_setkey( NULL, key ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
-                            mbedtls_chacha20_setkey( &ctx, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
-                            mbedtls_chacha20_starts( NULL, nonce, counter ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
-                            mbedtls_chacha20_starts( &ctx, NULL, counter ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
-                            mbedtls_chacha20_update( NULL, 0, src, dst ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
-                            mbedtls_chacha20_update( &ctx, len, NULL, dst ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
-                            mbedtls_chacha20_update( &ctx, len, src, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
-                            mbedtls_chacha20_crypt( NULL, nonce, counter, 0, src, dst ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
-                            mbedtls_chacha20_crypt( key, NULL, counter, 0, src, dst ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
-                            mbedtls_chacha20_crypt( key, nonce, counter, len, NULL, dst ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
-                            mbedtls_chacha20_crypt( key, nonce, counter, len, src, NULL ) );
-
-exit:
-    return;
-
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void chacha20_self_test()
-{
-    TEST_ASSERT( mbedtls_chacha20_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_chachapoly.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_chachapoly.function
deleted file mode 100644
index 96128e4..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_chachapoly.function
+++ /dev/null
@@ -1,285 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/chachapoly.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_CHACHAPOLY_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void mbedtls_chachapoly_enc( data_t *key_str, data_t *nonce_str, data_t *aad_str, data_t *input_str, data_t *output_str, data_t *mac_str )
-{
-    unsigned char output[265];
-    unsigned char mac[16]; /* size set by the standard */
-    mbedtls_chachapoly_context ctx;
-
-    TEST_ASSERT( key_str->len   == 32 );
-    TEST_ASSERT( nonce_str->len == 12 );
-    TEST_ASSERT( mac_str->len   == 16 );
-
-    mbedtls_chachapoly_init( &ctx );
-
-    TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key_str->x ) == 0 );
-
-    TEST_ASSERT( mbedtls_chachapoly_encrypt_and_tag( &ctx,
-                                      input_str->len, nonce_str->x,
-                                      aad_str->x, aad_str->len,
-                                      input_str->x, output, mac ) == 0 );
-
-    TEST_ASSERT( memcmp( output_str->x, output, output_str->len ) == 0 );
-    TEST_ASSERT( memcmp( mac_str->x, mac, 16U ) == 0 );
-
-exit:
-    mbedtls_chachapoly_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_chachapoly_dec( data_t *key_str, data_t *nonce_str, data_t *aad_str, data_t *input_str, data_t *output_str, data_t *mac_str, int ret_exp )
-{
-    unsigned char output[265];
-    int ret;
-    mbedtls_chachapoly_context ctx;
-
-    TEST_ASSERT( key_str->len   == 32 );
-    TEST_ASSERT( nonce_str->len == 12 );
-    TEST_ASSERT( mac_str->len   == 16 );
-
-    mbedtls_chachapoly_init( &ctx );
-
-    TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key_str->x ) == 0 );
-
-    ret = mbedtls_chachapoly_auth_decrypt( &ctx,
-                                           input_str->len, nonce_str->x,
-                                           aad_str->x, aad_str->len,
-                                           mac_str->x, input_str->x, output );
-
-    TEST_ASSERT( ret == ret_exp );
-    if( ret_exp == 0 )
-    {
-        TEST_ASSERT( memcmp( output_str->x, output, output_str->len ) == 0 );
-    }
-
-exit:
-    mbedtls_chachapoly_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void chachapoly_bad_params()
-{
-    unsigned char key[32];
-    unsigned char nonce[12];
-    unsigned char aad[1];
-    unsigned char input[1];
-    unsigned char output[1];
-    unsigned char mac[16];
-    size_t input_len = sizeof( input );
-    size_t aad_len = sizeof( aad );
-    mbedtls_chachapoly_context ctx;
-
-    memset( key,    0x00, sizeof( key ) );
-    memset( nonce,  0x00, sizeof( nonce ) );
-    memset( aad,    0x00, sizeof( aad ) );
-    memset( input,  0x00, sizeof( input ) );
-    memset( output, 0x00, sizeof( output ) );
-    memset( mac,    0x00, sizeof( mac ) );
-
-    TEST_INVALID_PARAM( mbedtls_chachapoly_init( NULL ) );
-    TEST_VALID_PARAM( mbedtls_chachapoly_free( NULL ) );
-
-    /* setkey */
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_setkey( NULL, key ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_setkey( &ctx, NULL ) );
-
-    /* encrypt_and_tag */
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_encrypt_and_tag( NULL,
-                                      0, nonce,
-                                      aad, 0,
-                                      input, output, mac ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_encrypt_and_tag( &ctx,
-                                      0, NULL,
-                                      aad, 0,
-                                      input, output, mac ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_encrypt_and_tag( &ctx,
-                                      0, nonce,
-                                      NULL, aad_len,
-                                      input, output, mac ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_encrypt_and_tag( &ctx,
-                                      input_len, nonce,
-                                      aad, 0,
-                                      NULL, output, mac ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_encrypt_and_tag( &ctx,
-                                      input_len, nonce,
-                                      aad, 0,
-                                      input, NULL, mac ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_encrypt_and_tag( &ctx,
-                                      0, nonce,
-                                      aad, 0,
-                                      input, output, NULL ) );
-
-    /* auth_decrypt */
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_auth_decrypt( NULL,
-                                           0, nonce,
-                                           aad, 0,
-                                           mac, input, output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_auth_decrypt( &ctx,
-                                           0, NULL,
-                                           aad, 0,
-                                           mac, input, output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_auth_decrypt( &ctx,
-                                           0, nonce,
-                                           NULL, aad_len,
-                                           mac, input, output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_auth_decrypt( &ctx,
-                                           0, nonce,
-                                           aad, 0,
-                                           NULL, input, output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_auth_decrypt( &ctx,
-                                           input_len, nonce,
-                                           aad, 0,
-                                           mac, NULL, output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_auth_decrypt( &ctx,
-                                           input_len, nonce,
-                                           aad, 0,
-                                           mac, input, NULL ) );
-
-    /* starts */
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_starts( NULL, nonce,
-                                               MBEDTLS_CHACHAPOLY_ENCRYPT ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_starts( &ctx, NULL,
-                                               MBEDTLS_CHACHAPOLY_ENCRYPT ) );
-
-    /* update_aad */
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_update_aad( NULL, aad,
-                                                           aad_len ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_update_aad( &ctx, NULL,
-                                                           aad_len ) );
-
-    /* update */
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_update( NULL, input_len,
-                                                       input, output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_update( &ctx, input_len,
-                                                       NULL, output ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_update( &ctx, input_len,
-                                                       input, NULL ) );
-
-    /* finish */
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_finish( NULL, mac ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                            mbedtls_chachapoly_finish( &ctx, NULL ) );
-
-exit:
-    return;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void chachapoly_state()
-{
-    unsigned char key[32];
-    unsigned char nonce[12];
-    unsigned char aad[1];
-    unsigned char input[1];
-    unsigned char output[1];
-    unsigned char mac[16];
-    size_t input_len = sizeof( input );
-    size_t aad_len = sizeof( aad );
-    mbedtls_chachapoly_context ctx;
-
-    memset( key,    0x00, sizeof( key ) );
-    memset( nonce,  0x00, sizeof( nonce ) );
-    memset( aad,    0x00, sizeof( aad ) );
-    memset( input,  0x00, sizeof( input ) );
-    memset( output, 0x00, sizeof( output ) );
-    memset( mac,    0x00, sizeof( mac ) );
-
-    /* Initial state: finish, update, update_aad forbidden */
-    mbedtls_chachapoly_init( &ctx );
-
-    TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac )
-                 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
-    TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output )
-                 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
-    TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
-                 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
-
-    /* Still initial state: finish, update, update_aad forbidden */
-    TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key )
-                 == 0 );
-
-    TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac )
-                 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
-    TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output )
-                 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
-    TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
-                 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
-
-    /* Starts -> finish OK */
-    TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT )
-                 == 0 );
-    TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac )
-                 == 0 );
-
-    /* After finish: update, update_aad forbidden */
-    TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output )
-                 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
-    TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
-                 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
-
-    /* Starts -> update* OK */
-    TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT )
-                 == 0 );
-    TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output )
-                 == 0 );
-    TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output )
-                 == 0 );
-
-    /* After update: update_aad forbidden */
-    TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
-                 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
-
-    /* Starts -> update_aad* -> finish OK */
-    TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT )
-                 == 0 );
-    TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
-                 == 0 );
-    TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
-                 == 0 );
-    TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac )
-                 == 0 );
-
-exit:
-    mbedtls_chachapoly_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void chachapoly_selftest()
-{
-    TEST_ASSERT( mbedtls_chachapoly_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.aria.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.aria.data
deleted file mode 100644
index 2c50a21..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.aria.data
+++ /dev/null
@@ -1,3 +0,0 @@
-Aria CBC Decrypt empty buffer
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_CIPHER_MODE_CBC
-dec_empty_buf:MBEDTLS_CIPHER_ARIA_128_CBC:0:0
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.function
deleted file mode 100644
index 1d98f3d..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.function
+++ /dev/null
@@ -1,1584 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/cipher.h"
-
-#if defined(MBEDTLS_AES_C)
-#include "mbedtls/aes.h"
-#endif
-
-#if defined(MBEDTLS_GCM_C)
-#include "mbedtls/gcm.h"
-#endif
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "test/psa_crypto_helpers.h"
-#endif
-
-#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
-#define MBEDTLS_CIPHER_AUTH_CRYPT
-#endif
-
-#if defined(MBEDTLS_CIPHER_AUTH_CRYPT)
-/* Helper for resetting key/direction
- *
- * The documentation doesn't explicitly say whether calling
- * mbedtls_cipher_setkey() twice is allowed or not. This currently works with
- * the default software implementation, but only by accident. It isn't
- * guaranteed to work with new ciphers or with alternative implementations of
- * individual ciphers, and it doesn't work with the PSA wrappers. So don't do
- * it, and instead start with a fresh context.
- */
-static int cipher_reset_key( mbedtls_cipher_context_t *ctx, int cipher_id,
-        int use_psa, size_t tag_len, const data_t *key, int direction )
-{
-    mbedtls_cipher_free( ctx );
-    mbedtls_cipher_init( ctx );
-
-#if !defined(MBEDTLS_USE_PSA_CRYPTO)
-    (void) use_psa;
-    (void) tag_len;
-#else
-    if( use_psa == 1 )
-    {
-        TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( ctx,
-                              mbedtls_cipher_info_from_type( cipher_id ),
-                              tag_len ) );
-    }
-    else
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-    {
-        TEST_ASSERT( 0 == mbedtls_cipher_setup( ctx,
-                              mbedtls_cipher_info_from_type( cipher_id ) ) );
-    }
-
-    TEST_ASSERT( 0 == mbedtls_cipher_setkey( ctx, key->x, 8 * key->len,
-                                             direction ) );
-    return( 1 );
-
-exit:
-    return( 0 );
-}
-
-/*
- * Check if a buffer is all-0 bytes:
- * return   1 if it is,
- *          0 if it isn't.
- */
-int buffer_is_all_zero( const uint8_t *buf, size_t size )
-{
-    for( size_t i = 0; i < size; i++ )
-        if( buf[i] != 0 )
-            return 0;
-    return 1;
-}
-#endif /* MBEDTLS_CIPHER_AUTH_CRYPT */
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_CIPHER_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void mbedtls_cipher_list(  )
-{
-    const int *cipher_type;
-
-    for( cipher_type = mbedtls_cipher_list(); *cipher_type != 0; cipher_type++ )
-        TEST_ASSERT( mbedtls_cipher_info_from_type( *cipher_type ) != NULL );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_invalid_param_unconditional( )
-{
-    mbedtls_cipher_context_t valid_ctx;
-    mbedtls_cipher_context_t invalid_ctx;
-    mbedtls_operation_t valid_operation = MBEDTLS_ENCRYPT;
-    mbedtls_cipher_padding_t valid_mode = MBEDTLS_PADDING_ZEROS;
-    unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 };
-    int valid_size = sizeof(valid_buffer);
-    int valid_bitlen = valid_size * 8;
-    const mbedtls_cipher_info_t *valid_info = mbedtls_cipher_info_from_type(
-        *( mbedtls_cipher_list() ) );
-    size_t size_t_var;
-
-    (void)valid_mode; /* In some configurations this is unused */
-
-    mbedtls_cipher_init( &valid_ctx );
-    mbedtls_cipher_setup( &valid_ctx, valid_info );
-    mbedtls_cipher_init( &invalid_ctx );
-
-    /* mbedtls_cipher_setup() */
-    TEST_ASSERT( mbedtls_cipher_setup( &valid_ctx, NULL ) ==
-                 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    /* mbedtls_cipher_get_block_size() */
-    TEST_ASSERT( mbedtls_cipher_get_block_size( &invalid_ctx ) == 0 );
-
-    /* mbedtls_cipher_get_cipher_mode() */
-    TEST_ASSERT( mbedtls_cipher_get_cipher_mode( &invalid_ctx ) ==
-                 MBEDTLS_MODE_NONE );
-
-    /* mbedtls_cipher_get_iv_size() */
-    TEST_ASSERT( mbedtls_cipher_get_iv_size( &invalid_ctx ) == 0 );
-
-    /* mbedtls_cipher_get_type() */
-    TEST_ASSERT(
-        mbedtls_cipher_get_type( &invalid_ctx ) ==
-        MBEDTLS_CIPHER_NONE);
-
-    /* mbedtls_cipher_get_name() */
-    TEST_ASSERT( mbedtls_cipher_get_name( &invalid_ctx ) == 0 );
-
-    /* mbedtls_cipher_get_key_bitlen() */
-    TEST_ASSERT( mbedtls_cipher_get_key_bitlen( &invalid_ctx ) ==
-                 MBEDTLS_KEY_LENGTH_NONE );
-
-    /* mbedtls_cipher_get_operation() */
-    TEST_ASSERT( mbedtls_cipher_get_operation( &invalid_ctx ) ==
-                 MBEDTLS_OPERATION_NONE );
-
-    /* mbedtls_cipher_setkey() */
-    TEST_ASSERT(
-        mbedtls_cipher_setkey( &invalid_ctx,
-                               valid_buffer,
-                               valid_bitlen,
-                               valid_operation ) ==
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    /* mbedtls_cipher_set_iv() */
-    TEST_ASSERT(
-        mbedtls_cipher_set_iv( &invalid_ctx,
-                               valid_buffer,
-                               valid_size ) ==
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    /* mbedtls_cipher_reset() */
-    TEST_ASSERT( mbedtls_cipher_reset( &invalid_ctx ) ==
-                 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
-    /* mbedtls_cipher_update_ad() */
-    TEST_ASSERT(
-        mbedtls_cipher_update_ad( &invalid_ctx,
-                                  valid_buffer,
-                                  valid_size ) ==
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
-
-#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
-    /* mbedtls_cipher_set_padding_mode() */
-    TEST_ASSERT( mbedtls_cipher_set_padding_mode( &invalid_ctx, valid_mode ) ==
-                 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-#endif
-
-    /* mbedtls_cipher_update() */
-    TEST_ASSERT(
-        mbedtls_cipher_update( &invalid_ctx,
-                               valid_buffer,
-                               valid_size,
-                               valid_buffer,
-                               &size_t_var ) ==
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    /* mbedtls_cipher_finish() */
-    TEST_ASSERT(
-        mbedtls_cipher_finish( &invalid_ctx,
-                               valid_buffer,
-                               &size_t_var ) ==
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
-    /* mbedtls_cipher_write_tag() */
-    TEST_ASSERT(
-        mbedtls_cipher_write_tag( &invalid_ctx,
-                                  valid_buffer,
-                                  valid_size ) ==
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    /* mbedtls_cipher_check_tag() */
-    TEST_ASSERT(
-        mbedtls_cipher_check_tag( &invalid_ctx,
-                                  valid_buffer,
-                                  valid_size ) ==
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
-
-exit:
-    mbedtls_cipher_free( &invalid_ctx );
-    mbedtls_cipher_free( &valid_ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void cipher_invalid_param_conditional( )
-{
-    mbedtls_cipher_context_t valid_ctx;
-
-    mbedtls_operation_t valid_operation = MBEDTLS_ENCRYPT;
-    mbedtls_operation_t invalid_operation = 100;
-    mbedtls_cipher_padding_t valid_mode = MBEDTLS_PADDING_ZEROS;
-    unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 };
-    int valid_size = sizeof(valid_buffer);
-    int valid_bitlen = valid_size * 8;
-    const mbedtls_cipher_info_t *valid_info = mbedtls_cipher_info_from_type(
-        *( mbedtls_cipher_list() ) );
-
-    size_t size_t_var;
-
-    (void)valid_mode; /* In some configurations this is unused */
-
-    /* mbedtls_cipher_init() */
-    TEST_VALID_PARAM( mbedtls_cipher_init( &valid_ctx ) );
-    TEST_INVALID_PARAM( mbedtls_cipher_init( NULL ) );
-
-    /* mbedtls_cipher_setup() */
-    TEST_VALID_PARAM( mbedtls_cipher_setup( &valid_ctx, valid_info ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_setup( NULL, valid_info ) );
-
-    /* mbedtls_cipher_get_block_size() */
-    TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_block_size( NULL ) );
-
-    /* mbedtls_cipher_get_cipher_mode() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_MODE_NONE,
-        mbedtls_cipher_get_cipher_mode( NULL ) );
-
-    /* mbedtls_cipher_get_iv_size() */
-    TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_iv_size( NULL ) );
-
-    /* mbedtls_cipher_get_type() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_CIPHER_NONE,
-        mbedtls_cipher_get_type( NULL ) );
-
-    /* mbedtls_cipher_get_name() */
-    TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_name( NULL ) );
-
-    /* mbedtls_cipher_get_key_bitlen() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_KEY_LENGTH_NONE,
-        mbedtls_cipher_get_key_bitlen( NULL ) );
-
-    /* mbedtls_cipher_get_operation() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_OPERATION_NONE,
-        mbedtls_cipher_get_operation( NULL ) );
-
-    /* mbedtls_cipher_setkey() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_setkey( NULL,
-                               valid_buffer,
-                               valid_bitlen,
-                               valid_operation ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_setkey( &valid_ctx,
-                               NULL,
-                               valid_bitlen,
-                               valid_operation ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_setkey( &valid_ctx,
-                               valid_buffer,
-                               valid_bitlen,
-                               invalid_operation ) );
-
-    /* mbedtls_cipher_set_iv() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_set_iv( NULL,
-                               valid_buffer,
-                               valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_set_iv( &valid_ctx,
-                               NULL,
-                               valid_size ) );
-
-    /* mbedtls_cipher_reset() */
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-                            mbedtls_cipher_reset( NULL ) );
-
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
-    /* mbedtls_cipher_update_ad() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_update_ad( NULL,
-                                  valid_buffer,
-                                  valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_update_ad( &valid_ctx,
-                                  NULL,
-                                  valid_size ) );
-#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
-
-#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
-    /* mbedtls_cipher_set_padding_mode() */
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-                            mbedtls_cipher_set_padding_mode( NULL, valid_mode ) );
-#endif
-
-    /* mbedtls_cipher_update() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_update( NULL,
-                               valid_buffer,
-                               valid_size,
-                               valid_buffer,
-                               &size_t_var ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_update( &valid_ctx,
-                               NULL, valid_size,
-                               valid_buffer,
-                               &size_t_var ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_update( &valid_ctx,
-                               valid_buffer, valid_size,
-                               NULL,
-                               &size_t_var ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_update( &valid_ctx,
-                               valid_buffer, valid_size,
-                               valid_buffer,
-                               NULL ) );
-
-    /* mbedtls_cipher_finish() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_finish( NULL,
-                               valid_buffer,
-                               &size_t_var ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_finish( &valid_ctx,
-                               NULL,
-                               &size_t_var ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_finish( &valid_ctx,
-                               valid_buffer,
-                               NULL ) );
-
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
-    /* mbedtls_cipher_write_tag() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_write_tag( NULL,
-                                  valid_buffer,
-                                  valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_write_tag( &valid_ctx,
-                                  NULL,
-                                  valid_size ) );
-
-    /* mbedtls_cipher_check_tag() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_check_tag( NULL,
-                                  valid_buffer,
-                                  valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_check_tag( &valid_ctx,
-                                  NULL,
-                                  valid_size ) );
-#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
-
-    /* mbedtls_cipher_crypt() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_crypt( NULL,
-                              valid_buffer, valid_size,
-                              valid_buffer, valid_size,
-                              valid_buffer, &size_t_var ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_crypt( &valid_ctx,
-                              NULL, valid_size,
-                              valid_buffer, valid_size,
-                              valid_buffer, &size_t_var ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_crypt( &valid_ctx,
-                              valid_buffer, valid_size,
-                              NULL, valid_size,
-                              valid_buffer, &size_t_var ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_crypt( &valid_ctx,
-                              valid_buffer, valid_size,
-                              valid_buffer, valid_size,
-                              NULL, &size_t_var ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_crypt( &valid_ctx,
-                              valid_buffer, valid_size,
-                              valid_buffer, valid_size,
-                              valid_buffer, NULL ) );
-
-#if defined(MBEDTLS_CIPHER_MODE_AEAD)
-    /* mbedtls_cipher_auth_encrypt() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_encrypt( NULL,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, &size_t_var,
-                                     valid_buffer, valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_encrypt( &valid_ctx,
-                                     NULL, valid_size,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, &size_t_var,
-                                     valid_buffer, valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_encrypt( &valid_ctx,
-                                     valid_buffer, valid_size,
-                                     NULL, valid_size,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, &size_t_var,
-                                     valid_buffer, valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_encrypt( &valid_ctx,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, valid_size,
-                                     NULL, valid_size,
-                                     valid_buffer, &size_t_var,
-                                     valid_buffer, valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_encrypt( &valid_ctx,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, valid_size,
-                                     NULL, &size_t_var,
-                                     valid_buffer, valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_encrypt( &valid_ctx,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, NULL,
-                                     valid_buffer, valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_encrypt( &valid_ctx,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, &size_t_var,
-                                     NULL, valid_size ) );
-
-    /* mbedtls_cipher_auth_decrypt() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_decrypt( NULL,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, &size_t_var,
-                                     valid_buffer, valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_decrypt( &valid_ctx,
-                                     NULL, valid_size,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, &size_t_var,
-                                     valid_buffer, valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_decrypt( &valid_ctx,
-                                     valid_buffer, valid_size,
-                                     NULL, valid_size,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, &size_t_var,
-                                     valid_buffer, valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_decrypt( &valid_ctx,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, valid_size,
-                                     NULL, valid_size,
-                                     valid_buffer, &size_t_var,
-                                     valid_buffer, valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_decrypt( &valid_ctx,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, valid_size,
-                                     NULL, &size_t_var,
-                                     valid_buffer, valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_decrypt( &valid_ctx,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, NULL,
-                                     valid_buffer, valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_decrypt( &valid_ctx,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, valid_size,
-                                     valid_buffer, &size_t_var,
-                                     NULL, valid_size ) );
-#endif /* defined(MBEDTLS_CIPHER_MODE_AEAD) */
-
-#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
-    /* mbedtls_cipher_auth_encrypt_ext */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_encrypt_ext( NULL,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size, &size_t_var,
-                                         valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_encrypt_ext( &valid_ctx,
-                                         NULL, valid_size,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size, &size_t_var,
-                                         valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_encrypt_ext( &valid_ctx,
-                                         valid_buffer, valid_size,
-                                         NULL, valid_size,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size, &size_t_var,
-                                         valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_encrypt_ext( &valid_ctx,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size,
-                                         NULL, valid_size,
-                                         valid_buffer, valid_size, &size_t_var,
-                                         valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_encrypt_ext( &valid_ctx,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size,
-                                         NULL, valid_size, &size_t_var,
-                                         valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_encrypt_ext( &valid_ctx,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size, NULL,
-                                         valid_size ) );
-
-    /* mbedtls_cipher_auth_decrypt_ext */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_decrypt_ext( NULL,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size, &size_t_var,
-                                         valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_decrypt_ext( &valid_ctx,
-                                         NULL, valid_size,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size, &size_t_var,
-                                         valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_decrypt_ext( &valid_ctx,
-                                         valid_buffer, valid_size,
-                                         NULL, valid_size,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size, &size_t_var,
-                                         valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_decrypt_ext( &valid_ctx,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size,
-                                         NULL, valid_size,
-                                         valid_buffer, valid_size, &size_t_var,
-                                         valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_decrypt_ext( &valid_ctx,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size,
-                                         NULL, valid_size, &size_t_var,
-                                         valid_size ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
-        mbedtls_cipher_auth_decrypt_ext( &valid_ctx,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size,
-                                         valid_buffer, valid_size, NULL,
-                                         valid_size ) );
-#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */
-
-    /* mbedtls_cipher_free() */
-    TEST_VALID_PARAM( mbedtls_cipher_free( NULL ) );
-exit:
-    TEST_VALID_PARAM( mbedtls_cipher_free( &valid_ctx ) );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
-void cipher_special_behaviours(  )
-{
-    const mbedtls_cipher_info_t *cipher_info;
-    mbedtls_cipher_context_t ctx;
-    unsigned char input[32];
-    unsigned char output[32];
-#if defined (MBEDTLS_CIPHER_MODE_CBC)
-    unsigned char iv[32];
-#endif
-    size_t olen = 0;
-
-    mbedtls_cipher_init( &ctx );
-    memset( input, 0, sizeof( input ) );
-    memset( output, 0, sizeof( output ) );
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    memset( iv, 0, sizeof( iv ) );
-
-    /* Check and get info structures */
-    cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_CBC );
-    TEST_ASSERT( NULL != cipher_info );
-
-    TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) );
-
-    /* IV too big */
-    TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, iv, MBEDTLS_MAX_IV_LENGTH + 1 )
-                 == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-
-    /* IV too small */
-    TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, iv, 0 )
-                 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    mbedtls_cipher_free( &ctx );
-    mbedtls_cipher_init( &ctx );
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-    cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB );
-    TEST_ASSERT( NULL != cipher_info );
-
-    TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) );
-
-    /* Update ECB with partial block */
-    TEST_ASSERT( mbedtls_cipher_update( &ctx, input, 1, output, &olen )
-                 == MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
-
-exit:
-    mbedtls_cipher_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void enc_dec_buf( int cipher_id, char * cipher_string, int key_len,
-                  int length_val, int pad_mode )
-{
-    size_t length = length_val, outlen, total_len, i, block_size;
-    unsigned char key[64];
-    unsigned char iv[16];
-    unsigned char ad[13];
-    unsigned char tag[16];
-    unsigned char inbuf[64];
-    unsigned char encbuf[64];
-    unsigned char decbuf[64];
-
-    const mbedtls_cipher_info_t *cipher_info;
-    mbedtls_cipher_context_t ctx_dec;
-    mbedtls_cipher_context_t ctx_enc;
-
-    /*
-     * Prepare contexts
-     */
-    mbedtls_cipher_init( &ctx_dec );
-    mbedtls_cipher_init( &ctx_enc );
-
-    memset( key, 0x2a, sizeof( key ) );
-
-    /* Check and get info structures */
-    cipher_info = mbedtls_cipher_info_from_type( cipher_id );
-    TEST_ASSERT( NULL != cipher_info );
-    TEST_ASSERT( mbedtls_cipher_info_from_string( cipher_string ) == cipher_info );
-
-    /* Initialise enc and dec contexts */
-    TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) );
-    TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_enc, cipher_info ) );
-
-    TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, key, key_len, MBEDTLS_DECRYPT ) );
-    TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_enc, key, key_len, MBEDTLS_ENCRYPT ) );
-
-#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
-    if( -1 != pad_mode )
-    {
-        TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_dec, pad_mode ) );
-        TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_enc, pad_mode ) );
-    }
-#else
-    (void) pad_mode;
-#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
-
-    /*
-     * Do a few encode/decode cycles
-     */
-    for( i = 0; i < 3; i++ )
-    {
-    memset( iv , 0x00 + i, sizeof( iv ) );
-    memset( ad, 0x10 + i, sizeof( ad ) );
-    memset( inbuf, 0x20 + i, sizeof( inbuf ) );
-
-    memset( encbuf, 0, sizeof( encbuf ) );
-    memset( decbuf, 0, sizeof( decbuf ) );
-    memset( tag, 0, sizeof( tag ) );
-
-    TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, sizeof( iv ) ) );
-    TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_enc, iv, sizeof( iv ) ) );
-
-    TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) );
-    TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_enc ) );
-
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
-    TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, ad, sizeof( ad ) - i ) );
-    TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_enc, ad, sizeof( ad ) - i ) );
-#endif
-
-    block_size = mbedtls_cipher_get_block_size( &ctx_enc );
-    TEST_ASSERT( block_size != 0 );
-
-    /* encode length number of bytes from inbuf */
-    TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf, length, encbuf, &outlen ) );
-    total_len = outlen;
-
-    TEST_ASSERT( total_len == length ||
-                 ( total_len % block_size == 0 &&
-                   total_len < length &&
-                   total_len + block_size > length ) );
-
-    TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_enc, encbuf + outlen, &outlen ) );
-    total_len += outlen;
-
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
-    TEST_ASSERT( 0 == mbedtls_cipher_write_tag( &ctx_enc, tag, sizeof( tag ) ) );
-#endif
-
-    TEST_ASSERT( total_len == length ||
-                 ( total_len % block_size == 0 &&
-                   total_len > length &&
-                   total_len <= length + block_size ) );
-
-    /* decode the previously encoded string */
-    TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, total_len, decbuf, &outlen ) );
-    total_len = outlen;
-
-    TEST_ASSERT( total_len == length ||
-                 ( total_len % block_size == 0 &&
-                   total_len < length &&
-                   total_len + block_size >= length ) );
-
-    TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_dec, decbuf + outlen, &outlen ) );
-    total_len += outlen;
-
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
-    TEST_ASSERT( 0 == mbedtls_cipher_check_tag( &ctx_dec, tag, sizeof( tag ) ) );
-#endif
-
-    /* check result */
-    TEST_ASSERT( total_len == length );
-    TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) );
-    }
-
-    /*
-     * Done
-     */
-exit:
-    mbedtls_cipher_free( &ctx_dec );
-    mbedtls_cipher_free( &ctx_enc );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void enc_fail( int cipher_id, int pad_mode, int key_len, int length_val,
-               int ret )
-{
-    size_t length = length_val;
-    unsigned char key[32];
-    unsigned char iv[16];
-
-    const mbedtls_cipher_info_t *cipher_info;
-    mbedtls_cipher_context_t ctx;
-
-    unsigned char inbuf[64];
-    unsigned char encbuf[64];
-
-    size_t outlen = 0;
-
-    memset( key, 0, 32 );
-    memset( iv , 0, 16 );
-
-    mbedtls_cipher_init( &ctx );
-
-    memset( inbuf, 5, 64 );
-    memset( encbuf, 0, 64 );
-
-    /* Check and get info structures */
-    cipher_info = mbedtls_cipher_info_from_type( cipher_id );
-    TEST_ASSERT( NULL != cipher_info );
-
-    /* Initialise context */
-    TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) );
-    TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, key_len, MBEDTLS_ENCRYPT ) );
-#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
-    TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) );
-#else
-    (void) pad_mode;
-#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
-    TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx, iv, 16 ) );
-    TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx ) );
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
-    TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx, NULL, 0 ) );
-#endif
-
-    /* encode length number of bytes from inbuf */
-    TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, inbuf, length, encbuf, &outlen ) );
-    TEST_ASSERT( ret == mbedtls_cipher_finish( &ctx, encbuf + outlen, &outlen ) );
-
-    /* done */
-exit:
-    mbedtls_cipher_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void dec_empty_buf( int cipher,
-                    int expected_update_ret,
-                    int expected_finish_ret )
-{
-    unsigned char key[32];
-    unsigned char iv[16];
-
-    mbedtls_cipher_context_t ctx_dec;
-    const mbedtls_cipher_info_t *cipher_info;
-
-    unsigned char encbuf[64];
-    unsigned char decbuf[64];
-
-    size_t outlen = 0;
-
-    memset( key, 0, 32 );
-    memset( iv , 0, 16 );
-
-    mbedtls_cipher_init( &ctx_dec );
-
-    memset( encbuf, 0, 64 );
-    memset( decbuf, 0, 64 );
-
-    /* Initialise context */
-    cipher_info = mbedtls_cipher_info_from_type( cipher );
-    TEST_ASSERT( NULL != cipher_info);
-    TEST_ASSERT( sizeof(key) * 8 >= cipher_info->key_bitlen );
-
-    TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) );
-
-    TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec,
-                                             key, cipher_info->key_bitlen,
-                                             MBEDTLS_DECRYPT ) );
-
-    TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, 16 ) );
-
-    TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) );
-
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
-    TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, NULL, 0 ) );
-#endif
-
-    /* decode 0-byte string */
-    TEST_ASSERT( expected_update_ret ==
-                 mbedtls_cipher_update( &ctx_dec, encbuf, 0, decbuf, &outlen ) );
-    TEST_ASSERT( 0 == outlen );
-
-    if ( expected_finish_ret == 0 &&
-         ( cipher_info->mode == MBEDTLS_MODE_CBC ||
-           cipher_info->mode == MBEDTLS_MODE_ECB ) )
-    {
-        /* Non-CBC and non-ECB ciphers are OK with decrypting empty buffers and
-         * return success, not MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED, when
-         * decrypting an empty buffer.
-         * On the other hand, CBC and ECB ciphers need a full block of input.
-         */
-        expected_finish_ret = MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED;
-    }
-
-    TEST_ASSERT( expected_finish_ret == mbedtls_cipher_finish(
-                                        &ctx_dec, decbuf + outlen, &outlen ) );
-    TEST_ASSERT( 0 == outlen );
-
-exit:
-    mbedtls_cipher_free( &ctx_dec );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void enc_dec_buf_multipart( int cipher_id, int key_len, int first_length_val,
-                            int second_length_val, int pad_mode,
-                            int first_encrypt_output_len, int second_encrypt_output_len,
-                            int first_decrypt_output_len, int second_decrypt_output_len )
-{
-    size_t first_length = first_length_val;
-    size_t second_length = second_length_val;
-    size_t length = first_length + second_length;
-    size_t block_size;
-    unsigned char key[32];
-    unsigned char iv[16];
-
-    mbedtls_cipher_context_t ctx_dec;
-    mbedtls_cipher_context_t ctx_enc;
-    const mbedtls_cipher_info_t *cipher_info;
-
-    unsigned char inbuf[64];
-    unsigned char encbuf[64];
-    unsigned char decbuf[64];
-
-    size_t outlen = 0;
-    size_t totaloutlen = 0;
-
-    memset( key, 0, 32 );
-    memset( iv , 0, 16 );
-
-    mbedtls_cipher_init( &ctx_dec );
-    mbedtls_cipher_init( &ctx_enc );
-
-    memset( inbuf, 5, 64 );
-    memset( encbuf, 0, 64 );
-    memset( decbuf, 0, 64 );
-
-    /* Initialise enc and dec contexts */
-    cipher_info = mbedtls_cipher_info_from_type( cipher_id );
-    TEST_ASSERT( NULL != cipher_info);
-
-    TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) );
-    TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_enc, cipher_info ) );
-
-    TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, key, key_len, MBEDTLS_DECRYPT ) );
-    TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_enc, key, key_len, MBEDTLS_ENCRYPT ) );
-
-#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
-    if( -1 != pad_mode )
-    {
-        TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_dec, pad_mode ) );
-        TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_enc, pad_mode ) );
-    }
-#else
-    (void) pad_mode;
-#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
-
-    TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, 16 ) );
-    TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_enc, iv, 16 ) );
-
-    TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) );
-    TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_enc ) );
-
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
-    TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, NULL, 0 ) );
-    TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_enc, NULL, 0 ) );
-#endif
-
-    block_size = mbedtls_cipher_get_block_size( &ctx_enc );
-    TEST_ASSERT( block_size != 0 );
-
-    /* encode length number of bytes from inbuf */
-    TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf, first_length, encbuf, &outlen ) );
-    TEST_ASSERT( (size_t)first_encrypt_output_len == outlen );
-    totaloutlen = outlen;
-    TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf + first_length, second_length, encbuf + totaloutlen, &outlen ) );
-    TEST_ASSERT( (size_t)second_encrypt_output_len == outlen );
-    totaloutlen += outlen;
-    TEST_ASSERT( totaloutlen == length ||
-                 ( totaloutlen % block_size == 0 &&
-                   totaloutlen < length &&
-                   totaloutlen + block_size > length ) );
-
-    TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_enc, encbuf + totaloutlen, &outlen ) );
-    totaloutlen += outlen;
-    TEST_ASSERT( totaloutlen == length ||
-                 ( totaloutlen % block_size == 0 &&
-                   totaloutlen > length &&
-                   totaloutlen <= length + block_size ) );
-
-    /* decode the previously encoded string */
-    second_length = totaloutlen - first_length;
-    TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, first_length, decbuf, &outlen ) );
-    TEST_ASSERT( (size_t)first_decrypt_output_len == outlen );
-    totaloutlen = outlen;
-    TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf + first_length, second_length, decbuf + totaloutlen, &outlen ) );
-    TEST_ASSERT( (size_t)second_decrypt_output_len == outlen );
-    totaloutlen += outlen;
-
-    TEST_ASSERT( totaloutlen == length ||
-                 ( totaloutlen % block_size == 0 &&
-                   totaloutlen < length &&
-                   totaloutlen + block_size >= length ) );
-
-    TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_dec, decbuf + totaloutlen, &outlen ) );
-    totaloutlen += outlen;
-
-    TEST_ASSERT( totaloutlen == length );
-
-    TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) );
-
-exit:
-    mbedtls_cipher_free( &ctx_dec );
-    mbedtls_cipher_free( &ctx_enc );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void decrypt_test_vec( int cipher_id, int pad_mode, data_t * key,
-                       data_t * iv, data_t * cipher,
-                       data_t * clear, data_t * ad, data_t * tag,
-                       int finish_result, int tag_result )
-{
-    unsigned char output[265];
-    mbedtls_cipher_context_t ctx;
-    size_t outlen, total_len;
-
-    mbedtls_cipher_init( &ctx );
-
-    memset( output, 0x00, sizeof( output ) );
-
-#if !defined(MBEDTLS_GCM_C) && !defined(MBEDTLS_CHACHAPOLY_C)
-    ((void) ad);
-    ((void) tag);
-#endif
-
-    /* Prepare context */
-    TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
-                                       mbedtls_cipher_info_from_type( cipher_id ) ) );
-    TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, MBEDTLS_DECRYPT ) );
-#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
-    if( pad_mode != -1 )
-        TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) );
-#else
-    (void) pad_mode;
-#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
-    TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx, iv->x, iv->len ) );
-    TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx ) );
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
-    TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx, ad->x, ad->len ) );
-#endif
-
-    /* decode buffer and check tag->x */
-    total_len = 0;
-    TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, cipher->x, cipher->len, output, &outlen ) );
-    total_len += outlen;
-    TEST_ASSERT( finish_result == mbedtls_cipher_finish( &ctx, output + outlen,
-                                                 &outlen ) );
-    total_len += outlen;
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
-    TEST_ASSERT( tag_result == mbedtls_cipher_check_tag( &ctx, tag->x, tag->len ) );
-#endif
-
-    /* check plaintext only if everything went fine */
-    if( 0 == finish_result && 0 == tag_result )
-    {
-        TEST_ASSERT( total_len == clear->len );
-        TEST_ASSERT( 0 == memcmp( output, clear->x, clear->len ) );
-    }
-
-exit:
-    mbedtls_cipher_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_AUTH_CRYPT */
-void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
-                    data_t * ad, data_t * cipher, data_t * tag,
-                    char * result, data_t * clear, int use_psa )
-{
-    /*
-     * Take an AEAD ciphertext + tag and perform a pair
-     * of AEAD decryption and AEAD encryption. Check that
-     * this results in the expected plaintext, and that
-     * decryption and encryption are inverse to one another.
-     *
-     * Do that twice:
-     * - once with legacy functions auth_decrypt/auth_encrypt
-     * - once with new functions auth_decrypt_ext/auth_encrypt_ext
-     * This allows testing both without duplicating test cases.
-     */
-
-    int ret;
-    int using_nist_kw, using_nist_kw_padding;
-
-    mbedtls_cipher_context_t ctx;
-    size_t outlen;
-
-    unsigned char *cipher_plus_tag = NULL;
-    size_t cipher_plus_tag_len;
-    unsigned char *decrypt_buf = NULL;
-    size_t decrypt_buf_len = 0;
-    unsigned char *encrypt_buf = NULL;
-    size_t encrypt_buf_len = 0;
-
-#if !defined(MBEDTLS_DEPRECATED_WARNING) && \
-    !defined(MBEDTLS_DEPRECATED_REMOVED)
-    unsigned char *tmp_tag    = NULL;
-    unsigned char *tmp_cipher = NULL;
-    unsigned char *tag_buf = NULL;
-#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */
-
-    /* Null pointers are documented as valid for inputs of length 0.
-     * The test framework passes non-null pointers, so set them to NULL.
-     * key, cipher and tag can't be empty. */
-    if( iv->len == 0 )
-        iv->x = NULL;
-    if( ad->len == 0 )
-        ad->x = NULL;
-    if( clear->len == 0 )
-        clear->x = NULL;
-
-    mbedtls_cipher_init( &ctx );
-
-    /* Initialize PSA Crypto */
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( use_psa == 1 )
-        PSA_ASSERT( psa_crypto_init( ) );
-#else
-    (void) use_psa;
-#endif
-
-    /*
-     * Are we using NIST_KW? with padding?
-     */
-    using_nist_kw_padding = cipher_id == MBEDTLS_CIPHER_AES_128_KWP ||
-                            cipher_id == MBEDTLS_CIPHER_AES_192_KWP ||
-                            cipher_id == MBEDTLS_CIPHER_AES_256_KWP;
-    using_nist_kw = cipher_id == MBEDTLS_CIPHER_AES_128_KW ||
-                    cipher_id == MBEDTLS_CIPHER_AES_192_KW ||
-                    cipher_id == MBEDTLS_CIPHER_AES_256_KW ||
-                    using_nist_kw_padding;
-
-    /****************************************************************
-     *                                                              *
-     *  Part 1: non-deprecated API                                  *
-     *                                                              *
-     ****************************************************************/
-
-    /*
-     * Prepare context for decryption
-     */
-    if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key,
-                            MBEDTLS_DECRYPT ) )
-        goto exit;
-
-    /*
-     * prepare buffer for decryption
-     * (we need the tag appended to the ciphertext)
-     */
-    cipher_plus_tag_len = cipher->len + tag->len;
-    ASSERT_ALLOC( cipher_plus_tag, cipher_plus_tag_len );
-    memcpy( cipher_plus_tag, cipher->x, cipher->len );
-    memcpy( cipher_plus_tag + cipher->len, tag->x, tag->len );
-
-    /*
-     * Compute length of output buffer according to the documentation
-     */
-    if( using_nist_kw )
-        decrypt_buf_len = cipher_plus_tag_len - 8;
-    else
-        decrypt_buf_len = cipher_plus_tag_len - tag->len;
-
-
-    /*
-     * Try decrypting to a buffer that's 1B too small
-     */
-    if( decrypt_buf_len != 0 )
-    {
-        ASSERT_ALLOC( decrypt_buf, decrypt_buf_len - 1 );
-
-        outlen = 0;
-        ret = mbedtls_cipher_auth_decrypt_ext( &ctx, iv->x, iv->len,
-                ad->x, ad->len, cipher_plus_tag, cipher_plus_tag_len,
-                decrypt_buf, decrypt_buf_len - 1, &outlen, tag->len );
-        TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-        mbedtls_free( decrypt_buf );
-        decrypt_buf = NULL;
-    }
-
-    /*
-     * Authenticate and decrypt, and check result
-     */
-    ASSERT_ALLOC( decrypt_buf, decrypt_buf_len );
-
-    outlen = 0;
-    ret = mbedtls_cipher_auth_decrypt_ext( &ctx, iv->x, iv->len,
-            ad->x, ad->len, cipher_plus_tag, cipher_plus_tag_len,
-            decrypt_buf, decrypt_buf_len, &outlen, tag->len );
-
-    if( strcmp( result, "FAIL" ) == 0 )
-    {
-        TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED );
-        TEST_ASSERT( buffer_is_all_zero( decrypt_buf, decrypt_buf_len ) );
-    }
-    else
-    {
-        TEST_ASSERT( ret == 0 );
-        ASSERT_COMPARE( decrypt_buf, outlen, clear->x, clear->len );
-    }
-
-    /* Free this, but keep cipher_plus_tag for deprecated function with PSA */
-    mbedtls_free( decrypt_buf );
-    decrypt_buf = NULL;
-
-    /*
-     * Encrypt back if test data was authentic
-     */
-    if( strcmp( result, "FAIL" ) != 0 )
-    {
-        /* prepare context for encryption */
-        if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key,
-                                MBEDTLS_ENCRYPT ) )
-            goto exit;
-
-        /*
-         * Compute size of output buffer according to documentation
-         */
-        if( using_nist_kw )
-        {
-            encrypt_buf_len = clear->len + 8;
-            if( using_nist_kw_padding && encrypt_buf_len % 8 != 0 )
-                encrypt_buf_len += 8 - encrypt_buf_len % 8;
-        }
-        else
-        {
-            encrypt_buf_len = clear->len + tag->len;
-        }
-
-        /*
-         * Try encrypting with an output buffer that's 1B too small
-         */
-        ASSERT_ALLOC( encrypt_buf, encrypt_buf_len - 1 );
-
-        outlen = 0;
-        ret = mbedtls_cipher_auth_encrypt_ext( &ctx, iv->x, iv->len,
-                ad->x, ad->len, clear->x, clear->len,
-                encrypt_buf, encrypt_buf_len - 1, &outlen, tag->len );
-        TEST_ASSERT( ret != 0 );
-
-        mbedtls_free( encrypt_buf );
-        encrypt_buf = NULL;
-
-        /*
-         * Encrypt and check the result
-         */
-        ASSERT_ALLOC( encrypt_buf, encrypt_buf_len );
-
-        outlen = 0;
-        ret = mbedtls_cipher_auth_encrypt_ext( &ctx, iv->x, iv->len,
-                ad->x, ad->len, clear->x, clear->len,
-                encrypt_buf, encrypt_buf_len, &outlen, tag->len );
-        TEST_ASSERT( ret == 0 );
-
-        TEST_ASSERT( outlen == cipher->len + tag->len );
-        TEST_ASSERT( memcmp( encrypt_buf, cipher->x, cipher->len ) == 0 );
-        TEST_ASSERT( memcmp( encrypt_buf + cipher->len,
-                             tag->x, tag->len ) == 0 );
-
-        mbedtls_free( encrypt_buf );
-        encrypt_buf = NULL;
-    }
-
-    /****************************************************************
-     *                                                              *
-     *  Part 2: deprecated API                                      *
-     *                                                              *
-     ****************************************************************/
-
-#if !defined(MBEDTLS_DEPRECATED_WARNING) && \
-    !defined(MBEDTLS_DEPRECATED_REMOVED)
-
-    /*
-     * Prepare context for decryption
-     */
-    if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key,
-                            MBEDTLS_DECRYPT ) )
-        goto exit;
-
-    /*
-     * Prepare pointers for decryption
-     */
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( use_psa == 1 )
-    {
-        /* PSA requires that the tag immediately follows the ciphertext.
-         * Fortunately, we already have that from testing the new API. */
-        tmp_cipher = cipher_plus_tag;
-        tmp_tag = tmp_cipher + cipher->len;
-    }
-    else
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-    {
-        tmp_cipher = cipher->x;
-        tmp_tag = tag->x;
-    }
-
-    /*
-     * Authenticate and decrypt, and check result
-     */
-
-    ASSERT_ALLOC( decrypt_buf, cipher->len );
-    outlen = 0;
-    ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
-                               tmp_cipher, cipher->len, decrypt_buf, &outlen,
-                               tmp_tag, tag->len );
-
-    if( using_nist_kw )
-    {
-        /* NIST_KW with legacy API */
-        TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-    }
-    else if( strcmp( result, "FAIL" ) == 0 )
-    {
-        /* unauthentic message */
-        TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED );
-        TEST_ASSERT( buffer_is_all_zero( decrypt_buf, cipher->len ) );
-    }
-    else
-    {
-        /* authentic message: is the plaintext correct? */
-        TEST_ASSERT( ret == 0 );
-        ASSERT_COMPARE(  decrypt_buf, outlen, clear->x, clear->len );
-    }
-
-    mbedtls_free( decrypt_buf );
-    decrypt_buf = NULL;
-    mbedtls_free( cipher_plus_tag );
-    cipher_plus_tag = NULL;
-
-    /*
-     * Encrypt back if test data was authentic
-     */
-    if( strcmp( result, "FAIL" ) != 0 )
-    {
-        /* prepare context for encryption */
-        if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key,
-                                MBEDTLS_ENCRYPT ) )
-            goto exit;
-
-        /* prepare buffers for encryption */
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-        if( use_psa )
-        {
-            ASSERT_ALLOC( cipher_plus_tag, cipher->len + tag->len );
-            tmp_cipher = cipher_plus_tag;
-            tmp_tag = cipher_plus_tag + cipher->len;
-        }
-        else
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-        {
-            ASSERT_ALLOC( encrypt_buf, cipher->len );
-            ASSERT_ALLOC( tag_buf, tag->len );
-            tmp_cipher = encrypt_buf;
-            tmp_tag = tag_buf;
-        }
-
-        /*
-         * Encrypt and check the result
-         */
-        outlen = 0;
-        ret = mbedtls_cipher_auth_encrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
-                                   clear->x, clear->len, tmp_cipher, &outlen,
-                                   tmp_tag, tag->len );
-
-        if( using_nist_kw )
-        {
-            TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
-        }
-        else
-        {
-            TEST_ASSERT( ret == 0 );
-
-            TEST_ASSERT( outlen == cipher->len );
-            if( cipher->len != 0 )
-                TEST_ASSERT( memcmp( tmp_cipher, cipher->x, cipher->len ) == 0 );
-            TEST_ASSERT( memcmp( tmp_tag, tag->x, tag->len ) == 0 );
-        }
-    }
-
-#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */
-
-exit:
-
-    mbedtls_cipher_free( &ctx );
-    mbedtls_free( decrypt_buf );
-    mbedtls_free( encrypt_buf );
-    mbedtls_free( cipher_plus_tag );
-#if !defined(MBEDTLS_DEPRECATED_WARNING) && \
-    !defined(MBEDTLS_DEPRECATED_REMOVED)
-    mbedtls_free( tag_buf );
-#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( use_psa == 1 )
-        PSA_DONE( );
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void test_vec_ecb( int cipher_id, int operation, data_t * key,
-                   data_t * input, data_t * result, int finish_result
-                   )
-{
-    mbedtls_cipher_context_t ctx;
-    unsigned char output[32];
-    size_t outlen;
-
-    mbedtls_cipher_init( &ctx );
-
-    memset( output, 0x00, sizeof( output ) );
-
-    /* Prepare context */
-    TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
-                                       mbedtls_cipher_info_from_type( cipher_id ) ) );
-
-
-    TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, operation ) );
-
-    TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, input->x,
-                                     mbedtls_cipher_get_block_size( &ctx ),
-                                     output, &outlen ) );
-    TEST_ASSERT( outlen == mbedtls_cipher_get_block_size( &ctx ) );
-    TEST_ASSERT( finish_result == mbedtls_cipher_finish( &ctx, output + outlen,
-                                                 &outlen ) );
-    TEST_ASSERT( 0 == outlen );
-
-    /* check plaintext only if everything went fine */
-    if( 0 == finish_result )
-        TEST_ASSERT( 0 == memcmp( output, result->x,
-                                  mbedtls_cipher_get_block_size( &ctx ) ) );
-
-exit:
-    mbedtls_cipher_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */
-void test_vec_crypt( int cipher_id, int operation, data_t *key,
-                     data_t *iv, data_t *input, data_t *result,
-                     int finish_result, int use_psa )
-{
-    mbedtls_cipher_context_t ctx;
-    unsigned char output[32];
-    size_t outlen;
-
-    mbedtls_cipher_init( &ctx );
-
-    memset( output, 0x00, sizeof( output ) );
-
-    /* Prepare context */
-#if !defined(MBEDTLS_USE_PSA_CRYPTO)
-    (void) use_psa;
-#else
-    if( use_psa == 1 )
-    {
-        PSA_ASSERT( psa_crypto_init( ) );
-        TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx,
-                              mbedtls_cipher_info_from_type( cipher_id ), 0 ) );
-    }
-    else
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-    TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
-                              mbedtls_cipher_info_from_type( cipher_id ) ) );
-
-    TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, operation ) );
-    if( MBEDTLS_MODE_CBC == ctx.cipher_info->mode )
-        TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, MBEDTLS_PADDING_NONE ) );
-
-    TEST_ASSERT( finish_result == mbedtls_cipher_crypt( &ctx, iv->len ? iv->x : NULL,
-                                                        iv->len, input->x, input->len,
-                                                        output, &outlen ) );
-    TEST_ASSERT( result->len == outlen );
-    /* check plaintext only if everything went fine */
-    if( 0 == finish_result )
-        TEST_ASSERT( 0 == memcmp( output, result->x, outlen ) );
-
-exit:
-    mbedtls_cipher_free( &ctx );
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    PSA_DONE( );
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */
-void set_padding( int cipher_id, int pad_mode, int ret )
-{
-    const mbedtls_cipher_info_t *cipher_info;
-    mbedtls_cipher_context_t ctx;
-
-    mbedtls_cipher_init( &ctx );
-
-    cipher_info = mbedtls_cipher_info_from_type( cipher_id );
-    TEST_ASSERT( NULL != cipher_info );
-    TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) );
-
-    TEST_ASSERT( ret == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) );
-
-exit:
-    mbedtls_cipher_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void check_padding( int pad_mode, data_t * input, int ret, int dlen_check
-                    )
-{
-    mbedtls_cipher_info_t cipher_info;
-    mbedtls_cipher_context_t ctx;
-    size_t dlen;
-
-    /* build a fake context just for getting access to get_padding */
-    mbedtls_cipher_init( &ctx );
-    cipher_info.mode = MBEDTLS_MODE_CBC;
-    ctx.cipher_info = &cipher_info;
-
-    TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) );
-
-
-    TEST_ASSERT( ret == ctx.get_padding( input->x, input->len, &dlen ) );
-    if( 0 == ret )
-        TEST_ASSERT( dlen == (size_t) dlen_check );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cmac.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cmac.function
deleted file mode 100644
index cabf107..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cmac.function
+++ /dev/null
@@ -1,286 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/cipher.h"
-#include "mbedtls/cmac.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_CMAC_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void mbedtls_cmac_self_test(  )
-{
-    TEST_ASSERT( mbedtls_cmac_self_test( 1 ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_cmac_null_args(  )
-{
-    mbedtls_cipher_context_t ctx;
-    const mbedtls_cipher_info_t *cipher_info;
-    unsigned char test_key[MBEDTLS_CIPHER_BLKSIZE_MAX];
-    unsigned char test_data[MBEDTLS_CIPHER_BLKSIZE_MAX];
-    unsigned char test_output[MBEDTLS_CIPHER_BLKSIZE_MAX];
-
-    mbedtls_cipher_init( &ctx );
-
-    /* Test NULL cipher info */
-    TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, test_data, 16 ) ==
-                                         MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB );
-    TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 );
-
-    TEST_ASSERT( mbedtls_cipher_cmac_starts( NULL, test_key, 128 ) ==
-                                         MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_cipher_cmac_starts( &ctx, NULL, 128 ) ==
-                                         MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_cipher_cmac_update( NULL, test_data, 16 ) ==
-                                         MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, NULL, 16 ) ==
-                                         MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_cipher_cmac_finish( NULL, test_output ) ==
-                                         MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, NULL ) ==
-                                         MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_cipher_cmac_reset( NULL ) ==
-                                         MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_cipher_cmac( NULL,
-                                      test_key, 128,
-                                      test_data, 16,
-                                      test_output ) ==
-                                            MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_cipher_cmac( cipher_info,
-                                      NULL, 128,
-                                      test_data, 16,
-                                      test_output ) ==
-                                            MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_cipher_cmac( cipher_info,
-                                      test_key, 128,
-                                      NULL, 16,
-                                      test_output ) ==
-                                            MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_cipher_cmac( cipher_info,
-                                      test_key, 128,
-                                      test_data, 16,
-                                      NULL ) ==
-                                            MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_aes_cmac_prf_128( NULL, 16,
-                                           test_data, 16,
-                                           test_output ) ==
-                                           MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_aes_cmac_prf_128( test_key, 16,
-                                           NULL, 16,
-                                           test_output ) ==
-                                              MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_aes_cmac_prf_128( test_key, 16,
-                                           test_data, 16,
-                                           NULL ) ==
-                                              MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-exit:
-    mbedtls_cipher_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_cmac_setkey( int cipher_type, int key_size, int result )
-{
-    const mbedtls_cipher_info_t *cipher_info;
-    unsigned char key[32];
-    unsigned char buf[16];
-    unsigned char tmp[16];
-
-    memset( key, 0x2A, sizeof( key ) );
-    TEST_ASSERT( (unsigned) key_size <= 8 * sizeof( key ) );
-
-    TEST_ASSERT( ( cipher_info = mbedtls_cipher_info_from_type( cipher_type ) )
-                    != NULL );
-
-    memset( buf, 0x2A, sizeof( buf ) );
-    TEST_ASSERT( ( result == mbedtls_cipher_cmac( cipher_info, key, key_size,
-                                                buf, 16, tmp ) ) != 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_cmac_multiple_blocks( int cipher_type, data_t * key,
-                                   int keybits, int block_size,
-                                   data_t * block1, int block1_len,
-                                   data_t * block2, int block2_len,
-                                   data_t * block3, int block3_len,
-                                   data_t * block4, int block4_len,
-                                   data_t * expected_result )
-{
-    const mbedtls_cipher_info_t *cipher_info;
-    mbedtls_cipher_context_t ctx;
-    unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX];
-
-    /* Convert the test parameters to binary data */
-
-    mbedtls_cipher_init( &ctx );
-
-    /* Validate the test inputs */
-    TEST_ASSERT( block1_len <= 100 );
-    TEST_ASSERT( block2_len <= 100 );
-    TEST_ASSERT( block3_len <= 100 );
-    TEST_ASSERT( block4_len <= 100 );
-
-    /* Set up */
-    TEST_ASSERT( ( cipher_info = mbedtls_cipher_info_from_type( cipher_type ) )
-                    != NULL );
-
-    TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 );
-
-    TEST_ASSERT( mbedtls_cipher_cmac_starts( &ctx,
-                                             (const unsigned char*)key->x,
-                                             keybits ) == 0 );
-
-    /* Multiple partial and complete blocks. A negative length means skip the
-     * update operation */
-    if( block1_len >= 0)
-        TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
-                                                 (unsigned char*)block1->x,
-                                                 block1_len ) == 0);
-
-    if( block2_len >= 0 )
-        TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
-                                                 (unsigned char*)block2->x,
-                                                 block2_len ) == 0);
-
-    if( block3_len >= 0 )
-        TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
-                                                 (unsigned char*)block3->x,
-                                                 block3_len ) == 0);
-
-    if( block4_len >= 0 )
-        TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
-                                                 (unsigned char*)block4->x,
-                                                 block4_len ) == 0);
-
-    TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, output ) == 0 );
-
-    TEST_ASSERT( memcmp( output, expected_result->x, block_size )  == 0 );
-
-exit:
-    mbedtls_cipher_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_cmac_multiple_operations_same_key( int cipher_type,
-                                                data_t * key, int keybits,
-                                                int block_size,
-                                                data_t * block_a1,
-                                                int block_a1_len,
-                                                data_t * block_a2,
-                                                int block_a2_len,
-                                                data_t * block_a3,
-                                                int block_a3_len,
-                                                data_t * expected_result_a,
-                                                data_t * block_b1,
-                                                int block_b1_len,
-                                                data_t * block_b2,
-                                                int block_b2_len,
-                                                data_t * block_b3,
-                                                int block_b3_len,
-                                                data_t * expected_result_b
-                                                )
-{
-    const mbedtls_cipher_info_t *cipher_info;
-    mbedtls_cipher_context_t ctx;
-    unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX];
-
-    /* Convert the test parameters to binary data */
-
-
-
-    mbedtls_cipher_init( &ctx );
-
-    /* Validate the test inputs */
-    TEST_ASSERT( block_a1_len <= 100 );
-    TEST_ASSERT( block_a2_len <= 100 );
-    TEST_ASSERT( block_a3_len <= 100 );
-
-    TEST_ASSERT( block_b1_len <= 100 );
-    TEST_ASSERT( block_b2_len <= 100 );
-    TEST_ASSERT( block_b3_len <= 100 );
-
-    /* Set up */
-    TEST_ASSERT( ( cipher_info = mbedtls_cipher_info_from_type( cipher_type ) )
-                    != NULL );
-
-    TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 );
-
-    TEST_ASSERT( mbedtls_cipher_cmac_starts( &ctx,
-                                             (const unsigned char*)key->x,
-                                             keybits ) == 0 );
-
-    /* Sequence A */
-
-    /* Multiple partial and complete blocks. A negative length means skip the
-     * update operation */
-    if( block_a1_len >= 0 )
-        TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
-                                                 (unsigned char*)block_a1->x,
-                                                 block_a1_len ) == 0);
-
-    if( block_a2_len >= 0 )
-        TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
-                                                 (unsigned char*)block_a2->x,
-                                                 block_a2_len ) == 0);
-
-    if( block_a3_len >= 0 )
-        TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
-                                                 (unsigned char*)block_a3->x,
-                                                  block_a3_len ) == 0);
-
-    TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, output ) == 0 );
-
-    TEST_ASSERT( memcmp( output, expected_result_a->x, block_size )  == 0 );
-
-    TEST_ASSERT( mbedtls_cipher_cmac_reset( &ctx ) == 0 );
-
-    /* Sequence B */
-
-    /* Multiple partial and complete blocks. A negative length means skip the
-     * update operation */
-    if( block_b1_len >= 0)
-        TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
-                                                 (unsigned char*)block_b1->x,
-                                                 block_b1_len ) == 0);
-
-    if( block_b2_len >= 0 )
-        TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
-                                                 (unsigned char*)block_b2->x,
-                                                 block_b2_len ) == 0);
-
-    if( block_b3_len >= 0 )
-        TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
-                                                 (unsigned char*)block_b3->x,
-                                                 block_b3_len ) == 0);
-
-    TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, output ) == 0 );
-
-    TEST_ASSERT( memcmp( output, expected_result_b->x, block_size )  == 0 );
-
-exit:
-    mbedtls_cipher_free( &ctx );
-}
-/* END_CASE */
-
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ctr_drbg.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ctr_drbg.function
deleted file mode 100644
index c3ffe3b..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ctr_drbg.function
+++ /dev/null
@@ -1,338 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "string.h"
-
-/* Modes for ctr_drbg_validate */
-enum reseed_mode
-{
-    RESEED_NEVER, /* never reseed */
-    RESEED_FIRST, /* instantiate, reseed, generate, generate */
-    RESEED_SECOND, /* instantiate, generate, reseed, generate */
-    RESEED_ALWAYS /* prediction resistance, no explicit reseed */
-};
-
-static size_t test_offset_idx = 0;
-static size_t test_max_idx  = 0;
-static int mbedtls_test_entropy_func( void *data, unsigned char *buf, size_t len )
-{
-    const unsigned char *p = (unsigned char *) data;
-    if( test_offset_idx + len > test_max_idx )
-        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
-    memcpy( buf, p + test_offset_idx, len );
-    test_offset_idx += len;
-    return( 0 );
-}
-
-static void ctr_drbg_validate_internal( int reseed_mode, data_t * nonce,
-                        int entropy_len_arg, data_t * entropy,
-                        data_t * reseed,
-                        data_t * add1, data_t * add2,
-                        data_t * result )
-{
-    mbedtls_ctr_drbg_context ctx;
-    unsigned char buf[64];
-
-    size_t entropy_chunk_len = (size_t) entropy_len_arg;
-
-    TEST_ASSERT( entropy_chunk_len <= sizeof( buf ) );
-
-    test_offset_idx = 0;
-    mbedtls_ctr_drbg_init( &ctx );
-
-    test_max_idx = entropy->len;
-
-    /* CTR_DRBG_Instantiate(entropy[:entropy->len], nonce, perso, <ignored>)
-     * where nonce||perso = nonce[nonce->len] */
-    mbedtls_ctr_drbg_set_entropy_len( &ctx, entropy_chunk_len );
-    mbedtls_ctr_drbg_set_nonce_len( &ctx, 0 );
-    TEST_ASSERT( mbedtls_ctr_drbg_seed(
-                     &ctx,
-                     mbedtls_test_entropy_func, entropy->x,
-                     nonce->x, nonce->len ) == 0 );
-    if( reseed_mode == RESEED_ALWAYS )
-        mbedtls_ctr_drbg_set_prediction_resistance(
-            &ctx,
-            MBEDTLS_CTR_DRBG_PR_ON );
-
-    if( reseed_mode == RESEED_FIRST )
-    {
-        /* CTR_DRBG_Reseed(entropy[idx:idx+entropy->len],
-         *                 reseed[:reseed->len]) */
-        TEST_ASSERT( mbedtls_ctr_drbg_reseed(
-                         &ctx,
-                         reseed->x, reseed->len ) == 0 );
-    }
-
-    /* CTR_DRBG_Generate(result->len * 8 bits, add1[:add1->len]) -> buf */
-    /* Then reseed if prediction resistance is enabled. */
-    TEST_ASSERT( mbedtls_ctr_drbg_random_with_add(
-                     &ctx,
-                     buf, result->len,
-                     add1->x, add1->len ) == 0 );
-
-
-    if( reseed_mode == RESEED_SECOND )
-    {
-        /* CTR_DRBG_Reseed(entropy[idx:idx+entropy->len],
-         *                 reseed[:reseed->len]) */
-        TEST_ASSERT( mbedtls_ctr_drbg_reseed(
-                         &ctx,
-                         reseed->x, reseed->len ) == 0 );
-    }
-
-    /* CTR_DRBG_Generate(result->len * 8 bits, add2->x[:add2->len]) -> buf */
-    /* Then reseed if prediction resistance is enabled. */
-    TEST_ASSERT( mbedtls_ctr_drbg_random_with_add(
-                     &ctx,
-                     buf, result->len,
-                     add2->x, add2->len ) == 0 );
-    TEST_ASSERT( memcmp( buf, result->x, result->len ) == 0 );
-
-exit:
-    mbedtls_ctr_drbg_free( &ctx );
-}
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_CTR_DRBG_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void ctr_drbg_special_behaviours( )
-{
-    mbedtls_ctr_drbg_context ctx;
-    unsigned char output[512];
-    unsigned char additional[512];
-
-    mbedtls_ctr_drbg_init( &ctx );
-    memset( output, 0, sizeof( output ) );
-    memset( additional, 0, sizeof( additional ) );
-
-    TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx,
-                        output, MBEDTLS_CTR_DRBG_MAX_REQUEST + 1,
-                        additional, 16 ) ==
-                        MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG );
-    TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx,
-                        output, 16,
-                        additional, MBEDTLS_CTR_DRBG_MAX_INPUT + 1 ) ==
-                        MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
-
-    TEST_ASSERT( mbedtls_ctr_drbg_reseed( &ctx, additional,
-                        MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + 1 ) ==
-                        MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
-
-    mbedtls_ctr_drbg_set_entropy_len( &ctx, ~0 );
-    TEST_ASSERT( mbedtls_ctr_drbg_reseed( &ctx, additional,
-                        MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) ==
-                        MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
-exit:
-    mbedtls_ctr_drbg_free( &ctx );
-}
-/* END_CASE */
-
-
-/* BEGIN_CASE */
-void ctr_drbg_validate_no_reseed( data_t * add_init, data_t * entropy,
-                                  data_t * add1, data_t * add2,
-                                  data_t * result_string )
-{
-    data_t empty = { 0, 0 };
-    ctr_drbg_validate_internal( RESEED_NEVER, add_init,
-                                entropy->len, entropy,
-                                &empty, add1, add2,
-                                result_string );
-    goto exit; // goto is needed to avoid warning ( no test assertions in func)
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ctr_drbg_validate_pr( data_t * add_init, data_t * entropy,
-                           data_t * add1, data_t * add2,
-                           data_t * result_string )
-{
-    data_t empty = { 0, 0 };
-    ctr_drbg_validate_internal( RESEED_ALWAYS, add_init,
-                                entropy->len / 3, entropy,
-                                &empty, add1, add2,
-                                result_string );
-    goto exit; // goto is needed to avoid warning ( no test assertions in func)
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ctr_drbg_validate_reseed_between( data_t * add_init, data_t * entropy,
-                             data_t * add1, data_t * add_reseed,
-                             data_t * add2, data_t * result_string )
-{
-    ctr_drbg_validate_internal( RESEED_SECOND, add_init,
-                                entropy->len / 2, entropy,
-                                add_reseed, add1, add2,
-                                result_string );
-    goto exit; // goto is needed to avoid warning ( no test assertions in func)
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ctr_drbg_validate_reseed_first( data_t * add_init, data_t * entropy,
-                             data_t * add1, data_t * add_reseed,
-                             data_t * add2, data_t * result_string )
-{
-    ctr_drbg_validate_internal( RESEED_FIRST, add_init,
-                                entropy->len / 2, entropy,
-                                add_reseed, add1, add2,
-                                result_string );
-    goto exit; // goto is needed to avoid warning ( no test assertions in func)
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ctr_drbg_entropy_strength( int expected_bit_strength )
-{
-    unsigned char entropy[/*initial entropy*/ MBEDTLS_CTR_DRBG_ENTROPY_LEN +
-                          /*nonce*/     MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN +
-                          /*reseed*/          MBEDTLS_CTR_DRBG_ENTROPY_LEN];
-    mbedtls_ctr_drbg_context ctx;
-    size_t last_idx;
-    size_t byte_strength = expected_bit_strength / 8;
-
-    mbedtls_ctr_drbg_init( &ctx );
-    test_offset_idx = 0;
-    test_max_idx = sizeof( entropy );
-    memset( entropy, 0, sizeof( entropy ) );
-
-    /* The initial seeding must grab at least byte_strength bytes of entropy
-     * for the entropy input and byte_strength/2 bytes for a nonce. */
-    TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctx,
-                                        mbedtls_test_entropy_func, entropy,
-                                        NULL, 0 ) == 0 );
-    TEST_ASSERT( test_offset_idx >= ( byte_strength * 3 + 1 ) / 2 );
-    last_idx = test_offset_idx;
-
-    /* A reseed must grab at least byte_strength bytes of entropy. */
-    TEST_ASSERT( mbedtls_ctr_drbg_reseed( &ctx, NULL, 0 ) == 0 );
-    TEST_ASSERT( test_offset_idx - last_idx >= byte_strength );
-
-exit:
-    mbedtls_ctr_drbg_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ctr_drbg_entropy_usage( int entropy_nonce_len )
-{
-    unsigned char out[16];
-    unsigned char add[16];
-    unsigned char entropy[1024];
-    mbedtls_ctr_drbg_context ctx;
-    size_t i, reps = 10;
-    size_t expected_idx = 0;
-
-    mbedtls_ctr_drbg_init( &ctx );
-    test_offset_idx = 0;
-    test_max_idx = sizeof( entropy );
-    memset( entropy, 0, sizeof( entropy ) );
-    memset( out, 0, sizeof( out ) );
-    memset( add, 0, sizeof( add ) );
-
-    if( entropy_nonce_len >= 0 )
-        TEST_ASSERT( mbedtls_ctr_drbg_set_nonce_len( &ctx, entropy_nonce_len ) == 0 );
-
-    /* Set reseed interval before seed */
-    mbedtls_ctr_drbg_set_reseed_interval( &ctx, 2 * reps );
-
-    /* Init must use entropy */
-    TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctx, mbedtls_test_entropy_func, entropy, NULL, 0 ) == 0 );
-    expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_LEN;
-    if( entropy_nonce_len >= 0 )
-        expected_idx += entropy_nonce_len;
-    else
-        expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN;
-    TEST_EQUAL( test_offset_idx, expected_idx );
-
-    /* By default, PR is off, and reseed interval was set to
-     * 2 * reps so the next few calls should not use entropy */
-    for( i = 0; i < reps; i++ )
-    {
-        TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) - 4 ) == 0 );
-        TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, out, sizeof( out ) - 4,
-                                                add, sizeof( add ) ) == 0 );
-    }
-    TEST_EQUAL( test_offset_idx, expected_idx );
-
-    /* While at it, make sure we didn't write past the requested length */
-    TEST_ASSERT( out[sizeof( out ) - 4] == 0 );
-    TEST_ASSERT( out[sizeof( out ) - 3] == 0 );
-    TEST_ASSERT( out[sizeof( out ) - 2] == 0 );
-    TEST_ASSERT( out[sizeof( out ) - 1] == 0 );
-
-    /* There have been 2 * reps calls to random. The next call should reseed */
-    TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 );
-    expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_LEN;
-    TEST_EQUAL( test_offset_idx, expected_idx );
-
-    /* Set reseed interval after seed */
-    mbedtls_ctr_drbg_set_reseed_interval( &ctx, 4 * reps + 1 );
-
-    /* The next few calls should not reseed */
-    for( i = 0; i < (2 * reps); i++ )
-    {
-        TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 );
-        TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, out, sizeof( out ) ,
-                                                add, sizeof( add ) ) == 0 );
-    }
-    TEST_EQUAL( test_offset_idx, expected_idx );
-
-    /* Call update with too much data (sizeof entropy > MAX(_SEED)_INPUT).
-     * Make sure it's detected as an error and doesn't cause memory
-     * corruption. */
-    TEST_ASSERT( mbedtls_ctr_drbg_update_ret(
-                     &ctx, entropy, sizeof( entropy ) ) != 0 );
-
-    /* Now enable PR, so the next few calls should all reseed */
-    mbedtls_ctr_drbg_set_prediction_resistance( &ctx, MBEDTLS_CTR_DRBG_PR_ON );
-    TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 );
-    expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_LEN;
-    TEST_EQUAL( test_offset_idx, expected_idx );
-
-    /* Finally, check setting entropy_len */
-    mbedtls_ctr_drbg_set_entropy_len( &ctx, 42 );
-    TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 );
-    expected_idx += 42;
-    TEST_EQUAL( test_offset_idx, expected_idx );
-
-    mbedtls_ctr_drbg_set_entropy_len( &ctx, 13 );
-    TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 );
-    expected_idx += 13;
-    TEST_EQUAL( test_offset_idx, expected_idx );
-
-exit:
-    mbedtls_ctr_drbg_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
-void ctr_drbg_seed_file( char * path, int ret )
-{
-    mbedtls_ctr_drbg_context ctx;
-
-    mbedtls_ctr_drbg_init( &ctx );
-
-    TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctx, mbedtls_test_rnd_std_rand,
-                                        NULL, NULL, 0 ) == 0 );
-    TEST_ASSERT( mbedtls_ctr_drbg_write_seed_file( &ctx, path ) == ret );
-    TEST_ASSERT( mbedtls_ctr_drbg_update_seed_file( &ctx, path ) == ret );
-
-exit:
-    mbedtls_ctr_drbg_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void ctr_drbg_selftest(  )
-{
-    TEST_ASSERT( mbedtls_ctr_drbg_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_debug.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_debug.data
deleted file mode 100644
index eb99b79..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_debug.data
+++ /dev/null
@@ -1,64 +0,0 @@
-Debug print msg (threshold 1, level 0)
-debug_print_msg_threshold:1:0:"MyFile":999:"MyFile(0999)\: Text message, 2 == 2\n"
-
-Debug print msg (threshold 1, level 1)
-debug_print_msg_threshold:1:1:"MyFile":999:"MyFile(0999)\: Text message, 2 == 2\n"
-
-Debug print msg (threshold 1, level 2)
-debug_print_msg_threshold:1:2:"MyFile":999:""
-
-Debug print msg (threshold 0, level 1)
-debug_print_msg_threshold:0:1:"MyFile":999:""
-
-Debug print msg (threshold 0, level 5)
-debug_print_msg_threshold:0:5:"MyFile":999:""
-
-Debug print return value #1
-mbedtls_debug_print_ret:"MyFile":999:"Test return value":0:"MyFile(0999)\: Test return value() returned 0 (-0x0000)\n"
-
-Debug print return value #2
-mbedtls_debug_print_ret:"MyFile":999:"Test return value":-0x1000:"MyFile(0999)\: Test return value() returned -4096 (-0x1000)\n"
-
-Debug print return value #3
-mbedtls_debug_print_ret:"MyFile":999:"Test return value":-0xFFFF:"MyFile(0999)\: Test return value() returned -65535 (-0xffff)\n"
-
-Debug print buffer #1
-mbedtls_debug_print_buf:"MyFile":999:"Test return value":"":"MyFile(0999)\: dumping 'Test return value' (0 bytes)\n"
-
-Debug print buffer #2
-mbedtls_debug_print_buf:"MyFile":999:"Test return value":"00":"MyFile(0999)\: dumping 'Test return value' (1 bytes)\nMyFile(0999)\: 0000\:  00                                               .\n"
-
-Debug print buffer #3
-mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F":"MyFile(0999)\: dumping 'Test return value' (16 bytes)\nMyFile(0999)\: 0000\:  00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f  ................\n"
-
-Debug print buffer #4
-mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F00":"MyFile(0999)\: dumping 'Test return value' (17 bytes)\nMyFile(0999)\: 0000\:  00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f  ................\nMyFile(0999)\: 0010\:  00                                               .\n"
-
-Debug print buffer #5
-mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30":"MyFile(0999)\: dumping 'Test return value' (49 bytes)\nMyFile(0999)\: 0000\:  00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f  ................\nMyFile(0999)\: 0010\:  10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f  ................\nMyFile(0999)\: 0020\:  20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f   !"#$%&'()*+,-./\nMyFile(0999)\: 0030\:  30                                               0\n"
-
-Debug print certificate #1 (RSA)
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
-mbedtls_debug_print_crt:"data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version     \: 3\nMyFile(0999)\: serial number     \: 01\nMyFile(0999)\: issuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nMyFile(0999)\: subject name      \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nMyFile(0999)\: issued  on        \: 2019-02-10 14\:44\:06\nMyFile(0999)\: expires on        \: 2029-02-10 14\:44\:06\nMyFile(0999)\: signed using      \: RSA with SHA1\nMyFile(0999)\: RSA key size      \: 2048 bits\nMyFile(0999)\: basic constraints \: CA=false\nMyFile(0999)\: value of 'crt->rsa.N' (2048 bits) is\:\nMyFile(0999)\:  a9 02 1f 3d 40 6a d5 55 53 8b fd 36 ee 82 65 2e\nMyFile(0999)\:  15 61 5e 89 bf b8 e8 45 90 db ee 88 16 52 d3 f1\nMyFile(0999)\:  43 50 47 96 12 59 64 87 6b fd 2b e0 46 f9 73 be\nMyFile(0999)\:  dd cf 92 e1 91 5b ed 66 a0 6f 89 29 79 45 80 d0\nMyFile(0999)\:  83 6a d5 41 43 77 5f 39 7c 09 04 47 82 b0 57 39\nMyFile(0999)\:  70 ed a3 ec 15 19 1e a8 33 08 47 c1 05 42 a9 fd\nMyFile(0999)\:  4c c3 b4 df dd 06 1f 4d 10 51 40 67 73 13 0f 40\nMyFile(0999)\:  f8 6d 81 25 5f 0a b1 53 c6 30 7e 15 39 ac f9 5a\nMyFile(0999)\:  ee 7f 92 9e a6 05 5b e7 13 97 85 b5 23 92 d9 d4\nMyFile(0999)\:  24 06 d5 09 25 89 75 07 dd a6 1a 8f 3f 09 19 be\nMyFile(0999)\:  ad 65 2c 64 eb 95 9b dc fe 41 5e 17 a6 da 6c 5b\nMyFile(0999)\:  69 cc 02 ba 14 2c 16 24 9c 4a dc cd d0 f7 52 67\nMyFile(0999)\:  73 f1 2d a0 23 fd 7e f4 31 ca 2d 70 ca 89 0b 04\nMyFile(0999)\:  db 2e a6 4f 70 6e 9e ce bd 58 89 e2 53 59 9e 6e\nMyFile(0999)\:  5a 92 65 e2 88 3f 0c 94 19 a3 dd e5 e8 9d 95 13\nMyFile(0999)\:  ed 29 db ab 70 12 dc 5a ca 6b 17 ab 52 82 54 b1\nMyFile(0999)\: value of 'crt->rsa.E' (17 bits) is\:\nMyFile(0999)\:  01 00 01\n"
-
-Debug print certificate #2 (EC)
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C
-mbedtls_debug_print_crt:"data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version     \: 3\nMyFile(0999)\: serial number     \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name      \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued  on        \: 2019-02-10 14\:44\:00\nMyFile(0999)\: expires on        \: 2029-02-10 14\:44\:00\nMyFile(0999)\: signed using      \: ECDSA with SHA256\nMyFile(0999)\: EC key size       \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\nMyFile(0999)\: value of 'crt->eckey.Q(X)' (384 bits) is\:\nMyFile(0999)\:  c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43\nMyFile(0999)\:  4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95\nMyFile(0999)\:  39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d\nMyFile(0999)\: value of 'crt->eckey.Q(Y)' (384 bits) is\:\nMyFile(0999)\:  87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58\nMyFile(0999)\:  b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47\nMyFile(0999)\:  6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e\n"
-
-Debug print mbedtls_mpi #1
-mbedtls_debug_print_mpi:16:"01020304050607":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (49 bits) is\:\nMyFile(0999)\:  01 02 03 04 05 06 07\n"
-
-Debug print mbedtls_mpi #2
-mbedtls_debug_print_mpi:16:"00000000000007":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (3 bits) is\:\nMyFile(0999)\:  07\n"
-
-Debug print mbedtls_mpi #3
-mbedtls_debug_print_mpi:16:"00000000000000":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\:  00\n"
-
-Debug print mbedtls_mpi #4
-mbedtls_debug_print_mpi:16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\:  09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\:  14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\:  ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\:  09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\:  af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\:  52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
-
-Debug print mbedtls_mpi #5
-mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\:  09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\:  14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\:  ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\:  09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\:  af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\:  52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
-
-Debug print mbedtls_mpi #6
-mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000041379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (759 bits) is\:\nMyFile(0999)\:  41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a 14\nMyFile(0999)\:  2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90 ff\nMyFile(0999)\:  e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c 09\nMyFile(0999)\:  18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89 af\nMyFile(0999)\:  48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b 52\nMyFile(0999)\:  62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_debug.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_debug.function
deleted file mode 100644
index 377d630..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_debug.function
+++ /dev/null
@@ -1,195 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/debug.h"
-#include "string.h"
-
-struct buffer_data
-{
-    char buf[2000];
-    char *ptr;
-};
-
-void string_debug(void *data, int level, const char *file, int line, const char *str)
-{
-    struct buffer_data *buffer = (struct buffer_data *) data;
-    char *p = buffer->ptr;
-    ((void) level);
-
-    memcpy( p, file, strlen( file ) );
-    p += strlen( file );
-
-    *p++ = '(';
-    *p++ = '0' + ( line / 1000 ) % 10;
-    *p++ = '0' + ( line / 100  ) % 10;
-    *p++ = '0' + ( line / 10   ) % 10;
-    *p++ = '0' + ( line / 1    ) % 10;
-    *p++ = ')';
-    *p++ = ':';
-    *p++ = ' ';
-
-#if defined(MBEDTLS_THREADING_C)
-    /* Skip "thread ID" (up to the first space) as it is not predictable */
-    while( *str++ != ' ' );
-#endif
-
-    memcpy( p, str, strlen( str ) );
-    p += strlen( str );
-
-    /* Detect if debug messages output partial lines and mark them */
-    if( p[-1] != '\n' )
-        *p++ = '*';
-
-    buffer->ptr = p;
-}
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_DEBUG_C:MBEDTLS_SSL_TLS_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void debug_print_msg_threshold( int threshold, int level, char * file,
-                                int line, char * result_str )
-{
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-    struct buffer_data buffer;
-
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_config_init( &conf );
-    memset( buffer.buf, 0, 2000 );
-    buffer.ptr = buffer.buf;
-
-    TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
-
-    mbedtls_debug_set_threshold( threshold );
-    mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
-
-    mbedtls_debug_print_msg( &ssl, level, file, line,
-                             "Text message, 2 == %d", 2 );
-
-    TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 );
-
-exit:
-    mbedtls_ssl_free( &ssl );
-    mbedtls_ssl_config_free( &conf );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_debug_print_ret( char * file, int line, char * text, int value,
-                              char * result_str )
-{
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-    struct buffer_data buffer;
-
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_config_init( &conf );
-    memset( buffer.buf, 0, 2000 );
-    buffer.ptr = buffer.buf;
-
-    TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
-
-    mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
-
-    mbedtls_debug_print_ret( &ssl, 0, file, line, text, value);
-
-    TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 );
-
-exit:
-    mbedtls_ssl_free( &ssl );
-    mbedtls_ssl_config_free( &conf );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_debug_print_buf( char * file, int line, char * text,
-                              data_t * data, char * result_str )
-{
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-    struct buffer_data buffer;
-
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_config_init( &conf );
-    memset( buffer.buf, 0, 2000 );
-    buffer.ptr = buffer.buf;
-
-
-    TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
-
-    mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
-
-    mbedtls_debug_print_buf( &ssl, 0, file, line, text, data->x, data->len );
-
-    TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 );
-
-exit:
-    mbedtls_ssl_free( &ssl );
-    mbedtls_ssl_config_free( &conf );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
-void mbedtls_debug_print_crt( char * crt_file, char * file, int line,
-                              char * prefix, char * result_str )
-{
-    mbedtls_x509_crt   crt;
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-    struct buffer_data buffer;
-
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_config_init( &conf );
-    mbedtls_x509_crt_init( &crt );
-    memset( buffer.buf, 0, 2000 );
-    buffer.ptr = buffer.buf;
-
-    TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
-
-    mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
-
-    TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
-    mbedtls_debug_print_crt( &ssl, 0, file, line, prefix, &crt);
-
-    TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 );
-
-exit:
-    mbedtls_x509_crt_free( &crt );
-    mbedtls_ssl_free( &ssl );
-    mbedtls_ssl_config_free( &conf );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */
-void mbedtls_debug_print_mpi( int radix, char * value, char * file, int line,
-                              char * prefix, char * result_str )
-{
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-    struct buffer_data buffer;
-    mbedtls_mpi val;
-
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_config_init( &conf );
-    mbedtls_mpi_init( &val );
-    memset( buffer.buf, 0, 2000 );
-    buffer.ptr = buffer.buf;
-
-    TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &val, radix, value ) == 0 );
-
-    mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
-
-    mbedtls_debug_print_mpi( &ssl, 0, file, line, prefix, &val);
-
-    TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &val );
-    mbedtls_ssl_free( &ssl );
-    mbedtls_ssl_config_free( &conf );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_des.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_des.function
deleted file mode 100644
index 5b24935..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_des.function
+++ /dev/null
@@ -1,276 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/des.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_DES_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void des_check_weak( data_t * key, int ret )
-{
-    TEST_ASSERT( mbedtls_des_key_check_weak( key->x ) == ret );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void des_encrypt_ecb( data_t * key_str, data_t * src_str, data_t * dst )
-{
-    unsigned char output[100];
-    mbedtls_des_context ctx;
-
-    memset(output, 0x00, 100);
-    mbedtls_des_init( &ctx );
-
-
-    mbedtls_des_setkey_enc( &ctx, key_str->x );
-    TEST_ASSERT( mbedtls_des_crypt_ecb( &ctx, src_str->x, output ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 );
-
-exit:
-    mbedtls_des_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void des_decrypt_ecb( data_t * key_str, data_t * src_str, data_t * dst )
-{
-    unsigned char output[100];
-    mbedtls_des_context ctx;
-
-    memset(output, 0x00, 100);
-    mbedtls_des_init( &ctx );
-
-
-    mbedtls_des_setkey_dec( &ctx, key_str->x );
-    TEST_ASSERT( mbedtls_des_crypt_ecb( &ctx, src_str->x, output ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 );
-
-exit:
-    mbedtls_des_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void des_encrypt_cbc( data_t * key_str, data_t * iv_str,
-                      data_t * src_str, data_t * dst, int cbc_result )
-{
-    unsigned char output[100];
-    mbedtls_des_context ctx;
-
-    memset(output, 0x00, 100);
-    mbedtls_des_init( &ctx );
-
-
-    mbedtls_des_setkey_enc( &ctx, key_str->x );
-    TEST_ASSERT( mbedtls_des_crypt_cbc( &ctx, MBEDTLS_DES_ENCRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result );
-    if( cbc_result == 0 )
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len,
-                                          dst->len ) == 0 );
-    }
-
-exit:
-    mbedtls_des_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void des_decrypt_cbc( data_t * key_str, data_t * iv_str,
-                      data_t * src_str, data_t * dst,
-                      int cbc_result )
-{
-    unsigned char output[100];
-    mbedtls_des_context ctx;
-
-    memset(output, 0x00, 100);
-    mbedtls_des_init( &ctx );
-
-
-    mbedtls_des_setkey_dec( &ctx, key_str->x );
-    TEST_ASSERT( mbedtls_des_crypt_cbc( &ctx, MBEDTLS_DES_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result );
-    if( cbc_result == 0 )
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len,
-                                          dst->len ) == 0 );
-    }
-
-exit:
-    mbedtls_des_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void des3_encrypt_ecb( int key_count, data_t * key_str,
-                       data_t * src_str, data_t * dst )
-{
-    unsigned char output[100];
-    mbedtls_des3_context ctx;
-
-    memset(output, 0x00, 100);
-    mbedtls_des3_init( &ctx );
-
-
-    if( key_count == 2 )
-        mbedtls_des3_set2key_enc( &ctx, key_str->x );
-    else if( key_count == 3 )
-        mbedtls_des3_set3key_enc( &ctx, key_str->x );
-    else
-        TEST_ASSERT( 0 );
-
-    TEST_ASSERT( mbedtls_des3_crypt_ecb( &ctx, src_str->x, output ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 );
-
-exit:
-    mbedtls_des3_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void des3_decrypt_ecb( int key_count, data_t * key_str,
-                       data_t * src_str, data_t * dst )
-{
-    unsigned char output[100];
-    mbedtls_des3_context ctx;
-
-    memset(output, 0x00, 100);
-    mbedtls_des3_init( &ctx );
-
-
-    if( key_count == 2 )
-        mbedtls_des3_set2key_dec( &ctx, key_str->x );
-    else if( key_count == 3 )
-        mbedtls_des3_set3key_dec( &ctx, key_str->x );
-    else
-        TEST_ASSERT( 0 );
-
-    TEST_ASSERT( mbedtls_des3_crypt_ecb( &ctx, src_str->x, output ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 );
-
-exit:
-    mbedtls_des3_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void des3_encrypt_cbc( int key_count, data_t * key_str,
-                       data_t * iv_str, data_t * src_str,
-                       data_t * dst, int cbc_result )
-{
-    unsigned char output[100];
-    mbedtls_des3_context ctx;
-
-    memset(output, 0x00, 100);
-    mbedtls_des3_init( &ctx );
-
-
-    if( key_count == 2 )
-        mbedtls_des3_set2key_enc( &ctx, key_str->x );
-    else if( key_count == 3 )
-        mbedtls_des3_set3key_enc( &ctx, key_str->x );
-    else
-        TEST_ASSERT( 0 );
-
-    TEST_ASSERT( mbedtls_des3_crypt_cbc( &ctx, MBEDTLS_DES_ENCRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result );
-
-    if( cbc_result == 0 )
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x,
-                                          src_str->len, dst->len ) == 0 );
-    }
-
-exit:
-    mbedtls_des3_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void des3_decrypt_cbc( int key_count, data_t * key_str,
-                       data_t * iv_str, data_t * src_str,
-                       data_t * dst, int cbc_result )
-{
-    unsigned char output[100];
-    mbedtls_des3_context ctx;
-
-    memset(output, 0x00, 100);
-    mbedtls_des3_init( &ctx );
-
-
-    if( key_count == 2 )
-        mbedtls_des3_set2key_dec( &ctx, key_str->x );
-    else if( key_count == 3 )
-        mbedtls_des3_set3key_dec( &ctx, key_str->x );
-    else
-        TEST_ASSERT( 0 );
-
-    TEST_ASSERT( mbedtls_des3_crypt_cbc( &ctx, MBEDTLS_DES_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result );
-
-    if( cbc_result == 0 )
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len,
-                                          dst->len ) == 0 );
-    }
-
-exit:
-    mbedtls_des3_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void des_key_parity_run(  )
-{
-    int i, j, cnt;
-    unsigned char key[MBEDTLS_DES_KEY_SIZE];
-    unsigned int parity;
-
-    memset( key, 0, MBEDTLS_DES_KEY_SIZE );
-    cnt = 0;
-
-    // Iterate through all possible byte values
-    //
-    for( i = 0; i < 32; i++ )
-    {
-        for( j = 0; j < 8; j++ )
-            key[j] = cnt++;
-
-        // Set the key parity according to the table
-        //
-        mbedtls_des_key_set_parity( key );
-
-        // Check the parity with a function
-        //
-        for( j = 0; j < 8; j++ )
-        {
-            parity = key[j] ^ ( key[j] >> 4 );
-            parity = parity ^
-                    ( parity >> 1 ) ^
-                    ( parity >> 2 ) ^
-                    ( parity >> 3 );
-            parity &= 1;
-
-            if( parity != 1 )
-                TEST_ASSERT( 0 );
-        }
-
-        // Check the parity with the table
-        //
-        TEST_ASSERT( mbedtls_des_key_check_key_parity( key ) == 0 );
-    }
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void des_selftest(  )
-{
-    TEST_ASSERT( mbedtls_des_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_dhm.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_dhm.data
deleted file mode 100644
index c4795b6..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_dhm.data
+++ /dev/null
@@ -1,38 +0,0 @@
-Diffie-Hellman parameter validation
-dhm_invalid_params:
-
-Diffie-Hellman full exchange #1
-dhm_do_dhm:10:"23":10:"5":0
-
-Diffie-Hellman full exchange #2
-dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622":0
-
-Diffie-Hellman full exchange #3
-dhm_do_dhm:10:"93450983094850938450983409623982317398171298719873918739182739712938719287391879381271":10:"9345098309485093845098340962223981329819812792137312973297123912791271":0
-
-Diffie-Hellman trivial subgroup #1
-dhm_do_dhm:10:"23":10:"1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
-
-Diffie-Hellman trivial subgroup #2
-dhm_do_dhm:10:"23":10:"-1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
-
-Diffie-Hellman small modulus
-dhm_do_dhm:10:"3":10:"5":MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED
-
-Diffie-Hellman zero modulus
-dhm_do_dhm:10:"0":10:"5":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
-
-Diffie-Hellman MPI_MAX_SIZE modulus
-dhm_make_public:MBEDTLS_MPI_MAX_SIZE:10:"5":0
-
-Diffie-Hellman MPI_MAX_SIZE + 1 modulus
-dhm_make_public:MBEDTLS_MPI_MAX_SIZE + 1:10:"5":MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED+MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-Diffie-Hellman load parameters from file [#1]
-dhm_file:"data_files/dhparams.pem":"9e35f430443a09904f3a39a979797d070df53378e79c2438bef4e761f3c714553328589b041c809be1d6c6b5f1fc9f47d3a25443188253a992a56818b37ba9de5a40d362e56eff0be5417474c125c199272c8fe41dea733df6f662c92ae76556e755d10c64e6a50968f67fc6ea73d0dca8569be2ba204e23580d8bca2f4975b3":"02":128
-
-Diffie-Hellman load parameters from file [#2]
-dhm_file:"data_files/dh.optlen.pem":"b3126aeaf47153c7d67f403030b292b5bd5a6c9eae1c137af34087fce2a36a578d70c5c560ad2bdb924c4a4dbee20a1671be7103ce87defa76908936803dbeca60c33e1289c1a03ac2c6c4e49405e5902fa0596a1cbaa895cc402d5213ed4a5f1f5ba8b5e1ed3da951a4c475afeb0ca660b7368c38c8e809f382d96ae19e60dc984e61cb42b5dfd723322acf327f9e413cda6400c15c5b2ea1fa34405d83982fba40e6d852da3d91019bf23511314254dc211a90833e5b1798ee52a78198c555644729ad92f060367c74ded37704adfc273a4a33fec821bd2ebd3bc051730e97a4dd14d2b766062592f5eec09d16bb50efebf2cc00dd3e0e3418e60ec84870f7":"800abfe7dc667aa17bcd7c04614bc221a65482ccc04b604602b0e131908a938ea11b48dc515dab7abcbb1e0c7fd66511edc0d86551b7632496e03df94357e1c4ea07a7ce1e381a2fcafdff5f5bf00df828806020e875c00926e4d011f88477a1b01927d73813cad4847c6396b9244621be2b00b63c659253318413443cd244215cd7fd4cbe796e82c6cf70f89cc0c528fb8e344809b31876e7ef739d5160d095c9684188b0c8755c7a468d47f56d6db9ea012924ecb0556fb71312a8d7c93bb2898ea08ee54eeb594548285f06a973cbbe2a0cb02e90f323fe045521f34c68354a6d3e95dbfff1eb64692edc0a44f3d3e408d0e479a541e779a6054259e2d854":256
-
-Diffie-Hellman selftest
-dhm_selftest:
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_dhm.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_dhm.function
deleted file mode 100644
index 1726b9e..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_dhm.function
+++ /dev/null
@@ -1,285 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/dhm.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_DHM_C:MBEDTLS_BIGNUM_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void dhm_invalid_params( )
-{
-    mbedtls_dhm_context ctx;
-    unsigned char buf[42] = { 0 };
-    unsigned char *buf_null = NULL;
-    mbedtls_mpi X;
-    size_t const buflen = sizeof( buf );
-    size_t len;
-
-    TEST_INVALID_PARAM( mbedtls_dhm_init( NULL ) );
-    TEST_VALID_PARAM( mbedtls_dhm_free( NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_read_params( NULL,
-                                                     (unsigned char**) &buf,
-                                                     buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_read_params( &ctx, &buf_null, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_read_params( &ctx, NULL, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_read_params( &ctx,
-                                                     (unsigned char**) &buf,
-                                                     NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_make_params( NULL, buflen,
-                                                     buf, &len,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_make_params( &ctx, buflen,
-                                                     NULL, &len,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_make_params( &ctx, buflen,
-                                                     buf, NULL,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_make_params( &ctx, buflen,
-                                                     buf, &len,
-                                                     NULL,
-                                                     NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_set_group( NULL, &X, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_set_group( &ctx, NULL, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_set_group( &ctx, &X, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_read_public( NULL, buf, buflen ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_read_public( &ctx, NULL, buflen ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_make_public( NULL, buflen,
-                                                     buf, buflen,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_make_public( &ctx, buflen,
-                                                     NULL, buflen,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_make_public( &ctx, buflen,
-                                                     buf, buflen,
-                                                     NULL,
-                                                     NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_calc_secret( NULL, buf, buflen, &len,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_calc_secret( &ctx, NULL, buflen, &len,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_calc_secret( &ctx, buf, buflen, NULL,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-
-#if defined(MBEDTLS_ASN1_PARSE_C)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_parse_dhm( NULL, buf, buflen ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_parse_dhm( &ctx, NULL, buflen ) );
-
-#if defined(MBEDTLS_FS_IO)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_parse_dhmfile( NULL, "" ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
-                            mbedtls_dhm_parse_dhmfile( &ctx, NULL ) );
-#endif /* MBEDTLS_FS_IO */
-#endif /* MBEDTLS_ASN1_PARSE_C */
-
-exit:
-    return;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void dhm_do_dhm( int radix_P, char *input_P,
-                 int radix_G, char *input_G, int result )
-{
-    mbedtls_dhm_context ctx_srv;
-    mbedtls_dhm_context ctx_cli;
-    unsigned char ske[1000];
-    unsigned char *p = ske;
-    unsigned char pub_cli[1000];
-    unsigned char sec_srv[1000];
-    unsigned char sec_cli[1000];
-    size_t ske_len = 0;
-    size_t pub_cli_len = 0;
-    size_t sec_srv_len;
-    size_t sec_cli_len;
-    int x_size, i;
-    mbedtls_test_rnd_pseudo_info rnd_info;
-
-    mbedtls_dhm_init( &ctx_srv );
-    mbedtls_dhm_init( &ctx_cli );
-    memset( ske, 0x00, 1000 );
-    memset( pub_cli, 0x00, 1000 );
-    memset( sec_srv, 0x00, 1000 );
-    memset( sec_cli, 0x00, 1000 );
-    memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-    /*
-     * Set params
-     */
-    TEST_ASSERT( mbedtls_mpi_read_string( &ctx_srv.P, radix_P, input_P ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &ctx_srv.G, radix_G, input_G ) == 0 );
-    x_size = mbedtls_mpi_size( &ctx_srv.P );
-    pub_cli_len = x_size;
-
-    /*
-     * First key exchange
-     */
-    TEST_ASSERT( mbedtls_dhm_make_params( &ctx_srv, x_size, ske, &ske_len,
-                                          &mbedtls_test_rnd_pseudo_rand,
-                                          &rnd_info ) == result );
-    if ( result != 0 )
-        goto exit;
-
-    ske[ske_len++] = 0;
-    ske[ske_len++] = 0;
-    TEST_ASSERT( mbedtls_dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 );
-
-    TEST_ASSERT( mbedtls_dhm_make_public( &ctx_cli, x_size, pub_cli, pub_cli_len,
-                                          &mbedtls_test_rnd_pseudo_rand,
-                                          &rnd_info ) == 0 );
-    TEST_ASSERT( mbedtls_dhm_read_public( &ctx_srv, pub_cli, pub_cli_len ) == 0 );
-
-    TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_srv, sec_srv, sizeof( sec_srv ),
-                                          &sec_srv_len,
-                                          &mbedtls_test_rnd_pseudo_rand,
-                                          &rnd_info ) == 0 );
-    TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_cli, sec_cli, sizeof( sec_cli ), &sec_cli_len, NULL, NULL ) == 0 );
-
-    TEST_ASSERT( sec_srv_len == sec_cli_len );
-    TEST_ASSERT( sec_srv_len != 0 );
-    TEST_ASSERT( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 );
-
-    /* Re-do calc_secret on server a few times to test update of blinding values */
-    for( i = 0; i < 3; i++ )
-    {
-        sec_srv_len = 1000;
-        TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_srv, sec_srv,
-                                              sizeof( sec_srv ), &sec_srv_len,
-                                              &mbedtls_test_rnd_pseudo_rand,
-                                              &rnd_info ) == 0 );
-
-        TEST_ASSERT( sec_srv_len == sec_cli_len );
-        TEST_ASSERT( sec_srv_len != 0 );
-        TEST_ASSERT( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 );
-    }
-
-    /*
-     * Second key exchange to test change of blinding values on server
-     */
-    p = ske;
-
-    TEST_ASSERT( mbedtls_dhm_make_params( &ctx_srv, x_size, ske, &ske_len,
-                                          &mbedtls_test_rnd_pseudo_rand,
-                                          &rnd_info ) == 0 );
-    ske[ske_len++] = 0;
-    ske[ske_len++] = 0;
-    TEST_ASSERT( mbedtls_dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 );
-
-    TEST_ASSERT( mbedtls_dhm_make_public( &ctx_cli, x_size, pub_cli, pub_cli_len,
-                                          &mbedtls_test_rnd_pseudo_rand,
-                                          &rnd_info ) == 0 );
-    TEST_ASSERT( mbedtls_dhm_read_public( &ctx_srv, pub_cli, pub_cli_len ) == 0 );
-
-    TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_srv, sec_srv, sizeof( sec_srv ),
-                                          &sec_srv_len,
-                                          &mbedtls_test_rnd_pseudo_rand,
-                                          &rnd_info ) == 0 );
-    TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_cli, sec_cli, sizeof( sec_cli ), &sec_cli_len, NULL, NULL ) == 0 );
-
-    TEST_ASSERT( sec_srv_len == sec_cli_len );
-    TEST_ASSERT( sec_srv_len != 0 );
-    TEST_ASSERT( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 );
-
-exit:
-    mbedtls_dhm_free( &ctx_srv );
-    mbedtls_dhm_free( &ctx_cli );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void dhm_make_public( int P_bytes, int radix_G, char *input_G, int result )
-{
-    mbedtls_mpi P, G;
-    mbedtls_dhm_context ctx;
-    unsigned char output[MBEDTLS_MPI_MAX_SIZE];
-
-    mbedtls_mpi_init( &P );
-    mbedtls_mpi_init( &G );
-    mbedtls_dhm_init( &ctx );
-
-    TEST_ASSERT( mbedtls_mpi_lset( &P, 1 ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_shift_l( &P, ( P_bytes * 8 ) - 1 ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_set_bit( &P, 0, 1 ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &G, radix_G, input_G ) == 0 );
-
-    TEST_ASSERT( mbedtls_dhm_set_group( &ctx, &P, &G ) == 0 );
-    TEST_ASSERT( mbedtls_dhm_make_public( &ctx, (int) mbedtls_mpi_size( &P ),
-                                          output, sizeof(output),
-                                          &mbedtls_test_rnd_pseudo_rand,
-                                          NULL ) == result );
-
-exit:
-    mbedtls_mpi_free( &P );
-    mbedtls_mpi_free( &G );
-    mbedtls_dhm_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
-void dhm_file( char * filename, char * p, char * g, int len )
-{
-    mbedtls_dhm_context ctx;
-    mbedtls_mpi P, G;
-
-    mbedtls_dhm_init( &ctx );
-    mbedtls_mpi_init( &P ); mbedtls_mpi_init( &G );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &P, 16, p ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &G, 16, g ) == 0 );
-
-    TEST_ASSERT( mbedtls_dhm_parse_dhmfile( &ctx, filename ) == 0 );
-
-    TEST_ASSERT( ctx.len == (size_t) len );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &P ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.G, &G ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &P ); mbedtls_mpi_free( &G );
-    mbedtls_dhm_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void dhm_selftest(  )
-{
-    TEST_ASSERT( mbedtls_dhm_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecdh.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecdh.function
deleted file mode 100644
index 3ab96fa..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecdh.function
+++ /dev/null
@@ -1,611 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/ecdh.h"
-
-static int load_public_key( int grp_id, data_t *point,
-                            mbedtls_ecp_keypair *ecp )
-{
-    int ok = 0;
-    TEST_ASSERT( mbedtls_ecp_group_load( &ecp->grp, grp_id ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_point_read_binary( &ecp->grp,
-                                                &ecp->Q,
-                                                point->x,
-                                                point->len ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_check_pubkey( &ecp->grp,
-                                           &ecp->Q ) == 0 );
-    ok = 1;
-exit:
-    return( ok );
-}
-
-static int load_private_key( int grp_id, data_t *private_key,
-                             mbedtls_ecp_keypair *ecp,
-                             mbedtls_test_rnd_pseudo_info *rnd_info )
-{
-    int ok = 0;
-    TEST_ASSERT( mbedtls_ecp_read_key( grp_id, ecp,
-                                       private_key->x,
-                                       private_key->len ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_check_privkey( &ecp->grp, &ecp->d ) == 0 );
-    /* Calculate the public key from the private key. */
-    TEST_ASSERT( mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d,
-                                  &ecp->grp.G,
-                                  &mbedtls_test_rnd_pseudo_rand,
-                                  rnd_info ) == 0 );
-    ok = 1;
-exit:
-    return( ok );
-}
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_ECDH_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void ecdh_valid_param( )
-{
-    TEST_VALID_PARAM( mbedtls_ecdh_free( NULL ) );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void ecdh_invalid_param( )
-{
-    mbedtls_ecp_group grp;
-    mbedtls_ecdh_context ctx;
-    mbedtls_mpi m;
-    mbedtls_ecp_point P;
-    mbedtls_ecp_keypair kp;
-    size_t olen;
-    unsigned char buf[42] = { 0 };
-    const unsigned char *buf_null = NULL;
-    size_t const buflen = sizeof( buf );
-    int invalid_side = 42;
-    mbedtls_ecp_group_id valid_grp = MBEDTLS_ECP_DP_SECP192R1;
-
-    TEST_INVALID_PARAM( mbedtls_ecdh_init( NULL ) );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    TEST_INVALID_PARAM( mbedtls_ecdh_enable_restart( NULL ) );
-#endif /* MBEDTLS_ECP_RESTARTABLE */
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecdh_gen_public( NULL, &m, &P,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecdh_gen_public( &grp, NULL, &P,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecdh_gen_public( &grp, &m, NULL,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecdh_gen_public( &grp, &m, &P,
-                                                     NULL, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecdh_compute_shared( NULL, &m, &P, &m,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecdh_compute_shared( &grp, NULL, &P, &m,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecdh_compute_shared( &grp, &m, NULL, &m,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecdh_compute_shared( &grp, &m, &P, NULL,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecdh_setup( NULL, valid_grp ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-         mbedtls_ecdh_make_params( NULL, &olen, buf, buflen,
-                                   mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-         mbedtls_ecdh_make_params( &ctx, NULL, buf, buflen,
-                                   mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-         mbedtls_ecdh_make_params( &ctx, &olen, NULL, buflen,
-                                   mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-         mbedtls_ecdh_make_params( &ctx, &olen, buf, buflen, NULL, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecdh_read_params( NULL,
-                                                  (const unsigned char**) &buf,
-                                                  buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecdh_read_params( &ctx, &buf_null,
-                                                      buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecdh_read_params( &ctx, NULL, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecdh_read_params( &ctx,
-                                                  (const unsigned char**) &buf,
-                                                  NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecdh_get_params( NULL, &kp,
-                                                     MBEDTLS_ECDH_OURS ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecdh_get_params( &ctx, NULL,
-                                                     MBEDTLS_ECDH_OURS ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecdh_get_params( &ctx, &kp,
-                                                     invalid_side ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-         mbedtls_ecdh_make_public( NULL, &olen, buf, buflen,
-                                   mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-         mbedtls_ecdh_make_public( &ctx, NULL, buf, buflen,
-                                   mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-         mbedtls_ecdh_make_public( &ctx, &olen, NULL, buflen,
-                                   mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-         mbedtls_ecdh_make_public( &ctx, &olen, buf, buflen, NULL, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecdh_read_public( NULL, buf, buflen ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecdh_read_public( &ctx, NULL, buflen ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-         mbedtls_ecdh_calc_secret( NULL, &olen, buf, buflen,
-                                   mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-         mbedtls_ecdh_calc_secret( &ctx, NULL, buf, buflen,
-                                   mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-         mbedtls_ecdh_calc_secret( &ctx, &olen, NULL, buflen,
-                                   mbedtls_test_rnd_std_rand, NULL ) );
-
-exit:
-    return;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ecdh_primitive_random( int id )
-{
-    mbedtls_ecp_group grp;
-    mbedtls_ecp_point qA, qB;
-    mbedtls_mpi dA, dB, zA, zB;
-    mbedtls_test_rnd_pseudo_info rnd_info;
-
-    mbedtls_ecp_group_init( &grp );
-    mbedtls_ecp_point_init( &qA ); mbedtls_ecp_point_init( &qB );
-    mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &dB );
-    mbedtls_mpi_init( &zA ); mbedtls_mpi_init( &zB );
-    memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecdh_gen_public( &grp, &dA, &qA,
-                                          &mbedtls_test_rnd_pseudo_rand,
-                                          &rnd_info ) == 0 );
-    TEST_ASSERT( mbedtls_ecdh_gen_public( &grp, &dB, &qB,
-                                          &mbedtls_test_rnd_pseudo_rand,
-                                          &rnd_info ) == 0 );
-    TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zA, &qB, &dA,
-                                              &mbedtls_test_rnd_pseudo_rand,
-                                              &rnd_info ) == 0 );
-    TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zB, &qA, &dB,
-                                      NULL, NULL ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &zA, &zB ) == 0 );
-
-exit:
-    mbedtls_ecp_group_free( &grp );
-    mbedtls_ecp_point_free( &qA ); mbedtls_ecp_point_free( &qB );
-    mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &dB );
-    mbedtls_mpi_free( &zA ); mbedtls_mpi_free( &zB );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ecdh_primitive_testvec( int id, data_t * rnd_buf_A, char * xA_str,
-                             char * yA_str, data_t * rnd_buf_B,
-                             char * xB_str, char * yB_str, char * z_str )
-{
-    mbedtls_ecp_group grp;
-    mbedtls_ecp_point qA, qB;
-    mbedtls_mpi dA, dB, zA, zB, check;
-    mbedtls_test_rnd_buf_info rnd_info_A, rnd_info_B;
-
-    mbedtls_ecp_group_init( &grp );
-    mbedtls_ecp_point_init( &qA ); mbedtls_ecp_point_init( &qB );
-    mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &dB );
-    mbedtls_mpi_init( &zA ); mbedtls_mpi_init( &zB ); mbedtls_mpi_init( &check );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
-
-    rnd_info_A.buf = rnd_buf_A->x;
-    rnd_info_A.length = rnd_buf_A->len;
-
-    /* Fix rnd_buf_A->x by shifting it left if necessary */
-    if( grp.nbits % 8 != 0 )
-    {
-        unsigned char shift = 8 - ( grp.nbits % 8 );
-        size_t i;
-
-        for( i = 0; i < rnd_info_A.length - 1; i++ )
-            rnd_buf_A->x[i] = rnd_buf_A->x[i] << shift
-                         | rnd_buf_A->x[i+1] >> ( 8 - shift );
-
-        rnd_buf_A->x[rnd_info_A.length-1] <<= shift;
-    }
-
-    rnd_info_B.buf = rnd_buf_B->x;
-    rnd_info_B.length = rnd_buf_B->len;
-
-    /* Fix rnd_buf_B->x by shifting it left if necessary */
-    if( grp.nbits % 8 != 0 )
-    {
-        unsigned char shift = 8 - ( grp.nbits % 8 );
-        size_t i;
-
-        for( i = 0; i < rnd_info_B.length - 1; i++ )
-            rnd_buf_B->x[i] = rnd_buf_B->x[i] << shift
-                         | rnd_buf_B->x[i+1] >> ( 8 - shift );
-
-        rnd_buf_B->x[rnd_info_B.length-1] <<= shift;
-    }
-
-    TEST_ASSERT( mbedtls_ecdh_gen_public( &grp, &dA, &qA,
-                                          mbedtls_test_rnd_buffer_rand,
-                                          &rnd_info_A ) == 0 );
-    TEST_ASSERT( ! mbedtls_ecp_is_zero( &qA ) );
-    TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, xA_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qA.X, &check ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, yA_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qA.Y, &check ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecdh_gen_public( &grp, &dB, &qB,
-                                          mbedtls_test_rnd_buffer_rand,
-                                          &rnd_info_B ) == 0 );
-    TEST_ASSERT( ! mbedtls_ecp_is_zero( &qB ) );
-    TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, xB_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qB.X, &check ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, yB_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qB.Y, &check ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, z_str ) == 0 );
-    TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zA, &qB, &dA, NULL, NULL ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &zA, &check ) == 0 );
-    TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zB, &qA, &dB, NULL, NULL ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &zB, &check ) == 0 );
-
-exit:
-    mbedtls_ecp_group_free( &grp );
-    mbedtls_ecp_point_free( &qA ); mbedtls_ecp_point_free( &qB );
-    mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &dB );
-    mbedtls_mpi_free( &zA ); mbedtls_mpi_free( &zB ); mbedtls_mpi_free( &check );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ecdh_exchange( int id )
-{
-    mbedtls_ecdh_context srv, cli;
-    unsigned char buf[1000];
-    const unsigned char *vbuf;
-    size_t len;
-    mbedtls_test_rnd_pseudo_info rnd_info;
-    unsigned char res_buf[1000];
-    size_t res_len;
-
-    mbedtls_ecdh_init( &srv );
-    mbedtls_ecdh_init( &cli );
-    memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-    TEST_ASSERT( mbedtls_ecdh_setup( &srv, id ) == 0 );
-
-    memset( buf, 0x00, sizeof( buf ) ); vbuf = buf;
-    TEST_ASSERT( mbedtls_ecdh_make_params( &srv, &len, buf, 1000,
-                                           &mbedtls_test_rnd_pseudo_rand,
-                                           &rnd_info ) == 0 );
-    TEST_ASSERT( mbedtls_ecdh_read_params( &cli, &vbuf, buf + len ) == 0 );
-
-    memset( buf, 0x00, sizeof( buf ) );
-    TEST_ASSERT( mbedtls_ecdh_make_public( &cli, &len, buf, 1000,
-                                           &mbedtls_test_rnd_pseudo_rand,
-                                           &rnd_info ) == 0 );
-    TEST_ASSERT( mbedtls_ecdh_read_public( &srv, buf, len ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecdh_calc_secret( &srv, &len, buf, 1000,
-                                           &mbedtls_test_rnd_pseudo_rand,
-                                           &rnd_info ) == 0 );
-    TEST_ASSERT( mbedtls_ecdh_calc_secret( &cli, &res_len, res_buf, 1000,
-                                           NULL, NULL ) == 0 );
-    TEST_ASSERT( len == res_len );
-    TEST_ASSERT( memcmp( buf, res_buf, len ) == 0 );
-
-exit:
-    mbedtls_ecdh_free( &srv );
-    mbedtls_ecdh_free( &cli );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
-void ecdh_restart( int id, data_t *dA, data_t *dB, data_t *z,
-                   int enable, int max_ops, int min_restart, int max_restart )
-{
-    int ret;
-    mbedtls_ecdh_context srv, cli;
-    unsigned char buf[1000];
-    const unsigned char *vbuf;
-    size_t len;
-    mbedtls_test_rnd_buf_info rnd_info_A, rnd_info_B;
-    int cnt_restart;
-    mbedtls_ecp_group grp;
-
-    mbedtls_ecp_group_init( &grp );
-    mbedtls_ecdh_init( &srv );
-    mbedtls_ecdh_init( &cli );
-
-    rnd_info_A.buf = dA->x;
-    rnd_info_A.length = dA->len;
-
-    rnd_info_B.buf = dB->x;
-    rnd_info_B.length = dB->len;
-
-    /* The ECDH context is not guaranteed ot have an mbedtls_ecp_group structure
-     * in every configuration, therefore we load it separately. */
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
-
-    /* Otherwise we would have to fix the random buffer,
-     * as in ecdh_primitive_testvec. */
-    TEST_ASSERT( grp.nbits % 8 == 0 );
-
-    TEST_ASSERT( mbedtls_ecdh_setup( &srv, id ) == 0 );
-
-    /* set up restart parameters */
-    mbedtls_ecp_set_max_ops( max_ops );
-
-    if( enable )
-    {
-        mbedtls_ecdh_enable_restart( &srv );
-        mbedtls_ecdh_enable_restart( &cli );
-    }
-
-    /* server writes its parameters */
-    memset( buf, 0x00, sizeof( buf ) );
-    len = 0;
-
-    cnt_restart = 0;
-    do {
-        ret = mbedtls_ecdh_make_params( &srv, &len, buf, sizeof( buf ),
-                                        mbedtls_test_rnd_buffer_rand,
-                                        &rnd_info_A );
-    } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
-
-    TEST_ASSERT( ret == 0 );
-    TEST_ASSERT( cnt_restart >= min_restart );
-    TEST_ASSERT( cnt_restart <= max_restart );
-
-    /* client read server params */
-    vbuf = buf;
-    TEST_ASSERT( mbedtls_ecdh_read_params( &cli, &vbuf, buf + len ) == 0 );
-
-    /* client writes its key share */
-    memset( buf, 0x00, sizeof( buf ) );
-    len = 0;
-
-    cnt_restart = 0;
-    do {
-        ret = mbedtls_ecdh_make_public( &cli, &len, buf, sizeof( buf ),
-                                        mbedtls_test_rnd_buffer_rand,
-                                        &rnd_info_B );
-    } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
-
-    TEST_ASSERT( ret == 0 );
-    TEST_ASSERT( cnt_restart >= min_restart );
-    TEST_ASSERT( cnt_restart <= max_restart );
-
-    /* server reads client key share */
-    TEST_ASSERT( mbedtls_ecdh_read_public( &srv, buf, len ) == 0 );
-
-    /* server computes shared secret */
-    memset( buf, 0, sizeof( buf ) );
-    len = 0;
-
-    cnt_restart = 0;
-    do {
-        ret = mbedtls_ecdh_calc_secret( &srv, &len, buf, sizeof( buf ),
-                                              NULL, NULL );
-    } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
-
-    TEST_ASSERT( ret == 0 );
-    TEST_ASSERT( cnt_restart >= min_restart );
-    TEST_ASSERT( cnt_restart <= max_restart );
-
-    TEST_ASSERT( len == z->len );
-    TEST_ASSERT( memcmp( buf, z->x, len ) == 0 );
-
-    /* client computes shared secret */
-    memset( buf, 0, sizeof( buf ) );
-    len = 0;
-
-    cnt_restart = 0;
-    do {
-        ret = mbedtls_ecdh_calc_secret( &cli, &len, buf, sizeof( buf ),
-                                              NULL, NULL );
-    } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
-
-    TEST_ASSERT( ret == 0 );
-    TEST_ASSERT( cnt_restart >= min_restart );
-    TEST_ASSERT( cnt_restart <= max_restart );
-
-    TEST_ASSERT( len == z->len );
-    TEST_ASSERT( memcmp( buf, z->x, len ) == 0 );
-
-exit:
-    mbedtls_ecp_group_free( &grp );
-    mbedtls_ecdh_free( &srv );
-    mbedtls_ecdh_free( &cli );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ECDH_LEGACY_CONTEXT */
-void ecdh_exchange_legacy( int id )
-{
-    mbedtls_ecdh_context srv, cli;
-    unsigned char buf[1000];
-    const unsigned char *vbuf;
-    size_t len;
-
-    mbedtls_test_rnd_pseudo_info rnd_info;
-
-    mbedtls_ecdh_init( &srv );
-    mbedtls_ecdh_init( &cli );
-    memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &srv.grp, id ) == 0 );
-
-    memset( buf, 0x00, sizeof( buf ) ); vbuf = buf;
-    TEST_ASSERT( mbedtls_ecdh_make_params( &srv, &len, buf, 1000,
-                                           &mbedtls_test_rnd_pseudo_rand,
-                                           &rnd_info ) == 0 );
-    TEST_ASSERT( mbedtls_ecdh_read_params( &cli, &vbuf, buf + len ) == 0 );
-
-    memset( buf, 0x00, sizeof( buf ) );
-    TEST_ASSERT( mbedtls_ecdh_make_public( &cli, &len, buf, 1000,
-                                           &mbedtls_test_rnd_pseudo_rand,
-                                           &rnd_info ) == 0 );
-    TEST_ASSERT( mbedtls_ecdh_read_public( &srv, buf, len ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecdh_calc_secret( &srv, &len, buf, 1000,
-                                           &mbedtls_test_rnd_pseudo_rand,
-                                           &rnd_info ) == 0 );
-    TEST_ASSERT( mbedtls_ecdh_calc_secret( &cli, &len, buf, 1000, NULL,
-                                           NULL ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &srv.z, &cli.z ) == 0 );
-
-exit:
-    mbedtls_ecdh_free( &srv );
-    mbedtls_ecdh_free( &cli );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ecdh_exchange_calc_secret( int grp_id,
-                                data_t *our_private_key,
-                                data_t *their_point,
-                                int ours_first,
-                                data_t *expected )
-{
-    mbedtls_test_rnd_pseudo_info rnd_info;
-    mbedtls_ecp_keypair our_key;
-    mbedtls_ecp_keypair their_key;
-    mbedtls_ecdh_context ecdh;
-    unsigned char shared_secret[MBEDTLS_ECP_MAX_BYTES];
-    size_t shared_secret_length = 0;
-
-    memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
-    mbedtls_ecdh_init( &ecdh );
-    mbedtls_ecp_keypair_init( &our_key );
-    mbedtls_ecp_keypair_init( &their_key );
-
-    if( ! load_private_key( grp_id, our_private_key, &our_key, &rnd_info ) )
-        goto exit;
-    if( ! load_public_key( grp_id, their_point, &their_key ) )
-        goto exit;
-
-    /* Import the keys to the ECDH calculation. */
-    if( ours_first )
-    {
-        TEST_ASSERT( mbedtls_ecdh_get_params(
-                         &ecdh, &our_key, MBEDTLS_ECDH_OURS ) == 0 );
-        TEST_ASSERT( mbedtls_ecdh_get_params(
-                         &ecdh, &their_key, MBEDTLS_ECDH_THEIRS ) == 0 );
-    }
-    else
-    {
-        TEST_ASSERT( mbedtls_ecdh_get_params(
-                         &ecdh, &their_key, MBEDTLS_ECDH_THEIRS ) == 0 );
-        TEST_ASSERT( mbedtls_ecdh_get_params(
-                         &ecdh, &our_key, MBEDTLS_ECDH_OURS ) == 0 );
-    }
-
-    /* Perform the ECDH calculation. */
-    TEST_ASSERT( mbedtls_ecdh_calc_secret(
-                     &ecdh,
-                     &shared_secret_length,
-                     shared_secret, sizeof( shared_secret ),
-                     &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
-    TEST_ASSERT( shared_secret_length == expected->len );
-    TEST_ASSERT( memcmp( expected->x, shared_secret,
-                         shared_secret_length ) == 0 );
-
-exit:
-    mbedtls_ecdh_free( &ecdh );
-    mbedtls_ecp_keypair_free( &our_key );
-    mbedtls_ecp_keypair_free( &their_key );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ecdh_exchange_get_params_fail( int our_grp_id,
-                                    data_t *our_private_key,
-                                    int their_grp_id,
-                                    data_t *their_point,
-                                    int ours_first,
-                                    int expected_ret )
-{
-    mbedtls_test_rnd_pseudo_info rnd_info;
-    mbedtls_ecp_keypair our_key;
-    mbedtls_ecp_keypair their_key;
-    mbedtls_ecdh_context ecdh;
-
-    memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
-    mbedtls_ecdh_init( &ecdh );
-    mbedtls_ecp_keypair_init( &our_key );
-    mbedtls_ecp_keypair_init( &their_key );
-
-    if( ! load_private_key( our_grp_id, our_private_key, &our_key, &rnd_info ) )
-        goto exit;
-    if( ! load_public_key( their_grp_id, their_point, &their_key ) )
-        goto exit;
-
-    if( ours_first )
-    {
-        TEST_ASSERT( mbedtls_ecdh_get_params(
-                         &ecdh, &our_key, MBEDTLS_ECDH_OURS ) == 0 );
-        TEST_ASSERT( mbedtls_ecdh_get_params(
-                         &ecdh, &their_key, MBEDTLS_ECDH_THEIRS ) ==
-                     expected_ret );
-    }
-    else
-    {
-        TEST_ASSERT( mbedtls_ecdh_get_params(
-                         &ecdh, &their_key, MBEDTLS_ECDH_THEIRS ) == 0 );
-        TEST_ASSERT( mbedtls_ecdh_get_params(
-                         &ecdh, &our_key, MBEDTLS_ECDH_OURS ) ==
-                     expected_ret );
-    }
-
-exit:
-    mbedtls_ecdh_free( &ecdh );
-    mbedtls_ecp_keypair_free( &our_key );
-    mbedtls_ecp_keypair_free( &their_key );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecdsa.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecdsa.function
deleted file mode 100644
index e6da884..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecdsa.function
+++ /dev/null
@@ -1,533 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/ecdsa.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_ECDSA_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void ecdsa_invalid_param( )
-{
-    mbedtls_ecdsa_context ctx;
-    mbedtls_ecp_keypair key;
-    mbedtls_ecp_group grp;
-    mbedtls_ecp_group_id valid_group = MBEDTLS_ECP_DP_SECP192R1;
-    mbedtls_ecp_point P;
-    mbedtls_md_type_t valid_md = MBEDTLS_MD_SHA256;
-    mbedtls_mpi m;
-    size_t slen;
-    unsigned char buf[42] = { 0 };
-
-    TEST_INVALID_PARAM( mbedtls_ecdsa_init( NULL ) );
-    TEST_VALID_PARAM( mbedtls_ecdsa_free( NULL ) );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    TEST_INVALID_PARAM( mbedtls_ecdsa_restart_init( NULL ) );
-    TEST_VALID_PARAM( mbedtls_ecdsa_restart_free( NULL ) );
-#endif /* MBEDTLS_ECP_RESTARTABLE */
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecdsa_sign( NULL, &m, &m, &m,
-                                                buf, sizeof( buf ),
-                                                mbedtls_test_rnd_std_rand,
-                                                NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecdsa_sign( &grp, NULL, &m, &m,
-                                                buf, sizeof( buf ),
-                                                mbedtls_test_rnd_std_rand,
-                                                NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_sign( &grp, &m, NULL, &m,
-                                                buf, sizeof( buf ),
-                                                mbedtls_test_rnd_std_rand,
-                                                NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_sign( &grp, &m, &m, NULL,
-                                                buf, sizeof( buf ),
-                                                mbedtls_test_rnd_std_rand,
-                                                NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_sign( &grp, &m, &m, &m,
-                                                NULL, sizeof( buf ),
-                                                mbedtls_test_rnd_std_rand,
-                                                NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_sign( &grp, &m, &m, &m,
-                                                buf, sizeof( buf ),
-                                                NULL, NULL ) );
-
-#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_sign_det_ext( NULL, &m, &m, &m,
-                                                   buf, sizeof( buf ),
-                                                   valid_md,
-                                                   mbedtls_test_rnd_std_rand,
-                                                   NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_sign_det_ext( &grp, NULL, &m, &m,
-                                                   buf, sizeof( buf ),
-                                                   valid_md,
-                                                   mbedtls_test_rnd_std_rand,
-                                                   NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_sign_det_ext( &grp, &m, NULL, &m,
-                                                   buf, sizeof( buf ),
-                                                   valid_md,
-                                                   mbedtls_test_rnd_std_rand,
-                                                   NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_sign_det_ext( &grp, &m, &m, NULL,
-                                                   buf, sizeof( buf ),
-                                                   valid_md,
-                                                   mbedtls_test_rnd_std_rand,
-                                                   NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_sign_det_ext( &grp, &m, &m, &m,
-                                                   NULL, sizeof( buf ),
-                                                   valid_md,
-                                                   mbedtls_test_rnd_std_rand,
-                                                   NULL ) );
-#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_verify( NULL,
-                                                  buf, sizeof( buf ),
-                                                  &P, &m, &m ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_verify( &grp,
-                                                  NULL, sizeof( buf ),
-                                                  &P, &m, &m ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_verify( &grp,
-                                                  buf, sizeof( buf ),
-                                                  NULL, &m, &m ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_verify( &grp,
-                                                  buf, sizeof( buf ),
-                                                  &P, NULL, &m ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_verify( &grp,
-                                                  buf, sizeof( buf ),
-                                                  &P, &m, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-         mbedtls_ecdsa_write_signature( NULL, valid_md, buf, sizeof( buf ),
-                                        buf, &slen, mbedtls_test_rnd_std_rand,
-                                        NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-         mbedtls_ecdsa_write_signature( &ctx, valid_md, NULL, sizeof( buf ),
-                                        buf, &slen, mbedtls_test_rnd_std_rand,
-                                        NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-         mbedtls_ecdsa_write_signature( &ctx, valid_md, buf, sizeof( buf ),
-                                        NULL, &slen, mbedtls_test_rnd_std_rand,
-                                        NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-         mbedtls_ecdsa_write_signature( &ctx, valid_md, buf, sizeof( buf ),
-                                        buf, NULL, mbedtls_test_rnd_std_rand,
-                                        NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-         mbedtls_ecdsa_write_signature_restartable( NULL, valid_md, buf,
-                                                    sizeof( buf ), buf, &slen,
-                                                    mbedtls_test_rnd_std_rand,
-                                                    NULL, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-         mbedtls_ecdsa_write_signature_restartable( &ctx, valid_md, NULL,
-                                                    sizeof( buf ), buf, &slen,
-                                                    mbedtls_test_rnd_std_rand,
-                                                    NULL, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-         mbedtls_ecdsa_write_signature_restartable( &ctx, valid_md, buf,
-                                                    sizeof( buf ), NULL, &slen,
-                                                    mbedtls_test_rnd_std_rand,
-                                                    NULL, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-         mbedtls_ecdsa_write_signature_restartable( &ctx, valid_md, buf,
-                                                    sizeof( buf ), buf, NULL,
-                                                    mbedtls_test_rnd_std_rand,
-                                                    NULL, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_read_signature( NULL,
-                                                        buf, sizeof( buf ),
-                                                        buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_read_signature( &ctx,
-                                                        NULL, sizeof( buf ),
-                                                        buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_read_signature( &ctx,
-                                                        buf, sizeof( buf ),
-                                                        NULL, sizeof( buf ) ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_read_signature_restartable( NULL,
-                                                        buf, sizeof( buf ),
-                                                        buf, sizeof( buf ),
-                                                        NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_read_signature_restartable( &ctx,
-                                                        NULL, sizeof( buf ),
-                                                        buf, sizeof( buf ),
-                                                        NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_read_signature_restartable( &ctx,
-                                                        buf, sizeof( buf ),
-                                                        NULL, sizeof( buf ),
-                                                        NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_genkey( NULL, valid_group,
-                                             mbedtls_test_rnd_std_rand,
-                                             NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_genkey( &ctx, valid_group,
-                                                  NULL, NULL ) );
-
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_from_keypair( NULL, &key ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                       mbedtls_ecdsa_from_keypair( &ctx, NULL ) );
-
-exit:
-    return;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ecdsa_prim_random( int id )
-{
-    mbedtls_ecp_group grp;
-    mbedtls_ecp_point Q;
-    mbedtls_mpi d, r, s;
-    mbedtls_test_rnd_pseudo_info rnd_info;
-    unsigned char buf[MBEDTLS_MD_MAX_SIZE];
-
-    mbedtls_ecp_group_init( &grp );
-    mbedtls_ecp_point_init( &Q );
-    mbedtls_mpi_init( &d ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s );
-    memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
-    memset( buf, 0, sizeof( buf ) );
-
-    /* prepare material for signature */
-    TEST_ASSERT( mbedtls_test_rnd_pseudo_rand( &rnd_info,
-                                               buf, sizeof( buf ) ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_gen_keypair( &grp, &d, &Q,
-                                          &mbedtls_test_rnd_pseudo_rand,
-                                          &rnd_info ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecdsa_sign( &grp, &r, &s, &d, buf, sizeof( buf ),
-                                     &mbedtls_test_rnd_pseudo_rand,
-                                     &rnd_info ) == 0 );
-    TEST_ASSERT( mbedtls_ecdsa_verify( &grp, buf, sizeof( buf ), &Q, &r, &s ) == 0 );
-
-exit:
-    mbedtls_ecp_group_free( &grp );
-    mbedtls_ecp_point_free( &Q );
-    mbedtls_mpi_free( &d ); mbedtls_mpi_free( &r ); mbedtls_mpi_free( &s );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ecdsa_prim_test_vectors( int id, char * d_str, char * xQ_str,
-                              char * yQ_str, data_t * rnd_buf,
-                              data_t * hash, char * r_str, char * s_str,
-                              int result )
-{
-    mbedtls_ecp_group grp;
-    mbedtls_ecp_point Q;
-    mbedtls_mpi d, r, s, r_check, s_check;
-    mbedtls_test_rnd_buf_info rnd_info;
-
-    mbedtls_ecp_group_init( &grp );
-    mbedtls_ecp_point_init( &Q );
-    mbedtls_mpi_init( &d ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s );
-    mbedtls_mpi_init( &r_check ); mbedtls_mpi_init( &s_check );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_point_read_string( &Q, 16, xQ_str, yQ_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, d_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &r_check, 16, r_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &s_check, 16, s_str ) == 0 );
-    rnd_info.buf = rnd_buf->x;
-    rnd_info.length = rnd_buf->len;
-
-    /* Fix rnd_buf->x by shifting it left if necessary */
-    if( grp.nbits % 8 != 0 )
-    {
-        unsigned char shift = 8 - ( grp.nbits % 8 );
-        size_t i;
-
-        for( i = 0; i < rnd_info.length - 1; i++ )
-            rnd_buf->x[i] = rnd_buf->x[i] << shift | rnd_buf->x[i+1] >> ( 8 - shift );
-
-        rnd_buf->x[rnd_info.length-1] <<= shift;
-    }
-
-    TEST_ASSERT( mbedtls_ecdsa_sign( &grp, &r, &s, &d, hash->x, hash->len,
-                 mbedtls_test_rnd_buffer_rand, &rnd_info ) == result );
-
-    if ( result == 0)
-    {
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &r, &r_check ) == 0 );
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &s, &s_check ) == 0 );
-
-        TEST_ASSERT( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, &Q, &r_check, &s_check ) == 0 );
-
-        TEST_ASSERT( mbedtls_mpi_sub_int( &r, &r, 1 ) == 0 );
-        TEST_ASSERT( mbedtls_mpi_add_int( &s, &s, 1 ) == 0 );
-
-        TEST_ASSERT( mbedtls_ecdsa_verify( &grp, hash->x, hash->len,
-                     &Q, &r, &s_check ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
-        TEST_ASSERT( mbedtls_ecdsa_verify( &grp, hash->x, hash->len,
-                     &Q, &r_check, &s ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
-        TEST_ASSERT( mbedtls_ecdsa_verify( &grp, hash->x, hash->len,
-                     &grp.G, &r_check, &s_check ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
-    }
-
-exit:
-    mbedtls_ecp_group_free( &grp );
-    mbedtls_ecp_point_free( &Q );
-    mbedtls_mpi_free( &d ); mbedtls_mpi_free( &r ); mbedtls_mpi_free( &s );
-    mbedtls_mpi_free( &r_check ); mbedtls_mpi_free( &s_check );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_DETERMINISTIC */
-void ecdsa_det_test_vectors( int id, char * d_str, int md_alg, char * msg,
-                             char * r_str, char * s_str )
-{
-    mbedtls_ecp_group grp;
-    mbedtls_mpi d, r, s, r_check, s_check;
-    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
-    size_t hlen;
-    const mbedtls_md_info_t *md_info;
-
-    mbedtls_ecp_group_init( &grp );
-    mbedtls_mpi_init( &d ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s );
-    mbedtls_mpi_init( &r_check ); mbedtls_mpi_init( &s_check );
-    memset( hash, 0, sizeof( hash ) );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, d_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &r_check, 16, r_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &s_check, 16, s_str ) == 0 );
-
-    md_info = mbedtls_md_info_from_type( md_alg );
-    TEST_ASSERT( md_info != NULL );
-    hlen = mbedtls_md_get_size( md_info );
-    TEST_ASSERT( mbedtls_md( md_info, (const unsigned char *) msg,
-                 strlen( msg ), hash ) == 0 );
-
-    TEST_ASSERT(
-                mbedtls_ecdsa_sign_det_ext( &grp, &r, &s, &d, hash, hlen,
-                                            md_alg, mbedtls_test_rnd_std_rand,
-                                            NULL )
-                == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &r, &r_check ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &s, &s_check ) == 0 );
-
-exit:
-    mbedtls_ecp_group_free( &grp );
-    mbedtls_mpi_free( &d ); mbedtls_mpi_free( &r ); mbedtls_mpi_free( &s );
-    mbedtls_mpi_free( &r_check ); mbedtls_mpi_free( &s_check );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
-void ecdsa_write_read_random( int id )
-{
-    mbedtls_ecdsa_context ctx;
-    mbedtls_test_rnd_pseudo_info rnd_info;
-    unsigned char hash[32];
-    unsigned char sig[200];
-    size_t sig_len, i;
-
-    mbedtls_ecdsa_init( &ctx );
-    memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
-    memset( hash, 0, sizeof( hash ) );
-    memset( sig, 0x2a, sizeof( sig ) );
-
-    /* prepare material for signature */
-    TEST_ASSERT( mbedtls_test_rnd_pseudo_rand( &rnd_info,
-                                               hash, sizeof( hash ) ) == 0 );
-
-    /* generate signing key */
-    TEST_ASSERT( mbedtls_ecdsa_genkey( &ctx, id,
-                                       &mbedtls_test_rnd_pseudo_rand,
-                                       &rnd_info ) == 0 );
-
-    /* generate and write signature, then read and verify it */
-    TEST_ASSERT( mbedtls_ecdsa_write_signature( &ctx, MBEDTLS_MD_SHA256,
-                 hash, sizeof( hash ),
-                 sig, &sig_len, &mbedtls_test_rnd_pseudo_rand,
-                 &rnd_info ) == 0 );
-    TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
-                 sig, sig_len ) == 0 );
-
-    /* check we didn't write past the announced length */
-    for( i = sig_len; i < sizeof( sig ); i++ )
-        TEST_ASSERT( sig[i] == 0x2a );
-
-    /* try verification with invalid length */
-    TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
-                 sig, sig_len - 1 ) != 0 );
-    TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
-                 sig, sig_len + 1 ) != 0 );
-
-    /* try invalid sequence tag */
-    sig[0]++;
-    TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
-                 sig, sig_len ) != 0 );
-    sig[0]--;
-
-    /* try modifying r */
-    sig[10]++;
-    TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
-                 sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
-    sig[10]--;
-
-    /* try modifying s */
-    sig[sig_len - 1]++;
-    TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
-                 sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
-    sig[sig_len - 1]--;
-
-exit:
-    mbedtls_ecdsa_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
-void ecdsa_read_restart( int id, data_t *pk, data_t *hash, data_t *sig,
-                         int max_ops, int min_restart, int max_restart )
-{
-    mbedtls_ecdsa_context ctx;
-    mbedtls_ecdsa_restart_ctx rs_ctx;
-    int ret, cnt_restart;
-
-    mbedtls_ecdsa_init( &ctx );
-    mbedtls_ecdsa_restart_init( &rs_ctx );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &ctx.grp, id ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_point_read_binary( &ctx.grp, &ctx.Q,
-                                                pk->x, pk->len ) == 0 );
-
-    mbedtls_ecp_set_max_ops( max_ops );
-
-    cnt_restart = 0;
-    do {
-        ret = mbedtls_ecdsa_read_signature_restartable( &ctx,
-                            hash->x, hash->len, sig->x, sig->len, &rs_ctx );
-    } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
-
-    TEST_ASSERT( ret == 0 );
-    TEST_ASSERT( cnt_restart >= min_restart );
-    TEST_ASSERT( cnt_restart <= max_restart );
-
-    /* try modifying r */
-
-    TEST_ASSERT( sig->len > 10 );
-    sig->x[10]++;
-    do {
-        ret = mbedtls_ecdsa_read_signature_restartable( &ctx,
-                            hash->x, hash->len, sig->x, sig->len, &rs_ctx );
-    } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
-    TEST_ASSERT( ret == MBEDTLS_ERR_ECP_VERIFY_FAILED );
-    sig->x[10]--;
-
-    /* try modifying s */
-    sig->x[sig->len - 1]++;
-    do {
-        ret = mbedtls_ecdsa_read_signature_restartable( &ctx,
-                            hash->x, hash->len, sig->x, sig->len, &rs_ctx );
-    } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
-    TEST_ASSERT( ret == MBEDTLS_ERR_ECP_VERIFY_FAILED );
-    sig->x[sig->len - 1]--;
-
-    /* Do we leak memory when aborting an operation?
-     * This test only makes sense when we actually restart */
-    if( min_restart > 0 )
-    {
-        ret = mbedtls_ecdsa_read_signature_restartable( &ctx,
-                            hash->x, hash->len, sig->x, sig->len, &rs_ctx );
-        TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
-    }
-
-exit:
-    mbedtls_ecdsa_free( &ctx );
-    mbedtls_ecdsa_restart_free( &rs_ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_DETERMINISTIC */
-void ecdsa_write_restart( int id, char *d_str, int md_alg,
-                          char *msg, data_t *sig_check,
-                          int max_ops, int min_restart, int max_restart )
-{
-    int ret, cnt_restart;
-    mbedtls_ecdsa_restart_ctx rs_ctx;
-    mbedtls_ecdsa_context ctx;
-    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
-    unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
-    size_t hlen, slen;
-    const mbedtls_md_info_t *md_info;
-
-    mbedtls_ecdsa_restart_init( &rs_ctx );
-    mbedtls_ecdsa_init( &ctx );
-    memset( hash, 0, sizeof( hash ) );
-    memset( sig, 0, sizeof( sig ) );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &ctx.grp, id ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &ctx.d, 16, d_str ) == 0 );
-
-    md_info = mbedtls_md_info_from_type( md_alg );
-    TEST_ASSERT( md_info != NULL );
-
-    hlen = mbedtls_md_get_size( md_info );
-    TEST_ASSERT( mbedtls_md( md_info,
-                             (const unsigned char *) msg, strlen( msg ),
-                             hash ) == 0 );
-
-    mbedtls_ecp_set_max_ops( max_ops );
-
-    slen = sizeof( sig );
-    cnt_restart = 0;
-    do {
-        ret = mbedtls_ecdsa_write_signature_restartable( &ctx,
-                md_alg, hash, hlen, sig, &slen, NULL, NULL, &rs_ctx );
-    } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
-
-    TEST_ASSERT( ret == 0 );
-    TEST_ASSERT( slen == sig_check->len );
-    TEST_ASSERT( memcmp( sig, sig_check->x, slen ) == 0 );
-
-    TEST_ASSERT( cnt_restart >= min_restart );
-    TEST_ASSERT( cnt_restart <= max_restart );
-
-    /* Do we leak memory when aborting an operation?
-     * This test only makes sense when we actually restart */
-    if( min_restart > 0 )
-    {
-        ret = mbedtls_ecdsa_write_signature_restartable( &ctx,
-                md_alg, hash, hlen, sig, &slen, NULL, NULL, &rs_ctx );
-        TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
-    }
-
-exit:
-    mbedtls_ecdsa_restart_free( &rs_ctx );
-    mbedtls_ecdsa_free( &ctx );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecjpake.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecjpake.function
deleted file mode 100644
index ab672a8..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecjpake.function
+++ /dev/null
@@ -1,296 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/ecjpake.h"
-
-#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && defined(MBEDTLS_SHA256_C)
-static const unsigned char ecjpake_test_x1[] = {
-    0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
-    0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
-    0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x21
-};
-
-static const unsigned char ecjpake_test_x2[] = {
-    0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c,
-    0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78,
-    0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x81
-};
-
-static const unsigned char ecjpake_test_x3[] = {
-    0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c,
-    0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78,
-    0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x81
-};
-
-static const unsigned char ecjpake_test_x4[] = {
-    0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc,
-    0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8,
-    0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, 0xe1
-};
-
-static const unsigned char ecjpake_test_X1[] = {
-    0x04, 0xac, 0xcf, 0x01, 0x06, 0xef, 0x85, 0x8f, 0xa2, 0xd9, 0x19, 0x33,
-    0x13, 0x46, 0x80, 0x5a, 0x78, 0xb5, 0x8b, 0xba, 0xd0, 0xb8, 0x44, 0xe5,
-    0xc7, 0x89, 0x28, 0x79, 0x14, 0x61, 0x87, 0xdd, 0x26, 0x66, 0xad, 0xa7,
-    0x81, 0xbb, 0x7f, 0x11, 0x13, 0x72, 0x25, 0x1a, 0x89, 0x10, 0x62, 0x1f,
-    0x63, 0x4d, 0xf1, 0x28, 0xac, 0x48, 0xe3, 0x81, 0xfd, 0x6e, 0xf9, 0x06,
-    0x07, 0x31, 0xf6, 0x94, 0xa4
-};
-
-static const unsigned char ecjpake_test_X2[] = {
-    0x04, 0x7e, 0xa6, 0xe3, 0xa4, 0x48, 0x70, 0x37, 0xa9, 0xe0, 0xdb, 0xd7,
-    0x92, 0x62, 0xb2, 0xcc, 0x27, 0x3e, 0x77, 0x99, 0x30, 0xfc, 0x18, 0x40,
-    0x9a, 0xc5, 0x36, 0x1c, 0x5f, 0xe6, 0x69, 0xd7, 0x02, 0xe1, 0x47, 0x79,
-    0x0a, 0xeb, 0x4c, 0xe7, 0xfd, 0x65, 0x75, 0xab, 0x0f, 0x6c, 0x7f, 0xd1,
-    0xc3, 0x35, 0x93, 0x9a, 0xa8, 0x63, 0xba, 0x37, 0xec, 0x91, 0xb7, 0xe3,
-    0x2b, 0xb0, 0x13, 0xbb, 0x2b
-};
-
-static const unsigned char ecjpake_test_X3[] = {
-    0x04, 0x7e, 0xa6, 0xe3, 0xa4, 0x48, 0x70, 0x37, 0xa9, 0xe0, 0xdb, 0xd7,
-    0x92, 0x62, 0xb2, 0xcc, 0x27, 0x3e, 0x77, 0x99, 0x30, 0xfc, 0x18, 0x40,
-    0x9a, 0xc5, 0x36, 0x1c, 0x5f, 0xe6, 0x69, 0xd7, 0x02, 0xe1, 0x47, 0x79,
-    0x0a, 0xeb, 0x4c, 0xe7, 0xfd, 0x65, 0x75, 0xab, 0x0f, 0x6c, 0x7f, 0xd1,
-    0xc3, 0x35, 0x93, 0x9a, 0xa8, 0x63, 0xba, 0x37, 0xec, 0x91, 0xb7, 0xe3,
-    0x2b, 0xb0, 0x13, 0xbb, 0x2b
-};
-
-static const unsigned char ecjpake_test_X4[] = {
-    0x04, 0x19, 0x0a, 0x07, 0x70, 0x0f, 0xfa, 0x4b, 0xe6, 0xae, 0x1d, 0x79,
-    0xee, 0x0f, 0x06, 0xae, 0xb5, 0x44, 0xcd, 0x5a, 0xdd, 0xaa, 0xbe, 0xdf,
-    0x70, 0xf8, 0x62, 0x33, 0x21, 0x33, 0x2c, 0x54, 0xf3, 0x55, 0xf0, 0xfb,
-    0xfe, 0xc7, 0x83, 0xed, 0x35, 0x9e, 0x5d, 0x0b, 0xf7, 0x37, 0x7a, 0x0f,
-    0xc4, 0xea, 0x7a, 0xce, 0x47, 0x3c, 0x9c, 0x11, 0x2b, 0x41, 0xcc, 0xd4,
-    0x1a, 0xc5, 0x6a, 0x56, 0x12
-};
-
-/* Load my private and public keys, and peer's public keys */
-static int ecjpake_test_load( mbedtls_ecjpake_context *ctx,
-                              const unsigned char *xm1, size_t len_xm1,
-                              const unsigned char *xm2, size_t len_xm2,
-                              const unsigned char *Xm1, size_t len_Xm1,
-                              const unsigned char *Xm2, size_t len_Xm2,
-                              const unsigned char *Xp1, size_t len_Xp1,
-                              const unsigned char *Xp2, size_t len_Xp2 )
-{
-    int ret;
-
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm1, xm1, len_xm1 ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm2, xm2, len_xm2 ) );
-
-    MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( &ctx->grp,
-                     &ctx->Xm1, Xm1, len_Xm1 ) );
-    MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( &ctx->grp,
-                     &ctx->Xm2, Xm2, len_Xm2 ) );
-    MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( &ctx->grp,
-                     &ctx->Xp1, Xp1, len_Xp1 ) );
-    MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( &ctx->grp,
-                     &ctx->Xp2, Xp2, len_Xp2 ) );
-
-cleanup:
-    return( ret );
-}
-
-#define ADD_SIZE( x )   x, sizeof( x )
-#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED && MBEDTLS_SHA256_C */
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_ECJPAKE_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void ecjpake_invalid_param( )
-{
-    mbedtls_ecjpake_context ctx;
-    unsigned char buf[42] = { 0 };
-    size_t olen;
-    size_t const len = sizeof( buf );
-    mbedtls_ecjpake_role valid_role = MBEDTLS_ECJPAKE_SERVER;
-    mbedtls_ecjpake_role invalid_role = (mbedtls_ecjpake_role) 42;
-    mbedtls_md_type_t valid_md = MBEDTLS_MD_SHA256;
-    mbedtls_ecp_group_id valid_group = MBEDTLS_ECP_DP_SECP256R1;
-
-    TEST_INVALID_PARAM( mbedtls_ecjpake_init( NULL ) );
-    TEST_VALID_PARAM( mbedtls_ecjpake_free( NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecjpake_setup( NULL,
-                                                   valid_role,
-                                                   valid_md,
-                                                   valid_group,
-                                                   buf, len ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecjpake_setup( &ctx,
-                                                   invalid_role,
-                                                   valid_md,
-                                                   valid_group,
-                                                   buf, len ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecjpake_setup( &ctx,
-                                                   valid_role,
-                                                   valid_md,
-                                                   valid_group,
-                                                   NULL, len ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecjpake_check( NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-        mbedtls_ecjpake_write_round_one( NULL, buf, len, &olen,
-                                         mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-        mbedtls_ecjpake_write_round_one( &ctx, NULL, len, &olen,
-                                         mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-        mbedtls_ecjpake_write_round_one( &ctx, buf, len, NULL,
-                                         mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-        mbedtls_ecjpake_write_round_one( &ctx, buf, len, &olen, NULL, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-        mbedtls_ecjpake_write_round_two( NULL, buf, len, &olen,
-                                         mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-        mbedtls_ecjpake_write_round_two( &ctx, NULL, len, &olen,
-                                         mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-        mbedtls_ecjpake_write_round_two( &ctx, buf, len, NULL,
-                                         mbedtls_test_rnd_std_rand, NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-        mbedtls_ecjpake_write_round_two( &ctx, buf, len, &olen, NULL, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecjpake_read_round_one( NULL,
-                                                            buf, len ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecjpake_read_round_one( &ctx,
-                                                            NULL, len ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecjpake_read_round_two( NULL,
-                                                            buf, len ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecjpake_read_round_two( &ctx,
-                                                            NULL, len ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-        mbedtls_ecjpake_derive_secret( NULL, buf, len, &olen,
-                                       mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-        mbedtls_ecjpake_derive_secret( &ctx, NULL, len, &olen,
-                                       mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-        mbedtls_ecjpake_derive_secret( &ctx, buf, len, NULL,
-                                       mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-        mbedtls_ecjpake_derive_secret( &ctx, buf, len, &olen, NULL, NULL ) );
-
-exit:
-    return;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void ecjpake_selftest(  )
-{
-    TEST_ASSERT( mbedtls_ecjpake_self_test( 1 ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */
-void read_bad_md( data_t *msg )
-{
-    mbedtls_ecjpake_context corrupt_ctx;
-    const unsigned char * pw = NULL;
-    const size_t pw_len = 0;
-    int any_role = MBEDTLS_ECJPAKE_CLIENT;
-
-    mbedtls_ecjpake_init( &corrupt_ctx );
-    TEST_ASSERT( mbedtls_ecjpake_setup( &corrupt_ctx, any_role,
-                 MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, pw_len ) == 0 );
-    corrupt_ctx.md_info = NULL;
-
-    TEST_ASSERT( mbedtls_ecjpake_read_round_one( &corrupt_ctx, msg->x,
-                 msg->len ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-exit:
-    mbedtls_ecjpake_free( &corrupt_ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */
-void read_round_one( int role, data_t * msg, int ref_ret )
-{
-    mbedtls_ecjpake_context ctx;
-    const unsigned char * pw = NULL;
-    const size_t pw_len = 0;
-
-    mbedtls_ecjpake_init( &ctx );
-
-    TEST_ASSERT( mbedtls_ecjpake_setup( &ctx, role,
-                 MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, pw_len ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecjpake_read_round_one( &ctx, msg->x, msg->len ) == ref_ret );
-
-exit:
-    mbedtls_ecjpake_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */
-void read_round_two_cli( data_t * msg, int ref_ret )
-{
-    mbedtls_ecjpake_context ctx;
-    const unsigned char * pw = NULL;
-    const size_t pw_len = 0;
-
-    mbedtls_ecjpake_init( &ctx );
-
-    TEST_ASSERT( mbedtls_ecjpake_setup( &ctx, MBEDTLS_ECJPAKE_CLIENT,
-                 MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, pw_len ) == 0 );
-
-    TEST_ASSERT( ecjpake_test_load( &ctx,
-                 ADD_SIZE( ecjpake_test_x1 ), ADD_SIZE( ecjpake_test_x2 ),
-                 ADD_SIZE( ecjpake_test_X1 ), ADD_SIZE( ecjpake_test_X2 ),
-                 ADD_SIZE( ecjpake_test_X3 ), ADD_SIZE( ecjpake_test_X4 ) )
-            == 0 );
-
-    TEST_ASSERT( mbedtls_ecjpake_read_round_two( &ctx, msg->x, msg->len ) == ref_ret );
-
-exit:
-    mbedtls_ecjpake_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */
-void read_round_two_srv( data_t * msg, int ref_ret )
-{
-    mbedtls_ecjpake_context ctx;
-    const unsigned char * pw = NULL;
-    const size_t pw_len = 0;
-
-    mbedtls_ecjpake_init( &ctx );
-
-    TEST_ASSERT( mbedtls_ecjpake_setup( &ctx, MBEDTLS_ECJPAKE_SERVER,
-                 MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, pw_len ) == 0 );
-
-    TEST_ASSERT( ecjpake_test_load( &ctx,
-                 ADD_SIZE( ecjpake_test_x3 ), ADD_SIZE( ecjpake_test_x4 ),
-                 ADD_SIZE( ecjpake_test_X3 ), ADD_SIZE( ecjpake_test_X4 ),
-                 ADD_SIZE( ecjpake_test_X1 ), ADD_SIZE( ecjpake_test_X2 ) )
-            == 0 );
-
-    TEST_ASSERT( mbedtls_ecjpake_read_round_two( &ctx, msg->x, msg->len ) == ref_ret );
-
-exit:
-    mbedtls_ecjpake_free( &ctx );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecp.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecp.data
deleted file mode 100644
index 408a9b7..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecp.data
+++ /dev/null
@@ -1,510 +0,0 @@
-ECP valid params
-ecp_valid_param:
-
-ECP invalid params
-ecp_invalid_param:
-
-ECP curve info #1
-depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED
-mbedtls_ecp_curve_info:MBEDTLS_ECP_DP_BP512R1:28:512:"brainpoolP512r1"
-
-ECP curve info #2
-depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED
-mbedtls_ecp_curve_info:MBEDTLS_ECP_DP_BP384R1:27:384:"brainpoolP384r1"
-
-ECP curve info #3
-depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED
-mbedtls_ecp_curve_info:MBEDTLS_ECP_DP_BP256R1:26:256:"brainpoolP256r1"
-
-ECP curve info #4
-depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-mbedtls_ecp_curve_info:MBEDTLS_ECP_DP_SECP521R1:25:521:"secp521r1"
-
-ECP curve info #5
-depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-mbedtls_ecp_curve_info:MBEDTLS_ECP_DP_SECP384R1:24:384:"secp384r1"
-
-ECP curve info #6
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-mbedtls_ecp_curve_info:MBEDTLS_ECP_DP_SECP256R1:23:256:"secp256r1"
-
-ECP curve info #7
-depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
-mbedtls_ecp_curve_info:MBEDTLS_ECP_DP_SECP224R1:21:224:"secp224r1"
-
-ECP curve info #8
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-mbedtls_ecp_curve_info:MBEDTLS_ECP_DP_SECP192R1:19:192:"secp192r1"
-
-ECP check pubkey Montgomery #1 (too big)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"010000000000000000000000000000000000000000000000000000000000000000":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
-
-ECP check pubkey Montgomery #2 (biggest)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":0
-
-ECP check pubkey Koblitz #1 (point not on curve)
-depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
-ecp_check_pub:MBEDTLS_ECP_DP_SECP224K1:"E2000000000000BB3A13D43B323337383935321F0603551D":"100101FF040830060101FF02010A30220603551D0E041B04636FC0C0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
-
-ECP check pubkey Koblitz #2 (coordinate not affine)
-depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
-ecp_check_pub:MBEDTLS_ECP_DP_SECP224K1:"E2000000000000BB3A13D43B323337383935321F0603551D":"100101FF040830060101FF02010A30220603551D0E041B04636FC0C0":"101":MBEDTLS_ERR_ECP_INVALID_KEY
-
-ECP write binary #1 (zero, uncompressed, buffer just fits)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_write_binary:MBEDTLS_ECP_DP_SECP192R1:"01":"01":"00":MBEDTLS_ECP_PF_UNCOMPRESSED:"00":1:0
-
-ECP write binary #2 (zero, buffer too small)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_write_binary:MBEDTLS_ECP_DP_SECP192R1:"01":"01":"00":MBEDTLS_ECP_PF_UNCOMPRESSED:"00":0:MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
-
-ECP write binary #3 (non-zero, uncompressed, buffer just fits)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_write_binary:MBEDTLS_ECP_DP_SECP192R1:"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"6ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"01":MBEDTLS_ECP_PF_UNCOMPRESSED:"0448d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc99336ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":49:0
-
-ECP write binary #4 (non-zero, uncompressed, buffer too small)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_write_binary:MBEDTLS_ECP_DP_SECP192R1:"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"6ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"01":MBEDTLS_ECP_PF_UNCOMPRESSED:"0448d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc99336ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":48:MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
-
-ECP write binary #5 (zero, compressed, buffer just fits)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_write_binary:MBEDTLS_ECP_DP_SECP192R1:"01":"01":"00":MBEDTLS_ECP_PF_COMPRESSED:"00":1:0
-
-ECP write binary #6 (zero, buffer too small)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_write_binary:MBEDTLS_ECP_DP_SECP192R1:"01":"01":"00":MBEDTLS_ECP_PF_COMPRESSED:"00":0:MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
-
-ECP write binary #7 (even, compressed, buffer just fits)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_write_binary:MBEDTLS_ECP_DP_SECP192R1:"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"6ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"01":MBEDTLS_ECP_PF_COMPRESSED:"0248d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":25:0
-
-ECP write binary #8 (even, compressed, buffer too small)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_write_binary:MBEDTLS_ECP_DP_SECP192R1:"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"6ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"01":MBEDTLS_ECP_PF_COMPRESSED:"0248d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":24:MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
-
-ECP write binary #9 (odd, compressed, buffer just fits)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_write_binary:MBEDTLS_ECP_DP_SECP192R1:"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"93112b28345b7d1d7799611e49bea9d8290cb2d7afe1f9f3":"01":MBEDTLS_ECP_PF_COMPRESSED:"0348d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":25:0
-
-ECP write binary #10 (Montgomery, buffer just fits)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_write_binary:MBEDTLS_ECP_DP_CURVE25519:"11223344556677889900aabbccddeeff11223344556677889900aabbccddeeff":"0":"1":MBEDTLS_ECP_PF_COMPRESSED:"ffeeddccbbaa00998877665544332211ffeeddccbbaa00998877665544332211":32:0
-
-ECP write binary #11 (Montgomery, buffer too small)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_write_binary:MBEDTLS_ECP_DP_CURVE25519:"11223344556677889900aabbccddeeff11223344556677889900aabbccddeeff":"0":"1":MBEDTLS_ECP_PF_COMPRESSED:"ffeeddccbbaa00998877665544332211ffeeddccbbaa00998877665544332211":31:MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
-
-ECP read binary #1 (zero, invalid ilen)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_read_binary:MBEDTLS_ECP_DP_SECP192R1:"0000":"01":"01":"00":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
-
-ECP read binary #2 (zero, invalid first byte)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_read_binary:MBEDTLS_ECP_DP_SECP192R1:"01":"01":"01":"00":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE
-
-ECP read binary #3 (zero, OK)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_read_binary:MBEDTLS_ECP_DP_SECP192R1:"00":"01":"01":"00":0
-
-ECP read binary #4 (non-zero, invalid ilen)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_read_binary:MBEDTLS_ECP_DP_SECP192R1:"04001122":"01":"01":"00":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
-
-ECP read binary #5 (non-zero, invalid first byte)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_read_binary:MBEDTLS_ECP_DP_SECP192R1:"0548d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc99336ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"6ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"01":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE
-
-ECP read binary #6 (non-zero, OK)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_read_binary:MBEDTLS_ECP_DP_SECP192R1:"0448d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc99336ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"6ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"01":0
-
-ECP read binary #7 (Curve25519, OK)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_read_binary:MBEDTLS_ECP_DP_CURVE25519:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"6a4e9baa8ea9a4ebf41a38260d3abf0d5af73eb4dc7d8b7454a7308909f02085":"0":"1":0
-
-ECP read binary #8 (Curve25519, masked first bit)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_read_binary:MBEDTLS_ECP_DP_CURVE25519:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4efa":"7a4e9baa8ea9a4ebf41a38260d3abf0d5af73eb4dc7d8b7454a7308909f02085":"0":"1":0
-
-ECP read binary #9 (Curve25519, too short)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_read_binary:MBEDTLS_ECP_DP_CURVE25519:"20f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"6a4e9baa8ea9a4ebf41a38260d3abf0d5af73eb4dc7d8b7454a7308909f020":"0":"1":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
-
-ECP read binary #10 (Curve25519, non-canonical)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_read_binary:MBEDTLS_ECP_DP_CURVE25519:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f":"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"0":"1":0
-
-ECP read binary #11 (Curve25519, masked non-canonical)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_read_binary:MBEDTLS_ECP_DP_CURVE25519:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"0":"1":0
-
-ECP read binary #12 (Curve25519, too long)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_read_binary:MBEDTLS_ECP_DP_CURVE25519:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a00":"6a4e9baa8ea9a4ebf41a38260d3abf0d5af73eb4dc7d8b7454a7308909f02085":"0":"1":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
-
-ECP tls read point #1 (zero, invalid length byte)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-mbedtls_ecp_tls_read_point:MBEDTLS_ECP_DP_SECP192R1:"0200":"01":"01":"00":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
-
-ECP tls read point #2 (zero, OK)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-mbedtls_ecp_tls_read_point:MBEDTLS_ECP_DP_SECP192R1:"0100":"01":"01":"00":0
-
-ECP tls read point #3 (non-zero, invalid length byte)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-mbedtls_ecp_tls_read_point:MBEDTLS_ECP_DP_SECP192R1:"300448d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc99336ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"6ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"01":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
-
-ECP tls read point #4 (non-zero, OK)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-mbedtls_ecp_tls_read_point:MBEDTLS_ECP_DP_SECP192R1:"310448d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc99336ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"6ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"01":0
-
-ECP tls write-read point #1
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_tls_write_read_point:MBEDTLS_ECP_DP_SECP192R1
-
-ECP tls write-read point #2
-depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-ecp_tls_write_read_point:MBEDTLS_ECP_DP_SECP521R1
-
-ECP tls read group #1 (record too short)
-mbedtls_ecp_tls_read_group:"0313":MBEDTLS_ERR_ECP_BAD_INPUT_DATA:0:0
-
-ECP tls read group #2 (bad curve_type)
-mbedtls_ecp_tls_read_group:"010013":MBEDTLS_ERR_ECP_BAD_INPUT_DATA:0:0
-
-ECP tls read group #3 (unknown curve)
-mbedtls_ecp_tls_read_group:"030010":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:0:0
-
-ECP tls read group #4 (OK, buffer just fits)
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-mbedtls_ecp_tls_read_group:"030017":0:256:3
-
-ECP tls read group #5 (OK, buffer continues)
-depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-mbedtls_ecp_tls_read_group:"0300180000":0:384:3
-
-ECP tls write-read group #1
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_tls_write_read_group:MBEDTLS_ECP_DP_SECP192R1
-
-ECP tls write-read group #2
-depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-ecp_tls_write_read_group:MBEDTLS_ECP_DP_SECP521R1
-
-ECP check privkey #1 (short weierstrass, too small)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_SECP192R1:"00":MBEDTLS_ERR_ECP_INVALID_KEY
-
-ECP check privkey #2 (short weierstrass, smallest)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_SECP192R1:"01":0
-
-ECP check privkey #3 (short weierstrass, biggest)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22830":0
-
-ECP check privkey #4 (short weierstrass, too big)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831":MBEDTLS_ERR_ECP_INVALID_KEY
-
-ECP check privkey #5 (montgomery, too big)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"C000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ECP_INVALID_KEY
-
-ECP check privkey #6 (montgomery, not big enough)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0":MBEDTLS_ERR_ECP_INVALID_KEY
-
-ECP check privkey #7 (montgomery, msb OK)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"4000000000000000000000000000000000000000000000000000000000000000":0
-
-ECP check privkey #8 (montgomery, bit 0 set)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"4000000000000000000000000000000000000000000000000000000000000001":MBEDTLS_ERR_ECP_INVALID_KEY
-
-ECP check privkey #9 (montgomery, bit 1 set)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"4000000000000000000000000000000000000000000000000000000000000002":MBEDTLS_ERR_ECP_INVALID_KEY
-
-ECP check privkey #10 (montgomery, bit 2 set)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"4000000000000000000000000000000000000000000000000000000000000004":MBEDTLS_ERR_ECP_INVALID_KEY
-
-ECP check privkey #11 (montgomery, OK)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF8":0
-
-ECP check public-private #1 (OK)
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-mbedtls_ecp_check_pub_priv:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ECP_DP_SECP256R1:"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":0
-
-ECP check public-private #2 (group none)
-mbedtls_ecp_check_pub_priv:MBEDTLS_ECP_DP_NONE:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ECP_DP_NONE:"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
-
-ECP check public-private #3 (group mismatch)
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-mbedtls_ecp_check_pub_priv:MBEDTLS_ECP_DP_SECP384R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ECP_DP_SECP256R1:"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
-
-ECP check public-private #4 (Qx mismatch)
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-mbedtls_ecp_check_pub_priv:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596293":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ECP_DP_SECP256R1:"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
-
-ECP check public-private #5 (Qy mismatch)
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-mbedtls_ecp_check_pub_priv:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edfe":MBEDTLS_ECP_DP_SECP256R1:"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
-
-ECP check public-private #6 (wrong Qx)
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-mbedtls_ecp_check_pub_priv:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596293":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ECP_DP_SECP256R1:"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596293":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
-
-ECP check public-private #7 (wrong Qy)
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-mbedtls_ecp_check_pub_priv:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edfe":MBEDTLS_ECP_DP_SECP256R1:"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edfe":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
-
-ECP gen keypair [#1]
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-mbedtls_ecp_gen_keypair:MBEDTLS_ECP_DP_SECP192R1
-
-ECP gen keypair [#2]
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_gen_keypair:MBEDTLS_ECP_DP_CURVE25519
-
-ECP gen keypair wrapper
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-mbedtls_ecp_gen_key:MBEDTLS_ECP_DP_SECP192R1
-
-ECP read key #1 (short weierstrass, too small)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"00":MBEDTLS_ERR_ECP_INVALID_KEY:0
-
-ECP read key #2 (short weierstrass, smallest)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"01":0:1
-
-ECP read key #3 (short weierstrass, biggest)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22830":0:1
-
-ECP read key #4 (short weierstrass, too big)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831":MBEDTLS_ERR_ECP_INVALID_KEY:0
-
-ECP read key #5 (Curve25519, most significant bit set)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"00000000000000000000000000000000000000000000000000000000000000C0":0:0
-
-ECP read key #6 (Curve25519, second most significant bit unset)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"F0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3F":0:0
-
-ECP read key #7 (Curve25519, msb OK)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0000000000000000000000000000000000000000000000000000000000000040":0:1
-
-ECP read key #8 (Curve25519, bit 0 set)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0100000000000000000000000000000000000000000000000000000000000040":0:0
-
-ECP read key #9 (Curve25519, bit 1 set)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0200000000000000000000000000000000000000000000000000000000000040":0:0
-
-ECP read key #10 (Curve25519, bit 2 set)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0400000000000000000000000000000000000000000000000000000000000040":0:0
-
-ECP read key #11 (Curve25519, OK)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"F8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7F":0:1
-
-ECP read key #12 (Curve25519, too long)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"00000000000000000000000000000000000000000000000000000000000000000C":MBEDTLS_ERR_ECP_INVALID_KEY:0
-
-ECP read key #13 (Curve25519, not long enough)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"F0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3F":MBEDTLS_ERR_ECP_INVALID_KEY:0
-
-ECP read key #14 (Curve448, not supported)
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE448:"FCFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:0
-
-ECP read key #15 (Curve25519, not supported)
-depends_on:!MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"F8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7F":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:0
-
-ECP read key #15 (invalid curve)
-mbedtls_ecp_read_key:INT_MAX:"F8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7F":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:0
-
-ECP read key #16 (Curve25519 RFC, OK)
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":0:1
-
-ECP mod p192 small (more than 192 bits, less limbs than 2 * 192 bits)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_fast_mod:MBEDTLS_ECP_DP_SECP192R1:"0100000000000103010000000000010201000000000001010100000000000100"
-
-ECP mod p192 readable
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_fast_mod:MBEDTLS_ECP_DP_SECP192R1:"010000000000010501000000000001040100000000000103010000000000010201000000000001010100000000000100"
-
-ECP mod p192 readable with carry
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_fast_mod:MBEDTLS_ECP_DP_SECP192R1:"FF00000000010500FF00000000010400FF00000000010300FF00000000010200FF00000000010100FF00000000010000"
-
-ECP mod p192 random
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_fast_mod:MBEDTLS_ECP_DP_SECP192R1:"36CF96B45D706A0954D89E52CE5F38517A2270E0175849B6F3740151D238CCABEF921437E475881D83BB69E4AA258EBD"
-
-ECP mod p192 (from a past failure case)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_fast_mod:MBEDTLS_ECP_DP_SECP192R1:"1AC2D6F96A2A425E9DD1776DD8368D4BBC86BF4964E79FEA713583BF948BBEFF0939F96FB19EC48C585BDA6A2D35C750"
-
-ECP mod p224 readable without carry
-depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
-ecp_fast_mod:MBEDTLS_ECP_DP_SECP224R1:"0000000D0000000C0000000B0000000A0000000900000008000000070000FF060000FF050000FF040000FF03000FF0020000FF010000FF00"
-
-ECP mod p224 readable with negative carry
-depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
-ecp_fast_mod:MBEDTLS_ECP_DP_SECP224R1:"0000000D0000000C0000000B0000000A00000009000000080000000700000006000000050000000400000003000000020000000100000000"
-
-ECP mod p224 readable with positive carry
-depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
-ecp_fast_mod:MBEDTLS_ECP_DP_SECP224R1:"0000000D0000000C0000000BFFFFFF0AFFFFFF09FFFFFF08FFFFFF070000FF060000FF050000FF040000FF03000FF0020000FF010000FF00"
-
-ECP mod p224 readable with final negative carry
-depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
-ecp_fast_mod:MBEDTLS_ECP_DP_SECP224R1:"FF00000D0000000C0000000B0000000A00000009000000080000000700000006000000050000000400000003000000020000000100000000"
-
-ECP mod p521 very small
-depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-ecp_fast_mod:MBEDTLS_ECP_DP_SECP521R1:"01"
-
-ECP mod p521 small (522 bits)
-depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-ecp_fast_mod:MBEDTLS_ECP_DP_SECP521R1:"030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
-
-ECP mod p521 readable
-depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-ecp_fast_mod:MBEDTLS_ECP_DP_SECP521R1:"03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
-
-ECP mod p521 readable with carry
-depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-ecp_fast_mod:MBEDTLS_ECP_DP_SECP521R1:"03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"
-
-ECP test vectors secp192r1 rfc 5114
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecp_test_vect:MBEDTLS_ECP_DP_SECP192R1:"323FA3169D8E9C6593F59476BC142000AB5BE0E249C43426":"CD46489ECFD6C105E7B3D32566E2B122E249ABAADD870612":"68887B4877DF51DD4DC3D6FD11F0A26F8FD3844317916E9A":"631F95BB4A67632C9C476EEE9AB695AB240A0499307FCF62":"519A121680E0045466BA21DF2EEE47F5973B500577EF13D5":"FF613AB4D64CEE3A20875BDB10F953F6B30CA072C60AA57F":"AD420182633F8526BFE954ACDA376F05E5FF4F837F54FEBE":"4371545ED772A59741D0EDA32C671112B7FDDD51461FCF32"
-
-ECP test vectors secp224r1 rfc 5114
-depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
-ecp_test_vect:MBEDTLS_ECP_DP_SECP224R1:"B558EB6C288DA707BBB4F8FBAE2AB9E9CB62E3BC5C7573E22E26D37F":"49DFEF309F81488C304CFF5AB3EE5A2154367DC7833150E0A51F3EEB":"4F2B5EE45762C4F654C1A0C67F54CF88B016B51BCE3D7C228D57ADB4":"AC3B1ADD3D9770E6F6A708EE9F3B8E0AB3B480E9F27F85C88B5E6D18":"6B3AC96A8D0CDE6A5599BE8032EDF10C162D0A8AD219506DCD42A207":"D491BE99C213A7D1CA3706DEBFE305F361AFCBB33E2609C8B1618AD5":"52272F50F46F4EDC9151569092F46DF2D96ECC3B6DC1714A4EA949FA":"5F30C6AA36DDC403C0ACB712BB88F1763C3046F6D919BD9C524322BF"
-
-ECP test vectors secp256r1 rfc 5114
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-ecp_test_vect:MBEDTLS_ECP_DP_SECP256R1:"814264145F2F56F2E96A8E337A1284993FAF432A5ABCE59E867B7291D507A3AF":"2AF502F3BE8952F2C9B5A8D4160D09E97165BE50BC42AE4A5E8D3B4BA83AEB15":"EB0FAF4CA986C4D38681A0F9872D79D56795BD4BFF6E6DE3C0F5015ECE5EFD85":"2CE1788EC197E096DB95A200CC0AB26A19CE6BCCAD562B8EEE1B593761CF7F41":"B120DE4AA36492795346E8DE6C2C8646AE06AAEA279FA775B3AB0715F6CE51B0":"9F1B7EECE20D7B5ED8EC685FA3F071D83727027092A8411385C34DDE5708B2B6":"DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788":"0357DCCD4C804D0D8D33AA42B848834AA5605F9AB0D37239A115BBB647936F50"
-
-ECP test vectors secp384r1 rfc 5114
-depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-ecp_test_vect:MBEDTLS_ECP_DP_SECP384R1:"D27335EA71664AF244DD14E9FD1260715DFD8A7965571C48D709EE7A7962A156D706A90CBCB5DF2986F05FEADB9376F1":"793148F1787634D5DA4C6D9074417D05E057AB62F82054D10EE6B0403D6279547E6A8EA9D1FD77427D016FE27A8B8C66":"C6C41294331D23E6F480F4FB4CD40504C947392E94F4C3F06B8F398BB29E42368F7A685923DE3B67BACED214A1A1D128":"52D1791FDB4B70F89C0F00D456C2F7023B6125262C36A7DF1F80231121CCE3D39BE52E00C194A4132C4A6C768BCD94D2":"5CD42AB9C41B5347F74B8D4EFB708B3D5B36DB65915359B44ABC17647B6B9999789D72A84865AE2F223F12B5A1ABC120":"E171458FEAA939AAA3A8BFAC46B404BD8F6D5B348C0FA4D80CECA16356CA933240BDE8723415A8ECE035B0EDF36755DE":"5EA1FC4AF7256D2055981B110575E0A8CAE53160137D904C59D926EB1B8456E427AA8A4540884C37DE159A58028ABC0E":"0CC59E4B046414A81C8A3BDFDCA92526C48769DD8D3127CAA99B3632D1913942DE362EAFAA962379374D9F3F066841CA"
-
-ECP test vectors secp521r1 rfc 5114
-depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-ecp_test_vect:MBEDTLS_ECP_DP_SECP521R1:"0113F82DA825735E3D97276683B2B74277BAD27335EA71664AF2430CC4F33459B9669EE78B3FFB9B8683015D344DCBFEF6FB9AF4C6C470BE254516CD3C1A1FB47362":"01EBB34DD75721ABF8ADC9DBED17889CBB9765D90A7C60F2CEF007BB0F2B26E14881FD4442E689D61CB2DD046EE30E3FFD20F9A45BBDF6413D583A2DBF59924FD35C":"00F6B632D194C0388E22D8437E558C552AE195ADFD153F92D74908351B2F8C4EDA94EDB0916D1B53C020B5EECAED1A5FC38A233E4830587BB2EE3489B3B42A5A86A4":"00CEE3480D8645A17D249F2776D28BAE616952D1791FDB4B70F7C3378732AA1B22928448BCD1DC2496D435B01048066EBE4F72903C361B1A9DC1193DC2C9D0891B96":"010EBFAFC6E85E08D24BFFFCC1A4511DB0E634BEEB1B6DEC8C5939AE44766201AF6200430BA97C8AC6A0E9F08B33CE7E9FEEB5BA4EE5E0D81510C24295B8A08D0235":"00A4A6EC300DF9E257B0372B5E7ABFEF093436719A77887EBB0B18CF8099B9F4212B6E30A1419C18E029D36863CC9D448F4DBA4D2A0E60711BE572915FBD4FEF2695":"00CDEA89621CFA46B132F9E4CFE2261CDE2D4368EB5656634C7CC98C7A00CDE54ED1866A0DD3E6126C9D2F845DAFF82CEB1DA08F5D87521BB0EBECA77911169C20CC":"00F9A71641029B7FC1A808AD07CD4861E868614B865AFBECAB1F2BD4D8B55EBCB5E3A53143CEB2C511B1AE0AF5AC827F60F2FD872565AC5CA0A164038FE980A7E4BD"
-
-ECP test vectors brainpoolP256r1 rfc 7027
-depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED
-ecp_test_vect:MBEDTLS_ECP_DP_BP256R1:"81DB1EE100150FF2EA338D708271BE38300CB54241D79950F77B063039804F1D":"44106E913F92BC02A1705D9953A8414DB95E1AAA49E81D9E85F929A8E3100BE5":"8AB4846F11CACCB73CE49CBDD120F5A900A69FD32C272223F789EF10EB089BDC":"55E40BC41E37E3E2AD25C3C6654511FFA8474A91A0032087593852D3E7D76BD3":"8D2D688C6CF93E1160AD04CC4429117DC2C41825E1E9FCA0ADDD34E6F1B39F7B":"990C57520812BE512641E47034832106BC7D3E8DD0E4C7F1136D7006547CEC6A":"89AFC39D41D3B327814B80940B042590F96556EC91E6AE7939BCE31F3A18BF2B":"49C27868F4ECA2179BFD7D59B1E3BF34C1DBDE61AE12931648F43E59632504DE"
-
-ECP test vectors brainpoolP384r1 rfc 7027
-depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED
-ecp_test_vect:MBEDTLS_ECP_DP_BP384R1:"1E20F5E048A5886F1F157C74E91BDE2B98C8B52D58E5003D57053FC4B0BD65D6F15EB5D1EE1610DF870795143627D042":"68B665DD91C195800650CDD363C625F4E742E8134667B767B1B476793588F885AB698C852D4A6E77A252D6380FCAF068":"55BC91A39C9EC01DEE36017B7D673A931236D2F1F5C83942D049E3FA20607493E0D038FF2FD30C2AB67D15C85F7FAA59":"032640BC6003C59260F7250C3DB58CE647F98E1260ACCE4ACDA3DD869F74E01F8BA5E0324309DB6A9831497ABAC96670":"4D44326F269A597A5B58BBA565DA5556ED7FD9A8A9EB76C25F46DB69D19DC8CE6AD18E404B15738B2086DF37E71D1EB4":"62D692136DE56CBE93BF5FA3188EF58BC8A3A0EC6C1E151A21038A42E9185329B5B275903D192F8D4E1F32FE9CC78C48":"0BD9D3A7EA0B3D519D09D8E48D0785FB744A6B355E6304BC51C229FBBCE239BBADF6403715C35D4FB2A5444F575D4F42":"0DF213417EBE4D8E40A5F76F66C56470C489A3478D146DECF6DF0D94BAE9E598157290F8756066975F1DB34B2324B7BD"
-
-ECP test vectors brainpoolP512r1 rfc 7027
-depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED
-ecp_test_vect:MBEDTLS_ECP_DP_BP512R1:"16302FF0DBBB5A8D733DAB7141C1B45ACBC8715939677F6A56850A38BD87BD59B09E80279609FF333EB9D4C061231FB26F92EEB04982A5F1D1764CAD57665422":"0A420517E406AAC0ACDCE90FCD71487718D3B953EFD7FBEC5F7F27E28C6149999397E91E029E06457DB2D3E640668B392C2A7E737A7F0BF04436D11640FD09FD":"72E6882E8DB28AAD36237CD25D580DB23783961C8DC52DFA2EC138AD472A0FCEF3887CF62B623B2A87DE5C588301EA3E5FC269B373B60724F5E82A6AD147FDE7":"230E18E1BCC88A362FA54E4EA3902009292F7F8033624FD471B5D8ACE49D12CFABBC19963DAB8E2F1EBA00BFFB29E4D72D13F2224562F405CB80503666B25429":"9D45F66DE5D67E2E6DB6E93A59CE0BB48106097FF78A081DE781CDB31FCE8CCBAAEA8DD4320C4119F1E9CD437A2EAB3731FA9668AB268D871DEDA55A5473199F":"2FDC313095BCDD5FB3A91636F07A959C8E86B5636A1E930E8396049CB481961D365CC11453A06C719835475B12CB52FC3C383BCE35E27EF194512B71876285FA":"A7927098655F1F9976FA50A9D566865DC530331846381C87256BAF3226244B76D36403C024D7BBF0AA0803EAFF405D3D24F11A9B5C0BEF679FE1454B21C4CD1F":"7DB71C3DEF63212841C463E881BDCF055523BD368240E6C3143BD8DEF8B3B3223B95E0F53082FF5E412F4222537A43DF1C6D25729DDB51620A832BE6A26680A2"
-
-ECP test vectors Curve25519
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_test_vec_x:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"057E23EA9F1CBE8A27168F6E696A791DE61DD3AF7ACD4EEACC6E7BA514FDA863":"47DC3D214174820E1154B49BC6CDB2ABD45EE95817055D255AA35831B70D3260":"6EB89DA91989AE37C7EAC7618D9E5C4951DBA1D73C285AE1CD26A855020EEF04":"61450CD98E36016B58776A897A9F0AEF738B99F09468B8D6B8511184D53494AB"
-
-ECP point multiplication Curve25519 (normalized) #1
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"09":"00":"01":"057E23EA9F1CBE8A27168F6E696A791DE61DD3AF7ACD4EEACC6E7BA514FDA863":"00":"01":0
-
-ECP point multiplication Curve25519 (not normalized) #2
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"1B":"00":"03":"057E23EA9F1CBE8A27168F6E696A791DE61DD3AF7ACD4EEACC6E7BA514FDA863":"00":"01":MBEDTLS_ERR_ECP_INVALID_KEY
-
-ECP point multiplication Curve25519 (element of order 2: origin) #3
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"00":"00":"01":"00":"01":"00":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
-
-ECP point multiplication Curve25519 (element of order 4: 1) #4
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"01":"00":"01":"00":"01":"00":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
-
-ECP point multiplication Curve25519 (element of order 8) #5
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"B8495F16056286FDB1329CEB8D09DA6AC49FF1FAE35616AEB8413B7C7AEBE0":"00":"01":"00":"01":"00":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
-
-ECP point multiplication rng fail secp256r1
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-ecp_test_mul_rng:MBEDTLS_ECP_DP_SECP256R1:"814264145F2F56F2E96A8E337A1284993FAF432A5ABCE59E867B7291D507A3AF"
-
-ECP point multiplication rng fail Curve25519
-depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecp_test_mul_rng:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660"
-
-ECP test vectors Curve448 (RFC 7748 6.2, after decodeUCoordinate)
-depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
-ecp_test_vec_x:MBEDTLS_ECP_DP_CURVE448:"eb7298a5c0d8c29a1dab27f1a6826300917389449741a974f5bac9d98dc298d46555bce8bae89eeed400584bb046cf75579f51d125498f98":"a01fc432e5807f17530d1288da125b0cd453d941726436c8bbd9c5222c3da7fa639ce03db8d23b274a0721a1aed5227de6e3b731ccf7089b":"ad997351b6106f36b0d1091b929c4c37213e0d2b97e85ebb20c127691d0dad8f1d8175b0723745e639a3cb7044290b99e0e2a0c27a6a301c":"0936f37bc6c1bd07ae3dec7ab5dc06a73ca13242fb343efc72b9d82730b445f3d4b0bd077162a46dcfec6f9b590bfcbcf520cdb029a8b73e":"9d874a5137509a449ad5853040241c5236395435c36424fd560b0cb62b281d285275a740ce32a22dd1740f4aa9161cec95ccc61a18f4ff07"
-
-ECP test vectors secp192k1
-depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED
-ecp_test_vect:MBEDTLS_ECP_DP_SECP192K1:"D1E13A359F6E0F0698791938E6D60246030AE4B0D8D4E9DE":"281BCA982F187ED30AD5E088461EBE0A5FADBB682546DF79":"3F68A8E9441FB93A4DD48CB70B504FCC9AA01902EF5BE0F3":"BE97C5D2A1A94D081E3FACE53E65A27108B7467BDF58DE43":"5EB35E922CD693F7947124F5920022C4891C04F6A8B8DCB2":"60ECF73D0FC43E0C42E8E155FFE39F9F0B531F87B34B6C3C":"372F5C5D0E18313C82AEF940EC3AFEE26087A46F1EBAE923":"D5A9F9182EC09CEAEA5F57EA10225EC77FA44174511985FD"
-
-ECP test vectors secp224k1
-depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
-ecp_test_vect:MBEDTLS_ECP_DP_SECP224K1:"8EAD9B2819A3C2746B3EDC1E0D30F23271CDAC048C0615C961B1A9D3":"DEE0A75EF26CF8F501DB80807A3A0908E5CF01852709C1D35B31428B":"276D2B817918F7CD1DA5CCA081EC4B62CD255E0ACDC9F85FA8C52CAC":"AB7E70AEDA68A174ECC1F3800561B2D4FABE97C5D2A1A94D081E3FAC":"D2E94B00FD30201C40EDF73B137427916687AEA1935B277A5960DD1C":"DE728A614B17D91EB3CB2C17DA195562B6281585986332B3E12DA0ED":"B66B673D29038A3487A2D9C10CDCE67646F7C39C984EBE9E8795AD3C":"928C6147AF5EE4B54FA6ECF77B70CA3FEE5F4182DB057878F129DF":
-
-ECP test vectors secp256k1
-depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
-ecp_test_vect:MBEDTLS_ECP_DP_SECP256K1:"923C6D4756CD940CD1E13A359F6E0F0698791938E6D60246030AE4B0D8D4E9DE":"20A865B295E93C5B090F324B84D7AC7526AA1CFE86DD80E792CECCD16B657D55":"38AC87141A4854A8DFD87333E107B61692323721FE2EAD6E52206FE471A4771B":"4F5036A8ED5809AB7E70AEDA68A174ECC1F3800561B2D4FABE97C5D2A1A94D08":"029F5D2CC5A2C7E538FBA321439B4EC8DD79B7FEB9C0A8A5114EEA39856E22E8":"165171AFC3411A427F24FDDE1192A551C90983EB421BC982AB4CF4E21F18F04B":"E4B5B537D3ACEA7624F2E9C185BFFD80BC7035E515F33E0D4CFAE747FD20038E":"2BC685B7DCDBC694F5E036C4EAE9BFB489D7BF8940C4681F734B71D68501514C"
-
-ECP selftest
-ecp_selftest:
-
-ECP restartable mul secp256r1 max_ops=0 (disabled)
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-ecp_test_vect_restart:MBEDTLS_ECP_DP_SECP256R1:"814264145F2F56F2E96A8E337A1284993FAF432A5ABCE59E867B7291D507A3AF":"2AF502F3BE8952F2C9B5A8D4160D09E97165BE50BC42AE4A5E8D3B4BA83AEB15":"EB0FAF4CA986C4D38681A0F9872D79D56795BD4BFF6E6DE3C0F5015ECE5EFD85":"2CE1788EC197E096DB95A200CC0AB26A19CE6BCCAD562B8EEE1B593761CF7F41":"DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788":"0357DCCD4C804D0D8D33AA42B848834AA5605F9AB0D37239A115BBB647936F50":0:0:0
-
-ECP restartable mul secp256r1 max_ops=1
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-ecp_test_vect_restart:MBEDTLS_ECP_DP_SECP256R1:"814264145F2F56F2E96A8E337A1284993FAF432A5ABCE59E867B7291D507A3AF":"2AF502F3BE8952F2C9B5A8D4160D09E97165BE50BC42AE4A5E8D3B4BA83AEB15":"EB0FAF4CA986C4D38681A0F9872D79D56795BD4BFF6E6DE3C0F5015ECE5EFD85":"2CE1788EC197E096DB95A200CC0AB26A19CE6BCCAD562B8EEE1B593761CF7F41":"DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788":"0357DCCD4C804D0D8D33AA42B848834AA5605F9AB0D37239A115BBB647936F50":1:1:5000
-
-ECP restartable mul secp256r1 max_ops=10000
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-ecp_test_vect_restart:MBEDTLS_ECP_DP_SECP256R1:"814264145F2F56F2E96A8E337A1284993FAF432A5ABCE59E867B7291D507A3AF":"2AF502F3BE8952F2C9B5A8D4160D09E97165BE50BC42AE4A5E8D3B4BA83AEB15":"EB0FAF4CA986C4D38681A0F9872D79D56795BD4BFF6E6DE3C0F5015ECE5EFD85":"2CE1788EC197E096DB95A200CC0AB26A19CE6BCCAD562B8EEE1B593761CF7F41":"DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788":"0357DCCD4C804D0D8D33AA42B848834AA5605F9AB0D37239A115BBB647936F50":10000:0:0
-
-ECP restartable mul secp256r1 max_ops=250
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-ecp_test_vect_restart:MBEDTLS_ECP_DP_SECP256R1:"814264145F2F56F2E96A8E337A1284993FAF432A5ABCE59E867B7291D507A3AF":"2AF502F3BE8952F2C9B5A8D4160D09E97165BE50BC42AE4A5E8D3B4BA83AEB15":"EB0FAF4CA986C4D38681A0F9872D79D56795BD4BFF6E6DE3C0F5015ECE5EFD85":"2CE1788EC197E096DB95A200CC0AB26A19CE6BCCAD562B8EEE1B593761CF7F41":"DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788":"0357DCCD4C804D0D8D33AA42B848834AA5605F9AB0D37239A115BBB647936F50":250:2:32
-
-ECP restartable muladd secp256r1 max_ops=0 (disabled)
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":0:0:0
-
-ECP restartable muladd secp256r1 max_ops=1
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":1:1:10000
-
-ECP restartable muladd secp256r1 max_ops=10000
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":10000:0:0
-
-ECP restartable muladd secp256r1 max_ops=250
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":250:4:64
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecp.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecp.function
deleted file mode 100644
index 4ee75a6..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecp.function
+++ /dev/null
@@ -1,1160 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/ecp.h"
-
-#define ECP_PF_UNKNOWN     -1
-
-#define ECP_PT_RESET( x )           \
-    mbedtls_ecp_point_free( x );    \
-    mbedtls_ecp_point_init( x );
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_ECP_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void ecp_valid_param( )
-{
-    TEST_VALID_PARAM( mbedtls_ecp_group_free( NULL ) );
-    TEST_VALID_PARAM( mbedtls_ecp_keypair_free( NULL ) );
-    TEST_VALID_PARAM( mbedtls_ecp_point_free( NULL ) );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    TEST_VALID_PARAM( mbedtls_ecp_restart_free( NULL ) );
-#endif /* MBEDTLS_ECP_RESTARTABLE */
-
-exit:
-    return;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void ecp_invalid_param( )
-{
-    mbedtls_ecp_group grp;
-    mbedtls_ecp_keypair kp;
-    mbedtls_ecp_point P;
-    mbedtls_mpi m;
-    const char *x = "deadbeef";
-    int valid_fmt   = MBEDTLS_ECP_PF_UNCOMPRESSED;
-    int invalid_fmt = 42;
-    size_t olen;
-    unsigned char buf[42] = { 0 };
-    const unsigned char *null_buf = NULL;
-    mbedtls_ecp_group_id valid_group = MBEDTLS_ECP_DP_SECP192R1;
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    mbedtls_ecp_restart_ctx restart_ctx;
-#endif /* MBEDTLS_ECP_RESTARTABLE */
-
-    TEST_INVALID_PARAM( mbedtls_ecp_point_init( NULL ) );
-    TEST_INVALID_PARAM( mbedtls_ecp_keypair_init( NULL ) );
-    TEST_INVALID_PARAM( mbedtls_ecp_group_init( NULL ) );
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    TEST_INVALID_PARAM( mbedtls_ecp_restart_init( NULL ) );
-    TEST_INVALID_PARAM( mbedtls_ecp_check_budget( NULL, &restart_ctx, 42 ) );
-#endif /* MBEDTLS_ECP_RESTARTABLE */
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_copy( NULL, &P ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_copy( &P, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_group_copy( NULL, &grp ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_group_copy( &grp, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_gen_privkey( NULL,
-                                                     &m,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_gen_privkey( &grp,
-                                                     NULL,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_gen_privkey( &grp,
-                                                     &m,
-                                                     NULL,
-                                                     NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_set_zero( NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_is_zero( NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_point_cmp( NULL, &P ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_point_cmp( &P, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_point_read_string( NULL, 2,
-                                                           x, x ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_point_read_string( &P, 2,
-                                                           NULL, x ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_point_read_string( &P, 2,
-                                                           x, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_point_write_binary( NULL, &P,
-                                                      valid_fmt,
-                                                      &olen,
-                                                      buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_point_write_binary( &grp, NULL,
-                                                      valid_fmt,
-                                                      &olen,
-                                                      buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_point_write_binary( &grp, &P,
-                                                      invalid_fmt,
-                                                      &olen,
-                                                      buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_point_write_binary( &grp, &P,
-                                                      valid_fmt,
-                                                      NULL,
-                                                      buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_point_write_binary( &grp, &P,
-                                                      valid_fmt,
-                                                      &olen,
-                                                      NULL, sizeof( buf ) ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_point_read_binary( NULL, &P, buf,
-                                                     sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_point_read_binary( &grp, NULL, buf,
-                                                     sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_point_read_binary( &grp, &P, NULL,
-                                                     sizeof( buf ) ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_tls_read_point( NULL, &P,
-                                                 (const unsigned char **) &buf,
-                                                 sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_tls_read_point( &grp, NULL,
-                                                 (const unsigned char **) &buf,
-                                                 sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_tls_read_point( &grp, &P, &null_buf,
-                                                        sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_tls_read_point( &grp, &P, NULL,
-                                                    sizeof( buf ) ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_tls_write_point( NULL, &P,
-                                                     valid_fmt,
-                                                     &olen,
-                                                     buf,
-                                                     sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_tls_write_point( &grp, NULL,
-                                                     valid_fmt,
-                                                     &olen,
-                                                     buf,
-                                                     sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_tls_write_point( &grp, &P,
-                                                     invalid_fmt,
-                                                     &olen,
-                                                     buf,
-                                                     sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_tls_write_point( &grp, &P,
-                                                     valid_fmt,
-                                                     NULL,
-                                                     buf,
-                                                     sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_tls_write_point( &grp, &P,
-                                                     valid_fmt,
-                                                     &olen,
-                                                     NULL,
-                                                     sizeof( buf ) ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_group_load( NULL, valid_group ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_tls_read_group( NULL,
-                                                 (const unsigned char **) &buf,
-                                                 sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_tls_read_group( &grp, NULL,
-                                                        sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_tls_read_group( &grp, &null_buf,
-                                                        sizeof( buf ) ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_tls_read_group_id( NULL,
-                                                 (const unsigned char **) &buf,
-                                                 sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_tls_read_group_id( &valid_group, NULL,
-                                                        sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_tls_read_group_id( &valid_group,
-                                                           &null_buf,
-                                                           sizeof( buf ) ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_tls_write_group( NULL, &olen,
-                                                       buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_tls_write_group( &grp, NULL,
-                                                       buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_tls_write_group( &grp, &olen,
-                                                       NULL, sizeof( buf ) ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_mul( NULL, &P, &m, &P,
-                                             mbedtls_test_rnd_std_rand,
-                                             NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_mul( &grp, NULL, &m, &P,
-                                             mbedtls_test_rnd_std_rand,
-                                             NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_mul( &grp, &P, NULL, &P,
-                                             mbedtls_test_rnd_std_rand,
-                                             NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_mul( &grp, &P, &m, NULL,
-                                             mbedtls_test_rnd_std_rand,
-                                             NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_mul_restartable( NULL, &P, &m, &P,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL , NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_mul_restartable( &grp, NULL, &m, &P,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL , NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_mul_restartable( &grp, &P, NULL, &P,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL , NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_mul_restartable( &grp, &P, &m, NULL,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL , NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_muladd( NULL, &P, &m, &P,
-                                                &m, &P ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_muladd( &grp, NULL, &m, &P,
-                                                &m, &P ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_muladd( &grp, &P, NULL, &P,
-                                                &m, &P ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_muladd( &grp, &P, &m, NULL,
-                                                &m, &P ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_muladd( &grp, &P, &m, &P,
-                                                NULL, &P ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_muladd( &grp, &P, &m, &P,
-                                                &m, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_muladd_restartable( NULL, &P, &m, &P,
-                                                            &m, &P, NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_muladd_restartable( &grp, NULL, &m, &P,
-                                                            &m, &P, NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_muladd_restartable( &grp, &P, NULL, &P,
-                                                            &m, &P, NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_muladd_restartable( &grp, &P, &m, NULL,
-                                                            &m, &P, NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_muladd_restartable( &grp, &P, &m, &P,
-                                                            NULL, &P, NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_muladd_restartable( &grp, &P, &m, &P,
-                                                            &m, NULL, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_check_pubkey( NULL, &P ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_check_pubkey( &grp, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_check_pub_priv( NULL, &kp ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_check_pub_priv( &kp, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_check_privkey( NULL, &m ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_check_privkey( &grp, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-        mbedtls_ecp_gen_keypair_base( NULL, &P, &m, &P,
-                                      mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-        mbedtls_ecp_gen_keypair_base( &grp, NULL, &m, &P,
-                                      mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-        mbedtls_ecp_gen_keypair_base( &grp, &P, NULL, &P,
-                                      mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-        mbedtls_ecp_gen_keypair_base( &grp, &P, &m, NULL,
-                                      mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-        mbedtls_ecp_gen_keypair_base( &grp, &P, &m, &P, NULL, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_gen_keypair( NULL,
-                                                     &m, &P,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_gen_keypair( &grp,
-                                                     NULL, &P,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_gen_keypair( &grp,
-                                                     &m, NULL,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_gen_keypair( &grp,
-                                                     &m, &P,
-                                                     NULL,
-                                                     NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_gen_key( valid_group, NULL,
-                                                 mbedtls_test_rnd_std_rand,
-                                                 NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
-                            mbedtls_ecp_gen_key( valid_group, &kp,
-                                                 NULL, NULL ) );
-
-exit:
-    return;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_ecp_curve_info( int id, int tls_id, int size, char * name )
-{
-    const mbedtls_ecp_curve_info *by_id, *by_tls, *by_name;
-
-    by_id   = mbedtls_ecp_curve_info_from_grp_id( id     );
-    by_tls  = mbedtls_ecp_curve_info_from_tls_id( tls_id );
-    by_name = mbedtls_ecp_curve_info_from_name(   name   );
-    TEST_ASSERT( by_id   != NULL );
-    TEST_ASSERT( by_tls  != NULL );
-    TEST_ASSERT( by_name != NULL );
-
-    TEST_ASSERT( by_id == by_tls  );
-    TEST_ASSERT( by_id == by_name );
-
-    TEST_ASSERT( by_id->bit_size == size );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ecp_check_pub( int grp_id, char * x_hex, char * y_hex, char * z_hex,
-                    int ret )
-{
-    mbedtls_ecp_group grp;
-    mbedtls_ecp_point P;
-
-    mbedtls_ecp_group_init( &grp );
-    mbedtls_ecp_point_init( &P );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp, grp_id ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &P.X, 16, x_hex ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &P.Y, 16, y_hex ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &P.Z, 16, z_hex ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &P ) == ret );
-
-exit:
-    mbedtls_ecp_group_free( &grp );
-    mbedtls_ecp_point_free( &P );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
-void ecp_test_vect_restart( int id,
-                            char *dA_str, char *xA_str, char *yA_str,
-                            char *dB_str,  char *xZ_str, char *yZ_str,
-                            int max_ops, int min_restarts, int max_restarts )
-{
-    /*
-     * Test for early restart. Based on test vectors like ecp_test_vect(),
-     * but for the sake of simplicity only does half of each side. It's
-     * important to test both base point and random point, though, as memory
-     * management is different in each case.
-     *
-     * Don't try using too precise bounds for restarts as the exact number
-     * will depend on settings such as MBEDTLS_ECP_FIXED_POINT_OPTIM and
-     * MBEDTLS_ECP_WINDOW_SIZE, as well as implementation details that may
-     * change in the future. A factor 2 is a minimum safety margin.
-     *
-     * For reference, with mbed TLS 2.4 and default settings, for P-256:
-     * - Random point mult:     ~3250M
-     * - Cold base point mult:  ~3300M
-     * - Hot base point mult:   ~1100M
-     * With MBEDTLS_ECP_WINDOW_SIZE set to 2 (minimum):
-     * - Random point mult:     ~3850M
-     */
-    mbedtls_ecp_restart_ctx ctx;
-    mbedtls_ecp_group grp;
-    mbedtls_ecp_point R, P;
-    mbedtls_mpi dA, xA, yA, dB, xZ, yZ;
-    int cnt_restarts;
-    int ret;
-
-    mbedtls_ecp_restart_init( &ctx );
-    mbedtls_ecp_group_init( &grp );
-    mbedtls_ecp_point_init( &R ); mbedtls_ecp_point_init( &P );
-    mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &xA ); mbedtls_mpi_init( &yA );
-    mbedtls_mpi_init( &dB ); mbedtls_mpi_init( &xZ ); mbedtls_mpi_init( &yZ );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &yA, 16, yA_str ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &xZ, 16, xZ_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &yZ, 16, yZ_str ) == 0 );
-
-    mbedtls_ecp_set_max_ops( (unsigned) max_ops );
-
-    /* Base point case */
-    cnt_restarts = 0;
-    do {
-        ECP_PT_RESET( &R );
-        ret = mbedtls_ecp_mul_restartable( &grp, &R, &dA, &grp.G, NULL, NULL, &ctx );
-    } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts );
-
-    TEST_ASSERT( ret == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xA ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yA ) == 0 );
-
-    TEST_ASSERT( cnt_restarts >= min_restarts );
-    TEST_ASSERT( cnt_restarts <= max_restarts );
-
-    /* Non-base point case */
-    mbedtls_ecp_copy( &P, &R );
-    cnt_restarts = 0;
-    do {
-        ECP_PT_RESET( &R );
-        ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P, NULL, NULL, &ctx );
-    } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts );
-
-    TEST_ASSERT( ret == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xZ ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yZ ) == 0 );
-
-    TEST_ASSERT( cnt_restarts >= min_restarts );
-    TEST_ASSERT( cnt_restarts <= max_restarts );
-
-    /* Do we leak memory when aborting an operation?
-     * This test only makes sense when we actually restart */
-    if( min_restarts > 0 )
-    {
-        ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P, NULL, NULL, &ctx );
-        TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
-    }
-
-exit:
-    mbedtls_ecp_restart_free( &ctx );
-    mbedtls_ecp_group_free( &grp );
-    mbedtls_ecp_point_free( &R ); mbedtls_ecp_point_free( &P );
-    mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &xA ); mbedtls_mpi_free( &yA );
-    mbedtls_mpi_free( &dB ); mbedtls_mpi_free( &xZ ); mbedtls_mpi_free( &yZ );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
-void ecp_muladd_restart( int id, char *xR_str, char *yR_str,
-                         char *u1_str, char *u2_str,
-                         char *xQ_str, char *yQ_str,
-                         int max_ops, int min_restarts, int max_restarts )
-{
-    /*
-     * Compute R = u1 * G + u2 * Q
-     * (test vectors mostly taken from ECDSA intermediate results)
-     *
-     * See comments at the top of ecp_test_vect_restart()
-     */
-    mbedtls_ecp_restart_ctx ctx;
-    mbedtls_ecp_group grp;
-    mbedtls_ecp_point R, Q;
-    mbedtls_mpi u1, u2, xR, yR;
-    int cnt_restarts;
-    int ret;
-
-    mbedtls_ecp_restart_init( &ctx );
-    mbedtls_ecp_group_init( &grp );
-    mbedtls_ecp_point_init( &R );
-    mbedtls_ecp_point_init( &Q );
-    mbedtls_mpi_init( &u1 ); mbedtls_mpi_init( &u2 );
-    mbedtls_mpi_init( &xR ); mbedtls_mpi_init( &yR );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &u1, 16, u1_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &u2, 16, u2_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &xR, 16, xR_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &yR, 16, yR_str ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &Q.X, 16, xQ_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Q.Y, 16, yQ_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_lset( &Q.Z, 1 ) == 0 );
-
-    mbedtls_ecp_set_max_ops( (unsigned) max_ops );
-
-    cnt_restarts = 0;
-    do {
-        ECP_PT_RESET( &R );
-        ret = mbedtls_ecp_muladd_restartable( &grp, &R,
-                                              &u1, &grp.G, &u2, &Q, &ctx );
-    } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts );
-
-    TEST_ASSERT( ret == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xR ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yR ) == 0 );
-
-    TEST_ASSERT( cnt_restarts >= min_restarts );
-    TEST_ASSERT( cnt_restarts <= max_restarts );
-
-    /* Do we leak memory when aborting an operation?
-     * This test only makes sense when we actually restart */
-    if( min_restarts > 0 )
-    {
-        ret = mbedtls_ecp_muladd_restartable( &grp, &R,
-                                              &u1, &grp.G, &u2, &Q, &ctx );
-        TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
-    }
-
-exit:
-    mbedtls_ecp_restart_free( &ctx );
-    mbedtls_ecp_group_free( &grp );
-    mbedtls_ecp_point_free( &R );
-    mbedtls_ecp_point_free( &Q );
-    mbedtls_mpi_free( &u1 ); mbedtls_mpi_free( &u2 );
-    mbedtls_mpi_free( &xR ); mbedtls_mpi_free( &yR );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ecp_test_vect( int id, char * dA_str, char * xA_str, char * yA_str,
-                    char * dB_str, char * xB_str, char * yB_str,
-                    char * xZ_str, char * yZ_str )
-{
-    mbedtls_ecp_group grp;
-    mbedtls_ecp_point R;
-    mbedtls_mpi dA, xA, yA, dB, xB, yB, xZ, yZ;
-    mbedtls_test_rnd_pseudo_info rnd_info;
-
-    mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &R );
-    mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &xA ); mbedtls_mpi_init( &yA ); mbedtls_mpi_init( &dB );
-    mbedtls_mpi_init( &xB ); mbedtls_mpi_init( &yB ); mbedtls_mpi_init( &xZ ); mbedtls_mpi_init( &yZ );
-    memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &yA, 16, yA_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &xB, 16, xB_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &yB, 16, yB_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &xZ, 16, xZ_str ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &yZ, 16, yZ_str ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &grp.G,
-                          &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xA ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yA ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &R, NULL, NULL ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xZ ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yZ ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G, NULL, NULL ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xB ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yB ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &R,
-                          &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xZ ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yZ ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
-
-exit:
-    mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &R );
-    mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &xA ); mbedtls_mpi_free( &yA ); mbedtls_mpi_free( &dB );
-    mbedtls_mpi_free( &xB ); mbedtls_mpi_free( &yB ); mbedtls_mpi_free( &xZ ); mbedtls_mpi_free( &yZ );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ecp_test_vec_x( int id, char * dA_hex, char * xA_hex, char * dB_hex,
-                     char * xB_hex, char * xS_hex )
-{
-    mbedtls_ecp_group grp;
-    mbedtls_ecp_point R;
-    mbedtls_mpi dA, xA, dB, xB, xS;
-    mbedtls_test_rnd_pseudo_info rnd_info;
-
-    mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &R );
-    mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &xA );
-    mbedtls_mpi_init( &dB ); mbedtls_mpi_init( &xB );
-    mbedtls_mpi_init( &xS );
-    memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_hex ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_hex ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_hex ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &xB, 16, xB_hex ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &xS, 16, xS_hex ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &grp.G,
-                          &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xA ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &R,
-                          &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xS ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G, NULL, NULL ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xB ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &R, NULL, NULL ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xS ) == 0 );
-
-exit:
-    mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &R );
-    mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &xA );
-    mbedtls_mpi_free( &dB ); mbedtls_mpi_free( &xB );
-    mbedtls_mpi_free( &xS );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ecp_test_mul( int id, data_t * n_hex,
-                   data_t *  Px_hex, data_t *  Py_hex, data_t *  Pz_hex,
-                   data_t * nPx_hex, data_t * nPy_hex, data_t * nPz_hex,
-                   int expected_ret )
-{
-    mbedtls_ecp_group grp;
-    mbedtls_ecp_point P, nP, R;
-    mbedtls_mpi n;
-    mbedtls_test_rnd_pseudo_info rnd_info;
-
-    mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &R );
-    mbedtls_ecp_point_init( &P ); mbedtls_ecp_point_init( &nP );
-    mbedtls_mpi_init( &n );
-    memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_binary( &n, n_hex->x, n_hex->len ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_binary( &P.X, Px_hex->x, Px_hex->len ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_binary( &P.Y, Py_hex->x, Py_hex->len ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_binary( &P.Z, Pz_hex->x, Pz_hex->len ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_binary( &nP.X, nPx_hex->x, nPx_hex->len )
-                 == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_binary( &nP.Y, nPy_hex->x, nPy_hex->len )
-                 == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_binary( &nP.Z, nPz_hex->x, nPz_hex->len )
-                 == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &n, &P,
-                                  &mbedtls_test_rnd_pseudo_rand, &rnd_info )
-                 == expected_ret );
-
-    if( expected_ret == 0 )
-    {
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &nP.X, &R.X ) == 0 );
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &nP.Y, &R.Y ) == 0 );
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &nP.Z, &R.Z ) == 0 );
-    }
-
-exit:
-    mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &R );
-    mbedtls_ecp_point_free( &P ); mbedtls_ecp_point_free( &nP );
-    mbedtls_mpi_free( &n );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ecp_test_mul_rng( int id, data_t * d_hex)
-{
-    mbedtls_ecp_group grp;
-    mbedtls_mpi d;
-    mbedtls_ecp_point Q;
-
-    mbedtls_ecp_group_init( &grp ); mbedtls_mpi_init( &d );
-    mbedtls_ecp_point_init( &Q );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_binary( &d, d_hex->x, d_hex->len ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_mul( &grp, &Q, &d, &grp.G,
-                                  &mbedtls_test_rnd_zero_rand, NULL )
-                 == MBEDTLS_ERR_ECP_RANDOM_FAILED );
-
-exit:
-    mbedtls_ecp_group_free( &grp ); mbedtls_mpi_free( &d );
-    mbedtls_ecp_point_free( &Q );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ecp_fast_mod( int id, char * N_str )
-{
-    mbedtls_ecp_group grp;
-    mbedtls_mpi N, R;
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &R );
-    mbedtls_ecp_group_init( &grp );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, 16, N_str ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
-    TEST_ASSERT( grp.modp != NULL );
-
-    /*
-     * Store correct result before we touch N
-     */
-    TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &N, &grp.P ) == 0 );
-
-    TEST_ASSERT( grp.modp( &N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_bitlen( &N ) <= grp.pbits + 3 );
-
-    /*
-     * Use mod rather than addition/subtraction in case previous test fails
-     */
-    TEST_ASSERT( mbedtls_mpi_mod_mpi( &N, &N, &grp.P ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &R ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &R );
-    mbedtls_ecp_group_free( &grp );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ecp_write_binary( int id, char * x, char * y, char * z, int format,
-                       data_t * out, int blen, int ret )
-{
-    mbedtls_ecp_group grp;
-    mbedtls_ecp_point P;
-    unsigned char buf[256];
-    size_t olen;
-
-    memset( buf, 0, sizeof( buf ) );
-
-    mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &P );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &P.X, 16, x ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &P.Y, 16, y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &P.Z, 16, z ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_point_write_binary( &grp, &P, format,
-                                   &olen, buf, blen ) == ret );
-
-    if( ret == 0 )
-    {
-        TEST_ASSERT( mbedtls_test_hexcmp( buf, out->x, olen, out->len ) == 0 );
-    }
-
-exit:
-    mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &P );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ecp_read_binary( int id, data_t * buf, char * x, char * y, char * z,
-                      int ret )
-{
-    mbedtls_ecp_group grp;
-    mbedtls_ecp_point P;
-    mbedtls_mpi X, Y, Z;
-
-
-    mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &P );
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Z, 16, z ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_point_read_binary( &grp, &P, buf->x, buf->len ) == ret );
-
-    if( ret == 0 )
-    {
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.X, &X ) == 0 );
-        if( mbedtls_ecp_get_type( &grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
-        {
-            TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, 0 ) == 0 );
-            TEST_ASSERT( P.Y.p == NULL );
-            TEST_ASSERT( mbedtls_mpi_cmp_int( &Z, 1 ) == 0 );
-            TEST_ASSERT( mbedtls_mpi_cmp_int( &P.Z, 1 ) == 0 );
-        }
-        else
-        {
-            TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Y, &Y ) == 0 );
-            TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Z, &Z ) == 0 );
-        }
-    }
-
-exit:
-    mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &P );
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_ecp_tls_read_point( int id, data_t * buf, char * x, char * y,
-                                 char * z, int ret )
-{
-    mbedtls_ecp_group grp;
-    mbedtls_ecp_point P;
-    mbedtls_mpi X, Y, Z;
-    const unsigned char *vbuf = buf->x;
-
-
-    mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &P );
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Z, 16, z ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &P, &vbuf, buf->len ) == ret );
-
-    if( ret == 0 )
-    {
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.X, &X ) == 0 );
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Y, &Y ) == 0 );
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Z, &Z ) == 0 );
-        TEST_ASSERT( (uint32_t)( vbuf - buf->x ) == buf->len );
-    }
-
-exit:
-    mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &P );
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ecp_tls_write_read_point( int id )
-{
-    mbedtls_ecp_group grp;
-    mbedtls_ecp_point pt;
-    unsigned char buf[256];
-    const unsigned char *vbuf;
-    size_t olen;
-
-    mbedtls_ecp_group_init( &grp );
-    mbedtls_ecp_point_init( &pt );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
-
-    memset( buf, 0x00, sizeof( buf ) ); vbuf = buf;
-    TEST_ASSERT( mbedtls_ecp_tls_write_point( &grp, &grp.G,
-                    MBEDTLS_ECP_PF_COMPRESSED, &olen, buf, 256 ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &pt, &vbuf, olen )
-                 == MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
-    TEST_ASSERT( vbuf == buf + olen );
-
-    memset( buf, 0x00, sizeof( buf ) ); vbuf = buf;
-    TEST_ASSERT( mbedtls_ecp_tls_write_point( &grp, &grp.G,
-                    MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, buf, 256 ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &pt, &vbuf, olen ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp.G.X, &pt.X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp.G.Y, &pt.Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp.G.Z, &pt.Z ) == 0 );
-    TEST_ASSERT( vbuf == buf + olen );
-
-    memset( buf, 0x00, sizeof( buf ) ); vbuf = buf;
-    TEST_ASSERT( mbedtls_ecp_set_zero( &pt ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_tls_write_point( &grp, &pt,
-                    MBEDTLS_ECP_PF_COMPRESSED, &olen, buf, 256 ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &pt, &vbuf, olen ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_is_zero( &pt ) );
-    TEST_ASSERT( vbuf == buf + olen );
-
-    memset( buf, 0x00, sizeof( buf ) ); vbuf = buf;
-    TEST_ASSERT( mbedtls_ecp_set_zero( &pt ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_tls_write_point( &grp, &pt,
-                    MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, buf, 256 ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &pt, &vbuf, olen ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_is_zero( &pt ) );
-    TEST_ASSERT( vbuf == buf + olen );
-
-exit:
-    mbedtls_ecp_group_free( &grp );
-    mbedtls_ecp_point_free( &pt );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_ecp_tls_read_group( data_t * buf, int result, int bits,
-                                 int record_len )
-{
-    mbedtls_ecp_group grp;
-    const unsigned char *vbuf = buf->x;
-    int ret;
-
-    mbedtls_ecp_group_init( &grp );
-
-    ret = mbedtls_ecp_tls_read_group( &grp, &vbuf, buf->len );
-
-    TEST_ASSERT( ret == result );
-    if( ret == 0)
-    {
-        TEST_ASSERT( mbedtls_mpi_bitlen( &grp.P ) == (size_t) bits );
-        TEST_ASSERT( vbuf - buf->x ==  record_len);
-    }
-
-exit:
-    mbedtls_ecp_group_free( &grp );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ecp_tls_write_read_group( int id )
-{
-    mbedtls_ecp_group grp1, grp2;
-    unsigned char buf[10];
-    const unsigned char *vbuf = buf;
-    size_t len;
-    int ret;
-
-    mbedtls_ecp_group_init( &grp1 );
-    mbedtls_ecp_group_init( &grp2 );
-    memset( buf, 0x00, sizeof( buf ) );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp1, id ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_tls_write_group( &grp1, &len, buf, 10 ) == 0 );
-    ret = mbedtls_ecp_tls_read_group( &grp2, &vbuf, len );
-    TEST_ASSERT( ret == 0 );
-
-    if( ret == 0 )
-    {
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp1.N, &grp2.N ) == 0 );
-        TEST_ASSERT( grp1.id == grp2.id );
-    }
-
-exit:
-    mbedtls_ecp_group_free( &grp1 );
-    mbedtls_ecp_group_free( &grp2 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_ecp_check_privkey( int id, char * key_hex, int ret )
-{
-    mbedtls_ecp_group grp;
-    mbedtls_mpi d;
-
-    mbedtls_ecp_group_init( &grp );
-    mbedtls_mpi_init( &d );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, key_hex ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_check_privkey( &grp, &d ) == ret );
-
-exit:
-    mbedtls_ecp_group_free( &grp );
-    mbedtls_mpi_free( &d );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_ecp_check_pub_priv( int id_pub, char * Qx_pub, char * Qy_pub,
-                                 int id, char * d, char * Qx, char * Qy,
-                                 int ret )
-{
-    mbedtls_ecp_keypair pub, prv;
-
-    mbedtls_ecp_keypair_init( &pub );
-    mbedtls_ecp_keypair_init( &prv );
-
-    if( id_pub != MBEDTLS_ECP_DP_NONE )
-        TEST_ASSERT( mbedtls_ecp_group_load( &pub.grp, id_pub ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_point_read_string( &pub.Q, 16, Qx_pub, Qy_pub ) == 0 );
-
-    if( id != MBEDTLS_ECP_DP_NONE )
-        TEST_ASSERT( mbedtls_ecp_group_load( &prv.grp, id ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_point_read_string( &prv.Q, 16, Qx, Qy ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &prv.d, 16, d ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_check_pub_priv( &pub, &prv ) == ret );
-
-exit:
-    mbedtls_ecp_keypair_free( &pub );
-    mbedtls_ecp_keypair_free( &prv );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_ecp_gen_keypair( int id )
-{
-    mbedtls_ecp_group grp;
-    mbedtls_ecp_point Q;
-    mbedtls_mpi d;
-    mbedtls_test_rnd_pseudo_info rnd_info;
-
-    mbedtls_ecp_group_init( &grp );
-    mbedtls_ecp_point_init( &Q );
-    mbedtls_mpi_init( &d );
-    memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_gen_keypair( &grp, &d, &Q,
-                                          &mbedtls_test_rnd_pseudo_rand,
-                                          &rnd_info ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &Q ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_check_privkey( &grp, &d ) == 0 );
-
-exit:
-    mbedtls_ecp_group_free( &grp );
-    mbedtls_ecp_point_free( &Q );
-    mbedtls_mpi_free( &d );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_ecp_gen_key( int id )
-{
-    mbedtls_ecp_keypair key;
-    mbedtls_test_rnd_pseudo_info rnd_info;
-
-    mbedtls_ecp_keypair_init( &key );
-    memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-    TEST_ASSERT( mbedtls_ecp_gen_key( id, &key,
-                                      &mbedtls_test_rnd_pseudo_rand,
-                                      &rnd_info ) == 0 );
-
-    TEST_ASSERT( mbedtls_ecp_check_pubkey( &key.grp, &key.Q ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_check_privkey( &key.grp, &key.d ) == 0 );
-
-exit:
-    mbedtls_ecp_keypair_free( &key );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_ecp_read_key( int grp_id, data_t* in_key, int expected, int canonical )
-{
-    int ret = 0;
-    mbedtls_ecp_keypair key;
-    mbedtls_ecp_keypair key2;
-
-    mbedtls_ecp_keypair_init( &key );
-    mbedtls_ecp_keypair_init( &key2 );
-
-    ret = mbedtls_ecp_read_key( grp_id, &key, in_key->x, in_key->len );
-    TEST_ASSERT( ret == expected );
-
-    if( expected == 0 )
-    {
-        ret = mbedtls_ecp_check_privkey( &key.grp, &key.d );
-        TEST_ASSERT( ret == 0 );
-
-        if( canonical )
-        {
-            unsigned char buf[MBEDTLS_ECP_MAX_BYTES];
-
-            ret = mbedtls_ecp_write_key( &key, buf, in_key->len );
-            TEST_ASSERT( ret == 0 );
-
-            ASSERT_COMPARE( in_key->x, in_key->len,
-                            buf, in_key->len );
-        }
-        else
-        {
-            unsigned char export1[MBEDTLS_ECP_MAX_BYTES];
-            unsigned char export2[MBEDTLS_ECP_MAX_BYTES];
-
-            ret = mbedtls_ecp_write_key( &key, export1, in_key->len );
-            TEST_ASSERT( ret == 0 );
-
-            ret = mbedtls_ecp_read_key( grp_id, &key2, export1, in_key->len );
-            TEST_ASSERT( ret == expected );
-
-            ret = mbedtls_ecp_write_key( &key2, export2, in_key->len );
-            TEST_ASSERT( ret == 0 );
-
-            ASSERT_COMPARE( export1, in_key->len,
-                            export2, in_key->len );
-        }
-    }
-
-exit:
-    mbedtls_ecp_keypair_free( &key );
-    mbedtls_ecp_keypair_free( &key2 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void ecp_selftest(  )
-{
-    TEST_ASSERT( mbedtls_ecp_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_entropy.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_entropy.function
deleted file mode 100644
index d9ea441..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_entropy.function
+++ /dev/null
@@ -1,490 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/entropy.h"
-#include "mbedtls/entropy_poll.h"
-#include "mbedtls/md.h"
-#include "string.h"
-
-typedef enum
-{
-    DUMMY_CONSTANT_LENGTH, /* Output context->length bytes */
-    DUMMY_REQUESTED_LENGTH, /* Output whatever length was requested */
-    DUMMY_FAIL, /* Return an error code */
-} entropy_dummy_instruction;
-
-typedef struct
-{
-    entropy_dummy_instruction instruction;
-    size_t length; /* Length to return for DUMMY_CONSTANT_LENGTH */
-    size_t calls; /* Incremented at each call */
-} entropy_dummy_context;
-
-/*
- * Dummy entropy source
- *
- * If data is NULL, write exactly the requested length.
- * Otherwise, write the length indicated by data or error if negative
- */
-static int entropy_dummy_source( void *arg, unsigned char *output,
-                                 size_t len, size_t *olen )
-{
-    entropy_dummy_context *context = arg;
-    ++context->calls;
-
-    switch( context->instruction )
-    {
-        case DUMMY_CONSTANT_LENGTH:
-            *olen = context->length;
-            break;
-        case DUMMY_REQUESTED_LENGTH:
-            *olen = len;
-            break;
-        case DUMMY_FAIL:
-            return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
-    }
-
-    memset( output, 0x2a, *olen );
-    return( 0 );
-}
-
-/*
- * Ability to clear entropy sources to allow testing with just predefined
- * entropy sources. This function or tests depending on it might break if there
- * are internal changes to how entropy sources are registered.
- *
- * To be called immediately after mbedtls_entropy_init().
- *
- * Just resetting the counter. New sources will overwrite existing ones.
- * This might break memory checks in the future if sources need 'free-ing' then
- * as well.
- */
-static void entropy_clear_sources( mbedtls_entropy_context *ctx )
-{
-    ctx->source_count = 0;
-}
-
-#if defined(MBEDTLS_ENTROPY_NV_SEED)
-/*
- * NV seed read/write functions that use a buffer instead of a file
- */
-static unsigned char buffer_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
-
-int buffer_nv_seed_read( unsigned char *buf, size_t buf_len )
-{
-    if( buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE )
-        return( -1 );
-
-    memcpy( buf, buffer_seed, MBEDTLS_ENTROPY_BLOCK_SIZE );
-    return( 0 );
-}
-
-int buffer_nv_seed_write( unsigned char *buf, size_t buf_len )
-{
-    if( buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE )
-        return( -1 );
-
-    memcpy( buffer_seed, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
-    return( 0 );
-}
-
-/*
- * NV seed read/write helpers that fill the base seedfile
- */
-static int write_nv_seed( unsigned char *buf, size_t buf_len )
-{
-    FILE *f;
-
-    if( buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE )
-        return( -1 );
-
-    if( ( f = fopen( MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "w" ) ) == NULL )
-        return( -1 );
-
-    if( fwrite( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) !=
-                    MBEDTLS_ENTROPY_BLOCK_SIZE )
-        return( -1 );
-
-    fclose( f );
-
-    return( 0 );
-}
-
-int read_nv_seed( unsigned char *buf, size_t buf_len )
-{
-    FILE *f;
-
-    if( buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE )
-        return( -1 );
-
-    if( ( f = fopen( MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "rb" ) ) == NULL )
-        return( -1 );
-
-    if( fread( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) !=
-                    MBEDTLS_ENTROPY_BLOCK_SIZE )
-        return( -1 );
-
-    fclose( f );
-
-    return( 0 );
-}
-#endif /* MBEDTLS_ENTROPY_NV_SEED */
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_ENTROPY_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */
-void entropy_seed_file( char * path, int ret )
-{
-    mbedtls_entropy_context ctx;
-
-    mbedtls_entropy_init( &ctx );
-
-    TEST_ASSERT( mbedtls_entropy_write_seed_file( &ctx, path ) == ret );
-    TEST_ASSERT( mbedtls_entropy_update_seed_file( &ctx, path ) == ret );
-
-exit:
-    mbedtls_entropy_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void entropy_no_sources( )
-{
-    mbedtls_entropy_context ctx;
-    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
-
-    mbedtls_entropy_init( &ctx );
-    entropy_clear_sources( &ctx );
-    TEST_EQUAL( mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ),
-                MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED );
-
-exit:
-    mbedtls_entropy_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void entropy_too_many_sources(  )
-{
-    mbedtls_entropy_context ctx;
-    size_t i;
-    entropy_dummy_context dummy = {DUMMY_REQUESTED_LENGTH, 0, 0};
-
-    mbedtls_entropy_init( &ctx );
-
-    /*
-     * It's hard to tell precisely when the error will occur,
-     * since we don't know how many sources were automatically added.
-     */
-    for( i = 0; i < MBEDTLS_ENTROPY_MAX_SOURCES; i++ )
-        (void) mbedtls_entropy_add_source( &ctx, entropy_dummy_source, &dummy,
-                                           16, MBEDTLS_ENTROPY_SOURCE_WEAK );
-
-    TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, &dummy,
-                                             16, MBEDTLS_ENTROPY_SOURCE_WEAK )
-                 == MBEDTLS_ERR_ENTROPY_MAX_SOURCES );
-
-exit:
-    mbedtls_entropy_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:ENTROPY_HAVE_STRONG */
-void entropy_func_len( int len, int ret )
-{
-    mbedtls_entropy_context ctx;
-    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE + 10] = { 0 };
-    unsigned char acc[MBEDTLS_ENTROPY_BLOCK_SIZE + 10] = { 0 };
-    size_t i, j;
-
-    mbedtls_entropy_init( &ctx );
-
-    /*
-     * See comments in mbedtls_entropy_self_test()
-     */
-    for( i = 0; i < 8; i++ )
-    {
-        TEST_ASSERT( mbedtls_entropy_func( &ctx, buf, len ) == ret );
-        for( j = 0; j < sizeof( buf ); j++ )
-            acc[j] |= buf[j];
-    }
-
-    if( ret == 0 )
-        for( j = 0; j < (size_t) len; j++ )
-            TEST_ASSERT( acc[j] != 0 );
-
-    for( j = len; j < sizeof( buf ); j++ )
-        TEST_ASSERT( acc[j] == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void entropy_source_fail( char * path )
-{
-    mbedtls_entropy_context ctx;
-    unsigned char buf[16];
-    entropy_dummy_context dummy = {DUMMY_FAIL, 0, 0};
-
-    mbedtls_entropy_init( &ctx );
-
-    TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source,
-                                             &dummy, 16,
-                                             MBEDTLS_ENTROPY_SOURCE_WEAK )
-                 == 0 );
-
-    TEST_ASSERT( mbedtls_entropy_func( &ctx, buf, sizeof( buf ) )
-                 == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
-    TEST_ASSERT( mbedtls_entropy_gather( &ctx )
-                 == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
-#if defined(MBEDTLS_FS_IO) && defined(MBEDTLS_ENTROPY_NV_SEED)
-    TEST_ASSERT( mbedtls_entropy_write_seed_file( &ctx, path )
-                 == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
-    TEST_ASSERT( mbedtls_entropy_update_seed_file( &ctx, path )
-                 == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
-#else
-    ((void) path);
-#endif
-
-exit:
-    mbedtls_entropy_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void entropy_threshold( int threshold, int chunk_size, int result )
-{
-    mbedtls_entropy_context ctx;
-    entropy_dummy_context strong =
-        {DUMMY_CONSTANT_LENGTH, MBEDTLS_ENTROPY_BLOCK_SIZE, 0};
-    entropy_dummy_context weak = {DUMMY_CONSTANT_LENGTH, chunk_size, 0};
-    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
-    int ret;
-
-    mbedtls_entropy_init( &ctx );
-    entropy_clear_sources( &ctx );
-
-    /* Set strong source that reaches its threshold immediately and
-     * a weak source whose threshold is a test parameter. */
-    TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source,
-                                     &strong, 1,
-                                     MBEDTLS_ENTROPY_SOURCE_STRONG ) == 0 );
-    TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source,
-                                     &weak, threshold,
-                                     MBEDTLS_ENTROPY_SOURCE_WEAK ) == 0 );
-
-    ret = mbedtls_entropy_func( &ctx, buf, sizeof( buf ) );
-
-    if( result >= 0 )
-    {
-        TEST_ASSERT( ret == 0 );
-#if defined(MBEDTLS_ENTROPY_NV_SEED)
-        /* If the NV seed functionality is enabled, there are two entropy
-         * updates: before and after updating the NV seed. */
-        result *= 2;
-#endif
-        TEST_ASSERT( weak.calls == (size_t) result );
-    }
-    else
-    {
-        TEST_ASSERT( ret == result );
-    }
-
-exit:
-    mbedtls_entropy_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void entropy_calls( int strength1, int strength2,
-                    int threshold, int chunk_size,
-                    int result )
-{
-    /*
-     * if result >= 0: result = expected number of calls to source 1
-     * if result < 0: result = expected return code from mbedtls_entropy_func()
-     */
-
-    mbedtls_entropy_context ctx;
-    entropy_dummy_context dummy1 = {DUMMY_CONSTANT_LENGTH, chunk_size, 0};
-    entropy_dummy_context dummy2 = {DUMMY_CONSTANT_LENGTH, chunk_size, 0};
-    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
-    int ret;
-
-    mbedtls_entropy_init( &ctx );
-    entropy_clear_sources( &ctx );
-
-    TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source,
-                                             &dummy1, threshold,
-                                             strength1 ) == 0 );
-    TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source,
-                                             &dummy2, threshold,
-                                             strength2 ) == 0 );
-
-    ret = mbedtls_entropy_func( &ctx, buf, sizeof( buf ) );
-
-    if( result >= 0 )
-    {
-        TEST_ASSERT( ret == 0 );
-#if defined(MBEDTLS_ENTROPY_NV_SEED)
-        /* If the NV seed functionality is enabled, there are two entropy
-         * updates: before and after updating the NV seed. */
-        result *= 2;
-#endif
-        TEST_ASSERT( dummy1.calls == (size_t) result );
-    }
-    else
-    {
-        TEST_ASSERT( ret == result );
-    }
-
-exit:
-    mbedtls_entropy_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */
-void nv_seed_file_create(  )
-{
-    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
-
-    memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
-
-    TEST_ASSERT( write_nv_seed( buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO:MBEDTLS_PLATFORM_NV_SEED_ALT */
-void entropy_nv_seed_std_io(  )
-{
-    unsigned char io_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
-    unsigned char check_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
-
-    memset( io_seed, 1, MBEDTLS_ENTROPY_BLOCK_SIZE );
-    memset( check_seed, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
-
-    mbedtls_platform_set_nv_seed( mbedtls_platform_std_nv_seed_read,
-                                  mbedtls_platform_std_nv_seed_write );
-
-    /* Check if platform NV read and write manipulate the same data */
-    TEST_ASSERT( write_nv_seed( io_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
-    TEST_ASSERT( mbedtls_nv_seed_read( check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) ==
-                    MBEDTLS_ENTROPY_BLOCK_SIZE );
-
-    TEST_ASSERT( memcmp( io_seed, check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
-
-    memset( check_seed, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
-
-    /* Check if platform NV write and raw read manipulate the same data */
-    TEST_ASSERT( mbedtls_nv_seed_write( io_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) ==
-                    MBEDTLS_ENTROPY_BLOCK_SIZE );
-    TEST_ASSERT( read_nv_seed( check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
-
-    TEST_ASSERT( memcmp( io_seed, check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_MD_C:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PLATFORM_NV_SEED_ALT */
-void entropy_nv_seed( data_t * read_seed )
-{
-#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
-    const mbedtls_md_info_t *md_info =
-        mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 );
-#elif defined(MBEDTLS_ENTROPY_SHA256_ACCUMULATOR)
-    const mbedtls_md_info_t *md_info =
-        mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 );
-#else
-#error "Unsupported entropy accumulator"
-#endif
-    mbedtls_md_context_t accumulator;
-    mbedtls_entropy_context ctx;
-    int (*original_mbedtls_nv_seed_read)( unsigned char *buf, size_t buf_len ) =
-        mbedtls_nv_seed_read;
-    int (*original_mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len ) =
-        mbedtls_nv_seed_write;
-
-    unsigned char header[2];
-    unsigned char entropy[MBEDTLS_ENTROPY_BLOCK_SIZE];
-    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
-    unsigned char empty[MBEDTLS_ENTROPY_BLOCK_SIZE];
-    unsigned char check_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
-    unsigned char check_entropy[MBEDTLS_ENTROPY_BLOCK_SIZE];
-
-    memset( entropy, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
-    memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
-    memset( empty, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
-    memset( check_seed, 2, MBEDTLS_ENTROPY_BLOCK_SIZE );
-    memset( check_entropy, 3, MBEDTLS_ENTROPY_BLOCK_SIZE );
-
-    // Make sure we read/write NV seed from our buffers
-    mbedtls_platform_set_nv_seed( buffer_nv_seed_read, buffer_nv_seed_write );
-
-    mbedtls_md_init( &accumulator );
-    mbedtls_entropy_init( &ctx );
-    entropy_clear_sources( &ctx );
-
-    TEST_ASSERT( mbedtls_entropy_add_source( &ctx, mbedtls_nv_seed_poll, NULL,
-                                             MBEDTLS_ENTROPY_BLOCK_SIZE,
-                                             MBEDTLS_ENTROPY_SOURCE_STRONG ) == 0 );
-
-    // Set the initial NV seed to read
-    TEST_ASSERT( read_seed->len >= MBEDTLS_ENTROPY_BLOCK_SIZE );
-    memcpy( buffer_seed, read_seed->x, MBEDTLS_ENTROPY_BLOCK_SIZE );
-
-    // Do an entropy run
-    TEST_ASSERT( mbedtls_entropy_func( &ctx, entropy, sizeof( entropy ) ) == 0 );
-    // Determine what should have happened with manual entropy internal logic
-
-    // Init accumulator
-    header[1] = MBEDTLS_ENTROPY_BLOCK_SIZE;
-    TEST_ASSERT( mbedtls_md_setup( &accumulator, md_info, 0 ) == 0 );
-
-    // First run for updating write_seed
-    header[0] = 0;
-    TEST_ASSERT( mbedtls_md_starts( &accumulator ) == 0 );
-    TEST_ASSERT( mbedtls_md_update( &accumulator, header, 2 ) == 0 );
-    TEST_ASSERT( mbedtls_md_update( &accumulator,
-                                    read_seed->x, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
-    TEST_ASSERT( mbedtls_md_finish( &accumulator, buf ) == 0 );
-
-    TEST_ASSERT( mbedtls_md_starts( &accumulator ) == 0 );
-    TEST_ASSERT( mbedtls_md_update( &accumulator,
-                                    buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
-
-    TEST_ASSERT( mbedtls_md( md_info, buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
-                             check_seed ) == 0 );
-
-    // Second run for actual entropy (triggers mbedtls_entropy_update_nv_seed)
-    header[0] = MBEDTLS_ENTROPY_SOURCE_MANUAL;
-    TEST_ASSERT( mbedtls_md_update( &accumulator, header, 2 ) == 0 );
-    TEST_ASSERT( mbedtls_md_update( &accumulator,
-                                    empty, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
-
-    header[0] = 0;
-    TEST_ASSERT( mbedtls_md_update( &accumulator, header, 2 ) == 0 );
-    TEST_ASSERT( mbedtls_md_update( &accumulator,
-                                    check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
-    TEST_ASSERT( mbedtls_md_finish( &accumulator, buf ) == 0 );
-
-    TEST_ASSERT( mbedtls_md( md_info, buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
-                             check_entropy ) == 0 );
-
-    // Check result of both NV file and entropy received with the manual calculations
-    TEST_ASSERT( memcmp( check_seed, buffer_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
-    TEST_ASSERT( memcmp( check_entropy, entropy, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
-
-exit:
-    mbedtls_md_free( &accumulator );
-    mbedtls_entropy_free( &ctx );
-    mbedtls_nv_seed_read = original_mbedtls_nv_seed_read;
-    mbedtls_nv_seed_write = original_mbedtls_nv_seed_write;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:ENTROPY_HAVE_STRONG:MBEDTLS_SELF_TEST */
-void entropy_selftest( int result )
-{
-    TEST_ASSERT( mbedtls_entropy_self_test( 1 ) == result );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_error.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_error.function
deleted file mode 100644
index 68831ce..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_error.function
+++ /dev/null
@@ -1,21 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/error.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_ERROR_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void error_strerror( int code, char * result_str )
-{
-    char buf[500];
-
-    memset( buf, 0, sizeof( buf ) );
-
-    mbedtls_strerror( code, buf, 500 );
-
-    TEST_ASSERT( strcmp( buf, result_str ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_gcm.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_gcm.function
deleted file mode 100644
index 9b7b0ee..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_gcm.function
+++ /dev/null
@@ -1,284 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/gcm.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_GCM_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void gcm_bad_parameters( int cipher_id, int direction,
-                         data_t *key_str, data_t *src_str,
-                         data_t *iv_str, data_t *add_str,
-                         int tag_len_bits, int gcm_result )
-{
-    unsigned char output[128];
-    unsigned char tag_output[16];
-    mbedtls_gcm_context ctx;
-    size_t tag_len = tag_len_bits / 8;
-
-    mbedtls_gcm_init( &ctx );
-
-    memset( output, 0x00, sizeof( output ) );
-    memset( tag_output, 0x00, sizeof( tag_output ) );
-
-    TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 );
-    TEST_ASSERT( mbedtls_gcm_crypt_and_tag( &ctx, direction, src_str->len, iv_str->x, iv_str->len,
-                 add_str->x, add_str->len, src_str->x, output, tag_len, tag_output ) == gcm_result );
-
-exit:
-    mbedtls_gcm_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void gcm_encrypt_and_tag( int cipher_id, data_t * key_str,
-                          data_t * src_str, data_t * iv_str,
-                          data_t * add_str, data_t * dst,
-                          int tag_len_bits, data_t * tag,
-                          int init_result )
-{
-    unsigned char output[128];
-    unsigned char tag_output[16];
-    mbedtls_gcm_context ctx;
-    size_t tag_len = tag_len_bits / 8;
-
-    mbedtls_gcm_init( &ctx );
-
-    memset(output, 0x00, 128);
-    memset(tag_output, 0x00, 16);
-
-
-    TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == init_result );
-    if( init_result == 0 )
-    {
-        TEST_ASSERT( mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT, src_str->len, iv_str->x, iv_str->len, add_str->x, add_str->len, src_str->x, output, tag_len, tag_output ) == 0 );
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x,
-                                          src_str->len, dst->len ) == 0 );
-        TEST_ASSERT( mbedtls_test_hexcmp( tag_output, tag->x,
-                                          tag_len, tag->len ) == 0 );
-    }
-
-exit:
-    mbedtls_gcm_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void gcm_decrypt_and_verify( int cipher_id, data_t * key_str,
-                             data_t * src_str, data_t * iv_str,
-                             data_t * add_str, int tag_len_bits,
-                             data_t * tag_str, char * result,
-                             data_t * pt_result, int init_result )
-{
-    unsigned char output[128];
-    mbedtls_gcm_context ctx;
-    int ret;
-    size_t tag_len = tag_len_bits / 8;
-
-    mbedtls_gcm_init( &ctx );
-
-    memset(output, 0x00, 128);
-
-
-    TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == init_result );
-    if( init_result == 0 )
-    {
-        ret = mbedtls_gcm_auth_decrypt( &ctx, src_str->len, iv_str->x, iv_str->len, add_str->x, add_str->len, tag_str->x, tag_len, src_str->x, output );
-
-        if( strcmp( "FAIL", result ) == 0 )
-        {
-            TEST_ASSERT( ret == MBEDTLS_ERR_GCM_AUTH_FAILED );
-        }
-        else
-        {
-            TEST_ASSERT( ret == 0 );
-
-            TEST_ASSERT( mbedtls_test_hexcmp( output, pt_result->x,
-                                              src_str->len,
-                                              pt_result->len ) == 0 );
-        }
-    }
-
-exit:
-    mbedtls_gcm_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void gcm_invalid_param( )
-{
-    mbedtls_gcm_context ctx;
-    unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 };
-    mbedtls_cipher_id_t valid_cipher = MBEDTLS_CIPHER_ID_AES;
-    int valid_mode = MBEDTLS_GCM_ENCRYPT;
-    int valid_len = sizeof(valid_buffer);
-    int valid_bitlen = 128, invalid_bitlen = 1;
-
-    mbedtls_gcm_init( &ctx );
-
-    /* mbedtls_gcm_init() */
-    TEST_INVALID_PARAM( mbedtls_gcm_init( NULL ) );
-
-    /* mbedtls_gcm_setkey */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_setkey( NULL, valid_cipher, valid_buffer, valid_bitlen ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_setkey( &ctx, valid_cipher, NULL, valid_bitlen ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_setkey( &ctx, valid_cipher, valid_buffer, invalid_bitlen ) );
-
-    /* mbedtls_gcm_crypt_and_tag() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_crypt_and_tag( NULL, valid_mode, valid_len,
-                                   valid_buffer, valid_len,
-                                   valid_buffer, valid_len,
-                                   valid_buffer, valid_buffer,
-                                   valid_len, valid_buffer ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len,
-                                   NULL, valid_len,
-                                   valid_buffer, valid_len,
-                                   valid_buffer, valid_buffer,
-                                   valid_len, valid_buffer ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len,
-                                   valid_buffer, valid_len,
-                                   NULL, valid_len,
-                                   valid_buffer, valid_buffer,
-                                   valid_len, valid_buffer ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len,
-                                   valid_buffer, valid_len,
-                                   valid_buffer, valid_len,
-                                   NULL, valid_buffer,
-                                   valid_len, valid_buffer ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len,
-                                   valid_buffer, valid_len,
-                                   valid_buffer, valid_len,
-                                   valid_buffer, NULL,
-                                   valid_len, valid_buffer ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len,
-                                   valid_buffer, valid_len,
-                                   valid_buffer, valid_len,
-                                   valid_buffer, valid_buffer,
-                                   valid_len, NULL ) );
-
-    /* mbedtls_gcm_auth_decrypt() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_auth_decrypt( NULL, valid_len,
-                                  valid_buffer, valid_len,
-                                  valid_buffer, valid_len,
-                                  valid_buffer, valid_len,
-                                  valid_buffer, valid_buffer) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_auth_decrypt( &ctx, valid_len,
-                                  NULL, valid_len,
-                                  valid_buffer, valid_len,
-                                  valid_buffer, valid_len,
-                                  valid_buffer, valid_buffer) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_auth_decrypt( &ctx, valid_len,
-                                  valid_buffer, valid_len,
-                                  NULL, valid_len,
-                                  valid_buffer, valid_len,
-                                  valid_buffer, valid_buffer) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_auth_decrypt( &ctx, valid_len,
-                                  valid_buffer, valid_len,
-                                  valid_buffer, valid_len,
-                                  NULL, valid_len,
-                                  valid_buffer, valid_buffer) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_auth_decrypt( &ctx, valid_len,
-                                  valid_buffer, valid_len,
-                                  valid_buffer, valid_len,
-                                  valid_buffer, valid_len,
-                                  NULL, valid_buffer) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_auth_decrypt( &ctx, valid_len,
-                                  valid_buffer, valid_len,
-                                  valid_buffer, valid_len,
-                                  valid_buffer, valid_len,
-                                  valid_buffer, NULL) );
-
-    /* mbedtls_gcm_starts() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_starts( NULL, valid_mode,
-                            valid_buffer, valid_len,
-                            valid_buffer, valid_len ) );
-
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_starts( &ctx, valid_mode,
-                            NULL, valid_len,
-                            valid_buffer, valid_len ) );
-
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_starts( &ctx, valid_mode,
-                            valid_buffer, valid_len,
-                            NULL, valid_len ) );
-
-    /* mbedtls_gcm_update() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_update( NULL, valid_len,
-                            valid_buffer, valid_buffer ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_update( &ctx, valid_len,
-                            NULL, valid_buffer ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_update( &ctx, valid_len,
-                            valid_buffer, NULL ) );
-
-    /* mbedtls_gcm_finish() */
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_finish( NULL, valid_buffer, valid_len ) );
-    TEST_INVALID_PARAM_RET(
-        MBEDTLS_ERR_GCM_BAD_INPUT,
-        mbedtls_gcm_finish( &ctx, NULL, valid_len ) );
-
-exit:
-    mbedtls_gcm_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void gcm_valid_param( )
-{
-    TEST_VALID_PARAM( mbedtls_gcm_free( NULL ) );
-exit:
-    return;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void gcm_selftest(  )
-{
-    TEST_ASSERT( mbedtls_gcm_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_hkdf.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_hkdf.function
deleted file mode 100644
index 4c597c3..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_hkdf.function
+++ /dev/null
@@ -1,159 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/hkdf.h"
-#include "mbedtls/md_internal.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_HKDF_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void test_hkdf( int md_alg, data_t *ikm, data_t *salt, data_t *info,
-                data_t *expected_okm )
-{
-    int ret;
-    unsigned char okm[128] = { '\0' };
-
-    const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg );
-    TEST_ASSERT( md != NULL );
-
-    TEST_ASSERT( expected_okm->len <= sizeof( okm ) );
-
-    ret = mbedtls_hkdf( md, salt->x, salt->len, ikm->x, ikm->len,
-                        info->x, info->len, okm, expected_okm->len );
-    TEST_ASSERT( ret == 0 );
-
-    ASSERT_COMPARE( okm            , expected_okm->len,
-                    expected_okm->x, expected_okm->len );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void test_hkdf_extract( int md_alg, char *hex_ikm_string,
-                        char *hex_salt_string, char *hex_prk_string )
-{
-    int ret;
-    unsigned char *ikm = NULL;
-    unsigned char *salt = NULL;
-    unsigned char *prk = NULL;
-    unsigned char *output_prk = NULL;
-    size_t ikm_len, salt_len, prk_len, output_prk_len;
-
-    const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg );
-    TEST_ASSERT( md != NULL );
-
-    output_prk_len = mbedtls_md_get_size( md );
-    output_prk = mbedtls_calloc( 1, output_prk_len );
-
-    ikm = mbedtls_test_unhexify_alloc( hex_ikm_string, &ikm_len );
-    salt = mbedtls_test_unhexify_alloc( hex_salt_string, &salt_len );
-    prk = mbedtls_test_unhexify_alloc( hex_prk_string, &prk_len );
-
-    ret = mbedtls_hkdf_extract( md, salt, salt_len, ikm, ikm_len, output_prk );
-    TEST_ASSERT( ret == 0 );
-
-    ASSERT_COMPARE( output_prk, output_prk_len, prk, prk_len );
-
-exit:
-    mbedtls_free(ikm);
-    mbedtls_free(salt);
-    mbedtls_free(prk);
-    mbedtls_free(output_prk);
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void test_hkdf_expand( int md_alg, char *hex_info_string,
-                       char *hex_prk_string, char *hex_okm_string )
-{
-    enum { OKM_LEN  = 1024 };
-    int ret;
-    unsigned char *info = NULL;
-    unsigned char *prk = NULL;
-    unsigned char *okm = NULL;
-    unsigned char *output_okm = NULL;
-    size_t info_len, prk_len, okm_len;
-
-    const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg );
-    TEST_ASSERT( md != NULL );
-
-    output_okm = mbedtls_calloc( OKM_LEN, 1 );
-
-    prk = mbedtls_test_unhexify_alloc( hex_prk_string, &prk_len );
-    info = mbedtls_test_unhexify_alloc( hex_info_string, &info_len );
-    okm = mbedtls_test_unhexify_alloc( hex_okm_string, &okm_len );
-    TEST_ASSERT( prk_len == mbedtls_md_get_size( md ) );
-    TEST_ASSERT( okm_len < OKM_LEN );
-
-    ret = mbedtls_hkdf_expand( md, prk, prk_len, info, info_len,
-                               output_okm, OKM_LEN );
-    TEST_ASSERT( ret == 0 );
-    ASSERT_COMPARE( output_okm, okm_len, okm, okm_len );
-
-exit:
-    mbedtls_free(info);
-    mbedtls_free(prk);
-    mbedtls_free(okm);
-    mbedtls_free(output_okm);
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void test_hkdf_extract_ret( int hash_len, int ret )
-{
-    int output_ret;
-    unsigned char *salt = NULL;
-    unsigned char *ikm = NULL;
-    unsigned char *prk = NULL;
-    size_t salt_len, ikm_len;
-    struct mbedtls_md_info_t fake_md_info;
-
-    memset( &fake_md_info, 0, sizeof( fake_md_info ) );
-    fake_md_info.type = MBEDTLS_MD_NONE;
-    fake_md_info.size = hash_len;
-
-    prk = mbedtls_calloc( MBEDTLS_MD_MAX_SIZE, 1 );
-    salt_len = 0;
-    ikm_len = 0;
-
-    output_ret = mbedtls_hkdf_extract( &fake_md_info, salt, salt_len,
-                                       ikm, ikm_len, prk );
-    TEST_ASSERT( output_ret == ret );
-
-exit:
-    mbedtls_free(prk);
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void test_hkdf_expand_ret( int hash_len, int prk_len, int okm_len, int ret )
-{
-    int output_ret;
-    unsigned char *info = NULL;
-    unsigned char *prk = NULL;
-    unsigned char *okm = NULL;
-    size_t info_len;
-    struct mbedtls_md_info_t fake_md_info;
-
-    memset( &fake_md_info, 0, sizeof( fake_md_info ) );
-    fake_md_info.type = MBEDTLS_MD_NONE;
-    fake_md_info.size = hash_len;
-
-    info_len = 0;
-
-    if (prk_len > 0)
-        prk = mbedtls_calloc( prk_len, 1 );
-
-    if (okm_len > 0)
-        okm = mbedtls_calloc( okm_len, 1 );
-
-    output_ret = mbedtls_hkdf_expand( &fake_md_info, prk, prk_len,
-                                      info, info_len, okm, okm_len );
-    TEST_ASSERT( output_ret == ret );
-
-exit:
-    mbedtls_free(prk);
-    mbedtls_free(okm);
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_hmac_drbg.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_hmac_drbg.function
deleted file mode 100644
index b83d760..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_hmac_drbg.function
+++ /dev/null
@@ -1,295 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/hmac_drbg.h"
-#include "string.h"
-
-typedef struct
-{
-    unsigned char *p;
-    size_t len;
-} entropy_ctx;
-
-static int mbedtls_test_entropy_func( void *data, unsigned char *buf, size_t len )
-{
-    entropy_ctx *ctx = (entropy_ctx *) data;
-
-    if( len > ctx->len )
-        return( -1 );
-
-    memcpy( buf, ctx->p, len );
-
-    ctx->p += len;
-    ctx->len -= len;
-
-    return( 0 );
-}
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_HMAC_DRBG_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void hmac_drbg_entropy_usage( int md_alg )
-{
-    unsigned char out[16];
-    unsigned char buf[1024];
-    const mbedtls_md_info_t *md_info;
-    mbedtls_hmac_drbg_context ctx;
-    entropy_ctx entropy;
-    size_t i, reps = 10;
-    size_t default_entropy_len;
-    size_t expected_consumed_entropy = 0;
-
-    mbedtls_hmac_drbg_init( &ctx );
-    memset( buf, 0, sizeof( buf ) );
-    memset( out, 0, sizeof( out ) );
-
-    entropy.len = sizeof( buf );
-    entropy.p = buf;
-
-    md_info = mbedtls_md_info_from_type( md_alg );
-    TEST_ASSERT( md_info != NULL );
-    if( mbedtls_md_get_size( md_info ) <= 20 )
-        default_entropy_len = 16;
-    else if( mbedtls_md_get_size( md_info ) <= 28 )
-        default_entropy_len = 24;
-    else
-        default_entropy_len = 32;
-
-    /* Set reseed interval before seed */
-    mbedtls_hmac_drbg_set_reseed_interval( &ctx, 2 * reps );
-
-    /* Init must use entropy */
-    TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &entropy,
-                                 NULL, 0 ) == 0 );
-    /* default_entropy_len of entropy, plus half as much for the nonce */
-    expected_consumed_entropy += default_entropy_len * 3 / 2;
-    TEST_EQUAL( sizeof( buf )  - entropy.len, expected_consumed_entropy );
-
-    /* By default, PR is off, and reseed interval was set to
-     * 2 * reps so the next few calls should not use entropy */
-    for( i = 0; i < reps; i++ )
-    {
-        TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) - 4 ) == 0 );
-        TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, out, sizeof( out ) - 4,
-                                                buf, 16 ) == 0 );
-    }
-    TEST_EQUAL( sizeof( buf )  - entropy.len, expected_consumed_entropy );
-
-    /* While at it, make sure we didn't write past the requested length */
-    TEST_ASSERT( out[sizeof( out ) - 4] == 0 );
-    TEST_ASSERT( out[sizeof( out ) - 3] == 0 );
-    TEST_ASSERT( out[sizeof( out ) - 2] == 0 );
-    TEST_ASSERT( out[sizeof( out ) - 1] == 0 );
-
-    /* There have been 2 * reps calls to random. The next call should reseed */
-    TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 );
-    expected_consumed_entropy += default_entropy_len;
-    TEST_EQUAL( sizeof( buf )  - entropy.len, expected_consumed_entropy );
-
-    /* Set reseed interval after seed */
-    mbedtls_hmac_drbg_set_reseed_interval( &ctx, 4 * reps + 1);
-
-    /* The new few calls should not reseed */
-    for( i = 0; i < (2 * reps); i++ )
-    {
-        TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 );
-        TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, out, sizeof( out ) ,
-                                                buf, 16 ) == 0 );
-    }
-    TEST_EQUAL( sizeof( buf )  - entropy.len, expected_consumed_entropy );
-
-    /* Now enable PR, so the next few calls should all reseed */
-    mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON );
-    TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 );
-    expected_consumed_entropy += default_entropy_len;
-    TEST_EQUAL( sizeof( buf )  - entropy.len, expected_consumed_entropy );
-
-    /* Finally, check setting entropy_len */
-    mbedtls_hmac_drbg_set_entropy_len( &ctx, 42 );
-    TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 );
-    expected_consumed_entropy += 42;
-    TEST_EQUAL( sizeof( buf )  - entropy.len, expected_consumed_entropy );
-
-    mbedtls_hmac_drbg_set_entropy_len( &ctx, 13 );
-    TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 );
-    expected_consumed_entropy += 13;
-    TEST_EQUAL( sizeof( buf )  - entropy.len, expected_consumed_entropy );
-
-exit:
-    mbedtls_hmac_drbg_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
-void hmac_drbg_seed_file( int md_alg, char * path, int ret )
-{
-    const mbedtls_md_info_t *md_info;
-    mbedtls_hmac_drbg_context ctx;
-
-    mbedtls_hmac_drbg_init( &ctx );
-
-    md_info = mbedtls_md_info_from_type( md_alg );
-    TEST_ASSERT( md_info != NULL );
-
-    TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info,
-                                         mbedtls_test_rnd_std_rand, NULL,
-                                         NULL, 0 ) == 0 );
-
-    TEST_ASSERT( mbedtls_hmac_drbg_write_seed_file( &ctx, path ) == ret );
-    TEST_ASSERT( mbedtls_hmac_drbg_update_seed_file( &ctx, path ) == ret );
-
-exit:
-    mbedtls_hmac_drbg_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void hmac_drbg_buf( int md_alg )
-{
-    unsigned char out[16];
-    unsigned char buf[100];
-    const mbedtls_md_info_t *md_info;
-    mbedtls_hmac_drbg_context ctx;
-    size_t i;
-
-    mbedtls_hmac_drbg_init( &ctx );
-    memset( buf, 0, sizeof( buf ) );
-    memset( out, 0, sizeof( out ) );
-
-    md_info = mbedtls_md_info_from_type( md_alg );
-    TEST_ASSERT( md_info != NULL );
-    TEST_ASSERT( mbedtls_hmac_drbg_seed_buf( &ctx, md_info, buf, sizeof( buf ) ) == 0 );
-
-    /* Make sure it never tries to reseed (would segfault otherwise) */
-    mbedtls_hmac_drbg_set_reseed_interval( &ctx, 3 );
-    mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON );
-
-    for( i = 0; i < 30; i++ )
-        TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 );
-
-exit:
-    mbedtls_hmac_drbg_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void hmac_drbg_no_reseed( int md_alg, data_t * entropy,
-                          data_t * custom, data_t * add1,
-                          data_t * add2, data_t * output )
-{
-    unsigned char data[1024];
-    unsigned char my_output[512];
-    entropy_ctx p_entropy;
-    const mbedtls_md_info_t *md_info;
-    mbedtls_hmac_drbg_context ctx;
-
-    mbedtls_hmac_drbg_init( &ctx );
-
-    p_entropy.p = entropy->x;
-    p_entropy.len = entropy->len;
-
-    md_info = mbedtls_md_info_from_type( md_alg );
-    TEST_ASSERT( md_info != NULL );
-
-    /* Test the simplified buffer-based variant */
-    memcpy( data, entropy->x, p_entropy.len );
-    memcpy( data + p_entropy.len, custom->x, custom->len );
-    TEST_ASSERT( mbedtls_hmac_drbg_seed_buf( &ctx, md_info,
-                                     data, p_entropy.len + custom->len ) == 0 );
-    TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len,
-                                            add1->x, add1->len ) == 0 );
-    TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len,
-                                            add2->x, add2->len ) == 0 );
-
-    /* Reset context for second run */
-    mbedtls_hmac_drbg_free( &ctx );
-
-    TEST_ASSERT( memcmp( my_output, output->x, output->len ) == 0 );
-
-    /* And now the normal entropy-based variant */
-    TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy,
-                                 custom->x, custom->len ) == 0 );
-    TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len,
-                                            add1->x, add1->len ) == 0 );
-    TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len,
-                                            add2->x, add2->len ) == 0 );
-    TEST_ASSERT( memcmp( my_output, output->x, output->len ) == 0 );
-
-exit:
-    mbedtls_hmac_drbg_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void hmac_drbg_nopr( int md_alg, data_t * entropy, data_t * custom,
-                     data_t * add1, data_t * add2, data_t * add3,
-                     data_t * output )
-{
-    unsigned char my_output[512];
-    entropy_ctx p_entropy;
-    const mbedtls_md_info_t *md_info;
-    mbedtls_hmac_drbg_context ctx;
-
-    mbedtls_hmac_drbg_init( &ctx );
-
-    p_entropy.p = entropy->x;
-    p_entropy.len = entropy->len;
-
-    md_info = mbedtls_md_info_from_type( md_alg );
-    TEST_ASSERT( md_info != NULL );
-
-    TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy,
-                                 custom->x, custom->len ) == 0 );
-    TEST_ASSERT( mbedtls_hmac_drbg_reseed( &ctx, add1->x, add1->len ) == 0 );
-    TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len,
-                                            add2->x, add2->len ) == 0 );
-    TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len,
-                                            add3->x, add3->len ) == 0 );
-
-    TEST_ASSERT( memcmp( my_output, output->x, output->len ) == 0 );
-
-exit:
-    mbedtls_hmac_drbg_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void hmac_drbg_pr( int md_alg, data_t * entropy, data_t * custom,
-                   data_t * add1, data_t * add2, data_t * output )
-{
-    unsigned char my_output[512];
-    entropy_ctx p_entropy;
-    const mbedtls_md_info_t *md_info;
-    mbedtls_hmac_drbg_context ctx;
-
-    mbedtls_hmac_drbg_init( &ctx );
-
-    p_entropy.p = entropy->x;
-    p_entropy.len = entropy->len;
-
-    md_info = mbedtls_md_info_from_type( md_alg );
-    TEST_ASSERT( md_info != NULL );
-
-    TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy,
-                                 custom->x, custom->len ) == 0 );
-    mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON );
-    TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len,
-                                            add1->x, add1->len ) == 0 );
-    TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len,
-                                            add2->x, add2->len ) == 0 );
-
-    TEST_ASSERT( memcmp( my_output, output->x, output->len ) == 0 );
-
-exit:
-    mbedtls_hmac_drbg_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void hmac_drbg_selftest(  )
-{
-    TEST_ASSERT( mbedtls_hmac_drbg_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_md.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_md.data
deleted file mode 100644
index bdcc8db..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_md.data
+++ /dev/null
@@ -1,1226 +0,0 @@
-# Tests of the generic message digest interface
-MD process
-mbedtls_md_process:
-
-MD NULL/uninitialised arguments
-md_null_args:
-
-Information on MD2
-depends_on:MBEDTLS_MD2_C
-md_info:MBEDTLS_MD_MD2:"MD2":16
-
-Information on MD4
-depends_on:MBEDTLS_MD4_C
-md_info:MBEDTLS_MD_MD4:"MD4":16
-
-Information on MD5
-depends_on:MBEDTLS_MD5_C
-md_info:MBEDTLS_MD_MD5:"MD5":16
-
-Information on RIPEMD160
-depends_on:MBEDTLS_RIPEMD160_C
-md_info:MBEDTLS_MD_RIPEMD160:"RIPEMD160":20
-
-Information on SHA1
-depends_on:MBEDTLS_SHA1_C
-md_info:MBEDTLS_MD_SHA1:"SHA1":20
-
-Information on SHA224
-depends_on:MBEDTLS_SHA256_C
-md_info:MBEDTLS_MD_SHA224:"SHA224":28
-
-Information on SHA256
-depends_on:MBEDTLS_SHA256_C
-md_info:MBEDTLS_MD_SHA256:"SHA256":32
-
-Information on SHA384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_info:MBEDTLS_MD_SHA384:"SHA384":48
-
-Information on SHA512
-depends_on:MBEDTLS_SHA512_C
-md_info:MBEDTLS_MD_SHA512:"SHA512":64
-
-generic mbedtls_md2 Test vector RFC1319 #1
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"":"8350e5a3e24c153df2275c9f80692773"
-
-generic mbedtls_md2 Test vector RFC1319 #2
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"a":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
-
-generic mbedtls_md2 Test vector RFC1319 #3
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"abc":"da853b0d3f88d99b30283a69e6ded6bb"
-
-generic mbedtls_md2 Test vector RFC1319 #4
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"message digest":"ab4f496bfb2a530b219ff33031fe06b0"
-
-generic mbedtls_md2 Test vector RFC1319 #5
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"abcdefghijklmnopqrstuvwxyz":"4e8ddff3650292ab5a4108c3aa47940b"
-
-generic mbedtls_md2 Test vector RFC1319 #6
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"da33def2a42df13975352846c30338cd"
-
-generic mbedtls_md2 Test vector RFC1319 #7
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"d5976f79d83d3a0dc9806c3c66f3efd8"
-
-generic mbedtls_md4 Test vector RFC1320 #1
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"":"31d6cfe0d16ae931b73c59d7e0c089c0"
-
-generic mbedtls_md4 Test vector RFC1320 #2
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"a":"bde52cb31de33e46245e05fbdbd6fb24"
-
-generic mbedtls_md4 Test vector RFC1320 #3
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"abc":"a448017aaf21d8525fc10ae87aa6729d"
-
-generic mbedtls_md4 Test vector RFC1320 #4
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"message digest":"d9130a8164549fe818874806e1c7014b"
-
-generic mbedtls_md4 Test vector RFC1320 #5
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"abcdefghijklmnopqrstuvwxyz":"d79e1c308aa5bbcdeea8ed63df412da9"
-
-generic mbedtls_md4 Test vector RFC1320 #6
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"043f8582f241db351ce627e153e7f0e4"
-
-generic mbedtls_md4 Test vector RFC1320 #7
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"e33b4ddc9c38f2199c3e7b164fcc0536"
-
-generic mbedtls_md5 Test vector RFC1321 #1
-depends_on:MBEDTLS_MD5_C
-md_text:"MD5":"":"d41d8cd98f00b204e9800998ecf8427e"
-
-generic mbedtls_md5 Test vector RFC1321 #2
-depends_on:MBEDTLS_MD5_C
-md_text:"MD5":"a":"0cc175b9c0f1b6a831c399e269772661"
-
-generic mbedtls_md5 Test vector RFC1321 #3
-depends_on:MBEDTLS_MD5_C
-md_text:"MD5":"abc":"900150983cd24fb0d6963f7d28e17f72"
-
-generic mbedtls_md5 Test vector RFC1321 #4
-depends_on:MBEDTLS_MD5_C
-md_text:"MD5":"message digest":"f96b697d7cb7938d525a2f31aaf161d0"
-
-generic mbedtls_md5 Test vector RFC1321 #5
-depends_on:MBEDTLS_MD5_C
-md_text:"MD5":"abcdefghijklmnopqrstuvwxyz":"c3fcd3d76192e4007dfb496cca67e13b"
-
-generic mbedtls_md5 Test vector RFC1321 #6
-depends_on:MBEDTLS_MD5_C
-md_text:"MD5":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"d174ab98d277d9f5a5611c2c9f419d9f"
-
-generic mbedtls_md5 Test vector RFC1321 #7
-depends_on:MBEDTLS_MD5_C
-md_text:"MD5":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"57edf4a22be3c955ac49da2e2107b67a"
-
-generic mbedtls_ripemd160 Test vector from paper #1
-depends_on:MBEDTLS_RIPEMD160_C
-md_text:"RIPEMD160":"":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
-
-generic mbedtls_ripemd160 Test vector from paper #2
-depends_on:MBEDTLS_RIPEMD160_C
-md_text:"RIPEMD160":"a":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe"
-
-generic mbedtls_ripemd160 Test vector from paper #3
-depends_on:MBEDTLS_RIPEMD160_C
-md_text:"RIPEMD160":"abc":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
-
-generic mbedtls_ripemd160 Test vector from paper #4
-depends_on:MBEDTLS_RIPEMD160_C
-md_text:"RIPEMD160":"message digest":"5d0689ef49d2fae572b881b123a85ffa21595f36"
-
-generic mbedtls_ripemd160 Test vector from paper #5
-depends_on:MBEDTLS_RIPEMD160_C
-md_text:"RIPEMD160":"abcdefghijklmnopqrstuvwxyz":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc"
-
-generic mbedtls_ripemd160 Test vector from paper #6
-depends_on:MBEDTLS_RIPEMD160_C
-md_text:"RIPEMD160":"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq":"12a053384a9c0c88e405a06c27dcf49ada62eb2b"
-
-generic mbedtls_ripemd160 Test vector from paper #7
-depends_on:MBEDTLS_RIPEMD160_C
-md_text:"RIPEMD160":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"b0e20b6e3116640286ed3a87a5713079b21f5189"
-
-generic mbedtls_ripemd160 Test vector from paper #8
-depends_on:MBEDTLS_RIPEMD160_C
-md_text:"RIPEMD160":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
-
-generic HMAC-MD2 Hash File OpenSSL test #1
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_hmac:"MD2":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d5732582f494f5ddf35efd166c85af9c"
-
-generic HMAC-MD2 Hash File OpenSSL test #2
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_hmac:"MD2":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"54ab68503f7d1b5c7741340dff2722a9"
-
-generic HMAC-MD2 Hash File OpenSSL test #3
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_hmac:"MD2":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d850e5f554558cf0fe79a0612e1d0365"
-
-generic HMAC-MD4 Hash File OpenSSL test #1
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_hmac:"MD4":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"eabd0fbefb82fb0063a25a6d7b8bdc0f"
-
-generic HMAC-MD4 Hash File OpenSSL test #2
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_hmac:"MD4":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"cec3c5e421a7b783aa89cacf78daf6dc"
-
-generic HMAC-MD4 Hash File OpenSSL test #3
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_hmac:"MD4":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"ad5f0a04116109b397b57f9cc9b6df4b"
-
-generic HMAC-MD5 Hash File OpenSSL test #1
-depends_on:MBEDTLS_MD5_C
-mbedtls_md_hmac:"MD5":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"42552882f00bd4633ea81135a184b284"
-
-generic HMAC-MD5 Hash File OpenSSL test #2
-depends_on:MBEDTLS_MD5_C
-mbedtls_md_hmac:"MD5":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"a16a842891786d01fe50ba7731db7464"
-
-generic HMAC-MD5 Hash File OpenSSL test #3
-depends_on:MBEDTLS_MD5_C
-mbedtls_md_hmac:"MD5":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"e97f623936f98a7f741c4bd0612fecc2"
-
-HMAC-MD2 Bouncy Castle test #1
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_hmac:"MD2":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"dc1923ef5f161d35bef839ca8c807808"
-
-HMAC-MD4 Bouncy Castle test #1
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_hmac:"MD4":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"5570ce964ba8c11756cdc3970278ff5a"
-
-HMAC-MD5 Bouncy Castle test #1
-depends_on:MBEDTLS_MD5_C
-mbedtls_md_hmac:"MD5":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"5ccec34ea9656392457fa1ac27f08fbc"
-
-generic HMAC-MD5 Test Vector RFC2202 #1
-depends_on:MBEDTLS_MD5_C
-mbedtls_md_hmac:"MD5":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"9294727a3638bb1c13f48ef8158bfc9d"
-
-generic HMAC-MD5 Test Vector RFC2202 #2
-depends_on:MBEDTLS_MD5_C
-mbedtls_md_hmac:"MD5":16:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"750c783e6ab0b503eaa86e310a5db738"
-
-generic HMAC-MD5 Test Vector RFC2202 #3
-depends_on:MBEDTLS_MD5_C
-mbedtls_md_hmac:"MD5":16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"56be34521d144c88dbb8c733f0e8b3f6"
-
-generic HMAC-MD5 Test Vector RFC2202 #4
-depends_on:MBEDTLS_MD5_C
-mbedtls_md_hmac:"MD5":16:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"697eaf0aca3a3aea3a75164746ffaa79"
-
-generic HMAC-MD5 Test Vector RFC2202 #5
-depends_on:MBEDTLS_MD5_C
-mbedtls_md_hmac:"MD5":12:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"56461ef2342edc00f9bab995"
-
-generic HMAC-MD5 Test Vector RFC2202 #6
-depends_on:MBEDTLS_MD5_C
-mbedtls_md_hmac:"MD5":16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd"
-
-generic HMAC-MD5 Test Vector RFC2202 #7
-depends_on:MBEDTLS_MD5_C
-mbedtls_md_hmac:"MD5":16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"6f630fad67cda0ee1fb1f562db3aa53e"
-
-generic HMAC-RIPEMD160 Test vector RFC 2286 #1
-depends_on:MBEDTLS_RIPEMD160_C
-mbedtls_md_hmac:"RIPEMD160":20:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"24cb4bd67d20fc1a5d2ed7732dcc39377f0a5668"
-
-generic HMAC-RIPEMD160 Test vector RFC 2286 #2
-depends_on:MBEDTLS_RIPEMD160_C
-mbedtls_md_hmac:"RIPEMD160":20:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"dda6c0213a485a9e24f4742064a7f033b43c4069"
-
-generic HMAC-RIPEMD160 Test vector RFC 2286 #3
-depends_on:MBEDTLS_RIPEMD160_C
-mbedtls_md_hmac:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"b0b105360de759960ab4f35298e116e295d8e7c1"
-
-generic HMAC-RIPEMD160 Test vector RFC 2286 #4
-depends_on:MBEDTLS_RIPEMD160_C
-mbedtls_md_hmac:"RIPEMD160":20:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"d5ca862f4d21d5e610e18b4cf1beb97a4365ecf4"
-
-generic HMAC-RIPEMD160 Test vector RFC 2286 #5
-depends_on:MBEDTLS_RIPEMD160_C
-mbedtls_md_hmac:"RIPEMD160":20:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"7619693978f91d90539ae786500ff3d8e0518e39"
-
-generic HMAC-RIPEMD160 Test vector RFC 2286 #6
-depends_on:MBEDTLS_RIPEMD160_C
-mbedtls_md_hmac:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6466ca07ac5eac29e1bd523e5ada7605b791fd8b"
-
-generic HMAC-RIPEMD160 Test vector RFC 2286 #7
-depends_on:MBEDTLS_RIPEMD160_C
-mbedtls_md_hmac:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"69ea60798d71616cce5fd0871e23754cd75d5a0a"
-
-generic multi step mbedtls_md2 Test vector RFC1319 #1
-depends_on:MBEDTLS_MD_C:MBEDTLS_MD2_C
-md_text_multi:"MD2":"":"8350e5a3e24c153df2275c9f80692773"
-
-generic multi step mbedtls_md2 Test vector RFC1319 #2
-depends_on:MBEDTLS_MD2_C
-md_text_multi:"MD2":"a":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
-
-generic multi step mbedtls_md2 Test vector RFC1319 #3
-depends_on:MBEDTLS_MD2_C
-md_text_multi:"MD2":"abc":"da853b0d3f88d99b30283a69e6ded6bb"
-
-generic multi step mbedtls_md2 Test vector RFC1319 #4
-depends_on:MBEDTLS_MD2_C
-md_text_multi:"MD2":"message digest":"ab4f496bfb2a530b219ff33031fe06b0"
-
-generic multi step mbedtls_md2 Test vector RFC1319 #5
-depends_on:MBEDTLS_MD2_C
-md_text_multi:"MD2":"abcdefghijklmnopqrstuvwxyz":"4e8ddff3650292ab5a4108c3aa47940b"
-
-generic multi step mbedtls_md2 Test vector RFC1319 #6
-depends_on:MBEDTLS_MD2_C
-md_text_multi:"MD2":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"da33def2a42df13975352846c30338cd"
-
-generic multi step mbedtls_md2 Test vector RFC1319 #7
-depends_on:MBEDTLS_MD2_C
-md_text_multi:"MD2":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"d5976f79d83d3a0dc9806c3c66f3efd8"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #1
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"":"31d6cfe0d16ae931b73c59d7e0c089c0"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #2
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"a":"bde52cb31de33e46245e05fbdbd6fb24"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #3
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"abc":"a448017aaf21d8525fc10ae87aa6729d"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #4
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"message digest":"d9130a8164549fe818874806e1c7014b"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #5
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"abcdefghijklmnopqrstuvwxyz":"d79e1c308aa5bbcdeea8ed63df412da9"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #6
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"043f8582f241db351ce627e153e7f0e4"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #7
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"e33b4ddc9c38f2199c3e7b164fcc0536"
-
-generic multi step mbedtls_md5 Test vector RFC1321 #1
-depends_on:MBEDTLS_MD5_C
-md_text_multi:"MD5":"":"d41d8cd98f00b204e9800998ecf8427e"
-
-generic multi step mbedtls_md5 Test vector RFC1321 #2
-depends_on:MBEDTLS_MD5_C
-md_text_multi:"MD5":"a":"0cc175b9c0f1b6a831c399e269772661"
-
-generic multi step mbedtls_md5 Test vector RFC1321 #3
-depends_on:MBEDTLS_MD5_C
-md_text_multi:"MD5":"abc":"900150983cd24fb0d6963f7d28e17f72"
-
-generic multi step mbedtls_md5 Test vector RFC1321 #4
-depends_on:MBEDTLS_MD5_C
-md_text_multi:"MD5":"message digest":"f96b697d7cb7938d525a2f31aaf161d0"
-
-generic multi step mbedtls_md5 Test vector RFC1321 #5
-depends_on:MBEDTLS_MD5_C
-md_text_multi:"MD5":"abcdefghijklmnopqrstuvwxyz":"c3fcd3d76192e4007dfb496cca67e13b"
-
-generic multi step mbedtls_md5 Test vector RFC1321 #6
-depends_on:MBEDTLS_MD5_C
-md_text_multi:"MD5":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"d174ab98d277d9f5a5611c2c9f419d9f"
-
-generic multi step mbedtls_md5 Test vector RFC1321 #7
-depends_on:MBEDTLS_MD5_C
-md_text_multi:"MD5":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"57edf4a22be3c955ac49da2e2107b67a"
-
-generic multi step mbedtls_ripemd160 Test vector from paper #1
-depends_on:MBEDTLS_RIPEMD160_C
-md_text_multi:"RIPEMD160":"":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
-
-generic multi step mbedtls_ripemd160 Test vector from paper #2
-depends_on:MBEDTLS_RIPEMD160_C
-md_text_multi:"RIPEMD160":"a":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe"
-
-generic multi step mbedtls_ripemd160 Test vector from paper #3
-depends_on:MBEDTLS_RIPEMD160_C
-md_text_multi:"RIPEMD160":"abc":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
-
-generic multi step mbedtls_ripemd160 Test vector from paper #4
-depends_on:MBEDTLS_RIPEMD160_C
-md_text_multi:"RIPEMD160":"message digest":"5d0689ef49d2fae572b881b123a85ffa21595f36"
-
-generic multi step mbedtls_ripemd160 Test vector from paper #5
-depends_on:MBEDTLS_RIPEMD160_C
-md_text_multi:"RIPEMD160":"abcdefghijklmnopqrstuvwxyz":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc"
-
-generic multi step mbedtls_ripemd160 Test vector from paper #6
-depends_on:MBEDTLS_RIPEMD160_C
-md_text_multi:"RIPEMD160":"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq":"12a053384a9c0c88e405a06c27dcf49ada62eb2b"
-
-generic multi step mbedtls_ripemd160 Test vector from paper #7
-depends_on:MBEDTLS_RIPEMD160_C
-md_text_multi:"RIPEMD160":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"b0e20b6e3116640286ed3a87a5713079b21f5189"
-
-generic multi step mbedtls_ripemd160 Test vector from paper #8
-depends_on:MBEDTLS_RIPEMD160_C
-md_text_multi:"RIPEMD160":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
-
-generic multi step HMAC-MD2 Hash File OpenSSL test #1
-depends_on:MBEDTLS_MD2_C
-md_hmac_multi:"MD2":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d5732582f494f5ddf35efd166c85af9c"
-
-generic multi step HMAC-MD2 Hash File OpenSSL test #2
-depends_on:MBEDTLS_MD2_C
-md_hmac_multi:"MD2":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"54ab68503f7d1b5c7741340dff2722a9"
-
-generic multi step HMAC-MD2 Hash File OpenSSL test #3
-depends_on:MBEDTLS_MD2_C
-md_hmac_multi:"MD2":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d850e5f554558cf0fe79a0612e1d0365"
-
-generic multi step HMAC-MD4 Hash File OpenSSL test #1
-depends_on:MBEDTLS_MD4_C
-md_hmac_multi:"MD4":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"eabd0fbefb82fb0063a25a6d7b8bdc0f"
-
-generic multi step HMAC-MD4 Hash File OpenSSL test #2
-depends_on:MBEDTLS_MD4_C
-md_hmac_multi:"MD4":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"cec3c5e421a7b783aa89cacf78daf6dc"
-
-generic multi step HMAC-MD4 Hash File OpenSSL test #3
-depends_on:MBEDTLS_MD4_C
-md_hmac_multi:"MD4":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"ad5f0a04116109b397b57f9cc9b6df4b"
-
-generic multi step HMAC-MD5 Hash File OpenSSL test #1
-depends_on:MBEDTLS_MD5_C
-md_hmac_multi:"MD5":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"42552882f00bd4633ea81135a184b284"
-
-generic multi step HMAC-MD5 Hash File OpenSSL test #2
-depends_on:MBEDTLS_MD5_C
-md_hmac_multi:"MD5":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"a16a842891786d01fe50ba7731db7464"
-
-generic multi step HMAC-MD5 Hash File OpenSSL test #3
-depends_on:MBEDTLS_MD5_C
-md_hmac_multi:"MD5":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"e97f623936f98a7f741c4bd0612fecc2"
-
-generic multi step HMAC-MD5 Test Vector RFC2202 #1
-depends_on:MBEDTLS_MD5_C
-md_hmac_multi:"MD5":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"9294727a3638bb1c13f48ef8158bfc9d"
-
-generic multi step HMAC-MD5 Test Vector RFC2202 #2
-depends_on:MBEDTLS_MD5_C
-md_hmac_multi:"MD5":16:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"750c783e6ab0b503eaa86e310a5db738"
-
-generic multi step HMAC-MD5 Test Vector RFC2202 #3
-depends_on:MBEDTLS_MD5_C
-md_hmac_multi:"MD5":16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"56be34521d144c88dbb8c733f0e8b3f6"
-
-generic multi step HMAC-MD5 Test Vector RFC2202 #4
-depends_on:MBEDTLS_MD5_C
-md_hmac_multi:"MD5":16:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"697eaf0aca3a3aea3a75164746ffaa79"
-
-generic multi step HMAC-MD5 Test Vector RFC2202 #5
-depends_on:MBEDTLS_MD5_C
-md_hmac_multi:"MD5":12:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"56461ef2342edc00f9bab995"
-
-generic multi step HMAC-MD5 Test Vector RFC2202 #6
-depends_on:MBEDTLS_MD5_C
-md_hmac_multi:"MD5":16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd"
-
-generic multi step HMAC-MD5 Test Vector RFC2202 #7
-depends_on:MBEDTLS_MD5_C
-md_hmac_multi:"MD5":16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"6f630fad67cda0ee1fb1f562db3aa53e"
-
-generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #1
-depends_on:MBEDTLS_RIPEMD160_C
-md_hmac_multi:"RIPEMD160":20:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"24cb4bd67d20fc1a5d2ed7732dcc39377f0a5668"
-
-generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #2
-depends_on:MBEDTLS_RIPEMD160_C
-md_hmac_multi:"RIPEMD160":20:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"dda6c0213a485a9e24f4742064a7f033b43c4069"
-
-generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #3
-depends_on:MBEDTLS_RIPEMD160_C
-md_hmac_multi:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"b0b105360de759960ab4f35298e116e295d8e7c1"
-
-generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #4
-depends_on:MBEDTLS_RIPEMD160_C
-md_hmac_multi:"RIPEMD160":20:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"d5ca862f4d21d5e610e18b4cf1beb97a4365ecf4"
-
-generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #5
-depends_on:MBEDTLS_RIPEMD160_C
-md_hmac_multi:"RIPEMD160":20:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"7619693978f91d90539ae786500ff3d8e0518e39"
-
-generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #6
-depends_on:MBEDTLS_RIPEMD160_C
-md_hmac_multi:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6466ca07ac5eac29e1bd523e5ada7605b791fd8b"
-
-generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #7
-depends_on:MBEDTLS_RIPEMD160_C
-md_hmac_multi:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"69ea60798d71616cce5fd0871e23754cd75d5a0a"
-
-generic MD2 Hash file #1
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_file:"MD2":"data_files/hash_file_1":"b593c098712d2e21628c8986695451a8"
-
-generic MD2 Hash file #2
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_file:"MD2":"data_files/hash_file_2":"3c027b7409909a4c4b26bbab69ad9f4f"
-
-generic MD2 Hash file #3
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_file:"MD2":"data_files/hash_file_3":"6bb43eb285e81f414083a94cdbe2989d"
-
-generic MD2 Hash file #4
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_file:"MD2":"data_files/hash_file_4":"8350e5a3e24c153df2275c9f80692773"
-
-generic MD4 Hash file #1
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_file:"MD4":"data_files/hash_file_1":"8d19772c176bd27153b9486715e2c0b9"
-
-generic MD4 Hash file #2
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_file:"MD4":"data_files/hash_file_2":"f2ac53b8542882a5a0007c6f84b4d9fd"
-
-generic MD4 Hash file #3
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_file:"MD4":"data_files/hash_file_3":"195c15158e2d07881d9a654095ce4a42"
-
-generic MD4 Hash file #4
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_file:"MD4":"data_files/hash_file_4":"31d6cfe0d16ae931b73c59d7e0c089c0"
-
-generic MD5 Hash file #1
-depends_on:MBEDTLS_MD5_C
-mbedtls_md_file:"MD5":"data_files/hash_file_1":"52bcdc983c9ed64fc148a759b3c7a415"
-
-generic MD5 Hash file #2
-depends_on:MBEDTLS_MD5_C
-mbedtls_md_file:"MD5":"data_files/hash_file_2":"d17d466f15891df10542207ae78277f0"
-
-generic MD5 Hash file #3
-depends_on:MBEDTLS_MD5_C
-mbedtls_md_file:"MD5":"data_files/hash_file_3":"d945bcc6200ea95d061a2a818167d920"
-
-generic MD5 Hash file #4
-depends_on:MBEDTLS_MD5_C
-mbedtls_md_file:"MD5":"data_files/hash_file_4":"d41d8cd98f00b204e9800998ecf8427e"
-
-generic RIPEMD160 Hash file #0 (from paper)
-depends_on:MBEDTLS_RIPEMD160_C
-mbedtls_md_file:"RIPEMD160":"data_files/hash_file_5":"52783243c1697bdbe16d37f97f68f08325dc1528"
-
-generic RIPEMD160 Hash file #1
-depends_on:MBEDTLS_RIPEMD160_C
-mbedtls_md_file:"RIPEMD160":"data_files/hash_file_1":"82f1d072f0ec0c2b353703a7b575a04c113af1a6"
-
-generic RIPEMD160 Hash file #2
-depends_on:MBEDTLS_RIPEMD160_C
-mbedtls_md_file:"RIPEMD160":"data_files/hash_file_2":"996fbc8b79206ba7393ebcd246584069b1c08f0f"
-
-generic RIPEMD160 Hash file #3
-depends_on:MBEDTLS_RIPEMD160_C
-mbedtls_md_file:"RIPEMD160":"data_files/hash_file_3":"8653b46d65998fa8c8846efa17937e742533ae48"
-
-generic RIPEMD160 Hash file #4
-depends_on:MBEDTLS_RIPEMD160_C
-mbedtls_md_file:"RIPEMD160":"data_files/hash_file_4":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
-
-generic HMAC-SHA-1 Test Vector FIPS-198a #1
-depends_on:MBEDTLS_SHA1_C
-mbedtls_md_hmac:"SHA1":20:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":"53616d706c65202331":"4f4ca3d5d68ba7cc0a1208c9c61e9c5da0403c0a"
-
-generic HMAC-SHA-1 Test Vector FIPS-198a #2
-depends_on:MBEDTLS_SHA1_C
-mbedtls_md_hmac:"SHA1":20:"303132333435363738393a3b3c3d3e3f40414243":"53616d706c65202332":"0922d3405faa3d194f82a45830737d5cc6c75d24"
-
-generic HMAC-SHA-1 Test Vector FIPS-198a #3
-depends_on:MBEDTLS_SHA1_C
-mbedtls_md_hmac:"SHA1":20:"505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3":"53616d706c65202333":"bcf41eab8bb2d802f3d05caf7cb092ecf8d1a3aa"
-
-generic HMAC-SHA-1 Test Vector FIPS-198a #4
-depends_on:MBEDTLS_SHA1_C
-mbedtls_md_hmac:"SHA1":12:"707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0":"53616d706c65202334":"9ea886efe268dbecce420c75"
-
-generic HMAC-SHA-1 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA1_C
-mbedtls_md_hmac:"SHA1":10:"7b10f4124b15c82e":"27dcb5b1daf60cfd3e2f73d4d64ca9c684f8bf71fc682a46793b1790afa4feb100ca7aaff26f58f0e1d0ed42f1cdad1f474afa2e79d53a0c42892c4d7b327cbe46b295ed8da3b6ecab3d4851687a6f812b79df2f6b20f11f6706f5301790ca99625aad7391d84f78043d2a0a239b1477984c157bbc9276064e7a1a406b0612ca":"4ead12c2fe3d6ea43acb"
-
-generic HMAC-SHA-1 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA1_C
-mbedtls_md_hmac:"SHA1":10:"4fe9fb902172a21b":"4ceb3a7c13659c22fe51134f03dce4c239d181b63c6b0b59d367157fd05cab98384f92dfa482d2d5e78e72eef1b1838af4696026c54233d484ecbbe87f904df5546419f8567eafd232e6c2fcd3ee2b7682c63000524b078dbb2096f585007deae752562df1fe3b01278089e16f3be46e2d0f7cabac2d8e6cc02a2d0ca953425f":"564428a67be1924b5793"
-
-generic HMAC-SHA-1 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA1_C
-mbedtls_md_hmac:"SHA1":10:"d1f01455f78c4fb4":"00d40f67b57914bec456a3e3201ef1464be319a8d188c02e157af4b54f9b5a66d67f898a9bdbb19ff63a80aba6f246d013575721d52eb1b47a65def884011c49b257bcc2817fc853f106e8138ce386d7a5ac3103de0a3fa0ed6bb7af9ff66ebd1cc46fb86e4da0013d20a3c2dcd8fb828a4b70f7f104b41bf3f44682a66497ea":"56a665a7cdfe610f9fc5"
-
-generic HMAC-SHA-1 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA1_C
-mbedtls_md_hmac:"SHA1":10:"4e5ef77fdf033a5b":"e59326464e3201d195e29f2a3446ec1b1c9ff31154e2a4d0e40ed466f1bc855d29f76835624fa0127d29c9b1915939a046f385af7e5d47a23ba91f28bd22f811ea258dbbf3332bcd3543b8285d5df41bd064ffd64a341c22c4edb44f9c8d9e6df0c59dbf4a052a6c83da7478e179a6f3839c6870ff8ca8b9497f9ac1d725fdda":"981c0a7a8423b63a8fa6"
-
-generic HMAC-SHA-1 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA1_C
-mbedtls_md_hmac:"SHA1":10:"bcd9ff8aa60be2be":"51be4d0eb37bab714f92e19e9d70390655b363e8cd346a748245e731f437759cb8206412c8dab2ef1d4f36f880f41ff69d949da4594fdecb65e23cac1329b59e69e29bf875b38c31df6fa546c595f35cc2192aa750679a8a51a65e00e839d73a8d8c598a610d237fbe78955213589d80efcb73b95b8586f96d17b6f51a71c3b8":"84633f9f5040c8971478"
-
-generic HMAC-SHA-1 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA1_C
-mbedtls_md_hmac:"SHA1":10:"4a661bce6ed86d21":"5ff6c744f1aab1bc29697d71f67541b8b3cec3c7079183b10a83fb98a9ee251d4bac3e1cb581ca972aaed8efd7c2875a6fb4c991132f67c9742d45e53bc7e8eaa94b35b37a907be61086b426cd11088ac118934e85d968c9667fd69fc6f6ea38c0fe34710b7ece91211b9b7ea00acd31f022aa6726368f9928a1352f122233f1":"739df59353ac6694e55e"
-
-generic HMAC-SHA-1 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA1_C
-mbedtls_md_hmac:"SHA1":10:"1287e1565a57b547":"390ffdccc6171c11568d85b8f913e019bf4cd982ca9cd21ea730d41bdf3fcc0bc88ff48ba13a8f23deb2d96ec1033e7b2a58ca72b0c1e17bf03330db25d1e360fa6918009c4294bd1215b5ccd159a8f58bc3dc3d490eb7c3b9f887e8c98dbbb274a75373dcb695a59abd0219529d88518a96f92abc0bbcbda985c388f1fbbcc9":"d78ddf08077c7d9e2ba6"
-
-generic HMAC-SHA-224 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_hmac:"SHA224":14:"e055eb756697ee573fd3214811a9f7fa":"3875847012ee42fe54a0027bdf38cca7021b83a2ed0503af69ef6c37c637bc1114fba40096c5947d736e19b7af3c68d95a4e3b8b073adbbb80f47e9db8f2d4f0018ddd847fabfdf9dd9b52c93e40458977725f6b7ba15f0816bb895cdf50401268f5d702b7e6a5f9faef57b8768c8a3fc14f9a4b3182b41d940e337d219b29ff":"40a453133361cc48da11baf616ee"
-
-generic HMAC-SHA-224 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_hmac:"SHA224":14:"88e5258b55b1623385eb9632fa7c57d6":"ada76bb604be14326551701cf30e48a65eee80b44f0b9d4a07b1844543b7844a621097fdc99de57387458ae9354899b620d0617eabcaefa9eef3d413a33628054335ce656c26fa2986e0f111a6351096b283101ec7868871d770b370973c7405983f9756b3005a3eab492cfd0e7eb42e5c2e15fa6be8718c0a50acc4e5717230":"81c783af538015cef3c60095df53"
-
-generic HMAC-SHA-224 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_hmac:"SHA224":14:"85d402d822114d31abf75526e2538705":"8020d8d98cc2e2298b32879c51c751e1dd5558fe2eabb8f158604297d6d072ce2261a1d6830b7cfe2617b57c7126f99c9476211d6161acd75d266da217ec8174b80484c9dc6f0448a0a036a3fc82e8bf54bdb71549368258d5d41f57978a4c266b92e8783ef66350215573d99be4089144b383ad8f3222bae8f3bf80ffb1bb2b":"2aa0340ac9deafe3be38129daca0"
-
-generic HMAC-SHA-224 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_hmac:"SHA224":14:"545c6eecc5ee46fa17c59f91a94f81ae":"8fb7f3565593170152ddb2021874784e951977cfdd22f8b72a72a61320a8f2a35697b5e913f717805559b1af1861ee3ed42fb788481e4fd276b17bdbefcae7b4501dc5d20de5b7626dd5efdcd65294db4bdf682c33d9a9255c6435383fa5f1c886326a3acbc6bd50a33ab5b2dbb034ce0112d4e226bbcd57e3731a519aa1d784":"3eb566eac54c4a3a9ef092469f24"
-
-generic HMAC-SHA-224 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_hmac:"SHA224":14:"4466ab4dc438841a9750c7f173dff02e":"2534c11c78c99cffaec8f722f04adc7045c7324d58ce98e37cfa94b6ed21ed7f58ce55379ef24b72d6d640ee9154f96c614734be9c408e225d7ba4cecc1179cc9f6e1808e1067aa8f244a99bd0c3267594c1887a40d167f8b7cf78db0d19f97b01fc50b8c86def490dfa7a5135002c33e71d77a8cce8ea0f93e0580439a33733":"59f44a9bbed4875b892d22d6b5ab"
-
-generic HMAC-SHA-224 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_hmac:"SHA224":28:"0e3dd9bb5e4cf0f09a4c11600af56d8d":"f4589fa76c328ea25cf8bae582026ba40a59d45a546ff31cf80eb826088f69bb954c452c74586836416dee90a5255bc5d56d3b405b3705a5197045688b32fa984c3a3dfbdc9c2460a0b5e6312a624048bb6f170306535e9b371a3ab134a2642a230ad03d2c688cca80baeaee9a20e1d4c548b1cede29c6a45bf4df2c8c476f1a":"12175b93e3da4c58217145e4dc0a1cf142fab9319bb501e037b350ba"
-
-generic HMAC-SHA-224 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_hmac:"SHA224":28:"cda5187b0c5dcb0f8e5a8beed2306584":"9011ae29b44c49b347487ce972965f16ade3c15be0856ce9c853a9739dba07e4f20d594ddc1dfe21560a65a4e458cfa17745575b915a30c7a9412ff8d1d689db9680dd2428c27588bb0dc92d2cd9445fe8f44b840a197c52c3c4333fff45533945134398df6436513cfab06c924046b8c795a5bd92e8d5f2de85bf306f2eed67":"4aaba92b40e2a600feab176eb9b292d814864195c03342aad6f67f08"
-
-generic HMAC-SHA-256 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_hmac:"SHA256":16:"cdffd34e6b16fdc0":"d83e78b99ab61709608972b36e76a575603db742269cc5dd4e7d5ca7816e26b65151c92632550cb4c5253c885d5fce53bc47459a1dbd5652786c4aac0145a532f12c05138af04cbb558101a7af5df478834c2146594dd73690d01a4fe72545894335f427ac70204798068cb86c5a600b40b414ede23590b41e1192373df84fe3":"c6f0dde266cb4a26d41e8259d33499cc"
-
-generic HMAC-SHA-256 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_hmac:"SHA256":16:"6d97bb5892245be2":"13c2b391d59c0252ca5d2302beaaf88c4bcd779bb505ad9a122003dfae4cc123ad2bd036f225c4f040021a6b9fb8bd6f0281cf2e2631a732bdc71693cc42ef6d52b6c6912a9ef77b3274eb85ad7f965ae6ed44ac1721962a884ec7acfb4534b1488b1c0c45afa4dae8da1eb7b0a88a3240365d7e4e7d826abbde9f9203fd99d7":"31588e241b015319a5ab8c4527296498"
-
-generic HMAC-SHA-256 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_hmac:"SHA256":16:"3c7fc8a70b49007a":"60024e428a39c8b8bb2e9591bad9dc2115dfbfd716b6eb7af30a6eb34560caccbbfa47b710fa8d523aca71e9e5ba10fc1feb1a43556d71f07ea4f33496f093044e8caf1d02b79e46eb1288d5964a7a7494f6b92574c35784eece054c6151281d80822f7d47b8231c35d07f5cb5cf4310ddc844845a01c6bfab514c048eccaf9f":"1c98c94a32bec9f253c21070f82f8438"
-
-generic HMAC-SHA-256 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_hmac:"SHA256":24:"369f33f85b927a07":"ae8e2a94ca386d448cbacdb0e9040ae3cb297c296363052cc157455da29a0c95897315fc11e3f12b81e2418da1ec280bccbc00e847584ce9d14deeba7b3c9b8dba958b04bba37551f6c9ba9c060be1a4b8cf43aa62e5078b76c6512c5619b71a6a7cf5727180e1ff14f5a1a3c1691bf8b6ebad365c151e58d749d57adb3a4986":"60b90383286533d309de46593e6ce39fc51fb00a8d88278c"
-
-generic HMAC-SHA-256 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_hmac:"SHA256":24:"e5179687582b4dc4":"ce103bdacdf32f614f6727bcb31ca1c2824a850d00f5585b016fb234fe1ef2cd687f302d3c6b738ed89a24060d65c36675d0d96307c72ef3e8a83bfa8402e226de9d5d1724ba75c4879bf41a4a465ce61887d9f49a34757849b48bae81c27ebed76faae2ad669bca04747d409148d40812776e0ae2c395b3cb9c89981ce72d5c":"509581f6816df4b8cc9f2cf42b7cc6e6a5a1e375a16f2412"
-
-generic HMAC-SHA-256 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_hmac:"SHA256":24:"63cec6246aeb1b61":"c178db908a405fa88aa255b8cad22b4057016585f139ee930388b083d86062fa0b3ea1f23f8a43bd11bee8464bcbd19b5ab9f6a8038d5245516f8274d20c8ee3033a07b908da528fa00343bb595deed500cab9745c4cb6391c23300f0d3584b090b3326c4cfa342620b78f9f5b4f27f7307ed770643ec1764aeae3dcf1a3ec69":"64f3dd861b7c7d29fce9ae0ce9ed954b5d7141806ee9eec7"
-
-generic HMAC-SHA-384 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-mbedtls_md_hmac:"SHA384":32:"91a7401817386948ca952f9a20ee55dc":"2fea5b91035d6d501f3a834fa178bff4e64b99a8450432dafd32e4466b0e1e7781166f8a73f7e036b3b0870920f559f47bd1400a1a906e85e0dcf00a6c26862e9148b23806680f285f1fe4f93cdaf924c181a965465739c14f2268c8be8b471847c74b222577a1310bcdc1a85ef1468aa1a3fd4031213c97324b7509c9050a3d":"6d7be9490058cf413cc09fd043c224c2ec4fa7859b13783000a9a593c9f75838"
-
-generic HMAC-SHA-384 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-mbedtls_md_hmac:"SHA384":32:"d6cac19657061aa90a6da11cd2e9ea47":"9f482e4655173135dfaa22a11bbbe6af263db48716406c5aec162ba3c4b41cad4f5a91558377521191c7343118beee65982929802913d67b6de5c4bdc3d27299bd722219d5ad2efa5bdb9ff7b229fc4bbc3f60719320cf2e7a51cad1133d21bad2d80919b1836ef825308b7c51c6b7677ac782e2bc30007afba065681cbdd215":"f3d5f3c008175321aa7b2ea379eaa4f8b9dcc60f895ec8940b8162f80a7dfe9f"
-
-generic HMAC-SHA-384 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-mbedtls_md_hmac:"SHA384":32:"e06366ad149b8442cd4c1abdddd0afde":"2d140a194c02a5598f69174834679b8371234a0d505491f1bd03e128dd91a8bca2fb812e9d5da71613b5b00952ea78bf450d5b7547dea79135925085c7d3e6f52009c51ca3d88c6c09e9d074b0ee110736e0ec9b478b93efb34d7bf1c41b54decec43eab077a3aa4998ede53f67b4ea36c266745f9643d5360bdc8337c70dabf":"c19c67eda6fe29f3667bee1c897c333ce7683094ae77e84b4c16378d290895a1"
-
-generic HMAC-SHA-384 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-mbedtls_md_hmac:"SHA384":48:"01ac59f42f8bb91d1bd10fe6990d7a87":"3caf18c476edd5615f343ac7b7d3a9da9efade755672d5ba4b8ae8a7505539ea2c124ff755ec0457fbe49e43480b3c71e7f4742ec3693aad115d039f90222b030fdc9440313691716d5302005808c07627483b916fdf61983063c2eb1268f2deeef42fc790334456bc6bad256e31fc9066de7cc7e43d1321b1866db45e905622":"1985fa2163a5943fc5d92f1fe8831215e7e91f0bff5332bc713a072bdb3a8f9e5c5157463a3bfeb36231416e65973e64"
-
-generic HMAC-SHA-384 Test Vector NIST CAVS #5 [#1]
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-mbedtls_md_hmac:"SHA384":48:"fd74b9d9e102a3a80df1baf0cb35bace":"1a068917584813d1689ccbd0370c2114d537cdc8cc52bf6db16d5535f8f7d1ad0c850a9fa0cf62373ffbf7642b1f1e8164010d350721d798d9f99e9724830399c2fce26377e83d38845675457865c03d4a07d741a505ef028343eb29fd46d0f761f3792886998c1e5c32ac3bc7e6f08faed194b34f06eff4d5d4a5b42c481e0e":"a981eaf5de3d78b20ebd4414a4edd0657e3667cd808a0dbc430cf7252f73a5b24efa136039207bd59806897457d74e0c"
-
-generic HMAC-SHA-384 Test Vector NIST CAVS #5 [#2]
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-mbedtls_md_hmac:"SHA384":48:"9fe794f0e26b669fa5f6883149377c6c":"6010c9745e8f1d44cfdc99e7e0fd79bc4271944c2d1d84dba589073dfc4ca5eb98c59356f60cd87bef28aeb83a832bde339b2087daf942aa1f67876c5d5ed33924bed4143bc12a2be532ccaf64daa7e2bc3c8872b9823b0533b6f5159135effe8c61545536975d7c3a61ba7365ec35f165bc92b4d19eb9156ade17dfa1bb4161":"915ae61f8754698c2b6ef9629e93441f8541bd4258a5e05372d19136cfaefc0473b48d96119291b38eb1a3cb1982a986"
-
-generic HMAC-SHA-512 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA512_C
-mbedtls_md_hmac:"SHA512":32:"c95a17c09940a691ed2d621571b0eb844ede55a9":"99cd28262e81f34878cdcebf4128e05e2098a7009278a66f4c785784d0e5678f3f2b22f86e982d273b6273a222ec61750b4556d766f1550a7aedfe83faedbc4bdae83fa560d62df17eb914d05fdaa48940551bac81d700f5fca7147295e386e8120d66742ec65c6ee8d89a92217a0f6266d0ddc60bb20ef679ae8299c8502c2f":"6bc1379d156559ddee2ed420ea5d5c5ff3e454a1059b7ba72c350e77b6e9333c"
-
-generic HMAC-SHA-512 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA512_C
-mbedtls_md_hmac:"SHA512":32:"3b10b8fa718840d1dea8e9fc317476bcf55875fd":"f04f5b7073d7d0274e8354433b390306c5607632f5f589c12edb62d55673aff2366d2e6b24de731adf92e654baa30b1cfd4a069788f65ec1b99b015d904d8832110dbd74eae35a81562d14ce4136d820ad0a55ff5489ba678fbbc1c27663ec1349d70e740f0e0ec27cfbe8971819f4789e486b50a2d7271d77e2aaea50de62fd":"fc3c38c7a17e3ce06db033f1c172866f01a00045db55f2e234f71c82264f2ba2"
-
-generic HMAC-SHA-512 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA512_C
-mbedtls_md_hmac:"SHA512":32:"4803d311394600dc1e0d8fc8cedeb8bde3fe7c42":"a10c125dd702a97153ad923ba5e9889cfac1ba169de370debe51f233735aa6effcc9785c4b5c7e48c477dc5c411ae6a959118584e26adc94b42c2b29b046f3cf01c65b24a24bd2e620bdf650a23bb4a72655b1100d7ce9a4dab697c6379754b4396c825de4b9eb73f2e6a6c0d0353bbdeaf706612800e137b858fdb30f3311c6":"7cd8236c55102e6385f52279506df6fcc388ab75092da21395ce14a82b202ffa"
-
-generic HMAC-SHA-512 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA512_C
-mbedtls_md_hmac:"SHA512":48:"aeb2f3b977fa6c8e71e07c5a5c74ff58166de092":"22457355dc76095abd46846b41cfe49a06ce42ac8857b4702fc771508dfb3626e0bfe851df897a07b36811ec433766e4b4166c26301b3493e7440d4554b0ef6ac20f1a530e58fac8aeba4e9ff2d4898d8a28783b49cd269c2965fd7f8e4f2d60cf1e5284f2495145b72382aad90e153a90ecae125ad75336fb128825c23fb8b0":"fa39bd8fcc3bfa218f9dea5d3b2ce10a7619e31678a56d8a9d927b1fe703b125af445debe9a89a07db6194d27b44d85a"
-
-generic HMAC-SHA-512 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA512_C
-mbedtls_md_hmac:"SHA512":48:"4285d3d7744da52775bb44ca436a3154f7980309":"208f0b6f2de2e5aa5df11927ddc6df485edc1193181c484d0f0a434a95418803101d4de9fdb798f93516a6916fa38a8207de1666fe50fe3441c03b112eaaae6954ed063f7ac4e3c1e3f73b20d153fe9e4857f5e91430f0a70ee820529adac2467469fd18adf10e2af0fea27c0abc83c5a9af77c364a466cffce8bab4e2b70bc1":"fe7603f205b2774fe0f14ecfa3e338e90608a806d11ca459dff5ce36b1b264ecd3af5f0492a7521d8da3102ba20927a5"
-
-generic HMAC-SHA-512 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA512_C
-mbedtls_md_hmac:"SHA512":48:"8ab783d5acf32efa0d9c0a21abce955e96630d89":"17371e013dce839963d54418e97be4bd9fa3cb2a368a5220f5aa1b8aaddfa3bdefc91afe7c717244fd2fb640f5cb9d9bf3e25f7f0c8bc758883b89dcdce6d749d9672fed222277ece3e84b3ec01b96f70c125fcb3cbee6d19b8ef0873f915f173bdb05d81629ba187cc8ac1934b2f75952fb7616ae6bd812946df694bd2763af":"9ac7ca8d1aefc166b046e4cf7602ebe181a0e5055474bff5b342106731da0d7e48e4d87bc0a6f05871574289a1b099f8"
-
-generic multi step HMAC-SHA-1 Test Vector FIPS-198a #1
-depends_on:MBEDTLS_SHA1_C
-md_hmac_multi:"SHA1":20:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":"53616d706c65202331":"4f4ca3d5d68ba7cc0a1208c9c61e9c5da0403c0a"
-
-generic multi step HMAC-SHA-1 Test Vector FIPS-198a #2
-depends_on:MBEDTLS_SHA1_C
-md_hmac_multi:"SHA1":20:"303132333435363738393a3b3c3d3e3f40414243":"53616d706c65202332":"0922d3405faa3d194f82a45830737d5cc6c75d24"
-
-generic multi step HMAC-SHA-1 Test Vector FIPS-198a #3
-depends_on:MBEDTLS_SHA1_C
-md_hmac_multi:"SHA1":20:"505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3":"53616d706c65202333":"bcf41eab8bb2d802f3d05caf7cb092ecf8d1a3aa"
-
-generic multi step HMAC-SHA-1 Test Vector FIPS-198a #4
-depends_on:MBEDTLS_SHA1_C
-md_hmac_multi:"SHA1":12:"707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0":"53616d706c65202334":"9ea886efe268dbecce420c75"
-
-generic multi step HMAC-SHA-1 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA1_C
-md_hmac_multi:"SHA1":10:"7b10f4124b15c82e":"27dcb5b1daf60cfd3e2f73d4d64ca9c684f8bf71fc682a46793b1790afa4feb100ca7aaff26f58f0e1d0ed42f1cdad1f474afa2e79d53a0c42892c4d7b327cbe46b295ed8da3b6ecab3d4851687a6f812b79df2f6b20f11f6706f5301790ca99625aad7391d84f78043d2a0a239b1477984c157bbc9276064e7a1a406b0612ca":"4ead12c2fe3d6ea43acb"
-
-generic multi step HMAC-SHA-1 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA1_C
-md_hmac_multi:"SHA1":10:"4fe9fb902172a21b":"4ceb3a7c13659c22fe51134f03dce4c239d181b63c6b0b59d367157fd05cab98384f92dfa482d2d5e78e72eef1b1838af4696026c54233d484ecbbe87f904df5546419f8567eafd232e6c2fcd3ee2b7682c63000524b078dbb2096f585007deae752562df1fe3b01278089e16f3be46e2d0f7cabac2d8e6cc02a2d0ca953425f":"564428a67be1924b5793"
-
-generic multi step HMAC-SHA-1 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA1_C
-md_hmac_multi:"SHA1":10:"d1f01455f78c4fb4":"00d40f67b57914bec456a3e3201ef1464be319a8d188c02e157af4b54f9b5a66d67f898a9bdbb19ff63a80aba6f246d013575721d52eb1b47a65def884011c49b257bcc2817fc853f106e8138ce386d7a5ac3103de0a3fa0ed6bb7af9ff66ebd1cc46fb86e4da0013d20a3c2dcd8fb828a4b70f7f104b41bf3f44682a66497ea":"56a665a7cdfe610f9fc5"
-
-generic multi step HMAC-SHA-1 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA1_C
-md_hmac_multi:"SHA1":10:"4e5ef77fdf033a5b":"e59326464e3201d195e29f2a3446ec1b1c9ff31154e2a4d0e40ed466f1bc855d29f76835624fa0127d29c9b1915939a046f385af7e5d47a23ba91f28bd22f811ea258dbbf3332bcd3543b8285d5df41bd064ffd64a341c22c4edb44f9c8d9e6df0c59dbf4a052a6c83da7478e179a6f3839c6870ff8ca8b9497f9ac1d725fdda":"981c0a7a8423b63a8fa6"
-
-generic multi step HMAC-SHA-1 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA1_C
-md_hmac_multi:"SHA1":10:"bcd9ff8aa60be2be":"51be4d0eb37bab714f92e19e9d70390655b363e8cd346a748245e731f437759cb8206412c8dab2ef1d4f36f880f41ff69d949da4594fdecb65e23cac1329b59e69e29bf875b38c31df6fa546c595f35cc2192aa750679a8a51a65e00e839d73a8d8c598a610d237fbe78955213589d80efcb73b95b8586f96d17b6f51a71c3b8":"84633f9f5040c8971478"
-
-generic multi step HMAC-SHA-1 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA1_C
-md_hmac_multi:"SHA1":10:"4a661bce6ed86d21":"5ff6c744f1aab1bc29697d71f67541b8b3cec3c7079183b10a83fb98a9ee251d4bac3e1cb581ca972aaed8efd7c2875a6fb4c991132f67c9742d45e53bc7e8eaa94b35b37a907be61086b426cd11088ac118934e85d968c9667fd69fc6f6ea38c0fe34710b7ece91211b9b7ea00acd31f022aa6726368f9928a1352f122233f1":"739df59353ac6694e55e"
-
-generic multi step HMAC-SHA-1 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA1_C
-md_hmac_multi:"SHA1":10:"1287e1565a57b547":"390ffdccc6171c11568d85b8f913e019bf4cd982ca9cd21ea730d41bdf3fcc0bc88ff48ba13a8f23deb2d96ec1033e7b2a58ca72b0c1e17bf03330db25d1e360fa6918009c4294bd1215b5ccd159a8f58bc3dc3d490eb7c3b9f887e8c98dbbb274a75373dcb695a59abd0219529d88518a96f92abc0bbcbda985c388f1fbbcc9":"d78ddf08077c7d9e2ba6"
-
-generic multi step HMAC-SHA-224 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA256_C
-md_hmac_multi:"SHA224":14:"e055eb756697ee573fd3214811a9f7fa":"3875847012ee42fe54a0027bdf38cca7021b83a2ed0503af69ef6c37c637bc1114fba40096c5947d736e19b7af3c68d95a4e3b8b073adbbb80f47e9db8f2d4f0018ddd847fabfdf9dd9b52c93e40458977725f6b7ba15f0816bb895cdf50401268f5d702b7e6a5f9faef57b8768c8a3fc14f9a4b3182b41d940e337d219b29ff":"40a453133361cc48da11baf616ee"
-
-generic multi step HMAC-SHA-224 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA256_C
-md_hmac_multi:"SHA224":14:"88e5258b55b1623385eb9632fa7c57d6":"ada76bb604be14326551701cf30e48a65eee80b44f0b9d4a07b1844543b7844a621097fdc99de57387458ae9354899b620d0617eabcaefa9eef3d413a33628054335ce656c26fa2986e0f111a6351096b283101ec7868871d770b370973c7405983f9756b3005a3eab492cfd0e7eb42e5c2e15fa6be8718c0a50acc4e5717230":"81c783af538015cef3c60095df53"
-
-generic multi step HMAC-SHA-224 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA256_C
-md_hmac_multi:"SHA224":14:"85d402d822114d31abf75526e2538705":"8020d8d98cc2e2298b32879c51c751e1dd5558fe2eabb8f158604297d6d072ce2261a1d6830b7cfe2617b57c7126f99c9476211d6161acd75d266da217ec8174b80484c9dc6f0448a0a036a3fc82e8bf54bdb71549368258d5d41f57978a4c266b92e8783ef66350215573d99be4089144b383ad8f3222bae8f3bf80ffb1bb2b":"2aa0340ac9deafe3be38129daca0"
-
-generic multi step HMAC-SHA-224 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA256_C
-md_hmac_multi:"SHA224":14:"545c6eecc5ee46fa17c59f91a94f81ae":"8fb7f3565593170152ddb2021874784e951977cfdd22f8b72a72a61320a8f2a35697b5e913f717805559b1af1861ee3ed42fb788481e4fd276b17bdbefcae7b4501dc5d20de5b7626dd5efdcd65294db4bdf682c33d9a9255c6435383fa5f1c886326a3acbc6bd50a33ab5b2dbb034ce0112d4e226bbcd57e3731a519aa1d784":"3eb566eac54c4a3a9ef092469f24"
-
-generic multi step HMAC-SHA-224 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA256_C
-md_hmac_multi:"SHA224":14:"4466ab4dc438841a9750c7f173dff02e":"2534c11c78c99cffaec8f722f04adc7045c7324d58ce98e37cfa94b6ed21ed7f58ce55379ef24b72d6d640ee9154f96c614734be9c408e225d7ba4cecc1179cc9f6e1808e1067aa8f244a99bd0c3267594c1887a40d167f8b7cf78db0d19f97b01fc50b8c86def490dfa7a5135002c33e71d77a8cce8ea0f93e0580439a33733":"59f44a9bbed4875b892d22d6b5ab"
-
-generic multi step HMAC-SHA-224 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA256_C
-md_hmac_multi:"SHA224":28:"0e3dd9bb5e4cf0f09a4c11600af56d8d":"f4589fa76c328ea25cf8bae582026ba40a59d45a546ff31cf80eb826088f69bb954c452c74586836416dee90a5255bc5d56d3b405b3705a5197045688b32fa984c3a3dfbdc9c2460a0b5e6312a624048bb6f170306535e9b371a3ab134a2642a230ad03d2c688cca80baeaee9a20e1d4c548b1cede29c6a45bf4df2c8c476f1a":"12175b93e3da4c58217145e4dc0a1cf142fab9319bb501e037b350ba"
-
-generic multi step HMAC-SHA-224 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA256_C
-md_hmac_multi:"SHA224":28:"cda5187b0c5dcb0f8e5a8beed2306584":"9011ae29b44c49b347487ce972965f16ade3c15be0856ce9c853a9739dba07e4f20d594ddc1dfe21560a65a4e458cfa17745575b915a30c7a9412ff8d1d689db9680dd2428c27588bb0dc92d2cd9445fe8f44b840a197c52c3c4333fff45533945134398df6436513cfab06c924046b8c795a5bd92e8d5f2de85bf306f2eed67":"4aaba92b40e2a600feab176eb9b292d814864195c03342aad6f67f08"
-
-generic multi step HMAC-SHA-256 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA256_C
-md_hmac_multi:"SHA256":16:"cdffd34e6b16fdc0":"d83e78b99ab61709608972b36e76a575603db742269cc5dd4e7d5ca7816e26b65151c92632550cb4c5253c885d5fce53bc47459a1dbd5652786c4aac0145a532f12c05138af04cbb558101a7af5df478834c2146594dd73690d01a4fe72545894335f427ac70204798068cb86c5a600b40b414ede23590b41e1192373df84fe3":"c6f0dde266cb4a26d41e8259d33499cc"
-
-generic multi step HMAC-SHA-256 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA256_C
-md_hmac_multi:"SHA256":16:"6d97bb5892245be2":"13c2b391d59c0252ca5d2302beaaf88c4bcd779bb505ad9a122003dfae4cc123ad2bd036f225c4f040021a6b9fb8bd6f0281cf2e2631a732bdc71693cc42ef6d52b6c6912a9ef77b3274eb85ad7f965ae6ed44ac1721962a884ec7acfb4534b1488b1c0c45afa4dae8da1eb7b0a88a3240365d7e4e7d826abbde9f9203fd99d7":"31588e241b015319a5ab8c4527296498"
-
-generic multi step HMAC-SHA-256 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA256_C
-md_hmac_multi:"SHA256":16:"3c7fc8a70b49007a":"60024e428a39c8b8bb2e9591bad9dc2115dfbfd716b6eb7af30a6eb34560caccbbfa47b710fa8d523aca71e9e5ba10fc1feb1a43556d71f07ea4f33496f093044e8caf1d02b79e46eb1288d5964a7a7494f6b92574c35784eece054c6151281d80822f7d47b8231c35d07f5cb5cf4310ddc844845a01c6bfab514c048eccaf9f":"1c98c94a32bec9f253c21070f82f8438"
-
-generic multi step HMAC-SHA-256 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA256_C
-md_hmac_multi:"SHA256":24:"369f33f85b927a07":"ae8e2a94ca386d448cbacdb0e9040ae3cb297c296363052cc157455da29a0c95897315fc11e3f12b81e2418da1ec280bccbc00e847584ce9d14deeba7b3c9b8dba958b04bba37551f6c9ba9c060be1a4b8cf43aa62e5078b76c6512c5619b71a6a7cf5727180e1ff14f5a1a3c1691bf8b6ebad365c151e58d749d57adb3a4986":"60b90383286533d309de46593e6ce39fc51fb00a8d88278c"
-
-generic multi step HMAC-SHA-256 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA256_C
-md_hmac_multi:"SHA256":24:"e5179687582b4dc4":"ce103bdacdf32f614f6727bcb31ca1c2824a850d00f5585b016fb234fe1ef2cd687f302d3c6b738ed89a24060d65c36675d0d96307c72ef3e8a83bfa8402e226de9d5d1724ba75c4879bf41a4a465ce61887d9f49a34757849b48bae81c27ebed76faae2ad669bca04747d409148d40812776e0ae2c395b3cb9c89981ce72d5c":"509581f6816df4b8cc9f2cf42b7cc6e6a5a1e375a16f2412"
-
-generic multi step HMAC-SHA-256 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA256_C
-md_hmac_multi:"SHA256":24:"63cec6246aeb1b61":"c178db908a405fa88aa255b8cad22b4057016585f139ee930388b083d86062fa0b3ea1f23f8a43bd11bee8464bcbd19b5ab9f6a8038d5245516f8274d20c8ee3033a07b908da528fa00343bb595deed500cab9745c4cb6391c23300f0d3584b090b3326c4cfa342620b78f9f5b4f27f7307ed770643ec1764aeae3dcf1a3ec69":"64f3dd861b7c7d29fce9ae0ce9ed954b5d7141806ee9eec7"
-
-generic multi step HMAC-SHA-384 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hmac_multi:"SHA384":32:"91a7401817386948ca952f9a20ee55dc":"2fea5b91035d6d501f3a834fa178bff4e64b99a8450432dafd32e4466b0e1e7781166f8a73f7e036b3b0870920f559f47bd1400a1a906e85e0dcf00a6c26862e9148b23806680f285f1fe4f93cdaf924c181a965465739c14f2268c8be8b471847c74b222577a1310bcdc1a85ef1468aa1a3fd4031213c97324b7509c9050a3d":"6d7be9490058cf413cc09fd043c224c2ec4fa7859b13783000a9a593c9f75838"
-
-generic multi step HMAC-SHA-384 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hmac_multi:"SHA384":32:"d6cac19657061aa90a6da11cd2e9ea47":"9f482e4655173135dfaa22a11bbbe6af263db48716406c5aec162ba3c4b41cad4f5a91558377521191c7343118beee65982929802913d67b6de5c4bdc3d27299bd722219d5ad2efa5bdb9ff7b229fc4bbc3f60719320cf2e7a51cad1133d21bad2d80919b1836ef825308b7c51c6b7677ac782e2bc30007afba065681cbdd215":"f3d5f3c008175321aa7b2ea379eaa4f8b9dcc60f895ec8940b8162f80a7dfe9f"
-
-generic multi step HMAC-SHA-384 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hmac_multi:"SHA384":32:"e06366ad149b8442cd4c1abdddd0afde":"2d140a194c02a5598f69174834679b8371234a0d505491f1bd03e128dd91a8bca2fb812e9d5da71613b5b00952ea78bf450d5b7547dea79135925085c7d3e6f52009c51ca3d88c6c09e9d074b0ee110736e0ec9b478b93efb34d7bf1c41b54decec43eab077a3aa4998ede53f67b4ea36c266745f9643d5360bdc8337c70dabf":"c19c67eda6fe29f3667bee1c897c333ce7683094ae77e84b4c16378d290895a1"
-
-generic multi step HMAC-SHA-384 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hmac_multi:"SHA384":48:"01ac59f42f8bb91d1bd10fe6990d7a87":"3caf18c476edd5615f343ac7b7d3a9da9efade755672d5ba4b8ae8a7505539ea2c124ff755ec0457fbe49e43480b3c71e7f4742ec3693aad115d039f90222b030fdc9440313691716d5302005808c07627483b916fdf61983063c2eb1268f2deeef42fc790334456bc6bad256e31fc9066de7cc7e43d1321b1866db45e905622":"1985fa2163a5943fc5d92f1fe8831215e7e91f0bff5332bc713a072bdb3a8f9e5c5157463a3bfeb36231416e65973e64"
-
-generic multi step HMAC-SHA-384 Test Vector NIST CAVS #5 [#1]
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hmac_multi:"SHA384":48:"fd74b9d9e102a3a80df1baf0cb35bace":"1a068917584813d1689ccbd0370c2114d537cdc8cc52bf6db16d5535f8f7d1ad0c850a9fa0cf62373ffbf7642b1f1e8164010d350721d798d9f99e9724830399c2fce26377e83d38845675457865c03d4a07d741a505ef028343eb29fd46d0f761f3792886998c1e5c32ac3bc7e6f08faed194b34f06eff4d5d4a5b42c481e0e":"a981eaf5de3d78b20ebd4414a4edd0657e3667cd808a0dbc430cf7252f73a5b24efa136039207bd59806897457d74e0c"
-
-generic multi step HMAC-SHA-384 Test Vector NIST CAVS #5 [#2]
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hmac_multi:"SHA384":48:"9fe794f0e26b669fa5f6883149377c6c":"6010c9745e8f1d44cfdc99e7e0fd79bc4271944c2d1d84dba589073dfc4ca5eb98c59356f60cd87bef28aeb83a832bde339b2087daf942aa1f67876c5d5ed33924bed4143bc12a2be532ccaf64daa7e2bc3c8872b9823b0533b6f5159135effe8c61545536975d7c3a61ba7365ec35f165bc92b4d19eb9156ade17dfa1bb4161":"915ae61f8754698c2b6ef9629e93441f8541bd4258a5e05372d19136cfaefc0473b48d96119291b38eb1a3cb1982a986"
-
-generic multi step HMAC-SHA-512 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA512_C
-md_hmac_multi:"SHA512":32:"c95a17c09940a691ed2d621571b0eb844ede55a9":"99cd28262e81f34878cdcebf4128e05e2098a7009278a66f4c785784d0e5678f3f2b22f86e982d273b6273a222ec61750b4556d766f1550a7aedfe83faedbc4bdae83fa560d62df17eb914d05fdaa48940551bac81d700f5fca7147295e386e8120d66742ec65c6ee8d89a92217a0f6266d0ddc60bb20ef679ae8299c8502c2f":"6bc1379d156559ddee2ed420ea5d5c5ff3e454a1059b7ba72c350e77b6e9333c"
-
-generic multi step HMAC-SHA-512 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA512_C
-md_hmac_multi:"SHA512":32:"3b10b8fa718840d1dea8e9fc317476bcf55875fd":"f04f5b7073d7d0274e8354433b390306c5607632f5f589c12edb62d55673aff2366d2e6b24de731adf92e654baa30b1cfd4a069788f65ec1b99b015d904d8832110dbd74eae35a81562d14ce4136d820ad0a55ff5489ba678fbbc1c27663ec1349d70e740f0e0ec27cfbe8971819f4789e486b50a2d7271d77e2aaea50de62fd":"fc3c38c7a17e3ce06db033f1c172866f01a00045db55f2e234f71c82264f2ba2"
-
-generic multi step HMAC-SHA-512 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA512_C
-md_hmac_multi:"SHA512":32:"4803d311394600dc1e0d8fc8cedeb8bde3fe7c42":"a10c125dd702a97153ad923ba5e9889cfac1ba169de370debe51f233735aa6effcc9785c4b5c7e48c477dc5c411ae6a959118584e26adc94b42c2b29b046f3cf01c65b24a24bd2e620bdf650a23bb4a72655b1100d7ce9a4dab697c6379754b4396c825de4b9eb73f2e6a6c0d0353bbdeaf706612800e137b858fdb30f3311c6":"7cd8236c55102e6385f52279506df6fcc388ab75092da21395ce14a82b202ffa"
-
-generic multi step HMAC-SHA-512 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA512_C
-md_hmac_multi:"SHA512":48:"aeb2f3b977fa6c8e71e07c5a5c74ff58166de092":"22457355dc76095abd46846b41cfe49a06ce42ac8857b4702fc771508dfb3626e0bfe851df897a07b36811ec433766e4b4166c26301b3493e7440d4554b0ef6ac20f1a530e58fac8aeba4e9ff2d4898d8a28783b49cd269c2965fd7f8e4f2d60cf1e5284f2495145b72382aad90e153a90ecae125ad75336fb128825c23fb8b0":"fa39bd8fcc3bfa218f9dea5d3b2ce10a7619e31678a56d8a9d927b1fe703b125af445debe9a89a07db6194d27b44d85a"
-
-generic multi step HMAC-SHA-512 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA512_C
-md_hmac_multi:"SHA512":48:"4285d3d7744da52775bb44ca436a3154f7980309":"208f0b6f2de2e5aa5df11927ddc6df485edc1193181c484d0f0a434a95418803101d4de9fdb798f93516a6916fa38a8207de1666fe50fe3441c03b112eaaae6954ed063f7ac4e3c1e3f73b20d153fe9e4857f5e91430f0a70ee820529adac2467469fd18adf10e2af0fea27c0abc83c5a9af77c364a466cffce8bab4e2b70bc1":"fe7603f205b2774fe0f14ecfa3e338e90608a806d11ca459dff5ce36b1b264ecd3af5f0492a7521d8da3102ba20927a5"
-
-generic multi step HMAC-SHA-512 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA512_C
-md_hmac_multi:"SHA512":48:"8ab783d5acf32efa0d9c0a21abce955e96630d89":"17371e013dce839963d54418e97be4bd9fa3cb2a368a5220f5aa1b8aaddfa3bdefc91afe7c717244fd2fb640f5cb9d9bf3e25f7f0c8bc758883b89dcdce6d749d9672fed222277ece3e84b3ec01b96f70c125fcb3cbee6d19b8ef0873f915f173bdb05d81629ba187cc8ac1934b2f75952fb7616ae6bd812946df694bd2763af":"9ac7ca8d1aefc166b046e4cf7602ebe181a0e5055474bff5b342106731da0d7e48e4d87bc0a6f05871574289a1b099f8"
-
-generic SHA-1 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA1_C
-md_hex:"SHA1":"":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
-
-generic SHA-1 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA1_C
-md_hex:"SHA1":"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15"
-
-generic SHA-1 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA1_C
-md_hex:"SHA1":"3000":"f944dcd635f9801f7ac90a407fbc479964dec024"
-
-generic SHA-1 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA1_C
-md_hex:"SHA1":"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619"
-
-generic SHA-1 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA1_C
-md_hex:"SHA1":"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253"
-
-generic SHA-1 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA1_C
-md_hex:"SHA1":"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93"
-
-generic SHA-1 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA1_C
-md_hex:"SHA1":"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217"
-
-generic SHA-1 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA1_C
-md_hex:"SHA1":"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19"
-
-generic SHA-1 Test Vector NIST CAVS #9
-depends_on:MBEDTLS_SHA1_C
-md_hex:"SHA1":"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45"
-
-generic SHA-1 Test Vector NIST CAVS #10
-depends_on:MBEDTLS_SHA1_C
-md_hex:"SHA1":"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af"
-
-generic SHA-224 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA256_C
-md_hex:"SHA224":"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
-
-generic SHA-224 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA256_C
-md_hex:"SHA224":"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5"
-
-generic SHA-224 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA256_C
-md_hex:"SHA224":"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e"
-
-generic SHA-224 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA256_C
-md_hex:"SHA224":"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
-
-generic SHA-224 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA256_C
-md_hex:"SHA224":"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d"
-
-generic SHA-224 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA256_C
-md_hex:"SHA224":"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713"
-
-generic SHA-224 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA256_C
-md_hex:"SHA224":"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe"
-
-generic SHA-256 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA256_C
-md_hex:"SHA256":"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
-
-generic SHA-256 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA256_C
-md_hex:"SHA256":"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
-
-generic SHA-256 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA256_C
-md_hex:"SHA256":"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788"
-
-generic SHA-256 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA256_C
-md_hex:"SHA256":"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803"
-
-generic SHA-256 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA256_C
-md_hex:"SHA256":"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504"
-
-generic SHA-256 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA256_C
-md_hex:"SHA256":"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605"
-
-generic SHA-256 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA256_C
-md_hex:"SHA256":"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e"
-
-generic SHA-384 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hex:"SHA384":"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b"
-
-generic SHA-384 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hex:"SHA384":"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d"
-
-generic SHA-384 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hex:"SHA384":"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc"
-
-generic SHA-384 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hex:"SHA384":"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955"
-
-generic SHA-384 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hex:"SHA384":"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a"
-
-generic SHA-384 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hex:"SHA384":"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649"
-
-generic SHA-384 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hex:"SHA384":"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980"
-
-generic SHA-384 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hex:"SHA384":"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e"
-
-generic SHA-512 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA512_C
-md_hex:"SHA512":"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"
-
-generic SHA-512 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA512_C
-md_hex:"SHA512":"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a"
-
-generic SHA-512 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA512_C
-md_hex:"SHA512":"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231"
-
-generic SHA-512 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA512_C
-md_hex:"SHA512":"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
-
-generic SHA-512 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA512_C
-md_hex:"SHA512":"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f"
-
-generic SHA-512 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA512_C
-md_hex:"SHA512":"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297"
-
-generic SHA-512 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA512_C
-md_hex:"SHA512":"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94"
-
-generic SHA-512 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA512_C
-md_hex:"SHA512":"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
-
-generic multi step SHA-1 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA1_C
-md_hex_multi:"SHA1":"":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
-
-generic multi step SHA-1 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA1_C
-md_hex_multi:"SHA1":"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15"
-
-generic multi step SHA-1 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA1_C
-md_hex_multi:"SHA1":"3000":"f944dcd635f9801f7ac90a407fbc479964dec024"
-
-generic multi step SHA-1 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA1_C
-md_hex_multi:"SHA1":"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619"
-
-generic multi step SHA-1 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA1_C
-md_hex_multi:"SHA1":"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253"
-
-generic multi step SHA-1 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA1_C
-md_hex_multi:"SHA1":"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93"
-
-generic multi step SHA-1 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA1_C
-md_hex_multi:"SHA1":"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217"
-
-generic multi step SHA-1 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA1_C
-md_hex_multi:"SHA1":"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19"
-
-generic multi step SHA-1 Test Vector NIST CAVS #9
-depends_on:MBEDTLS_SHA1_C
-md_hex_multi:"SHA1":"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45"
-
-generic multi step SHA-1 Test Vector NIST CAVS #10
-depends_on:MBEDTLS_SHA1_C
-md_hex_multi:"SHA1":"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af"
-
-generic multi step SHA-224 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA256_C
-md_hex_multi:"SHA224":"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
-
-generic multi step SHA-224 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA256_C
-md_hex_multi:"SHA224":"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5"
-
-generic multi step SHA-224 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA256_C
-md_hex_multi:"SHA224":"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e"
-
-generic multi step SHA-224 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA256_C
-md_hex_multi:"SHA224":"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
-
-generic multi step SHA-224 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA256_C
-md_hex_multi:"SHA224":"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d"
-
-generic multi step SHA-224 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA256_C
-md_hex_multi:"SHA224":"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713"
-
-generic multi step SHA-224 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA256_C
-md_hex_multi:"SHA224":"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe"
-
-generic multi step SHA-256 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA256_C
-md_hex_multi:"SHA256":"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
-
-generic multi step SHA-256 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA256_C
-md_hex_multi:"SHA256":"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
-
-generic multi step SHA-256 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA256_C
-md_hex_multi:"SHA256":"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788"
-
-generic multi step SHA-256 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA256_C
-md_hex_multi:"SHA256":"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803"
-
-generic multi step SHA-256 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA256_C
-md_hex_multi:"SHA256":"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504"
-
-generic multi step SHA-256 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA256_C
-md_hex_multi:"SHA256":"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605"
-
-generic multi step SHA-256 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA256_C
-md_hex_multi:"SHA256":"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e"
-
-generic multi step SHA-384 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hex_multi:"SHA384":"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b"
-
-generic multi step SHA-384 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hex_multi:"SHA384":"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d"
-
-generic multi step SHA-384 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hex_multi:"SHA384":"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc"
-
-generic multi step SHA-384 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hex_multi:"SHA384":"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955"
-
-generic multi step SHA-384 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hex_multi:"SHA384":"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a"
-
-generic multi step SHA-384 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hex_multi:"SHA384":"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649"
-
-generic multi step SHA-384 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hex_multi:"SHA384":"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980"
-
-generic multi step SHA-384 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-md_hex_multi:"SHA384":"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e"
-
-generic multi step SHA-512 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA512_C
-md_hex_multi:"SHA512":"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"
-
-generic multi step SHA-512 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA512_C
-md_hex_multi:"SHA512":"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a"
-
-generic multi step SHA-512 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA512_C
-md_hex_multi:"SHA512":"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231"
-
-generic multi step SHA-512 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA512_C
-md_hex_multi:"SHA512":"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
-
-generic multi step SHA-512 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA512_C
-md_hex_multi:"SHA512":"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f"
-
-generic multi step SHA-512 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA512_C
-md_hex_multi:"SHA512":"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297"
-
-generic multi step SHA-512 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA512_C
-md_hex_multi:"SHA512":"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94"
-
-generic multi step SHA-512 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA512_C
-md_hex_multi:"SHA512":"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
-
-generic SHA1 Hash file #1
-depends_on:MBEDTLS_SHA1_C
-mbedtls_md_file:"SHA1":"data_files/hash_file_1":"d21c965b1e768bd7a6aa6869f5f821901d255f9f"
-
-generic SHA1 Hash file #2
-depends_on:MBEDTLS_SHA1_C
-mbedtls_md_file:"SHA1":"data_files/hash_file_2":"353f34271f2aef49d23a8913d4a6bd82b2cecdc6"
-
-generic SHA1 Hash file #3
-depends_on:MBEDTLS_SHA1_C
-mbedtls_md_file:"SHA1":"data_files/hash_file_3":"93640ed592076328096270c756db2fba9c486b35"
-
-generic SHA1 Hash file #4
-depends_on:MBEDTLS_SHA1_C
-mbedtls_md_file:"SHA1":"data_files/hash_file_4":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
-
-generic SHA-224 Hash file #1
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_file:"SHA224":"data_files/hash_file_1":"8606da018870f0c16834a21bc3385704cb1683b9dbab04c5ddb90a48"
-
-generic SHA-224 Hash file #2
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_file:"SHA224":"data_files/hash_file_2":"733b2ab97b6f63f2e29b9a2089756d81e14c93fe4cc9615c0d5e8a03"
-
-generic SHA-224 Hash file #3
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_file:"SHA224":"data_files/hash_file_3":"e1df95867580e2cc2100e9565bf9c2e42c24fe5250c19efe33d1c4fe"
-
-generic SHA-224 Hash file #4
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_file:"SHA224":"data_files/hash_file_4":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
-
-generic SHA-256 Hash file #1
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_file:"SHA256":"data_files/hash_file_1":"975d0c620d3936886f8a3665e585a3e84aa0501f4225bf53029710242823e391"
-
-generic SHA-256 Hash file #2
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_file:"SHA256":"data_files/hash_file_2":"11fcbf1baa36ca45745f10cc5467aee86f066f80ba2c46806d876bf783022ad2"
-
-generic SHA-256 Hash file #3
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_file:"SHA256":"data_files/hash_file_3":"9ae4b369f9f4f03b86505b46a5469542e00aaff7cf7417a71af6d6d0aba3b70c"
-
-generic SHA-256 Hash file #4
-depends_on:MBEDTLS_SHA256_C
-mbedtls_md_file:"SHA256":"data_files/hash_file_4":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
-
-generic SHA-384 Hash file #1
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-mbedtls_md_file:"SHA384":"data_files/hash_file_1":"e0a3e6259d6378001b54ef82f5dd087009c5fad86d8db226a9fe1d14ecbe33a6fc916e3a4b16f5f286424de15d5a8e0e"
-
-generic SHA-384 Hash file #2
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-mbedtls_md_file:"SHA384":"data_files/hash_file_2":"eff727afc8495c92e2f370f97a317f93c3350324b0646b0f0e264708b3c97d3d332d3c5390e1e47130f5c92f1ef4b9cf"
-
-generic SHA-384 Hash file #3
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-mbedtls_md_file:"SHA384":"data_files/hash_file_3":"6fc10ebda96a1ccf61777cac72f6034f92533d42052a4bf9f9d929c672973c71e5aeb1213268043c21527ac0f7f349c4"
-
-generic SHA-384 Hash file #4
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-mbedtls_md_file:"SHA384":"data_files/hash_file_4":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b"
-
-generic SHA-512 Hash file #1
-depends_on:MBEDTLS_SHA512_C
-mbedtls_md_file:"SHA512":"data_files/hash_file_1":"d8207a2e1ff2b424f2c4163fe1b723c9bd42e464061eb411e8df730bcd24a7ab3956a6f3ff044a52eb2d262f9e4ca6b524092b544ab78f14d6f9c4cc8ddf335a"
-
-generic SHA-512 Hash file #2
-depends_on:MBEDTLS_SHA512_C
-mbedtls_md_file:"SHA512":"data_files/hash_file_2":"ecbb7f0ed8a702b49f16ad3088bcc06ea93451912a7187db15f64d93517b09630b039293aed418d4a00695777b758b1f381548c2fd7b92ce5ed996b32c8734e7"
-
-generic SHA-512 Hash file #3
-depends_on:MBEDTLS_SHA512_C
-mbedtls_md_file:"SHA512":"data_files/hash_file_3":"7ccc9b2da71ffde9966c3ce44d7f20945fccf33b1fade4da152b021f1afcc7293382944aa6c09eac67af25f22026758e2bf6bed86ae2a43592677ee50f8eea41"
-
-generic SHA-512 Hash file #4
-depends_on:MBEDTLS_SHA512_C
-mbedtls_md_file:"SHA512":"data_files/hash_file_4":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_md.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_md.function
deleted file mode 100644
index d918ce3..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_md.function
+++ /dev/null
@@ -1,373 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/md.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_MD_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void mbedtls_md_process(  )
-{
-    const int *md_type_ptr;
-    const mbedtls_md_info_t *info;
-    mbedtls_md_context_t ctx;
-    unsigned char buf[150];
-
-    mbedtls_md_init( &ctx );
-
-    /*
-     * Very minimal testing of mbedtls_md_process, just make sure the various
-     * xxx_process_wrap() function pointers are valid. (Testing that they
-     * indeed do the right thing whould require messing with the internal
-     * state of the underlying mbedtls_md/sha context.)
-     *
-     * Also tests that mbedtls_md_list() only returns valid MDs.
-     */
-    for( md_type_ptr = mbedtls_md_list(); *md_type_ptr != 0; md_type_ptr++ )
-    {
-        info = mbedtls_md_info_from_type( *md_type_ptr );
-        TEST_ASSERT( info != NULL );
-        TEST_ASSERT( mbedtls_md_setup( &ctx, info, 0 ) == 0 );
-        TEST_ASSERT( mbedtls_md_process( &ctx, buf ) == 0 );
-        mbedtls_md_free( &ctx );
-    }
-
-exit:
-    mbedtls_md_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void md_null_args(  )
-{
-    mbedtls_md_context_t ctx;
-    const mbedtls_md_info_t *info = mbedtls_md_info_from_type( *( mbedtls_md_list() ) );
-    unsigned char buf[1] = { 0 };
-
-    mbedtls_md_init( &ctx );
-
-    TEST_ASSERT( mbedtls_md_get_size( NULL ) == 0 );
-    TEST_ASSERT( mbedtls_md_get_type( NULL ) == MBEDTLS_MD_NONE );
-    TEST_ASSERT( mbedtls_md_get_name( NULL ) == NULL );
-
-    TEST_ASSERT( mbedtls_md_info_from_string( NULL ) == NULL );
-
-    TEST_ASSERT( mbedtls_md_setup( &ctx, NULL, 0 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-    TEST_ASSERT( mbedtls_md_setup( NULL, info, 0 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_md_starts( NULL ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-    TEST_ASSERT( mbedtls_md_starts( &ctx ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_md_update( NULL, buf, 1 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-    TEST_ASSERT( mbedtls_md_update( &ctx, buf, 1 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_md_finish( NULL, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-    TEST_ASSERT( mbedtls_md_finish( &ctx, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_md( NULL, buf, 1, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_FS_IO)
-    TEST_ASSERT( mbedtls_md_file( NULL, "", buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-#endif
-
-    TEST_ASSERT( mbedtls_md_hmac_starts( NULL, buf, 1 )
-                 == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-    TEST_ASSERT( mbedtls_md_hmac_starts( &ctx, buf, 1 )
-                 == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_md_hmac_update( NULL, buf, 1 )
-                 == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-    TEST_ASSERT( mbedtls_md_hmac_update( &ctx, buf, 1 )
-                 == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_md_hmac_finish( NULL, buf )
-                 == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-    TEST_ASSERT( mbedtls_md_hmac_finish( &ctx, buf )
-                 == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_md_hmac_reset( NULL ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-    TEST_ASSERT( mbedtls_md_hmac_reset( &ctx ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_md_hmac( NULL, buf, 1, buf, 1, buf )
-                 == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_md_process( NULL, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-    TEST_ASSERT( mbedtls_md_process( &ctx, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
-
-    /* Ok, this is not NULL arg but NULL return... */
-    TEST_ASSERT( mbedtls_md_info_from_type( MBEDTLS_MD_NONE ) == NULL );
-    TEST_ASSERT( mbedtls_md_info_from_string( "no such md" ) == NULL );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void md_info( int md_type, char * md_name, int md_size )
-{
-    const mbedtls_md_info_t *md_info;
-    const int *md_type_ptr;
-    int found;
-
-    md_info = mbedtls_md_info_from_type( md_type );
-    TEST_ASSERT( md_info != NULL );
-    TEST_ASSERT( md_info == mbedtls_md_info_from_string( md_name ) );
-
-    TEST_ASSERT( mbedtls_md_get_type( md_info ) == (mbedtls_md_type_t) md_type );
-    TEST_ASSERT( mbedtls_md_get_size( md_info ) == (unsigned char) md_size );
-    TEST_ASSERT( strcmp( mbedtls_md_get_name( md_info ), md_name ) == 0 );
-
-    found = 0;
-    for( md_type_ptr = mbedtls_md_list(); *md_type_ptr != 0; md_type_ptr++ )
-        if( *md_type_ptr == md_type )
-            found = 1;
-    TEST_ASSERT( found == 1 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void md_text( char * text_md_name, char * text_src_string,
-              data_t * hash )
-{
-    char md_name[100];
-    unsigned char src_str[1000];
-    unsigned char output[100];
-    const mbedtls_md_info_t *md_info = NULL;
-
-    memset( md_name, 0x00, 100 );
-    memset( src_str, 0x00, 1000 );
-    memset( output, 0x00, 100 );
-
-    strncpy( (char *) src_str, text_src_string, sizeof( src_str ) - 1 );
-    strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
-    md_info = mbedtls_md_info_from_string(md_name);
-    TEST_ASSERT( md_info != NULL );
-
-    TEST_ASSERT ( 0 == mbedtls_md( md_info, src_str, strlen( (char *) src_str ), output ) );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x,
-                                      mbedtls_md_get_size( md_info ),
-                                      hash->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void md_hex( char * text_md_name, data_t * src_str, data_t * hash )
-{
-    char md_name[100];
-    unsigned char output[100];
-    const mbedtls_md_info_t *md_info = NULL;
-
-    memset( md_name, 0x00, 100 );
-    memset( output, 0x00, 100 );
-
-    strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
-    md_info = mbedtls_md_info_from_string( md_name );
-    TEST_ASSERT( md_info != NULL );
-
-    TEST_ASSERT ( 0 == mbedtls_md( md_info, src_str->x, src_str->len, output ) );
-
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x,
-                                      mbedtls_md_get_size( md_info ),
-                                      hash->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void md_text_multi( char * text_md_name, char * text_src_string,
-                    data_t * hash )
-{
-    char md_name[100];
-    unsigned char src_str[1000];
-    unsigned char output[100];
-    int halfway, len;
-
-    const mbedtls_md_info_t *md_info = NULL;
-    mbedtls_md_context_t ctx, ctx_copy;
-
-    mbedtls_md_init( &ctx );
-    mbedtls_md_init( &ctx_copy );
-
-    memset( md_name, 0x00, 100 );
-    memset( src_str, 0x00, 1000 );
-    memset( output, 0x00, 100 );
-
-    strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 );
-    strncpy( (char *) md_name, text_md_name, sizeof(md_name) - 1 );
-    len = strlen( (char *) src_str );
-    halfway = len / 2;
-
-    md_info = mbedtls_md_info_from_string(md_name);
-    TEST_ASSERT( md_info != NULL );
-    TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 0 ) );
-    TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx_copy, md_info, 0 ) );
-
-    TEST_ASSERT ( 0 == mbedtls_md_starts( &ctx ) );
-    TEST_ASSERT ( ctx.md_ctx != NULL );
-    TEST_ASSERT ( 0 == mbedtls_md_update( &ctx, src_str, halfway ) );
-    TEST_ASSERT ( 0 == mbedtls_md_clone( &ctx_copy, &ctx ) );
-
-    TEST_ASSERT ( 0 == mbedtls_md_update( &ctx, src_str + halfway, len - halfway ) );
-    TEST_ASSERT ( 0 == mbedtls_md_finish( &ctx, output ) );
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x,
-                                      mbedtls_md_get_size( md_info ),
-                                      hash->len) == 0 );
-
-    /* Test clone */
-    memset( output, 0x00, 100 );
-
-    TEST_ASSERT ( 0 == mbedtls_md_update( &ctx_copy, src_str + halfway, len - halfway ) );
-    TEST_ASSERT ( 0 == mbedtls_md_finish( &ctx_copy, output ) );
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x,
-                                      mbedtls_md_get_size( md_info ),
-                                      hash->len ) == 0 );
-
-exit:
-    mbedtls_md_free( &ctx );
-    mbedtls_md_free( &ctx_copy );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void md_hex_multi( char * text_md_name, data_t * src_str, data_t * hash )
-{
-    char md_name[100];
-    unsigned char output[100];
-    const mbedtls_md_info_t *md_info = NULL;
-    mbedtls_md_context_t ctx, ctx_copy;
-    int halfway;
-
-    mbedtls_md_init( &ctx );
-    mbedtls_md_init( &ctx_copy );
-
-    memset( md_name, 0x00, 100 );
-    memset( output, 0x00, 100 );
-
-    strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
-    md_info = mbedtls_md_info_from_string(md_name);
-    TEST_ASSERT( md_info != NULL );
-    TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 0 ) );
-    TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx_copy, md_info, 0 ) );
-
-    halfway = src_str->len / 2;
-
-    TEST_ASSERT ( 0 == mbedtls_md_starts( &ctx ) );
-    TEST_ASSERT ( ctx.md_ctx != NULL );
-    TEST_ASSERT ( 0 == mbedtls_md_update( &ctx, src_str->x, halfway ) );
-    TEST_ASSERT ( 0 == mbedtls_md_clone( &ctx_copy, &ctx ) );
-
-    TEST_ASSERT ( 0 == mbedtls_md_update( &ctx, src_str->x + halfway, src_str->len - halfway) );
-    TEST_ASSERT ( 0 == mbedtls_md_finish( &ctx, output ) );
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x,
-                                      mbedtls_md_get_size( md_info ),
-                                      hash->len ) == 0 );
-
-    /* Test clone */
-    memset( output, 0x00, 100 );
-
-    TEST_ASSERT ( 0 == mbedtls_md_update( &ctx_copy, src_str->x + halfway, src_str->len - halfway ) );
-    TEST_ASSERT ( 0 == mbedtls_md_finish( &ctx_copy, output ) );
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x,
-                                      mbedtls_md_get_size( md_info ),
-                                      hash->len ) == 0 );
-
-exit:
-    mbedtls_md_free( &ctx );
-    mbedtls_md_free( &ctx_copy );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_md_hmac( char * text_md_name, int trunc_size,
-                      data_t * key_str, data_t * src_str,
-                      data_t * hash )
-{
-    char md_name[100];
-    unsigned char output[100];
-    const mbedtls_md_info_t *md_info = NULL;
-
-    memset( md_name, 0x00, 100 );
-    memset( output, 0x00, 100 );
-
-    strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
-    md_info = mbedtls_md_info_from_string( md_name );
-    TEST_ASSERT( md_info != NULL );
-
-
-    TEST_ASSERT ( mbedtls_md_hmac( md_info, key_str->x, key_str->len, src_str->x, src_str->len, output ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x,
-                                      trunc_size, hash->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void md_hmac_multi( char * text_md_name, int trunc_size, data_t * key_str,
-                    data_t * src_str, data_t * hash )
-{
-    char md_name[100];
-    unsigned char output[100];
-    const mbedtls_md_info_t *md_info = NULL;
-    mbedtls_md_context_t ctx;
-    int halfway;
-
-    mbedtls_md_init( &ctx );
-
-    memset( md_name, 0x00, 100 );
-    memset( output, 0x00, 100 );
-
-    strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
-    md_info = mbedtls_md_info_from_string( md_name );
-    TEST_ASSERT( md_info != NULL );
-    TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 1 ) );
-
-    halfway = src_str->len / 2;
-
-    TEST_ASSERT ( 0 == mbedtls_md_hmac_starts( &ctx, key_str->x, key_str->len ) );
-    TEST_ASSERT ( ctx.md_ctx != NULL );
-    TEST_ASSERT ( 0 == mbedtls_md_hmac_update( &ctx, src_str->x, halfway ) );
-    TEST_ASSERT ( 0 == mbedtls_md_hmac_update( &ctx, src_str->x + halfway, src_str->len - halfway ) );
-    TEST_ASSERT ( 0 == mbedtls_md_hmac_finish( &ctx, output ) );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x,
-                                      trunc_size, hash->len ) == 0 );
-
-    /* Test again, for reset() */
-    memset( output, 0x00, 100 );
-
-    TEST_ASSERT ( 0 == mbedtls_md_hmac_reset( &ctx ) );
-    TEST_ASSERT ( 0 == mbedtls_md_hmac_update( &ctx, src_str->x, halfway ) );
-    TEST_ASSERT ( 0 == mbedtls_md_hmac_update( &ctx, src_str->x + halfway, src_str->len - halfway ) );
-    TEST_ASSERT ( 0 == mbedtls_md_hmac_finish( &ctx, output ) );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x,
-                                      trunc_size, hash->len ) == 0 );
-
-exit:
-    mbedtls_md_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
-void mbedtls_md_file( char * text_md_name, char * filename,
-                      data_t * hash )
-{
-    char md_name[100];
-    unsigned char output[100];
-    const mbedtls_md_info_t *md_info = NULL;
-
-    memset( md_name, 0x00, 100 );
-    memset( output, 0x00, 100 );
-
-    strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
-    md_info = mbedtls_md_info_from_string( md_name );
-    TEST_ASSERT( md_info != NULL );
-
-    TEST_ASSERT( mbedtls_md_file( md_info, filename, output ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x,
-                                      mbedtls_md_get_size( md_info ),
-                                      hash->len ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_mdx.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_mdx.function
deleted file mode 100644
index aa35c58..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_mdx.function
+++ /dev/null
@@ -1,114 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
-#include "mbedtls/md5.h"
-#include "mbedtls/ripemd160.h"
-/* END_HEADER */
-
-/* BEGIN_CASE depends_on:MBEDTLS_MD2_C */
-void md2_text( char * text_src_string, data_t * hash )
-{
-    int ret;
-    unsigned char src_str[100];
-    unsigned char output[16];
-
-    memset( src_str, 0x00, sizeof src_str );
-    memset( output, 0x00, sizeof output );
-
-    strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 );
-
-    ret = mbedtls_md2_ret( src_str, strlen( (char *) src_str ), output );
-    TEST_ASSERT( ret == 0 ) ;
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x,
-                                      sizeof  output, hash->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_MD4_C */
-void md4_text( char * text_src_string, data_t * hash )
-{
-    int ret;
-    unsigned char src_str[100];
-    unsigned char output[16];
-
-    memset( src_str, 0x00, sizeof src_str );
-    memset( output, 0x00, sizeof output );
-
-    strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 );
-
-    ret = mbedtls_md4_ret( src_str, strlen( (char *) src_str ), output );
-    TEST_ASSERT( ret == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x,
-                                      sizeof  output, hash->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_MD5_C */
-void md5_text( char * text_src_string, data_t * hash )
-{
-    int ret;
-    unsigned char src_str[100];
-    unsigned char output[16];
-
-    memset( src_str, 0x00, sizeof src_str );
-    memset( output, 0x00, sizeof output );
-
-    strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 );
-
-    ret = mbedtls_md5_ret( src_str, strlen( (char *) src_str ), output );
-    TEST_ASSERT( ret == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x,
-                                      sizeof  output, hash->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_RIPEMD160_C */
-void ripemd160_text( char * text_src_string, data_t * hash )
-{
-    int ret;
-    unsigned char src_str[100];
-    unsigned char output[20];
-
-    memset(src_str, 0x00, sizeof src_str);
-    memset(output, 0x00, sizeof output);
-
-    strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 );
-
-    ret = mbedtls_ripemd160_ret( src_str, strlen( (char *) src_str ), output );
-    TEST_ASSERT( ret == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x,
-                                      sizeof output, hash->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_MD2_C:MBEDTLS_SELF_TEST */
-void md2_selftest(  )
-{
-    TEST_ASSERT( mbedtls_md2_self_test( 1 ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_MD4_C:MBEDTLS_SELF_TEST */
-void md4_selftest(  )
-{
-    TEST_ASSERT( mbedtls_md4_self_test( 1 ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_MD5_C:MBEDTLS_SELF_TEST */
-void md5_selftest(  )
-{
-    TEST_ASSERT( mbedtls_md5_self_test( 1 ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_RIPEMD160_C:MBEDTLS_SELF_TEST */
-void ripemd160_selftest(  )
-{
-    TEST_ASSERT( mbedtls_ripemd160_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_memory_buffer_alloc.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_memory_buffer_alloc.function
deleted file mode 100644
index cc884c2..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_memory_buffer_alloc.function
+++ /dev/null
@@ -1,279 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/memory_buffer_alloc.h"
-#define TEST_SUITE_MEMORY_BUFFER_ALLOC
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_MEMORY_BUFFER_ALLOC_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_SUITE_HELPERS */
-static int check_pointer( void *p )
-{
-    if( p == NULL )
-        return( -1 );
-
-    if( (size_t) p % MBEDTLS_MEMORY_ALIGN_MULTIPLE != 0 )
-        return( -1 );
-
-    return( 0 );
-}
-/* END_SUITE_HELPERS */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void mbedtls_memory_buffer_alloc_self_test(  )
-{
-    TEST_ASSERT( mbedtls_memory_buffer_alloc_self_test( 1 ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void memory_buffer_alloc_free_alloc( int a_bytes, int b_bytes, int c_bytes,
-                                     int d_bytes, int free_a, int free_b,
-                                     int free_c, int free_d, int e_bytes,
-                                     int f_bytes )
-{
-    unsigned char buf[1024];
-    unsigned char *ptr_a = NULL, *ptr_b = NULL, *ptr_c = NULL, *ptr_d = NULL,
-                    *ptr_e = NULL, *ptr_f = NULL;
-
-#if defined(MBEDTLS_MEMORY_DEBUG)
-    size_t reported_blocks;
-    size_t reported_bytes;
-#endif
-    size_t allocated_bytes = 0;
-
-    mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) );
-
-    mbedtls_memory_buffer_set_verify( MBEDTLS_MEMORY_VERIFY_ALWAYS );
-
-    if( a_bytes > 0 )
-    {
-        ptr_a = mbedtls_calloc( a_bytes, sizeof(char) );
-        TEST_ASSERT( check_pointer( ptr_a ) == 0 );
-
-        allocated_bytes += a_bytes * sizeof(char);
-    }
-
-    if( b_bytes > 0 )
-    {
-        ptr_b = mbedtls_calloc( b_bytes, sizeof(char) );
-        TEST_ASSERT( check_pointer( ptr_b ) == 0 );
-
-        allocated_bytes += b_bytes * sizeof(char);
-    }
-
-    if( c_bytes > 0 )
-    {
-        ptr_c = mbedtls_calloc( c_bytes, sizeof(char) );
-        TEST_ASSERT( check_pointer( ptr_c ) == 0 );
-
-        allocated_bytes += c_bytes * sizeof(char);
-    }
-
-    if( d_bytes > 0 )
-    {
-        ptr_d = mbedtls_calloc( d_bytes, sizeof(char) );
-        TEST_ASSERT( check_pointer( ptr_d ) == 0 );
-
-        allocated_bytes += d_bytes * sizeof(char);
-    }
-
-#if defined(MBEDTLS_MEMORY_DEBUG)
-    mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks );
-    TEST_ASSERT( reported_bytes == allocated_bytes );
-#endif
-
-    if( free_a )
-    {
-        mbedtls_free( ptr_a );
-        ptr_a = NULL;
-        TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 );
-
-        allocated_bytes -= a_bytes * sizeof(char);
-    }
-
-    if( free_b )
-    {
-        mbedtls_free( ptr_b );
-        ptr_b = NULL;
-        TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 );
-
-        allocated_bytes -= b_bytes * sizeof(char);
-    }
-
-    if( free_c )
-    {
-        mbedtls_free( ptr_c );
-        ptr_c = NULL;
-        TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 );
-
-        allocated_bytes -= c_bytes * sizeof(char);
-    }
-
-    if( free_d )
-    {
-        mbedtls_free( ptr_d );
-        ptr_d = NULL;
-        TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 );
-
-        allocated_bytes -= d_bytes * sizeof(char);
-    }
-
-#if defined(MBEDTLS_MEMORY_DEBUG)
-    mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks );
-    TEST_ASSERT( reported_bytes == allocated_bytes );
-#endif
-
-    if( e_bytes > 0 )
-    {
-        ptr_e = mbedtls_calloc( e_bytes, sizeof(char) );
-        TEST_ASSERT( check_pointer( ptr_e ) == 0 );
-    }
-
-    if( f_bytes > 0 )
-    {
-        ptr_f = mbedtls_calloc( f_bytes, sizeof(char) );
-        TEST_ASSERT( check_pointer( ptr_f ) == 0 );
-    }
-
-    /* Once blocks are reallocated, the block allocated to the memory request
-     * may be bigger than the request itself, which is indicated by the reported
-     * bytes, and makes it hard to know what the reported size will be, so
-     * we don't check the size after blocks have been reallocated. */
-
-    if( ptr_a != NULL )
-    {
-        mbedtls_free( ptr_a );
-        ptr_a = NULL;
-        TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 );
-    }
-
-    if( ptr_b != NULL )
-    {
-        mbedtls_free( ptr_b );
-        ptr_b = NULL;
-        TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 );
-    }
-
-    if( ptr_c != NULL )
-    {
-        mbedtls_free( ptr_c );
-        ptr_c = NULL;
-        TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 );
-    }
-
-    if( ptr_d != NULL )
-    {
-        mbedtls_free( ptr_d );
-        ptr_d = NULL;
-        TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 );
-    }
-
-    if( ptr_e != NULL )
-    {
-        mbedtls_free( ptr_e );
-        ptr_e = NULL;
-        TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 );
-    }
-
-    if( ptr_f != NULL )
-    {
-        mbedtls_free( ptr_f );
-        ptr_f = NULL;
-    }
-
-#if defined(MBEDTLS_MEMORY_DEBUG)
-    mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks );
-    TEST_ASSERT( reported_bytes == 0 );
-#endif
-
-    TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 );
-
-exit:
-    mbedtls_memory_buffer_alloc_free( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void memory_buffer_alloc_oom_test(  )
-{
-    unsigned char buf[1024];
-    unsigned char *ptr_a = NULL, *ptr_b = NULL, *ptr_c = NULL;
-#if defined(MBEDTLS_MEMORY_DEBUG)
-    size_t reported_blocks, reported_bytes;
-#endif
-
-    (void)ptr_c;
-
-    mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) );
-
-    mbedtls_memory_buffer_set_verify( MBEDTLS_MEMORY_VERIFY_ALWAYS );
-
-    ptr_a = mbedtls_calloc( 432, sizeof(char) );
-    TEST_ASSERT( check_pointer( ptr_a ) == 0 );
-
-    ptr_b = mbedtls_calloc( 432, sizeof(char) );
-    TEST_ASSERT( check_pointer( ptr_b ) == 0 );
-
-    ptr_c = mbedtls_calloc( 431, sizeof(char) );
-    TEST_ASSERT( ptr_c == NULL );
-
-#if defined(MBEDTLS_MEMORY_DEBUG)
-    mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks );
-    TEST_ASSERT( reported_bytes >= 864 && reported_bytes <= sizeof(buf) );
-#endif
-
-    mbedtls_free( ptr_a );
-    ptr_a = NULL;
-    TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 );
-
-    mbedtls_free( ptr_b );
-    ptr_b = NULL;
-    TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 );
-
-#if defined(MBEDTLS_MEMORY_DEBUG)
-    mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks );
-    TEST_ASSERT( reported_bytes == 0 );
-#endif
-
-    TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 );
-
-exit:
-    mbedtls_memory_buffer_alloc_free( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void memory_buffer_heap_too_small( )
-{
-    unsigned char buf[1];
-
-    mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) );
-    /* With MBEDTLS_MEMORY_DEBUG enabled, this prints a message
-     * "FATAL: verification of first header failed".
-     */
-    TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() != 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void memory_buffer_underalloc( )
-{
-    unsigned char buf[100];
-    size_t i;
-
-    mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) );
-    for( i = 1; i < MBEDTLS_MEMORY_ALIGN_MULTIPLE; i++ )
-    {
-        TEST_ASSERT( mbedtls_calloc( 1,
-                     (size_t)-( MBEDTLS_MEMORY_ALIGN_MULTIPLE - i ) ) == NULL );
-        TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 );
-    }
-
-exit:
-    mbedtls_memory_buffer_alloc_free();
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_mpi.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_mpi.data
deleted file mode 100644
index 0966393..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_mpi.data
+++ /dev/null
@@ -1,1002 +0,0 @@
-MPI - Valid parameters
-mpi_valid_param:
-
-MPI - Invalid parameters
-mpi_invalid_param:
-
-Arguments with no value
-mpi_null:
-
-Base test mpi_read_write_string #1
-mpi_read_write_string:10:"128":10:"128":100:0:0
-
-Base test mpi_read_write_string #2
-mpi_read_write_string:10:"128":16:"80":100:0:0
-
-Base test mpi_read_write_string #3 (Read zero)
-mpi_read_write_string:10:"0":10:"0":100:0:0
-
-Base test mpi_read_write_string #3 (Negative decimal) [#1]
-mpi_read_write_string:10:"-23":10:"-23":100:0:0
-
-Base test mpi_read_write_string #3 (Negative hex)
-mpi_read_write_string:16:"-20":10:"-32":100:0:0
-
-Base test mpi_read_write_string #3 (Negative decimal) [#2]
-mpi_read_write_string:16:"-23":16:"-23":100:0:0
-
-Base test mpi_read_write_string #4 (Buffer just fits)
-mpi_read_write_string:16:"-4":4:"-10":4:0:0
-
-Test mpi_read_write_string #1 (Invalid character)
-mpi_read_write_string:10:"a28":0:"":100:MBEDTLS_ERR_MPI_INVALID_CHARACTER:0
-
-Test mpi_read_write_string #2 (Illegal input radix)
-mpi_read_write_string:19:"a28":0:"":100:MBEDTLS_ERR_MPI_BAD_INPUT_DATA:0
-
-Test mpi_read_write_string #3 (Buffer just fits)
-mpi_read_write_string:16:"-23":16:"-23":4:0:0
-
-Test mpi_read_write_string #4 (Buffer too small)
-mpi_read_write_string:16:"-23":16:"-23":3:0:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL
-
-Test mpi_read_write_string #5 (Illegal output radix)
-mpi_read_write_string:16:"-23":17:"-23":4:0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-Test mpi_read_write_string #6 (Output radix of 15)
-mpi_read_write_string:10:"29":15:"1e":100:0:0
-
-Test mpi_read_write_string #7
-mpi_read_write_string:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":200:0:0
-
-Test mpi_read_write_string #8 (Empty MPI -> hex)
-mpi_read_write_string:16:"":16:"00":4:0:0
-
-Test mpi_read_write_string #9 (Empty MPI -> dec)
-mpi_read_write_string:16:"":10:"0":4:0:0
-
-Test mpi_write_string #10 (Negative hex with odd number of digits)
-mpi_read_write_string:16:"-1":16:"":3:0:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL
-
-Base test mbedtls_mpi_read_binary #1
-mbedtls_mpi_read_binary:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924"
-
-Base test mbedtls_mpi_read_binary_le #1
-mbedtls_mpi_read_binary_le:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":10:"219946662473865722255717126709915431768051735954189829340600976826409773245337023925691629251672268961177825243440202069039100741562168093042339401187848509859789949044607421190014088260008793380554914226244485299326152319899746569"
-
-Base test mbedtls_mpi_write_binary #1
-mbedtls_mpi_write_binary:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":200:0
-
-Test mbedtls_mpi_write_binary #1 (Buffer just fits)
-mbedtls_mpi_write_binary:16:"123123123123123123123123123":"0123123123123123123123123123":14:0
-
-Test mbedtls_mpi_write_binary #2 (Buffer too small)
-mbedtls_mpi_write_binary:16:"123123123123123123123123123":"23123123123123123123123123":13:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL
-
-Base test mbedtls_mpi_write_binary_le #1
-mbedtls_mpi_write_binary_le:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":"24448b952fbbef93f89286ba330e62528b151eac265cc8ce3038519d09e148af89288e91f48b41acad55d9dc5e2b18097c106be4ce132721bf6359eaf403e7ff90623e8866ee5c192320418daa682f144adedf84f25de11f49d1fe009d374109":200:0
-
-Test mbedtls_mpi_write_binary_le #1 (Buffer just fits)
-mbedtls_mpi_write_binary_le:16:"123123123123123123123123123":"2331122331122331122331122301":14:0
-
-Test mbedtls_mpi_write_binary_le #2 (Buffer too small)
-mbedtls_mpi_write_binary_le:16:"123123123123123123123123123":"23311223311223311223311223":13:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL
-
-Base test mbedtls_mpi_read_file #1
-mbedtls_mpi_read_file:10:"data_files/mpi_10":"01f55332c3a48b910f9942f6c914e58bef37a47ee45cb164a5b6b8d1006bf59a059c21449939ebebfdf517d2e1dbac88010d7b1f141e997bd6801ddaec9d05910f4f2de2b2c4d714e2c14a72fc7f17aa428d59c531627f09":0
-
-Test mbedtls_mpi_read_file #1 (Empty file)
-mbedtls_mpi_read_file:10:"data_files/hash_file_4":"":MBEDTLS_ERR_MPI_FILE_IO_ERROR
-
-Test mbedtls_mpi_read_file #2 (Illegal input)
-mbedtls_mpi_read_file:10:"data_files/hash_file_3":"":0
-
-Test mbedtls_mpi_read_file #3 (Input too big)
-mbedtls_mpi_read_file:10:"data_files/mpi_too_big":"":MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL
-
-Base test mbedtls_mpi_write_file #1
-mbedtls_mpi_write_file:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"data_files/mpi_write"
-
-Base test mbedtls_mpi_lsb #1
-mbedtls_mpi_lsb:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":2
-
-Base test mbedtls_mpi_lsb #2
-mbedtls_mpi_lsb:10:"24":3
-
-Base test mbedtls_mpi_lsb #3
-mbedtls_mpi_lsb:16:"24":2
-
-Base test mbedtls_mpi_lsb #4
-mbedtls_mpi_lsb:16:"2000":13
-
-Base test mbedtls_mpi_bitlen #1
-mbedtls_mpi_bitlen:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":764
-
-Base test mbedtls_mpi_bitlen #2
-mbedtls_mpi_bitlen:10:"24":5
-
-Base test mbedtls_mpi_bitlen #3
-mbedtls_mpi_bitlen:10:"1":1
-
-Base test mbedtls_mpi_bitlen #4
-mbedtls_mpi_bitlen:10:"15":4
-
-Base test mbedtls_mpi_bitlen #5
-mbedtls_mpi_bitlen:10:"16":5
-
-Base test mbedtls_mpi_bitlen #6
-mbedtls_mpi_bitlen:10:"10":4
-
-Base test mbedtls_mpi_bitlen #7
-mbedtls_mpi_bitlen:10:"0":0
-
-Base test mbedtls_mpi_cmp_int #1
-mbedtls_mpi_cmp_int:693:693:0
-
-Base test mbedtls_mpi_cmp_int #2
-mbedtls_mpi_cmp_int:693:692:1
-
-Base test mbedtls_mpi_cmp_int #3
-mbedtls_mpi_cmp_int:693:694:-1
-
-Base test mbedtls_mpi_cmp_int (Negative values) #1
-mbedtls_mpi_cmp_int:-2:-2:0
-
-Base test mbedtls_mpi_cmp_int (Negative values) #2
-mbedtls_mpi_cmp_int:-2:-3:1
-
-Base test mbedtls_mpi_cmp_int (Negative values) #3
-mbedtls_mpi_cmp_int:-2:-1:-1
-
-Base test mbedtls_mpi_cmp_mpi #1
-mbedtls_mpi_cmp_mpi:10:"693":10:"693":0
-
-Base test mbedtls_mpi_cmp_mpi #2
-mbedtls_mpi_cmp_mpi:10:"693":10:"692":1
-
-Base test mbedtls_mpi_cmp_mpi #3
-mbedtls_mpi_cmp_mpi:10:"693":10:"694":-1
-
-Base test mbedtls_mpi_cmp_mpi (Negative values) #1
-mbedtls_mpi_cmp_mpi:10:"-2":10:"-2":0
-
-Base test mbedtls_mpi_cmp_mpi (Negative values) #2
-mbedtls_mpi_cmp_mpi:10:"-2":10:"-3":1
-
-Base test mbedtls_mpi_cmp_mpi (Negative values) #3
-mbedtls_mpi_cmp_mpi:10:"-2":10:"-1":-1
-
-Base test mbedtls_mpi_cmp_mpi (Mixed values) #4
-mbedtls_mpi_cmp_mpi:10:"-3":10:"2":-1
-
-Base test mbedtls_mpi_cmp_mpi (Mixed values) #5
-mbedtls_mpi_cmp_mpi:10:"2":10:"-3":1
-
-Base test mbedtls_mpi_cmp_mpi (Mixed values) #6
-mbedtls_mpi_cmp_mpi:10:"-2":10:"31231231289798":-1
-
-Base test mbedtls_mpi_lt_mpi_ct #1
-mbedtls_mpi_lt_mpi_ct:1:"2B5":1:"2B5":0:0
-
-Base test mbedtls_mpi_lt_mpi_ct #2
-mbedtls_mpi_lt_mpi_ct:1:"2B5":1:"2B4":0:0
-
-Base test mbedtls_mpi_lt_mpi_ct #3
-mbedtls_mpi_lt_mpi_ct:1:"2B5":1:"2B6":1:0
-
-Base test mbedtls_mpi_lt_mpi_ct (Negative values) #1
-mbedtls_mpi_lt_mpi_ct:1:"-2":1:"-2":0:0
-
-Base test mbedtls_mpi_lt_mpi_ct (Negative values) #2
-mbedtls_mpi_lt_mpi_ct:1:"-2":1:"-3":0:0
-
-Base test mbedtls_mpi_lt_mpi_ct (Negative values) #3
-mbedtls_mpi_lt_mpi_ct:1:"-2":1:"-1":1:0
-
-Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #1
-mbedtls_mpi_lt_mpi_ct:1:"-3":1:"2":1:0
-
-Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #2
-mbedtls_mpi_lt_mpi_ct:1:"2":1:"-3":0:0
-
-Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #3
-mbedtls_mpi_lt_mpi_ct:2:"-2":2:"1C67967269C6":1:0
-
-Base test mbedtls_mpi_lt_mpi_ct (X is longer in storage)
-mbedtls_mpi_lt_mpi_ct:3:"2B5":2:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-Base test mbedtls_mpi_lt_mpi_ct (Y is longer in storage)
-mbedtls_mpi_lt_mpi_ct:3:"2B5":4:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #1
-mbedtls_mpi_lt_mpi_ct:2:"7FFFFFFFFFFFFFFF":2:"FF":0:0
-
-Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #2
-mbedtls_mpi_lt_mpi_ct:2:"8000000000000000":2:"7FFFFFFFFFFFFFFF":0:0
-
-Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #3
-mbedtls_mpi_lt_mpi_ct:2:"8000000000000000":2:"1":0:0
-
-Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #4
-mbedtls_mpi_lt_mpi_ct:2:"8000000000000000":2:"0":0:0
-
-Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #5
-mbedtls_mpi_lt_mpi_ct:2:"FFFFFFFFFFFFFFFF":2:"FF":0:0
-
-Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #1
-mbedtls_mpi_lt_mpi_ct:1:"7FFFFFFF":1:"FF":0:0
-
-Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #2
-mbedtls_mpi_lt_mpi_ct:1:"80000000":1:"7FFFFFFF":0:0
-
-Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #3
-mbedtls_mpi_lt_mpi_ct:1:"80000000":1:"1":0:0
-
-Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #4
-mbedtls_mpi_lt_mpi_ct:1:"80000000":1:"0":0:0
-
-Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #5
-mbedtls_mpi_lt_mpi_ct:1:"FFFFFFFF":1:"FF":0:0
-
-Multi-limb mbedtls_mpi_lt_mpi_ct (X<Y, zero vs non-zero MS limb)
-mbedtls_mpi_lt_mpi_ct:2:"0FFFFFFFFFFFFFFFF":2:"1FFFFFFFFFFFFFFFF":1:0
-
-Multi-limb mbedtls_mpi_lt_mpi_ct (X>Y, equal MS limbs)
-mbedtls_mpi_lt_mpi_ct:2:"-EEFFFFFFFFFFFFFFF1":2:"-EEFFFFFFFFFFFFFFFF":0:0
-
-Multi-limb mbedtls_mpi_lt_mpi_ct (X=Y)
-mbedtls_mpi_lt_mpi_ct:2:"EEFFFFFFFFFFFFFFFF":2:"EEFFFFFFFFFFFFFFFF":0:0
-
-Multi-limb mbedtls_mpi_lt_mpi_ct (X=-Y)
-mbedtls_mpi_lt_mpi_ct:2:"-EEFFFFFFFFFFFFFFFF":2:"EEFFFFFFFFFFFFFFFF":1:0
-
-Multi-limb mbedtls_mpi_lt_mpi_ct (Alternating limbs) #1
-mbedtls_mpi_lt_mpi_ct:2:"11FFFFFFFFFFFFFFFF":2:"FF1111111111111111":1:0
-
-Multi-limb mbedtls_mpi_lt_mpi_ct (Alternating limbs) #2
-mbedtls_mpi_lt_mpi_ct:2:"FF1111111111111111":2:"11FFFFFFFFFFFFFFFF":0:0
-
-Multi-limb mbedtls_mpi_lt_mpi_ct (Alternating limbs) #3
-mbedtls_mpi_lt_mpi_ct:2:"-11FFFFFFFFFFFFFFFF":2:"-FF1111111111111111":0:0
-
-Multi-limb mbedtls_mpi_lt_mpi_ct (Alternating limbs) #4
-mbedtls_mpi_lt_mpi_ct:2:"-FF1111111111111111":2:"-11FFFFFFFFFFFFFFFF":1:0
-
-Base test mbedtls_mpi_cmp_abs #1
-mbedtls_mpi_cmp_abs:10:"693":10:"693":0
-
-Base test mbedtls_mpi_cmp_abs #2
-mbedtls_mpi_cmp_abs:10:"693":10:"692":1
-
-Base test mbedtls_mpi_cmp_abs #3
-mbedtls_mpi_cmp_abs:10:"693":10:"694":-1
-
-Base test mbedtls_mpi_cmp_abs (Negative values) #1
-mbedtls_mpi_cmp_abs:10:"-2":10:"-2":0
-
-Base test mbedtls_mpi_cmp_abs (Negative values) #2
-mbedtls_mpi_cmp_abs:10:"-2":10:"-3":-1
-
-Base test mbedtls_mpi_cmp_abs (Negative values) #3
-mbedtls_mpi_cmp_abs:10:"-2":10:"-1":1
-
-Base test mbedtls_mpi_cmp_abs (Zero and Zero) #4
-mbedtls_mpi_cmp_abs:10:"0":10:"0":0
-
-Base test mbedtls_mpi_cmp_abs (Mix values) #1
-mbedtls_mpi_cmp_abs:10:"-2":10:"2":0
-
-Base test mbedtls_mpi_cmp_abs (Mix values) #2
-mbedtls_mpi_cmp_abs:10:"2":10:"-3":-1
-
-Base test mbedtls_mpi_cmp_abs (Mix values) #3
-mbedtls_mpi_cmp_abs:10:"-2":10:"1":1
-
-Copy zero (1 limb) to positive (1 limb)
-mbedtls_mpi_copy_sint:0:1500
-
-Copy zero (1 limb) to negative (1 limb)
-mbedtls_mpi_copy_sint:0:-1500
-
-Copy positive (1 limb) to zero (1 limb)
-mbedtls_mpi_copy_sint:1500:0
-
-Copy negative (1 limb) to zero (1 limb)
-mbedtls_mpi_copy_sint:-1500:0
-
-Copy positive (1 limb) to negative (1 limb)
-mbedtls_mpi_copy_sint:1500:-42
-
-Copy negative (1 limb) to positive (1 limb)
-mbedtls_mpi_copy_sint:-42:1500
-
-Copy zero (null) to zero (null)
-mbedtls_mpi_copy_binary:"":""
-
-Copy zero (null) to positive (1 limb)
-mbedtls_mpi_copy_binary:"":"1234"
-
-Copy positive (1 limb) to zero (null)
-mbedtls_mpi_copy_binary:"1234":""
-
-Copy positive to larger
-mbedtls_mpi_copy_binary:"bead":"ca5cadedb01dfaceacc01ade"
-
-Copy positive to smaller
-mbedtls_mpi_copy_binary:"ca5cadedb01dfaceacc01ade":"bead"
-
-Copy self: positive (1 limb)
-mpi_copy_self:14
-
-Copy self: zero (1 limb)
-mpi_copy_self:0
-
-Swap zero (1 limb) with positive (1 limb)
-mbedtls_mpi_swap_sint:0:1500
-
-Swap zero (1 limb) with negative (1 limb)
-mbedtls_mpi_swap_sint:0:-1500
-
-Swap positive (1 limb) with zero (1 limb)
-mbedtls_mpi_swap_sint:1500:0
-
-Swap negative (1 limb) with zero (1 limb)
-mbedtls_mpi_swap_sint:-1500:0
-
-Swap positive (1 limb) with negative (1 limb)
-mbedtls_mpi_swap_sint:1500:-42
-
-Swap negative (1 limb) with positive (1 limb)
-mbedtls_mpi_swap_sint:-42:1500
-
-Swap zero (null) with zero (null)
-mbedtls_mpi_swap_binary:"":""
-
-Swap zero (null) with positive (1 limb)
-mbedtls_mpi_swap_binary:"":"1234"
-
-Swap positive (1 limb) with zero (null)
-mbedtls_mpi_swap_binary:"1234":""
-
-Swap positive with larger
-mbedtls_mpi_swap_binary:"bead":"ca5cadedb01dfaceacc01ade"
-
-Swap positive with smaller
-mbedtls_mpi_swap_binary:"ca5cadedb01dfaceacc01ade":"bead"
-
-Swap self: 1 limb
-mpi_swap_self:"face"
-
-Swap self: null
-mpi_swap_self:""
-
-Shrink 2 limbs in a buffer of size 2 to 4
-mbedtls_mpi_shrink:2:2:4:4
-
-Shrink 2 limbs in a buffer of size 4 to 4
-mbedtls_mpi_shrink:4:2:4:4
-
-Shrink 2 limbs in a buffer of size 8 to 4
-mbedtls_mpi_shrink:8:2:4:4
-
-Shrink 4 limbs in a buffer of size 8 to 4
-mbedtls_mpi_shrink:8:4:4:4
-
-Shrink 6 limbs in a buffer of size 8 to 4 yielding 6
-mbedtls_mpi_shrink:8:6:4:6
-
-Shrink 2 limbs in a buffer of size 4 to 0 yielding 2
-mbedtls_mpi_shrink:4:2:0:2
-
-Shrink 1 limbs in a buffer of size 4 to 0 yielding 1
-mbedtls_mpi_shrink:4:1:0:1
-
-Shrink 0 limbs in a buffer of size 4 to 0 yielding 1
-mbedtls_mpi_shrink:4:0:0:1
-
-Test mbedtls_mpi_safe_cond_assign #1
-mbedtls_mpi_safe_cond_assign:+1:"01":+1:"02"
-
-Test mbedtls_mpi_safe_cond_assign #2
-mbedtls_mpi_safe_cond_assign:+1:"FF000000000000000001":+1:"02"
-
-Test mbedtls_mpi_safe_cond_assign #3
-mbedtls_mpi_safe_cond_assign:+1:"01":+1:"FF000000000000000002"
-
-Test mbedtls_mpi_safe_cond_assign #4
-mbedtls_mpi_safe_cond_assign:+1:"01":-1:"02"
-
-Test mbedtls_mpi_safe_cond_assign #5
-mbedtls_mpi_safe_cond_assign:-1:"01":+1:"02"
-
-Test mbedtls_mpi_safe_cond_assign #6
-mbedtls_mpi_safe_cond_assign:-1:"01":-1:"02"
-
-Test mbedtls_mpi_safe_cond_swap #1
-mbedtls_mpi_safe_cond_swap:+1:"01":+1:"02"
-
-Test mbedtls_mpi_safe_cond_swap #2
-mbedtls_mpi_safe_cond_swap:+1:"FF000000000000000001":+1:"02"
-
-Test mbedtls_mpi_safe_cond_swap #3
-mbedtls_mpi_safe_cond_swap:+1:"01":+1:"FF000000000000000002"
-
-Test mbedtls_mpi_safe_cond_swap #4
-mbedtls_mpi_safe_cond_swap:+1:"01":-1:"02"
-
-Test mbedtls_mpi_safe_cond_swap #5
-mbedtls_mpi_safe_cond_swap:-1:"01":+1:"02"
-
-Test mbedtls_mpi_safe_cond_swap #6
-mbedtls_mpi_safe_cond_swap:-1:"01":-1:"02"
-
-Base test mbedtls_mpi_add_abs #1
-mbedtls_mpi_add_abs:10:"12345678":10:"642531":10:"12988209"
-
-Base test mbedtls_mpi_add_abs #2
-mbedtls_mpi_add_abs:10:"-12345678":10:"642531":10:"12988209"
-
-Base test mbedtls_mpi_add_abs #3
-mbedtls_mpi_add_abs:10:"12345678":10:"-642531":10:"12988209"
-
-Base test mbedtls_mpi_add_abs #4
-mbedtls_mpi_add_abs:10:"-12345678":10:"-642531":10:"12988209"
-
-Test mbedtls_mpi_add_abs #1
-mbedtls_mpi_add_abs:10:"-643808006803554439230129854961492699151386107534013432918073439524138264842370630061369715394739134090922937332590384720397133335969549256322620979036686633213903952966175107096769180017646161851573147596390153":10:"56125680981752282333498088313568935051383833838594899821664631784577337171193624243181360054669678410455329112434552942717084003541384594864129940145043086760031292483340068923506115878221189886491132772739661669044958531131327771":10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924"
-
-Regression mbedtls_mpi_add_abs (add small to very large MPI with carry rollover) [#1]
-mbedtls_mpi_add_abs:16:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFF8":16:"08":16:"1000000000000000000000000000000"
-
-Regression mbedtls_mpi_add_abs (add small to very large MPI with carry rollover) [#2]
-mbedtls_mpi_add_abs:16:"08":16:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFF8":16:"1000000000000000000000000000000"
-
-Base test mbedtls_mpi_add_mpi #1
-mbedtls_mpi_add_mpi:10:"12345678":10:"642531":10:"12988209"
-
-Base test mbedtls_mpi_add_mpi #2
-mbedtls_mpi_add_mpi:10:"-12345678":10:"642531":10:"-11703147"
-
-Base test mbedtls_mpi_add_mpi #3
-mbedtls_mpi_add_mpi:10:"12345678":10:"-642531":10:"11703147"
-
-Base test mbedtls_mpi_add_mpi #4
-mbedtls_mpi_add_mpi:10:"-12345678":10:"-642531":10:"-12988209"
-
-Test mbedtls_mpi_add_mpi #1
-mbedtls_mpi_add_mpi:10:"203956878356401977405765866929034577280193993314348263094772646453283062722701277632936616063144088173312372882677123879538709400158306567338328279154499698366071906766440037074217117805690872792848149112022286332144876183376326512083574821647933992961249917319836219304274280243803104015000563790123":10:"531872289054204184185084734375133399408303613982130856645299464930952178606045848877129147820387996428175564228204785846141207532462936339834139412401975338705794646595487324365194792822189473092273993580587964571659678084484152603881094176995594813302284232006001752128168901293560051833646881436219":10:"735829167410606161590850601304167976688497607296479119740072111384235241328747126510065763883532084601487937110881909725679916932621242907172467691556475037071866553361927361439411910627880345885122142692610250903804554267860479115964668998643528806263534149325837971432443181537363155848647445226342"
-
-Test mbedtls_mpi_add_mpi #2
-mbedtls_mpi_add_mpi:10:"643808006803554439230129854961492699151386107534013432918073439524138264842370630061369715394739134090922937332590384720397133335969549256322620979036686633213903952966175107096769180017646161851573147596390153":10:"56125680981752282333498088313568935051383833838594899821664631784577337171193624243181360054669678410455329112434552942717084003541384594864129940145043086760031292483340068923506115878221189886491132772739661669044958531131327771":10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924"
-
-Base test mbedtls_mpi_add_mpi inplace #1
-mbedtls_mpi_add_mpi_inplace:10:"12345678":10:"24691356"
-
-Test mbedtls_mpi_add_mpi inplace #2
-mbedtls_mpi_add_mpi_inplace:10:"643808006803554439230129854961492699151386107534013432918073439524138264842370630061369715394739134090922937332590384720397133335969549256322620979036686633213903952966175107096769180017646161851573147596390153":10:"1287616013607108878460259709922985398302772215068026865836146879048276529684741260122739430789478268181845874665180769440794266671939098512645241958073373266427807905932350214193538360035292323703146295192780306"
-
-Test mbedtls_mpi_add_mpi inplace #3
-mbedtls_mpi_add_mpi_inplace:16:"ffffffffffffffffffffffffffffffff":16:"01fffffffffffffffffffffffffffffffe"
-
-Test mbedtls_mpi_add_int #1
-mbedtls_mpi_add_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":9871232:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227022647561"
-
-Test mbedtls_mpi_add_int #2
-mbedtls_mpi_add_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":-9871232:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227002905097"
-
-Base test mbedtls_mpi_sub_abs #1 (Test with larger second input)
-mbedtls_mpi_sub_abs:10:"5":10:"7":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
-
-Base test mbedtls_mpi_sub_abs #2 (Test with larger second input)
-mbedtls_mpi_sub_abs:10:"-5":10:"-7":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
-
-Base test mbedtls_mpi_sub_abs #3 (Test with larger second input)
-mbedtls_mpi_sub_abs:10:"-5":10:"7":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
-
-Base test mbedtls_mpi_sub_abs #4 (Test with larger second input)
-mbedtls_mpi_sub_abs:10:"5":10:"-7":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
-
-Base test mbedtls_mpi_sub_abs #1
-mbedtls_mpi_sub_abs:10:"7":10:"5":10:"2":0
-
-Base test mbedtls_mpi_sub_abs #2
-mbedtls_mpi_sub_abs:10:"-7":10:"-5":10:"2":0
-
-Base test mbedtls_mpi_sub_abs #3
-mbedtls_mpi_sub_abs:10:"-7":10:"5":10:"2":0
-
-Base test mbedtls_mpi_sub_abs #4
-mbedtls_mpi_sub_abs:10:"7":10:"-5":10:"2":0
-
-Test mbedtls_mpi_sub_abs #1
-mbedtls_mpi_sub_abs:16:"FFFFFFFFFF":16:"01":16:"FFFFFFFFFE":0
-
-Test mbedtls_mpi_sub_abs #2
-mbedtls_mpi_sub_abs:16:"FFFFFFFFF0":16:"01":16:"FFFFFFFFEF":0
-
-Test mbedtls_mpi_sub_abs #3
-mbedtls_mpi_sub_abs:16:"FF00000000":16:"0F00000000":16:"F000000000":0
-
-Test mbedtls_mpi_sub_abs #4
-mbedtls_mpi_sub_abs:16:"FF00000000":16:"0F00000001":16:"EFFFFFFFFF":0
-
-Base test mbedtls_mpi_sub_mpi #1 (Test with negative result)
-mbedtls_mpi_sub_mpi:10:"5":10:"7":10:"-2"
-
-Base test mbedtls_mpi_sub_mpi #2 (Test with negative inputs)
-mbedtls_mpi_sub_mpi:10:"-5":10:"-7":10:"2"
-
-Base test mbedtls_mpi_sub_mpi #3 (Test with negative base)
-mbedtls_mpi_sub_mpi:10:"-5":10:"7":10:"-12"
-
-Base test mbedtls_mpi_sub_mpi #4 (Test with negative subtraction)
-mbedtls_mpi_sub_mpi:10:"5":10:"-7":10:"12"
-
-Test mbedtls_mpi_sub_mpi #1
-mbedtls_mpi_sub_mpi:10:"531872289054204184185084734375133399408303613982130856645299464930952178606045848877129147820387996428175564228204785846141207532462936339834139412401975338705794646595487324365194792822189473092273993580587964571659678084484152603881094176995594813302284232006001752128168901293560051833646881436219":10:"203956878356401977405765866929034577280193993314348263094772646453283062722701277632936616063144088173312372882677123879538709400158306567338328279154499698366071906766440037074217117805690872792848149112022286332144876183376326512083574821647933992961249917319836219304274280243803104015000563790123":10:"327915410697802206779318867446098822128109620667782593550526818477669115883344571244192531757243908254863191345527661966602498132304629772495811133247475640339722739829047287290977675016498600299425844468565678239514801901107826091797519355347660820341034314686165532823894621049756947818646317646096"
-
-Test mbedtls_mpi_sub_mpi #2 (Test for negative result)
-mbedtls_mpi_sub_mpi:10:"643808006803554439230129854961492699151386107534013432918073439524138264842370630061369715394739134090922937332590384720397133335969549256322620979036686633213903952966175107096769180017646161851573147596390153":10:"56125680981752282333498088313568935051383833838594899821664631784577337171193624243181360054669678410455329112434552942717084003541384594864129940145043086760031292483340068923506115878221189886491132772739661669044958531131327771":10:"-56125680981752282332854280306765380612153703983633407122513245677043323738275550803657221789827307780393959397039813808626161066208794210143732806809073537503708671504303382290292211925255014779394363592722015507193385383534937618"
-
-Test mbedtls_mpi_sub_int #1
-mbedtls_mpi_sub_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":-9871232:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227022647561"
-
-Test mbedtls_mpi_sub_int #2
-mbedtls_mpi_sub_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":9871232:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227002905097"
-
-Test mbedtls_mpi_shift_l #1
-mbedtls_mpi_shift_l:10:"64":1:10:"128"
-
-Test mbedtls_mpi_shift_l #2
-mbedtls_mpi_shift_l:10:"658385546911733550164516088405238961461880256029834598831972039469421755117818013653494814438931957316403111689187691446941406788869098983929874080332195117465344344350008880118042764943201875870917468833709791733282363323948005998269792207":37:10:"90487820548639020691922304619723076305400961610119884872723190678642804168382367856686134531865643066983017249846286450251272364365605022750900439437595355052945035915579216557330505438734955340526145476988250171181404966718289259743378883640981192704"
-
-Test mbedtls_mpi_shift_r #1
-mbedtls_mpi_shift_r:10:"128":1:10:"64"
-
-Test mbedtls_mpi_shift_r #2
-mbedtls_mpi_shift_r:10:"120815570979701484704906977000760567182871429114712069861589084706550626575967516787438008593490722779337547394120718248995900363209947025063336882559539208430319216688889117222633155838468458047056355241515415159736436403445579777425189969":45:10:"3433785053053426415343295076376096153094051405637175942660777670498379921354157795219578264137985649407981651226029903483433269093721578004287291678324982297860947730012217028349628999378309630601971640587504883789518896817457"
-
-Test mbedtls_mpi_shift_r #4 [#1]
-mbedtls_mpi_shift_r:16:"FFFFFFFFFFFFFFFF":63:16:"01"
-
-Test mbedtls_mpi_shift_r #4 [#2]
-mbedtls_mpi_shift_r:16:"FFFFFFFFFFFFFFFF":64:16:"00"
-
-Test mbedtls_mpi_shift_r #6
-mbedtls_mpi_shift_r:16:"FFFFFFFFFFFFFFFF":65:16:"00"
-
-Test mbedtls_mpi_shift_r #7
-mbedtls_mpi_shift_r:16:"FFFFFFFFFFFFFFFF":128:16:"00"
-
-Base test mbedtls_mpi_mul_mpi #1
-mbedtls_mpi_mul_mpi:10:"5":10:"7":10:"35"
-
-Base test mbedtls_mpi_mul_mpi #2
-mbedtls_mpi_mul_mpi:10:"-5":10:"7":10:"-35"
-
-Base test mbedtls_mpi_mul_mpi #3
-mbedtls_mpi_mul_mpi:10:"5":10:"-7":10:"-35"
-
-Base test mbedtls_mpi_mul_mpi #4
-mbedtls_mpi_mul_mpi:10:"-5":10:"-7":10:"35"
-
-Test mbedtls_mpi_mul_mpi #1
-mbedtls_mpi_mul_mpi:10:"28911710017320205966167820725313234361535259163045867986277478145081076845846493521348693253530011243988160148063424837895971948244167867236923919506962312185829914482993478947657472351461336729641485069323635424692930278888923450060546465883490944265147851036817433970984747733020522259537":10:"16471581891701794764704009719057349996270239948993452268812975037240586099924712715366967486587417803753916334331355573776945238871512026832810626226164346328807407669366029926221415383560814338828449642265377822759768011406757061063524768140567867350208554439342320410551341675119078050953":10:"476221599179424887669515829231223263939342135681791605842540429321038144633323941248706405375723482912535192363845116154236465184147599697841273424891410002781967962186252583311115708128167171262206919514587899883547279647025952837516324649656913580411611297312678955801899536937577476819667861053063432906071315727948826276092545739432005962781562403795455162483159362585281248265005441715080197800335757871588045959754547836825977169125866324128449699877076762316768127816074587766799018626179199776188490087103869164122906791440101822594139648973454716256383294690817576188761"
-
-Test mbedtls_mpi_mul_int #1
-mbedtls_mpi_mul_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":9871232:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":"=="
-
-Test mbedtls_mpi_mul_int #2 (Unsigned, thus failure)
-mbedtls_mpi_mul_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":-9871232:10:"-20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":"!="
-
-Test mbedtls_mpi_mul_int #3
-mbedtls_mpi_mul_int:10:"-2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":9871232:10:"-20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":"=="
-
-Test mbedtls_mpi_mul_int #4 (Unsigned, thus failure)
-mbedtls_mpi_mul_int:10:"-2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":-9871232:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":"!="
-
-Base test mbedtls_mpi_div_mpi #1
-mbedtls_mpi_div_mpi:10:"1000":10:"13":10:"76":10:"12":0
-
-Base test mbedtls_mpi_div_mpi #2 (Divide by zero)
-mbedtls_mpi_div_mpi:10:"1000":10:"0":10:"1":10:"1":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
-
-Base test mbedtls_mpi_div_mpi #3
-mbedtls_mpi_div_mpi:10:"1000":10:"-13":10:"-76":10:"12":0
-
-Test mbedtls_mpi_div_mpi #1
-mbedtls_mpi_div_mpi:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":10:"34":10:"592148724779947824773845002981655249516095268533053127589864347174804198178334111238460803":10:"26":0
-
-Test mbedtls_mpi_div_mpi #2
-mbedtls_mpi_div_mpi:10:"476221599179424887669515829231223263939342135681791605842540429321038144633323941248706405375723482912535192363845116154236465184147599697841273424891410002781967962186252583311115708128167171262206919514587899883547279647025952837516324649656913580411611297312678955801899536937577476819667861053063432906071315727948826276092545739432005962781562403795455162483159362585281248265005441715080197800335757871588045959754547836825977169125866324128449699877076762316768127816074587766799018626179199776188490087103869164122906791440101822594139648973454716256383294690817576188762":10:"28911710017320205966167820725313234361535259163045867986277478145081076845846493521348693253530011243988160148063424837895971948244167867236923919506962312185829914482993478947657472351461336729641485069323635424692930278888923450060546465883490944265147851036817433970984747733020522259537":10:"16471581891701794764704009719057349996270239948993452268812975037240586099924712715366967486587417803753916334331355573776945238871512026832810626226164346328807407669366029926221415383560814338828449642265377822759768011406757061063524768140567867350208554439342320410551341675119078050953":10:"1":0
-
-Test mbedtls_mpi_div_mpi #3
-mbedtls_mpi_div_mpi:10:"1000":10:"7":10:"142":10:"6":0
-
-Test mbedtls_mpi_div_mpi #4
-mbedtls_mpi_div_mpi:10:"777":10:"7":10:"111":10:"0":0
-
-Base test mbedtls_mpi_div_int #1
-mbedtls_mpi_div_int:10:"1000":13:10:"76":10:"12":0
-
-Base test mbedtls_mpi_div_int #2 (Divide by zero)
-mbedtls_mpi_div_int:10:"1000":0:10:"1":10:"1":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
-
-Base test mbedtls_mpi_div_int #3
-mbedtls_mpi_div_int:10:"1000":-13:10:"-76":10:"12":0
-
-Test mbedtls_mpi_div_int #1
-mbedtls_mpi_div_int:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":34:10:"592148724779947824773845002981655249516095268533053127589864347174804198178334111238460803":10:"26":0
-
-Test mbedtls_mpi_div_int #2
-mbedtls_mpi_div_int:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":-34:10:"-592148724779947824773845002981655249516095268533053127589864347174804198178334111238460803":10:"26":0
-
-Base test mbedtls_mpi_mod_mpi #1
-mbedtls_mpi_mod_mpi:10:"1000":10:"13":10:"12":0
-
-Base test mbedtls_mpi_mod_mpi #2 (Divide by zero)
-mbedtls_mpi_mod_mpi:10:"1000":10:"0":10:"0":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
-
-Base test mbedtls_mpi_mod_mpi #3
-mbedtls_mpi_mod_mpi:10:"-1000":10:"13":10:"1":0
-
-Base test mbedtls_mpi_mod_mpi #4 (Negative modulo)
-mbedtls_mpi_mod_mpi:10:"1000":10:"-13":10:"-1":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
-
-Base test mbedtls_mpi_mod_mpi #5 (Negative modulo)
-mbedtls_mpi_mod_mpi:10:"-1000":10:"-13":10:"-12":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
-
-Base test mbedtls_mpi_mod_int #1
-mbedtls_mpi_mod_int:10:"1000":13:12:0
-
-Base test mbedtls_mpi_mod_int #2 (Divide by zero)
-mbedtls_mpi_mod_int:10:"1000":0:0:MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
-
-Base test mbedtls_mpi_mod_int #3
-mbedtls_mpi_mod_int:10:"-1000":13:1:0
-
-Base test mbedtls_mpi_mod_int #4 (Negative modulo)
-mbedtls_mpi_mod_int:10:"1000":-13:0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
-
-Base test mbedtls_mpi_mod_int #5 (Negative modulo)
-mbedtls_mpi_mod_int:10:"-1000":-13:0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
-
-Base test mbedtls_mpi_mod_int #6 (By 1)
-mbedtls_mpi_mod_int:10:"1000":1:0:0
-
-Base test mbedtls_mpi_mod_int #7 (By 2)
-mbedtls_mpi_mod_int:10:"1001":2:1:0
-
-Base test mbedtls_mpi_mod_int #8 (By 2)
-mbedtls_mpi_mod_int:10:"1000":2:0:0
-
-Base test mbedtls_mpi_exp_mod #1
-mbedtls_mpi_exp_mod:10:"23":10:"13":10:"29":10:"":10:"24":0
-
-Base test mbedtls_mpi_exp_mod #2 (Even N)
-mbedtls_mpi_exp_mod:10:"23":10:"13":10:"30":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-Base test mbedtls_mpi_exp_mod #3 (Negative N)
-mbedtls_mpi_exp_mod:10:"23":10:"13":10:"-29":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-Base test mbedtls_mpi_exp_mod #4 (Negative base)
-mbedtls_mpi_exp_mod:10:"-23":10:"13":10:"29":10:"":10:"5":0
-
-Base test mbedtls_mpi_exp_mod #5 (Negative exponent)
-mbedtls_mpi_exp_mod:10:"23":10:"-13":10:"29":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-Base test mbedtls_mpi_exp_mod #6 (Negative base + exponent)
-mbedtls_mpi_exp_mod:10:"-23":10:"-13":10:"29":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-Test mbedtls_mpi_exp_mod: MAX_SIZE exponent
-mbedtls_mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE:10:10:"":0
-
-Test mbedtls_mpi_exp_mod: MAX_SIZE + 1 exponent
-mbedtls_mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE + 1:10:10:"":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-Test mbedtls_mpi_exp_mod: MAX_SIZE modulus
-mbedtls_mpi_exp_mod_size:2:2:MBEDTLS_MPI_MAX_SIZE:10:"":0
-
-Test mbedtls_mpi_exp_mod: MAX_SIZE + 1 modulus
-mbedtls_mpi_exp_mod_size:2:2:MBEDTLS_MPI_MAX_SIZE + 1:10:"":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-Test mbedtls_mpi_exp_mod: MAX_SIZE exponent and modulus
-mbedtls_mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE:10:"":0
-
-Test mbedtls_mpi_exp_mod: MAX_SIZE + 1 exponent and modulus
-mbedtls_mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE + 1:MBEDTLS_MPI_MAX_SIZE + 1:10:"":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-Test mbedtls_mpi_exp_mod #1
-depends_on:MPI_MAX_BITS_LARGER_THAN_792
-mbedtls_mpi_exp_mod:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"583137007797276923956891216216022144052044091311388601652961409557516421612874571554415606746479105795833145583959622117418531166391184939066520869800857530421873250114773204354963864729386957427276448683092491947566992077136553066273207777134303397724679138833126700957":10:"":10:"114597449276684355144920670007147953232659436380163461553186940113929777196018164149703566472936578890991049344459204199888254907113495794730452699842273939581048142004834330369483813876618772578869083248061616444392091693787039636316845512292127097865026290173004860736":0
-
-Test mbedtls_mpi_exp_mod (Negative base) [#1]
-mbedtls_mpi_exp_mod:10:"-10000000000":10:"10000000000":10:"99999":10:"":10:"1":0
-
-Test mbedtls_mpi_exp_mod (Negative base) [#2]
-depends_on:MPI_MAX_BITS_LARGER_THAN_792
-mbedtls_mpi_exp_mod:16:"-9f13012cd92aa72fb86ac8879d2fde4f7fd661aaae43a00971f081cc60ca277059d5c37e89652e2af2585d281d66ef6a9d38a117e9608e9e7574cd142dc55278838a2161dd56db9470d4c1da2d5df15a908ee2eb886aaa890f23be16de59386663a12f1afbb325431a3e835e3fd89b98b96a6f77382f458ef9a37e1f84a03045c8676ab55291a94c2228ea15448ee96b626b998":16:"40a54d1b9e86789f06d9607fb158672d64867665c73ee9abb545fc7a785634b354c7bae5b962ce8040cf45f2c1f3d3659b2ee5ede17534c8fc2ec85c815e8df1fe7048d12c90ee31b88a68a081f17f0d8ce5f4030521e9400083bcea73a429031d4ca7949c2000d597088e0c39a6014d8bf962b73bb2e8083bd0390a4e00b9b3":16:"eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3":16:"":16:"21acc7199e1b90f9b4844ffe12c19f00ec548c5d32b21c647d48b6015d8eb9ec9db05b4f3d44db4227a2b5659c1a7cceb9d5fa8fa60376047953ce7397d90aaeb7465e14e820734f84aa52ad0fc66701bcbb991d57715806a11531268e1e83dd48288c72b424a6287e9ce4e5cc4db0dd67614aecc23b0124a5776d36e5c89483":0
-
-Base test GCD #1
-mbedtls_mpi_gcd:10:"693":10:"609":10:"21"
-
-Base test GCD #2
-mbedtls_mpi_gcd:10:"1764":10:"868":10:"28"
-
-Base test GCD #3
-mbedtls_mpi_gcd:10:"768454923":10:"542167814":10:"1"
-
-Test GCD #1
-mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1"
-
-Base test mbedtls_mpi_inv_mod #1
-mbedtls_mpi_inv_mod:10:"3":10:"11":10:"4":0
-
-Base test mbedtls_mpi_inv_mod #2
-mbedtls_mpi_inv_mod:10:"3":10:"0":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-Base test mbedtls_mpi_inv_mod #3
-mbedtls_mpi_inv_mod:10:"3":10:"-11":10:"4":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-Base test mbedtls_mpi_inv_mod #4
-mbedtls_mpi_inv_mod:10:"2":10:"4":10:"0":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
-
-Base test mbedtls_mpi_inv_mod #5
-mbedtls_mpi_inv_mod:10:"3":10:"1":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-Test mbedtls_mpi_inv_mod #1
-mbedtls_mpi_inv_mod:16:"aa4df5cb14b4c31237f98bd1faf527c283c2d0f3eec89718664ba33f9762907c":16:"fffbbd660b94412ae61ead9c2906a344116e316a256fd387874c6c675b1d587d":16:"8d6a5c1d7adeae3e94b9bcd2c47e0d46e778bc8804a2cc25c02d775dc3d05b0c":0
-
-Base test mbedtls_mpi_is_prime #1
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"0":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
-
-Base test mbedtls_mpi_is_prime #2
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"1":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
-
-Base test mbedtls_mpi_is_prime #3
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"2":0
-
-Base test mbedtls_mpi_is_prime #4
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"3":0
-
-Base test mbedtls_mpi_is_prime #5
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"4":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
-
-Base test mbedtls_mpi_is_prime #6
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"5":0
-
-Base test mbedtls_mpi_is_prime #7
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"27":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
-
-Base test mbedtls_mpi_is_prime #8
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"47":0
-
-Test mbedtls_mpi_is_prime #1a
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"83726728883146151979668243326097049289208482987685965276439157162337476477581":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
-
-Test mbedtls_mpi_is_prime #1b
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"81248637410584921454869308488899267096530643632730258201256092582281263244641":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
-
-Test mbedtls_mpi_is_prime #2a
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"827131507221654563937832686696200995595835694437983658840870036586124168186967796809117749047430768825822857042432722828096779098498192459819306321073968735177531164565305635281198148032612029767584644305912099":0
-
-Test mbedtls_mpi_is_prime #2b
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"827131507221654563937832686696200995595835694437983658840870036586124168186967796809117749047430768825822857042432722828096779098498192459819306321073968735177531164565305635281198148032612029767584644305912001":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
-
-Test mbedtls_mpi_is_prime #3
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"2833419889721787128217599":0
-
-Test mbedtls_mpi_is_prime #4
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"195845982777569926302400511":0
-
-Test mbedtls_mpi_is_prime #5 [#1]
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"4776913109852041418248056622882488319":0
-
-Test mbedtls_mpi_is_prime #5 [#2]
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"768614336404564651":0
-
-Test mbedtls_mpi_is_prime #6
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"201487636602438195784363":0
-
-Test mbedtls_mpi_is_prime #7
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"845100400152152934331135470251":0
-
-Test mbedtls_mpi_is_prime #8
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"56713727820156410577229101238628035243":0
-
-Test mbedtls_mpi_is_prime #9
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"203956878356401977405765866929034577280193993314348263094772646453283062722701277632936616063144088173312372882677123879538709400158306567338328279154499698366071906766440037074217117805690872792848149112022286332144876183376326512083574821647933992961249917319836219304274280243803104015000563790123":0
-
-Test mbedtls_mpi_is_prime #10
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"531872289054204184185084734375133399408303613982130856645299464930952178606045848877129147820387996428175564228204785846141207532462936339834139412401975338705794646595487324365194792822189473092273993580587964571659678084484152603881094176995594813302284232006001752128168901293560051833646881436219":0
-
-Test mbedtls_mpi_is_prime #11
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"319705304701141539155720137200974664666792526059405792539680974929469783512821793995613718943171723765238853752439032835985158829038528214925658918372196742089464683960239919950882355844766055365179937610326127675178857306260955550407044463370239890187189750909036833976197804646589380690779463976173":0
-
-Test mbedtls_mpi_is_prime #12
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"200603822195324642393516294012917598972967449320074999667103434371470616000652036570009912021332527788252300901905236578801044680456930305350440933538867383130165841118050781326291059830545891570648243241795871":0
-
-Test mbedtls_mpi_is_prime #13
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"827131507221654563937832686696200995595835694437983658840870036586124168186967796809117749047430768825822857042432722828096779098498192459819306321073968735177531164565305635281198148032612029767584644305912099":0
-
-Test mbedtls_mpi_is_prime #14
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"964274047248418797145090983157197980855078966882276492572788532954904112655338439361306213898569516593744267391754033306465125919199692703323878557833023573312685002670662846477592597659826113460619815244721311":0
-
-Test mbedtls_mpi_is_prime #15
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"170141183460469231731687303715884105727":0
-
-Test mbedtls_mpi_is_prime #16
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"2147483647":0
-
-Test mbedtls_mpi_is_prime #17
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"961748941":0
-
-Test mbedtls_mpi_is_prime #18
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"179424691":0
-
-Test mbedtls_mpi_is_prime #19
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"32452867":0
-
-Test mbedtls_mpi_is_prime #20
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime:10:"49979687":0
-
-Test mbedtls_mpi_is_prime_det (4 non-witnesses)
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime_det:"043BD64BA10B11DA83FBD296B04BCA9E0552FAF6E09CAC74E2D7E735ED0DB09FC47ED76145644203EE0C826013BC602F560BCDAAED557D04683859A65D659FF828A245A2C5B1AC41E01E4669A525A45E23AF":"040EA852F7935ACCECC0E87B845281F047D10DC9AAFEF990AF9D3D66770DA30B0C5B5E03EEA8C0CB79B936FE0BB8EE5389EC1D34EB16C58AA3F2E11AF084160CDF6400BE1CC179867AB074866952D9F34EE7042D27F960E715A97FCB93F3182247D0A6AE51BD21CC2F6B0651F9E572C5FB86F3137053FA85FD7A51816D69B3A53A5A438C17754836D04E98CA240B901F828332F2D72D88C497DA45F533F99A6E53EDEA6B0424EC8951B048FA9A80134B37D0A67014597934E3CFC52C5A4DD4751ADF8D66FC79E84E2A3148C4B15C17E12CB659390FD275F39A331FFC80EC699BC3F6FAB868E30E9B14575FCDAB6FAED01E00112DD28704177E09C335AD43A696FEA761E8DF3B0663277A5C3637F9060CB5E5654F72E9A6B0F369E660AD4CF7ABF4195493545B367BD55271CD4BB7D9C15D3F508FE8F7409C2126FC8E73B43A67CD4EFB21E9F15DBF040A2A8D5F5ED75CEAC12B595C0051F3EC9D5A58ACE82A9506E64F780E9836728260FFE1BFD73E8A9869E3D46A35A856D3028F7FEAB9F4F1A04449AEDC80017EE1014080D87F0B50C8EF255324CD89F7D039":82:5
-
-Test mbedtls_mpi_is_prime_det (39 non-witnesses)
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_is_prime_det:"155102B67930FBE8858DF6C0642D77D419A7B7968E622CC7500F3E3F2C5168368C50E0083187":"119B3E2C721834D83416239B04447AA18AE0163E61DCAE97054563D79E094A6FA4485BD6A0501445BF57FE9C058926CDB862E04CC1A95D79D61D9AB3466857A53E04F8D7470C9C86649B226A13DDC534E18DFD5C22FAEA317CA4D4960F18457FD6D2FFB5F3273F74C89980DC774590D8D30D1159CA81999ED94A042D67DA68C82616AD46C2C88288A8EBD0B37AC7C152D9522CA4544642AD1210F6B642FEBF43563FA872B0DEFAFC69D0B6570E8FEA9570D0AADCFA9B06CC8BFD62CEDC221541210EEEF9762448C6D49F26AA767A4D66CB168589E0201923015314E6CD4A480E5936E7CF145F73A564C5B782635B3AFC3028E2632C5D3458224A7C9E8BA1876E8F690463C878292D3DC011E9640331E7F7621F2B5E0F6713DD8C9D6767521C4BA880DA8D11C67753C8493D2C4C4F1443147550D0B25B7FAD04EAFA9F8AA60974C1365C8A794CFEECEB4279B1150909A97E5A7A10B5D91186CA5B25A612036631FE73529C8CFAE51E76FB704A772DE5320EFC1212E7A399B1FEBF57D014AF9129DFF5D2C5DFBBEEAC55F360CF6D22FA90B8E2E9AD0C71AB6495A9452A58D653B8CC26128C66B43EFBA6E39AEC5717A1A3C2AE1449FCABAFE1180B159DA55190CD81A3D9E8D798647E11B827F0A057D6DA5AAD78AB5112EE65E10E8B8B369BA24E1B8AD2CD8548C497016C07A143DE1232F8059BE303572456FA92E76A0F23D1340629228B7D27C02D3833A72745B91A3DBEB5E081117A9F19597F00E4277B414FAEA8C8CEB895C37F956A5A22F8D7A10ADA50B22BAB312504904511AA0EFDD4D3BF20ECB17E8A684564FFB5BBD5E22C429F9A75A4FB4AE468FE7612ED53C7A11212E7EF3435CC9CA6E7DB167B8CCE2BECF35F89013F8F876223C77FA81570970858663C6E32B91080AA47F9C90177F51E6FD7747B910C9489C7B6ACB070996198AD9A40A69711274159210A9A12DBAAA4FB4632446066AB70D735DC95F7C2BCE517E88C064D728DE82B1B043DF4AEE0EFF5131120A4E5B9B4180EB6F6B8A0D1491ABDA069058A9966B1A517D8E7B4997DC52A1E698FD79E271153DF1913FE6787A5D99DE69F39C3F22D26DC731CFBB33FF5C267D85D7A3DAE8E1C87E1DB2F1236212EF1942EA756967FB3D07D629E59EA4034D9A9B5E270DD4A31C8A3DFDA99C1094B5537132C196DA2AEAF5253A019B9AF25B5DCB0D4DD75C7C9C353DA9DAABFB23959A5455312E7E1C21268C1BC14E83DCFDF50C27FD3E8B4EDC04C5F3CB5FCFFF2B57151E1B1EE1A6456DC006BC43E1158674AA4CF7D146DE4A57103BE43ED130C8007294ED2418C7A2B769A7D20EBB5A8367A77B313F81BB119B9954305FF160FF83EED7F808EE6D340A5CCC000CF81AA497D315D350CCE4E86A31456B8AA85B677491FC662933DFA55EB5BFF64B8D85430D676A85D1CAFAFF383E68C4E6C22A51063739EC03FC58C36C07C44E54828BE2152B2E9AFB0F179B157D09B64C147B524BB5424BB1914419424D9100D06EDCFC718F4DF3D562E9E16C446663F35273CA7BC5426B868A80C8D415C9A12A1619CDB7CDB5BEBC70313150BDF8C3AB26B809FE62D28E798EF1EF98C410A2DA0A9071F82154AC569078B0E647E2C085D1D907E634453442803D0492D3D0C78CACB762020C0E589C8B0981321EA2771305FD0413F3B2963FCE9A232F6641DB7E12ADC009A032063C41756E5E19E5711DE12711F07AFE7545B4D83F3EFD7BFD0435297C89DF3D4AF96EBE2CE8D64B93E36EA5D7E5A0492151D0CAEE7449A7D35E1A3C83E22C3B35162C073CC3B1CF76FBDEE84270721FC042EAAEB7325110181415E2031CFB7462F15111291CDAC0560FF9F4C7341F2FA261B97CEF348D074AA2EB4DB153FE6B1410519DA4213B611999868F3B867A2B6D758D333C4989DE80782683CA26ECDE373C71524F01B76349CE8A07A5EBECBB42259CF970DDA756EC996B189FEA045FEE45F23D476960913106ECA2510B8517AA75D56FA4152B2BDDC212014E5D07FD964D6EE532F0616DF74E104659955132331FABF2D2AD265E71C93C648A956FA0A3DB21FF103D516527F2DA0E870340B61EE8A8ED913B60605EB5A67B834D0FC90564386012585609870FEF6530B3E3C037B55506F0B5694F6B0FC":38:40
-
-Test mbedtls_mpi_gen_prime (Too small)
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_gen_prime:2:0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-Test mbedtls_mpi_gen_prime (OK, minimum size)
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_gen_prime:3:0:0
-
-Test mbedtls_mpi_gen_prime (corner case limb size -1 bits)
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_gen_prime:63:0:0
-
-Test mbedtls_mpi_gen_prime (corner case limb size)
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_gen_prime:64:0:0
-
-Test mbedtls_mpi_gen_prime (corner case limb size +1 bits)
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_gen_prime:65:0:0
-
-Test mbedtls_mpi_gen_prime (Larger)
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_gen_prime:128:0:0
-
-Test mbedtls_mpi_gen_prime (Safe)
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_gen_prime:128:MBEDTLS_MPI_GEN_PRIME_FLAG_DH:0
-
-Test mbedtls_mpi_gen_prime (Safe with lower error rate)
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_gen_prime:128:MBEDTLS_MPI_GEN_PRIME_FLAG_DH | MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR:0
-
-Test mbedtls_mpi_gen_prime standard RSA #1 (lower error rate)
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_gen_prime:1024:MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR:0
-
-Test mbedtls_mpi_gen_prime standard RSA #2 (lower error rate)
-depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_gen_prime:1536:MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR:0
-
-Test bit getting (Value bit 25)
-mbedtls_mpi_get_bit:10:"49979687":25:1
-
-Test bit getting (Larger but same limb)
-mbedtls_mpi_get_bit:10:"49979687":26:0
-
-Test bit getting (Larger and non-existing limb)
-mbedtls_mpi_get_bit:10:"49979687":500:0
-
-Test bit getting (Value bit 24)
-mbedtls_mpi_get_bit:10:"49979687":24:0
-
-Test bit getting (Value bit 23)
-mbedtls_mpi_get_bit:10:"49979687":23:1
-
-Test bit set (Change existing value with a 1)
-mbedtls_mpi_set_bit:10:"49979687":24:1:10:"66756903":0
-
-Test bit set (Change existing value with a 0)
-mbedtls_mpi_set_bit:10:"49979687":25:0:10:"16425255":0
-
-Test bit set (Add above existing limbs with a 0)
-mbedtls_mpi_set_bit:10:"49979687":80:0:10:"49979687":0
-
-Test bit set (Add above existing limbs with a 1)
-mbedtls_mpi_set_bit:10:"49979687":80:1:10:"1208925819614629224685863":0
-
-Test bit set (Bit index larger than 31 with a 0)
-mbedtls_mpi_set_bit:16:"FFFFFFFFFFFFFFFF":32:0:16:"FFFFFFFEFFFFFFFF":0
-
-Test bit set (Bit index larger than 31 with a 1)
-mbedtls_mpi_set_bit:16:"00":32:1:16:"0100000000":0
-
-Test bit set (Invalid bit value)
-mbedtls_mpi_set_bit:16:"00":5:2:16:"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-Fill random: 0 bytes
-mpi_fill_random:0:0:0
-
-Fill random: 1 byte, good
-mpi_fill_random:1:1:0
-
-Fill random: 2 bytes, good, no leading zero
-mpi_fill_random:2:2:0
-
-Fill random: 2 bytes, good, 1 leading zero
-mpi_fill_random:2:256:0
-
-Fill random: MAX_SIZE - 7, good
-mpi_fill_random:MBEDTLS_MPI_MAX_SIZE - 7:MBEDTLS_MPI_MAX_SIZE - 7:0
-
-Fill random: MAX_SIZE, good
-mpi_fill_random:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE:0
-
-Fill random: 1 byte, RNG failure
-mpi_fill_random:1:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
-
-Fill random: 2 bytes, RNG failure after 1 byte
-mpi_fill_random:2:1:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
-
-Fill random: 4 bytes, RNG failure after 3 bytes
-mpi_fill_random:4:3:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
-
-Fill random: 8 bytes, RNG failure after 7 bytes
-mpi_fill_random:8:7:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
-
-Fill random: 16 bytes, RNG failure after 1 bytes
-mpi_fill_random:16:1:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
-
-Fill random: 16 bytes, RNG failure after 8 bytes
-mpi_fill_random:16:8:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
-
-Fill random: 16 bytes, RNG failure after 15 bytes
-mpi_fill_random:16:15:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
-
-Fill random: MAX_SIZE bytes, RNG failure after MAX_SIZE-1 bytes
-mpi_fill_random:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE-1:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
-
-MPI Selftest
-depends_on:MBEDTLS_SELF_TEST
-mpi_selftest:
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_mpi.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_mpi.function
deleted file mode 100644
index c5bb5a6..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_mpi.function
+++ /dev/null
@@ -1,1404 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/bignum.h"
-#include "mbedtls/entropy.h"
-
-#if MBEDTLS_MPI_MAX_BITS > 792
-#define MPI_MAX_BITS_LARGER_THAN_792
-#endif
-
-typedef struct mbedtls_test_mpi_random
-{
-    data_t *data;
-    size_t  pos;
-    size_t  chunk_len;
-} mbedtls_test_mpi_random;
-
-/*
- * This function is called by the Miller-Rabin primality test each time it
- * chooses a random witness. The witnesses (or non-witnesses as provided by the
- * test) are stored in the data member of the state structure. Each number is in
- * the format that mbedtls_mpi_read_string understands and is chunk_len long.
- */
-int mbedtls_test_mpi_miller_rabin_determinizer( void* state,
-                                                unsigned char* buf,
-                                                size_t len )
-{
-    mbedtls_test_mpi_random *random = (mbedtls_test_mpi_random*) state;
-
-    if( random == NULL || random->data->x == NULL || buf == NULL )
-        return( -1 );
-
-    if( random->pos + random->chunk_len > random->data->len
-            || random->chunk_len > len )
-    {
-        return( -1 );
-    }
-
-    memset( buf, 0, len );
-
-    /* The witness is written to the end of the buffer, since the buffer is
-     * used as big endian, unsigned binary data in mbedtls_mpi_read_binary.
-     * Writing the witness to the start of the buffer would result in the
-     * buffer being 'witness 000...000', which would be treated as
-     * witness * 2^n for some n. */
-    memcpy( buf + len - random->chunk_len, &random->data->x[random->pos],
-            random->chunk_len );
-
-    random->pos += random->chunk_len;
-
-    return( 0 );
-}
-
-/* Random generator that is told how many bytes to return. */
-static int f_rng_bytes_left( void *state, unsigned char *buf, size_t len )
-{
-    size_t *bytes_left = state;
-    size_t i;
-    for( i = 0; i < len; i++ )
-    {
-        if( *bytes_left == 0 )
-            return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
-        buf[i] = *bytes_left & 0xff;
-        --( *bytes_left );
-    }
-    return( 0 );
-}
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_BIGNUM_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void mpi_valid_param( )
-{
-    TEST_VALID_PARAM( mbedtls_mpi_free( NULL ) );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void mpi_invalid_param( )
-{
-    mbedtls_mpi X;
-    const char *s_in = "00101000101010";
-    char s_out[16] = { 0 };
-    unsigned char u_out[16] = { 0 };
-    unsigned char u_in[16] = { 0 };
-    size_t olen;
-    mbedtls_mpi_uint mpi_uint;
-
-    TEST_INVALID_PARAM( mbedtls_mpi_init( NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_grow( NULL, 42 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_copy( NULL, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_copy( &X, NULL ) );
-
-    TEST_INVALID_PARAM( mbedtls_mpi_swap( NULL, &X ) );
-    TEST_INVALID_PARAM( mbedtls_mpi_swap( &X, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_safe_cond_assign( NULL, &X, 0 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_safe_cond_assign( &X, NULL, 0 ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_safe_cond_swap( NULL, &X, 0 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_safe_cond_swap( &X, NULL, 0 ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_lset( NULL, 42 ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_get_bit( NULL, 42 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_set_bit( NULL, 42, 0 ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_read_string( NULL, 2, s_in ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_read_string( &X, 2, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_write_string( NULL, 2,
-                                                      s_out, sizeof( s_out ),
-                                                      &olen ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_write_string( &X, 2,
-                                                      NULL, sizeof( s_out ),
-                                                      &olen ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_write_string( &X, 2,
-                                                      s_out, sizeof( s_out ),
-                                                      NULL ) );
-
-#if defined(MBEDTLS_FS_IO)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_read_file( NULL, 2, stdin ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_read_file( &X, 2, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_write_file( "", NULL, 2, NULL ) );
-#endif /* MBEDTLS_FS_IO */
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_read_binary( NULL, u_in,
-                                                     sizeof( u_in ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_read_binary( &X, NULL,
-                                                     sizeof( u_in ) ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_write_binary( NULL, u_out,
-                                                      sizeof( u_out ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_write_binary( &X, NULL,
-                                                      sizeof( u_out ) ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_shift_l( NULL, 42 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_shift_r( NULL, 42 ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_cmp_abs( NULL, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_cmp_abs( &X, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_cmp_mpi( NULL, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_cmp_mpi( &X, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_cmp_int( NULL, 42 ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_add_abs( NULL, &X, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_add_abs( &X, NULL, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_add_abs( &X, &X, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_sub_abs( NULL, &X, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_sub_abs( &X, NULL, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_sub_abs( &X, &X, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_add_mpi( NULL, &X, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_add_mpi( &X, NULL, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_add_mpi( &X, &X, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_sub_mpi( NULL, &X, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_sub_mpi( &X, NULL, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_sub_mpi( &X, &X, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_add_int( NULL, &X, 42 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_add_int( &X, NULL, 42 ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_sub_int( NULL, &X, 42 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_sub_int( &X, NULL, 42 ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_mul_mpi( NULL, &X, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_mul_mpi( &X, NULL, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_mul_mpi( &X, &X, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_mul_int( NULL, &X, 42 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_mul_int( &X, NULL, 42 ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_div_mpi( &X, &X, NULL, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_div_mpi( &X, &X, &X, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_div_int( &X, &X, NULL, 42 ) );
-
-    TEST_INVALID_PARAM_RET( 0, mbedtls_mpi_lsb( NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_mod_mpi( NULL, &X, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_mod_mpi( &X, NULL, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_mod_mpi( &X, &X, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_mod_int( NULL, &X, 42 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_mod_int( &mpi_uint, NULL, 42 ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_exp_mod( NULL, &X, &X, &X, NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_exp_mod( &X, NULL, &X, &X, NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_exp_mod( &X, &X, NULL, &X, NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_exp_mod( &X, &X, &X, NULL, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_fill_random( NULL, 42,
-                                                     mbedtls_test_rnd_std_rand,
-                                                     NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_fill_random( &X, 42, NULL, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_gcd( NULL, &X, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_gcd( &X, NULL, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_gcd( &X, &X, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_inv_mod( NULL, &X, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_inv_mod( &X, NULL, &X ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
-                            mbedtls_mpi_inv_mod( &X, &X, NULL ) );
-
-exit:
-    return;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mpi_null(  )
-{
-    mbedtls_mpi X, Y, Z;
-
-    mbedtls_mpi_init( &X );
-    mbedtls_mpi_init( &Y );
-    mbedtls_mpi_init( &Z );
-
-    TEST_ASSERT( mbedtls_mpi_get_bit( &X, 42 ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_lsb( &X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_bitlen( &X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_size( &X ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mpi_read_write_string( int radix_X, char * input_X, int radix_A,
-                            char * input_A, int output_size, int result_read,
-                            int result_write )
-{
-    mbedtls_mpi X;
-    char str[1000];
-    size_t len;
-
-    mbedtls_mpi_init( &X );
-
-    memset( str, '!', sizeof( str ) );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == result_read );
-    if( result_read == 0 )
-    {
-        TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, output_size, &len ) == result_write );
-        if( result_write == 0 )
-        {
-            TEST_ASSERT( strcasecmp( str, input_A ) == 0 );
-            TEST_ASSERT( str[len] == '!' );
-        }
-    }
-
-exit:
-    mbedtls_mpi_free( &X );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_read_binary( data_t * buf, int radix_A, char * input_A )
-{
-    mbedtls_mpi X;
-    char str[1000];
-    size_t len;
-
-    mbedtls_mpi_init( &X );
-
-
-    TEST_ASSERT( mbedtls_mpi_read_binary( &X, buf->x, buf->len ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, sizeof( str ), &len ) == 0 );
-    TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_read_binary_le( data_t * buf, int radix_A, char * input_A )
-{
-    mbedtls_mpi X;
-    char str[1000];
-    size_t len;
-
-    mbedtls_mpi_init( &X );
-
-
-    TEST_ASSERT( mbedtls_mpi_read_binary_le( &X, buf->x, buf->len ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, sizeof( str ), &len ) == 0 );
-    TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_write_binary( int radix_X, char * input_X,
-                               data_t * input_A, int output_size,
-                               int result )
-{
-    mbedtls_mpi X;
-    unsigned char buf[1000];
-    size_t buflen;
-
-    memset( buf, 0x00, 1000 );
-
-    mbedtls_mpi_init( &X );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-
-    buflen = mbedtls_mpi_size( &X );
-    if( buflen > (size_t) output_size )
-        buflen = (size_t) output_size;
-
-    TEST_ASSERT( mbedtls_mpi_write_binary( &X, buf, buflen ) == result );
-    if( result == 0)
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( buf, input_A->x,
-                                          buflen, input_A->len ) == 0 );
-    }
-
-exit:
-    mbedtls_mpi_free( &X );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_write_binary_le( int radix_X, char * input_X,
-                                  data_t * input_A, int output_size,
-                                  int result )
-{
-    mbedtls_mpi X;
-    unsigned char buf[1000];
-    size_t buflen;
-
-    memset( buf, 0x00, 1000 );
-
-    mbedtls_mpi_init( &X );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-
-    buflen = mbedtls_mpi_size( &X );
-    if( buflen > (size_t) output_size )
-        buflen = (size_t) output_size;
-
-    TEST_ASSERT( mbedtls_mpi_write_binary_le( &X, buf, buflen ) == result );
-    if( result == 0)
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( buf, input_A->x,
-                                          buflen, input_A->len ) == 0 );
-    }
-
-exit:
-    mbedtls_mpi_free( &X );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
-void mbedtls_mpi_read_file( int radix_X, char * input_file,
-                            data_t * input_A, int result )
-{
-    mbedtls_mpi X;
-    unsigned char buf[1000];
-    size_t buflen;
-    FILE *file;
-    int ret;
-
-    memset( buf, 0x00, 1000 );
-
-    mbedtls_mpi_init( &X );
-
-    file = fopen( input_file, "r" );
-    TEST_ASSERT( file != NULL );
-    ret = mbedtls_mpi_read_file( &X, radix_X, file );
-    fclose(file);
-    TEST_ASSERT( ret == result );
-
-    if( result == 0 )
-    {
-        buflen = mbedtls_mpi_size( &X );
-        TEST_ASSERT( mbedtls_mpi_write_binary( &X, buf, buflen ) == 0 );
-
-
-        TEST_ASSERT( mbedtls_test_hexcmp( buf, input_A->x,
-                                          buflen, input_A->len ) == 0 );
-    }
-
-exit:
-    mbedtls_mpi_free( &X );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
-void mbedtls_mpi_write_file( int radix_X, char * input_X, int output_radix,
-                             char * output_file )
-{
-    mbedtls_mpi X, Y;
-    FILE *file_out, *file_in;
-    int ret;
-
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-
-    file_out = fopen( output_file, "w" );
-    TEST_ASSERT( file_out != NULL );
-    ret = mbedtls_mpi_write_file( NULL, &X, output_radix, file_out );
-    fclose(file_out);
-    TEST_ASSERT( ret == 0 );
-
-    file_in = fopen( output_file, "r" );
-    TEST_ASSERT( file_in != NULL );
-    ret = mbedtls_mpi_read_file( &Y, output_radix, file_in );
-    fclose(file_in);
-    TEST_ASSERT( ret == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_get_bit( int radix_X, char * input_X, int pos, int val )
-{
-    mbedtls_mpi X;
-    mbedtls_mpi_init( &X );
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_get_bit( &X, pos ) == val );
-
-exit:
-    mbedtls_mpi_free( &X );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_set_bit( int radix_X, char * input_X, int pos, int val,
-                          int radix_Y, char * output_Y, int result )
-{
-    mbedtls_mpi X, Y;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, output_Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_set_bit( &X, pos, val ) == result );
-
-    if( result == 0 )
-    {
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 );
-    }
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_lsb( int radix_X, char * input_X, int nr_bits )
-{
-    mbedtls_mpi X;
-    mbedtls_mpi_init( &X );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_lsb( &X ) == (size_t) nr_bits );
-
-exit:
-    mbedtls_mpi_free( &X );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_bitlen( int radix_X, char * input_X, int nr_bits )
-{
-    mbedtls_mpi X;
-    mbedtls_mpi_init( &X );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_bitlen( &X ) == (size_t) nr_bits );
-
-exit:
-    mbedtls_mpi_free( &X );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_gcd( int radix_X, char * input_X, int radix_Y,
-                      char * input_Y, int radix_A, char * input_A )
-{
-    mbedtls_mpi A, X, Y, Z;
-    mbedtls_mpi_init( &A ); mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_gcd( &Z, &X, &Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &A ); mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_cmp_int( int input_X, int input_A, int result_CMP )
-{
-    mbedtls_mpi X;
-    mbedtls_mpi_init( &X  );
-
-    TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0);
-    TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_A ) == result_CMP);
-
-exit:
-    mbedtls_mpi_free( &X );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_cmp_mpi( int radix_X, char * input_X, int radix_Y,
-                          char * input_Y, int input_A )
-{
-    mbedtls_mpi X, Y;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == input_A );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_lt_mpi_ct( int size_X, char * input_X,
-                            int size_Y, char * input_Y,
-                            int input_ret, int input_err )
-{
-    unsigned ret = -1;
-    unsigned input_uret = input_ret;
-    mbedtls_mpi X, Y;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, input_Y ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_grow( &X, size_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_grow( &Y, size_Y ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_lt_mpi_ct( &X, &Y, &ret ) == input_err );
-    if( input_err == 0 )
-        TEST_ASSERT( ret == input_uret );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_cmp_abs( int radix_X, char * input_X, int radix_Y,
-                          char * input_Y, int input_A )
-{
-    mbedtls_mpi X, Y;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_abs( &X, &Y ) == input_A );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_copy_sint( int input_X, int input_Y )
-{
-    mbedtls_mpi X, Y;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
-
-    TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_lset( &Y, input_Y ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_copy( &Y, &X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_X ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_copy_binary( data_t *input_X, data_t *input_Y )
-{
-    mbedtls_mpi X, Y, X0;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &X0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_binary( &Y, input_Y->x, input_Y->len ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_binary( &X0, input_X->x, input_X->len ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_copy( &Y, &X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &X0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mpi_copy_self( int input_X )
-{
-    mbedtls_mpi X;
-    mbedtls_mpi_init( &X );
-
-    TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_copy( &X, &X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_X ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_shrink( int before, int used, int min, int after )
-{
-    mbedtls_mpi X;
-    mbedtls_mpi_init( &X );
-
-    TEST_ASSERT( mbedtls_mpi_grow( &X, before ) == 0 );
-    TEST_ASSERT( used <= before );
-    memset( X.p, 0x2a, used * sizeof( mbedtls_mpi_uint ) );
-    TEST_ASSERT( mbedtls_mpi_shrink( &X, min ) == 0 );
-    TEST_ASSERT( X.n == (size_t) after );
-
-exit:
-    mbedtls_mpi_free( &X );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_safe_cond_assign( int x_sign, char * x_str, int y_sign,
-                                   char * y_str )
-{
-    mbedtls_mpi X, Y, XX;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &XX );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x_str ) == 0 );
-    X.s = x_sign;
-    TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y_str ) == 0 );
-    Y.s = y_sign;
-    TEST_ASSERT( mbedtls_mpi_copy( &XX, &X ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &X, &Y, 0 ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &XX ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &X, &Y, 1 ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &XX );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_safe_cond_swap( int x_sign, char * x_str, int y_sign,
-                                 char * y_str )
-{
-    mbedtls_mpi X, Y, XX, YY;
-
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
-    mbedtls_mpi_init( &XX ); mbedtls_mpi_init( &YY );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x_str ) == 0 );
-    X.s = x_sign;
-    TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y_str ) == 0 );
-    Y.s = y_sign;
-
-    TEST_ASSERT( mbedtls_mpi_copy( &XX, &X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_copy( &YY, &Y ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 0 ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &XX ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &YY ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 1 ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &XX ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &YY ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
-    mbedtls_mpi_free( &XX ); mbedtls_mpi_free( &YY );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_swap_sint( int input_X, int input_Y )
-{
-    mbedtls_mpi X, Y;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
-
-    TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_lset( &Y, input_Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_Y ) == 0 );
-
-    mbedtls_mpi_swap( &X, &Y );
-    TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_X ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_swap_binary( data_t *input_X, data_t *input_Y )
-{
-    mbedtls_mpi X, Y, X0, Y0;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
-    mbedtls_mpi_init( &X0 ); mbedtls_mpi_init( &Y0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_binary( &Y, input_Y->x, input_Y->len ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_binary( &X0, input_X->x, input_X->len ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_binary( &Y0, input_Y->x, input_Y->len ) == 0 );
-
-    mbedtls_mpi_swap( &X, &Y );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
-    mbedtls_mpi_free( &X0 ); mbedtls_mpi_free( &Y0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mpi_swap_self( data_t *input_X )
-{
-    mbedtls_mpi X, X0;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &X0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_binary( &X0, input_X->x, input_X->len ) == 0 );
-
-    mbedtls_mpi_swap( &X, &X );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &X0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_add_mpi( int radix_X, char * input_X, int radix_Y,
-                          char * input_Y, int radix_A, char * input_A )
-{
-    mbedtls_mpi X, Y, Z, A;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_add_mpi( &Z, &X, &Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
-
-    /* result == first operand */
-    TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-
-    /* result == second operand */
-    TEST_ASSERT( mbedtls_mpi_add_mpi( &Y, &X, &Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_add_mpi_inplace( int radix_X, char * input_X, int radix_A,
-                                  char * input_A )
-{
-    mbedtls_mpi X, A;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_int( &X, 0 ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &A );
-}
-/* END_CASE */
-
-
-/* BEGIN_CASE */
-void mbedtls_mpi_add_abs( int radix_X, char * input_X, int radix_Y,
-                          char * input_Y, int radix_A, char * input_A )
-{
-    mbedtls_mpi X, Y, Z, A;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_add_abs( &Z, &X, &Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
-
-    /* result == first operand */
-    TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-
-    /* result == second operand */
-    TEST_ASSERT( mbedtls_mpi_add_abs( &Y, &X, &Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_add_int( int radix_X, char * input_X, int input_Y,
-                          int radix_A, char * input_A )
-{
-    mbedtls_mpi X, Z, A;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_add_int( &Z, &X, input_Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_sub_mpi( int radix_X, char * input_X, int radix_Y,
-                          char * input_Y, int radix_A, char * input_A )
-{
-    mbedtls_mpi X, Y, Z, A;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_sub_mpi( &Z, &X, &Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
-
-    /* result == first operand */
-    TEST_ASSERT( mbedtls_mpi_sub_mpi( &X, &X, &Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-
-    /* result == second operand */
-    TEST_ASSERT( mbedtls_mpi_sub_mpi( &Y, &X, &Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_sub_abs( int radix_X, char * input_X, int radix_Y,
-                          char * input_Y, int radix_A, char * input_A,
-                          int sub_result )
-{
-    mbedtls_mpi X, Y, Z, A;
-    int res;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
-
-    res = mbedtls_mpi_sub_abs( &Z, &X, &Y );
-    TEST_ASSERT( res == sub_result );
-    if( res == 0 )
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
-
-    /* result == first operand */
-    TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &Y ) == sub_result );
-    if( sub_result == 0 )
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-
-    /* result == second operand */
-    TEST_ASSERT( mbedtls_mpi_sub_abs( &Y, &X, &Y ) == sub_result );
-    if( sub_result == 0 )
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_sub_int( int radix_X, char * input_X, int input_Y,
-                          int radix_A, char * input_A )
-{
-    mbedtls_mpi X, Z, A;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_sub_int( &Z, &X, input_Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_mul_mpi( int radix_X, char * input_X, int radix_Y,
-                          char * input_Y, int radix_A, char * input_A )
-{
-    mbedtls_mpi X, Y, Z, A;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_mul_mpi( &Z, &X, &Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_mul_int( int radix_X, char * input_X, int input_Y,
-                          int radix_A, char * input_A,
-                          char * result_comparison )
-{
-    mbedtls_mpi X, Z, A;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_mul_int( &Z, &X, input_Y ) == 0 );
-    if( strcmp( result_comparison, "==" ) == 0 )
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
-    else if( strcmp( result_comparison, "!=" ) == 0 )
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) != 0 );
-    else
-        TEST_ASSERT( "unknown operator" == 0 );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_div_mpi( int radix_X, char * input_X, int radix_Y,
-                          char * input_Y, int radix_A, char * input_A,
-                          int radix_B, char * input_B, int div_result )
-{
-    mbedtls_mpi X, Y, Q, R, A, B;
-    int res;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &R );
-    mbedtls_mpi_init( &A ); mbedtls_mpi_init( &B );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &B, radix_B, input_B ) == 0 );
-    res = mbedtls_mpi_div_mpi( &Q, &R, &X, &Y );
-    TEST_ASSERT( res == div_result );
-    if( res == 0 )
-    {
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &A ) == 0 );
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &B ) == 0 );
-    }
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &R );
-    mbedtls_mpi_free( &A ); mbedtls_mpi_free( &B );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_div_int( int radix_X, char * input_X, int input_Y,
-                          int radix_A, char * input_A, int radix_B,
-                          char * input_B, int div_result )
-{
-    mbedtls_mpi X, Q, R, A, B;
-    int res;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &R ); mbedtls_mpi_init( &A );
-    mbedtls_mpi_init( &B );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &B, radix_B, input_B ) == 0 );
-    res = mbedtls_mpi_div_int( &Q, &R, &X, input_Y );
-    TEST_ASSERT( res == div_result );
-    if( res == 0 )
-    {
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &A ) == 0 );
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &B ) == 0 );
-    }
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &R ); mbedtls_mpi_free( &A );
-    mbedtls_mpi_free( &B );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_mod_mpi( int radix_X, char * input_X, int radix_Y,
-                          char * input_Y, int radix_A, char * input_A,
-                          int div_result )
-{
-    mbedtls_mpi X, Y, A;
-    int res;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &A );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
-    res = mbedtls_mpi_mod_mpi( &X, &X, &Y );
-    TEST_ASSERT( res == div_result );
-    if( res == 0 )
-    {
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
-    }
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &A );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_mod_int( int radix_X, char * input_X, int input_Y,
-                          int input_A, int div_result )
-{
-    mbedtls_mpi X;
-    int res;
-    mbedtls_mpi_uint r;
-    mbedtls_mpi_init( &X );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    res = mbedtls_mpi_mod_int( &r, &X, input_Y );
-    TEST_ASSERT( res == div_result );
-    if( res == 0 )
-    {
-        TEST_ASSERT( r == (mbedtls_mpi_uint) input_A );
-    }
-
-exit:
-    mbedtls_mpi_free( &X );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_exp_mod( int radix_A, char * input_A, int radix_E,
-                          char * input_E, int radix_N, char * input_N,
-                          int radix_RR, char * input_RR, int radix_X,
-                          char * input_X, int div_result )
-{
-    mbedtls_mpi A, E, N, RR, Z, X;
-    int res;
-    mbedtls_mpi_init( &A  ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N );
-    mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &X );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-
-    if( strlen( input_RR ) )
-        TEST_ASSERT( mbedtls_mpi_read_string( &RR, radix_RR, input_RR ) == 0 );
-
-    res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR );
-    TEST_ASSERT( res == div_result );
-    if( res == 0 )
-    {
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 );
-    }
-
-exit:
-    mbedtls_mpi_free( &A  ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &N );
-    mbedtls_mpi_free( &RR ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &X );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_exp_mod_size( int A_bytes, int E_bytes, int N_bytes,
-                               int radix_RR, char * input_RR, int exp_result )
-{
-    mbedtls_mpi A, E, N, RR, Z;
-    mbedtls_mpi_init( &A  ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N );
-    mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &Z );
-
-    /* Set A to 2^(A_bytes - 1) + 1 */
-    TEST_ASSERT( mbedtls_mpi_lset( &A, 1 ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_shift_l( &A, ( A_bytes * 8 ) - 1 ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_set_bit( &A, 0, 1 ) == 0 );
-
-    /* Set E to 2^(E_bytes - 1) + 1 */
-    TEST_ASSERT( mbedtls_mpi_lset( &E, 1 ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_shift_l( &E, ( E_bytes * 8 ) - 1 ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 1 ) == 0 );
-
-    /* Set N to 2^(N_bytes - 1) + 1 */
-    TEST_ASSERT( mbedtls_mpi_lset( &N, 1 ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_shift_l( &N, ( N_bytes * 8 ) - 1 ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_set_bit( &N, 0, 1 ) == 0 );
-
-    if( strlen( input_RR ) )
-        TEST_ASSERT( mbedtls_mpi_read_string( &RR, radix_RR, input_RR ) == 0 );
-
-    TEST_ASSERT( mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR ) == exp_result );
-
-exit:
-    mbedtls_mpi_free( &A  ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &N );
-    mbedtls_mpi_free( &RR ); mbedtls_mpi_free( &Z );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_inv_mod( int radix_X, char * input_X, int radix_Y,
-                          char * input_Y, int radix_A, char * input_A,
-                          int div_result )
-{
-    mbedtls_mpi X, Y, Z, A;
-    int res;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
-    res = mbedtls_mpi_inv_mod( &Z, &X, &Y );
-    TEST_ASSERT( res == div_result );
-    if( res == 0 )
-    {
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
-    }
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */
-void mbedtls_mpi_is_prime( int radix_X, char * input_X, int div_result )
-{
-    mbedtls_mpi X;
-    int res;
-    mbedtls_mpi_init( &X );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    res = mbedtls_mpi_is_prime_ext( &X, 40, mbedtls_test_rnd_std_rand, NULL );
-    TEST_ASSERT( res == div_result );
-
-exit:
-    mbedtls_mpi_free( &X );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */
-void mbedtls_mpi_is_prime_det( data_t * input_X, data_t * witnesses,
-                               int chunk_len, int rounds )
-{
-    mbedtls_mpi X;
-    int res;
-    mbedtls_test_mpi_random rand;
-
-    mbedtls_mpi_init( &X );
-    rand.data = witnesses;
-    rand.pos = 0;
-    rand.chunk_len = chunk_len;
-
-    TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 );
-    res = mbedtls_mpi_is_prime_ext( &X, rounds - 1,
-                                    mbedtls_test_mpi_miller_rabin_determinizer,
-                                    &rand );
-    TEST_ASSERT( res == 0 );
-
-    rand.data = witnesses;
-    rand.pos = 0;
-    rand.chunk_len = chunk_len;
-
-    res = mbedtls_mpi_is_prime_ext( &X, rounds,
-                                    mbedtls_test_mpi_miller_rabin_determinizer,
-                                    &rand );
-    TEST_ASSERT( res == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE );
-
-exit:
-    mbedtls_mpi_free( &X );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */
-void mbedtls_mpi_gen_prime( int bits, int flags, int ref_ret )
-{
-    mbedtls_mpi X;
-    int my_ret;
-
-    mbedtls_mpi_init( &X );
-
-    my_ret = mbedtls_mpi_gen_prime( &X, bits, flags,
-                                    mbedtls_test_rnd_std_rand, NULL );
-    TEST_ASSERT( my_ret == ref_ret );
-
-    if( ref_ret == 0 )
-    {
-        size_t actual_bits = mbedtls_mpi_bitlen( &X );
-
-        TEST_ASSERT( actual_bits >= (size_t) bits );
-        TEST_ASSERT( actual_bits <= (size_t) bits + 1 );
-
-        TEST_ASSERT( mbedtls_mpi_is_prime_ext( &X, 40,
-                                               mbedtls_test_rnd_std_rand,
-                                               NULL ) == 0 );
-        if( flags & MBEDTLS_MPI_GEN_PRIME_FLAG_DH )
-        {
-            /* X = ( X - 1 ) / 2 */
-            TEST_ASSERT( mbedtls_mpi_shift_r( &X, 1 ) == 0 );
-            TEST_ASSERT( mbedtls_mpi_is_prime_ext( &X, 40,
-                                                   mbedtls_test_rnd_std_rand,
-                                                   NULL ) == 0 );
-        }
-    }
-
-exit:
-    mbedtls_mpi_free( &X );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_shift_l( int radix_X, char * input_X, int shift_X,
-                          int radix_A, char * input_A )
-{
-    mbedtls_mpi X, A;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_shift_l( &X, shift_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &A );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_shift_r( int radix_X, char * input_X, int shift_X,
-                          int radix_A, char * input_A )
-{
-    mbedtls_mpi X, A;
-    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_shift_r( &X, shift_X ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &A );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mpi_fill_random( int wanted_bytes, int rng_bytes, int expected_ret )
-{
-    mbedtls_mpi X;
-    int ret;
-    size_t bytes_left = rng_bytes;
-    mbedtls_mpi_init( &X );
-
-    ret = mbedtls_mpi_fill_random( &X, wanted_bytes,
-                                   f_rng_bytes_left, &bytes_left );
-    TEST_ASSERT( ret == expected_ret );
-
-    if( expected_ret == 0 )
-    {
-        /* mbedtls_mpi_fill_random is documented to use bytes from the RNG
-         * as a big-endian representation of the number. We know when
-         * our RNG function returns null bytes, so we know how many
-         * leading zero bytes the number has. */
-        size_t leading_zeros = 0;
-        if( wanted_bytes > 0 && rng_bytes % 256 == 0 )
-            leading_zeros = 1;
-        TEST_ASSERT( mbedtls_mpi_size( &X ) + leading_zeros ==
-                     (size_t) wanted_bytes );
-        TEST_ASSERT( (int) bytes_left == rng_bytes - wanted_bytes );
-    }
-
-exit:
-    mbedtls_mpi_free( &X );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void mpi_selftest(  )
-{
-    TEST_ASSERT( mbedtls_mpi_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_nist_kw.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_nist_kw.function
deleted file mode 100644
index 6a81052..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_nist_kw.function
+++ /dev/null
@@ -1,316 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/nist_kw.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_NIST_KW_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */
-void mbedtls_nist_kw_self_test( )
-{
-    TEST_ASSERT( mbedtls_nist_kw_self_test( 1 ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
-void mbedtls_nist_kw_mix_contexts( )
-{
-    mbedtls_nist_kw_context ctx1, ctx2;
-    unsigned char key[16];
-    unsigned char plaintext[32];
-    unsigned char ciphertext1[40];
-    unsigned char ciphertext2[40];
-    size_t output_len, i;
-
-    memset( plaintext, 0, sizeof( plaintext ) );
-    memset( ciphertext1, 0, sizeof( ciphertext1 ) );
-    memset( ciphertext2, 0, sizeof( ciphertext2 ) );
-    memset( key, 0, sizeof( key ) );
-
-    /*
-     * 1. Check wrap and unwrap with two separate contexts
-     */
-    mbedtls_nist_kw_init( &ctx1 );
-    mbedtls_nist_kw_init( &ctx2 );
-
-    TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx1,
-                                         MBEDTLS_CIPHER_ID_AES,
-                                         key, sizeof( key ) * 8,
-                                         1 ) == 0 );
-
-    TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx1, MBEDTLS_KW_MODE_KW,
-                                       plaintext, sizeof( plaintext ),
-                                       ciphertext1, &output_len,
-                                       sizeof( ciphertext1 ) ) == 0 );
-    TEST_ASSERT( output_len == sizeof( ciphertext1 ) );
-
-    TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx2,
-                                         MBEDTLS_CIPHER_ID_AES,
-                                         key, sizeof( key ) * 8,
-                                         0 ) == 0 );
-
-    TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx2, MBEDTLS_KW_MODE_KW,
-                                         ciphertext1, output_len,
-                                         plaintext, &output_len,
-                                         sizeof( plaintext ) ) == 0 );
-
-    TEST_ASSERT( output_len == sizeof( plaintext ) );
-    for( i = 0; i < sizeof( plaintext ); i++ )
-    {
-        TEST_ASSERT( plaintext[i] == 0 );
-    }
-    mbedtls_nist_kw_free( &ctx1 );
-    mbedtls_nist_kw_free( &ctx2 );
-
-    /*
-     * 2. Check wrapping with two modes, on same context
-     */
-    mbedtls_nist_kw_init( &ctx1 );
-    mbedtls_nist_kw_init( &ctx2 );
-    output_len = sizeof( ciphertext1 );
-
-    TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx1,
-                                         MBEDTLS_CIPHER_ID_AES,
-                                         key, sizeof( key ) * 8,
-                                         1 ) == 0 );
-
-    TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx1, MBEDTLS_KW_MODE_KW,
-                                       plaintext, sizeof( plaintext ),
-                                       ciphertext1, &output_len,
-                                       sizeof( ciphertext1 ) ) == 0 );
-    TEST_ASSERT( output_len == sizeof( ciphertext1 ) );
-
-    TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx1, MBEDTLS_KW_MODE_KWP,
-                                       plaintext, sizeof( plaintext ),
-                                       ciphertext2, &output_len,
-                                       sizeof( ciphertext2 ) ) == 0 );
-
-    TEST_ASSERT( output_len == sizeof( ciphertext2 ) );
-
-    TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx2,
-                                         MBEDTLS_CIPHER_ID_AES,
-                                         key, sizeof( key ) * 8,
-                                         0 ) == 0 );
-
-    TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx2, MBEDTLS_KW_MODE_KW,
-                                         ciphertext1, sizeof( ciphertext1 ),
-                                         plaintext, &output_len,
-                                         sizeof( plaintext ) ) == 0 );
-
-    TEST_ASSERT( output_len == sizeof( plaintext ) );
-
-    for( i = 0; i < sizeof( plaintext ); i++ )
-    {
-        TEST_ASSERT( plaintext[i] == 0 );
-    }
-
-    TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx2, MBEDTLS_KW_MODE_KWP,
-                                         ciphertext2, sizeof( ciphertext2 ),
-                                         plaintext, &output_len,
-                                         sizeof( plaintext ) ) == 0 );
-
-    TEST_ASSERT( output_len == sizeof( plaintext ) );
-
-    for( i = 0; i < sizeof( plaintext ); i++ )
-    {
-        TEST_ASSERT( plaintext[i] == 0 );
-    }
-
-exit:
-    mbedtls_nist_kw_free( &ctx1 );
-    mbedtls_nist_kw_free( &ctx2 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_nist_kw_setkey( int cipher_id, int key_size,
-                             int is_wrap, int result )
-{
-    mbedtls_nist_kw_context ctx;
-    unsigned char key[32];
-    int ret;
-
-    mbedtls_nist_kw_init( &ctx );
-
-    memset( key, 0x2A, sizeof( key ) );
-    TEST_ASSERT( (unsigned) key_size <= 8 * sizeof( key ) );
-
-    ret = mbedtls_nist_kw_setkey( &ctx, cipher_id, key, key_size, is_wrap );
-    TEST_ASSERT( ret == result );
-
-exit:
-    mbedtls_nist_kw_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
-void nist_kw_plaintext_lengths( int in_len, int out_len, int mode, int res )
-{
-    mbedtls_nist_kw_context ctx;
-    unsigned char key[16];
-    unsigned char *plaintext = NULL;
-    unsigned char *ciphertext = NULL;
-    size_t output_len = out_len;
-
-    mbedtls_nist_kw_init( &ctx );
-
-    memset( key, 0, sizeof( key ) );
-
-    if( in_len != 0 )
-    {
-        plaintext = mbedtls_calloc( 1, in_len );
-        TEST_ASSERT( plaintext != NULL );
-    }
-
-    if( out_len != 0 )
-    {
-        ciphertext = mbedtls_calloc( 1, output_len );
-        TEST_ASSERT( ciphertext != NULL );
-    }
-
-    TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
-                                         key, 8 * sizeof( key ), 1 ) == 0 );
-
-    TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx, mode, plaintext, in_len,
-                                      ciphertext, &output_len,
-                                      output_len ) == res );
-    if( res == 0 )
-    {
-        if( mode == MBEDTLS_KW_MODE_KWP )
-            TEST_ASSERT( output_len == (size_t) in_len + 8 -
-                         ( in_len % 8 ) + 8 );
-        else
-            TEST_ASSERT( output_len == (size_t) in_len + 8 );
-    }
-    else
-    {
-        TEST_ASSERT( output_len == 0 );
-    }
-
-exit:
-    mbedtls_free( ciphertext );
-    mbedtls_free( plaintext );
-    mbedtls_nist_kw_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
-void nist_kw_ciphertext_lengths( int in_len, int out_len, int mode, int res )
-{
-    mbedtls_nist_kw_context ctx;
-    unsigned char key[16];
-    unsigned char *plaintext = NULL;
-    unsigned char *ciphertext = NULL;
-    int unwrap_ret;
-    size_t output_len = out_len;
-
-    mbedtls_nist_kw_init( &ctx );
-
-    memset( key, 0, sizeof( key ) );
-
-    if( out_len != 0 )
-    {
-        plaintext = mbedtls_calloc( 1, output_len );
-        TEST_ASSERT( plaintext != NULL );
-    }
-    if( in_len != 0 )
-    {
-        ciphertext = mbedtls_calloc( 1, in_len );
-        TEST_ASSERT( ciphertext != NULL );
-    }
-
-    TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
-                                         key, 8 * sizeof( key ), 0 ) == 0 );
-    unwrap_ret = mbedtls_nist_kw_unwrap( &ctx, mode, ciphertext, in_len,
-                                         plaintext, &output_len,
-                                         output_len );
-
-    if( res == 0 )
-        TEST_ASSERT( unwrap_ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED );
-    else
-        TEST_ASSERT( unwrap_ret == res );
-
-    TEST_ASSERT( output_len == 0 );
-
-exit:
-    mbedtls_free( ciphertext );
-    mbedtls_free( plaintext );
-    mbedtls_nist_kw_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_nist_kw_wrap( int cipher_id, int mode, data_t *key, data_t *msg,
-                           data_t *expected_result )
-{
-    unsigned char result[528];
-    mbedtls_nist_kw_context ctx;
-    size_t result_len, i, padlen;
-
-    mbedtls_nist_kw_init( &ctx );
-
-    memset( result, '+', sizeof( result ) );
-
-    TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, cipher_id,
-                                         key->x, key->len * 8, 1 ) == 0 );
-
-    /* Test with input == output */
-    TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx, mode, msg->x, msg->len,
-                 result, &result_len, sizeof( result ) ) == 0 );
-
-    TEST_ASSERT( result_len == expected_result->len );
-
-    TEST_ASSERT( memcmp( expected_result->x, result, result_len ) == 0 );
-
-    padlen = ( msg->len % 8 != 0 ) ? 8 - (msg->len % 8 ) : 0;
-    /* Check that the function didn't write beyond the end of the buffer. */
-    for( i = msg->len + 8 + padlen; i < sizeof( result ); i++ )
-    {
-        TEST_ASSERT( result[i] == '+' );
-    }
-
-exit:
-    mbedtls_nist_kw_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_nist_kw_unwrap( int cipher_id, int mode, data_t *key, data_t *msg,
-                             data_t *expected_result, int expected_ret )
-{
-    unsigned char result[528];
-    mbedtls_nist_kw_context ctx;
-    size_t result_len, i;
-
-    mbedtls_nist_kw_init( &ctx );
-
-    memset( result, '+', sizeof( result ) );
-
-    TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, cipher_id,
-                                         key->x, key->len * 8, 0 ) == 0 );
-
-    /* Test with input == output */
-    TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx, mode, msg->x, msg->len,
-                 result, &result_len, sizeof( result ) ) == expected_ret );
-    if( expected_ret == 0 )
-    {
-        TEST_ASSERT( result_len == expected_result->len );
-        TEST_ASSERT( memcmp( expected_result->x, result, result_len ) == 0 );
-    }
-    else
-    {
-        TEST_ASSERT( result_len == 0 );
-    }
-
-    /* Check that the function didn't write beyond the end of the buffer. */
-    for( i = msg->len - 8; i < sizeof( result ); i++ )
-    {
-        TEST_ASSERT( result[i] == '+' );
-    }
-
-exit:
-    mbedtls_nist_kw_free( &ctx );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_oid.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_oid.data
deleted file mode 100644
index 3261935..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_oid.data
+++ /dev/null
@@ -1,91 +0,0 @@
-OID get Any Policy certificate policy
-oid_get_certificate_policies:"551D2000":"Any Policy"
-
-OID get certificate policy invalid oid
-oid_get_certificate_policies:"5533445566":""
-
-OID get certificate policy wrong oid - id-ce-authorityKeyIdentifier
-oid_get_certificate_policies:"551D23":""
-
-OID get Ext Key Usage - id-kp-serverAuth
-oid_get_extended_key_usage:"2B06010505070301":"TLS Web Server Authentication"
-
-OID get Ext Key Usage - id-kp-clientAuth
-oid_get_extended_key_usage:"2B06010505070302":"TLS Web Client Authentication"
-
-OID get Ext Key Usage - id-kp-codeSigning
-oid_get_extended_key_usage:"2B06010505070303":"Code Signing"
-
-OID get Ext Key Usage - id-kp-emailProtection
-oid_get_extended_key_usage:"2B06010505070304":"E-mail Protection"
-
-OID get Ext Key Usage - id-kp-timeStamping
-oid_get_extended_key_usage:"2B06010505070308":"Time Stamping"
-
-OID get Ext Key Usage - id-kp-OCSPSigning
-oid_get_extended_key_usage:"2B06010505070309":"OCSP Signing"
-
-OID get Ext Key Usage - id-kp-wisun-fan-device
-oid_get_extended_key_usage:"2B0601040182E42501":"Wi-SUN Alliance Field Area Network (FAN)"
-
-OID get Ext Key Usage invalid oid
-oid_get_extended_key_usage:"5533445566":""
-
-OID get Ext Key Usage wrong oid - id-ce-authorityKeyIdentifier
-oid_get_extended_key_usage:"551D23":""
-
-OID get x509 extension - id-ce-basicConstraints
-oid_get_x509_extension:"551D13":MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS
-
-OID get x509 extension - id-ce-keyUsage
-oid_get_x509_extension:"551D0F":MBEDTLS_OID_X509_EXT_KEY_USAGE
-
-OID get x509 extension - id-ce-extKeyUsage
-oid_get_x509_extension:"551D25":MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE
-
-OID get x509 extension - id-ce-subjectAltName
-oid_get_x509_extension:"551D11":MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME
-
-OID get x509 extension - id-netscape-certtype
-oid_get_x509_extension:"6086480186F8420101":MBEDTLS_OID_X509_EXT_NS_CERT_TYPE
-
-OID get x509 extension - id-ce-certificatePolicies
-oid_get_x509_extension:"551D20":MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES
-
-OID get x509 extension - invalid oid
-oid_get_x509_extension:"5533445566":0
-
-OID get x509 extension - wrong oid - id-ce
-oid_get_x509_extension:"551D":0
-
-OID hash id - id-md5
-depends_on:MBEDTLS_MD5_C
-oid_get_md_alg_id:"2A864886f70d0205":MBEDTLS_MD_MD5
-
-OID hash id - id-sha1
-depends_on:MBEDTLS_SHA1_C
-oid_get_md_alg_id:"2b0e03021a":MBEDTLS_MD_SHA1
-
-OID hash id - id-sha224
-depends_on:MBEDTLS_SHA256_C
-oid_get_md_alg_id:"608648016503040204":MBEDTLS_MD_SHA224
-
-OID hash id - id-sha256
-depends_on:MBEDTLS_SHA256_C
-oid_get_md_alg_id:"608648016503040201":MBEDTLS_MD_SHA256
-
-OID hash id - id-sha384
-depends_on:MBEDTLS_SHA512_C
-oid_get_md_alg_id:"608648016503040202":MBEDTLS_MD_SHA384
-
-OID hash id - id-sha512
-depends_on:MBEDTLS_SHA512_C
-oid_get_md_alg_id:"608648016503040203":MBEDTLS_MD_SHA512
-
-OID hash id - id-ripemd160
-depends_on:MBEDTLS_RIPEMD160_C
-oid_get_md_alg_id:"2b24030201":MBEDTLS_MD_RIPEMD160
-
-OID hash id - invalid oid
-oid_get_md_alg_id:"2B864886f70d0204":-1
-
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_oid.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_oid.function
deleted file mode 100644
index 9e8d437..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_oid.function
+++ /dev/null
@@ -1,109 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/oid.h"
-#include "mbedtls/asn1.h"
-#include "mbedtls/asn1write.h"
-#include "string.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_OID_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void oid_get_certificate_policies( data_t *oid, char *result_str )
-{
-    mbedtls_asn1_buf asn1_buf = { 0, 0, NULL };
-    int ret;
-    const char *desc;
-
-    asn1_buf.tag = MBEDTLS_ASN1_OID;
-    asn1_buf.p = oid->x;
-    asn1_buf.len = oid->len;
-
-    ret = mbedtls_oid_get_certificate_policies( &asn1_buf, &desc );
-    if( strlen( result_str ) == 0 )
-    {
-        TEST_ASSERT( ret == MBEDTLS_ERR_OID_NOT_FOUND );
-    }
-    else
-    {
-        TEST_ASSERT( ret == 0 );
-        TEST_ASSERT( strcmp( ( char* )desc, result_str ) == 0 );
-    }
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void oid_get_extended_key_usage( data_t *oid, char *result_str )
-{
-    mbedtls_asn1_buf asn1_buf = { 0, 0, NULL };
-    int ret;
-    const char *desc;
-
-    asn1_buf.tag = MBEDTLS_ASN1_OID;
-    asn1_buf.p = oid->x;
-    asn1_buf.len = oid->len;
-
-    ret = mbedtls_oid_get_extended_key_usage( &asn1_buf, &desc );
-    if( strlen( result_str ) == 0 )
-    {
-        TEST_ASSERT( ret == MBEDTLS_ERR_OID_NOT_FOUND );
-    }
-    else
-    {
-        TEST_ASSERT( ret == 0 );
-        TEST_ASSERT( strcmp( ( char * )desc, result_str ) == 0 );
-    }
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void oid_get_x509_extension( data_t *oid, int exp_type )
-{
-    mbedtls_asn1_buf ext_oid = { 0, 0, NULL };
-    int ret;
-    int ext_type;
-
-    ext_oid.tag = MBEDTLS_ASN1_OID;
-    ext_oid.p = oid->x;
-    ext_oid.len = oid->len;
-
-    ret = mbedtls_oid_get_x509_ext_type( &ext_oid, &ext_type );
-    if( exp_type == 0 )
-    {
-        TEST_ASSERT( ret == MBEDTLS_ERR_OID_NOT_FOUND );
-    }
-    else
-    {
-        TEST_ASSERT( ret == 0 );
-        TEST_ASSERT( ext_type == exp_type );
-    }
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void oid_get_md_alg_id( data_t *oid, int exp_md_id )
-{
-    mbedtls_asn1_buf md_oid = { 0, 0, NULL };
-    int ret;
-    mbedtls_md_type_t md_id = 0;
-
-    md_oid.tag = MBEDTLS_ASN1_OID;
-    md_oid.p = oid->x;
-    md_oid.len = oid->len;
-
-    ret = mbedtls_oid_get_md_alg( &md_oid, &md_id );
-
-    if( exp_md_id < 0 )
-    {
-        TEST_ASSERT( ret == MBEDTLS_ERR_OID_NOT_FOUND );
-        TEST_ASSERT( md_id == 0);
-    }
-    else
-    {
-        TEST_ASSERT( ret == 0 );
-        TEST_ASSERT( (mbedtls_md_type_t)exp_md_id == md_id );
-    }
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pem.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pem.function
deleted file mode 100644
index 947f1fb..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pem.function
+++ /dev/null
@@ -1,53 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/base64.h"
-#include "mbedtls/pem.h"
-#include "mbedtls/des.h"
-#include "mbedtls/aes.h"
-/* END_HEADER */
-
-/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */
-void mbedtls_pem_write_buffer( char * start, char * end, data_t * buf,
-                               char * result_str )
-{
-    unsigned char *check_buf = NULL;
-    int ret;
-    size_t olen = 0, olen2 = 0;
-
-
-    ret = mbedtls_pem_write_buffer( start, end, buf->x, buf->len, NULL, 0, &olen );
-    TEST_ASSERT( ret == MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
-
-    check_buf = (unsigned char *) mbedtls_calloc( 1, olen );
-    TEST_ASSERT( check_buf != NULL );
-
-    ret = mbedtls_pem_write_buffer( start, end, buf->x, buf->len, check_buf, olen, &olen2 );
-
-    TEST_ASSERT( olen2 <= olen );
-    TEST_ASSERT( olen > strlen( (char*) result_str ) );
-    TEST_ASSERT( ret == 0 );
-    TEST_ASSERT( strncmp( (char *) check_buf, (char *) result_str, olen ) == 0 );
-
-exit:
-    mbedtls_free( check_buf );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_AES_C:MBEDTLS_DES_C:MBEDTLS_MD5_C:MBEDTLS_CIPHER_MODE_CBC */
-void mbedtls_pem_read_buffer( char *header, char *footer, char *data,
-                              char *pwd, int res )
-{
-    mbedtls_pem_context ctx;
-    int ret;
-    size_t use_len = 0;
-    size_t pwd_len = strlen( pwd );
-
-    mbedtls_pem_init( &ctx );
-
-    ret = mbedtls_pem_read_buffer( &ctx, header, footer, (unsigned char *)data,
-                (unsigned char *)pwd, pwd_len, &use_len );
-    TEST_ASSERT( ret == res );
-
-exit:
-    mbedtls_pem_free( &ctx );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pk.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pk.data
deleted file mode 100644
index 9ebdc7e..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pk.data
+++ /dev/null
@@ -1,309 +0,0 @@
-PK invalid parameters
-invalid_parameters:
-
-PK valid parameters
-valid_parameters:
-
-PK write valid parameters
-depends_on:MBEDTLS_RSA_C
-valid_parameters_pkwrite:"308204a20201000282010100a9021f3d406ad555538bfd36ee82652e15615e89bfb8e84590dbee881652d3f143504796125964876bfd2be046f973beddcf92e1915bed66a06f8929794580d0836ad54143775f397c09044782b0573970eda3ec15191ea8330847c10542a9fd4cc3b4dfdd061f4d1051406773130f40f86d81255f0ab153c6307e1539acf95aee7f929ea6055be7139785b52392d9d42406d50925897507dda61a8f3f0919bead652c64eb959bdcfe415e17a6da6c5b69cc02ba142c16249c4adccdd0f7526773f12da023fd7ef431ca2d70ca890b04db2ea64f706e9ecebd5889e253599e6e5a9265e2883f0c9419a3dde5e89d9513ed29dbab7012dc5aca6b17ab528254b10203010001028201001689f5e89142ae18a6ffb0513715a4b0b4a13b9e5b3729a2bd62d738c6e15cea7bf3a4d85ab2193a0628c9452bb1f0c1af8b132789df1c95e72778bf5330f5b0d915d242d5e0818e85001ed5fa93d1ce13455deb0a15438562e8e3c8d60ec1e4c9ebff9f2b36b9cde9332cc79f0d17a7ae79cc1353cd75409ad9b4b6d7ee3d82af6f3207656cf2ac98947c15c398db0cebf8dc3eef5398269480cdd09411b960273ae3f364da09af849f24aa87346c58618ea91d9d6cd1d3932c80dbfc1f0a4166a9036911999ca27761079f0ce02db02c1c909ff9b4278578d7bb1b54b2b7082fc9e864b6b394e331c0d11a9a68255565b6dd477f4119c5809839520700711102818100d7db987ad86de6a9b0749fb5da80bacde3bebd72dcc83f60a27db74f927ac3661386577bfce5b4a00ad024682401d6aad29713c8e223b53415305ca07559821099b187fdd1bad3dc4dec9da96f5fa6128331e8f7d89f1e1a788698d1a27256dc7cd392f04e531a9e38e7265bf4fd7eec01e7835e9b1a0dd8923e440381be1c2702818100c87025fff7a493c623404966fbc8b32ed164ca620ad1a0ad11ef42fd12118456017856a8b42e5d4ad36104e9dc9f8a2f3003c3957ffddb20e2f4e3fc3cf2cdddae01f57a56de4fd24b91ab6d3e5cc0e8af0473659594a6bbfdaacf958f19c8d508eac12d8977616af6877106288093d37904a139220c1bc278ea56edc086976702818043e708685c7cf5fa9b4f948e1856366d5e1f3a694f9a8e954f884c89f3823ac5798ee12657bfcaba2dac9c47464c6dc2fecc17a531be19da706fee336bb6e47b645dbc71d3eff9856bddeb1ac9b644ffbdd58d7ba9e1240f1faaf797ba8a4d58becbaf85789e1bd979fcfccc209d3db7f0416bc9eef09b3a6d86b8ce8199d4310281804f4b86ccffe49d0d8ace98fb63ea9f708b284ba483d130b6a75cb76cb4e4372d6b41774f20912319420ca4cbfc1b25a8cb5f01d6381f6ebc50ed3ef08010327f5ba2acc1ac7220b3fa6f7399314db2879b0db0b5647abd87abb01295815a5b086491b2c0d81c616ed67ef8a8ce0727f446711d7323d4147b5828a52143c43b4b028180540756beba83c20a0bda11d6dec706a71744ff28090cec079dffb507d82828038fe657f61496a20317f779cb683ce8196c29a6fe28839a282eef4de57773be56808b0c3e2ac7747e2b200b2fbf20b55258cd24622a1ce0099de098ab0855106ae087f08b0c8c346d81619400c1b4838e33ed9ff90f05db8fccf8fb7ab881ca12"
-
-PK utils: RSA 512-bit
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
-pk_utils:MBEDTLS_PK_RSA:512:512:64:"RSA"
-
-PK utils: ECKEY SECP192R1
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-pk_utils:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP192R1:192:24:"EC"
-
-PK utils: ECKEY_DH SECP192R1
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-pk_utils:MBEDTLS_PK_ECKEY_DH:MBEDTLS_ECP_DP_SECP192R1:192:24:"EC_DH"
-
-PK utils: ECKEY_DH Curve25519
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-pk_utils:MBEDTLS_PK_ECKEY_DH:MBEDTLS_ECP_DP_CURVE25519:255:32:"EC_DH"
-
-PK utils: ECKEY_DH Curve448
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE448_ENABLED
-pk_utils:MBEDTLS_PK_ECKEY_DH:MBEDTLS_ECP_DP_CURVE448:448:56:"EC_DH"
-
-PK utils: ECDSA SECP192R1
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-pk_utils:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP192R1:192:24:"ECDSA"
-
-PK utils: ECDSA SECP256R1
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-pk_utils:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:256:32:"ECDSA"
-
-PK utils: ECDSA SECP384R1
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-pk_utils:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP384R1:384:48:"ECDSA"
-
-PK utils: ECDSA SECP521R1
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-pk_utils:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP521R1:521:66:"ECDSA"
-
-PK PSA utilities: setup/free, info functions, unsupported operations
-pk_psa_utils:
-
-RSA verify test vector #1 (good)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
-pk_rsa_verify_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0
-
-RSA verify test vector #2 (bad)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
-pk_rsa_verify_test_vec:"d6248c3e96b1a7e5fea978870fcc4c9786b4e5156e16b7faef4557d667f730b8bc4c784ef00c624df5309513c3a5de8ca94c2152e0459618666d3148092562ebc256ffca45b27fd2d63c68bd5e0a0aefbe496e9e63838a361b1db6fc272464f191490bf9c029643c49d2d9cd08833b8a70b4b3431f56fb1eb55ccd39e77a9c92":MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd":MBEDTLS_ERR_RSA_VERIFY_FAILED
-
-ECDSA verify test vector #1 (good)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-pk_ec_test_vec:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP192R1:"046FDD3028FA94A863CD4F78DBFF8B3AA561FC6D9CCBBCA88E0AE6FA437F5415F957542D0717FF8B84562DAE99872EF841":"546869732073686F756C64206265207468652068617368206F662061206D6573736167652E00":"30350218185B2A7FB5CD9C9A8488B119B68B47D6EC833509CE9FA1FF021900FB7D259A744A2348BD45D241A39DC915B81CC2084100FA24":0
-
-ECDSA verify test vector #2 (bad)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-pk_ec_test_vec:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP192R1:"046FDD3028FA94A863CD4F78DBFF8B3AA561FC6D9CCBBCA88E0AE6FA437F5415F957542D0717FF8B84562DAE99872EF841":"546869732073686F756C64206265207468652068617368206F662061206D6573736167652E00":"30350218185B2A7FB5CD9C9A8488B119B68B47D6EC833509CE9FA1FF021900FB7D259A744A2348BD45D241A39DC915B81CC2084100FA25":MBEDTLS_ERR_ECP_VERIFY_FAILED
-
-EC(DSA) verify test vector #1 (good)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP192R1:"046FDD3028FA94A863CD4F78DBFF8B3AA561FC6D9CCBBCA88E0AE6FA437F5415F957542D0717FF8B84562DAE99872EF841":"546869732073686F756C64206265207468652068617368206F662061206D6573736167652E00":"30350218185B2A7FB5CD9C9A8488B119B68B47D6EC833509CE9FA1FF021900FB7D259A744A2348BD45D241A39DC915B81CC2084100FA24":0
-
-EC(DSA) verify test vector #2 (bad)
-depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP192R1:"046FDD3028FA94A863CD4F78DBFF8B3AA561FC6D9CCBBCA88E0AE6FA437F5415F957542D0717FF8B84562DAE99872EF841":"546869732073686F756C64206265207468652068617368206F662061206D6573736167652E00":"30350218185B2A7FB5CD9C9A8488B119B68B47D6EC833509CE9FA1FF021900FB7D259A744A2348BD45D241A39DC915B81CC2084100FA25":MBEDTLS_ERR_ECP_VERIFY_FAILED
-
-EC(DSA) verify test vector: good, bitlen(r) = 256
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"3046022100faecc085c6c5362b91ff1fd6dd77da80bc071bee9ff1ac0ef9509c017f13267c022100a7d0b908c938d3dd6c6a9cdc5b0a4a4ee455c519c1ff6cda959806b7e7461ba0":0
-
-EC(DSA) verify test vector: good, bitlen(r) = 255
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30450220639f36215b2ff09bb2beb871e122de74c8d5e29ce8a105aa2b95661f42803e72022100becd8f81b2c186f9d5d2c92378d7b9452ce6de231b0c8d17bac2d8537d2331fd":0
-
-EC(DSA) verify test vector: good, bitlen(r) = 248
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30450220009109f967f9082abc9c46e5ea07936529b82023a1a49b872c046f430983db2602210085f0b1960d61f8d75109b5b7ff991d3171320d2ab547104f864048455a965090":0
-
-EC(DSA) verify test vector: good, bitlen(r) = 247
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"3044021f461786833b50247b07194da6cedbd3caefbcd19c73b6283ccff5097cd0d73b022100d85d20b0b8c3b596eb1cdb0381e681fa0a8bccde4e89c139020af3b0f88e099c":0
-
-EC(DSA) verify test vector: good, bitlen(s) = 256
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30450220639f36215b2ff09bb2beb871e122de74c8d5e29ce8a105aa2b95661f42803e72022100becd8f81b2c186f9d5d2c92378d7b9452ce6de231b0c8d17bac2d8537d2331fd":0
-
-EC(DSA) verify test vector: good, bitlen(s) = 255
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"304402206ae26950c606d08fe5e1682efdccfb3a7213ca46bd523ffd20c4213fe1400d3402207612106ada7055926167650b257da7f4c42c190b8aa9e3b680f8751fe90c63a5":0
-
-EC(DSA) verify test vector: good, bitlen(s) = 248
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"3045022100fd4d718ab483827492e10b89745fad100d2dd257102b99aff179ee596a569f1f022000a1b777e32a8b4909763b615b805e59194e6196eb05719287a36eb5f17aa485":0
-
-EC(DSA) verify test vector: good, bitlen(s) = 247
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30430220685a6994daa6a14e4411b5267edc2a00beee907f2dddd956b2a5a1df791c15f8021f675db4538c000c734489ac737fddd5a739c5a23cd6c6eceea70c286ca4fac9":0
-
-ECDSA sign-verify: SECP192R1
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP192R1:0:0
-
-ECDSA sign-verify: SECP256R1
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:0:0
-
-ECDSA sign-verify: SECP384R1
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP384R1:0:0
-
-ECDSA sign-verify: SECP521R1
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP521R1:0:0
-
-ECDSA sign-verify: BP256R1
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
-pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_BP256R1:0:0
-
-ECDSA sign-verify: BP512R1
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
-pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_BP512R1:0:0
-
-EC(DSA) sign-verify: SECP192R1
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-pk_sign_verify:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP192R1:0:0
-
-EC_DH (no) sign-verify: SECP192R1
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-pk_sign_verify:MBEDTLS_PK_ECKEY_DH:MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ERR_PK_TYPE_MISMATCH:MBEDTLS_ERR_PK_TYPE_MISMATCH
-
-RSA sign-verify
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME
-pk_sign_verify:MBEDTLS_PK_RSA:512:0:0
-
-RSA encrypt test vector
-depends_on:MBEDTLS_PKCS1_V15
-pk_rsa_encrypt_test_vec:"4E636AF98E40F3ADCFCCB698F4E80B9F":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"b0c0b193ba4a5b4502bfacd1a9c2697da5510f3e3ab7274cf404418afd2c62c89b98d83bbc21c8c1bf1afe6d8bf40425e053e9c03e03a3be0edbe1eda073fade1cc286cc0305a493d98fe795634c3cad7feb513edb742d66d910c87d07f6b0055c3488bb262b5fd1ce8747af64801fb39d2d3a3e57086ffe55ab8d0a2ca86975629a0f85767a4990c532a7c2dab1647997ebb234d0b28a0008bfebfc905e7ba5b30b60566a5e0190417465efdbf549934b8f0c5c9f36b7c5b6373a47ae553ced0608a161b1b70dfa509375cf7a3598223a6d7b7a1d1a06ac74d345a9bb7c0e44c8388858a4f1d8115f2bd769ffa69020385fa286302c80e950f9e2751308666c":0
-
-RSA decrypt test vector #1
-depends_on:MBEDTLS_PKCS1_V15
-pk_rsa_decrypt_test_vec:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"4E636AF98E40F3ADCFCCB698F4E80B9F":0
-
-RSA decrypt test vector #2
-depends_on:MBEDTLS_PKCS1_V15
-pk_rsa_decrypt_test_vec:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404feb284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_INVALID_PADDING
-
-EC nocrypt
-depends_on:MBEDTLS_ECP_C
-pk_ec_nocrypt:MBEDTLS_PK_ECKEY
-
-EC-DH nocrypt
-depends_on:MBEDTLS_ECP_C
-pk_ec_nocrypt:MBEDTLS_PK_ECKEY_DH
-
-ECDSA nocrypt
-depends_on:MBEDTLS_ECDSA_C
-pk_ec_nocrypt:MBEDTLS_PK_ECDSA
-
-RSA_ALT consistency
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME
-pk_rsa_alt:
-
-Verify ext RSA #1 (PKCS1 v2.1, salt_len = ANY, OK)
-depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:0
-
-Verify ext RSA #2 (PKCS1 v2.1, salt_len = ANY, wrong message)
-depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-pk_rsa_verify_ext_test_vec:"54657374206d657373616766":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_VERIFY_FAILED
-
-Verify ext RSA #3 (PKCS1 v2.1, salt_len = 0, OK)
-depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:0:0
-
-Verify ext RSA #4 (PKCS1 v2.1, salt_len = max, OK)
-depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:94:0
-
-Verify ext RSA #5 (PKCS1 v2.1, wrong salt_len)
-depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:32:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-Verify ext RSA #6 (PKCS1 v2.1, MGF1 alg != MSG hash alg)
-depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_NONE:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:0
-
-Verify ext RSA #7 (PKCS1 v2.1, wrong MGF1 alg != MSG hash alg)
-depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C
-pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_NONE:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA1:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-Verify ext RSA #8 (PKCS1 v2.1, RSASSA-PSS without options)
-depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:-1:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_PK_BAD_INPUT_DATA
-
-Verify ext RSA #9 (PKCS1 v1.5, RSA with options)
-depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_PK_BAD_INPUT_DATA
-
-Verify ext RSA #10 (PKCS1 v1.5, RSA without options)
-depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSA:-1:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_VERIFY_FAILED
-
-Verify ext RSA #11 (PKCS1 v2.1, asking for ECDSA)
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C
-pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_ECDSA:-1:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_PK_TYPE_MISMATCH
-
-Verify ext RSA #12 (PKCS1 v1.5, good)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
-pk_rsa_verify_ext_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":MBEDTLS_PK_RSA:-1:MBEDTLS_RSA_SALT_LEN_ANY:0
-
-Check pair #1 (EC, OK)
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-mbedtls_pk_check_pair:"data_files/ec_256_pub.pem":"data_files/ec_256_prv.pem":0
-
-Check pair #2 (EC, bad)
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-mbedtls_pk_check_pair:"data_files/ec_256_pub.pem":"data_files/server5.key":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
-
-Check pair #3 (RSA, OK)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-mbedtls_pk_check_pair:"data_files/server1.pubkey":"data_files/server1.key":0
-
-Check pair #4 (RSA, bad)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-mbedtls_pk_check_pair:"data_files/server1.pubkey":"data_files/server2.key":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-Check pair #5 (RSA vs EC)
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C
-mbedtls_pk_check_pair:"data_files/ec_256_pub.pem":"data_files/server1.key":MBEDTLS_ERR_PK_TYPE_MISMATCH
-
-RSA hash_len overflow (size_t vs unsigned int)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_HAVE_INT64
-pk_rsa_overflow:
-
-ECDSA restartable sign/verify: ECDSA, max_ops=0 (disabled)
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-pk_sign_verify_restart:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":0:0:0
-
-ECDSA restartable sign/verify: ECKEY, max_ops=0 (disabled)
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":0:0:0
-
-ECDSA restartable sign/verify: ECDSA, max_ops=1
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-pk_sign_verify_restart:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":1:1:10000
-
-ECDSA restartable sign/verify: ECKEY, max_ops=1
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":1:1:10000
-
-ECDSA restartable sign/verify: ECDSA, max_ops=10000
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-pk_sign_verify_restart:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":10000:0:0
-
-ECDSA restartable sign/verify: ECKEY, max_ops=10000
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":10000:0:0
-
-ECDSA restartable sign/verify: ECDSA, max_ops=250
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-pk_sign_verify_restart:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":250:2:64
-
-ECDSA restartable sign/verify: ECKEY, max_ops=250
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":250:2:64
-
-PSA wrapped sign: SECP256R1
-depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-pk_psa_sign:MBEDTLS_ECP_DP_SECP256R1:PSA_ECC_FAMILY_SECP_R1:256
-
-PSA wrapped sign: SECP384R1
-depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-pk_psa_sign:MBEDTLS_ECP_DP_SECP384R1:PSA_ECC_FAMILY_SECP_R1:384
-
-PSA wrapped sign: SECP521R1
-depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-pk_psa_sign:MBEDTLS_ECP_DP_SECP521R1:PSA_ECC_FAMILY_SECP_R1:521
-
-PSA wrapped sign: SECP192K1
-depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED
-pk_psa_sign:MBEDTLS_ECP_DP_SECP192K1:PSA_ECC_FAMILY_SECP_K1:192
-
-## Currently buggy: https://github.com/ARMmbed/mbed-crypto/issues/336
-# PSA wrapped sign: SECP224K1
-# depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
-# pk_psa_sign:MBEDTLS_ECP_DP_SECP224K1:PSA_ECC_FAMILY_SECP_K1:224
-
-PSA wrapped sign: SECP256K1
-depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
-pk_psa_sign:MBEDTLS_ECP_DP_SECP256K1:PSA_ECC_FAMILY_SECP_K1:256
-
-PSA wrapped sign: BP256R1
-depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED
-pk_psa_sign:MBEDTLS_ECP_DP_BP256R1:PSA_ECC_FAMILY_BRAINPOOL_P_R1:256
-
-PSA wrapped sign: BP384R1
-depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED
-pk_psa_sign:MBEDTLS_ECP_DP_BP384R1:PSA_ECC_FAMILY_BRAINPOOL_P_R1:384
-
-PSA wrapped sign: BP512R1
-depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED
-pk_psa_sign:MBEDTLS_ECP_DP_BP512R1:PSA_ECC_FAMILY_BRAINPOOL_P_R1:512
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pk.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pk.function
deleted file mode 100644
index 98016c6..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pk.function
+++ /dev/null
@@ -1,1307 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/pk.h"
-
-/* For error codes */
-#include "mbedtls/asn1.h"
-#include "mbedtls/base64.h"
-#include "mbedtls/ecp.h"
-#include "mbedtls/rsa.h"
-
-#include <limits.h>
-#include <stdint.h>
-
-/* Needed only for test case data under #if defined(MBEDTLS_USE_PSA_CRYPTO),
- * but the test code generator requires test case data to be valid C code
- * unconditionally (https://github.com/ARMmbed/mbedtls/issues/2023). */
-#include "psa/crypto.h"
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "mbedtls/psa_util.h"
-#include "test/psa_crypto_helpers.h"
-#define PSA_INIT( ) PSA_ASSERT( psa_crypto_init( ) )
-#else
-/* Define empty macros so that we can use them in the preamble and teardown
- * of every test function that uses PSA conditionally based on
- * MBEDTLS_USE_PSA_CRYPTO. */
-#define PSA_INIT( ) ( (void) 0 )
-#define PSA_DONE( ) ( (void) 0 )
-#endif
-
-#define RSA_KEY_SIZE 512
-#define RSA_KEY_LEN   64
-
-/** Generate a key of the desired type.
- *
- * \param pk        The PK object to fill. It must have been initialized
- *                  with mbedtls_pk_setup().
- * \param parameter - For RSA keys, the key size in bits.
- *                  - For EC keys, the curve (\c MBEDTLS_ECP_DP_xxx).
- *
- * \return          The status from the underlying type-specific key
- *                  generation function.
- * \return          -1 if the key type is not recognized.
- */
-static int pk_genkey( mbedtls_pk_context *pk, int parameter )
-{
-    ((void) pk);
-    (void) parameter;
-
-#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
-    if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_RSA )
-        return mbedtls_rsa_gen_key( mbedtls_pk_rsa( *pk ),
-                                    mbedtls_test_rnd_std_rand, NULL,
-                                    parameter, 3 );
-#endif
-#if defined(MBEDTLS_ECP_C)
-    if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY ||
-        mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY_DH ||
-        mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECDSA )
-    {
-        int ret;
-        if( ( ret = mbedtls_ecp_group_load( &mbedtls_pk_ec( *pk )->grp,
-                                            parameter ) ) != 0 )
-            return( ret );
-
-        return mbedtls_ecp_gen_keypair( &mbedtls_pk_ec( *pk )->grp,
-                                        &mbedtls_pk_ec( *pk )->d,
-                                        &mbedtls_pk_ec( *pk )->Q,
-                                        mbedtls_test_rnd_std_rand, NULL );
-    }
-#endif
-    return( -1 );
-}
-
-#if defined(MBEDTLS_RSA_C)
-int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen,
-                       const unsigned char *input, unsigned char *output,
-                       size_t output_max_len )
-{
-    return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx,
-                                       mbedtls_test_rnd_std_rand, NULL, mode,
-                                       olen, input, output, output_max_len ) );
-}
-int mbedtls_rsa_sign_func( void *ctx,
-                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-                   int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
-                   const unsigned char *hash, unsigned char *sig )
-{
-    ((void) f_rng);
-    ((void) p_rng);
-    return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx,
-                                    mbedtls_test_rnd_std_rand, NULL, mode,
-                                    md_alg, hashlen, hash, sig ) );
-}
-size_t mbedtls_rsa_key_len_func( void *ctx )
-{
-    return( ((const mbedtls_rsa_context *) ctx)->len );
-}
-#endif /* MBEDTLS_RSA_C */
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-
-/*
- * Generate a key using PSA and return the key identifier of that key,
- * or 0 if the key generation failed.
- * The key uses NIST P-256 and is usable for signing with SHA-256.
- */
-mbedtls_svc_key_id_t pk_psa_genkey( void )
-{
-    mbedtls_svc_key_id_t key;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    const psa_key_type_t type =
-        PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 );
-    const size_t bits = 256;
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
-    psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA(PSA_ALG_SHA_256) );
-    psa_set_key_type( &attributes, type );
-    psa_set_key_bits( &attributes, bits );
-    PSA_ASSERT( psa_generate_key( &attributes, &key ) );
-
-exit:
-    return( key );
-}
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PK_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
-void pk_psa_utils(  )
-{
-    mbedtls_pk_context pk, pk2;
-    mbedtls_svc_key_id_t key;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    const char * const name = "Opaque";
-    const size_t bitlen = 256; /* harcoded in genkey() */
-
-    mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
-    unsigned char b1[1], b2[1];
-    size_t len;
-    mbedtls_pk_debug_item dbg;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    mbedtls_pk_init( &pk );
-    mbedtls_pk_init( &pk2 );
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, MBEDTLS_SVC_KEY_ID_INIT ) ==
-                 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    mbedtls_pk_free( &pk );
-    mbedtls_pk_init( &pk );
-
-    key = pk_psa_genkey();
-    if( mbedtls_svc_key_id_is_null( key ) )
-        goto exit;
-
-    TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, key ) == 0 );
-
-    TEST_ASSERT( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_OPAQUE );
-    TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 );
-
-    TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == bitlen );
-    TEST_ASSERT( mbedtls_pk_get_len( &pk ) == bitlen / 8 );
-
-    TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECKEY ) == 1 );
-    TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECDSA ) == 1 );
-    TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) == 0 );
-
-    /* unsupported operations: verify, decrypt, encrypt */
-    TEST_ASSERT( mbedtls_pk_verify( &pk, md_alg,
-                                    b1, sizeof( b1), b2, sizeof( b2 ) )
-                 == MBEDTLS_ERR_PK_TYPE_MISMATCH );
-    TEST_ASSERT( mbedtls_pk_decrypt( &pk, b1, sizeof( b1 ),
-                                     b2, &len, sizeof( b2 ),
-                                     NULL, NULL )
-                 == MBEDTLS_ERR_PK_TYPE_MISMATCH );
-    TEST_ASSERT( mbedtls_pk_encrypt( &pk, b1, sizeof( b1 ),
-                                     b2, &len, sizeof( b2 ),
-                                     NULL, NULL )
-                 == MBEDTLS_ERR_PK_TYPE_MISMATCH );
-
-    /* unsupported functions: check_pair, debug */
-    TEST_ASSERT( mbedtls_pk_setup( &pk2,
-                 mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 );
-    TEST_ASSERT( mbedtls_pk_check_pair( &pk, &pk2 )
-                 == MBEDTLS_ERR_PK_TYPE_MISMATCH );
-    TEST_ASSERT( mbedtls_pk_debug( &pk, &dbg )
-                 == MBEDTLS_ERR_PK_TYPE_MISMATCH );
-
-    /* test that freeing the context does not destroy the key */
-    mbedtls_pk_free( &pk );
-    TEST_ASSERT( PSA_SUCCESS == psa_get_key_attributes( key, &attributes ) );
-    TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) );
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    mbedtls_pk_free( &pk ); /* redundant except upon error */
-    mbedtls_pk_free( &pk2 );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-
-/* BEGIN_CASE */
-void valid_parameters( )
-{
-    mbedtls_pk_context pk;
-    unsigned char buf[1];
-    size_t len;
-    void *options = NULL;
-
-    mbedtls_pk_init( &pk );
-
-    TEST_VALID_PARAM( mbedtls_pk_free( NULL ) );
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    TEST_VALID_PARAM( mbedtls_pk_restart_free( NULL ) );
-#endif
-
-    TEST_ASSERT( mbedtls_pk_setup( &pk, NULL ) ==
-                 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    /* In informational functions, we accept NULL where a context pointer
-     * is expected because that's what the library has done forever.
-     * We do not document that NULL is accepted, so we may wish to change
-     * the behavior in a future version. */
-    TEST_ASSERT( mbedtls_pk_get_bitlen( NULL ) == 0 );
-    TEST_ASSERT( mbedtls_pk_get_len( NULL ) == 0 );
-    TEST_ASSERT( mbedtls_pk_can_do( NULL, MBEDTLS_PK_NONE ) == 0 );
-
-    TEST_ASSERT( mbedtls_pk_sign_restartable( &pk,
-                                              MBEDTLS_MD_NONE,
-                                              NULL, 0,
-                                              buf, &len,
-                                              mbedtls_test_rnd_std_rand, NULL,
-                                              NULL ) ==
-                 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_pk_sign_restartable( &pk,
-                                              MBEDTLS_MD_NONE,
-                                              NULL, 0,
-                                              buf, &len,
-                                              mbedtls_test_rnd_std_rand, NULL,
-                                              NULL ) ==
-                 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_pk_sign( &pk,
-                                  MBEDTLS_MD_NONE,
-                                  NULL, 0,
-                                  buf, &len,
-                                  mbedtls_test_rnd_std_rand, NULL ) ==
-                 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_pk_verify_restartable( &pk,
-                                                MBEDTLS_MD_NONE,
-                                                NULL, 0,
-                                                buf, sizeof( buf ),
-                                                NULL ) ==
-                 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_pk_verify( &pk,
-                                    MBEDTLS_MD_NONE,
-                                    NULL, 0,
-                                    buf, sizeof( buf ) ) ==
-                 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options,
-                                        &pk,
-                                        MBEDTLS_MD_NONE,
-                                        NULL, 0,
-                                        buf, sizeof( buf ) ) ==
-                 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_pk_encrypt( &pk,
-                                     NULL, 0,
-                                     NULL, &len, 0,
-                                     mbedtls_test_rnd_std_rand, NULL ) ==
-                 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_pk_decrypt( &pk,
-                                     NULL, 0,
-                                     NULL, &len, 0,
-                                     mbedtls_test_rnd_std_rand, NULL ) ==
-                 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_PK_PARSE_C)
-    TEST_ASSERT( mbedtls_pk_parse_key( &pk, NULL, 0, NULL, 1 ) ==
-                 MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
-
-    TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, NULL, 0 ) ==
-                 MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
-#endif /* MBEDTLS_PK_PARSE_C */
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_PK_WRITE_C */
-void valid_parameters_pkwrite( data_t *key_data )
-{
-    mbedtls_pk_context pk;
-
-    /* For the write tests to be effective, we need a valid key pair. */
-    mbedtls_pk_init( &pk );
-    TEST_ASSERT( mbedtls_pk_parse_key( &pk,
-                                       key_data->x, key_data->len,
-                                       NULL, 0 ) == 0 );
-
-    TEST_ASSERT( mbedtls_pk_write_key_der( &pk, NULL, 0 ) ==
-                 MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-    TEST_ASSERT( mbedtls_pk_write_pubkey_der( &pk, NULL, 0 ) ==
-                 MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-#if defined(MBEDTLS_PEM_WRITE_C)
-    TEST_ASSERT( mbedtls_pk_write_key_pem( &pk, NULL, 0 ) ==
-                 MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
-
-    TEST_ASSERT( mbedtls_pk_write_pubkey_pem( &pk, NULL, 0 ) ==
-                 MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
-#endif /* MBEDTLS_PEM_WRITE_C */
-
-exit:
-    mbedtls_pk_free( &pk );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void invalid_parameters( )
-{
-    size_t len;
-    unsigned char *null_buf = NULL;
-    unsigned char buf[1];
-    unsigned char *p = buf;
-    char str[1] = {0};
-    mbedtls_pk_context pk;
-    mbedtls_md_type_t valid_md = MBEDTLS_MD_SHA256;
-    void *options = buf;
-
-    (void) null_buf;
-    (void) p;
-    (void) str;
-
-    mbedtls_pk_init( &pk );
-
-    TEST_INVALID_PARAM( mbedtls_pk_init( NULL ) );
-
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    TEST_INVALID_PARAM( mbedtls_pk_restart_init( NULL ) );
-#endif
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_setup( NULL, NULL ) );
-
-#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_setup_rsa_alt( NULL, buf,
-                                                      NULL, NULL, NULL ) );
-#endif
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_verify_restartable( NULL,
-                                                           MBEDTLS_MD_NONE,
-                                                           buf, sizeof( buf ),
-                                                           buf, sizeof( buf ),
-                                                           NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_verify_restartable( &pk,
-                                                           MBEDTLS_MD_NONE,
-                                                           NULL, sizeof( buf ),
-                                                           buf, sizeof( buf ),
-                                                           NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_verify_restartable( &pk,
-                                                           valid_md,
-                                                           NULL, 0,
-                                                           buf, sizeof( buf ),
-                                                           NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_verify_restartable( &pk,
-                                                           MBEDTLS_MD_NONE,
-                                                           buf, sizeof( buf ),
-                                                           NULL, sizeof( buf ),
-                                                           NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_verify( NULL,
-                                               MBEDTLS_MD_NONE,
-                                               buf, sizeof( buf ),
-                                               buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_verify( &pk,
-                                               MBEDTLS_MD_NONE,
-                                               NULL, sizeof( buf ),
-                                               buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_verify( &pk,
-                                               valid_md,
-                                               NULL, 0,
-                                               buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_verify( &pk,
-                                               MBEDTLS_MD_NONE,
-                                               buf, sizeof( buf ),
-                                               NULL, sizeof( buf ) ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options,
-                                                   NULL,
-                                                   MBEDTLS_MD_NONE,
-                                                   buf, sizeof( buf ),
-                                                   buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options,
-                                                   &pk,
-                                                   MBEDTLS_MD_NONE,
-                                                   NULL, sizeof( buf ),
-                                                   buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options,
-                                                   &pk,
-                                                   valid_md,
-                                                   NULL, 0,
-                                                   buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options,
-                                                   &pk,
-                                                   MBEDTLS_MD_NONE,
-                                                   buf, sizeof( buf ),
-                                                   NULL, sizeof( buf ) ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-        mbedtls_pk_sign_restartable( NULL, MBEDTLS_MD_NONE, buf, sizeof( buf ),
-                                     buf, &len, mbedtls_test_rnd_std_rand,
-                                     NULL, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-        mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_NONE, NULL, sizeof( buf ),
-                                     buf, &len, mbedtls_test_rnd_std_rand,
-                                     NULL, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-        mbedtls_pk_sign_restartable( &pk, valid_md, NULL, 0, buf, &len,
-                                     mbedtls_test_rnd_std_rand, NULL, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-        mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_NONE, buf, sizeof( buf ),
-                                     NULL, &len, mbedtls_test_rnd_std_rand,
-                                     NULL, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-        mbedtls_pk_sign( NULL, MBEDTLS_MD_NONE, buf, sizeof( buf ),
-                         buf, &len, mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-        mbedtls_pk_sign( &pk, MBEDTLS_MD_NONE, NULL, sizeof( buf ),
-                         buf, &len, mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-        mbedtls_pk_sign( &pk, valid_md, NULL, 0, buf, &len,
-                         mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-        mbedtls_pk_sign( &pk, MBEDTLS_MD_NONE, buf, sizeof( buf ), NULL, &len,
-                         mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-        mbedtls_pk_decrypt( NULL, buf, sizeof( buf ), buf, &len, sizeof( buf ),
-                            mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-        mbedtls_pk_decrypt( &pk, NULL, sizeof( buf ), buf, &len, sizeof( buf ),
-                            mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-        mbedtls_pk_decrypt( &pk, buf, sizeof( buf ), NULL, &len, sizeof( buf ),
-                            mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-        mbedtls_pk_decrypt( &pk, buf, sizeof( buf ), buf, NULL, sizeof( buf ),
-                            mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-        mbedtls_pk_encrypt( NULL, buf, sizeof( buf ), buf, &len, sizeof( buf ),
-                            mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-        mbedtls_pk_encrypt( &pk, NULL, sizeof( buf ), buf, &len, sizeof( buf ),
-                            mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-        mbedtls_pk_encrypt( &pk, buf, sizeof( buf ), NULL, &len, sizeof( buf ),
-                            mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-        mbedtls_pk_encrypt( &pk, buf, sizeof( buf ), buf, NULL, sizeof( buf ),
-                            mbedtls_test_rnd_std_rand, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_check_pair( NULL, &pk ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_check_pair( &pk, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_debug( NULL, NULL ) );
-
-#if defined(MBEDTLS_PK_PARSE_C)
-#if defined(MBEDTLS_FS_IO)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_load_file( NULL, &p, &len ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_load_file( str, NULL, &len ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_load_file( str, &p, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_parse_keyfile( NULL, str, NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_parse_keyfile( &pk, NULL, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_parse_public_keyfile( NULL, str ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_parse_public_keyfile( &pk, NULL ) );
-#endif
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_parse_subpubkey( NULL, buf, &pk ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_parse_subpubkey( &null_buf, buf, &pk ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_parse_subpubkey( &p, NULL, &pk ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_parse_subpubkey( &p, buf, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_parse_key( NULL,
-                                                  buf, sizeof( buf ),
-                                                  buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_parse_key( &pk,
-                                                  NULL, sizeof( buf ),
-                                                  buf, sizeof( buf ) ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_parse_public_key( NULL,
-                                                         buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_parse_public_key( &pk,
-                                                         NULL, sizeof( buf ) ) );
-#endif /* MBEDTLS_PK_PARSE_C */
-
-#if defined(MBEDTLS_PK_WRITE_C)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_write_pubkey( NULL, p, &pk ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_write_pubkey( &null_buf, p, &pk ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_write_pubkey( &p, NULL, &pk ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_write_pubkey( &p, p, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_write_pubkey_der( NULL,
-                                                         buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_write_pubkey_der( &pk,
-                                                         NULL, sizeof( buf ) ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_write_key_der( NULL,
-                                                      buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_write_key_der( &pk,
-                                                      NULL, sizeof( buf ) ) );
-
-#if defined(MBEDTLS_PEM_WRITE_C)
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_write_pubkey_pem( NULL,
-                                                         buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_write_pubkey_pem( &pk,
-                                                         NULL, sizeof( buf ) ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_write_key_pem( NULL,
-                                                      buf, sizeof( buf ) ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
-                            mbedtls_pk_write_key_pem( &pk,
-                                                      NULL, sizeof( buf ) ) );
-#endif /* MBEDTLS_PEM_WRITE_C */
-
-#endif /* MBEDTLS_PK_WRITE_C */
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void pk_utils( int type, int parameter, int bitlen, int len, char * name )
-{
-    mbedtls_pk_context pk;
-
-    mbedtls_pk_init( &pk );
-
-    TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
-    TEST_ASSERT( pk_genkey( &pk, parameter ) == 0 );
-
-    TEST_ASSERT( (int) mbedtls_pk_get_type( &pk ) == type );
-    TEST_ASSERT( mbedtls_pk_can_do( &pk, type ) );
-    TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == (unsigned) bitlen );
-    TEST_ASSERT( mbedtls_pk_get_len( &pk ) == (unsigned) len );
-    TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 );
-
-exit:
-    mbedtls_pk_free( &pk );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_FS_IO */
-void mbedtls_pk_check_pair( char * pub_file, char * prv_file, int ret )
-{
-    mbedtls_pk_context pub, prv, alt;
-
-    mbedtls_pk_init( &pub );
-    mbedtls_pk_init( &prv );
-    mbedtls_pk_init( &alt );
-
-    TEST_ASSERT( mbedtls_pk_parse_public_keyfile( &pub, pub_file ) == 0 );
-    TEST_ASSERT( mbedtls_pk_parse_keyfile( &prv, prv_file, NULL ) == 0 );
-
-    TEST_ASSERT( mbedtls_pk_check_pair( &pub, &prv ) == ret );
-
-#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
-    if( mbedtls_pk_get_type( &prv ) == MBEDTLS_PK_RSA )
-    {
-        TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &alt, mbedtls_pk_rsa( prv ),
-                     mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func,
-                     mbedtls_rsa_key_len_func ) == 0 );
-        TEST_ASSERT( mbedtls_pk_check_pair( &pub, &alt ) == ret );
-    }
-#endif
-
-    mbedtls_pk_free( &pub );
-    mbedtls_pk_free( &prv );
-    mbedtls_pk_free( &alt );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
-void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod,
-                             int radix_N, char * input_N, int radix_E,
-                             char * input_E, data_t * result_str,
-                             int result )
-{
-    unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
-    mbedtls_rsa_context *rsa;
-    mbedtls_pk_context pk;
-    mbedtls_pk_restart_ctx *rs_ctx = NULL;
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    mbedtls_pk_restart_ctx ctx;
-
-    rs_ctx = &ctx;
-    mbedtls_pk_restart_init( rs_ctx );
-    // this setting would ensure restart would happen if ECC was used
-    mbedtls_ecp_set_max_ops( 1 );
-#endif
-
-    mbedtls_pk_init( &pk );
-
-    memset( hash_result, 0x00, MBEDTLS_MD_MAX_SIZE );
-
-    TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
-    rsa = mbedtls_pk_rsa( pk );
-
-    rsa->len = mod / 8;
-    TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
-
-
-    if( mbedtls_md_info_from_type( digest ) != NULL )
-        TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
-
-    TEST_ASSERT( mbedtls_pk_verify( &pk, digest, hash_result, 0,
-                            result_str->x, mbedtls_pk_get_len( &pk ) ) == result );
-
-    TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, digest, hash_result, 0,
-                    result_str->x, mbedtls_pk_get_len( &pk ), rs_ctx ) == result );
-
-exit:
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    mbedtls_pk_restart_free( rs_ctx );
-#endif
-    mbedtls_pk_free( &pk );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
-void pk_rsa_verify_ext_test_vec( data_t * message_str, int digest,
-                                 int mod, int radix_N, char * input_N,
-                                 int radix_E, char * input_E,
-                                 data_t * result_str, int pk_type,
-                                 int mgf1_hash_id, int salt_len, int result )
-{
-    unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
-    mbedtls_rsa_context *rsa;
-    mbedtls_pk_context pk;
-    mbedtls_pk_rsassa_pss_options pss_opts;
-    void *options;
-    size_t hash_len;
-
-    mbedtls_pk_init( &pk );
-
-    memset( hash_result, 0x00, sizeof( hash_result ) );
-
-    TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
-    rsa = mbedtls_pk_rsa( pk );
-
-    rsa->len = mod / 8;
-    TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
-
-
-    if( digest != MBEDTLS_MD_NONE )
-    {
-        TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ),
-                     message_str->x, message_str->len, hash_result ) == 0 );
-        hash_len = 0;
-    }
-    else
-    {
-        memcpy( hash_result, message_str->x, message_str->len );
-        hash_len = message_str->len;
-    }
-
-    if( mgf1_hash_id < 0 )
-    {
-        options = NULL;
-    }
-    else
-    {
-        options = &pss_opts;
-
-        pss_opts.mgf1_hash_id = mgf1_hash_id;
-        pss_opts.expected_salt_len = salt_len;
-    }
-
-    TEST_ASSERT( mbedtls_pk_verify_ext( pk_type, options, &pk,
-                                digest, hash_result, hash_len,
-                                result_str->x, mbedtls_pk_get_len( &pk ) ) == result );
-
-exit:
-    mbedtls_pk_free( &pk );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C */
-void pk_ec_test_vec( int type, int id, data_t * key, data_t * hash,
-                     data_t * sig, int ret )
-{
-    mbedtls_pk_context pk;
-    mbedtls_ecp_keypair *eckey;
-
-    mbedtls_pk_init( &pk );
-    PSA_INIT( );
-
-    TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
-
-    TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECDSA ) );
-    eckey = mbedtls_pk_ec( pk );
-
-    TEST_ASSERT( mbedtls_ecp_group_load( &eckey->grp, id ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_point_read_binary( &eckey->grp, &eckey->Q,
-                                        key->x, key->len ) == 0 );
-
-    // MBEDTLS_MD_NONE is used since it will be ignored.
-    TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_NONE,
-                            hash->x, hash->len, sig->x, sig->len ) == ret );
-
-exit:
-    mbedtls_pk_free( &pk );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC */
-void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str,
-                              char *QX_str, char *QY_str,
-                              int md_alg, char *msg, data_t *sig_check,
-                              int max_ops, int min_restart, int max_restart )
-{
-    int ret, cnt_restart;
-    mbedtls_pk_restart_ctx rs_ctx;
-    mbedtls_pk_context prv, pub;
-    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
-    unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
-    size_t hlen, slen;
-    const mbedtls_md_info_t *md_info;
-
-    mbedtls_pk_restart_init( &rs_ctx );
-    mbedtls_pk_init( &prv );
-    mbedtls_pk_init( &pub );
-    memset( hash, 0, sizeof( hash ) );
-    memset( sig, 0, sizeof( sig ) );
-
-    TEST_ASSERT( mbedtls_pk_setup( &prv, mbedtls_pk_info_from_type( pk_type ) ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( prv )->grp, grp_id ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &mbedtls_pk_ec( prv )->d, 16, d_str ) == 0 );
-
-    TEST_ASSERT( mbedtls_pk_setup( &pub, mbedtls_pk_info_from_type( pk_type ) ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( pub )->grp, grp_id ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_point_read_string( &mbedtls_pk_ec( pub )->Q, 16, QX_str, QY_str ) == 0 );
-
-    md_info = mbedtls_md_info_from_type( md_alg );
-    TEST_ASSERT( md_info != NULL );
-
-    hlen = mbedtls_md_get_size( md_info );
-    TEST_ASSERT( mbedtls_md( md_info,
-                             (const unsigned char *) msg, strlen( msg ),
-                             hash ) == 0 );
-
-    mbedtls_ecp_set_max_ops( max_ops );
-
-    slen = sizeof( sig );
-    cnt_restart = 0;
-    do {
-        ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen,
-                                            sig, &slen, NULL, NULL, &rs_ctx );
-    } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
-
-    TEST_ASSERT( ret == 0 );
-    TEST_ASSERT( slen == sig_check->len );
-    TEST_ASSERT( memcmp( sig, sig_check->x, slen ) == 0 );
-
-    TEST_ASSERT( cnt_restart >= min_restart );
-    TEST_ASSERT( cnt_restart <= max_restart );
-
-    cnt_restart = 0;
-    do {
-        ret = mbedtls_pk_verify_restartable( &pub, md_alg,
-                                 hash, hlen, sig, slen, &rs_ctx );
-    } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
-
-    TEST_ASSERT( ret == 0 );
-    TEST_ASSERT( cnt_restart >= min_restart );
-    TEST_ASSERT( cnt_restart <= max_restart );
-
-    hash[0]++;
-    do {
-        ret = mbedtls_pk_verify_restartable( &pub, md_alg,
-                                 hash, hlen, sig, slen, &rs_ctx );
-    } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
-    TEST_ASSERT( ret != 0 );
-    hash[0]--;
-
-    sig[0]++;
-    do {
-        ret = mbedtls_pk_verify_restartable( &pub, md_alg,
-                                 hash, hlen, sig, slen, &rs_ctx );
-    } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
-    TEST_ASSERT( ret != 0 );
-    sig[0]--;
-
-    /* Do we leak memory when aborting? try verify then sign
-     * This test only makes sense when we actually restart */
-    if( min_restart > 0 )
-    {
-        ret = mbedtls_pk_verify_restartable( &pub, md_alg,
-                                 hash, hlen, sig, slen, &rs_ctx );
-        TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
-        mbedtls_pk_restart_free( &rs_ctx );
-
-        slen = sizeof( sig );
-        ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen,
-                                            sig, &slen, NULL, NULL, &rs_ctx );
-        TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
-    }
-
-exit:
-    mbedtls_pk_restart_free( &rs_ctx );
-    mbedtls_pk_free( &prv );
-    mbedtls_pk_free( &pub );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
-void pk_sign_verify( int type, int parameter, int sign_ret, int verify_ret )
-{
-    mbedtls_pk_context pk;
-    size_t sig_len;
-    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
-    unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
-    void *rs_ctx = NULL;
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    mbedtls_pk_restart_ctx ctx;
-
-    rs_ctx = &ctx;
-    mbedtls_pk_restart_init( rs_ctx );
-    /* This value is large enough that the operation will complete in one run.
-     * See comments at the top of ecp_test_vect_restart in
-     * test_suite_ecp.function for estimates of operation counts. */
-    mbedtls_ecp_set_max_ops( 42000 );
-#endif
-
-    mbedtls_pk_init( &pk );
-    PSA_INIT( );
-
-    memset( hash, 0x2a, sizeof hash );
-    memset( sig, 0, sizeof sig );
-
-    TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
-    TEST_ASSERT( pk_genkey( &pk, parameter ) == 0 );
-
-    TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_SHA256,
-                 hash, sizeof hash, sig, &sig_len,
-                 mbedtls_test_rnd_std_rand, NULL, rs_ctx ) == sign_ret );
-    if( sign_ret == 0 )
-        TEST_ASSERT( sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE );
-    else
-        sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE;
-
-    TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
-                            hash, sizeof hash, sig, sig_len ) == verify_ret );
-
-    if( verify_ret == 0 )
-    {
-        hash[0]++;
-        TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
-                                hash, sizeof hash, sig, sig_len ) != 0 );
-        hash[0]--;
-
-        sig[0]++;
-        TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
-                                hash, sizeof hash, sig, sig_len ) != 0 );
-        sig[0]--;
-    }
-
-    TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash,
-                                  sig, &sig_len,
-                                  mbedtls_test_rnd_std_rand,
-                                  NULL ) == sign_ret );
-    if( sign_ret == 0 )
-        TEST_ASSERT( sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE );
-    else
-        sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE;
-
-    TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
-                 hash, sizeof hash, sig, sig_len, rs_ctx ) == verify_ret );
-
-    if( verify_ret == 0 )
-    {
-        hash[0]++;
-        TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
-                     hash, sizeof hash, sig, sig_len, rs_ctx ) != 0 );
-        hash[0]--;
-
-        sig[0]++;
-        TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
-                     hash, sizeof hash, sig, sig_len, rs_ctx ) != 0 );
-        sig[0]--;
-    }
-
-exit:
-#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
-    mbedtls_pk_restart_free( rs_ctx );
-#endif
-    mbedtls_pk_free( &pk );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
-void pk_rsa_encrypt_test_vec( data_t * message, int mod, int radix_N,
-                              char * input_N, int radix_E, char * input_E,
-                              data_t * result, int ret )
-{
-    unsigned char output[300];
-    mbedtls_test_rnd_pseudo_info rnd_info;
-    mbedtls_rsa_context *rsa;
-    mbedtls_pk_context pk;
-    size_t olen;
-
-    memset( &rnd_info,  0, sizeof( mbedtls_test_rnd_pseudo_info ) );
-    memset( output,     0, sizeof( output ) );
-
-
-    mbedtls_pk_init( &pk );
-    TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
-    rsa = mbedtls_pk_rsa( pk );
-
-    rsa->len = mod / 8;
-    TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
-
-    TEST_ASSERT( mbedtls_pk_encrypt( &pk, message->x, message->len,
-                            output, &olen, sizeof( output ),
-                            mbedtls_test_rnd_pseudo_rand, &rnd_info ) == ret );
-    TEST_ASSERT( olen == result->len );
-    TEST_ASSERT( memcmp( output, result->x, olen ) == 0 );
-
-exit:
-    mbedtls_pk_free( &pk );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
-void pk_rsa_decrypt_test_vec( data_t * cipher, int mod, int radix_P,
-                              char * input_P, int radix_Q, char * input_Q,
-                              int radix_N, char * input_N, int radix_E,
-                              char * input_E, data_t * clear, int ret )
-{
-    unsigned char output[256];
-    mbedtls_test_rnd_pseudo_info rnd_info;
-    mbedtls_mpi N, P, Q, E;
-    mbedtls_rsa_context *rsa;
-    mbedtls_pk_context pk;
-    size_t olen;
-
-    mbedtls_pk_init( &pk );
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
-    mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
-
-    memset( &rnd_info,  0, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-
-    /* init pk-rsa context */
-    TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
-    rsa = mbedtls_pk_rsa( pk );
-
-    /* load public key */
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-
-    /* load private key */
-    TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_import( rsa, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( rsa ) == (size_t) ( mod / 8 ) );
-    TEST_ASSERT( mbedtls_rsa_complete( rsa ) == 0 );
-
-    /* decryption test */
-    memset( output, 0, sizeof( output ) );
-    olen = 0;
-    TEST_ASSERT( mbedtls_pk_decrypt( &pk, cipher->x, cipher->len,
-                            output, &olen, sizeof( output ),
-                            mbedtls_test_rnd_pseudo_rand, &rnd_info ) == ret );
-    if( ret == 0 )
-    {
-        TEST_ASSERT( olen == clear->len );
-        TEST_ASSERT( memcmp( output, clear->x, olen ) == 0 );
-    }
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
-    mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
-    mbedtls_pk_free( &pk );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void pk_ec_nocrypt( int type )
-{
-    mbedtls_pk_context pk;
-    unsigned char output[100];
-    unsigned char input[100];
-    mbedtls_test_rnd_pseudo_info rnd_info;
-    size_t olen = 0;
-    int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH;
-
-    mbedtls_pk_init( &pk );
-
-    memset( &rnd_info,  0, sizeof( mbedtls_test_rnd_pseudo_info ) );
-    memset( output,     0, sizeof( output ) );
-    memset( input,      0, sizeof( input ) );
-
-    TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
-
-    TEST_ASSERT( mbedtls_pk_encrypt( &pk, input, sizeof( input ),
-                            output, &olen, sizeof( output ),
-                            mbedtls_test_rnd_pseudo_rand, &rnd_info ) == ret );
-
-    TEST_ASSERT( mbedtls_pk_decrypt( &pk, input, sizeof( input ),
-                            output, &olen, sizeof( output ),
-                            mbedtls_test_rnd_pseudo_rand, &rnd_info ) == ret );
-
-exit:
-    mbedtls_pk_free( &pk );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
-void pk_rsa_overflow( )
-{
-    mbedtls_pk_context pk;
-    size_t hash_len = SIZE_MAX, sig_len = SIZE_MAX;
-    unsigned char hash[50], sig[100];
-
-    if( SIZE_MAX <= UINT_MAX )
-        return;
-
-    memset( hash, 0x2a, sizeof hash );
-    memset( sig, 0, sizeof sig );
-
-    mbedtls_pk_init( &pk );
-
-    TEST_ASSERT( mbedtls_pk_setup( &pk,
-                 mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
-
-#if defined(MBEDTLS_PKCS1_V21)
-    TEST_ASSERT( mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, NULL, &pk,
-                    MBEDTLS_MD_NONE, hash, hash_len, sig, sig_len ) ==
-                 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-#endif /* MBEDTLS_PKCS1_V21 */
-
-    TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_NONE, hash, hash_len,
-                    sig, sig_len ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_NONE, hash, hash_len, sig,
-                                  &sig_len, mbedtls_test_rnd_std_rand, NULL )
-                 == MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-exit:
-    mbedtls_pk_free( &pk );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_PK_RSA_ALT_SUPPORT */
-void pk_rsa_alt(  )
-{
-    /*
-     * An rsa_alt context can only do private operations (decrypt, sign).
-     * Test it against the public operations (encrypt, verify) of a
-     * corresponding rsa context.
-     */
-    mbedtls_rsa_context raw;
-    mbedtls_pk_context rsa, alt;
-    mbedtls_pk_debug_item dbg_items[10];
-    unsigned char hash[50], sig[64];
-    unsigned char msg[50], ciph[64], test[50];
-    size_t sig_len, ciph_len, test_len;
-    int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH;
-
-    mbedtls_rsa_init( &raw, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE );
-    mbedtls_pk_init( &rsa ); mbedtls_pk_init( &alt );
-
-    memset( hash, 0x2a, sizeof hash );
-    memset( sig, 0, sizeof sig );
-    memset( msg, 0x2a, sizeof msg );
-    memset( ciph, 0, sizeof ciph );
-    memset( test, 0, sizeof test );
-
-    /* Initiliaze PK RSA context with random key */
-    TEST_ASSERT( mbedtls_pk_setup( &rsa,
-                              mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
-    TEST_ASSERT( pk_genkey( &rsa, RSA_KEY_SIZE ) == 0 );
-
-    /* Extract key to the raw rsa context */
-    TEST_ASSERT( mbedtls_rsa_copy( &raw, mbedtls_pk_rsa( rsa ) ) == 0 );
-
-    /* Initialize PK RSA_ALT context */
-    TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &alt, (void *) &raw,
-                 mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func, mbedtls_rsa_key_len_func ) == 0 );
-
-    /* Test administrative functions */
-    TEST_ASSERT( mbedtls_pk_can_do( &alt, MBEDTLS_PK_RSA ) );
-    TEST_ASSERT( mbedtls_pk_get_bitlen( &alt ) == RSA_KEY_SIZE );
-    TEST_ASSERT( mbedtls_pk_get_len( &alt ) == RSA_KEY_LEN );
-    TEST_ASSERT( mbedtls_pk_get_type( &alt ) == MBEDTLS_PK_RSA_ALT );
-    TEST_ASSERT( strcmp( mbedtls_pk_get_name( &alt ), "RSA-alt" ) == 0 );
-
-    /* Test signature */
-#if SIZE_MAX > UINT_MAX
-    TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, SIZE_MAX, sig,
-                                  &sig_len, mbedtls_test_rnd_std_rand, NULL )
-                 == MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-#endif /* SIZE_MAX > UINT_MAX */
-    TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, sizeof hash, sig,
-                                  &sig_len, mbedtls_test_rnd_std_rand, NULL )
-                 == 0 );
-    TEST_ASSERT( sig_len == RSA_KEY_LEN );
-    TEST_ASSERT( mbedtls_pk_verify( &rsa, MBEDTLS_MD_NONE,
-                            hash, sizeof hash, sig, sig_len ) == 0 );
-
-    /* Test decrypt */
-    TEST_ASSERT( mbedtls_pk_encrypt( &rsa, msg, sizeof msg,
-                             ciph, &ciph_len, sizeof ciph,
-                             mbedtls_test_rnd_std_rand, NULL ) == 0 );
-    TEST_ASSERT( mbedtls_pk_decrypt( &alt, ciph, ciph_len,
-                             test, &test_len, sizeof test,
-                             mbedtls_test_rnd_std_rand, NULL ) == 0 );
-    TEST_ASSERT( test_len == sizeof msg );
-    TEST_ASSERT( memcmp( test, msg, test_len ) == 0 );
-
-    /* Test forbidden operations */
-    TEST_ASSERT( mbedtls_pk_encrypt( &alt, msg, sizeof msg,
-                             ciph, &ciph_len, sizeof ciph,
-                             mbedtls_test_rnd_std_rand, NULL ) == ret );
-    TEST_ASSERT( mbedtls_pk_verify( &alt, MBEDTLS_MD_NONE,
-                            hash, sizeof hash, sig, sig_len ) == ret );
-    TEST_ASSERT( mbedtls_pk_debug( &alt, dbg_items ) == ret );
-
-exit:
-    mbedtls_rsa_free( &raw );
-    mbedtls_pk_free( &rsa ); mbedtls_pk_free( &alt );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C */
-void pk_psa_sign( int grpid_arg,
-                  int psa_curve_arg, int expected_bits_arg )
-{
-    mbedtls_ecp_group_id grpid = grpid_arg;
-    mbedtls_pk_context pk;
-    unsigned char hash[32];
-    unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
-    unsigned char pkey_legacy[200];
-    unsigned char pkey_psa[200];
-    unsigned char *pkey_legacy_start, *pkey_psa_start;
-    size_t sig_len, klen_legacy, klen_psa;
-    int ret;
-    mbedtls_svc_key_id_t key_id;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_type_t expected_type = PSA_KEY_TYPE_ECC_KEY_PAIR( psa_curve_arg );
-    size_t expected_bits = expected_bits_arg;
-
-    /*
-     * This tests making signatures with a wrapped PSA key:
-     * - generate a fresh ECP legacy PK context
-     * - wrap it in a PK context and make a signature this way
-     * - extract the public key
-     * - parse it to a PK context and verify the signature this way
-     */
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    /* Create legacy EC public/private key in PK context. */
-    mbedtls_pk_init( &pk );
-    TEST_ASSERT( mbedtls_pk_setup( &pk,
-                      mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_gen_key( grpid,
-                                      (mbedtls_ecp_keypair*) pk.pk_ctx,
-                                      mbedtls_test_rnd_std_rand, NULL ) == 0 );
-
-    /* Export underlying public key for re-importing in a legacy context. */
-    ret = mbedtls_pk_write_pubkey_der( &pk, pkey_legacy,
-                                       sizeof( pkey_legacy ) );
-    TEST_ASSERT( ret >= 0 );
-    klen_legacy = (size_t) ret;
-    /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */
-    pkey_legacy_start = pkey_legacy + sizeof( pkey_legacy ) - klen_legacy;
-
-    /* Turn PK context into an opaque one. */
-    TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &pk, &key_id,
-                                            PSA_ALG_SHA_256 ) == 0 );
-
-    PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) );
-    TEST_EQUAL( psa_get_key_type( &attributes ), expected_type );
-    TEST_EQUAL( psa_get_key_bits( &attributes ), expected_bits );
-    TEST_EQUAL( psa_get_key_lifetime( &attributes ),
-                PSA_KEY_LIFETIME_VOLATILE );
-
-    memset( hash, 0x2a, sizeof hash );
-    memset( sig, 0, sizeof sig );
-
-    TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256,
-                 hash, sizeof hash, sig, &sig_len,
-                 NULL, NULL ) == 0 );
-
-    /* Export underlying public key for re-importing in a psa context. */
-    ret = mbedtls_pk_write_pubkey_der( &pk, pkey_psa,
-                                       sizeof( pkey_psa ) );
-    TEST_ASSERT( ret >= 0 );
-    klen_psa = (size_t) ret;
-    /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */
-    pkey_psa_start = pkey_psa + sizeof( pkey_psa ) - klen_psa;
-
-    TEST_ASSERT( klen_psa == klen_legacy );
-    TEST_ASSERT( memcmp( pkey_psa_start, pkey_legacy_start, klen_psa ) == 0 );
-
-    mbedtls_pk_free( &pk );
-    TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key_id ) );
-
-    mbedtls_pk_init( &pk );
-    TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, pkey_legacy_start,
-                                              klen_legacy ) == 0 );
-    TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
-                            hash, sizeof hash, sig, sig_len ) == 0 );
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    mbedtls_pk_free( &pk );
-    PSA_DONE( );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkcs1_v15.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkcs1_v15.data
deleted file mode 100644
index b4cf09a..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkcs1_v15.data
+++ /dev/null
@@ -1,131 +0,0 @@
-RSAES-V15 Encryption input=NULL with length=0
-pkcs1_rsaes_v15_encrypt:1024:16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_NONE:"":"aafd12f659cae63489b479e5076ddec2f06cb58f67c6697351ff4aec29cdbaabf2fbe3467cc254f81be8e78d765a2e63339fc99a66320db73158a35a255d051758e95ed4abb2cdc69bb454110e827441213ddc8770e93ea141e1fc673e017e97eadc6b968f385c2aecb03bfb3267c6697351ff4aec29cdbaabf2fbe34676cac0":"42c6fce63a3b858ba89fe83004cac3651d1497c15090bf0086b9a4b9ff3bd451502838a413095aefe231832ba10bb467ae3f95c889cd8e9a6e32b4df633b2170d07a2168c086745f0017cf1d9facff2eee55af2fcb03730209173b2a0bbfb2d4c34d7ea93b3b0cb84a8a7b6371670e14482e6dcedbdd9efe66d906e0238586fe":0
-
-RSAES-V15 Decryption empty output with NULL buffer
-pkcs1_rsaes_v15_decrypt:1024:16:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":16:"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_NONE:"":"aafd12f659cae63489b479e5076ddec2f06cb58f":"42c6fce63a3b858ba89fe83004cac3651d1497c15090bf0086b9a4b9ff3bd451502838a413095aefe231832ba10bb467ae3f95c889cd8e9a6e32b4df633b2170d07a2168c086745f0017cf1d9facff2eee55af2fcb03730209173b2a0bbfb2d4c34d7ea93b3b0cb84a8a7b6371670e14482e6dcedbdd9efe66d906e0238586fe":0
-
-RSAES-V15 Encryption Test Vector Int
-pkcs1_rsaes_v15_encrypt:1024:16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49":"aafd12f659cae63489b479e5076ddec2f06cb58f67c6697351ff4aec29cdbaabf2fbe3467cc254f81be8e78d765a2e63339fc99a66320db73158a35a255d051758e95ed4abb2cdc69bb454110e827441213ddc8770e93ea141e1fc673e017e97eadc6b968f385c2aecb03bfb32":"6c5ebca6116b1e91316613fbb5e93197270a849122d549122d05815e2626f80d20f7f3f038c98295203c0f7f6bb8c3568455c67dec82bca86be86eff43b56b7ba2d15375f9a42454c2a2c709953a6e4a977462e35fd21a9c2fb3c0ad2a370f7655267bf6f04814784982988e663b869fc8588475af860d499e5a6ffdfc2c6bfd":0
-
-RSAES-V15 Decryption Test Vector Int
-pkcs1_rsaes_v15_decrypt:1024:16:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":16:"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49":"aafd12f659cae63489b479e5076ddec2f06cb58f":"28818cb14236ad18f4527e7f1f7633e96cef021bc3234475d7f61e88702b6335b42a352ed3f3267ac7c3e9ba4af17e45096c63eefd8d9a7cb42dfc52fffb2f5b8afb305b46312c2eb50634123b4437a2287ac57b7509d59a583fb741989a49f32625e9267b4641a6607b7303d35c68489db53c8d387b620d0d46a852e72ea43c":0
-
-RSAES-V15 Encryption Test Vector Data just fits
-pkcs1_rsaes_v15_encrypt:1024:16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"4293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"18cdb161f40a18509a3501b7e8ec1c7522e2490319efee8581179b5bcf3750f83a865952d078efd48f58f8060b0d43f9888b43a094fe15209451826ef797195885ff9fa3e26994eee85dbe5dd0404a71565708286027b433c88c85af555b96c34c304dc7c8278233654c022ef340042cfff55e6b15b67cfea8a5a384ef64a6ac":0
-
-RSAES-V15 Decryption Test Vector Data just fits
-pkcs1_rsaes_v15_decrypt:1024:16:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":16:"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"4293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"18cdb161f40a18509a3501b7e8ec1c7522e2490319efee8581179b5bcf3750f83a865952d078efd48f58f8060b0d43f9888b43a094fe15209451826ef797195885ff9fa3e26994eee85dbe5dd0404a71565708286027b433c88c85af555b96c34c304dc7c8278233654c022ef340042cfff55e6b15b67cfea8a5a384ef64a6ac":0
-
-RSAES-V15 Encryption Test Vector Data too long 1
-pkcs1_rsaes_v15_encrypt:1024:16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"b84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"05abded6751d620a95177abdba915027b58dd6eecf4ebe71f71c400b115e1d9e12465ace4db3cc03eb57fcbbfe017770f438cf84c10bad505919aefebfa0752087f6376b055beabf0e089fbb90e10f99c795d2d5676eea196db7f94a8fd34aedaba39fb230281bb9917cc91793eb37f84dedb2421e9680c39cfda34d4a012134":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSAES-V15 Decryption Test Vector Padding too short 7
-pkcs1_rsaes_v15_decrypt:1024:16:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":16:"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"b84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"05abded6751d620a95177abdba915027b58dd6eecf4ebe71f71c400b115e1d9e12465ace4db3cc03eb57fcbbfe017770f438cf84c10bad505919aefebfa0752087f6376b055beabf0e089fbb90e10f99c795d2d5676eea196db7f94a8fd34aedaba39fb230281bb9917cc91793eb37f84dedb2421e9680c39cfda34d4a012134":MBEDTLS_ERR_RSA_INVALID_PADDING
-
-RSAES-V15 Encryption Test Vector Data too long 3
-pkcs1_rsaes_v15_encrypt:1024:16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"aa1ab84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"10d60b8040d57d8701bacb55f2f283d54601ec24d465601ac7f7d5a2f75cac380ba78ca4ab6f3c159f3a9fd6839f5adde0333852ebf876c585664c1a58a1e6885231982f2027be6d7f08ff1807d3ceda8e41ad1f02ddf97a7458832fd13a1f431de6a4ab79e3d4b88bb1df2c5c77fcde9e7b5aa1e7bb29112eae58763127752a":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSAES-V15 Decryption Test Vector Padding too short 5
-pkcs1_rsaes_v15_decrypt:1024:16:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":16:"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"aa1ab84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"10d60b8040d57d8701bacb55f2f283d54601ec24d465601ac7f7d5a2f75cac380ba78ca4ab6f3c159f3a9fd6839f5adde0333852ebf876c585664c1a58a1e6885231982f2027be6d7f08ff1807d3ceda8e41ad1f02ddf97a7458832fd13a1f431de6a4ab79e3d4b88bb1df2c5c77fcde9e7b5aa1e7bb29112eae58763127752a":MBEDTLS_ERR_RSA_INVALID_PADDING
-
-RSAES-V15 Encryption Test Vector Data too long 8
-pkcs1_rsaes_v15_encrypt:1024:16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"a5a384ef64a6acb84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"72f98d12ddc230484179ec3022d11b3719222daaa0dc016fc3dbd6771a3f2c9fdd0560f86d616dd50ef1fa5b8c7e1fc40b5abf7b845d7795b3a6af02457b97f783360575cde7497bdf9c104650d4e9a8f4034406de1af95ace39bef2b9e979b74d9a2c0a741d8a21221d9afc98992776cad52d73151613dbc10da9bd8038751a":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSAES-V15 Decryption Test Vector Padding too short 0
-pkcs1_rsaes_v15_decrypt:1024:16:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":16:"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"a5a384ef64a6acb84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"72f98d12ddc230484179ec3022d11b3719222daaa0dc016fc3dbd6771a3f2c9fdd0560f86d616dd50ef1fa5b8c7e1fc40b5abf7b845d7795b3a6af02457b97f783360575cde7497bdf9c104650d4e9a8f4034406de1af95ace39bef2b9e979b74d9a2c0a741d8a21221d9afc98992776cad52d73151613dbc10da9bd8038751a":MBEDTLS_ERR_RSA_INVALID_PADDING
-
-RSASSA-V15 Signing Test Vector Int
-pkcs1_rsassa_v15_sign:1024:16:"d17f655bf27c8b16d35462c905cc04a26f37e2a67fa9c0ce0dced472394a0df743fe7f929e378efdb368eddff453cf007af6d948e0ade757371f8a711e278f6b":16:"c6d92b6fee7414d1358ce1546fb62987530b90bd15e0f14963a5e2635adb69347ec0c01b2ab1763fd8ac1a592fb22757463a982425bb97a3a437c5bf86d03f2f":16:"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"2154f928615e5101fcdeb57bc08fc2f35c3d5996403861ae3efb1d0712f8bb05cc21f7f5f11f62e5b6ea9f0f2b62180e5cbe7ba535032d6ac8068fff7f362f73d2c3bf5eca6062a1723d7cfd5abb6dcf7e405f2dc560ffe6fc37d38bee4dc9e24fe2bece3e3b4a3f032701d3f0947b42930083dd4ad241b3309b514595482d42":0
-
-RSASSA-V15 Verification Test Vector Int
-pkcs1_rsassa_v15_verify:1024:16:"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"2154f928615e5101fcdeb57bc08fc2f35c3d5996403861ae3efb1d0712f8bb05cc21f7f5f11f62e5b6ea9f0f2b62180e5cbe7ba535032d6ac8068fff7f362f73d2c3bf5eca6062a1723d7cfd5abb6dcf7e405f2dc560ffe6fc37d38bee4dc9e24fe2bece3e3b4a3f032701d3f0947b42930083dd4ad241b3309b514595482d42":0
-
-RSAES-V15 decoding: good, payload=max, tight output buffer
-pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0002505152535455565700":117:117:0
-
-RSAES-V15 decoding: good, payload=max, larger output buffer
-pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0002505152535455565700":117:128:0
-
-RSAES-V15 decoding: good, payload=max-1, tight output buffer
-pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"000250515253545556575800":116:116:0
-
-RSAES-V15 decoding: good, payload=max-1, larger output buffer
-pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"000250515253545556575800":116:117:0
-
-RSAES-V15 decoding: good, payload=1
-pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"00025050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505000":1:1:0
-
-RSAES-V15 decoding: good, empty payload
-pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0002505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505000":0:0:0
-
-RSAES-V15 decoding: payload=max, output too large
-pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0002505152535455565700":117:116:MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE
-
-RSAES-V15 decoding: payload=max-1, output too large
-pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"000250515253545556575800":116:115:MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE
-
-RSAES-V15 decoding: bad first byte
-pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0102505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-RSAES-V15 decoding: bad second byte (0 instead of 2)
-pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0000505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-RSAES-V15 decoding: bad second byte (1 instead of 2)
-pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0001505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-RSAES-V15 decoding: padding too short (0)
-pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"000200":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-RSAES-V15 decoding: padding too short (7)
-pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0002505050505050500000ffffffffffffffffff00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-RSAES-V15 decoding: unfinished padding
-pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0002505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-EMSA-V15 decoding: good, payload=max, tight output buffer
-pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffff00":117:117:0
-
-EMSA-V15 decoding: good, payload=max, larger output buffer
-pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffff00":117:128:0
-
-EMSA-V15 decoding: good, payload=max-1, tight output buffer
-pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffffff00":116:116:0
-
-EMSA-V15 decoding: good, payload=max-1, larger output buffer
-pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffffff00":116:117:0
-
-EMSA-V15 decoding: good, payload=1
-pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00":1:1:0
-
-EMSA-V15 decoding: good, empty payload
-pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00":0:0:0
-
-EMSA-V15 decoding: bad first byte
-pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0101ffffffffffffffff00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-EMSA-V15 decoding: bad second byte (0 instead of 1)
-pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0000ffffffffffffffff00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-EMSA-V15 decoding: bad second byte (2 instead of 1)
-pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0002ffffffffffffffff00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-EMSA-V15 decoding: padding too short (0)
-pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"000100":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-EMSA-V15 decoding: padding too short (7)
-pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffff0000ffffffffffffffff00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-EMSA-V15 decoding: invalid padding at first byte
-pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001fffffffffffffffe00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-EMSA-V15 decoding: invalid padding at last byte
-pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001feffffffffffffff00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-EMSA-V15 decoding: unfinished padding
-pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-EMSA-V15 decoding: unfinished padding with invalid first byte
-pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001feffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-EMSA-V15 decoding: unfinished padding with invalid last byte
-pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkcs1_v15.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkcs1_v15.function
deleted file mode 100644
index 068027b..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkcs1_v15.function
+++ /dev/null
@@ -1,350 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/rsa.h"
-#include "mbedtls/md.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N,
-                              int radix_E, char * input_E, int hash,
-                              data_t * message_str, data_t * rnd_buf,
-                              data_t * result_str, int result )
-{
-    unsigned char output[128];
-    mbedtls_rsa_context ctx;
-    mbedtls_test_rnd_buf_info info;
-    mbedtls_mpi N, E;
-
-    info.buf = rnd_buf->x;
-    info.length = rnd_buf->len;
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
-    mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
-    memset( output, 0x00, sizeof( output ) );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
-    TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
-
-    if( message_str->len == 0 )
-        message_str->x = NULL;
-    TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
-                                            &mbedtls_test_rnd_buffer_rand,
-                                            &info, MBEDTLS_RSA_PUBLIC,
-                                            message_str->len, message_str->x,
-                                            output ) == result );
-
-    if( result == 0 )
-    {
-        TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
-                                          ctx.len, result_str->len ) == 0 );
-    }
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
-    mbedtls_rsa_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char * input_P,
-                              int radix_Q, char * input_Q, int radix_N,
-                              char * input_N, int radix_E, char * input_E,
-                              int hash, data_t * result_str,
-                              char * seed, data_t * message_str,
-                              int result )
-{
-    unsigned char output[128];
-    mbedtls_rsa_context ctx;
-    size_t output_len;
-    mbedtls_test_rnd_pseudo_info rnd_info;
-    mbedtls_mpi N, P, Q, E;
-    ((void) seed);
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
-    mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
-    mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
-
-    memset( output, 0x00, sizeof( output ) );
-    memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
-    TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
-
-    if( result_str->len == 0 )
-    {
-        TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
-                                                &mbedtls_test_rnd_pseudo_rand,
-                                                &rnd_info,
-                                                MBEDTLS_RSA_PRIVATE,
-                                                &output_len, message_str->x,
-                                                NULL, 0 ) == result );
-    }
-    else
-    {
-        TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
-                                                &mbedtls_test_rnd_pseudo_rand,
-                                                &rnd_info, MBEDTLS_RSA_PRIVATE,
-                                                &output_len, message_str->x,
-                                                output, 1000 ) == result );
-        if( result == 0 )
-        {
-            TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
-                                              output_len,
-                                              result_str->len) == 0 );
-        }
-    }
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
-    mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
-    mbedtls_rsa_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void pkcs1_v15_decode( int mode,
-                       data_t *input,
-                       int expected_plaintext_length_arg,
-                       int output_size_arg,
-                       int expected_result )
-{
-    size_t expected_plaintext_length = expected_plaintext_length_arg;
-    size_t output_size = output_size_arg;
-    mbedtls_test_rnd_pseudo_info rnd_info;
-    mbedtls_mpi Nmpi, Empi, Pmpi, Qmpi;
-    mbedtls_rsa_context ctx;
-    static unsigned char N[128] = {
-        0xc4, 0x79, 0x4c, 0x6d, 0xb2, 0xe9, 0xdf, 0xc5,
-        0xe5, 0xd7, 0x55, 0x4b, 0xfb, 0x6c, 0x2e, 0xec,
-        0x84, 0xd0, 0x88, 0x12, 0xaf, 0xbf, 0xb4, 0xf5,
-        0x47, 0x3c, 0x7e, 0x92, 0x4c, 0x58, 0xc8, 0x73,
-        0xfe, 0x8f, 0x2b, 0x8f, 0x8e, 0xc8, 0x5c, 0xf5,
-        0x05, 0xeb, 0xfb, 0x0d, 0x7b, 0x2a, 0x93, 0xde,
-        0x15, 0x0d, 0xc8, 0x13, 0xcf, 0xd2, 0x6f, 0x0d,
-        0x9d, 0xad, 0x30, 0xe5, 0x70, 0x20, 0x92, 0x9e,
-        0xb3, 0x6b, 0xba, 0x5c, 0x50, 0x0f, 0xc3, 0xb2,
-        0x7e, 0x64, 0x07, 0x94, 0x7e, 0xc9, 0x4e, 0xc1,
-        0x65, 0x04, 0xaf, 0xb3, 0x9f, 0xde, 0xa8, 0x46,
-        0xfa, 0x6c, 0xf3, 0x03, 0xaf, 0x1c, 0x1b, 0xec,
-        0x75, 0x44, 0x66, 0x77, 0xc9, 0xde, 0x51, 0x33,
-        0x64, 0x27, 0xb0, 0xd4, 0x8d, 0x31, 0x6a, 0x11,
-        0x27, 0x3c, 0x99, 0xd4, 0x22, 0xc0, 0x9d, 0x12,
-        0x01, 0xc7, 0x4a, 0x73, 0xac, 0xbf, 0xc2, 0xbb
-    };
-    static unsigned char E[1] = { 0x03 };
-    static unsigned char P[64] = {
-        0xe5, 0x53, 0x1f, 0x88, 0x51, 0xee, 0x59, 0xf8,
-        0xc1, 0xe4, 0xcc, 0x5b, 0xb3, 0x75, 0x8d, 0xc8,
-        0xe8, 0x95, 0x2f, 0xd0, 0xef, 0x37, 0xb4, 0xcd,
-        0xd3, 0x9e, 0x48, 0x8b, 0x81, 0x58, 0x60, 0xb9,
-        0x27, 0x1d, 0xb6, 0x28, 0x92, 0x64, 0xa3, 0xa5,
-        0x64, 0xbd, 0xcc, 0x53, 0x68, 0xdd, 0x3e, 0x55,
-        0xea, 0x9d, 0x5e, 0xcd, 0x1f, 0x96, 0x87, 0xf1,
-        0x29, 0x75, 0x92, 0x70, 0x8f, 0x28, 0xfb, 0x2b
-    };
-    static unsigned char Q[64] = {
-        0xdb, 0x53, 0xef, 0x74, 0x61, 0xb4, 0x20, 0x3b,
-        0x3b, 0x87, 0x76, 0x75, 0x81, 0x56, 0x11, 0x03,
-        0x59, 0x31, 0xe3, 0x38, 0x4b, 0x8c, 0x7a, 0x9c,
-        0x05, 0xd6, 0x7f, 0x1e, 0x5e, 0x60, 0xf0, 0x4e,
-        0x0b, 0xdc, 0x34, 0x54, 0x1c, 0x2e, 0x90, 0x83,
-        0x14, 0xef, 0xc0, 0x96, 0x5c, 0x30, 0x10, 0xcc,
-        0xc1, 0xba, 0xa0, 0x54, 0x3f, 0x96, 0x24, 0xca,
-        0xa3, 0xfb, 0x55, 0xbc, 0x71, 0x29, 0x4e, 0xb1
-    };
-    unsigned char original[128];
-    unsigned char intermediate[128];
-    static unsigned char default_content[128] = {
-        /* A randomly generated pattern. */
-        0x4c, 0x27, 0x54, 0xa0, 0xce, 0x0d, 0x09, 0x4a,
-        0x1c, 0x38, 0x8e, 0x2d, 0xa3, 0xc4, 0xe0, 0x19,
-        0x4c, 0x99, 0xb2, 0xbf, 0xe6, 0x65, 0x7e, 0x58,
-        0xd7, 0xb6, 0x8a, 0x05, 0x2f, 0xa5, 0xec, 0xa4,
-        0x35, 0xad, 0x10, 0x36, 0xff, 0x0d, 0x08, 0x50,
-        0x74, 0x47, 0xc9, 0x9c, 0x4a, 0xe7, 0xfd, 0xfa,
-        0x83, 0x5f, 0x14, 0x5a, 0x1e, 0xe7, 0x35, 0x08,
-        0xad, 0xf7, 0x0d, 0x86, 0xdf, 0xb8, 0xd4, 0xcf,
-        0x32, 0xb9, 0x5c, 0xbe, 0xa3, 0xd2, 0x89, 0x70,
-        0x7b, 0xc6, 0x48, 0x7e, 0x58, 0x4d, 0xf3, 0xef,
-        0x34, 0xb7, 0x57, 0x54, 0x79, 0xc5, 0x8e, 0x0a,
-        0xa3, 0xbf, 0x6d, 0x42, 0x83, 0x25, 0x13, 0xa2,
-        0x95, 0xc0, 0x0d, 0x32, 0xec, 0x77, 0x91, 0x2b,
-        0x68, 0xb6, 0x8c, 0x79, 0x15, 0xfb, 0x94, 0xde,
-        0xb9, 0x2b, 0x94, 0xb3, 0x28, 0x23, 0x86, 0x3d,
-        0x37, 0x00, 0xe6, 0xf1, 0x1f, 0x4e, 0xd4, 0x42
-    };
-    unsigned char final[128];
-    size_t output_length = 0x7EA0;
-
-    memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
-    mbedtls_mpi_init( &Nmpi ); mbedtls_mpi_init( &Empi );
-    mbedtls_mpi_init( &Pmpi ); mbedtls_mpi_init( &Qmpi );
-    mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
-
-    TEST_ASSERT( mbedtls_mpi_read_binary( &Nmpi, N, sizeof( N ) ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_binary( &Empi, E, sizeof( E ) ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_binary( &Pmpi, P, sizeof( P ) ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_binary( &Qmpi, Q, sizeof( Q ) ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_import( &ctx, &Nmpi, &Pmpi, &Qmpi,
-                                     NULL, &Empi ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
-
-    TEST_ASSERT( input->len <= sizeof( N ) );
-    memcpy( original, input->x, input->len );
-    memset( original + input->len, 'd', sizeof( original ) - input->len );
-    if( mode == MBEDTLS_RSA_PRIVATE )
-        TEST_ASSERT( mbedtls_rsa_public( &ctx, original, intermediate ) == 0 );
-    else
-        TEST_ASSERT( mbedtls_rsa_private( &ctx, &mbedtls_test_rnd_pseudo_rand,
-                                          &rnd_info, original,
-                                          intermediate ) == 0 );
-
-    memcpy( final, default_content, sizeof( final ) );
-    TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
-                                            &mbedtls_test_rnd_pseudo_rand,
-                                            &rnd_info, mode, &output_length,
-                                            intermediate, final,
-                                            output_size ) == expected_result );
-    if( expected_result == 0 )
-    {
-        TEST_ASSERT( output_length == expected_plaintext_length );
-        TEST_ASSERT( memcmp( original + sizeof( N ) - output_length,
-                             final,
-                             output_length ) == 0 );
-    }
-    else if( expected_result == MBEDTLS_ERR_RSA_INVALID_PADDING ||
-             expected_result == MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE )
-    {
-        size_t max_payload_length =
-            output_size > sizeof( N ) - 11 ? sizeof( N ) - 11 : output_size;
-        size_t i;
-        size_t count = 0;
-
-#if !defined(MBEDTLS_RSA_ALT)
-        /* Check that the output in invalid cases is what the default
-         * implementation currently does. Alternative implementations
-         * may produce different output, so we only perform these precise
-         * checks when using the default implementation. */
-        TEST_ASSERT( output_length == max_payload_length );
-        for( i = 0; i < max_payload_length; i++ )
-            TEST_ASSERT( final[i] == 0 );
-#endif
-        /* Even in alternative implementations, the outputs must have
-         * changed, otherwise it indicates at least a timing vulnerability
-         * because no write to the outputs is performed in the bad case. */
-        TEST_ASSERT( output_length != 0x7EA0 );
-        for( i = 0; i < max_payload_length; i++ )
-            count += ( final[i] == default_content[i] );
-        /* If more than 16 bytes are unchanged in final, that's evidence
-         * that final wasn't overwritten. */
-        TEST_ASSERT( count < 16 );
-    }
-
-exit:
-    mbedtls_mpi_free( &Nmpi ); mbedtls_mpi_free( &Empi );
-    mbedtls_mpi_free( &Pmpi ); mbedtls_mpi_free( &Qmpi );
-    mbedtls_rsa_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q,
-                            char * input_Q, int radix_N, char * input_N,
-                            int radix_E, char * input_E, int digest, int hash,
-                            data_t * message_str, data_t * rnd_buf,
-                            data_t * result_str, int result )
-{
-    unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
-    unsigned char output[128];
-    mbedtls_rsa_context ctx;
-    mbedtls_mpi N, P, Q, E;
-    mbedtls_test_rnd_buf_info info;
-
-    info.buf = rnd_buf->x;
-    info.length = rnd_buf->len;
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
-    mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
-    mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
-
-    memset( hash_result, 0x00, sizeof( hash_result ) );
-    memset( output, 0x00, sizeof( output ) );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
-    TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
-
-
-    if( mbedtls_md_info_from_type( digest ) != NULL )
-        TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_buffer_rand,
-                                         &info, MBEDTLS_RSA_PRIVATE, digest,
-                                         0, hash_result, output ) == result );
-    if( result == 0 )
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
-                                          ctx.len, result_str->len ) == 0 );
-    }
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
-    mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
-    mbedtls_rsa_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N,
-                              int radix_E, char * input_E, int digest,
-                              int hash, data_t * message_str, char * salt,
-                              data_t * result_str, int result )
-{
-    unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
-    mbedtls_rsa_context ctx;
-    mbedtls_mpi N, E;
-    ((void) salt);
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
-    mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
-    memset( hash_result, 0x00, sizeof( hash_result ) );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
-    TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
-
-
-    if( mbedtls_md_info_from_type( digest ) != NULL )
-        TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
-    mbedtls_rsa_free( &ctx );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkcs1_v21.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkcs1_v21.data
deleted file mode 100644
index 2dde5e9..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkcs1_v21.data
+++ /dev/null
@@ -1,885 +0,0 @@
-RSAES-OAEP Encryption Test Vector Int
-pkcs1_rsaes_oaep_encrypt:1024:16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49":"aafd12f659cae63489b479e5076ddec2f06cb58f":"1253e04dc0a5397bb44a7ab87e9bf2a039a33d1e996fc82a94ccd30074c95df763722017069e5268da5d1c0b4f872cf653c11df82314a67968dfeae28def04bb6d84b1c31d654a1970e5783bd6eb96a024c2ca2f4a90fe9f2ef5c9c140e5bb48da9536ad8700c84fc9130adea74e558d51a74ddf85d8b50de96838d6063e0955":0
-
-RSAES-OAEP Encryption Test Vector Data just fits
-pkcs1_rsaes_oaep_encrypt:1024:16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd":"aafd12f659cae63489b479e5076ddec2f06cb58f":"3082f2288fff275213d53168f0a272573cff81837c249dc1f380a12ac124c8f217b700708a1ce7dce154265f31a126ebdd9ed3ef9145ae29124a25f4e65aa52c5a9ff34f6cf4de9ba937ae406dc7d1f277af4f6fb7ea73bfbab2bd397b6b2c53570e173ffcf3b9f0bb96837623a4f87bd81b41446c59e681a2f3da81239e9bdf":0
-
-RSAES-OAEP Encryption Test Vector Data too long
-pkcs1_rsaes_oaep_encrypt:1024:16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"aafd12f659cae63489b479e5076ddec2f06cb58f":"1253e04dc0a5397bb44a7ab87e9bf2a039a33d1e996fc82a94ccd30074c95df763722017069e5268da5d1c0b4f872cf653c11df82314a67968dfeae28def04bb6d84b1c31d654a1970e5783bd6eb96a024c2ca2f4a90fe9f2ef5c9c140e5bb48da9536ad8700c84fc9130adea74e558d51a74ddf85d8b50de96838d6063e0955":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSAES-OAEP Encryption Test Vector 1_1
-pkcs1_rsaes_oaep_encrypt:1024:16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"6628194e12073db03ba94cda9ef9532397d50dba79b987004afefe34":"18b776ea21069d69776a33e96bad48e1dda0a5ef":"354fe67b4a126d5d35fe36c777791a3f7ba13def484e2d3908aff722fad468fb21696de95d0be911c2d3174f8afcc201035f7b6d8e69402de5451618c21a535fa9d7bfc5b8dd9fc243f8cf927db31322d6e881eaa91a996170e657a05a266426d98c88003f8477c1227094a0d9fa1e8c4024309ce1ecccb5210035d47ac72e8a":0
-
-RSAES-OAEP Encryption Test Vector 1_2
-pkcs1_rsaes_oaep_encrypt:1024:16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"750c4047f547e8e41411856523298ac9bae245efaf1397fbe56f9dd5":"0cc742ce4a9b7f32f951bcb251efd925fe4fe35f":"640db1acc58e0568fe5407e5f9b701dff8c3c91e716c536fc7fcec6cb5b71c1165988d4a279e1577d730fc7a29932e3f00c81515236d8d8e31017a7a09df4352d904cdeb79aa583adcc31ea698a4c05283daba9089be5491f67c1a4ee48dc74bbbe6643aef846679b4cb395a352d5ed115912df696ffe0702932946d71492b44":0
-
-RSAES-OAEP Encryption Test Vector 1_3
-pkcs1_rsaes_oaep_encrypt:1024:16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"d94ae0832e6445ce42331cb06d531a82b1db4baad30f746dc916df24d4e3c2451fff59a6423eb0e1d02d4fe646cf699dfd818c6e97b051":"2514df4695755a67b288eaf4905c36eec66fd2fd":"423736ed035f6026af276c35c0b3741b365e5f76ca091b4e8c29e2f0befee603595aa8322d602d2e625e95eb81b2f1c9724e822eca76db8618cf09c5343503a4360835b5903bc637e3879fb05e0ef32685d5aec5067cd7cc96fe4b2670b6eac3066b1fcf5686b68589aafb7d629b02d8f8625ca3833624d4800fb081b1cf94eb":0
-
-RSAES-OAEP Encryption Test Vector 1_4
-pkcs1_rsaes_oaep_encrypt:1024:16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"52e650d98e7f2a048b4f86852153b97e01dd316f346a19f67a85":"c4435a3e1a18a68b6820436290a37cefb85db3fb":"45ead4ca551e662c9800f1aca8283b0525e6abae30be4b4aba762fa40fd3d38e22abefc69794f6ebbbc05ddbb11216247d2f412fd0fba87c6e3acd888813646fd0e48e785204f9c3f73d6d8239562722dddd8771fec48b83a31ee6f592c4cfd4bc88174f3b13a112aae3b9f7b80e0fc6f7255ba880dc7d8021e22ad6a85f0755":0
-
-RSAES-OAEP Encryption Test Vector 1_5
-pkcs1_rsaes_oaep_encrypt:1024:16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"8da89fd9e5f974a29feffb462b49180f6cf9e802":"b318c42df3be0f83fea823f5a7b47ed5e425a3b5":"36f6e34d94a8d34daacba33a2139d00ad85a9345a86051e73071620056b920e219005855a213a0f23897cdcd731b45257c777fe908202befdd0b58386b1244ea0cf539a05d5d10329da44e13030fd760dcd644cfef2094d1910d3f433e1c7c6dd18bc1f2df7f643d662fb9dd37ead9059190f4fa66ca39e869c4eb449cbdc439":0
-
-RSAES-OAEP Encryption Test Vector 1_6
-pkcs1_rsaes_oaep_encrypt:1024:16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"26521050844271":"e4ec0982c2336f3a677f6a356174eb0ce887abc2":"42cee2617b1ecea4db3f4829386fbd61dafbf038e180d837c96366df24c097b4ab0fac6bdf590d821c9f10642e681ad05b8d78b378c0f46ce2fad63f74e0ad3df06b075d7eb5f5636f8d403b9059ca761b5c62bb52aa45002ea70baace08ded243b9d8cbd62a68ade265832b56564e43a6fa42ed199a099769742df1539e8255":0
-
-RSAES-OAEP Encryption Test Vector 2_1
-pkcs1_rsaes_oaep_encrypt:1025:16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"8ff00caa605c702830634d9a6c3d42c652b58cf1d92fec570beee7":"8c407b5ec2899e5099c53e8ce793bf94e71b1782":"0181af8922b9fcb4d79d92ebe19815992fc0c1439d8bcd491398a0f4ad3a329a5bd9385560db532683c8b7da04e4b12aed6aacdf471c34c9cda891addcc2df3456653aa6382e9ae59b54455257eb099d562bbe10453f2b6d13c59c02e10f1f8abb5da0d0570932dacf2d0901db729d0fefcc054e70968ea540c81b04bcaefe720e":0
-
-RSAES-OAEP Encryption Test Vector 2_2
-pkcs1_rsaes_oaep_encrypt:1025:16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"2d":"b600cf3c2e506d7f16778c910d3a8b003eee61d5":"018759ff1df63b2792410562314416a8aeaf2ac634b46f940ab82d64dbf165eee33011da749d4bab6e2fcd18129c9e49277d8453112b429a222a8471b070993998e758861c4d3f6d749d91c4290d332c7a4ab3f7ea35ff3a07d497c955ff0ffc95006b62c6d296810d9bfab024196c7934012c2df978ef299aba239940cba10245":0
-
-RSAES-OAEP Encryption Test Vector 2_3
-pkcs1_rsaes_oaep_encrypt:1025:16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"74fc88c51bc90f77af9d5e9a4a70133d4b4e0b34da3c37c7ef8e":"a73768aeeaa91f9d8c1ed6f9d2b63467f07ccae3":"018802bab04c60325e81c4962311f2be7c2adce93041a00719c88f957575f2c79f1b7bc8ced115c706b311c08a2d986ca3b6a9336b147c29c6f229409ddec651bd1fdd5a0b7f610c9937fdb4a3a762364b8b3206b4ea485fd098d08f63d4aa8bb2697d027b750c32d7f74eaf5180d2e9b66b17cb2fa55523bc280da10d14be2053":0
-
-RSAES-OAEP Encryption Test Vector 2_4
-pkcs1_rsaes_oaep_encrypt:1025:16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"a7eb2a5036931d27d4e891326d99692ffadda9bf7efd3e34e622c4adc085f721dfe885072c78a203b151739be540fa8c153a10f00a":"9a7b3b0e708bd96f8190ecab4fb9b2b3805a8156":"00a4578cbc176318a638fba7d01df15746af44d4f6cd96d7e7c495cbf425b09c649d32bf886da48fbaf989a2117187cafb1fb580317690e3ccd446920b7af82b31db5804d87d01514acbfa9156e782f867f6bed9449e0e9a2c09bcecc6aa087636965e34b3ec766f2fe2e43018a2fddeb140616a0e9d82e5331024ee0652fc7641":0
-
-RSAES-OAEP Encryption Test Vector 2_5
-pkcs1_rsaes_oaep_encrypt:1025:16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"2ef2b066f854c33f3bdcbb5994a435e73d6c6c":"eb3cebbc4adc16bb48e88c8aec0e34af7f427fd3":"00ebc5f5fda77cfdad3c83641a9025e77d72d8a6fb33a810f5950f8d74c73e8d931e8634d86ab1246256ae07b6005b71b7f2fb98351218331ce69b8ffbdc9da08bbc9c704f876deb9df9fc2ec065cad87f9090b07acc17aa7f997b27aca48806e897f771d95141fe4526d8a5301b678627efab707fd40fbebd6e792a25613e7aec":0
-
-RSAES-OAEP Encryption Test Vector 2_6
-pkcs1_rsaes_oaep_encrypt:1025:16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"8a7fb344c8b6cb2cf2ef1f643f9a3218f6e19bba89c0":"4c45cf4d57c98e3d6d2095adc51c489eb50dff84":"010839ec20c27b9052e55befb9b77e6fc26e9075d7a54378c646abdf51e445bd5715de81789f56f1803d9170764a9e93cb78798694023ee7393ce04bc5d8f8c5a52c171d43837e3aca62f609eb0aa5ffb0960ef04198dd754f57f7fbe6abf765cf118b4ca443b23b5aab266f952326ac4581100644325f8b721acd5d04ff14ef3a":0
-
-RSAES-OAEP Encryption Example 3_1
-pkcs1_rsaes_oaep_encrypt:1026:16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"087820b569e8fa8d":"8ced6b196290805790e909074015e6a20b0c4894":"026a0485d96aebd96b4382085099b962e6a2bdec3d90c8db625e14372de85e2d5b7baab65c8faf91bb5504fb495afce5c988b3f6a52e20e1d6cbd3566c5cd1f2b8318bb542cc0ea25c4aab9932afa20760eaddec784396a07ea0ef24d4e6f4d37e5052a7a31e146aa480a111bbe926401307e00f410033842b6d82fe5ce4dfae80":0
-
-RSAES-OAEP Encryption Example 3_2
-pkcs1_rsaes_oaep_encrypt:1026:16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"4653acaf171960b01f52a7be63a3ab21dc368ec43b50d82ec3781e04":"b4291d6567550848cc156967c809baab6ca507f0":"024db89c7802989be0783847863084941bf209d761987e38f97cb5f6f1bc88da72a50b73ebaf11c879c4f95df37b850b8f65d7622e25b1b889e80fe80baca2069d6e0e1d829953fc459069de98ea9798b451e557e99abf8fe3d9ccf9096ebbf3e5255d3b4e1c6d2ecadf067a359eea86405acd47d5e165517ccafd47d6dbee4bf5":0
-
-RSAES-OAEP Encryption Example 3_3
-pkcs1_rsaes_oaep_encrypt:1026:16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"d94cd0e08fa404ed89":"ce8928f6059558254008badd9794fadcd2fd1f65":"0239bce681032441528877d6d1c8bb28aa3bc97f1df584563618995797683844ca86664732f4bed7a0aab083aaabfb7238f582e30958c2024e44e57043b97950fd543da977c90cdde5337d618442f99e60d7783ab59ce6dd9d69c47ad1e962bec22d05895cff8d3f64ed5261d92b2678510393484990ba3f7f06818ae6ffce8a3a":0
-
-RSAES-OAEP Encryption Example 3_4
-pkcs1_rsaes_oaep_encrypt:1026:16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"6cc641b6b61e6f963974dad23a9013284ef1":"6e2979f52d6814a57d83b090054888f119a5b9a3":"02994c62afd76f498ba1fd2cf642857fca81f4373cb08f1cbaee6f025c3b512b42c3e8779113476648039dbe0493f9246292fac28950600e7c0f32edf9c81b9dec45c3bde0cc8d8847590169907b7dc5991ceb29bb0714d613d96df0f12ec5d8d3507c8ee7ae78dd83f216fa61de100363aca48a7e914ae9f42ddfbe943b09d9a0":0
-
-RSAES-OAEP Encryption Example 3_5
-pkcs1_rsaes_oaep_encrypt:1026:16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"df5151832b61f4f25891fb4172f328d2eddf8371ffcfdbe997939295f30eca6918017cfda1153bf7a6af87593223":"2d760bfe38c59de34cdc8b8c78a38e66284a2d27":"0162042ff6969592a6167031811a239834ce638abf54fec8b99478122afe2ee67f8c5b18b0339805bfdbc5a4e6720b37c59cfba942464c597ff532a119821545fd2e59b114e61daf71820529f5029cf524954327c34ec5e6f5ba7efcc4de943ab8ad4ed787b1454329f70db798a3a8f4d92f8274e2b2948ade627ce8ee33e43c60":0
-
-RSAES-OAEP Encryption Example 3_6
-pkcs1_rsaes_oaep_encrypt:1026:16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"3c3bad893c544a6d520ab022319188c8d504b7a788b850903b85972eaa18552e1134a7ad6098826254ff7ab672b3d8eb3158fac6d4cbaef1":"f174779c5fd3cfe007badcb7a36c9b55bfcfbf0e":"00112051e75d064943bc4478075e43482fd59cee0679de6893eec3a943daa490b9691c93dfc0464b6623b9f3dbd3e70083264f034b374f74164e1a00763725e574744ba0b9db83434f31df96f6e2a26f6d8eba348bd4686c2238ac07c37aac3785d1c7eea2f819fd91491798ed8e9cef5e43b781b0e0276e37c43ff9492d005730":0
-
-RSAES-OAEP Encryption Example 4_1
-pkcs1_rsaes_oaep_encrypt:1027:16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"4a86609534ee434a6cbca3f7e962e76d455e3264c19f605f6e5ff6137c65c56d7fb344cd52bc93374f3d166c9f0c6f9c506bad19330972d2":"1cac19ce993def55f98203f6852896c95ccca1f3":"04cce19614845e094152a3fe18e54e3330c44e5efbc64ae16886cb1869014cc5781b1f8f9e045384d0112a135ca0d12e9c88a8e4063416deaae3844f60d6e96fe155145f4525b9a34431ca3766180f70e15a5e5d8e8b1a516ff870609f13f896935ced188279a58ed13d07114277d75c6568607e0ab092fd803a223e4a8ee0b1a8":0
-
-RSAES-OAEP Encryption Example 4_2
-pkcs1_rsaes_oaep_encrypt:1027:16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"b0adc4f3fe11da59ce992773d9059943c03046497ee9d9f9a06df1166db46d98f58d27ec074c02eee6cbe2449c8b9fc5080c5c3f4433092512ec46aa793743c8":"f545d5897585e3db71aa0cb8da76c51d032ae963":"0097b698c6165645b303486fbf5a2a4479c0ee85889b541a6f0b858d6b6597b13b854eb4f839af03399a80d79bda6578c841f90d645715b280d37143992dd186c80b949b775cae97370e4ec97443136c6da484e970ffdb1323a20847821d3b18381de13bb49aaea66530c4a4b8271f3eae172cd366e07e6636f1019d2a28aed15e":0
-
-RSAES-OAEP Encryption Example 4_3
-pkcs1_rsaes_oaep_encrypt:1027:16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"bf6d42e701707b1d0206b0c8b45a1c72641ff12889219a82bdea965b5e79a96b0d0163ed9d578ec9ada20f2fbcf1ea3c4089d83419ba81b0c60f3606da99":"ad997feef730d6ea7be60d0dc52e72eacbfdd275":"0301f935e9c47abcb48acbbe09895d9f5971af14839da4ff95417ee453d1fd77319072bb7297e1b55d7561cd9d1bb24c1a9a37c619864308242804879d86ebd001dce5183975e1506989b70e5a83434154d5cbfd6a24787e60eb0c658d2ac193302d1192c6e622d4a12ad4b53923bca246df31c6395e37702c6a78ae081fb9d065":0
-
-RSAES-OAEP Encryption Example 4_4
-pkcs1_rsaes_oaep_encrypt:1027:16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"fb2ef112f5e766eb94019297934794f7be2f6fc1c58e":"136454df5730f73c807a7e40d8c1a312ac5b9dd3":"02d110ad30afb727beb691dd0cf17d0af1a1e7fa0cc040ec1a4ba26a42c59d0a796a2e22c8f357ccc98b6519aceb682e945e62cb734614a529407cd452bee3e44fece8423cc19e55548b8b994b849c7ecde4933e76037e1d0ce44275b08710c68e430130b929730ed77e09b015642c5593f04e4ffb9410798102a8e96ffdfe11e4":0
-
-RSAES-OAEP Encryption Example 4_5
-pkcs1_rsaes_oaep_encrypt:1027:16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"28ccd447bb9e85166dabb9e5b7d1adadc4b9d39f204e96d5e440ce9ad928bc1c2284":"bca8057f824b2ea257f2861407eef63d33208681":"00dbb8a7439d90efd919a377c54fae8fe11ec58c3b858362e23ad1b8a44310799066b99347aa525691d2adc58d9b06e34f288c170390c5f0e11c0aa3645959f18ee79e8f2be8d7ac5c23d061f18dd74b8c5f2a58fcb5eb0c54f99f01a83247568292536583340948d7a8c97c4acd1e98d1e29dc320e97a260532a8aa7a758a1ec2":0
-
-RSAES-OAEP Encryption Example 4_6
-pkcs1_rsaes_oaep_encrypt:1027:16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"f22242751ec6b1":"2e7e1e17f647b5ddd033e15472f90f6812f3ac4e":"00a5ffa4768c8bbecaee2db77e8f2eec99595933545520835e5ba7db9493d3e17cddefe6a5f567624471908db4e2d83a0fbee60608fc84049503b2234a07dc83b27b22847ad8920ff42f674ef79b76280b00233d2b51b8cb2703a9d42bfbc8250c96ec32c051e57f1b4ba528db89c37e4c54e27e6e64ac69635ae887d9541619a9":0
-
-RSAES-OAEP Encryption Example 5_1
-pkcs1_rsaes_oaep_encrypt:1028:16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"af71a901e3a61d3132f0fc1fdb474f9ea6579257ffc24d164170145b3dbde8":"44c92e283f77b9499c603d963660c87d2f939461":"036046a4a47d9ed3ba9a89139c105038eb7492b05a5d68bfd53accff4597f7a68651b47b4a4627d927e485eed7b4566420e8b409879e5d606eae251d22a5df799f7920bfc117b992572a53b1263146bcea03385cc5e853c9a101c8c3e1bda31a519807496c6cb5e5efb408823a352b8fa0661fb664efadd593deb99fff5ed000e5":0
-
-RSAES-OAEP Encryption Example 5_2
-pkcs1_rsaes_oaep_encrypt:1028:16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"a3b844a08239a8ac41605af17a6cfda4d350136585903a417a79268760519a4b4ac3303ec73f0f87cfb32399":"cb28f5860659fceee49c3eeafce625a70803bd32":"03d6eb654edce615bc59f455265ed4e5a18223cbb9be4e4069b473804d5de96f54dcaaa603d049c5d94aa1470dfcd2254066b7c7b61ff1f6f6770e3215c51399fd4e34ec5082bc48f089840ad04354ae66dc0f1bd18e461a33cc1258b443a2837a6df26759aa2302334986f87380c9cc9d53be9f99605d2c9a97da7b0915a4a7ad":0
-
-RSAES-OAEP Encryption Example 5_3
-pkcs1_rsaes_oaep_encrypt:1028:16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"308b0ecbd2c76cb77fc6f70c5edd233fd2f20929d629f026953bb62a8f4a3a314bde195de85b5f816da2aab074d26cb6acddf323ae3b9c678ac3cf12fbdde7":"2285f40d770482f9a9efa2c72cb3ac55716dc0ca":"0770952181649f9f9f07ff626ff3a22c35c462443d905d456a9fd0bff43cac2ca7a9f554e9478b9acc3ac838b02040ffd3e1847de2e4253929f9dd9ee4044325a9b05cabb808b2ee840d34e15d105a3f1f7b27695a1a07a2d73fe08ecaaa3c9c9d4d5a89ff890d54727d7ae40c0ec1a8dd86165d8ee2c6368141016a48b55b6967":0
-
-RSAES-OAEP Encryption Example 5_4
-pkcs1_rsaes_oaep_encrypt:1028:16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"15c5b9ee1185":"49fa45d3a78dd10dfd577399d1eb00af7eed5513":"0812b76768ebcb642d040258e5f4441a018521bd96687e6c5e899fcd6c17588ff59a82cc8ae03a4b45b31299af1788c329f7dcd285f8cf4ced82606b97612671a45bedca133442144d1617d114f802857f0f9d739751c57a3f9ee400912c61e2e6992be031a43dd48fa6ba14eef7c422b5edc4e7afa04fdd38f402d1c8bb719abf":0
-
-RSAES-OAEP Encryption Example 5_5
-pkcs1_rsaes_oaep_encrypt:1028:16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"21026e6800c7fa728fcaaba0d196ae28d7a2ac4ffd8abce794f0985f60c8a6737277365d3fea11db8923a2029a":"f0287413234cc5034724a094c4586b87aff133fc":"07b60e14ec954bfd29e60d0047e789f51d57186c63589903306793ced3f68241c743529aba6a6374f92e19e0163efa33697e196f7661dfaaa47aac6bde5e51deb507c72c589a2ca1693d96b1460381249b2cdb9eac44769f2489c5d3d2f99f0ee3c7ee5bf64a5ac79c42bd433f149be8cb59548361640595513c97af7bc2509723":0
-
-RSAES-OAEP Encryption Example 5_6
-pkcs1_rsaes_oaep_encrypt:1028:16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"541e37b68b6c8872b84c02":"d9fba45c96f21e6e26d29eb2cdcb6585be9cb341":"08c36d4dda33423b2ed6830d85f6411ba1dcf470a1fae0ebefee7c089f256cef74cb96ea69c38f60f39abee44129bcb4c92de7f797623b20074e3d9c2899701ed9071e1efa0bdd84d4c3e5130302d8f0240baba4b84a71cc032f2235a5ff0fae277c3e8f9112bef44c9ae20d175fc9a4058bfc930ba31b02e2e4f444483710f24a":0
-
-RSAES-OAEP Encryption Example 6_1
-pkcs1_rsaes_oaep_encrypt:1029:16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"4046ca8baa3347ca27f49e0d81f9cc1d71be9ba517d4":"dd0f6cfe415e88e5a469a51fbba6dfd40adb4384":"0630eebcd2856c24f798806e41f9e67345eda9ceda386acc9facaea1eeed06ace583709718d9d169fadf414d5c76f92996833ef305b75b1e4b95f662a20faedc3bae0c4827a8bf8a88edbd57ec203a27a841f02e43a615bab1a8cac0701de34debdef62a088089b55ec36ea7522fd3ec8d06b6a073e6df833153bc0aefd93bd1a3":0
-
-RSAES-OAEP Encryption Example 6_2
-pkcs1_rsaes_oaep_encrypt:1029:16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"5cc72c60231df03b3d40f9b57931bc31109f972527f28b19e7480c7288cb3c92b22512214e4be6c914792ddabdf57faa8aa7":"8d14bd946a1351148f5cae2ed9a0c653e85ebd85":"0ebc37376173a4fd2f89cc55c2ca62b26b11d51c3c7ce49e8845f74e7607317c436bc8d23b9667dfeb9d087234b47bc6837175ae5c0559f6b81d7d22416d3e50f4ac533d8f0812f2db9e791fe9c775ac8b6ad0f535ad9ceb23a4a02014c58ab3f8d3161499a260f39348e714ae2a1d3443208fd8b722ccfdfb393e98011f99e63f":0
-
-RSAES-OAEP Encryption Example 6_3
-pkcs1_rsaes_oaep_encrypt:1029:16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"b20e651303092f4bccb43070c0f86d23049362ed96642fc5632c27db4a52e3d831f2ab068b23b149879c002f6bf3feee97591112562c":"6c075bc45520f165c0bf5ea4c5df191bc9ef0e44":"0a98bf1093619394436cf68d8f38e2f158fde8ea54f3435f239b8d06b8321844202476aeed96009492480ce3a8d705498c4c8c68f01501dc81db608f60087350c8c3b0bd2e9ef6a81458b7c801b89f2e4fe99d4900ba6a4b5e5a96d865dc676c7755928794130d6280a8160a190f2df3ea7cf9aa0271d88e9e6905ecf1c5152d65":0
-
-RSAES-OAEP Encryption Example 6_4
-pkcs1_rsaes_oaep_encrypt:1029:16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"684e3038c5c041f7":"3bbc3bd6637dfe12846901029bf5b0c07103439c":"008e7a67cacfb5c4e24bec7dee149117f19598ce8c45808fef88c608ff9cd6e695263b9a3c0ad4b8ba4c95238e96a8422b8535629c8d5382374479ad13fa39974b242f9a759eeaf9c83ad5a8ca18940a0162ba755876df263f4bd50c6525c56090267c1f0e09ce0899a0cf359e88120abd9bf893445b3cae77d3607359ae9a52f8":0
-
-RSAES-OAEP Encryption Example 6_5
-pkcs1_rsaes_oaep_encrypt:1029:16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"32488cb262d041d6e4dd35f987bf3ca696db1f06ac29a44693":"b46b41893e8bef326f6759383a83071dae7fcabc":"00003474416c7b68bdf961c385737944d7f1f40cb395343c693cc0b4fe63b31fedf1eaeeac9ccc0678b31dc32e0977489514c4f09085f6298a9653f01aea4045ff582ee887be26ae575b73eef7f3774921e375a3d19adda0ca31aa1849887c1f42cac9677f7a2f4e923f6e5a868b38c084ef187594dc9f7f048fea2e02955384ab":0
-
-RSAES-OAEP Encryption Example 6_6
-pkcs1_rsaes_oaep_encrypt:1029:16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"50ba14be8462720279c306ba":"0a2403312a41e3d52f060fbc13a67de5cf7609a7":"0a026dda5fc8785f7bd9bf75327b63e85e2c0fdee5dadb65ebdcac9ae1de95c92c672ab433aa7a8e69ce6a6d8897fac4ac4a54de841ae5e5bbce7687879d79634cea7a30684065c714d52409b928256bbf53eabcd5231eb7259504537399bd29164b726d33a46da701360a4168a091ccab72d44a62fed246c0ffea5b1348ab5470":0
-
-RSAES-OAEP Encryption Example 7_1
-pkcs1_rsaes_oaep_encrypt:1030:16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"47aae909":"43dd09a07ff4cac71caa4632ee5e1c1daee4cd8f":"1688e4ce7794bba6cb7014169ecd559cede2a30b56a52b68d9fe18cf1973ef97b2a03153951c755f6294aa49adbdb55845ab6875fb3986c93ecf927962840d282f9e54ce8b690f7c0cb8bbd73440d9571d1b16cd9260f9eab4783cc482e5223dc60973871783ec27b0ae0fd47732cbc286a173fc92b00fb4ba6824647cd93c85c1":0
-
-RSAES-OAEP Encryption Example 7_2
-pkcs1_rsaes_oaep_encrypt:1030:16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"1d9b2e2223d9bc13bfb9f162ce735db48ba7c68f6822a0a1a7b6ae165834e7":"3a9c3cec7b84f9bd3adecbc673ec99d54b22bc9b":"1052ed397b2e01e1d0ee1c50bf24363f95e504f4a03434a08fd822574ed6b9736edbb5f390db10321479a8a139350e2bd4977c3778ef331f3e78ae118b268451f20a2f01d471f5d53c566937171b2dbc2d4bde459a5799f0372d6574239b2323d245d0bb81c286b63c89a361017337e4902f88a467f4c7f244bfd5ab46437ff3b6":0
-
-RSAES-OAEP Encryption Example 7_3
-pkcs1_rsaes_oaep_encrypt:1030:16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"d976fc":"76a75e5b6157a556cf8884bb2e45c293dd545cf5":"2155cd843ff24a4ee8badb7694260028a490813ba8b369a4cbf106ec148e5298707f5965be7d101c1049ea8584c24cd63455ad9c104d686282d3fb803a4c11c1c2e9b91c7178801d1b6640f003f5728df007b8a4ccc92bce05e41a27278d7c85018c52414313a5077789001d4f01910b72aad05d220aa14a58733a7489bc54556b":0
-
-RSAES-OAEP Encryption Example 7_4
-pkcs1_rsaes_oaep_encrypt:1030:16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"d4738623df223aa43843df8467534c41d013e0c803c624e263666b239bde40a5f29aeb8de79e3daa61dd0370f49bd4b013834b98212aef6b1c5ee373b3cb":"7866314a6ad6f2b250a35941db28f5864b585859":"0ab14c373aeb7d4328d0aaad8c094d88b9eb098b95f21054a29082522be7c27a312878b637917e3d819e6c3c568db5d843802b06d51d9e98a2be0bf40c031423b00edfbff8320efb9171bd2044653a4cb9c5122f6c65e83cda2ec3c126027a9c1a56ba874d0fea23f380b82cf240b8cf540004758c4c77d934157a74f3fc12bfac":0
-
-RSAES-OAEP Encryption Example 7_5
-pkcs1_rsaes_oaep_encrypt:1030:16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"bb47231ca5ea1d3ad46c99345d9a8a61":"b2166ed472d58db10cab2c6b000cccf10a7dc509":"028387a318277434798b4d97f460068df5298faba5041ba11761a1cb7316b24184114ec500257e2589ed3b607a1ebbe97a6cc2e02bf1b681f42312a33b7a77d8e7855c4a6de03e3c04643f786b91a264a0d6805e2cea91e68177eb7a64d9255e4f27e713b7ccec00dc200ebd21c2ea2bb890feae4942df941dc3f97890ed347478":0
-
-RSAES-OAEP Encryption Example 7_6
-pkcs1_rsaes_oaep_encrypt:1030:16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"2184827095d35c3f86f600e8e59754013296":"52673bde2ca166c2aa46131ac1dc808d67d7d3b1":"14c678a94ad60525ef39e959b2f3ba5c097a94ff912b67dbace80535c187abd47d075420b1872152bba08f7fc31f313bbf9273c912fc4c0149a9b0cfb79807e346eb332069611bec0ff9bcd168f1f7c33e77313cea454b94e2549eecf002e2acf7f6f2d2845d4fe0aab2e5a92ddf68c480ae11247935d1f62574842216ae674115":0
-
-RSAES-OAEP Encryption Example 8_1
-pkcs1_rsaes_oaep_encrypt:1031:16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"050b755e5e6880f7b9e9d692a74c37aae449b31bfea6deff83747a897f6c2c825bb1adbf850a3c96994b5de5b33cbc7d4a17913a7967":"7706ffca1ecfb1ebee2a55e5c6e24cd2797a4125":"09b3683d8a2eb0fb295b62ed1fb9290b714457b7825319f4647872af889b30409472020ad12912bf19b11d4819f49614824ffd84d09c0a17e7d17309d12919790410aa2995699f6a86dbe3242b5acc23af45691080d6b1ae810fb3e3057087f0970092ce00be9562ff4053b6262ce0caa93e13723d2e3a5ba075d45f0d61b54b61":0
-
-RSAES-OAEP Encryption Example 8_2
-pkcs1_rsaes_oaep_encrypt:1031:16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"4eb68dcd93ca9b19df111bd43608f557026fe4aa1d5cfac227a3eb5ab9548c18a06dded23f81825986b2fcd71109ecef7eff88873f075c2aa0c469f69c92bc":"a3717da143b4dcffbc742665a8fa950585548343":"2ecf15c97c5a15b1476ae986b371b57a24284f4a162a8d0c8182e7905e792256f1812ba5f83f1f7a130e42dcc02232844edc14a31a68ee97ae564a383a3411656424c5f62ddb646093c367be1fcda426cf00a06d8acb7e57776fbbd855ac3df506fc16b1d7c3f2110f3d8068e91e186363831c8409680d8da9ecd8cf1fa20ee39d":0
-
-RSAES-OAEP Encryption Example 8_3
-pkcs1_rsaes_oaep_encrypt:1031:16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"8604ac56328c1ab5ad917861":"ee06209073cca026bb264e5185bf8c68b7739f86":"4bc89130a5b2dabb7c2fcf90eb5d0eaf9e681b7146a38f3173a3d9cfec52ea9e0a41932e648a9d69344c50da763f51a03c95762131e8052254dcd2248cba40fd31667786ce05a2b7b531ac9dac9ed584a59b677c1a8aed8c5d15d68c05569e2be780bf7db638fd2bfd2a85ab276860f3777338fca989ffd743d13ee08e0ca9893f":0
-
-RSAES-OAEP Encryption Example 8_4
-pkcs1_rsaes_oaep_encrypt:1031:16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"fdda5fbf6ec361a9d9a4ac68af216a0686f438b1e0e5c36b955f74e107f39c0dddcc":"990ad573dc48a973235b6d82543618f2e955105d":"2e456847d8fc36ff0147d6993594b9397227d577752c79d0f904fcb039d4d812fea605a7b574dd82ca786f93752348438ee9f5b5454985d5f0e1699e3e7ad175a32e15f03deb042ab9fe1dd9db1bb86f8c089ccb45e7ef0c5ee7ca9b7290ca6b15bed47039788a8a93ff83e0e8d6244c71006362deef69b6f416fb3c684383fbd0":0
-
-RSAES-OAEP Encryption Example 8_5
-pkcs1_rsaes_oaep_encrypt:1031:16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"4a5f4914bee25de3c69341de07":"ecc63b28f0756f22f52ac8e6ec1251a6ec304718":"1fb9356fd5c4b1796db2ebf7d0d393cc810adf6145defc2fce714f79d93800d5e2ac211ea8bbecca4b654b94c3b18b30dd576ce34dc95436ef57a09415645923359a5d7b4171ef22c24670f1b229d3603e91f76671b7df97e7317c97734476d5f3d17d21cf82b5ba9f83df2e588d36984fd1b584468bd23b2e875f32f68953f7b2":0
-
-RSAES-OAEP Encryption Example 8_6
-pkcs1_rsaes_oaep_encrypt:1031:16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"8e07d66f7b880a72563abcd3f35092bc33409fb7f88f2472be":"3925c71b362d40a0a6de42145579ba1e7dd459fc":"3afd9c6600147b21798d818c655a0f4c9212db26d0b0dfdc2a7594ccb3d22f5bf1d7c3e112cd73fc7d509c7a8bafdd3c274d1399009f9609ec4be6477e453f075aa33db382870c1c3409aef392d7386ae3a696b99a94b4da0589447e955d16c98b17602a59bd736279fcd8fb280c4462d590bfa9bf13fed570eafde97330a2c210":0
-
-RSAES-OAEP Encryption Example 9_1
-pkcs1_rsaes_oaep_encrypt:1536:16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"f735fd55ba92592c3b52b8f9c4f69aaa1cbef8fe88add095595412467f9cf4ec0b896c59eda16210e7549c8abb10cdbc21a12ec9b6b5b8fd2f10399eb6":"8ec965f134a3ec9931e92a1ca0dc8169d5ea705c":"267bcd118acab1fc8ba81c85d73003cb8610fa55c1d97da8d48a7c7f06896a4db751aa284255b9d36ad65f37653d829f1b37f97b8001942545b2fc2c55a7376ca7a1be4b1760c8e05a33e5aa2526b8d98e317088e7834c755b2a59b12631a182c05d5d43ab1779264f8456f515ce57dfdf512d5493dab7b7338dc4b7d78db9c091ac3baf537a69fc7f549d979f0eff9a94fda4169bd4d1d19a69c99e33c3b55490d501b39b1edae118ff6793a153261584d3a5f39f6e682e3d17c8cd1261fa72":0
-
-RSAES-OAEP Encryption Example 9_2
-pkcs1_rsaes_oaep_encrypt:1536:16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"81b906605015a63aabe42ddf11e1978912f5404c7474b26dce3ed482bf961ecc818bf420c54659":"ecb1b8b25fa50cdab08e56042867f4af5826d16c":"93ac9f0671ec29acbb444effc1a5741351d60fdb0e393fbf754acf0de49761a14841df7772e9bc82773966a1584c4d72baea00118f83f35cca6e537cbd4d811f5583b29783d8a6d94cd31be70d6f526c10ff09c6fa7ce069795a3fcd0511fd5fcb564bcc80ea9c78f38b80012539d8a4ddf6fe81e9cddb7f50dbbbbcc7e5d86097ccf4ec49189fb8bf318be6d5a0715d516b49af191258cd32dc833ce6eb4673c03a19bbace88cc54895f636cc0c1ec89096d11ce235a265ca1764232a689ae8":0
-
-RSAES-OAEP Encryption Example 9_3
-pkcs1_rsaes_oaep_encrypt:1536:16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"fd326429df9b890e09b54b18b8f34f1e24":"e89bb032c6ce622cbdb53bc9466014ea77f777c0":"81ebdd95054b0c822ef9ad7693f5a87adfb4b4c4ce70df2df84ed49c04da58ba5fc20a19e1a6e8b7a3900b22796dc4e869ee6b42792d15a8eceb56c09c69914e813cea8f6931e4b8ed6f421af298d595c97f4789c7caa612c7ef360984c21b93edc5401068b5af4c78a8771b984d53b8ea8adf2f6a7d4a0ba76c75e1dd9f658f20ded4a46071d46d7791b56803d8fea7f0b0f8e41ae3f09383a6f9585fe7753eaaffd2bf94563108beecc207bbb535f5fcc705f0dde9f708c62f49a9c90371d3":0
-
-RSAES-OAEP Encryption Example 9_4
-pkcs1_rsaes_oaep_encrypt:1536:16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"f1459b5f0c92f01a0f723a2e5662484d8f8c0a20fc29dad6acd43bb5f3effdf4e1b63e07fdfe6628d0d74ca19bf2d69e4a0abf86d293925a796772f8088e":"606f3b99c0b9ccd771eaa29ea0e4c884f3189ccc":"bcc35f94cde66cb1136625d625b94432a35b22f3d2fa11a613ff0fca5bd57f87b902ccdc1cd0aebcb0715ee869d1d1fe395f6793003f5eca465059c88660d446ff5f0818552022557e38c08a67ead991262254f10682975ec56397768537f4977af6d5f6aaceb7fb25dec5937230231fd8978af49119a29f29e424ab8272b47562792d5c94f774b8829d0b0d9f1a8c9eddf37574d5fa248eefa9c5271fc5ec2579c81bdd61b410fa61fe36e424221c113addb275664c801d34ca8c6351e4a858":0
-
-RSAES-OAEP Encryption Example 9_5
-pkcs1_rsaes_oaep_encrypt:1536:16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"53e6e8c729d6f9c319dd317e74b0db8e4ccca25f3c8305746e137ac63a63ef3739e7b595abb96e8d55e54f7bd41ab433378ffb911d":"fcbc421402e9ecabc6082afa40ba5f26522c840e":"232afbc927fa08c2f6a27b87d4a5cb09c07dc26fae73d73a90558839f4fd66d281b87ec734bce237ba166698ed829106a7de6942cd6cdce78fed8d2e4d81428e66490d036264cef92af941d3e35055fe3981e14d29cbb9a4f67473063baec79a1179f5a17c9c1832f2838fd7d5e59bb9659d56dce8a019edef1bb3accc697cc6cc7a778f60a064c7f6f5d529c6210262e003de583e81e3167b89971fb8c0e15d44fffef89b53d8d64dd797d159b56d2b08ea5307ea12c241bd58d4ee278a1f2e":0
-
-RSAES-OAEP Encryption Example 9_6
-pkcs1_rsaes_oaep_encrypt:1536:16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"b6b28ea2198d0c1008bc64":"23aade0e1e08bb9b9a78d2302a52f9c21b2e1ba2":"438cc7dc08a68da249e42505f8573ba60e2c2773d5b290f4cf9dff718e842081c383e67024a0f29594ea987b9d25e4b738f285970d195abb3a8c8054e3d79d6b9c9a8327ba596f1259e27126674766907d8d582ff3a8476154929adb1e6d1235b2ccb4ec8f663ba9cc670a92bebd853c8dbf69c6436d016f61add836e94732450434207f9fd4c43dec2a12a958efa01efe2669899b5e604c255c55fb7166de5589e369597bb09168c06dd5db177e06a1740eb2d5c82faeca6d92fcee9931ba9f":0
-
-RSAES-OAEP Encryption Example 10_1
-pkcs1_rsaes_oaep_encrypt:2048:16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"8bba6bf82a6c0f86d5f1756e97956870b08953b06b4eb205bc1694ee":"47e1ab7119fee56c95ee5eaad86f40d0aa63bd33":"53ea5dc08cd260fb3b858567287fa91552c30b2febfba213f0ae87702d068d19bab07fe574523dfb42139d68c3c5afeee0bfe4cb7969cbf382b804d6e61396144e2d0e60741f8993c3014b58b9b1957a8babcd23af854f4c356fb1662aa72bfcc7e586559dc4280d160c126785a723ebeebeff71f11594440aaef87d10793a8774a239d4a04c87fe1467b9daf85208ec6c7255794a96cc29142f9a8bd418e3c1fd67344b0cd0829df3b2bec60253196293c6b34d3f75d32f213dd45c6273d505adf4cced1057cb758fc26aeefa441255ed4e64c199ee075e7f16646182fdb464739b68ab5daff0e63e9552016824f054bf4d3c8c90a97bb6b6553284eb429fcc":0
-
-RSAES-OAEP Encryption Example 10_2
-pkcs1_rsaes_oaep_encrypt:2048:16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"e6ad181f053b58a904f2457510373e57":"6d17f5b4c1ffac351d195bf7b09d09f09a4079cf":"a2b1a430a9d657e2fa1c2bb5ed43ffb25c05a308fe9093c01031795f5874400110828ae58fb9b581ce9dddd3e549ae04a0985459bde6c626594e7b05dc4278b2a1465c1368408823c85e96dc66c3a30983c639664fc4569a37fe21e5a195b5776eed2df8d8d361af686e750229bbd663f161868a50615e0c337bec0ca35fec0bb19c36eb2e0bbcc0582fa1d93aacdb061063f59f2ce1ee43605e5d89eca183d2acdfe9f81011022ad3b43a3dd417dac94b4e11ea81b192966e966b182082e71964607b4f8002f36299844a11f2ae0faeac2eae70f8f4f98088acdcd0ac556e9fccc511521908fad26f04c64201450305778758b0538bf8b5bb144a828e629795":0
-
-RSAES-OAEP Encryption Example 10_3
-pkcs1_rsaes_oaep_encrypt:2048:16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"510a2cf60e866fa2340553c94ea39fbc256311e83e94454b4124":"385387514deccc7c740dd8cdf9daee49a1cbfd54":"9886c3e6764a8b9a84e84148ebd8c3b1aa8050381a78f668714c16d9cfd2a6edc56979c535d9dee3b44b85c18be8928992371711472216d95dda98d2ee8347c9b14dffdff84aa48d25ac06f7d7e65398ac967b1ce90925f67dce049b7f812db0742997a74d44fe81dbe0e7a3feaf2e5c40af888d550ddbbe3bc20657a29543f8fc2913b9bd1a61b2ab2256ec409bbd7dc0d17717ea25c43f42ed27df8738bf4afc6766ff7aff0859555ee283920f4c8a63c4a7340cbafddc339ecdb4b0515002f96c932b5b79167af699c0ad3fccfdf0f44e85a70262bf2e18fe34b850589975e867ff969d48eabf212271546cdc05a69ecb526e52870c836f307bd798780ede":0
-
-RSAES-OAEP Encryption Example 10_4
-pkcs1_rsaes_oaep_encrypt:2048:16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"bcdd190da3b7d300df9a06e22caae2a75f10c91ff667b7c16bde8b53064a2649a94045c9":"5caca6a0f764161a9684f85d92b6e0ef37ca8b65":"6318e9fb5c0d05e5307e1683436e903293ac4642358aaa223d7163013aba87e2dfda8e60c6860e29a1e92686163ea0b9175f329ca3b131a1edd3a77759a8b97bad6a4f8f4396f28cf6f39ca58112e48160d6e203daa5856f3aca5ffed577af499408e3dfd233e3e604dbe34a9c4c9082de65527cac6331d29dc80e0508a0fa7122e7f329f6cca5cfa34d4d1da417805457e008bec549e478ff9e12a763c477d15bbb78f5b69bd57830fc2c4ed686d79bc72a95d85f88134c6b0afe56a8ccfbc855828bb339bd17909cf1d70de3335ae07039093e606d655365de6550b872cd6de1d440ee031b61945f629ad8a353b0d40939e96a3c450d2a8d5eee9f678093c8":0
-
-RSAES-OAEP Encryption Example 10_5
-pkcs1_rsaes_oaep_encrypt:2048:16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"a7dd6c7dc24b46f9dd5f1e91ada4c3b3df947e877232a9":"95bca9e3859894b3dd869fa7ecd5bbc6401bf3e4":"75290872ccfd4a4505660d651f56da6daa09ca1301d890632f6a992f3d565cee464afded40ed3b5be9356714ea5aa7655f4a1366c2f17c728f6f2c5a5d1f8e28429bc4e6f8f2cff8da8dc0e0a9808e45fd09ea2fa40cb2b6ce6ffff5c0e159d11b68d90a85f7b84e103b09e682666480c657505c0929259468a314786d74eab131573cf234bf57db7d9e66cc6748192e002dc0deea930585f0831fdcd9bc33d51f79ed2ffc16bcf4d59812fcebcaa3f9069b0e445686d644c25ccf63b456ee5fa6ffe96f19cdf751fed9eaf35957754dbf4bfea5216aa1844dc507cb2d080e722eba150308c2b5ff1193620f1766ecf4481bafb943bd292877f2136ca494aba0":0
-
-RSAES-OAEP Encryption Example 10_6
-pkcs1_rsaes_oaep_encrypt:2048:16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"eaf1a73a1b0c4609537de69cd9228bbcfb9a8ca8c6c3efaf056fe4a7f4634ed00b7c39ec6922d7b8ea2c04ebac":"9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32":"2d207a73432a8fb4c03051b3f73b28a61764098dfa34c47a20995f8115aa6816679b557e82dbee584908c6e69782d7deb34dbd65af063d57fca76a5fd069492fd6068d9984d209350565a62e5c77f23038c12cb10c6634709b547c46f6b4a709bd85ca122d74465ef97762c29763e06dbc7a9e738c78bfca0102dc5e79d65b973f28240caab2e161a78b57d262457ed8195d53e3c7ae9da021883c6db7c24afdd2322eac972ad3c354c5fcef1e146c3a0290fb67adf007066e00428d2cec18ce58f9328698defef4b2eb5ec76918fde1c198cbb38b7afc67626a9aefec4322bfd90d2563481c9a221f78c8272c82d1b62ab914e1c69f6af6ef30ca5260db4a46":0
-
-RSAES-OAEP Encryption input=NULL with length=0
-depends_on:MBEDTLS_SHA1_C
-pkcs1_rsaes_oaep_encrypt:2048:16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"":"9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32":"32b75304e631e94d4b02819642c7ffa66116af504cb3c4687420cc4b7f069fc6cc3b1a254611995ce2914a9e88152d38bbf87ccedcad9b9890341284e56e802a1b1f8f6bd3d5c991bd92eb8a8ea0a1d8bae141088ff8dceaebdb73515cf06ce33baa37c53093f1d1edc3502818cc70edcfddb41646374beb5b4f67f7f773e43778d4d31012e5a207c474e762ac3251ea6ede9018ad6e8e9ea65a3528a62b694eb9d8becff220a7c6c70d33eaafa52cf67a8090f67b6f9c43c6fe0b0f2375cbb9e611c0fcfef5312feb5e53d4a89d3d7e06c966e0c92ab9e5838239f390bcfd918d94c224df8e8ccb57ee364389908b6a0e550133f7565016804fbd6cb338314a":0
-
-RSAES-OAEP Decryption Test Vector Int
-pkcs1_rsaes_oaep_decrypt:1024:16:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":16:"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49":"aafd12f659cae63489b479e5076ddec2f06cb58f":"1253e04dc0a5397bb44a7ab87e9bf2a039a33d1e996fc82a94ccd30074c95df763722017069e5268da5d1c0b4f872cf653c11df82314a67968dfeae28def04bb6d84b1c31d654a1970e5783bd6eb96a024c2ca2f4a90fe9f2ef5c9c140e5bb48da9536ad8700c84fc9130adea74e558d51a74ddf85d8b50de96838d6063e0955":0
-
-RSAES-OAEP Decryption Test Vector 1_1
-pkcs1_rsaes_oaep_decrypt:1024:16:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":16:"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"6628194e12073db03ba94cda9ef9532397d50dba79b987004afefe34":"18b776ea21069d69776a33e96bad48e1dda0a5ef":"354fe67b4a126d5d35fe36c777791a3f7ba13def484e2d3908aff722fad468fb21696de95d0be911c2d3174f8afcc201035f7b6d8e69402de5451618c21a535fa9d7bfc5b8dd9fc243f8cf927db31322d6e881eaa91a996170e657a05a266426d98c88003f8477c1227094a0d9fa1e8c4024309ce1ecccb5210035d47ac72e8a":0
-
-RSAES-OAEP Decryption Test Vector 1_2
-pkcs1_rsaes_oaep_decrypt:1024:16:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":16:"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"750c4047f547e8e41411856523298ac9bae245efaf1397fbe56f9dd5":"0cc742ce4a9b7f32f951bcb251efd925fe4fe35f":"640db1acc58e0568fe5407e5f9b701dff8c3c91e716c536fc7fcec6cb5b71c1165988d4a279e1577d730fc7a29932e3f00c81515236d8d8e31017a7a09df4352d904cdeb79aa583adcc31ea698a4c05283daba9089be5491f67c1a4ee48dc74bbbe6643aef846679b4cb395a352d5ed115912df696ffe0702932946d71492b44":0
-
-RSAES-OAEP Decryption Test Vector 1_3
-pkcs1_rsaes_oaep_decrypt:1024:16:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":16:"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"d94ae0832e6445ce42331cb06d531a82b1db4baad30f746dc916df24d4e3c2451fff59a6423eb0e1d02d4fe646cf699dfd818c6e97b051":"2514df4695755a67b288eaf4905c36eec66fd2fd":"423736ed035f6026af276c35c0b3741b365e5f76ca091b4e8c29e2f0befee603595aa8322d602d2e625e95eb81b2f1c9724e822eca76db8618cf09c5343503a4360835b5903bc637e3879fb05e0ef32685d5aec5067cd7cc96fe4b2670b6eac3066b1fcf5686b68589aafb7d629b02d8f8625ca3833624d4800fb081b1cf94eb":0
-
-RSAES-OAEP Decryption Test Vector 1_4
-pkcs1_rsaes_oaep_decrypt:1024:16:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":16:"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"52e650d98e7f2a048b4f86852153b97e01dd316f346a19f67a85":"c4435a3e1a18a68b6820436290a37cefb85db3fb":"45ead4ca551e662c9800f1aca8283b0525e6abae30be4b4aba762fa40fd3d38e22abefc69794f6ebbbc05ddbb11216247d2f412fd0fba87c6e3acd888813646fd0e48e785204f9c3f73d6d8239562722dddd8771fec48b83a31ee6f592c4cfd4bc88174f3b13a112aae3b9f7b80e0fc6f7255ba880dc7d8021e22ad6a85f0755":0
-
-RSAES-OAEP Decryption Test Vector 1_5
-pkcs1_rsaes_oaep_decrypt:1024:16:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":16:"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"8da89fd9e5f974a29feffb462b49180f6cf9e802":"b318c42df3be0f83fea823f5a7b47ed5e425a3b5":"36f6e34d94a8d34daacba33a2139d00ad85a9345a86051e73071620056b920e219005855a213a0f23897cdcd731b45257c777fe908202befdd0b58386b1244ea0cf539a05d5d10329da44e13030fd760dcd644cfef2094d1910d3f433e1c7c6dd18bc1f2df7f643d662fb9dd37ead9059190f4fa66ca39e869c4eb449cbdc439":0
-
-RSAES-OAEP Decryption Test Vector 1_6
-pkcs1_rsaes_oaep_decrypt:1024:16:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":16:"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":16:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":16:"010001":MBEDTLS_MD_SHA1:"26521050844271":"e4ec0982c2336f3a677f6a356174eb0ce887abc2":"42cee2617b1ecea4db3f4829386fbd61dafbf038e180d837c96366df24c097b4ab0fac6bdf590d821c9f10642e681ad05b8d78b378c0f46ce2fad63f74e0ad3df06b075d7eb5f5636f8d403b9059ca761b5c62bb52aa45002ea70baace08ded243b9d8cbd62a68ade265832b56564e43a6fa42ed199a099769742df1539e8255":0
-
-RSAES-OAEP Decryption Test Vector 2_1
-pkcs1_rsaes_oaep_decrypt:1025:16:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":16:"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"8ff00caa605c702830634d9a6c3d42c652b58cf1d92fec570beee7":"8c407b5ec2899e5099c53e8ce793bf94e71b1782":"0181af8922b9fcb4d79d92ebe19815992fc0c1439d8bcd491398a0f4ad3a329a5bd9385560db532683c8b7da04e4b12aed6aacdf471c34c9cda891addcc2df3456653aa6382e9ae59b54455257eb099d562bbe10453f2b6d13c59c02e10f1f8abb5da0d0570932dacf2d0901db729d0fefcc054e70968ea540c81b04bcaefe720e":0
-
-RSAES-OAEP Decryption Test Vector 2_2
-pkcs1_rsaes_oaep_decrypt:1025:16:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":16:"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"2d":"b600cf3c2e506d7f16778c910d3a8b003eee61d5":"018759ff1df63b2792410562314416a8aeaf2ac634b46f940ab82d64dbf165eee33011da749d4bab6e2fcd18129c9e49277d8453112b429a222a8471b070993998e758861c4d3f6d749d91c4290d332c7a4ab3f7ea35ff3a07d497c955ff0ffc95006b62c6d296810d9bfab024196c7934012c2df978ef299aba239940cba10245":0
-
-RSAES-OAEP Decryption Test Vector 2_3
-pkcs1_rsaes_oaep_decrypt:1025:16:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":16:"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"74fc88c51bc90f77af9d5e9a4a70133d4b4e0b34da3c37c7ef8e":"a73768aeeaa91f9d8c1ed6f9d2b63467f07ccae3":"018802bab04c60325e81c4962311f2be7c2adce93041a00719c88f957575f2c79f1b7bc8ced115c706b311c08a2d986ca3b6a9336b147c29c6f229409ddec651bd1fdd5a0b7f610c9937fdb4a3a762364b8b3206b4ea485fd098d08f63d4aa8bb2697d027b750c32d7f74eaf5180d2e9b66b17cb2fa55523bc280da10d14be2053":0
-
-RSAES-OAEP Decryption Test Vector 2_4
-pkcs1_rsaes_oaep_decrypt:1025:16:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":16:"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"a7eb2a5036931d27d4e891326d99692ffadda9bf7efd3e34e622c4adc085f721dfe885072c78a203b151739be540fa8c153a10f00a":"9a7b3b0e708bd96f8190ecab4fb9b2b3805a8156":"00a4578cbc176318a638fba7d01df15746af44d4f6cd96d7e7c495cbf425b09c649d32bf886da48fbaf989a2117187cafb1fb580317690e3ccd446920b7af82b31db5804d87d01514acbfa9156e782f867f6bed9449e0e9a2c09bcecc6aa087636965e34b3ec766f2fe2e43018a2fddeb140616a0e9d82e5331024ee0652fc7641":0
-
-RSAES-OAEP Decryption Test Vector 2_5
-pkcs1_rsaes_oaep_decrypt:1025:16:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":16:"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"2ef2b066f854c33f3bdcbb5994a435e73d6c6c":"eb3cebbc4adc16bb48e88c8aec0e34af7f427fd3":"00ebc5f5fda77cfdad3c83641a9025e77d72d8a6fb33a810f5950f8d74c73e8d931e8634d86ab1246256ae07b6005b71b7f2fb98351218331ce69b8ffbdc9da08bbc9c704f876deb9df9fc2ec065cad87f9090b07acc17aa7f997b27aca48806e897f771d95141fe4526d8a5301b678627efab707fd40fbebd6e792a25613e7aec":0
-
-RSAES-OAEP Decryption Test Vector 2_6
-pkcs1_rsaes_oaep_decrypt:1025:16:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":16:"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":16:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":16:"010001":MBEDTLS_MD_SHA1:"8a7fb344c8b6cb2cf2ef1f643f9a3218f6e19bba89c0":"4c45cf4d57c98e3d6d2095adc51c489eb50dff84":"010839ec20c27b9052e55befb9b77e6fc26e9075d7a54378c646abdf51e445bd5715de81789f56f1803d9170764a9e93cb78798694023ee7393ce04bc5d8f8c5a52c171d43837e3aca62f609eb0aa5ffb0960ef04198dd754f57f7fbe6abf765cf118b4ca443b23b5aab266f952326ac4581100644325f8b721acd5d04ff14ef3a":0
-
-RSAES-OAEP Decryption Example 3_1
-pkcs1_rsaes_oaep_decrypt:1026:16:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":16:"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"087820b569e8fa8d":"8ced6b196290805790e909074015e6a20b0c4894":"026a0485d96aebd96b4382085099b962e6a2bdec3d90c8db625e14372de85e2d5b7baab65c8faf91bb5504fb495afce5c988b3f6a52e20e1d6cbd3566c5cd1f2b8318bb542cc0ea25c4aab9932afa20760eaddec784396a07ea0ef24d4e6f4d37e5052a7a31e146aa480a111bbe926401307e00f410033842b6d82fe5ce4dfae80":0
-
-RSAES-OAEP Decryption Example 3_2
-pkcs1_rsaes_oaep_decrypt:1026:16:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":16:"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"4653acaf171960b01f52a7be63a3ab21dc368ec43b50d82ec3781e04":"b4291d6567550848cc156967c809baab6ca507f0":"024db89c7802989be0783847863084941bf209d761987e38f97cb5f6f1bc88da72a50b73ebaf11c879c4f95df37b850b8f65d7622e25b1b889e80fe80baca2069d6e0e1d829953fc459069de98ea9798b451e557e99abf8fe3d9ccf9096ebbf3e5255d3b4e1c6d2ecadf067a359eea86405acd47d5e165517ccafd47d6dbee4bf5":0
-
-RSAES-OAEP Decryption Example 3_3
-pkcs1_rsaes_oaep_decrypt:1026:16:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":16:"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"d94cd0e08fa404ed89":"ce8928f6059558254008badd9794fadcd2fd1f65":"0239bce681032441528877d6d1c8bb28aa3bc97f1df584563618995797683844ca86664732f4bed7a0aab083aaabfb7238f582e30958c2024e44e57043b97950fd543da977c90cdde5337d618442f99e60d7783ab59ce6dd9d69c47ad1e962bec22d05895cff8d3f64ed5261d92b2678510393484990ba3f7f06818ae6ffce8a3a":0
-
-RSAES-OAEP Decryption Example 3_4
-pkcs1_rsaes_oaep_decrypt:1026:16:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":16:"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"6cc641b6b61e6f963974dad23a9013284ef1":"6e2979f52d6814a57d83b090054888f119a5b9a3":"02994c62afd76f498ba1fd2cf642857fca81f4373cb08f1cbaee6f025c3b512b42c3e8779113476648039dbe0493f9246292fac28950600e7c0f32edf9c81b9dec45c3bde0cc8d8847590169907b7dc5991ceb29bb0714d613d96df0f12ec5d8d3507c8ee7ae78dd83f216fa61de100363aca48a7e914ae9f42ddfbe943b09d9a0":0
-
-RSAES-OAEP Decryption Example 3_5
-pkcs1_rsaes_oaep_decrypt:1026:16:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":16:"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"df5151832b61f4f25891fb4172f328d2eddf8371ffcfdbe997939295f30eca6918017cfda1153bf7a6af87593223":"2d760bfe38c59de34cdc8b8c78a38e66284a2d27":"0162042ff6969592a6167031811a239834ce638abf54fec8b99478122afe2ee67f8c5b18b0339805bfdbc5a4e6720b37c59cfba942464c597ff532a119821545fd2e59b114e61daf71820529f5029cf524954327c34ec5e6f5ba7efcc4de943ab8ad4ed787b1454329f70db798a3a8f4d92f8274e2b2948ade627ce8ee33e43c60":0
-
-RSAES-OAEP Decryption Example 3_6
-pkcs1_rsaes_oaep_decrypt:1026:16:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":16:"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":16:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":16:"010001":MBEDTLS_MD_SHA1:"3c3bad893c544a6d520ab022319188c8d504b7a788b850903b85972eaa18552e1134a7ad6098826254ff7ab672b3d8eb3158fac6d4cbaef1":"f174779c5fd3cfe007badcb7a36c9b55bfcfbf0e":"00112051e75d064943bc4478075e43482fd59cee0679de6893eec3a943daa490b9691c93dfc0464b6623b9f3dbd3e70083264f034b374f74164e1a00763725e574744ba0b9db83434f31df96f6e2a26f6d8eba348bd4686c2238ac07c37aac3785d1c7eea2f819fd91491798ed8e9cef5e43b781b0e0276e37c43ff9492d005730":0
-
-RSAES-OAEP Decryption Example 4_1
-pkcs1_rsaes_oaep_decrypt:1027:16:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":16:"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"4a86609534ee434a6cbca3f7e962e76d455e3264c19f605f6e5ff6137c65c56d7fb344cd52bc93374f3d166c9f0c6f9c506bad19330972d2":"1cac19ce993def55f98203f6852896c95ccca1f3":"04cce19614845e094152a3fe18e54e3330c44e5efbc64ae16886cb1869014cc5781b1f8f9e045384d0112a135ca0d12e9c88a8e4063416deaae3844f60d6e96fe155145f4525b9a34431ca3766180f70e15a5e5d8e8b1a516ff870609f13f896935ced188279a58ed13d07114277d75c6568607e0ab092fd803a223e4a8ee0b1a8":0
-
-RSAES-OAEP Decryption Example 4_2
-pkcs1_rsaes_oaep_decrypt:1027:16:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":16:"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"b0adc4f3fe11da59ce992773d9059943c03046497ee9d9f9a06df1166db46d98f58d27ec074c02eee6cbe2449c8b9fc5080c5c3f4433092512ec46aa793743c8":"f545d5897585e3db71aa0cb8da76c51d032ae963":"0097b698c6165645b303486fbf5a2a4479c0ee85889b541a6f0b858d6b6597b13b854eb4f839af03399a80d79bda6578c841f90d645715b280d37143992dd186c80b949b775cae97370e4ec97443136c6da484e970ffdb1323a20847821d3b18381de13bb49aaea66530c4a4b8271f3eae172cd366e07e6636f1019d2a28aed15e":0
-
-RSAES-OAEP Decryption Example 4_3
-pkcs1_rsaes_oaep_decrypt:1027:16:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":16:"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"bf6d42e701707b1d0206b0c8b45a1c72641ff12889219a82bdea965b5e79a96b0d0163ed9d578ec9ada20f2fbcf1ea3c4089d83419ba81b0c60f3606da99":"ad997feef730d6ea7be60d0dc52e72eacbfdd275":"0301f935e9c47abcb48acbbe09895d9f5971af14839da4ff95417ee453d1fd77319072bb7297e1b55d7561cd9d1bb24c1a9a37c619864308242804879d86ebd001dce5183975e1506989b70e5a83434154d5cbfd6a24787e60eb0c658d2ac193302d1192c6e622d4a12ad4b53923bca246df31c6395e37702c6a78ae081fb9d065":0
-
-RSAES-OAEP Decryption Example 4_4
-pkcs1_rsaes_oaep_decrypt:1027:16:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":16:"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"fb2ef112f5e766eb94019297934794f7be2f6fc1c58e":"136454df5730f73c807a7e40d8c1a312ac5b9dd3":"02d110ad30afb727beb691dd0cf17d0af1a1e7fa0cc040ec1a4ba26a42c59d0a796a2e22c8f357ccc98b6519aceb682e945e62cb734614a529407cd452bee3e44fece8423cc19e55548b8b994b849c7ecde4933e76037e1d0ce44275b08710c68e430130b929730ed77e09b015642c5593f04e4ffb9410798102a8e96ffdfe11e4":0
-
-RSAES-OAEP Decryption Example 4_5
-pkcs1_rsaes_oaep_decrypt:1027:16:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":16:"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"28ccd447bb9e85166dabb9e5b7d1adadc4b9d39f204e96d5e440ce9ad928bc1c2284":"bca8057f824b2ea257f2861407eef63d33208681":"00dbb8a7439d90efd919a377c54fae8fe11ec58c3b858362e23ad1b8a44310799066b99347aa525691d2adc58d9b06e34f288c170390c5f0e11c0aa3645959f18ee79e8f2be8d7ac5c23d061f18dd74b8c5f2a58fcb5eb0c54f99f01a83247568292536583340948d7a8c97c4acd1e98d1e29dc320e97a260532a8aa7a758a1ec2":0
-
-RSAES-OAEP Decryption Example 4_6
-pkcs1_rsaes_oaep_decrypt:1027:16:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":16:"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":16:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":16:"010001":MBEDTLS_MD_SHA1:"f22242751ec6b1":"2e7e1e17f647b5ddd033e15472f90f6812f3ac4e":"00a5ffa4768c8bbecaee2db77e8f2eec99595933545520835e5ba7db9493d3e17cddefe6a5f567624471908db4e2d83a0fbee60608fc84049503b2234a07dc83b27b22847ad8920ff42f674ef79b76280b00233d2b51b8cb2703a9d42bfbc8250c96ec32c051e57f1b4ba528db89c37e4c54e27e6e64ac69635ae887d9541619a9":0
-
-RSAES-OAEP Decryption Example 5_1
-pkcs1_rsaes_oaep_decrypt:1028:16:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":16:"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"af71a901e3a61d3132f0fc1fdb474f9ea6579257ffc24d164170145b3dbde8":"44c92e283f77b9499c603d963660c87d2f939461":"036046a4a47d9ed3ba9a89139c105038eb7492b05a5d68bfd53accff4597f7a68651b47b4a4627d927e485eed7b4566420e8b409879e5d606eae251d22a5df799f7920bfc117b992572a53b1263146bcea03385cc5e853c9a101c8c3e1bda31a519807496c6cb5e5efb408823a352b8fa0661fb664efadd593deb99fff5ed000e5":0
-
-RSAES-OAEP Decryption Example 5_2
-pkcs1_rsaes_oaep_decrypt:1028:16:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":16:"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"a3b844a08239a8ac41605af17a6cfda4d350136585903a417a79268760519a4b4ac3303ec73f0f87cfb32399":"cb28f5860659fceee49c3eeafce625a70803bd32":"03d6eb654edce615bc59f455265ed4e5a18223cbb9be4e4069b473804d5de96f54dcaaa603d049c5d94aa1470dfcd2254066b7c7b61ff1f6f6770e3215c51399fd4e34ec5082bc48f089840ad04354ae66dc0f1bd18e461a33cc1258b443a2837a6df26759aa2302334986f87380c9cc9d53be9f99605d2c9a97da7b0915a4a7ad":0
-
-RSAES-OAEP Decryption Example 5_3
-pkcs1_rsaes_oaep_decrypt:1028:16:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":16:"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"308b0ecbd2c76cb77fc6f70c5edd233fd2f20929d629f026953bb62a8f4a3a314bde195de85b5f816da2aab074d26cb6acddf323ae3b9c678ac3cf12fbdde7":"2285f40d770482f9a9efa2c72cb3ac55716dc0ca":"0770952181649f9f9f07ff626ff3a22c35c462443d905d456a9fd0bff43cac2ca7a9f554e9478b9acc3ac838b02040ffd3e1847de2e4253929f9dd9ee4044325a9b05cabb808b2ee840d34e15d105a3f1f7b27695a1a07a2d73fe08ecaaa3c9c9d4d5a89ff890d54727d7ae40c0ec1a8dd86165d8ee2c6368141016a48b55b6967":0
-
-RSAES-OAEP Decryption Example 5_4
-pkcs1_rsaes_oaep_decrypt:1028:16:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":16:"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"15c5b9ee1185":"49fa45d3a78dd10dfd577399d1eb00af7eed5513":"0812b76768ebcb642d040258e5f4441a018521bd96687e6c5e899fcd6c17588ff59a82cc8ae03a4b45b31299af1788c329f7dcd285f8cf4ced82606b97612671a45bedca133442144d1617d114f802857f0f9d739751c57a3f9ee400912c61e2e6992be031a43dd48fa6ba14eef7c422b5edc4e7afa04fdd38f402d1c8bb719abf":0
-
-RSAES-OAEP Decryption Example 5_5
-pkcs1_rsaes_oaep_decrypt:1028:16:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":16:"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"21026e6800c7fa728fcaaba0d196ae28d7a2ac4ffd8abce794f0985f60c8a6737277365d3fea11db8923a2029a":"f0287413234cc5034724a094c4586b87aff133fc":"07b60e14ec954bfd29e60d0047e789f51d57186c63589903306793ced3f68241c743529aba6a6374f92e19e0163efa33697e196f7661dfaaa47aac6bde5e51deb507c72c589a2ca1693d96b1460381249b2cdb9eac44769f2489c5d3d2f99f0ee3c7ee5bf64a5ac79c42bd433f149be8cb59548361640595513c97af7bc2509723":0
-
-RSAES-OAEP Decryption Example 5_6
-pkcs1_rsaes_oaep_decrypt:1028:16:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":16:"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":16:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":16:"010001":MBEDTLS_MD_SHA1:"541e37b68b6c8872b84c02":"d9fba45c96f21e6e26d29eb2cdcb6585be9cb341":"08c36d4dda33423b2ed6830d85f6411ba1dcf470a1fae0ebefee7c089f256cef74cb96ea69c38f60f39abee44129bcb4c92de7f797623b20074e3d9c2899701ed9071e1efa0bdd84d4c3e5130302d8f0240baba4b84a71cc032f2235a5ff0fae277c3e8f9112bef44c9ae20d175fc9a4058bfc930ba31b02e2e4f444483710f24a":0
-
-RSAES-OAEP Decryption Example 6_1
-pkcs1_rsaes_oaep_decrypt:1029:16:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":16:"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"4046ca8baa3347ca27f49e0d81f9cc1d71be9ba517d4":"dd0f6cfe415e88e5a469a51fbba6dfd40adb4384":"0630eebcd2856c24f798806e41f9e67345eda9ceda386acc9facaea1eeed06ace583709718d9d169fadf414d5c76f92996833ef305b75b1e4b95f662a20faedc3bae0c4827a8bf8a88edbd57ec203a27a841f02e43a615bab1a8cac0701de34debdef62a088089b55ec36ea7522fd3ec8d06b6a073e6df833153bc0aefd93bd1a3":0
-
-RSAES-OAEP Decryption Example 6_2
-pkcs1_rsaes_oaep_decrypt:1029:16:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":16:"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"5cc72c60231df03b3d40f9b57931bc31109f972527f28b19e7480c7288cb3c92b22512214e4be6c914792ddabdf57faa8aa7":"8d14bd946a1351148f5cae2ed9a0c653e85ebd85":"0ebc37376173a4fd2f89cc55c2ca62b26b11d51c3c7ce49e8845f74e7607317c436bc8d23b9667dfeb9d087234b47bc6837175ae5c0559f6b81d7d22416d3e50f4ac533d8f0812f2db9e791fe9c775ac8b6ad0f535ad9ceb23a4a02014c58ab3f8d3161499a260f39348e714ae2a1d3443208fd8b722ccfdfb393e98011f99e63f":0
-
-RSAES-OAEP Decryption Example 6_3
-pkcs1_rsaes_oaep_decrypt:1029:16:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":16:"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"b20e651303092f4bccb43070c0f86d23049362ed96642fc5632c27db4a52e3d831f2ab068b23b149879c002f6bf3feee97591112562c":"6c075bc45520f165c0bf5ea4c5df191bc9ef0e44":"0a98bf1093619394436cf68d8f38e2f158fde8ea54f3435f239b8d06b8321844202476aeed96009492480ce3a8d705498c4c8c68f01501dc81db608f60087350c8c3b0bd2e9ef6a81458b7c801b89f2e4fe99d4900ba6a4b5e5a96d865dc676c7755928794130d6280a8160a190f2df3ea7cf9aa0271d88e9e6905ecf1c5152d65":0
-
-RSAES-OAEP Decryption Example 6_4
-pkcs1_rsaes_oaep_decrypt:1029:16:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":16:"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"684e3038c5c041f7":"3bbc3bd6637dfe12846901029bf5b0c07103439c":"008e7a67cacfb5c4e24bec7dee149117f19598ce8c45808fef88c608ff9cd6e695263b9a3c0ad4b8ba4c95238e96a8422b8535629c8d5382374479ad13fa39974b242f9a759eeaf9c83ad5a8ca18940a0162ba755876df263f4bd50c6525c56090267c1f0e09ce0899a0cf359e88120abd9bf893445b3cae77d3607359ae9a52f8":0
-
-RSAES-OAEP Decryption Example 6_5
-pkcs1_rsaes_oaep_decrypt:1029:16:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":16:"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"32488cb262d041d6e4dd35f987bf3ca696db1f06ac29a44693":"b46b41893e8bef326f6759383a83071dae7fcabc":"00003474416c7b68bdf961c385737944d7f1f40cb395343c693cc0b4fe63b31fedf1eaeeac9ccc0678b31dc32e0977489514c4f09085f6298a9653f01aea4045ff582ee887be26ae575b73eef7f3774921e375a3d19adda0ca31aa1849887c1f42cac9677f7a2f4e923f6e5a868b38c084ef187594dc9f7f048fea2e02955384ab":0
-
-RSAES-OAEP Decryption Example 6_6
-pkcs1_rsaes_oaep_decrypt:1029:16:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":16:"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":16:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":16:"010001":MBEDTLS_MD_SHA1:"50ba14be8462720279c306ba":"0a2403312a41e3d52f060fbc13a67de5cf7609a7":"0a026dda5fc8785f7bd9bf75327b63e85e2c0fdee5dadb65ebdcac9ae1de95c92c672ab433aa7a8e69ce6a6d8897fac4ac4a54de841ae5e5bbce7687879d79634cea7a30684065c714d52409b928256bbf53eabcd5231eb7259504537399bd29164b726d33a46da701360a4168a091ccab72d44a62fed246c0ffea5b1348ab5470":0
-
-RSAES-OAEP Decryption Example 7_1
-pkcs1_rsaes_oaep_decrypt:1030:16:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":16:"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"47aae909":"43dd09a07ff4cac71caa4632ee5e1c1daee4cd8f":"1688e4ce7794bba6cb7014169ecd559cede2a30b56a52b68d9fe18cf1973ef97b2a03153951c755f6294aa49adbdb55845ab6875fb3986c93ecf927962840d282f9e54ce8b690f7c0cb8bbd73440d9571d1b16cd9260f9eab4783cc482e5223dc60973871783ec27b0ae0fd47732cbc286a173fc92b00fb4ba6824647cd93c85c1":0
-
-RSAES-OAEP Decryption Example 7_2
-pkcs1_rsaes_oaep_decrypt:1030:16:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":16:"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"1d9b2e2223d9bc13bfb9f162ce735db48ba7c68f6822a0a1a7b6ae165834e7":"3a9c3cec7b84f9bd3adecbc673ec99d54b22bc9b":"1052ed397b2e01e1d0ee1c50bf24363f95e504f4a03434a08fd822574ed6b9736edbb5f390db10321479a8a139350e2bd4977c3778ef331f3e78ae118b268451f20a2f01d471f5d53c566937171b2dbc2d4bde459a5799f0372d6574239b2323d245d0bb81c286b63c89a361017337e4902f88a467f4c7f244bfd5ab46437ff3b6":0
-
-RSAES-OAEP Decryption Example 7_3
-pkcs1_rsaes_oaep_decrypt:1030:16:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":16:"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"d976fc":"76a75e5b6157a556cf8884bb2e45c293dd545cf5":"2155cd843ff24a4ee8badb7694260028a490813ba8b369a4cbf106ec148e5298707f5965be7d101c1049ea8584c24cd63455ad9c104d686282d3fb803a4c11c1c2e9b91c7178801d1b6640f003f5728df007b8a4ccc92bce05e41a27278d7c85018c52414313a5077789001d4f01910b72aad05d220aa14a58733a7489bc54556b":0
-
-RSAES-OAEP Decryption Example 7_4
-pkcs1_rsaes_oaep_decrypt:1030:16:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":16:"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"d4738623df223aa43843df8467534c41d013e0c803c624e263666b239bde40a5f29aeb8de79e3daa61dd0370f49bd4b013834b98212aef6b1c5ee373b3cb":"7866314a6ad6f2b250a35941db28f5864b585859":"0ab14c373aeb7d4328d0aaad8c094d88b9eb098b95f21054a29082522be7c27a312878b637917e3d819e6c3c568db5d843802b06d51d9e98a2be0bf40c031423b00edfbff8320efb9171bd2044653a4cb9c5122f6c65e83cda2ec3c126027a9c1a56ba874d0fea23f380b82cf240b8cf540004758c4c77d934157a74f3fc12bfac":0
-
-RSAES-OAEP Decryption Example 7_5
-pkcs1_rsaes_oaep_decrypt:1030:16:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":16:"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"bb47231ca5ea1d3ad46c99345d9a8a61":"b2166ed472d58db10cab2c6b000cccf10a7dc509":"028387a318277434798b4d97f460068df5298faba5041ba11761a1cb7316b24184114ec500257e2589ed3b607a1ebbe97a6cc2e02bf1b681f42312a33b7a77d8e7855c4a6de03e3c04643f786b91a264a0d6805e2cea91e68177eb7a64d9255e4f27e713b7ccec00dc200ebd21c2ea2bb890feae4942df941dc3f97890ed347478":0
-
-RSAES-OAEP Decryption Example 7_6
-pkcs1_rsaes_oaep_decrypt:1030:16:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":16:"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":16:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":16:"010001":MBEDTLS_MD_SHA1:"2184827095d35c3f86f600e8e59754013296":"52673bde2ca166c2aa46131ac1dc808d67d7d3b1":"14c678a94ad60525ef39e959b2f3ba5c097a94ff912b67dbace80535c187abd47d075420b1872152bba08f7fc31f313bbf9273c912fc4c0149a9b0cfb79807e346eb332069611bec0ff9bcd168f1f7c33e77313cea454b94e2549eecf002e2acf7f6f2d2845d4fe0aab2e5a92ddf68c480ae11247935d1f62574842216ae674115":0
-
-RSAES-OAEP Decryption Example 8_1
-pkcs1_rsaes_oaep_decrypt:1031:16:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":16:"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"050b755e5e6880f7b9e9d692a74c37aae449b31bfea6deff83747a897f6c2c825bb1adbf850a3c96994b5de5b33cbc7d4a17913a7967":"7706ffca1ecfb1ebee2a55e5c6e24cd2797a4125":"09b3683d8a2eb0fb295b62ed1fb9290b714457b7825319f4647872af889b30409472020ad12912bf19b11d4819f49614824ffd84d09c0a17e7d17309d12919790410aa2995699f6a86dbe3242b5acc23af45691080d6b1ae810fb3e3057087f0970092ce00be9562ff4053b6262ce0caa93e13723d2e3a5ba075d45f0d61b54b61":0
-
-RSAES-OAEP Decryption Example 8_2
-pkcs1_rsaes_oaep_decrypt:1031:16:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":16:"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"4eb68dcd93ca9b19df111bd43608f557026fe4aa1d5cfac227a3eb5ab9548c18a06dded23f81825986b2fcd71109ecef7eff88873f075c2aa0c469f69c92bc":"a3717da143b4dcffbc742665a8fa950585548343":"2ecf15c97c5a15b1476ae986b371b57a24284f4a162a8d0c8182e7905e792256f1812ba5f83f1f7a130e42dcc02232844edc14a31a68ee97ae564a383a3411656424c5f62ddb646093c367be1fcda426cf00a06d8acb7e57776fbbd855ac3df506fc16b1d7c3f2110f3d8068e91e186363831c8409680d8da9ecd8cf1fa20ee39d":0
-
-RSAES-OAEP Decryption Example 8_3
-pkcs1_rsaes_oaep_decrypt:1031:16:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":16:"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"8604ac56328c1ab5ad917861":"ee06209073cca026bb264e5185bf8c68b7739f86":"4bc89130a5b2dabb7c2fcf90eb5d0eaf9e681b7146a38f3173a3d9cfec52ea9e0a41932e648a9d69344c50da763f51a03c95762131e8052254dcd2248cba40fd31667786ce05a2b7b531ac9dac9ed584a59b677c1a8aed8c5d15d68c05569e2be780bf7db638fd2bfd2a85ab276860f3777338fca989ffd743d13ee08e0ca9893f":0
-
-RSAES-OAEP Decryption Example 8_4
-pkcs1_rsaes_oaep_decrypt:1031:16:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":16:"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"fdda5fbf6ec361a9d9a4ac68af216a0686f438b1e0e5c36b955f74e107f39c0dddcc":"990ad573dc48a973235b6d82543618f2e955105d":"2e456847d8fc36ff0147d6993594b9397227d577752c79d0f904fcb039d4d812fea605a7b574dd82ca786f93752348438ee9f5b5454985d5f0e1699e3e7ad175a32e15f03deb042ab9fe1dd9db1bb86f8c089ccb45e7ef0c5ee7ca9b7290ca6b15bed47039788a8a93ff83e0e8d6244c71006362deef69b6f416fb3c684383fbd0":0
-
-RSAES-OAEP Decryption Example 8_5
-pkcs1_rsaes_oaep_decrypt:1031:16:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":16:"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"4a5f4914bee25de3c69341de07":"ecc63b28f0756f22f52ac8e6ec1251a6ec304718":"1fb9356fd5c4b1796db2ebf7d0d393cc810adf6145defc2fce714f79d93800d5e2ac211ea8bbecca4b654b94c3b18b30dd576ce34dc95436ef57a09415645923359a5d7b4171ef22c24670f1b229d3603e91f76671b7df97e7317c97734476d5f3d17d21cf82b5ba9f83df2e588d36984fd1b584468bd23b2e875f32f68953f7b2":0
-
-RSAES-OAEP Decryption Example 8_6
-pkcs1_rsaes_oaep_decrypt:1031:16:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":16:"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":16:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":16:"010001":MBEDTLS_MD_SHA1:"8e07d66f7b880a72563abcd3f35092bc33409fb7f88f2472be":"3925c71b362d40a0a6de42145579ba1e7dd459fc":"3afd9c6600147b21798d818c655a0f4c9212db26d0b0dfdc2a7594ccb3d22f5bf1d7c3e112cd73fc7d509c7a8bafdd3c274d1399009f9609ec4be6477e453f075aa33db382870c1c3409aef392d7386ae3a696b99a94b4da0589447e955d16c98b17602a59bd736279fcd8fb280c4462d590bfa9bf13fed570eafde97330a2c210":0
-
-RSAES-OAEP Decryption Example 9_1
-pkcs1_rsaes_oaep_decrypt:1536:16:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":16:"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"f735fd55ba92592c3b52b8f9c4f69aaa1cbef8fe88add095595412467f9cf4ec0b896c59eda16210e7549c8abb10cdbc21a12ec9b6b5b8fd2f10399eb6":"8ec965f134a3ec9931e92a1ca0dc8169d5ea705c":"267bcd118acab1fc8ba81c85d73003cb8610fa55c1d97da8d48a7c7f06896a4db751aa284255b9d36ad65f37653d829f1b37f97b8001942545b2fc2c55a7376ca7a1be4b1760c8e05a33e5aa2526b8d98e317088e7834c755b2a59b12631a182c05d5d43ab1779264f8456f515ce57dfdf512d5493dab7b7338dc4b7d78db9c091ac3baf537a69fc7f549d979f0eff9a94fda4169bd4d1d19a69c99e33c3b55490d501b39b1edae118ff6793a153261584d3a5f39f6e682e3d17c8cd1261fa72":0
-
-RSAES-OAEP Decryption Example 9_2
-pkcs1_rsaes_oaep_decrypt:1536:16:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":16:"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"81b906605015a63aabe42ddf11e1978912f5404c7474b26dce3ed482bf961ecc818bf420c54659":"ecb1b8b25fa50cdab08e56042867f4af5826d16c":"93ac9f0671ec29acbb444effc1a5741351d60fdb0e393fbf754acf0de49761a14841df7772e9bc82773966a1584c4d72baea00118f83f35cca6e537cbd4d811f5583b29783d8a6d94cd31be70d6f526c10ff09c6fa7ce069795a3fcd0511fd5fcb564bcc80ea9c78f38b80012539d8a4ddf6fe81e9cddb7f50dbbbbcc7e5d86097ccf4ec49189fb8bf318be6d5a0715d516b49af191258cd32dc833ce6eb4673c03a19bbace88cc54895f636cc0c1ec89096d11ce235a265ca1764232a689ae8":0
-
-RSAES-OAEP Decryption Example 9_3
-pkcs1_rsaes_oaep_decrypt:1536:16:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":16:"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"fd326429df9b890e09b54b18b8f34f1e24":"e89bb032c6ce622cbdb53bc9466014ea77f777c0":"81ebdd95054b0c822ef9ad7693f5a87adfb4b4c4ce70df2df84ed49c04da58ba5fc20a19e1a6e8b7a3900b22796dc4e869ee6b42792d15a8eceb56c09c69914e813cea8f6931e4b8ed6f421af298d595c97f4789c7caa612c7ef360984c21b93edc5401068b5af4c78a8771b984d53b8ea8adf2f6a7d4a0ba76c75e1dd9f658f20ded4a46071d46d7791b56803d8fea7f0b0f8e41ae3f09383a6f9585fe7753eaaffd2bf94563108beecc207bbb535f5fcc705f0dde9f708c62f49a9c90371d3":0
-
-RSAES-OAEP Decryption Example 9_4
-pkcs1_rsaes_oaep_decrypt:1536:16:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":16:"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"f1459b5f0c92f01a0f723a2e5662484d8f8c0a20fc29dad6acd43bb5f3effdf4e1b63e07fdfe6628d0d74ca19bf2d69e4a0abf86d293925a796772f8088e":"606f3b99c0b9ccd771eaa29ea0e4c884f3189ccc":"bcc35f94cde66cb1136625d625b94432a35b22f3d2fa11a613ff0fca5bd57f87b902ccdc1cd0aebcb0715ee869d1d1fe395f6793003f5eca465059c88660d446ff5f0818552022557e38c08a67ead991262254f10682975ec56397768537f4977af6d5f6aaceb7fb25dec5937230231fd8978af49119a29f29e424ab8272b47562792d5c94f774b8829d0b0d9f1a8c9eddf37574d5fa248eefa9c5271fc5ec2579c81bdd61b410fa61fe36e424221c113addb275664c801d34ca8c6351e4a858":0
-
-RSAES-OAEP Decryption Example 9_5
-pkcs1_rsaes_oaep_decrypt:1536:16:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":16:"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"53e6e8c729d6f9c319dd317e74b0db8e4ccca25f3c8305746e137ac63a63ef3739e7b595abb96e8d55e54f7bd41ab433378ffb911d":"fcbc421402e9ecabc6082afa40ba5f26522c840e":"232afbc927fa08c2f6a27b87d4a5cb09c07dc26fae73d73a90558839f4fd66d281b87ec734bce237ba166698ed829106a7de6942cd6cdce78fed8d2e4d81428e66490d036264cef92af941d3e35055fe3981e14d29cbb9a4f67473063baec79a1179f5a17c9c1832f2838fd7d5e59bb9659d56dce8a019edef1bb3accc697cc6cc7a778f60a064c7f6f5d529c6210262e003de583e81e3167b89971fb8c0e15d44fffef89b53d8d64dd797d159b56d2b08ea5307ea12c241bd58d4ee278a1f2e":0
-
-RSAES-OAEP Decryption Example 9_6
-pkcs1_rsaes_oaep_decrypt:1536:16:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":16:"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":16:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":16:"010001":MBEDTLS_MD_SHA1:"b6b28ea2198d0c1008bc64":"23aade0e1e08bb9b9a78d2302a52f9c21b2e1ba2":"438cc7dc08a68da249e42505f8573ba60e2c2773d5b290f4cf9dff718e842081c383e67024a0f29594ea987b9d25e4b738f285970d195abb3a8c8054e3d79d6b9c9a8327ba596f1259e27126674766907d8d582ff3a8476154929adb1e6d1235b2ccb4ec8f663ba9cc670a92bebd853c8dbf69c6436d016f61add836e94732450434207f9fd4c43dec2a12a958efa01efe2669899b5e604c255c55fb7166de5589e369597bb09168c06dd5db177e06a1740eb2d5c82faeca6d92fcee9931ba9f":0
-
-RSAES-OAEP Decryption Example 10_1
-pkcs1_rsaes_oaep_decrypt:2048:16:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":16:"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"8bba6bf82a6c0f86d5f1756e97956870b08953b06b4eb205bc1694ee":"47e1ab7119fee56c95ee5eaad86f40d0aa63bd33":"53ea5dc08cd260fb3b858567287fa91552c30b2febfba213f0ae87702d068d19bab07fe574523dfb42139d68c3c5afeee0bfe4cb7969cbf382b804d6e61396144e2d0e60741f8993c3014b58b9b1957a8babcd23af854f4c356fb1662aa72bfcc7e586559dc4280d160c126785a723ebeebeff71f11594440aaef87d10793a8774a239d4a04c87fe1467b9daf85208ec6c7255794a96cc29142f9a8bd418e3c1fd67344b0cd0829df3b2bec60253196293c6b34d3f75d32f213dd45c6273d505adf4cced1057cb758fc26aeefa441255ed4e64c199ee075e7f16646182fdb464739b68ab5daff0e63e9552016824f054bf4d3c8c90a97bb6b6553284eb429fcc":0
-
-RSAES-OAEP Decryption Example 10_2
-pkcs1_rsaes_oaep_decrypt:2048:16:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":16:"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"e6ad181f053b58a904f2457510373e57":"6d17f5b4c1ffac351d195bf7b09d09f09a4079cf":"a2b1a430a9d657e2fa1c2bb5ed43ffb25c05a308fe9093c01031795f5874400110828ae58fb9b581ce9dddd3e549ae04a0985459bde6c626594e7b05dc4278b2a1465c1368408823c85e96dc66c3a30983c639664fc4569a37fe21e5a195b5776eed2df8d8d361af686e750229bbd663f161868a50615e0c337bec0ca35fec0bb19c36eb2e0bbcc0582fa1d93aacdb061063f59f2ce1ee43605e5d89eca183d2acdfe9f81011022ad3b43a3dd417dac94b4e11ea81b192966e966b182082e71964607b4f8002f36299844a11f2ae0faeac2eae70f8f4f98088acdcd0ac556e9fccc511521908fad26f04c64201450305778758b0538bf8b5bb144a828e629795":0
-
-RSAES-OAEP Decryption Example 10_3
-pkcs1_rsaes_oaep_decrypt:2048:16:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":16:"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"510a2cf60e866fa2340553c94ea39fbc256311e83e94454b4124":"385387514deccc7c740dd8cdf9daee49a1cbfd54":"9886c3e6764a8b9a84e84148ebd8c3b1aa8050381a78f668714c16d9cfd2a6edc56979c535d9dee3b44b85c18be8928992371711472216d95dda98d2ee8347c9b14dffdff84aa48d25ac06f7d7e65398ac967b1ce90925f67dce049b7f812db0742997a74d44fe81dbe0e7a3feaf2e5c40af888d550ddbbe3bc20657a29543f8fc2913b9bd1a61b2ab2256ec409bbd7dc0d17717ea25c43f42ed27df8738bf4afc6766ff7aff0859555ee283920f4c8a63c4a7340cbafddc339ecdb4b0515002f96c932b5b79167af699c0ad3fccfdf0f44e85a70262bf2e18fe34b850589975e867ff969d48eabf212271546cdc05a69ecb526e52870c836f307bd798780ede":0
-
-RSAES-OAEP Decryption Example 10_4
-pkcs1_rsaes_oaep_decrypt:2048:16:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":16:"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"bcdd190da3b7d300df9a06e22caae2a75f10c91ff667b7c16bde8b53064a2649a94045c9":"5caca6a0f764161a9684f85d92b6e0ef37ca8b65":"6318e9fb5c0d05e5307e1683436e903293ac4642358aaa223d7163013aba87e2dfda8e60c6860e29a1e92686163ea0b9175f329ca3b131a1edd3a77759a8b97bad6a4f8f4396f28cf6f39ca58112e48160d6e203daa5856f3aca5ffed577af499408e3dfd233e3e604dbe34a9c4c9082de65527cac6331d29dc80e0508a0fa7122e7f329f6cca5cfa34d4d1da417805457e008bec549e478ff9e12a763c477d15bbb78f5b69bd57830fc2c4ed686d79bc72a95d85f88134c6b0afe56a8ccfbc855828bb339bd17909cf1d70de3335ae07039093e606d655365de6550b872cd6de1d440ee031b61945f629ad8a353b0d40939e96a3c450d2a8d5eee9f678093c8":0
-
-RSAES-OAEP Decryption Example 10_5
-pkcs1_rsaes_oaep_decrypt:2048:16:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":16:"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"a7dd6c7dc24b46f9dd5f1e91ada4c3b3df947e877232a9":"95bca9e3859894b3dd869fa7ecd5bbc6401bf3e4":"75290872ccfd4a4505660d651f56da6daa09ca1301d890632f6a992f3d565cee464afded40ed3b5be9356714ea5aa7655f4a1366c2f17c728f6f2c5a5d1f8e28429bc4e6f8f2cff8da8dc0e0a9808e45fd09ea2fa40cb2b6ce6ffff5c0e159d11b68d90a85f7b84e103b09e682666480c657505c0929259468a314786d74eab131573cf234bf57db7d9e66cc6748192e002dc0deea930585f0831fdcd9bc33d51f79ed2ffc16bcf4d59812fcebcaa3f9069b0e445686d644c25ccf63b456ee5fa6ffe96f19cdf751fed9eaf35957754dbf4bfea5216aa1844dc507cb2d080e722eba150308c2b5ff1193620f1766ecf4481bafb943bd292877f2136ca494aba0":0
-
-RSAES-OAEP Decryption Example 10_6
-pkcs1_rsaes_oaep_decrypt:2048:16:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":16:"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"eaf1a73a1b0c4609537de69cd9228bbcfb9a8ca8c6c3efaf056fe4a7f4634ed00b7c39ec6922d7b8ea2c04ebac":"9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32":"2d207a73432a8fb4c03051b3f73b28a61764098dfa34c47a20995f8115aa6816679b557e82dbee584908c6e69782d7deb34dbd65af063d57fca76a5fd069492fd6068d9984d209350565a62e5c77f23038c12cb10c6634709b547c46f6b4a709bd85ca122d74465ef97762c29763e06dbc7a9e738c78bfca0102dc5e79d65b973f28240caab2e161a78b57d262457ed8195d53e3c7ae9da021883c6db7c24afdd2322eac972ad3c354c5fcef1e146c3a0290fb67adf007066e00428d2cec18ce58f9328698defef4b2eb5ec76918fde1c198cbb38b7afc67626a9aefec4322bfd90d2563481c9a221f78c8272c82d1b62ab914e1c69f6af6ef30ca5260db4a46":0
-
-RSAES-OAEP Decryption empty output with NULL buffer
-depends_on:MBEDTLS_SHA1_C
-pkcs1_rsaes_oaep_decrypt:2048:16:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":16:"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":16:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":16:"010001":MBEDTLS_MD_SHA1:"":"9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32":"32b75304e631e94d4b02819642c7ffa66116af504cb3c4687420cc4b7f069fc6cc3b1a254611995ce2914a9e88152d38bbf87ccedcad9b9890341284e56e802a1b1f8f6bd3d5c991bd92eb8a8ea0a1d8bae141088ff8dceaebdb73515cf06ce33baa37c53093f1d1edc3502818cc70edcfddb41646374beb5b4f67f7f773e43778d4d31012e5a207c474e762ac3251ea6ede9018ad6e8e9ea65a3528a62b694eb9d8becff220a7c6c70d33eaafa52cf67a8090f67b6f9c43c6fe0b0f2375cbb9e611c0fcfef5312feb5e53d4a89d3d7e06c966e0c92ab9e5838239f390bcfd918d94c224df8e8ccb57ee364389908b6a0e550133f7565016804fbd6cb338314a":0
-
-RSASSA-PSS Signing Test Vector Int
-pkcs1_rsassa_pss_sign:1024:16:"d17f655bf27c8b16d35462c905cc04a26f37e2a67fa9c0ce0dced472394a0df743fe7f929e378efdb368eddff453cf007af6d948e0ade757371f8a711e278f6b":16:"c6d92b6fee7414d1358ce1546fb62987530b90bd15e0f14963a5e2635adb69347ec0c01b2ab1763fd8ac1a592fb22757463a982425bb97a3a437c5bf86d03f2f":16:"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"8daa627d3de7595d63056c7ec659e54406f10610128baae821c8b2a0f3936d54dc3bdce46689f6b7951bb18e840542769718d5715d210d85efbb596192032c42be4c29972c856275eb6d5a45f05f51876fc6743deddd28caec9bb30ea99e02c3488269604fe497f74ccd7c7fca1671897123cbd30def5d54a2b5536ad90a747e":0
-
-RSASSA-PSS Verification Test Vector Int
-pkcs1_rsassa_pss_verify:1024:16:"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"8daa627d3de7595d63056c7ec659e54406f10610128baae821c8b2a0f3936d54dc3bdce46689f6b7951bb18e840542769718d5715d210d85efbb596192032c42be4c29972c856275eb6d5a45f05f51876fc6743deddd28caec9bb30ea99e02c3488269604fe497f74ccd7c7fca1671897123cbd30def5d54a2b5536ad90a747e":0
-
-RSASSA-PSS Signature RSA-1016, SHA-512: minimum salt size not met
-depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_sign:1016:16:"0e3cb6845e528229e19cfb24611e6859ac1cea7d35992b6e2e796823c52affa03400e42830f90697f084499c3e3587defc19e749e72433dd7b70c28b0c8280b7":16:"0c48f9e45ae38fdb4a5143be37d79a10cd4f1f9782ef26a4848a4449c72cfd712c68350818736385cb4a9ab6db5aef8e96c551039cfcc8915821aee069ed660d":16:"00aee7874a4db2f1510044405db29f14df0f37bbcf61fcbcc994a3d31caaf858a74cc8f2a40ac9a9ce7aa9a0680f62cf9d8d4b827114533fdbf86f16fc9dfe5cbf857d86135519a4611ffc59cb7473861619a78e3ec314715e804cff82d6f32e9f57ddf390563629883bd34f40e8db413209b151cee97d817a5d65c7da54734b":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSASSA-PSS Signature RSA-520, SHA-512: no possible salt size
-depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_sign:520:16:"0feea5f6220fac291b9508ec2ba8ed281eb39aee4d5dc693254106816ebc700ecf":16:"0d68918785c3aafe31eaaa2d8d8156dce645940ff7734a457337a51bd00bc88811":16:"00d5a06f86e5b9d87428540165ca966fa8893a62e2a59d0bfd7617780bb039f9165a373a8e119d0766f8de556710f33f67019153bad8223775e797d451d48206f3bf":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSASSA-PSS Signature RSA-528, SHA-512: zero salt size
-depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_sign:528:16:"00d272aa28ed2085ac6df3c05c6719eed5deb618afa2e4ca4a6f7330b430ad48672d":16:"00c578836bab27145db9dd66f17470b62d4a6100f8ca0dedf457ee3639c3b9596325":16:"00a2554eba715bf66e5ecdf3d6d718e3e5d907e8666e7bf5a76b415106e04eb827ec4cb2199cff66491d45419082059aa5b54b0cf5eef4443402f3047c0b0e6f025081":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSASSA-PSS Signature Example 1_1
-pkcs1_rsassa_pss_sign:1024:16:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":16:"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0":"dee959c7e06411361420ff80185ed57f3e6776af":"9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c":0
-
-RSASSA-PSS Signature Example 1_1 (verify)
-pkcs1_rsassa_pss_verify:1024:16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0":"dee959c7e06411361420ff80185ed57f3e6776af":"9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c":0
-
-RSASSA-PSS Signature Example 1_2
-pkcs1_rsassa_pss_sign:1024:16:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":16:"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"851384cdfe819c22ed6c4ccb30daeb5cf059bc8e1166b7e3530c4c233e2b5f8f71a1cca582d43ecc72b1bca16dfc7013226b9e":"ef2869fa40c346cb183dab3d7bffc98fd56df42d":"3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843":0
-
-RSASSA-PSS Signature Example 1_2 (verify)
-pkcs1_rsassa_pss_verify:1024:16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"851384cdfe819c22ed6c4ccb30daeb5cf059bc8e1166b7e3530c4c233e2b5f8f71a1cca582d43ecc72b1bca16dfc7013226b9e":"ef2869fa40c346cb183dab3d7bffc98fd56df42d":"3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843":0
-
-RSASSA-PSS Signature Example 1_3
-pkcs1_rsassa_pss_sign:1024:16:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":16:"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a4b159941761c40c6a82f2b80d1b94f5aa2654fd17e12d588864679b54cd04ef8bd03012be8dc37f4b83af7963faff0dfa225477437c48017ff2be8191cf3955fc07356eab3f322f7f620e21d254e5db4324279fe067e0910e2e81ca2cab31c745e67a54058eb50d993cdb9ed0b4d029c06d21a94ca661c3ce27fae1d6cb20f4564d66ce4767583d0e5f060215b59017be85ea848939127bd8c9c4d47b51056c031cf336f17c9980f3b8f5b9b6878e8b797aa43b882684333e17893fe9caa6aa299f7ed1a18ee2c54864b7b2b99b72618fb02574d139ef50f019c9eef416971338e7d470":"710b9c4747d800d4de87f12afdce6df18107cc77":"666026fba71bd3e7cf13157cc2c51a8e4aa684af9778f91849f34335d141c00154c4197621f9624a675b5abc22ee7d5baaffaae1c9baca2cc373b3f33e78e6143c395a91aa7faca664eb733afd14d8827259d99a7550faca501ef2b04e33c23aa51f4b9e8282efdb728cc0ab09405a91607c6369961bc8270d2d4f39fce612b1":0
-
-RSASSA-PSS Signature Example 1_3 (verify)
-pkcs1_rsassa_pss_verify:1024:16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a4b159941761c40c6a82f2b80d1b94f5aa2654fd17e12d588864679b54cd04ef8bd03012be8dc37f4b83af7963faff0dfa225477437c48017ff2be8191cf3955fc07356eab3f322f7f620e21d254e5db4324279fe067e0910e2e81ca2cab31c745e67a54058eb50d993cdb9ed0b4d029c06d21a94ca661c3ce27fae1d6cb20f4564d66ce4767583d0e5f060215b59017be85ea848939127bd8c9c4d47b51056c031cf336f17c9980f3b8f5b9b6878e8b797aa43b882684333e17893fe9caa6aa299f7ed1a18ee2c54864b7b2b99b72618fb02574d139ef50f019c9eef416971338e7d470":"710b9c4747d800d4de87f12afdce6df18107cc77":"666026fba71bd3e7cf13157cc2c51a8e4aa684af9778f91849f34335d141c00154c4197621f9624a675b5abc22ee7d5baaffaae1c9baca2cc373b3f33e78e6143c395a91aa7faca664eb733afd14d8827259d99a7550faca501ef2b04e33c23aa51f4b9e8282efdb728cc0ab09405a91607c6369961bc8270d2d4f39fce612b1":0
-
-RSASSA-PSS Signature Example 1_4
-pkcs1_rsassa_pss_sign:1024:16:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":16:"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"bc656747fa9eafb3f0":"056f00985de14d8ef5cea9e82f8c27bef720335e":"4609793b23e9d09362dc21bb47da0b4f3a7622649a47d464019b9aeafe53359c178c91cd58ba6bcb78be0346a7bc637f4b873d4bab38ee661f199634c547a1ad8442e03da015b136e543f7ab07c0c13e4225b8de8cce25d4f6eb8400f81f7e1833b7ee6e334d370964ca79fdb872b4d75223b5eeb08101591fb532d155a6de87":0
-
-RSASSA-PSS Signature Example 1_4 (verify)
-pkcs1_rsassa_pss_verify:1024:16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"bc656747fa9eafb3f0":"056f00985de14d8ef5cea9e82f8c27bef720335e":"4609793b23e9d09362dc21bb47da0b4f3a7622649a47d464019b9aeafe53359c178c91cd58ba6bcb78be0346a7bc637f4b873d4bab38ee661f199634c547a1ad8442e03da015b136e543f7ab07c0c13e4225b8de8cce25d4f6eb8400f81f7e1833b7ee6e334d370964ca79fdb872b4d75223b5eeb08101591fb532d155a6de87":0
-
-RSASSA-PSS Signature Example 1_5
-pkcs1_rsassa_pss_sign:1024:16:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":16:"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"b45581547e5427770c768e8b82b75564e0ea4e9c32594d6bff706544de0a8776c7a80b4576550eee1b2acabc7e8b7d3ef7bb5b03e462c11047eadd00629ae575480ac1470fe046f13a2bf5af17921dc4b0aa8b02bee6334911651d7f8525d10f32b51d33be520d3ddf5a709955a3dfe78283b9e0ab54046d150c177f037fdccc5be4ea5f68b5e5a38c9d7edcccc4975f455a6909b4":"80e70ff86a08de3ec60972b39b4fbfdcea67ae8e":"1d2aad221ca4d31ddf13509239019398e3d14b32dc34dc5af4aeaea3c095af73479cf0a45e5629635a53a018377615b16cb9b13b3e09d671eb71e387b8545c5960da5a64776e768e82b2c93583bf104c3fdb23512b7b4e89f633dd0063a530db4524b01c3f384c09310e315a79dcd3d684022a7f31c865a664e316978b759fad":0
-
-RSASSA-PSS Signature Example 1_5 (verify)
-pkcs1_rsassa_pss_verify:1024:16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"b45581547e5427770c768e8b82b75564e0ea4e9c32594d6bff706544de0a8776c7a80b4576550eee1b2acabc7e8b7d3ef7bb5b03e462c11047eadd00629ae575480ac1470fe046f13a2bf5af17921dc4b0aa8b02bee6334911651d7f8525d10f32b51d33be520d3ddf5a709955a3dfe78283b9e0ab54046d150c177f037fdccc5be4ea5f68b5e5a38c9d7edcccc4975f455a6909b4":"80e70ff86a08de3ec60972b39b4fbfdcea67ae8e":"1d2aad221ca4d31ddf13509239019398e3d14b32dc34dc5af4aeaea3c095af73479cf0a45e5629635a53a018377615b16cb9b13b3e09d671eb71e387b8545c5960da5a64776e768e82b2c93583bf104c3fdb23512b7b4e89f633dd0063a530db4524b01c3f384c09310e315a79dcd3d684022a7f31c865a664e316978b759fad":0
-
-RSASSA-PSS Signature Example 1_6
-pkcs1_rsassa_pss_sign:1024:16:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":16:"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"10aae9a0ab0b595d0841207b700d48d75faedde3b775cd6b4cc88ae06e4694ec74ba18f8520d4f5ea69cbbe7cc2beba43efdc10215ac4eb32dc302a1f53dc6c4352267e7936cfebf7c8d67035784a3909fa859c7b7b59b8e39c5c2349f1886b705a30267d402f7486ab4f58cad5d69adb17ab8cd0ce1caf5025af4ae24b1fb8794c6070cc09a51e2f9911311e3877d0044c71c57a993395008806b723ac38373d395481818528c1e7053739282053529510e935cd0fa77b8fa53cc2d474bd4fb3cc5c672d6ffdc90a00f9848712c4bcfe46c60573659b11e6457e861f0f604b6138d144f8ce4e2da73":"a8ab69dd801f0074c2a1fc60649836c616d99681":"2a34f6125e1f6b0bf971e84fbd41c632be8f2c2ace7de8b6926e31ff93e9af987fbc06e51e9be14f5198f91f3f953bd67da60a9df59764c3dc0fe08e1cbef0b75f868d10ad3fba749fef59fb6dac46a0d6e504369331586f58e4628f39aa278982543bc0eeb537dc61958019b394fb273f215858a0a01ac4d650b955c67f4c58":0
-
-RSASSA-PSS Signature Example 1_6 (verify)
-pkcs1_rsassa_pss_verify:1024:16:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"10aae9a0ab0b595d0841207b700d48d75faedde3b775cd6b4cc88ae06e4694ec74ba18f8520d4f5ea69cbbe7cc2beba43efdc10215ac4eb32dc302a1f53dc6c4352267e7936cfebf7c8d67035784a3909fa859c7b7b59b8e39c5c2349f1886b705a30267d402f7486ab4f58cad5d69adb17ab8cd0ce1caf5025af4ae24b1fb8794c6070cc09a51e2f9911311e3877d0044c71c57a993395008806b723ac38373d395481818528c1e7053739282053529510e935cd0fa77b8fa53cc2d474bd4fb3cc5c672d6ffdc90a00f9848712c4bcfe46c60573659b11e6457e861f0f604b6138d144f8ce4e2da73":"a8ab69dd801f0074c2a1fc60649836c616d99681":"2a34f6125e1f6b0bf971e84fbd41c632be8f2c2ace7de8b6926e31ff93e9af987fbc06e51e9be14f5198f91f3f953bd67da60a9df59764c3dc0fe08e1cbef0b75f868d10ad3fba749fef59fb6dac46a0d6e504369331586f58e4628f39aa278982543bc0eeb537dc61958019b394fb273f215858a0a01ac4d650b955c67f4c58":0
-
-RSASSA-PSS Signature Example 2_1
-pkcs1_rsassa_pss_sign:1025:16:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":16:"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"daba032066263faedb659848115278a52c44faa3a76f37515ed336321072c40a9d9b53bc05014078adf520875146aae70ff060226dcb7b1f1fc27e9360":"57bf160bcb02bb1dc7280cf0458530b7d2832ff7":"014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3":0
-
-RSASSA-PSS Signature Example 2_1 (verify)
-pkcs1_rsassa_pss_verify:1025:16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"daba032066263faedb659848115278a52c44faa3a76f37515ed336321072c40a9d9b53bc05014078adf520875146aae70ff060226dcb7b1f1fc27e9360":"57bf160bcb02bb1dc7280cf0458530b7d2832ff7":"014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3":0
-
-RSASSA-PSS Signature Example 2_2
-pkcs1_rsassa_pss_sign:1025:16:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":16:"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e4f8601a8a6da1be34447c0959c058570c3668cfd51dd5f9ccd6ad4411fe8213486d78a6c49f93efc2ca2288cebc2b9b60bd04b1e220d86e3d4848d709d032d1e8c6a070c6af9a499fcf95354b14ba6127c739de1bb0fd16431e46938aec0cf8ad9eb72e832a7035de9b7807bdc0ed8b68eb0f5ac2216be40ce920c0db0eddd3860ed788efaccaca502d8f2bd6d1a7c1f41ff46f1681c8f1f818e9c4f6d91a0c7803ccc63d76a6544d843e084e363b8acc55aa531733edb5dee5b5196e9f03e8b731b3776428d9e457fe3fbcb3db7274442d785890e9cb0854b6444dace791d7273de1889719338a77fe":"7f6dd359e604e60870e898e47b19bf2e5a7b2a90":"010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea":0
-
-RSASSA-PSS Signature Example 2_2 (verify)
-pkcs1_rsassa_pss_verify:1025:16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e4f8601a8a6da1be34447c0959c058570c3668cfd51dd5f9ccd6ad4411fe8213486d78a6c49f93efc2ca2288cebc2b9b60bd04b1e220d86e3d4848d709d032d1e8c6a070c6af9a499fcf95354b14ba6127c739de1bb0fd16431e46938aec0cf8ad9eb72e832a7035de9b7807bdc0ed8b68eb0f5ac2216be40ce920c0db0eddd3860ed788efaccaca502d8f2bd6d1a7c1f41ff46f1681c8f1f818e9c4f6d91a0c7803ccc63d76a6544d843e084e363b8acc55aa531733edb5dee5b5196e9f03e8b731b3776428d9e457fe3fbcb3db7274442d785890e9cb0854b6444dace791d7273de1889719338a77fe":"7f6dd359e604e60870e898e47b19bf2e5a7b2a90":"010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea":0
-
-RSASSA-PSS Signature Example 2_3
-pkcs1_rsassa_pss_sign:1025:16:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":16:"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"52a1d96c8ac39e41e455809801b927a5b445c10d902a0dcd3850d22a66d2bb0703e67d5867114595aabf5a7aeb5a8f87034bbb30e13cfd4817a9be76230023606d0286a3faf8a4d22b728ec518079f9e64526e3a0cc7941aa338c437997c680ccac67c66bfa1":"fca862068bce2246724b708a0519da17e648688c":"007f0030018f53cdc71f23d03659fde54d4241f758a750b42f185f87578520c30742afd84359b6e6e8d3ed959dc6fe486bedc8e2cf001f63a7abe16256a1b84df0d249fc05d3194ce5f0912742dbbf80dd174f6c51f6bad7f16cf3364eba095a06267dc3793803ac7526aebe0a475d38b8c2247ab51c4898df7047dc6adf52c6c4":0
-
-RSASSA-PSS Signature Example 2_3 (verify)
-pkcs1_rsassa_pss_verify:1025:16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"52a1d96c8ac39e41e455809801b927a5b445c10d902a0dcd3850d22a66d2bb0703e67d5867114595aabf5a7aeb5a8f87034bbb30e13cfd4817a9be76230023606d0286a3faf8a4d22b728ec518079f9e64526e3a0cc7941aa338c437997c680ccac67c66bfa1":"fca862068bce2246724b708a0519da17e648688c":"007f0030018f53cdc71f23d03659fde54d4241f758a750b42f185f87578520c30742afd84359b6e6e8d3ed959dc6fe486bedc8e2cf001f63a7abe16256a1b84df0d249fc05d3194ce5f0912742dbbf80dd174f6c51f6bad7f16cf3364eba095a06267dc3793803ac7526aebe0a475d38b8c2247ab51c4898df7047dc6adf52c6c4":0
-
-RSASSA-PSS Signature Example 2_4
-pkcs1_rsassa_pss_sign:1025:16:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":16:"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a7182c83ac18be6570a106aa9d5c4e3dbbd4afaeb0c60c4a23e1969d79ff":"8070ef2de945c02387684ba0d33096732235d440":"009cd2f4edbe23e12346ae8c76dd9ad3230a62076141f16c152ba18513a48ef6f010e0e37fd3df10a1ec629a0cb5a3b5d2893007298c30936a95903b6ba85555d9ec3673a06108fd62a2fda56d1ce2e85c4db6b24a81ca3b496c36d4fd06eb7c9166d8e94877c42bea622b3bfe9251fdc21d8d5371badad78a488214796335b40b":0
-
-RSASSA-PSS Signature Example 2_4 (verify)
-pkcs1_rsassa_pss_verify:1025:16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a7182c83ac18be6570a106aa9d5c4e3dbbd4afaeb0c60c4a23e1969d79ff":"8070ef2de945c02387684ba0d33096732235d440":"009cd2f4edbe23e12346ae8c76dd9ad3230a62076141f16c152ba18513a48ef6f010e0e37fd3df10a1ec629a0cb5a3b5d2893007298c30936a95903b6ba85555d9ec3673a06108fd62a2fda56d1ce2e85c4db6b24a81ca3b496c36d4fd06eb7c9166d8e94877c42bea622b3bfe9251fdc21d8d5371badad78a488214796335b40b":0
-
-RSASSA-PSS Signature Example 2_5
-pkcs1_rsassa_pss_sign:1025:16:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":16:"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"86a83d4a72ee932a4f5630af6579a386b78fe88999e0abd2d49034a4bfc854dd94f1094e2e8cd7a179d19588e4aefc1b1bd25e95e3dd461f":"17639a4e88d722c4fca24d079a8b29c32433b0c9":"00ec430824931ebd3baa43034dae98ba646b8c36013d1671c3cf1cf8260c374b19f8e1cc8d965012405e7e9bf7378612dfcc85fce12cda11f950bd0ba8876740436c1d2595a64a1b32efcfb74a21c873b3cc33aaf4e3dc3953de67f0674c0453b4fd9f604406d441b816098cb106fe3472bc251f815f59db2e4378a3addc181ecf":0
-
-RSASSA-PSS Signature Example 2_5 (verify)
-pkcs1_rsassa_pss_verify:1025:16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"86a83d4a72ee932a4f5630af6579a386b78fe88999e0abd2d49034a4bfc854dd94f1094e2e8cd7a179d19588e4aefc1b1bd25e95e3dd461f":"17639a4e88d722c4fca24d079a8b29c32433b0c9":"00ec430824931ebd3baa43034dae98ba646b8c36013d1671c3cf1cf8260c374b19f8e1cc8d965012405e7e9bf7378612dfcc85fce12cda11f950bd0ba8876740436c1d2595a64a1b32efcfb74a21c873b3cc33aaf4e3dc3953de67f0674c0453b4fd9f604406d441b816098cb106fe3472bc251f815f59db2e4378a3addc181ecf":0
-
-RSASSA-PSS Signature Example 2_6
-pkcs1_rsassa_pss_sign:1025:16:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":16:"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"049f9154d871ac4a7c7ab45325ba7545a1ed08f70525b2667cf1":"37810def1055ed922b063df798de5d0aabf886ee":"00475b1648f814a8dc0abdc37b5527f543b666bb6e39d30e5b49d3b876dccc58eac14e32a2d55c2616014456ad2f246fc8e3d560da3ddf379a1c0bd200f10221df078c219a151bc8d4ec9d2fc2564467811014ef15d8ea01c2ebbff8c2c8efab38096e55fcbe3285c7aa558851254faffa92c1c72b78758663ef4582843139d7a6":0
-
-RSASSA-PSS Signature Example 2_6 (verify)
-pkcs1_rsassa_pss_verify:1025:16:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"049f9154d871ac4a7c7ab45325ba7545a1ed08f70525b2667cf1":"37810def1055ed922b063df798de5d0aabf886ee":"00475b1648f814a8dc0abdc37b5527f543b666bb6e39d30e5b49d3b876dccc58eac14e32a2d55c2616014456ad2f246fc8e3d560da3ddf379a1c0bd200f10221df078c219a151bc8d4ec9d2fc2564467811014ef15d8ea01c2ebbff8c2c8efab38096e55fcbe3285c7aa558851254faffa92c1c72b78758663ef4582843139d7a6":0
-
-RSASSA-PSS Signature Example 3_1
-pkcs1_rsassa_pss_sign:1026:16:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":16:"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"594b37333bbb2c84524a87c1a01f75fcec0e3256f108e38dca36d70d0057":"f31ad6c8cf89df78ed77feacbcc2f8b0a8e4cfaa":"0088b135fb1794b6b96c4a3e678197f8cac52b64b2fe907d6f27de761124964a99a01a882740ecfaed6c01a47464bb05182313c01338a8cd097214cd68ca103bd57d3bc9e816213e61d784f182467abf8a01cf253e99a156eaa8e3e1f90e3c6e4e3aa2d83ed0345b89fafc9c26077c14b6ac51454fa26e446e3a2f153b2b16797f":0
-
-RSASSA-PSS Signature Example 3_1 (verify)
-pkcs1_rsassa_pss_verify:1026:16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"594b37333bbb2c84524a87c1a01f75fcec0e3256f108e38dca36d70d0057":"f31ad6c8cf89df78ed77feacbcc2f8b0a8e4cfaa":"0088b135fb1794b6b96c4a3e678197f8cac52b64b2fe907d6f27de761124964a99a01a882740ecfaed6c01a47464bb05182313c01338a8cd097214cd68ca103bd57d3bc9e816213e61d784f182467abf8a01cf253e99a156eaa8e3e1f90e3c6e4e3aa2d83ed0345b89fafc9c26077c14b6ac51454fa26e446e3a2f153b2b16797f":0
-
-RSASSA-PSS Signature Example 3_2
-pkcs1_rsassa_pss_sign:1026:16:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":16:"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8b769528884a0d1ffd090cf102993e796dadcfbddd38e44ff6324ca451":"fcf9f0e1f199a3d1d0da681c5b8606fc642939f7":"02a5f0a858a0864a4f65017a7d69454f3f973a2999839b7bbc48bf78641169179556f595fa41f6ff18e286c2783079bc0910ee9cc34f49ba681124f923dfa88f426141a368a5f5a930c628c2c3c200e18a7644721a0cbec6dd3f6279bde3e8f2be5e2d4ee56f97e7ceaf33054be7042bd91a63bb09f897bd41e81197dee99b11af":0
-
-RSASSA-PSS Signature Example 3_2 (verify)
-pkcs1_rsassa_pss_verify:1026:16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8b769528884a0d1ffd090cf102993e796dadcfbddd38e44ff6324ca451":"fcf9f0e1f199a3d1d0da681c5b8606fc642939f7":"02a5f0a858a0864a4f65017a7d69454f3f973a2999839b7bbc48bf78641169179556f595fa41f6ff18e286c2783079bc0910ee9cc34f49ba681124f923dfa88f426141a368a5f5a930c628c2c3c200e18a7644721a0cbec6dd3f6279bde3e8f2be5e2d4ee56f97e7ceaf33054be7042bd91a63bb09f897bd41e81197dee99b11af":0
-
-RSASSA-PSS Signature Example 3_3
-pkcs1_rsassa_pss_sign:1026:16:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":16:"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1abdba489c5ada2f995ed16f19d5a94d9e6ec34a8d84f84557d26e5ef9b02b22887e3f9a4b690ad1149209c20c61431f0c017c36c2657b35d7b07d3f5ad8708507a9c1b831df835a56f831071814ea5d3d8d8f6ade40cba38b42db7a2d3d7a29c8f0a79a7838cf58a9757fa2fe4c40df9baa193bfc6f92b123ad57b07ace3e6ac068c9f106afd9eeb03b4f37c25dbfbcfb3071f6f9771766d072f3bb070af6605532973ae25051":"986e7c43dbb671bd41b9a7f4b6afc80e805f2423":"0244bcd1c8c16955736c803be401272e18cb990811b14f72db964124d5fa760649cbb57afb8755dbb62bf51f466cf23a0a1607576e983d778fceffa92df7548aea8ea4ecad2c29dd9f95bc07fe91ecf8bee255bfe8762fd7690aa9bfa4fa0849ef728c2c42c4532364522df2ab7f9f8a03b63f7a499175828668f5ef5a29e3802c":0
-
-RSASSA-PSS Signature Example 3_3 (verify)
-pkcs1_rsassa_pss_verify:1026:16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1abdba489c5ada2f995ed16f19d5a94d9e6ec34a8d84f84557d26e5ef9b02b22887e3f9a4b690ad1149209c20c61431f0c017c36c2657b35d7b07d3f5ad8708507a9c1b831df835a56f831071814ea5d3d8d8f6ade40cba38b42db7a2d3d7a29c8f0a79a7838cf58a9757fa2fe4c40df9baa193bfc6f92b123ad57b07ace3e6ac068c9f106afd9eeb03b4f37c25dbfbcfb3071f6f9771766d072f3bb070af6605532973ae25051":"986e7c43dbb671bd41b9a7f4b6afc80e805f2423":"0244bcd1c8c16955736c803be401272e18cb990811b14f72db964124d5fa760649cbb57afb8755dbb62bf51f466cf23a0a1607576e983d778fceffa92df7548aea8ea4ecad2c29dd9f95bc07fe91ecf8bee255bfe8762fd7690aa9bfa4fa0849ef728c2c42c4532364522df2ab7f9f8a03b63f7a499175828668f5ef5a29e3802c":0
-
-RSASSA-PSS Signature Example 3_4
-pkcs1_rsassa_pss_sign:1026:16:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":16:"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8fb431f5ee792b6c2ac7db53cc428655aeb32d03f4e889c5c25de683c461b53acf89f9f8d3aabdf6b9f0c2a1de12e15b49edb3919a652fe9491c25a7fce1f722c2543608b69dc375ec":"f8312d9c8eea13ec0a4c7b98120c87509087c478":"0196f12a005b98129c8df13c4cb16f8aa887d3c40d96df3a88e7532ef39cd992f273abc370bc1be6f097cfebbf0118fd9ef4b927155f3df22b904d90702d1f7ba7a52bed8b8942f412cd7bd676c9d18e170391dcd345c06a730964b3f30bcce0bb20ba106f9ab0eeb39cf8a6607f75c0347f0af79f16afa081d2c92d1ee6f836b8":0
-
-RSASSA-PSS Signature Example 3_4 (verify)
-pkcs1_rsassa_pss_verify:1026:16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8fb431f5ee792b6c2ac7db53cc428655aeb32d03f4e889c5c25de683c461b53acf89f9f8d3aabdf6b9f0c2a1de12e15b49edb3919a652fe9491c25a7fce1f722c2543608b69dc375ec":"f8312d9c8eea13ec0a4c7b98120c87509087c478":"0196f12a005b98129c8df13c4cb16f8aa887d3c40d96df3a88e7532ef39cd992f273abc370bc1be6f097cfebbf0118fd9ef4b927155f3df22b904d90702d1f7ba7a52bed8b8942f412cd7bd676c9d18e170391dcd345c06a730964b3f30bcce0bb20ba106f9ab0eeb39cf8a6607f75c0347f0af79f16afa081d2c92d1ee6f836b8":0
-
-RSASSA-PSS Signature Example 3_5
-pkcs1_rsassa_pss_sign:1026:16:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":16:"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"fef4161dfaaf9c5295051dfc1ff3810c8c9ec2e866f7075422c8ec4216a9c4ff49427d483cae10c8534a41b2fd15fee06960ec6fb3f7a7e94a2f8a2e3e43dc4a40576c3097ac953b1de86f0b4ed36d644f23ae14425529622464ca0cbf0b1741347238157fab59e4de5524096d62baec63ac64":"50327efec6292f98019fc67a2a6638563e9b6e2d":"021eca3ab4892264ec22411a752d92221076d4e01c0e6f0dde9afd26ba5acf6d739ef987545d16683e5674c9e70f1de649d7e61d48d0caeb4fb4d8b24fba84a6e3108fee7d0705973266ac524b4ad280f7ae17dc59d96d3351586b5a3bdb895d1e1f7820ac6135d8753480998382ba32b7349559608c38745290a85ef4e9f9bd83":0
-
-RSASSA-PSS Signature Example 3_5 (verify)
-pkcs1_rsassa_pss_verify:1026:16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"fef4161dfaaf9c5295051dfc1ff3810c8c9ec2e866f7075422c8ec4216a9c4ff49427d483cae10c8534a41b2fd15fee06960ec6fb3f7a7e94a2f8a2e3e43dc4a40576c3097ac953b1de86f0b4ed36d644f23ae14425529622464ca0cbf0b1741347238157fab59e4de5524096d62baec63ac64":"50327efec6292f98019fc67a2a6638563e9b6e2d":"021eca3ab4892264ec22411a752d92221076d4e01c0e6f0dde9afd26ba5acf6d739ef987545d16683e5674c9e70f1de649d7e61d48d0caeb4fb4d8b24fba84a6e3108fee7d0705973266ac524b4ad280f7ae17dc59d96d3351586b5a3bdb895d1e1f7820ac6135d8753480998382ba32b7349559608c38745290a85ef4e9f9bd83":0
-
-RSASSA-PSS Signature Example 3_6
-pkcs1_rsassa_pss_sign:1026:16:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":16:"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"efd237bb098a443aeeb2bf6c3f8c81b8c01b7fcb3feb":"b0de3fc25b65f5af96b1d5cc3b27d0c6053087b3":"012fafec862f56e9e92f60ab0c77824f4299a0ca734ed26e0644d5d222c7f0bde03964f8e70a5cb65ed44e44d56ae0edf1ff86ca032cc5dd4404dbb76ab854586c44eed8336d08d457ce6c03693b45c0f1efef93624b95b8ec169c616d20e5538ebc0b6737a6f82b4bc0570924fc6b35759a3348426279f8b3d7744e2d222426ce":0
-
-RSASSA-PSS Signature Example 3_6 (verify)
-pkcs1_rsassa_pss_verify:1026:16:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"efd237bb098a443aeeb2bf6c3f8c81b8c01b7fcb3feb":"b0de3fc25b65f5af96b1d5cc3b27d0c6053087b3":"012fafec862f56e9e92f60ab0c77824f4299a0ca734ed26e0644d5d222c7f0bde03964f8e70a5cb65ed44e44d56ae0edf1ff86ca032cc5dd4404dbb76ab854586c44eed8336d08d457ce6c03693b45c0f1efef93624b95b8ec169c616d20e5538ebc0b6737a6f82b4bc0570924fc6b35759a3348426279f8b3d7744e2d222426ce":0
-
-RSASSA-PSS Signature Example 4_1
-pkcs1_rsassa_pss_sign:1027:16:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":16:"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9fb03b827c8217d9":"ed7c98c95f30974fbe4fbddcf0f28d6021c0e91d":"0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948":0
-
-RSASSA-PSS Signature Example 4_1 (verify)
-pkcs1_rsassa_pss_verify:1027:16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9fb03b827c8217d9":"ed7c98c95f30974fbe4fbddcf0f28d6021c0e91d":"0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948":0
-
-RSASSA-PSS Signature Example 4_2
-pkcs1_rsassa_pss_sign:1027:16:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":16:"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0ca2ad77797ece86de5bf768750ddb5ed6a3116ad99bbd17edf7f782f0db1cd05b0f677468c5ea420dc116b10e80d110de2b0461ea14a38be68620392e7e893cb4ea9393fb886c20ff790642305bf302003892e54df9f667509dc53920df583f50a3dd61abb6fab75d600377e383e6aca6710eeea27156e06752c94ce25ae99fcbf8592dbe2d7e27453cb44de07100ebb1a2a19811a478adbeab270f94e8fe369d90b3ca612f9f":"22d71d54363a4217aa55113f059b3384e3e57e44":"049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598":0
-
-RSASSA-PSS Signature Example 4_2 (verify)
-pkcs1_rsassa_pss_verify:1027:16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0ca2ad77797ece86de5bf768750ddb5ed6a3116ad99bbd17edf7f782f0db1cd05b0f677468c5ea420dc116b10e80d110de2b0461ea14a38be68620392e7e893cb4ea9393fb886c20ff790642305bf302003892e54df9f667509dc53920df583f50a3dd61abb6fab75d600377e383e6aca6710eeea27156e06752c94ce25ae99fcbf8592dbe2d7e27453cb44de07100ebb1a2a19811a478adbeab270f94e8fe369d90b3ca612f9f":"22d71d54363a4217aa55113f059b3384e3e57e44":"049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598":0
-
-RSASSA-PSS Signature Example 4_3
-pkcs1_rsassa_pss_sign:1027:16:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":16:"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"288062afc08fcdb7c5f8650b29837300461dd5676c17a20a3c8fb5148949e3f73d66b3ae82c7240e27c5b3ec4328ee7d6ddf6a6a0c9b5b15bcda196a9d0c76b119d534d85abd123962d583b76ce9d180bce1ca":"4af870fbc6516012ca916c70ba862ac7e8243617":"03fbc410a2ced59500fb99f9e2af2781ada74e13145624602782e2994813eefca0519ecd253b855fb626a90d771eae028b0c47a199cbd9f8e3269734af4163599090713a3fa910fa0960652721432b971036a7181a2bc0cab43b0b598bc6217461d7db305ff7e954c5b5bb231c39e791af6bcfa76b147b081321f72641482a2aad":0
-
-RSASSA-PSS Signature Example 4_3 (verify)
-pkcs1_rsassa_pss_verify:1027:16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"288062afc08fcdb7c5f8650b29837300461dd5676c17a20a3c8fb5148949e3f73d66b3ae82c7240e27c5b3ec4328ee7d6ddf6a6a0c9b5b15bcda196a9d0c76b119d534d85abd123962d583b76ce9d180bce1ca":"4af870fbc6516012ca916c70ba862ac7e8243617":"03fbc410a2ced59500fb99f9e2af2781ada74e13145624602782e2994813eefca0519ecd253b855fb626a90d771eae028b0c47a199cbd9f8e3269734af4163599090713a3fa910fa0960652721432b971036a7181a2bc0cab43b0b598bc6217461d7db305ff7e954c5b5bb231c39e791af6bcfa76b147b081321f72641482a2aad":0
-
-RSASSA-PSS Signature Example 4_4
-pkcs1_rsassa_pss_sign:1027:16:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":16:"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"6f4f9ab9501199cef55c6cf408fe7b36c557c49d420a4763d2463c8ad44b3cfc5be2742c0e7d9b0f6608f08c7f47b693ee":"40d2e180fae1eac439c190b56c2c0e14ddf9a226":"0486644bc66bf75d28335a6179b10851f43f09bded9fac1af33252bb9953ba4298cd6466b27539a70adaa3f89b3db3c74ab635d122f4ee7ce557a61e59b82ffb786630e5f9db53c77d9a0c12fab5958d4c2ce7daa807cd89ba2cc7fcd02ff470ca67b229fcce814c852c73cc93bea35be68459ce478e9d4655d121c8472f371d4f":0
-
-RSASSA-PSS Signature Example 4_4 (verify)
-pkcs1_rsassa_pss_verify:1027:16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"6f4f9ab9501199cef55c6cf408fe7b36c557c49d420a4763d2463c8ad44b3cfc5be2742c0e7d9b0f6608f08c7f47b693ee":"40d2e180fae1eac439c190b56c2c0e14ddf9a226":"0486644bc66bf75d28335a6179b10851f43f09bded9fac1af33252bb9953ba4298cd6466b27539a70adaa3f89b3db3c74ab635d122f4ee7ce557a61e59b82ffb786630e5f9db53c77d9a0c12fab5958d4c2ce7daa807cd89ba2cc7fcd02ff470ca67b229fcce814c852c73cc93bea35be68459ce478e9d4655d121c8472f371d4f":0
-
-RSASSA-PSS Signature Example 4_5
-pkcs1_rsassa_pss_sign:1027:16:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":16:"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e17d20385d501955823c3f666254c1d3dd36ad5168b8f18d286fdcf67a7dad94097085fab7ed86fe2142a28771717997ef1a7a08884efc39356d76077aaf82459a7fad45848875f2819b098937fe923bcc9dc442d72d754d812025090c9bc03db3080c138dd63b355d0b4b85d6688ac19f4de15084a0ba4e373b93ef4a555096691915dc23c00e954cdeb20a47cd55d16c3d8681d46ed7f2ed5ea42795be17baed25f0f4d113b3636addd585f16a8b5aec0c8fa9c5f03cbf3b9b73":"2497dc2b4615dfae5a663d49ffd56bf7efc11304":"022a80045353904cb30cbb542d7d4990421a6eec16a8029a8422adfd22d6aff8c4cc0294af110a0c067ec86a7d364134459bb1ae8ff836d5a8a2579840996b320b19f13a13fad378d931a65625dae2739f0c53670b35d9d3cbac08e733e4ec2b83af4b9196d63e7c4ff1ddeae2a122791a125bfea8deb0de8ccf1f4ffaf6e6fb0a":0
-
-RSASSA-PSS Signature Example 4_5 (verify)
-pkcs1_rsassa_pss_verify:1027:16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e17d20385d501955823c3f666254c1d3dd36ad5168b8f18d286fdcf67a7dad94097085fab7ed86fe2142a28771717997ef1a7a08884efc39356d76077aaf82459a7fad45848875f2819b098937fe923bcc9dc442d72d754d812025090c9bc03db3080c138dd63b355d0b4b85d6688ac19f4de15084a0ba4e373b93ef4a555096691915dc23c00e954cdeb20a47cd55d16c3d8681d46ed7f2ed5ea42795be17baed25f0f4d113b3636addd585f16a8b5aec0c8fa9c5f03cbf3b9b73":"2497dc2b4615dfae5a663d49ffd56bf7efc11304":"022a80045353904cb30cbb542d7d4990421a6eec16a8029a8422adfd22d6aff8c4cc0294af110a0c067ec86a7d364134459bb1ae8ff836d5a8a2579840996b320b19f13a13fad378d931a65625dae2739f0c53670b35d9d3cbac08e733e4ec2b83af4b9196d63e7c4ff1ddeae2a122791a125bfea8deb0de8ccf1f4ffaf6e6fb0a":0
-
-RSASSA-PSS Signature Example 4_6
-pkcs1_rsassa_pss_sign:1027:16:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":16:"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"afbc19d479249018fdf4e09f618726440495de11ddeee38872d775fcea74a23896b5343c9c38d46af0dba224d047580cc60a65e9391cf9b59b36a860598d4e8216722f993b91cfae87bc255af89a6a199bca4a391eadbc3a24903c0bd667368f6be78e3feabfb4ffd463122763740ffbbefeab9a25564bc5d1c24c93e422f75073e2ad72bf45b10df00b52a147128e73fee33fa3f0577d77f80fbc2df1bed313290c12777f50":"a334db6faebf11081a04f87c2d621cdec7930b9b":"00938dcb6d583046065f69c78da7a1f1757066a7fa75125a9d2929f0b79a60b627b082f11f5b196f28eb9daa6f21c05e5140f6aef1737d2023075c05ecf04a028c686a2ab3e7d5a0664f295ce12995e890908b6ad21f0839eb65b70393a7b5afd9871de0caa0cedec5b819626756209d13ab1e7bb9546a26ff37e9a51af9fd562e":0
-
-RSASSA-PSS Signature Example 4_6 (verify)
-pkcs1_rsassa_pss_verify:1027:16:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"afbc19d479249018fdf4e09f618726440495de11ddeee38872d775fcea74a23896b5343c9c38d46af0dba224d047580cc60a65e9391cf9b59b36a860598d4e8216722f993b91cfae87bc255af89a6a199bca4a391eadbc3a24903c0bd667368f6be78e3feabfb4ffd463122763740ffbbefeab9a25564bc5d1c24c93e422f75073e2ad72bf45b10df00b52a147128e73fee33fa3f0577d77f80fbc2df1bed313290c12777f50":"a334db6faebf11081a04f87c2d621cdec7930b9b":"00938dcb6d583046065f69c78da7a1f1757066a7fa75125a9d2929f0b79a60b627b082f11f5b196f28eb9daa6f21c05e5140f6aef1737d2023075c05ecf04a028c686a2ab3e7d5a0664f295ce12995e890908b6ad21f0839eb65b70393a7b5afd9871de0caa0cedec5b819626756209d13ab1e7bb9546a26ff37e9a51af9fd562e":0
-
-RSASSA-PSS Signature Example 5_1
-pkcs1_rsassa_pss_sign:1028:16:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":16:"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"30c7d557458b436decfdc14d06cb7b96b06718c48d7de57482a868ae7f065870a6216506d11b779323dfdf046cf5775129134b4d5689e4d9c0ce1e12d7d4b06cb5fc5820decfa41baf59bf257b32f025b7679b445b9499c92555145885992f1b76f84891ee4d3be0f5150fd5901e3a4c8ed43fd36b61d022e65ad5008dbf33293c22bfbfd07321f0f1d5fa9fdf0014c2fcb0358aad0e354b0d29":"081b233b43567750bd6e78f396a88b9f6a445151":"0ba373f76e0921b70a8fbfe622f0bf77b28a3db98e361051c3d7cb92ad0452915a4de9c01722f6823eeb6adf7e0ca8290f5de3e549890ac2a3c5950ab217ba58590894952de96f8df111b2575215da6c161590c745be612476ee578ed384ab33e3ece97481a252f5c79a98b5532ae00cdd62f2ecc0cd1baefe80d80b962193ec1d":0
-
-RSASSA-PSS Signature Example 5_1 (verify)
-pkcs1_rsassa_pss_verify:1028:16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"30c7d557458b436decfdc14d06cb7b96b06718c48d7de57482a868ae7f065870a6216506d11b779323dfdf046cf5775129134b4d5689e4d9c0ce1e12d7d4b06cb5fc5820decfa41baf59bf257b32f025b7679b445b9499c92555145885992f1b76f84891ee4d3be0f5150fd5901e3a4c8ed43fd36b61d022e65ad5008dbf33293c22bfbfd07321f0f1d5fa9fdf0014c2fcb0358aad0e354b0d29":"081b233b43567750bd6e78f396a88b9f6a445151":"0ba373f76e0921b70a8fbfe622f0bf77b28a3db98e361051c3d7cb92ad0452915a4de9c01722f6823eeb6adf7e0ca8290f5de3e549890ac2a3c5950ab217ba58590894952de96f8df111b2575215da6c161590c745be612476ee578ed384ab33e3ece97481a252f5c79a98b5532ae00cdd62f2ecc0cd1baefe80d80b962193ec1d":0
-
-RSASSA-PSS Signature Example 5_2
-pkcs1_rsassa_pss_sign:1028:16:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":16:"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e7b32e1556ea1b2795046ac69739d22ac8966bf11c116f614b166740e96b90653e5750945fcf772186c03790a07fda323e1a61916b06ee2157db3dff80d67d5e39a53ae268c8f09ed99a732005b0bc6a04af4e08d57a00e7201b3060efaadb73113bfc087fd837093aa25235b8c149f56215f031c24ad5bde7f29960df7d524070f7449c6f785084be1a0f733047f336f9154738674547db02a9f44dfc6e60301081e1ce99847f3b5b601ff06b4d5776a9740b9aa0d34058fd3b906e4f7859dfb07d7173e5e6f6350adac21f27b2307469":"bd0ce19549d0700120cbe51077dbbbb00a8d8b09":"08180de825e4b8b014a32da8ba761555921204f2f90d5f24b712908ff84f3e220ad17997c0dd6e706630ba3e84add4d5e7ab004e58074b549709565d43ad9e97b5a7a1a29e85b9f90f4aafcdf58321de8c5974ef9abf2d526f33c0f2f82e95d158ea6b81f1736db8d1af3d6ac6a83b32d18bae0ff1b2fe27de4c76ed8c7980a34e":0
-
-RSASSA-PSS Signature Example 5_2 (verify)
-pkcs1_rsassa_pss_verify:1028:16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e7b32e1556ea1b2795046ac69739d22ac8966bf11c116f614b166740e96b90653e5750945fcf772186c03790a07fda323e1a61916b06ee2157db3dff80d67d5e39a53ae268c8f09ed99a732005b0bc6a04af4e08d57a00e7201b3060efaadb73113bfc087fd837093aa25235b8c149f56215f031c24ad5bde7f29960df7d524070f7449c6f785084be1a0f733047f336f9154738674547db02a9f44dfc6e60301081e1ce99847f3b5b601ff06b4d5776a9740b9aa0d34058fd3b906e4f7859dfb07d7173e5e6f6350adac21f27b2307469":"bd0ce19549d0700120cbe51077dbbbb00a8d8b09":"08180de825e4b8b014a32da8ba761555921204f2f90d5f24b712908ff84f3e220ad17997c0dd6e706630ba3e84add4d5e7ab004e58074b549709565d43ad9e97b5a7a1a29e85b9f90f4aafcdf58321de8c5974ef9abf2d526f33c0f2f82e95d158ea6b81f1736db8d1af3d6ac6a83b32d18bae0ff1b2fe27de4c76ed8c7980a34e":0
-
-RSASSA-PSS Signature Example 5_3
-pkcs1_rsassa_pss_sign:1028:16:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":16:"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8d8396e36507fe1ef6a19017548e0c716674c2fec233adb2f775665ec41f2bd0ba396b061a9daa7e866f7c23fd3531954300a342f924535ea1498c48f6c879932865fc02000c528723b7ad0335745b51209a0afed932af8f0887c219004d2abd894ea92559ee3198af3a734fe9b9638c263a728ad95a5ae8ce3eb15839f3aa7852bb390706e7760e43a71291a2e3f827237deda851874c517665f545f27238df86557f375d09ccd8bd15d8ccf61f5d78ca5c7f5cde782e6bf5d0057056d4bad98b3d2f9575e824ab7a33ff57b0ac100ab0d6ead7aa0b50f6e4d3e5ec0b966b":"815779a91b3a8bd049bf2aeb920142772222c9ca":"05e0fdbdf6f756ef733185ccfa8ced2eb6d029d9d56e35561b5db8e70257ee6fd019d2f0bbf669fe9b9821e78df6d41e31608d58280f318ee34f559941c8df13287574bac000b7e58dc4f414ba49fb127f9d0f8936638c76e85356c994f79750f7fa3cf4fd482df75e3fb9978cd061f7abb17572e6e63e0bde12cbdcf18c68b979":0
-
-RSASSA-PSS Signature Example 5_3 (verify)
-pkcs1_rsassa_pss_verify:1028:16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8d8396e36507fe1ef6a19017548e0c716674c2fec233adb2f775665ec41f2bd0ba396b061a9daa7e866f7c23fd3531954300a342f924535ea1498c48f6c879932865fc02000c528723b7ad0335745b51209a0afed932af8f0887c219004d2abd894ea92559ee3198af3a734fe9b9638c263a728ad95a5ae8ce3eb15839f3aa7852bb390706e7760e43a71291a2e3f827237deda851874c517665f545f27238df86557f375d09ccd8bd15d8ccf61f5d78ca5c7f5cde782e6bf5d0057056d4bad98b3d2f9575e824ab7a33ff57b0ac100ab0d6ead7aa0b50f6e4d3e5ec0b966b":"815779a91b3a8bd049bf2aeb920142772222c9ca":"05e0fdbdf6f756ef733185ccfa8ced2eb6d029d9d56e35561b5db8e70257ee6fd019d2f0bbf669fe9b9821e78df6d41e31608d58280f318ee34f559941c8df13287574bac000b7e58dc4f414ba49fb127f9d0f8936638c76e85356c994f79750f7fa3cf4fd482df75e3fb9978cd061f7abb17572e6e63e0bde12cbdcf18c68b979":0
-
-RSASSA-PSS Signature Example 5_4
-pkcs1_rsassa_pss_sign:1028:16:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":16:"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"328c659e0a6437433cceb73c14":"9aec4a7480d5bbc42920d7ca235db674989c9aac":"0bc989853bc2ea86873271ce183a923ab65e8a53100e6df5d87a24c4194eb797813ee2a187c097dd872d591da60c568605dd7e742d5af4e33b11678ccb63903204a3d080b0902c89aba8868f009c0f1c0cb85810bbdd29121abb8471ff2d39e49fd92d56c655c8e037ad18fafbdc92c95863f7f61ea9efa28fea401369d19daea1":0
-
-RSASSA-PSS Signature Example 5_4 (verify)
-pkcs1_rsassa_pss_verify:1028:16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"328c659e0a6437433cceb73c14":"9aec4a7480d5bbc42920d7ca235db674989c9aac":"0bc989853bc2ea86873271ce183a923ab65e8a53100e6df5d87a24c4194eb797813ee2a187c097dd872d591da60c568605dd7e742d5af4e33b11678ccb63903204a3d080b0902c89aba8868f009c0f1c0cb85810bbdd29121abb8471ff2d39e49fd92d56c655c8e037ad18fafbdc92c95863f7f61ea9efa28fea401369d19daea1":0
-
-RSASSA-PSS Signature Example 5_5
-pkcs1_rsassa_pss_sign:1028:16:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":16:"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f37b962379a47d415a376eec8973150bcb34edd5ab654041b61430560c2144582ba133c867d852d6b8e23321901302ecb45b09ec88b1527178fa043263f3067d9ffe973032a99f4cb08ad2c7e0a2456cdd57a7df56fe6053527a5aeb67d7e552063c1ca97b1beffa7b39e997caf27878ea0f62cbebc8c21df4c889a202851e949088490c249b6e9acf1d8063f5be2343989bf95c4da01a2be78b4ab6b378015bc37957f76948b5e58e440c28453d40d7cfd57e7d690600474ab5e75973b1ea0c5f1e45d14190afe2f4eb6d3bdf71f1d2f8bb156a1c295d04aaeb9d689dce79ed62bc443e":"e20c1e9878512c39970f58375e1549a68b64f31d":"0aefa943b698b9609edf898ad22744ac28dc239497cea369cbbd84f65c95c0ad776b594740164b59a739c6ff7c2f07c7c077a86d95238fe51e1fcf33574a4ae0684b42a3f6bf677d91820ca89874467b2c23add77969c80717430d0efc1d3695892ce855cb7f7011630f4df26def8ddf36fc23905f57fa6243a485c770d5681fcd":0
-
-RSASSA-PSS Signature Example 5_5 (verify)
-pkcs1_rsassa_pss_verify:1028:16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f37b962379a47d415a376eec8973150bcb34edd5ab654041b61430560c2144582ba133c867d852d6b8e23321901302ecb45b09ec88b1527178fa043263f3067d9ffe973032a99f4cb08ad2c7e0a2456cdd57a7df56fe6053527a5aeb67d7e552063c1ca97b1beffa7b39e997caf27878ea0f62cbebc8c21df4c889a202851e949088490c249b6e9acf1d8063f5be2343989bf95c4da01a2be78b4ab6b378015bc37957f76948b5e58e440c28453d40d7cfd57e7d690600474ab5e75973b1ea0c5f1e45d14190afe2f4eb6d3bdf71f1d2f8bb156a1c295d04aaeb9d689dce79ed62bc443e":"e20c1e9878512c39970f58375e1549a68b64f31d":"0aefa943b698b9609edf898ad22744ac28dc239497cea369cbbd84f65c95c0ad776b594740164b59a739c6ff7c2f07c7c077a86d95238fe51e1fcf33574a4ae0684b42a3f6bf677d91820ca89874467b2c23add77969c80717430d0efc1d3695892ce855cb7f7011630f4df26def8ddf36fc23905f57fa6243a485c770d5681fcd":0
-
-RSASSA-PSS Signature Example 5_6
-pkcs1_rsassa_pss_sign:1028:16:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":16:"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"c6103c330c1ef718c141e47b8fa859be4d5b96259e7d142070ecd485839dba5a8369c17c1114035e532d195c74f44a0476a2d3e8a4da210016caced0e367cb867710a4b5aa2df2b8e5daf5fdc647807d4d5ebb6c56b9763ccdae4dea3308eb0ac2a89501cb209d2639fa5bf87ce790747d3cb2d295e84564f2f637824f0c13028129b0aa4a422d162282":"23291e4a3307e8bbb776623ab34e4a5f4cc8a8db":"02802dccfa8dfaf5279bf0b4a29ba1b157611faeaaf419b8919d15941900c1339e7e92e6fae562c53e6cc8e84104b110bce03ad18525e3c49a0eadad5d3f28f244a8ed89edbafbb686277cfa8ae909714d6b28f4bf8e293aa04c41efe7c0a81266d5c061e2575be032aa464674ff71626219bd74cc45f0e7ed4e3ff96eee758e8f":0
-
-RSASSA-PSS Signature Example 5_6 (verify)
-pkcs1_rsassa_pss_verify:1028:16:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"c6103c330c1ef718c141e47b8fa859be4d5b96259e7d142070ecd485839dba5a8369c17c1114035e532d195c74f44a0476a2d3e8a4da210016caced0e367cb867710a4b5aa2df2b8e5daf5fdc647807d4d5ebb6c56b9763ccdae4dea3308eb0ac2a89501cb209d2639fa5bf87ce790747d3cb2d295e84564f2f637824f0c13028129b0aa4a422d162282":"23291e4a3307e8bbb776623ab34e4a5f4cc8a8db":"02802dccfa8dfaf5279bf0b4a29ba1b157611faeaaf419b8919d15941900c1339e7e92e6fae562c53e6cc8e84104b110bce03ad18525e3c49a0eadad5d3f28f244a8ed89edbafbb686277cfa8ae909714d6b28f4bf8e293aa04c41efe7c0a81266d5c061e2575be032aa464674ff71626219bd74cc45f0e7ed4e3ff96eee758e8f":0
-
-RSASSA-PSS Signature Example 6_1
-pkcs1_rsassa_pss_sign:1029:16:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":16:"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0a20b774addc2fa51245ed7cb9da609e50cac6636a52543f97458eed7340f8d53ffc64918f949078ee03ef60d42b5fec246050bd5505cd8cb597bad3c4e713b0ef30644e76adabb0de01a1561efb255158c74fc801e6e919e581b46f0f0ddd08e4f34c7810b5ed8318f91d7c8c":"5b4ea2ef629cc22f3b538e016904b47b1e40bfd5":"04c0cfacec04e5badbece159a5a1103f69b3f32ba593cb4cc4b1b7ab455916a96a27cd2678ea0f46ba37f7fc9c86325f29733b389f1d97f43e7201c0f348fc45fe42892335362eee018b5b161f2f9393031225c713012a576bc88e23052489868d9010cbf033ecc568e8bc152bdc59d560e41291915d28565208e22aeec9ef85d1":0
-
-RSASSA-PSS Signature Example 6_1 (verify)
-pkcs1_rsassa_pss_verify:1029:16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0a20b774addc2fa51245ed7cb9da609e50cac6636a52543f97458eed7340f8d53ffc64918f949078ee03ef60d42b5fec246050bd5505cd8cb597bad3c4e713b0ef30644e76adabb0de01a1561efb255158c74fc801e6e919e581b46f0f0ddd08e4f34c7810b5ed8318f91d7c8c":"5b4ea2ef629cc22f3b538e016904b47b1e40bfd5":"04c0cfacec04e5badbece159a5a1103f69b3f32ba593cb4cc4b1b7ab455916a96a27cd2678ea0f46ba37f7fc9c86325f29733b389f1d97f43e7201c0f348fc45fe42892335362eee018b5b161f2f9393031225c713012a576bc88e23052489868d9010cbf033ecc568e8bc152bdc59d560e41291915d28565208e22aeec9ef85d1":0
-
-RSASSA-PSS Signature Example 6_2
-pkcs1_rsassa_pss_sign:1029:16:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":16:"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"2aaff6631f621ce615760a9ebce94bb333077ad86488c861d4b76d29c1f48746c611ae1e03ced4445d7cfa1fe5f62e1b3f08452bde3b6ef81973bafbb57f97bceef873985395b8260589aa88cb7db50ab469262e551bdcd9a56f275a0ac4fe484700c35f3dbf2b469ede864741b86fa59172a360ba95a02e139be50ddfb7cf0b42faeabbfbbaa86a4497699c4f2dfd5b08406af7e14144427c253ec0efa20eaf9a8be8cd49ce1f1bc4e93e619cf2aa8ed4fb39bc8590d0f7b96488f7317ac9abf7bee4e3a0e715":"83146a9e782722c28b014f98b4267bda2ac9504f":"0a2314250cf52b6e4e908de5b35646bcaa24361da8160fb0f9257590ab3ace42b0dc3e77ad2db7c203a20bd952fbb56b1567046ecfaa933d7b1000c3de9ff05b7d989ba46fd43bc4c2d0a3986b7ffa13471d37eb5b47d64707bd290cfd6a9f393ad08ec1e3bd71bb5792615035cdaf2d8929aed3be098379377e777ce79aaa4773":0
-
-RSASSA-PSS Signature Example 6_2 (verify)
-pkcs1_rsassa_pss_verify:1029:16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"2aaff6631f621ce615760a9ebce94bb333077ad86488c861d4b76d29c1f48746c611ae1e03ced4445d7cfa1fe5f62e1b3f08452bde3b6ef81973bafbb57f97bceef873985395b8260589aa88cb7db50ab469262e551bdcd9a56f275a0ac4fe484700c35f3dbf2b469ede864741b86fa59172a360ba95a02e139be50ddfb7cf0b42faeabbfbbaa86a4497699c4f2dfd5b08406af7e14144427c253ec0efa20eaf9a8be8cd49ce1f1bc4e93e619cf2aa8ed4fb39bc8590d0f7b96488f7317ac9abf7bee4e3a0e715":"83146a9e782722c28b014f98b4267bda2ac9504f":"0a2314250cf52b6e4e908de5b35646bcaa24361da8160fb0f9257590ab3ace42b0dc3e77ad2db7c203a20bd952fbb56b1567046ecfaa933d7b1000c3de9ff05b7d989ba46fd43bc4c2d0a3986b7ffa13471d37eb5b47d64707bd290cfd6a9f393ad08ec1e3bd71bb5792615035cdaf2d8929aed3be098379377e777ce79aaa4773":0
-
-RSASSA-PSS Signature Example 6_3
-pkcs1_rsassa_pss_sign:1029:16:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":16:"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0f6195d04a6e6fc7e2c9600dbf840c39ea8d4d624fd53507016b0e26858a5e0aecd7ada543ae5c0ab3a62599cba0a54e6bf446e262f989978f9ddf5e9a41":"a87b8aed07d7b8e2daf14ddca4ac68c4d0aabff8":"086df6b500098c120f24ff8423f727d9c61a5c9007d3b6a31ce7cf8f3cbec1a26bb20e2bd4a046793299e03e37a21b40194fb045f90b18bf20a47992ccd799cf9c059c299c0526854954aade8a6ad9d97ec91a1145383f42468b231f4d72f23706d9853c3fa43ce8ace8bfe7484987a1ec6a16c8daf81f7c8bf42774707a9df456":0
-
-RSASSA-PSS Signature Example 6_3 (verify)
-pkcs1_rsassa_pss_verify:1029:16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0f6195d04a6e6fc7e2c9600dbf840c39ea8d4d624fd53507016b0e26858a5e0aecd7ada543ae5c0ab3a62599cba0a54e6bf446e262f989978f9ddf5e9a41":"a87b8aed07d7b8e2daf14ddca4ac68c4d0aabff8":"086df6b500098c120f24ff8423f727d9c61a5c9007d3b6a31ce7cf8f3cbec1a26bb20e2bd4a046793299e03e37a21b40194fb045f90b18bf20a47992ccd799cf9c059c299c0526854954aade8a6ad9d97ec91a1145383f42468b231f4d72f23706d9853c3fa43ce8ace8bfe7484987a1ec6a16c8daf81f7c8bf42774707a9df456":0
-
-RSASSA-PSS Signature Example 6_4
-pkcs1_rsassa_pss_sign:1029:16:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":16:"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"337d25fe9810ebca0de4d4658d3ceb8e0fe4c066aba3bcc48b105d3bf7e0257d44fecea6596f4d0c59a08402833678f70620f9138dfeb7ded905e4a6d5f05c473d55936652e2a5df43c0cfda7bacaf3087f4524b06cf42157d01539739f7fddec9d58125df31a32eab06c19b71f1d5bf":"a37932f8a7494a942d6f767438e724d6d0c0ef18":"0b5b11ad549863ffa9c51a14a1106c2a72cc8b646e5c7262509786105a984776534ca9b54c1cc64bf2d5a44fd7e8a69db699d5ea52087a4748fd2abc1afed1e5d6f7c89025530bdaa2213d7e030fa55df6f34bcf1ce46d2edf4e3ae4f3b01891a068c9e3a44bbc43133edad6ecb9f35400c4252a5762d65744b99cb9f4c559329f":0
-
-RSASSA-PSS Signature Example 6_4 (verify)
-pkcs1_rsassa_pss_verify:1029:16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"337d25fe9810ebca0de4d4658d3ceb8e0fe4c066aba3bcc48b105d3bf7e0257d44fecea6596f4d0c59a08402833678f70620f9138dfeb7ded905e4a6d5f05c473d55936652e2a5df43c0cfda7bacaf3087f4524b06cf42157d01539739f7fddec9d58125df31a32eab06c19b71f1d5bf":"a37932f8a7494a942d6f767438e724d6d0c0ef18":"0b5b11ad549863ffa9c51a14a1106c2a72cc8b646e5c7262509786105a984776534ca9b54c1cc64bf2d5a44fd7e8a69db699d5ea52087a4748fd2abc1afed1e5d6f7c89025530bdaa2213d7e030fa55df6f34bcf1ce46d2edf4e3ae4f3b01891a068c9e3a44bbc43133edad6ecb9f35400c4252a5762d65744b99cb9f4c559329f":0
-
-RSASSA-PSS Signature Example 6_5
-pkcs1_rsassa_pss_sign:1029:16:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":16:"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"84ec502b072e8287789d8f9235829ea3b187afd4d4c785611bda5f9eb3cb96717efa7007227f1c08cbcb972e667235e0fb7d431a6570326d2ecce35adb373dc753b3be5f829b89175493193fab16badb41371b3aac0ae670076f24bef420c135add7cee8d35fbc944d79fafb9e307a13b0f556cb654a06f973ed22672330197ef5a748bf826a5db2383a25364b686b9372bb2339aeb1ac9e9889327d016f1670776db06201adbdcaf8a5e3b74e108b73":"7b790c1d62f7b84e94df6af28917cf571018110e":"02d71fa9b53e4654fefb7f08385cf6b0ae3a817942ebf66c35ac67f0b069952a3ce9c7e1f1b02e480a9500836de5d64cdb7ecde04542f7a79988787e24c2ba05f5fd482c023ed5c30e04839dc44bed2a3a3a4fee01113c891a47d32eb8025c28cb050b5cdb576c70fe76ef523405c08417faf350b037a43c379339fcb18d3a356b":0
-
-RSASSA-PSS Signature Example 6_5 (verify)
-pkcs1_rsassa_pss_verify:1029:16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"84ec502b072e8287789d8f9235829ea3b187afd4d4c785611bda5f9eb3cb96717efa7007227f1c08cbcb972e667235e0fb7d431a6570326d2ecce35adb373dc753b3be5f829b89175493193fab16badb41371b3aac0ae670076f24bef420c135add7cee8d35fbc944d79fafb9e307a13b0f556cb654a06f973ed22672330197ef5a748bf826a5db2383a25364b686b9372bb2339aeb1ac9e9889327d016f1670776db06201adbdcaf8a5e3b74e108b73":"7b790c1d62f7b84e94df6af28917cf571018110e":"02d71fa9b53e4654fefb7f08385cf6b0ae3a817942ebf66c35ac67f0b069952a3ce9c7e1f1b02e480a9500836de5d64cdb7ecde04542f7a79988787e24c2ba05f5fd482c023ed5c30e04839dc44bed2a3a3a4fee01113c891a47d32eb8025c28cb050b5cdb576c70fe76ef523405c08417faf350b037a43c379339fcb18d3a356b":0
-
-RSASSA-PSS Signature Example 6_6
-pkcs1_rsassa_pss_sign:1029:16:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":16:"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9906d89f97a9fdedd3ccd824db687326f30f00aa25a7fca2afcb3b0f86cd41e73f0e8ff7d2d83f59e28ed31a5a0d551523374de22e4c7e8ff568b386ee3dc41163f10bf67bb006261c9082f9af90bf1d9049a6b9fae71c7f84fbe6e55f02789de774f230f115026a4b4e96c55b04a95da3aacbb2cece8f81764a1f1c99515411087cf7d34aeded0932c183":"fbbe059025b69b89fb14ae2289e7aaafe60c0fcd":"0a40a16e2fe2b38d1df90546167cf9469c9e3c3681a3442b4b2c2f581deb385ce99fc6188bb02a841d56e76d301891e24560550fcc2a26b55f4ccb26d837d350a154bcaca8392d98fa67959e9727b78cad03269f56968fc56b68bd679926d83cc9cb215550645ccda31c760ff35888943d2d8a1d351e81e5d07b86182e751081ef":0
-
-RSASSA-PSS Signature Example 6_6 (verify)
-pkcs1_rsassa_pss_verify:1029:16:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9906d89f97a9fdedd3ccd824db687326f30f00aa25a7fca2afcb3b0f86cd41e73f0e8ff7d2d83f59e28ed31a5a0d551523374de22e4c7e8ff568b386ee3dc41163f10bf67bb006261c9082f9af90bf1d9049a6b9fae71c7f84fbe6e55f02789de774f230f115026a4b4e96c55b04a95da3aacbb2cece8f81764a1f1c99515411087cf7d34aeded0932c183":"fbbe059025b69b89fb14ae2289e7aaafe60c0fcd":"0a40a16e2fe2b38d1df90546167cf9469c9e3c3681a3442b4b2c2f581deb385ce99fc6188bb02a841d56e76d301891e24560550fcc2a26b55f4ccb26d837d350a154bcaca8392d98fa67959e9727b78cad03269f56968fc56b68bd679926d83cc9cb215550645ccda31c760ff35888943d2d8a1d351e81e5d07b86182e751081ef":0
-
-RSASSA-PSS Signature Example 7_1
-pkcs1_rsassa_pss_sign:1030:16:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":16:"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9ead0e01945640674eb41cad435e2374eaefa8ad7197d97913c44957d8d83f40d76ee60e39bf9c0f9eaf3021421a074d1ade962c6e9d3dc3bb174fe4dfe652b09115495b8fd2794174020a0602b5ca51848cfc96ce5eb57fc0a2adc1dda36a7cc452641a14911b37e45bfa11daa5c7ecdb74f6d0100d1d3e39e752800e203397de0233077b9a88855537fae927f924380d780f98e18dcff39c5ea741b17d6fdd1885bc9d581482d771ceb562d78a8bf88f0c75b11363e5e36cd479ceb0545f9da84203e0e6e508375cc9e844b88b7ac7a0a201ea0f1bee9a2c577920ca02c01b9d8320e974a56f4efb5763b96255abbf8037bf1802cf018f56379493e569a9":"b7867a59958cb54328f8775e6546ec06d27eaa50":"187f390723c8902591f0154bae6d4ecbffe067f0e8b795476ea4f4d51ccc810520bb3ca9bca7d0b1f2ea8a17d873fa27570acd642e3808561cb9e975ccfd80b23dc5771cdb3306a5f23159dacbd3aa2db93d46d766e09ed15d900ad897a8d274dc26b47e994a27e97e2268a766533ae4b5e42a2fcaf755c1c4794b294c60555823":0
-
-RSASSA-PSS Signature Example 7_1 (verify)
-pkcs1_rsassa_pss_verify:1030:16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9ead0e01945640674eb41cad435e2374eaefa8ad7197d97913c44957d8d83f40d76ee60e39bf9c0f9eaf3021421a074d1ade962c6e9d3dc3bb174fe4dfe652b09115495b8fd2794174020a0602b5ca51848cfc96ce5eb57fc0a2adc1dda36a7cc452641a14911b37e45bfa11daa5c7ecdb74f6d0100d1d3e39e752800e203397de0233077b9a88855537fae927f924380d780f98e18dcff39c5ea741b17d6fdd1885bc9d581482d771ceb562d78a8bf88f0c75b11363e5e36cd479ceb0545f9da84203e0e6e508375cc9e844b88b7ac7a0a201ea0f1bee9a2c577920ca02c01b9d8320e974a56f4efb5763b96255abbf8037bf1802cf018f56379493e569a9":"b7867a59958cb54328f8775e6546ec06d27eaa50":"187f390723c8902591f0154bae6d4ecbffe067f0e8b795476ea4f4d51ccc810520bb3ca9bca7d0b1f2ea8a17d873fa27570acd642e3808561cb9e975ccfd80b23dc5771cdb3306a5f23159dacbd3aa2db93d46d766e09ed15d900ad897a8d274dc26b47e994a27e97e2268a766533ae4b5e42a2fcaf755c1c4794b294c60555823":0
-
-RSASSA-PSS Signature Example 7_2
-pkcs1_rsassa_pss_sign:1030:16:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":16:"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8d80d2d08dbd19c154df3f14673a14bd03735231f24e86bf153d0e69e74cbff7b1836e664de83f680124370fc0f96c9b65c07a366b644c4ab3":"0c09582266df086310821ba7e18df64dfee6de09":"10fd89768a60a67788abb5856a787c8561f3edcf9a83e898f7dc87ab8cce79429b43e56906941a886194f137e591fe7c339555361fbbe1f24feb2d4bcdb80601f3096bc9132deea60ae13082f44f9ad41cd628936a4d51176e42fc59cb76db815ce5ab4db99a104aafea68f5d330329ebf258d4ede16064bd1d00393d5e1570eb8":0
-
-RSASSA-PSS Signature Example 7_2 (verify)
-pkcs1_rsassa_pss_verify:1030:16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8d80d2d08dbd19c154df3f14673a14bd03735231f24e86bf153d0e69e74cbff7b1836e664de83f680124370fc0f96c9b65c07a366b644c4ab3":"0c09582266df086310821ba7e18df64dfee6de09":"10fd89768a60a67788abb5856a787c8561f3edcf9a83e898f7dc87ab8cce79429b43e56906941a886194f137e591fe7c339555361fbbe1f24feb2d4bcdb80601f3096bc9132deea60ae13082f44f9ad41cd628936a4d51176e42fc59cb76db815ce5ab4db99a104aafea68f5d330329ebf258d4ede16064bd1d00393d5e1570eb8":0
-
-RSASSA-PSS Signature Example 7_3
-pkcs1_rsassa_pss_sign:1030:16:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":16:"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"808405cdfc1a58b9bb0397c720722a81fffb76278f335917ef9c473814b3e016ba2973cd2765f8f3f82d6cc38aa7f8551827fe8d1e3884b7e61c94683b8f82f1843bdae2257eeec9812ad4c2cf283c34e0b0ae0fe3cb990cf88f2ef9":"28039dcfe106d3b8296611258c4a56651c9e92dd":"2b31fde99859b977aa09586d8e274662b25a2a640640b457f594051cb1e7f7a911865455242926cf88fe80dfa3a75ba9689844a11e634a82b075afbd69c12a0df9d25f84ad4945df3dc8fe90c3cefdf26e95f0534304b5bdba20d3e5640a2ebfb898aac35ae40f26fce5563c2f9f24f3042af76f3c7072d687bbfb959a88460af1":0
-
-RSASSA-PSS Signature Example 7_3 (verify)
-pkcs1_rsassa_pss_verify:1030:16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"808405cdfc1a58b9bb0397c720722a81fffb76278f335917ef9c473814b3e016ba2973cd2765f8f3f82d6cc38aa7f8551827fe8d1e3884b7e61c94683b8f82f1843bdae2257eeec9812ad4c2cf283c34e0b0ae0fe3cb990cf88f2ef9":"28039dcfe106d3b8296611258c4a56651c9e92dd":"2b31fde99859b977aa09586d8e274662b25a2a640640b457f594051cb1e7f7a911865455242926cf88fe80dfa3a75ba9689844a11e634a82b075afbd69c12a0df9d25f84ad4945df3dc8fe90c3cefdf26e95f0534304b5bdba20d3e5640a2ebfb898aac35ae40f26fce5563c2f9f24f3042af76f3c7072d687bbfb959a88460af1":0
-
-RSASSA-PSS Signature Example 7_4
-pkcs1_rsassa_pss_sign:1030:16:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":16:"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f337b9bad937de22a1a052dff11134a8ce26976202981939b91e0715ae5e609649da1adfcef3f4cca59b238360e7d1e496c7bf4b204b5acff9bbd6166a1d87a36ef2247373751039f8a800b8399807b3a85f44893497c0d05fb7017b82228152de6f25e6116dcc7503c786c875c28f3aa607e94ab0f19863ab1b5073770b0cd5f533acde30c6fb953cf3da680264e30fc11bff9a19bffab4779b6223c3fb3fe0f71abade4eb7c09c41e24c22d23fa148e6a173feb63984d1bc6ee3a02d915b752ceaf92a3015eceb38ca586c6801b37c34cefb2cff25ea23c08662dcab26a7a93a285d05d3044c":"a77821ebbbef24628e4e12e1d0ea96de398f7b0f":"32c7ca38ff26949a15000c4ba04b2b13b35a3810e568184d7ecabaa166b7ffabddf2b6cf4ba07124923790f2e5b1a5be040aea36fe132ec130e1f10567982d17ac3e89b8d26c3094034e762d2e031264f01170beecb3d1439e05846f25458367a7d9c02060444672671e64e877864559ca19b2074d588a281b5804d23772fbbe19":0
-
-RSASSA-PSS Signature Example 7_4 (verify)
-pkcs1_rsassa_pss_verify:1030:16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f337b9bad937de22a1a052dff11134a8ce26976202981939b91e0715ae5e609649da1adfcef3f4cca59b238360e7d1e496c7bf4b204b5acff9bbd6166a1d87a36ef2247373751039f8a800b8399807b3a85f44893497c0d05fb7017b82228152de6f25e6116dcc7503c786c875c28f3aa607e94ab0f19863ab1b5073770b0cd5f533acde30c6fb953cf3da680264e30fc11bff9a19bffab4779b6223c3fb3fe0f71abade4eb7c09c41e24c22d23fa148e6a173feb63984d1bc6ee3a02d915b752ceaf92a3015eceb38ca586c6801b37c34cefb2cff25ea23c08662dcab26a7a93a285d05d3044c":"a77821ebbbef24628e4e12e1d0ea96de398f7b0f":"32c7ca38ff26949a15000c4ba04b2b13b35a3810e568184d7ecabaa166b7ffabddf2b6cf4ba07124923790f2e5b1a5be040aea36fe132ec130e1f10567982d17ac3e89b8d26c3094034e762d2e031264f01170beecb3d1439e05846f25458367a7d9c02060444672671e64e877864559ca19b2074d588a281b5804d23772fbbe19":0
-
-RSASSA-PSS Signature Example 7_5
-pkcs1_rsassa_pss_sign:1030:16:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":16:"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"45013cebafd960b255476a8e2598b9aa32efbe6dc1f34f4a498d8cf5a2b4548d08c55d5f95f7bcc9619163056f2d58b52fa032":"9d5ad8eb452134b65dc3a98b6a73b5f741609cd6":"07eb651d75f1b52bc263b2e198336e99fbebc4f332049a922a10815607ee2d989db3a4495b7dccd38f58a211fb7e193171a3d891132437ebca44f318b280509e52b5fa98fcce8205d9697c8ee4b7ff59d4c59c79038a1970bd2a0d451ecdc5ef11d9979c9d35f8c70a6163717607890d586a7c6dc01c79f86a8f28e85235f8c2f1":0
-
-RSASSA-PSS Signature Example 7_5 (verify)
-pkcs1_rsassa_pss_verify:1030:16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"45013cebafd960b255476a8e2598b9aa32efbe6dc1f34f4a498d8cf5a2b4548d08c55d5f95f7bcc9619163056f2d58b52fa032":"9d5ad8eb452134b65dc3a98b6a73b5f741609cd6":"07eb651d75f1b52bc263b2e198336e99fbebc4f332049a922a10815607ee2d989db3a4495b7dccd38f58a211fb7e193171a3d891132437ebca44f318b280509e52b5fa98fcce8205d9697c8ee4b7ff59d4c59c79038a1970bd2a0d451ecdc5ef11d9979c9d35f8c70a6163717607890d586a7c6dc01c79f86a8f28e85235f8c2f1":0
-
-RSASSA-PSS Signature Example 7_6
-pkcs1_rsassa_pss_sign:1030:16:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":16:"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"2358097086c899323e75d9c90d0c09f12d9d54edfbdf70a9c2eb5a04d8f36b9b2bdf2aabe0a5bda1968937f9d6ebd3b6b257efb3136d4131f9acb59b85e2602c2a3fcdc835494a1f4e5ec18b226c80232b36a75a45fdf09a7ea9e98efbde1450d1194bf12e15a4c5f9eb5c0bce5269e0c3b28cfab655d81a61a20b4be2f54459bb25a0db94c52218be109a7426de83014424789aaa90e5056e632a698115e282c1a56410f26c2072f193481a9dcd880572005e64f4082ecf":"3f2efc595880a7d47fcf3cba04983ea54c4b73fb":"18da3cdcfe79bfb77fd9c32f377ad399146f0a8e810620233271a6e3ed3248903f5cdc92dc79b55d3e11615aa056a795853792a3998c349ca5c457e8ca7d29d796aa24f83491709befcfb1510ea513c92829a3f00b104f655634f320752e130ec0ccf6754ff893db302932bb025eb60e87822598fc619e0e981737a9a4c4152d33":0
-
-RSASSA-PSS Signature Example 7_6 (verify)
-pkcs1_rsassa_pss_verify:1030:16:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"2358097086c899323e75d9c90d0c09f12d9d54edfbdf70a9c2eb5a04d8f36b9b2bdf2aabe0a5bda1968937f9d6ebd3b6b257efb3136d4131f9acb59b85e2602c2a3fcdc835494a1f4e5ec18b226c80232b36a75a45fdf09a7ea9e98efbde1450d1194bf12e15a4c5f9eb5c0bce5269e0c3b28cfab655d81a61a20b4be2f54459bb25a0db94c52218be109a7426de83014424789aaa90e5056e632a698115e282c1a56410f26c2072f193481a9dcd880572005e64f4082ecf":"3f2efc595880a7d47fcf3cba04983ea54c4b73fb":"18da3cdcfe79bfb77fd9c32f377ad399146f0a8e810620233271a6e3ed3248903f5cdc92dc79b55d3e11615aa056a795853792a3998c349ca5c457e8ca7d29d796aa24f83491709befcfb1510ea513c92829a3f00b104f655634f320752e130ec0ccf6754ff893db302932bb025eb60e87822598fc619e0e981737a9a4c4152d33":0
-
-RSASSA-PSS Signature Example 8_1
-pkcs1_rsassa_pss_sign:1031:16:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":16:"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"81332f4be62948415ea1d899792eeacf6c6e1db1da8be13b5cea41db2fed467092e1ff398914c714259775f595f8547f735692a575e6923af78f22c6997ddb90fb6f72d7bb0dd5744a31decd3dc3685849836ed34aec596304ad11843c4f88489f209735f5fb7fdaf7cec8addc5818168f880acbf490d51005b7a8e84e43e54287977571dd99eea4b161eb2df1f5108f12a4142a83322edb05a75487a3435c9a78ce53ed93bc550857d7a9fb":"1d65491d79c864b373009be6f6f2467bac4c78fa":"0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5":0
-
-RSASSA-PSS Signature Example 8_1 (verify)
-pkcs1_rsassa_pss_verify:1031:16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"81332f4be62948415ea1d899792eeacf6c6e1db1da8be13b5cea41db2fed467092e1ff398914c714259775f595f8547f735692a575e6923af78f22c6997ddb90fb6f72d7bb0dd5744a31decd3dc3685849836ed34aec596304ad11843c4f88489f209735f5fb7fdaf7cec8addc5818168f880acbf490d51005b7a8e84e43e54287977571dd99eea4b161eb2df1f5108f12a4142a83322edb05a75487a3435c9a78ce53ed93bc550857d7a9fb":"1d65491d79c864b373009be6f6f2467bac4c78fa":"0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5":0
-
-RSASSA-PSS Signature Example 8_2
-pkcs1_rsassa_pss_sign:1031:16:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":16:"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e2f96eaf0e05e7ba326ecca0ba7fd2f7c02356f3cede9d0faabf4fcc8e60a973e5595fd9ea08":"435c098aa9909eb2377f1248b091b68987ff1838":"2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e":0
-
-RSASSA-PSS Signature Example 8_2 (verify)
-pkcs1_rsassa_pss_verify:1031:16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e2f96eaf0e05e7ba326ecca0ba7fd2f7c02356f3cede9d0faabf4fcc8e60a973e5595fd9ea08":"435c098aa9909eb2377f1248b091b68987ff1838":"2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e":0
-
-RSASSA-PSS Signature Example 8_3
-pkcs1_rsassa_pss_sign:1031:16:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":16:"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"c6ebbe76df0c4aea32c474175b2f136862d04529":"2ad20509d78cf26d1b6c406146086e4b0c91a91c2bd164c87b966b8faa42aa0ca446022323ba4b1a1b89706d7f4c3be57d7b69702d168ab5955ee290356b8c4a29ed467d547ec23cbadf286ccb5863c6679da467fc9324a151c7ec55aac6db4084f82726825cfe1aa421bc64049fb42f23148f9c25b2dc300437c38d428aa75f96":0
-
-RSASSA-PSS Signature Example 8_3 (verify)
-pkcs1_rsassa_pss_verify:1031:16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"c6ebbe76df0c4aea32c474175b2f136862d04529":"2ad20509d78cf26d1b6c406146086e4b0c91a91c2bd164c87b966b8faa42aa0ca446022323ba4b1a1b89706d7f4c3be57d7b69702d168ab5955ee290356b8c4a29ed467d547ec23cbadf286ccb5863c6679da467fc9324a151c7ec55aac6db4084f82726825cfe1aa421bc64049fb42f23148f9c25b2dc300437c38d428aa75f96":0
-
-RSASSA-PSS Signature Example 8_4
-pkcs1_rsassa_pss_sign:1031:16:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":16:"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"dbc5f750a7a14be2b93e838d18d14a8695e52e8add9c0ac733b8f56d2747e529a0cca532dd49b902aefed514447f9e81d16195c2853868cb9b30f7d0d495c69d01b5c5d50b27045db3866c2324a44a110b1717746de457d1c8c45c3cd2a92970c3d59632055d4c98a41d6e99e2a3ddd5f7f9979ab3cd18f37505d25141de2a1bff17b3a7dce9419ecc385cf11d72840f19953fd0509251f6cafde2893d0e75c781ba7a5012ca401a4fa99e04b3c3249f926d5afe82cc87dab22c3c1b105de48e34ace9c9124e59597ac7ebf8":"021fdcc6ebb5e19b1cb16e9c67f27681657fe20a":"1e24e6e58628e5175044a9eb6d837d48af1260b0520e87327de7897ee4d5b9f0df0be3e09ed4dea8c1454ff3423bb08e1793245a9df8bf6ab3968c8eddc3b5328571c77f091cc578576912dfebd164b9de5454fe0be1c1f6385b328360ce67ec7a05f6e30eb45c17c48ac70041d2cab67f0a2ae7aafdcc8d245ea3442a6300ccc7":0
-
-RSASSA-PSS Signature Example 8_4 (verify)
-pkcs1_rsassa_pss_verify:1031:16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"dbc5f750a7a14be2b93e838d18d14a8695e52e8add9c0ac733b8f56d2747e529a0cca532dd49b902aefed514447f9e81d16195c2853868cb9b30f7d0d495c69d01b5c5d50b27045db3866c2324a44a110b1717746de457d1c8c45c3cd2a92970c3d59632055d4c98a41d6e99e2a3ddd5f7f9979ab3cd18f37505d25141de2a1bff17b3a7dce9419ecc385cf11d72840f19953fd0509251f6cafde2893d0e75c781ba7a5012ca401a4fa99e04b3c3249f926d5afe82cc87dab22c3c1b105de48e34ace9c9124e59597ac7ebf8":"021fdcc6ebb5e19b1cb16e9c67f27681657fe20a":"1e24e6e58628e5175044a9eb6d837d48af1260b0520e87327de7897ee4d5b9f0df0be3e09ed4dea8c1454ff3423bb08e1793245a9df8bf6ab3968c8eddc3b5328571c77f091cc578576912dfebd164b9de5454fe0be1c1f6385b328360ce67ec7a05f6e30eb45c17c48ac70041d2cab67f0a2ae7aafdcc8d245ea3442a6300ccc7":0
-
-RSASSA-PSS Signature Example 8_5
-pkcs1_rsassa_pss_sign:1031:16:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":16:"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"04dc251be72e88e5723485b6383a637e2fefe07660c519a560b8bc18bdedb86eae2364ea53ba9dca6eb3d2e7d6b806af42b3e87f291b4a8881d5bf572cc9a85e19c86acb28f098f9da0383c566d3c0f58cfd8f395dcf602e5cd40e8c7183f714996e2297ef":"c558d7167cbb4508ada042971e71b1377eea4269":"33341ba3576a130a50e2a5cf8679224388d5693f5accc235ac95add68e5eb1eec31666d0ca7a1cda6f70a1aa762c05752a51950cdb8af3c5379f18cfe6b5bc55a4648226a15e912ef19ad77adeea911d67cfefd69ba43fa4119135ff642117ba985a7e0100325e9519f1ca6a9216bda055b5785015291125e90dcd07a2ca9673ee":0
-
-RSASSA-PSS Signature Example 8_5 (verify)
-pkcs1_rsassa_pss_verify:1031:16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"04dc251be72e88e5723485b6383a637e2fefe07660c519a560b8bc18bdedb86eae2364ea53ba9dca6eb3d2e7d6b806af42b3e87f291b4a8881d5bf572cc9a85e19c86acb28f098f9da0383c566d3c0f58cfd8f395dcf602e5cd40e8c7183f714996e2297ef":"c558d7167cbb4508ada042971e71b1377eea4269":"33341ba3576a130a50e2a5cf8679224388d5693f5accc235ac95add68e5eb1eec31666d0ca7a1cda6f70a1aa762c05752a51950cdb8af3c5379f18cfe6b5bc55a4648226a15e912ef19ad77adeea911d67cfefd69ba43fa4119135ff642117ba985a7e0100325e9519f1ca6a9216bda055b5785015291125e90dcd07a2ca9673ee":0
-
-RSASSA-PSS Signature Example 8_6
-pkcs1_rsassa_pss_sign:1031:16:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":16:"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0ea37df9a6fea4a8b610373c24cf390c20fa6e2135c400c8a34f5c183a7e8ea4c9ae090ed31759f42dc77719cca400ecdcc517acfc7ac6902675b2ef30c509665f3321482fc69a9fb570d15e01c845d0d8e50d2a24cbf1cf0e714975a5db7b18d9e9e9cb91b5cb16869060ed18b7b56245503f0caf90352b8de81cb5a1d9c6336092f0cd":"76fd4e64fdc98eb927a0403e35a084e76ba9f92a":"1ed1d848fb1edb44129bd9b354795af97a069a7a00d0151048593e0c72c3517ff9ff2a41d0cb5a0ac860d736a199704f7cb6a53986a88bbd8abcc0076a2ce847880031525d449da2ac78356374c536e343faa7cba42a5aaa6506087791c06a8e989335aed19bfab2d5e67e27fb0c2875af896c21b6e8e7309d04e4f6727e69463e":0
-
-RSASSA-PSS Signature Example 8_6 (verify)
-pkcs1_rsassa_pss_verify:1031:16:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0ea37df9a6fea4a8b610373c24cf390c20fa6e2135c400c8a34f5c183a7e8ea4c9ae090ed31759f42dc77719cca400ecdcc517acfc7ac6902675b2ef30c509665f3321482fc69a9fb570d15e01c845d0d8e50d2a24cbf1cf0e714975a5db7b18d9e9e9cb91b5cb16869060ed18b7b56245503f0caf90352b8de81cb5a1d9c6336092f0cd":"76fd4e64fdc98eb927a0403e35a084e76ba9f92a":"1ed1d848fb1edb44129bd9b354795af97a069a7a00d0151048593e0c72c3517ff9ff2a41d0cb5a0ac860d736a199704f7cb6a53986a88bbd8abcc0076a2ce847880031525d449da2ac78356374c536e343faa7cba42a5aaa6506087791c06a8e989335aed19bfab2d5e67e27fb0c2875af896c21b6e8e7309d04e4f6727e69463e":0
-
-RSASSA-PSS Signature Example 9_1
-pkcs1_rsassa_pss_sign:1536:16:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":16:"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a88e265855e9d7ca36c68795f0b31b591cd6587c71d060a0b3f7f3eaef43795922028bc2b6ad467cfc2d7f659c5385aa70ba3672cdde4cfe4970cc7904601b278872bf51321c4a972f3c95570f3445d4f57980e0f20df54846e6a52c668f1288c03f95006ea32f562d40d52af9feb32f0fa06db65b588a237b34e592d55cf979f903a642ef64d2ed542aa8c77dc1dd762f45a59303ed75e541ca271e2b60ca709e44fa0661131e8d5d4163fd8d398566ce26de8730e72f9cca737641c244159420637028df0a18079d6208ea8b4711a2c750f5":"c0a425313df8d7564bd2434d311523d5257eed80":"586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e":0
-
-RSASSA-PSS Signature Example 9_1 (verify)
-pkcs1_rsassa_pss_verify:1536:16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a88e265855e9d7ca36c68795f0b31b591cd6587c71d060a0b3f7f3eaef43795922028bc2b6ad467cfc2d7f659c5385aa70ba3672cdde4cfe4970cc7904601b278872bf51321c4a972f3c95570f3445d4f57980e0f20df54846e6a52c668f1288c03f95006ea32f562d40d52af9feb32f0fa06db65b588a237b34e592d55cf979f903a642ef64d2ed542aa8c77dc1dd762f45a59303ed75e541ca271e2b60ca709e44fa0661131e8d5d4163fd8d398566ce26de8730e72f9cca737641c244159420637028df0a18079d6208ea8b4711a2c750f5":"c0a425313df8d7564bd2434d311523d5257eed80":"586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e":0
-
-RSASSA-PSS Signature Example 9_2
-pkcs1_rsassa_pss_sign:1536:16:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":16:"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"c8c9c6af04acda414d227ef23e0820c3732c500dc87275e95b0d095413993c2658bc1d988581ba879c2d201f14cb88ced153a01969a7bf0a7be79c84c1486bc12b3fa6c59871b6827c8ce253ca5fefa8a8c690bf326e8e37cdb96d90a82ebab69f86350e1822e8bd536a2e":"b307c43b4850a8dac2f15f32e37839ef8c5c0e91":"80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958":0
-
-RSASSA-PSS Signature Example 9_2 (verify)
-pkcs1_rsassa_pss_verify:1536:16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"c8c9c6af04acda414d227ef23e0820c3732c500dc87275e95b0d095413993c2658bc1d988581ba879c2d201f14cb88ced153a01969a7bf0a7be79c84c1486bc12b3fa6c59871b6827c8ce253ca5fefa8a8c690bf326e8e37cdb96d90a82ebab69f86350e1822e8bd536a2e":"b307c43b4850a8dac2f15f32e37839ef8c5c0e91":"80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958":0
-
-RSASSA-PSS Signature Example 9_3
-pkcs1_rsassa_pss_sign:1536:16:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":16:"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0afad42ccd4fc60654a55002d228f52a4a5fe03b8bbb08ca82daca558b44dbe1266e50c0e745a36d9d2904e3408abcd1fd569994063f4a75cc72f2fee2a0cd893a43af1c5b8b487df0a71610024e4f6ddf9f28ad0813c1aab91bcb3c9064d5ff742deffea657094139369e5ea6f4a96319a5cc8224145b545062758fefd1fe3409ae169259c6cdfd6b5f2958e314faecbe69d2cace58ee55179ab9b3e6d1ecc14a557c5febe988595264fc5da1c571462eca798a18a1a4940cdab4a3e92009ccd42e1e947b1314e32238a2dece7d23a89b5b30c751fd0a4a430d2c548594":"9a2b007e80978bbb192c354eb7da9aedfc74dbf5":"484408f3898cd5f53483f80819efbf2708c34d27a8b2a6fae8b322f9240237f981817aca1846f1084daa6d7c0795f6e5bf1af59c38e1858437ce1f7ec419b98c8736adf6dd9a00b1806d2bd3ad0a73775e05f52dfef3a59ab4b08143f0df05cd1ad9d04bececa6daa4a2129803e200cbc77787caf4c1d0663a6c5987b605952019782caf2ec1426d68fb94ed1d4be816a7ed081b77e6ab330b3ffc073820fecde3727fcbe295ee61a050a343658637c3fd659cfb63736de32d9f90d3c2f63eca":0
-
-RSASSA-PSS Signature Example 9_3 (verify)
-pkcs1_rsassa_pss_verify:1536:16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0afad42ccd4fc60654a55002d228f52a4a5fe03b8bbb08ca82daca558b44dbe1266e50c0e745a36d9d2904e3408abcd1fd569994063f4a75cc72f2fee2a0cd893a43af1c5b8b487df0a71610024e4f6ddf9f28ad0813c1aab91bcb3c9064d5ff742deffea657094139369e5ea6f4a96319a5cc8224145b545062758fefd1fe3409ae169259c6cdfd6b5f2958e314faecbe69d2cace58ee55179ab9b3e6d1ecc14a557c5febe988595264fc5da1c571462eca798a18a1a4940cdab4a3e92009ccd42e1e947b1314e32238a2dece7d23a89b5b30c751fd0a4a430d2c548594":"9a2b007e80978bbb192c354eb7da9aedfc74dbf5":"484408f3898cd5f53483f80819efbf2708c34d27a8b2a6fae8b322f9240237f981817aca1846f1084daa6d7c0795f6e5bf1af59c38e1858437ce1f7ec419b98c8736adf6dd9a00b1806d2bd3ad0a73775e05f52dfef3a59ab4b08143f0df05cd1ad9d04bececa6daa4a2129803e200cbc77787caf4c1d0663a6c5987b605952019782caf2ec1426d68fb94ed1d4be816a7ed081b77e6ab330b3ffc073820fecde3727fcbe295ee61a050a343658637c3fd659cfb63736de32d9f90d3c2f63eca":0
-
-RSASSA-PSS Signature Example 9_4
-pkcs1_rsassa_pss_sign:1536:16:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":16:"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1dfd43b46c93db82629bdae2bd0a12b882ea04c3b465f5cf93023f01059626dbbe99f26bb1be949dddd16dc7f3debb19a194627f0b224434df7d8700e9e98b06e360c12fdbe3d19f51c9684eb9089ecbb0a2f0450399d3f59eac7294085d044f5393c6ce737423d8b86c415370d389e30b9f0a3c02d25d0082e8ad6f3f1ef24a45c3cf82b383367063a4d4613e4264f01b2dac2e5aa42043f8fb5f69fa871d14fb273e767a531c40f02f343bc2fb45a0c7e0f6be2561923a77211d66a6e2dbb43c366350beae22da3ac2c1f5077096fcb5c4bf255f7574351ae0b1e1f03632817c0856d4a8ba97afbdc8b85855402bc56926fcec209f9ea8":"70f382bddf4d5d2dd88b3bc7b7308be632b84045":"84ebeb481be59845b46468bafb471c0112e02b235d84b5d911cbd1926ee5074ae0424495cb20e82308b8ebb65f419a03fb40e72b78981d88aad143053685172c97b29c8b7bf0ae73b5b2263c403da0ed2f80ff7450af7828eb8b86f0028bd2a8b176a4d228cccea18394f238b09ff758cc00bc04301152355742f282b54e663a919e709d8da24ade5500a7b9aa50226e0ca52923e6c2d860ec50ff480fa57477e82b0565f4379f79c772d5c2da80af9fbf325ece6fc20b00961614bee89a183e":0
-
-RSASSA-PSS Signature Example 9_4 (verify)
-pkcs1_rsassa_pss_verify:1536:16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1dfd43b46c93db82629bdae2bd0a12b882ea04c3b465f5cf93023f01059626dbbe99f26bb1be949dddd16dc7f3debb19a194627f0b224434df7d8700e9e98b06e360c12fdbe3d19f51c9684eb9089ecbb0a2f0450399d3f59eac7294085d044f5393c6ce737423d8b86c415370d389e30b9f0a3c02d25d0082e8ad6f3f1ef24a45c3cf82b383367063a4d4613e4264f01b2dac2e5aa42043f8fb5f69fa871d14fb273e767a531c40f02f343bc2fb45a0c7e0f6be2561923a77211d66a6e2dbb43c366350beae22da3ac2c1f5077096fcb5c4bf255f7574351ae0b1e1f03632817c0856d4a8ba97afbdc8b85855402bc56926fcec209f9ea8":"70f382bddf4d5d2dd88b3bc7b7308be632b84045":"84ebeb481be59845b46468bafb471c0112e02b235d84b5d911cbd1926ee5074ae0424495cb20e82308b8ebb65f419a03fb40e72b78981d88aad143053685172c97b29c8b7bf0ae73b5b2263c403da0ed2f80ff7450af7828eb8b86f0028bd2a8b176a4d228cccea18394f238b09ff758cc00bc04301152355742f282b54e663a919e709d8da24ade5500a7b9aa50226e0ca52923e6c2d860ec50ff480fa57477e82b0565f4379f79c772d5c2da80af9fbf325ece6fc20b00961614bee89a183e":0
-
-RSASSA-PSS Signature Example 9_5
-pkcs1_rsassa_pss_sign:1536:16:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":16:"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1bdc6e7c98fb8cf54e9b097b66a831e9cfe52d9d4888448ee4b0978093ba1d7d73ae78b3a62ba4ad95cd289ccb9e005226bb3d178bccaa821fb044a4e21ee97696c14d0678c94c2dae93b0ad73922218553daa7e44ebe57725a7a45cc72b9b2138a6b17c8db411ce8279ee1241aff0a8bec6f77f87edb0c69cb27236e3435a800b192e4f11e519e3fe30fc30eaccca4fbb41769029bf708e817a9e683805be67fa100984683b74838e3bcffa79366eed1d481c76729118838f31ba8a048a93c1be4424598e8df6328b7a77880a3f9c7e2e8dfca8eb5a26fb86bdc556d42bbe01d9fa6ed80646491c9341":"d689257a86effa68212c5e0c619eca295fb91b67":"82102df8cb91e7179919a04d26d335d64fbc2f872c44833943241de8454810274cdf3db5f42d423db152af7135f701420e39b494a67cbfd19f9119da233a23da5c6439b5ba0d2bc373eee3507001378d4a4073856b7fe2aba0b5ee93b27f4afec7d4d120921c83f606765b02c19e4d6a1a3b95fa4c422951be4f52131077ef17179729cddfbdb56950dbaceefe78cb16640a099ea56d24389eef10f8fecb31ba3ea3b227c0a86698bb89e3e9363905bf22777b2a3aa521b65b4cef76d83bde4c":0
-
-RSASSA-PSS Signature Example 9_5 (verify)
-pkcs1_rsassa_pss_verify:1536:16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1bdc6e7c98fb8cf54e9b097b66a831e9cfe52d9d4888448ee4b0978093ba1d7d73ae78b3a62ba4ad95cd289ccb9e005226bb3d178bccaa821fb044a4e21ee97696c14d0678c94c2dae93b0ad73922218553daa7e44ebe57725a7a45cc72b9b2138a6b17c8db411ce8279ee1241aff0a8bec6f77f87edb0c69cb27236e3435a800b192e4f11e519e3fe30fc30eaccca4fbb41769029bf708e817a9e683805be67fa100984683b74838e3bcffa79366eed1d481c76729118838f31ba8a048a93c1be4424598e8df6328b7a77880a3f9c7e2e8dfca8eb5a26fb86bdc556d42bbe01d9fa6ed80646491c9341":"d689257a86effa68212c5e0c619eca295fb91b67":"82102df8cb91e7179919a04d26d335d64fbc2f872c44833943241de8454810274cdf3db5f42d423db152af7135f701420e39b494a67cbfd19f9119da233a23da5c6439b5ba0d2bc373eee3507001378d4a4073856b7fe2aba0b5ee93b27f4afec7d4d120921c83f606765b02c19e4d6a1a3b95fa4c422951be4f52131077ef17179729cddfbdb56950dbaceefe78cb16640a099ea56d24389eef10f8fecb31ba3ea3b227c0a86698bb89e3e9363905bf22777b2a3aa521b65b4cef76d83bde4c":0
-
-RSASSA-PSS Signature Example 9_6
-pkcs1_rsassa_pss_sign:1536:16:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":16:"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"88c7a9f1360401d90e53b101b61c5325c3c75db1b411fbeb8e830b75e96b56670ad245404e16793544ee354bc613a90cc9848715a73db5893e7f6d279815c0c1de83ef8e2956e3a56ed26a888d7a9cdcd042f4b16b7fa51ef1a0573662d16a302d0ec5b285d2e03ad96529c87b3d374db372d95b2443d061b6b1a350ba87807ed083afd1eb05c3f52f4eba5ed2227714fdb50b9d9d9dd6814f62f6272fcd5cdbce7a9ef797":"c25f13bf67d081671a0481a1f1820d613bba2276":"a7fdb0d259165ca2c88d00bbf1028a867d337699d061193b17a9648e14ccbbaadeacaacdec815e7571294ebb8a117af205fa078b47b0712c199e3ad05135c504c24b81705115740802487992ffd511d4afc6b854491eb3f0dd523139542ff15c3101ee85543517c6a3c79417c67e2dd9aa741e9a29b06dcb593c2336b3670ae3afbac7c3e76e215473e866e338ca244de00b62624d6b9426822ceae9f8cc460895f41250073fd45c5a1e7b425c204a423a699159f6903e710b37a7bb2bc8049f":0
-
-RSASSA-PSS Signature Example 9_6 (verify)
-pkcs1_rsassa_pss_verify:1536:16:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"88c7a9f1360401d90e53b101b61c5325c3c75db1b411fbeb8e830b75e96b56670ad245404e16793544ee354bc613a90cc9848715a73db5893e7f6d279815c0c1de83ef8e2956e3a56ed26a888d7a9cdcd042f4b16b7fa51ef1a0573662d16a302d0ec5b285d2e03ad96529c87b3d374db372d95b2443d061b6b1a350ba87807ed083afd1eb05c3f52f4eba5ed2227714fdb50b9d9d9dd6814f62f6272fcd5cdbce7a9ef797":"c25f13bf67d081671a0481a1f1820d613bba2276":"a7fdb0d259165ca2c88d00bbf1028a867d337699d061193b17a9648e14ccbbaadeacaacdec815e7571294ebb8a117af205fa078b47b0712c199e3ad05135c504c24b81705115740802487992ffd511d4afc6b854491eb3f0dd523139542ff15c3101ee85543517c6a3c79417c67e2dd9aa741e9a29b06dcb593c2336b3670ae3afbac7c3e76e215473e866e338ca244de00b62624d6b9426822ceae9f8cc460895f41250073fd45c5a1e7b425c204a423a699159f6903e710b37a7bb2bc8049f":0
-
-RSASSA-PSS Signature Example 10_1
-pkcs1_rsassa_pss_sign:2048:16:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":16:"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"883177e5126b9be2d9a9680327d5370c6f26861f5820c43da67a3ad609":"04e215ee6ff934b9da70d7730c8734abfcecde89":"82c2b160093b8aa3c0f7522b19f87354066c77847abf2a9fce542d0e84e920c5afb49ffdfdace16560ee94a1369601148ebad7a0e151cf16331791a5727d05f21e74e7eb811440206935d744765a15e79f015cb66c532c87a6a05961c8bfad741a9a6657022894393e7223739796c02a77455d0f555b0ec01ddf259b6207fd0fd57614cef1a5573baaff4ec00069951659b85f24300a25160ca8522dc6e6727e57d019d7e63629b8fe5e89e25cc15beb3a647577559299280b9b28f79b0409000be25bbd96408ba3b43cc486184dd1c8e62553fa1af4040f60663de7f5e49c04388e257f1ce89c95dab48a315d9b66b1b7628233876ff2385230d070d07e1666":0
-
-RSASSA-PSS Signature Example 10_1 (verify)
-pkcs1_rsassa_pss_verify:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"883177e5126b9be2d9a9680327d5370c6f26861f5820c43da67a3ad609":"04e215ee6ff934b9da70d7730c8734abfcecde89":"82c2b160093b8aa3c0f7522b19f87354066c77847abf2a9fce542d0e84e920c5afb49ffdfdace16560ee94a1369601148ebad7a0e151cf16331791a5727d05f21e74e7eb811440206935d744765a15e79f015cb66c532c87a6a05961c8bfad741a9a6657022894393e7223739796c02a77455d0f555b0ec01ddf259b6207fd0fd57614cef1a5573baaff4ec00069951659b85f24300a25160ca8522dc6e6727e57d019d7e63629b8fe5e89e25cc15beb3a647577559299280b9b28f79b0409000be25bbd96408ba3b43cc486184dd1c8e62553fa1af4040f60663de7f5e49c04388e257f1ce89c95dab48a315d9b66b1b7628233876ff2385230d070d07e1666":0
-
-RSASSA-PSS Signature Example 10_2
-pkcs1_rsassa_pss_sign:2048:16:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":16:"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"dd670a01465868adc93f26131957a50c52fb777cdbaa30892c9e12361164ec13979d43048118e4445db87bee58dd987b3425d02071d8dbae80708b039dbb64dbd1de5657d9fed0c118a54143742e0ff3c87f74e45857647af3f79eb0a14c9d75ea9a1a04b7cf478a897a708fd988f48e801edb0b7039df8c23bb3c56f4e821ac":"8b2bdd4b40faf545c778ddf9bc1a49cb57f9b71b":"14ae35d9dd06ba92f7f3b897978aed7cd4bf5ff0b585a40bd46ce1b42cd2703053bb9044d64e813d8f96db2dd7007d10118f6f8f8496097ad75e1ff692341b2892ad55a633a1c55e7f0a0ad59a0e203a5b8278aec54dd8622e2831d87174f8caff43ee6c46445345d84a59659bfb92ecd4c818668695f34706f66828a89959637f2bf3e3251c24bdba4d4b7649da0022218b119c84e79a6527ec5b8a5f861c159952e23ec05e1e717346faefe8b1686825bd2b262fb2531066c0de09acde2e4231690728b5d85e115a2f6b92b79c25abc9bd9399ff8bcf825a52ea1f56ea76dd26f43baafa18bfa92a504cbd35699e26d1dcc5a2887385f3c63232f06f3244c3":0
-
-RSASSA-PSS Signature Example 10_2 (verify)
-pkcs1_rsassa_pss_verify:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"dd670a01465868adc93f26131957a50c52fb777cdbaa30892c9e12361164ec13979d43048118e4445db87bee58dd987b3425d02071d8dbae80708b039dbb64dbd1de5657d9fed0c118a54143742e0ff3c87f74e45857647af3f79eb0a14c9d75ea9a1a04b7cf478a897a708fd988f48e801edb0b7039df8c23bb3c56f4e821ac":"8b2bdd4b40faf545c778ddf9bc1a49cb57f9b71b":"14ae35d9dd06ba92f7f3b897978aed7cd4bf5ff0b585a40bd46ce1b42cd2703053bb9044d64e813d8f96db2dd7007d10118f6f8f8496097ad75e1ff692341b2892ad55a633a1c55e7f0a0ad59a0e203a5b8278aec54dd8622e2831d87174f8caff43ee6c46445345d84a59659bfb92ecd4c818668695f34706f66828a89959637f2bf3e3251c24bdba4d4b7649da0022218b119c84e79a6527ec5b8a5f861c159952e23ec05e1e717346faefe8b1686825bd2b262fb2531066c0de09acde2e4231690728b5d85e115a2f6b92b79c25abc9bd9399ff8bcf825a52ea1f56ea76dd26f43baafa18bfa92a504cbd35699e26d1dcc5a2887385f3c63232f06f3244c3":0
-
-RSASSA-PSS Signature Example 10_3
-pkcs1_rsassa_pss_sign:2048:16:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":16:"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"48b2b6a57a63c84cea859d65c668284b08d96bdcaabe252db0e4a96cb1bac6019341db6fbefb8d106b0e90eda6bcc6c6262f37e7ea9c7e5d226bd7df85ec5e71efff2f54c5db577ff729ff91b842491de2741d0c631607df586b905b23b91af13da12304bf83eca8a73e871ff9db":"4e96fc1b398f92b44671010c0dc3efd6e20c2d73":"6e3e4d7b6b15d2fb46013b8900aa5bbb3939cf2c095717987042026ee62c74c54cffd5d7d57efbbf950a0f5c574fa09d3fc1c9f513b05b4ff50dd8df7edfa20102854c35e592180119a70ce5b085182aa02d9ea2aa90d1df03f2daae885ba2f5d05afdac97476f06b93b5bc94a1a80aa9116c4d615f333b098892b25fface266f5db5a5a3bcc10a824ed55aad35b727834fb8c07da28fcf416a5d9b2224f1f8b442b36f91e456fdea2d7cfe3367268de0307a4c74e924159ed33393d5e0655531c77327b89821bdedf880161c78cd4196b5419f7acc3f13e5ebf161b6e7c6724716ca33b85c2e25640192ac2859651d50bde7eb976e51cec828b98b6563b86bb":0
-
-RSASSA-PSS Signature Example 10_3 (verify)
-pkcs1_rsassa_pss_verify:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"48b2b6a57a63c84cea859d65c668284b08d96bdcaabe252db0e4a96cb1bac6019341db6fbefb8d106b0e90eda6bcc6c6262f37e7ea9c7e5d226bd7df85ec5e71efff2f54c5db577ff729ff91b842491de2741d0c631607df586b905b23b91af13da12304bf83eca8a73e871ff9db":"4e96fc1b398f92b44671010c0dc3efd6e20c2d73":"6e3e4d7b6b15d2fb46013b8900aa5bbb3939cf2c095717987042026ee62c74c54cffd5d7d57efbbf950a0f5c574fa09d3fc1c9f513b05b4ff50dd8df7edfa20102854c35e592180119a70ce5b085182aa02d9ea2aa90d1df03f2daae885ba2f5d05afdac97476f06b93b5bc94a1a80aa9116c4d615f333b098892b25fface266f5db5a5a3bcc10a824ed55aad35b727834fb8c07da28fcf416a5d9b2224f1f8b442b36f91e456fdea2d7cfe3367268de0307a4c74e924159ed33393d5e0655531c77327b89821bdedf880161c78cd4196b5419f7acc3f13e5ebf161b6e7c6724716ca33b85c2e25640192ac2859651d50bde7eb976e51cec828b98b6563b86bb":0
-
-RSASSA-PSS Signature Example 10_4
-pkcs1_rsassa_pss_sign:2048:16:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":16:"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0b8777c7f839baf0a64bbbdbc5ce79755c57a205b845c174e2d2e90546a089c4e6ec8adffa23a7ea97bae6b65d782b82db5d2b5a56d22a29a05e7c4433e2b82a621abba90add05ce393fc48a840542451a":"c7cd698d84b65128d8835e3a8b1eb0e01cb541ec":"34047ff96c4dc0dc90b2d4ff59a1a361a4754b255d2ee0af7d8bf87c9bc9e7ddeede33934c63ca1c0e3d262cb145ef932a1f2c0a997aa6a34f8eaee7477d82ccf09095a6b8acad38d4eec9fb7eab7ad02da1d11d8e54c1825e55bf58c2a23234b902be124f9e9038a8f68fa45dab72f66e0945bf1d8bacc9044c6f07098c9fcec58a3aab100c805178155f030a124c450e5acbda47d0e4f10b80a23f803e774d023b0015c20b9f9bbe7c91296338d5ecb471cafb032007b67a60be5f69504a9f01abb3cb467b260e2bce860be8d95bf92c0c8e1496ed1e528593a4abb6df462dde8a0968dffe4683116857a232f5ebf6c85be238745ad0f38f767a5fdbf486fb":0
-
-RSASSA-PSS Signature Example 10_4 (verify)
-pkcs1_rsassa_pss_verify:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0b8777c7f839baf0a64bbbdbc5ce79755c57a205b845c174e2d2e90546a089c4e6ec8adffa23a7ea97bae6b65d782b82db5d2b5a56d22a29a05e7c4433e2b82a621abba90add05ce393fc48a840542451a":"c7cd698d84b65128d8835e3a8b1eb0e01cb541ec":"34047ff96c4dc0dc90b2d4ff59a1a361a4754b255d2ee0af7d8bf87c9bc9e7ddeede33934c63ca1c0e3d262cb145ef932a1f2c0a997aa6a34f8eaee7477d82ccf09095a6b8acad38d4eec9fb7eab7ad02da1d11d8e54c1825e55bf58c2a23234b902be124f9e9038a8f68fa45dab72f66e0945bf1d8bacc9044c6f07098c9fcec58a3aab100c805178155f030a124c450e5acbda47d0e4f10b80a23f803e774d023b0015c20b9f9bbe7c91296338d5ecb471cafb032007b67a60be5f69504a9f01abb3cb467b260e2bce860be8d95bf92c0c8e1496ed1e528593a4abb6df462dde8a0968dffe4683116857a232f5ebf6c85be238745ad0f38f767a5fdbf486fb":0
-
-RSASSA-PSS Signature Example 10_5
-pkcs1_rsassa_pss_sign:2048:16:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":16:"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f1036e008e71e964dadc9219ed30e17f06b4b68a955c16b312b1eddf028b74976bed6b3f6a63d4e77859243c9cccdc98016523abb02483b35591c33aad81213bb7c7bb1a470aabc10d44256c4d4559d916":"efa8bff96212b2f4a3f371a10d574152655f5dfb":"7e0935ea18f4d6c1d17ce82eb2b3836c55b384589ce19dfe743363ac9948d1f346b7bfddfe92efd78adb21faefc89ade42b10f374003fe122e67429a1cb8cbd1f8d9014564c44d120116f4990f1a6e38774c194bd1b8213286b077b0499d2e7b3f434ab12289c556684deed78131934bb3dd6537236f7c6f3dcb09d476be07721e37e1ceed9b2f7b406887bd53157305e1c8b4f84d733bc1e186fe06cc59b6edb8f4bd7ffefdf4f7ba9cfb9d570689b5a1a4109a746a690893db3799255a0cb9215d2d1cd490590e952e8c8786aa0011265252470c041dfbc3eec7c3cbf71c24869d115c0cb4a956f56d530b80ab589acfefc690751ddf36e8d383f83cedd2cc":0
-
-RSASSA-PSS Signature Example 10_5 (verify)
-pkcs1_rsassa_pss_verify:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f1036e008e71e964dadc9219ed30e17f06b4b68a955c16b312b1eddf028b74976bed6b3f6a63d4e77859243c9cccdc98016523abb02483b35591c33aad81213bb7c7bb1a470aabc10d44256c4d4559d916":"efa8bff96212b2f4a3f371a10d574152655f5dfb":"7e0935ea18f4d6c1d17ce82eb2b3836c55b384589ce19dfe743363ac9948d1f346b7bfddfe92efd78adb21faefc89ade42b10f374003fe122e67429a1cb8cbd1f8d9014564c44d120116f4990f1a6e38774c194bd1b8213286b077b0499d2e7b3f434ab12289c556684deed78131934bb3dd6537236f7c6f3dcb09d476be07721e37e1ceed9b2f7b406887bd53157305e1c8b4f84d733bc1e186fe06cc59b6edb8f4bd7ffefdf4f7ba9cfb9d570689b5a1a4109a746a690893db3799255a0cb9215d2d1cd490590e952e8c8786aa0011265252470c041dfbc3eec7c3cbf71c24869d115c0cb4a956f56d530b80ab589acfefc690751ddf36e8d383f83cedd2cc":0
-
-RSASSA-PSS Signature Example 10_6
-pkcs1_rsassa_pss_sign:2048:16:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":16:"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"ad8b1523703646224b660b550885917ca2d1df28":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0
-
-RSASSA-PSS Signature Example 10_6 (verify)
-pkcs1_rsassa_pss_verify:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"ad8b1523703646224b660b550885917ca2d1df28":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0
-
-RSASSA-PSS Signature verify options #1 (OK)
-pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:0
-
-RSASSA-PSS Signature verify options #2 (ctx_hash none)
-pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_NONE:MBEDTLS_MD_SHA1:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:0
-
-RSASSA-PSS Signature verify options #3 (ctx_hash diverging)
-depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":MBEDTLS_ERR_RSA_INVALID_PADDING:0
-
-RSASSA-PSS Signature verify options #4 (mgf1_hash diverging)
-depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-RSASSA-PSS Signature verify options #5 (wrong msg_hash)
-depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":MBEDTLS_ERR_RSA_VERIFY_FAILED:MBEDTLS_ERR_RSA_VERIFY_FAILED
-
-RSASSA-PSS Signature verify options #6 (wrong expected_salt_len)
-pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:21:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-RSASSA-PSS Signature verify options #7 (wrong expected_salt_len)
-pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:19:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-RSASSA-PSS Signature verify options #8 (non-default salt_len: max)
-depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:94:"54657374206d657373616765":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":0:0
-
-RSASSA-PSS Signature verify options #9 (non-default salt_len: 0)
-depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"54657374206d657373616765":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:0
-
-RSASSA-PSS Signature verify options #10 (non-default salt_len: 0, ANY)
-depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:"54657374206d657373616765":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:0
-
-RSASSA-PSS Signature verify options #11 (MGF1 alg != MSG hash alg)
-depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":MBEDTLS_MD_NONE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:0
-
-RSASSA-PSS Signature verify options #12 (MGF1 alg != MSG hash alg, ctx wrong)
-depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":MBEDTLS_MD_NONE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":MBEDTLS_ERR_RSA_INVALID_PADDING:0
-
-RSASSA-PSS Signature verify options #13 (MGF1 alg != MSG hash alg, arg wrong)
-depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":MBEDTLS_MD_NONE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:MBEDTLS_RSA_SALT_LEN_ANY:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-RSASSA-PSS verify ext, 512-bit key, empty salt, good signature
-depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:512:16:"00b076d23250816f9aab02307e452b97f0cae7598369b41624e8afc7971a59a13892f64b07eaa6ec928c160b2d6ec8f9d0dd5b63c8b3ac0767b4f65c892f56c10f":16:"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"":"ace8b03347da1b9a7a5e94a0d76359bb39c819bb170bef38ea84995ed653446c0ae87ede434cdf9d0cb2d7bf164cf427892363e6855a1d24d0ce5dd72acaf246":0:0
-
-RSASSA-PSS verify ext, 512-bit key, empty salt, bad signature
-depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:512:16:"00b076d23250816f9aab02307e452b97f0cae7598369b41624e8afc7971a59a13892f64b07eaa6ec928c160b2d6ec8f9d0dd5b63c8b3ac0767b4f65c892f56c10f":16:"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"":"ace8b03347da1b9a7a5e94a0d76359bb39c819bb170bef38ea84995ed653446c0ae87ede434cdf9d0cb2d7bf164cf427892363e6855a1d24d0ce5dd72acaf247":MBEDTLS_ERR_RSA_INVALID_PADDING:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-RSASSA-PSS verify ext, 522-bit key, SHA-512, empty salt, good signature
-depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify_ext:522:16:"02d302753e3dda28f42f4d9f92c8647420ea6fbc97c10f8498b966a953f357698d6581060dfe32c8ab98db4bc5ce2acdf0c1e6e404a75a13282550c1aa37d3cdc8bf":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"":"016752ae0b5dfbade6bbd3dd37868d48c8d741f92dca41c360aeda553204c2212a117b1a3d77e0d3f48723503c46e16c8a64de00f1dee3e37e478417452630859486":0:0
-
-RSASSA-PSS verify ext, 522-bit key, SHA-512, saltlen=64, good signature with saltlen=0
-depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify_ext:522:16:"02d302753e3dda28f42f4d9f92c8647420ea6fbc97c10f8498b966a953f357698d6581060dfe32c8ab98db4bc5ce2acdf0c1e6e404a75a13282550c1aa37d3cdc8bf":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:64:"":"016752ae0b5dfbade6bbd3dd37868d48c8d741f92dca41c360aeda553204c2212a117b1a3d77e0d3f48723503c46e16c8a64de00f1dee3e37e478417452630859486":0:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-RSASSA-PSS verify ext, 528-bit key, SHA-512, empty salt, good signature
-depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify_ext:528:16:"00e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"":"a9ad7994ba3a1071124153486924448cc67a5af3a5d34e9261d53770782cc85f58e2edde5f7004652a645e3e9606530eb57de41df7298ae2be9dec69cc0d613ab629":0:0
-
-RSASSA-PSS verify ext, 528-bit key, SHA-512, saltlen=64, good signature with saltlen=0
-depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify_ext:528:16:"00e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:64:"":"a9ad7994ba3a1071124153486924448cc67a5af3a5d34e9261d53770782cc85f58e2edde5f7004652a645e3e9606530eb57de41df7298ae2be9dec69cc0d613ab629":0:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-RSASSA-PSS verify ext, 512-bit key, SHA-512 (hash too large)
-depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify_ext:512:16:"00b076d23250816f9aab02307e452b97f0cae7598369b41624e8afc7971a59a13892f64b07eaa6ec928c160b2d6ec8f9d0dd5b63c8b3ac0767b4f65c892f56c10f":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"":"ace8b03347da1b9a7a5e94a0d76359bb39c819bb170bef38ea84995ed653446c0ae87ede434cdf9d0cb2d7bf164cf427892363e6855a1d24d0ce5dd72acaf246":MBEDTLS_ERR_RSA_BAD_INPUT_DATA:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSASSA-PSS verify ext, 521-bit key, SHA-512, empty salt, bad signature
-depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify_ext:521:16:"0131b69860f3cb9bf85ea358fdf2bd2990f1b77a80d6a4fdf817a43dd896bdf7dd26af8ac0237f526e0d33b105c971fdbd4ffa9ece99fc469f31ecf429e8f562c1c3":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"":"00471794655837da498cbf27242807b40593a353c707eb22fd2cc5a3259e728ac4f1df676043eeec8e16c1175b3d9ac8cae72ec1d5772dd69de71c5677f19031568e":MBEDTLS_ERR_RSA_BAD_INPUT_DATA:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSASSA-PSS verify ext, 521-bit key, SHA-256, empty salt, good signature
-depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:521:16:"0131b69860f3cb9bf85ea358fdf2bd2990f1b77a80d6a4fdf817a43dd896bdf7dd26af8ac0237f526e0d33b105c971fdbd4ffa9ece99fc469f31ecf429e8f562c1c3":16:"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"41":"009c4941157fa36288e467310b198ab0c615c40963d611ffeef03000549ded809235955ecc57adba44782e9497c004f480ba2b3d58db8335fe0b391075c02c843a6d":0:0
-
-RSASSA-PSS verify ext, 521-bit key, SHA-256, empty salt, flipped-highest-bit signature
-depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:521:16:"0131b69860f3cb9bf85ea358fdf2bd2990f1b77a80d6a4fdf817a43dd896bdf7dd26af8ac0237f526e0d33b105c971fdbd4ffa9ece99fc469f31ecf429e8f562c1c3":16:"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"41":"00e11a2403df681c44a1f73f014b6c9ad17847d0b673f7c2a801cee208d10ab5792c10cd0cd495a4b331aaa521409fca7cb1b0d978b3a84cd67e28078b98753e9466":MBEDTLS_ERR_RSA_BAD_INPUT_DATA:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSASSA-PSS verify ext, all-zero padding, automatic salt length
-depends_on:MBEDTLS_SHA256_C
-pkcs1_rsassa_pss_verify_ext:512:16:"00b076d23250816f9aab02307e452b97f0cae7598369b41624e8afc7971a59a13892f64b07eaa6ec928c160b2d6ec8f9d0dd5b63c8b3ac0767b4f65c892f56c10f":16:"010001":MBEDTLS_MD_NONE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:"":"63a35294577c7e593170378175b7df27c293dae583ec2a971426eb2d66f2af483e897bfae5dc20300a9d61a3644e08c3aee61a463690a3498901563c46041056":MBEDTLS_ERR_RSA_INVALID_PADDING:MBEDTLS_ERR_RSA_INVALID_PADDING
-
-RSASSA-PSS Signature RSA-1024, SHA-512
-depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_sign:1024:16:"00e8f95a716c127d5147dcc241a7c1fe8d5487b3e8b6e95e48a83334d21d00c79ad0a90e29941c0c53065b20059de95e9e406061416f7ac12edca1983b9ee28cc3":16:"00d72348b297e7e5dc4329f6ab874b17982584e0ab43174070a9be983c0f040320d6f893c40d2717cb3044380cb3230b7133621eb1c55a3ea56d0e7cee694b5df3":16:"00c3c9873548543591c1f947e412c33da56b9d1b94a58c2f410a8a620e9b4f1d9197643ebf527f5f62b202b9d67a32654d05f326a9b61e0106efdf4829673c4f3d23655996e2424059916ab47aa67e406c129679e5979ca46708866608ffa21f619843b959b4442e422598a2faab54a8cef1f131992677d2cf5bcaf2b5564f7419":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"655d1cf86a7af5113d1791ab7b6627845ea2aa7efbae82705a3563e5ba0337a1d033cb9283b38c042056e0a1d0529891173e3df6621dd8b184930caec8b3cbe4d1068524dab0ec6854f6638d86b77434cd792ddec0d02327a9eebffcd6911ffd32ad9bcb569d3237398c8169d9c62e7eea81c1b456fd36019aad1e4b268c604d":0
-
-RSASSA-PSS Verification RSA-1024, SHA-512
-depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify:1022:16:"00c3c9873548543591c1f947e412c33da56b9d1b94a58c2f410a8a620e9b4f1d9197643ebf527f5f62b202b9d67a32654d05f326a9b61e0106efdf4829673c4f3d23655996e2424059916ab47aa67e406c129679e5979ca46708866608ffa21f619843b959b4442e422598a2faab54a8cef1f131992677d2cf5bcaf2b5564f7419":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"655d1cf86a7af5113d1791ab7b6627845ea2aa7efbae82705a3563e5ba0337a1d033cb9283b38c042056e0a1d0529891173e3df6621dd8b184930caec8b3cbe4d1068524dab0ec6854f6638d86b77434cd792ddec0d02327a9eebffcd6911ffd32ad9bcb569d3237398c8169d9c62e7eea81c1b456fd36019aad1e4b268c604d":0
-
-RSASSA-PSS Signature RSA-1032, SHA-512
-depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_sign:1032:16:"0dfaedb709ada2105223e5e7764a5f31d07ae7a37bdc7b4a56c2499e1173147bcdcb165b8fb01a2528190cb6874656a936491898fca330db8af5a9ed5417268ed7":16:"0c339c56797a90c641292560d0ef675f71ac2c99fcaba6260c38e4f167dfd179eb7a9e255f9bdbc549e4181f9a2a19b1f30a80b292d5ef1ad75b9e658eaa6fb0bb":16:"00aa94ab91b4c26be257e469528228c4b0b6b4c99e73a84a272b3101892c07406911372b83ec4a7b8191f0ba4b4cb4cb3b732074e96c668297e1323b8ad0822a7e151182def03871a66a47b704b92845c6194142d4eeda19903e04043581f7a835dc288117863d21944c3aeded518458f1a30a41c7638aa4e098a88fdf2c2097270d":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"13ad40169494129b907f061d885fbe50ab654fc7b4be657ff8629d7ca291838159e9a7b7adc93560dda2bb9127966eb8d57377fb19d5b043dca67a07ba3c23069b391ddd921b507a8cca2d5eb7ccc84b90089092ca88530e074e629c3cb6902b2d0475000269a28c4cd89cec0dca66571fa7fbe4976373abe905cbe4c66c8d5fbb":0
-
-RSASSA-PSS Verification RSA-1032, SHA-512
-depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify:1032:16:"00aa94ab91b4c26be257e469528228c4b0b6b4c99e73a84a272b3101892c07406911372b83ec4a7b8191f0ba4b4cb4cb3b732074e96c668297e1323b8ad0822a7e151182def03871a66a47b704b92845c6194142d4eeda19903e04043581f7a835dc288117863d21944c3aeded518458f1a30a41c7638aa4e098a88fdf2c2097270d":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"13ad40169494129b907f061d885fbe50ab654fc7b4be657ff8629d7ca291838159e9a7b7adc93560dda2bb9127966eb8d57377fb19d5b043dca67a07ba3c23069b391ddd921b507a8cca2d5eb7ccc84b90089092ca88530e074e629c3cb6902b2d0475000269a28c4cd89cec0dca66571fa7fbe4976373abe905cbe4c66c8d5fbb":0
-
-RSASSA-PSS Verification of OpenSSL-generated signature RSA-1032, SHA-512
-depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify:1032:16:"00aa94ab91b4c26be257e469528228c4b0b6b4c99e73a84a272b3101892c07406911372b83ec4a7b8191f0ba4b4cb4cb3b732074e96c668297e1323b8ad0822a7e151182def03871a66a47b704b92845c6194142d4eeda19903e04043581f7a835dc288117863d21944c3aeded518458f1a30a41c7638aa4e098a88fdf2c2097270d":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"1de40b1c452691dfd8ceb42ecf5f0cbda944d871141b4407c1e30a6657c58c2e496b2a3ad10e025d45ca9606d25602ac1de04af8e0d24aa06e57ec3fea5c961ecf1e0a4e442fda0cdaba42469288cde5d7d0c223facceaf4c7caabe93505acd5664c9b4fae64272af4d5b74326a01724a25fabdb10b177821d2273650a84426dbd":0
-
-RSASSA-PSS Signature RSA-1040, SHA-512
-depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_sign:1040:16:"00fc7f4b490b4d3ef729db23fb5afbb5f2fc620a472342d8b8ff310cfdc124be76dc22ab6f4be35a38ddd31f24d7f64d310f67ab3a375e83f4e0559e4cb5dc43e875":16:"00d51e8680ab71dc01e1a8a68a298636bb1658cfab8d73ce528a62697722d485ab90cdafc5e27768b761839ff93420458ae55f15a69465dbc0c7b524dc9a385ff925":16:"00d2340538231dcd5a61edf83ab94b2e4b3a784394c4ed35a424c050c294157b7625f9aca8258c21e2d0a7aa9b7c9db576404e63090dba50d998f9a3ec72b1a5cf28d83251ab93341c7d2c1a90403d70f67bc1a9e413bc62facccb52441e24c3f2bc9fdeca1a783012e70b9528176260580c4e1026c58209e8dcc4de3bf3f5be5565e9":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"13e695948d59ded5a975cd9fb14bffc48e4ff9725576a96a6693da1a3c4c90d17d6811a97a633180d76dba5b957d2244e3b97e7bf3463a77d0b6c39b28a88e0b6739113726cd74937ad5f693ae5a8fd77febc270a115df05c344ddffebc2438ae67a5eea6572f434881bdf350aed4ec8f3a530d279d3fff07bb78e510807114e6ee7":0
-
-RSASSA-PSS Verification RSA-1040, SHA-512
-depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify:1040:16:"00d2340538231dcd5a61edf83ab94b2e4b3a784394c4ed35a424c050c294157b7625f9aca8258c21e2d0a7aa9b7c9db576404e63090dba50d998f9a3ec72b1a5cf28d83251ab93341c7d2c1a90403d70f67bc1a9e413bc62facccb52441e24c3f2bc9fdeca1a783012e70b9528176260580c4e1026c58209e8dcc4de3bf3f5be5565e9":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"13e695948d59ded5a975cd9fb14bffc48e4ff9725576a96a6693da1a3c4c90d17d6811a97a633180d76dba5b957d2244e3b97e7bf3463a77d0b6c39b28a88e0b6739113726cd74937ad5f693ae5a8fd77febc270a115df05c344ddffebc2438ae67a5eea6572f434881bdf350aed4ec8f3a530d279d3fff07bb78e510807114e6ee7":0
-
-RSASSA-PSS Signature RSA-1048, SHA-512
-depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_sign:1048:16:"0f39b79809516becc2e3481b6b47584aa2299bd2027ab8a303b9de5b0adcb4a5d38e38edb8c1fac3ea1dbd7e1d50b84323e362cff4df3f5a5182dafa9bb9217a73d7":16:"0d18164f8bd0d58d019998c8cb17c4c0354e62b8a9462acca30816894f982c2ae114e73993e30698930437b4eec44adec24d32ccbcbae7cc4c9f8911b1eb2100685b":16:"00c75d0f9fa17d1d24b939537a434017f390c6604444c35a13360d6b1fc986baf40159b84275d37b883278df5064dd9eb0f29b0d325acc790c4b59672737dbbf3acb88f5e2f2d54c919cafd072272c494591d52e158993315e71e2ca60b1c74feff8f3d77842b415d4e71734a498206a5cd9315c87b23e583e25eb4ca97056b45c96856d":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"9442a8ec48f87ebc81cc1273b03e528e7643c9e2fcc60ed85827d9341c5a36e5c76059baa8e9891df437e44c4047a266b46bcaaad3de1f1d4d3576defff080b791b013491636187fc45a930b70a533ed92abfd168f050df91b4c35d68d160a243ce589807a7d32661fc18b9547cdc0fd86d33acd349c98b34fb016ddd1bff23c58170e":0
-
-RSASSA-PSS Verification RSA-1048, SHA-512
-depends_on:MBEDTLS_SHA512_C
-pkcs1_rsassa_pss_verify:1048:16:"00c75d0f9fa17d1d24b939537a434017f390c6604444c35a13360d6b1fc986baf40159b84275d37b883278df5064dd9eb0f29b0d325acc790c4b59672737dbbf3acb88f5e2f2d54c919cafd072272c494591d52e158993315e71e2ca60b1c74feff8f3d77842b415d4e71734a498206a5cd9315c87b23e583e25eb4ca97056b45c96856d":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"9442a8ec48f87ebc81cc1273b03e528e7643c9e2fcc60ed85827d9341c5a36e5c76059baa8e9891df437e44c4047a266b46bcaaad3de1f1d4d3576defff080b791b013491636187fc45a930b70a533ed92abfd168f050df91b4c35d68d160a243ce589807a7d32661fc18b9547cdc0fd86d33acd349c98b34fb016ddd1bff23c58170e":0
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkcs1_v21.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkcs1_v21.function
deleted file mode 100644
index c28cf08..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkcs1_v21.function
+++ /dev/null
@@ -1,259 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/rsa.h"
-#include "mbedtls/md.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void pkcs1_rsaes_oaep_encrypt( int mod, int radix_N, char * input_N,
-                               int radix_E, char * input_E, int hash,
-                               data_t * message_str, data_t * rnd_buf,
-                               data_t * result_str, int result )
-{
-    unsigned char output[256];
-    mbedtls_rsa_context ctx;
-    mbedtls_test_rnd_buf_info info;
-    mbedtls_mpi N, E;
-
-    info.buf = rnd_buf->x;
-    info.length = rnd_buf->len;
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
-    mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash );
-    memset( output, 0x00, sizeof( output ) );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
-    TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
-
-    if( message_str->len == 0 )
-        message_str->x = NULL;
-    TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
-                                            &mbedtls_test_rnd_buffer_rand,
-                                            &info, MBEDTLS_RSA_PUBLIC,
-                                            message_str->len, message_str->x,
-                                            output ) == result );
-    if( result == 0 )
-    {
-        TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
-                                          ctx.len, result_str->len ) == 0 );
-    }
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
-    mbedtls_rsa_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void pkcs1_rsaes_oaep_decrypt( int mod, int radix_P, char * input_P,
-                               int radix_Q, char * input_Q, int radix_N,
-                               char * input_N, int radix_E, char * input_E,
-                               int hash, data_t * result_str,
-                               char * seed, data_t * message_str,
-                               int result )
-{
-    unsigned char output[64];
-    mbedtls_rsa_context ctx;
-    size_t output_len;
-    mbedtls_test_rnd_pseudo_info rnd_info;
-    mbedtls_mpi N, P, Q, E;
-    ((void) seed);
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
-    mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
-
-    mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash );
-
-    memset( output, 0x00, sizeof( output ) );
-    memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
-    TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
-
-    if( result_str->len == 0 )
-    {
-        TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
-                                                &mbedtls_test_rnd_pseudo_rand,
-                                                &rnd_info,
-                                                MBEDTLS_RSA_PRIVATE,
-                                                &output_len, message_str->x,
-                                                NULL, 0 ) == result );
-    }
-    else
-    {
-        TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
-                                                &mbedtls_test_rnd_pseudo_rand,
-                                                &rnd_info,
-                                                MBEDTLS_RSA_PRIVATE,
-                                                &output_len, message_str->x,
-                                                output,
-                                                sizeof( output ) ) == result );
-        if( result == 0 )
-        {
-            TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
-                                              output_len,
-                                              result_str->len ) == 0 );
-        }
-    }
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
-    mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
-    mbedtls_rsa_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void pkcs1_rsassa_pss_sign( int mod, int radix_P, char * input_P, int radix_Q,
-                            char * input_Q, int radix_N, char * input_N,
-                            int radix_E, char * input_E, int digest, int hash,
-                            data_t * message_str, data_t * rnd_buf,
-                            data_t * result_str, int result )
-{
-    unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
-    unsigned char output[256];
-    mbedtls_rsa_context ctx;
-    mbedtls_test_rnd_buf_info info;
-    mbedtls_mpi N, P, Q, E;
-
-    info.buf = rnd_buf->x;
-    info.length = rnd_buf->len;
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
-    mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
-    mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash );
-
-    memset( hash_result, 0x00, sizeof( hash_result ) );
-    memset( output, 0x00, sizeof( output ) );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
-    TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
-
-
-    if( mbedtls_md_info_from_type( digest ) != NULL )
-        TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_buffer_rand,
-                                         &info, MBEDTLS_RSA_PRIVATE, digest, 0,
-                                         hash_result, output ) == result );
-    if( result == 0 )
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
-                                          ctx.len, result_str->len ) == 0 );
-    }
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
-    mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
-    mbedtls_rsa_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void pkcs1_rsassa_pss_verify( int mod, int radix_N, char * input_N,
-                              int radix_E, char * input_E, int digest,
-                              int hash, data_t * message_str, char * salt,
-                              data_t * result_str, int result )
-{
-    unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
-    mbedtls_rsa_context ctx;
-    mbedtls_mpi N, E;
-    ((void) salt);
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
-    mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash );
-    memset( hash_result, 0x00, sizeof( hash_result ) );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
-    TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
-
-
-    if( mbedtls_md_info_from_type( digest ) != NULL )
-        TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
-    mbedtls_rsa_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void pkcs1_rsassa_pss_verify_ext( int mod, int radix_N, char * input_N,
-                                  int radix_E, char * input_E,
-                                  int msg_digest_id, int ctx_hash,
-                                  int mgf_hash, int salt_len,
-                                  data_t * message_str,
-                                  data_t * result_str, int result_simple,
-                                  int result_full )
-{
-    unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
-    mbedtls_rsa_context ctx;
-    size_t hash_len;
-    mbedtls_mpi N, E;
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
-    mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, ctx_hash );
-    memset( hash_result, 0x00, sizeof( hash_result ) );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
-    TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
-
-
-    if( msg_digest_id != MBEDTLS_MD_NONE )
-    {
-        TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( msg_digest_id ),
-                     message_str->x, message_str->len, hash_result ) == 0 );
-        hash_len = 0;
-    }
-    else
-    {
-        memcpy( hash_result, message_str->x, message_str->len );
-        hash_len = message_str->len;
-    }
-
-    TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC,
-                                   msg_digest_id, hash_len, hash_result,
-                                   result_str->x ) == result_simple );
-
-    TEST_ASSERT( mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC,
-                                        msg_digest_id, hash_len, hash_result,
-                                        mgf_hash, salt_len,
-                                        result_str->x ) == result_full );
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
-    mbedtls_rsa_free( &ctx );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkcs5.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkcs5.data
deleted file mode 100644
index e51a7d2..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkcs5.data
+++ /dev/null
@@ -1,214 +0,0 @@
-PBKDF2 RFC 6070 Test Vector #1 (SHA1)
-depends_on:MBEDTLS_SHA1_C
-pbkdf2_hmac:MBEDTLS_MD_SHA1:"70617373776f7264":"73616c74":1:20:"0c60c80f961f0e71f3a9b524af6012062fe037a6"
-
-PBKDF2 RFC 6070 Test Vector #2 (SHA1)
-depends_on:MBEDTLS_SHA1_C
-pbkdf2_hmac:MBEDTLS_MD_SHA1:"70617373776f7264":"73616c74":2:20:"ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957"
-
-PBKDF2 RFC 6070 Test Vector #3 (SHA1)
-depends_on:MBEDTLS_SHA1_C
-pbkdf2_hmac:MBEDTLS_MD_SHA1:"70617373776f7264":"73616c74":4096:20:"4b007901b765489abead49d926f721d065a429c1"
-
-PBKDF2 RFC 6070 Test Vector #5 (SHA1)
-depends_on:MBEDTLS_SHA1_C
-pbkdf2_hmac:MBEDTLS_MD_SHA1:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038"
-
-PBKDF2 RFC 6070 Test Vector #6 (SHA1)
-depends_on:MBEDTLS_SHA1_C
-pbkdf2_hmac:MBEDTLS_MD_SHA1:"7061737300776f7264":"7361006c74":4096:16:"56fa6aa75548099dcc37d7f03425e0c3"
-
-PBKDF2 Python hashlib Test Vector #1 (SHA224)
-depends_on:MBEDTLS_SHA256_C
-pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f7264":"73616c74":1:20:"3c198cbdb9464b7857966bd05b7bc92bc1cc4e6e"
-
-PBKDF2 Python hashlib Test Vector #2 (SHA224)
-depends_on:MBEDTLS_SHA256_C
-pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f7264":"73616c74":2:20:"93200ffa96c5776d38fa10abdf8f5bfc0054b971"
-
-PBKDF2 Python hashlib Test Vector #3 (SHA224)
-depends_on:MBEDTLS_SHA256_C
-pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f7264":"73616c74":4096:20:"218c453bf90635bd0a21a75d172703ff6108ef60"
-
-PBKDF2 Python hashlib Test Vector #5 (SHA224)
-depends_on:MBEDTLS_SHA256_C
-pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"056c4ba438ded91fc14e0594e6f52b87e1f3690c0dc0fbc057"
-
-PBKDF2 Python hashlib Test Vector #6 (SHA224)
-depends_on:MBEDTLS_SHA256_C
-pbkdf2_hmac:MBEDTLS_MD_SHA224:"7061737300776f7264":"7361006c74":4096:16:"9b4011b641f40a2a500a31d4a392d15c"
-
-PBKDF2 RFC 7914 Sec 11 Test Vector #1 (SHA256)
-depends_on:MBEDTLS_SHA256_C
-pbkdf2_hmac:MBEDTLS_MD_SHA256:"706173737764":"73616c74":1:64:"55ac046e56e3089fec1691c22544b605f94185216dde0465e68b9d57c20dacbc49ca9cccf179b645991664b39d77ef317c71b845b1e30bd509112041d3a19783"
-
-PBKDF2 RFC 7914 Sec 11 Test Vector #2 (SHA256)
-depends_on:MBEDTLS_SHA256_C
-pbkdf2_hmac:MBEDTLS_MD_SHA256:"50617373776f7264":"4e61436c":80000:64:"4ddcd8f60b98be21830cee5ef22701f9641a4418d04c0414aeff08876b34ab56a1d425a1225833549adb841b51c9b3176a272bdebba1d078478f62b397f33c8d"
-
-PBKDF2 Python hashlib Test Vector #1 (SHA256)
-depends_on:MBEDTLS_SHA256_C
-pbkdf2_hmac:MBEDTLS_MD_SHA256:"70617373776f7264":"73616c74":1:20:"120fb6cffcf8b32c43e7225256c4f837a86548c9"
-
-PBKDF2 Python hashlib Test Vector #2 (SHA256)
-depends_on:MBEDTLS_SHA256_C
-pbkdf2_hmac:MBEDTLS_MD_SHA256:"70617373776f7264":"73616c74":2:20:"ae4d0c95af6b46d32d0adff928f06dd02a303f8e"
-
-PBKDF2 Python hashlib Test Vector #3 (SHA256)
-depends_on:MBEDTLS_SHA256_C
-pbkdf2_hmac:MBEDTLS_MD_SHA256:"70617373776f7264":"73616c74":4096:20:"c5e478d59288c841aa530db6845c4c8d962893a0"
-
-PBKDF2 Python hashlib Test Vector #5 (SHA256)
-depends_on:MBEDTLS_SHA256_C
-pbkdf2_hmac:MBEDTLS_MD_SHA256:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c"
-
-PBKDF2 Python hashlib Test Vector #6 (SHA256)
-depends_on:MBEDTLS_SHA256_C
-pbkdf2_hmac:MBEDTLS_MD_SHA256:"7061737300776f7264":"7361006c74":4096:16:"89b69d0516f829893c696226650a8687"
-
-PBKDF2 Python hashlib Test Vector #1 (SHA384)
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f7264":"73616c74":1:20:"c0e14f06e49e32d73f9f52ddf1d0c5c719160923"
-
-PBKDF2 Python hashlib Test Vector #2 (SHA384)
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f7264":"73616c74":2:20:"54f775c6d790f21930459162fc535dbf04a93918"
-
-PBKDF2 Python hashlib Test Vector #3 (SHA384)
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f7264":"73616c74":4096:20:"559726be38db125bc85ed7895f6e3cf574c7a01c"
-
-PBKDF2 Python hashlib Test Vector #5 (SHA384)
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"819143ad66df9a552559b9e131c52ae6c5c1b0eed18f4d283b"
-
-PBKDF2 Python hashlib Test Vector #6 (SHA384)
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-pbkdf2_hmac:MBEDTLS_MD_SHA384:"7061737300776f7264":"7361006c74":4096:16:"a3f00ac8657e095f8e0823d232fc60b3"
-
-PBKDF2 Python hashlib Test Vector #1 (SHA512)
-depends_on:MBEDTLS_SHA512_C
-pbkdf2_hmac:MBEDTLS_MD_SHA512:"70617373776f7264":"73616c74":1:20:"867f70cf1ade02cff3752599a3a53dc4af34c7a6"
-
-PBKDF2 Python hashlib Test Vector #2 (SHA512)
-depends_on:MBEDTLS_SHA512_C
-pbkdf2_hmac:MBEDTLS_MD_SHA512:"70617373776f7264":"73616c74":2:20:"e1d9c16aa681708a45f5c7c4e215ceb66e011a2e"
-
-PBKDF2 Python hashlib Test Vector #3 (SHA512)
-depends_on:MBEDTLS_SHA512_C
-pbkdf2_hmac:MBEDTLS_MD_SHA512:"70617373776f7264":"73616c74":4096:20:"d197b1b33db0143e018b12f3d1d1479e6cdebdcc"
-
-PBKDF2 Python hashlib Test Vector #5 (SHA512)
-depends_on:MBEDTLS_SHA512_C
-pbkdf2_hmac:MBEDTLS_MD_SHA512:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"8c0511f4c6e597c6ac6315d8f0362e225f3c501495ba23b868"
-
-PBKDF2 Python hashlib Test Vector #6 (SHA512)
-depends_on:MBEDTLS_SHA512_C
-pbkdf2_hmac:MBEDTLS_MD_SHA512:"7061737300776f7264":"7361006c74":4096:16:"9d9e9c4cd21fe4be24d5b8244c759665"
-
-PBES2 Decrypt (OK)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606"
-
-PBES2 Decrypt (bad params tag)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_SEQUENCE:"":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:""
-
-PBES2 Decrypt (bad KDF AlgId: not a sequence)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"31":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:""
-
-PBES2 Decrypt (bad KDF AlgId: overlong)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"3001":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
-
-PBES2 Decrypt (KDF != PBKDF2)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300B06092A864886F70D01050D":"":"":MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE:""
-
-PBES2 Decrypt (bad PBKDF2 params: not a sequence)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300D06092A864886F70D01050C3100":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:""
-
-PBES2 Decrypt (bad PBKDF2 params: overlong)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300D06092A864886F70D01050C3001":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
-
-PBES2 Decrypt (bad PBKDF2 params salt: not an octet string)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300E06092A864886F70D01050C30010500":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:""
-
-PBES2 Decrypt (bad PBKDF2 params salt: overlong)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300E06092A864886F70D01050C30010401":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
-
-PBES2 Decrypt (bad PBKDF2 params iter: not an int)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301906092A864886F70D01050C300C04082ED7F24A1D516DD70300":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:""
-
-PBES2 Decrypt (bad PBKDF2 params iter: overlong)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301906092A864886F70D01050C300C04082ED7F24A1D516DD70201":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
-
-PBES2 Decrypt (OK, PBKDF2 params explicit keylen)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301E06092A864886F70D01050C301104082ED7F24A1D516DD702020800020118301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606"
-
-PBES2 Decrypt (bad PBKDF2 params explicit keylen: overlong)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208000201":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
-
-PBES2 Decrypt (OK, PBKDF2 params explicit prf_alg)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302706092A864886F70D01050C301A04082ED7F24A1D516DD702020800300A06082A864886F70D0207301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606"
-
-PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg not a sequence)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208003100":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:""
-
-PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg overlong)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208003001":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
-
-PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg != HMAC-SHA*)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302706092A864886F70D01050C301A04082ED7F24A1D516DD702020800300A06082A864886F70D0206":"":"":MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE:""
-
-PBES2 Decrypt (bad, PBKDF2 params extra data)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302806092A864886F70D01050C301B04082ED7F24A1D516DD702020800300A06082A864886F70D020700":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH:""
-
-PBES2 Decrypt (bad enc_scheme_alg: not a sequence)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD7020208003100":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:""
-
-PBES2 Decrypt (bad enc_scheme_alg: overlong)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD7020208003001":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
-
-PBES2 Decrypt (bad enc_scheme_alg: unknown oid)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300A06082A864886F70D03FF":"":"":MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE:""
-
-PBES2 Decrypt (bad enc_scheme_alg params: not an octet string)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300C06082A864886F70D03070500":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT:""
-
-PBES2 Decrypt (bad enc_scheme_alg params: overlong)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300C06082A864886F70D03070401":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
-
-PBES2 Decrypt (bad enc_scheme_alg params: len != iv_len)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301306082A864886F70D030704078A4FCC9DCC3949":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT:""
-
-PBES2 Decrypt (bad password)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"F0617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606"
-
-PBES2 Decrypt (bad iter value)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020801301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606"
-
-PKCS#5 Selftest
-pkcs5_selftest:
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkcs5.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkcs5.function
deleted file mode 100644
index 0b0c937..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkcs5.function
+++ /dev/null
@@ -1,66 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/pkcs5.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PKCS5_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void pbkdf2_hmac( int hash, data_t * pw_str, data_t * salt_str,
-                  int it_cnt, int key_len, data_t * result_key_string )
-{
-    mbedtls_md_context_t ctx;
-    const mbedtls_md_info_t *info;
-
-    unsigned char key[100];
-
-    mbedtls_md_init( &ctx );
-
-    info = mbedtls_md_info_from_type( hash );
-    TEST_ASSERT( info != NULL );
-    TEST_ASSERT( mbedtls_md_setup( &ctx, info, 1 ) == 0 );
-    TEST_ASSERT( mbedtls_pkcs5_pbkdf2_hmac( &ctx, pw_str->x, pw_str->len, salt_str->x, salt_str->len,
-                                     it_cnt, key_len, key ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( key, result_key_string->x,
-                                      key_len, result_key_string->len ) == 0 );
-
-exit:
-    mbedtls_md_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */
-void mbedtls_pkcs5_pbes2( int params_tag, data_t *params_hex, data_t *pw,
-                  data_t *data, int ref_ret, data_t *ref_out )
-{
-    int my_ret;
-    mbedtls_asn1_buf params;
-    unsigned char *my_out = NULL;
-
-    params.tag = params_tag;
-    params.p = params_hex->x;
-    params.len = params_hex->len;
-
-    my_out = mbedtls_test_zero_alloc( ref_out->len );
-
-    my_ret = mbedtls_pkcs5_pbes2( &params, MBEDTLS_PKCS5_DECRYPT,
-                          pw->x, pw->len, data->x, data->len, my_out );
-    TEST_ASSERT( my_ret == ref_ret );
-
-    if( ref_ret == 0 )
-        TEST_ASSERT( memcmp( my_out, ref_out->x, ref_out->len ) == 0 );
-
-exit:
-    mbedtls_free( my_out );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void pkcs5_selftest(  )
-{
-    TEST_ASSERT( mbedtls_pkcs5_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkparse.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkparse.function
deleted file mode 100644
index 4650d33..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkparse.function
+++ /dev/null
@@ -1,128 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/pk.h"
-#include "mbedtls/pem.h"
-#include "mbedtls/oid.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_BIGNUM_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_FS_IO */
-void pk_parse_keyfile_rsa( char * key_file, char * password, int result )
-{
-    mbedtls_pk_context ctx;
-    int res;
-    char *pwd = password;
-
-    mbedtls_pk_init( &ctx );
-
-    if( strcmp( pwd, "NULL" ) == 0 )
-        pwd = NULL;
-
-    res = mbedtls_pk_parse_keyfile( &ctx, key_file, pwd );
-
-    TEST_ASSERT( res == result );
-
-    if( res == 0 )
-    {
-        mbedtls_rsa_context *rsa;
-        TEST_ASSERT( mbedtls_pk_can_do( &ctx, MBEDTLS_PK_RSA ) );
-        rsa = mbedtls_pk_rsa( ctx );
-        TEST_ASSERT( mbedtls_rsa_check_privkey( rsa ) == 0 );
-    }
-
-exit:
-    mbedtls_pk_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_FS_IO */
-void pk_parse_public_keyfile_rsa( char * key_file, int result )
-{
-    mbedtls_pk_context ctx;
-    int res;
-
-    mbedtls_pk_init( &ctx );
-
-    res = mbedtls_pk_parse_public_keyfile( &ctx, key_file );
-
-    TEST_ASSERT( res == result );
-
-    if( res == 0 )
-    {
-        mbedtls_rsa_context *rsa;
-        TEST_ASSERT( mbedtls_pk_can_do( &ctx, MBEDTLS_PK_RSA ) );
-        rsa = mbedtls_pk_rsa( ctx );
-        TEST_ASSERT( mbedtls_rsa_check_pubkey( rsa ) == 0 );
-    }
-
-exit:
-    mbedtls_pk_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_ECP_C */
-void pk_parse_public_keyfile_ec( char * key_file, int result )
-{
-    mbedtls_pk_context ctx;
-    int res;
-
-    mbedtls_pk_init( &ctx );
-
-    res = mbedtls_pk_parse_public_keyfile( &ctx, key_file );
-
-    TEST_ASSERT( res == result );
-
-    if( res == 0 )
-    {
-        mbedtls_ecp_keypair *eckey;
-        TEST_ASSERT( mbedtls_pk_can_do( &ctx, MBEDTLS_PK_ECKEY ) );
-        eckey = mbedtls_pk_ec( ctx );
-        TEST_ASSERT( mbedtls_ecp_check_pubkey( &eckey->grp, &eckey->Q ) == 0 );
-    }
-
-exit:
-    mbedtls_pk_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_ECP_C */
-void pk_parse_keyfile_ec( char * key_file, char * password, int result )
-{
-    mbedtls_pk_context ctx;
-    int res;
-
-    mbedtls_pk_init( &ctx );
-
-    res = mbedtls_pk_parse_keyfile( &ctx, key_file, password );
-
-    TEST_ASSERT( res == result );
-
-    if( res == 0 )
-    {
-        mbedtls_ecp_keypair *eckey;
-        TEST_ASSERT( mbedtls_pk_can_do( &ctx, MBEDTLS_PK_ECKEY ) );
-        eckey = mbedtls_pk_ec( ctx );
-        TEST_ASSERT( mbedtls_ecp_check_privkey( &eckey->grp, &eckey->d ) == 0 );
-    }
-
-exit:
-    mbedtls_pk_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void pk_parse_key( data_t * buf, int result )
-{
-    mbedtls_pk_context pk;
-
-    mbedtls_pk_init( &pk );
-
-    TEST_ASSERT( mbedtls_pk_parse_key( &pk, buf->x, buf->len, NULL, 0 ) == result );
-
-exit:
-    mbedtls_pk_free( &pk );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkwrite.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkwrite.data
deleted file mode 100644
index e0101cc..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkwrite.data
+++ /dev/null
@@ -1,47 +0,0 @@
-Public key write check RSA
-depends_on:MBEDTLS_RSA_C:MBEDTLS_BASE64_C
-pk_write_pubkey_check:"data_files/server1.pubkey"
-
-Public key write check RSA 4096
-depends_on:MBEDTLS_RSA_C:MBEDTLS_BASE64_C
-pk_write_pubkey_check:"data_files/rsa4096_pub.pem"
-
-Public key write check EC 192 bits
-depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-pk_write_pubkey_check:"data_files/ec_pub.pem"
-
-Public key write check EC 521 bits
-depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-pk_write_pubkey_check:"data_files/ec_521_pub.pem"
-
-Public key write check EC Brainpool 512 bits
-depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
-pk_write_pubkey_check:"data_files/ec_bp512_pub.pem"
-
-Private key write check RSA
-depends_on:MBEDTLS_RSA_C:MBEDTLS_BASE64_C
-pk_write_key_check:"data_files/server1.key"
-
-Private key write check RSA 4096
-depends_on:MBEDTLS_RSA_C:MBEDTLS_BASE64_C
-pk_write_key_check:"data_files/rsa4096_prv.pem"
-
-Private key write check EC 192 bits
-depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-pk_write_key_check:"data_files/ec_prv.sec1.pem"
-
-Private key write check EC 256 bits (top bit set)
-depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-pk_write_key_check:"data_files/ec_256_long_prv.pem"
-
-Private key write check EC 521 bits
-depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-pk_write_key_check:"data_files/ec_521_prv.pem"
-
-Private key write check EC 521 bits (top byte is 0)
-depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-pk_write_key_check:"data_files/ec_521_short_prv.pem"
-
-Private key write check EC Brainpool 512 bits
-depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
-pk_write_key_check:"data_files/ec_bp512_prv.pem"
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkwrite.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkwrite.function
deleted file mode 100644
index 2bad4ed..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkwrite.function
+++ /dev/null
@@ -1,90 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/pk.h"
-#include "mbedtls/pem.h"
-#include "mbedtls/oid.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_BIGNUM_C:MBEDTLS_FS_IO
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */
-void pk_write_pubkey_check( char * key_file )
-{
-    mbedtls_pk_context key;
-    unsigned char buf[5000];
-    unsigned char check_buf[5000];
-    int ret;
-    FILE *f;
-    size_t ilen, pem_len, buf_index;
-
-    memset( buf, 0, sizeof( buf ) );
-    memset( check_buf, 0, sizeof( check_buf ) );
-
-    mbedtls_pk_init( &key );
-    TEST_ASSERT( mbedtls_pk_parse_public_keyfile( &key, key_file ) == 0 );
-
-    ret = mbedtls_pk_write_pubkey_pem( &key, buf, sizeof( buf ));
-    TEST_ASSERT( ret == 0 );
-
-    pem_len = strlen( (char *) buf );
-
-    // check that the rest of the buffer remains clear
-    for( buf_index = pem_len; buf_index < sizeof( buf ); ++buf_index )
-    {
-        TEST_ASSERT( buf[buf_index] == 0 );
-    }
-
-    f = fopen( key_file, "r" );
-    TEST_ASSERT( f != NULL );
-    ilen = fread( check_buf, 1, sizeof( check_buf ), f );
-    fclose( f );
-
-    TEST_ASSERT( ilen == pem_len );
-    TEST_ASSERT( memcmp( (char *) buf, (char *) check_buf, ilen ) == 0 );
-
-exit:
-    mbedtls_pk_free( &key );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */
-void pk_write_key_check( char * key_file )
-{
-    mbedtls_pk_context key;
-    unsigned char buf[5000];
-    unsigned char check_buf[5000];
-    int ret;
-    FILE *f;
-    size_t ilen, pem_len, buf_index;
-
-    memset( buf, 0, sizeof( buf ) );
-    memset( check_buf, 0, sizeof( check_buf ) );
-
-    mbedtls_pk_init( &key );
-    TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 );
-
-    ret = mbedtls_pk_write_key_pem( &key, buf, sizeof( buf ));
-    TEST_ASSERT( ret == 0 );
-
-    pem_len = strlen( (char *) buf );
-
-    // check that the rest of the buffer remains clear
-    for( buf_index = pem_len; buf_index < sizeof( buf ); ++buf_index )
-    {
-        TEST_ASSERT( buf[buf_index] == 0 );
-    }
-
-    f = fopen( key_file, "r" );
-    TEST_ASSERT( f != NULL );
-    ilen = fread( check_buf, 1, sizeof( check_buf ), f );
-    fclose( f );
-
-    TEST_ASSERT( ilen == strlen( (char *) buf ) );
-    TEST_ASSERT( memcmp( (char *) buf, (char *) check_buf, ilen ) == 0 );
-
-exit:
-    mbedtls_pk_free( &key );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_poly1305.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_poly1305.function
deleted file mode 100644
index 4b8995b..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_poly1305.function
+++ /dev/null
@@ -1,126 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/poly1305.h"
-#include <stddef.h>
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_POLY1305_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void mbedtls_poly1305( data_t *key, data_t *expected_mac, data_t *src_str )
-{
-    unsigned char mac[16]; /* size set by the standard */
-    mbedtls_poly1305_context ctx;
-
-    memset( mac, 0x00, sizeof( mac ) );
-
-    /*
-     * Test the integrated API
-     */
-    TEST_ASSERT( mbedtls_poly1305_mac( key->x, src_str->x,
-                                       src_str->len, mac ) == 0 );
-
-    ASSERT_COMPARE( mac, expected_mac->len,
-                    expected_mac->x, expected_mac->len );
-
-    /*
-     * Test the streaming API
-     */
-    mbedtls_poly1305_init( &ctx );
-
-    TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key->x ) == 0 );
-
-    TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x, src_str->len ) == 0 );
-
-    TEST_ASSERT( mbedtls_poly1305_finish( &ctx, mac ) == 0 );
-
-    ASSERT_COMPARE( mac, expected_mac->len,
-                    expected_mac->x, expected_mac->len );
-
-    /*
-     * Test the streaming API again, piecewise
-     */
-
-    /* Don't free/init the context, in order to test that starts() does the
-     * right thing. */
-    if( src_str->len >= 1 )
-    {
-        TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key->x ) == 0 );
-
-        TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x, 1 ) == 0 );
-        TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x + 1, src_str->len - 1 ) == 0 );
-
-        TEST_ASSERT( mbedtls_poly1305_finish( &ctx, mac ) == 0 );
-
-        ASSERT_COMPARE( mac, expected_mac->len,
-                        expected_mac->x, expected_mac->len );
-    }
-
-    /*
-     * Again with more pieces
-     */
-    if( src_str->len >= 2 )
-    {
-        TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key->x ) == 0 );
-
-        TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x, 1 ) == 0 );
-        TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x + 1, 1 ) == 0 );
-        TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x + 2, src_str->len - 2 ) == 0 );
-
-        TEST_ASSERT( mbedtls_poly1305_finish( &ctx, mac ) == 0 );
-
-        ASSERT_COMPARE( mac, expected_mac->len,
-                        expected_mac->x, expected_mac->len );
-    }
-
-    mbedtls_poly1305_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void poly1305_bad_params()
-{
-    unsigned char src[1];
-    unsigned char key[32];
-    unsigned char mac[16];
-    size_t src_len = sizeof( src );
-    mbedtls_poly1305_context ctx;
-
-    TEST_INVALID_PARAM( mbedtls_poly1305_init( NULL ) );
-    TEST_VALID_PARAM( mbedtls_poly1305_free( NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                 mbedtls_poly1305_starts( NULL, key ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                 mbedtls_poly1305_starts( &ctx, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                 mbedtls_poly1305_update( NULL, src, 0 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                 mbedtls_poly1305_update( &ctx, NULL, src_len ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                 mbedtls_poly1305_finish( NULL, mac ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                 mbedtls_poly1305_finish( &ctx, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                 mbedtls_poly1305_mac( NULL, src, 0, mac ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                 mbedtls_poly1305_mac( key, NULL, src_len, mac ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
-                 mbedtls_poly1305_mac( key, src, 0, NULL ) );
-
-exit:
-    return;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void poly1305_selftest()
-{
-    TEST_ASSERT( mbedtls_poly1305_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto.data
deleted file mode 100644
index f267c15..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto.data
+++ /dev/null
@@ -1,2815 +0,0 @@
-PSA compile-time sanity checks
-static_checks:
-
-PSA key attributes structure
-attributes_set_get:0xffff1234:0x6963:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:128
-
-PSA key attributes: id only
-persistence_attributes:0x1234:0x5678:-1:-1:0:0x1234:0x5678:PSA_KEY_LIFETIME_PERSISTENT
-
-PSA key attributes: lifetime=3 only
-persistence_attributes:-1:0:3:-1:0:0:0:3
-
-PSA key attributes: id then back to volatile
-persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_VOLATILE:-1:0:0:0x5678:PSA_KEY_LIFETIME_VOLATILE
-
-PSA key attributes: id then back to non local volatile
-persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,1):-1:0:0:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,1)
-
-PSA key attributes: id then lifetime
-persistence_attributes:0x1234:0x5678:3:-1:0:0x1234:0x5678:3
-
-PSA key attributes: lifetime then id
-persistence_attributes:0x1234:0x5678:3:0x1235:0x5679:0x1235:0x5679:3
-
-PSA key attributes: non local volatile lifetime then id
-persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,3):0x1235:0x5679:0x1235:0x5679:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_PERSISTENT,3)
-
-PSA key attributes: slot number
-slot_number_attribute:
-
-PSA import/export raw: 1 bytes
-import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:8:0:PSA_SUCCESS:1
-
-PSA import/export raw: 1 bytes, larger buffer
-import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:8:1:PSA_SUCCESS:1
-
-PSA import/export raw: 2 bytes, buffer too small
-import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
-
-PSA import/export AES-128
-depends_on:MBEDTLS_AES_C
-import_export:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:128:0:PSA_SUCCESS:1
-
-PSA import/export AES-192
-depends_on:MBEDTLS_AES_C
-import_export:"0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:192:0:PSA_SUCCESS:1
-
-PSA import/export AES-256
-depends_on:MBEDTLS_AES_C
-import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:256:0:PSA_SUCCESS:1
-
-PSA import: bad usage flag
-import_with_policy:PSA_KEY_TYPE_RAW_DATA:0x40000000:0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA import: invalid type (0)
-import_with_policy:PSA_KEY_TYPE_NONE:0:0:PSA_ERROR_NOT_SUPPORTED
-
-PSA import: invalid type (PSA_KEY_TYPE_CATEGORY_MASK)
-import_with_policy:PSA_KEY_TYPE_CATEGORY_MASK:0:0:PSA_ERROR_NOT_SUPPORTED
-
-PSA import AES: bad key size
-depends_on:MBEDTLS_AES_C
-import_with_data:"0123456789abcdef":PSA_KEY_TYPE_AES:0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA import/export RSA public key: good, 1024-bit
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:1
-
-PSA import/export RSA public key: good, larger buffer (+1 byte)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:1:PSA_SUCCESS:1
-
-PSA import/export RSA public key: good, larger buffer (*2-1)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:161:PSA_SUCCESS:1
-
-PSA import/export RSA public key: good, larger buffer (*2)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS:1
-
-PSA import/export RSA public key: good, larger buffer (*2+1)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:163:PSA_SUCCESS:1
-
-PSA import/export RSA public key: export buffer too small
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
-
-PSA import/export RSA keypair: good, 1024-bit
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:1
-
-PSA import/export RSA keypair: good, larger buffer (+1 byte)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:1:PSA_SUCCESS:1
-
-PSA import/export RSA keypair: good, larger buffer (*2-1)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:609:PSA_SUCCESS:1
-
-PSA import/export RSA keypair: good, larger buffer (*2)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:610:PSA_SUCCESS:1
-
-PSA import/export RSA keypair: good, larger buffer (*2+1)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:611:PSA_SUCCESS:1
-
-PSA import/export RSA keypair: export buffer too small
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
-
-PSA import/export RSA keypair: trailing garbage ignored
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:-1:PSA_SUCCESS:0
-
-PSA import RSA keypair: truncated
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_with_data:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA import RSA keypair: public key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_with_data:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA import RSA public key: key pair
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_with_data:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA import RSA keypair: valid key but EC
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_with_data:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA import/export-public RSA public key: good, 1024-bit
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
-
-PSA import/export-public RSA keypair: good, 1024-bit
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
-
-PSA import/export-public RSA public key: buffer too small
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
-
-PSA import/export-public RSA keypair: buffer too small
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
-
-PSA import/export RSA public key: 1016-bit (good)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export:"30818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1016:0:PSA_SUCCESS:1
-
-PSA import/export RSA keypair: 1016-bit (good)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1016:0:PSA_SUCCESS:1
-
-PSA import RSA public key: 1022-bit (not supported)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_with_data:"30818802818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd134450230203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_NOT_SUPPORTED
-
-PSA import RSA keypair: 1022-bit (not supported)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_with_data:"3082025802010002818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd1344502302030100010281800ad9700e01e8bf68ff4c90c4465dfa13fea0e76295d817349ccb257d382acf89b3d7b31e18606af4ac92baf3710426fe0b54225ddfa527c31218b3346e03a9cae5395a780ade880b996f4061fad65689393fc8e77f46a4c1a29b0450cdaaef0710e523cd1028abe1653d23f0d5ec805a629bdf1fc4c1c00737760e1714f6b7f102407d5e545484b546bd61972b446a04af0cf17b126a8872b977da5035ca82dd0e4fef1381a6480f60db07628348602f86ba89a271563d9a3fb613b9b39703498f9902407017641093065eed178ff848b5f8a2b502a187511db28549ea7646f3e7b3ea171f4c34c0ecf0566adc4d172c057be077a45fcf8019a36a4588c4de3b8c0a631b02407cc7fccbbae2eb2be80c9c8615b7dfbbd4469907ec13b44274cacd1f69ad38679b2021352e18106131327e54f5579893e6160714bd6fdfe60c30136e45595c51024055250f779f96f94873db82a808c24325e847b6b8212cd81e9ba118a8715ab2f8b96773b310c8477c88b76e609c11cb22569408d4afa4f836b57b85ac09e661fd02400e5fc5df9614c95d77e9bc2df63d48e7a08a0034174f0f745eef4413ee36d929f194557e6990e148b7438e949a41e92bc9d9136c3e6563904151a578a2f4fc1b":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_NOT_SUPPORTED
-
-PSA import RSA public key: 1023-bit (not supported)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_with_data:"3081880281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_NOT_SUPPORTED
-
-PSA import RSA keypair: 1023-bit (not supported)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_with_data:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_NOT_SUPPORTED
-
-PSA import/export EC secp224r1 key pair: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED
-import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:224:0:PSA_SUCCESS:1
-
-PSA import/export-public EC secp224r1: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED
-import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7"
-
-PSA import/export EC secp256r1 key pair: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1
-
-PSA import/export-public EC secp256r1: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
-
-PSA import/export EC secp384r1 key pair: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:384:0:PSA_SUCCESS:1
-
-PSA import/export-public EC secp384r1: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
-
-PSA import/export EC secp521r1 key pair: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:521:0:PSA_SUCCESS:1
-
-PSA import/export-public EC secp521r1: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
-
-PSA import/export EC brainpool256r1 key pair: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
-import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1
-
-PSA import/export-public EC brainpool256r1: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
-import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
-
-PSA import/export EC brainpool384r1 key pair: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED
-import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:384:0:PSA_SUCCESS:1
-
-PSA import/export-public EC brainpool384r1: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED
-import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
-
-PSA import/export EC brainpool512r1 key pair: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
-import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:512:0:PSA_SUCCESS:1
-
-PSA import/export-public EC brainpool512r1: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
-import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
-
-PSA import/export EC curve25519 key pair: good (already properly masked)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-import_export:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:255:0:PSA_SUCCESS:1
-
-PSA import/export EC curve25519 key pair: unmasked input (check export-import-export yields properly masked output)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-import_export:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:255:0:PSA_SUCCESS:0
-
-PSA import/export-public EC curve25519: accept unmasked input
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-import_export_public_key:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a"
-
-PSA import/export-public EC curve25519: accept masked input
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-import_export_public_key:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a"
-
-PSA import/export-public: cannot export-public a symmetric key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT:""
-
-PSA import/export EC secp256r1 public key: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1
-
-PSA import/export EC secp521r1 public key: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-import_export:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:521:0:PSA_SUCCESS:1
-
-PSA import/export EC brainpoolP256r1 public key: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
-import_export:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1
-
-PSA import/export curve25519 public key: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-import_export:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:255:0:PSA_SUCCESS:1
-
-PSA import/export AES key: policy forbids export
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:128:0:PSA_ERROR_NOT_PERMITTED:1
-
-PSA import/export HMAC key: policy forbids export
-depends_on:MBEDTLS_SHA256_C
-import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):256:0:PSA_ERROR_NOT_PERMITTED:1
-
-PSA import/export RSA keypair: policy forbids export (crypt)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1
-
-PSA import/export RSA keypair: policy forbids export (sign)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_ERROR_NOT_PERMITTED:1
-
-# Test PEM import. Note that this is not a PSA feature, it's an Mbed TLS
-# extension which we may drop in the future.
-PSA import/export RSA public key: import PEM
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export:"2d2d2d2d2d424547494e205055424c4943204b45592d2d2d2d2d0a4d4947664d413047435371475349623344514542415155414134474e4144434269514b4267514376425830356275685074312f6274634b7850482f6c706c53710a69714a4843315165346636777353306c7835635255784a4a34524b574b41517475376242494e46454e5354765441357548596c57377249486576456a536433750a355553447641624378686c497a514b7941756557727232553036664c2b466e43775947634d6b79344b357a545474346d4f69712f2f6b637a384865476e6f5a670a3939614454615539615137336d46397277774944415141420a2d2d2d2d2d454e44205055424c4943204b45592d2d2d2d2d0a00":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:0
-
-PSA import/export RSA keypair: import PEM
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:0
-
-PSA import: reject raw data key of length 0
-# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED
-import_with_data:"":PSA_KEY_TYPE_RAW_DATA:0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA import: reject raw data key of length 0 and declared size 1 bit
-# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED
-import_with_data:"":PSA_KEY_TYPE_RAW_DATA:1:PSA_ERROR_INVALID_ARGUMENT
-
-PSA import: reject raw data key of length 0 and declared size 8 bits
-# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED
-import_with_data:"":PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT
-
-PSA import EC keypair: DER format
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_with_data:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA import EC keypair: too short
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_with_data:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA import EC keypair: public key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_with_data:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA import EC keypair: secp256r1, all-bits-zero (bad)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_with_data:"0000000000000000000000000000000000000000000000000000000000000000":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA import EC keypair: secp256r1, d == n - 1 (good)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_SUCCESS
-
-PSA import EC keypair: secp256r1, d == n (bad)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA import EC keypair: secp256r1, d > n (bad)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA import EC public key: key pair
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_with_data:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA import EC keypair: valid key but RSA
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C
-import_with_data:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA import AES: bits=0 ok
-depends_on:MBEDTLS_AES_C
-import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:0:PSA_SUCCESS
-
-PSA import AES: bits=128 ok
-depends_on:MBEDTLS_AES_C
-import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_SUCCESS
-
-PSA import AES: bits=256 wrong
-depends_on:MBEDTLS_AES_C
-import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:256:PSA_ERROR_INVALID_ARGUMENT
-
-PSA import AES: bits=256 ok
-depends_on:MBEDTLS_AES_C
-import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:256:PSA_SUCCESS
-
-PSA import AES: bits=128 wrong
-depends_on:MBEDTLS_AES_C
-import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_ERROR_INVALID_ARGUMENT
-
-PSA import large key: raw, 65528 bits (ok)
-depends_on:HAVE_RAM_AVAILABLE_128K
-import_large_key:PSA_KEY_TYPE_RAW_DATA:8191:PSA_SUCCESS
-
-PSA import large key: raw, 65536 bits (not supported)
-depends_on:HAVE_RAM_AVAILABLE_128K
-import_large_key:PSA_KEY_TYPE_RAW_DATA:8192:PSA_ERROR_NOT_SUPPORTED
-
-PSA import RSA key pair: maximum size exceeded
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:1:PSA_ERROR_NOT_SUPPORTED
-
-PSA import RSA public key: maximum size exceeded
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED
-
-PSA key policy: AES ECB
-depends_on:MBEDTLS_AES_C
-check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_ECB_NO_PADDING
-
-PSA key policy: AES CBC
-depends_on:MBEDTLS_AES_C
-check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING
-
-PSA key policy: ECC SECP256R1, sign
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA_ANY
-
-PSA key policy: ECC SECP256R1, sign+verify
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY
-
-Key attributes initializers zero properly
-key_attributes_init:
-
-PSA key policy: MAC, sign | verify
-depends_on:MBEDTLS_SHA256_C
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256)
-
-PSA key policy: MAC, wrong algorithm
-depends_on:MBEDTLS_SHA256_C
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224)
-
-PSA key policy: MAC, alg=0 in policy
-depends_on:MBEDTLS_SHA256_C
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256)
-
-PSA key policy: MAC, ANY_HASH in policy is not meaningful
-depends_on:MBEDTLS_SHA256_C
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256)
-
-PSA key policy: MAC, sign but not verify
-depends_on:MBEDTLS_SHA256_C
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256)
-
-PSA key policy: MAC, verify but not sign
-depends_on:MBEDTLS_SHA256_C
-mac_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256)
-
-PSA key policy: MAC, neither sign nor verify
-depends_on:MBEDTLS_SHA256_C
-mac_key_policy:0:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256)
-
-PSA key policy: cipher, encrypt | decrypt
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
-
-PSA key policy: cipher, wrong algorithm
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC
-cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CBC_NO_PADDING
-
-PSA key policy: cipher, encrypt but not decrypt
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
-
-PSA key policy: cipher, decrypt but not encrypt
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
-
-PSA key policy: cipher, neither encrypt nor decrypt
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_key_policy:0:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
-
-PSA key policy: cipher, alg=0 in policy
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
-
-PSA key policy: AEAD, encrypt | decrypt
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM
-
-PSA key policy: AEAD, wrong algorithm
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_GCM_C
-aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":16:16:PSA_ALG_GCM
-
-PSA key policy: AEAD, alg=0 in policy
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":16:16:PSA_ALG_CCM
-
-PSA key policy: AEAD, encrypt but not decrypt
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM
-
-PSA key policy: AEAD, decrypt but not encrypt
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM
-
-PSA key policy: AEAD, neither encrypt nor decrypt
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_key_policy:0:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM
-
-PSA key policy: asymmetric encryption, encrypt | decrypt
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
-
-PSA key policy: asymmetric encryption, wrong algorithm (v1.5/OAEP)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256)
-
-PSA key policy: asymmetric encryption, wrong algorithm (OAEP with different hash)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256)
-
-PSA key policy: asymmetric encryption, alg=0 in policy
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
-
-PSA key policy: asymmetric encryption, ANY_HASH in policy is not meaningful
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256)
-
-PSA key policy: asymmetric encryption, encrypt but not decrypt
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
-
-PSA key policy: asymmetric encryption, decrypt but not encrypt
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encryption_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
-
-PSA key policy: asymmetric encryption, neither encrypt nor decrypt
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encryption_key_policy:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
-
-PSA key policy: asymmetric signature, sign | verify
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1
-
-PSA key policy: asymmetric signature, wrong algorithm family
-depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0
-
-PSA key policy: asymmetric signature, wildcard in policy, wrong algorithm family
-depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0
-
-PSA key policy: asymmetric signature, wildcard in policy, ECDSA SHA-256
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32
-
-PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 SHA-256
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32
-
-PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 raw
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1
-
-PSA key policy: asymmetric signature, wrong hash algorithm
-depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0
-
-PSA key policy: asymmetric signature, alg=0 in policy
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0
-
-PSA key policy: asymmetric signature, sign but not verify
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1
-
-PSA key policy: asymmetric signature, verify but not sign
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1
-
-PSA key policy: asymmetric signature, neither sign nor verify
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1
-
-PSA key policy: derive via HKDF, permitted
-depends_on:MBEDTLS_SHA256_C
-derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256)
-
-PSA key policy: derive via TLS 1.2 PRF, permitted
-depends_on:MBEDTLS_SHA256_C
-derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
-
-PSA key policy: derive via HKDF, not permitted
-depends_on:MBEDTLS_SHA256_C
-derive_key_policy:0:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256)
-
-PSA key policy: derive via TLS 1.2 PRF, not permitted
-depends_on:MBEDTLS_SHA256_C
-derive_key_policy:0:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
-
-PSA key policy: derive via HKDF, wrong algorithm
-depends_on:MBEDTLS_SHA256_C
-derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224)
-
-PSA key policy: derive via TLS 1.2 PRF, wrong algorithm
-depends_on:MBEDTLS_SHA256_C
-derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224)
-
-PSA key policy: agreement + KDF, permitted
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_SUCCESS
-
-PSA key policy: agreement + KDF, not permitted
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-agreement_key_policy:0:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_PERMITTED
-
-PSA key policy: agreement + KDF, wrong agreement algorithm
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_PERMITTED
-
-PSA key policy: agreement + KDF, wrong KDF algorithm
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_224)):PSA_ERROR_NOT_PERMITTED
-
-PSA key policy: agreement + KDF, key permits raw agreement
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_SUCCESS
-
-PSA key policy: raw agreement, permitted
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH:PSA_SUCCESS
-
-PSA key policy: raw agreement, not permitted
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-raw_agreement_key_policy:0:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH:PSA_ERROR_NOT_PERMITTED
-
-PSA key policy: raw agreement, wrong algorithm
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH:PSA_ERROR_NOT_PERMITTED
-
-PSA key policy: raw agreement, key permits raw agreement, but algorithm is not raw
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED
-
-PSA key policy: raw agreement, key specifies KDF
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH:PSA_ERROR_NOT_PERMITTED
-
-PSA key policy algorithm2: CTR, CBC
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC
-key_policy_alg2:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING
-
-PSA key policy algorithm2: ECDH, ECDSA
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_ECDSA_C
-key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA_ANY
-
-Copy key: raw, 1 byte
-copy_success:PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"2a":1:-1:-1:0:PSA_KEY_USAGE_COPY:0:0
-
-Copy key: AES, copy attributes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":1:-1:-1:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0
-
-Copy key: AES, same usage flags
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0
-
-Copy key: AES, fewer usage flags (-EXPORT)
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0
-
-Copy key: AES, fewer usage flags (-COPY)
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0
-
-Copy key: AES, 1 more usage flag
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0
-
-Copy key: AES, 2 more usage flags
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0
-
-Copy key: AES, intersect usage flags #1
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0
-
-Copy key: AES, intersect usage flags #2
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0
-
-Copy key: RSA key pair, same usage flags
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
-
-Copy key: RSA key pair, fewer usage flags
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
-
-Copy key: RSA key pair, more usage flags
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
-
-Copy key: RSA key pair, intersect usage flags #0
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
-
-Copy key: RSA key pair, intersect usage flags #1
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
-
-Copy key: RSA key pair, wildcard algorithm in source
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
-
-Copy key: RSA key pair, wildcard algorithm in target
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
-
-Copy key: RSA key pair, wildcard algorithm in source and target
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0
-
-Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH
-
-Copy key: source=ECDSA+ECDH, target=ECDSA+0
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0
-
-Copy key: source=ECDSA+ECDH, target=0+ECDH
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH
-
-Copy key: source=ECDSA(any)+ECDH, target=ECDSA(SHA256)+ECDH
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH
-
-Copy key: source=ECDH+ECDSA(any), target=ECDH+ECDSA(SHA256)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
-
-Copy fail: raw data, no COPY flag
-copy_fail:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_ERROR_NOT_PERMITTED
-
-Copy key: AES, no COPY flag
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-copy_fail:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_ERROR_NOT_PERMITTED
-
-Copy fail: AES, incompatible target policy
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
-
-Copy fail: RSA, incompatible target policy (source wildcard)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
-
-Copy fail: RSA, incompatible target policy (target wildcard)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
-
-Copy fail: RSA, incompatible target policy (source and target wildcard)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
-
-Copy fail: RSA, ANY_HASH is not meaningful with OAEP
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
-
-Copy fail: incorrect type in attributes
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_ERROR_INVALID_ARGUMENT
-
-Copy fail: incorrect size in attributes
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:42:PSA_KEY_USAGE_EXPORT:0:0:PSA_ERROR_INVALID_ARGUMENT
-
-Copy fail: source=ECDSA(SHA224)+ECDH, target=ECDSA(SHA256)+ECDH
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
-
-Copy fail: source=ECDH+ECDSA(SHA224), target=ECDH+ECDSA(SHA256)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
-
-Hash operation object initializers zero properly
-hash_operation_init:
-
-PSA hash setup: good, SHA-1
-depends_on:MBEDTLS_SHA1_C
-hash_setup:PSA_ALG_SHA_1:PSA_SUCCESS
-
-PSA hash setup: good, SHA-224
-depends_on:MBEDTLS_SHA256_C
-hash_setup:PSA_ALG_SHA_224:PSA_SUCCESS
-
-PSA hash setup: good, SHA-256
-depends_on:MBEDTLS_SHA256_C
-hash_setup:PSA_ALG_SHA_256:PSA_SUCCESS
-
-PSA hash setup: good, SHA-384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-hash_setup:PSA_ALG_SHA_384:PSA_SUCCESS
-
-PSA hash setup: good, SHA-512
-depends_on:MBEDTLS_SHA512_C
-hash_setup:PSA_ALG_SHA_512:PSA_SUCCESS
-
-PSA hash setup: good, MD2
-depends_on:MBEDTLS_MD2_C
-hash_setup:PSA_ALG_MD2:PSA_SUCCESS
-
-PSA hash setup: good, MD4
-depends_on:MBEDTLS_MD4_C
-hash_setup:PSA_ALG_MD4:PSA_SUCCESS
-
-PSA hash setup: good, MD5
-depends_on:MBEDTLS_MD5_C
-hash_setup:PSA_ALG_MD5:PSA_SUCCESS
-
-PSA hash setup: good, RIPEMD160
-depends_on:MBEDTLS_RIPEMD160_C
-hash_setup:PSA_ALG_RIPEMD160:PSA_SUCCESS
-
-PSA hash setup: bad (unknown hash algorithm)
-depends_on:MBEDTLS_SHA256_C
-hash_setup:PSA_ALG_CATEGORY_HASH:PSA_ERROR_NOT_SUPPORTED
-
-PSA hash setup: bad (wildcard instead of hash algorithm)
-depends_on:MBEDTLS_SHA256_C
-hash_setup:PSA_ALG_ANY_HASH:PSA_ERROR_NOT_SUPPORTED
-
-PSA hash setup: bad (not a hash algorithm)
-depends_on:MBEDTLS_SHA256_C
-hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
-
-PSA hash: bad order function calls
-depends_on:MBEDTLS_SHA256_C
-hash_bad_order:
-
-PSA hash verify: bad arguments
-hash_verify_bad_args:
-
-PSA hash finish: bad arguments
-hash_finish_bad_args:
-
-PSA hash compute: bad algorithm (unknown hash)
-hash_compute_fail:PSA_ALG_CATEGORY_HASH:"":32:PSA_ERROR_NOT_SUPPORTED
-
-PSA hash compute: bad algorithm (wildcard)
-hash_compute_fail:PSA_ALG_ANY_HASH:"":32:PSA_ERROR_NOT_SUPPORTED
-
-PSA hash compute: bad algorithm (not a hash)
-hash_compute_fail:PSA_ALG_HMAC(PSA_ALG_SHA_256):"":32:PSA_ERROR_INVALID_ARGUMENT
-
-PSA hash compute: output buffer empty
-depends_on:MBEDTLS_SHA256_C
-hash_compute_fail:PSA_ALG_SHA_256:"":0:PSA_ERROR_BUFFER_TOO_SMALL
-
-PSA hash compute: output buffer too small
-depends_on:MBEDTLS_SHA256_C
-hash_compute_fail:PSA_ALG_SHA_256:"":31:PSA_ERROR_BUFFER_TOO_SMALL
-
-PSA hash compare: bad algorithm (unknown hash)
-hash_compare_fail:PSA_ALG_CATEGORY_HASH:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_ERROR_NOT_SUPPORTED
-
-PSA hash compare: bad algorithm (wildcard)
-hash_compare_fail:PSA_ALG_ANY_HASH:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_ERROR_NOT_SUPPORTED
-
-PSA hash compare: bad algorithm (not a hash)
-hash_compare_fail:PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_ERROR_INVALID_ARGUMENT
-
-PSA hash compare: hash of a prefix
-depends_on:MBEDTLS_SHA256_C
-hash_compare_fail:PSA_ALG_SHA_256:"00":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_ERROR_INVALID_SIGNATURE
-
-PSA hash compare: hash with flipped bit
-depends_on:MBEDTLS_SHA256_C
-hash_compare_fail:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b854":PSA_ERROR_INVALID_SIGNATURE
-
-PSA hash compare: hash with trailing garbage
-depends_on:MBEDTLS_SHA256_C
-hash_compare_fail:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b85500":PSA_ERROR_INVALID_SIGNATURE
-
-PSA hash compare: truncated hash
-depends_on:MBEDTLS_SHA256_C
-hash_compare_fail:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8":PSA_ERROR_INVALID_SIGNATURE
-
-PSA hash compare: empty hash
-depends_on:MBEDTLS_SHA256_C
-hash_compare_fail:PSA_ALG_SHA_256:"":"":PSA_ERROR_INVALID_SIGNATURE
-
-PSA hash compare: good
-depends_on:MBEDTLS_SHA256_C
-hash_compare_fail:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_SUCCESS
-
-PSA hash compute: good, SHA-1
-depends_on:MBEDTLS_SHA1_C
-hash_compute_compare:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619"
-
-PSA hash compute: good, SHA-224
-depends_on:MBEDTLS_SHA256_C
-hash_compute_compare:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
-
-PSA hash compute: good, SHA-256
-depends_on:MBEDTLS_SHA256_C
-hash_compute_compare:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803"
-
-PSA hash compute: good, SHA-384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-hash_compute_compare:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955"
-
-PSA hash compute: good, SHA-512
-depends_on:MBEDTLS_SHA512_C
-hash_compute_compare:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
-
-PSA hash compute: good, MD2
-depends_on:MBEDTLS_MD2_C
-hash_compute_compare:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
-
-PSA hash compute: good, MD4
-depends_on:MBEDTLS_MD4_C
-hash_compute_compare:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
-
-PSA hash compute: good, MD5
-depends_on:MBEDTLS_MD5_C
-hash_compute_compare:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72"
-
-PSA hash compute: good, RIPEMD160
-depends_on:MBEDTLS_RIPEMD160_C
-hash_compute_compare:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
-
-PSA hash clone: source state
-hash_clone_source_state:
-
-PSA hash clone: target state
-hash_clone_target_state:
-
-MAC operation object initializers zero properly
-mac_operation_init:
-
-PSA MAC setup: good, HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
-mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
-
-PSA MAC setup: good, AES-CMAC
-depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
-mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_SUCCESS
-
-PSA MAC setup: bad algorithm (unknown MAC algorithm)
-mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(0):PSA_ERROR_NOT_SUPPORTED
-
-PSA MAC setup: bad algorithm (not a MAC algorithm)
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
-
-PSA MAC setup: truncated MAC too small (1 byte)
-depends_on:MBEDTLS_SHA256_C
-mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_TRUNCATED_MAC( PSA_ALG_HMAC( PSA_ALG_SHA_256 ), 1 ):PSA_ERROR_NOT_SUPPORTED
-
-PSA MAC setup: truncated MAC too large (33 bytes for SHA-256)
-depends_on:MBEDTLS_SHA256_C
-mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_TRUNCATED_MAC( PSA_ALG_HMAC( PSA_ALG_SHA_256 ), 33 ):PSA_ERROR_INVALID_ARGUMENT
-
-PSA MAC setup: invalid key type, HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
-mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
-
-PSA MAC setup: incompatible key HMAC for CMAC
-depends_on:MBEDTLS_CMAC_C
-# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
-mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED
-
-PSA MAC setup: algorithm known but not supported, long key
-depends_on:!MBEDTLS_MD5_C
-mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED
-
-PSA MAC setup: algorithm known but not supported, short key
-depends_on:!MBEDTLS_MD5_C
-mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED
-
-PSA MAC: bad order function calls
-depends_on:MBEDTLS_SHA256_C
-mac_bad_order:
-
-PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-224
-depends_on:MBEDTLS_SHA256_C
-mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
-
-PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-224
-depends_on:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
-
-PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
-mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"
-
-PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"
-
-PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6"
-
-PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6"
-
-PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-512
-depends_on:MBEDTLS_SHA512_C
-mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
-
-PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-512
-depends_on:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
-
-PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-224
-depends_on:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_224):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44"
-
-PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_256):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843"
-
-PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_384):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649"
-
-PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-512
-depends_on:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_512):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737"
-
-PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-224
-depends_on:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea"
-
-PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe"
-
-PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27"
-
-PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-512
-depends_on:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb"
-
-PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-224
-depends_on:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_224):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a"
-
-PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_256):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b"
-
-PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_384):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb"
-
-PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-512
-depends_on:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_512):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd"
-
-PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-224
-depends_on:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e"
-
-PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54"
-
-PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952"
-
-PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-512
-depends_on:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598"
-
-PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-224
-depends_on:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1"
-
-PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2"
-
-PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e"
-
-PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-512
-depends_on:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58"
-
-PSA MAC sign: HMAC-SHA-224, truncated to 28 bytes (actual size)
-depends_on:MBEDTLS_SHA256_C
-mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 28):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
-
-PSA MAC verify: HMAC-SHA-224, truncated to 28 bytes (actual size)
-depends_on:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 28):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
-
-PSA MAC sign: HMAC-SHA-512, truncated to 64 bytes (actual size)
-depends_on:MBEDTLS_SHA512_C
-mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 64):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
-
-PSA MAC verify: HMAC-SHA-512, truncated to 64 bytes (actual size)
-depends_on:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 64):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
-
-PSA MAC sign: HMAC-SHA-224, truncated to 27 bytes
-depends_on:MBEDTLS_SHA256_C
-mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 27):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b"
-
-PSA MAC verify: HMAC-SHA-224, truncated to 27 bytes
-depends_on:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 27):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b"
-
-PSA MAC sign: HMAC-SHA-512, truncated to 63 bytes
-depends_on:MBEDTLS_SHA512_C
-mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 63):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a1268"
-
-PSA MAC verify: HMAC-SHA-512, truncated to 63 bytes
-depends_on:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 63):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a1268"
-
-PSA MAC sign: HMAC-SHA-224, truncated to 4 bytes
-depends_on:MBEDTLS_SHA256_C
-mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 4):"4869205468657265":"896fb112"
-
-PSA MAC verify: HMAC-SHA-224, truncated to 4 bytes
-depends_on:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 4):"4869205468657265":"896fb112"
-
-PSA MAC sign: HMAC-SHA-512, truncated to 4 bytes
-depends_on:MBEDTLS_SHA512_C
-mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 4):"4869205468657265":"87aa7cde"
-
-PSA MAC verify: HMAC-SHA-512, truncated to 4 bytes
-depends_on:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 4):"4869205468657265":"87aa7cde"
-
-PSA MAC sign: CMAC-AES-128
-depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
-mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
-
-PSA MAC verify: CMAC-AES-128
-depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
-mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
-
-PSA MAC sign: CMAC-AES-128, truncated to 16 bytes (actual size)
-depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
-mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
-
-PSA MAC verify: CMAC-AES-128, truncated to 16 bytes (actual size)
-depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
-mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
-
-PSA MAC sign: CMAC-AES-128, truncated to 15 bytes
-depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
-mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 15):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c8"
-
-PSA MAC verify: CMAC-AES-128, truncated to 15 bytes
-depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
-mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 15):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c8"
-
-PSA MAC sign: CMAC-AES-128, truncated to 4 bytes
-depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
-mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 4):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747"
-
-PSA MAC verify: CMAC-AES-128, truncated to 4 bytes
-depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
-mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 4):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747"
-
-Cipher operation object initializers zero properly
-cipher_operation_init:
-
-PSA cipher setup: good, AES-CTR
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_SUCCESS
-
-PSA cipher setup: bad algorithm (unknown cipher algorithm)
-depends_on:MBEDTLS_AES_C
-cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CATEGORY_CIPHER:PSA_ERROR_NOT_SUPPORTED
-
-PSA cipher setup: bad algorithm (not a cipher algorithm)
-depends_on:MBEDTLS_AES_C
-cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
-
-PSA cipher setup: invalid key type, CTR
-depends_on:MBEDTLS_CIPHER_MODE_CTR
-# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
-cipher_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED
-
-PSA cipher setup: incompatible key ARC4 for CTR
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_CIPHER_MODE_CTR
-# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
-cipher_setup:PSA_KEY_TYPE_ARC4:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED
-
-PSA cipher: bad order function calls
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_bad_order:
-
-PSA symmetric encrypt: AES-ECB, 0 bytes, good
-depends_on:MBEDTLS_AES_C
-cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":"":PSA_SUCCESS
-
-PSA symmetric encrypt: AES-ECB, 16 bytes, good
-depends_on:MBEDTLS_AES_C
-cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a":"3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS
-
-PSA symmetric encrypt: AES-ECB, 32 bytes, good
-depends_on:MBEDTLS_AES_C
-cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":PSA_SUCCESS
-
-PSA symmetric encrypt: AES-CBC-nopad, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
-
-PSA symmetric encrypt: AES-CBC-PKCS#7, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS
-
-PSA symmetric encrypt: AES-CBC-PKCS#7, 15 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS
-
-PSA symmetric encrypt: AES-ECB, input too short (15 bytes)
-depends_on:MBEDTLS_AES_C
-cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e11739317":"":PSA_ERROR_INVALID_ARGUMENT
-
-PSA symmetric encrypt: AES-CBC-nopad, input too short
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
-
-PSA symmetric encrypt: AES-CTR, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
-
-PSA symmetric encrypt: AES-CTR, 15 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
-
-PSA symmetric encrypt: DES-CBC-nopad, 8 bytes, good
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"64f917b0152f8f05":PSA_SUCCESS
-
-PSA symmetric encrypt: 2-key 3DES-CBC-nopad, 8 bytes, good
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"5d0652429c5b0ac7":PSA_SUCCESS
-
-PSA symmetric encrypt: 3-key 3DES-CBC-nopad, 8 bytes, good
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"817ca7d69b80d86a":PSA_SUCCESS
-
-PSA symmetric encrypt: 2-key 3DES-ECB, 8 bytes, good
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"c78e2b38139610e3":"5d0652429c5b0ac7":PSA_SUCCESS
-
-PSA symmetric encrypt: 3-key 3DES-ECB, 8 bytes, good
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"c78e2b38139610e3":"817ca7d69b80d86a":PSA_SUCCESS
-
-PSA symmetric decrypt: AES-ECB, 0 bytes, good
-depends_on:MBEDTLS_AES_C
-cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":"":PSA_SUCCESS
-
-PSA symmetric decrypt: AES-ECB, 16 bytes, good
-depends_on:MBEDTLS_AES_C
-cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":"63cecc46a382414d5fa7d2b79387437f":PSA_SUCCESS
-
-PSA symmetric decrypt: AES-ECB, 32 bytes, good
-depends_on:MBEDTLS_AES_C
-cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS
-
-PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
-
-PSA symmetric decrypt: AES-CBC-PKCS#7, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
-
-PSA symmetric decrypt: AES-CBC-PKCS#7, 15 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS
-
-PSA symmetric decrypt: AES-CBC-PKCS#7, input too short (15 bytes)
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_INVALID_ARGUMENT
-
-PSA symmetric decrypt: AES-CTR, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS
-
-PSA symmetric decrypt: AES-ECB, input too short (15 bytes)
-depends_on:MBEDTLS_AES_C
-cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":"63cecc46a382414d5fa7d2b7938743":PSA_ERROR_INVALID_ARGUMENT
-
-PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes)
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
-
-PSA symmetric decrypt: DES-CBC-nopad, 8 bytes, good
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"64f917b0152f8f05":"eda4011239bc3ac9":PSA_SUCCESS
-
-PSA symmetric decrypt: 2-key 3DES-CBC-nopad, 8 bytes, good
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"5d0652429c5b0ac7":"eda4011239bc3ac9":PSA_SUCCESS
-
-PSA symmetric decrypt: 3-key 3DES-CBC-nopad, 8 bytes, good
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"817ca7d69b80d86a":"eda4011239bc3ac9":PSA_SUCCESS
-
-PSA symmetric decrypt: 2-key 3DES-ECB, 8 bytes, good
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"5d0652429c5b0ac7":"c78e2b38139610e3":PSA_SUCCESS
-
-PSA symmetric decrypt: 3-key 3DES-ECB, 8 bytes, good
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"817ca7d69b80d86a":"c78e2b38139610e3":PSA_SUCCESS
-
-PSA symmetric encrypt/decrypt: AES-ECB, 16 bytes, good
-depends_on:MBEDTLS_AES_C
-cipher_verify_output:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
-
-PSA symmetric encrypt/decrypt: AES-CBC-nopad, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_verify_output:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
-
-PSA symmetric encrypt/decrypt: AES-CBC-PKCS#7, 16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-cipher_verify_output:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
-
-PSA symmetric encrypt/decrypt: AES-CBC-PKCS#7, 15 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-cipher_verify_output:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
-
-PSA symmetric encrypt/decrypt: AES-CTR
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_verify_output:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
-
-PSA symmetric encryption multipart: AES-ECB, 16+16 bytes
-depends_on:MBEDTLS_AES_C
-cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c"
-
-PSA symmetric encryption multipart: AES-ECB, 13+19 bytes
-depends_on:MBEDTLS_AES_C
-cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":13:0:32:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c"
-
-PSA symmetric encryption multipart: AES-ECB, 24+12 bytes
-depends_on:MBEDTLS_AES_C
-cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":24:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c"
-
-PSA symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":7:0:16:"a076ec9dfbe47d52afc357336f20743b"
-
-PSA symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":3:0:16:"a076ec9dfbe47d52afc357336f20743b"
-
-PSA symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":4:0:16:"a076ec9dfbe47d52afc357336f20743b"
-
-PSA symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:0:16:"a076ec9dfbe47d52afc357336f20743b"
-
-PSA symmetric encryption multipart: AES-CBC-nopad, 16+16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f"
-
-PSA symmetric encryption multipart: AES-CBC-nopad, 12+20 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:0:32:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f"
-
-PSA symmetric encryption multipart: AES-CBC-nopad, 20+12 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f"
-
-PSA symmetric encryption multipart: AES-CTR, 11+5 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32"
-
-PSA symmetric encryption multipart: AES-CTR, 16+16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
-
-PSA symmetric encryption multipart: AES-CTR, 12+20 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
-
-PSA symmetric encryption multipart: AES-CTR, 20+12 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
-
-PSA symmetric encryption multipart: AES-CTR, 12+10 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b"
-
-PSA symmetric encryption multipart: AES-CTR, 0+15 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd"
-
-PSA symmetric encryption multipart: AES-CTR, 15+0 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd"
-
-PSA symmetric encryption multipart: AES-CTR, 0+16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32"
-
-PSA symmetric encryption multipart: AES-CTR, 16+0 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32"
-
-PSA symmetric decryption multipart: AES-ECB, 16+16 bytes
-depends_on:MBEDTLS_AES_C
-cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
-
-PSA symmetric decryption multipart: AES-ECB, 11+21 bytes
-depends_on:MBEDTLS_AES_C
-cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":11:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
-
-PSA symmetric decryption multipart: AES-ECB, 28+4 bytes
-depends_on:MBEDTLS_AES_C
-cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":28:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
-
-PSA symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":7:0:16:"6bc1bee22e409f96e93d7e117393172a"
-
-PSA symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":3:0:16:"6bc1bee22e409f96e93d7e117393172a"
-
-PSA symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":11:0:16:"6bc1bee22e409f96e93d7e117393172a"
-
-PSA symmetric decryption multipart: AES-CBC-nopad, 16+16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
-
-PSA symmetric decryption multipart: AES-CBC-nopad, 12+20 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":12:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
-
-PSA symmetric decryption multipart: AES-CBC-nopad, 20+12 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":20:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
-
-PSA symmetric decryption multipart: AES-CTR, 11+5 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32"
-
-PSA symmetric decryption multipart: AES-CTR, 16+16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
-
-PSA symmetric decryption multipart: AES-CTR, 12+20 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
-
-PSA symmetric decryption multipart: AES-CTR, 20+12 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
-
-PSA symmetric decryption multipart: AES-CTR, 12+10 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b"
-
-PSA symmetric decryption multipart: AES-CTR, 0+15 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd"
-
-PSA symmetric decryption multipart: AES-CTR, 15+0 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd"
-
-PSA symmetric decryption multipart: AES-CTR, 0+16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32"
-
-PSA symmetric decryption multipart: AES-CTR, 16+0 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32"
-
-PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 11+5 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_verify_output_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11
-
-PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7 padding, 4+12 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4
-
-PSA symmetric encrypt: ChaCha20, K=0 N=0
-depends_on:MBEDTLS_CHACHA20_C
-cipher_encrypt:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586":PSA_SUCCESS
-
-PSA symmetric encrypt: ChaCha20, K=rand N=rand
-depends_on:MBEDTLS_CHACHA20_C
-cipher_encrypt:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS
-
-PSA symmetric encryption multipart: ChaCha20, 14+50 bytes
-depends_on:MBEDTLS_CHACHA20_C
-cipher_encrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4"
-
-PSA symmetric decrypt: ChaCha20, K=rand N=rand
-depends_on:MBEDTLS_CHACHA20_C
-cipher_decrypt:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS
-
-PSA symmetric decryption multipart: ChaCha20, 14+50 bytes
-depends_on:MBEDTLS_CHACHA20_C
-cipher_decrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4"
-
-PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #1
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"000102030405060708090A0B":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E":PSA_SUCCESS
-
-PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #2
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_SUCCESS
-
-PSA AEAD encrypt/decrypt: DES-CCM not supported
-depends_on:MBEDTLS_DES_C:MBEDTLS_CCM_C
-aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_ERROR_NOT_SUPPORTED
-
-PSA AEAD encrypt: AES-CCM, 23 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8"
-
-PSA AEAD encrypt: AES-CCM, 24 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
-
-PSA AEAD encrypt: AES-CCM, 24 bytes, T=4
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39"
-
-PSA AEAD encrypt: AES-CCM, 24 bytes, T=6
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 6 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc"
-
-PSA AEAD encrypt: AES-CCM, 24 bytes, T=8
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 8 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776"
-
-PSA AEAD encrypt: AES-CCM, 24 bytes, T=10
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 10 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e"
-
-PSA AEAD encrypt: AES-CCM, 24 bytes, T=12
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 12 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846"
-
-PSA AEAD encrypt: AES-CCM, 24 bytes, T=14
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 14 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f"
-
-PSA AEAD encrypt: AES-CCM, 24 bytes, T=16
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 16 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
-
-PSA AEAD decrypt: AES-CCM, 39 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS
-
-PSA AEAD decrypt, AES-CCM, 40 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
-
-PSA AEAD decrypt: AES-CCM, 24 bytes, T=4
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
-
-PSA AEAD decrypt: AES-CCM, 24 bytes, T=6
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 6 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
-
-PSA AEAD decrypt: AES-CCM, 24 bytes, T=8
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 8 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
-
-PSA AEAD decrypt: AES-CCM, 24 bytes, T=10
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 10 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
-
-PSA AEAD decrypt: AES-CCM, 24 bytes, T=12
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 12 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
-
-PSA AEAD decrypt: AES-CCM, 24 bytes, T=14
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 14 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
-
-PSA AEAD decrypt: AES-CCM, 24 bytes, T=16
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 16 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
-
-PSA AEAD decrypt: AES-CCM, invalid signature
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
-
-PSA AEAD decrypt: AES-CCM, invalid signature, T=4
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f38":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
-
-PSA AEAD decrypt: AES-CCM, T=4, tag is truncated tag for T=16
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
-
-PSA AEAD decrypt: AES-CCM, invalid tag length 0
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 0 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
-
-PSA AEAD decrypt: AES-CCM, invalid tag length 2
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 2 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
-
-PSA AEAD decrypt: AES-CCM, invalid tag length 15
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 15 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
-
-PSA AEAD decrypt: AES-CCM, invalid tag length 18
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 18 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
-
-PSA AEAD encrypt/decrypt, AES-GCM, 19 bytes #1
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E":PSA_SUCCESS
-
-PSA AEAD encrypt/decrypt, AES GCM, 19 bytes #2
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_SUCCESS
-
-PSA AEAD encrypt, AES-GCM, 128 bytes #1
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
-
-PSA AEAD encrypt, AES-GCM, 128 bytes #2
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56"
-
-PSA AEAD encrypt, AES-GCM, 128 bytes #1, T=4
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 4 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847f"
-
-PSA AEAD encrypt, AES-GCM, 128 bytes #1, T=15
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a"
-
-PSA AEAD encrypt, AES-GCM, 128 bytes #1, T=16
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 16 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
-
-PSA AEAD decrypt, AES-GCM, 144 bytes #1
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
-
-PSA AEAD decrypt, AES-GCM, 144 bytes #2
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS
-
-PSA AEAD decrypt, AES-GCM, 144 bytes, T=4
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 4 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
-
-PSA AEAD decrypt, AES-GCM, 144 bytes, T=15
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
-
-PSA AEAD decrypt, AES-GCM, 144 bytes, T=16
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 16 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
-
-PSA AEAD decrypt, AES-GCM, invalid signature
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE
-
-PSA AEAD decrypt, AES-GCM, T=15 but passing 16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_INVALID_SIGNATURE
-
-PSA AEAD decrypt: AES-GCM, invalid tag length 0
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 0 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
-
-PSA AEAD decrypt: AES-GCM, invalid tag length 2
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 2 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
-
-PSA AEAD decrypt: AES-GCM, invalid tag length 18
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 18 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
-
-PSA AEAD encrypt: ChaCha20-Poly1305 (RFC7539)
-depends_on:MBEDTLS_CHACHAPOLY_C
-aead_encrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b61161ae10b594f09e26a7e902ecbd0600691"
-
-PSA AEAD encrypt: ChaCha20-Poly1305 (zero-length input)
-depends_on:MBEDTLS_CHACHAPOLY_C
-aead_encrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"":"":"a0784d7a4716f3feb4f64e7f4b39bf04"
-
-PSA AEAD decrypt: ChaCha20-Poly1305 (RFC7539, good tag)
-depends_on:MBEDTLS_CHACHAPOLY_C
-aead_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b61161ae10b594f09e26a7e902ecbd0600691":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":PSA_SUCCESS
-
-PSA AEAD decrypt: ChaCha20-Poly1305 (RFC7539, bad tag)
-depends_on:MBEDTLS_CHACHAPOLY_C
-aead_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b61161ae10b594f09e26a7e902ecbd0600690":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":PSA_ERROR_INVALID_SIGNATURE
-
-PSA AEAD decrypt: ChaCha20-Poly1305 (good tag, zero-length input)
-depends_on:MBEDTLS_CHACHAPOLY_C
-aead_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"":"a0784d7a4716f3feb4f64e7f4b39bf04":"":PSA_SUCCESS
-
-PSA AEAD encrypt/decrypt: invalid algorithm (CTR)
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"000102030405060708090A0B0C0D0E0F":"":"":PSA_ERROR_NOT_SUPPORTED
-
-PSA AEAD encrypt/decrypt: invalid algorithm (ChaCha20)
-depends_on:MBEDTLS_CHACHA20_C
-aead_encrypt_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_STREAM_CIPHER:"":"":"":PSA_ERROR_NOT_SUPPORTED
-
-PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw
-signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
-
-PSA signature size: RSA public key, 1024 bits, PKCS#1 v1.5 raw
-signature_size:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
-
-PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 SHA-256
-signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):128
-
-PSA signature size: RSA keypair, 1024 bits, PSS
-signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):128
-
-PSA signature size: RSA keypair, 1023 bits, PKCS#1 v1.5 raw
-signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1023:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
-
-PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw
-signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1025:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:129
-
-PSA import/exercise RSA keypair, PKCS#1 v1.5 raw
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW
-
-PSA import/exercise RSA keypair, PSS-SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256)
-
-PSA import/exercise RSA public key, PKCS#1 v1.5 raw
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW
-
-PSA import/exercise RSA public key, PSS-SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256)
-
-PSA import/exercise: ECP SECP256R1 keypair, ECDSA
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA_ANY
-
-PSA import/exercise: ECP SECP256R1 keypair, deterministic ECDSA
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 )
-
-PSA import/exercise: ECP SECP256R1 keypair, ECDH
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDH
-
-PSA import/exercise: HKDF SHA-256
-depends_on:MBEDTLS_SHA256_C
-import_and_exercise_key:"c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0":PSA_KEY_TYPE_DERIVE:192:PSA_ALG_HKDF(PSA_ALG_SHA_256)
-
-PSA import/exercise: TLS 1.2 PRF SHA-256
-depends_on:MBEDTLS_SHA256_C
-import_and_exercise_key:"c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0":PSA_KEY_TYPE_DERIVE:192:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
-
-PSA sign: RSA PKCS#1 v1.5, raw
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-sign_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a"
-
-PSA sign: RSA PKCS#1 v1.5 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-sign_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
-
-PSA sign: deterministic ECDSA SECP256R1 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
-
-PSA sign: deterministic ECDSA SECP256R1 SHA-384
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C
-sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca"
-
-PSA sign: deterministic ECDSA SECP384R1 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":"52d92aac1fcc0fea3ecce01a9ed4bc9ac342f92470fd3f54d0d6d2fa5d2940405057a9d49a817c2b193322f05fc93ac1c7a055edac93bec0ade6814ab27b86b5295ac1ddb323818200f00c3d94d959f714f128b64a2e19628037ac009b14774f"
-
-PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT
-
-PSA sign: RSA PKCS#1 v1.5, invalid hash (wildcard)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-# Arguably the error should be INVALID_ARGUMENT, but NOT_SUPPORTED is simpler
-# to implement.
-sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_NOT_SUPPORTED
-
-PSA sign: RSA PKCS#1 v1.5 raw, input too large
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_INVALID_ARGUMENT
-
-PSA sign: RSA PKCS#1 v1.5 SHA-256, output buffer too small
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL
-
-PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC
-sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL
-
-PSA sign: RSA PKCS#1 v1.5 SHA-256, empty output buffer
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_BUFFER_TOO_SMALL
-
-PSA sign: deterministic ECDSA SECP256R1 SHA-256, empty output buffer
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":0:PSA_ERROR_BUFFER_TOO_SMALL
-
-PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (0)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C
-sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
-
-PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (wildcard)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C
-sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
-
-PSA sign: invalid key type, signing with a public key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
-
-PSA sign: invalid algorithm for ECC key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21
-sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
-
-PSA sign/verify: RSA PKCS#1 v1.5, raw
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263"
-
-PSA sign/verify: RSA PKCS#1 v1.5 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
-
-PSA sign/verify: RSA PSS SHA-256, 0 bytes
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):""
-
-PSA sign/verify: RSA PSS SHA-256, 32 bytes (hash size)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
-
-PSA sign/verify: RSA PSS SHA-256, 129 bytes
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-
-PSA sign/verify: randomized ECDSA SECP256R1 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
-
-PSA sign/verify: deterministic ECDSA SECP256R1 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
-
-PSA sign/verify: randomized ECDSA SECP256R1 SHA-384
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f"
-
-PSA sign/verify: deterministic ECDSA SECP256R1 SHA-384
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C
-sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f"
-
-PSA sign/verify: randomized ECDSA SECP384R1 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C
-sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
-
-PSA sign/verify: deterministic ECDSA SECP384R1 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
-
-PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
-
-PSA verify with keypair: RSA PKCS#1 v1.5 SHA-256, good signature
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-asymmetric_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
-
-PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong hash length
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C
-asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT
-
-PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (same size)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
-
-PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (empty)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":PSA_ERROR_INVALID_SIGNATURE
-
-PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (truncated)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc73":PSA_ERROR_INVALID_SIGNATURE
-
-PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (trailing junk)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc731121":PSA_ERROR_INVALID_SIGNATURE
-
-PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (leading junk)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"21a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
-
-PSA verify: RSA PSS SHA-256, good signature, 0 bytes
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d"
-
-PSA verify: RSA PSS SHA-256, good signature, 32 bytes (hash size)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"1967ae568cc071dfebeeca76b11d40bd1ec5af241c50b3dcceff21f4536c0693a7179a8d5d163a7625fefd37c161127800edeebc24fa73ca772096827bd3f75e8ccf2c64f07b7171b5c99022a4d73b760f34a385ccff0bd5ed7997d2a29d2847acb0767f93a2a404bc046c97de66d95dc9f7646fdb216b627b2ea0de8afcefb7"
-
-PSA verify: RSA PSS SHA-256, good signature, 129 bytes
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308"
-
-PSA verify: ECDSA SECP256R1, good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
-
-PSA verify with keypair: ECDSA SECP256R1, good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-asymmetric_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
-
-PSA verify: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE
-
-PSA verify: ECDSA SECP256R1, wrong signature of correct size
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE
-
-PSA verify: ECDSA SECP256R1, wrong signature (empty)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"":PSA_ERROR_INVALID_SIGNATURE
-
-PSA verify: ECDSA SECP256R1, wrong signature (truncated)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f5":PSA_ERROR_INVALID_SIGNATURE
-
-PSA verify: ECDSA SECP256R1, wrong signature (trailing junk)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f21":PSA_ERROR_INVALID_SIGNATURE
-
-PSA verify: ECDSA SECP256R1, wrong signature (leading junk)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"216a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE
-
-PSA verify: invalid algorithm for ECC key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT
-
-PSA encrypt: RSA PKCS#1 v1.5, good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
-
-PSA encrypt: RSA OAEP-SHA-256, good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
-
-PSA encrypt: RSA OAEP-SHA-256, good, with label
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00":128:PSA_SUCCESS
-
-PSA encrypt: RSA OAEP-SHA-384, good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS
-
-PSA encrypt: RSA OAEP-SHA-384, good, with label
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"746869730069730061006c6162656c00":128:PSA_SUCCESS
-
-PSA encrypt: RSA PKCS#1 v1.5, key pair
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
-
-PSA encrypt: RSA OAEP-SHA-256, key pair
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
-
-PSA encrypt: RSA PKCS#1 v1.5, input too large
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"":0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA encrypt: RSA PKCS#1 v1.5: salt not allowed
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA encrypt: RSA OAEP-SHA-384, input too large
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"":0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA encrypt: invalid algorithm
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA encrypt: RSA PKCS#1 v1.5: invalid key type
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #1
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":""
-
-PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #2
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":""
-
-PSA encrypt-decrypt: RSA OAEP-SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":""
-
-PSA encrypt-decrypt: RSA OAEP-SHA-256, with label
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00"
-
-PSA encrypt-decrypt: RSA OAEP-SHA-384
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":""
-
-PSA decrypt: RSA PKCS#1 v1.5: good #1
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
-
-PSA decrypt: RSA PKCS#1 v1.5: good #2
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff"
-
-PSA decrypt: RSA PKCS#1 v1.5, 0 bytes, output too small
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":0:PSA_ERROR_BUFFER_TOO_SMALL
-
-PSA decrypt: RSA PKCS#1 v1.5, 0 bytes, good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT:"1b4c1d06439b99f886048b8544607b5e8e5ac6828ad9d0b7ad4ec0b314a4d8052f8bbeab6c85dbddff0b90cc76395a7a0c4f9cc29cd7be20be0b38ff611800d6":"":""
-
-PSA decrypt: RSA OAEP-SHA-256, 0 bytes
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3d3146b1c982004273a9ebb9b063e6ae53b1a85bfc802324bcdd04faa0f7211fb2bdeea40358095554df9c250866c7361e738f0d270eaa27738e87928c5e31815506346727900ff03cef0be6f9dd6bba63ce89074e8194fe68b5a5739422d4f138bbbb61f49b76cf1f18def2c993e3113b08c191ea1da0feb94f8fd9b30109a1":"":""
-
-PSA decrypt: RSA OAEP-SHA-256, 0 bytes, with label
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"14e57648fbbd3c2c195d71fcb9b6c332e2ad9e3402aa701e7270b05775e9ddd025e2330d7b84e67866524c67f9c38b11e4679e28a38574b47f8d218a1a04a7466754d6ea7f959ab1f5b85d066d3f90076e8219f66653f7b78a9789d76213505b4e75ec28081608ed2f1ea1238e3eeab011ce4ec147327cd0ca029c2818133cb6":"746869730069730061006c6162656c00":""
-
-PSA decrypt: RSA OAEP-SHA-256, 30 bytes
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"":"74686973206973206e6f2073717565616d697368206f7373696672616765"
-
-PSA decrypt: RSA OAEP-SHA-256, 30 bytes, with label
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c00":"74686973206973206e6f2073717565616d697368206f7373696672616765"
-
-PSA decrypt: RSA OAEP-SHA-384, 30 bytes
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0df6750b8fed749359c016887d2cf097cc512c065526a91a7ee9b345a1bfff833737e7326e54d03f6bb65971962885a7661a16858d53ea55821052f4c7798d395b5c5495332fd4174451a1a437f36c27f446b96f309ff1cb6837274aa8ae2b51a8a479d736d25b8d2ca8ab96fe589553a3e52818b7df75544eb5469977b29aa4":"":"74686973206973206e6f2073717565616d697368206f7373696672616765"
-
-PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (should be empty)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"00":128:PSA_ERROR_INVALID_PADDING
-
-PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (empty)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"":128:PSA_ERROR_INVALID_PADDING
-
-PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (same length)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c01":128:PSA_ERROR_INVALID_PADDING
-
-PSA decrypt: RSA PKCS#1 v1.5, invalid padding
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":"":128:PSA_ERROR_INVALID_PADDING
-
-PSA decrypt: RSA PKCS#1 v1.5: salt not allowed
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":128:PSA_ERROR_INVALID_ARGUMENT
-
-PSA decrypt: RSA OAEP-SHA-256, invalid padding
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75428":"":128:PSA_ERROR_INVALID_PADDING
-
-PSA decrypt: invalid algorithm
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT
-
-PSA decrypt: RSA PKCS#1 v1.5, invalid key type (RSA public key)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT
-
-PSA decrypt: RSA OAEP, invalid key type (RSA public key)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT
-
-PSA decrypt: RSA PKCS#1 v1.5: invalid key type (AES)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396e":"":16:PSA_ERROR_INVALID_ARGUMENT
-
-PSA decrypt: RSA PKCS#1 v1.5, input too small
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":127:PSA_ERROR_INVALID_ARGUMENT
-
-PSA decrypt: RSA PKCS#1 v1.5, input too large
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT
-
-PSA decrypt: RSA OAEP-SHA-256, input too small
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":127:PSA_ERROR_INVALID_ARGUMENT
-
-PSA decrypt: RSA OAEP-SHA-256, input too large
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT
-
-Crypto derivation operation object initializers zero properly
-key_derivation_init:
-
-PSA key derivation setup: HKDF-SHA-256, good case
-depends_on:MBEDTLS_SHA256_C
-derive_setup:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_SUCCESS
-
-PSA key derivation setup: HKDF-SHA-512, good case
-depends_on:MBEDTLS_SHA512_C
-derive_setup:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_SUCCESS
-
-PSA key derivation setup: TLS 1.2 PRF SHA-256, good case
-depends_on:MBEDTLS_SHA256_C
-derive_setup:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_SUCCESS
-
-PSA key derivation setup: not a key derivation algorithm (HMAC)
-depends_on:MBEDTLS_SHA256_C
-derive_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
-
-PSA key derivation setup: algorithm from bad hash
-depends_on:MBEDTLS_SHA256_C
-derive_setup:PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):PSA_ERROR_NOT_SUPPORTED
-
-PSA key derivation setup: bad algorithm
-depends_on:MBEDTLS_SHA256_C
-derive_setup:PSA_ALG_CATEGORY_KEY_DERIVATION:PSA_ERROR_NOT_SUPPORTED
-
-PSA key derivation: HKDF-SHA-256, good case, direct output
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
-
-PSA key derivation: HKDF-SHA-256, good case, key output
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
-
-PSA key derivation: HKDF-SHA-512, good case
-depends_on:MBEDTLS_SHA512_C
-derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
-
-PSA key derivation: HKDF-SHA-256, bad key type
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
-
-PSA key derivation: HKDF-SHA-256, bad key type, key output
-depends_on:MBEDTLS_SHA256_C
-# Whether we get NOT_PERMITTED or BAD_STATE for the output is an implementation
-# detail.
-derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED
-
-PSA key derivation: HKDF-SHA-256, direct secret, direct output
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
-
-PSA key derivation: HKDF-SHA-256, direct empty secret, direct output
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
-
-PSA key derivation: HKDF-SHA-256, direct secret, key output
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED
-
-PSA key derivation: HKDF-SHA-256, direct empty secret, key output
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED
-
-PSA key derivation: HKDF-SHA-256, RAW_DATA key as salt
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_RAW_DATA:"412073616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
-
-PSA key derivation: HKDF-SHA-256, RAW_DATA key as info
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_RAW_DATA:"4120696e666f":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
-
-PSA key derivation: HKDF-SHA-256, DERIVE key as salt, direct output
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"412073616c74":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
-
-PSA key derivation: HKDF-SHA-256, DERIVE key as salt, key output
-depends_on:MBEDTLS_SHA256_C
-# Whether we get NOT_PERMITTED or BAD_STATE for the output is an implementation
-# detail.
-derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"412073616c74":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_BAD_STATE
-
-PSA key derivation: HKDF-SHA-256, DERIVE key as info
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_DERIVE:"4120696e666f":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
-
-PSA key derivation: TLS 1.2 PRF SHA-256, good case
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
-
-PSA key derivation: TLS 1.2 PRF SHA-256, key first
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
-
-PSA key derivation: TLS 1.2 PRF SHA-256, label first
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
-
-PSA key derivation: TLS 1.2 PRF SHA-256, early label
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
-
-PSA key derivation: TLS 1.2 PRF SHA-256, double seed
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
-
-PSA key derivation: TLS 1.2 PRF SHA-256, double key
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
-
-PSA key derivation: TLS 1.2 PRF SHA-256, bad key type
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
-
-PSA key derivation: TLS 1.2 PRF SHA-256, direct secret
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
-
-PSA key derivation: TLS 1.2 PRF SHA-256, direct empty secret
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
-
-PSA key derivation: TLS 1.2 PRF SHA-256, RAW_DATA key as seed
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_RAW_DATA:"612073656564":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
-
-PSA key derivation: TLS 1.2 PRF SHA-256, RAW_DATA key as label
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_RAW_DATA:"61206c6162656c":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
-
-PSA key derivation: TLS 1.2 PRF SHA-256, DERIVE key as seed
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_DERIVE:"612073656564":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
-
-PSA key derivation: TLS 1.2 PRF SHA-256, DERIVE key as label
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_DERIVE:"61206c6162656c":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
-
-PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, PSK too long (160 Bytes)
-depends_on:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
-
-PSA key derivation: ECDH on P256 with HKDF-SHA256, raw output
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
-
-PSA key derivation: ECDH on P256 with HKDF-SHA256, key output
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_SUCCESS
-
-PSA key derivation: HKDF invalid state (double generate + read past capacity)
-depends_on:MBEDTLS_SHA256_C
-test_derive_invalid_key_derivation_state:PSA_ALG_HKDF(PSA_ALG_SHA_256)
-
-PSA key derivation: TLS 1.2 PRF invalid state (double generate + read past capacity)
-depends_on:MBEDTLS_SHA256_C
-test_derive_invalid_key_derivation_state:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
-
-PSA key derivation: invalid state (call read/get_capacity after init and abort)
-depends_on:MBEDTLS_SHA256_C
-test_derive_invalid_key_derivation_tests:
-
-PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":""
-
-PSA key derivation: HKDF SHA-256, RFC5869 #1, output 32+10
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf":"34007208d5b887185865"
-
-PSA key derivation: HKDF SHA-256, RFC5869 #1, output 0+42
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
-
-PSA key derivation: HKDF SHA-256, RFC5869 #1, output 1+41
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3c":"b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
-
-PSA key derivation: HKDF SHA-256, RFC5869 #1, output 41+0
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858":""
-
-PSA key derivation: HKDF SHA-256, RFC5869 #1, output 1+40
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3c":"b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858"
-
-PSA key derivation: HKDF SHA-256, RFC5869 #2, output 82+0
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":PSA_KEY_DERIVATION_INPUT_SECRET:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":PSA_KEY_DERIVATION_INPUT_INFO:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":82:"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87":""
-
-PSA key derivation: HKDF SHA-256, RFC5869 #3, output 42+0
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":42:"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8":""
-
-PSA key derivation: HKDF SHA-1, RFC5869 #4, output 42+0
-depends_on:MBEDTLS_SHA1_C
-derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896":""
-
-PSA key derivation: HKDF SHA-1, RFC5869 #5, output 82+0
-depends_on:MBEDTLS_SHA1_C
-derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":PSA_KEY_DERIVATION_INPUT_SECRET:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":PSA_KEY_DERIVATION_INPUT_INFO:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":82:"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4":""
-
-PSA key derivation: HKDF SHA-1, RFC5869 #6, output 42+0
-depends_on:MBEDTLS_SHA1_C
-derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":42:"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918":""
-
-PSA key derivation: HKDF SHA-1, RFC5869 #7, output 42+0
-depends_on:MBEDTLS_SHA1_C
-derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":PSA_KEY_DERIVATION_INPUT_INFO:"":42:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":""
-
-# Test vectors taken from https://www.ietf.org/mail-archive/web/tls/current/msg03416.html
-PSA key derivation: TLS 1.2 PRF SHA-256, output 100+0
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66":""
-
-PSA key derivation: TLS 1.2 PRF SHA-256, output 99+1
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b":"66"
-
-PSA key derivation: TLS 1.2 PRF SHA-256, output 1+99
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3":"f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66"
-
-PSA key derivation: TLS 1.2 PRF SHA-256, output 50+50
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66"
-
-PSA key derivation: TLS 1.2 PRF SHA-256, output 50+49
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b"
-
-PSA key derivation: TLS 1.2 PRF SHA-384, output 148+0
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f":""
-
-PSA key derivation: TLS 1.2 PRF SHA-384, output 147+1
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5":"6f"
-
-PSA key derivation: TLS 1.2 PRF SHA-384, output 1+147
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b":"0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f"
-
-PSA key derivation: TLS 1.2 PRF SHA-384, output 74+74
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f"
-
-PSA key derivation: TLS 1.2 PRF SHA-384, output 74+73
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5"
-
-# Test case manually extracted from debug output of TLS-PSK run
-# Label: "master secret"
-# Salt: Concatenation of ClientHello.Random and ServerHello.Random
-PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 48+0
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710":""
-
-PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 24+24
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32c":"a43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710"
-
-PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 0+48
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"":"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710"
-
-PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 48+0
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18":""
-
-PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 24+24
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"":"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18"
-
-PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 0+48
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c8":"5ca71689301f9f4d875128c87608b75250b20a9550e4fe18"
-
-PSA key derivation: HKDF SHA-256, request maximum capacity
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":255 * 32:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":""
-
-PSA key derivation: HKDF SHA-1, request maximum capacity
-depends_on:MBEDTLS_SHA1_C
-derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":PSA_KEY_DERIVATION_INPUT_INFO:"":255 * 20:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":""
-
-PSA key derivation: HKDF SHA-256, request too much capacity
-depends_on:MBEDTLS_SHA256_C
-derive_set_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_256):255 * 32 + 1:PSA_ERROR_INVALID_ARGUMENT
-
-PSA key derivation: HKDF SHA-1, request too much capacity
-depends_on:MBEDTLS_SHA1_C
-derive_set_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_1):255 * 20 + 1:PSA_ERROR_INVALID_ARGUMENT
-
-PSA key derivation: over capacity 42: output 42+1
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"ff"
-
-PSA key derivation: over capacity 42: output 41+2
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858":"65ff"
-
-PSA key derivation: over capacity 42: output 43+0
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":""
-
-PSA key derivation: over capacity 42: output 43+1
-depends_on:MBEDTLS_SHA256_C
-derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":"ff"
-
-PSA key derivation: HKDF SHA-256, read maximum capacity minus 1
-depends_on:MBEDTLS_SHA256_C
-derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 - 1
-
-PSA key derivation: HKDF SHA-256, read maximum capacity
-depends_on:MBEDTLS_SHA256_C
-derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32
-
-PSA key derivation: TLS 1.2 PRF SHA-256, read maximum capacity minus 1
-depends_on:MBEDTLS_SHA256_C
-derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 - 1
-
-PSA key derivation: TLS 1.2 PRF SHA-256, read maximum capacity
-depends_on:MBEDTLS_SHA256_C
-derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32
-
-PSA key derivation: HKDF SHA-256, exercise AES128-CTR
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
-
-PSA key derivation: HKDF SHA-256, exercise AES256-CTR
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
-
-PSA key derivation: HKDF SHA-256, exercise DES-CBC
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
-
-PSA key derivation: HKDF SHA-256, exercise 2-key 3DES-CBC
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
-
-PSA key derivation: HKDF SHA-256, exercise 3-key 3DES-CBC
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
-
-PSA key derivation: HKDF SHA-256, exercise HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
-derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256)
-
-PSA key derivation: TLS 1.2 PRF SHA-256, exercise AES128-CTR
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
-
-PSA key derivation: TLS 1.2 PRF SHA-256, exercise AES256-CTR
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
-
-PSA key derivation: TLS 1.2 PRF SHA-256, exercise DES-CBC
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
-
-PSA key derivation: TLS 1.2 PRF SHA-256, exercise 2-key 3DES-CBC
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
-
-PSA key derivation: TLS 1.2 PRF SHA-256, exercise 3-key 3DES-CBC
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
-
-PSA key derivation: TLS 1.2 PRF SHA-256, exercise HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
-derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256)
-
-PSA key derivation: TLS 1.2 PRF SHA-256, exercise HKDF-SHA-256
-depends_on:MBEDTLS_SHA256_C
-derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DERIVE:400:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256)
-
-PSA key derivation: HKDF SHA-256, derive key export, 16+32
-depends_on:MBEDTLS_SHA256_C
-derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":16:32
-
-PSA key derivation: HKDF SHA-256, derive key export, 1+41
-depends_on:MBEDTLS_SHA256_C
-derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41
-
-PSA key derivation: TLS 1.2 PRF SHA-256, derive key export, 16+32
-depends_on:MBEDTLS_SHA256_C
-derive_key_export:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":16:32
-
-PSA key derivation: TLS 1.2 PRF SHA-256, derive key export, 1+41
-depends_on:MBEDTLS_SHA256_C
-derive_key_export:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41
-
-PSA key derivation: invalid type (0)
-depends_on:MBEDTLS_SHA256_C
-derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_NONE:128:PSA_ERROR_INVALID_ARGUMENT
-
-PSA key derivation: invalid type (PSA_KEY_TYPE_CATEGORY_MASK)
-depends_on:MBEDTLS_SHA256_C
-derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_ERROR_INVALID_ARGUMENT
-
-PSA key derivation: invalid length (0)
-depends_on:MBEDTLS_SHA256_C
-# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED
-derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA key derivation: invalid length (7 bits)
-depends_on:MBEDTLS_SHA256_C
-derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:7:PSA_ERROR_INVALID_ARGUMENT
-
-PSA key derivation: raw data, 8 bits
-depends_on:MBEDTLS_SHA256_C
-derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:8:PSA_SUCCESS
-
-PSA key derivation: invalid length (9 bits)
-depends_on:MBEDTLS_SHA256_C
-derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:9:PSA_ERROR_INVALID_ARGUMENT
-
-# This test assumes that PSA_MAX_KEY_BITS (currently 65536-8 bits = 8191 bytes
-# and not expected to be raised any time soon) is less than the maximum
-# output from HKDF-SHA512 (255*64 = 16320 bytes).
-PSA key derivation: largest possible key
-depends_on:MBEDTLS_SHA512_C
-derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:PSA_MAX_KEY_BITS:PSA_SUCCESS
-
-PSA key derivation: key too large
-depends_on:MBEDTLS_SHA512_C
-derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:PSA_MAX_KEY_BITS + 1:PSA_ERROR_NOT_SUPPORTED
-
-PSA key agreement setup: ECDH + HKDF-SHA-256: good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS
-
-PSA key agreement setup: ECDH + HKDF-SHA-256: good, key algorithm broader than required
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDH:"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS
-
-PSA key agreement setup: ECDH + HKDF-SHA-256: key algorithm KDF mismatch
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_512)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_PERMITTED
-
-PSA key agreement setup: ECDH + HKDF-SHA-256: public key not on curve
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ff":PSA_ERROR_INVALID_ARGUMENT
-
-PSA key agreement setup: ECDH + HKDF-SHA-256: public key on different curve
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT
-
-PSA key agreement setup: ECDH + HKDF-SHA-256: public key instead of private key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
-
-PSA key agreement setup: ECDH, unknown KDF
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED
-
-PSA key agreement setup: bad key agreement algorithm
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-key_agreement_setup:PSA_ALG_KEY_AGREEMENT(0, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(0, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
-
-PSA key agreement setup: KDF instead of a key agreement algorithm
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-key_agreement_setup:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_HKDF(PSA_ALG_SHA_256):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
-
-PSA raw key agreement: ECDH SECP256R1 (RFC 5903)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de"
-
-PSA raw key agreement: ECDH SECP384R1 (RFC 5903)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C
-raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746"
-
-PSA raw key agreement: ECDH SECP521R1 (RFC 5903)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C
-raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea"
-
-PSA raw key agreement: ECDH brainpoolP256r1 (RFC 7027)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C
-raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b"
-
-PSA raw key agreement: ECDH brainpoolP384r1 (RFC 7027)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C
-raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42"
-
-PSA raw key agreement: ECDH brainpoolP512r1 (RFC 7027)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C
-raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f"
-
-PSA raw key agreement: X25519 (RFC 7748: Alice)
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED:MBEDTLS_ECDH_C
-raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":"de9edb7d7b7dc1b4d35b61c2ece435373f8343c85b78674dadfc7e146f882b4f":"4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742"
-
-PSA raw key agreement: X25519 (RFC 7748: Bob)
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED:MBEDTLS_ECDH_C
-raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"5dab087e624a8a4b79e17f8b83800ee66f3bb1292618b6fd1c2f8b27ff88e0eb":"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742"
-
-PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: capacity=8160
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_capacity:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":8160
-
-PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+0
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":""
-
-PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 31+1
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4":"41"
-
-PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 1+31
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3b":"f511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441"
-
-PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 0+32
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441"
-
-PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+32
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"7883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992"
-
-PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 64+0
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
-key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4417883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992":""
-
-PSA generate random: 0 bytes
-generate_random:0
-
-PSA generate random: 1 byte
-generate_random:1
-
-PSA generate random: 4 bytes
-generate_random:4
-
-PSA generate random: 16 bytes
-generate_random:16
-
-PSA generate random: 19 bytes
-generate_random:19
-
-PSA generate random: 260 bytes
-generate_random:260
-
-PSA generate random: MBEDTLS_CTR_DRBG_MAX_REQUEST bytes
-generate_random:MBEDTLS_CTR_DRBG_MAX_REQUEST
-
-PSA generate random: MBEDTLS_CTR_DRBG_MAX_REQUEST+1 bytes
-generate_random:MBEDTLS_CTR_DRBG_MAX_REQUEST + 1
-
-PSA generate random: 2*MBEDTLS_CTR_DRBG_MAX_REQUEST+1 bytes
-generate_random:2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1
-
-PSA generate key: bad type (0)
-generate_key:PSA_KEY_TYPE_NONE:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED
-
-PSA generate key: bad type (PSA_KEY_TYPE_CATEGORY_MASK)
-generate_key:PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED
-
-PSA generate key: bad type (RSA public key)
-generate_key:PSA_KEY_TYPE_RSA_PUBLIC_KEY:512:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED
-
-PSA generate key: raw data, 0 bits: invalid argument
-# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED
-generate_key:PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA generate key: raw data, 7 bits: invalid argument
-generate_key:PSA_KEY_TYPE_RAW_DATA:7:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA generate key: raw data, 8 bits
-generate_key:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS
-
-PSA generate key: raw data, 9 bits: invalid argument
-generate_key:PSA_KEY_TYPE_RAW_DATA:9:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT
-
-PSA generate key: raw data, (MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8 bits
-generate_key:PSA_KEY_TYPE_RAW_DATA:(MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS
-
-PSA generate key: raw data, (2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8 bits
-generate_key:PSA_KEY_TYPE_RAW_DATA:(2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS
-
-PSA generate key: raw data, 65528 bits (ok)
-depends_on:HAVE_RAM_AVAILABLE_128K
-generate_key:PSA_KEY_TYPE_RAW_DATA:65528:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS
-
-PSA generate key: raw data, 65536 bits (not supported)
-generate_key:PSA_KEY_TYPE_RAW_DATA:65536:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED
-
-PSA generate key: AES, 128 bits, CTR
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_SUCCESS
-
-PSA generate key: AES, 128 bits, GCM
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_GCM:PSA_SUCCESS
-
-PSA generate key: DES, 64 bits, CBC-nopad
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS
-
-PSA generate key: DES, 128 bits, CBC-nopad
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-generate_key:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS
-
-PSA generate key: DES, 192 bits, CBC-nopad
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-generate_key:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS
-
-PSA generate key: invalid key size: AES, 64 bits
-depends_on:MBEDTLS_AES_C
-generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
-
-PSA generate key: RSA, 512 bits, good, sign (PKCS#1 v1.5)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15
-generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
-
-PSA generate key: RSA, 1016 bits, good, sign (PKCS#1 v1.5)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15
-generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1016:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
-
-PSA generate key: RSA, 1024 bits, good, sign (PSS SHA-256)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS
-
-PSA generate key: RSA, 512 bits, good, encrypt (PKCS#1 v1.5)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15
-generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS
-
-PSA generate key: RSA, 1024 bits, good, encrypt (OAEP SHA-256)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_SUCCESS
-
-PSA generate key: RSA, 0 bits: invalid
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
-# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED
-generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT
-
-PSA generate key: RSA, 1022 bits: not supported
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
-generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1022:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED
-
-PSA generate key: RSA, 1023 bits: not supported
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
-generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1023:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED
-
-PSA generate key: RSA, maximum size exceeded
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
-generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_VENDOR_RSA_MAX_KEY_BITS+1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED
-
-PSA generate key: ECC, SECP256R1, good
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS
-
-PSA generate key: ECC, SECP256R1, incorrect bit size
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-# INVALID_ARGUMENT would make more sense, but our code as currently structured
-# doesn't fully relate the curve with its size.
-generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_ERROR_NOT_SUPPORTED
-
-PSA generate key: ECC, Curve25519, good
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED:MBEDTLS_ECDH_C
-generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_SUCCESS
-
-PSA generate key: RSA, default e
-generate_key_rsa:512:"":PSA_SUCCESS
-
-PSA generate key: RSA, e=3
-generate_key_rsa:512:"03":PSA_SUCCESS
-
-PSA generate key: RSA, e=65537
-generate_key_rsa:512:"010001":PSA_SUCCESS
-
-PSA generate key: RSA, e=513
-generate_key_rsa:512:"0201":PSA_SUCCESS
-
-PSA generate key: RSA, e=1
-generate_key_rsa:512:"01":PSA_ERROR_INVALID_ARGUMENT
-
-PSA generate key: RSA, e=2
-generate_key_rsa:512:"01":PSA_ERROR_INVALID_ARGUMENT
-
-PSA import persistent key: raw data, 8 bits
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
-persistent_key_load_key_from_storage:"2a":PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:IMPORT_KEY
-
-PSA import persistent key: AES, 128 bits, exportable
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
-persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:IMPORT_KEY
-
-PSA import persistent key: AES, 128 bits, non-exportable
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
-persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:IMPORT_KEY
-
-PSA generate persistent key: raw data, 8 bits, exportable
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:GENERATE_KEY
-
-PSA generate persistent key: AES, 128 bits, exportable
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_PSA_CRYPTO_STORAGE_C
-persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:GENERATE_KEY
-
-PSA generate persistent key: AES, 128 bits, non-exportable
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_PSA_CRYPTO_STORAGE_C
-persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:GENERATE_KEY
-
-PSA generate persistent key: DES, 64 bits, exportable
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PSA_CRYPTO_STORAGE_C
-persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:GENERATE_KEY
-
-PSA generate persistent key: RSA, 1024 bits, exportable
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
-persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):GENERATE_KEY
-
-PSA generate persistent key: ECC, SECP256R1, exportable
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
-persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:GENERATE_KEY
-
-PSA derive persistent key: HKDF SHA-256, exportable
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
-persistent_key_load_key_from_storage:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_TYPE_RAW_DATA:1024:PSA_KEY_USAGE_EXPORT:0:DERIVE_KEY
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto.function
deleted file mode 100644
index 8e71610..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto.function
+++ /dev/null
@@ -1,5876 +0,0 @@
-/* BEGIN_HEADER */
-#include <stdint.h>
-
-#include "mbedtls/asn1.h"
-#include "mbedtls/asn1write.h"
-#include "mbedtls/oid.h"
-
-/* For MBEDTLS_CTR_DRBG_MAX_REQUEST, knowing that psa_generate_random()
- * uses mbedtls_ctr_drbg internally. */
-#include "mbedtls/ctr_drbg.h"
-
-#include "test/psa_crypto_helpers.h"
-
-/* Tests that require more than 128kB of RAM plus change have this symbol
- * as a dependency. Currently we always define this symbol, so the tests
- * are always executed. In the future we should make this conditional
- * so that tests that require a lot of memory are skipped on constrained
- * platforms. */
-#define HAVE_RAM_AVAILABLE_128K
-
-#include "psa/crypto.h"
-#include "psa_crypto_slot_management.h"
-
-/** An invalid export length that will never be set by psa_export_key(). */
-static const size_t INVALID_EXPORT_LENGTH = ~0U;
-
-/* A hash algorithm that is known to be supported.
- *
- * This is used in some smoke tests.
- */
-#if defined(MBEDTLS_MD2_C)
-#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD2
-#elif defined(MBEDTLS_MD4_C)
-#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD4
-#elif defined(MBEDTLS_MD5_C)
-#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD5
-/* MBEDTLS_RIPEMD160_C omitted. This is necessary for the sake of
- * exercise_signature_key() because Mbed TLS doesn't support RIPEMD160
- * in RSA PKCS#1v1.5 signatures. A RIPEMD160-only configuration would be
- * implausible anyway. */
-#elif defined(MBEDTLS_SHA1_C)
-#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_1
-#elif defined(MBEDTLS_SHA256_C)
-#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_256
-#elif defined(MBEDTLS_SHA512_C)
-#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_384
-#elif defined(MBEDTLS_SHA3_C)
-#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA3_256
-#else
-#undef KNOWN_SUPPORTED_HASH_ALG
-#endif
-
-/* A block cipher that is known to be supported.
- *
- * For simplicity's sake, stick to block ciphers with 16-byte blocks.
- */
-#if defined(MBEDTLS_AES_C)
-#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_AES
-#elif defined(MBEDTLS_ARIA_C)
-#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_ARIA
-#elif defined(MBEDTLS_CAMELLIA_C)
-#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_CAMELLIA
-#undef KNOWN_SUPPORTED_BLOCK_CIPHER
-#endif
-
-/* A MAC mode that is known to be supported.
- *
- * It must either be HMAC with #KNOWN_SUPPORTED_HASH_ALG or
- * a block cipher-based MAC with #KNOWN_SUPPORTED_BLOCK_CIPHER.
- *
- * This is used in some smoke tests.
- */
-#if defined(KNOWN_SUPPORTED_HASH_ALG)
-#define KNOWN_SUPPORTED_MAC_ALG ( PSA_ALG_HMAC( KNOWN_SUPPORTED_HASH_ALG ) )
-#define KNOWN_SUPPORTED_MAC_KEY_TYPE PSA_KEY_TYPE_HMAC
-#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CMAC_C)
-#define KNOWN_SUPPORTED_MAC_ALG PSA_ALG_CMAC
-#define KNOWN_SUPPORTED_MAC_KEY_TYPE KNOWN_SUPPORTED_BLOCK_CIPHER
-#else
-#undef KNOWN_SUPPORTED_MAC_ALG
-#undef KNOWN_SUPPORTED_MAC_KEY_TYPE
-#endif
-
-/* A cipher algorithm and key type that are known to be supported.
- *
- * This is used in some smoke tests.
- */
-#if defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CTR)
-#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CTR
-#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CBC)
-#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CBC_NO_PADDING
-#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CFB)
-#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CFB
-#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_OFB)
-#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_OFB
-#else
-#undef KNOWN_SUPPORTED_BLOCK_CIPHER_ALG
-#endif
-#if defined(KNOWN_SUPPORTED_BLOCK_CIPHER_ALG)
-#define KNOWN_SUPPORTED_CIPHER_ALG KNOWN_SUPPORTED_BLOCK_CIPHER_ALG
-#define KNOWN_SUPPORTED_CIPHER_KEY_TYPE KNOWN_SUPPORTED_BLOCK_CIPHER
-#elif defined(MBEDTLS_RC4_C)
-#define KNOWN_SUPPORTED_CIPHER_ALG PSA_ALG_RC4
-#define KNOWN_SUPPORTED_CIPHER_KEY_TYPE PSA_KEY_TYPE_RC4
-#else
-#undef KNOWN_SUPPORTED_CIPHER_ALG
-#undef KNOWN_SUPPORTED_CIPHER_KEY_TYPE
-#endif
-
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-int lifetime_is_dynamic_secure_element( psa_key_lifetime_t lifetime )
-{
-    return( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) !=
-            PSA_KEY_LOCATION_LOCAL_STORAGE );
-}
-#else
-int lifetime_is_secure_element( psa_key_lifetime_t lifetime )
-{
-    (void) lifetime;
-    return( 0 );
-}
-#endif
-
-/** Test if a buffer contains a constant byte value.
- *
- * `mem_is_char(buffer, c, size)` is true after `memset(buffer, c, size)`.
- *
- * \param buffer    Pointer to the beginning of the buffer.
- * \param c         Expected value of every byte.
- * \param size      Size of the buffer in bytes.
- *
- * \return          1 if the buffer is all-bits-zero.
- * \return          0 if there is at least one nonzero byte.
- */
-static int mem_is_char( void *buffer, unsigned char c, size_t size )
-{
-    size_t i;
-    for( i = 0; i < size; i++ )
-    {
-        if( ( (unsigned char *) buffer )[i] != c )
-            return( 0 );
-    }
-    return( 1 );
-}
-
-/* Write the ASN.1 INTEGER with the value 2^(bits-1)+x backwards from *p. */
-static int asn1_write_10x( unsigned char **p,
-                           unsigned char *start,
-                           size_t bits,
-                           unsigned char x )
-{
-    int ret;
-    int len = bits / 8 + 1;
-    if( bits == 0 )
-        return( MBEDTLS_ERR_ASN1_INVALID_DATA );
-    if( bits <= 8 && x >= 1 << ( bits - 1 ) )
-        return( MBEDTLS_ERR_ASN1_INVALID_DATA );
-    if( *p < start || *p - start < (ptrdiff_t) len )
-        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-    *p -= len;
-    ( *p )[len-1] = x;
-    if( bits % 8 == 0 )
-        ( *p )[1] |= 1;
-    else
-        ( *p )[0] |= 1 << ( bits % 8 );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start,
-                                                       MBEDTLS_ASN1_INTEGER ) );
-    return( len );
-}
-
-static int construct_fake_rsa_key( unsigned char *buffer,
-                                   size_t buffer_size,
-                                   unsigned char **p,
-                                   size_t bits,
-                                   int keypair )
-{
-    size_t half_bits = ( bits + 1 ) / 2;
-    int ret;
-    int len = 0;
-    /* Construct something that looks like a DER encoding of
-     * as defined by PKCS#1 v2.2 (RFC 8017) section A.1.2:
-     *   RSAPrivateKey ::= SEQUENCE {
-     *       version           Version,
-     *       modulus           INTEGER,  -- n
-     *       publicExponent    INTEGER,  -- e
-     *       privateExponent   INTEGER,  -- d
-     *       prime1            INTEGER,  -- p
-     *       prime2            INTEGER,  -- q
-     *       exponent1         INTEGER,  -- d mod (p-1)
-     *       exponent2         INTEGER,  -- d mod (q-1)
-     *       coefficient       INTEGER,  -- (inverse of q) mod p
-     *       otherPrimeInfos   OtherPrimeInfos OPTIONAL
-     *   }
-     * Or, for a public key, the same structure with only
-     * version, modulus and publicExponent.
-     */
-    *p = buffer + buffer_size;
-    if( keypair )
-    {
-        MBEDTLS_ASN1_CHK_ADD( len, /* pq */
-                              asn1_write_10x( p, buffer, half_bits, 1 ) );
-        MBEDTLS_ASN1_CHK_ADD( len, /* dq */
-                              asn1_write_10x( p, buffer, half_bits, 1 ) );
-        MBEDTLS_ASN1_CHK_ADD( len, /* dp */
-                              asn1_write_10x( p, buffer, half_bits, 1 ) );
-        MBEDTLS_ASN1_CHK_ADD( len, /* q */
-                              asn1_write_10x( p, buffer, half_bits, 1 ) );
-        MBEDTLS_ASN1_CHK_ADD( len, /* p != q to pass mbedtls sanity checks */
-                              asn1_write_10x( p, buffer, half_bits, 3 ) );
-        MBEDTLS_ASN1_CHK_ADD( len, /* d */
-                              asn1_write_10x( p, buffer, bits, 1 ) );
-    }
-    MBEDTLS_ASN1_CHK_ADD( len, /* e = 65537 */
-                          asn1_write_10x( p, buffer, 17, 1 ) );
-    MBEDTLS_ASN1_CHK_ADD( len, /* n */
-                          asn1_write_10x( p, buffer, bits, 1 ) );
-    if( keypair )
-        MBEDTLS_ASN1_CHK_ADD( len, /* version = 0 */
-                              mbedtls_asn1_write_int( p, buffer, 0 ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, buffer, len ) );
-    {
-        const unsigned char tag =
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE;
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, buffer, tag ) );
-    }
-    return( len );
-}
-
-int check_key_attributes_sanity( mbedtls_svc_key_id_t key )
-{
-    int ok = 0;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_lifetime_t lifetime;
-    mbedtls_svc_key_id_t id;
-    psa_key_type_t type;
-    psa_key_type_t bits;
-
-    PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
-    lifetime = psa_get_key_lifetime( &attributes );
-    id = psa_get_key_id( &attributes );
-    type = psa_get_key_type( &attributes );
-    bits = psa_get_key_bits( &attributes );
-
-    /* Persistence */
-    if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
-    {
-        TEST_ASSERT(
-            ( PSA_KEY_ID_VOLATILE_MIN <=
-              MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ) &&
-            ( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) <=
-              PSA_KEY_ID_VOLATILE_MAX ) );
-    }
-    else
-    {
-        TEST_ASSERT(
-            ( PSA_KEY_ID_USER_MIN <= MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ) &&
-            ( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) <= PSA_KEY_ID_USER_MAX ) );
-    }
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    /* randomly-generated 64-bit constant, should never appear in test data */
-    psa_key_slot_number_t slot_number = 0xec94d4a5058a1a21;
-    psa_status_t status = psa_get_key_slot_number( &attributes, &slot_number );
-    if( lifetime_is_dynamic_secure_element( lifetime ) )
-    {
-        /* Mbed Crypto currently always exposes the slot number to
-         * applications. This is not mandated by the PSA specification
-         * and may change in future versions. */
-        TEST_EQUAL( status, 0 );
-        TEST_ASSERT( slot_number != 0xec94d4a5058a1a21 );
-    }
-    else
-    {
-        TEST_EQUAL( status, PSA_ERROR_INVALID_ARGUMENT );
-    }
-#endif
-
-    /* Type and size */
-    TEST_ASSERT( type != 0 );
-    TEST_ASSERT( bits != 0 );
-    TEST_ASSERT( bits <= PSA_MAX_KEY_BITS );
-    if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) )
-        TEST_ASSERT( bits % 8 == 0 );
-
-    /* MAX macros concerning specific key types */
-    if( PSA_KEY_TYPE_IS_ECC( type ) )
-        TEST_ASSERT( bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS );
-    else if( PSA_KEY_TYPE_IS_RSA( type ) )
-        TEST_ASSERT( bits <= PSA_VENDOR_RSA_MAX_KEY_BITS );
-    TEST_ASSERT( PSA_BLOCK_CIPHER_BLOCK_SIZE( type ) <= PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE );
-
-    ok = 1;
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    return( ok );
-}
-
-int exercise_mac_setup( psa_key_type_t key_type,
-                        const unsigned char *key_bytes,
-                        size_t key_length,
-                        psa_algorithm_t alg,
-                        psa_mac_operation_t *operation,
-                        psa_status_t *status )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-    PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length, &key ) );
-
-    *status = psa_mac_sign_setup( operation, key, alg );
-    /* Whether setup succeeded or failed, abort must succeed. */
-    PSA_ASSERT( psa_mac_abort( operation ) );
-    /* If setup failed, reproduce the failure, so that the caller can
-     * test the resulting state of the operation object. */
-    if( *status != PSA_SUCCESS )
-    {
-        TEST_EQUAL( psa_mac_sign_setup( operation, key, alg ), *status );
-    }
-
-    psa_destroy_key( key );
-    return( 1 );
-
-exit:
-    psa_destroy_key( key );
-    return( 0 );
-}
-
-int exercise_cipher_setup( psa_key_type_t key_type,
-                           const unsigned char *key_bytes,
-                           size_t key_length,
-                           psa_algorithm_t alg,
-                           psa_cipher_operation_t *operation,
-                           psa_status_t *status )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-    PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length, &key ) );
-
-    *status = psa_cipher_encrypt_setup( operation, key, alg );
-    /* Whether setup succeeded or failed, abort must succeed. */
-    PSA_ASSERT( psa_cipher_abort( operation ) );
-    /* If setup failed, reproduce the failure, so that the caller can
-     * test the resulting state of the operation object. */
-    if( *status != PSA_SUCCESS )
-    {
-        TEST_EQUAL( psa_cipher_encrypt_setup( operation, key, alg ),
-                    *status );
-    }
-
-    psa_destroy_key( key );
-    return( 1 );
-
-exit:
-    psa_destroy_key( key );
-    return( 0 );
-}
-
-static int exercise_mac_key( mbedtls_svc_key_id_t key,
-                             psa_key_usage_t usage,
-                             psa_algorithm_t alg )
-{
-    psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
-    const unsigned char input[] = "foo";
-    unsigned char mac[PSA_MAC_MAX_SIZE] = {0};
-    size_t mac_length = sizeof( mac );
-
-    if( usage & PSA_KEY_USAGE_SIGN_HASH )
-    {
-        PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
-        PSA_ASSERT( psa_mac_update( &operation,
-                                    input, sizeof( input ) ) );
-        PSA_ASSERT( psa_mac_sign_finish( &operation,
-                                         mac, sizeof( mac ),
-                                         &mac_length ) );
-    }
-
-    if( usage & PSA_KEY_USAGE_VERIFY_HASH )
-    {
-        psa_status_t verify_status =
-            ( usage & PSA_KEY_USAGE_SIGN_HASH ?
-              PSA_SUCCESS :
-              PSA_ERROR_INVALID_SIGNATURE );
-        PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
-        PSA_ASSERT( psa_mac_update( &operation,
-                                    input, sizeof( input ) ) );
-        TEST_EQUAL( psa_mac_verify_finish( &operation, mac, mac_length ),
-                    verify_status );
-    }
-
-    return( 1 );
-
-exit:
-    psa_mac_abort( &operation );
-    return( 0 );
-}
-
-static int exercise_cipher_key( mbedtls_svc_key_id_t key,
-                                psa_key_usage_t usage,
-                                psa_algorithm_t alg )
-{
-    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
-    unsigned char iv[16] = {0};
-    size_t iv_length = sizeof( iv );
-    const unsigned char plaintext[16] = "Hello, world...";
-    unsigned char ciphertext[32] = "(wabblewebblewibblewobblewubble)";
-    size_t ciphertext_length = sizeof( ciphertext );
-    unsigned char decrypted[sizeof( ciphertext )];
-    size_t part_length;
-
-    if( usage & PSA_KEY_USAGE_ENCRYPT )
-    {
-        PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
-        PSA_ASSERT( psa_cipher_generate_iv( &operation,
-                                            iv, sizeof( iv ),
-                                            &iv_length ) );
-        PSA_ASSERT( psa_cipher_update( &operation,
-                                       plaintext, sizeof( plaintext ),
-                                       ciphertext, sizeof( ciphertext ),
-                                       &ciphertext_length ) );
-        PSA_ASSERT( psa_cipher_finish( &operation,
-                                       ciphertext + ciphertext_length,
-                                       sizeof( ciphertext ) - ciphertext_length,
-                                       &part_length ) );
-        ciphertext_length += part_length;
-    }
-
-    if( usage & PSA_KEY_USAGE_DECRYPT )
-    {
-        psa_status_t status;
-        int maybe_invalid_padding = 0;
-        if( ! ( usage & PSA_KEY_USAGE_ENCRYPT ) )
-        {
-            psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-            PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
-            /* This should be PSA_CIPHER_GET_IV_SIZE but the API doesn't
-             * have this macro yet. */
-            iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE(
-                psa_get_key_type( &attributes ) );
-            maybe_invalid_padding = ! PSA_ALG_IS_STREAM_CIPHER( alg );
-            psa_reset_key_attributes( &attributes );
-        }
-        PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
-        PSA_ASSERT( psa_cipher_set_iv( &operation,
-                                       iv, iv_length ) );
-        PSA_ASSERT( psa_cipher_update( &operation,
-                                       ciphertext, ciphertext_length,
-                                       decrypted, sizeof( decrypted ),
-                                       &part_length ) );
-        status = psa_cipher_finish( &operation,
-                                    decrypted + part_length,
-                                    sizeof( decrypted ) - part_length,
-                                    &part_length );
-        /* For a stream cipher, all inputs are valid. For a block cipher,
-         * if the input is some aribtrary data rather than an actual
-         ciphertext, a padding error is likely.  */
-        if( maybe_invalid_padding )
-            TEST_ASSERT( status == PSA_SUCCESS ||
-                         status == PSA_ERROR_INVALID_PADDING );
-        else
-            PSA_ASSERT( status );
-    }
-
-    return( 1 );
-
-exit:
-    psa_cipher_abort( &operation );
-    return( 0 );
-}
-
-static int exercise_aead_key( mbedtls_svc_key_id_t key,
-                              psa_key_usage_t usage,
-                              psa_algorithm_t alg )
-{
-    unsigned char nonce[16] = {0};
-    size_t nonce_length = sizeof( nonce );
-    unsigned char plaintext[16] = "Hello, world...";
-    unsigned char ciphertext[48] = "(wabblewebblewibblewobblewubble)";
-    size_t ciphertext_length = sizeof( ciphertext );
-    size_t plaintext_length = sizeof( ciphertext );
-
-    if( usage & PSA_KEY_USAGE_ENCRYPT )
-    {
-        PSA_ASSERT( psa_aead_encrypt( key, alg,
-                                      nonce, nonce_length,
-                                      NULL, 0,
-                                      plaintext, sizeof( plaintext ),
-                                      ciphertext, sizeof( ciphertext ),
-                                      &ciphertext_length ) );
-    }
-
-    if( usage & PSA_KEY_USAGE_DECRYPT )
-    {
-        psa_status_t verify_status =
-            ( usage & PSA_KEY_USAGE_ENCRYPT ?
-              PSA_SUCCESS :
-              PSA_ERROR_INVALID_SIGNATURE );
-        TEST_EQUAL( psa_aead_decrypt( key, alg,
-                                      nonce, nonce_length,
-                                      NULL, 0,
-                                      ciphertext, ciphertext_length,
-                                      plaintext, sizeof( plaintext ),
-                                      &plaintext_length ),
-                    verify_status );
-    }
-
-    return( 1 );
-
-exit:
-    return( 0 );
-}
-
-static int exercise_signature_key( mbedtls_svc_key_id_t key,
-                                   psa_key_usage_t usage,
-                                   psa_algorithm_t alg )
-{
-    unsigned char payload[PSA_HASH_MAX_SIZE] = {1};
-    size_t payload_length = 16;
-    unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = {0};
-    size_t signature_length = sizeof( signature );
-    psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
-
-    /* If the policy allows signing with any hash, just pick one. */
-    if( PSA_ALG_IS_HASH_AND_SIGN( alg ) && hash_alg == PSA_ALG_ANY_HASH )
-    {
-#if defined(KNOWN_SUPPORTED_HASH_ALG)
-        hash_alg = KNOWN_SUPPORTED_HASH_ALG;
-        alg ^= PSA_ALG_ANY_HASH ^ hash_alg;
-#else
-        test_fail( "No hash algorithm for hash-and-sign testing", __LINE__, __FILE__ );
-        return( 1 );
-#endif
-    }
-
-    if( usage & PSA_KEY_USAGE_SIGN_HASH )
-    {
-        /* Some algorithms require the payload to have the size of
-         * the hash encoded in the algorithm. Use this input size
-         * even for algorithms that allow other input sizes. */
-        if( hash_alg != 0 )
-            payload_length = PSA_HASH_SIZE( hash_alg );
-        PSA_ASSERT( psa_sign_hash( key, alg,
-                                   payload, payload_length,
-                                   signature, sizeof( signature ),
-                                   &signature_length ) );
-    }
-
-    if( usage & PSA_KEY_USAGE_VERIFY_HASH )
-    {
-        psa_status_t verify_status =
-            ( usage & PSA_KEY_USAGE_SIGN_HASH ?
-              PSA_SUCCESS :
-              PSA_ERROR_INVALID_SIGNATURE );
-        TEST_EQUAL( psa_verify_hash( key, alg,
-                                     payload, payload_length,
-                                     signature, signature_length ),
-                    verify_status );
-    }
-
-    return( 1 );
-
-exit:
-    return( 0 );
-}
-
-static int exercise_asymmetric_encryption_key( mbedtls_svc_key_id_t key,
-                                               psa_key_usage_t usage,
-                                               psa_algorithm_t alg )
-{
-    unsigned char plaintext[256] = "Hello, world...";
-    unsigned char ciphertext[256] = "(wabblewebblewibblewobblewubble)";
-    size_t ciphertext_length = sizeof( ciphertext );
-    size_t plaintext_length = 16;
-
-    if( usage & PSA_KEY_USAGE_ENCRYPT )
-    {
-        PSA_ASSERT( psa_asymmetric_encrypt( key, alg,
-                                            plaintext, plaintext_length,
-                                            NULL, 0,
-                                            ciphertext, sizeof( ciphertext ),
-                                            &ciphertext_length ) );
-    }
-
-    if( usage & PSA_KEY_USAGE_DECRYPT )
-    {
-        psa_status_t status =
-            psa_asymmetric_decrypt( key, alg,
-                                    ciphertext, ciphertext_length,
-                                    NULL, 0,
-                                    plaintext, sizeof( plaintext ),
-                                    &plaintext_length );
-        TEST_ASSERT( status == PSA_SUCCESS ||
-                     ( ( usage & PSA_KEY_USAGE_ENCRYPT ) == 0 &&
-                       ( status == PSA_ERROR_INVALID_ARGUMENT ||
-                         status == PSA_ERROR_INVALID_PADDING ) ) );
-    }
-
-    return( 1 );
-
-exit:
-    return( 0 );
-}
-
-static int setup_key_derivation_wrap( psa_key_derivation_operation_t* operation,
-                                      mbedtls_svc_key_id_t key,
-                                      psa_algorithm_t alg,
-                                      unsigned char* input1, size_t input1_length,
-                                      unsigned char* input2, size_t input2_length,
-                                      size_t capacity )
-{
-    PSA_ASSERT( psa_key_derivation_setup( operation, alg ) );
-    if( PSA_ALG_IS_HKDF( alg ) )
-    {
-        PSA_ASSERT( psa_key_derivation_input_bytes( operation,
-                                                    PSA_KEY_DERIVATION_INPUT_SALT,
-                                                    input1, input1_length ) );
-        PSA_ASSERT( psa_key_derivation_input_key( operation,
-                                                  PSA_KEY_DERIVATION_INPUT_SECRET,
-                                                  key ) );
-        PSA_ASSERT( psa_key_derivation_input_bytes( operation,
-                                                    PSA_KEY_DERIVATION_INPUT_INFO,
-                                                    input2,
-                                                    input2_length ) );
-    }
-    else if( PSA_ALG_IS_TLS12_PRF( alg ) ||
-             PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) )
-    {
-        PSA_ASSERT( psa_key_derivation_input_bytes( operation,
-                                                    PSA_KEY_DERIVATION_INPUT_SEED,
-                                                    input1, input1_length ) );
-        PSA_ASSERT( psa_key_derivation_input_key( operation,
-                                                  PSA_KEY_DERIVATION_INPUT_SECRET,
-                                                  key ) );
-        PSA_ASSERT( psa_key_derivation_input_bytes( operation,
-                                                    PSA_KEY_DERIVATION_INPUT_LABEL,
-                                                    input2, input2_length ) );
-    }
-    else
-    {
-        TEST_ASSERT( ! "Key derivation algorithm not supported" );
-    }
-
-    if( capacity != SIZE_MAX )
-        PSA_ASSERT( psa_key_derivation_set_capacity( operation, capacity ) );
-
-    return( 1 );
-
-exit:
-    return( 0 );
-}
-
-
-static int exercise_key_derivation_key( mbedtls_svc_key_id_t key,
-                                        psa_key_usage_t usage,
-                                        psa_algorithm_t alg )
-{
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-    unsigned char input1[] = "Input 1";
-    size_t input1_length = sizeof( input1 );
-    unsigned char input2[] = "Input 2";
-    size_t input2_length = sizeof( input2 );
-    unsigned char output[1];
-    size_t capacity = sizeof( output );
-
-    if( usage & PSA_KEY_USAGE_DERIVE )
-    {
-        if( !setup_key_derivation_wrap( &operation, key, alg,
-                                        input1, input1_length,
-                                        input2, input2_length, capacity ) )
-            goto exit;
-
-        PSA_ASSERT( psa_key_derivation_output_bytes( &operation,
-                                                     output,
-                                                     capacity ) );
-        PSA_ASSERT( psa_key_derivation_abort( &operation ) );
-    }
-
-    return( 1 );
-
-exit:
-    return( 0 );
-}
-
-/* We need two keys to exercise key agreement. Exercise the
- * private key against its own public key. */
-static psa_status_t key_agreement_with_self(
-    psa_key_derivation_operation_t *operation,
-    mbedtls_svc_key_id_t key )
-{
-    psa_key_type_t private_key_type;
-    psa_key_type_t public_key_type;
-    size_t key_bits;
-    uint8_t *public_key = NULL;
-    size_t public_key_length;
-    /* Return GENERIC_ERROR if something other than the final call to
-     * psa_key_derivation_key_agreement fails. This isn't fully satisfactory,
-     * but it's good enough: callers will report it as a failed test anyway. */
-    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
-    private_key_type = psa_get_key_type( &attributes );
-    key_bits = psa_get_key_bits( &attributes );
-    public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type );
-    public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits );
-    ASSERT_ALLOC( public_key, public_key_length );
-    PSA_ASSERT( psa_export_public_key( key, public_key, public_key_length,
-                                       &public_key_length ) );
-
-    status = psa_key_derivation_key_agreement(
-        operation, PSA_KEY_DERIVATION_INPUT_SECRET, key,
-        public_key, public_key_length );
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    mbedtls_free( public_key );
-    return( status );
-}
-
-/* We need two keys to exercise key agreement. Exercise the
- * private key against its own public key. */
-static psa_status_t raw_key_agreement_with_self( psa_algorithm_t alg,
-                                                 mbedtls_svc_key_id_t key )
-{
-    psa_key_type_t private_key_type;
-    psa_key_type_t public_key_type;
-    size_t key_bits;
-    uint8_t *public_key = NULL;
-    size_t public_key_length;
-    uint8_t output[1024];
-    size_t output_length;
-    /* Return GENERIC_ERROR if something other than the final call to
-     * psa_key_derivation_key_agreement fails. This isn't fully satisfactory,
-     * but it's good enough: callers will report it as a failed test anyway. */
-    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
-    private_key_type = psa_get_key_type( &attributes );
-    key_bits = psa_get_key_bits( &attributes );
-    public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type );
-    public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits );
-    ASSERT_ALLOC( public_key, public_key_length );
-    PSA_ASSERT( psa_export_public_key( key,
-                                       public_key, public_key_length,
-                                       &public_key_length ) );
-
-    status = psa_raw_key_agreement( alg, key,
-                                    public_key, public_key_length,
-                                    output, sizeof( output ), &output_length );
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    mbedtls_free( public_key );
-    return( status );
-}
-
-static int exercise_raw_key_agreement_key( mbedtls_svc_key_id_t key,
-                                           psa_key_usage_t usage,
-                                           psa_algorithm_t alg )
-{
-    int ok = 0;
-
-    if( usage & PSA_KEY_USAGE_DERIVE )
-    {
-        /* We need two keys to exercise key agreement. Exercise the
-         * private key against its own public key. */
-        PSA_ASSERT( raw_key_agreement_with_self( alg, key ) );
-    }
-    ok = 1;
-
-exit:
-    return( ok );
-}
-
-static int exercise_key_agreement_key( mbedtls_svc_key_id_t key,
-                                       psa_key_usage_t usage,
-                                       psa_algorithm_t alg )
-{
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-    unsigned char output[1];
-    int ok = 0;
-
-    if( usage & PSA_KEY_USAGE_DERIVE )
-    {
-        /* We need two keys to exercise key agreement. Exercise the
-         * private key against its own public key. */
-        PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) );
-        PSA_ASSERT( key_agreement_with_self( &operation, key ) );
-        PSA_ASSERT( psa_key_derivation_output_bytes( &operation,
-                                                     output,
-                                                     sizeof( output ) ) );
-        PSA_ASSERT( psa_key_derivation_abort( &operation ) );
-    }
-    ok = 1;
-
-exit:
-    return( ok );
-}
-
-int asn1_skip_integer( unsigned char **p, const unsigned char *end,
-                       size_t min_bits, size_t max_bits,
-                       int must_be_odd )
-{
-    size_t len;
-    size_t actual_bits;
-    unsigned char msb;
-    TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len,
-                                      MBEDTLS_ASN1_INTEGER ),
-                0 );
-
-    /* Check if the retrieved length doesn't extend the actual buffer's size.
-     * It is assumed here, that end >= p, which validates casting to size_t. */
-    TEST_ASSERT( len <= (size_t)( end - *p) );
-
-    /* Tolerate a slight departure from DER encoding:
-     * - 0 may be represented by an empty string or a 1-byte string.
-     * - The sign bit may be used as a value bit. */
-    if( ( len == 1 && ( *p )[0] == 0 ) ||
-        ( len > 1 && ( *p )[0] == 0 && ( ( *p )[1] & 0x80 ) != 0 ) )
-    {
-        ++( *p );
-        --len;
-    }
-    if( min_bits == 0 && len == 0 )
-        return( 1 );
-    msb = ( *p )[0];
-    TEST_ASSERT( msb != 0 );
-    actual_bits = 8 * ( len - 1 );
-    while( msb != 0 )
-    {
-        msb >>= 1;
-        ++actual_bits;
-    }
-    TEST_ASSERT( actual_bits >= min_bits );
-    TEST_ASSERT( actual_bits <= max_bits );
-    if( must_be_odd )
-        TEST_ASSERT( ( ( *p )[len-1] & 1 ) != 0 );
-    *p += len;
-    return( 1 );
-exit:
-    return( 0 );
-}
-
-static int exported_key_sanity_check( psa_key_type_t type, size_t bits,
-                                      uint8_t *exported, size_t exported_length )
-{
-    if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) )
-        TEST_EQUAL( exported_length, ( bits + 7 ) / 8 );
-    else
-        TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, bits ) );
-
-#if defined(MBEDTLS_DES_C)
-    if( type == PSA_KEY_TYPE_DES )
-    {
-        /* Check the parity bits. */
-        unsigned i;
-        for( i = 0; i < bits / 8; i++ )
-        {
-            unsigned bit_count = 0;
-            unsigned m;
-            for( m = 1; m <= 0x100; m <<= 1 )
-            {
-                if( exported[i] & m )
-                    ++bit_count;
-            }
-            TEST_ASSERT( bit_count % 2 != 0 );
-        }
-    }
-    else
-#endif
-
-#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C)
-    if( type == PSA_KEY_TYPE_RSA_KEY_PAIR )
-    {
-        uint8_t *p = exported;
-        uint8_t *end = exported + exported_length;
-        size_t len;
-        /*   RSAPrivateKey ::= SEQUENCE {
-         *       version             INTEGER,  -- must be 0
-         *       modulus             INTEGER,  -- n
-         *       publicExponent      INTEGER,  -- e
-         *       privateExponent     INTEGER,  -- d
-         *       prime1              INTEGER,  -- p
-         *       prime2              INTEGER,  -- q
-         *       exponent1           INTEGER,  -- d mod (p-1)
-         *       exponent2           INTEGER,  -- d mod (q-1)
-         *       coefficient         INTEGER,  -- (inverse of q) mod p
-         *   }
-         */
-        TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len,
-                                          MBEDTLS_ASN1_SEQUENCE |
-                                          MBEDTLS_ASN1_CONSTRUCTED ), 0 );
-        TEST_EQUAL( p + len, end );
-        if( ! asn1_skip_integer( &p, end, 0, 0, 0 ) )
-            goto exit;
-        if( ! asn1_skip_integer( &p, end, bits, bits, 1 ) )
-            goto exit;
-        if( ! asn1_skip_integer( &p, end, 2, bits, 1 ) )
-            goto exit;
-        /* Require d to be at least half the size of n. */
-        if( ! asn1_skip_integer( &p, end, bits / 2, bits, 1 ) )
-            goto exit;
-        /* Require p and q to be at most half the size of n, rounded up. */
-        if( ! asn1_skip_integer( &p, end, bits / 2, bits / 2 + 1, 1 ) )
-            goto exit;
-        if( ! asn1_skip_integer( &p, end, bits / 2, bits / 2 + 1, 1 ) )
-            goto exit;
-        if( ! asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) )
-            goto exit;
-        if( ! asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) )
-            goto exit;
-        if( ! asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) )
-            goto exit;
-        TEST_EQUAL( p, end );
-    }
-    else
-#endif /* MBEDTLS_RSA_C */
-
-#if defined(MBEDTLS_ECP_C)
-    if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) )
-    {
-        /* Just the secret value */
-        TEST_EQUAL( exported_length, PSA_BITS_TO_BYTES( bits ) );
-    }
-    else
-#endif /* MBEDTLS_ECP_C */
-
-    if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
-    {
-        uint8_t *p = exported;
-        uint8_t *end = exported + exported_length;
-#if defined(MBEDTLS_RSA_C)
-        if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY )
-        {
-            size_t len;
-            /*   RSAPublicKey ::= SEQUENCE {
-             *      modulus            INTEGER,    -- n
-             *      publicExponent     INTEGER  }  -- e
-             */
-            TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len,
-                                              MBEDTLS_ASN1_SEQUENCE |
-                                              MBEDTLS_ASN1_CONSTRUCTED ),
-                        0 );
-            TEST_EQUAL( p + len, end );
-            if( ! asn1_skip_integer( &p, end, bits, bits, 1 ) )
-                goto exit;
-            if( ! asn1_skip_integer( &p, end, 2, bits, 1 ) )
-                goto exit;
-            TEST_EQUAL( p, end );
-        }
-        else
-#endif /* MBEDTLS_RSA_C */
-#if defined(MBEDTLS_ECP_C)
-        if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) )
-        {
-            if( PSA_KEY_TYPE_ECC_GET_FAMILY( type ) == PSA_ECC_FAMILY_MONTGOMERY )
-            {
-                /* The representation of an ECC Montgomery public key is
-                 * the raw compressed point */
-                 TEST_EQUAL( p + PSA_BITS_TO_BYTES( bits ), end );
-            }
-            else
-            {
-                /* The representation of an ECC Weierstrass public key is:
-                 *      - The byte 0x04;
-                 *      - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
-                 *      - `y_P` as a `ceiling(m/8)`-byte string, big-endian;
-                 *      - where m is the bit size associated with the curve.
-                 */
-                TEST_EQUAL( p + 1 + 2 * PSA_BITS_TO_BYTES( bits ), end );
-                TEST_EQUAL( p[0], 4 );
-            }
-        }
-        else
-#endif /* MBEDTLS_ECP_C */
-        {
-            char message[47];
-            mbedtls_snprintf( message, sizeof( message ),
-                              "No sanity check for public key type=0x%08lx",
-                              (unsigned long) type );
-            test_fail( message, __LINE__, __FILE__ );
-            (void) p;
-            (void) end;
-            return( 0 );
-        }
-    }
-    else
-
-    {
-        /* No sanity checks for other types */
-    }
-
-    return( 1 );
-
-exit:
-    return( 0 );
-}
-
-static int exercise_export_key( mbedtls_svc_key_id_t key,
-                                psa_key_usage_t usage )
-{
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    uint8_t *exported = NULL;
-    size_t exported_size = 0;
-    size_t exported_length = 0;
-    int ok = 0;
-
-    PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
-
-    if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 &&
-        ! PSA_KEY_TYPE_IS_PUBLIC_KEY( psa_get_key_type( &attributes ) ) )
-    {
-        TEST_EQUAL( psa_export_key( key, NULL, 0, &exported_length ),
-                    PSA_ERROR_NOT_PERMITTED );
-        ok = 1;
-        goto exit;
-    }
-
-    exported_size = PSA_KEY_EXPORT_MAX_SIZE( psa_get_key_type( &attributes ),
-                                             psa_get_key_bits( &attributes ) );
-    ASSERT_ALLOC( exported, exported_size );
-
-    PSA_ASSERT( psa_export_key( key,
-                                exported, exported_size,
-                                &exported_length ) );
-    ok = exported_key_sanity_check( psa_get_key_type( &attributes ),
-                                    psa_get_key_bits( &attributes ),
-                                    exported, exported_length );
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    mbedtls_free( exported );
-    return( ok );
-}
-
-static int exercise_export_public_key( mbedtls_svc_key_id_t key )
-{
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_type_t public_type;
-    uint8_t *exported = NULL;
-    size_t exported_size = 0;
-    size_t exported_length = 0;
-    int ok = 0;
-
-    PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
-    if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( psa_get_key_type( &attributes ) ) )
-    {
-        TEST_EQUAL( psa_export_public_key( key, NULL, 0, &exported_length ),
-                    PSA_ERROR_INVALID_ARGUMENT );
-        return( 1 );
-    }
-
-    public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(
-        psa_get_key_type( &attributes ) );
-    exported_size = PSA_KEY_EXPORT_MAX_SIZE( public_type,
-                                             psa_get_key_bits( &attributes ) );
-    ASSERT_ALLOC( exported, exported_size );
-
-    PSA_ASSERT( psa_export_public_key( key,
-                                       exported, exported_size,
-                                       &exported_length ) );
-    ok = exported_key_sanity_check( public_type,
-                                    psa_get_key_bits( &attributes ),
-                                    exported, exported_length );
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    mbedtls_free( exported );
-    return( ok );
-}
-
-/** Do smoke tests on a key.
- *
- * Perform one of each operation indicated by \p alg (decrypt/encrypt,
- * sign/verify, or derivation) that is permitted according to \p usage.
- * \p usage and \p alg should correspond to the expected policy on the
- * key.
- *
- * Export the key if permitted by \p usage, and check that the output
- * looks sensible. If \p usage forbids export, check that
- * \p psa_export_key correctly rejects the attempt. If the key is
- * asymmetric, also check \p psa_export_public_key.
- *
- * If the key fails the tests, this function calls the test framework's
- * `test_fail` function and returns false. Otherwise this function returns
- * true. Therefore it should be used as follows:
- * ```
- * if( ! exercise_key( ... ) ) goto exit;
- * ```
- *
- * \param key       The key to exercise. It should be capable of performing
- *                  \p alg.
- * \param usage     The usage flags to assume.
- * \param alg       The algorithm to exercise.
- *
- * \retval 0 The key failed the smoke tests.
- * \retval 1 The key passed the smoke tests.
- */
-static int exercise_key( mbedtls_svc_key_id_t key,
-                         psa_key_usage_t usage,
-                         psa_algorithm_t alg )
-{
-    int ok;
-
-    if( ! check_key_attributes_sanity( key ) )
-        return( 0 );
-
-    if( alg == 0 )
-        ok = 1; /* If no algorihm, do nothing (used for raw data "keys"). */
-    else if( PSA_ALG_IS_MAC( alg ) )
-        ok = exercise_mac_key( key, usage, alg );
-    else if( PSA_ALG_IS_CIPHER( alg ) )
-        ok = exercise_cipher_key( key, usage, alg );
-    else if( PSA_ALG_IS_AEAD( alg ) )
-        ok = exercise_aead_key( key, usage, alg );
-    else if( PSA_ALG_IS_SIGN( alg ) )
-        ok = exercise_signature_key( key, usage, alg );
-    else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) )
-        ok = exercise_asymmetric_encryption_key( key, usage, alg );
-    else if( PSA_ALG_IS_KEY_DERIVATION( alg ) )
-        ok = exercise_key_derivation_key( key, usage, alg );
-    else if( PSA_ALG_IS_RAW_KEY_AGREEMENT( alg ) )
-        ok = exercise_raw_key_agreement_key( key, usage, alg );
-    else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) )
-        ok = exercise_key_agreement_key( key, usage, alg );
-    else
-    {
-        char message[40];
-        mbedtls_snprintf( message, sizeof( message ),
-                          "No code to exercise alg=0x%08lx",
-                          (unsigned long) alg );
-        test_fail( message, __LINE__, __FILE__ );
-        ok = 0;
-    }
-
-    ok = ok && exercise_export_key( key, usage );
-    ok = ok && exercise_export_public_key( key );
-
-    return( ok );
-}
-
-static psa_key_usage_t usage_to_exercise( psa_key_type_t type,
-                                          psa_algorithm_t alg )
-{
-    if( PSA_ALG_IS_MAC( alg ) || PSA_ALG_IS_SIGN( alg ) )
-    {
-        return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ?
-                PSA_KEY_USAGE_VERIFY_HASH :
-                PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH );
-    }
-    else if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) ||
-             PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) )
-    {
-        return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ?
-                PSA_KEY_USAGE_ENCRYPT :
-                PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
-    }
-    else if( PSA_ALG_IS_KEY_DERIVATION( alg ) ||
-             PSA_ALG_IS_KEY_AGREEMENT( alg ) )
-    {
-        return( PSA_KEY_USAGE_DERIVE );
-    }
-    else
-    {
-        return( 0 );
-    }
-
-}
-
-static int test_operations_on_invalid_key( mbedtls_svc_key_id_t key )
-{
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 0x6964 );
-    uint8_t buffer[1];
-    size_t length;
-    int ok = 0;
-
-    psa_set_key_id( &attributes, key_id );
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
-    psa_set_key_algorithm( &attributes, PSA_ALG_CTR );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_AES );
-    TEST_EQUAL( psa_get_key_attributes( key, &attributes ),
-                PSA_ERROR_DOES_NOT_EXIST );
-    TEST_EQUAL(
-        MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 );
-    TEST_EQUAL(
-        MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psa_get_key_id( &attributes ) ), 0 );
-    TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 );
-    TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 );
-    TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
-    TEST_EQUAL( psa_get_key_type( &attributes ), 0 );
-    TEST_EQUAL( psa_get_key_bits( &attributes ), 0 );
-
-    TEST_EQUAL( psa_export_key( key, buffer, sizeof( buffer ), &length ),
-                PSA_ERROR_DOES_NOT_EXIST );
-    TEST_EQUAL( psa_export_public_key( key,
-                                       buffer, sizeof( buffer ), &length ),
-                PSA_ERROR_DOES_NOT_EXIST );
-
-    ok = 1;
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    return( ok );
-}
-
-/* Assert that a key isn't reported as having a slot number. */
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-#define ASSERT_NO_SLOT_NUMBER( attributes )                             \
-    do                                                                  \
-    {                                                                   \
-        psa_key_slot_number_t ASSERT_NO_SLOT_NUMBER_slot_number;        \
-        TEST_EQUAL( psa_get_key_slot_number(                            \
-                        attributes,                                     \
-                        &ASSERT_NO_SLOT_NUMBER_slot_number ),           \
-                    PSA_ERROR_INVALID_ARGUMENT );                       \
-    }                                                                   \
-    while( 0 )
-#else /* MBEDTLS_PSA_CRYPTO_SE_C */
-#define ASSERT_NO_SLOT_NUMBER( attributes )     \
-    ( (void) 0 )
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-
-/* An overapproximation of the amount of storage needed for a key of the
- * given type and with the given content. The API doesn't make it easy
- * to find a good value for the size. The current implementation doesn't
- * care about the value anyway. */
-#define KEY_BITS_FROM_DATA( type, data )        \
-    ( data )->len
-
-typedef enum {
-    IMPORT_KEY = 0,
-    GENERATE_KEY = 1,
-    DERIVE_KEY = 2
-} generate_method;
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PSA_CRYPTO_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void static_checks( )
-{
-    size_t max_truncated_mac_size =
-        PSA_ALG_MAC_TRUNCATION_MASK >> PSA_MAC_TRUNCATION_OFFSET;
-
-    /* Check that the length for a truncated MAC always fits in the algorithm
-     * encoding. The shifted mask is the maximum truncated value. The
-     * untruncated algorithm may be one byte larger. */
-    TEST_ASSERT( PSA_MAC_MAX_SIZE <= 1 + max_truncated_mac_size );
-
-#if defined(MBEDTLS_TEST_DEPRECATED)
-    /* Check deprecated constants. */
-    TEST_EQUAL( PSA_ERROR_UNKNOWN_ERROR, PSA_ERROR_GENERIC_ERROR );
-    TEST_EQUAL( PSA_ERROR_OCCUPIED_SLOT, PSA_ERROR_ALREADY_EXISTS );
-    TEST_EQUAL( PSA_ERROR_EMPTY_SLOT, PSA_ERROR_DOES_NOT_EXIST );
-    TEST_EQUAL( PSA_ERROR_INSUFFICIENT_CAPACITY, PSA_ERROR_INSUFFICIENT_DATA );
-    TEST_EQUAL( PSA_ERROR_TAMPERING_DETECTED, PSA_ERROR_CORRUPTION_DETECTED );
-    TEST_EQUAL( PSA_KEY_USAGE_SIGN, PSA_KEY_USAGE_SIGN_HASH );
-    TEST_EQUAL( PSA_KEY_USAGE_VERIFY, PSA_KEY_USAGE_VERIFY_HASH );
-    TEST_EQUAL( PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE, PSA_SIGNATURE_MAX_SIZE );
-
-    TEST_EQUAL( PSA_ECC_CURVE_SECP160K1, PSA_ECC_FAMILY_SECP_K1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECP192K1, PSA_ECC_FAMILY_SECP_K1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECP224K1, PSA_ECC_FAMILY_SECP_K1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECP256K1, PSA_ECC_FAMILY_SECP_K1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECP160R1, PSA_ECC_FAMILY_SECP_R1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECP192R1, PSA_ECC_FAMILY_SECP_R1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECP224R1, PSA_ECC_FAMILY_SECP_R1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECP256R1, PSA_ECC_FAMILY_SECP_R1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECP384R1, PSA_ECC_FAMILY_SECP_R1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECP521R1, PSA_ECC_FAMILY_SECP_R1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECP160R2, PSA_ECC_FAMILY_SECP_R2 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECT163K1, PSA_ECC_FAMILY_SECT_K1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECT233K1, PSA_ECC_FAMILY_SECT_K1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECT239K1, PSA_ECC_FAMILY_SECT_K1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECT283K1, PSA_ECC_FAMILY_SECT_K1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECT409K1, PSA_ECC_FAMILY_SECT_K1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECT571K1, PSA_ECC_FAMILY_SECT_K1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECT163R1, PSA_ECC_FAMILY_SECT_R1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECT193R1, PSA_ECC_FAMILY_SECT_R1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECT233R1, PSA_ECC_FAMILY_SECT_R1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECT283R1, PSA_ECC_FAMILY_SECT_R1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECT409R1, PSA_ECC_FAMILY_SECT_R1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECT571R1, PSA_ECC_FAMILY_SECT_R1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECT163R2, PSA_ECC_FAMILY_SECT_R2 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECT193R2, PSA_ECC_FAMILY_SECT_R2 );
-    TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P256R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1 );
-    TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P384R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1 );
-    TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P512R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1 );
-    TEST_EQUAL( PSA_ECC_CURVE_CURVE25519, PSA_ECC_FAMILY_MONTGOMERY );
-    TEST_EQUAL( PSA_ECC_CURVE_CURVE448, PSA_ECC_FAMILY_MONTGOMERY );
-
-    TEST_EQUAL( PSA_ECC_CURVE_SECP_K1, PSA_ECC_FAMILY_SECP_K1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECP_R1, PSA_ECC_FAMILY_SECP_R1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECP_R2, PSA_ECC_FAMILY_SECP_R2 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECT_K1, PSA_ECC_FAMILY_SECT_K1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECT_R1, PSA_ECC_FAMILY_SECT_R1 );
-    TEST_EQUAL( PSA_ECC_CURVE_SECT_R2, PSA_ECC_FAMILY_SECT_R2 );
-    TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P_R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1 );
-    TEST_EQUAL( PSA_ECC_CURVE_MONTGOMERY, PSA_ECC_FAMILY_MONTGOMERY );
-
-    TEST_EQUAL( PSA_DH_GROUP_FFDHE2048, PSA_DH_FAMILY_RFC7919 );
-    TEST_EQUAL( PSA_DH_GROUP_FFDHE3072, PSA_DH_FAMILY_RFC7919 );
-    TEST_EQUAL( PSA_DH_GROUP_FFDHE4096, PSA_DH_FAMILY_RFC7919 );
-    TEST_EQUAL( PSA_DH_GROUP_FFDHE6144, PSA_DH_FAMILY_RFC7919 );
-    TEST_EQUAL( PSA_DH_GROUP_FFDHE8192, PSA_DH_FAMILY_RFC7919 );
-
-    TEST_EQUAL( PSA_DH_GROUP_RFC7919, PSA_DH_FAMILY_RFC7919 );
-    TEST_EQUAL( PSA_DH_GROUP_CUSTOM, PSA_DH_FAMILY_CUSTOM );
-#endif
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void attributes_set_get( int owner_id_arg, int id_arg, int lifetime_arg,
-                         int usage_flags_arg, int alg_arg,
-                         int type_arg, int bits_arg )
-{
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg );
-    psa_key_lifetime_t lifetime = lifetime_arg;
-    psa_key_usage_t usage_flags = usage_flags_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_key_type_t type = type_arg;
-    size_t bits = bits_arg;
-
-    TEST_EQUAL(
-        MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 );
-    TEST_EQUAL(
-        MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psa_get_key_id( &attributes ) ), 0 );
-    TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 );
-    TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 );
-    TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
-    TEST_EQUAL( psa_get_key_type( &attributes ), 0 );
-    TEST_EQUAL( psa_get_key_bits( &attributes ), 0 );
-
-    psa_set_key_id( &attributes, id );
-    psa_set_key_lifetime( &attributes, lifetime );
-    psa_set_key_usage_flags( &attributes, usage_flags );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, type );
-    psa_set_key_bits( &attributes, bits );
-
-    TEST_ASSERT( mbedtls_svc_key_id_equal(
-                     psa_get_key_id( &attributes ), id ) );
-    TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
-    TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
-    TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg );
-    TEST_EQUAL( psa_get_key_type( &attributes ), type );
-    TEST_EQUAL( psa_get_key_bits( &attributes ), bits );
-
-    psa_reset_key_attributes( &attributes );
-
-    TEST_EQUAL(
-        MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 );
-    TEST_EQUAL(
-        MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psa_get_key_id( &attributes ) ), 0 );
-    TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 );
-    TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 );
-    TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
-    TEST_EQUAL( psa_get_key_type( &attributes ), 0 );
-    TEST_EQUAL( psa_get_key_bits( &attributes ), 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void persistence_attributes( int id1_arg, int owner_id1_arg, int lifetime_arg,
-                             int id2_arg, int owner_id2_arg,
-                             int expected_id_arg, int expected_owner_id_arg,
-                             int expected_lifetime_arg )
-{
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    mbedtls_svc_key_id_t id1 =
-        mbedtls_svc_key_id_make( owner_id1_arg, id1_arg );
-    psa_key_lifetime_t lifetime = lifetime_arg;
-    mbedtls_svc_key_id_t id2 =
-        mbedtls_svc_key_id_make( owner_id2_arg, id2_arg );
-    mbedtls_svc_key_id_t expected_id =
-        mbedtls_svc_key_id_make( expected_owner_id_arg, expected_id_arg );
-    psa_key_lifetime_t expected_lifetime = expected_lifetime_arg;
-
-    if( id1_arg != -1 )
-        psa_set_key_id( &attributes, id1 );
-    if( lifetime_arg != -1 )
-        psa_set_key_lifetime( &attributes, lifetime );
-    if( id2_arg != -1 )
-        psa_set_key_id( &attributes, id2 );
-
-    TEST_ASSERT( mbedtls_svc_key_id_equal(
-                     psa_get_key_id( &attributes ), expected_id ) );
-    TEST_EQUAL( psa_get_key_lifetime( &attributes ), expected_lifetime );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_SE_C */
-void slot_number_attribute( )
-{
-    psa_key_slot_number_t slot_number = 0xdeadbeef;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    /* Initially, there is no slot number. */
-    TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ),
-                PSA_ERROR_INVALID_ARGUMENT );
-
-    /* Test setting a slot number. */
-    psa_set_key_slot_number( &attributes, 0 );
-    PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) );
-    TEST_EQUAL( slot_number, 0 );
-
-    /* Test changing the slot number. */
-    psa_set_key_slot_number( &attributes, 42 );
-    PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) );
-    TEST_EQUAL( slot_number, 42 );
-
-    /* Test clearing the slot number. */
-    psa_clear_key_slot_number( &attributes );
-    TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ),
-                PSA_ERROR_INVALID_ARGUMENT );
-
-    /* Clearing again should have no effect. */
-    psa_clear_key_slot_number( &attributes );
-    TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ),
-                PSA_ERROR_INVALID_ARGUMENT );
-
-    /* Test that reset clears the slot number. */
-    psa_set_key_slot_number( &attributes, 42 );
-    PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) );
-    TEST_EQUAL( slot_number, 42 );
-    psa_reset_key_attributes( &attributes );
-    TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ),
-                PSA_ERROR_INVALID_ARGUMENT );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void import_with_policy( int type_arg,
-                         int usage_arg, int alg_arg,
-                         int expected_status_arg )
-{
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT;
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t type = type_arg;
-    psa_key_usage_t usage = usage_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_status_t expected_status = expected_status_arg;
-    const uint8_t key_material[16] = {0};
-    psa_status_t status;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_type( &attributes, type );
-    psa_set_key_usage_flags( &attributes, usage );
-    psa_set_key_algorithm( &attributes, alg );
-
-    status = psa_import_key( &attributes,
-                             key_material, sizeof( key_material ),
-                             &key );
-    TEST_EQUAL( status, expected_status );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) );
-    TEST_EQUAL( psa_get_key_type( &got_attributes ), type );
-    TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), usage );
-    TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg );
-    ASSERT_NO_SLOT_NUMBER( &got_attributes );
-
-    PSA_ASSERT( psa_destroy_key( key ) );
-    test_operations_on_invalid_key( key );
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &got_attributes );
-
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void import_with_data( data_t *data, int type_arg,
-                       int attr_bits_arg,
-                       int expected_status_arg )
-{
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT;
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t type = type_arg;
-    size_t attr_bits = attr_bits_arg;
-    psa_status_t expected_status = expected_status_arg;
-    psa_status_t status;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_type( &attributes, type );
-    psa_set_key_bits( &attributes, attr_bits );
-
-    status = psa_import_key( &attributes, data->x, data->len, &key );
-    TEST_EQUAL( status, expected_status );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) );
-    TEST_EQUAL( psa_get_key_type( &got_attributes ), type );
-    if( attr_bits != 0 )
-        TEST_EQUAL( attr_bits, psa_get_key_bits( &got_attributes ) );
-    ASSERT_NO_SLOT_NUMBER( &got_attributes );
-
-    PSA_ASSERT( psa_destroy_key( key ) );
-    test_operations_on_invalid_key( key );
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &got_attributes );
-
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void import_large_key( int type_arg, int byte_size_arg,
-                       int expected_status_arg )
-{
-    psa_key_type_t type = type_arg;
-    size_t byte_size = byte_size_arg;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_status_t expected_status = expected_status_arg;
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_status_t status;
-    uint8_t *buffer = NULL;
-    size_t buffer_size = byte_size + 1;
-    size_t n;
-
-    /* It would be better to skip the test than fail it if the allocation
-     * fails, but the test framework doesn't support this yet. */
-    ASSERT_ALLOC( buffer, buffer_size );
-    memset( buffer, 'K', byte_size );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    /* Try importing the key */
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
-    psa_set_key_type( &attributes, type );
-    status = psa_import_key( &attributes, buffer, byte_size, &key );
-    TEST_EQUAL( status, expected_status );
-
-    if( status == PSA_SUCCESS )
-    {
-        PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
-        TEST_EQUAL( psa_get_key_type( &attributes ), type );
-        TEST_EQUAL( psa_get_key_bits( &attributes ),
-                    PSA_BYTES_TO_BITS( byte_size ) );
-        ASSERT_NO_SLOT_NUMBER( &attributes );
-        memset( buffer, 0, byte_size + 1 );
-        PSA_ASSERT( psa_export_key( key, buffer, byte_size, &n ) );
-        for( n = 0; n < byte_size; n++ )
-            TEST_EQUAL( buffer[n], 'K' );
-        for( n = byte_size; n < buffer_size; n++ )
-            TEST_EQUAL( buffer[n], 0 );
-    }
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    psa_destroy_key( key );
-    PSA_DONE( );
-    mbedtls_free( buffer );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    size_t bits = bits_arg;
-    psa_status_t expected_status = expected_status_arg;
-    psa_status_t status;
-    psa_key_type_t type =
-        keypair ? PSA_KEY_TYPE_RSA_KEY_PAIR : PSA_KEY_TYPE_RSA_PUBLIC_KEY;
-    size_t buffer_size = /* Slight overapproximations */
-        keypair ? bits * 9 / 16 + 80 : bits / 8 + 20;
-    unsigned char *buffer = NULL;
-    unsigned char *p;
-    int ret;
-    size_t length;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-    ASSERT_ALLOC( buffer, buffer_size );
-
-    TEST_ASSERT( ( ret = construct_fake_rsa_key( buffer, buffer_size, &p,
-                                                 bits, keypair ) ) >= 0 );
-    length = ret;
-
-    /* Try importing the key */
-    psa_set_key_type( &attributes, type );
-    status = psa_import_key( &attributes, p, length, &key );
-    TEST_EQUAL( status, expected_status );
-
-    if( status == PSA_SUCCESS )
-        PSA_ASSERT( psa_destroy_key( key ) );
-
-exit:
-    mbedtls_free( buffer );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void import_export( data_t *data,
-                    int type_arg,
-                    int usage_arg, int alg_arg,
-                    int expected_bits,
-                    int export_size_delta,
-                    int expected_export_status_arg,
-                    int canonical_input )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t type = type_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_status_t expected_export_status = expected_export_status_arg;
-    psa_status_t status;
-    unsigned char *exported = NULL;
-    unsigned char *reexported = NULL;
-    size_t export_size;
-    size_t exported_length = INVALID_EXPORT_LENGTH;
-    size_t reexported_length;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    export_size = (ptrdiff_t) data->len + export_size_delta;
-    ASSERT_ALLOC( exported, export_size );
-    if( ! canonical_input )
-        ASSERT_ALLOC( reexported, export_size );
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, usage_arg );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, type );
-
-    /* Import the key */
-    PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &key ) );
-
-    /* Test the key information */
-    PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) );
-    TEST_EQUAL( psa_get_key_type( &got_attributes ), type );
-    TEST_EQUAL( psa_get_key_bits( &got_attributes ), (size_t) expected_bits );
-    ASSERT_NO_SLOT_NUMBER( &got_attributes );
-
-    /* Export the key */
-    status = psa_export_key( key, exported, export_size, &exported_length );
-    TEST_EQUAL( status, expected_export_status );
-
-    /* The exported length must be set by psa_export_key() to a value between 0
-     * and export_size. On errors, the exported length must be 0. */
-    TEST_ASSERT( exported_length != INVALID_EXPORT_LENGTH );
-    TEST_ASSERT( status == PSA_SUCCESS || exported_length == 0 );
-    TEST_ASSERT( exported_length <= export_size );
-
-    TEST_ASSERT( mem_is_char( exported + exported_length, 0,
-                              export_size - exported_length ) );
-    if( status != PSA_SUCCESS )
-    {
-        TEST_EQUAL( exported_length, 0 );
-        goto destroy;
-    }
-
-    if( ! exercise_export_key( key, usage_arg ) )
-        goto exit;
-
-    if( canonical_input )
-        ASSERT_COMPARE( data->x, data->len, exported, exported_length );
-    else
-    {
-        mbedtls_svc_key_id_t key2 = MBEDTLS_SVC_KEY_ID_INIT;
-        PSA_ASSERT( psa_import_key( &attributes, exported, exported_length,
-                                    &key2 ) );
-        PSA_ASSERT( psa_export_key( key2,
-                                    reexported,
-                                    export_size,
-                                    &reexported_length ) );
-        ASSERT_COMPARE( exported, exported_length,
-                        reexported, reexported_length );
-        PSA_ASSERT( psa_destroy_key( key2 ) );
-    }
-    TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, psa_get_key_bits( &got_attributes ) ) );
-
-destroy:
-    /* Destroy the key */
-    PSA_ASSERT( psa_destroy_key( key ) );
-    test_operations_on_invalid_key( key );
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &got_attributes );
-
-    mbedtls_free( exported );
-    mbedtls_free( reexported );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void import_export_public_key( data_t *data,
-                               int type_arg,
-                               int alg_arg,
-                               int export_size_delta,
-                               int expected_export_status_arg,
-                               data_t *expected_public_key )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t type = type_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_status_t expected_export_status = expected_export_status_arg;
-    psa_status_t status;
-    unsigned char *exported = NULL;
-    size_t export_size = expected_public_key->len + export_size_delta;
-    size_t exported_length = INVALID_EXPORT_LENGTH;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, type );
-
-    /* Import the key */
-    PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &key ) );
-
-    /* Export the public key */
-    ASSERT_ALLOC( exported, export_size );
-    status = psa_export_public_key( key,
-                                    exported, export_size,
-                                    &exported_length );
-    TEST_EQUAL( status, expected_export_status );
-    if( status == PSA_SUCCESS )
-    {
-        psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( type );
-        size_t bits;
-        PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
-        bits = psa_get_key_bits( &attributes );
-        TEST_ASSERT( expected_public_key->len <=
-                     PSA_KEY_EXPORT_MAX_SIZE( public_type, bits ) );
-        ASSERT_COMPARE( expected_public_key->x, expected_public_key->len,
-                        exported, exported_length );
-    }
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    mbedtls_free( exported );
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void import_and_exercise_key( data_t *data,
-                              int type_arg,
-                              int bits_arg,
-                              int alg_arg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t type = type_arg;
-    size_t bits = bits_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_key_usage_t usage = usage_to_exercise( type, alg );
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, usage );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, type );
-
-    /* Import the key */
-    PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &key ) );
-
-    /* Test the key information */
-    PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) );
-    TEST_EQUAL( psa_get_key_type( &got_attributes ), type );
-    TEST_EQUAL( psa_get_key_bits( &got_attributes ), bits );
-
-    /* Do something with the key according to its type and permitted usage. */
-    if( ! exercise_key( key, usage, alg ) )
-        goto exit;
-
-    PSA_ASSERT( psa_destroy_key( key ) );
-    test_operations_on_invalid_key( key );
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &got_attributes );
-
-    psa_reset_key_attributes( &attributes );
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void effective_key_attributes( int type_arg, int expected_type_arg,
-                               int bits_arg, int expected_bits_arg,
-                               int usage_arg, int expected_usage_arg,
-                               int alg_arg, int expected_alg_arg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = type_arg;
-    psa_key_type_t expected_key_type = expected_type_arg;
-    size_t bits = bits_arg;
-    size_t expected_bits = expected_bits_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_algorithm_t expected_alg = expected_alg_arg;
-    psa_key_usage_t usage = usage_arg;
-    psa_key_usage_t expected_usage = expected_usage_arg;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, usage );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-    psa_set_key_bits( &attributes, bits );
-
-    PSA_ASSERT( psa_generate_key( &attributes, &key ) );
-    psa_reset_key_attributes( &attributes );
-
-    PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
-    TEST_EQUAL( psa_get_key_type( &attributes ), expected_key_type );
-    TEST_EQUAL( psa_get_key_bits( &attributes ), expected_bits );
-    TEST_EQUAL( psa_get_key_usage_flags( &attributes ), expected_usage );
-    TEST_EQUAL( psa_get_key_algorithm( &attributes ), expected_alg );
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void check_key_policy( int type_arg, int bits_arg,
-                       int usage_arg, int alg_arg )
-{
-    test_effective_key_attributes( type_arg, type_arg, bits_arg, bits_arg,
-                                   usage_arg, usage_arg, alg_arg, alg_arg );
-    goto exit;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_attributes_init( )
-{
-    /* Test each valid way of initializing the object, except for `= {0}`, as
-     * Clang 5 complains when `-Wmissing-field-initializers` is used, even
-     * though it's OK by the C standard. We could test for this, but we'd need
-     * to supress the Clang warning for the test. */
-    psa_key_attributes_t func = psa_key_attributes_init( );
-    psa_key_attributes_t init = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_attributes_t zero;
-
-    memset( &zero, 0, sizeof( zero ) );
-
-    TEST_EQUAL( psa_get_key_lifetime( &func ), PSA_KEY_LIFETIME_VOLATILE );
-    TEST_EQUAL( psa_get_key_lifetime( &init ), PSA_KEY_LIFETIME_VOLATILE );
-    TEST_EQUAL( psa_get_key_lifetime( &zero ), PSA_KEY_LIFETIME_VOLATILE );
-
-    TEST_EQUAL( psa_get_key_type( &func ), 0 );
-    TEST_EQUAL( psa_get_key_type( &init ), 0 );
-    TEST_EQUAL( psa_get_key_type( &zero ), 0 );
-
-    TEST_EQUAL( psa_get_key_bits( &func ), 0 );
-    TEST_EQUAL( psa_get_key_bits( &init ), 0 );
-    TEST_EQUAL( psa_get_key_bits( &zero ), 0 );
-
-    TEST_EQUAL( psa_get_key_usage_flags( &func ), 0 );
-    TEST_EQUAL( psa_get_key_usage_flags( &init ), 0 );
-    TEST_EQUAL( psa_get_key_usage_flags( &zero ), 0 );
-
-    TEST_EQUAL( psa_get_key_algorithm( &func ), 0 );
-    TEST_EQUAL( psa_get_key_algorithm( &init ), 0 );
-    TEST_EQUAL( psa_get_key_algorithm( &zero ), 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mac_key_policy( int policy_usage,
-                     int policy_alg,
-                     int key_type,
-                     data_t *key_data,
-                     int exercise_alg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
-    psa_status_t status;
-    unsigned char mac[PSA_MAC_MAX_SIZE];
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, policy_usage );
-    psa_set_key_algorithm( &attributes, policy_alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    status = psa_mac_sign_setup( &operation, key, exercise_alg );
-    if( policy_alg == exercise_alg &&
-        ( policy_usage & PSA_KEY_USAGE_SIGN_HASH ) != 0 )
-        PSA_ASSERT( status );
-    else
-        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
-    psa_mac_abort( &operation );
-
-    memset( mac, 0, sizeof( mac ) );
-    status = psa_mac_verify_setup( &operation, key, exercise_alg );
-    if( policy_alg == exercise_alg &&
-        ( policy_usage & PSA_KEY_USAGE_VERIFY_HASH ) != 0 )
-        PSA_ASSERT( status );
-    else
-        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
-
-exit:
-    psa_mac_abort( &operation );
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_key_policy( int policy_usage,
-                        int policy_alg,
-                        int key_type,
-                        data_t *key_data,
-                        int exercise_alg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
-    psa_status_t status;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, policy_usage );
-    psa_set_key_algorithm( &attributes, policy_alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    status = psa_cipher_encrypt_setup( &operation, key, exercise_alg );
-    if( policy_alg == exercise_alg &&
-        ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
-        PSA_ASSERT( status );
-    else
-        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
-    psa_cipher_abort( &operation );
-
-    status = psa_cipher_decrypt_setup( &operation, key, exercise_alg );
-    if( policy_alg == exercise_alg &&
-        ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 )
-        PSA_ASSERT( status );
-    else
-        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
-
-exit:
-    psa_cipher_abort( &operation );
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void aead_key_policy( int policy_usage,
-                      int policy_alg,
-                      int key_type,
-                      data_t *key_data,
-                      int nonce_length_arg,
-                      int tag_length_arg,
-                      int exercise_alg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_status_t status;
-    unsigned char nonce[16] = {0};
-    size_t nonce_length = nonce_length_arg;
-    unsigned char tag[16];
-    size_t tag_length = tag_length_arg;
-    size_t output_length;
-
-    TEST_ASSERT( nonce_length <= sizeof( nonce ) );
-    TEST_ASSERT( tag_length <= sizeof( tag ) );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, policy_usage );
-    psa_set_key_algorithm( &attributes, policy_alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    status = psa_aead_encrypt( key, exercise_alg,
-                               nonce, nonce_length,
-                               NULL, 0,
-                               NULL, 0,
-                               tag, tag_length,
-                               &output_length );
-    if( policy_alg == exercise_alg &&
-        ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
-        PSA_ASSERT( status );
-    else
-        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
-
-    memset( tag, 0, sizeof( tag ) );
-    status = psa_aead_decrypt( key, exercise_alg,
-                               nonce, nonce_length,
-                               NULL, 0,
-                               tag, tag_length,
-                               NULL, 0,
-                               &output_length );
-    if( policy_alg == exercise_alg &&
-        ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 )
-        TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE );
-    else
-        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
-
-exit:
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void asymmetric_encryption_key_policy( int policy_usage,
-                                       int policy_alg,
-                                       int key_type,
-                                       data_t *key_data,
-                                       int exercise_alg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_status_t status;
-    size_t key_bits;
-    size_t buffer_length;
-    unsigned char *buffer = NULL;
-    size_t output_length;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, policy_usage );
-    psa_set_key_algorithm( &attributes, policy_alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
-    key_bits = psa_get_key_bits( &attributes );
-    buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits,
-                                                        exercise_alg );
-    ASSERT_ALLOC( buffer, buffer_length );
-
-    status = psa_asymmetric_encrypt( key, exercise_alg,
-                                     NULL, 0,
-                                     NULL, 0,
-                                     buffer, buffer_length,
-                                     &output_length );
-    if( policy_alg == exercise_alg &&
-        ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
-        PSA_ASSERT( status );
-    else
-        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
-
-    if( buffer_length != 0 )
-        memset( buffer, 0, buffer_length );
-    status = psa_asymmetric_decrypt( key, exercise_alg,
-                                     buffer, buffer_length,
-                                     NULL, 0,
-                                     buffer, buffer_length,
-                                     &output_length );
-    if( policy_alg == exercise_alg &&
-        ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 )
-        TEST_EQUAL( status, PSA_ERROR_INVALID_PADDING );
-    else
-        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    psa_destroy_key( key );
-    PSA_DONE( );
-    mbedtls_free( buffer );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void asymmetric_signature_key_policy( int policy_usage,
-                                      int policy_alg,
-                                      int key_type,
-                                      data_t *key_data,
-                                      int exercise_alg,
-                                      int payload_length_arg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_status_t status;
-    unsigned char payload[PSA_HASH_MAX_SIZE] = {1};
-    /* If `payload_length_arg > 0`, `exercise_alg` is supposed to be
-     * compatible with the policy and `payload_length_arg` is supposed to be
-     * a valid input length to sign. If `payload_length_arg <= 0`,
-     * `exercise_alg` is supposed to be forbidden by the policy. */
-    int compatible_alg = payload_length_arg > 0;
-    size_t payload_length = compatible_alg ? payload_length_arg : 0;
-    unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = {0};
-    size_t signature_length;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, policy_usage );
-    psa_set_key_algorithm( &attributes, policy_alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    status = psa_sign_hash( key, exercise_alg,
-                            payload, payload_length,
-                            signature, sizeof( signature ),
-                            &signature_length );
-    if( compatible_alg && ( policy_usage & PSA_KEY_USAGE_SIGN_HASH ) != 0 )
-        PSA_ASSERT( status );
-    else
-        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
-
-    memset( signature, 0, sizeof( signature ) );
-    status = psa_verify_hash( key, exercise_alg,
-                              payload, payload_length,
-                              signature, sizeof( signature ) );
-    if( compatible_alg && ( policy_usage & PSA_KEY_USAGE_VERIFY_HASH ) != 0 )
-        TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE );
-    else
-        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
-
-exit:
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void derive_key_policy( int policy_usage,
-                        int policy_alg,
-                        int key_type,
-                        data_t *key_data,
-                        int exercise_alg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-    psa_status_t status;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, policy_usage );
-    psa_set_key_algorithm( &attributes, policy_alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    PSA_ASSERT( psa_key_derivation_setup( &operation, exercise_alg ) );
-
-    if( PSA_ALG_IS_TLS12_PRF( exercise_alg ) ||
-            PSA_ALG_IS_TLS12_PSK_TO_MS( exercise_alg ) )
-    {
-        PSA_ASSERT( psa_key_derivation_input_bytes(
-                                            &operation,
-                                            PSA_KEY_DERIVATION_INPUT_SEED,
-                                            (const uint8_t*) "", 0) );
-    }
-
-    status = psa_key_derivation_input_key( &operation,
-                                           PSA_KEY_DERIVATION_INPUT_SECRET,
-                                           key );
-
-    if( policy_alg == exercise_alg &&
-        ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 )
-        PSA_ASSERT( status );
-    else
-        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
-
-exit:
-    psa_key_derivation_abort( &operation );
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void agreement_key_policy( int policy_usage,
-                           int policy_alg,
-                           int key_type_arg,
-                           data_t *key_data,
-                           int exercise_alg,
-                           int expected_status_arg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-    psa_status_t status;
-    psa_status_t expected_status = expected_status_arg;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, policy_usage );
-    psa_set_key_algorithm( &attributes, policy_alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    PSA_ASSERT( psa_key_derivation_setup( &operation, exercise_alg ) );
-    status = key_agreement_with_self( &operation, key );
-
-    TEST_EQUAL( status, expected_status );
-
-exit:
-    psa_key_derivation_abort( &operation );
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_policy_alg2( int key_type_arg, data_t *key_data,
-                      int usage_arg, int alg_arg, int alg2_arg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_usage_t usage = usage_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_algorithm_t alg2 = alg2_arg;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, usage );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_enrollment_algorithm( &attributes, alg2 );
-    psa_set_key_type( &attributes, key_type );
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) );
-    TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), usage );
-    TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg );
-    TEST_EQUAL( psa_get_key_enrollment_algorithm( &got_attributes ), alg2 );
-
-    if( ! exercise_key( key, usage, alg ) )
-        goto exit;
-    if( ! exercise_key( key, usage, alg2 ) )
-        goto exit;
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &got_attributes );
-
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void raw_agreement_key_policy( int policy_usage,
-                               int policy_alg,
-                               int key_type_arg,
-                               data_t *key_data,
-                               int exercise_alg,
-                               int expected_status_arg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-    psa_status_t status;
-    psa_status_t expected_status = expected_status_arg;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, policy_usage );
-    psa_set_key_algorithm( &attributes, policy_alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    status = raw_key_agreement_with_self( exercise_alg, key );
-
-    TEST_EQUAL( status, expected_status );
-
-exit:
-    psa_key_derivation_abort( &operation );
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void copy_success( int source_usage_arg,
-                   int source_alg_arg, int source_alg2_arg,
-                   int type_arg, data_t *material,
-                   int copy_attributes,
-                   int target_usage_arg,
-                   int target_alg_arg, int target_alg2_arg,
-                   int expected_usage_arg,
-                   int expected_alg_arg, int expected_alg2_arg )
-{
-    psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_usage_t expected_usage = expected_usage_arg;
-    psa_algorithm_t expected_alg = expected_alg_arg;
-    psa_algorithm_t expected_alg2 = expected_alg2_arg;
-    mbedtls_svc_key_id_t source_key = MBEDTLS_SVC_KEY_ID_INIT;
-    mbedtls_svc_key_id_t target_key = MBEDTLS_SVC_KEY_ID_INIT;
-    uint8_t *export_buffer = NULL;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    /* Prepare the source key. */
-    psa_set_key_usage_flags( &source_attributes, source_usage_arg );
-    psa_set_key_algorithm( &source_attributes, source_alg_arg );
-    psa_set_key_enrollment_algorithm( &source_attributes, source_alg2_arg );
-    psa_set_key_type( &source_attributes, type_arg );
-    PSA_ASSERT( psa_import_key( &source_attributes,
-                                material->x, material->len,
-                                &source_key ) );
-    PSA_ASSERT( psa_get_key_attributes( source_key, &source_attributes ) );
-
-    /* Prepare the target attributes. */
-    if( copy_attributes )
-    {
-        target_attributes = source_attributes;
-        /* Set volatile lifetime to reset the key identifier to 0. */
-        psa_set_key_lifetime( &target_attributes, PSA_KEY_LIFETIME_VOLATILE );
-    }
-
-    if( target_usage_arg != -1 )
-        psa_set_key_usage_flags( &target_attributes, target_usage_arg );
-    if( target_alg_arg != -1 )
-        psa_set_key_algorithm( &target_attributes, target_alg_arg );
-    if( target_alg2_arg != -1 )
-        psa_set_key_enrollment_algorithm( &target_attributes, target_alg2_arg );
-
-    /* Copy the key. */
-    PSA_ASSERT( psa_copy_key( source_key,
-                              &target_attributes, &target_key ) );
-
-    /* Destroy the source to ensure that this doesn't affect the target. */
-    PSA_ASSERT( psa_destroy_key( source_key ) );
-
-    /* Test that the target slot has the expected content and policy. */
-    PSA_ASSERT( psa_get_key_attributes( target_key, &target_attributes ) );
-    TEST_EQUAL( psa_get_key_type( &source_attributes ),
-                psa_get_key_type( &target_attributes ) );
-    TEST_EQUAL( psa_get_key_bits( &source_attributes ),
-                psa_get_key_bits( &target_attributes ) );
-    TEST_EQUAL( expected_usage, psa_get_key_usage_flags( &target_attributes ) );
-    TEST_EQUAL( expected_alg, psa_get_key_algorithm( &target_attributes ) );
-    TEST_EQUAL( expected_alg2,
-                psa_get_key_enrollment_algorithm( &target_attributes ) );
-    if( expected_usage & PSA_KEY_USAGE_EXPORT )
-    {
-        size_t length;
-        ASSERT_ALLOC( export_buffer, material->len );
-        PSA_ASSERT( psa_export_key( target_key, export_buffer,
-                                    material->len, &length ) );
-        ASSERT_COMPARE( material->x, material->len,
-                        export_buffer, length );
-    }
-    if( ! exercise_key( target_key, expected_usage, expected_alg ) )
-        goto exit;
-    if( ! exercise_key( target_key, expected_usage, expected_alg2 ) )
-        goto exit;
-
-    PSA_ASSERT( psa_destroy_key( target_key ) );
-
-exit:
-    /*
-     * Source and target key attributes may have been returned by
-     * psa_get_key_attributes() thus reset them as required.
-     */
-    psa_reset_key_attributes( &source_attributes );
-    psa_reset_key_attributes( &target_attributes );
-
-    PSA_DONE( );
-    mbedtls_free( export_buffer );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void copy_fail( int source_usage_arg,
-                int source_alg_arg, int source_alg2_arg,
-                int type_arg, data_t *material,
-                int target_type_arg, int target_bits_arg,
-                int target_usage_arg,
-                int target_alg_arg, int target_alg2_arg,
-                int expected_status_arg )
-{
-    psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT;
-    mbedtls_svc_key_id_t source_key = MBEDTLS_SVC_KEY_ID_INIT;
-    mbedtls_svc_key_id_t target_key = MBEDTLS_SVC_KEY_ID_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    /* Prepare the source key. */
-    psa_set_key_usage_flags( &source_attributes, source_usage_arg );
-    psa_set_key_algorithm( &source_attributes, source_alg_arg );
-    psa_set_key_enrollment_algorithm( &source_attributes, source_alg2_arg );
-    psa_set_key_type( &source_attributes, type_arg );
-    PSA_ASSERT( psa_import_key( &source_attributes,
-                                material->x, material->len,
-                                &source_key ) );
-
-    /* Prepare the target attributes. */
-    psa_set_key_type( &target_attributes, target_type_arg );
-    psa_set_key_bits( &target_attributes, target_bits_arg );
-    psa_set_key_usage_flags( &target_attributes, target_usage_arg );
-    psa_set_key_algorithm( &target_attributes, target_alg_arg );
-    psa_set_key_enrollment_algorithm( &target_attributes, target_alg2_arg );
-
-    /* Try to copy the key. */
-    TEST_EQUAL( psa_copy_key( source_key,
-                              &target_attributes, &target_key ),
-                expected_status_arg );
-
-    PSA_ASSERT( psa_destroy_key( source_key ) );
-
-exit:
-    psa_reset_key_attributes( &source_attributes );
-    psa_reset_key_attributes( &target_attributes );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void hash_operation_init( )
-{
-    const uint8_t input[1] = { 0 };
-    /* Test each valid way of initializing the object, except for `= {0}`, as
-     * Clang 5 complains when `-Wmissing-field-initializers` is used, even
-     * though it's OK by the C standard. We could test for this, but we'd need
-     * to supress the Clang warning for the test. */
-    psa_hash_operation_t func = psa_hash_operation_init( );
-    psa_hash_operation_t init = PSA_HASH_OPERATION_INIT;
-    psa_hash_operation_t zero;
-
-    memset( &zero, 0, sizeof( zero ) );
-
-    /* A freshly-initialized hash operation should not be usable. */
-    TEST_EQUAL( psa_hash_update( &func, input, sizeof( input ) ),
-                PSA_ERROR_BAD_STATE );
-    TEST_EQUAL( psa_hash_update( &init, input, sizeof( input ) ),
-                PSA_ERROR_BAD_STATE );
-    TEST_EQUAL( psa_hash_update( &zero, input, sizeof( input ) ),
-                PSA_ERROR_BAD_STATE );
-
-    /* A default hash operation should be abortable without error. */
-    PSA_ASSERT( psa_hash_abort( &func ) );
-    PSA_ASSERT( psa_hash_abort( &init ) );
-    PSA_ASSERT( psa_hash_abort( &zero ) );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void hash_setup( int alg_arg,
-                 int expected_status_arg )
-{
-    psa_algorithm_t alg = alg_arg;
-    psa_status_t expected_status = expected_status_arg;
-    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
-    psa_status_t status;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    status = psa_hash_setup( &operation, alg );
-    TEST_EQUAL( status, expected_status );
-
-    /* Whether setup succeeded or failed, abort must succeed. */
-    PSA_ASSERT( psa_hash_abort( &operation ) );
-
-    /* If setup failed, reproduce the failure, so as to
-     * test the resulting state of the operation object. */
-    if( status != PSA_SUCCESS )
-        TEST_EQUAL( psa_hash_setup( &operation, alg ), status );
-
-    /* Now the operation object should be reusable. */
-#if defined(KNOWN_SUPPORTED_HASH_ALG)
-    PSA_ASSERT( psa_hash_setup( &operation, KNOWN_SUPPORTED_HASH_ALG ) );
-    PSA_ASSERT( psa_hash_abort( &operation ) );
-#endif
-
-exit:
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void hash_compute_fail( int alg_arg, data_t *input,
-                        int output_size_arg, int expected_status_arg )
-{
-    psa_algorithm_t alg = alg_arg;
-    uint8_t *output = NULL;
-    size_t output_size = output_size_arg;
-    size_t output_length = INVALID_EXPORT_LENGTH;
-    psa_status_t expected_status = expected_status_arg;
-    psa_status_t status;
-
-    ASSERT_ALLOC( output, output_size );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    status = psa_hash_compute( alg, input->x, input->len,
-                               output, output_size, &output_length );
-    TEST_EQUAL( status, expected_status );
-    TEST_ASSERT( output_length <= output_size );
-
-exit:
-    mbedtls_free( output );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void hash_compare_fail( int alg_arg, data_t *input,
-                        data_t *reference_hash,
-                        int expected_status_arg )
-{
-    psa_algorithm_t alg = alg_arg;
-    psa_status_t expected_status = expected_status_arg;
-    psa_status_t status;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    status = psa_hash_compare( alg, input->x, input->len,
-                               reference_hash->x, reference_hash->len );
-    TEST_EQUAL( status, expected_status );
-
-exit:
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void hash_compute_compare( int alg_arg, data_t *input,
-                           data_t *expected_output )
-{
-    psa_algorithm_t alg = alg_arg;
-    uint8_t output[PSA_HASH_MAX_SIZE + 1];
-    size_t output_length = INVALID_EXPORT_LENGTH;
-    size_t i;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    /* Compute with tight buffer */
-    PSA_ASSERT( psa_hash_compute( alg, input->x, input->len,
-                                  output, PSA_HASH_SIZE( alg ),
-                                  &output_length ) );
-    TEST_EQUAL( output_length, PSA_HASH_SIZE( alg ) );
-    ASSERT_COMPARE( output, output_length,
-                    expected_output->x, expected_output->len );
-
-    /* Compute with larger buffer */
-    PSA_ASSERT( psa_hash_compute( alg, input->x, input->len,
-                                  output, sizeof( output ),
-                                  &output_length ) );
-    TEST_EQUAL( output_length, PSA_HASH_SIZE( alg ) );
-    ASSERT_COMPARE( output, output_length,
-                    expected_output->x, expected_output->len );
-
-    /* Compare with correct hash */
-    PSA_ASSERT( psa_hash_compare( alg, input->x, input->len,
-                                  output, output_length ) );
-
-    /* Compare with trailing garbage */
-    TEST_EQUAL( psa_hash_compare( alg, input->x, input->len,
-                                  output, output_length + 1 ),
-                PSA_ERROR_INVALID_SIGNATURE );
-
-    /* Compare with truncated hash */
-    TEST_EQUAL( psa_hash_compare( alg, input->x, input->len,
-                                  output, output_length - 1 ),
-                PSA_ERROR_INVALID_SIGNATURE );
-
-    /* Compare with corrupted value */
-    for( i = 0; i < output_length; i++ )
-    {
-        test_set_step( i );
-        output[i] ^= 1;
-        TEST_EQUAL( psa_hash_compare( alg, input->x, input->len,
-                                      output, output_length ),
-                    PSA_ERROR_INVALID_SIGNATURE );
-        output[i] ^= 1;
-    }
-
-exit:
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void hash_bad_order( )
-{
-    psa_algorithm_t alg = PSA_ALG_SHA_256;
-    unsigned char input[] = "";
-    /* SHA-256 hash of an empty string */
-    const unsigned char valid_hash[] = {
-        0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8,
-        0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
-        0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 };
-    unsigned char hash[sizeof(valid_hash)] = { 0 };
-    size_t hash_len;
-    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    /* Call setup twice in a row. */
-    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
-    TEST_EQUAL( psa_hash_setup( &operation, alg ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_hash_abort( &operation ) );
-
-    /* Call update without calling setup beforehand. */
-    TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_hash_abort( &operation ) );
-
-    /* Call update after finish. */
-    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
-    PSA_ASSERT( psa_hash_finish( &operation,
-                                 hash, sizeof( hash ), &hash_len ) );
-    TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_hash_abort( &operation ) );
-
-    /* Call verify without calling setup beforehand. */
-    TEST_EQUAL( psa_hash_verify( &operation,
-                                 valid_hash, sizeof( valid_hash ) ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_hash_abort( &operation ) );
-
-    /* Call verify after finish. */
-    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
-    PSA_ASSERT( psa_hash_finish( &operation,
-                                 hash, sizeof( hash ), &hash_len ) );
-    TEST_EQUAL( psa_hash_verify( &operation,
-                                 valid_hash, sizeof( valid_hash ) ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_hash_abort( &operation ) );
-
-    /* Call verify twice in a row. */
-    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
-    PSA_ASSERT( psa_hash_verify( &operation,
-                                 valid_hash, sizeof( valid_hash ) ) );
-    TEST_EQUAL( psa_hash_verify( &operation,
-                                 valid_hash, sizeof( valid_hash ) ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_hash_abort( &operation ) );
-
-    /* Call finish without calling setup beforehand. */
-    TEST_EQUAL( psa_hash_finish( &operation,
-                                 hash, sizeof( hash ), &hash_len ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_hash_abort( &operation ) );
-
-    /* Call finish twice in a row. */
-    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
-    PSA_ASSERT( psa_hash_finish( &operation,
-                                 hash, sizeof( hash ), &hash_len ) );
-    TEST_EQUAL( psa_hash_finish( &operation,
-                                 hash, sizeof( hash ), &hash_len ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_hash_abort( &operation ) );
-
-    /* Call finish after calling verify. */
-    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
-    PSA_ASSERT( psa_hash_verify( &operation,
-                                 valid_hash, sizeof( valid_hash ) ) );
-    TEST_EQUAL( psa_hash_finish( &operation,
-                                 hash, sizeof( hash ), &hash_len ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_hash_abort( &operation ) );
-
-exit:
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
-void hash_verify_bad_args( )
-{
-    psa_algorithm_t alg = PSA_ALG_SHA_256;
-    /* SHA-256 hash of an empty string with 2 extra bytes (0xaa and 0xbb)
-     * appended to it */
-    unsigned char hash[] = {
-        0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8,
-        0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
-        0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55, 0xaa, 0xbb };
-    size_t expected_size = PSA_HASH_SIZE( alg );
-    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    /* psa_hash_verify with a smaller hash than expected */
-    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
-    TEST_EQUAL( psa_hash_verify( &operation, hash, expected_size - 1 ),
-                PSA_ERROR_INVALID_SIGNATURE );
-
-    /* psa_hash_verify with a non-matching hash */
-    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
-    TEST_EQUAL( psa_hash_verify( &operation, hash + 1, expected_size ),
-                PSA_ERROR_INVALID_SIGNATURE );
-
-    /* psa_hash_verify with a hash longer than expected */
-    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
-    TEST_EQUAL( psa_hash_verify( &operation, hash, sizeof( hash ) ),
-                PSA_ERROR_INVALID_SIGNATURE );
-
-exit:
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
-void hash_finish_bad_args( )
-{
-    psa_algorithm_t alg = PSA_ALG_SHA_256;
-    unsigned char hash[PSA_HASH_MAX_SIZE];
-    size_t expected_size = PSA_HASH_SIZE( alg );
-    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
-    size_t hash_len;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    /* psa_hash_finish with a smaller hash buffer than expected */
-    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
-    TEST_EQUAL( psa_hash_finish( &operation,
-                                 hash, expected_size - 1, &hash_len ),
-                PSA_ERROR_BUFFER_TOO_SMALL );
-
-exit:
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
-void hash_clone_source_state( )
-{
-    psa_algorithm_t alg = PSA_ALG_SHA_256;
-    unsigned char hash[PSA_HASH_MAX_SIZE];
-    psa_hash_operation_t op_source = PSA_HASH_OPERATION_INIT;
-    psa_hash_operation_t op_init = PSA_HASH_OPERATION_INIT;
-    psa_hash_operation_t op_setup = PSA_HASH_OPERATION_INIT;
-    psa_hash_operation_t op_finished = PSA_HASH_OPERATION_INIT;
-    psa_hash_operation_t op_aborted = PSA_HASH_OPERATION_INIT;
-    size_t hash_len;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-    PSA_ASSERT( psa_hash_setup( &op_source, alg ) );
-
-    PSA_ASSERT( psa_hash_setup( &op_setup, alg ) );
-    PSA_ASSERT( psa_hash_setup( &op_finished, alg ) );
-    PSA_ASSERT( psa_hash_finish( &op_finished,
-                                 hash, sizeof( hash ), &hash_len ) );
-    PSA_ASSERT( psa_hash_setup( &op_aborted, alg ) );
-    PSA_ASSERT( psa_hash_abort( &op_aborted ) );
-
-    TEST_EQUAL( psa_hash_clone( &op_source, &op_setup ),
-                PSA_ERROR_BAD_STATE );
-
-    PSA_ASSERT( psa_hash_clone( &op_source, &op_init ) );
-    PSA_ASSERT( psa_hash_finish( &op_init,
-                                 hash, sizeof( hash ), &hash_len ) );
-    PSA_ASSERT( psa_hash_clone( &op_source, &op_finished ) );
-    PSA_ASSERT( psa_hash_finish( &op_finished,
-                                 hash, sizeof( hash ), &hash_len ) );
-    PSA_ASSERT( psa_hash_clone( &op_source, &op_aborted ) );
-    PSA_ASSERT( psa_hash_finish( &op_aborted,
-                                 hash, sizeof( hash ), &hash_len ) );
-
-exit:
-    psa_hash_abort( &op_source );
-    psa_hash_abort( &op_init );
-    psa_hash_abort( &op_setup );
-    psa_hash_abort( &op_finished );
-    psa_hash_abort( &op_aborted );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
-void hash_clone_target_state( )
-{
-    psa_algorithm_t alg = PSA_ALG_SHA_256;
-    unsigned char hash[PSA_HASH_MAX_SIZE];
-    psa_hash_operation_t op_init = PSA_HASH_OPERATION_INIT;
-    psa_hash_operation_t op_setup = PSA_HASH_OPERATION_INIT;
-    psa_hash_operation_t op_finished = PSA_HASH_OPERATION_INIT;
-    psa_hash_operation_t op_aborted = PSA_HASH_OPERATION_INIT;
-    psa_hash_operation_t op_target = PSA_HASH_OPERATION_INIT;
-    size_t hash_len;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    PSA_ASSERT( psa_hash_setup( &op_setup, alg ) );
-    PSA_ASSERT( psa_hash_setup( &op_finished, alg ) );
-    PSA_ASSERT( psa_hash_finish( &op_finished,
-                                 hash, sizeof( hash ), &hash_len ) );
-    PSA_ASSERT( psa_hash_setup( &op_aborted, alg ) );
-    PSA_ASSERT( psa_hash_abort( &op_aborted ) );
-
-    PSA_ASSERT( psa_hash_clone( &op_setup, &op_target ) );
-    PSA_ASSERT( psa_hash_finish( &op_target,
-                                 hash, sizeof( hash ), &hash_len ) );
-
-    TEST_EQUAL( psa_hash_clone( &op_init, &op_target ), PSA_ERROR_BAD_STATE );
-    TEST_EQUAL( psa_hash_clone( &op_finished, &op_target ),
-                PSA_ERROR_BAD_STATE );
-    TEST_EQUAL( psa_hash_clone( &op_aborted, &op_target ),
-                PSA_ERROR_BAD_STATE );
-
-exit:
-    psa_hash_abort( &op_target );
-    psa_hash_abort( &op_init );
-    psa_hash_abort( &op_setup );
-    psa_hash_abort( &op_finished );
-    psa_hash_abort( &op_aborted );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mac_operation_init( )
-{
-    const uint8_t input[1] = { 0 };
-
-    /* Test each valid way of initializing the object, except for `= {0}`, as
-     * Clang 5 complains when `-Wmissing-field-initializers` is used, even
-     * though it's OK by the C standard. We could test for this, but we'd need
-     * to supress the Clang warning for the test. */
-    psa_mac_operation_t func = psa_mac_operation_init( );
-    psa_mac_operation_t init = PSA_MAC_OPERATION_INIT;
-    psa_mac_operation_t zero;
-
-    memset( &zero, 0, sizeof( zero ) );
-
-    /* A freshly-initialized MAC operation should not be usable. */
-    TEST_EQUAL( psa_mac_update( &func,
-                                input, sizeof( input ) ),
-                PSA_ERROR_BAD_STATE );
-    TEST_EQUAL( psa_mac_update( &init,
-                                input, sizeof( input ) ),
-                PSA_ERROR_BAD_STATE );
-    TEST_EQUAL( psa_mac_update( &zero,
-                                input, sizeof( input ) ),
-                PSA_ERROR_BAD_STATE );
-
-    /* A default MAC operation should be abortable without error. */
-    PSA_ASSERT( psa_mac_abort( &func ) );
-    PSA_ASSERT( psa_mac_abort( &init ) );
-    PSA_ASSERT( psa_mac_abort( &zero ) );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mac_setup( int key_type_arg,
-                data_t *key,
-                int alg_arg,
-                int expected_status_arg )
-{
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_status_t expected_status = expected_status_arg;
-    psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
-    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
-#if defined(KNOWN_SUPPORTED_MAC_ALG)
-    const uint8_t smoke_test_key_data[16] = "kkkkkkkkkkkkkkkk";
-#endif
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    if( ! exercise_mac_setup( key_type, key->x, key->len, alg,
-                              &operation, &status ) )
-        goto exit;
-    TEST_EQUAL( status, expected_status );
-
-    /* The operation object should be reusable. */
-#if defined(KNOWN_SUPPORTED_MAC_ALG)
-    if( ! exercise_mac_setup( KNOWN_SUPPORTED_MAC_KEY_TYPE,
-                              smoke_test_key_data,
-                              sizeof( smoke_test_key_data ),
-                              KNOWN_SUPPORTED_MAC_ALG,
-                              &operation, &status ) )
-        goto exit;
-    TEST_EQUAL( status, PSA_SUCCESS );
-#endif
-
-exit:
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mac_bad_order( )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = PSA_KEY_TYPE_HMAC;
-    psa_algorithm_t alg = PSA_ALG_HMAC(PSA_ALG_SHA_256);
-    const uint8_t key_data[] = {
-        0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
-        0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
-        0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa };
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
-    uint8_t sign_mac[PSA_MAC_MAX_SIZE + 10] = { 0 };
-    size_t sign_mac_length = 0;
-    const uint8_t input[] = { 0xbb, 0xbb, 0xbb, 0xbb };
-    const uint8_t verify_mac[] = {
-        0x74, 0x65, 0x93, 0x8c, 0xeb, 0x1d, 0xb3, 0x76, 0x5a, 0x38, 0xe7, 0xdd,
-        0x85, 0xc5, 0xad, 0x4f, 0x07, 0xe7, 0xd5, 0xb2, 0x64, 0xf0, 0x1a, 0x1a,
-        0x2c, 0xf9, 0x18, 0xca, 0x59, 0x7e, 0x5d, 0xf6 };
-
-    PSA_ASSERT( psa_crypto_init( ) );
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data, sizeof( key_data ),
-                                &key ) );
-
-    /* Call update without calling setup beforehand. */
-    TEST_EQUAL( psa_mac_update( &operation, input, sizeof( input ) ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_mac_abort( &operation ) );
-
-    /* Call sign finish without calling setup beforehand. */
-    TEST_EQUAL( psa_mac_sign_finish( &operation, sign_mac, sizeof( sign_mac ),
-                                     &sign_mac_length),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_mac_abort( &operation ) );
-
-    /* Call verify finish without calling setup beforehand. */
-    TEST_EQUAL( psa_mac_verify_finish( &operation,
-                                       verify_mac, sizeof( verify_mac ) ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_mac_abort( &operation ) );
-
-    /* Call setup twice in a row. */
-    PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
-    TEST_EQUAL( psa_mac_sign_setup( &operation, key, alg ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_mac_abort( &operation ) );
-
-    /* Call update after sign finish. */
-    PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
-    PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
-    PSA_ASSERT( psa_mac_sign_finish( &operation,
-                                     sign_mac, sizeof( sign_mac ),
-                                     &sign_mac_length ) );
-    TEST_EQUAL( psa_mac_update( &operation, input, sizeof( input ) ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_mac_abort( &operation ) );
-
-    /* Call update after verify finish. */
-    PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
-    PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
-    PSA_ASSERT( psa_mac_verify_finish( &operation,
-                                       verify_mac, sizeof( verify_mac ) ) );
-    TEST_EQUAL( psa_mac_update( &operation, input, sizeof( input ) ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_mac_abort( &operation ) );
-
-    /* Call sign finish twice in a row. */
-    PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
-    PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
-    PSA_ASSERT( psa_mac_sign_finish( &operation,
-                                     sign_mac, sizeof( sign_mac ),
-                                     &sign_mac_length ) );
-    TEST_EQUAL( psa_mac_sign_finish( &operation,
-                                     sign_mac, sizeof( sign_mac ),
-                                     &sign_mac_length ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_mac_abort( &operation ) );
-
-    /* Call verify finish twice in a row. */
-    PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
-    PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
-    PSA_ASSERT( psa_mac_verify_finish( &operation,
-                                       verify_mac, sizeof( verify_mac ) ) );
-    TEST_EQUAL( psa_mac_verify_finish( &operation,
-                                       verify_mac, sizeof( verify_mac ) ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_mac_abort( &operation ) );
-
-    /* Setup sign but try verify. */
-    PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
-    PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
-    TEST_EQUAL( psa_mac_verify_finish( &operation,
-                                       verify_mac, sizeof( verify_mac ) ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_mac_abort( &operation ) );
-
-    /* Setup verify but try sign. */
-    PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
-    PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
-    TEST_EQUAL( psa_mac_sign_finish( &operation,
-                                     sign_mac, sizeof( sign_mac ),
-                                     &sign_mac_length ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_mac_abort( &operation ) );
-
-    PSA_ASSERT( psa_destroy_key( key ) );
-
-exit:
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mac_sign( int key_type_arg,
-               data_t *key_data,
-               int alg_arg,
-               data_t *input,
-               data_t *expected_mac )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    uint8_t *actual_mac = NULL;
-    size_t mac_buffer_size =
-        PSA_MAC_FINAL_SIZE( key_type, PSA_BYTES_TO_BITS( key_data->len ), alg );
-    size_t mac_length = 0;
-    const size_t output_sizes_to_test[] = {
-        0,
-        1,
-        expected_mac->len - 1,
-        expected_mac->len,
-        expected_mac->len + 1,
-    };
-
-    TEST_ASSERT( mac_buffer_size <= PSA_MAC_MAX_SIZE );
-    /* We expect PSA_MAC_FINAL_SIZE to be exact. */
-    TEST_ASSERT( expected_mac->len == mac_buffer_size );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    for( size_t i = 0; i < ARRAY_LENGTH( output_sizes_to_test ); i++ )
-    {
-        const size_t output_size = output_sizes_to_test[i];
-        psa_status_t expected_status =
-            ( output_size >= expected_mac->len ? PSA_SUCCESS :
-              PSA_ERROR_BUFFER_TOO_SMALL );
-
-        test_set_step( output_size );
-        ASSERT_ALLOC( actual_mac, output_size );
-
-        /* Calculate the MAC. */
-        PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
-        PSA_ASSERT( psa_mac_update( &operation,
-                                    input->x, input->len ) );
-        TEST_EQUAL( psa_mac_sign_finish( &operation,
-                                         actual_mac, output_size,
-                                         &mac_length ),
-                    expected_status );
-        PSA_ASSERT( psa_mac_abort( &operation ) );
-
-        if( expected_status == PSA_SUCCESS )
-        {
-            ASSERT_COMPARE( expected_mac->x, expected_mac->len,
-                            actual_mac, mac_length );
-        }
-        mbedtls_free( actual_mac );
-        actual_mac = NULL;
-    }
-
-exit:
-    psa_mac_abort( &operation );
-    psa_destroy_key( key );
-    PSA_DONE( );
-    mbedtls_free( actual_mac );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mac_verify( int key_type_arg,
-                 data_t *key_data,
-                 int alg_arg,
-                 data_t *input,
-                 data_t *expected_mac )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    uint8_t *perturbed_mac = NULL;
-
-    TEST_ASSERT( expected_mac->len <= PSA_MAC_MAX_SIZE );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    /* Test the correct MAC. */
-    PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
-    PSA_ASSERT( psa_mac_update( &operation,
-                                input->x, input->len ) );
-    PSA_ASSERT( psa_mac_verify_finish( &operation,
-                                       expected_mac->x,
-                                       expected_mac->len ) );
-
-    /* Test a MAC that's too short. */
-    PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
-    PSA_ASSERT( psa_mac_update( &operation,
-                                input->x, input->len ) );
-    TEST_EQUAL( psa_mac_verify_finish( &operation,
-                                       expected_mac->x,
-                                       expected_mac->len - 1 ),
-                PSA_ERROR_INVALID_SIGNATURE );
-
-    /* Test a MAC that's too long. */
-    ASSERT_ALLOC( perturbed_mac, expected_mac->len + 1 );
-    memcpy( perturbed_mac, expected_mac->x, expected_mac->len );
-    PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
-    PSA_ASSERT( psa_mac_update( &operation,
-                                input->x, input->len ) );
-    TEST_EQUAL( psa_mac_verify_finish( &operation,
-                                       perturbed_mac,
-                                       expected_mac->len + 1 ),
-                PSA_ERROR_INVALID_SIGNATURE );
-
-    /* Test changing one byte. */
-    for( size_t i = 0; i < expected_mac->len; i++ )
-    {
-        test_set_step( i );
-        perturbed_mac[i] ^= 1;
-        PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
-        PSA_ASSERT( psa_mac_update( &operation,
-                                    input->x, input->len ) );
-        TEST_EQUAL( psa_mac_verify_finish( &operation,
-                                           perturbed_mac,
-                                           expected_mac->len ),
-                    PSA_ERROR_INVALID_SIGNATURE );
-        perturbed_mac[i] ^= 1;
-    }
-
-exit:
-    psa_mac_abort( &operation );
-    psa_destroy_key( key );
-    PSA_DONE( );
-    mbedtls_free( perturbed_mac );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_operation_init( )
-{
-    const uint8_t input[1] = { 0 };
-    unsigned char output[1] = { 0 };
-    size_t output_length;
-    /* Test each valid way of initializing the object, except for `= {0}`, as
-     * Clang 5 complains when `-Wmissing-field-initializers` is used, even
-     * though it's OK by the C standard. We could test for this, but we'd need
-     * to supress the Clang warning for the test. */
-    psa_cipher_operation_t func = psa_cipher_operation_init( );
-    psa_cipher_operation_t init = PSA_CIPHER_OPERATION_INIT;
-    psa_cipher_operation_t zero;
-
-    memset( &zero, 0, sizeof( zero ) );
-
-    /* A freshly-initialized cipher operation should not be usable. */
-    TEST_EQUAL( psa_cipher_update( &func,
-                                   input, sizeof( input ),
-                                   output, sizeof( output ),
-                                   &output_length ),
-                PSA_ERROR_BAD_STATE );
-    TEST_EQUAL( psa_cipher_update( &init,
-                                   input, sizeof( input ),
-                                   output, sizeof( output ),
-                                   &output_length ),
-                PSA_ERROR_BAD_STATE );
-    TEST_EQUAL( psa_cipher_update( &zero,
-                                   input, sizeof( input ),
-                                   output, sizeof( output ),
-                                   &output_length ),
-                PSA_ERROR_BAD_STATE );
-
-    /* A default cipher operation should be abortable without error. */
-    PSA_ASSERT( psa_cipher_abort( &func ) );
-    PSA_ASSERT( psa_cipher_abort( &init ) );
-    PSA_ASSERT( psa_cipher_abort( &zero ) );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_setup( int key_type_arg,
-                   data_t *key,
-                   int alg_arg,
-                   int expected_status_arg )
-{
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_status_t expected_status = expected_status_arg;
-    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
-    psa_status_t status;
-#if defined(KNOWN_SUPPORTED_MAC_ALG)
-    const uint8_t smoke_test_key_data[16] = "kkkkkkkkkkkkkkkk";
-#endif
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    if( ! exercise_cipher_setup( key_type, key->x, key->len, alg,
-                                 &operation, &status ) )
-        goto exit;
-    TEST_EQUAL( status, expected_status );
-
-    /* The operation object should be reusable. */
-#if defined(KNOWN_SUPPORTED_CIPHER_ALG)
-    if( ! exercise_cipher_setup( KNOWN_SUPPORTED_CIPHER_KEY_TYPE,
-                                 smoke_test_key_data,
-                                 sizeof( smoke_test_key_data ),
-                                 KNOWN_SUPPORTED_CIPHER_ALG,
-                                 &operation, &status ) )
-        goto exit;
-    TEST_EQUAL( status, PSA_SUCCESS );
-#endif
-
-exit:
-    psa_cipher_abort( &operation );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_bad_order( )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = PSA_KEY_TYPE_AES;
-    psa_algorithm_t alg = PSA_ALG_CBC_PKCS7;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
-    unsigned char iv[PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES)] = { 0 };
-    const uint8_t key_data[] = {
-        0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
-        0xaa, 0xaa, 0xaa, 0xaa };
-    const uint8_t text[] = {
-        0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
-        0xbb, 0xbb, 0xbb, 0xbb };
-    uint8_t buffer[PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES)] = { 0 };
-    size_t length = 0;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-    PSA_ASSERT( psa_import_key( &attributes, key_data, sizeof( key_data ),
-                                &key ) );
-
-    /* Call encrypt setup twice in a row. */
-    PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
-    TEST_EQUAL( psa_cipher_encrypt_setup( &operation, key, alg ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_cipher_abort( &operation ) );
-
-    /* Call decrypt setup twice in a row. */
-    PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
-    TEST_EQUAL( psa_cipher_decrypt_setup( &operation, key, alg ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_cipher_abort( &operation ) );
-
-    /* Generate an IV without calling setup beforehand. */
-    TEST_EQUAL( psa_cipher_generate_iv( &operation,
-                                        buffer, sizeof( buffer ),
-                                        &length ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_cipher_abort( &operation ) );
-
-    /* Generate an IV twice in a row. */
-    PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
-    PSA_ASSERT( psa_cipher_generate_iv( &operation,
-                                        buffer, sizeof( buffer ),
-                                        &length ) );
-    TEST_EQUAL( psa_cipher_generate_iv( &operation,
-                                        buffer, sizeof( buffer ),
-                                        &length ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_cipher_abort( &operation ) );
-
-    /* Generate an IV after it's already set. */
-    PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
-    PSA_ASSERT( psa_cipher_set_iv( &operation,
-                                   iv, sizeof( iv ) ) );
-    TEST_EQUAL( psa_cipher_generate_iv( &operation,
-                                        buffer, sizeof( buffer ),
-                                        &length ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_cipher_abort( &operation ) );
-
-    /* Set an IV without calling setup beforehand. */
-    TEST_EQUAL( psa_cipher_set_iv( &operation,
-                                   iv, sizeof( iv ) ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_cipher_abort( &operation ) );
-
-    /* Set an IV after it's already set. */
-    PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
-    PSA_ASSERT( psa_cipher_set_iv( &operation,
-                                   iv, sizeof( iv ) ) );
-    TEST_EQUAL( psa_cipher_set_iv( &operation,
-                                   iv, sizeof( iv ) ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_cipher_abort( &operation ) );
-
-    /* Set an IV after it's already generated. */
-    PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
-    PSA_ASSERT( psa_cipher_generate_iv( &operation,
-                                        buffer, sizeof( buffer ),
-                                        &length ) );
-    TEST_EQUAL( psa_cipher_set_iv( &operation,
-                                   iv, sizeof( iv ) ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_cipher_abort( &operation ) );
-
-    /* Call update without calling setup beforehand. */
-    TEST_EQUAL( psa_cipher_update( &operation,
-                                   text, sizeof( text ),
-                                   buffer, sizeof( buffer ),
-                                   &length ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_cipher_abort( &operation ) );
-
-    /* Call update without an IV where an IV is required. */
-    TEST_EQUAL( psa_cipher_update( &operation,
-                                   text, sizeof( text ),
-                                   buffer, sizeof( buffer ),
-                                   &length ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_cipher_abort( &operation ) );
-
-    /* Call update after finish. */
-    PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
-    PSA_ASSERT( psa_cipher_set_iv( &operation,
-                                   iv, sizeof( iv ) ) );
-    PSA_ASSERT( psa_cipher_finish( &operation,
-                                   buffer, sizeof( buffer ), &length ) );
-    TEST_EQUAL( psa_cipher_update( &operation,
-                                   text, sizeof( text ),
-                                   buffer, sizeof( buffer ),
-                                   &length ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_cipher_abort( &operation ) );
-
-    /* Call finish without calling setup beforehand. */
-    TEST_EQUAL( psa_cipher_finish( &operation,
-                                   buffer, sizeof( buffer ), &length ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_cipher_abort( &operation ) );
-
-    /* Call finish without an IV where an IV is required. */
-    PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
-    /* Not calling update means we are encrypting an empty buffer, which is OK
-     * for cipher modes with padding. */
-    TEST_EQUAL( psa_cipher_finish( &operation,
-                                   buffer, sizeof( buffer ), &length ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_cipher_abort( &operation ) );
-
-    /* Call finish twice in a row. */
-    PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
-    PSA_ASSERT( psa_cipher_set_iv( &operation,
-                                   iv, sizeof( iv ) ) );
-    PSA_ASSERT( psa_cipher_finish( &operation,
-                                   buffer, sizeof( buffer ), &length ) );
-    TEST_EQUAL( psa_cipher_finish( &operation,
-                                   buffer, sizeof( buffer ), &length ),
-                PSA_ERROR_BAD_STATE );
-    PSA_ASSERT( psa_cipher_abort( &operation ) );
-
-    PSA_ASSERT( psa_destroy_key( key ) );
-
-exit:
-    psa_cipher_abort( &operation );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_encrypt( int alg_arg, int key_type_arg,
-                     data_t *key_data, data_t *iv,
-                     data_t *input, data_t *expected_output,
-                     int expected_status_arg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_status_t status;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_status_t expected_status = expected_status_arg;
-    unsigned char *output = NULL;
-    size_t output_buffer_size = 0;
-    size_t function_output_length = 0;
-    size_t total_output_length = 0;
-    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
-
-    if( iv->len > 0 )
-    {
-        PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
-    }
-
-    output_buffer_size = ( (size_t) input->len +
-                           PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
-    ASSERT_ALLOC( output, output_buffer_size );
-
-    PSA_ASSERT( psa_cipher_update( &operation,
-                                   input->x, input->len,
-                                   output, output_buffer_size,
-                                   &function_output_length ) );
-    total_output_length += function_output_length;
-    status = psa_cipher_finish( &operation,
-                                output + total_output_length,
-                                output_buffer_size - total_output_length,
-                                &function_output_length );
-    total_output_length += function_output_length;
-
-    TEST_EQUAL( status, expected_status );
-    if( expected_status == PSA_SUCCESS )
-    {
-        PSA_ASSERT( psa_cipher_abort( &operation ) );
-        ASSERT_COMPARE( expected_output->x, expected_output->len,
-                        output, total_output_length );
-    }
-
-exit:
-    psa_cipher_abort( &operation );
-    mbedtls_free( output );
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
-                               data_t *key_data, data_t *iv,
-                               data_t *input,
-                               int first_part_size_arg,
-                               int output1_length_arg, int output2_length_arg,
-                               data_t *expected_output )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    size_t first_part_size = first_part_size_arg;
-    size_t output1_length = output1_length_arg;
-    size_t output2_length = output2_length_arg;
-    unsigned char *output = NULL;
-    size_t output_buffer_size = 0;
-    size_t function_output_length = 0;
-    size_t total_output_length = 0;
-    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
-
-    if( iv->len > 0 )
-    {
-        PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
-    }
-
-    output_buffer_size = ( (size_t) input->len +
-                           PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
-    ASSERT_ALLOC( output, output_buffer_size );
-
-    TEST_ASSERT( first_part_size <= input->len );
-    PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size,
-                                   output, output_buffer_size,
-                                   &function_output_length ) );
-    TEST_ASSERT( function_output_length == output1_length );
-    total_output_length += function_output_length;
-    PSA_ASSERT( psa_cipher_update( &operation,
-                                   input->x + first_part_size,
-                                   input->len - first_part_size,
-                                   output + total_output_length,
-                                   output_buffer_size - total_output_length,
-                                   &function_output_length ) );
-    TEST_ASSERT( function_output_length == output2_length );
-    total_output_length += function_output_length;
-    PSA_ASSERT( psa_cipher_finish( &operation,
-                                   output + total_output_length,
-                                   output_buffer_size - total_output_length,
-                                   &function_output_length ) );
-    total_output_length += function_output_length;
-    PSA_ASSERT( psa_cipher_abort( &operation ) );
-
-    ASSERT_COMPARE( expected_output->x, expected_output->len,
-                    output, total_output_length );
-
-exit:
-    psa_cipher_abort( &operation );
-    mbedtls_free( output );
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
-                               data_t *key_data, data_t *iv,
-                               data_t *input,
-                               int first_part_size_arg,
-                               int output1_length_arg, int output2_length_arg,
-                               data_t *expected_output )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    size_t first_part_size = first_part_size_arg;
-    size_t output1_length = output1_length_arg;
-    size_t output2_length = output2_length_arg;
-    unsigned char *output = NULL;
-    size_t output_buffer_size = 0;
-    size_t function_output_length = 0;
-    size_t total_output_length = 0;
-    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
-
-    if( iv->len > 0 )
-    {
-        PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
-    }
-
-    output_buffer_size = ( (size_t) input->len +
-                           PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
-    ASSERT_ALLOC( output, output_buffer_size );
-
-    TEST_ASSERT( first_part_size <= input->len );
-    PSA_ASSERT( psa_cipher_update( &operation,
-                                   input->x, first_part_size,
-                                   output, output_buffer_size,
-                                   &function_output_length ) );
-    TEST_ASSERT( function_output_length == output1_length );
-    total_output_length += function_output_length;
-    PSA_ASSERT( psa_cipher_update( &operation,
-                                   input->x + first_part_size,
-                                   input->len - first_part_size,
-                                   output + total_output_length,
-                                   output_buffer_size - total_output_length,
-                                   &function_output_length ) );
-    TEST_ASSERT( function_output_length == output2_length );
-    total_output_length += function_output_length;
-    PSA_ASSERT( psa_cipher_finish( &operation,
-                                   output + total_output_length,
-                                   output_buffer_size - total_output_length,
-                                   &function_output_length ) );
-    total_output_length += function_output_length;
-    PSA_ASSERT( psa_cipher_abort( &operation ) );
-
-    ASSERT_COMPARE( expected_output->x, expected_output->len,
-                    output, total_output_length );
-
-exit:
-    psa_cipher_abort( &operation );
-    mbedtls_free( output );
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_decrypt( int alg_arg, int key_type_arg,
-                     data_t *key_data, data_t *iv,
-                     data_t *input, data_t *expected_output,
-                     int expected_status_arg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_status_t status;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_status_t expected_status = expected_status_arg;
-    unsigned char *output = NULL;
-    size_t output_buffer_size = 0;
-    size_t function_output_length = 0;
-    size_t total_output_length = 0;
-    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
-
-    if( iv->len > 0 )
-    {
-        PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
-    }
-
-    output_buffer_size = ( (size_t) input->len +
-                           PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
-    ASSERT_ALLOC( output, output_buffer_size );
-
-    PSA_ASSERT( psa_cipher_update( &operation,
-                                   input->x, input->len,
-                                   output, output_buffer_size,
-                                   &function_output_length ) );
-    total_output_length += function_output_length;
-    status = psa_cipher_finish( &operation,
-                                output + total_output_length,
-                                output_buffer_size - total_output_length,
-                                &function_output_length );
-    total_output_length += function_output_length;
-    TEST_EQUAL( status, expected_status );
-
-    if( expected_status == PSA_SUCCESS )
-    {
-        PSA_ASSERT( psa_cipher_abort( &operation ) );
-        ASSERT_COMPARE( expected_output->x, expected_output->len,
-                        output, total_output_length );
-    }
-
-exit:
-    psa_cipher_abort( &operation );
-    mbedtls_free( output );
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_verify_output( int alg_arg, int key_type_arg,
-                           data_t *key_data,
-                           data_t *input )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    unsigned char iv[16] = {0};
-    size_t iv_size = 16;
-    size_t iv_length = 0;
-    unsigned char *output1 = NULL;
-    size_t output1_size = 0;
-    size_t output1_length = 0;
-    unsigned char *output2 = NULL;
-    size_t output2_size = 0;
-    size_t output2_length = 0;
-    size_t function_output_length = 0;
-    psa_cipher_operation_t operation1 = PSA_CIPHER_OPERATION_INIT;
-    psa_cipher_operation_t operation2 = PSA_CIPHER_OPERATION_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, key, alg ) );
-    PSA_ASSERT( psa_cipher_decrypt_setup( &operation2, key, alg ) );
-
-    if( alg != PSA_ALG_ECB_NO_PADDING )
-    {
-        PSA_ASSERT( psa_cipher_generate_iv( &operation1,
-                                            iv, iv_size,
-                                            &iv_length ) );
-    }
-    output1_size = ( (size_t) input->len +
-                     PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
-    ASSERT_ALLOC( output1, output1_size );
-
-    PSA_ASSERT( psa_cipher_update( &operation1, input->x, input->len,
-                                   output1, output1_size,
-                                   &output1_length ) );
-    PSA_ASSERT( psa_cipher_finish( &operation1,
-                                   output1 + output1_length,
-                                   output1_size - output1_length,
-                                   &function_output_length ) );
-
-    output1_length += function_output_length;
-
-    PSA_ASSERT( psa_cipher_abort( &operation1 ) );
-
-    output2_size = output1_length;
-    ASSERT_ALLOC( output2, output2_size );
-
-    if( iv_length > 0 )
-    {
-        PSA_ASSERT( psa_cipher_set_iv( &operation2,
-                                       iv, iv_length ) );
-    }
-
-    PSA_ASSERT( psa_cipher_update( &operation2, output1, output1_length,
-                                   output2, output2_size,
-                                   &output2_length ) );
-    function_output_length = 0;
-    PSA_ASSERT( psa_cipher_finish( &operation2,
-                                   output2 + output2_length,
-                                   output2_size - output2_length,
-                                   &function_output_length ) );
-
-    output2_length += function_output_length;
-
-    PSA_ASSERT( psa_cipher_abort( &operation2 ) );
-
-    ASSERT_COMPARE( input->x, input->len, output2, output2_length );
-
-exit:
-    psa_cipher_abort( &operation1 );
-    psa_cipher_abort( &operation2 );
-    mbedtls_free( output1 );
-    mbedtls_free( output2 );
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_verify_output_multipart( int alg_arg,
-                                     int key_type_arg,
-                                     data_t *key_data,
-                                     data_t *input,
-                                     int first_part_size_arg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    size_t first_part_size = first_part_size_arg;
-    unsigned char iv[16] = {0};
-    size_t iv_size = 16;
-    size_t iv_length = 0;
-    unsigned char *output1 = NULL;
-    size_t output1_buffer_size = 0;
-    size_t output1_length = 0;
-    unsigned char *output2 = NULL;
-    size_t output2_buffer_size = 0;
-    size_t output2_length = 0;
-    size_t function_output_length;
-    psa_cipher_operation_t operation1 = PSA_CIPHER_OPERATION_INIT;
-    psa_cipher_operation_t operation2 = PSA_CIPHER_OPERATION_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, key, alg ) );
-    PSA_ASSERT( psa_cipher_decrypt_setup( &operation2, key, alg ) );
-
-    if( alg != PSA_ALG_ECB_NO_PADDING )
-    {
-        PSA_ASSERT( psa_cipher_generate_iv( &operation1,
-                                            iv, iv_size,
-                                            &iv_length ) );
-    }
-
-    output1_buffer_size = ( (size_t) input->len +
-                            PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
-    ASSERT_ALLOC( output1, output1_buffer_size );
-
-    TEST_ASSERT( first_part_size <= input->len );
-
-    PSA_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size,
-                                   output1, output1_buffer_size,
-                                   &function_output_length ) );
-    output1_length += function_output_length;
-
-    PSA_ASSERT( psa_cipher_update( &operation1,
-                                   input->x + first_part_size,
-                                   input->len - first_part_size,
-                                   output1, output1_buffer_size,
-                                   &function_output_length ) );
-    output1_length += function_output_length;
-
-    PSA_ASSERT( psa_cipher_finish( &operation1,
-                                   output1 + output1_length,
-                                   output1_buffer_size - output1_length,
-                                   &function_output_length ) );
-    output1_length += function_output_length;
-
-    PSA_ASSERT( psa_cipher_abort( &operation1 ) );
-
-    output2_buffer_size = output1_length;
-    ASSERT_ALLOC( output2, output2_buffer_size );
-
-    if( iv_length > 0 )
-    {
-        PSA_ASSERT( psa_cipher_set_iv( &operation2,
-                                       iv, iv_length ) );
-    }
-
-    PSA_ASSERT( psa_cipher_update( &operation2, output1, first_part_size,
-                                   output2, output2_buffer_size,
-                                   &function_output_length ) );
-    output2_length += function_output_length;
-
-    PSA_ASSERT( psa_cipher_update( &operation2,
-                                   output1 + first_part_size,
-                                   output1_length - first_part_size,
-                                   output2, output2_buffer_size,
-                                   &function_output_length ) );
-    output2_length += function_output_length;
-
-    PSA_ASSERT( psa_cipher_finish( &operation2,
-                                   output2 + output2_length,
-                                   output2_buffer_size - output2_length,
-                                   &function_output_length ) );
-    output2_length += function_output_length;
-
-    PSA_ASSERT( psa_cipher_abort( &operation2 ) );
-
-    ASSERT_COMPARE( input->x, input->len, output2, output2_length );
-
-exit:
-    psa_cipher_abort( &operation1 );
-    psa_cipher_abort( &operation2 );
-    mbedtls_free( output1 );
-    mbedtls_free( output2 );
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void aead_encrypt_decrypt( int key_type_arg, data_t *key_data,
-                           int alg_arg,
-                           data_t *nonce,
-                           data_t *additional_data,
-                           data_t *input_data,
-                           int expected_result_arg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    unsigned char *output_data = NULL;
-    size_t output_size = 0;
-    size_t output_length = 0;
-    unsigned char *output_data2 = NULL;
-    size_t output_length2 = 0;
-    size_t tag_length = PSA_AEAD_TAG_LENGTH( alg );
-    psa_status_t expected_result = expected_result_arg;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    output_size = input_data->len + tag_length;
-    /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE
-     * should be exact. */
-    if( expected_result != PSA_ERROR_INVALID_ARGUMENT )
-        TEST_EQUAL( output_size,
-                    PSA_AEAD_ENCRYPT_OUTPUT_SIZE( alg, input_data->len ) );
-    ASSERT_ALLOC( output_data, output_size );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    TEST_EQUAL( psa_aead_encrypt( key, alg,
-                                  nonce->x, nonce->len,
-                                  additional_data->x,
-                                  additional_data->len,
-                                  input_data->x, input_data->len,
-                                  output_data, output_size,
-                                  &output_length ),
-                expected_result );
-
-    if( PSA_SUCCESS == expected_result )
-    {
-        ASSERT_ALLOC( output_data2, output_length );
-
-        /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE
-         * should be exact. */
-        TEST_EQUAL( input_data->len,
-                    PSA_AEAD_DECRYPT_OUTPUT_SIZE( alg, output_length ) );
-
-        TEST_EQUAL( psa_aead_decrypt( key, alg,
-                                      nonce->x, nonce->len,
-                                      additional_data->x,
-                                      additional_data->len,
-                                      output_data, output_length,
-                                      output_data2, output_length,
-                                      &output_length2 ),
-                    expected_result );
-
-        ASSERT_COMPARE( input_data->x, input_data->len,
-                        output_data2, output_length2 );
-    }
-
-exit:
-    psa_destroy_key( key );
-    mbedtls_free( output_data );
-    mbedtls_free( output_data2 );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void aead_encrypt( int key_type_arg, data_t *key_data,
-                   int alg_arg,
-                   data_t *nonce,
-                   data_t *additional_data,
-                   data_t *input_data,
-                   data_t *expected_result )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    unsigned char *output_data = NULL;
-    size_t output_size = 0;
-    size_t output_length = 0;
-    size_t tag_length = PSA_AEAD_TAG_LENGTH( alg );
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    output_size = input_data->len + tag_length;
-    /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE
-     * should be exact. */
-    TEST_EQUAL( output_size,
-                PSA_AEAD_ENCRYPT_OUTPUT_SIZE( alg, input_data->len ) );
-    ASSERT_ALLOC( output_data, output_size );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT  );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    PSA_ASSERT( psa_aead_encrypt( key, alg,
-                                  nonce->x, nonce->len,
-                                  additional_data->x, additional_data->len,
-                                  input_data->x, input_data->len,
-                                  output_data, output_size,
-                                  &output_length ) );
-
-    ASSERT_COMPARE( expected_result->x, expected_result->len,
-                    output_data, output_length );
-
-exit:
-    psa_destroy_key( key );
-    mbedtls_free( output_data );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void aead_decrypt( int key_type_arg, data_t *key_data,
-                   int alg_arg,
-                   data_t *nonce,
-                   data_t *additional_data,
-                   data_t *input_data,
-                   data_t *expected_data,
-                   int expected_result_arg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    unsigned char *output_data = NULL;
-    size_t output_size = 0;
-    size_t output_length = 0;
-    size_t tag_length = PSA_AEAD_TAG_LENGTH( alg );
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_status_t expected_result = expected_result_arg;
-
-    output_size = input_data->len - tag_length;
-    /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE
-     * should be exact. */
-    if( expected_result != PSA_ERROR_INVALID_ARGUMENT )
-        TEST_EQUAL( output_size,
-                    PSA_AEAD_DECRYPT_OUTPUT_SIZE( alg, input_data->len ) );
-    ASSERT_ALLOC( output_data, output_size );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT  );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    TEST_EQUAL( psa_aead_decrypt( key, alg,
-                                  nonce->x, nonce->len,
-                                  additional_data->x,
-                                  additional_data->len,
-                                  input_data->x, input_data->len,
-                                  output_data, output_size,
-                                  &output_length ),
-                expected_result );
-
-    if( expected_result == PSA_SUCCESS )
-        ASSERT_COMPARE( expected_data->x, expected_data->len,
-                        output_data, output_length );
-
-exit:
-    psa_destroy_key( key );
-    mbedtls_free( output_data );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void signature_size( int type_arg,
-                     int bits,
-                     int alg_arg,
-                     int expected_size_arg )
-{
-    psa_key_type_t type = type_arg;
-    psa_algorithm_t alg = alg_arg;
-    size_t actual_size = PSA_SIGN_OUTPUT_SIZE( type, bits, alg );
-
-    TEST_EQUAL( actual_size, (size_t) expected_size_arg );
-#if defined(MBEDTLS_TEST_DEPRECATED)
-    TEST_EQUAL( actual_size,
-                PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( type, bits, alg ) );
-#endif /* MBEDTLS_TEST_DEPRECATED */
-
-exit:
-    ;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void sign_deterministic( int key_type_arg, data_t *key_data,
-                         int alg_arg, data_t *input_data,
-                         data_t *output_data )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    size_t key_bits;
-    unsigned char *signature = NULL;
-    size_t signature_size;
-    size_t signature_length = 0xdeadbeef;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-    PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
-    key_bits = psa_get_key_bits( &attributes );
-
-    /* Allocate a buffer which has the size advertized by the
-     * library. */
-    signature_size = PSA_SIGN_OUTPUT_SIZE( key_type,
-                                                      key_bits, alg );
-    TEST_ASSERT( signature_size != 0 );
-    TEST_ASSERT( signature_size <= PSA_SIGNATURE_MAX_SIZE );
-    ASSERT_ALLOC( signature, signature_size );
-
-    /* Perform the signature. */
-    PSA_ASSERT( psa_sign_hash( key, alg,
-                               input_data->x, input_data->len,
-                               signature, signature_size,
-                               &signature_length ) );
-    /* Verify that the signature is what is expected. */
-    ASSERT_COMPARE( output_data->x, output_data->len,
-                    signature, signature_length );
-
-#if defined(MBEDTLS_TEST_DEPRECATED)
-    memset( signature, 0, signature_size );
-    signature_length = INVALID_EXPORT_LENGTH;
-    PSA_ASSERT( psa_asymmetric_sign( key, alg,
-                                     input_data->x, input_data->len,
-                                     signature, signature_size,
-                                     &signature_length ) );
-    ASSERT_COMPARE( output_data->x, output_data->len,
-                    signature, signature_length );
-#endif /* MBEDTLS_TEST_DEPRECATED */
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    psa_destroy_key( key );
-    mbedtls_free( signature );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void sign_fail( int key_type_arg, data_t *key_data,
-                int alg_arg, data_t *input_data,
-                int signature_size_arg, int expected_status_arg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    size_t signature_size = signature_size_arg;
-    psa_status_t actual_status;
-    psa_status_t expected_status = expected_status_arg;
-    unsigned char *signature = NULL;
-    size_t signature_length = 0xdeadbeef;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    ASSERT_ALLOC( signature, signature_size );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    actual_status = psa_sign_hash( key, alg,
-                                   input_data->x, input_data->len,
-                                   signature, signature_size,
-                                   &signature_length );
-    TEST_EQUAL( actual_status, expected_status );
-    /* The value of *signature_length is unspecified on error, but
-     * whatever it is, it should be less than signature_size, so that
-     * if the caller tries to read *signature_length bytes without
-     * checking the error code then they don't overflow a buffer. */
-    TEST_ASSERT( signature_length <= signature_size );
-
-#if defined(MBEDTLS_TEST_DEPRECATED)
-    signature_length = INVALID_EXPORT_LENGTH;
-    TEST_EQUAL( psa_asymmetric_sign( key, alg,
-                                     input_data->x, input_data->len,
-                                     signature, signature_size,
-                                     &signature_length ),
-                expected_status );
-    TEST_ASSERT( signature_length <= signature_size );
-#endif /* MBEDTLS_TEST_DEPRECATED */
-
-exit:
-    psa_reset_key_attributes( &attributes );
-    psa_destroy_key( key );
-    mbedtls_free( signature );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void sign_verify( int key_type_arg, data_t *key_data,
-                  int alg_arg, data_t *input_data )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    size_t key_bits;
-    unsigned char *signature = NULL;
-    size_t signature_size;
-    size_t signature_length = 0xdeadbeef;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-    PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
-    key_bits = psa_get_key_bits( &attributes );
-
-    /* Allocate a buffer which has the size advertized by the
-     * library. */
-    signature_size = PSA_SIGN_OUTPUT_SIZE( key_type,
-                                                      key_bits, alg );
-    TEST_ASSERT( signature_size != 0 );
-    TEST_ASSERT( signature_size <= PSA_SIGNATURE_MAX_SIZE );
-    ASSERT_ALLOC( signature, signature_size );
-
-    /* Perform the signature. */
-    PSA_ASSERT( psa_sign_hash( key, alg,
-                               input_data->x, input_data->len,
-                               signature, signature_size,
-                               &signature_length ) );
-    /* Check that the signature length looks sensible. */
-    TEST_ASSERT( signature_length <= signature_size );
-    TEST_ASSERT( signature_length > 0 );
-
-    /* Use the library to verify that the signature is correct. */
-    PSA_ASSERT( psa_verify_hash( key, alg,
-                                 input_data->x, input_data->len,
-                                 signature, signature_length ) );
-
-    if( input_data->len != 0 )
-    {
-        /* Flip a bit in the input and verify that the signature is now
-         * detected as invalid. Flip a bit at the beginning, not at the end,
-         * because ECDSA may ignore the last few bits of the input. */
-        input_data->x[0] ^= 1;
-        TEST_EQUAL( psa_verify_hash( key, alg,
-                                     input_data->x, input_data->len,
-                                     signature, signature_length ),
-                    PSA_ERROR_INVALID_SIGNATURE );
-    }
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    psa_destroy_key( key );
-    mbedtls_free( signature );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void asymmetric_verify( int key_type_arg, data_t *key_data,
-                        int alg_arg, data_t *hash_data,
-                        data_t *signature_data )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    TEST_ASSERT( signature_data->len <= PSA_SIGNATURE_MAX_SIZE );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    PSA_ASSERT( psa_verify_hash( key, alg,
-                                 hash_data->x, hash_data->len,
-                                 signature_data->x, signature_data->len ) );
-
-#if defined(MBEDTLS_TEST_DEPRECATED)
-    PSA_ASSERT( psa_asymmetric_verify( key, alg,
-                                       hash_data->x, hash_data->len,
-                                       signature_data->x,
-                                       signature_data->len ) );
-
-#endif /* MBEDTLS_TEST_DEPRECATED */
-
-exit:
-    psa_reset_key_attributes( &attributes );
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
-                             int alg_arg, data_t *hash_data,
-                             data_t *signature_data,
-                             int expected_status_arg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_status_t actual_status;
-    psa_status_t expected_status = expected_status_arg;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    actual_status = psa_verify_hash( key, alg,
-                                     hash_data->x, hash_data->len,
-                                     signature_data->x, signature_data->len );
-    TEST_EQUAL( actual_status, expected_status );
-
-#if defined(MBEDTLS_TEST_DEPRECATED)
-    TEST_EQUAL( psa_asymmetric_verify( key, alg,
-                                       hash_data->x, hash_data->len,
-                                       signature_data->x, signature_data->len ),
-                expected_status );
-#endif /* MBEDTLS_TEST_DEPRECATED */
-
-exit:
-    psa_reset_key_attributes( &attributes );
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void asymmetric_encrypt( int key_type_arg,
-                         data_t *key_data,
-                         int alg_arg,
-                         data_t *input_data,
-                         data_t *label,
-                         int expected_output_length_arg,
-                         int expected_status_arg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    size_t expected_output_length = expected_output_length_arg;
-    size_t key_bits;
-    unsigned char *output = NULL;
-    size_t output_size;
-    size_t output_length = ~0;
-    psa_status_t actual_status;
-    psa_status_t expected_status = expected_status_arg;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    /* Import the key */
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    /* Determine the maximum output length */
-    PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
-    key_bits = psa_get_key_bits( &attributes );
-    output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
-    ASSERT_ALLOC( output, output_size );
-
-    /* Encrypt the input */
-    actual_status = psa_asymmetric_encrypt( key, alg,
-                                            input_data->x, input_data->len,
-                                            label->x, label->len,
-                                            output, output_size,
-                                            &output_length );
-    TEST_EQUAL( actual_status, expected_status );
-    TEST_EQUAL( output_length, expected_output_length );
-
-    /* If the label is empty, the test framework puts a non-null pointer
-     * in label->x. Test that a null pointer works as well. */
-    if( label->len == 0 )
-    {
-        output_length = ~0;
-        if( output_size != 0 )
-            memset( output, 0, output_size );
-        actual_status = psa_asymmetric_encrypt( key, alg,
-                                                input_data->x, input_data->len,
-                                                NULL, label->len,
-                                                output, output_size,
-                                                &output_length );
-        TEST_EQUAL( actual_status, expected_status );
-        TEST_EQUAL( output_length, expected_output_length );
-    }
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    psa_destroy_key( key );
-    mbedtls_free( output );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void asymmetric_encrypt_decrypt( int key_type_arg,
-                                 data_t *key_data,
-                                 int alg_arg,
-                                 data_t *input_data,
-                                 data_t *label )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    size_t key_bits;
-    unsigned char *output = NULL;
-    size_t output_size;
-    size_t output_length = ~0;
-    unsigned char *output2 = NULL;
-    size_t output2_size;
-    size_t output2_length = ~0;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    /* Determine the maximum ciphertext length */
-    PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
-    key_bits = psa_get_key_bits( &attributes );
-    output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
-    ASSERT_ALLOC( output, output_size );
-    output2_size = input_data->len;
-    ASSERT_ALLOC( output2, output2_size );
-
-    /* We test encryption by checking that encrypt-then-decrypt gives back
-     * the original plaintext because of the non-optional random
-     * part of encryption process which prevents using fixed vectors. */
-    PSA_ASSERT( psa_asymmetric_encrypt( key, alg,
-                                        input_data->x, input_data->len,
-                                        label->x, label->len,
-                                        output, output_size,
-                                        &output_length ) );
-    /* We don't know what ciphertext length to expect, but check that
-     * it looks sensible. */
-    TEST_ASSERT( output_length <= output_size );
-
-    PSA_ASSERT( psa_asymmetric_decrypt( key, alg,
-                                        output, output_length,
-                                        label->x, label->len,
-                                        output2, output2_size,
-                                        &output2_length ) );
-    ASSERT_COMPARE( input_data->x, input_data->len,
-                    output2, output2_length );
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    psa_destroy_key( key );
-    mbedtls_free( output );
-    mbedtls_free( output2 );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void asymmetric_decrypt( int key_type_arg,
-                         data_t *key_data,
-                         int alg_arg,
-                         data_t *input_data,
-                         data_t *label,
-                         data_t *expected_data )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    unsigned char *output = NULL;
-    size_t output_size = 0;
-    size_t output_length = ~0;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    output_size = expected_data->len;
-    ASSERT_ALLOC( output, output_size );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    PSA_ASSERT( psa_asymmetric_decrypt( key, alg,
-                                        input_data->x, input_data->len,
-                                        label->x, label->len,
-                                        output,
-                                        output_size,
-                                        &output_length ) );
-    ASSERT_COMPARE( expected_data->x, expected_data->len,
-                    output, output_length );
-
-    /* If the label is empty, the test framework puts a non-null pointer
-     * in label->x. Test that a null pointer works as well. */
-    if( label->len == 0 )
-    {
-        output_length = ~0;
-        if( output_size != 0 )
-            memset( output, 0, output_size );
-        PSA_ASSERT( psa_asymmetric_decrypt( key, alg,
-                                            input_data->x, input_data->len,
-                                            NULL, label->len,
-                                            output,
-                                            output_size,
-                                            &output_length ) );
-        ASSERT_COMPARE( expected_data->x, expected_data->len,
-                        output, output_length );
-    }
-
-exit:
-    psa_reset_key_attributes( &attributes );
-    psa_destroy_key( key );
-    mbedtls_free( output );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void asymmetric_decrypt_fail( int key_type_arg,
-                              data_t *key_data,
-                              int alg_arg,
-                              data_t *input_data,
-                              data_t *label,
-                              int output_size_arg,
-                              int expected_status_arg  )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    unsigned char *output = NULL;
-    size_t output_size = output_size_arg;
-    size_t output_length = ~0;
-    psa_status_t actual_status;
-    psa_status_t expected_status = expected_status_arg;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    ASSERT_ALLOC( output, output_size );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    actual_status = psa_asymmetric_decrypt( key, alg,
-                                            input_data->x, input_data->len,
-                                            label->x, label->len,
-                                            output, output_size,
-                                            &output_length );
-    TEST_EQUAL( actual_status, expected_status );
-    TEST_ASSERT( output_length <= output_size );
-
-    /* If the label is empty, the test framework puts a non-null pointer
-     * in label->x. Test that a null pointer works as well. */
-    if( label->len == 0 )
-    {
-        output_length = ~0;
-        if( output_size != 0 )
-            memset( output, 0, output_size );
-        actual_status = psa_asymmetric_decrypt( key, alg,
-                                                input_data->x, input_data->len,
-                                                NULL, label->len,
-                                                output, output_size,
-                                                &output_length );
-        TEST_EQUAL( actual_status, expected_status );
-        TEST_ASSERT( output_length <= output_size );
-    }
-
-exit:
-    psa_reset_key_attributes( &attributes );
-    psa_destroy_key( key );
-    mbedtls_free( output );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_derivation_init( )
-{
-    /* Test each valid way of initializing the object, except for `= {0}`, as
-     * Clang 5 complains when `-Wmissing-field-initializers` is used, even
-     * though it's OK by the C standard. We could test for this, but we'd need
-     * to supress the Clang warning for the test. */
-    size_t capacity;
-    psa_key_derivation_operation_t func = psa_key_derivation_operation_init( );
-    psa_key_derivation_operation_t init = PSA_KEY_DERIVATION_OPERATION_INIT;
-    psa_key_derivation_operation_t zero;
-
-    memset( &zero, 0, sizeof( zero ) );
-
-    /* A default operation should not be able to report its capacity. */
-    TEST_EQUAL( psa_key_derivation_get_capacity( &func, &capacity ),
-                PSA_ERROR_BAD_STATE );
-    TEST_EQUAL( psa_key_derivation_get_capacity( &init, &capacity ),
-                PSA_ERROR_BAD_STATE );
-    TEST_EQUAL( psa_key_derivation_get_capacity( &zero, &capacity ),
-                PSA_ERROR_BAD_STATE );
-
-    /* A default operation should be abortable without error. */
-    PSA_ASSERT( psa_key_derivation_abort(&func) );
-    PSA_ASSERT( psa_key_derivation_abort(&init) );
-    PSA_ASSERT( psa_key_derivation_abort(&zero) );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void derive_setup( int alg_arg, int expected_status_arg )
-{
-    psa_algorithm_t alg = alg_arg;
-    psa_status_t expected_status = expected_status_arg;
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    TEST_EQUAL( psa_key_derivation_setup( &operation, alg ),
-                expected_status );
-
-exit:
-    psa_key_derivation_abort( &operation );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void derive_set_capacity( int alg_arg, int capacity_arg,
-                          int expected_status_arg )
-{
-    psa_algorithm_t alg = alg_arg;
-    size_t capacity = capacity_arg;
-    psa_status_t expected_status = expected_status_arg;
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) );
-
-    TEST_EQUAL( psa_key_derivation_set_capacity( &operation, capacity ),
-                expected_status );
-
-exit:
-    psa_key_derivation_abort( &operation );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void derive_input( int alg_arg,
-                   int step_arg1, int key_type_arg1, data_t *input1,
-                   int expected_status_arg1,
-                   int step_arg2, int key_type_arg2, data_t *input2,
-                   int expected_status_arg2,
-                   int step_arg3, int key_type_arg3, data_t *input3,
-                   int expected_status_arg3,
-                   int output_key_type_arg, int expected_output_status_arg )
-{
-    psa_algorithm_t alg = alg_arg;
-    psa_key_derivation_step_t steps[] = {step_arg1, step_arg2, step_arg3};
-    psa_key_type_t key_types[] = {key_type_arg1, key_type_arg2, key_type_arg3};
-    psa_status_t expected_statuses[] = {expected_status_arg1,
-                                        expected_status_arg2,
-                                        expected_status_arg3};
-    data_t *inputs[] = {input1, input2, input3};
-    mbedtls_svc_key_id_t keys[] = { MBEDTLS_SVC_KEY_ID_INIT,
-                                    MBEDTLS_SVC_KEY_ID_INIT,
-                                    MBEDTLS_SVC_KEY_ID_INIT };
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    size_t i;
-    psa_key_type_t output_key_type = output_key_type_arg;
-    mbedtls_svc_key_id_t output_key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_status_t expected_output_status = expected_output_status_arg;
-    psa_status_t actual_output_status;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE );
-    psa_set_key_algorithm( &attributes, alg );
-
-    PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) );
-
-    for( i = 0; i < ARRAY_LENGTH( steps ); i++ )
-    {
-        if( key_types[i] != PSA_KEY_TYPE_NONE )
-        {
-            psa_set_key_type( &attributes, key_types[i] );
-            PSA_ASSERT( psa_import_key( &attributes,
-                                        inputs[i]->x, inputs[i]->len,
-                                        &keys[i] ) );
-            if( PSA_KEY_TYPE_IS_KEY_PAIR( key_types[i] ) &&
-                steps[i] == PSA_KEY_DERIVATION_INPUT_SECRET )
-            {
-                // When taking a private key as secret input, use key agreement
-                // to add the shared secret to the derivation
-                TEST_EQUAL( key_agreement_with_self( &operation, keys[i] ),
-                            expected_statuses[i] );
-            }
-            else
-            {
-                TEST_EQUAL( psa_key_derivation_input_key( &operation, steps[i],
-                                                          keys[i] ),
-                            expected_statuses[i] );
-            }
-        }
-        else
-        {
-            TEST_EQUAL( psa_key_derivation_input_bytes(
-                            &operation, steps[i],
-                            inputs[i]->x, inputs[i]->len ),
-                        expected_statuses[i] );
-        }
-    }
-
-    if( output_key_type != PSA_KEY_TYPE_NONE )
-    {
-        psa_reset_key_attributes( &attributes );
-        psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
-        psa_set_key_bits( &attributes, 8 );
-        actual_output_status =
-            psa_key_derivation_output_key( &attributes, &operation,
-                                           &output_key );
-    }
-    else
-    {
-        uint8_t buffer[1];
-        actual_output_status =
-            psa_key_derivation_output_bytes( &operation,
-                                             buffer, sizeof( buffer ) );
-    }
-    TEST_EQUAL( actual_output_status, expected_output_status );
-
-exit:
-    psa_key_derivation_abort( &operation );
-    for( i = 0; i < ARRAY_LENGTH( keys ); i++ )
-        psa_destroy_key( keys[i] );
-    psa_destroy_key( output_key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void test_derive_invalid_key_derivation_state( int alg_arg )
-{
-    psa_algorithm_t alg = alg_arg;
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    size_t key_type = PSA_KEY_TYPE_DERIVE;
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-    unsigned char input1[] = "Input 1";
-    size_t input1_length = sizeof( input1 );
-    unsigned char input2[] = "Input 2";
-    size_t input2_length = sizeof( input2 );
-    uint8_t buffer[42];
-    size_t capacity = sizeof( buffer );
-    const uint8_t key_data[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
-                                   0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
-                                   0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b};
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes,
-                                key_data, sizeof( key_data ),
-                                &key ) );
-
-    /* valid key derivation */
-    if( !setup_key_derivation_wrap( &operation, key, alg,
-                                    input1, input1_length,
-                                    input2, input2_length,
-                                    capacity ) )
-        goto exit;
-
-    /* state of operation shouldn't allow additional generation */
-    TEST_EQUAL(  psa_key_derivation_setup( &operation, alg ),
-                 PSA_ERROR_BAD_STATE );
-
-    PSA_ASSERT( psa_key_derivation_output_bytes( &operation, buffer, capacity ) );
-
-    TEST_EQUAL( psa_key_derivation_output_bytes( &operation, buffer, capacity ),
-                PSA_ERROR_INSUFFICIENT_DATA );
-
-exit:
-    psa_key_derivation_abort( &operation );
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void test_derive_invalid_key_derivation_tests( )
-{
-    uint8_t output_buffer[16];
-    size_t buffer_size = 16;
-    size_t capacity = 0;
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-
-    TEST_ASSERT( psa_key_derivation_output_bytes( &operation,
-                                                  output_buffer, buffer_size )
-                 == PSA_ERROR_BAD_STATE );
-
-    TEST_ASSERT( psa_key_derivation_get_capacity( &operation, &capacity )
-                 == PSA_ERROR_BAD_STATE );
-
-    PSA_ASSERT( psa_key_derivation_abort( &operation ) );
-
-    TEST_ASSERT( psa_key_derivation_output_bytes( &operation,
-                                                  output_buffer, buffer_size )
-                 == PSA_ERROR_BAD_STATE );
-
-    TEST_ASSERT( psa_key_derivation_get_capacity( &operation, &capacity )
-                 == PSA_ERROR_BAD_STATE );
-
-exit:
-    psa_key_derivation_abort( &operation );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void derive_output( int alg_arg,
-                    int step1_arg, data_t *input1,
-                    int step2_arg, data_t *input2,
-                    int step3_arg, data_t *input3,
-                    int requested_capacity_arg,
-                    data_t *expected_output1,
-                    data_t *expected_output2 )
-{
-    psa_algorithm_t alg = alg_arg;
-    psa_key_derivation_step_t steps[] = {step1_arg, step2_arg, step3_arg};
-    data_t *inputs[] = {input1, input2, input3};
-    mbedtls_svc_key_id_t keys[] = { MBEDTLS_SVC_KEY_ID_INIT,
-                                    MBEDTLS_SVC_KEY_ID_INIT,
-                                    MBEDTLS_SVC_KEY_ID_INIT };
-    size_t requested_capacity = requested_capacity_arg;
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-    uint8_t *expected_outputs[2] =
-        {expected_output1->x, expected_output2->x};
-    size_t output_sizes[2] =
-        {expected_output1->len, expected_output2->len};
-    size_t output_buffer_size = 0;
-    uint8_t *output_buffer = NULL;
-    size_t expected_capacity;
-    size_t current_capacity;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_status_t status;
-    size_t i;
-
-    for( i = 0; i < ARRAY_LENGTH( expected_outputs ); i++ )
-    {
-        if( output_sizes[i] > output_buffer_size )
-            output_buffer_size = output_sizes[i];
-        if( output_sizes[i] == 0 )
-            expected_outputs[i] = NULL;
-    }
-    ASSERT_ALLOC( output_buffer, output_buffer_size );
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE );
-
-    /* Extraction phase. */
-    PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) );
-    PSA_ASSERT( psa_key_derivation_set_capacity( &operation,
-                                                 requested_capacity ) );
-    for( i = 0; i < ARRAY_LENGTH( steps ); i++ )
-    {
-        switch( steps[i] )
-        {
-            case 0:
-                break;
-            case PSA_KEY_DERIVATION_INPUT_SECRET:
-                PSA_ASSERT( psa_import_key( &attributes,
-                                            inputs[i]->x, inputs[i]->len,
-                                            &keys[i] ) );
-                PSA_ASSERT( psa_key_derivation_input_key(
-                                &operation, steps[i], keys[i] ) );
-                break;
-            default:
-                PSA_ASSERT( psa_key_derivation_input_bytes(
-                                &operation, steps[i],
-                                inputs[i]->x, inputs[i]->len ) );
-                break;
-        }
-    }
-
-    PSA_ASSERT( psa_key_derivation_get_capacity( &operation,
-                                                 &current_capacity ) );
-    TEST_EQUAL( current_capacity, requested_capacity );
-    expected_capacity = requested_capacity;
-
-    /* Expansion phase. */
-    for( i = 0; i < ARRAY_LENGTH( expected_outputs ); i++ )
-    {
-        /* Read some bytes. */
-        status = psa_key_derivation_output_bytes( &operation,
-                                                  output_buffer, output_sizes[i] );
-        if( expected_capacity == 0 && output_sizes[i] == 0 )
-        {
-            /* Reading 0 bytes when 0 bytes are available can go either way. */
-            TEST_ASSERT( status == PSA_SUCCESS ||
-                         status == PSA_ERROR_INSUFFICIENT_DATA );
-            continue;
-        }
-        else if( expected_capacity == 0 ||
-                 output_sizes[i] > expected_capacity )
-        {
-            /* Capacity exceeded. */
-            TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_DATA );
-            expected_capacity = 0;
-            continue;
-        }
-        /* Success. Check the read data. */
-        PSA_ASSERT( status );
-        if( output_sizes[i] != 0 )
-            ASSERT_COMPARE( output_buffer, output_sizes[i],
-                            expected_outputs[i], output_sizes[i] );
-        /* Check the operation status. */
-        expected_capacity -= output_sizes[i];
-        PSA_ASSERT( psa_key_derivation_get_capacity( &operation,
-                                                     &current_capacity ) );
-        TEST_EQUAL( expected_capacity, current_capacity );
-    }
-    PSA_ASSERT( psa_key_derivation_abort( &operation ) );
-
-exit:
-    mbedtls_free( output_buffer );
-    psa_key_derivation_abort( &operation );
-    for( i = 0; i < ARRAY_LENGTH( keys ); i++ )
-        psa_destroy_key( keys[i] );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void derive_full( int alg_arg,
-                  data_t *key_data,
-                  data_t *input1,
-                  data_t *input2,
-                  int requested_capacity_arg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_algorithm_t alg = alg_arg;
-    size_t requested_capacity = requested_capacity_arg;
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-    unsigned char output_buffer[16];
-    size_t expected_capacity = requested_capacity;
-    size_t current_capacity;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    if( !setup_key_derivation_wrap( &operation, key, alg,
-                                    input1->x, input1->len,
-                                    input2->x, input2->len,
-                                    requested_capacity ) )
-        goto exit;
-
-    PSA_ASSERT( psa_key_derivation_get_capacity( &operation,
-                                                 &current_capacity ) );
-    TEST_EQUAL( current_capacity, expected_capacity );
-
-    /* Expansion phase. */
-    while( current_capacity > 0 )
-    {
-        size_t read_size = sizeof( output_buffer );
-        if( read_size > current_capacity )
-            read_size = current_capacity;
-        PSA_ASSERT( psa_key_derivation_output_bytes( &operation,
-                                                     output_buffer,
-                                                     read_size ) );
-        expected_capacity -= read_size;
-        PSA_ASSERT( psa_key_derivation_get_capacity( &operation,
-                                                     &current_capacity ) );
-        TEST_EQUAL( current_capacity, expected_capacity );
-    }
-
-    /* Check that the operation refuses to go over capacity. */
-    TEST_EQUAL( psa_key_derivation_output_bytes( &operation, output_buffer, 1 ),
-                PSA_ERROR_INSUFFICIENT_DATA );
-
-    PSA_ASSERT( psa_key_derivation_abort( &operation ) );
-
-exit:
-    psa_key_derivation_abort( &operation );
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void derive_key_exercise( int alg_arg,
-                          data_t *key_data,
-                          data_t *input1,
-                          data_t *input2,
-                          int derived_type_arg,
-                          int derived_bits_arg,
-                          int derived_usage_arg,
-                          int derived_alg_arg )
-{
-    mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT;
-    mbedtls_svc_key_id_t derived_key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_algorithm_t alg = alg_arg;
-    psa_key_type_t derived_type = derived_type_arg;
-    size_t derived_bits = derived_bits_arg;
-    psa_key_usage_t derived_usage = derived_usage_arg;
-    psa_algorithm_t derived_alg = derived_alg_arg;
-    size_t capacity = PSA_BITS_TO_BYTES( derived_bits );
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE );
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &base_key ) );
-
-    /* Derive a key. */
-    if ( setup_key_derivation_wrap( &operation, base_key, alg,
-                                    input1->x, input1->len,
-                                    input2->x, input2->len, capacity ) )
-        goto exit;
-
-    psa_set_key_usage_flags( &attributes, derived_usage );
-    psa_set_key_algorithm( &attributes, derived_alg );
-    psa_set_key_type( &attributes, derived_type );
-    psa_set_key_bits( &attributes, derived_bits );
-    PSA_ASSERT( psa_key_derivation_output_key( &attributes, &operation,
-                                               &derived_key ) );
-
-    /* Test the key information */
-    PSA_ASSERT( psa_get_key_attributes( derived_key, &got_attributes ) );
-    TEST_EQUAL( psa_get_key_type( &got_attributes ), derived_type );
-    TEST_EQUAL( psa_get_key_bits( &got_attributes ), derived_bits );
-
-    /* Exercise the derived key. */
-    if( ! exercise_key( derived_key, derived_usage, derived_alg ) )
-        goto exit;
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &got_attributes );
-
-    psa_key_derivation_abort( &operation );
-    psa_destroy_key( base_key );
-    psa_destroy_key( derived_key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void derive_key_export( int alg_arg,
-                        data_t *key_data,
-                        data_t *input1,
-                        data_t *input2,
-                        int bytes1_arg,
-                        int bytes2_arg )
-{
-    mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT;
-    mbedtls_svc_key_id_t derived_key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_algorithm_t alg = alg_arg;
-    size_t bytes1 = bytes1_arg;
-    size_t bytes2 = bytes2_arg;
-    size_t capacity = bytes1 + bytes2;
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-    uint8_t *output_buffer = NULL;
-    uint8_t *export_buffer = NULL;
-    psa_key_attributes_t base_attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_attributes_t derived_attributes = PSA_KEY_ATTRIBUTES_INIT;
-    size_t length;
-
-    ASSERT_ALLOC( output_buffer, capacity );
-    ASSERT_ALLOC( export_buffer, capacity );
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &base_attributes, PSA_KEY_USAGE_DERIVE );
-    psa_set_key_algorithm( &base_attributes, alg );
-    psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE );
-    PSA_ASSERT( psa_import_key( &base_attributes, key_data->x, key_data->len,
-                                &base_key ) );
-
-    /* Derive some material and output it. */
-    if( !setup_key_derivation_wrap( &operation, base_key, alg,
-                                    input1->x, input1->len,
-                                    input2->x, input2->len, capacity ) )
-        goto exit;
-
-    PSA_ASSERT( psa_key_derivation_output_bytes( &operation,
-                                                 output_buffer,
-                                                 capacity ) );
-    PSA_ASSERT( psa_key_derivation_abort( &operation ) );
-
-    /* Derive the same output again, but this time store it in key objects. */
-    if( !setup_key_derivation_wrap( &operation, base_key, alg,
-                                    input1->x, input1->len,
-                                    input2->x, input2->len, capacity ) )
-        goto exit;
-
-    psa_set_key_usage_flags( &derived_attributes, PSA_KEY_USAGE_EXPORT );
-    psa_set_key_algorithm( &derived_attributes, 0 );
-    psa_set_key_type( &derived_attributes, PSA_KEY_TYPE_RAW_DATA );
-    psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes1 ) );
-    PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &operation,
-                                               &derived_key ) );
-    PSA_ASSERT( psa_export_key( derived_key,
-                                export_buffer, bytes1,
-                                &length ) );
-    TEST_EQUAL( length, bytes1 );
-    PSA_ASSERT( psa_destroy_key( derived_key ) );
-    psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes2 ) );
-    PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &operation,
-                                               &derived_key ) );
-    PSA_ASSERT( psa_export_key( derived_key,
-                                export_buffer + bytes1, bytes2,
-                                &length ) );
-    TEST_EQUAL( length, bytes2 );
-
-    /* Compare the outputs from the two runs. */
-    ASSERT_COMPARE( output_buffer, bytes1 + bytes2,
-                    export_buffer, capacity );
-
-exit:
-    mbedtls_free( output_buffer );
-    mbedtls_free( export_buffer );
-    psa_key_derivation_abort( &operation );
-    psa_destroy_key( base_key );
-    psa_destroy_key( derived_key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void derive_key( int alg_arg,
-                 data_t *key_data, data_t *input1, data_t *input2,
-                 int type_arg, int bits_arg,
-                 int expected_status_arg )
-{
-    mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT;
-    mbedtls_svc_key_id_t derived_key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_algorithm_t alg = alg_arg;
-    psa_key_type_t type = type_arg;
-    size_t bits = bits_arg;
-    psa_status_t expected_status = expected_status_arg;
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-    psa_key_attributes_t base_attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_attributes_t derived_attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &base_attributes, PSA_KEY_USAGE_DERIVE );
-    psa_set_key_algorithm( &base_attributes, alg );
-    psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE );
-    PSA_ASSERT( psa_import_key( &base_attributes, key_data->x, key_data->len,
-                                &base_key ) );
-
-    if( !setup_key_derivation_wrap( &operation, base_key, alg,
-                                    input1->x, input1->len,
-                                    input2->x, input2->len, SIZE_MAX ) )
-        goto exit;
-
-    psa_set_key_usage_flags( &derived_attributes, PSA_KEY_USAGE_EXPORT );
-    psa_set_key_algorithm( &derived_attributes, 0 );
-    psa_set_key_type( &derived_attributes, type );
-    psa_set_key_bits( &derived_attributes, bits );
-    TEST_EQUAL( psa_key_derivation_output_key( &derived_attributes, &operation,
-                                               &derived_key ),
-                expected_status );
-
-exit:
-    psa_key_derivation_abort( &operation );
-    psa_destroy_key( base_key );
-    psa_destroy_key( derived_key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_agreement_setup( int alg_arg,
-                          int our_key_type_arg, int our_key_alg_arg,
-                          data_t *our_key_data, data_t *peer_key_data,
-                          int expected_status_arg )
-{
-    mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_algorithm_t alg = alg_arg;
-    psa_algorithm_t our_key_alg = our_key_alg_arg;
-    psa_key_type_t our_key_type = our_key_type_arg;
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_status_t expected_status = expected_status_arg;
-    psa_status_t status;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE );
-    psa_set_key_algorithm( &attributes, our_key_alg );
-    psa_set_key_type( &attributes, our_key_type );
-    PSA_ASSERT( psa_import_key( &attributes,
-                                our_key_data->x, our_key_data->len,
-                                &our_key ) );
-
-    /* The tests currently include inputs that should fail at either step.
-     * Test cases that fail at the setup step should be changed to call
-     * key_derivation_setup instead, and this function should be renamed
-     * to key_agreement_fail. */
-    status = psa_key_derivation_setup( &operation, alg );
-    if( status == PSA_SUCCESS )
-    {
-        TEST_EQUAL( psa_key_derivation_key_agreement(
-                        &operation, PSA_KEY_DERIVATION_INPUT_SECRET,
-                        our_key,
-                        peer_key_data->x, peer_key_data->len ),
-                    expected_status );
-    }
-    else
-    {
-        TEST_ASSERT( status == expected_status );
-    }
-
-exit:
-    psa_key_derivation_abort( &operation );
-    psa_destroy_key( our_key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void raw_key_agreement( int alg_arg,
-                        int our_key_type_arg, data_t *our_key_data,
-                        data_t *peer_key_data,
-                        data_t *expected_output )
-{
-    mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_algorithm_t alg = alg_arg;
-    psa_key_type_t our_key_type = our_key_type_arg;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    unsigned char *output = NULL;
-    size_t output_length = ~0;
-
-    ASSERT_ALLOC( output, expected_output->len );
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, our_key_type );
-    PSA_ASSERT( psa_import_key( &attributes,
-                                our_key_data->x, our_key_data->len,
-                                &our_key ) );
-
-    PSA_ASSERT( psa_raw_key_agreement( alg, our_key,
-                                       peer_key_data->x, peer_key_data->len,
-                                       output, expected_output->len,
-                                       &output_length ) );
-    ASSERT_COMPARE( output, output_length,
-                    expected_output->x, expected_output->len );
-
-exit:
-    mbedtls_free( output );
-    psa_destroy_key( our_key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_agreement_capacity( int alg_arg,
-                             int our_key_type_arg, data_t *our_key_data,
-                             data_t *peer_key_data,
-                             int expected_capacity_arg )
-{
-    mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_algorithm_t alg = alg_arg;
-    psa_key_type_t our_key_type = our_key_type_arg;
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    size_t actual_capacity;
-    unsigned char output[16];
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, our_key_type );
-    PSA_ASSERT( psa_import_key( &attributes,
-                                our_key_data->x, our_key_data->len,
-                                &our_key ) );
-
-    PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) );
-    PSA_ASSERT( psa_key_derivation_key_agreement(
-                    &operation,
-                    PSA_KEY_DERIVATION_INPUT_SECRET, our_key,
-                    peer_key_data->x, peer_key_data->len ) );
-    if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) )
-    {
-        /* The test data is for info="" */
-        PSA_ASSERT( psa_key_derivation_input_bytes( &operation,
-                                                    PSA_KEY_DERIVATION_INPUT_INFO,
-                                                    NULL, 0 ) );
-    }
-
-    /* Test the advertized capacity. */
-    PSA_ASSERT( psa_key_derivation_get_capacity(
-                    &operation, &actual_capacity ) );
-    TEST_EQUAL( actual_capacity, (size_t) expected_capacity_arg );
-
-    /* Test the actual capacity by reading the output. */
-    while( actual_capacity > sizeof( output ) )
-    {
-        PSA_ASSERT( psa_key_derivation_output_bytes( &operation,
-                                                     output, sizeof( output ) ) );
-        actual_capacity -= sizeof( output );
-    }
-    PSA_ASSERT( psa_key_derivation_output_bytes( &operation,
-                                                 output, actual_capacity ) );
-    TEST_EQUAL( psa_key_derivation_output_bytes( &operation, output, 1 ),
-                PSA_ERROR_INSUFFICIENT_DATA );
-
-exit:
-    psa_key_derivation_abort( &operation );
-    psa_destroy_key( our_key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_agreement_output( int alg_arg,
-                           int our_key_type_arg, data_t *our_key_data,
-                           data_t *peer_key_data,
-                           data_t *expected_output1, data_t *expected_output2 )
-{
-    mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_algorithm_t alg = alg_arg;
-    psa_key_type_t our_key_type = our_key_type_arg;
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    uint8_t *actual_output = NULL;
-
-    ASSERT_ALLOC( actual_output, MAX( expected_output1->len,
-                                      expected_output2->len ) );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, our_key_type );
-    PSA_ASSERT( psa_import_key( &attributes,
-                                our_key_data->x, our_key_data->len,
-                                &our_key ) );
-
-    PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) );
-    PSA_ASSERT( psa_key_derivation_key_agreement(
-                    &operation,
-                    PSA_KEY_DERIVATION_INPUT_SECRET, our_key,
-                    peer_key_data->x, peer_key_data->len ) );
-    if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) )
-    {
-        /* The test data is for info="" */
-        PSA_ASSERT( psa_key_derivation_input_bytes( &operation,
-                                                    PSA_KEY_DERIVATION_INPUT_INFO,
-                                                    NULL, 0 ) );
-    }
-
-    PSA_ASSERT( psa_key_derivation_output_bytes( &operation,
-                                                 actual_output,
-                                                 expected_output1->len ) );
-    ASSERT_COMPARE( actual_output, expected_output1->len,
-                    expected_output1->x, expected_output1->len );
-    if( expected_output2->len != 0 )
-    {
-        PSA_ASSERT( psa_key_derivation_output_bytes( &operation,
-                                                     actual_output,
-                                                     expected_output2->len ) );
-        ASSERT_COMPARE( actual_output, expected_output2->len,
-                        expected_output2->x, expected_output2->len );
-    }
-
-exit:
-    psa_key_derivation_abort( &operation );
-    psa_destroy_key( our_key );
-    PSA_DONE( );
-    mbedtls_free( actual_output );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void generate_random( int bytes_arg )
-{
-    size_t bytes = bytes_arg;
-    const unsigned char trail[] = "don't overwrite me";
-    unsigned char *output = NULL;
-    unsigned char *changed = NULL;
-    size_t i;
-    unsigned run;
-
-    TEST_ASSERT( bytes_arg >= 0 );
-
-    ASSERT_ALLOC( output, bytes + sizeof( trail ) );
-    ASSERT_ALLOC( changed, bytes );
-    memcpy( output + bytes, trail, sizeof( trail ) );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    /* Run several times, to ensure that every output byte will be
-     * nonzero at least once with overwhelming probability
-     * (2^(-8*number_of_runs)). */
-    for( run = 0; run < 10; run++ )
-    {
-        if( bytes != 0 )
-            memset( output, 0, bytes );
-        PSA_ASSERT( psa_generate_random( output, bytes ) );
-
-        /* Check that no more than bytes have been overwritten */
-        ASSERT_COMPARE( output + bytes, sizeof( trail ),
-                        trail, sizeof( trail ) );
-
-        for( i = 0; i < bytes; i++ )
-        {
-            if( output[i] != 0 )
-                ++changed[i];
-        }
-    }
-
-    /* Check that every byte was changed to nonzero at least once. This
-     * validates that psa_generate_random is overwriting every byte of
-     * the output buffer. */
-    for( i = 0; i < bytes; i++ )
-    {
-        TEST_ASSERT( changed[i] != 0 );
-    }
-
-exit:
-    PSA_DONE( );
-    mbedtls_free( output );
-    mbedtls_free( changed );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void generate_key( int type_arg,
-                   int bits_arg,
-                   int usage_arg,
-                   int alg_arg,
-                   int expected_status_arg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t type = type_arg;
-    psa_key_usage_t usage = usage_arg;
-    size_t bits = bits_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_status_t expected_status = expected_status_arg;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, usage );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, type );
-    psa_set_key_bits( &attributes, bits );
-
-    /* Generate a key */
-    TEST_EQUAL( psa_generate_key( &attributes, &key ), expected_status );
-    if( expected_status != PSA_SUCCESS )
-        goto exit;
-
-    /* Test the key information */
-    PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) );
-    TEST_EQUAL( psa_get_key_type( &got_attributes ), type );
-    TEST_EQUAL( psa_get_key_bits( &got_attributes ), bits );
-
-    /* Do something with the key according to its type and permitted usage. */
-    if( ! exercise_key( key, usage, alg ) )
-        goto exit;
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &got_attributes );
-
-    psa_destroy_key( key );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 */
-void generate_key_rsa( int bits_arg,
-                       data_t *e_arg,
-                       int expected_status_arg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t type = PSA_KEY_TYPE_RSA_KEY_PAIR;
-    size_t bits = bits_arg;
-    psa_key_usage_t usage = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT;
-    psa_algorithm_t alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW;
-    psa_status_t expected_status = expected_status_arg;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    uint8_t *exported = NULL;
-    size_t exported_size =
-        PSA_KEY_EXPORT_MAX_SIZE( PSA_KEY_TYPE_RSA_PUBLIC_KEY, bits );
-    size_t exported_length = SIZE_MAX;
-    uint8_t *e_read_buffer = NULL;
-    int is_default_public_exponent = 0;
-    size_t e_read_size = PSA_KEY_DOMAIN_PARAMETERS_SIZE( type, bits );
-    size_t e_read_length = SIZE_MAX;
-
-    if( e_arg->len == 0 ||
-        ( e_arg->len == 3 &&
-          e_arg->x[0] == 1 && e_arg->x[1] == 0 && e_arg->x[2] == 1 ) )
-    {
-        is_default_public_exponent = 1;
-        e_read_size = 0;
-    }
-    ASSERT_ALLOC( e_read_buffer, e_read_size );
-    ASSERT_ALLOC( exported, exported_size );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, usage );
-    psa_set_key_algorithm( &attributes, alg );
-    PSA_ASSERT( psa_set_key_domain_parameters( &attributes, type,
-                                               e_arg->x, e_arg->len ) );
-    psa_set_key_bits( &attributes, bits );
-
-    /* Generate a key */
-    TEST_EQUAL( psa_generate_key( &attributes, &key ), expected_status );
-    if( expected_status != PSA_SUCCESS )
-        goto exit;
-
-    /* Test the key information */
-    PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
-    TEST_EQUAL( psa_get_key_type( &attributes ), type );
-    TEST_EQUAL( psa_get_key_bits( &attributes ), bits );
-    PSA_ASSERT( psa_get_key_domain_parameters( &attributes,
-                                               e_read_buffer, e_read_size,
-                                               &e_read_length ) );
-    if( is_default_public_exponent )
-        TEST_EQUAL( e_read_length, 0 );
-    else
-        ASSERT_COMPARE( e_read_buffer, e_read_length, e_arg->x, e_arg->len );
-
-    /* Do something with the key according to its type and permitted usage. */
-    if( ! exercise_key( key, usage, alg ) )
-        goto exit;
-
-    /* Export the key and check the public exponent. */
-    PSA_ASSERT( psa_export_public_key( key,
-                                       exported, exported_size,
-                                       &exported_length ) );
-    {
-        uint8_t *p = exported;
-        uint8_t *end = exported + exported_length;
-        size_t len;
-        /*   RSAPublicKey ::= SEQUENCE {
-         *      modulus            INTEGER,    -- n
-         *      publicExponent     INTEGER  }  -- e
-         */
-        TEST_EQUAL( 0, mbedtls_asn1_get_tag( &p, end, &len,
-                                             MBEDTLS_ASN1_SEQUENCE |
-                                             MBEDTLS_ASN1_CONSTRUCTED ) );
-        TEST_ASSERT( asn1_skip_integer( &p, end, bits, bits, 1 ) );
-        TEST_EQUAL( 0, mbedtls_asn1_get_tag( &p, end, &len,
-                                             MBEDTLS_ASN1_INTEGER ) );
-        if( len >= 1 && p[0] == 0 )
-        {
-            ++p;
-            --len;
-        }
-        if( e_arg->len == 0 )
-        {
-            TEST_EQUAL( len, 3 );
-            TEST_EQUAL( p[0], 1 );
-            TEST_EQUAL( p[1], 0 );
-            TEST_EQUAL( p[2], 1 );
-        }
-        else
-            ASSERT_COMPARE( p, len, e_arg->x, e_arg->len );
-    }
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes() or
-     * set by psa_set_key_domain_parameters() thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    psa_destroy_key( key );
-    PSA_DONE( );
-    mbedtls_free( e_read_buffer );
-    mbedtls_free( exported );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
-void persistent_key_load_key_from_storage( data_t *data,
-                                           int type_arg, int bits_arg,
-                                           int usage_flags_arg, int alg_arg,
-                                           int generation_method )
-{
-    mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 1 );
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t type = type_arg;
-    size_t bits = bits_arg;
-    psa_key_usage_t usage_flags = usage_flags_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
-    unsigned char *first_export = NULL;
-    unsigned char *second_export = NULL;
-    size_t export_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits );
-    size_t first_exported_length;
-    size_t second_exported_length;
-
-    if( usage_flags & PSA_KEY_USAGE_EXPORT )
-    {
-        ASSERT_ALLOC( first_export, export_size );
-        ASSERT_ALLOC( second_export, export_size );
-    }
-
-    PSA_ASSERT( psa_crypto_init() );
-
-    psa_set_key_id( &attributes, key_id );
-    psa_set_key_usage_flags( &attributes, usage_flags );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, type );
-    psa_set_key_bits( &attributes, bits );
-
-    switch( generation_method )
-    {
-        case IMPORT_KEY:
-            /* Import the key */
-            PSA_ASSERT( psa_import_key( &attributes, data->x, data->len,
-                                        &key ) );
-            break;
-
-        case GENERATE_KEY:
-            /* Generate a key */
-            PSA_ASSERT( psa_generate_key( &attributes, &key ) );
-            break;
-
-        case DERIVE_KEY:
-            {
-                /* Create base key */
-                psa_algorithm_t derive_alg = PSA_ALG_HKDF( PSA_ALG_SHA_256 );
-                psa_key_attributes_t base_attributes = PSA_KEY_ATTRIBUTES_INIT;
-                psa_set_key_usage_flags( &base_attributes,
-                                         PSA_KEY_USAGE_DERIVE );
-                psa_set_key_algorithm( &base_attributes, derive_alg );
-                psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE );
-                PSA_ASSERT( psa_import_key( &base_attributes,
-                                            data->x, data->len,
-                                            &base_key ) );
-                /* Derive a key. */
-                PSA_ASSERT( psa_key_derivation_setup( &operation, derive_alg ) );
-                PSA_ASSERT( psa_key_derivation_input_key(
-                                &operation,
-                                PSA_KEY_DERIVATION_INPUT_SECRET, base_key ) );
-                PSA_ASSERT( psa_key_derivation_input_bytes(
-                                &operation, PSA_KEY_DERIVATION_INPUT_INFO,
-                                NULL, 0 ) );
-                PSA_ASSERT( psa_key_derivation_output_key( &attributes,
-                                                           &operation,
-                                                           &key ) );
-                PSA_ASSERT( psa_key_derivation_abort( &operation ) );
-                PSA_ASSERT( psa_destroy_key( base_key ) );
-                base_key = MBEDTLS_SVC_KEY_ID_INIT;
-            }
-        break;
-    }
-    psa_reset_key_attributes( &attributes );
-
-    /* Export the key if permitted by the key policy. */
-    if( usage_flags & PSA_KEY_USAGE_EXPORT )
-    {
-        PSA_ASSERT( psa_export_key( key,
-                                    first_export, export_size,
-                                    &first_exported_length ) );
-        if( generation_method == IMPORT_KEY )
-            ASSERT_COMPARE( data->x, data->len,
-                            first_export, first_exported_length );
-    }
-
-    /* Shutdown and restart */
-    PSA_ASSERT( psa_purge_key( key ) );
-    PSA_DONE();
-    PSA_ASSERT( psa_crypto_init() );
-
-    /* Check key slot still contains key data */
-    PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
-    TEST_ASSERT( mbedtls_svc_key_id_equal(
-                     psa_get_key_id( &attributes ), key_id ) );
-    TEST_EQUAL( psa_get_key_lifetime( &attributes ),
-                PSA_KEY_LIFETIME_PERSISTENT );
-    TEST_EQUAL( psa_get_key_type( &attributes ), type );
-    TEST_EQUAL( psa_get_key_bits( &attributes ), bits );
-    TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
-    TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg );
-
-    /* Export the key again if permitted by the key policy. */
-    if( usage_flags & PSA_KEY_USAGE_EXPORT )
-    {
-        PSA_ASSERT( psa_export_key( key,
-                                    second_export, export_size,
-                                    &second_exported_length ) );
-        ASSERT_COMPARE( first_export, first_exported_length,
-                        second_export, second_exported_length );
-    }
-
-    /* Do something with the key according to its type and permitted usage. */
-    if( ! exercise_key( key, usage_flags, alg ) )
-        goto exit;
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    mbedtls_free( first_export );
-    mbedtls_free( second_export );
-    psa_key_derivation_abort( &operation );
-    psa_destroy_key( base_key );
-    psa_destroy_key( key );
-    PSA_DONE();
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_driver_wrappers.data
deleted file mode 100644
index 2b1400b..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_driver_wrappers.data
+++ /dev/null
@@ -1,187 +0,0 @@
-sign_hash through transparent driver: calculate in driver
-ecdsa_sign:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_SUCCESS
-
-sign_hash through transparent driver: fallback
-ecdsa_sign:PSA_ERROR_NOT_SUPPORTED:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_SUCCESS
-
-sign_hash through transparent driver: error
-ecdsa_sign:PSA_ERROR_GENERIC_ERROR:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_ERROR_GENERIC_ERROR
-
-sign_hash through transparent driver: fake
-ecdsa_sign:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"000102030405060708090A0B0C0D0E0F":1:PSA_SUCCESS
-
-verify_hash using private key through transparent driver: calculate in driver
-ecdsa_verify:PSA_SUCCESS:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS
-
-verify_hash using private key through transparent driver: fallback
-ecdsa_verify:PSA_ERROR_NOT_SUPPORTED:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS
-
-verify_hash using private key through transparent driver: error
-ecdsa_verify:PSA_ERROR_GENERIC_ERROR:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR
-
-verify_hash using public key through transparent driver: calculate in driver
-ecdsa_verify:PSA_SUCCESS:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS
-
-verify_hash using public key through transparent driver: fallback
-ecdsa_verify:PSA_ERROR_NOT_SUPPORTED:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS
-
-verify_hash using public key through transparent driver: error
-ecdsa_verify:PSA_ERROR_GENERIC_ERROR:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR
-
-generate_key through transparent driver: fake
-generate_key:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_SUCCESS
-
-generate_key through transparent driver: in-driver
-generate_key:PSA_SUCCESS:"":PSA_SUCCESS
-
-generate_key through transparent driver: fallback
-generate_key:PSA_ERROR_NOT_SUPPORTED:"":PSA_SUCCESS
-
-generate_key through transparent driver: error
-generate_key:PSA_ERROR_GENERIC_ERROR:"":PSA_ERROR_GENERIC_ERROR
-
-validate key through transparent driver: good private key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-validate_key:PSA_SUCCESS:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS
-
-validate key through transparent driver: good public key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-validate_key:PSA_SUCCESS:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS
-
-validate key through transparent driver: fallback private key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS
-
-validate key through transparent driver: fallback public key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS
-
-validate key through transparent driver: error
-validate_key:PSA_ERROR_GENERIC_ERROR:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ERROR_GENERIC_ERROR
-
-export_key private to public through driver: fake
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-export_key:PSA_SUCCESS:"0102030405":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"":PSA_SUCCESS
-
-export_key private to public through driver: in-driver
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-export_key:PSA_SUCCESS:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_SUCCESS
-
-export_key private to public through driver: fallback
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-export_key:PSA_ERROR_NOT_SUPPORTED:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_SUCCESS
-
-export_key private to public through driver: error
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-export_key:PSA_ERROR_GENERIC_ERROR:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"":PSA_ERROR_GENERIC_ERROR
-
-PSA symmetric encrypt: AES-CTR, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
-
-PSA symmetric encrypt: AES-CTR, 15 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS
-
-PSA symmetric encrypt: AES-CTR, 16 bytes, fallback
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
-
-PSA symmetric encrypt: AES-CTR, 15 bytes, fallback
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
-
-PSA symmetric encrypt: AES-CTR, 16 bytes, fake
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
-
-PSA symmetric encrypt: AES-CTR, 15 bytes, fake
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
-
-PSA symmetric decrypt: AES-CTR, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_SUCCESS:PSA_SUCCESS
-
-PSA symmetric decrypt: AES-CTR, 16 bytes, fallback
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
-
-PSA symmetric decrypt: AES-CTR, 16 bytes, fake
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
-
-PSA symmetric encryption multipart: AES-CTR, 11+5 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32"
-
-PSA symmetric encryption multipart: AES-CTR, 16+16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
-
-PSA symmetric encryption multipart: AES-CTR, 12+20 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
-
-PSA symmetric encryption multipart: AES-CTR, 20+12 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
-
-PSA symmetric encryption multipart: AES-CTR, 12+10 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b"
-
-PSA symmetric encryption multipart: AES-CTR, 0+15 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd"
-
-PSA symmetric encryption multipart: AES-CTR, 15+0 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd"
-
-PSA symmetric encryption multipart: AES-CTR, 0+16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32"
-
-PSA symmetric encryption multipart: AES-CTR, 16+0 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32"
-
-PSA symmetric decryption multipart: AES-CTR, 11+5 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32"
-
-PSA symmetric decryption multipart: AES-CTR, 16+16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
-
-PSA symmetric decryption multipart: AES-CTR, 12+20 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
-
-PSA symmetric decryption multipart: AES-CTR, 20+12 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
-
-PSA symmetric decryption multipart: AES-CTR, 12+10 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b"
-
-PSA symmetric decryption multipart: AES-CTR, 0+15 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd"
-
-PSA symmetric decryption multipart: AES-CTR, 15+0 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd"
-
-PSA symmetric decryption multipart: AES-CTR, 0+16 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32"
-
-PSA symmetric decryption multipart: AES-CTR, 16+0 bytes
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32"
-
-Cipher driver: negative testing on all entry points
-cipher_entry_points:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a"
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_driver_wrappers.function
deleted file mode 100644
index 6d20eff..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_driver_wrappers.function
+++ /dev/null
@@ -1,813 +0,0 @@
-/* BEGIN_HEADER */
-#include "test/psa_crypto_helpers.h"
-
-#include "test/drivers/test_driver.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PSA_CRYPTO_DRIVERS:PSA_CRYPTO_DRIVER_TEST
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */
-void ecdsa_sign( int force_status_arg,
-                 data_t *key_input,
-                 data_t *data_input,
-                 data_t *expected_output,
-                 int fake_output,
-                 int expected_status_arg )
-{
-    psa_status_t force_status = force_status_arg;
-    psa_status_t expected_status = expected_status_arg;
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_algorithm_t alg = PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 );
-    uint8_t signature[64];
-    size_t signature_length = 0xdeadbeef;
-    psa_status_t actual_status;
-    test_driver_signature_sign_hooks = test_driver_signature_hooks_init();
-
-    PSA_ASSERT( psa_crypto_init( ) );
-    psa_set_key_type( &attributes,
-                      PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ) );
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_import_key( &attributes,
-                    key_input->x, key_input->len,
-                    &key );
-
-    test_driver_signature_sign_hooks.forced_status = force_status;
-    if( fake_output == 1 )
-    {
-        test_driver_signature_sign_hooks.forced_output = expected_output->x;
-        test_driver_signature_sign_hooks.forced_output_length = expected_output->len;
-    }
-
-    actual_status = psa_sign_hash( key, alg,
-                                   data_input->x, data_input->len,
-                                   signature, sizeof( signature ),
-                                   &signature_length );
-    TEST_EQUAL( actual_status, expected_status );
-    if( expected_status == PSA_SUCCESS )
-    {
-        ASSERT_COMPARE( signature, signature_length,
-                        expected_output->x, expected_output->len );
-    }
-    TEST_EQUAL( test_driver_signature_sign_hooks.hits, 1 );
-
-exit:
-    psa_reset_key_attributes( &attributes );
-    psa_destroy_key( key );
-    PSA_DONE( );
-    test_driver_signature_sign_hooks = test_driver_signature_hooks_init();
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */
-void ecdsa_verify( int force_status_arg,
-                   int register_public_key,
-                   data_t *key_input,
-                   data_t *data_input,
-                   data_t *signature_input,
-                   int expected_status_arg )
-{
-    psa_status_t force_status = force_status_arg;
-    psa_status_t expected_status = expected_status_arg;
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_algorithm_t alg = PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 );
-    psa_status_t actual_status;
-    test_driver_signature_verify_hooks = test_driver_signature_hooks_init();
-
-    PSA_ASSERT( psa_crypto_init( ) );
-    if( register_public_key )
-    {
-        psa_set_key_type( &attributes,
-                      PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_CURVE_SECP_R1 ) );
-        psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH );
-        psa_set_key_algorithm( &attributes, alg );
-        psa_import_key( &attributes,
-                        key_input->x, key_input->len,
-                        &key );
-    }
-    else
-    {
-        psa_set_key_type( &attributes,
-                      PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ) );
-        psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH );
-        psa_set_key_algorithm( &attributes, alg );
-        psa_import_key( &attributes,
-                        key_input->x, key_input->len,
-                        &key );
-    }
-
-    test_driver_signature_verify_hooks.forced_status = force_status;
-
-    actual_status = psa_verify_hash( key, alg,
-                                     data_input->x, data_input->len,
-                                     signature_input->x, signature_input->len );
-    TEST_EQUAL( actual_status, expected_status );
-    TEST_EQUAL( test_driver_signature_verify_hooks.hits, 1 );
-
-exit:
-    psa_reset_key_attributes( &attributes );
-    psa_destroy_key( key );
-    PSA_DONE( );
-    test_driver_signature_verify_hooks = test_driver_signature_hooks_init();
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
-void generate_key( int force_status_arg,
-                   data_t *fake_output,
-                   int expected_status_arg )
-{
-    psa_status_t force_status = force_status_arg;
-    psa_status_t expected_status = expected_status_arg;
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_algorithm_t alg = PSA_ALG_ECDSA( PSA_ALG_SHA_256 );
-    const uint8_t *expected_output = NULL;
-    size_t expected_output_length = 0;
-    psa_status_t actual_status;
-    uint8_t actual_output[PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(256)] = {0};
-    size_t actual_output_length;
-    test_driver_key_management_hooks = test_driver_key_management_hooks_init();
-
-    psa_set_key_type( &attributes,
-                      PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ) );
-    psa_set_key_bits( &attributes, 256 );
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT );
-    psa_set_key_algorithm( &attributes, alg );
-
-    if( fake_output->len > 0 )
-    {
-        expected_output = test_driver_key_management_hooks.forced_output = fake_output->x;
-        expected_output_length = test_driver_key_management_hooks.forced_output_length =
-            fake_output->len;
-    }
-
-    test_driver_key_management_hooks.hits = 0;
-    test_driver_key_management_hooks.forced_status = force_status;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    actual_status = psa_generate_key( &attributes, &key );
-    TEST_EQUAL( test_driver_key_management_hooks.hits, 1 );
-    TEST_EQUAL( actual_status, expected_status );
-
-    if( actual_status == PSA_SUCCESS )
-    {
-        psa_export_key( key, actual_output, sizeof(actual_output), &actual_output_length );
-
-        if( fake_output->len > 0 )
-        {
-            ASSERT_COMPARE( actual_output, actual_output_length,
-                            expected_output, expected_output_length );
-        }
-        else
-        {
-            size_t zeroes = 0;
-            for( size_t i = 0; i < sizeof(actual_output); i++ )
-            {
-                if( actual_output[i] == 0)
-                    zeroes++;
-            }
-            TEST_ASSERT( zeroes != sizeof(actual_output) );
-        }
-    }
-exit:
-    psa_reset_key_attributes( &attributes );
-    psa_destroy_key( key );
-    PSA_DONE( );
-    test_driver_key_management_hooks = test_driver_key_management_hooks_init();
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
-void validate_key( int force_status_arg,
-                   int key_type_arg,
-                   data_t *key_input,
-                   int expected_status_arg )
-{
-    psa_status_t force_status = force_status_arg;
-    psa_status_t expected_status = expected_status_arg;
-    psa_key_type_t key_type = key_type_arg;
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_status_t actual_status;
-    test_driver_key_management_hooks = test_driver_key_management_hooks_init();
-
-    psa_set_key_type( &attributes,
-                      key_type );
-    psa_set_key_bits( &attributes, 0 );
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
-
-    test_driver_key_management_hooks.forced_status = force_status;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    actual_status = psa_import_key( &attributes, key_input->x, key_input->len, &key );
-    TEST_EQUAL( test_driver_key_management_hooks.hits, 1 );
-    TEST_EQUAL( actual_status, expected_status );
-exit:
-    psa_reset_key_attributes( &attributes );
-    psa_destroy_key( key );
-    PSA_DONE( );
-    test_driver_key_management_hooks = test_driver_key_management_hooks_init();
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
-void export_key( int force_status_arg,
-                 data_t *fake_output,
-                 int key_in_type_arg,
-                 data_t *key_in,
-                 int key_out_type_arg,
-                 data_t *expected_output,
-                 int expected_status_arg )
-{
-    psa_status_t force_status = force_status_arg;
-    psa_status_t expected_status = expected_status_arg;
-    psa_key_handle_t handle = 0;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_type_t input_key_type = key_in_type_arg;
-    psa_key_type_t output_key_type = key_out_type_arg;
-    const uint8_t *expected_output_ptr = NULL;
-    size_t expected_output_length = 0;
-    psa_status_t actual_status;
-    uint8_t actual_output[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(256)] = {0};
-    size_t actual_output_length;
-    test_driver_key_management_hooks = test_driver_key_management_hooks_init();
-
-    psa_set_key_type( &attributes, input_key_type );
-    psa_set_key_bits( &attributes, 256 );
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-    PSA_ASSERT( psa_import_key( &attributes, key_in->x, key_in->len, &handle ) );
-
-    if( fake_output->len > 0 )
-    {
-        expected_output_ptr = test_driver_key_management_hooks.forced_output = fake_output->x;
-        expected_output_length = test_driver_key_management_hooks.forced_output_length =
-            fake_output->len;
-    }
-    else
-    {
-        expected_output_ptr = expected_output->x;
-        expected_output_length = expected_output->len;
-    }
-
-    test_driver_key_management_hooks.hits = 0;
-    test_driver_key_management_hooks.forced_status = force_status;
-
-    if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( output_key_type ) )
-        actual_status = psa_export_public_key( handle, actual_output, sizeof(actual_output), &actual_output_length );
-    else
-        actual_status = psa_export_key( handle, actual_output, sizeof(actual_output), &actual_output_length );
-    TEST_EQUAL( actual_status, expected_status );
-
-    if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( output_key_type ) &&
-        !PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( input_key_type ) )
-        TEST_EQUAL( test_driver_key_management_hooks.hits, 1 );
-
-    if( actual_status == PSA_SUCCESS )
-    {
-        ASSERT_COMPARE( actual_output, actual_output_length,
-                        expected_output_ptr, expected_output_length );
-    }
-exit:
-    psa_reset_key_attributes( &attributes );
-    psa_destroy_key( handle );
-    PSA_DONE( );
-    test_driver_key_management_hooks = test_driver_key_management_hooks_init();
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_encrypt( int alg_arg, int key_type_arg,
-                     data_t *key_data, data_t *iv,
-                     data_t *input, data_t *expected_output,
-                     int mock_output_arg,
-                     int force_status_arg,
-                     int expected_status_arg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_status_t status;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_status_t expected_status = expected_status_arg;
-    psa_status_t force_status = force_status_arg;
-    unsigned char *output = NULL;
-    size_t output_buffer_size = 0;
-    size_t function_output_length = 0;
-    size_t total_output_length = 0;
-    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    test_driver_cipher_hooks = test_driver_cipher_hooks_init();
-    test_driver_cipher_hooks.forced_status = force_status;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
-    test_driver_cipher_hooks.hits = 0;
-
-    PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
-    test_driver_cipher_hooks.hits = 0;
-
-    output_buffer_size = ( (size_t) input->len +
-                           PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
-    ASSERT_ALLOC( output, output_buffer_size );
-
-    if( mock_output_arg )
-    {
-        test_driver_cipher_hooks.forced_output = expected_output->x;
-        test_driver_cipher_hooks.forced_output_length = expected_output->len;
-    }
-
-    PSA_ASSERT( psa_cipher_update( &operation,
-                                   input->x, input->len,
-                                   output, output_buffer_size,
-                                   &function_output_length ) );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
-    test_driver_cipher_hooks.hits = 0;
-
-    if( mock_output_arg )
-    {
-        test_driver_cipher_hooks.forced_output = NULL;
-        test_driver_cipher_hooks.forced_output_length = 0;
-    }
-
-    total_output_length += function_output_length;
-    status = psa_cipher_finish( &operation,
-                                output + total_output_length,
-                                output_buffer_size - total_output_length,
-                                &function_output_length );
-    /* Finish will have called abort as well, so expecting two hits here */
-    TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) );
-    test_driver_cipher_hooks.hits = 0;
-
-    total_output_length += function_output_length;
-
-    TEST_EQUAL( status, expected_status );
-    if( expected_status == PSA_SUCCESS )
-    {
-        PSA_ASSERT( psa_cipher_abort( &operation ) );
-        // driver function should've been called as part of the finish() core routine
-        TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
-        ASSERT_COMPARE( expected_output->x, expected_output->len,
-                        output, total_output_length );
-    }
-
-exit:
-    psa_cipher_abort( &operation );
-    mbedtls_free( output );
-    psa_destroy_key( key );
-    PSA_DONE( );
-    test_driver_cipher_hooks = test_driver_cipher_hooks_init();
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
-                               data_t *key_data, data_t *iv,
-                               data_t *input,
-                               int first_part_size_arg,
-                               int output1_length_arg, int output2_length_arg,
-                               data_t *expected_output )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    size_t first_part_size = first_part_size_arg;
-    size_t output1_length = output1_length_arg;
-    size_t output2_length = output2_length_arg;
-    unsigned char *output = NULL;
-    size_t output_buffer_size = 0;
-    size_t function_output_length = 0;
-    size_t total_output_length = 0;
-    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    test_driver_cipher_hooks = test_driver_cipher_hooks_init();
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
-    test_driver_cipher_hooks.hits = 0;
-
-    PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
-    test_driver_cipher_hooks.hits = 0;
-
-    output_buffer_size = ( (size_t) input->len +
-                           PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
-    ASSERT_ALLOC( output, output_buffer_size );
-
-    TEST_ASSERT( first_part_size <= input->len );
-    PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size,
-                                   output, output_buffer_size,
-                                   &function_output_length ) );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
-    test_driver_cipher_hooks.hits = 0;
-
-    TEST_ASSERT( function_output_length == output1_length );
-    total_output_length += function_output_length;
-    PSA_ASSERT( psa_cipher_update( &operation,
-                                   input->x + first_part_size,
-                                   input->len - first_part_size,
-                                   output + total_output_length,
-                                   output_buffer_size - total_output_length,
-                                   &function_output_length ) );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
-    test_driver_cipher_hooks.hits = 0;
-    TEST_ASSERT( function_output_length == output2_length );
-    total_output_length += function_output_length;
-    PSA_ASSERT( psa_cipher_finish( &operation,
-                                   output + total_output_length,
-                                   output_buffer_size - total_output_length,
-                                   &function_output_length ) );
-    /* Finish will have called abort as well, so expecting two hits here */
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
-    test_driver_cipher_hooks.hits = 0 ;
-    total_output_length += function_output_length;
-    PSA_ASSERT( psa_cipher_abort( &operation ) );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
-
-    ASSERT_COMPARE( expected_output->x, expected_output->len,
-                    output, total_output_length );
-
-exit:
-    psa_cipher_abort( &operation );
-    mbedtls_free( output );
-    psa_destroy_key( key );
-    PSA_DONE( );
-    test_driver_cipher_hooks = test_driver_cipher_hooks_init();
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
-                               data_t *key_data, data_t *iv,
-                               data_t *input,
-                               int first_part_size_arg,
-                               int output1_length_arg, int output2_length_arg,
-                               data_t *expected_output )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    size_t first_part_size = first_part_size_arg;
-    size_t output1_length = output1_length_arg;
-    size_t output2_length = output2_length_arg;
-    unsigned char *output = NULL;
-    size_t output_buffer_size = 0;
-    size_t function_output_length = 0;
-    size_t total_output_length = 0;
-    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    test_driver_cipher_hooks = test_driver_cipher_hooks_init();
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
-    test_driver_cipher_hooks.hits = 0;
-
-    PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
-    test_driver_cipher_hooks.hits = 0;
-
-    output_buffer_size = ( (size_t) input->len +
-                           PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
-    ASSERT_ALLOC( output, output_buffer_size );
-
-    TEST_ASSERT( first_part_size <= input->len );
-    PSA_ASSERT( psa_cipher_update( &operation,
-                                   input->x, first_part_size,
-                                   output, output_buffer_size,
-                                   &function_output_length ) );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
-    test_driver_cipher_hooks.hits = 0;
-
-    TEST_ASSERT( function_output_length == output1_length );
-    total_output_length += function_output_length;
-    PSA_ASSERT( psa_cipher_update( &operation,
-                                   input->x + first_part_size,
-                                   input->len - first_part_size,
-                                   output + total_output_length,
-                                   output_buffer_size - total_output_length,
-                                   &function_output_length ) );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
-    test_driver_cipher_hooks.hits = 0;
-
-    TEST_ASSERT( function_output_length == output2_length );
-    total_output_length += function_output_length;
-    PSA_ASSERT( psa_cipher_finish( &operation,
-                                   output + total_output_length,
-                                   output_buffer_size - total_output_length,
-                                   &function_output_length ) );
-    /* Finish will have called abort as well, so expecting two hits here */
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
-    test_driver_cipher_hooks.hits = 0;
-    total_output_length += function_output_length;
-    PSA_ASSERT( psa_cipher_abort( &operation ) );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
-
-    ASSERT_COMPARE( expected_output->x, expected_output->len,
-                    output, total_output_length );
-
-exit:
-    psa_cipher_abort( &operation );
-    mbedtls_free( output );
-    psa_destroy_key( key );
-    PSA_DONE( );
-    test_driver_cipher_hooks = test_driver_cipher_hooks_init();
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_decrypt( int alg_arg, int key_type_arg,
-                     data_t *key_data, data_t *iv,
-                     data_t *input, data_t *expected_output,
-                     int mock_output_arg,
-                     int force_status_arg,
-                     int expected_status_arg )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_status_t status;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_status_t expected_status = expected_status_arg;
-    psa_status_t force_status = force_status_arg;
-    unsigned char *output = NULL;
-    size_t output_buffer_size = 0;
-    size_t function_output_length = 0;
-    size_t total_output_length = 0;
-    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    test_driver_cipher_hooks = test_driver_cipher_hooks_init();
-    test_driver_cipher_hooks.forced_status = force_status;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
-    test_driver_cipher_hooks.hits = 0;
-
-    PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
-    test_driver_cipher_hooks.hits = 0;
-
-    output_buffer_size = ( (size_t) input->len +
-                           PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
-    ASSERT_ALLOC( output, output_buffer_size );
-
-    if( mock_output_arg )
-    {
-        test_driver_cipher_hooks.forced_output = expected_output->x;
-        test_driver_cipher_hooks.forced_output_length = expected_output->len;
-    }
-
-    PSA_ASSERT( psa_cipher_update( &operation,
-                                   input->x, input->len,
-                                   output, output_buffer_size,
-                                   &function_output_length ) );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
-    test_driver_cipher_hooks.hits = 0;
-
-    if( mock_output_arg )
-    {
-        test_driver_cipher_hooks.forced_output = NULL;
-        test_driver_cipher_hooks.forced_output_length = 0;
-    }
-
-    total_output_length += function_output_length;
-    status = psa_cipher_finish( &operation,
-                                output + total_output_length,
-                                output_buffer_size - total_output_length,
-                                &function_output_length );
-    /* Finish will have called abort as well, so expecting two hits here */
-    TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) );
-    test_driver_cipher_hooks.hits = 0;
-
-    total_output_length += function_output_length;
-    TEST_EQUAL( status, expected_status );
-
-    if( expected_status == PSA_SUCCESS )
-    {
-        PSA_ASSERT( psa_cipher_abort( &operation ) );
-        TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
-        ASSERT_COMPARE( expected_output->x, expected_output->len,
-                        output, total_output_length );
-    }
-
-exit:
-    psa_cipher_abort( &operation );
-    mbedtls_free( output );
-    psa_destroy_key( key );
-    PSA_DONE( );
-    test_driver_cipher_hooks = test_driver_cipher_hooks_init();
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_entry_points( int alg_arg, int key_type_arg,
-                          data_t *key_data, data_t *iv,
-                          data_t *input )
-{
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_status_t status;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    unsigned char *output = NULL;
-    size_t output_buffer_size = 0;
-    size_t function_output_length = 0;
-    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    test_driver_cipher_hooks = test_driver_cipher_hooks_init();
-
-    ASSERT_ALLOC( output, input->len + 16 );
-    output_buffer_size = input->len + 16;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, key_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-
-    /* Test setup call, encrypt */
-    test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
-    status = psa_cipher_encrypt_setup( &operation, key, alg );
-    /* When setup fails, it shouldn't call any further entry points */
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
-    TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
-    test_driver_cipher_hooks.hits = 0;
-    status = psa_cipher_set_iv( &operation, iv->x, iv->len );
-    TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
-
-    /* Test setup call failure, decrypt */
-    status = psa_cipher_decrypt_setup( &operation, key, alg );
-    /* When setup fails, it shouldn't call any further entry points */
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
-    TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
-    test_driver_cipher_hooks.hits = 0;
-    status = psa_cipher_set_iv( &operation, iv->x, iv->len );
-    TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
-
-    /* Test IV setting failure */
-    test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
-    status = psa_cipher_encrypt_setup( &operation, key, alg );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
-    TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
-    test_driver_cipher_hooks.hits = 0;
-
-    test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
-    status = psa_cipher_set_iv( &operation, iv->x, iv->len );
-    /* When setting the IV fails, it should call abort too */
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
-    TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
-    /* Failure should prevent further operations from executing on the driver */
-    test_driver_cipher_hooks.hits = 0;
-    status = psa_cipher_update( &operation,
-                                input->x, input->len,
-                                output, output_buffer_size,
-                                &function_output_length );
-    TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
-    psa_cipher_abort( &operation );
-
-    /* Test IV generation failure */
-    test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
-    status = psa_cipher_encrypt_setup( &operation, key, alg );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
-    TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
-    test_driver_cipher_hooks.hits = 0;
-
-    test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
-    status = psa_cipher_generate_iv( &operation, output, 16, &function_output_length );
-    /* When generating the IV fails, it should call abort too */
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
-    TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
-    /* Failure should prevent further operations from executing on the driver */
-    test_driver_cipher_hooks.hits = 0;
-    status = psa_cipher_update( &operation,
-                                input->x, input->len,
-                                output, output_buffer_size,
-                                &function_output_length );
-    TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
-    psa_cipher_abort( &operation );
-
-    /* Test update failure */
-    test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
-    status = psa_cipher_encrypt_setup( &operation, key, alg );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
-    TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
-    test_driver_cipher_hooks.hits = 0;
-
-    status = psa_cipher_set_iv( &operation, iv->x, iv->len );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
-    TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
-    test_driver_cipher_hooks.hits = 0;
-
-    test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
-    status = psa_cipher_update( &operation,
-                                input->x, input->len,
-                                output, output_buffer_size,
-                                &function_output_length );
-    /* When the update call fails, it should call abort too */
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
-    TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
-    /* Failure should prevent further operations from executing on the driver */
-    test_driver_cipher_hooks.hits = 0;
-    status = psa_cipher_update( &operation,
-                                input->x, input->len,
-                                output, output_buffer_size,
-                                &function_output_length );
-    TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
-    psa_cipher_abort( &operation );
-
-    /* Test finish failure */
-    test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
-    status = psa_cipher_encrypt_setup( &operation, key, alg );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
-    TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
-    test_driver_cipher_hooks.hits = 0;
-
-    status = psa_cipher_set_iv( &operation, iv->x, iv->len );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
-    TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
-    test_driver_cipher_hooks.hits = 0;
-
-    status = psa_cipher_update( &operation,
-                                input->x, input->len,
-                                output, output_buffer_size,
-                                &function_output_length );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
-    TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
-    test_driver_cipher_hooks.hits = 0;
-
-    test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
-    status = psa_cipher_finish( &operation,
-                                output + function_output_length,
-                                output_buffer_size - function_output_length,
-                                &function_output_length );
-    /* When the finish call fails, it should call abort too */
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
-    TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
-    /* Failure should prevent further operations from executing on the driver */
-    test_driver_cipher_hooks.hits = 0;
-    status = psa_cipher_update( &operation,
-                                input->x, input->len,
-                                output, output_buffer_size,
-                                &function_output_length );
-    TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
-    TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
-    psa_cipher_abort( &operation );
-
-exit:
-    psa_cipher_abort( &operation );
-    mbedtls_free( output );
-    psa_destroy_key( key );
-    PSA_DONE( );
-    test_driver_cipher_hooks = test_driver_cipher_hooks_init();
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_entropy.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_entropy.data
deleted file mode 100644
index 61593e9..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_entropy.data
+++ /dev/null
@@ -1,18 +0,0 @@
-PSA validate entropy injection: good, minimum size
-validate_entropy_seed_injection:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_ERROR_NOT_PERMITTED
-
-PSA validate entropy injection: good, max size
-validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_SUCCESS:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_ERROR_NOT_PERMITTED
-
-PSA validate entropy injection: bad, too big
-validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE+1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS
-
-PSA validate entropy injection: bad, too small using MBEDTLS_ENTROPY_MIN_PLATFORM
-validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS
-
-PSA validate entropy injection: bad, too small using MBEDTLS_ENTROPY_BLOCK_SIZE
-validate_entropy_seed_injection:MBEDTLS_ENTROPY_BLOCK_SIZE-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS
-
-PSA validate entropy injection: before and after crypto_init
-run_entropy_inject_with_crypto_init:
-
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_entropy.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_entropy.function
deleted file mode 100644
index 66c241e..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_entropy.function
+++ /dev/null
@@ -1,116 +0,0 @@
-/* BEGIN_HEADER */
-#include <stdint.h>
-
-#include "mbedtls/entropy.h"
-#include "mbedtls/entropy_poll.h"
-
-#include "test/psa_crypto_helpers.h"
-#if defined(MBEDTLS_PSA_ITS_FILE_C)
-#include <stdio.h>
-#else
-#include <psa/internal_trusted_storage.h>
-#endif
-
-/* Calculating the minimum allowed entropy size in bytes */
-#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)
-
-/* Remove the entropy seed file. Since the library does not expose a way
- * to do this (it would be a security risk if such a function was ever
- * accessible in production), implement this functionality in a white-box
- * manner. */
-psa_status_t remove_seed_file( void )
-{
-#if defined(MBEDTLS_PSA_ITS_FILE_C)
-    if( remove( "00000000ffffff52.psa_its" ) == 0 )
-        return( PSA_SUCCESS );
-    else
-        return( PSA_ERROR_DOES_NOT_EXIST );
-#else
-    return( psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ) );
-#endif
-}
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PSA_INJECT_ENTROPY
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void validate_entropy_seed_injection( int seed_length_a,
-                                      int expected_status_a,
-                                      int seed_length_b,
-                                      int expected_status_b )
-{
-    psa_status_t status;
-    uint8_t output[32] = { 0 };
-    uint8_t zeros[32] = { 0 };
-    uint8_t *seed = NULL;
-    int i;
-    int seed_size;
-    if( seed_length_a > seed_length_b )
-    {
-        seed_size = seed_length_a;
-    }
-    else
-    {
-        seed_size = seed_length_b;
-    }
-    ASSERT_ALLOC( seed, seed_size );
-    /* fill seed with some data */
-    for( i = 0; i < seed_size; ++i )
-    {
-        seed[i] = i;
-    }
-    status =  remove_seed_file( );
-    TEST_ASSERT( ( status == PSA_SUCCESS ) ||
-                 ( status == PSA_ERROR_DOES_NOT_EXIST ) );
-    status = mbedtls_psa_inject_entropy( seed, seed_length_a );
-    TEST_EQUAL( status, expected_status_a );
-    status = mbedtls_psa_inject_entropy( seed, seed_length_b );
-    TEST_EQUAL( status, expected_status_b );
-    PSA_ASSERT( psa_crypto_init( ) );
-    PSA_ASSERT( psa_generate_random( output,
-                                     sizeof( output ) ) );
-    TEST_ASSERT( memcmp( output, zeros, sizeof( output ) ) != 0 );
-exit:
-    mbedtls_free( seed );
-    remove_seed_file( );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void run_entropy_inject_with_crypto_init( )
-{
-    psa_status_t status;
-    size_t i;
-    uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = { 0 };
-    /* fill seed with some data */
-    for( i = 0; i < sizeof( seed ); ++i )
-    {
-        seed[i] = i;
-    }
-    status =  remove_seed_file( );
-    TEST_ASSERT( ( status == PSA_SUCCESS ) ||
-                 ( status == PSA_ERROR_DOES_NOT_EXIST ) );
-    status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
-    PSA_ASSERT( status );
-    status =  remove_seed_file( );
-    TEST_EQUAL( status, PSA_SUCCESS );
-    status = psa_crypto_init( );
-    TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_ENTROPY );
-    status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
-    PSA_ASSERT( status );
-    status = psa_crypto_init( );
-    PSA_ASSERT( status );
-    PSA_DONE( );
-    /* The seed is written by nv_seed callback functions therefore the injection will fail */
-    status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
-    TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
-exit:
-    remove_seed_file( );
-    PSA_DONE( );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_hash.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_hash.function
deleted file mode 100644
index 1bc9331..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_hash.function
+++ /dev/null
@@ -1,104 +0,0 @@
-/* BEGIN_HEADER */
-
-#include <stdint.h>
-
-#include "test/psa_crypto_helpers.h"
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PSA_CRYPTO_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
-{
-    psa_algorithm_t alg = alg_arg;
-    unsigned char actual_hash[PSA_HASH_MAX_SIZE];
-    size_t actual_hash_length;
-    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
-    PSA_ASSERT( psa_hash_update( &operation,
-                                 input->x, input->len ) );
-    PSA_ASSERT( psa_hash_finish( &operation,
-                                 actual_hash, sizeof( actual_hash ),
-                                 &actual_hash_length ) );
-    ASSERT_COMPARE( expected_hash->x, expected_hash->len,
-                    actual_hash, actual_hash_length );
-
-exit:
-    psa_hash_abort( &operation );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void hash_verify( int alg_arg, data_t *input, data_t *expected_hash )
-{
-    psa_algorithm_t alg = alg_arg;
-    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
-    PSA_ASSERT( psa_hash_update( &operation,
-                                 input->x,
-                                 input->len ) );
-    PSA_ASSERT( psa_hash_verify( &operation,
-                                 expected_hash->x,
-                                 expected_hash->len ) );
-
-exit:
-    psa_hash_abort( &operation );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash )
-{
-    psa_algorithm_t alg = alg_arg;
-    unsigned char actual_hash[PSA_HASH_MAX_SIZE];
-    size_t actual_hash_length;
-    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
-    psa_hash_operation_t operation2 = PSA_HASH_OPERATION_INIT;
-    uint32_t len = 0;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    do
-    {
-        memset( actual_hash, 0, sizeof( actual_hash ) );
-        PSA_ASSERT( psa_hash_setup( &operation, alg ) );
-
-        PSA_ASSERT( psa_hash_update( &operation,
-                                     input->x, len ) );
-        PSA_ASSERT( psa_hash_clone( &operation, &operation2 ) );
-        PSA_ASSERT( psa_hash_update( &operation,
-                                     input->x + len, input->len - len ) );
-        PSA_ASSERT( psa_hash_update( &operation2,
-                                     input->x + len, input->len - len ) );
-
-        PSA_ASSERT( psa_hash_finish( &operation,
-                                     actual_hash, sizeof( actual_hash ),
-                                     &actual_hash_length ) );
-        ASSERT_COMPARE( expected_hash->x, expected_hash->len,
-                        actual_hash, actual_hash_length );
-
-        PSA_ASSERT( psa_hash_finish( &operation2,
-                                     actual_hash, sizeof( actual_hash ),
-                                     &actual_hash_length ) );
-        ASSERT_COMPARE( expected_hash->x, expected_hash->len,
-                        actual_hash, actual_hash_length );
-    } while( len++ != input->len );
-
-exit:
-    psa_hash_abort( &operation );
-    psa_hash_abort( &operation2 );
-    PSA_DONE( );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_init.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_init.function
deleted file mode 100644
index 62ef6e2..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_init.function
+++ /dev/null
@@ -1,291 +0,0 @@
-/* BEGIN_HEADER */
-#include <stdint.h>
-
-#include "test/psa_crypto_helpers.h"
-/* Some tests in this module configure entropy sources. */
-#include "psa_crypto_invasive.h"
-
-#include "mbedtls/entropy.h"
-#include "mbedtls/entropy_poll.h"
-
-#define ENTROPY_MIN_NV_SEED_SIZE                                        \
-    MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)
-
-/* PSA crypto uses the CTR_DRBG module. In some configurations, it needs
- * to read from the entropy source twice: once for the initial entropy
- * and once for a nonce. */
-#include "mbedtls/ctr_drbg.h"
-#define ENTROPY_NONCE_LEN MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN
-
-typedef struct
-{
-    size_t threshold; /* Minimum bytes to make mbedtls_entropy_func happy */
-    size_t max_steps;
-    size_t *length_sequence;
-    size_t step;
-} fake_entropy_state_t;
-static int fake_entropy_source( void *state_arg,
-                                unsigned char *output, size_t len,
-                                size_t *olen )
-{
-    fake_entropy_state_t *state = state_arg;
-    size_t i;
-
-    if( state->step >= state->max_steps )
-        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
-
-    *olen = MIN( len, state->length_sequence[state->step] );
-    for( i = 0; i < *olen; i++ )
-        output[i] = i;
-    ++state->step;
-    return( 0 );
-}
-
-#define ENTROPY_SOURCE_PLATFORM                 0x00000001
-#define ENTROPY_SOURCE_TIMING                   0x00000002
-#define ENTROPY_SOURCE_HAVEGE                   0x00000004
-#define ENTROPY_SOURCE_HARDWARE                 0x00000008
-#define ENTROPY_SOURCE_NV_SEED                  0x00000010
-#define ENTROPY_SOURCE_FAKE                     0x40000000
-
-static uint32_t custom_entropy_sources_mask;
-static fake_entropy_state_t fake_entropy_state;
-
-/* This is a modified version of mbedtls_entropy_init() from entropy.c
- * which chooses entropy sources dynamically. */
-static void custom_entropy_init( mbedtls_entropy_context *ctx )
-{
-    ctx->source_count = 0;
-    memset( ctx->source, 0, sizeof( ctx->source ) );
-
-#if defined(MBEDTLS_THREADING_C)
-    mbedtls_mutex_init( &ctx->mutex );
-#endif
-
-    ctx->accumulator_started = 0;
-#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
-    mbedtls_sha512_init( &ctx->accumulator );
-#else
-    mbedtls_sha256_init( &ctx->accumulator );
-#endif
-#if defined(MBEDTLS_HAVEGE_C)
-    mbedtls_havege_init( &ctx->havege_data );
-#endif
-
-#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
-    if( custom_entropy_sources_mask & ENTROPY_SOURCE_PLATFORM )
-        mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL,
-                                    MBEDTLS_ENTROPY_MIN_PLATFORM,
-                                    MBEDTLS_ENTROPY_SOURCE_STRONG );
-#endif
-#if defined(MBEDTLS_TIMING_C)
-    if( custom_entropy_sources_mask & ENTROPY_SOURCE_TIMING )
-        mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL,
-                                    MBEDTLS_ENTROPY_MIN_HARDCLOCK,
-                                    MBEDTLS_ENTROPY_SOURCE_WEAK );
-#endif
-#if defined(MBEDTLS_HAVEGE_C)
-    if( custom_entropy_sources_mask & ENTROPY_SOURCE_HAVEGE )
-        mbedtls_entropy_add_source( ctx, mbedtls_havege_poll, &ctx->havege_data,
-                                    MBEDTLS_ENTROPY_MIN_HAVEGE,
-                                    MBEDTLS_ENTROPY_SOURCE_STRONG );
-#endif
-#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
-    if( custom_entropy_sources_mask & ENTROPY_SOURCE_HARDWARE )
-        mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL,
-                                    MBEDTLS_ENTROPY_MIN_HARDWARE,
-                                    MBEDTLS_ENTROPY_SOURCE_STRONG );
-#endif
-#if defined(MBEDTLS_ENTROPY_NV_SEED)
-    if( custom_entropy_sources_mask & ENTROPY_SOURCE_NV_SEED )
-    {
-        mbedtls_entropy_add_source( ctx, mbedtls_nv_seed_poll, NULL,
-                                    MBEDTLS_ENTROPY_BLOCK_SIZE,
-                                    MBEDTLS_ENTROPY_SOURCE_STRONG );
-        ctx->initial_entropy_run = 0;
-    }
-    else
-    {
-        /* Skip the NV seed even though it's compiled in. */
-        ctx->initial_entropy_run = 1;
-    }
-#endif
-
-    if( custom_entropy_sources_mask & ENTROPY_SOURCE_FAKE )
-        mbedtls_entropy_add_source( ctx,
-                                    fake_entropy_source, &fake_entropy_state,
-                                    fake_entropy_state.threshold,
-                                    MBEDTLS_ENTROPY_SOURCE_STRONG );
-}
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PSA_CRYPTO_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED */
-void create_nv_seed( )
-{
-    static unsigned char seed[ENTROPY_MIN_NV_SEED_SIZE];
-    TEST_ASSERT( mbedtls_nv_seed_write( seed, sizeof( seed ) ) >= 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void init_deinit( int count )
-{
-    psa_status_t status;
-    int i;
-    for( i = 0; i < count; i++ )
-    {
-        status = psa_crypto_init( );
-        PSA_ASSERT( status );
-        status = psa_crypto_init( );
-        PSA_ASSERT( status );
-        PSA_DONE( );
-    }
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void deinit_without_init( int count )
-{
-    int i;
-    for( i = 0; i < count; i++ )
-    {
-        PSA_ASSERT( psa_crypto_init( ) );
-        PSA_DONE( );
-    }
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void validate_module_init_generate_random( int count )
-{
-    psa_status_t status;
-    uint8_t random[10] = { 0 };
-    int i;
-    for( i = 0; i < count; i++ )
-    {
-        status = psa_crypto_init( );
-        PSA_ASSERT( status );
-        PSA_DONE( );
-    }
-    status = psa_generate_random( random, sizeof( random ) );
-    TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void validate_module_init_key_based( int count )
-{
-    psa_status_t status;
-    uint8_t data[10] = { 0 };
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make( 0xdead, 0xdead );
-    int i;
-
-    for( i = 0; i < count; i++ )
-    {
-        status = psa_crypto_init( );
-        PSA_ASSERT( status );
-        PSA_DONE( );
-    }
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
-    status = psa_import_key( &attributes, data, sizeof( data ), &key );
-    TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
-    TEST_ASSERT( mbedtls_svc_key_id_is_null( key ) );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void custom_entropy_sources( int sources_arg, int expected_init_status_arg )
-{
-    psa_status_t expected_init_status = expected_init_status_arg;
-    uint8_t random[10] = { 0 };
-
-    custom_entropy_sources_mask = sources_arg;
-    PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources(
-                    custom_entropy_init, mbedtls_entropy_free ) );
-
-    TEST_EQUAL( psa_crypto_init( ), expected_init_status );
-    if( expected_init_status != PSA_SUCCESS )
-        goto exit;
-
-    PSA_ASSERT( psa_generate_random( random, sizeof( random ) ) );
-
-exit:
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void fake_entropy_source( int threshold,
-                          int amount1,
-                          int amount2,
-                          int amount3,
-                          int amount4,
-                          int expected_init_status_arg )
-{
-    psa_status_t expected_init_status = expected_init_status_arg;
-    uint8_t random[10] = { 0 };
-    size_t lengths[4];
-
-    fake_entropy_state.threshold = threshold;
-    fake_entropy_state.step = 0;
-    fake_entropy_state.max_steps = 0;
-    if( amount1 >= 0 )
-        lengths[fake_entropy_state.max_steps++] = amount1;
-    if( amount2 >= 0 )
-        lengths[fake_entropy_state.max_steps++] = amount2;
-    if( amount3 >= 0 )
-        lengths[fake_entropy_state.max_steps++] = amount3;
-    if( amount4 >= 0 )
-        lengths[fake_entropy_state.max_steps++] = amount4;
-    fake_entropy_state.length_sequence = lengths;
-
-    custom_entropy_sources_mask = ENTROPY_SOURCE_FAKE;
-    PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources(
-                    custom_entropy_init, mbedtls_entropy_free ) );
-
-    TEST_EQUAL( psa_crypto_init( ), expected_init_status );
-    if( expected_init_status != PSA_SUCCESS )
-        goto exit;
-
-    PSA_ASSERT( psa_generate_random( random, sizeof( random ) ) );
-
-exit:
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED */
-void entropy_from_nv_seed( int seed_size_arg,
-                           int expected_init_status_arg )
-{
-    psa_status_t expected_init_status = expected_init_status_arg;
-    uint8_t random[10] = { 0 };
-    uint8_t *seed = NULL;
-    size_t seed_size = seed_size_arg;
-
-    ASSERT_ALLOC( seed, seed_size );
-    TEST_ASSERT( mbedtls_nv_seed_write( seed, seed_size ) >= 0 );
-
-    custom_entropy_sources_mask = ENTROPY_SOURCE_NV_SEED;
-    PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources(
-                    custom_entropy_init, mbedtls_entropy_free ) );
-
-    TEST_EQUAL( psa_crypto_init( ), expected_init_status );
-    if( expected_init_status != PSA_SUCCESS )
-        goto exit;
-
-    PSA_ASSERT( psa_generate_random( random, sizeof( random ) ) );
-
-exit:
-    mbedtls_free( seed );
-    PSA_DONE( );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_metadata.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_metadata.data
deleted file mode 100644
index 006389f..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_metadata.data
+++ /dev/null
@@ -1,306 +0,0 @@
-Hash: MD2
-depends_on:MBEDTLS_MD2_C
-hash_algorithm:PSA_ALG_MD2:16
-
-Hash: MD4
-depends_on:MBEDTLS_MD4_C
-hash_algorithm:PSA_ALG_MD4:16
-
-Hash: MD5
-depends_on:MBEDTLS_MD5_C
-hash_algorithm:PSA_ALG_MD5:16
-
-Hash: RIPEMD160
-depends_on:MBEDTLS_RIPEMD160_C
-hash_algorithm:PSA_ALG_RIPEMD160:20
-
-Hash: SHA-1
-depends_on:MBEDTLS_SHA1_C
-hash_algorithm:PSA_ALG_SHA_1:20
-
-Hash: SHA-2 SHA-224
-depends_on:MBEDTLS_SHA256_C
-hash_algorithm:PSA_ALG_SHA_224:28
-
-Hash: SHA-2 SHA-256
-depends_on:MBEDTLS_SHA256_C
-hash_algorithm:PSA_ALG_SHA_256:32
-
-Hash: SHA-2 SHA-384
-depends_on:MBEDTLS_SHA512_C
-hash_algorithm:PSA_ALG_SHA_384:48
-
-Hash: SHA-2 SHA-512
-depends_on:MBEDTLS_SHA512_C
-hash_algorithm:PSA_ALG_SHA_512:64
-
-MAC: HMAC-MD2
-depends_on:MBEDTLS_MD2_C
-hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD2 ):16:64
-
-MAC: HMAC-MD4
-depends_on:MBEDTLS_MD4_C
-hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD4 ):16:64
-
-MAC: HMAC-MD5
-depends_on:MBEDTLS_MD5_C
-hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):16:64
-
-MAC: HMAC-RIPEMD160
-depends_on:MBEDTLS_RIPEMD160_C
-hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_RIPEMD160 ):20:64
-
-MAC: HMAC-SHA-1
-depends_on:MBEDTLS_SHA1_C
-hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_1 ):20:64
-
-MAC: HMAC-SHA-224
-depends_on:MBEDTLS_SHA256_C
-hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_224 ):28:64
-
-MAC: HMAC-SHA-256
-depends_on:MBEDTLS_SHA256_C
-hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_256 ):32:64
-
-MAC: HMAC-SHA-384
-depends_on:MBEDTLS_SHA512_C
-hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_384 ):48:128
-
-MAC: HMAC-SHA-512
-depends_on:MBEDTLS_SHA512_C
-hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512 ):64:128
-
-MAC: CBC_MAC-AES-128
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
-mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
-
-MAC: CBC_MAC-AES-192
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
-mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
-
-MAC: CBC_MAC-AES-256
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
-mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
-
-MAC: CBC_MAC-3DES
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_C
-mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192
-
-MAC: CMAC-AES-128
-depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
-mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
-
-MAC: CMAC-AES-192
-depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
-mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
-
-MAC: CMAC-AES-256
-depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
-mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
-
-MAC: CMAC-3DES
-depends_on:MBEDTLS_DES_C:MBEDTLS_CMAC_C
-mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192
-
-Cipher: STREAM_CIPHER
-cipher_algorithm:PSA_ALG_STREAM_CIPHER:ALG_IS_STREAM_CIPHER
-
-Cipher: CTR
-depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_algorithm:PSA_ALG_CTR:ALG_IS_STREAM_CIPHER
-
-Cipher: CFB
-depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CFB
-cipher_algorithm:PSA_ALG_CFB:ALG_IS_STREAM_CIPHER
-
-Cipher: OFB
-depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_OFB
-cipher_algorithm:PSA_ALG_OFB:ALG_IS_STREAM_CIPHER
-
-Cipher: ECB-nopad
-depends_on:MBEDTLS_CIPHER_C
-cipher_algorithm:PSA_ALG_ECB_NO_PADDING:0
-
-Cipher: CBC-nopad
-depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_algorithm:PSA_ALG_CBC_NO_PADDING:0
-
-Cipher: CBC-PKCS#7
-depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-cipher_algorithm:PSA_ALG_CBC_PKCS7:0
-
-Cipher: XTS
-depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_XTS
-cipher_algorithm:PSA_ALG_XTS:0
-
-AEAD: CCM
-depends_on:MBEDTLS_CCM_C
-aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16
-
-AEAD: GCM
-depends_on:MBEDTLS_GCM_C
-aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16
-
-AEAD: ChaCha20_Poly1305
-depends_on:MBEDTLS_CHACHAPOLY_C
-aead_algorithm:PSA_ALG_CHACHA20_POLY1305:0:16
-
-Asymmetric signature: RSA PKCS#1 v1.5 raw
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:ALG_IS_RSA_PKCS1V15_SIGN | ALG_IS_HASH_AND_SIGN
-
-Asymmetric signature: RSA PKCS#1 v1.5 SHA-256
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 ):ALG_IS_RSA_PKCS1V15_SIGN | ALG_IS_HASH_AND_SIGN
-
-Asymmetric signature: RSA PSS SHA-256
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_signature_algorithm:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):ALG_IS_RSA_PSS | ALG_IS_HASH_AND_SIGN
-
-Asymmetric signature: randomized ECDSA (no hashing)
-depends_on:MBEDTLS_ECDSA_C
-asymmetric_signature_algorithm:PSA_ALG_ECDSA_ANY:ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA | ALG_IS_HASH_AND_SIGN
-
-Asymmetric signature: SHA-256 + randomized ECDSA
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C
-asymmetric_signature_algorithm:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA | ALG_IS_HASH_AND_SIGN
-
-Asymmetric signature: SHA-256 + deterministic ECDSA using SHA-256
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
-asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC | ALG_IS_HASH_AND_SIGN
-
-Asymmetric signature: RSA PKCS#1 v1.5 with wildcard hash
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_signature_wildcard:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH ):ALG_IS_RSA_PKCS1V15_SIGN
-
-Asymmetric signature: RSA PSS with wildcard hash
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21
-asymmetric_signature_wildcard:PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH ):ALG_IS_RSA_PSS
-
-Asymmetric signature: randomized ECDSA with wildcard hash
-depends_on:MBEDTLS_ECDSA_C
-asymmetric_signature_wildcard:PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA
-
-Asymmetric signature: deterministic ECDSA with wildcard hash
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC
-asymmetric_signature_wildcard:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC
-
-Asymmetric encryption: RSA PKCS#1 v1.5
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encryption_algorithm:PSA_ALG_RSA_PKCS1V15_CRYPT:0
-
-Asymmetric encryption: RSA OAEP using SHA-256
-depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_encryption_algorithm:PSA_ALG_RSA_OAEP( PSA_ALG_SHA_256 ):ALG_IS_RSA_OAEP
-
-Key derivation: HKDF using SHA-256
-depends_on:MBEDTLS_SHA256_C
-key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):ALG_IS_HKDF
-
-Key derivation: HKDF using SHA-384
-depends_on:MBEDTLS_SHA512_C
-key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_384 ):ALG_IS_HKDF
-
-Key derivation: TLS 1.2 PRF using SHA-256
-depends_on:MBEDTLS_SHA256_C
-key_derivation_algorithm:PSA_ALG_TLS12_PRF( PSA_ALG_SHA_256 ):ALG_IS_TLS12_PRF
-
-Key derivation: TLS 1.2 PRF using SHA-384
-depends_on:MBEDTLS_SHA512_C
-key_derivation_algorithm:PSA_ALG_TLS12_PRF( PSA_ALG_SHA_384 ):ALG_IS_TLS12_PRF
-
-Key derivation: TLS 1.2 PSK-to-MS using SHA-256
-depends_on:MBEDTLS_SHA256_C
-key_derivation_algorithm:PSA_ALG_TLS12_PSK_TO_MS( PSA_ALG_SHA_256 ):ALG_IS_TLS12_PSK_TO_MS
-
-Key derivation: TLS 1.2 PSK-to-MS using SHA-384
-depends_on:MBEDTLS_SHA512_C
-key_derivation_algorithm:PSA_ALG_TLS12_PSK_TO_MS( PSA_ALG_SHA_384 ):ALG_IS_TLS12_PSK_TO_MS
-
-Key agreement: FFDH, raw output
-depends_on:MBEDTLS_DHM_C
-key_agreement_algorithm:PSA_ALG_FFDH:ALG_IS_FFDH | ALG_IS_RAW_KEY_AGREEMENT:PSA_ALG_FFDH:PSA_ALG_CATEGORY_KEY_DERIVATION
-
-Key agreement: FFDH, HKDF using SHA-256
-depends_on:MBEDTLS_DHM_C
-key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_FFDH, PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):ALG_IS_FFDH:PSA_ALG_FFDH:PSA_ALG_HKDF( PSA_ALG_SHA_256 )
-
-Key agreement: FFDH, HKDF using SHA-384
-depends_on:MBEDTLS_DHM_C
-key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_FFDH, PSA_ALG_HKDF( PSA_ALG_SHA_384 ) ):ALG_IS_FFDH:PSA_ALG_FFDH:PSA_ALG_HKDF( PSA_ALG_SHA_384 )
-
-Key agreement: ECDH, raw output
-depends_on:MBEDTLS_ECDH_C
-key_agreement_algorithm:PSA_ALG_ECDH:ALG_IS_ECDH | ALG_IS_RAW_KEY_AGREEMENT:PSA_ALG_ECDH:PSA_ALG_CATEGORY_KEY_DERIVATION
-
-Key agreement: ECDH, HKDF using SHA-256
-depends_on:MBEDTLS_ECDH_C
-key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):ALG_IS_ECDH:PSA_ALG_ECDH:PSA_ALG_HKDF( PSA_ALG_SHA_256 )
-
-Key agreement: ECDH, HKDF using SHA-384
-depends_on:MBEDTLS_ECDH_C
-key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, PSA_ALG_HKDF( PSA_ALG_SHA_384 ) ):ALG_IS_ECDH:PSA_ALG_ECDH:PSA_ALG_HKDF( PSA_ALG_SHA_384 )
-
-Key type: raw data
-key_type:PSA_KEY_TYPE_RAW_DATA:KEY_TYPE_IS_UNSTRUCTURED
-
-Key type: HMAC
-key_type:PSA_KEY_TYPE_HMAC:KEY_TYPE_IS_UNSTRUCTURED
-
-Key type: secret for key derivation
-key_type:PSA_KEY_TYPE_DERIVE:KEY_TYPE_IS_UNSTRUCTURED
-
-Block cipher key type: AES
-depends_on:MBEDTLS_AES_C
-block_cipher_key_type:PSA_KEY_TYPE_AES:16
-
-Block cipher key type: DES
-depends_on:MBEDTLS_DES_C
-block_cipher_key_type:PSA_KEY_TYPE_DES:8
-
-Block cipher key type: Camellia
-depends_on:MBEDTLS_CAMELLIA_C
-block_cipher_key_type:PSA_KEY_TYPE_CAMELLIA:16
-
-Stream cipher key type: ARC4
-depends_on:MBEDTLS_ARC4_C
-stream_cipher_key_type:PSA_KEY_TYPE_ARC4
-
-Stream cipher key type: ChaCha20
-depends_on:MBEDTLS_CHACHA20_C
-stream_cipher_key_type:PSA_KEY_TYPE_CHACHA20
-
-Key type: RSA public key
-depends_on:MBEDTLS_RSA_C
-key_type:PSA_KEY_TYPE_RSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_RSA
-
-Key type: RSA key pair
-depends_on:MBEDTLS_RSA_C
-key_type:PSA_KEY_TYPE_RSA_KEY_PAIR:KEY_TYPE_IS_KEY_PAIR | KEY_TYPE_IS_RSA
-
-ECC key family: SECP K1
-ecc_key_family:PSA_ECC_FAMILY_SECP_K1
-
-ECC key family: SECP R1
-ecc_key_family:PSA_ECC_FAMILY_SECP_R1
-
-ECC key family: SECP R2
-ecc_key_family:PSA_ECC_FAMILY_SECP_R2
-
-ECC key family: SECT K1
-ecc_key_family:PSA_ECC_FAMILY_SECT_K1
-
-ECC key family: SECT R1
-ecc_key_family:PSA_ECC_FAMILY_SECT_R1
-
-ECC key family: SECT R2
-ecc_key_family:PSA_ECC_FAMILY_SECT_R2
-
-ECC key family: Brainpool P R1
-ecc_key_family:PSA_ECC_FAMILY_BRAINPOOL_P_R1
-
-ECC key family: Montgomery (Curve25519, Curve448)
-ecc_key_family:PSA_ECC_FAMILY_MONTGOMERY
-
-DH group family: RFC 7919
-dh_key_family:PSA_DH_FAMILY_RFC7919
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_metadata.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_metadata.function
deleted file mode 100644
index 7c0929e..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_metadata.function
+++ /dev/null
@@ -1,535 +0,0 @@
-/* BEGIN_HEADER */
-/* Test macros that provide metadata about algorithms and key types.
- * This test suite only contains tests that don't require executing
- * code. Other test suites validate macros that require creating a key
- * and using it. */
-
-#if defined(MBEDTLS_PSA_CRYPTO_SPM)
-#include "spm/psa_defs.h"
-#endif
-
-#include "psa/crypto.h"
-
-/* Flags for algorithm classification macros. There is a flag for every
- * algorithm classification macro PSA_ALG_IS_xxx except for the
- * category test macros, which are hard-coded in each
- * category-specific function. The name of the flag is the name of the
- * classification macro without the PSA_ prefix. */
-#define ALG_IS_VENDOR_DEFINED           ( 1u << 0 )
-#define ALG_IS_HMAC                     ( 1u << 1 )
-#define ALG_IS_BLOCK_CIPHER_MAC         ( 1u << 2 )
-#define ALG_IS_STREAM_CIPHER            ( 1u << 3 )
-#define ALG_IS_RSA_PKCS1V15_SIGN        ( 1u << 4 )
-#define ALG_IS_RSA_PSS                  ( 1u << 5 )
-#define ALG_IS_DSA                      ( 1u << 6 )
-#define ALG_DSA_IS_DETERMINISTIC        ( 1u << 7 )
-#define ALG_IS_DETERMINISTIC_DSA        ( 1u << 8 )
-#define ALG_IS_RANDOMIZED_DSA           ( 1u << 9 )
-#define ALG_IS_ECDSA                    ( 1u << 10 )
-#define ALG_ECDSA_IS_DETERMINISTIC      ( 1u << 11 )
-#define ALG_IS_DETERMINISTIC_ECDSA      ( 1u << 12 )
-#define ALG_IS_RANDOMIZED_ECDSA         ( 1u << 13 )
-#define ALG_IS_HASH_AND_SIGN            ( 1u << 14 )
-#define ALG_IS_RSA_OAEP                 ( 1u << 15 )
-#define ALG_IS_HKDF                     ( 1u << 16 )
-#define ALG_IS_FFDH                     ( 1u << 17 )
-#define ALG_IS_ECDH                     ( 1u << 18 )
-#define ALG_IS_WILDCARD                 ( 1u << 19 )
-#define ALG_IS_RAW_KEY_AGREEMENT        ( 1u << 20 )
-#define ALG_IS_AEAD_ON_BLOCK_CIPHER     ( 1u << 21 )
-#define ALG_IS_TLS12_PRF                ( 1u << 22 )
-#define ALG_IS_TLS12_PSK_TO_MS          ( 1u << 23 )
-
-/* Flags for key type classification macros. There is a flag for every
- * key type classification macro PSA_KEY_TYPE_IS_xxx except for some that
- * are tested as derived from other macros. The name of the flag is
- * the name of the classification macro without the PSA_ prefix. */
-#define KEY_TYPE_IS_VENDOR_DEFINED      ( 1u << 0 )
-#define KEY_TYPE_IS_UNSTRUCTURED        ( 1u << 1 )
-#define KEY_TYPE_IS_PUBLIC_KEY          ( 1u << 2 )
-#define KEY_TYPE_IS_KEY_PAIR             ( 1u << 3 )
-#define KEY_TYPE_IS_RSA                 ( 1u << 4 )
-#define KEY_TYPE_IS_DSA                 ( 1u << 5 )
-#define KEY_TYPE_IS_ECC                 ( 1u << 6 )
-#define KEY_TYPE_IS_DH                  ( 1u << 7 )
-
-#define TEST_CLASSIFICATION_MACRO( flag, alg, flags )           \
-    TEST_ASSERT( PSA_##flag( alg ) == !! ( ( flags ) & flag ) )
-
-/* Check the parity of value.
- *
- * There are several numerical encodings for which the PSA Cryptography API
- * specification deliberately defines encodings that all have the same
- * parity. This way, a data glitch that flips one bit in the data cannot
- * possibly turn a valid encoding into another valid encoding. Here in
- * the tests, we check that the values (including Mbed TLS vendor-specific
- * values) have the expected parity.
- *
- * The expected parity is even so that 0 is considered a valid encoding.
- *
- * Return a nonzero value if value has even parity and 0 otherwise. */
-int has_even_parity( uint32_t value )
-{
-    value ^= value >> 16;
-    value ^= value >> 8;
-    value ^= value >> 4;
-    return( 0x9669 & 1 << ( value & 0xf ) );
-}
-#define TEST_PARITY( value )                    \
-    TEST_ASSERT( has_even_parity( value ) )
-
-void algorithm_classification( psa_algorithm_t alg, unsigned flags )
-{
-    TEST_CLASSIFICATION_MACRO( ALG_IS_VENDOR_DEFINED, alg, flags );
-    TEST_CLASSIFICATION_MACRO( ALG_IS_HMAC, alg, flags );
-    TEST_CLASSIFICATION_MACRO( ALG_IS_BLOCK_CIPHER_MAC, alg, flags );
-    TEST_CLASSIFICATION_MACRO( ALG_IS_STREAM_CIPHER, alg, flags );
-    TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_PKCS1V15_SIGN, alg, flags );
-    TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_PSS, alg, flags );
-    TEST_CLASSIFICATION_MACRO( ALG_IS_DSA, alg, flags );
-    if ( PSA_ALG_IS_DSA( alg ) )
-        TEST_CLASSIFICATION_MACRO( ALG_DSA_IS_DETERMINISTIC, alg, flags );
-    TEST_CLASSIFICATION_MACRO( ALG_IS_DETERMINISTIC_DSA, alg, flags );
-    TEST_CLASSIFICATION_MACRO( ALG_IS_RANDOMIZED_DSA, alg, flags );
-    TEST_CLASSIFICATION_MACRO( ALG_IS_ECDSA, alg, flags );
-    if ( PSA_ALG_IS_ECDSA( alg ) )
-        TEST_CLASSIFICATION_MACRO( ALG_ECDSA_IS_DETERMINISTIC, alg, flags );
-    TEST_CLASSIFICATION_MACRO( ALG_IS_DETERMINISTIC_ECDSA, alg, flags );
-    TEST_CLASSIFICATION_MACRO( ALG_IS_RANDOMIZED_ECDSA, alg, flags );
-    TEST_CLASSIFICATION_MACRO( ALG_IS_HASH_AND_SIGN, alg, flags );
-    TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_OAEP, alg, flags );
-    TEST_CLASSIFICATION_MACRO( ALG_IS_HKDF, alg, flags );
-    TEST_CLASSIFICATION_MACRO( ALG_IS_WILDCARD, alg, flags );
-    TEST_CLASSIFICATION_MACRO( ALG_IS_ECDH, alg, flags );
-    TEST_CLASSIFICATION_MACRO( ALG_IS_FFDH, alg, flags );
-    TEST_CLASSIFICATION_MACRO( ALG_IS_RAW_KEY_AGREEMENT, alg, flags );
-    TEST_CLASSIFICATION_MACRO( ALG_IS_AEAD_ON_BLOCK_CIPHER, alg, flags );
-exit: ;
-}
-
-void key_type_classification( psa_key_type_t type, unsigned flags )
-{
-    /* Macros tested based on the test case parameter */
-    TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_VENDOR_DEFINED, type, flags );
-    TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_UNSTRUCTURED, type, flags );
-    TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_PUBLIC_KEY, type, flags );
-    TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_KEY_PAIR, type, flags );
-    TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_RSA, type, flags );
-    TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_ECC, type, flags );
-    TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_DH, type, flags );
-
-    /* Macros with derived semantics */
-    TEST_EQUAL( PSA_KEY_TYPE_IS_ASYMMETRIC( type ),
-                ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ||
-                  PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) );
-    TEST_EQUAL( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ),
-                ( PSA_KEY_TYPE_IS_ECC( type ) &&
-                  PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) );
-    TEST_EQUAL( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ),
-                ( PSA_KEY_TYPE_IS_ECC( type ) &&
-                  PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) );
-    TEST_EQUAL( PSA_KEY_TYPE_IS_DH_KEY_PAIR( type ),
-                ( PSA_KEY_TYPE_IS_DH( type ) &&
-                  PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) );
-    TEST_EQUAL( PSA_KEY_TYPE_IS_DH_PUBLIC_KEY( type ),
-                ( PSA_KEY_TYPE_IS_DH( type ) &&
-                  PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) );
-
-    TEST_PARITY( type );
-
-exit: ;
-}
-
-void mac_algorithm_core( psa_algorithm_t alg, int classification_flags,
-                         psa_key_type_t key_type, size_t key_bits,
-                         size_t length )
-{
-    /* Algorithm classification */
-    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
-    TEST_ASSERT( PSA_ALG_IS_MAC( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
-    algorithm_classification( alg, classification_flags );
-
-    /* Length */
-    TEST_EQUAL( length, PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) );
-
-exit: ;
-}
-
-void aead_algorithm_core( psa_algorithm_t alg, int classification_flags,
-                          size_t tag_length )
-{
-    /* Algorithm classification */
-    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
-    TEST_ASSERT( PSA_ALG_IS_AEAD( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
-    algorithm_classification( alg, classification_flags );
-
-    /* Tag length */
-    TEST_EQUAL( tag_length, PSA_AEAD_TAG_LENGTH( alg ) );
-
-exit: ;
-}
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PSA_CRYPTO_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void hash_algorithm( int alg_arg, int length_arg )
-{
-    psa_algorithm_t alg = alg_arg;
-    size_t length = length_arg;
-    psa_algorithm_t hmac_alg = PSA_ALG_HMAC( alg );
-    psa_algorithm_t rsa_pkcs1v15_sign_alg = PSA_ALG_RSA_PKCS1V15_SIGN( alg );
-    psa_algorithm_t rsa_pss_alg = PSA_ALG_RSA_PSS( alg );
-    psa_algorithm_t dsa_alg = PSA_ALG_DSA( alg );
-    psa_algorithm_t deterministic_dsa_alg = PSA_ALG_DETERMINISTIC_DSA( alg );
-    psa_algorithm_t ecdsa_alg = PSA_ALG_ECDSA( alg );
-    psa_algorithm_t deterministic_ecdsa_alg = PSA_ALG_DETERMINISTIC_ECDSA( alg );
-    psa_algorithm_t rsa_oaep_alg = PSA_ALG_RSA_OAEP( alg );
-    psa_algorithm_t hkdf_alg = PSA_ALG_HKDF( alg );
-
-    /* Algorithm classification */
-    TEST_ASSERT( PSA_ALG_IS_HASH( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
-    algorithm_classification( alg, 0 );
-
-    /* Dependent algorithms */
-    TEST_EQUAL( PSA_ALG_HMAC_GET_HASH( hmac_alg ), alg );
-    TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( rsa_pkcs1v15_sign_alg ), alg );
-    TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( rsa_pss_alg ), alg );
-    TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( dsa_alg ), alg );
-    TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( deterministic_dsa_alg ), alg );
-    TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( ecdsa_alg ), alg );
-    TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( deterministic_ecdsa_alg ), alg );
-    TEST_EQUAL( PSA_ALG_RSA_OAEP_GET_HASH( rsa_oaep_alg ), alg );
-    TEST_EQUAL( PSA_ALG_HKDF_GET_HASH( hkdf_alg ), alg );
-
-    /* Hash length */
-    TEST_EQUAL( length, PSA_HASH_SIZE( alg ) );
-    TEST_ASSERT( length <= PSA_HASH_MAX_SIZE );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mac_algorithm( int alg_arg, int classification_flags,
-                    int length_arg,
-                    int key_type_arg, int key_bits_arg )
-{
-    psa_algorithm_t alg = alg_arg;
-    size_t length = length_arg;
-    size_t n;
-    size_t key_type = key_type_arg;
-    size_t key_bits = key_bits_arg;
-
-    mac_algorithm_core( alg, classification_flags,
-                        key_type, key_bits, length );
-    TEST_EQUAL( PSA_ALG_FULL_LENGTH_MAC( alg ), alg );
-    TEST_ASSERT( length <= PSA_MAC_MAX_SIZE );
-
-    /* Truncated versions */
-    for( n = 1; n <= length; n++ )
-    {
-        psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC( alg, n );
-        mac_algorithm_core( truncated_alg, classification_flags,
-                            key_type, key_bits, n );
-        TEST_EQUAL( PSA_ALG_FULL_LENGTH_MAC( truncated_alg ), alg );
-        /* Check that calling PSA_ALG_TRUNCATED_MAC twice gives the length
-         * of the outer truncation (even if the outer length is smaller than
-         * the inner length). */
-        TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( truncated_alg, 1 ),
-                    PSA_ALG_TRUNCATED_MAC( alg, 1 ) );
-        TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( truncated_alg, length - 1 ),
-                    PSA_ALG_TRUNCATED_MAC( alg, length - 1) );
-        TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( truncated_alg, length ),
-                    PSA_ALG_TRUNCATED_MAC( alg, length ) );
-    }
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void hmac_algorithm( int alg_arg,
-                     int length_arg,
-                     int block_size_arg )
-{
-    psa_algorithm_t alg = alg_arg;
-    psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg );
-    size_t block_size = block_size_arg;
-    size_t length = length_arg;
-    size_t n;
-
-    TEST_ASSERT( PSA_ALG_IS_HASH( hash_alg ) );
-    TEST_EQUAL( PSA_ALG_HMAC( hash_alg ), alg );
-
-    TEST_ASSERT( block_size <= PSA_HMAC_MAX_HASH_BLOCK_SIZE );
-
-    test_mac_algorithm( alg_arg, ALG_IS_HMAC, length,
-                        PSA_KEY_TYPE_HMAC, PSA_BYTES_TO_BITS( length ) );
-
-    for( n = 1; n <= length; n++ )
-    {
-        psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC( alg, n );
-        TEST_EQUAL( PSA_ALG_HMAC_GET_HASH( truncated_alg ), hash_alg );
-    }
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_algorithm( int alg_arg, int classification_flags )
-{
-    psa_algorithm_t alg = alg_arg;
-
-    /* Algorithm classification */
-    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
-    TEST_ASSERT( PSA_ALG_IS_CIPHER( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
-    algorithm_classification( alg, classification_flags );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void aead_algorithm( int alg_arg, int classification_flags,
-                     int tag_length_arg )
-{
-    psa_algorithm_t alg = alg_arg;
-    size_t tag_length = tag_length_arg;
-    size_t n;
-
-    aead_algorithm_core( alg, classification_flags, tag_length );
-
-    /* Truncated versions */
-    for( n = 1; n <= tag_length; n++ )
-    {
-        psa_algorithm_t truncated_alg = PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, n );
-        aead_algorithm_core( truncated_alg, classification_flags, n );
-        TEST_EQUAL( PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH( truncated_alg ),
-                    alg );
-        /* Check that calling PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH twice gives
-         * the length of the outer truncation (even if the outer length is
-         * smaller than the inner length). */
-        TEST_EQUAL( PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, 1 ),
-                    PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 1 ) );
-        TEST_EQUAL( PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length - 1 ),
-                    PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length - 1) );
-        TEST_EQUAL( PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length ),
-                    PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length ) );
-    }
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void asymmetric_signature_algorithm( int alg_arg, int classification_flags )
-{
-    psa_algorithm_t alg = alg_arg;
-
-    /* Algorithm classification */
-    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
-    TEST_ASSERT( PSA_ALG_IS_SIGN( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
-    algorithm_classification( alg, classification_flags );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void asymmetric_signature_wildcard( int alg_arg, int classification_flags )
-{
-    classification_flags |= ALG_IS_HASH_AND_SIGN | ALG_IS_WILDCARD;
-    test_asymmetric_signature_algorithm( alg_arg, classification_flags );
-    /* Any failure of this test function comes from
-     * asymmetric_signature_algorithm. Pacify -Werror=unused-label. */
-    goto exit;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void asymmetric_encryption_algorithm( int alg_arg, int classification_flags )
-{
-    psa_algorithm_t alg = alg_arg;
-
-    /* Algorithm classification */
-    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
-    TEST_ASSERT( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
-    algorithm_classification( alg, classification_flags );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_derivation_algorithm( int alg_arg, int classification_flags )
-{
-    psa_algorithm_t alg = alg_arg;
-    psa_algorithm_t ecdh_alg = PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, alg );
-    psa_algorithm_t ffdh_alg = PSA_ALG_KEY_AGREEMENT( PSA_ALG_FFDH, alg );
-
-    /* Algorithm classification */
-    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
-    TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( alg ) );
-    algorithm_classification( alg, classification_flags );
-
-    /* Check combinations with key agreements */
-    TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( ecdh_alg ) );
-    TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( ffdh_alg ) );
-    TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( ecdh_alg ), alg );
-    TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( ffdh_alg ), alg );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_agreement_algorithm( int alg_arg, int classification_flags,
-                              int ka_alg_arg, int kdf_alg_arg )
-{
-    psa_algorithm_t alg = alg_arg;
-    psa_algorithm_t actual_ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE( alg );
-    psa_algorithm_t expected_ka_alg = ka_alg_arg;
-    psa_algorithm_t actual_kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF( alg );
-    psa_algorithm_t expected_kdf_alg = kdf_alg_arg;
-
-    /* Algorithm classification */
-    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
-    TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
-    algorithm_classification( alg, classification_flags );
-
-    /* Shared secret derivation properties */
-    TEST_EQUAL( actual_ka_alg, expected_ka_alg );
-    TEST_EQUAL( actual_kdf_alg, expected_kdf_alg );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_type( int type_arg, int classification_flags )
-{
-    psa_key_type_t type = type_arg;
-
-    key_type_classification( type, classification_flags );
-
-    /* For asymmetric types, check the corresponding pair/public type */
-    if( classification_flags & KEY_TYPE_IS_PUBLIC_KEY )
-    {
-        psa_key_type_t pair_type = PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY( type );
-        TEST_EQUAL( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( pair_type ), type );
-        key_type_classification( pair_type,
-                                 ( classification_flags
-                                   & ~KEY_TYPE_IS_PUBLIC_KEY )
-                                 | KEY_TYPE_IS_KEY_PAIR );
-        TEST_EQUAL( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( type ), type );
-    }
-    if( classification_flags & KEY_TYPE_IS_KEY_PAIR )
-    {
-        psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( type );
-        TEST_EQUAL( PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY( public_type ), type );
-        key_type_classification( public_type,
-                                 ( classification_flags
-                                   & ~KEY_TYPE_IS_KEY_PAIR )
-                                 | KEY_TYPE_IS_PUBLIC_KEY );
-        TEST_EQUAL( PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY( type ), type );
-    }
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void block_cipher_key_type( int type_arg, int block_size_arg )
-{
-    psa_key_type_t type = type_arg;
-    size_t block_size = block_size_arg;
-
-    test_key_type( type_arg, KEY_TYPE_IS_UNSTRUCTURED );
-
-    TEST_EQUAL( type & PSA_KEY_TYPE_CATEGORY_MASK,
-                PSA_KEY_TYPE_CATEGORY_SYMMETRIC );
-    TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_SIZE( type ), block_size );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void stream_cipher_key_type( int type_arg )
-{
-    psa_key_type_t type = type_arg;
-
-    test_key_type( type_arg, KEY_TYPE_IS_UNSTRUCTURED );
-
-    TEST_EQUAL( type & PSA_KEY_TYPE_CATEGORY_MASK,
-                PSA_KEY_TYPE_CATEGORY_SYMMETRIC );
-    TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_SIZE( type ), 1 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */
-void ecc_key_family( int curve_arg )
-{
-    psa_ecc_family_t curve = curve_arg;
-    psa_key_type_t public_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve );
-    psa_key_type_t pair_type = PSA_KEY_TYPE_ECC_KEY_PAIR( curve );
-
-    TEST_PARITY( curve );
-
-    test_key_type( public_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_PUBLIC_KEY );
-    test_key_type( pair_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_KEY_PAIR );
-
-    TEST_EQUAL( PSA_KEY_TYPE_ECC_GET_FAMILY( public_type ), curve );
-    TEST_EQUAL( PSA_KEY_TYPE_ECC_GET_FAMILY( pair_type ), curve );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_DHM_C */
-void dh_key_family( int group_arg )
-{
-    psa_dh_family_t group = group_arg;
-    psa_key_type_t public_type = PSA_KEY_TYPE_DH_PUBLIC_KEY( group );
-    psa_key_type_t pair_type = PSA_KEY_TYPE_DH_KEY_PAIR( group );
-
-    TEST_PARITY( group );
-
-    test_key_type( public_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_PUBLIC_KEY );
-    test_key_type( pair_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_KEY_PAIR );
-
-    TEST_EQUAL( PSA_KEY_TYPE_DH_GET_FAMILY( public_type ), group );
-    TEST_EQUAL( PSA_KEY_TYPE_DH_GET_FAMILY( pair_type ), group );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_persistent_key.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_persistent_key.function
deleted file mode 100644
index 8e10158..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_persistent_key.function
+++ /dev/null
@@ -1,326 +0,0 @@
-/* BEGIN_HEADER */
-
-/* The tests in this module verify the contents of key store files. They
- * access internal key storage functions directly. Some of the tests depend
- * on the the storage format. On the other hand, these tests treat the storage
- * subsystem as a black box, and in particular have no reliance on the
- * internals of the ITS implementation.
- */
-
-#include <stdint.h>
-
-#include "test/psa_crypto_helpers.h"
-#include "psa_crypto_slot_management.h"
-#include "psa_crypto_storage.h"
-
-#include "mbedtls/md.h"
-
-#define PSA_KEY_STORAGE_MAGIC_HEADER "PSA\0KEY"
-#define PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ( sizeof( PSA_KEY_STORAGE_MAGIC_HEADER ) )
-
-/* Enforce the storage format for keys. The storage format is not a public
- * documented interface, but it must be preserved between versions so that
- * upgrades work smoothly, so it's a stable interface nonetheless.
- */
-typedef struct {
-    uint8_t magic[PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH];
-    uint8_t version[4];
-    uint8_t lifetime[sizeof( psa_key_lifetime_t )];
-    uint8_t type[4];
-    uint8_t policy[sizeof( psa_key_policy_t )];
-    uint8_t data_len[4];
-    uint8_t key_data[];
-} psa_persistent_key_storage_format;
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void format_storage_data_check( data_t *key_data,
-                                data_t *expected_file_data,
-                                int key_lifetime, int key_type, int key_bits,
-                                int key_usage, int key_alg, int key_alg2 )
-{
-    uint8_t *file_data = NULL;
-    size_t file_data_length =
-        key_data->len + sizeof( psa_persistent_key_storage_format );
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    psa_set_key_lifetime( &attributes, key_lifetime );
-    psa_set_key_type( &attributes, key_type );
-    psa_set_key_bits( &attributes, key_bits );
-    psa_set_key_usage_flags( &attributes, key_usage );
-    psa_set_key_algorithm( &attributes, key_alg );
-    psa_set_key_enrollment_algorithm( &attributes, key_alg2 );
-
-    ASSERT_ALLOC( file_data, file_data_length );
-    psa_format_key_data_for_storage( key_data->x, key_data->len,
-                                     &attributes.core,
-                                     file_data );
-
-    ASSERT_COMPARE( expected_file_data->x, expected_file_data->len,
-                    file_data, file_data_length );
-
-exit:
-    mbedtls_free( file_data );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void parse_storage_data_check( data_t *file_data,
-                               data_t *expected_key_data,
-                               int expected_key_lifetime,
-                               int expected_key_type,
-                               int expected_key_bits,
-                               int expected_key_usage,
-                               int expected_key_alg,
-                               int expected_key_alg2,
-                               int expected_status )
-{
-    uint8_t *key_data = NULL;
-    size_t key_data_length = 0;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_status_t status;
-
-    status = psa_parse_key_data_from_storage( file_data->x, file_data->len,
-                                              &key_data, &key_data_length,
-                                              &attributes.core );
-
-    TEST_EQUAL( status, expected_status );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    TEST_EQUAL( psa_get_key_lifetime( &attributes ),
-                (psa_key_type_t) expected_key_lifetime );
-    TEST_EQUAL( psa_get_key_type( &attributes ),
-                (psa_key_type_t) expected_key_type );
-    TEST_EQUAL( psa_get_key_bits( &attributes ),
-                (psa_key_bits_t) expected_key_bits );
-    TEST_EQUAL( psa_get_key_usage_flags( &attributes ),
-                (uint32_t) expected_key_usage );
-    TEST_EQUAL( psa_get_key_algorithm( &attributes ),
-                (uint32_t) expected_key_alg );
-    TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ),
-                (uint32_t) expected_key_alg2 );
-    ASSERT_COMPARE( expected_key_data->x, expected_key_data->len,
-                    key_data, key_data_length );
-
-exit:
-    mbedtls_free( key_data );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void save_large_persistent_key( int data_length_arg, int expected_status )
-{
-    mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 42 );
-    uint8_t *data = NULL;
-    size_t data_length = data_length_arg;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    ASSERT_ALLOC( data, data_length );
-
-    PSA_ASSERT( psa_crypto_init() );
-
-    psa_set_key_id( &attributes, key_id );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
-
-    TEST_EQUAL( psa_import_key( &attributes, data, data_length, &key_id ),
-                expected_status );
-
-    if( expected_status == PSA_SUCCESS )
-        PSA_ASSERT( psa_destroy_key( key_id ) );
-
-exit:
-    mbedtls_free( data );
-    PSA_DONE();
-    psa_destroy_persistent_key( key_id );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void persistent_key_destroy( int owner_id_arg, int key_id_arg, int restart,
-                             int first_type_arg, data_t *first_data,
-                             int second_type_arg, data_t *second_data )
-{
-    mbedtls_svc_key_id_t key_id =
-        mbedtls_svc_key_id_make( owner_id_arg, key_id_arg );
-    mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_type_t first_type = (psa_key_type_t) first_type_arg;
-    psa_key_type_t second_type = (psa_key_type_t) second_type_arg;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init() );
-
-    psa_set_key_id( &attributes, key_id );
-    psa_set_key_type( &attributes, first_type );
-
-    PSA_ASSERT( psa_import_key( &attributes, first_data->x, first_data->len,
-                                &returned_key_id ) );
-
-    if( restart )
-    {
-        psa_close_key( key_id );
-        PSA_DONE();
-        PSA_ASSERT( psa_crypto_init() );
-    }
-    TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 1 );
-
-    /* Destroy the key */
-    PSA_ASSERT( psa_destroy_key( key_id ) );
-
-    /* Check key slot storage is removed */
-    TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 );
-
-    /* Shutdown and restart */
-    PSA_DONE();
-    PSA_ASSERT( psa_crypto_init() );
-
-    /* Create another key in the same slot */
-    psa_set_key_id( &attributes, key_id );
-    psa_set_key_type( &attributes, second_type );
-    PSA_ASSERT( psa_import_key( &attributes, second_data->x, second_data->len,
-                                &returned_key_id ) );
-
-    PSA_ASSERT( psa_destroy_key( key_id ) );
-
-exit:
-    PSA_DONE();
-    psa_destroy_persistent_key( key_id );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void persistent_key_import( int owner_id_arg, int key_id_arg, int type_arg,
-                            data_t *data, int restart, int expected_status )
-{
-    mbedtls_svc_key_id_t key_id =
-        mbedtls_svc_key_id_make( owner_id_arg, key_id_arg );
-    mbedtls_svc_key_id_t returned_key_id;
-    psa_key_type_t type = (psa_key_type_t) type_arg;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init() );
-
-    psa_set_key_id( &attributes, key_id );
-    psa_set_key_type( &attributes, type );
-    TEST_EQUAL( psa_import_key( &attributes, data->x, data->len, &returned_key_id ),
-                expected_status );
-
-    if( expected_status != PSA_SUCCESS )
-    {
-        TEST_ASSERT( mbedtls_svc_key_id_is_null( returned_key_id ) );
-        TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 );
-        goto exit;
-    }
-
-    TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, key_id ) );
-
-    if( restart )
-    {
-        PSA_ASSERT( psa_purge_key( key_id ) );
-        PSA_DONE();
-        PSA_ASSERT( psa_crypto_init() );
-    }
-
-    psa_reset_key_attributes( &attributes );
-    PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) );
-    TEST_ASSERT( mbedtls_svc_key_id_equal( psa_get_key_id( &attributes ),
-                                           key_id ) );
-    TEST_EQUAL( psa_get_key_lifetime( &attributes ),
-                PSA_KEY_LIFETIME_PERSISTENT );
-    TEST_EQUAL( psa_get_key_type( &attributes ), type );
-    TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 );
-    TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
-
-    PSA_ASSERT( psa_destroy_key( key_id ) );
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    psa_destroy_persistent_key( key_id );
-    PSA_DONE();
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void import_export_persistent_key( data_t *data, int type_arg,
-                                   int expected_bits,
-                                   int restart, int key_not_exist )
-{
-    mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 42 );
-    psa_key_type_t type = (psa_key_type_t) type_arg;
-    mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT;
-    unsigned char *exported = NULL;
-    size_t export_size = data->len;
-    size_t exported_length;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    ASSERT_ALLOC( exported, export_size );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_id( &attributes, key_id );
-    psa_set_key_type( &attributes, type );
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
-
-    /* Import the key */
-    PSA_ASSERT( psa_import_key( &attributes, data->x, data->len,
-                                &returned_key_id ) );
-
-
-    if( restart )
-    {
-        PSA_ASSERT( psa_purge_key( key_id ) );
-        PSA_DONE();
-        PSA_ASSERT( psa_crypto_init() );
-    }
-
-    /* Test the key information */
-    psa_reset_key_attributes( &attributes );
-    PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) );
-    TEST_ASSERT( mbedtls_svc_key_id_equal(
-                     psa_get_key_id( &attributes ), key_id ) );
-    TEST_EQUAL( psa_get_key_lifetime( &attributes ),
-                PSA_KEY_LIFETIME_PERSISTENT );
-    TEST_EQUAL( psa_get_key_type( &attributes ), type );
-    TEST_EQUAL( psa_get_key_bits( &attributes ), (size_t) expected_bits );
-    TEST_EQUAL( psa_get_key_usage_flags( &attributes ), PSA_KEY_USAGE_EXPORT );
-    TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
-
-    TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 1 );
-
-    if( key_not_exist )
-    {
-        psa_destroy_persistent_key( key_id );
-    }
-    /* Export the key */
-    PSA_ASSERT( psa_export_key( key_id, exported, export_size,
-                                &exported_length ) );
-
-    ASSERT_COMPARE( data->x, data->len, exported, exported_length );
-
-    /* Destroy the key */
-    PSA_ASSERT( psa_destroy_key( key_id ) );
-    TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 );
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    mbedtls_free( exported );
-    PSA_DONE( );
-    psa_destroy_persistent_key( key_id );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_se_driver_hal.function
deleted file mode 100644
index 1add9b4..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_se_driver_hal.function
+++ /dev/null
@@ -1,1546 +0,0 @@
-/* BEGIN_HEADER */
-#include "test/psa_crypto_helpers.h"
-#include "psa/crypto_se_driver.h"
-
-#include "psa_crypto_se.h"
-#include "psa_crypto_slot_management.h"
-#include "psa_crypto_storage.h"
-
-/* Invasive peeking: check the persistent data */
-#if defined(MBEDTLS_PSA_ITS_FILE_C)
-#include "psa_crypto_its.h"
-#else /* Native ITS implementation */
-#include "psa/error.h"
-#include "psa/internal_trusted_storage.h"
-#endif
-
-
-/****************************************************************/
-/* Test driver helpers */
-/****************************************************************/
-
-/** The minimum valid location value for a secure element driver. */
-#define MIN_DRIVER_LOCATION 1
-
-/** The location and lifetime used for tests that use a single driver. */
-#define TEST_DRIVER_LOCATION 1
-#define TEST_SE_PERSISTENT_LIFETIME                             \
-    ( PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(           \
-        PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION ) )
-
-#define TEST_SE_VOLATILE_LIFETIME                               \
-    ( PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(           \
-        PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ) )
-
-/** The driver detected a condition that shouldn't happen.
- * This is probably a bug in the library. */
-#define PSA_ERROR_DETECTED_BY_DRIVER ((psa_status_t)( -500 ))
-
-/** Like #TEST_ASSERT for use in a driver method, with no cleanup.
- *
- * If an error happens, this macro returns from the calling function.
- *
- * Use this macro to assert on guarantees provided by the core.
- */
-#define DRIVER_ASSERT_RETURN( TEST )                        \
-    do {                                                    \
-       if( ! (TEST) )                                       \
-       {                                                    \
-          test_fail( #TEST, __LINE__, __FILE__ );           \
-          return( PSA_ERROR_DETECTED_BY_DRIVER );           \
-       }                                                    \
-    } while( 0 )
-
-/** Like #TEST_ASSERT for use in a driver method, with cleanup.
- *
- * In case of error, this macro sets `status` and jumps to the
- * label `exit`.
- *
- * Use this macro to assert on guarantees provided by the core.
- */
-#define DRIVER_ASSERT( TEST )                               \
-    do {                                                    \
-       if( ! (TEST) )                                       \
-       {                                                    \
-          test_fail( #TEST, __LINE__, __FILE__ );           \
-          status = PSA_ERROR_DETECTED_BY_DRIVER;            \
-          goto exit;                                        \
-       }                                                    \
-    } while( 0 )
-
-/** Like #PSA_ASSERT for a PSA API call that calls a driver underneath.
- *
- * Run the code \p expr. If this returns \p expected_status,
- * do nothing. If this returns #PSA_ERROR_DETECTED_BY_DRIVER,
- * jump directly to the `exit` label. If this returns any other
- * status, call test_fail() then jump to `exit`.
- *
- * The special case for #PSA_ERROR_DETECTED_BY_DRIVER is because in this
- * case, the test driver code is expected to have called test_fail()
- * already, so we make sure not to overwrite the failure information.
- */
-#define PSA_ASSERT_VIA_DRIVER( expr, expected_status )                  \
-    do {                                                                \
-        psa_status_t PSA_ASSERT_VIA_DRIVER_status = ( expr );           \
-        if( PSA_ASSERT_VIA_DRIVER_status == PSA_ERROR_DETECTED_BY_DRIVER ) \
-            goto exit;                                                  \
-        if( PSA_ASSERT_VIA_DRIVER_status != ( expected_status ) )       \
-        {                                                               \
-            test_fail( #expr, __LINE__, __FILE__ );                     \
-            goto exit;                                                  \
-        }                                                               \
-    } while( 0 )
-
-
-
-/****************************************************************/
-/* Domain support functions */
-/****************************************************************/
-
-/* Return the exact bit size given a curve family and a byte length. */
-static size_t ecc_curve_bits( psa_ecc_family_t curve, size_t data_length )
-{
-    switch( curve )
-    {
-        case PSA_ECC_FAMILY_SECP_R1:
-            if( data_length == PSA_BYTES_TO_BITS( 521 ) )
-                return( 521 );
-            break;
-        case PSA_ECC_FAMILY_MONTGOMERY:
-            if( data_length == PSA_BYTES_TO_BITS( 255 ) )
-                return( 255 );
-    }
-    /* If not listed above, assume a multiple of 8 bits. */
-    return( PSA_BYTES_TO_BITS( data_length ) );
-}
-
-
-/****************************************************************/
-/* Miscellaneous driver methods */
-/****************************************************************/
-
-typedef struct
-{
-    psa_key_slot_number_t slot_number;
-    psa_key_creation_method_t method;
-    psa_status_t status;
-} validate_slot_number_directions_t;
-static validate_slot_number_directions_t validate_slot_number_directions;
-
-/* Validate a choice of slot number as directed. */
-static psa_status_t validate_slot_number_as_directed(
-    psa_drv_se_context_t *context,
-    void *persistent_data,
-    const psa_key_attributes_t *attributes,
-    psa_key_creation_method_t method,
-    psa_key_slot_number_t slot_number )
-{
-    (void) context;
-    (void) persistent_data;
-    (void) attributes;
-    DRIVER_ASSERT_RETURN( slot_number ==
-                          validate_slot_number_directions.slot_number );
-    DRIVER_ASSERT_RETURN( method ==
-                          validate_slot_number_directions.method );
-    return( validate_slot_number_directions.status );
-}
-
-/* Allocate slot numbers with a monotonic counter. */
-static psa_key_slot_number_t shadow_counter;
-static void counter_reset( void )
-{
-    shadow_counter = 0;
-}
-static psa_status_t counter_allocate( psa_drv_se_context_t *context,
-                                      void *persistent_data,
-                                      const psa_key_attributes_t *attributes,
-                                      psa_key_creation_method_t method,
-                                      psa_key_slot_number_t *slot_number )
-{
-    psa_key_slot_number_t *p_counter = persistent_data;
-    (void) attributes;
-    (void) method;
-    if( context->persistent_data_size != sizeof( psa_key_slot_number_t ) )
-        return( PSA_ERROR_DETECTED_BY_DRIVER );
-    ++*p_counter;
-    if( *p_counter == 0 )
-        return( PSA_ERROR_INSUFFICIENT_STORAGE );
-    shadow_counter = *p_counter;
-    *slot_number = *p_counter;
-    return( PSA_SUCCESS );
-}
-
-/* Null import: do nothing, but pretend it worked. */
-static psa_status_t null_import( psa_drv_se_context_t *context,
-                                 psa_key_slot_number_t slot_number,
-                                 const psa_key_attributes_t *attributes,
-                                 const uint8_t *data,
-                                 size_t data_length,
-                                 size_t *bits )
-{
-    (void) context;
-    (void) slot_number;
-    (void) attributes;
-    (void) data;
-    /* We're supposed to return a key size. Return one that's correct for
-     * plain data keys. */
-    *bits = PSA_BYTES_TO_BITS( data_length );
-    return( PSA_SUCCESS );
-}
-
-/* Null generate: do nothing, but pretend it worked. */
-static psa_status_t null_generate( psa_drv_se_context_t *context,
-                                   psa_key_slot_number_t slot_number,
-                                   const psa_key_attributes_t *attributes,
-                                   uint8_t *pubkey,
-                                   size_t pubkey_size,
-                                   size_t *pubkey_length )
-{
-    (void) context;
-    (void) slot_number;
-    (void) attributes;
-
-    DRIVER_ASSERT_RETURN( *pubkey_length == 0 );
-    if( ! PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) )
-    {
-        DRIVER_ASSERT_RETURN( pubkey == NULL );
-        DRIVER_ASSERT_RETURN( pubkey_size == 0 );
-    }
-
-    return( PSA_SUCCESS );
-}
-
-/* Null destroy: do nothing, but pretend it worked. */
-static psa_status_t null_destroy( psa_drv_se_context_t *context,
-                                  void *persistent_data,
-                                  psa_key_slot_number_t slot_number )
-{
-    (void) context;
-    (void) persistent_data;
-    (void) slot_number;
-    return( PSA_SUCCESS );
-}
-
-
-
-/****************************************************************/
-/* RAM-based test driver */
-/****************************************************************/
-
-#define RAM_MAX_KEY_SIZE 64
-typedef struct
-{
-    psa_key_lifetime_t lifetime;
-    psa_key_type_t type;
-    size_t bits;
-    uint8_t content[RAM_MAX_KEY_SIZE];
-} ram_slot_t;
-static ram_slot_t ram_slots[16];
-
-/* A type with at least ARRAY_LENGTH(ram_slots) bits, containing a
- * bit vector indicating which slots are in use. */
-typedef uint16_t ram_slot_usage_t;
-
-static ram_slot_usage_t ram_shadow_slot_usage;
-
-static uint8_t ram_min_slot = 0;
-
-static void ram_slots_reset( void )
-{
-    memset( ram_slots, 0, sizeof( ram_slots ) );
-    ram_min_slot = 0;
-    ram_shadow_slot_usage = 0;
-}
-
-/* Common parts of key creation.
- *
- * In case of error, zero out ram_slots[slot_number]. But don't
- * do that if the error is PSA_ERROR_DETECTED_BY_DRIVER: in this case
- * you don't need to clean up (ram_slot_reset() will take care of it
- * in the test case function's cleanup code) and it might be wrong
- * (if slot_number is invalid).
- */
-static psa_status_t ram_create_common( psa_drv_se_context_t *context,
-                                       psa_key_slot_number_t slot_number,
-                                       const psa_key_attributes_t *attributes,
-                                       size_t required_storage )
-{
-    (void) context;
-    DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) );
-
-    ram_slots[slot_number].lifetime = psa_get_key_lifetime( attributes );
-    ram_slots[slot_number].type = psa_get_key_type( attributes );
-    ram_slots[slot_number].bits = psa_get_key_bits( attributes );
-
-    if( required_storage > sizeof( ram_slots[slot_number].content ) )
-    {
-        memset( &ram_slots[slot_number], 0, sizeof( ram_slots[slot_number] ) );
-        return( PSA_ERROR_INSUFFICIENT_STORAGE );
-    }
-
-    return( PSA_SUCCESS );
-}
-
-/* This function does everything except actually generating key material.
- * After calling it, you must copy the desired key material to
- * ram_slots[slot_number].content. */
-static psa_status_t ram_fake_generate( psa_drv_se_context_t *context,
-                                       psa_key_slot_number_t slot_number,
-                                       const psa_key_attributes_t *attributes,
-                                       uint8_t *pubkey,
-                                       size_t pubkey_size,
-                                       size_t *pubkey_length )
-{
-    psa_status_t status;
-    size_t required_storage =
-        PSA_KEY_EXPORT_MAX_SIZE( psa_get_key_type( attributes ),
-                                 psa_get_key_bits( attributes ) );
-
-    DRIVER_ASSERT_RETURN( *pubkey_length == 0 );
-    if( ! PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) )
-    {
-        DRIVER_ASSERT_RETURN( pubkey == NULL );
-        DRIVER_ASSERT_RETURN( pubkey_size == 0 );
-    }
-
-    status = ram_create_common( context, slot_number, attributes,
-                                required_storage );
-    return( status );
-}
-
-static psa_status_t ram_import( psa_drv_se_context_t *context,
-                                psa_key_slot_number_t slot_number,
-                                const psa_key_attributes_t *attributes,
-                                const uint8_t *data,
-                                size_t data_length,
-                                size_t *bits )
-{
-    psa_key_type_t type = psa_get_key_type( attributes );
-    psa_status_t status = ram_create_common( context, slot_number, attributes,
-                                             data_length );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    /* The RAM driver only works for certain key types: raw keys,
-     * and ECC key pairs. This is true in particular of the bit-size
-     * calculation here. */
-    if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) )
-        *bits = PSA_BYTES_TO_BITS( data_length );
-    else if ( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) )
-    {
-        *bits = ecc_curve_bits( PSA_KEY_TYPE_ECC_GET_FAMILY( type ), data_length );
-        if( *bits == 0 )
-            return( PSA_ERROR_DETECTED_BY_DRIVER );
-    }
-    else
-    {
-        memset( &ram_slots[slot_number], 0, sizeof( ram_slots[slot_number] ) );
-        return( PSA_ERROR_NOT_SUPPORTED );
-    }
-
-    ram_slots[slot_number].bits = *bits;
-    memcpy( ram_slots[slot_number].content, data, data_length );
-
-    return( PSA_SUCCESS );
-}
-
-static psa_status_t ram_export( psa_drv_se_context_t *context,
-                                psa_key_slot_number_t slot_number,
-                                uint8_t *data,
-                                size_t data_size,
-                                size_t *data_length )
-{
-    size_t actual_size;
-    (void) context;
-    DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) );
-    actual_size = PSA_BITS_TO_BYTES( ram_slots[slot_number].bits );
-    if( actual_size > data_size )
-        return( PSA_ERROR_BUFFER_TOO_SMALL );
-    *data_length = actual_size;
-    memcpy( data, ram_slots[slot_number].content, actual_size );
-    return( PSA_SUCCESS );
-}
-
-static psa_status_t ram_export_public( psa_drv_se_context_t *context,
-                                       psa_key_slot_number_t slot_number,
-                                       uint8_t *data,
-                                       size_t data_size,
-                                       size_t *data_length )
-{
-    psa_status_t status;
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    (void) context;
-    DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) );
-    DRIVER_ASSERT_RETURN(
-        PSA_KEY_TYPE_IS_KEY_PAIR( ram_slots[slot_number].type ) );
-
-    psa_set_key_type( &attributes, ram_slots[slot_number].type );
-    status = psa_import_key( &attributes,
-                             ram_slots[slot_number].content,
-                             PSA_BITS_TO_BYTES( ram_slots[slot_number].bits ),
-                             &key );
-    if( status != PSA_SUCCESS )
-        return( status );
-    status = psa_export_public_key( key, data, data_size, data_length );
-    psa_destroy_key( key );
-    return( PSA_SUCCESS );
-}
-
-static psa_status_t ram_destroy( psa_drv_se_context_t *context,
-                                 void *persistent_data,
-                                 psa_key_slot_number_t slot_number )
-{
-    ram_slot_usage_t *slot_usage = persistent_data;
-    DRIVER_ASSERT_RETURN( context->persistent_data_size == sizeof( ram_slot_usage_t ) );
-    DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) );
-    memset( &ram_slots[slot_number], 0, sizeof( ram_slots[slot_number] ) );
-    *slot_usage &= ~(ram_slot_usage_t)( 1 << slot_number );
-    ram_shadow_slot_usage = *slot_usage;
-    return( PSA_SUCCESS );
-}
-
-static psa_status_t ram_allocate( psa_drv_se_context_t *context,
-                                  void *persistent_data,
-                                  const psa_key_attributes_t *attributes,
-                                  psa_key_creation_method_t method,
-                                  psa_key_slot_number_t *slot_number )
-{
-    ram_slot_usage_t *slot_usage = persistent_data;
-    (void) attributes;
-    (void) method;
-    DRIVER_ASSERT_RETURN( context->persistent_data_size == sizeof( ram_slot_usage_t ) );
-    for( *slot_number = ram_min_slot;
-         *slot_number < ARRAY_LENGTH( ram_slots );
-         ++( *slot_number ) )
-    {
-        if( ! ( *slot_usage & 1 << *slot_number ) )
-        {
-            ram_shadow_slot_usage = *slot_usage;
-            return( PSA_SUCCESS );
-        }
-    }
-    return( PSA_ERROR_INSUFFICIENT_STORAGE );
-}
-
-static psa_status_t ram_validate_slot_number(
-    psa_drv_se_context_t *context,
-    void *persistent_data,
-    const psa_key_attributes_t *attributes,
-    psa_key_creation_method_t method,
-    psa_key_slot_number_t slot_number )
-{
-    (void) context;
-    (void) persistent_data;
-    (void) attributes;
-    (void) method;
-    if( slot_number >= ARRAY_LENGTH( ram_slots ) )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    return( PSA_SUCCESS );
-}
-
-static psa_status_t ram_sign( psa_drv_se_context_t *context,
-                              psa_key_slot_number_t slot_number,
-                              psa_algorithm_t alg,
-                              const uint8_t *hash,
-                              size_t hash_length,
-                              uint8_t *signature,
-                              size_t signature_size,
-                              size_t *signature_length )
-{
-    ram_slot_t *slot;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
-
-    (void) context;
-    DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) );
-    slot = &ram_slots[slot_number];
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, slot->type );
-    DRIVER_ASSERT( psa_import_key( &attributes,
-                                   slot->content,
-                                   PSA_BITS_TO_BYTES( slot->bits ),
-                                   &key ) == PSA_SUCCESS );
-    status = psa_sign_hash( key, alg,
-                            hash, hash_length,
-                            signature, signature_size, signature_length );
-
-exit:
-    psa_destroy_key( key );
-    return( status );
-}
-
-static psa_status_t ram_verify( psa_drv_se_context_t *context,
-                                psa_key_slot_number_t slot_number,
-                                psa_algorithm_t alg,
-                                const uint8_t *hash,
-                                size_t hash_length,
-                                const uint8_t *signature,
-                                size_t signature_length )
-{
-    ram_slot_t *slot;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
-
-    (void) context;
-    DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) );
-    slot = &ram_slots[slot_number];
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, slot->type );
-    DRIVER_ASSERT( psa_import_key( &attributes,
-                                   slot->content,
-                                   PSA_BITS_TO_BYTES( slot->bits ),
-                                   &key ) ==
-                   PSA_SUCCESS );
-    status = psa_verify_hash( key, alg,
-                              hash, hash_length,
-                              signature, signature_length );
-
-exit:
-    psa_destroy_key( key );
-    return( status );
-}
-
-
-/****************************************************************/
-/* Other test helper functions */
-/****************************************************************/
-
-typedef enum
-{
-    SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION,
-    SIGN_IN_DRIVER_AND_PARALLEL_CREATION,
-    SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC,
-} sign_verify_method_t;
-
-/* Check that the attributes of a key reported by psa_get_key_attributes()
- * are consistent with the attributes used when creating the key. */
-static int check_key_attributes(
-    mbedtls_svc_key_id_t key,
-    const psa_key_attributes_t *reference_attributes )
-{
-    int ok = 0;
-    psa_key_attributes_t actual_attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_get_key_attributes( key, &actual_attributes ) );
-
-    TEST_ASSERT( mbedtls_svc_key_id_equal(
-                     psa_get_key_id( &actual_attributes ),
-                     psa_get_key_id( reference_attributes ) ) );
-    TEST_EQUAL( psa_get_key_lifetime( &actual_attributes ),
-                psa_get_key_lifetime( reference_attributes ) );
-    TEST_EQUAL( psa_get_key_type( &actual_attributes ),
-                psa_get_key_type( reference_attributes ) );
-    TEST_EQUAL( psa_get_key_usage_flags( &actual_attributes ),
-                psa_get_key_usage_flags( reference_attributes ) );
-    TEST_EQUAL( psa_get_key_algorithm( &actual_attributes ),
-                psa_get_key_algorithm( reference_attributes ) );
-    TEST_EQUAL( psa_get_key_enrollment_algorithm( &actual_attributes ),
-                psa_get_key_enrollment_algorithm( reference_attributes ) );
-    if( psa_get_key_bits( reference_attributes ) != 0 )
-    {
-        TEST_EQUAL( psa_get_key_bits( &actual_attributes ),
-                    psa_get_key_bits( reference_attributes ) );
-    }
-
-    {
-        psa_key_slot_number_t actual_slot_number = 0xdeadbeef;
-        psa_key_slot_number_t desired_slot_number = 0xb90cc011;
-        psa_key_lifetime_t lifetime =
-            psa_get_key_lifetime( &actual_attributes );
-        psa_status_t status = psa_get_key_slot_number( &actual_attributes,
-                                                       &actual_slot_number );
-        if( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) < MIN_DRIVER_LOCATION )
-        {
-            /* The key is not in a secure element. */
-            TEST_EQUAL( status, PSA_ERROR_INVALID_ARGUMENT );
-        }
-        else
-        {
-            /* The key is in a secure element. If it had been created
-             * in a specific slot, check that it is reported there. */
-            PSA_ASSERT( status );
-            status = psa_get_key_slot_number( reference_attributes,
-                                              &desired_slot_number );
-            if( status == PSA_SUCCESS )
-            {
-                TEST_EQUAL( desired_slot_number, actual_slot_number );
-            }
-        }
-    }
-    ok = 1;
-
-exit:
-    /*
-     * Actual key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &actual_attributes );
-
-    return( ok );
-}
-
-/* Get the file UID corresponding to the specified location.
- * If this changes, the storage format version must change.
- * See psa_get_se_driver_its_file_uid() in psa_crypto_se.c.
- */
-psa_storage_uid_t file_uid_for_location( psa_key_location_t location )
-{
-    if( location > PSA_MAX_SE_LOCATION )
-        return( 0 );
-    return( 0xfffffe00 + location );
-}
-
-/* Check that the persistent data of a driver has its expected content. */
-static int check_persistent_data( psa_key_location_t location,
-                                  const void *expected_data,
-                                  size_t size )
-{
-    psa_storage_uid_t uid = file_uid_for_location( location );
-    struct psa_storage_info_t info;
-    uint8_t *loaded = NULL;
-    int ok = 0;
-
-    PSA_ASSERT( psa_its_get_info( uid, &info ) );
-    ASSERT_ALLOC( loaded, info.size );
-    PSA_ASSERT( psa_its_get( uid, 0, info.size, loaded, NULL ) );
-    ASSERT_COMPARE( expected_data, size, loaded, info.size );
-    ok = 1;
-
-exit:
-    mbedtls_free( loaded );
-    return( ok );
-}
-
-/* Check that no persistent data exists for the given location. */
-static int check_no_persistent_data( psa_key_location_t location )
-{
-    psa_storage_uid_t uid = file_uid_for_location( location );
-    struct psa_storage_info_t info;
-    int ok = 0;
-
-    TEST_EQUAL( psa_its_get_info( uid, &info ), PSA_ERROR_DOES_NOT_EXIST );
-    ok = 1;
-
-exit:
-    return( ok );
-}
-
-/* Check that a function's return status is "smoke-free", i.e. that
- * it's an acceptable error code when calling an API function that operates
- * on a key with potentially bogus parameters. */
-static int is_status_smoke_free( psa_status_t status )
-{
-    switch( status )
-    {
-        case PSA_SUCCESS:
-        case PSA_ERROR_NOT_SUPPORTED:
-        case PSA_ERROR_NOT_PERMITTED:
-        case PSA_ERROR_BUFFER_TOO_SMALL:
-        case PSA_ERROR_INVALID_ARGUMENT:
-        case PSA_ERROR_INVALID_SIGNATURE:
-        case PSA_ERROR_INVALID_PADDING:
-            return( 1 );
-        default:
-            return( 0 );
-    }
-}
-#define SMOKE_ASSERT( expr )                    \
-    TEST_ASSERT( is_status_smoke_free( expr ) )
-
-/* Smoke test a key. There are mostly no wrong answers here since we pass
- * mostly bogus parameters: the goal is to ensure that there is no memory
- * corruption or crash. This test function is most useful when run under
- * an environment with sanity checks such as ASan or MSan. */
-static int smoke_test_key( mbedtls_svc_key_id_t key )
-{
-    int ok = 0;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_mac_operation_t mac_operation = PSA_MAC_OPERATION_INIT;
-    psa_cipher_operation_t cipher_operation = PSA_CIPHER_OPERATION_INIT;
-    psa_key_derivation_operation_t derivation_operation =
-        PSA_KEY_DERIVATION_OPERATION_INIT;
-    uint8_t buffer[80]; /* large enough for a public key for ECDH */
-    size_t length;
-    mbedtls_svc_key_id_t key2 = MBEDTLS_SVC_KEY_ID_INIT;
-
-    SMOKE_ASSERT( psa_get_key_attributes( key, &attributes ) );
-
-    SMOKE_ASSERT( psa_export_key( key,
-                                  buffer, sizeof( buffer ), &length ) );
-    SMOKE_ASSERT( psa_export_public_key( key,
-                                         buffer, sizeof( buffer ), &length ) );
-
-    SMOKE_ASSERT( psa_copy_key( key, &attributes, &key2 ) );
-    if( ! mbedtls_svc_key_id_is_null( key2 ) )
-        PSA_ASSERT( psa_destroy_key( key2 ) );
-
-    SMOKE_ASSERT( psa_mac_sign_setup( &mac_operation, key, PSA_ALG_CMAC ) );
-    PSA_ASSERT( psa_mac_abort( &mac_operation ) );
-    SMOKE_ASSERT( psa_mac_verify_setup( &mac_operation, key,
-                                        PSA_ALG_HMAC( PSA_ALG_SHA_256 ) ) );
-    PSA_ASSERT( psa_mac_abort( &mac_operation ) );
-
-    SMOKE_ASSERT( psa_cipher_encrypt_setup( &cipher_operation, key,
-                                            PSA_ALG_CTR ) );
-    PSA_ASSERT( psa_cipher_abort( &cipher_operation ) );
-    SMOKE_ASSERT( psa_cipher_decrypt_setup( &cipher_operation, key,
-                                            PSA_ALG_CTR ) );
-    PSA_ASSERT( psa_cipher_abort( &cipher_operation ) );
-
-    SMOKE_ASSERT( psa_aead_encrypt( key, PSA_ALG_CCM,
-                                    buffer, sizeof( buffer ),
-                                    NULL, 0,
-                                    buffer, sizeof( buffer),
-                                    buffer, sizeof( buffer), &length ) );
-    SMOKE_ASSERT( psa_aead_decrypt( key, PSA_ALG_CCM,
-                                    buffer, sizeof( buffer ),
-                                    NULL, 0,
-                                    buffer, sizeof( buffer),
-                                    buffer, sizeof( buffer), &length ) );
-
-    SMOKE_ASSERT( psa_sign_hash( key, PSA_ALG_ECDSA_ANY,
-                                 buffer, 32,
-                                 buffer, sizeof( buffer ), &length ) );
-    SMOKE_ASSERT( psa_verify_hash( key, PSA_ALG_ECDSA_ANY,
-                                   buffer, 32,
-                                   buffer, sizeof( buffer ) ) );
-
-    SMOKE_ASSERT( psa_asymmetric_encrypt( key, PSA_ALG_RSA_PKCS1V15_CRYPT,
-                                          buffer, 10, NULL, 0,
-                                          buffer, sizeof( buffer ), &length ) );
-    SMOKE_ASSERT( psa_asymmetric_decrypt( key, PSA_ALG_RSA_PKCS1V15_CRYPT,
-                                          buffer, sizeof( buffer ), NULL, 0,
-                                          buffer, sizeof( buffer ), &length ) );
-
-#if defined(MBEDTLS_SHA256_C)
-    /* Try the key in a plain key derivation. */
-    PSA_ASSERT( psa_key_derivation_setup( &derivation_operation,
-                                          PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ) );
-    PSA_ASSERT( psa_key_derivation_input_bytes( &derivation_operation,
-                                                PSA_KEY_DERIVATION_INPUT_SALT,
-                                                NULL, 0 ) );
-    SMOKE_ASSERT( psa_key_derivation_input_key( &derivation_operation,
-                                                PSA_KEY_DERIVATION_INPUT_SECRET,
-                                                key ) );
-    PSA_ASSERT( psa_key_derivation_abort( &derivation_operation ) );
-
-    /* If the key is asymmetric, try it in a key agreement, both as
-     * part of a derivation operation and standalone. */
-    if( psa_export_public_key( key, buffer, sizeof( buffer ), &length ) ==
-        PSA_SUCCESS )
-    {
-        psa_algorithm_t alg =
-            PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH,
-                                   PSA_ALG_HKDF( PSA_ALG_SHA_256 ) );
-        PSA_ASSERT( psa_key_derivation_setup( &derivation_operation, alg ) );
-        PSA_ASSERT( psa_key_derivation_input_bytes(
-                        &derivation_operation, PSA_KEY_DERIVATION_INPUT_SALT,
-                        NULL, 0 ) );
-        SMOKE_ASSERT( psa_key_derivation_key_agreement(
-                          &derivation_operation,
-                          PSA_KEY_DERIVATION_INPUT_SECRET,
-                          key, buffer, length ) );
-        PSA_ASSERT( psa_key_derivation_abort( &derivation_operation ) );
-
-        SMOKE_ASSERT( psa_raw_key_agreement(
-                          alg, key, buffer, length,
-                          buffer, sizeof( buffer ), &length ) );
-    }
-#endif /* MBEDTLS_SHA256_C */
-
-    ok = 1;
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    return( ok );
-}
-
-static mbedtls_svc_key_id_t key_ids_used_in_test[10];
-static size_t num_key_ids_used;
-
-/* Record a key id as potentially used in a test case. */
-static int test_uses_key_id( mbedtls_svc_key_id_t key_id )
-{
-    size_t i;
-
-    for( i = 0; i < num_key_ids_used ; i++ )
-    {
-        if( mbedtls_svc_key_id_equal( key_id, key_ids_used_in_test[i] ) )
-            return( 1 );
-    }
-
-    if( num_key_ids_used >= ARRAY_LENGTH( key_ids_used_in_test ) )
-        return( 0 );
-
-    key_ids_used_in_test[num_key_ids_used] = key_id;
-    ++num_key_ids_used;
-
-    return( 1 );
-}
-
-#define TEST_USES_KEY_ID( key_id )                       \
-    TEST_ASSERT( test_uses_key_id( key_id ) )
-
-static void psa_purge_storage( void )
-{
-    size_t i;
-    psa_key_location_t location;
-
-    for( i = 0; i < num_key_ids_used; i++ )
-        psa_destroy_persistent_key( key_ids_used_in_test[i] );
-    num_key_ids_used = 0;
-
-    /* Purge the transaction file. */
-    psa_crypto_stop_transaction( );
-    /* Purge driver persistent data. */
-    for( location = 0; location < PSA_MAX_SE_LOCATION; location++ )
-        psa_destroy_se_persistent_data( location );
-}
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PSA_CRYPTO_SE_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void register_one( int location, int version, int expected_status_arg )
-{
-    psa_status_t expected_status = expected_status_arg;
-    psa_drv_se_t driver;
-
-    memset( &driver, 0, sizeof( driver ) );
-    driver.hal_version = version;
-
-    TEST_EQUAL( psa_register_se_driver( location, &driver ),
-                expected_status );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-exit:
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void register_twice( int count )
-{
-    psa_drv_se_t driver;
-    psa_key_location_t location;
-    psa_key_location_t max = MIN_DRIVER_LOCATION + count;
-
-    memset( &driver, 0, sizeof( driver ) );
-    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
-
-    for( location = MIN_DRIVER_LOCATION; location < max; location++ )
-        PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-    for( location = MIN_DRIVER_LOCATION; location < max; location++ )
-        TEST_EQUAL( psa_register_se_driver( location, &driver ),
-                    PSA_ERROR_ALREADY_EXISTS );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-exit:
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void register_max( )
-{
-    psa_drv_se_t driver;
-    psa_key_location_t location;
-    psa_key_location_t max = MIN_DRIVER_LOCATION + PSA_MAX_SE_DRIVERS;
-
-    memset( &driver, 0, sizeof( driver ) );
-    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
-
-    for( location = MIN_DRIVER_LOCATION; location < max; location++ )
-        PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-
-    TEST_EQUAL( psa_register_se_driver( location, &driver ),
-                PSA_ERROR_INSUFFICIENT_MEMORY );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-exit:
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_creation_import_export( int lifetime_arg, int min_slot, int restart )
-{
-    psa_drv_se_t driver;
-    psa_drv_se_key_management_t key_management;
-    psa_key_lifetime_t lifetime = (psa_key_lifetime_t) lifetime_arg;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
-    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
-    mbedtls_svc_key_id_t returned_id = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_handle_t handle;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
-    uint8_t exported[sizeof( key_material )];
-    size_t exported_length;
-
-    TEST_USES_KEY_ID( id );
-
-    memset( &driver, 0, sizeof( driver ) );
-    memset( &key_management, 0, sizeof( key_management ) );
-    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
-    driver.key_management = &key_management;
-    driver.persistent_data_size = sizeof( ram_slot_usage_t );
-    key_management.p_allocate = ram_allocate;
-    key_management.p_import = ram_import;
-    key_management.p_destroy = ram_destroy;
-    key_management.p_export = ram_export;
-    ram_min_slot = min_slot;
-
-    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    /* Create a key. */
-    psa_set_key_id( &attributes, id );
-    psa_set_key_lifetime( &attributes, lifetime );
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
-    PSA_ASSERT( psa_import_key( &attributes,
-                                key_material, sizeof( key_material ),
-                                &returned_id ) );
-
-    if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
-    {
-        /* For volatile keys, check no persistent data was created */
-        if( ! check_no_persistent_data( location ) )
-            goto exit;
-    }
-    else
-    {
-        /* For persistent keys, check persistent data */
-        if( ! check_persistent_data( location,
-                             &ram_shadow_slot_usage,
-                             sizeof( ram_shadow_slot_usage ) ) )
-            goto exit;
-    }
-
-    /* Test that the key was created in the expected slot. */
-    TEST_EQUAL( ram_slots[min_slot].type, PSA_KEY_TYPE_RAW_DATA );
-
-    /* Maybe restart, to check that the information is saved correctly. */
-    if( restart )
-    {
-        mbedtls_psa_crypto_free( );
-        PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-        PSA_ASSERT( psa_crypto_init( ) );
-
-        if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
-        {
-            /* Check that the PSA core has no knowledge of the volatile key */
-            TEST_ASSERT( psa_open_key( returned_id, &handle ) ==
-                         PSA_ERROR_DOES_NOT_EXIST );
-
-            /* Drop data from our mockup driver */
-            ram_slots_reset();
-            ram_min_slot = min_slot;
-
-            /* Re-import key */
-            PSA_ASSERT( psa_import_key( &attributes,
-                                        key_material, sizeof( key_material ),
-                                        &returned_id ) );
-        }
-        else
-        {
-            /* Check the persistent key file */
-            if( ! check_persistent_data( location,
-                                         &ram_shadow_slot_usage,
-                                         sizeof( ram_shadow_slot_usage ) ) )
-                goto exit;
-        }
-    }
-
-    /* Test that the key was created in the expected slot. */
-    TEST_EQUAL( ram_slots[min_slot].type, PSA_KEY_TYPE_RAW_DATA );
-
-    /* Test the key attributes, including the reported slot number. */
-    psa_set_key_bits( &attributes,
-                      PSA_BYTES_TO_BITS( sizeof( key_material ) ) );
-    psa_set_key_slot_number( &attributes, min_slot );
-
-    if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
-        attributes.core.id = returned_id;
-    else
-        psa_set_key_id( &attributes, returned_id );
-
-    if( ! check_key_attributes( returned_id, &attributes ) )
-        goto exit;
-
-    /* Test the key data. */
-    PSA_ASSERT( psa_export_key( returned_id,
-                                exported, sizeof( exported ),
-                                &exported_length ) );
-    ASSERT_COMPARE( key_material, sizeof( key_material ),
-                    exported, exported_length );
-
-    PSA_ASSERT( psa_destroy_key( returned_id ) );
-    if( ! check_persistent_data( location,
-                                 &ram_shadow_slot_usage,
-                                 sizeof( ram_shadow_slot_usage ) ) )
-        goto exit;
-    TEST_EQUAL( psa_open_key( returned_id, &handle ),
-                PSA_ERROR_DOES_NOT_EXIST );
-
-    /* Test that the key has been erased from the designated slot. */
-    TEST_EQUAL( ram_slots[min_slot].type, 0 );
-
-exit:
-    PSA_DONE( );
-    ram_slots_reset( );
-    psa_purge_storage( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_creation_in_chosen_slot( int slot_arg,
-                                  int restart,
-                                  int expected_status_arg )
-{
-    psa_key_slot_number_t wanted_slot = slot_arg;
-    psa_status_t expected_status = expected_status_arg;
-    psa_status_t status;
-    psa_drv_se_t driver;
-    psa_drv_se_key_management_t key_management;
-    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
-    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
-    mbedtls_svc_key_id_t returned_id;
-    psa_key_handle_t handle;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
-
-    TEST_USES_KEY_ID( id );
-
-    memset( &driver, 0, sizeof( driver ) );
-    memset( &key_management, 0, sizeof( key_management ) );
-    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
-    driver.key_management = &key_management;
-    driver.persistent_data_size = sizeof( ram_slot_usage_t );
-    key_management.p_validate_slot_number = ram_validate_slot_number;
-    key_management.p_import = ram_import;
-    key_management.p_destroy = ram_destroy;
-    key_management.p_export = ram_export;
-
-    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    /* Create a key. */
-    psa_set_key_id( &attributes, id );
-    psa_set_key_lifetime( &attributes, lifetime );
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
-    psa_set_key_slot_number( &attributes, wanted_slot );
-    status = psa_import_key( &attributes,
-                             key_material, sizeof( key_material ),
-                             &returned_id );
-    TEST_EQUAL( status, expected_status );
-
-    if( status != PSA_SUCCESS )
-        goto exit;
-    if( ! check_persistent_data( location,
-                                 &ram_shadow_slot_usage,
-                                 sizeof( ram_shadow_slot_usage ) ) )
-        goto exit;
-
-    /* Maybe restart, to check that the information is saved correctly. */
-    if( restart )
-    {
-        mbedtls_psa_crypto_free( );
-        PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-        PSA_ASSERT( psa_crypto_init( ) );
-        if( ! check_persistent_data( location,
-                                     &ram_shadow_slot_usage,
-                                     sizeof( ram_shadow_slot_usage ) ) )
-            goto exit;
-    }
-
-    /* Test that the key was created in the expected slot. */
-    TEST_EQUAL( ram_slots[wanted_slot].type, PSA_KEY_TYPE_RAW_DATA );
-
-    /* Test that the key is reported with the correct attributes,
-     * including the expected slot. */
-    PSA_ASSERT( psa_get_key_attributes( id, &attributes ) );
-
-    PSA_ASSERT( psa_destroy_key( id ) );
-    if( ! check_persistent_data( location,
-                                 &ram_shadow_slot_usage,
-                                 sizeof( ram_shadow_slot_usage ) ) )
-        goto exit;
-    TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST );
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    PSA_DONE( );
-    ram_slots_reset( );
-    psa_purge_storage( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void import_key_smoke( int type_arg, int alg_arg,
-                       data_t *key_material )
-{
-    psa_key_type_t type = type_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_drv_se_t driver;
-    psa_drv_se_key_management_t key_management;
-    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
-    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
-    mbedtls_svc_key_id_t returned_id;
-    psa_key_handle_t handle;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    TEST_USES_KEY_ID( id );
-
-    memset( &driver, 0, sizeof( driver ) );
-    memset( &key_management, 0, sizeof( key_management ) );
-    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
-    driver.key_management = &key_management;
-    driver.persistent_data_size = sizeof( psa_key_slot_number_t );
-    key_management.p_allocate = counter_allocate;
-    key_management.p_import = null_import;
-    key_management.p_destroy = null_destroy;
-
-    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    /* Create a key. */
-    psa_set_key_id( &attributes, id );
-    psa_set_key_lifetime( &attributes, lifetime );
-    psa_set_key_usage_flags( &attributes,
-                             PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH |
-                             PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT |
-                             PSA_KEY_USAGE_EXPORT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, type );
-    PSA_ASSERT( psa_import_key( &attributes,
-                                key_material->x, key_material->len,
-                                &returned_id ) );
-    if( ! check_persistent_data( location,
-                                 &shadow_counter, sizeof( shadow_counter ) ) )
-        goto exit;
-
-    /* Do stuff with the key. */
-    if( ! smoke_test_key( id ) )
-        goto exit;
-
-    /* Restart and try again. */
-    mbedtls_psa_crypto_free( );
-    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-    PSA_ASSERT( psa_crypto_init( ) );
-    if( ! check_persistent_data( location,
-                                 &shadow_counter, sizeof( shadow_counter ) ) )
-        goto exit;
-    if( ! smoke_test_key( id ) )
-        goto exit;
-
-    /* We're done. */
-    PSA_ASSERT( psa_destroy_key( id ) );
-    if( ! check_persistent_data( location,
-                                 &shadow_counter, sizeof( shadow_counter ) ) )
-        goto exit;
-    TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST );
-
-exit:
-    PSA_DONE( );
-    counter_reset( );
-    psa_purge_storage( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void generate_key_not_supported( int type_arg, int bits_arg )
-{
-    psa_key_type_t type = type_arg;
-    size_t bits = bits_arg;
-    psa_drv_se_t driver;
-    psa_drv_se_key_management_t key_management;
-    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
-    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
-    mbedtls_svc_key_id_t returned_id;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    TEST_USES_KEY_ID( id );
-
-    memset( &driver, 0, sizeof( driver ) );
-    memset( &key_management, 0, sizeof( key_management ) );
-    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
-    driver.key_management = &key_management;
-    driver.persistent_data_size = sizeof( psa_key_slot_number_t );
-    key_management.p_allocate = counter_allocate;
-    /* No p_generate method */
-
-    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_id( &attributes, id );
-    psa_set_key_lifetime( &attributes, lifetime );
-    psa_set_key_type( &attributes, type );
-    psa_set_key_bits( &attributes, bits );
-    TEST_EQUAL( psa_generate_key( &attributes, &returned_id ),
-                PSA_ERROR_NOT_SUPPORTED );
-
-exit:
-    PSA_DONE( );
-    counter_reset( );
-    psa_purge_storage( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void generate_key_smoke( int type_arg, int bits_arg, int alg_arg )
-{
-    psa_key_type_t type = type_arg;
-    psa_key_bits_t bits = bits_arg;
-    psa_algorithm_t alg = alg_arg;
-    psa_drv_se_t driver;
-    psa_drv_se_key_management_t key_management;
-    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
-    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
-    mbedtls_svc_key_id_t returned_id;
-    psa_key_handle_t handle;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    TEST_USES_KEY_ID( id );
-
-    memset( &driver, 0, sizeof( driver ) );
-    memset( &key_management, 0, sizeof( key_management ) );
-    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
-    driver.key_management = &key_management;
-    driver.persistent_data_size = sizeof( psa_key_slot_number_t );
-    key_management.p_allocate = counter_allocate;
-    key_management.p_generate = null_generate;
-    key_management.p_destroy = null_destroy;
-
-    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    /* Create a key. */
-    psa_set_key_id( &attributes, id );
-    psa_set_key_lifetime( &attributes, lifetime );
-    psa_set_key_usage_flags( &attributes,
-                             PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH |
-                             PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT |
-                             PSA_KEY_USAGE_EXPORT );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, type );
-    psa_set_key_bits( &attributes, bits );
-    PSA_ASSERT( psa_generate_key( &attributes, &returned_id ) );
-    if( ! check_persistent_data( location,
-                                 &shadow_counter, sizeof( shadow_counter ) ) )
-        goto exit;
-
-    /* Do stuff with the key. */
-    if( ! smoke_test_key( id ) )
-        goto exit;
-
-    /* Restart and try again. */
-    mbedtls_psa_crypto_free( );
-    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-    PSA_ASSERT( psa_crypto_init( ) );
-    if( ! check_persistent_data( location,
-                                 &shadow_counter, sizeof( shadow_counter ) ) )
-        goto exit;
-    if( ! smoke_test_key( id ) )
-        goto exit;
-
-    /* We're done. */
-    PSA_ASSERT( psa_destroy_key( id ) );
-    if( ! check_persistent_data( location,
-                                 &shadow_counter, sizeof( shadow_counter ) ) )
-        goto exit;
-    TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST );
-
-exit:
-    PSA_DONE( );
-    counter_reset( );
-    psa_purge_storage( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void sign_verify( int flow,
-                  int type_arg, int alg_arg,
-                  int bits_arg, data_t *key_material,
-                  data_t *input )
-{
-    psa_key_type_t type = type_arg;
-    psa_algorithm_t alg = alg_arg;
-    size_t bits = bits_arg;
-    /* Pass bits=0 to import, bits>0 to fake-generate */
-    int generating = ( bits != 0 );
-
-    psa_drv_se_t driver;
-    psa_drv_se_key_management_t key_management;
-    psa_drv_se_asymmetric_t asymmetric;
-
-    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
-    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
-    mbedtls_svc_key_id_t returned_id;
-    mbedtls_svc_key_id_t sw_key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_attributes_t sw_attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_attributes_t drv_attributes;
-    uint8_t signature[PSA_SIGNATURE_MAX_SIZE];
-    size_t signature_length;
-
-    TEST_USES_KEY_ID( id );
-
-    memset( &driver, 0, sizeof( driver ) );
-    memset( &key_management, 0, sizeof( key_management ) );
-    memset( &asymmetric, 0, sizeof( asymmetric ) );
-    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
-    driver.key_management = &key_management;
-    driver.asymmetric = &asymmetric;
-    driver.persistent_data_size = sizeof( ram_slot_usage_t );
-    key_management.p_allocate = ram_allocate;
-    key_management.p_destroy = ram_destroy;
-    if( generating )
-        key_management.p_generate = ram_fake_generate;
-    else
-        key_management.p_import = ram_import;
-    switch( flow )
-    {
-        case SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:
-            break;
-        case SIGN_IN_DRIVER_AND_PARALLEL_CREATION:
-            asymmetric.p_sign = ram_sign;
-            break;
-        case SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:
-            asymmetric.p_sign = ram_sign;
-            key_management.p_export_public = ram_export_public;
-            break;
-        default:
-            TEST_ASSERT( ! "unsupported flow (should be SIGN_IN_xxx)" );
-            break;
-    }
-    asymmetric.p_verify = ram_verify;
-
-    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    /* Prepare to create two keys with the same key material: a transparent
-     * key, and one that goes through the driver. */
-    psa_set_key_usage_flags( &sw_attributes,
-                             PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH );
-    psa_set_key_algorithm( &sw_attributes, alg );
-    psa_set_key_type( &sw_attributes, type );
-    drv_attributes = sw_attributes;
-    psa_set_key_id( &drv_attributes, id );
-    psa_set_key_lifetime( &drv_attributes, lifetime );
-
-    /* Create the key in the driver. */
-    if( generating )
-    {
-        psa_set_key_bits( &drv_attributes, bits );
-        PSA_ASSERT( psa_generate_key( &drv_attributes, &returned_id ) );
-        /* Since we called a generate method that does not actually
-         * generate material, store the desired result of generation in
-         * the mock secure element storage. */
-        PSA_ASSERT( psa_get_key_attributes( id, &drv_attributes ) );
-        TEST_EQUAL( key_material->len, PSA_BITS_TO_BYTES( bits ) );
-        memcpy( ram_slots[ram_min_slot].content, key_material->x,
-                key_material->len );
-    }
-    else
-    {
-        PSA_ASSERT( psa_import_key( &drv_attributes,
-                                    key_material->x, key_material->len,
-                                    &returned_id ) );
-    }
-
-    /* Either import the same key in software, or export the driver's
-     * public key and import that. */
-    switch( flow )
-    {
-        case SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:
-        case SIGN_IN_DRIVER_AND_PARALLEL_CREATION:
-            PSA_ASSERT( psa_import_key( &sw_attributes,
-                                        key_material->x, key_material->len,
-                                        &sw_key ) );
-            break;
-        case SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:
-        {
-            uint8_t public_key[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE( PSA_VENDOR_ECC_MAX_CURVE_BITS )];
-            size_t public_key_length;
-            PSA_ASSERT( psa_export_public_key( id,
-                                               public_key, sizeof( public_key ),
-                                               &public_key_length ) );
-            psa_set_key_type( &sw_attributes,
-                              PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( type ) );
-            PSA_ASSERT( psa_import_key( &sw_attributes,
-                                        public_key, public_key_length,
-                                        &sw_key ) );
-            break;
-        }
-    }
-
-    /* Sign with the chosen key. */
-    switch( flow )
-    {
-        case SIGN_IN_DRIVER_AND_PARALLEL_CREATION:
-        case SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:
-            PSA_ASSERT_VIA_DRIVER(
-                psa_sign_hash( id, alg,
-                               input->x, input->len,
-                               signature, sizeof( signature ),
-                               &signature_length ),
-                PSA_SUCCESS );
-            break;
-        case SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:
-            PSA_ASSERT( psa_sign_hash( sw_key, alg,
-                                       input->x, input->len,
-                                       signature, sizeof( signature ),
-                                       &signature_length ) );
-            break;
-    }
-
-    /* Verify with both keys. */
-    PSA_ASSERT( psa_verify_hash( sw_key, alg,
-                                 input->x, input->len,
-                                 signature, signature_length ) );
-    PSA_ASSERT_VIA_DRIVER(
-        psa_verify_hash( id, alg,
-                         input->x, input->len,
-                         signature, signature_length ),
-        PSA_SUCCESS );
-
-    /* Change the signature and verify again. */
-    signature[0] ^= 1;
-    TEST_EQUAL( psa_verify_hash( sw_key, alg,
-                                 input->x, input->len,
-                                 signature, signature_length ),
-                PSA_ERROR_INVALID_SIGNATURE );
-    PSA_ASSERT_VIA_DRIVER(
-        psa_verify_hash( id, alg,
-                         input->x, input->len,
-                         signature, signature_length ),
-        PSA_ERROR_INVALID_SIGNATURE );
-
-exit:
-    /*
-     * Driver key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &drv_attributes );
-
-    psa_destroy_key( id );
-    psa_destroy_key( sw_key );
-    PSA_DONE( );
-    ram_slots_reset( );
-    psa_purge_storage( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void register_key_smoke_test( int lifetime_arg,
-                              int owner_id_arg,
-                              int id_arg,
-                              int validate,
-                              int expected_status_arg )
-{
-    psa_key_lifetime_t lifetime = lifetime_arg;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
-    psa_status_t expected_status = expected_status_arg;
-    psa_drv_se_t driver;
-    psa_drv_se_key_management_t key_management;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg );
-    psa_key_handle_t handle;
-    size_t bit_size = 48;
-    psa_key_slot_number_t wanted_slot = 0x123456789;
-    psa_status_t status;
-
-    TEST_USES_KEY_ID( id );
-
-    memset( &driver, 0, sizeof( driver ) );
-    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
-    memset( &key_management, 0, sizeof( key_management ) );
-    driver.key_management = &key_management;
-    key_management.p_destroy = null_destroy;
-    if( validate >= 0 )
-    {
-        key_management.p_validate_slot_number = validate_slot_number_as_directed;
-        validate_slot_number_directions.slot_number = wanted_slot;
-        validate_slot_number_directions.method = PSA_KEY_CREATION_REGISTER;
-        validate_slot_number_directions.status =
-            ( validate > 0 ? PSA_SUCCESS : PSA_ERROR_NOT_PERMITTED );
-    }
-
-    PSA_ASSERT( psa_register_se_driver( MIN_DRIVER_LOCATION, &driver ) );
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_id( &attributes, id );
-    psa_set_key_lifetime( &attributes, lifetime );
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
-    psa_set_key_bits( &attributes, bit_size );
-    psa_set_key_slot_number( &attributes, wanted_slot );
-
-    status = mbedtls_psa_register_se_key( &attributes );
-    TEST_EQUAL( status, expected_status );
-
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    /* Test that the key exists and has the expected attributes. */
-    if( ! check_key_attributes( id, &attributes ) )
-        goto exit;
-
-#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
-    mbedtls_svc_key_id_t invalid_id =
-        mbedtls_svc_key_id_make( owner_id_arg + 1, id_arg );
-    TEST_EQUAL( psa_open_key( invalid_id, &handle ), PSA_ERROR_DOES_NOT_EXIST );
-#endif
-
-    PSA_ASSERT( psa_purge_key( id ) );
-
-    /* Restart and try again. */
-    PSA_DONE( );
-    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-    PSA_ASSERT( psa_crypto_init( ) );
-    if( ! check_key_attributes( id, &attributes ) )
-        goto exit;
-    /* This time, destroy the key. */
-    PSA_ASSERT( psa_destroy_key( id ) );
-    TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST );
-
-exit:
-    psa_reset_key_attributes( &attributes );
-    psa_destroy_key( id );
-    PSA_DONE( );
-    psa_purge_storage( );
-    memset( &validate_slot_number_directions, 0,
-            sizeof( validate_slot_number_directions ) );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
deleted file mode 100644
index 629c924..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
+++ /dev/null
@@ -1,685 +0,0 @@
-/* BEGIN_HEADER */
-#include "test/psa_crypto_helpers.h"
-#include "psa/crypto_se_driver.h"
-
-#include "psa_crypto_se.h"
-#include "psa_crypto_storage.h"
-
-/** The location and lifetime used for tests that use a single driver. */
-#define TEST_DRIVER_LOCATION 1
-#define TEST_SE_PERSISTENT_LIFETIME                             \
-    ( PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(           \
-        PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION ) )
-
-static struct
-{
-    uint16_t called;
-    psa_key_location_t location;
-    psa_status_t return_value;
-} mock_init_data;
-
-static struct
-{
-    uint16_t called;
-    psa_key_slot_number_t key_slot;
-    psa_key_attributes_t attributes;
-    size_t pubkey_size;
-    psa_status_t return_value;
-} mock_generate_data;
-
-static struct
-{
-    uint16_t called;
-    psa_key_slot_number_t key_slot;
-    psa_key_attributes_t attributes;
-    size_t bits;
-    size_t data_length;
-    psa_status_t return_value;
-} mock_import_data;
-
-static struct
-{
-    uint16_t called;
-    psa_key_slot_number_t slot_number;
-    size_t data_size;
-    psa_status_t return_value;
-} mock_export_data;
-
-static struct
-{
-    uint16_t called;
-    psa_key_slot_number_t slot_number;
-    size_t data_size;
-    psa_status_t return_value;
-} mock_export_public_data;
-
-static struct
-{
-    uint16_t called;
-    psa_key_slot_number_t key_slot;
-    psa_algorithm_t alg;
-    size_t hash_length;
-    size_t signature_size;
-    psa_status_t return_value;
-} mock_sign_data;
-
-static struct
-{
-    uint16_t called;
-    psa_key_slot_number_t key_slot;
-    psa_algorithm_t alg;
-    size_t hash_length;
-    size_t signature_length;
-    psa_status_t return_value;
-} mock_verify_data;
-
-static struct
-{
-    uint16_t called;
-    psa_status_t return_value;
-} mock_allocate_data;
-
-static struct
-{
-    uint16_t called;
-    psa_key_slot_number_t slot_number;
-    psa_status_t return_value;
-} mock_destroy_data;
-
-#define MAX_KEY_ID_FOR_TEST 10
-static void psa_purge_storage( void )
-{
-    psa_key_id_t id;
-    psa_key_location_t location;
-
-    /* The tests may have potentially created key ids from 1 to
-     * MAX_KEY_ID_FOR_TEST. In addition, run the destroy function on key id
-     * 0, which file-based storage uses as a temporary file. */
-    for( id = 0; id <= MAX_KEY_ID_FOR_TEST; id++ )
-        psa_destroy_persistent_key( mbedtls_svc_key_id_make( 1, id ) );
-
-    /* Purge the transaction file. */
-    psa_crypto_stop_transaction( );
-    /* Purge driver persistent data. */
-    for( location = 0; location < PSA_MAX_SE_LOCATION; location++ )
-        psa_destroy_se_persistent_data( location );
-}
-
-static void mock_teardown( void )
-{
-    memset( &mock_init_data, 0, sizeof( mock_init_data ) );
-    memset( &mock_import_data, 0, sizeof( mock_import_data ) );
-    memset( &mock_export_data, 0, sizeof( mock_export_data ) );
-    memset( &mock_export_public_data, 0, sizeof( mock_export_public_data ) );
-    memset( &mock_sign_data, 0, sizeof( mock_sign_data ) );
-    memset( &mock_verify_data, 0, sizeof( mock_verify_data ) );
-    memset( &mock_allocate_data, 0, sizeof( mock_allocate_data ) );
-    memset( &mock_destroy_data, 0, sizeof( mock_destroy_data ) );
-    memset( &mock_generate_data, 0, sizeof( mock_generate_data ) );
-    psa_purge_storage( );
-}
-
-static psa_status_t mock_init( psa_drv_se_context_t *drv_context,
-                               void *persistent_data,
-                               psa_key_location_t location )
-{
-    (void) drv_context;
-    (void) persistent_data;
-
-    mock_init_data.called++;
-    mock_init_data.location = location;
-    return( mock_init_data.return_value );
-}
-
-static psa_status_t mock_generate( psa_drv_se_context_t *drv_context,
-                                   psa_key_slot_number_t key_slot,
-                                   const psa_key_attributes_t *attributes,
-                                   uint8_t *pubkey,
-                                   size_t pubkey_size,
-                                   size_t *pubkey_length )
-{
-    (void) drv_context;
-    (void) pubkey;
-    (void) pubkey_length;
-
-    mock_generate_data.called++;
-    mock_generate_data.key_slot = key_slot;
-    mock_generate_data.attributes = *attributes;
-    mock_generate_data.pubkey_size = pubkey_size;
-
-    return( mock_generate_data.return_value );
-}
-
-static psa_status_t mock_import( psa_drv_se_context_t *drv_context,
-                                 psa_key_slot_number_t key_slot,
-                                 const psa_key_attributes_t *attributes,
-                                 const uint8_t *data,
-                                 size_t data_length,
-                                 size_t *bits )
-{
-    (void) drv_context;
-    (void) data;
-
-    *bits = mock_import_data.bits;
-
-    mock_import_data.called++;
-    mock_import_data.key_slot = key_slot;
-    mock_import_data.attributes = *attributes;
-    mock_import_data.data_length = data_length;
-
-    return( mock_import_data.return_value );
-}
-
-psa_status_t mock_export( psa_drv_se_context_t *context,
-                          psa_key_slot_number_t slot_number,
-                          uint8_t *p_data,
-                          size_t data_size,
-                          size_t *p_data_length )
-{
-    (void) context;
-    (void) p_data;
-    (void) p_data_length;
-
-    mock_export_data.called++;
-    mock_export_data.slot_number = slot_number;
-    mock_export_data.data_size = data_size;
-
-    return( mock_export_data.return_value );
-}
-
-psa_status_t mock_export_public( psa_drv_se_context_t *context,
-                                 psa_key_slot_number_t slot_number,
-                                 uint8_t *p_data,
-                                 size_t data_size,
-                                 size_t *p_data_length )
-{
-    (void) context;
-    (void) p_data;
-    (void) p_data_length;
-
-    mock_export_public_data.called++;
-    mock_export_public_data.slot_number = slot_number;
-    mock_export_public_data.data_size = data_size;
-
-    return( mock_export_public_data.return_value );
-}
-
-psa_status_t mock_sign( psa_drv_se_context_t *context,
-                        psa_key_slot_number_t key_slot,
-                        psa_algorithm_t alg,
-                        const uint8_t *p_hash,
-                        size_t hash_length,
-                        uint8_t *p_signature,
-                        size_t signature_size,
-                        size_t *p_signature_length )
-{
-    (void) context;
-    (void) p_hash;
-    (void) p_signature;
-    (void) p_signature_length;
-
-    mock_sign_data.called++;
-    mock_sign_data.key_slot = key_slot;
-    mock_sign_data.alg = alg;
-    mock_sign_data.hash_length = hash_length;
-    mock_sign_data.signature_size = signature_size;
-
-    return mock_sign_data.return_value;
-}
-
-psa_status_t mock_verify( psa_drv_se_context_t *context,
-                          psa_key_slot_number_t key_slot,
-                          psa_algorithm_t alg,
-                          const uint8_t *p_hash,
-                          size_t hash_length,
-                          const uint8_t *p_signature,
-                          size_t signature_length )
-{
-    (void) context;
-    (void) p_hash;
-    (void) p_signature;
-
-    mock_verify_data.called++;
-    mock_verify_data.key_slot = key_slot;
-    mock_verify_data.alg = alg;
-    mock_verify_data.hash_length = hash_length;
-    mock_verify_data.signature_length = signature_length;
-
-    return mock_verify_data.return_value;
-}
-
-psa_status_t mock_allocate( psa_drv_se_context_t *drv_context,
-                            void *persistent_data,
-                            const psa_key_attributes_t *attributes,
-                            psa_key_creation_method_t method,
-                            psa_key_slot_number_t *key_slot )
-{
-    (void) drv_context;
-    (void) persistent_data;
-    (void) attributes;
-    (void) method;
-    (void) key_slot;
-
-    mock_allocate_data.called++;
-    *key_slot = 0;
-
-    return( mock_allocate_data.return_value );
-}
-
-psa_status_t mock_destroy( psa_drv_se_context_t *context,
-                           void *persistent_data,
-                           psa_key_slot_number_t slot_number )
-{
-    (void) context;
-    (void) persistent_data;
-
-    mock_destroy_data.called++;
-    mock_destroy_data.slot_number = slot_number;
-
-    return( mock_destroy_data.return_value );
-}
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PSA_CRYPTO_SE_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void mock_init( int location_arg,
-                int expected_register_status_arg,
-                int driver_status_arg,
-                int expected_psa_status_arg,
-                int expected_called )
-{
-    psa_key_location_t location = location_arg;
-    psa_status_t expected_register_status = expected_register_status_arg;
-    psa_status_t driver_status = driver_status_arg;
-    psa_status_t expected_psa_status = expected_psa_status_arg;
-    psa_drv_se_t driver = {
-        .hal_version = PSA_DRV_SE_HAL_VERSION,
-        .p_init = mock_init,
-    };
-    int psa_crypto_init_called = 0;
-
-    mock_init_data.return_value = driver_status;
-
-    TEST_EQUAL( psa_register_se_driver( location, &driver ),
-                expected_register_status );
-
-    psa_crypto_init_called = 1;
-    TEST_EQUAL( psa_crypto_init( ), expected_psa_status );
-
-    TEST_EQUAL( mock_init_data.called, expected_called );
-    if( expected_called )
-        TEST_EQUAL( mock_init_data.location, location );
-
-exit:
-    if( psa_crypto_init_called )
-        PSA_DONE( );
-    mock_teardown( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mock_import( int mock_alloc_return_value,
-                  int mock_import_return_value,
-                  int bits,
-                  int expected_result )
-{
-    psa_drv_se_t driver;
-    psa_drv_se_key_management_t key_management;
-    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
-    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
-    mbedtls_svc_key_id_t returned_id;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
-
-    mock_allocate_data.return_value = mock_alloc_return_value;
-    mock_import_data.return_value = mock_import_return_value;
-    mock_import_data.bits = bits;
-    memset( &driver, 0, sizeof( driver ) );
-    memset( &key_management, 0, sizeof( key_management ) );
-    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
-    driver.key_management = &key_management;
-    key_management.p_import = mock_import;
-    key_management.p_destroy = mock_destroy;
-    key_management.p_allocate = mock_allocate;
-
-    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_id( &attributes, id );
-    psa_set_key_lifetime( &attributes, lifetime );
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
-    TEST_ASSERT( psa_import_key( &attributes,
-                                 key_material, sizeof( key_material ),
-                                 &returned_id ) == expected_result );
-
-    TEST_ASSERT( mock_allocate_data.called == 1 );
-    TEST_ASSERT( mock_import_data.called ==
-        ( mock_alloc_return_value == PSA_SUCCESS? 1 : 0 ) );
-
-    if( mock_alloc_return_value == PSA_SUCCESS )
-    {
-        TEST_ASSERT( mbedtls_svc_key_id_equal(
-                         mock_import_data.attributes.core.id, id ) );
-    }
-    else
-    {
-        TEST_ASSERT( MBEDTLS_SVC_KEY_ID_GET_KEY_ID(
-                         mock_import_data.attributes.core.id ) == 0 );
-        TEST_ASSERT( MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(
-                         mock_import_data.attributes.core.id ) == 0 );
-    }
-
-    TEST_ASSERT( mock_import_data.attributes.core.lifetime ==
-        ( mock_alloc_return_value == PSA_SUCCESS? lifetime : 0 ) );
-    TEST_ASSERT( mock_import_data.attributes.core.policy.usage ==
-        ( mock_alloc_return_value == PSA_SUCCESS? PSA_KEY_USAGE_EXPORT : 0 ) );
-    TEST_ASSERT( mock_import_data.attributes.core.type ==
-        ( mock_alloc_return_value == PSA_SUCCESS? PSA_KEY_TYPE_RAW_DATA : 0 ) );
-
-    if( expected_result == PSA_SUCCESS )
-    {
-        PSA_ASSERT( psa_destroy_key( id ) );
-        TEST_ASSERT( mock_destroy_data.called == 1 );
-    }
-exit:
-    PSA_DONE( );
-    mock_teardown( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mock_export( int mock_export_return_value, int expected_result )
-{
-    psa_drv_se_t driver;
-    psa_drv_se_key_management_t key_management;
-    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
-    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
-    mbedtls_svc_key_id_t returned_id;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
-    uint8_t exported[sizeof( key_material )];
-    size_t exported_length;
-
-    mock_export_data.return_value = mock_export_return_value;
-    memset( &driver, 0, sizeof( driver ) );
-    memset( &key_management, 0, sizeof( key_management ) );
-    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
-    driver.key_management = &key_management;
-    driver.p_init = mock_init;
-    key_management.p_import = mock_import;
-    key_management.p_export = mock_export;
-    key_management.p_destroy = mock_destroy;
-    key_management.p_allocate = mock_allocate;
-
-    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_id( &attributes, id );
-    psa_set_key_lifetime( &attributes, lifetime );
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
-    PSA_ASSERT( psa_import_key( &attributes,
-                                key_material, sizeof( key_material ),
-                                &returned_id ) );
-
-    TEST_ASSERT( psa_export_key( id,
-                                 exported, sizeof( exported ),
-                                 &exported_length ) == expected_result );
-
-    TEST_ASSERT( mock_export_data.called == 1 );
-
-    PSA_ASSERT( psa_destroy_key( id ) );
-
-    TEST_ASSERT( mock_destroy_data.called == 1 );
-
-exit:
-    PSA_DONE( );
-    mock_teardown( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mock_generate( int mock_alloc_return_value,
-                    int mock_generate_return_value,
-                    int expected_result )
-{
-    psa_drv_se_t driver;
-    psa_drv_se_key_management_t key_management;
-    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
-    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
-    mbedtls_svc_key_id_t returned_id;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    mock_allocate_data.return_value = mock_alloc_return_value;
-    mock_generate_data.return_value = mock_generate_return_value;
-    memset( &driver, 0, sizeof( driver ) );
-    memset( &key_management, 0, sizeof( key_management ) );
-    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
-    driver.key_management = &key_management;
-    key_management.p_generate = mock_generate;
-    key_management.p_destroy = mock_destroy;
-    key_management.p_allocate = mock_allocate;
-
-    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_id( &attributes, id );
-    psa_set_key_lifetime( &attributes, lifetime );
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
-    psa_set_key_bits( &attributes, 8 );
-    TEST_ASSERT( psa_generate_key( &attributes, &returned_id) == expected_result );
-    TEST_ASSERT( mock_allocate_data.called == 1 );
-    TEST_ASSERT( mock_generate_data.called ==
-        ( mock_alloc_return_value == PSA_SUCCESS? 1 : 0 ) );
-
-    if( mock_alloc_return_value == PSA_SUCCESS )
-    {
-        TEST_ASSERT( mbedtls_svc_key_id_equal(
-                         mock_generate_data.attributes.core.id, id ) );
-    }
-    else
-    {
-        TEST_ASSERT( MBEDTLS_SVC_KEY_ID_GET_KEY_ID(
-                         mock_generate_data.attributes.core.id ) == 0 );
-        TEST_ASSERT( MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(
-                         mock_generate_data.attributes.core.id ) == 0 );
-    }
-
-    TEST_ASSERT( mock_generate_data.attributes.core.lifetime ==
-        ( mock_alloc_return_value == PSA_SUCCESS? lifetime : 0 ) );
-    TEST_ASSERT( mock_generate_data.attributes.core.policy.usage ==
-        ( mock_alloc_return_value == PSA_SUCCESS? PSA_KEY_USAGE_EXPORT : 0 ) );
-    TEST_ASSERT( mock_generate_data.attributes.core.type ==
-        ( mock_alloc_return_value == PSA_SUCCESS? PSA_KEY_TYPE_RAW_DATA : 0 ) );
-
-    if( expected_result == PSA_SUCCESS )
-    {
-        PSA_ASSERT( psa_destroy_key( id ) );
-        TEST_ASSERT( mock_destroy_data.called == 1 );
-    }
-
-exit:
-    PSA_DONE( );
-    mock_teardown( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mock_export_public( int mock_export_public_return_value,
-                         int expected_result )
-{
-    psa_drv_se_t driver;
-    psa_drv_se_key_management_t key_management;
-    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
-    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
-    mbedtls_svc_key_id_t returned_id;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
-    uint8_t exported[sizeof( key_material )];
-    size_t exported_length;
-
-    mock_export_public_data.return_value = mock_export_public_return_value;
-    memset( &driver, 0, sizeof( driver ) );
-    memset( &key_management, 0, sizeof( key_management ) );
-    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
-    driver.key_management = &key_management;
-    key_management.p_import = mock_import;
-    key_management.p_export_public = mock_export_public;
-    key_management.p_destroy = mock_destroy;
-    key_management.p_allocate = mock_allocate;
-
-    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_id( &attributes, id );
-    psa_set_key_lifetime( &attributes, lifetime );
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_RSA_PUBLIC_KEY );
-
-    PSA_ASSERT( psa_import_key( &attributes,
-                                key_material, sizeof( key_material ),
-                                &returned_id ) );
-
-    TEST_ASSERT( psa_export_public_key( id, exported, sizeof(exported),
-                                        &exported_length ) == expected_result );
-    TEST_ASSERT( mock_export_public_data.called == 1 );
-
-    PSA_ASSERT( psa_destroy_key( id ) );
-    TEST_ASSERT( mock_destroy_data.called == 1 );
-
-exit:
-    PSA_DONE( );
-    mock_teardown( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mock_sign( int mock_sign_return_value, int expected_result )
-{
-    psa_drv_se_t driver;
-    psa_drv_se_key_management_t key_management;
-    psa_drv_se_asymmetric_t asymmetric;
-    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
-    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
-    mbedtls_svc_key_id_t returned_id;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
-    psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256);
-    const uint8_t hash[1] = {'H'};
-    uint8_t signature[1] = {'S'};
-    size_t signature_length;
-
-    mock_sign_data.return_value = mock_sign_return_value;
-    memset( &driver, 0, sizeof( driver ) );
-    memset( &key_management, 0, sizeof( key_management ) );
-    memset( &asymmetric, 0, sizeof( asymmetric ) );
-
-    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
-
-    driver.key_management = &key_management;
-    key_management.p_import = mock_import;
-    key_management.p_destroy = mock_destroy;
-    key_management.p_allocate = mock_allocate;
-
-    driver.asymmetric = &asymmetric;
-    asymmetric.p_sign = mock_sign;
-
-    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_id( &attributes, id );
-    psa_set_key_lifetime( &attributes, lifetime );
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
-    psa_set_key_algorithm( &attributes, algorithm );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_RSA_KEY_PAIR );
-
-    PSA_ASSERT( psa_import_key( &attributes,
-                                key_material, sizeof( key_material ),
-                                &returned_id ) );
-
-    TEST_ASSERT( psa_sign_hash( id, algorithm,
-                                hash, sizeof( hash ),
-                                signature, sizeof( signature ),
-                                &signature_length)
-                 == expected_result );
-    TEST_ASSERT( mock_sign_data.called == 1 );
-
-    PSA_ASSERT( psa_destroy_key( id ) );
-    TEST_ASSERT( mock_destroy_data.called == 1 );
-
-exit:
-    PSA_DONE( );
-    mock_teardown( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mock_verify( int mock_verify_return_value, int expected_result )
-{
-    psa_drv_se_t driver;
-    psa_drv_se_key_management_t key_management;
-    psa_drv_se_asymmetric_t asymmetric;
-    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
-    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
-    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
-    mbedtls_svc_key_id_t returned_id;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
-    psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256);
-    const uint8_t hash[1] = {'H'};
-    const uint8_t signature[1] = {'S'};
-
-    mock_verify_data.return_value = mock_verify_return_value;
-    memset( &driver, 0, sizeof( driver ) );
-    memset( &key_management, 0, sizeof( key_management ) );
-    memset( &asymmetric, 0, sizeof( asymmetric ) );
-
-    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
-
-    driver.key_management = &key_management;
-    key_management.p_import = mock_import;
-    key_management.p_destroy = mock_destroy;
-    key_management.p_allocate = mock_allocate;
-
-    driver.asymmetric = &asymmetric;
-    asymmetric.p_verify = mock_verify;
-
-    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_id( &attributes, id );
-    psa_set_key_lifetime( &attributes, lifetime );
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH );
-    psa_set_key_algorithm( &attributes, algorithm );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
-
-    PSA_ASSERT( psa_import_key( &attributes,
-                                key_material, sizeof( key_material ),
-                                &returned_id ) );
-
-    TEST_ASSERT( psa_verify_hash( id, algorithm,
-                                  hash, sizeof( hash ),
-                                  signature, sizeof( signature ) )
-                 == expected_result );
-    TEST_ASSERT( mock_verify_data.called == 1 );
-
-    PSA_ASSERT( psa_destroy_key( id ) );
-    TEST_ASSERT( mock_destroy_data.called == 1 );
-
-exit:
-    PSA_DONE( );
-    mock_teardown( );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_slot_management.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_slot_management.data
deleted file mode 100644
index 396cdfb..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_slot_management.data
+++ /dev/null
@@ -1,208 +0,0 @@
-Transient slot, check after closing
-transient_slot_lifecycle:0x1:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING
-
-Transient slot, check after closing and restarting
-transient_slot_lifecycle:0x13:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN
-
-Transient slot, check after destroying
-transient_slot_lifecycle:0x135:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING
-
-Transient slot, check after destroying and restarting
-transient_slot_lifecycle:0x1357:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN
-
-Transient slot, check after restart with live handles
-transient_slot_lifecycle:0x13579:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN
-
-Persistent slot, check after closing, id=min
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:124:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING
-
-Persistent slot, check after closing and restarting, id=min
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:125:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN
-
-Persistent slot, check after destroying, id=min
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:126:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING
-
-Persistent slot, check after destroying and restarting, id=min
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:127:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN
-
-Persistent slot, check after purging, id=min
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:200:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING
-
-Persistent slot, check after purging and restarting, id=min
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:201:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING_WITH_SHUTDOWN
-
-Persistent slot, check after restart with live handle, id=min
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:128:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN
-
-Persistent slot, check after closing, id=max
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:129:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING
-
-Persistent slot, check after destroying, id=max
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:130:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING
-
-Persistent slot, check after purging, id=max
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:202:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING
-
-Persistent slot, check after restart, id=max
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:131:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN
-
-Persistent slot: ECP keypair (ECDSA, exportable), close
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:132:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING
-
-Persistent slot: ECP keypair (ECDSA, exportable), close+restart
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:133:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN
-
-Persistent slot: ECP keypair (ECDSA, exportable), purge
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:132:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_PURGING
-
-Persistent slot: ECP keypair (ECDSA, exportable), restart
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:134:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_SHUTDOWN
-
-Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close
-depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:135:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING
-
-Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close+restart
-depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:136:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN
-
-Persistent slot: ECP keypair (ECDH+ECDSA, exportable), purge
-depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:135:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_PURGING
-
-Persistent slot: ECP keypair (ECDH+ECDSA, exportable), restart
-depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:137:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_SHUTDOWN
-
-Attempt to overwrite: close before
-create_existent:PSA_KEY_LIFETIME_PERSISTENT:0x1736:1:CLOSE_BEFORE
-
-Attempt to overwrite: close after
-create_existent:PSA_KEY_LIFETIME_PERSISTENT:0x7361:1:CLOSE_AFTER
-
-Attempt to overwrite: keep open
-create_existent:PSA_KEY_LIFETIME_PERSISTENT:0x3617:1:KEEP_OPEN
-
-Open failure: invalid identifier (0)
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-open_fail:0:PSA_ERROR_INVALID_HANDLE
-
-Open failure: invalid identifier (random seed UID)
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-open_fail:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_HANDLE
-
-Open failure: invalid identifier (reserved range)
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-open_fail:PSA_KEY_ID_VENDOR_MAX + 1:PSA_ERROR_INVALID_HANDLE
-
-Open failure: invalid identifier (implementation range)
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-open_fail:PSA_KEY_ID_USER_MAX + 1:PSA_ERROR_DOES_NOT_EXIST
-
-Open failure: non-existent identifier
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-open_fail:1:PSA_ERROR_DOES_NOT_EXIST
-
-Create failure: invalid lifetime
-create_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT
-
-Create failure: invalid key id (0)
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-create_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_ERROR_INVALID_HANDLE
-
-Create failure: invalid key id (1) for a volatile key
-create_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT
-
-Create failure: invalid key id (random seed UID)
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_HANDLE
-
-Create failure: invalid key id (reserved range)
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_VENDOR_MAX + 1:PSA_ERROR_INVALID_HANDLE
-
-Create failure: invalid key id (implementation range)
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX + 1:PSA_ERROR_INVALID_HANDLE
-
-Open not supported
-depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C
-open_fail:1:PSA_ERROR_NOT_SUPPORTED
-
-Create not supported
-depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C
-create_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED
-
-Copy volatile to volatile
-copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0x10:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0x10:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
-
-Copy volatile to persistent
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0x100:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:0x100:1:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
-
-Copy persistent to volatile
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x1000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0x1000:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
-
-Copy persistent to persistent
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x10000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:0x10000:2:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
-
-Copy persistent to persistent, same id but different owner
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C:MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
-copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x10000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:0x10001:1:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
-
-Copy persistent to persistent with enrollment algorithm
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC
-copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x100000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:0x100000:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING
-
-Copy volatile to occupied
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-copy_to_occupied:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f"
-
-Copy persistent to occupied
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-copy_to_occupied:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f"
-
-Copy persistent to same
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-copy_to_occupied:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f"
-
-invalid handle: 0
-invalid_handle:INVALID_HANDLE_0:PSA_SUCCESS:PSA_ERROR_INVALID_HANDLE
-
-invalid handle: never opened
-invalid_handle:INVALID_HANDLE_UNOPENED:PSA_ERROR_DOES_NOT_EXIST:PSA_ERROR_DOES_NOT_EXIST
-
-invalid handle: already closed
-invalid_handle:INVALID_HANDLE_CLOSED:PSA_ERROR_DOES_NOT_EXIST:PSA_ERROR_DOES_NOT_EXIST
-
-invalid handle: huge
-invalid_handle:INVALID_HANDLE_HUGE:PSA_ERROR_INVALID_HANDLE:PSA_ERROR_INVALID_HANDLE
-
-Open many transient keys
-many_transient_keys:42
-
-# Eviction from a key slot to be able to import a new persistent key.
-Key slot eviction to import a new persistent key
-key_slot_eviction_to_import_new_key:PSA_KEY_LIFETIME_PERSISTENT
-
-# Eviction from a key slot to be able to import a new volatile key.
-Key slot eviction to import a new volatile key
-key_slot_eviction_to_import_new_key:PSA_KEY_LIFETIME_VOLATILE
-
-# Check that non reusable key slots are not deleted/overwritten in case of key
-# slot starvation:
-# . An attempt to access a persistent key while all RAM key slots are occupied
-#   by volatile keys fails and does not lead to volatile key data to be
-#   spoiled.
-# . With all key slot in use with one containing a persistent key, an attempt
-#   to copy the persistent key fails (the persistent key slot cannot be
-#   reclaimed as it is accessed by the copy process) without the persistent key
-#   data and volatile key data being spoiled.
-Non reusable key slots integrity in case of key slot starvation
-non_reusable_key_slots_integrity_in_case_of_key_slot_starvation
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_slot_management.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_slot_management.function
deleted file mode 100644
index 57d4789..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_slot_management.function
+++ /dev/null
@@ -1,1111 +0,0 @@
-/* BEGIN_HEADER */
-#include <stdint.h>
-
-#include "test/psa_crypto_helpers.h"
-#include "psa_crypto_slot_management.h"
-#include "psa_crypto_storage.h"
-
-typedef enum
-{
-    /**< Close key(s) */
-    INVALIDATE_BY_CLOSING,
-
-    /**< Destroy key(s) */
-    INVALIDATE_BY_DESTROYING,
-
-    /**< Purge key(s) */
-    INVALIDATE_BY_PURGING,
-
-    /**< Terminate and reinitialize without closing/destroying keys */
-    INVALIDATE_BY_SHUTDOWN,
-
-    /**< Close key(s) then terminate and re-initialize */
-    INVALIDATE_BY_CLOSING_WITH_SHUTDOWN,
-
-    /**< Destroy key(s) then terminate and re-initialize */
-    INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN,
-
-    /**< Purge key(s) then terminate and re-initialize */
-    INVALIDATE_BY_PURGING_WITH_SHUTDOWN,
-} invalidate_method_t;
-
-typedef enum
-{
-    KEEP_OPEN,
-    CLOSE_BEFORE,
-    CLOSE_AFTER,
-} reopen_policy_t;
-
-typedef enum
-{
-    INVALID_HANDLE_0,
-    INVALID_HANDLE_UNOPENED,
-    INVALID_HANDLE_CLOSED,
-    INVALID_HANDLE_HUGE,
-} invalid_handle_construction_t;
-
-/* All test functions that create persistent keys must call
- * `TEST_USES_KEY_ID( key_id )` before creating a persistent key with this
- * identifier, and must call psa_purge_key_storage() in their cleanup
- * code. */
-
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-static mbedtls_svc_key_id_t key_ids_used_in_test[9];
-static size_t num_key_ids_used;
-
-/* Record a key id as potentially used in a test case. */
-static int test_uses_key_id( mbedtls_svc_key_id_t key_id )
-{
-    size_t i;
-    if( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key_id ) >
-        PSA_MAX_PERSISTENT_KEY_IDENTIFIER )
-    {
-        /* Don't touch key id values that designate non-key files. */
-        return( 1 );
-    }
-    for( i = 0; i < num_key_ids_used ; i++ )
-    {
-        if( mbedtls_svc_key_id_equal( key_id, key_ids_used_in_test[i] ) )
-            return( 1 );
-    }
-    if( num_key_ids_used == ARRAY_LENGTH( key_ids_used_in_test ) )
-        return( 0 );
-    key_ids_used_in_test[num_key_ids_used] = key_id;
-    ++num_key_ids_used;
-    return( 1 );
-}
-#define TEST_USES_KEY_ID( key_id )                       \
-    TEST_ASSERT( test_uses_key_id( key_id ) )
-
-/* Destroy all key ids that may have been created by the current test case. */
-static void psa_purge_key_storage( void )
-{
-    size_t i;
-    for( i = 0; i < num_key_ids_used; i++ )
-        psa_destroy_persistent_key( key_ids_used_in_test[i] );
-    num_key_ids_used = 0;
-}
-#else
-#define TEST_USES_KEY_ID( key_id ) ( (void) ( key_id ) )
-#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
-
-/** Apply \p invalidate_method to invalidate the specified key:
- * close it, destroy it, or do nothing;
- */
-static int invalidate_key( invalidate_method_t invalidate_method,
-                           mbedtls_svc_key_id_t key )
-{
-    switch( invalidate_method )
-    {
-        /* Closing the key invalidate only volatile keys, not persistent ones. */
-        case INVALIDATE_BY_CLOSING:
-        case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN:
-            PSA_ASSERT( psa_close_key( key ) );
-            break;
-        case INVALIDATE_BY_DESTROYING:
-        case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN:
-            PSA_ASSERT( psa_destroy_key( key ) );
-            break;
-        /* Purging the key just purges RAM data of persistent keys. */
-        case INVALIDATE_BY_PURGING:
-        case INVALIDATE_BY_PURGING_WITH_SHUTDOWN:
-            PSA_ASSERT( psa_purge_key( key ) );
-            break;
-        case INVALIDATE_BY_SHUTDOWN:
-            break;
-    }
-    return( 1 );
-exit:
-    return( 0 );
-}
-
-/** Restart the PSA subsystem if \p invalidate_method says so. */
-static int invalidate_psa( invalidate_method_t invalidate_method )
-{
-    switch( invalidate_method )
-    {
-        case INVALIDATE_BY_CLOSING:
-        case INVALIDATE_BY_DESTROYING:
-        case INVALIDATE_BY_PURGING:
-            return( 1 );
-        case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN:
-        case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN:
-        case INVALIDATE_BY_PURGING_WITH_SHUTDOWN:
-            /* All keys must have been closed. */
-            PSA_DONE( );
-            break;
-        case INVALIDATE_BY_SHUTDOWN:
-            /* Some keys may remain behind, and we're testing that this
-             * properly closes them. */
-            mbedtls_psa_crypto_free( );
-            break;
-    }
-
-    PSA_ASSERT( psa_crypto_init( ) );
-    ASSERT_PSA_PRISTINE( );
-    return( 1 );
-
-exit:
-    return( 0 );
-}
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PSA_CRYPTO_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void transient_slot_lifecycle( int owner_id_arg,
-                               int usage_arg, int alg_arg,
-                               int type_arg, data_t *key_data,
-                               int invalidate_method_arg )
-{
-    psa_algorithm_t alg = alg_arg;
-    psa_key_usage_t usage_flags = usage_arg;
-    psa_key_type_t type = type_arg;
-    invalidate_method_t invalidate_method = invalidate_method_arg;
-    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    /* Import a key. */
-#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
-    mbedtls_key_owner_id_t owner_id = owner_id_arg;
-
-    mbedtls_set_key_owner_id( &attributes, owner_id );
-#else
-    (void)owner_id_arg;
-#endif
-
-    psa_set_key_usage_flags( &attributes, usage_flags );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_type( &attributes, type );
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &key ) );
-    TEST_ASSERT( ! mbedtls_svc_key_id_is_null( key ) );
-    PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
-    TEST_EQUAL( psa_get_key_type( &attributes ), type );
-    psa_reset_key_attributes( &attributes );
-
-#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
-    {
-        psa_key_handle_t handle;
-        mbedtls_svc_key_id_t key_with_invalid_owner =
-            mbedtls_svc_key_id_make( owner_id + 1,
-                                     MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ) );
-
-        TEST_ASSERT( mbedtls_key_owner_id_equal(
-                         owner_id,
-                         MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( key ) ) );
-        TEST_EQUAL( psa_open_key( key_with_invalid_owner, &handle ),
-                    PSA_ERROR_DOES_NOT_EXIST );
-    }
-#endif
-
-    /*
-     * Purge the key and make sure that it is still valid, as purging a
-     * volatile key shouldn't invalidate/destroy it.
-     */
-    PSA_ASSERT( psa_purge_key( key ) );
-    PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
-    TEST_EQUAL( psa_get_key_type( &attributes ), type );
-    psa_reset_key_attributes( &attributes );
-
-    /* Do something that invalidates the key. */
-    if( ! invalidate_key( invalidate_method, key ) )
-        goto exit;
-    if( ! invalidate_psa( invalidate_method ) )
-        goto exit;
-
-    /* Test that the key is now invalid. */
-    TEST_EQUAL( psa_get_key_attributes( key, &attributes ),
-                PSA_ERROR_DOES_NOT_EXIST );
-    TEST_EQUAL( psa_close_key( key ), PSA_ERROR_DOES_NOT_EXIST );
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
-void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg,
-                                int usage_arg, int alg_arg, int alg2_arg,
-                                int type_arg, data_t *key_data,
-                                int invalidate_method_arg )
-{
-    psa_key_lifetime_t lifetime = lifetime_arg;
-    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg );
-    psa_algorithm_t alg = alg_arg;
-    psa_algorithm_t alg2 = alg2_arg;
-    psa_key_usage_t usage_flags = usage_arg;
-    psa_key_type_t type = type_arg;
-    invalidate_method_t invalidate_method = invalidate_method_arg;
-    mbedtls_svc_key_id_t returned_id = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_handle_t handle = PSA_KEY_HANDLE_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_attributes_t read_attributes = PSA_KEY_ATTRIBUTES_INIT;
-    uint8_t *reexported = NULL;
-    size_t reexported_length = -1;
-
-#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
-    mbedtls_svc_key_id_t wrong_owner_id =
-        mbedtls_svc_key_id_make( owner_id_arg + 1, id_arg );
-    mbedtls_svc_key_id_t invalid_svc_key_id = MBEDTLS_SVC_KEY_ID_INIT;
-#endif
-
-    TEST_USES_KEY_ID( id );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_id( &attributes, id );
-    psa_set_key_lifetime( &attributes, lifetime );
-    psa_set_key_type( &attributes, type );
-    psa_set_key_usage_flags( &attributes, usage_flags );
-    psa_set_key_algorithm( &attributes, alg );
-    psa_set_key_enrollment_algorithm( &attributes, alg2 );
-    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
-                                &returned_id ) );
-    TEST_ASSERT( mbedtls_svc_key_id_equal( id, returned_id ) );
-
-#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
-    TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_svc_key_id ),
-                PSA_ERROR_DOES_NOT_EXIST );
-#endif
-
-    PSA_ASSERT( psa_get_key_attributes( id, &attributes ) );
-    TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
-    TEST_ASSERT( mbedtls_svc_key_id_equal(
-                     psa_get_key_id( &attributes ), id ) );
-    TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
-    TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg );
-    TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 );
-    TEST_EQUAL( psa_get_key_type( &attributes ), type );
-
-    /* Close the key and then open it. */
-    PSA_ASSERT( psa_close_key( id ) );
-
-#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
-    TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_svc_key_id ),
-                PSA_ERROR_DOES_NOT_EXIST );
-#endif
-
-    PSA_ASSERT( psa_open_key( id, &handle ) );
-    TEST_ASSERT( ! psa_key_handle_is_null( handle ) );
-    PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
-    TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
-    TEST_ASSERT( mbedtls_svc_key_id_equal(
-                     psa_get_key_id( &attributes ), id ) );
-    TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
-    TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg );
-    TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 );
-    TEST_EQUAL( psa_get_key_type( &attributes ), type );
-
-    /*
-     * Do something that wipes key data in volatile memory or destroy the
-     * key.
-     */
-    if( ! invalidate_key( invalidate_method, id ) )
-        goto exit;
-    if( ! invalidate_psa( invalidate_method ) )
-        goto exit;
-
-    /* Try to reaccess the key. If we destroyed it, check that it doesn't
-     * exist. Otherwise check that it still exists and has the expected
-     * content. */
-    switch( invalidate_method )
-    {
-        case INVALIDATE_BY_CLOSING:
-        case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN:
-        case INVALIDATE_BY_PURGING:
-        case INVALIDATE_BY_PURGING_WITH_SHUTDOWN:
-        case INVALIDATE_BY_SHUTDOWN:
-            PSA_ASSERT( psa_open_key( id, &handle ) );
-            PSA_ASSERT( psa_get_key_attributes( id, &read_attributes ) );
-            TEST_EQUAL( psa_get_key_lifetime( &attributes ),
-                        psa_get_key_lifetime( &read_attributes ) );
-            TEST_ASSERT( mbedtls_svc_key_id_equal(
-                             psa_get_key_id( &attributes ),
-                             psa_get_key_id( &read_attributes ) ) );
-            TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
-            TEST_EQUAL( psa_get_key_algorithm( &attributes ),
-                        psa_get_key_algorithm( &read_attributes ) );
-            TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ),
-                        psa_get_key_enrollment_algorithm( &read_attributes ) );
-            TEST_EQUAL( psa_get_key_type( &attributes ),
-                        psa_get_key_type( &read_attributes ) );
-            TEST_EQUAL( psa_get_key_bits( &attributes ),
-                        psa_get_key_bits( &read_attributes ) );
-            if( usage_flags & PSA_KEY_USAGE_EXPORT )
-            {
-                ASSERT_ALLOC( reexported, key_data->len );
-                PSA_ASSERT( psa_export_key( id, reexported, key_data->len,
-                                            &reexported_length ) );
-                ASSERT_COMPARE( key_data->x, key_data->len,
-                                reexported, reexported_length );
-            }
-            else
-            {
-                TEST_EQUAL( psa_export_key( id, NULL, 0, &reexported_length ),
-                            PSA_ERROR_NOT_PERMITTED );
-            }
-            PSA_ASSERT( psa_close_key( handle ) );
-            break;
-
-        case INVALIDATE_BY_DESTROYING:
-        case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN:
-            /*
-             * Test that the key handle and identifier are now not refering to an
-             * existing key.
-             */
-            TEST_EQUAL( psa_get_key_attributes( handle, &read_attributes ),
-                        PSA_ERROR_DOES_NOT_EXIST );
-            TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_DOES_NOT_EXIST );
-            TEST_EQUAL( psa_get_key_attributes( id, &read_attributes ),
-                        PSA_ERROR_DOES_NOT_EXIST );
-            break;
-    }
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-    psa_reset_key_attributes( &read_attributes );
-
-    PSA_DONE( );
-    psa_purge_key_storage( );
-    mbedtls_free( reexported );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
-void create_existent( int lifetime_arg, int owner_id_arg, int id_arg,
-                      int reopen_policy_arg )
-{
-    psa_key_lifetime_t lifetime = lifetime_arg;
-    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg );
-    mbedtls_svc_key_id_t returned_id = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_type_t type1 = PSA_KEY_TYPE_RAW_DATA;
-    const uint8_t material1[5] = "a key";
-    const uint8_t material2[5] = "b key";
-    size_t bits1 = PSA_BYTES_TO_BITS( sizeof( material1 ) );
-    uint8_t reexported[sizeof( material1 )];
-    size_t reexported_length;
-    reopen_policy_t reopen_policy = reopen_policy_arg;
-
-    TEST_USES_KEY_ID( id );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    /* Create a key. */
-    psa_set_key_id( &attributes, id );
-    psa_set_key_lifetime( &attributes, lifetime );
-    psa_set_key_type( &attributes, type1 );
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
-    psa_set_key_algorithm( &attributes, 0 );
-    PSA_ASSERT( psa_import_key( &attributes, material1, sizeof( material1 ),
-                                &returned_id ) );
-    TEST_ASSERT( mbedtls_svc_key_id_equal( id, returned_id ) );
-
-    if( reopen_policy == CLOSE_BEFORE )
-        PSA_ASSERT( psa_close_key( id ) );
-
-    /* Attempt to create a new key in the same slot. */
-    TEST_EQUAL( psa_import_key( &attributes, material2, sizeof( material2 ),
-                                &returned_id ),
-                PSA_ERROR_ALREADY_EXISTS );
-    TEST_ASSERT( mbedtls_svc_key_id_is_null( returned_id ) );
-
-    if( reopen_policy == CLOSE_AFTER )
-        PSA_ASSERT( psa_close_key( id ) );
-
-    /* Check that the original key hasn't changed. */
-    psa_reset_key_attributes( &attributes );
-    PSA_ASSERT( psa_get_key_attributes( id, &attributes ) );
-    TEST_ASSERT( mbedtls_svc_key_id_equal(
-                     psa_get_key_id( &attributes ), id ) );
-    TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
-    TEST_EQUAL( psa_get_key_type( &attributes ), type1 );
-    TEST_EQUAL( psa_get_key_bits( &attributes ), bits1 );
-    TEST_EQUAL( psa_get_key_usage_flags( &attributes ), PSA_KEY_USAGE_EXPORT );
-    TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
-
-    PSA_ASSERT( psa_export_key( id,
-                                reexported, sizeof( reexported ),
-                                &reexported_length ) );
-    ASSERT_COMPARE( material1, sizeof( material1 ),
-                    reexported, reexported_length );
-
-    PSA_ASSERT( psa_close_key( id ) );
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    PSA_DONE( );
-    psa_purge_key_storage( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void open_fail( int id_arg,
-                int expected_status_arg )
-{
-    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, id_arg );
-    psa_status_t expected_status = expected_status_arg;
-    psa_key_handle_t handle = mbedtls_svc_key_id_make( 0xdead, 0xdead );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    TEST_EQUAL( psa_open_key( id, &handle ), expected_status );
-    TEST_ASSERT( psa_key_handle_is_null( handle ) );
-
-exit:
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void create_fail( int lifetime_arg, int id_arg,
-                  int expected_status_arg )
-{
-    psa_key_lifetime_t lifetime = lifetime_arg;
-    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, id_arg );
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_status_t expected_status = expected_status_arg;
-    mbedtls_svc_key_id_t returned_id =
-        mbedtls_svc_key_id_make( 0xdead, 0xdead );
-    uint8_t material[1] = {'k'};
-
-    TEST_USES_KEY_ID( id );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_lifetime( &attributes, lifetime );
-    if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
-    {
-        /*
-         * Not possible to set a key identifier different from 0 through
-         * PSA key attributes APIs thus accessing to the attributes
-         * directly.
-         */
-        attributes.core.id = id;
-    }
-    else
-        psa_set_key_id( &attributes, id );
-
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
-    TEST_EQUAL( psa_import_key( &attributes, material, sizeof( material ),
-                                &returned_id ),
-                expected_status );
-    TEST_ASSERT( mbedtls_svc_key_id_is_null( returned_id ) );
-
-exit:
-    PSA_DONE( );
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-    psa_purge_key_storage( );
-#endif
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void copy_across_lifetimes( int source_lifetime_arg, int source_owner_id_arg,
-                            int source_id_arg, int source_usage_arg,
-                            int source_alg_arg, int source_alg2_arg,
-                            int type_arg, data_t *material,
-                            int target_lifetime_arg, int target_owner_id_arg,
-                            int target_id_arg, int target_usage_arg,
-                            int target_alg_arg, int target_alg2_arg,
-                            int expected_usage_arg,
-                            int expected_alg_arg, int expected_alg2_arg )
-{
-    psa_key_lifetime_t source_lifetime = source_lifetime_arg;
-    mbedtls_svc_key_id_t source_id =
-        mbedtls_svc_key_id_make( source_owner_id_arg, source_id_arg );
-    psa_key_usage_t source_usage = source_usage_arg;
-    psa_algorithm_t source_alg = source_alg_arg;
-    psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_type_t source_type = type_arg;
-    mbedtls_svc_key_id_t returned_source_id = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_lifetime_t target_lifetime = target_lifetime_arg;
-    mbedtls_svc_key_id_t target_id =
-        mbedtls_svc_key_id_make( target_owner_id_arg, target_id_arg );
-    psa_key_usage_t target_usage = target_usage_arg;
-    psa_algorithm_t target_alg = target_alg_arg;
-    psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT;
-    mbedtls_svc_key_id_t returned_target_id = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_handle_t target_handle = PSA_KEY_HANDLE_INIT;
-    psa_key_usage_t expected_usage = expected_usage_arg;
-    psa_algorithm_t expected_alg = expected_alg_arg;
-    psa_algorithm_t expected_alg2 = expected_alg2_arg;
-    uint8_t *export_buffer = NULL;
-
-    TEST_USES_KEY_ID( source_id );
-    TEST_USES_KEY_ID( target_id );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    /* Populate the source slot. */
-    psa_set_key_id( &source_attributes, source_id );
-    psa_set_key_lifetime( &source_attributes, source_lifetime );
-
-    psa_set_key_type( &source_attributes, source_type );
-    psa_set_key_usage_flags( &source_attributes, source_usage );
-    psa_set_key_algorithm( &source_attributes, source_alg );
-    psa_set_key_enrollment_algorithm( &source_attributes, source_alg2_arg );
-    PSA_ASSERT( psa_import_key( &source_attributes,
-                                material->x, material->len,
-                                &returned_source_id ) );
-    /* Update the attributes with the bit size. */
-    PSA_ASSERT( psa_get_key_attributes( returned_source_id,
-                                        &source_attributes ) );
-
-    /* Prepare the target slot. */
-    psa_set_key_id( &target_attributes, target_id );
-    psa_set_key_lifetime( &target_attributes, target_lifetime );
-
-    psa_set_key_usage_flags( &target_attributes, target_usage );
-    psa_set_key_algorithm( &target_attributes, target_alg );
-    psa_set_key_enrollment_algorithm( &target_attributes, target_alg2_arg );
-
-    /* Copy the key. */
-    PSA_ASSERT( psa_copy_key( returned_source_id,
-                              &target_attributes, &returned_target_id ) );
-
-    /* Destroy the source to ensure that this doesn't affect the target. */
-    PSA_ASSERT( psa_destroy_key( returned_source_id ) );
-
-    /* If the target key is persistent, restart the system to make
-     * sure that the material is still alive. */
-    if( ! PSA_KEY_LIFETIME_IS_VOLATILE( target_lifetime ) )
-    {
-        mbedtls_psa_crypto_free( );
-        PSA_ASSERT( psa_crypto_init( ) );
-        PSA_ASSERT( psa_open_key( target_id, &target_handle ) );
-    }
-
-    /* Test that the target slot has the expected content. */
-    psa_reset_key_attributes( &target_attributes );
-    PSA_ASSERT( psa_get_key_attributes( returned_target_id,
-                                        &target_attributes ) );
-
-    if( ! PSA_KEY_LIFETIME_IS_VOLATILE( target_lifetime ) )
-    {
-        TEST_ASSERT( mbedtls_svc_key_id_equal(
-                         target_id, psa_get_key_id( &target_attributes ) ) );
-    }
-    else
-    {
-#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
-        TEST_EQUAL( MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( returned_target_id ),
-                    target_owner_id_arg );
-#endif
-    }
-
-    TEST_EQUAL( target_lifetime, psa_get_key_lifetime( &target_attributes ) );
-    TEST_EQUAL( source_type, psa_get_key_type( &target_attributes ) );
-    TEST_EQUAL( psa_get_key_bits( &source_attributes ),
-                psa_get_key_bits( &target_attributes ) );
-    TEST_EQUAL( expected_usage, psa_get_key_usage_flags( &target_attributes ) );
-    TEST_EQUAL( expected_alg, psa_get_key_algorithm( &target_attributes ) );
-    TEST_EQUAL( expected_alg2,
-                psa_get_key_enrollment_algorithm( &target_attributes ) );
-    if( expected_usage & PSA_KEY_USAGE_EXPORT )
-    {
-        size_t length;
-        ASSERT_ALLOC( export_buffer, material->len );
-        PSA_ASSERT( psa_export_key( returned_target_id, export_buffer,
-                                    material->len, &length ) );
-        ASSERT_COMPARE( material->x, material->len,
-                        export_buffer, length );
-    }
-    else
-    {
-        size_t length;
-        /* Check that the key is actually non-exportable. */
-        TEST_EQUAL( psa_export_key( returned_target_id, export_buffer,
-                                    material->len, &length ),
-                    PSA_ERROR_NOT_PERMITTED );
-    }
-
-    PSA_ASSERT( psa_destroy_key( returned_target_id ) );
-
-exit:
-    /*
-     * Source and target key attributes may have been returned by
-     * psa_get_key_attributes() thus reset them as required.
-     */
-    psa_reset_key_attributes( &source_attributes );
-    psa_reset_key_attributes( &target_attributes );
-
-    PSA_DONE( );
-    mbedtls_free( export_buffer );
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-    psa_purge_key_storage( );
-#endif
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void copy_to_occupied( int source_lifetime_arg, int source_id_arg,
-                       int source_usage_arg, int source_alg_arg,
-                       int source_type_arg, data_t *source_material,
-                       int target_lifetime_arg, int target_id_arg,
-                       int target_usage_arg, int target_alg_arg,
-                       int target_type_arg, data_t *target_material )
-{
-    psa_key_lifetime_t source_lifetime = source_lifetime_arg;
-    mbedtls_svc_key_id_t source_id =
-        mbedtls_svc_key_id_make( 1, source_id_arg );
-    psa_key_usage_t source_usage = source_usage_arg;
-    psa_algorithm_t source_alg = source_alg_arg;
-    psa_key_type_t source_type = source_type_arg;
-    mbedtls_svc_key_id_t returned_source_id = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_key_lifetime_t target_lifetime = target_lifetime_arg;
-    mbedtls_svc_key_id_t target_id =
-        mbedtls_svc_key_id_make( 1, target_id_arg );
-    psa_key_usage_t target_usage = target_usage_arg;
-    psa_algorithm_t target_alg = target_alg_arg;
-    psa_key_type_t target_type = target_type_arg;
-    mbedtls_svc_key_id_t returned_target_id = MBEDTLS_SVC_KEY_ID_INIT;
-    mbedtls_svc_key_id_t new_key = MBEDTLS_SVC_KEY_ID_INIT;
-    uint8_t *export_buffer = NULL;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_attributes_t attributes1 = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_attributes_t attributes2 = PSA_KEY_ATTRIBUTES_INIT;
-
-    TEST_USES_KEY_ID( source_id );
-    TEST_USES_KEY_ID( target_id );
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    /* Populate the source slot. */
-    if( ! PSA_KEY_LIFETIME_IS_VOLATILE( source_lifetime ) )
-    {
-        psa_set_key_id( &attributes, source_id );
-        psa_set_key_lifetime( &attributes, source_lifetime );
-    }
-    psa_set_key_type( &attributes, source_type );
-    psa_set_key_usage_flags( &attributes, source_usage );
-    psa_set_key_algorithm( &attributes, source_alg );
-    PSA_ASSERT( psa_import_key( &attributes,
-                                source_material->x, source_material->len,
-                                &returned_source_id ) );
-
-    /* Populate the target slot. */
-    if( mbedtls_svc_key_id_equal( target_id, source_id ) )
-    {
-        returned_target_id = returned_source_id;
-    }
-    else
-    {
-        psa_set_key_id( &attributes1, target_id );
-        psa_set_key_lifetime( &attributes1, target_lifetime );
-        psa_set_key_type( &attributes1, target_type );
-        psa_set_key_usage_flags( &attributes1, target_usage );
-        psa_set_key_algorithm( &attributes1, target_alg );
-        PSA_ASSERT( psa_import_key( &attributes1,
-                                    target_material->x, target_material->len,
-                                    &returned_target_id ) );
-    }
-
-    PSA_ASSERT( psa_get_key_attributes( returned_target_id, &attributes1 ) );
-
-    /* Make a copy attempt. */
-    psa_set_key_id( &attributes, target_id );
-    psa_set_key_lifetime( &attributes, target_lifetime );
-    TEST_EQUAL( psa_copy_key( returned_source_id,
-                              &attributes, &new_key ),
-                PSA_ERROR_ALREADY_EXISTS );
-    TEST_ASSERT( mbedtls_svc_key_id_is_null( new_key ) );
-
-    /* Test that the target slot is unaffected. */
-    PSA_ASSERT( psa_get_key_attributes( returned_target_id, &attributes2 ) );
-    TEST_ASSERT( mbedtls_svc_key_id_equal(
-                     psa_get_key_id( &attributes1 ),
-                     psa_get_key_id( &attributes2 ) ) );
-    TEST_EQUAL( psa_get_key_lifetime( &attributes1 ),
-                psa_get_key_lifetime( &attributes2 ) );
-    TEST_EQUAL( psa_get_key_type( &attributes1 ),
-                psa_get_key_type( &attributes2 ) );
-    TEST_EQUAL( psa_get_key_bits( &attributes1 ),
-                psa_get_key_bits( &attributes2 ) );
-    TEST_EQUAL( psa_get_key_usage_flags( &attributes1 ),
-                psa_get_key_usage_flags( &attributes2 ) );
-    TEST_EQUAL( psa_get_key_algorithm( &attributes1 ),
-                psa_get_key_algorithm( &attributes2 ) );
-    if( target_usage & PSA_KEY_USAGE_EXPORT )
-    {
-        size_t length;
-        ASSERT_ALLOC( export_buffer, target_material->len );
-        PSA_ASSERT( psa_export_key( returned_target_id, export_buffer,
-                                    target_material->len, &length ) );
-        ASSERT_COMPARE( target_material->x, target_material->len,
-                        export_buffer, length );
-    }
-
-    PSA_ASSERT( psa_destroy_key( returned_source_id ) );
-    if( ! mbedtls_svc_key_id_equal( target_id, source_id ) )
-        PSA_ASSERT( psa_destroy_key( returned_target_id ) );
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes1 );
-    psa_reset_key_attributes( &attributes2 );
-
-    PSA_DONE( );
-    mbedtls_free( export_buffer );
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-    psa_purge_key_storage( );
-#endif
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void invalid_handle( int handle_construction,
-                     int close_status_arg, int usage_status_arg )
-{
-    psa_key_handle_t valid_handle = PSA_KEY_HANDLE_INIT;
-    psa_key_handle_t invalid_handle = PSA_KEY_HANDLE_INIT;
-    psa_key_id_t key_id;
-    psa_status_t close_status = close_status_arg;
-    psa_status_t usage_status = usage_status_arg;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    uint8_t material[1] = "a";
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    /* Allocate a handle and store a key in it. */
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
-    psa_set_key_usage_flags( &attributes, 0 );
-    psa_set_key_algorithm( &attributes, 0 );
-    PSA_ASSERT( psa_import_key( &attributes,
-                                material, sizeof( material ),
-                                &valid_handle ) );
-    TEST_ASSERT( ! psa_key_handle_is_null( valid_handle ) );
-
-    /* Construct an invalid handle as specified in the test case data. */
-    switch( handle_construction )
-    {
-        case INVALID_HANDLE_0:
-            invalid_handle = PSA_KEY_HANDLE_INIT;
-            break;
-        case INVALID_HANDLE_UNOPENED:
-
-            /*
-             * MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) is a volatile
-             * key identifier as the imported key is a volatile key. Volatile
-             * key identifiers are in the range from PSA_KEY_ID_VOLATILE_MIN
-             * to PSA_KEY_ID_VOLATILE_MAX included. Thus pick a key identifier
-             * in the range from PSA_KEY_ID_VOLATILE_MIN to
-             * PSA_KEY_ID_VOLATILE_MAX different from
-             * MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) to build an
-             * unopened and thus invalid identifier.
-             */
-
-            if( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) ==
-                PSA_KEY_ID_VOLATILE_MIN )
-                key_id = PSA_KEY_ID_VOLATILE_MIN + 1;
-            else
-                key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) - 1;
-
-            invalid_handle =
-                mbedtls_svc_key_id_make( 0, key_id );
-            break;
-        case INVALID_HANDLE_CLOSED:
-            PSA_ASSERT( psa_import_key( &attributes,
-                                        material, sizeof( material ),
-                                        &invalid_handle ) );
-            PSA_ASSERT( psa_destroy_key( invalid_handle ) );
-            break;
-        case INVALID_HANDLE_HUGE:
-            invalid_handle =
-                mbedtls_svc_key_id_make( 0, PSA_KEY_ID_VENDOR_MAX + 1 );
-            break;
-        default:
-            TEST_ASSERT( ! "unknown handle construction" );
-    }
-
-    /* Attempt to use the invalid handle. */
-    TEST_EQUAL( psa_get_key_attributes( invalid_handle, &attributes ),
-                usage_status );
-    TEST_EQUAL( psa_close_key( invalid_handle ), close_status );
-    TEST_EQUAL( psa_destroy_key( invalid_handle ), close_status );
-
-    /* After all this, check that the original handle is intact. */
-    PSA_ASSERT( psa_get_key_attributes( valid_handle, &attributes ) );
-    TEST_EQUAL( psa_get_key_type( &attributes ), PSA_KEY_TYPE_RAW_DATA );
-    TEST_EQUAL( psa_get_key_bits( &attributes ),
-                PSA_BYTES_TO_BITS( sizeof( material ) ) );
-    PSA_ASSERT( psa_close_key( valid_handle ) );
-
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void many_transient_keys( int max_keys_arg )
-{
-    mbedtls_svc_key_id_t *keys = NULL;
-    size_t max_keys = max_keys_arg;
-    size_t i, j;
-    psa_status_t status;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    uint8_t exported[sizeof( size_t )];
-    size_t exported_length;
-
-    ASSERT_ALLOC( keys, max_keys );
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
-    psa_set_key_algorithm( &attributes, 0 );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
-
-    for( i = 0; i < max_keys; i++ )
-    {
-        status = psa_import_key( &attributes,
-                                 (uint8_t *) &i, sizeof( i ),
-                                 &keys[i] );
-        if( status == PSA_ERROR_INSUFFICIENT_MEMORY )
-            break;
-        PSA_ASSERT( status );
-        TEST_ASSERT( ! mbedtls_svc_key_id_is_null( keys[i] ) );
-        for( j = 0; j < i; j++ )
-            TEST_ASSERT( ! mbedtls_svc_key_id_equal( keys[i], keys[j] ) );
-    }
-    max_keys = i;
-
-    for( i = 1; i < max_keys; i++ )
-    {
-        PSA_ASSERT( psa_close_key( keys[i - 1] ) );
-        PSA_ASSERT( psa_export_key( keys[i],
-                                    exported, sizeof( exported ),
-                                    &exported_length ) );
-        ASSERT_COMPARE( exported, exported_length,
-                        (uint8_t *) &i, sizeof( i ) );
-    }
-    PSA_ASSERT( psa_close_key( keys[i - 1] ) );
-
-exit:
-    PSA_DONE( );
-    mbedtls_free( keys );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
-void key_slot_eviction_to_import_new_key( int lifetime_arg )
-{
-    psa_key_lifetime_t lifetime = (psa_key_lifetime_t)lifetime_arg;
-    size_t i;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    uint8_t exported[sizeof( size_t )];
-    size_t exported_length;
-    mbedtls_svc_key_id_t key, returned_key_id;
-
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
-    psa_set_key_algorithm( &attributes, 0 );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
-
-    /*
-     * Create PSA_KEY_SLOT_COUNT persistent keys.
-     */
-    for( i = 0; i < PSA_KEY_SLOT_COUNT; i++ )
-    {
-        key = mbedtls_svc_key_id_make( i, i + 1 );
-        psa_set_key_id( &attributes, key );
-        PSA_ASSERT( psa_import_key( &attributes,
-                                    (uint8_t *) &i, sizeof( i ),
-                                    &returned_key_id ) );
-       TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, key ) );
-    }
-
-    /*
-     * Create a new persistent or volatile key. When creating the key,
-     * one of the descriptions of the previously created persistent keys
-     * is removed from the RAM key slots. This makes room to store its
-     * description in RAM.
-     */
-    i = PSA_KEY_SLOT_COUNT;
-    key = mbedtls_svc_key_id_make( i, i + 1 );
-    psa_set_key_id( &attributes, key );
-    psa_set_key_lifetime( &attributes, lifetime );
-
-    PSA_ASSERT( psa_import_key( &attributes,
-                                (uint8_t *) &i, sizeof( i ),
-                                &returned_key_id ) );
-    if( lifetime != PSA_KEY_LIFETIME_VOLATILE )
-        TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, key ) );
-    else
-        TEST_ASSERT( psa_key_id_is_volatile(
-                     MBEDTLS_SVC_KEY_ID_GET_KEY_ID( returned_key_id ) ) );
-
-    /*
-     * Check that we can export all ( PSA_KEY_SLOT_COUNT + 1 ) keys,
-     * that they have the expected value and destroy them. In that process,
-     * the description of the persistent key that was evicted from the RAM
-     * slots when creating the last key is restored in a RAM slot to export
-     * its value.
-     */
-    for( i = 0; i <= PSA_KEY_SLOT_COUNT; i++ )
-    {
-        if( i < PSA_KEY_SLOT_COUNT )
-            key = mbedtls_svc_key_id_make( i, i + 1 );
-        else
-            key = returned_key_id;
-
-        PSA_ASSERT( psa_export_key( key,
-                                    exported, sizeof( exported ),
-                                    &exported_length ) );
-        ASSERT_COMPARE( exported, exported_length,
-                        (uint8_t *) &i, sizeof( i ) );
-        PSA_ASSERT( psa_destroy_key( key ) );
-    }
-
-exit:
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
-void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( )
-{
-    psa_status_t status;
-    size_t i;
-    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    uint8_t exported[sizeof( size_t )];
-    size_t exported_length;
-    mbedtls_svc_key_id_t persistent_key = MBEDTLS_SVC_KEY_ID_INIT;
-    mbedtls_svc_key_id_t persistent_key2 = MBEDTLS_SVC_KEY_ID_INIT;
-    mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT;
-    mbedtls_svc_key_id_t *keys = NULL;
-
-    TEST_ASSERT( PSA_KEY_SLOT_COUNT >= 1 );
-
-    ASSERT_ALLOC( keys, PSA_KEY_SLOT_COUNT );
-    PSA_ASSERT( psa_crypto_init( ) );
-
-    psa_set_key_usage_flags( &attributes,
-                             PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY );
-    psa_set_key_algorithm( &attributes, 0 );
-    psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
-
-    /*
-     * Create a persistent key
-     */
-    persistent_key = mbedtls_svc_key_id_make( 0x100, 0x205 );
-    psa_set_key_id( &attributes, persistent_key );
-    PSA_ASSERT( psa_import_key( &attributes,
-                                (uint8_t *) &persistent_key,
-                                sizeof( persistent_key ),
-                                &returned_key_id ) );
-    TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, persistent_key ) );
-
-    /*
-     * Create PSA_KEY_SLOT_COUNT volatile keys
-     */
-    psa_set_key_lifetime( &attributes, PSA_KEY_LIFETIME_VOLATILE );
-    for( i = 0; i < PSA_KEY_SLOT_COUNT; i++ )
-    {
-        PSA_ASSERT( psa_import_key( &attributes,
-                                    (uint8_t *) &i, sizeof( i ),
-                                    &keys[i]) );
-    }
-    psa_reset_key_attributes( &attributes );
-
-    /*
-     * Check that we cannot access the persistent key as all slots are
-     * occupied by volatile keys and the implementation needs to load the
-     * persistent key description in a slot to be able to access it.
-     */
-    status = psa_get_key_attributes( persistent_key, &attributes );
-    TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_MEMORY );
-
-    /*
-     * Check we can export the volatile key created last and that it has the
-     * expected value. Then, destroy it.
-     */
-    PSA_ASSERT( psa_export_key( keys[PSA_KEY_SLOT_COUNT - 1],
-                                exported, sizeof( exported ),
-                                &exported_length ) );
-    i = PSA_KEY_SLOT_COUNT - 1;
-    ASSERT_COMPARE( exported, exported_length, (uint8_t *) &i, sizeof( i ) );
-    PSA_ASSERT( psa_destroy_key( keys[PSA_KEY_SLOT_COUNT - 1] ) );
-
-    /*
-     * Check that we can now access the persistent key again.
-     */
-    PSA_ASSERT( psa_get_key_attributes( persistent_key, &attributes ) );
-    TEST_ASSERT( mbedtls_svc_key_id_equal( attributes.core.id,
-                                           persistent_key ) );
-
-    /*
-     * Check that we cannot copy the persistent key as all slots are occupied
-     * by the persistent key and the volatile keys and the slot containing the
-     * persistent key cannot be reclaimed as it contains the key to copy.
-     */
-    persistent_key2 = mbedtls_svc_key_id_make( 0x100, 0x204 );
-    psa_set_key_id( &attributes, persistent_key2 );
-    status = psa_copy_key( persistent_key, &attributes, &returned_key_id );
-    TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_MEMORY );
-
-    /*
-     * Check we can export the remaining volatile keys and that they have the
-     * expected values.
-     */
-    for( i = 0; i < ( PSA_KEY_SLOT_COUNT - 1 ); i++ )
-    {
-        PSA_ASSERT( psa_export_key( keys[i],
-                                    exported, sizeof( exported ),
-                                    &exported_length ) );
-        ASSERT_COMPARE( exported, exported_length,
-                        (uint8_t *) &i, sizeof( i ) );
-        PSA_ASSERT( psa_destroy_key( keys[i] ) );
-    }
-
-    /*
-     * Check we can export the persistent key and that it have the expected
-     * value.
-     */
-
-    PSA_ASSERT( psa_export_key( persistent_key, exported, sizeof( exported ),
-                                &exported_length ) );
-    ASSERT_COMPARE( exported, exported_length,
-                    (uint8_t *) &persistent_key, sizeof( persistent_key ) );
-exit:
-    /*
-     * Key attributes may have been returned by psa_get_key_attributes()
-     * thus reset them as required.
-     */
-    psa_reset_key_attributes( &attributes );
-
-    psa_destroy_key( persistent_key );
-    PSA_DONE( );
-    mbedtls_free( keys );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_its.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_its.data
deleted file mode 100644
index 63ca129..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_its.data
+++ /dev/null
@@ -1,65 +0,0 @@
-Set/get/remove 0 bytes
-set_get_remove:0:0:""
-
-Set/get/remove 42 bytes
-set_get_remove:0:0:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223242526272829"
-
-Set/get/remove 1000 bytes
-set_get_remove:0:0:"6a07ecfcc7c7bfe0129d56d2dcf2955a12845b9e6e0034b0ed7226764261c6222a07b9f654deb682130eb1cd07ed298324e60a46f9c76c8a5a0be000c69e93dd81054ca21fbc6190cef7745e9d5436f70e20e10cbf111d1d40c9ceb83be108775199d81abaf0fecfe30eaa08e7ed82517cba939de4449f7ac5c730fcbbf56e691640b0129db0e178045dd2034262de9138873d9bdca57685146a3d516ff13c29e6628a00097435a8e10fef7faff62d2963c303a93793e2211d8604556fec08cd59c0f5bd1f22eea64be13e88b3f454781e83fe6e771d3d81eb2fbe2021e276f42a93db5343d767d854115e74f5e129a8036b1e81aced9872709d515e00bcf2098ccdee23006b0e836b27dc8aaf30f53fe58a31a6408abb79b13098c22e262a98040f9b09809a3b43bd42eb01cf1d17bbc8b4dfe51fa6573d4d8741943e3ae71a649e194c1218f2e20556c7d8cfe8c64d8cc1aa94531fbf638768c7d19b3c079299cf4f26ed3f964efb8fd23d82b4157a51f46da11156c74e2d6e2fd788869ebb52429e12a82da2ba083e2e74565026162f29ca22582da72a2698e7c5d958b919bc2cdfe12f50364ccfed30efd5cd120a7d5f196b2bd7f911bb44d5871eb3dedcd70ece7faf464988f9fe361f23d7244b1e08bee921d0f28bdb4912675809d099876d4d15b7d13ece356e1f2a5dce64feb3d6749a07a4f2b7721190e17a9ab2966e48b6d25187070b81eb45b1c44608b2f0e175958ba57fcf1b2cd145eea5fd4de858d157ddac69dfbb5d5d6f0c1691b0fae5a143b6e58cdf5000f28d74b3322670ed11e740c828c7bfad4e2f392012da3ac931ea26ed15fd003e604071f5900c6e1329d021805d50da9f1e732a49bcc292d9f8e07737cfd59442e8d7aaa813b18183a68e22bf6b4519545dd7d2d519db3652be4131bad4f4b0625dbaa749e979f6ee8c1b97803cb50a2fa20dc883eac932a824b777b226e15294de6a80be3ddef41478fe18172d64407a004de6bae18bc60e90c902c1cbb0e1633395b42391f5011be0d480541987609b0cd8d902ea29f86f73e7362340119323eb0ea4f672b70d6e9a9df5235f9f1965f5cb0c2998c5a7f4754e83eeda5d95fefbbaaa0875fe37b7ca461e7281cc5479162627c5a709b45fd9ddcde4dfb40659e1d70fa7361d9fc7de24f9b8b13259423fdae4dbb98d691db687467a5a7eb027a4a0552a03e430ac8a32de0c30160ba60a036d6b9db2d6182193283337b92e7438dc5d6eb4fa00200d8efa9127f1c3a32ac8e202262773aaa5a965c6b8035b2e5706c32a55511560429ddf1df4ac34076b7eedd9cf94b6915a894fdd9084ffe3db0e7040f382c3cd04f0484595de95865c36b6bf20f46a78cdfb37228acbeb218de798b9586f6d99a0cbae47e80d"
-
-Set/get/remove with flags
-set_get_remove:0:0x12345678:"abcdef"
-
-Overwrite 0 -> 3
-set_overwrite:0:0x12345678:"":0x01020304:"abcdef"
-
-Overwrite 3 -> 0
-set_overwrite:0:0x12345678:"abcdef":0x01020304:""
-
-Overwrite 3 -> 3
-set_overwrite:0:0x12345678:"123456":0x01020304:"abcdef"
-
-Overwrite 3 -> 18
-set_overwrite:0:0x12345678:"abcdef":0x01020304:"404142434445464748494a4b4c4d4e4f5051"
-
-Overwrite 18 -> 3
-set_overwrite:0:0x12345678:"404142434445464748494a4b4c4d4e4f5051":0x01020304:"abcdef"
-
-Multiple files
-set_multiple:0:5
-
-Non-existent file
-nonexistent:0:0
-
-Removed file
-nonexistent:0:1
-
-Get 0 bytes of 10 at 10
-get_at:0:"40414243444546474849":10:0:PSA_SUCCESS
-
-Get 1 byte of 10 at 9
-get_at:0:"40414243444546474849":9:1:PSA_SUCCESS
-
-Get 0 bytes of 10 at 0
-get_at:0:"40414243444546474849":0:0:PSA_SUCCESS
-
-Get 1 byte of 10 at 0
-get_at:0:"40414243444546474849":0:1:PSA_SUCCESS
-
-Get 2 bytes of 10 at 1
-get_at:0:"40414243444546474849":1:2:PSA_SUCCESS
-
-Get 1 byte of 10 at 10: out of range
-get_at:0:"40414243444546474849":10:1:PSA_ERROR_INVALID_ARGUMENT
-
-Get 1 byte of 10 at 11: out of range
-get_at:0:"40414243444546474849":11:1:PSA_ERROR_INVALID_ARGUMENT
-
-Get 0 bytes of 10 at 11: out of range
-get_at:0:"40414243444546474849":11:0:PSA_ERROR_INVALID_ARGUMENT
-
-Get -1 byte of 10 at 10: out of range
-get_at:0:"40414243444546474849":10:-1:PSA_ERROR_INVALID_ARGUMENT
-
-Get 1 byte of 10 at -1: out of range
-get_at:0:"40414243444546474849":-1:1:PSA_ERROR_INVALID_ARGUMENT
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_its.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_its.function
deleted file mode 100644
index a7ce7b1..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_its.function
+++ /dev/null
@@ -1,233 +0,0 @@
-/* BEGIN_HEADER */
-
-/* This test file is specific to the ITS implementation in PSA Crypto
- * on top of stdio. It expects to know what the stdio name of a file is
- * based on its keystore name.
- */
-
-#include "../library/psa_crypto_its.h"
-
-#include "test/psa_helpers.h"
-
-/* Internal definitions of the implementation, copied for the sake of
- * some of the tests and of the cleanup code. */
-#define PSA_ITS_STORAGE_PREFIX ""
-#define PSA_ITS_STORAGE_FILENAME_PATTERN "%08lx%08lx"
-#define PSA_ITS_STORAGE_SUFFIX ".psa_its"
-#define PSA_ITS_STORAGE_FILENAME_LENGTH         \
-    ( sizeof( PSA_ITS_STORAGE_PREFIX ) - 1 + /*prefix without terminating 0*/ \
-      16 + /*UID (64-bit number in hex)*/                               \
-      sizeof( PSA_ITS_STORAGE_SUFFIX ) - 1 + /*suffix without terminating 0*/ \
-      1 /*terminating null byte*/ )
-#define PSA_ITS_STORAGE_TEMP \
-    PSA_ITS_STORAGE_PREFIX "tempfile" PSA_ITS_STORAGE_SUFFIX
-static void psa_its_fill_filename( psa_storage_uid_t uid, char *filename )
-{
-    /* Break up the UID into two 32-bit pieces so as not to rely on
-     * long long support in snprintf. */
-    mbedtls_snprintf( filename, PSA_ITS_STORAGE_FILENAME_LENGTH,
-                      "%s" PSA_ITS_STORAGE_FILENAME_PATTERN "%s",
-                      PSA_ITS_STORAGE_PREFIX,
-                      (unsigned long) ( uid >> 32 ),
-                      (unsigned long) ( uid & 0xffffffff ),
-                      PSA_ITS_STORAGE_SUFFIX );
-}
-
-/* Maximum uid used by the test, recorded so that cleanup() can delete
- * all files. 0xffffffffffffffff is always cleaned up, so it does not
- * need to and should not be taken into account for uid_max. */
-static psa_storage_uid_t uid_max = 0;
-
-static void cleanup( void )
-{
-    /* Call remove() on all the files that a test might have created.
-     * We ignore the error if the file exists but remove() fails because
-     * it can't be checked portably (except by attempting to open the file
-     * first, which is needlessly slow and complicated here). A failure of
-     * remove() on an existing file is very unlikely anyway and would not
-     * have significant consequences other than perhaps failing the next
-     * test case. */
-    char filename[PSA_ITS_STORAGE_FILENAME_LENGTH];
-    psa_storage_uid_t uid;
-    for( uid = 0; uid < uid_max; uid++ )
-    {
-        psa_its_fill_filename( uid, filename );
-        (void) remove( filename );
-    }
-    psa_its_fill_filename( (psa_storage_uid_t)( -1 ), filename );
-    (void) remove( filename );
-    (void) remove( PSA_ITS_STORAGE_TEMP );
-    uid_max = 0;
-}
-
-static psa_status_t psa_its_set_wrap( psa_storage_uid_t uid,
-                                      uint32_t data_length,
-                                      const void *p_data,
-                                      psa_storage_create_flags_t create_flags )
-{
-    if( uid_max != (psa_storage_uid_t)( -1 ) && uid_max < uid )
-        uid_max = uid;
-    return( psa_its_set( uid, data_length, p_data, create_flags ) );
-}
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PSA_ITS_FILE_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void set_get_remove( int uid_arg, int flags_arg, data_t *data )
-{
-    psa_storage_uid_t uid = uid_arg;
-    uint32_t flags = flags_arg;
-    struct psa_storage_info_t info;
-    unsigned char *buffer = NULL;
-    size_t ret_len = 0;
-
-    ASSERT_ALLOC( buffer, data->len );
-
-    PSA_ASSERT( psa_its_set_wrap( uid, data->len, data->x, flags ) );
-
-    PSA_ASSERT( psa_its_get_info( uid, &info ) );
-    TEST_ASSERT( info.size == data->len );
-    TEST_ASSERT( info.flags == flags );
-    PSA_ASSERT( psa_its_get( uid, 0, data->len, buffer, &ret_len ) );
-    ASSERT_COMPARE( data->x, data->len, buffer, ret_len );
-
-    PSA_ASSERT( psa_its_remove( uid ) );
-
-exit:
-    mbedtls_free( buffer );
-    cleanup( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void set_overwrite( int uid_arg,
-                    int flags1_arg, data_t *data1,
-                    int flags2_arg, data_t *data2 )
-{
-    psa_storage_uid_t uid = uid_arg;
-    uint32_t flags1 = flags1_arg;
-    uint32_t flags2 = flags2_arg;
-    struct psa_storage_info_t info;
-    unsigned char *buffer = NULL;
-    size_t ret_len = 0;
-
-    ASSERT_ALLOC( buffer, MAX( data1->len, data2->len ) );
-
-    PSA_ASSERT( psa_its_set_wrap( uid, data1->len, data1->x, flags1 ) );
-    PSA_ASSERT( psa_its_get_info( uid, &info ) );
-    TEST_ASSERT( info.size == data1->len );
-    TEST_ASSERT( info.flags == flags1 );
-    PSA_ASSERT( psa_its_get( uid, 0, data1->len, buffer, &ret_len ) );
-    ASSERT_COMPARE( data1->x, data1->len, buffer, ret_len );
-
-    PSA_ASSERT( psa_its_set_wrap( uid, data2->len, data2->x, flags2 ) );
-    PSA_ASSERT( psa_its_get_info( uid, &info ) );
-    TEST_ASSERT( info.size == data2->len );
-    TEST_ASSERT( info.flags == flags2 );
-    ret_len = 0;
-    PSA_ASSERT( psa_its_get( uid, 0, data2->len, buffer, &ret_len ) );
-    ASSERT_COMPARE( data2->x, data2->len, buffer, ret_len );
-
-    PSA_ASSERT( psa_its_remove( uid ) );
-
-exit:
-    mbedtls_free( buffer );
-    cleanup( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void set_multiple( int first_id, int count )
-{
-    psa_storage_uid_t uid0 = first_id;
-    psa_storage_uid_t uid;
-    char stored[40];
-    char retrieved[40];
-    size_t ret_len = 0;
-
-    memset( stored, '.', sizeof( stored ) );
-    for( uid = uid0; uid < uid0 + count; uid++ )
-    {
-        mbedtls_snprintf( stored, sizeof( stored ),
-                          "Content of file 0x%08lx", (unsigned long) uid );
-        PSA_ASSERT( psa_its_set_wrap( uid, sizeof( stored ), stored, 0 ) );
-    }
-
-    for( uid = uid0; uid < uid0 + count; uid++ )
-    {
-        mbedtls_snprintf( stored, sizeof( stored ),
-                          "Content of file 0x%08lx", (unsigned long) uid );
-        PSA_ASSERT( psa_its_get( uid, 0, sizeof( stored ), retrieved, &ret_len ) );
-        ASSERT_COMPARE( retrieved, ret_len,
-                        stored, sizeof( stored ) );
-        PSA_ASSERT( psa_its_remove( uid ) );
-        TEST_ASSERT( psa_its_get( uid, 0, 0, NULL, NULL ) ==
-                     PSA_ERROR_DOES_NOT_EXIST );
-    }
-
-exit:
-    cleanup( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void nonexistent( int uid_arg, int create_and_remove )
-{
-    psa_storage_uid_t uid = uid_arg;
-    struct psa_storage_info_t info;
-
-    if( create_and_remove )
-    {
-        PSA_ASSERT( psa_its_set_wrap( uid, 0, NULL, 0 ) );
-        PSA_ASSERT( psa_its_remove( uid ) );
-    }
-
-    TEST_ASSERT( psa_its_remove( uid ) == PSA_ERROR_DOES_NOT_EXIST );
-    TEST_ASSERT( psa_its_get_info( uid, &info ) ==
-                 PSA_ERROR_DOES_NOT_EXIST );
-    TEST_ASSERT( psa_its_get( uid, 0, 0, NULL, NULL ) ==
-                 PSA_ERROR_DOES_NOT_EXIST );
-
-exit:
-    cleanup( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void get_at( int uid_arg, data_t *data,
-             int offset, int length_arg,
-             int expected_status )
-{
-    psa_storage_uid_t uid = uid_arg;
-    unsigned char *buffer = NULL;
-    psa_status_t status;
-    size_t length = length_arg >= 0 ? length_arg : 0;
-    unsigned char *trailer;
-    size_t i;
-    size_t ret_len = 0;
-
-    ASSERT_ALLOC( buffer, length + 16 );
-    trailer = buffer + length;
-    memset( trailer, '-', 16 );
-
-    PSA_ASSERT( psa_its_set_wrap( uid, data->len, data->x, 0 ) );
-
-    status = psa_its_get( uid, offset, length_arg, buffer, &ret_len );
-    TEST_ASSERT( status == (psa_status_t) expected_status );
-    if( status == PSA_SUCCESS )
-        ASSERT_COMPARE( data->x + offset, (size_t) length_arg,
-                        buffer, ret_len );
-    for( i = 0; i < 16; i++ )
-        TEST_ASSERT( trailer[i] == '-' );
-    PSA_ASSERT( psa_its_remove( uid ) );
-
-exit:
-    mbedtls_free( buffer );
-    cleanup( );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_rsa.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_rsa.data
deleted file mode 100644
index 30919f3..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_rsa.data
+++ /dev/null
@@ -1,615 +0,0 @@
-RSA parameter validation
-rsa_invalid_param:
-
-RSA PKCS1 Verify v1.5 CAVS #1
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
-# Good padding but wrong hash
-mbedtls_rsa_pkcs1_verify:"d6248c3e96b1a7e5fea978870fcc4c9786b4e5156e16b7faef4557d667f730b8bc4c784ef00c624df5309513c3a5de8ca94c2152e0459618666d3148092562ebc256ffca45b27fd2d63c68bd5e0a0aefbe496e9e63838a361b1db6fc272464f191490bf9c029643c49d2d9cd08833b8a70b4b3431f56fb1eb55ccd39e77a9c92":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd":MBEDTLS_ERR_RSA_VERIFY_FAILED
-
-RSA PKCS1 Verify v1.5 CAVS #2
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0
-
-RSA PKCS1 Verify v1.5 CAVS #3
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0
-
-RSA PKCS1 Verify v1.5 CAVS #4
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"867ac26e11a13b7ac34a42a1e177648692861226effb55bb597fbde10f299bf7fffd6fc8ddb2a46a73b97b67387a461b23e1d65dc119366286979add615b926b9272832fc0c058b946fc752dcffceca12233f4c63f7897cbaa08aa7e07cf02b5e7e3e5ece252bf2fe61d163bce84c0e0368454a98e9fdebf6edbd70b290d549b":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"3bb7b1c5f3391de4549e2e96fd33afa4d647dd90e321d9d576f3808e32213e948b697ef4fd2dd12923de6ec3ffd625078a57f86af38dc07052bb50547c616ed51fa1352b3ab66788408168d21263ef2d3388d567d2ce8cf674f45491ab2b0319d47be1266bda39e343b2a38ea2d6aaaee6c4465aee1d7bb33e93a1c40a8e3ae4":0
-
-RSA PKCS1 Verify v1.5 CAVS #5
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"cd810e97dc21095ea7a0238027a7bafd343e01444785ea9184a44a79f80438c41fc0b57aa95693407da38fe5ff0ec1398e03361e51a3dbe134b99cca2df0cef1c444ca54d2b7db2789455b6bb41918c24001fd82fc20ee089de3f34f053699c1c5f7954ce0aaabb9d26fce39d032894152229d98cf64ecafc7089530073c61d9":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"7b5fba70ec5b521638f182bcab39cec30b76e7bc017bdbd1059658a9a1db0969ab482dce32f3e9865952f0a0de0978272c951e3c015328ea3758f47029a379ab4200550fba58f11d51264878406fc717d5f7b72b3582946f16a7e5314a220881fc820f7d29949710273421533d8ac0a449dc6d0fd1a21c22444edd1c0d5b44d3":0
-
-RSA PKCS1 Verify v1.5 CAVS #6
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"44637d3b8de525fd589237bc81229c8966d3af24540850c24036330db8007e6d19a19486018b2b02074da590aaba9d2c8848c0a2d1b6de4dfaf24025b6393df9228008f83f13cc76a67cfbed77a6e3429342824a0b6a9b8dd884094acc6a54bbc8c8829930c52fe39ce5e0dcd02d9553ef899d26eb6cae0940b63584e2daeb3b":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"38fc4f6f0430bb3ea9f470a4c0f5cebdabac4dbeb3b9c99d4168e7b00f5eb294ec0ece1908eded1f3e14f1e69d10f9feb425bda0c998af945ef864298a60a675f0bb5c540a7be3f534d5faddff974eea8bffe182a44e2ee1f4f653e71967a11869ee1a850edb03cb44a340378cb7a1bc9616d3649b78002b390a05a7e54edec6":0
-
-RSA PKCS1 Verify v1.5 CAVS #7
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15
-# Bad padding after performing the public key operation
-mbedtls_rsa_pkcs1_verify:"d03f12276f6ba7545b8fce719471bd253791878809694e8754f3b389f26c9253a758ed28b4c62535a8d5702d7a778731d5759ff2b3b39b192db680e791632918b6093c0e8ca25c2bf756a07fde4144a37f769fe4054455a45cb8cefe4462e7a9a45ce71f2189b4fef01b47aee8585d44dc9d6fa627a3e5f08801871731f234cd":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"d93a878c1ce86571590b0e43794b3edb23552797c4b8c9e3da4fe1cc4ac0566acd3b10541fe9a7a79f5ea4892d3069ca6903efb5c40c47eb8a9c781eb4249281d40c3d96aae16da1bb4daaece6a26eca5f41c062b4124a64fc9d340cba5ab0d1f5affff6515a87f0933774fd4322d2fa497cd6f708a429ca56dcb1fd3db623d0":MBEDTLS_ERR_RSA_VERIFY_FAILED
-
-RSA PKCS1 Verify v1.5 CAVS #8
-depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"b2f2e6e09fd19b0a8c06447554d6a236c69e2b334017488881d8c02ab81d74cae0c64efd50a374998eeec162651975e637cb2ba594250c750a4943253f1db0613e4ce1d50f8e3e968a2a83bd6cb97455ab2ccc77071076b3e211ffb251bd4c1a738b88b2021c61c727c074ce933c054acbcbf4f0c362ec09af38de191686aebe":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"a853e67f928281d11506c9d39e5ea9b2d742782c663c37d0a7c9e9fe15379cde1e75d94adbfb1ca08691f320af4ff2b0a29a4d2ea10a20cb95d85f3dabac3d56cca9039c851d0181408c00b385fc82cafa4cfa7380d0c2c024fb83fec59d5ee591d63806dcb18b21ea440c3d3f12c1e7795eb15b7ce4c4b288d646cf1d34bdf1":0
-
-RSA PKCS1 Verify v1.5 CAVS #9
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"647586ba587b09aa555d1b8da4cdf5c6e777e08859379ca45789019f2041e708d97c4408d4d6943b11dd7ebe05c6b48a9b5f1b0079452cc484579acfa66a34c0cf3f0e7339b2dbd5f1339ef7937a8261547705a846885c43d8ef139a9c83f5604ea52b231176a821fb48c45ed45226f31ba7e8a94a69f6c65c39b7278bf3f08f":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"e27a90b644c3a11f234132d6727ada397774cd7fdf5eb0160a665ffccedabb8ae9e357966939a71c973e75e5ff771fb01a6483fcaf82f16dee65e6826121e2ae9c69d2c92387b33a641f397676776cde501e7314a9a4e76c0f4538edeea163e8de7bd21c93c298df748c6f5c26b7d03bfa3671f2a7488fe311309e8218a71171":0
-
-RSA PKCS1 Verify v1.5 CAVS #10
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"55013a489e09b6553262aab59fb041b49437b86d52876f8e5d5e405b77ca0ff6ce8ea2dd75c7b3b411cf4445d56233c5b0ff0e58c49128d81b4fedd295e172d225c451e13defb34b87b7aea6d6f0d20f5c55feb71d2a789fa31f3d9ff47896adc16bec5ce0c9dda3fde190e08ca2451c01ff3091449887695f96dac97ad6a30e":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"dd82b7be791c454fbbf6f1de47cbe585a687e4e8bbae0b6e2a77f8ca4efd06d71498f9a74b931bd59c377e71daf708a624c51303f377006c676487bad57f7067b09b7bb94a6189119ab8cf7321c321b2dc7df565bfbec833a28b86625fb5fd6a035d4ed79ff0f9aee9fa78935eec65069439ee449d7f5249cdae6fdd6d8c2a63":MBEDTLS_ERR_RSA_VERIFY_FAILED
-
-RSA PKCS1 Verify v1.5 CAVS #11
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"f4a990b8d434a5914340c0ca3ca4e4a70856c55e13e938c1f854e91cdef54c6107d6d682a62e6c1ff12b1c6178ee0b26b5d8ae5ee4043db4151465727f313e9e174d7c6961abe9cb86a21367a89e41b47267ac5ef3a6eceaaca5b19ae756b3904b97ec35aeb404dc2a2d0da373ba709a678d2728e7d72daae68d335cbf6c957d":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"d8ef7bdc0f111b1249d5ad6515b6fe37f2ff327f493832f1385c10e975c07b0266497716fcb84f5039cd60f5a050614fde27f354a6c45e8a7d74f9821e2f301500ac1953feafeb9d98cf88d2c928413f337813135c66abfc3dc7a4d80655d925bf96f21872ca2b3a2684b976ca768fe37feae20a69eeec3cc8f1de0db34b3462":0
-
-RSA PKCS1 Verify v1.5 CAVS #12
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"c81f04c79982971fa176d64e8f7f8812f86a94c49e84672ff10996a2d6dfc444a884c7a87c4606a1aab22558894ee59b798b457827f5ee0b0cadcd94371902cc4ddaf97acefed641997717bcb3cc74cd440f0a31e20fb95812cecb740c36d6d1bf07e3641514cfa678aff2a39562ff4d60e02b17583a92bf0c56d66bde9e09f8":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"52111f4798da3c11b3c74394358348ab0fc797bde99080f238d33a69b04b08ac2bd767b33872473943e23af27ca32fd568a43a8c7d6cc55b4fbb380212fdfcb60487e20694d4287e233efdf7b04737c0037a592d03077801828b051998c42b9f9e2420063331d5b2349918a64d8b65b21a2011ee7318fcef48aced95b8ddf501":0
-
-RSA PKCS1 Verify v1.5 CAVS #13
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"a97824871770b79da979a111f6decfb1dd11bd946cfa800b008f0ad5aea5aa92e205d27a46c31d4fe6cb909091bd21f082fb75074000ee46c2f3e530d77b34c7c5d6f8453025950d3e0afae1f9752655f5bbea8432e9f1014357ff11b08076179a101e4f9d3f25bffb5e656bf6afe6c97d7aa4740b5d9224cde4dede035a7768":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"d5dcd27c74e040ea86f106b63d3275fa7b7e98d2dd701f38ec15fc7301b72df127f6d3bd5571253a0b9e0e719d7d522893896941a1aeccc697912282b5308d829b91905b5dd7b7e1b8fe27e2bd4003b09dfe7fe295f8a43c076c0cb52f2aac067e87de7ffe3a275d21a870c3dfc9b1d06d7f018667de9eb187bdf53d282e5d8b":0
-
-RSA PKCS1 Verify v1.5 CAVS #14
-depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"4ce61930c79dc017c2dea0c5085d73a3b0e4a6f341e9a5061a6658af11e5edf95bdad915ac3619969e39bee15788a8de667f92f4efc84f35082d52d562aa74e12cc7f22d3425b58f5056d74afcf162cd44e65b9ee510ff91af094c3d2d42c3b088536d62a98f1c689edcf3ea3fc228d711c109d76ae83d82d6a34dcfbad563cf":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"27280b92eab5cbf0d787ff6fa6b0151d6610adfd25116113f2f186f3f8d39736d91ae510ec2bd96f2de135aefda79178138696dcc6d302e4a79ddabbe16e39ab96075776afce863e84a2e6013cb457e4047e22d43f67bf64ae5e1d844a7c12ac696efbb3cda7c0e0aca71f8a7ada9a0547bfaefe1ba2e04058c672c803720dd9":0
-
-RSA PKCS1 Verify v1.5 CAVS #15
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"224ecd3b630581da948216366c741015a9723c5ea43de67e28454d0a846f54a6df167a25cc500cf21f729aaefed6a71a3bdba438e12e20ad0c48396afe38568b70a3187f26098d6ac649a7c7ea68ed52748e7125225102216236a28f67753b077cfd8d9198b86b0b331027cb59b24b85fd92896e8f2ff5a1d11872c2e6af6ae2":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"1f7938b20a9cd8bb8ca26bad9e79ea92373174203f3ab212a06de34a9a3e14e102d19a8878c28a2fc8083a97c06b19c1ae62678289d5d071a904aed1d364655d9e2d16480a6fd18f4c8edf204844a34d573b1b988b82d495caefd9298c1635083e196a11f4a7df6a7e3cc4db7b9642e7682d22ec7038c3bad791e1365fe8836976092460e6df749dc032baf1e026684f55936beb9369845c53c3d217941c1f8d8f54a32333a4c049c3f2d527125778032f5d390040d1d4cce83dc353ce250152":0
-
-RSA PKCS1 Verify v1.5 CAVS #16
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"6ecc722d233dad1aca45e6bc3e1a0b99fb1f89c0ec63bc657e6aaacbf931f267106cff42b712819f341b1ede798964a0b1a5032c198b391111e88d0d7303c02e23fa0137e74e604579a285b2dbc0a23aebdda65c371eb403125bd366e822e72dceffe0d55dfa3155c16283020dc9abb0d150da1aef251484aa49e49e00974dac":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"339dce3a1937669d9fb14c4f652378861fd5adc4da88eaf833b16020b55a24ddc83b7ae3395a9a49b426bb9a4170cb765b02652faa9594b457aeefdae4f802e93d8e65c687ddc723701465a5ef19249ed5d2617b5121c58557b34eb99a663bbcf4453a6e1db5d88723de449fcf58ca8ef514daf08cfdc71be155bb3d0724df0c0a6fd5aa7737433cc376640b9b8b4c7ddd09776bae0245729cddb56e36f28edad6aecaed0821ec8d843a96348e722bf0a84cf060a793a2179f054138f907d0c3":0
-
-RSA PKCS1 Verify v1.5 CAVS #17
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"72f0b1ae27e1f5e5bfa15ded204c2c54b47b2420750a3eb5471f9ff98b67c8b5f1a30d3f8d6448562e12ce4deb33a26cfeeae993d6be9e20679d8713c5216870f11276e5f22b0ead2821a7b4dee106fc1e19b13fc9fba5d6e73e4bd93b65a9881a43d5e97ebfb0b357d5d06b21ddbecdbb10626d7748bb9e6e07d49316bbf3c4":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"8117a6897e14c183737661cf5741350a84ae00495cd9ee8fb033582e559f79701ab424706660515ee5821a69a6850647ec641676a625d1a3899932aaa52161fbc0c0a825db82fde0585b3c9b9c16de43e26da6a30fe5a601dae68bded1e29ec34557b5f6962efb10b9450d6f096655f68e8499cfa16a0adeb9075e7b91851fef84243132d08273d35d01ad89c17e1e6e4deaf1cb233050b275fa9d2cae57e9e1a0e23139267040aa39b6abd8f10fa1cec38ce2183573ddc11626fc262e1a0ced":0
-
-RSA PKCS1 Verify v1.5 CAVS #18
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"f80c94a2b53736978adf041886ad97ab2aeb9e91c08bd4eeef6b2f2b8dd75a99b4506657188bbd7597bd5759121630627c8bf9cc30d90dd488c7a81cabab5350a62fa30abf5523f305b98f2c2c1743ec980cf26ab8219bfd9505b981ab1abbfef733b384519d5259fc5c14577cb6b88fa7f6f332ff6a65b23faecc24342c78e9":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"6b49553ed964ae196a41ea281f4d2a250ce7d1e7434e45cf6a82f7bed17554f39c3f0241e0364702fcb87475eb0c0839ffd2180890fa05b4bbf31bbfa4bf5119dea0c9f88e1e9617fcdadabc6fa1945136cc66e039b905d78ed365c5806d38aec88b3edfb86c05ff446dbfd51d7cd75cbf8d3b85154c783765386f51637532221f52429db5612dcc034968bb8feab7dc6f5ed1f2feb557f6dd49c980296117be2c4195ec7b6101ea767df9d16a56fc9709b49308a54dab63dbc4d609f959ce17":0
-
-RSA PKCS1 Verify v1.5 CAVS #19
-depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"4eb97094bb42aaa58b040bd06a8f324396b9eca9e39359b7039c4a010434ee131a53aebd9f7a55ae58ea7444fa1505a3ec524e054fd408513cddc1ee4c2f7fd95ec4a6f594be1ba39fa1aa933dc0a5dafff5ce44509577ebb3a3e8084c44010aa27321e5a3f646ade99175633b795c0f570b360eeebeefaef15788f80b5cbecd":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"2b8b794a8621d492eec18a4efd239e0e077c89340a34b0fdbf467f2bf3112c7f33d00ee736f2988af8569c1a74891efbefa839e295fffdf4d908c1ede61a861a4d24b154a09d1b3f923fd2bb7906994cf82a97da285bf48e61f90cc3596f9350ab9b66a216ffca323195bb213f5a77fe8c697475595a1857dbee58128cbf1be7cb220229ce52766fefd88cc129ad5cbbdcd31fb4eede6c4fdd3193a9aaaa54362bcea4082981d9b7c40483814828f3297d95ad933c76f31c47e37a93ffaf0d4a":0
-
-RSA PKCS1 Verify v1.5 CAVS #20
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"a3edb0f52c6166d7b76e71634761f402337c3e9667549d00cd7877e6055396b35c54c4dffc4c987060178fc10b7e5e827a5c870057002ba6efd31fc4e63a429029be0d6b256b6b653775cb026322743f48e319d053c4aeac34077acb8e0c6c2ef375b2210f8788bd23d24eb0b614de41875b1c8ec56acf18825eaf826691be96":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"180630d2f4dc91ddb1159978e278cda7ac4b178e82477f9770c4d2e1c5017d2f222348658044c1be4cda24ce3c9ba3d423536a39bf60324c1b30eabdad700b0982e58072f7e18216e7e4c07e17674ec3eabcfbafce317d2f539f129902d80031ca201a8b325629a96ca4a70b51294c2fddd1d0aca1537d7d8b780e1e62d34be2f98104d876a4990396c8628e6498d9651f468bdf1139664eabe9166efbe909bf87d7305d5f60f1acc3599ed339fcf4e009fbad4059af1a50264cb0a4ec1d23f3":0
-
-RSA PKCS1 Verify v1.5 CAVS #21
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"ac58fd024208d7f045d81a56cd55aad40ab86b0d216ab55136c7027aca23ea13480a52c0dacce0d98139b25965aa4ff76a41dd92037195d24bc0750d52cb3467b48b7b3e71d852c5f82bd9ee85a8388ead5cd8bc38c3d4792e8daa9734a137d31963e245ad3217fad235f7dfd5584de0fe91c4526568588e08b60bdf1badd99f":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"a142b0d9456f8f4772675265a08613a66c416bd1ae712975c69d9ca5fb8c1be9c24359a04fd15460bf6136a8a11f13e3ce2de2171524f10cb715f0d71e3db15281ab99eadbe86cf8c5c518162c638ef27a4f7bfb4a1a3873f3c384a5b1c3b4966c837b9d8d192ac34e03943b7ae191355aa1ff3b9cd041bb2668f1f81cf0d015b3d3608cd9ac79398212c0f132f1bd45d47768b999fcf3c05fe2069593ceecedc851a7fc465abcfef0fabba9b9460153f6ba8723a5c6e766c83a446aef3ee327":MBEDTLS_ERR_RSA_VERIFY_FAILED
-
-RSA PKCS1 Verify v1.5 CAVS #22
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"027f767928a5821e2723d6f36c43e6b498b6f0b381852571794a096bd49f1c36a4d7bacec7ec402c24b970163169173bb930ec7fdc39bc9457dfc4ca051f5f28a64de1bbe007c22e8368ff9b117dbda17efd2fb73434bbbf5a4158df56813b8c904bb2e779de504dcd974a291568210d6f85810291606a1c0cd88d51ceadf98a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"0676e64daaa18f4af46e9dfbe234db389b8a527b0fe1db97eb7f404e3155226cba70d318800f83160fa1aa19916e5c09f079331079f18cb8ab1a4b884cb28501824974f683ed2b9babae9f8c15bea30802805c6b2152119764811bbf5f3994d2e97fa2fe8c5ab15a23c14d7ae56be00eaa8bc26678481ff5ba59b0acfb0e43341bff9fc638e5625480a73dbc5d8d13bd2b9e64037c6b79df0c60869980c6a22ec46f80fb859cb4ee5d2032ac1fe538cfd85c70a7f33b4af50a93395917c2cfb6":MBEDTLS_ERR_RSA_VERIFY_FAILED
-
-RSA PKCS1 Verify v1.5 CAVS #23
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"06dcd9d4c056b6a45b9ed2ae5f6c1cfa43aae06fe01ee098264aa7a80e901abbcf9a505e55f9a352ef0c078d48249b8298e57ea21bf0e423c3bf69002acfa541ca05007c704bc79cee7a80e1107c7b28d2b2aa6dd093b28efe9642519952a4a95ee49235f9924a0ac0aee5b2a1bce47459d70cd6e75074614199dca44561407c":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"5e08f399258e6de075b67a0a6a822ceb21b1eb7a0342eca6a4295739f644547dee3456243cf32bd6ea6f357c88632508457130f3dae04f7806efaed43d1d501e16c961dfbd6c71a42b480e95c7027f8275063d05a9aac3eef0520867b9896ebe8ec358f7d121beb4e61ddfdc3dcd835dfe265f2ba68d300ef566ed1284f9f3d7b1af363ed47bfa2e5f0492925444df7e5fcb1e79e690c746117650b543a5e82c39553552f0f44e617b5cf773c533050f4129e893ac22af69b1eb9afb4b5ba5f5":0
-
-RSA PKCS1 Verify v1.5 CAVS #24
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"1240028c6d7ab3992ada0e5ca55ee4f3d62f8de575302d5861d73685423c2e6a6d6fb3be090fbc2a701821b6d8fd5e8233f794b6549cd0bb52b390ac31478307bffa91a9bd9c1bf93ffc846356fef008ebee4bb3ee148e0fb1893d188e4934d0d088a433d14a596c5f2e3e49648a22edc6bdbcc58dc1edbd440046b3a169ca2b":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"a003ae9cf0704d58763b214f20446ecc4099c566f25384e28d0dd6540c58705fc8d0bfe1ceaa06096ed1e230146edb82056e39e6727abec09f25e44079b6ce1ca2c6a540dec7aa34444d7d435f41e5fca9b0bba62759ae2780638e5160e031bb60409c2e85674ac7a776b444b37b9d7f4dbaa557e88b8562a584f2dbe90729b241aede95dfcc7e05b10deef06255cb89f0e7ccff23354818756a1f8bb9f00fd18f6cd22ca1b4bfc38027562bb37562c77c7883b5d735170d75521195fd3f2bd3":0
-
-RSA PKCS1 Verify v1.5 CAVS #25
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"67922a8b9cbc95cf7c555ff2d73cfc62ee04c3f0df9bfc8f64293a58bd3bebd2eb212d711f94e35c729d0873d6b244914d21bd0e59b23089b38740e43f480e8f407d090ac93b08a57403968b55e78cfe31eee6e4ecbacf834168fe89b6b8454fce6e675e80f82b33e850ae3f3d24fd320335e37981fd000576941b4f08d4ba99":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"2c6b301852cc55a993a933e2c080eb9dabfe19e9dc3571066caeabed1492d3501cd838de1c01784932df7a5ad5bbfb48c78f53a45f76e9812d046f23bd968495ef7e981e5add4acfc538fe33a5205de74bb37d3d9b6b87b2d174e85a73f216fd67d5738fc469dff7ea6b852e8dd08bc8df036597372d4d51185e6f47a45fbe1b9bdb06a4018783425ec95294de41f27235ad3b3263a890b8b62b17410a9bb08673393ff205a866ee2057e99c6517c6bbc84f8d87717b83d6f64de7ee215e1e8d":0
-
-RSA PKCS1 Verify v1.5 CAVS #26
-depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"1428b4a449698a994ef84c46a517c3aa6359c48e4264ef65f1f69d77ae26133e17edfc103de416fffb4f2bfe865b434544a418f6e2faca00a165d443f0663ff64080154614f7194057d8b5f1f33934cc9fc2314cf86d4fdad4892bf0d3058f7f37ebe98ef52bfb240b9ad369153afe081bbcf9d7ae43e8ba336b8ac57e8a6da0":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"8e10a1ae470e6e57a8d234185f78fdb600cc636c41565a9f3694a84ae102f6251984f54d11a7785fdcfdfaf80a821e05d57ef6b8edc03d9076755779322fd53eb98c805da77dc9316744e393c2fecd291a7e6043b1ca89fd8248f661e1d53110211b91edb41b31e848cde1115d8afd9963ebcc36aff5a27085949f0781bc69167c140ecfe71c44aacaf4123e557eaf2b528c6d0ea875b4ceefa942fe338af8df10562c438af04cd7521da912b3e3899cef0d75722161be6abed5e4e9009dbf40":0
-
-RSA PKCS1 Verify v1.5 CAVS #27
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"4871adc05f6b3ecf296680b0dd8d86715b0d5264c064008037dc410512520b5f193c8f4d21eb6c42e10d220c0275c9b3751f03a4096e2f0e3db9df8d52068c06a51589d23ca1361e9fe27691e95663301ec1407fbf73aee99cc92362eaf6994b95038396d815052a0aef6489bbb7bcb0fffdf13f0af9e7d9fd14f6ce00ab98f7":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"11":"180caf03781b391aacebe5b3f5e1d3b01c68a00df4ecfb6c4bf14217aed7cfca0adac099ec1d6e1f0b43b09b86788533fee6691d773807af0df6cc3bbdde3cf34bf5b848fa59c8bc10227cc3eba3452a85e0520fccdb2d8d32dd99672d302756a2d7f7f2693db3a48be17bd34d9d891f4ba44449c5bad1de91b788f524500a7703cccbaa77b9fe8791f5c8aa7b8f055336f28fcfc01733712e33cfb3d33fe71ddb9ced2a31931ec38007f5ad4a0d19acc428124b0e5ee6e0746fb33c1a4d90c8":0
-
-RSA PKCS1 Verify v1.5 CAVS #28
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"3bba64de38438a71b95ab9c94539d5870c1fb08d7a9937600c00e9d063438edc97e625d0cd4b1eb00c31c9d94c7a0fe6d03160d1b6cbec5acdad16ada6ef253fee603df9faca8f98a477cc5456f3dfbf6414dbf19f3832e227ce291780188881e82e96a2e84744f12a34a9808a2daedc6fd00b345c6772bec26a095719451e6a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"11":"8c846e75e32ce5f9964bdd8f6dcf1d2996a646b233bcf1bd6394e13e856691b89bedd18290a0f9f7c90dca307271b3108e795340490513b25e6789e93722c65ec064b4c43457295a31d1f07dd605e133fd6eaafc58cda132df2939f5f693e0205af34550afaa137f3e482885e50dfb48333a15c0821e7a19642acdddc6fea3c7487c691246a2b083dac439889d5ae741b7e08c47937530b4b069f1a260cd07fe4a0ddd530ab11534fb805e9b562118ee0e97932966008aadfc83f3b8a10de8ee":0
-
-RSA PKCS1 Verify v1.5 CAVS #29
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"f7857ce04bf4292ea1755f9e587822372f4dcdf10bddfc0ff498a8af60ae94a0b482e873085c1cd52a5d181ce6b99a1f8520d74b947d65f3e7e358e8ddc4ac4ae465e39d408eee1f09865159733f83f553cd93cfde1c114fb3e32cf51cd418359016b3867df467b645d752808671a4609f3c49a67023c9ca617e6cffa544a10a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"11":"9677300bbee003be3c445634f8ed5beb152b63f46f84cf5a8e721e0fafe8f3f7e99a6d50741f23f449d3026da3e8a7ac36be99ab44831803486ae552f7aa01f075287829b231d2d0840908e09081ae177ed888fe46a9d937a0871eb5d52ec541c8411c4cbf7efea6ca213b12cea513b0739eedca7c9473e10a7796936f4eaa0c5d3a9013ca5536781ac68eb2ca5779144de23da2e9875114aca885b3219dfc292d73940c5992ea3c4882889e7543430652860e441a01a45d9f4005a012421493":0
-
-RSA PKCS1 Verify v1.5 CAVS #30
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"ca312774f2756ac2019f213a01a63c9a0b4a49ccafecf25e97a4c632668e3c77e664f4d7635241f25205e50c37061b02c546db8346fa597c3da8cfd44a827c5a4ff4ecfcd1797b39a1b215d9bbb93fdb6eb35bafbda427a5068888a6e19f86224b0897490491207e35ce39085668b10b4fb851b7dd9465c03869790ef38a61b5":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"a202c33eb831b9d8e818b6c3bcdb42818e1d9c22a06ddd73a17a21e49d18cda44df349a066477cae068e1a5d2b518b0885e889ef796ca9e6f42a69ac755b8a6405fbaef93fe0130d98de35d689addfee3eecd26658903f774bda481c3f40ee0e9569a3c3e2da7ad576c7de82159d933e36fa29cfef99367005e34ab5082d80f48276d37dabc88dbb023bd01585329d2ccf417f78ec508aaa29751007d31f1669296b981d44c8fa99130c5df7a071725b496859314aaf9baf0ebc780355914249":MBEDTLS_ERR_RSA_VERIFY_FAILED
-
-RSA PKCS1 Verify v1.5 CAVS #31
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"2abe079077290ceb6c80ac5c61062ce8da814b1fb99a1a9fb2860ed900e6541856ec64bf19c0d9d1cc2280b7cc50af3e3d2ad8e044945d44761ca60891dd72bd6aa26a33274ffcf7ae7d661b5e651135fcff21aaf06b4a2db18fe5827e0243884f2841760b9f1c65fbda870f7f0cfbd6ff484f0825e688614928f2d12d1e7080":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"402631f3cddfb02cc4d9cb58ef1ab6726bd787a50e12e98567c9702bfdf47af85904aec5a2f6c5df9a10f08f90f93728eb090ae2ac21ded9f38faecd8195f3eb3d4107521b1cee956e7a214245b038adae912fa35ec97cb3bdc41352e8aaff80173561284cb740f999a3cd6653a6c3d5a3f911a416f41e2155083982c99eb5998a0a74d77f1ae999d901ee24a7f2c424179a3f92b07dc0b3498c1884e60677bee0175e810b426c4ad008d2743cd19b00b33177bf8be3fed7f7406e1bce0c2ea3":MBEDTLS_ERR_RSA_VERIFY_FAILED
-
-RSA PKCS1 Verify v1.5 CAVS #32
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"da9505809dc92cfd8e01a1857dde52df6677c40d98f4577c1659ca7d3e9f01f9a809065f51b54fe2f9723fe2c9d1eea7397f2d5531d1c51c6ea100b028596bf9f24dd90be14eab58f07b4f24a35b073aeb29ecde4a6f320237d7adbdc43d94f87e08866b95bbcac83dc7db3553a42400441f088e2bf6259539a2da8b5a74065f":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"11":"57edd0560df9840a25c28ff6d254e432395a5cd2d92248b3b44d7eab0fc65b3c4e545a916a8e90ce89745119db9ec9799aa8890f5250fb589cfc12dac1b6e406a39bc3b3663892da5354ba453cbd5e4c89bdce82d0ffe97052a03a5c3308819c1139ebc780c13cf6dc1477faf734abcb1db3fafaed6f22885c9c0222ff5deacb8cc6d027f2e959c3075011b382e88c4b27b83b4f2e6fda022e331c3602d19f5ac7bccfe95ea1e93d736dbd918ae5b1f468cd0b5b536a2f918d5e27a0757e75b7":0
-
-RSA PKCS1 Verify v1.5 CAVS #33
-depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"d0cd038c65b3acca45822eaf91ea5176e82043268876dec0b62e2abd619023b7023abc67c6b823cfef5447b8772f985ff7910d6cc87e6c23688ac6de1fee40bbe2da1a92770de92adaa427ace02fee571a0a0176fceb0c8f3eb72dde839ab201395625f5c0db8641ce19d7711212dec61733262c6ce4476c025e67a3d5bc01f3":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"11":"2f30629c1117d013bb36e6099dee931dcaf0a1032b07ec23e2b262898a8945e569c9573d81e22bb0a5f8a28b0d7b8ff01367dd7f089c68ed1daa11cf53a96ee91b38e6b839b6e90bea34d14b78f5d2c7629b68c5b4f2ecfff66b483b2233cb14f95df533c867a2b610aebcdbb7ea3109aaf2f5762ab3edc2571deccc7da0c9a5b443ca2b924c0f18de7bbb736a08fed3916795018a436a3ae62c85d554a53a6d48623908e06e7d275f4251d3b3bd530bd11e155dcf2b5c2adf030cdf931ae749":MBEDTLS_ERR_RSA_VERIFY_FAILED
-
-RSA PKCS1 Verify v1.5 CAVS #34
-depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"11":"0b4d96f411c727a262d6d0ade34195b78603551061917d060f89add47b09dfe8715f4f9147d327dc25e91fe457e5d1a2f22cd8fe6fe8e29d2060658307c87a40640650fef3d4b289a6c3febc5a100b29a8b56623afb29fd3c13ea372bf3c638c1db25f8bd8c74c821beec7b5affcace1d05d056a6c2d3035926c7a268df4751a54bc20a6b8cfd729a7cba309ae817daccbef9950a482cf23950a8ca1d3a13ddb7d8d0f87ad5587d4d9ebe19fe93457597a7bdd056c2fd4cea7d31e4a0e595a7b":0
-
-RSA PKCS1 Verify v1.5 padding too short
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"AABBCC03020100FFFFFFFFFF1122330A0B0CCCDDDDDDDDDD":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:16:"9292758453063D803DD603D5E777D7888ED1D5BF35786190FA2F23EBC0848AEADDA92CA6C3D80B32C4D109BE0F36D6AE7130B9CED7ACDF54CFC7555AC14EEBAB93A89813FBF3C4F8066D2D800F7C38A81AE31942917403FF4946B0A83D3D3E05EE57C6F5F5606FB5D4BC6CD34EE0801A5E94BB77B07507233A0BC7BAC8F90F79":16:"10001":"6edd56f397d9bc6d176bbe3d80946fc352ad6127b85b1d67d849c0a38cbde7222c5fafbb18dcef791178a8e15f5c8cd91869f8ca4b758c46ce3e229bf666d2e3e296544351bcb5db7e0004f6c0800f76a432071297e405759d4324d1cf1c412758be93a39f834e03dee59e28ac571ce2b0b3c8fe639979f516223b54027340a5":MBEDTLS_ERR_RSA_VERIFY_FAILED
-
-# The following tests check whether the use of reduced length encodings (as mandated for DER in contrast to BER) is enforced in
-# the verification of PKCS1 v1.5 signatures - this is relevant to prevent Bleichenbacher signature forgery attacks.
-# The test data has been generated by signing a test file using `programs/pkey/rsa_sign` after making modifications
-# to `mbedtls_rsa_rsassa_pkcs1_v15_encode` to force the use of non-reduced encodings in different places as indicated in the respective tests.
-# See the documentation of `mbedtls_rsa_rsassa_pkcs1_v15_encode` for the layout of the relevant ASN.1 structure.
-# Correct signature with DER-compliant reduced length encodings
-RSA PKCS1 Verify v1.5 reduced length encoding
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":16:"10001":"5B56096ECADA4DAC299FD3D6091C1BE4D7C4210086E61ADA6FFC267A690034DAFB3734035880B9E71CEB0331C32C8DE1A254D777DFE3C848AC7764907602452EC16FD8EB3664E2E682DB3AA8979059BFADFE6192D9029844C8CAF310552717DD5B5B36A9910CFABE5C54AC16F3A3461DEE730060981BD9B47EE8D6644963B7CA":0
-
-# Non-reduced 1-byte length encoding in `DigestInfo` ASN.1 element
-RSA PKCS1 Verify v1.5 non-reduced length encoding #1
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":16:"10001":"2FCF7FC1B60B3C083872B1BD9C666745921951A8A9E099FD629675F620B670713519C4A97B870591B97FE5C5DB2FC2A0A3FCB0016536D1205AA32BA8BFCF54ABD542C02F7FCEA3C3531D7A87C82ED5B151A9599F1BDB070A905F5B721DE3C22F8AC35034C607920CE0699D7F79E5913915F3A01856B5D30F9E68F0CD7856D40F":MBEDTLS_ERR_RSA_VERIFY_FAILED
-
-# Non-reduced 2-byte length encoding for `digestAlgorithm` ASN.1 element
-RSA PKCS1 Verify v1.5 non-reduced length encoding #2
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":16:"10001":"3C27512A8FDC973D856C0F288BE27D00D54FC0B359C520DA73A05156D98CDD6A83E6657BFA81D7B9716EEDFD98C08CD82F399298782782AE341D9AABCBB6B5F9C6552DE1D8B93047E1135032653F4F65A8937352E903864E008429E049680E3AA80F5DE1C7408C403011CEF4A3ECA549C027C8954BFBCA21F2A41C3EB0278029":MBEDTLS_ERR_RSA_VERIFY_FAILED
-
-# Non-reduced 3-byte length encoding for optional parameters in `digestAlgorithm` ASN.1 element
-RSA PKCS1 Verify v1.5 non-reduced length encoding #3
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":16:"10001":"24BEB8502F24E0D11D9C10CEE4435EA972CEC93C23936E815ED2DF41BECEDDE889AF85BBEAF1B8C6928913AC523EA1D6653832E9D4E74F55B76771EA84F5A607342C341A14AB258019F38DBAEE4B967C8C8D26D6AF2583D32988471BA38751B6A67BA3D1147619C266A9AAC34244740BB59CD9DB3AFF19438B04C619AB719123":MBEDTLS_ERR_RSA_VERIFY_FAILED
-
-# Non-reduced 4-byte length encoding in `digest` ASN.1 element
-RSA PKCS1 Verify v1.5 non-reduced length encoding #4
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":16:"10001":"13172EF7362CF421103FE1893429FAE85F83636BA8AF545252599A39892E62CEC317DC47C1D6B19328B63CDFD02FA0B49CE7980504635251FF08C0A1308C64D6466DFBF1EF2BA49EFDD6C2C888A30870EC2DC0FA4D67FDE6631C85ED2CEF8EEBF5578C974CBA4A04034D9B579B420D6CA93E4BFC09E014542A0EFB902AF90C5E":MBEDTLS_ERR_RSA_VERIFY_FAILED
-
-# Non-reduced 3-byte length encoding for OID in `digestAlgorithm` ASN.1 element
-RSA PKCS1 Verify v1.5 non-reduced length encoding #5
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":16:"10001":"65DD518F63A2E289C035E9F2A9927BF5A6A74FF6FEFFF61AFCC52ED4A8A5B93534A3AD1709136306EE1379B47A4863BC6ED879E92CD6F99AA5B5F106102BDAE8DAFB15CF6EF00CB5FA63967706528DEE8876F3D04E8D75533009C73DA4C5744D20FFDB18EA78EE4D5D9D6F7BD3AFC2AD9A0EDDD56AA40AAEF789E6FB12AB6DE7":MBEDTLS_ERR_RSA_VERIFY_FAILED
-
-RSA PKCS1 Sign #1 (SHA512, 1536 bits RSA)
-depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:16:"c8c67df894c882045ede26a9008ab09ea0672077d7bc71d412511cd93981ddde8f91b967da404056c39f105f7f239abdaff92923859920f6299e82b95bd5b8c959948f4a035cbd693ad83014294d349813d1ad57911a6355d0731fe3a034e9db":16:"f15147d0e7c04a1e3f37adde802cdc610999bf7ab0088434aaeda0c0ab3910b14d2ce56cb66bffd97552195fae8b061077e03920814d8b9cfb5a3958b3a82c2a7fc97e55db5978b47a922156eb8a3e55c06a54a45d1670abdfb995489c4d0051":16:"bd429bb7c3b00bbea19ba664c0f8172d1a73c3cfa05e2ed656d570c1590918bb7e372ed25e2cd71395ba0a9b1a30f3ee012ffb0546cab8e3581fe3e23f44ab57a8aee9717e71a936a580fa8572d450fb00339a6f6704b717df0c149a465bab768c61500cd93b61113ff3e4389167f7b2c8e3c0da2d4765286bee555b0bcb4998f59b14fad03180a17c8b4f69bcd1234f4ae85950137665ac2ba80b55cc9b1aafb454b83771aa755acd2a00e93ddb65e696dbed8bdca69fb5e0c5c2097b9cfe4b":16:"3":"93b6fa99485c116ca6efdd4202ea1cf49f4c6345fae692584413743ce5b65510e8e4690aee9a19ea1ff10d57f22aa3548d839f28a8525a34354e9e58e0f3947e056ce2554e21bf287e220b98db3b551258cd42b495e5d1a3bbc83c9d1a02f2a300ef6d866ea75108e44ebb3e16b47df2f6de28feb2be3874dbbf21599451082d86e9f2f462575a8185c69aa1f1fcb6a363c5d71aeba2103449eaf3845285291148d5f78d1646b8dc95cbcc4082f987d948b0e7d4e80b60595f8a7517584e1643":0
-
-RSA PKCS1 Sign #1 Verify
-depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:16:"bd429bb7c3b00bbea19ba664c0f8172d1a73c3cfa05e2ed656d570c1590918bb7e372ed25e2cd71395ba0a9b1a30f3ee012ffb0546cab8e3581fe3e23f44ab57a8aee9717e71a936a580fa8572d450fb00339a6f6704b717df0c149a465bab768c61500cd93b61113ff3e4389167f7b2c8e3c0da2d4765286bee555b0bcb4998f59b14fad03180a17c8b4f69bcd1234f4ae85950137665ac2ba80b55cc9b1aafb454b83771aa755acd2a00e93ddb65e696dbed8bdca69fb5e0c5c2097b9cfe4b":16:"3":"93b6fa99485c116ca6efdd4202ea1cf49f4c6345fae692584413743ce5b65510e8e4690aee9a19ea1ff10d57f22aa3548d839f28a8525a34354e9e58e0f3947e056ce2554e21bf287e220b98db3b551258cd42b495e5d1a3bbc83c9d1a02f2a300ef6d866ea75108e44ebb3e16b47df2f6de28feb2be3874dbbf21599451082d86e9f2f462575a8185c69aa1f1fcb6a363c5d71aeba2103449eaf3845285291148d5f78d1646b8dc95cbcc4082f987d948b0e7d4e80b60595f8a7517584e1643":0
-
-RSA PKCS1 Sign #2 (SHA256, 2048 bits RSA)
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc7287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd762d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed":0
-
-RSA PKCS1 Sign #2 Verify
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc7287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd762d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed":0
-
-RSA PKCS1 Sign #2 Verify (Fail)
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc6287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd763d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed":MBEDTLS_ERR_RSA_VERIFY_FAILED
-
-RSA PKCS1 Sign #3 (SHA224, 2048 bits RSA)
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b":0
-
-RSA PKCS1 Sign #3 Verify
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b":0
-
-RSA PKCS1 Sign #4 (SHA384, 2048 bits RSA)
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8":0
-
-RSA PKCS1 Sign #4 Verify
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8":0
-
-RSA PKCS1 Sign #5 (MD2, 2048 bits RSA)
-depends_on:MBEDTLS_MD2_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD2:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"6cbb0e4019d64dd5cd2d48fa43446e5cba1a7edbb79d91b199be75c7d3e7ae0820c44d3a120cd2910f73cbb315e15963a60ea7da3452015d9d6beb5ac998fddbd1fa3e5908abc9151f3ffb70365aaee6fb0cd440d3f5591868fc136fae38ac7bcdb3bde3c6a0362dd8b814f7edadd4a51b2edf2227a40d1e34c29f608add7746731425858eb93661c633b7a90942fca3cd594ab4ec170052d44105643518020782e76235def34d014135bad8daed590200482325c3416c3d66417e80d9f9c6322a54683638247b577445ecd0be2765ce96c4ee45213204026dfba24d5ee89e1ea75538ba39f7149a5ac0fc12d7c53cbc12481d4a8e2d410ec633d800ad4b4304":0
-
-RSA PKCS1 Sign #5 Verify
-depends_on:MBEDTLS_MD2_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD2:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"6cbb0e4019d64dd5cd2d48fa43446e5cba1a7edbb79d91b199be75c7d3e7ae0820c44d3a120cd2910f73cbb315e15963a60ea7da3452015d9d6beb5ac998fddbd1fa3e5908abc9151f3ffb70365aaee6fb0cd440d3f5591868fc136fae38ac7bcdb3bde3c6a0362dd8b814f7edadd4a51b2edf2227a40d1e34c29f608add7746731425858eb93661c633b7a90942fca3cd594ab4ec170052d44105643518020782e76235def34d014135bad8daed590200482325c3416c3d66417e80d9f9c6322a54683638247b577445ecd0be2765ce96c4ee45213204026dfba24d5ee89e1ea75538ba39f7149a5ac0fc12d7c53cbc12481d4a8e2d410ec633d800ad4b4304":0
-
-RSA PKCS1 Sign #6 (MD4, 2048 bits RSA)
-depends_on:MBEDTLS_MD4_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD4:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"b0e60dc4dfaf0f636a3a4414eae2d7bce7c3ce505a46e38f3f654d8769b31b7891ba18f89672fce204bbac6e3764355e65447c087994731cd44f086710e79e8c3ebc6e2cb61edc5d3e05848ab733d95efe2d0252a691e810c17fa57fd2dd296374c9ba17fea704685677f45d668a386c8ca433fbbb56d3bbfb43a489ed9518b1c9ab13ce497a1cec91467453bfe533145a31a095c2de541255141768ccc6fdff3fc790b5050f1122c93c3044a9346947e1b23e8125bf7edbf38c64a4286dfc1b829e983db3117959a2559a8ef97687ab673e231be213d88edc632637b58cdb2d69c51fbf6bf894cff319216718b1e696f75cd4366f53dc2e28b2a00017984207":0
-
-RSA PKCS1 Sign #6 Verify
-depends_on:MBEDTLS_MD4_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD4:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"b0e60dc4dfaf0f636a3a4414eae2d7bce7c3ce505a46e38f3f654d8769b31b7891ba18f89672fce204bbac6e3764355e65447c087994731cd44f086710e79e8c3ebc6e2cb61edc5d3e05848ab733d95efe2d0252a691e810c17fa57fd2dd296374c9ba17fea704685677f45d668a386c8ca433fbbb56d3bbfb43a489ed9518b1c9ab13ce497a1cec91467453bfe533145a31a095c2de541255141768ccc6fdff3fc790b5050f1122c93c3044a9346947e1b23e8125bf7edbf38c64a4286dfc1b829e983db3117959a2559a8ef97687ab673e231be213d88edc632637b58cdb2d69c51fbf6bf894cff319216718b1e696f75cd4366f53dc2e28b2a00017984207":0
-
-RSA PKCS1 Sign #7 (MD5, 2048 bits RSA)
-depends_on:MBEDTLS_MD5_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD5:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":0
-
-RSA PKCS1 Sign #7 Verify
-depends_on:MBEDTLS_MD5_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD5:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":0
-
-RSA PKCS1 Sign #8 (RAW, 2048 bits RSA)
-depends_on:MBEDTLS_PKCS1_V15
-rsa_pkcs1_sign_raw:"1234567890deadbeef":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8"
-
-RSA PKCS1 Sign #8 Verify
-depends_on:MBEDTLS_PKCS1_V15
-rsa_pkcs1_verify_raw:"1234567890deadbeef":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":0
-
-RSA PKCS1 Sign #8 Verify (Wrong raw hash)
-depends_on:MBEDTLS_PKCS1_V15
-rsa_pkcs1_verify_raw:"1234567890deadcafe":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_VERIFY_FAILED
-
-RSA PKCS1 Sign #9 (Invalid Digest type)
-depends_on:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:255:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSA PKCS1 Sign #9 Verify (Invalid Digest type)
-depends_on:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:255:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSA PKCS1 Sign #10 (RIPEMD160, 2048 bits RSA)
-depends_on:MBEDTLS_RIPEMD160_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_sign:"616263":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_RIPEMD160:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"aa2d9f88334d61bed74317ba549b1463600a9219801240cca5c11b9cdda29373172a28151313fb2cf73bb68af167e4ec645b6f065028802afbcfbc10e6c2c824e3c4d50c7181193b93734832170f0c5d3dd9ba5808f0e2a5c16b3d0df90defefef8e8fde5906962d42a2f0d62d7f81977f367f436f10c8b1183ccf6676953f7219445938f725d0cb62efbabf092de531642863b381e2694f2bf544ff6a4fefa7b37cdbf6292dbedcacf6e57d6f206ce5df0fd2771f9f64818f59a0ab7a5f003b368dc3eb51ab9409a0ec4e43f45281ee9a560664de88965ab207e256303d9dcb8233ed6ad0a5ad7f81e2f8c7a196dc81e2c8b6dde8a77fb6cfd1e5477ece9df8":0
-
-RSA PKCS1 Verify #10 (RIPEMD160, 2048 bits RSA)
-depends_on:MBEDTLS_RIPEMD160_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"616263":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_RIPEMD160:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"aa2d9f88334d61bed74317ba549b1463600a9219801240cca5c11b9cdda29373172a28151313fb2cf73bb68af167e4ec645b6f065028802afbcfbc10e6c2c824e3c4d50c7181193b93734832170f0c5d3dd9ba5808f0e2a5c16b3d0df90defefef8e8fde5906962d42a2f0d62d7f81977f367f436f10c8b1183ccf6676953f7219445938f725d0cb62efbabf092de531642863b381e2694f2bf544ff6a4fefa7b37cdbf6292dbedcacf6e57d6f206ce5df0fd2771f9f64818f59a0ab7a5f003b368dc3eb51ab9409a0ec4e43f45281ee9a560664de88965ab207e256303d9dcb8233ed6ad0a5ad7f81e2f8c7a196dc81e2c8b6dde8a77fb6cfd1e5477ece9df8":0
-
-RSA PKCS1 Encrypt #1
-depends_on:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_encrypt:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"b0c0b193ba4a5b4502bfacd1a9c2697da5510f3e3ab7274cf404418afd2c62c89b98d83bbc21c8c1bf1afe6d8bf40425e053e9c03e03a3be0edbe1eda073fade1cc286cc0305a493d98fe795634c3cad7feb513edb742d66d910c87d07f6b0055c3488bb262b5fd1ce8747af64801fb39d2d3a3e57086ffe55ab8d0a2ca86975629a0f85767a4990c532a7c2dab1647997ebb234d0b28a0008bfebfc905e7ba5b30b60566a5e0190417465efdbf549934b8f0c5c9f36b7c5b6373a47ae553ced0608a161b1b70dfa509375cf7a3598223a6d7b7a1d1a06ac74d345a9bb7c0e44c8388858a4f1d8115f2bd769ffa69020385fa286302c80e950f9e2751308666c":0
-
-RSA PKCS1 Decrypt #1 (Verify)
-depends_on:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_decrypt:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":32:"4E636AF98E40F3ADCFCCB698F4E80B9F":0
-
-RSA PKCS1 Encrypt #2 (Data too large)
-depends_on:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_encrypt:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSA PKCS1 Decrypt #2 (Data too small)
-depends_on:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_decrypt:"deadbeafcafedeadbeeffedcba9876":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":32:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-RSA PKCS1 Decrypt #4 (Output buffer too small)
-depends_on:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_decrypt:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":15:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE
-
-RSA Check empty private key
-rsa_check_privkey_null:
-
-RSA Check Private key #1 (Correct)
-mbedtls_rsa_check_privkey:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":0
-
-RSA Check Private key #2 (No P)
-mbedtls_rsa_check_privkey:2048:16:"":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Check Private key #3 (No Q)
-mbedtls_rsa_check_privkey:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Check Private key #4 (No N)
-mbedtls_rsa_check_privkey:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Check Private key #5 (No E)
-mbedtls_rsa_check_privkey:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Check Private key #6 (No D)
-mbedtls_rsa_check_privkey:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Check Private key #7 (No DP)
-depends_on:!MBEDTLS_RSA_NO_CRT
-mbedtls_rsa_check_privkey:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Check Private key #8 (No DQ)
-depends_on:!MBEDTLS_RSA_NO_CRT
-mbedtls_rsa_check_privkey:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Check Private key #9 (No QP)
-depends_on:!MBEDTLS_RSA_NO_CRT
-mbedtls_rsa_check_privkey:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Check Private key #10 (Incorrect)
-mbedtls_rsa_check_privkey:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCC":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Check Public key #1 (Correct)
-mbedtls_rsa_check_pubkey:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":0
-
-RSA Check Public key #2 (Even N)
-mbedtls_rsa_check_pubkey:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a20340":16:"3":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Check Public key #3 (Even E)
-mbedtls_rsa_check_pubkey:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a20340":16:"65536":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Check Public key #4 (N exactly 128 bits)
-mbedtls_rsa_check_pubkey:16:"fedcba9876543210deadbeefcafe4321":16:"3":0
-
-RSA Check Public key #5 (N smaller than 128 bits)
-mbedtls_rsa_check_pubkey:16:"7edcba9876543210deadbeefcafe4321":16:"3":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Check Public key #6 (N exactly 8192 bits)
-depends_on:MBEDTLS_MPI_MAX_SIZE>=1024
-mbedtls_rsa_check_pubkey:16:"88F48075BF29E95C1C6AE8716678B74E957B69CC2E49708C160C6343AAD2F076D25397ACE74220311ED18AEEB681F463611B3340C3945CAAEAD3ACC616E08A25A55683A32979BD55EA5DAB7630AF393886896F11DDC5F07E15EDF949324CF0F0B2A5C0E85DFA23167193182D1A43079DC8645F6C2C029629F475575802F7D326DE5BD891A9C5F84A433D45154181EC05685A4B368A5B6434775A00ABC6B0A04647D4598CEEE566B552230F691C98CA30B402A76C686A94B373CCD2F60EFA3878A867BB5F585D088E27C507937262D098A477B9218BE7C03B2E4C102D244CA701645F1827CD947E5E796446378B848862E689F0D1773F752056841A1F0EECE7CAB74921A42DBF2EF264ADCF4ABE05A1242E5F629A657A2D67958A2DAC9A2245074A37099B45064723ABE21241058252632C2BA6FE85AB1C75FF310891B84C9C40AB646FE1D90BC716FB3A4B56DA3EA25CA397C04B994F7C6AD1DD0CB9E994CA6B835F7830F4F4E0F976BBEA5AE8556BC7C90B3E50E21C19AD1F6BC4A8FF15F2909D9CC5F3DA533BADFF50F487869D631C3E34D69636B4C25A55127EF5B715F2FC0565734B38DF996D1970E56F7F64EBECB9D00A587AAEC608F2D3AAA51E66BF53E92C3096BF78D1DCBCE1A645FA4F0542E6F68E5A94AAA6E839F75620FABED5D2BCF40AB8EAF95F838BFA962429F281578882DF0F2721C27C8905C9E776B1D3251FC066A8BC64C0CE7FBA2B8E21F65EF6739AB6F19EC2AB07817DFF03DAB7C846AB5CC86C103642D7664A85DC2D846A8004CD6A144C72CCCAC86DB5901A047324927B80E281F5F7315FA2F9083BDE0DB7AA46DC055E36BB73FB6DBD3A14759D06CBBE8D57CBC213C4D55DE4478679E0A5902C8655BE1391C0E88D2B1FBD57E9232A2CEBC67569ECD94E4BF0FCC6C003F9AA51A2A5E6EE084A46DAE65E52400A727F9713D29E92CD6CA37FD599598B3F677624A2A484A8B36B98EFEAD662C0A23BC1D9280EF2A31F887065EB20A93B41F7A264ECFA65B3555F3E400927018186EAA2D4F00C6B7AB1BCED5F893D64478177592C7F2B945307AB474D7EC7FF2E7E55834CC763BEF81DA9BD70FB3D423AE5ADB86B336734C8A3BEC90CEB05438B5BA030D0D30DEC1442D2EB08450480FBAE090FFA1A5ADD748A415BDCDE45094E792420F0AF94BCA0A80A2096D1A478D3428A214A7E68C0F07F58C6FB232ECC3D8B821AE29AE76E13EB751193F6ECA670016D54F3D796937DDBB8900062EF116CCA3F5B3AECA618272875336C9C050FBC0FC7EDD5B88D85DA0061D21E176E1419CF573629BE7B0496E761EAD45FE32B59EB00D47CDD178AC8F8EC8D6F26DED34F7576CD938422E18E936F16A704B483A48EE3BEA59D95F688136119894930EC8E9282E5974740CF031DF8DBB07EB08F2DA0ACCADECE15A6A57502890F4A03740E60BD":16:"010001":0
-
-RSA Check Public key #7 (N larger than 8192 bits)
-mbedtls_rsa_check_pubkey:16:"01631CD83F3F2D67FA52E13B44416EA65043A322ECD65467558EACD4C6B6D92DA7471D2DBD58E6921F9465C4900E92DFC6EB35C90637285A7E1F3D27C1C32FD6A5CB324D8253C6B2E480B63F66E3B09F4300C3E683011C7803BDEAD682F0F55473FC8A187734573A11ECDCE802022F539BC2074E94703C23E48FF8AE35702352E70AF921B42E6A143A3EFEE20DF77A97AA703AA271CE96EB78062452D87A4ADCACF83FFB9683818BF2ED234D0ECFB1B935827708050C4D007215D7A028152798045AF6A0B741A7B22F3FCCEBC26D285B9AA22CEF858858702BAE7D945FA0C45E2D8AADFF2FD0A64DF02C241F871C799AD73738E626D9A6D4BFFBCE000C4087F0CE74EF21526402FDCD07649175122697FD01041B84AD0A3FEDABD5C25E953686B2272F8C8B748A486F54CB767A1C79CA499B2C9A300AC8A214A0BFA06280A9235D5B7AFB8A76FFDD78FC72038C5B809569A6125D6A588684A16D222EF93F2469EA78948037957DE9B449AB722044FDFF3B6AC89367D72F0CF3ED1F85EDFD0DE3EEEDD39F6EFD68A0368F83B389B7A7B9C7713F4148F53E82CDF6D9CC002A3A16F1E6A1D78C48CE7849584164661664153A499ACAE5927728B2F1A2E911648676DF316DFCBF5E44F393B7B296A4A21ED59744E3855FCD4A21F2B42CFE5C52860B244D467103107E3DC40A82077269897528CCBF80B2F216A535C52A6A2643E64B53276A1B63348038706328FE369AE2409568160481C07A3ED5B0198EC6CC07F8F250B1DE0D97110F834AA3D1C0862FB719393EA08D530225CE0647FD5488F483FA065196D1160FAFA54CD3FF63B6ADDBE84D09F3CFF98F22CC71DE2FC19735126C3BBA9A2C293D1DB118F0512C144C1C616492BE0D19BFD245955840F640EBE6FCFF2830C683852046F36C3CDA4F4460ABA4B2FEEB700C9DD80418C42673858CDD11E70682D5A41ED7D8010EC7DD5B57B4E206F84DB8A430B246002FEA49AFF45940B1F18AE28863F5AA41D3B42ABCD3D1BAB7644B86E060865997E1BA23A768F233D8A859332F8B9D5D1633F9C462328C17E2B07D6DFD813C94D675873592E5CBB001C112A790B10B9F9E07BE105C4FD328C7E3887C3EF13E8ECE6106B73A3341AF200D8663BDF96FFDB6F794FBB04D976B87423A868882F15CAE8DC9F6CAF4917EFC844E74BAD48F21E34530CB4E20006444706FC95658735553CA99E18F0E820D78DEF8FB84034B10CE44B1AE36B50147558415E5E78A77E2FC7C8C580B54CCC40EE3904C04950846A6D51BF5C80E0B6E2ADC4989DA1D3DD01F99AA369C2E6B53394BA0CB5E6E811BFA004A5B3B3C34C60433AB5EB0EC8050246B9AF10B49EAA51487CCE0C4C8F4CDAF926D582D7E4924C33765E00AC952A38669150EA322CDF886B46DE4D0970A060B670D50C9BF3D2020B529838E192EF92BFE2F06FDF1D5":16:"010001":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Check Public key #8 (E exactly 2 bits)
-mbedtls_rsa_check_pubkey:16:"fedcba9876543210deadbeefcafe4321":16:"3":0
-
-RSA Check Public key #8 (E exactly 1 bits)
-mbedtls_rsa_check_pubkey:16:"fedcba9876543210deadbeefcafe4321":16:"1":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Check Public key #8 (E exactly 64 bits)
-mbedtls_rsa_check_pubkey:16:"fedcba9876543210deadbeefcafe4321":16:"00fedcba9876543213":0
-
-RSA Check Public key #8 (E larger than 64 bits)
-mbedtls_rsa_check_pubkey:16:"fedcba9876543210deadbeefcafe4321":16:"01fedcba9876543213":0
-
-RSA Check Public key #9 (E has size N-2)
-mbedtls_rsa_check_pubkey:16:"00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034d":0
-
-RSA Check Public key #10 (E has size N)
-mbedtls_rsa_check_pubkey:16:"00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Check Public-Private key #1 (Correct)
-rsa_check_pubpriv:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":0
-
-RSA Check Public-Private key #2 (Public no N)
-rsa_check_pubpriv:2048:16:"":16:"3":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Check Public-Private key #3 (Private no N)
-rsa_check_pubpriv:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Check Public-Private key #4 (N mismatch)
-rsa_check_pubpriv:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034e":16:"3":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Check Public-Private key #5 (E mismatch)
-rsa_check_pubpriv:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"17":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Private (Correct)
-mbedtls_rsa_private:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f8700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"48ce62658d82be10737bd5d3579aed15bc82617e6758ba862eeb12d049d7bacaf2f62fce8bf6e980763d1951f7f0eae3a493df9890d249314b39d00d6ef791de0daebf2c50f46e54aeb63a89113defe85de6dbe77642aae9f2eceb420f3a47a56355396e728917f17876bb829fabcaeef8bf7ef6de2ff9e84e6108ea2e52bbb62b7b288efa0a3835175b8b08fac56f7396eceb1c692d419ecb79d80aef5bc08a75d89de9f2b2d411d881c0e3ffad24c311a19029d210d3d3534f1b626f982ea322b4d1cfba476860ef20d4f672f38c371084b5301b429b747ea051a619e4430e0dac33c12f9ee41ca4d81a4f6da3e495aa8524574bdc60d290dd1f7a62e90a67":0
-
-RSA Private (Data larger than N)
-mbedtls_rsa_private:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-RSA Public (Correct)
-mbedtls_rsa_public:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f8700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"1f5e927c13ff231090b0f18c8c3526428ed0f4a7561457ee5afe4d22d5d9220c34ef5b9a34d0c07f7248a1f3d57f95d10f7936b3063e40660b3a7ca3e73608b013f85a6e778ac7c60d576e9d9c0c5a79ad84ceea74e4722eb3553bdb0c2d7783dac050520cb27ca73478b509873cb0dcbd1d51dd8fccb96c29ad314f36d67cc57835d92d94defa0399feb095fd41b9f0b2be10f6041079ed4290040449f8a79aba50b0a1f8cf83c9fb8772b0686ec1b29cb1814bb06f9c024857db54d395a8da9a2c6f9f53b94bec612a0cb306a3eaa9fc80992e85d9d232e37a50cabe48c9343f039601ff7d95d60025e582aec475d031888310e8ec3833b394a5cf0599101e":0
-
-RSA Public (Data larger than N)
-mbedtls_rsa_public:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PUBLIC_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-RSA Generate Key - 128bit key
-mbedtls_rsa_gen_key:128:3:0
-
-RSA Generate Key (Number of bits too small)
-mbedtls_rsa_gen_key:127:3:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSA Generate Key (Exponent too small)
-mbedtls_rsa_gen_key:128:2:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSA Generate Key - 1024 bit key
-mbedtls_rsa_gen_key:1024:3:0
-
-RSA Generate Key - 2048 bit key
-mbedtls_rsa_gen_key:2048:3:0
-
-RSA Generate Key - 1025 bit key
-# mbedtls_rsa_gen_key only supports even-sized keys
-mbedtls_rsa_gen_key:1025:3:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSA Validate Params, toy example
-mbedtls_rsa_validate_params:10:"15":10:"3":10:"5":10:"3":10:"3":0:0
-
-RSA Validate Params, toy example, N missing
-mbedtls_rsa_validate_params:10:"":10:"3":10:"5":10:"3":10:"3":0:0
-
-RSA Validate Params, toy example, E missing
-mbedtls_rsa_validate_params:10:"15":10:"3":10:"5":10:"3":10:"":0:0
-
-RSA Validate Params, toy example, corrupted
-mbedtls_rsa_validate_params:10:"16":10:"3":10:"5":10:"3":10:"3":0:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Validate Params, toy example, non-primes, no PRNG
-mbedtls_rsa_validate_params:10:"45":10:"9":10:"5":10:"7":10:"23":0:0
-
-RSA Validate Params, toy example, non-primes, PRNG
-mbedtls_rsa_validate_params:10:"45":10:"9":10:"5":10:"7":10:"23":1:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Validate Params
-mbedtls_rsa_validate_params:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:0
-
-RSA Validate Params, N missing
-mbedtls_rsa_validate_params:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:0
-
-RSA Validate Params, bad N
-mbedtls_rsa_validate_params:16:"b38bc65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Validate Params, non-prime, no PRNG
-mbedtls_rsa_validate_params:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd18":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"":0:0
-
-RSA Validate Params, non-prime, PRNG
-mbedtls_rsa_validate_params:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd18":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"":1:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
-
-RSA Deduce Private, toy example
-mbedtls_rsa_deduce_private_exponent:10:"7":10:"11":10:"7":10:"13":0:0
-
-RSA Deduce Private, toy example, corrupted
-mbedtls_rsa_deduce_private_exponent:10:"3":10:"5":10:"3":10:"3":1:MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
-
-RSA Deduce Private
-mbedtls_rsa_deduce_private_exponent:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":0:0
-
-RSA Deduce Private, corrupted
-mbedtls_rsa_deduce_private_exponent:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":1:MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
-
-RSA Deduce Primes, toy example
-mbedtls_rsa_deduce_primes:10:"35":10:"5":10:"5":10:"5":10:"7":0:0
-
-RSA Deduce Primes, toy example, corrupted
-mbedtls_rsa_deduce_primes:10:"35":10:"5":10:"5":10:"5":10:"7":1:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-RSA Deduce Moduli
-mbedtls_rsa_deduce_primes:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":0:0
-
-RSA Deduce Moduli, corrupted
-mbedtls_rsa_deduce_primes:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":1:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-
-RSA Import (N,P,Q,D,E)
-mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:1:0:0
-
-RSA Import (N,P,Q,D,E), inconsistent
-mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC3672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:1:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED:0
-
-RSA Import (N,P,Q,D,E), successive
-mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:1:0:0
-
-RSA Import (N,P,Q,D,E), successive, inconsistent
-mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC3672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:1:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED:0
-
-RSA Import (-,P,Q,D,E)
-mbedtls_rsa_import:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:1:0:0
-
-RSA Import (-,P,Q,D,E), successive
-mbedtls_rsa_import:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:1:0:0
-
-RSA Import (N,-,-,D,E)
-mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:1:0:0
-
-RSA Import (N,-,-,D,E), successive
-mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:1:0:0
-
-RSA Import (N,P,Q,-,E)
-mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"3":0:1:0:0
-
-RSA Import (N,P,Q,-,E), successive
-mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"3":1:1:0:0
-
-RSA Import (-,P,Q,-,E)
-mbedtls_rsa_import:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"3":0:1:0:0
-
-RSA Import (-,P,Q,-,E), successive
-mbedtls_rsa_import:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"3":1:1:0:0
-
-RSA Import (N,-,Q,-,E)
-mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"3":0:1:0:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSA Import (N,-,Q,-,E), successive
-mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"3":1:1:0:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSA Import (N,-,-,-,E), complete public key
-mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"":16:"3":0:0:0:0
-
-RSA Import (N,-,-,-,E), complete public key, successive
-mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"":16:"3":1:0:0:0
-
-RSA Import (N,-,-,-,E), complete public key, corrupted
-mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"":16:"4":0:0:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED:0
-
-RSA Import (N,-,-,-,E), complete public key, successive, corrupted
-mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"":16:"4":1:0:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED:0
-
-RSA Import Raw (N,P,Q,D,E), complete private key
-mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":0:1:0:0
-
-RSA Import Raw (N,P,Q,D,E), successive
-mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:1:0:0
-
-RSA Import Raw (-,P,Q,D,E)
-mbedtls_rsa_import_raw:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":0:1:0:0
-
-RSA Import Raw (-,P,Q,D,E), successive
-mbedtls_rsa_import_raw:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:1:0:0
-
-RSA Import Raw (N,-,-,D,E)
-mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":0:1:0:0
-
-RSA Import Raw (N,-,-,D,E), successive
-mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:1:0:0
-
-RSA Import Raw (N,P,Q,-,E)
-mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"03":0:1:0:0
-
-RSA Import Raw (N,P,Q,-,E), successive
-mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"03":1:1:0:0
-
-RSA Import Raw (-,P,Q,-,E)
-mbedtls_rsa_import_raw:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"03":0:1:0:0
-
-RSA Import Raw (-,P,Q,-,E), successive
-mbedtls_rsa_import_raw:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"03":1:1:0:0
-
-RSA Import Raw (N,-,Q,-,E)
-mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"03":0:1:0:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSA Import Raw (N,-,Q,-,E), successive
-mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"03":1:1:0:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSA Import Raw (N,-,-,-,E)
-mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"":"03":0:0:0:0
-
-RSA Import Raw (N,-,-,-,E), successive
-mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"":"03":1:0:0:0
-
-RSA Import Raw (-,-,-,-,-)
-mbedtls_rsa_import_raw:"":"":"":"":"":0:0:0:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-
-RSA Export (N,P,Q,D,E)
-mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:0
-
-RSA Export (N,P,Q,D,E), successive
-mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:1
-
-RSA Export (N,-,-,D,E)
-mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:0
-
-RSA Export (N,-,-,D,E), successive
-mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:1
-
-RSA Export (N,P,Q,-,E)
-mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"3":1:0
-
-RSA Export (N,P,Q,-,E), successive
-mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"3":1:1
-
-RSA Export (N,-,-,-,E)
-mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"":16:"3":0:0
-
-RSA Export Raw (N,P,Q,D,E)
-mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:0
-
-RSA Export Raw (N,P,Q,D,E), successive
-mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:1
-
-RSA Export Raw (N,-,-,D,E)
-mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:0
-
-RSA Export Raw (N,-,-,D,E), successive
-mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:1
-
-RSA Export Raw (N,P,Q,-,E)
-mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"03":1:0
-
-RSA Export Raw (N,P,Q,-,E), successive
-mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"03":1:1
-
-RSA Export Raw (N,-,-,-,E)
-mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"":"03":0:0
-
-RSA PKCS1 Encrypt Bad RNG
-depends_on:MBEDTLS_PKCS1_V15
-rsa_pkcs1_encrypt_bad_rng:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_ERR_RSA_RNG_FAILED
-
-RSA Selftest
-depends_on:MBEDTLS_SELF_TEST
-rsa_selftest:
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_rsa.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_rsa.function
deleted file mode 100644
index 6c73e39..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_rsa.function
+++ /dev/null
@@ -1,1816 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/rsa.h"
-#include "mbedtls/rsa_internal.h"
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
-#include "mbedtls/md5.h"
-#include "mbedtls/sha1.h"
-#include "mbedtls/sha256.h"
-#include "mbedtls/sha512.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void rsa_invalid_param( )
-{
-    mbedtls_rsa_context ctx;
-    const int valid_padding = MBEDTLS_RSA_PKCS_V21;
-    const int invalid_padding = 42;
-    const int valid_mode = MBEDTLS_RSA_PRIVATE;
-    const int invalid_mode = 42;
-    unsigned char buf[42] = { 0 };
-    size_t olen;
-
-    TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
-    TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
-    TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
-
-    /* No more variants because only the first argument must be non-NULL. */
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_import( NULL, NULL, NULL,
-                                                NULL, NULL, NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_import_raw( NULL,
-                                                    NULL, 0,
-                                                    NULL, 0,
-                                                    NULL, 0,
-                                                    NULL, 0,
-                                                    NULL, 0 ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_complete( NULL ) );
-
-    /* No more variants because only the first argument must be non-NULL. */
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_export( NULL, NULL, NULL,
-                                                NULL, NULL, NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_export_raw( NULL,
-                                                    NULL, 0,
-                                                    NULL, 0,
-                                                    NULL, 0,
-                                                    NULL, 0,
-                                                    NULL, 0 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
-
-    TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
-                                                 valid_padding, 0 ) );
-    TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
-                                                 invalid_padding, 0 ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_gen_key( NULL,
-                                                 mbedtls_test_rnd_std_rand,
-                                                 NULL, 0, 0 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_gen_key( &ctx, NULL,
-                                                 NULL, 0, 0 ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_check_pubkey( NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_check_privkey( NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_public( NULL, buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_public( &ctx, NULL, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_public( &ctx, buf, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_private( NULL, NULL, NULL,
-                                                 buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_private( &ctx, NULL, NULL,
-                                                 NULL, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_private( &ctx, NULL, NULL,
-                                                 buf, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
-                                                       valid_mode,
-                                                       sizeof( buf ), buf,
-                                                       buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
-                                                       invalid_mode,
-                                                       sizeof( buf ), buf,
-                                                       buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
-                                                       valid_mode,
-                                                       sizeof( buf ), NULL,
-                                                       buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
-                                                       valid_mode,
-                                                       sizeof( buf ), buf,
-                                                       NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
-                                                           NULL,
-                                                           valid_mode,
-                                                           sizeof( buf ), buf,
-                                                           buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
-                                                           NULL,
-                                                           invalid_mode,
-                                                           sizeof( buf ), buf,
-                                                           buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
-                                                           NULL,
-                                                           valid_mode,
-                                                           sizeof( buf ), NULL,
-                                                           buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
-                                                           NULL,
-                                                           valid_mode,
-                                                           sizeof( buf ), buf,
-                                                           NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
-                                                            valid_mode,
-                                                            buf, sizeof( buf ),
-                                                            sizeof( buf ), buf,
-                                                            buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
-                                                            invalid_mode,
-                                                            buf, sizeof( buf ),
-                                                            sizeof( buf ), buf,
-                                                            buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
-                                                            valid_mode,
-                                                            NULL, sizeof( buf ),
-                                                            sizeof( buf ), buf,
-                                                            buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
-                                                            valid_mode,
-                                                            buf, sizeof( buf ),
-                                                            sizeof( buf ), NULL,
-                                                            buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
-                                                            valid_mode,
-                                                            buf, sizeof( buf ),
-                                                            sizeof( buf ), buf,
-                                                            NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
-                                                       valid_mode, &olen,
-                                                       buf, buf, 42 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
-                                                       invalid_mode, &olen,
-                                                       buf, buf, 42 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
-                                                       valid_mode, NULL,
-                                                       buf, buf, 42 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
-                                                       valid_mode, &olen,
-                                                       NULL, buf, 42 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
-                                                       valid_mode, &olen,
-                                                       buf, NULL, 42 ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
-                                                           NULL,
-                                                           valid_mode, &olen,
-                                                           buf, buf, 42 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
-                                                           NULL,
-                                                           invalid_mode, &olen,
-                                                           buf, buf, 42 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
-                                                           NULL,
-                                                           valid_mode, NULL,
-                                                           buf, buf, 42 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
-                                                           NULL,
-                                                           valid_mode, &olen,
-                                                           NULL, buf, 42 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
-                                                           NULL,
-                                                           valid_mode, &olen,
-                                                           buf, NULL, 42 ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
-                                                            valid_mode,
-                                                            buf, sizeof( buf ),
-                                                            &olen,
-                                                            buf, buf, 42 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
-                                                            invalid_mode,
-                                                            buf, sizeof( buf ),
-                                                            &olen,
-                                                            buf, buf, 42 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
-                                                            valid_mode,
-                                                            NULL, sizeof( buf ),
-                                                            NULL,
-                                                            buf, buf, 42 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
-                                                            valid_mode,
-                                                            buf, sizeof( buf ),
-                                                            &olen,
-                                                            NULL, buf, 42 ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
-                                                            valid_mode,
-                                                            buf, sizeof( buf ),
-                                                            &olen,
-                                                            buf, NULL, 42 ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
-                                                    valid_mode,
-                                                    0, sizeof( buf ), buf,
-                                                    buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
-                                                    invalid_mode,
-                                                    0, sizeof( buf ), buf,
-                                                    buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
-                                                    valid_mode,
-                                                    0, sizeof( buf ), NULL,
-                                                    buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
-                                                    valid_mode,
-                                                    0, sizeof( buf ), buf,
-                                                    NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
-                                                    valid_mode,
-                                                    MBEDTLS_MD_SHA1,
-                                                    0, NULL,
-                                                    buf ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
-                                                        valid_mode,
-                                                        0, sizeof( buf ), buf,
-                                                        buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
-                                                        invalid_mode,
-                                                        0, sizeof( buf ), buf,
-                                                        buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
-                                                        valid_mode,
-                                                        0, sizeof( buf ), NULL,
-                                                        buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
-                                                        valid_mode,
-                                                        0, sizeof( buf ), buf,
-                                                        NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
-                                                        valid_mode,
-                                                        MBEDTLS_MD_SHA1,
-                                                        0, NULL,
-                                                        buf ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
-                                                         valid_mode,
-                                                         0, sizeof( buf ), buf,
-                                                         buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
-                                                         invalid_mode,
-                                                         0, sizeof( buf ), buf,
-                                                         buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
-                                                         valid_mode,
-                                                         0, sizeof( buf ), NULL,
-                                                         buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
-                                                         valid_mode,
-                                                         0, sizeof( buf ), buf,
-                                                         NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
-                                                         valid_mode,
-                                                         MBEDTLS_MD_SHA1,
-                                                         0, NULL,
-                                                         buf ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
-                                                      valid_mode,
-                                                      0, sizeof( buf ), buf,
-                                                      buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
-                                                      invalid_mode,
-                                                      0, sizeof( buf ), buf,
-                                                      buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
-                                                      valid_mode,
-                                                      0, sizeof( buf ), NULL,
-                                                      buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
-                                                      valid_mode,
-                                                      0, sizeof( buf ), buf,
-                                                      NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
-                                                      valid_mode,
-                                                      MBEDTLS_MD_SHA1, 0, NULL,
-                                                      buf ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
-                                                          NULL,
-                                                          valid_mode,
-                                                          0, sizeof( buf ), buf,
-                                                          buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
-                                                          NULL,
-                                                          invalid_mode,
-                                                          0, sizeof( buf ), buf,
-                                                          buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
-                                                          NULL,
-                                                          valid_mode,
-                                                          0, sizeof( buf ),
-                                                          NULL, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
-                                                          NULL,
-                                                          valid_mode,
-                                                          0, sizeof( buf ), buf,
-                                                          NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
-                                                          NULL,
-                                                          valid_mode,
-                                                          MBEDTLS_MD_SHA1,
-                                                          0, NULL,
-                                                          buf ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
-                                                           valid_mode,
-                                                           0, sizeof( buf ),
-                                                           buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
-                                                           invalid_mode,
-                                                           0, sizeof( buf ),
-                                                           buf, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
-                                                           valid_mode,
-                                                           0, sizeof( buf ),
-                                                           NULL, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
-                                                           valid_mode,
-                                                           0, sizeof( buf ),
-                                                           buf, NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
-                                                           valid_mode,
-                                                           MBEDTLS_MD_SHA1,
-                                                           0, NULL,
-                                                           buf ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
-                                                               valid_mode,
-                                                               0, sizeof( buf ),
-                                                               buf,
-                                                               0, 0,
-                                                               buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
-                                                               invalid_mode,
-                                                               0, sizeof( buf ),
-                                                               buf,
-                                                               0, 0,
-                                                               buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
-                                                               valid_mode,
-                                                               0, sizeof( buf ),
-                                                               NULL, 0, 0,
-                                                               buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
-                                                               valid_mode,
-                                                               0, sizeof( buf ),
-                                                               buf, 0, 0,
-                                                               NULL ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
-                                                               valid_mode,
-                                                               MBEDTLS_MD_SHA1,
-                                                               0, NULL,
-                                                               0, 0,
-                                                               buf ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_copy( NULL, &ctx ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
-                            mbedtls_rsa_copy( &ctx, NULL ) );
-
-exit:
-    return;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
-                             int digest, int mod, int radix_P, char * input_P,
-                             int radix_Q, char * input_Q, int radix_N,
-                             char * input_N, int radix_E, char * input_E,
-                             data_t * result_str, int result )
-{
-    unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
-    unsigned char output[256];
-    mbedtls_rsa_context ctx;
-    mbedtls_mpi N, P, Q, E;
-    mbedtls_test_rnd_pseudo_info rnd_info;
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
-    mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
-    mbedtls_rsa_init( &ctx, padding_mode, 0 );
-
-    memset( hash_result, 0x00, sizeof( hash_result ) );
-    memset( output, 0x00, sizeof( output ) );
-    memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
-    TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
-
-
-    if( mbedtls_md_info_from_type( digest ) != NULL )
-        TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
-                                         &rnd_info, MBEDTLS_RSA_PRIVATE, digest,
-                                         0, hash_result, output ) == result );
-    if( result == 0 )
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
-                                          ctx.len, result_str->len ) == 0 );
-    }
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
-    mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
-    mbedtls_rsa_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
-                               int digest, int mod, int radix_N,
-                               char * input_N, int radix_E, char * input_E,
-                               data_t * result_str, int result )
-{
-    unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
-    mbedtls_rsa_context ctx;
-
-    mbedtls_mpi N, E;
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
-    mbedtls_rsa_init( &ctx, padding_mode, 0 );
-    memset( hash_result, 0x00, sizeof( hash_result ) );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
-    TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
-
-
-    if( mbedtls_md_info_from_type( digest ) != NULL )
-        TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
-    mbedtls_rsa_free( &ctx );
-}
-/* END_CASE */
-
-
-/* BEGIN_CASE */
-void rsa_pkcs1_sign_raw( data_t * hash_result,
-                         int padding_mode, int mod, int radix_P,
-                         char * input_P, int radix_Q, char * input_Q,
-                         int radix_N, char * input_N, int radix_E,
-                         char * input_E, data_t * result_str )
-{
-    unsigned char output[256];
-    mbedtls_rsa_context ctx;
-    mbedtls_mpi N, P, Q, E;
-    mbedtls_test_rnd_pseudo_info rnd_info;
-
-    mbedtls_rsa_init( &ctx, padding_mode, 0 );
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
-    mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
-
-    memset( output, 0x00, sizeof( output ) );
-    memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
-    TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
-
-
-    TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
-                                         &rnd_info, MBEDTLS_RSA_PRIVATE,
-                                         MBEDTLS_MD_NONE, hash_result->len,
-                                         hash_result->x, output ) == 0 );
-
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
-                                      ctx.len, result_str->len ) == 0 );
-
-#if defined(MBEDTLS_PKCS1_V15)
-    /* For PKCS#1 v1.5, there is an alternative way to generate signatures */
-    if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
-    {
-        int res;
-        memset( output, 0x00, sizeof( output) );
-
-        res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
-                  &mbedtls_test_rnd_pseudo_rand, &rnd_info,
-                  MBEDTLS_RSA_PRIVATE, hash_result->len,
-                  hash_result->x, output );
-
-#if !defined(MBEDTLS_RSA_ALT)
-        TEST_ASSERT( res == 0 );
-#else
-        TEST_ASSERT( ( res == 0 ) ||
-                     ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
-#endif
-
-        if( res == 0 )
-        {
-            TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
-                                              ctx.len,
-                                              result_str->len ) == 0 );
-        }
-    }
-#endif /* MBEDTLS_PKCS1_V15 */
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
-    mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
-
-    mbedtls_rsa_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void rsa_pkcs1_verify_raw( data_t * hash_result,
-                           int padding_mode, int mod, int radix_N,
-                           char * input_N, int radix_E, char * input_E,
-                           data_t * result_str, int correct )
-{
-    unsigned char output[256];
-    mbedtls_rsa_context ctx;
-
-    mbedtls_mpi N, E;
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
-
-    mbedtls_rsa_init( &ctx, padding_mode, 0 );
-    memset( output, 0x00, sizeof( output ) );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
-    TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
-
-
-    TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
-
-#if defined(MBEDTLS_PKCS1_V15)
-    /* For PKCS#1 v1.5, there is an alternative way to verify signatures */
-    if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
-    {
-        int res;
-        int ok;
-        size_t olen;
-
-        res = mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx,
-                    NULL, NULL, MBEDTLS_RSA_PUBLIC,
-                    &olen, result_str->x, output, sizeof( output ) );
-
-#if !defined(MBEDTLS_RSA_ALT)
-        TEST_ASSERT( res == 0 );
-#else
-        TEST_ASSERT( ( res == 0 ) ||
-                     ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
-#endif
-
-        if( res == 0 )
-        {
-            ok = olen == hash_result->len && memcmp( output, hash_result->x, olen ) == 0;
-            if( correct == 0 )
-                TEST_ASSERT( ok == 1 );
-            else
-                TEST_ASSERT( ok == 0 );
-        }
-    }
-#endif /* MBEDTLS_PKCS1_V15 */
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
-    mbedtls_rsa_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
-                                int mod, int radix_N, char * input_N,
-                                int radix_E, char * input_E,
-                                data_t * result_str, int result )
-{
-    unsigned char output[256];
-    mbedtls_rsa_context ctx;
-    mbedtls_test_rnd_pseudo_info rnd_info;
-
-    mbedtls_mpi N, E;
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
-
-    memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-    mbedtls_rsa_init( &ctx, padding_mode, 0 );
-    memset( output, 0x00, sizeof( output ) );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
-    TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
-
-
-    TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
-                                            &mbedtls_test_rnd_pseudo_rand,
-                                            &rnd_info, MBEDTLS_RSA_PUBLIC,
-                                            message_str->len, message_str->x,
-                                            output ) == result );
-    if( result == 0 )
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
-                                          ctx.len, result_str->len ) == 0 );
-    }
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
-    mbedtls_rsa_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
-                                int mod, int radix_N, char * input_N,
-                                int radix_E, char * input_E,
-                                data_t * result_str, int result )
-{
-    unsigned char output[256];
-    mbedtls_rsa_context ctx;
-
-    mbedtls_mpi N, E;
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
-    mbedtls_rsa_init( &ctx, padding_mode, 0 );
-    memset( output, 0x00, sizeof( output ) );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
-    TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
-
-
-    TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
-                                            NULL, MBEDTLS_RSA_PUBLIC,
-                                            message_str->len, message_str->x,
-                                            output ) == result );
-    if( result == 0 )
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
-                                          ctx.len, result_str->len ) == 0 );
-    }
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
-    mbedtls_rsa_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
-                                int mod, int radix_P, char * input_P,
-                                int radix_Q, char * input_Q, int radix_N,
-                                char * input_N, int radix_E, char * input_E,
-                                int max_output, data_t * result_str,
-                                int result )
-{
-    unsigned char output[32];
-    mbedtls_rsa_context ctx;
-    size_t output_len;
-    mbedtls_test_rnd_pseudo_info rnd_info;
-    mbedtls_mpi N, P, Q, E;
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
-    mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
-
-    mbedtls_rsa_init( &ctx, padding_mode, 0 );
-
-    memset( output, 0x00, sizeof( output ) );
-    memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
-    TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
-
-    output_len = 0;
-
-    TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
-                                            &rnd_info, MBEDTLS_RSA_PRIVATE,
-                                            &output_len, message_str->x, output,
-                                            max_output ) == result );
-    if( result == 0 )
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
-                                          output_len,
-                                          result_str->len ) == 0 );
-    }
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
-    mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
-    mbedtls_rsa_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
-                         char * input_N, int radix_E, char * input_E,
-                         data_t * result_str, int result )
-{
-    unsigned char output[256];
-    mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
-
-    mbedtls_mpi N, E;
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
-    mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
-    mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
-    memset( output, 0x00, sizeof( output ) );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
-    TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
-
-
-    TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
-    if( result == 0 )
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
-                                          ctx.len, result_str->len ) == 0 );
-    }
-
-    /* And now with the copy */
-    TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
-    /* clear the original to be sure */
-    mbedtls_rsa_free( &ctx );
-
-    TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
-
-    memset( output, 0x00, sizeof( output ) );
-    TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
-    if( result == 0 )
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
-                                          ctx.len, result_str->len ) == 0 );
-    }
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
-    mbedtls_rsa_free( &ctx );
-    mbedtls_rsa_free( &ctx2 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
-                          char * input_P, int radix_Q, char * input_Q,
-                          int radix_N, char * input_N, int radix_E,
-                          char * input_E, data_t * result_str,
-                          int result )
-{
-    unsigned char output[256];
-    mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
-    mbedtls_mpi N, P, Q, E;
-    mbedtls_test_rnd_pseudo_info rnd_info;
-    int i;
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
-    mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
-    mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
-    mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
-
-    memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
-    TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
-
-
-    /* repeat three times to test updating of blinding values */
-    for( i = 0; i < 3; i++ )
-    {
-        memset( output, 0x00, sizeof( output ) );
-        TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
-                                          &rnd_info, message_str->x,
-                                          output ) == result );
-        if( result == 0 )
-        {
-
-            TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
-                                              ctx.len,
-                                              result_str->len ) == 0 );
-        }
-    }
-
-    /* And now one more time with the copy */
-    TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
-    /* clear the original to be sure */
-    mbedtls_rsa_free( &ctx );
-
-    TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
-
-    memset( output, 0x00, sizeof( output ) );
-    TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
-                                      &rnd_info, message_str->x,
-                                      output ) == result );
-    if( result == 0 )
-    {
-
-        TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
-                                          ctx2.len,
-                                          result_str->len ) == 0 );
-    }
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
-    mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
-
-    mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void rsa_check_privkey_null(  )
-{
-    mbedtls_rsa_context ctx;
-    memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
-
-    TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
-                               char * input_E, int result )
-{
-    mbedtls_rsa_context ctx;
-    mbedtls_mpi N, E;
-
-    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
-    mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
-
-    if( strlen( input_N ) )
-    {
-        TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    }
-    if( strlen( input_E ) )
-    {
-        TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-    }
-
-    TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
-
-exit:
-    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
-    mbedtls_rsa_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
-                                int radix_Q, char * input_Q, int radix_N,
-                                char * input_N, int radix_E, char * input_E,
-                                int radix_D, char * input_D, int radix_DP,
-                                char * input_DP, int radix_DQ,
-                                char * input_DQ, int radix_QP,
-                                char * input_QP, int result )
-{
-    mbedtls_rsa_context ctx;
-
-    mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
-
-    ctx.len = mod / 8;
-    if( strlen( input_P ) )
-    {
-        TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
-    }
-    if( strlen( input_Q ) )
-    {
-        TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
-    }
-    if( strlen( input_N ) )
-    {
-        TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
-    }
-    if( strlen( input_E ) )
-    {
-        TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
-    }
-    if( strlen( input_D ) )
-    {
-        TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
-    }
-#if !defined(MBEDTLS_RSA_NO_CRT)
-    if( strlen( input_DP ) )
-    {
-        TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
-    }
-    if( strlen( input_DQ ) )
-    {
-        TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
-    }
-    if( strlen( input_QP ) )
-    {
-        TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
-    }
-#else
-    ((void) radix_DP); ((void) input_DP);
-    ((void) radix_DQ); ((void) input_DQ);
-    ((void) radix_QP); ((void) input_QP);
-#endif
-
-    TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
-
-exit:
-    mbedtls_rsa_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
-                        int radix_Epub, char * input_Epub, int radix_P,
-                        char * input_P, int radix_Q, char * input_Q,
-                        int radix_N, char * input_N, int radix_E,
-                        char * input_E, int radix_D, char * input_D,
-                        int radix_DP, char * input_DP, int radix_DQ,
-                        char * input_DQ, int radix_QP, char * input_QP,
-                        int result )
-{
-    mbedtls_rsa_context pub, prv;
-
-    mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
-    mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
-
-    pub.len = mod / 8;
-    prv.len = mod / 8;
-
-    if( strlen( input_Npub ) )
-    {
-        TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
-    }
-    if( strlen( input_Epub ) )
-    {
-        TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
-    }
-
-    if( strlen( input_P ) )
-    {
-        TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
-    }
-    if( strlen( input_Q ) )
-    {
-        TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
-    }
-    if( strlen( input_N ) )
-    {
-        TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
-    }
-    if( strlen( input_E ) )
-    {
-        TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
-    }
-    if( strlen( input_D ) )
-    {
-        TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
-    }
-#if !defined(MBEDTLS_RSA_NO_CRT)
-    if( strlen( input_DP ) )
-    {
-        TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
-    }
-    if( strlen( input_DQ ) )
-    {
-        TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
-    }
-    if( strlen( input_QP ) )
-    {
-        TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
-    }
-#else
-    ((void) radix_DP); ((void) input_DP);
-    ((void) radix_DQ); ((void) input_DQ);
-    ((void) radix_QP); ((void) input_QP);
-#endif
-
-    TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
-
-exit:
-    mbedtls_rsa_free( &pub );
-    mbedtls_rsa_free( &prv );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
-void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
-{
-    mbedtls_rsa_context ctx;
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    const char *pers = "test_suite_rsa";
-
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-    mbedtls_entropy_init( &entropy );
-    mbedtls_rsa_init ( &ctx, 0, 0 );
-
-    TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
-                                        &entropy, (const unsigned char *) pers,
-                                        strlen( pers ) ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
-    if( result == 0 )
-    {
-        TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
-    }
-
-exit:
-    mbedtls_rsa_free( &ctx );
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
-void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
-                                int radix_D, char *input_D,
-                                int radix_E, char *input_E,
-                                int radix_P, char *output_P,
-                                int radix_Q, char *output_Q,
-                                int corrupt, int result )
-{
-    mbedtls_mpi N, P, Pp, Q, Qp, D, E;
-
-    mbedtls_mpi_init( &N );
-    mbedtls_mpi_init( &P );  mbedtls_mpi_init( &Q  );
-    mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
-    mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
-
-    if( corrupt )
-        TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
-
-    /* Try to deduce P, Q from N, D, E only. */
-    TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
-
-    if( !corrupt )
-    {
-        /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
-        TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
-                     ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
-    }
-
-exit:
-    mbedtls_mpi_free( &N );
-    mbedtls_mpi_free( &P  ); mbedtls_mpi_free( &Q  );
-    mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
-    mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
-                                          int radix_Q, char *input_Q,
-                                          int radix_E, char *input_E,
-                                          int radix_D, char *output_D,
-                                          int corrupt, int result )
-{
-    mbedtls_mpi P, Q, D, Dp, E, R, Rp;
-
-    mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
-    mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
-    mbedtls_mpi_init( &E );
-    mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
-
-    if( corrupt )
-    {
-        /* Make E even */
-        TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
-    }
-
-    /* Try to deduce D from N, P, Q, E. */
-    TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
-                                                      &E, &D ) == result );
-
-    if( !corrupt )
-    {
-        /*
-         * Check that D and Dp agree modulo LCM(P-1, Q-1).
-         */
-
-        /* Replace P,Q by P-1, Q-1 */
-        TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
-        TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
-
-        /* Check D == Dp modulo P-1 */
-        TEST_ASSERT( mbedtls_mpi_mod_mpi( &R,  &D,  &P ) == 0 );
-        TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R,  &Rp )     == 0 );
-
-        /* Check D == Dp modulo Q-1 */
-        TEST_ASSERT( mbedtls_mpi_mod_mpi( &R,  &D,  &Q ) == 0 );
-        TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
-        TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R,  &Rp )     == 0 );
-    }
-
-exit:
-
-    mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q  );
-    mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
-    mbedtls_mpi_free( &E );
-    mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
-void mbedtls_rsa_import( int radix_N, char *input_N,
-                         int radix_P, char *input_P,
-                         int radix_Q, char *input_Q,
-                         int radix_D, char *input_D,
-                         int radix_E, char *input_E,
-                         int successive,
-                         int is_priv,
-                         int res_check,
-                         int res_complete )
-{
-    mbedtls_mpi N, P, Q, D, E;
-    mbedtls_rsa_context ctx;
-
-    /* Buffers used for encryption-decryption test */
-    unsigned char *buf_orig = NULL;
-    unsigned char *buf_enc  = NULL;
-    unsigned char *buf_dec  = NULL;
-
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    const char *pers = "test_suite_rsa";
-
-    const int have_N = ( strlen( input_N ) > 0 );
-    const int have_P = ( strlen( input_P ) > 0 );
-    const int have_Q = ( strlen( input_Q ) > 0 );
-    const int have_D = ( strlen( input_D ) > 0 );
-    const int have_E = ( strlen( input_E ) > 0 );
-
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-    mbedtls_entropy_init( &entropy );
-    mbedtls_rsa_init( &ctx, 0, 0 );
-
-    mbedtls_mpi_init( &N );
-    mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
-    mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
-
-    TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                                (const unsigned char *) pers, strlen( pers ) ) == 0 );
-
-    if( have_N )
-        TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-
-    if( have_P )
-        TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
-
-    if( have_Q )
-        TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
-
-    if( have_D )
-        TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
-
-    if( have_E )
-        TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-
-    if( !successive )
-    {
-        TEST_ASSERT( mbedtls_rsa_import( &ctx,
-                             have_N ? &N : NULL,
-                             have_P ? &P : NULL,
-                             have_Q ? &Q : NULL,
-                             have_D ? &D : NULL,
-                             have_E ? &E : NULL ) == 0 );
-    }
-    else
-    {
-        /* Import N, P, Q, D, E separately.
-         * This should make no functional difference. */
-
-        TEST_ASSERT( mbedtls_rsa_import( &ctx,
-                               have_N ? &N : NULL,
-                               NULL, NULL, NULL, NULL ) == 0 );
-
-        TEST_ASSERT( mbedtls_rsa_import( &ctx,
-                               NULL,
-                               have_P ? &P : NULL,
-                               NULL, NULL, NULL ) == 0 );
-
-        TEST_ASSERT( mbedtls_rsa_import( &ctx,
-                               NULL, NULL,
-                               have_Q ? &Q : NULL,
-                               NULL, NULL ) == 0 );
-
-        TEST_ASSERT( mbedtls_rsa_import( &ctx,
-                               NULL, NULL, NULL,
-                               have_D ? &D : NULL,
-                               NULL ) == 0 );
-
-        TEST_ASSERT( mbedtls_rsa_import( &ctx,
-                               NULL, NULL, NULL, NULL,
-                               have_E ? &E : NULL ) == 0 );
-    }
-
-    TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
-
-    /* On expected success, perform some public and private
-     * key operations to check if the key is working properly. */
-    if( res_complete == 0 )
-    {
-        if( is_priv )
-            TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
-        else
-            TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
-
-        if( res_check != 0 )
-            goto exit;
-
-        buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
-        buf_enc  = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
-        buf_dec  = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
-        if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
-            goto exit;
-
-        TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
-                              buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
-
-        /* Make sure the number we're generating is smaller than the modulus */
-        buf_orig[0] = 0x00;
-
-        TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
-
-        if( is_priv )
-        {
-            TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
-                                              &ctr_drbg, buf_enc,
-                                              buf_dec ) == 0 );
-
-            TEST_ASSERT( memcmp( buf_orig, buf_dec,
-                                 mbedtls_rsa_get_len( &ctx ) ) == 0 );
-        }
-    }
-
-exit:
-
-    mbedtls_free( buf_orig );
-    mbedtls_free( buf_enc  );
-    mbedtls_free( buf_dec  );
-
-    mbedtls_rsa_free( &ctx );
-
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-    mbedtls_mpi_free( &N );
-    mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
-    mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_rsa_export( int radix_N, char *input_N,
-                         int radix_P, char *input_P,
-                         int radix_Q, char *input_Q,
-                         int radix_D, char *input_D,
-                         int radix_E, char *input_E,
-                         int is_priv,
-                         int successive )
-{
-    /* Original MPI's with which we set up the RSA context */
-    mbedtls_mpi N, P, Q, D, E;
-
-    /* Exported MPI's */
-    mbedtls_mpi Ne, Pe, Qe, De, Ee;
-
-    const int have_N = ( strlen( input_N ) > 0 );
-    const int have_P = ( strlen( input_P ) > 0 );
-    const int have_Q = ( strlen( input_Q ) > 0 );
-    const int have_D = ( strlen( input_D ) > 0 );
-    const int have_E = ( strlen( input_E ) > 0 );
-
-    mbedtls_rsa_context ctx;
-
-    mbedtls_rsa_init( &ctx, 0, 0 );
-
-    mbedtls_mpi_init( &N );
-    mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
-    mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
-
-    mbedtls_mpi_init( &Ne );
-    mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
-    mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
-
-    /* Setup RSA context */
-
-    if( have_N )
-        TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-
-    if( have_P )
-        TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
-
-    if( have_Q )
-        TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
-
-    if( have_D )
-        TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
-
-    if( have_E )
-        TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_import( &ctx,
-                                     strlen( input_N ) ? &N : NULL,
-                                     strlen( input_P ) ? &P : NULL,
-                                     strlen( input_Q ) ? &Q : NULL,
-                                     strlen( input_D ) ? &D : NULL,
-                                     strlen( input_E ) ? &E : NULL ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
-
-    /*
-     * Export parameters and compare to original ones.
-     */
-
-    /* N and E must always be present. */
-    if( !successive )
-    {
-        TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
-    }
-    else
-    {
-        TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
-        TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
-    }
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
-
-    /* If we were providing enough information to setup a complete private context,
-     * we expect to be able to export all core parameters. */
-
-    if( is_priv )
-    {
-        if( !successive )
-        {
-            TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
-                                             &De, NULL ) == 0 );
-        }
-        else
-        {
-            TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
-                                             NULL, NULL ) == 0 );
-            TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
-                                             NULL, NULL ) == 0 );
-            TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
-                                             &De, NULL ) == 0 );
-        }
-
-        if( have_P )
-            TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
-
-        if( have_Q )
-            TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
-
-        if( have_D )
-            TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
-
-        /* While at it, perform a sanity check */
-        TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
-                                                       NULL, NULL ) == 0 );
-    }
-
-exit:
-
-    mbedtls_rsa_free( &ctx );
-
-    mbedtls_mpi_free( &N );
-    mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
-    mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
-
-    mbedtls_mpi_free( &Ne );
-    mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
-    mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
-void mbedtls_rsa_validate_params( int radix_N, char *input_N,
-                                  int radix_P, char *input_P,
-                                  int radix_Q, char *input_Q,
-                                  int radix_D, char *input_D,
-                                  int radix_E, char *input_E,
-                                  int prng, int result )
-{
-    /* Original MPI's with which we set up the RSA context */
-    mbedtls_mpi N, P, Q, D, E;
-
-    const int have_N = ( strlen( input_N ) > 0 );
-    const int have_P = ( strlen( input_P ) > 0 );
-    const int have_Q = ( strlen( input_Q ) > 0 );
-    const int have_D = ( strlen( input_D ) > 0 );
-    const int have_E = ( strlen( input_E ) > 0 );
-
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    const char *pers = "test_suite_rsa";
-
-    mbedtls_mpi_init( &N );
-    mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
-    mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
-
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-    mbedtls_entropy_init( &entropy );
-    TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
-                                        &entropy, (const unsigned char *) pers,
-                                        strlen( pers ) ) == 0 );
-
-    if( have_N )
-        TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
-
-    if( have_P )
-        TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
-
-    if( have_Q )
-        TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
-
-    if( have_D )
-        TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
-
-    if( have_E )
-        TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
-                                        have_P ? &P : NULL,
-                                        have_Q ? &Q : NULL,
-                                        have_D ? &D : NULL,
-                                        have_E ? &E : NULL,
-                                        prng ? mbedtls_ctr_drbg_random : NULL,
-                                        prng ? &ctr_drbg : NULL ) == result );
-exit:
-
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-    mbedtls_mpi_free( &N );
-    mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
-    mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
-void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
-                             data_t *input_Q, data_t *input_D,
-                             data_t *input_E, int is_priv,
-                             int successive )
-{
-    /* Exported buffers */
-    unsigned char bufNe[256];
-    unsigned char bufPe[128];
-    unsigned char bufQe[128];
-    unsigned char bufDe[256];
-    unsigned char bufEe[1];
-
-    mbedtls_rsa_context ctx;
-
-    mbedtls_rsa_init( &ctx, 0, 0 );
-
-    /* Setup RSA context */
-    TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
-                               input_N->len ? input_N->x : NULL, input_N->len,
-                               input_P->len ? input_P->x : NULL, input_P->len,
-                               input_Q->len ? input_Q->x : NULL, input_Q->len,
-                               input_D->len ? input_D->x : NULL, input_D->len,
-                               input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
-
-    /*
-     * Export parameters and compare to original ones.
-     */
-
-    /* N and E must always be present. */
-    if( !successive )
-    {
-        TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
-                                             NULL, 0, NULL, 0, NULL, 0,
-                                             bufEe, input_E->len ) == 0 );
-    }
-    else
-    {
-        TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
-                                             NULL, 0, NULL, 0, NULL, 0,
-                                             NULL, 0 ) == 0 );
-        TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
-                                             NULL, 0, NULL, 0, NULL, 0,
-                                             bufEe, input_E->len ) == 0 );
-    }
-    TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
-    TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
-
-    /* If we were providing enough information to setup a complete private context,
-     * we expect to be able to export all core parameters. */
-
-    if( is_priv )
-    {
-        if( !successive )
-        {
-            TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
-                                         bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
-                                         bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
-                                         bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
-                                         NULL, 0 ) == 0 );
-        }
-        else
-        {
-            TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
-                                         bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
-                                         NULL, 0, NULL, 0,
-                                         NULL, 0 ) == 0 );
-
-            TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
-                                         bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
-                                         NULL, 0, NULL, 0 ) == 0 );
-
-            TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
-                                         bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
-                                         NULL, 0 ) == 0 );
-        }
-
-        if( input_P->len )
-            TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
-
-        if( input_Q->len )
-            TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
-
-        if( input_D->len )
-            TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
-
-    }
-
-exit:
-    mbedtls_rsa_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
-void mbedtls_rsa_import_raw( data_t *input_N,
-                             data_t *input_P, data_t *input_Q,
-                             data_t *input_D, data_t *input_E,
-                             int successive,
-                             int is_priv,
-                             int res_check,
-                             int res_complete )
-{
-    /* Buffers used for encryption-decryption test */
-    unsigned char *buf_orig = NULL;
-    unsigned char *buf_enc  = NULL;
-    unsigned char *buf_dec  = NULL;
-
-    mbedtls_rsa_context ctx;
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-
-    const char *pers = "test_suite_rsa";
-
-    mbedtls_ctr_drbg_init( &ctr_drbg );
-    mbedtls_entropy_init( &entropy );
-    mbedtls_rsa_init( &ctx, 0, 0 );
-
-    TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
-                                        &entropy, (const unsigned char *) pers,
-                                        strlen( pers ) ) == 0 );
-
-    if( !successive )
-    {
-        TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
-                               ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
-                               ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
-                               ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
-                               ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
-                               ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
-    }
-    else
-    {
-        /* Import N, P, Q, D, E separately.
-         * This should make no functional difference. */
-
-        TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
-                               ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
-                               NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
-
-        TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
-                               NULL, 0,
-                               ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
-                               NULL, 0, NULL, 0, NULL, 0 ) == 0 );
-
-        TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
-                               NULL, 0, NULL, 0,
-                               ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
-                               NULL, 0, NULL, 0 ) == 0 );
-
-        TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
-                               NULL, 0, NULL, 0, NULL, 0,
-                               ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
-                               NULL, 0 ) == 0 );
-
-        TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
-                               NULL, 0, NULL, 0, NULL, 0, NULL, 0,
-                               ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
-    }
-
-    TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
-
-    /* On expected success, perform some public and private
-     * key operations to check if the key is working properly. */
-    if( res_complete == 0 )
-    {
-        if( is_priv )
-            TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
-        else
-            TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
-
-        if( res_check != 0 )
-            goto exit;
-
-        buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
-        buf_enc  = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
-        buf_dec  = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
-        if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
-            goto exit;
-
-        TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
-                              buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
-
-        /* Make sure the number we're generating is smaller than the modulus */
-        buf_orig[0] = 0x00;
-
-        TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
-
-        if( is_priv )
-        {
-            TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
-                                              &ctr_drbg, buf_enc,
-                                              buf_dec ) == 0 );
-
-            TEST_ASSERT( memcmp( buf_orig, buf_dec,
-                                 mbedtls_rsa_get_len( &ctx ) ) == 0 );
-        }
-    }
-
-exit:
-
-    mbedtls_free( buf_orig );
-    mbedtls_free( buf_enc  );
-    mbedtls_free( buf_dec  );
-
-    mbedtls_rsa_free( &ctx );
-
-    mbedtls_ctr_drbg_free( &ctr_drbg );
-    mbedtls_entropy_free( &entropy );
-
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void rsa_selftest(  )
-{
-    TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_shax.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_shax.function
deleted file mode 100644
index f3477ec..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_shax.function
+++ /dev/null
@@ -1,255 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/sha1.h"
-#include "mbedtls/sha256.h"
-#include "mbedtls/sha512.h"
-/* END_HEADER */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA1_C */
-void sha1_valid_param( )
-{
-    TEST_VALID_PARAM( mbedtls_sha1_free( NULL ) );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA1_C:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void sha1_invalid_param( )
-{
-    mbedtls_sha1_context ctx;
-    unsigned char buf[64] = { 0 };
-    size_t const buflen = sizeof( buf );
-
-    TEST_INVALID_PARAM( mbedtls_sha1_init( NULL ) );
-
-    TEST_INVALID_PARAM( mbedtls_sha1_clone( NULL, &ctx ) );
-    TEST_INVALID_PARAM( mbedtls_sha1_clone( &ctx, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
-                            mbedtls_sha1_starts_ret( NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
-                            mbedtls_sha1_update_ret( NULL, buf, buflen ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
-                            mbedtls_sha1_update_ret( &ctx, NULL, buflen ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
-                            mbedtls_sha1_finish_ret( NULL, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
-                            mbedtls_sha1_finish_ret( &ctx, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
-                            mbedtls_internal_sha1_process( NULL, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
-                            mbedtls_internal_sha1_process( &ctx, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
-                            mbedtls_sha1_ret( NULL, buflen, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
-                            mbedtls_sha1_ret( buf, buflen, NULL ) );
-
-exit:
-    return;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA1_C */
-void mbedtls_sha1( data_t * src_str, data_t * hash )
-{
-    unsigned char output[41];
-
-    memset(output, 0x00, 41);
-
-
-    TEST_ASSERT( mbedtls_sha1_ret( src_str->x, src_str->len, output ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 20, hash->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
-void sha256_valid_param( )
-{
-    TEST_VALID_PARAM( mbedtls_sha256_free( NULL ) );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void sha256_invalid_param( )
-{
-    mbedtls_sha256_context ctx;
-    unsigned char buf[64] = { 0 };
-    size_t const buflen = sizeof( buf );
-    int valid_type = 0;
-    int invalid_type = 42;
-
-    TEST_INVALID_PARAM( mbedtls_sha256_init( NULL ) );
-
-    TEST_INVALID_PARAM( mbedtls_sha256_clone( NULL, &ctx ) );
-    TEST_INVALID_PARAM( mbedtls_sha256_clone( &ctx, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
-                            mbedtls_sha256_starts_ret( NULL, valid_type ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
-                            mbedtls_sha256_starts_ret( &ctx, invalid_type ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
-                            mbedtls_sha256_update_ret( NULL, buf, buflen ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
-                            mbedtls_sha256_update_ret( &ctx, NULL, buflen ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
-                            mbedtls_sha256_finish_ret( NULL, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
-                            mbedtls_sha256_finish_ret( &ctx, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
-                            mbedtls_internal_sha256_process( NULL, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
-                            mbedtls_internal_sha256_process( &ctx, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
-                            mbedtls_sha256_ret( NULL, buflen,
-                                                buf, valid_type ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
-                            mbedtls_sha256_ret( buf, buflen,
-                                                NULL, valid_type ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
-                            mbedtls_sha256_ret( buf, buflen,
-                                                buf, invalid_type ) );
-
-exit:
-    return;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
-void sha224( data_t * src_str, data_t * hash )
-{
-    unsigned char output[57];
-
-    memset(output, 0x00, 57);
-
-
-    TEST_ASSERT( mbedtls_sha256_ret( src_str->x, src_str->len, output, 1 ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 28, hash->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
-void mbedtls_sha256( data_t * src_str, data_t * hash )
-{
-    unsigned char output[65];
-
-    memset(output, 0x00, 65);
-
-
-    TEST_ASSERT( mbedtls_sha256_ret( src_str->x, src_str->len, output, 0 ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 32, hash->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA512_C */
-void sha512_valid_param( )
-{
-    TEST_VALID_PARAM( mbedtls_sha512_free( NULL ) );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA512_C:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
-void sha512_invalid_param( )
-{
-    mbedtls_sha512_context ctx;
-    unsigned char buf[64] = { 0 };
-    size_t const buflen = sizeof( buf );
-    int valid_type = 0;
-    int invalid_type = 42;
-
-    TEST_INVALID_PARAM( mbedtls_sha512_init( NULL ) );
-
-    TEST_INVALID_PARAM( mbedtls_sha512_clone( NULL, &ctx ) );
-    TEST_INVALID_PARAM( mbedtls_sha512_clone( &ctx, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
-                            mbedtls_sha512_starts_ret( NULL, valid_type ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
-                            mbedtls_sha512_starts_ret( &ctx, invalid_type ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
-                            mbedtls_sha512_update_ret( NULL, buf, buflen ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
-                            mbedtls_sha512_update_ret( &ctx, NULL, buflen ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
-                            mbedtls_sha512_finish_ret( NULL, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
-                            mbedtls_sha512_finish_ret( &ctx, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
-                            mbedtls_internal_sha512_process( NULL, buf ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
-                            mbedtls_internal_sha512_process( &ctx, NULL ) );
-
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
-                            mbedtls_sha512_ret( NULL, buflen,
-                                                buf, valid_type ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
-                            mbedtls_sha512_ret( buf, buflen,
-                                                NULL, valid_type ) );
-    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
-                            mbedtls_sha512_ret( buf, buflen,
-                                                buf, invalid_type ) );
-
-exit:
-    return;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA512_C */
-void sha384( data_t * src_str, data_t * hash )
-{
-    unsigned char output[97];
-
-    memset(output, 0x00, 97);
-
-
-    TEST_ASSERT( mbedtls_sha512_ret( src_str->x, src_str->len, output, 1 ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 48, hash->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA512_C */
-void mbedtls_sha512( data_t * src_str, data_t * hash )
-{
-    unsigned char output[129];
-
-    memset(output, 0x00, 129);
-
-
-    TEST_ASSERT( mbedtls_sha512_ret( src_str->x, src_str->len, output, 0 ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 64, hash->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA1_C:MBEDTLS_SELF_TEST */
-void sha1_selftest(  )
-{
-    TEST_ASSERT( mbedtls_sha1_self_test( 1 ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_SELF_TEST */
-void sha256_selftest(  )
-{
-    TEST_ASSERT( mbedtls_sha256_self_test( 1 ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SHA512_C:MBEDTLS_SELF_TEST */
-void sha512_selftest(  )
-{
-    TEST_ASSERT( mbedtls_sha512_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ssl.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ssl.function
deleted file mode 100644
index f377ffa..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ssl.function
+++ /dev/null
@@ -1,4549 +0,0 @@
-/* BEGIN_HEADER */
-#include <mbedtls/ssl.h>
-#include <mbedtls/ssl_internal.h>
-#include <mbedtls/ctr_drbg.h>
-#include <mbedtls/entropy.h>
-#include <mbedtls/certs.h>
-#include <mbedtls/timing.h>
-#include <mbedtls/debug.h>
-#include <ssl_tls13_keys.h>
-
-#include <ssl_invasive.h>
-
-#include <test/constant_flow.h>
-
-enum
-{
-#define MBEDTLS_SSL_TLS1_3_LABEL( name, string )   \
-     tls1_3_label_ ## name,
-MBEDTLS_SSL_TLS1_3_LABEL_LIST
-#undef MBEDTLS_SSL_TLS1_3_LABEL
-};
-
-typedef struct log_pattern
-{
-    const char *pattern;
-    size_t counter;
-} log_pattern;
-
-/*
- * This function can be passed to mbedtls to receive output logs from it. In
- * this case, it will count the instances of a log_pattern in the received
- * logged messages.
- */
-void log_analyzer( void *ctx, int level,
-                   const char *file, int line,
-                   const char *str )
-{
-    log_pattern *p = (log_pattern *) ctx;
-
-    (void) level;
-    (void) line;
-    (void) file;
-
-    if( NULL != p &&
-        NULL != p->pattern &&
-        NULL != strstr( str, p->pattern ) )
-    {
-        p->counter++;
-    }
-}
-
-/* Invalid minor version used when not specifying a min/max version or expecting a test to fail */
-#define TEST_SSL_MINOR_VERSION_NONE -1
-
-typedef struct handshake_test_options
-{
-    const char *cipher;
-    int client_min_version;
-    int client_max_version;
-    int server_min_version;
-    int server_max_version;
-    int expected_negotiated_version;
-    int pk_alg;
-    data_t *psk_str;
-    int dtls;
-    int srv_auth_mode;
-    int serialize;
-    int mfl;
-    int cli_msg_len;
-    int srv_msg_len;
-    int expected_cli_fragments;
-    int expected_srv_fragments;
-    int renegotiate;
-    int legacy_renegotiation;
-    void *srv_log_obj;
-    void *cli_log_obj;
-    void (*srv_log_fun)(void *, int, const char *, int, const char *);
-    void (*cli_log_fun)(void *, int, const char *, int, const char *);
-    int resize_buffers;
-} handshake_test_options;
-
-void init_handshake_options( handshake_test_options *opts )
-{
-  opts->cipher = "";
-  opts->client_min_version = TEST_SSL_MINOR_VERSION_NONE;
-  opts->client_max_version = TEST_SSL_MINOR_VERSION_NONE;
-  opts->server_min_version = TEST_SSL_MINOR_VERSION_NONE;
-  opts->server_max_version = TEST_SSL_MINOR_VERSION_NONE;
-  opts->expected_negotiated_version = MBEDTLS_SSL_MINOR_VERSION_3;
-  opts->pk_alg = MBEDTLS_PK_RSA;
-  opts->psk_str = NULL;
-  opts->dtls = 0;
-  opts->srv_auth_mode = MBEDTLS_SSL_VERIFY_NONE;
-  opts->serialize = 0;
-  opts->mfl = MBEDTLS_SSL_MAX_FRAG_LEN_NONE;
-  opts->cli_msg_len = 100;
-  opts->srv_msg_len = 100;
-  opts->expected_cli_fragments = 1;
-  opts->expected_srv_fragments = 1;
-  opts->renegotiate = 0;
-  opts->legacy_renegotiation = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION;
-  opts->srv_log_obj = NULL;
-  opts->srv_log_obj = NULL;
-  opts->srv_log_fun = NULL;
-  opts->cli_log_fun = NULL;
-  opts->resize_buffers = 1;
-}
-/*
- * Buffer structure for custom I/O callbacks.
- */
-
-typedef struct mbedtls_test_buffer
-{
-    size_t start;
-    size_t content_length;
-    size_t capacity;
-    unsigned char *buffer;
-} mbedtls_test_buffer;
-
-/*
- * Initialises \p buf. After calling this function it is safe to call
- * `mbedtls_test_buffer_free()` on \p buf.
- */
-void mbedtls_test_buffer_init( mbedtls_test_buffer *buf )
-{
-    memset( buf, 0, sizeof( *buf ) );
-}
-
-/*
- * Sets up \p buf. After calling this function it is safe to call
- * `mbedtls_test_buffer_put()` and `mbedtls_test_buffer_get()` on \p buf.
- */
-int mbedtls_test_buffer_setup( mbedtls_test_buffer *buf, size_t capacity )
-{
-    buf->buffer = (unsigned char*) mbedtls_calloc( capacity,
-                                                   sizeof(unsigned char) );
-    if( NULL == buf->buffer )
-        return MBEDTLS_ERR_SSL_ALLOC_FAILED;
-    buf->capacity = capacity;
-
-    return 0;
-}
-
-void mbedtls_test_buffer_free( mbedtls_test_buffer *buf )
-{
-    if( buf->buffer != NULL )
-        mbedtls_free( buf->buffer );
-
-    memset( buf, 0, sizeof( *buf ) );
-}
-
-/*
- * Puts \p input_len bytes from the \p input buffer into the ring buffer \p buf.
- *
- * \p buf must have been initialized and set up by calling
- * `mbedtls_test_buffer_init()` and `mbedtls_test_buffer_setup()`.
- *
- * \retval  \p input_len, if the data fits.
- * \retval  0 <= value < \p input_len, if the data does not fit.
- * \retval  -1, if \p buf is NULL, it hasn't been set up or \p input_len is not
- *          zero and \p input is NULL.
- */
-int mbedtls_test_buffer_put( mbedtls_test_buffer *buf,
-                             const unsigned char *input, size_t input_len )
-{
-    size_t overflow = 0;
-
-    if( ( buf == NULL ) || ( buf->buffer == NULL ) )
-        return -1;
-
-    /* Reduce input_len to a number that fits in the buffer. */
-    if ( ( buf->content_length + input_len ) > buf->capacity )
-    {
-        input_len = buf->capacity - buf->content_length;
-    }
-
-    if( input == NULL )
-    {
-        return ( input_len == 0 ) ? 0 : -1;
-    }
-
-     /* Check if the buffer has not come full circle and free space is not in
-      * the middle */
-    if( buf->start + buf->content_length < buf->capacity )
-    {
-
-        /* Calculate the number of bytes that need to be placed at lower memory
-        * address */
-        if( buf->start + buf->content_length + input_len
-            > buf->capacity )
-        {
-            overflow = ( buf->start + buf->content_length + input_len )
-                        % buf->capacity;
-        }
-
-        memcpy( buf->buffer + buf->start + buf->content_length, input,
-                    input_len - overflow );
-        memcpy( buf->buffer, input + input_len - overflow, overflow );
-
-    }
-    else
-    {
-        /* The buffer has come full circle and free space is in the middle */
-        memcpy( buf->buffer + buf->start + buf->content_length - buf->capacity,
-                input, input_len );
-    }
-
-    buf->content_length += input_len;
-    return input_len;
-}
-
-/*
- * Gets \p output_len bytes from the ring buffer \p buf into the
- * \p output buffer. The output buffer can be NULL, in this case a part of the
- * ring buffer will be dropped, if the requested length is available.
- *
- * \p buf must have been initialized and set up by calling
- * `mbedtls_test_buffer_init()` and `mbedtls_test_buffer_setup()`.
- *
- * \retval  \p output_len, if the data is available.
- * \retval  0 <= value < \p output_len, if the data is not available.
- * \retval  -1, if \buf is NULL or it hasn't been set up.
- */
-int mbedtls_test_buffer_get( mbedtls_test_buffer *buf,
-                             unsigned char* output, size_t output_len )
-{
-    size_t overflow = 0;
-
-    if( ( buf == NULL ) || ( buf->buffer == NULL ) )
-        return -1;
-
-    if( output == NULL && output_len == 0 )
-        return 0;
-
-    if( buf->content_length < output_len )
-        output_len = buf->content_length;
-
-    /* Calculate the number of bytes that need to be drawn from lower memory
-     * address */
-    if( buf->start + output_len > buf->capacity )
-    {
-        overflow = ( buf->start + output_len ) % buf->capacity;
-    }
-
-    if( output != NULL )
-    {
-        memcpy( output, buf->buffer + buf->start, output_len - overflow );
-        memcpy( output + output_len - overflow, buf->buffer, overflow );
-    }
-
-    buf->content_length -= output_len;
-    buf->start = ( buf->start + output_len ) % buf->capacity;
-
-    return output_len;
-}
-
-/*
- * Errors used in the message transport mock tests
- */
- #define MBEDTLS_TEST_ERROR_ARG_NULL -11
- #define MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED -44
-
-/*
- * Context for a message metadata queue (fifo) that is on top of the ring buffer.
- */
-typedef struct mbedtls_test_message_queue
-{
-    size_t *messages;
-    int pos;
-    int num;
-    int capacity;
-} mbedtls_test_message_queue;
-
-/*
- * Setup and free functions for the message metadata queue.
- *
- * \p capacity describes the number of message metadata chunks that can be held
- *    within the queue.
- *
- * \retval  0, if a metadata queue of a given length can be allocated.
- * \retval  MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation failed.
- */
-int mbedtls_test_message_queue_setup( mbedtls_test_message_queue *queue,
-                                      size_t capacity )
-{
-    queue->messages = (size_t*) mbedtls_calloc( capacity, sizeof(size_t) );
-    if( NULL == queue->messages )
-        return MBEDTLS_ERR_SSL_ALLOC_FAILED;
-
-    queue->capacity = capacity;
-    queue->pos = 0;
-    queue->num = 0;
-
-    return 0;
-}
-
-void mbedtls_test_message_queue_free( mbedtls_test_message_queue *queue )
-{
-    if( queue == NULL )
-        return;
-
-    if( queue->messages != NULL )
-        mbedtls_free( queue->messages );
-
-    memset( queue, 0, sizeof( *queue ) );
-}
-
-/*
- * Push message length information onto the message metadata queue.
- * This will become the last element to leave it (fifo).
- *
- * \retval  MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null.
- * \retval  MBEDTLS_ERR_SSL_WANT_WRITE, if the queue is full.
- * \retval  \p len, if the push was successful.
- */
-int mbedtls_test_message_queue_push_info( mbedtls_test_message_queue *queue,
-                                          size_t len )
-{
-    int place;
-    if( queue == NULL )
-        return MBEDTLS_TEST_ERROR_ARG_NULL;
-
-    if( queue->num >= queue->capacity )
-        return MBEDTLS_ERR_SSL_WANT_WRITE;
-
-    place = ( queue->pos + queue->num ) % queue->capacity;
-    queue->messages[place] = len;
-    queue->num++;
-    return len;
-}
-
-/*
- * Pop information about the next message length from the queue. This will be
- * the oldest inserted message length(fifo). \p msg_len can be null, in which
- * case the data will be popped from the queue but not copied anywhere.
- *
- * \retval  MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null.
- * \retval  MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty.
- * \retval  message length, if the pop was successful, up to the given
-            \p buf_len.
- */
-int mbedtls_test_message_queue_pop_info( mbedtls_test_message_queue *queue,
-                                         size_t buf_len )
-{
-    size_t message_length;
-    if( queue == NULL )
-        return MBEDTLS_TEST_ERROR_ARG_NULL;
-    if( queue->num == 0 )
-        return MBEDTLS_ERR_SSL_WANT_READ;
-
-    message_length = queue->messages[queue->pos];
-    queue->messages[queue->pos] = 0;
-    queue->num--;
-    queue->pos++;
-    queue->pos %= queue->capacity;
-    if( queue->pos < 0 )
-        queue->pos += queue->capacity;
-
-    return ( message_length > buf_len ) ? buf_len : message_length;
-}
-
-/*
- * Take a peek on the info about the next message length from the queue.
- * This will be the oldest inserted message length(fifo).
- *
- * \retval  MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null.
- * \retval  MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty.
- * \retval  0, if the peek was successful.
- * \retval  MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED, if the given buffer length is
- *          too small to fit the message. In this case the \p msg_len will be
- *          set to the full message length so that the
- *          caller knows what portion of the message can be dropped.
- */
-int mbedtls_test_message_queue_peek_info( mbedtls_test_message_queue *queue,
-                                          size_t buf_len, size_t* msg_len )
-{
-    if( queue == NULL || msg_len == NULL )
-        return MBEDTLS_TEST_ERROR_ARG_NULL;
-    if( queue->num == 0 )
-        return MBEDTLS_ERR_SSL_WANT_READ;
-
-    *msg_len = queue->messages[queue->pos];
-    return ( *msg_len > buf_len ) ? MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED : 0;
-}
-/*
- * Context for the I/O callbacks simulating network connection.
- */
-
-#define MBEDTLS_MOCK_SOCKET_CONNECTED 1
-
-typedef struct mbedtls_mock_socket
-{
-    int status;
-    mbedtls_test_buffer *input;
-    mbedtls_test_buffer *output;
-    struct mbedtls_mock_socket *peer;
-} mbedtls_mock_socket;
-
-/*
- * Setup and teardown functions for mock sockets.
- */
-void mbedtls_mock_socket_init( mbedtls_mock_socket *socket )
-{
-    memset( socket, 0, sizeof( *socket ) );
-}
-
-/*
- * Closes the socket \p socket.
- *
- * \p socket must have been previously initialized by calling
- * mbedtls_mock_socket_init().
- *
- * This function frees all allocated resources and both sockets are aware of the
- * new connection state.
- *
- * That is, this function does not simulate half-open TCP connections and the
- * phenomenon that when closing a UDP connection the peer is not aware of the
- * connection having been closed.
- */
-void mbedtls_mock_socket_close( mbedtls_mock_socket* socket )
-{
-    if( socket == NULL )
-        return;
-
-    if( socket->input != NULL )
-    {
-        mbedtls_test_buffer_free( socket->input );
-        mbedtls_free( socket->input );
-    }
-
-    if( socket->output != NULL )
-    {
-        mbedtls_test_buffer_free( socket->output );
-        mbedtls_free( socket->output );
-    }
-
-    if( socket->peer != NULL )
-        memset( socket->peer, 0, sizeof( *socket->peer ) );
-
-    memset( socket, 0, sizeof( *socket ) );
-}
-
-/*
- * Establishes a connection between \p peer1 and \p peer2.
- *
- * \p peer1 and \p peer2 must have been previously initialized by calling
- * mbedtls_mock_socket_init().
- *
- * The capacites of the internal buffers are set to \p bufsize. Setting this to
- * the correct value allows for simulation of MTU, sanity testing the mock
- * implementation and mocking TCP connections with lower memory cost.
- */
-int mbedtls_mock_socket_connect( mbedtls_mock_socket* peer1,
-                                 mbedtls_mock_socket* peer2,
-                                 size_t bufsize )
-{
-    int ret = -1;
-
-    peer1->output =
-        (mbedtls_test_buffer*) mbedtls_calloc( 1, sizeof(mbedtls_test_buffer) );
-    if( peer1->output == NULL )
-    {
-        ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
-        goto exit;
-    }
-    mbedtls_test_buffer_init( peer1->output );
-    if( 0 != ( ret = mbedtls_test_buffer_setup( peer1->output, bufsize ) ) )
-    {
-        goto exit;
-    }
-
-    peer2->output =
-        (mbedtls_test_buffer*) mbedtls_calloc( 1, sizeof(mbedtls_test_buffer) );
-    if( peer2->output == NULL )
-    {
-        ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
-        goto exit;
-    }
-    mbedtls_test_buffer_init( peer2->output );
-    if( 0 != ( ret = mbedtls_test_buffer_setup( peer2->output, bufsize ) ) )
-    {
-        goto exit;
-    }
-
-    peer1->peer = peer2;
-    peer2->peer = peer1;
-    peer1->input = peer2->output;
-    peer2->input = peer1->output;
-
-    peer1->status = peer2->status = MBEDTLS_MOCK_SOCKET_CONNECTED;
-    ret = 0;
-
-exit:
-
-    if( ret != 0 )
-    {
-        mbedtls_mock_socket_close( peer1 );
-        mbedtls_mock_socket_close( peer2 );
-    }
-
-    return ret;
-}
-
-/*
- * Callbacks for simulating blocking I/O over connection-oriented transport.
- */
-
-int mbedtls_mock_tcp_send_b( void *ctx, const unsigned char *buf, size_t len )
-{
-    mbedtls_mock_socket *socket = (mbedtls_mock_socket*) ctx;
-
-    if( socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED )
-        return -1;
-
-    return mbedtls_test_buffer_put( socket->output, buf, len );
-}
-
-int mbedtls_mock_tcp_recv_b( void *ctx, unsigned char *buf, size_t len )
-{
-    mbedtls_mock_socket *socket = (mbedtls_mock_socket*) ctx;
-
-    if( socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED )
-        return -1;
-
-    return mbedtls_test_buffer_get( socket->input, buf, len );
-}
-
-/*
- * Callbacks for simulating non-blocking I/O over connection-oriented transport.
- */
-
-int mbedtls_mock_tcp_send_nb( void *ctx, const unsigned char *buf, size_t len )
-{
-    mbedtls_mock_socket *socket = (mbedtls_mock_socket*) ctx;
-
-    if( socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED )
-        return -1;
-
-    if( socket->output->capacity == socket->output->content_length )
-    {
-        return MBEDTLS_ERR_SSL_WANT_WRITE;
-    }
-
-    return mbedtls_test_buffer_put( socket->output, buf, len );
-}
-
-int mbedtls_mock_tcp_recv_nb( void *ctx, unsigned char *buf, size_t len )
-{
-    mbedtls_mock_socket *socket = (mbedtls_mock_socket*) ctx;
-
-    if( socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED )
-        return -1;
-
-    if( socket->input->content_length == 0 )
-    {
-        return MBEDTLS_ERR_SSL_WANT_READ;
-    }
-
-    return mbedtls_test_buffer_get( socket->input, buf, len );
-}
-
-/* Errors used in the message socket mocks */
-
-#define MBEDTLS_TEST_ERROR_CONTEXT_ERROR -55
-#define MBEDTLS_TEST_ERROR_SEND_FAILED -66
-#define MBEDTLS_TEST_ERROR_RECV_FAILED -77
-
-/*
- * Structure used as an addon, or a wrapper, around the mocked sockets.
- * Contains an input queue, to which the other socket pushes metadata,
- * and an output queue, to which this one pushes metadata. This context is
- * considered as an owner of the input queue only, which is initialized and
- * freed in the respective setup and free calls.
- */
-typedef struct mbedtls_test_message_socket_context
-{
-    mbedtls_test_message_queue* queue_input;
-    mbedtls_test_message_queue* queue_output;
-    mbedtls_mock_socket* socket;
-} mbedtls_test_message_socket_context;
-
-void mbedtls_message_socket_init( mbedtls_test_message_socket_context *ctx )
-{
-    ctx->queue_input = NULL;
-    ctx->queue_output = NULL;
-    ctx->socket = NULL;
-}
-
-/*
- * Setup a given mesasge socket context including initialization of
- * input/output queues to a chosen capacity of messages. Also set the
- * corresponding mock socket.
- *
- * \retval  0, if everything succeeds.
- * \retval  MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation of a message
- *          queue failed.
- */
-int mbedtls_message_socket_setup( mbedtls_test_message_queue* queue_input,
-                                  mbedtls_test_message_queue* queue_output,
-                                  size_t queue_capacity,
-                                  mbedtls_mock_socket* socket,
-                                  mbedtls_test_message_socket_context* ctx )
-{
-    int ret = mbedtls_test_message_queue_setup( queue_input, queue_capacity );
-    if( ret != 0 )
-        return ret;
-    ctx->queue_input = queue_input;
-    ctx->queue_output = queue_output;
-    ctx->socket = socket;
-    mbedtls_mock_socket_init( socket );
-
-    return 0;
-}
-
-/*
- * Close a given message socket context, along with the socket itself. Free the
- * memory allocated by the input queue.
- */
-void mbedtls_message_socket_close( mbedtls_test_message_socket_context* ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_test_message_queue_free( ctx->queue_input );
-    mbedtls_mock_socket_close( ctx->socket );
-    memset( ctx, 0, sizeof( *ctx ) );
-}
-
-/*
- * Send one message through a given message socket context.
- *
- * \retval  \p len, if everything succeeds.
- * \retval  MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context
- *          elements or the context itself is null.
- * \retval  MBEDTLS_TEST_ERROR_SEND_FAILED if mbedtls_mock_tcp_send_b failed.
- * \retval  MBEDTLS_ERR_SSL_WANT_WRITE, if the output queue is full.
- *
- * This function will also return any error from
- * mbedtls_test_message_queue_push_info.
- */
-int mbedtls_mock_tcp_send_msg( void *ctx, const unsigned char *buf, size_t len )
-{
-    mbedtls_test_message_queue* queue;
-    mbedtls_mock_socket* socket;
-    mbedtls_test_message_socket_context *context = (mbedtls_test_message_socket_context*) ctx;
-
-    if( context == NULL || context->socket == NULL
-        || context->queue_output == NULL )
-    {
-        return MBEDTLS_TEST_ERROR_CONTEXT_ERROR;
-    }
-
-    queue = context->queue_output;
-    socket = context->socket;
-
-    if( queue->num >= queue->capacity )
-        return MBEDTLS_ERR_SSL_WANT_WRITE;
-
-    if( mbedtls_mock_tcp_send_b( socket, buf, len ) != (int) len )
-        return MBEDTLS_TEST_ERROR_SEND_FAILED;
-
-    return mbedtls_test_message_queue_push_info( queue, len );
-}
-
-/*
- * Receive one message from a given message socket context and return message
- * length or an error.
- *
- * \retval  message length, if everything succeeds.
- * \retval  MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context
- *          elements or the context itself is null.
- * \retval  MBEDTLS_TEST_ERROR_RECV_FAILED if mbedtls_mock_tcp_recv_b failed.
- *
- * This function will also return any error other than
- * MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED from mbedtls_test_message_queue_peek_info.
- */
-int mbedtls_mock_tcp_recv_msg( void *ctx, unsigned char *buf, size_t buf_len )
-{
-    mbedtls_test_message_queue* queue;
-    mbedtls_mock_socket* socket;
-    mbedtls_test_message_socket_context *context = (mbedtls_test_message_socket_context*) ctx;
-    size_t drop_len = 0;
-    size_t msg_len;
-    int ret;
-
-    if( context == NULL || context->socket == NULL
-        || context->queue_input == NULL )
-    {
-        return MBEDTLS_TEST_ERROR_CONTEXT_ERROR;
-    }
-
-    queue = context->queue_input;
-    socket = context->socket;
-
-    /* Peek first, so that in case of a socket error the data remains in
-     * the queue. */
-    ret = mbedtls_test_message_queue_peek_info( queue, buf_len, &msg_len );
-    if( ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED )
-    {
-        /* Calculate how much to drop */
-        drop_len = msg_len - buf_len;
-
-        /* Set the requested message len to be buffer length */
-        msg_len = buf_len;
-    } else if( ret != 0 )
-    {
-        return ret;
-    }
-
-    if( mbedtls_mock_tcp_recv_b( socket, buf, msg_len ) != (int) msg_len )
-        return MBEDTLS_TEST_ERROR_RECV_FAILED;
-
-    if( ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED )
-    {
-        /* Drop the remaining part of the message */
-        if( mbedtls_mock_tcp_recv_b( socket, NULL, drop_len ) != (int) drop_len )
-        {
-          /* Inconsistent state - part of the message was read,
-           * and a part couldn't. Not much we can do here, but it should not
-           * happen in test environment, unless forced manually. */
-        }
-    }
-    mbedtls_test_message_queue_pop_info( queue, buf_len );
-
-    return msg_len;
-}
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
-    defined(MBEDTLS_ENTROPY_C) && \
-    defined(MBEDTLS_CTR_DRBG_C)
-
-/*
- * Structure with endpoint's certificates for SSL communication tests.
- */
-typedef struct mbedtls_endpoint_certificate
-{
-    mbedtls_x509_crt ca_cert;
-    mbedtls_x509_crt cert;
-    mbedtls_pk_context pkey;
-} mbedtls_endpoint_certificate;
-
-/*
- * Endpoint structure for SSL communication tests.
- */
-typedef struct mbedtls_endpoint
-{
-    const char *name;
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_entropy_context entropy;
-    mbedtls_mock_socket socket;
-    mbedtls_endpoint_certificate cert;
-} mbedtls_endpoint;
-
-/*
- * Initializes \p ep_cert structure and assigns it to endpoint
- * represented by \p ep.
- *
- * \retval  0 on success, otherwise error code.
- */
-int mbedtls_endpoint_certificate_init( mbedtls_endpoint *ep, int pk_alg )
-{
-    int i = 0;
-    int ret = -1;
-    mbedtls_endpoint_certificate *cert;
-
-    if( ep == NULL )
-    {
-        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
-    }
-
-    cert = &( ep->cert );
-    mbedtls_x509_crt_init( &( cert->ca_cert ) );
-    mbedtls_x509_crt_init( &( cert->cert ) );
-    mbedtls_pk_init( &( cert->pkey ) );
-
-    /* Load the trusted CA */
-
-    for( i = 0; mbedtls_test_cas_der[i] != NULL; i++ )
-    {
-        ret = mbedtls_x509_crt_parse_der( &( cert->ca_cert ),
-                        (const unsigned char *) mbedtls_test_cas_der[i],
-                        mbedtls_test_cas_der_len[i] );
-        TEST_ASSERT( ret == 0 );
-    }
-
-    /* Load own certificate and private key */
-
-    if( ep->conf.endpoint == MBEDTLS_SSL_IS_SERVER )
-    {
-        if( pk_alg == MBEDTLS_PK_RSA )
-        {
-            ret = mbedtls_x509_crt_parse( &( cert->cert ),
-                    (const unsigned char*) mbedtls_test_srv_crt_rsa_sha256_der,
-                    mbedtls_test_srv_crt_rsa_sha256_der_len );
-            TEST_ASSERT( ret == 0 );
-
-            ret = mbedtls_pk_parse_key( &( cert->pkey ),
-                            (const unsigned char*) mbedtls_test_srv_key_rsa_der,
-                            mbedtls_test_srv_key_rsa_der_len, NULL, 0 );
-            TEST_ASSERT( ret == 0 );
-        }
-        else
-        {
-            ret = mbedtls_x509_crt_parse( &( cert->cert ),
-                            (const unsigned char*) mbedtls_test_srv_crt_ec_der,
-                            mbedtls_test_srv_crt_ec_der_len );
-            TEST_ASSERT( ret == 0 );
-
-            ret = mbedtls_pk_parse_key( &( cert->pkey ),
-                            (const unsigned char*) mbedtls_test_srv_key_ec_der,
-                            mbedtls_test_srv_key_ec_der_len, NULL, 0 );
-            TEST_ASSERT( ret == 0 );
-        }
-    }
-    else
-    {
-        if( pk_alg == MBEDTLS_PK_RSA )
-        {
-            ret = mbedtls_x509_crt_parse( &( cert->cert ),
-                          (const unsigned char *) mbedtls_test_cli_crt_rsa_der,
-                          mbedtls_test_cli_crt_rsa_der_len );
-            TEST_ASSERT( ret == 0 );
-
-            ret = mbedtls_pk_parse_key( &( cert->pkey ),
-                          (const unsigned char *) mbedtls_test_cli_key_rsa_der,
-                          mbedtls_test_cli_key_rsa_der_len, NULL, 0 );
-            TEST_ASSERT( ret == 0 );
-        }
-        else
-        {
-            ret = mbedtls_x509_crt_parse( &( cert->cert ),
-                          (const unsigned char *) mbedtls_test_cli_crt_ec_der,
-                          mbedtls_test_cli_crt_ec_len );
-            TEST_ASSERT( ret == 0 );
-
-            ret = mbedtls_pk_parse_key( &( cert->pkey ),
-                          (const unsigned char *) mbedtls_test_cli_key_ec_der,
-                          mbedtls_test_cli_key_ec_der_len, NULL, 0 );
-            TEST_ASSERT( ret == 0 );
-        }
-    }
-
-    mbedtls_ssl_conf_ca_chain( &( ep->conf ), &( cert->ca_cert ), NULL );
-
-    ret = mbedtls_ssl_conf_own_cert( &( ep->conf ), &( cert->cert ),
-                                     &( cert->pkey ) );
-    TEST_ASSERT( ret == 0 );
-
-exit:
-    if( ret != 0 )
-    {
-        mbedtls_x509_crt_free( &( cert->ca_cert ) );
-        mbedtls_x509_crt_free( &( cert->cert ) );
-        mbedtls_pk_free( &( cert->pkey ) );
-    }
-
-    return ret;
-}
-
-/*
- * Initializes \p ep structure. It is important to call `mbedtls_endpoint_free()`
- * after calling this function even if it fails.
- *
- * \p endpoint_type must be set as MBEDTLS_SSL_IS_SERVER or
- * MBEDTLS_SSL_IS_CLIENT.
- * \p pk_alg the algorithm to use, currently only MBEDTLS_PK_RSA and
- * MBEDTLS_PK_ECDSA are supported.
- * \p dtls_context - in case of DTLS - this is the context handling metadata.
- * \p input_queue - used only in case of DTLS.
- * \p output_queue - used only in case of DTLS.
- *
- * \retval  0 on success, otherwise error code.
- */
-int mbedtls_endpoint_init( mbedtls_endpoint *ep, int endpoint_type, int pk_alg,
-                           mbedtls_test_message_socket_context *dtls_context,
-                           mbedtls_test_message_queue *input_queue,
-                           mbedtls_test_message_queue *output_queue )
-{
-    int ret = -1;
-
-    if( dtls_context != NULL && ( input_queue == NULL || output_queue == NULL ) )
-        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
-
-    if( ep == NULL )
-        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
-
-    memset( ep, 0, sizeof( *ep ) );
-
-    ep->name = ( endpoint_type == MBEDTLS_SSL_IS_SERVER ) ? "Server" : "Client";
-
-    mbedtls_ssl_init( &( ep->ssl ) );
-    mbedtls_ssl_config_init( &( ep->conf ) );
-    mbedtls_ctr_drbg_init( &( ep->ctr_drbg ) );
-    mbedtls_ssl_conf_rng( &( ep->conf ),
-        mbedtls_ctr_drbg_random,
-        &( ep->ctr_drbg ) );
-    mbedtls_entropy_init( &( ep->entropy ) );
-    if( dtls_context != NULL )
-    {
-        TEST_ASSERT( mbedtls_message_socket_setup( input_queue, output_queue,
-                                                   100, &( ep->socket ),
-                                                   dtls_context ) == 0 );
-    }
-    else
-    {
-        mbedtls_mock_socket_init( &( ep->socket ) );
-    }
-
-    ret = mbedtls_ctr_drbg_seed( &( ep->ctr_drbg ), mbedtls_entropy_func,
-                    &( ep->entropy ), (const unsigned char *) ( ep->name ),
-                    strlen( ep->name ) );
-    TEST_ASSERT( ret == 0 );
-
-    /* Non-blocking callbacks without timeout */
-    if( dtls_context != NULL )
-    {
-        mbedtls_ssl_set_bio( &( ep->ssl ), dtls_context,
-            mbedtls_mock_tcp_send_msg,
-            mbedtls_mock_tcp_recv_msg,
-            NULL );
-    }
-    else
-    {
-        mbedtls_ssl_set_bio( &( ep->ssl ), &( ep->socket ),
-            mbedtls_mock_tcp_send_nb,
-            mbedtls_mock_tcp_recv_nb,
-            NULL );
-    }
-
-    ret = mbedtls_ssl_config_defaults( &( ep->conf ), endpoint_type,
-                                       ( dtls_context != NULL ) ?
-                                           MBEDTLS_SSL_TRANSPORT_DATAGRAM :
-                                           MBEDTLS_SSL_TRANSPORT_STREAM,
-                                       MBEDTLS_SSL_PRESET_DEFAULT );
-    TEST_ASSERT( ret == 0 );
-
-    ret = mbedtls_ssl_setup( &( ep->ssl ), &( ep->conf ) );
-    TEST_ASSERT( ret == 0 );
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_SSL_SRV_C)
-    if( endpoint_type == MBEDTLS_SSL_IS_SERVER && dtls_context != NULL )
-         mbedtls_ssl_conf_dtls_cookies( &( ep->conf ), NULL, NULL, NULL );
-#endif
-
-    ret = mbedtls_endpoint_certificate_init( ep, pk_alg );
-    TEST_ASSERT( ret == 0 );
-
-exit:
-    return ret;
-}
-
-/*
- * Deinitializes certificates from endpoint represented by \p ep.
- */
-void mbedtls_endpoint_certificate_free( mbedtls_endpoint *ep )
-{
-    mbedtls_endpoint_certificate *cert = &( ep->cert );
-    mbedtls_x509_crt_free( &( cert->ca_cert ) );
-    mbedtls_x509_crt_free( &( cert->cert ) );
-    mbedtls_pk_free( &( cert->pkey ) );
-}
-
-/*
- * Deinitializes endpoint represented by \p ep.
- */
-void mbedtls_endpoint_free( mbedtls_endpoint *ep,
-                            mbedtls_test_message_socket_context *context )
-{
-    mbedtls_endpoint_certificate_free( ep );
-
-    mbedtls_ssl_free( &( ep->ssl ) );
-    mbedtls_ssl_config_free( &( ep->conf ) );
-    mbedtls_ctr_drbg_free( &( ep->ctr_drbg ) );
-    mbedtls_entropy_free( &( ep->entropy ) );
-
-    if( context != NULL )
-    {
-        mbedtls_message_socket_close( context );
-    }
-    else
-    {
-        mbedtls_mock_socket_close( &( ep->socket ) );
-    }
-}
-
-/*
- * This function moves ssl handshake from \p ssl to prescribed \p state.
- * /p second_ssl is used as second endpoint and their sockets have to be
- * connected before calling this function.
- *
- * \retval  0 on success, otherwise error code.
- */
-int mbedtls_move_handshake_to_state( mbedtls_ssl_context *ssl,
-                                     mbedtls_ssl_context *second_ssl,
-                                     int state )
-{
-    enum { BUFFSIZE = 1024 };
-    int max_steps = 1000;
-    int ret = 0;
-
-    if( ssl == NULL || second_ssl == NULL )
-    {
-        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
-    }
-
-    /* Perform communication via connected sockets */
-    while( ( ssl->state != state ) && ( --max_steps >= 0 ) )
-    {
-        /* If /p second_ssl ends the handshake procedure before /p ssl then
-         * there is no need to call the next step */
-        if( second_ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
-        {
-            ret = mbedtls_ssl_handshake_step( second_ssl );
-            if( ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ &&
-                            ret != MBEDTLS_ERR_SSL_WANT_WRITE )
-            {
-                return ret;
-            }
-        }
-
-        /* We only care about the \p ssl state and returns, so we call it last,
-         * to leave the iteration as soon as the state is as expected. */
-        ret = mbedtls_ssl_handshake_step( ssl );
-        if( ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ &&
-                        ret != MBEDTLS_ERR_SSL_WANT_WRITE )
-        {
-            return ret;
-        }
-    }
-
-    return ( max_steps >= 0 ) ? ret : -1;
-}
-
-#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
-
-/*
- * Write application data. Increase write counter if necessary.
- */
-int mbedtls_ssl_write_fragment( mbedtls_ssl_context *ssl, unsigned char *buf,
-                                int buf_len, int *written,
-                                const int expected_fragments )
-{
-    int ret = mbedtls_ssl_write( ssl, buf + *written, buf_len - *written );
-    if( ret > 0 )
-    {
-        *written += ret;
-    }
-
-    if( expected_fragments == 0 )
-    {
-        /* Used for DTLS and the message size larger than MFL. In that case
-         * the message can not be fragmented and the library should return
-         * MBEDTLS_ERR_SSL_BAD_INPUT_DATA error. This error must be returned
-         * to prevent a dead loop inside mbedtls_exchange_data(). */
-        return ret;
-    }
-    else if( expected_fragments == 1 )
-    {
-        /* Used for TLS/DTLS and the message size lower than MFL */
-        TEST_ASSERT( ret == buf_len ||
-                     ret == MBEDTLS_ERR_SSL_WANT_READ ||
-                     ret == MBEDTLS_ERR_SSL_WANT_WRITE );
-    }
-    else
-    {
-        /* Used for TLS and the message size larger than MFL */
-        TEST_ASSERT( expected_fragments > 1 );
-        TEST_ASSERT( ( ret >= 0 && ret <= buf_len ) ||
-                       ret == MBEDTLS_ERR_SSL_WANT_READ ||
-                       ret == MBEDTLS_ERR_SSL_WANT_WRITE );
-    }
-
-    return 0;
-
-exit:
-    /* Some of the tests failed */
-    return -1;
-}
-
-/*
- * Read application data and increase read counter and fragments counter if necessary.
- */
-int mbedtls_ssl_read_fragment( mbedtls_ssl_context *ssl, unsigned char *buf,
-                               int buf_len, int *read,
-                               int *fragments, const int expected_fragments )
-{
-    int ret = mbedtls_ssl_read( ssl, buf + *read, buf_len - *read );
-    if( ret > 0 )
-    {
-        ( *fragments )++;
-        *read += ret;
-    }
-
-    if( expected_fragments == 0 )
-    {
-        TEST_ASSERT( ret == 0 );
-    }
-    else if( expected_fragments == 1 )
-    {
-        TEST_ASSERT( ret == buf_len ||
-                     ret == MBEDTLS_ERR_SSL_WANT_READ ||
-                     ret == MBEDTLS_ERR_SSL_WANT_WRITE );
-    }
-    else
-    {
-        TEST_ASSERT( expected_fragments > 1 );
-        TEST_ASSERT( ( ret >= 0 && ret <= buf_len ) ||
-                       ret == MBEDTLS_ERR_SSL_WANT_READ ||
-                       ret == MBEDTLS_ERR_SSL_WANT_WRITE );
-    }
-
-    return 0;
-
-exit:
-    /* Some of the tests failed */
-    return -1;
-}
-
-/*
- * Helper function setting up inverse record transformations
- * using given cipher, hash, EtM mode, authentication tag length,
- * and version.
- */
-
-#define CHK( x )                                \
-    do                                          \
-    {                                           \
-        if( !( x ) )                            \
-        {                                       \
-            ret = -1;                           \
-            goto cleanup;                       \
-        }                                       \
-    } while( 0 )
-
-void set_ciphersuite( mbedtls_ssl_config *conf, const char *cipher,
-                      int* forced_ciphersuite )
-{
-    const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
-    forced_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( cipher );
-    forced_ciphersuite[1] = 0;
-
-    ciphersuite_info =
-        mbedtls_ssl_ciphersuite_from_id( forced_ciphersuite[0] );
-
-    TEST_ASSERT( ciphersuite_info != NULL );
-    TEST_ASSERT( ciphersuite_info->min_minor_ver <= conf->max_minor_ver );
-    TEST_ASSERT( ciphersuite_info->max_minor_ver >= conf->min_minor_ver );
-
-    if( conf->max_minor_ver > ciphersuite_info->max_minor_ver )
-    {
-        conf->max_minor_ver = ciphersuite_info->max_minor_ver;
-    }
-    if( conf->min_minor_ver < ciphersuite_info->min_minor_ver )
-    {
-        conf->min_minor_ver = ciphersuite_info->min_minor_ver;
-    }
-
-    mbedtls_ssl_conf_ciphersuites( conf, forced_ciphersuite );
-
-exit:
-    return;
-}
-
-int psk_dummy_callback( void *p_info, mbedtls_ssl_context *ssl,
-                  const unsigned char *name, size_t name_len )
-{
-    (void) p_info;
-    (void) ssl;
-    (void) name;
-    (void) name_len;
-
-    return ( 0 );
-}
-
-#if MBEDTLS_SSL_CID_OUT_LEN_MAX > MBEDTLS_SSL_CID_IN_LEN_MAX
-#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_IN_LEN_MAX
-#else
-#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_OUT_LEN_MAX
-#endif
-
-static int build_transforms( mbedtls_ssl_transform *t_in,
-                             mbedtls_ssl_transform *t_out,
-                             int cipher_type, int hash_id,
-                             int etm, int tag_mode, int ver,
-                             size_t cid0_len,
-                             size_t cid1_len )
-{
-    mbedtls_cipher_info_t const *cipher_info;
-    int ret = 0;
-
-    size_t keylen, maclen, ivlen;
-    unsigned char *key0 = NULL, *key1 = NULL;
-    unsigned char *md0 = NULL, *md1 = NULL;
-    unsigned char iv_enc[16], iv_dec[16];
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    unsigned char cid0[ SSL_CID_LEN_MIN ];
-    unsigned char cid1[ SSL_CID_LEN_MIN ];
-
-    mbedtls_test_rnd_std_rand( NULL, cid0, sizeof( cid0 ) );
-    mbedtls_test_rnd_std_rand( NULL, cid1, sizeof( cid1 ) );
-#else
-    ((void) cid0_len);
-    ((void) cid1_len);
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-    maclen = 0;
-
-    /* Pick cipher */
-    cipher_info = mbedtls_cipher_info_from_type( cipher_type );
-    CHK( cipher_info != NULL );
-    CHK( cipher_info->iv_size <= 16 );
-    CHK( cipher_info->key_bitlen % 8 == 0 );
-
-    /* Pick keys */
-    keylen = cipher_info->key_bitlen / 8;
-    /* Allocate `keylen + 1` bytes to ensure that we get
-     * a non-NULL pointers from `mbedtls_calloc` even if
-     * `keylen == 0` in the case of the NULL cipher. */
-    CHK( ( key0 = mbedtls_calloc( 1, keylen + 1 ) ) != NULL );
-    CHK( ( key1 = mbedtls_calloc( 1, keylen + 1 ) ) != NULL );
-    memset( key0, 0x1, keylen );
-    memset( key1, 0x2, keylen );
-
-    /* Setup cipher contexts */
-    CHK( mbedtls_cipher_setup( &t_in->cipher_ctx_enc,  cipher_info ) == 0 );
-    CHK( mbedtls_cipher_setup( &t_in->cipher_ctx_dec,  cipher_info ) == 0 );
-    CHK( mbedtls_cipher_setup( &t_out->cipher_ctx_enc, cipher_info ) == 0 );
-    CHK( mbedtls_cipher_setup( &t_out->cipher_ctx_dec, cipher_info ) == 0 );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-    if( cipher_info->mode == MBEDTLS_MODE_CBC )
-    {
-        CHK( mbedtls_cipher_set_padding_mode( &t_in->cipher_ctx_enc,
-                                              MBEDTLS_PADDING_NONE ) == 0 );
-        CHK( mbedtls_cipher_set_padding_mode( &t_in->cipher_ctx_dec,
-                                              MBEDTLS_PADDING_NONE ) == 0 );
-        CHK( mbedtls_cipher_set_padding_mode( &t_out->cipher_ctx_enc,
-                                              MBEDTLS_PADDING_NONE ) == 0 );
-        CHK( mbedtls_cipher_set_padding_mode( &t_out->cipher_ctx_dec,
-                                              MBEDTLS_PADDING_NONE ) == 0 );
-    }
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-    CHK( mbedtls_cipher_setkey( &t_in->cipher_ctx_enc, key0,
-                                keylen << 3, MBEDTLS_ENCRYPT ) == 0 );
-    CHK( mbedtls_cipher_setkey( &t_in->cipher_ctx_dec, key1,
-                                keylen << 3, MBEDTLS_DECRYPT ) == 0 );
-    CHK( mbedtls_cipher_setkey( &t_out->cipher_ctx_enc, key1,
-                                keylen << 3, MBEDTLS_ENCRYPT ) == 0 );
-    CHK( mbedtls_cipher_setkey( &t_out->cipher_ctx_dec, key0,
-                                keylen << 3, MBEDTLS_DECRYPT ) == 0 );
-
-    /* Setup MAC contexts */
-#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
-    if( cipher_info->mode == MBEDTLS_MODE_CBC ||
-        cipher_info->mode == MBEDTLS_MODE_STREAM )
-    {
-        mbedtls_md_info_t const *md_info;
-
-        /* Pick hash */
-        md_info = mbedtls_md_info_from_type( hash_id );
-        CHK( md_info != NULL );
-
-        /* Pick hash keys */
-        maclen = mbedtls_md_get_size( md_info );
-        CHK( ( md0 = mbedtls_calloc( 1, maclen ) ) != NULL );
-        CHK( ( md1 = mbedtls_calloc( 1, maclen ) ) != NULL );
-        memset( md0, 0x5, maclen );
-        memset( md1, 0x6, maclen );
-
-        CHK( mbedtls_md_setup( &t_out->md_ctx_enc, md_info, 1 ) == 0 );
-        CHK( mbedtls_md_setup( &t_out->md_ctx_dec, md_info, 1 ) == 0 );
-        CHK( mbedtls_md_setup( &t_in->md_ctx_enc,  md_info, 1 ) == 0 );
-        CHK( mbedtls_md_setup( &t_in->md_ctx_dec,  md_info, 1 ) == 0 );
-
-        if( ver > MBEDTLS_SSL_MINOR_VERSION_0 )
-        {
-            CHK( mbedtls_md_hmac_starts( &t_in->md_ctx_enc,
-                                         md0, maclen ) == 0 );
-            CHK( mbedtls_md_hmac_starts( &t_in->md_ctx_dec,
-                                         md1, maclen ) == 0 );
-            CHK( mbedtls_md_hmac_starts( &t_out->md_ctx_enc,
-                                         md1, maclen ) == 0 );
-            CHK( mbedtls_md_hmac_starts( &t_out->md_ctx_dec,
-                                         md0, maclen ) == 0 );
-        }
-#if defined(MBEDTLS_SSL_PROTO_SSL3)
-        else
-        {
-            memcpy( &t_in->mac_enc, md0, maclen );
-            memcpy( &t_in->mac_dec, md1, maclen );
-            memcpy( &t_out->mac_enc, md1, maclen );
-            memcpy( &t_out->mac_dec, md0, maclen );
-        }
-#endif
-    }
-#else
-    ((void) hash_id);
-#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
-
-
-    /* Pick IV's (regardless of whether they
-     * are being used by the transform). */
-    ivlen = cipher_info->iv_size;
-    memset( iv_enc, 0x3, sizeof( iv_enc ) );
-    memset( iv_dec, 0x4, sizeof( iv_dec ) );
-
-    /*
-     * Setup transforms
-     */
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \
-    defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
-    t_out->encrypt_then_mac = etm;
-    t_in->encrypt_then_mac = etm;
-#else
-    ((void) etm);
-#endif
-
-    t_out->minor_ver = ver;
-    t_in->minor_ver = ver;
-    t_out->ivlen = ivlen;
-    t_in->ivlen = ivlen;
-
-    switch( cipher_info->mode )
-    {
-        case MBEDTLS_MODE_GCM:
-        case MBEDTLS_MODE_CCM:
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
-            if( ver == MBEDTLS_SSL_MINOR_VERSION_4 )
-            {
-                t_out->fixed_ivlen = 12;
-                t_in->fixed_ivlen  = 12;
-            }
-            else
-#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-            {
-                t_out->fixed_ivlen = 4;
-                t_in->fixed_ivlen = 4;
-            }
-            t_out->maclen = 0;
-            t_in->maclen = 0;
-            switch( tag_mode )
-            {
-                case 0: /* Full tag */
-                    t_out->taglen = 16;
-                    t_in->taglen = 16;
-                    break;
-                case 1: /* Partial tag */
-                    t_out->taglen = 8;
-                    t_in->taglen = 8;
-                    break;
-                default:
-                    return( 1 );
-            }
-            break;
-
-        case MBEDTLS_MODE_CHACHAPOLY:
-            t_out->fixed_ivlen = 12;
-            t_in->fixed_ivlen = 12;
-            t_out->maclen = 0;
-            t_in->maclen = 0;
-            switch( tag_mode )
-            {
-                case 0: /* Full tag */
-                    t_out->taglen = 16;
-                    t_in->taglen = 16;
-                    break;
-                case 1: /* Partial tag */
-                    t_out->taglen = 8;
-                    t_in->taglen = 8;
-                    break;
-                default:
-                    return( 1 );
-            }
-            break;
-
-        case MBEDTLS_MODE_STREAM:
-        case MBEDTLS_MODE_CBC:
-            t_out->fixed_ivlen = 0; /* redundant, must be 0 */
-            t_in->fixed_ivlen = 0;  /* redundant, must be 0 */
-            t_out->taglen = 0;
-            t_in->taglen = 0;
-            switch( tag_mode )
-            {
-                case 0: /* Full tag */
-                    t_out->maclen = maclen;
-                    t_in->maclen = maclen;
-                    break;
-                case 1: /* Partial tag */
-                    t_out->maclen = 10;
-                    t_in->maclen = 10;
-                    break;
-                default:
-                    return( 1 );
-            }
-            break;
-        default:
-            return( 1 );
-            break;
-    }
-
-    /* Setup IV's */
-
-    memcpy( &t_in->iv_dec, iv_dec, sizeof( iv_dec ) );
-    memcpy( &t_in->iv_enc, iv_enc, sizeof( iv_enc ) );
-    memcpy( &t_out->iv_dec, iv_enc, sizeof( iv_enc ) );
-    memcpy( &t_out->iv_enc, iv_dec, sizeof( iv_dec ) );
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    /* Add CID */
-    memcpy( &t_in->in_cid,  cid0, cid0_len );
-    memcpy( &t_in->out_cid, cid1, cid1_len );
-    t_in->in_cid_len = cid0_len;
-    t_in->out_cid_len = cid1_len;
-    memcpy( &t_out->in_cid,  cid1, cid1_len );
-    memcpy( &t_out->out_cid, cid0, cid0_len );
-    t_out->in_cid_len = cid1_len;
-    t_out->out_cid_len = cid0_len;
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-cleanup:
-
-    mbedtls_free( key0 );
-    mbedtls_free( key1 );
-
-    mbedtls_free( md0 );
-    mbedtls_free( md1 );
-
-    return( ret );
-}
-
-/*
- * Populate a session structure for serialization tests.
- * Choose dummy values, mostly non-0 to distinguish from the init default.
- */
-static int ssl_populate_session( mbedtls_ssl_session *session,
-                                 int ticket_len,
-                                 const char *crt_file )
-{
-#if defined(MBEDTLS_HAVE_TIME)
-    session->start = mbedtls_time( NULL ) - 42;
-#endif
-    session->ciphersuite = 0xabcd;
-    session->compression = 1;
-    session->id_len = sizeof( session->id );
-    memset( session->id, 66, session->id_len );
-    memset( session->master, 17, sizeof( session->master ) );
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_FS_IO)
-    if( strlen( crt_file ) != 0 )
-    {
-        mbedtls_x509_crt tmp_crt;
-        int ret;
-
-        mbedtls_x509_crt_init( &tmp_crt );
-        ret = mbedtls_x509_crt_parse_file( &tmp_crt, crt_file );
-        if( ret != 0 )
-            return( ret );
-
-#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-        /* Move temporary CRT. */
-        session->peer_cert = mbedtls_calloc( 1, sizeof( *session->peer_cert ) );
-        if( session->peer_cert == NULL )
-            return( -1 );
-        *session->peer_cert = tmp_crt;
-        memset( &tmp_crt, 0, sizeof( tmp_crt ) );
-#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-        /* Calculate digest of temporary CRT. */
-        session->peer_cert_digest =
-            mbedtls_calloc( 1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN );
-        if( session->peer_cert_digest == NULL )
-            return( -1 );
-        ret = mbedtls_md( mbedtls_md_info_from_type(
-                              MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE ),
-                          tmp_crt.raw.p, tmp_crt.raw.len,
-                          session->peer_cert_digest );
-        if( ret != 0 )
-            return( ret );
-        session->peer_cert_digest_type =
-            MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE;
-        session->peer_cert_digest_len =
-            MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN;
-#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-
-        mbedtls_x509_crt_free( &tmp_crt );
-    }
-#else /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO */
-    (void) crt_file;
-#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO */
-    session->verify_result = 0xdeadbeef;
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
-    if( ticket_len != 0 )
-    {
-        session->ticket = mbedtls_calloc( 1, ticket_len );
-        if( session->ticket == NULL )
-            return( -1 );
-        memset( session->ticket, 33, ticket_len );
-    }
-    session->ticket_len = ticket_len;
-    session->ticket_lifetime = 86401;
-#else
-    (void) ticket_len;
-#endif
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-    session->mfl_code = 1;
-#endif
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-    session->trunc_hmac = 1;
-#endif
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-    session->encrypt_then_mac = 1;
-#endif
-
-    return( 0 );
-}
-
-/*
- * Perform data exchanging between \p ssl_1 and \p ssl_2 and check if the
- * message was sent in the correct number of fragments.
- *
- * /p ssl_1 and /p ssl_2    Endpoints represented by mbedtls_ssl_context. Both
- *                          of them must be initialized and connected beforehand.
- * /p msg_len_1 and /p msg_len_2 specify the size of the message to send.
- * /p expected_fragments_1 and /p expected_fragments_2 determine in how many
- *                          fragments the message should be sent.
- *      expected_fragments is 0: can be used for DTLS testing while the message
- *                          size is larger than MFL. In that case the message
- *                          cannot be fragmented and sent to the second endpoint.
- *                          This value can be used for negative tests.
- *      expected_fragments is 1: can be used for TLS/DTLS testing while the
- *                          message size is below MFL
- *      expected_fragments > 1: can be used for TLS testing while the message
- *                          size is larger than MFL
- *
- * \retval  0 on success, otherwise error code.
- */
-int mbedtls_exchange_data( mbedtls_ssl_context *ssl_1,
-                           int msg_len_1, const int expected_fragments_1,
-                           mbedtls_ssl_context *ssl_2,
-                           int msg_len_2, const int expected_fragments_2 )
-{
-    unsigned char *msg_buf_1 = malloc( msg_len_1 );
-    unsigned char *msg_buf_2 = malloc( msg_len_2 );
-    unsigned char *in_buf_1  = malloc( msg_len_2 );
-    unsigned char *in_buf_2  = malloc( msg_len_1 );
-    int msg_type, ret = -1;
-
-    /* Perform this test with two message types. At first use a message
-     * consisting of only 0x00 for the client and only 0xFF for the server.
-     * At the second time use message with generated data */
-    for( msg_type = 0; msg_type < 2; msg_type++ )
-    {
-        int written_1 = 0;
-        int written_2 = 0;
-        int read_1 = 0;
-        int read_2 = 0;
-        int fragments_1 = 0;
-        int fragments_2 = 0;
-
-        if( msg_type == 0 )
-        {
-            memset( msg_buf_1, 0x00, msg_len_1 );
-            memset( msg_buf_2, 0xff, msg_len_2 );
-        }
-        else
-        {
-            int i, j = 0;
-            for( i = 0; i < msg_len_1; i++ )
-            {
-                msg_buf_1[i] = j++ & 0xFF;
-            }
-            for( i = 0; i < msg_len_2; i++ )
-            {
-                msg_buf_2[i] = ( j -= 5 ) & 0xFF;
-            }
-        }
-
-        while( read_1 < msg_len_2 || read_2 < msg_len_1 )
-        {
-            /* ssl_1 sending */
-            if( msg_len_1 > written_1 )
-            {
-                ret = mbedtls_ssl_write_fragment( ssl_1, msg_buf_1,
-                                                  msg_len_1, &written_1,
-                                                  expected_fragments_1 );
-                if( expected_fragments_1 == 0 )
-                {
-                    /* This error is expected when the message is too large and
-                     * cannot be fragmented */
-                    TEST_ASSERT( ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-                    msg_len_1 = 0;
-                }
-                else
-                {
-                    TEST_ASSERT( ret == 0 );
-                }
-            }
-
-            /* ssl_2 sending */
-            if( msg_len_2 > written_2 )
-            {
-                ret = mbedtls_ssl_write_fragment( ssl_2, msg_buf_2,
-                                                  msg_len_2, &written_2,
-                                                  expected_fragments_2 );
-                if( expected_fragments_2 == 0 )
-                {
-                    /* This error is expected when the message is too large and
-                     * cannot be fragmented */
-                    TEST_ASSERT( ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-                    msg_len_2 = 0;
-                }
-                else
-                {
-                    TEST_ASSERT( ret == 0 );
-                }
-            }
-
-            /* ssl_1 reading */
-            if( read_1 < msg_len_2 )
-            {
-                ret = mbedtls_ssl_read_fragment( ssl_1, in_buf_1,
-                                                 msg_len_2, &read_1,
-                                                 &fragments_2,
-                                                 expected_fragments_2 );
-                TEST_ASSERT( ret == 0 );
-            }
-
-            /* ssl_2 reading */
-            if( read_2 < msg_len_1 )
-            {
-                ret = mbedtls_ssl_read_fragment( ssl_2, in_buf_2,
-                                                 msg_len_1, &read_2,
-                                                 &fragments_1,
-                                                 expected_fragments_1 );
-                TEST_ASSERT( ret == 0 );
-            }
-        }
-
-        ret = -1;
-        TEST_ASSERT( 0 == memcmp( msg_buf_1, in_buf_2, msg_len_1 ) );
-        TEST_ASSERT( 0 == memcmp( msg_buf_2, in_buf_1, msg_len_2 ) );
-        TEST_ASSERT( fragments_1 == expected_fragments_1 );
-        TEST_ASSERT( fragments_2 == expected_fragments_2 );
-    }
-
-    ret = 0;
-
-exit:
-    free( msg_buf_1 );
-    free( in_buf_1 );
-    free( msg_buf_2 );
-    free( in_buf_2 );
-
-    return ret;
-}
-
-/*
- * Perform data exchanging between \p ssl_1 and \p ssl_2. Both of endpoints
- * must be initialized and connected beforehand.
- *
- * \retval  0 on success, otherwise error code.
- */
-int exchange_data( mbedtls_ssl_context *ssl_1,
-                   mbedtls_ssl_context *ssl_2 )
-{
-    return mbedtls_exchange_data( ssl_1, 256, 1,
-                                  ssl_2, 256, 1 );
-}
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
-    defined(MBEDTLS_ENTROPY_C) && \
-    defined(MBEDTLS_CTR_DRBG_C)
-void perform_handshake( handshake_test_options* options )
-{
-    /* forced_ciphersuite needs to last until the end of the handshake */
-    int forced_ciphersuite[2];
-    enum { BUFFSIZE = 17000 };
-    mbedtls_endpoint client, server;
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-    const char *psk_identity = "foo";
-#endif
-#if defined(MBEDTLS_TIMING_C)
-    mbedtls_timing_delay_context timer_client, timer_server;
-#endif
-#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
-    unsigned char *context_buf = NULL;
-    size_t context_buf_len;
-#endif
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    int ret = -1;
-#endif
-    int expected_handshake_result = 0;
-
-    mbedtls_test_message_queue server_queue, client_queue;
-    mbedtls_test_message_socket_context server_context, client_context;
-    mbedtls_message_socket_init( &server_context );
-    mbedtls_message_socket_init( &client_context );
-
-    /* Client side */
-    if( options->dtls != 0 )
-    {
-        TEST_ASSERT( mbedtls_endpoint_init( &client, MBEDTLS_SSL_IS_CLIENT,
-                                            options->pk_alg, &client_context,
-                                            &client_queue,
-                                            &server_queue ) == 0 );
-#if defined(MBEDTLS_TIMING_C)
-        mbedtls_ssl_set_timer_cb( &client.ssl, &timer_client,
-                                  mbedtls_timing_set_delay,
-                                  mbedtls_timing_get_delay );
-#endif
-    }
-    else
-    {
-        TEST_ASSERT( mbedtls_endpoint_init( &client, MBEDTLS_SSL_IS_CLIENT,
-                                            options->pk_alg, NULL, NULL,
-                                            NULL ) == 0 );
-    }
-
-    if( options->client_min_version != TEST_SSL_MINOR_VERSION_NONE )
-    {
-        mbedtls_ssl_conf_min_version( &client.conf, MBEDTLS_SSL_MAJOR_VERSION_3,
-                                          options->client_min_version );
-    }
-
-    if( options->client_max_version != TEST_SSL_MINOR_VERSION_NONE )
-    {
-        mbedtls_ssl_conf_max_version( &client.conf, MBEDTLS_SSL_MAJOR_VERSION_3,
-                                          options->client_max_version );
-    }
-
-    if( strlen( options->cipher ) > 0 )
-    {
-        set_ciphersuite( &client.conf, options->cipher, forced_ciphersuite );
-    }
-
-#if defined (MBEDTLS_DEBUG_C)
-    if( options->cli_log_fun )
-    {
-        mbedtls_debug_set_threshold( 4 );
-        mbedtls_ssl_conf_dbg( &client.conf, options->cli_log_fun,
-                                            options->cli_log_obj );
-    }
-#endif
-
-    /* Server side */
-    if( options->dtls != 0 )
-    {
-        TEST_ASSERT( mbedtls_endpoint_init( &server, MBEDTLS_SSL_IS_SERVER,
-                                            options->pk_alg, &server_context,
-                                            &server_queue,
-                                            &client_queue) == 0 );
-#if defined(MBEDTLS_TIMING_C)
-        mbedtls_ssl_set_timer_cb( &server.ssl, &timer_server,
-                                  mbedtls_timing_set_delay,
-                                  mbedtls_timing_get_delay );
-#endif
-    }
-    else
-    {
-        TEST_ASSERT( mbedtls_endpoint_init( &server, MBEDTLS_SSL_IS_SERVER,
-                                            options->pk_alg, NULL, NULL, NULL ) == 0 );
-    }
-
-    mbedtls_ssl_conf_authmode( &server.conf, options->srv_auth_mode );
-
-    if( options->server_min_version != TEST_SSL_MINOR_VERSION_NONE )
-    {
-        mbedtls_ssl_conf_min_version( &server.conf, MBEDTLS_SSL_MAJOR_VERSION_3,
-                                          options->server_min_version );
-    }
-
-    if( options->server_max_version != TEST_SSL_MINOR_VERSION_NONE )
-    {
-        mbedtls_ssl_conf_max_version( &server.conf, MBEDTLS_SSL_MAJOR_VERSION_3,
-                                          options->server_max_version );
-    }
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-    TEST_ASSERT( mbedtls_ssl_conf_max_frag_len( &(server.conf),
-                                         (unsigned char) options->mfl ) == 0 );
-    TEST_ASSERT( mbedtls_ssl_conf_max_frag_len( &(client.conf),
-                                         (unsigned char) options->mfl ) == 0 );
-#else
-    TEST_ASSERT( MBEDTLS_SSL_MAX_FRAG_LEN_NONE == options->mfl );
-#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-    if( options->psk_str != NULL && options->psk_str->len > 0 )
-    {
-        TEST_ASSERT( mbedtls_ssl_conf_psk( &client.conf, options->psk_str->x,
-                             options->psk_str->len,
-                             (const unsigned char *) psk_identity,
-                             strlen( psk_identity ) ) == 0 );
-
-        TEST_ASSERT( mbedtls_ssl_conf_psk( &server.conf, options->psk_str->x,
-                             options->psk_str->len,
-                             (const unsigned char *) psk_identity,
-                             strlen( psk_identity ) ) == 0 );
-
-        mbedtls_ssl_conf_psk_cb( &server.conf, psk_dummy_callback, NULL );
-    }
-#endif
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( options->renegotiate )
-    {
-        mbedtls_ssl_conf_renegotiation( &(server.conf),
-                                        MBEDTLS_SSL_RENEGOTIATION_ENABLED );
-        mbedtls_ssl_conf_renegotiation( &(client.conf),
-                                        MBEDTLS_SSL_RENEGOTIATION_ENABLED );
-
-        mbedtls_ssl_conf_legacy_renegotiation( &(server.conf),
-                                               options->legacy_renegotiation );
-        mbedtls_ssl_conf_legacy_renegotiation( &(client.conf),
-                                               options->legacy_renegotiation );
-    }
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-
-#if defined (MBEDTLS_DEBUG_C)
-    if( options->srv_log_fun )
-    {
-        mbedtls_debug_set_threshold( 4 );
-        mbedtls_ssl_conf_dbg( &server.conf, options->srv_log_fun,
-                                            options->srv_log_obj );
-    }
-#endif
-
-    TEST_ASSERT( mbedtls_mock_socket_connect( &(client.socket),
-                                              &(server.socket),
-                                              BUFFSIZE ) == 0 );
-
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-    if( options->resize_buffers != 0 )
-    {
-        /* Ensure that the buffer sizes are appropriate before resizes */
-        TEST_ASSERT( client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN );
-        TEST_ASSERT( client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN );
-        TEST_ASSERT( server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN );
-        TEST_ASSERT( server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN );
-    }
-#endif
-
-    if( options->expected_negotiated_version == TEST_SSL_MINOR_VERSION_NONE )
-    {
-        expected_handshake_result = MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION;
-    }
-
-    TEST_ASSERT( mbedtls_move_handshake_to_state( &(client.ssl),
-                                                  &(server.ssl),
-                                                  MBEDTLS_SSL_HANDSHAKE_OVER )
-                 ==  expected_handshake_result );
-
-    if( expected_handshake_result != 0 )
-    {
-        /* Connection will have failed by this point, skip to cleanup */
-        goto exit;
-    }
-
-    TEST_ASSERT( client.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER );
-    TEST_ASSERT( server.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER );
-
-    /* Check that we agree on the version... */
-    TEST_ASSERT( client.ssl.minor_ver == server.ssl.minor_ver );
-
-    /* And check that the version negotiated is the expected one. */
-    TEST_EQUAL( client.ssl.minor_ver, options->expected_negotiated_version );
-
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-    if( options->resize_buffers != 0 )
-    {
-        if( options->expected_negotiated_version != MBEDTLS_SSL_MINOR_VERSION_0 &&
-            options->expected_negotiated_version != MBEDTLS_SSL_MINOR_VERSION_1 )
-        {
-            /* A server, when using DTLS, might delay a buffer resize to happen
-             * after it receives a message, so we force it. */
-            TEST_ASSERT( exchange_data( &(client.ssl), &(server.ssl) ) == 0 );
-
-            TEST_ASSERT( client.ssl.out_buf_len ==
-                         mbedtls_ssl_get_output_buflen( &client.ssl ) );
-            TEST_ASSERT( client.ssl.in_buf_len ==
-                         mbedtls_ssl_get_input_buflen( &client.ssl ) );
-            TEST_ASSERT( server.ssl.out_buf_len ==
-                         mbedtls_ssl_get_output_buflen( &server.ssl ) );
-            TEST_ASSERT( server.ssl.in_buf_len ==
-                         mbedtls_ssl_get_input_buflen( &server.ssl ) );
-        }
-    }
-#endif
-
-    if( options->cli_msg_len != 0 || options->srv_msg_len != 0 )
-    {
-        /* Start data exchanging test */
-        TEST_ASSERT( mbedtls_exchange_data( &(client.ssl), options->cli_msg_len,
-                                            options->expected_cli_fragments,
-                                            &(server.ssl), options->srv_msg_len,
-                                            options->expected_srv_fragments )
-                     == 0 );
-    }
-#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
-    if( options->serialize == 1 )
-    {
-        TEST_ASSERT( options->dtls == 1 );
-
-        TEST_ASSERT( mbedtls_ssl_context_save( &(server.ssl), NULL,
-                                               0, &context_buf_len )
-                                             == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-
-        context_buf = mbedtls_calloc( 1, context_buf_len );
-        TEST_ASSERT( context_buf != NULL );
-
-        TEST_ASSERT( mbedtls_ssl_context_save( &(server.ssl), context_buf,
-                                               context_buf_len,
-                                               &context_buf_len ) == 0 );
-
-        mbedtls_ssl_free( &(server.ssl) );
-        mbedtls_ssl_init( &(server.ssl) );
-
-        TEST_ASSERT( mbedtls_ssl_setup( &(server.ssl), &(server.conf) ) == 0 );
-
-        mbedtls_ssl_set_bio( &( server.ssl ), &server_context,
-                             mbedtls_mock_tcp_send_msg,
-                             mbedtls_mock_tcp_recv_msg,
-                             NULL );
-
-#if defined(MBEDTLS_TIMING_C)
-        mbedtls_ssl_set_timer_cb( &server.ssl, &timer_server,
-                                  mbedtls_timing_set_delay,
-                                  mbedtls_timing_get_delay );
-#endif
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-        if( options->resize_buffers != 0 )
-        {
-            /* Ensure that the buffer sizes are appropriate before resizes */
-            TEST_ASSERT( server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN );
-            TEST_ASSERT( server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN );
-        }
-#endif
-        TEST_ASSERT( mbedtls_ssl_context_load( &( server.ssl ), context_buf,
-                                               context_buf_len ) == 0 );
-
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-        /* Validate buffer sizes after context deserialization */
-        if( options->resize_buffers != 0 )
-        {
-            TEST_ASSERT( server.ssl.out_buf_len ==
-                         mbedtls_ssl_get_output_buflen( &server.ssl ) );
-            TEST_ASSERT( server.ssl.in_buf_len ==
-                         mbedtls_ssl_get_input_buflen( &server.ssl ) );
-        }
-#endif
-        /* Retest writing/reading */
-        if( options->cli_msg_len != 0 || options->srv_msg_len != 0 )
-        {
-            TEST_ASSERT( mbedtls_exchange_data( &(client.ssl),
-                                                options->cli_msg_len,
-                                                options->expected_cli_fragments,
-                                                &(server.ssl),
-                                                options->srv_msg_len,
-                                                options->expected_srv_fragments )
-                                                == 0 );
-        }
-    }
-#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( options->renegotiate )
-    {
-        /* Start test with renegotiation */
-        TEST_ASSERT( server.ssl.renego_status ==
-                     MBEDTLS_SSL_INITIAL_HANDSHAKE );
-        TEST_ASSERT( client.ssl.renego_status ==
-                     MBEDTLS_SSL_INITIAL_HANDSHAKE );
-
-        /* After calling this function for the server, it only sends a handshake
-         * request. All renegotiation should happen during data exchanging */
-        TEST_ASSERT( mbedtls_ssl_renegotiate( &(server.ssl) ) == 0 );
-        TEST_ASSERT( server.ssl.renego_status ==
-                     MBEDTLS_SSL_RENEGOTIATION_PENDING );
-        TEST_ASSERT( client.ssl.renego_status ==
-                     MBEDTLS_SSL_INITIAL_HANDSHAKE );
-
-        TEST_ASSERT( exchange_data( &(client.ssl), &(server.ssl) ) == 0 );
-        TEST_ASSERT( server.ssl.renego_status ==
-                     MBEDTLS_SSL_RENEGOTIATION_DONE );
-        TEST_ASSERT( client.ssl.renego_status ==
-                     MBEDTLS_SSL_RENEGOTIATION_DONE );
-
-        /* After calling mbedtls_ssl_renegotiate for the client all renegotiation
-         * should happen inside this function. However in this test, we cannot
-         * perform simultaneous communication betwen client and server so this
-         * function will return waiting error on the socket. All rest of
-         * renegotiation should happen during data exchanging */
-        ret = mbedtls_ssl_renegotiate( &(client.ssl) );
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-        if( options->resize_buffers != 0 )
-        {
-            /* Ensure that the buffer sizes are appropriate before resizes */
-            TEST_ASSERT( client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN );
-            TEST_ASSERT( client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN );
-        }
-#endif
-        TEST_ASSERT( ret == 0 ||
-                     ret == MBEDTLS_ERR_SSL_WANT_READ ||
-                     ret == MBEDTLS_ERR_SSL_WANT_WRITE );
-        TEST_ASSERT( server.ssl.renego_status ==
-                     MBEDTLS_SSL_RENEGOTIATION_DONE );
-        TEST_ASSERT( client.ssl.renego_status ==
-                     MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS );
-
-        TEST_ASSERT( exchange_data( &(client.ssl), &(server.ssl) ) == 0 );
-        TEST_ASSERT( server.ssl.renego_status ==
-                     MBEDTLS_SSL_RENEGOTIATION_DONE );
-        TEST_ASSERT( client.ssl.renego_status ==
-                     MBEDTLS_SSL_RENEGOTIATION_DONE );
-#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-        /* Validate buffer sizes after renegotiation */
-        if( options->resize_buffers != 0 )
-        {
-            TEST_ASSERT( client.ssl.out_buf_len ==
-                         mbedtls_ssl_get_output_buflen( &client.ssl ) );
-            TEST_ASSERT( client.ssl.in_buf_len ==
-                         mbedtls_ssl_get_input_buflen( &client.ssl ) );
-            TEST_ASSERT( server.ssl.out_buf_len ==
-                         mbedtls_ssl_get_output_buflen( &server.ssl ) );
-            TEST_ASSERT( server.ssl.in_buf_len ==
-                         mbedtls_ssl_get_input_buflen( &server.ssl ) );
-        }
-#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */
-    }
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
-
-exit:
-    mbedtls_endpoint_free( &client, options->dtls != 0 ? &client_context : NULL );
-    mbedtls_endpoint_free( &server, options->dtls != 0 ? &server_context : NULL );
-#if defined (MBEDTLS_DEBUG_C)
-    if( options->cli_log_fun || options->srv_log_fun )
-    {
-        mbedtls_debug_set_threshold( 0 );
-    }
-#endif
-#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
-    if( context_buf != NULL )
-        mbedtls_free( context_buf );
-#endif
-}
-#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_SSL_TLS_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void test_callback_buffer_sanity()
-{
-    enum { MSGLEN = 10 };
-    mbedtls_test_buffer buf;
-    unsigned char input[MSGLEN];
-    unsigned char output[MSGLEN];
-
-    memset( input, 0, sizeof(input) );
-
-    /* Make sure calling put and get on NULL buffer results in error. */
-    TEST_ASSERT( mbedtls_test_buffer_put( NULL, input, sizeof( input ) )
-                    == -1 );
-    TEST_ASSERT( mbedtls_test_buffer_get( NULL, output, sizeof( output ) )
-                    == -1 );
-    TEST_ASSERT( mbedtls_test_buffer_put( NULL, NULL, sizeof( input ) ) == -1 );
-
-    TEST_ASSERT( mbedtls_test_buffer_put( NULL, NULL, 0 ) == -1 );
-    TEST_ASSERT( mbedtls_test_buffer_get( NULL, NULL, 0 ) == -1 );
-
-    /* Make sure calling put and get on a buffer that hasn't been set up results
-     * in eror. */
-    mbedtls_test_buffer_init( &buf );
-
-    TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, sizeof( input ) ) == -1 );
-    TEST_ASSERT( mbedtls_test_buffer_get( &buf, output, sizeof( output ) )
-                    == -1 );
-    TEST_ASSERT( mbedtls_test_buffer_put( &buf, NULL, sizeof( input ) ) == -1 );
-
-    TEST_ASSERT( mbedtls_test_buffer_put( &buf, NULL, 0 ) == -1 );
-    TEST_ASSERT( mbedtls_test_buffer_get( &buf, NULL, 0 ) == -1 );
-
-    /* Make sure calling put and get on NULL input only results in
-     * error if the length is not zero, and that a NULL output is valid for data
-     * dropping.
-     */
-
-    TEST_ASSERT( mbedtls_test_buffer_setup( &buf, sizeof( input ) ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_buffer_put( &buf, NULL, sizeof( input ) ) == -1 );
-    TEST_ASSERT( mbedtls_test_buffer_get( &buf, NULL, sizeof( output ) )
-                    == 0 );
-    TEST_ASSERT( mbedtls_test_buffer_put( &buf, NULL, 0 ) == 0 );
-    TEST_ASSERT( mbedtls_test_buffer_get( &buf, NULL, 0 ) == 0 );
-
-    /* Make sure calling put several times in the row is safe */
-
-    TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, sizeof( input ) )
-                                          == sizeof( input ) );
-    TEST_ASSERT( mbedtls_test_buffer_get( &buf, output, 2 ) == 2 );
-    TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, 1 ) == 1 );
-    TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, 2 ) == 1 );
-    TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, 2 ) == 0 );
-
-
-exit:
-
-    mbedtls_test_buffer_free( &buf );
-}
-/* END_CASE */
-
-/*
- * Test if the implementation of `mbedtls_test_buffer` related functions is
- * correct and works as expected.
- *
- * That is
- *  - If we try to put in \p put1 bytes then we can put in \p put1_ret bytes.
- *  - Afterwards if we try to get \p get1 bytes then we can get \get1_ret bytes.
- *  - Next, if we try to put in \p put1 bytes then we can put in \p put1_ret
- *    bytes.
- *  - Afterwards if we try to get \p get1 bytes then we can get \get1_ret bytes.
- *  - All of the bytes we got match the bytes we put in in a FIFO manner.
- */
-
-/* BEGIN_CASE */
-void test_callback_buffer( int size, int put1, int put1_ret,
-                           int get1, int get1_ret, int put2, int put2_ret,
-                           int get2, int get2_ret )
-{
-    enum { ROUNDS = 2 };
-    size_t put[ROUNDS];
-    int put_ret[ROUNDS];
-    size_t get[ROUNDS];
-    int get_ret[ROUNDS];
-    mbedtls_test_buffer buf;
-    unsigned char* input = NULL;
-    size_t input_len;
-    unsigned char* output = NULL;
-    size_t output_len;
-    size_t i, j, written, read;
-
-    mbedtls_test_buffer_init( &buf );
-    TEST_ASSERT( mbedtls_test_buffer_setup( &buf, size ) == 0 );
-
-    /* Check the sanity of input parameters and initialise local variables. That
-     * is, ensure that the amount of data is not negative and that we are not
-     * expecting more to put or get than we actually asked for. */
-    TEST_ASSERT( put1 >= 0 );
-    put[0] = put1;
-    put_ret[0] = put1_ret;
-    TEST_ASSERT( put1_ret <= put1 );
-    TEST_ASSERT( put2 >= 0 );
-    put[1] = put2;
-    put_ret[1] = put2_ret;
-    TEST_ASSERT( put2_ret <= put2 );
-
-    TEST_ASSERT( get1 >= 0 );
-    get[0] = get1;
-    get_ret[0] = get1_ret;
-    TEST_ASSERT( get1_ret <= get1 );
-    TEST_ASSERT( get2 >= 0 );
-    get[1] = get2;
-    get_ret[1] = get2_ret;
-    TEST_ASSERT( get2_ret <= get2 );
-
-    input_len = 0;
-    /* Calculate actual input and output lengths */
-    for( j = 0; j < ROUNDS; j++ )
-    {
-        if( put_ret[j] > 0 )
-        {
-            input_len += put_ret[j];
-        }
-    }
-    /* In order to always have a valid pointer we always allocate at least 1
-     * byte. */
-    if( input_len == 0 )
-        input_len = 1;
-    ASSERT_ALLOC( input, input_len );
-
-    output_len = 0;
-    for( j = 0; j < ROUNDS; j++ )
-    {
-        if( get_ret[j] > 0 )
-        {
-            output_len += get_ret[j];
-        }
-    }
-    TEST_ASSERT( output_len <= input_len );
-    /* In order to always have a valid pointer we always allocate at least 1
-     * byte. */
-    if( output_len == 0 )
-        output_len = 1;
-    ASSERT_ALLOC( output, output_len );
-
-    /* Fill up the buffer with structured data so that unwanted changes
-     * can be detected */
-    for( i = 0; i < input_len; i++ )
-    {
-        input[i] = i & 0xFF;
-    }
-
-    written = read = 0;
-    for( j = 0; j < ROUNDS; j++ )
-    {
-        TEST_ASSERT( put_ret[j] == mbedtls_test_buffer_put( &buf,
-                                        input + written, put[j] ) );
-        written += put_ret[j];
-        TEST_ASSERT( get_ret[j] == mbedtls_test_buffer_get( &buf,
-                                        output + read, get[j] ) );
-        read += get_ret[j];
-        TEST_ASSERT( read <= written );
-        if( get_ret[j] > 0 )
-        {
-            TEST_ASSERT( memcmp( output + read - get_ret[j],
-                                 input + read - get_ret[j], get_ret[j] )
-                         == 0 );
-        }
-    }
-
-exit:
-
-    mbedtls_free( input );
-    mbedtls_free( output );
-    mbedtls_test_buffer_free( &buf );
-}
-/* END_CASE */
-
-/*
- * Test if the implementation of `mbedtls_mock_socket` related I/O functions is
- * correct and works as expected on unconnected sockets.
- */
-
-/* BEGIN_CASE */
-void ssl_mock_sanity( )
-{
-    enum { MSGLEN = 105 };
-    unsigned char message[MSGLEN];
-    unsigned char received[MSGLEN];
-    mbedtls_mock_socket socket;
-
-    mbedtls_mock_socket_init( &socket );
-    TEST_ASSERT( mbedtls_mock_tcp_send_b( &socket, message, MSGLEN ) < 0 );
-    mbedtls_mock_socket_close( &socket );
-    mbedtls_mock_socket_init( &socket );
-    TEST_ASSERT( mbedtls_mock_tcp_recv_b( &socket, received, MSGLEN ) < 0 );
-    mbedtls_mock_socket_close( &socket );
-
-    mbedtls_mock_socket_init( &socket );
-    TEST_ASSERT( mbedtls_mock_tcp_send_nb( &socket, message, MSGLEN ) < 0 );
-    mbedtls_mock_socket_close( &socket );
-    mbedtls_mock_socket_init( &socket );
-    TEST_ASSERT( mbedtls_mock_tcp_recv_nb( &socket, received, MSGLEN ) < 0 );
-    mbedtls_mock_socket_close( &socket );
-
-exit:
-
-    mbedtls_mock_socket_close( &socket );
-}
-/* END_CASE */
-
-/*
- * Test if the implementation of `mbedtls_mock_socket` related functions can
- * send a single message from the client to the server.
- */
-
-/* BEGIN_CASE */
-void ssl_mock_tcp( int blocking )
-{
-    enum { MSGLEN = 105 };
-    enum { BUFLEN = MSGLEN / 5 };
-    unsigned char message[MSGLEN];
-    unsigned char received[MSGLEN];
-    mbedtls_mock_socket client;
-    mbedtls_mock_socket server;
-    size_t written, read;
-    int send_ret, recv_ret;
-    mbedtls_ssl_send_t *send;
-    mbedtls_ssl_recv_t *recv;
-    unsigned i;
-
-    if( blocking == 0 )
-    {
-        send = mbedtls_mock_tcp_send_nb;
-        recv = mbedtls_mock_tcp_recv_nb;
-    }
-    else
-    {
-        send = mbedtls_mock_tcp_send_b;
-        recv = mbedtls_mock_tcp_recv_b;
-    }
-
-    mbedtls_mock_socket_init( &client );
-    mbedtls_mock_socket_init( &server );
-
-    /* Fill up the buffer with structured data so that unwanted changes
-     * can be detected */
-    for( i = 0; i < MSGLEN; i++ )
-    {
-        message[i] = i & 0xFF;
-    }
-
-    /* Make sure that sending a message takes a few  iterations. */
-    TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, BUFLEN ) );
-
-    /* Send the message to the server */
-    send_ret = recv_ret = 1;
-    written = read = 0;
-    while( send_ret != 0 || recv_ret != 0 )
-    {
-        send_ret = send( &client, message + written, MSGLEN - written );
-
-        TEST_ASSERT( send_ret >= 0 );
-        TEST_ASSERT( send_ret <= BUFLEN );
-        written += send_ret;
-
-        /* If the buffer is full we can test blocking and non-blocking send */
-        if ( send_ret == BUFLEN )
-        {
-            int blocking_ret = send( &client, message , 1 );
-            if ( blocking )
-            {
-                TEST_ASSERT( blocking_ret == 0 );
-            }
-            else
-            {
-                TEST_ASSERT( blocking_ret == MBEDTLS_ERR_SSL_WANT_WRITE );
-            }
-        }
-
-        recv_ret = recv( &server, received + read, MSGLEN - read );
-
-        /* The result depends on whether any data was sent */
-        if ( send_ret > 0 )
-        {
-            TEST_ASSERT( recv_ret > 0 );
-            TEST_ASSERT( recv_ret <= BUFLEN );
-            read += recv_ret;
-        }
-        else if( blocking )
-        {
-            TEST_ASSERT( recv_ret == 0 );
-        }
-        else
-        {
-            TEST_ASSERT( recv_ret == MBEDTLS_ERR_SSL_WANT_READ );
-            recv_ret = 0;
-        }
-
-        /* If the buffer is empty we can test blocking and non-blocking read */
-        if ( recv_ret == BUFLEN )
-        {
-            int blocking_ret = recv( &server, received, 1 );
-            if ( blocking )
-            {
-                TEST_ASSERT( blocking_ret == 0 );
-            }
-            else
-            {
-                TEST_ASSERT( blocking_ret == MBEDTLS_ERR_SSL_WANT_READ );
-            }
-        }
-    }
-    TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 );
-
-exit:
-
-    mbedtls_mock_socket_close( &client );
-    mbedtls_mock_socket_close( &server );
-}
-/* END_CASE */
-
-/*
- * Test if the implementation of `mbedtls_mock_socket` related functions can
- * send messages in both direction at the same time (with the I/O calls
- * interleaving).
- */
-
-/* BEGIN_CASE */
-void ssl_mock_tcp_interleaving( int blocking )
-{
-    enum { ROUNDS = 2 };
-    enum { MSGLEN = 105 };
-    enum { BUFLEN = MSGLEN / 5 };
-    unsigned char message[ROUNDS][MSGLEN];
-    unsigned char received[ROUNDS][MSGLEN];
-    mbedtls_mock_socket client;
-    mbedtls_mock_socket server;
-    size_t written[ROUNDS];
-    size_t read[ROUNDS];
-    int send_ret[ROUNDS];
-    int recv_ret[ROUNDS];
-    unsigned i, j, progress;
-    mbedtls_ssl_send_t *send;
-    mbedtls_ssl_recv_t *recv;
-
-    if( blocking == 0 )
-    {
-        send = mbedtls_mock_tcp_send_nb;
-        recv = mbedtls_mock_tcp_recv_nb;
-    }
-    else
-    {
-        send = mbedtls_mock_tcp_send_b;
-        recv = mbedtls_mock_tcp_recv_b;
-    }
-
-    mbedtls_mock_socket_init( &client );
-    mbedtls_mock_socket_init( &server );
-
-    /* Fill up the buffers with structured data so that unwanted changes
-     * can be detected */
-    for( i = 0; i < ROUNDS; i++ )
-    {
-        for( j = 0; j < MSGLEN; j++ )
-        {
-            message[i][j] = ( i * MSGLEN + j ) & 0xFF;
-        }
-    }
-
-    /* Make sure that sending a message takes a few  iterations. */
-    TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, BUFLEN ) );
-
-    /* Send the message from both sides, interleaving. */
-    progress = 1;
-    for( i = 0; i < ROUNDS; i++ )
-    {
-        written[i] = 0;
-        read[i] = 0;
-    }
-    /* This loop does not stop as long as there was a successful write or read
-     * of at least one byte on either side. */
-    while( progress != 0 )
-    {
-        mbedtls_mock_socket *socket;
-
-        for( i = 0; i < ROUNDS; i++ )
-        {
-            /* First sending is from the client */
-            socket = ( i % 2 == 0 ) ? ( &client ) : ( &server );
-
-            send_ret[i] = send( socket, message[i] + written[i],
-                                               MSGLEN - written[i] );
-            TEST_ASSERT( send_ret[i] >= 0 );
-            TEST_ASSERT( send_ret[i] <= BUFLEN );
-            written[i] += send_ret[i];
-
-            /* If the buffer is full we can test blocking and non-blocking
-             * send */
-            if ( send_ret[i] == BUFLEN )
-            {
-                int blocking_ret = send( socket, message[i] , 1 );
-                if ( blocking )
-                {
-                    TEST_ASSERT( blocking_ret == 0 );
-                }
-                else
-                {
-                    TEST_ASSERT( blocking_ret == MBEDTLS_ERR_SSL_WANT_WRITE );
-                }
-            }
-        }
-
-        for( i = 0; i < ROUNDS; i++ )
-        {
-            /* First receiving is from the server */
-            socket = ( i % 2 == 0 ) ? ( &server ) : ( &client );
-
-            recv_ret[i] = recv( socket, received[i] + read[i],
-                                               MSGLEN - read[i] );
-
-            /* The result depends on whether any data was sent */
-            if ( send_ret[i] > 0 )
-            {
-                TEST_ASSERT( recv_ret[i] > 0 );
-                TEST_ASSERT( recv_ret[i] <= BUFLEN );
-                read[i] += recv_ret[i];
-            }
-            else if( blocking )
-            {
-                TEST_ASSERT( recv_ret[i] == 0 );
-            }
-            else
-            {
-                TEST_ASSERT( recv_ret[i] == MBEDTLS_ERR_SSL_WANT_READ );
-                recv_ret[i] = 0;
-            }
-
-            /* If the buffer is empty we can test blocking and non-blocking
-             * read */
-            if ( recv_ret[i] == BUFLEN )
-            {
-                int blocking_ret = recv( socket, received[i], 1 );
-                if ( blocking )
-                {
-                    TEST_ASSERT( blocking_ret == 0 );
-                }
-                else
-                {
-                    TEST_ASSERT( blocking_ret == MBEDTLS_ERR_SSL_WANT_READ );
-                }
-            }
-        }
-
-        progress = 0;
-        for( i = 0; i < ROUNDS; i++ )
-        {
-            progress += send_ret[i] + recv_ret[i];
-        }
-    }
-
-    for( i = 0; i < ROUNDS; i++ )
-        TEST_ASSERT( memcmp( message[i], received[i], MSGLEN ) == 0 );
-
-exit:
-
-    mbedtls_mock_socket_close( &client );
-    mbedtls_mock_socket_close( &server );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_message_queue_sanity( )
-{
-    mbedtls_test_message_queue queue;
-
-    /* Trying to push/pull to an empty queue */
-    TEST_ASSERT( mbedtls_test_message_queue_push_info( NULL, 1 )
-                 == MBEDTLS_TEST_ERROR_ARG_NULL );
-    TEST_ASSERT( mbedtls_test_message_queue_pop_info( NULL, 1 )
-                 == MBEDTLS_TEST_ERROR_ARG_NULL );
-
-    TEST_ASSERT( mbedtls_test_message_queue_setup( &queue, 3 ) == 0 );
-    TEST_ASSERT( queue.capacity == 3 );
-    TEST_ASSERT( queue.num == 0 );
-
-exit:
-    mbedtls_test_message_queue_free( &queue );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_message_queue_basic( )
-{
-    mbedtls_test_message_queue queue;
-
-    TEST_ASSERT( mbedtls_test_message_queue_setup( &queue, 3 ) == 0 );
-
-    /* Sanity test - 3 pushes and 3 pops with sufficient space */
-    TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 );
-    TEST_ASSERT( queue.capacity == 3 );
-    TEST_ASSERT( queue.num == 1 );
-    TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 );
-    TEST_ASSERT( queue.capacity == 3 );
-    TEST_ASSERT( queue.num == 2 );
-    TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 2 ) == 2 );
-    TEST_ASSERT( queue.capacity == 3 );
-    TEST_ASSERT( queue.num == 3 );
-
-    TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 );
-    TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 );
-    TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 2 ) == 2 );
-
-exit:
-    mbedtls_test_message_queue_free( &queue );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_message_queue_overflow_underflow( )
-{
-    mbedtls_test_message_queue queue;
-
-    TEST_ASSERT( mbedtls_test_message_queue_setup( &queue, 3 ) == 0 );
-
-    /* 4 pushes (last one with an error), 4 pops (last one with an error) */
-    TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 );
-    TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 );
-    TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 2 ) == 2 );
-    TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 3 )
-                 == MBEDTLS_ERR_SSL_WANT_WRITE );
-
-    TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 );
-    TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 );
-    TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 2 ) == 2 );
-
-    TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 )
-                 == MBEDTLS_ERR_SSL_WANT_READ );
-
-exit:
-    mbedtls_test_message_queue_free( &queue );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_message_queue_interleaved( )
-{
-    mbedtls_test_message_queue queue;
-
-    TEST_ASSERT( mbedtls_test_message_queue_setup( &queue, 3 ) == 0 );
-
-    /* Interleaved test - [2 pushes, 1 pop] twice, and then two pops
-     * (to wrap around the buffer) */
-    TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 );
-    TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 );
-
-    TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 );
-
-    TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 2 ) == 2 );
-    TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 3 ) == 3 );
-
-    TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 );
-    TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 2 ) == 2 );
-
-    TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 5 ) == 5 );
-    TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 8 ) == 8 );
-
-    TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 3 ) == 3 );
-
-    TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 5 ) == 5 );
-
-    TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 8 ) == 8 );
-
-exit:
-    mbedtls_test_message_queue_free( &queue );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_message_queue_insufficient_buffer( )
-{
-    mbedtls_test_message_queue queue;
-    size_t message_len = 10;
-    size_t buffer_len = 5;
-
-    TEST_ASSERT( mbedtls_test_message_queue_setup( &queue, 1 ) == 0 );
-
-    /* Popping without a sufficient buffer */
-    TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, message_len )
-                 == (int) message_len );
-    TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, buffer_len )
-                 == (int) buffer_len );
-exit:
-    mbedtls_test_message_queue_free( &queue );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_message_mock_uninitialized( )
-{
-    enum { MSGLEN = 10 };
-    unsigned char message[MSGLEN], received[MSGLEN];
-    mbedtls_mock_socket client, server;
-    mbedtls_test_message_queue server_queue, client_queue;
-    mbedtls_test_message_socket_context server_context, client_context;
-    mbedtls_message_socket_init( &server_context );
-    mbedtls_message_socket_init( &client_context );
-
-    /* Send with a NULL context */
-    TEST_ASSERT( mbedtls_mock_tcp_send_msg( NULL, message, MSGLEN )
-                 == MBEDTLS_TEST_ERROR_CONTEXT_ERROR );
-
-    TEST_ASSERT( mbedtls_mock_tcp_recv_msg( NULL, message, MSGLEN )
-                 == MBEDTLS_TEST_ERROR_CONTEXT_ERROR );
-
-    TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 1,
-                                               &server,
-                                               &server_context ) == 0 );
-
-    TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 1,
-                                               &client,
-                                               &client_context ) == 0 );
-
-    TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, MSGLEN )
-                 == MBEDTLS_TEST_ERROR_SEND_FAILED );
-
-    TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN )
-                 == MBEDTLS_ERR_SSL_WANT_READ );
-
-    /* Push directly to a queue to later simulate a disconnected behavior */
-    TEST_ASSERT( mbedtls_test_message_queue_push_info( &server_queue, MSGLEN )
-                 == MSGLEN );
-
-    /* Test if there's an error when trying to read from a disconnected
-     * socket */
-    TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN )
-                 == MBEDTLS_TEST_ERROR_RECV_FAILED );
-    exit:
-    mbedtls_message_socket_close( &server_context );
-    mbedtls_message_socket_close( &client_context );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_message_mock_basic( )
-{
-    enum { MSGLEN = 10 };
-    unsigned char message[MSGLEN], received[MSGLEN];
-    mbedtls_mock_socket client, server;
-    unsigned i;
-    mbedtls_test_message_queue server_queue, client_queue;
-    mbedtls_test_message_socket_context server_context, client_context;
-    mbedtls_message_socket_init( &server_context );
-    mbedtls_message_socket_init( &client_context );
-
-    TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 1,
-                                               &server,
-                                               &server_context ) == 0 );
-
-    TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 1,
-                                               &client,
-                                               &client_context ) == 0 );
-
-    /* Fill up the buffer with structured data so that unwanted changes
-     * can be detected */
-    for( i = 0; i < MSGLEN; i++ )
-    {
-        message[i] = i & 0xFF;
-    }
-    TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server,
-                                                   MSGLEN ) );
-
-    /* Send the message to the server */
-    TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message,
-                                            MSGLEN ) == MSGLEN );
-
-    /* Read from the server */
-    TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN )
-                 == MSGLEN );
-
-    TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 );
-    memset( received, 0, MSGLEN );
-
-    /* Send the message to the client */
-    TEST_ASSERT( mbedtls_mock_tcp_send_msg( &server_context, message,
-                                            MSGLEN ) == MSGLEN );
-
-    /* Read from the client */
-    TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &client_context, received, MSGLEN )
-                 == MSGLEN );
-    TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 );
-
-    exit:
-    mbedtls_message_socket_close( &server_context );
-    mbedtls_message_socket_close( &client_context );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_message_mock_queue_overflow_underflow( )
-{
-    enum { MSGLEN = 10 };
-    unsigned char message[MSGLEN], received[MSGLEN];
-    mbedtls_mock_socket client, server;
-    unsigned i;
-    mbedtls_test_message_queue server_queue, client_queue;
-    mbedtls_test_message_socket_context server_context, client_context;
-    mbedtls_message_socket_init( &server_context );
-    mbedtls_message_socket_init( &client_context );
-
-    TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 2,
-                                               &server,
-                                               &server_context ) == 0 );
-
-    TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 2,
-                                               &client,
-                                               &client_context ) == 0 );
-
-    /* Fill up the buffer with structured data so that unwanted changes
-     * can be detected */
-    for( i = 0; i < MSGLEN; i++ )
-    {
-        message[i] = i & 0xFF;
-    }
-    TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server,
-                                                   MSGLEN*2 ) );
-
-    /* Send three message to the server, last one with an error */
-    TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message,
-                                            MSGLEN - 1 ) == MSGLEN - 1 );
-
-    TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message,
-                                            MSGLEN ) == MSGLEN );
-
-    TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message,
-                                            MSGLEN )
-                 == MBEDTLS_ERR_SSL_WANT_WRITE );
-
-    /* Read three messages from the server, last one with an error */
-    TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received,
-                                            MSGLEN - 1 ) == MSGLEN - 1 );
-
-    TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN )
-                 == MSGLEN );
-
-    TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 );
-
-    TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN )
-                 == MBEDTLS_ERR_SSL_WANT_READ );
-
-    exit:
-    mbedtls_message_socket_close( &server_context );
-    mbedtls_message_socket_close( &client_context );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_message_mock_socket_overflow( )
-{
-    enum { MSGLEN = 10 };
-    unsigned char message[MSGLEN], received[MSGLEN];
-    mbedtls_mock_socket client, server;
-    unsigned i;
-    mbedtls_test_message_queue server_queue, client_queue;
-    mbedtls_test_message_socket_context server_context, client_context;
-    mbedtls_message_socket_init( &server_context );
-    mbedtls_message_socket_init( &client_context );
-
-    TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 2,
-                                               &server,
-                                               &server_context ) == 0 );
-
-    TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 2,
-                                               &client,
-                                               &client_context ) == 0 );
-
-    /* Fill up the buffer with structured data so that unwanted changes
-     * can be detected */
-    for( i = 0; i < MSGLEN; i++ )
-    {
-        message[i] = i & 0xFF;
-    }
-    TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server,
-                                                   MSGLEN ) );
-
-    /* Send two message to the server, second one with an error */
-    TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message,
-                                            MSGLEN ) == MSGLEN );
-
-    TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message,
-                                            MSGLEN )
-                 == MBEDTLS_TEST_ERROR_SEND_FAILED );
-
-    /* Read the only message from the server */
-    TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN )
-                 == MSGLEN );
-
-    TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 );
-
-    exit:
-    mbedtls_message_socket_close( &server_context );
-    mbedtls_message_socket_close( &client_context );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_message_mock_truncated( )
-{
-    enum { MSGLEN = 10 };
-    unsigned char message[MSGLEN], received[MSGLEN];
-    mbedtls_mock_socket client, server;
-    unsigned i;
-    mbedtls_test_message_queue server_queue, client_queue;
-    mbedtls_test_message_socket_context server_context, client_context;
-    mbedtls_message_socket_init( &server_context );
-    mbedtls_message_socket_init( &client_context );
-
-    TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 2,
-                                               &server,
-                                               &server_context ) == 0 );
-
-    TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 2,
-                                               &client,
-                                               &client_context ) == 0 );
-
-    memset( received, 0, MSGLEN );
-    /* Fill up the buffer with structured data so that unwanted changes
-     * can be detected */
-    for( i = 0; i < MSGLEN; i++ )
-    {
-        message[i] = i & 0xFF;
-    }
-    TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server,
-                                                   2 * MSGLEN ) );
-
-    /* Send two messages to the server, the second one small enough to fit in the
-     * receiver's buffer. */
-    TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message,
-                                            MSGLEN ) == MSGLEN );
-    TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message,
-                                            MSGLEN / 2 ) == MSGLEN / 2 );
-    /* Read a truncated message from the server */
-    TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN/2 )
-                 == MSGLEN/2 );
-
-    /* Test that the first half of the message is valid, and second one isn't */
-    TEST_ASSERT( memcmp( message, received, MSGLEN/2 ) == 0 );
-    TEST_ASSERT( memcmp( message + MSGLEN/2, received + MSGLEN/2, MSGLEN/2 )
-                 != 0 );
-    memset( received, 0, MSGLEN );
-
-    /* Read a full message from the server */
-    TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN/2 )
-                 == MSGLEN / 2 );
-
-    /* Test that the first half of the message is valid */
-    TEST_ASSERT( memcmp( message, received, MSGLEN/2 ) == 0 );
-
-    exit:
-    mbedtls_message_socket_close( &server_context );
-    mbedtls_message_socket_close( &client_context );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_message_mock_socket_read_error( )
-{
-    enum { MSGLEN = 10 };
-    unsigned char message[MSGLEN], received[MSGLEN];
-    mbedtls_mock_socket client, server;
-    unsigned i;
-    mbedtls_test_message_queue server_queue, client_queue;
-    mbedtls_test_message_socket_context server_context, client_context;
-    mbedtls_message_socket_init( &server_context );
-    mbedtls_message_socket_init( &client_context );
-
-    TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 1,
-                                               &server,
-                                               &server_context ) == 0 );
-
-    TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 1,
-                                               &client,
-                                               &client_context ) == 0 );
-
-    /* Fill up the buffer with structured data so that unwanted changes
-     * can be detected */
-    for( i = 0; i < MSGLEN; i++ )
-    {
-        message[i] = i & 0xFF;
-    }
-    TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server,
-                                                   MSGLEN ) );
-
-    TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message,
-                                            MSGLEN ) == MSGLEN );
-
-    /* Force a read error by disconnecting the socket by hand */
-    server.status = 0;
-    TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN )
-                 == MBEDTLS_TEST_ERROR_RECV_FAILED );
-    /* Return to a valid state */
-    server.status = MBEDTLS_MOCK_SOCKET_CONNECTED;
-
-    memset( received, 0, sizeof( received ) );
-
-    /* Test that even though the server tried to read once disconnected, the
-     * continuity is preserved */
-    TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN )
-                 == MSGLEN );
-
-    TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 );
-
-    exit:
-    mbedtls_message_socket_close( &server_context );
-    mbedtls_message_socket_close( &client_context );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_message_mock_interleaved_one_way( )
-{
-    enum { MSGLEN = 10 };
-    unsigned char message[MSGLEN], received[MSGLEN];
-    mbedtls_mock_socket client, server;
-    unsigned i;
-    mbedtls_test_message_queue server_queue, client_queue;
-    mbedtls_test_message_socket_context server_context, client_context;
-    mbedtls_message_socket_init( &server_context );
-    mbedtls_message_socket_init( &client_context );
-
-    TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 3,
-                                               &server,
-                                               &server_context ) == 0 );
-
-    TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 3,
-                                               &client,
-                                               &client_context ) == 0 );
-
-    /* Fill up the buffer with structured data so that unwanted changes
-     * can be detected */
-    for( i = 0; i < MSGLEN; i++ )
-    {
-        message[i] = i & 0xFF;
-    }
-    TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server,
-                                                   MSGLEN*3 ) );
-
-    /* Interleaved test - [2 sends, 1 read] twice, and then two reads
-     * (to wrap around the buffer) */
-    for( i = 0; i < 2; i++ )
-    {
-        TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message,
-                                                MSGLEN ) == MSGLEN );
-
-        TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message,
-                                                MSGLEN ) == MSGLEN );
-
-        TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received,
-                                                MSGLEN ) == MSGLEN );
-        TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 );
-        memset( received, 0, sizeof( received ) );
-    }
-
-    for( i = 0; i < 2; i++ )
-    {
-        TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received,
-                                                MSGLEN ) == MSGLEN );
-
-        TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 );
-    }
-    TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN )
-                 == MBEDTLS_ERR_SSL_WANT_READ );
-    exit:
-    mbedtls_message_socket_close( &server_context );
-    mbedtls_message_socket_close( &client_context );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_message_mock_interleaved_two_ways( )
-{
-    enum { MSGLEN = 10 };
-    unsigned char message[MSGLEN], received[MSGLEN];
-    mbedtls_mock_socket client, server;
-    unsigned i;
-    mbedtls_test_message_queue server_queue, client_queue;
-    mbedtls_test_message_socket_context server_context, client_context;
-    mbedtls_message_socket_init( &server_context );
-    mbedtls_message_socket_init( &client_context );
-
-    TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 3,
-                                               &server,
-                                               &server_context ) == 0 );
-
-    TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 3,
-                                               &client,
-                                               &client_context ) == 0 );
-
-    /* Fill up the buffer with structured data so that unwanted changes
-     * can be detected */
-    for( i = 0; i < MSGLEN; i++ )
-    {
-        message[i] = i & 0xFF;
-    }
-    TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server,
-                                                   MSGLEN*3 ) );
-
-    /* Interleaved test - [2 sends, 1 read] twice, both ways, and then two reads
-     * (to wrap around the buffer) both ways. */
-    for( i = 0; i < 2; i++ )
-    {
-        TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message,
-                                                MSGLEN ) == MSGLEN );
-
-        TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message,
-                                                MSGLEN ) == MSGLEN );
-
-        TEST_ASSERT( mbedtls_mock_tcp_send_msg( &server_context, message,
-                                                MSGLEN ) == MSGLEN );
-
-        TEST_ASSERT( mbedtls_mock_tcp_send_msg( &server_context, message,
-                                                MSGLEN ) == MSGLEN );
-
-        TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received,
-                     MSGLEN ) == MSGLEN );
-
-        TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 );
-
-        memset( received, 0, sizeof( received ) );
-
-        TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &client_context, received,
-                     MSGLEN ) == MSGLEN );
-
-        TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 );
-
-        memset( received, 0, sizeof( received ) );
-    }
-
-    for( i = 0; i < 2; i++ )
-    {
-        TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received,
-                    MSGLEN ) == MSGLEN );
-
-        TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 );
-        memset( received, 0, sizeof( received ) );
-
-        TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &client_context, received,
-                     MSGLEN ) == MSGLEN );
-
-        TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 );
-        memset( received, 0, sizeof( received ) );
-    }
-
-    TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN )
-                 == MBEDTLS_ERR_SSL_WANT_READ );
-
-    TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &client_context, received, MSGLEN )
-                 == MBEDTLS_ERR_SSL_WANT_READ );
-    exit:
-    mbedtls_message_socket_close( &server_context );
-    mbedtls_message_socket_close( &client_context );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SSL_DTLS_ANTI_REPLAY */
-void ssl_dtls_replay( data_t * prevs, data_t * new, int ret )
-{
-    uint32_t len = 0;
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_config conf;
-
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_config_init( &conf );
-
-    TEST_ASSERT( mbedtls_ssl_config_defaults( &conf,
-                 MBEDTLS_SSL_IS_CLIENT,
-                 MBEDTLS_SSL_TRANSPORT_DATAGRAM,
-                 MBEDTLS_SSL_PRESET_DEFAULT ) == 0 );
-    TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
-
-    /* Read previous record numbers */
-    for( len = 0; len < prevs->len; len += 6 )
-    {
-        memcpy( ssl.in_ctr + 2, prevs->x + len, 6 );
-        mbedtls_ssl_dtls_replay_update( &ssl );
-    }
-
-    /* Check new number */
-    memcpy( ssl.in_ctr + 2, new->x, 6 );
-    TEST_ASSERT( mbedtls_ssl_dtls_replay_check( &ssl ) == ret );
-
-    mbedtls_ssl_free( &ssl );
-    mbedtls_ssl_config_free( &conf );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */
-void ssl_set_hostname_twice( char *hostname0, char *hostname1 )
-{
-    mbedtls_ssl_context ssl;
-    mbedtls_ssl_init( &ssl );
-
-    TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname0 ) == 0 );
-    TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname1 ) == 0 );
-
-    mbedtls_ssl_free( &ssl );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_crypt_record( int cipher_type, int hash_id,
-                       int etm, int tag_mode, int ver,
-                       int cid0_len, int cid1_len )
-{
-    /*
-     * Test several record encryptions and decryptions
-     * with plenty of space before and after the data
-     * within the record buffer.
-     */
-
-    int ret;
-    int num_records = 16;
-    mbedtls_ssl_context ssl; /* ONLY for debugging */
-
-    mbedtls_ssl_transform t0, t1;
-    unsigned char *buf = NULL;
-    size_t const buflen = 512;
-    mbedtls_record rec, rec_backup;
-
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_transform_init( &t0 );
-    mbedtls_ssl_transform_init( &t1 );
-    TEST_ASSERT( build_transforms( &t0, &t1, cipher_type, hash_id,
-                                   etm, tag_mode, ver,
-                                   (size_t) cid0_len,
-                                   (size_t) cid1_len ) == 0 );
-
-    TEST_ASSERT( ( buf = mbedtls_calloc( 1, buflen ) ) != NULL );
-
-    while( num_records-- > 0 )
-    {
-        mbedtls_ssl_transform *t_dec, *t_enc;
-        /* Take turns in who's sending and who's receiving. */
-        if( num_records % 3 == 0 )
-        {
-            t_dec = &t0;
-            t_enc = &t1;
-        }
-        else
-        {
-            t_dec = &t1;
-            t_enc = &t0;
-        }
-
-        /*
-         * The record header affects the transformation in two ways:
-         * 1) It determines the AEAD additional data
-         * 2) The record counter sometimes determines the IV.
-         *
-         * Apart from that, the fields don't have influence.
-         * In particular, it is currently not the responsibility
-         * of ssl_encrypt/decrypt_buf to check if the transform
-         * version matches the record version, or that the
-         * type is sensible.
-         */
-
-        memset( rec.ctr, num_records, sizeof( rec.ctr ) );
-        rec.type    = 42;
-        rec.ver[0]  = num_records;
-        rec.ver[1]  = num_records;
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-        rec.cid_len = 0;
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-        rec.buf     = buf;
-        rec.buf_len = buflen;
-        rec.data_offset = 16;
-        /* Make sure to vary the length to exercise different
-         * paddings. */
-        rec.data_len = 1 + num_records;
-
-        memset( rec.buf + rec.data_offset, 42, rec.data_len );
-
-        /* Make a copy for later comparison */
-        rec_backup = rec;
-
-        /* Encrypt record */
-        ret = mbedtls_ssl_encrypt_buf( &ssl, t_enc, &rec,
-                                       mbedtls_test_rnd_std_rand, NULL );
-        TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-        if( ret != 0 )
-        {
-            continue;
-        }
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-        if( rec.cid_len != 0 )
-        {
-            /* DTLS 1.2 + CID hides the real content type and
-             * uses a special CID content type in the protected
-             * record. Double-check this. */
-            TEST_ASSERT( rec.type == MBEDTLS_SSL_MSG_CID );
-        }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
-        if( t_enc->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
-        {
-            /* TLS 1.3 hides the real content type and
-             * always uses Application Data as the content type
-             * for protected records. Double-check this. */
-            TEST_ASSERT( rec.type == MBEDTLS_SSL_MSG_APPLICATION_DATA );
-        }
-#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-
-        /* Decrypt record with t_dec */
-        ret = mbedtls_ssl_decrypt_buf( &ssl, t_dec, &rec );
-        TEST_ASSERT( ret == 0 );
-
-        /* Compare results */
-        TEST_ASSERT( rec.type == rec_backup.type );
-        TEST_ASSERT( memcmp( rec.ctr, rec_backup.ctr, 8 ) == 0 );
-        TEST_ASSERT( rec.ver[0] == rec_backup.ver[0] );
-        TEST_ASSERT( rec.ver[1] == rec_backup.ver[1] );
-        TEST_ASSERT( rec.data_len == rec_backup.data_len );
-        TEST_ASSERT( rec.data_offset == rec_backup.data_offset );
-        TEST_ASSERT( memcmp( rec.buf + rec.data_offset,
-                             rec_backup.buf + rec_backup.data_offset,
-                             rec.data_len ) == 0 );
-    }
-
-exit:
-
-    /* Cleanup */
-    mbedtls_ssl_free( &ssl );
-    mbedtls_ssl_transform_free( &t0 );
-    mbedtls_ssl_transform_free( &t1 );
-
-    mbedtls_free( buf );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_crypt_record_small( int cipher_type, int hash_id,
-                             int etm, int tag_mode, int ver,
-                             int cid0_len, int cid1_len )
-{
-    /*
-     * Test pairs of encryption and decryption with an increasing
-     * amount of space in the record buffer - in more detail:
-     * 1) Try to encrypt with 0, 1, 2, ... bytes available
-     *    in front of the plaintext, and expect the encryption
-     *    to succeed starting from some offset. Always keep
-     *    enough space in the end of the buffer.
-     * 2) Try to encrypt with 0, 1, 2, ... bytes available
-     *    at the end of the plaintext, and expect the encryption
-     *    to succeed starting from some offset. Always keep
-     *    enough space at the beginning of the buffer.
-     * 3) Try to encrypt with 0, 1, 2, ... bytes available
-     *    both at the front and end of the plaintext,
-     *    and expect the encryption to succeed starting from
-     *    some offset.
-     *
-     * If encryption succeeds, check that decryption succeeds
-     * and yields the original record.
-     */
-
-    mbedtls_ssl_context ssl; /* ONLY for debugging */
-
-    mbedtls_ssl_transform t0, t1;
-    unsigned char *buf = NULL;
-    size_t const buflen = 256;
-    mbedtls_record rec, rec_backup;
-
-    int ret;
-    int mode;              /* Mode 1, 2 or 3 as explained above     */
-    size_t offset;         /* Available space at beginning/end/both */
-    size_t threshold = 96; /* Maximum offset to test against        */
-
-    size_t default_pre_padding  = 64;  /* Pre-padding to use in mode 2  */
-    size_t default_post_padding = 128; /* Post-padding to use in mode 1 */
-
-    int seen_success; /* Indicates if in the current mode we've
-                       * already seen a successful test. */
-
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_transform_init( &t0 );
-    mbedtls_ssl_transform_init( &t1 );
-    TEST_ASSERT( build_transforms( &t0, &t1, cipher_type, hash_id,
-                                   etm, tag_mode, ver,
-                                   (size_t) cid0_len,
-                                   (size_t) cid1_len ) == 0 );
-
-    TEST_ASSERT( ( buf = mbedtls_calloc( 1, buflen ) ) != NULL );
-
-    for( mode=1; mode <= 3; mode++ )
-    {
-        seen_success = 0;
-        for( offset=0; offset <= threshold; offset++ )
-        {
-            mbedtls_ssl_transform *t_dec, *t_enc;
-            t_dec = &t0;
-            t_enc = &t1;
-
-            memset( rec.ctr, offset, sizeof( rec.ctr ) );
-            rec.type    = 42;
-            rec.ver[0]  = offset;
-            rec.ver[1]  = offset;
-            rec.buf     = buf;
-            rec.buf_len = buflen;
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-            rec.cid_len = 0;
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-            switch( mode )
-            {
-                case 1: /* Space in the beginning */
-                    rec.data_offset = offset;
-                    rec.data_len = buflen - offset - default_post_padding;
-                    break;
-
-                case 2: /* Space in the end */
-                    rec.data_offset = default_pre_padding;
-                    rec.data_len = buflen - default_pre_padding - offset;
-                    break;
-
-                case 3: /* Space in the beginning and end */
-                    rec.data_offset = offset;
-                    rec.data_len = buflen - 2 * offset;
-                    break;
-
-                default:
-                    TEST_ASSERT( 0 );
-                    break;
-            }
-
-            memset( rec.buf + rec.data_offset, 42, rec.data_len );
-
-            /* Make a copy for later comparison */
-            rec_backup = rec;
-
-            /* Encrypt record */
-            ret = mbedtls_ssl_encrypt_buf( &ssl, t_enc, &rec,
-                                           mbedtls_test_rnd_std_rand, NULL );
-
-            if( ( mode == 1 || mode == 2 ) && seen_success )
-            {
-                TEST_ASSERT( ret == 0 );
-            }
-            else
-            {
-                TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-                if( ret == 0 )
-                    seen_success = 1;
-            }
-
-            if( ret != 0 )
-                continue;
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-            if( rec.cid_len != 0 )
-            {
-                /* DTLS 1.2 + CID hides the real content type and
-                 * uses a special CID content type in the protected
-                 * record. Double-check this. */
-                TEST_ASSERT( rec.type == MBEDTLS_SSL_MSG_CID );
-            }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
-            if( t_enc->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
-            {
-                /* TLS 1.3 hides the real content type and
-                 * always uses Application Data as the content type
-                 * for protected records. Double-check this. */
-                TEST_ASSERT( rec.type == MBEDTLS_SSL_MSG_APPLICATION_DATA );
-            }
-#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-
-            /* Decrypt record with t_dec */
-            TEST_ASSERT( mbedtls_ssl_decrypt_buf( &ssl, t_dec, &rec ) == 0 );
-
-            /* Compare results */
-            TEST_ASSERT( rec.type == rec_backup.type );
-            TEST_ASSERT( memcmp( rec.ctr, rec_backup.ctr, 8 ) == 0 );
-            TEST_ASSERT( rec.ver[0] == rec_backup.ver[0] );
-            TEST_ASSERT( rec.ver[1] == rec_backup.ver[1] );
-            TEST_ASSERT( rec.data_len == rec_backup.data_len );
-            TEST_ASSERT( rec.data_offset == rec_backup.data_offset );
-            TEST_ASSERT( memcmp( rec.buf + rec.data_offset,
-                                 rec_backup.buf + rec_backup.data_offset,
-                                 rec.data_len ) == 0 );
-        }
-
-        TEST_ASSERT( seen_success == 1 );
-    }
-
-exit:
-
-    /* Cleanup */
-    mbedtls_ssl_free( &ssl );
-    mbedtls_ssl_transform_free( &t0 );
-    mbedtls_ssl_transform_free( &t1 );
-
-    mbedtls_free( buf );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2 */
-void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac,
-                              int length_selector )
-{
-    /*
-     * Test record decryption for CBC without EtM, focused on the verification
-     * of padding and MAC.
-     *
-     * Actually depends on TLS >= 1.0 (SSL 3.0 computes the MAC differently),
-     * and either AES, ARIA, Camellia or DES, but since the test framework
-     * doesn't support alternation in dependency statements, just depend on
-     * TLS 1.2 and AES.
-     *
-     * The length_selector argument is interpreted as follows:
-     * - if it's -1, the plaintext length is 0 and minimal padding is applied
-     * - if it's -2, the plaintext length is 0 and maximal padding is applied
-     * - otherwise it must be in [0, 255] and is padding_length from RFC 5246:
-     *   it's the length of the rest of the padding, that is, excluding the
-     *   byte that encodes the length. The minimal non-zero plaintext length
-     *   that gives this padding_length is automatically selected.
-     */
-    mbedtls_ssl_context ssl; /* ONLY for debugging */
-    mbedtls_ssl_transform t0, t1;
-    mbedtls_record rec, rec_save;
-    unsigned char *buf = NULL, *buf_save = NULL;
-    size_t buflen, olen = 0;
-    size_t plaintext_len, block_size, i;
-    unsigned char padlen; /* excluding the padding_length byte */
-    unsigned char add_data[13];
-    unsigned char mac[MBEDTLS_MD_MAX_SIZE];
-    int exp_ret;
-    const unsigned char pad_max_len = 255; /* Per the standard */
-
-    mbedtls_ssl_init( &ssl );
-    mbedtls_ssl_transform_init( &t0 );
-    mbedtls_ssl_transform_init( &t1 );
-
-    /* Set up transforms with dummy keys */
-    TEST_ASSERT( build_transforms( &t0, &t1, cipher_type, hash_id,
-                                   0, trunc_hmac,
-                                   MBEDTLS_SSL_MINOR_VERSION_3,
-                                   0 , 0 ) == 0 );
-
-    /* Determine padding/plaintext length */
-    TEST_ASSERT( length_selector >= -2 && length_selector <= 255 );
-    block_size = t0.ivlen;
-    if( length_selector < 0 )
-    {
-        plaintext_len = 0;
-
-        /* Minimal padding
-         * The +1 is for the padding_length byte, not counted in padlen. */
-        padlen = block_size - ( t0.maclen + 1 ) % block_size;
-
-        /* Maximal padding? */
-        if( length_selector == -2 )
-            padlen += block_size * ( ( pad_max_len - padlen ) / block_size );
-    }
-    else
-    {
-        padlen = length_selector;
-
-        /* Minimal non-zero plaintext_length giving desired padding.
-         * The +1 is for the padding_length byte, not counted in padlen. */
-        plaintext_len = block_size - ( padlen + t0.maclen + 1 ) % block_size;
-    }
-
-    /* Prepare a buffer for record data */
-    buflen = block_size
-           + plaintext_len
-           + t0.maclen
-           + padlen + 1;
-    ASSERT_ALLOC( buf, buflen );
-    ASSERT_ALLOC( buf_save, buflen );
-
-    /* Prepare a dummy record header */
-    memset( rec.ctr, 0, sizeof( rec.ctr ) );
-    rec.type    = MBEDTLS_SSL_MSG_APPLICATION_DATA;
-    rec.ver[0]  = MBEDTLS_SSL_MAJOR_VERSION_3;
-    rec.ver[1]  = MBEDTLS_SSL_MINOR_VERSION_3;
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    rec.cid_len = 0;
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-
-    /* Prepare dummy record content */
-    rec.buf     = buf;
-    rec.buf_len = buflen;
-    rec.data_offset = block_size;
-    rec.data_len = plaintext_len;
-    memset( rec.buf + rec.data_offset, 42, rec.data_len );
-
-    /* Serialized version of record header for MAC purposes */
-    memcpy( add_data, rec.ctr, 8 );
-    add_data[8] = rec.type;
-    add_data[9] = rec.ver[0];
-    add_data[10] = rec.ver[1];
-    add_data[11] = ( rec.data_len >> 8 ) & 0xff;
-    add_data[12] = ( rec.data_len >> 0 ) & 0xff;
-
-    /* Set dummy IV */
-    memset( t0.iv_enc, 0x55, t0.ivlen );
-    memcpy( rec.buf, t0.iv_enc, t0.ivlen );
-
-    /*
-     * Prepare a pre-encryption record (with MAC and padding), and save it.
-     */
-
-    /* MAC with additional data */
-    TEST_EQUAL( 0, mbedtls_md_hmac_update( &t0.md_ctx_enc, add_data, 13 ) );
-    TEST_EQUAL( 0, mbedtls_md_hmac_update( &t0.md_ctx_enc,
-                                           rec.buf + rec.data_offset,
-                                           rec.data_len ) );
-    TEST_EQUAL( 0, mbedtls_md_hmac_finish( &t0.md_ctx_enc, mac ) );
-
-    memcpy( rec.buf + rec.data_offset + rec.data_len, mac, t0.maclen );
-    rec.data_len += t0.maclen;
-
-    /* Pad */
-    memset( rec.buf + rec.data_offset + rec.data_len, padlen, padlen + 1 );
-    rec.data_len += padlen + 1;
-
-    /* Save correct pre-encryption record */
-    rec_save = rec;
-    rec_save.buf = buf_save;
-    memcpy( buf_save, buf, buflen );
-
-    /*
-     * Encrypt and decrypt the correct record, expecting success
-     */
-    TEST_EQUAL( 0, mbedtls_cipher_crypt( &t0.cipher_ctx_enc,
-                                  t0.iv_enc, t0.ivlen,
-                                  rec.buf + rec.data_offset, rec.data_len,
-                                  rec.buf + rec.data_offset, &olen ) );
-    rec.data_offset -= t0.ivlen;
-    rec.data_len    += t0.ivlen;
-
-    TEST_EQUAL( 0, mbedtls_ssl_decrypt_buf( &ssl, &t1, &rec ) );
-
-    /*
-     * Modify each byte of the pre-encryption record before encrypting and
-     * decrypting it, expecting failure every time.
-     */
-    for( i = block_size; i < buflen; i++ )
-    {
-        test_set_step( i );
-
-        /* Restore correct pre-encryption record */
-        rec = rec_save;
-        rec.buf = buf;
-        memcpy( buf, buf_save, buflen );
-
-        /* Corrupt one byte of the data (could be plaintext, MAC or padding) */
-        rec.buf[i] ^= 0x01;
-
-        /* Encrypt */
-        TEST_EQUAL( 0, mbedtls_cipher_crypt( &t0.cipher_ctx_enc,
-                                      t0.iv_enc, t0.ivlen,
-                                      rec.buf + rec.data_offset, rec.data_len,
-                                      rec.buf + rec.data_offset, &olen ) );
-        rec.data_offset -= t0.ivlen;
-        rec.data_len    += t0.ivlen;
-
-        /* Decrypt and expect failure */
-        TEST_EQUAL( MBEDTLS_ERR_SSL_INVALID_MAC,
-                    mbedtls_ssl_decrypt_buf( &ssl, &t1, &rec ) );
-    }
-
-    /*
-     * Use larger values of the padding bytes - with small buffers, this tests
-     * the case where the announced padlen would be larger than the buffer
-     * (and before that, than the buffer minus the size of the MAC), to make
-     * sure our padding checking code does not perform any out-of-bounds reads
-     * in this case. (With larger buffers, ie when the plaintext is long or
-     * maximal length padding is used, this is less relevant but still doesn't
-     * hurt to test.)
-     *
-     * (Start the loop with correct padding, just to double-check that record
-     * saving did work, and that we're overwriting the correct bytes.)
-     */
-    for( i = padlen; i <= pad_max_len; i++ )
-    {
-        test_set_step( i );
-
-        /* Restore correct pre-encryption record */
-        rec = rec_save;
-        rec.buf = buf;
-        memcpy( buf, buf_save, buflen );
-
-        /* Set padding bytes to new value */
-        memset( buf + buflen - padlen - 1, i, padlen + 1 );
-
-        /* Encrypt */
-        TEST_EQUAL( 0, mbedtls_cipher_crypt( &t0.cipher_ctx_enc,
-                                      t0.iv_enc, t0.ivlen,
-                                      rec.buf + rec.data_offset, rec.data_len,
-                                      rec.buf + rec.data_offset, &olen ) );
-        rec.data_offset -= t0.ivlen;
-        rec.data_len    += t0.ivlen;
-
-        /* Decrypt and expect failure except the first time */
-        exp_ret = ( i == padlen ) ? 0 : MBEDTLS_ERR_SSL_INVALID_MAC;
-        TEST_EQUAL( exp_ret, mbedtls_ssl_decrypt_buf( &ssl, &t1, &rec ) );
-    }
-
-exit:
-    mbedtls_ssl_free( &ssl );
-    mbedtls_ssl_transform_free( &t0 );
-    mbedtls_ssl_transform_free( &t1 );
-    mbedtls_free( buf );
-    mbedtls_free( buf_save );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-void ssl_tls1_3_hkdf_expand_label( int hash_alg,
-                                   data_t *secret,
-                                   int label_idx,
-                                   data_t *ctx,
-                                   int desired_length,
-                                   data_t *expected )
-{
-    unsigned char dst[ 100 ];
-
-    unsigned char const *lbl = NULL;
-    size_t lbl_len;
-#define MBEDTLS_SSL_TLS1_3_LABEL( name, string )                        \
-    if( label_idx == (int) tls1_3_label_ ## name )                      \
-    {                                                                   \
-        lbl = mbedtls_ssl_tls1_3_labels.name;                           \
-        lbl_len = sizeof( mbedtls_ssl_tls1_3_labels.name );             \
-    }
-MBEDTLS_SSL_TLS1_3_LABEL_LIST
-#undef MBEDTLS_SSL_TLS1_3_LABEL
-    TEST_ASSERT( lbl != NULL );
-
-    /* Check sanity of test parameters. */
-    TEST_ASSERT( (size_t) desired_length <= sizeof(dst) );
-    TEST_ASSERT( (size_t) desired_length == expected->len );
-
-    TEST_ASSERT( mbedtls_ssl_tls1_3_hkdf_expand_label(
-                      (mbedtls_md_type_t) hash_alg,
-                      secret->x, secret->len,
-                      lbl, lbl_len,
-                      ctx->x, ctx->len,
-                      dst, desired_length ) == 0 );
-
-    ASSERT_COMPARE( dst, (size_t) desired_length,
-                    expected->x, (size_t) expected->len );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-void ssl_tls1_3_traffic_key_generation( int hash_alg,
-                                        data_t *server_secret,
-                                        data_t *client_secret,
-                                        int desired_iv_len,
-                                        int desired_key_len,
-                                        data_t *expected_server_write_key,
-                                        data_t *expected_server_write_iv,
-                                        data_t *expected_client_write_key,
-                                        data_t *expected_client_write_iv )
-{
-    mbedtls_ssl_key_set keys;
-
-    /* Check sanity of test parameters. */
-    TEST_ASSERT( client_secret->len == server_secret->len );
-    TEST_ASSERT( expected_client_write_iv->len == expected_server_write_iv->len &&
-                 expected_client_write_iv->len == (size_t) desired_iv_len );
-    TEST_ASSERT( expected_client_write_key->len == expected_server_write_key->len &&
-                 expected_client_write_key->len == (size_t) desired_key_len );
-
-    TEST_ASSERT( mbedtls_ssl_tls1_3_make_traffic_keys(
-                     (mbedtls_md_type_t) hash_alg,
-                     client_secret->x,
-                     server_secret->x,
-                     client_secret->len /* == server_secret->len */,
-                     desired_key_len, desired_iv_len,
-                     &keys ) == 0 );
-
-    ASSERT_COMPARE( keys.client_write_key,
-                    keys.key_len,
-                    expected_client_write_key->x,
-                    (size_t) desired_key_len );
-    ASSERT_COMPARE( keys.server_write_key,
-                    keys.key_len,
-                    expected_server_write_key->x,
-                    (size_t) desired_key_len );
-    ASSERT_COMPARE( keys.client_write_iv,
-                    keys.iv_len,
-                    expected_client_write_iv->x,
-                    (size_t) desired_iv_len );
-    ASSERT_COMPARE( keys.server_write_iv,
-                    keys.iv_len,
-                    expected_server_write_iv->x,
-                    (size_t) desired_iv_len );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-void ssl_tls1_3_derive_secret( int hash_alg,
-                               data_t *secret,
-                               int label_idx,
-                               data_t *ctx,
-                               int desired_length,
-                               int already_hashed,
-                               data_t *expected )
-{
-    unsigned char dst[ 100 ];
-
-    unsigned char const *lbl = NULL;
-    size_t lbl_len;
-#define MBEDTLS_SSL_TLS1_3_LABEL( name, string )                        \
-    if( label_idx == (int) tls1_3_label_ ## name )                      \
-    {                                                                   \
-        lbl = mbedtls_ssl_tls1_3_labels.name;                           \
-        lbl_len = sizeof( mbedtls_ssl_tls1_3_labels.name );             \
-    }
-MBEDTLS_SSL_TLS1_3_LABEL_LIST
-#undef MBEDTLS_SSL_TLS1_3_LABEL
-    TEST_ASSERT( lbl != NULL );
-
-    /* Check sanity of test parameters. */
-    TEST_ASSERT( (size_t) desired_length <= sizeof(dst) );
-    TEST_ASSERT( (size_t) desired_length == expected->len );
-
-    TEST_ASSERT( mbedtls_ssl_tls1_3_derive_secret(
-                      (mbedtls_md_type_t) hash_alg,
-                      secret->x, secret->len,
-                      lbl, lbl_len,
-                      ctx->x, ctx->len,
-                      already_hashed,
-                      dst, desired_length ) == 0 );
-
-    ASSERT_COMPARE( dst, desired_length,
-                    expected->x, desired_length );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-void ssl_tls1_3_key_evolution( int hash_alg,
-                               data_t *secret,
-                               data_t *input,
-                               data_t *expected )
-{
-    unsigned char secret_new[ MBEDTLS_MD_MAX_SIZE ];
-
-    TEST_ASSERT( mbedtls_ssl_tls1_3_evolve_secret(
-                      (mbedtls_md_type_t) hash_alg,
-                      secret->len ? secret->x : NULL,
-                      input->len ? input->x : NULL, input->len,
-                      secret_new ) == 0 );
-
-    ASSERT_COMPARE( secret_new, (size_t) expected->len,
-                    expected->x, (size_t) expected->len );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_tls_prf( int type, data_t * secret, data_t * random,
-                  char *label, data_t *result_str, int exp_ret )
-{
-    unsigned char *output;
-
-    output = mbedtls_calloc( 1, result_str->len );
-    if( output == NULL )
-        goto exit;
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    TEST_ASSERT( psa_crypto_init() == 0 );
-#endif
-
-    TEST_ASSERT( mbedtls_ssl_tls_prf( type, secret->x, secret->len,
-                                      label, random->x, random->len,
-                                      output, result_str->len ) == exp_ret );
-
-    if( exp_ret == 0 )
-    {
-        TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
-                     result_str->len, result_str->len ) == 0 );
-    }
-exit:
-
-    mbedtls_free( output );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_serialize_session_save_load( int ticket_len, char *crt_file )
-{
-    mbedtls_ssl_session original, restored;
-    unsigned char *buf = NULL;
-    size_t len;
-
-    /*
-     * Test that a save-load pair is the identity
-     */
-
-    mbedtls_ssl_session_init( &original );
-    mbedtls_ssl_session_init( &restored );
-
-    /* Prepare a dummy session to work on */
-    TEST_ASSERT( ssl_populate_session( &original, ticket_len, crt_file ) == 0 );
-
-    /* Serialize it */
-    TEST_ASSERT( mbedtls_ssl_session_save( &original, NULL, 0, &len )
-                 == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-    TEST_ASSERT( ( buf = mbedtls_calloc( 1, len ) ) != NULL );
-    TEST_ASSERT( mbedtls_ssl_session_save( &original, buf, len, &len )
-                 == 0 );
-
-    /* Restore session from serialized data */
-    TEST_ASSERT( mbedtls_ssl_session_load( &restored, buf, len) == 0 );
-
-    /*
-     * Make sure both session structures are identical
-     */
-#if defined(MBEDTLS_HAVE_TIME)
-    TEST_ASSERT( original.start == restored.start );
-#endif
-    TEST_ASSERT( original.ciphersuite == restored.ciphersuite );
-    TEST_ASSERT( original.compression == restored.compression );
-    TEST_ASSERT( original.id_len == restored.id_len );
-    TEST_ASSERT( memcmp( original.id,
-                         restored.id, sizeof( original.id ) ) == 0 );
-    TEST_ASSERT( memcmp( original.master,
-                         restored.master, sizeof( original.master ) ) == 0 );
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    TEST_ASSERT( ( original.peer_cert == NULL ) ==
-                 ( restored.peer_cert == NULL ) );
-    if( original.peer_cert != NULL )
-    {
-        TEST_ASSERT( original.peer_cert->raw.len ==
-                     restored.peer_cert->raw.len );
-        TEST_ASSERT( memcmp( original.peer_cert->raw.p,
-                             restored.peer_cert->raw.p,
-                             original.peer_cert->raw.len ) == 0 );
-    }
-#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-    TEST_ASSERT( original.peer_cert_digest_type ==
-                 restored.peer_cert_digest_type );
-    TEST_ASSERT( original.peer_cert_digest_len ==
-                 restored.peer_cert_digest_len );
-    TEST_ASSERT( ( original.peer_cert_digest == NULL ) ==
-                 ( restored.peer_cert_digest == NULL ) );
-    if( original.peer_cert_digest != NULL )
-    {
-        TEST_ASSERT( memcmp( original.peer_cert_digest,
-                             restored.peer_cert_digest,
-                             original.peer_cert_digest_len ) == 0 );
-    }
-#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-    TEST_ASSERT( original.verify_result == restored.verify_result );
-
-#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
-    TEST_ASSERT( original.ticket_len == restored.ticket_len );
-    if( original.ticket_len != 0 )
-    {
-        TEST_ASSERT( original.ticket != NULL );
-        TEST_ASSERT( restored.ticket != NULL );
-        TEST_ASSERT( memcmp( original.ticket,
-                             restored.ticket, original.ticket_len ) == 0 );
-    }
-    TEST_ASSERT( original.ticket_lifetime == restored.ticket_lifetime );
-#endif
-
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-    TEST_ASSERT( original.mfl_code == restored.mfl_code );
-#endif
-
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-    TEST_ASSERT( original.trunc_hmac == restored.trunc_hmac );
-#endif
-
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-    TEST_ASSERT( original.encrypt_then_mac == restored.encrypt_then_mac );
-#endif
-
-exit:
-    mbedtls_ssl_session_free( &original );
-    mbedtls_ssl_session_free( &restored );
-    mbedtls_free( buf );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_serialize_session_load_save( int ticket_len, char *crt_file )
-{
-    mbedtls_ssl_session session;
-    unsigned char *buf1 = NULL, *buf2 = NULL;
-    size_t len0, len1, len2;
-
-    /*
-     * Test that a load-save pair is the identity
-     */
-
-    mbedtls_ssl_session_init( &session );
-
-    /* Prepare a dummy session to work on */
-    TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 );
-
-    /* Get desired buffer size for serializing */
-    TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &len0 )
-                 == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-
-    /* Allocate first buffer */
-    buf1 = mbedtls_calloc( 1, len0 );
-    TEST_ASSERT( buf1 != NULL );
-
-    /* Serialize to buffer and free live session */
-    TEST_ASSERT( mbedtls_ssl_session_save( &session, buf1, len0, &len1 )
-                 == 0 );
-    TEST_ASSERT( len0 == len1 );
-    mbedtls_ssl_session_free( &session );
-
-    /* Restore session from serialized data */
-    TEST_ASSERT( mbedtls_ssl_session_load( &session, buf1, len1 ) == 0 );
-
-    /* Allocate second buffer and serialize to it */
-    buf2 = mbedtls_calloc( 1, len0 );
-    TEST_ASSERT( buf2 != NULL );
-    TEST_ASSERT( mbedtls_ssl_session_save( &session, buf2, len0, &len2 )
-                 == 0 );
-
-    /* Make sure both serialized versions are identical */
-    TEST_ASSERT( len1 == len2 );
-    TEST_ASSERT( memcmp( buf1, buf2, len1 ) == 0 );
-
-exit:
-    mbedtls_ssl_session_free( &session );
-    mbedtls_free( buf1 );
-    mbedtls_free( buf2 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_serialize_session_save_buf_size( int ticket_len, char *crt_file )
-{
-    mbedtls_ssl_session session;
-    unsigned char *buf = NULL;
-    size_t good_len, bad_len, test_len;
-
-    /*
-     * Test that session_save() fails cleanly on small buffers
-     */
-
-    mbedtls_ssl_session_init( &session );
-
-    /* Prepare dummy session and get serialized size */
-    TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 );
-    TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &good_len )
-                 == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-
-    /* Try all possible bad lengths */
-    for( bad_len = 1; bad_len < good_len; bad_len++ )
-    {
-        /* Allocate exact size so that asan/valgrind can detect any overwrite */
-        mbedtls_free( buf );
-        TEST_ASSERT( ( buf = mbedtls_calloc( 1, bad_len ) ) != NULL );
-        TEST_ASSERT( mbedtls_ssl_session_save( &session, buf, bad_len,
-                                               &test_len )
-                     == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-        TEST_ASSERT( test_len == good_len );
-    }
-
-exit:
-    mbedtls_ssl_session_free( &session );
-    mbedtls_free( buf );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_serialize_session_load_buf_size( int ticket_len, char *crt_file )
-{
-    mbedtls_ssl_session session;
-    unsigned char *good_buf = NULL, *bad_buf = NULL;
-    size_t good_len, bad_len;
-
-    /*
-     * Test that session_load() fails cleanly on small buffers
-     */
-
-    mbedtls_ssl_session_init( &session );
-
-    /* Prepare serialized session data */
-    TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 );
-    TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &good_len )
-                 == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
-    TEST_ASSERT( ( good_buf = mbedtls_calloc( 1, good_len ) ) != NULL );
-    TEST_ASSERT( mbedtls_ssl_session_save( &session, good_buf, good_len,
-                                           &good_len ) == 0 );
-    mbedtls_ssl_session_free( &session );
-
-    /* Try all possible bad lengths */
-    for( bad_len = 0; bad_len < good_len; bad_len++ )
-    {
-        /* Allocate exact size so that asan/valgrind can detect any overread */
-        mbedtls_free( bad_buf );
-        bad_buf = mbedtls_calloc( 1, bad_len ? bad_len : 1 );
-        TEST_ASSERT( bad_buf != NULL );
-        memcpy( bad_buf, good_buf, bad_len );
-
-        TEST_ASSERT( mbedtls_ssl_session_load( &session, bad_buf, bad_len )
-                     == MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
-exit:
-    mbedtls_ssl_session_free( &session );
-    mbedtls_free( good_buf );
-    mbedtls_free( bad_buf );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void ssl_session_serialize_version_check( int corrupt_major,
-                                          int corrupt_minor,
-                                          int corrupt_patch,
-                                          int corrupt_config )
-{
-    unsigned char serialized_session[ 2048 ];
-    size_t serialized_session_len;
-    unsigned cur_byte;
-    mbedtls_ssl_session session;
-    uint8_t should_corrupt_byte[] = { corrupt_major  == 1,
-                                      corrupt_minor  == 1,
-                                      corrupt_patch  == 1,
-                                      corrupt_config == 1,
-                                      corrupt_config == 1 };
-
-    mbedtls_ssl_session_init( &session );
-
-    /* Infer length of serialized session. */
-    TEST_ASSERT( mbedtls_ssl_session_save( &session,
-                                           serialized_session,
-                                           sizeof( serialized_session ),
-                                           &serialized_session_len ) == 0 );
-
-    mbedtls_ssl_session_free( &session );
-
-    /* Without any modification, we should be able to successfully
-     * de-serialize the session - double-check that. */
-    TEST_ASSERT( mbedtls_ssl_session_load( &session,
-                                           serialized_session,
-                                           serialized_session_len ) == 0 );
-    mbedtls_ssl_session_free( &session );
-
-    /* Go through the bytes in the serialized session header and
-     * corrupt them bit-by-bit. */
-    for( cur_byte = 0; cur_byte < sizeof( should_corrupt_byte ); cur_byte++ )
-    {
-        int cur_bit;
-        unsigned char * const byte = &serialized_session[ cur_byte ];
-
-        if( should_corrupt_byte[ cur_byte ] == 0 )
-            continue;
-
-        for( cur_bit = 0; cur_bit < CHAR_BIT; cur_bit++ )
-        {
-            unsigned char const corrupted_bit = 0x1u << cur_bit;
-            /* Modify a single bit in the serialized session. */
-            *byte ^= corrupted_bit;
-
-            /* Attempt to deserialize */
-            TEST_ASSERT( mbedtls_ssl_session_load( &session,
-                                                   serialized_session,
-                                                   serialized_session_len ) ==
-                         MBEDTLS_ERR_SSL_VERSION_MISMATCH );
-
-            /* Undo the change */
-            *byte ^= corrupted_bit;
-        }
-    }
-
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_ENTROPY_C:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
-void mbedtls_endpoint_sanity( int endpoint_type )
-{
-    enum { BUFFSIZE = 1024 };
-    mbedtls_endpoint ep;
-    int ret = -1;
-
-    ret = mbedtls_endpoint_init( NULL, endpoint_type, MBEDTLS_PK_RSA,
-                                 NULL, NULL, NULL );
-    TEST_ASSERT( MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret );
-
-    ret = mbedtls_endpoint_certificate_init( NULL, MBEDTLS_PK_RSA );
-    TEST_ASSERT( MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret );
-
-    ret = mbedtls_endpoint_init( &ep, endpoint_type, MBEDTLS_PK_RSA,
-                                 NULL, NULL, NULL );
-    TEST_ASSERT( ret == 0 );
-
-exit:
-    mbedtls_endpoint_free( &ep, NULL );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_ENTROPY_C:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
-void move_handshake_to_state(int endpoint_type, int state, int need_pass)
-{
-    enum { BUFFSIZE = 1024 };
-    mbedtls_endpoint base_ep, second_ep;
-    int ret = -1;
-
-    ret = mbedtls_endpoint_init( &base_ep, endpoint_type, MBEDTLS_PK_RSA,
-                                 NULL, NULL, NULL );
-    TEST_ASSERT( ret == 0 );
-
-    ret = mbedtls_endpoint_init( &second_ep,
-                            ( endpoint_type == MBEDTLS_SSL_IS_SERVER ) ?
-                            MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER,
-                                 MBEDTLS_PK_RSA, NULL, NULL, NULL );
-    TEST_ASSERT( ret == 0 );
-
-    ret = mbedtls_mock_socket_connect( &(base_ep.socket),
-                                       &(second_ep.socket),
-                                       BUFFSIZE );
-    TEST_ASSERT( ret == 0 );
-
-    ret = mbedtls_move_handshake_to_state( &(base_ep.ssl),
-                                           &(second_ep.ssl),
-                                           state );
-    if( need_pass )
-    {
-        TEST_ASSERT( ret == 0 );
-        TEST_ASSERT( base_ep.ssl.state == state );
-    }
-    else
-    {
-        TEST_ASSERT( ret != 0 );
-        TEST_ASSERT( base_ep.ssl.state != state );
-    }
-
-exit:
-    mbedtls_endpoint_free( &base_ep, NULL );
-    mbedtls_endpoint_free( &second_ep, NULL );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
-void handshake_version( int dtls, int client_min_version, int client_max_version,
-                        int server_min_version, int server_max_version,
-                        int expected_negotiated_version )
-{
-    handshake_test_options options;
-    init_handshake_options( &options );
-
-    options.client_min_version = client_min_version;
-    options.client_max_version = client_max_version;
-    options.server_min_version = server_min_version;
-    options.server_max_version = server_max_version;
-
-    options.expected_negotiated_version = expected_negotiated_version;
-
-    options.dtls = dtls;
-    /* By default, SSLv3.0 and TLSv1.0 use 1/n-1 splitting when sending data, so
-     * the number of fragments will be twice as big. */
-    if( expected_negotiated_version == MBEDTLS_SSL_MINOR_VERSION_0 ||
-        expected_negotiated_version == MBEDTLS_SSL_MINOR_VERSION_1 )
-    {
-        options.expected_cli_fragments = 2;
-        options.expected_srv_fragments = 2;
-    }
-    perform_handshake( &options );
-
-    /* The goto below is used to avoid an "unused label" warning.*/
-    goto exit;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
-void handshake_psk_cipher( char* cipher, int pk_alg, data_t *psk_str, int dtls )
-{
-    handshake_test_options options;
-    init_handshake_options( &options );
-
-    options.cipher = cipher;
-    options.dtls = dtls;
-    options.psk_str = psk_str;
-    options.pk_alg = pk_alg;
-
-    perform_handshake( &options );
-
-    /* The goto below is used to avoid an "unused label" warning.*/
-    goto exit;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
-void handshake_cipher( char* cipher, int pk_alg, int dtls )
-{
-    test_handshake_psk_cipher( cipher, pk_alg, NULL, dtls );
-
-    /* The goto below is used to avoid an "unused label" warning.*/
-    goto exit;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
-void app_data( int mfl, int cli_msg_len, int srv_msg_len,
-               int expected_cli_fragments,
-               int expected_srv_fragments, int dtls )
-{
-    handshake_test_options options;
-    init_handshake_options( &options );
-
-    options.mfl = mfl;
-    options.cli_msg_len = cli_msg_len;
-    options.srv_msg_len = srv_msg_len;
-    options.expected_cli_fragments = expected_cli_fragments;
-    options.expected_srv_fragments = expected_srv_fragments;
-    options.dtls = dtls;
-
-    perform_handshake( &options );
-    /* The goto below is used to avoid an "unused label" warning.*/
-    goto exit;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
-void app_data_tls( int mfl, int cli_msg_len, int srv_msg_len,
-                   int expected_cli_fragments,
-                   int expected_srv_fragments )
-{
-    test_app_data( mfl, cli_msg_len, srv_msg_len, expected_cli_fragments,
-                   expected_srv_fragments, 0 );
-    /* The goto below is used to avoid an "unused label" warning.*/
-    goto exit;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
-void app_data_dtls( int mfl, int cli_msg_len, int srv_msg_len,
-                    int expected_cli_fragments,
-                    int expected_srv_fragments )
-{
-    test_app_data( mfl, cli_msg_len, srv_msg_len, expected_cli_fragments,
-                   expected_srv_fragments, 1 );
-    /* The goto below is used to avoid an "unused label" warning.*/
-    goto exit;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
-void handshake_serialization( )
-{
-    handshake_test_options options;
-    init_handshake_options( &options );
-
-    options.serialize = 1;
-    options.dtls = 1;
-    perform_handshake( &options );
-    /* The goto below is used to avoid an "unused label" warning.*/
-    goto exit;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_DEBUG_C:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
-void handshake_fragmentation( int mfl, int expected_srv_hs_fragmentation, int expected_cli_hs_fragmentation)
-{
-    handshake_test_options options;
-    log_pattern srv_pattern, cli_pattern;
-
-    srv_pattern.pattern = cli_pattern.pattern = "found fragmented DTLS handshake";
-    srv_pattern.counter = 0;
-    cli_pattern.counter = 0;
-
-    init_handshake_options( &options );
-    options.dtls = 1;
-    options.mfl = mfl;
-    /* Set cipher to one using CBC so that record splitting can be tested */
-    options.cipher = "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256";
-    options.srv_auth_mode = MBEDTLS_SSL_VERIFY_REQUIRED;
-    options.srv_log_obj = &srv_pattern;
-    options.cli_log_obj = &cli_pattern;
-    options.srv_log_fun = log_analyzer;
-    options.cli_log_fun = log_analyzer;
-
-    perform_handshake( &options );
-
-    /* Test if the server received a fragmented handshake */
-    if( expected_srv_hs_fragmentation )
-    {
-        TEST_ASSERT( srv_pattern.counter >= 1 );
-    }
-    /* Test if the client received a fragmented handshake */
-    if( expected_cli_hs_fragmentation )
-    {
-        TEST_ASSERT( cli_pattern.counter >= 1 );
-    }
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
-void renegotiation( int legacy_renegotiation )
-{
-    handshake_test_options options;
-    init_handshake_options( &options );
-
-    options.renegotiate = 1;
-    options.legacy_renegotiation = legacy_renegotiation;
-    options.dtls = 1;
-
-    perform_handshake( &options );
-    /* The goto below is used to avoid an "unused label" warning.*/
-    goto exit;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
-void resize_buffers( int mfl, int renegotiation, int legacy_renegotiation,
-                     int serialize, int dtls, char *cipher )
-{
-    handshake_test_options options;
-    init_handshake_options( &options );
-
-    options.mfl = mfl;
-    options.cipher = cipher;
-    options.renegotiate = renegotiation;
-    options.legacy_renegotiation = legacy_renegotiation;
-    options.serialize = serialize;
-    options.dtls = dtls;
-    options.resize_buffers = 1;
-
-    perform_handshake( &options );
-    /* The goto below is used to avoid an "unused label" warning.*/
-    goto exit;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
-void resize_buffers_serialize_mfl( int mfl )
-{
-    test_resize_buffers( mfl, 0, MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION, 1, 1,
-                         (char *) "" );
-
-    /* The goto below is used to avoid an "unused label" warning.*/
-    goto exit;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
-void resize_buffers_renegotiate_mfl( int mfl, int legacy_renegotiation,
-                                     char *cipher )
-{
-    test_resize_buffers( mfl, 1, legacy_renegotiation, 0, 1, cipher );
-
-    /* The goto below is used to avoid an "unused label" warning.*/
-    goto exit;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC:MBEDTLS_TEST_HOOKS */
-void ssl_cf_hmac( int hash )
-{
-    /*
-     * Test the function mbedtls_ssl_cf_hmac() against a reference
-     * implementation.
-     */
-    mbedtls_md_context_t ctx, ref_ctx;
-    const mbedtls_md_info_t *md_info;
-    size_t out_len, block_size;
-    size_t min_in_len, in_len, max_in_len, i;
-    /* TLS additional data is 13 bytes (hence the "lucky 13" name) */
-    unsigned char add_data[13];
-    unsigned char ref_out[MBEDTLS_MD_MAX_SIZE];
-    unsigned char *data = NULL;
-    unsigned char *out = NULL;
-    unsigned char rec_num = 0;
-
-    mbedtls_md_init( &ctx );
-    mbedtls_md_init( &ref_ctx );
-
-    md_info = mbedtls_md_info_from_type( hash );
-    TEST_ASSERT( md_info != NULL );
-    out_len = mbedtls_md_get_size( md_info );
-    TEST_ASSERT( out_len != 0 );
-    block_size = hash == MBEDTLS_MD_SHA384 ? 128 : 64;
-
-    /* Use allocated out buffer to catch overwrites */
-    ASSERT_ALLOC( out, out_len );
-
-    /* Set up contexts with the given hash and a dummy key */
-    TEST_EQUAL( 0, mbedtls_md_setup( &ctx, md_info, 1 ) );
-    TEST_EQUAL( 0, mbedtls_md_setup( &ref_ctx, md_info, 1 ) );
-    memset( ref_out, 42, sizeof( ref_out ) );
-    TEST_EQUAL( 0, mbedtls_md_hmac_starts( &ctx, ref_out, out_len ) );
-    TEST_EQUAL( 0, mbedtls_md_hmac_starts( &ref_ctx, ref_out, out_len ) );
-    memset( ref_out, 0, sizeof( ref_out ) );
-
-    /*
-     * Test all possible lengths up to a point. The difference between
-     * max_in_len and min_in_len is at most 255, and make sure they both vary
-     * by at least one block size.
-     */
-    for( max_in_len = 0; max_in_len <= 255 + block_size; max_in_len++ )
-    {
-        test_set_step( max_in_len * 10000 );
-
-        /* Use allocated in buffer to catch overreads */
-        ASSERT_ALLOC( data, max_in_len );
-
-        min_in_len = max_in_len > 255 ? max_in_len - 255 : 0;
-        for( in_len = min_in_len; in_len <= max_in_len; in_len++ )
-        {
-            test_set_step( max_in_len * 10000 + in_len );
-
-            /* Set up dummy data and add_data */
-            rec_num++;
-            memset( add_data, rec_num, sizeof( add_data ) );
-            for( i = 0; i < in_len; i++ )
-                data[i] = ( i & 0xff ) ^ rec_num;
-
-            /* Get the function's result */
-            TEST_CF_SECRET( &in_len, sizeof( in_len ) );
-            TEST_EQUAL( 0, mbedtls_ssl_cf_hmac( &ctx, add_data, sizeof( add_data ),
-                                                data, in_len,
-                                                min_in_len, max_in_len,
-                                                out ) );
-            TEST_CF_PUBLIC( &in_len, sizeof( in_len ) );
-            TEST_CF_PUBLIC( out, out_len );
-
-            /* Compute the reference result */
-            TEST_EQUAL( 0, mbedtls_md_hmac_update( &ref_ctx, add_data,
-                                                   sizeof( add_data ) ) );
-            TEST_EQUAL( 0, mbedtls_md_hmac_update( &ref_ctx, data, in_len ) );
-            TEST_EQUAL( 0, mbedtls_md_hmac_finish( &ref_ctx, ref_out ) );
-            TEST_EQUAL( 0, mbedtls_md_hmac_reset( &ref_ctx ) );
-
-            /* Compare */
-            ASSERT_COMPARE( out, out_len, ref_out, out_len );
-        }
-
-        mbedtls_free( data );
-        data = NULL;
-    }
-
-exit:
-    mbedtls_md_free( &ref_ctx );
-    mbedtls_md_free( &ctx );
-
-    mbedtls_free( data );
-    mbedtls_free( out );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC:MBEDTLS_TEST_HOOKS */
-void ssl_cf_memcpy_offset( int offset_min, int offset_max, int len )
-{
-    unsigned char *dst = NULL;
-    unsigned char *src = NULL;
-    size_t src_len = offset_max + len;
-    size_t secret;
-
-    ASSERT_ALLOC( dst, len );
-    ASSERT_ALLOC( src, src_len );
-
-    /* Fill src in a way that we can detect if we copied the right bytes */
-    mbedtls_test_rnd_std_rand( NULL, src, src_len );
-
-    for( secret = offset_min; secret <= (size_t) offset_max; secret++ )
-    {
-        test_set_step( (int) secret );
-
-        TEST_CF_SECRET( &secret, sizeof( secret ) );
-        mbedtls_ssl_cf_memcpy_offset( dst, src, secret,
-                                      offset_min, offset_max, len );
-        TEST_CF_PUBLIC( &secret, sizeof( secret ) );
-        TEST_CF_PUBLIC( dst, len );
-
-        ASSERT_COMPARE( dst, len, src + secret, len );
-    }
-
-exit:
-    mbedtls_free( dst );
-    mbedtls_free( src );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_timing.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_timing.function
deleted file mode 100644
index 74dc823..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_timing.function
+++ /dev/null
@@ -1,74 +0,0 @@
-/* BEGIN_HEADER */
-
-/* This test module exercises the timing module. Since, depending on the
- * underlying operating system, the timing routines are not always reliable,
- * this suite only performs very basic sanity checks of the timing API.
- */
-
-#include <limits.h>
-
-#include "mbedtls/timing.h"
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_TIMING_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void timing_hardclock( )
-{
-    (void) mbedtls_timing_hardclock();
-    /* This goto is added to avoid warnings from the generated code. */
-    goto exit;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void timing_get_timer( )
-{
-    struct mbedtls_timing_hr_time time;
-    (void) mbedtls_timing_get_timer( &time, 1 );
-    (void) mbedtls_timing_get_timer( &time, 0 );
-    /* This goto is added to avoid warnings from the generated code. */
-    goto exit;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void timing_set_alarm( int seconds )
-{
-    if( seconds == 0 )
-    {
-        mbedtls_set_alarm( seconds );
-        TEST_ASSERT( mbedtls_timing_alarmed == 1 );
-    }
-    else
-    {
-        mbedtls_set_alarm( seconds );
-        TEST_ASSERT( mbedtls_timing_alarmed == 0 ||
-                     mbedtls_timing_alarmed == 1 );
-    }
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void timing_delay( int fin_ms )
-{
-    mbedtls_timing_delay_context ctx;
-    int result;
-    if( fin_ms == 0 )
-    {
-        mbedtls_timing_set_delay( &ctx, 0, 0 );
-        result = mbedtls_timing_get_delay( &ctx );
-        TEST_ASSERT( result == -1 );
-    }
-    else
-    {
-        mbedtls_timing_set_delay( &ctx, fin_ms / 2, fin_ms );
-        result = mbedtls_timing_get_delay( &ctx );
-        TEST_ASSERT( result >= 0 && result <= 2 );
-    }
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_version.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_version.data
deleted file mode 100644
index 2b01227..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_version.data
+++ /dev/null
@@ -1,15 +0,0 @@
-Check compiletime library version
-check_compiletime_version:"2.25.0"
-
-Check runtime library version
-check_runtime_version:"2.25.0"
-
-Check for MBEDTLS_VERSION_C
-check_feature:"MBEDTLS_VERSION_C":0
-
-Check for MBEDTLS_AES_C when already present
-depends_on:MBEDTLS_AES_C
-check_feature:"MBEDTLS_AES_C":0
-
-Check for unknown define
-check_feature:"MBEDTLS_UNKNOWN":-1
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_version.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_version.function
deleted file mode 100644
index 7d59794..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_version.function
+++ /dev/null
@@ -1,73 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/version.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_VERSION_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void check_compiletime_version( char * version_str )
-{
-    char build_str[100];
-    char build_str_full[100];
-    unsigned int build_int;
-
-    memset( build_str, 0, 100 );
-    memset( build_str_full, 0, 100 );
-
-    mbedtls_snprintf( build_str, 100, "%d.%d.%d", MBEDTLS_VERSION_MAJOR,
-        MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH );
-
-    mbedtls_snprintf( build_str_full, 100, "mbed TLS %d.%d.%d", MBEDTLS_VERSION_MAJOR,
-        MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH );
-
-    build_int = MBEDTLS_VERSION_MAJOR << 24 |
-            MBEDTLS_VERSION_MINOR << 16 |
-            MBEDTLS_VERSION_PATCH << 8;
-
-    TEST_ASSERT( build_int == MBEDTLS_VERSION_NUMBER );
-    TEST_ASSERT( strcmp( build_str, MBEDTLS_VERSION_STRING ) == 0 );
-    TEST_ASSERT( strcmp( build_str_full, MBEDTLS_VERSION_STRING_FULL ) == 0 );
-    TEST_ASSERT( strcmp( version_str, MBEDTLS_VERSION_STRING ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void check_runtime_version( char * version_str )
-{
-    char build_str[100];
-    char get_str[100];
-    char build_str_full[100];
-    char get_str_full[100];
-    unsigned int get_int;
-
-    memset( build_str, 0, 100 );
-    memset( get_str, 0, 100 );
-    memset( build_str_full, 0, 100 );
-    memset( get_str_full, 0, 100 );
-
-    get_int = mbedtls_version_get_number();
-    mbedtls_version_get_string( get_str );
-    mbedtls_version_get_string_full( get_str_full );
-
-    mbedtls_snprintf( build_str, 100, "%u.%u.%u",
-        (get_int >> 24) & 0xFF,
-        (get_int >> 16) & 0xFF,
-        (get_int >> 8) & 0xFF );
-    mbedtls_snprintf( build_str_full, 100, "mbed TLS %s", version_str );
-
-    TEST_ASSERT( strcmp( build_str, version_str ) == 0 );
-    TEST_ASSERT( strcmp( build_str_full, get_str_full ) == 0 );
-    TEST_ASSERT( strcmp( version_str, get_str ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_VERSION_FEATURES */
-void check_feature( char *feature, int result )
-{
-    int check = mbedtls_version_check_feature( feature );
-    TEST_ASSERT( check == result );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_x509parse.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_x509parse.function
deleted file mode 100644
index 2bba4e2..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_x509parse.function
+++ /dev/null
@@ -1,1258 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/bignum.h"
-#include "mbedtls/x509.h"
-#include "mbedtls/x509_crt.h"
-#include "mbedtls/x509_crl.h"
-#include "mbedtls/x509_csr.h"
-#include "mbedtls/pem.h"
-#include "mbedtls/oid.h"
-#include "mbedtls/base64.h"
-#include "string.h"
-
-#if MBEDTLS_X509_MAX_INTERMEDIATE_CA > 19
-#error "The value of MBEDTLS_X509_MAX_INTERMEDIATE_C is larger \
-than the current threshold 19. To test larger values, please \
-adapt the script tests/data_files/dir-max/long.sh."
-#endif
-
-/* Test-only profile allowing all digests, PK algorithms, and curves. */
-const mbedtls_x509_crt_profile profile_all =
-{
-    0xFFFFFFFF, /* Any MD        */
-    0xFFFFFFFF, /* Any PK alg    */
-    0xFFFFFFFF, /* Any curve     */
-    1024,
-};
-
-/* Profile for backward compatibility. Allows SHA-1, unlike the default
-   profile. */
-const mbedtls_x509_crt_profile compat_profile =
-{
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_RIPEMD160 ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ),
-    0xFFFFFFF, /* Any PK alg    */
-    0xFFFFFFF, /* Any curve     */
-    1024,
-};
-
-const mbedtls_x509_crt_profile profile_rsa3072 =
-{
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) |
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ),
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_RSA ),
-    0,
-    3072,
-};
-
-const mbedtls_x509_crt_profile profile_sha512 =
-{
-    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ),
-    0xFFFFFFF, /* Any PK alg    */
-    0xFFFFFFF, /* Any curve     */
-    1024,
-};
-
-int verify_none( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags )
-{
-    ((void) data);
-    ((void) crt);
-    ((void) certificate_depth);
-    *flags |= MBEDTLS_X509_BADCERT_OTHER;
-
-    return 0;
-}
-
-int verify_all( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags )
-{
-    ((void) data);
-    ((void) crt);
-    ((void) certificate_depth);
-    *flags = 0;
-
-    return 0;
-}
-
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-int ca_callback_fail( void *data, mbedtls_x509_crt const *child, mbedtls_x509_crt **candidates )
-{
-    ((void) data);
-    ((void) child);
-    ((void) candidates);
-
-    return -1;
-}
-
-int ca_callback( void *data, mbedtls_x509_crt const *child,
-                 mbedtls_x509_crt **candidates )
-{
-    int ret = 0;
-    mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data;
-    mbedtls_x509_crt *first;
-
-    /* This is a test-only implementation of the CA callback
-     * which always returns the entire list of trusted certificates.
-     * Production implementations managing a large number of CAs
-     * should use an efficient presentation and lookup for the
-     * set of trusted certificates (such as a hashtable) and only
-     * return those trusted certificates which satisfy basic
-     * parental checks, such as the matching of child `Issuer`
-     * and parent `Subject` field. */
-    ((void) child);
-
-    first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
-    if( first == NULL )
-    {
-        ret = -1;
-        goto exit;
-    }
-    mbedtls_x509_crt_init( first );
-
-    if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
-    {
-        ret = -1;
-        goto exit;
-    }
-
-    while( ca->next != NULL )
-    {
-        ca = ca->next;
-        if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
-        {
-            ret = -1;
-            goto exit;
-        }
-    }
-
-exit:
-
-    if( ret != 0 )
-    {
-        mbedtls_x509_crt_free( first );
-        mbedtls_free( first );
-        first = NULL;
-    }
-
-    *candidates = first;
-    return( ret );
-}
-#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
-
-int verify_fatal( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags )
-{
-    int *levels = (int *) data;
-
-    ((void) crt);
-    ((void) certificate_depth);
-
-    /* Simulate a fatal error in the callback */
-    if( *levels & ( 1 << certificate_depth ) )
-    {
-        *flags |= ( 1 << certificate_depth );
-        return( -1 - certificate_depth );
-    }
-
-    return( 0 );
-}
-
-/* strsep() not available on Windows */
-char *mystrsep(char **stringp, const char *delim)
-{
-    const char *p;
-    char *ret = *stringp;
-
-    if( *stringp == NULL )
-        return( NULL );
-
-    for( ; ; (*stringp)++ )
-    {
-        if( **stringp == '\0' )
-        {
-            *stringp = NULL;
-            goto done;
-        }
-
-        for( p = delim; *p != '\0'; p++ )
-            if( **stringp == *p )
-            {
-                **stringp = '\0';
-                (*stringp)++;
-                goto done;
-            }
-    }
-
-done:
-    return( ret );
-}
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-typedef struct {
-    char buf[512];
-    char *p;
-} verify_print_context;
-
-void verify_print_init( verify_print_context *ctx )
-{
-    memset( ctx, 0, sizeof( verify_print_context ) );
-    ctx->p = ctx->buf;
-}
-
-int verify_print( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags )
-{
-    int ret;
-    verify_print_context *ctx = (verify_print_context *) data;
-    char *p = ctx->p;
-    size_t n = ctx->buf + sizeof( ctx->buf ) - ctx->p;
-    ((void) flags);
-
-    ret = mbedtls_snprintf( p, n, "depth %d - serial ", certificate_depth );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    ret = mbedtls_x509_serial_gets( p, n, &crt->serial );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    ret = mbedtls_snprintf( p, n, " - subject " );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    ret = mbedtls_x509_dn_gets( p, n, &crt->subject );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    ret = mbedtls_snprintf( p, n, " - flags 0x%08x\n", *flags );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    ctx->p = p;
-
-    return( 0 );
-}
-
-int verify_parse_san( mbedtls_x509_subject_alternative_name *san,
-                      char **buf, size_t *size )
-{
-    int ret;
-    size_t i;
-    char *p = *buf;
-    size_t n = *size;
-
-    ret = mbedtls_snprintf( p, n, "type : %d", san->type );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    switch( san->type )
-    {
-       case( MBEDTLS_X509_SAN_OTHER_NAME ):
-           ret = mbedtls_snprintf( p, n, "\notherName :");
-           MBEDTLS_X509_SAFE_SNPRINTF;
-
-           if( MBEDTLS_OID_CMP( MBEDTLS_OID_ON_HW_MODULE_NAME,
-                    &san->san.other_name.value.hardware_module_name.oid ) != 0 )
-           {
-               ret = mbedtls_snprintf( p, n, " hardware module name :" );
-               MBEDTLS_X509_SAFE_SNPRINTF;
-               ret = mbedtls_snprintf( p, n, " hardware type : " );
-               MBEDTLS_X509_SAFE_SNPRINTF;
-
-               ret = mbedtls_oid_get_numeric_string( p, n,
-                          &san->san.other_name.value.hardware_module_name.oid );
-               MBEDTLS_X509_SAFE_SNPRINTF;
-
-               ret = mbedtls_snprintf( p, n, ", hardware serial number : " );
-               MBEDTLS_X509_SAFE_SNPRINTF;
-
-               if( san->san.other_name.value.hardware_module_name.val.len >= n )
-               {
-                   *p = '\0';
-                   return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL );
-               }
-
-               for( i=0; i < san->san.other_name.value.hardware_module_name.val.len; i++ )
-               {
-                   *p++ = san->san.other_name.value.hardware_module_name.val.p[i];
-               }
-               n -= san->san.other_name.value.hardware_module_name.val.len;
-            }
-        break;/* MBEDTLS_OID_ON_HW_MODULE_NAME */
-        case(  MBEDTLS_X509_SAN_DNS_NAME ):
-            ret = mbedtls_snprintf( p, n, "\ndNSName : " );
-            MBEDTLS_X509_SAFE_SNPRINTF;
-            if( san->san.unstructured_name.len >= n )
-            {
-                *p = '\0';
-                return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL );
-            }
-            n -= san->san.unstructured_name.len;
-            for( i = 0; i < san->san.unstructured_name.len; i++ )
-                *p++ = san->san.unstructured_name.p[i];
-        break;/* MBEDTLS_X509_SAN_DNS_NAME */
-
-        default:
-        /*
-         * Should not happen.
-         */
-        return( -1 );
-    }
-    ret = mbedtls_snprintf( p, n, "\n" );
-    MBEDTLS_X509_SAFE_SNPRINTF;
-
-    *size = n;
-    *buf = p;
-
-    return( 0 );
-}
-
-int parse_crt_ext_cb( void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf const *oid,
-                      int critical, const unsigned char *cp, const unsigned char *end )
-{
-    ( void ) crt;
-    ( void ) critical;
-    mbedtls_x509_buf *new_oid = (mbedtls_x509_buf *)p_ctx;
-    if( oid->tag == MBEDTLS_ASN1_OID &&
-        MBEDTLS_OID_CMP( MBEDTLS_OID_CERTIFICATE_POLICIES, oid ) == 0 )
-    {
-        /* Handle unknown certificate policy */
-        int ret, parse_ret = 0;
-        size_t len;
-        unsigned char **p = (unsigned char **)&cp;
-
-        /* Get main sequence tag */
-        ret = mbedtls_asn1_get_tag( p, end, &len,
-                                 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE );
-        if( ret != 0 )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-        if( *p + len != end )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                    MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-        /*
-         * Cannot be an empty sequence.
-         */
-        if( len == 0 )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                    MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-        while( *p < end )
-        {
-            const unsigned char *policy_end;
-
-            /*
-             * Get the policy sequence
-             */
-            if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
-                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-                return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-            policy_end = *p + len;
-
-            if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len,
-                                              MBEDTLS_ASN1_OID ) ) != 0 )
-                return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-
-            /*
-             * Recognize exclusively the policy with OID 1
-             */
-            if( len != 1 || *p[0] != 1 )
-                parse_ret = MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE;
-
-            *p += len;
-
-           /*
-            * If there is an optional qualifier, then *p < policy_end
-            * Check the Qualifier len to verify it doesn't exceed policy_end.
-            */
-            if( *p < policy_end )
-            {
-                if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len,
-                         MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-                    return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
-                /*
-                 * Skip the optional policy qualifiers.
-                 */
-                *p += len;
-            }
-
-            if( *p != policy_end )
-                return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                        MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-        }
-
-        if( *p != end )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                    MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
-
-        return( parse_ret );
-    }
-    else if( new_oid != NULL && new_oid->tag == oid->tag && new_oid->len == oid->len &&
-             memcmp( new_oid->p, oid->p, oid->len ) == 0 )
-        return( 0 );
-    else
-        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
-}
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_BIGNUM_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
-void x509_parse_san( char * crt_file, char * result_str )
-{
-    int ret;
-    mbedtls_x509_crt   crt;
-    mbedtls_x509_subject_alternative_name san;
-    mbedtls_x509_sequence *cur = NULL;
-    char buf[2000];
-    char *p = buf;
-    size_t n = sizeof( buf );
-
-    mbedtls_x509_crt_init( &crt );
-    memset( buf, 0, 2000 );
-
-    TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
-
-    if( crt.ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME )
-    {
-        cur = &crt.subject_alt_names;
-        while( cur != NULL )
-        {
-            ret = mbedtls_x509_parse_subject_alt_name( &cur->buf, &san );
-            TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE );
-            /*
-             * If san type not supported, ignore.
-             */
-            if( ret == 0)
-                TEST_ASSERT( verify_parse_san( &san, &p, &n ) == 0 );
-            cur = cur->next;
-        }
-    }
-
-    TEST_ASSERT( strcmp( buf, result_str ) == 0 );
-
-exit:
-
-    mbedtls_x509_crt_free( &crt );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
-void x509_cert_info( char * crt_file, char * result_str )
-{
-    mbedtls_x509_crt   crt;
-    char buf[2000];
-    int res;
-
-    mbedtls_x509_crt_init( &crt );
-    memset( buf, 0, 2000 );
-
-    TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
-    res = mbedtls_x509_crt_info( buf, 2000, "", &crt );
-
-    TEST_ASSERT( res != -1 );
-    TEST_ASSERT( res != -2 );
-
-    TEST_ASSERT( strcmp( buf, result_str ) == 0 );
-
-exit:
-    mbedtls_x509_crt_free( &crt );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C */
-void mbedtls_x509_crl_info( char * crl_file, char * result_str )
-{
-    mbedtls_x509_crl   crl;
-    char buf[2000];
-    int res;
-
-    mbedtls_x509_crl_init( &crl );
-    memset( buf, 0, 2000 );
-
-    TEST_ASSERT( mbedtls_x509_crl_parse_file( &crl, crl_file ) == 0 );
-    res = mbedtls_x509_crl_info( buf, 2000, "", &crl );
-
-    TEST_ASSERT( res != -1 );
-    TEST_ASSERT( res != -2 );
-
-    TEST_ASSERT( strcmp( buf, result_str ) == 0 );
-
-exit:
-    mbedtls_x509_crl_free( &crl );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C */
-void mbedtls_x509_crl_parse( char * crl_file, int result )
-{
-    mbedtls_x509_crl   crl;
-    char buf[2000];
-
-    mbedtls_x509_crl_init( &crl );
-    memset( buf, 0, 2000 );
-
-    TEST_ASSERT( mbedtls_x509_crl_parse_file( &crl, crl_file ) == result );
-
-exit:
-    mbedtls_x509_crl_free( &crl );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C */
-void mbedtls_x509_csr_info( char * csr_file, char * result_str )
-{
-    mbedtls_x509_csr   csr;
-    char buf[2000];
-    int res;
-
-    mbedtls_x509_csr_init( &csr );
-    memset( buf, 0, 2000 );
-
-    TEST_ASSERT( mbedtls_x509_csr_parse_file( &csr, csr_file ) == 0 );
-    res = mbedtls_x509_csr_info( buf, 2000, "", &csr );
-
-    TEST_ASSERT( res != -1 );
-    TEST_ASSERT( res != -2 );
-
-    TEST_ASSERT( strcmp( buf, result_str ) == 0 );
-
-exit:
-    mbedtls_x509_csr_free( &csr );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */
-void x509_verify_info( int flags, char * prefix, char * result_str )
-{
-    char buf[2000];
-    int res;
-
-    memset( buf, 0, sizeof( buf ) );
-
-    res = mbedtls_x509_crt_verify_info( buf, sizeof( buf ), prefix, flags );
-
-    TEST_ASSERT( res >= 0 );
-
-    TEST_ASSERT( strcmp( buf, result_str ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_C */
-void x509_verify_restart( char *crt_file, char *ca_file,
-                          int result, int flags_result,
-                          int max_ops, int min_restart, int max_restart )
-{
-    int ret, cnt_restart;
-    mbedtls_x509_crt_restart_ctx rs_ctx;
-    mbedtls_x509_crt crt;
-    mbedtls_x509_crt ca;
-    uint32_t flags = 0;
-
-    /*
-     * See comments on ecp_test_vect_restart() for op count precision.
-     *
-     * For reference, with mbed TLS 2.6 and default settings:
-     * - ecdsa_verify() for P-256:  ~  6700
-     * - ecdsa_verify() for P-384:  ~ 18800
-     * - x509_verify() for server5 -> test-ca2:             ~ 18800
-     * - x509_verify() for server10 -> int-ca3 -> int-ca2:  ~ 25500
-     */
-
-    mbedtls_x509_crt_restart_init( &rs_ctx );
-    mbedtls_x509_crt_init( &crt );
-    mbedtls_x509_crt_init( &ca );
-
-    TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
-    TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 );
-
-    mbedtls_ecp_set_max_ops( max_ops );
-
-    cnt_restart = 0;
-    do {
-        ret = mbedtls_x509_crt_verify_restartable( &crt, &ca, NULL,
-                &mbedtls_x509_crt_profile_default, NULL, &flags,
-                NULL, NULL, &rs_ctx );
-    } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
-
-    TEST_ASSERT( ret == result );
-    TEST_ASSERT( flags == (uint32_t) flags_result );
-
-    TEST_ASSERT( cnt_restart >= min_restart );
-    TEST_ASSERT( cnt_restart <= max_restart );
-
-    /* Do we leak memory when aborting? */
-    ret = mbedtls_x509_crt_verify_restartable( &crt, &ca, NULL,
-            &mbedtls_x509_crt_profile_default, NULL, &flags,
-            NULL, NULL, &rs_ctx );
-    TEST_ASSERT( ret == result || ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
-
-exit:
-    mbedtls_x509_crt_restart_free( &rs_ctx );
-    mbedtls_x509_crt_free( &crt );
-    mbedtls_x509_crt_free( &ca );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C */
-void x509_verify( char *crt_file, char *ca_file, char *crl_file,
-                  char *cn_name_str, int result, int flags_result,
-                  char *profile_str,
-                  char *verify_callback )
-{
-    mbedtls_x509_crt   crt;
-    mbedtls_x509_crt   ca;
-    mbedtls_x509_crl    crl;
-    uint32_t         flags = 0;
-    int         res;
-    int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *) = NULL;
-    char *      cn_name = NULL;
-    const mbedtls_x509_crt_profile *profile;
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    TEST_ASSERT( psa_crypto_init() == 0 );
-#endif
-
-    mbedtls_x509_crt_init( &crt );
-    mbedtls_x509_crt_init( &ca );
-    mbedtls_x509_crl_init( &crl );
-
-    if( strcmp( cn_name_str, "NULL" ) != 0 )
-        cn_name = cn_name_str;
-
-    if( strcmp( profile_str, "" ) == 0 )
-        profile = &mbedtls_x509_crt_profile_default;
-    else if( strcmp( profile_str, "next" ) == 0 )
-        profile = &mbedtls_x509_crt_profile_next;
-    else if( strcmp( profile_str, "suite_b" ) == 0 )
-        profile = &mbedtls_x509_crt_profile_suiteb;
-    else if( strcmp( profile_str, "compat" ) == 0 )
-        profile = &compat_profile;
-    else if( strcmp( profile_str, "all" ) == 0 )
-        profile = &profile_all;
-    else
-        TEST_ASSERT( "Unknown algorithm profile" == 0 );
-
-    if( strcmp( verify_callback, "NULL" ) == 0 )
-        f_vrfy = NULL;
-    else if( strcmp( verify_callback, "verify_none" ) == 0 )
-        f_vrfy = verify_none;
-    else if( strcmp( verify_callback, "verify_all" ) == 0 )
-        f_vrfy = verify_all;
-    else
-        TEST_ASSERT( "No known verify callback selected" == 0 );
-
-    TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
-    TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 );
-    TEST_ASSERT( mbedtls_x509_crl_parse_file( &crl, crl_file ) == 0 );
-
-    res = mbedtls_x509_crt_verify_with_profile( &crt, &ca, &crl, profile, cn_name, &flags, f_vrfy, NULL );
-
-    TEST_ASSERT( res == ( result ) );
-    TEST_ASSERT( flags == (uint32_t)( flags_result ) );
-
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-    /* CRLs aren't supported with CA callbacks, so skip the CA callback
-     * version of the test if CRLs are in use. */
-    if( crl_file == NULL || strcmp( crl_file, "" ) == 0 )
-    {
-        flags = 0;
-
-        res = mbedtls_x509_crt_verify_with_ca_cb( &crt, ca_callback, &ca, profile, cn_name, &flags, f_vrfy, NULL );
-
-        TEST_ASSERT( res == ( result ) );
-        TEST_ASSERT( flags == (uint32_t)( flags_result ) );
-    }
-#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
-exit:
-    mbedtls_x509_crt_free( &crt );
-    mbedtls_x509_crt_free( &ca );
-    mbedtls_x509_crl_free( &crl );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C:MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
-void x509_verify_ca_cb_failure( char *crt_file, char *ca_file, char *name,
-                                int exp_ret )
-{
-    int ret;
-    mbedtls_x509_crt crt;
-    mbedtls_x509_crt ca;
-    uint32_t flags = 0;
-
-    mbedtls_x509_crt_init( &crt );
-    mbedtls_x509_crt_init( &ca );
-
-    TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
-    TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 );
-
-    if( strcmp( name, "NULL" ) == 0 )
-        name = NULL;
-
-    ret = mbedtls_x509_crt_verify_with_ca_cb( &crt, ca_callback_fail, &ca,
-                                              &compat_profile, name, &flags,
-                                              NULL, NULL );
-
-    TEST_ASSERT( ret == exp_ret );
-    TEST_ASSERT( flags == (uint32_t)( -1 ) );
-exit:
-    mbedtls_x509_crt_free( &crt );
-    mbedtls_x509_crt_free( &ca );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
-void x509_verify_callback( char *crt_file, char *ca_file, char *name,
-                           int exp_ret, char *exp_vrfy_out )
-{
-    int ret;
-    mbedtls_x509_crt crt;
-    mbedtls_x509_crt ca;
-    uint32_t flags = 0;
-    verify_print_context vrfy_ctx;
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    TEST_ASSERT( psa_crypto_init() == 0 );
-#endif
-
-    mbedtls_x509_crt_init( &crt );
-    mbedtls_x509_crt_init( &ca );
-    verify_print_init( &vrfy_ctx );
-
-    TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
-    TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 );
-
-    if( strcmp( name, "NULL" ) == 0 )
-        name = NULL;
-
-    ret = mbedtls_x509_crt_verify_with_profile( &crt, &ca, NULL,
-                                                &compat_profile,
-                                                name, &flags,
-                                                verify_print, &vrfy_ctx );
-
-    TEST_ASSERT( ret == exp_ret );
-    TEST_ASSERT( strcmp( vrfy_ctx.buf, exp_vrfy_out ) == 0 );
-
-exit:
-    mbedtls_x509_crt_free( &crt );
-    mbedtls_x509_crt_free( &ca );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
-void mbedtls_x509_dn_gets( char * crt_file, char * entity, char * result_str )
-{
-    mbedtls_x509_crt   crt;
-    char buf[2000];
-    int res = 0;
-
-    mbedtls_x509_crt_init( &crt );
-    memset( buf, 0, 2000 );
-
-    TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
-    if( strcmp( entity, "subject" ) == 0 )
-        res =  mbedtls_x509_dn_gets( buf, 2000, &crt.subject );
-    else if( strcmp( entity, "issuer" ) == 0 )
-        res =  mbedtls_x509_dn_gets( buf, 2000, &crt.issuer );
-    else
-        TEST_ASSERT( "Unknown entity" == 0 );
-
-    TEST_ASSERT( res != -1 );
-    TEST_ASSERT( res != -2 );
-
-    TEST_ASSERT( strcmp( buf, result_str ) == 0 );
-
-exit:
-    mbedtls_x509_crt_free( &crt );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
-void mbedtls_x509_time_is_past( char * crt_file, char * entity, int result )
-{
-    mbedtls_x509_crt   crt;
-
-    mbedtls_x509_crt_init( &crt );
-
-    TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
-
-    if( strcmp( entity, "valid_from" ) == 0 )
-        TEST_ASSERT( mbedtls_x509_time_is_past( &crt.valid_from ) == result );
-    else if( strcmp( entity, "valid_to" ) == 0 )
-        TEST_ASSERT( mbedtls_x509_time_is_past( &crt.valid_to ) == result );
-    else
-        TEST_ASSERT( "Unknown entity" == 0 );
-
-exit:
-    mbedtls_x509_crt_free( &crt );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
-void mbedtls_x509_time_is_future( char * crt_file, char * entity, int result )
-{
-    mbedtls_x509_crt   crt;
-
-    mbedtls_x509_crt_init( &crt );
-
-    TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
-
-    if( strcmp( entity, "valid_from" ) == 0 )
-        TEST_ASSERT( mbedtls_x509_time_is_future( &crt.valid_from ) == result );
-    else if( strcmp( entity, "valid_to" ) == 0 )
-        TEST_ASSERT( mbedtls_x509_time_is_future( &crt.valid_to ) == result );
-    else
-        TEST_ASSERT( "Unknown entity" == 0 );
-
-exit:
-    mbedtls_x509_crt_free( &crt );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_FS_IO */
-void x509parse_crt_file( char * crt_file, int result )
-{
-    mbedtls_x509_crt crt;
-
-    mbedtls_x509_crt_init( &crt );
-
-    TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == result );
-
-exit:
-    mbedtls_x509_crt_free( &crt );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */
-void x509parse_crt( data_t * buf, char * result_str, int result )
-{
-    mbedtls_x509_crt   crt;
-    unsigned char output[2000];
-    int res;
-
-    mbedtls_x509_crt_init( &crt );
-    memset( output, 0, 2000 );
-
-    TEST_ASSERT( mbedtls_x509_crt_parse_der( &crt, buf->x, buf->len ) == ( result ) );
-    if( ( result ) == 0 )
-    {
-        res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt );
-
-        TEST_ASSERT( res != -1 );
-        TEST_ASSERT( res != -2 );
-
-        TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 );
-    }
-
-    mbedtls_x509_crt_free( &crt );
-    mbedtls_x509_crt_init( &crt );
-    memset( output, 0, 2000 );
-
-    TEST_ASSERT( mbedtls_x509_crt_parse_der_nocopy( &crt, buf->x, buf->len ) == ( result ) );
-    if( ( result ) == 0 )
-    {
-        res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt );
-
-        TEST_ASSERT( res != -1 );
-        TEST_ASSERT( res != -2 );
-
-        TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 );
-    }
-
-    mbedtls_x509_crt_free( &crt );
-    mbedtls_x509_crt_init( &crt );
-    memset( output, 0, 2000 );
-
-    TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 0, NULL, NULL ) == ( result ) );
-    if( ( result ) == 0 )
-    {
-        res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt );
-
-        TEST_ASSERT( res != -1 );
-        TEST_ASSERT( res != -2 );
-
-        TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 );
-    }
-
-    mbedtls_x509_crt_free( &crt );
-    mbedtls_x509_crt_init( &crt );
-    memset( output, 0, 2000 );
-
-    TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 1, NULL, NULL ) == ( result ) );
-    if( ( result ) == 0 )
-    {
-        res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt );
-
-        TEST_ASSERT( res != -1 );
-        TEST_ASSERT( res != -2 );
-
-        TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 );
-    }
-
-exit:
-    mbedtls_x509_crt_free( &crt );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */
-void x509parse_crt_cb( data_t * buf, char * result_str, int result )
-{
-    mbedtls_x509_crt   crt;
-    mbedtls_x509_buf   oid;
-    unsigned char output[2000];
-    int res;
-
-    oid.tag = MBEDTLS_ASN1_OID;
-    oid.len = MBEDTLS_OID_SIZE(MBEDTLS_OID_PKIX "\x01\x1F");
-    oid.p = (unsigned char *)MBEDTLS_OID_PKIX "\x01\x1F";
-
-    mbedtls_x509_crt_init( &crt );
-    memset( output, 0, 2000 );
-
-    TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 0, parse_crt_ext_cb, &oid ) == ( result ) );
-    if( ( result ) == 0 )
-    {
-        res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt );
-
-        TEST_ASSERT( res != -1 );
-        TEST_ASSERT( res != -2 );
-
-        TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 );
-    }
-
-    mbedtls_x509_crt_free( &crt );
-    mbedtls_x509_crt_init( &crt );
-    memset( output, 0, 2000 );
-
-    TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 1, parse_crt_ext_cb, &oid ) == ( result ) );
-    if( ( result ) == 0 )
-    {
-        res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt );
-
-        TEST_ASSERT( res != -1 );
-        TEST_ASSERT( res != -2 );
-
-        TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 );
-    }
-
-exit:
-    mbedtls_x509_crt_free( &crt );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRL_PARSE_C */
-void x509parse_crl( data_t * buf, char * result_str, int result )
-{
-    mbedtls_x509_crl   crl;
-    unsigned char output[2000];
-    int res;
-
-    mbedtls_x509_crl_init( &crl );
-    memset( output, 0, 2000 );
-
-
-    TEST_ASSERT( mbedtls_x509_crl_parse( &crl, buf->x, buf->len ) == ( result ) );
-    if( ( result ) == 0 )
-    {
-        res = mbedtls_x509_crl_info( (char *) output, 2000, "", &crl );
-
-        TEST_ASSERT( res != -1 );
-        TEST_ASSERT( res != -2 );
-
-        TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 );
-    }
-
-exit:
-    mbedtls_x509_crl_free( &crl );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_PARSE_C */
-void mbedtls_x509_csr_parse( data_t * csr_der, char * ref_out, int ref_ret )
-{
-    mbedtls_x509_csr csr;
-    char my_out[1000];
-    int my_ret;
-
-    mbedtls_x509_csr_init( &csr );
-    memset( my_out, 0, sizeof( my_out ) );
-
-    my_ret = mbedtls_x509_csr_parse_der( &csr, csr_der->x, csr_der->len );
-    TEST_ASSERT( my_ret == ref_ret );
-
-    if( ref_ret == 0 )
-    {
-        size_t my_out_len = mbedtls_x509_csr_info( my_out, sizeof( my_out ), "", &csr );
-        TEST_ASSERT( my_out_len == strlen( ref_out ) );
-        TEST_ASSERT( strcmp( my_out, ref_out ) == 0 );
-    }
-
-exit:
-    mbedtls_x509_csr_free( &csr );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
-void mbedtls_x509_crt_parse_path( char * crt_path, int ret, int nb_crt )
-{
-    mbedtls_x509_crt chain, *cur;
-    int i;
-
-    mbedtls_x509_crt_init( &chain );
-
-    TEST_ASSERT( mbedtls_x509_crt_parse_path( &chain, crt_path ) == ret );
-
-    /* Check how many certs we got */
-    for( i = 0, cur = &chain; cur != NULL; cur = cur->next )
-        if( cur->raw.p != NULL )
-            i++;
-
-    TEST_ASSERT( i == nb_crt );
-
-exit:
-    mbedtls_x509_crt_free( &chain );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
-void mbedtls_x509_crt_verify_max( char *ca_file, char *chain_dir, int nb_int,
-                                  int ret_chk, int flags_chk )
-{
-    char file_buf[128];
-    int ret;
-    uint32_t flags;
-    mbedtls_x509_crt trusted, chain;
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    TEST_ASSERT( psa_crypto_init() == 0 );
-#endif
-
-    /*
-     * We expect chain_dir to contain certificates 00.crt, 01.crt, etc.
-     * with NN.crt signed by NN-1.crt
-     */
-
-    mbedtls_x509_crt_init( &trusted );
-    mbedtls_x509_crt_init( &chain );
-
-    /* Load trusted root */
-    TEST_ASSERT( mbedtls_x509_crt_parse_file( &trusted, ca_file ) == 0 );
-
-    /* Load a chain with nb_int intermediates (from 01 to nb_int),
-     * plus one "end-entity" cert (nb_int + 1) */
-    ret = mbedtls_snprintf( file_buf, sizeof file_buf, "%s/c%02d.pem", chain_dir,
-                                                            nb_int + 1 );
-    TEST_ASSERT( ret > 0 && (size_t) ret < sizeof file_buf );
-    TEST_ASSERT( mbedtls_x509_crt_parse_file( &chain, file_buf ) == 0 );
-
-    /* Try to verify that chain */
-    ret = mbedtls_x509_crt_verify( &chain, &trusted, NULL, NULL, &flags,
-                                   NULL, NULL );
-    TEST_ASSERT( ret == ret_chk );
-    TEST_ASSERT( flags == (uint32_t) flags_chk );
-
-exit:
-    mbedtls_x509_crt_free( &chain );
-    mbedtls_x509_crt_free( &trusted );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
-void mbedtls_x509_crt_verify_chain(  char *chain_paths, char *trusted_ca,
-                                     int flags_result, int result,
-                                     char *profile_name, int vrfy_fatal_lvls )
-{
-    char* act;
-    uint32_t flags;
-    int res;
-    mbedtls_x509_crt trusted, chain;
-    const mbedtls_x509_crt_profile *profile = NULL;
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    TEST_ASSERT( psa_crypto_init() == 0 );
-#endif
-
-    mbedtls_x509_crt_init( &chain );
-    mbedtls_x509_crt_init( &trusted );
-
-    while( ( act = mystrsep( &chain_paths, " " ) ) != NULL )
-        TEST_ASSERT( mbedtls_x509_crt_parse_file( &chain, act ) == 0 );
-    TEST_ASSERT( mbedtls_x509_crt_parse_file( &trusted, trusted_ca ) == 0 );
-
-    if( strcmp( profile_name, "" ) == 0 )
-        profile = &mbedtls_x509_crt_profile_default;
-    else if( strcmp( profile_name, "next" ) == 0 )
-        profile = &mbedtls_x509_crt_profile_next;
-    else if( strcmp( profile_name, "suiteb" ) == 0 )
-        profile = &mbedtls_x509_crt_profile_suiteb;
-    else if( strcmp( profile_name, "rsa3072" ) == 0 )
-        profile = &profile_rsa3072;
-    else if( strcmp( profile_name, "sha512" ) == 0 )
-        profile = &profile_sha512;
-
-    res = mbedtls_x509_crt_verify_with_profile( &chain, &trusted, NULL, profile,
-            NULL, &flags, verify_fatal, &vrfy_fatal_lvls );
-
-    TEST_ASSERT( res == ( result ) );
-    TEST_ASSERT( flags == (uint32_t)( flags_result ) );
-
-exit:
-    mbedtls_x509_crt_free( &trusted );
-    mbedtls_x509_crt_free( &chain );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */
-void x509_oid_desc( data_t * buf, char * ref_desc )
-{
-    mbedtls_x509_buf oid;
-    const char *desc = NULL;
-    int ret;
-
-
-    oid.tag = MBEDTLS_ASN1_OID;
-    oid.p   = buf->x;
-    oid.len   = buf->len;
-
-    ret = mbedtls_oid_get_extended_key_usage( &oid, &desc );
-
-    if( strcmp( ref_desc, "notfound" ) == 0 )
-    {
-        TEST_ASSERT( ret != 0 );
-        TEST_ASSERT( desc == NULL );
-    }
-    else
-    {
-        TEST_ASSERT( ret == 0 );
-        TEST_ASSERT( desc != NULL );
-        TEST_ASSERT( strcmp( desc, ref_desc ) == 0 );
-    }
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */
-void x509_oid_numstr( data_t * oid_buf, char * numstr, int blen, int ret )
-{
-    mbedtls_x509_buf oid;
-    char num_buf[100];
-
-    memset( num_buf, 0x2a, sizeof num_buf );
-
-    oid.tag = MBEDTLS_ASN1_OID;
-    oid.p   = oid_buf->x;
-    oid.len   = oid_buf->len;
-
-    TEST_ASSERT( (size_t) blen <= sizeof num_buf );
-
-    TEST_ASSERT( mbedtls_oid_get_numeric_string( num_buf, blen, &oid ) == ret );
-
-    if( ret >= 0 )
-    {
-        TEST_ASSERT( num_buf[ret] == 0 );
-        TEST_ASSERT( strcmp( num_buf, numstr ) == 0 );
-    }
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CHECK_KEY_USAGE */
-void x509_check_key_usage( char * crt_file, int usage, int ret )
-{
-    mbedtls_x509_crt crt;
-
-    mbedtls_x509_crt_init( &crt );
-
-    TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
-
-    TEST_ASSERT( mbedtls_x509_crt_check_key_usage( &crt, usage ) == ret );
-
-exit:
-    mbedtls_x509_crt_free( &crt );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
-void x509_check_extended_key_usage( char * crt_file, data_t * oid, int ret
-                                    )
-{
-    mbedtls_x509_crt crt;
-
-    mbedtls_x509_crt_init( &crt );
-
-
-    TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
-
-    TEST_ASSERT( mbedtls_x509_crt_check_extended_key_usage( &crt, (const char *)oid->x, oid->len ) == ret );
-
-exit:
-    mbedtls_x509_crt_free( &crt );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */
-void x509_get_time( int tag, char * time_str, int ret, int year, int mon,
-                    int day, int hour, int min, int sec )
-{
-    mbedtls_x509_time time;
-    unsigned char buf[21];
-    unsigned char* start = buf;
-    unsigned char* end = buf;
-
-    memset( &time, 0x00, sizeof( time ) );
-    *end = (unsigned char)tag; end++;
-    *end = strlen( time_str );
-    TEST_ASSERT( *end < 20 );
-    end++;
-    memcpy( end, time_str, (size_t)*(end - 1) );
-    end += *(end - 1);
-
-    TEST_ASSERT( mbedtls_x509_get_time( &start, end, &time ) == ret );
-    if( ret == 0 )
-    {
-        TEST_ASSERT( year == time.year );
-        TEST_ASSERT( mon  == time.mon  );
-        TEST_ASSERT( day  == time.day  );
-        TEST_ASSERT( hour == time.hour );
-        TEST_ASSERT( min  == time.min  );
-        TEST_ASSERT( sec  == time.sec  );
-    }
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT */
-void x509_parse_rsassa_pss_params( data_t * params, int params_tag,
-                                   int ref_msg_md, int ref_mgf_md,
-                                   int ref_salt_len, int ref_ret )
-{
-    int my_ret;
-    mbedtls_x509_buf buf;
-    mbedtls_md_type_t my_msg_md, my_mgf_md;
-    int my_salt_len;
-
-    buf.p = params->x;
-    buf.len = params->len;
-    buf.tag = params_tag;
-
-    my_ret = mbedtls_x509_get_rsassa_pss_params( &buf, &my_msg_md, &my_mgf_md,
-                                                 &my_salt_len );
-
-    TEST_ASSERT( my_ret == ref_ret );
-
-    if( ref_ret == 0 )
-    {
-        TEST_ASSERT( my_msg_md == (mbedtls_md_type_t) ref_msg_md );
-        TEST_ASSERT( my_mgf_md == (mbedtls_md_type_t) ref_mgf_md );
-        TEST_ASSERT( my_salt_len == ref_salt_len );
-    }
-
-exit:
-    ;;
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_SELF_TEST */
-void x509_selftest(  )
-{
-    TEST_ASSERT( mbedtls_x509_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_x509write.data b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_x509write.data
deleted file mode 100644
index b3f209e..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_x509write.data
+++ /dev/null
@@ -1,106 +0,0 @@
-Certificate Request check Server1 SHA1
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha1":MBEDTLS_MD_SHA1:0:0:0:0
-
-Certificate Request check Server1 SHA224
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha224":MBEDTLS_MD_SHA224:0:0:0:0
-
-Certificate Request check Server1 SHA256
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256":MBEDTLS_MD_SHA256:0:0:0:0
-
-Certificate Request check Server1 SHA384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha384":MBEDTLS_MD_SHA384:0:0:0:0
-
-Certificate Request check Server1 SHA512
-depends_on:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":MBEDTLS_MD_SHA512:0:0:0:0
-
-Certificate Request check Server1 MD4
-depends_on:MBEDTLS_MD4_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.md4":MBEDTLS_MD_MD4:0:0:0:0
-
-Certificate Request check Server1 MD5
-depends_on:MBEDTLS_MD5_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":MBEDTLS_MD_MD5:0:0:0:0
-
-Certificate Request check Server1 key_usage
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0
-
-Certificate Request check Server1 key_usage empty
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage_empty":MBEDTLS_MD_SHA1:0:1:0:0
-
-Certificate Request check Server1 ns_cert_type
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1
-
-Certificate Request check Server1 ns_cert_type empty
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type_empty":MBEDTLS_MD_SHA1:0:0:0:1
-
-Certificate Request check Server1 key_usage + ns_cert_type
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.ku-ct":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1
-
-Certificate Request check Server5 ECDSA, key_usage
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:1:0:0
-
-Certificate Request check opaque Server5 ECDSA, key_usage
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-x509_csr_check_opaque:"data_files/server5.key":MBEDTLS_MD_SHA256:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0
-
-Certificate write check Server1 SHA1
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.crt":0
-
-Certificate write check Server1 SHA1, key_usage
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:1:-1:"data_files/server1.key_usage.crt":0
-
-Certificate write check Server1 SHA1, ns_cert_type
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":0
-
-Certificate write check Server1 SHA1, version 1
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":0
-
-Certificate write check Server1 SHA1, RSA_ALT
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.noauthid.crt":1
-
-Certificate write check Server1 SHA1, RSA_ALT, key_usage
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:0:-1:"data_files/server1.key_usage_noauthid.crt":1
-
-Certificate write check Server1 SHA1, RSA_ALT, ns_cert_type
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0:-1:"data_files/server1.cert_type_noauthid.crt":1
-
-Certificate write check Server1 SHA1, RSA_ALT, version 1
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":1
-
-
-X509 String to Names #1
-mbedtls_x509_string_to_names:"C=NL,O=Offspark\, Inc., OU=PolarSSL":"C=NL, O=Offspark, Inc., OU=PolarSSL":0
-
-X509 String to Names #2
-mbedtls_x509_string_to_names:"C=NL, O=Offspark, Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_UNKNOWN_OID
-
-X509 String to Names #3 (Name precisely 255 bytes)
-mbedtls_x509_string_to_names:"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345,OU=PolarSSL":"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345, OU=PolarSSL":0
-
-X509 String to Names #4 (Name larger than 255 bytes)
-mbedtls_x509_string_to_names:"C=NL, O=1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME
-
-X509 String to Names #5 (Escape non-allowed characters)
-mbedtls_x509_string_to_names:"C=NL, O=Offspark\a Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME
-
-X509 String to Names #6 (Escape at end)
-mbedtls_x509_string_to_names:"C=NL, O=Offspark\":"":MBEDTLS_ERR_X509_INVALID_NAME
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_x509write.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_x509write.function
deleted file mode 100644
index 3803377..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_x509write.function
+++ /dev/null
@@ -1,381 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/bignum.h"
-#include "mbedtls/x509_crt.h"
-#include "mbedtls/x509_csr.h"
-#include "mbedtls/pem.h"
-#include "mbedtls/oid.h"
-#include "mbedtls/rsa.h"
-
-/* These are the same depends as the test function x509_crs_check_opaque(),
- * the only function using PSA here. Using a weaker condition would result in
- * warnings about the static functions defined in psa_crypto_helpers.h being
- * unused. */
-#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
-    defined(MBEDTLS_PEM_WRITE_C) && \
-    defined(MBEDTLS_X509_CSR_WRITE_C)
-#include "psa/crypto.h"
-#include "mbedtls/psa_util.h"
-#include "test/psa_crypto_helpers.h"
-#define PSA_INIT( ) PSA_ASSERT( psa_crypto_init( ) )
-#else
-/* Define empty macros so that we can use them in the preamble and teardown
- * of every test function that uses PSA conditionally based on
- * MBEDTLS_USE_PSA_CRYPTO. */
-#define PSA_INIT( ) ( (void) 0 )
-#define PSA_DONE( ) ( (void) 0 )
-#endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_PEM_WRITE_C && MBEDTLS_X509_CSR_WRITE_C */
-
-#if defined(MBEDTLS_RSA_C)
-int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen,
-                       const unsigned char *input, unsigned char *output,
-                       size_t output_max_len )
-{
-    return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, NULL, NULL, mode, olen,
-                               input, output, output_max_len ) );
-}
-int mbedtls_rsa_sign_func( void *ctx,
-                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-                   int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
-                   const unsigned char *hash, unsigned char *sig )
-{
-    return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng, mode,
-                            md_alg, hashlen, hash, sig ) );
-}
-size_t mbedtls_rsa_key_len_func( void *ctx )
-{
-    return( ((const mbedtls_rsa_context *) ctx)->len );
-}
-#endif /* MBEDTLS_RSA_C */
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
-    defined(MBEDTLS_PEM_WRITE_C) && defined(MBEDTLS_X509_CSR_WRITE_C)
-static int x509_crt_verifycsr( const unsigned char *buf, size_t buflen )
-{
-    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
-    const mbedtls_md_info_t *md_info;
-    mbedtls_x509_csr csr;
-    int ret = 0;
-
-    mbedtls_x509_csr_init( &csr );
-
-    if( mbedtls_x509_csr_parse( &csr, buf, buflen ) != 0 )
-    {
-        ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA;
-        goto cleanup;
-    }
-
-    md_info = mbedtls_md_info_from_type( csr.sig_md );
-    if( mbedtls_md( md_info, csr.cri.p, csr.cri.len, hash ) != 0 )
-    {
-        /* Note: this can't happen except after an internal error */
-        ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA;
-        goto cleanup;
-    }
-
-    if( mbedtls_pk_verify_ext( csr.sig_pk, csr.sig_opts, &csr.pk,
-                       csr.sig_md, hash, mbedtls_md_get_size( md_info ),
-                       csr.sig.p, csr.sig.len ) != 0 )
-    {
-        ret = MBEDTLS_ERR_X509_CERT_VERIFY_FAILED;
-        goto cleanup;
-    }
-
-cleanup:
-
-    mbedtls_x509_csr_free( &csr );
-    return( ret );
-}
-#endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_PEM_WRITE_C && MBEDTLS_X509_CSR_WRITE_C */
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_BIGNUM_C:MBEDTLS_FS_IO:MBEDTLS_PK_PARSE_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C */
-void x509_csr_check( char * key_file, char * cert_req_check_file, int md_type,
-                     int key_usage, int set_key_usage, int cert_type,
-                     int set_cert_type )
-{
-    mbedtls_pk_context key;
-    mbedtls_x509write_csr req;
-    unsigned char buf[4096];
-    unsigned char check_buf[4000];
-    int ret;
-    size_t olen = 0, pem_len = 0, buf_index;
-    int der_len = -1;
-    FILE *f;
-    const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1";
-    mbedtls_test_rnd_pseudo_info rnd_info;
-
-    memset( &rnd_info, 0x2a, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-    mbedtls_pk_init( &key );
-    TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 );
-
-    mbedtls_x509write_csr_init( &req );
-    mbedtls_x509write_csr_set_md_alg( &req, md_type );
-    mbedtls_x509write_csr_set_key( &req, &key );
-    TEST_ASSERT( mbedtls_x509write_csr_set_subject_name( &req, subject_name ) == 0 );
-    if( set_key_usage != 0 )
-        TEST_ASSERT( mbedtls_x509write_csr_set_key_usage( &req, key_usage ) == 0 );
-    if( set_cert_type != 0 )
-        TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 );
-
-    ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ),
-                                     mbedtls_test_rnd_pseudo_rand, &rnd_info );
-    TEST_ASSERT( ret == 0 );
-
-    pem_len = strlen( (char *) buf );
-
-    for( buf_index = pem_len; buf_index < sizeof( buf ); ++buf_index )
-    {
-        TEST_ASSERT( buf[buf_index] == 0 );
-    }
-
-    f = fopen( cert_req_check_file, "r" );
-    TEST_ASSERT( f != NULL );
-    olen = fread( check_buf, 1, sizeof( check_buf ), f );
-    fclose( f );
-
-    TEST_ASSERT( olen >= pem_len - 1 );
-    TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 );
-
-    der_len = mbedtls_x509write_csr_der( &req, buf, sizeof( buf ),
-                                         mbedtls_test_rnd_pseudo_rand,
-                                         &rnd_info );
-    TEST_ASSERT( der_len >= 0 );
-
-    if( der_len == 0 )
-        goto exit;
-
-    ret = mbedtls_x509write_csr_der( &req, buf, (size_t)( der_len - 1 ),
-                                     mbedtls_test_rnd_pseudo_rand, &rnd_info );
-    TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-exit:
-    mbedtls_x509write_csr_free( &req );
-    mbedtls_pk_free( &key );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C:MBEDTLS_USE_PSA_CRYPTO */
-void x509_csr_check_opaque( char *key_file, int md_type, int key_usage,
-                                 int cert_type )
-{
-    mbedtls_pk_context key;
-    mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
-    psa_algorithm_t md_alg_psa;
-    mbedtls_x509write_csr req;
-    unsigned char buf[4096];
-    int ret;
-    size_t pem_len = 0;
-    const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1";
-    mbedtls_test_rnd_pseudo_info rnd_info;
-
-    PSA_INIT( );
-    memset( &rnd_info, 0x2a, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
-    md_alg_psa = mbedtls_psa_translate_md( (mbedtls_md_type_t) md_type );
-    TEST_ASSERT( md_alg_psa != MBEDTLS_MD_NONE );
-
-    mbedtls_pk_init( &key );
-    TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 );
-    TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &key, &key_id, md_alg_psa ) == 0 );
-
-    mbedtls_x509write_csr_init( &req );
-    mbedtls_x509write_csr_set_md_alg( &req, md_type );
-    mbedtls_x509write_csr_set_key( &req, &key );
-    TEST_ASSERT( mbedtls_x509write_csr_set_subject_name( &req, subject_name ) == 0 );
-    if( key_usage != 0 )
-        TEST_ASSERT( mbedtls_x509write_csr_set_key_usage( &req, key_usage ) == 0 );
-    if( cert_type != 0 )
-        TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 );
-
-    ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ) - 1,
-                                     mbedtls_test_rnd_pseudo_rand, &rnd_info );
-
-    TEST_ASSERT( ret == 0 );
-
-    pem_len = strlen( (char *) buf );
-    buf[pem_len] = '\0';
-    TEST_ASSERT( x509_crt_verifycsr( buf, pem_len + 1 ) == 0 );
-
-
-exit:
-    mbedtls_x509write_csr_free( &req );
-    mbedtls_pk_free( &key );
-    psa_destroy_key( key_id );
-    PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_SHA1_C */
-void x509_crt_check( char *subject_key_file, char *subject_pwd,
-                     char *subject_name, char *issuer_key_file,
-                     char *issuer_pwd, char *issuer_name,
-                     char *serial_str, char *not_before, char *not_after,
-                     int md_type, int key_usage, int set_key_usage,
-                     int cert_type, int set_cert_type, int auth_ident,
-                     int ver, char *cert_check_file, int rsa_alt )
-{
-    mbedtls_pk_context subject_key, issuer_key, issuer_key_alt;
-    mbedtls_pk_context *key = &issuer_key;
-
-    mbedtls_x509write_cert crt;
-    unsigned char buf[4096];
-    unsigned char check_buf[5000];
-    mbedtls_mpi serial;
-    int ret;
-    size_t olen = 0, pem_len = 0, buf_index = 0;
-    int der_len = -1;
-    FILE *f;
-    mbedtls_test_rnd_pseudo_info rnd_info;
-
-    memset( &rnd_info, 0x2a, sizeof( mbedtls_test_rnd_pseudo_info ) );
-    mbedtls_mpi_init( &serial );
-
-    mbedtls_pk_init( &subject_key );
-    mbedtls_pk_init( &issuer_key  );
-    mbedtls_pk_init( &issuer_key_alt );
-
-    mbedtls_x509write_crt_init( &crt );
-
-    TEST_ASSERT( mbedtls_pk_parse_keyfile( &subject_key, subject_key_file,
-                                         subject_pwd ) == 0 );
-
-    TEST_ASSERT( mbedtls_pk_parse_keyfile( &issuer_key, issuer_key_file,
-                                         issuer_pwd ) == 0 );
-
-#if defined(MBEDTLS_RSA_C)
-    /* For RSA PK contexts, create a copy as an alternative RSA context. */
-    if( rsa_alt == 1 && mbedtls_pk_get_type( &issuer_key ) == MBEDTLS_PK_RSA )
-    {
-        TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &issuer_key_alt,
-                                            mbedtls_pk_rsa( issuer_key ),
-                                            mbedtls_rsa_decrypt_func,
-                                            mbedtls_rsa_sign_func,
-                                            mbedtls_rsa_key_len_func ) == 0 );
-
-        key = &issuer_key_alt;
-    }
-#else
-    (void) rsa_alt;
-#endif
-
-    TEST_ASSERT( mbedtls_mpi_read_string( &serial, 10, serial_str ) == 0 );
-
-    if( ver != -1 )
-        mbedtls_x509write_crt_set_version( &crt, ver );
-
-    TEST_ASSERT( mbedtls_x509write_crt_set_serial( &crt, &serial ) == 0 );
-    TEST_ASSERT( mbedtls_x509write_crt_set_validity( &crt, not_before,
-                                                     not_after ) == 0 );
-    mbedtls_x509write_crt_set_md_alg( &crt, md_type );
-    TEST_ASSERT( mbedtls_x509write_crt_set_issuer_name( &crt, issuer_name ) == 0 );
-    TEST_ASSERT( mbedtls_x509write_crt_set_subject_name( &crt, subject_name ) == 0 );
-    mbedtls_x509write_crt_set_subject_key( &crt, &subject_key );
-
-    mbedtls_x509write_crt_set_issuer_key( &crt, key );
-
-    if( crt.version >= MBEDTLS_X509_CRT_VERSION_3 )
-    {
-        TEST_ASSERT( mbedtls_x509write_crt_set_basic_constraints( &crt, 0, 0 ) == 0 );
-        TEST_ASSERT( mbedtls_x509write_crt_set_subject_key_identifier( &crt ) == 0 );
-        if( auth_ident )
-            TEST_ASSERT( mbedtls_x509write_crt_set_authority_key_identifier( &crt ) == 0 );
-        if( set_key_usage != 0 )
-            TEST_ASSERT( mbedtls_x509write_crt_set_key_usage( &crt, key_usage ) == 0 );
-        if( set_cert_type != 0 )
-            TEST_ASSERT( mbedtls_x509write_crt_set_ns_cert_type( &crt, cert_type ) == 0 );
-    }
-
-    ret = mbedtls_x509write_crt_pem( &crt, buf, sizeof( buf ),
-                                     mbedtls_test_rnd_pseudo_rand, &rnd_info );
-    TEST_ASSERT( ret == 0 );
-
-    pem_len = strlen( (char *) buf );
-
-    // check that the rest of the buffer remains clear
-    for( buf_index = pem_len; buf_index < sizeof( buf ); ++buf_index )
-    {
-        TEST_ASSERT( buf[buf_index] == 0 );
-    }
-
-    f = fopen( cert_check_file, "r" );
-    TEST_ASSERT( f != NULL );
-    olen = fread( check_buf, 1, sizeof( check_buf ), f );
-    fclose( f );
-    TEST_ASSERT( olen < sizeof( check_buf ) );
-
-    TEST_ASSERT( olen >= pem_len - 1 );
-    TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 );
-
-    der_len = mbedtls_x509write_crt_der( &crt, buf, sizeof( buf ),
-                                         mbedtls_test_rnd_pseudo_rand,
-                                         &rnd_info );
-    TEST_ASSERT( der_len >= 0 );
-
-    if( der_len == 0 )
-        goto exit;
-
-    ret = mbedtls_x509write_crt_der( &crt, buf, (size_t)( der_len - 1 ),
-                                     mbedtls_test_rnd_pseudo_rand, &rnd_info );
-    TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-exit:
-    mbedtls_x509write_crt_free( &crt );
-    mbedtls_pk_free( &issuer_key_alt );
-    mbedtls_pk_free( &subject_key );
-    mbedtls_pk_free( &issuer_key );
-    mbedtls_mpi_free( &serial );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CREATE_C:MBEDTLS_X509_USE_C */
-void mbedtls_x509_string_to_names( char * name, char * parsed_name, int result
-                                   )
-{
-    int ret;
-    size_t len = 0;
-    mbedtls_asn1_named_data *names = NULL;
-    mbedtls_x509_name parsed, *parsed_cur, *parsed_prv;
-    unsigned char buf[1024], out[1024], *c;
-
-    memset( &parsed, 0, sizeof( parsed ) );
-    memset( out, 0, sizeof( out ) );
-    memset( buf, 0, sizeof( buf ) );
-    c = buf + sizeof( buf );
-
-    ret = mbedtls_x509_string_to_names( &names, name );
-    TEST_ASSERT( ret == result );
-
-    if( ret != 0 )
-        goto exit;
-
-    ret = mbedtls_x509_write_names( &c, buf, names );
-    TEST_ASSERT( ret > 0 );
-
-    TEST_ASSERT( mbedtls_asn1_get_tag( &c, buf + sizeof( buf ), &len,
-                        MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) == 0 );
-    TEST_ASSERT( mbedtls_x509_get_name( &c, buf + sizeof( buf ), &parsed ) == 0 );
-
-    ret = mbedtls_x509_dn_gets( (char *) out, sizeof( out ), &parsed );
-    TEST_ASSERT( ret > 0 );
-
-    TEST_ASSERT( strcmp( (char *) out, parsed_name ) == 0 );
-
-exit:
-    mbedtls_asn1_free_named_data_list( &names );
-
-    parsed_cur = parsed.next;
-    while( parsed_cur != 0 )
-    {
-        parsed_prv = parsed_cur;
-        parsed_cur = parsed_cur->next;
-        mbedtls_free( parsed_prv );
-    }
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_xtea.function b/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_xtea.function
deleted file mode 100644
index 1d5b29b..0000000
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_xtea.function
+++ /dev/null
@@ -1,86 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/xtea.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_XTEA_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void xtea_encrypt_ecb( data_t * key_str, data_t * src_str,
-                       data_t * dst )
-{
-    unsigned char output[100];
-    mbedtls_xtea_context ctx;
-
-    memset(output, 0x00, 100);
-
-
-    mbedtls_xtea_setup( &ctx, key_str->x );
-    TEST_ASSERT( mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_ENCRYPT, src_str->x, output ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void xtea_decrypt_ecb( data_t * key_str, data_t * src_str, data_t * dst )
-{
-    unsigned char output[100];
-    mbedtls_xtea_context ctx;
-
-    memset(output, 0x00, 100);
-
-
-    mbedtls_xtea_setup( &ctx, key_str->x );
-    TEST_ASSERT( mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_DECRYPT, src_str->x, output ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void xtea_encrypt_cbc( data_t * key_str, data_t * iv_str,
-                       data_t * src_str, data_t * dst )
-{
-    unsigned char output[100];
-    mbedtls_xtea_context ctx;
-
-    memset(output, 0x00, 100);
-
-
-    mbedtls_xtea_setup( &ctx, key_str->x );
-    TEST_ASSERT( mbedtls_xtea_crypt_cbc( &ctx, MBEDTLS_XTEA_ENCRYPT, src_str->len, iv_str->x,
-                                 src_str->x, output ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x,
-                                      src_str->len, dst->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void xtea_decrypt_cbc( data_t * key_str, data_t * iv_str,
-                       data_t * src_str, data_t * dst )
-{
-    unsigned char output[100];
-    mbedtls_xtea_context ctx;
-
-    memset(output, 0x00, 100);
-
-
-    mbedtls_xtea_setup( &ctx, key_str->x );
-    TEST_ASSERT( mbedtls_xtea_crypt_cbc( &ctx, MBEDTLS_XTEA_DECRYPT, src_str->len, iv_str->x,
-                                 src_str->x, output ) == 0 );
-
-    TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x,
-                                      src_str->len, dst->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void xtea_selftest(  )
-{
-    TEST_ASSERT( mbedtls_xtea_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/aescrypt2.vcxproj b/3rdparty/mbedtls-2.25.0/visualc/VS2010/aescrypt2.vcxproj
deleted file mode 100644
index 3861a62..0000000
--- a/3rdparty/mbedtls-2.25.0/visualc/VS2010/aescrypt2.vcxproj
+++ /dev/null
@@ -1,167 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <ItemGroup Label="ProjectConfigurations">
-    <ProjectConfiguration Include="Debug|Win32">
-      <Configuration>Debug</Configuration>
-      <Platform>Win32</Platform>
-    </ProjectConfiguration>
-    <ProjectConfiguration Include="Debug|x64">
-      <Configuration>Debug</Configuration>
-      <Platform>x64</Platform>
-    </ProjectConfiguration>
-    <ProjectConfiguration Include="Release|Win32">
-      <Configuration>Release</Configuration>
-      <Platform>Win32</Platform>
-    </ProjectConfiguration>
-    <ProjectConfiguration Include="Release|x64">
-      <Configuration>Release</Configuration>
-      <Platform>x64</Platform>
-    </ProjectConfiguration>
-  </ItemGroup>
-  <ItemGroup>
-    <ClCompile Include="..\..\programs\aes\aescrypt2.c" />
-  </ItemGroup>
-  <ItemGroup>
-    <ProjectReference Include="mbedTLS.vcxproj">
-      <Project>{46cf2d25-6a36-4189-b59c-e4815388e554}</Project>
-      <LinkLibraryDependencies>true</LinkLibraryDependencies>
-    </ProjectReference>
-  </ItemGroup>
-  <PropertyGroup Label="Globals">
-    <ProjectGuid>{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}</ProjectGuid>
-    <Keyword>Win32Proj</Keyword>
-    <RootNamespace>aescrypt2</RootNamespace>
-  </PropertyGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
-    <ConfigurationType>Application</ConfigurationType>
-    <UseDebugLibraries>true</UseDebugLibraries>
-    <CharacterSet>Unicode</CharacterSet>
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
-    <ConfigurationType>Application</ConfigurationType>
-    <UseDebugLibraries>true</UseDebugLibraries>
-    <CharacterSet>Unicode</CharacterSet>
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
-    <ConfigurationType>Application</ConfigurationType>
-    <UseDebugLibraries>false</UseDebugLibraries>
-    <WholeProgramOptimization>true</WholeProgramOptimization>
-    <CharacterSet>Unicode</CharacterSet>
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
-    <ConfigurationType>Application</ConfigurationType>
-    <UseDebugLibraries>false</UseDebugLibraries>
-    <WholeProgramOptimization>true</WholeProgramOptimization>
-    <CharacterSet>Unicode</CharacterSet>
-  </PropertyGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
-  <ImportGroup Label="ExtensionSettings">
-  </ImportGroup>
-  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
-    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
-  </ImportGroup>
-  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
-    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
-  </ImportGroup>
-  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
-    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
-  </ImportGroup>
-  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
-    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
-  </ImportGroup>
-  <PropertyGroup Label="UserMacros" />
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
-    <LinkIncremental>true</LinkIncremental>
-    <IntDir>$(Configuration)\$(TargetName)\</IntDir>
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
-    <LinkIncremental>true</LinkIncremental>
-    <IntDir>$(Configuration)\$(TargetName)\</IntDir>
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
-    <LinkIncremental>false</LinkIncremental>
-    <IntDir>$(Configuration)\$(TargetName)\</IntDir>
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
-    <LinkIncremental>false</LinkIncremental>
-    <IntDir>$(Configuration)\$(TargetName)\</IntDir>
-  </PropertyGroup>
-  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
-    <ClCompile>
-      <WarningLevel>Level3</WarningLevel>
-      <Optimization>Disabled</Optimization>
-      <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
-      <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
-    </ClCompile>
-    <Link>
-      <SubSystem>Console</SubSystem>
-      <GenerateDebugInformation>true</GenerateDebugInformation>
-      <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
-      <AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
-    </Link>
-    <ProjectReference>
-      <LinkLibraryDependencies>false</LinkLibraryDependencies>
-    </ProjectReference>
-  </ItemDefinitionGroup>
-  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
-    <ClCompile>
-      <WarningLevel>Level3</WarningLevel>
-      <Optimization>Disabled</Optimization>
-      <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
-      <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
-    </ClCompile>
-    <Link>
-      <SubSystem>Console</SubSystem>
-      <GenerateDebugInformation>true</GenerateDebugInformation>
-      <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
-      <AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
-    </Link>
-    <ProjectReference>
-      <LinkLibraryDependencies>false</LinkLibraryDependencies>
-    </ProjectReference>
-  </ItemDefinitionGroup>
-  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
-    <ClCompile>
-      <WarningLevel>Level3</WarningLevel>
-      <Optimization>MaxSpeed</Optimization>
-      <FunctionLevelLinking>true</FunctionLevelLinking>
-      <IntrinsicFunctions>true</IntrinsicFunctions>
-      <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
-      <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
-    </ClCompile>
-    <Link>
-      <SubSystem>Console</SubSystem>
-      <GenerateDebugInformation>true</GenerateDebugInformation>
-      <EnableCOMDATFolding>true</EnableCOMDATFolding>
-      <OptimizeReferences>true</OptimizeReferences>
-      <AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
-      <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
-    </Link>
-  </ItemDefinitionGroup>
-  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
-    <ClCompile>
-      <WarningLevel>Level3</WarningLevel>
-      <Optimization>MaxSpeed</Optimization>
-      <FunctionLevelLinking>true</FunctionLevelLinking>
-      <IntrinsicFunctions>true</IntrinsicFunctions>
-      <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
-      <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
-    </ClCompile>
-    <Link>
-      <SubSystem>Console</SubSystem>
-      <GenerateDebugInformation>true</GenerateDebugInformation>
-      <EnableCOMDATFolding>true</EnableCOMDATFolding>
-      <OptimizeReferences>true</OptimizeReferences>
-      <AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
-      <AdditionalDependencies>%(AdditionalDependencies);</AdditionalDependencies>
-    </Link>
-  </ItemDefinitionGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
-  <ImportGroup Label="ExtensionTargets">
-  </ImportGroup>
-</Project>
diff --git a/3rdparty/mbedtls-2.28.7/.gitattributes b/3rdparty/mbedtls-2.28.7/.gitattributes
new file mode 100644
index 0000000..ceb59d7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/.gitattributes
@@ -0,0 +1,2 @@
+# Classify all '.function' files as C for syntax highlighting purposes
+*.function linguist-language=C
diff --git a/3rdparty/mbedtls-2.28.7/.github/issue_template.md b/3rdparty/mbedtls-2.28.7/.github/issue_template.md
new file mode 100644
index 0000000..d4573a4
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/.github/issue_template.md
@@ -0,0 +1,46 @@
+_Note:_ this is a template, please remove the parts that are not
+applicable (these initial notes, and the "Bug" section for a Feature request
+and vice-versa).
+
+**Note:** to report a security vulnerability, see
+[SECURITY.md](../SECURITY.md). Please do not use github issues for
+vulnerabilities.
+
+_Note:_ to get support, see [SUPPORT.md](../SUPPORT.md). Please do not use
+github issues for questions.
+
+---------------------------------------------------------------
+### Description
+- Type: Bug | Enhancement / Feature Request
+- Priority: Blocker | Major | Minor
+
+---------------------------------------------------------------
+## Bug
+
+**OS**  
+Mbed OS|linux|windows|
+
+**Mbed TLS build:**  
+Version: x.x.x or git commit id  
+OS version: x.x.x  
+Configuration: please attach config.h file where possible  
+Compiler and options (if you used a pre-built binary, please indicate how you obtained it):  
+Additional environment information:  
+
+**Peer device TLS stack and version**  
+OpenSSL|GnuTls|Chrome|NSS(Firefox)|SecureChannel (IIS/Internet Explorer/Edge)|Other  
+Version:  
+
+**Expected behavior**   
+
+**Actual behavior**  
+
+**Steps to reproduce**  
+
+----------------------------------------------------------------
+## Enhancement / Feature Request
+
+**Suggested enhancement**  
+
+**Justification - why does the library need this feature?**  
+
diff --git a/3rdparty/mbedtls-2.28.7/.github/pull_request_template.md b/3rdparty/mbedtls-2.28.7/.github/pull_request_template.md
new file mode 100644
index 0000000..94fb020
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/.github/pull_request_template.md
@@ -0,0 +1,19 @@
+## Description
+
+Please write a few sentences describing the overall goals of the pull request's commits.
+
+
+
+## Gatekeeper checklist
+
+- [ ] **changelog** provided, or not required
+- [ ] **backport** done, or not required
+- [ ] **tests** provided, or not required
+
+
+
+## Notes for the submitter
+
+Please refer to the [contributing guidelines](../CONTRIBUTING.md), especially the
+checklist for PR contributors.
+
diff --git a/3rdparty/mbedtls-2.28.7/.gitignore b/3rdparty/mbedtls-2.28.7/.gitignore
new file mode 100644
index 0000000..54b3c54
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/.gitignore
@@ -0,0 +1,75 @@
+# Random seed file created by test scripts and sample programs
+seedfile
+# MBEDTLS_PSA_INJECT_ENTROPY seed file created by the test framework
+00000000ffffff52.psa_its
+
+# CMake build artifacts:
+CMakeCache.txt
+CMakeFiles
+CTestTestfile.cmake
+cmake_install.cmake
+Testing
+# CMake generates *.dir/ folders for in-tree builds (used by MSVC projects), ignore all of those:
+*.dir/
+# MSVC files generated by CMake:
+/*.sln
+/*.vcxproj
+/*.filters
+
+# Test coverage build artifacts:
+Coverage
+*.gcno
+*.gcda
+coverage-summary.txt
+
+# generated by scripts/memory.sh
+massif-*
+
+# Eclipse project files
+.cproject
+.project
+/.settings
+
+# Unix-like build artifacts:
+*.o
+
+# MSVC build artifacts:
+*.exe
+*.pdb
+*.ilk
+*.lib
+
+# Python build artifacts:
+*.pyc
+
+# CMake generates *.dir/ folders for in-tree builds (used by MSVC projects), ignore all of those:
+*.dir/
+
+# Microsoft CMake extension for Visual Studio Code generates a build directory by default
+/build/
+
+# Visual Studio artifacts
+/visualc/VS2010/.localhistory/
+/visualc/VS2010/.vs/
+/visualc/VS2010/Debug/
+/visualc/VS2010/Release/
+/visualc/VS2010/*.vcxproj.filters
+/visualc/VS2010/*.vcxproj.user
+
+# Generated documentation:
+/apidoc
+
+# PSA Crypto compliance test repo, cloned by test_psa_compliance.py
+/psa-arch-tests
+
+# Editor navigation files:
+/GPATH
+/GRTAGS
+/GSYMS
+/GTAGS
+/TAGS
+/cscope*.out
+/tags
+
+# Clangd compilation database
+compile_commands.json
diff --git a/3rdparty/mbedtls-2.25.0/.globalrc b/3rdparty/mbedtls-2.28.7/.globalrc
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/.globalrc
rename to 3rdparty/mbedtls-2.28.7/.globalrc
diff --git a/3rdparty/mbedtls-2.28.7/.mypy.ini b/3rdparty/mbedtls-2.28.7/.mypy.ini
new file mode 100644
index 0000000..6b831dd
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/.mypy.ini
@@ -0,0 +1,4 @@
+[mypy]
+mypy_path = scripts
+namespace_packages = True
+warn_unused_configs = True
diff --git a/3rdparty/mbedtls-2.25.0/.pylintrc b/3rdparty/mbedtls-2.28.7/.pylintrc
similarity index 90%
rename from 3rdparty/mbedtls-2.25.0/.pylintrc
rename to 3rdparty/mbedtls-2.28.7/.pylintrc
index ad25a7c..10c93f8 100644
--- a/3rdparty/mbedtls-2.25.0/.pylintrc
+++ b/3rdparty/mbedtls-2.28.7/.pylintrc
@@ -1,3 +1,6 @@
+[MASTER]
+init-hook='import sys; sys.path.append("scripts")'
+
 [BASIC]
 # We're ok with short funtion argument names.
 # [invalid-name]
@@ -12,9 +15,9 @@ bad-functions=input
 # [missing-docstring]
 docstring-min-length=10
 
-# Allow longer methods than the default.
+# No upper limit on method names. Pylint <2.1.0 has an upper limit of 30.
 # [invalid-name]
-method-rgx=[a-z_][a-z0-9_]{2,35}$
+method-rgx=[a-z_][a-z0-9_]{2,}$
 
 # Allow module names containing a dash (but no underscore or uppercase letter).
 # They are whole programs, not meant to be included by another module.
@@ -70,3 +73,7 @@ reports=no
 # Allow unused variables if their name starts with an underscore.
 # [unused-argument]
 dummy-variables-rgx=_.*
+
+[SIMILARITIES]
+# Ignore imports when computing similarities.
+ignore-imports=yes
diff --git a/3rdparty/mbedtls-2.28.7/.readthedocs.yaml b/3rdparty/mbedtls-2.28.7/.readthedocs.yaml
new file mode 100644
index 0000000..47bec76
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/.readthedocs.yaml
@@ -0,0 +1,26 @@
+# .readthedocs.yaml
+# Read the Docs configuration file
+# See https://docs.readthedocs.io/en/stable/config-file/v2.html for details
+
+# Required
+version: 2
+
+# Set the version of Python and other tools you might need
+build:
+  os: ubuntu-20.04
+  tools:
+    python: "3.9"
+  jobs:
+    pre_build:
+    - ./scripts/apidoc_full.sh
+    - breathe-apidoc -o docs/api apidoc/xml
+
+# Build documentation in the docs/ directory with Sphinx
+sphinx:
+  builder: dirhtml
+  configuration: docs/conf.py
+
+# Optionally declare the Python requirements required to build your docs
+python:
+  install:
+  - requirements: docs/requirements.txt
diff --git a/3rdparty/mbedtls-2.28.7/.travis.yml b/3rdparty/mbedtls-2.28.7/.travis.yml
new file mode 100644
index 0000000..3b4132e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/.travis.yml
@@ -0,0 +1,28 @@
+# Declare python as our language. This way we get our chosen Python version,
+# and pip is available. Gcc and clang are available anyway.
+dist: jammy
+os: linux
+language: python
+python: 3.10
+
+cache: ccache
+
+branches:
+  only:
+    coverity_scan
+
+install:
+  - $PYTHON scripts/min_requirements.py
+
+env:
+  global:
+    - SEED=1
+    - secure: "GF/Fde5fkm15T/RNykrjrPV5Uh1KJ70cP308igL6Xkk3eJmqkkmWCe9JqRH12J3TeWw2fu9PYPHt6iFSg6jasgqysfUyg+W03knRT5QNn3h5eHgt36cQJiJr6t3whPrRaiM6U9omE0evm+c0cAwlkA3GGSMw8Z+na4EnKI6OFCo="
+addons:
+  coverity_scan:
+    project:
+      name: "ARMmbed/mbedtls"
+    notification_email: support-mbedtls@arm.com
+    build_command_prepend:
+    build_command: make
+    branch_pattern: coverity_scan
diff --git a/3rdparty/mbedtls-2.28.7/.uncrustify.cfg b/3rdparty/mbedtls-2.28.7/.uncrustify.cfg
new file mode 100644
index 0000000..8dc9db0
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/.uncrustify.cfg
@@ -0,0 +1,240 @@
+# Configuration options for Uncrustify specifying the Mbed TLS code style.
+#
+# Note: The code style represented by this file has not yet been introduced
+# to Mbed TLS.
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+
+# Wrap lines at 100 characters
+code_width = 100
+
+# Allow splitting long for statements between the condition statements
+ls_for_split_full = true
+
+# Allow splitting function calls between arguments
+ls_func_split_full = true
+
+input_tab_size = 4
+
+# Spaces-only indentation
+indent_with_tabs = 0
+
+indent_columns = 4
+
+# Indent 'case' 1 level from 'switch'
+indent_switch_case = indent_columns
+
+# Line-up strings broken by '\'
+indent_align_string = true
+
+# Braces on the same line (Egyptian-style braces)
+nl_enum_brace = remove
+nl_union_brace = remove
+nl_struct_brace = remove
+nl_do_brace = remove
+nl_if_brace = remove
+nl_for_brace = remove
+nl_else_brace = remove
+nl_while_brace = remove
+nl_switch_brace = remove
+
+# Braces on same line as keywords that follow them - 'else' and the 'while' in 'do {} while ()';
+nl_brace_else = remove
+nl_brace_while = remove
+# Space before else on the same line
+sp_brace_else = add
+# If else is on the same line as '{', force exactly 1 space between them
+sp_else_brace = force
+
+# Functions are the exception and have braces on the next line
+nl_fcall_brace = add
+nl_fdef_brace = add
+
+# Force exactly one space between ')' and '{' in statements
+sp_sparen_brace = force
+
+# At least 1 space around assignment
+sp_assign = add
+
+# Remove spaces around the preprocessor '##' token-concatenate
+sp_pp_concat = ignore
+
+# At least 1 space around '||' and '&&'
+sp_bool = add
+
+# But no space after the '!' operator
+sp_not = remove
+
+# No space after the bitwise-not '~' operator
+sp_inv = remove
+
+# No space after the addressof '&' operator
+sp_addr = remove
+
+# No space around the member '.' and '->' operators
+sp_member = remove
+
+# No space after the dereference '*' operator
+sp_deref = remove
+
+# No space after a unary negation '-'
+sp_sign = remove
+
+# No space between the '++'/'--' operator and its operand
+sp_incdec = remove
+
+# At least 1 space around comparison operators
+sp_compare = add
+
+# Remove spaces inside all kinds of parentheses:
+
+# Remove spaces inside parentheses
+sp_inside_paren = remove
+
+# No spaces inside statement parentheses
+sp_inside_sparen = remove
+
+# No spaces inside cast parentheses '( char )x' -> '(char)x'
+sp_inside_paren_cast = remove
+
+# No spaces inside function parentheses
+sp_inside_fparen = remove
+# (The case where the function has no parameters/arguments)
+sp_inside_fparens = remove
+
+# No spaces inside the first parentheses in a function type
+sp_inside_tparen = remove
+
+# (Uncrustify >= 0.74.0) No spaces inside parens in for statements
+sp_inside_for = remove
+
+# Remove spaces between nested parentheses '( (' -> '(('
+sp_paren_paren = remove
+# (Uncrustify >= 0.74.0)
+sp_sparen_paren = remove
+
+# Remove spaces between ')' and adjacent '('
+sp_cparen_oparen = remove
+
+# (Uncrustify >= 0.73.0) space between 'do' and '{'
+sp_do_brace_open = force
+
+# (Uncrustify >= 0.73.0) space between '}' and 'while'
+sp_brace_close_while = force
+
+# At least 1 space before a '*' pointer star
+sp_before_ptr_star = add
+
+# Remove spaces between pointer stars
+sp_between_ptr_star = remove
+
+# No space after a pointer star
+sp_after_ptr_star = remove
+
+# But allow a space in the case of e.g. char * const x;
+sp_after_ptr_star_qualifier = ignore
+
+# Remove space after star in a function return type
+sp_after_ptr_star_func = remove
+
+# At least 1 space after a type in variable definition etc
+sp_after_type = add
+
+# Force exactly 1 space between a statement keyword (e.g. 'if') and an opening parenthesis
+sp_before_sparen = force
+
+# Remove a space before a ';'
+sp_before_semi = remove
+# (Uncrustify >= 0.73.0) Remove space before a semi in a non-empty for
+sp_before_semi_for = remove
+# (Uncrustify >= 0.73.0) Remove space in empty first statement of a for
+sp_before_semi_for_empty = remove
+# (Uncrustify >= 0.74.0) Remove space in empty middle statement of a for
+sp_between_semi_for_empty = remove
+
+# Add a space after a ';' (unless a comment follows)
+sp_after_semi = add
+# (Uncrustify >= 0.73.0) Add a space after a semi in non-empty for statements
+sp_after_semi_for = add
+# (Uncrustify >= 0.73.0) No space after final semi in empty for statements
+sp_after_semi_for_empty = remove
+
+# Remove spaces on the inside of square brackets '[]'
+sp_inside_square = remove
+
+# Must have at least 1 space after a comma
+sp_after_comma = add
+
+# Must not have a space before a comma
+sp_before_comma = remove
+
+# No space before the ':' in a case statement
+sp_before_case_colon = remove
+
+# Must have space after a cast - '(char)x' -> '(char) x'
+sp_after_cast = add
+
+# No space between 'sizeof' and '('
+sp_sizeof_paren = remove
+
+# At least 1 space inside '{ }'
+sp_inside_braces = add
+
+# At least 1 space inside '{ }' in an enum
+sp_inside_braces_enum = add
+
+# At least 1 space inside '{ }' in a struct
+sp_inside_braces_struct = add
+
+# At least 1 space between a function return type and the function name
+sp_type_func = add
+
+# No space between a function name and its arguments/parameters
+sp_func_proto_paren = remove
+sp_func_def_paren = remove
+sp_func_call_paren = remove
+
+# No space between '__attribute__' and '('
+sp_attribute_paren = remove
+
+# No space between 'defined' and '(' in preprocessor conditions
+sp_defined_paren = remove
+
+# At least 1 space between a macro's name and its definition
+sp_macro = add
+sp_macro_func = add
+
+# Force exactly 1 space between a '}' and the name of a typedef if on the same line
+sp_brace_typedef = force
+
+# At least 1 space before a '\' line continuation
+sp_before_nl_cont = add
+
+# At least 1 space around '?' and ':' in ternary statements
+sp_cond_colon = add
+sp_cond_question = add
+
+# Space between #else/#endif and comment afterwards
+sp_endif_cmt = add
+
+# Remove newlines at the start of a file
+nl_start_of_file = remove
+
+# At least 1 newline at the end of a file
+nl_end_of_file = add
+nl_end_of_file_min = 1
+
+# Add braces in single-line statements
+mod_full_brace_do = add
+mod_full_brace_for = add
+mod_full_brace_if = add
+mod_full_brace_while = add
+
+# Remove parentheses from return statements
+mod_paren_on_return = remove
+
+# Disable removal of leading spaces in a multi-line comment if the first and
+# last lines are the same length
+cmt_multi_check_last = false
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/.gitignore b/3rdparty/mbedtls-2.28.7/3rdparty/.gitignore
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/.gitignore
rename to 3rdparty/mbedtls-2.28.7/3rdparty/.gitignore
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/CMakeLists.txt b/3rdparty/mbedtls-2.28.7/3rdparty/CMakeLists.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/CMakeLists.txt
rename to 3rdparty/mbedtls-2.28.7/3rdparty/CMakeLists.txt
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/Makefile.inc b/3rdparty/mbedtls-2.28.7/3rdparty/Makefile.inc
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/Makefile.inc
rename to 3rdparty/mbedtls-2.28.7/3rdparty/Makefile.inc
diff --git a/3rdparty/mbedtls-2.28.7/3rdparty/everest/.gitignore b/3rdparty/mbedtls-2.28.7/3rdparty/everest/.gitignore
new file mode 100644
index 0000000..f3c7a7c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/3rdparty/everest/.gitignore
@@ -0,0 +1 @@
+Makefile
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/CMakeLists.txt b/3rdparty/mbedtls-2.28.7/3rdparty/everest/CMakeLists.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/CMakeLists.txt
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/CMakeLists.txt
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/Makefile.inc b/3rdparty/mbedtls-2.28.7/3rdparty/everest/Makefile.inc
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/Makefile.inc
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/Makefile.inc
diff --git a/3rdparty/mbedtls-2.28.7/3rdparty/everest/README.md b/3rdparty/mbedtls-2.28.7/3rdparty/everest/README.md
new file mode 100644
index 0000000..bcf12c0
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/3rdparty/everest/README.md
@@ -0,0 +1,5 @@
+The files in this directory stem from [Project Everest](https://project-everest.github.io/) and are distributed under the Apache 2.0 license.
+
+This is a formally verified implementation of Curve25519-based handshakes. The C code is automatically derived from the (verified) [original implementation](https://github.com/project-everest/hacl-star/tree/master/code/curve25519) in the [F* language](https://github.com/fstarlang/fstar) by [KreMLin](https://github.com/fstarlang/kremlin). In addition to the improved safety and security of the implementation, it is also significantly faster than the default implementation of Curve25519 in mbedTLS.
+
+The caveat is that not all platforms are supported, although the version in `everest/library/legacy` should work on most systems. The main issue is that some platforms do not provide a 128-bit integer type and KreMLin therefore has to use additional (also verified) code to simulate them, resulting in less of a performance gain overall. Explicitly supported platforms are currently `x86` and `x86_64` using gcc or clang, and Visual C (2010 and later).
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/Hacl_Curve25519.h b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/Hacl_Curve25519.h
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/Hacl_Curve25519.h
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/Hacl_Curve25519.h
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/everest.h b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/everest.h
similarity index 99%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/everest.h
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/everest.h
index 5806500..392e792 100644
--- a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/everest.h
+++ b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/everest.h
@@ -96,7 +96,7 @@ int mbedtls_everest_make_params( mbedtls_ecdh_context_everest *ctx, size_t *olen
                                  void *p_rng );
 
 /**
- * \brief           This function parses and processes a TLS ServerKeyExhange
+ * \brief           This function parses and processes a TLS ServerKeyExchange
  *                  payload.
  *
  *                  This is the first function used by a TLS client for ECDHE
@@ -116,7 +116,7 @@ int mbedtls_everest_read_params( mbedtls_ecdh_context_everest *ctx,
                                  const unsigned char **buf, const unsigned char *end );
 
 /**
- * \brief           This function parses and processes a TLS ServerKeyExhange
+ * \brief           This function parses and processes a TLS ServerKeyExchange
  *                  payload.
  *
  *                  This is the first function used by a TLS client for ECDHE
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlib.h b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlib.h
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlib.h
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlib.h
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlib/FStar_UInt128.h b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlib/FStar_UInt128.h
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlib/FStar_UInt128.h
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlib/FStar_UInt128.h
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.h b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.h
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.h
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.h
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlin/c_endianness.h b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlin/c_endianness.h
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlin/c_endianness.h
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlin/c_endianness.h
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlin/internal/builtin.h b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlin/internal/builtin.h
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlin/internal/builtin.h
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlin/internal/builtin.h
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlin/internal/callconv.h b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlin/internal/callconv.h
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlin/internal/callconv.h
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlin/internal/callconv.h
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlin/internal/compat.h b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlin/internal/compat.h
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlin/internal/compat.h
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlin/internal/compat.h
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlin/internal/debug.h b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlin/internal/debug.h
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlin/internal/debug.h
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlin/internal/debug.h
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlin/internal/target.h b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlin/internal/target.h
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlin/internal/target.h
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlin/internal/target.h
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlin/internal/types.h b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlin/internal/types.h
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlin/internal/types.h
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlin/internal/types.h
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlin/internal/wasmsupport.h b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlin/internal/wasmsupport.h
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/kremlin/internal/wasmsupport.h
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/kremlin/internal/wasmsupport.h
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/vs2010/Hacl_Curve25519.h b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/vs2010/Hacl_Curve25519.h
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/vs2010/Hacl_Curve25519.h
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/vs2010/Hacl_Curve25519.h
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/vs2010/inttypes.h b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/vs2010/inttypes.h
similarity index 94%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/vs2010/inttypes.h
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/vs2010/inttypes.h
index d53f87f..77003be 100644
--- a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/vs2010/inttypes.h
+++ b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/vs2010/inttypes.h
@@ -17,7 +17,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  *
- *  This file is part of mbed TLS (https://tls.mbed.org)
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
  */
 
 #ifndef _INTTYPES_H_VS2010
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/vs2010/stdbool.h b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/vs2010/stdbool.h
similarity index 94%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/vs2010/stdbool.h
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/vs2010/stdbool.h
index 5b7039c..dcae6d8 100644
--- a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/vs2010/stdbool.h
+++ b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/vs2010/stdbool.h
@@ -17,7 +17,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  *
- *  This file is part of mbed TLS (https://tls.mbed.org)
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
  */
 
 #ifndef _STDBOOL_H_VS2010
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/x25519.h b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/x25519.h
similarity index 99%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/x25519.h
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/x25519.h
index 7a973dc..ef314d2 100644
--- a/3rdparty/mbedtls-2.25.0/3rdparty/everest/include/everest/x25519.h
+++ b/3rdparty/mbedtls-2.28.7/3rdparty/everest/include/everest/x25519.h
@@ -16,7 +16,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  *
- *  This file is part of mbed TLS (https://tls.mbed.org)
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
  */
 
 #ifndef MBEDTLS_X25519_H
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/library/Hacl_Curve25519.c b/3rdparty/mbedtls-2.28.7/3rdparty/everest/library/Hacl_Curve25519.c
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/library/Hacl_Curve25519.c
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/library/Hacl_Curve25519.c
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/library/Hacl_Curve25519_joined.c b/3rdparty/mbedtls-2.28.7/3rdparty/everest/library/Hacl_Curve25519_joined.c
similarity index 95%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/library/Hacl_Curve25519_joined.c
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/library/Hacl_Curve25519_joined.c
index ee62be1..b7d0c92 100644
--- a/3rdparty/mbedtls-2.25.0/3rdparty/everest/library/Hacl_Curve25519_joined.c
+++ b/3rdparty/mbedtls-2.28.7/3rdparty/everest/library/Hacl_Curve25519_joined.c
@@ -16,7 +16,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  *
- *  This file is part of mbed TLS (https://tls.mbed.org)
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
  */
 
 #include "common.h"
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/library/everest.c b/3rdparty/mbedtls-2.28.7/3rdparty/everest/library/everest.c
similarity index 97%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/library/everest.c
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/library/everest.c
index 82c4e03..fefc6a2 100644
--- a/3rdparty/mbedtls-2.25.0/3rdparty/everest/library/everest.c
+++ b/3rdparty/mbedtls-2.28.7/3rdparty/everest/library/everest.c
@@ -28,12 +28,7 @@
 #include "everest/x25519.h"
 #include "everest/everest.h"
 
-#if defined(MBEDTLS_PLATFORM_C)
 #include "mbedtls/platform.h"
-#else
-#define mbedtls_calloc calloc
-#define mbedtls_free   free
-#endif
 
 #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
 
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/library/kremlib/FStar_UInt128_extracted.c b/3rdparty/mbedtls-2.28.7/3rdparty/everest/library/kremlib/FStar_UInt128_extracted.c
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/library/kremlib/FStar_UInt128_extracted.c
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/library/kremlib/FStar_UInt128_extracted.c
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c b/3rdparty/mbedtls-2.28.7/3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/library/legacy/Hacl_Curve25519.c b/3rdparty/mbedtls-2.28.7/3rdparty/everest/library/legacy/Hacl_Curve25519.c
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/library/legacy/Hacl_Curve25519.c
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/library/legacy/Hacl_Curve25519.c
diff --git a/3rdparty/mbedtls-2.25.0/3rdparty/everest/library/x25519.c b/3rdparty/mbedtls-2.28.7/3rdparty/everest/library/x25519.c
similarity index 99%
rename from 3rdparty/mbedtls-2.25.0/3rdparty/everest/library/x25519.c
rename to 3rdparty/mbedtls-2.28.7/3rdparty/everest/library/x25519.c
index 9faa9ab..83064dc 100644
--- a/3rdparty/mbedtls-2.25.0/3rdparty/everest/library/x25519.c
+++ b/3rdparty/mbedtls-2.28.7/3rdparty/everest/library/x25519.c
@@ -16,7 +16,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  *
- *  This file is part of mbed TLS (https://tls.mbed.org)
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
  */
 
 #include "common.h"
diff --git a/3rdparty/mbedtls-2.28.7/BRANCHES.md b/3rdparty/mbedtls-2.28.7/BRANCHES.md
new file mode 100644
index 0000000..28a2c6a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/BRANCHES.md
@@ -0,0 +1,81 @@
+# Maintained branches
+
+At any point in time, we have a number of maintained branches consisting of:
+
+- The [`master`](https://github.com/Mbed-TLS/mbedtls/tree/master) branch:
+  this always contains the latest release, including all publicly available
+  security fixes.
+- The [`development`](https://github.com/Mbed-TLS/mbedtls/tree/development) branch:
+  this is where new features land,
+  as well as bug fixes and security fixes.
+- One or more long-time support (LTS) branches:
+  these only get bug fixes and security fixes.
+
+We use [Semantic Versioning](https://semver.org/). In particular, we maintain
+API compatibility in the `master` branch between major version changes. We
+also maintain ABI compatibility within LTS branches; see the next section for
+details.
+
+Every major version will become an LTS branch when the next major version is
+released. We may occasionally create LTS branches from other releases at our
+discretion.
+When a new LTS branch is created, it usually remains supported for three years.
+
+## Backwards Compatibility for application code
+
+We maintain API compatibility in released versions of Mbed TLS. If you have
+code that's working and secure with Mbed TLS x.y.z and does not rely on
+undocumented features, then you should be able to re-compile it without
+modification with any later release x.y'.z' with the same major version
+number, and your code will still build, be secure, and work.
+
+Note that this guarantee only applies if you either use the default
+compile-time configuration (`mbedtls/config.h`) or the same modified
+compile-time configuration. Changing compile-time configuration options can
+result in an incompatible API or ABI, although features will generally not
+affect unrelated features (for example, enabling or disabling a
+cryptographic algorithm does not break code that does not use that
+algorithm).
+
+There are rare exceptions: code that was relying on something that became
+insecure in the meantime (for example, crypto that was found to be weak) may
+need to be changed. In case security comes in conflict with backwards
+compatibility, we will put security first, but always attempt to provide a
+compatibility option.
+
+For the LTS branches, additionally we try very hard to also maintain ABI
+compatibility (same definition as API except with re-linking instead of
+re-compiling) and to avoid any increase in code size or RAM usage, or in the
+minimum version of tools needed to build the code. The only exception, as
+before, is in case those goals would conflict with fixing a security issue, we
+will put security first but provide a compatibility option. (So far we never
+had to break ABI compatibility in an LTS branch, but we occasionally had to
+increase code size for a security fix.)
+
+For contributors, see the [Backwards Compatibility section of
+CONTRIBUTING](CONTRIBUTING.md#backwards-compatibility).
+
+## Backward compatibility for the key store
+
+We maintain backward compatibility with previous versions of the
+PSA Crypto persistent storage since Mbed TLS 2.25.0, provided that the
+storage backend (PSA ITS implementation) is configured in a compatible way.
+We intend to maintain this backward compatibility throughout a major version
+of Mbed TLS (for example, all Mbed TLS 3.y versions will be able to read
+keys written under any Mbed TLS 3.x with x <= y).
+
+Mbed TLS 3.x can also read keys written by Mbed TLS 2.25.0 through 2.28.x
+LTS, but future major version upgrades (for example from 2.28.x/3.x to 4.y)
+may require the use of an upgrade tool.
+
+## Current Branches
+
+The following branches are currently maintained:
+
+- [master](https://github.com/Mbed-TLS/mbedtls/tree/master)
+- [`development`](https://github.com/Mbed-TLS/mbedtls/)
+- [`mbedtls-2.28`](https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-2.28)
+ maintained until at least the end of 2024, see
+  <https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.7>.
+
+Users are urged to always use the latest version of a maintained branch.
diff --git a/3rdparty/mbedtls-2.28.7/BUGS.md b/3rdparty/mbedtls-2.28.7/BUGS.md
new file mode 100644
index 0000000..47bde07
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/BUGS.md
@@ -0,0 +1,20 @@
+## Known issues
+
+Known issues in Mbed TLS are [tracked on GitHub](https://github.com/Mbed-TLS/mbedtls/issues).
+
+## Reporting a bug
+
+If you think you've found a bug in Mbed TLS, please follow these steps:
+
+1. Make sure you're using the latest version of a
+   [maintained branch](BRANCHES.md): `master`, `development`,
+   or a long-time support branch.
+2. Check [GitHub](https://github.com/Mbed-TLS/mbedtls/issues) to see if
+   your issue has already been reported. If not, …
+3. If the issue is a security risk (for example: buffer overflow,
+   data leak), please report it confidentially as described in
+   [`SECURITY.md`](SECURITY.md). If not, …
+4. Please [create an issue on on GitHub](https://github.com/Mbed-TLS/mbedtls/issues).
+
+Please do not use GitHub for support questions. If you want to know
+how to do something with Mbed TLS, please see [`SUPPORT.md`](SUPPORT.md) for available documentation and support channels.
diff --git a/3rdparty/mbedtls-2.28.7/CMakeLists.txt b/3rdparty/mbedtls-2.28.7/CMakeLists.txt
new file mode 100644
index 0000000..b001bb7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/CMakeLists.txt
@@ -0,0 +1,373 @@
+#
+# CMake build system design considerations:
+#
+# - Include directories:
+#   + Do not define include directories globally using the include_directories
+#     command but rather at the target level using the
+#     target_include_directories command. That way, it is easier to guarantee
+#     that targets are built using the proper list of include directories.
+#   + Use the PUBLIC and PRIVATE keywords to specify the scope of include
+#     directories. That way, a target linking to a library (using the
+#     target_link_libraries command) inherits from the library PUBLIC include
+#     directories and not from the PRIVATE ones.
+#   + Note: there is currently one remaining include_directories command in the
+#     CMake files. It is related to ZLIB support which is planned to be removed.
+#     When the support is removed, the associated include_directories command
+#     will be removed as well as this note.
+# - MBEDTLS_TARGET_PREFIX: CMake targets are designed to be alterable by calling
+#   CMake in order to avoid target name clashes, via the use of
+#   MBEDTLS_TARGET_PREFIX. The value of this variable is prefixed to the
+#   mbedtls, mbedx509, mbedcrypto and apidoc targets.
+#
+
+cmake_minimum_required(VERSION 2.8.12)
+
+# https://cmake.org/cmake/help/latest/policy/CMP0011.html
+# Setting this policy is required in CMake >= 3.18.0, otherwise a warning is generated. The OLD
+# policy setting is deprecated, and will be removed in future versions.
+cmake_policy(SET CMP0011 NEW)
+# https://cmake.org/cmake/help/latest/policy/CMP0012.html
+# Setting the CMP0012 policy to NEW is required for FindPython3 to work with CMake 3.18.2
+# (there is a bug in this particular version), otherwise, setting the CMP0012 policy is required
+# for CMake versions >= 3.18.3 otherwise a deprecated warning is generated. The OLD policy setting
+# is deprecated and will be removed in future versions.
+cmake_policy(SET CMP0012 NEW)
+
+if(TEST_CPP)
+    project("Mbed TLS" C CXX)
+else()
+    project("Mbed TLS" C)
+endif()
+
+# Set the project root directory.
+set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR})
+
+option(USE_PKCS11_HELPER_LIBRARY "Build Mbed TLS with the pkcs11-helper library." OFF)
+option(ENABLE_ZLIB_SUPPORT "Build Mbed TLS with zlib library." OFF)
+
+option(ENABLE_PROGRAMS "Build Mbed TLS programs." ON)
+
+option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF)
+option(MBEDTLS_FATAL_WARNINGS "Compiler warnings treated as errors" ON)
+
+string(REGEX MATCH "Clang" CMAKE_COMPILER_IS_CLANG "${CMAKE_C_COMPILER_ID}")
+string(REGEX MATCH "GNU" CMAKE_COMPILER_IS_GNU "${CMAKE_C_COMPILER_ID}")
+string(REGEX MATCH "IAR" CMAKE_COMPILER_IS_IAR "${CMAKE_C_COMPILER_ID}")
+string(REGEX MATCH "MSVC" CMAKE_COMPILER_IS_MSVC "${CMAKE_C_COMPILER_ID}")
+
+# the test suites currently have compile errors with MSVC
+if(CMAKE_COMPILER_IS_MSVC)
+    option(ENABLE_TESTING "Build Mbed TLS tests." OFF)
+else()
+    option(ENABLE_TESTING "Build Mbed TLS tests." ON)
+endif()
+
+# Warning string - created as a list for compatibility with CMake 2.8
+set(WARNING_BORDER "*******************************************************\n")
+set(NULL_ENTROPY_WARN_L1 "****  WARNING!  MBEDTLS_TEST_NULL_ENTROPY defined!\n")
+set(NULL_ENTROPY_WARN_L2 "****  THIS BUILD HAS NO DEFINED ENTROPY SOURCES\n")
+set(NULL_ENTROPY_WARN_L3 "****  AND IS *NOT* SUITABLE FOR PRODUCTION USE\n")
+
+set(NULL_ENTROPY_WARNING "${WARNING_BORDER}"
+                         "${NULL_ENTROPY_WARN_L1}"
+                         "${NULL_ENTROPY_WARN_L2}"
+                         "${NULL_ENTROPY_WARN_L3}"
+                         "${WARNING_BORDER}")
+
+set(CTR_DRBG_128_BIT_KEY_WARN_L1 "****  WARNING!  MBEDTLS_CTR_DRBG_USE_128_BIT_KEY defined!\n")
+set(CTR_DRBG_128_BIT_KEY_WARN_L2 "****  Using 128-bit keys for CTR_DRBG limits the security of generated\n")
+set(CTR_DRBG_128_BIT_KEY_WARN_L3 "****  keys and operations that use random values generated to 128-bit security\n")
+
+set(CTR_DRBG_128_BIT_KEY_WARNING "${WARNING_BORDER}"
+                         "${CTR_DRBG_128_BIT_KEY_WARN_L1}"
+                         "${CTR_DRBG_128_BIT_KEY_WARN_L2}"
+                         "${CTR_DRBG_128_BIT_KEY_WARN_L3}"
+                         "${WARNING_BORDER}")
+
+# Python 3 is only needed here to check for configuration warnings.
+if(NOT CMAKE_VERSION VERSION_LESS 3.15.0)
+    set(Python3_FIND_STRATEGY LOCATION)
+    find_package(Python3 COMPONENTS Interpreter)
+    if(Python3_Interpreter_FOUND)
+        set(MBEDTLS_PYTHON_EXECUTABLE ${Python3_EXECUTABLE})
+    endif()
+else()
+    find_package(PythonInterp 3)
+    if(PYTHONINTERP_FOUND)
+        set(MBEDTLS_PYTHON_EXECUTABLE ${PYTHON_EXECUTABLE})
+    endif()
+endif()
+if(MBEDTLS_PYTHON_EXECUTABLE)
+
+    # If 128-bit keys are configured for CTR_DRBG, display an appropriate warning
+    execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
+                        RESULT_VARIABLE result)
+    if(${result} EQUAL 0)
+        message(WARNING ${CTR_DRBG_128_BIT_KEY_WARNING})
+    endif()
+
+    # If NULL Entropy is configured, display an appropriate warning
+    execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_TEST_NULL_ENTROPY
+                        RESULT_VARIABLE result)
+    if(${result} EQUAL 0)
+        message(WARNING ${NULL_ENTROPY_WARNING})
+
+        if(NOT UNSAFE_BUILD)
+            message(FATAL_ERROR "\
+\n\
+Warning! You have enabled MBEDTLS_TEST_NULL_ENTROPY. \
+This option is not safe for production use and negates all security \
+It is intended for development use only. \
+\n\
+To confirm you want to build with this option, re-run cmake with the \
+option: \n\
+  cmake -DUNSAFE_BUILD=ON ")
+
+            return()
+        endif()
+    endif()
+endif()
+
+# If this is the root project add longer list of available CMAKE_BUILD_TYPE values
+if(CMAKE_SOURCE_DIR STREQUAL CMAKE_CURRENT_SOURCE_DIR)
+    set(CMAKE_BUILD_TYPE ${CMAKE_BUILD_TYPE}
+        CACHE STRING "Choose the type of build: None Debug Release Coverage ASan ASanDbg MemSan MemSanDbg Check CheckFull"
+        FORCE)
+endif()
+
+# Make MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE into PATHs
+set(MBEDTLS_CONFIG_FILE "" CACHE FILEPATH "Mbed TLS config file (overrides default).")
+set(MBEDTLS_USER_CONFIG_FILE "" CACHE FILEPATH "Mbed TLS user config file (appended to default).")
+
+# Create a symbolic link from ${base_name} in the binary directory
+# to the corresponding path in the source directory.
+# Note: Copies the file(s) on Windows.
+function(link_to_source base_name)
+    set(link "${CMAKE_CURRENT_BINARY_DIR}/${base_name}")
+    set(target "${CMAKE_CURRENT_SOURCE_DIR}/${base_name}")
+
+    if (NOT EXISTS ${link})
+        if (CMAKE_HOST_UNIX)
+            execute_process(COMMAND ln -s ${target} ${link}
+                RESULT_VARIABLE result
+                ERROR_VARIABLE output)
+
+            if (NOT ${result} EQUAL 0)
+                message(FATAL_ERROR "Could not create symbolic link for: ${target} --> ${output}")
+            endif()
+        else()
+            if (IS_DIRECTORY ${target})
+                file(GLOB_RECURSE files FOLLOW_SYMLINKS RELATIVE ${target} "${target}/*")
+                foreach(file IN LISTS files)
+                    if(NOT IS_DIRECTORY "${target}/${file}")
+                        configure_file("${target}/${file}" "${link}/${file}" COPYONLY)
+                    endif()
+                endforeach(file)
+            else()
+                configure_file(${target} ${link} COPYONLY)
+            endif()
+        endif()
+    endif()
+endfunction(link_to_source)
+
+string(REGEX MATCH "Clang" CMAKE_COMPILER_IS_CLANG "${CMAKE_C_COMPILER_ID}")
+
+include(CheckCCompilerFlag)
+
+if(CMAKE_COMPILER_IS_GNU)
+    # some warnings we want are not available with old GCC versions
+    # note: starting with CMake 2.8 we could use CMAKE_C_COMPILER_VERSION
+    execute_process(COMMAND ${CMAKE_C_COMPILER} -dumpversion
+                    OUTPUT_VARIABLE GCC_VERSION)
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings")
+    if (GCC_VERSION VERSION_GREATER 3.0 OR GCC_VERSION VERSION_EQUAL 3.0)
+        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat=2 -Wno-format-nonliteral")
+    endif()
+    if (GCC_VERSION VERSION_GREATER 4.3 OR GCC_VERSION VERSION_EQUAL 4.3)
+        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wvla")
+    endif()
+    if (GCC_VERSION VERSION_GREATER 4.5 OR GCC_VERSION VERSION_EQUAL 4.5)
+        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wlogical-op")
+    endif()
+    if (GCC_VERSION VERSION_GREATER 4.8 OR GCC_VERSION VERSION_EQUAL 4.8)
+        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wshadow")
+    endif()
+    if (GCC_VERSION VERSION_GREATER 5.0)
+        CHECK_C_COMPILER_FLAG("-Wformat-signedness" C_COMPILER_SUPPORTS_WFORMAT_SIGNEDNESS)
+        if(C_COMPILER_SUPPORTS_WFORMAT_SIGNEDNESS)
+            set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-signedness")
+        endif()
+    endif()
+    if (GCC_VERSION VERSION_GREATER 7.0 OR GCC_VERSION VERSION_EQUAL 7.0)
+      set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-overflow=2 -Wformat-truncation")
+    endif()
+    set(CMAKE_C_FLAGS_RELEASE     "-O2")
+    set(CMAKE_C_FLAGS_DEBUG       "-O0 -g3")
+    set(CMAKE_C_FLAGS_COVERAGE    "-O0 -g3 --coverage")
+    set(CMAKE_C_FLAGS_ASAN        "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3")
+    set(CMAKE_C_FLAGS_ASANDBG     "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
+    set(CMAKE_C_FLAGS_CHECK       "-Os")
+    set(CMAKE_C_FLAGS_CHECKFULL   "${CMAKE_C_FLAGS_CHECK} -Wcast-qual")
+endif(CMAKE_COMPILER_IS_GNU)
+
+if(CMAKE_COMPILER_IS_CLANG)
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral")
+    set(CMAKE_C_FLAGS_RELEASE     "-O2")
+    set(CMAKE_C_FLAGS_DEBUG       "-O0 -g3")
+    set(CMAKE_C_FLAGS_COVERAGE    "-O0 -g3 --coverage")
+    set(CMAKE_C_FLAGS_ASAN        "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3")
+    set(CMAKE_C_FLAGS_ASANDBG     "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
+    set(CMAKE_C_FLAGS_MEMSAN      "-fsanitize=memory -O3")
+    set(CMAKE_C_FLAGS_MEMSANDBG   "-fsanitize=memory -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2")
+    set(CMAKE_C_FLAGS_CHECK       "-Os")
+endif(CMAKE_COMPILER_IS_CLANG)
+
+if(CMAKE_COMPILER_IS_IAR)
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warn_about_c_style_casts")
+    set(CMAKE_C_FLAGS_RELEASE     "-Ohz")
+    set(CMAKE_C_FLAGS_DEBUG       "--debug -On")
+endif(CMAKE_COMPILER_IS_IAR)
+
+if(CMAKE_COMPILER_IS_MSVC)
+    # Strictest warnings, UTF-8 source and execution charset
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3 /utf-8")
+endif(CMAKE_COMPILER_IS_MSVC)
+
+if(MBEDTLS_FATAL_WARNINGS)
+    if(CMAKE_COMPILER_IS_MSVC)
+        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX")
+    endif(CMAKE_COMPILER_IS_MSVC)
+
+    if(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU)
+        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Werror")
+        if(UNSAFE_BUILD)
+            set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-error=cpp")
+            set(CMAKE_C_FLAGS_ASAN "${CMAKE_C_FLAGS_ASAN} -Wno-error=cpp")
+            set(CMAKE_C_FLAGS_ASANDBG "${CMAKE_C_FLAGS_ASANDBG} -Wno-error=cpp")
+        endif(UNSAFE_BUILD)
+    endif(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU)
+
+    if (CMAKE_COMPILER_IS_IAR)
+        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warnings_are_errors")
+    endif(CMAKE_COMPILER_IS_IAR)
+endif(MBEDTLS_FATAL_WARNINGS)
+
+if(CMAKE_BUILD_TYPE STREQUAL "Coverage")
+    if(CMAKE_COMPILER_IS_GNU OR CMAKE_COMPILER_IS_CLANG)
+        set(CMAKE_SHARED_LINKER_FLAGS "--coverage")
+    endif(CMAKE_COMPILER_IS_GNU OR CMAKE_COMPILER_IS_CLANG)
+endif(CMAKE_BUILD_TYPE STREQUAL "Coverage")
+
+if(LIB_INSTALL_DIR)
+else()
+    set(LIB_INSTALL_DIR lib)
+endif()
+
+if(ENABLE_ZLIB_SUPPORT)
+    find_package(ZLIB)
+
+    if(ZLIB_FOUND)
+        include_directories(${ZLIB_INCLUDE_DIR})
+    endif(ZLIB_FOUND)
+endif(ENABLE_ZLIB_SUPPORT)
+
+add_subdirectory(include)
+
+add_subdirectory(3rdparty)
+list(APPEND libs ${thirdparty_lib})
+
+add_subdirectory(library)
+
+#
+# The C files in tests/src directory contain test code shared among test suites
+# and programs. This shared test code is compiled and linked to test suites and
+# programs objects as a set of compiled objects. The compiled objects are NOT
+# built into a library that the test suite and program objects would link
+# against as they link against the mbedcrypto, mbedx509 and mbedtls libraries.
+# The reason is that such library is expected to have mutual dependencies with
+# the aforementioned libraries and that there is as of today no portable way of
+# handling such dependencies (only toolchain specific solutions).
+#
+# Thus the below definition of the `mbedtls_test` CMake library of objects
+# target. This library of objects is used by tests and programs CMake files
+# to define the test executables.
+#
+if(ENABLE_TESTING OR ENABLE_PROGRAMS)
+    file(GLOB MBEDTLS_TEST_FILES
+         ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/*.c
+         ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/drivers/*.c)
+    add_library(mbedtls_test OBJECT ${MBEDTLS_TEST_FILES})
+    target_include_directories(mbedtls_test
+        PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tests/include
+        PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+        PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/library)
+
+    file(GLOB MBEDTLS_TEST_HELPER_FILES
+         ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_helpers/*.c)
+    add_library(mbedtls_test_helpers OBJECT ${MBEDTLS_TEST_HELPER_FILES})
+    target_include_directories(mbedtls_test_helpers
+        PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tests/include
+        PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+        PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/library
+        PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/3rdparty/everest/include)
+
+    # Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE
+    if(MBEDTLS_CONFIG_FILE)
+        target_compile_definitions(mbedtls_test
+            PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}")
+        target_compile_definitions(mbedtls_test_helpers
+            PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}")
+    endif()
+    if(MBEDTLS_USER_CONFIG_FILE)
+        target_compile_definitions(mbedtls_test
+            PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}")
+        target_compile_definitions(mbedtls_test_helpers
+            PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}")
+    endif()
+endif()
+
+if(ENABLE_PROGRAMS)
+    add_subdirectory(programs)
+endif()
+
+ADD_CUSTOM_TARGET(${MBEDTLS_TARGET_PREFIX}apidoc
+    COMMAND doxygen mbedtls.doxyfile
+    WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/doxygen)
+
+if(ENABLE_TESTING)
+    enable_testing()
+
+    add_subdirectory(tests)
+
+    # additional convenience targets for Unix only
+    if(UNIX)
+
+        # For coverage testing:
+        # 1. Build with:
+        #         cmake -D CMAKE_BUILD_TYPE=Coverage /path/to/source && make
+        # 2. Run the relevant tests for the part of the code you're interested in.
+        #    For the reference coverage measurement, see
+        #    tests/scripts/basic-build-test.sh
+        # 3. Run scripts/lcov.sh to generate an HTML report.
+        ADD_CUSTOM_TARGET(lcov
+            COMMAND scripts/lcov.sh
+        )
+
+        ADD_CUSTOM_TARGET(memcheck
+            COMMAND sed -i.bak s+/usr/bin/valgrind+`which valgrind`+ DartConfiguration.tcl
+            COMMAND ctest -O memcheck.log -D ExperimentalMemCheck
+            COMMAND tail -n1 memcheck.log | grep 'Memory checking results:' > /dev/null
+            COMMAND rm -f memcheck.log
+            COMMAND mv DartConfiguration.tcl.bak DartConfiguration.tcl
+        )
+    endif(UNIX)
+
+    # Make scripts needed for testing available in an out-of-source build.
+    if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR})
+        link_to_source(scripts)
+        # Copy (don't link) DartConfiguration.tcl, needed for memcheck, to
+        # keep things simple with the sed commands in the memcheck target.
+        configure_file(${CMAKE_CURRENT_SOURCE_DIR}/DartConfiguration.tcl
+                    ${CMAKE_CURRENT_BINARY_DIR}/DartConfiguration.tcl COPYONLY)
+    endif()
+endif()
diff --git a/3rdparty/mbedtls-2.28.7/CONTRIBUTING.md b/3rdparty/mbedtls-2.28.7/CONTRIBUTING.md
new file mode 100644
index 0000000..f9dd499
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/CONTRIBUTING.md
@@ -0,0 +1,97 @@
+Contributing
+============
+We gratefully accept bug reports and contributions from the community. All PRs are reviewed by the project team / community, and may need some modifications to
+be accepted.
+
+Quick Checklist for PR contributors
+-----------------------------------
+More details on all of these points may be found in the sections below.
+
+- [Sign-off](#license-and-copyright): all commits must be signed off.
+- [Tests](#tests): please ensure the PR includes adequate tests.
+- [Changelog](#documentation): if needed, please provide a changelog entry.
+- [Backports](#long-term-support-branches): provide a backport if needed (it's fine to wait until the main PR is accepted).
+
+Coding Standards
+----------------
+- Contributions should include tests, as mentioned in the [Tests](#tests) and [Continuous Integration](#continuous-integration-tests) sections. Please check that your contribution passes basic tests before submission, and check the CI results after making a pull request.
+- The code should be written in a clean and readable style, and must follow [our coding standards](https://mbed-tls.readthedocs.io/en/latest/kb/development/mbedtls-coding-standards/).
+- The code should be written in a portable generic way, that will benefit the whole community, and not only your own needs.
+- The code should be secure, and will be reviewed from a security point of view as well.
+
+Making a Contribution
+---------------------
+1. [Check for open issues](https://github.com/Mbed-TLS/mbedtls/issues) or [start a discussion](https://lists.trustedfirmware.org/mailman3/lists/mbed-tls.lists.trustedfirmware.org) around a feature idea or a bug.
+1. Fork the [Mbed TLS repository on GitHub](https://github.com/Mbed-TLS/mbedtls) to start making your changes. As a general rule, you should use the ["development" branch](https://github.com/Mbed-TLS/mbedtls/tree/development) as a basis.
+1. Write a test which shows that the bug was fixed or that the feature works as expected.
+1. Send a pull request (PR) and work with us until it gets merged and published. Contributions may need some modifications, so a few rounds of review and fixing may be necessary. We will include your name in the ChangeLog :)
+1. For quick merging, the contribution should be short, and concentrated on a single feature or topic. The larger the contribution is, the longer it would take to review it and merge it.
+
+Backwards Compatibility
+-----------------------
+
+The project aims to minimise the impact on users upgrading to newer versions of the library and it should not be necessary for a user to make any changes to their own code to work with a newer version of the library. Unless the user has made an active decision to use newer features, a newer generation of the library or a change has been necessary due to a security issue or other significant software defect, no modifications to their own code should be necessary. To achieve this, API compatibility is maintained between different versions of Mbed TLS on the main development branch and in LTS (Long Term Support) branches, as described in [BRANCHES.md](BRANCHES.md).
+
+To minimise such disruption to users, where a change to the interface is required, all changes to the ABI or API, even on the main development branch where new features are added, need to be justifiable by either being a significant enhancement, new feature or bug fix which is best resolved by an interface change. If there is an API change, the contribution, if accepted, will be merged only when there is a major release.
+
+No changes are permitted to the definition of functions in the public interface which will change the API. Instead the interface can only be changed by its extension. Where changes to an existing interface are necessary, functions in the public interface which need to be changed are marked as 'deprecated'. If there is a strong reason to replace an existing function with one that has a slightly different interface (different prototype, or different documented behavior), create a new function with a new name with the desired interface. Keep the old function, but mark it as deprecated.
+
+Periodically, the library will remove deprecated functions from the library which will be a breaking change in the API, but such changes will be made only in a planned, structured way that gives sufficient notice to users of the library.
+
+Long Term Support Branches
+--------------------------
+Mbed TLS maintains several LTS (Long Term Support) branches, which are maintained continuously for a given period. The LTS branches are provided to allow users of the library to have a maintained, stable version of the library which contains only security fixes and fixes for other defects, without encountering additional features or API extensions which may introduce issues or change the code size or RAM usage, which can be significant considerations on some platforms. To allow users to take advantage of the LTS branches, these branches maintain backwards compatibility for both the public API and ABI.
+
+When backporting to these branches please observe the following rules:
+
+1. Any change to the library which changes the API or ABI cannot be backported.
+1. All bug fixes that correct a defect that is also present in an LTS branch must be backported to that LTS branch. If a bug fix introduces a change to the API such as a new function, the fix should be reworked to avoid the API change. API changes without very strong justification are unlikely to be accepted.
+1. If a contribution is a new feature or enhancement, no backporting is required. Exceptions to this may be additional test cases or quality improvements such as changes to build or test scripts.
+
+It would be highly appreciated if contributions are backported to LTS branches in addition to the [development branch](https://github.com/Mbed-TLS/mbedtls/tree/development) by contributors.
+
+The list of maintained branches can be found in the [Current Branches section
+of BRANCHES.md](BRANCHES.md#current-branches).
+
+Tests
+-----
+As mentioned, tests that show the correctness of the feature or bug fix should be added to the pull request, if no such tests exist.
+
+Mbed TLS includes a comprehensive set of test suites in the `tests/` directory that are dynamically generated to produce the actual test source files (e.g. `test_suite_rsa.c`). These files are generated from a `function file` (e.g. `suites/test_suite_rsa.function`) and a `data file` (e.g. `suites/test_suite_rsa.data`). The function file contains the test functions. The data file contains the test cases, specified as parameters that will be passed to the test function.
+
+[A Knowledge Base article describing how to add additional tests is available on the Mbed TLS website](https://mbed-tls.readthedocs.io/en/latest/kb/development/test_suites/).
+
+A test script `tests/scripts/basic-build-test.sh` is available to show test coverage of the library. New code contributions should provide a similar level of code coverage to that which already exists for the library.
+
+Sample applications, if needed, should be modified as well.
+
+Continuous Integration Tests
+----------------------------
+Once a PR has been made, the Continuous Integration (CI) tests are triggered and run. You should follow the result of the CI tests, and fix failures.
+
+It is advised to enable the [githooks scripts](https://github.com/Mbed-TLS/mbedtls/tree/development/tests/git-scripts) prior to pushing your changes, for catching some of the issues as early as possible.
+
+Documentation
+-------------
+Mbed TLS is well documented, but if you think documentation is needed, speak out!
+
+1. All interfaces should be documented through Doxygen. New APIs should introduce Doxygen documentation.
+1. Complex parts in the code should include comments.
+1. If needed, a Readme file is advised.
+1. If a [Knowledge Base (KB)](https://mbed-tls.readthedocs.io/en/latest/kb/) article should be added, write this as a comment in the PR description.
+1. A [ChangeLog](https://github.com/Mbed-TLS/mbedtls/blob/development/ChangeLog.d/00README.md) entry should be added for this contribution.
+
+License and Copyright
+---------------------
+
+Unless specifically indicated otherwise in a file, Mbed TLS files are provided under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license. See the [LICENSE](LICENSE) file for the full text of these licenses. This means that users may choose which of these licenses they take the code under.
+
+Contributors must accept that their contributions are made under both the Apache-2.0 AND [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) licenses. This enables LTS (Long Term Support) branches of the software to be provided under either the Apache-2.0 or GPL-2.0-or-later licenses.
+
+All new files should include the standard SPDX license identifier where possible, i.e. "SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later".
+
+The copyright on contributions is retained by the original authors of the code. Where possible for new files, this should be noted in a comment at the top of the file in the form: "Copyright The Mbed TLS Contributors".
+
+When contributing code to us, the committer and all authors are required to make the submission under the terms of the [Developer Certificate of Origin](dco.txt), confirming that the code submitted can (legally) become part of the project, and is submitted under both the Apache-2.0 AND GPL-2.0-or-later licenses.
+
+This is done by including the standard Git `Signed-off-by:` line in every commit message. If more than one person contributed to the commit, they should also add their own `Signed-off-by:` line.
diff --git a/3rdparty/mbedtls-2.25.0/ChangeLog b/3rdparty/mbedtls-2.28.7/ChangeLog
similarity index 82%
rename from 3rdparty/mbedtls-2.25.0/ChangeLog
rename to 3rdparty/mbedtls-2.28.7/ChangeLog
index fb231aa..5434e55 100644
--- a/3rdparty/mbedtls-2.25.0/ChangeLog
+++ b/3rdparty/mbedtls-2.28.7/ChangeLog
@@ -1,4 +1,779 @@
-mbed TLS ChangeLog (Sorted per branch, date)
+Mbed TLS ChangeLog (Sorted per branch, date)
+
+= Mbed TLS 2.28.7 branch released 2024-01-26
+
+Security
+   * Fix a timing side channel in private key RSA operations. This side channel
+     could be sufficient for an attacker to recover the plaintext. A local
+     attacker or a remote attacker who is close to the victim on the network
+     might have precise enough timing measurements to exploit this. It requires
+     the attacker to send a large number of messages for decryption. For
+     details, see "Everlasting ROBOT: the Marvin Attack", Hubert Kario. Reported
+     by Hubert Kario, Red Hat.
+   * Fix a failure to validate input when writing x509 extensions lengths which
+     could result in an integer overflow, causing a zero-length buffer to be
+     allocated to hold the extension. The extension would then be copied into
+     the buffer, causing a heap buffer overflow.
+
+= Mbed TLS 2.28.6 branch released 2023-11-06
+
+Changes
+   *  Mbed TLS is now released under a dual Apache-2.0 OR GPL-2.0-or-later
+      license. Users may choose which license they take the code under.
+
+= Mbed TLS 2.28.5 branch released 2023-10-05
+
+Features
+   * The documentation of mbedtls_ecp_group now describes the optimized
+     representation of A for some curves. Fixes #8045.
+
+Security
+   * Developers using mbedtls_pkcs5_pbes2() or mbedtls_pkcs12_pbe() should
+     review the size of the output buffer passed to this function, and note
+     that the output after decryption may include CBC padding. Consider moving
+     to the new functions mbedtls_pkcs5_pbes2_ext() or mbedtls_pkcs12_pbe_ext()
+     which checks for overflow of the output buffer and reports the actual
+     length of the output.
+   * Improve padding calculations in CBC decryption, NIST key unwrapping and
+     RSA OAEP decryption. With the previous implementation, some compilers
+     (notably recent versions of Clang and IAR) could produce non-constant
+     time code, which could allow a padding oracle attack if the attacker
+     has access to precise timing measurements.
+   * Fix a buffer overread when parsing short TLS application data records in
+     ARC4 or null-cipher cipher suites. Credit to OSS-Fuzz.
+
+Bugfix
+   * Fix x509 certificate generation to conform to RFC 5480 / RFC 5758 when
+     using ECC key. The certificate was rejected by some crypto frameworks.
+     Fixes #2924.
+   * Fix some cases where mbedtls_mpi_mod_exp, RSA key construction or ECDSA
+     signature can silently return an incorrect result in low memory conditions.
+   * Fix IAR compiler warnings. Fixes #7873, #4300.
+   * Fix an issue when parsing an otherName subject alternative name into a
+     mbedtls_x509_san_other_name struct. The type-id of the otherName was not
+     copied to the struct. This meant that the struct had incomplete
+     information about the otherName SAN and contained uninitialized memory.
+   * Fix the detection of HardwareModuleName otherName SANs. These were being
+     detected by comparing the wrong field and the check was erroneously
+     inverted.
+   * Fix an error when MBEDTLS_ECDSA_SIGN_ALT is defined but not
+     MBEDTLS_ECDSA_VERIFY_ALT, causing ecdsa verify to fail. Fixes #7498.
+   * Functions in the ssl_cache module now return a negative MBEDTLS_ERR_xxx
+     error code on failure. Before, they returned 1 to indicate failure in
+     some cases involving a missing entry or a full cache.
+
+Changes
+   * In configurations with ARIA or Camellia but not AES, the value of
+     MBEDTLS_CIPHER_BLKSIZE_MAX was 8, rather than 16 as the name might
+     suggest. This did not affect any library code, because this macro was
+     only used in relation with CMAC which does not support these ciphers.
+     Its value is now 16 if ARIA or Camellia are present. This may affect
+     application code that uses this macro.
+
+= Mbed TLS 2.28.4 branch released 2023-08-04
+
+Features
+   * Allow MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE to be set by
+     setting the CMake variable of the same name at configuration time.
+
+Bugfix
+   * Fix crypt_and_hash decryption fail when used with a stream cipher
+     mode of operation, due to the input not being a multiple of the block
+     size. Resolves #7417.
+   * Fix a bug where mbedtls_x509_string_to_names() would return success
+     when given a invalid name string, if it did not contain '=' or ','.
+   * Fix missing PSA initialization in sample programs when
+     MBEDTLS_USE_PSA_CRYPTO is enabled.
+   * Fix clang and armclang compilation error when targeting certain Arm
+     M-class CPUs (Cortex-M0, Cortex-M0+, Cortex-M1, Cortex-M23,
+     SecurCore SC000). Fixes #1077.
+   * Fixed an issue that caused compile errors when using CMake and the IAR
+     toolchain.
+   * Fix the build with MBEDTLS_PSA_INJECT_ENTROPY. Fixes #7516.
+   * Fix builds on Windows with clang.
+   * Fix compilation warnings in aes.c for certain combinations
+     of configuration options.
+   * Fix a compilation error on some platforms when including mbedtls/ssl.h
+     with all TLS support disabled. Fixes #6628.
+
+Changes
+   * Update test data to avoid failures of unit tests after 2023-08-07, and
+     update expiring certififcates in the certs module.
+
+= Mbed TLS 2.28.3 branch released 2023-03-28
+
+Features
+   * Use HOSTCC (if it is set) when compiling C code during generation of the
+     configuration-independent files. This allows them to be generated when
+     CC is set for cross compilation.
+   * AES-NI is now supported with Visual Studio.
+   * AES-NI is now supported in 32-bit builds, or when MBEDTLS_HAVE_ASM
+     is disabled, when compiling with GCC or Clang or a compatible compiler
+     for a target CPU that supports the requisite instructions (for example
+     gcc -m32 -msse2 -maes -mpclmul). (Generic x86 builds with GCC-like
+     compilers still require MBEDTLS_HAVE_ASM and a 64-bit target.)
+
+Security
+   * MBEDTLS_AESNI_C, which is enabled by default, was silently ignored on
+     builds that couldn't compile the GCC-style assembly implementation
+     (most notably builds with Visual Studio), leaving them vulnerable to
+     timing side-channel attacks. There is now an intrinsics-based AES-NI
+     implementation as a fallback for when the assembly one cannot be used.
+
+Bugfix
+   * Fix a build issue on Windows where the source and build directory could
+     not be on different drives (#5751).
+   * Fix possible integer overflow in mbedtls_timing_hardclock(), which
+     could cause a crash for certain platforms & compiler options.
+   * Fix IAR compiler warnings. Fixes #6924.
+   * Fix a bug in the build where directory names containing spaces were
+     causing generate_errors.pl to error out resulting in a build failure.
+     Fixes issue #6879.
+   * Fix compile error where MBEDTLS_RSA_C and MBEDTLS_X509_CRT_WRITE_C are
+     defined, but MBEDTLS_PK_RSA_ALT_SUPPORT is not defined. Fixes #3174.
+   * Fix a build issue when defining MBEDTLS_TIMING_ALT and MBEDTLS_SELF_TEST.
+     The library would not link if the user didn't provide an external self-test
+     function. The self-test is now provided regardless of the choice of
+     internal/alternative timing implementation. Fixes #6923.
+   * mbedtls_x509write_crt_set_serial() now explicitly rejects serial numbers
+     whose binary representation is longer than 20 bytes. This was already
+     forbidden by the standard (RFC5280 - section 4.1.2.2) and now it's being
+     enforced also at code level.
+   * Fix potential undefined behavior in mbedtls_mpi_sub_abs().  Reported by
+     Pascal Cuoq using TrustInSoft Analyzer in #6701; observed independently by
+     Aaron Ucko under Valgrind.
+   * Fix behavior of certain sample programs which could, when run with no
+     arguments, access uninitialized memory in some cases. Fixes #6700 (which
+     was found by TrustInSoft Analyzer during REDOCS'22) and #1120.
+   * Fix build errors in test programs when MBEDTLS_CERTS_C is disabled.
+     Fixes #6243.
+   * Fix parsing of X.509 SubjectAlternativeName extension. Previously,
+     malformed alternative name components were not caught during initial
+     certificate parsing, but only on subsequent calls to
+     mbedtls_x509_parse_subject_alt_name(). Fixes #2838.
+   * Fix bug in conversion from OID to string in
+     mbedtls_oid_get_numeric_string(). OIDs such as 2.40.0.25 are now printed
+     correctly.
+   * Reject OIDs with overlong-encoded subidentifiers when converting
+     them to a string.
+   * Reject OIDs with subidentifier values exceeding UINT_MAX.  Such
+     subidentifiers can be valid, but Mbed TLS cannot currently handle them.
+   * Reject OIDs that have unterminated subidentifiers, or (equivalently)
+     have the most-significant bit set in their last byte.
+   * Silence a warning about an unused local variable in bignum.c on
+     some architectures. Fixes #7166.
+   * Silence warnings from clang -Wdocumentation about empty \retval
+     descriptions, which started appearing with Clang 15. Fixes #6960.
+   * Fix undefined behavior in mbedtls_ssl_read() and mbedtls_ssl_write() if
+     len argument is 0 and buffer is NULL.
+
+Changes
+   * The C code follows a new coding style. This is transparent for users but
+     affects contributors and maintainers of local patches. For more
+     information, see
+     https://mbed-tls.readthedocs.io/en/latest/kb/how-to/rewrite-branch-for-coding-style/
+   * Changed the default MBEDTLS_ECP_WINDOW_SIZE from 6 to 2.
+     As tested in issue 6790, the correlation between this define and
+     RSA decryption performance has changed lately due to security fixes.
+     To fix the performance degradation when using default values the
+     window was reduced from 6 to 2, a value that gives the best or close
+     to best results when tested on Cortex-M4 and Intel i7.
+
+= Mbed TLS 2.28.2 branch released 2022-12-14
+
+Security
+   * Fix potential heap buffer overread and overwrite in DTLS if
+     MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
+     MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
+   * Fix an issue where an adversary with access to precise enough information
+     about memory accesses (typically, an untrusted operating system attacking
+     a secure enclave) could recover an RSA private key after observing the
+     victim performing a single private-key operation if the window size used
+     for the exponentiation was 3 or smaller. Found and reported by Zili KOU,
+     Wenjian HE, Sharad Sinha, and Wei ZHANG. See "Cache Side-channel Attacks
+     and Defenses of the Sliding Window Algorithm in TEEs" - Design, Automation
+     and Test in Europe 2023.
+
+Bugfix
+   * Fix a long-standing build failure when building x86 PIC code with old
+     gcc (4.x). The code will be slower, but will compile. We do however
+     recommend upgrading to a more recent compiler instead. Fixes #1910.
+   * Fix support for little-endian Microblaze when MBEDTLS_HAVE_ASM is defined.
+     Contributed by Kazuyuki Kimura to fix #2020.
+   * Use double quotes to include private header file psa_crypto_cipher.h.
+     Fixes 'file not found with <angled> include' error
+     when building with Xcode.
+   * Fix handling of broken symlinks when loading certificates using
+     mbedtls_x509_crt_parse_path(). Instead of returning an error as soon as a
+     broken link is encountered, skip the broken link and continue parsing
+     other certificate files. Contributed by Eduardo Silva in #2602.
+   * Fix a compilation error when using CMake with an IAR toolchain.
+     Fixes #5964.
+   * Fix bugs and missing dependencies when building and testing
+     configurations with only one encryption type enabled in TLS 1.2.
+   * Provide the missing definition of mbedtls_setbuf() in some configurations
+     with MBEDTLS_PLATFORM_C disabled. Fixes #6118, #6196.
+   * Fix compilation errors when trying to build with
+     PSA drivers for AEAD (GCM, CCM, Chacha20-Poly1305).
+   * Fix memory leak in ssl_parse_certificate_request() caused by
+     mbedtls_x509_get_name() not freeing allocated objects in case of error.
+     Change mbedtls_x509_get_name() to clean up allocated objects on error.
+   * Fix checks on PK in check_config.h for builds with PSA and RSA. This does
+     not change which builds actually work, only moving a link-time error to
+     an early check.
+   * Fix ECDSA verification, where it was not always validating the
+     public key. This bug meant that it was possible to verify a
+     signature with an invalid public key, in some cases. Reported by
+     Guido Vranken using Cryptofuzz in #4420.
+   * Fix a possible null pointer dereference if a memory allocation fails
+     in TLS PRF code. Reported by Michael Madsen in #6516.
+   * Fix a bug in which mbedtls_x509_crt_info() would produce non-printable
+     bytes when parsing certificates containing a binary RFC 4108
+     HardwareModuleName as a Subject Alternative Name extension. Hardware
+     serial numbers are now rendered in hex format. Fixes #6262.
+   * Fix bug in error reporting in dh_genprime.c where upon failure,
+     the error code returned by mbedtls_mpi_write_file() is overwritten
+     and therefore not printed.
+   * In the bignum module, operations of the form (-A) - (+A) or (-A) - (-A)
+     with A > 0 created an unintended representation of the value 0 which was
+     not processed correctly by some bignum operations. Fix this. This had no
+     consequence on cryptography code, but might affect applications that call
+     bignum directly and use negative numbers.
+   * Fix undefined behavior (typically harmless in practice) of
+     mbedtls_mpi_add_mpi(), mbedtls_mpi_add_abs() and mbedtls_mpi_add_int()
+     when both operands are 0 and the left operand is represented with 0 limbs.
+   * Fix undefined behavior (typically harmless in practice) when some bignum
+     functions receive the most negative value of mbedtls_mpi_sint. Credit
+     to OSS-Fuzz. Fixes #6597.
+   * Fix undefined behavior (typically harmless in practice) in PSA ECB
+     encryption and decryption.
+
+= Mbed TLS 2.28.1 branch released 2022-07-11
+
+Default behavior changes
+   * mbedtls_cipher_set_iv will now fail with ChaCha20 and ChaCha20+Poly1305
+     for IV lengths other than 12. The library was silently overwriting this
+     length with 12, but did not inform the caller about it. Fixes #4301.
+
+Features
+   * When MBEDTLS_PSA_CRYPTO_CONFIG is enabled, you may list the PSA crypto
+     feature requirements in the file named by the new macro
+     MBEDTLS_PSA_CRYPTO_CONFIG_FILE instead of the default psa/crypto_config.h.
+     Furthermore you may name an additional file to include after the main
+     file with the macro MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE.
+
+Security
+   * Zeroize dynamically-allocated buffers used by the PSA Crypto key storage
+     module before freeing them. These buffers contain secret key material, and
+     could thus potentially leak the key through freed heap.
+   * Fix a potential heap buffer overread in TLS 1.2 server-side when
+     MBEDTLS_USE_PSA_CRYPTO is enabled, an opaque key (created with
+     mbedtls_pk_setup_opaque()) is provisioned, and a static ECDH ciphersuite
+     is selected. This may result in an application crash or potentially an
+     information leak.
+   * Fix a buffer overread in DTLS ClientHello parsing in servers with
+     MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled. An unauthenticated client
+     or a man-in-the-middle could cause a DTLS server to read up to 255 bytes
+     after the end of the SSL input buffer. The buffer overread only happens
+     when MBEDTLS_SSL_IN_CONTENT_LEN is less than a threshold that depends on
+     the exact configuration: 258 bytes if using mbedtls_ssl_cookie_check(),
+     and possibly up to 571 bytes with a custom cookie check function.
+     Reported by the Cybeats PSI Team.
+
+Bugfix
+   * Fix a memory leak if mbedtls_ssl_config_defaults() is called twice.
+   * Fix several bugs (warnings, compiler and linker errors, test failures)
+     in reduced configurations when MBEDTLS_USE_PSA_CRYPTO is enabled.
+   * Fix a bug in (D)TLS curve negotiation: when MBEDTLS_USE_PSA_CRYPTO was
+     enabled and an ECDHE-ECDSA or ECDHE-RSA key exchange was used, the
+     client would fail to check that the curve selected by the server for
+     ECDHE was indeed one that was offered. As a result, the client would
+     accept any curve that it supported, even if that curve was not allowed
+     according to its configuration. Fixes #5291.
+   * Fix unit tests that used 0 as the file UID. This failed on some
+     implementations of PSA ITS. Fixes #3838.
+   * Fix API violation in mbedtls_md_process() test by adding a call to
+     mbedtls_md_starts(). Fixes #2227.
+   * Fix compile errors when MBEDTLS_HAVE_TIME is not defined. Add tests
+     to catch bad uses of time.h.
+   * Fix the library search path when building a shared library with CMake
+     on Windows.
+   * Fix bug in the alert sending function mbedtls_ssl_send_alert_message()
+     potentially leading to corrupted alert messages being sent in case
+     the function needs to be re-called after initially returning
+     MBEDTLS_SSL_WANT_WRITE. Fixes #1916.
+   * In configurations with MBEDTLS_SSL_DTLS_CONNECTION_ID enabled but none of
+     MBEDTLS_SSL_HW_RECORD_ACCEL, MBEDTLS_SSL_EXPORT_KEYS or MBEDTLS_DEBUG_C,
+     DTLS handshakes using CID would crash due to a null pointer dereference.
+     Fix this. Fixes #3998.
+   * Fix incorrect documentation of mbedtls_x509_crt_profile. The previous
+     documentation stated that the `allowed_pks` field applies to signatures
+     only, but in fact it does apply to the public key type of the end entity
+     certificate, too. Fixes #1992.
+   * Fix PSA cipher multipart operations using ARC4. Previously, an IV was
+     required but discarded. Now, an IV is rejected, as it should be.
+   * Fix undefined behavior in mbedtls_asn1_find_named_data(), where val is
+     not NULL and val_len is zero.
+   * psa_raw_key_agreement() now returns PSA_ERROR_BUFFER_TOO_SMALL when
+     applicable. Fixes #5735.
+   * Fix a bug in the x25519 example program where the removal of
+     MBEDTLS_ECDH_LEGACY_CONTEXT caused the program not to run. Fixes #4901 and
+     #3191.
+   * Encode X.509 dates before 1/1/2000 as UTCTime rather than
+     GeneralizedTime. Fixes #5465.
+   * Fix order value of curve x448.
+   * Fix string representation of DNs when outputting values containing commas
+     and other special characters, conforming to RFC 1779. Fixes #769.
+   * Silence a warning from GCC 12 in the selftest program. Fixes #5974.
+   * Fix mbedtls_asn1_write_mpi() writing an incorrect encoding of 0.
+   * Fix resource leaks in mbedtls_pk_parse_public_key() in low
+     memory conditions.
+   * Fix server connection identifier setting for outgoing encrypted records
+     on DTLS 1.2 session resumption. After DTLS 1.2 session resumption with
+     connection identifier, the Mbed TLS client now properly sends the server
+     connection identifier in encrypted record headers. Fix #5872.
+   * Fix a null pointer dereference when performing some operations on zero
+     represented with 0 limbs (specifically mbedtls_mpi_mod_int() dividing
+     by 2, and mbedtls_mpi_write_string() in base 2).
+   * Fix record sizes larger than 16384 being sometimes accepted despite being
+     non-compliant. This could not lead to a buffer overflow. In particular,
+     application data size was already checked correctly.
+
+Changes
+   * Assume source files are in UTF-8 when using MSVC with CMake.
+
+= mbed TLS 2.28.0 branch released 2021-12-17
+
+API changes
+   * Some fields of mbedtls_ssl_session and mbedtls_ssl_config are in a
+     different order. This only affects applications that define such
+     structures directly or serialize them.
+
+Requirement changes
+   * Sign-magnitude and one's complement representations for signed integers are
+     not supported. Two's complement is the only supported representation.
+
+Removals
+   * Remove config option MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES,
+     which allowed SHA-1 in the default TLS configuration for certificate
+     signing. It was intended to facilitate the transition in environments
+     with SHA-1 certificates. SHA-1 is considered a weak message digest and
+     its use constitutes a security risk.
+   * Remove the partial support for running unit tests via Greentea on Mbed OS,
+     which had been unmaintained since 2018.
+
+Features
+   * The identifier of the CID TLS extension can be configured by defining
+     MBEDTLS_TLS_EXT_CID at compile time.
+   * Warn if errors from certain functions are ignored. This is currently
+     supported on GCC-like compilers and on MSVC and can be configured through
+     the macro MBEDTLS_CHECK_RETURN. The warnings are always enabled
+     (where supported) for critical functions where ignoring the return
+     value is almost always a bug. Enable the new configuration option
+     MBEDTLS_CHECK_RETURN_WARNING to get warnings for other functions. This
+     is currently implemented in the AES, DES and md modules, and will be
+     extended to other modules in the future.
+   * Add missing PSA macros declared by PSA Crypto API 1.0.0:
+     PSA_ALG_IS_SIGN_HASH, PSA_ALG_NONE, PSA_HASH_BLOCK_LENGTH, PSA_KEY_ID_NULL.
+   * Add new API mbedtls_ct_memcmp for constant time buffer comparison.
+   * Add PSA API definition for ARIA.
+
+Security
+   * Zeroize several intermediate variables used to calculate the expected
+     value when verifying a MAC or AEAD tag. This hardens the library in
+     case the value leaks through a memory disclosure vulnerability. For
+     example, a memory disclosure vulnerability could have allowed a
+     man-in-the-middle to inject fake ciphertext into a DTLS connection.
+   * In psa_cipher_generate_iv() and psa_cipher_encrypt(), do not read back
+     from the output buffer. This fixes a potential policy bypass or decryption
+     oracle vulnerability if the output buffer is in memory that is shared with
+     an untrusted application.
+   * Fix a double-free that happened after mbedtls_ssl_set_session() or
+     mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED
+     (out of memory). After that, calling mbedtls_ssl_session_free()
+     and mbedtls_ssl_free() would cause an internal session buffer to
+     be free()'d twice.
+
+Bugfix
+   * Stop using reserved identifiers as local variables. Fixes #4630.
+   * The GNU makefiles invoke python3 in preference to python except on Windows.
+     The check was accidentally not performed when cross-compiling for Windows
+     on Linux. Fix this. Fixes #4774.
+   * Prevent divide by zero if either of PSA_CIPHER_ENCRYPT_OUTPUT_SIZE() or
+     PSA_CIPHER_UPDATE_OUTPUT_SIZE() were called using an asymmetric key type.
+   * Fix a parameter set but unused in psa_crypto_cipher.c. Fixes #4935.
+   * Don't use the obsolete header path sys/fcntl.h in unit tests.
+     These header files cause compilation errors in musl.
+     Fixes #4969.
+   * Fix missing constraints on x86_64 and aarch64 assembly code
+     for bignum multiplication that broke some bignum operations with
+     (at least) Clang 12.
+     Fixes #4116, #4786, #4917, #4962.
+   * Fix mbedtls_cipher_crypt: AES-ECB when MBEDTLS_USE_PSA_CRYPTO is enabled.
+   * Failures of alternative implementations of AES or DES single-block
+     functions enabled with MBEDTLS_AES_ENCRYPT_ALT, MBEDTLS_AES_DECRYPT_ALT,
+     MBEDTLS_DES_CRYPT_ECB_ALT or MBEDTLS_DES3_CRYPT_ECB_ALT were ignored.
+     This does not concern the implementation provided with Mbed TLS,
+     where this function cannot fail, or full-module replacements with
+     MBEDTLS_AES_ALT or MBEDTLS_DES_ALT. Reported by Armelle Duboc in #1092.
+   * Some failures of HMAC operations were ignored. These failures could only
+     happen with an alternative implementation of the underlying hash module.
+   * Fix the error returned by psa_generate_key() for a public key. Fixes #4551.
+   * Fix the build of sample programs when neither MBEDTLS_ERROR_C nor
+     MBEDTLS_ERROR_STRERROR_DUMMY is enabled.
+   * Fix PSA_ALG_RSA_PSS verification accepting an arbitrary salt length.
+     This algorithm now accepts only the same salt length for verification
+     that it produces when signing, as documented. Use the new algorithm
+     PSA_ALG_RSA_PSS_ANY_SALT to accept any salt length. Fixes #4946.
+   * The existing predicate macro name PSA_ALG_IS_HASH_AND_SIGN is now reserved
+     for algorithm values that fully encode the hashing step, as per the PSA
+     Crypto API specification. This excludes PSA_ALG_RSA_PKCS1V15_SIGN_RAW and
+     PSA_ALG_ECDSA_ANY. The new predicate macro PSA_ALG_IS_SIGN_HASH covers
+     all algorithms that can be used with psa_{sign,verify}_hash(), including
+     these two.
+   * Fix issue in Makefile on Linux with SHARED=1, that caused shared libraries
+     not to list other shared libraries they need.
+   * Fix a bug in mbedtls_gcm_starts() when the bit length of the iv
+     exceeds 2^32. Fixes #4884.
+   * Fix an uninitialized variable warning in test_suite_ssl.function with GCC
+     version 11.
+   * Fix the build when no SHA2 module is included. Fixes #4930.
+   * Fix the build when only the bignum module is included. Fixes #4929.
+   * Fix a potential invalid pointer dereference and infinite loop bugs in
+     pkcs12 functions when the password is empty. Fix the documentation to
+     better describe the inputs to these functions and their possible values.
+     Fixes #5136.
+   * The key usage flags PSA_KEY_USAGE_SIGN_MESSAGE now allows the MAC
+     operations psa_mac_compute() and psa_mac_sign_setup().
+   * The key usage flags PSA_KEY_USAGE_VERIFY_MESSAGE now allows the MAC
+     operations psa_mac_verify() and psa_mac_verify_setup().
+
+Changes
+   * Set config option MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE to be
+     disabled by default.
+   * Improve the performance of base64 constant-flow code. The result is still
+     slower than the original non-constant-flow implementation, but much faster
+     than the previous constant-flow implementation. Fixes #4814.
+   * Indicate in the error returned if the nonce length used with
+     ChaCha20-Poly1305 is invalid, and not just unsupported.
+   * The mbedcrypto library includes a new source code module constant_time.c,
+     containing various functions meant to resist timing side channel attacks.
+     This module does not have a separate configuration option, and functions
+     from this module will be included in the build as required. Currently
+     most of the interface of this module is private and may change at any
+     time.
+
+= mbed TLS 2.27.0 branch released 2021-07-07
+
+API changes
+   * Update AEAD output size macros to bring them in line with the PSA Crypto
+     API version 1.0 spec. This version of the spec parameterizes them on the
+     key type used, as well as the key bit-size in the case of
+     PSA_AEAD_TAG_LENGTH.
+     The old versions of these macros were renamed and deprecated as follows:
+     - PSA_AEAD_TAG_LENGTH          -> PSA_AEAD_TAG_LENGTH_1_ARG
+     - PSA_AEAD_ENCRYPT_OUTPUT_SIZE -> PSA_AEAD_ENCRYPT_OUTPUT_SIZE_2_ARG
+     - PSA_AEAD_DECRYPT_OUTPUT_SIZE -> PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG
+     - PSA_AEAD_UPDATE_OUTPUT_SIZE  -> PSA_AEAD_UPDATE_OUTPUT_SIZE_2_ARG
+     - PSA_AEAD_FINISH_OUTPUT_SIZE  -> PSA_AEAD_FINISH_OUTPUT_SIZE_1_ARG
+     - PSA_AEAD_VERIFY_OUTPUT_SIZE  -> PSA_AEAD_VERIFY_OUTPUT_SIZE_1_ARG
+   * Implement one-shot cipher functions, psa_cipher_encrypt and
+     psa_cipher_decrypt, according to the PSA Crypto API 1.0.0
+     specification.
+
+Requirement changes
+   * The library now uses the %zu format specifier with the printf() family of
+     functions, so requires a toolchain that supports it. This change does not
+     affect the maintained LTS branches, so when contributing changes please
+     bear this in mind and do not add them to backported code.
+
+Features
+   * Add mbedtls_rsa_rsassa_pss_sign_ext() function allowing to generate a
+     signature with a specific salt length. This function allows to validate
+     test cases provided in the NIST's CAVP test suite. Contributed by Cédric
+     Meuter in PR #3183.
+   * Added support for built-in driver keys through the PSA opaque crypto
+     driver interface. Refer to the documentation of
+     MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS for more information.
+   * Implement psa_sign_message() and psa_verify_message().
+   * The new function mbedtls_mpi_random() generates a random value in a
+     given range uniformly.
+   * Implement psa_mac_compute() and psa_mac_verify() as defined in the
+     PSA Cryptograpy API 1.0.0 specification.
+   * MBEDTLS_ECP_MAX_BITS is now determined automatically from the configured
+     curves and no longer needs to be configured explicitly to save RAM.
+
+Security
+   * Fix a bias in the generation of finite-field Diffie-Hellman-Merkle (DHM)
+     private keys and of blinding values for DHM and elliptic curves (ECP)
+     computations. Reported by FlorianF89 in #4245.
+   * Fix a potential side channel vulnerability in ECDSA ephemeral key generation.
+     An adversary who is capable of very precise timing measurements could
+     learn partial information about the leading bits of the nonce used for the
+     signature, allowing the recovery of the private key after observing a
+     large number of signature operations. This completes a partial fix in
+     Mbed TLS 2.20.0.
+   * It was possible to configure MBEDTLS_ECP_MAX_BITS to a value that is
+     too small, leading to buffer overflows in ECC operations. Fail the build
+     in such a case.
+   * Fix an issue where an adversary with access to precise enough information
+     about memory accesses (typically, an untrusted operating system attacking
+     a secure enclave) could recover an RSA private key after observing the
+     victim performing a single private-key operation. Found and reported by
+     Zili KOU, Wenjian HE, Sharad Sinha, and Wei ZHANG.
+   * Fix an issue where an adversary with access to precise enough timing
+     information (typically, a co-located process) could recover a Curve25519
+     or Curve448 static ECDH key after inputting a chosen public key and
+     observing the victim performing the corresponding private-key operation.
+     Found and reported by Leila Batina, Lukas Chmielewski, Björn Haase, Niels
+     Samwel and Peter Schwabe.
+
+Bugfix
+   * Add printf function attributes to mbedtls_debug_print_msg to ensure we
+     get printf format specifier warnings.
+   * Fix premature fopen() call in mbedtls_entropy_write_seed_file which may
+     lead to seed file corruption in the case where the path to the seed file is
+     equal to MBEDTLS_PLATFORM_STD_NV_SEED_FILE. Contributed by Victor
+     Krasnoshchok in #3616.
+   * PSA functions other than psa_open_key now return PSA_ERROR_INVALID_HANDLE
+     rather than PSA_ERROR_DOES_NOT_EXIST for an invalid handle, bringing them
+     in line with version 1.0.0 of the specification. Fix #4162.
+   * PSA functions creating a key now return PSA_ERROR_INVALID_ARGUMENT rather
+     than PSA_ERROR_INVALID_HANDLE when the identifier specified for the key
+     to create is not valid, bringing them in line with version 1.0.0 of the
+     specification. Fix #4271.
+   * Fix some cases in the bignum module where the library constructed an
+     unintended representation of the value 0 which was not processed
+     correctly by some bignum operations. This could happen when
+     mbedtls_mpi_read_string() was called on "-0", or when
+     mbedtls_mpi_mul_mpi() and mbedtls_mpi_mul_int() was called with one of
+     the arguments being negative and the other being 0. Fixes #4643.
+   * Fix a bug in ECDSA that would cause it to fail when the hash is all-bits
+     zero. Fixes #1792
+   * Fix a compilation error when MBEDTLS_ECP_RANDOMIZE_MXZ_ALT is
+     defined. Fixes #4217.
+   * Fix an incorrect error code when parsing a PKCS#8 private key.
+   * In a TLS client, enforce the Diffie-Hellman minimum parameter size
+     set with mbedtls_ssl_conf_dhm_min_bitlen() precisely. Before, the
+     minimum size was rounded down to the nearest multiple of 8.
+   * In library/net_sockets.c, _POSIX_C_SOURCE and _XOPEN_SOURCE are
+     defined to specific values.  If the code is used in a context
+     where these are already defined, this can result in a compilation
+     error.  Instead, assume that if they are defined, the values will
+     be adequate to build Mbed TLS.
+   * The cipher suite TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384 was not available
+     when SHA-1 was disabled and was offered when SHA-1 was enabled but SHA-384
+     was disabled. Fix the dependency. Fixes #4472.
+   * Do not offer SHA384 cipher suites when SHA-384 is disabled. Fixes #4499.
+   * With MBEDTLS_PSA_CRYPTO_C disabled, some functions were getting built
+     nonetheless, resulting in undefined reference errors when building a
+     shared library. Reported by Guillermo Garcia M. in #4411.
+   * Fix test suite code on platforms where int32_t is not int, such as
+     Arm Cortex-M. Fixes #4530.
+   * Fix some issues affecting MBEDTLS_ARIA_ALT implementations: a misplaced
+     directive in a header and a missing initialization in the self-test.
+   * Fix a missing initialization in the Camellia self-test, affecting
+     MBEDTLS_CAMELLIA_ALT implementations.
+   * Restore the ability to configure PSA via Mbed TLS options to support RSA
+     key pair operations but exclude RSA key generation. When MBEDTLS_GENPRIME
+     is not defined PSA will no longer attempt to use mbedtls_rsa_gen_key().
+     Fixes #4512.
+   * Fix a regression introduced in 2.24.0 which broke (D)TLS CBC ciphersuites
+     (when the encrypt-then-MAC extension is not in use) with some ALT
+     implementations of the underlying hash (SHA-1, SHA-256, SHA-384), causing
+     the affected side to wrongly reject valid messages. Fixes #4118.
+   * Remove outdated check-config.h check that prevented implementing the
+     timing module on Mbed OS. Fixes #4633.
+   * Fix PSA_ALG_TLS12_PRF and PSA_ALG_TLS12_PSK_TO_MS being too permissive
+     about missing inputs.
+   * Fix mbedtls_net_poll() and mbedtls_net_recv_timeout() often failing with
+     MBEDTLS_ERR_NET_POLL_FAILED on Windows. Fixes #4465.
+   * Fix a resource leak in a test suite with an alternative AES
+     implementation. Fixes #4176.
+   * Fix a crash in mbedtls_mpi_debug_mpi on a bignum having 0 limbs. This
+     could notably be triggered by setting the TLS debug level to 3 or above
+     and using a Montgomery curve for the key exchange. Reported by lhuang04
+     in #4578. Fixes #4608.
+   * psa_verify_hash() was relying on implementation-specific behavior of
+     mbedtls_rsa_rsassa_pss_verify() and was causing failures in some _ALT
+     implementations. This reliance is now removed. Fixes #3990.
+   * Disallow inputs of length different from the corresponding hash when
+     signing or verifying with PSA_ALG_RSA_PSS (The PSA Crypto API mandates
+     that PSA_ALG_RSA_PSS uses the same hash throughout the algorithm.)
+   * Fix a null pointer dereference when mbedtls_mpi_exp_mod() was called with
+     A=0 represented with 0 limbs. Up to and including Mbed TLS 2.26, this bug
+     could not be triggered by code that constructed A with one of the
+     mbedtls_mpi_read_xxx functions (including in particular TLS code) since
+     those always built an mpi object with at least one limb.
+     Credit to OSS-Fuzz. Fixes #4641.
+   * Fix mbedtls_mpi_gcd(G,A,B) when the value of B is zero. This had no
+     effect on Mbed TLS's internal use of mbedtls_mpi_gcd(), but may affect
+     applications that call mbedtls_mpi_gcd() directly. Fixes #4642.
+   * The PSA API no longer allows the creation or destruction of keys with a
+     read-only lifetime. The persistence level PSA_KEY_PERSISTENCE_READ_ONLY
+     can now only be used as intended, for keys that cannot be modified through
+     normal use of the API.
+   * When MBEDTLS_PSA_CRYPTO_SPM is enabled, crypto_spe.h was not included
+     in all the right places. Include it from crypto_platform.h, which is
+     the natural place. Fixes #4649.
+   * mbedtls_pk_sign() and mbedtls_pk_verify() and their extended and
+     restartable variants now always honor the specified hash length if
+     nonzero. Before, for RSA, hash_len was ignored in favor of the length of
+     the specified hash algorithm.
+   * Fix which alert is sent in some cases to conform to the
+     applicable RFC: on an invalid Finished message value, an
+     invalid max_fragment_length extension, or an
+     unsupported extension used by the server.
+   * Correct (change from 12 to 13 bytes) the value of the macro describing the
+     maximum nonce length returned by psa_aead_generate_nonce().
+
+Changes
+   * Add extra printf compiler warning flags to builds.
+   * Fix memsan build false positive in x509_crt.c with Clang 11
+   * Fix the setting of the read timeout in the DTLS sample programs.
+   * Remove the AES sample application programs/aes/aescrypt2 which shows
+     bad cryptographic practice. Fix #1906.
+   * Alternative implementations of CMAC may now opt to not support 3DES as a
+     CMAC block cipher, and still pass the CMAC self test.
+   * Remove configs/config-psa-crypto.h, which was identical to the default
+     configuration except for having some extra cryptographic mechanisms
+     enabled and for unintended differences. This configuration was primarily
+     intended to demonstrate the PSA API, and lost most of its usefulness when
+     MBEDTLS_PSA_CRYPTO_C became enabled by default.
+   * When building the test suites with GNU make, invoke python3 or python, not
+     python2, which is no longer supported upstream.
+   * When using session cache based session resumption on the server,
+     double-check that custom session cache implementations return
+     sessions which are consistent with the negotiated ciphersuite
+     and compression method.
+   * Fix build failure on MinGW toolchain when __USE_MING_ANSI_STDIO is on.
+     When that flag is on, standard GNU C printf format specifiers
+     should be used.
+   * Reduce the default value of MBEDTLS_ECP_WINDOW_SIZE. This reduces RAM usage
+     during ECC operations at a negligible performance cost.
+   * mbedtls_mpi_read_binary(), mbedtls_mpi_read_binary_le() and
+     mbedtls_mpi_read_string() now construct an mbedtls_mpi object with 0 limbs
+     when their input has length 0. Note that this is an implementation detail
+     and can change at any time, so this change should be transparent, but it
+     may result in mbedtls_mpi_write_binary() or mbedtls_mpi_write_string()
+     now writing an empty string where it previously wrote one or more
+     zero digits when operating from values constructed with an mpi_read
+     function and some mpi operations.
+   * Implicitly add PSA_KEY_USAGE_SIGN_MESSAGE key usage policy flag when
+     PSA_KEY_USAGE_SIGN_HASH flag is set and PSA_KEY_USAGE_VERIFY_MESSAGE flag
+     when PSA_KEY_USAGE_VERIFY_HASH flag is set. This usage flag extension
+     is also applied when loading a key from storage.
+
+= mbed TLS 2.26.0 branch released 2021-03-08
+
+API changes
+   * Renamed the PSA Crypto API output buffer size macros to bring them in line
+     with version 1.0.0 of the specification.
+   * The API glue function mbedtls_ecc_group_of_psa() now takes the curve size
+     in bits rather than bytes, with an additional flag to indicate if the
+     size may have been rounded up to a whole number of bytes.
+   * Renamed the PSA Crypto API AEAD tag length macros to bring them in line
+     with version 1.0.0 of the specification.
+
+Default behavior changes
+   * In mbedtls_rsa_context objects, the ver field was formerly documented
+     as always 0. It is now reserved for internal purposes and may take
+     different values.
+
+New deprecations
+   * PSA_KEY_EXPORT_MAX_SIZE, PSA_HASH_SIZE, PSA_MAC_FINAL_SIZE,
+     PSA_BLOCK_CIPHER_BLOCK_SIZE, PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE and
+     PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN have been renamed, and the old names
+     deprecated.
+   * PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH and PSA_ALG_AEAD_WITH_TAG_LENGTH
+     have been renamed, and the old names deprecated.
+
+Features
+   * The PSA crypto subsystem can now use HMAC_DRBG instead of CTR_DRBG.
+     CTR_DRBG is used by default if it is available, but you can override
+     this choice by setting MBEDTLS_PSA_HMAC_DRBG_MD_TYPE at compile time.
+     Fix #3354.
+   * Automatic fallback to a software implementation of ECP when
+     MBEDTLS_ECP_xxx_ALT accelerator hooks are in use can now be turned off
+     through setting the new configuration flag MBEDTLS_ECP_NO_FALLBACK.
+   * The PSA crypto subsystem can now be configured to use less static RAM by
+     tweaking the setting for the maximum amount of keys simultaneously in RAM.
+     MBEDTLS_PSA_KEY_SLOT_COUNT sets the maximum number of volatile keys that
+     can exist simultaneously. It has a sensible default if not overridden.
+   * Partial implementation of the PSA crypto driver interface: Mbed TLS can
+     now use an external random generator instead of the library's own
+     entropy collection and DRBG code. Enable MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
+     and see the documentation of mbedtls_psa_external_get_random() for details.
+   * Applications using both mbedtls_xxx and psa_xxx functions (for example,
+     applications using TLS and MBEDTLS_USE_PSA_CRYPTO) can now use the PSA
+     random generator with mbedtls_xxx functions. See the documentation of
+     mbedtls_psa_get_random() for details.
+   * In the PSA API, the policy for a MAC or AEAD algorithm can specify a
+     minimum MAC or tag length thanks to the new wildcards
+     PSA_ALG_AT_LEAST_THIS_LENGTH_MAC and
+     PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG.
+
+Security
+   * Fix a security reduction in CTR_DRBG when the initial seeding obtained a
+     nonce from entropy. Applications were affected if they called
+     mbedtls_ctr_drbg_set_nonce_len(), if they called
+     mbedtls_ctr_drbg_set_entropy_len() with a size that was 3/2 times the key
+     length, or when the entropy module uses SHA-256 and CTR_DRBG uses AES-256.
+     In such cases, a random nonce was necessary to achieve the advertised
+     security strength, but the code incorrectly used a constant instead of
+     entropy from the nonce.
+     Found by John Stroebel in #3819 and fixed in #3973.
+   * Fix a buffer overflow in mbedtls_mpi_sub_abs() when calculating
+     |A| - |B| where |B| is larger than |A| and has more limbs (so the
+     function should return MBEDTLS_ERR_MPI_NEGATIVE_VALUE). Only
+     applications calling mbedtls_mpi_sub_abs() directly are affected:
+     all calls inside the library were safe since this function is
+     only called with |A| >= |B|. Reported by Guido Vranken in #4042.
+   * Fix an errorneous estimation for an internal buffer in
+     mbedtls_pk_write_key_pem(). If MBEDTLS_MPI_MAX_SIZE is set to an odd
+     value the function might fail to write a private RSA keys of the largest
+     supported size.
+     Found by Daniel Otte, reported in #4093 and fixed in #4094.
+   * Fix a stack buffer overflow with mbedtls_net_poll() and
+     mbedtls_net_recv_timeout() when given a file descriptor that is
+     beyond FD_SETSIZE. Reported by FigBug in #4169.
+   * Guard against strong local side channel attack against base64 tables by
+     making access aceess to them use constant flow code.
+
+Bugfix
+   * Fix use-after-scope error in programs/ssl/ssl_client2.c and ssl_server2.c
+   * Fix memory leak that occured when calling psa_close_key() on a
+     wrapped key with MBEDTLS_PSA_CRYPTO_SE_C defined.
+   * Fix an incorrect error code if an RSA private operation glitched.
+   * Fix a memory leak in an error case in psa_generate_derived_key_internal().
+   * Fix a resource leak in CTR_DRBG and HMAC_DRBG when MBEDTLS_THREADING_C
+     is enabled, on platforms where initializing a mutex allocates resources.
+     This was a regression introduced in the previous release. Reported in
+     #4017, #4045 and #4071.
+   * Ensure that calling mbedtls_rsa_free() or mbedtls_entropy_free()
+     twice is safe. This happens for RSA when some Mbed TLS library functions
+     fail. Such a double-free was not safe when MBEDTLS_THREADING_C was
+     enabled on platforms where freeing a mutex twice is not safe.
+   * Fix a resource leak in a bad-arguments case of mbedtls_rsa_gen_key()
+     when MBEDTLS_THREADING_C is enabled on platforms where initializing
+     a mutex allocates resources.
+   * Fixes a bug where, if the library was configured to include support for
+     both the old SE interface and the new PSA driver interface, external keys were
+     not loaded from storage. This was fixed by #3996.
+   * This change makes 'mbedtls_x509write_crt_set_basic_constraints'
+     consistent with RFC 5280 4.2.1.9 which says: "Conforming CAs MUST
+     include this extension in all CA certificates that contain public keys
+     used to validate digital signatures on certificates and MUST mark the
+     extension as critical in such certificates." Previous to this change,
+     the extension was always marked as non-critical. This was fixed by
+     #3698.
+
+Changes
+   * A new library C file psa_crypto_client.c has been created to contain
+     the PSA code needed by a PSA crypto client when the PSA crypto
+     implementation is not included into the library.
+   * On recent enough versions of FreeBSD and DragonFlyBSD, the entropy module
+     now uses the getrandom syscall instead of reading from /dev/urandom.
 
 = mbed TLS 2.25.0 branch released 2020-12-11
 
@@ -20,7 +795,7 @@ Requirement changes
      warning on CMake 3.19.0. #3801
 
 New deprecations
-   * PSA_KEY_TYPE_CHACHA20 and PSA_KEY_TYPE_ARC4 have been deprecated.
+   * PSA_ALG_CHACHA20 and PSA_ALG_ARC4 have been deprecated.
      Use PSA_ALG_STREAM_CIPHER instead.
    * The functions mbedtls_cipher_auth_encrypt() and
      mbedtls_cipher_auth_decrypt() are deprecated in favour of the new
@@ -91,7 +866,7 @@ Security
      Johan Malmgren and Johan Uppman Bruce from Sectra.
 
 Bugfix
-   * Fix an invalid (but nonzero) return code from mbedtls_pk_parse_subpubkey()
+   * Fix an invalid (but non-zero) return code from mbedtls_pk_parse_subpubkey()
      when the input has trailing garbage. Fixes #2512.
    * Fix build failure in configurations where MBEDTLS_USE_PSA_CRYPTO is
      enabled but ECDSA is disabled. Contributed by jdurkop. Fixes #3294.
diff --git a/3rdparty/mbedtls-2.25.0/ChangeLog.d/00README.md b/3rdparty/mbedtls-2.28.7/ChangeLog.d/00README.md
similarity index 94%
rename from 3rdparty/mbedtls-2.25.0/ChangeLog.d/00README.md
rename to 3rdparty/mbedtls-2.28.7/ChangeLog.d/00README.md
index d2ea73d..2fbc989 100644
--- a/3rdparty/mbedtls-2.25.0/ChangeLog.d/00README.md
+++ b/3rdparty/mbedtls-2.28.7/ChangeLog.d/00README.md
@@ -21,6 +21,9 @@ We generally don't include changelog entries for:
 * Performance improvements, unless they are particularly significant.
 * Changes to parts of the code base that users don't interact with directly,
   such as test code and test data.
+* Fixes for compiler warnings. Releases typically contain a number of fixes
+  of this kind, so we will only mention them in the Changelog if they are
+  particularly significant.
 
 Until Mbed TLS 2.24.0, we required changelog entries in more cases.
 Looking at older changelog entries is good practice for how to write a
diff --git a/3rdparty/mbedtls-2.25.0/DartConfiguration.tcl b/3rdparty/mbedtls-2.28.7/DartConfiguration.tcl
similarity index 77%
rename from 3rdparty/mbedtls-2.25.0/DartConfiguration.tcl
rename to 3rdparty/mbedtls-2.28.7/DartConfiguration.tcl
index dfa0f07..af0578a 100644
--- a/3rdparty/mbedtls-2.25.0/DartConfiguration.tcl
+++ b/3rdparty/mbedtls-2.28.7/DartConfiguration.tcl
@@ -1,4 +1,4 @@
 Site: localhost
-BuildName: mbed TLS-test
+BuildName: Mbed TLS-test
 CoverageCommand: /usr/bin/gcov
 MemoryCheckCommand: /usr/bin/valgrind
diff --git a/3rdparty/mbedtls-2.28.7/LICENSE b/3rdparty/mbedtls-2.28.7/LICENSE
new file mode 100644
index 0000000..776ac77
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/LICENSE
@@ -0,0 +1,553 @@
+Mbed TLS files are provided under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html)
+OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license.
+This means that users may choose which of these licenses they take the code
+under.
+
+The full text of each of these licenses is given below.
+
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+
+
+===============================================================================
+
+
+                    GNU GENERAL PUBLIC LICENSE
+                       Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+                            Preamble
+
+  The licenses for most software are designed to take away your
+freedom to share and change it.  By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users.  This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it.  (Some other Free Software Foundation software is covered by
+the GNU Lesser General Public License instead.)  You can apply it to
+your programs, too.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+  To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+  For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have.  You must make sure that they, too, receive or can get the
+source code.  And you must show them these terms so they know their
+rights.
+
+  We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+  Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software.  If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+  Finally, any free program is threatened constantly by software
+patents.  We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary.  To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+                    GNU GENERAL PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License.  The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language.  (Hereinafter, translation is included without limitation in
+the term "modification".)  Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope.  The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+  1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+  2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+    a) You must cause the modified files to carry prominent notices
+    stating that you changed the files and the date of any change.
+
+    b) You must cause any work that you distribute or publish, that in
+    whole or in part contains or is derived from the Program or any
+    part thereof, to be licensed as a whole at no charge to all third
+    parties under the terms of this License.
+
+    c) If the modified program normally reads commands interactively
+    when run, you must cause it, when started running for such
+    interactive use in the most ordinary way, to print or display an
+    announcement including an appropriate copyright notice and a
+    notice that there is no warranty (or else, saying that you provide
+    a warranty) and that users may redistribute the program under
+    these conditions, and telling the user how to view a copy of this
+    License.  (Exception: if the Program itself is interactive but
+    does not normally print such an announcement, your work based on
+    the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole.  If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works.  But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+  3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+    a) Accompany it with the complete corresponding machine-readable
+    source code, which must be distributed under the terms of Sections
+    1 and 2 above on a medium customarily used for software interchange; or,
+
+    b) Accompany it with a written offer, valid for at least three
+    years, to give any third party, for a charge no more than your
+    cost of physically performing source distribution, a complete
+    machine-readable copy of the corresponding source code, to be
+    distributed under the terms of Sections 1 and 2 above on a medium
+    customarily used for software interchange; or,
+
+    c) Accompany it with the information you received as to the offer
+    to distribute corresponding source code.  (This alternative is
+    allowed only for noncommercial distribution and only if you
+    received the program in object code or executable form with such
+    an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it.  For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable.  However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+  4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License.  Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+  5. You are not required to accept this License, since you have not
+signed it.  However, nothing else grants you permission to modify or
+distribute the Program or its derivative works.  These actions are
+prohibited by law if you do not accept this License.  Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+  6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions.  You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+  7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all.  For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices.  Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+  8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded.  In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+  9. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time.  Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation.  If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+  10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission.  For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this.  Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+                            NO WARRANTY
+
+  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+                     END OF TERMS AND CONDITIONS
+
+            How to Apply These Terms to Your New Programs
+
+  If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+  To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the program's name and a brief idea of what it does.>
+    Copyright (C) <year>  <name of author>
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 2 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License along
+    with this program; if not, write to the Free Software Foundation, Inc.,
+    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+Also add information on how to contact you by electronic and paper mail.
+
+If the program is interactive, make it output a short notice like this
+when it starts in an interactive mode:
+
+    Gnomovision version 69, Copyright (C) year name of author
+    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+    This is free software, and you are welcome to redistribute it
+    under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License.  Of course, the commands you use may
+be called something other than `show w' and `show c'; they could even be
+mouse-clicks or menu items--whatever suits your program.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the program, if
+necessary.  Here is a sample; alter the names:
+
+  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
+  `Gnomovision' (which makes passes at compilers) written by James Hacker.
+
+  <signature of Ty Coon>, 1 April 1989
+  Ty Coon, President of Vice
+
+This General Public License does not permit incorporating your program into
+proprietary programs.  If your program is a subroutine library, you may
+consider it more useful to permit linking proprietary applications with the
+library.  If this is what you want to do, use the GNU Lesser General
+Public License instead of this License.
diff --git a/3rdparty/mbedtls-2.28.7/Makefile b/3rdparty/mbedtls-2.28.7/Makefile
new file mode 100644
index 0000000..1efe89d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/Makefile
@@ -0,0 +1,144 @@
+DESTDIR=/usr/local
+PREFIX=mbedtls_
+
+.SILENT:
+
+.PHONY: all no_test programs lib tests install uninstall clean test check lcov apidoc apidoc_clean
+
+all: programs tests
+	$(MAKE) post_build
+
+no_test: programs
+
+programs: lib mbedtls_test
+	$(MAKE) -C programs
+
+lib:
+	$(MAKE) -C library
+
+tests: lib mbedtls_test
+	$(MAKE) -C tests
+
+mbedtls_test:
+	$(MAKE) -C tests mbedtls_test
+
+ifndef WINDOWS
+install: no_test
+	mkdir -p $(DESTDIR)/include/mbedtls
+	cp -rp include/mbedtls $(DESTDIR)/include
+	mkdir -p $(DESTDIR)/include/psa
+	cp -rp include/psa $(DESTDIR)/include
+
+	mkdir -p $(DESTDIR)/lib
+	cp -RP library/libmbedtls.*    $(DESTDIR)/lib
+	cp -RP library/libmbedx509.*   $(DESTDIR)/lib
+	cp -RP library/libmbedcrypto.* $(DESTDIR)/lib
+
+	mkdir -p $(DESTDIR)/bin
+	for p in programs/*/* ; do              \
+	    if [ -x $$p ] && [ ! -d $$p ] ;     \
+	    then                                \
+	        f=$(PREFIX)`basename $$p` ;     \
+	        cp $$p $(DESTDIR)/bin/$$f ;     \
+	    fi                                  \
+	done
+
+uninstall:
+	rm -rf $(DESTDIR)/include/mbedtls
+	rm -rf $(DESTDIR)/include/psa
+	rm -f $(DESTDIR)/lib/libmbedtls.*
+	rm -f $(DESTDIR)/lib/libmbedx509.*
+	rm -f $(DESTDIR)/lib/libmbedcrypto.*
+
+	for p in programs/*/* ; do              \
+	    if [ -x $$p ] && [ ! -d $$p ] ;     \
+	    then                                \
+	        f=$(PREFIX)`basename $$p` ;     \
+	        rm -f $(DESTDIR)/bin/$$f ;      \
+	    fi                                  \
+	done
+endif
+
+WARNING_BORDER      =*******************************************************\n
+NULL_ENTROPY_WARN_L1=****  WARNING!  MBEDTLS_TEST_NULL_ENTROPY defined! ****\n
+NULL_ENTROPY_WARN_L2=****  THIS BUILD HAS NO DEFINED ENTROPY SOURCES    ****\n
+NULL_ENTROPY_WARN_L3=****  AND IS *NOT* SUITABLE FOR PRODUCTION USE     ****\n
+
+NULL_ENTROPY_WARNING=\n$(WARNING_BORDER)$(NULL_ENTROPY_WARN_L1)$(NULL_ENTROPY_WARN_L2)$(NULL_ENTROPY_WARN_L3)$(WARNING_BORDER)
+
+WARNING_BORDER_LONG      =**********************************************************************************\n
+CTR_DRBG_128_BIT_KEY_WARN_L1=****  WARNING!  MBEDTLS_CTR_DRBG_USE_128_BIT_KEY defined!                      ****\n
+CTR_DRBG_128_BIT_KEY_WARN_L2=****  Using 128-bit keys for CTR_DRBG limits the security of generated         ****\n
+CTR_DRBG_128_BIT_KEY_WARN_L3=****  keys and operations that use random values generated to 128-bit security ****\n
+
+CTR_DRBG_128_BIT_KEY_WARNING=\n$(WARNING_BORDER_LONG)$(CTR_DRBG_128_BIT_KEY_WARN_L1)$(CTR_DRBG_128_BIT_KEY_WARN_L2)$(CTR_DRBG_128_BIT_KEY_WARN_L3)$(WARNING_BORDER_LONG)
+
+# Post build steps
+post_build:
+ifndef WINDOWS
+
+	# If 128-bit keys are configured for CTR_DRBG, display an appropriate warning
+	-scripts/config.py get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY && ([ $$? -eq 0 ]) && \
+	    echo '$(CTR_DRBG_128_BIT_KEY_WARNING)'
+
+	# If NULL Entropy is configured, display an appropriate warning
+	-scripts/config.py get MBEDTLS_TEST_NULL_ENTROPY && ([ $$? -eq 0 ]) && \
+	    echo '$(NULL_ENTROPY_WARNING)'
+endif
+
+clean:
+	$(MAKE) -C library clean
+	$(MAKE) -C programs clean
+	$(MAKE) -C tests clean
+ifndef WINDOWS
+	find . \( -name \*.gcno -o -name \*.gcda -o -name \*.info \) -exec rm {} +
+endif
+
+check: lib tests
+	$(MAKE) -C tests check
+
+test: check
+
+ifndef WINDOWS
+# For coverage testing:
+# 1. Build with:
+#         make CFLAGS='--coverage -g3 -O0' LDFLAGS='--coverage'
+# 2. Run the relevant tests for the part of the code you're interested in.
+#    For the reference coverage measurement, see
+#    tests/scripts/basic-build-test.sh
+# 3. Run scripts/lcov.sh to generate an HTML report.
+lcov:
+	scripts/lcov.sh
+
+apidoc:
+	mkdir -p apidoc
+	cd doxygen && doxygen mbedtls.doxyfile
+
+apidoc_clean:
+	rm -rf apidoc
+endif
+
+## Editor navigation files
+C_SOURCE_FILES = $(wildcard \
+	3rdparty/*/include/*/*.h 3rdparty/*/include/*/*/*.h 3rdparty/*/include/*/*/*/*.h \
+	3rdparty/*/*.c 3rdparty/*/*/*.c 3rdparty/*/*/*/*.c 3rdparty/*/*/*/*/*.c \
+	include/*/*.h \
+	library/*.[hc] \
+	programs/*/*.[hc] \
+	tests/include/*/*.h tests/include/*/*/*.h \
+	tests/src/*.c tests/src/*/*.c \
+	tests/suites/*.function \
+)
+# Exuberant-ctags invocation. Other ctags implementations may require different options.
+CTAGS = ctags --langmap=c:+.h.function --line-directives=no -o
+tags: $(C_SOURCE_FILES)
+	$(CTAGS) $@ $(C_SOURCE_FILES)
+TAGS: $(C_SOURCE_FILES)
+	etags --no-line-directive -o $@ $(C_SOURCE_FILES)
+global: GPATH GRTAGS GSYMS GTAGS
+GPATH GRTAGS GSYMS GTAGS: $(C_SOURCE_FILES)
+	ls $(C_SOURCE_FILES) | gtags -f - --gtagsconf .globalrc
+cscope: cscope.in.out cscope.po.out cscope.out
+cscope.in.out cscope.po.out cscope.out: $(C_SOURCE_FILES)
+	cscope -bq -u -Iinclude -Ilibrary $(patsubst %,-I%,$(wildcard 3rdparty/*/include)) -Itests/include $(C_SOURCE_FILES)
+.PHONY: cscope global
diff --git a/3rdparty/mbedtls-2.28.7/README.md b/3rdparty/mbedtls-2.28.7/README.md
new file mode 100644
index 0000000..bbd1fb2
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/README.md
@@ -0,0 +1,264 @@
+README for Mbed TLS
+===================
+
+Mbed TLS is a C library that implements cryptographic primitives, X.509 certificate manipulation and the SSL/TLS and DTLS protocols. Its small code footprint makes it suitable for embedded systems.
+
+Mbed TLS includes a reference implementation of the [PSA Cryptography API](#psa-cryptography-api). This is currently a preview for evaluation purposes only.
+
+Configuration
+-------------
+
+Mbed TLS should build out of the box on most systems. Some platform specific options are available in the fully documented configuration file `include/mbedtls/config.h`, which is also the place where features can be selected. This file can be edited manually, or in a more programmatic way using the Python 3 script `scripts/config.py` (use `--help` for usage instructions).
+
+Compiler options can be set using conventional environment variables such as `CC` and `CFLAGS` when using the Make and CMake build system (see below).
+
+We provide some non-standard configurations focused on specific use cases in the `configs/` directory. You can read more about those in `configs/README.txt`
+
+Documentation
+-------------
+
+The main Mbed TLS documentation is available via [ReadTheDocs](https://mbed-tls.readthedocs.io/).
+
+Documentation for the PSA Cryptography API is available [on GitHub](https://arm-software.github.io/psa-api/crypto/).
+
+To generate a local copy of the library documentation in HTML format, tailored to your compile-time configuration:
+
+1. Make sure that [Doxygen](http://www.doxygen.nl/) is installed. We use version 1.8.11 but slightly older or more recent versions should work.
+1. Run `make apidoc`.
+1. Browse `apidoc/index.html` or `apidoc/modules.html`.
+
+For other sources of documentation, see the [SUPPORT](SUPPORT.md) document.
+
+Compiling
+---------
+
+There are currently three active build systems used within Mbed TLS releases:
+
+-   GNU Make
+-   CMake
+-   Microsoft Visual Studio (Microsoft Visual Studio 2013 or later)
+
+The main systems used for development are CMake and GNU Make. Those systems are always complete and up-to-date. The others should reflect all changes present in the CMake and Make build system, although features may not be ported there automatically.
+
+The Make and CMake build systems create three libraries: libmbedcrypto, libmbedx509, and libmbedtls. Note that libmbedtls depends on libmbedx509 and libmbedcrypto, and libmbedx509 depends on libmbedcrypto. As a result, some linkers will expect flags to be in a specific order, for example the GNU linker wants `-lmbedtls -lmbedx509 -lmbedcrypto`.
+
+### Tool versions
+
+You need the following tools to build the library with the provided makefiles:
+
+* GNU Make or a build tool that CMake supports.
+* A C99 toolchain (compiler, linker, archiver). We actively test with GCC 5.4, Clang 3.8, IAR8 and Visual Studio 2013. More recent versions should work. Slightly older versions may work.
+* Python 3.6 or later to generate the test code.
+* Perl to run the tests.
+
+### Make
+
+We require GNU Make. To build the library and the sample programs, GNU Make and a C compiler are sufficient. Some of the more advanced build targets require some Unix/Linux tools.
+
+We intentionally only use a minimum of functionality in the makefiles in order to keep them as simple and independent of different toolchains as possible, to allow users to more easily move between different platforms. Users who need more features are recommended to use CMake.
+
+In order to build from the source code using GNU Make, just enter at the command line:
+
+    make
+
+In order to run the tests, enter:
+
+    make check
+
+The tests need Python to be built and Perl to be run. If you don't have one of them installed, you can skip building the tests with:
+
+    make no_test
+
+You'll still be able to run a much smaller set of tests with:
+
+    programs/test/selftest
+
+In order to build for a Windows platform, you should use `WINDOWS_BUILD=1` if the target is Windows but the build environment is Unix-like (for instance when cross-compiling, or compiling from an MSYS shell), and `WINDOWS=1` if the build environment is a Windows shell (for instance using mingw32-make) (in that case some targets will not be available).
+
+Setting the variable `SHARED` in your environment will build shared libraries in addition to the static libraries. Setting `DEBUG` gives you a debug build. You can override `CFLAGS` and `LDFLAGS` by setting them in your environment or on the make command line; compiler warning options may be overridden separately using `WARNING_CFLAGS`. Some directory-specific options (for example, `-I` directives) are still preserved.
+
+Please note that setting `CFLAGS` overrides its default value of `-O2` and setting `WARNING_CFLAGS` overrides its default value (starting with `-Wall -Wextra`), so if you just want to add some warning options to the default ones, you can do so by setting `CFLAGS=-O2 -Werror` for example. Setting `WARNING_CFLAGS` is useful when you want to get rid of its default content (for example because your compiler doesn't accept `-Wall` as an option). Directory-specific options cannot be overridden from the command line.
+
+Depending on your platform, you might run into some issues. Please check the Makefiles in `library/`, `programs/` and `tests/` for options to manually add or remove for specific platforms. You can also check [the Mbed TLS Knowledge Base](https://mbed-tls.readthedocs.io/en/latest/kb/) for articles on your platform or issue.
+
+In case you find that you need to do something else as well, please let us know what, so we can add it to the [Mbed TLS Knowledge Base](https://mbed-tls.readthedocs.io/en/latest/kb/).
+
+### CMake
+
+In order to build the source using CMake in a separate directory (recommended), just enter at the command line:
+
+    mkdir /path/to/build_dir && cd /path/to/build_dir
+    cmake /path/to/mbedtls_source
+    cmake --build .
+
+In order to run the tests, enter:
+
+    ctest
+
+The test suites need Python to be built and Perl to be executed. If you don't have one of these installed, you'll want to disable the test suites with:
+
+    cmake -DENABLE_TESTING=Off /path/to/mbedtls_source
+
+If you disabled the test suites, but kept the programs enabled, you can still run a much smaller set of tests with:
+
+    programs/test/selftest
+
+To configure CMake for building shared libraries, use:
+
+    cmake -DUSE_SHARED_MBEDTLS_LIBRARY=On /path/to/mbedtls_source
+
+There are many different build modes available within the CMake buildsystem. Most of them are available for gcc and clang, though some are compiler-specific:
+
+-   `Release`. This generates the default code without any unnecessary information in the binary files.
+-   `Debug`. This generates debug information and disables optimization of the code.
+-   `Coverage`. This generates code coverage information in addition to debug information.
+-   `ASan`. This instruments the code with AddressSanitizer to check for memory errors. (This includes LeakSanitizer, with recent version of gcc and clang.) (With recent version of clang, this mode also instruments the code with UndefinedSanitizer to check for undefined behaviour.)
+-   `ASanDbg`. Same as ASan but slower, with debug information and better stack traces.
+-   `MemSan`. This instruments the code with MemorySanitizer to check for uninitialised memory reads. Experimental, needs recent clang on Linux/x86\_64.
+-   `MemSanDbg`. Same as MemSan but slower, with debug information, better stack traces and origin tracking.
+-   `Check`. This activates the compiler warnings that depend on optimization and treats all warnings as errors.
+
+Switching build modes in CMake is simple. For debug mode, enter at the command line:
+
+    cmake -D CMAKE_BUILD_TYPE=Debug /path/to/mbedtls_source
+
+To list other available CMake options, use:
+
+    cmake -LH
+
+Note that, with CMake, you can't adjust the compiler or its flags after the
+initial invocation of cmake. This means that `CC=your_cc make` and `make
+CC=your_cc` will *not* work (similarly with `CFLAGS` and other variables).
+These variables need to be adjusted when invoking cmake for the first time,
+for example:
+
+    CC=your_cc cmake /path/to/mbedtls_source
+
+If you already invoked cmake and want to change those settings, you need to
+remove the build directory and create it again.
+
+Note that it is possible to build in-place; this will however overwrite the
+provided Makefiles (see `scripts/tmp_ignore_makefiles.sh` if you want to
+prevent `git status` from showing them as modified). In order to do so, from
+the Mbed TLS source directory, use:
+
+    cmake .
+    make
+
+If you want to change `CC` or `CFLAGS` afterwards, you will need to remove the
+CMake cache. This can be done with the following command using GNU find:
+
+    find . -iname '*cmake*' -not -name CMakeLists.txt -exec rm -rf {} +
+
+You can now make the desired change:
+
+    CC=your_cc cmake .
+    make
+
+Regarding variables, also note that if you set CFLAGS when invoking cmake,
+your value of CFLAGS doesn't override the content provided by cmake (depending
+on the build mode as seen above), it's merely prepended to it.
+
+#### Mbed TLS as a subproject
+
+Mbed TLS supports being built as a CMake subproject. One can
+use `add_subdirectory()` from a parent CMake project to include Mbed TLS as a
+subproject.
+
+### Microsoft Visual Studio
+
+The build files for Microsoft Visual Studio are generated for Visual Studio 2010.
+
+The solution file `mbedTLS.sln` contains all the basic projects needed to build the library and all the programs. The files in tests are not generated and compiled, as these need Python and perl environments as well. However, the selftest program in `programs/test/` is still available.
+
+Example programs
+----------------
+
+We've included example programs for a lot of different features and uses in [`programs/`](programs/README.md).
+Please note that the goal of these sample programs is to demonstrate specific features of the library, and the code may need to be adapted to build a real-world application.
+
+Tests
+-----
+
+Mbed TLS includes an elaborate test suite in `tests/` that initially requires Python to generate the tests files (e.g. `test\_suite\_mpi.c`). These files are generated from a `function file` (e.g. `suites/test\_suite\_mpi.function`) and a `data file` (e.g. `suites/test\_suite\_mpi.data`). The `function file` contains the test functions. The `data file` contains the test cases, specified as parameters that will be passed to the test function.
+
+For machines with a Unix shell and OpenSSL (and optionally GnuTLS) installed, additional test scripts are available:
+
+-   `tests/ssl-opt.sh` runs integration tests for various TLS options (renegotiation, resumption, etc.) and tests interoperability of these options with other implementations.
+-   `tests/compat.sh` tests interoperability of every ciphersuite with other implementations.
+-   `tests/scripts/test-ref-configs.pl` test builds in various reduced configurations.
+-   `tests/scripts/depends.py` test builds in configurations with a single curve, key exchange, hash, cipher, or pkalg on.
+-   `tests/scripts/all.sh` runs a combination of the above tests, plus some more, with various build options (such as ASan, full `config.h`, etc).
+
+Instead of manually installing the required versions of all tools required for testing, it is possible to use the Docker images from our CI systems, as explained in [our testing infrastructure repository](https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start).
+
+Porting Mbed TLS
+----------------
+
+Mbed TLS can be ported to many different architectures, OS's and platforms. Before starting a port, you may find the following Knowledge Base articles useful:
+
+-   [Porting Mbed TLS to a new environment or OS](https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS/)
+-   [What external dependencies does Mbed TLS rely on?](https://mbed-tls.readthedocs.io/en/latest/kb/development/what-external-dependencies-does-mbedtls-rely-on/)
+-   [How do I configure Mbed TLS](https://mbed-tls.readthedocs.io/en/latest/kb/compiling-and-building/how-do-i-configure-mbedtls/)
+
+Mbed TLS is mostly written in portable C99; however, it has a few platform requirements that go beyond the standard, but are met by most modern architectures:
+
+- Bytes must be 8 bits.
+- All-bits-zero must be a valid representation of a null pointer.
+- Signed integers must be represented using two's complement.
+- `int` and `size_t` must be at least 32 bits wide.
+- The types `uint8_t`, `uint16_t`, `uint32_t` and their signed equivalents must be available.
+
+PSA cryptography API
+--------------------
+
+### PSA API
+
+Arm's [Platform Security Architecture (PSA)](https://developer.arm.com/architectures/security-architectures/platform-security-architecture) is a holistic set of threat models, security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level.
+
+The [PSA cryptography API](https://arm-software.github.io/psa-api/crypto/) provides access to a set of cryptographic primitives. It has a dual purpose. First, it can be used in a PSA-compliant platform to build services, such as secure boot, secure storage and secure communication. Second, it can also be used independently of other PSA components on any platform.
+
+The design goals of the PSA cryptography API include:
+
+* The API distinguishes caller memory from internal memory, which allows the library to be implemented in an isolated space for additional security. Library calls can be implemented as direct function calls if isolation is not desired, and as remote procedure calls if isolation is desired.
+* The structure of internal data is hidden to the application, which allows substituting alternative implementations at build time or run time, for example, in order to take advantage of hardware accelerators.
+* All access to the keys happens through key identifiers, which allows support for external cryptoprocessors that is transparent to applications.
+* The interface to algorithms is generic, favoring algorithm agility.
+* The interface is designed to be easy to use and hard to accidentally misuse.
+
+Arm welcomes feedback on the design of the API. If you think something could be improved, please open an issue on our Github repository. Alternatively, if you prefer to provide your feedback privately, please email us at [`mbed-crypto@arm.com`](mailto:mbed-crypto@arm.com). All feedback received by email is treated confidentially.
+
+### PSA implementation in Mbed TLS
+
+Mbed TLS includes a reference implementation of the PSA Cryptography API.
+This implementation is not yet as mature as the rest of the library. Some parts of the code have not been reviewed as thoroughly, and some parts of the PSA implementation are not yet well optimized for code size.
+
+The X.509 and TLS code can use PSA cryptography for a limited subset of operations. To enable this support, activate the compilation option `MBEDTLS_USE_PSA_CRYPTO` in `config.h`.
+
+There are currently a few deviations where the library does not yet implement the latest version of the specification. Please refer to the [compliance issues on Github](https://github.com/Mbed-TLS/mbed-crypto/labels/compliance) for an up-to-date list.
+
+### Upcoming features
+
+Future releases of this library will include:
+
+* A driver programming interface, which makes it possible to use hardware accelerators instead of the default software implementation for chosen algorithms.
+* Support for external keys to be stored and manipulated exclusively in a separate cryptoprocessor.
+* A configuration mechanism to compile only the algorithms you need for your application.
+* A wider set of cryptographic algorithms.
+
+License
+-------
+
+Unless specifically indicated otherwise in a file, Mbed TLS files are provided under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license. See the [LICENSE](LICENSE) file for the full text of these licenses, and [the 'License and Copyright' section in the contributing guidelines](CONTRIBUTING.md#License-and-Copyright) for more information.
+
+Contributing
+------------
+
+We gratefully accept bug reports and contributions from the community. Please see the [contributing guidelines](CONTRIBUTING.md) for details on how to do this.
+
+Contact
+-------
+
+* To report a security vulnerability in Mbed TLS, please email <mbed-tls-security@lists.trustedfirmware.org>. For more information, see [`SECURITY.md`](SECURITY.md).
+* To report a bug or request a feature in Mbed TLS, please [file an issue on GitHub](https://github.com/Mbed-TLS/mbedtls/issues/new/choose).
+* Please see [`SUPPORT.md`](SUPPORT.md) for other channels for discussion and support about Mbed TLS.
diff --git a/3rdparty/mbedtls-2.28.7/SECURITY.md b/3rdparty/mbedtls-2.28.7/SECURITY.md
new file mode 100644
index 0000000..732335b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/SECURITY.md
@@ -0,0 +1,137 @@
+## Reporting Vulnerabilities
+
+If you think you have found an Mbed TLS security vulnerability, then please
+send an email to the security team at
+<mbed-tls-security@lists.trustedfirmware.org>.
+
+## Security Incident Handling Process
+
+Our security process is detailed in our
+[security
+center](https://developer.trustedfirmware.org/w/mbed-tls/security-center/).
+
+Its primary goal is to ensure fixes are ready to be deployed when the issue
+goes public.
+
+## Maintained branches
+
+Only the maintained branches, as listed in [`BRANCHES.md`](BRANCHES.md),
+get security fixes.
+Users are urged to always use the latest version of a maintained branch.
+
+## Threat model
+
+We classify attacks based on the capabilities of the attacker.
+
+### Remote attacks
+
+In this section, we consider an attacker who can observe and modify data sent
+over the network. This includes observing the content and timing of individual
+packets, as well as suppressing or delaying legitimate messages, and injecting
+messages.
+
+Mbed TLS aims to fully protect against remote attacks and to enable the user
+application in providing full protection against remote attacks. Said
+protection is limited to providing security guarantees offered by the protocol
+being implemented. (For example Mbed TLS alone won't guarantee that the
+messages will arrive without delay, as the TLS protocol doesn't guarantee that
+either.)
+
+**Warning!** Block ciphers do not yet achieve full protection against attackers
+who can measure the timing of packets with sufficient precision. For details
+and workarounds see the [Block Ciphers](#block-ciphers) section.
+
+### Local attacks
+
+In this section, we consider an attacker who can run software on the same
+machine. The attacker has insufficient privileges to directly access Mbed TLS
+assets such as memory and files.
+
+#### Timing attacks
+
+The attacker is able to observe the timing of instructions executed by Mbed TLS
+by leveraging shared hardware that both Mbed TLS and the attacker have access
+to. Typical attack vectors include cache timings, memory bus contention and
+branch prediction.
+
+Mbed TLS provides limited protection against timing attacks. The cost of
+protecting against timing attacks widely varies depending on the granularity of
+the measurements and the noise present. Therefore the protection in Mbed TLS is
+limited. We are only aiming to provide protection against **publicly
+documented attack techniques**.
+
+As attacks keep improving, so does Mbed TLS's protection. Mbed TLS is moving
+towards a model of fully timing-invariant code, but has not reached this point
+yet.
+
+**Remark:** Timing information can be observed over the network or through
+physical side channels as well. Remote and physical timing attacks are covered
+in the [Remote attacks](remote-attacks) and [Physical
+attacks](physical-attacks) sections respectively.
+
+**Warning!** Block ciphers do not yet achieve full protection. For
+details and workarounds see the [Block Ciphers](#block-ciphers) section.
+
+#### Local non-timing side channels
+
+The attacker code running on the platform has access to some sensor capable of
+picking up information on the physical state of the hardware while Mbed TLS is
+running. This could for example be an analogue-to-digital converter on the
+platform that is located unfortunately enough to pick up the CPU noise.
+
+Mbed TLS doesn't make any security guarantees against local non-timing-based
+side channel attacks. If local non-timing attacks are present in a use case or
+a user application's threat model, they need to be mitigated by the platform.
+
+#### Local fault injection attacks
+
+Software running on the same hardware can affect the physical state of the
+device and introduce faults.
+
+Mbed TLS doesn't make any security guarantees against local fault injection
+attacks. If local fault injection attacks are present in a use case or a user
+application's threat model, they need to be mitigated by the platform.
+
+### Physical attacks
+
+In this section, we consider an attacker who has access to physical information
+about the hardware Mbed TLS is running on and/or can alter the physical state
+of the hardware (e.g. power analysis, radio emissions or fault injection).
+
+Mbed TLS doesn't make any security guarantees against physical attacks. If
+physical attacks are present in a use case or a user application's threat
+model, they need to be mitigated by physical countermeasures.
+
+### Caveats
+
+#### Out-of-scope countermeasures
+
+Mbed TLS has evolved organically and a well defined threat model hasn't always
+been present. Therefore, Mbed TLS might have countermeasures against attacks
+outside the above defined threat model.
+
+The presence of such countermeasures don't mean that Mbed TLS provides
+protection against a class of attacks outside of the above described threat
+model. Neither does it mean that the failure of such a countermeasure is
+considered a vulnerability.
+
+#### Block ciphers
+
+Currently there are four block ciphers in Mbed TLS: AES, CAMELLIA, ARIA and
+DES. The pure software implementation in Mbed TLS implementation uses lookup
+tables, which are vulnerable to timing attacks.
+
+These timing attacks can be physical, local or depending on network latency
+even a remote. The attacks can result in key recovery.
+
+**Workarounds:**
+
+- Turn on hardware acceleration for AES. This is supported only on selected
+  architectures and currently only available for AES. See configuration options
+  `MBEDTLS_AESNI_C` and `MBEDTLS_PADLOCK_C` for details.
+- Add a secure alternative implementation (typically hardware acceleration) for
+  the vulnerable cipher. See the [Alternative Implementations
+Guide](docs/architecture/alternative-implementations.md) for more information.
+- Use cryptographic mechanisms that are not based on block ciphers. In
+  particular, for authenticated encryption, use ChaCha20/Poly1305 instead of
+  block cipher modes. For random generation, use HMAC\_DRBG instead of CTR\_DRBG.
diff --git a/3rdparty/mbedtls-2.28.7/SUPPORT.md b/3rdparty/mbedtls-2.28.7/SUPPORT.md
new file mode 100644
index 0000000..b550e08
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/SUPPORT.md
@@ -0,0 +1,16 @@
+## Documentation
+
+Here are some useful sources of information about using Mbed TLS:
+
+- [ReadTheDocs](https://mbed-tls.readthedocs.io/);
+- API documentation, see the [Documentation section of the
+  README](README.md#documentation);
+- the `docs` directory in the source tree;
+- the [Mbed TLS Knowledge Base](https://mbed-tls.readthedocs.io/en/latest/kb/);
+- the [Mbed TLS mailing-list
+  archives](https://lists.trustedfirmware.org/archives/list/mbed-tls@lists.trustedfirmware.org/).
+
+## Asking Questions
+
+If you can't find your answer in the above sources, please use the [Mbed TLS
+mailing list](https://lists.trustedfirmware.org/mailman3/lists/mbed-tls.lists.trustedfirmware.org).
diff --git a/3rdparty/mbedtls-2.25.0/configs/README.txt b/3rdparty/mbedtls-2.28.7/configs/README.txt
similarity index 95%
rename from 3rdparty/mbedtls-2.25.0/configs/README.txt
rename to 3rdparty/mbedtls-2.28.7/configs/README.txt
index 933fa7f..d2f9bcb 100644
--- a/3rdparty/mbedtls-2.25.0/configs/README.txt
+++ b/3rdparty/mbedtls-2.28.7/configs/README.txt
@@ -23,4 +23,4 @@ them, you can pick one of the following methods:
     make
 
 Note that the second method also works if you want to keep your custom
-configuration file outside the mbed TLS tree.
+configuration file outside the Mbed TLS tree.
diff --git a/3rdparty/mbedtls-2.28.7/configs/config-ccm-psk-dtls1_2.h b/3rdparty/mbedtls-2.28.7/configs/config-ccm-psk-dtls1_2.h
new file mode 100644
index 0000000..3ae9149
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/configs/config-ccm-psk-dtls1_2.h
@@ -0,0 +1,98 @@
+/**
+ * \file config-ccm-psk-dtls1_2.h
+ *
+ * \brief Small configuration for DTLS 1.2 with PSK and AES-CCM ciphersuites
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ * Minimal configuration for DTLS 1.2 with PSK and AES-CCM ciphersuites
+ *
+ * Distinguishing features:
+ * - Optimized for small code size, low bandwidth (on an unreliable transport),
+ *   and low RAM usage.
+ * - No asymmetric cryptography (no certificates, no Diffie-Hellman key
+ *   exchange).
+ * - Fully modern and secure (provided the pre-shared keys are generated and
+ *   stored securely).
+ * - Very low record overhead with CCM-8.
+ * - Includes several optional DTLS features typically used in IoT.
+ *
+ * See README.txt for usage instructions.
+ */
+#ifndef MBEDTLS_CONFIG_H
+#define MBEDTLS_CONFIG_H
+
+/* System support */
+//#define MBEDTLS_HAVE_TIME /* Optionally used in Hello messages */
+/* Other MBEDTLS_HAVE_XXX flags irrelevant for this configuration */
+
+/* Mbed TLS modules */
+#define MBEDTLS_AES_C
+#define MBEDTLS_CCM_C
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_CTR_DRBG_C
+#define MBEDTLS_ENTROPY_C
+#define MBEDTLS_MD_C
+#define MBEDTLS_NET_C
+#define MBEDTLS_SHA256_C
+#define MBEDTLS_SSL_CLI_C
+#define MBEDTLS_SSL_COOKIE_C
+#define MBEDTLS_SSL_SRV_C
+#define MBEDTLS_SSL_TLS_C
+#define MBEDTLS_TIMING_C
+
+/* TLS protocol feature support */
+#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+#define MBEDTLS_SSL_PROTO_TLS1_2
+#define MBEDTLS_SSL_PROTO_DTLS
+#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
+#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
+#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
+#define MBEDTLS_SSL_DTLS_CONNECTION_ID
+#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
+#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+
+/*
+ * Use only CCM_8 ciphersuites, and
+ * save ROM and a few bytes of RAM by specifying our own ciphersuite list
+ */
+#define MBEDTLS_SSL_CIPHERSUITES                        \
+    MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,             \
+    MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8
+
+/*
+ * Save RAM at the expense of interoperability: do this only if you control
+ * both ends of the connection!  (See comments in "mbedtls/ssl.h".)
+ * The optimal size here depends on the typical size of records.
+ */
+#define MBEDTLS_SSL_MAX_CONTENT_LEN             256
+
+/* Save RAM at the expense of ROM */
+#define MBEDTLS_AES_ROM_TABLES
+
+/* Save some RAM by adjusting to your exact needs */
+#define MBEDTLS_PSK_MAX_LEN    16 /* 128-bits keys are generally enough */
+
+/*
+ * You should adjust this to the exact number of sources you're using: default
+ * is the "platform_entropy_poll" source plus a weak clock source, but you may
+ * want to add other ones. Minimum is 3 for the entropy test suite.
+ */
+#define MBEDTLS_ENTROPY_MAX_SOURCES 3
+
+/* These defines are present so that the config modifying scripts can enable
+ * them during tests/scripts/test-ref-configs.pl */
+//#define MBEDTLS_USE_PSA_CRYPTO
+//#define MBEDTLS_PSA_CRYPTO_C
+
+/* Error messages and TLS debugging traces
+ * (huge code size increase, needed for tests/ssl-opt.sh) */
+//#define MBEDTLS_DEBUG_C
+//#define MBEDTLS_ERROR_C
+
+#include "mbedtls/check_config.h"
+
+#endif /* MBEDTLS_CONFIG_H */
diff --git a/3rdparty/mbedtls-2.28.7/configs/config-ccm-psk-tls1_2.h b/3rdparty/mbedtls-2.28.7/configs/config-ccm-psk-tls1_2.h
new file mode 100644
index 0000000..d609835
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/configs/config-ccm-psk-tls1_2.h
@@ -0,0 +1,88 @@
+/**
+ * \file config-ccm-psk-tls1_2.h
+ *
+ * \brief Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ * Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites
+ *
+ * Distinguishing features:
+ * - Optimized for small code size, low bandwidth (on a reliable transport),
+ *   and low RAM usage.
+ * - No asymmetric cryptography (no certificates, no Diffie-Hellman key
+ *   exchange).
+ * - Fully modern and secure (provided the pre-shared keys are generated and
+ *   stored securely).
+ * - Very low record overhead with CCM-8.
+ *
+ * See README.txt for usage instructions.
+ */
+#ifndef MBEDTLS_CONFIG_H
+#define MBEDTLS_CONFIG_H
+
+/* System support */
+//#define MBEDTLS_HAVE_TIME /* Optionally used in Hello messages */
+/* Other MBEDTLS_HAVE_XXX flags irrelevant for this configuration */
+
+/* Mbed TLS modules */
+#define MBEDTLS_AES_C
+#define MBEDTLS_CCM_C
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_CTR_DRBG_C
+#define MBEDTLS_ENTROPY_C
+#define MBEDTLS_MD_C
+#define MBEDTLS_NET_C
+#define MBEDTLS_SHA256_C
+#define MBEDTLS_SSL_CLI_C
+#define MBEDTLS_SSL_SRV_C
+#define MBEDTLS_SSL_TLS_C
+
+/* TLS protocol feature support */
+#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+#define MBEDTLS_SSL_PROTO_TLS1_2
+
+/*
+ * Use only CCM_8 ciphersuites, and
+ * save ROM and a few bytes of RAM by specifying our own ciphersuite list
+ */
+#define MBEDTLS_SSL_CIPHERSUITES                        \
+    MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,             \
+    MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8
+
+/*
+ * Save RAM at the expense of interoperability: do this only if you control
+ * both ends of the connection!  (See comments in "mbedtls/ssl.h".)
+ * The optimal size here depends on the typical size of records.
+ */
+#define MBEDTLS_SSL_MAX_CONTENT_LEN             1024
+
+/* Save RAM at the expense of ROM */
+#define MBEDTLS_AES_ROM_TABLES
+
+/* Save some RAM by adjusting to your exact needs */
+#define MBEDTLS_PSK_MAX_LEN    16 /* 128-bits keys are generally enough */
+
+/*
+ * You should adjust this to the exact number of sources you're using: default
+ * is the "platform_entropy_poll" source, but you may want to add other ones
+ * Minimum is 2 for the entropy test suite.
+ */
+#define MBEDTLS_ENTROPY_MAX_SOURCES 2
+
+/* These defines are present so that the config modifying scripts can enable
+ * them during tests/scripts/test-ref-configs.pl */
+//#define MBEDTLS_USE_PSA_CRYPTO
+//#define MBEDTLS_PSA_CRYPTO_C
+
+/* Error messages and TLS debugging traces
+ * (huge code size increase, needed for tests/ssl-opt.sh) */
+//#define MBEDTLS_DEBUG_C
+//#define MBEDTLS_ERROR_C
+
+#include "mbedtls/check_config.h"
+
+#endif /* MBEDTLS_CONFIG_H */
diff --git a/3rdparty/mbedtls-2.28.7/configs/config-mini-tls1_1.h b/3rdparty/mbedtls-2.28.7/configs/config-mini-tls1_1.h
new file mode 100644
index 0000000..20a137a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/configs/config-mini-tls1_1.h
@@ -0,0 +1,78 @@
+/**
+ * \file config-mini-tls1_1.h
+ *
+ * \brief Minimal configuration for TLS 1.1 (RFC 4346)
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ * Minimal configuration for TLS 1.1 (RFC 4346), implementing only the
+ * required ciphersuite: MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
+ *
+ * See README.txt for usage instructions.
+ */
+
+#ifndef MBEDTLS_CONFIG_H
+#define MBEDTLS_CONFIG_H
+
+/* System support */
+#define MBEDTLS_HAVE_ASM
+#define MBEDTLS_HAVE_TIME
+
+/* Mbed TLS feature support */
+#define MBEDTLS_CIPHER_MODE_CBC
+#define MBEDTLS_PKCS1_V15
+#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+#define MBEDTLS_SSL_PROTO_TLS1_1
+
+/* Mbed TLS modules */
+#define MBEDTLS_AES_C
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_CTR_DRBG_C
+#define MBEDTLS_DES_C
+#define MBEDTLS_ENTROPY_C
+#define MBEDTLS_MD_C
+#define MBEDTLS_MD5_C
+#define MBEDTLS_NET_C
+#define MBEDTLS_OID_C
+#define MBEDTLS_PK_C
+#define MBEDTLS_PK_PARSE_C
+#define MBEDTLS_RSA_C
+#define MBEDTLS_SHA1_C
+#define MBEDTLS_SHA256_C
+#define MBEDTLS_SSL_CLI_C
+#define MBEDTLS_SSL_SRV_C
+#define MBEDTLS_SSL_TLS_C
+#define MBEDTLS_X509_CRT_PARSE_C
+#define MBEDTLS_X509_USE_C
+
+/* For test certificates */
+#define MBEDTLS_BASE64_C
+#define MBEDTLS_CERTS_C
+#define MBEDTLS_PEM_PARSE_C
+
+/* For testing with compat.sh */
+#define MBEDTLS_FS_IO
+
+/* These defines are present so that the config modifying scripts can enable
+ * them during tests/scripts/test-ref-configs.pl */
+//#define MBEDTLS_USE_PSA_CRYPTO
+//#define MBEDTLS_PSA_CRYPTO_C
+
+/* With MBEDTLS_PSA_CRYPTO_C, importing an RSA key requires MBEDTLS_PK_WRITE_C */
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+#define MBEDTLS_PK_WRITE_C
+#endif
+#include "mbedtls/check_config.h"
+
+/* Error messages and TLS debugging traces
+ * (huge code size increase, needed for tests/ssl-opt.sh) */
+//#define MBEDTLS_DEBUG_C
+//#define MBEDTLS_ERROR_C
+
+#endif /* MBEDTLS_CONFIG_H */
diff --git a/3rdparty/mbedtls-2.28.7/configs/config-no-entropy.h b/3rdparty/mbedtls-2.28.7/configs/config-no-entropy.h
new file mode 100644
index 0000000..d11251d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/configs/config-no-entropy.h
@@ -0,0 +1,78 @@
+/**
+ * \file config-no-entropy.h
+ *
+ * \brief Minimal configuration of features that do not require an entropy source
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ * Minimal configuration of features that do not require an entropy source
+ * Distinguishing features:
+ * - no entropy module
+ * - no TLS protocol implementation available due to absence of an entropy
+ *   source
+ *
+ * See README.txt for usage instructions.
+ */
+
+#ifndef MBEDTLS_CONFIG_H
+#define MBEDTLS_CONFIG_H
+
+/* System support */
+#define MBEDTLS_HAVE_ASM
+#define MBEDTLS_HAVE_TIME
+
+/* Mbed TLS feature support */
+#define MBEDTLS_CIPHER_MODE_CBC
+#define MBEDTLS_CIPHER_PADDING_PKCS7
+#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
+#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
+#define MBEDTLS_ECP_NIST_OPTIM
+#define MBEDTLS_ECDSA_DETERMINISTIC
+#define MBEDTLS_PK_RSA_ALT_SUPPORT
+#define MBEDTLS_PKCS1_V15
+#define MBEDTLS_PKCS1_V21
+#define MBEDTLS_SELF_TEST
+#define MBEDTLS_VERSION_FEATURES
+#define MBEDTLS_X509_CHECK_KEY_USAGE
+#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
+
+/* Mbed TLS modules */
+#define MBEDTLS_AES_C
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+#define MBEDTLS_BASE64_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_CCM_C
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_ECDSA_C
+#define MBEDTLS_ECP_C
+#define MBEDTLS_ERROR_C
+#define MBEDTLS_GCM_C
+#define MBEDTLS_HMAC_DRBG_C
+#define MBEDTLS_MD_C
+#define MBEDTLS_OID_C
+#define MBEDTLS_PEM_PARSE_C
+#define MBEDTLS_PK_C
+#define MBEDTLS_PK_PARSE_C
+#define MBEDTLS_PK_WRITE_C
+#define MBEDTLS_PLATFORM_C
+#define MBEDTLS_RSA_C
+#define MBEDTLS_SHA256_C
+#define MBEDTLS_SHA512_C
+#define MBEDTLS_VERSION_C
+#define MBEDTLS_X509_USE_C
+#define MBEDTLS_X509_CRT_PARSE_C
+#define MBEDTLS_X509_CRL_PARSE_C
+//#define MBEDTLS_CMAC_C
+
+/* Miscellaneous options */
+#define MBEDTLS_AES_ROM_TABLES
+
+#include "mbedtls/check_config.h"
+
+#endif /* MBEDTLS_CONFIG_H */
diff --git a/3rdparty/mbedtls-2.25.0/configs/config-suite-b.h b/3rdparty/mbedtls-2.28.7/configs/config-suite-b.h
similarity index 76%
rename from 3rdparty/mbedtls-2.25.0/configs/config-suite-b.h
rename to 3rdparty/mbedtls-2.28.7/configs/config-suite-b.h
index 6eb03a9..58fa691 100644
--- a/3rdparty/mbedtls-2.25.0/configs/config-suite-b.h
+++ b/3rdparty/mbedtls-2.28.7/configs/config-suite-b.h
@@ -5,19 +5,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 /*
  * Minimal configuration for TLS NSA Suite B Profile (RFC 6460)
@@ -40,13 +28,13 @@
 #define MBEDTLS_HAVE_ASM
 #define MBEDTLS_HAVE_TIME
 
-/* mbed TLS feature support */
+/* Mbed TLS feature support */
 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 #define MBEDTLS_SSL_PROTO_TLS1_2
 
-/* mbed TLS modules */
+/* Mbed TLS modules */
 #define MBEDTLS_AES_C
 #define MBEDTLS_ASN1_PARSE_C
 #define MBEDTLS_ASN1_WRITE_C
@@ -80,8 +68,7 @@
 #define MBEDTLS_AES_ROM_TABLES
 
 /* Save RAM by adjusting to our exact needs */
-#define MBEDTLS_ECP_MAX_BITS   384
-#define MBEDTLS_MPI_MAX_SIZE    48 // 384 bits is 48 bytes
+#define MBEDTLS_MPI_MAX_SIZE    48 // 48 bytes for a 384-bit elliptic curve
 
 /* Save RAM at the expense of speed, see ecp.h */
 #define MBEDTLS_ECP_WINDOW_SIZE        2
@@ -104,12 +91,27 @@
 
 /*
  * Save RAM at the expense of interoperability: do this only if you control
- * both ends of the connection!  (See coments in "mbedtls/ssl.h".)
+ * both ends of the connection!  (See comments in "mbedtls/ssl.h".)
  * The minimum size here depends on the certificate chain used as well as the
  * typical size of records.
  */
 #define MBEDTLS_SSL_MAX_CONTENT_LEN             1024
 
+/* These defines are present so that the config modifying scripts can enable
+ * them during tests/scripts/test-ref-configs.pl */
+//#define MBEDTLS_USE_PSA_CRYPTO
+//#define MBEDTLS_PSA_CRYPTO_C
+
+/* With USE_PSA_CRYPTO, some PK operations also need PK_WRITE */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#define MBEDTLS_PK_WRITE_C
+#endif
+
+/* Error messages and TLS debugging traces
+ * (huge code size increase, needed for tests/ssl-opt.sh) */
+//#define MBEDTLS_DEBUG_C
+//#define MBEDTLS_ERROR_C
+
 #include "mbedtls/check_config.h"
 
 #endif /* MBEDTLS_CONFIG_H */
diff --git a/3rdparty/mbedtls-2.25.0/configs/config-symmetric-only.h b/3rdparty/mbedtls-2.28.7/configs/config-symmetric-only.h
similarity index 75%
rename from 3rdparty/mbedtls-2.25.0/configs/config-symmetric-only.h
rename to 3rdparty/mbedtls-2.28.7/configs/config-symmetric-only.h
index f05a0d7..6a6dc48 100644
--- a/3rdparty/mbedtls-2.25.0/configs/config-symmetric-only.h
+++ b/3rdparty/mbedtls-2.28.7/configs/config-symmetric-only.h
@@ -5,19 +5,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #ifndef MBEDTLS_CONFIG_H
@@ -28,7 +16,7 @@
 #define MBEDTLS_HAVE_TIME
 #define MBEDTLS_HAVE_TIME_DATE
 
-/* Mbed Crypto feature support */
+/* Mbed TLS feature support */
 #define MBEDTLS_CIPHER_MODE_CBC
 #define MBEDTLS_CIPHER_MODE_CFB
 #define MBEDTLS_CIPHER_MODE_CTR
@@ -45,7 +33,7 @@
 #define MBEDTLS_USE_PSA_CRYPTO
 #define MBEDTLS_VERSION_FEATURES
 
-/* Mbed Crypto modules */
+/* Mbed TLS modules */
 #define MBEDTLS_AES_C
 #define MBEDTLS_ARC4_C
 #define MBEDTLS_ASN1_PARSE_C
diff --git a/3rdparty/mbedtls-2.28.7/configs/config-thread.h b/3rdparty/mbedtls-2.28.7/configs/config-thread.h
new file mode 100644
index 0000000..f232d83
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/configs/config-thread.h
@@ -0,0 +1,84 @@
+/**
+ * \file config-thread.h
+ *
+ * \brief Minimal configuration for using TLS as part of Thread
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ * Minimal configuration for using TLS a part of Thread
+ * http://threadgroup.org/
+ *
+ * Distinguishing features:
+ * - no RSA or classic DH, fully based on ECC
+ * - no X.509
+ * - support for experimental EC J-PAKE key exchange
+ *
+ * See README.txt for usage instructions.
+ */
+
+#ifndef MBEDTLS_CONFIG_H
+#define MBEDTLS_CONFIG_H
+
+/* System support */
+#define MBEDTLS_HAVE_ASM
+
+/* Mbed TLS feature support */
+#define MBEDTLS_AES_ROM_TABLES
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#define MBEDTLS_ECP_NIST_OPTIM
+#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
+#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+#define MBEDTLS_SSL_PROTO_TLS1_2
+#define MBEDTLS_SSL_PROTO_DTLS
+#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
+#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
+#define MBEDTLS_SSL_EXPORT_KEYS
+
+/* Mbed TLS modules */
+#define MBEDTLS_AES_C
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_CCM_C
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_CTR_DRBG_C
+#define MBEDTLS_CMAC_C
+#define MBEDTLS_ECJPAKE_C
+#define MBEDTLS_ECP_C
+#define MBEDTLS_ENTROPY_C
+#define MBEDTLS_HMAC_DRBG_C
+#define MBEDTLS_MD_C
+#define MBEDTLS_OID_C
+#define MBEDTLS_PK_C
+#define MBEDTLS_PK_PARSE_C
+#define MBEDTLS_SHA256_C
+#define MBEDTLS_SSL_COOKIE_C
+#define MBEDTLS_SSL_CLI_C
+#define MBEDTLS_SSL_SRV_C
+#define MBEDTLS_SSL_TLS_C
+
+/* For tests using ssl-opt.sh */
+#define MBEDTLS_NET_C
+#define MBEDTLS_TIMING_C
+
+/* Save RAM at the expense of ROM */
+#define MBEDTLS_AES_ROM_TABLES
+
+/* Save RAM by adjusting to our exact needs */
+#define MBEDTLS_MPI_MAX_SIZE              32 // 32 bytes for a 256-bit elliptic curve
+
+/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */
+#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
+
+/* These defines are present so that the config modifying scripts can enable
+ * them during tests/scripts/test-ref-configs.pl */
+//#define MBEDTLS_USE_PSA_CRYPTO
+//#define MBEDTLS_PSA_CRYPTO_C
+
+#include "mbedtls/check_config.h"
+
+#endif /* MBEDTLS_CONFIG_H */
diff --git a/3rdparty/mbedtls-2.25.0/dco.txt b/3rdparty/mbedtls-2.28.7/dco.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/dco.txt
rename to 3rdparty/mbedtls-2.28.7/dco.txt
diff --git a/3rdparty/mbedtls-2.28.7/docs/.gitignore b/3rdparty/mbedtls-2.28.7/docs/.gitignore
new file mode 100644
index 0000000..11f197b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/docs/.gitignore
@@ -0,0 +1,4 @@
+*.html
+*.pdf
+_build/
+api/
diff --git a/3rdparty/mbedtls-2.28.7/docs/Makefile b/3rdparty/mbedtls-2.28.7/docs/Makefile
new file mode 100644
index 0000000..47510f9
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/docs/Makefile
@@ -0,0 +1,40 @@
+# Minimal makefile for Sphinx documentation
+#
+
+# You can set these variables from the command line, and also
+# from the environment for the first two.
+SPHINXOPTS    ?=
+SPHINXBUILD   ?= sphinx-build
+SOURCEDIR     = .
+BUILDDIR      = _build
+
+# Put it first so that "make" without argument is like "make help".
+help:
+	@$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
+
+.PHONY: help clean apidoc breathe_apidoc Makefile
+
+# Intercept the 'clean' target so we can do the right thing for apidoc as well
+clean:
+	@# Clean the apidoc
+	$(MAKE) -C .. apidoc_clean
+	@# Clean the breathe-apidoc generated files
+	rm -rf ./api
+	@# Clean the sphinx docs
+	@$(SPHINXBUILD) -M clean "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
+
+apidoc:
+	@# Generate doxygen from source using the main Makefile
+	$(MAKE) -C .. apidoc
+
+breathe_apidoc: apidoc
+	@# Remove existing files - breathe-apidoc skips them if they're present
+	rm -rf ./api
+	@# Generate RST file structure with breathe-apidoc
+	breathe-apidoc -o ./api ../apidoc/xml
+
+# Catch-all target: route all unknown targets to Sphinx using the new
+# "make mode" option.  $(O) is meant as a shortcut for $(SPHINXOPTS).
+%: Makefile breathe_apidoc
+	@# Build the relevant target with sphinx
+	@$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
diff --git a/3rdparty/mbedtls-2.25.0/docs/architecture/Makefile b/3rdparty/mbedtls-2.28.7/docs/architecture/Makefile
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/docs/architecture/Makefile
rename to 3rdparty/mbedtls-2.28.7/docs/architecture/Makefile
diff --git a/3rdparty/mbedtls-2.28.7/docs/architecture/mbed-crypto-storage-specification.md b/3rdparty/mbedtls-2.28.7/docs/architecture/mbed-crypto-storage-specification.md
new file mode 100644
index 0000000..2b99f77
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/docs/architecture/mbed-crypto-storage-specification.md
@@ -0,0 +1,467 @@
+Mbed TLS storage specification
+=================================
+
+This document specifies how Mbed TLS uses storage.
+Key storage was originally introduced in a product called Mbed Crypto, which was re-distributed via Mbed TLS and has since been merged into Mbed TLS.
+This document contains historical information both from before and after this merge.
+
+Mbed Crypto may be upgraded on an existing device with the storage preserved. Therefore:
+
+1. Any change may break existing installations and may require an upgrade path.
+1. This document retains historical information about all past released versions. Do not remove information from this document unless it has always been incorrect or it is about a version that you are sure was never released.
+
+Mbed Crypto 0.1.0
+-----------------
+
+Tags: mbedcrypto-0.1.0b, mbedcrypto-0.1.0b2
+
+Released in November 2018. <br>
+Integrated in Mbed OS 5.11.
+
+Supported backends:
+
+* [PSA ITS](#file-namespace-on-its-for-0.1.0)
+* [C stdio](#file-namespace-on-stdio-for-0.1.0)
+
+Supported features:
+
+* [Persistent transparent keys](#key-file-format-for-0.1.0) designated by a [slot number](#key-names-for-0.1.0).
+* [Nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.1.0) on ITS only.
+
+This is a beta release, and we do not promise backward compatibility, with one exception:
+
+> On Mbed OS, if a device has a nonvolatile random seed file produced with Mbed OS 5.11.x and is upgraded to a later version of Mbed OS, the nonvolatile random seed file is preserved or upgraded.
+
+We do not make any promises regarding key storage, or regarding the nonvolatile random seed file on other platforms.
+
+### Key names for 0.1.0
+
+Information about each key is stored in a dedicated file whose name is constructed from the key identifier. The way in which the file name is constructed depends on the storage backend. The content of the file is described [below](#key-file-format-for-0.1.0).
+
+The valid values for a key identifier are the range from 1 to 0xfffeffff. This limitation on the range is not documented in user-facing documentation: according to the user-facing documentation, arbitrary 32-bit values are valid.
+
+The code uses the following constant in an internal header (note that despite the name, this value is actually one plus the maximum permitted value):
+
+    #define PSA_MAX_PERSISTENT_KEY_IDENTIFIER 0xffff0000
+
+There is a shared namespace for all callers.
+
+### Key file format for 0.1.0
+
+All integers are encoded in little-endian order in 8-bit bytes.
+
+The layout of a key file is:
+
+* magic (8 bytes): `"PSA\0KEY\0"`
+* version (4 bytes): 0
+* type (4 bytes): `psa_key_type_t` value
+* policy usage flags (4 bytes): `psa_key_usage_t` value
+* policy usage algorithm (4 bytes): `psa_algorithm_t` value
+* key material length (4 bytes)
+* key material: output of `psa_export_key`
+* Any trailing data is rejected on load.
+
+### Nonvolatile random seed file format for 0.1.0
+
+The nonvolatile random seed file contains a seed for the random generator. If present, it is rewritten at each boot as part of the random generator initialization.
+
+The file format is just the seed as a byte string with no metadata or encoding of any kind.
+
+### File namespace on ITS for 0.1.0
+
+Assumption: ITS provides a 32-bit file identifier namespace. The Crypto service can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace.
+
+* File 0: unused.
+* Files 1 through 0xfffeffff: [content](#key-file-format-for-0.1.0) of the [key whose identifier is the file identifier](#key-names-for-0.1.0).
+* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.1.0).
+* Files 0xffff0000 through 0xffffff51, 0xffffff53 through 0xffffffff: unused.
+
+### File namespace on stdio for 0.1.0
+
+Assumption: C stdio, allowing names containing lowercase letters, digits and underscores, of length up to 23.
+
+An undocumented build-time configuration value `CRYPTO_STORAGE_FILE_LOCATION` allows storing the key files in a directory other than the current directory. This value is simply prepended to the file name (so it must end with a directory separator to put the keys in a different directory).
+
+* `CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_0"`: used as a temporary file. Must be writable. May be overwritten or deleted if present.
+* `sprintf(CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_%lu", key_id)` [content](#key-file-format-for-0.1.0) of the [key whose identifier](#key-names-for-0.1.0) is `key_id`.
+* Other files: unused.
+
+Mbed Crypto 1.0.0
+-----------------
+
+Tags: mbedcrypto-1.0.0d4, mbedcrypto-1.0.0
+
+Released in February 2019. <br>
+Integrated in Mbed OS 5.12.
+
+Supported integrations:
+
+* [PSA platform](#file-namespace-on-a-psa-platform-for-1.0.0)
+* [library using PSA ITS](#file-namespace-on-its-as-a-library-for-1.0.0)
+* [library using C stdio](#file-namespace-on-stdio-for-1.0.0)
+
+Supported features:
+
+* [Persistent transparent keys](#key-file-format-for-1.0.0) designated by a [key identifier and owner](#key-names-for-1.0.0).
+* [Nonvolatile random seed](#nonvolatile-random-seed-file-format-for-1.0.0) on ITS only.
+
+Backward compatibility commitments: TBD
+
+### Key names for 1.0.0
+
+Information about each key is stored in a dedicated file designated by the key identifier. In integrations where there is no concept of key owner (in particular, in library integrations), the key identifier is exactly the key identifier as defined in the PSA Cryptography API specification (`psa_key_id_t`). In integrations where there is a concept of key owner (integration into a service for example), the key identifier is made of an owner identifier (its semantics and type are integration specific) and of the key identifier (`psa_key_id_t`) from the key owner point of view.
+
+The way in which the file name is constructed from the key identifier depends on the storage backend. The content of the file is described [below](#key-file-format-for-1.0.0).
+
+* Library integration: the key file name is just the key identifier as defined in the PSA crypto specification. This is a 32-bit value.
+* PSA service integration: the key file name is `(uint64_t)owner_uid << 32 | key_id` where `key_id` is the key identifier from the owner point of view and `owner_uid` (of type `int32_t`) is the calling partition identifier provided to the server by the partition manager. This is a 64-bit value.
+
+### Key file format for 1.0.0
+
+The layout is identical to [0.1.0](#key-file-format-for-0.1.0) so far. However note that the encoding of key types, algorithms and key material has changed, therefore the storage format is not compatible (despite using the same value in the version field so far).
+
+### Nonvolatile random seed file format for 1.0.0
+
+The nonvolatile random seed file contains a seed for the random generator. If present, it is rewritten at each boot as part of the random generator initialization.
+
+The file format is just the seed as a byte string with no metadata or encoding of any kind.
+
+This is unchanged since [the feature was introduced in Mbed Crypto 0.1.0](#nonvolatile-random-seed-file-format-for-0.1.0).
+
+### File namespace on a PSA platform for 1.0.0
+
+Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace.
+
+Assumption: the owner identifier is a nonzero value of type `int32_t`.
+
+* Files 0 through 0xffffff51, 0xffffff53 through 0xffffffff: unused, reserved for internal use of the crypto library or crypto service.
+* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.1.0).
+* Files 0x100000000 through 0xffffffffffff: [content](#key-file-format-for-1.0.0) of the [key whose identifier is the file identifier](#key-names-for-1.0.0). The upper 32 bits determine the owner.
+
+### File namespace on ITS as a library for 1.0.0
+
+Assumption: ITS provides a 64-bit file identifier namespace. The entity using the crypto library can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace.
+
+This is a library integration, so there is no owner. The key file identifier is identical to the key identifier.
+
+* File 0: unused.
+* Files 1 through 0xfffeffff: [content](#key-file-format-for-1.0.0) of the [key whose identifier is the file identifier](#key-names-for-1.0.0).
+* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-1.0.0).
+* Files 0xffff0000 through 0xffffff51, 0xffffff53 through 0xffffffff, 0x100000000 through 0xffffffffffffffff: unused.
+
+### File namespace on stdio for 1.0.0
+
+This is a library integration, so there is no owner. The key file identifier is identical to the key identifier.
+
+[Identical to 0.1.0](#file-namespace-on-stdio-for-0.1.0).
+
+### Upgrade from 0.1.0 to 1.0.0.
+
+* Delete files 1 through 0xfffeffff, which contain keys in a format that is no longer supported.
+
+### Suggested changes to make before 1.0.0
+
+The library integration and the PSA platform integration use different sets of file names. This is annoyingly non-uniform. For example, if we want to store non-key files, we have room in different ranges (0 through 0xffffffff on a PSA platform, 0xffff0000 through 0xffffffffffffffff in a library integration).
+
+It would simplify things to always have a 32-bit owner, with a nonzero value, and thus reserve the range 0–0xffffffff for internal library use.
+
+Mbed Crypto 1.1.0
+-----------------
+
+Tags: mbedcrypto-1.1.0
+
+Released in early June 2019. <br>
+Integrated in Mbed OS 5.13.
+
+Changes since [1.0.0](#mbed-crypto-1.0.0):
+
+* The stdio backend for storage has been replaced by an implementation of [PSA ITS over stdio](#file-namespace-on-stdio-for-1.1.0).
+* [Some changes in the key file format](#key-file-format-for-1.1.0).
+
+### File namespace on stdio for 1.1.0
+
+Assumption: C stdio, allowing names containing lowercase letters, digits and underscores, of length up to 23.
+
+An undocumented build-time configuration value `PSA_ITS_STORAGE_PREFIX` allows storing the key files in a directory other than the current directory. This value is simply prepended to the file name (so it must end with a directory separator to put the keys in a different directory).
+
+* `PSA_ITS_STORAGE_PREFIX "tempfile.psa_its"`: used as a temporary file. Must be writable. May be overwritten or deleted if present.
+* `sprintf(PSA_ITS_STORAGE_PREFIX "%016llx.psa_its", key_id)`: a key or non-key file. The `key_id` in the name is the 64-bit file identifier, which is the [key identifier](#key-names-for-mbed-tls-2.25.0) for a key file or some reserved identifier for a non-key file (currently: only the [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-1.0.0)). The contents of the file are:
+    * Magic header (8 bytes): `"PSA\0ITS\0"`
+    * File contents.
+
+### Key file format for 1.1.0
+
+The key file format is identical to [1.0.0](#key-file-format-for-1.0.0), except for the following changes:
+
+* A new policy field, marked as [NEW:1.1.0] below.
+* The encoding of key types, algorithms and key material has changed, therefore the storage format is not compatible (despite using the same value in the version field so far).
+
+A self-contained description of the file layout follows.
+
+All integers are encoded in little-endian order in 8-bit bytes.
+
+The layout of a key file is:
+
+* magic (8 bytes): `"PSA\0KEY\0"`
+* version (4 bytes): 0
+* type (4 bytes): `psa_key_type_t` value
+* policy usage flags (4 bytes): `psa_key_usage_t` value
+* policy usage algorithm (4 bytes): `psa_algorithm_t` value
+* policy enrollment algorithm (4 bytes): `psa_algorithm_t` value [NEW:1.1.0]
+* key material length (4 bytes)
+* key material: output of `psa_export_key`
+* Any trailing data is rejected on load.
+
+Mbed Crypto TBD
+---------------
+
+Tags: TBD
+
+Released in TBD 2019. <br>
+Integrated in Mbed OS TBD.
+
+### Changes introduced in TBD
+
+* The layout of a key file now has a lifetime field before the type field.
+* Key files can store references to keys in a secure element. In such key files, the key material contains the slot number.
+
+### File namespace on a PSA platform on TBD
+
+Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace.
+
+Assumption: the owner identifier is a nonzero value of type `int32_t`.
+
+* Files 0 through 0xfffeffff: unused.
+* Files 0xffff0000 through 0xffffffff: reserved for internal use of the crypto library or crypto service. See [non-key files](#non-key-files-on-tbd).
+* Files 0x100000000 through 0xffffffffffff: [content](#key-file-format-for-1.0.0) of the [key whose identifier is the file identifier](#key-names-for-1.0.0). The upper 32 bits determine the owner.
+
+### File namespace on ITS as a library on TBD
+
+Assumption: ITS provides a 64-bit file identifier namespace. The entity using the crypto library can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace.
+
+This is a library integration, so there is no owner. The key file identifier is identical to the key identifier.
+
+* File 0: unused.
+* Files 1 through 0xfffeffff: [content](#key-file-format-for-1.0.0) of the [key whose identifier is the file identifier](#key-names-for-1.0.0).
+* Files 0xffff0000 through 0xffffffff: reserved for internal use of the crypto library or crypto service. See [non-key files](#non-key-files-on-tbd).
+* Files 0x100000000 through 0xffffffffffffffff: unused.
+
+### Non-key files on TBD
+
+File identifiers in the range 0xffff0000 through 0xffffffff are reserved for internal use in Mbed Crypto.
+
+* Files 0xfffffe02 through 0xfffffeff (`PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + lifetime`): secure element driver storage. The content of the file is the secure element driver's persistent data.
+* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-1.0.0).
+* File 0xffffff54 (`PSA_CRYPTO_ITS_TRANSACTION_UID`): [transaction file](#transaction-file-format-for-tbd).
+* Other files are unused and reserved for future use.
+
+### Key file format for TBD
+
+All integers are encoded in little-endian order in 8-bit bytes except where otherwise indicated.
+
+The layout of a key file is:
+
+* magic (8 bytes): `"PSA\0KEY\0"`.
+* version (4 bytes): 0.
+* lifetime (4 bytes): `psa_key_lifetime_t` value.
+* type (4 bytes): `psa_key_type_t` value.
+* policy usage flags (4 bytes): `psa_key_usage_t` value.
+* policy usage algorithm (4 bytes): `psa_algorithm_t` value.
+* policy enrollment algorithm (4 bytes): `psa_algorithm_t` value.
+* key material length (4 bytes).
+* key material:
+    * For a transparent key: output of `psa_export_key`.
+    * For an opaque key (unified driver interface): driver-specific opaque key blob.
+    * For an opaque key (key in a secure element): slot number (8 bytes), in platform endianness.
+* Any trailing data is rejected on load.
+
+### Transaction file format for TBD
+
+The transaction file contains data about an ongoing action that cannot be completed atomically. It exists only if there is an ongoing transaction.
+
+All integers are encoded in platform endianness.
+
+All currently existing transactions concern a key in a secure element.
+
+The layout of a transaction file is:
+
+* type (2 bytes): the [transaction type](#transaction-types-on-tbd).
+* unused (2 bytes)
+* lifetime (4 bytes): `psa_key_lifetime_t` value that corresponds to a key in a secure element.
+* slot number (8 bytes): `psa_key_slot_number_t` value. This is the unique designation of the key for the secure element driver.
+* key identifier (4 bytes in a library integration, 8 bytes on a PSA platform): the internal representation of the key identifier. On a PSA platform, this encodes the key owner in the same way as [in file identifiers for key files](#file-namespace-on-a-psa-platform-on-tbd)).
+
+#### Transaction types on TBD
+
+* 0x0001: key creation. The following locations may or may not contain data about the key that is being created:
+    * The slot in the secure element designated by the slot number.
+    * The file containing the key metadata designated by the key identifier.
+    * The driver persistent data.
+* 0x0002: key destruction. The following locations may or may not still contain data about the key that is being destroyed:
+    * The slot in the secure element designated by the slot number.
+    * The file containing the key metadata designated by the key identifier.
+    * The driver persistent data.
+
+Mbed Crypto TBD
+---------------
+
+Tags: TBD
+
+Released in TBD 2020. <br>
+Integrated in Mbed OS TBD.
+
+### Changes introduced in TBD
+
+* The type field has been split into a type and a bits field of 2 bytes each.
+
+### Key file format for TBD
+
+All integers are encoded in little-endian order in 8-bit bytes except where otherwise indicated.
+
+The layout of a key file is:
+
+* magic (8 bytes): `"PSA\0KEY\0"`.
+* version (4 bytes): 0.
+* lifetime (4 bytes): `psa_key_lifetime_t` value.
+* type (2 bytes): `psa_key_type_t` value.
+* bits (2 bytes): `psa_key_bits_t` value.
+* policy usage flags (4 bytes): `psa_key_usage_t` value.
+* policy usage algorithm (4 bytes): `psa_algorithm_t` value.
+* policy enrollment algorithm (4 bytes): `psa_algorithm_t` value.
+* key material length (4 bytes).
+* key material:
+    * For a transparent key: output of `psa_export_key`.
+    * For an opaque key (unified driver interface): driver-specific opaque key blob.
+    * For an opaque key (key in a secure element): slot number (8 bytes), in platform endianness.
+* Any trailing data is rejected on load.
+
+Mbed TLS 2.25.0
+---------------
+
+Tags: `mbedtls-2.25.0`, `mbedtls-2.26.0`, `mbedtls-2.27.0`, `mbedtls-2.28.0` (continued in early 3.x releases)
+
+First released in December 2020.
+
+Note: this is the first version that is officially supported. The version number is still 0.
+
+Backward compatibility commitments: we promise backward compatibility for stored keys when Mbed TLS is upgraded from x to y if x >= 2.25 and y < 4. See [`BRANCHES.md`](../../BRANCHES.md) for more details.
+
+Supported integrations:
+
+* [PSA platform](#file-namespace-on-a-psa-platform-on-mbed-tls-2.25.0)
+* [library using PSA ITS](#file-namespace-on-its-as-a-library-on-mbed-tls-2.25.0)
+* [library using C stdio](#file-namespace-on-stdio-for-mbed-tls-2.25.0)
+
+Supported features:
+
+* [Persistent keys](#key-file-format-for-mbed-tls-2.25.0) designated by a [key identifier and owner](#key-names-for-mbed-tls-2.25.0). Keys can be:
+    * Transparent, stored in the export format.
+    * Opaque, using the unified driver interface with statically registered drivers (`MBEDTLS_PSA_CRYPTO_DRIVERS`). The driver determines the content of the opaque key blob.
+    * Opaque, using the deprecated secure element interface with dynamically registered drivers (`MBEDTLS_PSA_CRYPTO_SE_C`). The driver picks a slot number which is stored in the place of the key material.
+* [Nonvolatile random seed](#nonvolatile-random-seed-file-format-for-mbed-tls-2.25.0) on ITS only.
+
+### Changes introduced in Mbed TLS 2.25.0
+
+* The numerical encodings of `psa_key_type_t`, `psa_key_usage_t` and `psa_algorithm_t` have changed.
+
+### File namespace on a PSA platform on Mbed TLS 2.25.0
+
+Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace.
+
+Assumption: the owner identifier is a nonzero value of type `int32_t`.
+
+* Files 0 through 0xfffeffff: unused.
+* Files 0xffff0000 through 0xffffffff: reserved for internal use of the crypto library or crypto service. See [non-key files](#non-key-files-on-mbed-tls-2.25.0).
+* Files 0x100000000 through 0xffffffffffff: [content](#key-file-format-for-mbed-tls-2.25.0) of the [key whose identifier is the file identifier](#key-names-for-mbed-tls-2.25.0). The upper 32 bits determine the owner.
+
+### File namespace on ITS as a library on Mbed TLS 2.25.0
+
+Assumption: ITS provides a 64-bit file identifier namespace. The entity using the crypto library can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace.
+
+This is a library integration, so there is no owner. The key file identifier is identical to the key identifier.
+
+* File 0: unused.
+* Files 1 through 0xfffeffff: [content](#key-file-format-for-mbed-tls-2.25.0) of the [key whose identifier is the file identifier](#key-names-for-mbed-tls-2.25.0).
+* Files 0xffff0000 through 0xffffffff: reserved for internal use of the crypto library or crypto service. See [non-key files](#non-key-files-on-mbed-tls-2.25.0).
+* Files 0x100000000 through 0xffffffffffffffff: unused.
+
+### File namespace on stdio for Mbed TLS 2.25.0
+
+Assumption: C stdio, allowing names containing lowercase letters, digits and underscores, of length up to 23.
+
+An undocumented build-time configuration value `PSA_ITS_STORAGE_PREFIX` allows storing the key files in a directory other than the current directory. This value is simply prepended to the file name (so it must end with a directory separator to put the keys in a different directory).
+
+* `PSA_ITS_STORAGE_PREFIX "tempfile.psa_its"`: used as a temporary file. Must be writable. May be overwritten or deleted if present.
+* `sprintf(PSA_ITS_STORAGE_PREFIX "%016llx.psa_its", key_id)`: a key or non-key file. The `key_id` in the name is the 64-bit file identifier, which is the [key identifier](#key-names-for-mbed-tls-2.25.0) for a key file or some reserved identifier for a [non-key file](#non-key-files-on-mbed-tls-2.25.0). The contents of the file are:
+    * Magic header (8 bytes): `"PSA\0ITS\0"`
+    * File contents.
+
+### Key names for Mbed TLS 2.25.0
+
+Information about each key is stored in a dedicated file designated by the key identifier. In integrations where there is no concept of key owner (in particular, in library integrations), the key identifier is exactly the key identifier as defined in the PSA Cryptography API specification (`psa_key_id_t`). In integrations where there is a concept of key owner (integration into a service for example), the key identifier is made of an owner identifier (its semantics and type are integration specific) and of the key identifier (`psa_key_id_t`) from the key owner point of view.
+
+The way in which the file name is constructed from the key identifier depends on the storage backend. The content of the file is described [below](#key-file-format-for-mbed-tls-2.25.0).
+
+* Library integration: the key file name is just the key identifier as defined in the PSA crypto specification. This is a 32-bit value which must be in the range 0x00000001..0x3fffffff (`PSA_KEY_ID_USER_MIN`..`PSA_KEY_ID_USER_MAX`).
+* PSA service integration: the key file name is `(uint64_t)owner_uid << 32 | key_id` where `key_id` is the key identifier from the owner point of view and `owner_uid` (of type `int32_t`) is the calling partition identifier provided to the server by the partition manager. This is a 64-bit value.
+
+### Key file format for Mbed TLS 2.25.0
+
+All integers are encoded in little-endian order in 8-bit bytes except where otherwise indicated.
+
+The layout of a key file is:
+
+* magic (8 bytes): `"PSA\0KEY\0"`.
+* version (4 bytes): 0.
+* lifetime (4 bytes): `psa_key_lifetime_t` value.
+* type (2 bytes): `psa_key_type_t` value.
+* bits (2 bytes): `psa_key_bits_t` value.
+* policy usage flags (4 bytes): `psa_key_usage_t` value.
+* policy usage algorithm (4 bytes): `psa_algorithm_t` value.
+* policy enrollment algorithm (4 bytes): `psa_algorithm_t` value.
+* key material length (4 bytes).
+* key material:
+    * For a transparent key: output of `psa_export_key`.
+    * For an opaque key (unified driver interface): driver-specific opaque key blob.
+    * For an opaque key (key in a dynamic secure element): slot number (8 bytes), in platform endianness.
+* Any trailing data is rejected on load.
+
+### Non-key files on Mbed TLS 2.25.0
+
+File identifiers that are outside the range of persistent key identifiers are reserved for internal use by the library. The only identifiers currently in use have the owner id (top 32 bits) set to 0.
+
+* Files 0xfffffe02 through 0xfffffeff (`PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + lifetime`): dynamic secure element driver storage. The content of the file is the secure element driver's persistent data.
+* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-mbed-tls-2.25.0).
+* File 0xffffff54 (`PSA_CRYPTO_ITS_TRANSACTION_UID`): [transaction file](#transaction-file-format-for-mbed-tls-2.25.0).
+* Other files are unused and reserved for future use.
+
+### Nonvolatile random seed file format for Mbed TLS 2.25.0
+
+[Identical to Mbed Crypto 0.1.0](#nonvolatile-random-seed-file-format-for-0.1.0).
+
+### Transaction file format for Mbed TLS 2.25.0
+
+The transaction file contains data about an ongoing action that cannot be completed atomically. It exists only if there is an ongoing transaction.
+
+All integers are encoded in platform endianness.
+
+All currently existing transactions concern a key in a dynamic secure element.
+
+The layout of a transaction file is:
+
+* type (2 bytes): the [transaction type](#transaction-types-on-mbed-tls-2.25.0).
+* unused (2 bytes)
+* lifetime (4 bytes): `psa_key_lifetime_t` value that corresponds to a key in a secure element.
+* slot number (8 bytes): `psa_key_slot_number_t` value. This is the unique designation of the key for the secure element driver.
+* key identifier (4 bytes in a library integration, 8 bytes on a PSA platform): the internal representation of the key identifier. On a PSA platform, this encodes the key owner in the same way as [in file identifiers for key files](#file-namespace-on-a-psa-platform-on-mbed-tls-2.25.0)).
+
+#### Transaction types on Mbed TLS 2.25.0
+
+* 0x0001: key creation. The following locations may or may not contain data about the key that is being created:
+    * The slot in the secure element designated by the slot number.
+    * The file containing the key metadata designated by the key identifier.
+    * The driver persistent data.
+* 0x0002: key destruction. The following locations may or may not still contain data about the key that is being destroyed:
+    * The slot in the secure element designated by the slot number.
+    * The file containing the key metadata designated by the key identifier.
+    * The driver persistent data.
diff --git a/3rdparty/mbedtls-2.28.7/docs/architecture/psa-crypto-implementation-structure.md b/3rdparty/mbedtls-2.28.7/docs/architecture/psa-crypto-implementation-structure.md
new file mode 100644
index 0000000..6a0a095
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/docs/architecture/psa-crypto-implementation-structure.md
@@ -0,0 +1,73 @@
+PSA Cryptography API implementation and PSA driver interface
+===========================================================
+
+## Introduction
+
+The [PSA Cryptography API specification](https://armmbed.github.io/mbed-crypto/psa/#application-programming-interface) defines an interface to cryptographic operations for which the Mbed TLS library provides a reference implementation. The PSA Cryptography API specification is complemented by the PSA driver interface specification which defines an interface for cryptoprocessor drivers.
+
+This document describes the high level organization of the Mbed TLS PSA Cryptography API implementation which is tightly related to the PSA driver interface.
+
+## High level organization of the Mbed TLS PSA Cryptography API implementation
+In one sentence, the Mbed TLS PSA Cryptography API implementation is made of a core and PSA drivers as defined in the PSA driver interface. The key point is that software cryptographic operations are organized as PSA drivers: they interact with the core through the PSA driver interface.
+
+### Rationale
+
+* Addressing software and hardware cryptographic implementations through the same C interface reduces the core code size and its call graph complexity. The core and its dispatching to software and hardware implementations are consequently easier to test and validate.
+* The organization of the software cryptographic implementations in drivers promotes modularization of those implementations.
+* As hardware capabilities, software cryptographic functionalities can be described by a JSON driver description file as defined in the PSA driver interface.
+* Along with JSON driver description files, the PSA driver specification defines the deliverables for a driver to be included into the Mbed TLS PSA Cryptography implementation. This provides a natural framework to integrate third party or alternative software implementations of cryptographic operations.
+
+## The Mbed TLS PSA Cryptography API implementation core
+
+The core implements all the APIs as defined in the PSA Cryptography API specification but does not perform on its own any cryptographic operation. The core relies on PSA drivers to actually
+perform the cryptographic operations. The core is responsible for:
+
+* the key store.
+* checking PSA API arguments and translating them into valid arguments for the necessary calls to the PSA driver interface.
+* dispatching the cryptographic operations to the appropriate PSA drivers.
+
+The sketch of an Mbed TLS PSA cryptographic API implementation is thus:
+```C                                                                            
+psa_status_t psa_api( ... )
+{
+    psa_status_t status;
+
+    /* Pre driver interface call processing: validation of arguments, building
+     * of arguments for the call to the driver interface, ... */
+
+    ...
+
+    /* Call to the driver interface */
+    status = psa_driver_wrapper_<entry_point>( ... );
+    if( status != PSA_SUCCESS )
+        return( status );
+
+    /* Post driver interface call processing: validation of the values returned
+     * by the driver, finalization of the values to return to the caller,
+     * clean-up in case of error ... */
+}
+```
+The code of most PSA APIs is expected to match precisely the above layout. However, it is likely that the code structure of some APIs will be more complicated with several calls to the driver interface, mainly to encompass a larger variety of hardware designs. For example, to encompass hardware accelerators that are capable of verifying a MAC and those that are only capable of computing a MAC, the psa_mac_verify() API could call first psa_driver_wrapper_mac_verify() and then fallback to psa_driver_wrapper_mac_compute().
+
+The implementations of `psa_driver_wrapper_<entry_point>` functions are generated by the build system based on the JSON driver description files of the various PSA drivers making up the Mbed TLS PSA Cryptography API implementation. The implementations are generated in a psa_crypto_driver_wrappers.c C file and the function prototypes declared in a psa_crypto_driver_wrappers.h header file.
+
+The psa_driver_wrapper_<entry_point>() functions dispatch cryptographic operations to accelerator drivers, secure element drivers as well as to the software implementations of cryptographic operations.
+
+Note that the implementation allows to build the library with only a C compiler by shipping a generated file corresponding to a pure software implementation. The driver entry points and their code in this generated file are guarded by pre-processor directives based on PSA_WANT_xyz macros (see [Conditional inclusion of cryptographic mechanism through the PSA API in Mbed TLS](psa-conditional-inclusion-c.html). That way, it is possible to compile and include in the library only the desired cryptographic operations.
+
+### Key creation
+
+Key creation implementation in Mbed TLS PSA core is articulated around three internal functions: psa_start_key_creation(), psa_finish_key_creation() and psa_fail_key_creation(). Implementations of key creation PSA APIs, namely psa_import_key(), psa_generate_key(), psa_key_derivation_output_key() and psa_copy_key() go by the following sequence:
+    1. Check the input parameters.
+    2. Call psa_start_key_creation() that allocates a key slot, prepares it with the specified key attributes, and in case of a volatile key assign it a volatile key identifier.
+    3. Generate or copy the key material into the key slot. This entails the allocation of the buffer to store the key material.
+    4. Call psa_finish_key_creation() that mostly saves persistent keys into persistent storage.
+
+In case of any error occurring at step 3 or 4, psa_fail_key_creation() is called. It wipes and cleans the slot especially the key material: reset to zero of the RAM memory that contained the key material, free the allocated buffer.
+
+
+## Mbed TLS PSA Cryptography API implementation drivers
+
+A driver of the Mbed TLS PSA Cryptography API implementation (Mbed TLS PSA driver in the following) is a driver in the sense that it is compliant with the PSA driver interface specification. But it is not an actual driver that drives some hardware. It implements cryptographic operations purely in software.
+
+An Mbed TLS PSA driver C file is named psa_crypto_<driver_name>.c and its associated header file psa_crypto_<driver_name>.h. The functions implementing a driver entry point as defined in the PSA driver interface specification are named as mbedtls_psa_<driver name>_<entry point>(). As an example, the psa_crypto_rsa.c and psa_crypto_rsa.h are the files containing the Mbed TLS PSA driver implementing RSA cryptographic operations. This RSA driver implements among other entry points the "import_key" entry point. The function implementing this entry point is named mbedtls_psa_rsa_import_key().
diff --git a/3rdparty/mbedtls-2.28.7/docs/architecture/tls13-experimental.md b/3rdparty/mbedtls-2.28.7/docs/architecture/tls13-experimental.md
new file mode 100644
index 0000000..10cbfa1
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/docs/architecture/tls13-experimental.md
@@ -0,0 +1,68 @@
+TLS 1.3 Experimental Developments
+=================================
+
+Overview
+--------
+
+Mbed TLS doesn't support the TLS 1.3 protocol yet, but a prototype is in development.
+Stable parts of this prototype that can be independently tested are being successively
+upstreamed under the guard of the following macro:
+
+```
+MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+```
+
+This macro will likely be renamed to `MBEDTLS_SSL_PROTO_TLS1_3` once a minimal viable
+implementation of the TLS 1.3 protocol is available.
+
+See the [documentation of `MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL`](../../include/mbedtls/config.h)
+for more information.
+
+Status
+------
+
+The following lists which parts of the TLS 1.3 prototype have already been upstreamed
+together with their level of testing:
+
+* TLS 1.3 record protection mechanisms
+
+  The record protection routines `mbedtls_ssl_{encrypt|decrypt}_buf()` have been extended
+  to support the modified TLS 1.3 record protection mechanism, including modified computation
+  of AAD, IV, and the introduction of a flexible padding.
+
+  Those record protection routines have unit tests in `test_suite_ssl` alongside the
+  tests for the other record protection routines.
+
+  TODO: Add some test vectors from RFC 8448.
+
+- The HKDF key derivation function on which the TLS 1.3 key schedule is based,
+  is already present as an independent module controlled by `MBEDTLS_HKDF_C`
+  independently of the development of the TLS 1.3 prototype.
+
+- The TLS 1.3-specific HKDF-based key derivation functions (see RFC 8446):
+  * HKDF-Expand-Label
+  * Derive-Secret
+  - Secret evolution
+  * The traffic {Key,IV} generation from secret
+  Those functions are implemented in `library/ssl_tls13_keys.c` and
+  tested in `test_suite_ssl` using test vectors from RFC 8448 and
+  https://tls13.ulfheim.net/.
+
+- New TLS Message Processing Stack (MPS)
+
+  The TLS 1.3 prototype is developed alongside a rewrite of the TLS messaging layer,
+  encompassing low-level details such as record parsing, handshake reassembly, and
+  DTLS retransmission state machine.
+
+  MPS has the following components:
+  - Layer 1 (Datagram handling)
+  - Layer 2 (Record handling)
+  - Layer 3 (Message handling)
+  - Layer 4 (Retransmission State Machine)
+  - Reader  (Abstracted pointer arithmetic and reassembly logic for incoming data)
+  - Writer  (Abstracted pointer arithmetic and fragmentation logic for outgoing data)
+
+  Of those components, the following have been upstreamed
+  as part of `MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL`:
+
+  - Reader ([`library/mps_reader.h`](../../library/mps_reader.h))
diff --git a/3rdparty/mbedtls-2.28.7/docs/conf.py b/3rdparty/mbedtls-2.28.7/docs/conf.py
new file mode 100644
index 0000000..41c50c7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/docs/conf.py
@@ -0,0 +1,34 @@
+# Configuration file for the Sphinx documentation builder.
+#
+# For the full list of built-in configuration values, see the documentation:
+# https://www.sphinx-doc.org/en/master/usage/configuration.html
+
+# -- Project information -----------------------------------------------------
+# https://www.sphinx-doc.org/en/master/usage/configuration.html#project-information
+import glob
+
+project = 'Mbed TLS Versioned'
+copyright = '2023, Mbed TLS Contributors'
+author = 'Mbed TLS Contributors'
+
+# -- General configuration ---------------------------------------------------
+# https://www.sphinx-doc.org/en/master/usage/configuration.html#general-configuration
+
+extensions = ['breathe', 'sphinx.ext.graphviz']
+
+templates_path = ['_templates']
+exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store']
+
+breathe_projects = {
+    'mbedtls-versioned': '../apidoc/xml'
+}
+breathe_default_project = 'mbedtls-versioned'
+
+primary_domain = 'c'
+highlight_language = 'c'
+
+# -- Options for HTML output -------------------------------------------------
+# https://www.sphinx-doc.org/en/master/usage/configuration.html#options-for-html-output
+
+html_theme = 'sphinx_rtd_theme'
+html_static_path = ['_static']
diff --git a/3rdparty/mbedtls-2.28.7/docs/index.rst b/3rdparty/mbedtls-2.28.7/docs/index.rst
new file mode 100644
index 0000000..33a9722
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/docs/index.rst
@@ -0,0 +1,20 @@
+.. Mbed TLS Versioned documentation master file, created by
+   sphinx-quickstart on Thu Feb 23 18:13:44 2023.
+   You can adapt this file completely to your liking, but it should at least
+   contain the root `toctree` directive.
+
+Mbed TLS API documentation
+==========================
+
+.. doxygenpage:: index
+   :project: mbedtls-versioned
+
+.. toctree::
+   :caption: Contents
+   :maxdepth: 1
+
+   Home <self>
+   api/grouplist.rst
+   api/filelist.rst
+   api/structlist.rst
+   api/unionlist.rst
diff --git a/3rdparty/mbedtls-2.25.0/docs/proposed/Makefile b/3rdparty/mbedtls-2.28.7/docs/proposed/Makefile
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/docs/proposed/Makefile
rename to 3rdparty/mbedtls-2.28.7/docs/proposed/Makefile
diff --git a/3rdparty/mbedtls-2.25.0/docs/proposed/README b/3rdparty/mbedtls-2.28.7/docs/proposed/README
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/docs/proposed/README
rename to 3rdparty/mbedtls-2.28.7/docs/proposed/README
diff --git a/3rdparty/mbedtls-2.25.0/docs/proposed/psa-conditional-inclusion-c.md b/3rdparty/mbedtls-2.28.7/docs/proposed/psa-conditional-inclusion-c.md
similarity index 94%
rename from 3rdparty/mbedtls-2.25.0/docs/proposed/psa-conditional-inclusion-c.md
rename to 3rdparty/mbedtls-2.28.7/docs/proposed/psa-conditional-inclusion-c.md
index 52138b1..2ddba7f 100644
--- a/3rdparty/mbedtls-2.25.0/docs/proposed/psa-conditional-inclusion-c.md
+++ b/3rdparty/mbedtls-2.28.7/docs/proposed/psa-conditional-inclusion-c.md
@@ -5,8 +5,6 @@ This document is a proposed interface for deciding at build time which cryptogra
 
 This is currently a proposal for Mbed TLS. It is not currently on track for standardization in PSA.
 
-Time-stamp: "2020/11/26 09:30:50 GMT"
-
 ## Introduction
 
 ### Purpose of this specification
@@ -86,9 +84,17 @@ For each constant or constructor macro of the form `PSA_KEY_TYPE_xxx`, the symbo
 
 For asymmetric cryptography, `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR` determines whether private-key operations are desired, and `PSA_WANT_KEY_TYPE_xxx_PUBLIC_KEY` determines whether public-key operations are desired. `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR` implicitly enables `PSA_WANT_KEY_TYPE_xxx_PUBLIC_KEY`: there is no way to only include private-key operations (which typically saves little code).
 
-#### Configuration symbols for curves
+#### Configuration symbols for elliptic curves
+
+For elliptic curve key types, only the specified curves are included. To include a curve, include a symbol of the form **`PSA_WANT_ECC_family_size`**. For example: `PSA_WANT_ECC_SECP_R1_256` for secp256r1, `PSA_WANT_ECC_MONTGOMERY_255` for Curve25519. It is an error to require an ECC key type but no curve, and Mbed TLS will reject this at compile time.
+
+Rationale: this is a deviation of the general principle that `PSA_ECC_FAMILY_xxx` would have a corresponding symbol `PSA_WANT_ECC_FAMILY_xxx`. This deviation is justified by the fact that it is very common to wish to include only certain curves in a family, and that can lead to a significant gain in code size.
+
+#### Configuration symbols for Diffie-Hellman groups
+
+There are no configuration symbols for Diffie-Hellman groups (`PSA_DH_GROUP_xxx`).
 
-For elliptic curve key types, only the specified curves are included. To include a curve, include a symbol of the form **`PSA_WANT_ECC_family_size`**. For example: `PSA_WANT_ECC_SECP_R1_256` for secp256r1, `PSA_WANT_ECC_MONTGOMERY_CURVE25519`. It is an error to require an ECC key type but no curve, and Mbed TLS will reject this at compile time.
+Rationale: Finite-field Diffie-Hellman code is usually not specialized for any particular group, so reducing the number of available groups at compile time only saves a little code space. Constrained implementations tend to omit FFDH anyway, so the small code size gain is not important.
 
 #### Configuration symbols for algorithms
 
@@ -195,7 +201,7 @@ The boolean symbol mechanism proposed here can be translated to a list of JSON c
 
 #### Naming of symbols
 
-The names of [elliptic curve symbols](#configuration-symbols-for-curves) are a bit weird: `SECP_R1_256` instead of `SECP256R1`. Should we make them more classical, but less systematic?
+The names of [elliptic curve symbols](#configuration-symbols-for-elliptic-curves) are a bit weird: `SECP_R1_256` instead of `SECP256R1`, `MONTGOMERY_255` instead of `CURVE25519`. Should we make them more classical, but less systematic?
 
 #### Impossible combinations
 
diff --git a/3rdparty/mbedtls-2.25.0/docs/proposed/psa-driver-developer-guide.md b/3rdparty/mbedtls-2.28.7/docs/proposed/psa-driver-developer-guide.md
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/docs/proposed/psa-driver-developer-guide.md
rename to 3rdparty/mbedtls-2.28.7/docs/proposed/psa-driver-developer-guide.md
diff --git a/3rdparty/mbedtls-2.25.0/docs/proposed/psa-driver-integration-guide.md b/3rdparty/mbedtls-2.28.7/docs/proposed/psa-driver-integration-guide.md
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/docs/proposed/psa-driver-integration-guide.md
rename to 3rdparty/mbedtls-2.28.7/docs/proposed/psa-driver-integration-guide.md
diff --git a/3rdparty/mbedtls-2.28.7/docs/proposed/psa-driver-interface.md b/3rdparty/mbedtls-2.28.7/docs/proposed/psa-driver-interface.md
new file mode 100644
index 0000000..65601a4
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/docs/proposed/psa-driver-interface.md
@@ -0,0 +1,1002 @@
+PSA Cryptoprocessor Driver Interface
+====================================
+
+This document describes an interface for cryptoprocessor drivers in the PSA cryptography API. This interface complements the [PSA Cryptography API specification](https://armmbed.github.io/mbed-crypto/psa/#application-programming-interface), which describes the interface between a PSA Cryptography implementation and an application.
+
+This specification is work in progress and should be considered to be in a beta stage. There is ongoing work to implement this interface in Mbed TLS, which is the reference implementation of the PSA Cryptography API. At this stage, Arm does not expect major changes, but minor changes are expected based on experience from the first implementation and on external feedback.
+
+## Introduction
+
+### Purpose of the driver interface
+
+The PSA Cryptography API defines an interface that allows applications to perform cryptographic operations in a uniform way regardless of how the operations are performed. Under the hood, different keys may be stored and used in different hardware or in different logical partitions, and different algorithms may involve different hardware or software components.
+
+The driver interface allows implementations of the PSA Cryptography API to be built compositionally. An implementation of the PSA Cryptography API is composed of a **core** and zero or more **drivers**. The core handles key management, enforces key usage policies, and dispatches cryptographic operations either to the applicable driver or to built-in code.
+
+Functions in the PSA Cryptography API invoke functions in the core. Code from the core calls drivers as described in the present document.
+
+### Types of drivers
+
+The PSA Cryptography driver interface supports two types of cryptoprocessors, and accordingly two types of drivers.
+
+* **Transparent** drivers implement cryptographic operations on keys that are provided in cleartext at the beginning of each operation. They are typically used for hardware **accelerators**. When a transparent driver is available for a particular combination of parameters (cryptographic algorithm, key type and size, etc.), it is used instead of the default software implementation. Transparent drivers can also be pure software implementations that are distributed as plug-ins to a PSA Cryptography implementation (for example, an alternative implementation with different performance characteristics, or a certified implementation).
+* **Opaque** drivers implement cryptographic operations on keys that can only be used inside a protected environment such as a **secure element**, a hardware security module, a smartcard, a secure enclave, etc. An opaque driver is invoked for the specific [key location](#lifetimes-and-locations) that the driver is registered for: the dispatch is based on the key's lifetime.
+
+### Requirements
+
+The present specification was designed to fulfill the following high-level requirements.
+
+[Req.plugins] It is possible to combine multiple drivers from different providers into the same implementation, without any prior arrangement other than choosing certain names and values from disjoint namespaces.
+
+[Req.compile] It is possible to compile the code of each driver and of the core separately, and link them together. A small amount of glue code may need to be compiled once the list of drivers is available.
+
+[Req.types] Support drivers for the following types of hardware: accelerators that operate on keys in cleartext; cryptoprocessors that can wrap keys with a built-in keys but not store user keys; and cryptoprocessors that store key material.
+
+[Req.portable] The interface between drivers and the core does not involve any platform-specific consideration. Driver calls are simple C function calls. Interactions with platform-specific hardware happen only inside the driver (and in fact a driver need not involve any hardware at all).
+
+[Req.location] Applications can tell which location values correspond to which secure element drivers.
+
+[Req.fallback] Accelerator drivers can specify that they do not fully support a cryptographic mechanism and that a fallback to core code may be necessary. Conversely, if an accelerator fully supports cryptographic mechanism, the core must be able to omit code for this mechanism.
+
+[Req.mechanisms] Drivers can specify which mechanisms they support. A driver's code will not be invoked for cryptographic mechanisms that it does not support.
+
+## Overview of drivers
+
+### Deliverables for a driver
+
+To write a driver, you need to implement some functions with C linkage, and to declare these functions in a **driver description file**. The driver description file declares which functions the driver implements and what cryptographic mechanisms they support. If the driver description references custom types, macros or constants, you also need to provide C header files defining those elements.
+
+The concrete syntax for a driver description file is JSON. The structure of this JSON file is specified in the section [“Driver description syntax”](#driver-description-syntax).
+
+A driver therefore consists of:
+
+* A driver description file (in JSON format).
+* C header files defining the types required by the driver description. The names of these header files are declared in the driver description file.
+* An object file compiled for the target platform defining the entry point functions specified by the driver description. Implementations may allow drivers to be provided as source files and compiled with the core instead of being pre-compiled.
+
+How to provide the driver description file, the C header files and the object code is implementation-dependent.
+
+### Driver description syntax
+
+The concrete syntax for a driver description file is JSON.
+
+#### Driver description list
+
+PSA Cryptography core implementations should support multiple drivers. The driver description files are passed to the implementation as an ordered list in an unspecified manner. This may be, for example, a list of file names passed on a command line, or a JSON list whose elements are individual driver descriptions.
+
+#### Driver description top-level element
+
+A driver description is a JSON object containing the following properties:
+
+* `"prefix"` (mandatory, string). This must be a valid prefix for a C identifier. All the types and functions provided by the driver have a name that starts with this prefix unless overridden with a `"name"` element in the applicable capability as described below.
+* `"type"` (mandatory, string). One of `"transparent"` or `"opaque"`.
+* `"headers"` (optional, array of strings). A list of header files. These header files must define the types, macros and constants referenced by the driver description. They may declare the entry point functions, but this is not required. They may include other PSA headers and standard headers of the platform. Whether they may include other headers is implementation-specific. If omitted, the list of headers is empty. The header files must be present at the specified location relative to a directory on the compiler's include path when compiling glue code between the core and the drivers.
+* `"capabilities"` (mandatory, array of [capabilities](#driver-description-capability)).
+A list of **capabilities**. Each capability describes a family of functions that the driver implements for a certain class of cryptographic mechanisms.
+* `"key_context"` (not permitted for transparent drivers, mandatory for opaque drivers): information about the [representation of keys](#key-format-for-opaque-drivers).
+* `"persistent_state_size"` (not permitted for transparent drivers, optional for opaque drivers, integer or string). The size in bytes of the [persistent state of the driver](#opaque-driver-persistent-state). This may be either a non-negative integer or a C constant expression of type `size_t`.
+* `"location"` (not permitted for transparent drivers, optional for opaque drivers, integer or string). The [location value](#lifetimes-and-locations) for which this driver is invoked. In other words, this determines the lifetimes for which the driver is invoked. This may be either a non-negative integer or a C constant expression of type `psa_key_location_t`.
+
+### Driver description capability
+
+#### Capability syntax
+
+A capability declares a family of functions that the driver implements for a certain class of cryptographic mechanisms. The capability specifies which key types and algorithms are covered and the names of the types and functions that implement it.
+
+A capability is a JSON object containing the following properties:
+
+* `"entry_points"` (mandatory, list of strings). Each element is the name of a [driver entry point](#driver-entry-points) or driver entry point family. An entry point is a function defined by the driver. If specified, the core will invoke this capability of the driver only when performing one of the specified operations. The driver must implement all the specified entry points, as well as the types if applicable.
+* `"algorithms"` (optional, list of strings). Each element is an [algorithm specification](#algorithm-specifications). If specified, the core will invoke this capability of the driver only when performing one of the specified algorithms. If omitted, the core will invoke this capability for all applicable algorithms.
+* `"key_types"` (optional, list of strings). Each element is a [key type specification](#key-type-specifications). If specified, the core will invoke this capability of the driver only for operations involving a key with one of the specified key types. If omitted, the core will invoke this capability of the driver for all applicable key types.
+* `"key_sizes"` (optional, list of integers). If specified, the core will invoke this capability of the driver only for operations involving a key with one of the specified key sizes. If omitted, the core will invoke this capability of the driver for all applicable key sizes. Key sizes are expressed in bits.
+* `"names"` (optional, object). A mapping from entry point names described by the `"entry_points"` property, to the name of the C function in the driver that implements the corresponding function. If a function is not listed here, name of the driver function that implements it is the driver's prefix followed by an underscore (`_`) followed by the function name. If this property is omitted, it is equivalent to an empty object (so each entry point *suffix* is implemented by a function called *prefix*`_`*suffix*).
+* `"fallback"` (optional for transparent drivers, not permitted for opaque drivers, boolean). If present and true, the driver may return `PSA_ERROR_NOT_SUPPORTED`, in which case the core should call another driver or use built-in code to perform this operation. If absent or false, the driver is expected to fully support the mechanisms described by this capability. See the section “[Fallback](#fallback)” for more information.
+
+#### Capability semantics
+
+When the PSA Cryptography implementation performs a cryptographic mechanism, it invokes available driver entry points as described in the section [“Driver entry points”](#driver-entry-points).
+
+A driver is considered available for a cryptographic mechanism that invokes a given entry point if all of the following conditions are met:
+
+* The driver specification includes a capability whose `"entry_points"` list either includes the entry point or includes an entry point family that includes the entry point.
+* If the mechanism involves an algorithm:
+    * either the capability does not have an `"algorithms"` property;
+    * or the value of the capability's `"algorithms"` property includes an [algorithm specification](#algorithm-specifications) that matches this algorithm.
+* If the mechanism involves a key:
+    * either the key is transparent (its location is `PSA_KEY_LOCATION_LOCAL_STORAGE`) and the driver is transparent;
+    * or the key is opaque (its location is not `PSA_KEY_LOCATION_LOCAL_STORAGE`) and the driver is an opaque driver whose location is the key's location.
+* If the mechanism involves a key:
+    * either the capability does not have a `"key_types"` property;
+    * or the value of the capability's `"key_types"` property includes a [key type specification](#key-type-specifications) that matches this algorithm.
+* If the mechanism involves a key:
+    * either the capability does not have a `"key_sizes"` property;
+    * or the value of the capability's `"key_sizes"` property includes the key's size.
+
+If a driver includes multiple applicable capabilities for a given combination of entry point, algorithm, key type and key size, and all the capabilities map the entry point to the same function name, the driver is considered available for this cryptographic mechanism. If a driver includes multiple applicable capabilities for a given combination of entry point, algorithm, key type and key size, and at least two of these capabilities map the entry point to the different function names, the driver specification is invalid.
+
+If multiple transparent drivers have applicable capabilities for a given combination of entry point, algorithm, key type and key size, the first matching driver in the [specification list](#driver-description-list) is invoked. If the capability has [fallback](#fallback) enabled and the first driver returns `PSA_ERROR_NOT_SUPPORTED`, the next matching driver is invoked, and so on.
+
+If multiple opaque drivers have the same location, the list of driver specifications is invalid.
+
+#### Capability examples
+
+Example 1: the following capability declares that the driver can perform deterministic ECDSA signatures (but not signature verification) using any hash algorithm and any curve that the core supports. If the prefix of this driver is `"acme"`, the function that performs the signature is called `acme_sign_hash`.
+```
+{
+    "entry_points": ["sign_hash"],
+    "algorithms": ["PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH)"],
+}
+```
+
+Example 2: the following capability declares that the driver can perform deterministic ECDSA signatures using SHA-256 or SHA-384 with a SECP256R1 or SECP384R1 private key (with either hash being possible in combination with either curve). If the prefix of this driver is `"acme"`, the function that performs the signature is called `acme_sign_hash`.
+```
+{
+    "entry_points": ["sign_hash"],
+    "algorithms": ["PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256)",
+                   "PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384)"],
+    "key_types": ["PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)"],
+    "key_sizes": [256, 384]
+}
+```
+
+### Algorithm and key specifications
+
+#### Algorithm specifications
+
+An algorithm specification is a string consisting of a `PSA_ALG_xxx` macro that specifies a cryptographic algorithm or an algorithm wildcard policy defined by the PSA Cryptography API. If the macro takes arguments, the string must have the syntax of a C macro call and each argument must be an algorithm specification or a decimal or hexadecimal literal with no suffix, depending on the expected type of argument.
+
+Spaces are optional after commas. Whether other whitespace is permitted is implementation-specific.
+
+Valid examples:
+```
+PSA_ALG_SHA_256
+PSA_ALG_HMAC(PSA_ALG_SHA_256)
+PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256))
+PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH)
+```
+
+#### Key type specifications
+
+An algorithm specification is a string consisting of a `PSA_KEY_TYPE_xxx` macro that specifies a key type defined by the PSA Cryptography API. If the macro takes an argument, the string must have the syntax of a C macro call and each argument must be the name of a constant of suitable type (curve or group).
+
+The name `_` may be used instead of a curve or group to indicate that the capability concerns all curves or groups.
+
+Valid examples:
+```
+PSA_KEY_TYPE_AES
+PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)
+PSA_KEY_TYPE_ECC_KEY_PAIR(_)
+```
+
+### Driver entry points
+
+#### Overview of driver entry points
+
+Drivers define functions, each of which implements an aspect of a capability of a driver, such as a cryptographic operation, a part of a cryptographic operation, or a key management action. These functions are called the **entry points** of the driver. Most driver entry points correspond to a particular function in the PSA Cryptography API. For example, if a call to `psa_sign_hash()` is dispatched to a driver, it invokes the driver's `sign_hash` function.
+
+All driver entry points return a status of type `psa_status_t` which should use the status codes documented for PSA services in general and for PSA Cryptography in particular: `PSA_SUCCESS` indicates that the function succeeded, and `PSA_ERROR_xxx` values indicate that an error occurred.
+
+The signature of a driver entry point generally looks like the signature of the PSA Cryptography API that it implements, with some modifications. This section gives an overview of modifications that apply to whole classes of entry points. Refer to the reference section for each entry point or entry point family for details.
+
+* For entry points that operate on an existing key, the `psa_key_id_t` parameter is replaced by a sequence of three parameters that describe the key:
+    1. `const psa_key_attributes_t *attributes`: the key attributes.
+    2. `const uint8_t *key_buffer`: a key material or key context buffer.
+    3. `size_t key_buffer_size`: the size of the key buffer in bytes.
+
+    For transparent drivers, the key buffer contains the key material, in the same format as defined for `psa_export_key()` and `psa_export_public_key()` in the PSA Cryptography API. For opaque drivers, the content of the key buffer is entirely up to the driver.
+
+* For entry points that involve a multi-part operation, the operation state type (`psa_XXX_operation_t`) is replaced by a driver-specific operation state type (*prefix*`_XXX_operation_t`).
+
+* For entry points that are involved in key creation, the `psa_key_id_t *` output parameter is replaced by a sequence of parameters that convey the key context:
+    1. `uint8_t *key_buffer`: a buffer for the key material or key context.
+    2. `size_t key_buffer_size`: the size of the key buffer in bytes.
+    2. `size_t *key_buffer_length`: the length of the data written to the key buffer in bytes.
+
+Some entry points are grouped in families that must be implemented as a whole. If a driver supports an entry point family, it must provide all the entry points in the family.
+
+Drivers can also have entry points related to random generation. A transparent driver can provide a [random generation interface](#random-generation-entry-points). Separately, transparent and opaque drivers can have [entropy collection entry points](#entropy-collection-entry-point).
+
+#### General considerations on driver entry point parameters
+
+Buffer parameters for driver entry points obey the following conventions:
+
+* An input buffer has the type `const uint8_t *` and is immediately followed by a parameter of type `size_t` that indicates the buffer size.
+* An output buffer has the type `uint8_t *` and is immediately followed by a parameter of type `size_t` that indicates the buffer size. A third parameter of type `size_t *` is provided to report the actual length of the data written in the buffer if the function succeeds.
+* An in-out buffer has the type `uint8_t *` and is immediately followed by a parameter of type `size_t` that indicates the buffer size. In-out buffers are only used when the input and the output have the same length.
+
+Buffers of size 0 may be represented with either a null pointer or a non-null pointer.
+
+Input buffers and other input-only parameters (`const` pointers) may be in read-only memory. Overlap is possible between input buffers, and between an input buffer and an output buffer, but not between two output buffers or between a non-buffer parameter and another parameter.
+
+#### Driver entry points for single-part cryptographic operations
+
+The following driver entry points perform a cryptographic operation in one shot (single-part operation):
+
+* `"hash_compute"` (transparent drivers only): calculation of a hash. Called by `psa_hash_compute()` and `psa_hash_compare()`. To verify a hash with `psa_hash_compare()`, the core calls the driver's `"hash_compute"` entry point and compares the result with the reference hash value.
+* `"mac_compute"`: calculation of a MAC. Called by `psa_mac_compute()` and possibly `psa_mac_verify()`. To verify a mac with `psa_mac_verify()`, the core calls an applicable driver's `"mac_verify"` entry point if there is one, otherwise the core calls an applicable driver's `"mac_compute"` entry point and compares the result with the reference MAC value.
+* `"mac_verify"`: verification of a MAC. Called by `psa_mac_verify()`. This entry point is mainly useful for drivers of secure elements that verify a MAC without revealing the correct MAC. Although transparent drivers may implement this entry point in addition to `"mac_compute"`, it is generally not useful because the core can call the `"mac_compute"` entry point and compare with the expected MAC value.
+* `"cipher_encrypt"`: unauthenticated symmetric cipher encryption. Called by `psa_cipher_encrypt()`.
+* `"cipher_decrypt"`: unauthenticated symmetric cipher decryption. Called by `psa_cipher_decrypt()`.
+* `"aead_encrypt"`: authenticated encryption with associated data. Called by `psa_aead_encrypt()`.
+* `"aead_decrypt"`: authenticated decryption with associated data. Called by `psa_aead_decrypt()`.
+* `"asymmetric_encrypt"`: asymmetric encryption. Called by `psa_asymmetric_encrypt()`.
+* `"asymmetric_decrypt"`: asymmetric decryption. Called by `psa_asymmetric_decrypt()`.
+* `"sign_hash"`: signature of an already calculated hash. Called by `psa_sign_hash()` and possibly `psa_sign_message()`. To sign a message with `psa_sign_message()`, the core calls an applicable driver's `"sign_message"` entry point if there is one, otherwise the core calls an applicable driver's `"hash_compute"` entry point followed by an applicable driver's `"sign_hash"` entry point.
+* `"verify_hash"`: verification of an already calculated hash. Called by `psa_verify_hash()` and possibly `psa_verify_message()`. To verify a message with `psa_verify_message()`, the core calls an applicable driver's `"verify_message"` entry point if there is one, otherwise the core calls an applicable driver's `"hash_compute"` entry point followed by an applicable driver's `"verify_hash"` entry point.
+* `"sign_message"`: signature of a message. Called by `psa_sign_message()`.
+* `"verify_message"`: verification of a message. Called by `psa_verify_message()`.
+* `"key_agreement"`: key agreement without a subsequent key derivation. Called by `psa_raw_key_agreement()` and possibly `psa_key_derivation_key_agreement()`.
+
+### Driver entry points for multi-part operations
+
+#### General considerations on multi-part operations
+
+The entry points that implement each step of a multi-part operation are grouped into a family. A driver that implements a multi-part operation must define all of the entry points in this family as well as a type that represents the operation context. The lifecycle of a driver operation context is similar to the lifecycle of an API operation context:
+
+1. The core initializes operation context objects to either all-bits-zero or to logical zero (`{0}`), at its discretion.
+1. The core calls the `xxx_setup` entry point for this operation family. If this fails, the core destroys the operation context object without calling any other driver entry point on it.
+1. The core calls other entry points that manipulate the operation context object, respecting the constraints.
+1. If any entry point fails, the core calls the driver's `xxx_abort` entry point for this operation family, then destroys the operation context object without calling any other driver entry point on it.
+1. If a “finish” entry point fails, the core destroys the operation context object without calling any other driver entry point on it. The finish entry points are: *prefix*`_mac_sign_finish`, *prefix*`_mac_verify_finish`, *prefix*`_cipher_finish`, *prefix*`_aead_finish`, *prefix*`_aead_verify`.
+
+If a driver implements a multi-part operation but not the corresponding single-part operation, the core calls the driver's multipart operation entry points to perform the single-part operation.
+
+#### Multi-part operation entry point family `"hash_multipart"`
+
+This family corresponds to the calculation of a hash in multiple steps.
+
+This family applies to transparent drivers only.
+
+This family requires the following type and entry points:
+
+* Type `"hash_operation_t"`: the type of a hash operation context. It must be possible to copy a hash operation context byte by byte, therefore hash operation contexts must not contain any embedded pointers (except pointers to global data that do not change after the setup step).
+* `"hash_setup"`: called by `psa_hash_setup()`.
+* `"hash_update"`: called by `psa_hash_update()`.
+* `"hash_finish"`: called by `psa_hash_finish()` and `psa_hash_verify()`.
+* `"hash_abort"`: called by all multi-part hash functions of the PSA Cryptography API.
+
+To verify a hash with `psa_hash_verify()`, the core calls the driver's *prefix*`_hash_finish` entry point and compares the result with the reference hash value.
+
+For example, a driver with the prefix `"acme"` that implements the `"hash_multipart"` entry point family must define the following type and entry points (assuming that the capability does not use the `"names"` property to declare different type and entry point names):
+
+```
+typedef ... acme_hash_operation_t;
+psa_status_t acme_hash_setup(acme_hash_operation_t *operation,
+                             psa_algorithm_t alg);
+psa_status_t acme_hash_update(acme_hash_operation_t *operation,
+                              const uint8_t *input,
+                              size_t input_length);
+psa_status_t acme_hash_finish(acme_hash_operation_t *operation,
+                              uint8_t *hash,
+                              size_t hash_size,
+                              size_t *hash_length);
+psa_status_t acme_hash_abort(acme_hash_operation_t *operation);
+```
+
+#### Operation family `"mac_multipart"`
+
+TODO
+
+#### Operation family `"mac_verify_multipart"`
+
+TODO
+
+#### Operation family `"cipher_encrypt_multipart"`
+
+TODO
+
+#### Operation family `"cipher_decrypt_multipart"`
+
+TODO
+
+#### Operation family `"aead_encrypt_multipart"`
+
+TODO
+
+#### Operation family `"aead_decrypt_multipart"`
+
+TODO
+
+#### Operation family `"key_derivation"`
+
+This family requires the following type and entry points:
+
+* Type `"key_derivation_operation_t"`: the type of a key derivation operation context.
+* `"key_derivation_setup"`: called by `psa_key_derivation_setup()`.
+* `"key_derivation_set_capacity"`: called by `psa_key_derivation_set_capacity()`. The core will always enforce the capacity, therefore this function does not need to do anything for algorithms where the output stream only depends on the effective generated length and not on the capacity.
+* `"key_derivation_input_bytes"`: called by `psa_key_derivation_input_bytes()` and `psa_key_derivation_input_key()`. For transparent drivers, when processing a call to `psa_key_derivation_input_key()`, the core always calls the applicable driver's `"key_derivation_input_bytes"` entry point.
+* `"key_derivation_input_key"` (opaque drivers only)
+* `"key_derivation_output_bytes"`: called by `psa_key_derivation_output_bytes()`; also by `psa_key_derivation_output_key()` for transparent drivers.
+* `"key_derivation_output_key"`: called by `psa_key_derivation_output_key()` for transparent drivers when deriving an asymmetric key pair, and also for opaque drivers.
+* `"key_derivation_abort"`: called by all key derivation functions of the PSA Cryptography API.
+
+TODO: key input and output for opaque drivers; deterministic key generation for transparent drivers
+
+TODO
+
+### Driver entry points for key management
+
+The driver entry points for key management differ significantly between [transparent drivers](#key-management-with-transparent-drivers) and [opaque drivers](#key-management-with-opaque-drivers). This section describes common elements. Refer to the applicable section for each driver type for more information.
+
+The entry points that create or format key data have the following prototypes for a driver with the prefix `"acme"`:
+
+```
+psa_status_t acme_import_key(const psa_key_attributes_t *attributes,
+                             const uint8_t *data,
+                             size_t data_length,
+                             uint8_t *key_buffer,
+                             size_t key_buffer_size,
+                             size_t *key_buffer_length,
+                             size_t *bits); // additional parameter, see below
+psa_status_t acme_generate_key(const psa_key_attributes_t *attributes,
+                               uint8_t *key_buffer,
+                               size_t key_buffer_size,
+                               size_t *key_buffer_length);
+```
+
+TODO: derivation, copy
+
+* The key attributes (`attributes`) have the same semantics as in the PSA Cryptography application interface.
+* For the `"import_key"` entry point, the input in the `data` buffer is either the export format or an implementation-specific format that the core documents as an acceptable input format for `psa_import_key()`.
+* The size of the key data buffer `key_buffer` is sufficient for the internal representation of the key. For a transparent driver, this is the key's [export format](#key-format-for-transparent-drivers). For an opaque driver, this is the size determined from the driver description and the key attributes, as specified in the section [“Key format for opaque drivers”](#key-format-for-opaque-drivers).
+* For an opaque driver with an `"allocate_key"` entry point, the content of the key data buffer on entry is the output of that entry point.
+* The `"import_key"` entry point must determine or validate the key size and set `*bits` as described in the section [“Key size determination on import”](#key-size-determination-on-import) below.
+
+All key creation entry points must ensure that the resulting key is valid as specified in the section [“Key validation”](#key-validation) below. This is primarily important for import entry points since the key data comes from the application.
+
+#### Key size determination on import
+
+The `"import_key"` entry point must determine or validate the key size.
+The PSA Cryptography API exposes the key size as part of the key attributes.
+When importing a key, the key size recorded in the key attributes can be either a size specified by the caller of the API (who may not be trusted), or `0` which indicates that the size must be calculated from the data.
+
+When the core calls the `"import_key"` entry point to process a call to `psa_import_key`, it passes an `attributes` structure such that `psa_get_key_bits(attributes)` is the size passed by the caller of `psa_import_key`. If this size is `0`, the `"import_key"` entry point must set the `bits` input-output parameter to the correct key size. The semantics of `bits` is as follows:
+
+* The core sets `*bits` to `psa_get_key_bits(attributes)` before calling the `"import_key"` entry point.
+* If `*bits == 0`, the driver must determine the key size from the data and set `*bits` to this size. If the key size cannot be determined from the data, the driver must return `PSA_ERROR_INVALID_ARGUMENT` (as of version 1.0 of the PSA Cryptography API specification, it is possible to determine the key size for all standard key types).
+* If `*bits != 0`, the driver must check the value of `*bits` against the data and return `PSA_ERROR_INVALID_ARGUMENT` if it does not match. If the driver entry point changes `*bits` to a different value but returns `PSA_SUCCESS`, the core will consider the key as invalid and the import will fail.
+
+#### Key validation
+
+Key creation entry points must produce valid key data. Key data is _valid_ if operations involving the key are guaranteed to work functionally and not to cause indirect security loss. Operation functions are supposed to receive valid keys, and should not have to check and report invalid keys. For example:
+
+* If a cryptographic mechanism is defined as having keying material of a certain size, or if the keying material involves integers that have to be in a certain range, key creation must ensure that the keying material has an appropriate size and falls within an appropriate range.
+* If a cryptographic operation involves a division by an integer which is provided as part of a key, key creation must ensure that this integer is nonzero.
+* If a cryptographic operation involves two keys A and B (or more), then the creation of A must ensure that using it does not risk compromising B. This applies even if A's policy does not explicitly allow a problematic operation, but A is exportable. In particular, public keys that can potentially be used for key agreement are considered invalid and must not be created if they risk compromising the private key.
+* On the other hand, it is acceptable for import to accept a key that cannot be verified as valid if using this key would at most compromise the key itself and material that is secured with this key. For example, RSA key import does not need to verify that the primes are actually prime. Key import may accept an insecure key if the consequences of the insecurity are no worse than a leak of the key prior to its import.
+
+With opaque drivers, the key context can only be used by code from the same driver, so key validity is primarily intended to report key creation errors at creation time rather than during an operation. With transparent drivers, the key context can potentially be used by code from a different provider, so key validity is critical for interoperability.
+
+This section describes some minimal validity requirements for standard key types.
+
+* For symmetric key types, check that the key size is suitable for the type.
+* For DES (`PSA_KEY_TYPE_DES`), additionally verify the parity bits.
+* For RSA (`PSA_KEY_TYPE_RSA_PUBLIC_KEY`, `PSA_KEY_TYPE_RSA_KEY_PAIR`), check the syntax of the key and make sanity checks on its components. TODO: what sanity checks? Value ranges (e.g. p < n), sanity checks such as parity, minimum and maximum size, what else?
+* For elliptic curve private keys (`PSA_KEY_TYPE_ECC_KEY_PAIR`), check the size and range. TODO: what else?
+* For elliptic curve public keys (`PSA_KEY_TYPE_ECC_PUBLIC_KEY`), check the size and range, and that the point is on the curve. TODO: what else?
+
+### Entropy collection entry point
+
+A driver can declare an entropy source by providing a `"get_entropy"` entry point. This entry point has the following prototype for a driver with the prefix `"acme"`:
+
+```
+psa_status_t acme_get_entropy(uint32_t flags,
+                              size_t *estimate_bits,
+                              uint8_t *output,
+                              size_t output_size);
+```
+
+The semantics of the parameters is as follows:
+
+* `flags`: a bit-mask of [entropy collection flags](#entropy-collection-flags).
+* `estimate_bits`: on success, an estimate of the amount of entropy that is present in the `output` buffer, in bits. This must be at least `1` on success. The value is ignored on failure. Drivers should return a conservative estimate, even in circumstances where the quality of the entropy source is degraded due to environmental conditions (e.g. undervolting, low temperature, etc.).
+* `output`: on success, this buffer contains non-deterministic data with an estimated entropy of at least `*estimate_bits` bits. When the entropy is coming from a hardware peripheral, this should preferably be raw or lightly conditioned measurements from a physical process, such that statistical tests run over a sufficiently large amount of output can confirm the entropy estimates. But this specification also permits entropy sources that are fully conditioned, for example when the PSA Cryptography system is running as an application in an operating system and `"get_entropy"` returns data from the random generator in the operating system's kernel.
+* `output_size`: the size of the `output` buffer in bytes. This size should be large enough to allow a driver to pass unconditioned data with a low density of entropy; for example a peripheral that returns eight bytes of data with an estimated one bit of entropy cannot provide meaningful output in less than 8 bytes.
+
+Note that there is no output parameter indicating how many bytes the driver wrote to the buffer. Such an output length indication is not necessary because the entropy may be located anywhere in the buffer, so the driver may write less than `output_size` bytes but the core does not need to know this. The output parameter `estimate_bits` contains the amount of entropy, expressed in bits, which may be significantly less than `output_size * 8`.
+
+The entry point may return the following statuses:
+
+* `PSA_SUCCESS`: success. The output buffer contains some entropy.
+* `PSA_ERROR_INSUFFICIENT_ENTROPY`: no entropy is available without blocking. This is only permitted if the `PSA_DRIVER_GET_ENTROPY_BLOCK` flag is clear. The core may call `get_entropy` again later, giving time for entropy to be gathered or for adverse environmental conditions to be rectified.
+* Other error codes indicate a transient or permanent failure of the entropy source.
+
+Unlike most other entry points, if multiple transparent drivers include a `"get_entropy"` point, the core will call all of them (as well as the entry points from opaque drivers). Fallback is not applicable to `"get_entropy"`.
+
+#### Entropy collection flags
+
+* `PSA_DRIVER_GET_ENTROPY_BLOCK`: If this flag is set, the driver should block until it has at least one bit of entropy. If this flag is clear, the driver should avoid blocking if no entropy is readily available.
+* `PSA_DRIVER_GET_ENTROPY_KEEPALIVE`: This flag is intended to help with energy management for entropy-generating peripherals. If this flag is set, the driver should expect another call to `acme_get_entropy` after a short time. If this flag is clear, the core is not expecting to call the `"get_entropy"` entry point again within a short amount of time (but it may do so nonetheless).
+
+#### Entropy collection and blocking
+
+The intent of the `BLOCK` and `KEEPALIVE` [flags](#entropy-collection-flags) is to support drivers for TRNG (True Random Number Generator, i.e. an entropy source peripheral) that have a long ramp-up time, especially on platforms with multiple entropy sources.
+
+Here is a suggested call sequence for entropy collection that leverages these flags:
+
+1. The core makes a first round of calls to `"get_entropy"` on every source with the `BLOCK` flag clear and the `KEEPALIVE` flag set, so that drivers can prepare the TRNG peripheral.
+2. The core makes a second round of calls with the `BLOCK` flag set and the `KEEPALIVE` flag clear to gather needed entropy.
+3. If the second round does not collect enough entropy, the core makes more similar rounds, until the total amount of collected entropy is sufficient.
+
+### Miscellaneous driver entry points
+
+#### Driver initialization
+
+A driver may declare an `"init"` entry point in a capability with no algorithm, key type or key size. If so, the core calls this entry point once during the initialization of the PSA Cryptography subsystem. If the init entry point of any driver fails, the initialization of the PSA Cryptography subsystem fails.
+
+When multiple drivers have an init entry point, the order in which they are called is unspecified. It is also unspecified whether other drivers' `"init"` entry points are called if one or more init entry point fails.
+
+On platforms where the PSA Cryptography implementation is a subsystem of a single application, the initialization of the PSA Cryptography subsystem takes place during the call to `psa_crypto_init()`. On platforms where the PSA Cryptography implementation is separate from the application or applications, the initialization of the PSA Cryptography subsystem takes place before or during the first time an application calls `psa_crypto_init()`.
+
+The init entry point does not take any parameter.
+
+### Combining multiple drivers
+
+To declare a cryptoprocessor can handle both cleartext and wrapped keys, you need to provide two driver descriptions, one for a transparent driver and one for an opaque driver. You can use the mapping in capabilities' `"names"` property to arrange for multiple driver entry points to map to the same C function.
+
+## Transparent drivers
+
+### Key format for transparent drivers
+
+The format of a key for transparent drivers is the same as in applications. Refer to the documentation of [`psa_export_key()`](https://armmbed.github.io/mbed-crypto/html/api/keys/management.html#c.psa_export_key) and [`psa_export_public_key()`](https://armmbed.github.io/mbed-crypto/html/api/keys/management.html#c.psa_export_public_key) in the PSA Cryptography API specification. For custom key types defined by an implementation, refer to the documentation of that implementation.
+
+### Key management with transparent drivers
+
+Transparent drivers may provide the following key management entry points:
+
+* [`"import_key"`](#key-import-with-transparent-drivers): called by `psa_import_key()`, only when importing a key pair or a public key (key such that `PSA_KEY_TYPE_IS_ASYMMETRIC` is true).
+* `"generate_key"`: called by `psa_generate_key()`, only when generating a key pair (key such that `PSA_KEY_TYPE_IS_KEY_PAIR` is true).
+* `"key_derivation_output_key"`: called by `psa_key_derivation_output_key()`, only when deriving a key pair (key such that `PSA_KEY_TYPE_IS_KEY_PAIR` is true).
+* `"export_public_key"`: called by the core to obtain the public key of a key pair. The core may call this function at any time to obtain the public key, which can be for `psa_export_public_key()` but also at other times, including during a cryptographic operation that requires the public key such as a call to `psa_verify_message()` on a key pair object.
+
+Transparent drivers are not involved when exporting, copying or destroying keys, or when importing, generating or deriving symmetric keys.
+
+#### Key import with transparent drivers
+
+As discussed in [the general section about key management entry points](#driver-entry-points-for-key-management), the key import entry points has the following prototype for a driver with the prefix `"acme"`:
+```
+psa_status_t acme_import_key(const psa_key_attributes_t *attributes,
+                             const uint8_t *data,
+                             size_t data_length,
+                             uint8_t *key_buffer,
+                             size_t key_buffer_size,
+                             size_t *key_buffer_length,
+                             size_t *bits);
+```
+
+This entry point has several roles:
+
+1. Parse the key data in the input buffer `data`. The driver must support the export format for the key types that the entry point is declared for. It may support additional formats as specified in the description of [`psa_import_key()`](https://armmbed.github.io/mbed-crypto/html/api/keys/management.html#c.psa_export_key) in the PSA Cryptography API specification.
+2. Validate the key data. The necessary validation is described in the section [“Key validation with transparent drivers”](#key-validation-with-transparent-drivers) above.
+3. [Determine the key size](#key-size-determination-on-import) and output it through `*bits`.
+4. Copy the validated key data from `data` to `key_buffer`. The output must be in the canonical format documented for [`psa_export_key()`](https://armmbed.github.io/mbed-crypto/html/api/keys/management.html#c.psa_export_key) or [`psa_export_public_key()`](https://armmbed.github.io/mbed-crypto/html/api/keys/management.html#c.psa_export_public_key), so if the input is not in this format, the entry point must convert it.
+
+### Random generation entry points
+
+A transparent driver may provide an operation family that can be used as a cryptographic random number generator. The random generation mechanism must obey the following requirements:
+
+* The random output must be of cryptographic quality, with a uniform distribution. Therefore, if the random generator includes an entropy source, this entropy source must be fed through a CSPRNG (cryptographically secure pseudo-random number generator).
+* Random generation is expected to be fast. (If a device can provide entropy but is slow at generating random data, declare it as an [entropy driver](#entropy-collection-entry-point) instead.)
+* The random generator should be able to incorporate entropy provided by an outside source. If it isn't, the random generator can only be used if it's the only entropy source on the platform. (A random generator peripheral can be declared as an [entropy source](#entropy-collection-entry-point) instead of a random generator; this way the core will combine it with other entropy sources.)
+* The random generator may either be deterministic (in the sense that it always returns the same data when given the same entropy inputs) or non-deterministic (including its own entropy source). In other words, this interface is suitable both for PRNG (pseudo-random number generator, also known as DRBG (deterministic random bit generator)) and for NRBG (non-deterministic random bit generator).
+
+If no driver implements the random generation entry point family, the core provides an unspecified random generation mechanism.
+
+This operation family requires the following type, entry points and parameters (TODO: where exactly are the parameters in the JSON structure?):
+
+* Type `"random_context_t"`: the type of a random generation context.
+* `"init_random"` (entry point, optional): if this function is present, [the core calls it once](#random-generator-initialization) after allocating a `"random_context_t"` object.
+* `"add_entropy"` (entry point, optional): the core calls this function to [inject entropy](#entropy-injection). This entry point is optional if the driver is for a peripheral that includes an entropy source of its own, however [random generator drivers without entropy injection](#random-generator-drivers-without-entropy-injection) have limited portability since they can only be used on platforms with no other entropy source. This entry point is mandatory if `"initial_entropy_size"` is nonzero.
+* `"get_random"` (entry point, mandatory): the core calls this function whenever it needs to [obtain random data](#the-get_random-entry-point).
+* `"initial_entropy_size"` (integer, mandatory): the minimum number of bytes of entropy that the core must supply before the driver can output random data. This can be `0` if the driver is for a peripheral that includes an entropy source of its own.
+* `"reseed_entropy_size"` (integer, optional): the minimum number of bytes of entropy that the core should supply via [`"add_entropy"`](#entropy-injection) when the driver runs out of entropy. This value is also a hint for the size to supply if the core makes additional calls to `"add_entropy"`, for example to enforce prediction resistance. If omitted, the core should pass an amount of entropy corresponding to the expected security strength of the device (for example, pass 32 bytes of entropy when reseeding to achieve a security strength of 256 bits). If specified, the core should pass the larger of `"reseed_entropy_size"` and the amount corresponding to the security strength.
+
+Random generation is not parametrized by an algorithm. The choice of algorithm is up to the driver.
+
+#### Random generator initialization
+
+The `"init_random"` entry point has the following prototype for a driver with the prefix `"acme"`:
+
+```
+psa_status_t acme_init_random(acme_random_context_t *context);
+```
+
+The core calls this entry point once after allocating a random generation context. Initially, the context object is all-bits-zero.
+
+If a driver does not have an `"init_random"` entry point, the context object passed to the first call to `"add_entropy"` or `"get_random"` will be all-bits-zero.
+
+#### Entropy injection
+
+The `"add_entropy"` entry point has the following prototype for a driver with the prefix `"acme"`:
+
+```
+psa_status_t acme_add_entropy(acme_random_context_t *context,
+                              const uint8_t *entropy,
+                              size_t entropy_size);
+```
+
+The semantics of the parameters is as follows:
+
+* `context`: a random generation context. On the first call to `"add_entropy"`, this object has been initialized by a call to the driver's `"init_random"` entry point if one is present, and to all-bits-zero otherwise.
+* `entropy`: a buffer containing full-entropy data to seed the random generator. “Full-entropy” means that the data is uniformly distributed and independent of any other observable quantity.
+* `entropy_size`: the size of the `entropy` buffer in bytes. It is guaranteed to be at least `1`, but it may be smaller than the amount of entropy that the driver needs to deliver random data, in which case the core will call the `"add_entropy"` entry point again to supply more entropy.
+
+The core calls this function to supply entropy to the driver. The driver must mix this entropy into its internal state. The driver must mix the whole supplied entropy, even if there is more than what the driver requires, to ensure that all entropy sources are mixed into the random generator state. The driver may mix additional entropy of its own.
+
+The core may call this function at any time. For example, to enforce prediction resistance, the core can call `"add_entropy"` immediately after each call to `"get_random"`. The core must call this function in two circumstances:
+
+* Before the first call to the `"get_random"` entry point, to supply `"initial_entropy_size"` bytes of entropy.
+* After a call to the `"get_random"` entry point returns less than the required amount of random data, to supply at least `"reseed_entropy_size"` bytes of entropy.
+
+When the driver requires entropy, the core can supply it with one or more successive calls to the `"add_entropy"` entry point. If the required entropy size is zero, the core does not need to call `"add_entropy"`.
+
+#### Combining entropy sources with a random generation driver
+
+This section provides guidance on combining one or more [entropy sources](#entropy-collection-entry-point) (each having a `"get_entropy"` entry point) with a random generation driver (with an `"add_entropy"` entry point).
+
+Note that `"get_entropy"` returns data with an estimated amount of entropy that is in general less than the buffer size. The core must apply a mixing algorithm to the output of `"get_entropy"` to obtain full-entropy data.
+
+For example, the core may use a simple mixing scheme based on a pseudorandom function family $(F_k)$ with an $E$-bit output where $E = 8 \cdot \mathtt{entropy_size}$ and $\mathtt{entropy_size}$ is the desired amount of entropy in bytes (typically the random driver's `"initial_entropy_size"` property for the initial seeding and the `"reseed_entropy_size"` property for subsequent reseeding). The core calls the `"get_entropy"` points of the available entropy drivers, outputting a string $s_i$ and an entropy estimate $e_i$ on the $i$th call. It does so until the total entropy estimate $e_1 + e_2 + \ldots + e_n$ is at least $E$. The core then calculates $F_k(0)$ where $k = s_1 || s_2 || \ldots || s_n$. This value is a string of $\mathtt{entropy_size}$, and since $(F_k)$ is a pseudorandom function family, $F_k(0)$ is uniformly distributed over strings of $\mathtt{entropy_size}$ bytes. Therefore $F_k(0)$ is a suitable value to pass to `"add_entropy"`.
+
+Note that the mechanism above is only given as an example. Implementations may choose a different mechanism, for example involving multiple pools or intermediate compression functions.
+
+#### Random generator drivers without entropy injection
+
+Random generator drivers should have the capability to inject additional entropy through the `"add_entropy"` entry point. This ensures that the random generator depends on all the entropy sources that are available on the platform. A driver where a call to `"add_entropy"` does not affect the state of the random generator is not compliant with this specification.
+
+However, a driver may omit the `"add_entropy"` entry point. This limits the driver's portability: implementations of the PSA Cryptography specification may reject drivers without an `"add_entropy"` entry point, or only accept such drivers in certain configurations. In particular, the `"add_entropy"` entry point is required if:
+
+* the integration of PSA Cryptography includes an entropy source that is outside the driver; or
+* the core saves random data in persistent storage to be preserved across platform resets.
+
+#### The `"get_random"` entry point
+
+The `"get_random"` entry point has the following prototype for a driver with the prefix `"acme"`:
+
+```
+psa_status_t acme_get_random(acme_random_context_t *context,
+                             uint8_t *output,
+                             size_t output_size,
+                             size_t *output_length);
+```
+
+The semantics of the parameters is as follows:
+
+* `context`: a random generation context. If the driver's `"initial_entropy_size"` property is nonzero, the core must have called `"add_entropy"` at least once with a total of at least `"initial_entropy_size"` bytes of entropy before it calls `"get_random"`. Alternatively, if the driver's `"initial_entropy_size"` property is zero and the core did not call `"add_entropy"`, or if the driver has no `"add_entropy"` entry point, the core must have called `"init_random"` if present, and otherwise the context is all-bits zero.
+* `output`: on success (including partial success), the first `*output_length` bytes of this buffer contain cryptographic-quality random data. The output is not used on error.
+* `output_size`: the size of the `output` buffer in bytes.
+* `*output_length`: on success (including partial success), the number of bytes of random data that the driver has written to the `output` buffer. This is preferably `output_size`, but the driver is allowed to return less data if it runs out of entropy as described below. The core sets this value to 0 on entry. The value is not used on error.
+
+The driver may return the following status codes:
+
+* `PSA_SUCCESS`: the `output` buffer contains `*output_length` bytes of cryptographic-quality random data. Note that this may be less than `output_size`; in this case the core should call the driver's `"add_entropy"` method to supply at least `"reseed_entropy_size"` bytes of entropy before calling `"get_random"` again.
+* `PSA_ERROR_INSUFFICIENT_ENTROPY`: the core must supply additional entropy by calling the `"add_entropy"` entry point with at least `"reseed_entropy_size"` bytes.
+* `PSA_ERROR_NOT_SUPPORTED`: the random generator is not available. This is only permitted if the driver specification for random generation has the [fallback property](#fallback) enabled.
+* Other error codes such as `PSA_ERROR_COMMUNICATION_FAILURE` or `PSA_ERROR_HARDWARE_FAILURE` indicate a transient or permanent error.
+
+### Fallback
+
+Sometimes cryptographic accelerators only support certain cryptographic mechanisms partially. The capability description language allows specifying some restrictions, including restrictions on key sizes, but it cannot cover all the possibilities that may arise in practice. Furthermore, it may be desirable to deploy the same binary image on different devices, only some of which have a cryptographic accelerators.
+For these purposes, a transparent driver can declare that it only supports a [capability](#driver-description-capability) partially, by setting the capability's `"fallback"` property to true.
+
+If a transparent driver entry point is part of a capability which has a true `"fallback"` property and returns `PSA_ERROR_NOT_SUPPORTED`, the core will call the next transparent driver that supports the mechanism, if there is one. The core considers drivers in the order given by the [driver description list](#driver-description-list).
+
+If all the available drivers have fallback enabled and return `PSA_ERROR_NOT_SUPPORTED`, the core will perform the operation using built-in code.
+As soon as a driver returns any value other than `PSA_ERROR_NOT_SUPPORTED` (`PSA_SUCCESS` or a different error code), this value is returned to the application, without attempting to call any other driver or built-in code.
+
+If a transparent driver entry point is part of a capability where the `"fallback"` property is false or omitted, the core should not include any other code for this capability, whether built in or in another transparent driver.
+
+## Opaque drivers
+
+Opaque drivers allow a PSA Cryptography implementation to delegate cryptographic operations to a separate environment that might not allow exporting key material in cleartext. The opaque driver interface is designed so that the core never inspects the representation of a key. The opaque driver interface is designed to support two subtypes of cryptoprocessors:
+
+* Some cryptoprocessors do not have persistent storage for individual keys. The representation of a key is the key material wrapped with a master key which is located in the cryptoprocessor and never exported from it. The core stores this wrapped key material on behalf of the cryptoprocessor.
+* Some cryptoprocessors have persistent storage for individual keys. The representation of a key is an identifier such as label or slot number. The core stores this identifier.
+
+### Key format for opaque drivers
+
+The format of a key for opaque drivers is an opaque blob. The content of this blob is fully up to the driver. The core merely stores this blob.
+
+Note that since the core stores the key context blob as it is in memory, it must only contain data that is meaningful after a reboot. In particular, it must not contain any pointers or transient handles.
+
+The `"key_context"` property in the [driver description](#driver-description-top-level-element) specifies how to calculate the size of the key context as a function of the key type and size. This is an object with the following properties:
+
+* `"base_size"` (integer or string, optional): this many bytes are included in every key context. If omitted, this value defaults to 0.
+* `"key_pair_size"` (integer or string, optional): this many bytes are included in every key context for a key pair. If omitted, this value defaults to 0.
+* `"public_key_size"` (integer or string, optional): this many bytes are included in every key context for a public key. If omitted, this value defaults to 0.
+* `"symmetric_factor"` (integer or string, optional): every key context for a symmetric key includes this many times the key size. If omitted, this value defaults to 0.
+* `"store_public_key"` (boolean, optional): If specified and true, for a key pair, the key context includes space for the public key. If omitted or false, no additional space is added for the public key.
+* `"size_function"` (string, optional): the name of a function that returns the number of bytes that the driver needs in a key context for a key. This may be a pointer to function. This must be a C identifier; more complex expressions are not permitted. If the core uses this function, it supersedes all the other properties except for `"builtin_key_size"` (where applicable, if present).
+* `"builtin_key_size"` (integer or string, optional): If specified, this overrides all other methods (including the `"size_function"` entry point) to determine the size of the key context for [built-in keys](#built-in-keys). This allows drivers to efficiently represent application keys as wrapped key material, but built-in keys by an internal identifier that takes up less space.
+
+The integer properties must be C language constants. A typical value for `"base_size"` is `sizeof(acme_key_context_t)` where `acme_key_context_t` is a type defined in a driver header file.
+
+#### Size of a dynamically allocated key context
+
+If the core supports dynamic allocation for the key context and chooses to use it, and the driver specification includes the `"size_function"` property, the size of the key context is at least
+```
+size_function(key_type, key_bits)
+```
+where `size_function` is the function named in the `"size_function"` property, `key_type` is the key type and `key_bits` is the key size in bits. The prototype of the size function is
+```
+size_t size_function(psa_key_type_t key_type, size_t key_bits);
+```
+
+#### Size of a statically allocated key context
+
+If the core does not support dynamic allocation for the key context or chooses not to use it, or if the driver specification does not include the `"size_function"` property, the size of the key context for a key of type `key_type` and of size `key_bits` bits is:
+
+* For a key pair (`PSA_KEY_TYPE_IS_KEY_PAIR(key_type)` is true):
+    ```
+    base_size + key_pair_size + public_key_overhead
+    ```
+    where `public_key_overhead = PSA_EXPORT_PUBLIC_KEY_MAX_SIZE(key_type, key_bits)` if the `"store_public_key"` property is true and `public_key_overhead = 0` otherwise.
+
+* For a public key (`PSA_KEY_TYPE_IS_PUBLIC_KEY(key_type)` is true):
+    ```
+    base_size + public_key_size
+    ```
+
+* For a symmetric key (not a key pair or public key):
+    ```
+    base_size + symmetric_factor * key_bytes
+    ```
+    where `key_bytes = ((key_bits + 7) / 8)` is the key size in bytes.
+
+#### Key context size for a secure element with storage
+
+If the key is stored in the secure element and the driver only needs to store a label for the key, use `"base_size"` as the size of the label plus any other metadata that the driver needs to store, and omit the other properties.
+
+If the key is stored in the secure element, but the secure element does not store the public part of a key pair and cannot recompute it on demand, additionally use the `"store_public_key"` property with the value `true`. Note that this only influences the size of the key context: the driver code must copy the public key to the key context and retrieve it on demand in its `export_public_key` entry point.
+
+#### Key context size for a secure element without storage
+
+If the key is stored in wrapped form outside the secure element, and the wrapped form of the key plus any metadata has up to *N* bytes of overhead, use *N* as the value of the `"base_size"` property and set the `"symmetric_factor"` property to 1. Set the `"key_pair_size"` and `"public_key_size"` properties appropriately for the largest supported key pair and the largest supported public key respectively.
+
+### Key management with opaque drivers
+
+Opaque drivers may provide the following key management entry points:
+
+* `"export_key"`: called by `psa_export_key()`, or by `psa_copy_key()` when copying a key from or to a different [location](#lifetimes-and-locations).
+* `"export_public_key"`: called by the core to obtain the public key of a key pair. The core may call this entry point at any time to obtain the public key, which can be for `psa_export_public_key()` but also at other times, including during a cryptographic operation that requires the public key such as a call to `psa_verify_message()` on a key pair object.
+* `"import_key"`: called by `psa_import_key()`, or by `psa_copy_key()` when copying a key from another location.
+* `"generate_key"`: called by `psa_generate_key()`.
+* `"key_derivation_output_key"`: called by `psa_key_derivation_output_key()`.
+* `"copy_key"`: called by `psa_copy_key()` when copying a key within the same [location](#lifetimes-and-locations).
+* `"get_builtin_key"`: called by functions that access a key to retrieve information about a [built-in key](#built-in-keys).
+
+In addition, secure elements that store the key material internally must provide the following two entry points:
+
+* `"allocate_key"`: called by `psa_import_key()`, `psa_generate_key()`, `psa_key_derivation_output_key()` or `psa_copy_key()` before creating a key in the location of this driver.
+* `"destroy_key"`: called by `psa_destroy_key()`.
+
+#### Key creation in a secure element without storage
+
+This section describes the key creation process for secure elements that do not store the key material. The driver must obtain a wrapped form of the key material which the core will store. A driver for such a secure element has no `"allocate_key"` or `"destroy_key"` entry point.
+
+When creating a key with an opaque driver which does not have an `"allocate_key"` or `"destroy_key"` entry point:
+
+1. The core allocates memory for the key context.
+2. The core calls the driver's import, generate, derive or copy entry point.
+3. The core saves the resulting wrapped key material and any other data that the key context may contain.
+
+To destroy a key, the core simply destroys the wrapped key material, without invoking driver code.
+
+#### Key management in a secure element with storage
+
+This section describes the key creation and key destruction processes for secure elements that have persistent storage for the key material. A driver for such a secure element has two mandatory entry points:
+
+* `"allocate_key"`: this function obtains an internal identifier for the key. This may be, for example, a unique label or a slot number.
+* `"destroy_key"`: this function invalidates the internal identifier and destroys the associated key material.
+
+These functions have the following prototypes for a driver with the prefix `"acme"`:
+```
+psa_status_t acme_allocate_key(const psa_key_attributes_t *attributes,
+                               uint8_t *key_buffer,
+                               size_t key_buffer_size);
+psa_status_t acme_destroy_key(const psa_key_attributes_t *attributes,
+                              const uint8_t *key_buffer,
+                              size_t key_buffer_size);
+```
+
+When creating a persistent key with an opaque driver which has an `"allocate_key"` entry point:
+
+1. The core calls the driver's `"allocate_key"` entry point. This function typically allocates an internal identifier for the key without modifying the state of the secure element and stores the identifier in the key context. This function should not modify the state of the secure element. It may modify the copy of the persistent state of the driver in memory.
+
+1. The core saves the key context to persistent storage.
+
+1. The core calls the driver's key creation entry point.
+
+1. The core saves the updated key context to persistent storage.
+
+If a failure occurs after the `"allocate_key"` step but before the call to the second driver entry point, the core will do one of the following:
+
+* Fail the creation of the key without indicating this to the driver. This can happen, in particular, if the device loses power immediately after the key allocation entry point returns.
+* Call the driver's `"destroy_key"` entry point.
+
+To destroy a key, the core calls the driver's `"destroy_key"` entry point.
+
+Note that the key allocation and destruction entry points must not rely solely on the key identifier in the key attributes to identify a key. Some implementations of the PSA Cryptography API store keys on behalf of multiple clients, and different clients may use the same key identifier to designate different keys. The manner in which the core distinguishes keys that have the same identifier but are part of the key namespace for different clients is implementation-dependent and is not accessible to drivers. Some typical strategies to allocate an internal key identifier are:
+
+* Maintain a set of free slot numbers which is stored either in the secure element or in the driver's persistent storage. To allocate a key slot, find a free slot number, mark it as occupied and store the number in the key context. When the key is destroyed, mark the slot number as free.
+* Maintain a monotonic counter with a practically unbounded range in the secure element or in the driver's persistent storage. To allocate a key slot, increment the counter and store the current value in the key context. Destroying a key does not change the counter.
+
+TODO: explain constraints on how the driver updates its persistent state for resilience
+
+TODO: some of the above doesn't apply to volatile keys
+
+#### Key creation entry points in opaque drivers
+
+The key creation entry points have the following prototypes for a driver with the prefix `"acme"`:
+
+```
+psa_status_t acme_import_key(const psa_key_attributes_t *attributes,
+                             const uint8_t *data,
+                             size_t data_length,
+                             uint8_t *key_buffer,
+                             size_t key_buffer_size,
+                             size_t *key_buffer_length,
+                             size_t *bits);
+psa_status_t acme_generate_key(const psa_key_attributes_t *attributes,
+                               uint8_t *key_buffer,
+                               size_t key_buffer_size,
+                               size_t *key_buffer_length);
+```
+
+If the driver has an [`"allocate_key"` entry point](#key-management-in-a-secure-element-with-storage), the core calls the `"allocate_key"` entry point with the same attributes on the same key buffer before calling the key creation entry point.
+
+TODO: derivation, copy
+
+#### Key export entry points in opaque drivers
+
+The key export entry points have the following prototypes for a driver with the prefix `"acme"`:
+
+```
+psa_status_t acme_export_key(const psa_key_attributes_t *attributes,
+                             const uint8_t *key_buffer,
+                             size_t key_buffer_size,
+                             uint8_t *data,
+                             size_t data_size,
+                             size_t *data_length);
+psa_status_t acme_export_public_key(const psa_key_attributes_t *attributes,
+                                    const uint8_t *key_buffer,
+                                    size_t key_buffer_size,
+                                    uint8_t *data,
+                                    size_t data_size,
+                                    size_t *data_length);
+```
+
+The core will only call `acme_export_public_key` on a private key. Drivers implementers may choose to store the public key in the key context buffer or to recalculate it on demand. If the key context includes the public key, it needs to have an adequate size; see [“Key format for opaque drivers”](#key-format-for-opaque-drivers).
+
+The core guarantees that the size of the output buffer (`data_size`) is sufficient to export any key with the given attributes. The driver must set `*data_length` to the exact size of the exported key.
+
+### Opaque driver persistent state
+
+The core maintains persistent state on behalf of an opaque driver. This persistent state consists of a single byte array whose size is given by the `"persistent_state_size"` property in the [driver description](#driver-description-top-level-element).
+
+The core loads the persistent state in memory before it calls the driver's [init entry point](#driver-initialization). It is adjusted to match the size declared by the driver, in case a driver upgrade changes the size:
+
+* The first time the driver is loaded on a system, the persistent state is all-bits-zero.
+* If the stored persistent state is smaller than the declared size, the core pads the persistent state with all-bits-zero at the end.
+* If the stored persistent state is larger than the declared size, the core truncates the persistent state to the declared size.
+
+The core provides the following callback functions, which an opaque driver may call while it is processing a call from the driver:
+```
+psa_status_t psa_crypto_driver_get_persistent_state(uint_8_t **persistent_state_ptr);
+psa_status_t psa_crypto_driver_commit_persistent_state(size_t from, size_t length);
+```
+
+`psa_crypto_driver_get_persistent_state` sets `*persistent_state_ptr` to a pointer to the first byte of the persistent state. This pointer remains valid during a call to a driver entry point. Once the entry point returns, the pointer is no longer valid. The core guarantees that calls to `psa_crypto_driver_get_persistent_state` within the same entry point return the same address for the persistent state, but this address may change between calls to an entry point.
+
+`psa_crypto_driver_commit_persistent_state` updates the persistent state in persistent storage. Only the portion at byte offsets `from` inclusive to `from + length` exclusive is guaranteed to be updated; it is unspecified whether changes made to other parts of the state are taken into account. The driver must call this function after updating the persistent state in memory and before returning from the entry point, otherwise it is unspecified whether the persistent state is updated.
+
+The core will not update the persistent state in storage while an entry point is running except when the entry point calls `psa_crypto_driver_commit_persistent_state`. It may update the persistent state in storage after an entry point returns.
+
+In a multithreaded environment, the driver may only call these two functions from the thread that is executing the entry point.
+
+#### Built-in keys
+
+Opaque drivers may declare built-in keys. Built-in keys can be accessed, but not created, through the PSA Cryptography API.
+
+A built-in key is identified by its location and its **slot number**. Drivers that support built-in keys must provide a `"get_builtin_key"` entry point to retrieve the key data and metadata. The core calls this entry point when it needs to access the key, typically because the application requested an operation on the key. The core may keep information about the key in cache, and successive calls to access the same slot number should return the same data. This entry point has the following prototype:
+
+```
+psa_status_t acme_get_builtin_key(psa_drv_slot_number_t slot_number,
+                                  psa_key_attributes_t *attributes,
+                                  uint8_t *key_buffer,
+                                  size_t key_buffer_size,
+                                  size_t *key_buffer_length);
+```
+
+If this function returns `PSA_SUCCESS` or `PSA_ERROR_BUFFER_TOO_SMALL`, it must fill `attributes` with the attributes of the key (except for the key identifier). On success, this function must also fill `key_buffer` with the key context.
+
+On entry, `psa_get_key_lifetime(attributes)` is the location at which the driver was declared and a persistence level with which the platform is attempting to register the key. The driver entry point may choose to change the lifetime (`psa_set_key_lifetime(attributes, lifetime)`) of the reported key attributes to one with the same location but a different persistence level, in case the driver has more specific knowledge about the actual persistence level of the key which is being retrieved. For example, if a driver knows it cannot delete a key, it may override the persistence level in the lifetime to `PSA_KEY_PERSISTENCE_READ_ONLY`. The standard attributes other than the key identifier and lifetime have the value conveyed by `PSA_KEY_ATTRIBUTES_INIT`.
+
+The output parameter `key_buffer` points to a writable buffer of `key_buffer_size` bytes. If the driver has a [`"builtin_key_size"` property](#key-format-for-opaque-drivers) property, `key_buffer_size` has this value, otherwise `key_buffer_size` has the value determined from the key type and size.
+
+Typically, for a built-in key, the key context is a reference to key material that is kept inside the secure element, similar to the format returned by [`"allocate_key"`](#key-management-in-a-secure-element-with-storage). A driver may have built-in keys even if it doesn't have an `"allocate_key"` entry point.
+
+This entry point may return the following status values:
+
+* `PSA_SUCCESS`: the requested key exists, and the output parameters `attributes` and `key_buffer` contain the key metadata and key context respectively, and `*key_buffer_length` contains the length of the data written to `key_buffer`.
+* `PSA_ERROR_BUFFER_TOO_SMALL`: `key_buffer_size` is insufficient. In this case, the driver must pass the key's attributes in `*attributes`. In particular, `get_builtin_key(slot_number, &attributes, NULL, 0)` is a way for the core to obtain the key's attributes.
+* `PSA_ERROR_DOES_NOT_EXIST`: the requested key does not exist.
+* Other error codes such as `PSA_ERROR_COMMUNICATION_FAILURE` or `PSA_ERROR_HARDWARE_FAILURE` indicate a transient or permanent error.
+
+The core will pass authorized requests to destroy a built-in key to the [`"destroy_key"`](#key-management-in-a-secure-element-with-storage) entry point if there is one. If built-in keys must not be destroyed, it is up to the driver to reject such requests.
+
+## How to use drivers from an application
+
+### Using transparent drivers
+
+Transparent drivers linked into the library are automatically used for the mechanisms that they implement.
+
+### Using opaque drivers
+
+Each opaque driver is assigned a [location](#lifetimes-and-locations). The driver is invoked for all actions that use a key in that location. A key's location is indicated by its lifetime. The application chooses the key's lifetime when it creates the key.
+
+For example, the following snippet creates an AES-GCM key which is only accessible inside the secure element designated by the location `PSA_KEY_LOCATION_acme`.
+```
+psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+        PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_acme));
+psa_set_key_identifier(&attributes, 42);
+psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
+psa_set_key_size(&attributes, 128);
+psa_set_key_algorithm(&attributes, PSA_ALG_GCM);
+psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
+psa_key_id_t key;
+psa_generate_key(&attributes, &key);
+```
+
+## Using opaque drivers from an application
+
+### Lifetimes and locations
+
+The PSA Cryptography API, version 1.0.0, defines [lifetimes](https://armmbed.github.io/mbed-crypto/html/api/keys/attributes.html?highlight=psa_key_lifetime_t#c.psa_key_lifetime_t) as an attribute of a key that indicates where the key is stored and which application and system actions will create and destroy it. The lifetime is expressed as a 32-bit value (`typedef uint32_t psa_key_lifetime_t`). An upcoming version of the PSA Cryptography API defines more structure for lifetime values to separate these two aspects of the lifetime:
+
+* Bits 0–7 are a _persistence level_. This value indicates what device management actions can cause it to be destroyed. In particular, it indicates whether the key is volatile or persistent.
+* Bits 8–31 are a _location indicator_. This value indicates where the key material is stored and where operations on the key are performed. Location values can be stored in a variable of type `psa_key_location_t`.
+
+An opaque driver is attached to a specific location. Keys in the default location (`PSA_KEY_LOCATION_LOCAL_STORAGE = 0`) are transparent: the core has direct access to the key material. For keys in a location that is managed by an opaque driver, only the secure element has access to the key material and can perform operations on the key, while the core only manipulates a wrapped form of the key or an identifier of the key.
+
+### Creating a key in a secure element
+
+The core defines a compile-time constant for each opaque driver indicating its location called `PSA_KEY_LOCATION_`*prefix* where *prefix* is the value of the `"prefix"` property in the driver description. For convenience, Mbed TLS also declares a compile-time constant for the corresponding lifetime with the default persistence called `PSA_KEY_LIFETIME_`*prefix*. Therefore, to declare an opaque key in the location with the prefix `foo` with the default persistence, call `psa_set_key_lifetime` during the key creation as follows:
+```
+psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_foo);
+```
+
+To declare a volatile key:
+```
+psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+        PSA_KEY_LOCATION_foo,
+        PSA_KEY_PERSISTENCE_VOLATILE));
+```
+
+Generally speaking, to declare a key with a specified persistence:
+```
+psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+        PSA_KEY_LOCATION_foo,
+        persistence));
+```
+
+## Open questions
+
+### Value representation
+
+#### Integers
+
+It would be better if there was a uniform requirement on integer values. Do they have to be JSON integers? C preprocessor integers (which could be e.g. a macro defined in some header file)? C compile-time constants (allowing `sizeof`)?
+
+This choice is partly driven by the use of the values, so they might not be uniform. Note that if the value can be zero and it's plausible that the core would want to statically allocate an array of the given size, the core needs to know whether the value is 0 so that it could use code like
+```
+#if ACME_FOO_SIZE != 0
+    uint8_t foo[ACME_FOO_SIZE];
+#endif
+```
+
+### Driver declarations
+
+#### Declaring driver entry points
+
+The core may want to provide declarations for the driver entry points so that it can compile code using them. At the time of writing this paragraph, the driver headers must define types but there is no obligation for them to declare functions. The core knows what the function names and argument types are, so it can generate prototypes.
+
+It should be ok for driver functions to be function-like macros or function pointers.
+
+#### Driver location values
+
+How does a driver author decide which location values to use? It should be possible to combine drivers from different sources. Use the same vendor assignment as for PSA services?
+
+Can the driver assembly process generate distinct location values as needed? This can be convenient, but it's also risky: if you upgrade a device, you need the location values to be the same between builds.
+
+The current plan is for Arm to maintain a registry of vendors and assign a location namespace to each vendor. Parts of the namespace would be reserved for implementations and integrators.
+
+#### Multiple transparent drivers
+
+When multiple transparent drivers implement the same mechanism, which one is called? The first one? The last one? Unspecified? Or is this an error (excluding capabilities with fallback enabled)?
+
+The current choice is that the first one is used, which allows having a preference order on drivers, but may mask integration errors.
+
+### Driver function interfaces
+
+#### Driver function parameter conventions
+
+Should 0-size buffers be guaranteed to have a non-null pointers?
+
+Should drivers really have to cope with overlap?
+
+Should the core guarantee that the output buffer size has the size indicated by the applicable buffer size macro (which may be an overestimation)?
+
+### Partial computations in drivers
+
+#### Substitution points
+
+Earlier drafts of the driver interface had a concept of _substitution points_: places in the calculation where a driver may be called. Some hardware doesn't do the whole calculation, but only the “main” part. This goes both for transparent and opaque drivers. Some common examples:
+
+* A processor that performs the RSA exponentiation, but not the padding. The driver should be able to leverage the padding code in the core.
+* A processor that performs a block cipher operation only for a single block, or only in ECB mode, or only in CTR mode. The core would perform the block mode (CBC, CTR, CCM, ...).
+
+This concept, or some other way to reuse portable code such as specifying inner functions like `psa_rsa_pad` in the core, should be added to the specification.
+
+### Key management
+
+#### Mixing drivers in key derivation
+
+How does `psa_key_derivation_output_key` work when the extraction part and the expansion part use different drivers?
+
+#### Public key calculation
+
+ECC key pairs are represented as the private key value only. The public key needs to be calculated from that. Both transparent drivers and opaque drivers provide a function to calculate the public key (`"export_public_key"`).
+
+The specification doesn't mention when the public key might be calculated. The core may calculate it on creation, on demand, or anything in between. Opaque drivers have a choice of storing the public key in the key context or calculating it on demand and can convey whether the core should store the public key with the `"store_public_key"` property. Is this good enough or should the specification include non-functional requirements?
+
+#### Symmetric key validation with transparent drivers
+
+Should the entry point be called for symmetric keys as well?
+
+#### Support for custom import formats
+
+[“Driver entry points for key management”](#driver-entry-points-for-key-management) states that the input to `"import_key"` can be an implementation-defined format. Is this a good idea? It reduces driver portability, since a core that accepts a custom format would not work with a driver that doesn't accept this format. On the other hand, if a driver accepts a custom format, the core should let it through because the driver presumably handles it more efficiently (in terms of speed and code size) than the core could.
+
+Allowing custom formats also causes a problem with import: the core can't know the size of the key representation until it knows the bit-size of the key, but determining the bit-size of the key is part of the job of the `"import_key"` entry point. For standard key types, this could plausibly be an issue for RSA private keys, where an implementation might accept a custom format that omits the CRT parameters (or that omits *d*).
+
+### Opaque drivers
+
+#### Opaque driver persistent state
+
+The driver is allowed to update the state at any time. Is this ok?
+
+An example use case for updating the persistent state at arbitrary times is to renew a key that is used to encrypt communications between the application processor and the secure element.
+
+`psa_crypto_driver_get_persistent_state` does not identify the calling driver, so the driver needs to remember which driver it's calling. This may require a thread-local variable in a multithreaded core. Is this ok?
+
+### Randomness
+
+#### Input to `"add_entropy"`
+
+Should the input to the [`"add_entropy"` entry point](#entropy-injection) be a full-entropy buffer (with data from all entropy sources already mixed), raw entropy direct from the entropy sources, or give the core a choice?
+
+* Raw data: drivers must implement entropy mixing. `"add_entropy"` needs an extra parameter to indicate the amount of entropy in the data. The core must not do any conditioning.
+* Choice: drivers must implement entropy mixing. `"add_entropy"` needs an extra parameter to indicate the amount of entropy in the data. The core may do conditioning if it wants, but doesn't have to.
+* Full entropy: drivers don't need to do entropy mixing.
+
+#### Flags for `"get_entropy"`
+
+Are the [entropy collection flags](#entropy-collection-flags) well-chosen?
+
+#### Random generator instantiations
+
+May the core instantiate a random generation context more than once? In other words, can there be multiple objects of type `acme_random_context_t`?
+
+Functionally, one RNG is as good as any. If the core wants some parts of the system to use a deterministic generator for reproducibility, it can't use this interface anyway, since the RNG is not necessarily deterministic. However, for performance on multiprocessor systems, a multithreaded core could prefer to use one RNG instance per thread.
+
+<!--
+Local Variables:
+time-stamp-line-limit: 40
+time-stamp-start: "Time-stamp: *\""
+time-stamp-end: "\""
+time-stamp-format: "%04Y/%02m/%02d %02H:%02M:%02S %Z"
+time-stamp-time-zone: "GMT"
+End:
+-->
diff --git a/3rdparty/mbedtls-2.28.7/docs/requirements.in b/3rdparty/mbedtls-2.28.7/docs/requirements.in
new file mode 100644
index 0000000..a523188
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/docs/requirements.in
@@ -0,0 +1,2 @@
+sphinx-rtd-theme
+breathe
diff --git a/3rdparty/mbedtls-2.28.7/docs/requirements.txt b/3rdparty/mbedtls-2.28.7/docs/requirements.txt
new file mode 100644
index 0000000..4b9f3a6
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/docs/requirements.txt
@@ -0,0 +1,66 @@
+#
+# This file is autogenerated by pip-compile with Python 3.9
+# by the following command:
+#
+#    pip-compile requirements.in
+#
+alabaster==0.7.13
+    # via sphinx
+babel==2.12.1
+    # via sphinx
+breathe==4.35.0
+    # via -r requirements.in
+certifi==2022.12.7
+    # via requests
+charset-normalizer==3.1.0
+    # via requests
+docutils==0.17.1
+    # via
+    #   breathe
+    #   sphinx
+    #   sphinx-rtd-theme
+idna==3.4
+    # via requests
+imagesize==1.4.1
+    # via sphinx
+importlib-metadata==6.0.0
+    # via sphinx
+jinja2==3.1.2
+    # via sphinx
+markupsafe==2.1.2
+    # via jinja2
+packaging==23.0
+    # via sphinx
+pygments==2.14.0
+    # via sphinx
+requests==2.28.2
+    # via sphinx
+snowballstemmer==2.2.0
+    # via sphinx
+sphinx==4.5.0
+    # via
+    #   breathe
+    #   sphinx-rtd-theme
+sphinx-rtd-theme==1.2.0
+    # via -r requirements.in
+sphinxcontrib-applehelp==1.0.4
+    # via sphinx
+sphinxcontrib-devhelp==1.0.2
+    # via sphinx
+sphinxcontrib-htmlhelp==2.0.1
+    # via sphinx
+sphinxcontrib-jquery==2.0.0
+    # via sphinx-rtd-theme
+sphinxcontrib-jsmath==1.0.1
+    # via sphinx
+sphinxcontrib-qthelp==1.0.3
+    # via sphinx
+sphinxcontrib-serializinghtml==1.1.5
+    # via sphinx
+urllib3==1.26.15
+    # via requests
+zipp==3.15.0
+    # via importlib-metadata
+
+# The following packages are considered to be unsafe in a requirements file:
+# setuptools
diff --git a/3rdparty/mbedtls-2.28.7/docs/use-psa-crypto.md b/3rdparty/mbedtls-2.28.7/docs/use-psa-crypto.md
new file mode 100644
index 0000000..6ec2dca
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/docs/use-psa-crypto.md
@@ -0,0 +1,204 @@
+This document describes the compile-time configuration option
+`MBEDTLS_USE_PSA_CRYPTO` from a user's perspective, more specifically its
+current effects as well as the parts that aren't covered yet.
+
+Current effects
+===============
+
+General limitations
+-------------------
+
+Compile-time: enabling `MBEDTLS_USE_PSA_CRYPTO` requires
+`MBEDTLS_ECP_RESTARTABLE` and
+`MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER` to be disabled.
+
+Effect: `MBEDTLS_USE_PSA_CRYPTO` currently has no effect on TLS 1.3 (which is
+itself experimental and only partially supported so far): TLS 1.3 always uses
+the legacy APIs even when this option is set.
+
+Stability: any API that's only available when `MBEDTLS_USE_PSA_CRYPTO` is
+defined is considered experimental and may change in incompatible ways at any
+time. Said otherwise, these APIs are explicitly excluded from the usual API
+stability promises.
+
+New APIs / API extensions
+-------------------------
+
+Some of these APIs are meant for the application to use in place of
+pre-existing APIs, in order to get access to the benefits; in the sub-sections
+below these are indicated by "Use in (X.509 and) TLS: opt-in", meaning that
+this requires changes to the application code for the (X.509 and) TLS layers
+to pick up the improvements.
+
+Some of these APIs are mostly meant for internal use by the TLS (and X.509)
+layers; they are indicated below by "Use in (X.509 and) TLS: automatic",
+meaning that no changes to the application code are required for the TLS (and
+X.509) layers to pick up the improvements.
+
+### PSA-held (opaque) keys in the PK layer
+
+There is a new API function `mbedtls_pk_setup_opaque()` that can be used to
+wrap a PSA keypair into a PK context. The key can be used for private-key
+operations and its public part can be exported.
+
+Benefits: isolation of long-term secrets, use of PSA Crypto drivers.
+
+Limitations: only for private keys, only ECC. (That is, only ECDSA signature
+generation. Note: currently this will use randomized ECDSA while Mbed TLS uses
+deterministic ECDSA by default.) The following operations are not supported
+with a context set this way, while they would be available with a normal
+`ECKEY` context: `mbedtls_pk_verify()`, `mbedtls_pk_check_pair()`,
+`mbedtls_pk_debug()`.
+
+Use in X.509 and TLS: opt-in. The application needs to construct the PK context
+using the new API in order to get the benefits; it can then pass the
+resulting context to the following existing APIs:
+
+- `mbedtls_ssl_conf_own_cert()` or `mbedtls_ssl_set_hs_own_cert()` to use the
+  key together with a certificate for ECDSA-based key exchanges (note: while
+this is supported on both sides, it's currently only tested client-side);
+- `mbedtls_x509write_csr_set_key()` to generate a CSR (certificate signature
+  request).
+
+In the TLS and X.509 API, there are two other functions which accept a key or
+keypair as a PK context: `mbedtls_x509write_crt_set_subject_key()` and
+`mbedtls_x509write_crt_set_issuer_key()`. Use of opaque contexts here probably
+works but is so far untested.
+
+### PSA-held (opaque) keys for TLS pre-shared keys (PSK)
+
+There are two new API functions `mbedtls_ssl_conf_psk_opaque()` and
+`mbedtls_ssl_set_hs_psk_opaque()`. Call one of these from an application to
+register a PSA key for use with a PSK key exchange.
+
+Benefits: isolation of long-term secrets.
+
+Limitations: the key can only be used with "pure"
+PSK key exchanges (ciphersuites starting with `TLS_PSK_WITH_`), to the
+exclusion of RSA-PSK, DHE-PSK and ECDHE-PSK key exchanges. It is the responsibility of
+the user to make sure that when provisioning an opaque pre-shared key, the
+only PSK ciphersuites that can be negotiated are "pure" PSK; other XXX-PSK key
+exchanges will result in a handshake failure with the handshake function
+returning `MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE`.
+
+Use in TLS: opt-in. The application needs to register the key using the new
+APIs to get the benefits.
+
+### PSA-based operations in the Cipher layer
+
+There is a new API function `mbedtls_cipher_setup_psa()` to set up a context
+that will call PSA to store the key and perform the operations.
+
+Benefits: use of PSA Crypto drivers; partial isolation of short-term secrets
+(still generated outside of PSA, but then held by PSA).
+
+Limitations: the key is still passed in the clear by the application. The
+multi-part APIs are not supported, only the one-shot APIs. The only modes
+supported are ECB, CBC without padding, GCM and CCM (this excludes stream
+ciphers and ChachaPoly); the only cipher supported is AES (this excludes Aria,
+Camellia, and ChachaPoly). (Note: ECB is currently not tested.) (Note: it is
+possible to perform multiple one-shot operations with the same context;
+however this is not unit-tested, only tested via usage in TLS.)
+
+Use in TLS: automatic. Used when the cipher and mode is supported (with
+gracious fallback to the legacy API otherwise) in all places where a cipher is
+used. There are two such places: in `ssl_tls.c` for record protection, and in
+`ssl_ticket.c` for protecting tickets we issue.
+
+Internal changes
+----------------
+
+All of these internal changes are active as soon as `MBEDTLS_USE_PSA_CRYPTO`
+is enabled, no change required on the application side.
+
+### TLS: cipher operations based on PSA
+
+See "PSA-based operations in the Cipher layer" above.
+
+### PK layer: ECDSA verification based on PSA
+
+Scope: `mbedtls_pk_verify()` will call to PSA for ECDSA signature
+verification.
+
+Benefits: use of PSA Crypto drivers.
+
+Use in TLS and X.509: in all places where an ECDSA signature is verified.
+
+### TLS: ECDHE computation based on PSA
+
+Scope: Client-side, for ECDHE-RSA and ECDHE-ECDSA key exchanges, the
+computation of the ECDHE key exchange is done by PSA.
+
+Limitations: client-side only, ECDHE-PSK not covered
+
+Benefits: use of PSA Crypto drivers.
+
+### TLS: handshake hashes and PRF computed with PSA
+
+Scope: with TLS 1.2, the following are computed with PSA:
+- the running handshake hashes;
+- the hash of the ServerKeyExchange part that is signed;
+- the `verify_data` part of the Finished message;
+- the TLS PRF.
+
+Benefits: use of PSA Crypto drivers.
+
+### X.509: some hashes computed with PSA
+
+Scope: the following hashes are computed with PSA:
+- when verifying a certificate chain, hash of the child for verifying the
+  parent's signature;
+- when writing a CSR, hash of the request for self-signing the request.
+
+Benefits: use of PSA Crypto drivers.
+
+Parts that are not covered yet
+==============================
+
+This is only a high-level overview, grouped by theme
+
+TLS: 1.3 experimental support
+-----------------------------
+
+No part of the experimental support for TLS 1.3 is covered at the moment.
+
+TLS: key exchanges / asymmetric crypto
+--------------------------------------
+
+The following key exchanges are not covered at all:
+
+- RSA
+- DHE-RSA
+- DHE-PSK
+- RSA-PSK
+- ECDHE-PSK
+- ECDH-RSA
+- ECDH-ECDSA
+- ECJPAKE
+
+The following key exchanges are only partially covered:
+
+- ECDHE-RSA: RSA operations are not covered and, server-side, the ECDHE
+  operation isn't either
+- ECDHE-ECDSA: server-side, the ECDHE operation isn't covered. (ECDSA
+  signature generation is only covered if using `mbedtls_pk_setup_opaque()`.)
+
+PSK if covered when the application uses `mbedtls_ssl_conf_psk_opaque()` or
+`mbedtls_ssl_set_hs_psk_opaque()`.
+
+TLS: symmetric crypto
+---------------------
+
+- some ciphers not supported via PSA yet: ARIA, Camellia, ChachaPoly (silent
+  fallback to the legacy APIs)
+- the HMAC part of the CBC and NULL ciphersuites
+- the HMAC computation in `ssl_cookie.c`
+
+X.509
+-----
+
+- most hash operations are still done via the legacy API, except the few that
+  are documented above as using PSA
+- RSA PKCS#1 v1.5 signature generation (from PSA-held keys)
+- RSA PKCS#1 v1.5 signature verification
+- RSA-PSS signature verification
diff --git a/3rdparty/mbedtls-2.25.0/doxygen/input/doc_encdec.h b/3rdparty/mbedtls-2.28.7/doxygen/input/doc_encdec.h
similarity index 79%
rename from 3rdparty/mbedtls-2.25.0/doxygen/input/doc_encdec.h
rename to 3rdparty/mbedtls-2.28.7/doxygen/input/doc_encdec.h
index 46fb04f..e29f40f 100644
--- a/3rdparty/mbedtls-2.25.0/doxygen/input/doc_encdec.h
+++ b/3rdparty/mbedtls-2.28.7/doxygen/input/doc_encdec.h
@@ -6,19 +6,7 @@
 /*
  *
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 /**
@@ -38,7 +26,7 @@
  * All symmetric encryption algorithms are accessible via the generic cipher layer
  * (see \c mbedtls_cipher_setup()).
  *
- * The asymmetric encryptrion algorithms are accessible via the generic public
+ * The asymmetric encryption algorithms are accessible via the generic public
  * key layer (see \c mbedtls_pk_init()).
  *
  * The following algorithms are provided:
diff --git a/3rdparty/mbedtls-2.28.7/doxygen/input/doc_hashing.h b/3rdparty/mbedtls-2.28.7/doxygen/input/doc_hashing.h
new file mode 100644
index 0000000..aff7dfa
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/doxygen/input/doc_hashing.h
@@ -0,0 +1,30 @@
+/**
+ * \file doc_hashing.h
+ *
+ * \brief Hashing module documentation file.
+ */
+/*
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/**
+ * @addtogroup hashing_module Hashing module
+ *
+ * The Message Digest (MD) or Hashing module provides one-way hashing
+ * functions. Such functions can be used for creating a hash message
+ * authentication code (HMAC) when sending a message. Such a HMAC can be used
+ * in combination with a private key for authentication, which is a message
+ * integrity control.
+ *
+ * All hash algorithms can be accessed via the generic MD layer (see
+ * \c mbedtls_md_setup())
+ *
+ * The following hashing-algorithms are provided:
+ * - MD2, MD4, MD5 128-bit one-way hash functions by Ron Rivest.
+ * - SHA-1, SHA-256, SHA-384/512 160-bit or more one-way hash functions by
+ *   NIST and NSA.
+ *
+ * This module provides one-way hashing which can be used for authentication.
+ */
diff --git a/3rdparty/mbedtls-2.28.7/doxygen/input/doc_mainpage.h b/3rdparty/mbedtls-2.28.7/doxygen/input/doc_mainpage.h
new file mode 100644
index 0000000..f22ca10
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/doxygen/input/doc_mainpage.h
@@ -0,0 +1,19 @@
+/**
+ * \file doc_mainpage.h
+ *
+ * \brief Main page documentation file.
+ */
+/*
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/**
+ * @mainpage Mbed TLS v2.28.7 API Documentation
+ *
+ * This documentation describes the internal structure of Mbed TLS.  It was
+ * automatically generated from specially formatted comment blocks in
+ * Mbed TLS's source code using Doxygen.  (See
+ * https://www.doxygen.nl for more information on Doxygen)
+ */
diff --git a/3rdparty/mbedtls-2.28.7/doxygen/input/doc_rng.h b/3rdparty/mbedtls-2.28.7/doxygen/input/doc_rng.h
new file mode 100644
index 0000000..5470b75
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/doxygen/input/doc_rng.h
@@ -0,0 +1,32 @@
+/**
+ * \file doc_rng.h
+ *
+ * \brief Random number generator (RNG) module documentation file.
+ */
+/*
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/**
+ * @addtogroup rng_module Random number generator (RNG) module
+ *
+ * The Random number generator (RNG) module provides random number
+ * generation, see \c mbedtls_ctr_drbg_random().
+ *
+ * The block-cipher counter-mode based deterministic random
+ * bit generator (CTR_DBRG) as specified in NIST SP800-90. It needs an external
+ * source of entropy. For these purposes \c mbedtls_entropy_func() can be used.
+ * This is an implementation based on a simple entropy accumulator design.
+ *
+ * The other number generator that is included is less strong and uses the
+ * HAVEGE (HArdware Volatile Entropy Gathering and Expansion) software heuristic
+ * which considered unsafe for primary usage, but provides additional random
+ * to the entropy pool if enables.
+ *
+ * Meaning that there seems to be no practical algorithm that can guess
+ * the next bit with a probability larger than 1/2 in an output sequence.
+ *
+ * This module can be used to generate random numbers.
+ */
diff --git a/3rdparty/mbedtls-2.28.7/doxygen/input/doc_ssltls.h b/3rdparty/mbedtls-2.28.7/doxygen/input/doc_ssltls.h
new file mode 100644
index 0000000..5757574
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/doxygen/input/doc_ssltls.h
@@ -0,0 +1,37 @@
+/**
+ * \file doc_ssltls.h
+ *
+ * \brief SSL/TLS communication module documentation file.
+ */
+/*
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/**
+ * @addtogroup ssltls_communication_module SSL/TLS communication module
+ *
+ * The SSL/TLS communication module provides the means to create an SSL/TLS
+ * communication channel.
+ *
+ * The basic provisions are:
+ * - initialise an SSL/TLS context (see \c mbedtls_ssl_init()).
+ * - perform an SSL/TLS handshake (see \c mbedtls_ssl_handshake()).
+ * - read/write (see \c mbedtls_ssl_read() and \c mbedtls_ssl_write()).
+ * - notify a peer that connection is being closed (see \c mbedtls_ssl_close_notify()).
+ *
+ * Many aspects of such a channel are set through parameters and callback
+ * functions:
+ * - the endpoint role: client or server.
+ * - the authentication mode. Should verification take place.
+ * - the Host-to-host communication channel. A TCP/IP module is provided.
+ * - the random number generator (RNG).
+ * - the ciphers to use for encryption/decryption.
+ * - session control functions.
+ * - X.509 parameters for certificate-handling and key exchange.
+ *
+ * This module can be used to create an SSL/TLS server and client and to provide a basic
+ * framework to setup and communicate through an SSL/TLS communication channel.\n
+ * Note that you need to provide for several aspects yourself as mentioned above.
+ */
diff --git a/3rdparty/mbedtls-2.28.7/doxygen/input/doc_tcpip.h b/3rdparty/mbedtls-2.28.7/doxygen/input/doc_tcpip.h
new file mode 100644
index 0000000..f8d8c69
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/doxygen/input/doc_tcpip.h
@@ -0,0 +1,32 @@
+/**
+ * \file doc_tcpip.h
+ *
+ * \brief TCP/IP communication module documentation file.
+ */
+/*
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/**
+ * @addtogroup tcpip_communication_module TCP/IP communication module
+ *
+ * The TCP/IP communication module provides for a channel of
+ * communication for the \link ssltls_communication_module SSL/TLS communication
+ * module\endlink to use.
+ * In the TCP/IP-model it provides for communication up to the Transport
+ * (or Host-to-host) layer.
+ * SSL/TLS resides on top of that, in the Application layer, and makes use of
+ * its basic provisions:
+ * - listening on a port (see \c mbedtls_net_bind()).
+ * - accepting a connection (through \c mbedtls_net_accept()).
+ * - read/write (through \c mbedtls_net_recv()/\c mbedtls_net_send()).
+ * - close a connection (through \c mbedtls_net_close()).
+ *
+ * This way you have the means to, for example, implement and use an UDP or
+ * IPSec communication solution as a basis.
+ *
+ * This module can be used at server- and clientside to provide a basic
+ * means of communication over the internet.
+ */
diff --git a/3rdparty/mbedtls-2.28.7/doxygen/input/doc_x509.h b/3rdparty/mbedtls-2.28.7/doxygen/input/doc_x509.h
new file mode 100644
index 0000000..945830f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/doxygen/input/doc_x509.h
@@ -0,0 +1,31 @@
+/**
+ * \file doc_x509.h
+ *
+ * \brief X.509 module documentation file.
+ */
+/*
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/**
+ * @addtogroup x509_module X.509 module
+ *
+ * The X.509 module provides X.509 support for reading, writing and verification
+ * of certificates.
+ * In summary:
+ *   - X.509 certificate (CRT) reading (see \c mbedtls_x509_crt_parse(),
+ *     \c mbedtls_x509_crt_parse_der(), \c mbedtls_x509_crt_parse_file()).
+ *   - X.509 certificate revocation list (CRL) reading (see
+ *     \c mbedtls_x509_crl_parse(), \c mbedtls_x509_crl_parse_der(),
+ *     and \c mbedtls_x509_crl_parse_file()).
+ *   - X.509 certificate signature verification (see \c
+ *     mbedtls_x509_crt_verify() and \c mbedtls_x509_crt_verify_with_profile().
+ *   - X.509 certificate writing and certificate request writing (see
+ *     \c mbedtls_x509write_crt_der() and \c mbedtls_x509write_csr_der()).
+ *
+ * This module can be used to build a certificate authority (CA) chain and
+ * verify its signature. It is also used to generate Certificate Signing
+ * Requests and X.509 certificates just as a CA would do.
+ */
diff --git a/3rdparty/mbedtls-2.28.7/doxygen/mbedtls.doxyfile b/3rdparty/mbedtls-2.28.7/doxygen/mbedtls.doxyfile
new file mode 100644
index 0000000..2c71040
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/doxygen/mbedtls.doxyfile
@@ -0,0 +1,55 @@
+PROJECT_NAME           = "Mbed TLS v2.28.7"
+OUTPUT_DIRECTORY       = ../apidoc/
+FULL_PATH_NAMES        = NO
+OPTIMIZE_OUTPUT_FOR_C  = YES
+EXTRACT_ALL            = YES
+EXTRACT_PRIVATE        = YES
+EXTRACT_STATIC         = YES
+CASE_SENSE_NAMES       = NO
+INPUT                  = ../include input
+FILE_PATTERNS          = *.h
+RECURSIVE              = YES
+EXCLUDE_SYMLINKS       = YES
+EXCLUDE_PATTERNS       = *_internal.h *_wrap.h
+SOURCE_BROWSER         = YES
+REFERENCED_BY_RELATION = YES
+REFERENCES_RELATION    = YES
+ALPHABETICAL_INDEX     = NO
+HTML_OUTPUT            = .
+HTML_TIMESTAMP         = YES
+SEARCHENGINE           = YES
+GENERATE_LATEX         = NO
+GENERATE_XML           = YES
+MACRO_EXPANSION        = YES
+EXPAND_ONLY_PREDEF     = YES
+INCLUDE_PATH           = ../include
+CLASS_DIAGRAMS         = NO
+HAVE_DOT               = YES
+DOT_GRAPH_MAX_NODES    = 200
+MAX_DOT_GRAPH_DEPTH    = 1000
+DOT_TRANSPARENT        = YES
+
+# We mostly use \retval declarations to document which error codes a function
+# can return. The reader can follow the hyperlink to the definition of the
+# constant to get the generic documentation of that error code. If we don't
+# have anything to say about the specific error code for the specific
+# function, we can leave the description part of the \retval command blank.
+# This is perfectly valid as far as Doxygen is concerned. However, with
+# Clang >=15, the -Wdocumentation option emits a warning for empty
+# descriptions.
+#   https://github.com/Mbed-TLS/mbedtls/issues/6960
+#   https://github.com/llvm/llvm-project/issues/60315
+# As a workaround, you can write something like
+#     \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+# This avoids writing redundant text and keeps Clang happy.
+ALIASES += emptydescription=""
+
+# Define away Mbed TLS macros that make parsing definitions difficult.
+# MBEDTLS_DEPRECATED is not included in this list as it's important to
+# display deprecated status in the documentation.
+PREDEFINED             = "MBEDTLS_CHECK_RETURN_CRITICAL="   \
+                         "MBEDTLS_CHECK_RETURN_TYPICAL="    \
+                         "MBEDTLS_CHECK_RETURN_OPTIONAL="   \
+                         "MBEDTLS_PRINTF_ATTRIBUTE(a,b)="   \
+                         "__DOXYGEN__"                      \
+
diff --git a/3rdparty/mbedtls-2.25.0/include/.gitignore b/3rdparty/mbedtls-2.28.7/include/.gitignore
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/include/.gitignore
rename to 3rdparty/mbedtls-2.28.7/include/.gitignore
diff --git a/3rdparty/mbedtls-2.28.7/include/CMakeLists.txt b/3rdparty/mbedtls-2.28.7/include/CMakeLists.txt
new file mode 100644
index 0000000..11b417b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/CMakeLists.txt
@@ -0,0 +1,22 @@
+option(INSTALL_MBEDTLS_HEADERS "Install Mbed TLS headers." ON)
+
+if(INSTALL_MBEDTLS_HEADERS)
+
+    file(GLOB headers "mbedtls/*.h")
+    file(GLOB psa_headers "psa/*.h")
+
+    install(FILES ${headers}
+        DESTINATION include/mbedtls
+        PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
+
+    install(FILES ${psa_headers}
+        DESTINATION include/psa
+        PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
+
+endif(INSTALL_MBEDTLS_HEADERS)
+
+# Make config.h available in an out-of-source build. ssl-opt.sh requires it.
+if (ENABLE_TESTING AND NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR})
+    link_to_source(mbedtls)
+    link_to_source(psa)
+endif()
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/aes.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/aes.h
similarity index 84%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/aes.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/aes.h
index 052f47c..2623a42 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/aes.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/aes.h
@@ -22,19 +22,7 @@
 
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #ifndef MBEDTLS_AES_H
@@ -45,6 +33,7 @@
 #else
 #include MBEDTLS_CONFIG_FILE
 #endif
+#include "mbedtls/platform_util.h"
 
 #include <stddef.h>
 #include <stdint.h>
@@ -54,19 +43,24 @@
 #define MBEDTLS_AES_DECRYPT     0 /**< AES decryption. */
 
 /* Error codes in range 0x0020-0x0022 */
-#define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH                -0x0020  /**< Invalid key length. */
-#define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH              -0x0022  /**< Invalid data input length. */
+/** Invalid key length. */
+#define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH                -0x0020
+/** Invalid data input length. */
+#define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH              -0x0022
 
 /* Error codes in range 0x0021-0x0025 */
-#define MBEDTLS_ERR_AES_BAD_INPUT_DATA                    -0x0021  /**< Invalid input data. */
+/** Invalid input data. */
+#define MBEDTLS_ERR_AES_BAD_INPUT_DATA                    -0x0021
 
 /* MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE is deprecated and should not be used. */
-#define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE               -0x0023  /**< Feature not available. For example, an unsupported AES key size. */
+/** Feature not available. For example, an unsupported AES key size. */
+#define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE               -0x0023
 
 /* MBEDTLS_ERR_AES_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_AES_HW_ACCEL_FAILED                   -0x0025  /**< AES hardware accelerator failed. */
+/** AES hardware accelerator failed. */
+#define MBEDTLS_ERR_AES_HW_ACCEL_FAILED                   -0x0025
 
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
     !defined(inline) && !defined(__cplusplus)
 #define inline __inline
 #endif
@@ -82,8 +76,7 @@ extern "C" {
 /**
  * \brief The AES context-type definition.
  */
-typedef struct mbedtls_aes_context
-{
+typedef struct mbedtls_aes_context {
     int nr;                     /*!< The number of rounds. */
     uint32_t *rk;               /*!< AES round keys. */
     uint32_t buf[68];           /*!< Unaligned data buffer. This buffer can
@@ -101,8 +94,7 @@ mbedtls_aes_context;
 /**
  * \brief The AES XTS context-type definition.
  */
-typedef struct mbedtls_aes_xts_context
-{
+typedef struct mbedtls_aes_xts_context {
     mbedtls_aes_context crypt; /*!< The AES context to use for AES block
                                         encryption or decryption. */
     mbedtls_aes_context tweak; /*!< The AES context used for tweak
@@ -122,7 +114,7 @@ typedef struct mbedtls_aes_xts_context
  *
  * \param ctx      The AES context to initialize. This must not be \c NULL.
  */
-void mbedtls_aes_init( mbedtls_aes_context *ctx );
+void mbedtls_aes_init(mbedtls_aes_context *ctx);
 
 /**
  * \brief          This function releases and clears the specified AES context.
@@ -131,7 +123,7 @@ void mbedtls_aes_init( mbedtls_aes_context *ctx );
  *                 If this is \c NULL, this function does nothing.
  *                 Otherwise, the context must have been at least initialized.
  */
-void mbedtls_aes_free( mbedtls_aes_context *ctx );
+void mbedtls_aes_free(mbedtls_aes_context *ctx);
 
 #if defined(MBEDTLS_CIPHER_MODE_XTS)
 /**
@@ -142,7 +134,7 @@ void mbedtls_aes_free( mbedtls_aes_context *ctx );
  *
  * \param ctx      The AES XTS context to initialize. This must not be \c NULL.
  */
-void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx );
+void mbedtls_aes_xts_init(mbedtls_aes_xts_context *ctx);
 
 /**
  * \brief          This function releases and clears the specified AES XTS context.
@@ -151,7 +143,7 @@ void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx );
  *                 If this is \c NULL, this function does nothing.
  *                 Otherwise, the context must have been at least initialized.
  */
-void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx );
+void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx);
 #endif /* MBEDTLS_CIPHER_MODE_XTS */
 
 /**
@@ -169,8 +161,9 @@ void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx );
  * \return         \c 0 on success.
  * \return         #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
  */
-int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
-                    unsigned int keybits );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
+                           unsigned int keybits);
 
 /**
  * \brief          This function sets the decryption key.
@@ -187,8 +180,9 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
  * \return         \c 0 on success.
  * \return         #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
  */
-int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
-                    unsigned int keybits );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
+                           unsigned int keybits);
 
 #if defined(MBEDTLS_CIPHER_MODE_XTS)
 /**
@@ -207,9 +201,10 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
  * \return         \c 0 on success.
  * \return         #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
  */
-int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
-                                const unsigned char *key,
-                                unsigned int keybits );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_aes_xts_setkey_enc(mbedtls_aes_xts_context *ctx,
+                               const unsigned char *key,
+                               unsigned int keybits);
 
 /**
  * \brief          This function prepares an XTS context for decryption and
@@ -227,9 +222,10 @@ int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
  * \return         \c 0 on success.
  * \return         #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
  */
-int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
-                                const unsigned char *key,
-                                unsigned int keybits );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_aes_xts_setkey_dec(mbedtls_aes_xts_context *ctx,
+                               const unsigned char *key,
+                               unsigned int keybits);
 #endif /* MBEDTLS_CIPHER_MODE_XTS */
 
 /**
@@ -255,10 +251,11 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
 
  * \return         \c 0 on success.
  */
-int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
-                    int mode,
-                    const unsigned char input[16],
-                    unsigned char output[16] );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
+                          int mode,
+                          const unsigned char input[16],
+                          unsigned char output[16]);
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
 /**
@@ -302,12 +299,13 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
  * \return         #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
  *                 on failure.
  */
-int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
-                    int mode,
-                    size_t length,
-                    unsigned char iv[16],
-                    const unsigned char *input,
-                    unsigned char *output );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
+                          int mode,
+                          size_t length,
+                          unsigned char iv[16],
+                          const unsigned char *input,
+                          unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
 #if defined(MBEDTLS_CIPHER_MODE_XTS)
@@ -346,12 +344,13 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
  *                     smaller than an AES block in size (16 Bytes) or if \p
  *                     length is larger than 2^20 blocks (16 MiB).
  */
-int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
-                           int mode,
-                           size_t length,
-                           const unsigned char data_unit[16],
-                           const unsigned char *input,
-                           unsigned char *output );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_aes_crypt_xts(mbedtls_aes_xts_context *ctx,
+                          int mode,
+                          size_t length,
+                          const unsigned char data_unit[16],
+                          const unsigned char *input,
+                          unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_XTS */
 
 #if defined(MBEDTLS_CIPHER_MODE_CFB)
@@ -394,13 +393,14 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
  *
  * \return         \c 0 on success.
  */
-int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
-                       int mode,
-                       size_t length,
-                       size_t *iv_off,
-                       unsigned char iv[16],
-                       const unsigned char *input,
-                       unsigned char *output );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx,
+                             int mode,
+                             size_t length,
+                             size_t *iv_off,
+                             unsigned char iv[16],
+                             const unsigned char *input,
+                             unsigned char *output);
 
 /**
  * \brief This function performs an AES-CFB8 encryption or decryption
@@ -438,12 +438,13 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
  *
  * \return         \c 0 on success.
  */
-int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
-                    int mode,
-                    size_t length,
-                    unsigned char iv[16],
-                    const unsigned char *input,
-                    unsigned char *output );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx,
+                           int mode,
+                           size_t length,
+                           unsigned char iv[16],
+                           const unsigned char *input,
+                           unsigned char *output);
 #endif /*MBEDTLS_CIPHER_MODE_CFB */
 
 #if defined(MBEDTLS_CIPHER_MODE_OFB)
@@ -492,12 +493,13 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
  *
  * \return         \c 0 on success.
  */
-int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
-                       size_t length,
-                       size_t *iv_off,
-                       unsigned char iv[16],
-                       const unsigned char *input,
-                       unsigned char *output );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_aes_crypt_ofb(mbedtls_aes_context *ctx,
+                          size_t length,
+                          size_t *iv_off,
+                          unsigned char iv[16],
+                          const unsigned char *input,
+                          unsigned char *output);
 
 #endif /* MBEDTLS_CIPHER_MODE_OFB */
 
@@ -506,10 +508,6 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
  * \brief      This function performs an AES-CTR encryption or decryption
  *             operation.
  *
- *             This function performs the operation defined in the \p mode
- *             parameter (encrypt/decrypt), on the input data buffer
- *             defined in the \p input parameter.
- *
  *             Due to the nature of CTR, you must use the same key schedule
  *             for both encryption and decryption operations. Therefore, you
  *             must use the context initialized with mbedtls_aes_setkey_enc()
@@ -552,7 +550,7 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
  *             for example, with 96-bit random nonces, you should not encrypt
  *             more than 2**32 messages with the same key.
  *
- *             Note that for both stategies, sizes are measured in blocks and
+ *             Note that for both strategies, sizes are measured in blocks and
  *             that an AES block is 16 bytes.
  *
  * \warning    Upon return, \p stream_block contains sensitive data. Its
@@ -578,13 +576,14 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
  *
  * \return                 \c 0 on success.
  */
-int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
-                       size_t length,
-                       size_t *nc_off,
-                       unsigned char nonce_counter[16],
-                       unsigned char stream_block[16],
-                       const unsigned char *input,
-                       unsigned char *output );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx,
+                          size_t length,
+                          size_t *nc_off,
+                          unsigned char nonce_counter[16],
+                          unsigned char stream_block[16],
+                          const unsigned char *input,
+                          unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CTR */
 
 /**
@@ -598,9 +597,10 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
  *
  * \return          \c 0 on success.
  */
-int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
-                                  const unsigned char input[16],
-                                  unsigned char output[16] );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx,
+                                 const unsigned char input[16],
+                                 unsigned char output[16]);
 
 /**
  * \brief           Internal AES block decryption function. This is only
@@ -613,9 +613,10 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
  *
  * \return          \c 0 on success.
  */
-int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
-                                  const unsigned char input[16],
-                                  unsigned char output[16] );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
+                                 const unsigned char input[16],
+                                 unsigned char output[16]);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -633,9 +634,9 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
  * \param input     Plaintext block.
  * \param output    Output (ciphertext) block.
  */
-MBEDTLS_DEPRECATED void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
-                                             const unsigned char input[16],
-                                             unsigned char output[16] );
+MBEDTLS_DEPRECATED void mbedtls_aes_encrypt(mbedtls_aes_context *ctx,
+                                            const unsigned char input[16],
+                                            unsigned char output[16]);
 
 /**
  * \brief           Deprecated internal AES block decryption function
@@ -647,9 +648,9 @@ MBEDTLS_DEPRECATED void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
  * \param input     Ciphertext block.
  * \param output    Output (plaintext) block.
  */
-MBEDTLS_DEPRECATED void mbedtls_aes_decrypt( mbedtls_aes_context *ctx,
-                                             const unsigned char input[16],
-                                             unsigned char output[16] );
+MBEDTLS_DEPRECATED void mbedtls_aes_decrypt(mbedtls_aes_context *ctx,
+                                            const unsigned char input[16],
+                                            unsigned char output[16]);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -662,7 +663,8 @@ MBEDTLS_DEPRECATED void mbedtls_aes_decrypt( mbedtls_aes_context *ctx,
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
-int mbedtls_aes_self_test( int verbose );
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_aes_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/aesni.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/aesni.h
new file mode 100644
index 0000000..b636c10
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/aesni.h
@@ -0,0 +1,169 @@
+/**
+ * \file aesni.h
+ *
+ * \brief AES-NI for hardware AES acceleration on some Intel processors
+ *
+ * \warning These functions are only for internal use by other library
+ *          functions; you must not call them directly.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_AESNI_H
+#define MBEDTLS_AESNI_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/aes.h"
+
+#define MBEDTLS_AESNI_AES      0x02000000u
+#define MBEDTLS_AESNI_CLMUL    0x00000002u
+
+#if !defined(MBEDTLS_HAVE_X86_64) && \
+    (defined(__amd64__) || defined(__x86_64__) || \
+    defined(_M_X64) || defined(_M_AMD64)) && \
+    !defined(_M_ARM64EC)
+#define MBEDTLS_HAVE_X86_64
+#endif
+
+#if !defined(MBEDTLS_HAVE_X86) && \
+    (defined(__i386__) || defined(_M_IX86))
+#define MBEDTLS_HAVE_X86
+#endif
+
+#if defined(MBEDTLS_AESNI_C) && \
+    (defined(MBEDTLS_HAVE_X86_64) || defined(MBEDTLS_HAVE_X86))
+
+/* Can we do AESNI with intrinsics?
+ * (Only implemented with certain compilers, only for certain targets.)
+ *
+ * NOTE: MBEDTLS_AESNI_HAVE_INTRINSICS and MBEDTLS_AESNI_HAVE_CODE are internal
+ *       macros that may change in future releases.
+ */
+#undef MBEDTLS_AESNI_HAVE_INTRINSICS
+#if defined(_MSC_VER)
+/* Visual Studio supports AESNI intrinsics since VS 2008 SP1. We only support
+ * VS 2013 and up for other reasons anyway, so no need to check the version. */
+#define MBEDTLS_AESNI_HAVE_INTRINSICS
+#endif
+/* GCC-like compilers: currently, we only support intrinsics if the requisite
+ * target flag is enabled when building the library (e.g. `gcc -mpclmul -msse2`
+ * or `clang -maes -mpclmul`). */
+#if defined(__GNUC__) && defined(__AES__) && defined(__PCLMUL__)
+#define MBEDTLS_AESNI_HAVE_INTRINSICS
+#endif
+
+/* Choose the implementation of AESNI, if one is available. */
+#undef MBEDTLS_AESNI_HAVE_CODE
+/* To minimize disruption when releasing the intrinsics-based implementation,
+ * favor the assembly-based implementation if it's available. We intend to
+ * revise this in a later release of Mbed TLS 3.x. In the long run, we will
+ * likely remove the assembly implementation. */
+#if defined(MBEDTLS_HAVE_ASM) && \
+    defined(__GNUC__) && defined(MBEDTLS_HAVE_X86_64)
+/* Can we do AESNI with inline assembly?
+ * (Only implemented with gas syntax, only for 64-bit.)
+ */
+#define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly
+#elif defined(MBEDTLS_AESNI_HAVE_INTRINSICS)
+#define MBEDTLS_AESNI_HAVE_CODE 2 // via intrinsics
+#endif
+
+#if defined(MBEDTLS_AESNI_HAVE_CODE)
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          Internal function to detect the AES-NI feature in CPUs.
+ *
+ * \note           This function is only for internal use by other library
+ *                 functions; you must not call it directly.
+ *
+ * \param what     The feature to detect
+ *                 (MBEDTLS_AESNI_AES or MBEDTLS_AESNI_CLMUL)
+ *
+ * \return         1 if CPU has support for the feature, 0 otherwise
+ */
+int mbedtls_aesni_has_support(unsigned int what);
+
+/**
+ * \brief          Internal AES-NI AES-ECB block encryption and decryption
+ *
+ * \note           This function is only for internal use by other library
+ *                 functions; you must not call it directly.
+ *
+ * \param ctx      AES context
+ * \param mode     MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
+ * \param input    16-byte input block
+ * \param output   16-byte output block
+ *
+ * \return         0 on success (cannot fail)
+ */
+int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx,
+                            int mode,
+                            const unsigned char input[16],
+                            unsigned char output[16]);
+
+/**
+ * \brief          Internal GCM multiplication: c = a * b in GF(2^128)
+ *
+ * \note           This function is only for internal use by other library
+ *                 functions; you must not call it directly.
+ *
+ * \param c        Result
+ * \param a        First operand
+ * \param b        Second operand
+ *
+ * \note           Both operands and result are bit strings interpreted as
+ *                 elements of GF(2^128) as per the GCM spec.
+ */
+void mbedtls_aesni_gcm_mult(unsigned char c[16],
+                            const unsigned char a[16],
+                            const unsigned char b[16]);
+
+/**
+ * \brief           Internal round key inversion. This function computes
+ *                  decryption round keys from the encryption round keys.
+ *
+ * \note            This function is only for internal use by other library
+ *                  functions; you must not call it directly.
+ *
+ * \param invkey    Round keys for the equivalent inverse cipher
+ * \param fwdkey    Original round keys (for encryption)
+ * \param nr        Number of rounds (that is, number of round keys minus one)
+ */
+void mbedtls_aesni_inverse_key(unsigned char *invkey,
+                               const unsigned char *fwdkey,
+                               int nr);
+
+/**
+ * \brief           Internal key expansion for encryption
+ *
+ * \note            This function is only for internal use by other library
+ *                  functions; you must not call it directly.
+ *
+ * \param rk        Destination buffer where the round keys are written
+ * \param key       Encryption key
+ * \param bits      Key size in bits (must be 128, 192 or 256)
+ *
+ * \return          0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
+ */
+int mbedtls_aesni_setkey_enc(unsigned char *rk,
+                             const unsigned char *key,
+                             size_t bits);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_AESNI_HAVE_CODE */
+#endif /* MBEDTLS_AESNI_C && (MBEDTLS_HAVE_X86_64 || MBEDTLS_HAVE_X86) */
+
+#endif /* MBEDTLS_AESNI_H */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/arc4.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/arc4.h
new file mode 100644
index 0000000..1f813aa
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/arc4.h
@@ -0,0 +1,132 @@
+/**
+ * \file arc4.h
+ *
+ * \brief The ARCFOUR stream cipher
+ *
+ * \warning   ARC4 is considered a weak cipher and its use constitutes a
+ *            security risk. We recommend considering stronger ciphers instead.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ *
+ */
+#ifndef MBEDTLS_ARC4_H
+#define MBEDTLS_ARC4_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+
+/* MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED is deprecated and should not be used. */
+/** ARC4 hardware accelerator failed. */
+#define MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED                  -0x0019
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if !defined(MBEDTLS_ARC4_ALT)
+// Regular implementation
+//
+
+/**
+ * \brief     ARC4 context structure
+ *
+ * \warning   ARC4 is considered a weak cipher and its use constitutes a
+ *            security risk. We recommend considering stronger ciphers instead.
+ *
+ */
+typedef struct mbedtls_arc4_context {
+    int x;                      /*!< permutation index */
+    int y;                      /*!< permutation index */
+    unsigned char m[256];       /*!< permutation table */
+}
+mbedtls_arc4_context;
+
+#else  /* MBEDTLS_ARC4_ALT */
+#include "arc4_alt.h"
+#endif /* MBEDTLS_ARC4_ALT */
+
+/**
+ * \brief          Initialize ARC4 context
+ *
+ * \param ctx      ARC4 context to be initialized
+ *
+ * \warning        ARC4 is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ *
+ */
+void mbedtls_arc4_init(mbedtls_arc4_context *ctx);
+
+/**
+ * \brief          Clear ARC4 context
+ *
+ * \param ctx      ARC4 context to be cleared
+ *
+ * \warning        ARC4 is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ *
+ */
+void mbedtls_arc4_free(mbedtls_arc4_context *ctx);
+
+/**
+ * \brief          ARC4 key schedule
+ *
+ * \param ctx      ARC4 context to be setup
+ * \param key      the secret key
+ * \param keylen   length of the key, in bytes
+ *
+ * \warning        ARC4 is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ *
+ */
+void mbedtls_arc4_setup(mbedtls_arc4_context *ctx, const unsigned char *key,
+                        unsigned int keylen);
+
+/**
+ * \brief          ARC4 cipher function
+ *
+ * \param ctx      ARC4 context
+ * \param length   length of the input data
+ * \param input    buffer holding the input data
+ * \param output   buffer for the output data
+ *
+ * \return         0 if successful
+ *
+ * \warning        ARC4 is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ *
+ */
+int mbedtls_arc4_crypt(mbedtls_arc4_context *ctx, size_t length, const unsigned char *input,
+                       unsigned char *output);
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ *
+ * \warning        ARC4 is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ *
+ */
+int mbedtls_arc4_self_test(int verbose);
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* arc4.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/aria.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/aria.h
similarity index 80%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/aria.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/aria.h
index a4b27b3..e360aa6 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/aria.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/aria.h
@@ -11,19 +11,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #ifndef MBEDTLS_ARIA_H
@@ -44,36 +32,39 @@
 #define MBEDTLS_ARIA_DECRYPT     0 /**< ARIA decryption. */
 
 #define MBEDTLS_ARIA_BLOCKSIZE   16 /**< ARIA block size in bytes. */
-#define MBEDTLS_ARIA_MAX_ROUNDS  16 /**< Maxiumum number of rounds in ARIA. */
+#define MBEDTLS_ARIA_MAX_ROUNDS  16 /**< Maximum number of rounds in ARIA. */
 #define MBEDTLS_ARIA_MAX_KEYSIZE 32 /**< Maximum size of an ARIA key in bytes. */
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
-#define MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH   MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x005C )
+#define MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH   MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(-0x005C)
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
-#define MBEDTLS_ERR_ARIA_BAD_INPUT_DATA -0x005C /**< Bad input data. */
+/** Bad input data. */
+#define MBEDTLS_ERR_ARIA_BAD_INPUT_DATA -0x005C
 
-#define MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH -0x005E /**< Invalid data input length. */
+/** Invalid data input length. */
+#define MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH -0x005E
 
 /* MBEDTLS_ERR_ARIA_FEATURE_UNAVAILABLE is deprecated and should not be used.
  */
-#define MBEDTLS_ERR_ARIA_FEATURE_UNAVAILABLE  -0x005A  /**< Feature not available. For example, an unsupported ARIA key size. */
+/** Feature not available. For example, an unsupported ARIA key size. */
+#define MBEDTLS_ERR_ARIA_FEATURE_UNAVAILABLE  -0x005A
 
 /* MBEDTLS_ERR_ARIA_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_ARIA_HW_ACCEL_FAILED      -0x0058  /**< ARIA hardware accelerator failed. */
-
-#if !defined(MBEDTLS_ARIA_ALT)
-// Regular implementation
-//
+/** ARIA hardware accelerator failed. */
+#define MBEDTLS_ERR_ARIA_HW_ACCEL_FAILED      -0x0058
 
 #ifdef __cplusplus
 extern "C" {
 #endif
 
+#if !defined(MBEDTLS_ARIA_ALT)
+// Regular implementation
+//
+
 /**
  * \brief The ARIA context-type definition.
  */
-typedef struct mbedtls_aria_context
-{
+typedef struct mbedtls_aria_context {
     unsigned char nr;           /*!< The number of rounds (12, 14 or 16) */
     /*! The ARIA round keys. */
     uint32_t rk[MBEDTLS_ARIA_MAX_ROUNDS + 1][MBEDTLS_ARIA_BLOCKSIZE / 4];
@@ -92,7 +83,7 @@ mbedtls_aria_context;
  *
  * \param ctx      The ARIA context to initialize. This must not be \c NULL.
  */
-void mbedtls_aria_init( mbedtls_aria_context *ctx );
+void mbedtls_aria_init(mbedtls_aria_context *ctx);
 
 /**
  * \brief          This function releases and clears the specified ARIA context.
@@ -101,7 +92,7 @@ void mbedtls_aria_init( mbedtls_aria_context *ctx );
  *                 case this function returns immediately. If it is not \c NULL,
  *                 it must point to an initialized ARIA context.
  */
-void mbedtls_aria_free( mbedtls_aria_context *ctx );
+void mbedtls_aria_free(mbedtls_aria_context *ctx);
 
 /**
  * \brief          This function sets the encryption key.
@@ -118,9 +109,9 @@ void mbedtls_aria_free( mbedtls_aria_context *ctx );
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx,
-                             const unsigned char *key,
-                             unsigned int keybits );
+int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx,
+                            const unsigned char *key,
+                            unsigned int keybits);
 
 /**
  * \brief          This function sets the decryption key.
@@ -137,9 +128,9 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx,
-                             const unsigned char *key,
-                             unsigned int keybits );
+int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx,
+                            const unsigned char *key,
+                            unsigned int keybits);
 
 /**
  * \brief          This function performs an ARIA single-block encryption or
@@ -161,9 +152,9 @@ int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
-                            const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE],
-                            unsigned char output[MBEDTLS_ARIA_BLOCKSIZE] );
+int mbedtls_aria_crypt_ecb(mbedtls_aria_context *ctx,
+                           const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE],
+                           unsigned char output[MBEDTLS_ARIA_BLOCKSIZE]);
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
 /**
@@ -207,12 +198,12 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
-                            int mode,
-                            size_t length,
-                            unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
-                            const unsigned char *input,
-                            unsigned char *output );
+int mbedtls_aria_crypt_cbc(mbedtls_aria_context *ctx,
+                           int mode,
+                           size_t length,
+                           unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
+                           const unsigned char *input,
+                           unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
 #if defined(MBEDTLS_CIPHER_MODE_CFB)
@@ -257,13 +248,13 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
-                               int mode,
-                               size_t length,
-                               size_t *iv_off,
-                               unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
-                               const unsigned char *input,
-                               unsigned char *output );
+int mbedtls_aria_crypt_cfb128(mbedtls_aria_context *ctx,
+                              int mode,
+                              size_t length,
+                              size_t *iv_off,
+                              unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
+                              const unsigned char *input,
+                              unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CFB */
 
 #if defined(MBEDTLS_CIPHER_MODE_CTR)
@@ -271,10 +262,6 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
  * \brief      This function performs an ARIA-CTR encryption or decryption
  *             operation.
  *
- *             This function performs the operation defined in the \p mode
- *             parameter (encrypt/decrypt), on the input data buffer
- *             defined in the \p input parameter.
- *
  *             Due to the nature of CTR, you must use the same key schedule
  *             for both encryption and decryption operations. Therefore, you
  *             must use the context initialized with mbedtls_aria_setkey_enc()
@@ -317,7 +304,7 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
  *             for example, with 96-bit random nonces, you should not encrypt
  *             more than 2**32 messages with the same key.
  *
- *             Note that for both stategies, sizes are measured in blocks and
+ *             Note that for both strategies, sizes are measured in blocks and
  *             that an ARIA block is 16 bytes.
  *
  * \warning    Upon return, \p stream_block contains sensitive data. Its
@@ -344,13 +331,13 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
  * \return                 \c 0 on success.
  * \return                 A negative error code on failure.
  */
-int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx,
-                            size_t length,
-                            size_t *nc_off,
-                            unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE],
-                            unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE],
-                            const unsigned char *input,
-                            unsigned char *output );
+int mbedtls_aria_crypt_ctr(mbedtls_aria_context *ctx,
+                           size_t length,
+                           size_t *nc_off,
+                           unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE],
+                           unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE],
+                           const unsigned char *input,
+                           unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CTR */
 
 #if defined(MBEDTLS_SELF_TEST)
@@ -359,7 +346,7 @@ int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx,
  *
  * \return         \c 0 on success, or \c 1 on failure.
  */
-int mbedtls_aria_self_test( int verbose );
+int mbedtls_aria_self_test(int verbose);
 #endif /* MBEDTLS_SELF_TEST */
 
 #ifdef __cplusplus
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/asn1.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/asn1.h
similarity index 83%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/asn1.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/asn1.h
index 6b79196..c676fd3 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/asn1.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/asn1.h
@@ -5,19 +5,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 #ifndef MBEDTLS_ASN1_H
 #define MBEDTLS_ASN1_H
@@ -46,15 +34,22 @@
  * ASN1 is a standard to specify data structures.
  * \{
  */
-#define MBEDTLS_ERR_ASN1_OUT_OF_DATA                      -0x0060  /**< Out of data when parsing an ASN1 data structure. */
-#define MBEDTLS_ERR_ASN1_UNEXPECTED_TAG                   -0x0062  /**< ASN1 tag was of an unexpected value. */
-#define MBEDTLS_ERR_ASN1_INVALID_LENGTH                   -0x0064  /**< Error when trying to determine the length or invalid length. */
-#define MBEDTLS_ERR_ASN1_LENGTH_MISMATCH                  -0x0066  /**< Actual length differs from expected length. */
-#define MBEDTLS_ERR_ASN1_INVALID_DATA                     -0x0068  /**< Data is invalid. */
-#define MBEDTLS_ERR_ASN1_ALLOC_FAILED                     -0x006A  /**< Memory allocation failed */
-#define MBEDTLS_ERR_ASN1_BUF_TOO_SMALL                    -0x006C  /**< Buffer too small when writing ASN.1 data structure. */
-
-/* \} name */
+/** Out of data when parsing an ASN1 data structure. */
+#define MBEDTLS_ERR_ASN1_OUT_OF_DATA                      -0x0060
+/** ASN1 tag was of an unexpected value. */
+#define MBEDTLS_ERR_ASN1_UNEXPECTED_TAG                   -0x0062
+/** Error when trying to determine the length or invalid length. */
+#define MBEDTLS_ERR_ASN1_INVALID_LENGTH                   -0x0064
+/** Actual length differs from expected length. */
+#define MBEDTLS_ERR_ASN1_LENGTH_MISMATCH                  -0x0066
+/** Data is invalid. */
+#define MBEDTLS_ERR_ASN1_INVALID_DATA                     -0x0068
+/** Memory allocation failed */
+#define MBEDTLS_ERR_ASN1_ALLOC_FAILED                     -0x006A
+/** Buffer too small when writing ASN.1 data structure. */
+#define MBEDTLS_ERR_ASN1_BUF_TOO_SMALL                    -0x006C
+
+/** \} name ASN1 Error codes */
 
 /**
  * \name DER constants
@@ -90,15 +85,15 @@
 
 /* Slightly smaller way to check if tag is a string tag
  * compared to canonical implementation. */
-#define MBEDTLS_ASN1_IS_STRING_TAG( tag )                                     \
-    ( ( tag ) < 32u && (                                                      \
-        ( ( 1u << ( tag ) ) & ( ( 1u << MBEDTLS_ASN1_BMP_STRING )       |     \
-                                ( 1u << MBEDTLS_ASN1_UTF8_STRING )      |     \
-                                ( 1u << MBEDTLS_ASN1_T61_STRING )       |     \
-                                ( 1u << MBEDTLS_ASN1_IA5_STRING )       |     \
-                                ( 1u << MBEDTLS_ASN1_UNIVERSAL_STRING ) |     \
-                                ( 1u << MBEDTLS_ASN1_PRINTABLE_STRING ) |     \
-                                ( 1u << MBEDTLS_ASN1_BIT_STRING ) ) ) != 0 ) )
+#define MBEDTLS_ASN1_IS_STRING_TAG(tag)                                     \
+    ((tag) < 32u && (                                                      \
+         ((1u << (tag)) & ((1u << MBEDTLS_ASN1_BMP_STRING)       |     \
+                           (1u << MBEDTLS_ASN1_UTF8_STRING)      |     \
+                           (1u << MBEDTLS_ASN1_T61_STRING)       |     \
+                           (1u << MBEDTLS_ASN1_IA5_STRING)       |     \
+                           (1u << MBEDTLS_ASN1_UNIVERSAL_STRING) |     \
+                           (1u << MBEDTLS_ASN1_PRINTABLE_STRING) |     \
+                           (1u << MBEDTLS_ASN1_BIT_STRING))) != 0))
 
 /*
  * Bit masks for each of the components of an ASN.1 tag as specified in
@@ -114,8 +109,7 @@
 #define MBEDTLS_ASN1_TAG_PC_MASK             0x20
 #define MBEDTLS_ASN1_TAG_VALUE_MASK          0x1F
 
-/* \} name */
-/* \} addtogroup asn1_module */
+/** \} name DER constants */
 
 /** Returns the size of the binary string, without the trailing \\0 */
 #define MBEDTLS_OID_SIZE(x) (sizeof(x) - 1)
@@ -127,12 +121,12 @@
  * 'unsigned char *oid' here!
  */
 #define MBEDTLS_OID_CMP(oid_str, oid_buf)                                   \
-        ( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len ) ||                \
-          memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) != 0 )
+    ((MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len) ||                \
+     memcmp((oid_str), (oid_buf)->p, (oid_buf)->len) != 0)
 
 #define MBEDTLS_OID_CMP_RAW(oid_str, oid_buf, oid_buf_len)              \
-        ( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf_len) ) ||             \
-          memcmp( (oid_str), (oid_buf), (oid_buf_len) ) != 0 )
+    ((MBEDTLS_OID_SIZE(oid_str) != (oid_buf_len)) ||             \
+     memcmp((oid_str), (oid_buf), (oid_buf_len)) != 0)
 
 #ifdef __cplusplus
 extern "C" {
@@ -146,8 +140,7 @@ extern "C" {
 /**
  * Type-length-value structure that allows for ASN1 using DER.
  */
-typedef struct mbedtls_asn1_buf
-{
+typedef struct mbedtls_asn1_buf {
     int tag;                /**< ASN1 type, e.g. MBEDTLS_ASN1_UTF8_STRING. */
     size_t len;             /**< ASN1 length, in octets. */
     unsigned char *p;       /**< ASN1 data, e.g. in ASCII. */
@@ -157,8 +150,7 @@ mbedtls_asn1_buf;
 /**
  * Container for ASN1 bit strings.
  */
-typedef struct mbedtls_asn1_bitstring
-{
+typedef struct mbedtls_asn1_bitstring {
     size_t len;                 /**< ASN1 length, in octets. */
     unsigned char unused_bits;  /**< Number of unused bits at the end of the string */
     unsigned char *p;           /**< Raw ASN1 data for the bit string */
@@ -168,8 +160,7 @@ mbedtls_asn1_bitstring;
 /**
  * Container for a sequence of ASN.1 items
  */
-typedef struct mbedtls_asn1_sequence
-{
+typedef struct mbedtls_asn1_sequence {
     mbedtls_asn1_buf buf;                   /**< Buffer containing the given ASN.1 item. */
     struct mbedtls_asn1_sequence *next;    /**< The next entry in the sequence. */
 }
@@ -178,8 +169,7 @@ mbedtls_asn1_sequence;
 /**
  * Container for a sequence or list of 'named' ASN.1 data items
  */
-typedef struct mbedtls_asn1_named_data
-{
+typedef struct mbedtls_asn1_named_data {
     mbedtls_asn1_buf oid;                   /**< The object identifier. */
     mbedtls_asn1_buf val;                   /**< The named value. */
     struct mbedtls_asn1_named_data *next;  /**< The next entry in the sequence. */
@@ -203,11 +193,11 @@ mbedtls_asn1_named_data;
  * \return      0 if successful.
  * \return      #MBEDTLS_ERR_ASN1_OUT_OF_DATA if the ASN.1 element
  *              would end beyond \p end.
- * \return      #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparseable.
+ * \return      #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable.
  */
-int mbedtls_asn1_get_len( unsigned char **p,
-                          const unsigned char *end,
-                          size_t *len );
+int mbedtls_asn1_get_len(unsigned char **p,
+                         const unsigned char *end,
+                         size_t *len);
 
 /**
  * \brief       Get the tag and length of the element.
@@ -228,11 +218,11 @@ int mbedtls_asn1_get_len( unsigned char **p,
  *              with the requested tag.
  * \return      #MBEDTLS_ERR_ASN1_OUT_OF_DATA if the ASN.1 element
  *              would end beyond \p end.
- * \return      #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparseable.
+ * \return      #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable.
  */
-int mbedtls_asn1_get_tag( unsigned char **p,
-                          const unsigned char *end,
-                          size_t *len, int tag );
+int mbedtls_asn1_get_tag(unsigned char **p,
+                         const unsigned char *end,
+                         size_t *len, int tag);
 
 /**
  * \brief       Retrieve a boolean ASN.1 tag and its value.
@@ -249,9 +239,9 @@ int mbedtls_asn1_get_tag( unsigned char **p,
  * \return      An ASN.1 error code if the input does not start with
  *              a valid ASN.1 BOOLEAN.
  */
-int mbedtls_asn1_get_bool( unsigned char **p,
-                           const unsigned char *end,
-                           int *val );
+int mbedtls_asn1_get_bool(unsigned char **p,
+                          const unsigned char *end,
+                          int *val);
 
 /**
  * \brief       Retrieve an integer ASN.1 tag and its value.
@@ -270,9 +260,9 @@ int mbedtls_asn1_get_bool( unsigned char **p,
  * \return      #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does
  *              not fit in an \c int.
  */
-int mbedtls_asn1_get_int( unsigned char **p,
-                          const unsigned char *end,
-                          int *val );
+int mbedtls_asn1_get_int(unsigned char **p,
+                         const unsigned char *end,
+                         int *val);
 
 /**
  * \brief       Retrieve an enumerated ASN.1 tag and its value.
@@ -291,9 +281,9 @@ int mbedtls_asn1_get_int( unsigned char **p,
  * \return      #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does
  *              not fit in an \c int.
  */
-int mbedtls_asn1_get_enum( unsigned char **p,
-                           const unsigned char *end,
-                           int *val );
+int mbedtls_asn1_get_enum(unsigned char **p,
+                          const unsigned char *end,
+                          int *val);
 
 /**
  * \brief       Retrieve a bitstring ASN.1 tag and its value.
@@ -312,8 +302,8 @@ int mbedtls_asn1_get_enum( unsigned char **p,
  * \return      An ASN.1 error code if the input does not start with
  *              a valid ASN.1 BIT STRING.
  */
-int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end,
-                                mbedtls_asn1_bitstring *bs );
+int mbedtls_asn1_get_bitstring(unsigned char **p, const unsigned char *end,
+                               mbedtls_asn1_bitstring *bs);
 
 /**
  * \brief       Retrieve a bitstring ASN.1 tag without unused bits and its
@@ -333,9 +323,9 @@ int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end,
  * \return      An ASN.1 error code if the input does not start with
  *              a valid ASN.1 BIT STRING.
  */
-int mbedtls_asn1_get_bitstring_null( unsigned char **p,
-                                     const unsigned char *end,
-                                     size_t *len );
+int mbedtls_asn1_get_bitstring_null(unsigned char **p,
+                                    const unsigned char *end,
+                                    size_t *len);
 
 /**
  * \brief       Parses and splits an ASN.1 "SEQUENCE OF <tag>".
@@ -384,10 +374,10 @@ int mbedtls_asn1_get_bitstring_null( unsigned char **p,
  * \return      An ASN.1 error code if the input does not start with
  *              a valid ASN.1 SEQUENCE.
  */
-int mbedtls_asn1_get_sequence_of( unsigned char **p,
-                                  const unsigned char *end,
-                                  mbedtls_asn1_sequence *cur,
-                                  int tag );
+int mbedtls_asn1_get_sequence_of(unsigned char **p,
+                                 const unsigned char *end,
+                                 mbedtls_asn1_sequence *cur,
+                                 int tag);
 /**
  * \brief          Free a heap-allocated linked list presentation of
  *                 an ASN.1 sequence, including the first element.
@@ -409,7 +399,7 @@ int mbedtls_asn1_get_sequence_of( unsigned char **p,
  *                 be \c NULL, in which case this functions returns
  *                 immediately.
  */
-void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq );
+void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq);
 
 /**
  * \brief                Traverse an ASN.1 SEQUENCE container and
@@ -451,7 +441,7 @@ void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq );
  *                       on a successful invocation.
  * \param end            The end of the ASN.1 SEQUENCE container.
  * \param tag_must_mask  A mask to be applied to the ASN.1 tags found within
- *                       the SEQUENCE before comparing to \p tag_must_value.
+ *                       the SEQUENCE before comparing to \p tag_must_val.
  * \param tag_must_val   The required value of each ASN.1 tag found in the
  *                       SEQUENCE, after masking with \p tag_must_mask.
  *                       Mismatching tags lead to an error.
@@ -460,7 +450,7 @@ void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq );
  *                       while a value of \c 0xFF for \p tag_must_mask means
  *                       that \p tag_must_val is the only allowed tag.
  * \param tag_may_mask   A mask to be applied to the ASN.1 tags found within
- *                       the SEQUENCE before comparing to \p tag_may_value.
+ *                       the SEQUENCE before comparing to \p tag_may_val.
  * \param tag_may_val    The desired value of each ASN.1 tag found in the
  *                       SEQUENCE, after masking with \p tag_may_mask.
  *                       Mismatching tags will be silently ignored.
@@ -501,9 +491,9 @@ int mbedtls_asn1_traverse_sequence_of(
     const unsigned char *end,
     unsigned char tag_must_mask, unsigned char tag_must_val,
     unsigned char tag_may_mask, unsigned char tag_may_val,
-    int (*cb)( void *ctx, int tag,
-               unsigned char* start, size_t len ),
-    void *ctx );
+    int (*cb)(void *ctx, int tag,
+              unsigned char *start, size_t len),
+    void *ctx);
 
 #if defined(MBEDTLS_BIGNUM_C)
 /**
@@ -524,9 +514,9 @@ int mbedtls_asn1_traverse_sequence_of(
  *              not fit in an \c int.
  * \return      An MPI error code if the parsed value is too large.
  */
-int mbedtls_asn1_get_mpi( unsigned char **p,
-                          const unsigned char *end,
-                          mbedtls_mpi *X );
+int mbedtls_asn1_get_mpi(unsigned char **p,
+                         const unsigned char *end,
+                         mbedtls_mpi *X);
 #endif /* MBEDTLS_BIGNUM_C */
 
 /**
@@ -545,9 +535,9 @@ int mbedtls_asn1_get_mpi( unsigned char **p,
  *
  * \return      0 if successful or a specific ASN.1 or MPI error code.
  */
-int mbedtls_asn1_get_alg( unsigned char **p,
-                  const unsigned char *end,
-                  mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params );
+int mbedtls_asn1_get_alg(unsigned char **p,
+                         const unsigned char *end,
+                         mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params);
 
 /**
  * \brief       Retrieve an AlgorithmIdentifier ASN.1 sequence with NULL or no
@@ -564,9 +554,9 @@ int mbedtls_asn1_get_alg( unsigned char **p,
  *
  * \return      0 if successful or a specific ASN.1 or MPI error code.
  */
-int mbedtls_asn1_get_alg_null( unsigned char **p,
-                       const unsigned char *end,
-                       mbedtls_asn1_buf *alg );
+int mbedtls_asn1_get_alg_null(unsigned char **p,
+                              const unsigned char *end,
+                              mbedtls_asn1_buf *alg);
 
 /**
  * \brief       Find a specific named_data entry in a sequence or list based on
@@ -578,8 +568,8 @@ int mbedtls_asn1_get_alg_null( unsigned char **p,
  *
  * \return      NULL if not found, or a pointer to the existing entry.
  */
-mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *list,
-                                       const char *oid, size_t len );
+mbedtls_asn1_named_data *mbedtls_asn1_find_named_data(mbedtls_asn1_named_data *list,
+                                                      const char *oid, size_t len);
 
 /**
  * \brief       Free a mbedtls_asn1_named_data entry
@@ -588,7 +578,7 @@ mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *
  *              This function calls mbedtls_free() on
  *              `entry->oid.p` and `entry->val.p`.
  */
-void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *entry );
+void mbedtls_asn1_free_named_data(mbedtls_asn1_named_data *entry);
 
 /**
  * \brief       Free all entries in a mbedtls_asn1_named_data list.
@@ -598,7 +588,10 @@ void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *entry );
  *              mbedtls_free() on each list element and
  *              sets \c *head to \c NULL.
  */
-void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head );
+void mbedtls_asn1_free_named_data_list(mbedtls_asn1_named_data **head);
+
+/** \} name Functions to parse ASN.1 data structures */
+/** \} addtogroup asn1_module */
 
 #ifdef __cplusplus
 }
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/asn1write.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/asn1write.h
similarity index 75%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/asn1write.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/asn1write.h
index 44afae0..a12bf03 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/asn1write.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/asn1write.h
@@ -5,19 +5,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 #ifndef MBEDTLS_ASN1_WRITE_H
 #define MBEDTLS_ASN1_WRITE_H
@@ -33,11 +21,11 @@
 #define MBEDTLS_ASN1_CHK_ADD(g, f)                      \
     do                                                  \
     {                                                   \
-        if( ( ret = (f) ) < 0 )                         \
-            return( ret );                              \
+        if ((ret = (f)) < 0)                         \
+        return ret;                              \
         else                                            \
-            (g) += ret;                                 \
-    } while( 0 )
+        (g) += ret;                                 \
+    } while (0)
 
 #ifdef __cplusplus
 extern "C" {
@@ -55,8 +43,8 @@ extern "C" {
  * \return          The number of bytes written to \p p on success.
  * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start,
-                            size_t len );
+int mbedtls_asn1_write_len(unsigned char **p, unsigned char *start,
+                           size_t len);
 /**
  * \brief           Write an ASN.1 tag in ASN.1 format.
  *
@@ -69,8 +57,8 @@ int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start,
-                            unsigned char tag );
+int mbedtls_asn1_write_tag(unsigned char **p, unsigned char *start,
+                           unsigned char tag);
 
 /**
  * \brief           Write raw buffer data.
@@ -85,12 +73,12 @@ int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
-                                   const unsigned char *buf, size_t size );
+int mbedtls_asn1_write_raw_buffer(unsigned char **p, unsigned char *start,
+                                  const unsigned char *buf, size_t size);
 
 #if defined(MBEDTLS_BIGNUM_C)
 /**
- * \brief           Write a arbitrary-precision number (#MBEDTLS_ASN1_INTEGER)
+ * \brief           Write an arbitrary-precision number (#MBEDTLS_ASN1_INTEGER)
  *                  in ASN.1 format.
  *
  * \note            This function works backwards in data buffer.
@@ -103,8 +91,8 @@ int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start,
-                            const mbedtls_mpi *X );
+int mbedtls_asn1_write_mpi(unsigned char **p, unsigned char *start,
+                           const mbedtls_mpi *X);
 #endif /* MBEDTLS_BIGNUM_C */
 
 /**
@@ -119,7 +107,7 @@ int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start );
+int mbedtls_asn1_write_null(unsigned char **p, unsigned char *start);
 
 /**
  * \brief           Write an OID tag (#MBEDTLS_ASN1_OID) and data
@@ -135,8 +123,8 @@ int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start );
  * \return          The number of bytes written to \p p on success.
  * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start,
-                            const char *oid, size_t oid_len );
+int mbedtls_asn1_write_oid(unsigned char **p, unsigned char *start,
+                           const char *oid, size_t oid_len);
 
 /**
  * \brief           Write an AlgorithmIdentifier sequence in ASN.1 format.
@@ -153,10 +141,31 @@ int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_asn1_write_algorithm_identifier( unsigned char **p,
-                                             unsigned char *start,
-                                             const char *oid, size_t oid_len,
-                                             size_t par_len );
+int mbedtls_asn1_write_algorithm_identifier(unsigned char **p,
+                                            unsigned char *start,
+                                            const char *oid, size_t oid_len,
+                                            size_t par_len);
+
+/**
+ * \brief           Write an AlgorithmIdentifier sequence in ASN.1 format.
+ *
+ * \note            This function works backwards in data buffer.
+ *
+ * \param p         The reference to the current position pointer.
+ * \param start     The start of the buffer, for bounds-checking.
+ * \param oid       The OID of the algorithm to write.
+ * \param oid_len   The length of the algorithm's OID.
+ * \param par_len   The length of the parameters, which must be already written.
+ * \param has_par   If there are any parameters. If 0, par_len must be 0. If 1
+ *                  and \p par_len is 0, NULL parameters are added.
+ *
+ * \return          The number of bytes written to \p p on success.
+ * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
+ */
+int mbedtls_asn1_write_algorithm_identifier_ext(unsigned char **p,
+                                                unsigned char *start,
+                                                const char *oid, size_t oid_len,
+                                                size_t par_len, int has_par);
 
 /**
  * \brief           Write a boolean tag (#MBEDTLS_ASN1_BOOLEAN) and value
@@ -171,8 +180,8 @@ int mbedtls_asn1_write_algorithm_identifier( unsigned char **p,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start,
-                             int boolean );
+int mbedtls_asn1_write_bool(unsigned char **p, unsigned char *start,
+                            int boolean);
 
 /**
  * \brief           Write an int tag (#MBEDTLS_ASN1_INTEGER) and value
@@ -188,7 +197,7 @@ int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val );
+int mbedtls_asn1_write_int(unsigned char **p, unsigned char *start, int val);
 
 /**
  * \brief           Write an enum tag (#MBEDTLS_ASN1_ENUMERATED) and value
@@ -203,7 +212,7 @@ int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val );
  * \return          The number of bytes written to \p p on success.
  * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_asn1_write_enum( unsigned char **p, unsigned char *start, int val );
+int mbedtls_asn1_write_enum(unsigned char **p, unsigned char *start, int val);
 
 /**
  * \brief           Write a string in ASN.1 format using a specific
@@ -222,9 +231,9 @@ int mbedtls_asn1_write_enum( unsigned char **p, unsigned char *start, int val );
  * \return          The number of bytes written to \p p on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_asn1_write_tagged_string( unsigned char **p, unsigned char *start,
-                                      int tag, const char *text,
-                                      size_t text_len );
+int mbedtls_asn1_write_tagged_string(unsigned char **p, unsigned char *start,
+                                     int tag, const char *text,
+                                     size_t text_len);
 
 /**
  * \brief           Write a string in ASN.1 format using the PrintableString
@@ -241,9 +250,9 @@ int mbedtls_asn1_write_tagged_string( unsigned char **p, unsigned char *start,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_asn1_write_printable_string( unsigned char **p,
-                                         unsigned char *start,
-                                         const char *text, size_t text_len );
+int mbedtls_asn1_write_printable_string(unsigned char **p,
+                                        unsigned char *start,
+                                        const char *text, size_t text_len);
 
 /**
  * \brief           Write a UTF8 string in ASN.1 format using the UTF8String
@@ -260,8 +269,8 @@ int mbedtls_asn1_write_printable_string( unsigned char **p,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_asn1_write_utf8_string( unsigned char **p, unsigned char *start,
-                                    const char *text, size_t text_len );
+int mbedtls_asn1_write_utf8_string(unsigned char **p, unsigned char *start,
+                                   const char *text, size_t text_len);
 
 /**
  * \brief           Write a string in ASN.1 format using the IA5String
@@ -278,8 +287,8 @@ int mbedtls_asn1_write_utf8_string( unsigned char **p, unsigned char *start,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start,
-                                   const char *text, size_t text_len );
+int mbedtls_asn1_write_ia5_string(unsigned char **p, unsigned char *start,
+                                  const char *text, size_t text_len);
 
 /**
  * \brief           Write a bitstring tag (#MBEDTLS_ASN1_BIT_STRING) and
@@ -295,8 +304,8 @@ int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start,
-                                  const unsigned char *buf, size_t bits );
+int mbedtls_asn1_write_bitstring(unsigned char **p, unsigned char *start,
+                                 const unsigned char *buf, size_t bits);
 
 /**
  * \brief           This function writes a named bitstring tag
@@ -315,10 +324,10 @@ int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_asn1_write_named_bitstring( unsigned char **p,
-                                        unsigned char *start,
-                                        const unsigned char *buf,
-                                        size_t bits );
+int mbedtls_asn1_write_named_bitstring(unsigned char **p,
+                                       unsigned char *start,
+                                       const unsigned char *buf,
+                                       size_t bits);
 
 /**
  * \brief           Write an octet string tag (#MBEDTLS_ASN1_OCTET_STRING)
@@ -334,8 +343,8 @@ int mbedtls_asn1_write_named_bitstring( unsigned char **p,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start,
-                                     const unsigned char *buf, size_t size );
+int mbedtls_asn1_write_octet_string(unsigned char **p, unsigned char *start,
+                                    const unsigned char *buf, size_t size);
 
 /**
  * \brief           Create or find a specific named_data entry for writing in a
@@ -358,10 +367,10 @@ int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start,
  * \return          A pointer to the new / existing entry on success.
  * \return          \c NULL if if there was a memory allocation error.
  */
-mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data **list,
-                                        const char *oid, size_t oid_len,
-                                        const unsigned char *val,
-                                        size_t val_len );
+mbedtls_asn1_named_data *mbedtls_asn1_store_named_data(mbedtls_asn1_named_data **list,
+                                                       const char *oid, size_t oid_len,
+                                                       const unsigned char *val,
+                                                       size_t val_len);
 
 #ifdef __cplusplus
 }
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/base64.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/base64.h
new file mode 100644
index 0000000..cc46047
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/base64.h
@@ -0,0 +1,86 @@
+/**
+ * \file base64.h
+ *
+ * \brief RFC 1521 base64 encoding/decoding
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_BASE64_H
+#define MBEDTLS_BASE64_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+
+/** Output buffer too small. */
+#define MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL               -0x002A
+/** Invalid character in input. */
+#define MBEDTLS_ERR_BASE64_INVALID_CHARACTER              -0x002C
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          Encode a buffer into base64 format
+ *
+ * \param dst      destination buffer
+ * \param dlen     size of the destination buffer
+ * \param olen     number of bytes written
+ * \param src      source buffer
+ * \param slen     amount of data to be encoded
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL.
+ *                 *olen is always updated to reflect the amount
+ *                 of data that has (or would have) been written.
+ *                 If that length cannot be represented, then no data is
+ *                 written to the buffer and *olen is set to the maximum
+ *                 length representable as a size_t.
+ *
+ * \note           Call this function with dlen = 0 to obtain the
+ *                 required buffer size in *olen
+ */
+int mbedtls_base64_encode(unsigned char *dst, size_t dlen, size_t *olen,
+                          const unsigned char *src, size_t slen);
+
+/**
+ * \brief          Decode a base64-formatted buffer
+ *
+ * \param dst      destination buffer (can be NULL for checking size)
+ * \param dlen     size of the destination buffer
+ * \param olen     number of bytes written
+ * \param src      source buffer
+ * \param slen     amount of data to be decoded
+ *
+ * \return         0 if successful, MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL, or
+ *                 MBEDTLS_ERR_BASE64_INVALID_CHARACTER if the input data is
+ *                 not correct. *olen is always updated to reflect the amount
+ *                 of data that has (or would have) been written.
+ *
+ * \note           Call this function with *dst = NULL or dlen = 0 to obtain
+ *                 the required buffer size in *olen
+ */
+int mbedtls_base64_decode(unsigned char *dst, size_t dlen, size_t *olen,
+                          const unsigned char *src, size_t slen);
+
+#if defined(MBEDTLS_SELF_TEST)
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ */
+int mbedtls_base64_self_test(int verbose);
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* base64.h */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/bignum.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/bignum.h
new file mode 100644
index 0000000..fb0ca15
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/bignum.h
@@ -0,0 +1,1093 @@
+/**
+ * \file bignum.h
+ *
+ * \brief Multi-precision integer library
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_BIGNUM_H
+#define MBEDTLS_BIGNUM_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+#include <stdint.h>
+
+#if defined(MBEDTLS_FS_IO)
+#include <stdio.h>
+#endif
+
+/** An error occurred while reading from or writing to a file. */
+#define MBEDTLS_ERR_MPI_FILE_IO_ERROR                     -0x0002
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_MPI_BAD_INPUT_DATA                    -0x0004
+/** There is an invalid character in the digit string. */
+#define MBEDTLS_ERR_MPI_INVALID_CHARACTER                 -0x0006
+/** The buffer is too small to write to. */
+#define MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL                  -0x0008
+/** The input arguments are negative or result in illegal output. */
+#define MBEDTLS_ERR_MPI_NEGATIVE_VALUE                    -0x000A
+/** The input argument for division is zero, which is not allowed. */
+#define MBEDTLS_ERR_MPI_DIVISION_BY_ZERO                  -0x000C
+/** The input arguments are not acceptable. */
+#define MBEDTLS_ERR_MPI_NOT_ACCEPTABLE                    -0x000E
+/** Memory allocation failed. */
+#define MBEDTLS_ERR_MPI_ALLOC_FAILED                      -0x0010
+
+#define MBEDTLS_MPI_CHK(f)       \
+    do                           \
+    {                            \
+        if ((ret = (f)) != 0) \
+        goto cleanup;        \
+    } while (0)
+
+/*
+ * Maximum size MPIs are allowed to grow to in number of limbs.
+ */
+#define MBEDTLS_MPI_MAX_LIMBS                             10000
+
+#if !defined(MBEDTLS_MPI_WINDOW_SIZE)
+/*
+ * Maximum window size used for modular exponentiation. Default: 2
+ * Minimum value: 1. Maximum value: 6.
+ *
+ * Result is an array of ( 2 ** MBEDTLS_MPI_WINDOW_SIZE ) MPIs used
+ * for the sliding window calculation. (So 64 by default)
+ *
+ * Reduction in size, reduces speed.
+ */
+#define MBEDTLS_MPI_WINDOW_SIZE                           2        /**< Maximum window size used. */
+#endif /* !MBEDTLS_MPI_WINDOW_SIZE */
+
+#if !defined(MBEDTLS_MPI_MAX_SIZE)
+/*
+ * Maximum size of MPIs allowed in bits and bytes for user-MPIs.
+ * ( Default: 512 bytes => 4096 bits, Maximum tested: 2048 bytes => 16384 bits )
+ *
+ * Note: Calculations can temporarily result in larger MPIs. So the number
+ * of limbs required (MBEDTLS_MPI_MAX_LIMBS) is higher.
+ */
+#define MBEDTLS_MPI_MAX_SIZE                              1024     /**< Maximum number of bytes for usable MPIs. */
+#endif /* !MBEDTLS_MPI_MAX_SIZE */
+
+#define MBEDTLS_MPI_MAX_BITS                              (8 * MBEDTLS_MPI_MAX_SIZE)      /**< Maximum number of bits for usable MPIs. */
+
+/*
+ * When reading from files with mbedtls_mpi_read_file() and writing to files with
+ * mbedtls_mpi_write_file() the buffer should have space
+ * for a (short) label, the MPI (in the provided radix), the newline
+ * characters and the '\0'.
+ *
+ * By default we assume at least a 10 char label, a minimum radix of 10
+ * (decimal) and a maximum of 4096 bit numbers (1234 decimal chars).
+ * Autosized at compile time for at least a 10 char label, a minimum radix
+ * of 10 (decimal) for a number of MBEDTLS_MPI_MAX_BITS size.
+ *
+ * This used to be statically sized to 1250 for a maximum of 4096 bit
+ * numbers (1234 decimal chars).
+ *
+ * Calculate using the formula:
+ *  MBEDTLS_MPI_RW_BUFFER_SIZE = ceil(MBEDTLS_MPI_MAX_BITS / ln(10) * ln(2)) +
+ *                                LabelSize + 6
+ */
+#define MBEDTLS_MPI_MAX_BITS_SCALE100          (100 * MBEDTLS_MPI_MAX_BITS)
+#define MBEDTLS_LN_2_DIV_LN_10_SCALE100                 332
+#define MBEDTLS_MPI_RW_BUFFER_SIZE             (((MBEDTLS_MPI_MAX_BITS_SCALE100 + \
+                                                  MBEDTLS_LN_2_DIV_LN_10_SCALE100 - 1) / \
+                                                 MBEDTLS_LN_2_DIV_LN_10_SCALE100) + 10 + 6)
+
+/*
+ * Define the base integer type, architecture-wise.
+ *
+ * 32 or 64-bit integer types can be forced regardless of the underlying
+ * architecture by defining MBEDTLS_HAVE_INT32 or MBEDTLS_HAVE_INT64
+ * respectively and undefining MBEDTLS_HAVE_ASM.
+ *
+ * Double-width integers (e.g. 128-bit in 64-bit architectures) can be
+ * disabled by defining MBEDTLS_NO_UDBL_DIVISION.
+ */
+#if !defined(MBEDTLS_HAVE_INT32)
+    #if defined(_MSC_VER) && defined(_M_AMD64)
+/* Always choose 64-bit when using MSC */
+        #if !defined(MBEDTLS_HAVE_INT64)
+            #define MBEDTLS_HAVE_INT64
+        #endif /* !MBEDTLS_HAVE_INT64 */
+typedef  int64_t mbedtls_mpi_sint;
+typedef uint64_t mbedtls_mpi_uint;
+    #elif defined(__GNUC__) && (                         \
+    defined(__amd64__) || defined(__x86_64__)     || \
+    defined(__ppc64__) || defined(__powerpc64__)  || \
+    defined(__ia64__)  || defined(__alpha__)      || \
+    (defined(__sparc__) && defined(__arch64__)) || \
+    defined(__s390x__) || defined(__mips64)       || \
+    defined(__aarch64__))
+        #if !defined(MBEDTLS_HAVE_INT64)
+            #define MBEDTLS_HAVE_INT64
+        #endif /* MBEDTLS_HAVE_INT64 */
+typedef  int64_t mbedtls_mpi_sint;
+typedef uint64_t mbedtls_mpi_uint;
+        #if !defined(MBEDTLS_NO_UDBL_DIVISION)
+/* mbedtls_t_udbl defined as 128-bit unsigned int */
+typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI)));
+            #define MBEDTLS_HAVE_UDBL
+        #endif /* !MBEDTLS_NO_UDBL_DIVISION */
+    #elif defined(__ARMCC_VERSION) && defined(__aarch64__)
+/*
+ * __ARMCC_VERSION is defined for both armcc and armclang and
+ * __aarch64__ is only defined by armclang when compiling 64-bit code
+ */
+        #if !defined(MBEDTLS_HAVE_INT64)
+            #define MBEDTLS_HAVE_INT64
+        #endif /* !MBEDTLS_HAVE_INT64 */
+typedef  int64_t mbedtls_mpi_sint;
+typedef uint64_t mbedtls_mpi_uint;
+        #if !defined(MBEDTLS_NO_UDBL_DIVISION)
+/* mbedtls_t_udbl defined as 128-bit unsigned int */
+typedef __uint128_t mbedtls_t_udbl;
+            #define MBEDTLS_HAVE_UDBL
+        #endif /* !MBEDTLS_NO_UDBL_DIVISION */
+    #elif defined(MBEDTLS_HAVE_INT64)
+/* Force 64-bit integers with unknown compiler */
+typedef  int64_t mbedtls_mpi_sint;
+typedef uint64_t mbedtls_mpi_uint;
+    #endif
+#endif /* !MBEDTLS_HAVE_INT32 */
+
+#if !defined(MBEDTLS_HAVE_INT64)
+/* Default to 32-bit compilation */
+    #if !defined(MBEDTLS_HAVE_INT32)
+        #define MBEDTLS_HAVE_INT32
+    #endif /* !MBEDTLS_HAVE_INT32 */
+typedef  int32_t mbedtls_mpi_sint;
+typedef uint32_t mbedtls_mpi_uint;
+    #if !defined(MBEDTLS_NO_UDBL_DIVISION)
+typedef uint64_t mbedtls_t_udbl;
+        #define MBEDTLS_HAVE_UDBL
+    #endif /* !MBEDTLS_NO_UDBL_DIVISION */
+#endif /* !MBEDTLS_HAVE_INT64 */
+
+/** \typedef mbedtls_mpi_uint
+ * \brief The type of machine digits in a bignum, called _limbs_.
+ *
+ * This is always an unsigned integer type with no padding bits. The size
+ * is platform-dependent.
+ */
+
+/** \typedef mbedtls_mpi_sint
+ * \brief The signed type corresponding to #mbedtls_mpi_uint.
+ *
+ * This is always a signed integer type with no padding bits. The size
+ * is platform-dependent.
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          MPI structure
+ */
+typedef struct mbedtls_mpi {
+    /** Sign: -1 if the mpi is negative, 1 otherwise.
+     *
+     * The number 0 must be represented with `s = +1`. Although many library
+     * functions treat all-limbs-zero as equivalent to a valid representation
+     * of 0 regardless of the sign bit, there are exceptions, so bignum
+     * functions and external callers must always set \c s to +1 for the
+     * number zero.
+     *
+     * Note that this implies that calloc() or `... = {0}` does not create
+     * a valid MPI representation. You must call mbedtls_mpi_init().
+     */
+    int s;
+
+    /** Total number of limbs in \c p.  */
+    size_t n;
+
+    /** Pointer to limbs.
+     *
+     * This may be \c NULL if \c n is 0.
+     */
+    mbedtls_mpi_uint *p;
+}
+mbedtls_mpi;
+
+/**
+ * \brief           Initialize an MPI context.
+ *
+ *                  This makes the MPI ready to be set or freed,
+ *                  but does not define a value for the MPI.
+ *
+ * \param X         The MPI context to initialize. This must not be \c NULL.
+ */
+void mbedtls_mpi_init(mbedtls_mpi *X);
+
+/**
+ * \brief          This function frees the components of an MPI context.
+ *
+ * \param X        The MPI context to be cleared. This may be \c NULL,
+ *                 in which case this function is a no-op. If it is
+ *                 not \c NULL, it must point to an initialized MPI.
+ */
+void mbedtls_mpi_free(mbedtls_mpi *X);
+
+/**
+ * \brief          Enlarge an MPI to the specified number of limbs.
+ *
+ * \note           This function does nothing if the MPI is
+ *                 already large enough.
+ *
+ * \param X        The MPI to grow. It must be initialized.
+ * \param nblimbs  The target number of limbs.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
+ * \return         Another negative error code on other kinds of failure.
+ */
+int mbedtls_mpi_grow(mbedtls_mpi *X, size_t nblimbs);
+
+/**
+ * \brief          This function resizes an MPI downwards, keeping at least the
+ *                 specified number of limbs.
+ *
+ *                 If \c X is smaller than \c nblimbs, it is resized up
+ *                 instead.
+ *
+ * \param X        The MPI to shrink. This must point to an initialized MPI.
+ * \param nblimbs  The minimum number of limbs to keep.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ *                 (this can only happen when resizing up).
+ * \return         Another negative error code on other kinds of failure.
+ */
+int mbedtls_mpi_shrink(mbedtls_mpi *X, size_t nblimbs);
+
+/**
+ * \brief          Make a copy of an MPI.
+ *
+ * \param X        The destination MPI. This must point to an initialized MPI.
+ * \param Y        The source MPI. This must point to an initialized MPI.
+ *
+ * \note           The limb-buffer in the destination MPI is enlarged
+ *                 if necessary to hold the value in the source MPI.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
+ * \return         Another negative error code on other kinds of failure.
+ */
+int mbedtls_mpi_copy(mbedtls_mpi *X, const mbedtls_mpi *Y);
+
+/**
+ * \brief          Swap the contents of two MPIs.
+ *
+ * \param X        The first MPI. It must be initialized.
+ * \param Y        The second MPI. It must be initialized.
+ */
+void mbedtls_mpi_swap(mbedtls_mpi *X, mbedtls_mpi *Y);
+
+/**
+ * \brief          Perform a safe conditional copy of MPI which doesn't
+ *                 reveal whether the condition was true or not.
+ *
+ * \param X        The MPI to conditionally assign to. This must point
+ *                 to an initialized MPI.
+ * \param Y        The MPI to be assigned from. This must point to an
+ *                 initialized MPI.
+ * \param assign   The condition deciding whether to perform the
+ *                 assignment or not. Must be either 0 or 1:
+ *                 * \c 1: Perform the assignment `X = Y`.
+ *                 * \c 0: Keep the original value of \p X.
+ *
+ * \note           This function is equivalent to
+ *                      `if( assign ) mbedtls_mpi_copy( X, Y );`
+ *                 except that it avoids leaking any information about whether
+ *                 the assignment was done or not (the above code may leak
+ *                 information through branch prediction and/or memory access
+ *                 patterns analysis).
+ *
+ * \warning        If \p assign is neither 0 nor 1, the result of this function
+ *                 is indeterminate, and the resulting value in \p X might be
+ *                 neither its original value nor the value in \p Y.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
+ * \return         Another negative error code on other kinds of failure.
+ */
+int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign);
+
+/**
+ * \brief          Perform a safe conditional swap which doesn't
+ *                 reveal whether the condition was true or not.
+ *
+ * \param X        The first MPI. This must be initialized.
+ * \param Y        The second MPI. This must be initialized.
+ * \param swap     The condition deciding whether to perform
+ *                 the swap or not. Must be either 0 or 1:
+ *                 * \c 1: Swap the values of \p X and \p Y.
+ *                 * \c 0: Keep the original values of \p X and \p Y.
+ *
+ * \note           This function is equivalent to
+ *                      if( swap ) mbedtls_mpi_swap( X, Y );
+ *                 except that it avoids leaking any information about whether
+ *                 the swap was done or not (the above code may leak
+ *                 information through branch prediction and/or memory access
+ *                 patterns analysis).
+ *
+ * \warning        If \p swap is neither 0 nor 1, the result of this function
+ *                 is indeterminate, and both \p X and \p Y might end up with
+ *                 values different to either of the original ones.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
+ * \return         Another negative error code on other kinds of failure.
+ *
+ */
+int mbedtls_mpi_safe_cond_swap(mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char swap);
+
+/**
+ * \brief          Store integer value in MPI.
+ *
+ * \param X        The MPI to set. This must be initialized.
+ * \param z        The value to use.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
+ * \return         Another negative error code on other kinds of failure.
+ */
+int mbedtls_mpi_lset(mbedtls_mpi *X, mbedtls_mpi_sint z);
+
+/**
+ * \brief          Get a specific bit from an MPI.
+ *
+ * \param X        The MPI to query. This must be initialized.
+ * \param pos      Zero-based index of the bit to query.
+ *
+ * \return         \c 0 or \c 1 on success, depending on whether bit \c pos
+ *                 of \c X is unset or set.
+ * \return         A negative error code on failure.
+ */
+int mbedtls_mpi_get_bit(const mbedtls_mpi *X, size_t pos);
+
+/**
+ * \brief          Modify a specific bit in an MPI.
+ *
+ * \note           This function will grow the target MPI if necessary to set a
+ *                 bit to \c 1 in a not yet existing limb. It will not grow if
+ *                 the bit should be set to \c 0.
+ *
+ * \param X        The MPI to modify. This must be initialized.
+ * \param pos      Zero-based index of the bit to modify.
+ * \param val      The desired value of bit \c pos: \c 0 or \c 1.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
+ * \return         Another negative error code on other kinds of failure.
+ */
+int mbedtls_mpi_set_bit(mbedtls_mpi *X, size_t pos, unsigned char val);
+
+/**
+ * \brief          Return the number of bits of value \c 0 before the
+ *                 least significant bit of value \c 1.
+ *
+ * \note           This is the same as the zero-based index of
+ *                 the least significant bit of value \c 1.
+ *
+ * \param X        The MPI to query.
+ *
+ * \return         The number of bits of value \c 0 before the least significant
+ *                 bit of value \c 1 in \p X.
+ */
+size_t mbedtls_mpi_lsb(const mbedtls_mpi *X);
+
+/**
+ * \brief          Return the number of bits up to and including the most
+ *                 significant bit of value \c 1.
+ *
+ * * \note         This is same as the one-based index of the most
+ *                 significant bit of value \c 1.
+ *
+ * \param X        The MPI to query. This must point to an initialized MPI.
+ *
+ * \return         The number of bits up to and including the most
+ *                 significant bit of value \c 1.
+ */
+size_t mbedtls_mpi_bitlen(const mbedtls_mpi *X);
+
+/**
+ * \brief          Return the total size of an MPI value in bytes.
+ *
+ * \param X        The MPI to use. This must point to an initialized MPI.
+ *
+ * \note           The value returned by this function may be less than
+ *                 the number of bytes used to store \p X internally.
+ *                 This happens if and only if there are trailing bytes
+ *                 of value zero.
+ *
+ * \return         The least number of bytes capable of storing
+ *                 the absolute value of \p X.
+ */
+size_t mbedtls_mpi_size(const mbedtls_mpi *X);
+
+/**
+ * \brief          Import an MPI from an ASCII string.
+ *
+ * \param X        The destination MPI. This must point to an initialized MPI.
+ * \param radix    The numeric base of the input string.
+ * \param s        Null-terminated string buffer.
+ *
+ * \return         \c 0 if successful.
+ * \return         A negative error code on failure.
+ */
+int mbedtls_mpi_read_string(mbedtls_mpi *X, int radix, const char *s);
+
+/**
+ * \brief          Export an MPI to an ASCII string.
+ *
+ * \param X        The source MPI. This must point to an initialized MPI.
+ * \param radix    The numeric base of the output string.
+ * \param buf      The buffer to write the string to. This must be writable
+ *                 buffer of length \p buflen Bytes.
+ * \param buflen   The available size in Bytes of \p buf.
+ * \param olen     The address at which to store the length of the string
+ *                 written, including the  final \c NULL byte. This must
+ *                 not be \c NULL.
+ *
+ * \note           You can call this function with `buflen == 0` to obtain the
+ *                 minimum required buffer size in `*olen`.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if the target buffer \p buf
+ *                 is too small to hold the value of \p X in the desired base.
+ *                 In this case, `*olen` is nonetheless updated to contain the
+ *                 size of \p buf required for a successful call.
+ * \return         Another negative error code on different kinds of failure.
+ */
+int mbedtls_mpi_write_string(const mbedtls_mpi *X, int radix,
+                             char *buf, size_t buflen, size_t *olen);
+
+#if defined(MBEDTLS_FS_IO)
+/**
+ * \brief          Read an MPI from a line in an opened file.
+ *
+ * \param X        The destination MPI. This must point to an initialized MPI.
+ * \param radix    The numeric base of the string representation used
+ *                 in the source line.
+ * \param fin      The input file handle to use. This must not be \c NULL.
+ *
+ * \note           On success, this function advances the file stream
+ *                 to the end of the current line or to EOF.
+ *
+ *                 The function returns \c 0 on an empty line.
+ *
+ *                 Leading whitespaces are ignored, as is a
+ *                 '0x' prefix for radix \c 16.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if the file read buffer
+ *                 is too small.
+ * \return         Another negative error code on failure.
+ */
+int mbedtls_mpi_read_file(mbedtls_mpi *X, int radix, FILE *fin);
+
+/**
+ * \brief          Export an MPI into an opened file.
+ *
+ * \param p        A string prefix to emit prior to the MPI data.
+ *                 For example, this might be a label, or "0x" when
+ *                 printing in base \c 16. This may be \c NULL if no prefix
+ *                 is needed.
+ * \param X        The source MPI. This must point to an initialized MPI.
+ * \param radix    The numeric base to be used in the emitted string.
+ * \param fout     The output file handle. This may be \c NULL, in which case
+ *                 the output is written to \c stdout.
+ *
+ * \return         \c 0 if successful.
+ * \return         A negative error code on failure.
+ */
+int mbedtls_mpi_write_file(const char *p, const mbedtls_mpi *X,
+                           int radix, FILE *fout);
+#endif /* MBEDTLS_FS_IO */
+
+/**
+ * \brief          Import an MPI from unsigned big endian binary data.
+ *
+ * \param X        The destination MPI. This must point to an initialized MPI.
+ * \param buf      The input buffer. This must be a readable buffer of length
+ *                 \p buflen Bytes.
+ * \param buflen   The length of the input buffer \p buf in Bytes.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
+ * \return         Another negative error code on different kinds of failure.
+ */
+int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf,
+                            size_t buflen);
+
+/**
+ * \brief          Import X from unsigned binary data, little endian
+ *
+ * \param X        The destination MPI. This must point to an initialized MPI.
+ * \param buf      The input buffer. This must be a readable buffer of length
+ *                 \p buflen Bytes.
+ * \param buflen   The length of the input buffer \p buf in Bytes.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
+ * \return         Another negative error code on different kinds of failure.
+ */
+int mbedtls_mpi_read_binary_le(mbedtls_mpi *X,
+                               const unsigned char *buf, size_t buflen);
+
+/**
+ * \brief          Export X into unsigned binary data, big endian.
+ *                 Always fills the whole buffer, which will start with zeros
+ *                 if the number is smaller.
+ *
+ * \param X        The source MPI. This must point to an initialized MPI.
+ * \param buf      The output buffer. This must be a writable buffer of length
+ *                 \p buflen Bytes.
+ * \param buflen   The size of the output buffer \p buf in Bytes.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p buf isn't
+ *                 large enough to hold the value of \p X.
+ * \return         Another negative error code on different kinds of failure.
+ */
+int mbedtls_mpi_write_binary(const mbedtls_mpi *X, unsigned char *buf,
+                             size_t buflen);
+
+/**
+ * \brief          Export X into unsigned binary data, little endian.
+ *                 Always fills the whole buffer, which will end with zeros
+ *                 if the number is smaller.
+ *
+ * \param X        The source MPI. This must point to an initialized MPI.
+ * \param buf      The output buffer. This must be a writable buffer of length
+ *                 \p buflen Bytes.
+ * \param buflen   The size of the output buffer \p buf in Bytes.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p buf isn't
+ *                 large enough to hold the value of \p X.
+ * \return         Another negative error code on different kinds of failure.
+ */
+int mbedtls_mpi_write_binary_le(const mbedtls_mpi *X,
+                                unsigned char *buf, size_t buflen);
+
+/**
+ * \brief          Perform a left-shift on an MPI: X <<= count
+ *
+ * \param X        The MPI to shift. This must point to an initialized MPI.
+ * \param count    The number of bits to shift by.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return         Another negative error code on different kinds of failure.
+ */
+int mbedtls_mpi_shift_l(mbedtls_mpi *X, size_t count);
+
+/**
+ * \brief          Perform a right-shift on an MPI: X >>= count
+ *
+ * \param X        The MPI to shift. This must point to an initialized MPI.
+ * \param count    The number of bits to shift by.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return         Another negative error code on different kinds of failure.
+ */
+int mbedtls_mpi_shift_r(mbedtls_mpi *X, size_t count);
+
+/**
+ * \brief          Compare the absolute values of two MPIs.
+ *
+ * \param X        The left-hand MPI. This must point to an initialized MPI.
+ * \param Y        The right-hand MPI. This must point to an initialized MPI.
+ *
+ * \return         \c 1 if `|X|` is greater than `|Y|`.
+ * \return         \c -1 if `|X|` is lesser than `|Y|`.
+ * \return         \c 0 if `|X|` is equal to `|Y|`.
+ */
+int mbedtls_mpi_cmp_abs(const mbedtls_mpi *X, const mbedtls_mpi *Y);
+
+/**
+ * \brief          Compare two MPIs.
+ *
+ * \param X        The left-hand MPI. This must point to an initialized MPI.
+ * \param Y        The right-hand MPI. This must point to an initialized MPI.
+ *
+ * \return         \c 1 if \p X is greater than \p Y.
+ * \return         \c -1 if \p X is lesser than \p Y.
+ * \return         \c 0 if \p X is equal to \p Y.
+ */
+int mbedtls_mpi_cmp_mpi(const mbedtls_mpi *X, const mbedtls_mpi *Y);
+
+/**
+ * \brief          Check if an MPI is less than the other in constant time.
+ *
+ * \param X        The left-hand MPI. This must point to an initialized MPI
+ *                 with the same allocated length as Y.
+ * \param Y        The right-hand MPI. This must point to an initialized MPI
+ *                 with the same allocated length as X.
+ * \param ret      The result of the comparison:
+ *                 \c 1 if \p X is less than \p Y.
+ *                 \c 0 if \p X is greater than or equal to \p Y.
+ *
+ * \return         0 on success.
+ * \return         MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the allocated length of
+ *                 the two input MPIs is not the same.
+ */
+int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X, const mbedtls_mpi *Y,
+                          unsigned *ret);
+
+/**
+ * \brief          Compare an MPI with an integer.
+ *
+ * \param X        The left-hand MPI. This must point to an initialized MPI.
+ * \param z        The integer value to compare \p X to.
+ *
+ * \return         \c 1 if \p X is greater than \p z.
+ * \return         \c -1 if \p X is lesser than \p z.
+ * \return         \c 0 if \p X is equal to \p z.
+ */
+int mbedtls_mpi_cmp_int(const mbedtls_mpi *X, mbedtls_mpi_sint z);
+
+/**
+ * \brief          Perform an unsigned addition of MPIs: X = |A| + |B|
+ *
+ * \param X        The destination MPI. This must point to an initialized MPI.
+ * \param A        The first summand. This must point to an initialized MPI.
+ * \param B        The second summand. This must point to an initialized MPI.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return         Another negative error code on different kinds of failure.
+ */
+int mbedtls_mpi_add_abs(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        const mbedtls_mpi *B);
+
+/**
+ * \brief          Perform an unsigned subtraction of MPIs: X = |A| - |B|
+ *
+ * \param X        The destination MPI. This must point to an initialized MPI.
+ * \param A        The minuend. This must point to an initialized MPI.
+ * \param B        The subtrahend. This must point to an initialized MPI.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p B is greater than \p A.
+ * \return         Another negative error code on different kinds of failure.
+ *
+ */
+int mbedtls_mpi_sub_abs(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        const mbedtls_mpi *B);
+
+/**
+ * \brief          Perform a signed addition of MPIs: X = A + B
+ *
+ * \param X        The destination MPI. This must point to an initialized MPI.
+ * \param A        The first summand. This must point to an initialized MPI.
+ * \param B        The second summand. This must point to an initialized MPI.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return         Another negative error code on different kinds of failure.
+ */
+int mbedtls_mpi_add_mpi(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        const mbedtls_mpi *B);
+
+/**
+ * \brief          Perform a signed subtraction of MPIs: X = A - B
+ *
+ * \param X        The destination MPI. This must point to an initialized MPI.
+ * \param A        The minuend. This must point to an initialized MPI.
+ * \param B        The subtrahend. This must point to an initialized MPI.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return         Another negative error code on different kinds of failure.
+ */
+int mbedtls_mpi_sub_mpi(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        const mbedtls_mpi *B);
+
+/**
+ * \brief          Perform a signed addition of an MPI and an integer: X = A + b
+ *
+ * \param X        The destination MPI. This must point to an initialized MPI.
+ * \param A        The first summand. This must point to an initialized MPI.
+ * \param b        The second summand.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return         Another negative error code on different kinds of failure.
+ */
+int mbedtls_mpi_add_int(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        mbedtls_mpi_sint b);
+
+/**
+ * \brief          Perform a signed subtraction of an MPI and an integer:
+ *                 X = A - b
+ *
+ * \param X        The destination MPI. This must point to an initialized MPI.
+ * \param A        The minuend. This must point to an initialized MPI.
+ * \param b        The subtrahend.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return         Another negative error code on different kinds of failure.
+ */
+int mbedtls_mpi_sub_int(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        mbedtls_mpi_sint b);
+
+/**
+ * \brief          Perform a multiplication of two MPIs: X = A * B
+ *
+ * \param X        The destination MPI. This must point to an initialized MPI.
+ * \param A        The first factor. This must point to an initialized MPI.
+ * \param B        The second factor. This must point to an initialized MPI.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return         Another negative error code on different kinds of failure.
+ *
+ */
+int mbedtls_mpi_mul_mpi(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        const mbedtls_mpi *B);
+
+/**
+ * \brief          Perform a multiplication of an MPI with an unsigned integer:
+ *                 X = A * b
+ *
+ * \param X        The destination MPI. This must point to an initialized MPI.
+ * \param A        The first factor. This must point to an initialized MPI.
+ * \param b        The second factor.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return         Another negative error code on different kinds of failure.
+ *
+ */
+int mbedtls_mpi_mul_int(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        mbedtls_mpi_uint b);
+
+/**
+ * \brief          Perform a division with remainder of two MPIs:
+ *                 A = Q * B + R
+ *
+ * \param Q        The destination MPI for the quotient.
+ *                 This may be \c NULL if the value of the
+ *                 quotient is not needed. This must not alias A or B.
+ * \param R        The destination MPI for the remainder value.
+ *                 This may be \c NULL if the value of the
+ *                 remainder is not needed. This must not alias A or B.
+ * \param A        The dividend. This must point to an initialized MPI.
+ * \param B        The divisor. This must point to an initialized MPI.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
+ * \return         #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p B equals zero.
+ * \return         Another negative error code on different kinds of failure.
+ */
+int mbedtls_mpi_div_mpi(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
+                        const mbedtls_mpi *B);
+
+/**
+ * \brief          Perform a division with remainder of an MPI by an integer:
+ *                 A = Q * b + R
+ *
+ * \param Q        The destination MPI for the quotient.
+ *                 This may be \c NULL if the value of the
+ *                 quotient is not needed.  This must not alias A.
+ * \param R        The destination MPI for the remainder value.
+ *                 This may be \c NULL if the value of the
+ *                 remainder is not needed.  This must not alias A.
+ * \param A        The dividend. This must point to an initialized MPi.
+ * \param b        The divisor.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
+ * \return         #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p b equals zero.
+ * \return         Another negative error code on different kinds of failure.
+ */
+int mbedtls_mpi_div_int(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
+                        mbedtls_mpi_sint b);
+
+/**
+ * \brief          Perform a modular reduction. R = A mod B
+ *
+ * \param R        The destination MPI for the residue value.
+ *                 This must point to an initialized MPI.
+ * \param A        The MPI to compute the residue of.
+ *                 This must point to an initialized MPI.
+ * \param B        The base of the modular reduction.
+ *                 This must point to an initialized MPI.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return         #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p B equals zero.
+ * \return         #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p B is negative.
+ * \return         Another negative error code on different kinds of failure.
+ *
+ */
+int mbedtls_mpi_mod_mpi(mbedtls_mpi *R, const mbedtls_mpi *A,
+                        const mbedtls_mpi *B);
+
+/**
+ * \brief          Perform a modular reduction with respect to an integer.
+ *                 r = A mod b
+ *
+ * \param r        The address at which to store the residue.
+ *                 This must not be \c NULL.
+ * \param A        The MPI to compute the residue of.
+ *                 This must point to an initialized MPi.
+ * \param b        The integer base of the modular reduction.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return         #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p b equals zero.
+ * \return         #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p b is negative.
+ * \return         Another negative error code on different kinds of failure.
+ */
+int mbedtls_mpi_mod_int(mbedtls_mpi_uint *r, const mbedtls_mpi *A,
+                        mbedtls_mpi_sint b);
+
+/**
+ * \brief          Perform a sliding-window exponentiation: X = A^E mod N
+ *
+ * \param X        The destination MPI. This must point to an initialized MPI.
+ *                 This must not alias E or N.
+ * \param A        The base of the exponentiation.
+ *                 This must point to an initialized MPI.
+ * \param E        The exponent MPI. This must point to an initialized MPI.
+ * \param N        The base for the modular reduction. This must point to an
+ *                 initialized MPI.
+ * \param prec_RR  A helper MPI depending solely on \p N which can be used to
+ *                 speed-up multiple modular exponentiations for the same value
+ *                 of \p N. This may be \c NULL. If it is not \c NULL, it must
+ *                 point to an initialized MPI. If it hasn't been used after
+ *                 the call to mbedtls_mpi_init(), this function will compute
+ *                 the helper value and store it in \p prec_RR for reuse on
+ *                 subsequent calls to this function. Otherwise, the function
+ *                 will assume that \p prec_RR holds the helper value set by a
+ *                 previous call to mbedtls_mpi_exp_mod(), and reuse it.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return         #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \c N is negative or
+ *                 even, or if \c E is negative.
+ * \return         Another negative error code on different kinds of failures.
+ *
+ */
+int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        const mbedtls_mpi *E, const mbedtls_mpi *N,
+                        mbedtls_mpi *prec_RR);
+
+/**
+ * \brief          Fill an MPI with a number of random bytes.
+ *
+ * \param X        The destination MPI. This must point to an initialized MPI.
+ * \param size     The number of random bytes to generate.
+ * \param f_rng    The RNG function to use. This must not be \c NULL.
+ * \param p_rng    The RNG parameter to be passed to \p f_rng. This may be
+ *                 \c NULL if \p f_rng doesn't need a context argument.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return         Another negative error code on failure.
+ *
+ * \note           The bytes obtained from the RNG are interpreted
+ *                 as a big-endian representation of an MPI; this can
+ *                 be relevant in applications like deterministic ECDSA.
+ */
+int mbedtls_mpi_fill_random(mbedtls_mpi *X, size_t size,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng);
+
+/** Generate a random number uniformly in a range.
+ *
+ * This function generates a random number between \p min inclusive and
+ * \p N exclusive.
+ *
+ * The procedure complies with RFC 6979 §3.3 (deterministic ECDSA)
+ * when the RNG is a suitably parametrized instance of HMAC_DRBG
+ * and \p min is \c 1.
+ *
+ * \note           There are `N - min` possible outputs. The lower bound
+ *                 \p min can be reached, but the upper bound \p N cannot.
+ *
+ * \param X        The destination MPI. This must point to an initialized MPI.
+ * \param min      The minimum value to return.
+ *                 It must be nonnegative.
+ * \param N        The upper bound of the range, exclusive.
+ *                 In other words, this is one plus the maximum value to return.
+ *                 \p N must be strictly larger than \p min.
+ * \param f_rng    The RNG function to use. This must not be \c NULL.
+ * \param p_rng    The RNG parameter to be passed to \p f_rng.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return         #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p min or \p N is invalid
+ *                 or if they are incompatible.
+ * \return         #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if the implementation was
+ *                 unable to find a suitable value within a limited number
+ *                 of attempts. This has a negligible probability if \p N
+ *                 is significantly larger than \p min, which is the case
+ *                 for all usual cryptographic applications.
+ * \return         Another negative error code on failure.
+ */
+int mbedtls_mpi_random(mbedtls_mpi *X,
+                       mbedtls_mpi_sint min,
+                       const mbedtls_mpi *N,
+                       int (*f_rng)(void *, unsigned char *, size_t),
+                       void *p_rng);
+
+/**
+ * \brief          Compute the greatest common divisor: G = gcd(A, B)
+ *
+ * \param G        The destination MPI. This must point to an initialized MPI.
+ * \param A        The first operand. This must point to an initialized MPI.
+ * \param B        The second operand. This must point to an initialized MPI.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return         Another negative error code on different kinds of failure.
+ */
+int mbedtls_mpi_gcd(mbedtls_mpi *G, const mbedtls_mpi *A,
+                    const mbedtls_mpi *B);
+
+/**
+ * \brief          Compute the modular inverse: X = A^-1 mod N
+ *
+ * \param X        The destination MPI. This must point to an initialized MPI.
+ * \param A        The MPI to calculate the modular inverse of. This must point
+ *                 to an initialized MPI.
+ * \param N        The base of the modular inversion. This must point to an
+ *                 initialized MPI.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return         #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p N is less than
+ *                 or equal to one.
+ * \return         #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p A has no modular
+ *                 inverse with respect to \p N.
+ */
+int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        const mbedtls_mpi *N);
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief          Perform a Miller-Rabin primality test with error
+ *                 probability of 2<sup>-80</sup>.
+ *
+ * \deprecated     Superseded by mbedtls_mpi_is_prime_ext() which allows
+ *                 specifying the number of Miller-Rabin rounds.
+ *
+ * \param X        The MPI to check for primality.
+ *                 This must point to an initialized MPI.
+ * \param f_rng    The RNG function to use. This must not be \c NULL.
+ * \param p_rng    The RNG parameter to be passed to \p f_rng.
+ *                 This may be \c NULL if \p f_rng doesn't use a
+ *                 context parameter.
+ *
+ * \return         \c 0 if successful, i.e. \p X is probably prime.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return         #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime.
+ * \return         Another negative error code on other kinds of failure.
+ */
+MBEDTLS_DEPRECATED int mbedtls_mpi_is_prime(const mbedtls_mpi *X,
+                                            int (*f_rng)(void *, unsigned char *, size_t),
+                                            void *p_rng);
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+/**
+ * \brief          Miller-Rabin primality test.
+ *
+ * \warning        If \p X is potentially generated by an adversary, for example
+ *                 when validating cryptographic parameters that you didn't
+ *                 generate yourself and that are supposed to be prime, then
+ *                 \p rounds should be at least the half of the security
+ *                 strength of the cryptographic algorithm. On the other hand,
+ *                 if \p X is chosen uniformly or non-adversarially (as is the
+ *                 case when mbedtls_mpi_gen_prime calls this function), then
+ *                 \p rounds can be much lower.
+ *
+ * \param X        The MPI to check for primality.
+ *                 This must point to an initialized MPI.
+ * \param rounds   The number of bases to perform the Miller-Rabin primality
+ *                 test for. The probability of returning 0 on a composite is
+ *                 at most 2<sup>-2*\p rounds </sup>.
+ * \param f_rng    The RNG function to use. This must not be \c NULL.
+ * \param p_rng    The RNG parameter to be passed to \p f_rng.
+ *                 This may be \c NULL if \p f_rng doesn't use
+ *                 a context parameter.
+ *
+ * \return         \c 0 if successful, i.e. \p X is probably prime.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return         #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime.
+ * \return         Another negative error code on other kinds of failure.
+ */
+int mbedtls_mpi_is_prime_ext(const mbedtls_mpi *X, int rounds,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng);
+/**
+ * \brief Flags for mbedtls_mpi_gen_prime()
+ *
+ * Each of these flags is a constraint on the result X returned by
+ * mbedtls_mpi_gen_prime().
+ */
+typedef enum {
+    MBEDTLS_MPI_GEN_PRIME_FLAG_DH =      0x0001, /**< (X-1)/2 is prime too */
+    MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR = 0x0002, /**< lower error rate from 2<sup>-80</sup> to 2<sup>-128</sup> */
+} mbedtls_mpi_gen_prime_flag_t;
+
+/**
+ * \brief          Generate a prime number.
+ *
+ * \param X        The destination MPI to store the generated prime in.
+ *                 This must point to an initialized MPi.
+ * \param nbits    The required size of the destination MPI in bits.
+ *                 This must be between \c 3 and #MBEDTLS_MPI_MAX_BITS.
+ * \param flags    A mask of flags of type #mbedtls_mpi_gen_prime_flag_t.
+ * \param f_rng    The RNG function to use. This must not be \c NULL.
+ * \param p_rng    The RNG parameter to be passed to \p f_rng.
+ *                 This may be \c NULL if \p f_rng doesn't use
+ *                 a context parameter.
+ *
+ * \return         \c 0 if successful, in which case \p X holds a
+ *                 probably prime number.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return         #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if `nbits` is not between
+ *                 \c 3 and #MBEDTLS_MPI_MAX_BITS.
+ */
+int mbedtls_mpi_gen_prime(mbedtls_mpi *X, size_t nbits, int flags,
+                          int (*f_rng)(void *, unsigned char *, size_t),
+                          void *p_rng);
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ */
+int mbedtls_mpi_self_test(int verbose);
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* bignum.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/blowfish.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/blowfish.h
similarity index 79%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/blowfish.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/blowfish.h
index c2a6ff9..7979670 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/blowfish.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/blowfish.h
@@ -5,19 +5,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 #ifndef MBEDTLS_BLOWFISH_H
 #define MBEDTLS_BLOWFISH_H
@@ -41,15 +29,18 @@
 #define MBEDTLS_BLOWFISH_BLOCKSIZE   8          /* Blowfish uses 64 bit blocks */
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
-#define MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH   MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x0016 )
+#define MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH   MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(-0x0016)
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
-#define MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA -0x0016 /**< Bad input data. */
+/** Bad input data. */
+#define MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA -0x0016
 
-#define MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH -0x0018 /**< Invalid data input length. */
+/** Invalid data input length. */
+#define MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH -0x0018
 
 /* MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED is deprecated and should not be used.
  */
-#define MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED                   -0x0017  /**< Blowfish hardware accelerator failed. */
+/** Blowfish hardware accelerator failed. */
+#define MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED                   -0x0017
 
 #ifdef __cplusplus
 extern "C" {
@@ -62,8 +53,7 @@ extern "C" {
 /**
  * \brief          Blowfish context structure
  */
-typedef struct mbedtls_blowfish_context
-{
+typedef struct mbedtls_blowfish_context {
     uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2];    /*!<  Blowfish round keys    */
     uint32_t S[4][256];                 /*!<  key dependent S-boxes  */
 }
@@ -79,7 +69,7 @@ mbedtls_blowfish_context;
  * \param ctx      The Blowfish context to be initialized.
  *                 This must not be \c NULL.
  */
-void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx );
+void mbedtls_blowfish_init(mbedtls_blowfish_context *ctx);
 
 /**
  * \brief          Clear a Blowfish context.
@@ -89,7 +79,7 @@ void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx );
  *                 returns immediately. If it is not \c NULL, it must
  *                 point to an initialized Blowfish context.
  */
-void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx );
+void mbedtls_blowfish_free(mbedtls_blowfish_context *ctx);
 
 /**
  * \brief          Perform a Blowfish key schedule operation.
@@ -103,8 +93,8 @@ void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx );
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key,
-                     unsigned int keybits );
+int mbedtls_blowfish_setkey(mbedtls_blowfish_context *ctx, const unsigned char *key,
+                            unsigned int keybits);
 
 /**
  * \brief          Perform a Blowfish-ECB block encryption/decryption operation.
@@ -122,10 +112,10 @@ int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
-                        int mode,
-                        const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE],
-                        unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] );
+int mbedtls_blowfish_crypt_ecb(mbedtls_blowfish_context *ctx,
+                               int mode,
+                               const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                               unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE]);
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
 /**
@@ -156,12 +146,12 @@ int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
-                        int mode,
-                        size_t length,
-                        unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
-                        const unsigned char *input,
-                        unsigned char *output );
+int mbedtls_blowfish_crypt_cbc(mbedtls_blowfish_context *ctx,
+                               int mode,
+                               size_t length,
+                               unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                               const unsigned char *input,
+                               unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
 #if defined(MBEDTLS_CIPHER_MODE_CFB)
@@ -182,7 +172,7 @@ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
  *                 #MBEDTLS_BLOWFISH_ENCRYPT for encryption, or
  *                 #MBEDTLS_BLOWFISH_DECRYPT for decryption.
  * \param length   The length of the input data in Bytes.
- * \param iv_off   The offset in the initialiation vector.
+ * \param iv_off   The offset in the initialization vector.
  *                 The value pointed to must be smaller than \c 8 Bytes.
  *                 It is updated by this function to support the aforementioned
  *                 streaming usage.
@@ -196,13 +186,13 @@ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
-                          int mode,
-                          size_t length,
-                          size_t *iv_off,
-                          unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
-                          const unsigned char *input,
-                          unsigned char *output );
+int mbedtls_blowfish_crypt_cfb64(mbedtls_blowfish_context *ctx,
+                                 int mode,
+                                 size_t length,
+                                 size_t *iv_off,
+                                 unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                                 const unsigned char *input,
+                                 unsigned char *output);
 #endif /*MBEDTLS_CIPHER_MODE_CFB */
 
 #if defined(MBEDTLS_CIPHER_MODE_CTR)
@@ -243,7 +233,7 @@ int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
  *             The recommended way to ensure uniqueness is to use a message
  *             counter.
  *
- *             Note that for both stategies, sizes are measured in blocks and
+ *             Note that for both strategies, sizes are measured in blocks and
  *             that a Blowfish block is 8 bytes.
  *
  * \warning    Upon return, \p stream_block contains sensitive data. Its
@@ -269,13 +259,13 @@ int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
  * \return              \c 0 if successful.
  * \return              A negative error code on failure.
  */
-int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx,
-                        size_t length,
-                        size_t *nc_off,
-                        unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE],
-                        unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE],
-                        const unsigned char *input,
-                        unsigned char *output );
+int mbedtls_blowfish_crypt_ctr(mbedtls_blowfish_context *ctx,
+                               size_t length,
+                               size_t *nc_off,
+                               unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                               unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                               const unsigned char *input,
+                               unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CTR */
 
 #ifdef __cplusplus
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/bn_mul.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/bn_mul.h
similarity index 90%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/bn_mul.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/bn_mul.h
index 17d057f..fc0c3cf 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/bn_mul.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/bn_mul.h
@@ -5,19 +5,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 /*
  *      Multiply source vector [s] with b, add result
@@ -44,6 +32,47 @@
 
 #include "mbedtls/bignum.h"
 
+
+/*
+ * Conversion macros for embedded constants:
+ * build lists of mbedtls_mpi_uint's from lists of unsigned char's grouped by 8, 4 or 2
+ */
+#if defined(MBEDTLS_HAVE_INT32)
+
+#define MBEDTLS_BYTES_TO_T_UINT_4(a, b, c, d)               \
+    ((mbedtls_mpi_uint) (a) <<  0) |                        \
+    ((mbedtls_mpi_uint) (b) <<  8) |                        \
+    ((mbedtls_mpi_uint) (c) << 16) |                        \
+    ((mbedtls_mpi_uint) (d) << 24)
+
+#define MBEDTLS_BYTES_TO_T_UINT_2(a, b)                   \
+    MBEDTLS_BYTES_TO_T_UINT_4(a, b, 0, 0)
+
+#define MBEDTLS_BYTES_TO_T_UINT_8(a, b, c, d, e, f, g, h) \
+    MBEDTLS_BYTES_TO_T_UINT_4(a, b, c, d),                \
+    MBEDTLS_BYTES_TO_T_UINT_4(e, f, g, h)
+
+#else /* 64-bits */
+
+#define MBEDTLS_BYTES_TO_T_UINT_8(a, b, c, d, e, f, g, h)   \
+    ((mbedtls_mpi_uint) (a) <<  0) |                        \
+    ((mbedtls_mpi_uint) (b) <<  8) |                        \
+    ((mbedtls_mpi_uint) (c) << 16) |                        \
+    ((mbedtls_mpi_uint) (d) << 24) |                        \
+    ((mbedtls_mpi_uint) (e) << 32) |                        \
+    ((mbedtls_mpi_uint) (f) << 40) |                        \
+    ((mbedtls_mpi_uint) (g) << 48) |                        \
+    ((mbedtls_mpi_uint) (h) << 56)
+
+#define MBEDTLS_BYTES_TO_T_UINT_4(a, b, c, d)             \
+    MBEDTLS_BYTES_TO_T_UINT_8(a, b, c, d, 0, 0, 0, 0)
+
+#define MBEDTLS_BYTES_TO_T_UINT_2(a, b)                   \
+    MBEDTLS_BYTES_TO_T_UINT_8(a, b, 0, 0, 0, 0, 0, 0)
+
+#endif /* bits in mbedtls_mpi_uint */
+
+/* *INDENT-OFF* */
 #if defined(MBEDTLS_HAVE_ASM)
 
 #ifndef asm
@@ -54,13 +83,29 @@
 #if defined(__GNUC__) && \
     ( !defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000 )
 
+/*
+ * GCC < 5.0 treated the x86 ebx (which is used for the GOT) as a
+ * fixed reserved register when building as PIC, leading to errors
+ * like: bn_mul.h:46:13: error: PIC register clobbered by 'ebx' in 'asm'
+ *
+ * This is fixed by an improved register allocator in GCC 5+. From the
+ * release notes:
+ * Register allocation improvements: Reuse of the PIC hard register,
+ * instead of using a fixed register, was implemented on x86/x86-64
+ * targets. This improves generated PIC code performance as more hard
+ * registers can be used.
+ */
+#if defined(__GNUC__) && __GNUC__ < 5 && defined(__PIC__)
+#define MULADDC_CANNOT_USE_EBX
+#endif
+
 /*
  * Disable use of the i386 assembly code below if option -O0, to disable all
  * compiler optimisations, is passed, detected with __OPTIMIZE__
  * This is done as the number of registers used in the assembly code doesn't
  * work with the -O0 option.
  */
-#if defined(__i386__) && defined(__OPTIMIZE__)
+#if defined(__i386__) && defined(__OPTIMIZE__) && !defined(MULADDC_CANNOT_USE_EBX)
 
 #define MULADDC_INIT                        \
     asm(                                    \
@@ -189,9 +234,9 @@
         "addq   $8, %%rdi\n"
 
 #define MULADDC_STOP                        \
-        : "+c" (c), "+D" (d), "+S" (s)      \
-        : "b" (b)                           \
-        : "rax", "rdx", "r8"                \
+        : "+c" (c), "+D" (d), "+S" (s), "+m" (*(uint64_t (*)[16]) d) \
+        : "b" (b), "m" (*(const uint64_t (*)[16]) s)                 \
+        : "rax", "rdx", "r8"                                         \
     );
 
 #endif /* AMD64 */
@@ -204,18 +249,18 @@
 #define MULADDC_CORE                \
         "ldr x4, [%2], #8   \n\t"   \
         "ldr x5, [%1]       \n\t"   \
-        "mul x6, x4, %3     \n\t"   \
-        "umulh x7, x4, %3   \n\t"   \
+        "mul x6, x4, %4     \n\t"   \
+        "umulh x7, x4, %4   \n\t"   \
         "adds x5, x5, x6    \n\t"   \
         "adc x7, x7, xzr    \n\t"   \
         "adds x5, x5, %0    \n\t"   \
         "adc %0, x7, xzr    \n\t"   \
         "str x5, [%1], #8   \n\t"
 
-#define MULADDC_STOP                        \
-         : "+r" (c),  "+r" (d), "+r" (s)    \
-         : "r" (b)                          \
-         : "x4", "x5", "x6", "x7", "cc"     \
+#define MULADDC_STOP                                                    \
+         : "+r" (c),  "+r" (d), "+r" (s), "+m" (*(uint64_t (*)[16]) d)  \
+         : "r" (b), "m" (*(const uint64_t (*)[16]) s)                   \
+         : "x4", "x5", "x6", "x7", "cc"                                 \
     );
 
 #endif /* Aarch64 */
@@ -523,10 +568,20 @@
         "andi  r7,   r6, 0xffff \n\t"   \
         "bsrli r6,   r6, 16     \n\t"
 
-#define MULADDC_CORE                    \
+#if(__BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__)
+#define MULADDC_LHUI                    \
+        "lhui  r9,   r3,   0    \n\t"   \
+        "addi  r3,   r3,   2    \n\t"   \
+        "lhui  r8,   r3,   0    \n\t"
+#else
+#define MULADDC_LHUI                    \
         "lhui  r8,   r3,   0    \n\t"   \
         "addi  r3,   r3,   2    \n\t"   \
-        "lhui  r9,   r3,   0    \n\t"   \
+        "lhui  r9,   r3,   0    \n\t"
+#endif
+
+#define MULADDC_CORE                    \
+        MULADDC_LHUI                    \
         "addi  r3,   r3,   2    \n\t"   \
         "mul   r10,  r9,  r6    \n\t"   \
         "mul   r11,  r8,  r7    \n\t"   \
@@ -610,6 +665,15 @@
 #if defined(__arm__) && !defined(MULADDC_CANNOT_USE_R7)
 
 #if defined(__thumb__) && !defined(__thumb2__)
+#if !defined(__ARMCC_VERSION) && !defined(__clang__) \
+    && !defined(__llvm__) && !defined(__INTEL_COMPILER)
+/*
+ * Thumb 1 ISA. This code path has only been tested successfully on gcc;
+ * it does not compile on clang or armclang.
+ *
+ * Other compilers which define __GNUC__ may not work. The above macro
+ * attempts to exclude these untested compilers.
+ */
 
 #define MULADDC_INIT                                    \
     asm(                                                \
@@ -664,6 +728,8 @@
            "r6", "r7", "r8", "r9", "cc"         \
          );
 
+#endif /* Compiler is gcc */
+
 #elif (__ARM_ARCH >= 6) && \
     defined (__ARM_FEATURE_DSP) && (__ARM_FEATURE_DSP == 1)
 
@@ -935,4 +1001,5 @@
 #endif /* C (generic)  */
 #endif /* C (longlong) */
 
+/* *INDENT-ON* */
 #endif /* bn_mul.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/camellia.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/camellia.h
similarity index 81%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/camellia.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/camellia.h
index f7d2b23..be8c515 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/camellia.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/camellia.h
@@ -5,19 +5,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 #ifndef MBEDTLS_CAMELLIA_H
 #define MBEDTLS_CAMELLIA_H
@@ -37,15 +25,18 @@
 #define MBEDTLS_CAMELLIA_DECRYPT     0
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
-#define MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH   MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x0024 )
+#define MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH   MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(-0x0024)
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
-#define MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA -0x0024 /**< Bad input data. */
+/** Bad input data. */
+#define MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA -0x0024
 
-#define MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026 /**< Invalid data input length. */
+/** Invalid data input length. */
+#define MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026
 
 /* MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED is deprecated and should not be used.
  */
-#define MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED              -0x0027  /**< Camellia hardware accelerator failed. */
+/** Camellia hardware accelerator failed. */
+#define MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED              -0x0027
 
 #ifdef __cplusplus
 extern "C" {
@@ -58,8 +49,7 @@ extern "C" {
 /**
  * \brief          CAMELLIA context structure
  */
-typedef struct mbedtls_camellia_context
-{
+typedef struct mbedtls_camellia_context {
     int nr;                     /*!<  number of rounds  */
     uint32_t rk[68];            /*!<  CAMELLIA round keys    */
 }
@@ -75,7 +65,7 @@ mbedtls_camellia_context;
  * \param ctx      The CAMELLIA context to be initialized.
  *                 This must not be \c NULL.
  */
-void mbedtls_camellia_init( mbedtls_camellia_context *ctx );
+void mbedtls_camellia_init(mbedtls_camellia_context *ctx);
 
 /**
  * \brief          Clear a CAMELLIA context.
@@ -84,7 +74,7 @@ void mbedtls_camellia_init( mbedtls_camellia_context *ctx );
  *                 in which case this function returns immediately. If it is not
  *                 \c NULL, it must be initialized.
  */
-void mbedtls_camellia_free( mbedtls_camellia_context *ctx );
+void mbedtls_camellia_free(mbedtls_camellia_context *ctx);
 
 /**
  * \brief          Perform a CAMELLIA key schedule operation for encryption.
@@ -98,9 +88,9 @@ void mbedtls_camellia_free( mbedtls_camellia_context *ctx );
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx,
-                                 const unsigned char *key,
-                                 unsigned int keybits );
+int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx,
+                                const unsigned char *key,
+                                unsigned int keybits);
 
 /**
  * \brief          Perform a CAMELLIA key schedule operation for decryption.
@@ -114,9 +104,9 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx,
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx,
-                                 const unsigned char *key,
-                                 unsigned int keybits );
+int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx,
+                                const unsigned char *key,
+                                unsigned int keybits);
 
 /**
  * \brief          Perform a CAMELLIA-ECB block encryption/decryption operation.
@@ -133,10 +123,10 @@ int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx,
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx,
-                    int mode,
-                    const unsigned char input[16],
-                    unsigned char output[16] );
+int mbedtls_camellia_crypt_ecb(mbedtls_camellia_context *ctx,
+                               int mode,
+                               const unsigned char input[16],
+                               unsigned char output[16]);
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
 /**
@@ -167,12 +157,12 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx,
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx,
-                    int mode,
-                    size_t length,
-                    unsigned char iv[16],
-                    const unsigned char *input,
-                    unsigned char *output );
+int mbedtls_camellia_crypt_cbc(mbedtls_camellia_context *ctx,
+                               int mode,
+                               size_t length,
+                               unsigned char iv[16],
+                               const unsigned char *input,
+                               unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
 #if defined(MBEDTLS_CIPHER_MODE_CFB)
@@ -213,13 +203,13 @@ int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx,
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
-                       int mode,
-                       size_t length,
-                       size_t *iv_off,
-                       unsigned char iv[16],
-                       const unsigned char *input,
-                       unsigned char *output );
+int mbedtls_camellia_crypt_cfb128(mbedtls_camellia_context *ctx,
+                                  int mode,
+                                  size_t length,
+                                  size_t *iv_off,
+                                  unsigned char iv[16],
+                                  const unsigned char *input,
+                                  unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CFB */
 
 #if defined(MBEDTLS_CIPHER_MODE_CTR)
@@ -229,7 +219,7 @@ int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
  * *note       Due to the nature of CTR mode, you should use the same
  *             key for both encryption and decryption. In particular, calls
  *             to this function should be preceded by a key-schedule via
- *             mbedtls_camellia_setkey_enc() regardless of whether \p mode
+ *             mbedtls_camellia_setkey_enc() regardless of whether the mode
  *             is #MBEDTLS_CAMELLIA_ENCRYPT or #MBEDTLS_CAMELLIA_DECRYPT.
  *
  * \warning    You must never reuse a nonce value with the same key. Doing so
@@ -270,7 +260,7 @@ int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
  *             encrypted: for example, with 96-bit random nonces, you should
  *             not encrypt more than 2**32 messages with the same key.
  *
- *             Note that for both stategies, sizes are measured in blocks and
+ *             Note that for both strategies, sizes are measured in blocks and
  *             that a CAMELLIA block is \c 16 Bytes.
  *
  * \warning    Upon return, \p stream_block contains sensitive data. Its
@@ -297,13 +287,13 @@ int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
  * \return              \c 0 if successful.
  * \return              A negative error code on failure.
  */
-int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx,
-                       size_t length,
-                       size_t *nc_off,
-                       unsigned char nonce_counter[16],
-                       unsigned char stream_block[16],
-                       const unsigned char *input,
-                       unsigned char *output );
+int mbedtls_camellia_crypt_ctr(mbedtls_camellia_context *ctx,
+                               size_t length,
+                               size_t *nc_off,
+                               unsigned char nonce_counter[16],
+                               unsigned char stream_block[16],
+                               const unsigned char *input,
+                               unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CTR */
 
 #if defined(MBEDTLS_SELF_TEST)
@@ -313,7 +303,7 @@ int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx,
  *
  * \return         0 if successful, or 1 if the test failed
  */
-int mbedtls_camellia_self_test( int verbose );
+int mbedtls_camellia_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/ccm.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/ccm.h
similarity index 81%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/ccm.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/ccm.h
index 7193863..adb14cc 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/ccm.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/ccm.h
@@ -29,19 +29,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #ifndef MBEDTLS_CCM_H
@@ -55,11 +43,14 @@
 
 #include "mbedtls/cipher.h"
 
-#define MBEDTLS_ERR_CCM_BAD_INPUT       -0x000D /**< Bad input parameters to the function. */
-#define MBEDTLS_ERR_CCM_AUTH_FAILED     -0x000F /**< Authenticated decryption failed. */
+/** Bad input parameters to the function. */
+#define MBEDTLS_ERR_CCM_BAD_INPUT       -0x000D
+/** Authenticated decryption failed. */
+#define MBEDTLS_ERR_CCM_AUTH_FAILED     -0x000F
 
 /* MBEDTLS_ERR_CCM_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_CCM_HW_ACCEL_FAILED -0x0011 /**< CCM hardware accelerator failed. */
+/** CCM hardware accelerator failed. */
+#define MBEDTLS_ERR_CCM_HW_ACCEL_FAILED -0x0011
 
 #ifdef __cplusplus
 extern "C" {
@@ -73,8 +64,7 @@ extern "C" {
  * \brief    The CCM context-type definition. The CCM context is passed
  *           to the APIs called.
  */
-typedef struct mbedtls_ccm_context
-{
+typedef struct mbedtls_ccm_context {
     mbedtls_cipher_context_t cipher_ctx;    /*!< The cipher context used. */
 }
 mbedtls_ccm_context;
@@ -90,7 +80,7 @@ mbedtls_ccm_context;
  *
  * \param ctx       The CCM context to initialize. This must not be \c NULL.
  */
-void mbedtls_ccm_init( mbedtls_ccm_context *ctx );
+void mbedtls_ccm_init(mbedtls_ccm_context *ctx);
 
 /**
  * \brief           This function initializes the CCM context set in the
@@ -105,10 +95,10 @@ void mbedtls_ccm_init( mbedtls_ccm_context *ctx );
  * \return          \c 0 on success.
  * \return          A CCM or cipher-specific error code on failure.
  */
-int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
-                        mbedtls_cipher_id_t cipher,
-                        const unsigned char *key,
-                        unsigned int keybits );
+int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx,
+                       mbedtls_cipher_id_t cipher,
+                       const unsigned char *key,
+                       unsigned int keybits);
 
 /**
  * \brief   This function releases and clears the specified CCM context
@@ -117,7 +107,7 @@ int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
  * \param ctx       The CCM context to clear. If this is \c NULL, the function
  *                  has no effect. Otherwise, this must be initialized.
  */
-void mbedtls_ccm_free( mbedtls_ccm_context *ctx );
+void mbedtls_ccm_free(mbedtls_ccm_context *ctx);
 
 /**
  * \brief           This function encrypts a buffer using CCM.
@@ -155,11 +145,11 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx );
  * \return          \c 0 on success.
  * \return          A CCM or cipher-specific error code on failure.
  */
-int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *add, size_t add_len,
-                         const unsigned char *input, unsigned char *output,
-                         unsigned char *tag, size_t tag_len );
+int mbedtls_ccm_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length,
+                                const unsigned char *iv, size_t iv_len,
+                                const unsigned char *add, size_t add_len,
+                                const unsigned char *input, unsigned char *output,
+                                unsigned char *tag, size_t tag_len);
 
 /**
  * \brief           This function encrypts a buffer using CCM*.
@@ -203,11 +193,11 @@ int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
  * \return          \c 0 on success.
  * \return          A CCM or cipher-specific error code on failure.
  */
-int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *add, size_t add_len,
-                         const unsigned char *input, unsigned char *output,
-                         unsigned char *tag, size_t tag_len );
+int mbedtls_ccm_star_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length,
+                                     const unsigned char *iv, size_t iv_len,
+                                     const unsigned char *add, size_t add_len,
+                                     const unsigned char *input, unsigned char *output,
+                                     unsigned char *tag, size_t tag_len);
 
 /**
  * \brief           This function performs a CCM authenticated decryption of a
@@ -240,11 +230,11 @@ int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
  * \return          #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match.
  * \return          A cipher-specific error code on calculation failure.
  */
-int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
-                      const unsigned char *iv, size_t iv_len,
-                      const unsigned char *add, size_t add_len,
-                      const unsigned char *input, unsigned char *output,
-                      const unsigned char *tag, size_t tag_len );
+int mbedtls_ccm_auth_decrypt(mbedtls_ccm_context *ctx, size_t length,
+                             const unsigned char *iv, size_t iv_len,
+                             const unsigned char *add, size_t add_len,
+                             const unsigned char *input, unsigned char *output,
+                             const unsigned char *tag, size_t tag_len);
 
 /**
  * \brief           This function performs a CCM* authenticated decryption of a
@@ -285,11 +275,11 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
  * \return          #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match.
  * \return          A cipher-specific error code on calculation failure.
  */
-int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
-                      const unsigned char *iv, size_t iv_len,
-                      const unsigned char *add, size_t add_len,
-                      const unsigned char *input, unsigned char *output,
-                      const unsigned char *tag, size_t tag_len );
+int mbedtls_ccm_star_auth_decrypt(mbedtls_ccm_context *ctx, size_t length,
+                                  const unsigned char *iv, size_t iv_len,
+                                  const unsigned char *add, size_t add_len,
+                                  const unsigned char *input, unsigned char *output,
+                                  const unsigned char *tag, size_t tag_len);
 
 #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
 /**
@@ -298,7 +288,7 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
-int mbedtls_ccm_self_test( int verbose );
+int mbedtls_ccm_self_test(int verbose);
 #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
 
 #ifdef __cplusplus
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/certs.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/certs.h
similarity index 88%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/certs.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/certs.h
index c93c741..8a1f293 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/certs.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/certs.h
@@ -5,19 +5,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 #ifndef MBEDTLS_CERTS_H
 #define MBEDTLS_CERTS_H
@@ -37,11 +25,11 @@ extern "C" {
 /* List of all PEM-encoded CA certificates, terminated by NULL;
  * PEM encoded if MBEDTLS_PEM_PARSE_C is enabled, DER encoded
  * otherwise. */
-extern const char * mbedtls_test_cas[];
+extern const char *mbedtls_test_cas[];
 extern const size_t mbedtls_test_cas_len[];
 
 /* List of all DER-encoded CA certificates, terminated by NULL */
-extern const unsigned char * mbedtls_test_cas_der[];
+extern const unsigned char *mbedtls_test_cas_der[];
 extern const size_t mbedtls_test_cas_der_len[];
 
 #if defined(MBEDTLS_PEM_PARSE_C)
@@ -112,9 +100,9 @@ extern const size_t mbedtls_test_ca_crt_rsa_len;
 /* Config-dependent dispatch between EC and RSA
  * (RSA if enabled, otherwise EC) */
 
-extern const char * mbedtls_test_ca_crt;
-extern const char * mbedtls_test_ca_key;
-extern const char * mbedtls_test_ca_pwd;
+extern const char *mbedtls_test_ca_crt;
+extern const char *mbedtls_test_ca_key;
+extern const char *mbedtls_test_ca_pwd;
 extern const size_t mbedtls_test_ca_crt_len;
 extern const size_t mbedtls_test_ca_key_len;
 extern const size_t mbedtls_test_ca_pwd_len;
@@ -181,9 +169,9 @@ extern const size_t mbedtls_test_srv_crt_rsa_len;
 /* Config-dependent dispatch between EC and RSA
  * (RSA if enabled, otherwise EC) */
 
-extern const char * mbedtls_test_srv_crt;
-extern const char * mbedtls_test_srv_key;
-extern const char * mbedtls_test_srv_pwd;
+extern const char *mbedtls_test_srv_crt;
+extern const char *mbedtls_test_srv_key;
+extern const char *mbedtls_test_srv_pwd;
 extern const size_t mbedtls_test_srv_crt_len;
 extern const size_t mbedtls_test_srv_key_len;
 extern const size_t mbedtls_test_srv_pwd_len;
@@ -236,9 +224,9 @@ extern const size_t mbedtls_test_cli_crt_rsa_len;
 /* Config-dependent dispatch between EC and RSA
  * (RSA if enabled, otherwise EC) */
 
-extern const char * mbedtls_test_cli_crt;
-extern const char * mbedtls_test_cli_key;
-extern const char * mbedtls_test_cli_pwd;
+extern const char *mbedtls_test_cli_crt;
+extern const char *mbedtls_test_cli_key;
+extern const char *mbedtls_test_cli_pwd;
 extern const size_t mbedtls_test_cli_crt_len;
 extern const size_t mbedtls_test_cli_key_len;
 extern const size_t mbedtls_test_cli_pwd_len;
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/chacha20.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/chacha20.h
similarity index 78%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/chacha20.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/chacha20.h
index e59dd1f..0c0d6a1 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/chacha20.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/chacha20.h
@@ -14,19 +14,7 @@
 
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #ifndef MBEDTLS_CHACHA20_H
@@ -41,15 +29,18 @@
 #include <stdint.h>
 #include <stddef.h>
 
-#define MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA         -0x0051 /**< Invalid input parameter(s). */
+/** Invalid input parameter(s). */
+#define MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA         -0x0051
 
 /* MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE is deprecated and should not be
  * used. */
-#define MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE    -0x0053 /**< Feature not available. For example, s part of the API is not implemented. */
+/** Feature not available. For example, s part of the API is not implemented. */
+#define MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE    -0x0053
 
 /* MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED is deprecated and should not be used.
  */
-#define MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED        -0x0055  /**< Chacha20 hardware accelerator failed. */
+/** Chacha20 hardware accelerator failed. */
+#define MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED        -0x0055
 
 #ifdef __cplusplus
 extern "C" {
@@ -57,8 +48,7 @@ extern "C" {
 
 #if !defined(MBEDTLS_CHACHA20_ALT)
 
-typedef struct mbedtls_chacha20_context
-{
+typedef struct mbedtls_chacha20_context {
     uint32_t state[16];          /*! The state (before round operations). */
     uint8_t  keystream8[64];     /*! Leftover keystream bytes. */
     size_t keystream_bytes_used; /*! Number of keystream bytes already used. */
@@ -84,7 +74,7 @@ mbedtls_chacha20_context;
  * \param ctx       The ChaCha20 context to initialize.
  *                  This must not be \c NULL.
  */
-void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx );
+void mbedtls_chacha20_init(mbedtls_chacha20_context *ctx);
 
 /**
  * \brief           This function releases and clears the specified
@@ -95,7 +85,7 @@ void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx );
  *                  \c NULL, it must point to an initialized context.
  *
  */
-void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx );
+void mbedtls_chacha20_free(mbedtls_chacha20_context *ctx);
 
 /**
  * \brief           This function sets the encryption/decryption key.
@@ -113,8 +103,8 @@ void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx );
  * \return          \c 0 on success.
  * \return          #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or key is NULL.
  */
-int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx,
-                             const unsigned char key[32] );
+int mbedtls_chacha20_setkey(mbedtls_chacha20_context *ctx,
+                            const unsigned char key[32]);
 
 /**
  * \brief           This function sets the nonce and initial counter value.
@@ -135,9 +125,9 @@ int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx,
  * \return          #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or nonce is
  *                  NULL.
  */
-int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx,
-                             const unsigned char nonce[12],
-                             uint32_t counter );
+int mbedtls_chacha20_starts(mbedtls_chacha20_context *ctx,
+                            const unsigned char nonce[12],
+                            uint32_t counter);
 
 /**
  * \brief           This function encrypts or decrypts data.
@@ -168,10 +158,10 @@ int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx,
  * \return          \c 0 on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx,
-                             size_t size,
-                             const unsigned char *input,
-                             unsigned char *output );
+int mbedtls_chacha20_update(mbedtls_chacha20_context *ctx,
+                            size_t size,
+                            const unsigned char *input,
+                            unsigned char *output);
 
 /**
  * \brief           This function encrypts or decrypts data with ChaCha20 and
@@ -201,12 +191,12 @@ int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx,
  * \return          \c 0 on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_chacha20_crypt( const unsigned char key[32],
-                            const unsigned char nonce[12],
-                            uint32_t counter,
-                            size_t size,
-                            const unsigned char* input,
-                            unsigned char* output );
+int mbedtls_chacha20_crypt(const unsigned char key[32],
+                           const unsigned char nonce[12],
+                           uint32_t counter,
+                           size_t size,
+                           const unsigned char *input,
+                           unsigned char *output);
 
 #if defined(MBEDTLS_SELF_TEST)
 /**
@@ -215,7 +205,7 @@ int mbedtls_chacha20_crypt( const unsigned char key[32],
  * \return          \c 0 on success.
  * \return          \c 1 on failure.
  */
-int mbedtls_chacha20_self_test( int verbose );
+int mbedtls_chacha20_self_test(int verbose);
 #endif /* MBEDTLS_SELF_TEST */
 
 #ifdef __cplusplus
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/chachapoly.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/chachapoly.h
similarity index 81%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/chachapoly.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/chachapoly.h
index 1007f95..1156d7d 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/chachapoly.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/chachapoly.h
@@ -14,19 +14,7 @@
 
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #ifndef MBEDTLS_CHACHAPOLY_H
@@ -41,15 +29,16 @@
 /* for shared error codes */
 #include "mbedtls/poly1305.h"
 
-#define MBEDTLS_ERR_CHACHAPOLY_BAD_STATE            -0x0054 /**< The requested operation is not permitted in the current state. */
-#define MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED          -0x0056 /**< Authenticated decryption failed: data was not authentic. */
+/** The requested operation is not permitted in the current state. */
+#define MBEDTLS_ERR_CHACHAPOLY_BAD_STATE            -0x0054
+/** Authenticated decryption failed: data was not authentic. */
+#define MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED          -0x0056
 
 #ifdef __cplusplus
 extern "C" {
 #endif
 
-typedef enum
-{
+typedef enum {
     MBEDTLS_CHACHAPOLY_ENCRYPT,     /**< The mode value for performing encryption. */
     MBEDTLS_CHACHAPOLY_DECRYPT      /**< The mode value for performing decryption. */
 }
@@ -59,8 +48,7 @@ mbedtls_chachapoly_mode_t;
 
 #include "mbedtls/chacha20.h"
 
-typedef struct mbedtls_chachapoly_context
-{
+typedef struct mbedtls_chachapoly_context {
     mbedtls_chacha20_context chacha20_ctx;  /**< The ChaCha20 context. */
     mbedtls_poly1305_context poly1305_ctx;  /**< The Poly1305 context. */
     uint64_t aad_len;                       /**< The length (bytes) of the Additional Authenticated Data. */
@@ -116,7 +104,7 @@ mbedtls_chachapoly_context;
  *
  * \param ctx       The ChachaPoly context to initialize. Must not be \c NULL.
  */
-void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx );
+void mbedtls_chachapoly_init(mbedtls_chachapoly_context *ctx);
 
 /**
  * \brief           This function releases and clears the specified
@@ -125,7 +113,7 @@ void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx );
  * \param ctx       The ChachaPoly context to clear. This may be \c NULL, in which
  *                  case this function is a no-op.
  */
-void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx );
+void mbedtls_chachapoly_free(mbedtls_chachapoly_context *ctx);
 
 /**
  * \brief           This function sets the ChaCha20-Poly1305
@@ -138,8 +126,8 @@ void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx );
  * \return          \c 0 on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx,
-                               const unsigned char key[32] );
+int mbedtls_chachapoly_setkey(mbedtls_chachapoly_context *ctx,
+                              const unsigned char key[32]);
 
 /**
  * \brief           This function starts a ChaCha20-Poly1305 encryption or
@@ -159,16 +147,16 @@ int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx,
  * \param ctx       The ChaCha20-Poly1305 context. This must be initialized
  *                  and bound to a key.
  * \param nonce     The nonce/IV to use for the message.
- *                  This must be a redable buffer of length \c 12 Bytes.
+ *                  This must be a readable buffer of length \c 12 Bytes.
  * \param mode      The operation to perform: #MBEDTLS_CHACHAPOLY_ENCRYPT or
  *                  #MBEDTLS_CHACHAPOLY_DECRYPT (discouraged, see warning).
  *
  * \return          \c 0 on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx,
-                               const unsigned char nonce[12],
-                               mbedtls_chachapoly_mode_t mode );
+int mbedtls_chachapoly_starts(mbedtls_chachapoly_context *ctx,
+                              const unsigned char nonce[12],
+                              mbedtls_chachapoly_mode_t mode);
 
 /**
  * \brief           This function feeds additional data to be authenticated
@@ -209,9 +197,9 @@ int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx,
  *                  if the operations has not been started or has been
  *                  finished, or if the AAD has been finished.
  */
-int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx,
-                                   const unsigned char *aad,
-                                   size_t aad_len );
+int mbedtls_chachapoly_update_aad(mbedtls_chachapoly_context *ctx,
+                                  const unsigned char *aad,
+                                  size_t aad_len);
 
 /**
  * \brief           Thus function feeds data to be encrypted or decrypted
@@ -244,10 +232,10 @@ int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx,
  *                  finished.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx,
-                               size_t len,
-                               const unsigned char *input,
-                               unsigned char *output );
+int mbedtls_chachapoly_update(mbedtls_chachapoly_context *ctx,
+                              size_t len,
+                              const unsigned char *input,
+                              unsigned char *output);
 
 /**
  * \brief           This function finished the ChaCha20-Poly1305 operation and
@@ -265,8 +253,8 @@ int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx,
  *                  finished.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx,
-                               unsigned char mac[16] );
+int mbedtls_chachapoly_finish(mbedtls_chachapoly_context *ctx,
+                              unsigned char mac[16]);
 
 /**
  * \brief           This function performs a complete ChaCha20-Poly1305
@@ -297,14 +285,14 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx,
  * \return          \c 0 on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx,
-                                        size_t length,
-                                        const unsigned char nonce[12],
-                                        const unsigned char *aad,
-                                        size_t aad_len,
-                                        const unsigned char *input,
-                                        unsigned char *output,
-                                        unsigned char tag[16] );
+int mbedtls_chachapoly_encrypt_and_tag(mbedtls_chachapoly_context *ctx,
+                                       size_t length,
+                                       const unsigned char nonce[12],
+                                       const unsigned char *aad,
+                                       size_t aad_len,
+                                       const unsigned char *input,
+                                       unsigned char *output,
+                                       unsigned char tag[16]);
 
 /**
  * \brief           This function performs a complete ChaCha20-Poly1305
@@ -331,14 +319,14 @@ int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx,
  *                  if the data was not authentic.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx,
-                                     size_t length,
-                                     const unsigned char nonce[12],
-                                     const unsigned char *aad,
-                                     size_t aad_len,
-                                     const unsigned char tag[16],
-                                     const unsigned char *input,
-                                     unsigned char *output );
+int mbedtls_chachapoly_auth_decrypt(mbedtls_chachapoly_context *ctx,
+                                    size_t length,
+                                    const unsigned char nonce[12],
+                                    const unsigned char *aad,
+                                    size_t aad_len,
+                                    const unsigned char tag[16],
+                                    const unsigned char *input,
+                                    unsigned char *output);
 
 #if defined(MBEDTLS_SELF_TEST)
 /**
@@ -347,7 +335,7 @@ int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx,
  * \return          \c 0 on success.
  * \return          \c 1 on failure.
  */
-int mbedtls_chachapoly_self_test( int verbose );
+int mbedtls_chachapoly_self_test(int verbose);
 #endif /* MBEDTLS_SELF_TEST */
 
 #ifdef __cplusplus
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/check_config.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/check_config.h
similarity index 89%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/check_config.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/check_config.h
index 1ebb706..96081fe 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/check_config.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/check_config.h
@@ -5,19 +5,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 /*
@@ -28,13 +16,14 @@
 #ifndef MBEDTLS_CHECK_CONFIG_H
 #define MBEDTLS_CHECK_CONFIG_H
 
+/* *INDENT-OFF* */
 /*
  * We assume CHAR_BIT is 8 in many places. In practice, this is true on our
  * target platforms, so not an issue, but let's just be extra sure.
  */
 #include <limits.h>
 #if CHAR_BIT != 8
-#error "mbed TLS requires a platform with 8-bit chars"
+#error "Mbed TLS requires a platform with 8-bit chars"
 #endif
 
 #if defined(_WIN32)
@@ -55,9 +44,8 @@
 #endif
 #endif /* _WIN32 */
 
-#if defined(TARGET_LIKE_MBED) && \
-    ( defined(MBEDTLS_NET_C) || defined(MBEDTLS_TIMING_C) )
-#error "The NET and TIMING modules are not available for mbed OS - please use the network and timing functions provided by mbed OS"
+#if defined(TARGET_LIKE_MBED) && defined(MBEDTLS_NET_C)
+#error "The NET module is not available for mbed OS - please use the network functions provided by Mbed OS"
 #endif
 
 #if defined(MBEDTLS_DEPRECATED_WARNING) && \
@@ -69,10 +57,6 @@
 #error "MBEDTLS_HAVE_TIME_DATE without MBEDTLS_HAVE_TIME does not make sense"
 #endif
 
-#if defined(MBEDTLS_AESNI_C) && !defined(MBEDTLS_HAVE_ASM)
-#error "MBEDTLS_AESNI_C defined, but not all prerequisites"
-#endif
-
 #if defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_AES_C)
 #error "MBEDTLS_CTR_DRBG_C defined, but not all prerequisites"
 #endif
@@ -144,6 +128,11 @@
 #error "MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED defined, but MBEDTLS_ECDH_LEGACY_CONTEXT not disabled"
 #endif
 
+#if defined(MBEDTLS_ECP_RESTARTABLE)           && \
+    !defined(MBEDTLS_ECP_C)
+#error "MBEDTLS_ECP_RESTARTABLE defined, but not all prerequisites"
+#endif
+
 #if defined(MBEDTLS_ECDSA_DETERMINISTIC) && !defined(MBEDTLS_HMAC_DRBG_C)
 #error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites"
 #endif
@@ -174,7 +163,11 @@
 #endif
 
 #if defined(MBEDTLS_PK_PARSE_C) && !defined(MBEDTLS_ASN1_PARSE_C)
-#error "MBEDTLS_PK_PARSE_C defined, but not all prerequesites"
+#error "MBEDTLS_PK_PARSE_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PKCS5_C) && !defined(MBEDTLS_MD_C)
+#error "MBEDTLS_PKCS5_C defined, but not all prerequisites"
 #endif
 
 #if defined(MBEDTLS_ENTROPY_C) && (!defined(MBEDTLS_SHA512_C) &&      \
@@ -215,11 +208,32 @@
 #error "MBEDTLS_TEST_NULL_ENTROPY defined, but entropy sources too"
 #endif
 
+#if defined(MBEDTLS_CCM_C) && (                                        \
+    !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) )
+#error "MBEDTLS_CCM_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_CCM_C) && !defined(MBEDTLS_CIPHER_C)
+#error "MBEDTLS_CCM_C defined, but not all prerequisites"
+#endif
+
 #if defined(MBEDTLS_GCM_C) && (                                        \
-        !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) )
+    !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) )
+#error "MBEDTLS_GCM_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_GCM_C) && !defined(MBEDTLS_CIPHER_C)
 #error "MBEDTLS_GCM_C defined, but not all prerequisites"
 #endif
 
+#if defined(MBEDTLS_CHACHAPOLY_C) && !defined(MBEDTLS_CHACHA20_C)
+#error "MBEDTLS_CHACHAPOLY_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_CHACHAPOLY_C) && !defined(MBEDTLS_POLY1305_C)
+#error "MBEDTLS_CHACHAPOLY_C defined, but not all prerequisites"
+#endif
+
 #if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
 #error "MBEDTLS_ECP_RANDOMIZE_JAC_ALT defined, but not all prerequisites"
 #endif
@@ -252,6 +266,10 @@
 #error "MBEDTLS_ECP_NORMALIZE_MXZ_ALT defined, but not all prerequisites"
 #endif
 
+#if defined(MBEDTLS_ECP_NO_FALLBACK) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
+#error "MBEDTLS_ECP_NO_FALLBACK defined, but no alternative implementation enabled"
+#endif
+
 #if defined(MBEDTLS_HAVEGE_C) && !defined(MBEDTLS_TIMING_C)
 #error "MBEDTLS_HAVEGE_C defined, but not all prerequisites"
 #endif
@@ -335,11 +353,11 @@
 #endif
 
 #if defined(MBEDTLS_MEMORY_BACKTRACE) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-#error "MBEDTLS_MEMORY_BACKTRACE defined, but not all prerequesites"
+#error "MBEDTLS_MEMORY_BACKTRACE defined, but not all prerequisites"
 #endif
 
 #if defined(MBEDTLS_MEMORY_DEBUG) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-#error "MBEDTLS_MEMORY_DEBUG defined, but not all prerequesites"
+#error "MBEDTLS_MEMORY_DEBUG defined, but not all prerequisites"
 #endif
 
 #if defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_HAVE_ASM)
@@ -497,6 +515,20 @@
 #error "MBEDTLS_PLATFORM_SNPRINTF_MACRO and MBEDTLS_PLATFORM_STD_SNPRINTF/MBEDTLS_PLATFORM_SNPRINTF_ALT cannot be defined simultaneously"
 #endif
 
+#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C)
+#error "MBEDTLS_PLATFORM_VSNPRINTF_ALT defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
+#error "MBEDTLS_PLATFORM_VSNPRINTF_MACRO defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) &&\
+    ( defined(MBEDTLS_PLATFORM_STD_VSNPRINTF) ||\
+        defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) )
+#error "MBEDTLS_PLATFORM_VSNPRINTF_MACRO and MBEDTLS_PLATFORM_STD_VSNPRINTF/MBEDTLS_PLATFORM_VSNPRINTF_ALT cannot be defined simultaneously"
+#endif
+
 #if defined(MBEDTLS_PLATFORM_STD_MEM_HDR) &&\
     !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS)
 #error "MBEDTLS_PLATFORM_STD_MEM_HDR defined, but not all prerequisites"
@@ -506,10 +538,6 @@
 #error "MBEDTLS_PLATFORM_STD_CALLOC defined, but not all prerequisites"
 #endif
 
-#if defined(MBEDTLS_PLATFORM_STD_CALLOC) && !defined(MBEDTLS_PLATFORM_MEMORY)
-#error "MBEDTLS_PLATFORM_STD_CALLOC defined, but not all prerequisites"
-#endif
-
 #if defined(MBEDTLS_PLATFORM_STD_FREE) && !defined(MBEDTLS_PLATFORM_MEMORY)
 #error "MBEDTLS_PLATFORM_STD_FREE defined, but not all prerequisites"
 #endif
@@ -572,10 +600,11 @@
 #error "MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO and MBEDTLS_PLATFORM_STD_NV_SEED_WRITE cannot be defined simultaneously"
 #endif
 
-#if defined(MBEDTLS_PSA_CRYPTO_C) &&            \
-    !( defined(MBEDTLS_CTR_DRBG_C) &&           \
-       defined(MBEDTLS_ENTROPY_C) )
-#error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites"
+#if defined(MBEDTLS_PSA_CRYPTO_C) &&                                    \
+    !( ( ( defined(MBEDTLS_CTR_DRBG_C) || defined(MBEDTLS_HMAC_DRBG_C) ) && \
+         defined(MBEDTLS_ENTROPY_C) ) ||                                \
+       defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) )
+#error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites (missing RNG)"
 #endif
 
 #if defined(MBEDTLS_PSA_CRYPTO_SPM) && !defined(MBEDTLS_PSA_CRYPTO_C)
@@ -604,6 +633,11 @@
 #error "MBEDTLS_PSA_INJECT_ENTROPY is not compatible with actual entropy sources"
 #endif
 
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY) &&              \
+    defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+#error "MBEDTLS_PSA_INJECT_ENTROPY is not compatible with MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG"
+#endif
+
 #if defined(MBEDTLS_PSA_ITS_FILE_C) && \
     !defined(MBEDTLS_FS_IO)
 #error "MBEDTLS_PSA_ITS_FILE_C defined, but not all prerequisites"
@@ -614,6 +648,17 @@
 #error "MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined, but it cannot coexist with MBEDTLS_USE_PSA_CRYPTO."
 #endif
 
+#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_USE_PSA_CRYPTO) && \
+    !defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_ECDSA_C)
+#error "MBEDTLS_PK_C in configuration with MBEDTLS_USE_PSA_CRYPTO and \
+        MBEDTLS_ECDSA_C requires MBEDTLS_PK_WRITE_C to be defined."
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_RSA_C) && \
+    !( defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_PK_WRITE_C) )
+#error "MBEDTLS_PSA_CRYPTO_C with MBEDTLS_RSA_C requires MBEDTLS_PK_PARSE_C and MBEDTLS_PK_WRITE_C"
+#endif
+
 #if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) ||         \
     !defined(MBEDTLS_OID_C) )
 #error "MBEDTLS_RSA_C defined, but not all prerequisites"
@@ -756,20 +801,25 @@
     !defined(MBEDTLS_SSL_PROTO_TLS1)   &&      \
     !defined(MBEDTLS_SSL_PROTO_TLS1_1) &&      \
     !defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#error "MBEDTLS_SSL_ENCRYPT_THEN_MAC defined, but not all prerequsites"
+#error "MBEDTLS_SSL_ENCRYPT_THEN_MAC defined, but not all prerequisites"
 #endif
 
 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) && \
     !defined(MBEDTLS_SSL_PROTO_TLS1)   &&          \
     !defined(MBEDTLS_SSL_PROTO_TLS1_1) &&          \
     !defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#error "MBEDTLS_SSL_EXTENDED_MASTER_SECRET defined, but not all prerequsites"
+#error "MBEDTLS_SSL_EXTENDED_MASTER_SECRET defined, but not all prerequisites"
 #endif
 
 #if defined(MBEDTLS_SSL_TICKET_C) && !defined(MBEDTLS_CIPHER_C)
 #error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites"
 #endif
 
+#if defined(MBEDTLS_SSL_TICKET_C) && \
+    !( defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) )
+#error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites"
+#endif
+
 #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) && \
     !defined(MBEDTLS_SSL_PROTO_SSL3) && !defined(MBEDTLS_SSL_PROTO_TLS1)
 #error "MBEDTLS_SSL_CBC_RECORD_SPLITTING defined, but not all prerequisites"
@@ -880,6 +930,14 @@
 #error "MBEDTLS_SSL_DTLS_SRTP defined, but not all prerequisites"
 #endif
 
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) && ( !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) )
+#error "MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) && !( defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) )
+#error "MBEDTLS_SSL_CONTEXT_SERIALIZATION defined, but not all prerequisites"
+#endif
+
 /*
  * Avoid warning from -pedantic. This is a convenient place for this
  * workaround since this is included by every single file before the
@@ -887,4 +945,5 @@
  */
 typedef int mbedtls_iso_c_forbids_empty_translation_units;
 
+/* *INDENT-ON* */
 #endif /* MBEDTLS_CHECK_CONFIG_H */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/cipher.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/cipher.h
new file mode 100644
index 0000000..db73c1b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/cipher.h
@@ -0,0 +1,1135 @@
+/**
+ * \file cipher.h
+ *
+ * \brief This file contains an abstraction interface for use with the cipher
+ * primitives provided by the library. It provides a common interface to all of
+ * the available cipher operations.
+ *
+ * \author Adriaan de Jong <dejong@fox-it.com>
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MBEDTLS_CIPHER_H
+#define MBEDTLS_CIPHER_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+#include "mbedtls/platform_util.h"
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+#define MBEDTLS_CIPHER_MODE_AEAD
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#define MBEDTLS_CIPHER_MODE_WITH_PADDING
+#endif
+
+#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) || \
+    defined(MBEDTLS_CHACHA20_C)
+#define MBEDTLS_CIPHER_MODE_STREAM
+#endif
+
+#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+/** The selected feature is not available. */
+#define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE  -0x6080
+/** Bad input parameters. */
+#define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA       -0x6100
+/** Failed to allocate memory. */
+#define MBEDTLS_ERR_CIPHER_ALLOC_FAILED         -0x6180
+/** Input data contains invalid padding and is rejected. */
+#define MBEDTLS_ERR_CIPHER_INVALID_PADDING      -0x6200
+/** Decryption of block requires a full block. */
+#define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED  -0x6280
+/** Authentication failed (for AEAD modes). */
+#define MBEDTLS_ERR_CIPHER_AUTH_FAILED          -0x6300
+/** The context is invalid. For example, because it was freed. */
+#define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT      -0x6380
+
+/* MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED is deprecated and should not be used. */
+/** Cipher hardware accelerator failed. */
+#define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED      -0x6400
+
+#define MBEDTLS_CIPHER_VARIABLE_IV_LEN     0x01    /**< Cipher accepts IVs of variable length. */
+#define MBEDTLS_CIPHER_VARIABLE_KEY_LEN    0x02    /**< Cipher accepts keys of variable length. */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief     Supported cipher types.
+ *
+ * \warning   RC4 and DES/3DES are considered weak ciphers and their use
+ *            constitutes a security risk. We recommend considering stronger
+ *            ciphers instead.
+ */
+typedef enum {
+    MBEDTLS_CIPHER_ID_NONE = 0,  /**< Placeholder to mark the end of cipher ID lists. */
+    MBEDTLS_CIPHER_ID_NULL,      /**< The identity cipher, treated as a stream cipher. */
+    MBEDTLS_CIPHER_ID_AES,       /**< The AES cipher. */
+    MBEDTLS_CIPHER_ID_DES,       /**< The DES cipher. \warning DES is considered weak. */
+    MBEDTLS_CIPHER_ID_3DES,      /**< The Triple DES cipher. \warning 3DES is considered weak. */
+    MBEDTLS_CIPHER_ID_CAMELLIA,  /**< The Camellia cipher. */
+    MBEDTLS_CIPHER_ID_BLOWFISH,  /**< The Blowfish cipher. */
+    MBEDTLS_CIPHER_ID_ARC4,      /**< The RC4 cipher. */
+    MBEDTLS_CIPHER_ID_ARIA,      /**< The Aria cipher. */
+    MBEDTLS_CIPHER_ID_CHACHA20,  /**< The ChaCha20 cipher. */
+} mbedtls_cipher_id_t;
+
+/**
+ * \brief     Supported {cipher type, cipher mode} pairs.
+ *
+ * \warning   RC4 and DES/3DES are considered weak ciphers and their use
+ *            constitutes a security risk. We recommend considering stronger
+ *            ciphers instead.
+ */
+typedef enum {
+    MBEDTLS_CIPHER_NONE = 0,             /**< Placeholder to mark the end of cipher-pair lists. */
+    MBEDTLS_CIPHER_NULL,                 /**< The identity stream cipher. */
+    MBEDTLS_CIPHER_AES_128_ECB,          /**< AES cipher with 128-bit ECB mode. */
+    MBEDTLS_CIPHER_AES_192_ECB,          /**< AES cipher with 192-bit ECB mode. */
+    MBEDTLS_CIPHER_AES_256_ECB,          /**< AES cipher with 256-bit ECB mode. */
+    MBEDTLS_CIPHER_AES_128_CBC,          /**< AES cipher with 128-bit CBC mode. */
+    MBEDTLS_CIPHER_AES_192_CBC,          /**< AES cipher with 192-bit CBC mode. */
+    MBEDTLS_CIPHER_AES_256_CBC,          /**< AES cipher with 256-bit CBC mode. */
+    MBEDTLS_CIPHER_AES_128_CFB128,       /**< AES cipher with 128-bit CFB128 mode. */
+    MBEDTLS_CIPHER_AES_192_CFB128,       /**< AES cipher with 192-bit CFB128 mode. */
+    MBEDTLS_CIPHER_AES_256_CFB128,       /**< AES cipher with 256-bit CFB128 mode. */
+    MBEDTLS_CIPHER_AES_128_CTR,          /**< AES cipher with 128-bit CTR mode. */
+    MBEDTLS_CIPHER_AES_192_CTR,          /**< AES cipher with 192-bit CTR mode. */
+    MBEDTLS_CIPHER_AES_256_CTR,          /**< AES cipher with 256-bit CTR mode. */
+    MBEDTLS_CIPHER_AES_128_GCM,          /**< AES cipher with 128-bit GCM mode. */
+    MBEDTLS_CIPHER_AES_192_GCM,          /**< AES cipher with 192-bit GCM mode. */
+    MBEDTLS_CIPHER_AES_256_GCM,          /**< AES cipher with 256-bit GCM mode. */
+    MBEDTLS_CIPHER_CAMELLIA_128_ECB,     /**< Camellia cipher with 128-bit ECB mode. */
+    MBEDTLS_CIPHER_CAMELLIA_192_ECB,     /**< Camellia cipher with 192-bit ECB mode. */
+    MBEDTLS_CIPHER_CAMELLIA_256_ECB,     /**< Camellia cipher with 256-bit ECB mode. */
+    MBEDTLS_CIPHER_CAMELLIA_128_CBC,     /**< Camellia cipher with 128-bit CBC mode. */
+    MBEDTLS_CIPHER_CAMELLIA_192_CBC,     /**< Camellia cipher with 192-bit CBC mode. */
+    MBEDTLS_CIPHER_CAMELLIA_256_CBC,     /**< Camellia cipher with 256-bit CBC mode. */
+    MBEDTLS_CIPHER_CAMELLIA_128_CFB128,  /**< Camellia cipher with 128-bit CFB128 mode. */
+    MBEDTLS_CIPHER_CAMELLIA_192_CFB128,  /**< Camellia cipher with 192-bit CFB128 mode. */
+    MBEDTLS_CIPHER_CAMELLIA_256_CFB128,  /**< Camellia cipher with 256-bit CFB128 mode. */
+    MBEDTLS_CIPHER_CAMELLIA_128_CTR,     /**< Camellia cipher with 128-bit CTR mode. */
+    MBEDTLS_CIPHER_CAMELLIA_192_CTR,     /**< Camellia cipher with 192-bit CTR mode. */
+    MBEDTLS_CIPHER_CAMELLIA_256_CTR,     /**< Camellia cipher with 256-bit CTR mode. */
+    MBEDTLS_CIPHER_CAMELLIA_128_GCM,     /**< Camellia cipher with 128-bit GCM mode. */
+    MBEDTLS_CIPHER_CAMELLIA_192_GCM,     /**< Camellia cipher with 192-bit GCM mode. */
+    MBEDTLS_CIPHER_CAMELLIA_256_GCM,     /**< Camellia cipher with 256-bit GCM mode. */
+    MBEDTLS_CIPHER_DES_ECB,              /**< DES cipher with ECB mode. \warning DES is considered weak. */
+    MBEDTLS_CIPHER_DES_CBC,              /**< DES cipher with CBC mode. \warning DES is considered weak. */
+    MBEDTLS_CIPHER_DES_EDE_ECB,          /**< DES cipher with EDE ECB mode. \warning 3DES is considered weak. */
+    MBEDTLS_CIPHER_DES_EDE_CBC,          /**< DES cipher with EDE CBC mode. \warning 3DES is considered weak. */
+    MBEDTLS_CIPHER_DES_EDE3_ECB,         /**< DES cipher with EDE3 ECB mode. \warning 3DES is considered weak. */
+    MBEDTLS_CIPHER_DES_EDE3_CBC,         /**< DES cipher with EDE3 CBC mode. \warning 3DES is considered weak. */
+    MBEDTLS_CIPHER_BLOWFISH_ECB,         /**< Blowfish cipher with ECB mode. */
+    MBEDTLS_CIPHER_BLOWFISH_CBC,         /**< Blowfish cipher with CBC mode. */
+    MBEDTLS_CIPHER_BLOWFISH_CFB64,       /**< Blowfish cipher with CFB64 mode. */
+    MBEDTLS_CIPHER_BLOWFISH_CTR,         /**< Blowfish cipher with CTR mode. */
+    MBEDTLS_CIPHER_ARC4_128,             /**< RC4 cipher with 128-bit mode. */
+    MBEDTLS_CIPHER_AES_128_CCM,          /**< AES cipher with 128-bit CCM mode. */
+    MBEDTLS_CIPHER_AES_192_CCM,          /**< AES cipher with 192-bit CCM mode. */
+    MBEDTLS_CIPHER_AES_256_CCM,          /**< AES cipher with 256-bit CCM mode. */
+    MBEDTLS_CIPHER_CAMELLIA_128_CCM,     /**< Camellia cipher with 128-bit CCM mode. */
+    MBEDTLS_CIPHER_CAMELLIA_192_CCM,     /**< Camellia cipher with 192-bit CCM mode. */
+    MBEDTLS_CIPHER_CAMELLIA_256_CCM,     /**< Camellia cipher with 256-bit CCM mode. */
+    MBEDTLS_CIPHER_ARIA_128_ECB,         /**< Aria cipher with 128-bit key and ECB mode. */
+    MBEDTLS_CIPHER_ARIA_192_ECB,         /**< Aria cipher with 192-bit key and ECB mode. */
+    MBEDTLS_CIPHER_ARIA_256_ECB,         /**< Aria cipher with 256-bit key and ECB mode. */
+    MBEDTLS_CIPHER_ARIA_128_CBC,         /**< Aria cipher with 128-bit key and CBC mode. */
+    MBEDTLS_CIPHER_ARIA_192_CBC,         /**< Aria cipher with 192-bit key and CBC mode. */
+    MBEDTLS_CIPHER_ARIA_256_CBC,         /**< Aria cipher with 256-bit key and CBC mode. */
+    MBEDTLS_CIPHER_ARIA_128_CFB128,      /**< Aria cipher with 128-bit key and CFB-128 mode. */
+    MBEDTLS_CIPHER_ARIA_192_CFB128,      /**< Aria cipher with 192-bit key and CFB-128 mode. */
+    MBEDTLS_CIPHER_ARIA_256_CFB128,      /**< Aria cipher with 256-bit key and CFB-128 mode. */
+    MBEDTLS_CIPHER_ARIA_128_CTR,         /**< Aria cipher with 128-bit key and CTR mode. */
+    MBEDTLS_CIPHER_ARIA_192_CTR,         /**< Aria cipher with 192-bit key and CTR mode. */
+    MBEDTLS_CIPHER_ARIA_256_CTR,         /**< Aria cipher with 256-bit key and CTR mode. */
+    MBEDTLS_CIPHER_ARIA_128_GCM,         /**< Aria cipher with 128-bit key and GCM mode. */
+    MBEDTLS_CIPHER_ARIA_192_GCM,         /**< Aria cipher with 192-bit key and GCM mode. */
+    MBEDTLS_CIPHER_ARIA_256_GCM,         /**< Aria cipher with 256-bit key and GCM mode. */
+    MBEDTLS_CIPHER_ARIA_128_CCM,         /**< Aria cipher with 128-bit key and CCM mode. */
+    MBEDTLS_CIPHER_ARIA_192_CCM,         /**< Aria cipher with 192-bit key and CCM mode. */
+    MBEDTLS_CIPHER_ARIA_256_CCM,         /**< Aria cipher with 256-bit key and CCM mode. */
+    MBEDTLS_CIPHER_AES_128_OFB,          /**< AES 128-bit cipher in OFB mode. */
+    MBEDTLS_CIPHER_AES_192_OFB,          /**< AES 192-bit cipher in OFB mode. */
+    MBEDTLS_CIPHER_AES_256_OFB,          /**< AES 256-bit cipher in OFB mode. */
+    MBEDTLS_CIPHER_AES_128_XTS,          /**< AES 128-bit cipher in XTS block mode. */
+    MBEDTLS_CIPHER_AES_256_XTS,          /**< AES 256-bit cipher in XTS block mode. */
+    MBEDTLS_CIPHER_CHACHA20,             /**< ChaCha20 stream cipher. */
+    MBEDTLS_CIPHER_CHACHA20_POLY1305,    /**< ChaCha20-Poly1305 AEAD cipher. */
+    MBEDTLS_CIPHER_AES_128_KW,           /**< AES cipher with 128-bit NIST KW mode. */
+    MBEDTLS_CIPHER_AES_192_KW,           /**< AES cipher with 192-bit NIST KW mode. */
+    MBEDTLS_CIPHER_AES_256_KW,           /**< AES cipher with 256-bit NIST KW mode. */
+    MBEDTLS_CIPHER_AES_128_KWP,          /**< AES cipher with 128-bit NIST KWP mode. */
+    MBEDTLS_CIPHER_AES_192_KWP,          /**< AES cipher with 192-bit NIST KWP mode. */
+    MBEDTLS_CIPHER_AES_256_KWP,          /**< AES cipher with 256-bit NIST KWP mode. */
+} mbedtls_cipher_type_t;
+
+/** Supported cipher modes. */
+typedef enum {
+    MBEDTLS_MODE_NONE = 0,               /**< None.                        */
+    MBEDTLS_MODE_ECB,                    /**< The ECB cipher mode.         */
+    MBEDTLS_MODE_CBC,                    /**< The CBC cipher mode.         */
+    MBEDTLS_MODE_CFB,                    /**< The CFB cipher mode.         */
+    MBEDTLS_MODE_OFB,                    /**< The OFB cipher mode.         */
+    MBEDTLS_MODE_CTR,                    /**< The CTR cipher mode.         */
+    MBEDTLS_MODE_GCM,                    /**< The GCM cipher mode.         */
+    MBEDTLS_MODE_STREAM,                 /**< The stream cipher mode.      */
+    MBEDTLS_MODE_CCM,                    /**< The CCM cipher mode.         */
+    MBEDTLS_MODE_XTS,                    /**< The XTS cipher mode.         */
+    MBEDTLS_MODE_CHACHAPOLY,             /**< The ChaCha-Poly cipher mode. */
+    MBEDTLS_MODE_KW,                     /**< The SP800-38F KW mode */
+    MBEDTLS_MODE_KWP,                    /**< The SP800-38F KWP mode */
+} mbedtls_cipher_mode_t;
+
+/** Supported cipher padding types. */
+typedef enum {
+    MBEDTLS_PADDING_PKCS7 = 0,     /**< PKCS7 padding (default).        */
+    MBEDTLS_PADDING_ONE_AND_ZEROS, /**< ISO/IEC 7816-4 padding.         */
+    MBEDTLS_PADDING_ZEROS_AND_LEN, /**< ANSI X.923 padding.             */
+    MBEDTLS_PADDING_ZEROS,         /**< Zero padding (not reversible). */
+    MBEDTLS_PADDING_NONE,          /**< Never pad (full blocks only).   */
+} mbedtls_cipher_padding_t;
+
+/** Type of operation. */
+typedef enum {
+    MBEDTLS_OPERATION_NONE = -1,
+    MBEDTLS_DECRYPT = 0,
+    MBEDTLS_ENCRYPT,
+} mbedtls_operation_t;
+
+enum {
+    /** Undefined key length. */
+    MBEDTLS_KEY_LENGTH_NONE = 0,
+    /** Key length, in bits (including parity), for DES keys. \warning DES is considered weak. */
+    MBEDTLS_KEY_LENGTH_DES  = 64,
+    /** Key length in bits, including parity, for DES in two-key EDE. \warning 3DES is considered weak. */
+    MBEDTLS_KEY_LENGTH_DES_EDE = 128,
+    /** Key length in bits, including parity, for DES in three-key EDE. \warning 3DES is considered weak. */
+    MBEDTLS_KEY_LENGTH_DES_EDE3 = 192,
+};
+
+/** Maximum length of any IV, in Bytes. */
+/* This should ideally be derived automatically from list of ciphers.
+ * This should be kept in sync with MBEDTLS_SSL_MAX_IV_LENGTH defined
+ * in ssl_internal.h. */
+#define MBEDTLS_MAX_IV_LENGTH      16
+
+/** Maximum block size of any cipher, in Bytes. */
+/* This should ideally be derived automatically from list of ciphers.
+ * This should be kept in sync with MBEDTLS_SSL_MAX_BLOCK_LENGTH defined
+ * in ssl_internal.h. */
+#define MBEDTLS_MAX_BLOCK_LENGTH   16
+
+/** Maximum key length, in Bytes. */
+/* This should ideally be derived automatically from list of ciphers.
+ * For now, only check whether XTS is enabled which uses 64 Byte keys,
+ * and use 32 Bytes as an upper bound for the maximum key length otherwise.
+ * This should be kept in sync with MBEDTLS_SSL_MAX_BLOCK_LENGTH defined
+ * in ssl_internal.h, which however deliberately ignores the case of XTS
+ * since the latter isn't used in SSL/TLS. */
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+#define MBEDTLS_MAX_KEY_LENGTH     64
+#else
+#define MBEDTLS_MAX_KEY_LENGTH     32
+#endif /* MBEDTLS_CIPHER_MODE_XTS */
+
+/**
+ * Base cipher information (opaque struct).
+ */
+typedef struct mbedtls_cipher_base_t mbedtls_cipher_base_t;
+
+/**
+ * CMAC context (opaque struct).
+ */
+typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t;
+
+/**
+ * Cipher information. Allows calling cipher functions
+ * in a generic way.
+ */
+typedef struct mbedtls_cipher_info_t {
+    /** Full cipher identifier. For example,
+     * MBEDTLS_CIPHER_AES_256_CBC.
+     */
+    mbedtls_cipher_type_t type;
+
+    /** The cipher mode. For example, MBEDTLS_MODE_CBC. */
+    mbedtls_cipher_mode_t mode;
+
+    /** The cipher key length, in bits. This is the
+     * default length for variable sized ciphers.
+     * Includes parity bits for ciphers like DES.
+     */
+    unsigned int key_bitlen;
+
+    /** Name of the cipher. */
+    const char *name;
+
+    /** IV or nonce size, in Bytes.
+     * For ciphers that accept variable IV sizes,
+     * this is the recommended size.
+     */
+    unsigned int iv_size;
+
+    /** Bitflag comprised of MBEDTLS_CIPHER_VARIABLE_IV_LEN and
+     *  MBEDTLS_CIPHER_VARIABLE_KEY_LEN indicating whether the
+     *  cipher supports variable IV or variable key sizes, respectively.
+     */
+    int flags;
+
+    /** The block size, in Bytes. */
+    unsigned int block_size;
+
+    /** Struct for base cipher information and functions. */
+    const mbedtls_cipher_base_t *base;
+
+} mbedtls_cipher_info_t;
+
+/**
+ * Generic cipher context.
+ */
+typedef struct mbedtls_cipher_context_t {
+    /** Information about the associated cipher. */
+    const mbedtls_cipher_info_t *cipher_info;
+
+    /** Key length to use. */
+    int key_bitlen;
+
+    /** Operation that the key of the context has been
+     * initialized for.
+     */
+    mbedtls_operation_t operation;
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+    /** Padding functions to use, if relevant for
+     * the specific cipher mode.
+     */
+    void (*add_padding)(unsigned char *output, size_t olen, size_t data_len);
+    int (*get_padding)(unsigned char *input, size_t ilen, size_t *data_len);
+#endif
+
+    /** Buffer for input that has not been processed yet. */
+    unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH];
+
+    /** Number of Bytes that have not been processed yet. */
+    size_t unprocessed_len;
+
+    /** Current IV or NONCE_COUNTER for CTR-mode, data unit (or sector) number
+     * for XTS-mode. */
+    unsigned char iv[MBEDTLS_MAX_IV_LENGTH];
+
+    /** IV size in Bytes, for ciphers with variable-length IVs. */
+    size_t iv_size;
+
+    /** The cipher-specific context. */
+    void *cipher_ctx;
+
+#if defined(MBEDTLS_CMAC_C)
+    /** CMAC-specific context. */
+    mbedtls_cmac_context_t *cmac_ctx;
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    /** Indicates whether the cipher operations should be performed
+     *  by Mbed TLS' own crypto library or an external implementation
+     *  of the PSA Crypto API.
+     *  This is unset if the cipher context was established through
+     *  mbedtls_cipher_setup(), and set if it was established through
+     *  mbedtls_cipher_setup_psa().
+     */
+    unsigned char psa_enabled;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+} mbedtls_cipher_context_t;
+
+/**
+ * \brief This function retrieves the list of ciphers supported
+ *        by the generic cipher module.
+ *
+ *        For any cipher identifier in the returned list, you can
+ *        obtain the corresponding generic cipher information structure
+ *        via mbedtls_cipher_info_from_type(), which can then be used
+ *        to prepare a cipher context via mbedtls_cipher_setup().
+ *
+ *
+ * \return      A statically-allocated array of cipher identifiers
+ *              of type cipher_type_t. The last entry is zero.
+ */
+const int *mbedtls_cipher_list(void);
+
+/**
+ * \brief               This function retrieves the cipher-information
+ *                      structure associated with the given cipher name.
+ *
+ * \param cipher_name   Name of the cipher to search for. This must not be
+ *                      \c NULL.
+ *
+ * \return              The cipher information structure associated with the
+ *                      given \p cipher_name.
+ * \return              \c NULL if the associated cipher information is not found.
+ */
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string(const char *cipher_name);
+
+/**
+ * \brief               This function retrieves the cipher-information
+ *                      structure associated with the given cipher type.
+ *
+ * \param cipher_type   Type of the cipher to search for.
+ *
+ * \return              The cipher information structure associated with the
+ *                      given \p cipher_type.
+ * \return              \c NULL if the associated cipher information is not found.
+ */
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type(const mbedtls_cipher_type_t cipher_type);
+
+/**
+ * \brief               This function retrieves the cipher-information
+ *                      structure associated with the given cipher ID,
+ *                      key size and mode.
+ *
+ * \param cipher_id     The ID of the cipher to search for. For example,
+ *                      #MBEDTLS_CIPHER_ID_AES.
+ * \param key_bitlen    The length of the key in bits.
+ * \param mode          The cipher mode. For example, #MBEDTLS_MODE_CBC.
+ *
+ * \return              The cipher information structure associated with the
+ *                      given \p cipher_id.
+ * \return              \c NULL if the associated cipher information is not found.
+ */
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values(const mbedtls_cipher_id_t cipher_id,
+                                                             int key_bitlen,
+                                                             const mbedtls_cipher_mode_t mode);
+
+/**
+ * \brief               This function initializes a \p ctx as NONE.
+ *
+ * \param ctx           The context to be initialized. This must not be \c NULL.
+ */
+void mbedtls_cipher_init(mbedtls_cipher_context_t *ctx);
+
+/**
+ * \brief               This function frees and clears the cipher-specific
+ *                      context of \p ctx. Freeing \p ctx itself remains the
+ *                      responsibility of the caller.
+ *
+ * \param ctx           The context to be freed. If this is \c NULL, the
+ *                      function has no effect, otherwise this must point to an
+ *                      initialized context.
+ */
+void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx);
+
+
+/**
+ * \brief               This function prepares a cipher context for
+ *                      use with the given cipher primitive.
+ *
+ * \warning             In CBC mode, if mbedtls_cipher_set_padding_mode() is not called:
+ *                      - If MBEDTLS_CIPHER_PADDING_PKCS7 is enabled, the
+ *                      context will use PKCS7 padding.
+ *                      - Otherwise the context uses no padding and the input
+ *                      must be a whole number of blocks.
+ *
+ * \note                After calling this function, you should call
+ *                      mbedtls_cipher_setkey() and, if the mode uses padding,
+ *                      mbedtls_cipher_set_padding_mode(), then for each
+ *                      message to encrypt or decrypt with this key, either:
+ *                      - mbedtls_cipher_crypt() for one-shot processing with
+ *                      non-AEAD modes;
+ *                      - mbedtls_cipher_auth_encrypt_ext() or
+ *                      mbedtls_cipher_auth_decrypt_ext() for one-shot
+ *                      processing with AEAD modes or NIST_KW;
+ *                      - for multi-part processing, see the documentation of
+ *                      mbedtls_cipher_reset().
+ *
+ * \param ctx           The context to prepare. This must be initialized by
+ *                      a call to mbedtls_cipher_init() first.
+ * \param cipher_info   The cipher to use.
+ *
+ * \return              \c 0 on success.
+ * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
+ *                      parameter-verification failure.
+ * \return              #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the
+ *                      cipher-specific context fails.
+ *
+ * \internal Currently, the function also clears the structure.
+ * In future versions, the caller will be required to call
+ * mbedtls_cipher_init() on the structure first.
+ */
+int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx,
+                         const mbedtls_cipher_info_t *cipher_info);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/**
+ * \brief               This function initializes a cipher context for
+ *                      PSA-based use with the given cipher primitive.
+ *
+ * \note                See #MBEDTLS_USE_PSA_CRYPTO for information on PSA.
+ *
+ * \param ctx           The context to initialize. May not be \c NULL.
+ * \param cipher_info   The cipher to use.
+ * \param taglen        For AEAD ciphers, the length in bytes of the
+ *                      authentication tag to use. Subsequent uses of
+ *                      mbedtls_cipher_auth_encrypt() or
+ *                      mbedtls_cipher_auth_decrypt() must provide
+ *                      the same tag length.
+ *                      For non-AEAD ciphers, the value must be \c 0.
+ *
+ * \return              \c 0 on success.
+ * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
+ *                      parameter-verification failure.
+ * \return              #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the
+ *                      cipher-specific context fails.
+ */
+int mbedtls_cipher_setup_psa(mbedtls_cipher_context_t *ctx,
+                             const mbedtls_cipher_info_t *cipher_info,
+                             size_t taglen);
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+/**
+ * \brief        This function returns the block size of the given cipher.
+ *
+ * \param ctx    The context of the cipher. This must be initialized.
+ *
+ * \return       The block size of the underlying cipher.
+ * \return       \c 0 if \p ctx has not been initialized.
+ */
+static inline unsigned int mbedtls_cipher_get_block_size(
+    const mbedtls_cipher_context_t *ctx)
+{
+    MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0);
+    if (ctx->cipher_info == NULL) {
+        return 0;
+    }
+
+    return ctx->cipher_info->block_size;
+}
+
+/**
+ * \brief        This function returns the mode of operation for
+ *               the cipher. For example, MBEDTLS_MODE_CBC.
+ *
+ * \param ctx    The context of the cipher. This must be initialized.
+ *
+ * \return       The mode of operation.
+ * \return       #MBEDTLS_MODE_NONE if \p ctx has not been initialized.
+ */
+static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(
+    const mbedtls_cipher_context_t *ctx)
+{
+    MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, MBEDTLS_MODE_NONE);
+    if (ctx->cipher_info == NULL) {
+        return MBEDTLS_MODE_NONE;
+    }
+
+    return ctx->cipher_info->mode;
+}
+
+/**
+ * \brief       This function returns the size of the IV or nonce
+ *              of the cipher, in Bytes.
+ *
+ * \param ctx   The context of the cipher. This must be initialized.
+ *
+ * \return      The recommended IV size if no IV has been set.
+ * \return      \c 0 for ciphers not using an IV or a nonce.
+ * \return      The actual size if an IV has been set.
+ */
+static inline int mbedtls_cipher_get_iv_size(
+    const mbedtls_cipher_context_t *ctx)
+{
+    MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0);
+    if (ctx->cipher_info == NULL) {
+        return 0;
+    }
+
+    if (ctx->iv_size != 0) {
+        return (int) ctx->iv_size;
+    }
+
+    return (int) ctx->cipher_info->iv_size;
+}
+
+/**
+ * \brief               This function returns the type of the given cipher.
+ *
+ * \param ctx           The context of the cipher. This must be initialized.
+ *
+ * \return              The type of the cipher.
+ * \return              #MBEDTLS_CIPHER_NONE if \p ctx has not been initialized.
+ */
+static inline mbedtls_cipher_type_t mbedtls_cipher_get_type(
+    const mbedtls_cipher_context_t *ctx)
+{
+    MBEDTLS_INTERNAL_VALIDATE_RET(
+        ctx != NULL, MBEDTLS_CIPHER_NONE);
+    if (ctx->cipher_info == NULL) {
+        return MBEDTLS_CIPHER_NONE;
+    }
+
+    return ctx->cipher_info->type;
+}
+
+/**
+ * \brief               This function returns the name of the given cipher
+ *                      as a string.
+ *
+ * \param ctx           The context of the cipher. This must be initialized.
+ *
+ * \return              The name of the cipher.
+ * \return              NULL if \p ctx has not been not initialized.
+ */
+static inline const char *mbedtls_cipher_get_name(
+    const mbedtls_cipher_context_t *ctx)
+{
+    MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0);
+    if (ctx->cipher_info == NULL) {
+        return 0;
+    }
+
+    return ctx->cipher_info->name;
+}
+
+/**
+ * \brief               This function returns the key length of the cipher.
+ *
+ * \param ctx           The context of the cipher. This must be initialized.
+ *
+ * \return              The key length of the cipher in bits.
+ * \return              #MBEDTLS_KEY_LENGTH_NONE if \p ctx has not been
+ *                      initialized.
+ */
+static inline int mbedtls_cipher_get_key_bitlen(
+    const mbedtls_cipher_context_t *ctx)
+{
+    MBEDTLS_INTERNAL_VALIDATE_RET(
+        ctx != NULL, MBEDTLS_KEY_LENGTH_NONE);
+    if (ctx->cipher_info == NULL) {
+        return MBEDTLS_KEY_LENGTH_NONE;
+    }
+
+    return (int) ctx->cipher_info->key_bitlen;
+}
+
+/**
+ * \brief          This function returns the operation of the given cipher.
+ *
+ * \param ctx      The context of the cipher. This must be initialized.
+ *
+ * \return         The type of operation: #MBEDTLS_ENCRYPT or #MBEDTLS_DECRYPT.
+ * \return         #MBEDTLS_OPERATION_NONE if \p ctx has not been initialized.
+ */
+static inline mbedtls_operation_t mbedtls_cipher_get_operation(
+    const mbedtls_cipher_context_t *ctx)
+{
+    MBEDTLS_INTERNAL_VALIDATE_RET(
+        ctx != NULL, MBEDTLS_OPERATION_NONE);
+    if (ctx->cipher_info == NULL) {
+        return MBEDTLS_OPERATION_NONE;
+    }
+
+    return ctx->operation;
+}
+
+/**
+ * \brief               This function sets the key to use with the given context.
+ *
+ * \param ctx           The generic cipher context. This must be initialized and
+ *                      bound to a cipher information structure.
+ * \param key           The key to use. This must be a readable buffer of at
+ *                      least \p key_bitlen Bits.
+ * \param key_bitlen    The key length to use, in Bits.
+ * \param operation     The operation that the key will be used for:
+ *                      #MBEDTLS_ENCRYPT or #MBEDTLS_DECRYPT.
+ *
+ * \return              \c 0 on success.
+ * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
+ *                      parameter-verification failure.
+ * \return              A cipher-specific error code on failure.
+ */
+int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx,
+                          const unsigned char *key,
+                          int key_bitlen,
+                          const mbedtls_operation_t operation);
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+/**
+ * \brief               This function sets the padding mode, for cipher modes
+ *                      that use padding.
+ *
+ * \param ctx           The generic cipher context. This must be initialized and
+ *                      bound to a cipher information structure.
+ * \param mode          The padding mode.
+ *
+ * \return              \c 0 on success.
+ * \return              #MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE
+ *                      if the selected padding mode is not supported.
+ * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode
+ *                      does not support padding.
+ */
+int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx,
+                                    mbedtls_cipher_padding_t mode);
+#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
+
+/**
+ * \brief           This function sets the initialization vector (IV)
+ *                  or nonce.
+ *
+ * \note            Some ciphers do not use IVs nor nonce. For these
+ *                  ciphers, this function has no effect.
+ *
+ * \param ctx       The generic cipher context. This must be initialized and
+ *                  bound to a cipher information structure.
+ * \param iv        The IV to use, or NONCE_COUNTER for CTR-mode ciphers. This
+ *                  must be a readable buffer of at least \p iv_len Bytes.
+ * \param iv_len    The IV length for ciphers with variable-size IV.
+ *                  This parameter is discarded by ciphers with fixed-size IV.
+ *
+ * \return          \c 0 on success.
+ * \return          #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
+ *                  parameter-verification failure.
+ */
+int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx,
+                          const unsigned char *iv,
+                          size_t iv_len);
+
+/**
+ * \brief         This function resets the cipher state.
+ *
+ * \note          With non-AEAD ciphers, the order of calls for each message
+ *                is as follows:
+ *                1. mbedtls_cipher_set_iv() if the mode uses an IV/nonce.
+ *                2. mbedtls_cipher_reset()
+ *                3. mbedtls_cipher_update() one or more times
+ *                4. mbedtls_cipher_finish()
+ *                .
+ *                This sequence can be repeated to encrypt or decrypt multiple
+ *                messages with the same key.
+ *
+ * \note          With AEAD ciphers, the order of calls for each message
+ *                is as follows:
+ *                1. mbedtls_cipher_set_iv() if the mode uses an IV/nonce.
+ *                2. mbedtls_cipher_reset()
+ *                3. mbedtls_cipher_update_ad()
+ *                4. mbedtls_cipher_update() one or more times
+ *                5. mbedtls_cipher_check_tag() (for decryption) or
+ *                mbedtls_cipher_write_tag() (for encryption).
+ *                .
+ *                This sequence can be repeated to encrypt or decrypt multiple
+ *                messages with the same key.
+ *
+ * \param ctx     The generic cipher context. This must be bound to a key.
+ *
+ * \return        \c 0 on success.
+ * \return        #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
+ *                parameter-verification failure.
+ */
+int mbedtls_cipher_reset(mbedtls_cipher_context_t *ctx);
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+/**
+ * \brief               This function adds additional data for AEAD ciphers.
+ *                      Currently supported with GCM and ChaCha20+Poly1305.
+ *                      This must be called exactly once, after
+ *                      mbedtls_cipher_reset().
+ *
+ * \param ctx           The generic cipher context. This must be initialized.
+ * \param ad            The additional data to use. This must be a readable
+ *                      buffer of at least \p ad_len Bytes.
+ * \param ad_len        The length of \p ad in Bytes.
+ *
+ * \return              \c 0 on success.
+ * \return              A specific error code on failure.
+ */
+int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx,
+                             const unsigned char *ad, size_t ad_len);
+#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
+
+/**
+ * \brief               The generic cipher update function. It encrypts or
+ *                      decrypts using the given cipher context. Writes as
+ *                      many block-sized blocks of data as possible to output.
+ *                      Any data that cannot be written immediately is either
+ *                      added to the next block, or flushed when
+ *                      mbedtls_cipher_finish() is called.
+ *                      Exception: For MBEDTLS_MODE_ECB, expects a single block
+ *                      in size. For example, 16 Bytes for AES.
+ *
+ * \note                If the underlying cipher is used in GCM mode, all calls
+ *                      to this function, except for the last one before
+ *                      mbedtls_cipher_finish(), must have \p ilen as a
+ *                      multiple of the block size of the cipher.
+ *
+ * \param ctx           The generic cipher context. This must be initialized and
+ *                      bound to a key.
+ * \param input         The buffer holding the input data. This must be a
+ *                      readable buffer of at least \p ilen Bytes.
+ * \param ilen          The length of the input data.
+ * \param output        The buffer for the output data. This must be able to
+ *                      hold at least `ilen + block_size`. This must not be the
+ *                      same buffer as \p input.
+ * \param olen          The length of the output data, to be updated with the
+ *                      actual number of Bytes written. This must not be
+ *                      \c NULL.
+ *
+ * \return              \c 0 on success.
+ * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
+ *                      parameter-verification failure.
+ * \return              #MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE on an
+ *                      unsupported mode for a cipher.
+ * \return              A cipher-specific error code on failure.
+ */
+int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx,
+                          const unsigned char *input,
+                          size_t ilen, unsigned char *output,
+                          size_t *olen);
+
+/**
+ * \brief               The generic cipher finalization function. If data still
+ *                      needs to be flushed from an incomplete block, the data
+ *                      contained in it is padded to the size of
+ *                      the last block, and written to the \p output buffer.
+ *
+ * \param ctx           The generic cipher context. This must be initialized and
+ *                      bound to a key.
+ * \param output        The buffer to write data to. This needs to be a writable
+ *                      buffer of at least block_size Bytes.
+ * \param olen          The length of the data written to the \p output buffer.
+ *                      This may not be \c NULL.
+ *
+ * \return              \c 0 on success.
+ * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
+ *                      parameter-verification failure.
+ * \return              #MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED on decryption
+ *                      expecting a full block but not receiving one.
+ * \return              #MBEDTLS_ERR_CIPHER_INVALID_PADDING on invalid padding
+ *                      while decrypting.
+ * \return              A cipher-specific error code on failure.
+ */
+int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx,
+                          unsigned char *output, size_t *olen);
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+/**
+ * \brief               This function writes a tag for AEAD ciphers.
+ *                      Currently supported with GCM and ChaCha20+Poly1305.
+ *                      This must be called after mbedtls_cipher_finish().
+ *
+ * \param ctx           The generic cipher context. This must be initialized,
+ *                      bound to a key, and have just completed a cipher
+ *                      operation through mbedtls_cipher_finish() the tag for
+ *                      which should be written.
+ * \param tag           The buffer to write the tag to. This must be a writable
+ *                      buffer of at least \p tag_len Bytes.
+ * \param tag_len       The length of the tag to write.
+ *
+ * \return              \c 0 on success.
+ * \return              A specific error code on failure.
+ */
+int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx,
+                             unsigned char *tag, size_t tag_len);
+
+/**
+ * \brief               This function checks the tag for AEAD ciphers.
+ *                      Currently supported with GCM and ChaCha20+Poly1305.
+ *                      This must be called after mbedtls_cipher_finish().
+ *
+ * \param ctx           The generic cipher context. This must be initialized.
+ * \param tag           The buffer holding the tag. This must be a readable
+ *                      buffer of at least \p tag_len Bytes.
+ * \param tag_len       The length of the tag to check.
+ *
+ * \return              \c 0 on success.
+ * \return              A specific error code on failure.
+ */
+int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx,
+                             const unsigned char *tag, size_t tag_len);
+#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
+
+/**
+ * \brief               The generic all-in-one encryption/decryption function,
+ *                      for all ciphers except AEAD constructs.
+ *
+ * \param ctx           The generic cipher context. This must be initialized.
+ * \param iv            The IV to use, or NONCE_COUNTER for CTR-mode ciphers.
+ *                      This must be a readable buffer of at least \p iv_len
+ *                      Bytes.
+ * \param iv_len        The IV length for ciphers with variable-size IV.
+ *                      This parameter is discarded by ciphers with fixed-size
+ *                      IV.
+ * \param input         The buffer holding the input data. This must be a
+ *                      readable buffer of at least \p ilen Bytes.
+ * \param ilen          The length of the input data in Bytes.
+ * \param output        The buffer for the output data. This must be able to
+ *                      hold at least `ilen + block_size`. This must not be the
+ *                      same buffer as \p input.
+ * \param olen          The length of the output data, to be updated with the
+ *                      actual number of Bytes written. This must not be
+ *                      \c NULL.
+ *
+ * \note                Some ciphers do not use IVs nor nonce. For these
+ *                      ciphers, use \p iv = NULL and \p iv_len = 0.
+ *
+ * \return              \c 0 on success.
+ * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
+ *                      parameter-verification failure.
+ * \return              #MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED on decryption
+ *                      expecting a full block but not receiving one.
+ * \return              #MBEDTLS_ERR_CIPHER_INVALID_PADDING on invalid padding
+ *                      while decrypting.
+ * \return              A cipher-specific error code on failure.
+ */
+int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx,
+                         const unsigned char *iv, size_t iv_len,
+                         const unsigned char *input, size_t ilen,
+                         unsigned char *output, size_t *olen);
+
+#if defined(MBEDTLS_CIPHER_MODE_AEAD)
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED    __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif /* MBEDTLS_DEPRECATED_WARNING */
+/**
+ * \brief               The generic authenticated encryption (AEAD) function.
+ *
+ * \deprecated          Superseded by mbedtls_cipher_auth_encrypt_ext().
+ *
+ * \note                This function only supports AEAD algorithms, not key
+ *                      wrapping algorithms such as NIST_KW; for this, see
+ *                      mbedtls_cipher_auth_encrypt_ext().
+ *
+ * \param ctx           The generic cipher context. This must be initialized and
+ *                      bound to a key associated with an AEAD algorithm.
+ * \param iv            The nonce to use. This must be a readable buffer of
+ *                      at least \p iv_len Bytes and must not be \c NULL.
+ * \param iv_len        The length of the nonce. This must satisfy the
+ *                      constraints imposed by the AEAD cipher used.
+ * \param ad            The additional data to authenticate. This must be a
+ *                      readable buffer of at least \p ad_len Bytes, and may
+ *                      be \c NULL is \p ad_len is \c 0.
+ * \param ad_len        The length of \p ad.
+ * \param input         The buffer holding the input data. This must be a
+ *                      readable buffer of at least \p ilen Bytes, and may be
+ *                      \c NULL if \p ilen is \c 0.
+ * \param ilen          The length of the input data.
+ * \param output        The buffer for the output data. This must be a
+ *                      writable buffer of at least \p ilen Bytes, and must
+ *                      not be \c NULL.
+ * \param olen          This will be filled with the actual number of Bytes
+ *                      written to the \p output buffer. This must point to a
+ *                      writable object of type \c size_t.
+ * \param tag           The buffer for the authentication tag. This must be a
+ *                      writable buffer of at least \p tag_len Bytes. See note
+ *                      below regarding restrictions with PSA-based contexts.
+ * \param tag_len       The desired length of the authentication tag. This
+ *                      must match the constraints imposed by the AEAD cipher
+ *                      used, and in particular must not be \c 0.
+ *
+ * \note                If the context is based on PSA (that is, it was set up
+ *                      with mbedtls_cipher_setup_psa()), then it is required
+ *                      that \c tag == output + ilen. That is, the tag must be
+ *                      appended to the ciphertext as recommended by RFC 5116.
+ *
+ * \return              \c 0 on success.
+ * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
+ *                      parameter-verification failure.
+ * \return              A cipher-specific error code on failure.
+ */
+int MBEDTLS_DEPRECATED mbedtls_cipher_auth_encrypt(
+    mbedtls_cipher_context_t *ctx,
+    const unsigned char *iv, size_t iv_len,
+    const unsigned char *ad, size_t ad_len,
+    const unsigned char *input, size_t ilen,
+    unsigned char *output, size_t *olen,
+    unsigned char *tag, size_t tag_len);
+
+/**
+ * \brief               The generic authenticated decryption (AEAD) function.
+ *
+ * \deprecated          Superseded by mbedtls_cipher_auth_decrypt_ext().
+ *
+ * \note                This function only supports AEAD algorithms, not key
+ *                      wrapping algorithms such as NIST_KW; for this, see
+ *                      mbedtls_cipher_auth_decrypt_ext().
+ *
+ * \note                If the data is not authentic, then the output buffer
+ *                      is zeroed out to prevent the unauthentic plaintext being
+ *                      used, making this interface safer.
+ *
+ * \param ctx           The generic cipher context. This must be initialized and
+ *                      bound to a key associated with an AEAD algorithm.
+ * \param iv            The nonce to use. This must be a readable buffer of
+ *                      at least \p iv_len Bytes and must not be \c NULL.
+ * \param iv_len        The length of the nonce. This must satisfy the
+ *                      constraints imposed by the AEAD cipher used.
+ * \param ad            The additional data to authenticate. This must be a
+ *                      readable buffer of at least \p ad_len Bytes, and may
+ *                      be \c NULL is \p ad_len is \c 0.
+ * \param ad_len        The length of \p ad.
+ * \param input         The buffer holding the input data. This must be a
+ *                      readable buffer of at least \p ilen Bytes, and may be
+ *                      \c NULL if \p ilen is \c 0.
+ * \param ilen          The length of the input data.
+ * \param output        The buffer for the output data. This must be a
+ *                      writable buffer of at least \p ilen Bytes, and must
+ *                      not be \c NULL.
+ * \param olen          This will be filled with the actual number of Bytes
+ *                      written to the \p output buffer. This must point to a
+ *                      writable object of type \c size_t.
+ * \param tag           The buffer for the authentication tag. This must be a
+ *                      readable buffer of at least \p tag_len Bytes. See note
+ *                      below regarding restrictions with PSA-based contexts.
+ * \param tag_len       The length of the authentication tag. This must match
+ *                      the constraints imposed by the AEAD cipher used, and in
+ *                      particular must not be \c 0.
+ *
+ * \note                If the context is based on PSA (that is, it was set up
+ *                      with mbedtls_cipher_setup_psa()), then it is required
+ *                      that \c tag == input + len. That is, the tag must be
+ *                      appended to the ciphertext as recommended by RFC 5116.
+ *
+ * \return              \c 0 on success.
+ * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
+ *                      parameter-verification failure.
+ * \return              #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic.
+ * \return              A cipher-specific error code on failure.
+ */
+int MBEDTLS_DEPRECATED mbedtls_cipher_auth_decrypt(
+    mbedtls_cipher_context_t *ctx,
+    const unsigned char *iv, size_t iv_len,
+    const unsigned char *ad, size_t ad_len,
+    const unsigned char *input, size_t ilen,
+    unsigned char *output, size_t *olen,
+    const unsigned char *tag, size_t tag_len);
+#undef MBEDTLS_DEPRECATED
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
+#endif /* MBEDTLS_CIPHER_MODE_AEAD */
+
+#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
+/**
+ * \brief               The authenticated encryption (AEAD/NIST_KW) function.
+ *
+ * \note                For AEAD modes, the tag will be appended to the
+ *                      ciphertext, as recommended by RFC 5116.
+ *                      (NIST_KW doesn't have a separate tag.)
+ *
+ * \param ctx           The generic cipher context. This must be initialized and
+ *                      bound to a key, with an AEAD algorithm or NIST_KW.
+ * \param iv            The nonce to use. This must be a readable buffer of
+ *                      at least \p iv_len Bytes and may be \c NULL if \p
+ *                      iv_len is \c 0.
+ * \param iv_len        The length of the nonce. For AEAD ciphers, this must
+ *                      satisfy the constraints imposed by the cipher used.
+ *                      For NIST_KW, this must be \c 0.
+ * \param ad            The additional data to authenticate. This must be a
+ *                      readable buffer of at least \p ad_len Bytes, and may
+ *                      be \c NULL is \p ad_len is \c 0.
+ * \param ad_len        The length of \p ad. For NIST_KW, this must be \c 0.
+ * \param input         The buffer holding the input data. This must be a
+ *                      readable buffer of at least \p ilen Bytes, and may be
+ *                      \c NULL if \p ilen is \c 0.
+ * \param ilen          The length of the input data.
+ * \param output        The buffer for the output data. This must be a
+ *                      writable buffer of at least \p output_len Bytes, and
+ *                      must not be \c NULL.
+ * \param output_len    The length of the \p output buffer in Bytes. For AEAD
+ *                      ciphers, this must be at least \p ilen + \p tag_len.
+ *                      For NIST_KW, this must be at least \p ilen + 8
+ *                      (rounded up to a multiple of 8 if KWP is used);
+ *                      \p ilen + 15 is always a safe value.
+ * \param olen          This will be filled with the actual number of Bytes
+ *                      written to the \p output buffer. This must point to a
+ *                      writable object of type \c size_t.
+ * \param tag_len       The desired length of the authentication tag. For AEAD
+ *                      ciphers, this must match the constraints imposed by
+ *                      the cipher used, and in particular must not be \c 0.
+ *                      For NIST_KW, this must be \c 0.
+ *
+ * \return              \c 0 on success.
+ * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
+ *                      parameter-verification failure.
+ * \return              A cipher-specific error code on failure.
+ */
+int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx,
+                                    const unsigned char *iv, size_t iv_len,
+                                    const unsigned char *ad, size_t ad_len,
+                                    const unsigned char *input, size_t ilen,
+                                    unsigned char *output, size_t output_len,
+                                    size_t *olen, size_t tag_len);
+
+/**
+ * \brief               The authenticated encryption (AEAD/NIST_KW) function.
+ *
+ * \note                If the data is not authentic, then the output buffer
+ *                      is zeroed out to prevent the unauthentic plaintext being
+ *                      used, making this interface safer.
+ *
+ * \note                For AEAD modes, the tag must be appended to the
+ *                      ciphertext, as recommended by RFC 5116.
+ *                      (NIST_KW doesn't have a separate tag.)
+ *
+ * \param ctx           The generic cipher context. This must be initialized and
+ *                      bound to a key, with an AEAD algorithm or NIST_KW.
+ * \param iv            The nonce to use. This must be a readable buffer of
+ *                      at least \p iv_len Bytes and may be \c NULL if \p
+ *                      iv_len is \c 0.
+ * \param iv_len        The length of the nonce. For AEAD ciphers, this must
+ *                      satisfy the constraints imposed by the cipher used.
+ *                      For NIST_KW, this must be \c 0.
+ * \param ad            The additional data to authenticate. This must be a
+ *                      readable buffer of at least \p ad_len Bytes, and may
+ *                      be \c NULL is \p ad_len is \c 0.
+ * \param ad_len        The length of \p ad. For NIST_KW, this must be \c 0.
+ * \param input         The buffer holding the input data. This must be a
+ *                      readable buffer of at least \p ilen Bytes, and may be
+ *                      \c NULL if \p ilen is \c 0.
+ * \param ilen          The length of the input data. For AEAD ciphers this
+ *                      must be at least \p tag_len. For NIST_KW this must be
+ *                      at least \c 8.
+ * \param output        The buffer for the output data. This must be a
+ *                      writable buffer of at least \p output_len Bytes, and
+ *                      may be \c NULL if \p output_len is \c 0.
+ * \param output_len    The length of the \p output buffer in Bytes. For AEAD
+ *                      ciphers, this must be at least \p ilen - \p tag_len.
+ *                      For NIST_KW, this must be at least \p ilen - 8.
+ * \param olen          This will be filled with the actual number of Bytes
+ *                      written to the \p output buffer. This must point to a
+ *                      writable object of type \c size_t.
+ * \param tag_len       The actual length of the authentication tag. For AEAD
+ *                      ciphers, this must match the constraints imposed by
+ *                      the cipher used, and in particular must not be \c 0.
+ *                      For NIST_KW, this must be \c 0.
+ *
+ * \return              \c 0 on success.
+ * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
+ *                      parameter-verification failure.
+ * \return              #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic.
+ * \return              A cipher-specific error code on failure.
+ */
+int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx,
+                                    const unsigned char *iv, size_t iv_len,
+                                    const unsigned char *ad, size_t ad_len,
+                                    const unsigned char *input, size_t ilen,
+                                    unsigned char *output, size_t output_len,
+                                    size_t *olen, size_t tag_len);
+#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_CIPHER_H */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/cipher_internal.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/cipher_internal.h
new file mode 100644
index 0000000..c98abab
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/cipher_internal.h
@@ -0,0 +1,134 @@
+/**
+ * \file cipher_internal.h
+ *
+ * \brief Cipher wrappers.
+ *
+ * \author Adriaan de Jong <dejong@fox-it.com>
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_CIPHER_WRAP_H
+#define MBEDTLS_CIPHER_WRAP_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/cipher.h"
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * Base cipher information. The non-mode specific functions and values.
+ */
+struct mbedtls_cipher_base_t {
+    /** Base Cipher type (e.g. MBEDTLS_CIPHER_ID_AES) */
+    mbedtls_cipher_id_t cipher;
+
+    /** Encrypt using ECB */
+    int (*ecb_func)(void *ctx, mbedtls_operation_t mode,
+                    const unsigned char *input, unsigned char *output);
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    /** Encrypt using CBC */
+    int (*cbc_func)(void *ctx, mbedtls_operation_t mode, size_t length,
+                    unsigned char *iv, const unsigned char *input,
+                    unsigned char *output);
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    /** Encrypt using CFB (Full length) */
+    int (*cfb_func)(void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off,
+                    unsigned char *iv, const unsigned char *input,
+                    unsigned char *output);
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    /** Encrypt using OFB (Full length) */
+    int (*ofb_func)(void *ctx, size_t length, size_t *iv_off,
+                    unsigned char *iv,
+                    const unsigned char *input,
+                    unsigned char *output);
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    /** Encrypt using CTR */
+    int (*ctr_func)(void *ctx, size_t length, size_t *nc_off,
+                    unsigned char *nonce_counter, unsigned char *stream_block,
+                    const unsigned char *input, unsigned char *output);
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    /** Encrypt or decrypt using XTS. */
+    int (*xts_func)(void *ctx, mbedtls_operation_t mode, size_t length,
+                    const unsigned char data_unit[16],
+                    const unsigned char *input, unsigned char *output);
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    /** Encrypt using STREAM */
+    int (*stream_func)(void *ctx, size_t length,
+                       const unsigned char *input, unsigned char *output);
+#endif
+
+    /** Set key for encryption purposes */
+    int (*setkey_enc_func)(void *ctx, const unsigned char *key,
+                           unsigned int key_bitlen);
+
+    /** Set key for decryption purposes */
+    int (*setkey_dec_func)(void *ctx, const unsigned char *key,
+                           unsigned int key_bitlen);
+
+    /** Allocate a new context */
+    void * (*ctx_alloc_func)(void);
+
+    /** Free the given context */
+    void (*ctx_free_func)(void *ctx);
+
+};
+
+typedef struct {
+    mbedtls_cipher_type_t type;
+    const mbedtls_cipher_info_t *info;
+} mbedtls_cipher_definition_t;
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+typedef enum {
+    MBEDTLS_CIPHER_PSA_KEY_UNSET = 0,
+    MBEDTLS_CIPHER_PSA_KEY_OWNED, /* Used for PSA-based cipher contexts which */
+                                  /* use raw key material internally imported */
+                                  /* as a volatile key, and which hence need  */
+                                  /* to destroy that key when the context is  */
+                                  /* freed.                                   */
+    MBEDTLS_CIPHER_PSA_KEY_NOT_OWNED, /* Used for PSA-based cipher contexts   */
+                                      /* which use a key provided by the      */
+                                      /* user, and which hence will not be    */
+                                      /* destroyed when the context is freed. */
+} mbedtls_cipher_psa_key_ownership;
+
+typedef struct {
+    psa_algorithm_t alg;
+    psa_key_id_t slot;
+    mbedtls_cipher_psa_key_ownership slot_state;
+} mbedtls_cipher_context_psa;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+extern const mbedtls_cipher_definition_t mbedtls_cipher_definitions[];
+
+extern int mbedtls_cipher_supported[];
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_CIPHER_WRAP_H */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/cmac.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/cmac.h
new file mode 100644
index 0000000..89634dc
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/cmac.h
@@ -0,0 +1,238 @@
+/**
+ * \file cmac.h
+ *
+ * \brief This file contains CMAC definitions and functions.
+ *
+ * The Cipher-based Message Authentication Code (CMAC) Mode for
+ * Authentication is defined in <em>RFC-4493: The AES-CMAC Algorithm</em>.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MBEDTLS_CMAC_H
+#define MBEDTLS_CMAC_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/cipher.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED is deprecated and should not be used. */
+/** CMAC hardware accelerator failed. */
+#define MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED -0x007A
+
+#define MBEDTLS_AES_BLOCK_SIZE          16
+#define MBEDTLS_DES3_BLOCK_SIZE         8
+
+
+/* Although the CMAC module does not support ARIA or CAMELLIA, we adjust the value of
+ * MBEDTLS_CIPHER_BLKSIZE_MAX to reflect these ciphers.
+ * This is done to avoid confusion, given the general-purpose name of the macro. */
+#if defined(MBEDTLS_AES_C) || defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C)
+#define MBEDTLS_CIPHER_BLKSIZE_MAX      16  /**< The longest block used by CMAC is that of AES. */
+#else
+#define MBEDTLS_CIPHER_BLKSIZE_MAX      8   /**< The longest block used by CMAC is that of 3DES. */
+#endif
+
+#if !defined(MBEDTLS_CMAC_ALT)
+
+/**
+ * The CMAC context structure.
+ */
+struct mbedtls_cmac_context_t {
+    /** The internal state of the CMAC algorithm.  */
+    unsigned char       state[MBEDTLS_CIPHER_BLKSIZE_MAX];
+
+    /** Unprocessed data - either data that was not block aligned and is still
+     *  pending processing, or the final block. */
+    unsigned char       unprocessed_block[MBEDTLS_CIPHER_BLKSIZE_MAX];
+
+    /** The length of data pending processing. */
+    size_t              unprocessed_len;
+};
+
+#else  /* !MBEDTLS_CMAC_ALT */
+#include "cmac_alt.h"
+#endif /* !MBEDTLS_CMAC_ALT */
+
+/**
+ * \brief               This function starts a new CMAC computation
+ *                      by setting the CMAC key, and preparing to authenticate
+ *                      the input data.
+ *                      It must be called with an initialized cipher context.
+ *
+ *                      Once this function has completed, data can be supplied
+ *                      to the CMAC computation by calling
+ *                      mbedtls_cipher_cmac_update().
+ *
+ *                      To start a CMAC computation using the same key as a previous
+ *                      CMAC computation, use mbedtls_cipher_cmac_finish().
+ *
+ * \note                When the CMAC implementation is supplied by an alternate
+ *                      implementation (through #MBEDTLS_CMAC_ALT), some ciphers
+ *                      may not be supported by that implementation, and thus
+ *                      return an error. Alternate implementations must support
+ *                      AES-128 and AES-256, and may support AES-192 and 3DES.
+ *
+ * \param ctx           The cipher context used for the CMAC operation, initialized
+ *                      as one of the following types: MBEDTLS_CIPHER_AES_128_ECB,
+ *                      MBEDTLS_CIPHER_AES_192_ECB, MBEDTLS_CIPHER_AES_256_ECB,
+ *                      or MBEDTLS_CIPHER_DES_EDE3_ECB.
+ * \param key           The CMAC key.
+ * \param keybits       The length of the CMAC key in bits.
+ *                      Must be supported by the cipher.
+ *
+ * \return              \c 0 on success.
+ * \return              A cipher-specific error code on failure.
+ */
+int mbedtls_cipher_cmac_starts(mbedtls_cipher_context_t *ctx,
+                               const unsigned char *key, size_t keybits);
+
+/**
+ * \brief               This function feeds an input buffer into an ongoing CMAC
+ *                      computation.
+ *
+ *                      The CMAC computation must have previously been started
+ *                      by calling mbedtls_cipher_cmac_starts() or
+ *                      mbedtls_cipher_cmac_reset().
+ *
+ *                      Call this function as many times as needed to input the
+ *                      data to be authenticated.
+ *                      Once all of the required data has been input,
+ *                      call mbedtls_cipher_cmac_finish() to obtain the result
+ *                      of the CMAC operation.
+ *
+ * \param ctx           The cipher context used for the CMAC operation.
+ * \param input         The buffer holding the input data.
+ * \param ilen          The length of the input data.
+ *
+ * \return             \c 0 on success.
+ * \return             #MBEDTLS_ERR_MD_BAD_INPUT_DATA
+ *                     if parameter verification fails.
+ */
+int mbedtls_cipher_cmac_update(mbedtls_cipher_context_t *ctx,
+                               const unsigned char *input, size_t ilen);
+
+/**
+ * \brief               This function finishes an ongoing CMAC operation, and
+ *                      writes the result to the output buffer.
+ *
+ *                      It should be followed either by
+ *                      mbedtls_cipher_cmac_reset(), which starts another CMAC
+ *                      operation with the same key, or mbedtls_cipher_free(),
+ *                      which clears the cipher context.
+ *
+ * \param ctx           The cipher context used for the CMAC operation.
+ * \param output        The output buffer for the CMAC checksum result.
+ *
+ * \return              \c 0 on success.
+ * \return              #MBEDTLS_ERR_MD_BAD_INPUT_DATA
+ *                      if parameter verification fails.
+ */
+int mbedtls_cipher_cmac_finish(mbedtls_cipher_context_t *ctx,
+                               unsigned char *output);
+
+/**
+ * \brief               This function starts a new CMAC operation with the same
+ *                      key as the previous one.
+ *
+ *                      It should be called after finishing the previous CMAC
+ *                      operation with mbedtls_cipher_cmac_finish().
+ *                      After calling this function,
+ *                      call mbedtls_cipher_cmac_update() to supply the new
+ *                      CMAC operation with data.
+ *
+ * \param ctx           The cipher context used for the CMAC operation.
+ *
+ * \return              \c 0 on success.
+ * \return              #MBEDTLS_ERR_MD_BAD_INPUT_DATA
+ *                      if parameter verification fails.
+ */
+int mbedtls_cipher_cmac_reset(mbedtls_cipher_context_t *ctx);
+
+/**
+ * \brief               This function calculates the full generic CMAC
+ *                      on the input buffer with the provided key.
+ *
+ *                      The function allocates the context, performs the
+ *                      calculation, and frees the context.
+ *
+ *                      The CMAC result is calculated as
+ *                      output = generic CMAC(cmac key, input buffer).
+ *
+ * \note                When the CMAC implementation is supplied by an alternate
+ *                      implementation (through #MBEDTLS_CMAC_ALT), some ciphers
+ *                      may not be supported by that implementation, and thus
+ *                      return an error. Alternate implementations must support
+ *                      AES-128 and AES-256, and may support AES-192 and 3DES.
+ *
+ * \param cipher_info   The cipher information.
+ * \param key           The CMAC key.
+ * \param keylen        The length of the CMAC key in bits.
+ * \param input         The buffer holding the input data.
+ * \param ilen          The length of the input data.
+ * \param output        The buffer for the generic CMAC result.
+ *
+ * \return              \c 0 on success.
+ * \return              #MBEDTLS_ERR_MD_BAD_INPUT_DATA
+ *                      if parameter verification fails.
+ */
+int mbedtls_cipher_cmac(const mbedtls_cipher_info_t *cipher_info,
+                        const unsigned char *key, size_t keylen,
+                        const unsigned char *input, size_t ilen,
+                        unsigned char *output);
+
+#if defined(MBEDTLS_AES_C)
+/**
+ * \brief           This function implements the AES-CMAC-PRF-128 pseudorandom
+ *                  function, as defined in
+ *                  <em>RFC-4615: The Advanced Encryption Standard-Cipher-based
+ *                  Message Authentication Code-Pseudo-Random Function-128
+ *                  (AES-CMAC-PRF-128) Algorithm for the Internet Key
+ *                  Exchange Protocol (IKE).</em>
+ *
+ * \param key       The key to use.
+ * \param key_len   The key length in Bytes.
+ * \param input     The buffer holding the input data.
+ * \param in_len    The length of the input data in Bytes.
+ * \param output    The buffer holding the generated 16 Bytes of
+ *                  pseudorandom output.
+ *
+ * \return          \c 0 on success.
+ */
+int mbedtls_aes_cmac_prf_128(const unsigned char *key, size_t key_len,
+                             const unsigned char *input, size_t in_len,
+                             unsigned char output[16]);
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_SELF_TEST) && (defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C))
+/**
+ * \brief          The CMAC checkup routine.
+ *
+ * \note           In case the CMAC routines are provided by an alternative
+ *                 implementation (i.e. #MBEDTLS_CMAC_ALT is defined), the
+ *                 checkup routine will succeed even if the implementation does
+ *                 not support the less widely used AES-192 or 3DES primitives.
+ *                 The self-test requires at least AES-128 and AES-256 to be
+ *                 supported by the underlying implementation.
+ *
+ * \return         \c 0 on success.
+ * \return         \c 1 on failure.
+ */
+int mbedtls_cmac_self_test(int verbose);
+#endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_CMAC_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/compat-1.3.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/compat-1.3.h
similarity index 98%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/compat-1.3.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/compat-1.3.h
index 4017751..de8f625 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/compat-1.3.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/compat-1.3.h
@@ -1,26 +1,14 @@
 /**
  * \file compat-1.3.h
  *
- * \brief Compatibility definitions for using mbed TLS with client code written
+ * \brief Compatibility definitions for using Mbed TLS with client code written
  *  for the PolarSSL naming conventions.
  *
  * \deprecated Use the new names directly instead
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #if !defined(MBEDTLS_CONFIG_FILE)
@@ -29,7 +17,7 @@
 #include MBEDTLS_CONFIG_FILE
 #endif
 
-#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
 
 #if defined(MBEDTLS_DEPRECATED_WARNING)
 #warning "Including compat-1.3.h is deprecated"
@@ -597,7 +585,8 @@
 #define POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3 MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
 #endif
 #if defined MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
-#define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
+#define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION \
+    MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
 #endif
 #if defined MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
 #define POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
@@ -1382,8 +1371,8 @@
 #define SSL_ANTI_REPLAY_ENABLED MBEDTLS_SSL_ANTI_REPLAY_ENABLED
 #define SSL_ARC4_DISABLED MBEDTLS_SSL_ARC4_DISABLED
 #define SSL_ARC4_ENABLED MBEDTLS_SSL_ARC4_ENABLED
-#define SSL_BUFFER_LEN ( ( ( MBEDTLS_SSL_IN_BUFFER_LEN ) < ( MBEDTLS_SSL_OUT_BUFFER_LEN ) ) \
-                         ? ( MBEDTLS_SSL_IN_BUFFER_LEN ) : ( MBEDTLS_SSL_OUT_BUFFER_LEN ) )
+#define SSL_BUFFER_LEN (((MBEDTLS_SSL_IN_BUFFER_LEN) < (MBEDTLS_SSL_OUT_BUFFER_LEN)) \
+                         ? (MBEDTLS_SSL_IN_BUFFER_LEN) : (MBEDTLS_SSL_OUT_BUFFER_LEN))
 #define SSL_CACHE_DEFAULT_MAX_ENTRIES MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES
 #define SSL_CACHE_DEFAULT_TIMEOUT MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT
 #define SSL_CBC_RECORD_SPLITTING_DISABLED MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED
@@ -1554,10 +1543,14 @@
 #define TLS_ECDHE_ECDSA_WITH_AES_256_CCM MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM
 #define TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
 #define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
-#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
-#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
-#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
-#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 \
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 \
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 \
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 \
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
 #define TLS_ECDHE_ECDSA_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
 #define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
 #define TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
@@ -1565,8 +1558,10 @@
 #define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
 #define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
 #define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
-#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
-#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 \
+    MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 \
+    MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
 #define TLS_ECDHE_PSK_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA
 #define TLS_ECDHE_PSK_WITH_NULL_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256
 #define TLS_ECDHE_PSK_WITH_NULL_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384
@@ -1578,10 +1573,14 @@
 #define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
 #define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
 #define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
-#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
-#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
-#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
-#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 \
+    MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 \
+    MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 \
+    MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
+#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 \
+    MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
 #define TLS_ECDHE_RSA_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
 #define TLS_ECDHE_RSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
 #define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
@@ -1591,10 +1590,14 @@
 #define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
 #define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
 #define TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
-#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
-#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
-#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
-#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 \
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 \
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 \
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 \
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
 #define TLS_ECDH_ECDSA_WITH_NULL_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
 #define TLS_ECDH_ECDSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
 #define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
@@ -2492,7 +2495,8 @@
 #define x509write_crt_free mbedtls_x509write_crt_free
 #define x509write_crt_init mbedtls_x509write_crt_init
 #define x509write_crt_pem mbedtls_x509write_crt_pem
-#define x509write_crt_set_authority_key_identifier mbedtls_x509write_crt_set_authority_key_identifier
+#define x509write_crt_set_authority_key_identifier \
+    mbedtls_x509write_crt_set_authority_key_identifier
 #define x509write_crt_set_basic_constraints mbedtls_x509write_crt_set_basic_constraints
 #define x509write_crt_set_extension mbedtls_x509write_crt_set_extension
 #define x509write_crt_set_issuer_key mbedtls_x509write_crt_set_issuer_key
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/config.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/config.h
similarity index 84%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/config.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/config.h
index 464b61e..ac2146e 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/config.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/config.h
@@ -9,19 +9,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #ifndef MBEDTLS_CONFIG_H
@@ -51,7 +39,7 @@
  *      include/mbedtls/bn_mul.h
  *
  * Required by:
- *      MBEDTLS_AESNI_C
+ *      MBEDTLS_AESNI_C (on some platforms)
  *      MBEDTLS_PADLOCK_C
  *
  * Comment to disable the use of assembly code.
@@ -128,7 +116,12 @@
  * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and
  * MBEDTLS_PLATFORM_STD_TIME.
  *
- * Comment if your system does not support time functions
+ * Comment if your system does not support time functions.
+ *
+ * \note If MBEDTLS_TIMING_C is set - to enable the semi-portable timing
+ *       interface - timing.c will include time.h on suitable platforms
+ *       regardless of the setting of MBEDTLS_HAVE_TIME, unless
+ *       MBEDTLS_TIMING_ALT is used. See timing.c for more information.
  */
 #define MBEDTLS_HAVE_TIME
 
@@ -158,19 +151,51 @@
  *
  * Enable the memory allocation layer.
  *
- * By default mbed TLS uses the system-provided calloc() and free().
+ * By default Mbed TLS uses the system-provided calloc() and free().
  * This allows different allocators (self-implemented or provided) to be
  * provided to the platform abstraction layer.
  *
- * Enabling MBEDTLS_PLATFORM_MEMORY without the
+ * Enabling #MBEDTLS_PLATFORM_MEMORY without the
  * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide
  * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and
  * free() function pointer at runtime.
  *
- * Enabling MBEDTLS_PLATFORM_MEMORY and specifying
+ * Enabling #MBEDTLS_PLATFORM_MEMORY and specifying
  * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the
  * alternate function at compile time.
  *
+ * An overview of how the value of mbedtls_calloc is determined:
+ *
+ * - if !MBEDTLS_PLATFORM_MEMORY
+ *     - mbedtls_calloc = calloc
+ * - if MBEDTLS_PLATFORM_MEMORY
+ *     - if (MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO):
+ *         - mbedtls_calloc = MBEDTLS_PLATFORM_CALLOC_MACRO
+ *     - if !(MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO):
+ *         - Dynamic setup via mbedtls_platform_set_calloc_free is now possible with a default value MBEDTLS_PLATFORM_STD_CALLOC.
+ *         - How is MBEDTLS_PLATFORM_STD_CALLOC handled?
+ *         - if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS:
+ *             - MBEDTLS_PLATFORM_STD_CALLOC is not set to anything;
+ *             - MBEDTLS_PLATFORM_STD_MEM_HDR can be included if present;
+ *         - if !MBEDTLS_PLATFORM_NO_STD_FUNCTIONS:
+ *             - if MBEDTLS_PLATFORM_STD_CALLOC is present:
+ *                 - User-defined MBEDTLS_PLATFORM_STD_CALLOC is respected;
+ *             - if !MBEDTLS_PLATFORM_STD_CALLOC:
+ *                 - MBEDTLS_PLATFORM_STD_CALLOC = calloc
+ *
+ *         - At this point the presence of MBEDTLS_PLATFORM_STD_CALLOC is checked.
+ *         - if !MBEDTLS_PLATFORM_STD_CALLOC
+ *             - MBEDTLS_PLATFORM_STD_CALLOC = uninitialized_calloc
+ *
+ *         - mbedtls_calloc = MBEDTLS_PLATFORM_STD_CALLOC.
+ *
+ * Defining MBEDTLS_PLATFORM_CALLOC_MACRO and #MBEDTLS_PLATFORM_STD_CALLOC at the same time is not possible.
+ * MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_FREE_MACRO must both be defined or undefined at the same time.
+ * #MBEDTLS_PLATFORM_STD_CALLOC and #MBEDTLS_PLATFORM_STD_FREE do not have to be defined at the same time, as, if they are used,
+ * dynamic setup of these functions is possible. See the tree above to see how are they handled in all cases.
+ * An uninitialized #MBEDTLS_PLATFORM_STD_CALLOC always fails, returning a null pointer.
+ * An uninitialized #MBEDTLS_PLATFORM_STD_FREE does not do anything.
+ *
  * Requires: MBEDTLS_PLATFORM_C
  *
  * Enable this layer to allow use of alternative memory allocators.
@@ -199,10 +224,10 @@
 /**
  * \def MBEDTLS_PLATFORM_EXIT_ALT
  *
- * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the
+ * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let Mbed TLS support the
  * function in the platform abstraction layer.
  *
- * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will
+ * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, Mbed TLS will
  * provide a function "mbedtls_platform_set_printf()" that allows you to set an
  * alternative printf function pointer.
  *
@@ -228,6 +253,45 @@
 //#define MBEDTLS_PLATFORM_NV_SEED_ALT
 //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
 
+/**
+ * Uncomment the macro to let Mbed TLS use your alternate implementation of
+ * mbedtls_platform_gmtime_r(). This replaces the default implementation in
+ * platform_util.c.
+ *
+ * gmtime() is not a thread-safe function as defined in the C standard. The
+ * library will try to use safer implementations of this function, such as
+ * gmtime_r() when available. However, if Mbed TLS cannot identify the target
+ * system, the implementation of mbedtls_platform_gmtime_r() will default to
+ * using the standard gmtime(). In this case, calls from the library to
+ * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex
+ * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the
+ * library are also guarded with this mutex to avoid race conditions. However,
+ * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will
+ * unconditionally use the implementation for mbedtls_platform_gmtime_r()
+ * supplied at compile time.
+ */
+//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
+
+/**
+ * Uncomment the macro to let Mbed TLS use your alternate implementation of
+ * mbedtls_platform_zeroize(). This replaces the default implementation in
+ * platform_util.c.
+ *
+ * mbedtls_platform_zeroize() is a widely used function across the library to
+ * zero a block of memory. The implementation is expected to be secure in the
+ * sense that it has been written to prevent the compiler from removing calls
+ * to mbedtls_platform_zeroize() as part of redundant code elimination
+ * optimizations. However, it is difficult to guarantee that calls to
+ * mbedtls_platform_zeroize() will not be optimized by the compiler as older
+ * versions of the C language standards do not provide a secure implementation
+ * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to
+ * configure their own implementation of mbedtls_platform_zeroize(), for
+ * example by using directives specific to their compiler, features from newer
+ * C standards (e.g using memset_s() in C11) or calling a secure memset() from
+ * their system (e.g explicit_bzero() in BSD).
+ */
+//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
+
 /**
  * \def MBEDTLS_DEPRECATED_WARNING
  *
@@ -321,10 +385,10 @@
  */
 //#define MBEDTLS_CHECK_PARAMS_ASSERT
 
-/* \} name SECTION: System support */
+/** \} name SECTION: System support */
 
 /**
- * \name SECTION: mbed TLS feature support
+ * \name SECTION: Mbed TLS feature support
  *
  * This section sets support for features that are or are not needed
  * within the modules that are enabled.
@@ -347,7 +411,7 @@
 /**
  * \def MBEDTLS_AES_ALT
  *
- * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your
+ * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let Mbed TLS use your
  * alternate core implementation of a symmetric crypto, an arithmetic or hash
  * module (e.g. platform specific assembly optimized implementations). Keep
  * in mind that the function prototypes should remain the same.
@@ -355,7 +419,7 @@
  * This replaces the whole module. If you only want to replace one of the
  * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
  *
- * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer
+ * Example: In case you uncomment MBEDTLS_AES_ALT, Mbed TLS will no longer
  * provide the "struct mbedtls_aes_context" definition and omit the base
  * function declarations and implementations. "aes_alt.h" will be included from
  * "aes.h" to include the new function definitions.
@@ -395,7 +459,7 @@
 //#define MBEDTLS_XTEA_ALT
 
 /*
- * When replacing the elliptic curve module, pleace consider, that it is
+ * When replacing the elliptic curve module, please consider, that it is
  * implemented with two .c files:
  *      - ecp.c
  *      - ecp_curves.c
@@ -408,14 +472,14 @@
 /**
  * \def MBEDTLS_MD2_PROCESS_ALT
  *
- * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
+ * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use you
  * alternate core implementation of symmetric crypto or hash function. Keep in
  * mind that function prototypes should remain the same.
  *
- * This replaces only one function. The header file from mbed TLS is still
+ * This replaces only one function. The header file from Mbed TLS is still
  * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags.
  *
- * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will
+ * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, Mbed TLS will
  * no longer provide the mbedtls_sha1_process() function, but it will still provide
  * the other function (using your mbedtls_sha1_process() function) and the definition
  * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
@@ -427,7 +491,7 @@
  *       be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
  *       must stay untouched.
  *
- * \note If you use the AES_xxx_ALT macros, then is is recommended to also set
+ * \note If you use the AES_xxx_ALT macros, then it is recommended to also set
  *       MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
  *       tables.
  *
@@ -475,15 +539,20 @@
  *
  * Expose a part of the internal interface of the Elliptic Curve Point module.
  *
- * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your
+ * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use your
  * alternative core implementation of elliptic curve arithmetic. Keep in mind
  * that function prototypes should remain the same.
  *
- * This partially replaces one function. The header file from mbed TLS is still
+ * This partially replaces one function. The header file from Mbed TLS is still
  * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation
  * is still present and it is used for group structures not supported by the
  * alternative.
  *
+ * The original implementation can in addition be removed by setting the
+ * MBEDTLS_ECP_NO_FALLBACK option, in which case any function for which the
+ * corresponding MBEDTLS_ECP__FUNCTION_NAME__ALT macro is defined will not be
+ * able to fallback to curves not supported by the alternative implementation.
+ *
  * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT
  * and implementing the following functions:
  *      unsigned char mbedtls_internal_ecp_grp_capable(
@@ -497,21 +566,28 @@
  * called before and after each point operation and provide an opportunity to
  * implement optimized set up and tear down instructions.
  *
- * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and
- * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac
- * function, but will use your mbedtls_internal_ecp_double_jac if the group is
- * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when
- * receives it as an argument). If the group is not supported then the original
- * implementation is used. The other functions and the definition of
- * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your
- * implementation of mbedtls_internal_ecp_double_jac and
- * mbedtls_internal_ecp_grp_capable must be compatible with this definition.
+ * Example: In case you set MBEDTLS_ECP_INTERNAL_ALT and
+ * MBEDTLS_ECP_DOUBLE_JAC_ALT, Mbed TLS will still provide the ecp_double_jac()
+ * function, but will use your mbedtls_internal_ecp_double_jac() if the group
+ * for the operation is supported by your implementation (i.e. your
+ * mbedtls_internal_ecp_grp_capable() function returns 1 for this group). If the
+ * group is not supported by your implementation, then the original Mbed TLS
+ * implementation of ecp_double_jac() is used instead, unless this fallback
+ * behaviour is disabled by setting MBEDTLS_ECP_NO_FALLBACK (in which case
+ * ecp_double_jac() will return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE).
+ *
+ * The function prototypes and the definition of mbedtls_ecp_group and
+ * mbedtls_ecp_point will not change based on MBEDTLS_ECP_INTERNAL_ALT, so your
+ * implementation of mbedtls_internal_ecp__function_name__ must be compatible
+ * with their definitions.
  *
  * Uncomment a macro to enable alternate implementation of the corresponding
  * function.
  */
 /* Required for all the functions in this section */
 //#define MBEDTLS_ECP_INTERNAL_ALT
+/* Turn off software fallback for curves not supported in hardware */
+//#define MBEDTLS_ECP_NO_FALLBACK
 /* Support for Weierstrass curves with Jacobi representation */
 //#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
 //#define MBEDTLS_ECP_ADD_MIXED_ALT
@@ -526,7 +602,7 @@
 /**
  * \def MBEDTLS_TEST_NULL_ENTROPY
  *
- * Enables testing and use of mbed TLS without any configured entropy sources.
+ * Enables testing and use of Mbed TLS without any configured entropy sources.
  * This permits use of the library on platforms before an entropy source has
  * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the
  * MBEDTLS_ENTROPY_NV_SEED switches).
@@ -543,7 +619,7 @@
 /**
  * \def MBEDTLS_ENTROPY_HARDWARE_ALT
  *
- * Uncomment this macro to let mbed TLS use your own implementation of a
+ * Uncomment this macro to let Mbed TLS use your own implementation of a
  * hardware entropy collector.
  *
  * Your function must be called \c mbedtls_hardware_poll(), have the same
@@ -604,6 +680,29 @@
  */
 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY
 
+/**
+ * \def MBEDTLS_CHECK_RETURN_WARNING
+ *
+ * If this macro is defined, emit a compile-time warning if application code
+ * calls a function without checking its return value, but the return value
+ * should generally be checked in portable applications.
+ *
+ * This is only supported on platforms where #MBEDTLS_CHECK_RETURN is
+ * implemented. Otherwise this option has no effect.
+ *
+ * Uncomment to get warnings on using fallible functions without checking
+ * their return value.
+ *
+ * \note  This feature is a work in progress.
+ *        Warnings will be added to more functions in the future.
+ *
+ * \note  A few functions are considered critical, and ignoring the return
+ *        value of these functions will trigger a warning even if this
+ *        macro is not defined. To completely disable return value check
+ *        warnings, define #MBEDTLS_CHECK_RETURN with an empty expansion.
+ */
+//#define MBEDTLS_CHECK_RETURN_WARNING
+
 /**
  * \def MBEDTLS_CIPHER_MODE_CBC
  *
@@ -746,6 +845,18 @@
  */
 #define MBEDTLS_REMOVE_3DES_CIPHERSUITES
 
+/**
+ * Enable the verified implementations of ECDH primitives from Project Everest
+ * (currently only Curve25519). This feature changes the layout of ECDH
+ * contexts and therefore is a compatibility break for applications that access
+ * fields of a mbedtls_ecdh_context structure directly. See also
+ * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h.
+ *
+ * The Everest code is provided under the Apache 2.0 license only; therefore enabling this
+ * option is not compatible with taking the library under the GPL v2.0-or-later license.
+ */
+//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
+
 /**
  * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
  *
@@ -819,12 +930,37 @@
  * This is useful in non-threaded environments if you want to avoid blocking
  * for too long on ECC (and, hence, X.509 or SSL/TLS) operations.
  *
- * Uncomment this macro to enable restartable ECC computations.
+ * This option:
+ * - Adds xxx_restartable() variants of existing operations in the
+ *   following modules, with corresponding restart context types:
+ *   - ECP (for Short Weierstrass curves only): scalar multiplication (mul),
+ *     linear combination (muladd);
+ *   - ECDSA: signature generation & verification;
+ *   - PK: signature generation & verification;
+ *   - X509: certificate chain verification.
+ * - Adds mbedtls_ecdh_enable_restart() in the ECDH module.
+ * - Changes the behaviour of TLS 1.2 clients (not servers) when using the
+ *   ECDHE-ECDSA key exchange (not other key exchanges) to make all ECC
+ *   computations restartable:
+ *   - ECDH operations from the key exchange, only for Short Weierstrass
+ *     curves;
+ *   - verification of the server's key exchange signature;
+ *   - verification of the server's certificate chain;
+ *   - generation of the client's signature if client authentication is used,
+ *     with an ECC key/certificate.
+ *
+ * \note  In the cases above, the usual SSL/TLS functions, such as
+ *        mbedtls_ssl_handshake(), can now return
+ *        MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS.
  *
  * \note  This option only works with the default software implementation of
  *        elliptic curve functionality. It is incompatible with
- *        MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT
- *        and MBEDTLS_ECDH_LEGACY_CONTEXT.
+ *        MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT,
+ *        MBEDTLS_ECDH_LEGACY_CONTEXT, and MBEDTLS_USE_PSA_CRYPTO.
+ *
+ * Requires: MBEDTLS_ECP_C
+ *
+ * Uncomment this macro to enable restartable ECC computations.
  */
 //#define MBEDTLS_ECP_RESTARTABLE
 
@@ -1289,7 +1425,7 @@
  * Include backtrace information with each allocated block.
  *
  * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
- *           GLIBC-compatible backtrace() an backtrace_symbols() support
+ *           GLIBC-compatible backtrace() and backtrace_symbols() support
  *
  * Uncomment this macro to include backtrace information
  */
@@ -1326,6 +1462,38 @@
  */
 #define MBEDTLS_PKCS1_V21
 
+/** \def MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
+ *
+ * Enable support for platform built-in keys. If you enable this feature,
+ * you must implement the function mbedtls_psa_platform_get_builtin_key().
+ * See the documentation of that function for more information.
+ *
+ * Built-in keys are typically derived from a hardware unique key or
+ * stored in a secure element.
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C.
+ *
+ * \warning This interface is experimental and may change or be removed
+ * without notice.
+ */
+//#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
+
+/** \def MBEDTLS_PSA_CRYPTO_CLIENT
+ *
+ * Enable support for PSA crypto client.
+ *
+ * \note This option allows to include the code necessary for a PSA
+ *       crypto client when the PSA crypto implementation is not included in
+ *       the library (MBEDTLS_PSA_CRYPTO_C disabled). The code included is the
+ *       code to set and get PSA key attributes.
+ *       The development of PSA drivers partially relying on the library to
+ *       fulfill the hardware gaps is another possible usage of this option.
+ *
+ * \warning This interface is experimental and may change or be removed
+ * without notice.
+ */
+//#define MBEDTLS_PSA_CRYPTO_CLIENT
+
 /** \def MBEDTLS_PSA_CRYPTO_DRIVERS
  *
  * Enable support for the experimental PSA crypto driver interface.
@@ -1337,6 +1505,44 @@
  */
 //#define MBEDTLS_PSA_CRYPTO_DRIVERS
 
+/** \def MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
+ *
+ * Make the PSA Crypto module use an external random generator provided
+ * by a driver, instead of Mbed TLS's entropy and DRBG modules.
+ *
+ * \note This random generator must deliver random numbers with cryptographic
+ *       quality and high performance. It must supply unpredictable numbers
+ *       with a uniform distribution. The implementation of this function
+ *       is responsible for ensuring that the random generator is seeded
+ *       with sufficient entropy. If you have a hardware TRNG which is slow
+ *       or delivers non-uniform output, declare it as an entropy source
+ *       with mbedtls_entropy_add_source() instead of enabling this option.
+ *
+ * If you enable this option, you must configure the type
+ * ::mbedtls_psa_external_random_context_t in psa/crypto_platform.h
+ * and define a function called mbedtls_psa_external_get_random()
+ * with the following prototype:
+ * ```
+ * psa_status_t mbedtls_psa_external_get_random(
+ *     mbedtls_psa_external_random_context_t *context,
+ *     uint8_t *output, size_t output_size, size_t *output_length);
+ * );
+ * ```
+ * The \c context value is initialized to 0 before the first call.
+ * The function must fill the \c output buffer with \c output_size bytes
+ * of random data and set \c *output_length to \c output_size.
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C
+ *
+ * \warning If you enable this option, code that uses the PSA cryptography
+ *          interface will not use any of the entropy sources set up for
+ *          the entropy module, nor the NV seed that MBEDTLS_ENTROPY_NV_SEED
+ *          enables.
+ *
+ * \note This option is experimental and may be removed without notice.
+ */
+//#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
+
 /**
  * \def MBEDTLS_PSA_CRYPTO_SPM
  *
@@ -1388,7 +1594,7 @@
  * Enable an implementation of SHA-256 that has lower ROM footprint but also
  * lower performance.
  *
- * The default implementation is meant to be a reasonnable compromise between
+ * The default implementation is meant to be a reasonable compromise between
  * performance and size. This version optimizes more aggressively for size at
  * the expense of performance. Eg on Cortex-M4 it reduces the size of
  * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about
@@ -1424,7 +1630,7 @@
  * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
  *
  * Enable sending of alert messages in case of encountered errors as per RFC.
- * If you choose not to send the alert messages, mbed TLS can still communicate
+ * If you choose not to send the alert messages, Mbed TLS can still communicate
  * with other servers, only debugging of failures is harder.
  *
  * The advantage of not sending alert messages, is that no information is given
@@ -1510,6 +1716,8 @@
  * saved after the handshake to allow for more efficient serialization, so if
  * you don't need this feature you'll save RAM by disabling it.
  *
+ * Requires: MBEDTLS_GCM_C or MBEDTLS_CCM_C or MBEDTLS_CHACHAPOLY_C
+ *
  * Comment to disable the context serialization APIs.
  */
 #define MBEDTLS_SSL_CONTEXT_SERIALIZATION
@@ -1553,7 +1761,7 @@
  * Enable support for RFC 7627: Session Hash and Extended Master Secret
  * Extension.
  *
- * This was introduced as "the proper fix" to the Triple Handshake familiy of
+ * This was introduced as "the proper fix" to the Triple Handshake family of
  * attacks, but it is recommended to always use it (even if you disable
  * renegotiation), since it actually fixes a more fundamental issue in the
  * original SSL/TLS design, and has implications beyond Triple Handshake.
@@ -1599,7 +1807,7 @@
  * \note This option has no influence on the protection against the
  *       triple handshake attack. Even if it is disabled, Mbed TLS will
  *       still ensure that certificates do not change during renegotiation,
- *       for exaple by keeping a hash of the peer's certificate.
+ *       for example by keeping a hash of the peer's certificate.
  *
  * Comment this macro to disable storing the peer's certificate
  * after the handshake.
@@ -1804,7 +2012,7 @@
  * unless you know for sure amplification cannot be a problem in the
  * environment in which your server operates.
  *
- * \warning Disabling this can ba a security risk! (see above)
+ * \warning Disabling this can be a security risk! (see above)
  *
  * Requires: MBEDTLS_SSL_PROTO_DTLS
  *
@@ -1815,7 +2023,7 @@
 /**
  * \def MBEDTLS_SSL_DTLS_SRTP
  *
- * Enable support for negotation of DTLS-SRTP (RFC 5764)
+ * Enable support for negotiation of DTLS-SRTP (RFC 5764)
  * through the use_srtp extension.
  *
  * \note This feature provides the minimum functionality required
@@ -1941,10 +2149,30 @@
 /**
  * \def MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
  *
- * Enable modifying the maximum I/O buffer size.
+ * When this option is enabled, the SSL buffer will be resized automatically
+ * based on the negotiated maximum fragment length in each direction.
+ *
+ * Requires: MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
  */
 //#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
 
+/**
+ * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake
+ * signature and ciphersuite selection. Without this build-time option, SHA-1
+ * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes.
+ * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by
+ * default. At the time of writing, there is no practical attack on the use
+ * of SHA-1 in handshake signatures, hence this option is turned on by default
+ * to preserve compatibility with existing peers, but the general
+ * warning applies nonetheless:
+ *
+ * \warning   SHA-1 is considered a weak message digest and its use constitutes
+ *            a security risk. If possible, we recommend avoiding dependencies
+ *            on it, and considering stronger message digests instead.
+ *
+ */
+//#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
+
 /**
  * \def MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
  *
@@ -2034,15 +2262,13 @@
  * will still continue to work as usual, so enabling this option should not
  * break backwards compatibility.
  *
- * \warning The PSA Crypto API is in beta stage. While you're welcome to
- * experiment using it, incompatible API changes are still possible, and some
- * parts may not have reached the same quality as the rest of Mbed TLS yet.
+ * \note See docs/use-psa-crypto.md for a complete description of what this
+ * option currently does, and of parts that are not affected by it so far.
  *
- * \warning This option enables new Mbed TLS APIs that are dependent on the
- * PSA Crypto API, so can't come with the same stability guarantees as the
- * rest of the Mbed TLS APIs. You're welcome to experiment with them, but for
- * now, access to these APIs is opt-in (via enabling the present option), in
- * order to clearly differentiate them from the stable Mbed TLS APIs.
+ * \warning This option enables new Mbed TLS APIs which are currently
+ * considered experimental and may change in incompatible ways at any time.
+ * That is, the APIs enabled by this option are not covered by the usual
+ * promises of API stability.
  *
  * Requires: MBEDTLS_PSA_CRYPTO_C.
  *
@@ -2056,8 +2282,19 @@
  * This setting allows support for cryptographic mechanisms through the PSA
  * API to be configured separately from support through the mbedtls API.
  *
- * Uncomment this to enable use of PSA Crypto configuration settings which
- * can be found in include/psa/crypto_config.h.
+ * When this option is disabled, the PSA API exposes the cryptographic
+ * mechanisms that can be implemented on top of the `mbedtls_xxx` API
+ * configured with `MBEDTLS_XXX` symbols.
+ *
+ * When this option is enabled, the PSA API exposes the cryptographic
+ * mechanisms requested by the `PSA_WANT_XXX` symbols defined in
+ * include/psa/crypto_config.h. The corresponding `MBEDTLS_XXX` settings are
+ * automatically enabled if required (i.e. if no PSA driver provides the
+ * mechanism). You may still freely enable additional `MBEDTLS_XXX` symbols
+ * in config.h.
+ *
+ * If the symbol #MBEDTLS_PSA_CRYPTO_CONFIG_FILE is defined, it specifies
+ * an alternative header to include instead of include/psa/crypto_config.h.
  *
  * If you enable this option and write your own configuration file, you must
  * include mbedtls/config_psa.h in your configuration file. The default
@@ -2183,26 +2420,44 @@
  * Uncomment to enable use of ZLIB
  */
 //#define MBEDTLS_ZLIB_SUPPORT
-/* \} name SECTION: mbed TLS feature support */
+/** \} name SECTION: Mbed TLS feature support */
 
 /**
- * \name SECTION: mbed TLS modules
+ * \name SECTION: Mbed TLS modules
  *
- * This section enables or disables entire modules in mbed TLS
+ * This section enables or disables entire modules in Mbed TLS
  * \{
  */
 
 /**
  * \def MBEDTLS_AESNI_C
  *
- * Enable AES-NI support on x86-64.
+ * Enable AES-NI support on x86-64 or x86-32.
+ *
+ * \note AESNI is only supported with certain compilers and target options:
+ * - Visual Studio 2013: supported.
+ * - GCC, x86-64, target not explicitly supporting AESNI:
+ *   requires MBEDTLS_HAVE_ASM.
+ * - GCC, x86-32, target not explicitly supporting AESNI:
+ *   not supported.
+ * - GCC, x86-64 or x86-32, target supporting AESNI: supported.
+ *   For this assembly-less implementation, you must currently compile
+ *   `library/aesni.c` and `library/aes.c` with machine options to enable
+ *   SSE2 and AESNI instructions: `gcc -msse2 -maes -mpclmul` or
+ *   `clang -maes -mpclmul`.
+ * - Non-x86 targets: this option is silently ignored.
+ * - Other compilers: this option is silently ignored.
+ *
+ * \note
+ * Above, "GCC" includes compatible compilers such as Clang.
+ * The limitations on target support are likely to be relaxed in the future.
  *
  * Module:  library/aesni.c
  * Caller:  library/aes.c
  *
- * Requires: MBEDTLS_HAVE_ASM
+ * Requires: MBEDTLS_HAVE_ASM (on some platforms, see note)
  *
- * This modules adds support for the AES-NI instructions on x86-64
+ * This modules adds support for the AES-NI instructions on x86.
  */
 #define MBEDTLS_AESNI_C
 
@@ -2303,7 +2558,7 @@
  *      MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
  *
  * \warning   ARC4 is considered a weak cipher and its use constitutes a
- *            security risk. If possible, we recommend avoidng dependencies on
+ *            security risk. If possible, we recommend avoiding dependencies on
  *            it, and considering stronger ciphers instead.
  *
  */
@@ -2546,6 +2801,11 @@
  * Enable the CMAC (Cipher-based Message Authentication Code) mode for block
  * ciphers.
  *
+ * \note When #MBEDTLS_CMAC_ALT is active, meaning that the underlying
+ *       implementation of the CMAC algorithm is provided by an alternate
+ *       implementation, that alternate implementation may opt to not support
+ *       AES-192 or 3DES as underlying block ciphers for the CMAC operation.
+ *
  * Module:  library/cmac.c
  *
  * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
@@ -2611,7 +2871,7 @@
  *
  * PEM_PARSE uses DES/3DES for decrypting encrypted keys.
  *
- * \warning   DES is considered a weak cipher and its use constitutes a
+ * \warning   DES/3DES are considered weak ciphers and their use constitutes a
  *            security risk. We recommend considering stronger ciphers instead.
  */
 #define MBEDTLS_DES_C
@@ -2791,7 +3051,7 @@
  *
  * Requires: MBEDTLS_MD_C
  *
- * Uncomment to enable the HMAC_DRBG random number geerator.
+ * Uncomment to enable the HMAC_DRBG random number generator.
  */
 #define MBEDTLS_HMAC_DRBG_C
 
@@ -2886,7 +3146,7 @@
  * Module:  library/memory_buffer_alloc.c
  *
  * Requires: MBEDTLS_PLATFORM_C
- *           MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS)
+ *           MBEDTLS_PLATFORM_MEMORY (to use it within Mbed TLS)
  *
  * Enable this module to enable the buffer memory allocator.
  */
@@ -2903,7 +3163,7 @@
  *
  * \note See also our Knowledge Base article about porting to a new
  * environment:
- * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
+ * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
  *
  * Module:  library/net_sockets.c
  *
@@ -2985,7 +3245,7 @@
 /**
  * \def MBEDTLS_PK_C
  *
- * Enable the generic public (asymetric) key layer.
+ * Enable the generic public (asymmetric) key layer.
  *
  * Module:  library/pk.c
  * Caller:  library/ssl_tls.c
@@ -3001,7 +3261,7 @@
 /**
  * \def MBEDTLS_PK_PARSE_C
  *
- * Enable the generic public (asymetric) key parser.
+ * Enable the generic public (asymmetric) key parser.
  *
  * Module:  library/pkparse.c
  * Caller:  library/x509_crt.c
@@ -3016,7 +3276,7 @@
 /**
  * \def MBEDTLS_PK_WRITE_C
  *
- * Enable the generic public (asymetric) key writer.
+ * Enable the generic public (asymmetric) key writer.
  *
  * Module:  library/pkwrite.c
  * Caller:  library/x509write.c
@@ -3109,13 +3369,11 @@
  *
  * Enable the Platform Security Architecture cryptography API.
  *
- * \warning The PSA Crypto API is still beta status. While you're welcome to
- * experiment using it, incompatible API changes are still possible, and some
- * parts may not have reached the same quality as the rest of Mbed TLS yet.
- *
  * Module:  library/psa_crypto.c
  *
- * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C
+ * Requires: either MBEDTLS_CTR_DRBG_C and MBEDTLS_ENTROPY_C,
+ *           or MBEDTLS_HMAC_DRBG_C and MBEDTLS_ENTROPY_C,
+ *           or MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG.
  *
  */
 #define MBEDTLS_PSA_CRYPTO_C
@@ -3275,7 +3533,8 @@
  * Module:  library/ssl_ticket.c
  * Caller:
  *
- * Requires: MBEDTLS_CIPHER_C
+ * Requires: MBEDTLS_CIPHER_C &&
+ *           ( MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C )
  */
 #define MBEDTLS_SSL_TICKET_C
 
@@ -3327,11 +3586,11 @@
  * \def MBEDTLS_THREADING_C
  *
  * Enable the threading abstraction layer.
- * By default mbed TLS assumes it is used in a non-threaded environment or that
+ * By default Mbed TLS assumes it is used in a non-threaded environment or that
  * contexts are not shared between threads. If you do intend to use contexts
  * between threads, you will need to enable this layer to prevent race
  * conditions. See also our Knowledge Base article about threading:
- * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading
+ * https://mbed-tls.readthedocs.io/en/latest/kb/development/thread-safety-and-multi-threading
  *
  * Module:  library/threading.c
  *
@@ -3341,7 +3600,7 @@
  * You will have to enable either MBEDTLS_THREADING_ALT or
  * MBEDTLS_THREADING_PTHREAD.
  *
- * Enable this layer to allow use of mutexes within mbed TLS
+ * Enable this layer to allow use of mutexes within Mbed TLS
  */
 //#define MBEDTLS_THREADING_C
 
@@ -3357,9 +3616,13 @@
  * your own implementation of the whole module by setting
  * \c MBEDTLS_TIMING_ALT in the current file.
  *
+ * \note The timing module will include time.h on suitable platforms
+ *       regardless of the setting of MBEDTLS_HAVE_TIME, unless
+ *       MBEDTLS_TIMING_ALT is used. See timing.c for more information.
+ *
  * \note See also our Knowledge Base article about porting to a new
  * environment:
- * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
+ * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
  *
  * Module:  library/timing.c
  * Caller:  library/havege.c
@@ -3489,7 +3752,88 @@
  */
 #define MBEDTLS_XTEA_C
 
-/* \} name SECTION: mbed TLS modules */
+/** \} name SECTION: Mbed TLS modules */
+
+/**
+ * \name SECTION: General configuration options
+ *
+ * This section contains Mbed TLS build settings that are not associated
+ * with a particular module.
+ *
+ * \{
+ */
+
+/**
+ * \def MBEDTLS_CONFIG_FILE
+ *
+ * If defined, this is a header which will be included instead of
+ * `"mbedtls/config.h"`.
+ * This header file specifies the compile-time configuration of Mbed TLS.
+ * Unlike other configuration options, this one must be defined on the
+ * compiler command line: a definition in `config.h` would have no effect.
+ *
+ * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
+ * non-standard feature of the C language, so this feature is only available
+ * with compilers that perform macro expansion on an <tt>\#include</tt> line.
+ *
+ * The value of this symbol is typically a path in double quotes, either
+ * absolute or relative to a directory on the include search path.
+ */
+//#define MBEDTLS_CONFIG_FILE "mbedtls/config.h"
+
+/**
+ * \def MBEDTLS_USER_CONFIG_FILE
+ *
+ * If defined, this is a header which will be included after
+ * `"mbedtls/config.h"` or #MBEDTLS_CONFIG_FILE.
+ * This allows you to modify the default configuration, including the ability
+ * to undefine options that are enabled by default.
+ *
+ * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
+ * non-standard feature of the C language, so this feature is only available
+ * with compilers that perform macro expansion on an <tt>\#include</tt> line.
+ *
+ * The value of this symbol is typically a path in double quotes, either
+ * absolute or relative to a directory on the include search path.
+ */
+//#define MBEDTLS_USER_CONFIG_FILE "/dev/null"
+
+/**
+ * \def MBEDTLS_PSA_CRYPTO_CONFIG_FILE
+ *
+ * If defined, this is a header which will be included instead of
+ * `"psa/crypto_config.h"`.
+ * This header file specifies which cryptographic mechanisms are available
+ * through the PSA API when #MBEDTLS_PSA_CRYPTO_CONFIG is enabled, and
+ * is not used when #MBEDTLS_PSA_CRYPTO_CONFIG is disabled.
+ *
+ * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
+ * non-standard feature of the C language, so this feature is only available
+ * with compilers that perform macro expansion on an <tt>\#include</tt> line.
+ *
+ * The value of this symbol is typically a path in double quotes, either
+ * absolute or relative to a directory on the include search path.
+ */
+//#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h"
+
+/**
+ * \def MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
+ *
+ * If defined, this is a header which will be included after
+ * `"psa/crypto_config.h"` or #MBEDTLS_PSA_CRYPTO_CONFIG_FILE.
+ * This allows you to modify the default configuration, including the ability
+ * to undefine options that are enabled by default.
+ *
+ * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
+ * non-standard feature of the C language, so this feature is only available
+ * with compilers that perform macro expansion on an <tt>\#include</tt> line.
+ *
+ * The value of this symbol is typically a path in double quotes, either
+ * absolute or relative to a directory on the include search path.
+ */
+//#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"
+
+/** \} name SECTION: General configuration options */
 
 /**
  * \name SECTION: Module configuration options
@@ -3500,14 +3844,18 @@
  *
  * Our advice is to enable options and change their values here
  * only if you have a good reason and know the consequences.
- *
- * Please check the respective header file for documentation on these
- * parameters (to prevent duplicate documentation).
  * \{
  */
+/* The Doxygen documentation here is used when a user comments out a
+ * setting and runs doxygen themselves. On the other hand, when we typeset
+ * the full documentation including disabled settings, the documentation
+ * in specific modules' header files is used if present. When editing this
+ * file, make sure that each option is documented in exactly one place,
+ * plus optionally a same-line Doxygen comment here if there is a Doxygen
+ * comment in the specific module. */
 
 /* MPI / BIGNUM options */
-//#define MBEDTLS_MPI_WINDOW_SIZE            6 /**< Maximum window size used. */
+//#define MBEDTLS_MPI_WINDOW_SIZE            2 /**< Maximum window size used. */
 //#define MBEDTLS_MPI_MAX_SIZE            1024 /**< Maximum number of bytes for usable MPIs. */
 
 /* CTR_DRBG options */
@@ -3524,8 +3872,8 @@
 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT      384 /**< Maximum size of (re)seed buffer */
 
 /* ECP options */
-//#define MBEDTLS_ECP_MAX_BITS             521 /**< Maximum bit size of groups */
-//#define MBEDTLS_ECP_WINDOW_SIZE            6 /**< Maximum window size used */
+//#define MBEDTLS_ECP_MAX_BITS             521 /**< Maximum bit size of groups. Normally determined automatically from the configured curves. */
+//#define MBEDTLS_ECP_WINDOW_SIZE            4 /**< Maximum window size used */
 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM      1 /**< Enable fixed-point speed-up */
 
 /* Entropy options */
@@ -3538,8 +3886,29 @@
 
 /* Platform options */
 //#define MBEDTLS_PLATFORM_STD_MEM_HDR   <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
-//#define MBEDTLS_PLATFORM_STD_CALLOC        calloc /**< Default allocator to use, can be undefined */
-//#define MBEDTLS_PLATFORM_STD_FREE            free /**< Default free to use, can be undefined */
+
+/** \def MBEDTLS_PLATFORM_STD_CALLOC
+ *
+ * Default allocator to use, can be undefined.
+ * It must initialize the allocated buffer memory to zeroes.
+ * The size of the buffer is the product of the two parameters.
+ * The calloc function returns either a null pointer or a pointer to the allocated space.
+ * If the product is 0, the function may either return NULL or a valid pointer to an array of size 0 which is a valid input to the deallocation function.
+ * An uninitialized #MBEDTLS_PLATFORM_STD_CALLOC always fails, returning a null pointer.
+ * See the description of #MBEDTLS_PLATFORM_MEMORY for more details.
+ * The corresponding deallocation function is #MBEDTLS_PLATFORM_STD_FREE.
+ */
+//#define MBEDTLS_PLATFORM_STD_CALLOC        calloc
+
+/** \def MBEDTLS_PLATFORM_STD_FREE
+ *
+ * Default free to use, can be undefined.
+ * NULL is a valid parameter, and the function must do nothing.
+ * A non-null parameter will always be a pointer previously returned by #MBEDTLS_PLATFORM_STD_CALLOC and not yet freed.
+ * An uninitialized #MBEDTLS_PLATFORM_STD_FREE does not do anything.
+ * See the description of #MBEDTLS_PLATFORM_MEMORY for more details (same principles as for MBEDTLS_PLATFORM_STD_CALLOC apply).
+ */
+//#define MBEDTLS_PLATFORM_STD_FREE            free
 //#define MBEDTLS_PLATFORM_STD_EXIT            exit /**< Default exit to use, can be undefined */
 //#define MBEDTLS_PLATFORM_STD_TIME            time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
 //#define MBEDTLS_PLATFORM_STD_FPRINTF      fprintf /**< Default fprintf to use, can be undefined */
@@ -3552,10 +3921,10 @@
 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE  mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE  "seedfile" /**< Seed file to read/write with default implementation */
 
-/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
+/* To use the following function macros, MBEDTLS_PLATFORM_C must be enabled. */
 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
-//#define MBEDTLS_PLATFORM_CALLOC_MACRO        calloc /**< Default allocator macro to use, can be undefined */
-//#define MBEDTLS_PLATFORM_FREE_MACRO            free /**< Default free macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_CALLOC_MACRO        calloc /**< Default allocator macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_CALLOC for requirements. */
+//#define MBEDTLS_PLATFORM_FREE_MACRO            free /**< Default free macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_FREE for requirements. */
 //#define MBEDTLS_PLATFORM_EXIT_MACRO            exit /**< Default exit macro to use, can be undefined */
 //#define MBEDTLS_PLATFORM_TIME_MACRO            time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO       time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
@@ -3603,6 +3972,53 @@
  */
 //#define MBEDTLS_PARAM_FAILED( cond )               assert( cond )
 
+/** \def MBEDTLS_CHECK_RETURN
+ *
+ * This macro is used at the beginning of the declaration of a function
+ * to indicate that its return value should be checked. It should
+ * instruct the compiler to emit a warning or an error if the function
+ * is called without checking its return value.
+ *
+ * There is a default implementation for popular compilers in platform_util.h.
+ * You can override the default implementation by defining your own here.
+ *
+ * If the implementation here is empty, this will effectively disable the
+ * checking of functions' return values.
+ */
+//#define MBEDTLS_CHECK_RETURN __attribute__((__warn_unused_result__))
+
+/** \def MBEDTLS_IGNORE_RETURN
+ *
+ * This macro requires one argument, which should be a C function call.
+ * If that function call would cause a #MBEDTLS_CHECK_RETURN warning, this
+ * warning is suppressed.
+ */
+//#define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result))
+
+/* PSA options */
+/**
+ * Use HMAC_DRBG with the specified hash algorithm for HMAC_DRBG for the
+ * PSA crypto subsystem.
+ *
+ * If this option is unset:
+ * - If CTR_DRBG is available, the PSA subsystem uses it rather than HMAC_DRBG.
+ * - Otherwise, the PSA subsystem uses HMAC_DRBG with either
+ *   #MBEDTLS_MD_SHA512 or #MBEDTLS_MD_SHA256 based on availability and
+ *   on unspecified heuristics.
+ */
+//#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
+
+/** \def MBEDTLS_PSA_KEY_SLOT_COUNT
+ * Restrict the PSA library to supporting a maximum amount of simultaneously
+ * loaded keys. A loaded key is a key stored by the PSA Crypto core as a
+ * volatile key, or a persistent key which is loaded temporarily by the
+ * library as part of a crypto operation in flight.
+ *
+ * If this option is unset, the library will fall back to a default value of
+ * 32 keys.
+ */
+//#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
+
 /* SSL Cache options */
 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT       86400 /**< 1 day  */
 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES      50 /**< Maximum entries in cache */
@@ -3736,7 +4152,7 @@
  * Maximum number of heap-allocated bytes for the purpose of
  * DTLS handshake message reassembly and future message buffering.
  *
- * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN
+ * This should be at least 9/8 * MBEDTLS_SSL_IN_CONTENT_LEN
  * to account for a reassembled handshake message of maximum size,
  * together with its reassembly bitmap.
  *
@@ -3752,6 +4168,17 @@
 //#define MBEDTLS_PSK_MAX_LEN               32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
 //#define MBEDTLS_SSL_COOKIE_TIMEOUT        60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
 
+/** \def MBEDTLS_TLS_EXT_CID
+ *
+ * At the time of writing, the CID extension has not been assigned its
+ * final value. Set this configuration option to make Mbed TLS use a
+ * different value.
+ *
+ * A future minor revision of Mbed TLS may change the default value of
+ * this option to match evolving standards and usage.
+ */
+//#define MBEDTLS_TLS_EXT_CID                        254
+
 /**
  * Complete list of ciphersuites to use, in order of preference.
  *
@@ -3770,86 +4197,7 @@
 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA   8   /**< Maximum number of intermediate CAs in a verification chain. */
 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN     512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
 
-/**
- * Allow SHA-1 in the default TLS configuration for certificate signing.
- * Without this build-time option, SHA-1 support must be activated explicitly
- * through mbedtls_ssl_conf_cert_profile. Turning on this option is not
- * recommended because of it is possible to generate SHA-1 collisions, however
- * this may be safe for legacy infrastructure where additional controls apply.
- *
- * \warning   SHA-1 is considered a weak message digest and its use constitutes
- *            a security risk. If possible, we recommend avoiding dependencies
- *            on it, and considering stronger message digests instead.
- *
- */
-//#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
-
-/**
- * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake
- * signature and ciphersuite selection. Without this build-time option, SHA-1
- * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes.
- * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by
- * default. At the time of writing, there is no practical attack on the use
- * of SHA-1 in handshake signatures, hence this option is turned on by default
- * to preserve compatibility with existing peers, but the general
- * warning applies nonetheless:
- *
- * \warning   SHA-1 is considered a weak message digest and its use constitutes
- *            a security risk. If possible, we recommend avoiding dependencies
- *            on it, and considering stronger message digests instead.
- *
- */
-#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
-
-/**
- * Uncomment the macro to let mbed TLS use your alternate implementation of
- * mbedtls_platform_zeroize(). This replaces the default implementation in
- * platform_util.c.
- *
- * mbedtls_platform_zeroize() is a widely used function across the library to
- * zero a block of memory. The implementation is expected to be secure in the
- * sense that it has been written to prevent the compiler from removing calls
- * to mbedtls_platform_zeroize() as part of redundant code elimination
- * optimizations. However, it is difficult to guarantee that calls to
- * mbedtls_platform_zeroize() will not be optimized by the compiler as older
- * versions of the C language standards do not provide a secure implementation
- * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to
- * configure their own implementation of mbedtls_platform_zeroize(), for
- * example by using directives specific to their compiler, features from newer
- * C standards (e.g using memset_s() in C11) or calling a secure memset() from
- * their system (e.g explicit_bzero() in BSD).
- */
-//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
-
-/**
- * Uncomment the macro to let Mbed TLS use your alternate implementation of
- * mbedtls_platform_gmtime_r(). This replaces the default implementation in
- * platform_util.c.
- *
- * gmtime() is not a thread-safe function as defined in the C standard. The
- * library will try to use safer implementations of this function, such as
- * gmtime_r() when available. However, if Mbed TLS cannot identify the target
- * system, the implementation of mbedtls_platform_gmtime_r() will default to
- * using the standard gmtime(). In this case, calls from the library to
- * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex
- * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the
- * library are also guarded with this mutex to avoid race conditions. However,
- * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will
- * unconditionally use the implementation for mbedtls_platform_gmtime_r()
- * supplied at compile time.
- */
-//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
-
-/**
- * Enable the verified implementations of ECDH primitives from Project Everest
- * (currently only Curve25519). This feature changes the layout of ECDH
- * contexts and therefore is a compatibility break for applications that access
- * fields of a mbedtls_ecdh_context structure directly. See also
- * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h.
- */
-//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
-
-/* \} name SECTION: Customisation configuration options */
+/** \} name SECTION: Module configuration options */
 
 /* Target and application specific configurations
  *
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/config_psa.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/config_psa.h
new file mode 100644
index 0000000..205d303
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/config_psa.h
@@ -0,0 +1,825 @@
+/**
+ * \file mbedtls/config_psa.h
+ * \brief PSA crypto configuration options (set of defines)
+ *
+ *  This set of compile-time options takes settings defined in
+ *  include/mbedtls/config.h and include/psa/crypto_config.h and uses
+ *  those definitions to define symbols used in the library code.
+ *
+ *  Users and integrators should not edit this file, please edit
+ *  include/mbedtls/config.h for MBEDTLS_XXX settings or
+ *  include/psa/crypto_config.h for PSA_WANT_XXX settings.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MBEDTLS_CONFIG_PSA_H
+#define MBEDTLS_CONFIG_PSA_H
+
+#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
+#if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE)
+#include MBEDTLS_PSA_CRYPTO_CONFIG_FILE
+#else
+#include "psa/crypto_config.h"
+#endif
+#endif /* defined(MBEDTLS_PSA_CRYPTO_CONFIG) */
+
+#if defined(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE)
+#include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+
+/****************************************************************/
+/* De facto synonyms */
+/****************************************************************/
+
+#if defined(PSA_WANT_ALG_ECDSA_ANY) && !defined(PSA_WANT_ALG_ECDSA)
+#define PSA_WANT_ALG_ECDSA PSA_WANT_ALG_ECDSA_ANY
+#elif !defined(PSA_WANT_ALG_ECDSA_ANY) && defined(PSA_WANT_ALG_ECDSA)
+#define PSA_WANT_ALG_ECDSA_ANY PSA_WANT_ALG_ECDSA
+#endif
+
+#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
+#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW
+#elif !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
+#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW PSA_WANT_ALG_RSA_PKCS1V15_SIGN
+#endif
+
+#if defined(PSA_WANT_ALG_RSA_PSS_ANY_SALT) && !defined(PSA_WANT_ALG_RSA_PSS)
+#define PSA_WANT_ALG_RSA_PSS PSA_WANT_ALG_RSA_PSS_ANY_SALT
+#elif !defined(PSA_WANT_ALG_RSA_PSS_ANY_SALT) && defined(PSA_WANT_ALG_RSA_PSS)
+#define PSA_WANT_ALG_RSA_PSS_ANY_SALT PSA_WANT_ALG_RSA_PSS
+#endif
+
+
+
+/****************************************************************/
+/* Require built-in implementations based on PSA requirements */
+/****************************************************************/
+
+#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
+
+#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
+#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
+#define MBEDTLS_ECDSA_DETERMINISTIC
+#define MBEDTLS_ECDSA_C
+#define MBEDTLS_HMAC_DRBG_C
+#define MBEDTLS_MD_C
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA */
+#endif /* PSA_WANT_ALG_DETERMINISTIC_ECDSA */
+
+#if defined(PSA_WANT_ALG_ECDH)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH)
+#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
+#define MBEDTLS_ECDH_C
+#define MBEDTLS_ECP_C
+#define MBEDTLS_BIGNUM_C
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDH */
+#endif /* PSA_WANT_ALG_ECDH */
+
+#if defined(PSA_WANT_ALG_ECDSA)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)
+#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
+#define MBEDTLS_ECDSA_C
+#define MBEDTLS_ECP_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDSA */
+#endif /* PSA_WANT_ALG_ECDSA */
+
+#if defined(PSA_WANT_ALG_HKDF)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF)
+/*
+ * The PSA implementation has its own implementation of HKDF, separate from
+ * hkdf.c. No need to enable MBEDTLS_HKDF_C here.
+ */
+#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
+#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */
+#endif /* PSA_WANT_ALG_HKDF */
+
+#if defined(PSA_WANT_ALG_HMAC)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
+#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
+#endif /* PSA_WANT_ALG_HMAC */
+
+#if defined(PSA_WANT_ALG_MD2) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD2)
+#define MBEDTLS_PSA_BUILTIN_ALG_MD2 1
+#define MBEDTLS_MD2_C
+#endif
+
+#if defined(PSA_WANT_ALG_MD4) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD4)
+#define MBEDTLS_PSA_BUILTIN_ALG_MD4 1
+#define MBEDTLS_MD4_C
+#endif
+
+#if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
+#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
+#define MBEDTLS_MD5_C
+#endif
+
+#if defined(PSA_WANT_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
+#define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
+#define MBEDTLS_RIPEMD160_C
+#endif
+
+#if defined(PSA_WANT_ALG_RSA_OAEP)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP)
+#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
+#define MBEDTLS_RSA_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_OID_C
+#define MBEDTLS_PKCS1_V21
+#define MBEDTLS_MD_C
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */
+#endif /* PSA_WANT_ALG_RSA_OAEP */
+
+#if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT)
+#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
+#define MBEDTLS_RSA_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_OID_C
+#define MBEDTLS_PKCS1_V15
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT */
+#endif /* PSA_WANT_ALG_RSA_PKCS1V15_CRYPT */
+
+#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN)
+#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
+#define MBEDTLS_RSA_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_OID_C
+#define MBEDTLS_PKCS1_V15
+#define MBEDTLS_MD_C
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN */
+#endif /* PSA_WANT_ALG_RSA_PKCS1V15_SIGN */
+
+#if defined(PSA_WANT_ALG_RSA_PSS)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
+#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
+#define MBEDTLS_RSA_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_OID_C
+#define MBEDTLS_PKCS1_V21
+#define MBEDTLS_MD_C
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */
+#endif /* PSA_WANT_ALG_RSA_PSS */
+
+#if defined(PSA_WANT_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
+#define MBEDTLS_SHA1_C
+#endif
+
+#if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
+#define MBEDTLS_SHA256_C
+#endif
+
+#if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
+#define MBEDTLS_SHA256_C
+#endif
+
+#if defined(PSA_WANT_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
+#define MBEDTLS_SHA512_C
+#endif
+
+#if defined(PSA_WANT_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
+#define MBEDTLS_SHA512_C
+#endif
+
+#if defined(PSA_WANT_ALG_TLS12_PRF)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF)
+#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF */
+#endif /* PSA_WANT_ALG_TLS12_PRF */
+
+#if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS)
+#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS */
+#endif /* PSA_WANT_ALG_TLS12_PSK_TO_MS */
+
+#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR)
+#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR)
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1
+#define MBEDTLS_ECP_C
+#define MBEDTLS_BIGNUM_C
+#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR */
+#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR */
+
+#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
+#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
+#define MBEDTLS_ECP_C
+#define MBEDTLS_BIGNUM_C
+#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY */
+#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
+
+#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR)
+#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR)
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1
+#define MBEDTLS_RSA_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_OID_C
+#define MBEDTLS_GENPRIME
+#define MBEDTLS_PK_PARSE_C
+#define MBEDTLS_PK_WRITE_C
+#define MBEDTLS_PK_C
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR */
+#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */
+
+#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)
+#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
+#define MBEDTLS_RSA_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_OID_C
+#define MBEDTLS_PK_PARSE_C
+#define MBEDTLS_PK_WRITE_C
+#define MBEDTLS_PK_C
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */
+#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */
+
+/* If any of the block modes are requested that don't have an
+ * associated HW assist, define PSA_HAVE_SOFT_BLOCK_MODE for checking
+ * in the block cipher key types. */
+#if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \
+    (defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \
+    (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \
+    defined(PSA_WANT_ALG_ECB_NO_PADDING) || \
+    (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
+    !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \
+    (defined(PSA_WANT_ALG_CBC_PKCS7) && \
+    !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \
+    (defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC))
+#define PSA_HAVE_SOFT_BLOCK_MODE 1
+#endif
+
+#if (defined(PSA_WANT_ALG_GCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_GCM)) || \
+    (defined(PSA_WANT_ALG_CCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_CCM))
+#define PSA_HAVE_SOFT_BLOCK_AEAD 1
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_AES)
+#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
+#define PSA_HAVE_SOFT_KEY_TYPE_AES 1
+#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */
+#if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
+    defined(PSA_HAVE_SOFT_BLOCK_MODE) || \
+    defined(PSA_HAVE_SOFT_BLOCK_AEAD)
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
+#define MBEDTLS_AES_C
+#endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */
+#endif /* PSA_WANT_KEY_TYPE_AES */
+
+#if defined(PSA_WANT_KEY_TYPE_ARC4)
+#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4)
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARC4 1
+#define MBEDTLS_ARC4_C
+#endif /*!MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4 */
+#endif /* PSA_WANT_KEY_TYPE_ARC4 */
+
+#if defined(PSA_WANT_KEY_TYPE_ARIA)
+#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA)
+#define PSA_HAVE_SOFT_KEY_TYPE_ARIA 1
+#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA */
+#if defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
+    defined(PSA_HAVE_SOFT_BLOCK_MODE) || \
+    defined(PSA_HAVE_SOFT_BLOCK_AEAD)
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1
+#define MBEDTLS_ARIA_C
+#endif /* PSA_HAVE_SOFT_KEY_TYPE_ARIA || PSA_HAVE_SOFT_BLOCK_MODE */
+#endif /* PSA_WANT_KEY_TYPE_ARIA */
+
+#if defined(PSA_WANT_KEY_TYPE_CAMELLIA)
+#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA)
+#define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1
+#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA */
+#if defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) || \
+    defined(PSA_HAVE_SOFT_BLOCK_MODE) || \
+    defined(PSA_HAVE_SOFT_BLOCK_AEAD)
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
+#define MBEDTLS_CAMELLIA_C
+#endif /* PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA || PSA_HAVE_SOFT_BLOCK_MODE */
+#endif /* PSA_WANT_KEY_TYPE_CAMELLIA */
+
+#if defined(PSA_WANT_KEY_TYPE_DES)
+#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES)
+#define PSA_HAVE_SOFT_KEY_TYPE_DES 1
+#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DES */
+#if defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \
+    defined(PSA_HAVE_SOFT_BLOCK_MODE)
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1
+#define MBEDTLS_DES_C
+#endif /*PSA_HAVE_SOFT_KEY_TYPE_DES || PSA_HAVE_SOFT_BLOCK_MODE */
+#endif /* PSA_WANT_KEY_TYPE_DES */
+
+#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
+#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20)
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1
+#define MBEDTLS_CHACHA20_C
+#endif /*!MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 */
+#endif /* PSA_WANT_KEY_TYPE_CHACHA20 */
+
+/* If any of the software block ciphers are selected, define
+ * PSA_HAVE_SOFT_BLOCK_CIPHER, which can be used in any of these
+ * situations. */
+#if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
+    defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
+    defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \
+    defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
+#define PSA_HAVE_SOFT_BLOCK_CIPHER 1
+#endif
+
+#if defined(PSA_WANT_ALG_STREAM_CIPHER)
+#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
+#endif /* PSA_WANT_ALG_STREAM_CIPHER */
+
+#if defined(PSA_WANT_ALG_CBC_MAC)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC)
+#error "CBC-MAC is not yet supported via the PSA API in Mbed TLS."
+#define MBEDTLS_PSA_BUILTIN_ALG_CBC_MAC 1
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_CBC_MAC */
+#endif /* PSA_WANT_ALG_CBC_MAC */
+
+#if defined(PSA_WANT_ALG_CMAC)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) || \
+    defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
+#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
+#define MBEDTLS_CMAC_C
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */
+#endif /* PSA_WANT_ALG_CMAC */
+
+#if defined(PSA_WANT_ALG_CTR)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_CTR) || \
+    defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
+#define MBEDTLS_PSA_BUILTIN_ALG_CTR 1
+#define MBEDTLS_CIPHER_MODE_CTR
+#endif
+#endif /* PSA_WANT_ALG_CTR */
+
+#if defined(PSA_WANT_ALG_CFB)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_CFB) || \
+    defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
+#define MBEDTLS_PSA_BUILTIN_ALG_CFB 1
+#define MBEDTLS_CIPHER_MODE_CFB
+#endif
+#endif /* PSA_WANT_ALG_CFB */
+
+#if defined(PSA_WANT_ALG_OFB)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_OFB) || \
+    defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
+#define MBEDTLS_PSA_BUILTIN_ALG_OFB 1
+#define MBEDTLS_CIPHER_MODE_OFB
+#endif
+#endif /* PSA_WANT_ALG_OFB */
+
+#if defined(PSA_WANT_ALG_ECB_NO_PADDING) &&     \
+    !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING)
+#define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1
+#endif
+
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) || \
+    defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
+#define MBEDTLS_CIPHER_MODE_CBC
+#define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1
+#endif
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
+
+#if defined(PSA_WANT_ALG_CBC_PKCS7)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) || \
+    defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
+#define MBEDTLS_CIPHER_MODE_CBC
+#define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1
+#define MBEDTLS_CIPHER_PADDING_PKCS7
+#endif
+#endif /* PSA_WANT_ALG_CBC_PKCS7 */
+
+#if defined(PSA_WANT_ALG_CCM)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM) || \
+    defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
+    defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
+    defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
+#define MBEDTLS_PSA_BUILTIN_ALG_CCM 1
+#define MBEDTLS_CCM_C
+#endif
+#endif /* PSA_WANT_ALG_CCM */
+
+#if defined(PSA_WANT_ALG_GCM)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_GCM) || \
+    defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
+    defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
+    defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
+#define MBEDTLS_PSA_BUILTIN_ALG_GCM 1
+#define MBEDTLS_GCM_C
+#endif
+#endif /* PSA_WANT_ALG_GCM */
+
+#if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305)
+#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
+#define MBEDTLS_CHACHAPOLY_C
+#define MBEDTLS_CHACHA20_C
+#define MBEDTLS_POLY1305_C
+#define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1
+#endif /* PSA_WANT_KEY_TYPE_CHACHA20 */
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */
+#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */
+
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256)
+#define MBEDTLS_ECP_DP_BP256R1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 */
+#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_256 */
+
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384)
+#define MBEDTLS_ECP_DP_BP384R1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 */
+#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_384 */
+
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512)
+#define MBEDTLS_ECP_DP_BP512R1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 */
+#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_512 */
+
+#if defined(PSA_WANT_ECC_MONTGOMERY_255)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255)
+#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255 */
+#endif /* PSA_WANT_ECC_MONTGOMERY_255 */
+
+#if defined(PSA_WANT_ECC_MONTGOMERY_448)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448)
+/*
+ * Curve448 is not yet supported via the PSA API in Mbed TLS
+ * (https://github.com/Mbed-TLS/mbedtls/issues/4249).
+ */
+#error "Curve448 is not yet supported via the PSA API in Mbed TLS."
+#define MBEDTLS_ECP_DP_CURVE448_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448 */
+#endif /* PSA_WANT_ECC_MONTGOMERY_448 */
+
+#if defined(PSA_WANT_ECC_SECP_R1_192)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192)
+#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192 */
+#endif /* PSA_WANT_ECC_SECP_R1_192 */
+
+#if defined(PSA_WANT_ECC_SECP_R1_224)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224)
+#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224 */
+#endif /* PSA_WANT_ECC_SECP_R1_224 */
+
+#if defined(PSA_WANT_ECC_SECP_R1_256)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256)
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 */
+#endif /* PSA_WANT_ECC_SECP_R1_256 */
+
+#if defined(PSA_WANT_ECC_SECP_R1_384)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384)
+#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 */
+#endif /* PSA_WANT_ECC_SECP_R1_384 */
+
+#if defined(PSA_WANT_ECC_SECP_R1_521)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521)
+#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 */
+#endif /* PSA_WANT_ECC_SECP_R1_521 */
+
+#if defined(PSA_WANT_ECC_SECP_K1_192)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192)
+#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192 */
+#endif /* PSA_WANT_ECC_SECP_K1_192 */
+
+#if defined(PSA_WANT_ECC_SECP_K1_224)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224)
+/*
+ * SECP224K1 is buggy via the PSA API in Mbed TLS
+ * (https://github.com/Mbed-TLS/mbedtls/issues/3541).
+ */
+#error "SECP224K1 is buggy via the PSA API in Mbed TLS."
+#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224 */
+#endif /* PSA_WANT_ECC_SECP_K1_224 */
+
+#if defined(PSA_WANT_ECC_SECP_K1_256)
+#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256)
+#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1
+#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256 */
+#endif /* PSA_WANT_ECC_SECP_K1_256 */
+
+
+
+/****************************************************************/
+/* Infer PSA requirements from Mbed TLS capabilities */
+/****************************************************************/
+
+#else /* MBEDTLS_PSA_CRYPTO_CONFIG */
+
+/*
+ * Ensure PSA_WANT_* defines are setup properly if MBEDTLS_PSA_CRYPTO_CONFIG
+ * is not defined
+ */
+
+#if defined(MBEDTLS_CCM_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_CCM 1
+#define PSA_WANT_ALG_CCM 1
+#endif /* MBEDTLS_CCM_C */
+
+#if defined(MBEDTLS_CMAC_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
+#define PSA_WANT_ALG_CMAC 1
+#endif /* MBEDTLS_CMAC_C */
+
+#if defined(MBEDTLS_ECDH_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
+#define PSA_WANT_ALG_ECDH 1
+#endif /* MBEDTLS_ECDH_C */
+
+#if defined(MBEDTLS_ECDSA_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
+#define PSA_WANT_ALG_ECDSA 1
+#define PSA_WANT_ALG_ECDSA_ANY 1
+
+// Only add in DETERMINISTIC support if ECDSA is also enabled
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
+#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
+#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
+
+#endif /* MBEDTLS_ECDSA_C */
+
+#if defined(MBEDTLS_ECP_C)
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1
+#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
+#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_GCM_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_GCM 1
+#define PSA_WANT_ALG_GCM 1
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_HKDF_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
+#define PSA_WANT_ALG_HMAC 1
+#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
+#define PSA_WANT_ALG_HKDF 1
+#endif /* MBEDTLS_HKDF_C */
+
+#if defined(MBEDTLS_MD_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
+#define PSA_WANT_ALG_HMAC 1
+#define PSA_WANT_KEY_TYPE_HMAC 1
+#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
+#define PSA_WANT_ALG_TLS12_PRF 1
+#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
+#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
+#endif /* MBEDTLS_MD_C */
+
+#if defined(MBEDTLS_MD2_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_MD2 1
+#define PSA_WANT_ALG_MD2 1
+#endif
+
+#if defined(MBEDTLS_MD4_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_MD4 1
+#define PSA_WANT_ALG_MD4 1
+#endif
+
+#if defined(MBEDTLS_MD5_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
+#define PSA_WANT_ALG_MD5 1
+#endif
+
+#if defined(MBEDTLS_RIPEMD160_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
+#define PSA_WANT_ALG_RIPEMD160 1
+#endif
+
+#if defined(MBEDTLS_RSA_C)
+#if defined(MBEDTLS_PKCS1_V15)
+#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
+#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
+#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
+#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
+#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW 1
+#endif /* MBEDTLS_PKCS1_V15 */
+#if defined(MBEDTLS_PKCS1_V21)
+#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
+#define PSA_WANT_ALG_RSA_OAEP 1
+#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
+#define PSA_WANT_ALG_RSA_PSS 1
+#endif /* MBEDTLS_PKCS1_V21 */
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1
+#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
+#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_SHA1_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
+#define PSA_WANT_ALG_SHA_1 1
+#endif
+
+#if defined(MBEDTLS_SHA256_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
+#define PSA_WANT_ALG_SHA_224 1
+#define PSA_WANT_ALG_SHA_256 1
+#endif
+
+#if defined(MBEDTLS_SHA512_C)
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
+#define PSA_WANT_ALG_SHA_384 1
+#endif
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
+#define PSA_WANT_ALG_SHA_512 1
+#endif
+
+#if defined(MBEDTLS_AES_C)
+#define PSA_WANT_KEY_TYPE_AES 1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
+#endif
+
+#if defined(MBEDTLS_ARC4_C)
+#define PSA_WANT_KEY_TYPE_ARC4 1
+#define PSA_WANT_ALG_STREAM_CIPHER 1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARC4 1
+#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
+#endif
+
+#if defined(MBEDTLS_ARIA_C)
+#define PSA_WANT_KEY_TYPE_ARIA 1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1
+#endif
+
+#if defined(MBEDTLS_CAMELLIA_C)
+#define PSA_WANT_KEY_TYPE_CAMELLIA 1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
+#endif
+
+#if defined(MBEDTLS_DES_C)
+#define PSA_WANT_KEY_TYPE_DES 1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1
+#endif
+
+#if defined(MBEDTLS_CHACHA20_C)
+#define PSA_WANT_KEY_TYPE_CHACHA20 1
+#define PSA_WANT_ALG_STREAM_CIPHER 1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1
+#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
+#if defined(MBEDTLS_CHACHAPOLY_C)
+#define PSA_WANT_ALG_CHACHA20_POLY1305 1
+#define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1
+#endif
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1
+#define PSA_WANT_ALG_CBC_NO_PADDING 1
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+#define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1
+#define PSA_WANT_ALG_CBC_PKCS7 1
+#endif
+#endif
+
+#if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) || \
+    defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1
+#define PSA_WANT_ALG_ECB_NO_PADDING 1
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+#define MBEDTLS_PSA_BUILTIN_ALG_CFB 1
+#define PSA_WANT_ALG_CFB 1
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+#define MBEDTLS_PSA_BUILTIN_ALG_CTR 1
+#define PSA_WANT_ALG_CTR 1
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+#define MBEDTLS_PSA_BUILTIN_ALG_OFB 1
+#define PSA_WANT_ALG_OFB 1
+#endif
+
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1
+#define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1
+#endif
+
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1
+#define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1
+#endif
+
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1
+#define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1
+#endif
+
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1
+#define PSA_WANT_ECC_MONTGOMERY_255 1
+#endif
+
+/* Curve448 is not yet supported via the PSA API (https://github.com/Mbed-TLS/mbedtls/issues/4249) */
+#if 0 && defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1
+#define PSA_WANT_ECC_MONTGOMERY_448 1
+#endif
+
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1
+#define PSA_WANT_ECC_SECP_R1_192 1
+#endif
+
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1
+#define PSA_WANT_ECC_SECP_R1_224 1
+#endif
+
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1
+#define PSA_WANT_ECC_SECP_R1_256 1
+#endif
+
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1
+#define PSA_WANT_ECC_SECP_R1_384 1
+#endif
+
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1
+#define PSA_WANT_ECC_SECP_R1_521 1
+#endif
+
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1
+#define PSA_WANT_ECC_SECP_K1_192 1
+#endif
+
+/* SECP224K1 is buggy via the PSA API (https://github.com/Mbed-TLS/mbedtls/issues/3541) */
+#if 0 && defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1
+#define PSA_WANT_ECC_SECP_K1_224 1
+#endif
+
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1
+#define PSA_WANT_ECC_SECP_K1_256 1
+#endif
+
+#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */
+
+/* These features are always enabled. */
+#define PSA_WANT_KEY_TYPE_DERIVE 1
+#define PSA_WANT_KEY_TYPE_RAW_DATA 1
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_CONFIG_PSA_H */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/constant_time.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/constant_time.h
new file mode 100644
index 0000000..7226ae1
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/constant_time.h
@@ -0,0 +1,33 @@
+/**
+ *  Constant-time functions
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MBEDTLS_CONSTANT_TIME_H
+#define MBEDTLS_CONSTANT_TIME_H
+
+#include <stddef.h>
+
+
+/** Constant-time buffer comparison without branches.
+ *
+ * This is equivalent to the standard memcmp function, but is likely to be
+ * compiled to code using bitwise operation rather than a branch.
+ *
+ * This function can be used to write constant-time code by replacing branches
+ * with bit operations using masks.
+ *
+ * \param a     Pointer to the first buffer.
+ * \param b     Pointer to the second buffer.
+ * \param n     The number of bytes to compare in the buffer.
+ *
+ * \return      Zero if the content of the two buffer is the same,
+ *              otherwise non-zero.
+ */
+int mbedtls_ct_memcmp(const void *a,
+                      const void *b,
+                      size_t n);
+
+#endif /* MBEDTLS_CONSTANT_TIME_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/ctr_drbg.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/ctr_drbg.h
similarity index 81%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/ctr_drbg.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/ctr_drbg.h
index 7f1d232..eb72f9e 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/ctr_drbg.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/ctr_drbg.h
@@ -23,19 +23,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #ifndef MBEDTLS_CTR_DRBG_H
@@ -53,10 +41,14 @@
 #include "mbedtls/threading.h"
 #endif
 
-#define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED        -0x0034  /**< The entropy source failed. */
-#define MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG              -0x0036  /**< The requested random buffer length is too big. */
-#define MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG                -0x0038  /**< The input (entropy + additional data) is too large. */
-#define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR                -0x003A  /**< Read or write error in file. */
+/** The entropy source failed. */
+#define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED        -0x0034
+/** The requested random buffer length is too big. */
+#define MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG              -0x0036
+/** The input (entropy + additional data) is too large. */
+#define MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG                -0x0038
+/** Read or write error in file. */
+#define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR                -0x003A
 
 #define MBEDTLS_CTR_DRBG_BLOCKSIZE          16 /**< The block size used by the cipher. */
 
@@ -76,8 +68,8 @@
  */
 #endif
 
-#define MBEDTLS_CTR_DRBG_KEYBITS            ( MBEDTLS_CTR_DRBG_KEYSIZE * 8 ) /**< The key size for the DRBG operation, in bits. */
-#define MBEDTLS_CTR_DRBG_SEEDLEN            ( MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE ) /**< The seed length, calculated as (counter + AES key). */
+#define MBEDTLS_CTR_DRBG_KEYBITS            (MBEDTLS_CTR_DRBG_KEYSIZE * 8)   /**< The key size for the DRBG operation, in bits. */
+#define MBEDTLS_CTR_DRBG_SEEDLEN            (MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE)   /**< The seed length, calculated as (counter + AES key). */
 
 /**
  * \name SECTION: Module settings
@@ -134,7 +126,7 @@
 /**< The maximum size of seed or reseed buffer in bytes. */
 #endif
 
-/* \} name SECTION: Module settings */
+/** \} name SECTION: Module settings */
 
 #define MBEDTLS_CTR_DRBG_PR_OFF             0
 /**< Prediction resistance is disabled. */
@@ -160,14 +152,13 @@ extern "C" {
  * the entropy source does not provide enough material to form a nonce.
  * See the documentation of mbedtls_ctr_drbg_seed() for more information.
  */
-#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN ( MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1 ) / 2
+#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN (MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1) / 2
 #endif
 
 /**
  * \brief          The CTR_DRBG context structure.
  */
-typedef struct mbedtls_ctr_drbg_context
-{
+typedef struct mbedtls_ctr_drbg_context {
     unsigned char counter[16];  /*!< The counter (V). */
     int reseed_counter;         /*!< The reseed counter.
                                  * This is the number of requests that have
@@ -195,11 +186,18 @@ typedef struct mbedtls_ctr_drbg_context
      * Callbacks (Entropy)
      */
     int (*f_entropy)(void *, unsigned char *, size_t);
-                                /*!< The entropy callback function. */
+    /*!< The entropy callback function. */
 
     void *p_entropy;            /*!< The context for the entropy function. */
 
 #if defined(MBEDTLS_THREADING_C)
+    /* Invariant: the mutex is initialized if and only if f_entropy != NULL.
+     * This means that the mutex is initialized during the initial seeding
+     * in mbedtls_ctr_drbg_seed() and freed in mbedtls_ctr_drbg_free().
+     *
+     * Note that this invariant may change without notice. Do not rely on it
+     * and do not access the mutex directly in application code.
+     */
     mbedtls_threading_mutex_t mutex;
 #endif
 }
@@ -217,7 +215,7 @@ mbedtls_ctr_drbg_context;
  *
  * \param ctx           The CTR_DRBG context to initialize.
  */
-void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx );
+void mbedtls_ctr_drbg_init(mbedtls_ctr_drbg_context *ctx);
 
 /**
  * \brief               This function seeds and sets up the CTR_DRBG
@@ -264,6 +262,15 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx );
  *   make a second call to \p f_entropy.
  */
 #endif
+#if defined(MBEDTLS_THREADING_C)
+/**
+ * \note                When Mbed TLS is built with threading support,
+ *                      after this function returns successfully,
+ *                      it is safe to call mbedtls_ctr_drbg_random()
+ *                      from multiple threads. Other operations, including
+ *                      reseeding, are not thread-safe.
+ */
+#endif /* MBEDTLS_THREADING_C */
 /**
  * - The \p custom string.
  *
@@ -290,6 +297,8 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx );
  *                      the same context unless you call
  *                      mbedtls_ctr_drbg_free() and mbedtls_ctr_drbg_init()
  *                      again first.
+ *                      After a failed call to mbedtls_ctr_drbg_seed(),
+ *                      you must call mbedtls_ctr_drbg_free().
  * \param f_entropy     The entropy callback, taking as arguments the
  *                      \p p_entropy context, the buffer to fill, and the
  *                      length of the buffer.
@@ -307,11 +316,11 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx );
  * \return              \c 0 on success.
  * \return              #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure.
  */
-int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx,
-                   int (*f_entropy)(void *, unsigned char *, size_t),
-                   void *p_entropy,
-                   const unsigned char *custom,
-                   size_t len );
+int mbedtls_ctr_drbg_seed(mbedtls_ctr_drbg_context *ctx,
+                          int (*f_entropy)(void *, unsigned char *, size_t),
+                          void *p_entropy,
+                          const unsigned char *custom,
+                          size_t len);
 
 /**
  * \brief               This function resets CTR_DRBG context to the state immediately
@@ -319,7 +328,7 @@ int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx,
  *
  * \param ctx           The CTR_DRBG context to clear.
  */
-void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx );
+void mbedtls_ctr_drbg_free(mbedtls_ctr_drbg_context *ctx);
 
 /**
  * \brief               This function turns prediction resistance on or off.
@@ -334,8 +343,8 @@ void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx );
  * \param ctx           The CTR_DRBG context.
  * \param resistance    #MBEDTLS_CTR_DRBG_PR_ON or #MBEDTLS_CTR_DRBG_PR_OFF.
  */
-void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx,
-                                         int resistance );
+void mbedtls_ctr_drbg_set_prediction_resistance(mbedtls_ctr_drbg_context *ctx,
+                                                int resistance);
 
 /**
  * \brief               This function sets the amount of entropy grabbed on each
@@ -361,8 +370,8 @@ void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx,
  *                      and at most the maximum length accepted by the
  *                      entropy function that is set in the context.
  */
-void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx,
-                               size_t len );
+void mbedtls_ctr_drbg_set_entropy_len(mbedtls_ctr_drbg_context *ctx,
+                                      size_t len);
 
 /**
  * \brief               This function sets the amount of entropy grabbed
@@ -383,8 +392,8 @@ void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx,
  * \return              #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED
  *                      if the initial seeding has already taken place.
  */
-int mbedtls_ctr_drbg_set_nonce_len( mbedtls_ctr_drbg_context *ctx,
-                                    size_t len );
+int mbedtls_ctr_drbg_set_nonce_len(mbedtls_ctr_drbg_context *ctx,
+                                   size_t len);
 
 /**
  * \brief               This function sets the reseed interval.
@@ -398,13 +407,18 @@ int mbedtls_ctr_drbg_set_nonce_len( mbedtls_ctr_drbg_context *ctx,
  * \param ctx           The CTR_DRBG context.
  * \param interval      The reseed interval.
  */
-void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx,
-                                   int interval );
+void mbedtls_ctr_drbg_set_reseed_interval(mbedtls_ctr_drbg_context *ctx,
+                                          int interval);
 
 /**
  * \brief               This function reseeds the CTR_DRBG context, that is
  *                      extracts data from the entropy source.
  *
+ * \note                This function is not thread-safe. It is not safe
+ *                      to call this function if another thread might be
+ *                      concurrently obtaining random numbers from the same
+ *                      context or updating or reseeding the same context.
+ *
  * \param ctx           The CTR_DRBG context.
  * \param additional    Additional data to add to the state. Can be \c NULL.
  * \param len           The length of the additional data.
@@ -416,12 +430,17 @@ void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx,
  * \return              \c 0 on success.
  * \return              #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure.
  */
-int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
-                     const unsigned char *additional, size_t len );
+int mbedtls_ctr_drbg_reseed(mbedtls_ctr_drbg_context *ctx,
+                            const unsigned char *additional, size_t len);
 
 /**
  * \brief              This function updates the state of the CTR_DRBG context.
  *
+ * \note                This function is not thread-safe. It is not safe
+ *                      to call this function if another thread might be
+ *                      concurrently obtaining random numbers from the same
+ *                      context or updating or reseeding the same context.
+ *
  * \param ctx          The CTR_DRBG context.
  * \param additional   The data to update the state with. This must not be
  *                     \c NULL unless \p add_len is \c 0.
@@ -434,9 +453,9 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
  *                     #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT.
  * \return             An error from the underlying AES cipher on failure.
  */
-int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx,
-                                 const unsigned char *additional,
-                                 size_t add_len );
+int mbedtls_ctr_drbg_update_ret(mbedtls_ctr_drbg_context *ctx,
+                                const unsigned char *additional,
+                                size_t add_len);
 
 /**
  * \brief   This function updates a CTR_DRBG instance with additional
@@ -445,6 +464,11 @@ int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx,
  * This function automatically reseeds if the reseed counter is exceeded
  * or prediction resistance is enabled.
  *
+ * \note                This function is not thread-safe. It is not safe
+ *                      to call this function if another thread might be
+ *                      concurrently obtaining random numbers from the same
+ *                      context or updating or reseeding the same context.
+ *
  * \param p_rng         The CTR_DRBG context. This must be a pointer to a
  *                      #mbedtls_ctr_drbg_context structure.
  * \param output        The buffer to fill.
@@ -464,17 +488,25 @@ int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx,
  * \return    #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
  *            #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure.
  */
-int mbedtls_ctr_drbg_random_with_add( void *p_rng,
-                              unsigned char *output, size_t output_len,
-                              const unsigned char *additional, size_t add_len );
+int mbedtls_ctr_drbg_random_with_add(void *p_rng,
+                                     unsigned char *output, size_t output_len,
+                                     const unsigned char *additional, size_t add_len);
 
 /**
  * \brief   This function uses CTR_DRBG to generate random data.
  *
  * This function automatically reseeds if the reseed counter is exceeded
  * or prediction resistance is enabled.
- *
- *
+ */
+#if defined(MBEDTLS_THREADING_C)
+/**
+ * \note                When Mbed TLS is built with threading support,
+ *                      it is safe to call mbedtls_ctr_drbg_random()
+ *                      from multiple threads. Other operations, including
+ *                      reseeding, are not thread-safe.
+ */
+#endif /* MBEDTLS_THREADING_C */
+/**
  * \param p_rng         The CTR_DRBG context. This must be a pointer to a
  *                      #mbedtls_ctr_drbg_context structure.
  * \param output        The buffer to fill.
@@ -484,11 +516,11 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng,
  * \return              #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
  *                      #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure.
  */
-int mbedtls_ctr_drbg_random( void *p_rng,
-                     unsigned char *output, size_t output_len );
+int mbedtls_ctr_drbg_random(void *p_rng,
+                            unsigned char *output, size_t output_len);
 
 
-#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
 #define MBEDTLS_DEPRECATED    __attribute__((deprecated))
 #else
@@ -512,7 +544,7 @@ int mbedtls_ctr_drbg_random( void *p_rng,
 MBEDTLS_DEPRECATED void mbedtls_ctr_drbg_update(
     mbedtls_ctr_drbg_context *ctx,
     const unsigned char *additional,
-    size_t add_len );
+    size_t add_len);
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
 
@@ -528,7 +560,7 @@ MBEDTLS_DEPRECATED void mbedtls_ctr_drbg_update(
  * \return              #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on reseed
  *                      failure.
  */
-int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path );
+int mbedtls_ctr_drbg_write_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path);
 
 /**
  * \brief               This function reads and updates a seed file. The seed
@@ -544,7 +576,7 @@ int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char
  * \return              #MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG if the existing
  *                      seed file is too large.
  */
-int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path );
+int mbedtls_ctr_drbg_update_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path);
 #endif /* MBEDTLS_FS_IO */
 
 #if defined(MBEDTLS_SELF_TEST)
@@ -555,7 +587,7 @@ int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char
  * \return              \c 0 on success.
  * \return              \c 1 on failure.
  */
-int mbedtls_ctr_drbg_self_test( int verbose );
+int mbedtls_ctr_drbg_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/debug.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/debug.h
new file mode 100644
index 0000000..c29c40e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/debug.h
@@ -0,0 +1,300 @@
+/**
+ * \file debug.h
+ *
+ * \brief Functions for controlling and providing debug output from the library.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_DEBUG_H
+#define MBEDTLS_DEBUG_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/ssl.h"
+
+#if defined(MBEDTLS_ECP_C)
+#include "mbedtls/ecp.h"
+#endif
+
+#if defined(MBEDTLS_DEBUG_C)
+
+#define MBEDTLS_DEBUG_STRIP_PARENS(...)   __VA_ARGS__
+
+#define MBEDTLS_SSL_DEBUG_MSG(level, args)                    \
+    mbedtls_debug_print_msg(ssl, level, __FILE__, __LINE__,    \
+                            MBEDTLS_DEBUG_STRIP_PARENS args)
+
+#define MBEDTLS_SSL_DEBUG_RET(level, text, ret)                \
+    mbedtls_debug_print_ret(ssl, level, __FILE__, __LINE__, text, ret)
+
+#define MBEDTLS_SSL_DEBUG_BUF(level, text, buf, len)           \
+    mbedtls_debug_print_buf(ssl, level, __FILE__, __LINE__, text, buf, len)
+
+#if defined(MBEDTLS_BIGNUM_C)
+#define MBEDTLS_SSL_DEBUG_MPI(level, text, X)                  \
+    mbedtls_debug_print_mpi(ssl, level, __FILE__, __LINE__, text, X)
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+#define MBEDTLS_SSL_DEBUG_ECP(level, text, X)                  \
+    mbedtls_debug_print_ecp(ssl, level, __FILE__, __LINE__, text, X)
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#define MBEDTLS_SSL_DEBUG_CRT(level, text, crt)                \
+    mbedtls_debug_print_crt(ssl, level, __FILE__, __LINE__, text, crt)
+#endif
+
+#if defined(MBEDTLS_ECDH_C)
+#define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr)               \
+    mbedtls_debug_printf_ecdh(ssl, level, __FILE__, __LINE__, ecdh, attr)
+#endif
+
+#else /* MBEDTLS_DEBUG_C */
+
+#define MBEDTLS_SSL_DEBUG_MSG(level, args)            do { } while (0)
+#define MBEDTLS_SSL_DEBUG_RET(level, text, ret)       do { } while (0)
+#define MBEDTLS_SSL_DEBUG_BUF(level, text, buf, len)  do { } while (0)
+#define MBEDTLS_SSL_DEBUG_MPI(level, text, X)         do { } while (0)
+#define MBEDTLS_SSL_DEBUG_ECP(level, text, X)         do { } while (0)
+#define MBEDTLS_SSL_DEBUG_CRT(level, text, crt)       do { } while (0)
+#define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr)     do { } while (0)
+
+#endif /* MBEDTLS_DEBUG_C */
+
+/**
+ * \def MBEDTLS_PRINTF_ATTRIBUTE
+ *
+ * Mark a function as having printf attributes, and thus enable checking
+ * via -wFormat and other flags. This does nothing on builds with compilers
+ * that do not support the format attribute
+ *
+ * Module:  library/debug.c
+ * Caller:
+ *
+ * This module provides debugging functions.
+ */
+#if defined(__has_attribute)
+#if __has_attribute(format)
+#if defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1
+#define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check)    \
+    __attribute__((__format__(gnu_printf, string_index, first_to_check)))
+#else /* defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1 */
+#define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check)    \
+    __attribute__((format(printf, string_index, first_to_check)))
+#endif
+#else /* __has_attribute(format) */
+#define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check)
+#endif /* __has_attribute(format) */
+#else /* defined(__has_attribute) */
+#define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check)
+#endif
+
+/**
+ * \def MBEDTLS_PRINTF_SIZET
+ *
+ * MBEDTLS_PRINTF_xxx: Due to issues with older window compilers
+ * and MinGW we need to define the printf specifier for size_t
+ * and long long per platform.
+ *
+ * Module:  library/debug.c
+ * Caller:
+ *
+ * This module provides debugging functions.
+ */
+#if (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800)
+   #include <inttypes.h>
+   #define MBEDTLS_PRINTF_SIZET     PRIuPTR
+   #define MBEDTLS_PRINTF_LONGLONG  "I64d"
+#else \
+    /* (defined(__MINGW32__)  && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */
+   #define MBEDTLS_PRINTF_SIZET     "zu"
+   #define MBEDTLS_PRINTF_LONGLONG  "lld"
+#endif \
+    /* (defined(__MINGW32__)  && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief   Set the threshold error level to handle globally all debug output.
+ *          Debug messages that have a level over the threshold value are
+ *          discarded.
+ *          (Default value: 0 = No debug )
+ *
+ * \param threshold     threshold level of messages to filter on. Messages at a
+ *                      higher level will be discarded.
+ *                          - Debug levels
+ *                              - 0 No debug
+ *                              - 1 Error
+ *                              - 2 State change
+ *                              - 3 Informational
+ *                              - 4 Verbose
+ */
+void mbedtls_debug_set_threshold(int threshold);
+
+/**
+ * \brief    Print a message to the debug output. This function is always used
+ *          through the MBEDTLS_SSL_DEBUG_MSG() macro, which supplies the ssl
+ *          context, file and line number parameters.
+ *
+ * \param ssl       SSL context
+ * \param level     error level of the debug message
+ * \param file      file the message has occurred in
+ * \param line      line number the message has occurred at
+ * \param format    format specifier, in printf format
+ * \param ...       variables used by the format specifier
+ *
+ * \attention       This function is intended for INTERNAL usage within the
+ *                  library only.
+ */
+void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level,
+                             const char *file, int line,
+                             const char *format, ...) MBEDTLS_PRINTF_ATTRIBUTE(5, 6);
+
+/**
+ * \brief   Print the return value of a function to the debug output. This
+ *          function is always used through the MBEDTLS_SSL_DEBUG_RET() macro,
+ *          which supplies the ssl context, file and line number parameters.
+ *
+ * \param ssl       SSL context
+ * \param level     error level of the debug message
+ * \param file      file the error has occurred in
+ * \param line      line number the error has occurred in
+ * \param text      the name of the function that returned the error
+ * \param ret       the return code value
+ *
+ * \attention       This function is intended for INTERNAL usage within the
+ *                  library only.
+ */
+void mbedtls_debug_print_ret(const mbedtls_ssl_context *ssl, int level,
+                             const char *file, int line,
+                             const char *text, int ret);
+
+/**
+ * \brief   Output a buffer of size len bytes to the debug output. This function
+ *          is always used through the MBEDTLS_SSL_DEBUG_BUF() macro,
+ *          which supplies the ssl context, file and line number parameters.
+ *
+ * \param ssl       SSL context
+ * \param level     error level of the debug message
+ * \param file      file the error has occurred in
+ * \param line      line number the error has occurred in
+ * \param text      a name or label for the buffer being dumped. Normally the
+ *                  variable or buffer name
+ * \param buf       the buffer to be outputted
+ * \param len       length of the buffer
+ *
+ * \attention       This function is intended for INTERNAL usage within the
+ *                  library only.
+ */
+void mbedtls_debug_print_buf(const mbedtls_ssl_context *ssl, int level,
+                             const char *file, int line, const char *text,
+                             const unsigned char *buf, size_t len);
+
+#if defined(MBEDTLS_BIGNUM_C)
+/**
+ * \brief   Print a MPI variable to the debug output. This function is always
+ *          used through the MBEDTLS_SSL_DEBUG_MPI() macro, which supplies the
+ *          ssl context, file and line number parameters.
+ *
+ * \param ssl       SSL context
+ * \param level     error level of the debug message
+ * \param file      file the error has occurred in
+ * \param line      line number the error has occurred in
+ * \param text      a name or label for the MPI being output. Normally the
+ *                  variable name
+ * \param X         the MPI variable
+ *
+ * \attention       This function is intended for INTERNAL usage within the
+ *                  library only.
+ */
+void mbedtls_debug_print_mpi(const mbedtls_ssl_context *ssl, int level,
+                             const char *file, int line,
+                             const char *text, const mbedtls_mpi *X);
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+/**
+ * \brief   Print an ECP point to the debug output. This function is always
+ *          used through the MBEDTLS_SSL_DEBUG_ECP() macro, which supplies the
+ *          ssl context, file and line number parameters.
+ *
+ * \param ssl       SSL context
+ * \param level     error level of the debug message
+ * \param file      file the error has occurred in
+ * \param line      line number the error has occurred in
+ * \param text      a name or label for the ECP point being output. Normally the
+ *                  variable name
+ * \param X         the ECP point
+ *
+ * \attention       This function is intended for INTERNAL usage within the
+ *                  library only.
+ */
+void mbedtls_debug_print_ecp(const mbedtls_ssl_context *ssl, int level,
+                             const char *file, int line,
+                             const char *text, const mbedtls_ecp_point *X);
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+/**
+ * \brief   Print a X.509 certificate structure to the debug output. This
+ *          function is always used through the MBEDTLS_SSL_DEBUG_CRT() macro,
+ *          which supplies the ssl context, file and line number parameters.
+ *
+ * \param ssl       SSL context
+ * \param level     error level of the debug message
+ * \param file      file the error has occurred in
+ * \param line      line number the error has occurred in
+ * \param text      a name or label for the certificate being output
+ * \param crt       X.509 certificate structure
+ *
+ * \attention       This function is intended for INTERNAL usage within the
+ *                  library only.
+ */
+void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level,
+                             const char *file, int line,
+                             const char *text, const mbedtls_x509_crt *crt);
+#endif
+
+#if defined(MBEDTLS_ECDH_C)
+typedef enum {
+    MBEDTLS_DEBUG_ECDH_Q,
+    MBEDTLS_DEBUG_ECDH_QP,
+    MBEDTLS_DEBUG_ECDH_Z,
+} mbedtls_debug_ecdh_attr;
+
+/**
+ * \brief   Print a field of the ECDH structure in the SSL context to the debug
+ *          output. This function is always used through the
+ *          MBEDTLS_SSL_DEBUG_ECDH() macro, which supplies the ssl context, file
+ *          and line number parameters.
+ *
+ * \param ssl       SSL context
+ * \param level     error level of the debug message
+ * \param file      file the error has occurred in
+ * \param line      line number the error has occurred in
+ * \param ecdh      the ECDH context
+ * \param attr      the identifier of the attribute being output
+ *
+ * \attention       This function is intended for INTERNAL usage within the
+ *                  library only.
+ */
+void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level,
+                               const char *file, int line,
+                               const mbedtls_ecdh_context *ecdh,
+                               mbedtls_debug_ecdh_attr attr);
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* debug.h */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/des.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/des.h
new file mode 100644
index 0000000..031b9cf
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/des.h
@@ -0,0 +1,392 @@
+/**
+ * \file des.h
+ *
+ * \brief DES block cipher
+ *
+ * \warning   DES/3DES are considered weak ciphers and their use constitutes a
+ *            security risk. We recommend considering stronger ciphers
+ *            instead.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ *
+ */
+#ifndef MBEDTLS_DES_H
+#define MBEDTLS_DES_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+#include "mbedtls/platform_util.h"
+
+#include <stddef.h>
+#include <stdint.h>
+
+#define MBEDTLS_DES_ENCRYPT     1
+#define MBEDTLS_DES_DECRYPT     0
+
+/** The data input has an invalid length. */
+#define MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH              -0x0032
+
+/* MBEDTLS_ERR_DES_HW_ACCEL_FAILED is deprecated and should not be used. */
+/** DES hardware accelerator failed. */
+#define MBEDTLS_ERR_DES_HW_ACCEL_FAILED                   -0x0033
+
+#define MBEDTLS_DES_KEY_SIZE    8
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if !defined(MBEDTLS_DES_ALT)
+// Regular implementation
+//
+
+/**
+ * \brief          DES context structure
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+typedef struct mbedtls_des_context {
+    uint32_t sk[32];            /*!<  DES subkeys       */
+}
+mbedtls_des_context;
+
+/**
+ * \brief          Triple-DES context structure
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+typedef struct mbedtls_des3_context {
+    uint32_t sk[96];            /*!<  3DES subkeys      */
+}
+mbedtls_des3_context;
+
+#else  /* MBEDTLS_DES_ALT */
+#include "des_alt.h"
+#endif /* MBEDTLS_DES_ALT */
+
+/**
+ * \brief          Initialize DES context
+ *
+ * \param ctx      DES context to be initialized
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+void mbedtls_des_init(mbedtls_des_context *ctx);
+
+/**
+ * \brief          Clear DES context
+ *
+ * \param ctx      DES context to be cleared
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+void mbedtls_des_free(mbedtls_des_context *ctx);
+
+/**
+ * \brief          Initialize Triple-DES context
+ *
+ * \param ctx      DES3 context to be initialized
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+void mbedtls_des3_init(mbedtls_des3_context *ctx);
+
+/**
+ * \brief          Clear Triple-DES context
+ *
+ * \param ctx      DES3 context to be cleared
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+void mbedtls_des3_free(mbedtls_des3_context *ctx);
+
+/**
+ * \brief          Set key parity on the given key to odd.
+ *
+ *                 DES keys are 56 bits long, but each byte is padded with
+ *                 a parity bit to allow verification.
+ *
+ * \param key      8-byte secret key
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+void mbedtls_des_key_set_parity(unsigned char key[MBEDTLS_DES_KEY_SIZE]);
+
+/**
+ * \brief          Check that key parity on the given key is odd.
+ *
+ *                 DES keys are 56 bits long, but each byte is padded with
+ *                 a parity bit to allow verification.
+ *
+ * \param key      8-byte secret key
+ *
+ * \return         0 is parity was ok, 1 if parity was not correct.
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_des_key_check_key_parity(const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
+
+/**
+ * \brief          Check that key is not a weak or semi-weak DES key
+ *
+ * \param key      8-byte secret key
+ *
+ * \return         0 if no weak key was found, 1 if a weak key was identified.
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_des_key_check_weak(const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
+
+/**
+ * \brief          DES key schedule (56-bit, encryption)
+ *
+ * \param ctx      DES context to be initialized
+ * \param key      8-byte secret key
+ *
+ * \return         0
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
+
+/**
+ * \brief          DES key schedule (56-bit, decryption)
+ *
+ * \param ctx      DES context to be initialized
+ * \param key      8-byte secret key
+ *
+ * \return         0
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
+
+/**
+ * \brief          Triple-DES key schedule (112-bit, encryption)
+ *
+ * \param ctx      3DES context to be initialized
+ * \param key      16-byte secret key
+ *
+ * \return         0
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx,
+                             const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]);
+
+/**
+ * \brief          Triple-DES key schedule (112-bit, decryption)
+ *
+ * \param ctx      3DES context to be initialized
+ * \param key      16-byte secret key
+ *
+ * \return         0
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx,
+                             const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]);
+
+/**
+ * \brief          Triple-DES key schedule (168-bit, encryption)
+ *
+ * \param ctx      3DES context to be initialized
+ * \param key      24-byte secret key
+ *
+ * \return         0
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx,
+                             const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]);
+
+/**
+ * \brief          Triple-DES key schedule (168-bit, decryption)
+ *
+ * \param ctx      3DES context to be initialized
+ * \param key      24-byte secret key
+ *
+ * \return         0
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx,
+                             const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]);
+
+/**
+ * \brief          DES-ECB block encryption/decryption
+ *
+ * \param ctx      DES context
+ * \param input    64-bit input block
+ * \param output   64-bit output block
+ *
+ * \return         0 if successful
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_des_crypt_ecb(mbedtls_des_context *ctx,
+                          const unsigned char input[8],
+                          unsigned char output[8]);
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/**
+ * \brief          DES-CBC buffer encryption/decryption
+ *
+ * \note           Upon exit, the content of the IV is updated so that you can
+ *                 call the function same function again on the following
+ *                 block(s) of data and get the same result as if it was
+ *                 encrypted in one call. This allows a "streaming" usage.
+ *                 If on the other hand you need to retain the contents of the
+ *                 IV, you should either save it manually or use the cipher
+ *                 module instead.
+ *
+ * \param ctx      DES context
+ * \param mode     MBEDTLS_DES_ENCRYPT or MBEDTLS_DES_DECRYPT
+ * \param length   length of the input data
+ * \param iv       initialization vector (updated after use)
+ * \param input    buffer holding the input data
+ * \param output   buffer holding the output data
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_des_crypt_cbc(mbedtls_des_context *ctx,
+                          int mode,
+                          size_t length,
+                          unsigned char iv[8],
+                          const unsigned char *input,
+                          unsigned char *output);
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+/**
+ * \brief          3DES-ECB block encryption/decryption
+ *
+ * \param ctx      3DES context
+ * \param input    64-bit input block
+ * \param output   64-bit output block
+ *
+ * \return         0 if successful
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_des3_crypt_ecb(mbedtls_des3_context *ctx,
+                           const unsigned char input[8],
+                           unsigned char output[8]);
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/**
+ * \brief          3DES-CBC buffer encryption/decryption
+ *
+ * \note           Upon exit, the content of the IV is updated so that you can
+ *                 call the function same function again on the following
+ *                 block(s) of data and get the same result as if it was
+ *                 encrypted in one call. This allows a "streaming" usage.
+ *                 If on the other hand you need to retain the contents of the
+ *                 IV, you should either save it manually or use the cipher
+ *                 module instead.
+ *
+ * \param ctx      3DES context
+ * \param mode     MBEDTLS_DES_ENCRYPT or MBEDTLS_DES_DECRYPT
+ * \param length   length of the input data
+ * \param iv       initialization vector (updated after use)
+ * \param input    buffer holding the input data
+ * \param output   buffer holding the output data
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_des3_crypt_cbc(mbedtls_des3_context *ctx,
+                           int mode,
+                           size_t length,
+                           unsigned char iv[8],
+                           const unsigned char *input,
+                           unsigned char *output);
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+/**
+ * \brief          Internal function for key expansion.
+ *                 (Only exposed to allow overriding it,
+ *                 see MBEDTLS_DES_SETKEY_ALT)
+ *
+ * \param SK       Round keys
+ * \param key      Base key
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+void mbedtls_des_setkey(uint32_t SK[32],
+                        const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_des_self_test(int verbose);
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* des.h */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/dhm.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/dhm.h
new file mode 100644
index 0000000..b61e4d4
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/dhm.h
@@ -0,0 +1,1090 @@
+/**
+ * \file dhm.h
+ *
+ * \brief   This file contains Diffie-Hellman-Merkle (DHM) key exchange
+ *          definitions and functions.
+ *
+ * Diffie-Hellman-Merkle (DHM) key exchange is defined in
+ * <em>RFC-2631: Diffie-Hellman Key Agreement Method</em> and
+ * <em>Public-Key Cryptography Standards (PKCS) #3: Diffie
+ * Hellman Key Agreement Standard</em>.
+ *
+ * <em>RFC-3526: More Modular Exponential (MODP) Diffie-Hellman groups for
+ * Internet Key Exchange (IKE)</em> defines a number of standardized
+ * Diffie-Hellman groups for IKE.
+ *
+ * <em>RFC-5114: Additional Diffie-Hellman Groups for Use with IETF
+ * Standards</em> defines a number of standardized Diffie-Hellman
+ * groups that can be used.
+ *
+ * \warning  The security of the DHM key exchange relies on the proper choice
+ *           of prime modulus - optimally, it should be a safe prime. The usage
+ *           of non-safe primes both decreases the difficulty of the underlying
+ *           discrete logarithm problem and can lead to small subgroup attacks
+ *           leaking private exponent bits when invalid public keys are used
+ *           and not detected. This is especially relevant if the same DHM
+ *           parameters are reused for multiple key exchanges as in static DHM,
+ *           while the criticality of small-subgroup attacks is lower for
+ *           ephemeral DHM.
+ *
+ * \warning  For performance reasons, the code does neither perform primality
+ *           nor safe primality tests, nor the expensive checks for invalid
+ *           subgroups. Moreover, even if these were performed, non-standardized
+ *           primes cannot be trusted because of the possibility of backdoors
+ *           that can't be effectively checked for.
+ *
+ * \warning  Diffie-Hellman-Merkle is therefore a security risk when not using
+ *           standardized primes generated using a trustworthy ("nothing up
+ *           my sleeve") method, such as the RFC 3526 / 7919 primes. In the TLS
+ *           protocol, DH parameters need to be negotiated, so using the default
+ *           primes systematically is not always an option. If possible, use
+ *           Elliptic Curve Diffie-Hellman (ECDH), which has better performance,
+ *           and for which the TLS protocol mandates the use of standard
+ *           parameters.
+ *
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MBEDTLS_DHM_H
+#define MBEDTLS_DHM_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+#include "mbedtls/bignum.h"
+
+/*
+ * DHM Error codes
+ */
+/** Bad input parameters. */
+#define MBEDTLS_ERR_DHM_BAD_INPUT_DATA                    -0x3080
+/** Reading of the DHM parameters failed. */
+#define MBEDTLS_ERR_DHM_READ_PARAMS_FAILED                -0x3100
+/** Making of the DHM parameters failed. */
+#define MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED                -0x3180
+/** Reading of the public values failed. */
+#define MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED                -0x3200
+/** Making of the public value failed. */
+#define MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED                -0x3280
+/** Calculation of the DHM secret failed. */
+#define MBEDTLS_ERR_DHM_CALC_SECRET_FAILED                -0x3300
+/** The ASN.1 data is not formatted correctly. */
+#define MBEDTLS_ERR_DHM_INVALID_FORMAT                    -0x3380
+/** Allocation of memory failed. */
+#define MBEDTLS_ERR_DHM_ALLOC_FAILED                      -0x3400
+/** Read or write of file failed. */
+#define MBEDTLS_ERR_DHM_FILE_IO_ERROR                     -0x3480
+
+/* MBEDTLS_ERR_DHM_HW_ACCEL_FAILED is deprecated and should not be used. */
+/** DHM hardware accelerator failed. */
+#define MBEDTLS_ERR_DHM_HW_ACCEL_FAILED                   -0x3500
+
+/** Setting the modulus and generator failed. */
+#define MBEDTLS_ERR_DHM_SET_GROUP_FAILED                  -0x3580
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if !defined(MBEDTLS_DHM_ALT)
+
+/**
+ * \brief          The DHM context structure.
+ */
+typedef struct mbedtls_dhm_context {
+    size_t len;         /*!<  The size of \p P in Bytes. */
+    mbedtls_mpi P;      /*!<  The prime modulus. */
+    mbedtls_mpi G;      /*!<  The generator. */
+    mbedtls_mpi X;      /*!<  Our secret value. */
+    mbedtls_mpi GX;     /*!<  Our public key = \c G^X mod \c P. */
+    mbedtls_mpi GY;     /*!<  The public key of the peer = \c G^Y mod \c P. */
+    mbedtls_mpi K;      /*!<  The shared secret = \c G^(XY) mod \c P. */
+    mbedtls_mpi RP;     /*!<  The cached value = \c R^2 mod \c P. */
+    mbedtls_mpi Vi;     /*!<  The blinding value. */
+    mbedtls_mpi Vf;     /*!<  The unblinding value. */
+    mbedtls_mpi pX;     /*!<  The previous \c X. */
+}
+mbedtls_dhm_context;
+
+#else /* MBEDTLS_DHM_ALT */
+#include "dhm_alt.h"
+#endif /* MBEDTLS_DHM_ALT */
+
+/**
+ * \brief          This function initializes the DHM context.
+ *
+ * \param ctx      The DHM context to initialize.
+ */
+void mbedtls_dhm_init(mbedtls_dhm_context *ctx);
+
+/**
+ * \brief          This function parses the DHM parameters in a
+ *                 TLS ServerKeyExchange handshake message
+ *                 (DHM modulus, generator, and public key).
+ *
+ * \note           In a TLS handshake, this is the how the client
+ *                 sets up its DHM context from the server's public
+ *                 DHM key material.
+ *
+ * \param ctx      The DHM context to use. This must be initialized.
+ * \param p        On input, *p must be the start of the input buffer.
+ *                 On output, *p is updated to point to the end of the data
+ *                 that has been read. On success, this is the first byte
+ *                 past the end of the ServerKeyExchange parameters.
+ *                 On error, this is the point at which an error has been
+ *                 detected, which is usually not useful except to debug
+ *                 failures.
+ * \param end      The end of the input buffer.
+ *
+ * \return         \c 0 on success.
+ * \return         An \c MBEDTLS_ERR_DHM_XXX error code on failure.
+ */
+int mbedtls_dhm_read_params(mbedtls_dhm_context *ctx,
+                            unsigned char **p,
+                            const unsigned char *end);
+
+/**
+ * \brief          This function generates a DHM key pair and exports its
+ *                 public part together with the DHM parameters in the format
+ *                 used in a TLS ServerKeyExchange handshake message.
+ *
+ * \note           This function assumes that the DHM parameters \c ctx->P
+ *                 and \c ctx->G have already been properly set. For that, use
+ *                 mbedtls_dhm_set_group() below in conjunction with
+ *                 mbedtls_mpi_read_binary() and mbedtls_mpi_read_string().
+ *
+ * \note           In a TLS handshake, this is the how the server generates
+ *                 and exports its DHM key material.
+ *
+ * \param ctx      The DHM context to use. This must be initialized
+ *                 and have the DHM parameters set. It may or may not
+ *                 already have imported the peer's public key.
+ * \param x_size   The private key size in Bytes.
+ * \param olen     The address at which to store the number of Bytes
+ *                 written on success. This must not be \c NULL.
+ * \param output   The destination buffer. This must be a writable buffer of
+ *                 sufficient size to hold the reduced binary presentation of
+ *                 the modulus, the generator and the public key, each wrapped
+ *                 with a 2-byte length field. It is the responsibility of the
+ *                 caller to ensure that enough space is available. Refer to
+ *                 mbedtls_mpi_size() to computing the byte-size of an MPI.
+ * \param f_rng    The RNG function. Must not be \c NULL.
+ * \param p_rng    The RNG context to be passed to \p f_rng. This may be
+ *                 \c NULL if \p f_rng doesn't need a context parameter.
+ *
+ * \return         \c 0 on success.
+ * \return         An \c MBEDTLS_ERR_DHM_XXX error code on failure.
+ */
+int mbedtls_dhm_make_params(mbedtls_dhm_context *ctx, int x_size,
+                            unsigned char *output, size_t *olen,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng);
+
+/**
+ * \brief          This function sets the prime modulus and generator.
+ *
+ * \note           This function can be used to set \c ctx->P, \c ctx->G
+ *                 in preparation for mbedtls_dhm_make_params().
+ *
+ * \param ctx      The DHM context to configure. This must be initialized.
+ * \param P        The MPI holding the DHM prime modulus. This must be
+ *                 an initialized MPI.
+ * \param G        The MPI holding the DHM generator. This must be an
+ *                 initialized MPI.
+ *
+ * \return         \c 0 if successful.
+ * \return         An \c MBEDTLS_ERR_DHM_XXX error code on failure.
+ */
+int mbedtls_dhm_set_group(mbedtls_dhm_context *ctx,
+                          const mbedtls_mpi *P,
+                          const mbedtls_mpi *G);
+
+/**
+ * \brief          This function imports the raw public value of the peer.
+ *
+ * \note           In a TLS handshake, this is the how the server imports
+ *                 the Client's public DHM key.
+ *
+ * \param ctx      The DHM context to use. This must be initialized and have
+ *                 its DHM parameters set, e.g. via mbedtls_dhm_set_group().
+ *                 It may or may not already have generated its own private key.
+ * \param input    The input buffer containing the \c G^Y value of the peer.
+ *                 This must be a readable buffer of size \p ilen Bytes.
+ * \param ilen     The size of the input buffer \p input in Bytes.
+ *
+ * \return         \c 0 on success.
+ * \return         An \c MBEDTLS_ERR_DHM_XXX error code on failure.
+ */
+int mbedtls_dhm_read_public(mbedtls_dhm_context *ctx,
+                            const unsigned char *input, size_t ilen);
+
+/**
+ * \brief          This function creates a DHM key pair and exports
+ *                 the raw public key in big-endian format.
+ *
+ * \note           The destination buffer is always fully written
+ *                 so as to contain a big-endian representation of G^X mod P.
+ *                 If it is larger than \c ctx->len, it is padded accordingly
+ *                 with zero-bytes at the beginning.
+ *
+ * \param ctx      The DHM context to use. This must be initialized and
+ *                 have the DHM parameters set. It may or may not already
+ *                 have imported the peer's public key.
+ * \param x_size   The private key size in Bytes.
+ * \param output   The destination buffer. This must be a writable buffer of
+ *                 size \p olen Bytes.
+ * \param olen     The length of the destination buffer. This must be at least
+ *                 equal to `ctx->len` (the size of \c P).
+ * \param f_rng    The RNG function. This must not be \c NULL.
+ * \param p_rng    The RNG context to be passed to \p f_rng. This may be \c NULL
+ *                 if \p f_rng doesn't need a context argument.
+ *
+ * \return         \c 0 on success.
+ * \return         An \c MBEDTLS_ERR_DHM_XXX error code on failure.
+ */
+int mbedtls_dhm_make_public(mbedtls_dhm_context *ctx, int x_size,
+                            unsigned char *output, size_t olen,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng);
+
+/**
+ * \brief          This function derives and exports the shared secret
+ *                 \c (G^Y)^X mod \c P.
+ *
+ * \note           If \p f_rng is not \c NULL, it is used to blind the input as
+ *                 a countermeasure against timing attacks. Blinding is used
+ *                 only if our private key \c X is re-used, and not used
+ *                 otherwise. We recommend always passing a non-NULL
+ *                 \p f_rng argument.
+ *
+ * \param ctx           The DHM context to use. This must be initialized
+ *                      and have its own private key generated and the peer's
+ *                      public key imported.
+ * \param output        The buffer to write the generated shared key to. This
+ *                      must be a writable buffer of size \p output_size Bytes.
+ * \param output_size   The size of the destination buffer. This must be at
+ *                      least the size of \c ctx->len (the size of \c P).
+ * \param olen          On exit, holds the actual number of Bytes written.
+ * \param f_rng         The RNG function, for blinding purposes. This may
+ *                      b \c NULL if blinding isn't needed.
+ * \param p_rng         The RNG context. This may be \c NULL if \p f_rng
+ *                      doesn't need a context argument.
+ *
+ * \return              \c 0 on success.
+ * \return              An \c MBEDTLS_ERR_DHM_XXX error code on failure.
+ */
+int mbedtls_dhm_calc_secret(mbedtls_dhm_context *ctx,
+                            unsigned char *output, size_t output_size, size_t *olen,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng);
+
+/**
+ * \brief          This function frees and clears the components
+ *                 of a DHM context.
+ *
+ * \param ctx      The DHM context to free and clear. This may be \c NULL,
+ *                 in which case this function is a no-op. If it is not \c NULL,
+ *                 it must point to an initialized DHM context.
+ */
+void mbedtls_dhm_free(mbedtls_dhm_context *ctx);
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+/**
+ * \brief             This function parses DHM parameters in PEM or DER format.
+ *
+ * \param dhm         The DHM context to import the DHM parameters into.
+ *                    This must be initialized.
+ * \param dhmin       The input buffer. This must be a readable buffer of
+ *                    length \p dhminlen Bytes.
+ * \param dhminlen    The size of the input buffer \p dhmin, including the
+ *                    terminating \c NULL Byte for PEM data.
+ *
+ * \return            \c 0 on success.
+ * \return            An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX error
+ *                    code on failure.
+ */
+int mbedtls_dhm_parse_dhm(mbedtls_dhm_context *dhm, const unsigned char *dhmin,
+                          size_t dhminlen);
+
+#if defined(MBEDTLS_FS_IO)
+/**
+ * \brief          This function loads and parses DHM parameters from a file.
+ *
+ * \param dhm      The DHM context to load the parameters to.
+ *                 This must be initialized.
+ * \param path     The filename to read the DHM parameters from.
+ *                 This must not be \c NULL.
+ *
+ * \return         \c 0 on success.
+ * \return         An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX
+ *                 error code on failure.
+ */
+int mbedtls_dhm_parse_dhmfile(mbedtls_dhm_context *dhm, const char *path);
+#endif /* MBEDTLS_FS_IO */
+#endif /* MBEDTLS_ASN1_PARSE_C */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/**
+ * \brief          The DMH checkup routine.
+ *
+ * \return         \c 0 on success.
+ * \return         \c 1 on failure.
+ */
+int mbedtls_dhm_self_test(int verbose);
+
+#endif /* MBEDTLS_SELF_TEST */
+#ifdef __cplusplus
+}
+#endif
+
+/**
+ * RFC 3526, RFC 5114 and RFC 7919 standardize a number of
+ * Diffie-Hellman groups, some of which are included here
+ * for use within the SSL/TLS module and the user's convenience
+ * when configuring the Diffie-Hellman parameters by hand
+ * through \c mbedtls_ssl_conf_dh_param.
+ *
+ * The following lists the source of the above groups in the standards:
+ * - RFC 5114 section 2.2:  2048-bit MODP Group with 224-bit Prime Order Subgroup
+ * - RFC 3526 section 3:    2048-bit MODP Group
+ * - RFC 3526 section 4:    3072-bit MODP Group
+ * - RFC 3526 section 5:    4096-bit MODP Group
+ * - RFC 7919 section A.1:  ffdhe2048
+ * - RFC 7919 section A.2:  ffdhe3072
+ * - RFC 7919 section A.3:  ffdhe4096
+ * - RFC 7919 section A.4:  ffdhe6144
+ * - RFC 7919 section A.5:  ffdhe8192
+ *
+ * The constants with suffix "_p" denote the chosen prime moduli, while
+ * the constants with suffix "_g" denote the chosen generator
+ * of the associated prime field.
+ *
+ * The constants further suffixed with "_bin" are provided in binary format,
+ * while all other constants represent null-terminated strings holding the
+ * hexadecimal presentation of the respective numbers.
+ *
+ * The primes from RFC 3526 and RFC 7919 have been generating by the following
+ * trust-worthy procedure:
+ * - Fix N in { 2048, 3072, 4096, 6144, 8192 } and consider the N-bit number
+ *   the first and last 64 bits are all 1, and the remaining N - 128 bits of
+ *   which are 0x7ff...ff.
+ * - Add the smallest multiple of the first N - 129 bits of the binary expansion
+ *   of pi (for RFC 5236) or e (for RFC 7919) to this intermediate bit-string
+ *   such that the resulting integer is a safe-prime.
+ * - The result is the respective RFC 3526 / 7919 prime, and the corresponding
+ *   generator is always chosen to be 2 (which is a square for these prime,
+ *   hence the corresponding subgroup has order (p-1)/2 and avoids leaking a
+ *   bit in the private exponent).
+ *
+ */
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+
+/**
+ * \warning The origin of the primes in RFC 5114 is not documented and
+ *          their use therefore constitutes a security risk!
+ *
+ * \deprecated The hex-encoded primes from RFC 5114 are deprecated and are
+ *             likely to be removed in a future version of the library without
+ *             replacement.
+ */
+
+/**
+ * The hexadecimal presentation of the prime underlying the
+ * 2048-bit MODP Group with 224-bit Prime Order Subgroup, as defined
+ * in <em>RFC-5114: Additional Diffie-Hellman Groups for Use with
+ * IETF Standards</em>.
+ */
+#define MBEDTLS_DHM_RFC5114_MODP_2048_P                         \
+    MBEDTLS_DEPRECATED_STRING_CONSTANT(                         \
+        "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1"      \
+        "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15"      \
+        "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212"      \
+        "9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207"      \
+        "C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708"      \
+        "B3BF8A317091883681286130BC8985DB1602E714415D9330"      \
+        "278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D"      \
+        "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8"      \
+        "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763"      \
+        "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71"      \
+        "CF9DE5384E71B81C0AC4DFFE0C10E64F")
+
+/**
+ * The hexadecimal presentation of the chosen generator of the 2048-bit MODP
+ * Group with 224-bit Prime Order Subgroup, as defined in <em>RFC-5114:
+ * Additional Diffie-Hellman Groups for Use with IETF Standards</em>.
+ */
+#define MBEDTLS_DHM_RFC5114_MODP_2048_G                         \
+    MBEDTLS_DEPRECATED_STRING_CONSTANT(                         \
+        "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"      \
+        "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"      \
+        "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"      \
+        "C17669101999024AF4D027275AC1348BB8A762D0521BC98A"      \
+        "E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE"      \
+        "F180EB34118E98D119529A45D6F834566E3025E316A330EF"      \
+        "BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB"      \
+        "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381"      \
+        "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269"      \
+        "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179"      \
+        "81BC087F2A7065B384B890D3191F2BFA")
+
+/**
+ * The hexadecimal presentation of the prime underlying the 2048-bit MODP
+ * Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
+ * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
+ *
+ * \deprecated The hex-encoded primes from RFC 3625 are deprecated and
+ *             superseded by the corresponding macros providing them as
+ *             binary constants. Their hex-encoded constants are likely
+ *             to be removed in a future version of the library.
+ *
+ */
+#define MBEDTLS_DHM_RFC3526_MODP_2048_P                         \
+    MBEDTLS_DEPRECATED_STRING_CONSTANT(                         \
+        "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"      \
+        "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"      \
+        "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"      \
+        "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"      \
+        "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"      \
+        "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"      \
+        "83655D23DCA3AD961C62F356208552BB9ED529077096966D"      \
+        "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"      \
+        "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"      \
+        "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"      \
+        "15728E5A8AACAA68FFFFFFFFFFFFFFFF")
+
+/**
+ * The hexadecimal presentation of the chosen generator of the 2048-bit MODP
+ * Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
+ * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
+ */
+#define MBEDTLS_DHM_RFC3526_MODP_2048_G                         \
+    MBEDTLS_DEPRECATED_STRING_CONSTANT("02")
+
+/**
+ * The hexadecimal presentation of the prime underlying the 3072-bit MODP
+ * Group, as defined in <em>RFC-3072: More Modular Exponential (MODP)
+ * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
+ */
+#define MBEDTLS_DHM_RFC3526_MODP_3072_P                         \
+    MBEDTLS_DEPRECATED_STRING_CONSTANT(                         \
+        "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"      \
+        "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"      \
+        "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"      \
+        "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"      \
+        "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"      \
+        "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"      \
+        "83655D23DCA3AD961C62F356208552BB9ED529077096966D"      \
+        "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"      \
+        "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"      \
+        "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"      \
+        "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"      \
+        "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"      \
+        "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"      \
+        "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"      \
+        "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"      \
+        "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF")
+
+/**
+ * The hexadecimal presentation of the chosen generator of the 3072-bit MODP
+ * Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
+ * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
+ */
+#define MBEDTLS_DHM_RFC3526_MODP_3072_G                      \
+    MBEDTLS_DEPRECATED_STRING_CONSTANT("02")
+
+/**
+ * The hexadecimal presentation of the prime underlying the 4096-bit MODP
+ * Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
+ * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
+ */
+#define MBEDTLS_DHM_RFC3526_MODP_4096_P                      \
+    MBEDTLS_DEPRECATED_STRING_CONSTANT(                      \
+        "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"   \
+        "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"   \
+        "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"   \
+        "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"   \
+        "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"   \
+        "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"   \
+        "83655D23DCA3AD961C62F356208552BB9ED529077096966D"   \
+        "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"   \
+        "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"   \
+        "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"   \
+        "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"   \
+        "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"   \
+        "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"   \
+        "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"   \
+        "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"   \
+        "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7"   \
+        "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"   \
+        "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6"   \
+        "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"   \
+        "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9"   \
+        "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199"   \
+        "FFFFFFFFFFFFFFFF")
+
+/**
+ * The hexadecimal presentation of the chosen generator of the 4096-bit MODP
+ * Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
+ * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
+ */
+#define MBEDTLS_DHM_RFC3526_MODP_4096_G                      \
+    MBEDTLS_DEPRECATED_STRING_CONSTANT("02")
+
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
+
+/*
+ * Trustworthy DHM parameters in binary form
+ */
+
+#define MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN {        \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \
+        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \
+        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \
+        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \
+        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \
+        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \
+        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \
+        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \
+        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \
+        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \
+        0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \
+        0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \
+        0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \
+        0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \
+        0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \
+        0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \
+        0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \
+        0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \
+        0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \
+        0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \
+        0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \
+        0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \
+        0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \
+        0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \
+        0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \
+        0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \
+        0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \
+        0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \
+        0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \
+        0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+
+#define MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN { 0x02 }
+
+#define MBEDTLS_DHM_RFC3526_MODP_3072_P_BIN {       \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \
+        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \
+        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \
+        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \
+        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \
+        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \
+        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \
+        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \
+        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \
+        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \
+        0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \
+        0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \
+        0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \
+        0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \
+        0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \
+        0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \
+        0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \
+        0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \
+        0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \
+        0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \
+        0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \
+        0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \
+        0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \
+        0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \
+        0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \
+        0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \
+        0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \
+        0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \
+        0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \
+        0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, \
+        0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, \
+        0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, \
+        0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, \
+        0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, \
+        0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, \
+        0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, \
+        0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, \
+        0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, \
+        0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, \
+        0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, \
+        0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, \
+        0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, \
+        0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, \
+        0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, \
+        0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, \
+        0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA, \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+
+#define MBEDTLS_DHM_RFC3526_MODP_3072_G_BIN { 0x02 }
+
+#define MBEDTLS_DHM_RFC3526_MODP_4096_P_BIN  {       \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,  \
+        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,  \
+        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,  \
+        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,  \
+        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,  \
+        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,  \
+        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,  \
+        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,  \
+        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,  \
+        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,  \
+        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,  \
+        0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,  \
+        0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,  \
+        0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,  \
+        0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,  \
+        0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,  \
+        0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,  \
+        0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,  \
+        0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,  \
+        0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,  \
+        0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,  \
+        0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,  \
+        0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,  \
+        0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,  \
+        0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,  \
+        0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,  \
+        0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,  \
+        0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,  \
+        0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,  \
+        0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,  \
+        0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D,  \
+        0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33,  \
+        0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,  \
+        0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A,  \
+        0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,  \
+        0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,  \
+        0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7,  \
+        0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D,  \
+        0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,  \
+        0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64,  \
+        0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64,  \
+        0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,  \
+        0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C,  \
+        0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2,  \
+        0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,  \
+        0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E,  \
+        0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01,  \
+        0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,  \
+        0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,  \
+        0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C,  \
+        0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,  \
+        0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8,  \
+        0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9,  \
+        0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,  \
+        0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D,  \
+        0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,  \
+        0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,  \
+        0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF,  \
+        0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C,  \
+        0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,  \
+        0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1,  \
+        0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F,  \
+        0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99,  \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+
+#define MBEDTLS_DHM_RFC3526_MODP_4096_G_BIN { 0x02 }
+
+#define MBEDTLS_DHM_RFC7919_FFDHE2048_P_BIN {        \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+        0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
+        0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
+        0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
+        0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
+        0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
+        0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
+        0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
+        0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
+        0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
+        0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
+        0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
+        0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
+        0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
+        0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
+        0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
+        0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
+        0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
+        0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
+        0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
+        0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
+        0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
+        0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
+        0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
+        0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
+        0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
+        0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
+        0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
+        0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
+        0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
+        0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97, \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, }
+
+#define MBEDTLS_DHM_RFC7919_FFDHE2048_G_BIN { 0x02 }
+
+#define MBEDTLS_DHM_RFC7919_FFDHE3072_P_BIN { \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+        0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
+        0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
+        0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
+        0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
+        0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
+        0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
+        0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
+        0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
+        0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
+        0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
+        0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
+        0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
+        0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
+        0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
+        0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
+        0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
+        0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
+        0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
+        0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
+        0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
+        0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
+        0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
+        0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
+        0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
+        0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
+        0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
+        0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
+        0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
+        0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
+        0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
+        0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
+        0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
+        0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
+        0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
+        0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
+        0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
+        0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
+        0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
+        0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
+        0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
+        0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
+        0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
+        0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
+        0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
+        0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
+        0x25, 0xE4, 0x1D, 0x2B, 0x66, 0xC6, 0x2E, 0x37, \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+
+#define MBEDTLS_DHM_RFC7919_FFDHE3072_G_BIN { 0x02 }
+
+#define MBEDTLS_DHM_RFC7919_FFDHE4096_P_BIN {        \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+        0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
+        0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
+        0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
+        0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
+        0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
+        0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
+        0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
+        0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
+        0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
+        0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
+        0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
+        0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
+        0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
+        0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
+        0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
+        0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
+        0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
+        0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
+        0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
+        0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
+        0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
+        0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
+        0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
+        0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
+        0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
+        0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
+        0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
+        0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
+        0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
+        0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
+        0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
+        0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
+        0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
+        0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
+        0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
+        0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
+        0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
+        0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
+        0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
+        0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
+        0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
+        0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
+        0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
+        0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
+        0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
+        0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
+        0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
+        0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
+        0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
+        0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
+        0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
+        0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
+        0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
+        0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
+        0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
+        0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
+        0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
+        0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
+        0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
+        0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
+        0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
+        0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x65, 0x5F, 0x6A, \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+
+#define MBEDTLS_DHM_RFC7919_FFDHE4096_G_BIN { 0x02 }
+
+#define MBEDTLS_DHM_RFC7919_FFDHE6144_P_BIN {        \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+        0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
+        0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
+        0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
+        0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
+        0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
+        0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
+        0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
+        0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
+        0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
+        0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
+        0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
+        0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
+        0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
+        0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
+        0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
+        0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
+        0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
+        0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
+        0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
+        0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
+        0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
+        0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
+        0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
+        0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
+        0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
+        0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
+        0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
+        0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
+        0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
+        0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
+        0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
+        0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
+        0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
+        0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
+        0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
+        0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
+        0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
+        0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
+        0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
+        0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
+        0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
+        0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
+        0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
+        0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
+        0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
+        0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
+        0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
+        0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
+        0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
+        0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
+        0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
+        0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
+        0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
+        0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
+        0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
+        0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
+        0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
+        0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
+        0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
+        0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
+        0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
+        0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \
+        0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \
+        0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \
+        0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \
+        0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \
+        0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \
+        0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \
+        0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \
+        0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \
+        0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \
+        0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \
+        0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \
+        0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \
+        0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \
+        0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \
+        0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \
+        0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \
+        0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \
+        0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \
+        0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \
+        0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \
+        0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \
+        0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \
+        0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \
+        0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \
+        0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \
+        0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \
+        0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \
+        0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \
+        0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \
+        0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \
+        0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \
+        0xA4, 0x0E, 0x32, 0x9C, 0xD0, 0xE4, 0x0E, 0x65, \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+
+#define MBEDTLS_DHM_RFC7919_FFDHE6144_G_BIN { 0x02 }
+
+#define MBEDTLS_DHM_RFC7919_FFDHE8192_P_BIN {        \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+        0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
+        0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
+        0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
+        0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
+        0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
+        0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
+        0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
+        0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
+        0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
+        0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
+        0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
+        0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
+        0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
+        0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
+        0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
+        0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
+        0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
+        0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
+        0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
+        0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
+        0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
+        0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
+        0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
+        0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
+        0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
+        0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
+        0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
+        0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
+        0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
+        0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
+        0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
+        0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
+        0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
+        0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
+        0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
+        0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
+        0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
+        0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
+        0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
+        0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
+        0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
+        0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
+        0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
+        0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
+        0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
+        0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
+        0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
+        0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
+        0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
+        0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
+        0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
+        0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
+        0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
+        0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
+        0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
+        0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
+        0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
+        0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
+        0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
+        0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
+        0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
+        0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \
+        0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \
+        0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \
+        0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \
+        0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \
+        0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \
+        0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \
+        0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \
+        0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \
+        0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \
+        0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \
+        0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \
+        0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \
+        0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \
+        0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \
+        0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \
+        0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \
+        0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \
+        0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \
+        0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \
+        0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \
+        0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \
+        0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \
+        0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \
+        0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \
+        0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \
+        0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \
+        0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \
+        0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \
+        0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \
+        0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \
+        0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \
+        0xA4, 0x0E, 0x32, 0x9C, 0xCF, 0xF4, 0x6A, 0xAA, \
+        0x36, 0xAD, 0x00, 0x4C, 0xF6, 0x00, 0xC8, 0x38, \
+        0x1E, 0x42, 0x5A, 0x31, 0xD9, 0x51, 0xAE, 0x64, \
+        0xFD, 0xB2, 0x3F, 0xCE, 0xC9, 0x50, 0x9D, 0x43, \
+        0x68, 0x7F, 0xEB, 0x69, 0xED, 0xD1, 0xCC, 0x5E, \
+        0x0B, 0x8C, 0xC3, 0xBD, 0xF6, 0x4B, 0x10, 0xEF, \
+        0x86, 0xB6, 0x31, 0x42, 0xA3, 0xAB, 0x88, 0x29, \
+        0x55, 0x5B, 0x2F, 0x74, 0x7C, 0x93, 0x26, 0x65, \
+        0xCB, 0x2C, 0x0F, 0x1C, 0xC0, 0x1B, 0xD7, 0x02, \
+        0x29, 0x38, 0x88, 0x39, 0xD2, 0xAF, 0x05, 0xE4, \
+        0x54, 0x50, 0x4A, 0xC7, 0x8B, 0x75, 0x82, 0x82, \
+        0x28, 0x46, 0xC0, 0xBA, 0x35, 0xC3, 0x5F, 0x5C, \
+        0x59, 0x16, 0x0C, 0xC0, 0x46, 0xFD, 0x82, 0x51, \
+        0x54, 0x1F, 0xC6, 0x8C, 0x9C, 0x86, 0xB0, 0x22, \
+        0xBB, 0x70, 0x99, 0x87, 0x6A, 0x46, 0x0E, 0x74, \
+        0x51, 0xA8, 0xA9, 0x31, 0x09, 0x70, 0x3F, 0xEE, \
+        0x1C, 0x21, 0x7E, 0x6C, 0x38, 0x26, 0xE5, 0x2C, \
+        0x51, 0xAA, 0x69, 0x1E, 0x0E, 0x42, 0x3C, 0xFC, \
+        0x99, 0xE9, 0xE3, 0x16, 0x50, 0xC1, 0x21, 0x7B, \
+        0x62, 0x48, 0x16, 0xCD, 0xAD, 0x9A, 0x95, 0xF9, \
+        0xD5, 0xB8, 0x01, 0x94, 0x88, 0xD9, 0xC0, 0xA0, \
+        0xA1, 0xFE, 0x30, 0x75, 0xA5, 0x77, 0xE2, 0x31, \
+        0x83, 0xF8, 0x1D, 0x4A, 0x3F, 0x2F, 0xA4, 0x57, \
+        0x1E, 0xFC, 0x8C, 0xE0, 0xBA, 0x8A, 0x4F, 0xE8, \
+        0xB6, 0x85, 0x5D, 0xFE, 0x72, 0xB0, 0xA6, 0x6E, \
+        0xDE, 0xD2, 0xFB, 0xAB, 0xFB, 0xE5, 0x8A, 0x30, \
+        0xFA, 0xFA, 0xBE, 0x1C, 0x5D, 0x71, 0xA8, 0x7E, \
+        0x2F, 0x74, 0x1E, 0xF8, 0xC1, 0xFE, 0x86, 0xFE, \
+        0xA6, 0xBB, 0xFD, 0xE5, 0x30, 0x67, 0x7F, 0x0D, \
+        0x97, 0xD1, 0x1D, 0x49, 0xF7, 0xA8, 0x44, 0x3D, \
+        0x08, 0x22, 0xE5, 0x06, 0xA9, 0xF4, 0x61, 0x4E, \
+        0x01, 0x1E, 0x2A, 0x94, 0x83, 0x8F, 0xF8, 0x8C, \
+        0xD6, 0x8C, 0x8B, 0xB7, 0xC5, 0xC6, 0x42, 0x4C, \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+
+#define MBEDTLS_DHM_RFC7919_FFDHE8192_G_BIN { 0x02 }
+
+#endif /* dhm.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/ecdh.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/ecdh.h
similarity index 83%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/ecdh.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/ecdh.h
index 05855cd..6cc6cb9 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/ecdh.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/ecdh.h
@@ -14,19 +14,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #ifndef MBEDTLS_ECDH_H
@@ -52,8 +40,7 @@ extern "C" {
 /**
  * Defines the source of the imported EC key.
  */
-typedef enum
-{
+typedef enum {
     MBEDTLS_ECDH_OURS,   /**< Our key. */
     MBEDTLS_ECDH_THEIRS, /**< The key of the peer. */
 } mbedtls_ecdh_side;
@@ -65,8 +52,7 @@ typedef enum
  * Later versions of the library may add new variants, therefore users should
  * not make any assumptions about them.
  */
-typedef enum
-{
+typedef enum {
     MBEDTLS_ECDH_VARIANT_NONE = 0,   /*!< Implementation not defined. */
     MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0,/*!< The default Mbed TLS implementation */
 #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
@@ -81,8 +67,7 @@ typedef enum
  * should not make any assumptions about the structure of
  * mbedtls_ecdh_context_mbed.
  */
-typedef struct mbedtls_ecdh_context_mbed
-{
+typedef struct mbedtls_ecdh_context_mbed {
     mbedtls_ecp_group grp;   /*!< The elliptic curve used. */
     mbedtls_mpi d;           /*!< The private key. */
     mbedtls_ecp_point Q;     /*!< The public key. */
@@ -101,8 +86,7 @@ typedef struct mbedtls_ecdh_context_mbed
  *                  should not be shared between multiple threads.
  * \brief           The ECDH context structure.
  */
-typedef struct mbedtls_ecdh_context
-{
+typedef struct mbedtls_ecdh_context {
 #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
     mbedtls_ecp_group grp;   /*!< The elliptic curve used. */
     mbedtls_mpi d;           /*!< The private key. */
@@ -119,24 +103,23 @@ typedef struct mbedtls_ecdh_context
 #endif /* MBEDTLS_ECP_RESTARTABLE */
 #else
     uint8_t point_format;       /*!< The format of point export in TLS messages
-                                  as defined in RFC 4492. */
+                                   as defined in RFC 4492. */
     mbedtls_ecp_group_id grp_id;/*!< The elliptic curve used. */
     mbedtls_ecdh_variant var;   /*!< The ECDH implementation/structure used. */
-    union
-    {
+    union {
         mbedtls_ecdh_context_mbed   mbed_ecdh;
 #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
         mbedtls_ecdh_context_everest everest_ecdh;
 #endif
     } ctx;                      /*!< Implementation-specific context. The
-                                  context in use is specified by the \c var
-                                  field. */
+                                   context in use is specified by the \c var
+                                   field. */
 #if defined(MBEDTLS_ECP_RESTARTABLE)
     uint8_t restart_enabled;    /*!< The flag for restartable mode. Functions of
-                                  an alternative implementation not supporting
-                                  restartable mode must return
-                                  MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED error
-                                  if this flag is set. */
+                                   an alternative implementation not supporting
+                                   restartable mode must return
+                                   MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED error
+                                   if this flag is set. */
 #endif /* MBEDTLS_ECP_RESTARTABLE */
 #endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */
 }
@@ -149,7 +132,7 @@ mbedtls_ecdh_context;
  *
  * \return         \c 1 if the group can be used, \c 0 otherwise
  */
-int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid );
+int mbedtls_ecdh_can_do(mbedtls_ecp_group_id gid);
 
 /**
  * \brief           This function generates an ECDH keypair on an elliptic
@@ -176,9 +159,9 @@ int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid );
  * \return          Another \c MBEDTLS_ERR_ECP_XXX or
  *                  \c MBEDTLS_MPI_XXX error code on failure.
  */
-int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
-                     int (*f_rng)(void *, unsigned char *, size_t),
-                     void *p_rng );
+int mbedtls_ecdh_gen_public(mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng);
 
 /**
  * \brief           This function computes the shared secret.
@@ -214,17 +197,17 @@ int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp
  * \return          Another \c MBEDTLS_ERR_ECP_XXX or
  *                  \c MBEDTLS_MPI_XXX error code on failure.
  */
-int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
-                         const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
-                         int (*f_rng)(void *, unsigned char *, size_t),
-                         void *p_rng );
+int mbedtls_ecdh_compute_shared(mbedtls_ecp_group *grp, mbedtls_mpi *z,
+                                const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
+                                int (*f_rng)(void *, unsigned char *, size_t),
+                                void *p_rng);
 
 /**
  * \brief           This function initializes an ECDH context.
  *
  * \param ctx       The ECDH context to initialize. This must not be \c NULL.
  */
-void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx );
+void mbedtls_ecdh_init(mbedtls_ecdh_context *ctx);
 
 /**
  * \brief           This function sets up the ECDH context with the information
@@ -242,8 +225,8 @@ void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx );
  *
  * \return          \c 0 on success.
  */
-int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx,
-                        mbedtls_ecp_group_id grp_id );
+int mbedtls_ecdh_setup(mbedtls_ecdh_context *ctx,
+                       mbedtls_ecp_group_id grp_id);
 
 /**
  * \brief           This function frees a context.
@@ -252,7 +235,7 @@ int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx,
  *                  case this function does nothing. If it is not \c NULL,
  *                  it must point to an initialized ECDH context.
  */
-void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx );
+void mbedtls_ecdh_free(mbedtls_ecdh_context *ctx);
 
 /**
  * \brief           This function generates an EC key pair and exports its
@@ -279,10 +262,10 @@ void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx );
  *                  operations was reached: see \c mbedtls_ecp_set_max_ops().
  * \return          Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
  */
-int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
-                      unsigned char *buf, size_t blen,
-                      int (*f_rng)(void *, unsigned char *, size_t),
-                      void *p_rng );
+int mbedtls_ecdh_make_params(mbedtls_ecdh_context *ctx, size_t *olen,
+                             unsigned char *buf, size_t blen,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng);
 
 /**
  * \brief           This function parses the ECDHE parameters in a
@@ -308,9 +291,9 @@ int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
  * \return          An \c MBEDTLS_ERR_ECP_XXX error code on failure.
  *
  */
-int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx,
-                              const unsigned char **buf,
-                              const unsigned char *end );
+int mbedtls_ecdh_read_params(mbedtls_ecdh_context *ctx,
+                             const unsigned char **buf,
+                             const unsigned char *end);
 
 /**
  * \brief           This function sets up an ECDH context from an EC key.
@@ -331,9 +314,9 @@ int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx,
  * \return          Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
  *
  */
-int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx,
-                             const mbedtls_ecp_keypair *key,
-                             mbedtls_ecdh_side side );
+int mbedtls_ecdh_get_params(mbedtls_ecdh_context *ctx,
+                            const mbedtls_ecp_keypair *key,
+                            mbedtls_ecdh_side side);
 
 /**
  * \brief           This function generates a public key and exports it
@@ -361,10 +344,10 @@ int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx,
  *                  operations was reached: see \c mbedtls_ecp_set_max_ops().
  * \return          Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
  */
-int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
-                      unsigned char *buf, size_t blen,
-                      int (*f_rng)(void *, unsigned char *, size_t),
-                      void *p_rng );
+int mbedtls_ecdh_make_public(mbedtls_ecdh_context *ctx, size_t *olen,
+                             unsigned char *buf, size_t blen,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng);
 
 /**
  * \brief       This function parses and processes the ECDHE payload of a
@@ -385,8 +368,8 @@ int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
  * \return      \c 0 on success.
  * \return      An \c MBEDTLS_ERR_ECP_XXX error code on failure.
  */
-int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx,
-                              const unsigned char *buf, size_t blen );
+int mbedtls_ecdh_read_public(mbedtls_ecdh_context *ctx,
+                             const unsigned char *buf, size_t blen);
 
 /**
  * \brief           This function derives and exports the shared secret.
@@ -418,10 +401,10 @@ int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx,
  *                  operations was reached: see \c mbedtls_ecp_set_max_ops().
  * \return          Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
  */
-int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
-                      unsigned char *buf, size_t blen,
-                      int (*f_rng)(void *, unsigned char *, size_t),
-                      void *p_rng );
+int mbedtls_ecdh_calc_secret(mbedtls_ecdh_context *ctx, size_t *olen,
+                             unsigned char *buf, size_t blen,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng);
 
 #if defined(MBEDTLS_ECP_RESTARTABLE)
 /**
@@ -436,7 +419,7 @@ int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
  *
  * \param ctx       The ECDH context to use. This must be initialized.
  */
-void mbedtls_ecdh_enable_restart( mbedtls_ecdh_context *ctx );
+void mbedtls_ecdh_enable_restart(mbedtls_ecdh_context *ctx);
 #endif /* MBEDTLS_ECP_RESTARTABLE */
 
 #ifdef __cplusplus
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/ecdsa.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/ecdsa.h
similarity index 83%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/ecdsa.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/ecdsa.h
index 264a638..34a6b13 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/ecdsa.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/ecdsa.h
@@ -12,19 +12,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #ifndef MBEDTLS_ECDSA_H
@@ -56,13 +44,13 @@
  *
  * For each of r and s, the value (V) may include an extra initial "0" bit.
  */
-#define MBEDTLS_ECDSA_MAX_SIG_LEN( bits )                               \
-    ( /*T,L of SEQUENCE*/ ( ( bits ) >= 61 * 8 ? 3 : 2 ) +              \
-      /*T,L of r,s*/        2 * ( ( ( bits ) >= 127 * 8 ? 3 : 2 ) +     \
-      /*V of r,s*/                ( ( bits ) + 8 ) / 8 ) )
+#define MBEDTLS_ECDSA_MAX_SIG_LEN(bits)                               \
+    (/*T,L of SEQUENCE*/ ((bits) >= 61 * 8 ? 3 : 2) +              \
+     /*T,L of r,s*/ 2 * (((bits) >= 127 * 8 ? 3 : 2) +     \
+                         /*V of r,s*/ ((bits) + 8) / 8))
 
 /** The maximal size of an ECDSA signature in Bytes. */
-#define MBEDTLS_ECDSA_MAX_LEN  MBEDTLS_ECDSA_MAX_SIG_LEN( MBEDTLS_ECP_MAX_BITS )
+#define MBEDTLS_ECDSA_MAX_LEN  MBEDTLS_ECDSA_MAX_SIG_LEN(MBEDTLS_ECP_MAX_BITS)
 
 #ifdef __cplusplus
 extern "C" {
@@ -105,8 +93,7 @@ typedef struct mbedtls_ecdsa_restart_det mbedtls_ecdsa_restart_det_ctx;
 /**
  * \brief           General context for resuming ECDSA operations
  */
-typedef struct
-{
+typedef struct {
     mbedtls_ecp_restart_ctx ecp;        /*!<  base context for ECP restart and
                                               shared administrative info    */
     mbedtls_ecdsa_restart_ver_ctx *ver; /*!<  ecdsa_verify() sub-context    */
@@ -131,7 +118,7 @@ typedef void mbedtls_ecdsa_restart_ctx;
  *
  * \return         \c 1 if the group can be used, \c 0 otherwise
  */
-int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid );
+int mbedtls_ecdsa_can_do(mbedtls_ecp_group_id gid);
 
 /**
  * \brief           This function computes the ECDSA signature of a
@@ -169,12 +156,12 @@ int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid );
  * \return          An \c MBEDTLS_ERR_ECP_XXX
  *                  or \c MBEDTLS_MPI_XXX error code on failure.
  */
-int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
-                const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
-                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
+                       const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
+                       int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
 
 #if defined(MBEDTLS_ECDSA_DETERMINISTIC)
-#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
 #define MBEDTLS_DEPRECATED    __attribute__((deprecated))
 #else
@@ -228,10 +215,10 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
  * \return          An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
  *                  error code on failure.
  */
-int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r,
-                            mbedtls_mpi *s, const mbedtls_mpi *d,
-                            const unsigned char *buf, size_t blen,
-                            mbedtls_md_type_t md_alg ) MBEDTLS_DEPRECATED;
+int mbedtls_ecdsa_sign_det(mbedtls_ecp_group *grp, mbedtls_mpi *r,
+                           mbedtls_mpi *s, const mbedtls_mpi *d,
+                           const unsigned char *buf, size_t blen,
+                           mbedtls_md_type_t md_alg) MBEDTLS_DEPRECATED;
 #undef MBEDTLS_DEPRECATED
 #endif /* MBEDTLS_DEPRECATED_REMOVED */
 
@@ -267,19 +254,20 @@ int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r,
  * \param md_alg        The hash algorithm used to hash the original data.
  * \param f_rng_blind   The RNG function used for blinding. This must not be
  *                      \c NULL.
- * \param p_rng_blind   The RNG context to be passed to \p f_rng. This may be
- *                      \c NULL if \p f_rng doesn't need a context parameter.
+ * \param p_rng_blind   The RNG context to be passed to \p f_rng_blind. This
+ *                      may be \c NULL if \p f_rng_blind doesn't need
+ *                      a context parameter.
  *
  * \return          \c 0 on success.
  * \return          An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
  *                  error code on failure.
  */
-int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r,
-                            mbedtls_mpi *s, const mbedtls_mpi *d,
-                            const unsigned char *buf, size_t blen,
-                            mbedtls_md_type_t md_alg,
-                            int (*f_rng_blind)(void *, unsigned char *, size_t),
-                            void *p_rng_blind );
+int mbedtls_ecdsa_sign_det_ext(mbedtls_ecp_group *grp, mbedtls_mpi *r,
+                               mbedtls_mpi *s, const mbedtls_mpi *d,
+                               const unsigned char *buf, size_t blen,
+                               mbedtls_md_type_t md_alg,
+                               int (*f_rng_blind)(void *, unsigned char *, size_t),
+                               void *p_rng_blind);
 #endif /* MBEDTLS_ECDSA_DETERMINISTIC */
 
 /**
@@ -309,15 +297,13 @@ int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r,
  *                  This must be initialized.
  *
  * \return          \c 0 on success.
- * \return          #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the signature
- *                  is invalid.
  * \return          An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
- *                  error code on failure for any other reason.
+ *                  error code on failure.
  */
-int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
-                          const unsigned char *buf, size_t blen,
-                          const mbedtls_ecp_point *Q, const mbedtls_mpi *r,
-                          const mbedtls_mpi *s);
+int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp,
+                         const unsigned char *buf, size_t blen,
+                         const mbedtls_ecp_point *Q, const mbedtls_mpi *r,
+                         const mbedtls_mpi *s);
 
 /**
  * \brief           This function computes the ECDSA signature and writes it
@@ -347,7 +333,7 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
  *                  via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair().
  * \param md_alg    The message digest that was used to hash the message.
  * \param hash      The message hash to be signed. This must be a readable
- *                  buffer of length \p blen Bytes.
+ *                  buffer of length \p hlen Bytes.
  * \param hlen      The length of the hash \p hash in Bytes.
  * \param sig       The buffer to which to write the signature. This must be a
  *                  writable buffer of length at least twice as large as the
@@ -367,12 +353,12 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
  * \return          An \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or
  *                  \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx,
-                                   mbedtls_md_type_t md_alg,
-                           const unsigned char *hash, size_t hlen,
-                           unsigned char *sig, size_t *slen,
-                           int (*f_rng)(void *, unsigned char *, size_t),
-                           void *p_rng );
+int mbedtls_ecdsa_write_signature(mbedtls_ecdsa_context *ctx,
+                                  mbedtls_md_type_t md_alg,
+                                  const unsigned char *hash, size_t hlen,
+                                  unsigned char *sig, size_t *slen,
+                                  int (*f_rng)(void *, unsigned char *, size_t),
+                                  void *p_rng);
 
 /**
  * \brief           This function computes the ECDSA signature and writes it
@@ -389,7 +375,7 @@ int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx,
  *                  via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair().
  * \param md_alg    The message digest that was used to hash the message.
  * \param hash      The message hash to be signed. This must be a readable
- *                  buffer of length \p blen Bytes.
+ *                  buffer of length \p hlen Bytes.
  * \param hlen      The length of the hash \p hash in Bytes.
  * \param sig       The buffer to which to write the signature. This must be a
  *                  writable buffer of length at least twice as large as the
@@ -413,16 +399,16 @@ int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx,
  * \return          Another \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or
  *                  \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx,
-                           mbedtls_md_type_t md_alg,
-                           const unsigned char *hash, size_t hlen,
-                           unsigned char *sig, size_t *slen,
-                           int (*f_rng)(void *, unsigned char *, size_t),
-                           void *p_rng,
-                           mbedtls_ecdsa_restart_ctx *rs_ctx );
+int mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx,
+                                              mbedtls_md_type_t md_alg,
+                                              const unsigned char *hash, size_t hlen,
+                                              unsigned char *sig, size_t *slen,
+                                              int (*f_rng)(void *, unsigned char *, size_t),
+                                              void *p_rng,
+                                              mbedtls_ecdsa_restart_ctx *rs_ctx);
 
 #if defined(MBEDTLS_ECDSA_DETERMINISTIC)
-#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
 #define MBEDTLS_DEPRECATED    __attribute__((deprecated))
 #else
@@ -456,7 +442,7 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx,
  *                  and have a group and private key bound to it, for example
  *                  via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair().
  * \param hash      The message hash to be signed. This must be a readable
- *                  buffer of length \p blen Bytes.
+ *                  buffer of length \p hlen Bytes.
  * \param hlen      The length of the hash \p hash in Bytes.
  * \param sig       The buffer to which to write the signature. This must be a
  *                  writable buffer of length at least twice as large as the
@@ -471,10 +457,10 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx,
  * \return          An \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or
  *                  \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx,
-                               const unsigned char *hash, size_t hlen,
-                               unsigned char *sig, size_t *slen,
-                               mbedtls_md_type_t md_alg ) MBEDTLS_DEPRECATED;
+int mbedtls_ecdsa_write_signature_det(mbedtls_ecdsa_context *ctx,
+                                      const unsigned char *hash, size_t hlen,
+                                      unsigned char *sig, size_t *slen,
+                                      mbedtls_md_type_t md_alg) MBEDTLS_DEPRECATED;
 #undef MBEDTLS_DEPRECATED
 #endif /* MBEDTLS_DEPRECATED_REMOVED */
 #endif /* MBEDTLS_ECDSA_DETERMINISTIC */
@@ -493,7 +479,7 @@ int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx,
  * \param ctx       The ECDSA context to use. This must be initialized
  *                  and have a group and public key bound to it.
  * \param hash      The message hash that was signed. This must be a readable
- *                  buffer of length \p size Bytes.
+ *                  buffer of length \p hlen Bytes.
  * \param hlen      The size of the hash \p hash.
  * \param sig       The signature to read and verify. This must be a readable
  *                  buffer of length \p slen Bytes.
@@ -506,9 +492,9 @@ int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx,
  * \return          An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX
  *                  error code on failure for any other reason.
  */
-int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx,
-                          const unsigned char *hash, size_t hlen,
-                          const unsigned char *sig, size_t slen );
+int mbedtls_ecdsa_read_signature(mbedtls_ecdsa_context *ctx,
+                                 const unsigned char *hash, size_t hlen,
+                                 const unsigned char *sig, size_t slen);
 
 /**
  * \brief           This function reads and verifies an ECDSA signature,
@@ -523,7 +509,7 @@ int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx,
  * \param ctx       The ECDSA context to use. This must be initialized
  *                  and have a group and public key bound to it.
  * \param hash      The message hash that was signed. This must be a readable
- *                  buffer of length \p size Bytes.
+ *                  buffer of length \p hlen Bytes.
  * \param hlen      The size of the hash \p hash.
  * \param sig       The signature to read and verify. This must be a readable
  *                  buffer of length \p slen Bytes.
@@ -541,10 +527,10 @@ int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx,
  * \return          Another \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX
  *                  error code on failure for any other reason.
  */
-int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx,
-                          const unsigned char *hash, size_t hlen,
-                          const unsigned char *sig, size_t slen,
-                          mbedtls_ecdsa_restart_ctx *rs_ctx );
+int mbedtls_ecdsa_read_signature_restartable(mbedtls_ecdsa_context *ctx,
+                                             const unsigned char *hash, size_t hlen,
+                                             const unsigned char *sig, size_t slen,
+                                             mbedtls_ecdsa_restart_ctx *rs_ctx);
 
 /**
  * \brief          This function generates an ECDSA keypair on the given curve.
@@ -562,8 +548,8 @@ int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx,
  * \return         \c 0 on success.
  * \return         An \c MBEDTLS_ERR_ECP_XXX code on failure.
  */
-int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
-                  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+int mbedtls_ecdsa_genkey(mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
+                         int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
 
 /**
  * \brief           This function sets up an ECDSA context from an EC key pair.
@@ -580,8 +566,8 @@ int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
  * \return          \c 0 on success.
  * \return          An \c MBEDTLS_ERR_ECP_XXX code on failure.
  */
-int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx,
-                                const mbedtls_ecp_keypair *key );
+int mbedtls_ecdsa_from_keypair(mbedtls_ecdsa_context *ctx,
+                               const mbedtls_ecp_keypair *key);
 
 /**
  * \brief           This function initializes an ECDSA context.
@@ -589,7 +575,7 @@ int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx,
  * \param ctx       The ECDSA context to initialize.
  *                  This must not be \c NULL.
  */
-void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx );
+void mbedtls_ecdsa_init(mbedtls_ecdsa_context *ctx);
 
 /**
  * \brief           This function frees an ECDSA context.
@@ -598,7 +584,7 @@ void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx );
  *                  in which case this function does nothing. If it
  *                  is not \c NULL, it must be initialized.
  */
-void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx );
+void mbedtls_ecdsa_free(mbedtls_ecdsa_context *ctx);
 
 #if defined(MBEDTLS_ECP_RESTARTABLE)
 /**
@@ -607,7 +593,7 @@ void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx );
  * \param ctx       The restart context to initialize.
  *                  This must not be \c NULL.
  */
-void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx );
+void mbedtls_ecdsa_restart_init(mbedtls_ecdsa_restart_ctx *ctx);
 
 /**
  * \brief           Free the components of a restart context.
@@ -616,7 +602,7 @@ void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx );
  *                  in which case this function does nothing. If it
  *                  is not \c NULL, it must be initialized.
  */
-void mbedtls_ecdsa_restart_free( mbedtls_ecdsa_restart_ctx *ctx );
+void mbedtls_ecdsa_restart_free(mbedtls_ecdsa_restart_ctx *ctx);
 #endif /* MBEDTLS_ECP_RESTARTABLE */
 
 #ifdef __cplusplus
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/ecjpake.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/ecjpake.h
similarity index 78%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/ecjpake.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/ecjpake.h
index 891705d..1a98442 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/ecjpake.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/ecjpake.h
@@ -5,19 +5,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 #ifndef MBEDTLS_ECJPAKE_H
 #define MBEDTLS_ECJPAKE_H
@@ -68,11 +56,10 @@ typedef enum {
  * (KeyExchange) as defined by the Thread spec.
  *
  * In order to benefit from this symmetry, we choose a different naming
- * convetion from the Thread v1.0 spec. Correspondance is indicated in the
+ * convention from the Thread v1.0 spec. Correspondence is indicated in the
  * description as a pair C: client name, S: server name
  */
-typedef struct mbedtls_ecjpake_context
-{
+typedef struct mbedtls_ecjpake_context {
     const mbedtls_md_info_t *md_info;   /**< Hash to use                    */
     mbedtls_ecp_group grp;              /**< Elliptic curve                 */
     mbedtls_ecjpake_role role;          /**< Are we client or server?       */
@@ -100,7 +87,7 @@ typedef struct mbedtls_ecjpake_context
  * \param ctx       The ECJPAKE context to initialize.
  *                  This must not be \c NULL.
  */
-void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx );
+void mbedtls_ecjpake_init(mbedtls_ecjpake_context *ctx);
 
 /**
  * \brief           Set up an ECJPAKE context for use.
@@ -123,12 +110,12 @@ void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx );
  * \return          \c 0 if successful.
  * \return          A negative error code on failure.
  */
-int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx,
-                           mbedtls_ecjpake_role role,
-                           mbedtls_md_type_t hash,
-                           mbedtls_ecp_group_id curve,
-                           const unsigned char *secret,
-                           size_t len );
+int mbedtls_ecjpake_setup(mbedtls_ecjpake_context *ctx,
+                          mbedtls_ecjpake_role role,
+                          mbedtls_md_type_t hash,
+                          mbedtls_ecp_group_id curve,
+                          const unsigned char *secret,
+                          size_t len);
 
 /**
  * \brief           Check if an ECJPAKE context is ready for use.
@@ -139,7 +126,7 @@ int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx,
  * \return          \c 0 if the context is ready for use.
  * \return          #MBEDTLS_ERR_ECP_BAD_INPUT_DATA otherwise.
  */
-int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx );
+int mbedtls_ecjpake_check(const mbedtls_ecjpake_context *ctx);
 
 /**
  * \brief           Generate and write the first round message
@@ -160,10 +147,10 @@ int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx );
  * \return          \c 0 if successful.
  * \return          A negative error code on failure.
  */
-int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx,
-                            unsigned char *buf, size_t len, size_t *olen,
-                            int (*f_rng)(void *, unsigned char *, size_t),
-                            void *p_rng );
+int mbedtls_ecjpake_write_round_one(mbedtls_ecjpake_context *ctx,
+                                    unsigned char *buf, size_t len, size_t *olen,
+                                    int (*f_rng)(void *, unsigned char *, size_t),
+                                    void *p_rng);
 
 /**
  * \brief           Read and process the first round message
@@ -179,9 +166,9 @@ int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx,
  * \return          \c 0 if successful.
  * \return          A negative error code on failure.
  */
-int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx,
-                                    const unsigned char *buf,
-                                    size_t len );
+int mbedtls_ecjpake_read_round_one(mbedtls_ecjpake_context *ctx,
+                                   const unsigned char *buf,
+                                   size_t len);
 
 /**
  * \brief           Generate and write the second round message
@@ -201,10 +188,10 @@ int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx,
  * \return          \c 0 if successful.
  * \return          A negative error code on failure.
  */
-int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx,
-                            unsigned char *buf, size_t len, size_t *olen,
-                            int (*f_rng)(void *, unsigned char *, size_t),
-                            void *p_rng );
+int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx,
+                                    unsigned char *buf, size_t len, size_t *olen,
+                                    int (*f_rng)(void *, unsigned char *, size_t),
+                                    void *p_rng);
 
 /**
  * \brief           Read and process the second round message
@@ -219,9 +206,9 @@ int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx,
  * \return          \c 0 if successful.
  * \return          A negative error code on failure.
  */
-int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx,
-                                    const unsigned char *buf,
-                                    size_t len );
+int mbedtls_ecjpake_read_round_two(mbedtls_ecjpake_context *ctx,
+                                   const unsigned char *buf,
+                                   size_t len);
 
 /**
  * \brief           Derive the shared secret
@@ -241,10 +228,10 @@ int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx,
  * \return          \c 0 if successful.
  * \return          A negative error code on failure.
  */
-int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx,
-                            unsigned char *buf, size_t len, size_t *olen,
-                            int (*f_rng)(void *, unsigned char *, size_t),
-                            void *p_rng );
+int mbedtls_ecjpake_derive_secret(mbedtls_ecjpake_context *ctx,
+                                  unsigned char *buf, size_t len, size_t *olen,
+                                  int (*f_rng)(void *, unsigned char *, size_t),
+                                  void *p_rng);
 
 /**
  * \brief           This clears an ECJPAKE context and frees any
@@ -254,7 +241,7 @@ int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx,
  *                  in which case this function does nothing. If it is not
  *                  \c NULL, it must point to an initialized ECJPAKE context.
  */
-void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx );
+void mbedtls_ecjpake_free(mbedtls_ecjpake_context *ctx);
 
 #if defined(MBEDTLS_SELF_TEST)
 
@@ -263,7 +250,7 @@ void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx );
  *
  * \return         0 if successful, or 1 if a test failed
  */
-int mbedtls_ecjpake_self_test( int verbose );
+int mbedtls_ecjpake_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/ecp.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/ecp.h
similarity index 81%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/ecp.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/ecp.h
index 34dd0ea..e4e40c0 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/ecp.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/ecp.h
@@ -16,19 +16,7 @@
 
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #ifndef MBEDTLS_ECP_H
@@ -42,22 +30,37 @@
 
 #include "mbedtls/bignum.h"
 
+#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
 /*
  * ECP error codes
  */
-#define MBEDTLS_ERR_ECP_BAD_INPUT_DATA                    -0x4F80  /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL                  -0x4F00  /**< The buffer is too small to write to. */
-#define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE               -0x4E80  /**< The requested feature is not available, for example, the requested curve is not supported. */
-#define MBEDTLS_ERR_ECP_VERIFY_FAILED                     -0x4E00  /**< The signature is not valid. */
-#define MBEDTLS_ERR_ECP_ALLOC_FAILED                      -0x4D80  /**< Memory allocation failed. */
-#define MBEDTLS_ERR_ECP_RANDOM_FAILED                     -0x4D00  /**< Generation of random value, such as ephemeral key, failed. */
-#define MBEDTLS_ERR_ECP_INVALID_KEY                       -0x4C80  /**< Invalid private or public key. */
-#define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH                  -0x4C00  /**< The buffer contains a valid signature followed by more data. */
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_ECP_BAD_INPUT_DATA                    -0x4F80
+/** The buffer is too small to write to. */
+#define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL                  -0x4F00
+/** The requested feature is not available, for example, the requested curve is not supported. */
+#define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE               -0x4E80
+/** The signature is not valid. */
+#define MBEDTLS_ERR_ECP_VERIFY_FAILED                     -0x4E00
+/** Memory allocation failed. */
+#define MBEDTLS_ERR_ECP_ALLOC_FAILED                      -0x4D80
+/** Generation of random value, such as ephemeral key, failed. */
+#define MBEDTLS_ERR_ECP_RANDOM_FAILED                     -0x4D00
+/** Invalid private or public key. */
+#define MBEDTLS_ERR_ECP_INVALID_KEY                       -0x4C80
+/** The buffer contains a valid signature followed by more data. */
+#define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH                  -0x4C00
 
 /* MBEDTLS_ERR_ECP_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_ECP_HW_ACCEL_FAILED                   -0x4B80  /**< The ECP hardware accelerator failed. */
+/** The ECP hardware accelerator failed. */
+#define MBEDTLS_ERR_ECP_HW_ACCEL_FAILED                   -0x4B80
 
-#define MBEDTLS_ERR_ECP_IN_PROGRESS                       -0x4B00  /**< Operation in progress, call again with the same parameters to continue. */
+/** Operation in progress, call again with the same parameters to continue. */
+#define MBEDTLS_ERR_ECP_IN_PROGRESS                       -0x4B00
 
 /* Flags indicating whether to include code that is specific to certain
  * types of curves. These flags are for internal library use only. */
@@ -96,6 +99,7 @@ extern "C" {
  * - Add it at the end of this enum, otherwise you'll break the ABI by
  *   changing the numerical value for existing curves.
  * - Increment MBEDTLS_ECP_DP_MAX below if needed.
+ * - Update the calculation of MBEDTLS_ECP_MAX_BITS_MIN below.
  * - Add the corresponding MBEDTLS_ECP_DP_xxx_ENABLED macro definition to
  *   config.h.
  * - List the curve as a dependency of MBEDTLS_ECP_C and
@@ -106,8 +110,7 @@ extern "C" {
  * - Add the curve to the ecp_supported_curves array in ecp.c.
  * - Add the curve to applicable profiles in x509_crt.c if applicable.
  */
-typedef enum
-{
+typedef enum {
     MBEDTLS_ECP_DP_NONE = 0,       /*!< Curve not defined. */
     MBEDTLS_ECP_DP_SECP192R1,      /*!< Domain parameters for the 192-bit curve defined by FIPS 186-4 and SEC1. */
     MBEDTLS_ECP_DP_SECP224R1,      /*!< Domain parameters for the 224-bit curve defined by FIPS 186-4 and SEC1. */
@@ -134,8 +137,7 @@ typedef enum
 /*
  * Curve types
  */
-typedef enum
-{
+typedef enum {
     MBEDTLS_ECP_TYPE_NONE = 0,
     MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS,    /* y^2 = x^3 + a x + b      */
     MBEDTLS_ECP_TYPE_MONTGOMERY,           /* y^2 = x^3 + a x^2 + x    */
@@ -144,8 +146,7 @@ typedef enum
 /**
  * Curve information, for use by other modules.
  */
-typedef struct mbedtls_ecp_curve_info
-{
+typedef struct mbedtls_ecp_curve_info {
     mbedtls_ecp_group_id grp_id;    /*!< An internal identifier. */
     uint16_t tls_id;                /*!< The TLS NamedCurve identifier. */
     uint16_t bit_size;              /*!< The curve size in bits. */
@@ -163,17 +164,50 @@ typedef struct mbedtls_ecp_curve_info
  *                  Otherwise, \p X and \p Y are its standard (affine)
  *                  coordinates.
  */
-typedef struct mbedtls_ecp_point
-{
+typedef struct mbedtls_ecp_point {
     mbedtls_mpi X;          /*!< The X coordinate of the ECP point. */
     mbedtls_mpi Y;          /*!< The Y coordinate of the ECP point. */
     mbedtls_mpi Z;          /*!< The Z coordinate of the ECP point. */
 }
 mbedtls_ecp_point;
 
+/* Determine the minimum safe value of MBEDTLS_ECP_MAX_BITS. */
+#if !defined(MBEDTLS_ECP_C)
+#define MBEDTLS_ECP_MAX_BITS_MIN 0
+/* Note: the curves must be listed in DECREASING size! */
+#elif defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 521
+#elif defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 512
+#elif defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 448
+#elif defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 384
+#elif defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 384
+#elif defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 256
+#elif defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 256
+#elif defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 256
+#elif defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 255
+#elif defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 225 // n is slightly above 2^224
+#elif defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 224
+#elif defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 192
+#elif defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+#define MBEDTLS_ECP_MAX_BITS_MIN 192
+#else
+#error "MBEDTLS_ECP_C enabled, but no curve?"
+#endif
+
 #if !defined(MBEDTLS_ECP_ALT)
 /*
- * default mbed TLS elliptic curve arithmetic implementation
+ * default Mbed TLS elliptic curve arithmetic implementation
  *
  * (in case MBEDTLS_ECP_ALT is defined then the developer has to provide an
  * alternative implementation for the whole module and it will replace this
@@ -195,6 +229,27 @@ mbedtls_ecp_point;
  * odd prime as mbedtls_ecp_mul() requires an odd number, and
  * mbedtls_ecdsa_sign() requires that it is prime for blinding purposes.
  *
+ * The default implementation only initializes \p A without setting it to the
+ * authentic value for curves with <code>A = -3</code>(SECP256R1, etc), in which
+ * case you need to load \p A by yourself when using domain parameters directly,
+ * for example:
+ * \code
+ * mbedtls_mpi_init(&A);
+ * mbedtls_ecp_group_init(&grp);
+ * CHECK_RETURN(mbedtls_ecp_group_load(&grp, grp_id));
+ * if (mbedtls_ecp_group_a_is_minus_3(&grp)) {
+ *     CHECK_RETURN(mbedtls_mpi_sub_int(&A, &grp.P, 3));
+ * } else {
+ *     CHECK_RETURN(mbedtls_mpi_copy(&A, &grp.A));
+ * }
+ *
+ * do_something_with_a(&A);
+ *
+ * cleanup:
+ * mbedtls_mpi_free(&A);
+ * mbedtls_ecp_group_free(&grp);
+ * \endcode
+ *
  * For Montgomery curves, we do not store \p A, but <code>(A + 2) / 4</code>,
  * which is the quantity used in the formulas. Additionally, \p nbits is
  * not the size of \p N but the required size for private keys.
@@ -212,12 +267,14 @@ mbedtls_ecp_point;
  *              identical.
  *
  */
-typedef struct mbedtls_ecp_group
-{
+typedef struct mbedtls_ecp_group {
     mbedtls_ecp_group_id id;    /*!< An internal group identifier. */
     mbedtls_mpi P;              /*!< The prime modulus of the base field. */
-    mbedtls_mpi A;              /*!< For Short Weierstrass: \p A in the equation. For
-                                     Montgomery curves: <code>(A + 2) / 4</code>. */
+    mbedtls_mpi A;              /*!< For Short Weierstrass: \p A in the equation. Note that
+                                     \p A is not set to the authentic value in some cases.
+                                     Refer to detailed description of ::mbedtls_ecp_group if
+                                     using domain parameters in the structure.
+                                     For Montgomery curves: <code>(A + 2) / 4</code>. */
     mbedtls_mpi B;              /*!< For Short Weierstrass: \p B in the equation.
                                      For Montgomery curves: unused. */
     mbedtls_ecp_point G;        /*!< The generator of the subgroup used. */
@@ -245,20 +302,33 @@ mbedtls_ecp_group;
  * \{
  */
 
-#if !defined(MBEDTLS_ECP_MAX_BITS)
+#if defined(MBEDTLS_ECP_MAX_BITS)
+
+#if MBEDTLS_ECP_MAX_BITS < MBEDTLS_ECP_MAX_BITS_MIN
+#error "MBEDTLS_ECP_MAX_BITS is smaller than the largest supported curve"
+#endif
+
+#elif defined(MBEDTLS_ECP_C)
 /**
  * The maximum size of the groups, that is, of \c N and \c P.
  */
-#define MBEDTLS_ECP_MAX_BITS     521   /**< The maximum size of groups, in bits. */
+#define MBEDTLS_ECP_MAX_BITS     MBEDTLS_ECP_MAX_BITS_MIN
+
+#else
+/* MBEDTLS_ECP_MAX_BITS is not relevant without MBEDTLS_ECP_C, but set it
+ * to a nonzero value so that code that unconditionally allocates an array
+ * of a size based on it keeps working if built without ECC support. */
+#define MBEDTLS_ECP_MAX_BITS 1
 #endif
 
-#define MBEDTLS_ECP_MAX_BYTES    ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 )
-#define MBEDTLS_ECP_MAX_PT_LEN   ( 2 * MBEDTLS_ECP_MAX_BYTES + 1 )
+#define MBEDTLS_ECP_MAX_BYTES    ((MBEDTLS_ECP_MAX_BITS + 7) / 8)
+#define MBEDTLS_ECP_MAX_PT_LEN   (2 * MBEDTLS_ECP_MAX_BYTES + 1)
 
 #if !defined(MBEDTLS_ECP_WINDOW_SIZE)
 /*
  * Maximum "window" size used for point multiplication.
- * Default: 6.
+ * Default: a point where higher memory usage yields diminishing performance
+ *          returns.
  * Minimum value: 2. Maximum value: 7.
  *
  * Result is an array of at most ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) )
@@ -275,7 +345,7 @@ mbedtls_ecp_group;
  *      224       475     475     453     398     342
  *      192       640     640     633     587     476
  */
-#define MBEDTLS_ECP_WINDOW_SIZE    6   /**< The maximum window size used. */
+#define MBEDTLS_ECP_WINDOW_SIZE    4   /**< The maximum window size used. */
 #endif /* MBEDTLS_ECP_WINDOW_SIZE */
 
 #if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)
@@ -293,7 +363,7 @@ mbedtls_ecp_group;
 #define MBEDTLS_ECP_FIXED_POINT_OPTIM  1   /**< Enable fixed-point speed-up. */
 #endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */
 
-/* \} name SECTION: Module settings */
+/** \} name SECTION: Module settings */
 
 #else  /* MBEDTLS_ECP_ALT */
 #include "ecp_alt.h"
@@ -318,8 +388,7 @@ typedef struct mbedtls_ecp_restart_muladd mbedtls_ecp_restart_muladd_ctx;
 /**
  * \brief           General context for resuming ECC operations
  */
-typedef struct
-{
+typedef struct {
     unsigned ops_done;                  /*!<  current ops count             */
     unsigned depth;                     /*!<  call depth (0 = top-level)    */
     mbedtls_ecp_restart_mul_ctx *rsm;   /*!<  ecp_mul_comb() sub-context    */
@@ -345,18 +414,18 @@ typedef struct
  * \return          \c 0 if doing \p ops basic ops is still allowed,
  * \return          #MBEDTLS_ERR_ECP_IN_PROGRESS otherwise.
  */
-int mbedtls_ecp_check_budget( const mbedtls_ecp_group *grp,
-                              mbedtls_ecp_restart_ctx *rs_ctx,
-                              unsigned ops );
+int mbedtls_ecp_check_budget(const mbedtls_ecp_group *grp,
+                             mbedtls_ecp_restart_ctx *rs_ctx,
+                             unsigned ops);
 
 /* Utility macro for checking and updating ops budget */
-#define MBEDTLS_ECP_BUDGET( ops )   \
-    MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, rs_ctx, \
-                                               (unsigned) (ops) ) );
+#define MBEDTLS_ECP_BUDGET(ops)   \
+    MBEDTLS_MPI_CHK(mbedtls_ecp_check_budget(grp, rs_ctx, \
+                                             (unsigned) (ops)));
 
 #else /* MBEDTLS_ECP_RESTARTABLE */
 
-#define MBEDTLS_ECP_BUDGET( ops )   /* no-op; for compatibility */
+#define MBEDTLS_ECP_BUDGET(ops)     /* no-op; for compatibility */
 
 /* We want to declare restartable versions of existing functions anyway */
 typedef void mbedtls_ecp_restart_ctx;
@@ -371,8 +440,7 @@ typedef void mbedtls_ecp_restart_ctx;
  * \note    Members are deliberately in the same order as in the
  *          ::mbedtls_ecdsa_context structure.
  */
-typedef struct mbedtls_ecp_keypair
-{
+typedef struct mbedtls_ecp_keypair {
     mbedtls_ecp_group grp;      /*!<  Elliptic curve and base point     */
     mbedtls_mpi d;              /*!<  our secret value                  */
     mbedtls_ecp_point Q;        /*!<  our public value                  */
@@ -448,7 +516,7 @@ mbedtls_ecp_keypair;
  *
  * \note            This setting is currently ignored by Curve25519.
  */
-void mbedtls_ecp_set_max_ops( unsigned max_ops );
+void mbedtls_ecp_set_max_ops(unsigned max_ops);
 
 /**
  * \brief           Check if restart is enabled (max_ops != 0)
@@ -456,18 +524,17 @@ void mbedtls_ecp_set_max_ops( unsigned max_ops );
  * \return          \c 0 if \c max_ops == 0 (restart disabled)
  * \return          \c 1 otherwise (restart enabled)
  */
-int mbedtls_ecp_restart_is_enabled( void );
+int mbedtls_ecp_restart_is_enabled(void);
 #endif /* MBEDTLS_ECP_RESTARTABLE */
 
 /*
  * Get the type of a curve
  */
-mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp );
+mbedtls_ecp_curve_type mbedtls_ecp_get_type(const mbedtls_ecp_group *grp);
 
 /**
  * \brief           This function retrieves the information defined in
- *                  mbedtls_ecp_curve_info() for all supported curves in order
- *                  of preference.
+ *                  mbedtls_ecp_curve_info() for all supported curves.
  *
  * \note            This function returns information about all curves
  *                  supported by the library. Some curves may not be
@@ -477,7 +544,7 @@ mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp );
  *
  * \return          A statically allocated array. The last entry is 0.
  */
-const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void );
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list(void);
 
 /**
  * \brief           This function retrieves the list of internal group
@@ -493,7 +560,7 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void );
  * \return          A statically allocated array,
  *                  terminated with MBEDTLS_ECP_DP_NONE.
  */
-const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void );
+const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list(void);
 
 /**
  * \brief           This function retrieves curve information from an internal
@@ -504,7 +571,7 @@ const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void );
  * \return          The associated curve information on success.
  * \return          NULL on failure.
  */
-const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_group_id grp_id );
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id(mbedtls_ecp_group_id grp_id);
 
 /**
  * \brief           This function retrieves curve information from a TLS
@@ -515,7 +582,7 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_gr
  * \return          The associated curve information on success.
  * \return          NULL on failure.
  */
-const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_id );
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id(uint16_t tls_id);
 
 /**
  * \brief           This function retrieves curve information from a
@@ -526,14 +593,14 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_i
  * \return          The associated curve information on success.
  * \return          NULL on failure.
  */
-const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name( const char *name );
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name(const char *name);
 
 /**
  * \brief           This function initializes a point as zero.
  *
  * \param pt        The point to initialize.
  */
-void mbedtls_ecp_point_init( mbedtls_ecp_point *pt );
+void mbedtls_ecp_point_init(mbedtls_ecp_point *pt);
 
 /**
  * \brief           This function initializes an ECP group context
@@ -544,21 +611,21 @@ void mbedtls_ecp_point_init( mbedtls_ecp_point *pt );
  *                  mbedtls_ecp_group_load() or mbedtls_ecp_tls_read_group()
  *                  functions.
  */
-void mbedtls_ecp_group_init( mbedtls_ecp_group *grp );
+void mbedtls_ecp_group_init(mbedtls_ecp_group *grp);
 
 /**
  * \brief           This function initializes a key pair as an invalid one.
  *
  * \param key       The key pair to initialize.
  */
-void mbedtls_ecp_keypair_init( mbedtls_ecp_keypair *key );
+void mbedtls_ecp_keypair_init(mbedtls_ecp_keypair *key);
 
 /**
  * \brief           This function frees the components of a point.
  *
  * \param pt        The point to free.
  */
-void mbedtls_ecp_point_free( mbedtls_ecp_point *pt );
+void mbedtls_ecp_point_free(mbedtls_ecp_point *pt);
 
 /**
  * \brief           This function frees the components of an ECP group.
@@ -567,7 +634,7 @@ void mbedtls_ecp_point_free( mbedtls_ecp_point *pt );
  *                  case this function returns immediately. If it is not
  *                  \c NULL, it must point to an initialized ECP group.
  */
-void mbedtls_ecp_group_free( mbedtls_ecp_group *grp );
+void mbedtls_ecp_group_free(mbedtls_ecp_group *grp);
 
 /**
  * \brief           This function frees the components of a key pair.
@@ -576,7 +643,7 @@ void mbedtls_ecp_group_free( mbedtls_ecp_group *grp );
  *                  case this function returns immediately. If it is not
  *                  \c NULL, it must point to an initialized ECP key pair.
  */
-void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key );
+void mbedtls_ecp_keypair_free(mbedtls_ecp_keypair *key);
 
 #if defined(MBEDTLS_ECP_RESTARTABLE)
 /**
@@ -585,7 +652,7 @@ void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key );
  * \param ctx       The restart context to initialize. This must
  *                  not be \c NULL.
  */
-void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx );
+void mbedtls_ecp_restart_init(mbedtls_ecp_restart_ctx *ctx);
 
 /**
  * \brief           Free the components of a restart context.
@@ -594,7 +661,7 @@ void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx );
  *                  case this function returns immediately. If it is not
  *                  \c NULL, it must point to an initialized restart context.
  */
-void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx );
+void mbedtls_ecp_restart_free(mbedtls_ecp_restart_ctx *ctx);
 #endif /* MBEDTLS_ECP_RESTARTABLE */
 
 /**
@@ -608,7 +675,7 @@ void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx );
  * \return          #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
  * \return          Another negative error code for other kinds of failure.
  */
-int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q );
+int mbedtls_ecp_copy(mbedtls_ecp_point *P, const mbedtls_ecp_point *Q);
 
 /**
  * \brief           This function copies the contents of group \p src into
@@ -621,8 +688,8 @@ int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q );
  * \return          #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst,
-                            const mbedtls_ecp_group *src );
+int mbedtls_ecp_group_copy(mbedtls_ecp_group *dst,
+                           const mbedtls_ecp_group *src);
 
 /**
  * \brief           This function sets a point to the point at infinity.
@@ -633,7 +700,7 @@ int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst,
  * \return          #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt );
+int mbedtls_ecp_set_zero(mbedtls_ecp_point *pt);
 
 /**
  * \brief           This function checks if a point is the point at infinity.
@@ -644,7 +711,7 @@ int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt );
  * \return          \c 0 if the point is non-zero.
  * \return          A negative error code on failure.
  */
-int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt );
+int mbedtls_ecp_is_zero(mbedtls_ecp_point *pt);
 
 /**
  * \brief           This function compares two points.
@@ -658,8 +725,8 @@ int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt );
  * \return          \c 0 if the points are equal.
  * \return          #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the points are not equal.
  */
-int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P,
-                           const mbedtls_ecp_point *Q );
+int mbedtls_ecp_point_cmp(const mbedtls_ecp_point *P,
+                          const mbedtls_ecp_point *Q);
 
 /**
  * \brief           This function imports a non-zero point from two ASCII
@@ -673,8 +740,8 @@ int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P,
  * \return          \c 0 on success.
  * \return          An \c MBEDTLS_ERR_MPI_XXX error code on failure.
  */
-int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix,
-                           const char *x, const char *y );
+int mbedtls_ecp_point_read_string(mbedtls_ecp_point *P, int radix,
+                                  const char *x, const char *y);
 
 /**
  * \brief           This function exports a point into unsigned binary data.
@@ -701,10 +768,10 @@ int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix,
  *                  or the export for the given group is not implemented.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp,
-                                    const mbedtls_ecp_point *P,
-                                    int format, size_t *olen,
-                                    unsigned char *buf, size_t buflen );
+int mbedtls_ecp_point_write_binary(const mbedtls_ecp_group *grp,
+                                   const mbedtls_ecp_point *P,
+                                   int format, size_t *olen,
+                                   unsigned char *buf, size_t buflen);
 
 /**
  * \brief           This function imports a point from unsigned binary data.
@@ -728,9 +795,9 @@ int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp,
  * \return          #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the import for the
  *                  given group is not implemented.
  */
-int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp,
-                                   mbedtls_ecp_point *P,
-                                   const unsigned char *buf, size_t ilen );
+int mbedtls_ecp_point_read_binary(const mbedtls_ecp_group *grp,
+                                  mbedtls_ecp_point *P,
+                                  const unsigned char *buf, size_t ilen);
 
 /**
  * \brief           This function imports a point from a TLS ECPoint record.
@@ -750,9 +817,9 @@ int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp,
  *                  failure.
  * \return          #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid.
  */
-int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp,
-                                mbedtls_ecp_point *pt,
-                                const unsigned char **buf, size_t len );
+int mbedtls_ecp_tls_read_point(const mbedtls_ecp_group *grp,
+                               mbedtls_ecp_point *pt,
+                               const unsigned char **buf, size_t len);
 
 /**
  * \brief           This function exports a point as a TLS ECPoint record
@@ -776,10 +843,10 @@ int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp,
  *                  is too small to hold the exported point.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp,
-                                 const mbedtls_ecp_point *pt,
-                                 int format, size_t *olen,
-                                 unsigned char *buf, size_t blen );
+int mbedtls_ecp_tls_write_point(const mbedtls_ecp_group *grp,
+                                const mbedtls_ecp_point *pt,
+                                int format, size_t *olen,
+                                unsigned char *buf, size_t blen);
 
 /**
  * \brief           This function sets up an ECP group context
@@ -798,7 +865,7 @@ int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp,
  *                  correspond to a known group.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id );
+int mbedtls_ecp_group_load(mbedtls_ecp_group *grp, mbedtls_ecp_group_id id);
 
 /**
  * \brief           This function sets up an ECP group context from a TLS
@@ -817,8 +884,8 @@ int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id );
  *                  recognized.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp,
-                                const unsigned char **buf, size_t len );
+int mbedtls_ecp_tls_read_group(mbedtls_ecp_group *grp,
+                               const unsigned char **buf, size_t len);
 
 /**
  * \brief           This function extracts an elliptic curve group ID from a
@@ -838,9 +905,9 @@ int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp,
  *                  recognized.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp,
-                                   const unsigned char **buf,
-                                   size_t len );
+int mbedtls_ecp_tls_read_group_id(mbedtls_ecp_group_id *grp,
+                                  const unsigned char **buf,
+                                  size_t len);
 /**
  * \brief           This function exports an elliptic curve as a TLS
  *                  ECParameters record as defined in RFC 4492, Section 5.4.
@@ -859,9 +926,9 @@ int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp,
  *                  buffer is too small to hold the exported group.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp,
-                                 size_t *olen,
-                                 unsigned char *buf, size_t blen );
+int mbedtls_ecp_tls_write_group(const mbedtls_ecp_group *grp,
+                                size_t *olen,
+                                unsigned char *buf, size_t blen);
 
 /**
  * \brief           This function performs a scalar multiplication of a point
@@ -899,9 +966,9 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp,
  * \return          #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
-             const mbedtls_mpi *m, const mbedtls_ecp_point *P,
-             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+int mbedtls_ecp_mul(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                    const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
 
 /**
  * \brief           This function performs multiplication of a point by
@@ -933,12 +1000,32 @@ int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
  *                  operations was reached: see \c mbedtls_ecp_set_max_ops().
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
-             const mbedtls_mpi *m, const mbedtls_ecp_point *P,
-             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-             mbedtls_ecp_restart_ctx *rs_ctx );
+int mbedtls_ecp_mul_restartable(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                                const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+                                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+                                mbedtls_ecp_restart_ctx *rs_ctx);
 
 #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
+/**
+ * \brief           This function checks if domain parameter A of the curve is
+ *                  \c -3.
+ *
+ * \note            This function is only defined for short Weierstrass curves.
+ *                  It may not be included in builds without any short
+ *                  Weierstrass curve.
+ *
+ * \param grp       The ECP group to use.
+ *                  This must be initialized and have group parameters
+ *                  set, for example through mbedtls_ecp_group_load().
+ *
+ * \return          \c 1 if <code>A = -3</code>.
+ * \return          \c 0 Otherwise.
+ */
+static inline int mbedtls_ecp_group_a_is_minus_3(const mbedtls_ecp_group *grp)
+{
+    return grp->A.p == NULL;
+}
+
 /**
  * \brief           This function performs multiplication and addition of two
  *                  points by integers: \p R = \p m * \p P + \p n * \p Q
@@ -974,9 +1061,9 @@ int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
  *                  designate a short Weierstrass curve.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
-             const mbedtls_mpi *m, const mbedtls_ecp_point *P,
-             const mbedtls_mpi *n, const mbedtls_ecp_point *Q );
+int mbedtls_ecp_muladd(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                       const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+                       const mbedtls_mpi *n, const mbedtls_ecp_point *Q);
 
 /**
  * \brief           This function performs multiplication and addition of two
@@ -1019,10 +1106,10 @@ int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
  * \return          Another negative error code on other kinds of failure.
  */
 int mbedtls_ecp_muladd_restartable(
-             mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
-             const mbedtls_mpi *m, const mbedtls_ecp_point *P,
-             const mbedtls_mpi *n, const mbedtls_ecp_point *Q,
-             mbedtls_ecp_restart_ctx *rs_ctx );
+    mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+    const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+    const mbedtls_mpi *n, const mbedtls_ecp_point *Q,
+    mbedtls_ecp_restart_ctx *rs_ctx);
 #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
 
 /**
@@ -1031,7 +1118,7 @@ int mbedtls_ecp_muladd_restartable(
  *
  *                  It only checks that the point is non-zero, has
  *                  valid coordinates and lies on the curve. It does not verify
- *                  that it is indeed a multiple of \p G. This additional
+ *                  that it is indeed a multiple of \c G. This additional
  *                  check is computationally more expensive, is not required
  *                  by standards, and should not be necessary if the group
  *                  used has a small cofactor. In particular, it is useless for
@@ -1052,11 +1139,11 @@ int mbedtls_ecp_muladd_restartable(
  *                  a valid public key for the given curve.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp,
-                              const mbedtls_ecp_point *pt );
+int mbedtls_ecp_check_pubkey(const mbedtls_ecp_group *grp,
+                             const mbedtls_ecp_point *pt);
 
 /**
- * \brief           This function checks that an \p mbedtls_mpi is a
+ * \brief           This function checks that an \c mbedtls_mpi is a
  *                  valid private key for this curve.
  *
  * \note            This function uses bare components rather than an
@@ -1074,8 +1161,8 @@ int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp,
  *                  private key for the given curve.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp,
-                               const mbedtls_mpi *d );
+int mbedtls_ecp_check_privkey(const mbedtls_ecp_group *grp,
+                              const mbedtls_mpi *d);
 
 /**
  * \brief           This function generates a private key.
@@ -1092,10 +1179,10 @@ int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp,
  * \return          An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
  *                  on failure.
  */
-int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp,
-                     mbedtls_mpi *d,
-                     int (*f_rng)(void *, unsigned char *, size_t),
-                     void *p_rng );
+int mbedtls_ecp_gen_privkey(const mbedtls_ecp_group *grp,
+                            mbedtls_mpi *d,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng);
 
 /**
  * \brief           This function generates a keypair with a configurable base
@@ -1124,11 +1211,11 @@ int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp,
  * \return          An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
  *                  on failure.
  */
-int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
-                                  const mbedtls_ecp_point *G,
-                                  mbedtls_mpi *d, mbedtls_ecp_point *Q,
-                                  int (*f_rng)(void *, unsigned char *, size_t),
-                                  void *p_rng );
+int mbedtls_ecp_gen_keypair_base(mbedtls_ecp_group *grp,
+                                 const mbedtls_ecp_point *G,
+                                 mbedtls_mpi *d, mbedtls_ecp_point *Q,
+                                 int (*f_rng)(void *, unsigned char *, size_t),
+                                 void *p_rng);
 
 /**
  * \brief           This function generates an ECP keypair.
@@ -1153,10 +1240,10 @@ int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
  * \return          An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
  *                  on failure.
  */
-int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, mbedtls_mpi *d,
-                             mbedtls_ecp_point *Q,
-                             int (*f_rng)(void *, unsigned char *, size_t),
-                             void *p_rng );
+int mbedtls_ecp_gen_keypair(mbedtls_ecp_group *grp, mbedtls_mpi *d,
+                            mbedtls_ecp_point *Q,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng);
 
 /**
  * \brief           This function generates an ECP key.
@@ -1171,16 +1258,16 @@ int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, mbedtls_mpi *d,
  * \return          An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
  *                  on failure.
  */
-int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
-                         int (*f_rng)(void *, unsigned char *, size_t),
-                         void *p_rng );
+int mbedtls_ecp_gen_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
+                        int (*f_rng)(void *, unsigned char *, size_t),
+                        void *p_rng);
 
 /**
  * \brief           This function reads an elliptic curve private key.
  *
  * \param grp_id    The ECP group identifier.
  * \param key       The destination key.
- * \param buf       The the buffer containing the binary representation of the
+ * \param buf       The buffer containing the binary representation of the
  *                  key. (Big endian integer for Weierstrass curves, byte
  *                  string for Montgomery curves.)
  * \param buflen    The length of the buffer in bytes.
@@ -1193,8 +1280,8 @@ int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
  *                  the group is not implemented.
  * \return          Another negative error code on different kinds of failure.
  */
-int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
-                          const unsigned char *buf, size_t buflen );
+int mbedtls_ecp_read_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
+                         const unsigned char *buf, size_t buflen);
 
 /**
  * \brief           This function exports an elliptic curve private key.
@@ -1212,8 +1299,8 @@ int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
  *                  the group is not implemented.
  * \return          Another negative error code on different kinds of failure.
  */
-int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key,
-                           unsigned char *buf, size_t buflen );
+int mbedtls_ecp_write_key(mbedtls_ecp_keypair *key,
+                          unsigned char *buf, size_t buflen);
 
 /**
  * \brief           This function checks that the keypair objects
@@ -1232,8 +1319,8 @@ int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key,
  * \return          An \c MBEDTLS_ERR_ECP_XXX or an \c MBEDTLS_ERR_MPI_XXX
  *                  error code on calculation failure.
  */
-int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub,
-                                const mbedtls_ecp_keypair *prv );
+int mbedtls_ecp_check_pub_priv(const mbedtls_ecp_keypair *pub,
+                               const mbedtls_ecp_keypair *prv);
 
 #if defined(MBEDTLS_SELF_TEST)
 
@@ -1243,7 +1330,7 @@ int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub,
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
-int mbedtls_ecp_self_test( int verbose );
+int mbedtls_ecp_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/ecp_internal.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/ecp_internal.h
similarity index 79%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/ecp_internal.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/ecp_internal.h
index 6a47a8f..f6af5cb 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/ecp_internal.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/ecp_internal.h
@@ -6,19 +6,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 /*
@@ -76,7 +64,7 @@
  *
  * \return          Non-zero if successful.
  */
-unsigned char mbedtls_internal_ecp_grp_capable( const mbedtls_ecp_group *grp );
+unsigned char mbedtls_internal_ecp_grp_capable(const mbedtls_ecp_group *grp);
 
 /**
  * \brief           Initialise the Elliptic Curve Point module extension.
@@ -93,7 +81,7 @@ unsigned char mbedtls_internal_ecp_grp_capable( const mbedtls_ecp_group *grp );
  *
  * \return          0 if successful.
  */
-int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp );
+int mbedtls_internal_ecp_init(const mbedtls_ecp_group *grp);
 
 /**
  * \brief           Frees and deallocates the Elliptic Curve Point module
@@ -101,7 +89,7 @@ int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp );
  *
  * \param grp       The pointer to the group the module was initialised for.
  */
-void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp );
+void mbedtls_internal_ecp_free(const mbedtls_ecp_group *grp);
 
 #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
 
@@ -121,9 +109,11 @@ void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp );
  *
  * \return          0 if successful.
  */
-int mbedtls_internal_ecp_randomize_jac( const mbedtls_ecp_group *grp,
-        mbedtls_ecp_point *pt, int (*f_rng)(void *, unsigned char *, size_t),
-        void *p_rng );
+int mbedtls_internal_ecp_randomize_jac(const mbedtls_ecp_group *grp,
+                                       mbedtls_ecp_point *pt, int (*f_rng)(void *,
+                                                                           unsigned char *,
+                                                                           size_t),
+                                       void *p_rng);
 #endif
 
 #if defined(MBEDTLS_ECP_ADD_MIXED_ALT)
@@ -166,9 +156,9 @@ int mbedtls_internal_ecp_randomize_jac( const mbedtls_ecp_group *grp,
  *
  * \return          0 if successful.
  */
-int mbedtls_internal_ecp_add_mixed( const mbedtls_ecp_group *grp,
-        mbedtls_ecp_point *R, const mbedtls_ecp_point *P,
-        const mbedtls_ecp_point *Q );
+int mbedtls_internal_ecp_add_mixed(const mbedtls_ecp_group *grp,
+                                   mbedtls_ecp_point *R, const mbedtls_ecp_point *P,
+                                   const mbedtls_ecp_point *Q);
 #endif
 
 /**
@@ -191,8 +181,8 @@ int mbedtls_internal_ecp_add_mixed( const mbedtls_ecp_group *grp,
  * \return          0 if successful.
  */
 #if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT)
-int mbedtls_internal_ecp_double_jac( const mbedtls_ecp_group *grp,
-        mbedtls_ecp_point *R, const mbedtls_ecp_point *P );
+int mbedtls_internal_ecp_double_jac(const mbedtls_ecp_group *grp,
+                                    mbedtls_ecp_point *R, const mbedtls_ecp_point *P);
 #endif
 
 /**
@@ -221,8 +211,8 @@ int mbedtls_internal_ecp_double_jac( const mbedtls_ecp_group *grp,
  *                      an error if one of the points is zero.
  */
 #if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT)
-int mbedtls_internal_ecp_normalize_jac_many( const mbedtls_ecp_group *grp,
-        mbedtls_ecp_point *T[], size_t t_len );
+int mbedtls_internal_ecp_normalize_jac_many(const mbedtls_ecp_group *grp,
+                                            mbedtls_ecp_point *T[], size_t t_len);
 #endif
 
 /**
@@ -239,8 +229,8 @@ int mbedtls_internal_ecp_normalize_jac_many( const mbedtls_ecp_group *grp,
  * \return          0 if successful.
  */
 #if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT)
-int mbedtls_internal_ecp_normalize_jac( const mbedtls_ecp_group *grp,
-        mbedtls_ecp_point *pt );
+int mbedtls_internal_ecp_normalize_jac(const mbedtls_ecp_group *grp,
+                                       mbedtls_ecp_point *pt);
 #endif
 
 #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
@@ -248,9 +238,12 @@ int mbedtls_internal_ecp_normalize_jac( const mbedtls_ecp_group *grp,
 #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
 
 #if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)
-int mbedtls_internal_ecp_double_add_mxz( const mbedtls_ecp_group *grp,
-        mbedtls_ecp_point *R, mbedtls_ecp_point *S, const mbedtls_ecp_point *P,
-        const mbedtls_ecp_point *Q, const mbedtls_mpi *d );
+int mbedtls_internal_ecp_double_add_mxz(const mbedtls_ecp_group *grp,
+                                        mbedtls_ecp_point *R,
+                                        mbedtls_ecp_point *S,
+                                        const mbedtls_ecp_point *P,
+                                        const mbedtls_ecp_point *Q,
+                                        const mbedtls_mpi *d);
 #endif
 
 /**
@@ -269,9 +262,11 @@ int mbedtls_internal_ecp_double_add_mxz( const mbedtls_ecp_group *grp,
  * \return          0 if successful
  */
 #if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT)
-int mbedtls_internal_ecp_randomize_mxz( const mbedtls_ecp_group *grp,
-        mbedtls_ecp_point *P, int (*f_rng)(void *, unsigned char *, size_t),
-        void *p_rng );
+int mbedtls_internal_ecp_randomize_mxz(const mbedtls_ecp_group *grp,
+                                       mbedtls_ecp_point *P, int (*f_rng)(void *,
+                                                                          unsigned char *,
+                                                                          size_t),
+                                       void *p_rng);
 #endif
 
 /**
@@ -285,8 +280,8 @@ int mbedtls_internal_ecp_randomize_mxz( const mbedtls_ecp_group *grp,
  * \return          0 if successful
  */
 #if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
-int mbedtls_internal_ecp_normalize_mxz( const mbedtls_ecp_group *grp,
-        mbedtls_ecp_point *P );
+int mbedtls_internal_ecp_normalize_mxz(const mbedtls_ecp_group *grp,
+                                       mbedtls_ecp_point *P);
 #endif
 
 #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
@@ -294,4 +289,3 @@ int mbedtls_internal_ecp_normalize_mxz( const mbedtls_ecp_group *grp,
 #endif /* MBEDTLS_ECP_INTERNAL_ALT */
 
 #endif /* ecp_internal.h */
-
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/entropy.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/entropy.h
similarity index 78%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/entropy.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/entropy.h
index 5a9c11c..096bff8 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/entropy.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/entropy.h
@@ -5,19 +5,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 #ifndef MBEDTLS_ENTROPY_H
 #define MBEDTLS_ENTROPY_H
@@ -48,11 +36,16 @@
 #include "mbedtls/havege.h"
 #endif
 
-#define MBEDTLS_ERR_ENTROPY_SOURCE_FAILED                 -0x003C  /**< Critical entropy source failure. */
-#define MBEDTLS_ERR_ENTROPY_MAX_SOURCES                   -0x003E  /**< No more sources can be added. */
-#define MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED            -0x0040  /**< No sources have been added to poll. */
-#define MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE              -0x003D  /**< No strong sources have been added to poll. */
-#define MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR                 -0x003F  /**< Read/write error in file. */
+/** Critical entropy source failure. */
+#define MBEDTLS_ERR_ENTROPY_SOURCE_FAILED                 -0x003C
+/** No more sources can be added. */
+#define MBEDTLS_ERR_ENTROPY_MAX_SOURCES                   -0x003E
+/** No sources have been added to poll. */
+#define MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED            -0x0040
+/** No strong sources have been added to poll. */
+#define MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE              -0x003D
+/** Read/write error in file. */
+#define MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR                 -0x003F
 
 /**
  * \name SECTION: Module settings
@@ -70,7 +63,7 @@
 #define MBEDTLS_ENTROPY_MAX_GATHER      128     /**< Maximum amount requested from entropy sources */
 #endif
 
-/* \} name SECTION: Module settings */
+/** \} name SECTION: Module settings */
 
 #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
 #define MBEDTLS_ENTROPY_BLOCK_SIZE      64      /**< Block size of entropy accumulator (SHA-512) */
@@ -100,15 +93,14 @@ extern "C" {
  *                  MBEDTLS_ERR_ENTROPY_SOURCE_FAILED otherwise
  */
 typedef int (*mbedtls_entropy_f_source_ptr)(void *data, unsigned char *output, size_t len,
-                            size_t *olen);
+                                            size_t *olen);
 
 /**
  * \brief           Entropy source state
  */
-typedef struct mbedtls_entropy_source_state
-{
+typedef struct mbedtls_entropy_source_state {
     mbedtls_entropy_f_source_ptr    f_source;   /**< The entropy source callback */
-    void *          p_source;   /**< The callback data pointer */
+    void *p_source;             /**< The callback data pointer */
     size_t          size;       /**< Amount received in bytes */
     size_t          threshold;  /**< Minimum bytes required before release */
     int             strong;     /**< Is the source strong? */
@@ -118,15 +110,16 @@ mbedtls_entropy_source_state;
 /**
  * \brief           Entropy context structure
  */
-typedef struct mbedtls_entropy_context
-{
-    int accumulator_started;
+typedef struct mbedtls_entropy_context {
+    int accumulator_started; /* 0 after init.
+                              * 1 after the first update.
+                              * -1 after free. */
 #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
     mbedtls_sha512_context  accumulator;
-#else
+#elif defined(MBEDTLS_ENTROPY_SHA256_ACCUMULATOR)
     mbedtls_sha256_context  accumulator;
 #endif
-    int             source_count;
+    int             source_count; /* Number of entries used in source. */
     mbedtls_entropy_source_state    source[MBEDTLS_ENTROPY_MAX_SOURCES];
 #if defined(MBEDTLS_HAVEGE_C)
     mbedtls_havege_state    havege_data;
@@ -145,14 +138,14 @@ mbedtls_entropy_context;
  *
  * \param ctx       Entropy context to initialize
  */
-void mbedtls_entropy_init( mbedtls_entropy_context *ctx );
+void mbedtls_entropy_init(mbedtls_entropy_context *ctx);
 
 /**
  * \brief           Free the data in the context
  *
  * \param ctx       Entropy context to free
  */
-void mbedtls_entropy_free( mbedtls_entropy_context *ctx );
+void mbedtls_entropy_free(mbedtls_entropy_context *ctx);
 
 /**
  * \brief           Adds an entropy source to poll
@@ -171,9 +164,9 @@ void mbedtls_entropy_free( mbedtls_entropy_context *ctx );
  *
  * \return          0 if successful or MBEDTLS_ERR_ENTROPY_MAX_SOURCES
  */
-int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,
-                        mbedtls_entropy_f_source_ptr f_source, void *p_source,
-                        size_t threshold, int strong );
+int mbedtls_entropy_add_source(mbedtls_entropy_context *ctx,
+                               mbedtls_entropy_f_source_ptr f_source, void *p_source,
+                               size_t threshold, int strong);
 
 /**
  * \brief           Trigger an extra gather poll for the accumulator
@@ -183,7 +176,7 @@ int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,
  *
  * \return          0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
  */
-int mbedtls_entropy_gather( mbedtls_entropy_context *ctx );
+int mbedtls_entropy_gather(mbedtls_entropy_context *ctx);
 
 /**
  * \brief           Retrieve entropy from the accumulator
@@ -196,7 +189,7 @@ int mbedtls_entropy_gather( mbedtls_entropy_context *ctx );
  *
  * \return          0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
  */
-int mbedtls_entropy_func( void *data, unsigned char *output, size_t len );
+int mbedtls_entropy_func(void *data, unsigned char *output, size_t len);
 
 /**
  * \brief           Add data to the accumulator manually
@@ -208,8 +201,8 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len );
  *
  * \return          0 if successful
  */
-int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx,
-                           const unsigned char *data, size_t len );
+int mbedtls_entropy_update_manual(mbedtls_entropy_context *ctx,
+                                  const unsigned char *data, size_t len);
 
 #if defined(MBEDTLS_ENTROPY_NV_SEED)
 /**
@@ -220,7 +213,7 @@ int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx,
  *
  * \return          0 if successful
  */
-int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx );
+int mbedtls_entropy_update_nv_seed(mbedtls_entropy_context *ctx);
 #endif /* MBEDTLS_ENTROPY_NV_SEED */
 
 #if defined(MBEDTLS_FS_IO)
@@ -234,7 +227,7 @@ int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx );
  *                      MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error, or
  *                      MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
  */
-int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path );
+int mbedtls_entropy_write_seed_file(mbedtls_entropy_context *ctx, const char *path);
 
 /**
  * \brief               Read and update a seed file. Seed is added to this
@@ -248,7 +241,7 @@ int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *p
  *                      MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error,
  *                      MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
  */
-int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path );
+int mbedtls_entropy_update_seed_file(mbedtls_entropy_context *ctx, const char *path);
 #endif /* MBEDTLS_FS_IO */
 
 #if defined(MBEDTLS_SELF_TEST)
@@ -260,7 +253,7 @@ int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *
  *
  * \return         0 if successful, or 1 if a test failed
  */
-int mbedtls_entropy_self_test( int verbose );
+int mbedtls_entropy_self_test(int verbose);
 
 #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
 /**
@@ -276,7 +269,7 @@ int mbedtls_entropy_self_test( int verbose );
  *
  * \return         0 if successful, or 1 if a test failed
  */
-int mbedtls_entropy_source_self_test( int verbose );
+int mbedtls_entropy_source_self_test(int verbose);
 #endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */
 #endif /* MBEDTLS_SELF_TEST */
 
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/entropy_poll.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/entropy_poll.h
new file mode 100644
index 0000000..d7147b9
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/entropy_poll.h
@@ -0,0 +1,96 @@
+/**
+ * \file entropy_poll.h
+ *
+ * \brief Platform-specific and custom entropy polling functions
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_ENTROPY_POLL_H
+#define MBEDTLS_ENTROPY_POLL_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * Default thresholds for built-in sources, in bytes
+ */
+#define MBEDTLS_ENTROPY_MIN_PLATFORM     32     /**< Minimum for platform source    */
+#define MBEDTLS_ENTROPY_MIN_HAVEGE       32     /**< Minimum for HAVEGE             */
+#define MBEDTLS_ENTROPY_MIN_HARDCLOCK     4     /**< Minimum for mbedtls_timing_hardclock()        */
+#if !defined(MBEDTLS_ENTROPY_MIN_HARDWARE)
+#define MBEDTLS_ENTROPY_MIN_HARDWARE     32     /**< Minimum for the hardware source */
+#endif
+
+/**
+ * \brief           Entropy poll callback that provides 0 entropy.
+ */
+#if defined(MBEDTLS_TEST_NULL_ENTROPY)
+int mbedtls_null_entropy_poll(void *data,
+                              unsigned char *output, size_t len, size_t *olen);
+#endif
+
+#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
+/**
+ * \brief           Platform-specific entropy poll callback
+ */
+int mbedtls_platform_entropy_poll(void *data,
+                                  unsigned char *output, size_t len, size_t *olen);
+#endif
+
+#if defined(MBEDTLS_HAVEGE_C)
+/**
+ * \brief           HAVEGE based entropy poll callback
+ *
+ * Requires an HAVEGE state as its data pointer.
+ */
+int mbedtls_havege_poll(void *data,
+                        unsigned char *output, size_t len, size_t *olen);
+#endif
+
+#if defined(MBEDTLS_TIMING_C)
+/**
+ * \brief           mbedtls_timing_hardclock-based entropy poll callback
+ */
+int mbedtls_hardclock_poll(void *data,
+                           unsigned char *output, size_t len, size_t *olen);
+#endif
+
+#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+/**
+ * \brief           Entropy poll callback for a hardware source
+ *
+ * \warning         This is not provided by Mbed TLS!
+ *                  See \c MBEDTLS_ENTROPY_HARDWARE_ALT in config.h.
+ *
+ * \note            This must accept NULL as its first argument.
+ */
+int mbedtls_hardware_poll(void *data,
+                          unsigned char *output, size_t len, size_t *olen);
+#endif
+
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+/**
+ * \brief           Entropy poll callback for a non-volatile seed file
+ *
+ * \note            This must accept NULL as its first argument.
+ */
+int mbedtls_nv_seed_poll(void *data,
+                         unsigned char *output, size_t len, size_t *olen);
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* entropy_poll.h */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/error.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/error.h
new file mode 100644
index 0000000..7a18373
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/error.h
@@ -0,0 +1,206 @@
+/**
+ * \file error.h
+ *
+ * \brief Error to string translation
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_ERROR_H
+#define MBEDTLS_ERROR_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+
+#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+/**
+ * Error code layout.
+ *
+ * Currently we try to keep all error codes within the negative space of 16
+ * bits signed integers to support all platforms (-0x0001 - -0x7FFF). In
+ * addition we'd like to give two layers of information on the error if
+ * possible.
+ *
+ * For that purpose the error codes are segmented in the following manner:
+ *
+ * 16 bit error code bit-segmentation
+ *
+ * 1 bit  - Unused (sign bit)
+ * 3 bits - High level module ID
+ * 5 bits - Module-dependent error code
+ * 7 bits - Low level module errors
+ *
+ * For historical reasons, low-level error codes are divided in even and odd,
+ * even codes were assigned first, and -1 is reserved for other errors.
+ *
+ * Low-level module errors (0x0002-0x007E, 0x0001-0x007F)
+ *
+ * Module   Nr  Codes assigned
+ * ERROR     2  0x006E          0x0001
+ * MPI       7  0x0002-0x0010
+ * GCM       3  0x0012-0x0014   0x0013-0x0013
+ * BLOWFISH  3  0x0016-0x0018   0x0017-0x0017
+ * THREADING 3  0x001A-0x001E
+ * AES       5  0x0020-0x0022   0x0021-0x0025
+ * CAMELLIA  3  0x0024-0x0026   0x0027-0x0027
+ * XTEA      2  0x0028-0x0028   0x0029-0x0029
+ * BASE64    2  0x002A-0x002C
+ * OID       1  0x002E-0x002E   0x000B-0x000B
+ * PADLOCK   1  0x0030-0x0030
+ * DES       2  0x0032-0x0032   0x0033-0x0033
+ * CTR_DBRG  4  0x0034-0x003A
+ * ENTROPY   3  0x003C-0x0040   0x003D-0x003F
+ * NET      13  0x0042-0x0052   0x0043-0x0049
+ * ARIA      4  0x0058-0x005E
+ * ASN1      7  0x0060-0x006C
+ * CMAC      1  0x007A-0x007A
+ * PBKDF2    1  0x007C-0x007C
+ * HMAC_DRBG 4                  0x0003-0x0009
+ * CCM       3                  0x000D-0x0011
+ * ARC4      1                  0x0019-0x0019
+ * MD2       1                  0x002B-0x002B
+ * MD4       1                  0x002D-0x002D
+ * MD5       1                  0x002F-0x002F
+ * RIPEMD160 1                  0x0031-0x0031
+ * SHA1      1                  0x0035-0x0035 0x0073-0x0073
+ * SHA256    1                  0x0037-0x0037 0x0074-0x0074
+ * SHA512    1                  0x0039-0x0039 0x0075-0x0075
+ * CHACHA20  3                  0x0051-0x0055
+ * POLY1305  3                  0x0057-0x005B
+ * CHACHAPOLY 2 0x0054-0x0056
+ * PLATFORM  2  0x0070-0x0072
+ *
+ * High-level module nr (3 bits - 0x0...-0x7...)
+ * Name      ID  Nr of Errors
+ * PEM       1   9
+ * PKCS#12   1   4 (Started from top)
+ * X509      2   20
+ * PKCS5     2   4 (Started from top)
+ * DHM       3   11
+ * PK        3   15 (Started from top)
+ * RSA       4   11
+ * ECP       4   10 (Started from top)
+ * MD        5   5
+ * HKDF      5   1 (Started from top)
+ * SSL       5   2 (Started from 0x5F00)
+ * CIPHER    6   8 (Started from 0x6080)
+ * SSL       6   24 (Started from top, plus 0x6000)
+ * SSL       7   32
+ *
+ * Module dependent error code (5 bits 0x.00.-0x.F8.)
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/** Generic error */
+#define MBEDTLS_ERR_ERROR_GENERIC_ERROR       -0x0001
+/** This is a bug in the library */
+#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E
+
+/**
+ * \brief Combines a high-level and low-level error code together.
+ *
+ *        Wrapper macro for mbedtls_error_add(). See that function for
+ *        more details.
+ */
+#define MBEDTLS_ERROR_ADD(high, low) \
+    mbedtls_error_add(high, low, __FILE__, __LINE__)
+
+#if defined(MBEDTLS_TEST_HOOKS)
+/**
+ * \brief Testing hook called before adding/combining two error codes together.
+ *        Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS.
+ */
+extern void (*mbedtls_test_hook_error_add)(int, int, const char *, int);
+#endif
+
+/**
+ * \brief Combines a high-level and low-level error code together.
+ *
+ *        This function can be called directly however it is usually
+ *        called via the #MBEDTLS_ERROR_ADD macro.
+ *
+ *        While a value of zero is not a negative error code, it is still an
+ *        error code (that denotes success) and can be combined with both a
+ *        negative error code or another value of zero.
+ *
+ * \note  When invasive testing is enabled via #MBEDTLS_TEST_HOOKS, also try to
+ *        call \link mbedtls_test_hook_error_add \endlink.
+ *
+ * \param high      high-level error code. See error.h for more details.
+ * \param low       low-level error code. See error.h for more details.
+ * \param file      file where this error code addition occurred.
+ * \param line      line where this error code addition occurred.
+ */
+static inline int mbedtls_error_add(int high, int low,
+                                    const char *file, int line)
+{
+#if defined(MBEDTLS_TEST_HOOKS)
+    if (*mbedtls_test_hook_error_add != NULL) {
+        (*mbedtls_test_hook_error_add)(high, low, file, line);
+    }
+#endif
+    (void) file;
+    (void) line;
+
+    return high + low;
+}
+
+/**
+ * \brief Translate an Mbed TLS error code into a string representation.
+ *        The result is truncated if necessary and always includes a
+ *        terminating null byte.
+ *
+ * \param errnum    error code
+ * \param buffer    buffer to place representation in
+ * \param buflen    length of the buffer
+ */
+void mbedtls_strerror(int errnum, char *buffer, size_t buflen);
+
+/**
+ * \brief Translate the high-level part of an Mbed TLS error code into a string
+ *        representation.
+ *
+ * This function returns a const pointer to an un-modifiable string. The caller
+ * must not try to modify the string. It is intended to be used mostly for
+ * logging purposes.
+ *
+ * \param error_code    error code
+ *
+ * \return The string representation of the error code, or \c NULL if the error
+ *         code is unknown.
+ */
+const char *mbedtls_high_level_strerr(int error_code);
+
+/**
+ * \brief Translate the low-level part of an Mbed TLS error code into a string
+ *        representation.
+ *
+ * This function returns a const pointer to an un-modifiable string. The caller
+ * must not try to modify the string. It is intended to be used mostly for
+ * logging purposes.
+ *
+ * \param error_code    error code
+ *
+ * \return The string representation of the error code, or \c NULL if the error
+ *         code is unknown.
+ */
+const char *mbedtls_low_level_strerr(int error_code);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* error.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/gcm.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/gcm.h
similarity index 82%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/gcm.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/gcm.h
index 6b67361..1ad0e9e 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/gcm.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/gcm.h
@@ -13,19 +13,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #ifndef MBEDTLS_GCM_H
@@ -44,12 +32,15 @@
 #define MBEDTLS_GCM_ENCRYPT     1
 #define MBEDTLS_GCM_DECRYPT     0
 
-#define MBEDTLS_ERR_GCM_AUTH_FAILED                       -0x0012  /**< Authenticated decryption failed. */
+/** Authenticated decryption failed. */
+#define MBEDTLS_ERR_GCM_AUTH_FAILED                       -0x0012
 
 /* MBEDTLS_ERR_GCM_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_GCM_HW_ACCEL_FAILED                   -0x0013  /**< GCM hardware accelerator failed. */
+/** GCM hardware accelerator failed. */
+#define MBEDTLS_ERR_GCM_HW_ACCEL_FAILED                   -0x0013
 
-#define MBEDTLS_ERR_GCM_BAD_INPUT                         -0x0014  /**< Bad input parameters to function. */
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_GCM_BAD_INPUT                         -0x0014
 
 #ifdef __cplusplus
 extern "C" {
@@ -60,8 +51,7 @@ extern "C" {
 /**
  * \brief          The GCM context structure.
  */
-typedef struct mbedtls_gcm_context
-{
+typedef struct mbedtls_gcm_context {
     mbedtls_cipher_context_t cipher_ctx;  /*!< The cipher context used. */
     uint64_t HL[16];                      /*!< Precalculated HTable low. */
     uint64_t HH[16];                      /*!< Precalculated HTable high. */
@@ -71,8 +61,8 @@ typedef struct mbedtls_gcm_context
     unsigned char y[16];                  /*!< The Y working value. */
     unsigned char buf[16];                /*!< The buf working value. */
     int mode;                             /*!< The operation to perform:
-                                               #MBEDTLS_GCM_ENCRYPT or
-                                               #MBEDTLS_GCM_DECRYPT. */
+                                           #MBEDTLS_GCM_ENCRYPT or
+                                           #MBEDTLS_GCM_DECRYPT. */
 }
 mbedtls_gcm_context;
 
@@ -91,7 +81,7 @@ mbedtls_gcm_context;
  *
  * \param ctx       The GCM context to initialize. This must not be \c NULL.
  */
-void mbedtls_gcm_init( mbedtls_gcm_context *ctx );
+void mbedtls_gcm_init(mbedtls_gcm_context *ctx);
 
 /**
  * \brief           This function associates a GCM context with a
@@ -109,10 +99,10 @@ void mbedtls_gcm_init( mbedtls_gcm_context *ctx );
  * \return          \c 0 on success.
  * \return          A cipher-specific error code on failure.
  */
-int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
-                        mbedtls_cipher_id_t cipher,
-                        const unsigned char *key,
-                        unsigned int keybits );
+int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx,
+                       mbedtls_cipher_id_t cipher,
+                       const unsigned char *key,
+                       unsigned int keybits);
 
 /**
  * \brief           This function performs GCM encryption or decryption of a buffer.
@@ -165,17 +155,17 @@ int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
  *                  not valid or a cipher-specific error code if the encryption
  *                  or decryption failed.
  */
-int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx,
-                       int mode,
-                       size_t length,
-                       const unsigned char *iv,
-                       size_t iv_len,
-                       const unsigned char *add,
-                       size_t add_len,
-                       const unsigned char *input,
-                       unsigned char *output,
-                       size_t tag_len,
-                       unsigned char *tag );
+int mbedtls_gcm_crypt_and_tag(mbedtls_gcm_context *ctx,
+                              int mode,
+                              size_t length,
+                              const unsigned char *iv,
+                              size_t iv_len,
+                              const unsigned char *add,
+                              size_t add_len,
+                              const unsigned char *input,
+                              unsigned char *output,
+                              size_t tag_len,
+                              unsigned char *tag);
 
 /**
  * \brief           This function performs a GCM authenticated decryption of a
@@ -210,16 +200,16 @@ int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx,
  *                  not valid or a cipher-specific error code if the decryption
  *                  failed.
  */
-int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx,
-                      size_t length,
-                      const unsigned char *iv,
-                      size_t iv_len,
-                      const unsigned char *add,
-                      size_t add_len,
-                      const unsigned char *tag,
-                      size_t tag_len,
-                      const unsigned char *input,
-                      unsigned char *output );
+int mbedtls_gcm_auth_decrypt(mbedtls_gcm_context *ctx,
+                             size_t length,
+                             const unsigned char *iv,
+                             size_t iv_len,
+                             const unsigned char *add,
+                             size_t add_len,
+                             const unsigned char *tag,
+                             size_t tag_len,
+                             const unsigned char *input,
+                             unsigned char *output);
 
 /**
  * \brief           This function starts a GCM encryption or decryption
@@ -238,12 +228,12 @@ int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx,
  *
  * \return          \c 0 on success.
  */
-int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
-                int mode,
-                const unsigned char *iv,
-                size_t iv_len,
-                const unsigned char *add,
-                size_t add_len );
+int mbedtls_gcm_starts(mbedtls_gcm_context *ctx,
+                       int mode,
+                       const unsigned char *iv,
+                       size_t iv_len,
+                       const unsigned char *add,
+                       size_t add_len);
 
 /**
  * \brief           This function feeds an input buffer into an ongoing GCM
@@ -270,10 +260,10 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
  * \return         \c 0 on success.
  * \return         #MBEDTLS_ERR_GCM_BAD_INPUT on failure.
  */
-int mbedtls_gcm_update( mbedtls_gcm_context *ctx,
-                size_t length,
-                const unsigned char *input,
-                unsigned char *output );
+int mbedtls_gcm_update(mbedtls_gcm_context *ctx,
+                       size_t length,
+                       const unsigned char *input,
+                       unsigned char *output);
 
 /**
  * \brief           This function finishes the GCM operation and generates
@@ -291,9 +281,9 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx,
  * \return          \c 0 on success.
  * \return          #MBEDTLS_ERR_GCM_BAD_INPUT on failure.
  */
-int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
-                unsigned char *tag,
-                size_t tag_len );
+int mbedtls_gcm_finish(mbedtls_gcm_context *ctx,
+                       unsigned char *tag,
+                       size_t tag_len);
 
 /**
  * \brief           This function clears a GCM context and the underlying
@@ -302,7 +292,7 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
  * \param ctx       The GCM context to clear. If this is \c NULL, the call has
  *                  no effect. Otherwise, this must be initialized.
  */
-void mbedtls_gcm_free( mbedtls_gcm_context *ctx );
+void mbedtls_gcm_free(mbedtls_gcm_context *ctx);
 
 #if defined(MBEDTLS_SELF_TEST)
 
@@ -312,7 +302,7 @@ void mbedtls_gcm_free( mbedtls_gcm_context *ctx );
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
-int mbedtls_gcm_self_test( int verbose );
+int mbedtls_gcm_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/havege.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/havege.h
new file mode 100644
index 0000000..cdaf8a8
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/havege.h
@@ -0,0 +1,67 @@
+/**
+ * \file havege.h
+ *
+ * \brief HAVEGE: HArdware Volatile Entropy Gathering and Expansion
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_HAVEGE_H
+#define MBEDTLS_HAVEGE_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+#include <stdint.h>
+
+#define MBEDTLS_HAVEGE_COLLECT_SIZE 1024
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          HAVEGE state structure
+ */
+typedef struct mbedtls_havege_state {
+    uint32_t PT1, PT2, offset[2];
+    uint32_t pool[MBEDTLS_HAVEGE_COLLECT_SIZE];
+    uint32_t WALK[8192];
+}
+mbedtls_havege_state;
+
+/**
+ * \brief          HAVEGE initialization
+ *
+ * \param hs       HAVEGE state to be initialized
+ */
+void mbedtls_havege_init(mbedtls_havege_state *hs);
+
+/**
+ * \brief          Clear HAVEGE state
+ *
+ * \param hs       HAVEGE state to be cleared
+ */
+void mbedtls_havege_free(mbedtls_havege_state *hs);
+
+/**
+ * \brief          HAVEGE rand function
+ *
+ * \param p_rng    A HAVEGE state
+ * \param output   Buffer to fill
+ * \param len      Length of buffer
+ *
+ * \return         0
+ */
+int mbedtls_havege_random(void *p_rng, unsigned char *output, size_t len);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* havege.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/hkdf.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/hkdf.h
similarity index 75%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/hkdf.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/hkdf.h
index 2e6b363..103f329 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/hkdf.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/hkdf.h
@@ -8,19 +8,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 #ifndef MBEDTLS_HKDF_H
 #define MBEDTLS_HKDF_H
@@ -37,8 +25,9 @@
  *  \name HKDF Error codes
  *  \{
  */
-#define MBEDTLS_ERR_HKDF_BAD_INPUT_DATA  -0x5F80  /**< Bad input parameters to function. */
-/* \} name */
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_HKDF_BAD_INPUT_DATA  -0x5F80
+/** \} name */
 
 #ifdef __cplusplus
 extern "C" {
@@ -68,10 +57,10 @@ extern "C" {
  *  \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
  *          MD layer.
  */
-int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt,
-                  size_t salt_len, const unsigned char *ikm, size_t ikm_len,
-                  const unsigned char *info, size_t info_len,
-                  unsigned char *okm, size_t okm_len );
+int mbedtls_hkdf(const mbedtls_md_info_t *md, const unsigned char *salt,
+                 size_t salt_len, const unsigned char *ikm, size_t ikm_len,
+                 const unsigned char *info, size_t info_len,
+                 unsigned char *okm, size_t okm_len);
 
 /**
  *  \brief  Take the input keying material \p ikm and extract from it a
@@ -97,10 +86,10 @@ int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt,
  *  \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
  *          MD layer.
  */
-int mbedtls_hkdf_extract( const mbedtls_md_info_t *md,
-                          const unsigned char *salt, size_t salt_len,
-                          const unsigned char *ikm, size_t ikm_len,
-                          unsigned char *prk );
+int mbedtls_hkdf_extract(const mbedtls_md_info_t *md,
+                         const unsigned char *salt, size_t salt_len,
+                         const unsigned char *ikm, size_t ikm_len,
+                         unsigned char *prk);
 
 /**
  *  \brief  Expand the supplied \p prk into several additional pseudorandom
@@ -128,9 +117,9 @@ int mbedtls_hkdf_extract( const mbedtls_md_info_t *md,
  *  \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
  *          MD layer.
  */
-int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk,
-                         size_t prk_len, const unsigned char *info,
-                         size_t info_len, unsigned char *okm, size_t okm_len );
+int mbedtls_hkdf_expand(const mbedtls_md_info_t *md, const unsigned char *prk,
+                        size_t prk_len, const unsigned char *info,
+                        size_t info_len, unsigned char *okm, size_t okm_len);
 
 #ifdef __cplusplus
 }
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/hmac_drbg.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/hmac_drbg.h
new file mode 100644
index 0000000..d531382
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/hmac_drbg.h
@@ -0,0 +1,461 @@
+/**
+ * \file hmac_drbg.h
+ *
+ * \brief The HMAC_DRBG pseudorandom generator.
+ *
+ * This module implements the HMAC_DRBG pseudorandom generator described
+ * in <em>NIST SP 800-90A: Recommendation for Random Number Generation Using
+ * Deterministic Random Bit Generators</em>.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_HMAC_DRBG_H
+#define MBEDTLS_HMAC_DRBG_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/md.h"
+
+#if defined(MBEDTLS_THREADING_C)
+#include "mbedtls/threading.h"
+#endif
+
+/*
+ * Error codes
+ */
+/** Too many random requested in single call. */
+#define MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG              -0x0003
+/** Input too large (Entropy + additional). */
+#define MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG                -0x0005
+/** Read/write error in file. */
+#define MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR                -0x0007
+/** The entropy source failed. */
+#define MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED        -0x0009
+
+/**
+ * \name SECTION: Module settings
+ *
+ * The configuration options you can set for this module are in this section.
+ * Either change them in config.h or define them on the compiler command line.
+ * \{
+ */
+
+#if !defined(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL)
+#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL   10000   /**< Interval before reseed is performed by default */
+#endif
+
+#if !defined(MBEDTLS_HMAC_DRBG_MAX_INPUT)
+#define MBEDTLS_HMAC_DRBG_MAX_INPUT         256     /**< Maximum number of additional input bytes */
+#endif
+
+#if !defined(MBEDTLS_HMAC_DRBG_MAX_REQUEST)
+#define MBEDTLS_HMAC_DRBG_MAX_REQUEST       1024    /**< Maximum number of requested bytes per call */
+#endif
+
+#if !defined(MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT)
+#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT    384     /**< Maximum size of (re)seed buffer */
+#endif
+
+/** \} name SECTION: Module settings */
+
+#define MBEDTLS_HMAC_DRBG_PR_OFF   0   /**< No prediction resistance       */
+#define MBEDTLS_HMAC_DRBG_PR_ON    1   /**< Prediction resistance enabled  */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * HMAC_DRBG context.
+ */
+typedef struct mbedtls_hmac_drbg_context {
+    /* Working state: the key K is not stored explicitly,
+     * but is implied by the HMAC context */
+    mbedtls_md_context_t md_ctx;                    /*!< HMAC context (inc. K)  */
+    unsigned char V[MBEDTLS_MD_MAX_SIZE];  /*!< V in the spec          */
+    int reseed_counter;                     /*!< reseed counter         */
+
+    /* Administrative state */
+    size_t entropy_len;         /*!< entropy bytes grabbed on each (re)seed */
+    int prediction_resistance;  /*!< enable prediction resistance (Automatic
+                                     reseed before every random generation) */
+    int reseed_interval;        /*!< reseed interval   */
+
+    /* Callbacks */
+    int (*f_entropy)(void *, unsigned char *, size_t); /*!< entropy function */
+    void *p_entropy;            /*!< context for the entropy function        */
+
+#if defined(MBEDTLS_THREADING_C)
+    /* Invariant: the mutex is initialized if and only if
+     * md_ctx->md_info != NULL. This means that the mutex is initialized
+     * during the initial seeding in mbedtls_hmac_drbg_seed() or
+     * mbedtls_hmac_drbg_seed_buf() and freed in mbedtls_ctr_drbg_free().
+     *
+     * Note that this invariant may change without notice. Do not rely on it
+     * and do not access the mutex directly in application code.
+     */
+    mbedtls_threading_mutex_t mutex;
+#endif
+} mbedtls_hmac_drbg_context;
+
+/**
+ * \brief               HMAC_DRBG context initialization.
+ *
+ * This function makes the context ready for mbedtls_hmac_drbg_seed(),
+ * mbedtls_hmac_drbg_seed_buf() or mbedtls_hmac_drbg_free().
+ *
+ * \note                The reseed interval is #MBEDTLS_HMAC_DRBG_RESEED_INTERVAL
+ *                      by default. Override this value by calling
+ *                      mbedtls_hmac_drbg_set_reseed_interval().
+ *
+ * \param ctx           HMAC_DRBG context to be initialized.
+ */
+void mbedtls_hmac_drbg_init(mbedtls_hmac_drbg_context *ctx);
+
+/**
+ * \brief               HMAC_DRBG initial seeding.
+ *
+ * Set the initial seed and set up the entropy source for future reseeds.
+ *
+ * A typical choice for the \p f_entropy and \p p_entropy parameters is
+ * to use the entropy module:
+ * - \p f_entropy is mbedtls_entropy_func();
+ * - \p p_entropy is an instance of ::mbedtls_entropy_context initialized
+ *   with mbedtls_entropy_init() (which registers the platform's default
+ *   entropy sources).
+ *
+ * You can provide a personalization string in addition to the
+ * entropy source, to make this instantiation as unique as possible.
+ *
+ * \note                By default, the security strength as defined by NIST is:
+ *                      - 128 bits if \p md_info is SHA-1;
+ *                      - 192 bits if \p md_info is SHA-224;
+ *                      - 256 bits if \p md_info is SHA-256, SHA-384 or SHA-512.
+ *                      Note that SHA-256 is just as efficient as SHA-224.
+ *                      The security strength can be reduced if a smaller
+ *                      entropy length is set with
+ *                      mbedtls_hmac_drbg_set_entropy_len().
+ *
+ * \note                The default entropy length is the security strength
+ *                      (converted from bits to bytes). You can override
+ *                      it by calling mbedtls_hmac_drbg_set_entropy_len().
+ *
+ * \note                During the initial seeding, this function calls
+ *                      the entropy source to obtain a nonce
+ *                      whose length is half the entropy length.
+ */
+#if defined(MBEDTLS_THREADING_C)
+/**
+ * \note                When Mbed TLS is built with threading support,
+ *                      after this function returns successfully,
+ *                      it is safe to call mbedtls_hmac_drbg_random()
+ *                      from multiple threads. Other operations, including
+ *                      reseeding, are not thread-safe.
+ */
+#endif /* MBEDTLS_THREADING_C */
+/**
+ * \param ctx           HMAC_DRBG context to be seeded.
+ * \param md_info       MD algorithm to use for HMAC_DRBG.
+ * \param f_entropy     The entropy callback, taking as arguments the
+ *                      \p p_entropy context, the buffer to fill, and the
+ *                      length of the buffer.
+ *                      \p f_entropy is always called with a length that is
+ *                      less than or equal to the entropy length.
+ * \param p_entropy     The entropy context to pass to \p f_entropy.
+ * \param custom        The personalization string.
+ *                      This can be \c NULL, in which case the personalization
+ *                      string is empty regardless of the value of \p len.
+ * \param len           The length of the personalization string.
+ *                      This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT
+ *                      and also at most
+ *                      #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \c entropy_len * 3 / 2
+ *                      where \c entropy_len is the entropy length
+ *                      described above.
+ *
+ * \return              \c 0 if successful.
+ * \return              #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info is
+ *                      invalid.
+ * \return              #MBEDTLS_ERR_MD_ALLOC_FAILED if there was not enough
+ *                      memory to allocate context data.
+ * \return              #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
+ *                      if the call to \p f_entropy failed.
+ */
+int mbedtls_hmac_drbg_seed(mbedtls_hmac_drbg_context *ctx,
+                           const mbedtls_md_info_t *md_info,
+                           int (*f_entropy)(void *, unsigned char *, size_t),
+                           void *p_entropy,
+                           const unsigned char *custom,
+                           size_t len);
+
+/**
+ * \brief               Initialisation of simplified HMAC_DRBG (never reseeds).
+ *
+ * This function is meant for use in algorithms that need a pseudorandom
+ * input such as deterministic ECDSA.
+ */
+#if defined(MBEDTLS_THREADING_C)
+/**
+ * \note                When Mbed TLS is built with threading support,
+ *                      after this function returns successfully,
+ *                      it is safe to call mbedtls_hmac_drbg_random()
+ *                      from multiple threads. Other operations, including
+ *                      reseeding, are not thread-safe.
+ */
+#endif /* MBEDTLS_THREADING_C */
+/**
+ * \param ctx           HMAC_DRBG context to be initialised.
+ * \param md_info       MD algorithm to use for HMAC_DRBG.
+ * \param data          Concatenation of the initial entropy string and
+ *                      the additional data.
+ * \param data_len      Length of \p data in bytes.
+ *
+ * \return              \c 0 if successful. or
+ * \return              #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info is
+ *                      invalid.
+ * \return              #MBEDTLS_ERR_MD_ALLOC_FAILED if there was not enough
+ *                      memory to allocate context data.
+ */
+int mbedtls_hmac_drbg_seed_buf(mbedtls_hmac_drbg_context *ctx,
+                               const mbedtls_md_info_t *md_info,
+                               const unsigned char *data, size_t data_len);
+
+/**
+ * \brief               This function turns prediction resistance on or off.
+ *                      The default value is off.
+ *
+ * \note                If enabled, entropy is gathered at the beginning of
+ *                      every call to mbedtls_hmac_drbg_random_with_add()
+ *                      or mbedtls_hmac_drbg_random().
+ *                      Only use this if your entropy source has sufficient
+ *                      throughput.
+ *
+ * \param ctx           The HMAC_DRBG context.
+ * \param resistance    #MBEDTLS_HMAC_DRBG_PR_ON or #MBEDTLS_HMAC_DRBG_PR_OFF.
+ */
+void mbedtls_hmac_drbg_set_prediction_resistance(mbedtls_hmac_drbg_context *ctx,
+                                                 int resistance);
+
+/**
+ * \brief               This function sets the amount of entropy grabbed on each
+ *                      seed or reseed.
+ *
+ * See the documentation of mbedtls_hmac_drbg_seed() for the default value.
+ *
+ * \param ctx           The HMAC_DRBG context.
+ * \param len           The amount of entropy to grab, in bytes.
+ */
+void mbedtls_hmac_drbg_set_entropy_len(mbedtls_hmac_drbg_context *ctx,
+                                       size_t len);
+
+/**
+ * \brief               Set the reseed interval.
+ *
+ * The reseed interval is the number of calls to mbedtls_hmac_drbg_random()
+ * or mbedtls_hmac_drbg_random_with_add() after which the entropy function
+ * is called again.
+ *
+ * The default value is #MBEDTLS_HMAC_DRBG_RESEED_INTERVAL.
+ *
+ * \param ctx           The HMAC_DRBG context.
+ * \param interval      The reseed interval.
+ */
+void mbedtls_hmac_drbg_set_reseed_interval(mbedtls_hmac_drbg_context *ctx,
+                                           int interval);
+
+/**
+ * \brief               This function updates the state of the HMAC_DRBG context.
+ *
+ * \note                This function is not thread-safe. It is not safe
+ *                      to call this function if another thread might be
+ *                      concurrently obtaining random numbers from the same
+ *                      context or updating or reseeding the same context.
+ *
+ * \param ctx           The HMAC_DRBG context.
+ * \param additional    The data to update the state with.
+ *                      If this is \c NULL, there is no additional data.
+ * \param add_len       Length of \p additional in bytes.
+ *                      Unused if \p additional is \c NULL.
+ *
+ * \return              \c 0 on success, or an error from the underlying
+ *                      hash calculation.
+ */
+int mbedtls_hmac_drbg_update_ret(mbedtls_hmac_drbg_context *ctx,
+                                 const unsigned char *additional, size_t add_len);
+
+/**
+ * \brief               This function reseeds the HMAC_DRBG context, that is
+ *                      extracts data from the entropy source.
+ *
+ * \note                This function is not thread-safe. It is not safe
+ *                      to call this function if another thread might be
+ *                      concurrently obtaining random numbers from the same
+ *                      context or updating or reseeding the same context.
+ *
+ * \param ctx           The HMAC_DRBG context.
+ * \param additional    Additional data to add to the state.
+ *                      If this is \c NULL, there is no additional data
+ *                      and \p len should be \c 0.
+ * \param len           The length of the additional data.
+ *                      This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT
+ *                      and also at most
+ *                      #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \c entropy_len
+ *                      where \c entropy_len is the entropy length
+ *                      (see mbedtls_hmac_drbg_set_entropy_len()).
+ *
+ * \return              \c 0 if successful.
+ * \return              #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
+ *                      if a call to the entropy function failed.
+ */
+int mbedtls_hmac_drbg_reseed(mbedtls_hmac_drbg_context *ctx,
+                             const unsigned char *additional, size_t len);
+
+/**
+ * \brief   This function updates an HMAC_DRBG instance with additional
+ *          data and uses it to generate random data.
+ *
+ * This function automatically reseeds if the reseed counter is exceeded
+ * or prediction resistance is enabled.
+ *
+ * \note                This function is not thread-safe. It is not safe
+ *                      to call this function if another thread might be
+ *                      concurrently obtaining random numbers from the same
+ *                      context or updating or reseeding the same context.
+ *
+ * \param p_rng         The HMAC_DRBG context. This must be a pointer to a
+ *                      #mbedtls_hmac_drbg_context structure.
+ * \param output        The buffer to fill.
+ * \param output_len    The length of the buffer in bytes.
+ *                      This must be at most #MBEDTLS_HMAC_DRBG_MAX_REQUEST.
+ * \param additional    Additional data to update with.
+ *                      If this is \c NULL, there is no additional data
+ *                      and \p add_len should be \c 0.
+ * \param add_len       The length of the additional data.
+ *                      This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT.
+ *
+ * \return              \c 0 if successful.
+ * \return              #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
+ *                      if a call to the entropy source failed.
+ * \return              #MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG if
+ *                      \p output_len > #MBEDTLS_HMAC_DRBG_MAX_REQUEST.
+ * \return              #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if
+ *                      \p add_len > #MBEDTLS_HMAC_DRBG_MAX_INPUT.
+ */
+int mbedtls_hmac_drbg_random_with_add(void *p_rng,
+                                      unsigned char *output, size_t output_len,
+                                      const unsigned char *additional,
+                                      size_t add_len);
+
+/**
+ * \brief   This function uses HMAC_DRBG to generate random data.
+ *
+ * This function automatically reseeds if the reseed counter is exceeded
+ * or prediction resistance is enabled.
+ */
+#if defined(MBEDTLS_THREADING_C)
+/**
+ * \note                When Mbed TLS is built with threading support,
+ *                      it is safe to call mbedtls_ctr_drbg_random()
+ *                      from multiple threads. Other operations, including
+ *                      reseeding, are not thread-safe.
+ */
+#endif /* MBEDTLS_THREADING_C */
+/**
+ * \param p_rng         The HMAC_DRBG context. This must be a pointer to a
+ *                      #mbedtls_hmac_drbg_context structure.
+ * \param output        The buffer to fill.
+ * \param out_len       The length of the buffer in bytes.
+ *                      This must be at most #MBEDTLS_HMAC_DRBG_MAX_REQUEST.
+ *
+ * \return              \c 0 if successful.
+ * \return              #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
+ *                      if a call to the entropy source failed.
+ * \return              #MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG if
+ *                      \p out_len > #MBEDTLS_HMAC_DRBG_MAX_REQUEST.
+ */
+int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len);
+
+/**
+ * \brief               This function resets HMAC_DRBG context to the state immediately
+ *                      after initial call of mbedtls_hmac_drbg_init().
+ *
+ * \param ctx           The HMAC_DRBG context to free.
+ */
+void mbedtls_hmac_drbg_free(mbedtls_hmac_drbg_context *ctx);
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED    __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief               This function updates the state of the HMAC_DRBG context.
+ *
+ * \deprecated          Superseded by mbedtls_hmac_drbg_update_ret()
+ *                      in 2.16.0.
+ *
+ * \param ctx           The HMAC_DRBG context.
+ * \param additional    The data to update the state with.
+ *                      If this is \c NULL, there is no additional data.
+ * \param add_len       Length of \p additional in bytes.
+ *                      Unused if \p additional is \c NULL.
+ */
+MBEDTLS_DEPRECATED void mbedtls_hmac_drbg_update(
+    mbedtls_hmac_drbg_context *ctx,
+    const unsigned char *additional, size_t add_len);
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+#if defined(MBEDTLS_FS_IO)
+/**
+ * \brief               This function writes a seed file.
+ *
+ * \param ctx           The HMAC_DRBG context.
+ * \param path          The name of the file.
+ *
+ * \return              \c 0 on success.
+ * \return              #MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR on file error.
+ * \return              #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED on reseed
+ *                      failure.
+ */
+int mbedtls_hmac_drbg_write_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path);
+
+/**
+ * \brief               This function reads and updates a seed file. The seed
+ *                      is added to this instance.
+ *
+ * \param ctx           The HMAC_DRBG context.
+ * \param path          The name of the file.
+ *
+ * \return              \c 0 on success.
+ * \return              #MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR on file error.
+ * \return              #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED on
+ *                      reseed failure.
+ * \return              #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if the existing
+ *                      seed file is too large.
+ */
+int mbedtls_hmac_drbg_update_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path);
+#endif /* MBEDTLS_FS_IO */
+
+
+#if defined(MBEDTLS_SELF_TEST)
+/**
+ * \brief               The HMAC_DRBG Checkup routine.
+ *
+ * \return              \c 0 if successful.
+ * \return              \c 1 if the test failed.
+ */
+int mbedtls_hmac_drbg_self_test(int verbose);
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* hmac_drbg.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/md.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/md.h
similarity index 83%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/md.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/md.h
index e4354ba..7b43113 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/md.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/md.h
@@ -1,4 +1,4 @@
- /**
+/**
  * \file md.h
  *
  * \brief This file contains the generic message-digest wrapper.
@@ -7,19 +7,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #ifndef MBEDTLS_MD_H
@@ -32,14 +20,20 @@
 #else
 #include MBEDTLS_CONFIG_FILE
 #endif
+#include "mbedtls/platform_util.h"
 
-#define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE                -0x5080  /**< The selected feature is not available. */
-#define MBEDTLS_ERR_MD_BAD_INPUT_DATA                     -0x5100  /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_MD_ALLOC_FAILED                       -0x5180  /**< Failed to allocate memory. */
-#define MBEDTLS_ERR_MD_FILE_IO_ERROR                      -0x5200  /**< Opening or reading of file failed. */
+/** The selected feature is not available. */
+#define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE                -0x5080
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_MD_BAD_INPUT_DATA                     -0x5100
+/** Failed to allocate memory. */
+#define MBEDTLS_ERR_MD_ALLOC_FAILED                       -0x5180
+/** Opening or reading of file failed. */
+#define MBEDTLS_ERR_MD_FILE_IO_ERROR                      -0x5200
 
 /* MBEDTLS_ERR_MD_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_MD_HW_ACCEL_FAILED                    -0x5280  /**< MD hardware accelerator failed. */
+/** MD hardware accelerator failed. */
+#define MBEDTLS_ERR_MD_HW_ACCEL_FAILED                    -0x5280
 
 #ifdef __cplusplus
 extern "C" {
@@ -86,8 +80,7 @@ typedef struct mbedtls_md_info_t mbedtls_md_info_t;
 /**
  * The generic message-digest context.
  */
-typedef struct mbedtls_md_context_t
-{
+typedef struct mbedtls_md_context_t {
     /** Information about the associated message digest. */
     const mbedtls_md_info_t *md_info;
 
@@ -109,7 +102,7 @@ typedef struct mbedtls_md_context_t
  *                  message-digest enumeration #mbedtls_md_type_t.
  *                  The last entry is 0.
  */
-const int *mbedtls_md_list( void );
+const int *mbedtls_md_list(void);
 
 /**
  * \brief           This function returns the message-digest information
@@ -120,7 +113,7 @@ const int *mbedtls_md_list( void );
  * \return          The message-digest information associated with \p md_name.
  * \return          NULL if the associated message-digest information is not found.
  */
-const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name );
+const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name);
 
 /**
  * \brief           This function returns the message-digest information
@@ -131,7 +124,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name );
  * \return          The message-digest information associated with \p md_type.
  * \return          NULL if the associated message-digest information is not found.
  */
-const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type );
+const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type);
 
 /**
  * \brief           This function initializes a message-digest context without
@@ -141,7 +134,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type );
  *                  context for mbedtls_md_setup() for binding it to a
  *                  message-digest algorithm.
  */
-void mbedtls_md_init( mbedtls_md_context_t *ctx );
+void mbedtls_md_init(mbedtls_md_context_t *ctx);
 
 /**
  * \brief           This function clears the internal structure of \p ctx and
@@ -156,9 +149,9 @@ void mbedtls_md_init( mbedtls_md_context_t *ctx );
  *                  You must not call this function if you have not called
  *                  mbedtls_md_init().
  */
-void mbedtls_md_free( mbedtls_md_context_t *ctx );
+void mbedtls_md_free(mbedtls_md_context_t *ctx);
 
-#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
 #define MBEDTLS_DEPRECATED    __attribute__((deprecated))
 #else
@@ -182,7 +175,8 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx );
  *                  failure.
  * \return          #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure.
  */
-int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) MBEDTLS_DEPRECATED;
+int mbedtls_md_init_ctx(mbedtls_md_context_t *ctx,
+                        const mbedtls_md_info_t *md_info) MBEDTLS_DEPRECATED;
 #undef MBEDTLS_DEPRECATED
 #endif /* MBEDTLS_DEPRECATED_REMOVED */
 
@@ -205,10 +199,11 @@ int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_
  *                  failure.
  * \return          #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure.
  */
-int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac);
 
 /**
- * \brief           This function clones the state of an message-digest
+ * \brief           This function clones the state of a message-digest
  *                  context.
  *
  * \note            You must call mbedtls_md_setup() on \c dst before calling
@@ -226,8 +221,9 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf
  * \return          \c 0 on success.
  * \return          #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification failure.
  */
-int mbedtls_md_clone( mbedtls_md_context_t *dst,
-                      const mbedtls_md_context_t *src );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_md_clone(mbedtls_md_context_t *dst,
+                     const mbedtls_md_context_t *src);
 
 /**
  * \brief           This function extracts the message-digest size from the
@@ -238,7 +234,7 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst,
  *
  * \return          The size of the message-digest output in Bytes.
  */
-unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info );
+unsigned char mbedtls_md_get_size(const mbedtls_md_info_t *md_info);
 
 /**
  * \brief           This function extracts the message-digest type from the
@@ -249,7 +245,7 @@ unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info );
  *
  * \return          The type of the message digest.
  */
-mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info );
+mbedtls_md_type_t mbedtls_md_get_type(const mbedtls_md_info_t *md_info);
 
 /**
  * \brief           This function extracts the message-digest name from the
@@ -260,7 +256,7 @@ mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info );
  *
  * \return          The name of the message digest.
  */
-const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info );
+const char *mbedtls_md_get_name(const mbedtls_md_info_t *md_info);
 
 /**
  * \brief           This function starts a message-digest computation.
@@ -275,7 +271,8 @@ const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info );
  * \return          #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
  *                  failure.
  */
-int mbedtls_md_starts( mbedtls_md_context_t *ctx );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_md_starts(mbedtls_md_context_t *ctx);
 
 /**
  * \brief           This function feeds an input buffer into an ongoing
@@ -293,7 +290,8 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx );
  * \return          #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
  *                  failure.
  */
-int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_md_update(mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen);
 
 /**
  * \brief           This function finishes the digest operation,
@@ -313,7 +311,8 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si
  * \return          #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
  *                  failure.
  */
-int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_md_finish(mbedtls_md_context_t *ctx, unsigned char *output);
 
 /**
  * \brief          This function calculates the message-digest of a buffer,
@@ -333,8 +332,9 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output );
  * \return         #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
  *                 failure.
  */
-int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
-        unsigned char *output );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
+               unsigned char *output);
 
 #if defined(MBEDTLS_FS_IO)
 /**
@@ -354,8 +354,9 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si
  *                 the file pointed by \p path.
  * \return         #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info was NULL.
  */
-int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path,
-                     unsigned char *output );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_md_file(const mbedtls_md_info_t *md_info, const char *path,
+                    unsigned char *output);
 #endif /* MBEDTLS_FS_IO */
 
 /**
@@ -376,8 +377,9 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path,
  * \return          #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
  *                  failure.
  */
-int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key,
-                    size_t keylen );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_md_hmac_starts(mbedtls_md_context_t *ctx, const unsigned char *key,
+                           size_t keylen);
 
 /**
  * \brief           This function feeds an input buffer into an ongoing HMAC
@@ -398,8 +400,9 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key,
  * \return          #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
  *                  failure.
  */
-int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input,
-                    size_t ilen );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_md_hmac_update(mbedtls_md_context_t *ctx, const unsigned char *input,
+                           size_t ilen);
 
 /**
  * \brief           This function finishes the HMAC operation, and writes
@@ -419,7 +422,8 @@ int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *inpu
  * \return          #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
  *                  failure.
  */
-int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output);
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_md_hmac_finish(mbedtls_md_context_t *ctx, unsigned char *output);
 
 /**
  * \brief           This function prepares to authenticate a new message with
@@ -436,7 +440,8 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output);
  * \return          #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
  *                  failure.
  */
-int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_md_hmac_reset(mbedtls_md_context_t *ctx);
 
 /**
  * \brief          This function calculates the full generic HMAC
@@ -460,12 +465,14 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx );
  * \return         #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
  *                 failure.
  */
-int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
-                const unsigned char *input, size_t ilen,
-                unsigned char *output );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_md_hmac(const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
+                    const unsigned char *input, size_t ilen,
+                    unsigned char *output);
 
 /* Internal use */
-int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data );
+MBEDTLS_CHECK_RETURN_TYPICAL
+int mbedtls_md_process(mbedtls_md_context_t *ctx, const unsigned char *data);
 
 #ifdef __cplusplus
 }
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/md2.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/md2.h
similarity index 77%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/md2.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/md2.h
index 23c48f4..afcf3a3 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/md2.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/md2.h
@@ -9,19 +9,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  *
  */
 #ifndef MBEDTLS_MD2_H
@@ -36,7 +24,8 @@
 #include <stddef.h>
 
 /* MBEDTLS_ERR_MD2_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_MD2_HW_ACCEL_FAILED                   -0x002B  /**< MD2 hardware accelerator failed */
+/** MD2 hardware accelerator failed */
+#define MBEDTLS_ERR_MD2_HW_ACCEL_FAILED                   -0x002B
 
 #ifdef __cplusplus
 extern "C" {
@@ -54,8 +43,7 @@ extern "C" {
  *                 stronger message digests instead.
  *
  */
-typedef struct mbedtls_md2_context
-{
+typedef struct mbedtls_md2_context {
     unsigned char cksum[16];    /*!< checksum of the data block */
     unsigned char state[48];    /*!< intermediate digest state  */
     unsigned char buffer[16];   /*!< data block being processed */
@@ -77,7 +65,7 @@ mbedtls_md2_context;
  *                 stronger message digests instead.
  *
  */
-void mbedtls_md2_init( mbedtls_md2_context *ctx );
+void mbedtls_md2_init(mbedtls_md2_context *ctx);
 
 /**
  * \brief          Clear MD2 context
@@ -89,7 +77,7 @@ void mbedtls_md2_init( mbedtls_md2_context *ctx );
  *                 stronger message digests instead.
  *
  */
-void mbedtls_md2_free( mbedtls_md2_context *ctx );
+void mbedtls_md2_free(mbedtls_md2_context *ctx);
 
 /**
  * \brief          Clone (the state of) an MD2 context
@@ -102,8 +90,8 @@ void mbedtls_md2_free( mbedtls_md2_context *ctx );
  *                 stronger message digests instead.
  *
  */
-void mbedtls_md2_clone( mbedtls_md2_context *dst,
-                        const mbedtls_md2_context *src );
+void mbedtls_md2_clone(mbedtls_md2_context *dst,
+                       const mbedtls_md2_context *src);
 
 /**
  * \brief          MD2 context setup
@@ -117,7 +105,7 @@ void mbedtls_md2_clone( mbedtls_md2_context *dst,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx );
+int mbedtls_md2_starts_ret(mbedtls_md2_context *ctx);
 
 /**
  * \brief          MD2 process buffer
@@ -133,9 +121,9 @@ int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx );
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md2_update_ret( mbedtls_md2_context *ctx,
-                            const unsigned char *input,
-                            size_t ilen );
+int mbedtls_md2_update_ret(mbedtls_md2_context *ctx,
+                           const unsigned char *input,
+                           size_t ilen);
 
 /**
  * \brief          MD2 final digest
@@ -150,8 +138,8 @@ int mbedtls_md2_update_ret( mbedtls_md2_context *ctx,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx,
-                            unsigned char output[16] );
+int mbedtls_md2_finish_ret(mbedtls_md2_context *ctx,
+                           unsigned char output[16]);
 
 /**
  * \brief          MD2 process data block (internal use only)
@@ -165,7 +153,7 @@ int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_internal_md2_process( mbedtls_md2_context *ctx );
+int mbedtls_internal_md2_process(mbedtls_md2_context *ctx);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -185,7 +173,7 @@ int mbedtls_internal_md2_process( mbedtls_md2_context *ctx );
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md2_starts( mbedtls_md2_context *ctx );
+MBEDTLS_DEPRECATED void mbedtls_md2_starts(mbedtls_md2_context *ctx);
 
 /**
  * \brief          MD2 process buffer
@@ -201,9 +189,9 @@ MBEDTLS_DEPRECATED void mbedtls_md2_starts( mbedtls_md2_context *ctx );
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md2_update( mbedtls_md2_context *ctx,
-                                            const unsigned char *input,
-                                            size_t ilen );
+MBEDTLS_DEPRECATED void mbedtls_md2_update(mbedtls_md2_context *ctx,
+                                           const unsigned char *input,
+                                           size_t ilen);
 
 /**
  * \brief          MD2 final digest
@@ -218,8 +206,8 @@ MBEDTLS_DEPRECATED void mbedtls_md2_update( mbedtls_md2_context *ctx,
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md2_finish( mbedtls_md2_context *ctx,
-                                            unsigned char output[16] );
+MBEDTLS_DEPRECATED void mbedtls_md2_finish(mbedtls_md2_context *ctx,
+                                           unsigned char output[16]);
 
 /**
  * \brief          MD2 process data block (internal use only)
@@ -233,7 +221,7 @@ MBEDTLS_DEPRECATED void mbedtls_md2_finish( mbedtls_md2_context *ctx,
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md2_process( mbedtls_md2_context *ctx );
+MBEDTLS_DEPRECATED void mbedtls_md2_process(mbedtls_md2_context *ctx);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -250,9 +238,9 @@ MBEDTLS_DEPRECATED void mbedtls_md2_process( mbedtls_md2_context *ctx );
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md2_ret( const unsigned char *input,
-                     size_t ilen,
-                     unsigned char output[16] );
+int mbedtls_md2_ret(const unsigned char *input,
+                    size_t ilen,
+                    unsigned char output[16]);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -274,9 +262,9 @@ int mbedtls_md2_ret( const unsigned char *input,
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md2( const unsigned char *input,
-                                     size_t ilen,
-                                     unsigned char output[16] );
+MBEDTLS_DEPRECATED void mbedtls_md2(const unsigned char *input,
+                                    size_t ilen,
+                                    unsigned char output[16]);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -293,7 +281,7 @@ MBEDTLS_DEPRECATED void mbedtls_md2( const unsigned char *input,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md2_self_test( int verbose );
+int mbedtls_md2_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/md4.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/md4.h
similarity index 76%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/md4.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/md4.h
index eeb1670..b827ffe 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/md4.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/md4.h
@@ -9,19 +9,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  *
  */
 #ifndef MBEDTLS_MD4_H
@@ -37,7 +25,8 @@
 #include <stdint.h>
 
 /* MBEDTLS_ERR_MD4_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_MD4_HW_ACCEL_FAILED                   -0x002D  /**< MD4 hardware accelerator failed */
+/** MD4 hardware accelerator failed */
+#define MBEDTLS_ERR_MD4_HW_ACCEL_FAILED                   -0x002D
 
 #ifdef __cplusplus
 extern "C" {
@@ -55,8 +44,7 @@ extern "C" {
  *                 stronger message digests instead.
  *
  */
-typedef struct mbedtls_md4_context
-{
+typedef struct mbedtls_md4_context {
     uint32_t total[2];          /*!< number of bytes processed  */
     uint32_t state[4];          /*!< intermediate digest state  */
     unsigned char buffer[64];   /*!< data block being processed */
@@ -77,7 +65,7 @@ mbedtls_md4_context;
  *                 stronger message digests instead.
  *
  */
-void mbedtls_md4_init( mbedtls_md4_context *ctx );
+void mbedtls_md4_init(mbedtls_md4_context *ctx);
 
 /**
  * \brief          Clear MD4 context
@@ -89,7 +77,7 @@ void mbedtls_md4_init( mbedtls_md4_context *ctx );
  *                 stronger message digests instead.
  *
  */
-void mbedtls_md4_free( mbedtls_md4_context *ctx );
+void mbedtls_md4_free(mbedtls_md4_context *ctx);
 
 /**
  * \brief          Clone (the state of) an MD4 context
@@ -102,8 +90,8 @@ void mbedtls_md4_free( mbedtls_md4_context *ctx );
  *                 stronger message digests instead.
  *
  */
-void mbedtls_md4_clone( mbedtls_md4_context *dst,
-                        const mbedtls_md4_context *src );
+void mbedtls_md4_clone(mbedtls_md4_context *dst,
+                       const mbedtls_md4_context *src);
 
 /**
  * \brief          MD4 context setup
@@ -116,7 +104,7 @@ void mbedtls_md4_clone( mbedtls_md4_context *dst,
  *                 constitutes a security risk. We recommend considering
  *                 stronger message digests instead.
  */
-int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx );
+int mbedtls_md4_starts_ret(mbedtls_md4_context *ctx);
 
 /**
  * \brief          MD4 process buffer
@@ -132,9 +120,9 @@ int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx );
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md4_update_ret( mbedtls_md4_context *ctx,
-                            const unsigned char *input,
-                            size_t ilen );
+int mbedtls_md4_update_ret(mbedtls_md4_context *ctx,
+                           const unsigned char *input,
+                           size_t ilen);
 
 /**
  * \brief          MD4 final digest
@@ -149,8 +137,8 @@ int mbedtls_md4_update_ret( mbedtls_md4_context *ctx,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx,
-                            unsigned char output[16] );
+int mbedtls_md4_finish_ret(mbedtls_md4_context *ctx,
+                           unsigned char output[16]);
 
 /**
  * \brief          MD4 process data block (internal use only)
@@ -165,8 +153,8 @@ int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
-                                  const unsigned char data[64] );
+int mbedtls_internal_md4_process(mbedtls_md4_context *ctx,
+                                 const unsigned char data[64]);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -186,7 +174,7 @@ int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md4_starts( mbedtls_md4_context *ctx );
+MBEDTLS_DEPRECATED void mbedtls_md4_starts(mbedtls_md4_context *ctx);
 
 /**
  * \brief          MD4 process buffer
@@ -202,9 +190,9 @@ MBEDTLS_DEPRECATED void mbedtls_md4_starts( mbedtls_md4_context *ctx );
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md4_update( mbedtls_md4_context *ctx,
-                                            const unsigned char *input,
-                                            size_t ilen );
+MBEDTLS_DEPRECATED void mbedtls_md4_update(mbedtls_md4_context *ctx,
+                                           const unsigned char *input,
+                                           size_t ilen);
 
 /**
  * \brief          MD4 final digest
@@ -219,8 +207,8 @@ MBEDTLS_DEPRECATED void mbedtls_md4_update( mbedtls_md4_context *ctx,
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md4_finish( mbedtls_md4_context *ctx,
-                                            unsigned char output[16] );
+MBEDTLS_DEPRECATED void mbedtls_md4_finish(mbedtls_md4_context *ctx,
+                                           unsigned char output[16]);
 
 /**
  * \brief          MD4 process data block (internal use only)
@@ -235,8 +223,8 @@ MBEDTLS_DEPRECATED void mbedtls_md4_finish( mbedtls_md4_context *ctx,
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md4_process( mbedtls_md4_context *ctx,
-                                             const unsigned char data[64] );
+MBEDTLS_DEPRECATED void mbedtls_md4_process(mbedtls_md4_context *ctx,
+                                            const unsigned char data[64]);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -255,9 +243,9 @@ MBEDTLS_DEPRECATED void mbedtls_md4_process( mbedtls_md4_context *ctx,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md4_ret( const unsigned char *input,
-                     size_t ilen,
-                     unsigned char output[16] );
+int mbedtls_md4_ret(const unsigned char *input,
+                    size_t ilen,
+                    unsigned char output[16]);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -279,9 +267,9 @@ int mbedtls_md4_ret( const unsigned char *input,
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md4( const unsigned char *input,
-                                     size_t ilen,
-                                     unsigned char output[16] );
+MBEDTLS_DEPRECATED void mbedtls_md4(const unsigned char *input,
+                                    size_t ilen,
+                                    unsigned char output[16]);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -298,7 +286,7 @@ MBEDTLS_DEPRECATED void mbedtls_md4( const unsigned char *input,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md4_self_test( int verbose );
+int mbedtls_md4_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/md5.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/md5.h
new file mode 100644
index 0000000..fdc530a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/md5.h
@@ -0,0 +1,297 @@
+/**
+ * \file md5.h
+ *
+ * \brief MD5 message digest algorithm (hash function)
+ *
+ * \warning   MD5 is considered a weak message digest and its use constitutes a
+ *            security risk. We recommend considering stronger message
+ *            digests instead.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_MD5_H
+#define MBEDTLS_MD5_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+#include <stdint.h>
+
+/* MBEDTLS_ERR_MD5_HW_ACCEL_FAILED is deprecated and should not be used. */
+/** MD5 hardware accelerator failed */
+#define MBEDTLS_ERR_MD5_HW_ACCEL_FAILED                   -0x002F
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if !defined(MBEDTLS_MD5_ALT)
+// Regular implementation
+//
+
+/**
+ * \brief          MD5 context structure
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+typedef struct mbedtls_md5_context {
+    uint32_t total[2];          /*!< number of bytes processed  */
+    uint32_t state[4];          /*!< intermediate digest state  */
+    unsigned char buffer[64];   /*!< data block being processed */
+}
+mbedtls_md5_context;
+
+#else  /* MBEDTLS_MD5_ALT */
+#include "md5_alt.h"
+#endif /* MBEDTLS_MD5_ALT */
+
+/**
+ * \brief          Initialize MD5 context
+ *
+ * \param ctx      MD5 context to be initialized
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md5_init(mbedtls_md5_context *ctx);
+
+/**
+ * \brief          Clear MD5 context
+ *
+ * \param ctx      MD5 context to be cleared
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md5_free(mbedtls_md5_context *ctx);
+
+/**
+ * \brief          Clone (the state of) an MD5 context
+ *
+ * \param dst      The destination context
+ * \param src      The context to be cloned
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md5_clone(mbedtls_md5_context *dst,
+                       const mbedtls_md5_context *src);
+
+/**
+ * \brief          MD5 context setup
+ *
+ * \param ctx      context to be initialized
+ *
+ * \return         0 if successful
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_md5_starts_ret(mbedtls_md5_context *ctx);
+
+/**
+ * \brief          MD5 process buffer
+ *
+ * \param ctx      MD5 context
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ *
+ * \return         0 if successful
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_md5_update_ret(mbedtls_md5_context *ctx,
+                           const unsigned char *input,
+                           size_t ilen);
+
+/**
+ * \brief          MD5 final digest
+ *
+ * \param ctx      MD5 context
+ * \param output   MD5 checksum result
+ *
+ * \return         0 if successful
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_md5_finish_ret(mbedtls_md5_context *ctx,
+                           unsigned char output[16]);
+
+/**
+ * \brief          MD5 process data block (internal use only)
+ *
+ * \param ctx      MD5 context
+ * \param data     buffer holding one block of data
+ *
+ * \return         0 if successful
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_internal_md5_process(mbedtls_md5_context *ctx,
+                                 const unsigned char data[64]);
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief          MD5 context setup
+ *
+ * \deprecated     Superseded by mbedtls_md5_starts_ret() in 2.7.0
+ *
+ * \param ctx      context to be initialized
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_md5_starts(mbedtls_md5_context *ctx);
+
+/**
+ * \brief          MD5 process buffer
+ *
+ * \deprecated     Superseded by mbedtls_md5_update_ret() in 2.7.0
+ *
+ * \param ctx      MD5 context
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_md5_update(mbedtls_md5_context *ctx,
+                                           const unsigned char *input,
+                                           size_t ilen);
+
+/**
+ * \brief          MD5 final digest
+ *
+ * \deprecated     Superseded by mbedtls_md5_finish_ret() in 2.7.0
+ *
+ * \param ctx      MD5 context
+ * \param output   MD5 checksum result
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_md5_finish(mbedtls_md5_context *ctx,
+                                           unsigned char output[16]);
+
+/**
+ * \brief          MD5 process data block (internal use only)
+ *
+ * \deprecated     Superseded by mbedtls_internal_md5_process() in 2.7.0
+ *
+ * \param ctx      MD5 context
+ * \param data     buffer holding one block of data
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_md5_process(mbedtls_md5_context *ctx,
+                                            const unsigned char data[64]);
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+/**
+ * \brief          Output = MD5( input buffer )
+ *
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ * \param output   MD5 checksum result
+ *
+ * \return         0 if successful
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_md5_ret(const unsigned char *input,
+                    size_t ilen,
+                    unsigned char output[16]);
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief          Output = MD5( input buffer )
+ *
+ * \deprecated     Superseded by mbedtls_md5_ret() in 2.7.0
+ *
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ * \param output   MD5 checksum result
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED void mbedtls_md5(const unsigned char *input,
+                                    size_t ilen,
+                                    unsigned char output[16]);
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_md5_self_test(int verbose);
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* mbedtls_md5.h */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/md_internal.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/md_internal.h
new file mode 100644
index 0000000..239fdd9
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/md_internal.h
@@ -0,0 +1,77 @@
+/**
+ * \file md_internal.h
+ *
+ * \brief Message digest wrappers.
+ *
+ * \warning This in an internal header. Do not include directly.
+ *
+ * \author Adriaan de Jong <dejong@fox-it.com>
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_MD_WRAP_H
+#define MBEDTLS_MD_WRAP_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/md.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * Message digest information.
+ * Allows message digest functions to be called in a generic way.
+ */
+struct mbedtls_md_info_t {
+    /** Name of the message digest */
+    const char *name;
+
+    /** Digest identifier */
+    mbedtls_md_type_t type;
+
+    /** Output length of the digest function in bytes */
+    unsigned char size;
+
+    /** Block length of the digest function in bytes */
+    unsigned char block_size;
+};
+
+#if defined(MBEDTLS_MD2_C)
+extern const mbedtls_md_info_t mbedtls_md2_info;
+#endif
+#if defined(MBEDTLS_MD4_C)
+extern const mbedtls_md_info_t mbedtls_md4_info;
+#endif
+#if defined(MBEDTLS_MD5_C)
+extern const mbedtls_md_info_t mbedtls_md5_info;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+extern const mbedtls_md_info_t mbedtls_ripemd160_info;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+extern const mbedtls_md_info_t mbedtls_sha1_info;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+extern const mbedtls_md_info_t mbedtls_sha224_info;
+extern const mbedtls_md_info_t mbedtls_sha256_info;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
+extern const mbedtls_md_info_t mbedtls_sha384_info;
+#endif
+extern const mbedtls_md_info_t mbedtls_sha512_info;
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_MD_WRAP_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/memory_buffer_alloc.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/memory_buffer_alloc.h
similarity index 75%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/memory_buffer_alloc.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/memory_buffer_alloc.h
index 2339772..34013b9 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/memory_buffer_alloc.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/memory_buffer_alloc.h
@@ -5,19 +5,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 #ifndef MBEDTLS_MEMORY_BUFFER_ALLOC_H
 #define MBEDTLS_MEMORY_BUFFER_ALLOC_H
@@ -42,12 +30,13 @@
 #define MBEDTLS_MEMORY_ALIGN_MULTIPLE       4 /**< Align on multiples of this value */
 #endif
 
-/* \} name SECTION: Module settings */
+/** \} name SECTION: Module settings */
 
 #define MBEDTLS_MEMORY_VERIFY_NONE         0
 #define MBEDTLS_MEMORY_VERIFY_ALLOC        (1 << 0)
 #define MBEDTLS_MEMORY_VERIFY_FREE         (1 << 1)
-#define MBEDTLS_MEMORY_VERIFY_ALWAYS       (MBEDTLS_MEMORY_VERIFY_ALLOC | MBEDTLS_MEMORY_VERIFY_FREE)
+#define MBEDTLS_MEMORY_VERIFY_ALWAYS       (MBEDTLS_MEMORY_VERIFY_ALLOC | \
+                                            MBEDTLS_MEMORY_VERIFY_FREE)
 
 #ifdef __cplusplus
 extern "C" {
@@ -68,12 +57,12 @@ extern "C" {
  * \param buf   buffer to use as heap
  * \param len   size of the buffer
  */
-void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len );
+void mbedtls_memory_buffer_alloc_init(unsigned char *buf, size_t len);
 
 /**
  * \brief   Free the mutex for thread-safety and clear remaining memory
  */
-void mbedtls_memory_buffer_alloc_free( void );
+void mbedtls_memory_buffer_alloc_free(void);
 
 /**
  * \brief   Determine when the allocator should automatically verify the state
@@ -83,7 +72,7 @@ void mbedtls_memory_buffer_alloc_free( void );
  * \param verify    One of MBEDTLS_MEMORY_VERIFY_NONE, MBEDTLS_MEMORY_VERIFY_ALLOC,
  *                  MBEDTLS_MEMORY_VERIFY_FREE or MBEDTLS_MEMORY_VERIFY_ALWAYS
  */
-void mbedtls_memory_buffer_set_verify( int verify );
+void mbedtls_memory_buffer_set_verify(int verify);
 
 #if defined(MBEDTLS_MEMORY_DEBUG)
 /**
@@ -92,7 +81,7 @@ void mbedtls_memory_buffer_set_verify( int verify );
  *          Prints out a list of 'still allocated' blocks and their stack
  *          trace if MBEDTLS_MEMORY_BACKTRACE is defined.
  */
-void mbedtls_memory_buffer_alloc_status( void );
+void mbedtls_memory_buffer_alloc_status(void);
 
 /**
  * \brief   Get the peak heap usage so far
@@ -102,12 +91,12 @@ void mbedtls_memory_buffer_alloc_status( void );
  *                      into smaller blocks but larger than the requested size.
  * \param max_blocks    Peak number of blocks in use, including free and used
  */
-void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks );
+void mbedtls_memory_buffer_alloc_max_get(size_t *max_used, size_t *max_blocks);
 
 /**
  * \brief   Reset peak statistics
  */
-void mbedtls_memory_buffer_alloc_max_reset( void );
+void mbedtls_memory_buffer_alloc_max_reset(void);
 
 /**
  * \brief   Get the current heap usage
@@ -117,7 +106,7 @@ void mbedtls_memory_buffer_alloc_max_reset( void );
  *                      into smaller blocks but larger than the requested size.
  * \param cur_blocks    Current number of blocks in use, including free and used
  */
-void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks );
+void mbedtls_memory_buffer_alloc_cur_get(size_t *cur_used, size_t *cur_blocks);
 #endif /* MBEDTLS_MEMORY_DEBUG */
 
 /**
@@ -131,7 +120,7 @@ void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks )
  *
  * \return             0 if verified, 1 otherwise
  */
-int mbedtls_memory_buffer_alloc_verify( void );
+int mbedtls_memory_buffer_alloc_verify(void);
 
 #if defined(MBEDTLS_SELF_TEST)
 /**
@@ -139,7 +128,7 @@ int mbedtls_memory_buffer_alloc_verify( void );
  *
  * \return         0 if successful, or 1 if a test failed
  */
-int mbedtls_memory_buffer_alloc_self_test( int verbose );
+int mbedtls_memory_buffer_alloc_self_test(int verbose);
 #endif
 
 #ifdef __cplusplus
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/net.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/net.h
new file mode 100644
index 0000000..805ce33
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/net.h
@@ -0,0 +1,23 @@
+/**
+ * \file net.h
+ *
+ * \brief Deprecated header file that includes net_sockets.h
+ *
+ * \deprecated Superseded by mbedtls/net_sockets.h
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#include "mbedtls/net_sockets.h"
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#warning "Deprecated header file: Superseded by mbedtls/net_sockets.h"
+#endif /* MBEDTLS_DEPRECATED_WARNING */
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/net_sockets.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/net_sockets.h
new file mode 100644
index 0000000..2d3fe3f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/net_sockets.h
@@ -0,0 +1,296 @@
+/**
+ * \file net_sockets.h
+ *
+ * \brief   Network sockets abstraction layer to integrate Mbed TLS into a
+ *          BSD-style sockets API.
+ *
+ *          The network sockets module provides an example integration of the
+ *          Mbed TLS library into a BSD sockets implementation. The module is
+ *          intended to be an example of how Mbed TLS can be integrated into a
+ *          networking stack, as well as to be Mbed TLS's network integration
+ *          for its supported platforms.
+ *
+ *          The module is intended only to be used with the Mbed TLS library and
+ *          is not intended to be used by third party application software
+ *          directly.
+ *
+ *          The supported platforms are as follows:
+ *              * Microsoft Windows and Windows CE
+ *              * POSIX/Unix platforms including Linux, OS X
+ *
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_NET_SOCKETS_H
+#define MBEDTLS_NET_SOCKETS_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/ssl.h"
+
+#include <stddef.h>
+#include <stdint.h>
+
+/** Failed to open a socket. */
+#define MBEDTLS_ERR_NET_SOCKET_FAILED                     -0x0042
+/** The connection to the given server / port failed. */
+#define MBEDTLS_ERR_NET_CONNECT_FAILED                    -0x0044
+/** Binding of the socket failed. */
+#define MBEDTLS_ERR_NET_BIND_FAILED                       -0x0046
+/** Could not listen on the socket. */
+#define MBEDTLS_ERR_NET_LISTEN_FAILED                     -0x0048
+/** Could not accept the incoming connection. */
+#define MBEDTLS_ERR_NET_ACCEPT_FAILED                     -0x004A
+/** Reading information from the socket failed. */
+#define MBEDTLS_ERR_NET_RECV_FAILED                       -0x004C
+/** Sending information through the socket failed. */
+#define MBEDTLS_ERR_NET_SEND_FAILED                       -0x004E
+/** Connection was reset by peer. */
+#define MBEDTLS_ERR_NET_CONN_RESET                        -0x0050
+/** Failed to get an IP address for the given hostname. */
+#define MBEDTLS_ERR_NET_UNKNOWN_HOST                      -0x0052
+/** Buffer is too small to hold the data. */
+#define MBEDTLS_ERR_NET_BUFFER_TOO_SMALL                  -0x0043
+/** The context is invalid, eg because it was free()ed. */
+#define MBEDTLS_ERR_NET_INVALID_CONTEXT                   -0x0045
+/** Polling the net context failed. */
+#define MBEDTLS_ERR_NET_POLL_FAILED                       -0x0047
+/** Input invalid. */
+#define MBEDTLS_ERR_NET_BAD_INPUT_DATA                    -0x0049
+
+#define MBEDTLS_NET_LISTEN_BACKLOG         10 /**< The backlog that listen() should use. */
+
+#define MBEDTLS_NET_PROTO_TCP 0 /**< The TCP transport protocol */
+#define MBEDTLS_NET_PROTO_UDP 1 /**< The UDP transport protocol */
+
+#define MBEDTLS_NET_POLL_READ  1 /**< Used in \c mbedtls_net_poll to check for pending data  */
+#define MBEDTLS_NET_POLL_WRITE 2 /**< Used in \c mbedtls_net_poll to check if write possible */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * Wrapper type for sockets.
+ *
+ * Currently backed by just a file descriptor, but might be more in the future
+ * (eg two file descriptors for combined IPv4 + IPv6 support, or additional
+ * structures for hand-made UDP demultiplexing).
+ */
+typedef struct mbedtls_net_context {
+    int fd;             /**< The underlying file descriptor                 */
+}
+mbedtls_net_context;
+
+/**
+ * \brief          Initialize a context
+ *                 Just makes the context ready to be used or freed safely.
+ *
+ * \param ctx      Context to initialize
+ */
+void mbedtls_net_init(mbedtls_net_context *ctx);
+
+/**
+ * \brief          Initiate a connection with host:port in the given protocol
+ *
+ * \param ctx      Socket to use
+ * \param host     Host to connect to
+ * \param port     Port to connect to
+ * \param proto    Protocol: MBEDTLS_NET_PROTO_TCP or MBEDTLS_NET_PROTO_UDP
+ *
+ * \return         0 if successful, or one of:
+ *                      MBEDTLS_ERR_NET_SOCKET_FAILED,
+ *                      MBEDTLS_ERR_NET_UNKNOWN_HOST,
+ *                      MBEDTLS_ERR_NET_CONNECT_FAILED
+ *
+ * \note           Sets the socket in connected mode even with UDP.
+ */
+int mbedtls_net_connect(mbedtls_net_context *ctx, const char *host, const char *port, int proto);
+
+/**
+ * \brief          Create a receiving socket on bind_ip:port in the chosen
+ *                 protocol. If bind_ip == NULL, all interfaces are bound.
+ *
+ * \param ctx      Socket to use
+ * \param bind_ip  IP to bind to, can be NULL
+ * \param port     Port number to use
+ * \param proto    Protocol: MBEDTLS_NET_PROTO_TCP or MBEDTLS_NET_PROTO_UDP
+ *
+ * \return         0 if successful, or one of:
+ *                      MBEDTLS_ERR_NET_SOCKET_FAILED,
+ *                      MBEDTLS_ERR_NET_UNKNOWN_HOST,
+ *                      MBEDTLS_ERR_NET_BIND_FAILED,
+ *                      MBEDTLS_ERR_NET_LISTEN_FAILED
+ *
+ * \note           Regardless of the protocol, opens the sockets and binds it.
+ *                 In addition, make the socket listening if protocol is TCP.
+ */
+int mbedtls_net_bind(mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto);
+
+/**
+ * \brief           Accept a connection from a remote client
+ *
+ * \param bind_ctx  Relevant socket
+ * \param client_ctx Will contain the connected client socket
+ * \param client_ip Will contain the client IP address, can be NULL
+ * \param buf_size  Size of the client_ip buffer
+ * \param ip_len    Will receive the size of the client IP written,
+ *                  can be NULL if client_ip is null
+ *
+ * \return          0 if successful, or
+ *                  MBEDTLS_ERR_NET_SOCKET_FAILED,
+ *                  MBEDTLS_ERR_NET_BIND_FAILED,
+ *                  MBEDTLS_ERR_NET_ACCEPT_FAILED, or
+ *                  MBEDTLS_ERR_NET_BUFFER_TOO_SMALL if buf_size is too small,
+ *                  MBEDTLS_ERR_SSL_WANT_READ if bind_fd was set to
+ *                  non-blocking and accept() would block.
+ */
+int mbedtls_net_accept(mbedtls_net_context *bind_ctx,
+                       mbedtls_net_context *client_ctx,
+                       void *client_ip, size_t buf_size, size_t *ip_len);
+
+/**
+ * \brief          Check and wait for the context to be ready for read/write
+ *
+ * \note           The current implementation of this function uses
+ *                 select() and returns an error if the file descriptor
+ *                 is \c FD_SETSIZE or greater.
+ *
+ * \param ctx      Socket to check
+ * \param rw       Bitflag composed of MBEDTLS_NET_POLL_READ and
+ *                 MBEDTLS_NET_POLL_WRITE specifying the events
+ *                 to wait for:
+ *                 - If MBEDTLS_NET_POLL_READ is set, the function
+ *                   will return as soon as the net context is available
+ *                   for reading.
+ *                 - If MBEDTLS_NET_POLL_WRITE is set, the function
+ *                   will return as soon as the net context is available
+ *                   for writing.
+ * \param timeout  Maximal amount of time to wait before returning,
+ *                 in milliseconds. If \c timeout is zero, the
+ *                 function returns immediately. If \c timeout is
+ *                 -1u, the function blocks potentially indefinitely.
+ *
+ * \return         Bitmask composed of MBEDTLS_NET_POLL_READ/WRITE
+ *                 on success or timeout, or a negative return code otherwise.
+ */
+int mbedtls_net_poll(mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout);
+
+/**
+ * \brief          Set the socket blocking
+ *
+ * \param ctx      Socket to set
+ *
+ * \return         0 if successful, or a non-zero error code
+ */
+int mbedtls_net_set_block(mbedtls_net_context *ctx);
+
+/**
+ * \brief          Set the socket non-blocking
+ *
+ * \param ctx      Socket to set
+ *
+ * \return         0 if successful, or a non-zero error code
+ */
+int mbedtls_net_set_nonblock(mbedtls_net_context *ctx);
+
+/**
+ * \brief          Portable usleep helper
+ *
+ * \param usec     Amount of microseconds to sleep
+ *
+ * \note           Real amount of time slept will not be less than
+ *                 select()'s timeout granularity (typically, 10ms).
+ */
+void mbedtls_net_usleep(unsigned long usec);
+
+/**
+ * \brief          Read at most 'len' characters. If no error occurs,
+ *                 the actual amount read is returned.
+ *
+ * \param ctx      Socket
+ * \param buf      The buffer to write to
+ * \param len      Maximum length of the buffer
+ *
+ * \return         the number of bytes received,
+ *                 or a non-zero error code; with a non-blocking socket,
+ *                 MBEDTLS_ERR_SSL_WANT_READ indicates read() would block.
+ */
+int mbedtls_net_recv(void *ctx, unsigned char *buf, size_t len);
+
+/**
+ * \brief          Write at most 'len' characters. If no error occurs,
+ *                 the actual amount read is returned.
+ *
+ * \param ctx      Socket
+ * \param buf      The buffer to read from
+ * \param len      The length of the buffer
+ *
+ * \return         the number of bytes sent,
+ *                 or a non-zero error code; with a non-blocking socket,
+ *                 MBEDTLS_ERR_SSL_WANT_WRITE indicates write() would block.
+ */
+int mbedtls_net_send(void *ctx, const unsigned char *buf, size_t len);
+
+/**
+ * \brief          Read at most 'len' characters, blocking for at most
+ *                 'timeout' seconds. If no error occurs, the actual amount
+ *                 read is returned.
+ *
+ * \note           The current implementation of this function uses
+ *                 select() and returns an error if the file descriptor
+ *                 is \c FD_SETSIZE or greater.
+ *
+ * \param ctx      Socket
+ * \param buf      The buffer to write to
+ * \param len      Maximum length of the buffer
+ * \param timeout  Maximum number of milliseconds to wait for data
+ *                 0 means no timeout (wait forever)
+ *
+ * \return         The number of bytes received if successful.
+ *                 MBEDTLS_ERR_SSL_TIMEOUT if the operation timed out.
+ *                 MBEDTLS_ERR_SSL_WANT_READ if interrupted by a signal.
+ *                 Another negative error code (MBEDTLS_ERR_NET_xxx)
+ *                 for other failures.
+ *
+ * \note           This function will block (until data becomes available or
+ *                 timeout is reached) even if the socket is set to
+ *                 non-blocking. Handling timeouts with non-blocking reads
+ *                 requires a different strategy.
+ */
+int mbedtls_net_recv_timeout(void *ctx, unsigned char *buf, size_t len,
+                             uint32_t timeout);
+
+/**
+ * \brief          Closes down the connection and free associated data
+ *
+ * \param ctx      The context to close
+ *
+ * \note           This function frees and clears data associated with the
+ *                 context but does not free the memory pointed to by \p ctx.
+ *                 This memory is the responsibility of the caller.
+ */
+void mbedtls_net_close(mbedtls_net_context *ctx);
+
+/**
+ * \brief          Gracefully shutdown the connection and free associated data
+ *
+ * \param ctx      The context to free
+ *
+ * \note           This function frees and clears data associated with the
+ *                 context but does not free the memory pointed to by \p ctx.
+ *                 This memory is the responsibility of the caller.
+ */
+void mbedtls_net_free(mbedtls_net_context *ctx);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* net_sockets.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/nist_kw.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/nist_kw.h
similarity index 79%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/nist_kw.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/nist_kw.h
index 7f3e64a..a2479b0 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/nist_kw.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/nist_kw.h
@@ -17,19 +17,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #ifndef MBEDTLS_NIST_KW_H
@@ -47,8 +35,7 @@
 extern "C" {
 #endif
 
-typedef enum
-{
+typedef enum {
     MBEDTLS_KW_MODE_KW = 0,
     MBEDTLS_KW_MODE_KWP = 1
 } mbedtls_nist_kw_mode_t;
@@ -80,7 +67,7 @@ typedef struct {
  * \param ctx       The key wrapping context to initialize.
  *
  */
-void mbedtls_nist_kw_init( mbedtls_nist_kw_context *ctx );
+void mbedtls_nist_kw_init(mbedtls_nist_kw_context *ctx);
 
 /**
  * \brief           This function initializes the key wrapping context set in the
@@ -98,11 +85,11 @@ void mbedtls_nist_kw_init( mbedtls_nist_kw_context *ctx );
  *                  which are not supported.
  * \return          cipher-specific error code on failure of the underlying cipher.
  */
-int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx,
-                            mbedtls_cipher_id_t cipher,
-                            const unsigned char *key,
-                            unsigned int keybits,
-                            const int is_wrap );
+int mbedtls_nist_kw_setkey(mbedtls_nist_kw_context *ctx,
+                           mbedtls_cipher_id_t cipher,
+                           const unsigned char *key,
+                           unsigned int keybits,
+                           const int is_wrap);
 
 /**
  * \brief   This function releases and clears the specified key wrapping context
@@ -110,7 +97,7 @@ int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx,
  *
  * \param ctx       The key wrapping context to clear.
  */
-void mbedtls_nist_kw_free( mbedtls_nist_kw_context *ctx );
+void mbedtls_nist_kw_free(mbedtls_nist_kw_context *ctx);
 
 /**
  * \brief           This function encrypts a buffer using key wrapping.
@@ -133,9 +120,9 @@ void mbedtls_nist_kw_free( mbedtls_nist_kw_context *ctx );
  * \return          \c MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA for invalid input length.
  * \return          cipher-specific error code on failure of the underlying cipher.
  */
-int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,
-                          const unsigned char *input, size_t in_len,
-                          unsigned char *output, size_t* out_len, size_t out_size );
+int mbedtls_nist_kw_wrap(mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,
+                         const unsigned char *input, size_t in_len,
+                         unsigned char *output, size_t *out_len, size_t out_size);
 
 /**
  * \brief           This function decrypts a buffer using key wrapping.
@@ -160,9 +147,9 @@ int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t m
  * \return          \c MBEDTLS_ERR_CIPHER_AUTH_FAILED for verification failure of the ciphertext.
  * \return          cipher-specific error code on failure of the underlying cipher.
  */
-int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,
-                            const unsigned char *input, size_t in_len,
-                            unsigned char *output, size_t* out_len, size_t out_size);
+int mbedtls_nist_kw_unwrap(mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,
+                           const unsigned char *input, size_t in_len,
+                           unsigned char *output, size_t *out_len, size_t out_size);
 
 
 #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
@@ -172,7 +159,7 @@ int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
-int mbedtls_nist_kw_self_test( int verbose );
+int mbedtls_nist_kw_self_test(int verbose);
 #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
 
 #ifdef __cplusplus
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/oid.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/oid.h
similarity index 91%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/oid.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/oid.h
index e4c697b..8da1ce8 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/oid.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/oid.h
@@ -5,19 +5,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 #ifndef MBEDTLS_OID_H
 #define MBEDTLS_OID_H
@@ -41,8 +29,10 @@
 #include "mbedtls/md.h"
 #endif
 
-#define MBEDTLS_ERR_OID_NOT_FOUND                         -0x002E  /**< OID is not found. */
-#define MBEDTLS_ERR_OID_BUF_TOO_SMALL                     -0x000B  /**< output buffer is too small */
+/** OID is not found. */
+#define MBEDTLS_ERR_OID_NOT_FOUND                         -0x002E
+/** output buffer is too small */
+#define MBEDTLS_ERR_OID_BUF_TOO_SMALL                     -0x000B
 
 /* This is for the benefit of X.509, but defined here in order to avoid
  * having a "backwards" include of x.509.h here */
@@ -80,10 +70,10 @@
 #define MBEDTLS_OID_COUNTRY_US                  "\x86\x48"      /* {us(840)} */
 #define MBEDTLS_OID_ORG_RSA_DATA_SECURITY       "\x86\xf7\x0d"  /* {rsadsi(113549)} */
 #define MBEDTLS_OID_RSA_COMPANY                 MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \
-                                        MBEDTLS_OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */
+        MBEDTLS_OID_ORG_RSA_DATA_SECURITY                                 /* {iso(1) member-body(2) us(840) rsadsi(113549)} */
 #define MBEDTLS_OID_ORG_ANSI_X9_62              "\xce\x3d" /* ansi-X9-62(10045) */
 #define MBEDTLS_OID_ANSI_X9_62                  MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \
-                                        MBEDTLS_OID_ORG_ANSI_X9_62
+        MBEDTLS_OID_ORG_ANSI_X9_62
 
 /*
  * ISO Identified organization OID parts
@@ -94,15 +84,18 @@
 #define MBEDTLS_OID_OIW_SECSIG_ALG              MBEDTLS_OID_OIW_SECSIG "\x02"
 #define MBEDTLS_OID_OIW_SECSIG_SHA1             MBEDTLS_OID_OIW_SECSIG_ALG "\x1a"
 #define MBEDTLS_OID_ORG_CERTICOM                "\x81\x04"  /* certicom(132) */
-#define MBEDTLS_OID_CERTICOM                    MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_CERTICOM
+#define MBEDTLS_OID_CERTICOM                    MBEDTLS_OID_ISO_IDENTIFIED_ORG \
+        MBEDTLS_OID_ORG_CERTICOM
 #define MBEDTLS_OID_ORG_TELETRUST               "\x24" /* teletrust(36) */
-#define MBEDTLS_OID_TELETRUST                   MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_TELETRUST
+#define MBEDTLS_OID_TELETRUST                   MBEDTLS_OID_ISO_IDENTIFIED_ORG \
+        MBEDTLS_OID_ORG_TELETRUST
 
 /*
  * ISO ITU OID parts
  */
 #define MBEDTLS_OID_ORGANIZATION                "\x01"          /* {organization(1)} */
-#define MBEDTLS_OID_ISO_ITU_US_ORG              MBEDTLS_OID_ISO_ITU_COUNTRY MBEDTLS_OID_COUNTRY_US MBEDTLS_OID_ORGANIZATION /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */
+#define MBEDTLS_OID_ISO_ITU_US_ORG              MBEDTLS_OID_ISO_ITU_COUNTRY MBEDTLS_OID_COUNTRY_US \
+        MBEDTLS_OID_ORGANIZATION                                                                                            /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */
 
 #define MBEDTLS_OID_ORG_GOV                     "\x65"          /* {gov(101)} */
 #define MBEDTLS_OID_GOV                         MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ORG_GOV /* {joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)} */
@@ -120,7 +113,8 @@
  * { iso(1) identified-organization(3) dod(6) internet(1)
  *                      security(5) mechanisms(5) pkix(7) }
  */
-#define MBEDTLS_OID_INTERNET                    MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD "\x01"
+#define MBEDTLS_OID_INTERNET                    MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD \
+    "\x01"
 #define MBEDTLS_OID_PKIX                        MBEDTLS_OID_INTERNET "\x05\x05\x07"
 
 /*
@@ -141,7 +135,7 @@
 #define MBEDTLS_OID_AT_GIVEN_NAME               MBEDTLS_OID_AT "\x2A" /**< id-at-givenName AttributeType:= {id-at 42} */
 #define MBEDTLS_OID_AT_INITIALS                 MBEDTLS_OID_AT "\x2B" /**< id-at-initials AttributeType:= {id-at 43} */
 #define MBEDTLS_OID_AT_GENERATION_QUALIFIER     MBEDTLS_OID_AT "\x2C" /**< id-at-generationQualifier AttributeType:= {id-at 44} */
-#define MBEDTLS_OID_AT_UNIQUE_IDENTIFIER        MBEDTLS_OID_AT "\x2D" /**< id-at-uniqueIdentifier AttributType:= {id-at 45} */
+#define MBEDTLS_OID_AT_UNIQUE_IDENTIFIER        MBEDTLS_OID_AT "\x2D" /**< id-at-uniqueIdentifier AttributeType:= {id-at 45} */
 #define MBEDTLS_OID_AT_DN_QUALIFIER             MBEDTLS_OID_AT "\x2E" /**< id-at-dnQualifier AttributeType:= {id-at 46} */
 #define MBEDTLS_OID_AT_PSEUDONYM                MBEDTLS_OID_AT "\x41" /**< id-at-pseudonym AttributeType:= {id-at 65} */
 
@@ -252,7 +246,8 @@
 #define MBEDTLS_OID_DIGEST_ALG_MD2              MBEDTLS_OID_RSA_COMPANY "\x02\x02" /**< id-mbedtls_md2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 2 } */
 #define MBEDTLS_OID_DIGEST_ALG_MD4              MBEDTLS_OID_RSA_COMPANY "\x02\x04" /**< id-mbedtls_md4 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 4 } */
 #define MBEDTLS_OID_DIGEST_ALG_MD5              MBEDTLS_OID_RSA_COMPANY "\x02\x05" /**< id-mbedtls_md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */
-#define MBEDTLS_OID_DIGEST_ALG_SHA1             MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */
+#define MBEDTLS_OID_DIGEST_ALG_SHA1             MBEDTLS_OID_ISO_IDENTIFIED_ORG \
+        MBEDTLS_OID_OIW_SECSIG_SHA1                                                                        /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */
 #define MBEDTLS_OID_DIGEST_ALG_SHA224           MBEDTLS_OID_NIST_ALG "\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */
 #define MBEDTLS_OID_DIGEST_ALG_SHA256           MBEDTLS_OID_NIST_ALG "\x02\x01" /**< id-mbedtls_sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 1 } */
 
@@ -275,7 +270,8 @@
 /*
  * Encryption algorithms
  */
-#define MBEDTLS_OID_DES_CBC                     MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */
+#define MBEDTLS_OID_DES_CBC                     MBEDTLS_OID_ISO_IDENTIFIED_ORG \
+        MBEDTLS_OID_OIW_SECSIG_ALG "\x07"                                                                        /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */
 #define MBEDTLS_OID_DES_EDE3_CBC                MBEDTLS_OID_RSA_COMPANY "\x03\x07" /**< des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) -- us(840) rsadsi(113549) encryptionAlgorithm(3) 7 } */
 #define MBEDTLS_OID_AES                         MBEDTLS_OID_NIST_ALG "\x01" /** aes OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithm(4) 1 } */
 
@@ -437,8 +433,7 @@ extern "C" {
 /**
  * \brief Base OID descriptor structure
  */
-typedef struct mbedtls_oid_descriptor_t
-{
+typedef struct mbedtls_oid_descriptor_t {
     const char *asn1;               /*!< OID ASN.1 representation       */
     size_t asn1_len;                /*!< length of asn1                 */
     const char *name;               /*!< official name (e.g. from RFC)  */
@@ -456,7 +451,7 @@ typedef struct mbedtls_oid_descriptor_t
  * \return          Length of the string written (excluding final NULL) or
  *                  MBEDTLS_ERR_OID_BUF_TOO_SMALL in case of error
  */
-int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_buf *oid );
+int mbedtls_oid_get_numeric_string(char *buf, size_t size, const mbedtls_asn1_buf *oid);
 
 /**
  * \brief          Translate an X.509 extension OID into local values
@@ -466,7 +461,7 @@ int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_b
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_x509_ext_type( const mbedtls_asn1_buf *oid, int *ext_type );
+int mbedtls_oid_get_x509_ext_type(const mbedtls_asn1_buf *oid, int *ext_type);
 
 /**
  * \brief          Translate an X.509 attribute type OID into the short name
@@ -477,7 +472,7 @@ int mbedtls_oid_get_x509_ext_type( const mbedtls_asn1_buf *oid, int *ext_type );
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_attr_short_name( const mbedtls_asn1_buf *oid, const char **short_name );
+int mbedtls_oid_get_attr_short_name(const mbedtls_asn1_buf *oid, const char **short_name);
 
 /**
  * \brief          Translate PublicKeyAlgorithm OID into pk_type
@@ -487,7 +482,7 @@ int mbedtls_oid_get_attr_short_name( const mbedtls_asn1_buf *oid, const char **s
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_pk_alg( const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_alg );
+int mbedtls_oid_get_pk_alg(const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_alg);
 
 /**
  * \brief          Translate pk_type into PublicKeyAlgorithm OID
@@ -498,8 +493,8 @@ int mbedtls_oid_get_pk_alg( const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_a
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_type_t pk_alg,
-                           const char **oid, size_t *olen );
+int mbedtls_oid_get_oid_by_pk_alg(mbedtls_pk_type_t pk_alg,
+                                  const char **oid, size_t *olen);
 
 #if defined(MBEDTLS_ECP_C)
 /**
@@ -510,7 +505,7 @@ int mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_type_t pk_alg,
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_ec_grp( const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *grp_id );
+int mbedtls_oid_get_ec_grp(const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *grp_id);
 
 /**
  * \brief          Translate EC group identifier into NamedCurve OID
@@ -521,8 +516,8 @@ int mbedtls_oid_get_ec_grp( const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *g
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_oid_by_ec_grp( mbedtls_ecp_group_id grp_id,
-                           const char **oid, size_t *olen );
+int mbedtls_oid_get_oid_by_ec_grp(mbedtls_ecp_group_id grp_id,
+                                  const char **oid, size_t *olen);
 #endif /* MBEDTLS_ECP_C */
 
 #if defined(MBEDTLS_MD_C)
@@ -535,8 +530,8 @@ int mbedtls_oid_get_oid_by_ec_grp( mbedtls_ecp_group_id grp_id,
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_sig_alg( const mbedtls_asn1_buf *oid,
-                     mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg );
+int mbedtls_oid_get_sig_alg(const mbedtls_asn1_buf *oid,
+                            mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg);
 
 /**
  * \brief          Translate SignatureAlgorithm OID into description
@@ -546,7 +541,7 @@ int mbedtls_oid_get_sig_alg( const mbedtls_asn1_buf *oid,
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_sig_alg_desc( const mbedtls_asn1_buf *oid, const char **desc );
+int mbedtls_oid_get_sig_alg_desc(const mbedtls_asn1_buf *oid, const char **desc);
 
 /**
  * \brief          Translate md_type and pk_type into SignatureAlgorithm OID
@@ -558,8 +553,8 @@ int mbedtls_oid_get_sig_alg_desc( const mbedtls_asn1_buf *oid, const char **desc
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_oid_by_sig_alg( mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
-                            const char **oid, size_t *olen );
+int mbedtls_oid_get_oid_by_sig_alg(mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
+                                   const char **oid, size_t *olen);
 
 /**
  * \brief          Translate hash algorithm OID into md_type
@@ -569,7 +564,7 @@ int mbedtls_oid_get_oid_by_sig_alg( mbedtls_pk_type_t pk_alg, mbedtls_md_type_t
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg );
+int mbedtls_oid_get_md_alg(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg);
 
 /**
  * \brief          Translate hmac algorithm OID into md_type
@@ -579,7 +574,7 @@ int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_a
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac );
+int mbedtls_oid_get_md_hmac(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac);
 #endif /* MBEDTLS_MD_C */
 
 /**
@@ -590,7 +585,7 @@ int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char **desc );
+int mbedtls_oid_get_extended_key_usage(const mbedtls_asn1_buf *oid, const char **desc);
 
 /**
  * \brief          Translate certificate policies OID into description
@@ -600,7 +595,7 @@ int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_certificate_policies( const mbedtls_asn1_buf *oid, const char **desc );
+int mbedtls_oid_get_certificate_policies(const mbedtls_asn1_buf *oid, const char **desc);
 
 /**
  * \brief          Translate md_type into hash algorithm OID
@@ -611,7 +606,7 @@ int mbedtls_oid_get_certificate_policies( const mbedtls_asn1_buf *oid, const cha
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_oid_by_md( mbedtls_md_type_t md_alg, const char **oid, size_t *olen );
+int mbedtls_oid_get_oid_by_md(mbedtls_md_type_t md_alg, const char **oid, size_t *olen);
 
 #if defined(MBEDTLS_CIPHER_C)
 /**
@@ -622,7 +617,7 @@ int mbedtls_oid_get_oid_by_md( mbedtls_md_type_t md_alg, const char **oid, size_
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_cipher_alg( const mbedtls_asn1_buf *oid, mbedtls_cipher_type_t *cipher_alg );
+int mbedtls_oid_get_cipher_alg(const mbedtls_asn1_buf *oid, mbedtls_cipher_type_t *cipher_alg);
 #endif /* MBEDTLS_CIPHER_C */
 
 #if defined(MBEDTLS_PKCS12_C)
@@ -636,8 +631,8 @@ int mbedtls_oid_get_cipher_alg( const mbedtls_asn1_buf *oid, mbedtls_cipher_type
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_pkcs12_pbe_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg,
-                            mbedtls_cipher_type_t *cipher_alg );
+int mbedtls_oid_get_pkcs12_pbe_alg(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg,
+                                   mbedtls_cipher_type_t *cipher_alg);
 #endif /* MBEDTLS_PKCS12_C */
 
 #ifdef __cplusplus
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/padlock.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/padlock.h
new file mode 100644
index 0000000..0821105
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/padlock.h
@@ -0,0 +1,117 @@
+/**
+ * \file padlock.h
+ *
+ * \brief VIA PadLock ACE for HW encryption/decryption supported by some
+ *        processors
+ *
+ * \warning These functions are only for internal use by other library
+ *          functions; you must not call them directly.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_PADLOCK_H
+#define MBEDTLS_PADLOCK_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/aes.h"
+
+/** Input data should be aligned. */
+#define MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED               -0x0030
+
+#if defined(__has_feature)
+#if __has_feature(address_sanitizer)
+#define MBEDTLS_HAVE_ASAN
+#endif
+#endif
+
+/* Some versions of ASan result in errors about not enough registers */
+#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_ASM) && \
+    defined(__GNUC__) && defined(__i386__) && \
+    !defined(MBEDTLS_HAVE_ASAN)
+
+#define MBEDTLS_VIA_PADLOCK_HAVE_CODE
+
+#ifndef MBEDTLS_HAVE_X86
+#define MBEDTLS_HAVE_X86
+#endif
+
+#include <stdint.h>
+
+#define MBEDTLS_PADLOCK_RNG 0x000C
+#define MBEDTLS_PADLOCK_ACE 0x00C0
+#define MBEDTLS_PADLOCK_PHE 0x0C00
+#define MBEDTLS_PADLOCK_PMM 0x3000
+
+#define MBEDTLS_PADLOCK_ALIGN16(x) (uint32_t *) (16 + ((int32_t) (x) & ~15))
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          Internal PadLock detection routine
+ *
+ * \note           This function is only for internal use by other library
+ *                 functions; you must not call it directly.
+ *
+ * \param feature  The feature to detect
+ *
+ * \return         non-zero if CPU has support for the feature, 0 otherwise
+ */
+int mbedtls_padlock_has_support(int feature);
+
+/**
+ * \brief          Internal PadLock AES-ECB block en(de)cryption
+ *
+ * \note           This function is only for internal use by other library
+ *                 functions; you must not call it directly.
+ *
+ * \param ctx      AES context
+ * \param mode     MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
+ * \param input    16-byte input block
+ * \param output   16-byte output block
+ *
+ * \return         0 if success, 1 if operation failed
+ */
+int mbedtls_padlock_xcryptecb(mbedtls_aes_context *ctx,
+                              int mode,
+                              const unsigned char input[16],
+                              unsigned char output[16]);
+
+/**
+ * \brief          Internal PadLock AES-CBC buffer en(de)cryption
+ *
+ * \note           This function is only for internal use by other library
+ *                 functions; you must not call it directly.
+ *
+ * \param ctx      AES context
+ * \param mode     MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
+ * \param length   length of the input data
+ * \param iv       initialization vector (updated after use)
+ * \param input    buffer holding the input data
+ * \param output   buffer holding the output data
+ *
+ * \return         0 if success, 1 if operation failed
+ */
+int mbedtls_padlock_xcryptcbc(mbedtls_aes_context *ctx,
+                              int mode,
+                              size_t length,
+                              unsigned char iv[16],
+                              const unsigned char *input,
+                              unsigned char *output);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_PADLOCK_C && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && __i386__ && !MBEDTLS_HAVE_ASAN */
+
+#endif /* padlock.h */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/pem.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/pem.h
new file mode 100644
index 0000000..ffe6e47
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/pem.h
@@ -0,0 +1,140 @@
+/**
+ * \file pem.h
+ *
+ * \brief Privacy Enhanced Mail (PEM) decoding
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_PEM_H
+#define MBEDTLS_PEM_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+
+/**
+ * \name PEM Error codes
+ * These error codes are returned in case of errors reading the
+ * PEM data.
+ * \{
+ */
+/** No PEM header or footer found. */
+#define MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT          -0x1080
+/** PEM string is not as expected. */
+#define MBEDTLS_ERR_PEM_INVALID_DATA                      -0x1100
+/** Failed to allocate memory. */
+#define MBEDTLS_ERR_PEM_ALLOC_FAILED                      -0x1180
+/** RSA IV is not in hex-format. */
+#define MBEDTLS_ERR_PEM_INVALID_ENC_IV                    -0x1200
+/** Unsupported key encryption algorithm. */
+#define MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG                   -0x1280
+/** Private key password can't be empty. */
+#define MBEDTLS_ERR_PEM_PASSWORD_REQUIRED                 -0x1300
+/** Given private key password does not allow for correct decryption. */
+#define MBEDTLS_ERR_PEM_PASSWORD_MISMATCH                 -0x1380
+/** Unavailable feature, e.g. hashing/encryption combination. */
+#define MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE               -0x1400
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_PEM_BAD_INPUT_DATA                    -0x1480
+/** \} name PEM Error codes */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+/**
+ * \brief       PEM context structure
+ */
+typedef struct mbedtls_pem_context {
+    unsigned char *buf;     /*!< buffer for decoded data             */
+    size_t buflen;          /*!< length of the buffer                */
+    unsigned char *info;    /*!< buffer for extra header information */
+}
+mbedtls_pem_context;
+
+/**
+ * \brief       PEM context setup
+ *
+ * \param ctx   context to be initialized
+ */
+void mbedtls_pem_init(mbedtls_pem_context *ctx);
+
+/**
+ * \brief       Read a buffer for PEM information and store the resulting
+ *              data into the specified context buffers.
+ *
+ * \param ctx       context to use
+ * \param header    header string to seek and expect
+ * \param footer    footer string to seek and expect
+ * \param data      source data to look in (must be nul-terminated)
+ * \param pwd       password for decryption (can be NULL)
+ * \param pwdlen    length of password
+ * \param use_len   destination for total length used (set after header is
+ *                  correctly read, so unless you get
+ *                  MBEDTLS_ERR_PEM_BAD_INPUT_DATA or
+ *                  MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT, use_len is
+ *                  the length to skip)
+ *
+ * \note            Attempts to check password correctness by verifying if
+ *                  the decrypted text starts with an ASN.1 sequence of
+ *                  appropriate length
+ *
+ * \return          0 on success, or a specific PEM error code
+ */
+int mbedtls_pem_read_buffer(mbedtls_pem_context *ctx, const char *header, const char *footer,
+                            const unsigned char *data,
+                            const unsigned char *pwd,
+                            size_t pwdlen, size_t *use_len);
+
+/**
+ * \brief       PEM context memory freeing
+ *
+ * \param ctx   context to be freed
+ */
+void mbedtls_pem_free(mbedtls_pem_context *ctx);
+#endif /* MBEDTLS_PEM_PARSE_C */
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+/**
+ * \brief           Write a buffer of PEM information from a DER encoded
+ *                  buffer.
+ *
+ * \param header    The header string to write.
+ * \param footer    The footer string to write.
+ * \param der_data  The DER data to encode.
+ * \param der_len   The length of the DER data \p der_data in Bytes.
+ * \param buf       The buffer to write to.
+ * \param buf_len   The length of the output buffer \p buf in Bytes.
+ * \param olen      The address at which to store the total length written
+ *                  or required (if \p buf_len is not enough).
+ *
+ * \note            You may pass \c NULL for \p buf and \c 0 for \p buf_len
+ *                  to request the length of the resulting PEM buffer in
+ *                  `*olen`.
+ *
+ * \note            This function may be called with overlapping \p der_data
+ *                  and \p buf buffers.
+ *
+ * \return          \c 0 on success.
+ * \return          #MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL if \p buf isn't large
+ *                  enough to hold the PEM buffer. In  this case, `*olen` holds
+ *                  the required minimum size of \p buf.
+ * \return          Another PEM or BASE64 error code on other kinds of failure.
+ */
+int mbedtls_pem_write_buffer(const char *header, const char *footer,
+                             const unsigned char *der_data, size_t der_len,
+                             unsigned char *buf, size_t buf_len, size_t *olen);
+#endif /* MBEDTLS_PEM_WRITE_C */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* pem.h */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/pk.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/pk.h
new file mode 100644
index 0000000..a8c0c37
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/pk.h
@@ -0,0 +1,906 @@
+/**
+ * \file pk.h
+ *
+ * \brief Public Key abstraction layer
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MBEDTLS_PK_H
+#define MBEDTLS_PK_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/md.h"
+
+#if defined(MBEDTLS_RSA_C)
+#include "mbedtls/rsa.h"
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+#include "mbedtls/ecp.h"
+#endif
+
+#if defined(MBEDTLS_ECDSA_C)
+#include "mbedtls/ecdsa.h"
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif
+
+#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+/** Memory allocation failed. */
+#define MBEDTLS_ERR_PK_ALLOC_FAILED        -0x3F80
+/** Type mismatch, eg attempt to encrypt with an ECDSA key */
+#define MBEDTLS_ERR_PK_TYPE_MISMATCH       -0x3F00
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_PK_BAD_INPUT_DATA      -0x3E80
+/** Read/write of file failed. */
+#define MBEDTLS_ERR_PK_FILE_IO_ERROR       -0x3E00
+/** Unsupported key version */
+#define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x3D80
+/** Invalid key tag or value. */
+#define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT  -0x3D00
+/** Key algorithm is unsupported (only RSA and EC are supported). */
+#define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG      -0x3C80
+/** Private key password can't be empty. */
+#define MBEDTLS_ERR_PK_PASSWORD_REQUIRED   -0x3C00
+/** Given private key password does not allow for correct decryption. */
+#define MBEDTLS_ERR_PK_PASSWORD_MISMATCH   -0x3B80
+/** The pubkey tag or value is invalid (only RSA and EC are supported). */
+#define MBEDTLS_ERR_PK_INVALID_PUBKEY      -0x3B00
+/** The algorithm tag or value is invalid. */
+#define MBEDTLS_ERR_PK_INVALID_ALG         -0x3A80
+/** Elliptic curve is unsupported (only NIST curves are supported). */
+#define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00
+/** Unavailable feature, e.g. RSA disabled for RSA key. */
+#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980
+/** The buffer contains a valid signature followed by more data. */
+#define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH    -0x3900
+
+/* MBEDTLS_ERR_PK_HW_ACCEL_FAILED is deprecated and should not be used. */
+/** PK hardware accelerator failed. */
+#define MBEDTLS_ERR_PK_HW_ACCEL_FAILED     -0x3880
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          Public key types
+ */
+typedef enum {
+    MBEDTLS_PK_NONE=0,
+    MBEDTLS_PK_RSA,
+    MBEDTLS_PK_ECKEY,
+    MBEDTLS_PK_ECKEY_DH,
+    MBEDTLS_PK_ECDSA,
+    MBEDTLS_PK_RSA_ALT,
+    MBEDTLS_PK_RSASSA_PSS,
+    MBEDTLS_PK_OPAQUE,
+} mbedtls_pk_type_t;
+
+/**
+ * \brief           Options for RSASSA-PSS signature verification.
+ *                  See \c mbedtls_rsa_rsassa_pss_verify_ext()
+ */
+typedef struct mbedtls_pk_rsassa_pss_options {
+    mbedtls_md_type_t mgf1_hash_id;
+    int expected_salt_len;
+
+} mbedtls_pk_rsassa_pss_options;
+
+/**
+ * \brief           Maximum size of a signature made by mbedtls_pk_sign().
+ */
+/* We need to set MBEDTLS_PK_SIGNATURE_MAX_SIZE to the maximum signature
+ * size among the supported signature types. Do it by starting at 0,
+ * then incrementally increasing to be large enough for each supported
+ * signature mechanism.
+ *
+ * The resulting value can be 0, for example if MBEDTLS_ECDH_C is enabled
+ * (which allows the pk module to be included) but neither MBEDTLS_ECDSA_C
+ * nor MBEDTLS_RSA_C nor any opaque signature mechanism (PSA or RSA_ALT).
+ */
+#define MBEDTLS_PK_SIGNATURE_MAX_SIZE 0
+
+#if (defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_RSA_ALT_SUPPORT)) && \
+    MBEDTLS_MPI_MAX_SIZE > MBEDTLS_PK_SIGNATURE_MAX_SIZE
+/* For RSA, the signature can be as large as the bignum module allows.
+ * For RSA_ALT, the signature size is not necessarily tied to what the
+ * bignum module can do, but in the absence of any specific setting,
+ * we use that (rsa_alt_sign_wrap in pk_wrap will check). */
+#undef MBEDTLS_PK_SIGNATURE_MAX_SIZE
+#define MBEDTLS_PK_SIGNATURE_MAX_SIZE MBEDTLS_MPI_MAX_SIZE
+#endif
+
+#if defined(MBEDTLS_ECDSA_C) &&                                 \
+    MBEDTLS_ECDSA_MAX_LEN > MBEDTLS_PK_SIGNATURE_MAX_SIZE
+/* For ECDSA, the ecdsa module exports a constant for the maximum
+ * signature size. */
+#undef MBEDTLS_PK_SIGNATURE_MAX_SIZE
+#define MBEDTLS_PK_SIGNATURE_MAX_SIZE MBEDTLS_ECDSA_MAX_LEN
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#if PSA_SIGNATURE_MAX_SIZE > MBEDTLS_PK_SIGNATURE_MAX_SIZE
+/* PSA_SIGNATURE_MAX_SIZE is the maximum size of a signature made
+ * through the PSA API in the PSA representation. */
+#undef MBEDTLS_PK_SIGNATURE_MAX_SIZE
+#define MBEDTLS_PK_SIGNATURE_MAX_SIZE PSA_SIGNATURE_MAX_SIZE
+#endif
+
+#if PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE + 11 > MBEDTLS_PK_SIGNATURE_MAX_SIZE
+/* The Mbed TLS representation is different for ECDSA signatures:
+ * PSA uses the raw concatenation of r and s,
+ * whereas Mbed TLS uses the ASN.1 representation (SEQUENCE of two INTEGERs).
+ * Add the overhead of ASN.1: up to (1+2) + 2 * (1+2+1) for the
+ * types, lengths (represented by up to 2 bytes), and potential leading
+ * zeros of the INTEGERs and the SEQUENCE. */
+#undef MBEDTLS_PK_SIGNATURE_MAX_SIZE
+#define MBEDTLS_PK_SIGNATURE_MAX_SIZE (PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE + 11)
+#endif
+#endif /* defined(MBEDTLS_USE_PSA_CRYPTO) */
+
+/**
+ * \brief           Types for interfacing with the debug module
+ */
+typedef enum {
+    MBEDTLS_PK_DEBUG_NONE = 0,
+    MBEDTLS_PK_DEBUG_MPI,
+    MBEDTLS_PK_DEBUG_ECP,
+} mbedtls_pk_debug_type;
+
+/**
+ * \brief           Item to send to the debug module
+ */
+typedef struct mbedtls_pk_debug_item {
+    mbedtls_pk_debug_type type;
+    const char *name;
+    void *value;
+} mbedtls_pk_debug_item;
+
+/** Maximum number of item send for debugging, plus 1 */
+#define MBEDTLS_PK_DEBUG_MAX_ITEMS 3
+
+/**
+ * \brief           Public key information and operations
+ */
+typedef struct mbedtls_pk_info_t mbedtls_pk_info_t;
+
+/**
+ * \brief           Public key container
+ */
+typedef struct mbedtls_pk_context {
+    const mbedtls_pk_info_t *pk_info;    /**< Public key information         */
+    void *pk_ctx;                        /**< Underlying public key context  */
+} mbedtls_pk_context;
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+/**
+ * \brief           Context for resuming operations
+ */
+typedef struct {
+    const mbedtls_pk_info_t *pk_info;    /**< Public key information         */
+    void *rs_ctx;                        /**< Underlying restart context     */
+} mbedtls_pk_restart_ctx;
+#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+/* Now we can declare functions that take a pointer to that */
+typedef void mbedtls_pk_restart_ctx;
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
+#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+/**
+ * \brief           Types for RSA-alt abstraction
+ */
+typedef int (*mbedtls_pk_rsa_alt_decrypt_func)(void *ctx, int mode, size_t *olen,
+                                               const unsigned char *input, unsigned char *output,
+                                               size_t output_max_len);
+typedef int (*mbedtls_pk_rsa_alt_sign_func)(void *ctx,
+                                            int (*f_rng)(void *, unsigned char *, size_t),
+                                            void *p_rng,
+                                            int mode, mbedtls_md_type_t md_alg,
+                                            unsigned int hashlen,
+                                            const unsigned char *hash, unsigned char *sig);
+typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)(void *ctx);
+#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
+
+/**
+ * \brief           Return information associated with the given PK type
+ *
+ * \param pk_type   PK type to search for.
+ *
+ * \return          The PK info associated with the type or NULL if not found.
+ */
+const mbedtls_pk_info_t *mbedtls_pk_info_from_type(mbedtls_pk_type_t pk_type);
+
+/**
+ * \brief           Initialize a #mbedtls_pk_context (as NONE).
+ *
+ * \param ctx       The context to initialize.
+ *                  This must not be \c NULL.
+ */
+void mbedtls_pk_init(mbedtls_pk_context *ctx);
+
+/**
+ * \brief           Free the components of a #mbedtls_pk_context.
+ *
+ * \param ctx       The context to clear. It must have been initialized.
+ *                  If this is \c NULL, this function does nothing.
+ *
+ * \note            For contexts that have been set up with
+ *                  mbedtls_pk_setup_opaque(), this does not free the underlying
+ *                  PSA key and you still need to call psa_destroy_key()
+ *                  independently if you want to destroy that key.
+ */
+void mbedtls_pk_free(mbedtls_pk_context *ctx);
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+/**
+ * \brief           Initialize a restart context
+ *
+ * \param ctx       The context to initialize.
+ *                  This must not be \c NULL.
+ */
+void mbedtls_pk_restart_init(mbedtls_pk_restart_ctx *ctx);
+
+/**
+ * \brief           Free the components of a restart context
+ *
+ * \param ctx       The context to clear. It must have been initialized.
+ *                  If this is \c NULL, this function does nothing.
+ */
+void mbedtls_pk_restart_free(mbedtls_pk_restart_ctx *ctx);
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
+/**
+ * \brief           Initialize a PK context with the information given
+ *                  and allocates the type-specific PK subcontext.
+ *
+ * \param ctx       Context to initialize. It must not have been set
+ *                  up yet (type #MBEDTLS_PK_NONE).
+ * \param info      Information to use
+ *
+ * \return          0 on success,
+ *                  MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input,
+ *                  MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
+ *
+ * \note            For contexts holding an RSA-alt key, use
+ *                  \c mbedtls_pk_setup_rsa_alt() instead.
+ */
+int mbedtls_pk_setup(mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/**
+ * \brief           Initialize a PK context to wrap a PSA key.
+ *
+ * \note            This function replaces mbedtls_pk_setup() for contexts
+ *                  that wrap a (possibly opaque) PSA key instead of
+ *                  storing and manipulating the key material directly.
+ *
+ * \param ctx       The context to initialize. It must be empty (type NONE).
+ * \param key       The PSA key to wrap, which must hold an ECC key pair
+ *                  (see notes below).
+ *
+ * \note            The wrapped key must remain valid as long as the
+ *                  wrapping PK context is in use, that is at least between
+ *                  the point this function is called and the point
+ *                  mbedtls_pk_free() is called on this context. The wrapped
+ *                  key might then be independently used or destroyed.
+ *
+ * \note            This function is currently only available for ECC key
+ *                  pairs (that is, ECC keys containing private key material).
+ *                  Support for other key types may be added later.
+ *
+ * \return          \c 0 on success.
+ * \return          #MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input
+ *                  (context already used, invalid key identifier).
+ * \return          #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the key is not an
+ *                  ECC key pair.
+ * \return          #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
+ */
+int mbedtls_pk_setup_opaque(mbedtls_pk_context *ctx,
+                            const psa_key_id_t key);
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+/**
+ * \brief           Initialize an RSA-alt context
+ *
+ * \param ctx       Context to initialize. It must not have been set
+ *                  up yet (type #MBEDTLS_PK_NONE).
+ * \param key       RSA key pointer
+ * \param decrypt_func  Decryption function
+ * \param sign_func     Signing function
+ * \param key_len_func  Function returning key length in bytes
+ *
+ * \return          0 on success, or MBEDTLS_ERR_PK_BAD_INPUT_DATA if the
+ *                  context wasn't already initialized as RSA_ALT.
+ *
+ * \note            This function replaces \c mbedtls_pk_setup() for RSA-alt.
+ */
+int mbedtls_pk_setup_rsa_alt(mbedtls_pk_context *ctx, void *key,
+                             mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
+                             mbedtls_pk_rsa_alt_sign_func sign_func,
+                             mbedtls_pk_rsa_alt_key_len_func key_len_func);
+#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
+
+/**
+ * \brief           Get the size in bits of the underlying key
+ *
+ * \param ctx       The context to query. It must have been initialized.
+ *
+ * \return          Key size in bits, or 0 on error
+ */
+size_t mbedtls_pk_get_bitlen(const mbedtls_pk_context *ctx);
+
+/**
+ * \brief           Get the length in bytes of the underlying key
+ *
+ * \param ctx       The context to query. It must have been initialized.
+ *
+ * \return          Key length in bytes, or 0 on error
+ */
+static inline size_t mbedtls_pk_get_len(const mbedtls_pk_context *ctx)
+{
+    return (mbedtls_pk_get_bitlen(ctx) + 7) / 8;
+}
+
+/**
+ * \brief           Tell if a context can do the operation given by type
+ *
+ * \param ctx       The context to query. It must have been initialized.
+ * \param type      The desired type.
+ *
+ * \return          1 if the context can do operations on the given type.
+ * \return          0 if the context cannot do the operations on the given
+ *                  type. This is always the case for a context that has
+ *                  been initialized but not set up, or that has been
+ *                  cleared with mbedtls_pk_free().
+ */
+int mbedtls_pk_can_do(const mbedtls_pk_context *ctx, mbedtls_pk_type_t type);
+
+/**
+ * \brief           Verify signature (including padding if relevant).
+ *
+ * \param ctx       The PK context to use. It must have been set up.
+ * \param md_alg    Hash algorithm used (see notes)
+ * \param hash      Hash of the message to sign
+ * \param hash_len  Hash length or 0 (see notes)
+ * \param sig       Signature to verify
+ * \param sig_len   Signature length
+ *
+ * \return          0 on success (signature is valid),
+ *                  #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid
+ *                  signature in \p sig but its length is less than \p sig_len,
+ *                  or a specific error code.
+ *
+ * \note            For RSA keys, the default padding type is PKCS#1 v1.5.
+ *                  Use \c mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, ... )
+ *                  to verify RSASSA_PSS signatures.
+ *
+ * \note            If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                  subsystem must have been initialized by calling
+ *                  psa_crypto_init() before calling this function,
+ *                  if the key might be an ECC (ECDSA) key.
+ *
+ * \note            If hash_len is 0, then the length associated with md_alg
+ *                  is used instead, or an error returned if it is invalid.
+ *
+ * \note            md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0
+ */
+int mbedtls_pk_verify(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
+                      const unsigned char *hash, size_t hash_len,
+                      const unsigned char *sig, size_t sig_len);
+
+/**
+ * \brief           Restartable version of \c mbedtls_pk_verify()
+ *
+ * \note            Performs the same job as \c mbedtls_pk_verify(), but can
+ *                  return early and restart according to the limit set with
+ *                  \c mbedtls_ecp_set_max_ops() to reduce blocking for ECC
+ *                  operations. For RSA, same as \c mbedtls_pk_verify().
+ *
+ * \param ctx       The PK context to use. It must have been set up.
+ * \param md_alg    Hash algorithm used (see notes)
+ * \param hash      Hash of the message to sign
+ * \param hash_len  Hash length or 0 (see notes)
+ * \param sig       Signature to verify
+ * \param sig_len   Signature length
+ * \param rs_ctx    Restart context (NULL to disable restart)
+ *
+ * \return          See \c mbedtls_pk_verify(), or
+ * \return          #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
+ *                  operations was reached: see \c mbedtls_ecp_set_max_ops().
+ */
+int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx,
+                                  mbedtls_md_type_t md_alg,
+                                  const unsigned char *hash, size_t hash_len,
+                                  const unsigned char *sig, size_t sig_len,
+                                  mbedtls_pk_restart_ctx *rs_ctx);
+
+/**
+ * \brief           Verify signature, with options.
+ *                  (Includes verification of the padding depending on type.)
+ *
+ * \param type      Signature type (inc. possible padding type) to verify
+ * \param options   Pointer to type-specific options, or NULL
+ * \param ctx       The PK context to use. It must have been set up.
+ * \param md_alg    Hash algorithm used (see notes)
+ * \param hash      Hash of the message to sign
+ * \param hash_len  Hash length or 0 (see notes)
+ * \param sig       Signature to verify
+ * \param sig_len   Signature length
+ *
+ * \return          0 on success (signature is valid),
+ *                  #MBEDTLS_ERR_PK_TYPE_MISMATCH if the PK context can't be
+ *                  used for this type of signatures,
+ *                  #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid
+ *                  signature in \p sig but its length is less than \p sig_len,
+ *                  or a specific error code.
+ *
+ * \note            If hash_len is 0, then the length associated with md_alg
+ *                  is used instead, or an error returned if it is invalid.
+ *
+ * \note            md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0
+ *
+ * \note            If type is MBEDTLS_PK_RSASSA_PSS, then options must point
+ *                  to a mbedtls_pk_rsassa_pss_options structure,
+ *                  otherwise it must be NULL.
+ */
+int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options,
+                          mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
+                          const unsigned char *hash, size_t hash_len,
+                          const unsigned char *sig, size_t sig_len);
+
+/**
+ * \brief           Make signature, including padding if relevant.
+ *
+ * \param ctx       The PK context to use. It must have been set up
+ *                  with a private key.
+ * \param md_alg    Hash algorithm used (see notes)
+ * \param hash      Hash of the message to sign
+ * \param hash_len  Hash length or 0 (see notes)
+ * \param sig       Place to write the signature.
+ *                  It must have enough room for the signature.
+ *                  #MBEDTLS_PK_SIGNATURE_MAX_SIZE is always enough.
+ *                  You may use a smaller buffer if it is large enough
+ *                  given the key type.
+ * \param sig_len   On successful return,
+ *                  the number of bytes written to \p sig.
+ * \param f_rng     RNG function
+ * \param p_rng     RNG parameter
+ *
+ * \return          0 on success, or a specific error code.
+ *
+ * \note            For RSA keys, the default padding type is PKCS#1 v1.5.
+ *                  There is no interface in the PK module to make RSASSA-PSS
+ *                  signatures yet.
+ *
+ * \note            If hash_len is 0, then the length associated with md_alg
+ *                  is used instead, or an error returned if it is invalid.
+ *
+ * \note            For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0.
+ *                  For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
+ */
+int mbedtls_pk_sign(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
+                    const unsigned char *hash, size_t hash_len,
+                    unsigned char *sig, size_t *sig_len,
+                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
+
+/**
+ * \brief           Restartable version of \c mbedtls_pk_sign()
+ *
+ * \note            Performs the same job as \c mbedtls_pk_sign(), but can
+ *                  return early and restart according to the limit set with
+ *                  \c mbedtls_ecp_set_max_ops() to reduce blocking for ECC
+ *                  operations. For RSA, same as \c mbedtls_pk_sign().
+ *
+ * \param ctx       The PK context to use. It must have been set up
+ *                  with a private key.
+ * \param md_alg    Hash algorithm used (see notes for mbedtls_pk_sign())
+ * \param hash      Hash of the message to sign
+ * \param hash_len  Hash length or 0 (see notes for mbedtls_pk_sign())
+ * \param sig       Place to write the signature.
+ *                  It must have enough room for the signature.
+ *                  #MBEDTLS_PK_SIGNATURE_MAX_SIZE is always enough.
+ *                  You may use a smaller buffer if it is large enough
+ *                  given the key type.
+ * \param sig_len   On successful return,
+ *                  the number of bytes written to \p sig.
+ * \param f_rng     RNG function
+ * \param p_rng     RNG parameter
+ * \param rs_ctx    Restart context (NULL to disable restart)
+ *
+ * \return          See \c mbedtls_pk_sign().
+ * \return          #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
+ *                  operations was reached: see \c mbedtls_ecp_set_max_ops().
+ */
+int mbedtls_pk_sign_restartable(mbedtls_pk_context *ctx,
+                                mbedtls_md_type_t md_alg,
+                                const unsigned char *hash, size_t hash_len,
+                                unsigned char *sig, size_t *sig_len,
+                                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+                                mbedtls_pk_restart_ctx *rs_ctx);
+
+/**
+ * \brief           Decrypt message (including padding if relevant).
+ *
+ * \param ctx       The PK context to use. It must have been set up
+ *                  with a private key.
+ * \param input     Input to decrypt
+ * \param ilen      Input size
+ * \param output    Decrypted output
+ * \param olen      Decrypted message length
+ * \param osize     Size of the output buffer
+ * \param f_rng     RNG function
+ * \param p_rng     RNG parameter
+ *
+ * \note            For RSA keys, the default padding type is PKCS#1 v1.5.
+ *
+ * \return          0 on success, or a specific error code.
+ */
+int mbedtls_pk_decrypt(mbedtls_pk_context *ctx,
+                       const unsigned char *input, size_t ilen,
+                       unsigned char *output, size_t *olen, size_t osize,
+                       int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
+
+/**
+ * \brief           Encrypt message (including padding if relevant).
+ *
+ * \param ctx       The PK context to use. It must have been set up.
+ * \param input     Message to encrypt
+ * \param ilen      Message size
+ * \param output    Encrypted output
+ * \param olen      Encrypted output length
+ * \param osize     Size of the output buffer
+ * \param f_rng     RNG function
+ * \param p_rng     RNG parameter
+ *
+ * \note            For RSA keys, the default padding type is PKCS#1 v1.5.
+ *
+ * \return          0 on success, or a specific error code.
+ */
+int mbedtls_pk_encrypt(mbedtls_pk_context *ctx,
+                       const unsigned char *input, size_t ilen,
+                       unsigned char *output, size_t *olen, size_t osize,
+                       int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
+
+/**
+ * \brief           Check if a public-private pair of keys matches.
+ *
+ * \param pub       Context holding a public key.
+ * \param prv       Context holding a private (and public) key.
+ *
+ * \return          \c 0 on success (keys were checked and match each other).
+ * \return          #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the keys could not
+ *                  be checked - in that case they may or may not match.
+ * \return          #MBEDTLS_ERR_PK_BAD_INPUT_DATA if a context is invalid.
+ * \return          Another non-zero value if the keys do not match.
+ */
+int mbedtls_pk_check_pair(const mbedtls_pk_context *pub, const mbedtls_pk_context *prv);
+
+/**
+ * \brief           Export debug information
+ *
+ * \param ctx       The PK context to use. It must have been initialized.
+ * \param items     Place to write debug items
+ *
+ * \return          0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA
+ */
+int mbedtls_pk_debug(const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items);
+
+/**
+ * \brief           Access the type name
+ *
+ * \param ctx       The PK context to use. It must have been initialized.
+ *
+ * \return          Type name on success, or "invalid PK"
+ */
+const char *mbedtls_pk_get_name(const mbedtls_pk_context *ctx);
+
+/**
+ * \brief           Get the key type
+ *
+ * \param ctx       The PK context to use. It must have been initialized.
+ *
+ * \return          Type on success.
+ * \return          #MBEDTLS_PK_NONE for a context that has not been set up.
+ */
+mbedtls_pk_type_t mbedtls_pk_get_type(const mbedtls_pk_context *ctx);
+
+#if defined(MBEDTLS_RSA_C)
+/**
+ * Quick access to an RSA context inside a PK context.
+ *
+ * \warning This function can only be used when the type of the context, as
+ * returned by mbedtls_pk_get_type(), is #MBEDTLS_PK_RSA.
+ * Ensuring that is the caller's responsibility.
+ * Alternatively, you can check whether this function returns NULL.
+ *
+ * \return The internal RSA context held by the PK context, or NULL.
+ */
+static inline mbedtls_rsa_context *mbedtls_pk_rsa(const mbedtls_pk_context pk)
+{
+    switch (mbedtls_pk_get_type(&pk)) {
+        case MBEDTLS_PK_RSA:
+            return (mbedtls_rsa_context *) (pk).pk_ctx;
+        default:
+            return NULL;
+    }
+}
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_ECP_C)
+/**
+ * Quick access to an EC context inside a PK context.
+ *
+ * \warning This function can only be used when the type of the context, as
+ * returned by mbedtls_pk_get_type(), is #MBEDTLS_PK_ECKEY,
+ * #MBEDTLS_PK_ECKEY_DH, or #MBEDTLS_PK_ECDSA.
+ * Ensuring that is the caller's responsibility.
+ * Alternatively, you can check whether this function returns NULL.
+ *
+ * \return The internal EC context held by the PK context, or NULL.
+ */
+static inline mbedtls_ecp_keypair *mbedtls_pk_ec(const mbedtls_pk_context pk)
+{
+    switch (mbedtls_pk_get_type(&pk)) {
+        case MBEDTLS_PK_ECKEY:
+        case MBEDTLS_PK_ECKEY_DH:
+        case MBEDTLS_PK_ECDSA:
+            return (mbedtls_ecp_keypair *) (pk).pk_ctx;
+        default:
+            return NULL;
+    }
+}
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_PK_PARSE_C)
+/** \ingroup pk_module */
+/**
+ * \brief           Parse a private key in PEM or DER format
+ *
+ * \param ctx       The PK context to fill. It must have been initialized
+ *                  but not set up.
+ * \param key       Input buffer to parse.
+ *                  The buffer must contain the input exactly, with no
+ *                  extra trailing material. For PEM, the buffer must
+ *                  contain a null-terminated string.
+ * \param keylen    Size of \b key in bytes.
+ *                  For PEM data, this includes the terminating null byte,
+ *                  so \p keylen must be equal to `strlen(key) + 1`.
+ * \param pwd       Optional password for decryption.
+ *                  Pass \c NULL if expecting a non-encrypted key.
+ *                  Pass a string of \p pwdlen bytes if expecting an encrypted
+ *                  key; a non-encrypted key will also be accepted.
+ *                  The empty password is not supported.
+ * \param pwdlen    Size of the password in bytes.
+ *                  Ignored if \p pwd is \c NULL.
+ *
+ * \note            On entry, ctx must be empty, either freshly initialised
+ *                  with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a
+ *                  specific key type, check the result with mbedtls_pk_can_do().
+ *
+ * \note            The key is also checked for correctness.
+ *
+ * \return          0 if successful, or a specific PK or PEM error code
+ */
+int mbedtls_pk_parse_key(mbedtls_pk_context *ctx,
+                         const unsigned char *key, size_t keylen,
+                         const unsigned char *pwd, size_t pwdlen);
+
+/** \ingroup pk_module */
+/**
+ * \brief           Parse a public key in PEM or DER format
+ *
+ * \param ctx       The PK context to fill. It must have been initialized
+ *                  but not set up.
+ * \param key       Input buffer to parse.
+ *                  The buffer must contain the input exactly, with no
+ *                  extra trailing material. For PEM, the buffer must
+ *                  contain a null-terminated string.
+ * \param keylen    Size of \b key in bytes.
+ *                  For PEM data, this includes the terminating null byte,
+ *                  so \p keylen must be equal to `strlen(key) + 1`.
+ *
+ * \note            On entry, ctx must be empty, either freshly initialised
+ *                  with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a
+ *                  specific key type, check the result with mbedtls_pk_can_do().
+ *
+ * \note            The key is also checked for correctness.
+ *
+ * \return          0 if successful, or a specific PK or PEM error code
+ */
+int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx,
+                                const unsigned char *key, size_t keylen);
+
+#if defined(MBEDTLS_FS_IO)
+/** \ingroup pk_module */
+/**
+ * \brief           Load and parse a private key
+ *
+ * \param ctx       The PK context to fill. It must have been initialized
+ *                  but not set up.
+ * \param path      filename to read the private key from
+ * \param password  Optional password to decrypt the file.
+ *                  Pass \c NULL if expecting a non-encrypted key.
+ *                  Pass a null-terminated string if expecting an encrypted
+ *                  key; a non-encrypted key will also be accepted.
+ *                  The empty password is not supported.
+ *
+ * \note            On entry, ctx must be empty, either freshly initialised
+ *                  with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a
+ *                  specific key type, check the result with mbedtls_pk_can_do().
+ *
+ * \note            The key is also checked for correctness.
+ *
+ * \return          0 if successful, or a specific PK or PEM error code
+ */
+int mbedtls_pk_parse_keyfile(mbedtls_pk_context *ctx,
+                             const char *path, const char *password);
+
+/** \ingroup pk_module */
+/**
+ * \brief           Load and parse a public key
+ *
+ * \param ctx       The PK context to fill. It must have been initialized
+ *                  but not set up.
+ * \param path      filename to read the public key from
+ *
+ * \note            On entry, ctx must be empty, either freshly initialised
+ *                  with mbedtls_pk_init() or reset with mbedtls_pk_free(). If
+ *                  you need a specific key type, check the result with
+ *                  mbedtls_pk_can_do().
+ *
+ * \note            The key is also checked for correctness.
+ *
+ * \return          0 if successful, or a specific PK or PEM error code
+ */
+int mbedtls_pk_parse_public_keyfile(mbedtls_pk_context *ctx, const char *path);
+#endif /* MBEDTLS_FS_IO */
+#endif /* MBEDTLS_PK_PARSE_C */
+
+#if defined(MBEDTLS_PK_WRITE_C)
+/**
+ * \brief           Write a private key to a PKCS#1 or SEC1 DER structure
+ *                  Note: data is written at the end of the buffer! Use the
+ *                        return value to determine where you should start
+ *                        using the buffer
+ *
+ * \param ctx       PK context which must contain a valid private key.
+ * \param buf       buffer to write to
+ * \param size      size of the buffer
+ *
+ * \return          length of data written if successful, or a specific
+ *                  error code
+ */
+int mbedtls_pk_write_key_der(mbedtls_pk_context *ctx, unsigned char *buf, size_t size);
+
+/**
+ * \brief           Write a public key to a SubjectPublicKeyInfo DER structure
+ *                  Note: data is written at the end of the buffer! Use the
+ *                        return value to determine where you should start
+ *                        using the buffer
+ *
+ * \param ctx       PK context which must contain a valid public or private key.
+ * \param buf       buffer to write to
+ * \param size      size of the buffer
+ *
+ * \return          length of data written if successful, or a specific
+ *                  error code
+ */
+int mbedtls_pk_write_pubkey_der(mbedtls_pk_context *ctx, unsigned char *buf, size_t size);
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+/**
+ * \brief           Write a public key to a PEM string
+ *
+ * \param ctx       PK context which must contain a valid public or private key.
+ * \param buf       Buffer to write to. The output includes a
+ *                  terminating null byte.
+ * \param size      Size of the buffer in bytes.
+ *
+ * \return          0 if successful, or a specific error code
+ */
+int mbedtls_pk_write_pubkey_pem(mbedtls_pk_context *ctx, unsigned char *buf, size_t size);
+
+/**
+ * \brief           Write a private key to a PKCS#1 or SEC1 PEM string
+ *
+ * \param ctx       PK context which must contain a valid private key.
+ * \param buf       Buffer to write to. The output includes a
+ *                  terminating null byte.
+ * \param size      Size of the buffer in bytes.
+ *
+ * \return          0 if successful, or a specific error code
+ */
+int mbedtls_pk_write_key_pem(mbedtls_pk_context *ctx, unsigned char *buf, size_t size);
+#endif /* MBEDTLS_PEM_WRITE_C */
+#endif /* MBEDTLS_PK_WRITE_C */
+
+/*
+ * WARNING: Low-level functions. You probably do not want to use these unless
+ *          you are certain you do ;)
+ */
+
+#if defined(MBEDTLS_PK_PARSE_C)
+/**
+ * \brief           Parse a SubjectPublicKeyInfo DER structure
+ *
+ * \param p         the position in the ASN.1 data
+ * \param end       end of the buffer
+ * \param pk        The PK context to fill. It must have been initialized
+ *                  but not set up.
+ *
+ * \return          0 if successful, or a specific PK error code
+ */
+int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end,
+                               mbedtls_pk_context *pk);
+#endif /* MBEDTLS_PK_PARSE_C */
+
+#if defined(MBEDTLS_PK_WRITE_C)
+/**
+ * \brief           Write a subjectPublicKey to ASN.1 data
+ *                  Note: function works backwards in data buffer
+ *
+ * \param p         reference to current position pointer
+ * \param start     start of the buffer (for bounds-checking)
+ * \param key       PK context which must contain a valid public or private key.
+ *
+ * \return          the length written or a negative error code
+ */
+int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start,
+                            const mbedtls_pk_context *key);
+#endif /* MBEDTLS_PK_WRITE_C */
+
+/*
+ * Internal module functions. You probably do not want to use these unless you
+ * know you do.
+ */
+#if defined(MBEDTLS_FS_IO)
+int mbedtls_pk_load_file(const char *path, unsigned char **buf, size_t *n);
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/**
+ * \brief           Turn an EC key into an opaque one.
+ *
+ * \warning         This is a temporary utility function for tests. It might
+ *                  change or be removed at any time without notice.
+ *
+ * \note            Only ECDSA keys are supported so far. Signing with the
+ *                  specified hash is the only allowed use of that key.
+ *
+ * \param pk        Input: the EC key to import to a PSA key.
+ *                  Output: a PK context wrapping that PSA key.
+ * \param key       Output: a PSA key identifier.
+ *                  It's the caller's responsibility to call
+ *                  psa_destroy_key() on that key identifier after calling
+ *                  mbedtls_pk_free() on the PK context.
+ * \param hash_alg  The hash algorithm to allow for use with that key.
+ *
+ * \return          \c 0 if successful.
+ * \return          An Mbed TLS error code otherwise.
+ */
+int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk,
+                              psa_key_id_t *key,
+                              psa_algorithm_t hash_alg);
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_PK_H */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/pk_internal.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/pk_internal.h
new file mode 100644
index 0000000..15165ac
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/pk_internal.h
@@ -0,0 +1,126 @@
+/**
+ * \file pk_internal.h
+ *
+ * \brief Public Key abstraction layer: wrapper functions
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MBEDTLS_PK_WRAP_H
+#define MBEDTLS_PK_WRAP_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/pk.h"
+
+struct mbedtls_pk_info_t {
+    /** Public key type */
+    mbedtls_pk_type_t type;
+
+    /** Type name */
+    const char *name;
+
+    /** Get key size in bits */
+    size_t (*get_bitlen)(const void *);
+
+    /** Tell if the context implements this type (e.g. ECKEY can do ECDSA) */
+    int (*can_do)(mbedtls_pk_type_t type);
+
+    /** Verify signature */
+    int (*verify_func)(void *ctx, mbedtls_md_type_t md_alg,
+                       const unsigned char *hash, size_t hash_len,
+                       const unsigned char *sig, size_t sig_len);
+
+    /** Make signature */
+    int (*sign_func)(void *ctx, mbedtls_md_type_t md_alg,
+                     const unsigned char *hash, size_t hash_len,
+                     unsigned char *sig, size_t *sig_len,
+                     int (*f_rng)(void *, unsigned char *, size_t),
+                     void *p_rng);
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    /** Verify signature (restartable) */
+    int (*verify_rs_func)(void *ctx, mbedtls_md_type_t md_alg,
+                          const unsigned char *hash, size_t hash_len,
+                          const unsigned char *sig, size_t sig_len,
+                          void *rs_ctx);
+
+    /** Make signature (restartable) */
+    int (*sign_rs_func)(void *ctx, mbedtls_md_type_t md_alg,
+                        const unsigned char *hash, size_t hash_len,
+                        unsigned char *sig, size_t *sig_len,
+                        int (*f_rng)(void *, unsigned char *, size_t),
+                        void *p_rng, void *rs_ctx);
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
+    /** Decrypt message */
+    int (*decrypt_func)(void *ctx, const unsigned char *input, size_t ilen,
+                        unsigned char *output, size_t *olen, size_t osize,
+                        int (*f_rng)(void *, unsigned char *, size_t),
+                        void *p_rng);
+
+    /** Encrypt message */
+    int (*encrypt_func)(void *ctx, const unsigned char *input, size_t ilen,
+                        unsigned char *output, size_t *olen, size_t osize,
+                        int (*f_rng)(void *, unsigned char *, size_t),
+                        void *p_rng);
+
+    /** Check public-private key pair */
+    int (*check_pair_func)(const void *pub, const void *prv);
+
+    /** Allocate a new context */
+    void * (*ctx_alloc_func)(void);
+
+    /** Free the given context */
+    void (*ctx_free_func)(void *ctx);
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    /** Allocate the restart context */
+    void *(*rs_alloc_func)(void);
+
+    /** Free the restart context */
+    void (*rs_free_func)(void *rs_ctx);
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
+    /** Interface with the debug module */
+    void (*debug_func)(const void *ctx, mbedtls_pk_debug_item *items);
+
+};
+#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+/* Container for RSA-alt */
+typedef struct {
+    void *key;
+    mbedtls_pk_rsa_alt_decrypt_func decrypt_func;
+    mbedtls_pk_rsa_alt_sign_func sign_func;
+    mbedtls_pk_rsa_alt_key_len_func key_len_func;
+} mbedtls_rsa_alt_context;
+#endif
+
+#if defined(MBEDTLS_RSA_C)
+extern const mbedtls_pk_info_t mbedtls_rsa_info;
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+extern const mbedtls_pk_info_t mbedtls_eckey_info;
+extern const mbedtls_pk_info_t mbedtls_eckeydh_info;
+#endif
+
+#if defined(MBEDTLS_ECDSA_C)
+extern const mbedtls_pk_info_t mbedtls_ecdsa_info;
+#endif
+
+#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+extern const mbedtls_pk_info_t mbedtls_rsa_alt_info;
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+extern const mbedtls_pk_info_t mbedtls_pk_opaque_info;
+#endif
+
+#endif /* MBEDTLS_PK_WRAP_H */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/pkcs11.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/pkcs11.h
new file mode 100644
index 0000000..25d1dd1
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/pkcs11.h
@@ -0,0 +1,241 @@
+/**
+ * \file pkcs11.h
+ *
+ * \brief Wrapper for PKCS#11 library libpkcs11-helper
+ *
+ * \author Adriaan de Jong <dejong@fox-it.com>
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_PKCS11_H
+#define MBEDTLS_PKCS11_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PKCS11_C)
+
+#include "mbedtls/x509_crt.h"
+
+#include <pkcs11-helper-1.0/pkcs11h-certificate.h>
+
+#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if defined(MBEDTLS_DEPRECATED_REMOVED)
+
+/**
+ * Context for PKCS #11 private keys.
+ */
+typedef struct mbedtls_pkcs11_context {
+    pkcs11h_certificate_t pkcs11h_cert;
+    int len;
+} mbedtls_pkcs11_context;
+
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+
+/**
+ * Initialize a mbedtls_pkcs11_context.
+ * (Just making memory references valid.)
+ *
+ * \deprecated          This function is deprecated and will be removed in a
+ *                      future version of the library.
+ */
+MBEDTLS_DEPRECATED void mbedtls_pkcs11_init(mbedtls_pkcs11_context *ctx);
+
+/**
+ * Fill in a Mbed TLS certificate, based on the given PKCS11 helper certificate.
+ *
+ * \deprecated          This function is deprecated and will be removed in a
+ *                      future version of the library.
+ *
+ * \param cert          X.509 certificate to fill
+ * \param pkcs11h_cert  PKCS #11 helper certificate
+ *
+ * \return              0 on success.
+ */
+MBEDTLS_DEPRECATED int mbedtls_pkcs11_x509_cert_bind(mbedtls_x509_crt *cert,
+                                                     pkcs11h_certificate_t pkcs11h_cert);
+
+/**
+ * Set up a mbedtls_pkcs11_context storing the given certificate. Note that the
+ * mbedtls_pkcs11_context will take over control of the certificate, freeing it when
+ * done.
+ *
+ * \deprecated          This function is deprecated and will be removed in a
+ *                      future version of the library.
+ *
+ * \param priv_key      Private key structure to fill.
+ * \param pkcs11_cert   PKCS #11 helper certificate
+ *
+ * \return              0 on success
+ */
+MBEDTLS_DEPRECATED int mbedtls_pkcs11_priv_key_bind(
+    mbedtls_pkcs11_context *priv_key,
+    pkcs11h_certificate_t pkcs11_cert);
+
+/**
+ * Free the contents of the given private key context. Note that the structure
+ * itself is not freed.
+ *
+ * \deprecated          This function is deprecated and will be removed in a
+ *                      future version of the library.
+ *
+ * \param priv_key      Private key structure to cleanup
+ */
+MBEDTLS_DEPRECATED void mbedtls_pkcs11_priv_key_free(
+    mbedtls_pkcs11_context *priv_key);
+
+/**
+ * \brief          Do an RSA private key decrypt, then remove the message
+ *                 padding
+ *
+ * \deprecated     This function is deprecated and will be removed in a future
+ *                 version of the library.
+ *
+ * \param ctx      PKCS #11 context
+ * \param mode     must be MBEDTLS_RSA_PRIVATE, for compatibility with rsa.c's signature
+ * \param input    buffer holding the encrypted data
+ * \param output   buffer that will hold the plaintext
+ * \param olen     will contain the plaintext length
+ * \param output_max_len    maximum length of the output buffer
+ *
+ * \return         0 if successful, or an MBEDTLS_ERR_RSA_XXX error code
+ *
+ * \note           The output buffer must be as large as the size
+ *                 of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
+ *                 an error is thrown.
+ */
+MBEDTLS_DEPRECATED int mbedtls_pkcs11_decrypt(mbedtls_pkcs11_context *ctx,
+                                              int mode, size_t *olen,
+                                              const unsigned char *input,
+                                              unsigned char *output,
+                                              size_t output_max_len);
+
+/**
+ * \brief          Do a private RSA to sign a message digest
+ *
+ * \deprecated     This function is deprecated and will be removed in a future
+ *                 version of the library.
+ *
+ * \param ctx      PKCS #11 context
+ * \param mode     must be MBEDTLS_RSA_PRIVATE, for compatibility with rsa.c's signature
+ * \param md_alg   a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data)
+ * \param hashlen  message digest length (for MBEDTLS_MD_NONE only)
+ * \param hash     buffer holding the message digest
+ * \param sig      buffer that will hold the ciphertext
+ *
+ * \return         0 if the signing operation was successful,
+ *                 or an MBEDTLS_ERR_RSA_XXX error code
+ *
+ * \note           The "sig" buffer must be as large as the size
+ *                 of ctx->N (eg. 128 bytes if RSA-1024 is used).
+ */
+MBEDTLS_DEPRECATED int mbedtls_pkcs11_sign(mbedtls_pkcs11_context *ctx,
+                                           int mode,
+                                           mbedtls_md_type_t md_alg,
+                                           unsigned int hashlen,
+                                           const unsigned char *hash,
+                                           unsigned char *sig);
+
+/**
+ * SSL/TLS wrappers for PKCS#11 functions
+ *
+ * \deprecated     This function is deprecated and will be removed in a future
+ *                 version of the library.
+ */
+MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_decrypt(void *ctx,
+                                                                int mode,
+                                                                size_t *olen,
+                                                                const unsigned char *input,
+                                                                unsigned char *output,
+                                                                size_t output_max_len)
+{
+    return mbedtls_pkcs11_decrypt((mbedtls_pkcs11_context *) ctx, mode, olen, input, output,
+                                  output_max_len);
+}
+
+/**
+ * \brief          This function signs a message digest using RSA.
+ *
+ * \deprecated     This function is deprecated and will be removed in a future
+ *                 version of the library.
+ *
+ * \param ctx      The PKCS #11 context.
+ * \param f_rng    The RNG function. This parameter is unused.
+ * \param p_rng    The RNG context. This parameter is unused.
+ * \param mode     The operation to run. This must be set to
+ *                 MBEDTLS_RSA_PRIVATE, for compatibility with rsa.c's
+ *                 signature.
+ * \param md_alg   The message digest algorithm. One of the MBEDTLS_MD_XXX
+ *                 must be passed to this function and MBEDTLS_MD_NONE can be
+ *                 used for signing raw data.
+ * \param hashlen  The message digest length (for MBEDTLS_MD_NONE only).
+ * \param hash     The buffer holding the message digest.
+ * \param sig      The buffer that will hold the ciphertext.
+ *
+ * \return         \c 0 if the signing operation was successful.
+ * \return         A non-zero error code on failure.
+ *
+ * \note           The \p sig buffer must be as large as the size of
+ *                 <code>ctx->N</code>. For example, 128 bytes if RSA-1024 is
+ *                 used.
+ */
+MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_sign(void *ctx,
+                                                             int (*f_rng)(void *,
+                                                                          unsigned char *,
+                                                                          size_t),
+                                                             void *p_rng,
+                                                             int mode,
+                                                             mbedtls_md_type_t md_alg,
+                                                             unsigned int hashlen,
+                                                             const unsigned char *hash,
+                                                             unsigned char *sig)
+{
+    ((void) f_rng);
+    ((void) p_rng);
+    return mbedtls_pkcs11_sign((mbedtls_pkcs11_context *) ctx, mode, md_alg,
+                               hashlen, hash, sig);
+}
+
+/**
+ * This function gets the length of the private key.
+ *
+ * \deprecated     This function is deprecated and will be removed in a future
+ *                 version of the library.
+ *
+ * \param ctx      The PKCS #11 context.
+ *
+ * \return         The length of the private key.
+ */
+MBEDTLS_DEPRECATED static inline size_t mbedtls_ssl_pkcs11_key_len(void *ctx)
+{
+    return ((mbedtls_pkcs11_context *) ctx)->len;
+}
+
+#undef MBEDTLS_DEPRECATED
+
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_PKCS11_C */
+
+#endif /* MBEDTLS_PKCS11_H */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/pkcs12.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/pkcs12.h
new file mode 100644
index 0000000..2ad5e9c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/pkcs12.h
@@ -0,0 +1,202 @@
+/**
+ * \file pkcs12.h
+ *
+ * \brief PKCS#12 Personal Information Exchange Syntax
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_PKCS12_H
+#define MBEDTLS_PKCS12_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/md.h"
+#include "mbedtls/cipher.h"
+#include "mbedtls/asn1.h"
+
+#include <stddef.h>
+
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA                 -0x1F80
+/** Feature not available, e.g. unsupported encryption scheme. */
+#define MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE            -0x1F00
+/** PBE ASN.1 data not as expected. */
+#define MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT             -0x1E80
+/** Given private key password does not allow for correct decryption. */
+#define MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH              -0x1E00
+
+#define MBEDTLS_PKCS12_DERIVE_KEY       1   /**< encryption/decryption key */
+#define MBEDTLS_PKCS12_DERIVE_IV        2   /**< initialization vector     */
+#define MBEDTLS_PKCS12_DERIVE_MAC_KEY   3   /**< integrity / MAC key       */
+
+#define MBEDTLS_PKCS12_PBE_DECRYPT      0
+#define MBEDTLS_PKCS12_PBE_ENCRYPT      1
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+
+/**
+ * \brief            PKCS12 Password Based function (encryption / decryption)
+ *                   for pbeWithSHAAnd128BitRC4
+ *
+ * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
+ * \param mode       either MBEDTLS_PKCS12_PBE_ENCRYPT or MBEDTLS_PKCS12_PBE_DECRYPT
+ * \param pwd        the password used (may be NULL if no password is used)
+ * \param pwdlen     length of the password (may be 0)
+ * \param input      the input data
+ * \param len        data length
+ * \param output     the output buffer
+ *
+ * \return           0 if successful, or a MBEDTLS_ERR_XXX code
+ */
+int mbedtls_pkcs12_pbe_sha1_rc4_128(mbedtls_asn1_buf *pbe_params, int mode,
+                                    const unsigned char *pwd,  size_t pwdlen,
+                                    const unsigned char *input, size_t len,
+                                    unsigned char *output);
+
+/**
+ * \brief            PKCS12 Password Based function (encryption / decryption)
+ *                   for cipher-based and mbedtls_md-based PBE's
+ *
+ * \note             When encrypting, #MBEDTLS_CIPHER_PADDING_PKCS7 must
+ *                   be enabled at compile time.
+ *
+ * \warning          When decrypting:
+ *                   - if #MBEDTLS_CIPHER_PADDING_PKCS7 is enabled at compile
+ *                     time, this function validates the CBC padding and returns
+ *                     #MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH if the padding is
+ *                     invalid. Note that this can help active adversaries
+ *                     attempting to brute-forcing the password. Note also that
+ *                     there is no guarantee that an invalid password will be
+ *                     detected (the chances of a valid padding with a random
+ *                     password are about 1/255).
+ *                   - if #MBEDTLS_CIPHER_PADDING_PKCS7 is disabled at compile
+ *                     time, this function does not validate the CBC padding.
+ *
+ * \param pbe_params an ASN1 buffer containing the pkcs-12 PbeParams structure
+ * \param mode       either #MBEDTLS_PKCS12_PBE_ENCRYPT or
+ *                   #MBEDTLS_PKCS12_PBE_DECRYPT
+ * \param cipher_type the cipher used
+ * \param md_type    the mbedtls_md used
+ * \param pwd        Latin1-encoded password used. This may only be \c NULL when
+ *                   \p pwdlen is 0. No null terminator should be used.
+ * \param pwdlen     length of the password (may be 0)
+ * \param data       the input data
+ * \param len        data length
+ * \param output     Output buffer.
+ *                   On success, it contains the encrypted or decrypted data,
+ *                   possibly followed by the CBC padding.
+ *                   On failure, the content is indeterminate.
+ *                   For decryption, there must be enough room for \p len
+ *                   bytes.
+ *                   For encryption, there must be enough room for
+ *                   \p len + 1 bytes, rounded up to the block size of
+ *                   the block cipher identified by \p pbe_params.
+ *
+ * \return           0 if successful, or a MBEDTLS_ERR_XXX code
+ */
+int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode,
+                       mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
+                       const unsigned char *pwd,  size_t pwdlen,
+                       const unsigned char *data, size_t len,
+                       unsigned char *output);
+
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+
+/**
+ * \brief            PKCS12 Password Based function (encryption / decryption)
+ *                   for cipher-based and mbedtls_md-based PBE's
+ *
+ *
+ * \warning          When decrypting:
+ *                   - This function validates the CBC padding and returns
+ *                     #MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH if the padding is
+ *                     invalid. Note that this can help active adversaries
+ *                     attempting to brute-forcing the password. Note also that
+ *                     there is no guarantee that an invalid password will be
+ *                     detected (the chances of a valid padding with a random
+ *                     password are about 1/255).
+ *
+ * \param pbe_params an ASN1 buffer containing the pkcs-12 PbeParams structure
+ * \param mode       either #MBEDTLS_PKCS12_PBE_ENCRYPT or
+ *                   #MBEDTLS_PKCS12_PBE_DECRYPT
+ * \param cipher_type the cipher used
+ * \param md_type    the mbedtls_md used
+ * \param pwd        Latin1-encoded password used. This may only be \c NULL when
+ *                   \p pwdlen is 0. No null terminator should be used.
+ * \param pwdlen     length of the password (may be 0)
+ * \param data       the input data
+ * \param len        data length
+ * \param output     Output buffer.
+ *                   On success, it contains the encrypted or decrypted data,
+ *                   possibly followed by the CBC padding.
+ *                   On failure, the content is indeterminate.
+ *                   For decryption, there must be enough room for \p len
+ *                   bytes.
+ *                   For encryption, there must be enough room for
+ *                   \p len + 1 bytes, rounded up to the block size of
+ *                   the block cipher identified by \p pbe_params.
+ * \param output_size size of output buffer.
+ *                    This must be big enough to accommodate for output plus
+ *                    padding data.
+ * \param output_len On success, length of actual data written to the output buffer.
+ *
+ * \return           0 if successful, or a MBEDTLS_ERR_XXX code
+ */
+int mbedtls_pkcs12_pbe_ext(mbedtls_asn1_buf *pbe_params, int mode,
+                           mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
+                           const unsigned char *pwd,  size_t pwdlen,
+                           const unsigned char *data, size_t len,
+                           unsigned char *output, size_t output_size,
+                           size_t *output_len);
+
+#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */
+
+#endif /* MBEDTLS_ASN1_PARSE_C */
+
+/**
+ * \brief            The PKCS#12 derivation function uses a password and a salt
+ *                   to produce pseudo-random bits for a particular "purpose".
+ *
+ *                   Depending on the given id, this function can produce an
+ *                   encryption/decryption key, an initialization vector or an
+ *                   integrity key.
+ *
+ * \param data       buffer to store the derived data in
+ * \param datalen    length of buffer to fill
+ * \param pwd        The password to use. For compliance with PKCS#12 §B.1, this
+ *                   should be a BMPString, i.e. a Unicode string where each
+ *                   character is encoded as 2 bytes in big-endian order, with
+ *                   no byte order mark and with a null terminator (i.e. the
+ *                   last two bytes should be 0x00 0x00).
+ * \param pwdlen     length of the password (may be 0).
+ * \param salt       Salt buffer to use This may only be \c NULL when
+ *                   \p saltlen is 0.
+ * \param saltlen    length of the salt (may be zero)
+ * \param mbedtls_md mbedtls_md type to use during the derivation
+ * \param id         id that describes the purpose (can be
+ *                   #MBEDTLS_PKCS12_DERIVE_KEY, #MBEDTLS_PKCS12_DERIVE_IV or
+ *                   #MBEDTLS_PKCS12_DERIVE_MAC_KEY)
+ * \param iterations number of iterations
+ *
+ * \return          0 if successful, or a MD, BIGNUM type error.
+ */
+int mbedtls_pkcs12_derivation(unsigned char *data, size_t datalen,
+                              const unsigned char *pwd, size_t pwdlen,
+                              const unsigned char *salt, size_t saltlen,
+                              mbedtls_md_type_t mbedtls_md, int id, int iterations);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* pkcs12.h */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/pkcs5.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/pkcs5.h
new file mode 100644
index 0000000..05bea48
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/pkcs5.h
@@ -0,0 +1,165 @@
+/**
+ * \file pkcs5.h
+ *
+ * \brief PKCS#5 functions
+ *
+ * \author Mathias Olsson <mathias@kompetensum.com>
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_PKCS5_H
+#define MBEDTLS_PKCS5_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/asn1.h"
+#include "mbedtls/md.h"
+
+#include <stddef.h>
+#include <stdint.h>
+
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA                  -0x2f80
+/** Unexpected ASN.1 data. */
+#define MBEDTLS_ERR_PKCS5_INVALID_FORMAT                  -0x2f00
+/** Requested encryption or digest alg not available. */
+#define MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE             -0x2e80
+/** Given private key password does not allow for correct decryption. */
+#define MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH               -0x2e00
+
+#define MBEDTLS_PKCS5_DECRYPT      0
+#define MBEDTLS_PKCS5_ENCRYPT      1
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+
+/**
+ * \brief          PKCS#5 PBES2 function
+ *
+ * \note           When encrypting, #MBEDTLS_CIPHER_PADDING_PKCS7 must
+ *                 be enabled at compile time.
+ *
+ * \warning        When decrypting:
+ *                 - if #MBEDTLS_CIPHER_PADDING_PKCS7 is enabled at compile
+ *                   time, this function validates the CBC padding and returns
+ *                   #MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH if the padding is
+ *                   invalid. Note that this can help active adversaries
+ *                   attempting to brute-forcing the password. Note also that
+ *                   there is no guarantee that an invalid password will be
+ *                   detected (the chances of a valid padding with a random
+ *                   password are about 1/255).
+ *                 - if #MBEDTLS_CIPHER_PADDING_PKCS7 is disabled at compile
+ *                   time, this function does not validate the CBC padding.
+ *
+ * \param pbe_params the ASN.1 algorithm parameters
+ * \param mode       either #MBEDTLS_PKCS5_DECRYPT or #MBEDTLS_PKCS5_ENCRYPT
+ * \param pwd        password to use when generating key
+ * \param pwdlen     length of password
+ * \param data       data to process
+ * \param datalen    length of data
+ * \param output     Output buffer.
+ *                   On success, it contains the encrypted or decrypted data,
+ *                   possibly followed by the CBC padding.
+ *                   On failure, the content is indeterminate.
+ *                   For decryption, there must be enough room for \p datalen
+ *                   bytes.
+ *                   For encryption, there must be enough room for
+ *                   \p datalen + 1 bytes, rounded up to the block size of
+ *                   the block cipher identified by \p pbe_params.
+ *
+ * \returns        0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
+ */
+int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode,
+                        const unsigned char *pwd,  size_t pwdlen,
+                        const unsigned char *data, size_t datalen,
+                        unsigned char *output);
+
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+
+/**
+ * \brief          PKCS#5 PBES2 function
+ *
+ * \warning        When decrypting:
+ *                 - This function validates the CBC padding and returns
+ *                   #MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH if the padding is
+ *                   invalid. Note that this can help active adversaries
+ *                   attempting to brute-forcing the password. Note also that
+ *                   there is no guarantee that an invalid password will be
+ *                   detected (the chances of a valid padding with a random
+ *                   password are about 1/255).
+ *
+ * \param pbe_params the ASN.1 algorithm parameters
+ * \param mode       either #MBEDTLS_PKCS5_DECRYPT or #MBEDTLS_PKCS5_ENCRYPT
+ * \param pwd        password to use when generating key
+ * \param pwdlen     length of password
+ * \param data       data to process
+ * \param datalen    length of data
+ * \param output     Output buffer.
+ *                   On success, it contains the decrypted data.
+ *                   On failure, the content is indetermidate.
+ *                   For decryption, there must be enough room for \p datalen
+ *                   bytes.
+ *                   For encryption, there must be enough room for
+ *                   \p datalen + 1 bytes, rounded up to the block size of
+ *                   the block cipher identified by \p pbe_params.
+ * \param output_size size of output buffer.
+ *                    This must be big enough to accommodate for output plus
+ *                    padding data.
+ * \param output_len On success, length of actual data written to the output buffer.
+ *
+ * \returns        0 on success, or a MBEDTLS_ERR_XXX code if parsing or decryption fails.
+ */
+int mbedtls_pkcs5_pbes2_ext(const mbedtls_asn1_buf *pbe_params, int mode,
+                            const unsigned char *pwd,  size_t pwdlen,
+                            const unsigned char *data, size_t datalen,
+                            unsigned char *output, size_t output_size,
+                            size_t *output_len);
+
+#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */
+
+#endif /* MBEDTLS_ASN1_PARSE_C */
+
+/**
+ * \brief          PKCS#5 PBKDF2 using HMAC
+ *
+ * \param ctx      Generic HMAC context
+ * \param password Password to use when generating key
+ * \param plen     Length of password
+ * \param salt     Salt to use when generating key
+ * \param slen     Length of salt
+ * \param iteration_count       Iteration count
+ * \param key_length            Length of generated key in bytes
+ * \param output   Generated key. Must be at least as big as key_length
+ *
+ * \returns        0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
+ */
+int mbedtls_pkcs5_pbkdf2_hmac(mbedtls_md_context_t *ctx, const unsigned char *password,
+                              size_t plen, const unsigned char *salt, size_t slen,
+                              unsigned int iteration_count,
+                              uint32_t key_length, unsigned char *output);
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ */
+int mbedtls_pkcs5_self_test(int verbose);
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* pkcs5.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/platform.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/platform.h
similarity index 78%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/platform.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/platform.h
index fde5ee8..1763954 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/platform.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/platform.h
@@ -11,22 +11,17 @@
  *        implementations of these functions, or implementations specific to
  *        their platform, which can be statically linked to the library or
  *        dynamically configured at runtime.
+ *
+ *        When all compilation options related to platform abstraction are
+ *        disabled, this header just defines `mbedtls_xxx` function names
+ *        as aliases to the standard `xxx` function.
+ *
+ *        Most modules in the library and example programs are expected to
+ *        include this header.
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 #ifndef MBEDTLS_PLATFORM_H
 #define MBEDTLS_PLATFORM_H
@@ -41,8 +36,10 @@
 #include "mbedtls/platform_time.h"
 #endif
 
-#define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED     -0x0070 /**< Hardware accelerator failed */
-#define MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED -0x0072 /**< The requested feature is not supported by the platform */
+/** Hardware accelerator failed */
+#define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED     -0x0070
+/** The requested feature is not supported by the platform */
+#define MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED -0x0072
 
 #ifdef __cplusplus
 extern "C" {
@@ -68,7 +65,9 @@ extern "C" {
 #if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS)
 #include <stdio.h>
 #include <stdlib.h>
+#if defined(MBEDTLS_HAVE_TIME)
 #include <time.h>
+#endif
 #if !defined(MBEDTLS_PLATFORM_STD_SNPRINTF)
 #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF)
 #define MBEDTLS_PLATFORM_STD_SNPRINTF   mbedtls_platform_win32_snprintf /**< The default \c snprintf function to use.  */
@@ -124,22 +123,35 @@ extern "C" {
 #endif
 #endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */
 
+/* Enable certain documented defines only when generating doxygen to avoid
+ * an "unrecognized define" error. */
+#if defined(__DOXYGEN__) && !defined(MBEDTLS_PLATFORM_STD_CALLOC)
+#define MBEDTLS_PLATFORM_STD_CALLOC
+#endif
+
+#if defined(__DOXYGEN__) && !defined(MBEDTLS_PLATFORM_STD_FREE)
+#define MBEDTLS_PLATFORM_STD_FREE
+#endif
 
-/* \} name SECTION: Module settings */
+/** \} name SECTION: Module settings */
 
 /*
  * The function pointers for calloc and free.
+ * Please see MBEDTLS_PLATFORM_STD_CALLOC and MBEDTLS_PLATFORM_STD_FREE
+ * in mbedtls_config.h for more information about behaviour and requirements.
  */
 #if defined(MBEDTLS_PLATFORM_MEMORY)
 #if defined(MBEDTLS_PLATFORM_FREE_MACRO) && \
     defined(MBEDTLS_PLATFORM_CALLOC_MACRO)
+#undef mbedtls_free
+#undef mbedtls_calloc
 #define mbedtls_free       MBEDTLS_PLATFORM_FREE_MACRO
 #define mbedtls_calloc     MBEDTLS_PLATFORM_CALLOC_MACRO
 #else
 /* For size_t */
 #include <stddef.h>
-extern void *mbedtls_calloc( size_t n, size_t size );
-extern void mbedtls_free( void *ptr );
+extern void *mbedtls_calloc(size_t n, size_t size);
+extern void mbedtls_free(void *ptr);
 
 /**
  * \brief               This function dynamically sets the memory-management
@@ -150,10 +162,12 @@ extern void mbedtls_free( void *ptr );
  *
  * \return              \c 0.
  */
-int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ),
-                              void (*free_func)( void * ) );
+int mbedtls_platform_set_calloc_free(void *(*calloc_func)(size_t, size_t),
+                                     void (*free_func)(void *));
 #endif /* MBEDTLS_PLATFORM_FREE_MACRO && MBEDTLS_PLATFORM_CALLOC_MACRO */
 #else /* !MBEDTLS_PLATFORM_MEMORY */
+#undef mbedtls_free
+#undef mbedtls_calloc
 #define mbedtls_free       free
 #define mbedtls_calloc     calloc
 #endif /* MBEDTLS_PLATFORM_MEMORY && !MBEDTLS_PLATFORM_{FREE,CALLOC}_MACRO */
@@ -164,7 +178,7 @@ int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ),
 #if defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
 /* We need FILE * */
 #include <stdio.h>
-extern int (*mbedtls_fprintf)( FILE *stream, const char *format, ... );
+extern int (*mbedtls_fprintf)(FILE *stream, const char *format, ...);
 
 /**
  * \brief                This function dynamically configures the fprintf
@@ -175,9 +189,10 @@ extern int (*mbedtls_fprintf)( FILE *stream, const char *format, ... );
  *
  * \return               \c 0.
  */
-int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char *,
-                                               ... ) );
+int mbedtls_platform_set_fprintf(int (*fprintf_func)(FILE *stream, const char *,
+                                                     ...));
 #else
+#undef mbedtls_fprintf
 #if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO)
 #define mbedtls_fprintf    MBEDTLS_PLATFORM_FPRINTF_MACRO
 #else
@@ -189,7 +204,7 @@ int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char
  * The function pointers for printf
  */
 #if defined(MBEDTLS_PLATFORM_PRINTF_ALT)
-extern int (*mbedtls_printf)( const char *format, ... );
+extern int (*mbedtls_printf)(const char *format, ...);
 
 /**
  * \brief               This function dynamically configures the snprintf
@@ -200,8 +215,9 @@ extern int (*mbedtls_printf)( const char *format, ... );
  *
  * \return              \c 0 on success.
  */
-int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) );
+int mbedtls_platform_set_printf(int (*printf_func)(const char *, ...));
 #else /* !MBEDTLS_PLATFORM_PRINTF_ALT */
+#undef mbedtls_printf
 #if defined(MBEDTLS_PLATFORM_PRINTF_MACRO)
 #define mbedtls_printf     MBEDTLS_PLATFORM_PRINTF_MACRO
 #else
@@ -220,11 +236,11 @@ int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) );
  */
 #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF)
 /* For Windows (inc. MSYS2), we provide our own fixed implementation */
-int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... );
+int mbedtls_platform_win32_snprintf(char *s, size_t n, const char *fmt, ...);
 #endif
 
 #if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
-extern int (*mbedtls_snprintf)( char * s, size_t n, const char * format, ... );
+extern int (*mbedtls_snprintf)(char *s, size_t n, const char *format, ...);
 
 /**
  * \brief                 This function allows configuring a custom
@@ -234,9 +250,10 @@ extern int (*mbedtls_snprintf)( char * s, size_t n, const char * format, ... );
  *
  * \return                \c 0 on success.
  */
-int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n,
-                                                 const char * format, ... ) );
+int mbedtls_platform_set_snprintf(int (*snprintf_func)(char *s, size_t n,
+                                                       const char *format, ...));
 #else /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
+#undef mbedtls_snprintf
 #if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
 #define mbedtls_snprintf   MBEDTLS_PLATFORM_SNPRINTF_MACRO
 #else
@@ -256,12 +273,12 @@ int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n,
 #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF)
 #include <stdarg.h>
 /* For Older Windows (inc. MSYS2), we provide our own fixed implementation */
-int mbedtls_platform_win32_vsnprintf( char *s, size_t n, const char *fmt, va_list arg );
+int mbedtls_platform_win32_vsnprintf(char *s, size_t n, const char *fmt, va_list arg);
 #endif
 
 #if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT)
 #include <stdarg.h>
-extern int (*mbedtls_vsnprintf)( char * s, size_t n, const char * format, va_list arg );
+extern int (*mbedtls_vsnprintf)(char *s, size_t n, const char *format, va_list arg);
 
 /**
  * \brief   Set your own snprintf function pointer
@@ -270,9 +287,10 @@ extern int (*mbedtls_vsnprintf)( char * s, size_t n, const char * format, va_lis
  *
  * \return  \c 0
  */
-int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n,
-                                                 const char * format, va_list arg ) );
+int mbedtls_platform_set_vsnprintf(int (*vsnprintf_func)(char *s, size_t n,
+                                                         const char *format, va_list arg));
 #else /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
+#undef mbedtls_vsnprintf
 #if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO)
 #define mbedtls_vsnprintf   MBEDTLS_PLATFORM_VSNPRINTF_MACRO
 #else
@@ -284,7 +302,7 @@ int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n,
  * The function pointers for exit
  */
 #if defined(MBEDTLS_PLATFORM_EXIT_ALT)
-extern void (*mbedtls_exit)( int status );
+extern void (*mbedtls_exit)(int status);
 
 /**
  * \brief             This function dynamically configures the exit
@@ -295,8 +313,9 @@ extern void (*mbedtls_exit)( int status );
  *
  * \return            \c 0 on success.
  */
-int mbedtls_platform_set_exit( void (*exit_func)( int status ) );
+int mbedtls_platform_set_exit(void (*exit_func)(int status));
 #else
+#undef mbedtls_exit
 #if defined(MBEDTLS_PLATFORM_EXIT_MACRO)
 #define mbedtls_exit   MBEDTLS_PLATFORM_EXIT_MACRO
 #else
@@ -327,13 +346,13 @@ int mbedtls_platform_set_exit( void (*exit_func)( int status ) );
 #if defined(MBEDTLS_ENTROPY_NV_SEED)
 #if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) && defined(MBEDTLS_FS_IO)
 /* Internal standard platform definitions */
-int mbedtls_platform_std_nv_seed_read( unsigned char *buf, size_t buf_len );
-int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len );
+int mbedtls_platform_std_nv_seed_read(unsigned char *buf, size_t buf_len);
+int mbedtls_platform_std_nv_seed_write(unsigned char *buf, size_t buf_len);
 #endif
 
 #if defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
-extern int (*mbedtls_nv_seed_read)( unsigned char *buf, size_t buf_len );
-extern int (*mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len );
+extern int (*mbedtls_nv_seed_read)(unsigned char *buf, size_t buf_len);
+extern int (*mbedtls_nv_seed_write)(unsigned char *buf, size_t buf_len);
 
 /**
  * \brief   This function allows configuring custom seed file writing and
@@ -345,10 +364,12 @@ extern int (*mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len );
  * \return  \c 0 on success.
  */
 int mbedtls_platform_set_nv_seed(
-            int (*nv_seed_read_func)( unsigned char *buf, size_t buf_len ),
-            int (*nv_seed_write_func)( unsigned char *buf, size_t buf_len )
-            );
+    int (*nv_seed_read_func)(unsigned char *buf, size_t buf_len),
+    int (*nv_seed_write_func)(unsigned char *buf, size_t buf_len)
+    );
 #else
+#undef mbedtls_nv_seed_read
+#undef mbedtls_nv_seed_write
 #if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) && \
     defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO)
 #define mbedtls_nv_seed_read    MBEDTLS_PLATFORM_NV_SEED_READ_MACRO
@@ -368,8 +389,7 @@ int mbedtls_platform_set_nv_seed(
  * \note    This structure may be used to assist platform-specific
  *          setup or teardown operations.
  */
-typedef struct mbedtls_platform_context
-{
+typedef struct mbedtls_platform_context {
     char dummy; /**< A placeholder member, as empty structs are not portable. */
 }
 mbedtls_platform_context;
@@ -393,7 +413,7 @@ mbedtls_platform_context;
  *
  * \return  \c 0 on success.
  */
-int mbedtls_platform_setup( mbedtls_platform_context *ctx );
+int mbedtls_platform_setup(mbedtls_platform_context *ctx);
 /**
  * \brief   This function performs any platform teardown operations.
  *
@@ -408,7 +428,7 @@ int mbedtls_platform_setup( mbedtls_platform_context *ctx );
  * \param   ctx     The platform context.
  *
  */
-void mbedtls_platform_teardown( mbedtls_platform_context *ctx );
+void mbedtls_platform_teardown(mbedtls_platform_context *ctx);
 
 #ifdef __cplusplus
 }
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/platform_time.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/platform_time.h
new file mode 100644
index 0000000..9671c88
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/platform_time.h
@@ -0,0 +1,60 @@
+/**
+ * \file platform_time.h
+ *
+ * \brief Mbed TLS Platform time abstraction
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_PLATFORM_TIME_H
+#define MBEDTLS_PLATFORM_TIME_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * The time_t datatype
+ */
+#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO)
+typedef MBEDTLS_PLATFORM_TIME_TYPE_MACRO mbedtls_time_t;
+#else
+/* For time_t */
+#include <time.h>
+typedef time_t mbedtls_time_t;
+#endif /* MBEDTLS_PLATFORM_TIME_TYPE_MACRO */
+
+/*
+ * The function pointers for time
+ */
+#if defined(MBEDTLS_PLATFORM_TIME_ALT)
+extern mbedtls_time_t (*mbedtls_time)(mbedtls_time_t *time);
+
+/**
+ * \brief   Set your own time function pointer
+ *
+ * \param   time_func   the time function implementation
+ *
+ * \return              0
+ */
+int mbedtls_platform_set_time(mbedtls_time_t (*time_func)(mbedtls_time_t *time));
+#else
+#if defined(MBEDTLS_PLATFORM_TIME_MACRO)
+#define mbedtls_time    MBEDTLS_PLATFORM_TIME_MACRO
+#else
+#define mbedtls_time   time
+#endif /* MBEDTLS_PLATFORM_TIME_MACRO */
+#endif /* MBEDTLS_PLATFORM_TIME_ALT */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* platform_time.h */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/platform_util.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/platform_util.h
new file mode 100644
index 0000000..74e2a1d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/platform_util.h
@@ -0,0 +1,277 @@
+/**
+ * \file platform_util.h
+ *
+ * \brief Common and shared functions used by multiple modules in the Mbed TLS
+ *        library.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_PLATFORM_UTIL_H
+#define MBEDTLS_PLATFORM_UTIL_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+#if defined(MBEDTLS_HAVE_TIME_DATE)
+#include "mbedtls/platform_time.h"
+#include <time.h>
+#endif /* MBEDTLS_HAVE_TIME_DATE */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if defined(MBEDTLS_CHECK_PARAMS)
+
+#if defined(MBEDTLS_CHECK_PARAMS_ASSERT)
+/* Allow the user to define MBEDTLS_PARAM_FAILED to something like assert
+ * (which is what our config.h suggests). */
+#include <assert.h>
+#endif /* MBEDTLS_CHECK_PARAMS_ASSERT */
+
+#if defined(MBEDTLS_PARAM_FAILED)
+/** An alternative definition of MBEDTLS_PARAM_FAILED has been set in config.h.
+ *
+ * This flag can be used to check whether it is safe to assume that
+ * MBEDTLS_PARAM_FAILED() will expand to a call to mbedtls_param_failed().
+ */
+#define MBEDTLS_PARAM_FAILED_ALT
+
+#elif defined(MBEDTLS_CHECK_PARAMS_ASSERT)
+#define MBEDTLS_PARAM_FAILED(cond) assert(cond)
+#define MBEDTLS_PARAM_FAILED_ALT
+
+#else /* MBEDTLS_PARAM_FAILED */
+#define MBEDTLS_PARAM_FAILED(cond) \
+    mbedtls_param_failed( #cond, __FILE__, __LINE__)
+
+/**
+ * \brief       User supplied callback function for parameter validation failure.
+ *              See #MBEDTLS_CHECK_PARAMS for context.
+ *
+ *              This function will be called unless an alternative treatment
+ *              is defined through the #MBEDTLS_PARAM_FAILED macro.
+ *
+ *              This function can return, and the operation will be aborted, or
+ *              alternatively, through use of setjmp()/longjmp() can resume
+ *              execution in the application code.
+ *
+ * \param failure_condition The assertion that didn't hold.
+ * \param file  The file where the assertion failed.
+ * \param line  The line in the file where the assertion failed.
+ */
+void mbedtls_param_failed(const char *failure_condition,
+                          const char *file,
+                          int line);
+#endif /* MBEDTLS_PARAM_FAILED */
+
+/* Internal macro meant to be called only from within the library. */
+#define MBEDTLS_INTERNAL_VALIDATE_RET(cond, ret)  \
+    do {                                            \
+        if (!(cond))                               \
+        {                                           \
+            MBEDTLS_PARAM_FAILED(cond);           \
+            return ret;                          \
+        }                                           \
+    } while (0)
+
+/* Internal macro meant to be called only from within the library. */
+#define MBEDTLS_INTERNAL_VALIDATE(cond)           \
+    do {                                            \
+        if (!(cond))                               \
+        {                                           \
+            MBEDTLS_PARAM_FAILED(cond);           \
+            return;                                 \
+        }                                           \
+    } while (0)
+
+#else /* MBEDTLS_CHECK_PARAMS */
+
+/* Internal macros meant to be called only from within the library. */
+#define MBEDTLS_INTERNAL_VALIDATE_RET(cond, ret)  do { } while (0)
+#define MBEDTLS_INTERNAL_VALIDATE(cond)           do { } while (0)
+
+#endif /* MBEDTLS_CHECK_PARAMS */
+
+/* Internal helper macros for deprecating API constants. */
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+/* Deliberately don't (yet) export MBEDTLS_DEPRECATED here
+ * to avoid conflict with other headers which define and use
+ * it, too. We might want to move all these definitions here at
+ * some point for uniformity. */
+#define MBEDTLS_DEPRECATED __attribute__((deprecated))
+MBEDTLS_DEPRECATED typedef char const *mbedtls_deprecated_string_constant_t;
+#define MBEDTLS_DEPRECATED_STRING_CONSTANT(VAL)       \
+    ((mbedtls_deprecated_string_constant_t) (VAL))
+MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t;
+#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(VAL)       \
+    ((mbedtls_deprecated_numeric_constant_t) (VAL))
+#undef MBEDTLS_DEPRECATED
+#else /* MBEDTLS_DEPRECATED_WARNING */
+#define MBEDTLS_DEPRECATED_STRING_CONSTANT(VAL) VAL
+#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(VAL) VAL
+#endif /* MBEDTLS_DEPRECATED_WARNING */
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
+
+/* Implementation of the check-return facility.
+ * See the user documentation in config.h.
+ *
+ * Do not use this macro directly to annotate function: instead,
+ * use one of MBEDTLS_CHECK_RETURN_CRITICAL or MBEDTLS_CHECK_RETURN_TYPICAL
+ * depending on how important it is to check the return value.
+ */
+#if !defined(MBEDTLS_CHECK_RETURN)
+#if defined(__GNUC__)
+#define MBEDTLS_CHECK_RETURN __attribute__((__warn_unused_result__))
+#elif defined(_MSC_VER) && _MSC_VER >= 1700
+#include <sal.h>
+#define MBEDTLS_CHECK_RETURN _Check_return_
+#else
+#define MBEDTLS_CHECK_RETURN
+#endif
+#endif
+
+/** Critical-failure function
+ *
+ * This macro appearing at the beginning of the declaration of a function
+ * indicates that its return value should be checked in all applications.
+ * Omitting the check is very likely to indicate a bug in the application
+ * and will result in a compile-time warning if #MBEDTLS_CHECK_RETURN
+ * is implemented for the compiler in use.
+ *
+ * \note  The use of this macro is a work in progress.
+ *        This macro may be added to more functions in the future.
+ *        Such an extension is not considered an API break, provided that
+ *        there are near-unavoidable circumstances under which the function
+ *        can fail. For example, signature/MAC/AEAD verification functions,
+ *        and functions that require a random generator, are considered
+ *        return-check-critical.
+ */
+#define MBEDTLS_CHECK_RETURN_CRITICAL MBEDTLS_CHECK_RETURN
+
+/** Ordinary-failure function
+ *
+ * This macro appearing at the beginning of the declaration of a function
+ * indicates that its return value should be generally be checked in portable
+ * applications. Omitting the check will result in a compile-time warning if
+ * #MBEDTLS_CHECK_RETURN is implemented for the compiler in use and
+ * #MBEDTLS_CHECK_RETURN_WARNING is enabled in the compile-time configuration.
+ *
+ * You can use #MBEDTLS_IGNORE_RETURN to explicitly ignore the return value
+ * of a function that is annotated with #MBEDTLS_CHECK_RETURN.
+ *
+ * \note  The use of this macro is a work in progress.
+ *        This macro will be added to more functions in the future.
+ *        Eventually this should appear before most functions returning
+ *        an error code (as \c int in the \c mbedtls_xxx API or
+ *        as ::psa_status_t in the \c psa_xxx API).
+ */
+#if defined(MBEDTLS_CHECK_RETURN_WARNING)
+#define MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN
+#else
+#define MBEDTLS_CHECK_RETURN_TYPICAL
+#endif
+
+/** Benign-failure function
+ *
+ * This macro appearing at the beginning of the declaration of a function
+ * indicates that it is rarely useful to check its return value.
+ *
+ * This macro has an empty expansion. It exists for documentation purposes:
+ * a #MBEDTLS_CHECK_RETURN_OPTIONAL annotation indicates that the function
+ * has been analyzed for return-check usefulness, whereas the lack of
+ * an annotation indicates that the function has not been analyzed and its
+ * return-check usefulness is unknown.
+ */
+#define MBEDTLS_CHECK_RETURN_OPTIONAL
+
+/** \def MBEDTLS_IGNORE_RETURN
+ *
+ * Call this macro with one argument, a function call, to suppress a warning
+ * from #MBEDTLS_CHECK_RETURN due to that function call.
+ */
+#if !defined(MBEDTLS_IGNORE_RETURN)
+/* GCC doesn't silence the warning with just (void)(result).
+ * (void)!(result) is known to work up at least up to GCC 10, as well
+ * as with Clang and MSVC.
+ *
+ * https://gcc.gnu.org/onlinedocs/gcc-3.4.6/gcc/Non_002dbugs.html
+ * https://stackoverflow.com/questions/40576003/ignoring-warning-wunused-result
+ * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425#c34
+ */
+#define MBEDTLS_IGNORE_RETURN(result) ((void) !(result))
+#endif
+
+/* If the following macro is defined, the library is being built by the test
+ * framework, and the framework is going to provide a replacement
+ * mbedtls_platform_zeroize() using a preprocessor macro, so the function
+ * declaration should be omitted.  */
+#if !defined(MBEDTLS_TEST_DEFINES_ZEROIZE) //no-check-names
+/**
+ * \brief       Securely zeroize a buffer
+ *
+ *              The function is meant to wipe the data contained in a buffer so
+ *              that it can no longer be recovered even if the program memory
+ *              is later compromised. Call this function on sensitive data
+ *              stored on the stack before returning from a function, and on
+ *              sensitive data stored on the heap before freeing the heap
+ *              object.
+ *
+ *              It is extremely difficult to guarantee that calls to
+ *              mbedtls_platform_zeroize() are not removed by aggressive
+ *              compiler optimizations in a portable way. For this reason, Mbed
+ *              TLS provides the configuration option
+ *              MBEDTLS_PLATFORM_ZEROIZE_ALT, which allows users to configure
+ *              mbedtls_platform_zeroize() to use a suitable implementation for
+ *              their platform and needs
+ *
+ * \param buf   Buffer to be zeroized
+ * \param len   Length of the buffer in bytes
+ *
+ */
+void mbedtls_platform_zeroize(void *buf, size_t len);
+#endif
+
+#if defined(MBEDTLS_HAVE_TIME_DATE)
+/**
+ * \brief      Platform-specific implementation of gmtime_r()
+ *
+ *             The function is a thread-safe abstraction that behaves
+ *             similarly to the gmtime_r() function from Unix/POSIX.
+ *
+ *             Mbed TLS will try to identify the underlying platform and
+ *             make use of an appropriate underlying implementation (e.g.
+ *             gmtime_r() for POSIX and gmtime_s() for Windows). If this is
+ *             not possible, then gmtime() will be used. In this case, calls
+ *             from the library to gmtime() will be guarded by the mutex
+ *             mbedtls_threading_gmtime_mutex if MBEDTLS_THREADING_C is
+ *             enabled. It is recommended that calls from outside the library
+ *             are also guarded by this mutex.
+ *
+ *             If MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, then Mbed TLS will
+ *             unconditionally use the alternative implementation for
+ *             mbedtls_platform_gmtime_r() supplied by the user at compile time.
+ *
+ * \param tt     Pointer to an object containing time (in seconds) since the
+ *               epoch to be converted
+ * \param tm_buf Pointer to an object where the results will be stored
+ *
+ * \return      Pointer to an object of type struct tm on success, otherwise
+ *              NULL
+ */
+struct tm *mbedtls_platform_gmtime_r(const mbedtls_time_t *tt,
+                                     struct tm *tm_buf);
+#endif /* MBEDTLS_HAVE_TIME_DATE */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_PLATFORM_UTIL_H */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/poly1305.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/poly1305.h
new file mode 100644
index 0000000..ecbd984
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/poly1305.h
@@ -0,0 +1,181 @@
+/**
+ * \file poly1305.h
+ *
+ * \brief   This file contains Poly1305 definitions and functions.
+ *
+ *          Poly1305 is a one-time message authenticator that can be used to
+ *          authenticate messages. Poly1305-AES was created by Daniel
+ *          Bernstein https://cr.yp.to/mac/poly1305-20050329.pdf The generic
+ *          Poly1305 algorithm (not tied to AES) was also standardized in RFC
+ *          7539.
+ *
+ * \author Daniel King <damaki.gh@gmail.com>
+ */
+
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MBEDTLS_POLY1305_H
+#define MBEDTLS_POLY1305_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stdint.h>
+#include <stddef.h>
+
+/** Invalid input parameter(s). */
+#define MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA         -0x0057
+
+/* MBEDTLS_ERR_POLY1305_FEATURE_UNAVAILABLE is deprecated and should not be
+ * used. */
+/** Feature not available. For example, s part of the API is not implemented. */
+#define MBEDTLS_ERR_POLY1305_FEATURE_UNAVAILABLE    -0x0059
+
+/* MBEDTLS_ERR_POLY1305_HW_ACCEL_FAILED is deprecated and should not be used.
+ */
+/** Poly1305 hardware accelerator failed. */
+#define MBEDTLS_ERR_POLY1305_HW_ACCEL_FAILED        -0x005B
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if !defined(MBEDTLS_POLY1305_ALT)
+
+typedef struct mbedtls_poly1305_context {
+    uint32_t r[4];      /** The value for 'r' (low 128 bits of the key). */
+    uint32_t s[4];      /** The value for 's' (high 128 bits of the key). */
+    uint32_t acc[5];    /** The accumulator number. */
+    uint8_t queue[16];  /** The current partial block of data. */
+    size_t queue_len;   /** The number of bytes stored in 'queue'. */
+}
+mbedtls_poly1305_context;
+
+#else  /* MBEDTLS_POLY1305_ALT */
+#include "poly1305_alt.h"
+#endif /* MBEDTLS_POLY1305_ALT */
+
+/**
+ * \brief           This function initializes the specified Poly1305 context.
+ *
+ *                  It must be the first API called before using
+ *                  the context.
+ *
+ *                  It is usually followed by a call to
+ *                  \c mbedtls_poly1305_starts(), then one or more calls to
+ *                  \c mbedtls_poly1305_update(), then one call to
+ *                  \c mbedtls_poly1305_finish(), then finally
+ *                  \c mbedtls_poly1305_free().
+ *
+ * \param ctx       The Poly1305 context to initialize. This must
+ *                  not be \c NULL.
+ */
+void mbedtls_poly1305_init(mbedtls_poly1305_context *ctx);
+
+/**
+ * \brief           This function releases and clears the specified
+ *                  Poly1305 context.
+ *
+ * \param ctx       The Poly1305 context to clear. This may be \c NULL, in which
+ *                  case this function is a no-op. If it is not \c NULL, it must
+ *                  point to an initialized Poly1305 context.
+ */
+void mbedtls_poly1305_free(mbedtls_poly1305_context *ctx);
+
+/**
+ * \brief           This function sets the one-time authentication key.
+ *
+ * \warning         The key must be unique and unpredictable for each
+ *                  invocation of Poly1305.
+ *
+ * \param ctx       The Poly1305 context to which the key should be bound.
+ *                  This must be initialized.
+ * \param key       The buffer containing the \c 32 Byte (\c 256 Bit) key.
+ *
+ * \return          \c 0 on success.
+ * \return          A negative error code on failure.
+ */
+int mbedtls_poly1305_starts(mbedtls_poly1305_context *ctx,
+                            const unsigned char key[32]);
+
+/**
+ * \brief           This functions feeds an input buffer into an ongoing
+ *                  Poly1305 computation.
+ *
+ *                  It is called between \c mbedtls_cipher_poly1305_starts() and
+ *                  \c mbedtls_cipher_poly1305_finish().
+ *                  It can be called repeatedly to process a stream of data.
+ *
+ * \param ctx       The Poly1305 context to use for the Poly1305 operation.
+ *                  This must be initialized and bound to a key.
+ * \param ilen      The length of the input data in Bytes.
+ *                  Any value is accepted.
+ * \param input     The buffer holding the input data.
+ *                  This pointer can be \c NULL if `ilen == 0`.
+ *
+ * \return          \c 0 on success.
+ * \return          A negative error code on failure.
+ */
+int mbedtls_poly1305_update(mbedtls_poly1305_context *ctx,
+                            const unsigned char *input,
+                            size_t ilen);
+
+/**
+ * \brief           This function generates the Poly1305 Message
+ *                  Authentication Code (MAC).
+ *
+ * \param ctx       The Poly1305 context to use for the Poly1305 operation.
+ *                  This must be initialized and bound to a key.
+ * \param mac       The buffer to where the MAC is written. This must
+ *                  be a writable buffer of length \c 16 Bytes.
+ *
+ * \return          \c 0 on success.
+ * \return          A negative error code on failure.
+ */
+int mbedtls_poly1305_finish(mbedtls_poly1305_context *ctx,
+                            unsigned char mac[16]);
+
+/**
+ * \brief           This function calculates the Poly1305 MAC of the input
+ *                  buffer with the provided key.
+ *
+ * \warning         The key must be unique and unpredictable for each
+ *                  invocation of Poly1305.
+ *
+ * \param key       The buffer containing the \c 32 Byte (\c 256 Bit) key.
+ * \param ilen      The length of the input data in Bytes.
+ *                  Any value is accepted.
+ * \param input     The buffer holding the input data.
+ *                  This pointer can be \c NULL if `ilen == 0`.
+ * \param mac       The buffer to where the MAC is written. This must be
+ *                  a writable buffer of length \c 16 Bytes.
+ *
+ * \return          \c 0 on success.
+ * \return          A negative error code on failure.
+ */
+int mbedtls_poly1305_mac(const unsigned char key[32],
+                         const unsigned char *input,
+                         size_t ilen,
+                         unsigned char mac[16]);
+
+#if defined(MBEDTLS_SELF_TEST)
+/**
+ * \brief           The Poly1305 checkup routine.
+ *
+ * \return          \c 0 on success.
+ * \return          \c 1 on failure.
+ */
+int mbedtls_poly1305_self_test(int verbose);
+#endif /* MBEDTLS_SELF_TEST */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_POLY1305_H */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/psa_util.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/psa_util.h
new file mode 100644
index 0000000..6d7e444
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/psa_util.h
@@ -0,0 +1,494 @@
+/**
+ * \file psa_util.h
+ *
+ * \brief Utility functions for the use of the PSA Crypto library.
+ *
+ * \warning This function is not part of the public API and may
+ *          change at any time.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MBEDTLS_PSA_UTIL_H
+#define MBEDTLS_PSA_UTIL_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+
+#include "psa/crypto.h"
+
+#include "mbedtls/ecp.h"
+#include "mbedtls/md.h"
+#include "mbedtls/pk.h"
+#include "mbedtls/oid.h"
+
+#include <string.h>
+
+/* Translations for symmetric crypto. */
+
+static inline psa_key_type_t mbedtls_psa_translate_cipher_type(
+    mbedtls_cipher_type_t cipher)
+{
+    switch (cipher) {
+        case MBEDTLS_CIPHER_AES_128_CCM:
+        case MBEDTLS_CIPHER_AES_192_CCM:
+        case MBEDTLS_CIPHER_AES_256_CCM:
+        case MBEDTLS_CIPHER_AES_128_GCM:
+        case MBEDTLS_CIPHER_AES_192_GCM:
+        case MBEDTLS_CIPHER_AES_256_GCM:
+        case MBEDTLS_CIPHER_AES_128_CBC:
+        case MBEDTLS_CIPHER_AES_192_CBC:
+        case MBEDTLS_CIPHER_AES_256_CBC:
+        case MBEDTLS_CIPHER_AES_128_ECB:
+        case MBEDTLS_CIPHER_AES_192_ECB:
+        case MBEDTLS_CIPHER_AES_256_ECB:
+            return PSA_KEY_TYPE_AES;
+
+        /* ARIA not yet supported in PSA. */
+        /* case MBEDTLS_CIPHER_ARIA_128_CCM:
+           case MBEDTLS_CIPHER_ARIA_192_CCM:
+           case MBEDTLS_CIPHER_ARIA_256_CCM:
+           case MBEDTLS_CIPHER_ARIA_128_GCM:
+           case MBEDTLS_CIPHER_ARIA_192_GCM:
+           case MBEDTLS_CIPHER_ARIA_256_GCM:
+           case MBEDTLS_CIPHER_ARIA_128_CBC:
+           case MBEDTLS_CIPHER_ARIA_192_CBC:
+           case MBEDTLS_CIPHER_ARIA_256_CBC:
+               return( PSA_KEY_TYPE_ARIA ); */
+
+        default:
+            return 0;
+    }
+}
+
+static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode(
+    mbedtls_cipher_mode_t mode, size_t taglen)
+{
+    switch (mode) {
+        case MBEDTLS_MODE_ECB:
+            return PSA_ALG_ECB_NO_PADDING;
+        case MBEDTLS_MODE_GCM:
+            return PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, taglen);
+        case MBEDTLS_MODE_CCM:
+            return PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen);
+        case MBEDTLS_MODE_CBC:
+            if (taglen == 0) {
+                return PSA_ALG_CBC_NO_PADDING;
+            } else {
+                return 0;
+            }
+        default:
+            return 0;
+    }
+}
+
+static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation(
+    mbedtls_operation_t op)
+{
+    switch (op) {
+        case MBEDTLS_ENCRYPT:
+            return PSA_KEY_USAGE_ENCRYPT;
+        case MBEDTLS_DECRYPT:
+            return PSA_KEY_USAGE_DECRYPT;
+        default:
+            return 0;
+    }
+}
+
+/* Translations for hashing. */
+
+static inline psa_algorithm_t mbedtls_psa_translate_md(mbedtls_md_type_t md_alg)
+{
+    switch (md_alg) {
+#if defined(MBEDTLS_MD2_C)
+        case MBEDTLS_MD_MD2:
+            return PSA_ALG_MD2;
+#endif
+#if defined(MBEDTLS_MD4_C)
+        case MBEDTLS_MD_MD4:
+            return PSA_ALG_MD4;
+#endif
+#if defined(MBEDTLS_MD5_C)
+        case MBEDTLS_MD_MD5:
+            return PSA_ALG_MD5;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case MBEDTLS_MD_SHA1:
+            return PSA_ALG_SHA_1;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case MBEDTLS_MD_SHA224:
+            return PSA_ALG_SHA_224;
+        case MBEDTLS_MD_SHA256:
+            return PSA_ALG_SHA_256;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+        case MBEDTLS_MD_SHA384:
+            return PSA_ALG_SHA_384;
+        case MBEDTLS_MD_SHA512:
+            return PSA_ALG_SHA_512;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+        case MBEDTLS_MD_RIPEMD160:
+            return PSA_ALG_RIPEMD160;
+#endif
+        case MBEDTLS_MD_NONE:
+            return 0;
+        default:
+            return 0;
+    }
+}
+
+/* Translations for ECC. */
+
+static inline int mbedtls_psa_get_ecc_oid_from_id(
+    psa_ecc_family_t curve, size_t bits,
+    char const **oid, size_t *oid_len)
+{
+    switch (curve) {
+        case PSA_ECC_FAMILY_SECP_R1:
+            switch (bits) {
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+                case 192:
+                    *oid = MBEDTLS_OID_EC_GRP_SECP192R1;
+                    *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP192R1);
+                    return 0;
+#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+                case 224:
+                    *oid = MBEDTLS_OID_EC_GRP_SECP224R1;
+                    *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP224R1);
+                    return 0;
+#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+                case 256:
+                    *oid = MBEDTLS_OID_EC_GRP_SECP256R1;
+                    *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP256R1);
+                    return 0;
+#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+                case 384:
+                    *oid = MBEDTLS_OID_EC_GRP_SECP384R1;
+                    *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP384R1);
+                    return 0;
+#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+                case 521:
+                    *oid = MBEDTLS_OID_EC_GRP_SECP521R1;
+                    *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP521R1);
+                    return 0;
+#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
+            }
+            break;
+        case PSA_ECC_FAMILY_SECP_K1:
+            switch (bits) {
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+                case 192:
+                    *oid = MBEDTLS_OID_EC_GRP_SECP192K1;
+                    *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP192K1);
+                    return 0;
+#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+                case 224:
+                    *oid = MBEDTLS_OID_EC_GRP_SECP224K1;
+                    *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP224K1);
+                    return 0;
+#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+                case 256:
+                    *oid = MBEDTLS_OID_EC_GRP_SECP256K1;
+                    *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP256K1);
+                    return 0;
+#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
+            }
+            break;
+        case PSA_ECC_FAMILY_BRAINPOOL_P_R1:
+            switch (bits) {
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+                case 256:
+                    *oid = MBEDTLS_OID_EC_GRP_BP256R1;
+                    *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP256R1);
+                    return 0;
+#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+                case 384:
+                    *oid = MBEDTLS_OID_EC_GRP_BP384R1;
+                    *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP384R1);
+                    return 0;
+#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+                case 512:
+                    *oid = MBEDTLS_OID_EC_GRP_BP512R1;
+                    *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP512R1);
+                    return 0;
+#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
+            }
+            break;
+    }
+    (void) oid;
+    (void) oid_len;
+    return -1;
+}
+
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 1
+
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((192 + 7) / 8) + 1)
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((192 + 7) / 8) + 1)
+#endif
+#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((224 + 7) / 8) + 1)
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((224 + 7) / 8) + 1)
+#endif
+#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((256 + 7) / 8) + 1)
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((256 + 7) / 8) + 1)
+#endif
+#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((384 + 7) / 8) + 1)
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((384 + 7) / 8) + 1)
+#endif
+#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((521 + 7) / 8) + 1)
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((521 + 7) / 8) + 1)
+#endif
+#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((192 + 7) / 8) + 1)
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((192 + 7) / 8) + 1)
+#endif
+#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((224 + 7) / 8) + 1)
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((224 + 7) / 8) + 1)
+#endif
+#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((256 + 7) / 8) + 1)
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((256 + 7) / 8) + 1)
+#endif
+#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((256 + 7) / 8) + 1)
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((256 + 7) / 8) + 1)
+#endif
+#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((384 + 7) / 8) + 1)
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((384 + 7) / 8) + 1)
+#endif
+#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((512 + 7) / 8) + 1)
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((512 + 7) / 8) + 1)
+#endif
+#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
+
+
+/* Translations for PK layer */
+
+static inline int mbedtls_psa_err_translate_pk(psa_status_t status)
+{
+    switch (status) {
+        case PSA_SUCCESS:
+            return 0;
+        case PSA_ERROR_NOT_SUPPORTED:
+            return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+        case PSA_ERROR_INSUFFICIENT_MEMORY:
+            return MBEDTLS_ERR_PK_ALLOC_FAILED;
+        case PSA_ERROR_INSUFFICIENT_ENTROPY:
+            return MBEDTLS_ERR_ECP_RANDOM_FAILED;
+        case PSA_ERROR_BAD_STATE:
+            return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+        /* All other failures */
+        case PSA_ERROR_COMMUNICATION_FAILURE:
+        case PSA_ERROR_HARDWARE_FAILURE:
+        case PSA_ERROR_CORRUPTION_DETECTED:
+            return MBEDTLS_ERR_PK_HW_ACCEL_FAILED;
+        default: /* We return the same as for the 'other failures',
+                  * but list them separately nonetheless to indicate
+                  * which failure conditions we have considered. */
+            return MBEDTLS_ERR_PK_HW_ACCEL_FAILED;
+    }
+}
+
+/* Translations for ECC */
+
+/* This function transforms an ECC group identifier from
+ * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
+ * into a PSA ECC group identifier. */
+#if defined(MBEDTLS_ECP_C)
+static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group(
+    uint16_t tls_ecc_grp_reg_id, size_t *bits)
+{
+    const mbedtls_ecp_curve_info *curve_info =
+        mbedtls_ecp_curve_info_from_tls_id(tls_ecc_grp_reg_id);
+    if (curve_info == NULL) {
+        return 0;
+    }
+    return PSA_KEY_TYPE_ECC_KEY_PAIR(
+        mbedtls_ecc_group_to_psa(curve_info->grp_id, bits));
+}
+#endif /* MBEDTLS_ECP_C */
+
+/* This function takes a buffer holding an EC public key
+ * exported through psa_export_public_key(), and converts
+ * it into an ECPoint structure to be put into a ClientKeyExchange
+ * message in an ECDHE exchange.
+ *
+ * Both the present and the foreseeable future format of EC public keys
+ * used by PSA have the ECPoint structure contained in the exported key
+ * as a subbuffer, and the function merely selects this subbuffer instead
+ * of making a copy.
+ */
+static inline int mbedtls_psa_tls_psa_ec_to_ecpoint(unsigned char *src,
+                                                    size_t srclen,
+                                                    unsigned char **dst,
+                                                    size_t *dstlen)
+{
+    *dst = src;
+    *dstlen = srclen;
+    return 0;
+}
+
+/* This function takes a buffer holding an ECPoint structure
+ * (as contained in a TLS ServerKeyExchange message for ECDHE
+ * exchanges) and converts it into a format that the PSA key
+ * agreement API understands.
+ */
+static inline int mbedtls_psa_tls_ecpoint_to_psa_ec(unsigned char const *src,
+                                                    size_t srclen,
+                                                    unsigned char *dst,
+                                                    size_t dstlen,
+                                                    size_t *olen)
+{
+    if (srclen > dstlen) {
+        return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+    }
+
+    memcpy(dst, src, srclen);
+    *olen = srclen;
+    return 0;
+}
+
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+/* Expose whatever RNG the PSA subsystem uses to applications using the
+ * mbedtls_xxx API. The declarations and definitions here need to be
+ * consistent with the implementation in library/psa_crypto_random_impl.h.
+ * See that file for implementation documentation. */
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+/* The type of a `f_rng` random generator function that many library functions
+ * take.
+ *
+ * This type name is not part of the Mbed TLS stable API. It may be renamed
+ * or moved without warning.
+ */
+typedef int mbedtls_f_rng_t(void *p_rng, unsigned char *output, size_t output_size);
+
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+
+/** The random generator function for the PSA subsystem.
+ *
+ * This function is suitable as the `f_rng` random generator function
+ * parameter of many `mbedtls_xxx` functions. Use #MBEDTLS_PSA_RANDOM_STATE
+ * to obtain the \p p_rng parameter.
+ *
+ * The implementation of this function depends on the configuration of the
+ * library.
+ *
+ * \note Depending on the configuration, this may be a function or
+ *       a pointer to a function.
+ *
+ * \note This function may only be used if the PSA crypto subsystem is active.
+ *       This means that you must call psa_crypto_init() before any call to
+ *       this function, and you must not call this function after calling
+ *       mbedtls_psa_crypto_free().
+ *
+ * \param p_rng         The random generator context. This must be
+ *                      #MBEDTLS_PSA_RANDOM_STATE. No other state is
+ *                      supported.
+ * \param output        The buffer to fill. It must have room for
+ *                      \c output_size bytes.
+ * \param output_size   The number of bytes to write to \p output.
+ *                      This function may fail if \p output_size is too
+ *                      large. It is guaranteed to accept any output size
+ *                      requested by Mbed TLS library functions. The
+ *                      maximum request size depends on the library
+ *                      configuration.
+ *
+ * \return              \c 0 on success.
+ * \return              An `MBEDTLS_ERR_ENTROPY_xxx`,
+ *                      `MBEDTLS_ERR_PLATFORM_xxx,
+ *                      `MBEDTLS_ERR_CTR_DRBG_xxx` or
+ *                      `MBEDTLS_ERR_HMAC_DRBG_xxx` on error.
+ */
+int mbedtls_psa_get_random(void *p_rng,
+                           unsigned char *output,
+                           size_t output_size);
+
+/** The random generator state for the PSA subsystem.
+ *
+ * This macro expands to an expression which is suitable as the `p_rng`
+ * random generator state parameter of many `mbedtls_xxx` functions.
+ * It must be used in combination with the random generator function
+ * mbedtls_psa_get_random().
+ *
+ * The implementation of this macro depends on the configuration of the
+ * library. Do not make any assumption on its nature.
+ */
+#define MBEDTLS_PSA_RANDOM_STATE NULL
+
+#else /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+#include "mbedtls/ctr_drbg.h"
+typedef mbedtls_ctr_drbg_context mbedtls_psa_drbg_context_t;
+static mbedtls_f_rng_t *const mbedtls_psa_get_random = mbedtls_ctr_drbg_random;
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+#include "mbedtls/hmac_drbg.h"
+typedef mbedtls_hmac_drbg_context mbedtls_psa_drbg_context_t;
+static mbedtls_f_rng_t *const mbedtls_psa_get_random = mbedtls_hmac_drbg_random;
+#endif
+extern mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state;
+
+#define MBEDTLS_PSA_RANDOM_STATE mbedtls_psa_random_state
+
+#endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
+
+#endif /* MBEDTLS_PSA_UTIL_H */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/ripemd160.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/ripemd160.h
new file mode 100644
index 0000000..38318a2
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/ripemd160.h
@@ -0,0 +1,223 @@
+/**
+ * \file ripemd160.h
+ *
+ * \brief RIPE MD-160 message digest
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_RIPEMD160_H
+#define MBEDTLS_RIPEMD160_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+#include <stdint.h>
+
+/* MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED is deprecated and should not be used.
+ */
+/** RIPEMD160 hardware accelerator failed */
+#define MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED             -0x0031
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if !defined(MBEDTLS_RIPEMD160_ALT)
+// Regular implementation
+//
+
+/**
+ * \brief          RIPEMD-160 context structure
+ */
+typedef struct mbedtls_ripemd160_context {
+    uint32_t total[2];          /*!< number of bytes processed  */
+    uint32_t state[5];          /*!< intermediate digest state  */
+    unsigned char buffer[64];   /*!< data block being processed */
+}
+mbedtls_ripemd160_context;
+
+#else  /* MBEDTLS_RIPEMD160_ALT */
+#include "ripemd160_alt.h"
+#endif /* MBEDTLS_RIPEMD160_ALT */
+
+/**
+ * \brief          Initialize RIPEMD-160 context
+ *
+ * \param ctx      RIPEMD-160 context to be initialized
+ */
+void mbedtls_ripemd160_init(mbedtls_ripemd160_context *ctx);
+
+/**
+ * \brief          Clear RIPEMD-160 context
+ *
+ * \param ctx      RIPEMD-160 context to be cleared
+ */
+void mbedtls_ripemd160_free(mbedtls_ripemd160_context *ctx);
+
+/**
+ * \brief          Clone (the state of) a RIPEMD-160 context
+ *
+ * \param dst      The destination context
+ * \param src      The context to be cloned
+ */
+void mbedtls_ripemd160_clone(mbedtls_ripemd160_context *dst,
+                             const mbedtls_ripemd160_context *src);
+
+/**
+ * \brief          RIPEMD-160 context setup
+ *
+ * \param ctx      context to be initialized
+ *
+ * \return         0 if successful
+ */
+int mbedtls_ripemd160_starts_ret(mbedtls_ripemd160_context *ctx);
+
+/**
+ * \brief          RIPEMD-160 process buffer
+ *
+ * \param ctx      RIPEMD-160 context
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ *
+ * \return         0 if successful
+ */
+int mbedtls_ripemd160_update_ret(mbedtls_ripemd160_context *ctx,
+                                 const unsigned char *input,
+                                 size_t ilen);
+
+/**
+ * \brief          RIPEMD-160 final digest
+ *
+ * \param ctx      RIPEMD-160 context
+ * \param output   RIPEMD-160 checksum result
+ *
+ * \return         0 if successful
+ */
+int mbedtls_ripemd160_finish_ret(mbedtls_ripemd160_context *ctx,
+                                 unsigned char output[20]);
+
+/**
+ * \brief          RIPEMD-160 process data block (internal use only)
+ *
+ * \param ctx      RIPEMD-160 context
+ * \param data     buffer holding one block of data
+ *
+ * \return         0 if successful
+ */
+int mbedtls_internal_ripemd160_process(mbedtls_ripemd160_context *ctx,
+                                       const unsigned char data[64]);
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief          RIPEMD-160 context setup
+ *
+ * \deprecated     Superseded by mbedtls_ripemd160_starts_ret() in 2.7.0
+ *
+ * \param ctx      context to be initialized
+ */
+MBEDTLS_DEPRECATED void mbedtls_ripemd160_starts(
+    mbedtls_ripemd160_context *ctx);
+
+/**
+ * \brief          RIPEMD-160 process buffer
+ *
+ * \deprecated     Superseded by mbedtls_ripemd160_update_ret() in 2.7.0
+ *
+ * \param ctx      RIPEMD-160 context
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ */
+MBEDTLS_DEPRECATED void mbedtls_ripemd160_update(
+    mbedtls_ripemd160_context *ctx,
+    const unsigned char *input,
+    size_t ilen);
+
+/**
+ * \brief          RIPEMD-160 final digest
+ *
+ * \deprecated     Superseded by mbedtls_ripemd160_finish_ret() in 2.7.0
+ *
+ * \param ctx      RIPEMD-160 context
+ * \param output   RIPEMD-160 checksum result
+ */
+MBEDTLS_DEPRECATED void mbedtls_ripemd160_finish(
+    mbedtls_ripemd160_context *ctx,
+    unsigned char output[20]);
+
+/**
+ * \brief          RIPEMD-160 process data block (internal use only)
+ *
+ * \deprecated     Superseded by mbedtls_internal_ripemd160_process() in 2.7.0
+ *
+ * \param ctx      RIPEMD-160 context
+ * \param data     buffer holding one block of data
+ */
+MBEDTLS_DEPRECATED void mbedtls_ripemd160_process(
+    mbedtls_ripemd160_context *ctx,
+    const unsigned char data[64]);
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+/**
+ * \brief          Output = RIPEMD-160( input buffer )
+ *
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ * \param output   RIPEMD-160 checksum result
+ *
+ * \return         0 if successful
+ */
+int mbedtls_ripemd160_ret(const unsigned char *input,
+                          size_t ilen,
+                          unsigned char output[20]);
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief          Output = RIPEMD-160( input buffer )
+ *
+ * \deprecated     Superseded by mbedtls_ripemd160_ret() in 2.7.0
+ *
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ * \param output   RIPEMD-160 checksum result
+ */
+MBEDTLS_DEPRECATED void mbedtls_ripemd160(const unsigned char *input,
+                                          size_t ilen,
+                                          unsigned char output[20]);
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ */
+int mbedtls_ripemd160_self_test(int verbose);
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* mbedtls_ripemd160.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/rsa.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/rsa.h
similarity index 77%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/rsa.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/rsa.h
index 6a31514..1779775 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/rsa.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/rsa.h
@@ -11,19 +11,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 #ifndef MBEDTLS_RSA_H
 #define MBEDTLS_RSA_H
@@ -44,22 +32,33 @@
 /*
  * RSA Error codes
  */
-#define MBEDTLS_ERR_RSA_BAD_INPUT_DATA                    -0x4080  /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_RSA_INVALID_PADDING                   -0x4100  /**< Input data contains invalid padding and is rejected. */
-#define MBEDTLS_ERR_RSA_KEY_GEN_FAILED                    -0x4180  /**< Something failed during generation of a key. */
-#define MBEDTLS_ERR_RSA_KEY_CHECK_FAILED                  -0x4200  /**< Key failed to pass the validity check of the library. */
-#define MBEDTLS_ERR_RSA_PUBLIC_FAILED                     -0x4280  /**< The public key operation failed. */
-#define MBEDTLS_ERR_RSA_PRIVATE_FAILED                    -0x4300  /**< The private key operation failed. */
-#define MBEDTLS_ERR_RSA_VERIFY_FAILED                     -0x4380  /**< The PKCS#1 verification failed. */
-#define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE                  -0x4400  /**< The output buffer for decryption is not large enough. */
-#define MBEDTLS_ERR_RSA_RNG_FAILED                        -0x4480  /**< The random generator failed to generate non-zeros. */
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_RSA_BAD_INPUT_DATA                    -0x4080
+/** Input data contains invalid padding and is rejected. */
+#define MBEDTLS_ERR_RSA_INVALID_PADDING                   -0x4100
+/** Something failed during generation of a key. */
+#define MBEDTLS_ERR_RSA_KEY_GEN_FAILED                    -0x4180
+/** Key failed to pass the validity check of the library. */
+#define MBEDTLS_ERR_RSA_KEY_CHECK_FAILED                  -0x4200
+/** The public key operation failed. */
+#define MBEDTLS_ERR_RSA_PUBLIC_FAILED                     -0x4280
+/** The private key operation failed. */
+#define MBEDTLS_ERR_RSA_PRIVATE_FAILED                    -0x4300
+/** The PKCS#1 verification failed. */
+#define MBEDTLS_ERR_RSA_VERIFY_FAILED                     -0x4380
+/** The output buffer for decryption is not large enough. */
+#define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE                  -0x4400
+/** The random generator failed to generate non-zeros. */
+#define MBEDTLS_ERR_RSA_RNG_FAILED                        -0x4480
 
 /* MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION is deprecated and should not be used.
  */
-#define MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION             -0x4500  /**< The implementation does not offer the requested operation, for example, because of security violations or lack of functionality. */
+/** The implementation does not offer the requested operation, for example, because of security violations or lack of functionality. */
+#define MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION             -0x4500
 
 /* MBEDTLS_ERR_RSA_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_RSA_HW_ACCEL_FAILED                   -0x4580  /**< RSA hardware accelerator failed. */
+/** RSA hardware accelerator failed. */
+#define MBEDTLS_ERR_RSA_HW_ACCEL_FAILED                   -0x4580
 
 /*
  * RSA constants
@@ -77,7 +76,7 @@
 
 /*
  * The above constants may be used even if the RSA module is compile out,
- * eg for alternative (PKCS#11) RSA implemenations in the PK layers.
+ * eg for alternative (PKCS#11) RSA implementations in the PK layers.
  */
 
 #ifdef __cplusplus
@@ -95,9 +94,11 @@ extern "C" {
  *          is deprecated. All manipulation should instead be done through
  *          the public interface functions.
  */
-typedef struct mbedtls_rsa_context
-{
-    int ver;                    /*!<  Always 0.*/
+typedef struct mbedtls_rsa_context {
+    int ver;                    /*!<  Reserved for internal purposes.
+                                 *    Do not set this field in application
+                                 *    code. Its meaning might change without
+                                 *    notice. */
     size_t len;                 /*!<  The size of \p N in Bytes. */
 
     mbedtls_mpi N;              /*!<  The public modulus. */
@@ -120,13 +121,14 @@ typedef struct mbedtls_rsa_context
     mbedtls_mpi Vf;             /*!<  The cached un-blinding value. */
 
     int padding;                /*!< Selects padding mode:
-                                     #MBEDTLS_RSA_PKCS_V15 for 1.5 padding and
-                                     #MBEDTLS_RSA_PKCS_V21 for OAEP or PSS. */
+                                 #MBEDTLS_RSA_PKCS_V15 for 1.5 padding and
+                                 #MBEDTLS_RSA_PKCS_V21 for OAEP or PSS. */
     int hash_id;                /*!< Hash identifier of mbedtls_md_type_t type,
                                      as specified in md.h for use in the MGF
                                      mask generating function used in the
                                      EME-OAEP and EMSA-PSS encodings. */
 #if defined(MBEDTLS_THREADING_C)
+    /* Invariant: the mutex is initialized iff ver != 0. */
     mbedtls_threading_mutex_t mutex;    /*!<  Thread-safety mutex. */
 #endif
 }
@@ -163,9 +165,9 @@ mbedtls_rsa_context;
  *                 \p padding is #MBEDTLS_RSA_PKCS_V21. It is unused
  *                 otherwise.
  */
-void mbedtls_rsa_init( mbedtls_rsa_context *ctx,
-                       int padding,
-                       int hash_id );
+void mbedtls_rsa_init(mbedtls_rsa_context *ctx,
+                      int padding,
+                      int hash_id);
 
 /**
  * \brief          This function imports a set of core parameters into an
@@ -196,10 +198,10 @@ void mbedtls_rsa_init( mbedtls_rsa_context *ctx,
  * \return         \c 0 on success.
  * \return         A non-zero error code on failure.
  */
-int mbedtls_rsa_import( mbedtls_rsa_context *ctx,
-                        const mbedtls_mpi *N,
-                        const mbedtls_mpi *P, const mbedtls_mpi *Q,
-                        const mbedtls_mpi *D, const mbedtls_mpi *E );
+int mbedtls_rsa_import(mbedtls_rsa_context *ctx,
+                       const mbedtls_mpi *N,
+                       const mbedtls_mpi *P, const mbedtls_mpi *Q,
+                       const mbedtls_mpi *D, const mbedtls_mpi *E);
 
 /**
  * \brief          This function imports core RSA parameters, in raw big-endian
@@ -235,26 +237,26 @@ int mbedtls_rsa_import( mbedtls_rsa_context *ctx,
  * \return         \c 0 on success.
  * \return         A non-zero error code on failure.
  */
-int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx,
-                            unsigned char const *N, size_t N_len,
-                            unsigned char const *P, size_t P_len,
-                            unsigned char const *Q, size_t Q_len,
-                            unsigned char const *D, size_t D_len,
-                            unsigned char const *E, size_t E_len );
+int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx,
+                           unsigned char const *N, size_t N_len,
+                           unsigned char const *P, size_t P_len,
+                           unsigned char const *Q, size_t Q_len,
+                           unsigned char const *D, size_t D_len,
+                           unsigned char const *E, size_t E_len);
 
 /**
  * \brief          This function completes an RSA context from
  *                 a set of imported core parameters.
  *
- *                 To setup an RSA public key, precisely \p N and \p E
+ *                 To setup an RSA public key, precisely \c N and \c E
  *                 must have been imported.
  *
  *                 To setup an RSA private key, sufficient information must
  *                 be present for the other parameters to be derivable.
  *
  *                 The default implementation supports the following:
- *                 <ul><li>Derive \p P, \p Q from \p N, \p D, \p E.</li>
- *                 <li>Derive \p N, \p D from \p P, \p Q, \p E.</li></ul>
+ *                 <ul><li>Derive \c P, \c Q from \c N, \c D, \c E.</li>
+ *                 <li>Derive \c N, \c D from \c P, \c Q, \c E.</li></ul>
  *                 Alternative implementations need not support these.
  *
  *                 If this function runs successfully, it guarantees that
@@ -274,7 +276,7 @@ int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx,
  *                 failed.
  *
  */
-int mbedtls_rsa_complete( mbedtls_rsa_context *ctx );
+int mbedtls_rsa_complete(mbedtls_rsa_context *ctx);
 
 /**
  * \brief          This function exports the core parameters of an RSA key.
@@ -316,9 +318,9 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx );
  * \return         A non-zero return code on any other failure.
  *
  */
-int mbedtls_rsa_export( const mbedtls_rsa_context *ctx,
-                        mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q,
-                        mbedtls_mpi *D, mbedtls_mpi *E );
+int mbedtls_rsa_export(const mbedtls_rsa_context *ctx,
+                       mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q,
+                       mbedtls_mpi *D, mbedtls_mpi *E);
 
 /**
  * \brief          This function exports core parameters of an RSA key
@@ -367,12 +369,12 @@ int mbedtls_rsa_export( const mbedtls_rsa_context *ctx,
  *                 functionality or because of security policies.
  * \return         A non-zero return code on any other failure.
  */
-int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx,
-                            unsigned char *N, size_t N_len,
-                            unsigned char *P, size_t P_len,
-                            unsigned char *Q, size_t Q_len,
-                            unsigned char *D, size_t D_len,
-                            unsigned char *E, size_t E_len );
+int mbedtls_rsa_export_raw(const mbedtls_rsa_context *ctx,
+                           unsigned char *N, size_t N_len,
+                           unsigned char *P, size_t P_len,
+                           unsigned char *Q, size_t Q_len,
+                           unsigned char *D, size_t D_len,
+                           unsigned char *E, size_t E_len);
 
 /**
  * \brief          This function exports CRT parameters of a private RSA key.
@@ -393,8 +395,8 @@ int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx,
  * \return         A non-zero error code on failure.
  *
  */
-int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx,
-                            mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP );
+int mbedtls_rsa_export_crt(const mbedtls_rsa_context *ctx,
+                           mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP);
 
 /**
  * \brief          This function sets padding for an already initialized RSA
@@ -405,8 +407,8 @@ int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx,
  *                 #MBEDTLS_RSA_PKCS_V15 or #MBEDTLS_RSA_PKCS_V21.
  * \param hash_id  The #MBEDTLS_RSA_PKCS_V21 hash identifier.
  */
-void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding,
-                              int hash_id );
+void mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding,
+                             int hash_id);
 
 /**
  * \brief          This function retrieves the length of RSA modulus in Bytes.
@@ -416,7 +418,7 @@ void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding,
  * \return         The length of the RSA modulus in Bytes.
  *
  */
-size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx );
+size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx);
 
 /**
  * \brief          This function generates an RSA keypair.
@@ -436,10 +438,10 @@ size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx );
  * \return         \c 0 on success.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
-                         int (*f_rng)(void *, unsigned char *, size_t),
-                         void *p_rng,
-                         unsigned int nbits, int exponent );
+int mbedtls_rsa_gen_key(mbedtls_rsa_context *ctx,
+                        int (*f_rng)(void *, unsigned char *, size_t),
+                        void *p_rng,
+                        unsigned int nbits, int exponent);
 
 /**
  * \brief          This function checks if a context contains at least an RSA
@@ -455,7 +457,7 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  *
  */
-int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx );
+int mbedtls_rsa_check_pubkey(const mbedtls_rsa_context *ctx);
 
 /**
  * \brief      This function checks if a context contains an RSA private key
@@ -476,7 +478,7 @@ int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx );
  *             the current function does not have access to them,
  *             and therefore cannot check them. See mbedtls_rsa_complete().
  *             If you want to check the consistency of the entire
- *             content of an PKCS1-encoded RSA private key, for example, you
+ *             content of a PKCS1-encoded RSA private key, for example, you
  *             should use mbedtls_rsa_validate_params() before setting
  *             up the RSA context.
  *             Additionally, if the implementation performs empirical checks,
@@ -493,7 +495,7 @@ int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx );
  * \return     \c 0 on success.
  * \return     An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx );
+int mbedtls_rsa_check_privkey(const mbedtls_rsa_context *ctx);
 
 /**
  * \brief          This function checks a public-private RSA key pair.
@@ -506,8 +508,8 @@ int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx );
  * \return         \c 0 on success.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub,
-                                const mbedtls_rsa_context *prv );
+int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub,
+                               const mbedtls_rsa_context *prv);
 
 /**
  * \brief          This function performs an RSA public key operation.
@@ -523,21 +525,21 @@ int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub,
  * \note           This function does not handle message padding.
  *
  * \note           Make sure to set \p input[0] = 0 or ensure that
- *                 input is smaller than \p N.
+ *                 input is smaller than \c N.
  *
  * \return         \c 0 on success.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_public( mbedtls_rsa_context *ctx,
-                const unsigned char *input,
-                unsigned char *output );
+int mbedtls_rsa_public(mbedtls_rsa_context *ctx,
+                       const unsigned char *input,
+                       unsigned char *output);
 
 /**
  * \brief          This function performs an RSA private key operation.
  *
  * \note           Blinding is used if and only if a PRNG is provided.
  *
- * \note           If blinding is used, both the base of exponentation
+ * \note           If blinding is used, both the base of exponentiation
  *                 and the exponent are blinded, providing protection
  *                 against some side-channel attacks.
  *
@@ -563,11 +565,11 @@ int mbedtls_rsa_public( mbedtls_rsa_context *ctx,
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  *
  */
-int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
-                 int (*f_rng)(void *, unsigned char *, size_t),
-                 void *p_rng,
-                 const unsigned char *input,
-                 unsigned char *output );
+int mbedtls_rsa_private(mbedtls_rsa_context *ctx,
+                        int (*f_rng)(void *, unsigned char *, size_t),
+                        void *p_rng,
+                        const unsigned char *input,
+                        unsigned char *output);
 
 /**
  * \brief          This function adds the message padding, then performs an RSA
@@ -608,12 +610,12 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
  * \return         \c 0 on success.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
-                       int (*f_rng)(void *, unsigned char *, size_t),
-                       void *p_rng,
-                       int mode, size_t ilen,
-                       const unsigned char *input,
-                       unsigned char *output );
+int mbedtls_rsa_pkcs1_encrypt(mbedtls_rsa_context *ctx,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng,
+                              int mode, size_t ilen,
+                              const unsigned char *input,
+                              unsigned char *output);
 
 /**
  * \brief          This function performs a PKCS#1 v1.5 encryption operation
@@ -649,12 +651,12 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
  * \return         \c 0 on success.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
-                                 int (*f_rng)(void *, unsigned char *, size_t),
-                                 void *p_rng,
-                                 int mode, size_t ilen,
-                                 const unsigned char *input,
-                                 unsigned char *output );
+int mbedtls_rsa_rsaes_pkcs1_v15_encrypt(mbedtls_rsa_context *ctx,
+                                        int (*f_rng)(void *, unsigned char *, size_t),
+                                        void *p_rng,
+                                        int mode, size_t ilen,
+                                        const unsigned char *input,
+                                        unsigned char *output);
 
 /**
  * \brief            This function performs a PKCS#1 v2.1 OAEP encryption
@@ -672,7 +674,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
  *                   mode being set to #MBEDTLS_RSA_PRIVATE and might instead
  *                   return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED.
  *
- * \param ctx        The initnialized RSA context to use.
+ * \param ctx        The initialized RSA context to use.
  * \param f_rng      The RNG function to use. This is needed for padding
  *                   generation and must be provided.
  * \param p_rng      The RNG context to be passed to \p f_rng. This may
@@ -694,14 +696,14 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
  * \return           \c 0 on success.
  * \return           An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
-                            int (*f_rng)(void *, unsigned char *, size_t),
-                            void *p_rng,
-                            int mode,
-                            const unsigned char *label, size_t label_len,
-                            size_t ilen,
-                            const unsigned char *input,
-                            unsigned char *output );
+int mbedtls_rsa_rsaes_oaep_encrypt(mbedtls_rsa_context *ctx,
+                                   int (*f_rng)(void *, unsigned char *, size_t),
+                                   void *p_rng,
+                                   int mode,
+                                   const unsigned char *label, size_t label_len,
+                                   size_t ilen,
+                                   const unsigned char *input,
+                                   unsigned char *output);
 
 /**
  * \brief          This function performs an RSA operation, then removes the
@@ -710,6 +712,10 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
  *                 It is the generic wrapper for performing a PKCS#1 decryption
  *                 operation using the \p mode from the context.
  *
+ * \warning        When \p ctx->padding is set to #MBEDTLS_RSA_PKCS_V15,
+ *                 mbedtls_rsa_rsaes_pkcs1_v15_decrypt() is called, which is an
+ *                 inherently dangerous function (CWE-242).
+ *
  * \note           The output buffer length \c output_max_len should be
  *                 as large as the size \p ctx->len of \p ctx->N (for example,
  *                 128 Bytes if RSA-1024 is used) to be able to hold an
@@ -747,18 +753,23 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
  * \return         \c 0 on success.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx,
-                       int (*f_rng)(void *, unsigned char *, size_t),
-                       void *p_rng,
-                       int mode, size_t *olen,
-                       const unsigned char *input,
-                       unsigned char *output,
-                       size_t output_max_len );
+int mbedtls_rsa_pkcs1_decrypt(mbedtls_rsa_context *ctx,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng,
+                              int mode, size_t *olen,
+                              const unsigned char *input,
+                              unsigned char *output,
+                              size_t output_max_len);
 
 /**
  * \brief          This function performs a PKCS#1 v1.5 decryption
  *                 operation (RSAES-PKCS1-v1_5-DECRYPT).
  *
+ * \warning        This is an inherently dangerous function (CWE-242). Unless
+ *                 it is used in a side channel free and safe way (eg.
+ *                 implementing the TLS protocol as per 7.4.7.1 of RFC 5246),
+ *                 the calling code is vulnerable.
+ *
  * \note           The output buffer length \c output_max_len should be
  *                 as large as the size \p ctx->len of \p ctx->N, for example,
  *                 128 Bytes if RSA-1024 is used, to be able to hold an
@@ -797,13 +808,13 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx,
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  *
  */
-int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx,
-                                 int (*f_rng)(void *, unsigned char *, size_t),
-                                 void *p_rng,
-                                 int mode, size_t *olen,
-                                 const unsigned char *input,
-                                 unsigned char *output,
-                                 size_t output_max_len );
+int mbedtls_rsa_rsaes_pkcs1_v15_decrypt(mbedtls_rsa_context *ctx,
+                                        int (*f_rng)(void *, unsigned char *, size_t),
+                                        void *p_rng,
+                                        int mode, size_t *olen,
+                                        const unsigned char *input,
+                                        unsigned char *output,
+                                        size_t output_max_len);
 
 /**
  * \brief            This function performs a PKCS#1 v2.1 OAEP decryption
@@ -851,15 +862,15 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx,
  * \return         \c 0 on success.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
-                            int (*f_rng)(void *, unsigned char *, size_t),
-                            void *p_rng,
-                            int mode,
-                            const unsigned char *label, size_t label_len,
-                            size_t *olen,
-                            const unsigned char *input,
-                            unsigned char *output,
-                            size_t output_max_len );
+int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx,
+                                   int (*f_rng)(void *, unsigned char *, size_t),
+                                   void *p_rng,
+                                   int mode,
+                                   const unsigned char *label, size_t label_len,
+                                   size_t *olen,
+                                   const unsigned char *input,
+                                   unsigned char *output,
+                                   size_t output_max_len);
 
 /**
  * \brief          This function performs a private RSA operation to sign
@@ -911,14 +922,14 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
  * \return         \c 0 if the signing operation was successful.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
-                    int (*f_rng)(void *, unsigned char *, size_t),
-                    void *p_rng,
-                    int mode,
-                    mbedtls_md_type_t md_alg,
-                    unsigned int hashlen,
-                    const unsigned char *hash,
-                    unsigned char *sig );
+int mbedtls_rsa_pkcs1_sign(mbedtls_rsa_context *ctx,
+                           int (*f_rng)(void *, unsigned char *, size_t),
+                           void *p_rng,
+                           int mode,
+                           mbedtls_md_type_t md_alg,
+                           unsigned int hashlen,
+                           const unsigned char *hash,
+                           unsigned char *sig);
 
 /**
  * \brief          This function performs a PKCS#1 v1.5 signature
@@ -959,25 +970,82 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
  * \return         \c 0 if the signing operation was successful.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
-                               int (*f_rng)(void *, unsigned char *, size_t),
-                               void *p_rng,
-                               int mode,
-                               mbedtls_md_type_t md_alg,
-                               unsigned int hashlen,
-                               const unsigned char *hash,
-                               unsigned char *sig );
+int mbedtls_rsa_rsassa_pkcs1_v15_sign(mbedtls_rsa_context *ctx,
+                                      int (*f_rng)(void *, unsigned char *, size_t),
+                                      void *p_rng,
+                                      int mode,
+                                      mbedtls_md_type_t md_alg,
+                                      unsigned int hashlen,
+                                      const unsigned char *hash,
+                                      unsigned char *sig);
 
 /**
  * \brief          This function performs a PKCS#1 v2.1 PSS signature
  *                 operation (RSASSA-PSS-SIGN).
  *
- * \note           The \p hash_id in the RSA context is the one used for the
- *                 encoding. \p md_alg in the function call is the type of hash
- *                 that is encoded. According to <em>RFC-3447: Public-Key
+ * \note           The \c hash_id set in \p ctx (when calling
+ *                 mbedtls_rsa_init() or by calling mbedtls_rsa_set_padding()
+ *                 afterwards) selects the hash used for the
+ *                 encoding operation and for the mask generation function
+ *                 (MGF1). For more details on the encoding operation and the
+ *                 mask generation function, consult <em>RFC-3447: Public-Key
  *                 Cryptography Standards (PKCS) #1 v2.1: RSA Cryptography
- *                 Specifications</em> it is advised to keep both hashes the
- *                 same.
+ *                 Specifications</em>.
+ *
+ * \note           This function enforces that the provided salt length complies
+ *                 with FIPS 186-4 §5.5 (e) and RFC 8017 (PKCS#1 v2.2) §9.1.1
+ *                 step 3. The constraint is that the hash length plus the salt
+ *                 length plus 2 bytes must be at most the key length. If this
+ *                 constraint is not met, this function returns
+ *                 #MBEDTLS_ERR_RSA_BAD_INPUT_DATA.
+ *
+ * \param ctx      The initialized RSA context to use.
+ * \param f_rng    The RNG function. It must not be \c NULL.
+ * \param p_rng    The RNG context to be passed to \p f_rng. This may be \c NULL
+ *                 if \p f_rng doesn't need a context argument.
+ * \param md_alg   The message-digest algorithm used to hash the original data.
+ *                 Use #MBEDTLS_MD_NONE for signing raw data.
+ * \param hashlen  The length of the message digest.
+ *                 Ths is only used if \p md_alg is #MBEDTLS_MD_NONE.
+ * \param hash     The buffer holding the message digest or raw data.
+ *                 If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable
+ *                 buffer of length \p hashlen Bytes. If \p md_alg is not
+ *                 #MBEDTLS_MD_NONE, it must be a readable buffer of length
+ *                 the size of the hash corresponding to \p md_alg.
+ * \param saltlen  The length of the salt that should be used.
+ *                 If passed #MBEDTLS_RSA_SALT_LEN_ANY, the function will use
+ *                 the largest possible salt length up to the hash length,
+ *                 which is the largest permitted by some standards including
+ *                 FIPS 186-4 §5.5.
+ * \param sig      The buffer to hold the signature. This must be a writable
+ *                 buffer of length \c ctx->len Bytes. For example, \c 256 Bytes
+ *                 for an 2048-bit RSA modulus. A buffer length of
+ *                 #MBEDTLS_MPI_MAX_SIZE is always safe.
+ *
+ * \return         \c 0 if the signing operation was successful.
+ * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
+ */
+int mbedtls_rsa_rsassa_pss_sign_ext(mbedtls_rsa_context *ctx,
+                                    int (*f_rng)(void *, unsigned char *, size_t),
+                                    void *p_rng,
+                                    mbedtls_md_type_t md_alg,
+                                    unsigned int hashlen,
+                                    const unsigned char *hash,
+                                    int saltlen,
+                                    unsigned char *sig);
+
+/**
+ * \brief          This function performs a PKCS#1 v2.1 PSS signature
+ *                 operation (RSASSA-PSS-SIGN).
+ *
+ * \note           The \c hash_id set in \p ctx (when calling
+ *                 mbedtls_rsa_init() or by calling mbedtls_rsa_set_padding()
+ *                 afterwards) selects the hash used for the
+ *                 encoding operation and for the mask generation function
+ *                 (MGF1). For more details on the encoding operation and the
+ *                 mask generation function, consult <em>RFC-3447: Public-Key
+ *                 Cryptography Standards (PKCS) #1 v2.1: RSA Cryptography
+ *                 Specifications</em>.
  *
  * \note           This function always uses the maximum possible salt size,
  *                 up to the length of the payload hash. This choice of salt
@@ -1007,7 +1075,7 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
  * \param md_alg   The message-digest algorithm used to hash the original data.
  *                 Use #MBEDTLS_MD_NONE for signing raw data.
  * \param hashlen  The length of the message digest.
- *                 Ths is only used if \p md_alg is #MBEDTLS_MD_NONE.
+ *                 This is only used if \p md_alg is #MBEDTLS_MD_NONE.
  * \param hash     The buffer holding the message digest or raw data.
  *                 If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable
  *                 buffer of length \p hashlen Bytes. If \p md_alg is not
@@ -1021,14 +1089,14 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
  * \return         \c 0 if the signing operation was successful.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
-                         int (*f_rng)(void *, unsigned char *, size_t),
-                         void *p_rng,
-                         int mode,
-                         mbedtls_md_type_t md_alg,
-                         unsigned int hashlen,
-                         const unsigned char *hash,
-                         unsigned char *sig );
+int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
+                                int (*f_rng)(void *, unsigned char *, size_t),
+                                void *p_rng,
+                                int mode,
+                                mbedtls_md_type_t md_alg,
+                                unsigned int hashlen,
+                                const unsigned char *hash,
+                                unsigned char *sig);
 
 /**
  * \brief          This function performs a public RSA operation and checks
@@ -1038,8 +1106,8 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
  *                 verification using the mode from the context.
  *
  * \note           For PKCS#1 v2.1 encoding, see comments on
- *                 mbedtls_rsa_rsassa_pss_verify() about \p md_alg and
- *                 \p hash_id.
+ *                 mbedtls_rsa_rsassa_pss_verify() about \c md_alg and
+ *                 \c hash_id.
  *
  * \deprecated     It is deprecated and discouraged to call this function
  *                 in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
@@ -1074,14 +1142,14 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
  * \return         \c 0 if the verify operation was successful.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
-                      int (*f_rng)(void *, unsigned char *, size_t),
-                      void *p_rng,
-                      int mode,
-                      mbedtls_md_type_t md_alg,
-                      unsigned int hashlen,
-                      const unsigned char *hash,
-                      const unsigned char *sig );
+int mbedtls_rsa_pkcs1_verify(mbedtls_rsa_context *ctx,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng,
+                             int mode,
+                             mbedtls_md_type_t md_alg,
+                             unsigned int hashlen,
+                             const unsigned char *hash,
+                             const unsigned char *sig);
 
 /**
  * \brief          This function performs a PKCS#1 v1.5 verification
@@ -1120,29 +1188,28 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
  * \return         \c 0 if the verify operation was successful.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
-                                 int (*f_rng)(void *, unsigned char *, size_t),
-                                 void *p_rng,
-                                 int mode,
-                                 mbedtls_md_type_t md_alg,
-                                 unsigned int hashlen,
-                                 const unsigned char *hash,
-                                 const unsigned char *sig );
+int mbedtls_rsa_rsassa_pkcs1_v15_verify(mbedtls_rsa_context *ctx,
+                                        int (*f_rng)(void *, unsigned char *, size_t),
+                                        void *p_rng,
+                                        int mode,
+                                        mbedtls_md_type_t md_alg,
+                                        unsigned int hashlen,
+                                        const unsigned char *hash,
+                                        const unsigned char *sig);
 
 /**
  * \brief          This function performs a PKCS#1 v2.1 PSS verification
  *                 operation (RSASSA-PSS-VERIFY).
  *
- *                 The hash function for the MGF mask generating function
- *                 is that specified in the RSA context.
- *
- * \note           The \p hash_id in the RSA context is the one used for the
- *                 verification. \p md_alg in the function call is the type of
- *                 hash that is verified. According to <em>RFC-3447: Public-Key
+ * \note           The \c hash_id set in \p ctx (when calling
+ *                 mbedtls_rsa_init() or by calling mbedtls_rsa_set_padding()
+ *                 afterwards) selects the hash used for the
+ *                 encoding operation and for the mask generation function
+ *                 (MGF1). For more details on the encoding operation and the
+ *                 mask generation function, consult <em>RFC-3447: Public-Key
  *                 Cryptography Standards (PKCS) #1 v2.1: RSA Cryptography
- *                 Specifications</em> it is advised to keep both hashes the
- *                 same. If \p hash_id in the RSA context is unset,
- *                 the \p md_alg from the function call is used.
+ *                 Specifications</em>. If the \c hash_id set in \p ctx is
+ *                 #MBEDTLS_MD_NONE, the \p md_alg parameter is used.
  *
  * \deprecated     It is deprecated and discouraged to call this function
  *                 in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
@@ -1177,26 +1244,25 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
  * \return         \c 0 if the verify operation was successful.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
-                           int (*f_rng)(void *, unsigned char *, size_t),
-                           void *p_rng,
-                           int mode,
-                           mbedtls_md_type_t md_alg,
-                           unsigned int hashlen,
-                           const unsigned char *hash,
-                           const unsigned char *sig );
+int mbedtls_rsa_rsassa_pss_verify(mbedtls_rsa_context *ctx,
+                                  int (*f_rng)(void *, unsigned char *, size_t),
+                                  void *p_rng,
+                                  int mode,
+                                  mbedtls_md_type_t md_alg,
+                                  unsigned int hashlen,
+                                  const unsigned char *hash,
+                                  const unsigned char *sig);
 
 /**
  * \brief          This function performs a PKCS#1 v2.1 PSS verification
  *                 operation (RSASSA-PSS-VERIFY).
  *
- *                 The hash function for the MGF mask generating function
- *                 is that specified in \p mgf1_hash_id.
- *
  * \note           The \p sig buffer must be as large as the size
  *                 of \p ctx->N. For example, 128 Bytes if RSA-1024 is used.
  *
- * \note           The \p hash_id in the RSA context is ignored.
+ * \note           The \c hash_id set in \p ctx (when calling
+ *                 mbedtls_rsa_init() or by calling mbedtls_rsa_set_padding()
+ *                 afterwards) is ignored.
  *
  * \param ctx      The initialized RSA public key context to use.
  * \param f_rng    The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE,
@@ -1215,7 +1281,13 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
  *                 buffer of length \p hashlen Bytes. If \p md_alg is not
  *                 #MBEDTLS_MD_NONE, it must be a readable buffer of length
  *                 the size of the hash corresponding to \p md_alg.
- * \param mgf1_hash_id      The message digest used for mask generation.
+ * \param mgf1_hash_id      The message digest algorithm used for the
+ *                          verification operation and the mask generation
+ *                          function (MGF1). For more details on the encoding
+ *                          operation and the mask generation function, consult
+ *                          <em>RFC-3447: Public-Key Cryptography Standards
+ *                          (PKCS) #1 v2.1: RSA Cryptography
+ *                          Specifications</em>.
  * \param expected_salt_len The length of the salt used in padding. Use
  *                          #MBEDTLS_RSA_SALT_LEN_ANY to accept any salt length.
  * \param sig      The buffer holding the signature. This must be a readable
@@ -1225,16 +1297,16 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
  * \return         \c 0 if the verify operation was successful.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
-                               int (*f_rng)(void *, unsigned char *, size_t),
-                               void *p_rng,
-                               int mode,
-                               mbedtls_md_type_t md_alg,
-                               unsigned int hashlen,
-                               const unsigned char *hash,
-                               mbedtls_md_type_t mgf1_hash_id,
-                               int expected_salt_len,
-                               const unsigned char *sig );
+int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx,
+                                      int (*f_rng)(void *, unsigned char *, size_t),
+                                      void *p_rng,
+                                      int mode,
+                                      mbedtls_md_type_t md_alg,
+                                      unsigned int hashlen,
+                                      const unsigned char *hash,
+                                      mbedtls_md_type_t mgf1_hash_id,
+                                      int expected_salt_len,
+                                      const unsigned char *sig);
 
 /**
  * \brief          This function copies the components of an RSA context.
@@ -1245,7 +1317,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
  * \return         \c 0 on success.
  * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory allocation failure.
  */
-int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src );
+int mbedtls_rsa_copy(mbedtls_rsa_context *dst, const mbedtls_rsa_context *src);
 
 /**
  * \brief          This function frees the components of an RSA key.
@@ -1254,7 +1326,7 @@ int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src )
  *                 this function is a no-op. If it is not \c NULL, it must
  *                 point to an initialized RSA context.
  */
-void mbedtls_rsa_free( mbedtls_rsa_context *ctx );
+void mbedtls_rsa_free(mbedtls_rsa_context *ctx);
 
 #if defined(MBEDTLS_SELF_TEST)
 
@@ -1264,7 +1336,7 @@ void mbedtls_rsa_free( mbedtls_rsa_context *ctx );
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
-int mbedtls_rsa_self_test( int verbose );
+int mbedtls_rsa_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/rsa_internal.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/rsa_internal.h
similarity index 79%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/rsa_internal.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/rsa_internal.h
index d55492b..286cff2 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/rsa_internal.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/rsa_internal.h
@@ -36,19 +36,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  *
  */
 
@@ -92,9 +80,9 @@ extern "C" {
  *                 use the helper function \c mbedtls_rsa_validate_params.
  *
  */
-int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N, mbedtls_mpi const *E,
-                               mbedtls_mpi const *D,
-                               mbedtls_mpi *P, mbedtls_mpi *Q );
+int mbedtls_rsa_deduce_primes(mbedtls_mpi const *N, mbedtls_mpi const *E,
+                              mbedtls_mpi const *D,
+                              mbedtls_mpi *P, mbedtls_mpi *Q);
 
 /**
  * \brief          Compute RSA private exponent from
@@ -117,10 +105,10 @@ int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N, mbedtls_mpi const *E,
  * \note           This function does not check whether P and Q are primes.
  *
  */
-int mbedtls_rsa_deduce_private_exponent( mbedtls_mpi const *P,
-                                         mbedtls_mpi const *Q,
-                                         mbedtls_mpi const *E,
-                                         mbedtls_mpi *D );
+int mbedtls_rsa_deduce_private_exponent(mbedtls_mpi const *P,
+                                        mbedtls_mpi const *Q,
+                                        mbedtls_mpi const *E,
+                                        mbedtls_mpi *D);
 
 
 /**
@@ -143,9 +131,9 @@ int mbedtls_rsa_deduce_private_exponent( mbedtls_mpi const *P,
  *                 prime and whether D is a valid private exponent.
  *
  */
-int mbedtls_rsa_deduce_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q,
-                            const mbedtls_mpi *D, mbedtls_mpi *DP,
-                            mbedtls_mpi *DQ, mbedtls_mpi *QP );
+int mbedtls_rsa_deduce_crt(const mbedtls_mpi *P, const mbedtls_mpi *Q,
+                           const mbedtls_mpi *D, mbedtls_mpi *DP,
+                           mbedtls_mpi *DQ, mbedtls_mpi *QP);
 
 
 /**
@@ -178,11 +166,11 @@ int mbedtls_rsa_deduce_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q,
  *                 to perform specific checks only. E.g., calling it with
  *                 (-,P,-,-,-) and a PRNG amounts to a primality check for P.
  */
-int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P,
-                                 const mbedtls_mpi *Q, const mbedtls_mpi *D,
-                                 const mbedtls_mpi *E,
-                                 int (*f_rng)(void *, unsigned char *, size_t),
-                                 void *p_rng );
+int mbedtls_rsa_validate_params(const mbedtls_mpi *N, const mbedtls_mpi *P,
+                                const mbedtls_mpi *Q, const mbedtls_mpi *D,
+                                const mbedtls_mpi *E,
+                                int (*f_rng)(void *, unsigned char *, size_t),
+                                void *p_rng);
 
 /**
  * \brief          Check validity of RSA CRT parameters
@@ -213,9 +201,9 @@ int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P,
  *                 to perform specific checks only. E.g., calling it with the
  *                 parameters (P, -, D, DP, -, -) will check DP = D mod P-1.
  */
-int mbedtls_rsa_validate_crt( const mbedtls_mpi *P,  const mbedtls_mpi *Q,
-                              const mbedtls_mpi *D,  const mbedtls_mpi *DP,
-                              const mbedtls_mpi *DQ, const mbedtls_mpi *QP );
+int mbedtls_rsa_validate_crt(const mbedtls_mpi *P,  const mbedtls_mpi *Q,
+                             const mbedtls_mpi *D,  const mbedtls_mpi *DP,
+                             const mbedtls_mpi *DQ, const mbedtls_mpi *QP);
 
 #ifdef __cplusplus
 }
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/sha1.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/sha1.h
similarity index 82%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/sha1.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/sha1.h
index 86a3d06..61d81f1 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/sha1.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/sha1.h
@@ -12,19 +12,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 #ifndef MBEDTLS_SHA1_H
 #define MBEDTLS_SHA1_H
@@ -39,8 +27,10 @@
 #include <stdint.h>
 
 /* MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED                  -0x0035  /**< SHA-1 hardware accelerator failed */
-#define MBEDTLS_ERR_SHA1_BAD_INPUT_DATA                   -0x0073  /**< SHA-1 input data was malformed. */
+/** SHA-1 hardware accelerator failed */
+#define MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED                  -0x0035
+/** SHA-1 input data was malformed. */
+#define MBEDTLS_ERR_SHA1_BAD_INPUT_DATA                   -0x0073
 
 #ifdef __cplusplus
 extern "C" {
@@ -58,8 +48,7 @@ extern "C" {
  *                 stronger message digests instead.
  *
  */
-typedef struct mbedtls_sha1_context
-{
+typedef struct mbedtls_sha1_context {
     uint32_t total[2];          /*!< The number of Bytes processed.  */
     uint32_t state[5];          /*!< The intermediate digest state.  */
     unsigned char buffer[64];   /*!< The data block being processed. */
@@ -81,7 +70,7 @@ mbedtls_sha1_context;
  *                 This must not be \c NULL.
  *
  */
-void mbedtls_sha1_init( mbedtls_sha1_context *ctx );
+void mbedtls_sha1_init(mbedtls_sha1_context *ctx);
 
 /**
  * \brief          This function clears a SHA-1 context.
@@ -96,7 +85,7 @@ void mbedtls_sha1_init( mbedtls_sha1_context *ctx );
  *                 SHA-1 context.
  *
  */
-void mbedtls_sha1_free( mbedtls_sha1_context *ctx );
+void mbedtls_sha1_free(mbedtls_sha1_context *ctx);
 
 /**
  * \brief          This function clones the state of a SHA-1 context.
@@ -109,8 +98,8 @@ void mbedtls_sha1_free( mbedtls_sha1_context *ctx );
  * \param src      The SHA-1 context to clone from. This must be initialized.
  *
  */
-void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
-                         const mbedtls_sha1_context *src );
+void mbedtls_sha1_clone(mbedtls_sha1_context *dst,
+                        const mbedtls_sha1_context *src);
 
 /**
  * \brief          This function starts a SHA-1 checksum calculation.
@@ -125,7 +114,7 @@ void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
  * \return         A negative error code on failure.
  *
  */
-int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx );
+int mbedtls_sha1_starts_ret(mbedtls_sha1_context *ctx);
 
 /**
  * \brief          This function feeds an input buffer into an ongoing SHA-1
@@ -144,9 +133,9 @@ int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx );
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
-                             const unsigned char *input,
-                             size_t ilen );
+int mbedtls_sha1_update_ret(mbedtls_sha1_context *ctx,
+                            const unsigned char *input,
+                            size_t ilen);
 
 /**
  * \brief          This function finishes the SHA-1 operation, and writes
@@ -164,8 +153,8 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
-                             unsigned char output[20] );
+int mbedtls_sha1_finish_ret(mbedtls_sha1_context *ctx,
+                            unsigned char output[20]);
 
 /**
  * \brief          SHA-1 process data block (internal use only).
@@ -182,8 +171,8 @@ int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
  * \return         A negative error code on failure.
  *
  */
-int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
-                                   const unsigned char data[64] );
+int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx,
+                                  const unsigned char data[64]);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -203,7 +192,7 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
  * \param ctx      The SHA-1 context to initialize. This must be initialized.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_sha1_starts( mbedtls_sha1_context *ctx );
+MBEDTLS_DEPRECATED void mbedtls_sha1_starts(mbedtls_sha1_context *ctx);
 
 /**
  * \brief          This function feeds an input buffer into an ongoing SHA-1
@@ -222,9 +211,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_starts( mbedtls_sha1_context *ctx );
  * \param ilen     The length of the input data \p input in Bytes.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_sha1_update( mbedtls_sha1_context *ctx,
-                                             const unsigned char *input,
-                                             size_t ilen );
+MBEDTLS_DEPRECATED void mbedtls_sha1_update(mbedtls_sha1_context *ctx,
+                                            const unsigned char *input,
+                                            size_t ilen);
 
 /**
  * \brief          This function finishes the SHA-1 operation, and writes
@@ -241,8 +230,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_update( mbedtls_sha1_context *ctx,
  * \param output   The SHA-1 checksum result.
  *                 This must be a writable buffer of length \c 20 Bytes.
  */
-MBEDTLS_DEPRECATED void mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
-                                             unsigned char output[20] );
+MBEDTLS_DEPRECATED void mbedtls_sha1_finish(mbedtls_sha1_context *ctx,
+                                            unsigned char output[20]);
 
 /**
  * \brief          SHA-1 process data block (internal use only).
@@ -258,8 +247,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
  *                 This must be a readable buffer of length \c 64 bytes.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_sha1_process( mbedtls_sha1_context *ctx,
-                                              const unsigned char data[64] );
+MBEDTLS_DEPRECATED void mbedtls_sha1_process(mbedtls_sha1_context *ctx,
+                                             const unsigned char data[64]);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -287,9 +276,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_process( mbedtls_sha1_context *ctx,
  * \return         A negative error code on failure.
  *
  */
-int mbedtls_sha1_ret( const unsigned char *input,
-                      size_t ilen,
-                      unsigned char output[20] );
+int mbedtls_sha1_ret(const unsigned char *input,
+                     size_t ilen,
+                     unsigned char output[20]);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -319,9 +308,9 @@ int mbedtls_sha1_ret( const unsigned char *input,
  *                 buffer of size \c 20 Bytes.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_sha1( const unsigned char *input,
-                                      size_t ilen,
-                                      unsigned char output[20] );
+MBEDTLS_DEPRECATED void mbedtls_sha1(const unsigned char *input,
+                                     size_t ilen,
+                                     unsigned char output[20]);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -339,7 +328,7 @@ MBEDTLS_DEPRECATED void mbedtls_sha1( const unsigned char *input,
  * \return         \c 1 on failure.
  *
  */
-int mbedtls_sha1_self_test( int verbose );
+int mbedtls_sha1_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/sha256.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/sha256.h
similarity index 77%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/sha256.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/sha256.h
index 73d9544..d4c3e64 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/sha256.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/sha256.h
@@ -8,19 +8,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 #ifndef MBEDTLS_SHA256_H
 #define MBEDTLS_SHA256_H
@@ -35,8 +23,10 @@
 #include <stdint.h>
 
 /* MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED                -0x0037  /**< SHA-256 hardware accelerator failed */
-#define MBEDTLS_ERR_SHA256_BAD_INPUT_DATA                 -0x0074  /**< SHA-256 input data was malformed. */
+/** SHA-256 hardware accelerator failed */
+#define MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED                -0x0037
+/** SHA-256 input data was malformed. */
+#define MBEDTLS_ERR_SHA256_BAD_INPUT_DATA                 -0x0074
 
 #ifdef __cplusplus
 extern "C" {
@@ -53,8 +43,7 @@ extern "C" {
  *                 checksum calculations. The choice between these two is
  *                 made in the call to mbedtls_sha256_starts_ret().
  */
-typedef struct mbedtls_sha256_context
-{
+typedef struct mbedtls_sha256_context {
     uint32_t total[2];          /*!< The number of Bytes processed.  */
     uint32_t state[8];          /*!< The intermediate digest state.  */
     unsigned char buffer[64];   /*!< The data block being processed. */
@@ -72,7 +61,7 @@ mbedtls_sha256_context;
  *
  * \param ctx      The SHA-256 context to initialize. This must not be \c NULL.
  */
-void mbedtls_sha256_init( mbedtls_sha256_context *ctx );
+void mbedtls_sha256_init(mbedtls_sha256_context *ctx);
 
 /**
  * \brief          This function clears a SHA-256 context.
@@ -81,7 +70,7 @@ void mbedtls_sha256_init( mbedtls_sha256_context *ctx );
  *                 case this function returns immediately. If it is not \c NULL,
  *                 it must point to an initialized SHA-256 context.
  */
-void mbedtls_sha256_free( mbedtls_sha256_context *ctx );
+void mbedtls_sha256_free(mbedtls_sha256_context *ctx);
 
 /**
  * \brief          This function clones the state of a SHA-256 context.
@@ -89,8 +78,8 @@ void mbedtls_sha256_free( mbedtls_sha256_context *ctx );
  * \param dst      The destination context. This must be initialized.
  * \param src      The context to clone. This must be initialized.
  */
-void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
-                           const mbedtls_sha256_context *src );
+void mbedtls_sha256_clone(mbedtls_sha256_context *dst,
+                          const mbedtls_sha256_context *src);
 
 /**
  * \brief          This function starts a SHA-224 or SHA-256 checksum
@@ -103,7 +92,7 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 );
+int mbedtls_sha256_starts_ret(mbedtls_sha256_context *ctx, int is224);
 
 /**
  * \brief          This function feeds an input buffer into an ongoing
@@ -118,9 +107,9 @@ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 );
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
-                               const unsigned char *input,
-                               size_t ilen );
+int mbedtls_sha256_update_ret(mbedtls_sha256_context *ctx,
+                              const unsigned char *input,
+                              size_t ilen);
 
 /**
  * \brief          This function finishes the SHA-256 operation, and writes
@@ -134,8 +123,8 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
-                               unsigned char output[32] );
+int mbedtls_sha256_finish_ret(mbedtls_sha256_context *ctx,
+                              unsigned char output[32]);
 
 /**
  * \brief          This function processes a single data block within
@@ -149,8 +138,8 @@ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
-                                     const unsigned char data[64] );
+int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx,
+                                    const unsigned char data[64]);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -168,8 +157,8 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
  * \param is224    Determines which function to use. This must be
  *                 either \c 0 for SHA-256, or \c 1 for SHA-224.
  */
-MBEDTLS_DEPRECATED void mbedtls_sha256_starts( mbedtls_sha256_context *ctx,
-                                               int is224 );
+MBEDTLS_DEPRECATED void mbedtls_sha256_starts(mbedtls_sha256_context *ctx,
+                                              int is224);
 
 /**
  * \brief          This function feeds an input buffer into an ongoing
@@ -183,9 +172,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_starts( mbedtls_sha256_context *ctx,
  *                 buffer of length \p ilen Bytes.
  * \param ilen     The length of the input data in Bytes.
  */
-MBEDTLS_DEPRECATED void mbedtls_sha256_update( mbedtls_sha256_context *ctx,
-                                               const unsigned char *input,
-                                               size_t ilen );
+MBEDTLS_DEPRECATED void mbedtls_sha256_update(mbedtls_sha256_context *ctx,
+                                              const unsigned char *input,
+                                              size_t ilen);
 
 /**
  * \brief          This function finishes the SHA-256 operation, and writes
@@ -198,8 +187,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_update( mbedtls_sha256_context *ctx,
  * \param output   The SHA-224 or SHA-256 checksum result. This must be
  *                 a writable buffer of length \c 32 Bytes.
  */
-MBEDTLS_DEPRECATED void mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
-                                               unsigned char output[32] );
+MBEDTLS_DEPRECATED void mbedtls_sha256_finish(mbedtls_sha256_context *ctx,
+                                              unsigned char output[32]);
 
 /**
  * \brief          This function processes a single data block within
@@ -212,8 +201,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
  * \param data     The buffer holding one block of data. This must be
  *                 a readable buffer of size \c 64 Bytes.
  */
-MBEDTLS_DEPRECATED void mbedtls_sha256_process( mbedtls_sha256_context *ctx,
-                                                const unsigned char data[64] );
+MBEDTLS_DEPRECATED void mbedtls_sha256_process(mbedtls_sha256_context *ctx,
+                                               const unsigned char data[64]);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -235,11 +224,14 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_process( mbedtls_sha256_context *ctx,
  *                 be a writable buffer of length \c 32 Bytes.
  * \param is224    Determines which function to use. This must be
  *                 either \c 0 for SHA-256, or \c 1 for SHA-224.
+ *
+ * \return         \c 0 on success.
+ * \return         A negative error code on failure.
  */
-int mbedtls_sha256_ret( const unsigned char *input,
-                        size_t ilen,
-                        unsigned char output[32],
-                        int is224 );
+int mbedtls_sha256_ret(const unsigned char *input,
+                       size_t ilen,
+                       unsigned char output[32],
+                       int is224);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -268,10 +260,10 @@ int mbedtls_sha256_ret( const unsigned char *input,
  * \param is224    Determines which function to use. This must be either
  *                 \c 0 for SHA-256, or \c 1 for SHA-224.
  */
-MBEDTLS_DEPRECATED void mbedtls_sha256( const unsigned char *input,
-                                        size_t ilen,
-                                        unsigned char output[32],
-                                        int is224 );
+MBEDTLS_DEPRECATED void mbedtls_sha256(const unsigned char *input,
+                                       size_t ilen,
+                                       unsigned char output[32],
+                                       int is224);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -284,7 +276,7 @@ MBEDTLS_DEPRECATED void mbedtls_sha256( const unsigned char *input,
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
-int mbedtls_sha256_self_test( int verbose );
+int mbedtls_sha256_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/sha512.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/sha512.h
similarity index 78%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/sha512.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/sha512.h
index 4a8ab42..c9e0169 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/sha512.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/sha512.h
@@ -7,19 +7,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 #ifndef MBEDTLS_SHA512_H
 #define MBEDTLS_SHA512_H
@@ -34,8 +22,10 @@
 #include <stdint.h>
 
 /* MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED is deprecated and should not be used. */
-#define MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED                -0x0039  /**< SHA-512 hardware accelerator failed */
-#define MBEDTLS_ERR_SHA512_BAD_INPUT_DATA                 -0x0075  /**< SHA-512 input data was malformed. */
+/** SHA-512 hardware accelerator failed */
+#define MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED                -0x0039
+/** SHA-512 input data was malformed. */
+#define MBEDTLS_ERR_SHA512_BAD_INPUT_DATA                 -0x0075
 
 #ifdef __cplusplus
 extern "C" {
@@ -52,8 +42,7 @@ extern "C" {
  *                 checksum calculations. The choice between these two is
  *                 made in the call to mbedtls_sha512_starts_ret().
  */
-typedef struct mbedtls_sha512_context
-{
+typedef struct mbedtls_sha512_context {
     uint64_t total[2];          /*!< The number of Bytes processed. */
     uint64_t state[8];          /*!< The intermediate digest state. */
     unsigned char buffer[128];  /*!< The data block being processed. */
@@ -74,7 +63,7 @@ mbedtls_sha512_context;
  * \param ctx      The SHA-512 context to initialize. This must
  *                 not be \c NULL.
  */
-void mbedtls_sha512_init( mbedtls_sha512_context *ctx );
+void mbedtls_sha512_init(mbedtls_sha512_context *ctx);
 
 /**
  * \brief          This function clears a SHA-512 context.
@@ -84,7 +73,7 @@ void mbedtls_sha512_init( mbedtls_sha512_context *ctx );
  *                 is not \c NULL, it must point to an initialized
  *                 SHA-512 context.
  */
-void mbedtls_sha512_free( mbedtls_sha512_context *ctx );
+void mbedtls_sha512_free(mbedtls_sha512_context *ctx);
 
 /**
  * \brief          This function clones the state of a SHA-512 context.
@@ -92,8 +81,8 @@ void mbedtls_sha512_free( mbedtls_sha512_context *ctx );
  * \param dst      The destination context. This must be initialized.
  * \param src      The context to clone. This must be initialized.
  */
-void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
-                           const mbedtls_sha512_context *src );
+void mbedtls_sha512_clone(mbedtls_sha512_context *dst,
+                          const mbedtls_sha512_context *src);
 
 /**
  * \brief          This function starts a SHA-384 or SHA-512 checksum
@@ -110,7 +99,7 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 );
+int mbedtls_sha512_starts_ret(mbedtls_sha512_context *ctx, int is384);
 
 /**
  * \brief          This function feeds an input buffer into an ongoing
@@ -125,9 +114,9 @@ int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 );
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx,
-                    const unsigned char *input,
-                    size_t ilen );
+int mbedtls_sha512_update_ret(mbedtls_sha512_context *ctx,
+                              const unsigned char *input,
+                              size_t ilen);
 
 /**
  * \brief          This function finishes the SHA-512 operation, and writes
@@ -141,8 +130,8 @@ int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx,
-                               unsigned char output[64] );
+int mbedtls_sha512_finish_ret(mbedtls_sha512_context *ctx,
+                              unsigned char output[64]);
 
 /**
  * \brief          This function processes a single data block within
@@ -156,8 +145,8 @@ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
-                                     const unsigned char data[128] );
+int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx,
+                                    const unsigned char data[128]);
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
 #define MBEDTLS_DEPRECATED      __attribute__((deprecated))
@@ -177,8 +166,8 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
  * \note           When \c MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must
  *                 be \c 0, or the function will fail to work.
  */
-MBEDTLS_DEPRECATED void mbedtls_sha512_starts( mbedtls_sha512_context *ctx,
-                                               int is384 );
+MBEDTLS_DEPRECATED void mbedtls_sha512_starts(mbedtls_sha512_context *ctx,
+                                              int is384);
 
 /**
  * \brief          This function feeds an input buffer into an ongoing
@@ -192,9 +181,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_starts( mbedtls_sha512_context *ctx,
  *                 buffer of length \p ilen Bytes.
  * \param ilen     The length of the input data in Bytes.
  */
-MBEDTLS_DEPRECATED void mbedtls_sha512_update( mbedtls_sha512_context *ctx,
-                                               const unsigned char *input,
-                                               size_t ilen );
+MBEDTLS_DEPRECATED void mbedtls_sha512_update(mbedtls_sha512_context *ctx,
+                                              const unsigned char *input,
+                                              size_t ilen);
 
 /**
  * \brief          This function finishes the SHA-512 operation, and writes
@@ -207,8 +196,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_update( mbedtls_sha512_context *ctx,
  * \param output   The SHA-384 or SHA-512 checksum result. This must
  *                 be a writable buffer of size \c 64 Bytes.
  */
-MBEDTLS_DEPRECATED void mbedtls_sha512_finish( mbedtls_sha512_context *ctx,
-                                               unsigned char output[64] );
+MBEDTLS_DEPRECATED void mbedtls_sha512_finish(mbedtls_sha512_context *ctx,
+                                              unsigned char output[64]);
 
 /**
  * \brief          This function processes a single data block within
@@ -222,8 +211,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_finish( mbedtls_sha512_context *ctx,
  *                 a readable buffer of length \c 128 Bytes.
  */
 MBEDTLS_DEPRECATED void mbedtls_sha512_process(
-                                            mbedtls_sha512_context *ctx,
-                                            const unsigned char data[128] );
+    mbedtls_sha512_context *ctx,
+    const unsigned char data[128]);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -253,10 +242,10 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_process(
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_sha512_ret( const unsigned char *input,
-                        size_t ilen,
-                        unsigned char output[64],
-                        int is384 );
+int mbedtls_sha512_ret(const unsigned char *input,
+                       size_t ilen,
+                       unsigned char output[64],
+                       int is384);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -288,23 +277,23 @@ int mbedtls_sha512_ret( const unsigned char *input,
  * \note           When \c MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must
  *                 be \c 0, or the function will fail to work.
  */
-MBEDTLS_DEPRECATED void mbedtls_sha512( const unsigned char *input,
-                                        size_t ilen,
-                                        unsigned char output[64],
-                                        int is384 );
+MBEDTLS_DEPRECATED void mbedtls_sha512(const unsigned char *input,
+                                       size_t ilen,
+                                       unsigned char output[64],
+                                       int is384);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
 
 #if defined(MBEDTLS_SELF_TEST)
 
- /**
+/**
  * \brief          The SHA-384 or SHA-512 checkup routine.
  *
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
-int mbedtls_sha512_self_test( int verbose );
+int mbedtls_sha512_self_test(int verbose);
 #endif /* MBEDTLS_SELF_TEST */
 
 #ifdef __cplusplus
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/ssl.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/ssl.h
similarity index 86%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/ssl.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/ssl.h
index 7815ad9..9cdf3a3 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/ssl.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/ssl.h
@@ -5,19 +5,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 #ifndef MBEDTLS_SSL_H
 #define MBEDTLS_SSL_H
@@ -54,11 +42,13 @@
 #if defined(MBEDTLS_ZLIB_SUPPORT)
 
 #if defined(MBEDTLS_DEPRECATED_WARNING)
-#warning "Record compression support via MBEDTLS_ZLIB_SUPPORT is deprecated and will be removed in the next major revision of the library"
+#warning \
+    "Record compression support via MBEDTLS_ZLIB_SUPPORT is deprecated and will be removed in the next major revision of the library"
 #endif
 
 #if defined(MBEDTLS_DEPRECATED_REMOVED)
-#error "Record compression support via MBEDTLS_ZLIB_SUPPORT is deprecated and cannot be used if MBEDTLS_DEPRECATED_REMOVED is set"
+#error \
+    "Record compression support via MBEDTLS_ZLIB_SUPPORT is deprecated and cannot be used if MBEDTLS_DEPRECATED_REMOVED is set"
 #endif
 
 #include "zlib.h"
@@ -75,64 +65,124 @@
 /*
  * SSL Error codes
  */
-#define MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE               -0x7080  /**< The requested feature is not available. */
-#define MBEDTLS_ERR_SSL_BAD_INPUT_DATA                    -0x7100  /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_SSL_INVALID_MAC                       -0x7180  /**< Verification of the message MAC failed. */
-#define MBEDTLS_ERR_SSL_INVALID_RECORD                    -0x7200  /**< An invalid SSL record was received. */
-#define MBEDTLS_ERR_SSL_CONN_EOF                          -0x7280  /**< The connection indicated an EOF. */
-#define MBEDTLS_ERR_SSL_UNKNOWN_CIPHER                    -0x7300  /**< An unknown cipher was received. */
-#define MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN                  -0x7380  /**< The server has no ciphersuites in common with the client. */
-#define MBEDTLS_ERR_SSL_NO_RNG                            -0x7400  /**< No RNG was provided to the SSL module. */
-#define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE             -0x7480  /**< No client certification received from the client, but required by the authentication mode. */
-#define MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE             -0x7500  /**< Our own certificate(s) is/are too large to send in an SSL message. */
-#define MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED              -0x7580  /**< The own certificate is not set, but needed by the server. */
-#define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED              -0x7600  /**< The own private key or pre-shared key is not set, but needed. */
-#define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED                 -0x7680  /**< No CA Chain is set, but required to operate. */
-#define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE                -0x7700  /**< An unexpected message was received from our peer. */
-#define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE               -0x7780  /**< A fatal alert message was received from our peer. */
-#define MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED                -0x7800  /**< Verification of our peer failed. */
-#define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY                 -0x7880  /**< The peer notified us that the connection is going to be closed. */
-#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO               -0x7900  /**< Processing of the ClientHello handshake message failed. */
-#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO               -0x7980  /**< Processing of the ServerHello handshake message failed. */
-#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE                -0x7A00  /**< Processing of the Certificate handshake message failed. */
-#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST        -0x7A80  /**< Processing of the CertificateRequest handshake message failed. */
-#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE        -0x7B00  /**< Processing of the ServerKeyExchange handshake message failed. */
-#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE          -0x7B80  /**< Processing of the ServerHelloDone handshake message failed. */
-#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE        -0x7C00  /**< Processing of the ClientKeyExchange handshake message failed. */
-#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP     -0x7C80  /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public. */
-#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS     -0x7D00  /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */
-#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY         -0x7D80  /**< Processing of the CertificateVerify handshake message failed. */
-#define MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC         -0x7E00  /**< Processing of the ChangeCipherSpec handshake message failed. */
-#define MBEDTLS_ERR_SSL_BAD_HS_FINISHED                   -0x7E80  /**< Processing of the Finished handshake message failed. */
-#define MBEDTLS_ERR_SSL_ALLOC_FAILED                      -0x7F00  /**< Memory allocation failed */
-#define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED                   -0x7F80  /**< Hardware acceleration function returned with error */
-#define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH              -0x6F80  /**< Hardware acceleration function skipped / left alone data */
-#define MBEDTLS_ERR_SSL_COMPRESSION_FAILED                -0x6F00  /**< Processing of the compression / decompression failed */
-#define MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION           -0x6E80  /**< Handshake protocol not within min/max boundaries */
-#define MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET         -0x6E00  /**< Processing of the NewSessionTicket handshake message failed. */
-#define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED            -0x6D80  /**< Session ticket has expired. */
-#define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH                  -0x6D00  /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */
-#define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY                  -0x6C80  /**< Unknown identity received (eg, PSK identity) */
-#define MBEDTLS_ERR_SSL_INTERNAL_ERROR                    -0x6C00  /**< Internal error (eg, unexpected failure in lower-level module) */
-#define MBEDTLS_ERR_SSL_COUNTER_WRAPPING                  -0x6B80  /**< A counter would wrap (eg, too many messages exchanged). */
-#define MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO       -0x6B00  /**< Unexpected message at ServerHello in renegotiation. */
-#define MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED             -0x6A80  /**< DTLS client must retry for hello verification */
-#define MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL                  -0x6A00  /**< A buffer is too small to receive or write a message */
-#define MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE             -0x6980  /**< None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages). */
-#define MBEDTLS_ERR_SSL_WANT_READ                         -0x6900  /**< No data of requested type currently available on underlying transport. */
-#define MBEDTLS_ERR_SSL_WANT_WRITE                        -0x6880  /**< Connection requires a write call. */
-#define MBEDTLS_ERR_SSL_TIMEOUT                           -0x6800  /**< The operation timed out. */
-#define MBEDTLS_ERR_SSL_CLIENT_RECONNECT                  -0x6780  /**< The client initiated a reconnect from the same port. */
-#define MBEDTLS_ERR_SSL_UNEXPECTED_RECORD                 -0x6700  /**< Record header looks valid but is not expected. */
-#define MBEDTLS_ERR_SSL_NON_FATAL                         -0x6680  /**< The alert message received indicates a non-fatal error. */
-#define MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH               -0x6600  /**< Couldn't set the hash for verifying CertificateVerify */
-#define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING               -0x6580  /**< Internal-only message signaling that further message-processing should be done */
-#define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS                 -0x6500  /**< The asynchronous operation is not completed yet. */
-#define MBEDTLS_ERR_SSL_EARLY_MESSAGE                     -0x6480  /**< Internal-only message signaling that a message arrived early. */
-#define MBEDTLS_ERR_SSL_UNEXPECTED_CID                    -0x6000  /**< An encrypted DTLS-frame with an unexpected CID was received. */
-#define MBEDTLS_ERR_SSL_VERSION_MISMATCH                  -0x5F00  /**< An operation failed due to an unexpected version or configuration. */
-#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS                -0x7000  /**< A cryptographic operation is in progress. Try again later. */
-#define MBEDTLS_ERR_SSL_BAD_CONFIG                        -0x5E80  /**< Invalid value in SSL config */
+/** The requested feature is not available. */
+#define MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE               -0x7080
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_SSL_BAD_INPUT_DATA                    -0x7100
+/** Verification of the message MAC failed. */
+#define MBEDTLS_ERR_SSL_INVALID_MAC                       -0x7180
+/** An invalid SSL record was received. */
+#define MBEDTLS_ERR_SSL_INVALID_RECORD                    -0x7200
+/** The connection indicated an EOF. */
+#define MBEDTLS_ERR_SSL_CONN_EOF                          -0x7280
+/** An unknown cipher was received. */
+#define MBEDTLS_ERR_SSL_UNKNOWN_CIPHER                    -0x7300
+/** The server has no ciphersuites in common with the client. */
+#define MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN                  -0x7380
+/** No RNG was provided to the SSL module. */
+#define MBEDTLS_ERR_SSL_NO_RNG                            -0x7400
+/** No client certification received from the client, but required by the authentication mode. */
+#define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE             -0x7480
+/** Our own certificate(s) is/are too large to send in an SSL message. */
+#define MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE             -0x7500
+/** The own certificate is not set, but needed by the server. */
+#define MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED              -0x7580
+/** The own private key or pre-shared key is not set, but needed. */
+#define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED              -0x7600
+/** No CA Chain is set, but required to operate. */
+#define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED                 -0x7680
+/** An unexpected message was received from our peer. */
+#define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE                -0x7700
+/** A fatal alert message was received from our peer. */
+#define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE               -0x7780
+/** Verification of our peer failed. */
+#define MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED                -0x7800
+/** The peer notified us that the connection is going to be closed. */
+#define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY                 -0x7880
+/** Processing of the ClientHello handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO               -0x7900
+/** Processing of the ServerHello handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO               -0x7980
+/** Processing of the Certificate handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE                -0x7A00
+/** Processing of the CertificateRequest handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST        -0x7A80
+/** Processing of the ServerKeyExchange handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE        -0x7B00
+/** Processing of the ServerHelloDone handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE          -0x7B80
+/** Processing of the ClientKeyExchange handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE        -0x7C00
+/** Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP     -0x7C80
+/** Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS     -0x7D00
+/** Processing of the CertificateVerify handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY         -0x7D80
+/** Processing of the ChangeCipherSpec handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC         -0x7E00
+/** Processing of the Finished handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_FINISHED                   -0x7E80
+/** Memory allocation failed */
+#define MBEDTLS_ERR_SSL_ALLOC_FAILED                      -0x7F00
+/** Hardware acceleration function returned with error */
+#define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED                   -0x7F80
+/** Hardware acceleration function skipped / left alone data */
+#define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH              -0x6F80
+/** Processing of the compression / decompression failed */
+#define MBEDTLS_ERR_SSL_COMPRESSION_FAILED                -0x6F00
+/** Handshake protocol not within min/max boundaries */
+#define MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION           -0x6E80
+/** Processing of the NewSessionTicket handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET         -0x6E00
+/** Session ticket has expired. */
+#define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED            -0x6D80
+/** Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */
+#define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH                  -0x6D00
+/** Unknown identity received (eg, PSK identity) */
+#define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY                  -0x6C80
+/** Internal error (eg, unexpected failure in lower-level module) */
+#define MBEDTLS_ERR_SSL_INTERNAL_ERROR                    -0x6C00
+/** A counter would wrap (eg, too many messages exchanged). */
+#define MBEDTLS_ERR_SSL_COUNTER_WRAPPING                  -0x6B80
+/** Unexpected message at ServerHello in renegotiation. */
+#define MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO       -0x6B00
+/** DTLS client must retry for hello verification */
+#define MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED             -0x6A80
+/** A buffer is too small to receive or write a message */
+#define MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL                  -0x6A00
+/** None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages). */
+#define MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE             -0x6980
+/** No data of requested type currently available on underlying transport. */
+#define MBEDTLS_ERR_SSL_WANT_READ                         -0x6900
+/** Connection requires a write call. */
+#define MBEDTLS_ERR_SSL_WANT_WRITE                        -0x6880
+/** The operation timed out. */
+#define MBEDTLS_ERR_SSL_TIMEOUT                           -0x6800
+/** The client initiated a reconnect from the same port. */
+#define MBEDTLS_ERR_SSL_CLIENT_RECONNECT                  -0x6780
+/** Record header looks valid but is not expected. */
+#define MBEDTLS_ERR_SSL_UNEXPECTED_RECORD                 -0x6700
+/** The alert message received indicates a non-fatal error. */
+#define MBEDTLS_ERR_SSL_NON_FATAL                         -0x6680
+/** Couldn't set the hash for verifying CertificateVerify */
+#define MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH               -0x6600
+/** Internal-only message signaling that further message-processing should be done */
+#define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING               -0x6580
+/** The asynchronous operation is not completed yet. */
+#define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS                 -0x6500
+/** Internal-only message signaling that a message arrived early. */
+#define MBEDTLS_ERR_SSL_EARLY_MESSAGE                     -0x6480
+/** An encrypted DTLS-frame with an unexpected CID was received. */
+#define MBEDTLS_ERR_SSL_UNEXPECTED_CID                    -0x6000
+/** An operation failed due to an unexpected version or configuration. */
+#define MBEDTLS_ERR_SSL_VERSION_MISMATCH                  -0x5F00
+/** A cryptographic operation is in progress. Try again later. */
+#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS                -0x7000
+/** Invalid value in SSL config */
+#define MBEDTLS_ERR_SSL_BAD_CONFIG                        -0x5E80
+/** Cache entry not found */
+#define MBEDTLS_ERR_SSL_CACHE_ENTRY_NOT_FOUND             -0x5E00
 
 /*
  * Various constants
@@ -291,7 +341,7 @@
 #define MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY 1
 #endif
 
-/* \} name SECTION: Module settings */
+/** \} name SECTION: Module settings */
 
 /*
  * Length of the verify data for secure renegotiation
@@ -412,8 +462,14 @@
 
 /* The value of the CID extension is still TBD as of
  * draft-ietf-tls-dtls-connection-id-05
- * (https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05) */
+ * (https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05).
+ *
+ * A future minor revision of Mbed TLS may change the default value of
+ * this option to match evolving standards and usage.
+ */
+#if !defined(MBEDTLS_TLS_EXT_CID)
 #define MBEDTLS_TLS_EXT_CID                        254 /* TBD */
+#endif
 
 #define MBEDTLS_TLS_EXT_ECJPAKE_KKPP               256 /* experimental */
 
@@ -427,8 +483,8 @@
 #endif
 
 /* Dummy type used only for its size */
-union mbedtls_ssl_premaster_secret
-{
+union mbedtls_ssl_premaster_secret {
+    unsigned char dummy; /* Make the union non-empty even with SSL disabled */
 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
     unsigned char _pms_rsa[48];                         /* RFC 5246 8.1.1 */
 #endif
@@ -446,21 +502,21 @@ union mbedtls_ssl_premaster_secret
 #endif
 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
     unsigned char _pms_dhe_psk[4 + MBEDTLS_MPI_MAX_SIZE
-                                 + MBEDTLS_PSK_MAX_LEN];       /* RFC 4279 3 */
+                               + MBEDTLS_PSK_MAX_LEN];         /* RFC 4279 3 */
 #endif
 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
     unsigned char _pms_rsa_psk[52 + MBEDTLS_PSK_MAX_LEN];      /* RFC 4279 4 */
 #endif
 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
     unsigned char _pms_ecdhe_psk[4 + MBEDTLS_ECP_MAX_BYTES
-                                   + MBEDTLS_PSK_MAX_LEN];     /* RFC 5489 2 */
+                                 + MBEDTLS_PSK_MAX_LEN];       /* RFC 5489 2 */
 #endif
 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
     unsigned char _pms_ecjpake[32];     /* Thread spec: SHA-256 output */
 #endif
 };
 
-#define MBEDTLS_PREMASTER_SIZE     sizeof( union mbedtls_ssl_premaster_secret )
+#define MBEDTLS_PREMASTER_SIZE     sizeof(union mbedtls_ssl_premaster_secret)
 
 #ifdef __cplusplus
 extern "C" {
@@ -469,8 +525,7 @@ extern "C" {
 /*
  * SSL state machine
  */
-typedef enum
-{
+typedef enum {
     MBEDTLS_SSL_HELLO_REQUEST,
     MBEDTLS_SSL_CLIENT_HELLO,
     MBEDTLS_SSL_SERVER_HELLO,
@@ -496,13 +551,12 @@ mbedtls_ssl_states;
 /*
  * The tls_prf function types.
  */
-typedef enum
-{
-   MBEDTLS_SSL_TLS_PRF_NONE,
-   MBEDTLS_SSL_TLS_PRF_SSL3,
-   MBEDTLS_SSL_TLS_PRF_TLS1,
-   MBEDTLS_SSL_TLS_PRF_SHA384,
-   MBEDTLS_SSL_TLS_PRF_SHA256
+typedef enum {
+    MBEDTLS_SSL_TLS_PRF_NONE,
+    MBEDTLS_SSL_TLS_PRF_SSL3,
+    MBEDTLS_SSL_TLS_PRF_TLS1,
+    MBEDTLS_SSL_TLS_PRF_SHA384,
+    MBEDTLS_SSL_TLS_PRF_SHA256
 }
 mbedtls_tls_prf_types;
 /**
@@ -522,9 +576,9 @@ mbedtls_tls_prf_types;
  * \note           The callback is allowed to send fewer bytes than requested.
  *                 It must always return the number of bytes actually sent.
  */
-typedef int mbedtls_ssl_send_t( void *ctx,
-                                const unsigned char *buf,
-                                size_t len );
+typedef int mbedtls_ssl_send_t(void *ctx,
+                               const unsigned char *buf,
+                               size_t len);
 
 /**
  * \brief          Callback type: receive data from the network.
@@ -536,18 +590,19 @@ typedef int mbedtls_ssl_send_t( void *ctx,
  * \param buf      Buffer to write the received data to
  * \param len      Length of the receive buffer
  *
- * \return         The callback must return the number of bytes received,
- *                 or a non-zero error code.
- *                 If performing non-blocking I/O, \c MBEDTLS_ERR_SSL_WANT_READ
+ * \returns        If data has been received, the positive number of bytes received.
+ * \returns        \c 0 if the connection has been closed.
+ * \returns        If performing non-blocking I/O, \c MBEDTLS_ERR_SSL_WANT_READ
  *                 must be returned when the operation would block.
+ * \returns        Another negative error code on other kinds of failures.
  *
  * \note           The callback may receive fewer bytes than the length of the
  *                 buffer. It must always return the number of bytes actually
  *                 received and written to the buffer.
  */
-typedef int mbedtls_ssl_recv_t( void *ctx,
-                                unsigned char *buf,
-                                size_t len );
+typedef int mbedtls_ssl_recv_t(void *ctx,
+                               unsigned char *buf,
+                               size_t len);
 
 /**
  * \brief          Callback type: receive data from the network, with timeout
@@ -559,7 +614,7 @@ typedef int mbedtls_ssl_recv_t( void *ctx,
  * \param ctx      Context for the receive callback (typically a file descriptor)
  * \param buf      Buffer to write the received data to
  * \param len      Length of the receive buffer
- * \param timeout  Maximum nomber of millisecondes to wait for data
+ * \param timeout  Maximum number of milliseconds to wait for data
  *                 0 means no timeout (potentially waiting forever)
  *
  * \return         The callback must return the number of bytes received,
@@ -571,10 +626,10 @@ typedef int mbedtls_ssl_recv_t( void *ctx,
  *                 buffer. It must always return the number of bytes actually
  *                 received and written to the buffer.
  */
-typedef int mbedtls_ssl_recv_timeout_t( void *ctx,
-                                        unsigned char *buf,
-                                        size_t len,
-                                        uint32_t timeout );
+typedef int mbedtls_ssl_recv_timeout_t(void *ctx,
+                                       unsigned char *buf,
+                                       size_t len,
+                                       uint32_t timeout);
 /**
  * \brief          Callback type: set a pair of timers/delays to watch
  *
@@ -587,7 +642,7 @@ typedef int mbedtls_ssl_recv_timeout_t( void *ctx,
  *                 for the associated \c mbedtls_ssl_get_timer_t callback to
  *                 return correct information.
  *
- * \note           If using a event-driven style of programming, an event must
+ * \note           If using an event-driven style of programming, an event must
  *                 be generated when the final delay is passed. The event must
  *                 cause a call to \c mbedtls_ssl_handshake() with the proper
  *                 SSL context to be scheduled. Care must be taken to ensure
@@ -597,9 +652,9 @@ typedef int mbedtls_ssl_recv_timeout_t( void *ctx,
  *                 function while a timer is running must cancel it. Cancelled
  *                 timers must not generate any event.
  */
-typedef void mbedtls_ssl_set_timer_t( void * ctx,
-                                      uint32_t int_ms,
-                                      uint32_t fin_ms );
+typedef void mbedtls_ssl_set_timer_t(void *ctx,
+                                     uint32_t int_ms,
+                                     uint32_t fin_ms);
 
 /**
  * \brief          Callback type: get status of timers/delays
@@ -612,7 +667,7 @@ typedef void mbedtls_ssl_set_timer_t( void * ctx,
  *                  1 if only the intermediate delay has passed,
  *                  2 if the final delay has passed.
  */
-typedef int mbedtls_ssl_get_timer_t( void * ctx );
+typedef int mbedtls_ssl_get_timer_t(void *ctx);
 
 /* Defined below */
 typedef struct mbedtls_ssl_session mbedtls_ssl_session;
@@ -703,11 +758,11 @@ typedef struct mbedtls_ssl_flight_item mbedtls_ssl_flight_item;
  *                  use \c MBEDTLS_ERR_SSL_xxx error codes except as
  *                  directed in the documentation of this callback.
  */
-typedef int mbedtls_ssl_async_sign_t( mbedtls_ssl_context *ssl,
-                                      mbedtls_x509_crt *cert,
-                                      mbedtls_md_type_t md_alg,
-                                      const unsigned char *hash,
-                                      size_t hash_len );
+typedef int mbedtls_ssl_async_sign_t(mbedtls_ssl_context *ssl,
+                                     mbedtls_x509_crt *cert,
+                                     mbedtls_md_type_t md_alg,
+                                     const unsigned char *hash,
+                                     size_t hash_len);
 
 /**
  * \brief           Callback type: start external decryption operation.
@@ -769,10 +824,10 @@ typedef int mbedtls_ssl_async_sign_t( mbedtls_ssl_context *ssl,
  *                  use \c MBEDTLS_ERR_SSL_xxx error codes except as
  *                  directed in the documentation of this callback.
  */
-typedef int mbedtls_ssl_async_decrypt_t( mbedtls_ssl_context *ssl,
-                                         mbedtls_x509_crt *cert,
-                                         const unsigned char *input,
-                                         size_t input_len );
+typedef int mbedtls_ssl_async_decrypt_t(mbedtls_ssl_context *ssl,
+                                        mbedtls_x509_crt *cert,
+                                        const unsigned char *input,
+                                        size_t input_len);
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
 
 /**
@@ -817,10 +872,10 @@ typedef int mbedtls_ssl_async_decrypt_t( mbedtls_ssl_context *ssl,
  *                  use \c MBEDTLS_ERR_SSL_xxx error codes except as
  *                  directed in the documentation of this callback.
  */
-typedef int mbedtls_ssl_async_resume_t( mbedtls_ssl_context *ssl,
-                                        unsigned char *output,
-                                        size_t *output_len,
-                                        size_t output_size );
+typedef int mbedtls_ssl_async_resume_t(mbedtls_ssl_context *ssl,
+                                       unsigned char *output,
+                                       size_t *output_len,
+                                       size_t output_size);
 
 /**
  * \brief           Callback type: cancel external operation.
@@ -839,7 +894,7 @@ typedef int mbedtls_ssl_async_resume_t( mbedtls_ssl_context *ssl,
  * \param ssl             The SSL connection instance. It should not be
  *                        modified.
  */
-typedef void mbedtls_ssl_async_cancel_t( mbedtls_ssl_context *ssl );
+typedef void mbedtls_ssl_async_cancel_t(mbedtls_ssl_context *ssl);
 #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
 
 #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) &&        \
@@ -874,17 +929,16 @@ typedef void mbedtls_ssl_async_cancel_t( mbedtls_ssl_context *ssl );
  * Reminder: if this list is expanded mbedtls_ssl_check_srtp_profile_value
  * must be updated too.
  */
-#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80     ( (uint16_t) 0x0001)
-#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32     ( (uint16_t) 0x0002)
-#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80          ( (uint16_t) 0x0005)
-#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32          ( (uint16_t) 0x0006)
+#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80     ((uint16_t) 0x0001)
+#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32     ((uint16_t) 0x0002)
+#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80          ((uint16_t) 0x0005)
+#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32          ((uint16_t) 0x0006)
 /* This one is not iana defined, but for code readability. */
-#define MBEDTLS_TLS_SRTP_UNSET                      ( (uint16_t) 0x0000)
+#define MBEDTLS_TLS_SRTP_UNSET                      ((uint16_t) 0x0000)
 
 typedef uint16_t mbedtls_ssl_srtp_profile;
 
-typedef struct mbedtls_dtls_srtp_info_t
-{
+typedef struct mbedtls_dtls_srtp_info_t {
     /*! The SRTP profile that was negotiated. */
     mbedtls_ssl_srtp_profile chosen_dtls_srtp_profile;
     /*! The length of mki_value. */
@@ -907,8 +961,11 @@ mbedtls_dtls_srtp_info;
  *      mbedtls_ssl_session_save() and ssl_session_load()
  *      ssl_session_copy()
  */
-struct mbedtls_ssl_session
-{
+struct mbedtls_ssl_session {
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    unsigned char mfl_code;     /*!< MaxFragmentLength negotiated by peer */
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
 #if defined(MBEDTLS_HAVE_TIME)
     mbedtls_time_t start;       /*!< starting time      */
 #endif
@@ -937,10 +994,6 @@ struct mbedtls_ssl_session
     uint32_t ticket_lifetime;   /*!< ticket lifetime hint    */
 #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
 
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-    unsigned char mfl_code;     /*!< MaxFragmentLength negotiated by peer */
-#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-
 #if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
     int trunc_hmac;             /*!< flag for truncated hmac activation   */
 #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
@@ -953,9 +1006,99 @@ struct mbedtls_ssl_session
 /**
  * SSL/TLS configuration to be shared between mbedtls_ssl_context structures.
  */
-struct mbedtls_ssl_config
-{
-    /* Group items by size (largest first) to minimize padding overhead */
+struct mbedtls_ssl_config {
+    /* Group items by size and reorder them to maximize usage of immediate offset access.    */
+
+    /*
+     * Numerical settings (char)
+     */
+
+    unsigned char max_major_ver;    /*!< max. major version used            */
+    unsigned char max_minor_ver;    /*!< max. minor version used            */
+    unsigned char min_major_ver;    /*!< min. major version used            */
+    unsigned char min_minor_ver;    /*!< min. minor version used            */
+
+    /*
+     * Flags (could be bit-fields to save RAM, but separate bytes make
+     * the code smaller on architectures with an instruction for direct
+     * byte access).
+     */
+
+    uint8_t endpoint /*bool*/;      /*!< 0: client, 1: server               */
+    uint8_t transport /*bool*/;     /*!< stream (TLS) or datagram (DTLS)    */
+    uint8_t authmode /*2 bits*/;    /*!< MBEDTLS_SSL_VERIFY_XXX             */
+    /* needed even with renego disabled for LEGACY_BREAK_HANDSHAKE          */
+    uint8_t allow_legacy_renegotiation /*2 bits*/; /*!< MBEDTLS_LEGACY_XXX  */
+#if defined(MBEDTLS_ARC4_C)
+    uint8_t arc4_disabled /*bool*/; /*!< blacklist RC4 ciphersuites?        */
+#endif
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    uint8_t mfl_code /*3 bits*/;    /*!< desired fragment length            */
+#endif
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    uint8_t encrypt_then_mac /*bool*/;  /*!< negotiate encrypt-then-mac?    */
+#endif
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    uint8_t extended_ms /*bool*/;   /*!< negotiate extended master secret?  */
+#endif
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+    uint8_t anti_replay /*bool*/;   /*!< detect and prevent replay?         */
+#endif
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+    uint8_t cbc_record_splitting /*bool*/;  /*!< do cbc record splitting    */
+#endif
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    uint8_t disable_renegotiation /*bool*/; /*!< disable renegotiation?     */
+#endif
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    uint8_t trunc_hmac /*bool*/;    /*!< negotiate truncated hmac?          */
+#endif
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    uint8_t session_tickets /*bool*/;   /*!< use session tickets?           */
+#endif
+#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
+    uint8_t fallback /*bool*/;      /*!< is this a fallback?                */
+#endif
+#if defined(MBEDTLS_SSL_SRV_C)
+    uint8_t cert_req_ca_list /*bool*/;  /*!< enable sending CA list in
+                                           Certificate Request messages?     */
+#endif
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    uint8_t ignore_unexpected_cid /*bool*/; /*!< Determines whether DTLS
+                                             *   record with unexpected CID
+                                             *   should lead to failure.    */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+    uint8_t dtls_srtp_mki_support /*bool*/; /*!< support having mki_value
+                                                 in the use_srtp extension? */
+#endif
+
+    /*
+     * Numerical settings (int or larger)
+     */
+
+    uint32_t read_timeout;          /*!< timeout for mbedtls_ssl_read (ms)  */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    uint32_t hs_timeout_min;        /*!< initial value of the handshake
+                                         retransmission timeout (ms)        */
+    uint32_t hs_timeout_max;        /*!< maximum value of the handshake
+                                         retransmission timeout (ms)        */
+#endif
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    int renego_max_records;         /*!< grace period for renegotiation     */
+    unsigned char renego_period[8]; /*!< value of the record counters
+                                         that triggers renegotiation        */
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
+    unsigned int badmac_limit;      /*!< limit of records with a bad MAC    */
+#endif
+
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
+    unsigned int dhm_min_bitlen;    /*!< min. bit length of the DHM prime   */
+#endif
 
     /*
      * Pointers
@@ -996,34 +1139,34 @@ struct mbedtls_ssl_config
 #endif
 
 #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
-    /** Callback to create & write a cookie for ClientHello veirifcation    */
-    int (*f_cookie_write)( void *, unsigned char **, unsigned char *,
-                           const unsigned char *, size_t );
+    /** Callback to create & write a cookie for ClientHello verification    */
+    int (*f_cookie_write)(void *, unsigned char **, unsigned char *,
+                          const unsigned char *, size_t);
     /** Callback to verify validity of a ClientHello cookie                 */
-    int (*f_cookie_check)( void *, const unsigned char *, size_t,
-                           const unsigned char *, size_t );
+    int (*f_cookie_check)(void *, const unsigned char *, size_t,
+                          const unsigned char *, size_t);
     void *p_cookie;                 /*!< context for the cookie callbacks   */
 #endif
 
 #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C)
     /** Callback to create & write a session ticket                         */
-    int (*f_ticket_write)( void *, const mbedtls_ssl_session *,
-            unsigned char *, const unsigned char *, size_t *, uint32_t * );
+    int (*f_ticket_write)(void *, const mbedtls_ssl_session *,
+                          unsigned char *, const unsigned char *, size_t *, uint32_t *);
     /** Callback to parse a session ticket into a session structure         */
-    int (*f_ticket_parse)( void *, mbedtls_ssl_session *, unsigned char *, size_t);
+    int (*f_ticket_parse)(void *, mbedtls_ssl_session *, unsigned char *, size_t);
     void *p_ticket;                 /*!< context for the ticket callbacks   */
 #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */
 
 #if defined(MBEDTLS_SSL_EXPORT_KEYS)
     /** Callback to export key block and master secret                      */
-    int (*f_export_keys)( void *, const unsigned char *,
-            const unsigned char *, size_t, size_t, size_t );
+    int (*f_export_keys)(void *, const unsigned char *,
+                         const unsigned char *, size_t, size_t, size_t);
     /** Callback to export key block, master secret,
      *  tls_prf and random bytes. Should replace f_export_keys    */
-    int (*f_export_keys_ext)( void *, const unsigned char *,
-                const unsigned char *, size_t, size_t, size_t,
-                const unsigned char[32], const unsigned char[32],
-                mbedtls_tls_prf_types );
+    int (*f_export_keys_ext)(void *, const unsigned char *,
+                             const unsigned char *, size_t, size_t, size_t,
+                             const unsigned char[32], const unsigned char[32],
+                             mbedtls_tls_prf_types);
     void *p_export_keys;            /*!< context for key export callback    */
 #endif
 
@@ -1109,95 +1252,9 @@ struct mbedtls_ssl_config
     /*! number of supported profiles */
     size_t dtls_srtp_profile_list_len;
 #endif /* MBEDTLS_SSL_DTLS_SRTP */
-
-    /*
-     * Numerical settings (int then char)
-     */
-
-    uint32_t read_timeout;          /*!< timeout for mbedtls_ssl_read (ms)  */
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    uint32_t hs_timeout_min;        /*!< initial value of the handshake
-                                         retransmission timeout (ms)        */
-    uint32_t hs_timeout_max;        /*!< maximum value of the handshake
-                                         retransmission timeout (ms)        */
-#endif
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    int renego_max_records;         /*!< grace period for renegotiation     */
-    unsigned char renego_period[8]; /*!< value of the record counters
-                                         that triggers renegotiation        */
-#endif
-
-#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
-    unsigned int badmac_limit;      /*!< limit of records with a bad MAC    */
-#endif
-
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
-    unsigned int dhm_min_bitlen;    /*!< min. bit length of the DHM prime   */
-#endif
-
-    unsigned char max_major_ver;    /*!< max. major version used            */
-    unsigned char max_minor_ver;    /*!< max. minor version used            */
-    unsigned char min_major_ver;    /*!< min. major version used            */
-    unsigned char min_minor_ver;    /*!< min. minor version used            */
-
-    /*
-     * Flags (bitfields)
-     */
-
-    unsigned int endpoint : 1;      /*!< 0: client, 1: server               */
-    unsigned int transport : 1;     /*!< stream (TLS) or datagram (DTLS)    */
-    unsigned int authmode : 2;      /*!< MBEDTLS_SSL_VERIFY_XXX             */
-    /* needed even with renego disabled for LEGACY_BREAK_HANDSHAKE          */
-    unsigned int allow_legacy_renegotiation : 2 ; /*!< MBEDTLS_LEGACY_XXX   */
-#if defined(MBEDTLS_ARC4_C)
-    unsigned int arc4_disabled : 1; /*!< blacklist RC4 ciphersuites?        */
-#endif
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-    unsigned int mfl_code : 3;      /*!< desired fragment length            */
-#endif
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-    unsigned int encrypt_then_mac : 1 ; /*!< negotiate encrypt-then-mac?    */
-#endif
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-    unsigned int extended_ms : 1;   /*!< negotiate extended master secret?  */
-#endif
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-    unsigned int anti_replay : 1;   /*!< detect and prevent replay?         */
-#endif
-#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
-    unsigned int cbc_record_splitting : 1;  /*!< do cbc record splitting    */
-#endif
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    unsigned int disable_renegotiation : 1; /*!< disable renegotiation?     */
-#endif
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-    unsigned int trunc_hmac : 1;    /*!< negotiate truncated hmac?          */
-#endif
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    unsigned int session_tickets : 1;   /*!< use session tickets?           */
-#endif
-#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
-    unsigned int fallback : 1;      /*!< is this a fallback?                */
-#endif
-#if defined(MBEDTLS_SSL_SRV_C)
-    unsigned int cert_req_ca_list : 1;  /*!< enable sending CA list in
-                                          Certificate Request messages?     */
-#endif
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    unsigned int ignore_unexpected_cid : 1; /*!< Determines whether DTLS
-                                             *   record with unexpected CID
-                                             *   should lead to failure.    */
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-#if defined(MBEDTLS_SSL_DTLS_SRTP)
-    unsigned int dtls_srtp_mki_support : 1; /* support having mki_value
-                                               in the use_srtp extension     */
-#endif
 };
 
-struct mbedtls_ssl_context
-{
+struct mbedtls_ssl_context {
     const mbedtls_ssl_config *conf; /*!< configuration information          */
 
     /*
@@ -1207,8 +1264,8 @@ struct mbedtls_ssl_context
 #if defined(MBEDTLS_SSL_RENEGOTIATION)
     int renego_status;          /*!< Initial, in progress, pending?   */
     int renego_records_seen;    /*!< Records since renego request, or with DTLS,
-                                  number of retransmissions of request if
-                                  renego_max_records is < 0           */
+                                   number of retransmissions of request if
+                                   renego_max_records is < 0           */
 #endif /* MBEDTLS_SSL_RENEGOTIATION */
 
     int major_ver;              /*!< equal to  MBEDTLS_SSL_MAJOR_VERSION_3    */
@@ -1227,7 +1284,7 @@ struct mbedtls_ssl_context
     mbedtls_ssl_send_t *f_send; /*!< Callback for network send */
     mbedtls_ssl_recv_t *f_recv; /*!< Callback for network receive */
     mbedtls_ssl_recv_timeout_t *f_recv_timeout;
-                                /*!< Callback for network receive with timeout */
+    /*!< Callback for network receive with timeout */
 
     void *p_bio;                /*!< context for I/O operations   */
 
@@ -1240,7 +1297,7 @@ struct mbedtls_ssl_context
     mbedtls_ssl_session *session_negotiate;     /*!<  session data in negotiation */
 
     mbedtls_ssl_handshake_params *handshake;    /*!<  params required only during
-                                              the handshake process        */
+                                                   the handshake process        */
 
     /*
      * Record layer transformations
@@ -1334,7 +1391,7 @@ struct mbedtls_ssl_context
     unsigned char *compress_buf;        /*!<  zlib data buffer        */
 #endif /* MBEDTLS_ZLIB_SUPPORT */
 #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
-    signed char split_done;     /*!< current record already splitted? */
+    signed char split_done;     /*!< current record already split? */
 #endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */
 
     /*
@@ -1388,7 +1445,7 @@ struct mbedtls_ssl_context
      *  all subsequent handshakes. This may be different from the
      *  CID currently used in case the user has re-configured the CID
      *  after an initial handshake. */
-    unsigned char own_cid[ MBEDTLS_SSL_CID_IN_LEN_MAX ];
+    unsigned char own_cid[MBEDTLS_SSL_CID_IN_LEN_MAX];
     uint8_t own_cid_len;   /*!< The length of \c own_cid. */
     uint8_t negotiate_cid; /*!< This indicates whether the CID extension should
                             *   be negotiated in the next handshake or not.
@@ -1401,8 +1458,8 @@ struct mbedtls_ssl_context
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 
-#define MBEDTLS_SSL_CHANNEL_OUTBOUND   MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( 0 )
-#define MBEDTLS_SSL_CHANNEL_INBOUND    MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( 1 )
+#define MBEDTLS_SSL_CHANNEL_OUTBOUND   MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(0)
+#define MBEDTLS_SSL_CHANNEL_INBOUND    MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(1)
 
 #if defined(MBEDTLS_DEPRECATED_WARNING)
 #define MBEDTLS_DEPRECATED      __attribute__((deprecated))
@@ -1411,24 +1468,24 @@ struct mbedtls_ssl_context
 #endif /* MBEDTLS_DEPRECATED_WARNING */
 
 MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_init)(
-                    mbedtls_ssl_context *ssl,
-                    const unsigned char *key_enc, const unsigned char *key_dec,
-                    size_t keylen,
-                    const unsigned char *iv_enc,  const unsigned char *iv_dec,
-                    size_t ivlen,
-                    const unsigned char *mac_enc, const unsigned char *mac_dec,
-                    size_t maclen);
+    mbedtls_ssl_context *ssl,
+    const unsigned char *key_enc, const unsigned char *key_dec,
+    size_t keylen,
+    const unsigned char *iv_enc,  const unsigned char *iv_dec,
+    size_t ivlen,
+    const unsigned char *mac_enc, const unsigned char *mac_dec,
+    size_t maclen);
 MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_activate)(
-                                                    mbedtls_ssl_context *ssl,
-                                                    int direction );
+    mbedtls_ssl_context *ssl,
+    int direction);
 MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_reset)(
-                                                    mbedtls_ssl_context *ssl );
+    mbedtls_ssl_context *ssl);
 MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_write)(
-                                                    mbedtls_ssl_context *ssl );
+    mbedtls_ssl_context *ssl);
 MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_read)(
-                                                    mbedtls_ssl_context *ssl );
+    mbedtls_ssl_context *ssl);
 MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_finish)(
-                                                    mbedtls_ssl_context *ssl );
+    mbedtls_ssl_context *ssl);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -1443,7 +1500,7 @@ MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_finish)(
  *
  * \return              a string containing the ciphersuite name
  */
-const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id );
+const char *mbedtls_ssl_get_ciphersuite_name(const int ciphersuite_id);
 
 /**
  * \brief               Return the ID of the ciphersuite associated with the
@@ -1453,7 +1510,7 @@ const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id );
  *
  * \return              the ID with the ciphersuite or 0 if not found
  */
-int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name );
+int mbedtls_ssl_get_ciphersuite_id(const char *ciphersuite_name);
 
 /**
  * \brief          Initialize an SSL context
@@ -1462,7 +1519,7 @@ int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name );
  *
  * \param ssl      SSL context
  */
-void mbedtls_ssl_init( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_init(mbedtls_ssl_context *ssl);
 
 /**
  * \brief          Set up an SSL context for use
@@ -1478,14 +1535,18 @@ void mbedtls_ssl_init( mbedtls_ssl_context *ssl );
  *                 Calling mbedtls_ssl_setup again is not supported, even
  *                 if no session is active.
  *
+ * \note           If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                 subsystem must have been initialized by calling
+ *                 psa_crypto_init() before calling this function.
+ *
  * \param ssl      SSL context
  * \param conf     SSL configuration to use
  *
  * \return         0 if successful, or MBEDTLS_ERR_SSL_ALLOC_FAILED if
  *                 memory allocation failed
  */
-int mbedtls_ssl_setup( mbedtls_ssl_context *ssl,
-                       const mbedtls_ssl_config *conf );
+int mbedtls_ssl_setup(mbedtls_ssl_context *ssl,
+                      const mbedtls_ssl_config *conf);
 
 /**
  * \brief          Reset an already initialized SSL context for re-use
@@ -1497,7 +1558,7 @@ int mbedtls_ssl_setup( mbedtls_ssl_context *ssl,
                    MBEDTLS_ERR_SSL_HW_ACCEL_FAILED or
  *                 MBEDTLS_ERR_SSL_COMPRESSION_FAILED
  */
-int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_session_reset(mbedtls_ssl_context *ssl);
 
 /**
  * \brief          Set the current endpoint type
@@ -1505,7 +1566,7 @@ int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl );
  * \param conf     SSL configuration
  * \param endpoint must be MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER
  */
-void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint );
+void mbedtls_ssl_conf_endpoint(mbedtls_ssl_config *conf, int endpoint);
 
 /**
  * \brief           Set the transport type (TLS or DTLS).
@@ -1521,7 +1582,7 @@ void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint );
  *                  MBEDTLS_SSL_TRANSPORT_STREAM for TLS,
  *                  MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS.
  */
-void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport );
+void mbedtls_ssl_conf_transport(mbedtls_ssl_config *conf, int transport);
 
 /**
  * \brief          Set the certificate verification mode
@@ -1549,7 +1610,7 @@ void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport );
  * the verification as soon as possible. For example, REQUIRED was protecting
  * against the "triple handshake" attack even before it was found.
  */
-void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode );
+void mbedtls_ssl_conf_authmode(mbedtls_ssl_config *conf, int authmode);
 
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
 /**
@@ -1567,9 +1628,9 @@ void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode );
  * \param f_vrfy   The verification callback to use during CRT verification.
  * \param p_vrfy   The opaque context to be passed to the callback.
  */
-void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf,
-                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
-                     void *p_vrfy );
+void mbedtls_ssl_conf_verify(mbedtls_ssl_config *conf,
+                             int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                             void *p_vrfy);
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
 
 /**
@@ -1579,9 +1640,9 @@ void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf,
  * \param f_rng    RNG function
  * \param p_rng    RNG parameter
  */
-void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf,
-                  int (*f_rng)(void *, unsigned char *, size_t),
-                  void *p_rng );
+void mbedtls_ssl_conf_rng(mbedtls_ssl_config *conf,
+                          int (*f_rng)(void *, unsigned char *, size_t),
+                          void *p_rng);
 
 /**
  * \brief          Set the debug callback
@@ -1597,9 +1658,9 @@ void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf,
  * \param f_dbg    debug function
  * \param p_dbg    debug parameter
  */
-void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf,
-                  void (*f_dbg)(void *, int, const char *, int, const char *),
-                  void  *p_dbg );
+void mbedtls_ssl_conf_dbg(mbedtls_ssl_config *conf,
+                          void (*f_dbg)(void *, int, const char *, int, const char *),
+                          void  *p_dbg);
 
 /**
  * \brief          Set the underlying BIO callbacks for write, read and
@@ -1617,7 +1678,7 @@ void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf,
  *
  * \note           The two most common use cases are:
  *                 - non-blocking I/O, f_recv != NULL, f_recv_timeout == NULL
- *                 - blocking I/O, f_recv == NULL, f_recv_timout != NULL
+ *                 - blocking I/O, f_recv == NULL, f_recv_timeout != NULL
  *
  * \note           For DTLS, you need to provide either a non-NULL
  *                 f_recv_timeout callback, or a f_recv that doesn't block.
@@ -1631,11 +1692,11 @@ void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf,
  *                 \c mbedtls_net_recv_timeout() that are suitable to be used
  *                 here.
  */
-void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl,
-                          void *p_bio,
-                          mbedtls_ssl_send_t *f_send,
-                          mbedtls_ssl_recv_t *f_recv,
-                          mbedtls_ssl_recv_timeout_t *f_recv_timeout );
+void mbedtls_ssl_set_bio(mbedtls_ssl_context *ssl,
+                         void *p_bio,
+                         mbedtls_ssl_send_t *f_send,
+                         mbedtls_ssl_recv_t *f_recv,
+                         mbedtls_ssl_recv_timeout_t *f_recv_timeout);
 
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
 
@@ -1676,10 +1737,10 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl,
  * \param own_cid     The address of the readable buffer holding the CID we want
  *                    the peer to use when sending encrypted messages to us.
  *                    This may be \c NULL if \p own_cid_len is \c 0.
- *                    This parameter is unused if \p enabled is set to
+ *                    This parameter is unused if \p enable is set to
  *                    MBEDTLS_SSL_CID_DISABLED.
  * \param own_cid_len The length of \p own_cid.
- *                    This parameter is unused if \p enabled is set to
+ *                    This parameter is unused if \p enable is set to
  *                    MBEDTLS_SSL_CID_DISABLED.
  *
  * \note              The value of \p own_cid_len must match the value of the
@@ -1725,10 +1786,10 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl,
  *                    applies to the next handshake.
  * \return            A negative error code on failure.
  */
-int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl,
-                         int enable,
-                         unsigned char const *own_cid,
-                         size_t own_cid_len );
+int mbedtls_ssl_set_cid(mbedtls_ssl_context *ssl,
+                        int enable,
+                        unsigned char const *own_cid,
+                        size_t own_cid_len);
 
 /**
  * \brief              Get information about the use of the CID extension
@@ -1767,15 +1828,15 @@ int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl,
  * \return            \c 0 on success.
  * \return            A negative error code on failure.
  */
-int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl,
-                     int *enabled,
-                     unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ],
-                     size_t *peer_cid_len );
+int mbedtls_ssl_get_peer_cid(mbedtls_ssl_context *ssl,
+                             int *enabled,
+                             unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX],
+                             size_t *peer_cid_len);
 
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
 
 /**
- * \brief          Set the Maximum Tranport Unit (MTU).
+ * \brief          Set the Maximum Transport Unit (MTU).
  *                 Special value: 0 means unset (no limit).
  *                 This represents the maximum size of a datagram payload
  *                 handled by the transport layer (usually UDP) as determined
@@ -1816,7 +1877,7 @@ int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl,
  * \param ssl      SSL context
  * \param mtu      Value of the path MTU in bytes
  */
-void mbedtls_ssl_set_mtu( mbedtls_ssl_context *ssl, uint16_t mtu );
+void mbedtls_ssl_set_mtu(mbedtls_ssl_context *ssl, uint16_t mtu);
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
 
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -1838,9 +1899,9 @@ void mbedtls_ssl_set_mtu( mbedtls_ssl_context *ssl, uint16_t mtu );
  * \param f_vrfy   The verification callback to use during CRT verification.
  * \param p_vrfy   The opaque context to be passed to the callback.
  */
-void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl,
-                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
-                     void *p_vrfy );
+void mbedtls_ssl_set_verify(mbedtls_ssl_context *ssl,
+                            int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                            void *p_vrfy);
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
 
 /**
@@ -1859,7 +1920,7 @@ void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl,
  * \note           With non-blocking I/O, you may also skip this function
  *                 altogether and handle timeouts at the application layer.
  */
-void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout );
+void mbedtls_ssl_conf_read_timeout(mbedtls_ssl_config *conf, uint32_t timeout);
 
 #if defined(MBEDTLS_SSL_RECORD_CHECKING)
 /**
@@ -1906,9 +1967,9 @@ void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout )
  *                 In this case, the SSL context becomes unusable and needs
  *                 to be freed or reset before reuse.
  */
-int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl,
-                              unsigned char *buf,
-                              size_t buflen );
+int mbedtls_ssl_check_record(mbedtls_ssl_context const *ssl,
+                             unsigned char *buf,
+                             size_t buflen);
 #endif /* MBEDTLS_SSL_RECORD_CHECKING */
 
 /**
@@ -1929,12 +1990,12 @@ int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl,
  *                 here, except if using an event-driven style.
  *
  * \note           See also the "DTLS tutorial" article in our knowledge base.
- *                 https://tls.mbed.org/kb/how-to/dtls-tutorial
+ *                 https://mbed-tls.readthedocs.io/en/latest/kb/how-to/dtls-tutorial
  */
-void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl,
-                               void *p_timer,
-                               mbedtls_ssl_set_timer_t *f_set_timer,
-                               mbedtls_ssl_get_timer_t *f_get_timer );
+void mbedtls_ssl_set_timer_cb(mbedtls_ssl_context *ssl,
+                              void *p_timer,
+                              mbedtls_ssl_set_timer_t *f_set_timer,
+                              mbedtls_ssl_get_timer_t *f_get_timer);
 
 /**
  * \brief           Callback type: generate and write session ticket
@@ -1955,12 +2016,12 @@ void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl,
  * \return          0 if successful, or
  *                  a specific MBEDTLS_ERR_XXX code.
  */
-typedef int mbedtls_ssl_ticket_write_t( void *p_ticket,
-                                        const mbedtls_ssl_session *session,
-                                        unsigned char *start,
-                                        const unsigned char *end,
-                                        size_t *tlen,
-                                        uint32_t *lifetime );
+typedef int mbedtls_ssl_ticket_write_t(void *p_ticket,
+                                       const mbedtls_ssl_session *session,
+                                       unsigned char *start,
+                                       const unsigned char *end,
+                                       size_t *tlen,
+                                       uint32_t *lifetime);
 
 #if defined(MBEDTLS_SSL_EXPORT_KEYS)
 /**
@@ -1983,12 +2044,12 @@ typedef int mbedtls_ssl_ticket_write_t( void *p_ticket,
  * \return          0 if successful, or
  *                  a specific MBEDTLS_ERR_XXX code.
  */
-typedef int mbedtls_ssl_export_keys_t( void *p_expkey,
-                                const unsigned char *ms,
-                                const unsigned char *kb,
-                                size_t maclen,
-                                size_t keylen,
-                                size_t ivlen );
+typedef int mbedtls_ssl_export_keys_t(void *p_expkey,
+                                      const unsigned char *ms,
+                                      const unsigned char *kb,
+                                      size_t maclen,
+                                      size_t keylen,
+                                      size_t ivlen);
 
 /**
  * \brief           Callback type: Export key block, master secret,
@@ -2015,15 +2076,15 @@ typedef int mbedtls_ssl_export_keys_t( void *p_expkey,
  * \return          0 if successful, or
  *                  a specific MBEDTLS_ERR_XXX code.
  */
-typedef int mbedtls_ssl_export_keys_ext_t( void *p_expkey,
-                                           const unsigned char *ms,
-                                           const unsigned char *kb,
-                                           size_t maclen,
-                                           size_t keylen,
-                                           size_t ivlen,
-                                           const unsigned char client_random[32],
-                                           const unsigned char server_random[32],
-                                           mbedtls_tls_prf_types tls_prf_type );
+typedef int mbedtls_ssl_export_keys_ext_t(void *p_expkey,
+                                          const unsigned char *ms,
+                                          const unsigned char *kb,
+                                          size_t maclen,
+                                          size_t keylen,
+                                          size_t ivlen,
+                                          const unsigned char client_random[32],
+                                          const unsigned char server_random[32],
+                                          mbedtls_tls_prf_types tls_prf_type);
 #endif /* MBEDTLS_SSL_EXPORT_KEYS */
 
 /**
@@ -2049,10 +2110,10 @@ typedef int mbedtls_ssl_export_keys_ext_t( void *p_expkey,
  *                  MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED if expired, or
  *                  any other non-zero code for other failures.
  */
-typedef int mbedtls_ssl_ticket_parse_t( void *p_ticket,
-                                        mbedtls_ssl_session *session,
-                                        unsigned char *buf,
-                                        size_t len );
+typedef int mbedtls_ssl_ticket_parse_t(void *p_ticket,
+                                       mbedtls_ssl_session *session,
+                                       unsigned char *buf,
+                                       size_t len);
 
 #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C)
 /**
@@ -2069,10 +2130,10 @@ typedef int mbedtls_ssl_ticket_parse_t( void *p_ticket,
  * \param f_ticket_parse    Callback for parsing a ticket
  * \param p_ticket          Context shared by the two callbacks
  */
-void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf,
-        mbedtls_ssl_ticket_write_t *f_ticket_write,
-        mbedtls_ssl_ticket_parse_t *f_ticket_parse,
-        void *p_ticket );
+void mbedtls_ssl_conf_session_tickets_cb(mbedtls_ssl_config *conf,
+                                         mbedtls_ssl_ticket_write_t *f_ticket_write,
+                                         mbedtls_ssl_ticket_parse_t *f_ticket_parse,
+                                         void *p_ticket);
 #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */
 
 #if defined(MBEDTLS_SSL_EXPORT_KEYS)
@@ -2086,9 +2147,9 @@ void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf,
  * \param f_export_keys     Callback for exporting keys
  * \param p_export_keys     Context for the callback
  */
-void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf,
-        mbedtls_ssl_export_keys_t *f_export_keys,
-        void *p_export_keys );
+void mbedtls_ssl_conf_export_keys_cb(mbedtls_ssl_config *conf,
+                                     mbedtls_ssl_export_keys_t *f_export_keys,
+                                     void *p_export_keys);
 
 /**
  * \brief           Configure extended key export callback.
@@ -2102,9 +2163,9 @@ void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf,
  * \param f_export_keys_ext Callback for exporting keys
  * \param p_export_keys     Context for the callback
  */
-void mbedtls_ssl_conf_export_keys_ext_cb( mbedtls_ssl_config *conf,
-        mbedtls_ssl_export_keys_ext_t *f_export_keys_ext,
-        void *p_export_keys );
+void mbedtls_ssl_conf_export_keys_ext_cb(mbedtls_ssl_config *conf,
+                                         mbedtls_ssl_export_keys_ext_t *f_export_keys_ext,
+                                         void *p_export_keys);
 #endif /* MBEDTLS_SSL_EXPORT_KEYS */
 
 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
@@ -2138,12 +2199,12 @@ void mbedtls_ssl_conf_export_keys_ext_cb( mbedtls_ssl_config *conf,
  *                          mbedtls_ssl_conf_get_async_config_data(). The
  *                          library stores this value without dereferencing it.
  */
-void mbedtls_ssl_conf_async_private_cb( mbedtls_ssl_config *conf,
-                                        mbedtls_ssl_async_sign_t *f_async_sign,
-                                        mbedtls_ssl_async_decrypt_t *f_async_decrypt,
-                                        mbedtls_ssl_async_resume_t *f_async_resume,
-                                        mbedtls_ssl_async_cancel_t *f_async_cancel,
-                                        void *config_data );
+void mbedtls_ssl_conf_async_private_cb(mbedtls_ssl_config *conf,
+                                       mbedtls_ssl_async_sign_t *f_async_sign,
+                                       mbedtls_ssl_async_decrypt_t *f_async_decrypt,
+                                       mbedtls_ssl_async_resume_t *f_async_resume,
+                                       mbedtls_ssl_async_cancel_t *f_async_cancel,
+                                       void *config_data);
 
 /**
  * \brief           Retrieve the configuration data set by
@@ -2153,7 +2214,7 @@ void mbedtls_ssl_conf_async_private_cb( mbedtls_ssl_config *conf,
  * \return          The configuration data set by
  *                  mbedtls_ssl_conf_async_private_cb().
  */
-void *mbedtls_ssl_conf_get_async_config_data( const mbedtls_ssl_config *conf );
+void *mbedtls_ssl_conf_get_async_config_data(const mbedtls_ssl_config *conf);
 
 /**
  * \brief           Retrieve the asynchronous operation user context.
@@ -2169,7 +2230,7 @@ void *mbedtls_ssl_conf_get_async_config_data( const mbedtls_ssl_config *conf );
  *                  called during the current handshake, this function returns
  *                  \c NULL.
  */
-void *mbedtls_ssl_get_async_operation_data( const mbedtls_ssl_context *ssl );
+void *mbedtls_ssl_get_async_operation_data(const mbedtls_ssl_context *ssl);
 
 /**
  * \brief           Retrieve the asynchronous operation user context.
@@ -2182,8 +2243,8 @@ void *mbedtls_ssl_get_async_operation_data( const mbedtls_ssl_context *ssl );
  *                  Call mbedtls_ssl_get_async_operation_data() later during the
  *                  same handshake to retrieve this value.
  */
-void mbedtls_ssl_set_async_operation_data( mbedtls_ssl_context *ssl,
-                                 void *ctx );
+void mbedtls_ssl_set_async_operation_data(mbedtls_ssl_context *ssl,
+                                          void *ctx);
 #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
 
 /**
@@ -2200,9 +2261,9 @@ void mbedtls_ssl_set_async_operation_data( mbedtls_ssl_context *ssl,
  * \return         The callback must return 0 on success,
  *                 or a negative error code.
  */
-typedef int mbedtls_ssl_cookie_write_t( void *ctx,
-                                unsigned char **p, unsigned char *end,
-                                const unsigned char *info, size_t ilen );
+typedef int mbedtls_ssl_cookie_write_t(void *ctx,
+                                       unsigned char **p, unsigned char *end,
+                                       const unsigned char *info, size_t ilen);
 
 /**
  * \brief          Callback type: verify a cookie
@@ -2217,9 +2278,9 @@ typedef int mbedtls_ssl_cookie_write_t( void *ctx,
  * \return         The callback must return 0 if cookie is valid,
  *                 or a negative error code.
  */
-typedef int mbedtls_ssl_cookie_check_t( void *ctx,
-                                const unsigned char *cookie, size_t clen,
-                                const unsigned char *info, size_t ilen );
+typedef int mbedtls_ssl_cookie_check_t(void *ctx,
+                                       const unsigned char *cookie, size_t clen,
+                                       const unsigned char *info, size_t ilen);
 
 #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
 /**
@@ -2250,10 +2311,10 @@ typedef int mbedtls_ssl_cookie_check_t( void *ctx,
  * \param f_cookie_check    Cookie check callback
  * \param p_cookie          Context for both callbacks
  */
-void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf,
-                           mbedtls_ssl_cookie_write_t *f_cookie_write,
-                           mbedtls_ssl_cookie_check_t *f_cookie_check,
-                           void *p_cookie );
+void mbedtls_ssl_conf_dtls_cookies(mbedtls_ssl_config *conf,
+                                   mbedtls_ssl_cookie_write_t *f_cookie_write,
+                                   mbedtls_ssl_cookie_check_t *f_cookie_check,
+                                   void *p_cookie);
 
 /**
  * \brief          Set client's transport-level identification info.
@@ -2274,9 +2335,9 @@ void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf,
  *                 MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used on client,
  *                 MBEDTLS_ERR_SSL_ALLOC_FAILED if out of memory.
  */
-int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl,
-                                 const unsigned char *info,
-                                 size_t ilen );
+int mbedtls_ssl_set_client_transport_id(mbedtls_ssl_context *ssl,
+                                        const unsigned char *info,
+                                        size_t ilen);
 
 #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */
 
@@ -2296,7 +2357,7 @@ int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl,
  *                 packets and needs information about them to adjust its
  *                 transmission strategy, then you'll want to disable this.
  */
-void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode );
+void mbedtls_ssl_conf_dtls_anti_replay(mbedtls_ssl_config *conf, char mode);
 #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
 
 #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
@@ -2316,14 +2377,14 @@ void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode );
  *                 ones going through the authentication-decryption phase.
  *
  * \note           This is a security trade-off related to the fact that it's
- *                 often relatively easy for an active attacker ot inject UDP
+ *                 often relatively easy for an active attacker to inject UDP
  *                 datagrams. On one hand, setting a low limit here makes it
  *                 easier for such an attacker to forcibly terminated a
  *                 connection. On the other hand, a high limit or no limit
  *                 might make us waste resources checking authentication on
  *                 many bogus packets.
  */
-void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit );
+void mbedtls_ssl_conf_dtls_badmac_limit(mbedtls_ssl_config *conf, unsigned limit);
 #endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
 
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
@@ -2356,8 +2417,8 @@ void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limi
  *                 are currently always sent in separate datagrams.
  *
  */
-void mbedtls_ssl_set_datagram_packing( mbedtls_ssl_context *ssl,
-                                       unsigned allow_packing );
+void mbedtls_ssl_set_datagram_packing(mbedtls_ssl_context *ssl,
+                                      unsigned allow_packing);
 
 /**
  * \brief          Set retransmit timeout values for the DTLS handshake.
@@ -2390,7 +2451,7 @@ void mbedtls_ssl_set_datagram_packing( mbedtls_ssl_context *ssl,
  *                 goes: send ... 1s -> resend ... 2s -> resend ... 4s ->
  *                 resend ... 5s -> give up and return a timeout error.
  */
-void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max );
+void mbedtls_ssl_conf_handshake_timeout(mbedtls_ssl_config *conf, uint32_t min, uint32_t max);
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
 
 #if defined(MBEDTLS_SSL_SRV_C)
@@ -2427,14 +2488,14 @@ void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min,
  *                 successfully cached, return 1 otherwise.
  *
  * \param conf           SSL configuration
- * \param p_cache        parmater (context) for both callbacks
+ * \param p_cache        parameter (context) for both callbacks
  * \param f_get_cache    session get callback
  * \param f_set_cache    session set callback
  */
-void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf,
-        void *p_cache,
-        int (*f_get_cache)(void *, mbedtls_ssl_session *),
-        int (*f_set_cache)(void *, const mbedtls_ssl_session *) );
+void mbedtls_ssl_conf_session_cache(mbedtls_ssl_config *conf,
+                                    void *p_cache,
+                                    int (*f_get_cache)(void *, mbedtls_ssl_session *),
+                                    int (*f_set_cache)(void *, const mbedtls_ssl_session *));
 #endif /* MBEDTLS_SSL_SRV_C */
 
 #if defined(MBEDTLS_SSL_CLI_C)
@@ -2452,13 +2513,13 @@ void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf,
  *
  * \sa             mbedtls_ssl_get_session()
  */
-int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session );
+int mbedtls_ssl_set_session(mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session);
 #endif /* MBEDTLS_SSL_CLI_C */
 
 /**
  * \brief          Load serialized session data into a session structure.
  *                 On client, this can be used for loading saved sessions
- *                 before resuming them with mbedstls_ssl_set_session().
+ *                 before resuming them with mbedtls_ssl_set_session().
  *                 On server, this can be used for alternative implementations
  *                 of session cache or session tickets.
  *
@@ -2487,9 +2548,9 @@ int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session
  * \return         Another negative value for other kinds of errors (for
  *                 example, unsupported features in the embedded certificate).
  */
-int mbedtls_ssl_session_load( mbedtls_ssl_session *session,
-                              const unsigned char *buf,
-                              size_t len );
+int mbedtls_ssl_session_load(mbedtls_ssl_session *session,
+                             const unsigned char *buf,
+                             size_t len);
 
 /**
  * \brief          Save session structure as serialized data in a buffer.
@@ -2503,8 +2564,8 @@ int mbedtls_ssl_session_load( mbedtls_ssl_session *session,
  *
  * \param session  The session structure to be saved.
  * \param buf      The buffer to write the serialized data to. It must be a
- *                 writeable buffer of at least \p len bytes, or may be \c
- *                 NULL if \p len is \c 0.
+ *                 writeable buffer of at least \p buf_len bytes, or may be \c
+ *                 NULL if \p buf_len is \c 0.
  * \param buf_len  The number of bytes available for writing in \p buf.
  * \param olen     The size in bytes of the data that has been or would have
  *                 been written. It must point to a valid \c size_t.
@@ -2517,10 +2578,10 @@ int mbedtls_ssl_session_load( mbedtls_ssl_session *session,
  * \return         \c 0 if successful.
  * \return         #MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL if \p buf is too small.
  */
-int mbedtls_ssl_session_save( const mbedtls_ssl_session *session,
-                              unsigned char *buf,
-                              size_t buf_len,
-                              size_t *olen );
+int mbedtls_ssl_session_save(const mbedtls_ssl_session *session,
+                             unsigned char *buf,
+                             size_t buf_len,
+                             size_t *olen);
 
 /**
  * \brief          Get a pointer to the current session structure, for example
@@ -2537,7 +2598,7 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session,
  * \return         A pointer to the current session if successful.
  * \return         \c NULL if no session is active.
  */
-const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl );
+const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer(const mbedtls_ssl_context *ssl);
 
 /**
  * \brief               Set the list of allowed ciphersuites and the preference
@@ -2554,8 +2615,8 @@ const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_co
  * \param conf          SSL configuration
  * \param ciphersuites  0-terminated list of allowed ciphersuites
  */
-void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
-                                   const int *ciphersuites );
+void mbedtls_ssl_conf_ciphersuites(mbedtls_ssl_config *conf,
+                                   const int *ciphersuites);
 
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
 #define MBEDTLS_SSL_UNEXPECTED_CID_IGNORE 0
@@ -2589,11 +2650,11 @@ void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
  *                      record headers.
  *
  * \return              \c 0 on success.
- * \return              #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if \p own_cid_len
+ * \return              #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if \p len
  *                      is too large.
  */
-int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, size_t len,
-                          int ignore_other_cids );
+int mbedtls_ssl_conf_cid(mbedtls_ssl_config *conf, size_t len,
+                         int ignore_other_cids);
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
 
 /**
@@ -2615,9 +2676,9 @@ int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, size_t len,
  * \note                With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0
  *                      and MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2
  */
-void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
-                                       const int *ciphersuites,
-                                       int major, int minor );
+void mbedtls_ssl_conf_ciphersuites_for_version(mbedtls_ssl_config *conf,
+                                               const int *ciphersuites,
+                                               int major, int minor);
 
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
 /**
@@ -2630,8 +2691,8 @@ void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
  * \param conf     SSL configuration
  * \param profile  Profile to use
  */
-void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf,
-                                    const mbedtls_x509_crt_profile *profile );
+void mbedtls_ssl_conf_cert_profile(mbedtls_ssl_config *conf,
+                                   const mbedtls_x509_crt_profile *profile);
 
 /**
  * \brief          Set the data required to verify peer certificate
@@ -2644,9 +2705,9 @@ void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf,
  * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs)
  * \param ca_crl   trusted CA CRLs
  */
-void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_ca_chain(mbedtls_ssl_config *conf,
                                mbedtls_x509_crt *ca_chain,
-                               mbedtls_x509_crl *ca_crl );
+                               mbedtls_x509_crl *ca_crl);
 
 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
 /**
@@ -2700,9 +2761,9 @@ void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf,
  *                 to guarantee this (for example through a mutex
  *                 contained in the callback context pointed to by \p p_ca_cb).
  */
-void mbedtls_ssl_conf_ca_cb( mbedtls_ssl_config *conf,
-                             mbedtls_x509_crt_ca_cb_t f_ca_cb,
-                             void *p_ca_cb );
+void mbedtls_ssl_conf_ca_cb(mbedtls_ssl_config *conf,
+                            mbedtls_x509_crt_ca_cb_t f_ca_cb,
+                            void *p_ca_cb);
 #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
 
 /**
@@ -2722,7 +2783,7 @@ void mbedtls_ssl_conf_ca_cb( mbedtls_ssl_config *conf,
  *
  * \note           On client, only the first call has any effect. That is,
  *                 only one client certificate can be provisioned. The
- *                 server's preferences in its CertficateRequest message will
+ *                 server's preferences in its CertificateRequest message will
  *                 be ignored and our only cert will be sent regardless of
  *                 whether it matches those preferences - the server can then
  *                 decide what it wants to do with it.
@@ -2741,9 +2802,9 @@ void mbedtls_ssl_conf_ca_cb( mbedtls_ssl_config *conf,
  *
  * \return         0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED
  */
-int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf,
+int mbedtls_ssl_conf_own_cert(mbedtls_ssl_config *conf,
                               mbedtls_x509_crt *own_cert,
-                              mbedtls_pk_context *pk_key );
+                              mbedtls_pk_context *pk_key);
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
 
 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
@@ -2778,9 +2839,9 @@ int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf,
  * \return         \c 0 if successful.
  * \return         An \c MBEDTLS_ERR_SSL_XXX error code on failure.
  */
-int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
-                const unsigned char *psk, size_t psk_len,
-                const unsigned char *psk_identity, size_t psk_identity_len );
+int mbedtls_ssl_conf_psk(mbedtls_ssl_config *conf,
+                         const unsigned char *psk, size_t psk_len,
+                         const unsigned char *psk_identity, size_t psk_identity_len);
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 /**
@@ -2819,10 +2880,10 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
  * \return         \c 0 if successful.
  * \return         An \c MBEDTLS_ERR_SSL_XXX error code on failure.
  */
-int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf,
-                                 psa_key_id_t psk,
-                                 const unsigned char *psk_identity,
-                                 size_t psk_identity_len );
+int mbedtls_ssl_conf_psk_opaque(mbedtls_ssl_config *conf,
+                                psa_key_id_t psk,
+                                const unsigned char *psk_identity,
+                                size_t psk_identity_len);
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
 /**
@@ -2841,8 +2902,8 @@ int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf,
  * \return         \c 0 if successful.
  * \return         An \c MBEDTLS_ERR_SSL_XXX error code on failure.
  */
-int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl,
-                            const unsigned char *psk, size_t psk_len );
+int mbedtls_ssl_set_hs_psk(mbedtls_ssl_context *ssl,
+                           const unsigned char *psk, size_t psk_len);
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 /**
@@ -2861,12 +2922,12 @@ int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl,
  *                 PSA_ALG_CATEGORY_KEY_DERIVATION whose policy allows its
  *                 use for the key derivation algorithm
  *                 applied in the handshake.
-  *
+ *
  * \return         \c 0 if successful.
  * \return         An \c MBEDTLS_ERR_SSL_XXX error code on failure.
  */
-int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl,
-                                   psa_key_id_t psk );
+int mbedtls_ssl_set_hs_psk_opaque(mbedtls_ssl_context *ssl,
+                                  psa_key_id_t psk);
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
 /**
@@ -2907,10 +2968,10 @@ int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl,
  * \param p_psk    A pointer to an opaque structure to be passed to
  *                 the callback, for example a PSK store.
  */
-void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf,
-                     int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *,
-                                  size_t),
-                     void *p_psk );
+void mbedtls_ssl_conf_psk_cb(mbedtls_ssl_config *conf,
+                             int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *,
+                                          size_t),
+                             void *p_psk);
 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
 
 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
@@ -2936,9 +2997,9 @@ void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf,
  *
  * \return         0 if successful
  */
-MBEDTLS_DEPRECATED int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf,
-                                                  const char *dhm_P,
-                                                  const char *dhm_G );
+MBEDTLS_DEPRECATED int mbedtls_ssl_conf_dh_param(mbedtls_ssl_config *conf,
+                                                 const char *dhm_P,
+                                                 const char *dhm_G);
 
 #endif /* MBEDTLS_DEPRECATED_REMOVED */
 
@@ -2955,9 +3016,9 @@ MBEDTLS_DEPRECATED int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf,
  *
  * \return         0 if successful
  */
-int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf,
-                                   const unsigned char *dhm_P, size_t P_len,
-                                   const unsigned char *dhm_G,  size_t G_len );
+int mbedtls_ssl_conf_dh_param_bin(mbedtls_ssl_config *conf,
+                                  const unsigned char *dhm_P, size_t P_len,
+                                  const unsigned char *dhm_G,  size_t G_len);
 
 /**
  * \brief          Set the Diffie-Hellman public P and G values,
@@ -2968,7 +3029,7 @@ int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf,
  *
  * \return         0 if successful
  */
-int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx );
+int mbedtls_ssl_conf_dh_param_ctx(mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx);
 #endif /* MBEDTLS_DHM_C && defined(MBEDTLS_SSL_SRV_C) */
 
 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
@@ -2980,14 +3041,16 @@ int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context
  * \param conf     SSL configuration
  * \param bitlen   Minimum bit length of the DHM prime
  */
-void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf,
-                                      unsigned int bitlen );
+void mbedtls_ssl_conf_dhm_min_bitlen(mbedtls_ssl_config *conf,
+                                     unsigned int bitlen);
 #endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */
 
 #if defined(MBEDTLS_ECP_C)
 /**
  * \brief          Set the allowed curves in order of preference.
- *                 (Default: all defined curves.)
+ *                 (Default: all defined curves in order of decreasing size,
+ *                 except that Montgomery curves come last. This order
+ *                 is likely to change in a future version.)
  *
  *                 On server: this only affects selection of the ECDHE curve;
  *                 the curves used for ECDH and ECDSA are determined by the
@@ -3012,14 +3075,16 @@ void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf,
  * \param curves   Ordered list of allowed curves,
  *                 terminated by MBEDTLS_ECP_DP_NONE.
  */
-void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf,
-                              const mbedtls_ecp_group_id *curves );
+void mbedtls_ssl_conf_curves(mbedtls_ssl_config *conf,
+                             const mbedtls_ecp_group_id *curves);
 #endif /* MBEDTLS_ECP_C */
 
 #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
 /**
  * \brief          Set the allowed hashes for signatures during the handshake.
- *                 (Default: all available hashes except MD5.)
+ *                 (Default: all SHA-2 hashes, largest first. Also SHA-1 if
+ *                 the compile-time option
+ *                 `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE` is enabled.)
  *
  * \note           This only affects which hashes are offered and can be used
  *                 for signatures during the handshake. Hashes for message
@@ -3035,8 +3100,8 @@ void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf,
  * \param hashes   Ordered list of allowed signature hashes,
  *                 terminated by \c MBEDTLS_MD_NONE.
  */
-void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf,
-                                  const int *hashes );
+void mbedtls_ssl_conf_sig_hashes(mbedtls_ssl_config *conf,
+                                 const int *hashes);
 #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -3058,7 +3123,7 @@ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf,
  *                 when NULL). On allocation failure hostname is cleared.
  *                 On too long input failure, old hostname is unchanged.
  */
-int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname );
+int mbedtls_ssl_set_hostname(mbedtls_ssl_context *ssl, const char *hostname);
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
 
 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
@@ -3074,9 +3139,9 @@ int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname );
  *
  * \return         0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED
  */
-int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl,
-                                 mbedtls_x509_crt *own_cert,
-                                 mbedtls_pk_context *pk_key );
+int mbedtls_ssl_set_hs_own_cert(mbedtls_ssl_context *ssl,
+                                mbedtls_x509_crt *own_cert,
+                                mbedtls_pk_context *pk_key);
 
 /**
  * \brief          Set the data required to verify peer certificate for the
@@ -3089,9 +3154,9 @@ int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl,
  * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs)
  * \param ca_crl   trusted CA CRLs
  */
-void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl,
-                                  mbedtls_x509_crt *ca_chain,
-                                  mbedtls_x509_crl *ca_crl );
+void mbedtls_ssl_set_hs_ca_chain(mbedtls_ssl_context *ssl,
+                                 mbedtls_x509_crt *ca_chain,
+                                 mbedtls_x509_crl *ca_crl);
 
 /**
  * \brief          Set authmode for the current handshake.
@@ -3103,8 +3168,8 @@ void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl,
  * \param authmode MBEDTLS_SSL_VERIFY_NONE, MBEDTLS_SSL_VERIFY_OPTIONAL or
  *                 MBEDTLS_SSL_VERIFY_REQUIRED
  */
-void mbedtls_ssl_set_hs_authmode( mbedtls_ssl_context *ssl,
-                                  int authmode );
+void mbedtls_ssl_set_hs_authmode(mbedtls_ssl_context *ssl,
+                                 int authmode);
 
 /**
  * \brief          Set server side ServerName TLS extension callback
@@ -3129,10 +3194,10 @@ void mbedtls_ssl_set_hs_authmode( mbedtls_ssl_context *ssl,
  * \param f_sni    verification function
  * \param p_sni    verification parameter
  */
-void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf,
-                  int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *,
-                               size_t),
-                  void *p_sni );
+void mbedtls_ssl_conf_sni(mbedtls_ssl_config *conf,
+                          int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *,
+                                       size_t),
+                          void *p_sni);
 #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
 
 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
@@ -3153,9 +3218,9 @@ void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf,
  *
  * \return         0 on success, or a negative error code.
  */
-int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl,
-                                         const unsigned char *pw,
-                                         size_t pw_len );
+int mbedtls_ssl_set_hs_ecjpake_password(mbedtls_ssl_context *ssl,
+                                        const unsigned char *pw,
+                                        size_t pw_len);
 #endif /*MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
 
 #if defined(MBEDTLS_SSL_ALPN)
@@ -3166,12 +3231,12 @@ int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl,
  * \param protos   Pointer to a NULL-terminated list of supported protocols,
  *                 in decreasing preference order. The pointer to the list is
  *                 recorded by the library for later reference as required, so
- *                 the lifetime of the table must be atleast as long as the
+ *                 the lifetime of the table must be at least as long as the
  *                 lifetime of the SSL configuration structure.
  *
  * \return         0 on success, or MBEDTLS_ERR_SSL_BAD_INPUT_DATA.
  */
-int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos );
+int mbedtls_ssl_conf_alpn_protocols(mbedtls_ssl_config *conf, const char **protos);
 
 /**
  * \brief          Get the name of the negotiated Application Layer Protocol.
@@ -3180,28 +3245,27 @@ int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **prot
  *
  * \param ssl      SSL context
  *
- * \return         Protcol name, or NULL if no protocol was negotiated.
+ * \return         Protocol name, or NULL if no protocol was negotiated.
  */
-const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl );
+const char *mbedtls_ssl_get_alpn_protocol(const mbedtls_ssl_context *ssl);
 #endif /* MBEDTLS_SSL_ALPN */
 
 #if defined(MBEDTLS_SSL_DTLS_SRTP)
 #if defined(MBEDTLS_DEBUG_C)
-static inline const char *mbedtls_ssl_get_srtp_profile_as_string( mbedtls_ssl_srtp_profile profile )
+static inline const char *mbedtls_ssl_get_srtp_profile_as_string(mbedtls_ssl_srtp_profile profile)
 {
-    switch( profile )
-    {
+    switch (profile) {
         case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80:
-            return( "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" );
+            return "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80";
         case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32:
-            return( "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" );
+            return "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32";
         case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80:
-            return( "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" );
+            return "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80";
         case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32:
-            return( "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" );
+            return "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32";
         default: break;
     }
-    return( "" );
+    return "";
 }
 #endif /* MBEDTLS_DEBUG_C */
 /**
@@ -3217,8 +3281,8 @@ static inline const char *mbedtls_ssl_get_srtp_profile_as_string( mbedtls_ssl_sr
  *                          #MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED
  *                          or #MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED.
  */
-void mbedtls_ssl_conf_srtp_mki_value_supported( mbedtls_ssl_config *conf,
-                                                int support_mki_value );
+void mbedtls_ssl_conf_srtp_mki_value_supported(mbedtls_ssl_config *conf,
+                                               int support_mki_value);
 
 /**
  * \brief                   Set the supported DTLS-SRTP protection profiles.
@@ -3240,8 +3304,8 @@ void mbedtls_ssl_conf_srtp_mki_value_supported( mbedtls_ssl_config *conf,
  *                          protection profiles is incorrect.
  */
 int mbedtls_ssl_conf_dtls_srtp_protection_profiles
-                               ( mbedtls_ssl_config *conf,
-                                 const mbedtls_ssl_srtp_profile *profiles );
+    (mbedtls_ssl_config *conf,
+    const mbedtls_ssl_srtp_profile *profiles);
 
 /**
  * \brief                  Set the mki_value for the current DTLS-SRTP session.
@@ -3259,11 +3323,11 @@ int mbedtls_ssl_conf_dtls_srtp_protection_profiles
  * \return                 #MBEDTLS_ERR_SSL_BAD_INPUT_DATA
  * \return                 #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE
  */
-int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
-                                         unsigned char *mki_value,
-                                         uint16_t mki_len );
+int mbedtls_ssl_dtls_srtp_set_mki_value(mbedtls_ssl_context *ssl,
+                                        unsigned char *mki_value,
+                                        uint16_t mki_len);
 /**
- * \brief                  Get the negotiated DTLS-SRTP informations:
+ * \brief                  Get the negotiated DTLS-SRTP information:
  *                         Protection profile and MKI value.
  *
  * \warning                This function must be called after the handshake is
@@ -3271,7 +3335,7 @@ int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
  *                         not be trusted or acted upon before the handshake completes.
  *
  * \param ssl              The SSL context to query.
- * \param dtls_srtp_info   The negotiated DTLS-SRTP informations:
+ * \param dtls_srtp_info   The negotiated DTLS-SRTP information:
  *                         - Protection profile in use.
  *                         A direct mapping of the iana defined value for protection
  *                         profile on an uint16_t.
@@ -3280,8 +3344,8 @@ int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
  *                         or peer's Hello packet was not parsed yet.
  *                         - mki size and value( if size is > 0 ).
  */
-void mbedtls_ssl_get_dtls_srtp_negotiation_result( const mbedtls_ssl_context *ssl,
-                                                   mbedtls_dtls_srtp_info *dtls_srtp_info );
+void mbedtls_ssl_get_dtls_srtp_negotiation_result(const mbedtls_ssl_context *ssl,
+                                                  mbedtls_dtls_srtp_info *dtls_srtp_info);
 #endif /* MBEDTLS_SSL_DTLS_SRTP */
 
 /**
@@ -3300,7 +3364,7 @@ void mbedtls_ssl_get_dtls_srtp_negotiation_result( const mbedtls_ssl_context *ss
  *                 MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2,
  *                 MBEDTLS_SSL_MINOR_VERSION_3 supported)
  */
-void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor );
+void mbedtls_ssl_conf_max_version(mbedtls_ssl_config *conf, int major, int minor);
 
 /**
  * \brief          Set the minimum accepted SSL/TLS protocol version
@@ -3320,7 +3384,7 @@ void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int mino
  *                 MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2,
  *                 MBEDTLS_SSL_MINOR_VERSION_3 supported)
  */
-void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor );
+void mbedtls_ssl_conf_min_version(mbedtls_ssl_config *conf, int major, int minor);
 
 #if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
 /**
@@ -3342,7 +3406,7 @@ void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int mino
  * \param conf     SSL configuration
  * \param fallback MBEDTLS_SSL_IS_NOT_FALLBACK or MBEDTLS_SSL_IS_FALLBACK
  */
-void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback );
+void mbedtls_ssl_conf_fallback(mbedtls_ssl_config *conf, char fallback);
 #endif /* MBEDTLS_SSL_FALLBACK_SCSV && MBEDTLS_SSL_CLI_C */
 
 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
@@ -3357,7 +3421,7 @@ void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback );
  * \param conf      SSL configuration
  * \param etm       MBEDTLS_SSL_ETM_ENABLED or MBEDTLS_SSL_ETM_DISABLED
  */
-void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm );
+void mbedtls_ssl_conf_encrypt_then_mac(mbedtls_ssl_config *conf, char etm);
 #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
 
 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
@@ -3372,7 +3436,7 @@ void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm );
  * \param conf      SSL configuration
  * \param ems       MBEDTLS_SSL_EXTENDED_MS_ENABLED or MBEDTLS_SSL_EXTENDED_MS_DISABLED
  */
-void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems );
+void mbedtls_ssl_conf_extended_master_secret(mbedtls_ssl_config *conf, char ems);
 #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
 
 #if defined(MBEDTLS_ARC4_C)
@@ -3391,7 +3455,7 @@ void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems
  * \param conf     SSL configuration
  * \param arc4     MBEDTLS_SSL_ARC4_ENABLED or MBEDTLS_SSL_ARC4_DISABLED
  */
-void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 );
+void mbedtls_ssl_conf_arc4_support(mbedtls_ssl_config *conf, char arc4);
 #endif /* MBEDTLS_ARC4_C */
 
 #if defined(MBEDTLS_SSL_SRV_C)
@@ -3404,8 +3468,8 @@ void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 );
  * \param cert_req_ca_list   MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED or
  *                          MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED
  */
-void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf,
-                                          char cert_req_ca_list );
+void mbedtls_ssl_conf_cert_req_ca_list(mbedtls_ssl_config *conf,
+                                       char cert_req_ca_list);
 #endif /* MBEDTLS_SSL_SRV_C */
 
 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
@@ -3433,7 +3497,7 @@ void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf,
  *                 \c mbedtls_ssl_get_record_expansion().
  *
  * \note           For DTLS, it is also possible to set a limit for the total
- *                 size of daragrams passed to the transport layer, including
+ *                 size of datagrams passed to the transport layer, including
  *                 record overhead, see \c mbedtls_ssl_set_mtu().
  *
  * \param conf     SSL configuration
@@ -3443,7 +3507,7 @@ void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf,
  *
  * \return         0 if successful or MBEDTLS_ERR_SSL_BAD_INPUT_DATA
  */
-int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code );
+int mbedtls_ssl_conf_max_frag_len(mbedtls_ssl_config *conf, unsigned char mfl_code);
 #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
 
 #if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
@@ -3455,7 +3519,7 @@ int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_c
  * \param truncate Enable or disable (MBEDTLS_SSL_TRUNC_HMAC_ENABLED or
  *                                    MBEDTLS_SSL_TRUNC_HMAC_DISABLED)
  */
-void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate );
+void mbedtls_ssl_conf_truncated_hmac(mbedtls_ssl_config *conf, int truncate);
 #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
 
 #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
@@ -3470,7 +3534,7 @@ void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate );
  * \param split    MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED or
  *                 MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED
  */
-void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split );
+void mbedtls_ssl_conf_cbc_record_splitting(mbedtls_ssl_config *conf, char split);
 #endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */
 
 #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
@@ -3484,7 +3548,7 @@ void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split
  * \param use_tickets   Enable or disable (MBEDTLS_SSL_SESSION_TICKETS_ENABLED or
  *                                         MBEDTLS_SSL_SESSION_TICKETS_DISABLED)
  */
-void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets );
+void mbedtls_ssl_conf_session_tickets(mbedtls_ssl_config *conf, int use_tickets);
 #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
 
 #if defined(MBEDTLS_SSL_RENEGOTIATION)
@@ -3493,7 +3557,7 @@ void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets
  *                 initiated by peer
  *                 (Default: MBEDTLS_SSL_RENEGOTIATION_DISABLED)
  *
- * \warning        It is recommended to always disable renegotation unless you
+ * \warning        It is recommended to always disable renegotiation unless you
  *                 know you need it and you know what you're doing. In the
  *                 past, there have been several issues associated with
  *                 renegotiation or a poor understanding of its properties.
@@ -3505,7 +3569,7 @@ void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets
  * \param renegotiation     Enable or disable (MBEDTLS_SSL_RENEGOTIATION_ENABLED or
  *                                             MBEDTLS_SSL_RENEGOTIATION_DISABLED)
  */
-void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation );
+void mbedtls_ssl_conf_renegotiation(mbedtls_ssl_config *conf, int renegotiation);
 #endif /* MBEDTLS_SSL_RENEGOTIATION */
 
 /**
@@ -3535,7 +3599,7 @@ void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation
  *                                        SSL_ALLOW_LEGACY_RENEGOTIATION or
  *                                        MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE)
  */
-void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy );
+void mbedtls_ssl_conf_legacy_renegotiation(mbedtls_ssl_config *conf, int allow_legacy);
 
 #if defined(MBEDTLS_SSL_RENEGOTIATION)
 /**
@@ -3556,7 +3620,7 @@ void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_
  *                 scenario.
  *
  * \note           With DTLS and server-initiated renegotiation, the
- *                 HelloRequest is retransmited every time mbedtls_ssl_read() times
+ *                 HelloRequest is retransmitted every time mbedtls_ssl_read() times
  *                 out or receives Application Data, until:
  *                 - max_records records have beens seen, if it is >= 0, or
  *                 - the number of retransmits that would happen during an
@@ -3575,7 +3639,7 @@ void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_
  *                 enforce renegotiation, or a non-negative value to enforce
  *                 it but allow for a grace period of max_records records.
  */
-void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records );
+void mbedtls_ssl_conf_renegotiation_enforced(mbedtls_ssl_config *conf, int max_records);
 
 /**
  * \brief          Set record counter threshold for periodic renegotiation.
@@ -3602,8 +3666,8 @@ void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_
  * \param conf     SSL configuration
  * \param period   The threshold value: a big-endian 64-bit number.
  */
-void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf,
-                                   const unsigned char period[8] );
+void mbedtls_ssl_conf_renegotiation_period(mbedtls_ssl_config *conf,
+                                           const unsigned char period[8]);
 #endif /* MBEDTLS_SSL_RENEGOTIATION */
 
 /**
@@ -3644,7 +3708,7 @@ void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf,
  *                 that all internal data has been processed.
  *
  */
-int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl );
+int mbedtls_ssl_check_pending(const mbedtls_ssl_context *ssl);
 
 /**
  * \brief          Return the number of application data bytes
@@ -3661,7 +3725,7 @@ int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl );
  *                 amount of data fitting into the input buffer.
  *
  */
-size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl );
+size_t mbedtls_ssl_get_bytes_avail(const mbedtls_ssl_context *ssl);
 
 /**
  * \brief          Return the result of the certificate verification
@@ -3675,7 +3739,7 @@ size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl );
  * \return         A bitwise combination of \c MBEDTLS_X509_BADCERT_XXX
  *                 and \c MBEDTLS_X509_BADCRL_XXX failure flags; see x509.h.
  */
-uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl );
+uint32_t mbedtls_ssl_get_verify_result(const mbedtls_ssl_context *ssl);
 
 /**
  * \brief          Return the name of the current ciphersuite
@@ -3684,7 +3748,7 @@ uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl );
  *
  * \return         a string containing the ciphersuite name
  */
-const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl );
+const char *mbedtls_ssl_get_ciphersuite(const mbedtls_ssl_context *ssl);
 
 /**
  * \brief          Return the current SSL version (SSLv3/TLSv1/etc)
@@ -3693,7 +3757,7 @@ const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl );
  *
  * \return         a string containing the SSL version
  */
-const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl );
+const char *mbedtls_ssl_get_version(const mbedtls_ssl_context *ssl);
 
 /**
  * \brief          Return the (maximum) number of bytes added by the record
@@ -3708,7 +3772,7 @@ const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl );
  *                 MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if compression is
  *                 enabled, which makes expansion much less predictable
  */
-int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl );
+int mbedtls_ssl_get_record_expansion(const mbedtls_ssl_context *ssl);
 
 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
 /**
@@ -3724,7 +3788,7 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl );
  *
  * \return         Current maximum fragment length for the output buffer.
  */
-size_t mbedtls_ssl_get_output_max_frag_len( const mbedtls_ssl_context *ssl );
+size_t mbedtls_ssl_get_output_max_frag_len(const mbedtls_ssl_context *ssl);
 
 /**
  * \brief          Return the maximum fragment length (payload, in bytes) for
@@ -3740,7 +3804,7 @@ size_t mbedtls_ssl_get_output_max_frag_len( const mbedtls_ssl_context *ssl );
  *
  * \return         Current maximum fragment length for the output buffer.
  */
-size_t mbedtls_ssl_get_input_max_frag_len( const mbedtls_ssl_context *ssl );
+size_t mbedtls_ssl_get_input_max_frag_len(const mbedtls_ssl_context *ssl);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 
@@ -3765,7 +3829,7 @@ size_t mbedtls_ssl_get_input_max_frag_len( const mbedtls_ssl_context *ssl );
  * \return         Current maximum fragment length for the output buffer.
  */
 MBEDTLS_DEPRECATED size_t mbedtls_ssl_get_max_frag_len(
-                                        const mbedtls_ssl_context *ssl );
+    const mbedtls_ssl_context *ssl);
 #endif /* MBEDTLS_DEPRECATED_REMOVED */
 #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
 
@@ -3796,7 +3860,7 @@ MBEDTLS_DEPRECATED size_t mbedtls_ssl_get_max_frag_len(
  * \return         Current maximum payload for an outgoing record,
  *                 or a negative error code.
  */
-int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl );
+int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl);
 
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
 /**
@@ -3829,7 +3893,7 @@ int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl );
  *                 If you want to use the certificate across API calls,
  *                 you must make a copy.
  */
-const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl );
+const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert(const mbedtls_ssl_context *ssl);
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
 
 #if defined(MBEDTLS_SSL_CLI_C)
@@ -3859,7 +3923,7 @@ const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ss
  *
  * \sa             mbedtls_ssl_set_session()
  */
-int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, mbedtls_ssl_session *session );
+int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl, mbedtls_ssl_session *session);
 #endif /* MBEDTLS_SSL_CLI_C */
 
 /**
@@ -3911,8 +3975,12 @@ int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, mbedtls_ssl_session
  *                 in which case the datagram of the underlying transport that is
  *                 currently being processed might or might not contain further
  *                 DTLS records.
+ *
+ * \note           If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                 subsystem must have been initialized by calling
+ *                 psa_crypto_init() before calling this function.
  */
-int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_handshake(mbedtls_ssl_context *ssl);
 
 /**
  * \brief          Perform a single step of the SSL handshake
@@ -3934,7 +4002,7 @@ int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl );
  *                 re-using it for a new connection; the current connection
  *                 must be closed.
  */
-int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_handshake_step(mbedtls_ssl_context *ssl);
 
 #if defined(MBEDTLS_SSL_RENEGOTIATION)
 /**
@@ -3960,7 +4028,7 @@ int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl );
  *                 must be closed.
  *
  */
-int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_renegotiate(mbedtls_ssl_context *ssl);
 #endif /* MBEDTLS_SSL_RENEGOTIATION */
 
 /**
@@ -4040,7 +4108,7 @@ int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl );
  *                   \c mbedtls_ssl_check_pending to check for remaining records.
  *
  */
-int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len );
+int mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len);
 
 /**
  * \brief          Try to write exactly 'len' application data bytes
@@ -4102,7 +4170,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
  * \note           Attempting to write 0 bytes will result in an empty TLS
  *                 application record being sent.
  */
-int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len );
+int mbedtls_ssl_write(mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len);
 
 /**
  * \brief           Send an alert message
@@ -4120,9 +4188,9 @@ int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_
  *                 call \c mbedtls_ssl_session_reset() on it before re-using it
  *                 for a new connection; the current connection must be closed.
  */
-int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl,
-                            unsigned char level,
-                            unsigned char message );
+int mbedtls_ssl_send_alert_message(mbedtls_ssl_context *ssl,
+                                   unsigned char level,
+                                   unsigned char message);
 /**
  * \brief          Notify the peer that the connection is being closed
  *
@@ -4136,14 +4204,14 @@ int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl,
  *                 call \c mbedtls_ssl_session_reset() on it before re-using it
  *                 for a new connection; the current connection must be closed.
  */
-int mbedtls_ssl_close_notify( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_close_notify(mbedtls_ssl_context *ssl);
 
 /**
  * \brief          Free referenced items in an SSL context and clear memory
  *
  * \param ssl      SSL context
  */
-void mbedtls_ssl_free( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_free(mbedtls_ssl_context *ssl);
 
 #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
 /**
@@ -4188,16 +4256,16 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl );
  * \return         \c 0 if successful.
  * \return         #MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL if \p buf is too small.
  * \return         #MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed
- *                 while reseting the context.
+ *                 while resetting the context.
  * \return         #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if a handshake is in
  *                 progress, or there is pending data for reading or sending,
  *                 or the connection does not use DTLS 1.2 with an AEAD
  *                 ciphersuite, or renegotiation is enabled.
  */
-int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl,
-                              unsigned char *buf,
-                              size_t buf_len,
-                              size_t *olen );
+int mbedtls_ssl_context_save(mbedtls_ssl_context *ssl,
+                             unsigned char *buf,
+                             size_t buf_len,
+                             size_t *olen);
 
 /**
  * \brief          Load serialized connection data to an SSL context.
@@ -4264,9 +4332,9 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl,
  *                 comes from a different Mbed TLS version or build.
  * \return         #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if input data is invalid.
  */
-int mbedtls_ssl_context_load( mbedtls_ssl_context *ssl,
-                              const unsigned char *buf,
-                              size_t len );
+int mbedtls_ssl_context_load(mbedtls_ssl_context *ssl,
+                             const unsigned char *buf,
+                             size_t len);
 #endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
 
 /**
@@ -4279,10 +4347,10 @@ int mbedtls_ssl_context_load( mbedtls_ssl_context *ssl,
  *
  * \param conf     SSL configuration context
  */
-void mbedtls_ssl_config_init( mbedtls_ssl_config *conf );
+void mbedtls_ssl_config_init(mbedtls_ssl_config *conf);
 
 /**
- * \brief          Load reasonnable default SSL configuration values.
+ * \brief          Load reasonable default SSL configuration values.
  *                 (You need to call mbedtls_ssl_config_init() first.)
  *
  * \param conf     SSL configuration context
@@ -4296,22 +4364,22 @@ void mbedtls_ssl_config_init( mbedtls_ssl_config *conf );
  * \return         0 if successful, or
  *                 MBEDTLS_ERR_XXX_ALLOC_FAILED on memory allocation error.
  */
-int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
-                                 int endpoint, int transport, int preset );
+int mbedtls_ssl_config_defaults(mbedtls_ssl_config *conf,
+                                int endpoint, int transport, int preset);
 
 /**
  * \brief          Free an SSL configuration context
  *
  * \param conf     SSL configuration context
  */
-void mbedtls_ssl_config_free( mbedtls_ssl_config *conf );
+void mbedtls_ssl_config_free(mbedtls_ssl_config *conf);
 
 /**
  * \brief          Initialize SSL session structure
  *
  * \param session  SSL session
  */
-void mbedtls_ssl_session_init( mbedtls_ssl_session *session );
+void mbedtls_ssl_session_init(mbedtls_ssl_session *session);
 
 /**
  * \brief          Free referenced items in an SSL session including the
@@ -4322,12 +4390,12 @@ void mbedtls_ssl_session_init( mbedtls_ssl_session *session );
  *
  * \param session  SSL session
  */
-void mbedtls_ssl_session_free( mbedtls_ssl_session *session );
+void mbedtls_ssl_session_free(mbedtls_ssl_session *session);
 
 /**
  * \brief          TLS-PRF function for key derivation.
  *
- * \param prf      The tls_prf type funtion type to be used.
+ * \param prf      The tls_prf type function type to be used.
  * \param secret   Secret for the key derivation function.
  * \param slen     Length of the secret.
  * \param label    String label for the key derivation function,
@@ -4337,13 +4405,13 @@ void mbedtls_ssl_session_free( mbedtls_ssl_session *session );
  * \param dstbuf   The buffer holding the derived key.
  * \param dlen     Length of the output buffer.
  *
- * \return         0 on sucess. An SSL specific error on failure.
+ * \return         0 on success. An SSL specific error on failure.
  */
-int  mbedtls_ssl_tls_prf( const mbedtls_tls_prf_types prf,
-                          const unsigned char *secret, size_t slen,
-                          const char *label,
-                          const unsigned char *random, size_t rlen,
-                          unsigned char *dstbuf, size_t dlen );
+int  mbedtls_ssl_tls_prf(const mbedtls_tls_prf_types prf,
+                         const unsigned char *secret, size_t slen,
+                         const char *label,
+                         const unsigned char *random, size_t rlen,
+                         unsigned char *dstbuf, size_t dlen);
 
 #ifdef __cplusplus
 }
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/ssl_cache.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/ssl_cache.h
new file mode 100644
index 0000000..cadb30c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/ssl_cache.h
@@ -0,0 +1,143 @@
+/**
+ * \file ssl_cache.h
+ *
+ * \brief SSL session cache implementation
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_SSL_CACHE_H
+#define MBEDTLS_SSL_CACHE_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/ssl.h"
+
+#if defined(MBEDTLS_THREADING_C)
+#include "mbedtls/threading.h"
+#endif
+
+/**
+ * \name SECTION: Module settings
+ *
+ * The configuration options you can set for this module are in this section.
+ * Either change them in config.h or define them on the compiler command line.
+ * \{
+ */
+
+#if !defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT)
+#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT       86400   /*!< 1 day  */
+#endif
+
+#if !defined(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES)
+#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES      50   /*!< Maximum entries in cache */
+#endif
+
+/** \} name SECTION: Module settings */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct mbedtls_ssl_cache_context mbedtls_ssl_cache_context;
+typedef struct mbedtls_ssl_cache_entry mbedtls_ssl_cache_entry;
+
+/**
+ * \brief   This structure is used for storing cache entries
+ */
+struct mbedtls_ssl_cache_entry {
+#if defined(MBEDTLS_HAVE_TIME)
+    mbedtls_time_t timestamp;           /*!< entry timestamp    */
+#endif
+    mbedtls_ssl_session session;        /*!< entry session      */
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
+    defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    mbedtls_x509_buf peer_cert;         /*!< entry peer_cert    */
+#endif
+    mbedtls_ssl_cache_entry *next;      /*!< chain pointer      */
+};
+
+/**
+ * \brief Cache context
+ */
+struct mbedtls_ssl_cache_context {
+    mbedtls_ssl_cache_entry *chain;     /*!< start of the chain     */
+    int timeout;                /*!< cache entry timeout    */
+    int max_entries;            /*!< maximum entries        */
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_threading_mutex_t mutex;    /*!< mutex                  */
+#endif
+};
+
+/**
+ * \brief          Initialize an SSL cache context
+ *
+ * \param cache    SSL cache context
+ */
+void mbedtls_ssl_cache_init(mbedtls_ssl_cache_context *cache);
+
+/**
+ * \brief          Cache get callback implementation
+ *                 (Thread-safe if MBEDTLS_THREADING_C is enabled)
+ *
+ * \param data     SSL cache context
+ * \param session  session to retrieve entry for
+ *
+ * \return                \c 0 on success.
+ * \return                #MBEDTLS_ERR_SSL_CACHE_ENTRY_NOT_FOUND if there is
+ *                        no cache entry with specified session ID found, or
+ *                        any other negative error code for other failures.
+ */
+int mbedtls_ssl_cache_get(void *data, mbedtls_ssl_session *session);
+
+/**
+ * \brief          Cache set callback implementation
+ *                 (Thread-safe if MBEDTLS_THREADING_C is enabled)
+ *
+ * \param data     SSL cache context
+ * \param session  session to store entry for
+ *
+ * \return                \c 0 on success.
+ * \return                A negative error code on failure.
+ */
+int mbedtls_ssl_cache_set(void *data, const mbedtls_ssl_session *session);
+
+#if defined(MBEDTLS_HAVE_TIME)
+/**
+ * \brief          Set the cache timeout
+ *                 (Default: MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT (1 day))
+ *
+ *                 A timeout of 0 indicates no timeout.
+ *
+ * \param cache    SSL cache context
+ * \param timeout  cache entry timeout in seconds
+ */
+void mbedtls_ssl_cache_set_timeout(mbedtls_ssl_cache_context *cache, int timeout);
+#endif /* MBEDTLS_HAVE_TIME */
+
+/**
+ * \brief          Set the maximum number of cache entries
+ *                 (Default: MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES (50))
+ *
+ * \param cache    SSL cache context
+ * \param max      cache entry maximum
+ */
+void mbedtls_ssl_cache_set_max_entries(mbedtls_ssl_cache_context *cache, int max);
+
+/**
+ * \brief          Free referenced items in a cache context and clear memory
+ *
+ * \param cache    SSL cache context
+ */
+void mbedtls_ssl_cache_free(mbedtls_ssl_cache_context *cache);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* ssl_cache.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/ssl_ciphersuites.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/ssl_ciphersuites.h
similarity index 90%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/ssl_ciphersuites.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/ssl_ciphersuites.h
index 93c32a5..199014f 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/ssl_ciphersuites.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/ssl_ciphersuites.h
@@ -1,23 +1,11 @@
 /**
  * \file ssl_ciphersuites.h
  *
- * \brief SSL Ciphersuites for mbed TLS
+ * \brief SSL Ciphersuites for Mbed TLS
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 #ifndef MBEDTLS_SSL_CIPHERSUITES_H
 #define MBEDTLS_SSL_CIPHERSUITES_H
@@ -385,10 +373,9 @@ typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t;
 /**
  * \brief   This structure is used for storing ciphersuite information
  */
-struct mbedtls_ssl_ciphersuite_t
-{
+struct mbedtls_ssl_ciphersuite_t {
     int id;
-    const char * name;
+    const char *name;
 
     mbedtls_cipher_type_t cipher;
     mbedtls_md_type_t mac;
@@ -402,92 +389,87 @@ struct mbedtls_ssl_ciphersuite_t
     unsigned char flags;
 };
 
-const int *mbedtls_ssl_list_ciphersuites( void );
+const int *mbedtls_ssl_list_ciphersuites(void);
 
-const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name );
-const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id );
+const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(const char *ciphersuite_name);
+const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id(int ciphersuite_id);
 
 #if defined(MBEDTLS_PK_C)
-mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info );
-mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info );
+mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info);
+mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info);
 #endif
 
-int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info );
-int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info );
+int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info);
+int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info);
 
 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED)
-static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_has_pfs(const mbedtls_ssl_ciphersuite_t *info)
 {
-    switch( info->key_exchange )
-    {
+    switch (info->key_exchange) {
         case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
         case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
-            return( 1 );
+            return 1;
 
         default:
-            return( 0 );
+            return 0;
     }
 }
 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED */
 
 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED)
-static inline int mbedtls_ssl_ciphersuite_no_pfs( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_no_pfs(const mbedtls_ssl_ciphersuite_t *info)
 {
-    switch( info->key_exchange )
-    {
+    switch (info->key_exchange) {
         case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
         case MBEDTLS_KEY_EXCHANGE_RSA:
         case MBEDTLS_KEY_EXCHANGE_PSK:
         case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
-            return( 1 );
+            return 1;
 
         default:
-            return( 0 );
+            return 0;
     }
 }
 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */
 
 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED)
-static inline int mbedtls_ssl_ciphersuite_uses_ecdh( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_uses_ecdh(const mbedtls_ssl_ciphersuite_t *info)
 {
-    switch( info->key_exchange )
-    {
+    switch (info->key_exchange) {
         case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
-            return( 1 );
+            return 1;
 
         default:
-            return( 0 );
+            return 0;
     }
 }
 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */
 
-static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_cert_req_allowed(const mbedtls_ssl_ciphersuite_t *info)
 {
-    switch( info->key_exchange )
-    {
+    switch (info->key_exchange) {
         case MBEDTLS_KEY_EXCHANGE_RSA:
         case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
-            return( 1 );
+            return 1;
 
         default:
-            return( 0 );
+            return 0;
     }
 }
 
-static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_uses_srv_cert(const mbedtls_ssl_ciphersuite_t *info)
 {
-    switch( info->key_exchange )
-    {
+    switch (info->key_exchange) {
         case MBEDTLS_KEY_EXCHANGE_RSA:
         case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
         case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
@@ -495,56 +477,54 @@ static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( const mbedtls_ssl_ciphe
         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
-            return( 1 );
+            return 1;
 
         default:
-            return( 0 );
+            return 0;
     }
 }
 
 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED)
-static inline int mbedtls_ssl_ciphersuite_uses_dhe( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_uses_dhe(const mbedtls_ssl_ciphersuite_t *info)
 {
-    switch( info->key_exchange )
-    {
+    switch (info->key_exchange) {
         case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
-            return( 1 );
+            return 1;
 
         default:
-            return( 0 );
+            return 0;
     }
 }
 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) */
 
 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
-static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_uses_ecdhe(const mbedtls_ssl_ciphersuite_t *info)
 {
-    switch( info->key_exchange )
-    {
+    switch (info->key_exchange) {
         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
-            return( 1 );
+            return 1;
 
         default:
-            return( 0 );
+            return 0;
     }
 }
 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) */
 
 #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
-static inline int mbedtls_ssl_ciphersuite_uses_server_signature( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_uses_server_signature(
+    const mbedtls_ssl_ciphersuite_t *info)
 {
-    switch( info->key_exchange )
-    {
+    switch (info->key_exchange) {
         case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
-            return( 1 );
+            return 1;
 
         default:
-            return( 0 );
+            return 0;
     }
 }
 #endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/ssl_cookie.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/ssl_cookie.h
new file mode 100644
index 0000000..85a1b4a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/ssl_cookie.h
@@ -0,0 +1,100 @@
+/**
+ * \file ssl_cookie.h
+ *
+ * \brief DTLS cookie callbacks implementation
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_SSL_COOKIE_H
+#define MBEDTLS_SSL_COOKIE_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/ssl.h"
+
+#if defined(MBEDTLS_THREADING_C)
+#include "mbedtls/threading.h"
+#endif
+
+/**
+ * \name SECTION: Module settings
+ *
+ * The configuration options you can set for this module are in this section.
+ * Either change them in config.h or define them on the compiler command line.
+ * \{
+ */
+#ifndef MBEDTLS_SSL_COOKIE_TIMEOUT
+#define MBEDTLS_SSL_COOKIE_TIMEOUT     60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
+#endif
+
+/** \} name SECTION: Module settings */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          Context for the default cookie functions.
+ */
+typedef struct mbedtls_ssl_cookie_ctx {
+    mbedtls_md_context_t    hmac_ctx;   /*!< context for the HMAC portion   */
+#if !defined(MBEDTLS_HAVE_TIME)
+    unsigned long   serial;     /*!< serial number for expiration   */
+#endif
+    unsigned long   timeout;    /*!< timeout delay, in seconds if HAVE_TIME,
+                                     or in number of tickets issued */
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_threading_mutex_t mutex;
+#endif
+} mbedtls_ssl_cookie_ctx;
+
+/**
+ * \brief          Initialize cookie context
+ */
+void mbedtls_ssl_cookie_init(mbedtls_ssl_cookie_ctx *ctx);
+
+/**
+ * \brief          Setup cookie context (generate keys)
+ */
+int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng);
+
+/**
+ * \brief          Set expiration delay for cookies
+ *                 (Default MBEDTLS_SSL_COOKIE_TIMEOUT)
+ *
+ * \param ctx      Cookie context
+ * \param delay    Delay, in seconds if HAVE_TIME, or in number of cookies
+ *                 issued in the meantime.
+ *                 0 to disable expiration (NOT recommended)
+ */
+void mbedtls_ssl_cookie_set_timeout(mbedtls_ssl_cookie_ctx *ctx, unsigned long delay);
+
+/**
+ * \brief          Free cookie context
+ */
+void mbedtls_ssl_cookie_free(mbedtls_ssl_cookie_ctx *ctx);
+
+/**
+ * \brief          Generate cookie, see \c mbedtls_ssl_cookie_write_t
+ */
+mbedtls_ssl_cookie_write_t mbedtls_ssl_cookie_write;
+
+/**
+ * \brief          Verify cookie, see \c mbedtls_ssl_cookie_write_t
+ */
+mbedtls_ssl_cookie_check_t mbedtls_ssl_cookie_check;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* ssl_cookie.h */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/ssl_internal.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/ssl_internal.h
new file mode 100644
index 0000000..3a40b4b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/ssl_internal.h
@@ -0,0 +1,1328 @@
+/**
+ * \file ssl_internal.h
+ *
+ * \brief Internal functions shared by the SSL modules
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_SSL_INTERNAL_H
+#define MBEDTLS_SSL_INTERNAL_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/ssl.h"
+#include "mbedtls/cipher.h"
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif
+
+#if defined(MBEDTLS_MD5_C)
+#include "mbedtls/md5.h"
+#endif
+
+#if defined(MBEDTLS_SHA1_C)
+#include "mbedtls/sha1.h"
+#endif
+
+#if defined(MBEDTLS_SHA256_C)
+#include "mbedtls/sha256.h"
+#endif
+
+#if defined(MBEDTLS_SHA512_C)
+#include "mbedtls/sha512.h"
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+#include "mbedtls/ecjpake.h"
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+/* Determine minimum supported version */
+#define MBEDTLS_SSL_MIN_MAJOR_VERSION           MBEDTLS_SSL_MAJOR_VERSION_3
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+#define MBEDTLS_SSL_MIN_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_0
+#else
+#if defined(MBEDTLS_SSL_PROTO_TLS1)
+#define MBEDTLS_SSL_MIN_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_1
+#else
+#if defined(MBEDTLS_SSL_PROTO_TLS1_1)
+#define MBEDTLS_SSL_MIN_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_2
+#else
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#define MBEDTLS_SSL_MIN_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_3
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */
+#endif /* MBEDTLS_SSL_PROTO_TLS1   */
+#endif /* MBEDTLS_SSL_PROTO_SSL3   */
+
+#define MBEDTLS_SSL_MIN_VALID_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_1
+#define MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3
+
+/* Determine maximum supported version */
+#define MBEDTLS_SSL_MAX_MAJOR_VERSION           MBEDTLS_SSL_MAJOR_VERSION_3
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#define MBEDTLS_SSL_MAX_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_3
+#else
+#if defined(MBEDTLS_SSL_PROTO_TLS1_1)
+#define MBEDTLS_SSL_MAX_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_2
+#else
+#if defined(MBEDTLS_SSL_PROTO_TLS1)
+#define MBEDTLS_SSL_MAX_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_1
+#else
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+#define MBEDTLS_SSL_MAX_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_0
+#endif /* MBEDTLS_SSL_PROTO_SSL3   */
+#endif /* MBEDTLS_SSL_PROTO_TLS1   */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+/* Shorthand for restartable ECC */
+#if defined(MBEDTLS_ECP_RESTARTABLE) && \
+    defined(MBEDTLS_SSL_CLI_C) && \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
+#define MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED
+#endif
+
+#define MBEDTLS_SSL_INITIAL_HANDSHAKE           0
+#define MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS   1   /* In progress */
+#define MBEDTLS_SSL_RENEGOTIATION_DONE          2   /* Done or aborted */
+#define MBEDTLS_SSL_RENEGOTIATION_PENDING       3   /* Requested (server only) */
+
+/*
+ * DTLS retransmission states, see RFC 6347 4.2.4
+ *
+ * The SENDING state is merged in PREPARING for initial sends,
+ * but is distinct for resends.
+ *
+ * Note: initial state is wrong for server, but is not used anyway.
+ */
+#define MBEDTLS_SSL_RETRANS_PREPARING       0
+#define MBEDTLS_SSL_RETRANS_SENDING         1
+#define MBEDTLS_SSL_RETRANS_WAITING         2
+#define MBEDTLS_SSL_RETRANS_FINISHED        3
+
+/*
+ * Allow extra bytes for record, authentication and encryption overhead:
+ * counter (8) + header (5) + IV(16) + MAC (16-48) + padding (0-256)
+ * and allow for a maximum of 1024 of compression expansion if
+ * enabled.
+ */
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+#define MBEDTLS_SSL_COMPRESSION_ADD          1024
+#else
+#define MBEDTLS_SSL_COMPRESSION_ADD             0
+#endif
+
+/* This macro determines whether CBC is supported. */
+#if defined(MBEDTLS_CIPHER_MODE_CBC) &&                               \
+    (defined(MBEDTLS_AES_C)      ||                                  \
+    defined(MBEDTLS_CAMELLIA_C) ||                                  \
+    defined(MBEDTLS_ARIA_C)     ||                                  \
+    defined(MBEDTLS_DES_C))
+#define MBEDTLS_SSL_SOME_SUITES_USE_CBC
+#endif
+
+/* This macro determines whether the CBC construct used in TLS 1.0-1.2 (as
+ * opposed to the very different CBC construct used in SSLv3) is supported. */
+#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) && \
+    (defined(MBEDTLS_SSL_PROTO_TLS1) ||        \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1) ||      \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2))
+#define MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC
+#endif
+
+#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) ||   \
+    defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC)
+#define MBEDTLS_SSL_SOME_MODES_USE_MAC
+#endif
+
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+/* Ciphersuites using HMAC */
+#if defined(MBEDTLS_SHA512_C)
+#define MBEDTLS_SSL_MAC_ADD                 48  /* SHA-384 used for HMAC */
+#elif defined(MBEDTLS_SHA256_C)
+#define MBEDTLS_SSL_MAC_ADD                 32  /* SHA-256 used for HMAC */
+#else
+#define MBEDTLS_SSL_MAC_ADD                 20  /* SHA-1   used for HMAC */
+#endif
+#else /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
+/* AEAD ciphersuites: GCM and CCM use a 128 bits tag */
+#define MBEDTLS_SSL_MAC_ADD                 16
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#define MBEDTLS_SSL_PADDING_ADD            256
+#else
+#define MBEDTLS_SSL_PADDING_ADD              0
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+#define MBEDTLS_SSL_MAX_CID_EXPANSION      MBEDTLS_SSL_CID_PADDING_GRANULARITY
+#else
+#define MBEDTLS_SSL_MAX_CID_EXPANSION        0
+#endif
+
+#define MBEDTLS_SSL_PAYLOAD_OVERHEAD (MBEDTLS_SSL_COMPRESSION_ADD +    \
+                                      MBEDTLS_MAX_IV_LENGTH +          \
+                                      MBEDTLS_SSL_MAC_ADD +            \
+                                      MBEDTLS_SSL_PADDING_ADD +        \
+                                      MBEDTLS_SSL_MAX_CID_EXPANSION    \
+                                      )
+
+#define MBEDTLS_SSL_IN_PAYLOAD_LEN (MBEDTLS_SSL_PAYLOAD_OVERHEAD + \
+                                    (MBEDTLS_SSL_IN_CONTENT_LEN))
+
+#define MBEDTLS_SSL_OUT_PAYLOAD_LEN (MBEDTLS_SSL_PAYLOAD_OVERHEAD + \
+                                     (MBEDTLS_SSL_OUT_CONTENT_LEN))
+
+/* The maximum number of buffered handshake messages. */
+#define MBEDTLS_SSL_MAX_BUFFERED_HS 4
+
+/* Maximum length we can advertise as our max content length for
+   RFC 6066 max_fragment_length extension negotiation purposes
+   (the lesser of both sizes, if they are unequal.)
+ */
+#define MBEDTLS_TLS_EXT_ADV_CONTENT_LEN (                            \
+        (MBEDTLS_SSL_IN_CONTENT_LEN > MBEDTLS_SSL_OUT_CONTENT_LEN)   \
+        ? (MBEDTLS_SSL_OUT_CONTENT_LEN)                            \
+        : (MBEDTLS_SSL_IN_CONTENT_LEN)                             \
+        )
+
+/* Maximum size in bytes of list in sig-hash algorithm ext., RFC 5246 */
+#define MBEDTLS_SSL_MAX_SIG_HASH_ALG_LIST_LEN  65534
+
+/* Maximum size in bytes of list in supported elliptic curve ext., RFC 4492 */
+#define MBEDTLS_SSL_MAX_CURVE_LIST_LEN         65535
+
+/*
+ * Check that we obey the standard's message size bounds
+ */
+
+#if MBEDTLS_SSL_MAX_CONTENT_LEN > 16384
+#error "Bad configuration - record content too large."
+#endif
+
+#if MBEDTLS_SSL_IN_CONTENT_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN
+#error \
+    "Bad configuration - incoming record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN."
+#endif
+
+#if MBEDTLS_SSL_OUT_CONTENT_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN
+#error \
+    "Bad configuration - outgoing record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN."
+#endif
+
+#if MBEDTLS_SSL_IN_PAYLOAD_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN + 2048
+#error "Bad configuration - incoming protected record payload too large."
+#endif
+
+#if MBEDTLS_SSL_OUT_PAYLOAD_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN + 2048
+#error "Bad configuration - outgoing protected record payload too large."
+#endif
+
+/* Calculate buffer sizes */
+
+/* Note: Even though the TLS record header is only 5 bytes
+   long, we're internally using 8 bytes to store the
+   implicit sequence number. */
+#define MBEDTLS_SSL_HEADER_LEN 13
+
+#if !defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+#define MBEDTLS_SSL_IN_BUFFER_LEN  \
+    ((MBEDTLS_SSL_HEADER_LEN) + (MBEDTLS_SSL_IN_PAYLOAD_LEN))
+#else
+#define MBEDTLS_SSL_IN_BUFFER_LEN  \
+    ((MBEDTLS_SSL_HEADER_LEN) + (MBEDTLS_SSL_IN_PAYLOAD_LEN) \
+     + (MBEDTLS_SSL_CID_IN_LEN_MAX))
+#endif
+
+#if !defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+#define MBEDTLS_SSL_OUT_BUFFER_LEN  \
+    ((MBEDTLS_SSL_HEADER_LEN) + (MBEDTLS_SSL_OUT_PAYLOAD_LEN))
+#else
+#define MBEDTLS_SSL_OUT_BUFFER_LEN                               \
+    ((MBEDTLS_SSL_HEADER_LEN) + (MBEDTLS_SSL_OUT_PAYLOAD_LEN)    \
+     + (MBEDTLS_SSL_CID_OUT_LEN_MAX))
+#endif
+
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+static inline size_t mbedtls_ssl_get_output_buflen(const mbedtls_ssl_context *ctx)
+{
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    return mbedtls_ssl_get_output_max_frag_len(ctx)
+           + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD
+           + MBEDTLS_SSL_CID_OUT_LEN_MAX;
+#else
+    return mbedtls_ssl_get_output_max_frag_len(ctx)
+           + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD;
+#endif
+}
+
+static inline size_t mbedtls_ssl_get_input_buflen(const mbedtls_ssl_context *ctx)
+{
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    return mbedtls_ssl_get_input_max_frag_len(ctx)
+           + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD
+           + MBEDTLS_SSL_CID_IN_LEN_MAX;
+#else
+    return mbedtls_ssl_get_input_max_frag_len(ctx)
+           + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD;
+#endif
+}
+#endif
+
+#ifdef MBEDTLS_ZLIB_SUPPORT
+/* Compression buffer holds both IN and OUT buffers, so should be size of the larger */
+#define MBEDTLS_SSL_COMPRESS_BUFFER_LEN (                               \
+        (MBEDTLS_SSL_IN_BUFFER_LEN > MBEDTLS_SSL_OUT_BUFFER_LEN)      \
+        ? MBEDTLS_SSL_IN_BUFFER_LEN                                     \
+        : MBEDTLS_SSL_OUT_BUFFER_LEN                                    \
+        )
+#endif
+
+/*
+ * TLS extension flags (for extensions with outgoing ServerHello content
+ * that need it (e.g. for RENEGOTIATION_INFO the server already knows because
+ * of state of the renegotiation flag, so no indicator is required)
+ */
+#define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT (1 << 0)
+#define MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK                 (1 << 1)
+
+/**
+ * \brief        This function checks if the remaining size in a buffer is
+ *               greater or equal than a needed space.
+ *
+ * \param cur    Pointer to the current position in the buffer.
+ * \param end    Pointer to one past the end of the buffer.
+ * \param need   Needed space in bytes.
+ *
+ * \return       Zero if the needed space is available in the buffer, non-zero
+ *               otherwise.
+ */
+static inline int mbedtls_ssl_chk_buf_ptr(const uint8_t *cur,
+                                          const uint8_t *end, size_t need)
+{
+    return (cur > end) || (need > (size_t) (end - cur));
+}
+
+/**
+ * \brief        This macro checks if the remaining size in a buffer is
+ *               greater or equal than a needed space. If it is not the case,
+ *               it returns an SSL_BUFFER_TOO_SMALL error.
+ *
+ * \param cur    Pointer to the current position in the buffer.
+ * \param end    Pointer to one past the end of the buffer.
+ * \param need   Needed space in bytes.
+ *
+ */
+#define MBEDTLS_SSL_CHK_BUF_PTR(cur, end, need)                        \
+    do {                                                                 \
+        if (mbedtls_ssl_chk_buf_ptr((cur), (end), (need)) != 0) \
+        {                                                                \
+            return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;                  \
+        }                                                                \
+    } while (0)
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+/*
+ * Abstraction for a grid of allowed signature-hash-algorithm pairs.
+ */
+struct mbedtls_ssl_sig_hash_set_t {
+    /* At the moment, we only need to remember a single suitable
+     * hash algorithm per signature algorithm. As long as that's
+     * the case - and we don't need a general lookup function -
+     * we can implement the sig-hash-set as a map from signatures
+     * to hash algorithms. */
+    mbedtls_md_type_t rsa;
+    mbedtls_md_type_t ecdsa;
+};
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
+          MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+typedef int  mbedtls_ssl_tls_prf_cb(const unsigned char *secret, size_t slen,
+                                    const char *label,
+                                    const unsigned char *random, size_t rlen,
+                                    unsigned char *dstbuf, size_t dlen);
+
+/* cipher.h exports the maximum IV, key and block length from
+ * all ciphers enabled in the config, regardless of whether those
+ * ciphers are actually usable in SSL/TLS. Notably, XTS is enabled
+ * in the default configuration and uses 64 Byte keys, but it is
+ * not used for record protection in SSL/TLS.
+ *
+ * In order to prevent unnecessary inflation of key structures,
+ * we introduce SSL-specific variants of the max-{key,block,IV}
+ * macros here which are meant to only take those ciphers into
+ * account which can be negotiated in SSL/TLS.
+ *
+ * Since the current definitions of MBEDTLS_MAX_{KEY|BLOCK|IV}_LENGTH
+ * in cipher.h are rough overapproximations of the real maxima, here
+ * we content ourselves with replicating those overapproximations
+ * for the maximum block and IV length, and excluding XTS from the
+ * computation of the maximum key length. */
+#define MBEDTLS_SSL_MAX_BLOCK_LENGTH 16
+#define MBEDTLS_SSL_MAX_IV_LENGTH    16
+#define MBEDTLS_SSL_MAX_KEY_LENGTH   32
+
+/**
+ * \brief   The data structure holding the cryptographic material (key and IV)
+ *          used for record protection in TLS 1.3.
+ */
+struct mbedtls_ssl_key_set {
+    /*! The key for client->server records. */
+    unsigned char client_write_key[MBEDTLS_SSL_MAX_KEY_LENGTH];
+    /*! The key for server->client records. */
+    unsigned char server_write_key[MBEDTLS_SSL_MAX_KEY_LENGTH];
+    /*! The IV  for client->server records. */
+    unsigned char client_write_iv[MBEDTLS_SSL_MAX_IV_LENGTH];
+    /*! The IV  for server->client records. */
+    unsigned char server_write_iv[MBEDTLS_SSL_MAX_IV_LENGTH];
+
+    size_t key_len; /*!< The length of client_write_key and
+                     *   server_write_key, in Bytes. */
+    size_t iv_len;  /*!< The length of client_write_iv and
+                     *   server_write_iv, in Bytes. */
+};
+typedef struct mbedtls_ssl_key_set mbedtls_ssl_key_set;
+
+/*
+ * This structure contains the parameters only needed during handshake.
+ */
+struct mbedtls_ssl_handshake_params {
+    /*
+     * Handshake specific crypto variables
+     */
+
+    uint8_t max_major_ver;              /*!< max. major version client*/
+    uint8_t max_minor_ver;              /*!< max. minor version client*/
+    uint8_t resume;                     /*!<  session resume indicator*/
+    uint8_t cli_exts;                   /*!< client extension presence*/
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) &&        \
+    defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    uint8_t sni_authmode;               /*!< authmode from SNI callback     */
+#endif
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    uint8_t new_session_ticket;         /*!< use NewSessionTicket?    */
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    uint8_t extended_ms;                /*!< use Extended Master Secret? */
+#endif
+
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+    uint8_t async_in_progress;          /*!< an asynchronous operation is in progress */
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    unsigned char retransmit_state;     /*!<  Retransmission state           */
+#endif
+
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+    uint8_t ecrs_enabled;               /*!< Handshake supports EC restart? */
+    enum { /* this complements ssl->state with info on intra-state operations */
+        ssl_ecrs_none = 0,              /*!< nothing going on (yet)         */
+        ssl_ecrs_crt_verify,            /*!< Certificate: crt_verify()      */
+        ssl_ecrs_ske_start_processing,  /*!< ServerKeyExchange: pk_verify() */
+        ssl_ecrs_cke_ecdh_calc_secret,  /*!< ClientKeyExchange: ECDH step 2 */
+        ssl_ecrs_crt_vrfy_sign,         /*!< CertificateVerify: pk_sign()   */
+    } ecrs_state;                       /*!< current (or last) operation    */
+    mbedtls_x509_crt *ecrs_peer_cert;   /*!< The peer's CRT chain.          */
+    size_t ecrs_n;                      /*!< place for saving a length      */
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) &&                \
+    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    mbedtls_ssl_sig_hash_set_t hash_algs;             /*!<  Set of suitable sig-hash pairs */
+#endif
+
+    size_t pmslen;                      /*!<  premaster length        */
+
+    mbedtls_ssl_ciphersuite_t const *ciphersuite_info;
+
+    void (*update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t);
+    void (*calc_verify)(const mbedtls_ssl_context *, unsigned char *, size_t *);
+    void (*calc_finished)(mbedtls_ssl_context *, unsigned char *, int);
+    mbedtls_ssl_tls_prf_cb *tls_prf;
+
+#if defined(MBEDTLS_DHM_C)
+    mbedtls_dhm_context dhm_ctx;                /*!<  DHM key exchange        */
+#endif
+
+/* Adding guard for MBEDTLS_ECDSA_C to ensure no compile errors due
+ * to guards also being in ssl_srv.c and ssl_cli.c. There is a gap
+ * in functionality that access to ecdh_ctx structure is needed for
+ * MBEDTLS_ECDSA_C which does not seem correct.
+ */
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
+    mbedtls_ecdh_context ecdh_ctx;              /*!<  ECDH key exchange       */
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_key_type_t ecdh_psa_type;
+    uint16_t ecdh_bits;
+    psa_key_id_t ecdh_psa_privkey;
+    unsigned char ecdh_psa_peerkey[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH];
+    size_t ecdh_psa_peerkey_len;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    mbedtls_ecjpake_context ecjpake_ctx;        /*!< EC J-PAKE key exchange */
+#if defined(MBEDTLS_SSL_CLI_C)
+    unsigned char *ecjpake_cache;               /*!< Cache for ClientHello ext */
+    size_t ecjpake_cache_len;                   /*!< Length of cached data */
+#endif
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ||      \
+    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    const mbedtls_ecp_curve_info **curves;      /*!<  Supported elliptic curves */
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_key_id_t psk_opaque;            /*!< Opaque PSK from the callback   */
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    unsigned char *psk;                 /*!<  PSK from the callback         */
+    size_t psk_len;                     /*!<  Length of PSK from callback   */
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    mbedtls_ssl_key_cert *key_cert;     /*!< chosen key/cert pair (server)  */
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    mbedtls_ssl_key_cert *sni_key_cert; /*!< key/cert list from SNI         */
+    mbedtls_x509_crt *sni_ca_chain;     /*!< trusted CAs from SNI callback  */
+    mbedtls_x509_crl *sni_ca_crl;       /*!< trusted CAs CRLs from SNI      */
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+    mbedtls_x509_crt_restart_ctx ecrs_ctx;  /*!< restart context            */
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) &&        \
+    !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    mbedtls_pk_context peer_pubkey;     /*!< The public key from the peer.  */
+#endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    struct {
+        size_t total_bytes_buffered; /*!< Cumulative size of heap allocated
+                                      *   buffers used for message buffering. */
+
+        uint8_t seen_ccs;               /*!< Indicates if a CCS message has
+                                         *   been seen in the current flight. */
+
+        struct mbedtls_ssl_hs_buffer {
+            unsigned is_valid      : 1;
+            unsigned is_fragmented : 1;
+            unsigned is_complete   : 1;
+            unsigned char *data;
+            size_t data_len;
+        } hs[MBEDTLS_SSL_MAX_BUFFERED_HS];
+
+        struct {
+            unsigned char *data;
+            size_t len;
+            unsigned epoch;
+        } future_record;
+
+    } buffering;
+
+    unsigned int out_msg_seq;           /*!<  Outgoing handshake sequence number */
+    unsigned int in_msg_seq;            /*!<  Incoming handshake sequence number */
+
+    unsigned char *verify_cookie;       /*!<  Cli: HelloVerifyRequest cookie
+                                              Srv: unused                    */
+    unsigned char verify_cookie_len;    /*!<  Cli: cookie length
+                                              Srv: flag for sending a cookie */
+
+    uint32_t retransmit_timeout;        /*!<  Current value of timeout       */
+    mbedtls_ssl_flight_item *flight;    /*!<  Current outgoing flight        */
+    mbedtls_ssl_flight_item *cur_msg;   /*!<  Current message in flight      */
+    unsigned char *cur_msg_p;           /*!<  Position in current message    */
+    unsigned int in_flight_start_seq;   /*!<  Minimum message sequence in the
+                                              flight being received          */
+    mbedtls_ssl_transform *alt_transform_out;   /*!<  Alternative transform for
+                                                   resending messages             */
+    unsigned char alt_out_ctr[8];       /*!<  Alternative record epoch/counter
+                                              for resending messages         */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    /* The state of CID configuration in this handshake. */
+
+    uint8_t cid_in_use; /*!< This indicates whether the use of the CID extension
+                         *   has been negotiated. Possible values are
+                         *   #MBEDTLS_SSL_CID_ENABLED and
+                         *   #MBEDTLS_SSL_CID_DISABLED. */
+    unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX];   /*! The peer's CID */
+    uint8_t peer_cid_len;                                  /*!< The length of
+                                                            *   \c peer_cid.  */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+    uint16_t mtu;                       /*!<  Handshake mtu, used to fragment outgoing messages */
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    /*
+     * Checksum contexts
+     */
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+    mbedtls_md5_context fin_md5;
+    mbedtls_sha1_context fin_sha1;
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA256_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_hash_operation_t fin_sha256_psa;
+#else
+    mbedtls_sha256_context fin_sha256;
+#endif
+#endif
+#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_hash_operation_t fin_sha384_psa;
+#else
+    mbedtls_sha512_context fin_sha512;
+#endif
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+    unsigned char randbytes[64];        /*!<  random bytes            */
+    unsigned char premaster[MBEDTLS_PREMASTER_SIZE];
+    /*!<  premaster secret        */
+
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+    /** Asynchronous operation context. This field is meant for use by the
+     * asynchronous operation callbacks (mbedtls_ssl_config::f_async_sign_start,
+     * mbedtls_ssl_config::f_async_decrypt_start,
+     * mbedtls_ssl_config::f_async_resume, mbedtls_ssl_config::f_async_cancel).
+     * The library does not use it internally. */
+    void *user_async_ctx;
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+};
+
+typedef struct mbedtls_ssl_hs_buffer mbedtls_ssl_hs_buffer;
+
+/*
+ * Representation of decryption/encryption transformations on records
+ *
+ * There are the following general types of record transformations:
+ * - Stream transformations (TLS versions <= 1.2 only)
+ *   Transformation adding a MAC and applying a stream-cipher
+ *   to the authenticated message.
+ * - CBC block cipher transformations ([D]TLS versions <= 1.2 only)
+ *   In addition to the distinction of the order of encryption and
+ *   authentication, there's a fundamental difference between the
+ *   handling in SSL3 & TLS 1.0 and TLS 1.1 and TLS 1.2: For SSL3
+ *   and TLS 1.0, the final IV after processing a record is used
+ *   as the IV for the next record. No explicit IV is contained
+ *   in an encrypted record. The IV for the first record is extracted
+ *   at key extraction time. In contrast, for TLS 1.1 and 1.2, no
+ *   IV is generated at key extraction time, but every encrypted
+ *   record is explicitly prefixed by the IV with which it was encrypted.
+ * - AEAD transformations ([D]TLS versions >= 1.2 only)
+ *   These come in two fundamentally different versions, the first one
+ *   used in TLS 1.2, excluding ChaChaPoly ciphersuites, and the second
+ *   one used for ChaChaPoly ciphersuites in TLS 1.2 as well as for TLS 1.3.
+ *   In the first transformation, the IV to be used for a record is obtained
+ *   as the concatenation of an explicit, static 4-byte IV and the 8-byte
+ *   record sequence number, and explicitly prepending this sequence number
+ *   to the encrypted record. In contrast, in the second transformation
+ *   the IV is obtained by XOR'ing a static IV obtained at key extraction
+ *   time with the 8-byte record sequence number, without prepending the
+ *   latter to the encrypted record.
+ *
+ * Additionally, DTLS 1.2 + CID as well as TLS 1.3 use an inner plaintext
+ * which allows to add flexible length padding and to hide a record's true
+ * content type.
+ *
+ * In addition to type and version, the following parameters are relevant:
+ * - The symmetric cipher algorithm to be used.
+ * - The (static) encryption/decryption keys for the cipher.
+ * - For stream/CBC, the type of message digest to be used.
+ * - For stream/CBC, (static) encryption/decryption keys for the digest.
+ * - For AEAD transformations, the size (potentially 0) of an explicit,
+ *   random initialization vector placed in encrypted records.
+ * - For some transformations (currently AEAD and CBC in SSL3 and TLS 1.0)
+ *   an implicit IV. It may be static (e.g. AEAD) or dynamic (e.g. CBC)
+ *   and (if present) is combined with the explicit IV in a transformation-
+ *   dependent way (e.g. appending in TLS 1.2 and XOR'ing in TLS 1.3).
+ * - For stream/CBC, a flag determining the order of encryption and MAC.
+ * - The details of the transformation depend on the SSL/TLS version.
+ * - The length of the authentication tag.
+ *
+ * Note: Except for CBC in SSL3 and TLS 1.0, these parameters are
+ *       constant across multiple encryption/decryption operations.
+ *       For CBC, the implicit IV needs to be updated after each
+ *       operation.
+ *
+ * The struct below refines this abstract view as follows:
+ * - The cipher underlying the transformation is managed in
+ *   cipher contexts cipher_ctx_{enc/dec}, which must have the
+ *   same cipher type. The mode of these cipher contexts determines
+ *   the type of the transformation in the sense above: e.g., if
+ *   the type is MBEDTLS_CIPHER_AES_256_CBC resp. MBEDTLS_CIPHER_AES_192_GCM
+ *   then the transformation has type CBC resp. AEAD.
+ * - The cipher keys are never stored explicitly but
+ *   are maintained within cipher_ctx_{enc/dec}.
+ * - For stream/CBC transformations, the message digest contexts
+ *   used for the MAC's are stored in md_ctx_{enc/dec}. These contexts
+ *   are unused for AEAD transformations.
+ * - For stream/CBC transformations and versions > SSL3, the
+ *   MAC keys are not stored explicitly but maintained within
+ *   md_ctx_{enc/dec}.
+ * - For stream/CBC transformations and version SSL3, the MAC
+ *   keys are stored explicitly in mac_enc, mac_dec and have
+ *   a fixed size of 20 bytes. These fields are unused for
+ *   AEAD transformations or transformations >= TLS 1.0.
+ * - For transformations using an implicit IV maintained within
+ *   the transformation context, its contents are stored within
+ *   iv_{enc/dec}.
+ * - The value of ivlen indicates the length of the IV.
+ *   This is redundant in case of stream/CBC transformations
+ *   which always use 0 resp. the cipher's block length as the
+ *   IV length, but is needed for AEAD ciphers and may be
+ *   different from the underlying cipher's block length
+ *   in this case.
+ * - The field fixed_ivlen is nonzero for AEAD transformations only
+ *   and indicates the length of the static part of the IV which is
+ *   constant throughout the communication, and which is stored in
+ *   the first fixed_ivlen bytes of the iv_{enc/dec} arrays.
+ *   Note: For CBC in SSL3 and TLS 1.0, the fields iv_{enc/dec}
+ *   still store IV's for continued use across multiple transformations,
+ *   so it is not true that fixed_ivlen == 0 means that iv_{enc/dec} are
+ *   not being used!
+ * - minor_ver denotes the SSL/TLS version
+ * - For stream/CBC transformations, maclen denotes the length of the
+ *   authentication tag, while taglen is unused and 0.
+ * - For AEAD transformations, taglen denotes the length of the
+ *   authentication tag, while maclen is unused and 0.
+ * - For CBC transformations, encrypt_then_mac determines the
+ *   order of encryption and authentication. This field is unused
+ *   in other transformations.
+ *
+ */
+struct mbedtls_ssl_transform {
+    /*
+     * Session specific crypto layer
+     */
+    size_t minlen;                      /*!<  min. ciphertext length  */
+    size_t ivlen;                       /*!<  IV length               */
+    size_t fixed_ivlen;                 /*!<  Fixed part of IV (AEAD) */
+    size_t maclen;                      /*!<  MAC(CBC) len            */
+    size_t taglen;                      /*!<  TAG(AEAD) len           */
+
+    unsigned char iv_enc[16];           /*!<  IV (encryption)         */
+    unsigned char iv_dec[16];           /*!<  IV (decryption)         */
+
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    /* Needed only for SSL v3.0 secret */
+    unsigned char mac_enc[20];          /*!<  SSL v3.0 secret (enc)   */
+    unsigned char mac_dec[20];          /*!<  SSL v3.0 secret (dec)   */
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+
+    mbedtls_md_context_t md_ctx_enc;            /*!<  MAC (encryption)        */
+    mbedtls_md_context_t md_ctx_dec;            /*!<  MAC (decryption)        */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    int encrypt_then_mac;       /*!< flag for EtM activation                */
+#endif
+
+#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
+
+    mbedtls_cipher_context_t cipher_ctx_enc;    /*!<  encryption context      */
+    mbedtls_cipher_context_t cipher_ctx_dec;    /*!<  decryption context      */
+    int minor_ver;
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    uint8_t in_cid_len;
+    uint8_t out_cid_len;
+    unsigned char in_cid[MBEDTLS_SSL_CID_IN_LEN_MAX];
+    unsigned char out_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX];
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+    /*
+     * Session specific compression layer
+     */
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    z_stream ctx_deflate;               /*!<  compression context     */
+    z_stream ctx_inflate;               /*!<  decompression context   */
+#endif
+
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+    /* We need the Hello random bytes in order to re-derive keys from the
+     * Master Secret and other session info, see ssl_populate_transform() */
+    unsigned char randbytes[64]; /*!< ServerHello.random+ClientHello.random */
+#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
+};
+
+/*
+ * Return 1 if the transform uses an AEAD cipher, 0 otherwise.
+ * Equivalently, return 0 if a separate MAC is used, 1 otherwise.
+ */
+static inline int mbedtls_ssl_transform_uses_aead(
+    const mbedtls_ssl_transform *transform)
+{
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+    return transform->maclen == 0 && transform->taglen != 0;
+#else
+    (void) transform;
+    return 1;
+#endif
+}
+
+/*
+ * Internal representation of record frames
+ *
+ * Instances come in two flavors:
+ * (1) Encrypted
+ *     These always have data_offset = 0
+ * (2) Unencrypted
+ *     These have data_offset set to the amount of
+ *     pre-expansion during record protection. Concretely,
+ *     this is the length of the fixed part of the explicit IV
+ *     used for encryption, or 0 if no explicit IV is used
+ *     (e.g. for CBC in TLS 1.0, or stream ciphers).
+ *
+ * The reason for the data_offset in the unencrypted case
+ * is to allow for in-place conversion of an unencrypted to
+ * an encrypted record. If the offset wasn't included, the
+ * encrypted content would need to be shifted afterwards to
+ * make space for the fixed IV.
+ *
+ */
+#if MBEDTLS_SSL_CID_OUT_LEN_MAX > MBEDTLS_SSL_CID_IN_LEN_MAX
+#define MBEDTLS_SSL_CID_LEN_MAX MBEDTLS_SSL_CID_OUT_LEN_MAX
+#else
+#define MBEDTLS_SSL_CID_LEN_MAX MBEDTLS_SSL_CID_IN_LEN_MAX
+#endif
+
+typedef struct {
+    uint8_t ctr[8];         /* In TLS:  The implicit record sequence number.
+                             * In DTLS: The 2-byte epoch followed by
+                             *          the 6-byte sequence number.
+                             * This is stored as a raw big endian byte array
+                             * as opposed to a uint64_t because we rarely
+                             * need to perform arithmetic on this, but do
+                             * need it as a Byte array for the purpose of
+                             * MAC computations.                             */
+    uint8_t type;           /* The record content type.                      */
+    uint8_t ver[2];         /* SSL/TLS version as present on the wire.
+                             * Convert to internal presentation of versions
+                             * using mbedtls_ssl_read_version() and
+                             * mbedtls_ssl_write_version().
+                             * Keep wire-format for MAC computations.        */
+
+    unsigned char *buf;     /* Memory buffer enclosing the record content    */
+    size_t buf_len;         /* Buffer length                                 */
+    size_t data_offset;     /* Offset of record content                      */
+    size_t data_len;        /* Length of record content                      */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    uint8_t cid_len;        /* Length of the CID (0 if not present)          */
+    unsigned char cid[MBEDTLS_SSL_CID_LEN_MAX];   /* The CID                 */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+} mbedtls_record;
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+/*
+ * List of certificate + private key pairs
+ */
+struct mbedtls_ssl_key_cert {
+    mbedtls_x509_crt *cert;                 /*!< cert                       */
+    mbedtls_pk_context *key;                /*!< private key                */
+    mbedtls_ssl_key_cert *next;             /*!< next key/cert pair         */
+};
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+/*
+ * List of handshake messages kept around for resending
+ */
+struct mbedtls_ssl_flight_item {
+    unsigned char *p;       /*!< message, including handshake headers   */
+    size_t len;             /*!< length of p                            */
+    unsigned char type;     /*!< type of the message: handshake or CCS  */
+    mbedtls_ssl_flight_item *next;  /*!< next handshake message(s)              */
+};
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+
+/* Find an entry in a signature-hash set matching a given hash algorithm. */
+mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find(mbedtls_ssl_sig_hash_set_t *set,
+                                                mbedtls_pk_type_t sig_alg);
+/* Add a signature-hash-pair to a signature-hash set */
+void mbedtls_ssl_sig_hash_set_add(mbedtls_ssl_sig_hash_set_t *set,
+                                  mbedtls_pk_type_t sig_alg,
+                                  mbedtls_md_type_t md_alg);
+/* Allow exactly one hash algorithm for each signature. */
+void mbedtls_ssl_sig_hash_set_const_hash(mbedtls_ssl_sig_hash_set_t *set,
+                                         mbedtls_md_type_t md_alg);
+
+/* Setup an empty signature-hash set */
+static inline void mbedtls_ssl_sig_hash_set_init(mbedtls_ssl_sig_hash_set_t *set)
+{
+    mbedtls_ssl_sig_hash_set_const_hash(set, MBEDTLS_MD_NONE);
+}
+
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2) &&
+          MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+/**
+ * \brief           Free referenced items in an SSL transform context and clear
+ *                  memory
+ *
+ * \param transform SSL transform context
+ */
+void mbedtls_ssl_transform_free(mbedtls_ssl_transform *transform);
+
+/**
+ * \brief           Free referenced items in an SSL handshake context and clear
+ *                  memory
+ *
+ * \param ssl       SSL context
+ */
+void mbedtls_ssl_handshake_free(mbedtls_ssl_context *ssl);
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_handshake_client_step(mbedtls_ssl_context *ssl);
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_handshake_server_step(mbedtls_ssl_context *ssl);
+void mbedtls_ssl_handshake_wrapup(mbedtls_ssl_context *ssl);
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_send_fatal_handshake_failure(mbedtls_ssl_context *ssl);
+
+void mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl);
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_derive_keys(mbedtls_ssl_context *ssl);
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_handle_message_type(mbedtls_ssl_context *ssl);
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl);
+void mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl);
+
+/**
+ * \brief       Update record layer
+ *
+ *              This function roughly separates the implementation
+ *              of the logic of (D)TLS from the implementation
+ *              of the secure transport.
+ *
+ * \param  ssl              The SSL context to use.
+ * \param  update_hs_digest This indicates if the handshake digest
+ *                          should be automatically updated in case
+ *                          a handshake message is found.
+ *
+ * \return      0 or non-zero error code.
+ *
+ * \note        A clarification on what is called 'record layer' here
+ *              is in order, as many sensible definitions are possible:
+ *
+ *              The record layer takes as input an untrusted underlying
+ *              transport (stream or datagram) and transforms it into
+ *              a serially multiplexed, secure transport, which
+ *              conceptually provides the following:
+ *
+ *              (1) Three datagram based, content-agnostic transports
+ *                  for handshake, alert and CCS messages.
+ *              (2) One stream- or datagram-based transport
+ *                  for application data.
+ *              (3) Functionality for changing the underlying transform
+ *                  securing the contents.
+ *
+ *              The interface to this functionality is given as follows:
+ *
+ *              a Updating
+ *                [Currently implemented by mbedtls_ssl_read_record]
+ *
+ *                Check if and on which of the four 'ports' data is pending:
+ *                Nothing, a controlling datagram of type (1), or application
+ *                data (2). In any case data is present, internal buffers
+ *                provide access to the data for the user to process it.
+ *                Consumption of type (1) datagrams is done automatically
+ *                on the next update, invalidating that the internal buffers
+ *                for previous datagrams, while consumption of application
+ *                data (2) is user-controlled.
+ *
+ *              b Reading of application data
+ *                [Currently manual adaption of ssl->in_offt pointer]
+ *
+ *                As mentioned in the last paragraph, consumption of data
+ *                is different from the automatic consumption of control
+ *                datagrams (1) because application data is treated as a stream.
+ *
+ *              c Tracking availability of application data
+ *                [Currently manually through decreasing ssl->in_msglen]
+ *
+ *                For efficiency and to retain datagram semantics for
+ *                application data in case of DTLS, the record layer
+ *                provides functionality for checking how much application
+ *                data is still available in the internal buffer.
+ *
+ *              d Changing the transformation securing the communication.
+ *
+ *              Given an opaque implementation of the record layer in the
+ *              above sense, it should be possible to implement the logic
+ *              of (D)TLS on top of it without the need to know anything
+ *              about the record layer's internals. This is done e.g.
+ *              in all the handshake handling functions, and in the
+ *              application data reading function mbedtls_ssl_read.
+ *
+ * \note        The above tries to give a conceptual picture of the
+ *              record layer, but the current implementation deviates
+ *              from it in some places. For example, our implementation of
+ *              the update functionality through mbedtls_ssl_read_record
+ *              discards datagrams depending on the current state, which
+ *              wouldn't fall under the record layer's responsibility
+ *              following the above definition.
+ *
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_read_record(mbedtls_ssl_context *ssl,
+                            unsigned update_hs_digest);
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_fetch_input(mbedtls_ssl_context *ssl, size_t nb_want);
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_write_handshake_msg(mbedtls_ssl_context *ssl);
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_write_record(mbedtls_ssl_context *ssl, uint8_t force_flush);
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_flush_output(mbedtls_ssl_context *ssl);
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_parse_certificate(mbedtls_ssl_context *ssl);
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_write_certificate(mbedtls_ssl_context *ssl);
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_parse_change_cipher_spec(mbedtls_ssl_context *ssl);
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_write_change_cipher_spec(mbedtls_ssl_context *ssl);
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_parse_finished(mbedtls_ssl_context *ssl);
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_write_finished(mbedtls_ssl_context *ssl);
+
+void mbedtls_ssl_optimize_checksum(mbedtls_ssl_context *ssl,
+                                   const mbedtls_ssl_ciphersuite_t *ciphersuite_info);
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_psk_derive_premaster(mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex);
+
+/**
+ * Get the first defined PSK by order of precedence:
+ * 1. handshake PSK set by \c mbedtls_ssl_set_hs_psk() in the PSK callback
+ * 2. static PSK configured by \c mbedtls_ssl_conf_psk()
+ * Return a code and update the pair (PSK, PSK length) passed to this function
+ */
+static inline int mbedtls_ssl_get_psk(const mbedtls_ssl_context *ssl,
+                                      const unsigned char **psk, size_t *psk_len)
+{
+    if (ssl->handshake->psk != NULL && ssl->handshake->psk_len > 0) {
+        *psk = ssl->handshake->psk;
+        *psk_len = ssl->handshake->psk_len;
+    } else if (ssl->conf->psk != NULL && ssl->conf->psk_len > 0) {
+        *psk = ssl->conf->psk;
+        *psk_len = ssl->conf->psk_len;
+    } else {
+        *psk = NULL;
+        *psk_len = 0;
+        return MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED;
+    }
+
+    return 0;
+}
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/**
+ * Get the first defined opaque PSK by order of precedence:
+ * 1. handshake PSK set by \c mbedtls_ssl_set_hs_psk_opaque() in the PSK
+ *    callback
+ * 2. static PSK configured by \c mbedtls_ssl_conf_psk_opaque()
+ * Return an opaque PSK
+ */
+static inline psa_key_id_t mbedtls_ssl_get_opaque_psk(
+    const mbedtls_ssl_context *ssl)
+{
+    if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) {
+        return ssl->handshake->psk_opaque;
+    }
+
+    if (!mbedtls_svc_key_id_is_null(ssl->conf->psk_opaque)) {
+        return ssl->conf->psk_opaque;
+    }
+
+    return MBEDTLS_SVC_KEY_ID_INIT;
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+
+#if defined(MBEDTLS_PK_C)
+unsigned char mbedtls_ssl_sig_from_pk(mbedtls_pk_context *pk);
+unsigned char mbedtls_ssl_sig_from_pk_alg(mbedtls_pk_type_t type);
+mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig(unsigned char sig);
+#endif
+
+mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash(unsigned char hash);
+unsigned char mbedtls_ssl_hash_from_md_alg(int md);
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_set_calc_verify_md(mbedtls_ssl_context *ssl, int md);
+
+#if defined(MBEDTLS_ECP_C)
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_check_curve(const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id);
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_check_curve_tls_id(const mbedtls_ssl_context *ssl, uint16_t tls_id);
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_check_sig_hash(const mbedtls_ssl_context *ssl,
+                               mbedtls_md_type_t md);
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+static inline mbedtls_ssl_srtp_profile mbedtls_ssl_check_srtp_profile_value
+    (const uint16_t srtp_profile_value)
+{
+    switch (srtp_profile_value) {
+        case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80:
+        case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32:
+        case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80:
+        case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32:
+            return srtp_profile_value;
+        default: break;
+    }
+    return MBEDTLS_TLS_SRTP_UNSET;
+}
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+static inline mbedtls_pk_context *mbedtls_ssl_own_key(mbedtls_ssl_context *ssl)
+{
+    mbedtls_ssl_key_cert *key_cert;
+
+    if (ssl->handshake != NULL && ssl->handshake->key_cert != NULL) {
+        key_cert = ssl->handshake->key_cert;
+    } else {
+        key_cert = ssl->conf->key_cert;
+    }
+
+    return key_cert == NULL ? NULL : key_cert->key;
+}
+
+static inline mbedtls_x509_crt *mbedtls_ssl_own_cert(mbedtls_ssl_context *ssl)
+{
+    mbedtls_ssl_key_cert *key_cert;
+
+    if (ssl->handshake != NULL && ssl->handshake->key_cert != NULL) {
+        key_cert = ssl->handshake->key_cert;
+    } else {
+        key_cert = ssl->conf->key_cert;
+    }
+
+    return key_cert == NULL ? NULL : key_cert->cert;
+}
+
+/*
+ * Check usage of a certificate wrt extensions:
+ * keyUsage, extendedKeyUsage (later), and nSCertType (later).
+ *
+ * Warning: cert_endpoint is the endpoint of the cert (ie, of our peer when we
+ * check a cert we received from them)!
+ *
+ * Return 0 if everything is OK, -1 if not.
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_check_cert_usage(const mbedtls_x509_crt *cert,
+                                 const mbedtls_ssl_ciphersuite_t *ciphersuite,
+                                 int cert_endpoint,
+                                 uint32_t *flags);
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+void mbedtls_ssl_write_version(int major, int minor, int transport,
+                               unsigned char ver[2]);
+void mbedtls_ssl_read_version(int *major, int *minor, int transport,
+                              const unsigned char ver[2]);
+
+static inline size_t mbedtls_ssl_in_hdr_len(const mbedtls_ssl_context *ssl)
+{
+#if !defined(MBEDTLS_SSL_PROTO_DTLS)
+    ((void) ssl);
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        return 13;
+    } else
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+    {
+        return 5;
+    }
+}
+
+static inline size_t mbedtls_ssl_out_hdr_len(const mbedtls_ssl_context *ssl)
+{
+    return (size_t) (ssl->out_iv - ssl->out_hdr);
+}
+
+static inline size_t mbedtls_ssl_hs_hdr_len(const mbedtls_ssl_context *ssl)
+{
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        return 12;
+    }
+#else
+    ((void) ssl);
+#endif
+    return 4;
+}
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+void mbedtls_ssl_send_flight_completed(mbedtls_ssl_context *ssl);
+void mbedtls_ssl_recv_flight_completed(mbedtls_ssl_context *ssl);
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_resend(mbedtls_ssl_context *ssl);
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_flight_transmit(mbedtls_ssl_context *ssl);
+#endif
+
+/* Visible for testing purposes only */
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_dtls_replay_check(mbedtls_ssl_context const *ssl);
+void mbedtls_ssl_dtls_replay_update(mbedtls_ssl_context *ssl);
+#endif
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_session_copy(mbedtls_ssl_session *dst,
+                             const mbedtls_ssl_session *src);
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_get_key_exchange_md_ssl_tls(mbedtls_ssl_context *ssl,
+                                            unsigned char *output,
+                                            unsigned char *data, size_t data_len);
+#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
+          MBEDTLS_SSL_PROTO_TLS1_1 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2)
+/* The hash buffer must have at least MBEDTLS_MD_MAX_SIZE bytes of length. */
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_get_key_exchange_md_tls1_2(mbedtls_ssl_context *ssl,
+                                           unsigned char *hash, size_t *hashlen,
+                                           unsigned char *data, size_t data_len,
+                                           mbedtls_md_type_t md_alg);
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
+          MBEDTLS_SSL_PROTO_TLS1_2 */
+
+#ifdef __cplusplus
+}
+#endif
+
+void mbedtls_ssl_transform_init(mbedtls_ssl_transform *transform);
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl,
+                            mbedtls_ssl_transform *transform,
+                            mbedtls_record *rec,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng);
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl,
+                            mbedtls_ssl_transform *transform,
+                            mbedtls_record *rec);
+
+/* Length of the "epoch" field in the record header */
+static inline size_t mbedtls_ssl_ep_len(const mbedtls_ssl_context *ssl)
+{
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        return 2;
+    }
+#else
+    ((void) ssl);
+#endif
+    return 0;
+}
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_resend_hello_request(mbedtls_ssl_context *ssl);
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+void mbedtls_ssl_set_timer(mbedtls_ssl_context *ssl, uint32_t millisecs);
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_check_timer(mbedtls_ssl_context *ssl);
+
+void mbedtls_ssl_reset_in_out_pointers(mbedtls_ssl_context *ssl);
+void mbedtls_ssl_update_out_pointers(mbedtls_ssl_context *ssl,
+                                     mbedtls_ssl_transform *transform);
+void mbedtls_ssl_update_in_pointers(mbedtls_ssl_context *ssl);
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_session_reset_int(mbedtls_ssl_context *ssl, int partial);
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+void mbedtls_ssl_dtls_replay_reset(mbedtls_ssl_context *ssl);
+#endif
+
+void mbedtls_ssl_handshake_wrapup_free_hs_transform(mbedtls_ssl_context *ssl);
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_start_renegotiation(mbedtls_ssl_context *ssl);
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+size_t mbedtls_ssl_get_current_mtu(const mbedtls_ssl_context *ssl);
+void mbedtls_ssl_buffering_free(mbedtls_ssl_context *ssl);
+void mbedtls_ssl_flight_free(mbedtls_ssl_flight_item *flight);
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+#if defined(MBEDTLS_TEST_HOOKS)
+int mbedtls_ssl_check_dtls_clihlo_cookie(
+    mbedtls_ssl_context *ssl,
+    const unsigned char *cli_id, size_t cli_id_len,
+    const unsigned char *in, size_t in_len,
+    unsigned char *obuf, size_t buf_len, size_t *olen);
+#endif
+
+#endif /* ssl_internal.h */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/ssl_ticket.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/ssl_ticket.h
new file mode 100644
index 0000000..ad15923
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/ssl_ticket.h
@@ -0,0 +1,126 @@
+/**
+ * \file ssl_ticket.h
+ *
+ * \brief TLS server ticket callbacks implementation
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_SSL_TICKET_H
+#define MBEDTLS_SSL_TICKET_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+/*
+ * This implementation of the session ticket callbacks includes key
+ * management, rotating the keys periodically in order to preserve forward
+ * secrecy, when MBEDTLS_HAVE_TIME is defined.
+ */
+
+#include "mbedtls/ssl.h"
+#include "mbedtls/cipher.h"
+
+#if defined(MBEDTLS_THREADING_C)
+#include "mbedtls/threading.h"
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief   Information for session ticket protection
+ */
+typedef struct mbedtls_ssl_ticket_key {
+    unsigned char name[4];          /*!< random key identifier              */
+    uint32_t generation_time;       /*!< key generation timestamp (seconds) */
+    mbedtls_cipher_context_t ctx;   /*!< context for auth enc/decryption    */
+}
+mbedtls_ssl_ticket_key;
+
+/**
+ * \brief   Context for session ticket handling functions
+ */
+typedef struct mbedtls_ssl_ticket_context {
+    mbedtls_ssl_ticket_key keys[2]; /*!< ticket protection keys             */
+    unsigned char active;           /*!< index of the currently active key  */
+
+    uint32_t ticket_lifetime;       /*!< lifetime of tickets in seconds     */
+
+    /** Callback for getting (pseudo-)random numbers                        */
+    int  (*f_rng)(void *, unsigned char *, size_t);
+    void *p_rng;                    /*!< context for the RNG function       */
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_threading_mutex_t mutex;
+#endif
+}
+mbedtls_ssl_ticket_context;
+
+/**
+ * \brief           Initialize a ticket context.
+ *                  (Just make it ready for mbedtls_ssl_ticket_setup()
+ *                  or mbedtls_ssl_ticket_free().)
+ *
+ * \param ctx       Context to be initialized
+ */
+void mbedtls_ssl_ticket_init(mbedtls_ssl_ticket_context *ctx);
+
+/**
+ * \brief           Prepare context to be actually used
+ *
+ * \param ctx       Context to be set up
+ * \param f_rng     RNG callback function
+ * \param p_rng     RNG callback context
+ * \param cipher    AEAD cipher to use for ticket protection.
+ *                  Recommended value: MBEDTLS_CIPHER_AES_256_GCM.
+ * \param lifetime  Tickets lifetime in seconds
+ *                  Recommended value: 86400 (one day).
+ *
+ * \note            It is highly recommended to select a cipher that is at
+ *                  least as strong as the strongest ciphersuite
+ *                  supported. Usually that means a 256-bit key.
+ *
+ * \note            The lifetime of the keys is twice the lifetime of tickets.
+ *                  It is recommended to pick a reasonable lifetime so as not
+ *                  to negate the benefits of forward secrecy.
+ *
+ * \return          0 if successful,
+ *                  or a specific MBEDTLS_ERR_XXX error code
+ */
+int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx,
+                             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+                             mbedtls_cipher_type_t cipher,
+                             uint32_t lifetime);
+
+/**
+ * \brief           Implementation of the ticket write callback
+ *
+ * \note            See \c mbedtls_ssl_ticket_write_t for description
+ */
+mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write;
+
+/**
+ * \brief           Implementation of the ticket parse callback
+ *
+ * \note            See \c mbedtls_ssl_ticket_parse_t for description
+ */
+mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse;
+
+/**
+ * \brief           Free a context's content and zeroize it.
+ *
+ * \param ctx       Context to be cleaned up
+ */
+void mbedtls_ssl_ticket_free(mbedtls_ssl_ticket_context *ctx);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* ssl_ticket.h */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/threading.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/threading.h
new file mode 100644
index 0000000..2a03afe
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/threading.h
@@ -0,0 +1,113 @@
+/**
+ * \file threading.h
+ *
+ * \brief Threading abstraction layer
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_THREADING_H
+#define MBEDTLS_THREADING_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stdlib.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE is deprecated and should not be
+ * used. */
+/** The selected feature is not available. */
+#define MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE         -0x001A
+
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_THREADING_BAD_INPUT_DATA              -0x001C
+/** Locking / unlocking / free failed with error code. */
+#define MBEDTLS_ERR_THREADING_MUTEX_ERROR                 -0x001E
+
+#if defined(MBEDTLS_THREADING_PTHREAD)
+#include <pthread.h>
+typedef struct mbedtls_threading_mutex_t {
+    pthread_mutex_t mutex;
+    /* is_valid is 0 after a failed init or a free, and nonzero after a
+     * successful init. This field is not considered part of the public
+     * API of Mbed TLS and may change without notice. */
+    char is_valid;
+} mbedtls_threading_mutex_t;
+#endif
+
+#if defined(MBEDTLS_THREADING_ALT)
+/* You should define the mbedtls_threading_mutex_t type in your header */
+#include "threading_alt.h"
+
+/**
+ * \brief           Set your alternate threading implementation function
+ *                  pointers and initialize global mutexes. If used, this
+ *                  function must be called once in the main thread before any
+ *                  other Mbed TLS function is called, and
+ *                  mbedtls_threading_free_alt() must be called once in the main
+ *                  thread after all other Mbed TLS functions.
+ *
+ * \note            mutex_init() and mutex_free() don't return a status code.
+ *                  If mutex_init() fails, it should leave its argument (the
+ *                  mutex) in a state such that mutex_lock() will fail when
+ *                  called with this argument.
+ *
+ * \param mutex_init    the init function implementation
+ * \param mutex_free    the free function implementation
+ * \param mutex_lock    the lock function implementation
+ * \param mutex_unlock  the unlock function implementation
+ */
+void mbedtls_threading_set_alt(void (*mutex_init)(mbedtls_threading_mutex_t *),
+                               void (*mutex_free)(mbedtls_threading_mutex_t *),
+                               int (*mutex_lock)(mbedtls_threading_mutex_t *),
+                               int (*mutex_unlock)(mbedtls_threading_mutex_t *));
+
+/**
+ * \brief               Free global mutexes.
+ */
+void mbedtls_threading_free_alt(void);
+#endif /* MBEDTLS_THREADING_ALT */
+
+#if defined(MBEDTLS_THREADING_C)
+/*
+ * The function pointers for mutex_init, mutex_free, mutex_ and mutex_unlock
+ *
+ * All these functions are expected to work or the result will be undefined.
+ */
+extern void (*mbedtls_mutex_init)(mbedtls_threading_mutex_t *mutex);
+extern void (*mbedtls_mutex_free)(mbedtls_threading_mutex_t *mutex);
+extern int (*mbedtls_mutex_lock)(mbedtls_threading_mutex_t *mutex);
+extern int (*mbedtls_mutex_unlock)(mbedtls_threading_mutex_t *mutex);
+
+/*
+ * Global mutexes
+ */
+#if defined(MBEDTLS_FS_IO)
+extern mbedtls_threading_mutex_t mbedtls_threading_readdir_mutex;
+#endif
+
+#if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_PLATFORM_GMTIME_R_ALT)
+/* This mutex may or may not be used in the default definition of
+ * mbedtls_platform_gmtime_r(), but in order to determine that,
+ * we need to check POSIX features, hence modify _POSIX_C_SOURCE.
+ * With the current approach, this declaration is orphaned, lacking
+ * an accompanying definition, in case mbedtls_platform_gmtime_r()
+ * doesn't need it, but that's not a problem. */
+extern mbedtls_threading_mutex_t mbedtls_threading_gmtime_mutex;
+#endif /* MBEDTLS_HAVE_TIME_DATE && !MBEDTLS_PLATFORM_GMTIME_R_ALT */
+
+#endif /* MBEDTLS_THREADING_C */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* threading.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/timing.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/timing.h
similarity index 77%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/timing.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/timing.h
index b7290cf..bbc8fff 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/timing.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/timing.h
@@ -5,19 +5,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 #ifndef MBEDTLS_TIMING_H
 #define MBEDTLS_TIMING_H
@@ -41,16 +29,14 @@ extern "C" {
 /**
  * \brief          timer structure
  */
-struct mbedtls_timing_hr_time
-{
+struct mbedtls_timing_hr_time {
     unsigned char opaque[32];
 };
 
 /**
  * \brief          Context for mbedtls_timing_set/get_delay()
  */
-typedef struct mbedtls_timing_delay_context
-{
+typedef struct mbedtls_timing_delay_context {
     struct mbedtls_timing_hr_time   timer;
     uint32_t                        int_ms;
     uint32_t                        fin_ms;
@@ -72,7 +58,7 @@ extern volatile int mbedtls_timing_alarmed;
  * \note           This value starts at an unspecified origin and
  *                 may wrap around.
  */
-unsigned long mbedtls_timing_hardclock( void );
+unsigned long mbedtls_timing_hardclock(void);
 
 /**
  * \brief          Return the elapsed time in milliseconds
@@ -91,7 +77,7 @@ unsigned long mbedtls_timing_hardclock( void );
  *                 get_timer(0) }` the value time1+time2 is only approximately
  *                 the delay since the first reset.
  */
-unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset );
+unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset);
 
 /**
  * \brief          Setup an alarm clock
@@ -103,7 +89,7 @@ unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int
  *                 context, this means one for the whole process, not one per
  *                 thread.
  */
-void mbedtls_set_alarm( int seconds );
+void mbedtls_set_alarm(int seconds);
 
 /**
  * \brief          Set a pair of delays to watch
@@ -119,7 +105,7 @@ void mbedtls_set_alarm( int seconds );
  * \note           To set a single delay, either use \c mbedtls_timing_set_timer
  *                 directly or use this function with int_ms == fin_ms.
  */
-void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms );
+void mbedtls_timing_set_delay(void *data, uint32_t int_ms, uint32_t fin_ms);
 
 /**
  * \brief          Get the status of delays
@@ -133,7 +119,7 @@ void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms );
  *                  1 if only the intermediate delay is passed,
  *                  2 if the final delay is passed.
  */
-int mbedtls_timing_get_delay( void *data );
+int mbedtls_timing_get_delay(void *data);
 
 #if defined(MBEDTLS_SELF_TEST)
 /**
@@ -141,7 +127,7 @@ int mbedtls_timing_get_delay( void *data );
  *
  * \return         0 if successful, or 1 if a test failed
  */
-int mbedtls_timing_self_test( int verbose );
+int mbedtls_timing_self_test(int verbose);
 #endif
 
 #ifdef __cplusplus
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/version.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/version.h
new file mode 100644
index 0000000..0533bca
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/version.h
@@ -0,0 +1,98 @@
+/**
+ * \file version.h
+ *
+ * \brief Run-time version information
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ * This set of compile-time defines and run-time variables can be used to
+ * determine the version number of the Mbed TLS library used.
+ */
+#ifndef MBEDTLS_VERSION_H
+#define MBEDTLS_VERSION_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+/**
+ * The version number x.y.z is split into three parts.
+ * Major, Minor, Patchlevel
+ */
+#define MBEDTLS_VERSION_MAJOR  2
+#define MBEDTLS_VERSION_MINOR  28
+#define MBEDTLS_VERSION_PATCH  7
+
+/**
+ * The single version number has the following structure:
+ *    MMNNPP00
+ *    Major version | Minor version | Patch version
+ */
+#define MBEDTLS_VERSION_NUMBER         0x021C0700
+#define MBEDTLS_VERSION_STRING         "2.28.7"
+#define MBEDTLS_VERSION_STRING_FULL    "Mbed TLS 2.28.7"
+
+#if defined(MBEDTLS_VERSION_C)
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * Get the version number.
+ *
+ * \return          The constructed version number in the format
+ *                  MMNNPP00 (Major, Minor, Patch).
+ */
+unsigned int mbedtls_version_get_number(void);
+
+/**
+ * Get the version string ("x.y.z").
+ *
+ * \param string    The string that will receive the value.
+ *                  (Should be at least 9 bytes in size)
+ */
+void mbedtls_version_get_string(char *string);
+
+/**
+ * Get the full version string ("Mbed TLS x.y.z").
+ *
+ * \param string    The string that will receive the value. The Mbed TLS version
+ *                  string will use 18 bytes AT MOST including a terminating
+ *                  null byte.
+ *                  (So the buffer should be at least 18 bytes to receive this
+ *                  version string).
+ */
+void mbedtls_version_get_string_full(char *string);
+
+/**
+ * \brief           Check if support for a feature was compiled into this
+ *                  Mbed TLS binary. This allows you to see at runtime if the
+ *                  library was for instance compiled with or without
+ *                  Multi-threading support.
+ *
+ * \note            only checks against defines in the sections "System
+ *                  support", "Mbed TLS modules" and "Mbed TLS feature
+ *                  support" in config.h
+ *
+ * \param feature   The string for the define to check (e.g. "MBEDTLS_AES_C")
+ *
+ * \return          0 if the feature is present,
+ *                  -1 if the feature is not present and
+ *                  -2 if support for feature checking as a whole was not
+ *                  compiled in.
+ */
+int mbedtls_version_check_feature(const char *feature);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_VERSION_C */
+
+#endif /* version.h */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/x509.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/x509.h
new file mode 100644
index 0000000..bde998c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/x509.h
@@ -0,0 +1,368 @@
+/**
+ * \file x509.h
+ *
+ * \brief X.509 generic defines and structures
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_X509_H
+#define MBEDTLS_X509_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/asn1.h"
+#include "mbedtls/pk.h"
+
+#if defined(MBEDTLS_RSA_C)
+#include "mbedtls/rsa.h"
+#endif
+
+/**
+ * \addtogroup x509_module
+ * \{
+ */
+
+#if !defined(MBEDTLS_X509_MAX_INTERMEDIATE_CA)
+/**
+ * Maximum number of intermediate CAs in a verification chain.
+ * That is, maximum length of the chain, excluding the end-entity certificate
+ * and the trusted root certificate.
+ *
+ * Set this to a low value to prevent an adversary from making you waste
+ * resources verifying an overlong certificate chain.
+ */
+#define MBEDTLS_X509_MAX_INTERMEDIATE_CA   8
+#endif
+
+/**
+ * \name X509 Error codes
+ * \{
+ */
+/** Unavailable feature, e.g. RSA hashing/encryption combination. */
+#define MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE              -0x2080
+/** Requested OID is unknown. */
+#define MBEDTLS_ERR_X509_UNKNOWN_OID                      -0x2100
+/** The CRT/CRL/CSR format is invalid, e.g. different type expected. */
+#define MBEDTLS_ERR_X509_INVALID_FORMAT                   -0x2180
+/** The CRT/CRL/CSR version element is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_VERSION                  -0x2200
+/** The serial tag or value is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_SERIAL                   -0x2280
+/** The algorithm tag or value is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_ALG                      -0x2300
+/** The name tag or value is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_NAME                     -0x2380
+/** The date tag or value is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_DATE                     -0x2400
+/** The signature tag or value invalid. */
+#define MBEDTLS_ERR_X509_INVALID_SIGNATURE                -0x2480
+/** The extension tag or value is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_EXTENSIONS               -0x2500
+/** CRT/CRL/CSR has an unsupported version number. */
+#define MBEDTLS_ERR_X509_UNKNOWN_VERSION                  -0x2580
+/** Signature algorithm (oid) is unsupported. */
+#define MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG                  -0x2600
+/** Signature algorithms do not match. (see \c ::mbedtls_x509_crt sig_oid) */
+#define MBEDTLS_ERR_X509_SIG_MISMATCH                     -0x2680
+/** Certificate verification failed, e.g. CRL, CA or signature check failed. */
+#define MBEDTLS_ERR_X509_CERT_VERIFY_FAILED               -0x2700
+/** Format not recognized as DER or PEM. */
+#define MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT              -0x2780
+/** Input invalid. */
+#define MBEDTLS_ERR_X509_BAD_INPUT_DATA                   -0x2800
+/** Allocation of memory failed. */
+#define MBEDTLS_ERR_X509_ALLOC_FAILED                     -0x2880
+/** Read/write of file failed. */
+#define MBEDTLS_ERR_X509_FILE_IO_ERROR                    -0x2900
+/** Destination buffer is too small. */
+#define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL                 -0x2980
+/** A fatal error occurred, eg the chain is too long or the vrfy callback failed. */
+#define MBEDTLS_ERR_X509_FATAL_ERROR                      -0x3000
+/** \} name X509 Error codes */
+
+/**
+ * \name X509 Verify codes
+ * \{
+ */
+/* Reminder: update x509_crt_verify_strings[] in library/x509_crt.c */
+#define MBEDTLS_X509_BADCERT_EXPIRED             0x01  /**< The certificate validity has expired. */
+#define MBEDTLS_X509_BADCERT_REVOKED             0x02  /**< The certificate has been revoked (is on a CRL). */
+#define MBEDTLS_X509_BADCERT_CN_MISMATCH         0x04  /**< The certificate Common Name (CN) does not match with the expected CN. */
+#define MBEDTLS_X509_BADCERT_NOT_TRUSTED         0x08  /**< The certificate is not correctly signed by the trusted CA. */
+#define MBEDTLS_X509_BADCRL_NOT_TRUSTED          0x10  /**< The CRL is not correctly signed by the trusted CA. */
+#define MBEDTLS_X509_BADCRL_EXPIRED              0x20  /**< The CRL is expired. */
+#define MBEDTLS_X509_BADCERT_MISSING             0x40  /**< Certificate was missing. */
+#define MBEDTLS_X509_BADCERT_SKIP_VERIFY         0x80  /**< Certificate verification was skipped. */
+#define MBEDTLS_X509_BADCERT_OTHER             0x0100  /**< Other reason (can be used by verify callback) */
+#define MBEDTLS_X509_BADCERT_FUTURE            0x0200  /**< The certificate validity starts in the future. */
+#define MBEDTLS_X509_BADCRL_FUTURE             0x0400  /**< The CRL is from the future */
+#define MBEDTLS_X509_BADCERT_KEY_USAGE         0x0800  /**< Usage does not match the keyUsage extension. */
+#define MBEDTLS_X509_BADCERT_EXT_KEY_USAGE     0x1000  /**< Usage does not match the extendedKeyUsage extension. */
+#define MBEDTLS_X509_BADCERT_NS_CERT_TYPE      0x2000  /**< Usage does not match the nsCertType extension. */
+#define MBEDTLS_X509_BADCERT_BAD_MD            0x4000  /**< The certificate is signed with an unacceptable hash. */
+#define MBEDTLS_X509_BADCERT_BAD_PK            0x8000  /**< The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA). */
+#define MBEDTLS_X509_BADCERT_BAD_KEY         0x010000  /**< The certificate is signed with an unacceptable key (eg bad curve, RSA too short). */
+#define MBEDTLS_X509_BADCRL_BAD_MD           0x020000  /**< The CRL is signed with an unacceptable hash. */
+#define MBEDTLS_X509_BADCRL_BAD_PK           0x040000  /**< The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA). */
+#define MBEDTLS_X509_BADCRL_BAD_KEY          0x080000  /**< The CRL is signed with an unacceptable key (eg bad curve, RSA too short). */
+
+/** \} name X509 Verify codes */
+/** \} addtogroup x509_module */
+
+/*
+ * X.509 v3 Subject Alternative Name types.
+ *      otherName                       [0]     OtherName,
+ *      rfc822Name                      [1]     IA5String,
+ *      dNSName                         [2]     IA5String,
+ *      x400Address                     [3]     ORAddress,
+ *      directoryName                   [4]     Name,
+ *      ediPartyName                    [5]     EDIPartyName,
+ *      uniformResourceIdentifier       [6]     IA5String,
+ *      iPAddress                       [7]     OCTET STRING,
+ *      registeredID                    [8]     OBJECT IDENTIFIER
+ */
+#define MBEDTLS_X509_SAN_OTHER_NAME                      0
+#define MBEDTLS_X509_SAN_RFC822_NAME                     1
+#define MBEDTLS_X509_SAN_DNS_NAME                        2
+#define MBEDTLS_X509_SAN_X400_ADDRESS_NAME               3
+#define MBEDTLS_X509_SAN_DIRECTORY_NAME                  4
+#define MBEDTLS_X509_SAN_EDI_PARTY_NAME                  5
+#define MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER     6
+#define MBEDTLS_X509_SAN_IP_ADDRESS                      7
+#define MBEDTLS_X509_SAN_REGISTERED_ID                   8
+
+/*
+ * X.509 v3 Key Usage Extension flags
+ * Reminder: update x509_info_key_usage() when adding new flags.
+ */
+#define MBEDTLS_X509_KU_DIGITAL_SIGNATURE            (0x80)  /* bit 0 */
+#define MBEDTLS_X509_KU_NON_REPUDIATION              (0x40)  /* bit 1 */
+#define MBEDTLS_X509_KU_KEY_ENCIPHERMENT             (0x20)  /* bit 2 */
+#define MBEDTLS_X509_KU_DATA_ENCIPHERMENT            (0x10)  /* bit 3 */
+#define MBEDTLS_X509_KU_KEY_AGREEMENT                (0x08)  /* bit 4 */
+#define MBEDTLS_X509_KU_KEY_CERT_SIGN                (0x04)  /* bit 5 */
+#define MBEDTLS_X509_KU_CRL_SIGN                     (0x02)  /* bit 6 */
+#define MBEDTLS_X509_KU_ENCIPHER_ONLY                (0x01)  /* bit 7 */
+#define MBEDTLS_X509_KU_DECIPHER_ONLY              (0x8000)  /* bit 8 */
+
+/*
+ * Netscape certificate types
+ * (http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn3.html)
+ */
+
+#define MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT         (0x80)  /* bit 0 */
+#define MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER         (0x40)  /* bit 1 */
+#define MBEDTLS_X509_NS_CERT_TYPE_EMAIL              (0x20)  /* bit 2 */
+#define MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING     (0x10)  /* bit 3 */
+#define MBEDTLS_X509_NS_CERT_TYPE_RESERVED           (0x08)  /* bit 4 */
+#define MBEDTLS_X509_NS_CERT_TYPE_SSL_CA             (0x04)  /* bit 5 */
+#define MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA           (0x02)  /* bit 6 */
+#define MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA  (0x01)  /* bit 7 */
+
+/*
+ * X.509 extension types
+ *
+ * Comments refer to the status for using certificates. Status can be
+ * different for writing certificates or reading CRLs or CSRs.
+ *
+ * Those are defined in oid.h as oid.c needs them in a data structure. Since
+ * these were previously defined here, let's have aliases for compatibility.
+ */
+#define MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER MBEDTLS_OID_X509_EXT_AUTHORITY_KEY_IDENTIFIER
+#define MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER   MBEDTLS_OID_X509_EXT_SUBJECT_KEY_IDENTIFIER
+#define MBEDTLS_X509_EXT_KEY_USAGE                MBEDTLS_OID_X509_EXT_KEY_USAGE
+#define MBEDTLS_X509_EXT_CERTIFICATE_POLICIES     MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES
+#define MBEDTLS_X509_EXT_POLICY_MAPPINGS          MBEDTLS_OID_X509_EXT_POLICY_MAPPINGS
+#define MBEDTLS_X509_EXT_SUBJECT_ALT_NAME         MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME         /* Supported (DNS) */
+#define MBEDTLS_X509_EXT_ISSUER_ALT_NAME          MBEDTLS_OID_X509_EXT_ISSUER_ALT_NAME
+#define MBEDTLS_X509_EXT_SUBJECT_DIRECTORY_ATTRS  MBEDTLS_OID_X509_EXT_SUBJECT_DIRECTORY_ATTRS
+#define MBEDTLS_X509_EXT_BASIC_CONSTRAINTS        MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS        /* Supported */
+#define MBEDTLS_X509_EXT_NAME_CONSTRAINTS         MBEDTLS_OID_X509_EXT_NAME_CONSTRAINTS
+#define MBEDTLS_X509_EXT_POLICY_CONSTRAINTS       MBEDTLS_OID_X509_EXT_POLICY_CONSTRAINTS
+#define MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE       MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE
+#define MBEDTLS_X509_EXT_CRL_DISTRIBUTION_POINTS  MBEDTLS_OID_X509_EXT_CRL_DISTRIBUTION_POINTS
+#define MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY       MBEDTLS_OID_X509_EXT_INIHIBIT_ANYPOLICY
+#define MBEDTLS_X509_EXT_FRESHEST_CRL             MBEDTLS_OID_X509_EXT_FRESHEST_CRL
+#define MBEDTLS_X509_EXT_NS_CERT_TYPE             MBEDTLS_OID_X509_EXT_NS_CERT_TYPE
+
+/*
+ * Storage format identifiers
+ * Recognized formats: PEM and DER
+ */
+#define MBEDTLS_X509_FORMAT_DER                 1
+#define MBEDTLS_X509_FORMAT_PEM                 2
+
+#define MBEDTLS_X509_MAX_DN_NAME_SIZE         256 /**< Maximum value size of a DN entry */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \addtogroup x509_module
+ * \{ */
+
+/**
+ * \name Structures for parsing X.509 certificates, CRLs and CSRs
+ * \{
+ */
+
+/**
+ * Type-length-value structure that allows for ASN1 using DER.
+ */
+typedef mbedtls_asn1_buf mbedtls_x509_buf;
+
+/**
+ * Container for ASN1 bit strings.
+ */
+typedef mbedtls_asn1_bitstring mbedtls_x509_bitstring;
+
+/**
+ * Container for ASN1 named information objects.
+ * It allows for Relative Distinguished Names (e.g. cn=localhost,ou=code,etc.).
+ */
+typedef mbedtls_asn1_named_data mbedtls_x509_name;
+
+/**
+ * Container for a sequence of ASN.1 items
+ */
+typedef mbedtls_asn1_sequence mbedtls_x509_sequence;
+
+/** Container for date and time (precision in seconds). */
+typedef struct mbedtls_x509_time {
+    int year, mon, day;         /**< Date. */
+    int hour, min, sec;         /**< Time. */
+}
+mbedtls_x509_time;
+
+/** \} name Structures for parsing X.509 certificates, CRLs and CSRs */
+
+/**
+ * \brief          Store the certificate DN in printable form into buf;
+ *                 no more than size characters will be written.
+ *
+ * \param buf      Buffer to write to
+ * \param size     Maximum size of buffer
+ * \param dn       The X509 name to represent
+ *
+ * \return         The length of the string written (not including the
+ *                 terminated nul byte), or a negative error code.
+ */
+int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn);
+
+/**
+ * \brief          Store the certificate serial in printable form into buf;
+ *                 no more than size characters will be written.
+ *
+ * \param buf      Buffer to write to
+ * \param size     Maximum size of buffer
+ * \param serial   The X509 serial to represent
+ *
+ * \return         The length of the string written (not including the
+ *                 terminated nul byte), or a negative error code.
+ */
+int mbedtls_x509_serial_gets(char *buf, size_t size, const mbedtls_x509_buf *serial);
+
+/**
+ * \brief          Check a given mbedtls_x509_time against the system time
+ *                 and tell if it's in the past.
+ *
+ * \note           Intended usage is "if( is_past( valid_to ) ) ERROR".
+ *                 Hence the return value of 1 if on internal errors.
+ *
+ * \param to       mbedtls_x509_time to check
+ *
+ * \return         1 if the given time is in the past or an error occurred,
+ *                 0 otherwise.
+ */
+int mbedtls_x509_time_is_past(const mbedtls_x509_time *to);
+
+/**
+ * \brief          Check a given mbedtls_x509_time against the system time
+ *                 and tell if it's in the future.
+ *
+ * \note           Intended usage is "if( is_future( valid_from ) ) ERROR".
+ *                 Hence the return value of 1 if on internal errors.
+ *
+ * \param from     mbedtls_x509_time to check
+ *
+ * \return         1 if the given time is in the future or an error occurred,
+ *                 0 otherwise.
+ */
+int mbedtls_x509_time_is_future(const mbedtls_x509_time *from);
+
+/** \} addtogroup x509_module */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ */
+int mbedtls_x509_self_test(int verbose);
+
+#endif /* MBEDTLS_SELF_TEST */
+
+/*
+ * Internal module functions. You probably do not want to use these unless you
+ * know you do.
+ */
+int mbedtls_x509_get_name(unsigned char **p, const unsigned char *end,
+                          mbedtls_x509_name *cur);
+int mbedtls_x509_get_alg_null(unsigned char **p, const unsigned char *end,
+                              mbedtls_x509_buf *alg);
+int mbedtls_x509_get_alg(unsigned char **p, const unsigned char *end,
+                         mbedtls_x509_buf *alg, mbedtls_x509_buf *params);
+#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
+int mbedtls_x509_get_rsassa_pss_params(const mbedtls_x509_buf *params,
+                                       mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md,
+                                       int *salt_len);
+#endif
+int mbedtls_x509_get_sig(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig);
+int mbedtls_x509_get_sig_alg(const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
+                             mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg,
+                             void **sig_opts);
+int mbedtls_x509_get_time(unsigned char **p, const unsigned char *end,
+                          mbedtls_x509_time *t);
+int mbedtls_x509_get_serial(unsigned char **p, const unsigned char *end,
+                            mbedtls_x509_buf *serial);
+int mbedtls_x509_get_ext(unsigned char **p, const unsigned char *end,
+                         mbedtls_x509_buf *ext, int tag);
+int mbedtls_x509_sig_alg_gets(char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
+                              mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
+                              const void *sig_opts);
+int mbedtls_x509_key_size_helper(char *buf, size_t buf_size, const char *name);
+int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name);
+int mbedtls_x509_set_extension(mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,
+                               int critical, const unsigned char *val,
+                               size_t val_len);
+int mbedtls_x509_write_extensions(unsigned char **p, unsigned char *start,
+                                  mbedtls_asn1_named_data *first);
+int mbedtls_x509_write_names(unsigned char **p, unsigned char *start,
+                             mbedtls_asn1_named_data *first);
+int mbedtls_x509_write_sig(unsigned char **p, unsigned char *start,
+                           const char *oid, size_t oid_len,
+                           unsigned char *sig, size_t size,
+                           mbedtls_pk_type_t pk_alg);
+
+#define MBEDTLS_X509_SAFE_SNPRINTF                          \
+    do {                                                    \
+        if (ret < 0 || (size_t) ret >= n)                  \
+        return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;    \
+                                                          \
+        n -= (size_t) ret;                                  \
+        p += (size_t) ret;                                  \
+    } while (0)
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* x509.h */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/x509_crl.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/x509_crl.h
new file mode 100644
index 0000000..9f755f8
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/x509_crl.h
@@ -0,0 +1,170 @@
+/**
+ * \file x509_crl.h
+ *
+ * \brief X.509 certificate revocation list parsing
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_X509_CRL_H
+#define MBEDTLS_X509_CRL_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/x509.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \addtogroup x509_module
+ * \{ */
+
+/**
+ * \name Structures and functions for parsing CRLs
+ * \{
+ */
+
+/**
+ * Certificate revocation list entry.
+ * Contains the CA-specific serial numbers and revocation dates.
+ */
+typedef struct mbedtls_x509_crl_entry {
+    mbedtls_x509_buf raw;
+
+    mbedtls_x509_buf serial;
+
+    mbedtls_x509_time revocation_date;
+
+    mbedtls_x509_buf entry_ext;
+
+    struct mbedtls_x509_crl_entry *next;
+}
+mbedtls_x509_crl_entry;
+
+/**
+ * Certificate revocation list structure.
+ * Every CRL may have multiple entries.
+ */
+typedef struct mbedtls_x509_crl {
+    mbedtls_x509_buf raw;           /**< The raw certificate data (DER). */
+    mbedtls_x509_buf tbs;           /**< The raw certificate body (DER). The part that is To Be Signed. */
+
+    int version;            /**< CRL version (1=v1, 2=v2) */
+    mbedtls_x509_buf sig_oid;       /**< CRL signature type identifier */
+
+    mbedtls_x509_buf issuer_raw;    /**< The raw issuer data (DER). */
+
+    mbedtls_x509_name issuer;       /**< The parsed issuer data (named information object). */
+
+    mbedtls_x509_time this_update;
+    mbedtls_x509_time next_update;
+
+    mbedtls_x509_crl_entry entry;   /**< The CRL entries containing the certificate revocation times for this CA. */
+
+    mbedtls_x509_buf crl_ext;
+
+    mbedtls_x509_buf sig_oid2;
+    mbedtls_x509_buf sig;
+    mbedtls_md_type_t sig_md;           /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
+    mbedtls_pk_type_t sig_pk;           /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
+    void *sig_opts;             /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
+
+    struct mbedtls_x509_crl *next;
+}
+mbedtls_x509_crl;
+
+/**
+ * \brief          Parse a DER-encoded CRL and append it to the chained list
+ *
+ * \note           If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                 subsystem must have been initialized by calling
+ *                 psa_crypto_init() before calling this function.
+ *
+ * \param chain    points to the start of the chain
+ * \param buf      buffer holding the CRL data in DER format
+ * \param buflen   size of the buffer
+ *                 (including the terminating null byte for PEM data)
+ *
+ * \return         0 if successful, or a specific X509 or PEM error code
+ */
+int mbedtls_x509_crl_parse_der(mbedtls_x509_crl *chain,
+                               const unsigned char *buf, size_t buflen);
+/**
+ * \brief          Parse one or more CRLs and append them to the chained list
+ *
+ * \note           Multiple CRLs are accepted only if using PEM format
+ *
+ * \note           If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                 subsystem must have been initialized by calling
+ *                 psa_crypto_init() before calling this function.
+ *
+ * \param chain    points to the start of the chain
+ * \param buf      buffer holding the CRL data in PEM or DER format
+ * \param buflen   size of the buffer
+ *                 (including the terminating null byte for PEM data)
+ *
+ * \return         0 if successful, or a specific X509 or PEM error code
+ */
+int mbedtls_x509_crl_parse(mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen);
+
+#if defined(MBEDTLS_FS_IO)
+/**
+ * \brief          Load one or more CRLs and append them to the chained list
+ *
+ * \note           Multiple CRLs are accepted only if using PEM format
+ *
+ * \note           If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                 subsystem must have been initialized by calling
+ *                 psa_crypto_init() before calling this function.
+ *
+ * \param chain    points to the start of the chain
+ * \param path     filename to read the CRLs from (in PEM or DER encoding)
+ *
+ * \return         0 if successful, or a specific X509 or PEM error code
+ */
+int mbedtls_x509_crl_parse_file(mbedtls_x509_crl *chain, const char *path);
+#endif /* MBEDTLS_FS_IO */
+
+/**
+ * \brief          Returns an informational string about the CRL.
+ *
+ * \param buf      Buffer to write to
+ * \param size     Maximum size of buffer
+ * \param prefix   A line prefix
+ * \param crl      The X509 CRL to represent
+ *
+ * \return         The length of the string written (not including the
+ *                 terminated nul byte), or a negative error code.
+ */
+int mbedtls_x509_crl_info(char *buf, size_t size, const char *prefix,
+                          const mbedtls_x509_crl *crl);
+
+/**
+ * \brief          Initialize a CRL (chain)
+ *
+ * \param crl      CRL chain to initialize
+ */
+void mbedtls_x509_crl_init(mbedtls_x509_crl *crl);
+
+/**
+ * \brief          Unallocate all CRL data
+ *
+ * \param crl      CRL chain to free
+ */
+void mbedtls_x509_crl_free(mbedtls_x509_crl *crl);
+
+/** \} name Structures and functions for parsing CRLs */
+/** \} addtogroup x509_module */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* mbedtls_x509_crl.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/mbedtls/x509_crt.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/x509_crt.h
similarity index 80%
rename from 3rdparty/mbedtls-2.25.0/include/mbedtls/x509_crt.h
rename to 3rdparty/mbedtls-2.28.7/include/mbedtls/x509_crt.h
index 8e389f8..e6d6a2c 100644
--- a/3rdparty/mbedtls-2.25.0/include/mbedtls/x509_crt.h
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/x509_crt.h
@@ -5,19 +5,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 #ifndef MBEDTLS_X509_CRT_H
 #define MBEDTLS_X509_CRT_H
@@ -49,8 +37,7 @@ extern "C" {
 /**
  * Container for an X.509 certificate. The certificate may be chained.
  */
-typedef struct mbedtls_x509_crt
-{
+typedef struct mbedtls_x509_crt {
     int own_buffer;                     /**< Indicates if \c raw is owned
                                          *   by the structure or not.        */
     mbedtls_x509_buf raw;               /**< The raw certificate data (DER). */
@@ -104,24 +91,21 @@ mbedtls_x509_crt;
  *      type-id    OBJECT IDENTIFIER,
  *      value      [0] EXPLICIT ANY DEFINED BY type-id }
  */
-typedef struct mbedtls_x509_san_other_name
-{
+typedef struct mbedtls_x509_san_other_name {
     /**
-     * The type_id is an OID as deifned in RFC 5280.
+     * The type_id is an OID as defined in RFC 5280.
      * To check the value of the type id, you should use
      * \p MBEDTLS_OID_CMP with a known OID mbedtls_x509_buf.
      */
     mbedtls_x509_buf type_id;                   /**< The type id. */
-    union
-    {
+    union {
         /**
          * From RFC 4108 section 5:
          * HardwareModuleName ::= SEQUENCE {
          *                         hwType OBJECT IDENTIFIER,
          *                         hwSerialNum OCTET STRING }
          */
-        struct
-        {
+        struct {
             mbedtls_x509_buf oid;               /**< The object identifier. */
             mbedtls_x509_buf val;               /**< The named value. */
         }
@@ -134,8 +118,7 @@ mbedtls_x509_san_other_name;
 /**
  * A structure for holding the parsed Subject Alternative Name, according to type
  */
-typedef struct mbedtls_x509_subject_alternative_name
-{
+typedef struct mbedtls_x509_subject_alternative_name {
     int type;                              /**< The SAN type, value of MBEDTLS_X509_SAN_XXX. */
     union {
         mbedtls_x509_san_other_name other_name; /**< The otherName supported type. */
@@ -149,17 +132,18 @@ mbedtls_x509_subject_alternative_name;
  * Build flag from an algorithm/curve identifier (pk, md, ecp)
  * Since 0 is always XXX_NONE, ignore it.
  */
-#define MBEDTLS_X509_ID_FLAG( id )   ( 1 << ( (id) - 1 ) )
+#define MBEDTLS_X509_ID_FLAG(id)   (1 << ((id) - 1))
 
 /**
  * Security profile for certificate verification.
  *
  * All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG().
  */
-typedef struct mbedtls_x509_crt_profile
-{
+typedef struct mbedtls_x509_crt_profile {
     uint32_t allowed_mds;       /**< MDs for signatures         */
-    uint32_t allowed_pks;       /**< PK algs for signatures     */
+    uint32_t allowed_pks;       /**< PK algs for public keys;
+                                 *   this applies to all certificates
+                                 *   in the provided chain.     */
     uint32_t allowed_curves;    /**< Elliptic curves for ECDSA  */
     uint32_t rsa_min_bitlen;    /**< Minimum size for RSA keys  */
 }
@@ -172,15 +156,14 @@ mbedtls_x509_crt_profile;
 #define MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN 32
 #define MBEDTLS_X509_RFC5280_UTC_TIME_LEN   15
 
-#if !defined( MBEDTLS_X509_MAX_FILE_PATH_LEN )
+#if !defined(MBEDTLS_X509_MAX_FILE_PATH_LEN)
 #define MBEDTLS_X509_MAX_FILE_PATH_LEN 512
 #endif
 
 /**
  * Container for writing a certificate (CRT)
  */
-typedef struct mbedtls_x509write_cert
-{
+typedef struct mbedtls_x509write_cert {
     int version;
     mbedtls_mpi serial;
     mbedtls_pk_context *subject_key;
@@ -205,13 +188,12 @@ typedef struct {
 /**
  * Max size of verification chain: end-entity + intermediates + trusted root
  */
-#define MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE  ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 )
+#define MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE  (MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2)
 
 /**
  * Verification chain as built by \c mbedtls_crt_verify_chain()
  */
-typedef struct
-{
+typedef struct {
     mbedtls_x509_crt_verify_chain_item items[MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE];
     unsigned len;
 
@@ -229,8 +211,7 @@ typedef struct
 /**
  * \brief       Context for resuming X.509 verify operations
  */
-typedef struct
-{
+typedef struct {
     /* for check_signature() */
     mbedtls_pk_restart_ctx pk;
 
@@ -263,12 +244,21 @@ typedef void mbedtls_x509_crt_restart_ctx;
 /**
  * Default security profile. Should provide a good balance between security
  * and compatibility with current deployments.
+ *
+ * This profile permits:
+ * - SHA2 hashes.
+ * - All supported elliptic curves.
+ * - RSA with 2048 bits and above.
+ *
+ * New minor versions of Mbed TLS may extend this profile, for example if
+ * new curves are added to the library. New minor versions of Mbed TLS will
+ * not reduce this profile unless serious security concerns require it.
  */
 extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default;
 
 /**
  * Expected next default profile. Recommended for new deployments.
- * Currently targets a 128-bit security level, except for RSA-2048.
+ * Currently targets a 128-bit security level, except for allowing RSA-2048.
  */
 extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next;
 
@@ -281,6 +271,10 @@ extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb;
  * \brief          Parse a single DER formatted certificate and add it
  *                 to the end of the provided chained list.
  *
+ * \note           If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                 subsystem must have been initialized by calling
+ *                 psa_crypto_init() before calling this function.
+ *
  * \param chain    The pointer to the start of the CRT chain to attach to.
  *                 When parsing the first CRT in a chain, this should point
  *                 to an instance of ::mbedtls_x509_crt initialized through
@@ -297,9 +291,9 @@ extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb;
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain,
-                                const unsigned char *buf,
-                                size_t buflen );
+int mbedtls_x509_crt_parse_der(mbedtls_x509_crt *chain,
+                               const unsigned char *buf,
+                               size_t buflen);
 
 /**
  * \brief          The type of certificate extension callbacks.
@@ -331,17 +325,21 @@ int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-typedef int (*mbedtls_x509_crt_ext_cb_t)( void *p_ctx,
-                                          mbedtls_x509_crt const *crt,
-                                          mbedtls_x509_buf const *oid,
-                                          int critical,
-                                          const unsigned char *p,
-                                          const unsigned char *end );
+typedef int (*mbedtls_x509_crt_ext_cb_t)(void *p_ctx,
+                                         mbedtls_x509_crt const *crt,
+                                         mbedtls_x509_buf const *oid,
+                                         int critical,
+                                         const unsigned char *p,
+                                         const unsigned char *end);
 
 /**
  * \brief            Parse a single DER formatted certificate and add it
  *                   to the end of the provided chained list.
  *
+ * \note             If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                   subsystem must have been initialized by calling
+ *                   psa_crypto_init() before calling this function.
+ *
  * \param chain      The pointer to the start of the CRT chain to attach to.
  *                   When parsing the first CRT in a chain, this should point
  *                   to an instance of ::mbedtls_x509_crt initialized through
@@ -378,12 +376,12 @@ typedef int (*mbedtls_x509_crt_ext_cb_t)( void *p_ctx,
  * \return           \c 0 if successful.
  * \return           A negative error code on failure.
  */
-int mbedtls_x509_crt_parse_der_with_ext_cb( mbedtls_x509_crt *chain,
-                                            const unsigned char *buf,
-                                            size_t buflen,
-                                            int make_copy,
-                                            mbedtls_x509_crt_ext_cb_t cb,
-                                            void *p_ctx );
+int mbedtls_x509_crt_parse_der_with_ext_cb(mbedtls_x509_crt *chain,
+                                           const unsigned char *buf,
+                                           size_t buflen,
+                                           int make_copy,
+                                           mbedtls_x509_crt_ext_cb_t cb,
+                                           void *p_ctx);
 
 /**
  * \brief          Parse a single DER formatted certificate and add it
@@ -392,6 +390,10 @@ int mbedtls_x509_crt_parse_der_with_ext_cb( mbedtls_x509_crt *chain,
  *                 temporary ownership of the CRT buffer until the CRT
  *                 is destroyed.
  *
+ * \note           If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                 subsystem must have been initialized by calling
+ *                 psa_crypto_init() before calling this function.
+ *
  * \param chain    The pointer to the start of the CRT chain to attach to.
  *                 When parsing the first CRT in a chain, this should point
  *                 to an instance of ::mbedtls_x509_crt initialized through
@@ -412,9 +414,9 @@ int mbedtls_x509_crt_parse_der_with_ext_cb( mbedtls_x509_crt *chain,
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain,
-                                       const unsigned char *buf,
-                                       size_t buflen );
+int mbedtls_x509_crt_parse_der_nocopy(mbedtls_x509_crt *chain,
+                                      const unsigned char *buf,
+                                      size_t buflen);
 
 /**
  * \brief          Parse one DER-encoded or one or more concatenated PEM-encoded
@@ -432,6 +434,10 @@ int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain,
  *                 long as the certificates are enclosed in the PEM specific
  *                 '-----{BEGIN/END} CERTIFICATE-----' delimiters.
  *
+ * \note           If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                 subsystem must have been initialized by calling
+ *                 psa_crypto_init() before calling this function.
+ *
  * \param chain    The chain to which to add the parsed certificates.
  * \param buf      The buffer holding the certificate data in PEM or DER format.
  *                 For certificates in PEM encoding, this may be a concatenation
@@ -446,7 +452,7 @@ int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain,
  * \return         A negative X509 or PEM error code otherwise.
  *
  */
-int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen );
+int mbedtls_x509_crt_parse(mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen);
 
 #if defined(MBEDTLS_FS_IO)
 /**
@@ -456,13 +462,17 @@ int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, s
  *                 of failed certificates it encountered. If none complete
  *                 correctly, the first error is returned.
  *
+ * \note           If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                 subsystem must have been initialized by calling
+ *                 psa_crypto_init() before calling this function.
+ *
  * \param chain    points to the start of the chain
  * \param path     filename to read the certificates from
  *
  * \return         0 if all certificates parsed successfully, a positive number
  *                 if partly successful or a specific X509 or PEM error code
  */
-int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path );
+int mbedtls_x509_crt_parse_file(mbedtls_x509_crt *chain, const char *path);
 
 /**
  * \brief          Load one or more certificate files from a path and add them
@@ -477,7 +487,7 @@ int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path );
  * \return         0 if all certificates parsed successfully, a positive number
  *                 if partly successful or a specific X509 or PEM error code
  */
-int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path );
+int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path);
 
 #endif /* MBEDTLS_FS_IO */
 /**
@@ -487,7 +497,7 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path );
  * \param san_buf  The buffer holding the raw data item of the subject
  *                 alternative name.
  * \param san      The target structure to populate with the parsed presentation
- *                 of the subject alternative name encoded in \p san_raw.
+ *                 of the subject alternative name encoded in \p san_buf.
  *
  * \note           Only "dnsName" and "otherName" of type hardware_module_name
  *                 as defined in RFC 4180 is supported.
@@ -495,7 +505,7 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path );
  * \note           This function should be called on a single raw data of
  *                 subject alternative name. For example, after successful
  *                 certificate parsing, one must iterate on every item in the
- *                 \p crt->subject_alt_names sequence, and pass it to
+ *                 \c crt->subject_alt_names sequence, and pass it to
  *                 this function.
  *
  * \warning        The target structure contains pointers to the raw data of the
@@ -507,8 +517,8 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path );
  *                 SAN type.
  * \return         Another negative value for any other failure.
  */
-int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf,
-                                         mbedtls_x509_subject_alternative_name *san );
+int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf,
+                                        mbedtls_x509_subject_alternative_name *san);
 /**
  * \brief          Returns an informational string about the
  *                 certificate.
@@ -521,8 +531,8 @@ int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf,
  * \return         The length of the string written (not including the
  *                 terminated nul byte), or a negative error code.
  */
-int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
-                   const mbedtls_x509_crt *crt );
+int mbedtls_x509_crt_info(char *buf, size_t size, const char *prefix,
+                          const mbedtls_x509_crt *crt);
 
 /**
  * \brief          Returns an informational string about the
@@ -536,8 +546,8 @@ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
  * \return         The length of the string written (not including the
  *                 terminated nul byte), or a negative error code.
  */
-int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
-                          uint32_t flags );
+int mbedtls_x509_crt_verify_info(char *buf, size_t size, const char *prefix,
+                                 uint32_t flags);
 
 /**
  * \brief          Verify a chain of certificates.
@@ -605,12 +615,12 @@ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
  * \return         Another negative error code in case of a fatal error
  *                 encountered during the verification process.
  */
-int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
-                     mbedtls_x509_crt *trust_ca,
-                     mbedtls_x509_crl *ca_crl,
-                     const char *cn, uint32_t *flags,
-                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
-                     void *p_vrfy );
+int mbedtls_x509_crt_verify(mbedtls_x509_crt *crt,
+                            mbedtls_x509_crt *trust_ca,
+                            mbedtls_x509_crl *ca_crl,
+                            const char *cn, uint32_t *flags,
+                            int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                            void *p_vrfy);
 
 /**
  * \brief          Verify a chain of certificates with respect to
@@ -646,13 +656,13 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
  * \return         Another negative error code in case of a fatal error
  *                 encountered during the verification process.
  */
-int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
-                     mbedtls_x509_crt *trust_ca,
-                     mbedtls_x509_crl *ca_crl,
-                     const mbedtls_x509_crt_profile *profile,
-                     const char *cn, uint32_t *flags,
-                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
-                     void *p_vrfy );
+int mbedtls_x509_crt_verify_with_profile(mbedtls_x509_crt *crt,
+                                         mbedtls_x509_crt *trust_ca,
+                                         mbedtls_x509_crl *ca_crl,
+                                         const mbedtls_x509_crt_profile *profile,
+                                         const char *cn, uint32_t *flags,
+                                         int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                                         void *p_vrfy);
 
 /**
  * \brief          Restartable version of \c mbedtls_crt_verify_with_profile()
@@ -680,14 +690,14 @@ int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
  * \return         #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
  *                 operations was reached: see \c mbedtls_ecp_set_max_ops().
  */
-int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt,
-                     mbedtls_x509_crt *trust_ca,
-                     mbedtls_x509_crl *ca_crl,
-                     const mbedtls_x509_crt_profile *profile,
-                     const char *cn, uint32_t *flags,
-                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
-                     void *p_vrfy,
-                     mbedtls_x509_crt_restart_ctx *rs_ctx );
+int mbedtls_x509_crt_verify_restartable(mbedtls_x509_crt *crt,
+                                        mbedtls_x509_crt *trust_ca,
+                                        mbedtls_x509_crl *ca_crl,
+                                        const mbedtls_x509_crt_profile *profile,
+                                        const char *cn, uint32_t *flags,
+                                        int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                                        void *p_vrfy,
+                                        mbedtls_x509_crt_restart_ctx *rs_ctx);
 
 /**
  * \brief               The type of trusted certificate callbacks.
@@ -719,9 +729,9 @@ int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt,
  *                      to the caller.
  * \return              A negative error code on failure.
  */
-typedef int (*mbedtls_x509_crt_ca_cb_t)( void *p_ctx,
-                                         mbedtls_x509_crt const *child,
-                                         mbedtls_x509_crt **candidate_cas );
+typedef int (*mbedtls_x509_crt_ca_cb_t)(void *p_ctx,
+                                        mbedtls_x509_crt const *child,
+                                        mbedtls_x509_crt **candidate_cas);
 
 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
 /**
@@ -746,13 +756,13 @@ typedef int (*mbedtls_x509_crt_ca_cb_t)( void *p_ctx,
  *
  * \return         See \c mbedtls_crt_verify_with_profile().
  */
-int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt,
-                     mbedtls_x509_crt_ca_cb_t f_ca_cb,
-                     void *p_ca_cb,
-                     const mbedtls_x509_crt_profile *profile,
-                     const char *cn, uint32_t *flags,
-                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
-                     void *p_vrfy );
+int mbedtls_x509_crt_verify_with_ca_cb(mbedtls_x509_crt *crt,
+                                       mbedtls_x509_crt_ca_cb_t f_ca_cb,
+                                       void *p_ca_cb,
+                                       const mbedtls_x509_crt_profile *profile,
+                                       const char *cn, uint32_t *flags,
+                                       int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                                       void *p_vrfy);
 
 #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
 
@@ -778,8 +788,8 @@ int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt,
  *                 (intermediate) CAs the keyUsage extension is automatically
  *                 checked by \c mbedtls_x509_crt_verify().
  */
-int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt,
-                                      unsigned int usage );
+int mbedtls_x509_crt_check_key_usage(const mbedtls_x509_crt *crt,
+                                     unsigned int usage);
 #endif /* MBEDTLS_X509_CHECK_KEY_USAGE) */
 
 #if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
@@ -796,9 +806,9 @@ int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt,
  *
  * \note            Usually only makes sense on leaf certificates.
  */
-int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt,
-                                               const char *usage_oid,
-                                               size_t usage_len );
+int mbedtls_x509_crt_check_extended_key_usage(const mbedtls_x509_crt *crt,
+                                              const char *usage_oid,
+                                              size_t usage_len);
 #endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
 
 #if defined(MBEDTLS_X509_CRL_PARSE_C)
@@ -811,7 +821,7 @@ int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt,
  * \return         1 if the certificate is revoked, 0 otherwise
  *
  */
-int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl );
+int mbedtls_x509_crt_is_revoked(const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl);
 #endif /* MBEDTLS_X509_CRL_PARSE_C */
 
 /**
@@ -819,30 +829,29 @@ int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509
  *
  * \param crt      Certificate chain to initialize
  */
-void mbedtls_x509_crt_init( mbedtls_x509_crt *crt );
+void mbedtls_x509_crt_init(mbedtls_x509_crt *crt);
 
 /**
  * \brief          Unallocate all certificate data
  *
  * \param crt      Certificate chain to free
  */
-void mbedtls_x509_crt_free( mbedtls_x509_crt *crt );
+void mbedtls_x509_crt_free(mbedtls_x509_crt *crt);
 
 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
 /**
  * \brief           Initialize a restart context
  */
-void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx );
+void mbedtls_x509_crt_restart_init(mbedtls_x509_crt_restart_ctx *ctx);
 
 /**
  * \brief           Free the components of a restart context
  */
-void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx );
+void mbedtls_x509_crt_restart_free(mbedtls_x509_crt_restart_ctx *ctx);
 #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
 
-/* \} name */
-/* \} addtogroup x509_module */
+/** \} name Structures and functions for parsing and writing X.509 certificates */
 
 #if defined(MBEDTLS_X509_CRT_WRITE_C)
 /**
@@ -850,17 +859,17 @@ void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx );
  *
  * \param ctx       CRT context to initialize
  */
-void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx );
+void mbedtls_x509write_crt_init(mbedtls_x509write_cert *ctx);
 
 /**
- * \brief           Set the verion for a Certificate
+ * \brief           Set the version for a Certificate
  *                  Default: MBEDTLS_X509_CRT_VERSION_3
  *
  * \param ctx       CRT context to use
  * \param version   version to set (MBEDTLS_X509_CRT_VERSION_1, MBEDTLS_X509_CRT_VERSION_2 or
  *                                  MBEDTLS_X509_CRT_VERSION_3)
  */
-void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version );
+void mbedtls_x509write_crt_set_version(mbedtls_x509write_cert *ctx, int version);
 
 /**
  * \brief           Set the serial number for a Certificate.
@@ -870,7 +879,7 @@ void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version
  *
  * \return          0 if successful
  */
-int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial );
+int mbedtls_x509write_crt_set_serial(mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial);
 
 /**
  * \brief           Set the validity period for a Certificate
@@ -886,14 +895,14 @@ int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls
  * \return          0 if timestamp was parsed successfully, or
  *                  a specific error code
  */
-int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char *not_before,
-                                const char *not_after );
+int mbedtls_x509write_crt_set_validity(mbedtls_x509write_cert *ctx, const char *not_before,
+                                       const char *not_after);
 
 /**
  * \brief           Set the issuer name for a Certificate
  *                  Issuer names should contain a comma-separated list
  *                  of OID types and values:
- *                  e.g. "C=UK,O=ARM,CN=mbed TLS CA"
+ *                  e.g. "C=UK,O=ARM,CN=Mbed TLS CA"
  *
  * \param ctx           CRT context to use
  * \param issuer_name   issuer name to set
@@ -901,14 +910,14 @@ int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char
  * \return          0 if issuer name was parsed successfully, or
  *                  a specific error code
  */
-int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx,
-                                   const char *issuer_name );
+int mbedtls_x509write_crt_set_issuer_name(mbedtls_x509write_cert *ctx,
+                                          const char *issuer_name);
 
 /**
  * \brief           Set the subject name for a Certificate
  *                  Subject names should contain a comma-separated list
  *                  of OID types and values:
- *                  e.g. "C=UK,O=ARM,CN=mbed TLS Server 1"
+ *                  e.g. "C=UK,O=ARM,CN=Mbed TLS Server 1"
  *
  * \param ctx           CRT context to use
  * \param subject_name  subject name to set
@@ -916,8 +925,8 @@ int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx,
  * \return          0 if subject name was parsed successfully, or
  *                  a specific error code
  */
-int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx,
-                                    const char *subject_name );
+int mbedtls_x509write_crt_set_subject_name(mbedtls_x509write_cert *ctx,
+                                           const char *subject_name);
 
 /**
  * \brief           Set the subject public key for the certificate
@@ -925,7 +934,7 @@ int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx,
  * \param ctx       CRT context to use
  * \param key       public key to include
  */
-void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key );
+void mbedtls_x509write_crt_set_subject_key(mbedtls_x509write_cert *ctx, mbedtls_pk_context *key);
 
 /**
  * \brief           Set the issuer key used for signing the certificate
@@ -933,7 +942,7 @@ void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls
  * \param ctx       CRT context to use
  * \param key       private key to sign with
  */
-void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key );
+void mbedtls_x509write_crt_set_issuer_key(mbedtls_x509write_cert *ctx, mbedtls_pk_context *key);
 
 /**
  * \brief           Set the MD algorithm to use for the signature
@@ -942,7 +951,7 @@ void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_
  * \param ctx       CRT context to use
  * \param md_alg    MD algorithm to use
  */
-void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg );
+void mbedtls_x509write_crt_set_md_alg(mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg);
 
 /**
  * \brief           Generic function to add to or replace an extension in the
@@ -957,10 +966,10 @@ void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_t
  *
  * \return          0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
  */
-int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx,
-                                 const char *oid, size_t oid_len,
-                                 int critical,
-                                 const unsigned char *val, size_t val_len );
+int mbedtls_x509write_crt_set_extension(mbedtls_x509write_cert *ctx,
+                                        const char *oid, size_t oid_len,
+                                        int critical,
+                                        const unsigned char *val, size_t val_len);
 
 /**
  * \brief           Set the basicConstraints extension for a CRT
@@ -969,12 +978,12 @@ int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx,
  * \param is_ca     is this a CA certificate
  * \param max_pathlen   maximum length of certificate chains below this
  *                      certificate (only for CA certificates, -1 is
- *                      inlimited)
+ *                      unlimited)
  *
  * \return          0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
  */
-int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
-                                         int is_ca, int max_pathlen );
+int mbedtls_x509write_crt_set_basic_constraints(mbedtls_x509write_cert *ctx,
+                                                int is_ca, int max_pathlen);
 
 #if defined(MBEDTLS_SHA1_C)
 /**
@@ -986,7 +995,7 @@ int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
  *
  * \return          0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
  */
-int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx );
+int mbedtls_x509write_crt_set_subject_key_identifier(mbedtls_x509write_cert *ctx);
 
 /**
  * \brief           Set the authorityKeyIdentifier extension for a CRT
@@ -997,7 +1006,7 @@ int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ct
  *
  * \return          0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
  */
-int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx );
+int mbedtls_x509write_crt_set_authority_key_identifier(mbedtls_x509write_cert *ctx);
 #endif /* MBEDTLS_SHA1_C */
 
 /**
@@ -1009,8 +1018,8 @@ int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *
  *
  * \return          0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
  */
-int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
-                                         unsigned int key_usage );
+int mbedtls_x509write_crt_set_key_usage(mbedtls_x509write_cert *ctx,
+                                        unsigned int key_usage);
 
 /**
  * \brief           Set the Netscape Cert Type flags
@@ -1021,15 +1030,15 @@ int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
  *
  * \return          0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
  */
-int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx,
-                                    unsigned char ns_cert_type );
+int mbedtls_x509write_crt_set_ns_cert_type(mbedtls_x509write_cert *ctx,
+                                           unsigned char ns_cert_type);
 
 /**
  * \brief           Free the contents of a CRT write context
  *
  * \param ctx       CRT context to free
  */
-void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx );
+void mbedtls_x509write_crt_free(mbedtls_x509write_cert *ctx);
 
 /**
  * \brief           Write a built up certificate to a X509 DER structure
@@ -1051,9 +1060,9 @@ void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx );
  *                  for countermeasures against timing attacks).
  *                  ECDSA signatures always require a non-NULL f_rng.
  */
-int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
-                       int (*f_rng)(void *, unsigned char *, size_t),
-                       void *p_rng );
+int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng);
 
 #if defined(MBEDTLS_PEM_WRITE_C)
 /**
@@ -1072,12 +1081,14 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf,
  *                  for countermeasures against timing attacks).
  *                  ECDSA signatures always require a non-NULL f_rng.
  */
-int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
-                       int (*f_rng)(void *, unsigned char *, size_t),
-                       void *p_rng );
+int mbedtls_x509write_crt_pem(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng);
 #endif /* MBEDTLS_PEM_WRITE_C */
 #endif /* MBEDTLS_X509_CRT_WRITE_C */
 
+/** \} addtogroup x509_module */
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/x509_csr.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/x509_csr.h
new file mode 100644
index 0000000..97a9db4
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/x509_csr.h
@@ -0,0 +1,300 @@
+/**
+ * \file x509_csr.h
+ *
+ * \brief X.509 certificate signing request parsing and writing
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_X509_CSR_H
+#define MBEDTLS_X509_CSR_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/x509.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \addtogroup x509_module
+ * \{ */
+
+/**
+ * \name Structures and functions for X.509 Certificate Signing Requests (CSR)
+ * \{
+ */
+
+/**
+ * Certificate Signing Request (CSR) structure.
+ */
+typedef struct mbedtls_x509_csr {
+    mbedtls_x509_buf raw;           /**< The raw CSR data (DER). */
+    mbedtls_x509_buf cri;           /**< The raw CertificateRequestInfo body (DER). */
+
+    int version;            /**< CSR version (1=v1). */
+
+    mbedtls_x509_buf  subject_raw;  /**< The raw subject data (DER). */
+    mbedtls_x509_name subject;      /**< The parsed subject data (named information object). */
+
+    mbedtls_pk_context pk;          /**< Container for the public key context. */
+
+    mbedtls_x509_buf sig_oid;
+    mbedtls_x509_buf sig;
+    mbedtls_md_type_t sig_md;       /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
+    mbedtls_pk_type_t sig_pk;       /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
+    void *sig_opts;         /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
+}
+mbedtls_x509_csr;
+
+/**
+ * Container for writing a CSR
+ */
+typedef struct mbedtls_x509write_csr {
+    mbedtls_pk_context *key;
+    mbedtls_asn1_named_data *subject;
+    mbedtls_md_type_t md_alg;
+    mbedtls_asn1_named_data *extensions;
+}
+mbedtls_x509write_csr;
+
+#if defined(MBEDTLS_X509_CSR_PARSE_C)
+/**
+ * \brief          Load a Certificate Signing Request (CSR) in DER format
+ *
+ * \note           CSR attributes (if any) are currently silently ignored.
+ *
+ * \note           If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                 subsystem must have been initialized by calling
+ *                 psa_crypto_init() before calling this function.
+ *
+ * \param csr      CSR context to fill
+ * \param buf      buffer holding the CRL data
+ * \param buflen   size of the buffer
+ *
+ * \return         0 if successful, or a specific X509 error code
+ */
+int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr,
+                               const unsigned char *buf, size_t buflen);
+
+/**
+ * \brief          Load a Certificate Signing Request (CSR), DER or PEM format
+ *
+ * \note           See notes for \c mbedtls_x509_csr_parse_der()
+ *
+ * \note           If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                 subsystem must have been initialized by calling
+ *                 psa_crypto_init() before calling this function.
+ *
+ * \param csr      CSR context to fill
+ * \param buf      buffer holding the CRL data
+ * \param buflen   size of the buffer
+ *                 (including the terminating null byte for PEM data)
+ *
+ * \return         0 if successful, or a specific X509 or PEM error code
+ */
+int mbedtls_x509_csr_parse(mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen);
+
+#if defined(MBEDTLS_FS_IO)
+/**
+ * \brief          Load a Certificate Signing Request (CSR)
+ *
+ * \note           See notes for \c mbedtls_x509_csr_parse()
+ *
+ * \param csr      CSR context to fill
+ * \param path     filename to read the CSR from
+ *
+ * \return         0 if successful, or a specific X509 or PEM error code
+ */
+int mbedtls_x509_csr_parse_file(mbedtls_x509_csr *csr, const char *path);
+#endif /* MBEDTLS_FS_IO */
+
+/**
+ * \brief          Returns an informational string about the
+ *                 CSR.
+ *
+ * \param buf      Buffer to write to
+ * \param size     Maximum size of buffer
+ * \param prefix   A line prefix
+ * \param csr      The X509 CSR to represent
+ *
+ * \return         The length of the string written (not including the
+ *                 terminated nul byte), or a negative error code.
+ */
+int mbedtls_x509_csr_info(char *buf, size_t size, const char *prefix,
+                          const mbedtls_x509_csr *csr);
+
+/**
+ * \brief          Initialize a CSR
+ *
+ * \param csr      CSR to initialize
+ */
+void mbedtls_x509_csr_init(mbedtls_x509_csr *csr);
+
+/**
+ * \brief          Unallocate all CSR data
+ *
+ * \param csr      CSR to free
+ */
+void mbedtls_x509_csr_free(mbedtls_x509_csr *csr);
+#endif /* MBEDTLS_X509_CSR_PARSE_C */
+
+/** \} name Structures and functions for X.509 Certificate Signing Requests (CSR) */
+
+#if defined(MBEDTLS_X509_CSR_WRITE_C)
+/**
+ * \brief           Initialize a CSR context
+ *
+ * \param ctx       CSR context to initialize
+ */
+void mbedtls_x509write_csr_init(mbedtls_x509write_csr *ctx);
+
+/**
+ * \brief           Set the subject name for a CSR
+ *                  Subject names should contain a comma-separated list
+ *                  of OID types and values:
+ *                  e.g. "C=UK,O=ARM,CN=Mbed TLS Server 1"
+ *
+ * \param ctx           CSR context to use
+ * \param subject_name  subject name to set
+ *
+ * \return          0 if subject name was parsed successfully, or
+ *                  a specific error code
+ */
+int mbedtls_x509write_csr_set_subject_name(mbedtls_x509write_csr *ctx,
+                                           const char *subject_name);
+
+/**
+ * \brief           Set the key for a CSR (public key will be included,
+ *                  private key used to sign the CSR when writing it)
+ *
+ * \param ctx       CSR context to use
+ * \param key       Asymmetric key to include
+ */
+void mbedtls_x509write_csr_set_key(mbedtls_x509write_csr *ctx, mbedtls_pk_context *key);
+
+/**
+ * \brief           Set the MD algorithm to use for the signature
+ *                  (e.g. MBEDTLS_MD_SHA1)
+ *
+ * \param ctx       CSR context to use
+ * \param md_alg    MD algorithm to use
+ */
+void mbedtls_x509write_csr_set_md_alg(mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg);
+
+/**
+ * \brief           Set the Key Usage Extension flags
+ *                  (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN)
+ *
+ * \param ctx       CSR context to use
+ * \param key_usage key usage flags to set
+ *
+ * \return          0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
+ *
+ * \note            The <code>decipherOnly</code> flag from the Key Usage
+ *                  extension is represented by bit 8 (i.e.
+ *                  <code>0x8000</code>), which cannot typically be represented
+ *                  in an unsigned char. Therefore, the flag
+ *                  <code>decipherOnly</code> (i.e.
+ *                  #MBEDTLS_X509_KU_DECIPHER_ONLY) cannot be set using this
+ *                  function.
+ */
+int mbedtls_x509write_csr_set_key_usage(mbedtls_x509write_csr *ctx, unsigned char key_usage);
+
+/**
+ * \brief           Set the Netscape Cert Type flags
+ *                  (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL)
+ *
+ * \param ctx           CSR context to use
+ * \param ns_cert_type  Netscape Cert Type flags to set
+ *
+ * \return          0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
+ */
+int mbedtls_x509write_csr_set_ns_cert_type(mbedtls_x509write_csr *ctx,
+                                           unsigned char ns_cert_type);
+
+/**
+ * \brief           Generic function to add to or replace an extension in the
+ *                  CSR
+ *
+ * \param ctx       CSR context to use
+ * \param oid       OID of the extension
+ * \param oid_len   length of the OID
+ * \param val       value of the extension OCTET STRING
+ * \param val_len   length of the value data
+ *
+ * \return          0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
+ */
+int mbedtls_x509write_csr_set_extension(mbedtls_x509write_csr *ctx,
+                                        const char *oid, size_t oid_len,
+                                        const unsigned char *val, size_t val_len);
+
+/**
+ * \brief           Free the contents of a CSR context
+ *
+ * \param ctx       CSR context to free
+ */
+void mbedtls_x509write_csr_free(mbedtls_x509write_csr *ctx);
+
+/**
+ * \brief           Write a CSR (Certificate Signing Request) to a
+ *                  DER structure
+ *                  Note: data is written at the end of the buffer! Use the
+ *                        return value to determine where you should start
+ *                        using the buffer
+ *
+ * \param ctx       CSR to write away
+ * \param buf       buffer to write to
+ * \param size      size of the buffer
+ * \param f_rng     RNG function (for signature, see note)
+ * \param p_rng     RNG parameter
+ *
+ * \return          length of data written if successful, or a specific
+ *                  error code
+ *
+ * \note            f_rng may be NULL if RSA is used for signature and the
+ *                  signature is made offline (otherwise f_rng is desirable
+ *                  for countermeasures against timing attacks).
+ *                  ECDSA signatures always require a non-NULL f_rng.
+ */
+int mbedtls_x509write_csr_der(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng);
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+/**
+ * \brief           Write a CSR (Certificate Signing Request) to a
+ *                  PEM string
+ *
+ * \param ctx       CSR to write away
+ * \param buf       buffer to write to
+ * \param size      size of the buffer
+ * \param f_rng     RNG function (for signature, see note)
+ * \param p_rng     RNG parameter
+ *
+ * \return          0 if successful, or a specific error code
+ *
+ * \note            f_rng may be NULL if RSA is used for signature and the
+ *                  signature is made offline (otherwise f_rng is desirable
+ *                  for countermeasures against timing attacks).
+ *                  ECDSA signatures always require a non-NULL f_rng.
+ */
+int mbedtls_x509write_csr_pem(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng);
+#endif /* MBEDTLS_PEM_WRITE_C */
+#endif /* MBEDTLS_X509_CSR_WRITE_C */
+
+/** \} addtogroup x509_module */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* mbedtls_x509_csr.h */
diff --git a/3rdparty/mbedtls-2.28.7/include/mbedtls/xtea.h b/3rdparty/mbedtls-2.28.7/include/mbedtls/xtea.h
new file mode 100644
index 0000000..b7242c7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/mbedtls/xtea.h
@@ -0,0 +1,126 @@
+/**
+ * \file xtea.h
+ *
+ * \brief XTEA block cipher (32-bit)
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_XTEA_H
+#define MBEDTLS_XTEA_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+#include <stdint.h>
+
+#define MBEDTLS_XTEA_ENCRYPT     1
+#define MBEDTLS_XTEA_DECRYPT     0
+
+/** The data input has an invalid length. */
+#define MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH             -0x0028
+
+/* MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED is deprecated and should not be used. */
+/** XTEA hardware accelerator failed. */
+#define MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED                  -0x0029
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if !defined(MBEDTLS_XTEA_ALT)
+// Regular implementation
+//
+
+/**
+ * \brief          XTEA context structure
+ */
+typedef struct mbedtls_xtea_context {
+    uint32_t k[4];       /*!< key */
+}
+mbedtls_xtea_context;
+
+#else  /* MBEDTLS_XTEA_ALT */
+#include "xtea_alt.h"
+#endif /* MBEDTLS_XTEA_ALT */
+
+/**
+ * \brief          Initialize XTEA context
+ *
+ * \param ctx      XTEA context to be initialized
+ */
+void mbedtls_xtea_init(mbedtls_xtea_context *ctx);
+
+/**
+ * \brief          Clear XTEA context
+ *
+ * \param ctx      XTEA context to be cleared
+ */
+void mbedtls_xtea_free(mbedtls_xtea_context *ctx);
+
+/**
+ * \brief          XTEA key schedule
+ *
+ * \param ctx      XTEA context to be initialized
+ * \param key      the secret key
+ */
+void mbedtls_xtea_setup(mbedtls_xtea_context *ctx, const unsigned char key[16]);
+
+/**
+ * \brief          XTEA cipher function
+ *
+ * \param ctx      XTEA context
+ * \param mode     MBEDTLS_XTEA_ENCRYPT or MBEDTLS_XTEA_DECRYPT
+ * \param input    8-byte input block
+ * \param output   8-byte output block
+ *
+ * \return         0 if successful
+ */
+int mbedtls_xtea_crypt_ecb(mbedtls_xtea_context *ctx,
+                           int mode,
+                           const unsigned char input[8],
+                           unsigned char output[8]);
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/**
+ * \brief          XTEA CBC cipher function
+ *
+ * \param ctx      XTEA context
+ * \param mode     MBEDTLS_XTEA_ENCRYPT or MBEDTLS_XTEA_DECRYPT
+ * \param length   the length of input, multiple of 8
+ * \param iv       initialization vector for CBC mode
+ * \param input    input block
+ * \param output   output block
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH if the length % 8 != 0
+ */
+int mbedtls_xtea_crypt_cbc(mbedtls_xtea_context *ctx,
+                           int mode,
+                           size_t length,
+                           unsigned char iv[8],
+                           const unsigned char *input,
+                           unsigned char *output);
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ */
+int mbedtls_xtea_self_test(int verbose);
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* xtea.h */
diff --git a/3rdparty/mbedtls-2.25.0/include/psa/crypto.h b/3rdparty/mbedtls-2.28.7/include/psa/crypto.h
similarity index 78%
rename from 3rdparty/mbedtls-2.25.0/include/psa/crypto.h
rename to 3rdparty/mbedtls-2.28.7/include/psa/crypto.h
index b41a20b..9e70d0c 100644
--- a/3rdparty/mbedtls-2.25.0/include/psa/crypto.h
+++ b/3rdparty/mbedtls-2.28.7/include/psa/crypto.h
@@ -4,19 +4,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #ifndef PSA_CRYPTO_H
@@ -88,12 +76,16 @@ extern "C" {
  * initialization may have security implications, for example due to improper
  * seeding of the random number generator.
  *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_DATA_INVALID \emptydescription
+ * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
  */
 psa_status_t psa_crypto_init(void);
 
@@ -112,7 +104,7 @@ psa_status_t psa_crypto_init(void);
 /* This is an example definition for documentation purposes.
  * Implementations should define a suitable value in `crypto_struct.h`.
  */
-#define PSA_KEY_ATTRIBUTES_INIT {0}
+#define PSA_KEY_ATTRIBUTES_INIT { 0 }
 #endif
 
 /** Return an initial value for a key attributes structure.
@@ -139,8 +131,8 @@ static psa_key_attributes_t psa_key_attributes_init(void);
  * \param[out] attributes  The attribute structure to write to.
  * \param key              The persistent identifier for the key.
  */
-static void psa_set_key_id( psa_key_attributes_t *attributes,
-                            mbedtls_svc_key_id_t key );
+static void psa_set_key_id(psa_key_attributes_t *attributes,
+                           mbedtls_svc_key_id_t key);
 
 #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
 /** Set the owner identifier of a key.
@@ -155,10 +147,10 @@ static void psa_set_key_id( psa_key_attributes_t *attributes,
  * the owner of a key.
  *
  * \param[out] attributes  The attribute structure to write to.
- * \param owner_id         The key owner identifier.
+ * \param owner            The key owner identifier.
  */
-static void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes,
-                                      mbedtls_key_owner_id_t owner_id );
+static void mbedtls_set_key_owner_id(psa_key_attributes_t *attributes,
+                                     mbedtls_key_owner_id_t owner);
 #endif
 
 /** Set the location of a persistent key.
@@ -260,6 +252,14 @@ static psa_key_usage_t psa_get_key_usage_flags(
  * - An algorithm value permits this particular algorithm.
  * - An algorithm wildcard built from #PSA_ALG_ANY_HASH allows the specified
  *   signature scheme with any hash algorithm.
+ * - An algorithm built from #PSA_ALG_AT_LEAST_THIS_LENGTH_MAC allows
+ *   any MAC algorithm from the same base class (e.g. CMAC) which
+ *   generates/verifies a MAC length greater than or equal to the length
+ *   encoded in the wildcard algorithm.
+ * - An algorithm built from #PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG
+ *   allows any AEAD algorithm from the same base class (e.g. CCM) which
+ *   generates/verifies a tag length greater than or equal to the length
+ *   encoded in the wildcard algorithm.
  *
  * This function overwrites any algorithm policy
  * previously set in \p attributes.
@@ -362,12 +362,14 @@ static size_t psa_get_key_bits(const psa_key_attributes_t *attributes);
  *                              On failure, equivalent to a
  *                              freshly-initialized structure.
  *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
+ * \retval #PSA_ERROR_DATA_INVALID \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -478,31 +480,30 @@ psa_status_t psa_purge_key(mbedtls_svc_key_id_t key);
  *                          identifier defined in \p attributes.
  *                          \c 0 on failure.
  *
- * \retval #PSA_SUCCESS
+ * \retval #PSA_SUCCESS \emptydescription
  * \retval #PSA_ERROR_INVALID_HANDLE
  *         \p source_key is invalid.
  * \retval #PSA_ERROR_ALREADY_EXISTS
  *         This is an attempt to create a persistent key, and there is
  *         already a persistent key with the given identifier.
  * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         The lifetime or identifier in \p attributes are invalid.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         The policy constraints on the source and specified in
- *         \p attributes are incompatible.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         The lifetime or identifier in \p attributes are invalid, or
+ *         the policy constraints on the source and specified in
+ *         \p attributes are incompatible, or
  *         \p attributes specifies a key type or key size
  *         which does not match the attributes of the source key.
  * \retval #PSA_ERROR_NOT_PERMITTED
- *         The source key does not have the #PSA_KEY_USAGE_COPY usage flag.
- * \retval #PSA_ERROR_NOT_PERMITTED
- *         The source key is not exportable and its lifetime does not
+ *         The source key does not have the #PSA_KEY_USAGE_COPY usage flag, or
+ *         the source key is not exportable and its lifetime does not
  *         allow copying it to the target's lifetime.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_DATA_INVALID \emptydescription
+ * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -538,8 +539,12 @@ psa_status_t psa_copy_key(mbedtls_svc_key_id_t source_key,
  * \retval #PSA_ERROR_INVALID_HANDLE
  *         \p key is not a valid identifier nor \c 0.
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- *         There was an failure in communication with the cryptoprocessor.
+ *         There was a failure in communication with the cryptoprocessor.
  *         The key material may still be present in the cryptoprocessor.
+ * \retval #PSA_ERROR_DATA_INVALID
+ *         This error is typically a result of either storage corruption on a
+ *         cleartext storage backend, or an attempt to read data that was
+ *         written by an incompatible version of the library.
  * \retval #PSA_ERROR_STORAGE_FAILURE
  *         The storage is corrupted. Implementations shall make a best effort
  *         to erase key material even in this stage, however applications
@@ -616,18 +621,18 @@ psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key);
  *         The key type or key size is not supported, either by the
  *         implementation in general or in this particular persistent location.
  * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         The key attributes, as a whole, are invalid.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         The key data is not correctly formatted.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         The size in \p attributes is nonzero and does not match the size
+ *         The key attributes, as a whole, are invalid, or
+ *         the key data is not correctly formatted, or
+ *         the size in \p attributes is nonzero and does not match the size
  *         of the key data.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
+ * \retval #PSA_ERROR_DATA_INVALID \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -687,6 +692,8 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes,
  *   For Weierstrass curves, this is the content of the `privateKey` field of
  *   the `ECPrivateKey` format defined by RFC 5915.  For Montgomery curves,
  *   the format is defined by RFC 7748, and output is masked according to §5.
+ *   For twisted Edwards curves, the private key is as defined by RFC 8032
+ *   (a 32-byte string for Edwards25519, a 57-byte string for Edwards448).
  * - For Diffie-Hellman key exchange key pairs (key types for which
  *   #PSA_KEY_TYPE_IS_DH_KEY_PAIR is true), the
  *   format is the representation of the private key `x` as a big-endian byte
@@ -705,22 +712,22 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes,
  * \param[out] data_length  On success, the number of bytes
  *                          that make up the key data.
  *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
  * \retval #PSA_ERROR_NOT_PERMITTED
  *         The key does not have the #PSA_KEY_USAGE_EXPORT flag.
- * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \p data buffer is too small. You can determine a
  *         sufficient buffer size by calling
- *         #PSA_KEY_EXPORT_MAX_SIZE(\c type, \c bits)
+ *         #PSA_EXPORT_KEY_OUTPUT_SIZE(\c type, \c bits)
  *         where \c type is the key type
  *         and \c bits is the key size in bits.
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -752,7 +759,12 @@ psa_status_t psa_export_key(mbedtls_svc_key_id_t key,
  *      modulus            INTEGER,    -- n
  *      publicExponent     INTEGER  }  -- e
  *   ```
- * - For elliptic curve public keys (key types for which
+ * - For elliptic curve keys on a twisted Edwards curve (key types for which
+ *   #PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY is true and #PSA_KEY_TYPE_ECC_GET_FAMILY
+ *   returns #PSA_ECC_FAMILY_TWISTED_EDWARDS), the public key is as defined
+ *   by RFC 8032
+ *   (a 32-byte string for Edwards25519, a 57-byte string for Edwards448).
+ * - For other elliptic curve public keys (key types for which
  *   #PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY is true), the format is the uncompressed
  *   representation defined by SEC1 &sect;2.3.3 as the content of an ECPoint.
  *   Let `m` be the bit size associated with the curve, i.e. the bit size of
@@ -775,22 +787,22 @@ psa_status_t psa_export_key(mbedtls_svc_key_id_t key,
  * \param[out] data_length  On success, the number of bytes
  *                          that make up the key data.
  *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         The key is neither a public key nor a key pair.
- * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \p data buffer is too small. You can determine a
  *         sufficient buffer size by calling
- *         #PSA_KEY_EXPORT_MAX_SIZE(#PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(\c type), \c bits)
+ *         #PSA_EXPORT_KEY_OUTPUT_SIZE(#PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(\c type), \c bits)
  *         where \c type is the key type
  *         and \c bits is the key size in bits.
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -822,20 +834,19 @@ psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key,
  * \param hash_size         Size of the \p hash buffer in bytes.
  * \param[out] hash_length  On success, the number of bytes
  *                          that make up the hash value. This is always
- *                          #PSA_HASH_SIZE(\p alg).
+ *                          #PSA_HASH_LENGTH(\p alg).
  *
  * \retval #PSA_SUCCESS
  *         Success.
  * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \p alg is not supported or is not a hash algorithm.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         \p hash_size is too small
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -867,11 +878,10 @@ psa_status_t psa_hash_compute(psa_algorithm_t alg,
  *         \p alg is not supported or is not a hash algorithm.
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \p input_length or \p hash_length do not match the hash size for \p alg
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -922,7 +932,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
 /* This is an example definition for documentation purposes.
  * Implementations should define a suitable value in `crypto_struct.h`.
  */
-#define PSA_HASH_OPERATION_INIT {0}
+#define PSA_HASH_OPERATION_INIT { 0 }
 #endif
 
 /** Return an initial value for a hash operation object.
@@ -967,14 +977,13 @@ static psa_hash_operation_t psa_hash_operation_init(void);
  *         \p alg is not a supported hash algorithm.
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \p alg is not a hash algorithm.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be inactive).
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         The operation state is not valid (it must be inactive), or
+ *         the library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -994,14 +1003,13 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
  *
  * \retval #PSA_SUCCESS
  *         Success.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it muct be active).
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         The operation state is not valid (it must be active), or
+ *         the library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -1015,7 +1023,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation,
  * This function calculates the hash of the message formed by concatenating
  * the inputs passed to preceding calls to psa_hash_update().
  *
- * When this function returns successfuly, the operation becomes inactive.
+ * When this function returns successfully, the operation becomes inactive.
  * If this function returns an error status, the operation enters an error
  * state and must be aborted by calling psa_hash_abort().
  *
@@ -1032,23 +1040,22 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation,
  * \param hash_size             Size of the \p hash buffer in bytes.
  * \param[out] hash_length      On success, the number of bytes
  *                              that make up the hash value. This is always
- *                              #PSA_HASH_SIZE(\c alg) where \c alg is the
+ *                              #PSA_HASH_LENGTH(\c alg) where \c alg is the
  *                              hash algorithm that is calculated.
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be active).
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \p hash buffer is too small. You can determine a
- *         sufficient buffer size by calling #PSA_HASH_SIZE(\c alg)
+ *         sufficient buffer size by calling #PSA_HASH_LENGTH(\c alg)
  *         where \c alg is the hash algorithm that is calculated.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         The operation state is not valid (it must be active), or
+ *         the library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -1066,7 +1073,7 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
  * compares the calculated hash with the expected hash passed as a
  * parameter to this function.
  *
- * When this function returns successfuly, the operation becomes inactive.
+ * When this function returns successfully, the operation becomes inactive.
  * If this function returns an error status, the operation enters an error
  * state and must be aborted by calling psa_hash_abort().
  *
@@ -1083,14 +1090,13 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
  * \retval #PSA_ERROR_INVALID_SIGNATURE
  *         The hash of the message was calculated successfully, but it
  *         differs from the expected hash.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be active).
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         The operation state is not valid (it must be active), or
+ *         the library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -1114,10 +1120,10 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
  *
  * \param[in,out] operation     Initialized hash operation.
  *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -1140,17 +1146,15 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation);
  * \param[in,out] target_operation  The operation object to set up.
  *                                  It must be initialized but not active.
  *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_BAD_STATE
- *         The \p source_operation state is not valid (it must be active).
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
- *         The \p target_operation state is not valid (it must be inactive).
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         The \p source_operation state is not valid (it must be active), or
+ *         the \p target_operation state is not valid (it must be inactive), or
+ *         the library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -1186,18 +1190,18 @@ psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation,
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \p key is not compatible with \p alg.
  * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \p alg is not supported or is not a MAC algorithm.
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         \p mac_size is too small
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_STORAGE_FAILURE
  *         The key could not be retrieved from storage.
  * \retval #PSA_ERROR_BAD_STATE
@@ -1229,16 +1233,16 @@ psa_status_t psa_mac_compute(mbedtls_svc_key_id_t key,
  * \retval #PSA_ERROR_INVALID_SIGNATURE
  *         The MAC of the message was calculated successfully, but it
  *         differs from the expected value.
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \p key is not compatible with \p alg.
  * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \p alg is not supported or is not a MAC algorithm.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_STORAGE_FAILURE
  *         The key could not be retrieved from storage.
  * \retval #PSA_ERROR_BAD_STATE
@@ -1292,7 +1296,7 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
 /* This is an example definition for documentation purposes.
  * Implementations should define a suitable value in `crypto_struct.h`.
  */
-#define PSA_MAC_OPERATION_INIT {0}
+#define PSA_MAC_OPERATION_INIT { 0 }
 #endif
 
 /** Return an initial value for a MAC operation object.
@@ -1339,22 +1343,21 @@ static psa_mac_operation_t psa_mac_operation_init(void);
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \p key is not compatible with \p alg.
  * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \p alg is not supported or is not a MAC algorithm.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_STORAGE_FAILURE
  *         The key could not be retrieved from storage.
  * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be inactive).
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         The operation state is not valid (it must be inactive), or
+ *         the library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -1402,22 +1405,21 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \c key is not compatible with \c alg.
  * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \c alg is not supported or is not a MAC algorithm.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_STORAGE_FAILURE
- *         The key could not be retrieved from storage
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be inactive).
+ *         The key could not be retrieved from storage.
  * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         The operation state is not valid (it must be inactive), or
+ *         the library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -1440,15 +1442,14 @@ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be active).
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (it must be active), or
+ *         the library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -1462,7 +1463,7 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation,
  * This function calculates the MAC of the message formed by concatenating
  * the inputs passed to preceding calls to psa_mac_update().
  *
- * When this function returns successfuly, the operation becomes inactive.
+ * When this function returns successfully, the operation becomes inactive.
  * If this function returns an error status, the operation enters an error
  * state and must be aborted by calling psa_mac_abort().
  *
@@ -1479,26 +1480,25 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation,
  * \param mac_size          Size of the \p mac buffer in bytes.
  * \param[out] mac_length   On success, the number of bytes
  *                          that make up the MAC value. This is always
- *                          #PSA_MAC_FINAL_SIZE(\c key_type, \c key_bits, \c alg)
+ *                          #PSA_MAC_LENGTH(\c key_type, \c key_bits, \c alg)
  *                          where \c key_type and \c key_bits are the type and
  *                          bit-size respectively of the key and \c alg is the
  *                          MAC algorithm that is calculated.
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be an active mac sign
- *         operation).
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \p mac buffer is too small. You can determine a
- *         sufficient buffer size by calling PSA_MAC_FINAL_SIZE().
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ *         sufficient buffer size by calling PSA_MAC_LENGTH().
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         The operation state is not valid (it must be an active mac sign
+ *         operation), or the library has not been previously initialized
+ *         by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -1516,7 +1516,7 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
  * compares the calculated MAC with the expected MAC passed as a
  * parameter to this function.
  *
- * When this function returns successfuly, the operation becomes inactive.
+ * When this function returns successfully, the operation becomes inactive.
  * If this function returns an error status, the operation enters an error
  * state and must be aborted by calling psa_mac_abort().
  *
@@ -1533,16 +1533,15 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
  * \retval #PSA_ERROR_INVALID_SIGNATURE
  *         The MAC of the message was calculated successfully, but it
  *         differs from the expected MAC.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The operation state is not valid (it must be an active mac verify
- *         operation).
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         operation), or the library has not been previously initialized
+ *         by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -1566,10 +1565,10 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
  *
  * \param[in,out] operation Initialized MAC operation.
  *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -1605,18 +1604,18 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation);
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \p key is not compatible with \p alg.
  * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \p alg is not supported or is not a cipher algorithm.
- * \retval #PSA_ERROR_BUFFER_TOO_SMALL
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -1652,18 +1651,18 @@ psa_status_t psa_cipher_encrypt(mbedtls_svc_key_id_t key,
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \p key is not compatible with \p alg.
  * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \p alg is not supported or is not a cipher algorithm.
- * \retval #PSA_ERROR_BUFFER_TOO_SMALL
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -1716,7 +1715,7 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
 /* This is an example definition for documentation purposes.
  * Implementations should define a suitable value in `crypto_struct.h`.
  */
-#define PSA_CIPHER_OPERATION_INIT {0}
+#define PSA_CIPHER_OPERATION_INIT { 0 }
 #endif
 
 /** Return an initial value for a cipher operation object.
@@ -1765,21 +1764,20 @@ static psa_cipher_operation_t psa_cipher_operation_init(void);
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \p key is not compatible with \p alg.
  * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \p alg is not supported or is not a cipher algorithm.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be inactive).
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (it must be inactive), or
+ *         the library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -1829,21 +1827,20 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \p key is not compatible with \p alg.
  * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \p alg is not supported or is not a cipher algorithm.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be inactive).
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (it must be inactive), or
+ *         the library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -1871,17 +1868,17 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be active, with no IV set).
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \p iv buffer is too small.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (it must be active, with no IV set),
+ *         or the library has not been previously initialized
+ *         by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -1911,19 +1908,18 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be an active cipher
- *         encrypt operation, with no IV set).
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         The size of \p iv is not acceptable for the chosen algorithm,
  *         or the chosen algorithm does not use an IV.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         The operation state is not valid (it must be an active cipher
+ *         encrypt operation, with no IV set), or the library has not been
+ *         previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -1954,18 +1950,17 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be active, with an IV set
- *         if required for the algorithm).
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \p output buffer is too small.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         The operation state is not valid (it must be active, with an IV set
+ *         if required for the algorithm), or the library has not been
+ *         previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -1987,7 +1982,7 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
  * formed by concatenating the inputs passed to preceding calls to
  * psa_cipher_update().
  *
- * When this function returns successfuly, the operation becomes inactive.
+ * When this function returns successfully, the operation becomes inactive.
  * If this function returns an error status, the operation enters an error
  * state and must be aborted by calling psa_cipher_abort().
  *
@@ -2007,18 +2002,17 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
  * \retval #PSA_ERROR_INVALID_PADDING
  *         This is a decryption operation for an algorithm that includes
  *         padding, and the ciphertext does not contain valid padding.
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be active, with an IV set
- *         if required for the algorithm).
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \p output buffer is too small.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         The operation state is not valid (it must be active, with an IV set
+ *         if required for the algorithm), or the library has not been
+ *         previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -2043,10 +2037,10 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
  *
  * \param[in,out] operation     Initialized cipher operation.
  *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -2084,27 +2078,38 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
  *                                authentication tag is appended to the
  *                                encrypted data.
  * \param ciphertext_size         Size of the \p ciphertext buffer in bytes.
- *                                This must be at least
- *                                #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg,
- *                                \p plaintext_length).
+ *                                This must be appropriate for the selected
+ *                                algorithm and key:
+ *                                - A sufficient output size is
+ *                                  #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\c key_type,
+ *                                  \p alg, \p plaintext_length) where
+ *                                  \c key_type is the type of \p key.
+ *                                - #PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(\p
+ *                                  plaintext_length) evaluates to the maximum
+ *                                  ciphertext size of any supported AEAD
+ *                                  encryption.
  * \param[out] ciphertext_length  On success, the size of the output
  *                                in the \p ciphertext buffer.
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \p key is not compatible with \p alg.
  * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \p alg is not supported or is not an AEAD algorithm.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
- *         \p ciphertext_size is too small
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ *         \p ciphertext_size is too small.
+ *         #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\c key_type, \p alg,
+ *         \p plaintext_length) or
+ *         #PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(\p plaintext_length) can be used to
+ *         determine the required buffer size.
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -2144,29 +2149,40 @@ psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key,
  * \param ciphertext_length       Size of \p ciphertext in bytes.
  * \param[out] plaintext          Output buffer for the decrypted data.
  * \param plaintext_size          Size of the \p plaintext buffer in bytes.
- *                                This must be at least
- *                                #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg,
- *                                \p ciphertext_length).
+ *                                This must be appropriate for the selected
+ *                                algorithm and key:
+ *                                - A sufficient output size is
+ *                                  #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\c key_type,
+ *                                  \p alg, \p ciphertext_length) where
+ *                                  \c key_type is the type of \p key.
+ *                                - #PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(\p
+ *                                  ciphertext_length) evaluates to the maximum
+ *                                  plaintext size of any supported AEAD
+ *                                  decryption.
  * \param[out] plaintext_length   On success, the size of the output
  *                                in the \p plaintext buffer.
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
  * \retval #PSA_ERROR_INVALID_SIGNATURE
  *         The ciphertext is not authentic.
- * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \p key is not compatible with \p alg.
  * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \p alg is not supported or is not an AEAD algorithm.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
- *         \p plaintext_size or \p nonce_length is too small
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ *         \p plaintext_size is too small.
+ *         #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\c key_type, \p alg,
+ *         \p ciphertext_length) or
+ *         #PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(\p ciphertext_length) can be used
+ *         to determine the required buffer size.
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -2223,7 +2239,7 @@ typedef struct psa_aead_operation_s psa_aead_operation_t;
 /* This is an example definition for documentation purposes.
  * Implementations should define a suitable value in `crypto_struct.h`.
  */
-#define PSA_AEAD_OPERATION_INIT {0}
+#define PSA_AEAD_OPERATION_INIT { 0 }
 #endif
 
 /** Return an initial value for an AEAD operation object.
@@ -2279,19 +2295,19 @@ static psa_aead_operation_t psa_aead_operation_init(void);
  * \retval #PSA_SUCCESS
  *         Success.
  * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be inactive).
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_NOT_PERMITTED
+ *         The operation state is not valid (it must be inactive), or
+ *         the library has not been previously initialized by psa_crypto_init().
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \p key is not compatible with \p alg.
  * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \p alg is not supported or is not an AEAD algorithm.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
@@ -2345,21 +2361,20 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation,
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be inactive).
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \p key is not compatible with \p alg.
  * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \p alg is not supported or is not an AEAD algorithm.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (it must be inactive), or the
+ *         library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -2388,18 +2403,17 @@ psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation,
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be an active aead encrypt
- *         operation, with no nonce set).
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \p nonce buffer is too small.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         The operation state is not valid (it must be an active aead encrypt
+ *         operation, with no nonce set), or the library has not been
+ *         previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -2429,18 +2443,17 @@ psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation,
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be active, with no nonce
- *         set).
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         The size of \p nonce is not acceptable for the chosen algorithm.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         The operation state is not valid (it must be active, with no nonce
+ *         set), or the library has not been previously initialized
+ *         by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -2474,19 +2487,18 @@ psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation,
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be active, and
- *         psa_aead_update_ad() and psa_aead_update() must not have been
- *         called yet).
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         At least one of the lengths is not acceptable for the chosen
  *         algorithm.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         The operation state is not valid (it must be active, and
+ *         psa_aead_update_ad() and psa_aead_update() must not have been
+ *         called yet), or the library has not been previously initialized
+ *         by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -2522,20 +2534,19 @@ psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation,
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be active, have a nonce
- *         set, have lengths set if required by the algorithm, and
- *         psa_aead_update() must not have been called yet).
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         The total input length overflows the additional data length that
  *         was previously specified with psa_aead_set_lengths().
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         The operation state is not valid (it must be active, have a nonce
+ *         set, have lengths set if required by the algorithm, and
+ *         psa_aead_update() must not have been called yet), or the library
+ *         has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -2583,37 +2594,43 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation,
  * \param input_length          Size of the \p input buffer in bytes.
  * \param[out] output           Buffer where the output is to be written.
  * \param output_size           Size of the \p output buffer in bytes.
- *                              This must be at least
- *                              #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c alg,
- *                              \p input_length) where \c alg is the
- *                              algorithm that is being calculated.
+ *                              This must be appropriate for the selected
+ *                                algorithm and key:
+ *                                - A sufficient output size is
+ *                                  #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c key_type,
+ *                                  \c alg, \p input_length) where
+ *                                  \c key_type is the type of key and \c alg is
+ *                                  the algorithm that were used to set up the
+ *                                  operation.
+ *                                - #PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE(\p
+ *                                  input_length) evaluates to the maximum
+ *                                  output size of any supported AEAD
+ *                                  algorithm.
  * \param[out] output_length    On success, the number of bytes
  *                              that make up the returned output.
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be active, have a nonce
- *         set, and have lengths set if required by the algorithm).
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \p output buffer is too small.
- *         You can determine a sufficient buffer size by calling
- *         #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c alg, \p input_length)
- *         where \c alg is the algorithm that is being calculated.
+ *         #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c key_type, \c alg, \p input_length) or
+ *         #PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE(\p input_length) can be used to
+ *         determine the required buffer size.
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         The total length of input to psa_aead_update_ad() so far is
  *         less than the additional data length that was previously
- *         specified with psa_aead_set_lengths().
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         The total input length overflows the plaintext length that
+ *         specified with psa_aead_set_lengths(), or
+ *         the total input length overflows the plaintext length that
  *         was previously specified with psa_aead_set_lengths().
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         The operation state is not valid (it must be active, have a nonce
+ *         set, and have lengths set if required by the algorithm), or the
+ *         library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -2636,11 +2653,9 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation,
  * This function has two output buffers:
  * - \p ciphertext contains trailing ciphertext that was buffered from
  *   preceding calls to psa_aead_update().
- * - \p tag contains the authentication tag. Its length is always
- *   #PSA_AEAD_TAG_LENGTH(\c alg) where \c alg is the AEAD algorithm
- *   that the operation performs.
+ * - \p tag contains the authentication tag.
  *
- * When this function returns successfuly, the operation becomes inactive.
+ * When this function returns successfully, the operation becomes inactive.
  * If this function returns an error status, the operation enters an error
  * state and must be aborted by calling psa_aead_abort().
  *
@@ -2648,48 +2663,60 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation,
  * \param[out] ciphertext       Buffer where the last part of the ciphertext
  *                              is to be written.
  * \param ciphertext_size       Size of the \p ciphertext buffer in bytes.
- *                              This must be at least
- *                              #PSA_AEAD_FINISH_OUTPUT_SIZE(\c alg) where
- *                              \c alg is the algorithm that is being
- *                              calculated.
+ *                              This must be appropriate for the selected
+ *                              algorithm and key:
+ *                              - A sufficient output size is
+ *                                #PSA_AEAD_FINISH_OUTPUT_SIZE(\c key_type,
+ *                                \c alg) where \c key_type is the type of key
+ *                                and \c alg is the algorithm that were used to
+ *                                set up the operation.
+ *                              - #PSA_AEAD_FINISH_OUTPUT_MAX_SIZE evaluates to
+ *                                the maximum output size of any supported AEAD
+ *                                algorithm.
  * \param[out] ciphertext_length On success, the number of bytes of
  *                              returned ciphertext.
  * \param[out] tag              Buffer where the authentication tag is
  *                              to be written.
  * \param tag_size              Size of the \p tag buffer in bytes.
- *                              This must be at least
- *                              #PSA_AEAD_TAG_LENGTH(\c alg) where \c alg is
- *                              the algorithm that is being calculated.
+ *                              This must be appropriate for the selected
+ *                              algorithm and key:
+ *                              - The exact tag size is #PSA_AEAD_TAG_LENGTH(\c
+ *                                key_type, \c key_bits, \c alg) where
+ *                                \c key_type and \c key_bits are the type and
+ *                                bit-size of the key, and \c alg is the
+ *                                algorithm that were used in the call to
+ *                                psa_aead_encrypt_setup().
+ *                              - #PSA_AEAD_TAG_MAX_SIZE evaluates to the
+ *                                maximum tag size of any supported AEAD
+ *                                algorithm.
  * \param[out] tag_length       On success, the number of bytes
  *                              that make up the returned tag.
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be an active encryption
- *         operation with a nonce set).
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \p ciphertext or \p tag buffer is too small.
- *         You can determine a sufficient buffer size for \p ciphertext by
- *         calling #PSA_AEAD_FINISH_OUTPUT_SIZE(\c alg)
- *         where \c alg is the algorithm that is being calculated.
- *         You can determine a sufficient buffer size for \p tag by
- *         calling #PSA_AEAD_TAG_LENGTH(\c alg).
+ *         #PSA_AEAD_FINISH_OUTPUT_SIZE(\c key_type, \c alg) or
+ *         #PSA_AEAD_FINISH_OUTPUT_MAX_SIZE can be used to determine the
+ *         required \p ciphertext buffer size. #PSA_AEAD_TAG_LENGTH(\c key_type,
+ *         \c key_bits, \c alg) or #PSA_AEAD_TAG_MAX_SIZE can be used to
+ *         determine the required \p tag buffer size.
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         The total length of input to psa_aead_update_ad() so far is
  *         less than the additional data length that was previously
- *         specified with psa_aead_set_lengths().
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         The total length of input to psa_aead_update() so far is
+ *         specified with psa_aead_set_lengths(), or
+ *         the total length of input to psa_aead_update() so far is
  *         less than the plaintext length that was previously
  *         specified with psa_aead_set_lengths().
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         The operation state is not valid (it must be an active encryption
+ *         operation with a nonce set), or the library has not been previously
+ *         initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -2718,7 +2745,7 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation,
  * plaintext and reports success. If the authentication tag is not correct,
  * this function returns #PSA_ERROR_INVALID_SIGNATURE.
  *
- * When this function returns successfuly, the operation becomes inactive.
+ * When this function returns successfully, the operation becomes inactive.
  * If this function returns an error status, the operation enters an error
  * state and must be aborted by calling psa_aead_abort().
  *
@@ -2733,10 +2760,15 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation,
  *                              that could not be processed until the end
  *                              of the input.
  * \param plaintext_size        Size of the \p plaintext buffer in bytes.
- *                              This must be at least
- *                              #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c alg) where
- *                              \c alg is the algorithm that is being
- *                              calculated.
+ *                              This must be appropriate for the selected algorithm and key:
+ *                              - A sufficient output size is
+ *                                #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c key_type,
+ *                                \c alg) where \c key_type is the type of key
+ *                                and \c alg is the algorithm that were used to
+ *                                set up the operation.
+ *                              - #PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE evaluates to
+ *                                the maximum output size of any supported AEAD
+ *                                algorithm.
  * \param[out] plaintext_length On success, the number of bytes of
  *                              returned plaintext.
  * \param[in] tag               Buffer containing the authentication tag.
@@ -2747,29 +2779,27 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation,
  * \retval #PSA_ERROR_INVALID_SIGNATURE
  *         The calculations were successful, but the authentication tag is
  *         not correct.
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be an active decryption
- *         operation with a nonce set).
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \p plaintext buffer is too small.
- *         You can determine a sufficient buffer size for \p plaintext by
- *         calling #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c alg)
- *         where \c alg is the algorithm that is being calculated.
+ *         #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c key_type, \c alg) or
+ *         #PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE can be used to determine the
+ *         required buffer size.
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         The total length of input to psa_aead_update_ad() so far is
  *         less than the additional data length that was previously
- *         specified with psa_aead_set_lengths().
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         The total length of input to psa_aead_update() so far is
+ *         specified with psa_aead_set_lengths(), or
+ *         the total length of input to psa_aead_update() so far is
  *         less than the plaintext length that was previously
  *         specified with psa_aead_set_lengths().
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         The operation state is not valid (it must be an active decryption
+ *         operation with a nonce set), or the library has not been previously
+ *         initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -2796,10 +2826,10 @@ psa_status_t psa_aead_verify(psa_aead_operation_t *operation,
  *
  * \param[in,out] operation     Initialized AEAD operation.
  *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -2813,19 +2843,139 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation);
  * @{
  */
 
+/**
+ * \brief Sign a message with a private key. For hash-and-sign algorithms,
+ *        this includes the hashing step.
+ *
+ * \note To perform a multi-part hash-and-sign signature algorithm, first use
+ *       a multi-part hash operation and then pass the resulting hash to
+ *       psa_sign_hash(). PSA_ALG_SIGN_GET_HASH(\p alg) can be used to determine the
+ *       hash algorithm to use.
+ *
+ * \param[in]  key              Identifier of the key to use for the operation.
+ *                              It must be an asymmetric key pair. The key must
+ *                              allow the usage #PSA_KEY_USAGE_SIGN_MESSAGE.
+ * \param[in]  alg              An asymmetric signature algorithm (PSA_ALG_XXX
+ *                              value such that #PSA_ALG_IS_SIGN_MESSAGE(\p alg)
+ *                              is true), that is compatible with the type of
+ *                              \p key.
+ * \param[in]  input            The input message to sign.
+ * \param[in]  input_length     Size of the \p input buffer in bytes.
+ * \param[out] signature        Buffer where the signature is to be written.
+ * \param[in]  signature_size   Size of the \p signature buffer in bytes. This
+ *                              must be appropriate for the selected
+ *                              algorithm and key:
+ *                              - The required signature size is
+ *                                #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
+ *                                where \c key_type and \c key_bits are the type and
+ *                                bit-size respectively of key.
+ *                              - #PSA_SIGNATURE_MAX_SIZE evaluates to the
+ *                                maximum signature size of any supported
+ *                                signature algorithm.
+ * \param[out] signature_length On success, the number of bytes that make up
+ *                              the returned signature value.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ *         The key does not have the #PSA_KEY_USAGE_SIGN_MESSAGE flag,
+ *         or it does not permit the requested algorithm.
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \p signature buffer is too small. You can
+ *         determine a sufficient buffer size by calling
+ *         #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
+ *         where \c key_type and \c key_bits are the type and bit-size
+ *         respectively of \p key.
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
+ * \retval #PSA_ERROR_DATA_INVALID \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
+ */
+psa_status_t psa_sign_message(mbedtls_svc_key_id_t key,
+                              psa_algorithm_t alg,
+                              const uint8_t *input,
+                              size_t input_length,
+                              uint8_t *signature,
+                              size_t signature_size,
+                              size_t *signature_length);
+
+/** \brief Verify the signature of a message with a public key, using
+ *         a hash-and-sign verification algorithm.
+ *
+ * \note To perform a multi-part hash-and-sign signature verification
+ *       algorithm, first use a multi-part hash operation to hash the message
+ *       and then pass the resulting hash to psa_verify_hash().
+ *       PSA_ALG_SIGN_GET_HASH(\p alg) can be used to determine the hash algorithm
+ *       to use.
+ *
+ * \param[in]  key              Identifier of the key to use for the operation.
+ *                              It must be a public key or an asymmetric key
+ *                              pair. The key must allow the usage
+ *                              #PSA_KEY_USAGE_VERIFY_MESSAGE.
+ * \param[in]  alg              An asymmetric signature algorithm (PSA_ALG_XXX
+ *                              value such that #PSA_ALG_IS_SIGN_MESSAGE(\p alg)
+ *                              is true), that is compatible with the type of
+ *                              \p key.
+ * \param[in]  input            The message whose signature is to be verified.
+ * \param[in]  input_length     Size of the \p input buffer in bytes.
+ * \param[out] signature        Buffer containing the signature to verify.
+ * \param[in]  signature_length Size of the \p signature buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ *         The key does not have the #PSA_KEY_USAGE_SIGN_MESSAGE flag,
+ *         or it does not permit the requested algorithm.
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
+ *         The calculation was performed successfully, but the passed signature
+ *         is not a valid signature.
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
+ * \retval #PSA_ERROR_DATA_INVALID \emptydescription
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
+ */
+psa_status_t psa_verify_message(mbedtls_svc_key_id_t key,
+                                psa_algorithm_t alg,
+                                const uint8_t *input,
+                                size_t input_length,
+                                const uint8_t *signature,
+                                size_t signature_length);
+
 /**
  * \brief Sign a hash or short message with a private key.
  *
  * Note that to perform a hash-and-sign signature algorithm, you must
  * first calculate the hash by calling psa_hash_setup(), psa_hash_update()
- * and psa_hash_finish(). Then pass the resulting hash as the \p hash
+ * and psa_hash_finish(), or alternatively by calling psa_hash_compute().
+ * Then pass the resulting hash as the \p hash
  * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg)
  * to determine the hash algorithm to use.
  *
  * \param key                   Identifier of the key to use for the operation.
  *                              It must be an asymmetric key pair. The key must
  *                              allow the usage #PSA_KEY_USAGE_SIGN_HASH.
- * \param alg                   A signature algorithm that is compatible with
+ * \param alg                   A signature algorithm (PSA_ALG_XXX
+ *                              value such that #PSA_ALG_IS_SIGN_HASH(\p alg)
+ *                              is true), that is compatible with
  *                              the type of \p key.
  * \param[in] hash              The hash or message to sign.
  * \param hash_length           Size of the \p hash buffer in bytes.
@@ -2834,23 +2984,23 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation);
  * \param[out] signature_length On success, the number of bytes
  *                              that make up the returned signature value.
  *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \p signature buffer is too small. You can
  *         determine a sufficient buffer size by calling
  *         #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
  *         where \c key_type and \c key_bits are the type and bit-size
  *         respectively of \p key.
- * \retval #PSA_ERROR_NOT_SUPPORTED
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -2865,11 +3015,12 @@ psa_status_t psa_sign_hash(mbedtls_svc_key_id_t key,
                            size_t *signature_length);
 
 /**
- * \brief Verify the signature a hash or short message using a public key.
+ * \brief Verify the signature of a hash or short message using a public key.
  *
  * Note that to perform a hash-and-sign signature algorithm, you must
  * first calculate the hash by calling psa_hash_setup(), psa_hash_update()
- * and psa_hash_finish(). Then pass the resulting hash as the \p hash
+ * and psa_hash_finish(), or alternatively by calling psa_hash_compute().
+ * Then pass the resulting hash as the \p hash
  * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg)
  * to determine the hash algorithm to use.
  *
@@ -2877,7 +3028,9 @@ psa_status_t psa_sign_hash(mbedtls_svc_key_id_t key,
  *                          must be a public key or an asymmetric key pair. The
  *                          key must allow the usage
  *                          #PSA_KEY_USAGE_VERIFY_HASH.
- * \param alg               A signature algorithm that is compatible with
+ * \param alg               A signature algorithm (PSA_ALG_XXX
+ *                          value such that #PSA_ALG_IS_SIGN_HASH(\p alg)
+ *                          is true), that is compatible with
  *                          the type of \p key.
  * \param[in] hash          The hash or message whose signature is to be
  *                          verified.
@@ -2887,18 +3040,18 @@ psa_status_t psa_sign_hash(mbedtls_svc_key_id_t key,
  *
  * \retval #PSA_SUCCESS
  *         The signature is valid.
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
  * \retval #PSA_ERROR_INVALID_SIGNATURE
- *         The calculation was perfomed successfully, but the passed
+ *         The calculation was performed successfully, but the passed
  *         signature is not a valid signature.
- * \retval #PSA_ERROR_NOT_SUPPORTED
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -2914,7 +3067,7 @@ psa_status_t psa_verify_hash(mbedtls_svc_key_id_t key,
 /**
  * \brief Encrypt a short message with a public key.
  *
- * \param key                   Identifer of the key to use for the operation.
+ * \param key                   Identifier of the key to use for the operation.
  *                              It must be a public key or an asymmetric key
  *                              pair. It must allow the usage
  *                              #PSA_KEY_USAGE_ENCRYPT.
@@ -2940,23 +3093,23 @@ psa_status_t psa_verify_hash(mbedtls_svc_key_id_t key,
  * \param[out] output_length    On success, the number of bytes
  *                              that make up the returned output.
  *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \p output buffer is too small. You can
  *         determine a sufficient buffer size by calling
  *         #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
  *         where \c key_type and \c key_bits are the type and bit-size
  *         respectively of \p key.
- * \retval #PSA_ERROR_NOT_SUPPORTED
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -3000,24 +3153,24 @@ psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key,
  * \param[out] output_length    On success, the number of bytes
  *                              that make up the returned output.
  *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \p output buffer is too small. You can
  *         determine a sufficient buffer size by calling
  *         #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
  *         where \c key_type and \c key_bits are the type and bit-size
  *         respectively of \p key.
- * \retval #PSA_ERROR_NOT_SUPPORTED
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
- * \retval #PSA_ERROR_INVALID_PADDING
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription
+ * \retval #PSA_ERROR_INVALID_PADDING \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -3079,7 +3232,7 @@ typedef struct psa_key_derivation_s psa_key_derivation_operation_t;
 /* This is an example definition for documentation purposes.
  * Implementations should define a suitable value in `crypto_struct.h`.
  */
-#define PSA_KEY_DERIVATION_OPERATION_INIT {0}
+#define PSA_KEY_DERIVATION_OPERATION_INIT { 0 }
 #endif
 
 /** Return an initial value for a key derivation operation object.
@@ -3133,15 +3286,14 @@ static psa_key_derivation_operation_t psa_key_derivation_operation_init(void);
  *         \c alg is not a key derivation algorithm.
  * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \c alg is not supported or is not a key derivation algorithm.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be inactive).
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (it must be inactive), or
+ *         the library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -3158,14 +3310,13 @@ psa_status_t psa_key_derivation_setup(
  * \param[in] operation     The operation to query.
  * \param[out] capacity     On success, the capacity of the operation.
  *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be active).
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         The operation state is not valid (it must be active), or
+ *         the library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -3183,18 +3334,17 @@ psa_status_t psa_key_derivation_get_capacity(
  *                          It must be less or equal to the operation's
  *                          current capacity.
  *
- * \retval #PSA_SUCCESS
+ * \retval #PSA_SUCCESS \emptydescription
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \p capacity is larger than the operation's current capacity.
  *         In this case, the operation object remains valid and its capacity
  *         remains unchanged.
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid (it must be active).
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         The operation state is not valid (it must be active), or the
+ *         library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -3209,7 +3359,7 @@ psa_status_t psa_key_derivation_set_capacity(
  * The value of the maximum possible capacity depends on the key derivation
  * algorithm.
  */
-#define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ((size_t)(-1))
+#define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ((size_t) (-1))
 
 /** Provide an input for key derivation or key agreement.
  *
@@ -3238,18 +3388,16 @@ psa_status_t psa_key_derivation_set_capacity(
  * \retval #PSA_SUCCESS
  *         Success.
  * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         \c step is not compatible with the operation's algorithm.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         \c step is not compatible with the operation's algorithm, or
  *         \c step does not allow direct inputs.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid for this input \p step.
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid for this input \p step, or
+ *         the library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -3287,22 +3435,20 @@ psa_status_t psa_key_derivation_input_bytes(
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_NOT_PERMITTED
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         \c step is not compatible with the operation's algorithm.
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
  * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         \c step is not compatible with the operation's algorithm, or
  *         \c step does not allow key inputs of the given type
  *         or does not allow key inputs at all.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid for this input \p step.
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid for this input \p step, or
+ *         the library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -3354,25 +3500,23 @@ psa_status_t psa_key_derivation_input_key(
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_BAD_STATE
- *         The operation state is not valid for this key agreement \p step.
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \c private_key is not compatible with \c alg,
  *         or \p peer_key is not valid for \c alg or not compatible with
- *         \c private_key.
+ *         \c private_key, or \c step does not allow an input resulting
+ *         from a key agreement.
  * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \c alg is not supported or is not a key derivation algorithm.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         \c step does not allow an input resulting from a key agreement.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid for this key agreement \p step,
+ *         or the library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -3400,7 +3544,7 @@ psa_status_t psa_key_derivation_key_agreement(
  * \param[out] output       Buffer where the output will be written.
  * \param output_length     Number of bytes to output.
  *
- * \retval #PSA_SUCCESS
+ * \retval #PSA_SUCCESS \emptydescription
  * \retval #PSA_ERROR_INSUFFICIENT_DATA
  *                          The operation's capacity was less than
  *                          \p output_length bytes. Note that in this case,
@@ -3408,16 +3552,15 @@ psa_status_t psa_key_derivation_key_agreement(
  *                          The operation's capacity is set to 0, thus
  *                          subsequent calls to this function will not
  *                          succeed, even with a smaller output buffer.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The operation state is not valid (it must be active and completed
- *         all required input steps).
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         all required input steps), or the library has not been previously
+ *         initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -3443,7 +3586,8 @@ psa_status_t psa_key_derivation_output_bytes(
  * state and must be aborted by calling psa_key_derivation_abort().
  *
  * How much output is produced and consumed from the operation, and how
- * the key is derived, depends on the key type:
+ * the key is derived, depends on the key type and on the key size
+ * (denoted \c bits below):
  *
  * - For key types for which the key is an arbitrary sequence of bytes
  *   of a given size, this function is functionally equivalent to
@@ -3453,11 +3597,12 @@ psa_status_t psa_key_derivation_output_bytes(
  *   if the implementation provides an isolation boundary then
  *   the key material is not exposed outside the isolation boundary.
  *   As a consequence, for these key types, this function always consumes
- *   exactly (\p bits / 8) bytes from the operation.
+ *   exactly (\c bits / 8) bytes from the operation.
  *   The following key types defined in this specification follow this scheme:
  *
  *     - #PSA_KEY_TYPE_AES;
  *     - #PSA_KEY_TYPE_ARC4;
+ *     - #PSA_KEY_TYPE_ARIA;
  *     - #PSA_KEY_TYPE_CAMELLIA;
  *     - #PSA_KEY_TYPE_DERIVE;
  *     - #PSA_KEY_TYPE_HMAC.
@@ -3474,8 +3619,8 @@ psa_status_t psa_key_derivation_output_bytes(
  *       string and process it as specified in RFC 7748 &sect;5.
  *
  * - For key types for which the key is represented by a single sequence of
- *   \p bits bits with constraints as to which bit sequences are acceptable,
- *   this function draws a byte string of length (\p bits / 8) bytes rounded
+ *   \c bits bits with constraints as to which bit sequences are acceptable,
+ *   this function draws a byte string of length (\c bits / 8) bytes rounded
  *   up to the nearest whole number of bytes. If the resulting byte string
  *   is acceptable, it becomes the key, otherwise the drawn bytes are discarded.
  *   This process is repeated until an acceptable byte string is drawn.
@@ -3548,17 +3693,18 @@ psa_status_t psa_key_derivation_output_bytes(
  * \retval #PSA_ERROR_NOT_PERMITTED
  *         The #PSA_KEY_DERIVATION_INPUT_SECRET input was not provided through
  *         a key.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_DATA_INVALID \emptydescription
+ * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The operation state is not valid (it must be active and completed
- *         all required input steps).
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
+ *         all required input steps), or the library has not been previously
+ *         initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
@@ -3581,10 +3727,10 @@ psa_status_t psa_key_derivation_output_key(
  *
  * \param[in,out] operation    The operation to abort.
  *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -3622,11 +3768,10 @@ psa_status_t psa_key_derivation_abort(
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_NOT_PERMITTED
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         \p alg is not a key agreement algorithm
+ * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
  * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         \p alg is not a key agreement algorithm, or
  *         \p private_key is not compatible with \p alg,
  *         or \p peer_key is not valid for \p alg or not compatible with
  *         \p private_key.
@@ -3634,11 +3779,11 @@ psa_status_t psa_key_derivation_abort(
  *         \p output_size is too small
  * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \p alg is not a supported key agreement algorithm.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -3670,13 +3815,13 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg,
  * \param[out] output       Output buffer for the generated data.
  * \param output_size       Number of bytes to generate and output.
  *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_NOT_SUPPORTED
- * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -3713,15 +3858,17 @@ psa_status_t psa_generate_random(uint8_t *output,
  * \retval #PSA_ERROR_ALREADY_EXISTS
  *         This is an attempt to create a persistent key, and there is
  *         already a persistent key with the given identifier.
- * \retval #PSA_ERROR_NOT_SUPPORTED
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription
+ * \retval #PSA_ERROR_DATA_INVALID \emptydescription
+ * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
diff --git a/3rdparty/mbedtls-2.28.7/include/psa/crypto_builtin_composites.h b/3rdparty/mbedtls-2.28.7/include/psa/crypto_builtin_composites.h
new file mode 100644
index 0000000..f51ee1c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/psa/crypto_builtin_composites.h
@@ -0,0 +1,70 @@
+/*
+ *  Context structure declaration of the Mbed TLS software-based PSA drivers
+ *  called through the PSA Crypto driver dispatch layer.
+ *  This file contains the context structures of those algorithms which need to
+ *  rely on other algorithms, i.e. are 'composite' algorithms.
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * \note This header and its content is not part of the Mbed TLS API and
+ * applications must not depend on it. Its main purpose is to define the
+ * multi-part state objects of the Mbed TLS software-based PSA drivers. The
+ * definition of these objects are then used by crypto_struct.h to define the
+ * implementation-defined types of PSA multi-part state objects.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_BUILTIN_COMPOSITES_H
+#define PSA_CRYPTO_BUILTIN_COMPOSITES_H
+
+#include <psa/crypto_driver_common.h>
+
+/*
+ * MAC multi-part operation definitions.
+ */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
+#define MBEDTLS_PSA_BUILTIN_MAC
+#endif
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
+#define MBEDTLS_PSA_BUILTIN_AEAD  1
+#endif
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST)
+typedef struct {
+    /** The HMAC algorithm in use */
+    psa_algorithm_t alg;
+    /** The hash context. */
+    struct psa_hash_operation_s hash_ctx;
+    /** The HMAC part of the context. */
+    uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
+} mbedtls_psa_hmac_operation_t;
+
+#define MBEDTLS_PSA_HMAC_OPERATION_INIT { 0, PSA_HASH_OPERATION_INIT, { 0 } }
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
+
+#include "mbedtls/cmac.h"
+
+typedef struct {
+    psa_algorithm_t alg;
+    union {
+        unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST)
+        mbedtls_psa_hmac_operation_t hmac;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) || defined(PSA_CRYPTO_DRIVER_TEST)
+        mbedtls_cipher_context_t cmac;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
+    } ctx;
+} mbedtls_psa_mac_operation_t;
+
+#define MBEDTLS_PSA_MAC_OPERATION_INIT { 0, { 0 } }
+
+#endif /* PSA_CRYPTO_BUILTIN_COMPOSITES_H */
diff --git a/3rdparty/mbedtls-2.28.7/include/psa/crypto_builtin_primitives.h b/3rdparty/mbedtls-2.28.7/include/psa/crypto_builtin_primitives.h
new file mode 100644
index 0000000..c5f620c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/psa/crypto_builtin_primitives.h
@@ -0,0 +1,111 @@
+/*
+ *  Context structure declaration of the Mbed TLS software-based PSA drivers
+ *  called through the PSA Crypto driver dispatch layer.
+ *  This file contains the context structures of those algorithms which do not
+ *  rely on other algorithms, i.e. are 'primitive' algorithms.
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * \note This header and its content is not part of the Mbed TLS API and
+ * applications must not depend on it. Its main purpose is to define the
+ * multi-part state objects of the Mbed TLS software-based PSA drivers. The
+ * definition of these objects are then used by crypto_struct.h to define the
+ * implementation-defined types of PSA multi-part state objects.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_BUILTIN_PRIMITIVES_H
+#define PSA_CRYPTO_BUILTIN_PRIMITIVES_H
+
+#include <psa/crypto_driver_common.h>
+
+/*
+ * Hash multi-part operation definitions.
+ */
+
+#include "mbedtls/md2.h"
+#include "mbedtls/md4.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/ripemd160.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
+#define MBEDTLS_PSA_BUILTIN_HASH
+#endif
+
+typedef struct {
+    psa_algorithm_t alg;
+    union {
+        unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
+        mbedtls_md2_context md2;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
+        mbedtls_md4_context md4;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
+        mbedtls_md5_context md5;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
+        mbedtls_ripemd160_context ripemd160;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
+        mbedtls_sha1_context sha1;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
+        defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
+        mbedtls_sha256_context sha256;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
+        defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
+        mbedtls_sha512_context sha512;
+#endif
+    } ctx;
+} mbedtls_psa_hash_operation_t;
+
+#define MBEDTLS_PSA_HASH_OPERATION_INIT { 0, { 0 } }
+
+/*
+ * Cipher multi-part operation definitions.
+ */
+
+#include "mbedtls/cipher.h"
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_CTR) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_CFB) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_OFB) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7)
+#define MBEDTLS_PSA_BUILTIN_CIPHER  1
+#endif
+
+typedef struct {
+    /* Context structure for the Mbed TLS cipher implementation. */
+    psa_algorithm_t alg;
+    uint8_t iv_length;
+    uint8_t block_length;
+    union {
+        unsigned int dummy;
+        mbedtls_cipher_context_t cipher;
+    } ctx;
+} mbedtls_psa_cipher_operation_t;
+
+#define MBEDTLS_PSA_CIPHER_OPERATION_INIT { 0, 0, 0, { 0 } }
+
+#endif /* PSA_CRYPTO_BUILTIN_PRIMITIVES_H */
diff --git a/3rdparty/mbedtls-2.28.7/include/psa/crypto_compat.h b/3rdparty/mbedtls-2.28.7/include/psa/crypto_compat.h
new file mode 100644
index 0000000..f014633
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/psa/crypto_compat.h
@@ -0,0 +1,518 @@
+/**
+ * \file psa/crypto_compat.h
+ *
+ * \brief PSA cryptography module: Backward compatibility aliases
+ *
+ * This header declares alternative names for macro and functions.
+ * New application code should not use these names.
+ * These names may be removed in a future version of Mbed TLS.
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_COMPAT_H
+#define PSA_CRYPTO_COMPAT_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * To support both openless APIs and psa_open_key() temporarily, define
+ * psa_key_handle_t to be equal to mbedtls_svc_key_id_t. Do not mark the
+ * type and its utility macros and functions deprecated yet. This will be done
+ * in a subsequent phase.
+ */
+typedef mbedtls_svc_key_id_t psa_key_handle_t;
+
+#define PSA_KEY_HANDLE_INIT MBEDTLS_SVC_KEY_ID_INIT
+
+/** Check whether a handle is null.
+ *
+ * \param handle  Handle
+ *
+ * \return Non-zero if the handle is null, zero otherwise.
+ */
+static inline int psa_key_handle_is_null(psa_key_handle_t handle)
+{
+    return mbedtls_svc_key_id_is_null(handle);
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+
+/*
+ * Mechanism for declaring deprecated values
+ */
+#if defined(MBEDTLS_DEPRECATED_WARNING) && !defined(MBEDTLS_PSA_DEPRECATED)
+#define MBEDTLS_PSA_DEPRECATED __attribute__((deprecated))
+#else
+#define MBEDTLS_PSA_DEPRECATED
+#endif
+
+typedef MBEDTLS_PSA_DEPRECATED size_t mbedtls_deprecated_size_t;
+typedef MBEDTLS_PSA_DEPRECATED psa_status_t mbedtls_deprecated_psa_status_t;
+typedef MBEDTLS_PSA_DEPRECATED psa_key_usage_t mbedtls_deprecated_psa_key_usage_t;
+typedef MBEDTLS_PSA_DEPRECATED psa_ecc_family_t mbedtls_deprecated_psa_ecc_family_t;
+typedef MBEDTLS_PSA_DEPRECATED psa_dh_family_t mbedtls_deprecated_psa_dh_family_t;
+typedef MBEDTLS_PSA_DEPRECATED psa_ecc_family_t psa_ecc_curve_t;
+typedef MBEDTLS_PSA_DEPRECATED psa_dh_family_t psa_dh_group_t;
+typedef MBEDTLS_PSA_DEPRECATED psa_algorithm_t mbedtls_deprecated_psa_algorithm_t;
+
+#define PSA_KEY_TYPE_GET_CURVE PSA_KEY_TYPE_ECC_GET_FAMILY
+#define PSA_KEY_TYPE_GET_GROUP PSA_KEY_TYPE_DH_GET_FAMILY
+
+#define MBEDTLS_DEPRECATED_CONSTANT(type, value)      \
+    ((mbedtls_deprecated_##type) (value))
+
+/*
+ * Deprecated PSA Crypto error code definitions (PSA Crypto API  <= 1.0 beta2)
+ */
+#define PSA_ERROR_UNKNOWN_ERROR \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_status_t, PSA_ERROR_GENERIC_ERROR)
+#define PSA_ERROR_OCCUPIED_SLOT \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_status_t, PSA_ERROR_ALREADY_EXISTS)
+#define PSA_ERROR_EMPTY_SLOT \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_status_t, PSA_ERROR_DOES_NOT_EXIST)
+#define PSA_ERROR_INSUFFICIENT_CAPACITY \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_status_t, PSA_ERROR_INSUFFICIENT_DATA)
+#define PSA_ERROR_TAMPERING_DETECTED \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_status_t, PSA_ERROR_CORRUPTION_DETECTED)
+
+/*
+ * Deprecated PSA Crypto numerical encodings (PSA Crypto API  <= 1.0 beta3)
+ */
+#define PSA_KEY_USAGE_SIGN \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_key_usage_t, PSA_KEY_USAGE_SIGN_HASH)
+#define PSA_KEY_USAGE_VERIFY \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_key_usage_t, PSA_KEY_USAGE_VERIFY_HASH)
+
+/*
+ * Deprecated PSA Crypto size calculation macros (PSA Crypto API  <= 1.0 beta3)
+ */
+#define PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE \
+    MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_SIGNATURE_MAX_SIZE)
+#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \
+    MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg))
+#define PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits) \
+    MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits))
+#define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \
+    MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_BLOCK_CIPHER_BLOCK_LENGTH(type))
+#define PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE \
+    MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE)
+#define PSA_HASH_SIZE(alg) \
+    MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_HASH_LENGTH(alg))
+#define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \
+    MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_MAC_LENGTH(key_type, key_bits, alg))
+#define PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN \
+    MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE)
+
+/*
+ * Deprecated PSA Crypto function names (PSA Crypto API  <= 1.0 beta3)
+ */
+MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_sign(psa_key_handle_t key,
+                                                                      psa_algorithm_t alg,
+                                                                      const uint8_t *hash,
+                                                                      size_t hash_length,
+                                                                      uint8_t *signature,
+                                                                      size_t signature_size,
+                                                                      size_t *signature_length)
+{
+    return psa_sign_hash(key, alg, hash, hash_length, signature, signature_size, signature_length);
+}
+
+MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify(psa_key_handle_t key,
+                                                                        psa_algorithm_t alg,
+                                                                        const uint8_t *hash,
+                                                                        size_t hash_length,
+                                                                        const uint8_t *signature,
+                                                                        size_t signature_length)
+{
+    return psa_verify_hash(key, alg, hash, hash_length, signature, signature_length);
+}
+
+/*
+ * Size-specific elliptic curve families.
+ */
+#define PSA_ECC_CURVE_SECP160K1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1)
+#define PSA_ECC_CURVE_SECP192K1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1)
+#define PSA_ECC_CURVE_SECP224K1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1)
+#define PSA_ECC_CURVE_SECP256K1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1)
+#define PSA_ECC_CURVE_SECP160R1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1)
+#define PSA_ECC_CURVE_SECP192R1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1)
+#define PSA_ECC_CURVE_SECP224R1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1)
+#define PSA_ECC_CURVE_SECP256R1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1)
+#define PSA_ECC_CURVE_SECP384R1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1)
+#define PSA_ECC_CURVE_SECP521R1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1)
+#define PSA_ECC_CURVE_SECP160R2 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R2)
+#define PSA_ECC_CURVE_SECT163K1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1)
+#define PSA_ECC_CURVE_SECT233K1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1)
+#define PSA_ECC_CURVE_SECT239K1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1)
+#define PSA_ECC_CURVE_SECT283K1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1)
+#define PSA_ECC_CURVE_SECT409K1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1)
+#define PSA_ECC_CURVE_SECT571K1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1)
+#define PSA_ECC_CURVE_SECT163R1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1)
+#define PSA_ECC_CURVE_SECT193R1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1)
+#define PSA_ECC_CURVE_SECT233R1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1)
+#define PSA_ECC_CURVE_SECT283R1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1)
+#define PSA_ECC_CURVE_SECT409R1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1)
+#define PSA_ECC_CURVE_SECT571R1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1)
+#define PSA_ECC_CURVE_SECT163R2 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2)
+#define PSA_ECC_CURVE_SECT193R2 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2)
+#define PSA_ECC_CURVE_BRAINPOOL_P256R1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1)
+#define PSA_ECC_CURVE_BRAINPOOL_P384R1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1)
+#define PSA_ECC_CURVE_BRAINPOOL_P512R1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1)
+#define PSA_ECC_CURVE_CURVE25519 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY)
+#define PSA_ECC_CURVE_CURVE448 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY)
+
+/*
+ * Curves that changed name due to PSA specification.
+ */
+#define PSA_ECC_CURVE_SECP_K1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1)
+#define PSA_ECC_CURVE_SECP_R1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1)
+#define PSA_ECC_CURVE_SECP_R2 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R2)
+#define PSA_ECC_CURVE_SECT_K1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1)
+#define PSA_ECC_CURVE_SECT_R1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1)
+#define PSA_ECC_CURVE_SECT_R2 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2)
+#define PSA_ECC_CURVE_BRAINPOOL_P_R1 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1)
+#define PSA_ECC_CURVE_MONTGOMERY \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY)
+
+/*
+ * Finite-field Diffie-Hellman families.
+ */
+#define PSA_DH_GROUP_FFDHE2048 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919)
+#define PSA_DH_GROUP_FFDHE3072 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919)
+#define PSA_DH_GROUP_FFDHE4096 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919)
+#define PSA_DH_GROUP_FFDHE6144 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919)
+#define PSA_DH_GROUP_FFDHE8192 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919)
+
+/*
+ * Diffie-Hellman families that changed name due to PSA specification.
+ */
+#define PSA_DH_GROUP_RFC7919 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919)
+#define PSA_DH_GROUP_CUSTOM \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_CUSTOM)
+
+/*
+ * Deprecated PSA Crypto stream cipher algorithms (PSA Crypto API  <= 1.0 beta3)
+ */
+#define PSA_ALG_ARC4 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_algorithm_t, PSA_ALG_STREAM_CIPHER)
+#define PSA_ALG_CHACHA20 \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_algorithm_t, PSA_ALG_STREAM_CIPHER)
+
+/*
+ * Renamed AEAD tag length macros (PSA Crypto API  <= 1.0 beta3)
+ */
+#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(aead_alg) \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_algorithm_t, PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(aead_alg))
+#define PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, tag_length) \
+    MBEDTLS_DEPRECATED_CONSTANT(psa_algorithm_t, \
+                                PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, tag_length))
+
+/*
+ * Deprecated PSA AEAD output size macros (PSA Crypto API  <= 1.0 beta3)
+ */
+
+/** The tag size for an AEAD algorithm, in bytes.
+ *
+ * \param alg                 An AEAD algorithm
+ *                            (\c PSA_ALG_XXX value such that
+ *                            #PSA_ALG_IS_AEAD(\p alg) is true).
+ *
+ * \return                    The tag size for the specified algorithm.
+ *                            If the AEAD algorithm does not have an identified
+ *                            tag that can be distinguished from the rest of
+ *                            the ciphertext, return 0.
+ *                            If the AEAD algorithm is not recognized, return 0.
+ */
+#define PSA_AEAD_TAG_LENGTH_1_ARG(alg)     \
+    MBEDTLS_DEPRECATED_CONSTANT(size_t,     \
+                                PSA_ALG_IS_AEAD(alg) ?             \
+                                PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \
+                                0)
+
+/** The maximum size of the output of psa_aead_encrypt(), in bytes.
+ *
+ * If the size of the ciphertext buffer is at least this large, it is
+ * guaranteed that psa_aead_encrypt() will not fail due to an
+ * insufficient buffer size. Depending on the algorithm, the actual size of
+ * the ciphertext may be smaller.
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * \param alg                 An AEAD algorithm
+ *                            (\c PSA_ALG_XXX value such that
+ *                            #PSA_ALG_IS_AEAD(\p alg) is true).
+ * \param plaintext_length    Size of the plaintext in bytes.
+ *
+ * \return                    The AEAD ciphertext size for the specified
+ *                            algorithm.
+ *                            If the AEAD algorithm is not recognized, return 0.
+ */
+#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE_2_ARG(alg, plaintext_length) \
+    MBEDTLS_DEPRECATED_CONSTANT(size_t,                            \
+                                PSA_ALG_IS_AEAD(alg) ?                                    \
+                                (plaintext_length) + PSA_ALG_AEAD_GET_TAG_LENGTH(alg) :   \
+                                0)
+
+/** The maximum size of the output of psa_aead_decrypt(), in bytes.
+ *
+ * If the size of the plaintext buffer is at least this large, it is
+ * guaranteed that psa_aead_decrypt() will not fail due to an
+ * insufficient buffer size. Depending on the algorithm, the actual size of
+ * the plaintext may be smaller.
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * \param alg                 An AEAD algorithm
+ *                            (\c PSA_ALG_XXX value such that
+ *                            #PSA_ALG_IS_AEAD(\p alg) is true).
+ * \param ciphertext_length   Size of the plaintext in bytes.
+ *
+ * \return                    The AEAD ciphertext size for the specified
+ *                            algorithm.
+ *                            If the AEAD algorithm is not recognized, return 0.
+ */
+#define PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG(alg, ciphertext_length)   \
+    MBEDTLS_DEPRECATED_CONSTANT(size_t,                               \
+                                PSA_ALG_IS_AEAD(alg) &&                                      \
+                                (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH(alg) ? \
+                                (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \
+                                0)
+
+/** A sufficient output buffer size for psa_aead_update().
+ *
+ * If the size of the output buffer is at least this large, it is
+ * guaranteed that psa_aead_update() will not fail due to an
+ * insufficient buffer size. The actual size of the output may be smaller
+ * in any given call.
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * \param alg                 An AEAD algorithm
+ *                            (\c PSA_ALG_XXX value such that
+ *                            #PSA_ALG_IS_AEAD(\p alg) is true).
+ * \param input_length        Size of the input in bytes.
+ *
+ * \return                    A sufficient output buffer size for the specified
+ *                            algorithm.
+ *                            If the AEAD algorithm is not recognized, return 0.
+ */
+/* For all the AEAD modes defined in this specification, it is possible
+ * to emit output without delay. However, hardware may not always be
+ * capable of this. So for modes based on a block cipher, allow the
+ * implementation to delay the output until it has a full block. */
+#define PSA_AEAD_UPDATE_OUTPUT_SIZE_2_ARG(alg, input_length)                        \
+    MBEDTLS_DEPRECATED_CONSTANT(size_t,                                              \
+                                PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ?                                      \
+                                PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, \
+                                                         (input_length)) : \
+                                (input_length))
+
+/** A sufficient ciphertext buffer size for psa_aead_finish().
+ *
+ * If the size of the ciphertext buffer is at least this large, it is
+ * guaranteed that psa_aead_finish() will not fail due to an
+ * insufficient ciphertext buffer size. The actual size of the output may
+ * be smaller in any given call.
+ *
+ * \param alg                 An AEAD algorithm
+ *                            (\c PSA_ALG_XXX value such that
+ *                            #PSA_ALG_IS_AEAD(\p alg) is true).
+ *
+ * \return                    A sufficient ciphertext buffer size for the
+ *                            specified algorithm.
+ *                            If the AEAD algorithm is not recognized, return 0.
+ */
+#define PSA_AEAD_FINISH_OUTPUT_SIZE_1_ARG(alg)                        \
+    MBEDTLS_DEPRECATED_CONSTANT(size_t,                                \
+                                PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ?                        \
+                                PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE :                               \
+                                0)
+
+/** A sufficient plaintext buffer size for psa_aead_verify().
+ *
+ * If the size of the plaintext buffer is at least this large, it is
+ * guaranteed that psa_aead_verify() will not fail due to an
+ * insufficient plaintext buffer size. The actual size of the output may
+ * be smaller in any given call.
+ *
+ * \param alg                 An AEAD algorithm
+ *                            (\c PSA_ALG_XXX value such that
+ *                            #PSA_ALG_IS_AEAD(\p alg) is true).
+ *
+ * \return                    A sufficient plaintext buffer size for the
+ *                            specified algorithm.
+ *                            If the AEAD algorithm is not recognized, return 0.
+ */
+#define PSA_AEAD_VERIFY_OUTPUT_SIZE_1_ARG(alg)                        \
+    MBEDTLS_DEPRECATED_CONSTANT(size_t,                                \
+                                PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ?                        \
+                                PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE :                               \
+                                0)
+
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
+
+/** Open a handle to an existing persistent key.
+ *
+ * Open a handle to a persistent key. A key is persistent if it was created
+ * with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE. A persistent key
+ * always has a nonzero key identifier, set with psa_set_key_id() when
+ * creating the key. Implementations may provide additional pre-provisioned
+ * keys that can be opened with psa_open_key(). Such keys have an application
+ * key identifier in the vendor range, as documented in the description of
+ * #psa_key_id_t.
+ *
+ * The application must eventually close the handle with psa_close_key() or
+ * psa_destroy_key() to release associated resources. If the application dies
+ * without calling one of these functions, the implementation should perform
+ * the equivalent of a call to psa_close_key().
+ *
+ * Some implementations permit an application to open the same key multiple
+ * times. If this is successful, each call to psa_open_key() will return a
+ * different key handle.
+ *
+ * \note This API is not part of the PSA Cryptography API Release 1.0.0
+ * specification. It was defined in the 1.0 Beta 3 version of the
+ * specification but was removed in the 1.0.0 released version. This API is
+ * kept for the time being to not break applications relying on it. It is not
+ * deprecated yet but will be in the near future.
+ *
+ * \note Applications that rely on opening a key multiple times will not be
+ * portable to implementations that only permit a single key handle to be
+ * opened. See also :ref:\`key-handles\`.
+ *
+ *
+ * \param key           The persistent identifier of the key.
+ * \param[out] handle   On success, a handle to the key.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success. The application can now use the value of `*handle`
+ *         to access the key.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ *         The implementation does not have sufficient resources to open the
+ *         key. This can be due to reaching an implementation limit on the
+ *         number of open keys, the number of open key handles, or available
+ *         memory.
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ *         There is no persistent key with key identifier \p key.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         \p key is not a valid persistent key identifier.
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ *         The specified key exists, but the application does not have the
+ *         permission to access it. Note that this specification does not
+ *         define any way to create such a key, but it may be possible
+ *         through implementation-specific means.
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_DATA_INVALID \emptydescription
+ * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
+ */
+psa_status_t psa_open_key(mbedtls_svc_key_id_t key,
+                          psa_key_handle_t *handle);
+
+/** Close a key handle.
+ *
+ * If the handle designates a volatile key, this will destroy the key material
+ * and free all associated resources, just like psa_destroy_key().
+ *
+ * If this is the last open handle to a persistent key, then closing the handle
+ * will free all resources associated with the key in volatile memory. The key
+ * data in persistent storage is not affected and can be opened again later
+ * with a call to psa_open_key().
+ *
+ * Closing the key handle makes the handle invalid, and the key handle
+ * must not be used again by the application.
+ *
+ * \note This API is not part of the PSA Cryptography API Release 1.0.0
+ * specification. It was defined in the 1.0 Beta 3 version of the
+ * specification but was removed in the 1.0.0 released version. This API is
+ * kept for the time being to not break applications relying on it. It is not
+ * deprecated yet but will be in the near future.
+ *
+ * \note If the key handle was used to set up an active
+ * :ref:\`multipart operation <multipart-operations>\`, then closing the
+ * key handle can cause the multipart operation to fail. Applications should
+ * maintain the key handle until after the multipart operation has finished.
+ *
+ * \param handle        The key handle to close.
+ *                      If this is \c 0, do nothing and return \c PSA_SUCCESS.
+ *
+ * \retval #PSA_SUCCESS
+ *         \p handle was a valid handle or \c 0. It is now closed.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ *         \p handle is not a valid handle nor \c 0.
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
+ */
+psa_status_t psa_close_key(psa_key_handle_t handle);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* PSA_CRYPTO_COMPAT_H */
diff --git a/3rdparty/mbedtls-2.28.7/include/psa/crypto_config.h b/3rdparty/mbedtls-2.28.7/include/psa/crypto_config.h
new file mode 100644
index 0000000..167ced5
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/psa/crypto_config.h
@@ -0,0 +1,118 @@
+/**
+ * \file psa/crypto_config.h
+ * \brief PSA crypto configuration options (set of defines)
+ *
+ */
+#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
+/**
+ * When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled in config.h,
+ * this file determines which cryptographic mechanisms are enabled
+ * through the PSA Cryptography API (\c psa_xxx() functions).
+ *
+ * To enable a cryptographic mechanism, uncomment the definition of
+ * the corresponding \c PSA_WANT_xxx preprocessor symbol.
+ * To disable a cryptographic mechanism, comment out the definition of
+ * the corresponding \c PSA_WANT_xxx preprocessor symbol.
+ * The names of cryptographic mechanisms correspond to values
+ * defined in psa/crypto_values.h, with the prefix \c PSA_WANT_ instead
+ * of \c PSA_.
+ *
+ * Note that many cryptographic mechanisms involve two symbols: one for
+ * the key type (\c PSA_WANT_KEY_TYPE_xxx) and one for the algorithm
+ * (\c PSA_WANT_ALG_xxx). Mechanisms with additional parameters may involve
+ * additional symbols.
+ */
+#else
+/**
+ * When \c MBEDTLS_PSA_CRYPTO_CONFIG is disabled in config.h,
+ * this file is not used, and cryptographic mechanisms are supported
+ * through the PSA API if and only if they are supported through the
+ * mbedtls_xxx API.
+ */
+#endif
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_CONFIG_H
+#define PSA_CRYPTO_CONFIG_H
+
+/*
+ * CBC-MAC is not yet supported via the PSA API in Mbed TLS.
+ */
+//#define PSA_WANT_ALG_CBC_MAC                    1
+#define PSA_WANT_ALG_CBC_NO_PADDING             1
+#define PSA_WANT_ALG_CBC_PKCS7                  1
+#define PSA_WANT_ALG_CCM                        1
+#define PSA_WANT_ALG_CMAC                       1
+#define PSA_WANT_ALG_CFB                        1
+#define PSA_WANT_ALG_CHACHA20_POLY1305          1
+#define PSA_WANT_ALG_CTR                        1
+#define PSA_WANT_ALG_DETERMINISTIC_ECDSA        1
+#define PSA_WANT_ALG_ECB_NO_PADDING             1
+#define PSA_WANT_ALG_ECDH                       1
+#define PSA_WANT_ALG_ECDSA                      1
+#define PSA_WANT_ALG_GCM                        1
+#define PSA_WANT_ALG_HKDF                       1
+#define PSA_WANT_ALG_HMAC                       1
+#define PSA_WANT_ALG_MD2                        1
+#define PSA_WANT_ALG_MD4                        1
+#define PSA_WANT_ALG_MD5                        1
+#define PSA_WANT_ALG_OFB                        1
+#define PSA_WANT_ALG_RIPEMD160                  1
+#define PSA_WANT_ALG_RSA_OAEP                   1
+#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT         1
+#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN          1
+#define PSA_WANT_ALG_RSA_PSS                    1
+#define PSA_WANT_ALG_SHA_1                      1
+#define PSA_WANT_ALG_SHA_224                    1
+#define PSA_WANT_ALG_SHA_256                    1
+#define PSA_WANT_ALG_SHA_384                    1
+#define PSA_WANT_ALG_SHA_512                    1
+#define PSA_WANT_ALG_STREAM_CIPHER              1
+#define PSA_WANT_ALG_TLS12_PRF                  1
+#define PSA_WANT_ALG_TLS12_PSK_TO_MS            1
+/* PBKDF2-HMAC is not yet supported via the PSA API in Mbed TLS.
+ * Note: when adding support, also adjust include/mbedtls/config_psa.h */
+//#define PSA_WANT_ALG_XTS                        1
+
+#define PSA_WANT_ECC_BRAINPOOL_P_R1_256         1
+#define PSA_WANT_ECC_BRAINPOOL_P_R1_384         1
+#define PSA_WANT_ECC_BRAINPOOL_P_R1_512         1
+#define PSA_WANT_ECC_MONTGOMERY_255             1
+/*
+ * Curve448 is not yet supported via the PSA API in Mbed TLS
+ * (https://github.com/Mbed-TLS/mbedtls/issues/4249). Thus, do not enable it by
+ * default.
+ */
+//#define PSA_WANT_ECC_MONTGOMERY_448             1
+#define PSA_WANT_ECC_SECP_K1_192                1
+/*
+ * SECP224K1 is buggy via the PSA API in Mbed TLS
+ * (https://github.com/Mbed-TLS/mbedtls/issues/3541). Thus, do not enable it by
+ * default.
+ */
+//#define PSA_WANT_ECC_SECP_K1_224                1
+#define PSA_WANT_ECC_SECP_K1_256                1
+#define PSA_WANT_ECC_SECP_R1_192                1
+#define PSA_WANT_ECC_SECP_R1_224                1
+#define PSA_WANT_ECC_SECP_R1_256                1
+#define PSA_WANT_ECC_SECP_R1_384                1
+#define PSA_WANT_ECC_SECP_R1_521                1
+
+#define PSA_WANT_KEY_TYPE_DERIVE                1
+#define PSA_WANT_KEY_TYPE_HMAC                  1
+#define PSA_WANT_KEY_TYPE_AES                   1
+#define PSA_WANT_KEY_TYPE_ARC4                  1
+#define PSA_WANT_KEY_TYPE_ARIA                  1
+#define PSA_WANT_KEY_TYPE_CAMELLIA              1
+#define PSA_WANT_KEY_TYPE_CHACHA20              1
+#define PSA_WANT_KEY_TYPE_DES                   1
+#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR          1
+#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY        1
+#define PSA_WANT_KEY_TYPE_RAW_DATA              1
+#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR          1
+#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY        1
+
+#endif /* PSA_CRYPTO_CONFIG_H */
diff --git a/3rdparty/mbedtls-2.28.7/include/psa/crypto_driver_common.h b/3rdparty/mbedtls-2.28.7/include/psa/crypto_driver_common.h
new file mode 100644
index 0000000..cc11d3b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/psa/crypto_driver_common.h
@@ -0,0 +1,44 @@
+/**
+ * \file psa/crypto_driver_common.h
+ * \brief Definitions for all PSA crypto drivers
+ *
+ * This file contains common definitions shared by all PSA crypto drivers.
+ * Do not include it directly: instead, include the header file(s) for
+ * the type(s) of driver that you are implementing. For example, if
+ * you are writing a dynamically registered driver for a secure element,
+ * include `psa/crypto_se_driver.h`.
+ *
+ * This file is part of the PSA Crypto Driver Model, containing functions for
+ * driver developers to implement to enable hardware to be called in a
+ * standardized way by a PSA Cryptographic API implementation. The functions
+ * comprising the driver model, which driver authors implement, are not
+ * intended to be called by application developers.
+ */
+
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef PSA_CRYPTO_DRIVER_COMMON_H
+#define PSA_CRYPTO_DRIVER_COMMON_H
+
+#include <stddef.h>
+#include <stdint.h>
+
+/* Include type definitions (psa_status_t, psa_algorithm_t,
+ * psa_key_type_t, etc.) and macros to build and analyze values
+ * of these types. */
+#include "crypto_types.h"
+#include "crypto_values.h"
+/* Include size definitions which are used to size some arrays in operation
+ * structures. */
+#include <psa/crypto_sizes.h>
+
+/** For encrypt-decrypt functions, whether the operation is an encryption
+ * or a decryption. */
+typedef enum {
+    PSA_CRYPTO_DRIVER_DECRYPT,
+    PSA_CRYPTO_DRIVER_ENCRYPT
+} psa_encrypt_or_decrypt_t;
+
+#endif /* PSA_CRYPTO_DRIVER_COMMON_H */
diff --git a/3rdparty/mbedtls-2.28.7/include/psa/crypto_driver_contexts_composites.h b/3rdparty/mbedtls-2.28.7/include/psa/crypto_driver_contexts_composites.h
new file mode 100644
index 0000000..1e37682
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/psa/crypto_driver_contexts_composites.h
@@ -0,0 +1,81 @@
+/*
+ *  Declaration of context structures for use with the PSA driver wrapper
+ *  interface. This file contains the context structures for 'composite'
+ *  operations, i.e. those operations which need to make use of other operations
+ *  from the primitives (crypto_driver_contexts_primitives.h)
+ *
+ *  Warning: This file will be auto-generated in the future.
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * \note This header and its content is not part of the Mbed TLS API and
+ * applications must not depend on it. Its main purpose is to define the
+ * multi-part state objects of the PSA drivers included in the cryptographic
+ * library. The definition of these objects are then used by crypto_struct.h
+ * to define the implementation-defined types of PSA multi-part state objects.
+ */
+/*  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_DRIVER_CONTEXTS_COMPOSITES_H
+#define PSA_CRYPTO_DRIVER_CONTEXTS_COMPOSITES_H
+
+#include "psa/crypto_driver_common.h"
+
+/* Include the context structure definitions for the Mbed TLS software drivers */
+#include "psa/crypto_builtin_composites.h"
+
+/* Include the context structure definitions for those drivers that were
+ * declared during the autogeneration process. */
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include <libtestdriver1/include/psa/crypto.h>
+#endif
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+    defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
+typedef libtestdriver1_mbedtls_psa_mac_operation_t
+    mbedtls_transparent_test_driver_mac_operation_t;
+typedef libtestdriver1_mbedtls_psa_mac_operation_t
+    mbedtls_opaque_test_driver_mac_operation_t;
+
+#define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT \
+    LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT
+#define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT \
+    LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT
+
+#else
+typedef mbedtls_psa_mac_operation_t
+    mbedtls_transparent_test_driver_mac_operation_t;
+typedef mbedtls_psa_mac_operation_t
+    mbedtls_opaque_test_driver_mac_operation_t;
+
+#define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT \
+    MBEDTLS_PSA_MAC_OPERATION_INIT
+#define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT \
+    MBEDTLS_PSA_MAC_OPERATION_INIT
+
+#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 */
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
+/* Define the context to be used for an operation that is executed through the
+ * PSA Driver wrapper layer as the union of all possible driver's contexts.
+ *
+ * The union members are the driver's context structures, and the member names
+ * are formatted as `'drivername'_ctx`. This allows for procedural generation
+ * of both this file and the content of psa_crypto_driver_wrappers.c */
+
+typedef union {
+    unsigned dummy; /* Make sure this union is always non-empty */
+    mbedtls_psa_mac_operation_t mbedtls_ctx;
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+    mbedtls_transparent_test_driver_mac_operation_t transparent_test_driver_ctx;
+    mbedtls_opaque_test_driver_mac_operation_t opaque_test_driver_ctx;
+#endif
+} psa_driver_mac_context_t;
+
+#endif /* PSA_CRYPTO_DRIVER_CONTEXTS_COMPOSITES_H */
+/* End of automatically generated file. */
diff --git a/3rdparty/mbedtls-2.28.7/include/psa/crypto_driver_contexts_primitives.h b/3rdparty/mbedtls-2.28.7/include/psa/crypto_driver_contexts_primitives.h
new file mode 100644
index 0000000..9a6db01
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/psa/crypto_driver_contexts_primitives.h
@@ -0,0 +1,105 @@
+/*
+ *  Declaration of context structures for use with the PSA driver wrapper
+ *  interface. This file contains the context structures for 'primitive'
+ *  operations, i.e. those operations which do not rely on other contexts.
+ *
+ *  Warning: This file will be auto-generated in the future.
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * \note This header and its content is not part of the Mbed TLS API and
+ * applications must not depend on it. Its main purpose is to define the
+ * multi-part state objects of the PSA drivers included in the cryptographic
+ * library. The definition of these objects are then used by crypto_struct.h
+ * to define the implementation-defined types of PSA multi-part state objects.
+ */
+/*  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_DRIVER_CONTEXTS_PRIMITIVES_H
+#define PSA_CRYPTO_DRIVER_CONTEXTS_PRIMITIVES_H
+
+#include "psa/crypto_driver_common.h"
+
+/* Include the context structure definitions for the Mbed TLS software drivers */
+#include "psa/crypto_builtin_primitives.h"
+
+/* Include the context structure definitions for those drivers that were
+ * declared during the autogeneration process. */
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include <libtestdriver1/include/psa/crypto.h>
+#endif
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+    defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+typedef libtestdriver1_mbedtls_psa_cipher_operation_t
+    mbedtls_transparent_test_driver_cipher_operation_t;
+
+#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \
+    LIBTESTDRIVER1_MBEDTLS_PSA_CIPHER_OPERATION_INIT
+#else
+typedef mbedtls_psa_cipher_operation_t
+    mbedtls_transparent_test_driver_cipher_operation_t;
+
+#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \
+    MBEDTLS_PSA_CIPHER_OPERATION_INIT
+#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 &&
+          LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER */
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+    defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
+typedef libtestdriver1_mbedtls_psa_hash_operation_t
+    mbedtls_transparent_test_driver_hash_operation_t;
+
+#define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT \
+    LIBTESTDRIVER1_MBEDTLS_PSA_HASH_OPERATION_INIT
+#else
+typedef mbedtls_psa_hash_operation_t
+    mbedtls_transparent_test_driver_hash_operation_t;
+
+#define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT \
+    MBEDTLS_PSA_HASH_OPERATION_INIT
+#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 &&
+          LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH */
+
+typedef struct {
+    unsigned int initialised : 1;
+    mbedtls_transparent_test_driver_cipher_operation_t ctx;
+} mbedtls_opaque_test_driver_cipher_operation_t;
+
+#define MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT \
+    { 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT }
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
+/* Define the context to be used for an operation that is executed through the
+ * PSA Driver wrapper layer as the union of all possible driver's contexts.
+ *
+ * The union members are the driver's context structures, and the member names
+ * are formatted as `'drivername'_ctx`. This allows for procedural generation
+ * of both this file and the content of psa_crypto_driver_wrappers.c */
+
+typedef union {
+    unsigned dummy; /* Make sure this union is always non-empty */
+    mbedtls_psa_hash_operation_t mbedtls_ctx;
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+    mbedtls_transparent_test_driver_hash_operation_t test_driver_ctx;
+#endif
+} psa_driver_hash_context_t;
+
+typedef union {
+    unsigned dummy; /* Make sure this union is always non-empty */
+    mbedtls_psa_cipher_operation_t mbedtls_ctx;
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+    mbedtls_transparent_test_driver_cipher_operation_t transparent_test_driver_ctx;
+    mbedtls_opaque_test_driver_cipher_operation_t opaque_test_driver_ctx;
+#endif
+} psa_driver_cipher_context_t;
+
+#endif /* PSA_CRYPTO_DRIVER_CONTEXTS_PRIMITIVES_H */
+/* End of automatically generated file. */
diff --git a/3rdparty/mbedtls-2.28.7/include/psa/crypto_extra.h b/3rdparty/mbedtls-2.28.7/include/psa/crypto_extra.h
new file mode 100644
index 0000000..a1b2af7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/psa/crypto_extra.h
@@ -0,0 +1,802 @@
+/**
+ * \file psa/crypto_extra.h
+ *
+ * \brief PSA cryptography module: Mbed TLS vendor extensions
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * This file is reserved for vendor-specific definitions.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_EXTRA_H
+#define PSA_CRYPTO_EXTRA_H
+
+#include "mbedtls/platform_util.h"
+
+#include "crypto_types.h"
+#include "crypto_compat.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* UID for secure storage seed */
+#define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52
+
+/* See config.h for definition */
+#if !defined(MBEDTLS_PSA_KEY_SLOT_COUNT)
+#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
+#endif
+
+/** \addtogroup attributes
+ * @{
+ */
+
+/** \brief Declare the enrollment algorithm for a key.
+ *
+ * An operation on a key may indifferently use the algorithm set with
+ * psa_set_key_algorithm() or with this function.
+ *
+ * \param[out] attributes       The attribute structure to write to.
+ * \param alg2                  A second algorithm that the key may be used
+ *                              for, in addition to the algorithm set with
+ *                              psa_set_key_algorithm().
+ *
+ * \warning Setting an enrollment algorithm is not recommended, because
+ *          using the same key with different algorithms can allow some
+ *          attacks based on arithmetic relations between different
+ *          computations made with the same key, or can escalate harmless
+ *          side channels into exploitable ones. Use this function only
+ *          if it is necessary to support a protocol for which it has been
+ *          verified that the usage of the key with multiple algorithms
+ *          is safe.
+ */
+static inline void psa_set_key_enrollment_algorithm(
+    psa_key_attributes_t *attributes,
+    psa_algorithm_t alg2)
+{
+    attributes->core.policy.alg2 = alg2;
+}
+
+/** Retrieve the enrollment algorithm policy from key attributes.
+ *
+ * \param[in] attributes        The key attribute structure to query.
+ *
+ * \return The enrollment algorithm stored in the attribute structure.
+ */
+static inline psa_algorithm_t psa_get_key_enrollment_algorithm(
+    const psa_key_attributes_t *attributes)
+{
+    return attributes->core.policy.alg2;
+}
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+
+/** Retrieve the slot number where a key is stored.
+ *
+ * A slot number is only defined for keys that are stored in a secure
+ * element.
+ *
+ * This information is only useful if the secure element is not entirely
+ * managed through the PSA Cryptography API. It is up to the secure
+ * element driver to decide how PSA slot numbers map to any other interface
+ * that the secure element may have.
+ *
+ * \param[in] attributes        The key attribute structure to query.
+ * \param[out] slot_number      On success, the slot number containing the key.
+ *
+ * \retval #PSA_SUCCESS
+ *         The key is located in a secure element, and \p *slot_number
+ *         indicates the slot number that contains it.
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ *         The caller is not permitted to query the slot number.
+ *         Mbed TLS currently does not return this error.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         The key is not located in a secure element.
+ */
+psa_status_t psa_get_key_slot_number(
+    const psa_key_attributes_t *attributes,
+    psa_key_slot_number_t *slot_number);
+
+/** Choose the slot number where a key is stored.
+ *
+ * This function declares a slot number in the specified attribute
+ * structure.
+ *
+ * A slot number is only meaningful for keys that are stored in a secure
+ * element. It is up to the secure element driver to decide how PSA slot
+ * numbers map to any other interface that the secure element may have.
+ *
+ * \note Setting a slot number in key attributes for a key creation can
+ *       cause the following errors when creating the key:
+ *       - #PSA_ERROR_NOT_SUPPORTED if the selected secure element does
+ *         not support choosing a specific slot number.
+ *       - #PSA_ERROR_NOT_PERMITTED if the caller is not permitted to
+ *         choose slot numbers in general or to choose this specific slot.
+ *       - #PSA_ERROR_INVALID_ARGUMENT if the chosen slot number is not
+ *         valid in general or not valid for this specific key.
+ *       - #PSA_ERROR_ALREADY_EXISTS if there is already a key in the
+ *         selected slot.
+ *
+ * \param[out] attributes       The attribute structure to write to.
+ * \param slot_number           The slot number to set.
+ */
+static inline void psa_set_key_slot_number(
+    psa_key_attributes_t *attributes,
+    psa_key_slot_number_t slot_number)
+{
+    attributes->core.flags |= MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
+    attributes->slot_number = slot_number;
+}
+
+/** Remove the slot number attribute from a key attribute structure.
+ *
+ * This function undoes the action of psa_set_key_slot_number().
+ *
+ * \param[out] attributes       The attribute structure to write to.
+ */
+static inline void psa_clear_key_slot_number(
+    psa_key_attributes_t *attributes)
+{
+    attributes->core.flags &= ~MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
+}
+
+/** Register a key that is already present in a secure element.
+ *
+ * The key must be located in a secure element designated by the
+ * lifetime field in \p attributes, in the slot set with
+ * psa_set_key_slot_number() in the attribute structure.
+ * This function makes the key available through the key identifier
+ * specified in \p attributes.
+ *
+ * \param[in] attributes        The attributes of the existing key.
+ *
+ * \retval #PSA_SUCCESS
+ *         The key was successfully registered.
+ *         Note that depending on the design of the driver, this may or may
+ *         not guarantee that a key actually exists in the designated slot
+ *         and is compatible with the specified attributes.
+ * \retval #PSA_ERROR_ALREADY_EXISTS
+ *         There is already a key with the identifier specified in
+ *         \p attributes.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ *         The secure element driver for the specified lifetime does not
+ *         support registering a key.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         The identifier in \p attributes is invalid, namely the identifier is
+ *         not in the user range, or
+ *         \p attributes specifies a lifetime which is not located
+ *         in a secure element, or no slot number is specified in \p attributes,
+ *         or the specified slot number is not valid.
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ *         The caller is not authorized to register the specified key slot.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_DATA_INVALID \emptydescription
+ * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
+ */
+psa_status_t mbedtls_psa_register_se_key(
+    const psa_key_attributes_t *attributes);
+
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+/**@}*/
+
+/**
+ * \brief Library deinitialization.
+ *
+ * This function clears all data associated with the PSA layer,
+ * including the whole key store.
+ *
+ * This is an Mbed TLS extension.
+ */
+void mbedtls_psa_crypto_free(void);
+
+/** \brief Statistics about
+ * resource consumption related to the PSA keystore.
+ *
+ * \note The content of this structure is not part of the stable API and ABI
+ *       of Mbed TLS and may change arbitrarily from version to version.
+ */
+typedef struct mbedtls_psa_stats_s {
+    /** Number of slots containing key material for a volatile key. */
+    size_t volatile_slots;
+    /** Number of slots containing key material for a key which is in
+     * internal persistent storage. */
+    size_t persistent_slots;
+    /** Number of slots containing a reference to a key in a
+     * secure element. */
+    size_t external_slots;
+    /** Number of slots which are occupied, but do not contain
+     * key material yet. */
+    size_t half_filled_slots;
+    /** Number of slots that contain cache data. */
+    size_t cache_slots;
+    /** Number of slots that are not used for anything. */
+    size_t empty_slots;
+    /** Number of slots that are locked. */
+    size_t locked_slots;
+    /** Largest key id value among open keys in internal persistent storage. */
+    psa_key_id_t max_open_internal_key_id;
+    /** Largest key id value among open keys in secure elements. */
+    psa_key_id_t max_open_external_key_id;
+} mbedtls_psa_stats_t;
+
+/** \brief Get statistics about
+ * resource consumption related to the PSA keystore.
+ *
+ * \note When Mbed TLS is built as part of a service, with isolation
+ *       between the application and the keystore, the service may or
+ *       may not expose this function.
+ */
+void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats);
+
+/**
+ * \brief Inject an initial entropy seed for the random generator into
+ *        secure storage.
+ *
+ * This function injects data to be used as a seed for the random generator
+ * used by the PSA Crypto implementation. On devices that lack a trusted
+ * entropy source (preferably a hardware random number generator),
+ * the Mbed PSA Crypto implementation uses this value to seed its
+ * random generator.
+ *
+ * On devices without a trusted entropy source, this function must be
+ * called exactly once in the lifetime of the device. On devices with
+ * a trusted entropy source, calling this function is optional.
+ * In all cases, this function may only be called before calling any
+ * other function in the PSA Crypto API, including psa_crypto_init().
+ *
+ * When this function returns successfully, it populates a file in
+ * persistent storage. Once the file has been created, this function
+ * can no longer succeed.
+ *
+ * If any error occurs, this function does not change the system state.
+ * You can call this function again after correcting the reason for the
+ * error if possible.
+ *
+ * \warning This function **can** fail! Callers MUST check the return status.
+ *
+ * \warning If you use this function, you should use it as part of a
+ *          factory provisioning process. The value of the injected seed
+ *          is critical to the security of the device. It must be
+ *          *secret*, *unpredictable* and (statistically) *unique per device*.
+ *          You should be generate it randomly using a cryptographically
+ *          secure random generator seeded from trusted entropy sources.
+ *          You should transmit it securely to the device and ensure
+ *          that its value is not leaked or stored anywhere beyond the
+ *          needs of transmitting it from the point of generation to
+ *          the call of this function, and erase all copies of the value
+ *          once this function returns.
+ *
+ * This is an Mbed TLS extension.
+ *
+ * \note This function is only available on the following platforms:
+ * * If the compile-time option MBEDTLS_PSA_INJECT_ENTROPY is enabled.
+ *   Note that you must provide compatible implementations of
+ *   mbedtls_nv_seed_read and mbedtls_nv_seed_write.
+ * * In a client-server integration of PSA Cryptography, on the client side,
+ *   if the server supports this feature.
+ * \param[in] seed          Buffer containing the seed value to inject.
+ * \param[in] seed_size     Size of the \p seed buffer.
+ *                          The size of the seed in bytes must be greater
+ *                          or equal to both #MBEDTLS_ENTROPY_MIN_PLATFORM
+ *                          and #MBEDTLS_ENTROPY_BLOCK_SIZE.
+ *                          It must be less or equal to
+ *                          #MBEDTLS_ENTROPY_MAX_SEED_SIZE.
+ *
+ * \retval #PSA_SUCCESS
+ *         The seed value was injected successfully. The random generator
+ *         of the PSA Crypto implementation is now ready for use.
+ *         You may now call psa_crypto_init() and use the PSA Crypto
+ *         implementation.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         \p seed_size is out of range.
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ *         There was a failure reading or writing from storage.
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ *         The library has already been initialized. It is no longer
+ *         possible to call this function.
+ */
+psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
+                                        size_t seed_size);
+
+/** \addtogroup crypto_types
+ * @{
+ */
+
+/** DSA public key.
+ *
+ * The import and export format is the
+ * representation of the public key `y = g^x mod p` as a big-endian byte
+ * string. The length of the byte string is the length of the base prime `p`
+ * in bytes.
+ */
+#define PSA_KEY_TYPE_DSA_PUBLIC_KEY                 ((psa_key_type_t) 0x4002)
+
+/** DSA key pair (private and public key).
+ *
+ * The import and export format is the
+ * representation of the private key `x` as a big-endian byte string. The
+ * length of the byte string is the private key size in bytes (leading zeroes
+ * are not stripped).
+ *
+ * Deterministic DSA key derivation with psa_generate_derived_key follows
+ * FIPS 186-4 &sect;B.1.2: interpret the byte string as integer
+ * in big-endian order. Discard it if it is not in the range
+ * [0, *N* - 2] where *N* is the boundary of the private key domain
+ * (the prime *p* for Diffie-Hellman, the subprime *q* for DSA,
+ * or the order of the curve's base point for ECC).
+ * Add 1 to the resulting integer and use this as the private key *x*.
+ *
+ */
+#define PSA_KEY_TYPE_DSA_KEY_PAIR                    ((psa_key_type_t) 0x7002)
+
+/** Whether a key type is a DSA key (pair or public-only). */
+#define PSA_KEY_TYPE_IS_DSA(type)                                       \
+    (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
+
+#define PSA_ALG_DSA_BASE                        ((psa_algorithm_t) 0x06000400)
+/** DSA signature with hashing.
+ *
+ * This is the signature scheme defined by FIPS 186-4,
+ * with a random per-message secret number (*k*).
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *                      This includes #PSA_ALG_ANY_HASH
+ *                      when specifying the algorithm in a usage policy.
+ *
+ * \return              The corresponding DSA signature algorithm.
+ * \return              Unspecified if \p hash_alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_DSA(hash_alg)                             \
+    (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_DETERMINISTIC_DSA_BASE          ((psa_algorithm_t) 0x06000500)
+#define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG
+/** Deterministic DSA signature with hashing.
+ *
+ * This is the deterministic variant defined by RFC 6979 of
+ * the signature scheme defined by FIPS 186-4.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *                      This includes #PSA_ALG_ANY_HASH
+ *                      when specifying the algorithm in a usage policy.
+ *
+ * \return              The corresponding DSA signature algorithm.
+ * \return              Unspecified if \p hash_alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_DETERMINISTIC_DSA(hash_alg)                             \
+    (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_IS_DSA(alg)                                             \
+    (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) ==  \
+     PSA_ALG_DSA_BASE)
+#define PSA_ALG_DSA_IS_DETERMINISTIC(alg)               \
+    (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
+#define PSA_ALG_IS_DETERMINISTIC_DSA(alg)                       \
+    (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg))
+#define PSA_ALG_IS_RANDOMIZED_DSA(alg)                          \
+    (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg))
+
+
+/* We need to expand the sample definition of this macro from
+ * the API definition. */
+#undef PSA_ALG_IS_VENDOR_HASH_AND_SIGN
+#define PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg)    \
+    PSA_ALG_IS_DSA(alg)
+
+/**@}*/
+
+/** \addtogroup attributes
+ * @{
+ */
+
+/** Custom Diffie-Hellman group.
+ *
+ * For keys of type #PSA_KEY_TYPE_DH_PUBLIC_KEY(#PSA_DH_FAMILY_CUSTOM) or
+ * #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_FAMILY_CUSTOM), the group data comes
+ * from domain parameters set by psa_set_key_domain_parameters().
+ */
+#define PSA_DH_FAMILY_CUSTOM             ((psa_dh_family_t) 0x7e)
+
+
+/**
+ * \brief Set domain parameters for a key.
+ *
+ * Some key types require additional domain parameters in addition to
+ * the key type identifier and the key size. Use this function instead
+ * of psa_set_key_type() when you need to specify domain parameters.
+ *
+ * The format for the required domain parameters varies based on the key type.
+ *
+ * - For RSA keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY or #PSA_KEY_TYPE_RSA_KEY_PAIR),
+ *   the domain parameter data consists of the public exponent,
+ *   represented as a big-endian integer with no leading zeros.
+ *   This information is used when generating an RSA key pair.
+ *   When importing a key, the public exponent is read from the imported
+ *   key data and the exponent recorded in the attribute structure is ignored.
+ *   As an exception, the public exponent 65537 is represented by an empty
+ *   byte string.
+ * - For DSA keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY or #PSA_KEY_TYPE_DSA_KEY_PAIR),
+ *   the `Dss-Params` format as defined by RFC 3279 &sect;2.3.2.
+ *   ```
+ *   Dss-Params ::= SEQUENCE  {
+ *      p       INTEGER,
+ *      q       INTEGER,
+ *      g       INTEGER
+ *   }
+ *   ```
+ * - For Diffie-Hellman key exchange keys
+ *   (#PSA_KEY_TYPE_DH_PUBLIC_KEY(#PSA_DH_FAMILY_CUSTOM) or
+ *   #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_FAMILY_CUSTOM)), the
+ *   `DomainParameters` format as defined by RFC 3279 &sect;2.3.3.
+ *   ```
+ *   DomainParameters ::= SEQUENCE {
+ *      p               INTEGER,                    -- odd prime, p=jq +1
+ *      g               INTEGER,                    -- generator, g
+ *      q               INTEGER,                    -- factor of p-1
+ *      j               INTEGER OPTIONAL,           -- subgroup factor
+ *      validationParams ValidationParams OPTIONAL
+ *   }
+ *   ValidationParams ::= SEQUENCE {
+ *      seed            BIT STRING,
+ *      pgenCounter     INTEGER
+ *   }
+ *   ```
+ *
+ * \note This function may allocate memory or other resources.
+ *       Once you have called this function on an attribute structure,
+ *       you must call psa_reset_key_attributes() to free these resources.
+ *
+ * \note This is an experimental extension to the interface. It may change
+ *       in future versions of the library.
+ *
+ * \param[in,out] attributes    Attribute structure where the specified domain
+ *                              parameters will be stored.
+ *                              If this function fails, the content of
+ *                              \p attributes is not modified.
+ * \param type                  Key type (a \c PSA_KEY_TYPE_XXX value).
+ * \param[in] data              Buffer containing the key domain parameters.
+ *                              The content of this buffer is interpreted
+ *                              according to \p type as described above.
+ * \param data_length           Size of the \p data buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ */
+psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes,
+                                           psa_key_type_t type,
+                                           const uint8_t *data,
+                                           size_t data_length);
+
+/**
+ * \brief Get domain parameters for a key.
+ *
+ * Get the domain parameters for a key with this function, if any. The format
+ * of the domain parameters written to \p data is specified in the
+ * documentation for psa_set_key_domain_parameters().
+ *
+ * \note This is an experimental extension to the interface. It may change
+ *       in future versions of the library.
+ *
+ * \param[in] attributes        The key attribute structure to query.
+ * \param[out] data             On success, the key domain parameters.
+ * \param data_size             Size of the \p data buffer in bytes.
+ *                              The buffer is guaranteed to be large
+ *                              enough if its size in bytes is at least
+ *                              the value given by
+ *                              PSA_KEY_DOMAIN_PARAMETERS_SIZE().
+ * \param[out] data_length      On success, the number of bytes
+ *                              that make up the key domain parameters data.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL \emptydescription
+ */
+psa_status_t psa_get_key_domain_parameters(
+    const psa_key_attributes_t *attributes,
+    uint8_t *data,
+    size_t data_size,
+    size_t *data_length);
+
+/** Safe output buffer size for psa_get_key_domain_parameters().
+ *
+ * This macro returns a compile-time constant if its arguments are
+ * compile-time constants.
+ *
+ * \warning This function may call its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * \note This is an experimental extension to the interface. It may change
+ *       in future versions of the library.
+ *
+ * \param key_type  A supported key type.
+ * \param key_bits  The size of the key in bits.
+ *
+ * \return If the parameters are valid and supported, return
+ *         a buffer size in bytes that guarantees that
+ *         psa_get_key_domain_parameters() will not fail with
+ *         #PSA_ERROR_BUFFER_TOO_SMALL.
+ *         If the parameters are a valid combination that is not supported
+ *         by the implementation, this macro shall return either a
+ *         sensible size or 0.
+ *         If the parameters are not valid, the
+ *         return value is unspecified.
+ */
+#define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits)              \
+    (PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) :                      \
+     PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
+     PSA_KEY_TYPE_IS_DSA(key_type) ? PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
+     0)
+#define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits)     \
+    (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 3 /*without optional parts*/)
+#define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits)    \
+    (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 2 /*p, g*/ + 34 /*q*/)
+
+/**@}*/
+
+/** \defgroup psa_tls_helpers TLS helper functions
+ * @{
+ */
+
+#if defined(MBEDTLS_ECP_C)
+#include <mbedtls/ecp.h>
+
+/** Convert an ECC curve identifier from the Mbed TLS encoding to PSA.
+ *
+ * \note This function is provided solely for the convenience of
+ *       Mbed TLS and may be removed at any time without notice.
+ *
+ * \param grpid         An Mbed TLS elliptic curve identifier
+ *                      (`MBEDTLS_ECP_DP_xxx`).
+ * \param[out] bits     On success, the bit size of the curve.
+ *
+ * \return              The corresponding PSA elliptic curve identifier
+ *                      (`PSA_ECC_FAMILY_xxx`).
+ * \return              \c 0 on failure (\p grpid is not recognized).
+ */
+static inline psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid,
+                                                        size_t *bits)
+{
+    switch (grpid) {
+        case MBEDTLS_ECP_DP_SECP192R1:
+            *bits = 192;
+            return PSA_ECC_FAMILY_SECP_R1;
+        case MBEDTLS_ECP_DP_SECP224R1:
+            *bits = 224;
+            return PSA_ECC_FAMILY_SECP_R1;
+        case MBEDTLS_ECP_DP_SECP256R1:
+            *bits = 256;
+            return PSA_ECC_FAMILY_SECP_R1;
+        case MBEDTLS_ECP_DP_SECP384R1:
+            *bits = 384;
+            return PSA_ECC_FAMILY_SECP_R1;
+        case MBEDTLS_ECP_DP_SECP521R1:
+            *bits = 521;
+            return PSA_ECC_FAMILY_SECP_R1;
+        case MBEDTLS_ECP_DP_BP256R1:
+            *bits = 256;
+            return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
+        case MBEDTLS_ECP_DP_BP384R1:
+            *bits = 384;
+            return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
+        case MBEDTLS_ECP_DP_BP512R1:
+            *bits = 512;
+            return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
+        case MBEDTLS_ECP_DP_CURVE25519:
+            *bits = 255;
+            return PSA_ECC_FAMILY_MONTGOMERY;
+        case MBEDTLS_ECP_DP_SECP192K1:
+            *bits = 192;
+            return PSA_ECC_FAMILY_SECP_K1;
+        case MBEDTLS_ECP_DP_SECP224K1:
+            *bits = 224;
+            return PSA_ECC_FAMILY_SECP_K1;
+        case MBEDTLS_ECP_DP_SECP256K1:
+            *bits = 256;
+            return PSA_ECC_FAMILY_SECP_K1;
+        case MBEDTLS_ECP_DP_CURVE448:
+            *bits = 448;
+            return PSA_ECC_FAMILY_MONTGOMERY;
+        default:
+            *bits = 0;
+            return 0;
+    }
+}
+
+/** Convert an ECC curve identifier from the PSA encoding to Mbed TLS.
+ *
+ * \note This function is provided solely for the convenience of
+ *       Mbed TLS and may be removed at any time without notice.
+ *
+ * \param curve         A PSA elliptic curve identifier
+ *                      (`PSA_ECC_FAMILY_xxx`).
+ * \param bits          The bit-length of a private key on \p curve.
+ * \param bits_is_sloppy If true, \p bits may be the bit-length rounded up
+ *                      to the nearest multiple of 8. This allows the caller
+ *                      to infer the exact curve from the length of a key
+ *                      which is supplied as a byte string.
+ *
+ * \return              The corresponding Mbed TLS elliptic curve identifier
+ *                      (`MBEDTLS_ECP_DP_xxx`).
+ * \return              #MBEDTLS_ECP_DP_NONE if \c curve is not recognized.
+ * \return              #MBEDTLS_ECP_DP_NONE if \p bits is not
+ *                      correct for \p curve.
+ */
+mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve,
+                                              size_t bits,
+                                              int bits_is_sloppy);
+#endif /* MBEDTLS_ECP_C */
+
+/**@}*/
+
+/** \defgroup psa_external_rng External random generator
+ * @{
+ */
+
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+/** External random generator function, implemented by the platform.
+ *
+ * When the compile-time option #MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled,
+ * this function replaces Mbed TLS's entropy and DRBG modules for all
+ * random generation triggered via PSA crypto interfaces.
+ *
+ * \note This random generator must deliver random numbers with cryptographic
+ *       quality and high performance. It must supply unpredictable numbers
+ *       with a uniform distribution. The implementation of this function
+ *       is responsible for ensuring that the random generator is seeded
+ *       with sufficient entropy. If you have a hardware TRNG which is slow
+ *       or delivers non-uniform output, declare it as an entropy source
+ *       with mbedtls_entropy_add_source() instead of enabling this option.
+ *
+ * \param[in,out] context       Pointer to the random generator context.
+ *                              This is all-bits-zero on the first call
+ *                              and preserved between successive calls.
+ * \param[out] output           Output buffer. On success, this buffer
+ *                              contains random data with a uniform
+ *                              distribution.
+ * \param output_size           The size of the \p output buffer in bytes.
+ * \param[out] output_length    On success, set this value to \p output_size.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success. The output buffer contains \p output_size bytes of
+ *         cryptographic-quality random data, and \c *output_length is
+ *         set to \p output_size.
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ *         The random generator requires extra entropy and there is no
+ *         way to obtain entropy under current environment conditions.
+ *         This error should not happen under normal circumstances since
+ *         this function is responsible for obtaining as much entropy as
+ *         it needs. However implementations of this function may return
+ *         #PSA_ERROR_INSUFFICIENT_ENTROPY if there is no way to obtain
+ *         entropy without blocking indefinitely.
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ *         A failure of the random generator hardware that isn't covered
+ *         by #PSA_ERROR_INSUFFICIENT_ENTROPY.
+ */
+psa_status_t mbedtls_psa_external_get_random(
+    mbedtls_psa_external_random_context_t *context,
+    uint8_t *output, size_t output_size, size_t *output_length);
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+/**@}*/
+
+/** \defgroup psa_builtin_keys Built-in keys
+ * @{
+ */
+
+/** The minimum value for a key identifier that is built into the
+ * implementation.
+ *
+ * The range of key identifiers from #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN
+ * to #MBEDTLS_PSA_KEY_ID_BUILTIN_MAX within the range from
+ * #PSA_KEY_ID_VENDOR_MIN and #PSA_KEY_ID_VENDOR_MAX and must not intersect
+ * with any other set of implementation-chosen key identifiers.
+ *
+ * This value is part of the library's ABI since changing it would invalidate
+ * the values of built-in key identifiers in applications.
+ */
+#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN          ((psa_key_id_t) 0x7fff0000)
+
+/** The maximum value for a key identifier that is built into the
+ * implementation.
+ *
+ * See #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN for more information.
+ */
+#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX          ((psa_key_id_t) 0x7fffefff)
+
+/** A slot number identifying a key in a driver.
+ *
+ * Values of this type are used to identify built-in keys.
+ */
+typedef uint64_t psa_drv_slot_number_t;
+
+#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
+/** Test whether a key identifier belongs to the builtin key range.
+ *
+ * \param key_id  Key identifier to test.
+ *
+ * \retval 1
+ *         The key identifier is a builtin key identifier.
+ * \retval 0
+ *         The key identifier is not a builtin key identifier.
+ */
+static inline int psa_key_id_is_builtin(psa_key_id_t key_id)
+{
+    return (key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN) &&
+           (key_id <= MBEDTLS_PSA_KEY_ID_BUILTIN_MAX);
+}
+
+/** Platform function to obtain the location and slot number of a built-in key.
+ *
+ * An application-specific implementation of this function must be provided if
+ * #MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is enabled. This would typically be provided
+ * as part of a platform's system image.
+ *
+ * #MBEDTLS_SVC_KEY_ID_GET_KEY_ID(\p key_id) needs to be in the range from
+ * #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN to #MBEDTLS_PSA_KEY_ID_BUILTIN_MAX.
+ *
+ * In a multi-application configuration
+ * (\c MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER is defined),
+ * this function should check that #MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(\p key_id)
+ * is allowed to use the given key.
+ *
+ * \param key_id                The key ID for which to retrieve the
+ *                              location and slot attributes.
+ * \param[out] lifetime         On success, the lifetime associated with the key
+ *                              corresponding to \p key_id. Lifetime is a
+ *                              combination of which driver contains the key,
+ *                              and with what persistence level the key is
+ *                              intended to be used. If the platform
+ *                              implementation does not contain specific
+ *                              information about the intended key persistence
+ *                              level, the persistence level may be reported as
+ *                              #PSA_KEY_PERSISTENCE_DEFAULT.
+ * \param[out] slot_number      On success, the slot number known to the driver
+ *                              registered at the lifetime location reported
+ *                              through \p lifetime which corresponds to the
+ *                              requested built-in key.
+ *
+ * \retval #PSA_SUCCESS
+ *         The requested key identifier designates a built-in key.
+ *         In a multi-application configuration, the requested owner
+ *         is allowed to access it.
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ *         The requested key identifier is not a built-in key which is known
+ *         to this function. If a key exists in the key storage with this
+ *         identifier, the data from the storage will be used.
+ * \return (any other error)
+ *         Any other error is propagated to the function that requested the key.
+ *         Common errors include:
+ *         - #PSA_ERROR_NOT_PERMITTED: the key exists but the requested owner
+ *           is not allowed to access it.
+ */
+psa_status_t mbedtls_psa_platform_get_builtin_key(
+    mbedtls_svc_key_id_t key_id,
+    psa_key_lifetime_t *lifetime,
+    psa_drv_slot_number_t *slot_number);
+#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+
+/** @} */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* PSA_CRYPTO_EXTRA_H */
diff --git a/3rdparty/mbedtls-2.28.7/include/psa/crypto_platform.h b/3rdparty/mbedtls-2.28.7/include/psa/crypto_platform.h
new file mode 100644
index 0000000..ab6f1e8
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/psa/crypto_platform.h
@@ -0,0 +1,99 @@
+/**
+ * \file psa/crypto_platform.h
+ *
+ * \brief PSA cryptography module: Mbed TLS platform definitions
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * This file contains platform-dependent type definitions.
+ *
+ * In implementations with isolation between the application and the
+ * cryptography module, implementers should take care to ensure that
+ * the definitions that are exposed to applications match what the
+ * module implements.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_PLATFORM_H
+#define PSA_CRYPTO_PLATFORM_H
+
+/* Include the Mbed TLS configuration file, the way Mbed TLS does it
+ * in each of its header files. */
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+/* Translate between classic MBEDTLS_xxx feature symbols and PSA_xxx
+ * feature symbols. */
+#include "mbedtls/config_psa.h"
+
+/* PSA requires several types which C99 provides in stdint.h. */
+#include <stdint.h>
+
+#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+
+/* Building for the PSA Crypto service on a PSA platform, a key owner is a PSA
+ * partition identifier.
+ *
+ * The function psa_its_identifier_of_slot() in psa_crypto_storage.c that
+ * translates a key identifier to a key storage file name assumes that
+ * mbedtls_key_owner_id_t is a 32-bit integer. This function thus needs
+ * reworking if mbedtls_key_owner_id_t is not defined as a 32-bit integer
+ * here anymore.
+ */
+typedef int32_t mbedtls_key_owner_id_t;
+
+/** Compare two key owner identifiers.
+ *
+ * \param id1 First key owner identifier.
+ * \param id2 Second key owner identifier.
+ *
+ * \return Non-zero if the two key owner identifiers are equal, zero otherwise.
+ */
+static inline int mbedtls_key_owner_id_equal(mbedtls_key_owner_id_t id1,
+                                             mbedtls_key_owner_id_t id2)
+{
+    return id1 == id2;
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
+
+/*
+ * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM
+ * (Secure Partition Manager) integration which separates the code into two
+ * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing
+ * Environment). When building for the SPE, an additional header file should be
+ * included.
+ */
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+#define PSA_CRYPTO_SECURE 1
+#include "crypto_spe.h"
+#endif // MBEDTLS_PSA_CRYPTO_SPM
+
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+/** The type of the context passed to mbedtls_psa_external_get_random().
+ *
+ * Mbed TLS initializes the context to all-bits-zero before calling
+ * mbedtls_psa_external_get_random() for the first time.
+ *
+ * The definition of this type in the Mbed TLS source code is for
+ * demonstration purposes. Implementers of mbedtls_psa_external_get_random()
+ * are expected to replace it with a custom definition.
+ */
+typedef struct {
+    uintptr_t opaque[2];
+} mbedtls_psa_external_random_context_t;
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+#endif /* PSA_CRYPTO_PLATFORM_H */
diff --git a/3rdparty/mbedtls-2.25.0/include/psa/crypto_se_driver.h b/3rdparty/mbedtls-2.28.7/include/psa/crypto_se_driver.h
similarity index 96%
rename from 3rdparty/mbedtls-2.25.0/include/psa/crypto_se_driver.h
rename to 3rdparty/mbedtls-2.28.7/include/psa/crypto_se_driver.h
index 1fae575..616850f 100644
--- a/3rdparty/mbedtls-2.25.0/include/psa/crypto_se_driver.h
+++ b/3rdparty/mbedtls-2.28.7/include/psa/crypto_se_driver.h
@@ -17,19 +17,7 @@
 
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 #ifndef PSA_CRYPTO_SE_DRIVER_H
 #define PSA_CRYPTO_SE_DRIVER_H
@@ -137,7 +125,7 @@ typedef psa_status_t (*psa_drv_se_init_t)(psa_drv_se_context_t *drv_context,
                                           psa_key_location_t location);
 
 #if defined(__DOXYGEN_ONLY__) || !defined(MBEDTLS_PSA_CRYPTO_SE_C)
-/* Mbed Crypto with secure element support enabled defines this type in
+/* Mbed TLS with secure element support enabled defines this type in
  * crypto_types.h because it is also visible to applications through an
  * implementation-specific extension.
  * For the PSA Cryptography specification, this type is only visible
@@ -225,7 +213,7 @@ typedef psa_status_t (*psa_drv_se_mac_finish_t)(void *op_context,
  * operation by comparing the resulting MAC against a provided value
  *
  * \param[in,out] op_context    A hardware-specific structure for the previously
- *                              started MAC operation to be fiinished
+ *                              started MAC operation to be finished
  * \param[in] p_mac             The MAC value against which the resulting MAC
  *                              will be compared against
  * \param[in] mac_length        The size in bytes of the value stored in `p_mac`
@@ -322,7 +310,7 @@ typedef psa_status_t (*psa_drv_se_mac_verify_t)(psa_drv_se_context_t *drv_contex
 typedef struct {
     /**The size in bytes of the hardware-specific secure element MAC context
      * structure
-    */
+     */
     size_t                    context_size;
     /** Function that performs a MAC setup operation
      */
@@ -336,7 +324,7 @@ typedef struct {
     /** Function that completes a MAC operation with a verify check
      */
     psa_drv_se_mac_finish_verify_t  p_finish_verify;
-    /** Function that aborts a previoustly started MAC operation
+    /** Function that aborts a previously started MAC operation
      */
     psa_drv_se_mac_abort_t          p_abort;
     /** Function that performs a MAC operation in one call
@@ -384,8 +372,8 @@ typedef struct {
  * \param[in] direction         Indicates whether the operation is an encrypt
  *                              or decrypt
  *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
  */
 typedef psa_status_t (*psa_drv_se_cipher_setup_t)(psa_drv_se_context_t *drv_context,
                                                   void *op_context,
@@ -394,7 +382,7 @@ typedef psa_status_t (*psa_drv_se_cipher_setup_t)(psa_drv_se_context_t *drv_cont
                                                   psa_encrypt_or_decrypt_t direction);
 
 /** \brief A function that sets the initialization vector (if
- * necessary) for an secure element cipher operation
+ * necessary) for a secure element cipher operation
  *
  * Rationale: The `psa_se_cipher_*` operation in the PSA Cryptographic API has
  * two IV functions: one to set the IV, and one to generate it internally. The
@@ -406,7 +394,7 @@ typedef psa_status_t (*psa_drv_se_cipher_setup_t)(psa_drv_se_context_t *drv_cont
  * \param[in] p_iv              A buffer containing the initialization vector
  * \param[in] iv_length         The size (in bytes) of the `p_iv` buffer
  *
- * \retval #PSA_SUCCESS
+ * \retval #PSA_SUCCESS \emptydescription
  */
 typedef psa_status_t (*psa_drv_se_cipher_set_iv_t)(void *op_context,
                                                    const uint8_t *p_iv,
@@ -428,7 +416,7 @@ typedef psa_status_t (*psa_drv_se_cipher_set_iv_t)(void *op_context,
  * \param[out] p_output_length      After completion, will contain the number
  *                                  of bytes placed in the `p_output` buffer
  *
- * \retval #PSA_SUCCESS
+ * \retval #PSA_SUCCESS \emptydescription
  */
 typedef psa_status_t (*psa_drv_se_cipher_update_t)(void *op_context,
                                                    const uint8_t *p_input,
@@ -449,7 +437,7 @@ typedef psa_status_t (*psa_drv_se_cipher_update_t)(void *op_context,
  * \param[out] p_output_length  After completion, will contain the number of
  *                              bytes placed in the `p_output` buffer
  *
- * \retval #PSA_SUCCESS
+ * \retval #PSA_SUCCESS \emptydescription
  */
 typedef psa_status_t (*psa_drv_se_cipher_finish_t)(void *op_context,
                                                    uint8_t *p_output,
@@ -484,8 +472,8 @@ typedef psa_status_t (*psa_drv_se_cipher_abort_t)(void *op_context);
  * \param[in] output_size       The allocated size in bytes of the `p_output`
  *                              buffer
  *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
  */
 typedef psa_status_t (*psa_drv_se_cipher_ecb_t)(psa_drv_se_context_t *drv_context,
                                                 psa_key_slot_number_t key_slot,
@@ -553,7 +541,7 @@ typedef struct {
  * \param[out] p_signature_length   On success, the number of bytes
  *                                  that make up the returned signature value
  *
- * \retval #PSA_SUCCESS
+ * \retval #PSA_SUCCESS \emptydescription
  */
 typedef psa_status_t (*psa_drv_se_asymmetric_sign_t)(psa_drv_se_context_t *drv_context,
                                                      psa_key_slot_number_t key_slot,
@@ -617,7 +605,7 @@ typedef psa_status_t (*psa_drv_se_asymmetric_verify_t)(psa_drv_se_context_t *drv
  * \param[out] p_output_length  On success, the number of bytes that make up
  *                              the returned output
  *
- * \retval #PSA_SUCCESS
+ * \retval #PSA_SUCCESS \emptydescription
  */
 typedef psa_status_t (*psa_drv_se_asymmetric_encrypt_t)(psa_drv_se_context_t *drv_context,
                                                         psa_key_slot_number_t key_slot,
@@ -657,7 +645,7 @@ typedef psa_status_t (*psa_drv_se_asymmetric_encrypt_t)(psa_drv_se_context_t *dr
  * \param[out] p_output_length  On success, the number of bytes
  *                              that make up the returned output
  *
- * \retval #PSA_SUCCESS
+ * \retval #PSA_SUCCESS \emptydescription
  */
 typedef psa_status_t (*psa_drv_se_asymmetric_decrypt_t)(psa_drv_se_context_t *drv_context,
                                                         psa_key_slot_number_t key_slot,
@@ -745,7 +733,7 @@ typedef psa_status_t (*psa_drv_se_aead_encrypt_t)(psa_drv_se_context_t *drv_cont
                                                   size_t ciphertext_size,
                                                   size_t *p_ciphertext_length);
 
-/** A function that peforms a secure element authenticated decryption operation
+/** A function that performs a secure element authenticated decryption operation
  *
  * \param[in,out] drv_context           The driver context structure.
  * \param[in] key_slot                  Slot containing the key to use
@@ -814,8 +802,7 @@ typedef struct {
 
 /** An enumeration indicating how a key is created.
  */
-typedef enum
-{
+typedef enum {
     PSA_KEY_CREATION_IMPORT, /**< During psa_import_key() */
     PSA_KEY_CREATION_GENERATE, /**< During psa_generate_key() */
     PSA_KEY_CREATION_DERIVE, /**< During psa_key_derivation_output_key() */
@@ -837,7 +824,7 @@ typedef enum
      * and #PSA_ERROR_DOES_NOT_EXIST if the driver can determine that there
      * is no key with the specified slot number.
      *
-     * This is an Mbed Crypto extension.
+     * This is an Mbed TLS extension.
      */
     PSA_KEY_CREATION_REGISTER,
 #endif
@@ -904,8 +891,8 @@ typedef enum
  *         Success.
  *         The core will record \c *key_slot as the key slot where the key
  *         is stored and will update the persistent data in storage.
- * \retval #PSA_ERROR_NOT_SUPPORTED
- * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription
  */
 typedef psa_status_t (*psa_drv_se_allocate_key_t)(
     psa_drv_se_context_t *drv_context,
@@ -1043,13 +1030,13 @@ typedef psa_status_t (*psa_drv_se_destroy_key_t)(
  * \param[out] p_data_length    On success, the number of bytes
  *                              that make up the key data.
  *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_DOES_NOT_EXIST
- * \retval #PSA_ERROR_NOT_PERMITTED
- * \retval #PSA_ERROR_NOT_SUPPORTED
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_DOES_NOT_EXIST \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  */
 typedef psa_status_t (*psa_drv_se_export_key_t)(psa_drv_se_context_t *drv_context,
                                                 psa_key_slot_number_t key,
@@ -1061,7 +1048,8 @@ typedef psa_status_t (*psa_drv_se_export_key_t)(psa_drv_se_context_t *drv_contex
  * \brief A function that generates a symmetric or asymmetric key on a secure
  * element
  *
- * If \p type is asymmetric (#PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) = 1),
+ * If the key type \c type recorded in \p attributes
+ * is asymmetric (#PSA_KEY_TYPE_IS_ASYMMETRIC(\c type) = 1),
  * the driver may export the public key at the time of generation,
  * in the format documented for psa_export_public_key() by writing it
  * to the \p pubkey buffer.
@@ -1155,10 +1143,10 @@ typedef struct {
  *
  * Different key derivation algorithms require a different number of inputs.
  * Instead of having an API that takes as input variable length arrays, which
- * can be problemmatic to manage on embedded platforms, the inputs are passed
+ * can be problematic to manage on embedded platforms, the inputs are passed
  * to the driver via a function, `psa_drv_se_key_derivation_collateral`, that
  * is called multiple times with different `collateral_id`s. Thus, for a key
- * derivation algorithm that required 3 paramter inputs, the flow would look
+ * derivation algorithm that required 3 parameter inputs, the flow would look
  * something like:
  * ~~~~~~~~~~~~~{.c}
  * psa_drv_se_key_derivation_setup(kdf_algorithm, source_key, dest_key_size_bytes);
@@ -1195,7 +1183,7 @@ typedef struct {
  * \param[in] source_key        The key to be used as the source material for
  *                              the key derivation
  *
- * \retval #PSA_SUCCESS
+ * \retval #PSA_SUCCESS \emptydescription
  */
 typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(psa_drv_se_context_t *drv_context,
                                                           void *op_context,
@@ -1206,7 +1194,7 @@ typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(psa_drv_se_context_t *
  * element key derivation or key agreement operation
  *
  * Since many key derivation algorithms require multiple parameters, it is
- * expeced that this function may be called multiple times for the same
+ * expected that this function may be called multiple times for the same
  * operation, each with a different algorithm-specific `collateral_id`
  *
  * \param[in,out] op_context    A hardware-specific structure containing any
@@ -1215,7 +1203,7 @@ typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(psa_drv_se_context_t *
  * \param[in] p_collateral      A buffer containing the collateral data
  * \param[in] collateral_size   The size in bytes of the collateral
  *
- * \retval #PSA_SUCCESS
+ * \retval #PSA_SUCCESS \emptydescription
  */
 typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(void *op_context,
                                                                uint32_t collateral_id,
@@ -1230,10 +1218,10 @@ typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(void *op_context,
  * \param[in] dest_key          The slot where the generated key material
  *                              should be placed
  *
- * \retval #PSA_SUCCESS
+ * \retval #PSA_SUCCESS \emptydescription
  */
 typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(void *op_context,
-                                                          psa_key_slot_number_t dest_key);
+                                                           psa_key_slot_number_t dest_key);
 
 /** \brief A function that performs the final step of a secure element key
  * agreement and place the generated key material in a buffer
@@ -1244,7 +1232,7 @@ typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(void *op_context,
  * \param[out] p_output_length  Upon success, contains the number of bytes of
  *                              key material placed in `p_output`
  *
- * \retval #PSA_SUCCESS
+ * \retval #PSA_SUCCESS \emptydescription
  */
 typedef psa_status_t (*psa_drv_se_key_derivation_export_t)(void *op_context,
                                                            uint8_t *p_output,
@@ -1269,7 +1257,7 @@ typedef struct {
     psa_drv_se_key_derivation_collateral_t p_collateral;
     /** Function that performs a final key derivation step */
     psa_drv_se_key_derivation_derive_t     p_derive;
-    /** Function that perforsm a final key derivation or agreement and
+    /** Function that performs a final key derivation or agreement and
      * exports the key */
     psa_drv_se_key_derivation_export_t     p_export;
 } psa_drv_se_key_derivation_t;
@@ -1364,20 +1352,22 @@ typedef struct {
  *
  * \return #PSA_SUCCESS
  *         The driver was successfully registered. Applications can now
- *         use \p lifetime to access keys through the methods passed to
+ *         use \p location to access keys through the methods passed to
  *         this function.
  * \return #PSA_ERROR_BAD_STATE
  *         This function was called after the initialization of the
  *         cryptography module, and this implementation does not support
  *         driver registration at this stage.
  * \return #PSA_ERROR_ALREADY_EXISTS
- *         There is already a registered driver for this value of \p lifetime.
+ *         There is already a registered driver for this value of \p location.
  * \return #PSA_ERROR_INVALID_ARGUMENT
- *         \p lifetime is a reserved value.
+ *         \p location is a reserved value.
  * \return #PSA_ERROR_NOT_SUPPORTED
  *         `methods->hal_version` is not supported by this implementation.
  * \return #PSA_ERROR_INSUFFICIENT_MEMORY
  * \return #PSA_ERROR_NOT_PERMITTED
+ * \return #PSA_ERROR_STORAGE_FAILURE
+ * \return #PSA_ERROR_DATA_CORRUPT
  */
 psa_status_t psa_register_se_driver(
     psa_key_location_t location,
diff --git a/3rdparty/mbedtls-2.28.7/include/psa/crypto_sizes.h b/3rdparty/mbedtls-2.28.7/include/psa/crypto_sizes.h
new file mode 100644
index 0000000..43f2f7b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/psa/crypto_sizes.h
@@ -0,0 +1,1159 @@
+/**
+ * \file psa/crypto_sizes.h
+ *
+ * \brief PSA cryptography module: Mbed TLS buffer size macros
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * This file contains the definitions of macros that are useful to
+ * compute buffer sizes. The signatures and semantics of these macros
+ * are standardized, but the definitions are not, because they depend on
+ * the available algorithms and, in some cases, on permitted tolerances
+ * on buffer sizes.
+ *
+ * In implementations with isolation between the application and the
+ * cryptography module, implementers should take care to ensure that
+ * the definitions that are exposed to applications match what the
+ * module implements.
+ *
+ * Macros that compute sizes whose values do not depend on the
+ * implementation are in crypto.h.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_SIZES_H
+#define PSA_CRYPTO_SIZES_H
+
+/* Include the Mbed TLS configuration file, the way Mbed TLS does it
+ * in each of its header files. */
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8)
+#define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8)
+
+#define PSA_ROUND_UP_TO_MULTIPLE(block_size, length) \
+    (((length) + (block_size) - 1) / (block_size) * (block_size))
+
+/** The size of the output of psa_hash_finish(), in bytes.
+ *
+ * This is also the hash size that psa_hash_verify() expects.
+ *
+ * \param alg   A hash algorithm (\c PSA_ALG_XXX value such that
+ *              #PSA_ALG_IS_HASH(\p alg) is true), or an HMAC algorithm
+ *              (#PSA_ALG_HMAC(\c hash_alg) where \c hash_alg is a
+ *              hash algorithm).
+ *
+ * \return The hash size for the specified hash algorithm.
+ *         If the hash algorithm is not recognized, return 0.
+ */
+#define PSA_HASH_LENGTH(alg)                                        \
+    (                                                               \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 :            \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 16 :            \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 :            \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 :      \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 :          \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28 :        \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32 :        \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48 :        \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64 :        \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 :    \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 :    \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28 :       \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32 :       \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48 :       \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64 :       \
+        0)
+
+/** The input block size of a hash algorithm, in bytes.
+ *
+ * Hash algorithms process their input data in blocks. Hash operations will
+ * retain any partial blocks until they have enough input to fill the block or
+ * until the operation is finished.
+ * This affects the output from psa_hash_suspend().
+ *
+ * \param alg   A hash algorithm (\c PSA_ALG_XXX value such that
+ *              PSA_ALG_IS_HASH(\p alg) is true).
+ *
+ * \return      The block size in bytes for the specified hash algorithm.
+ *              If the hash algorithm is not recognized, return 0.
+ *              An implementation can return either 0 or the correct size for a
+ *              hash algorithm that it recognizes, but does not support.
+ */
+#define PSA_HASH_BLOCK_LENGTH(alg)                                  \
+    (                                                               \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 :            \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 64 :            \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 64 :            \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 64 :      \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 64 :          \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 64 :        \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 64 :        \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 128 :       \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 128 :       \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 128 :   \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 128 :   \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 144 :      \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 136 :      \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 104 :      \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 72 :       \
+        0)
+
+/** \def PSA_HASH_MAX_SIZE
+ *
+ * Maximum size of a hash.
+ *
+ * This macro expands to a compile-time constant integer. This value
+ * is the maximum size of a hash in bytes.
+ */
+/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-226,
+ * 136 bytes for HMAC-SHA3-256, 104 bytes for SHA3-384, 72 bytes for
+ * HMAC-SHA3-512. */
+#if defined(PSA_WANT_ALG_SHA_512) || defined(PSA_WANT_ALG_SHA_384)
+#define PSA_HASH_MAX_SIZE 64
+#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128
+#else
+#define PSA_HASH_MAX_SIZE 32
+#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64
+#endif
+
+/** \def PSA_MAC_MAX_SIZE
+ *
+ * Maximum size of a MAC.
+ *
+ * This macro expands to a compile-time constant integer. This value
+ * is the maximum size of a MAC in bytes.
+ */
+/* All non-HMAC MACs have a maximum size that's smaller than the
+ * minimum possible value of PSA_HASH_MAX_SIZE in this implementation. */
+/* Note that the encoding of truncated MAC algorithms limits this value
+ * to 64 bytes.
+ */
+#define PSA_MAC_MAX_SIZE PSA_HASH_MAX_SIZE
+
+/** The length of a tag for an AEAD algorithm, in bytes.
+ *
+ * This macro can be used to allocate a buffer of sufficient size to store the
+ * tag output from psa_aead_finish().
+ *
+ * See also #PSA_AEAD_TAG_MAX_SIZE.
+ *
+ * \param key_type            The type of the AEAD key.
+ * \param key_bits            The size of the AEAD key in bits.
+ * \param alg                 An AEAD algorithm
+ *                            (\c PSA_ALG_XXX value such that
+ *                            #PSA_ALG_IS_AEAD(\p alg) is true).
+ *
+ * \return                    The tag length for the specified algorithm and key.
+ *                            If the AEAD algorithm does not have an identified
+ *                            tag that can be distinguished from the rest of
+ *                            the ciphertext, return 0.
+ *                            If the key type or AEAD algorithm is not
+ *                            recognized, or the parameters are incompatible,
+ *                            return 0.
+ */
+#define PSA_AEAD_TAG_LENGTH(key_type, key_bits, alg)                        \
+    (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ?                            \
+     PSA_ALG_AEAD_GET_TAG_LENGTH(alg) :                                     \
+     ((void) (key_bits), 0))
+
+/** The maximum tag size for all supported AEAD algorithms, in bytes.
+ *
+ * See also #PSA_AEAD_TAG_LENGTH(\p key_type, \p key_bits, \p alg).
+ */
+#define PSA_AEAD_TAG_MAX_SIZE       16
+
+/* The maximum size of an RSA key on this implementation, in bits.
+ * This is a vendor-specific macro.
+ *
+ * Mbed TLS does not set a hard limit on the size of RSA keys: any key
+ * whose parameters fit in a bignum is accepted. However large keys can
+ * induce a large memory usage and long computation times. Unlike other
+ * auxiliary macros in this file and in crypto.h, which reflect how the
+ * library is configured, this macro defines how the library is
+ * configured. This implementation refuses to import or generate an
+ * RSA key whose size is larger than the value defined here.
+ *
+ * Note that an implementation may set different size limits for different
+ * operations, and does not need to accept all key sizes up to the limit. */
+#define PSA_VENDOR_RSA_MAX_KEY_BITS 4096
+
+/* The maximum size of an ECC key on this implementation, in bits.
+ * This is a vendor-specific macro. */
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 521
+#elif defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 512
+#elif defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 448
+#elif defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 384
+#elif defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 384
+#elif defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256
+#elif defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256
+#elif defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256
+#elif defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 255
+#elif defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 224
+#elif defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 224
+#elif defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 192
+#elif defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 192
+#else
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 0
+#endif
+
+/** This macro returns the maximum supported length of the PSK for the
+ * TLS-1.2 PSK-to-MS key derivation
+ * (#PSA_ALG_TLS12_PSK_TO_MS(\c hash_alg)).
+ *
+ * The maximum supported length does not depend on the chosen hash algorithm.
+ *
+ * Quoting RFC 4279, Sect 5.3:
+ * TLS implementations supporting these ciphersuites MUST support
+ * arbitrary PSK identities up to 128 octets in length, and arbitrary
+ * PSKs up to 64 octets in length.  Supporting longer identities and
+ * keys is RECOMMENDED.
+ *
+ * Therefore, no implementation should define a value smaller than 64
+ * for #PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE.
+ */
+#define PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE 128
+
+/** The maximum size of a block cipher. */
+#define PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE 16
+
+/** The size of the output of psa_mac_sign_finish(), in bytes.
+ *
+ * This is also the MAC size that psa_mac_verify_finish() expects.
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * \param key_type      The type of the MAC key.
+ * \param key_bits      The size of the MAC key in bits.
+ * \param alg           A MAC algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_MAC(\p alg) is true).
+ *
+ * \return              The MAC size for the specified algorithm with
+ *                      the specified key parameters.
+ * \return              0 if the MAC algorithm is not recognized.
+ * \return              Either 0 or the correct size for a MAC algorithm that
+ *                      the implementation recognizes, but does not support.
+ * \return              Unspecified if the key parameters are not consistent
+ *                      with the algorithm.
+ */
+#define PSA_MAC_LENGTH(key_type, key_bits, alg)                                   \
+    ((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) :        \
+     PSA_ALG_IS_HMAC(alg) ? PSA_HASH_LENGTH(PSA_ALG_HMAC_GET_HASH(alg)) :         \
+     PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
+     ((void) (key_type), (void) (key_bits), 0))
+
+/** The maximum size of the output of psa_aead_encrypt(), in bytes.
+ *
+ * If the size of the ciphertext buffer is at least this large, it is
+ * guaranteed that psa_aead_encrypt() will not fail due to an
+ * insufficient buffer size. Depending on the algorithm, the actual size of
+ * the ciphertext may be smaller.
+ *
+ * See also #PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(\p plaintext_length).
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * \param key_type            A symmetric key type that is
+ *                            compatible with algorithm \p alg.
+ * \param alg                 An AEAD algorithm
+ *                            (\c PSA_ALG_XXX value such that
+ *                            #PSA_ALG_IS_AEAD(\p alg) is true).
+ * \param plaintext_length    Size of the plaintext in bytes.
+ *
+ * \return                    The AEAD ciphertext size for the specified
+ *                            algorithm.
+ *                            If the key type or AEAD algorithm is not
+ *                            recognized, or the parameters are incompatible,
+ *                            return 0.
+ */
+#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, plaintext_length) \
+    (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ?                      \
+     (plaintext_length) + PSA_ALG_AEAD_GET_TAG_LENGTH(alg) :          \
+     0)
+
+/** A sufficient output buffer size for psa_aead_encrypt(), for any of the
+ *  supported key types and AEAD algorithms.
+ *
+ * If the size of the ciphertext buffer is at least this large, it is guaranteed
+ * that psa_aead_encrypt() will not fail due to an insufficient buffer size.
+ *
+ * \note This macro returns a compile-time constant if its arguments are
+ *       compile-time constants.
+ *
+ * See also #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p key_type, \p alg,
+ * \p plaintext_length).
+ *
+ * \param plaintext_length    Size of the plaintext in bytes.
+ *
+ * \return                    A sufficient output buffer size for any of the
+ *                            supported key types and AEAD algorithms.
+ *
+ */
+#define PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(plaintext_length)          \
+    ((plaintext_length) + PSA_AEAD_TAG_MAX_SIZE)
+
+
+/** The maximum size of the output of psa_aead_decrypt(), in bytes.
+ *
+ * If the size of the plaintext buffer is at least this large, it is
+ * guaranteed that psa_aead_decrypt() will not fail due to an
+ * insufficient buffer size. Depending on the algorithm, the actual size of
+ * the plaintext may be smaller.
+ *
+ * See also #PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(\p ciphertext_length).
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * \param key_type            A symmetric key type that is
+ *                            compatible with algorithm \p alg.
+ * \param alg                 An AEAD algorithm
+ *                            (\c PSA_ALG_XXX value such that
+ *                            #PSA_ALG_IS_AEAD(\p alg) is true).
+ * \param ciphertext_length   Size of the plaintext in bytes.
+ *
+ * \return                    The AEAD ciphertext size for the specified
+ *                            algorithm.
+ *                            If the key type or AEAD algorithm is not
+ *                            recognized, or the parameters are incompatible,
+ *                            return 0.
+ */
+#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext_length) \
+    (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 &&                      \
+     (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH(alg) ?      \
+     (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) :      \
+     0)
+
+/** A sufficient output buffer size for psa_aead_decrypt(), for any of the
+ *  supported key types and AEAD algorithms.
+ *
+ * If the size of the plaintext buffer is at least this large, it is guaranteed
+ * that psa_aead_decrypt() will not fail due to an insufficient buffer size.
+ *
+ * \note This macro returns a compile-time constant if its arguments are
+ *       compile-time constants.
+ *
+ * See also #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p key_type, \p alg,
+ * \p ciphertext_length).
+ *
+ * \param ciphertext_length   Size of the ciphertext in bytes.
+ *
+ * \return                    A sufficient output buffer size for any of the
+ *                            supported key types and AEAD algorithms.
+ *
+ */
+#define PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(ciphertext_length)     \
+    (ciphertext_length)
+
+/** The default nonce size for an AEAD algorithm, in bytes.
+ *
+ * This macro can be used to allocate a buffer of sufficient size to
+ * store the nonce output from #psa_aead_generate_nonce().
+ *
+ * See also #PSA_AEAD_NONCE_MAX_SIZE.
+ *
+ * \note This is not the maximum size of nonce supported as input to
+ *       #psa_aead_set_nonce(), #psa_aead_encrypt() or #psa_aead_decrypt(),
+ *       just the default size that is generated by #psa_aead_generate_nonce().
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * \param key_type  A symmetric key type that is compatible with
+ *                  algorithm \p alg.
+ *
+ * \param alg       An AEAD algorithm (\c PSA_ALG_XXX value such that
+ *                  #PSA_ALG_IS_AEAD(\p alg) is true).
+ *
+ * \return The default nonce size for the specified key type and algorithm.
+ *         If the key type or AEAD algorithm is not recognized,
+ *         or the parameters are incompatible, return 0.
+ */
+#define PSA_AEAD_NONCE_LENGTH(key_type, alg) \
+    (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) == 16 ? \
+     MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CCM) ? 13 : \
+     MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_GCM) ? 12 : \
+     0 : \
+     (key_type) == PSA_KEY_TYPE_CHACHA20 && \
+     MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CHACHA20_POLY1305) ? 12 : \
+     0)
+
+/** The maximum default nonce size among all supported pairs of key types and
+ *  AEAD algorithms, in bytes.
+ *
+ * This is equal to or greater than any value that #PSA_AEAD_NONCE_LENGTH()
+ * may return.
+ *
+ * \note This is not the maximum size of nonce supported as input to
+ *       #psa_aead_set_nonce(), #psa_aead_encrypt() or #psa_aead_decrypt(),
+ *       just the largest size that may be generated by
+ *       #psa_aead_generate_nonce().
+ */
+#define PSA_AEAD_NONCE_MAX_SIZE 13
+
+/** A sufficient output buffer size for psa_aead_update().
+ *
+ * If the size of the output buffer is at least this large, it is
+ * guaranteed that psa_aead_update() will not fail due to an
+ * insufficient buffer size. The actual size of the output may be smaller
+ * in any given call.
+ *
+ * See also #PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE(\p input_length).
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * \param key_type            A symmetric key type that is
+ *                            compatible with algorithm \p alg.
+ * \param alg                 An AEAD algorithm
+ *                            (\c PSA_ALG_XXX value such that
+ *                            #PSA_ALG_IS_AEAD(\p alg) is true).
+ * \param input_length        Size of the input in bytes.
+ *
+ * \return                    A sufficient output buffer size for the specified
+ *                            algorithm.
+ *                            If the key type or AEAD algorithm is not
+ *                            recognized, or the parameters are incompatible,
+ *                            return 0.
+ */
+/* For all the AEAD modes defined in this specification, it is possible
+ * to emit output without delay. However, hardware may not always be
+ * capable of this. So for modes based on a block cipher, allow the
+ * implementation to delay the output until it has a full block. */
+#define PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, input_length)                             \
+    (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ?                                             \
+     PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ?                                              \
+     PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), (input_length)) : \
+     (input_length) : \
+     0)
+
+/** A sufficient output buffer size for psa_aead_update(), for any of the
+ *  supported key types and AEAD algorithms.
+ *
+ * If the size of the output buffer is at least this large, it is guaranteed
+ * that psa_aead_update() will not fail due to an insufficient buffer size.
+ *
+ * See also #PSA_AEAD_UPDATE_OUTPUT_SIZE(\p key_type, \p alg, \p input_length).
+ *
+ * \param input_length      Size of the input in bytes.
+ */
+#define PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE(input_length)                           \
+    (PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length)))
+
+/** A sufficient ciphertext buffer size for psa_aead_finish().
+ *
+ * If the size of the ciphertext buffer is at least this large, it is
+ * guaranteed that psa_aead_finish() will not fail due to an
+ * insufficient ciphertext buffer size. The actual size of the output may
+ * be smaller in any given call.
+ *
+ * See also #PSA_AEAD_FINISH_OUTPUT_MAX_SIZE.
+ *
+ * \param key_type            A symmetric key type that is
+                              compatible with algorithm \p alg.
+ * \param alg                 An AEAD algorithm
+ *                            (\c PSA_ALG_XXX value such that
+ *                            #PSA_ALG_IS_AEAD(\p alg) is true).
+ *
+ * \return                    A sufficient ciphertext buffer size for the
+ *                            specified algorithm.
+ *                            If the key type or AEAD algorithm is not
+ *                            recognized, or the parameters are incompatible,
+ *                            return 0.
+ */
+#define PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg) \
+    (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 &&  \
+     PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ?    \
+     PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
+     0)
+
+/** A sufficient ciphertext buffer size for psa_aead_finish(), for any of the
+ *  supported key types and AEAD algorithms.
+ *
+ * See also #PSA_AEAD_FINISH_OUTPUT_SIZE(\p key_type, \p alg).
+ */
+#define PSA_AEAD_FINISH_OUTPUT_MAX_SIZE     (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE)
+
+/** A sufficient plaintext buffer size for psa_aead_verify().
+ *
+ * If the size of the plaintext buffer is at least this large, it is
+ * guaranteed that psa_aead_verify() will not fail due to an
+ * insufficient plaintext buffer size. The actual size of the output may
+ * be smaller in any given call.
+ *
+ * See also #PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE.
+ *
+ * \param key_type            A symmetric key type that is
+ *                            compatible with algorithm \p alg.
+ * \param alg                 An AEAD algorithm
+ *                            (\c PSA_ALG_XXX value such that
+ *                            #PSA_ALG_IS_AEAD(\p alg) is true).
+ *
+ * \return                    A sufficient plaintext buffer size for the
+ *                            specified algorithm.
+ *                            If the key type or AEAD algorithm is not
+ *                            recognized, or the parameters are incompatible,
+ *                            return 0.
+ */
+#define PSA_AEAD_VERIFY_OUTPUT_SIZE(key_type, alg) \
+    (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 &&  \
+     PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ?    \
+     PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
+     0)
+
+/** A sufficient plaintext buffer size for psa_aead_verify(), for any of the
+ *  supported key types and AEAD algorithms.
+ *
+ * See also #PSA_AEAD_VERIFY_OUTPUT_SIZE(\p key_type, \p alg).
+ */
+#define PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE     (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE)
+
+#define PSA_RSA_MINIMUM_PADDING_SIZE(alg)                         \
+    (PSA_ALG_IS_RSA_OAEP(alg) ?                                   \
+     2 * PSA_HASH_LENGTH(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 :    \
+     11 /*PKCS#1v1.5*/)
+
+/**
+ * \brief ECDSA signature size for a given curve bit size
+ *
+ * \param curve_bits    Curve size in bits.
+ * \return              Signature size in bytes.
+ *
+ * \note This macro returns a compile-time constant if its argument is one.
+ */
+#define PSA_ECDSA_SIGNATURE_SIZE(curve_bits)    \
+    (PSA_BITS_TO_BYTES(curve_bits) * 2)
+
+/** Sufficient signature buffer size for psa_sign_hash().
+ *
+ * This macro returns a sufficient buffer size for a signature using a key
+ * of the specified type and size, with the specified algorithm.
+ * Note that the actual size of the signature may be smaller
+ * (some algorithms produce a variable-size signature).
+ *
+ * \warning This function may call its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * \param key_type  An asymmetric key type (this may indifferently be a
+ *                  key pair type or a public key type).
+ * \param key_bits  The size of the key in bits.
+ * \param alg       The signature algorithm.
+ *
+ * \return If the parameters are valid and supported, return
+ *         a buffer size in bytes that guarantees that
+ *         psa_sign_hash() will not fail with
+ *         #PSA_ERROR_BUFFER_TOO_SMALL.
+ *         If the parameters are a valid combination that is not supported,
+ *         return either a sensible size or 0.
+ *         If the parameters are not valid, the
+ *         return value is unspecified.
+ */
+#define PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg)        \
+    (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void) alg, PSA_BITS_TO_BYTES(key_bits)) : \
+     PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \
+     ((void) alg, 0))
+
+#define PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE     \
+    PSA_ECDSA_SIGNATURE_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)
+
+/** \def PSA_SIGNATURE_MAX_SIZE
+ *
+ * Maximum size of an asymmetric signature.
+ *
+ * This macro expands to a compile-time constant integer. This value
+ * is the maximum size of a signature in bytes.
+ */
+#define PSA_SIGNATURE_MAX_SIZE                               \
+    (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) > PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE ? \
+     PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) :                   \
+     PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE)
+
+/** Sufficient output buffer size for psa_asymmetric_encrypt().
+ *
+ * This macro returns a sufficient buffer size for a ciphertext produced using
+ * a key of the specified type and size, with the specified algorithm.
+ * Note that the actual size of the ciphertext may be smaller, depending
+ * on the algorithm.
+ *
+ * \warning This function may call its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * \param key_type  An asymmetric key type (this may indifferently be a
+ *                  key pair type or a public key type).
+ * \param key_bits  The size of the key in bits.
+ * \param alg       The asymmetric encryption algorithm.
+ *
+ * \return If the parameters are valid and supported, return
+ *         a buffer size in bytes that guarantees that
+ *         psa_asymmetric_encrypt() will not fail with
+ *         #PSA_ERROR_BUFFER_TOO_SMALL.
+ *         If the parameters are a valid combination that is not supported,
+ *         return either a sensible size or 0.
+ *         If the parameters are not valid, the
+ *         return value is unspecified.
+ */
+#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg)     \
+    (PSA_KEY_TYPE_IS_RSA(key_type) ?                                    \
+     ((void) alg, PSA_BITS_TO_BYTES(key_bits)) :                         \
+     0)
+
+/** A sufficient output buffer size for psa_asymmetric_encrypt(), for any
+ *  supported asymmetric encryption.
+ *
+ * See also #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(\p key_type, \p key_bits, \p alg).
+ */
+/* This macro assumes that RSA is the only supported asymmetric encryption. */
+#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE          \
+    (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS))
+
+/** Sufficient output buffer size for psa_asymmetric_decrypt().
+ *
+ * This macro returns a sufficient buffer size for a plaintext produced using
+ * a key of the specified type and size, with the specified algorithm.
+ * Note that the actual size of the plaintext may be smaller, depending
+ * on the algorithm.
+ *
+ * \warning This function may call its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * \param key_type  An asymmetric key type (this may indifferently be a
+ *                  key pair type or a public key type).
+ * \param key_bits  The size of the key in bits.
+ * \param alg       The asymmetric encryption algorithm.
+ *
+ * \return If the parameters are valid and supported, return
+ *         a buffer size in bytes that guarantees that
+ *         psa_asymmetric_decrypt() will not fail with
+ *         #PSA_ERROR_BUFFER_TOO_SMALL.
+ *         If the parameters are a valid combination that is not supported,
+ *         return either a sensible size or 0.
+ *         If the parameters are not valid, the
+ *         return value is unspecified.
+ */
+#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg)     \
+    (PSA_KEY_TYPE_IS_RSA(key_type) ?                                    \
+     PSA_BITS_TO_BYTES(key_bits) - PSA_RSA_MINIMUM_PADDING_SIZE(alg) :  \
+     0)
+
+/** A sufficient output buffer size for psa_asymmetric_decrypt(), for any
+ *  supported asymmetric decryption.
+ *
+ * This macro assumes that RSA is the only supported asymmetric encryption.
+ *
+ * See also #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(\p key_type, \p key_bits, \p alg).
+ */
+#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE          \
+    (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS))
+
+/* Maximum size of the ASN.1 encoding of an INTEGER with the specified
+ * number of bits.
+ *
+ * This definition assumes that bits <= 2^19 - 9 so that the length field
+ * is at most 3 bytes. The length of the encoding is the length of the
+ * bit string padded to a whole number of bytes plus:
+ * - 1 type byte;
+ * - 1 to 3 length bytes;
+ * - 0 to 1 bytes of leading 0 due to the sign bit.
+ */
+#define PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(bits)      \
+    ((bits) / 8 + 5)
+
+/* Maximum size of the export encoding of an RSA public key.
+ * Assumes that the public exponent is less than 2^32.
+ *
+ * RSAPublicKey  ::=  SEQUENCE  {
+ *    modulus            INTEGER,    -- n
+ *    publicExponent     INTEGER  }  -- e
+ *
+ * - 4 bytes of SEQUENCE overhead;
+ * - n : INTEGER;
+ * - 7 bytes for the public exponent.
+ */
+#define PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits)        \
+    (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) + 11)
+
+/* Maximum size of the export encoding of an RSA key pair.
+ * Assumes that the public exponent is less than 2^32 and that the size
+ * difference between the two primes is at most 1 bit.
+ *
+ * RSAPrivateKey ::= SEQUENCE {
+ *     version           Version,  -- 0
+ *     modulus           INTEGER,  -- N-bit
+ *     publicExponent    INTEGER,  -- 32-bit
+ *     privateExponent   INTEGER,  -- N-bit
+ *     prime1            INTEGER,  -- N/2-bit
+ *     prime2            INTEGER,  -- N/2-bit
+ *     exponent1         INTEGER,  -- N/2-bit
+ *     exponent2         INTEGER,  -- N/2-bit
+ *     coefficient       INTEGER,  -- N/2-bit
+ * }
+ *
+ * - 4 bytes of SEQUENCE overhead;
+ * - 3 bytes of version;
+ * - 7 half-size INTEGERs plus 2 full-size INTEGERs,
+ *   overapproximated as 9 half-size INTEGERS;
+ * - 7 bytes for the public exponent.
+ */
+#define PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits)   \
+    (9 * PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE((key_bits) / 2 + 1) + 14)
+
+/* Maximum size of the export encoding of a DSA public key.
+ *
+ * SubjectPublicKeyInfo  ::=  SEQUENCE  {
+ *      algorithm            AlgorithmIdentifier,
+ *      subjectPublicKey     BIT STRING  } -- contains DSAPublicKey
+ * AlgorithmIdentifier  ::=  SEQUENCE  {
+ *      algorithm               OBJECT IDENTIFIER,
+ *      parameters              Dss-Params  } -- SEQUENCE of 3 INTEGERs
+ * DSAPublicKey  ::=  INTEGER -- public key, Y
+ *
+ * - 3 * 4 bytes of SEQUENCE overhead;
+ * - 1 + 1 + 7 bytes of algorithm (DSA OID);
+ * - 4 bytes of BIT STRING overhead;
+ * - 3 full-size INTEGERs (p, g, y);
+ * - 1 + 1 + 32 bytes for 1 sub-size INTEGER (q <= 256 bits).
+ */
+#define PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits)        \
+    (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3 + 59)
+
+/* Maximum size of the export encoding of a DSA key pair.
+ *
+ * DSAPrivateKey ::= SEQUENCE {
+ *     version             Version,  -- 0
+ *     prime               INTEGER,  -- p
+ *     subprime            INTEGER,  -- q
+ *     generator           INTEGER,  -- g
+ *     public              INTEGER,  -- y
+ *     private             INTEGER,  -- x
+ * }
+ *
+ * - 4 bytes of SEQUENCE overhead;
+ * - 3 bytes of version;
+ * - 3 full-size INTEGERs (p, g, y);
+ * - 2 * (1 + 1 + 32) bytes for 2 sub-size INTEGERs (q, x <= 256 bits).
+ */
+#define PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits)   \
+    (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3 + 75)
+
+/* Maximum size of the export encoding of an ECC public key.
+ *
+ * The representation of an ECC public key is:
+ *      - The byte 0x04;
+ *      - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
+ *      - `y_P` as a `ceiling(m/8)`-byte string, big-endian;
+ *      - where m is the bit size associated with the curve.
+ *
+ * - 1 byte + 2 * point size.
+ */
+#define PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits)        \
+    (2 * PSA_BITS_TO_BYTES(key_bits) + 1)
+
+/* Maximum size of the export encoding of an ECC key pair.
+ *
+ * An ECC key pair is represented by the secret value.
+ */
+#define PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits)   \
+    (PSA_BITS_TO_BYTES(key_bits))
+
+/** Sufficient output buffer size for psa_export_key() or
+ * psa_export_public_key().
+ *
+ * This macro returns a compile-time constant if its arguments are
+ * compile-time constants.
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * The following code illustrates how to allocate enough memory to export
+ * a key by querying the key type and size at runtime.
+ * \code{c}
+ * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ * psa_status_t status;
+ * status = psa_get_key_attributes(key, &attributes);
+ * if (status != PSA_SUCCESS) handle_error(...);
+ * psa_key_type_t key_type = psa_get_key_type(&attributes);
+ * size_t key_bits = psa_get_key_bits(&attributes);
+ * size_t buffer_size = PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits);
+ * psa_reset_key_attributes(&attributes);
+ * uint8_t *buffer = malloc(buffer_size);
+ * if (buffer == NULL) handle_error(...);
+ * size_t buffer_length;
+ * status = psa_export_key(key, buffer, buffer_size, &buffer_length);
+ * if (status != PSA_SUCCESS) handle_error(...);
+ * \endcode
+ *
+ * \param key_type  A supported key type.
+ * \param key_bits  The size of the key in bits.
+ *
+ * \return If the parameters are valid and supported, return
+ *         a buffer size in bytes that guarantees that
+ *         psa_export_key() or psa_export_public_key() will not fail with
+ *         #PSA_ERROR_BUFFER_TOO_SMALL.
+ *         If the parameters are a valid combination that is not supported,
+ *         return either a sensible size or 0.
+ *         If the parameters are not valid, the return value is unspecified.
+ */
+#define PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits)                                              \
+    (PSA_KEY_TYPE_IS_UNSTRUCTURED(key_type) ? PSA_BITS_TO_BYTES(key_bits) :                         \
+     (key_type) == PSA_KEY_TYPE_RSA_KEY_PAIR ? PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits) :     \
+     (key_type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY ? PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \
+     (key_type) == PSA_KEY_TYPE_DSA_KEY_PAIR ? PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits) :     \
+     (key_type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY ? PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \
+     PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type) ? PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) :      \
+     PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) :  \
+     0)
+
+/** Sufficient output buffer size for psa_export_public_key().
+ *
+ * This macro returns a compile-time constant if its arguments are
+ * compile-time constants.
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * The following code illustrates how to allocate enough memory to export
+ * a public key by querying the key type and size at runtime.
+ * \code{c}
+ * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ * psa_status_t status;
+ * status = psa_get_key_attributes(key, &attributes);
+ * if (status != PSA_SUCCESS) handle_error(...);
+ * psa_key_type_t key_type = psa_get_key_type(&attributes);
+ * size_t key_bits = psa_get_key_bits(&attributes);
+ * size_t buffer_size = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(key_type, key_bits);
+ * psa_reset_key_attributes(&attributes);
+ * uint8_t *buffer = malloc(buffer_size);
+ * if (buffer == NULL) handle_error(...);
+ * size_t buffer_length;
+ * status = psa_export_public_key(key, buffer, buffer_size, &buffer_length);
+ * if (status != PSA_SUCCESS) handle_error(...);
+ * \endcode
+ *
+ * \param key_type      A public key or key pair key type.
+ * \param key_bits      The size of the key in bits.
+ *
+ * \return              If the parameters are valid and supported, return
+ *                      a buffer size in bytes that guarantees that
+ *                      psa_export_public_key() will not fail with
+ *                      #PSA_ERROR_BUFFER_TOO_SMALL.
+ *                      If the parameters are a valid combination that is not
+ *                      supported, return either a sensible size or 0.
+ *                      If the parameters are not valid,
+ *                      the return value is unspecified.
+ *
+ *                      If the parameters are valid and supported,
+ *                      return the same result as
+ *                      #PSA_EXPORT_KEY_OUTPUT_SIZE(
+ *                          \p #PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(\p key_type),
+ *                          \p key_bits).
+ */
+#define PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(key_type, key_bits)                           \
+    (PSA_KEY_TYPE_IS_RSA(key_type) ? PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \
+     PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \
+     0)
+
+/** Sufficient buffer size for exporting any asymmetric key pair.
+ *
+ * This macro expands to a compile-time constant integer. This value is
+ * a sufficient buffer size when calling psa_export_key() to export any
+ * asymmetric key pair, regardless of the exact key type and key size.
+ *
+ * See also #PSA_EXPORT_KEY_OUTPUT_SIZE(\p key_type, \p key_bits).
+ */
+#define PSA_EXPORT_KEY_PAIR_MAX_SIZE                                            \
+    (PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) >        \
+     PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) ?      \
+     PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) :        \
+     PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS))
+
+/** Sufficient buffer size for exporting any asymmetric public key.
+ *
+ * This macro expands to a compile-time constant integer. This value is
+ * a sufficient buffer size when calling psa_export_key() or
+ * psa_export_public_key() to export any asymmetric public key,
+ * regardless of the exact key type and key size.
+ *
+ * See also #PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(\p key_type, \p key_bits).
+ */
+#define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE                                          \
+    (PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) >      \
+     PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) ?    \
+     PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) :      \
+     PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS))
+
+/** Sufficient output buffer size for psa_raw_key_agreement().
+ *
+ * This macro returns a compile-time constant if its arguments are
+ * compile-time constants.
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * See also #PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE.
+ *
+ * \param key_type      A supported key type.
+ * \param key_bits      The size of the key in bits.
+ *
+ * \return              If the parameters are valid and supported, return
+ *                      a buffer size in bytes that guarantees that
+ *                      psa_raw_key_agreement() will not fail with
+ *                      #PSA_ERROR_BUFFER_TOO_SMALL.
+ *                      If the parameters are a valid combination that
+ *                      is not supported, return either a sensible size or 0.
+ *                      If the parameters are not valid,
+ *                      the return value is unspecified.
+ */
+/* FFDH is not yet supported in PSA. */
+#define PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(key_type, key_bits)   \
+    (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type) ?                   \
+     PSA_BITS_TO_BYTES(key_bits) :                              \
+     0)
+
+/** Maximum size of the output from psa_raw_key_agreement().
+ *
+ * This macro expands to a compile-time constant integer. This value is the
+ * maximum size of the output any raw key agreement algorithm, in bytes.
+ *
+ * See also #PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(\p key_type, \p key_bits).
+ */
+#define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE   \
+    (PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS))
+
+/** The default IV size for a cipher algorithm, in bytes.
+ *
+ * The IV that is generated as part of a call to #psa_cipher_encrypt() is always
+ * the default IV length for the algorithm.
+ *
+ * This macro can be used to allocate a buffer of sufficient size to
+ * store the IV output from #psa_cipher_generate_iv() when using
+ * a multi-part cipher operation.
+ *
+ * See also #PSA_CIPHER_IV_MAX_SIZE.
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * \param key_type  A symmetric key type that is compatible with algorithm \p alg.
+ *
+ * \param alg       A cipher algorithm (\c PSA_ALG_XXX value such that #PSA_ALG_IS_CIPHER(\p alg) is true).
+ *
+ * \return The default IV size for the specified key type and algorithm.
+ *         If the algorithm does not use an IV, return 0.
+ *         If the key type or cipher algorithm is not recognized,
+ *         or the parameters are incompatible, return 0.
+ */
+#define PSA_CIPHER_IV_LENGTH(key_type, alg) \
+    (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) > 1 && \
+     ((alg) == PSA_ALG_CTR || \
+      (alg) == PSA_ALG_CFB || \
+      (alg) == PSA_ALG_OFB || \
+      (alg) == PSA_ALG_XTS || \
+      (alg) == PSA_ALG_CBC_NO_PADDING || \
+      (alg) == PSA_ALG_CBC_PKCS7) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
+     (key_type) == PSA_KEY_TYPE_CHACHA20 && \
+     (alg) == PSA_ALG_STREAM_CIPHER ? 12 : \
+     0)
+
+/** The maximum IV size for all supported cipher algorithms, in bytes.
+ *
+ * See also #PSA_CIPHER_IV_LENGTH().
+ */
+#define PSA_CIPHER_IV_MAX_SIZE 16
+
+/** The maximum size of the output of psa_cipher_encrypt(), in bytes.
+ *
+ * If the size of the output buffer is at least this large, it is guaranteed
+ * that psa_cipher_encrypt() will not fail due to an insufficient buffer size.
+ * Depending on the algorithm, the actual size of the output might be smaller.
+ *
+ * See also #PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(\p input_length).
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * \param key_type      A symmetric key type that is compatible with algorithm
+ *                      alg.
+ * \param alg           A cipher algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_CIPHER(\p alg) is true).
+ * \param input_length  Size of the input in bytes.
+ *
+ * \return              A sufficient output size for the specified key type and
+ *                      algorithm. If the key type or cipher algorithm is not
+ *                      recognized, or the parameters are incompatible,
+ *                      return 0.
+ */
+#define PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_length)             \
+    (alg == PSA_ALG_CBC_PKCS7 ?                                                 \
+     (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ?                            \
+      PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type),          \
+                               (input_length) + 1) +                             \
+      PSA_CIPHER_IV_LENGTH((key_type), (alg)) : 0) :                             \
+     (PSA_ALG_IS_CIPHER(alg) ?                                                  \
+      (input_length) + PSA_CIPHER_IV_LENGTH((key_type), (alg)) :                \
+      0))
+
+/** A sufficient output buffer size for psa_cipher_encrypt(), for any of the
+ *  supported key types and cipher algorithms.
+ *
+ * If the size of the output buffer is at least this large, it is guaranteed
+ * that psa_cipher_encrypt() will not fail due to an insufficient buffer size.
+ *
+ * See also #PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(\p key_type, \p alg, \p input_length).
+ *
+ * \param input_length  Size of the input in bytes.
+ *
+ */
+#define PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(input_length)                        \
+    (PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE,                  \
+                              (input_length) + 1) +                             \
+     PSA_CIPHER_IV_MAX_SIZE)
+
+/** The maximum size of the output of psa_cipher_decrypt(), in bytes.
+ *
+ * If the size of the output buffer is at least this large, it is guaranteed
+ * that psa_cipher_decrypt() will not fail due to an insufficient buffer size.
+ * Depending on the algorithm, the actual size of the output might be smaller.
+ *
+ * See also #PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(\p input_length).
+ *
+ * \param key_type      A symmetric key type that is compatible with algorithm
+ *                      alg.
+ * \param alg           A cipher algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_CIPHER(\p alg) is true).
+ * \param input_length  Size of the input in bytes.
+ *
+ * \return              A sufficient output size for the specified key type and
+ *                      algorithm. If the key type or cipher algorithm is not
+ *                      recognized, or the parameters are incompatible,
+ *                      return 0.
+ */
+#define PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_length)                 \
+    (PSA_ALG_IS_CIPHER(alg) &&                                                      \
+     ((key_type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \
+     (input_length) :                                                               \
+     0)
+
+/** A sufficient output buffer size for psa_cipher_decrypt(), for any of the
+ *  supported key types and cipher algorithms.
+ *
+ * If the size of the output buffer is at least this large, it is guaranteed
+ * that psa_cipher_decrypt() will not fail due to an insufficient buffer size.
+ *
+ * See also #PSA_CIPHER_DECRYPT_OUTPUT_SIZE(\p key_type, \p alg, \p input_length).
+ *
+ * \param input_length  Size of the input in bytes.
+ */
+#define PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(input_length)    \
+    (input_length)
+
+/** A sufficient output buffer size for psa_cipher_update().
+ *
+ * If the size of the output buffer is at least this large, it is guaranteed
+ * that psa_cipher_update() will not fail due to an insufficient buffer size.
+ * The actual size of the output might be smaller in any given call.
+ *
+ * See also #PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(\p input_length).
+ *
+ * \param key_type      A symmetric key type that is compatible with algorithm
+ *                      alg.
+ * \param alg           A cipher algorithm (PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_CIPHER(\p alg) is true).
+ * \param input_length  Size of the input in bytes.
+ *
+ * \return              A sufficient output size for the specified key type and
+ *                      algorithm. If the key type or cipher algorithm is not
+ *                      recognized, or the parameters are incompatible, return 0.
+ */
+#define PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input_length)              \
+    (PSA_ALG_IS_CIPHER(alg) ?                                                   \
+     (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ?                             \
+      (((alg) == PSA_ALG_CBC_PKCS7      ||                                       \
+        (alg) == PSA_ALG_CBC_NO_PADDING ||                                       \
+        (alg) == PSA_ALG_ECB_NO_PADDING) ?                                       \
+       PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type),         \
+                                input_length) :                                 \
+       (input_length)) : 0) :                                                    \
+     0)
+
+/** A sufficient output buffer size for psa_cipher_update(), for any of the
+ *  supported key types and cipher algorithms.
+ *
+ * If the size of the output buffer is at least this large, it is guaranteed
+ * that psa_cipher_update() will not fail due to an insufficient buffer size.
+ *
+ * See also #PSA_CIPHER_UPDATE_OUTPUT_SIZE(\p key_type, \p alg, \p input_length).
+ *
+ * \param input_length  Size of the input in bytes.
+ */
+#define PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(input_length)     \
+    (PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, input_length))
+
+/** A sufficient ciphertext buffer size for psa_cipher_finish().
+ *
+ * If the size of the ciphertext buffer is at least this large, it is
+ * guaranteed that psa_cipher_finish() will not fail due to an insufficient
+ * ciphertext buffer size. The actual size of the output might be smaller in
+ * any given call.
+ *
+ * See also #PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE().
+ *
+ * \param key_type      A symmetric key type that is compatible with algorithm
+ *                      alg.
+ * \param alg           A cipher algorithm (PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_CIPHER(\p alg) is true).
+ * \return              A sufficient output size for the specified key type and
+ *                      algorithm. If the key type or cipher algorithm is not
+ *                      recognized, or the parameters are incompatible, return 0.
+ */
+#define PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg)    \
+    (PSA_ALG_IS_CIPHER(alg) ?                           \
+     (alg == PSA_ALG_CBC_PKCS7 ?                        \
+      PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) :         \
+      0) :                                              \
+     0)
+
+/** A sufficient ciphertext buffer size for psa_cipher_finish(), for any of the
+ *  supported key types and cipher algorithms.
+ *
+ * See also #PSA_CIPHER_FINISH_OUTPUT_SIZE(\p key_type, \p alg).
+ */
+#define PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE           \
+    (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE)
+
+#endif /* PSA_CRYPTO_SIZES_H */
diff --git a/3rdparty/mbedtls-2.28.7/include/psa/crypto_struct.h b/3rdparty/mbedtls-2.28.7/include/psa/crypto_struct.h
new file mode 100644
index 0000000..213625f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/psa/crypto_struct.h
@@ -0,0 +1,452 @@
+/**
+ * \file psa/crypto_struct.h
+ *
+ * \brief PSA cryptography module: Mbed TLS structured type implementations
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * This file contains the definitions of some data structures with
+ * implementation-specific definitions.
+ *
+ * In implementations with isolation between the application and the
+ * cryptography module, it is expected that the front-end and the back-end
+ * would have different versions of this file.
+ *
+ * <h3>Design notes about multipart operation structures</h3>
+ *
+ * For multipart operations without driver delegation support, each multipart
+ * operation structure contains a `psa_algorithm_t alg` field which indicates
+ * which specific algorithm the structure is for. When the structure is not in
+ * use, `alg` is 0. Most of the structure consists of a union which is
+ * discriminated by `alg`.
+ *
+ * For multipart operations with driver delegation support, each multipart
+ * operation structure contains an `unsigned int id` field indicating which
+ * driver got assigned to do the operation. When the structure is not in use,
+ * 'id' is 0. The structure contains also a driver context which is the union
+ * of the contexts of all drivers able to handle the type of multipart
+ * operation.
+ *
+ * Note that when `alg` or `id` is 0, the content of other fields is undefined.
+ * In particular, it is not guaranteed that a freshly-initialized structure
+ * is all-zero: we initialize structures to something like `{0, 0}`, which
+ * is only guaranteed to initializes the first member of the union;
+ * GCC and Clang initialize the whole structure to 0 (at the time of writing),
+ * but MSVC and CompCert don't.
+ *
+ * In Mbed TLS, multipart operation structures live independently from
+ * the key. This allows Mbed TLS to free the key objects when destroying
+ * a key slot. If a multipart operation needs to remember the key after
+ * the setup function returns, the operation structure needs to contain a
+ * copy of the key.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_STRUCT_H
+#define PSA_CRYPTO_STRUCT_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Include the Mbed TLS configuration file, the way Mbed TLS does it
+ * in each of its header files. */
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/cmac.h"
+#include "mbedtls/gcm.h"
+
+/* Include the context definition for the compiled-in drivers for the primitive
+ * algorithms. */
+#include "psa/crypto_driver_contexts_primitives.h"
+
+struct psa_hash_operation_s {
+    /** Unique ID indicating which driver got assigned to do the
+     * operation. Since driver contexts are driver-specific, swapping
+     * drivers halfway through the operation is not supported.
+     * ID values are auto-generated in psa_driver_wrappers.h.
+     * ID value zero means the context is not valid or not assigned to
+     * any driver (i.e. the driver context is not active, in use). */
+    unsigned int id;
+    psa_driver_hash_context_t ctx;
+};
+
+#define PSA_HASH_OPERATION_INIT { 0, { 0 } }
+static inline struct psa_hash_operation_s psa_hash_operation_init(void)
+{
+    const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT;
+    return v;
+}
+
+struct psa_cipher_operation_s {
+    /** Unique ID indicating which driver got assigned to do the
+     * operation. Since driver contexts are driver-specific, swapping
+     * drivers halfway through the operation is not supported.
+     * ID values are auto-generated in psa_crypto_driver_wrappers.h
+     * ID value zero means the context is not valid or not assigned to
+     * any driver (i.e. none of the driver contexts are active). */
+    unsigned int id;
+
+    unsigned int iv_required : 1;
+    unsigned int iv_set : 1;
+
+    uint8_t default_iv_length;
+
+    psa_driver_cipher_context_t ctx;
+};
+
+#define PSA_CIPHER_OPERATION_INIT { 0, 0, 0, 0, { 0 } }
+static inline struct psa_cipher_operation_s psa_cipher_operation_init(void)
+{
+    const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT;
+    return v;
+}
+
+/* Include the context definition for the compiled-in drivers for the composite
+ * algorithms. */
+#include "psa/crypto_driver_contexts_composites.h"
+
+struct psa_mac_operation_s {
+    /** Unique ID indicating which driver got assigned to do the
+     * operation. Since driver contexts are driver-specific, swapping
+     * drivers halfway through the operation is not supported.
+     * ID values are auto-generated in psa_driver_wrappers.h
+     * ID value zero means the context is not valid or not assigned to
+     * any driver (i.e. none of the driver contexts are active). */
+    unsigned int id;
+    uint8_t mac_size;
+    unsigned int is_sign : 1;
+    psa_driver_mac_context_t ctx;
+};
+
+#define PSA_MAC_OPERATION_INIT { 0, 0, 0, { 0 } }
+static inline struct psa_mac_operation_s psa_mac_operation_init(void)
+{
+    const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT;
+    return v;
+}
+
+struct psa_aead_operation_s {
+    psa_algorithm_t alg;
+    unsigned int key_set : 1;
+    unsigned int iv_set : 1;
+    uint8_t iv_size;
+    uint8_t block_size;
+    union {
+        unsigned dummy; /* Enable easier initializing of the union. */
+        mbedtls_cipher_context_t cipher;
+    } ctx;
+};
+
+#define PSA_AEAD_OPERATION_INIT { 0, 0, 0, 0, 0, { 0 } }
+static inline struct psa_aead_operation_s psa_aead_operation_init(void)
+{
+    const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT;
+    return v;
+}
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
+typedef struct {
+    uint8_t *info;
+    size_t info_length;
+#if PSA_HASH_MAX_SIZE > 0xff
+#error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
+#endif
+    uint8_t offset_in_block;
+    uint8_t block_number;
+    unsigned int state : 2;
+    unsigned int info_set : 1;
+    uint8_t output_block[PSA_HASH_MAX_SIZE];
+    uint8_t prk[PSA_HASH_MAX_SIZE];
+    struct psa_mac_operation_s hmac;
+} psa_hkdf_key_derivation_t;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
+typedef enum {
+    PSA_TLS12_PRF_STATE_INIT,       /* no input provided */
+    PSA_TLS12_PRF_STATE_SEED_SET,   /* seed has been set */
+    PSA_TLS12_PRF_STATE_KEY_SET,    /* key has been set */
+    PSA_TLS12_PRF_STATE_LABEL_SET,  /* label has been set */
+    PSA_TLS12_PRF_STATE_OUTPUT      /* output has been started */
+} psa_tls12_prf_key_derivation_state_t;
+
+typedef struct psa_tls12_prf_key_derivation_s {
+#if PSA_HASH_MAX_SIZE > 0xff
+#error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
+#endif
+
+    /* Indicates how many bytes in the current HMAC block have
+     * not yet been read by the user. */
+    uint8_t left_in_block;
+
+    /* The 1-based number of the block. */
+    uint8_t block_number;
+
+    psa_tls12_prf_key_derivation_state_t state;
+
+    uint8_t *secret;
+    size_t secret_length;
+    uint8_t *seed;
+    size_t seed_length;
+    uint8_t *label;
+    size_t label_length;
+
+    uint8_t Ai[PSA_HASH_MAX_SIZE];
+
+    /* `HMAC_hash( prk, A(i) + seed )` in the notation of RFC 5246, Sect. 5. */
+    uint8_t output_block[PSA_HASH_MAX_SIZE];
+} psa_tls12_prf_key_derivation_t;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) ||
+        * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
+
+struct psa_key_derivation_s {
+    psa_algorithm_t alg;
+    unsigned int can_output_key : 1;
+    size_t capacity;
+    union {
+        /* Make the union non-empty even with no supported algorithms. */
+        uint8_t dummy;
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
+        psa_hkdf_key_derivation_t hkdf;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
+        defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
+        psa_tls12_prf_key_derivation_t tls12_prf;
+#endif
+    } ctx;
+};
+
+/* This only zeroes out the first byte in the union, the rest is unspecified. */
+#define PSA_KEY_DERIVATION_OPERATION_INIT { 0, 0, 0, { 0 } }
+static inline struct psa_key_derivation_s psa_key_derivation_operation_init(void)
+{
+    const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT;
+    return v;
+}
+
+struct psa_key_policy_s {
+    psa_key_usage_t usage;
+    psa_algorithm_t alg;
+    psa_algorithm_t alg2;
+};
+typedef struct psa_key_policy_s psa_key_policy_t;
+
+#define PSA_KEY_POLICY_INIT { 0, 0, 0 }
+static inline struct psa_key_policy_s psa_key_policy_init(void)
+{
+    const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT;
+    return v;
+}
+
+/* The type used internally for key sizes.
+ * Public interfaces use size_t, but internally we use a smaller type. */
+typedef uint16_t psa_key_bits_t;
+/* The maximum value of the type used to represent bit-sizes.
+ * This is used to mark an invalid key size. */
+#define PSA_KEY_BITS_TOO_LARGE ((psa_key_bits_t) (-1))
+/* The maximum size of a key in bits.
+ * Currently defined as the maximum that can be represented, rounded down
+ * to a whole number of bytes.
+ * This is an uncast value so that it can be used in preprocessor
+ * conditionals. */
+#define PSA_MAX_KEY_BITS 0xfff8
+
+/** A mask of flags that can be stored in key attributes.
+ *
+ * This type is also used internally to store flags in slots. Internal
+ * flags are defined in library/psa_crypto_core.h. Internal flags may have
+ * the same value as external flags if they are properly handled during
+ * key creation and in psa_get_key_attributes.
+ */
+typedef uint16_t psa_key_attributes_flag_t;
+
+#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER     \
+    ((psa_key_attributes_flag_t) 0x0001)
+
+/* A mask of key attribute flags used externally only.
+ * Only meant for internal checks inside the library. */
+#define MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY (      \
+        MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER |    \
+        0)
+
+/* A mask of key attribute flags used both internally and externally.
+ * Currently there aren't any. */
+#define MBEDTLS_PSA_KA_MASK_DUAL_USE (          \
+        0)
+
+typedef struct {
+    psa_key_type_t type;
+    psa_key_bits_t bits;
+    psa_key_lifetime_t lifetime;
+    mbedtls_svc_key_id_t id;
+    psa_key_policy_t policy;
+    psa_key_attributes_flag_t flags;
+} psa_core_key_attributes_t;
+
+#define PSA_CORE_KEY_ATTRIBUTES_INIT { PSA_KEY_TYPE_NONE, 0, PSA_KEY_LIFETIME_VOLATILE, \
+                                       MBEDTLS_SVC_KEY_ID_INIT, PSA_KEY_POLICY_INIT, 0 }
+
+struct psa_key_attributes_s {
+    psa_core_key_attributes_t core;
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    psa_key_slot_number_t slot_number;
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+    void *domain_parameters;
+    size_t domain_parameters_size;
+};
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+#define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT, 0, NULL, 0 }
+#else
+#define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0 }
+#endif
+
+static inline struct psa_key_attributes_s psa_key_attributes_init(void)
+{
+    const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT;
+    return v;
+}
+
+static inline void psa_set_key_id(psa_key_attributes_t *attributes,
+                                  mbedtls_svc_key_id_t key)
+{
+    psa_key_lifetime_t lifetime = attributes->core.lifetime;
+
+    attributes->core.id = key;
+
+    if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
+        attributes->core.lifetime =
+            PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+                PSA_KEY_LIFETIME_PERSISTENT,
+                PSA_KEY_LIFETIME_GET_LOCATION(lifetime));
+    }
+}
+
+static inline mbedtls_svc_key_id_t psa_get_key_id(
+    const psa_key_attributes_t *attributes)
+{
+    return attributes->core.id;
+}
+
+#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
+static inline void mbedtls_set_key_owner_id(psa_key_attributes_t *attributes,
+                                            mbedtls_key_owner_id_t owner)
+{
+    attributes->core.id.owner = owner;
+}
+#endif
+
+static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes,
+                                        psa_key_lifetime_t lifetime)
+{
+    attributes->core.lifetime = lifetime;
+    if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
+#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
+        attributes->core.id.key_id = 0;
+#else
+        attributes->core.id = 0;
+#endif
+    }
+}
+
+static inline psa_key_lifetime_t psa_get_key_lifetime(
+    const psa_key_attributes_t *attributes)
+{
+    return attributes->core.lifetime;
+}
+
+static inline void psa_extend_key_usage_flags(psa_key_usage_t *usage_flags)
+{
+    if (*usage_flags & PSA_KEY_USAGE_SIGN_HASH) {
+        *usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE;
+    }
+
+    if (*usage_flags & PSA_KEY_USAGE_VERIFY_HASH) {
+        *usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE;
+    }
+}
+
+static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes,
+                                           psa_key_usage_t usage_flags)
+{
+    psa_extend_key_usage_flags(&usage_flags);
+    attributes->core.policy.usage = usage_flags;
+}
+
+static inline psa_key_usage_t psa_get_key_usage_flags(
+    const psa_key_attributes_t *attributes)
+{
+    return attributes->core.policy.usage;
+}
+
+static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes,
+                                         psa_algorithm_t alg)
+{
+    attributes->core.policy.alg = alg;
+}
+
+static inline psa_algorithm_t psa_get_key_algorithm(
+    const psa_key_attributes_t *attributes)
+{
+    return attributes->core.policy.alg;
+}
+
+/* This function is declared in crypto_extra.h, which comes after this
+ * header file, but we need the function here, so repeat the declaration. */
+psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes,
+                                           psa_key_type_t type,
+                                           const uint8_t *data,
+                                           size_t data_length);
+
+static inline void psa_set_key_type(psa_key_attributes_t *attributes,
+                                    psa_key_type_t type)
+{
+    if (attributes->domain_parameters == NULL) {
+        /* Common case: quick path */
+        attributes->core.type = type;
+    } else {
+        /* Call the bigger function to free the old domain parameters.
+         * Ignore any errors which may arise due to type requiring
+         * non-default domain parameters, since this function can't
+         * report errors. */
+        (void) psa_set_key_domain_parameters(attributes, type, NULL, 0);
+    }
+}
+
+static inline psa_key_type_t psa_get_key_type(
+    const psa_key_attributes_t *attributes)
+{
+    return attributes->core.type;
+}
+
+static inline void psa_set_key_bits(psa_key_attributes_t *attributes,
+                                    size_t bits)
+{
+    if (bits > PSA_MAX_KEY_BITS) {
+        attributes->core.bits = PSA_KEY_BITS_TOO_LARGE;
+    } else {
+        attributes->core.bits = (psa_key_bits_t) bits;
+    }
+}
+
+static inline size_t psa_get_key_bits(
+    const psa_key_attributes_t *attributes)
+{
+    return attributes->core.bits;
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* PSA_CRYPTO_STRUCT_H */
diff --git a/3rdparty/mbedtls-2.28.7/include/psa/crypto_types.h b/3rdparty/mbedtls-2.28.7/include/psa/crypto_types.h
new file mode 100644
index 0000000..90cda1a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/psa/crypto_types.h
@@ -0,0 +1,451 @@
+/**
+ * \file psa/crypto_types.h
+ *
+ * \brief PSA cryptography module: type aliases.
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h. Drivers must include the appropriate driver
+ * header file.
+ *
+ * This file contains portable definitions of integral types for properties
+ * of cryptographic keys, designations of cryptographic algorithms, and
+ * error codes returned by the library.
+ *
+ * This header file does not declare any function.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_TYPES_H
+#define PSA_CRYPTO_TYPES_H
+
+#include "crypto_platform.h"
+
+/* If MBEDTLS_PSA_CRYPTO_C is defined, make sure MBEDTLS_PSA_CRYPTO_CLIENT
+ * is defined as well to include all PSA code.
+ */
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+#define MBEDTLS_PSA_CRYPTO_CLIENT
+#endif /* MBEDTLS_PSA_CRYPTO_C */
+
+#include <stdint.h>
+
+/** \defgroup error Error codes
+ * @{
+ */
+
+/**
+ * \brief Function return status.
+ *
+ * This is either #PSA_SUCCESS (which is zero), indicating success,
+ * or a small negative value indicating that an error occurred. Errors are
+ * encoded as one of the \c PSA_ERROR_xxx values defined here. */
+/* If #PSA_SUCCESS is already defined, it means that #psa_status_t
+ * is also defined in an external header, so prevent its multiple
+ * definition.
+ */
+#ifndef PSA_SUCCESS
+typedef int32_t psa_status_t;
+#endif
+
+/**@}*/
+
+/** \defgroup crypto_types Key and algorithm types
+ * @{
+ */
+
+/** \brief Encoding of a key type.
+ *
+ * Values of this type are generally constructed by macros called
+ * `PSA_KEY_TYPE_xxx`.
+ *
+ * \note Values of this type are encoded in the persistent key store.
+ *       Any changes to existing values will require bumping the storage
+ *       format version and providing a translation when reading the old
+ *       format.
+ */
+typedef uint16_t psa_key_type_t;
+
+/** The type of PSA elliptic curve family identifiers.
+ *
+ * Values of this type are generally constructed by macros called
+ * `PSA_ECC_FAMILY_xxx`.
+ *
+ * The curve identifier is required to create an ECC key using the
+ * PSA_KEY_TYPE_ECC_KEY_PAIR() or PSA_KEY_TYPE_ECC_PUBLIC_KEY()
+ * macros.
+ *
+ * Values defined by this standard will never be in the range 0x80-0xff.
+ * Vendors who define additional families must use an encoding in this range.
+ *
+ * \note Values of this type are encoded in the persistent key store.
+ *       Any changes to existing values will require bumping the storage
+ *       format version and providing a translation when reading the old
+ *       format.
+ */
+typedef uint8_t psa_ecc_family_t;
+
+/** The type of PSA Diffie-Hellman group family identifiers.
+ *
+ * Values of this type are generally constructed by macros called
+ * `PSA_DH_FAMILY_xxx`.
+ *
+ * The group identifier is required to create a Diffie-Hellman key using the
+ * PSA_KEY_TYPE_DH_KEY_PAIR() or PSA_KEY_TYPE_DH_PUBLIC_KEY()
+ * macros.
+ *
+ * Values defined by this standard will never be in the range 0x80-0xff.
+ * Vendors who define additional families must use an encoding in this range.
+ *
+ * \note Values of this type are encoded in the persistent key store.
+ *       Any changes to existing values will require bumping the storage
+ *       format version and providing a translation when reading the old
+ *       format.
+ */
+typedef uint8_t psa_dh_family_t;
+
+/** \brief Encoding of a cryptographic algorithm.
+ *
+ * Values of this type are generally constructed by macros called
+ * `PSA_ALG_xxx`.
+ *
+ * For algorithms that can be applied to multiple key types, this type
+ * does not encode the key type. For example, for symmetric ciphers
+ * based on a block cipher, #psa_algorithm_t encodes the block cipher
+ * mode and the padding mode while the block cipher itself is encoded
+ * via #psa_key_type_t.
+ *
+ * \note Values of this type are encoded in the persistent key store.
+ *       Any changes to existing values will require bumping the storage
+ *       format version and providing a translation when reading the old
+ *       format.
+ */
+typedef uint32_t psa_algorithm_t;
+
+/**@}*/
+
+/** \defgroup key_lifetimes Key lifetimes
+ * @{
+ */
+
+/** Encoding of key lifetimes.
+ *
+ * The lifetime of a key indicates where it is stored and what system actions
+ * may create and destroy it.
+ *
+ * Lifetime values have the following structure:
+ * - Bits 0-7 (#PSA_KEY_LIFETIME_GET_PERSISTENCE(\c lifetime)):
+ *   persistence level. This value indicates what device management
+ *   actions can cause it to be destroyed. In particular, it indicates
+ *   whether the key is _volatile_ or _persistent_.
+ *   See ::psa_key_persistence_t for more information.
+ * - Bits 8-31 (#PSA_KEY_LIFETIME_GET_LOCATION(\c lifetime)):
+ *   location indicator. This value indicates which part of the system
+ *   has access to the key material and can perform operations using the key.
+ *   See ::psa_key_location_t for more information.
+ *
+ * Volatile keys are automatically destroyed when the application instance
+ * terminates or on a power reset of the device. Persistent keys are
+ * preserved until the application explicitly destroys them or until an
+ * integration-specific device management event occurs (for example,
+ * a factory reset).
+ *
+ * Persistent keys have a key identifier of type #mbedtls_svc_key_id_t.
+ * This identifier remains valid throughout the lifetime of the key,
+ * even if the application instance that created the key terminates.
+ * The application can call psa_open_key() to open a persistent key that
+ * it created previously.
+ *
+ * The default lifetime of a key is #PSA_KEY_LIFETIME_VOLATILE. The lifetime
+ * #PSA_KEY_LIFETIME_PERSISTENT is supported if persistent storage is
+ * available. Other lifetime values may be supported depending on the
+ * library configuration.
+ *
+ * Values of this type are generally constructed by macros called
+ * `PSA_KEY_LIFETIME_xxx`.
+ *
+ * \note Values of this type are encoded in the persistent key store.
+ *       Any changes to existing values will require bumping the storage
+ *       format version and providing a translation when reading the old
+ *       format.
+ */
+typedef uint32_t psa_key_lifetime_t;
+
+/** Encoding of key persistence levels.
+ *
+ * What distinguishes different persistence levels is what device management
+ * events may cause keys to be destroyed. _Volatile_ keys are destroyed
+ * by a power reset. Persistent keys may be destroyed by events such as
+ * a transfer of ownership or a factory reset. What management events
+ * actually affect persistent keys at different levels is outside the
+ * scope of the PSA Cryptography specification.
+ *
+ * The PSA Cryptography specification defines the following values of
+ * persistence levels:
+ * - \c 0 = #PSA_KEY_PERSISTENCE_VOLATILE: volatile key.
+ *   A volatile key is automatically destroyed by the implementation when
+ *   the application instance terminates. In particular, a volatile key
+ *   is automatically destroyed on a power reset of the device.
+ * - \c 1 = #PSA_KEY_PERSISTENCE_DEFAULT:
+ *   persistent key with a default lifetime.
+ * - \c 2-254: currently not supported by Mbed TLS.
+ * - \c 255 = #PSA_KEY_PERSISTENCE_READ_ONLY:
+ *   read-only or write-once key.
+ *   A key with this persistence level cannot be destroyed.
+ *   Mbed TLS does not currently offer a way to create such keys, but
+ *   integrations of Mbed TLS can use it for built-in keys that the
+ *   application cannot modify (for example, a hardware unique key (HUK)).
+ *
+ * \note Key persistence levels are 8-bit values. Key management
+ *       interfaces operate on lifetimes (type ::psa_key_lifetime_t) which
+ *       encode the persistence as the lower 8 bits of a 32-bit value.
+ *
+ * \note Values of this type are encoded in the persistent key store.
+ *       Any changes to existing values will require bumping the storage
+ *       format version and providing a translation when reading the old
+ *       format.
+ */
+typedef uint8_t psa_key_persistence_t;
+
+/** Encoding of key location indicators.
+ *
+ * If an integration of Mbed TLS can make calls to external
+ * cryptoprocessors such as secure elements, the location of a key
+ * indicates which secure element performs the operations on the key.
+ * Depending on the design of the secure element, the key
+ * material may be stored either in the secure element, or
+ * in wrapped (encrypted) form alongside the key metadata in the
+ * primary local storage.
+ *
+ * The PSA Cryptography API specification defines the following values of
+ * location indicators:
+ * - \c 0: primary local storage.
+ *   This location is always available.
+ *   The primary local storage is typically the same storage area that
+ *   contains the key metadata.
+ * - \c 1: primary secure element.
+ *   Integrations of Mbed TLS should support this value if there is a secure
+ *   element attached to the operating environment.
+ *   As a guideline, secure elements may provide higher resistance against
+ *   side channel and physical attacks than the primary local storage, but may
+ *   have restrictions on supported key types, sizes, policies and operations
+ *   and may have different performance characteristics.
+ * - \c 2-0x7fffff: other locations defined by a PSA specification.
+ *   The PSA Cryptography API does not currently assign any meaning to these
+ *   locations, but future versions of that specification or other PSA
+ *   specifications may do so.
+ * - \c 0x800000-0xffffff: vendor-defined locations.
+ *   No PSA specification will assign a meaning to locations in this range.
+ *
+ * \note Key location indicators are 24-bit values. Key management
+ *       interfaces operate on lifetimes (type ::psa_key_lifetime_t) which
+ *       encode the location as the upper 24 bits of a 32-bit value.
+ *
+ * \note Values of this type are encoded in the persistent key store.
+ *       Any changes to existing values will require bumping the storage
+ *       format version and providing a translation when reading the old
+ *       format.
+ */
+typedef uint32_t psa_key_location_t;
+
+/** Encoding of identifiers of persistent keys.
+ *
+ * - Applications may freely choose key identifiers in the range
+ *   #PSA_KEY_ID_USER_MIN to #PSA_KEY_ID_USER_MAX.
+ * - The implementation may define additional key identifiers in the range
+ *   #PSA_KEY_ID_VENDOR_MIN to #PSA_KEY_ID_VENDOR_MAX.
+ * - 0 is reserved as an invalid key identifier.
+ * - Key identifiers outside these ranges are reserved for future use.
+ *
+ * \note Values of this type are encoded in the persistent key store.
+ *       Any changes to how values are allocated must require careful
+ *       consideration to allow backward compatibility.
+ */
+typedef uint32_t psa_key_id_t;
+
+/** Encoding of key identifiers as seen inside the PSA Crypto implementation.
+ *
+ * When PSA Crypto is built as a library inside an application, this type
+ * is identical to #psa_key_id_t. When PSA Crypto is built as a service
+ * that can store keys on behalf of multiple clients, this type
+ * encodes the #psa_key_id_t value seen by each client application as
+ * well as extra information that identifies the client that owns
+ * the key.
+ *
+ * \note Values of this type are encoded in the persistent key store.
+ *       Any changes to existing values will require bumping the storage
+ *       format version and providing a translation when reading the old
+ *       format.
+ */
+#if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+typedef psa_key_id_t mbedtls_svc_key_id_t;
+
+#else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
+/* Implementation-specific: The Mbed TLS library can be built as
+ * part of a multi-client service that exposes the PSA Cryptography API in each
+ * client and encodes the client identity in the key identifier argument of
+ * functions such as psa_open_key().
+ */
+typedef struct {
+    psa_key_id_t key_id;
+    mbedtls_key_owner_id_t owner;
+} mbedtls_svc_key_id_t;
+
+#endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
+
+/**@}*/
+
+/** \defgroup policy Key policies
+ * @{
+ */
+
+/** \brief Encoding of permitted usage on a key.
+ *
+ * Values of this type are generally constructed as bitwise-ors of macros
+ * called `PSA_KEY_USAGE_xxx`.
+ *
+ * \note Values of this type are encoded in the persistent key store.
+ *       Any changes to existing values will require bumping the storage
+ *       format version and providing a translation when reading the old
+ *       format.
+ */
+typedef uint32_t psa_key_usage_t;
+
+/**@}*/
+
+/** \defgroup attributes Key attributes
+ * @{
+ */
+
+/** The type of a structure containing key attributes.
+ *
+ * This is an opaque structure that can represent the metadata of a key
+ * object. Metadata that can be stored in attributes includes:
+ * - The location of the key in storage, indicated by its key identifier
+ *   and its lifetime.
+ * - The key's policy, comprising usage flags and a specification of
+ *   the permitted algorithm(s).
+ * - Information about the key itself: the key type and its size.
+ * - Additional implementation-defined attributes.
+ *
+ * The actual key material is not considered an attribute of a key.
+ * Key attributes do not contain information that is generally considered
+ * highly confidential.
+ *
+ * An attribute structure works like a simple data structure where each function
+ * `psa_set_key_xxx` sets a field and the corresponding function
+ * `psa_get_key_xxx` retrieves the value of the corresponding field.
+ * However, a future version of the library  may report values that are
+ * equivalent to the original one, but have a different encoding. Invalid
+ * values may be mapped to different, also invalid values.
+ *
+ * An attribute structure may contain references to auxiliary resources,
+ * for example pointers to allocated memory or indirect references to
+ * pre-calculated values. In order to free such resources, the application
+ * must call psa_reset_key_attributes(). As an exception, calling
+ * psa_reset_key_attributes() on an attribute structure is optional if
+ * the structure has only been modified by the following functions
+ * since it was initialized or last reset with psa_reset_key_attributes():
+ * - psa_set_key_id()
+ * - psa_set_key_lifetime()
+ * - psa_set_key_type()
+ * - psa_set_key_bits()
+ * - psa_set_key_usage_flags()
+ * - psa_set_key_algorithm()
+ *
+ * Before calling any function on a key attribute structure, the application
+ * must initialize it by any of the following means:
+ * - Set the structure to all-bits-zero, for example:
+ *   \code
+ *   psa_key_attributes_t attributes;
+ *   memset(&attributes, 0, sizeof(attributes));
+ *   \endcode
+ * - Initialize the structure to logical zero values, for example:
+ *   \code
+ *   psa_key_attributes_t attributes = {0};
+ *   \endcode
+ * - Initialize the structure to the initializer #PSA_KEY_ATTRIBUTES_INIT,
+ *   for example:
+ *   \code
+ *   psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ *   \endcode
+ * - Assign the result of the function psa_key_attributes_init()
+ *   to the structure, for example:
+ *   \code
+ *   psa_key_attributes_t attributes;
+ *   attributes = psa_key_attributes_init();
+ *   \endcode
+ *
+ * A freshly initialized attribute structure contains the following
+ * values:
+ *
+ * - lifetime: #PSA_KEY_LIFETIME_VOLATILE.
+ * - key identifier: 0 (which is not a valid key identifier).
+ * - type: \c 0 (meaning that the type is unspecified).
+ * - key size: \c 0 (meaning that the size is unspecified).
+ * - usage flags: \c 0 (which allows no usage except exporting a public key).
+ * - algorithm: \c 0 (which allows no cryptographic usage, but allows
+ *   exporting).
+ *
+ * A typical sequence to create a key is as follows:
+ * -# Create and initialize an attribute structure.
+ * -# If the key is persistent, call psa_set_key_id().
+ *    Also call psa_set_key_lifetime() to place the key in a non-default
+ *    location.
+ * -# Set the key policy with psa_set_key_usage_flags() and
+ *    psa_set_key_algorithm().
+ * -# Set the key type with psa_set_key_type().
+ *    Skip this step if copying an existing key with psa_copy_key().
+ * -# When generating a random key with psa_generate_key() or deriving a key
+ *    with psa_key_derivation_output_key(), set the desired key size with
+ *    psa_set_key_bits().
+ * -# Call a key creation function: psa_import_key(), psa_generate_key(),
+ *    psa_key_derivation_output_key() or psa_copy_key(). This function reads
+ *    the attribute structure, creates a key with these attributes, and
+ *    outputs a key identifier to the newly created key.
+ * -# The attribute structure is now no longer necessary.
+ *    You may call psa_reset_key_attributes(), although this is optional
+ *    with the workflow presented here because the attributes currently
+ *    defined in this specification do not require any additional resources
+ *    beyond the structure itself.
+ *
+ * A typical sequence to query a key's attributes is as follows:
+ * -# Call psa_get_key_attributes().
+ * -# Call `psa_get_key_xxx` functions to retrieve the attribute(s) that
+ *    you are interested in.
+ * -# Call psa_reset_key_attributes() to free any resources that may be
+ *    used by the attribute structure.
+ *
+ * Once a key has been created, it is impossible to change its attributes.
+ */
+typedef struct psa_key_attributes_s psa_key_attributes_t;
+
+
+#ifndef __DOXYGEN_ONLY__
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+/* Mbed TLS defines this type in crypto_types.h because it is also
+ * visible to applications through an implementation-specific extension.
+ * For the PSA Cryptography specification, this type is only visible
+ * via crypto_se_driver.h. */
+typedef uint64_t psa_key_slot_number_t;
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+#endif /* !__DOXYGEN_ONLY__ */
+
+/**@}*/
+
+/** \defgroup derivation Key derivation
+ * @{
+ */
+
+/** \brief Encoding of the step of a key derivation.
+ *
+ * Values of this type are generally constructed by macros called
+ * `PSA_KEY_DERIVATION_INPUT_xxx`.
+ */
+typedef uint16_t psa_key_derivation_step_t;
+
+/**@}*/
+
+#endif /* PSA_CRYPTO_TYPES_H */
diff --git a/3rdparty/mbedtls-2.28.7/include/psa/crypto_values.h b/3rdparty/mbedtls-2.28.7/include/psa/crypto_values.h
new file mode 100644
index 0000000..c25fda6
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/include/psa/crypto_values.h
@@ -0,0 +1,2381 @@
+/**
+ * \file psa/crypto_values.h
+ *
+ * \brief PSA cryptography module: macros to build and analyze integer values.
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h. Drivers must include the appropriate driver
+ * header file.
+ *
+ * This file contains portable definitions of macros to build and analyze
+ * values of integral types that encode properties of cryptographic keys,
+ * designations of cryptographic algorithms, and error codes returned by
+ * the library.
+ *
+ * Note that many of the constants defined in this file are embedded in
+ * the persistent key store, as part of key metadata (including usage
+ * policies). As a consequence, they must not be changed (unless the storage
+ * format version changes).
+ *
+ * This header file only defines preprocessor macros.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_VALUES_H
+#define PSA_CRYPTO_VALUES_H
+
+/** \defgroup error Error codes
+ * @{
+ */
+
+/* PSA error codes */
+
+/* Error codes are standardized across PSA domains (framework, crypto, storage,
+ * etc.). Do not change the values in this section or even the expansions
+ * of each macro: it must be possible to `#include` both this header
+ * and some other PSA component's headers in the same C source,
+ * which will lead to duplicate definitions of the `PSA_SUCCESS` and
+ * `PSA_ERROR_xxx` macros, which is ok if and only if the macros expand
+ * to the same sequence of tokens.
+ *
+ * If you must add a new
+ * value, check with the Arm PSA framework group to pick one that other
+ * domains aren't already using. */
+
+/* Tell uncrustify not to touch the constant definitions, otherwise
+ * it might change the spacing to something that is not PSA-compliant
+ * (e.g. adding a space after casts).
+ *
+ * *INDENT-OFF*
+ */
+
+/** The action was completed successfully. */
+#define PSA_SUCCESS ((psa_status_t)0)
+
+/** An error occurred that does not correspond to any defined
+ * failure cause.
+ *
+ * Implementations may use this error code if none of the other standard
+ * error codes are applicable. */
+#define PSA_ERROR_GENERIC_ERROR         ((psa_status_t)-132)
+
+/** The requested operation or a parameter is not supported
+ * by this implementation.
+ *
+ * Implementations should return this error code when an enumeration
+ * parameter such as a key type, algorithm, etc. is not recognized.
+ * If a combination of parameters is recognized and identified as
+ * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */
+#define PSA_ERROR_NOT_SUPPORTED         ((psa_status_t)-134)
+
+/** The requested action is denied by a policy.
+ *
+ * Implementations should return this error code when the parameters
+ * are recognized as valid and supported, and a policy explicitly
+ * denies the requested operation.
+ *
+ * If a subset of the parameters of a function call identify a
+ * forbidden operation, and another subset of the parameters are
+ * not valid or not supported, it is unspecified whether the function
+ * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or
+ * #PSA_ERROR_INVALID_ARGUMENT. */
+#define PSA_ERROR_NOT_PERMITTED         ((psa_status_t)-133)
+
+/** An output buffer is too small.
+ *
+ * Applications can call the \c PSA_xxx_SIZE macro listed in the function
+ * description to determine a sufficient buffer size.
+ *
+ * Implementations should preferably return this error code only
+ * in cases when performing the operation with a larger output
+ * buffer would succeed. However implementations may return this
+ * error if a function has invalid or unsupported parameters in addition
+ * to the parameters that determine the necessary output buffer size. */
+#define PSA_ERROR_BUFFER_TOO_SMALL      ((psa_status_t)-138)
+
+/** Asking for an item that already exists
+ *
+ * Implementations should return this error, when attempting
+ * to write an item (like a key) that already exists. */
+#define PSA_ERROR_ALREADY_EXISTS        ((psa_status_t)-139)
+
+/** Asking for an item that doesn't exist
+ *
+ * Implementations should return this error, if a requested item (like
+ * a key) does not exist. */
+#define PSA_ERROR_DOES_NOT_EXIST        ((psa_status_t)-140)
+
+/** The requested action cannot be performed in the current state.
+ *
+ * Multipart operations return this error when one of the
+ * functions is called out of sequence. Refer to the function
+ * descriptions for permitted sequencing of functions.
+ *
+ * Implementations shall not return this error code to indicate
+ * that a key either exists or not,
+ * but shall instead return #PSA_ERROR_ALREADY_EXISTS or #PSA_ERROR_DOES_NOT_EXIST
+ * as applicable.
+ *
+ * Implementations shall not return this error code to indicate that a
+ * key identifier is invalid, but shall return #PSA_ERROR_INVALID_HANDLE
+ * instead. */
+#define PSA_ERROR_BAD_STATE             ((psa_status_t)-137)
+
+/** The parameters passed to the function are invalid.
+ *
+ * Implementations may return this error any time a parameter or
+ * combination of parameters are recognized as invalid.
+ *
+ * Implementations shall not return this error code to indicate that a
+ * key identifier is invalid, but shall return #PSA_ERROR_INVALID_HANDLE
+ * instead.
+ */
+#define PSA_ERROR_INVALID_ARGUMENT      ((psa_status_t)-135)
+
+/** There is not enough runtime memory.
+ *
+ * If the action is carried out across multiple security realms, this
+ * error can refer to available memory in any of the security realms. */
+#define PSA_ERROR_INSUFFICIENT_MEMORY   ((psa_status_t)-141)
+
+/** There is not enough persistent storage.
+ *
+ * Functions that modify the key storage return this error code if
+ * there is insufficient storage space on the host media. In addition,
+ * many functions that do not otherwise access storage may return this
+ * error code if the implementation requires a mandatory log entry for
+ * the requested action and the log storage space is full. */
+#define PSA_ERROR_INSUFFICIENT_STORAGE  ((psa_status_t)-142)
+
+/** There was a communication failure inside the implementation.
+ *
+ * This can indicate a communication failure between the application
+ * and an external cryptoprocessor or between the cryptoprocessor and
+ * an external volatile or persistent memory. A communication failure
+ * may be transient or permanent depending on the cause.
+ *
+ * \warning If a function returns this error, it is undetermined
+ * whether the requested action has completed or not. Implementations
+ * should return #PSA_SUCCESS on successful completion whenever
+ * possible, however functions may return #PSA_ERROR_COMMUNICATION_FAILURE
+ * if the requested action was completed successfully in an external
+ * cryptoprocessor but there was a breakdown of communication before
+ * the cryptoprocessor could report the status to the application.
+ */
+#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145)
+
+/** There was a storage failure that may have led to data loss.
+ *
+ * This error indicates that some persistent storage is corrupted.
+ * It should not be used for a corruption of volatile memory
+ * (use #PSA_ERROR_CORRUPTION_DETECTED), for a communication error
+ * between the cryptoprocessor and its external storage (use
+ * #PSA_ERROR_COMMUNICATION_FAILURE), or when the storage is
+ * in a valid state but is full (use #PSA_ERROR_INSUFFICIENT_STORAGE).
+ *
+ * Note that a storage failure does not indicate that any data that was
+ * previously read is invalid. However this previously read data may no
+ * longer be readable from storage.
+ *
+ * When a storage failure occurs, it is no longer possible to ensure
+ * the global integrity of the keystore. Depending on the global
+ * integrity guarantees offered by the implementation, access to other
+ * data may or may not fail even if the data is still readable but
+ * its integrity cannot be guaranteed.
+ *
+ * Implementations should only use this error code to report a
+ * permanent storage corruption. However application writers should
+ * keep in mind that transient errors while reading the storage may be
+ * reported using this error code. */
+#define PSA_ERROR_STORAGE_FAILURE       ((psa_status_t)-146)
+
+/** A hardware failure was detected.
+ *
+ * A hardware failure may be transient or permanent depending on the
+ * cause. */
+#define PSA_ERROR_HARDWARE_FAILURE      ((psa_status_t)-147)
+
+/** A tampering attempt was detected.
+ *
+ * If an application receives this error code, there is no guarantee
+ * that previously accessed or computed data was correct and remains
+ * confidential. Applications should not perform any security function
+ * and should enter a safe failure state.
+ *
+ * Implementations may return this error code if they detect an invalid
+ * state that cannot happen during normal operation and that indicates
+ * that the implementation's security guarantees no longer hold. Depending
+ * on the implementation architecture and on its security and safety goals,
+ * the implementation may forcibly terminate the application.
+ *
+ * This error code is intended as a last resort when a security breach
+ * is detected and it is unsure whether the keystore data is still
+ * protected. Implementations shall only return this error code
+ * to report an alarm from a tampering detector, to indicate that
+ * the confidentiality of stored data can no longer be guaranteed,
+ * or to indicate that the integrity of previously returned data is now
+ * considered compromised. Implementations shall not use this error code
+ * to indicate a hardware failure that merely makes it impossible to
+ * perform the requested operation (use #PSA_ERROR_COMMUNICATION_FAILURE,
+ * #PSA_ERROR_STORAGE_FAILURE, #PSA_ERROR_HARDWARE_FAILURE,
+ * #PSA_ERROR_INSUFFICIENT_ENTROPY or other applicable error code
+ * instead).
+ *
+ * This error indicates an attack against the application. Implementations
+ * shall not return this error code as a consequence of the behavior of
+ * the application itself. */
+#define PSA_ERROR_CORRUPTION_DETECTED    ((psa_status_t)-151)
+
+/** There is not enough entropy to generate random data needed
+ * for the requested action.
+ *
+ * This error indicates a failure of a hardware random generator.
+ * Application writers should note that this error can be returned not
+ * only by functions whose purpose is to generate random data, such
+ * as key, IV or nonce generation, but also by functions that execute
+ * an algorithm with a randomized result, as well as functions that
+ * use randomization of intermediate computations as a countermeasure
+ * to certain attacks.
+ *
+ * Implementations should avoid returning this error after psa_crypto_init()
+ * has succeeded. Implementations should generate sufficient
+ * entropy during initialization and subsequently use a cryptographically
+ * secure pseudorandom generator (PRNG). However implementations may return
+ * this error at any time if a policy requires the PRNG to be reseeded
+ * during normal operation. */
+#define PSA_ERROR_INSUFFICIENT_ENTROPY  ((psa_status_t)-148)
+
+/** The signature, MAC or hash is incorrect.
+ *
+ * Verification functions return this error if the verification
+ * calculations completed successfully, and the value to be verified
+ * was determined to be incorrect.
+ *
+ * If the value to verify has an invalid size, implementations may return
+ * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */
+#define PSA_ERROR_INVALID_SIGNATURE     ((psa_status_t)-149)
+
+/** The decrypted padding is incorrect.
+ *
+ * \warning In some protocols, when decrypting data, it is essential that
+ * the behavior of the application does not depend on whether the padding
+ * is correct, down to precise timing. Applications should prefer
+ * protocols that use authenticated encryption rather than plain
+ * encryption. If the application must perform a decryption of
+ * unauthenticated data, the application writer should take care not
+ * to reveal whether the padding is invalid.
+ *
+ * Implementations should strive to make valid and invalid padding
+ * as close as possible to indistinguishable to an external observer.
+ * In particular, the timing of a decryption operation should not
+ * depend on the validity of the padding. */
+#define PSA_ERROR_INVALID_PADDING       ((psa_status_t)-150)
+
+/** Return this error when there's insufficient data when attempting
+ * to read from a resource. */
+#define PSA_ERROR_INSUFFICIENT_DATA     ((psa_status_t)-143)
+
+/** The key identifier is not valid. See also :ref:\`key-handles\`.
+ */
+#define PSA_ERROR_INVALID_HANDLE        ((psa_status_t)-136)
+
+/** Stored data has been corrupted.
+ *
+ * This error indicates that some persistent storage has suffered corruption.
+ * It does not indicate the following situations, which have specific error
+ * codes:
+ *
+ * - A corruption of volatile memory - use #PSA_ERROR_CORRUPTION_DETECTED.
+ * - A communication error between the cryptoprocessor and its external
+ *   storage - use #PSA_ERROR_COMMUNICATION_FAILURE.
+ * - When the storage is in a valid state but is full - use
+ *   #PSA_ERROR_INSUFFICIENT_STORAGE.
+ * - When the storage fails for other reasons - use
+ *   #PSA_ERROR_STORAGE_FAILURE.
+ * - When the stored data is not valid - use #PSA_ERROR_DATA_INVALID.
+ *
+ * \note A storage corruption does not indicate that any data that was
+ * previously read is invalid. However this previously read data might no
+ * longer be readable from storage.
+ *
+ * When a storage failure occurs, it is no longer possible to ensure the
+ * global integrity of the keystore.
+ */
+#define PSA_ERROR_DATA_CORRUPT          ((psa_status_t)-152)
+
+/** Data read from storage is not valid for the implementation.
+ *
+ * This error indicates that some data read from storage does not have a valid
+ * format. It does not indicate the following situations, which have specific
+ * error codes:
+ *
+ * - When the storage or stored data is corrupted - use #PSA_ERROR_DATA_CORRUPT
+ * - When the storage fails for other reasons - use #PSA_ERROR_STORAGE_FAILURE
+ * - An invalid argument to the API - use #PSA_ERROR_INVALID_ARGUMENT
+ *
+ * This error is typically a result of either storage corruption on a
+ * cleartext storage backend, or an attempt to read data that was
+ * written by an incompatible version of the library.
+ */
+#define PSA_ERROR_DATA_INVALID          ((psa_status_t)-153)
+
+/* *INDENT-ON* */
+
+/**@}*/
+
+/** \defgroup crypto_types Key and algorithm types
+ * @{
+ */
+
+/* Note that key type values, including ECC family and DH group values, are
+ * embedded in the persistent key store, as part of key metadata. As a
+ * consequence, they must not be changed (unless the storage format version
+ * changes).
+ */
+
+/** An invalid key type value.
+ *
+ * Zero is not the encoding of any key type.
+ */
+#define PSA_KEY_TYPE_NONE                           ((psa_key_type_t) 0x0000)
+
+/** Vendor-defined key type flag.
+ *
+ * Key types defined by this standard will never have the
+ * #PSA_KEY_TYPE_VENDOR_FLAG bit set. Vendors who define additional key types
+ * must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should
+ * respect the bitwise structure used by standard encodings whenever practical.
+ */
+#define PSA_KEY_TYPE_VENDOR_FLAG                    ((psa_key_type_t) 0x8000)
+
+#define PSA_KEY_TYPE_CATEGORY_MASK                  ((psa_key_type_t) 0x7000)
+#define PSA_KEY_TYPE_CATEGORY_RAW                   ((psa_key_type_t) 0x1000)
+#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC             ((psa_key_type_t) 0x2000)
+#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY            ((psa_key_type_t) 0x4000)
+#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR              ((psa_key_type_t) 0x7000)
+
+#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR             ((psa_key_type_t) 0x3000)
+
+/** Whether a key type is vendor-defined.
+ *
+ * See also #PSA_KEY_TYPE_VENDOR_FLAG.
+ */
+#define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
+    (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
+
+/** Whether a key type is an unstructured array of bytes.
+ *
+ * This encompasses both symmetric keys and non-key data.
+ */
+#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \
+    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_RAW || \
+     ((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
+
+/** Whether a key type is asymmetric: either a key pair or a public key. */
+#define PSA_KEY_TYPE_IS_ASYMMETRIC(type)                                \
+    (((type) & PSA_KEY_TYPE_CATEGORY_MASK                               \
+      & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) ==                            \
+     PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
+/** Whether a key type is the public part of a key pair. */
+#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type)                                \
+    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
+/** Whether a key type is a key pair containing a private part and a public
+ * part. */
+#define PSA_KEY_TYPE_IS_KEY_PAIR(type)                                   \
+    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR)
+/** The key pair type corresponding to a public key type.
+ *
+ * You may also pass a key pair type as \p type, it will be left unchanged.
+ *
+ * \param type      A public key type or key pair type.
+ *
+ * \return          The corresponding key pair type.
+ *                  If \p type is not a public key or a key pair,
+ *                  the return value is undefined.
+ */
+#define PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type)        \
+    ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
+/** The public key type corresponding to a key pair type.
+ *
+ * You may also pass a key pair type as \p type, it will be left unchanged.
+ *
+ * \param type      A public key type or key pair type.
+ *
+ * \return          The corresponding public key type.
+ *                  If \p type is not a public key or a key pair,
+ *                  the return value is undefined.
+ */
+#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type)        \
+    ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
+
+/** Raw data.
+ *
+ * A "key" of this type cannot be used for any cryptographic operation.
+ * Applications may use this type to store arbitrary data in the keystore. */
+#define PSA_KEY_TYPE_RAW_DATA                       ((psa_key_type_t) 0x1001)
+
+/** HMAC key.
+ *
+ * The key policy determines which underlying hash algorithm the key can be
+ * used for.
+ *
+ * HMAC keys should generally have the same size as the underlying hash.
+ * This size can be calculated with #PSA_HASH_LENGTH(\c alg) where
+ * \c alg is the HMAC algorithm or the underlying hash algorithm. */
+#define PSA_KEY_TYPE_HMAC                           ((psa_key_type_t) 0x1100)
+
+/** A secret for key derivation.
+ *
+ * The key policy determines which key derivation algorithm the key
+ * can be used for.
+ */
+#define PSA_KEY_TYPE_DERIVE                         ((psa_key_type_t) 0x1200)
+
+/** Key for a cipher, AEAD or MAC algorithm based on the AES block cipher.
+ *
+ * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or
+ * 32 bytes (AES-256).
+ */
+#define PSA_KEY_TYPE_AES                            ((psa_key_type_t) 0x2400)
+
+/** Key for a cipher, AEAD or MAC algorithm based on the
+ * ARIA block cipher. */
+#define PSA_KEY_TYPE_ARIA                           ((psa_key_type_t) 0x2406)
+
+/** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES).
+ *
+ * The size of the key can be 64 bits (single DES), 128 bits (2-key 3DES) or
+ * 192 bits (3-key 3DES).
+ *
+ * Note that single DES and 2-key 3DES are weak and strongly
+ * deprecated and should only be used to decrypt legacy data. 3-key 3DES
+ * is weak and deprecated and should only be used in legacy protocols.
+ */
+#define PSA_KEY_TYPE_DES                            ((psa_key_type_t) 0x2301)
+
+/** Key for a cipher, AEAD or MAC algorithm based on the
+ * Camellia block cipher. */
+#define PSA_KEY_TYPE_CAMELLIA                       ((psa_key_type_t) 0x2403)
+
+/** Key for the ARC4 stream cipher (also known as RC4 or ARCFOUR).
+ *
+ * Note that ARC4 is weak and deprecated and should only be used in
+ * legacy protocols. */
+#define PSA_KEY_TYPE_ARC4                           ((psa_key_type_t) 0x2002)
+
+/** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm.
+ *
+ * ChaCha20 and the ChaCha20_Poly1305 construction are defined in RFC 7539.
+ *
+ * Implementations must support 12-byte nonces, may support 8-byte nonces,
+ * and should reject other sizes.
+ */
+#define PSA_KEY_TYPE_CHACHA20                       ((psa_key_type_t) 0x2004)
+
+/** RSA public key.
+ *
+ * The size of an RSA key is the bit size of the modulus.
+ */
+#define PSA_KEY_TYPE_RSA_PUBLIC_KEY                 ((psa_key_type_t) 0x4001)
+/** RSA key pair (private and public key).
+ *
+ * The size of an RSA key is the bit size of the modulus.
+ */
+#define PSA_KEY_TYPE_RSA_KEY_PAIR                   ((psa_key_type_t) 0x7001)
+/** Whether a key type is an RSA key (pair or public-only). */
+#define PSA_KEY_TYPE_IS_RSA(type)                                       \
+    (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
+
+#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE            ((psa_key_type_t) 0x4100)
+#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE              ((psa_key_type_t) 0x7100)
+#define PSA_KEY_TYPE_ECC_CURVE_MASK                 ((psa_key_type_t) 0x00ff)
+/** Elliptic curve key pair.
+ *
+ * The size of an elliptic curve key is the bit size associated with the curve,
+ * i.e. the bit size of *q* for a curve over a field *F<sub>q</sub>*.
+ * See the documentation of `PSA_ECC_FAMILY_xxx` curve families for details.
+ *
+ * \param curve     A value of type ::psa_ecc_family_t that
+ *                  identifies the ECC curve to be used.
+ */
+#define PSA_KEY_TYPE_ECC_KEY_PAIR(curve)         \
+    (PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve))
+/** Elliptic curve public key.
+ *
+ * The size of an elliptic curve public key is the same as the corresponding
+ * private key (see #PSA_KEY_TYPE_ECC_KEY_PAIR and the documentation of
+ * `PSA_ECC_FAMILY_xxx` curve families).
+ *
+ * \param curve     A value of type ::psa_ecc_family_t that
+ *                  identifies the ECC curve to be used.
+ */
+#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve)              \
+    (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
+
+/** Whether a key type is an elliptic curve key (pair or public-only). */
+#define PSA_KEY_TYPE_IS_ECC(type)                                       \
+    ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) &                        \
+      ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
+/** Whether a key type is an elliptic curve key pair. */
+#define PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)                               \
+    (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) ==                         \
+     PSA_KEY_TYPE_ECC_KEY_PAIR_BASE)
+/** Whether a key type is an elliptic curve public key. */
+#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type)                            \
+    (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) ==                         \
+     PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
+
+/** Extract the curve from an elliptic curve key type. */
+#define PSA_KEY_TYPE_ECC_GET_FAMILY(type)                        \
+    ((psa_ecc_family_t) (PSA_KEY_TYPE_IS_ECC(type) ?             \
+                         ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
+                         0))
+
+/** SEC Koblitz curves over prime fields.
+ *
+ * This family comprises the following curves:
+ * secp192k1, secp224k1, secp256k1.
+ * They are defined in _Standards for Efficient Cryptography_,
+ * _SEC 2: Recommended Elliptic Curve Domain Parameters_.
+ * https://www.secg.org/sec2-v2.pdf
+ */
+#define PSA_ECC_FAMILY_SECP_K1           ((psa_ecc_family_t) 0x17)
+
+/** SEC random curves over prime fields.
+ *
+ * This family comprises the following curves:
+ * secp192k1, secp224r1, secp256r1, secp384r1, secp521r1.
+ * They are defined in _Standards for Efficient Cryptography_,
+ * _SEC 2: Recommended Elliptic Curve Domain Parameters_.
+ * https://www.secg.org/sec2-v2.pdf
+ */
+#define PSA_ECC_FAMILY_SECP_R1           ((psa_ecc_family_t) 0x12)
+/* SECP160R2 (SEC2 v1, obsolete) */
+#define PSA_ECC_FAMILY_SECP_R2           ((psa_ecc_family_t) 0x1b)
+
+/** SEC Koblitz curves over binary fields.
+ *
+ * This family comprises the following curves:
+ * sect163k1, sect233k1, sect239k1, sect283k1, sect409k1, sect571k1.
+ * They are defined in _Standards for Efficient Cryptography_,
+ * _SEC 2: Recommended Elliptic Curve Domain Parameters_.
+ * https://www.secg.org/sec2-v2.pdf
+ */
+#define PSA_ECC_FAMILY_SECT_K1           ((psa_ecc_family_t) 0x27)
+
+/** SEC random curves over binary fields.
+ *
+ * This family comprises the following curves:
+ * sect163r1, sect233r1, sect283r1, sect409r1, sect571r1.
+ * They are defined in _Standards for Efficient Cryptography_,
+ * _SEC 2: Recommended Elliptic Curve Domain Parameters_.
+ * https://www.secg.org/sec2-v2.pdf
+ */
+#define PSA_ECC_FAMILY_SECT_R1           ((psa_ecc_family_t) 0x22)
+
+/** SEC additional random curves over binary fields.
+ *
+ * This family comprises the following curve:
+ * sect163r2.
+ * It is defined in _Standards for Efficient Cryptography_,
+ * _SEC 2: Recommended Elliptic Curve Domain Parameters_.
+ * https://www.secg.org/sec2-v2.pdf
+ */
+#define PSA_ECC_FAMILY_SECT_R2           ((psa_ecc_family_t) 0x2b)
+
+/** Brainpool P random curves.
+ *
+ * This family comprises the following curves:
+ * brainpoolP160r1, brainpoolP192r1, brainpoolP224r1, brainpoolP256r1,
+ * brainpoolP320r1, brainpoolP384r1, brainpoolP512r1.
+ * It is defined in RFC 5639.
+ */
+#define PSA_ECC_FAMILY_BRAINPOOL_P_R1    ((psa_ecc_family_t) 0x30)
+
+/** Curve25519 and Curve448.
+ *
+ * This family comprises the following Montgomery curves:
+ * - 255-bit: Bernstein et al.,
+ *   _Curve25519: new Diffie-Hellman speed records_, LNCS 3958, 2006.
+ *   The algorithm #PSA_ALG_ECDH performs X25519 when used with this curve.
+ * - 448-bit: Hamburg,
+ *   _Ed448-Goldilocks, a new elliptic curve_, NIST ECC Workshop, 2015.
+ *   The algorithm #PSA_ALG_ECDH performs X448 when used with this curve.
+ */
+#define PSA_ECC_FAMILY_MONTGOMERY        ((psa_ecc_family_t) 0x41)
+
+/** The twisted Edwards curves Ed25519 and Ed448.
+ *
+ * These curves are suitable for EdDSA (#PSA_ALG_PURE_EDDSA for both curves,
+ * #PSA_ALG_ED25519PH for the 255-bit curve,
+ * #PSA_ALG_ED448PH for the 448-bit curve).
+ *
+ * This family comprises the following twisted Edwards curves:
+ * - 255-bit: Edwards25519, the twisted Edwards curve birationally equivalent
+ *   to Curve25519.
+ *   Bernstein et al., _Twisted Edwards curves_, Africacrypt 2008.
+ * - 448-bit: Edwards448, the twisted Edwards curve birationally equivalent
+ *   to Curve448.
+ *   Hamburg, _Ed448-Goldilocks, a new elliptic curve_, NIST ECC Workshop, 2015.
+ */
+#define PSA_ECC_FAMILY_TWISTED_EDWARDS   ((psa_ecc_family_t) 0x42)
+
+#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE             ((psa_key_type_t) 0x4200)
+#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE               ((psa_key_type_t) 0x7200)
+#define PSA_KEY_TYPE_DH_GROUP_MASK                  ((psa_key_type_t) 0x00ff)
+/** Diffie-Hellman key pair.
+ *
+ * \param group     A value of type ::psa_dh_family_t that identifies the
+ *                  Diffie-Hellman group to be used.
+ */
+#define PSA_KEY_TYPE_DH_KEY_PAIR(group)          \
+    (PSA_KEY_TYPE_DH_KEY_PAIR_BASE | (group))
+/** Diffie-Hellman public key.
+ *
+ * \param group     A value of type ::psa_dh_family_t that identifies the
+ *                  Diffie-Hellman group to be used.
+ */
+#define PSA_KEY_TYPE_DH_PUBLIC_KEY(group)               \
+    (PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE | (group))
+
+/** Whether a key type is a Diffie-Hellman key (pair or public-only). */
+#define PSA_KEY_TYPE_IS_DH(type)                                        \
+    ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) &                        \
+      ~PSA_KEY_TYPE_DH_GROUP_MASK) == PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
+/** Whether a key type is a Diffie-Hellman key pair. */
+#define PSA_KEY_TYPE_IS_DH_KEY_PAIR(type)                               \
+    (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) ==                         \
+     PSA_KEY_TYPE_DH_KEY_PAIR_BASE)
+/** Whether a key type is a Diffie-Hellman public key. */
+#define PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type)                            \
+    (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) ==                         \
+     PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE)
+
+/** Extract the group from a Diffie-Hellman key type. */
+#define PSA_KEY_TYPE_DH_GET_FAMILY(type)                        \
+    ((psa_dh_family_t) (PSA_KEY_TYPE_IS_DH(type) ?              \
+                        ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) :  \
+                        0))
+
+/** Diffie-Hellman groups defined in RFC 7919 Appendix A.
+ *
+ * This family includes groups with the following key sizes (in bits):
+ * 2048, 3072, 4096, 6144, 8192. A given implementation may support
+ * all of these sizes or only a subset.
+ */
+#define PSA_DH_FAMILY_RFC7919            ((psa_dh_family_t) 0x03)
+
+#define PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type)      \
+    (((type) >> 8) & 7)
+/** The block size of a block cipher.
+ *
+ * \param type  A cipher key type (value of type #psa_key_type_t).
+ *
+ * \return      The block size for a block cipher, or 1 for a stream cipher.
+ *              The return value is undefined if \p type is not a supported
+ *              cipher key type.
+ *
+ * \note It is possible to build stream cipher algorithms on top of a block
+ *       cipher, for example CTR mode (#PSA_ALG_CTR).
+ *       This macro only takes the key type into account, so it cannot be
+ *       used to determine the size of the data that #psa_cipher_update()
+ *       might buffer for future processing in general.
+ *
+ * \note This macro returns a compile-time constant if its argument is one.
+ *
+ * \warning This macro may evaluate its argument multiple times.
+ */
+#define PSA_BLOCK_CIPHER_BLOCK_LENGTH(type)                                     \
+    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \
+     1u << PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) :                         \
+        0u)
+
+/* Note that algorithm values are embedded in the persistent key store,
+ * as part of key metadata. As a consequence, they must not be changed
+ * (unless the storage format version changes).
+ */
+
+/** Vendor-defined algorithm flag.
+ *
+ * Algorithms defined by this standard will never have the #PSA_ALG_VENDOR_FLAG
+ * bit set. Vendors who define additional algorithms must use an encoding with
+ * the #PSA_ALG_VENDOR_FLAG bit set and should respect the bitwise structure
+ * used by standard encodings whenever practical.
+ */
+#define PSA_ALG_VENDOR_FLAG                     ((psa_algorithm_t) 0x80000000)
+
+#define PSA_ALG_CATEGORY_MASK                   ((psa_algorithm_t) 0x7f000000)
+#define PSA_ALG_CATEGORY_HASH                   ((psa_algorithm_t) 0x02000000)
+#define PSA_ALG_CATEGORY_MAC                    ((psa_algorithm_t) 0x03000000)
+#define PSA_ALG_CATEGORY_CIPHER                 ((psa_algorithm_t) 0x04000000)
+#define PSA_ALG_CATEGORY_AEAD                   ((psa_algorithm_t) 0x05000000)
+#define PSA_ALG_CATEGORY_SIGN                   ((psa_algorithm_t) 0x06000000)
+#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION  ((psa_algorithm_t) 0x07000000)
+#define PSA_ALG_CATEGORY_KEY_DERIVATION         ((psa_algorithm_t) 0x08000000)
+#define PSA_ALG_CATEGORY_KEY_AGREEMENT          ((psa_algorithm_t) 0x09000000)
+
+/** Whether an algorithm is vendor-defined.
+ *
+ * See also #PSA_ALG_VENDOR_FLAG.
+ */
+#define PSA_ALG_IS_VENDOR_DEFINED(alg)                                  \
+    (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
+
+/** Whether the specified algorithm is a hash algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a hash algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_HASH(alg)                                            \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
+
+/** Whether the specified algorithm is a MAC algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a MAC algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_MAC(alg)                                             \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC)
+
+/** Whether the specified algorithm is a symmetric cipher algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a symmetric cipher algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_CIPHER(alg)                                          \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER)
+
+/** Whether the specified algorithm is an authenticated encryption
+ * with associated data (AEAD) algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is an AEAD algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_AEAD(alg)                                            \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD)
+
+/** Whether the specified algorithm is an asymmetric signature algorithm,
+ * also known as public-key signature algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is an asymmetric signature algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_SIGN(alg)                                            \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN)
+
+/** Whether the specified algorithm is an asymmetric encryption algorithm,
+ * also known as public-key encryption algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is an asymmetric encryption algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)                           \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION)
+
+/** Whether the specified algorithm is a key agreement algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a key agreement algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_KEY_AGREEMENT(alg)                                   \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT)
+
+/** Whether the specified algorithm is a key derivation algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a key derivation algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_KEY_DERIVATION(alg)                                  \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION)
+
+/** An invalid algorithm identifier value. */
+/* *INDENT-OFF* (https://github.com/ARM-software/psa-arch-tests/issues/337) */
+#define PSA_ALG_NONE                            ((psa_algorithm_t)0)
+/* *INDENT-ON* */
+
+#define PSA_ALG_HASH_MASK                       ((psa_algorithm_t) 0x000000ff)
+/** MD2 */
+#define PSA_ALG_MD2                             ((psa_algorithm_t) 0x02000001)
+/** MD4 */
+#define PSA_ALG_MD4                             ((psa_algorithm_t) 0x02000002)
+/** MD5 */
+#define PSA_ALG_MD5                             ((psa_algorithm_t) 0x02000003)
+/** PSA_ALG_RIPEMD160 */
+#define PSA_ALG_RIPEMD160                       ((psa_algorithm_t) 0x02000004)
+/** SHA1 */
+#define PSA_ALG_SHA_1                           ((psa_algorithm_t) 0x02000005)
+/** SHA2-224 */
+#define PSA_ALG_SHA_224                         ((psa_algorithm_t) 0x02000008)
+/** SHA2-256 */
+#define PSA_ALG_SHA_256                         ((psa_algorithm_t) 0x02000009)
+/** SHA2-384 */
+#define PSA_ALG_SHA_384                         ((psa_algorithm_t) 0x0200000a)
+/** SHA2-512 */
+#define PSA_ALG_SHA_512                         ((psa_algorithm_t) 0x0200000b)
+/** SHA2-512/224 */
+#define PSA_ALG_SHA_512_224                     ((psa_algorithm_t) 0x0200000c)
+/** SHA2-512/256 */
+#define PSA_ALG_SHA_512_256                     ((psa_algorithm_t) 0x0200000d)
+/** SHA3-224 */
+#define PSA_ALG_SHA3_224                        ((psa_algorithm_t) 0x02000010)
+/** SHA3-256 */
+#define PSA_ALG_SHA3_256                        ((psa_algorithm_t) 0x02000011)
+/** SHA3-384 */
+#define PSA_ALG_SHA3_384                        ((psa_algorithm_t) 0x02000012)
+/** SHA3-512 */
+#define PSA_ALG_SHA3_512                        ((psa_algorithm_t) 0x02000013)
+/** The first 512 bits (64 bytes) of the SHAKE256 output.
+ *
+ * This is the prehashing for Ed448ph (see #PSA_ALG_ED448PH). For other
+ * scenarios where a hash function based on SHA3/SHAKE is desired, SHA3-512
+ * has the same output size and a (theoretically) higher security strength.
+ */
+#define PSA_ALG_SHAKE256_512                    ((psa_algorithm_t) 0x02000015)
+
+/** In a hash-and-sign algorithm policy, allow any hash algorithm.
+ *
+ * This value may be used to form the algorithm usage field of a policy
+ * for a signature algorithm that is parametrized by a hash. The key
+ * may then be used to perform operations using the same signature
+ * algorithm parametrized with any supported hash.
+ *
+ * That is, suppose that `PSA_xxx_SIGNATURE` is one of the following macros:
+ * - #PSA_ALG_RSA_PKCS1V15_SIGN, #PSA_ALG_RSA_PSS, #PSA_ALG_RSA_PSS_ANY_SALT,
+ * - #PSA_ALG_ECDSA, #PSA_ALG_DETERMINISTIC_ECDSA.
+ * Then you may create and use a key as follows:
+ * - Set the key usage field using #PSA_ALG_ANY_HASH, for example:
+ *   ```
+ *   psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); // or VERIFY
+ *   psa_set_key_algorithm(&attributes, PSA_xxx_SIGNATURE(PSA_ALG_ANY_HASH));
+ *   ```
+ * - Import or generate key material.
+ * - Call psa_sign_hash() or psa_verify_hash(), passing
+ *   an algorithm built from `PSA_xxx_SIGNATURE` and a specific hash. Each
+ *   call to sign or verify a message may use a different hash.
+ *   ```
+ *   psa_sign_hash(key, PSA_xxx_SIGNATURE(PSA_ALG_SHA_256), ...);
+ *   psa_sign_hash(key, PSA_xxx_SIGNATURE(PSA_ALG_SHA_512), ...);
+ *   psa_sign_hash(key, PSA_xxx_SIGNATURE(PSA_ALG_SHA3_256), ...);
+ *   ```
+ *
+ * This value may not be used to build other algorithms that are
+ * parametrized over a hash. For any valid use of this macro to build
+ * an algorithm \c alg, #PSA_ALG_IS_HASH_AND_SIGN(\c alg) is true.
+ *
+ * This value may not be used to build an algorithm specification to
+ * perform an operation. It is only valid to build policies.
+ */
+#define PSA_ALG_ANY_HASH                        ((psa_algorithm_t) 0x020000ff)
+
+#define PSA_ALG_MAC_SUBCATEGORY_MASK            ((psa_algorithm_t) 0x00c00000)
+#define PSA_ALG_HMAC_BASE                       ((psa_algorithm_t) 0x03800000)
+/** Macro to build an HMAC algorithm.
+ *
+ * For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *
+ * \return              The corresponding HMAC algorithm.
+ * \return              Unspecified if \p hash_alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_HMAC(hash_alg)                                  \
+    (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+
+#define PSA_ALG_HMAC_GET_HASH(hmac_alg)                             \
+    (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
+
+/** Whether the specified algorithm is an HMAC algorithm.
+ *
+ * HMAC is a family of MAC algorithms that are based on a hash function.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is an HMAC algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_HMAC(alg)                                            \
+    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
+     PSA_ALG_HMAC_BASE)
+
+/* In the encoding of a MAC algorithm, the bits corresponding to
+ * PSA_ALG_MAC_TRUNCATION_MASK encode the length to which the MAC is
+ * truncated. As an exception, the value 0 means the untruncated algorithm,
+ * whatever its length is. The length is encoded in 6 bits, so it can
+ * reach up to 63; the largest MAC is 64 bytes so its trivial truncation
+ * to full length is correctly encoded as 0 and any non-trivial truncation
+ * is correctly encoded as a value between 1 and 63. */
+#define PSA_ALG_MAC_TRUNCATION_MASK             ((psa_algorithm_t) 0x003f0000)
+#define PSA_MAC_TRUNCATION_OFFSET 16
+
+/* In the encoding of a MAC algorithm, the bit corresponding to
+ * #PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG encodes the fact that the algorithm
+ * is a wildcard algorithm. A key with such wildcard algorithm as permitted
+ * algorithm policy can be used with any algorithm corresponding to the
+ * same base class and having a (potentially truncated) MAC length greater or
+ * equal than the one encoded in #PSA_ALG_MAC_TRUNCATION_MASK. */
+#define PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG   ((psa_algorithm_t) 0x00008000)
+
+/** Macro to build a truncated MAC algorithm.
+ *
+ * A truncated MAC algorithm is identical to the corresponding MAC
+ * algorithm except that the MAC value for the truncated algorithm
+ * consists of only the first \p mac_length bytes of the MAC value
+ * for the untruncated algorithm.
+ *
+ * \note    This macro may allow constructing algorithm identifiers that
+ *          are not valid, either because the specified length is larger
+ *          than the untruncated MAC or because the specified length is
+ *          smaller than permitted by the implementation.
+ *
+ * \note    It is implementation-defined whether a truncated MAC that
+ *          is truncated to the same length as the MAC of the untruncated
+ *          algorithm is considered identical to the untruncated algorithm
+ *          for policy comparison purposes.
+ *
+ * \param mac_alg       A MAC algorithm identifier (value of type
+ *                      #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p mac_alg)
+ *                      is true). This may be a truncated or untruncated
+ *                      MAC algorithm.
+ * \param mac_length    Desired length of the truncated MAC in bytes.
+ *                      This must be at most the full length of the MAC
+ *                      and must be at least an implementation-specified
+ *                      minimum. The implementation-specified minimum
+ *                      shall not be zero.
+ *
+ * \return              The corresponding MAC algorithm with the specified
+ *                      length.
+ * \return              Unspecified if \p mac_alg is not a supported
+ *                      MAC algorithm or if \p mac_length is too small or
+ *                      too large for the specified MAC algorithm.
+ */
+#define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length)              \
+    (((mac_alg) & ~(PSA_ALG_MAC_TRUNCATION_MASK |               \
+                    PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG)) |   \
+     ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK))
+
+/** Macro to build the base MAC algorithm corresponding to a truncated
+ * MAC algorithm.
+ *
+ * \param mac_alg       A MAC algorithm identifier (value of type
+ *                      #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p mac_alg)
+ *                      is true). This may be a truncated or untruncated
+ *                      MAC algorithm.
+ *
+ * \return              The corresponding base MAC algorithm.
+ * \return              Unspecified if \p mac_alg is not a supported
+ *                      MAC algorithm.
+ */
+#define PSA_ALG_FULL_LENGTH_MAC(mac_alg)                        \
+    ((mac_alg) & ~(PSA_ALG_MAC_TRUNCATION_MASK |                \
+                   PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG))
+
+/** Length to which a MAC algorithm is truncated.
+ *
+ * \param mac_alg       A MAC algorithm identifier (value of type
+ *                      #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p mac_alg)
+ *                      is true).
+ *
+ * \return              Length of the truncated MAC in bytes.
+ * \return              0 if \p mac_alg is a non-truncated MAC algorithm.
+ * \return              Unspecified if \p mac_alg is not a supported
+ *                      MAC algorithm.
+ */
+#define PSA_MAC_TRUNCATED_LENGTH(mac_alg)                               \
+    (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)
+
+/** Macro to build a MAC minimum-MAC-length wildcard algorithm.
+ *
+ * A minimum-MAC-length MAC wildcard algorithm permits all MAC algorithms
+ * sharing the same base algorithm, and where the (potentially truncated) MAC
+ * length of the specific algorithm is equal to or larger then the wildcard
+ * algorithm's minimum MAC length.
+ *
+ * \note    When setting the minimum required MAC length to less than the
+ *          smallest MAC length allowed by the base algorithm, this effectively
+ *          becomes an 'any-MAC-length-allowed' policy for that base algorithm.
+ *
+ * \param mac_alg         A MAC algorithm identifier (value of type
+ *                        #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p mac_alg)
+ *                        is true).
+ * \param min_mac_length  Desired minimum length of the message authentication
+ *                        code in bytes. This must be at most the untruncated
+ *                        length of the MAC and must be at least 1.
+ *
+ * \return                The corresponding MAC wildcard algorithm with the
+ *                        specified minimum length.
+ * \return                Unspecified if \p mac_alg is not a supported MAC
+ *                        algorithm or if \p min_mac_length is less than 1 or
+ *                        too large for the specified MAC algorithm.
+ */
+#define PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(mac_alg, min_mac_length)   \
+    (PSA_ALG_TRUNCATED_MAC(mac_alg, min_mac_length) |              \
+     PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG)
+
+#define PSA_ALG_CIPHER_MAC_BASE                 ((psa_algorithm_t) 0x03c00000)
+/** The CBC-MAC construction over a block cipher
+ *
+ * \warning CBC-MAC is insecure in many cases.
+ * A more secure mode, such as #PSA_ALG_CMAC, is recommended.
+ */
+#define PSA_ALG_CBC_MAC                         ((psa_algorithm_t) 0x03c00100)
+/** The CMAC construction over a block cipher */
+#define PSA_ALG_CMAC                            ((psa_algorithm_t) 0x03c00200)
+
+/** Whether the specified algorithm is a MAC algorithm based on a block cipher.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a MAC algorithm based on a block cipher, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg)                                \
+    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
+     PSA_ALG_CIPHER_MAC_BASE)
+
+#define PSA_ALG_CIPHER_STREAM_FLAG              ((psa_algorithm_t) 0x00800000)
+#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG          ((psa_algorithm_t) 0x00400000)
+
+/** Whether the specified algorithm is a stream cipher.
+ *
+ * A stream cipher is a symmetric cipher that encrypts or decrypts messages
+ * by applying a bitwise-xor with a stream of bytes that is generated
+ * from a key.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a stream cipher algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier or if it is not a symmetric cipher algorithm.
+ */
+#define PSA_ALG_IS_STREAM_CIPHER(alg)            \
+    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \
+     (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
+
+/** The stream cipher mode of a stream cipher algorithm.
+ *
+ * The underlying stream cipher is determined by the key type.
+ * - To use ChaCha20, use a key type of #PSA_KEY_TYPE_CHACHA20.
+ * - To use ARC4, use a key type of #PSA_KEY_TYPE_ARC4.
+ */
+#define PSA_ALG_STREAM_CIPHER                   ((psa_algorithm_t) 0x04800100)
+
+/** The CTR stream cipher mode.
+ *
+ * CTR is a stream cipher which is built from a block cipher.
+ * The underlying block cipher is determined by the key type.
+ * For example, to use AES-128-CTR, use this algorithm with
+ * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes).
+ */
+#define PSA_ALG_CTR                             ((psa_algorithm_t) 0x04c01000)
+
+/** The CFB stream cipher mode.
+ *
+ * The underlying block cipher is determined by the key type.
+ */
+#define PSA_ALG_CFB                             ((psa_algorithm_t) 0x04c01100)
+
+/** The OFB stream cipher mode.
+ *
+ * The underlying block cipher is determined by the key type.
+ */
+#define PSA_ALG_OFB                             ((psa_algorithm_t) 0x04c01200)
+
+/** The XTS cipher mode.
+ *
+ * XTS is a cipher mode which is built from a block cipher. It requires at
+ * least one full block of input, but beyond this minimum the input
+ * does not need to be a whole number of blocks.
+ */
+#define PSA_ALG_XTS                             ((psa_algorithm_t) 0x0440ff00)
+
+/** The Electronic Code Book (ECB) mode of a block cipher, with no padding.
+ *
+ * \warning ECB mode does not protect the confidentiality of the encrypted data
+ * except in extremely narrow circumstances. It is recommended that applications
+ * only use ECB if they need to construct an operating mode that the
+ * implementation does not provide. Implementations are encouraged to provide
+ * the modes that applications need in preference to supporting direct access
+ * to ECB.
+ *
+ * The underlying block cipher is determined by the key type.
+ *
+ * This symmetric cipher mode can only be used with messages whose lengths are a
+ * multiple of the block size of the chosen block cipher.
+ *
+ * ECB mode does not accept an initialization vector (IV). When using a
+ * multi-part cipher operation with this algorithm, psa_cipher_generate_iv()
+ * and psa_cipher_set_iv() must not be called.
+ */
+#define PSA_ALG_ECB_NO_PADDING                  ((psa_algorithm_t) 0x04404400)
+
+/** The CBC block cipher chaining mode, with no padding.
+ *
+ * The underlying block cipher is determined by the key type.
+ *
+ * This symmetric cipher mode can only be used with messages whose lengths
+ * are whole number of blocks for the chosen block cipher.
+ */
+#define PSA_ALG_CBC_NO_PADDING                  ((psa_algorithm_t) 0x04404000)
+
+/** The CBC block cipher chaining mode with PKCS#7 padding.
+ *
+ * The underlying block cipher is determined by the key type.
+ *
+ * This is the padding method defined by PKCS#7 (RFC 2315) &sect;10.3.
+ */
+#define PSA_ALG_CBC_PKCS7                       ((psa_algorithm_t) 0x04404100)
+
+#define PSA_ALG_AEAD_FROM_BLOCK_FLAG            ((psa_algorithm_t) 0x00400000)
+
+/** Whether the specified algorithm is an AEAD mode on a block cipher.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is an AEAD algorithm which is an AEAD mode based on
+ *         a block cipher, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg)    \
+    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) == \
+     (PSA_ALG_CATEGORY_AEAD | PSA_ALG_AEAD_FROM_BLOCK_FLAG))
+
+/** The CCM authenticated encryption algorithm.
+ *
+ * The underlying block cipher is determined by the key type.
+ */
+#define PSA_ALG_CCM                             ((psa_algorithm_t) 0x05500100)
+
+/** The GCM authenticated encryption algorithm.
+ *
+ * The underlying block cipher is determined by the key type.
+ */
+#define PSA_ALG_GCM                             ((psa_algorithm_t) 0x05500200)
+
+/** The Chacha20-Poly1305 AEAD algorithm.
+ *
+ * The ChaCha20_Poly1305 construction is defined in RFC 7539.
+ *
+ * Implementations must support 12-byte nonces, may support 8-byte nonces,
+ * and should reject other sizes.
+ *
+ * Implementations must support 16-byte tags and should reject other sizes.
+ */
+#define PSA_ALG_CHACHA20_POLY1305               ((psa_algorithm_t) 0x05100500)
+
+/* In the encoding of an AEAD algorithm, the bits corresponding to
+ * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag.
+ * The constants for default lengths follow this encoding.
+ */
+#define PSA_ALG_AEAD_TAG_LENGTH_MASK            ((psa_algorithm_t) 0x003f0000)
+#define PSA_AEAD_TAG_LENGTH_OFFSET 16
+
+/* In the encoding of an AEAD algorithm, the bit corresponding to
+ * #PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG encodes the fact that the algorithm
+ * is a wildcard algorithm. A key with such wildcard algorithm as permitted
+ * algorithm policy can be used with any algorithm corresponding to the
+ * same base class and having a tag length greater than or equal to the one
+ * encoded in #PSA_ALG_AEAD_TAG_LENGTH_MASK. */
+#define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG  ((psa_algorithm_t) 0x00008000)
+
+/** Macro to build a shortened AEAD algorithm.
+ *
+ * A shortened AEAD algorithm is similar to the corresponding AEAD
+ * algorithm, but has an authentication tag that consists of fewer bytes.
+ * Depending on the algorithm, the tag length may affect the calculation
+ * of the ciphertext.
+ *
+ * \param aead_alg      An AEAD algorithm identifier (value of type
+ *                      #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p aead_alg)
+ *                      is true).
+ * \param tag_length    Desired length of the authentication tag in bytes.
+ *
+ * \return              The corresponding AEAD algorithm with the specified
+ *                      length.
+ * \return              Unspecified if \p aead_alg is not a supported
+ *                      AEAD algorithm or if \p tag_length is not valid
+ *                      for the specified AEAD algorithm.
+ */
+#define PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, tag_length)           \
+    (((aead_alg) & ~(PSA_ALG_AEAD_TAG_LENGTH_MASK |                     \
+                     PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)) |         \
+     ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET &                      \
+        PSA_ALG_AEAD_TAG_LENGTH_MASK))
+
+/** Retrieve the tag length of a specified AEAD algorithm
+ *
+ * \param aead_alg      An AEAD algorithm identifier (value of type
+ *                      #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p aead_alg)
+ *                      is true).
+ *
+ * \return              The tag length specified by the input algorithm.
+ * \return              Unspecified if \p aead_alg is not a supported
+ *                      AEAD algorithm.
+ */
+#define PSA_ALG_AEAD_GET_TAG_LENGTH(aead_alg)                           \
+    (((aead_alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >>                     \
+     PSA_AEAD_TAG_LENGTH_OFFSET)
+
+/** Calculate the corresponding AEAD algorithm with the default tag length.
+ *
+ * \param aead_alg      An AEAD algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_AEAD(\p aead_alg) is true).
+ *
+ * \return              The corresponding AEAD algorithm with the default
+ *                      tag length for that algorithm.
+ */
+#define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(aead_alg)                   \
+    (                                                                    \
+        PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_CCM) \
+        PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_GCM) \
+        PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, PSA_ALG_CHACHA20_POLY1305) \
+        0)
+#define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE(aead_alg, ref)         \
+    PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, 0) ==                      \
+    PSA_ALG_AEAD_WITH_SHORTENED_TAG(ref, 0) ?                            \
+    ref :
+
+/** Macro to build an AEAD minimum-tag-length wildcard algorithm.
+ *
+ * A minimum-tag-length AEAD wildcard algorithm permits all AEAD algorithms
+ * sharing the same base algorithm, and where the tag length of the specific
+ * algorithm is equal to or larger then the minimum tag length specified by the
+ * wildcard algorithm.
+ *
+ * \note    When setting the minimum required tag length to less than the
+ *          smallest tag length allowed by the base algorithm, this effectively
+ *          becomes an 'any-tag-length-allowed' policy for that base algorithm.
+ *
+ * \param aead_alg        An AEAD algorithm identifier (value of type
+ *                        #psa_algorithm_t such that
+ *                        #PSA_ALG_IS_AEAD(\p aead_alg) is true).
+ * \param min_tag_length  Desired minimum length of the authentication tag in
+ *                        bytes. This must be at least 1 and at most the largest
+ *                        allowed tag length of the algorithm.
+ *
+ * \return                The corresponding AEAD wildcard algorithm with the
+ *                        specified minimum length.
+ * \return                Unspecified if \p aead_alg is not a supported
+ *                        AEAD algorithm or if \p min_tag_length is less than 1
+ *                        or too large for the specified AEAD algorithm.
+ */
+#define PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(aead_alg, min_tag_length) \
+    (PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, min_tag_length) |            \
+     PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)
+
+#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE          ((psa_algorithm_t) 0x06000200)
+/** RSA PKCS#1 v1.5 signature with hashing.
+ *
+ * This is the signature scheme defined by RFC 8017
+ * (PKCS#1: RSA Cryptography Specifications) under the name
+ * RSASSA-PKCS1-v1_5.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *                      This includes #PSA_ALG_ANY_HASH
+ *                      when specifying the algorithm in a usage policy.
+ *
+ * \return              The corresponding RSA PKCS#1 v1.5 signature algorithm.
+ * \return              Unspecified if \p hash_alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg)                             \
+    (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+/** Raw PKCS#1 v1.5 signature.
+ *
+ * The input to this algorithm is the DigestInfo structure used by
+ * RFC 8017 (PKCS#1: RSA Cryptography Specifications), &sect;9.2
+ * steps 3&ndash;6.
+ */
+#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE
+#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)                               \
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
+
+#define PSA_ALG_RSA_PSS_BASE               ((psa_algorithm_t) 0x06000300)
+#define PSA_ALG_RSA_PSS_ANY_SALT_BASE      ((psa_algorithm_t) 0x06001300)
+/** RSA PSS signature with hashing.
+ *
+ * This is the signature scheme defined by RFC 8017
+ * (PKCS#1: RSA Cryptography Specifications) under the name
+ * RSASSA-PSS, with the message generation function MGF1, and with
+ * a salt length equal to the length of the hash, or the largest
+ * possible salt length for the algorithm and key size if that is
+ * smaller than the hash length. The specified hash algorithm is
+ * used to hash the input message, to create the salted hash, and
+ * for the mask generation.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *                      This includes #PSA_ALG_ANY_HASH
+ *                      when specifying the algorithm in a usage policy.
+ *
+ * \return              The corresponding RSA PSS signature algorithm.
+ * \return              Unspecified if \p hash_alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_RSA_PSS(hash_alg)                               \
+    (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+
+/** RSA PSS signature with hashing with relaxed verification.
+ *
+ * This algorithm has the same behavior as #PSA_ALG_RSA_PSS when signing,
+ * but allows an arbitrary salt length (including \c 0) when verifying a
+ * signature.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *                      This includes #PSA_ALG_ANY_HASH
+ *                      when specifying the algorithm in a usage policy.
+ *
+ * \return              The corresponding RSA PSS signature algorithm.
+ * \return              Unspecified if \p hash_alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_RSA_PSS_ANY_SALT(hash_alg)                      \
+    (PSA_ALG_RSA_PSS_ANY_SALT_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+
+/** Whether the specified algorithm is RSA PSS with standard salt.
+ *
+ * \param alg           An algorithm value or an algorithm policy wildcard.
+ *
+ * \return              1 if \p alg is of the form
+ *                      #PSA_ALG_RSA_PSS(\c hash_alg),
+ *                      where \c hash_alg is a hash algorithm or
+ *                      #PSA_ALG_ANY_HASH. 0 otherwise.
+ *                      This macro may return either 0 or 1 if \p alg is not
+ *                      a supported algorithm identifier or policy.
+ */
+#define PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg)                   \
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE)
+
+/** Whether the specified algorithm is RSA PSS with any salt.
+ *
+ * \param alg           An algorithm value or an algorithm policy wildcard.
+ *
+ * \return              1 if \p alg is of the form
+ *                      #PSA_ALG_RSA_PSS_ANY_SALT_BASE(\c hash_alg),
+ *                      where \c hash_alg is a hash algorithm or
+ *                      #PSA_ALG_ANY_HASH. 0 otherwise.
+ *                      This macro may return either 0 or 1 if \p alg is not
+ *                      a supported algorithm identifier or policy.
+ */
+#define PSA_ALG_IS_RSA_PSS_ANY_SALT(alg)                                \
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_ANY_SALT_BASE)
+
+/** Whether the specified algorithm is RSA PSS.
+ *
+ * This includes any of the RSA PSS algorithm variants, regardless of the
+ * constraints on salt length.
+ *
+ * \param alg           An algorithm value or an algorithm policy wildcard.
+ *
+ * \return              1 if \p alg is of the form
+ *                      #PSA_ALG_RSA_PSS(\c hash_alg) or
+ *                      #PSA_ALG_RSA_PSS_ANY_SALT_BASE(\c hash_alg),
+ *                      where \c hash_alg is a hash algorithm or
+ *                      #PSA_ALG_ANY_HASH. 0 otherwise.
+ *                      This macro may return either 0 or 1 if \p alg is not
+ *                      a supported algorithm identifier or policy.
+ */
+#define PSA_ALG_IS_RSA_PSS(alg)                                 \
+    (PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg) ||                   \
+     PSA_ALG_IS_RSA_PSS_ANY_SALT(alg))
+
+#define PSA_ALG_ECDSA_BASE                      ((psa_algorithm_t) 0x06000600)
+/** ECDSA signature with hashing.
+ *
+ * This is the ECDSA signature scheme defined by ANSI X9.62,
+ * with a random per-message secret number (*k*).
+ *
+ * The representation of the signature as a byte string consists of
+ * the concatenation of the signature values *r* and *s*. Each of
+ * *r* and *s* is encoded as an *N*-octet string, where *N* is the length
+ * of the base point of the curve in octets. Each value is represented
+ * in big-endian order (most significant octet first).
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *                      This includes #PSA_ALG_ANY_HASH
+ *                      when specifying the algorithm in a usage policy.
+ *
+ * \return              The corresponding ECDSA signature algorithm.
+ * \return              Unspecified if \p hash_alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_ECDSA(hash_alg)                                 \
+    (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+/** ECDSA signature without hashing.
+ *
+ * This is the same signature scheme as #PSA_ALG_ECDSA(), but
+ * without specifying a hash algorithm. This algorithm may only be
+ * used to sign or verify a sequence of bytes that should be an
+ * already-calculated hash. Note that the input is padded with
+ * zeros on the left or truncated on the left as required to fit
+ * the curve size.
+ */
+#define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
+#define PSA_ALG_DETERMINISTIC_ECDSA_BASE        ((psa_algorithm_t) 0x06000700)
+/** Deterministic ECDSA signature with hashing.
+ *
+ * This is the deterministic ECDSA signature scheme defined by RFC 6979.
+ *
+ * The representation of a signature is the same as with #PSA_ALG_ECDSA().
+ *
+ * Note that when this algorithm is used for verification, signatures
+ * made with randomized ECDSA (#PSA_ALG_ECDSA(\p hash_alg)) with the
+ * same private key are accepted. In other words,
+ * #PSA_ALG_DETERMINISTIC_ECDSA(\p hash_alg) differs from
+ * #PSA_ALG_ECDSA(\p hash_alg) only for signature, not for verification.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *                      This includes #PSA_ALG_ANY_HASH
+ *                      when specifying the algorithm in a usage policy.
+ *
+ * \return              The corresponding deterministic ECDSA signature
+ *                      algorithm.
+ * \return              Unspecified if \p hash_alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg)                           \
+    (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG        ((psa_algorithm_t) 0x00000100)
+#define PSA_ALG_IS_ECDSA(alg)                                           \
+    (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) ==  \
+     PSA_ALG_ECDSA_BASE)
+#define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)             \
+    (((alg) & PSA_ALG_ECDSA_DETERMINISTIC_FLAG) != 0)
+#define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg)                             \
+    (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
+#define PSA_ALG_IS_RANDOMIZED_ECDSA(alg)                                \
+    (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
+
+/** Edwards-curve digital signature algorithm without prehashing (PureEdDSA),
+ * using standard parameters.
+ *
+ * Contexts are not supported in the current version of this specification
+ * because there is no suitable signature interface that can take the
+ * context as a parameter. A future version of this specification may add
+ * suitable functions and extend this algorithm to support contexts.
+ *
+ * PureEdDSA requires an elliptic curve key on a twisted Edwards curve.
+ * In this specification, the following curves are supported:
+ * - #PSA_ECC_FAMILY_TWISTED_EDWARDS, 255-bit: Ed25519 as specified
+ *   in RFC 8032.
+ *   The curve is Edwards25519.
+ *   The hash function used internally is SHA-512.
+ * - #PSA_ECC_FAMILY_TWISTED_EDWARDS, 448-bit: Ed448 as specified
+ *   in RFC 8032.
+ *   The curve is Edwards448.
+ *   The hash function used internally is the first 114 bytes of the
+ *   SHAKE256 output.
+ *
+ * This algorithm can be used with psa_sign_message() and
+ * psa_verify_message(). Since there is no prehashing, it cannot be used
+ * with psa_sign_hash() or psa_verify_hash().
+ *
+ * The signature format is the concatenation of R and S as defined by
+ * RFC 8032 §5.1.6 and §5.2.6 (a 64-byte string for Ed25519, a 114-byte
+ * string for Ed448).
+ */
+#define PSA_ALG_PURE_EDDSA                      ((psa_algorithm_t) 0x06000800)
+
+#define PSA_ALG_HASH_EDDSA_BASE                 ((psa_algorithm_t) 0x06000900)
+#define PSA_ALG_IS_HASH_EDDSA(alg)              \
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HASH_EDDSA_BASE)
+
+/** Edwards-curve digital signature algorithm with prehashing (HashEdDSA),
+ * using SHA-512 and the Edwards25519 curve.
+ *
+ * See #PSA_ALG_PURE_EDDSA regarding context support and the signature format.
+ *
+ * This algorithm is Ed25519 as specified in RFC 8032.
+ * The curve is Edwards25519.
+ * The prehash is SHA-512.
+ * The hash function used internally is SHA-512.
+ *
+ * This is a hash-and-sign algorithm: to calculate a signature,
+ * you can either:
+ * - call psa_sign_message() on the message;
+ * - or calculate the SHA-512 hash of the message
+ *   with psa_hash_compute()
+ *   or with a multi-part hash operation started with psa_hash_setup(),
+ *   using the hash algorithm #PSA_ALG_SHA_512,
+ *   then sign the calculated hash with psa_sign_hash().
+ * Verifying a signature is similar, using psa_verify_message() or
+ * psa_verify_hash() instead of the signature function.
+ */
+#define PSA_ALG_ED25519PH                               \
+    (PSA_ALG_HASH_EDDSA_BASE | (PSA_ALG_SHA_512 & PSA_ALG_HASH_MASK))
+
+/** Edwards-curve digital signature algorithm with prehashing (HashEdDSA),
+ * using SHAKE256 and the Edwards448 curve.
+ *
+ * See #PSA_ALG_PURE_EDDSA regarding context support and the signature format.
+ *
+ * This algorithm is Ed448 as specified in RFC 8032.
+ * The curve is Edwards448.
+ * The prehash is the first 64 bytes of the SHAKE256 output.
+ * The hash function used internally is the first 114 bytes of the
+ * SHAKE256 output.
+ *
+ * This is a hash-and-sign algorithm: to calculate a signature,
+ * you can either:
+ * - call psa_sign_message() on the message;
+ * - or calculate the first 64 bytes of the SHAKE256 output of the message
+ *   with psa_hash_compute()
+ *   or with a multi-part hash operation started with psa_hash_setup(),
+ *   using the hash algorithm #PSA_ALG_SHAKE256_512,
+ *   then sign the calculated hash with psa_sign_hash().
+ * Verifying a signature is similar, using psa_verify_message() or
+ * psa_verify_hash() instead of the signature function.
+ */
+#define PSA_ALG_ED448PH                                 \
+    (PSA_ALG_HASH_EDDSA_BASE | (PSA_ALG_SHAKE256_512 & PSA_ALG_HASH_MASK))
+
+/* Default definition, to be overridden if the library is extended with
+ * more hash-and-sign algorithms that we want to keep out of this header
+ * file. */
+#define PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg) 0
+
+/** Whether the specified algorithm is a signature algorithm that can be used
+ * with psa_sign_hash() and psa_verify_hash().
+ *
+ * This encompasses all strict hash-and-sign algorithms categorized by
+ * PSA_ALG_IS_HASH_AND_SIGN(), as well as algorithms that follow the
+ * paradigm more loosely:
+ * - #PSA_ALG_RSA_PKCS1V15_SIGN_RAW (expects its input to be an encoded hash)
+ * - #PSA_ALG_ECDSA_ANY (doesn't specify what kind of hash the input is)
+ *
+ * \param alg An algorithm identifier (value of type psa_algorithm_t).
+ *
+ * \return 1 if alg is a signature algorithm that can be used to sign a
+ *         hash. 0 if alg is a signature algorithm that can only be used
+ *         to sign a message. 0 if alg is not a signature algorithm.
+ *         This macro can return either 0 or 1 if alg is not a
+ *         supported algorithm identifier.
+ */
+#define PSA_ALG_IS_SIGN_HASH(alg)                                       \
+    (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) ||    \
+     PSA_ALG_IS_ECDSA(alg) || PSA_ALG_IS_HASH_EDDSA(alg) ||             \
+     PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg))
+
+/** Whether the specified algorithm is a signature algorithm that can be used
+ * with psa_sign_message() and psa_verify_message().
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if alg is a signature algorithm that can be used to sign a
+ *         message. 0 if \p alg is a signature algorithm that can only be used
+ *         to sign an already-calculated hash. 0 if \p alg is not a signature
+ *         algorithm. This macro can return either 0 or 1 if \p alg is not a
+ *         supported algorithm identifier.
+ */
+#define PSA_ALG_IS_SIGN_MESSAGE(alg)                                    \
+    (PSA_ALG_IS_SIGN_HASH(alg) || (alg) == PSA_ALG_PURE_EDDSA)
+
+/** Whether the specified algorithm is a hash-and-sign algorithm.
+ *
+ * Hash-and-sign algorithms are asymmetric (public-key) signature algorithms
+ * structured in two parts: first the calculation of a hash in a way that
+ * does not depend on the key, then the calculation of a signature from the
+ * hash value and the key. Hash-and-sign algorithms encode the hash
+ * used for the hashing step, and you can call #PSA_ALG_SIGN_GET_HASH
+ * to extract this algorithm.
+ *
+ * Thus, for a hash-and-sign algorithm,
+ * `psa_sign_message(key, alg, input, ...)` is equivalent to
+ * ```
+ * psa_hash_compute(PSA_ALG_SIGN_GET_HASH(alg), input, ..., hash, ...);
+ * psa_sign_hash(key, alg, hash, ..., signature, ...);
+ * ```
+ * Most usefully, separating the hash from the signature allows the hash
+ * to be calculated in multiple steps with psa_hash_setup(), psa_hash_update()
+ * and psa_hash_finish(). Likewise psa_verify_message() is equivalent to
+ * calculating the hash and then calling psa_verify_hash().
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a hash-and-sign algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_HASH_AND_SIGN(alg)                                   \
+    (PSA_ALG_IS_SIGN_HASH(alg) &&                                       \
+     ((alg) & PSA_ALG_HASH_MASK) != 0)
+
+/** Get the hash used by a hash-and-sign signature algorithm.
+ *
+ * A hash-and-sign algorithm is a signature algorithm which is
+ * composed of two phases: first a hashing phase which does not use
+ * the key and produces a hash of the input message, then a signing
+ * phase which only uses the hash and the key and not the message
+ * itself.
+ *
+ * \param alg   A signature algorithm (\c PSA_ALG_XXX value such that
+ *              #PSA_ALG_IS_SIGN(\p alg) is true).
+ *
+ * \return      The underlying hash algorithm if \p alg is a hash-and-sign
+ *              algorithm.
+ * \return      0 if \p alg is a signature algorithm that does not
+ *              follow the hash-and-sign structure.
+ * \return      Unspecified if \p alg is not a signature algorithm or
+ *              if it is not supported by the implementation.
+ */
+#define PSA_ALG_SIGN_GET_HASH(alg)                                     \
+    (PSA_ALG_IS_HASH_AND_SIGN(alg) ?                                   \
+     ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH :             \
+     0)
+
+/** RSA PKCS#1 v1.5 encryption.
+ *
+ * \warning     Calling psa_asymmetric_decrypt() with this algorithm as a
+ *              parameter is considered an inherently dangerous function
+ *              (CWE-242). Unless it is used in a side channel free and safe
+ *              way (eg. implementing the TLS protocol as per 7.4.7.1 of
+ *              RFC 5246), the calling code is vulnerable.
+ *
+ */
+#define PSA_ALG_RSA_PKCS1V15_CRYPT              ((psa_algorithm_t) 0x07000200)
+
+#define PSA_ALG_RSA_OAEP_BASE                   ((psa_algorithm_t) 0x07000300)
+/** RSA OAEP encryption.
+ *
+ * This is the encryption scheme defined by RFC 8017
+ * (PKCS#1: RSA Cryptography Specifications) under the name
+ * RSAES-OAEP, with the message generation function MGF1.
+ *
+ * \param hash_alg      The hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true) to use
+ *                      for MGF1.
+ *
+ * \return              The corresponding RSA OAEP encryption algorithm.
+ * \return              Unspecified if \p hash_alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_RSA_OAEP(hash_alg)                              \
+    (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_IS_RSA_OAEP(alg)                                \
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE)
+#define PSA_ALG_RSA_OAEP_GET_HASH(alg)                          \
+    (PSA_ALG_IS_RSA_OAEP(alg) ?                                 \
+     ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH :      \
+     0)
+
+#define PSA_ALG_HKDF_BASE                       ((psa_algorithm_t) 0x08000100)
+/** Macro to build an HKDF algorithm.
+ *
+ * For example, `PSA_ALG_HKDF(PSA_ALG_SHA_256)` is HKDF using HMAC-SHA-256.
+ *
+ * This key derivation algorithm uses the following inputs:
+ * - #PSA_KEY_DERIVATION_INPUT_SALT is the salt used in the "extract" step.
+ *   It is optional; if omitted, the derivation uses an empty salt.
+ * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key used in the "extract" step.
+ * - #PSA_KEY_DERIVATION_INPUT_INFO is the info string used in the "expand" step.
+ * You must pass #PSA_KEY_DERIVATION_INPUT_SALT before #PSA_KEY_DERIVATION_INPUT_SECRET.
+ * You may pass #PSA_KEY_DERIVATION_INPUT_INFO at any time after steup and before
+ * starting to generate output.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *
+ * \return              The corresponding HKDF algorithm.
+ * \return              Unspecified if \p hash_alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_HKDF(hash_alg)                                  \
+    (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+/** Whether the specified algorithm is an HKDF algorithm.
+ *
+ * HKDF is a family of key derivation algorithms that are based on a hash
+ * function and the HMAC construction.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is an HKDF algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         key derivation algorithm identifier.
+ */
+#define PSA_ALG_IS_HKDF(alg)                            \
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE)
+#define PSA_ALG_HKDF_GET_HASH(hkdf_alg)                         \
+    (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
+
+#define PSA_ALG_TLS12_PRF_BASE                  ((psa_algorithm_t) 0x08000200)
+/** Macro to build a TLS-1.2 PRF algorithm.
+ *
+ * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule,
+ * specified in Section 5 of RFC 5246. It is based on HMAC and can be
+ * used with either SHA-256 or SHA-384.
+ *
+ * This key derivation algorithm uses the following inputs, which must be
+ * passed in the order given here:
+ * - #PSA_KEY_DERIVATION_INPUT_SEED is the seed.
+ * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key.
+ * - #PSA_KEY_DERIVATION_INPUT_LABEL is the label.
+ *
+ * For the application to TLS-1.2 key expansion, the seed is the
+ * concatenation of ServerHello.Random + ClientHello.Random,
+ * and the label is "key expansion".
+ *
+ * For example, `PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)` represents the
+ * TLS 1.2 PRF using HMAC-SHA-256.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *
+ * \return              The corresponding TLS-1.2 PRF algorithm.
+ * \return              Unspecified if \p hash_alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_TLS12_PRF(hash_alg)                                  \
+    (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+
+/** Whether the specified algorithm is a TLS-1.2 PRF algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a TLS-1.2 PRF algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         key derivation algorithm identifier.
+ */
+#define PSA_ALG_IS_TLS12_PRF(alg)                                    \
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE)
+#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg)                         \
+    (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
+
+#define PSA_ALG_TLS12_PSK_TO_MS_BASE            ((psa_algorithm_t) 0x08000300)
+/** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm.
+ *
+ * In a pure-PSK handshake in TLS 1.2, the master secret is derived
+ * from the PreSharedKey (PSK) through the application of padding
+ * (RFC 4279, Section 2) and the TLS-1.2 PRF (RFC 5246, Section 5).
+ * The latter is based on HMAC and can be used with either SHA-256
+ * or SHA-384.
+ *
+ * This key derivation algorithm uses the following inputs, which must be
+ * passed in the order given here:
+ * - #PSA_KEY_DERIVATION_INPUT_SEED is the seed.
+ * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key.
+ * - #PSA_KEY_DERIVATION_INPUT_LABEL is the label.
+ *
+ * For the application to TLS-1.2, the seed (which is
+ * forwarded to the TLS-1.2 PRF) is the concatenation of the
+ * ClientHello.Random + ServerHello.Random,
+ * and the label is "master secret" or "extended master secret".
+ *
+ * For example, `PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)` represents the
+ * TLS-1.2 PSK to MasterSecret derivation PRF using HMAC-SHA-256.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *
+ * \return              The corresponding TLS-1.2 PSK to MS algorithm.
+ * \return              Unspecified if \p hash_alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_TLS12_PSK_TO_MS(hash_alg)                                  \
+    (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+
+/** Whether the specified algorithm is a TLS-1.2 PSK to MS algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a TLS-1.2 PSK to MS algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         key derivation algorithm identifier.
+ */
+#define PSA_ALG_IS_TLS12_PSK_TO_MS(alg)                                    \
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE)
+#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg)                         \
+    (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
+
+#define PSA_ALG_KEY_DERIVATION_MASK             ((psa_algorithm_t) 0xfe00ffff)
+#define PSA_ALG_KEY_AGREEMENT_MASK              ((psa_algorithm_t) 0xffff0000)
+
+/** Macro to build a combined algorithm that chains a key agreement with
+ * a key derivation.
+ *
+ * \param ka_alg        A key agreement algorithm (\c PSA_ALG_XXX value such
+ *                      that #PSA_ALG_IS_KEY_AGREEMENT(\p ka_alg) is true).
+ * \param kdf_alg       A key derivation algorithm (\c PSA_ALG_XXX value such
+ *                      that #PSA_ALG_IS_KEY_DERIVATION(\p kdf_alg) is true).
+ *
+ * \return              The corresponding key agreement and derivation
+ *                      algorithm.
+ * \return              Unspecified if \p ka_alg is not a supported
+ *                      key agreement algorithm or \p kdf_alg is not a
+ *                      supported key derivation algorithm.
+ */
+#define PSA_ALG_KEY_AGREEMENT(ka_alg, kdf_alg)  \
+    ((ka_alg) | (kdf_alg))
+
+#define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg)                              \
+    (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION)
+
+#define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg)                             \
+    (((alg) & PSA_ALG_KEY_AGREEMENT_MASK) | PSA_ALG_CATEGORY_KEY_AGREEMENT)
+
+/** Whether the specified algorithm is a raw key agreement algorithm.
+ *
+ * A raw key agreement algorithm is one that does not specify
+ * a key derivation function.
+ * Usually, raw key agreement algorithms are constructed directly with
+ * a \c PSA_ALG_xxx macro while non-raw key agreement algorithms are
+ * constructed with #PSA_ALG_KEY_AGREEMENT().
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a raw key agreement algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)                               \
+    (PSA_ALG_IS_KEY_AGREEMENT(alg) &&                                   \
+     PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) == PSA_ALG_CATEGORY_KEY_DERIVATION)
+
+#define PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT(alg)     \
+    ((PSA_ALG_IS_KEY_DERIVATION(alg) || PSA_ALG_IS_KEY_AGREEMENT(alg)))
+
+/** The finite-field Diffie-Hellman (DH) key agreement algorithm.
+ *
+ * The shared secret produced by key agreement is
+ * `g^{ab}` in big-endian format.
+ * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p`
+ * in bits.
+ */
+#define PSA_ALG_FFDH                            ((psa_algorithm_t) 0x09010000)
+
+/** Whether the specified algorithm is a finite field Diffie-Hellman algorithm.
+ *
+ * This includes the raw finite field Diffie-Hellman algorithm as well as
+ * finite-field Diffie-Hellman followed by any supporter key derivation
+ * algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a finite field Diffie-Hellman algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         key agreement algorithm identifier.
+ */
+#define PSA_ALG_IS_FFDH(alg) \
+    (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH)
+
+/** The elliptic curve Diffie-Hellman (ECDH) key agreement algorithm.
+ *
+ * The shared secret produced by key agreement is the x-coordinate of
+ * the shared secret point. It is always `ceiling(m / 8)` bytes long where
+ * `m` is the bit size associated with the curve, i.e. the bit size of the
+ * order of the curve's coordinate field. When `m` is not a multiple of 8,
+ * the byte containing the most significant bit of the shared secret
+ * is padded with zero bits. The byte order is either little-endian
+ * or big-endian depending on the curve type.
+ *
+ * - For Montgomery curves (curve types `PSA_ECC_FAMILY_CURVEXXX`),
+ *   the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
+ *   in little-endian byte order.
+ *   The bit size is 448 for Curve448 and 255 for Curve25519.
+ * - For Weierstrass curves over prime fields (curve types
+ *   `PSA_ECC_FAMILY_SECPXXX` and `PSA_ECC_FAMILY_BRAINPOOL_PXXX`),
+ *   the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
+ *   in big-endian byte order.
+ *   The bit size is `m = ceiling(log_2(p))` for the field `F_p`.
+ * - For Weierstrass curves over binary fields (curve types
+ *   `PSA_ECC_FAMILY_SECTXXX`),
+ *   the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
+ *   in big-endian byte order.
+ *   The bit size is `m` for the field `F_{2^m}`.
+ */
+#define PSA_ALG_ECDH                            ((psa_algorithm_t) 0x09020000)
+
+/** Whether the specified algorithm is an elliptic curve Diffie-Hellman
+ * algorithm.
+ *
+ * This includes the raw elliptic curve Diffie-Hellman algorithm as well as
+ * elliptic curve Diffie-Hellman followed by any supporter key derivation
+ * algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is an elliptic curve Diffie-Hellman algorithm,
+ *         0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         key agreement algorithm identifier.
+ */
+#define PSA_ALG_IS_ECDH(alg) \
+    (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH)
+
+/** Whether the specified algorithm encoding is a wildcard.
+ *
+ * Wildcard values may only be used to set the usage algorithm field in
+ * a policy, not to perform an operation.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a wildcard algorithm encoding.
+ * \return 0 if \c alg is a non-wildcard algorithm encoding (suitable for
+ *         an operation).
+ * \return This macro may return either 0 or 1 if \c alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_WILDCARD(alg)                            \
+    (PSA_ALG_IS_HASH_AND_SIGN(alg) ?                        \
+     PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH :       \
+     PSA_ALG_IS_MAC(alg) ?                                  \
+     (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0 :   \
+     PSA_ALG_IS_AEAD(alg) ?                                 \
+     (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0 :  \
+     (alg) == PSA_ALG_ANY_HASH)
+
+/**@}*/
+
+/** \defgroup key_lifetimes Key lifetimes
+ * @{
+ */
+
+/* Note that location and persistence level values are embedded in the
+ * persistent key store, as part of key metadata. As a consequence, they
+ * must not be changed (unless the storage format version changes).
+ */
+
+/** The default lifetime for volatile keys.
+ *
+ * A volatile key only exists as long as the identifier to it is not destroyed.
+ * The key material is guaranteed to be erased on a power reset.
+ *
+ * A key with this lifetime is typically stored in the RAM area of the
+ * PSA Crypto subsystem. However this is an implementation choice.
+ * If an implementation stores data about the key in a non-volatile memory,
+ * it must release all the resources associated with the key and erase the
+ * key material if the calling application terminates.
+ */
+#define PSA_KEY_LIFETIME_VOLATILE               ((psa_key_lifetime_t) 0x00000000)
+
+/** The default lifetime for persistent keys.
+ *
+ * A persistent key remains in storage until it is explicitly destroyed or
+ * until the corresponding storage area is wiped. This specification does
+ * not define any mechanism to wipe a storage area, but integrations may
+ * provide their own mechanism (for example to perform a factory reset,
+ * to prepare for device refurbishment, or to uninstall an application).
+ *
+ * This lifetime value is the default storage area for the calling
+ * application. Integrations of Mbed TLS may support other persistent lifetimes.
+ * See ::psa_key_lifetime_t for more information.
+ */
+#define PSA_KEY_LIFETIME_PERSISTENT             ((psa_key_lifetime_t) 0x00000001)
+
+/** The persistence level of volatile keys.
+ *
+ * See ::psa_key_persistence_t for more information.
+ */
+#define PSA_KEY_PERSISTENCE_VOLATILE            ((psa_key_persistence_t) 0x00)
+
+/** The default persistence level for persistent keys.
+ *
+ * See ::psa_key_persistence_t for more information.
+ */
+#define PSA_KEY_PERSISTENCE_DEFAULT             ((psa_key_persistence_t) 0x01)
+
+/** A persistence level indicating that a key is never destroyed.
+ *
+ * See ::psa_key_persistence_t for more information.
+ */
+#define PSA_KEY_PERSISTENCE_READ_ONLY           ((psa_key_persistence_t) 0xff)
+
+#define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime)      \
+    ((psa_key_persistence_t) ((lifetime) & 0x000000ff))
+
+#define PSA_KEY_LIFETIME_GET_LOCATION(lifetime)      \
+    ((psa_key_location_t) ((lifetime) >> 8))
+
+/** Whether a key lifetime indicates that the key is volatile.
+ *
+ * A volatile key is automatically destroyed by the implementation when
+ * the application instance terminates. In particular, a volatile key
+ * is automatically destroyed on a power reset of the device.
+ *
+ * A key that is not volatile is persistent. Persistent keys are
+ * preserved until the application explicitly destroys them or until an
+ * implementation-specific device management event occurs (for example,
+ * a factory reset).
+ *
+ * \param lifetime      The lifetime value to query (value of type
+ *                      ::psa_key_lifetime_t).
+ *
+ * \return \c 1 if the key is volatile, otherwise \c 0.
+ */
+#define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)  \
+    (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
+     PSA_KEY_PERSISTENCE_VOLATILE)
+
+/** Whether a key lifetime indicates that the key is read-only.
+ *
+ * Read-only keys cannot be created or destroyed through the PSA Crypto API.
+ * They must be created through platform-specific means that bypass the API.
+ *
+ * Some platforms may offer ways to destroy read-only keys. For example,
+ * consider a platform with multiple levels of privilege, where a
+ * low-privilege application can use a key but is not allowed to destroy
+ * it, and the platform exposes the key to the application with a read-only
+ * lifetime. High-privilege code can destroy the key even though the
+ * application sees the key as read-only.
+ *
+ * \param lifetime      The lifetime value to query (value of type
+ *                      ::psa_key_lifetime_t).
+ *
+ * \return \c 1 if the key is read-only, otherwise \c 0.
+ */
+#define PSA_KEY_LIFETIME_IS_READ_ONLY(lifetime)  \
+    (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
+     PSA_KEY_PERSISTENCE_READ_ONLY)
+
+/** Construct a lifetime from a persistence level and a location.
+ *
+ * \param persistence   The persistence level
+ *                      (value of type ::psa_key_persistence_t).
+ * \param location      The location indicator
+ *                      (value of type ::psa_key_location_t).
+ *
+ * \return The constructed lifetime value.
+ */
+#define PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(persistence, location) \
+    ((location) << 8 | (persistence))
+
+/** The local storage area for persistent keys.
+ *
+ * This storage area is available on all systems that can store persistent
+ * keys without delegating the storage to a third-party cryptoprocessor.
+ *
+ * See ::psa_key_location_t for more information.
+ */
+#define PSA_KEY_LOCATION_LOCAL_STORAGE          ((psa_key_location_t) 0x000000)
+
+#define PSA_KEY_LOCATION_VENDOR_FLAG            ((psa_key_location_t) 0x800000)
+
+/* Note that key identifier values are embedded in the
+ * persistent key store, as part of key metadata. As a consequence, they
+ * must not be changed (unless the storage format version changes).
+ */
+
+/** The null key identifier.
+ */
+/* *INDENT-OFF* (https://github.com/ARM-software/psa-arch-tests/issues/337) */
+#define PSA_KEY_ID_NULL                         ((psa_key_id_t)0)
+/* *INDENT-ON* */
+/** The minimum value for a key identifier chosen by the application.
+ */
+#define PSA_KEY_ID_USER_MIN                     ((psa_key_id_t) 0x00000001)
+/** The maximum value for a key identifier chosen by the application.
+ */
+#define PSA_KEY_ID_USER_MAX                     ((psa_key_id_t) 0x3fffffff)
+/** The minimum value for a key identifier chosen by the implementation.
+ */
+#define PSA_KEY_ID_VENDOR_MIN                   ((psa_key_id_t) 0x40000000)
+/** The maximum value for a key identifier chosen by the implementation.
+ */
+#define PSA_KEY_ID_VENDOR_MAX                   ((psa_key_id_t) 0x7fffffff)
+
+
+#if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+
+#define MBEDTLS_SVC_KEY_ID_INIT ((psa_key_id_t) 0)
+#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) (id)
+#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(id) (0)
+
+/** Utility to initialize a key identifier at runtime.
+ *
+ * \param unused  Unused parameter.
+ * \param key_id  Identifier of the key.
+ */
+static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make(
+    unsigned int unused, psa_key_id_t key_id)
+{
+    (void) unused;
+
+    return key_id;
+}
+
+/** Compare two key identifiers.
+ *
+ * \param id1 First key identifier.
+ * \param id2 Second key identifier.
+ *
+ * \return Non-zero if the two key identifier are equal, zero otherwise.
+ */
+static inline int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1,
+                                           mbedtls_svc_key_id_t id2)
+{
+    return id1 == id2;
+}
+
+/** Check whether a key identifier is null.
+ *
+ * \param key Key identifier.
+ *
+ * \return Non-zero if the key identifier is null, zero otherwise.
+ */
+static inline int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key)
+{
+    return key == 0;
+}
+
+#else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
+
+#define MBEDTLS_SVC_KEY_ID_INIT ((mbedtls_svc_key_id_t){ 0, 0 })
+#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) ((id).key_id)
+#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(id) ((id).owner)
+
+/** Utility to initialize a key identifier at runtime.
+ *
+ * \param owner_id Identifier of the key owner.
+ * \param key_id   Identifier of the key.
+ */
+static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make(
+    mbedtls_key_owner_id_t owner_id, psa_key_id_t key_id)
+{
+    return (mbedtls_svc_key_id_t){ .key_id = key_id,
+                                   .owner = owner_id };
+}
+
+/** Compare two key identifiers.
+ *
+ * \param id1 First key identifier.
+ * \param id2 Second key identifier.
+ *
+ * \return Non-zero if the two key identifier are equal, zero otherwise.
+ */
+static inline int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1,
+                                           mbedtls_svc_key_id_t id2)
+{
+    return (id1.key_id == id2.key_id) &&
+           mbedtls_key_owner_id_equal(id1.owner, id2.owner);
+}
+
+/** Check whether a key identifier is null.
+ *
+ * \param key Key identifier.
+ *
+ * \return Non-zero if the key identifier is null, zero otherwise.
+ */
+static inline int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key)
+{
+    return key.key_id == 0;
+}
+
+#endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
+
+/**@}*/
+
+/** \defgroup policy Key policies
+ * @{
+ */
+
+/* Note that key usage flags are embedded in the
+ * persistent key store, as part of key metadata. As a consequence, they
+ * must not be changed (unless the storage format version changes).
+ */
+
+/** Whether the key may be exported.
+ *
+ * A public key or the public part of a key pair may always be exported
+ * regardless of the value of this permission flag.
+ *
+ * If a key does not have export permission, implementations shall not
+ * allow the key to be exported in plain form from the cryptoprocessor,
+ * whether through psa_export_key() or through a proprietary interface.
+ * The key may however be exportable in a wrapped form, i.e. in a form
+ * where it is encrypted by another key.
+ */
+#define PSA_KEY_USAGE_EXPORT                    ((psa_key_usage_t) 0x00000001)
+
+/** Whether the key may be copied.
+ *
+ * This flag allows the use of psa_copy_key() to make a copy of the key
+ * with the same policy or a more restrictive policy.
+ *
+ * For lifetimes for which the key is located in a secure element which
+ * enforce the non-exportability of keys, copying a key outside the secure
+ * element also requires the usage flag #PSA_KEY_USAGE_EXPORT.
+ * Copying the key inside the secure element is permitted with just
+ * #PSA_KEY_USAGE_COPY if the secure element supports it.
+ * For keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE or
+ * #PSA_KEY_LIFETIME_PERSISTENT, the usage flag #PSA_KEY_USAGE_COPY
+ * is sufficient to permit the copy.
+ */
+#define PSA_KEY_USAGE_COPY                      ((psa_key_usage_t) 0x00000002)
+
+/** Whether the key may be used to encrypt a message.
+ *
+ * This flag allows the key to be used for a symmetric encryption operation,
+ * for an AEAD encryption-and-authentication operation,
+ * or for an asymmetric encryption operation,
+ * if otherwise permitted by the key's type and policy.
+ *
+ * For a key pair, this concerns the public key.
+ */
+#define PSA_KEY_USAGE_ENCRYPT                   ((psa_key_usage_t) 0x00000100)
+
+/** Whether the key may be used to decrypt a message.
+ *
+ * This flag allows the key to be used for a symmetric decryption operation,
+ * for an AEAD decryption-and-verification operation,
+ * or for an asymmetric decryption operation,
+ * if otherwise permitted by the key's type and policy.
+ *
+ * For a key pair, this concerns the private key.
+ */
+#define PSA_KEY_USAGE_DECRYPT                   ((psa_key_usage_t) 0x00000200)
+
+/** Whether the key may be used to sign a message.
+ *
+ * This flag allows the key to be used for a MAC calculation operation or for
+ * an asymmetric message signature operation, if otherwise permitted by the
+ * key’s type and policy.
+ *
+ * For a key pair, this concerns the private key.
+ */
+#define PSA_KEY_USAGE_SIGN_MESSAGE              ((psa_key_usage_t) 0x00000400)
+
+/** Whether the key may be used to verify a message.
+ *
+ * This flag allows the key to be used for a MAC verification operation or for
+ * an asymmetric message signature verification operation, if otherwise
+ * permitted by the key’s type and policy.
+ *
+ * For a key pair, this concerns the public key.
+ */
+#define PSA_KEY_USAGE_VERIFY_MESSAGE            ((psa_key_usage_t) 0x00000800)
+
+/** Whether the key may be used to sign a message.
+ *
+ * This flag allows the key to be used for a MAC calculation operation
+ * or for an asymmetric signature operation,
+ * if otherwise permitted by the key's type and policy.
+ *
+ * For a key pair, this concerns the private key.
+ */
+#define PSA_KEY_USAGE_SIGN_HASH                 ((psa_key_usage_t) 0x00001000)
+
+/** Whether the key may be used to verify a message signature.
+ *
+ * This flag allows the key to be used for a MAC verification operation
+ * or for an asymmetric signature verification operation,
+ * if otherwise permitted by by the key's type and policy.
+ *
+ * For a key pair, this concerns the public key.
+ */
+#define PSA_KEY_USAGE_VERIFY_HASH               ((psa_key_usage_t) 0x00002000)
+
+/** Whether the key may be used to derive other keys.
+ */
+#define PSA_KEY_USAGE_DERIVE                    ((psa_key_usage_t) 0x00004000)
+
+/**@}*/
+
+/** \defgroup derivation Key derivation
+ * @{
+ */
+
+/* Key input steps are not embedded in the persistent storage, so you can
+ * change them if needed: it's only an ABI change. */
+
+/** A secret input for key derivation.
+ *
+ * This should be a key of type #PSA_KEY_TYPE_DERIVE
+ * (passed to psa_key_derivation_input_key())
+ * or the shared secret resulting from a key agreement
+ * (obtained via psa_key_derivation_key_agreement()).
+ *
+ * The secret can also be a direct input (passed to
+ * key_derivation_input_bytes()). In this case, the derivation operation
+ * may not be used to derive keys: the operation will only allow
+ * psa_key_derivation_output_bytes(), not psa_key_derivation_output_key().
+ */
+#define PSA_KEY_DERIVATION_INPUT_SECRET     ((psa_key_derivation_step_t) 0x0101)
+
+/** A label for key derivation.
+ *
+ * This should be a direct input.
+ * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
+ */
+#define PSA_KEY_DERIVATION_INPUT_LABEL      ((psa_key_derivation_step_t) 0x0201)
+
+/** A salt for key derivation.
+ *
+ * This should be a direct input.
+ * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
+ */
+#define PSA_KEY_DERIVATION_INPUT_SALT       ((psa_key_derivation_step_t) 0x0202)
+
+/** An information string for key derivation.
+ *
+ * This should be a direct input.
+ * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
+ */
+#define PSA_KEY_DERIVATION_INPUT_INFO       ((psa_key_derivation_step_t) 0x0203)
+
+/** A seed for key derivation.
+ *
+ * This should be a direct input.
+ * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
+ */
+#define PSA_KEY_DERIVATION_INPUT_SEED       ((psa_key_derivation_step_t) 0x0204)
+
+/**@}*/
+
+/** \defgroup helper_macros Helper macros
+ * @{
+ */
+
+/* Helper macros */
+
+/** Check if two AEAD algorithm identifiers refer to the same AEAD algorithm
+ *  regardless of the tag length they encode.
+ *
+ * \param aead_alg_1 An AEAD algorithm identifier.
+ * \param aead_alg_2 An AEAD algorithm identifier.
+ *
+ * \return           1 if both identifiers refer to the same AEAD algorithm,
+ *                   0 otherwise.
+ *                   Unspecified if neither \p aead_alg_1 nor \p aead_alg_2 are
+ *                   a supported AEAD algorithm.
+ */
+#define MBEDTLS_PSA_ALG_AEAD_EQUAL(aead_alg_1, aead_alg_2) \
+    (!(((aead_alg_1) ^ (aead_alg_2)) & \
+       ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)))
+
+/**@}*/
+
+#endif /* PSA_CRYPTO_VALUES_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/.gitignore b/3rdparty/mbedtls-2.28.7/library/.gitignore
new file mode 100644
index 0000000..9aa6322
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/.gitignore
@@ -0,0 +1,3 @@
+libmbed*
+*.sln
+*.vcxproj
diff --git a/3rdparty/mbedtls-2.28.7/library/CMakeLists.txt b/3rdparty/mbedtls-2.28.7/library/CMakeLists.txt
new file mode 100644
index 0000000..1b2980d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/CMakeLists.txt
@@ -0,0 +1,251 @@
+option(USE_STATIC_MBEDTLS_LIBRARY "Build Mbed TLS static library." ON)
+option(USE_SHARED_MBEDTLS_LIBRARY "Build Mbed TLS shared library." OFF)
+option(LINK_WITH_PTHREAD "Explicitly link Mbed TLS library to pthread." OFF)
+option(LINK_WITH_TRUSTED_STORAGE "Explicitly link Mbed TLS library to trusted_storage." OFF)
+
+# Set the project root directory if it's not already defined, as may happen if
+# the library folder is included directly by a parent project, without
+# including the top level CMakeLists.txt.
+if(NOT DEFINED MBEDTLS_DIR)
+    set(MBEDTLS_DIR ${CMAKE_SOURCE_DIR})
+endif()
+
+set(src_crypto
+    aes.c
+    aesni.c
+    arc4.c
+    aria.c
+    asn1parse.c
+    asn1write.c
+    base64.c
+    bignum.c
+    blowfish.c
+    camellia.c
+    ccm.c
+    chacha20.c
+    chachapoly.c
+    cipher.c
+    cipher_wrap.c
+    constant_time.c
+    cmac.c
+    ctr_drbg.c
+    des.c
+    dhm.c
+    ecdh.c
+    ecdsa.c
+    ecjpake.c
+    ecp.c
+    ecp_curves.c
+    entropy.c
+    entropy_poll.c
+    error.c
+    gcm.c
+    havege.c
+    hkdf.c
+    hmac_drbg.c
+    md.c
+    md2.c
+    md4.c
+    md5.c
+    memory_buffer_alloc.c
+    mps_reader.c
+    mps_trace.c
+    nist_kw.c
+    oid.c
+    padlock.c
+    pem.c
+    pk.c
+    pk_wrap.c
+    pkcs12.c
+    pkcs5.c
+    pkparse.c
+    pkwrite.c
+    platform.c
+    platform_util.c
+    poly1305.c
+    psa_crypto.c
+    psa_crypto_aead.c
+    psa_crypto_cipher.c
+    psa_crypto_client.c
+    psa_crypto_driver_wrappers.c
+    psa_crypto_ecp.c
+    psa_crypto_hash.c
+    psa_crypto_mac.c
+    psa_crypto_rsa.c
+    psa_crypto_se.c
+    psa_crypto_slot_management.c
+    psa_crypto_storage.c
+    psa_its_file.c
+    ripemd160.c
+    rsa.c
+    rsa_internal.c
+    sha1.c
+    sha256.c
+    sha512.c
+    threading.c
+    timing.c
+    version.c
+    version_features.c
+    xtea.c
+)
+
+list(APPEND src_crypto ${thirdparty_src})
+
+set(src_x509
+    certs.c
+    pkcs11.c
+    x509.c
+    x509_create.c
+    x509_crl.c
+    x509_crt.c
+    x509_csr.c
+    x509write_crt.c
+    x509write_csr.c
+)
+
+set(src_tls
+    debug.c
+    net_sockets.c
+    ssl_cache.c
+    ssl_ciphersuites.c
+    ssl_cli.c
+    ssl_cookie.c
+    ssl_msg.c
+    ssl_srv.c
+    ssl_ticket.c
+    ssl_tls.c
+    ssl_tls13_keys.c
+)
+
+if(CMAKE_COMPILER_IS_GNUCC)
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes")
+endif(CMAKE_COMPILER_IS_GNUCC)
+
+if(CMAKE_COMPILER_IS_CLANG)
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code")
+endif(CMAKE_COMPILER_IS_CLANG)
+
+if(WIN32)
+    set(libs ${libs} ws2_32)
+endif(WIN32)
+
+if(${CMAKE_SYSTEM_NAME} MATCHES "Darwin")
+    SET(CMAKE_C_ARCHIVE_CREATE   "<CMAKE_AR> Scr <TARGET> <LINK_FLAGS> <OBJECTS>")
+    SET(CMAKE_CXX_ARCHIVE_CREATE "<CMAKE_AR> Scr <TARGET> <LINK_FLAGS> <OBJECTS>")
+    SET(CMAKE_C_ARCHIVE_FINISH   "<CMAKE_RANLIB> -no_warning_for_no_symbols -c <TARGET>")
+    SET(CMAKE_CXX_ARCHIVE_FINISH "<CMAKE_RANLIB> -no_warning_for_no_symbols -c <TARGET>")
+endif()
+
+if(HAIKU)
+    set(libs ${libs} network)
+endif(HAIKU)
+
+if(USE_PKCS11_HELPER_LIBRARY)
+    set(libs ${libs} pkcs11-helper)
+endif(USE_PKCS11_HELPER_LIBRARY)
+
+if(ENABLE_ZLIB_SUPPORT)
+    set(libs ${libs} ${ZLIB_LIBRARIES})
+endif(ENABLE_ZLIB_SUPPORT)
+
+if(LINK_WITH_PTHREAD)
+    set(libs ${libs} pthread)
+endif()
+
+if(LINK_WITH_TRUSTED_STORAGE)
+    set(libs ${libs} trusted_storage)
+endif()
+
+if (NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY)
+    message(FATAL_ERROR "Need to choose static or shared mbedtls build!")
+endif(NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY)
+
+set(mbedtls_target    "${MBEDTLS_TARGET_PREFIX}mbedtls")
+set(mbedx509_target   "${MBEDTLS_TARGET_PREFIX}mbedx509")
+set(mbedcrypto_target "${MBEDTLS_TARGET_PREFIX}mbedcrypto")
+
+set(mbedtls_target    ${mbedtls_target}    PARENT_SCOPE)
+set(mbedx509_target   ${mbedx509_target}   PARENT_SCOPE)
+set(mbedcrypto_target ${mbedcrypto_target} PARENT_SCOPE)
+
+if (USE_STATIC_MBEDTLS_LIBRARY)
+    set(mbedtls_static_target    ${mbedtls_target})
+    set(mbedx509_static_target   ${mbedx509_target})
+    set(mbedcrypto_static_target ${mbedcrypto_target})
+endif()
+
+set(target_libraries ${mbedcrypto_target} ${mbedx509_target} ${mbedtls_target})
+
+if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
+    string(APPEND mbedtls_static_target    "_static")
+    string(APPEND mbedx509_static_target   "_static")
+    string(APPEND mbedcrypto_static_target "_static")
+
+    list(APPEND target_libraries
+        ${mbedcrypto_static_target}
+        ${mbedx509_static_target}
+        ${mbedtls_static_target})
+endif()
+
+if(USE_STATIC_MBEDTLS_LIBRARY)
+    add_library(${mbedcrypto_static_target} STATIC ${src_crypto})
+    set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto)
+    target_link_libraries(${mbedcrypto_static_target} PUBLIC ${libs})
+
+    add_library(${mbedx509_static_target} STATIC ${src_x509})
+    set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509)
+    target_link_libraries(${mbedx509_static_target} PUBLIC ${libs} ${mbedcrypto_static_target})
+
+    add_library(${mbedtls_static_target} STATIC ${src_tls})
+    set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls)
+    target_link_libraries(${mbedtls_static_target} PUBLIC ${libs} ${mbedx509_static_target})
+endif(USE_STATIC_MBEDTLS_LIBRARY)
+
+if(USE_SHARED_MBEDTLS_LIBRARY)
+    set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR})
+    add_library(${mbedcrypto_target} SHARED ${src_crypto})
+    set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 2.28.7 SOVERSION 7)
+    target_link_libraries(${mbedcrypto_target} PUBLIC ${libs})
+
+    add_library(${mbedx509_target} SHARED ${src_x509})
+    set_target_properties(${mbedx509_target} PROPERTIES VERSION 2.28.7 SOVERSION 1)
+    target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target})
+
+    add_library(${mbedtls_target} SHARED ${src_tls})
+    set_target_properties(${mbedtls_target} PROPERTIES VERSION 2.28.7 SOVERSION 14)
+    target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target})
+endif(USE_SHARED_MBEDTLS_LIBRARY)
+
+foreach(target IN LISTS target_libraries)
+    # Include public header files from /include and other directories
+    # declared by /3rdparty/**/CMakeLists.txt. Include private header files
+    # from /library and others declared by /3rdparty/**/CMakeLists.txt.
+    # /library needs to be listed explicitly when building .c files outside
+    # of /library (which currently means: under /3rdparty).
+    target_include_directories(${target}
+        PUBLIC ${MBEDTLS_DIR}/include/
+        PUBLIC ${thirdparty_inc_public}
+        PRIVATE ${MBEDTLS_DIR}/library/
+        PRIVATE ${thirdparty_inc})
+    target_compile_definitions(${target}
+        PRIVATE ${thirdparty_def})
+    # Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE
+    if(MBEDTLS_CONFIG_FILE)
+        target_compile_definitions(${target}
+            PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}")
+    endif()
+    if(MBEDTLS_USER_CONFIG_FILE)
+        target_compile_definitions(${target}
+            PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}")
+    endif()
+    install(TARGETS ${target}
+            DESTINATION ${LIB_INSTALL_DIR}
+            PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
+endforeach(target)
+
+set(lib_target "${MBEDTLS_TARGET_PREFIX}lib")
+
+add_custom_target(${lib_target} DEPENDS ${mbedcrypto_target} ${mbedx509_target} ${mbedtls_target})
+if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
+    add_dependencies(${lib_target} ${mbedcrypto_static_target} ${mbedx509_static_target} ${mbedtls_static_target})
+endif()
diff --git a/3rdparty/mbedtls-2.28.7/library/Makefile b/3rdparty/mbedtls-2.28.7/library/Makefile
new file mode 100644
index 0000000..b011e88
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/Makefile
@@ -0,0 +1,302 @@
+
+# Also see "include/mbedtls/config.h"
+
+CFLAGS	?= -O2
+WARNING_CFLAGS ?=  -Wall -Wextra -Wformat=2 -Wno-format-nonliteral
+LDFLAGS ?=
+
+# Include ../include for public headers and . for private headers.
+# Note that . needs to be included explicitly for the sake of library
+# files that are not in the /library directory (which currently means
+# under /3rdparty).
+LOCAL_CFLAGS = $(WARNING_CFLAGS) -I. -I../include -D_FILE_OFFSET_BITS=64
+LOCAL_LDFLAGS =
+
+ifdef DEBUG
+LOCAL_CFLAGS += -g3
+endif
+
+# MicroBlaze specific options:
+# CFLAGS += -mno-xl-soft-mul -mxl-barrel-shift
+
+# To compile on Plan9:
+# CFLAGS += -D_BSD_EXTENSION
+
+# if were running on Windows build for Windows
+ifdef WINDOWS
+WINDOWS_BUILD=1
+else ifeq ($(shell uname -s),Darwin)
+ifeq ($(AR),ar)
+APPLE_BUILD ?= 1
+endif
+endif
+
+# To compile as a shared library:
+ifdef SHARED
+# all code is position-indep with mingw, avoid warning about useless flag
+ifndef WINDOWS_BUILD
+LOCAL_CFLAGS += -fPIC -fpic
+endif
+endif
+
+SOEXT_TLS=so.14
+SOEXT_X509=so.1
+SOEXT_CRYPTO=so.7
+
+# Set AR_DASH= (empty string) to use an ar implementation that does not accept
+# the - prefix for command line options (e.g. llvm-ar)
+AR_DASH ?= -
+
+ARFLAGS = $(AR_DASH)src
+ifdef APPLE_BUILD
+ifneq ($(APPLE_BUILD),0)
+ARFLAGS = $(AR_DASH)Src
+RLFLAGS = -no_warning_for_no_symbols -c
+RL ?= ranlib
+endif
+endif
+
+DLEXT ?= so
+ifdef WINDOWS_BUILD
+# Windows shared library extension:
+DLEXT = dll
+else ifdef APPLE_BUILD
+ifneq ($(APPLE_BUILD),0)
+# Mac OS X shared library extension:
+DLEXT = dylib
+endif
+endif
+
+OBJS_CRYPTO= \
+	     aes.o \
+	     aesni.o \
+	     arc4.o \
+	     aria.o \
+	     asn1parse.o \
+	     asn1write.o \
+	     base64.o \
+	     bignum.o \
+	     blowfish.o \
+	     camellia.o \
+	     ccm.o \
+	     chacha20.o \
+	     chachapoly.o \
+	     cipher.o \
+	     cipher_wrap.o \
+	     cmac.o \
+	     constant_time.o \
+	     ctr_drbg.o \
+	     des.o \
+	     dhm.o \
+	     ecdh.o \
+	     ecdsa.o \
+	     ecjpake.o \
+	     ecp.o \
+	     ecp_curves.o \
+	     entropy.o \
+	     entropy_poll.o \
+	     error.o \
+	     gcm.o \
+	     havege.o \
+	     hkdf.o \
+	     hmac_drbg.o \
+	     md.o \
+	     md2.o \
+	     md4.o \
+	     md5.o \
+	     memory_buffer_alloc.o \
+	     mps_reader.o \
+	     mps_trace.o \
+	     nist_kw.o \
+	     oid.o \
+	     padlock.o \
+	     pem.o \
+	     pk.o \
+	     pk_wrap.o \
+	     pkcs12.o \
+	     pkcs5.o \
+	     pkparse.o \
+	     pkwrite.o \
+	     platform.o \
+	     platform_util.o \
+	     poly1305.o \
+	     psa_crypto.o \
+	     psa_crypto_aead.o \
+	     psa_crypto_cipher.o \
+	     psa_crypto_client.o \
+	     psa_crypto_driver_wrappers.o \
+	     psa_crypto_ecp.o \
+	     psa_crypto_hash.o \
+	     psa_crypto_mac.o \
+	     psa_crypto_rsa.o \
+	     psa_crypto_se.o \
+	     psa_crypto_slot_management.o \
+	     psa_crypto_storage.o \
+	     psa_its_file.o \
+	     ripemd160.o \
+	     rsa.o \
+	     rsa_internal.o \
+	     sha1.o \
+	     sha256.o \
+	     sha512.o \
+	     threading.o \
+	     timing.o \
+	     version.o \
+	     version_features.o \
+	     xtea.o \
+	     # This line is intentionally left blank
+
+include ../3rdparty/Makefile.inc
+LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES)
+OBJS_CRYPTO+=$(THIRDPARTY_CRYPTO_OBJECTS)
+
+OBJS_X509= \
+	   certs.o \
+	   pkcs11.o \
+	   x509.o \
+	   x509_create.o \
+	   x509_crl.o \
+	   x509_crt.o \
+	   x509_csr.o \
+	   x509write_crt.o \
+	   x509write_csr.o \
+	   # This line is intentionally left blank
+
+OBJS_TLS= \
+	  debug.o \
+	  net_sockets.o \
+	  ssl_cache.o \
+	  ssl_ciphersuites.o \
+	  ssl_cli.o \
+	  ssl_cookie.o \
+	  ssl_msg.o \
+	  ssl_srv.o \
+	  ssl_ticket.o \
+	  ssl_tls.o \
+	  ssl_tls13_keys.o \
+	  # This line is intentionally left blank
+
+.SILENT:
+
+.PHONY: all static shared clean
+
+ifndef SHARED
+all: static
+else
+all: shared static
+endif
+
+ifdef TEST_TIMING_ALT_IMPL
+OBJS_CRYPTO += external_timing_for_test.o
+external_timing_for_test.o: ../tests/src/external_timing/external_timing_for_test.c
+	echo "  CC    $<"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $<
+endif
+
+static: libmbedcrypto.a libmbedx509.a libmbedtls.a
+	cd ../tests && echo "This is a seedfile that contains 64 bytes (65 on Windows)......" > seedfile
+
+shared: libmbedcrypto.$(DLEXT) libmbedx509.$(DLEXT) libmbedtls.$(DLEXT)
+
+# Windows builds under Mingw can fail if make tries to create archives in the same
+# directory at the same time - see https://bugs.launchpad.net/gcc-arm-embedded/+bug/1848002.
+# This forces builds of the .a files to be serialised.
+ifdef WINDOWS
+libmbedtls.a: | libmbedx509.a
+libmbedx509.a: | libmbedcrypto.a
+endif
+
+# tls
+libmbedtls.a: $(OBJS_TLS)
+	echo "  AR    $@"
+	$(AR) $(ARFLAGS) $@ $(OBJS_TLS)
+ifdef APPLE_BUILD
+ifneq ($(APPLE_BUILD),0)
+	echo "  RL    $@"
+	$(RL) $(RLFLAGS) $@
+endif
+endif
+
+libmbedtls.$(SOEXT_TLS): $(OBJS_TLS) libmbedx509.so
+	echo "  LD    $@"
+	$(CC) -shared -Wl,-soname,$@ -o $@ $(OBJS_TLS) -L. -lmbedx509 -lmbedcrypto $(LOCAL_LDFLAGS) $(LDFLAGS)
+
+libmbedtls.so: libmbedtls.$(SOEXT_TLS)
+	echo "  LN    $@ -> $<"
+	ln -sf $< $@
+
+libmbedtls.dylib: $(OBJS_TLS) libmbedx509.dylib
+	echo "  LD    $@"
+	$(CC) -dynamiclib -o $@ $(OBJS_TLS) -L. -lmbedx509 -lmbedcrypto $(LOCAL_LDFLAGS) $(LDFLAGS)
+
+libmbedtls.dll: $(OBJS_TLS) libmbedx509.dll
+	echo "  LD    $@"
+	$(CC) -shared -Wl,-soname,$@ -Wl,--out-implib,$@.a -o $@ $(OBJS_TLS) -lws2_32 -lwinmm -lgdi32 -L. -lmbedx509 -lmbedcrypto -static-libgcc $(LOCAL_LDFLAGS) $(LDFLAGS)
+
+# x509
+libmbedx509.a: $(OBJS_X509)
+	echo "  AR    $@"
+	$(AR) $(ARFLAGS) $@ $(OBJS_X509)
+ifdef APPLE_BUILD
+ifneq ($(APPLE_BUILD),0)
+	echo "  RL    $@"
+	$(RL) $(RLFLAGS) $@
+endif
+endif
+
+libmbedx509.$(SOEXT_X509): $(OBJS_X509) libmbedcrypto.so
+	echo "  LD    $@"
+	$(CC) -shared -Wl,-soname,$@ -o $@ $(OBJS_X509) -L. -lmbedcrypto $(LOCAL_LDFLAGS) $(LDFLAGS)
+
+libmbedx509.so: libmbedx509.$(SOEXT_X509)
+	echo "  LN    $@ -> $<"
+	ln -sf $< $@
+
+libmbedx509.dylib: $(OBJS_X509) libmbedcrypto.dylib
+	echo "  LD    $@"
+	$(CC) -dynamiclib -o $@ $(OBJS_X509) -L. -lmbedcrypto  $(LOCAL_LDFLAGS) $(LDFLAGS)
+
+libmbedx509.dll: $(OBJS_X509) libmbedcrypto.dll
+	echo "  LD    $@"
+	$(CC) -shared -Wl,-soname,$@ -Wl,--out-implib,$@.a -o $@ $(OBJS_X509) -lws2_32 -lwinmm -lgdi32 -L. -lmbedcrypto -static-libgcc $(LOCAL_LDFLAGS) $(LDFLAGS)
+
+# crypto
+libmbedcrypto.a: $(OBJS_CRYPTO)
+	echo "  AR    $@"
+	$(AR) $(ARFLAGS) $@ $(OBJS_CRYPTO)
+ifdef APPLE_BUILD
+ifneq ($(APPLE_BUILD),0)
+	echo "  RL    $@"
+	$(RL) $(RLFLAGS) $@
+endif
+endif
+
+libmbedcrypto.$(SOEXT_CRYPTO): $(OBJS_CRYPTO)
+	echo "  LD    $@"
+	$(CC) -shared -Wl,-soname,$@ -o $@ $(OBJS_CRYPTO) $(LOCAL_LDFLAGS) $(LDFLAGS)
+
+libmbedcrypto.so: libmbedcrypto.$(SOEXT_CRYPTO)
+	echo "  LN    $@ -> $<"
+	ln -sf $< $@
+
+libmbedcrypto.dylib: $(OBJS_CRYPTO)
+	echo "  LD    $@"
+	$(CC) -dynamiclib -o $@ $(OBJS_CRYPTO) $(LOCAL_LDFLAGS) $(LDFLAGS)
+
+libmbedcrypto.dll: $(OBJS_CRYPTO)
+	echo "  LD    $@"
+	$(CC) -shared -Wl,-soname,$@ -Wl,--out-implib,$@.a -o $@ $(OBJS_CRYPTO) -lws2_32 -lwinmm -lgdi32 -static-libgcc $(LOCAL_LDFLAGS) $(LDFLAGS)
+
+.c.o:
+	echo "  CC    $<"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $<
+
+clean:
+ifndef WINDOWS
+	rm -f *.o libmbed*
+	rm -f $(THIRDPARTY_CRYPTO_OBJECTS)
+else
+	if exist *.o del /Q /F *.o
+	if exist libmbed* del /Q /F libmbed*
+	del /Q /F del_errors_out_if_the_file_list_is_empty_but_not_if_a_file_does_not_exist $(subst /,\,$(THIRDPARTY_CRYPTO_OBJECTS))
+endif
diff --git a/3rdparty/mbedtls-2.28.7/library/aes.c b/3rdparty/mbedtls-2.28.7/library/aes.c
new file mode 100644
index 0000000..24d7ab9
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/aes.c
@@ -0,0 +1,2265 @@
+/*
+ *  FIPS-197 compliant AES implementation
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  The AES block cipher was designed by Vincent Rijmen and Joan Daemen.
+ *
+ *  https://csrc.nist.gov/csrc/media/projects/cryptographic-standards-and-guidelines/documents/aes-development/rijndael-ammended.pdf
+ *  http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_AES_C)
+
+#include <string.h>
+
+#include "mbedtls/aes.h"
+#include "mbedtls/platform.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+#if defined(MBEDTLS_PADLOCK_C)
+#include "mbedtls/padlock.h"
+#endif
+#if defined(MBEDTLS_AESNI_C)
+#include "mbedtls/aesni.h"
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_AES_ALT)
+
+/* Parameter validation macros based on platform_util.h */
+#define AES_VALIDATE_RET(cond)    \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_AES_BAD_INPUT_DATA)
+#define AES_VALIDATE(cond)        \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)
+static int aes_padlock_ace = -1;
+#endif
+
+#if defined(MBEDTLS_AES_ROM_TABLES)
+/*
+ * Forward S-box
+ */
+#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
+    !defined(MBEDTLS_AES_SETKEY_DEC_ALT)
+static const unsigned char FSb[256] =
+{
+    0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5,
+    0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76,
+    0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0,
+    0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0,
+    0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC,
+    0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15,
+    0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A,
+    0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75,
+    0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0,
+    0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84,
+    0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B,
+    0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF,
+    0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85,
+    0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8,
+    0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5,
+    0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2,
+    0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17,
+    0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73,
+    0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88,
+    0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB,
+    0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C,
+    0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79,
+    0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9,
+    0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08,
+    0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6,
+    0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A,
+    0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E,
+    0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E,
+    0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94,
+    0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF,
+    0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68,
+    0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16
+};
+#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
+          !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */
+
+/*
+ * Forward tables
+ */
+#define FT \
+\
+    V(A5, 63, 63, C6), V(84, 7C, 7C, F8), V(99, 77, 77, EE), V(8D, 7B, 7B, F6), \
+    V(0D, F2, F2, FF), V(BD, 6B, 6B, D6), V(B1, 6F, 6F, DE), V(54, C5, C5, 91), \
+    V(50, 30, 30, 60), V(03, 01, 01, 02), V(A9, 67, 67, CE), V(7D, 2B, 2B, 56), \
+    V(19, FE, FE, E7), V(62, D7, D7, B5), V(E6, AB, AB, 4D), V(9A, 76, 76, EC), \
+    V(45, CA, CA, 8F), V(9D, 82, 82, 1F), V(40, C9, C9, 89), V(87, 7D, 7D, FA), \
+    V(15, FA, FA, EF), V(EB, 59, 59, B2), V(C9, 47, 47, 8E), V(0B, F0, F0, FB), \
+    V(EC, AD, AD, 41), V(67, D4, D4, B3), V(FD, A2, A2, 5F), V(EA, AF, AF, 45), \
+    V(BF, 9C, 9C, 23), V(F7, A4, A4, 53), V(96, 72, 72, E4), V(5B, C0, C0, 9B), \
+    V(C2, B7, B7, 75), V(1C, FD, FD, E1), V(AE, 93, 93, 3D), V(6A, 26, 26, 4C), \
+    V(5A, 36, 36, 6C), V(41, 3F, 3F, 7E), V(02, F7, F7, F5), V(4F, CC, CC, 83), \
+    V(5C, 34, 34, 68), V(F4, A5, A5, 51), V(34, E5, E5, D1), V(08, F1, F1, F9), \
+    V(93, 71, 71, E2), V(73, D8, D8, AB), V(53, 31, 31, 62), V(3F, 15, 15, 2A), \
+    V(0C, 04, 04, 08), V(52, C7, C7, 95), V(65, 23, 23, 46), V(5E, C3, C3, 9D), \
+    V(28, 18, 18, 30), V(A1, 96, 96, 37), V(0F, 05, 05, 0A), V(B5, 9A, 9A, 2F), \
+    V(09, 07, 07, 0E), V(36, 12, 12, 24), V(9B, 80, 80, 1B), V(3D, E2, E2, DF), \
+    V(26, EB, EB, CD), V(69, 27, 27, 4E), V(CD, B2, B2, 7F), V(9F, 75, 75, EA), \
+    V(1B, 09, 09, 12), V(9E, 83, 83, 1D), V(74, 2C, 2C, 58), V(2E, 1A, 1A, 34), \
+    V(2D, 1B, 1B, 36), V(B2, 6E, 6E, DC), V(EE, 5A, 5A, B4), V(FB, A0, A0, 5B), \
+    V(F6, 52, 52, A4), V(4D, 3B, 3B, 76), V(61, D6, D6, B7), V(CE, B3, B3, 7D), \
+    V(7B, 29, 29, 52), V(3E, E3, E3, DD), V(71, 2F, 2F, 5E), V(97, 84, 84, 13), \
+    V(F5, 53, 53, A6), V(68, D1, D1, B9), V(00, 00, 00, 00), V(2C, ED, ED, C1), \
+    V(60, 20, 20, 40), V(1F, FC, FC, E3), V(C8, B1, B1, 79), V(ED, 5B, 5B, B6), \
+    V(BE, 6A, 6A, D4), V(46, CB, CB, 8D), V(D9, BE, BE, 67), V(4B, 39, 39, 72), \
+    V(DE, 4A, 4A, 94), V(D4, 4C, 4C, 98), V(E8, 58, 58, B0), V(4A, CF, CF, 85), \
+    V(6B, D0, D0, BB), V(2A, EF, EF, C5), V(E5, AA, AA, 4F), V(16, FB, FB, ED), \
+    V(C5, 43, 43, 86), V(D7, 4D, 4D, 9A), V(55, 33, 33, 66), V(94, 85, 85, 11), \
+    V(CF, 45, 45, 8A), V(10, F9, F9, E9), V(06, 02, 02, 04), V(81, 7F, 7F, FE), \
+    V(F0, 50, 50, A0), V(44, 3C, 3C, 78), V(BA, 9F, 9F, 25), V(E3, A8, A8, 4B), \
+    V(F3, 51, 51, A2), V(FE, A3, A3, 5D), V(C0, 40, 40, 80), V(8A, 8F, 8F, 05), \
+    V(AD, 92, 92, 3F), V(BC, 9D, 9D, 21), V(48, 38, 38, 70), V(04, F5, F5, F1), \
+    V(DF, BC, BC, 63), V(C1, B6, B6, 77), V(75, DA, DA, AF), V(63, 21, 21, 42), \
+    V(30, 10, 10, 20), V(1A, FF, FF, E5), V(0E, F3, F3, FD), V(6D, D2, D2, BF), \
+    V(4C, CD, CD, 81), V(14, 0C, 0C, 18), V(35, 13, 13, 26), V(2F, EC, EC, C3), \
+    V(E1, 5F, 5F, BE), V(A2, 97, 97, 35), V(CC, 44, 44, 88), V(39, 17, 17, 2E), \
+    V(57, C4, C4, 93), V(F2, A7, A7, 55), V(82, 7E, 7E, FC), V(47, 3D, 3D, 7A), \
+    V(AC, 64, 64, C8), V(E7, 5D, 5D, BA), V(2B, 19, 19, 32), V(95, 73, 73, E6), \
+    V(A0, 60, 60, C0), V(98, 81, 81, 19), V(D1, 4F, 4F, 9E), V(7F, DC, DC, A3), \
+    V(66, 22, 22, 44), V(7E, 2A, 2A, 54), V(AB, 90, 90, 3B), V(83, 88, 88, 0B), \
+    V(CA, 46, 46, 8C), V(29, EE, EE, C7), V(D3, B8, B8, 6B), V(3C, 14, 14, 28), \
+    V(79, DE, DE, A7), V(E2, 5E, 5E, BC), V(1D, 0B, 0B, 16), V(76, DB, DB, AD), \
+    V(3B, E0, E0, DB), V(56, 32, 32, 64), V(4E, 3A, 3A, 74), V(1E, 0A, 0A, 14), \
+    V(DB, 49, 49, 92), V(0A, 06, 06, 0C), V(6C, 24, 24, 48), V(E4, 5C, 5C, B8), \
+    V(5D, C2, C2, 9F), V(6E, D3, D3, BD), V(EF, AC, AC, 43), V(A6, 62, 62, C4), \
+    V(A8, 91, 91, 39), V(A4, 95, 95, 31), V(37, E4, E4, D3), V(8B, 79, 79, F2), \
+    V(32, E7, E7, D5), V(43, C8, C8, 8B), V(59, 37, 37, 6E), V(B7, 6D, 6D, DA), \
+    V(8C, 8D, 8D, 01), V(64, D5, D5, B1), V(D2, 4E, 4E, 9C), V(E0, A9, A9, 49), \
+    V(B4, 6C, 6C, D8), V(FA, 56, 56, AC), V(07, F4, F4, F3), V(25, EA, EA, CF), \
+    V(AF, 65, 65, CA), V(8E, 7A, 7A, F4), V(E9, AE, AE, 47), V(18, 08, 08, 10), \
+    V(D5, BA, BA, 6F), V(88, 78, 78, F0), V(6F, 25, 25, 4A), V(72, 2E, 2E, 5C), \
+    V(24, 1C, 1C, 38), V(F1, A6, A6, 57), V(C7, B4, B4, 73), V(51, C6, C6, 97), \
+    V(23, E8, E8, CB), V(7C, DD, DD, A1), V(9C, 74, 74, E8), V(21, 1F, 1F, 3E), \
+    V(DD, 4B, 4B, 96), V(DC, BD, BD, 61), V(86, 8B, 8B, 0D), V(85, 8A, 8A, 0F), \
+    V(90, 70, 70, E0), V(42, 3E, 3E, 7C), V(C4, B5, B5, 71), V(AA, 66, 66, CC), \
+    V(D8, 48, 48, 90), V(05, 03, 03, 06), V(01, F6, F6, F7), V(12, 0E, 0E, 1C), \
+    V(A3, 61, 61, C2), V(5F, 35, 35, 6A), V(F9, 57, 57, AE), V(D0, B9, B9, 69), \
+    V(91, 86, 86, 17), V(58, C1, C1, 99), V(27, 1D, 1D, 3A), V(B9, 9E, 9E, 27), \
+    V(38, E1, E1, D9), V(13, F8, F8, EB), V(B3, 98, 98, 2B), V(33, 11, 11, 22), \
+    V(BB, 69, 69, D2), V(70, D9, D9, A9), V(89, 8E, 8E, 07), V(A7, 94, 94, 33), \
+    V(B6, 9B, 9B, 2D), V(22, 1E, 1E, 3C), V(92, 87, 87, 15), V(20, E9, E9, C9), \
+    V(49, CE, CE, 87), V(FF, 55, 55, AA), V(78, 28, 28, 50), V(7A, DF, DF, A5), \
+    V(8F, 8C, 8C, 03), V(F8, A1, A1, 59), V(80, 89, 89, 09), V(17, 0D, 0D, 1A), \
+    V(DA, BF, BF, 65), V(31, E6, E6, D7), V(C6, 42, 42, 84), V(B8, 68, 68, D0), \
+    V(C3, 41, 41, 82), V(B0, 99, 99, 29), V(77, 2D, 2D, 5A), V(11, 0F, 0F, 1E), \
+    V(CB, B0, B0, 7B), V(FC, 54, 54, A8), V(D6, BB, BB, 6D), V(3A, 16, 16, 2C)
+
+#if !defined(MBEDTLS_AES_ENCRYPT_ALT)
+#define V(a, b, c, d) 0x##a##b##c##d
+static const uint32_t FT0[256] = { FT };
+#undef V
+
+#if !defined(MBEDTLS_AES_FEWER_TABLES)
+
+#define V(a, b, c, d) 0x##b##c##d##a
+static const uint32_t FT1[256] = { FT };
+#undef V
+
+#define V(a, b, c, d) 0x##c##d##a##b
+static const uint32_t FT2[256] = { FT };
+#undef V
+
+#define V(a, b, c, d) 0x##d##a##b##c
+static const uint32_t FT3[256] = { FT };
+#undef V
+
+#endif /* !MBEDTLS_AES_FEWER_TABLES */
+
+#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) */
+
+#undef FT
+
+#if !defined(MBEDTLS_AES_DECRYPT_ALT)
+/*
+ * Reverse S-box
+ */
+static const unsigned char RSb[256] =
+{
+    0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38,
+    0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB,
+    0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87,
+    0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB,
+    0x54, 0x7B, 0x94, 0x32, 0xA6, 0xC2, 0x23, 0x3D,
+    0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E,
+    0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2,
+    0x76, 0x5B, 0xA2, 0x49, 0x6D, 0x8B, 0xD1, 0x25,
+    0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16,
+    0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92,
+    0x6C, 0x70, 0x48, 0x50, 0xFD, 0xED, 0xB9, 0xDA,
+    0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84,
+    0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A,
+    0xF7, 0xE4, 0x58, 0x05, 0xB8, 0xB3, 0x45, 0x06,
+    0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02,
+    0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B,
+    0x3A, 0x91, 0x11, 0x41, 0x4F, 0x67, 0xDC, 0xEA,
+    0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73,
+    0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85,
+    0xE2, 0xF9, 0x37, 0xE8, 0x1C, 0x75, 0xDF, 0x6E,
+    0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89,
+    0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B,
+    0xFC, 0x56, 0x3E, 0x4B, 0xC6, 0xD2, 0x79, 0x20,
+    0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4,
+    0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31,
+    0xB1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xEC, 0x5F,
+    0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D,
+    0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF,
+    0xA0, 0xE0, 0x3B, 0x4D, 0xAE, 0x2A, 0xF5, 0xB0,
+    0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61,
+    0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26,
+    0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D
+};
+#endif /* defined(MBEDTLS_AES_DECRYPT_ALT)) */
+
+/*
+ * Reverse tables
+ */
+#define RT \
+\
+    V(50, A7, F4, 51), V(53, 65, 41, 7E), V(C3, A4, 17, 1A), V(96, 5E, 27, 3A), \
+    V(CB, 6B, AB, 3B), V(F1, 45, 9D, 1F), V(AB, 58, FA, AC), V(93, 03, E3, 4B), \
+    V(55, FA, 30, 20), V(F6, 6D, 76, AD), V(91, 76, CC, 88), V(25, 4C, 02, F5), \
+    V(FC, D7, E5, 4F), V(D7, CB, 2A, C5), V(80, 44, 35, 26), V(8F, A3, 62, B5), \
+    V(49, 5A, B1, DE), V(67, 1B, BA, 25), V(98, 0E, EA, 45), V(E1, C0, FE, 5D), \
+    V(02, 75, 2F, C3), V(12, F0, 4C, 81), V(A3, 97, 46, 8D), V(C6, F9, D3, 6B), \
+    V(E7, 5F, 8F, 03), V(95, 9C, 92, 15), V(EB, 7A, 6D, BF), V(DA, 59, 52, 95), \
+    V(2D, 83, BE, D4), V(D3, 21, 74, 58), V(29, 69, E0, 49), V(44, C8, C9, 8E), \
+    V(6A, 89, C2, 75), V(78, 79, 8E, F4), V(6B, 3E, 58, 99), V(DD, 71, B9, 27), \
+    V(B6, 4F, E1, BE), V(17, AD, 88, F0), V(66, AC, 20, C9), V(B4, 3A, CE, 7D), \
+    V(18, 4A, DF, 63), V(82, 31, 1A, E5), V(60, 33, 51, 97), V(45, 7F, 53, 62), \
+    V(E0, 77, 64, B1), V(84, AE, 6B, BB), V(1C, A0, 81, FE), V(94, 2B, 08, F9), \
+    V(58, 68, 48, 70), V(19, FD, 45, 8F), V(87, 6C, DE, 94), V(B7, F8, 7B, 52), \
+    V(23, D3, 73, AB), V(E2, 02, 4B, 72), V(57, 8F, 1F, E3), V(2A, AB, 55, 66), \
+    V(07, 28, EB, B2), V(03, C2, B5, 2F), V(9A, 7B, C5, 86), V(A5, 08, 37, D3), \
+    V(F2, 87, 28, 30), V(B2, A5, BF, 23), V(BA, 6A, 03, 02), V(5C, 82, 16, ED), \
+    V(2B, 1C, CF, 8A), V(92, B4, 79, A7), V(F0, F2, 07, F3), V(A1, E2, 69, 4E), \
+    V(CD, F4, DA, 65), V(D5, BE, 05, 06), V(1F, 62, 34, D1), V(8A, FE, A6, C4), \
+    V(9D, 53, 2E, 34), V(A0, 55, F3, A2), V(32, E1, 8A, 05), V(75, EB, F6, A4), \
+    V(39, EC, 83, 0B), V(AA, EF, 60, 40), V(06, 9F, 71, 5E), V(51, 10, 6E, BD), \
+    V(F9, 8A, 21, 3E), V(3D, 06, DD, 96), V(AE, 05, 3E, DD), V(46, BD, E6, 4D), \
+    V(B5, 8D, 54, 91), V(05, 5D, C4, 71), V(6F, D4, 06, 04), V(FF, 15, 50, 60), \
+    V(24, FB, 98, 19), V(97, E9, BD, D6), V(CC, 43, 40, 89), V(77, 9E, D9, 67), \
+    V(BD, 42, E8, B0), V(88, 8B, 89, 07), V(38, 5B, 19, E7), V(DB, EE, C8, 79), \
+    V(47, 0A, 7C, A1), V(E9, 0F, 42, 7C), V(C9, 1E, 84, F8), V(00, 00, 00, 00), \
+    V(83, 86, 80, 09), V(48, ED, 2B, 32), V(AC, 70, 11, 1E), V(4E, 72, 5A, 6C), \
+    V(FB, FF, 0E, FD), V(56, 38, 85, 0F), V(1E, D5, AE, 3D), V(27, 39, 2D, 36), \
+    V(64, D9, 0F, 0A), V(21, A6, 5C, 68), V(D1, 54, 5B, 9B), V(3A, 2E, 36, 24), \
+    V(B1, 67, 0A, 0C), V(0F, E7, 57, 93), V(D2, 96, EE, B4), V(9E, 91, 9B, 1B), \
+    V(4F, C5, C0, 80), V(A2, 20, DC, 61), V(69, 4B, 77, 5A), V(16, 1A, 12, 1C), \
+    V(0A, BA, 93, E2), V(E5, 2A, A0, C0), V(43, E0, 22, 3C), V(1D, 17, 1B, 12), \
+    V(0B, 0D, 09, 0E), V(AD, C7, 8B, F2), V(B9, A8, B6, 2D), V(C8, A9, 1E, 14), \
+    V(85, 19, F1, 57), V(4C, 07, 75, AF), V(BB, DD, 99, EE), V(FD, 60, 7F, A3), \
+    V(9F, 26, 01, F7), V(BC, F5, 72, 5C), V(C5, 3B, 66, 44), V(34, 7E, FB, 5B), \
+    V(76, 29, 43, 8B), V(DC, C6, 23, CB), V(68, FC, ED, B6), V(63, F1, E4, B8), \
+    V(CA, DC, 31, D7), V(10, 85, 63, 42), V(40, 22, 97, 13), V(20, 11, C6, 84), \
+    V(7D, 24, 4A, 85), V(F8, 3D, BB, D2), V(11, 32, F9, AE), V(6D, A1, 29, C7), \
+    V(4B, 2F, 9E, 1D), V(F3, 30, B2, DC), V(EC, 52, 86, 0D), V(D0, E3, C1, 77), \
+    V(6C, 16, B3, 2B), V(99, B9, 70, A9), V(FA, 48, 94, 11), V(22, 64, E9, 47), \
+    V(C4, 8C, FC, A8), V(1A, 3F, F0, A0), V(D8, 2C, 7D, 56), V(EF, 90, 33, 22), \
+    V(C7, 4E, 49, 87), V(C1, D1, 38, D9), V(FE, A2, CA, 8C), V(36, 0B, D4, 98), \
+    V(CF, 81, F5, A6), V(28, DE, 7A, A5), V(26, 8E, B7, DA), V(A4, BF, AD, 3F), \
+    V(E4, 9D, 3A, 2C), V(0D, 92, 78, 50), V(9B, CC, 5F, 6A), V(62, 46, 7E, 54), \
+    V(C2, 13, 8D, F6), V(E8, B8, D8, 90), V(5E, F7, 39, 2E), V(F5, AF, C3, 82), \
+    V(BE, 80, 5D, 9F), V(7C, 93, D0, 69), V(A9, 2D, D5, 6F), V(B3, 12, 25, CF), \
+    V(3B, 99, AC, C8), V(A7, 7D, 18, 10), V(6E, 63, 9C, E8), V(7B, BB, 3B, DB), \
+    V(09, 78, 26, CD), V(F4, 18, 59, 6E), V(01, B7, 9A, EC), V(A8, 9A, 4F, 83), \
+    V(65, 6E, 95, E6), V(7E, E6, FF, AA), V(08, CF, BC, 21), V(E6, E8, 15, EF), \
+    V(D9, 9B, E7, BA), V(CE, 36, 6F, 4A), V(D4, 09, 9F, EA), V(D6, 7C, B0, 29), \
+    V(AF, B2, A4, 31), V(31, 23, 3F, 2A), V(30, 94, A5, C6), V(C0, 66, A2, 35), \
+    V(37, BC, 4E, 74), V(A6, CA, 82, FC), V(B0, D0, 90, E0), V(15, D8, A7, 33), \
+    V(4A, 98, 04, F1), V(F7, DA, EC, 41), V(0E, 50, CD, 7F), V(2F, F6, 91, 17), \
+    V(8D, D6, 4D, 76), V(4D, B0, EF, 43), V(54, 4D, AA, CC), V(DF, 04, 96, E4), \
+    V(E3, B5, D1, 9E), V(1B, 88, 6A, 4C), V(B8, 1F, 2C, C1), V(7F, 51, 65, 46), \
+    V(04, EA, 5E, 9D), V(5D, 35, 8C, 01), V(73, 74, 87, FA), V(2E, 41, 0B, FB), \
+    V(5A, 1D, 67, B3), V(52, D2, DB, 92), V(33, 56, 10, E9), V(13, 47, D6, 6D), \
+    V(8C, 61, D7, 9A), V(7A, 0C, A1, 37), V(8E, 14, F8, 59), V(89, 3C, 13, EB), \
+    V(EE, 27, A9, CE), V(35, C9, 61, B7), V(ED, E5, 1C, E1), V(3C, B1, 47, 7A), \
+    V(59, DF, D2, 9C), V(3F, 73, F2, 55), V(79, CE, 14, 18), V(BF, 37, C7, 73), \
+    V(EA, CD, F7, 53), V(5B, AA, FD, 5F), V(14, 6F, 3D, DF), V(86, DB, 44, 78), \
+    V(81, F3, AF, CA), V(3E, C4, 68, B9), V(2C, 34, 24, 38), V(5F, 40, A3, C2), \
+    V(72, C3, 1D, 16), V(0C, 25, E2, BC), V(8B, 49, 3C, 28), V(41, 95, 0D, FF), \
+    V(71, 01, A8, 39), V(DE, B3, 0C, 08), V(9C, E4, B4, D8), V(90, C1, 56, 64), \
+    V(61, 84, CB, 7B), V(70, B6, 32, D5), V(74, 5C, 6C, 48), V(42, 57, B8, D0)
+
+#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)
+
+#define V(a, b, c, d) 0x##a##b##c##d
+static const uint32_t RT0[256] = { RT };
+#undef V
+
+#if !defined(MBEDTLS_AES_FEWER_TABLES)
+
+#define V(a, b, c, d) 0x##b##c##d##a
+static const uint32_t RT1[256] = { RT };
+#undef V
+
+#define V(a, b, c, d) 0x##c##d##a##b
+static const uint32_t RT2[256] = { RT };
+#undef V
+
+#define V(a, b, c, d) 0x##d##a##b##c
+static const uint32_t RT3[256] = { RT };
+#undef V
+
+#endif /* !MBEDTLS_AES_FEWER_TABLES */
+
+#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */
+
+#undef RT
+
+#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT)
+/*
+ * Round constants
+ */
+static const uint32_t RCON[10] =
+{
+    0x00000001, 0x00000002, 0x00000004, 0x00000008,
+    0x00000010, 0x00000020, 0x00000040, 0x00000080,
+    0x0000001B, 0x00000036
+};
+#endif /* !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */
+
+#else /* MBEDTLS_AES_ROM_TABLES */
+
+/*
+ * Forward S-box & tables
+ */
+#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
+    !defined(MBEDTLS_AES_SETKEY_DEC_ALT)
+static unsigned char FSb[256];
+#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
+          !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */
+#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT)
+static uint32_t FT0[256];
+#if !defined(MBEDTLS_AES_FEWER_TABLES)
+static uint32_t FT1[256];
+static uint32_t FT2[256];
+static uint32_t FT3[256];
+#endif /* !MBEDTLS_AES_FEWER_TABLES */
+#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */
+
+/*
+ * Reverse S-box & tables
+ */
+#if !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT))
+static unsigned char RSb[256];
+#endif /* !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) */
+
+#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)
+static uint32_t RT0[256];
+#if !defined(MBEDTLS_AES_FEWER_TABLES)
+static uint32_t RT1[256];
+static uint32_t RT2[256];
+static uint32_t RT3[256];
+#endif /* !MBEDTLS_AES_FEWER_TABLES */
+#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */
+
+#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT)
+/*
+ * Round constants
+ */
+static uint32_t RCON[10];
+
+/*
+ * Tables generation code
+ */
+#define ROTL8(x) (((x) << 8) & 0xFFFFFFFF) | ((x) >> 24)
+#define XTIME(x) (((x) << 1) ^ (((x) & 0x80) ? 0x1B : 0x00))
+#define MUL(x, y) (((x) && (y)) ? pow[(log[(x)]+log[(y)]) % 255] : 0)
+
+static int aes_init_done = 0;
+
+static void aes_gen_tables(void)
+{
+    int i, x, y, z;
+    int pow[256];
+    int log[256];
+
+    /*
+     * compute pow and log tables over GF(2^8)
+     */
+    for (i = 0, x = 1; i < 256; i++) {
+        pow[i] = x;
+        log[x] = i;
+        x = MBEDTLS_BYTE_0(x ^ XTIME(x));
+    }
+
+    /*
+     * calculate the round constants
+     */
+    for (i = 0, x = 1; i < 10; i++) {
+        RCON[i] = (uint32_t) x;
+        x = MBEDTLS_BYTE_0(XTIME(x));
+    }
+
+    /*
+     * generate the forward and reverse S-boxes
+     */
+    FSb[0x00] = 0x63;
+    RSb[0x63] = 0x00;
+
+    for (i = 1; i < 256; i++) {
+        x = pow[255 - log[i]];
+
+        y  = x; y = MBEDTLS_BYTE_0((y << 1) | (y >> 7));
+        x ^= y; y = MBEDTLS_BYTE_0((y << 1) | (y >> 7));
+        x ^= y; y = MBEDTLS_BYTE_0((y << 1) | (y >> 7));
+        x ^= y; y = MBEDTLS_BYTE_0((y << 1) | (y >> 7));
+        x ^= y ^ 0x63;
+
+        FSb[i] = (unsigned char) x;
+        RSb[x] = (unsigned char) i;
+    }
+
+    /*
+     * generate the forward and reverse tables
+     */
+    for (i = 0; i < 256; i++) {
+        x = FSb[i];
+        y = MBEDTLS_BYTE_0(XTIME(x));
+        z = MBEDTLS_BYTE_0(y ^ x);
+
+        FT0[i] = ((uint32_t) y) ^
+                 ((uint32_t) x <<  8) ^
+                 ((uint32_t) x << 16) ^
+                 ((uint32_t) z << 24);
+
+#if !defined(MBEDTLS_AES_FEWER_TABLES)
+        FT1[i] = ROTL8(FT0[i]);
+        FT2[i] = ROTL8(FT1[i]);
+        FT3[i] = ROTL8(FT2[i]);
+#endif /* !MBEDTLS_AES_FEWER_TABLES */
+
+        x = RSb[i];
+
+#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)
+        RT0[i] = ((uint32_t) MUL(0x0E, x)) ^
+                 ((uint32_t) MUL(0x09, x) <<  8) ^
+                 ((uint32_t) MUL(0x0D, x) << 16) ^
+                 ((uint32_t) MUL(0x0B, x) << 24);
+
+#if !defined(MBEDTLS_AES_FEWER_TABLES)
+        RT1[i] = ROTL8(RT0[i]);
+        RT2[i] = ROTL8(RT1[i]);
+        RT3[i] = ROTL8(RT2[i]);
+#endif /* !MBEDTLS_AES_FEWER_TABLES */
+#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */
+    }
+}
+
+#endif /* !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */
+
+#undef ROTL8
+
+#endif /* MBEDTLS_AES_ROM_TABLES */
+
+#if defined(MBEDTLS_AES_FEWER_TABLES)
+
+#define ROTL8(x)  ((uint32_t) ((x) <<  8) + (uint32_t) ((x) >> 24))
+#define ROTL16(x) ((uint32_t) ((x) << 16) + (uint32_t) ((x) >> 16))
+#define ROTL24(x) ((uint32_t) ((x) << 24) + (uint32_t) ((x) >>  8))
+
+#define AES_RT0(idx) RT0[idx]
+#define AES_RT1(idx) ROTL8(RT0[idx])
+#define AES_RT2(idx) ROTL16(RT0[idx])
+#define AES_RT3(idx) ROTL24(RT0[idx])
+
+#define AES_FT0(idx) FT0[idx]
+#define AES_FT1(idx) ROTL8(FT0[idx])
+#define AES_FT2(idx) ROTL16(FT0[idx])
+#define AES_FT3(idx) ROTL24(FT0[idx])
+
+#else /* MBEDTLS_AES_FEWER_TABLES */
+
+#define AES_RT0(idx) RT0[idx]
+#define AES_RT1(idx) RT1[idx]
+#define AES_RT2(idx) RT2[idx]
+#define AES_RT3(idx) RT3[idx]
+
+#define AES_FT0(idx) FT0[idx]
+#define AES_FT1(idx) FT1[idx]
+#define AES_FT2(idx) FT2[idx]
+#define AES_FT3(idx) FT3[idx]
+
+#endif /* MBEDTLS_AES_FEWER_TABLES */
+
+void mbedtls_aes_init(mbedtls_aes_context *ctx)
+{
+    AES_VALIDATE(ctx != NULL);
+
+    memset(ctx, 0, sizeof(mbedtls_aes_context));
+}
+
+void mbedtls_aes_free(mbedtls_aes_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_aes_context));
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+void mbedtls_aes_xts_init(mbedtls_aes_xts_context *ctx)
+{
+    AES_VALIDATE(ctx != NULL);
+
+    mbedtls_aes_init(&ctx->crypt);
+    mbedtls_aes_init(&ctx->tweak);
+}
+
+void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_aes_free(&ctx->crypt);
+    mbedtls_aes_free(&ctx->tweak);
+}
+#endif /* MBEDTLS_CIPHER_MODE_XTS */
+
+/* Some implementations need the round keys to be aligned.
+ * Return an offset to be added to buf, such that (buf + offset) is
+ * correctly aligned.
+ * Note that the offset is in units of elements of buf, i.e. 32-bit words,
+ * i.e. an offset of 1 means 4 bytes and so on.
+ */
+#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) || \
+    (defined(MBEDTLS_AESNI_C) && MBEDTLS_AESNI_HAVE_CODE == 2)
+#define MAY_NEED_TO_ALIGN
+#endif
+
+#if defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || \
+    !defined(MBEDTLS_AES_SETKEY_ENC_ALT)
+static unsigned mbedtls_aes_rk_offset(uint32_t *buf)
+{
+#if defined(MAY_NEED_TO_ALIGN)
+    int align_16_bytes = 0;
+
+#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)
+    if (aes_padlock_ace == -1) {
+        aes_padlock_ace = mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE);
+    }
+    if (aes_padlock_ace) {
+        align_16_bytes = 1;
+    }
+#endif
+
+#if defined(MBEDTLS_AESNI_C) && MBEDTLS_AESNI_HAVE_CODE == 2
+    if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) {
+        align_16_bytes = 1;
+    }
+#endif
+
+    if (align_16_bytes) {
+        /* These implementations needs 16-byte alignment
+         * for the round key array. */
+        unsigned delta = ((uintptr_t) buf & 0x0000000fU) / 4;
+        if (delta == 0) {
+            return 0;
+        } else {
+            return 4 - delta; // 16 bytes = 4 uint32_t
+        }
+    }
+#else /* MAY_NEED_TO_ALIGN */
+    (void) buf;
+#endif /* MAY_NEED_TO_ALIGN */
+
+    return 0;
+}
+#endif /* defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || \
+          !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */
+
+/*
+ * AES key schedule (encryption)
+ */
+#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT)
+int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
+                           unsigned int keybits)
+{
+    unsigned int i;
+    uint32_t *RK;
+
+    AES_VALIDATE_RET(ctx != NULL);
+    AES_VALIDATE_RET(key != NULL);
+
+    switch (keybits) {
+        case 128: ctx->nr = 10; break;
+        case 192: ctx->nr = 12; break;
+        case 256: ctx->nr = 14; break;
+        default: return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH;
+    }
+
+#if !defined(MBEDTLS_AES_ROM_TABLES)
+    if (aes_init_done == 0) {
+        aes_gen_tables();
+        aes_init_done = 1;
+    }
+#endif
+
+    ctx->rk = RK = ctx->buf + mbedtls_aes_rk_offset(ctx->buf);
+
+#if defined(MBEDTLS_AESNI_HAVE_CODE)
+    if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) {
+        return mbedtls_aesni_setkey_enc((unsigned char *) ctx->rk, key, keybits);
+    }
+#endif
+
+    for (i = 0; i < (keybits >> 5); i++) {
+        RK[i] = MBEDTLS_GET_UINT32_LE(key, i << 2);
+    }
+
+    switch (ctx->nr) {
+        case 10:
+
+            for (i = 0; i < 10; i++, RK += 4) {
+                RK[4]  = RK[0] ^ RCON[i] ^
+                         ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[3])]) ^
+                         ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[3])] <<  8) ^
+                         ((uint32_t) FSb[MBEDTLS_BYTE_3(RK[3])] << 16) ^
+                         ((uint32_t) FSb[MBEDTLS_BYTE_0(RK[3])] << 24);
+
+                RK[5]  = RK[1] ^ RK[4];
+                RK[6]  = RK[2] ^ RK[5];
+                RK[7]  = RK[3] ^ RK[6];
+            }
+            break;
+
+        case 12:
+
+            for (i = 0; i < 8; i++, RK += 6) {
+                RK[6]  = RK[0] ^ RCON[i] ^
+                         ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[5])]) ^
+                         ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[5])] <<  8) ^
+                         ((uint32_t) FSb[MBEDTLS_BYTE_3(RK[5])] << 16) ^
+                         ((uint32_t) FSb[MBEDTLS_BYTE_0(RK[5])] << 24);
+
+                RK[7]  = RK[1] ^ RK[6];
+                RK[8]  = RK[2] ^ RK[7];
+                RK[9]  = RK[3] ^ RK[8];
+                RK[10] = RK[4] ^ RK[9];
+                RK[11] = RK[5] ^ RK[10];
+            }
+            break;
+
+        case 14:
+
+            for (i = 0; i < 7; i++, RK += 8) {
+                RK[8]  = RK[0] ^ RCON[i] ^
+                         ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[7])]) ^
+                         ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[7])] <<  8) ^
+                         ((uint32_t) FSb[MBEDTLS_BYTE_3(RK[7])] << 16) ^
+                         ((uint32_t) FSb[MBEDTLS_BYTE_0(RK[7])] << 24);
+
+                RK[9]  = RK[1] ^ RK[8];
+                RK[10] = RK[2] ^ RK[9];
+                RK[11] = RK[3] ^ RK[10];
+
+                RK[12] = RK[4] ^
+                         ((uint32_t) FSb[MBEDTLS_BYTE_0(RK[11])]) ^
+                         ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[11])] <<  8) ^
+                         ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[11])] << 16) ^
+                         ((uint32_t) FSb[MBEDTLS_BYTE_3(RK[11])] << 24);
+
+                RK[13] = RK[5] ^ RK[12];
+                RK[14] = RK[6] ^ RK[13];
+                RK[15] = RK[7] ^ RK[14];
+            }
+            break;
+    }
+
+    return 0;
+}
+#endif /* !MBEDTLS_AES_SETKEY_ENC_ALT */
+
+/*
+ * AES key schedule (decryption)
+ */
+#if !defined(MBEDTLS_AES_SETKEY_DEC_ALT)
+int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
+                           unsigned int keybits)
+{
+    int i, j, ret;
+    mbedtls_aes_context cty;
+    uint32_t *RK;
+    uint32_t *SK;
+
+    AES_VALIDATE_RET(ctx != NULL);
+    AES_VALIDATE_RET(key != NULL);
+
+    mbedtls_aes_init(&cty);
+
+    ctx->rk = RK = ctx->buf + mbedtls_aes_rk_offset(ctx->buf);
+
+    /* Also checks keybits */
+    if ((ret = mbedtls_aes_setkey_enc(&cty, key, keybits)) != 0) {
+        goto exit;
+    }
+
+    ctx->nr = cty.nr;
+
+#if defined(MBEDTLS_AESNI_HAVE_CODE)
+    if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) {
+        mbedtls_aesni_inverse_key((unsigned char *) ctx->rk,
+                                  (const unsigned char *) cty.rk, ctx->nr);
+        goto exit;
+    }
+#endif
+
+    SK = cty.rk + cty.nr * 4;
+
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+
+    for (i = ctx->nr - 1, SK -= 8; i > 0; i--, SK -= 8) {
+        for (j = 0; j < 4; j++, SK++) {
+            *RK++ = AES_RT0(FSb[MBEDTLS_BYTE_0(*SK)]) ^
+                    AES_RT1(FSb[MBEDTLS_BYTE_1(*SK)]) ^
+                    AES_RT2(FSb[MBEDTLS_BYTE_2(*SK)]) ^
+                    AES_RT3(FSb[MBEDTLS_BYTE_3(*SK)]);
+        }
+    }
+
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+
+exit:
+    mbedtls_aes_free(&cty);
+
+    return ret;
+}
+#endif /* !MBEDTLS_AES_SETKEY_DEC_ALT */
+
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+static int mbedtls_aes_xts_decode_keys(const unsigned char *key,
+                                       unsigned int keybits,
+                                       const unsigned char **key1,
+                                       unsigned int *key1bits,
+                                       const unsigned char **key2,
+                                       unsigned int *key2bits)
+{
+    const unsigned int half_keybits = keybits / 2;
+    const unsigned int half_keybytes = half_keybits / 8;
+
+    switch (keybits) {
+        case 256: break;
+        case 512: break;
+        default: return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH;
+    }
+
+    *key1bits = half_keybits;
+    *key2bits = half_keybits;
+    *key1 = &key[0];
+    *key2 = &key[half_keybytes];
+
+    return 0;
+}
+
+int mbedtls_aes_xts_setkey_enc(mbedtls_aes_xts_context *ctx,
+                               const unsigned char *key,
+                               unsigned int keybits)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const unsigned char *key1, *key2;
+    unsigned int key1bits, key2bits;
+
+    AES_VALIDATE_RET(ctx != NULL);
+    AES_VALIDATE_RET(key != NULL);
+
+    ret = mbedtls_aes_xts_decode_keys(key, keybits, &key1, &key1bits,
+                                      &key2, &key2bits);
+    if (ret != 0) {
+        return ret;
+    }
+
+    /* Set the tweak key. Always set tweak key for the encryption mode. */
+    ret = mbedtls_aes_setkey_enc(&ctx->tweak, key2, key2bits);
+    if (ret != 0) {
+        return ret;
+    }
+
+    /* Set crypt key for encryption. */
+    return mbedtls_aes_setkey_enc(&ctx->crypt, key1, key1bits);
+}
+
+int mbedtls_aes_xts_setkey_dec(mbedtls_aes_xts_context *ctx,
+                               const unsigned char *key,
+                               unsigned int keybits)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const unsigned char *key1, *key2;
+    unsigned int key1bits, key2bits;
+
+    AES_VALIDATE_RET(ctx != NULL);
+    AES_VALIDATE_RET(key != NULL);
+
+    ret = mbedtls_aes_xts_decode_keys(key, keybits, &key1, &key1bits,
+                                      &key2, &key2bits);
+    if (ret != 0) {
+        return ret;
+    }
+
+    /* Set the tweak key. Always set tweak key for encryption. */
+    ret = mbedtls_aes_setkey_enc(&ctx->tweak, key2, key2bits);
+    if (ret != 0) {
+        return ret;
+    }
+
+    /* Set crypt key for decryption. */
+    return mbedtls_aes_setkey_dec(&ctx->crypt, key1, key1bits);
+}
+#endif /* MBEDTLS_CIPHER_MODE_XTS */
+
+#define AES_FROUND(X0, X1, X2, X3, Y0, Y1, Y2, Y3)                 \
+    do                                                      \
+    {                                                       \
+        (X0) = *RK++ ^ AES_FT0(MBEDTLS_BYTE_0(Y0)) ^    \
+               AES_FT1(MBEDTLS_BYTE_1(Y1)) ^    \
+               AES_FT2(MBEDTLS_BYTE_2(Y2)) ^    \
+               AES_FT3(MBEDTLS_BYTE_3(Y3));     \
+                                                            \
+        (X1) = *RK++ ^ AES_FT0(MBEDTLS_BYTE_0(Y1)) ^    \
+               AES_FT1(MBEDTLS_BYTE_1(Y2)) ^    \
+               AES_FT2(MBEDTLS_BYTE_2(Y3)) ^    \
+               AES_FT3(MBEDTLS_BYTE_3(Y0));     \
+                                                            \
+        (X2) = *RK++ ^ AES_FT0(MBEDTLS_BYTE_0(Y2)) ^    \
+               AES_FT1(MBEDTLS_BYTE_1(Y3)) ^    \
+               AES_FT2(MBEDTLS_BYTE_2(Y0)) ^    \
+               AES_FT3(MBEDTLS_BYTE_3(Y1));     \
+                                                            \
+        (X3) = *RK++ ^ AES_FT0(MBEDTLS_BYTE_0(Y3)) ^    \
+               AES_FT1(MBEDTLS_BYTE_1(Y0)) ^    \
+               AES_FT2(MBEDTLS_BYTE_2(Y1)) ^    \
+               AES_FT3(MBEDTLS_BYTE_3(Y2));     \
+    } while (0)
+
+#define AES_RROUND(X0, X1, X2, X3, Y0, Y1, Y2, Y3)                 \
+    do                                                      \
+    {                                                       \
+        (X0) = *RK++ ^ AES_RT0(MBEDTLS_BYTE_0(Y0)) ^    \
+               AES_RT1(MBEDTLS_BYTE_1(Y3)) ^    \
+               AES_RT2(MBEDTLS_BYTE_2(Y2)) ^    \
+               AES_RT3(MBEDTLS_BYTE_3(Y1));     \
+                                                            \
+        (X1) = *RK++ ^ AES_RT0(MBEDTLS_BYTE_0(Y1)) ^    \
+               AES_RT1(MBEDTLS_BYTE_1(Y0)) ^    \
+               AES_RT2(MBEDTLS_BYTE_2(Y3)) ^    \
+               AES_RT3(MBEDTLS_BYTE_3(Y2));     \
+                                                            \
+        (X2) = *RK++ ^ AES_RT0(MBEDTLS_BYTE_0(Y2)) ^    \
+               AES_RT1(MBEDTLS_BYTE_1(Y1)) ^    \
+               AES_RT2(MBEDTLS_BYTE_2(Y0)) ^    \
+               AES_RT3(MBEDTLS_BYTE_3(Y3));     \
+                                                            \
+        (X3) = *RK++ ^ AES_RT0(MBEDTLS_BYTE_0(Y3)) ^    \
+               AES_RT1(MBEDTLS_BYTE_1(Y2)) ^    \
+               AES_RT2(MBEDTLS_BYTE_2(Y1)) ^    \
+               AES_RT3(MBEDTLS_BYTE_3(Y0));     \
+    } while (0)
+
+/*
+ * AES-ECB block encryption
+ */
+#if !defined(MBEDTLS_AES_ENCRYPT_ALT)
+int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx,
+                                 const unsigned char input[16],
+                                 unsigned char output[16])
+{
+    int i;
+    uint32_t *RK = ctx->rk;
+    struct {
+        uint32_t X[4];
+        uint32_t Y[4];
+    } t;
+
+    t.X[0] = MBEDTLS_GET_UINT32_LE(input,  0); t.X[0] ^= *RK++;
+    t.X[1] = MBEDTLS_GET_UINT32_LE(input,  4); t.X[1] ^= *RK++;
+    t.X[2] = MBEDTLS_GET_UINT32_LE(input,  8); t.X[2] ^= *RK++;
+    t.X[3] = MBEDTLS_GET_UINT32_LE(input, 12); t.X[3] ^= *RK++;
+
+    for (i = (ctx->nr >> 1) - 1; i > 0; i--) {
+        AES_FROUND(t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3]);
+        AES_FROUND(t.X[0], t.X[1], t.X[2], t.X[3], t.Y[0], t.Y[1], t.Y[2], t.Y[3]);
+    }
+
+    AES_FROUND(t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3]);
+
+    t.X[0] = *RK++ ^ \
+             ((uint32_t) FSb[MBEDTLS_BYTE_0(t.Y[0])]) ^
+             ((uint32_t) FSb[MBEDTLS_BYTE_1(t.Y[1])] <<  8) ^
+             ((uint32_t) FSb[MBEDTLS_BYTE_2(t.Y[2])] << 16) ^
+             ((uint32_t) FSb[MBEDTLS_BYTE_3(t.Y[3])] << 24);
+
+    t.X[1] = *RK++ ^ \
+             ((uint32_t) FSb[MBEDTLS_BYTE_0(t.Y[1])]) ^
+             ((uint32_t) FSb[MBEDTLS_BYTE_1(t.Y[2])] <<  8) ^
+             ((uint32_t) FSb[MBEDTLS_BYTE_2(t.Y[3])] << 16) ^
+             ((uint32_t) FSb[MBEDTLS_BYTE_3(t.Y[0])] << 24);
+
+    t.X[2] = *RK++ ^ \
+             ((uint32_t) FSb[MBEDTLS_BYTE_0(t.Y[2])]) ^
+             ((uint32_t) FSb[MBEDTLS_BYTE_1(t.Y[3])] <<  8) ^
+             ((uint32_t) FSb[MBEDTLS_BYTE_2(t.Y[0])] << 16) ^
+             ((uint32_t) FSb[MBEDTLS_BYTE_3(t.Y[1])] << 24);
+
+    t.X[3] = *RK++ ^ \
+             ((uint32_t) FSb[MBEDTLS_BYTE_0(t.Y[3])]) ^
+             ((uint32_t) FSb[MBEDTLS_BYTE_1(t.Y[0])] <<  8) ^
+             ((uint32_t) FSb[MBEDTLS_BYTE_2(t.Y[1])] << 16) ^
+             ((uint32_t) FSb[MBEDTLS_BYTE_3(t.Y[2])] << 24);
+
+    MBEDTLS_PUT_UINT32_LE(t.X[0], output,  0);
+    MBEDTLS_PUT_UINT32_LE(t.X[1], output,  4);
+    MBEDTLS_PUT_UINT32_LE(t.X[2], output,  8);
+    MBEDTLS_PUT_UINT32_LE(t.X[3], output, 12);
+
+    mbedtls_platform_zeroize(&t, sizeof(t));
+
+    return 0;
+}
+#endif /* !MBEDTLS_AES_ENCRYPT_ALT */
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_aes_encrypt(mbedtls_aes_context *ctx,
+                         const unsigned char input[16],
+                         unsigned char output[16])
+{
+    MBEDTLS_IGNORE_RETURN(mbedtls_internal_aes_encrypt(ctx, input, output));
+}
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+/*
+ * AES-ECB block decryption
+ */
+#if !defined(MBEDTLS_AES_DECRYPT_ALT)
+int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
+                                 const unsigned char input[16],
+                                 unsigned char output[16])
+{
+    int i;
+    uint32_t *RK = ctx->rk;
+    struct {
+        uint32_t X[4];
+        uint32_t Y[4];
+    } t;
+
+    t.X[0] = MBEDTLS_GET_UINT32_LE(input,  0); t.X[0] ^= *RK++;
+    t.X[1] = MBEDTLS_GET_UINT32_LE(input,  4); t.X[1] ^= *RK++;
+    t.X[2] = MBEDTLS_GET_UINT32_LE(input,  8); t.X[2] ^= *RK++;
+    t.X[3] = MBEDTLS_GET_UINT32_LE(input, 12); t.X[3] ^= *RK++;
+
+    for (i = (ctx->nr >> 1) - 1; i > 0; i--) {
+        AES_RROUND(t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3]);
+        AES_RROUND(t.X[0], t.X[1], t.X[2], t.X[3], t.Y[0], t.Y[1], t.Y[2], t.Y[3]);
+    }
+
+    AES_RROUND(t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3]);
+
+    t.X[0] = *RK++ ^ \
+             ((uint32_t) RSb[MBEDTLS_BYTE_0(t.Y[0])]) ^
+             ((uint32_t) RSb[MBEDTLS_BYTE_1(t.Y[3])] <<  8) ^
+             ((uint32_t) RSb[MBEDTLS_BYTE_2(t.Y[2])] << 16) ^
+             ((uint32_t) RSb[MBEDTLS_BYTE_3(t.Y[1])] << 24);
+
+    t.X[1] = *RK++ ^ \
+             ((uint32_t) RSb[MBEDTLS_BYTE_0(t.Y[1])]) ^
+             ((uint32_t) RSb[MBEDTLS_BYTE_1(t.Y[0])] <<  8) ^
+             ((uint32_t) RSb[MBEDTLS_BYTE_2(t.Y[3])] << 16) ^
+             ((uint32_t) RSb[MBEDTLS_BYTE_3(t.Y[2])] << 24);
+
+    t.X[2] = *RK++ ^ \
+             ((uint32_t) RSb[MBEDTLS_BYTE_0(t.Y[2])]) ^
+             ((uint32_t) RSb[MBEDTLS_BYTE_1(t.Y[1])] <<  8) ^
+             ((uint32_t) RSb[MBEDTLS_BYTE_2(t.Y[0])] << 16) ^
+             ((uint32_t) RSb[MBEDTLS_BYTE_3(t.Y[3])] << 24);
+
+    t.X[3] = *RK++ ^ \
+             ((uint32_t) RSb[MBEDTLS_BYTE_0(t.Y[3])]) ^
+             ((uint32_t) RSb[MBEDTLS_BYTE_1(t.Y[2])] <<  8) ^
+             ((uint32_t) RSb[MBEDTLS_BYTE_2(t.Y[1])] << 16) ^
+             ((uint32_t) RSb[MBEDTLS_BYTE_3(t.Y[0])] << 24);
+
+    MBEDTLS_PUT_UINT32_LE(t.X[0], output,  0);
+    MBEDTLS_PUT_UINT32_LE(t.X[1], output,  4);
+    MBEDTLS_PUT_UINT32_LE(t.X[2], output,  8);
+    MBEDTLS_PUT_UINT32_LE(t.X[3], output, 12);
+
+    mbedtls_platform_zeroize(&t, sizeof(t));
+
+    return 0;
+}
+#endif /* !MBEDTLS_AES_DECRYPT_ALT */
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_aes_decrypt(mbedtls_aes_context *ctx,
+                         const unsigned char input[16],
+                         unsigned char output[16])
+{
+    MBEDTLS_IGNORE_RETURN(mbedtls_internal_aes_decrypt(ctx, input, output));
+}
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+#if defined(MAY_NEED_TO_ALIGN)
+/* VIA Padlock and our intrinsics-based implementation of AESNI require
+ * the round keys to be aligned on a 16-byte boundary. We take care of this
+ * before creating them, but the AES context may have moved (this can happen
+ * if the library is called from a language with managed memory), and in later
+ * calls it might have a different alignment with respect to 16-byte memory.
+ * So we may need to realign.
+ * NOTE: In the LTS branch, the context contains a pointer to within itself,
+ * so if it has been moved, things will probably go pear-shaped. We keep this
+ * code for compatibility with the development branch, in case of future changes.
+ */
+static void aes_maybe_realign(mbedtls_aes_context *ctx)
+{
+    unsigned current_offset = (unsigned) (ctx->rk - ctx->buf);
+    unsigned new_offset = mbedtls_aes_rk_offset(ctx->buf);
+    if (new_offset != current_offset) {
+        memmove(ctx->buf + new_offset,     // new address
+                ctx->buf + current_offset, // current address
+                (ctx->nr + 1) * 16);       // number of round keys * bytes per rk
+        ctx->rk = ctx->buf + new_offset;
+    }
+}
+#endif
+
+/*
+ * AES-ECB block encryption/decryption
+ */
+int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
+                          int mode,
+                          const unsigned char input[16],
+                          unsigned char output[16])
+{
+    AES_VALIDATE_RET(ctx != NULL);
+    AES_VALIDATE_RET(input != NULL);
+    AES_VALIDATE_RET(output != NULL);
+    AES_VALIDATE_RET(mode == MBEDTLS_AES_ENCRYPT ||
+                     mode == MBEDTLS_AES_DECRYPT);
+
+#if defined(MAY_NEED_TO_ALIGN)
+    aes_maybe_realign(ctx);
+#endif
+
+#if defined(MBEDTLS_AESNI_HAVE_CODE)
+    if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) {
+        return mbedtls_aesni_crypt_ecb(ctx, mode, input, output);
+    }
+#endif
+
+#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)
+    if (aes_padlock_ace) {
+        return mbedtls_padlock_xcryptecb(ctx, mode, input, output);
+    }
+#endif
+
+    if (mode == MBEDTLS_AES_ENCRYPT) {
+        return mbedtls_internal_aes_encrypt(ctx, input, output);
+    } else {
+        return mbedtls_internal_aes_decrypt(ctx, input, output);
+    }
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/*
+ * AES-CBC buffer encryption/decryption
+ */
+int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
+                          int mode,
+                          size_t length,
+                          unsigned char iv[16],
+                          const unsigned char *input,
+                          unsigned char *output)
+{
+    int i;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char temp[16];
+
+    AES_VALIDATE_RET(ctx != NULL);
+    AES_VALIDATE_RET(mode == MBEDTLS_AES_ENCRYPT ||
+                     mode == MBEDTLS_AES_DECRYPT);
+    AES_VALIDATE_RET(iv != NULL);
+    AES_VALIDATE_RET(input != NULL);
+    AES_VALIDATE_RET(output != NULL);
+
+    if (length % 16) {
+        return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
+    }
+
+#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)
+    if (aes_padlock_ace) {
+        if (mbedtls_padlock_xcryptcbc(ctx, mode, length, iv, input, output) == 0) {
+            return 0;
+        }
+
+        // If padlock data misaligned, we just fall back to
+        // unaccelerated mode
+        //
+    }
+#endif
+
+    if (mode == MBEDTLS_AES_DECRYPT) {
+        while (length > 0) {
+            memcpy(temp, input, 16);
+            ret = mbedtls_aes_crypt_ecb(ctx, mode, input, output);
+            if (ret != 0) {
+                goto exit;
+            }
+
+            for (i = 0; i < 16; i++) {
+                output[i] = (unsigned char) (output[i] ^ iv[i]);
+            }
+
+            memcpy(iv, temp, 16);
+
+            input  += 16;
+            output += 16;
+            length -= 16;
+        }
+    } else {
+        while (length > 0) {
+            for (i = 0; i < 16; i++) {
+                output[i] = (unsigned char) (input[i] ^ iv[i]);
+            }
+
+            ret = mbedtls_aes_crypt_ecb(ctx, mode, output, output);
+            if (ret != 0) {
+                goto exit;
+            }
+            memcpy(iv, output, 16);
+
+            input  += 16;
+            output += 16;
+            length -= 16;
+        }
+    }
+    ret = 0;
+
+exit:
+    return ret;
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+
+typedef unsigned char mbedtls_be128[16];
+
+/*
+ * GF(2^128) multiplication function
+ *
+ * This function multiplies a field element by x in the polynomial field
+ * representation. It uses 64-bit word operations to gain speed but compensates
+ * for machine endianness and hence works correctly on both big and little
+ * endian machines.
+ */
+static void mbedtls_gf128mul_x_ble(unsigned char r[16],
+                                   const unsigned char x[16])
+{
+    uint64_t a, b, ra, rb;
+
+    a = MBEDTLS_GET_UINT64_LE(x, 0);
+    b = MBEDTLS_GET_UINT64_LE(x, 8);
+
+    ra = (a << 1)  ^ 0x0087 >> (8 - ((b >> 63) << 3));
+    rb = (a >> 63) | (b << 1);
+
+    MBEDTLS_PUT_UINT64_LE(ra, r, 0);
+    MBEDTLS_PUT_UINT64_LE(rb, r, 8);
+}
+
+/*
+ * AES-XTS buffer encryption/decryption
+ */
+int mbedtls_aes_crypt_xts(mbedtls_aes_xts_context *ctx,
+                          int mode,
+                          size_t length,
+                          const unsigned char data_unit[16],
+                          const unsigned char *input,
+                          unsigned char *output)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t blocks = length / 16;
+    size_t leftover = length % 16;
+    unsigned char tweak[16];
+    unsigned char prev_tweak[16];
+    unsigned char tmp[16];
+
+    AES_VALIDATE_RET(ctx != NULL);
+    AES_VALIDATE_RET(mode == MBEDTLS_AES_ENCRYPT ||
+                     mode == MBEDTLS_AES_DECRYPT);
+    AES_VALIDATE_RET(data_unit != NULL);
+    AES_VALIDATE_RET(input != NULL);
+    AES_VALIDATE_RET(output != NULL);
+
+    /* Data units must be at least 16 bytes long. */
+    if (length < 16) {
+        return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
+    }
+
+    /* NIST SP 800-38E disallows data units larger than 2**20 blocks. */
+    if (length > (1 << 20) * 16) {
+        return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
+    }
+
+    /* Compute the tweak. */
+    ret = mbedtls_aes_crypt_ecb(&ctx->tweak, MBEDTLS_AES_ENCRYPT,
+                                data_unit, tweak);
+    if (ret != 0) {
+        return ret;
+    }
+
+    while (blocks--) {
+        size_t i;
+
+        if (leftover && (mode == MBEDTLS_AES_DECRYPT) && blocks == 0) {
+            /* We are on the last block in a decrypt operation that has
+             * leftover bytes, so we need to use the next tweak for this block,
+             * and this tweak for the leftover bytes. Save the current tweak for
+             * the leftovers and then update the current tweak for use on this,
+             * the last full block. */
+            memcpy(prev_tweak, tweak, sizeof(tweak));
+            mbedtls_gf128mul_x_ble(tweak, tweak);
+        }
+
+        for (i = 0; i < 16; i++) {
+            tmp[i] = input[i] ^ tweak[i];
+        }
+
+        ret = mbedtls_aes_crypt_ecb(&ctx->crypt, mode, tmp, tmp);
+        if (ret != 0) {
+            return ret;
+        }
+
+        for (i = 0; i < 16; i++) {
+            output[i] = tmp[i] ^ tweak[i];
+        }
+
+        /* Update the tweak for the next block. */
+        mbedtls_gf128mul_x_ble(tweak, tweak);
+
+        output += 16;
+        input += 16;
+    }
+
+    if (leftover) {
+        /* If we are on the leftover bytes in a decrypt operation, we need to
+         * use the previous tweak for these bytes (as saved in prev_tweak). */
+        unsigned char *t = mode == MBEDTLS_AES_DECRYPT ? prev_tweak : tweak;
+
+        /* We are now on the final part of the data unit, which doesn't divide
+         * evenly by 16. It's time for ciphertext stealing. */
+        size_t i;
+        unsigned char *prev_output = output - 16;
+
+        /* Copy ciphertext bytes from the previous block to our output for each
+         * byte of ciphertext we won't steal. At the same time, copy the
+         * remainder of the input for this final round (since the loop bounds
+         * are the same). */
+        for (i = 0; i < leftover; i++) {
+            output[i] = prev_output[i];
+            tmp[i] = input[i] ^ t[i];
+        }
+
+        /* Copy ciphertext bytes from the previous block for input in this
+         * round. */
+        for (; i < 16; i++) {
+            tmp[i] = prev_output[i] ^ t[i];
+        }
+
+        ret = mbedtls_aes_crypt_ecb(&ctx->crypt, mode, tmp, tmp);
+        if (ret != 0) {
+            return ret;
+        }
+
+        /* Write the result back to the previous block, overriding the previous
+         * output we copied. */
+        for (i = 0; i < 16; i++) {
+            prev_output[i] = tmp[i] ^ t[i];
+        }
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_CIPHER_MODE_XTS */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+/*
+ * AES-CFB128 buffer encryption/decryption
+ */
+int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx,
+                             int mode,
+                             size_t length,
+                             size_t *iv_off,
+                             unsigned char iv[16],
+                             const unsigned char *input,
+                             unsigned char *output)
+{
+    int c;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t n;
+
+    AES_VALIDATE_RET(ctx != NULL);
+    AES_VALIDATE_RET(mode == MBEDTLS_AES_ENCRYPT ||
+                     mode == MBEDTLS_AES_DECRYPT);
+    AES_VALIDATE_RET(iv_off != NULL);
+    AES_VALIDATE_RET(iv != NULL);
+    AES_VALIDATE_RET(input != NULL);
+    AES_VALIDATE_RET(output != NULL);
+
+    n = *iv_off;
+
+    if (n > 15) {
+        return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
+    }
+
+    if (mode == MBEDTLS_AES_DECRYPT) {
+        while (length--) {
+            if (n == 0) {
+                ret = mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv);
+                if (ret != 0) {
+                    goto exit;
+                }
+            }
+
+            c = *input++;
+            *output++ = (unsigned char) (c ^ iv[n]);
+            iv[n] = (unsigned char) c;
+
+            n = (n + 1) & 0x0F;
+        }
+    } else {
+        while (length--) {
+            if (n == 0) {
+                ret = mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv);
+                if (ret != 0) {
+                    goto exit;
+                }
+            }
+
+            iv[n] = *output++ = (unsigned char) (iv[n] ^ *input++);
+
+            n = (n + 1) & 0x0F;
+        }
+    }
+
+    *iv_off = n;
+    ret = 0;
+
+exit:
+    return ret;
+}
+
+/*
+ * AES-CFB8 buffer encryption/decryption
+ */
+int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx,
+                           int mode,
+                           size_t length,
+                           unsigned char iv[16],
+                           const unsigned char *input,
+                           unsigned char *output)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char c;
+    unsigned char ov[17];
+
+    AES_VALIDATE_RET(ctx != NULL);
+    AES_VALIDATE_RET(mode == MBEDTLS_AES_ENCRYPT ||
+                     mode == MBEDTLS_AES_DECRYPT);
+    AES_VALIDATE_RET(iv != NULL);
+    AES_VALIDATE_RET(input != NULL);
+    AES_VALIDATE_RET(output != NULL);
+    while (length--) {
+        memcpy(ov, iv, 16);
+        ret = mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv);
+        if (ret != 0) {
+            goto exit;
+        }
+
+        if (mode == MBEDTLS_AES_DECRYPT) {
+            ov[16] = *input;
+        }
+
+        c = *output++ = (unsigned char) (iv[0] ^ *input++);
+
+        if (mode == MBEDTLS_AES_ENCRYPT) {
+            ov[16] = c;
+        }
+
+        memcpy(iv, ov + 1, 16);
+    }
+    ret = 0;
+
+exit:
+    return ret;
+}
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+/*
+ * AES-OFB (Output Feedback Mode) buffer encryption/decryption
+ */
+int mbedtls_aes_crypt_ofb(mbedtls_aes_context *ctx,
+                          size_t length,
+                          size_t *iv_off,
+                          unsigned char iv[16],
+                          const unsigned char *input,
+                          unsigned char *output)
+{
+    int ret = 0;
+    size_t n;
+
+    AES_VALIDATE_RET(ctx != NULL);
+    AES_VALIDATE_RET(iv_off != NULL);
+    AES_VALIDATE_RET(iv != NULL);
+    AES_VALIDATE_RET(input != NULL);
+    AES_VALIDATE_RET(output != NULL);
+
+    n = *iv_off;
+
+    if (n > 15) {
+        return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
+    }
+
+    while (length--) {
+        if (n == 0) {
+            ret = mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv);
+            if (ret != 0) {
+                goto exit;
+            }
+        }
+        *output++ =  *input++ ^ iv[n];
+
+        n = (n + 1) & 0x0F;
+    }
+
+    *iv_off = n;
+
+exit:
+    return ret;
+}
+#endif /* MBEDTLS_CIPHER_MODE_OFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+/*
+ * AES-CTR buffer encryption/decryption
+ */
+int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx,
+                          size_t length,
+                          size_t *nc_off,
+                          unsigned char nonce_counter[16],
+                          unsigned char stream_block[16],
+                          const unsigned char *input,
+                          unsigned char *output)
+{
+    int c, i;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t n;
+
+    AES_VALIDATE_RET(ctx != NULL);
+    AES_VALIDATE_RET(nc_off != NULL);
+    AES_VALIDATE_RET(nonce_counter != NULL);
+    AES_VALIDATE_RET(stream_block != NULL);
+    AES_VALIDATE_RET(input != NULL);
+    AES_VALIDATE_RET(output != NULL);
+
+    n = *nc_off;
+
+    if (n > 0x0F) {
+        return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
+    }
+
+    while (length--) {
+        if (n == 0) {
+            ret = mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block);
+            if (ret != 0) {
+                goto exit;
+            }
+
+            for (i = 16; i > 0; i--) {
+                if (++nonce_counter[i - 1] != 0) {
+                    break;
+                }
+            }
+        }
+        c = *input++;
+        *output++ = (unsigned char) (c ^ stream_block[n]);
+
+        n = (n + 1) & 0x0F;
+    }
+
+    *nc_off = n;
+    ret = 0;
+
+exit:
+    return ret;
+}
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+#endif /* !MBEDTLS_AES_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+/*
+ * AES test vectors from:
+ *
+ * http://csrc.nist.gov/archive/aes/rijndael/rijndael-vals.zip
+ */
+static const unsigned char aes_test_ecb_dec[3][16] =
+{
+    { 0x44, 0x41, 0x6A, 0xC2, 0xD1, 0xF5, 0x3C, 0x58,
+      0x33, 0x03, 0x91, 0x7E, 0x6B, 0xE9, 0xEB, 0xE0 },
+    { 0x48, 0xE3, 0x1E, 0x9E, 0x25, 0x67, 0x18, 0xF2,
+      0x92, 0x29, 0x31, 0x9C, 0x19, 0xF1, 0x5B, 0xA4 },
+    { 0x05, 0x8C, 0xCF, 0xFD, 0xBB, 0xCB, 0x38, 0x2D,
+      0x1F, 0x6F, 0x56, 0x58, 0x5D, 0x8A, 0x4A, 0xDE }
+};
+
+static const unsigned char aes_test_ecb_enc[3][16] =
+{
+    { 0xC3, 0x4C, 0x05, 0x2C, 0xC0, 0xDA, 0x8D, 0x73,
+      0x45, 0x1A, 0xFE, 0x5F, 0x03, 0xBE, 0x29, 0x7F },
+    { 0xF3, 0xF6, 0x75, 0x2A, 0xE8, 0xD7, 0x83, 0x11,
+      0x38, 0xF0, 0x41, 0x56, 0x06, 0x31, 0xB1, 0x14 },
+    { 0x8B, 0x79, 0xEE, 0xCC, 0x93, 0xA0, 0xEE, 0x5D,
+      0xFF, 0x30, 0xB4, 0xEA, 0x21, 0x63, 0x6D, 0xA4 }
+};
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static const unsigned char aes_test_cbc_dec[3][16] =
+{
+    { 0xFA, 0xCA, 0x37, 0xE0, 0xB0, 0xC8, 0x53, 0x73,
+      0xDF, 0x70, 0x6E, 0x73, 0xF7, 0xC9, 0xAF, 0x86 },
+    { 0x5D, 0xF6, 0x78, 0xDD, 0x17, 0xBA, 0x4E, 0x75,
+      0xB6, 0x17, 0x68, 0xC6, 0xAD, 0xEF, 0x7C, 0x7B },
+    { 0x48, 0x04, 0xE1, 0x81, 0x8F, 0xE6, 0x29, 0x75,
+      0x19, 0xA3, 0xE8, 0x8C, 0x57, 0x31, 0x04, 0x13 }
+};
+
+static const unsigned char aes_test_cbc_enc[3][16] =
+{
+    { 0x8A, 0x05, 0xFC, 0x5E, 0x09, 0x5A, 0xF4, 0x84,
+      0x8A, 0x08, 0xD3, 0x28, 0xD3, 0x68, 0x8E, 0x3D },
+    { 0x7B, 0xD9, 0x66, 0xD5, 0x3A, 0xD8, 0xC1, 0xBB,
+      0x85, 0xD2, 0xAD, 0xFA, 0xE8, 0x7B, 0xB1, 0x04 },
+    { 0xFE, 0x3C, 0x53, 0x65, 0x3E, 0x2F, 0x45, 0xB5,
+      0x6F, 0xCD, 0x88, 0xB2, 0xCC, 0x89, 0x8F, 0xF0 }
+};
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+/*
+ * AES-CFB128 test vectors from:
+ *
+ * http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
+ */
+static const unsigned char aes_test_cfb128_key[3][32] =
+{
+    { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6,
+      0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C },
+    { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52,
+      0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5,
+      0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B },
+    { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE,
+      0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81,
+      0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7,
+      0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 }
+};
+
+static const unsigned char aes_test_cfb128_iv[16] =
+{
+    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+    0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
+};
+
+static const unsigned char aes_test_cfb128_pt[64] =
+{
+    0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
+    0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
+    0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
+    0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51,
+    0x30, 0xC8, 0x1C, 0x46, 0xA3, 0x5C, 0xE4, 0x11,
+    0xE5, 0xFB, 0xC1, 0x19, 0x1A, 0x0A, 0x52, 0xEF,
+    0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17,
+    0xAD, 0x2B, 0x41, 0x7B, 0xE6, 0x6C, 0x37, 0x10
+};
+
+static const unsigned char aes_test_cfb128_ct[3][64] =
+{
+    { 0x3B, 0x3F, 0xD9, 0x2E, 0xB7, 0x2D, 0xAD, 0x20,
+      0x33, 0x34, 0x49, 0xF8, 0xE8, 0x3C, 0xFB, 0x4A,
+      0xC8, 0xA6, 0x45, 0x37, 0xA0, 0xB3, 0xA9, 0x3F,
+      0xCD, 0xE3, 0xCD, 0xAD, 0x9F, 0x1C, 0xE5, 0x8B,
+      0x26, 0x75, 0x1F, 0x67, 0xA3, 0xCB, 0xB1, 0x40,
+      0xB1, 0x80, 0x8C, 0xF1, 0x87, 0xA4, 0xF4, 0xDF,
+      0xC0, 0x4B, 0x05, 0x35, 0x7C, 0x5D, 0x1C, 0x0E,
+      0xEA, 0xC4, 0xC6, 0x6F, 0x9F, 0xF7, 0xF2, 0xE6 },
+    { 0xCD, 0xC8, 0x0D, 0x6F, 0xDD, 0xF1, 0x8C, 0xAB,
+      0x34, 0xC2, 0x59, 0x09, 0xC9, 0x9A, 0x41, 0x74,
+      0x67, 0xCE, 0x7F, 0x7F, 0x81, 0x17, 0x36, 0x21,
+      0x96, 0x1A, 0x2B, 0x70, 0x17, 0x1D, 0x3D, 0x7A,
+      0x2E, 0x1E, 0x8A, 0x1D, 0xD5, 0x9B, 0x88, 0xB1,
+      0xC8, 0xE6, 0x0F, 0xED, 0x1E, 0xFA, 0xC4, 0xC9,
+      0xC0, 0x5F, 0x9F, 0x9C, 0xA9, 0x83, 0x4F, 0xA0,
+      0x42, 0xAE, 0x8F, 0xBA, 0x58, 0x4B, 0x09, 0xFF },
+    { 0xDC, 0x7E, 0x84, 0xBF, 0xDA, 0x79, 0x16, 0x4B,
+      0x7E, 0xCD, 0x84, 0x86, 0x98, 0x5D, 0x38, 0x60,
+      0x39, 0xFF, 0xED, 0x14, 0x3B, 0x28, 0xB1, 0xC8,
+      0x32, 0x11, 0x3C, 0x63, 0x31, 0xE5, 0x40, 0x7B,
+      0xDF, 0x10, 0x13, 0x24, 0x15, 0xE5, 0x4B, 0x92,
+      0xA1, 0x3E, 0xD0, 0xA8, 0x26, 0x7A, 0xE2, 0xF9,
+      0x75, 0xA3, 0x85, 0x74, 0x1A, 0xB9, 0xCE, 0xF8,
+      0x20, 0x31, 0x62, 0x3D, 0x55, 0xB1, 0xE4, 0x71 }
+};
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+/*
+ * AES-OFB test vectors from:
+ *
+ * https://csrc.nist.gov/publications/detail/sp/800-38a/final
+ */
+static const unsigned char aes_test_ofb_key[3][32] =
+{
+    { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6,
+      0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C },
+    { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52,
+      0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5,
+      0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B },
+    { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE,
+      0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81,
+      0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7,
+      0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 }
+};
+
+static const unsigned char aes_test_ofb_iv[16] =
+{
+    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+    0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
+};
+
+static const unsigned char aes_test_ofb_pt[64] =
+{
+    0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
+    0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
+    0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
+    0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51,
+    0x30, 0xC8, 0x1C, 0x46, 0xA3, 0x5C, 0xE4, 0x11,
+    0xE5, 0xFB, 0xC1, 0x19, 0x1A, 0x0A, 0x52, 0xEF,
+    0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17,
+    0xAD, 0x2B, 0x41, 0x7B, 0xE6, 0x6C, 0x37, 0x10
+};
+
+static const unsigned char aes_test_ofb_ct[3][64] =
+{
+    { 0x3B, 0x3F, 0xD9, 0x2E, 0xB7, 0x2D, 0xAD, 0x20,
+      0x33, 0x34, 0x49, 0xF8, 0xE8, 0x3C, 0xFB, 0x4A,
+      0x77, 0x89, 0x50, 0x8d, 0x16, 0x91, 0x8f, 0x03,
+      0xf5, 0x3c, 0x52, 0xda, 0xc5, 0x4e, 0xd8, 0x25,
+      0x97, 0x40, 0x05, 0x1e, 0x9c, 0x5f, 0xec, 0xf6,
+      0x43, 0x44, 0xf7, 0xa8, 0x22, 0x60, 0xed, 0xcc,
+      0x30, 0x4c, 0x65, 0x28, 0xf6, 0x59, 0xc7, 0x78,
+      0x66, 0xa5, 0x10, 0xd9, 0xc1, 0xd6, 0xae, 0x5e },
+    { 0xCD, 0xC8, 0x0D, 0x6F, 0xDD, 0xF1, 0x8C, 0xAB,
+      0x34, 0xC2, 0x59, 0x09, 0xC9, 0x9A, 0x41, 0x74,
+      0xfc, 0xc2, 0x8b, 0x8d, 0x4c, 0x63, 0x83, 0x7c,
+      0x09, 0xe8, 0x17, 0x00, 0xc1, 0x10, 0x04, 0x01,
+      0x8d, 0x9a, 0x9a, 0xea, 0xc0, 0xf6, 0x59, 0x6f,
+      0x55, 0x9c, 0x6d, 0x4d, 0xaf, 0x59, 0xa5, 0xf2,
+      0x6d, 0x9f, 0x20, 0x08, 0x57, 0xca, 0x6c, 0x3e,
+      0x9c, 0xac, 0x52, 0x4b, 0xd9, 0xac, 0xc9, 0x2a },
+    { 0xDC, 0x7E, 0x84, 0xBF, 0xDA, 0x79, 0x16, 0x4B,
+      0x7E, 0xCD, 0x84, 0x86, 0x98, 0x5D, 0x38, 0x60,
+      0x4f, 0xeb, 0xdc, 0x67, 0x40, 0xd2, 0x0b, 0x3a,
+      0xc8, 0x8f, 0x6a, 0xd8, 0x2a, 0x4f, 0xb0, 0x8d,
+      0x71, 0xab, 0x47, 0xa0, 0x86, 0xe8, 0x6e, 0xed,
+      0xf3, 0x9d, 0x1c, 0x5b, 0xba, 0x97, 0xc4, 0x08,
+      0x01, 0x26, 0x14, 0x1d, 0x67, 0xf3, 0x7b, 0xe8,
+      0x53, 0x8f, 0x5a, 0x8b, 0xe7, 0x40, 0xe4, 0x84 }
+};
+#endif /* MBEDTLS_CIPHER_MODE_OFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+/*
+ * AES-CTR test vectors from:
+ *
+ * http://www.faqs.org/rfcs/rfc3686.html
+ */
+
+static const unsigned char aes_test_ctr_key[3][16] =
+{
+    { 0xAE, 0x68, 0x52, 0xF8, 0x12, 0x10, 0x67, 0xCC,
+      0x4B, 0xF7, 0xA5, 0x76, 0x55, 0x77, 0xF3, 0x9E },
+    { 0x7E, 0x24, 0x06, 0x78, 0x17, 0xFA, 0xE0, 0xD7,
+      0x43, 0xD6, 0xCE, 0x1F, 0x32, 0x53, 0x91, 0x63 },
+    { 0x76, 0x91, 0xBE, 0x03, 0x5E, 0x50, 0x20, 0xA8,
+      0xAC, 0x6E, 0x61, 0x85, 0x29, 0xF9, 0xA0, 0xDC }
+};
+
+static const unsigned char aes_test_ctr_nonce_counter[3][16] =
+{
+    { 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
+    { 0x00, 0x6C, 0xB6, 0xDB, 0xC0, 0x54, 0x3B, 0x59,
+      0xDA, 0x48, 0xD9, 0x0B, 0x00, 0x00, 0x00, 0x01 },
+    { 0x00, 0xE0, 0x01, 0x7B, 0x27, 0x77, 0x7F, 0x3F,
+      0x4A, 0x17, 0x86, 0xF0, 0x00, 0x00, 0x00, 0x01 }
+};
+
+static const unsigned char aes_test_ctr_pt[3][48] =
+{
+    { 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62,
+      0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67 },
+
+    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+      0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+      0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+      0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F },
+
+    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+      0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+      0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+      0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F,
+      0x20, 0x21, 0x22, 0x23 }
+};
+
+static const unsigned char aes_test_ctr_ct[3][48] =
+{
+    { 0xE4, 0x09, 0x5D, 0x4F, 0xB7, 0xA7, 0xB3, 0x79,
+      0x2D, 0x61, 0x75, 0xA3, 0x26, 0x13, 0x11, 0xB8 },
+    { 0x51, 0x04, 0xA1, 0x06, 0x16, 0x8A, 0x72, 0xD9,
+      0x79, 0x0D, 0x41, 0xEE, 0x8E, 0xDA, 0xD3, 0x88,
+      0xEB, 0x2E, 0x1E, 0xFC, 0x46, 0xDA, 0x57, 0xC8,
+      0xFC, 0xE6, 0x30, 0xDF, 0x91, 0x41, 0xBE, 0x28 },
+    { 0xC1, 0xCF, 0x48, 0xA8, 0x9F, 0x2F, 0xFD, 0xD9,
+      0xCF, 0x46, 0x52, 0xE9, 0xEF, 0xDB, 0x72, 0xD7,
+      0x45, 0x40, 0xA4, 0x2B, 0xDE, 0x6D, 0x78, 0x36,
+      0xD5, 0x9A, 0x5C, 0xEA, 0xAE, 0xF3, 0x10, 0x53,
+      0x25, 0xB2, 0x07, 0x2F }
+};
+
+static const int aes_test_ctr_len[3] =
+{ 16, 32, 36 };
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+/*
+ * AES-XTS test vectors from:
+ *
+ * IEEE P1619/D16 Annex B
+ * https://web.archive.org/web/20150629024421/http://grouper.ieee.org/groups/1619/email/pdf00086.pdf
+ * (Archived from original at http://grouper.ieee.org/groups/1619/email/pdf00086.pdf)
+ */
+static const unsigned char aes_test_xts_key[][32] =
+{
+    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+    { 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+      0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+      0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
+      0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22 },
+    { 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8,
+      0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0,
+      0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
+      0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22 },
+};
+
+static const unsigned char aes_test_xts_pt32[][32] =
+{
+    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+    { 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
+      0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
+      0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
+      0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44 },
+    { 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
+      0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
+      0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
+      0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44 },
+};
+
+static const unsigned char aes_test_xts_ct32[][32] =
+{
+    { 0x91, 0x7c, 0xf6, 0x9e, 0xbd, 0x68, 0xb2, 0xec,
+      0x9b, 0x9f, 0xe9, 0xa3, 0xea, 0xdd, 0xa6, 0x92,
+      0xcd, 0x43, 0xd2, 0xf5, 0x95, 0x98, 0xed, 0x85,
+      0x8c, 0x02, 0xc2, 0x65, 0x2f, 0xbf, 0x92, 0x2e },
+    { 0xc4, 0x54, 0x18, 0x5e, 0x6a, 0x16, 0x93, 0x6e,
+      0x39, 0x33, 0x40, 0x38, 0xac, 0xef, 0x83, 0x8b,
+      0xfb, 0x18, 0x6f, 0xff, 0x74, 0x80, 0xad, 0xc4,
+      0x28, 0x93, 0x82, 0xec, 0xd6, 0xd3, 0x94, 0xf0 },
+    { 0xaf, 0x85, 0x33, 0x6b, 0x59, 0x7a, 0xfc, 0x1a,
+      0x90, 0x0b, 0x2e, 0xb2, 0x1e, 0xc9, 0x49, 0xd2,
+      0x92, 0xdf, 0x4c, 0x04, 0x7e, 0x0b, 0x21, 0x53,
+      0x21, 0x86, 0xa5, 0x97, 0x1a, 0x22, 0x7a, 0x89 },
+};
+
+static const unsigned char aes_test_xts_data_unit[][16] =
+{
+    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+    { 0x33, 0x33, 0x33, 0x33, 0x33, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+    { 0x33, 0x33, 0x33, 0x33, 0x33, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+};
+
+#endif /* MBEDTLS_CIPHER_MODE_XTS */
+
+/*
+ * Checkup routine
+ */
+int mbedtls_aes_self_test(int verbose)
+{
+    int ret = 0, i, j, u, mode;
+    unsigned int keybits;
+    unsigned char key[32];
+    unsigned char buf[64];
+    const unsigned char *aes_tests;
+#if defined(MBEDTLS_CIPHER_MODE_CBC) || defined(MBEDTLS_CIPHER_MODE_CFB) || \
+    defined(MBEDTLS_CIPHER_MODE_OFB)
+    unsigned char iv[16];
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    unsigned char prv[16];
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR) || defined(MBEDTLS_CIPHER_MODE_CFB) || \
+    defined(MBEDTLS_CIPHER_MODE_OFB)
+    size_t offset;
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR) || defined(MBEDTLS_CIPHER_MODE_XTS)
+    int len;
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    unsigned char nonce_counter[16];
+    unsigned char stream_block[16];
+#endif
+    mbedtls_aes_context ctx;
+
+    memset(key, 0, 32);
+    mbedtls_aes_init(&ctx);
+
+    if (verbose != 0) {
+#if defined(MBEDTLS_AES_ALT)
+        mbedtls_printf("  AES note: alternative implementation.\n");
+#else /* MBEDTLS_AES_ALT */
+#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)
+        if (mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE)) {
+            mbedtls_printf("  AES note: using VIA Padlock.\n");
+        } else
+#endif
+#if defined(MBEDTLS_AESNI_HAVE_CODE)
+        if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) {
+            mbedtls_printf("  AES note: using AESNI via ");
+#if MBEDTLS_AESNI_HAVE_CODE == 1
+            mbedtls_printf("assembly");
+#elif MBEDTLS_AESNI_HAVE_CODE == 2
+            mbedtls_printf("intrinsics");
+#else
+            mbedtls_printf("(unknown)");
+#endif
+            mbedtls_printf(".\n");
+        } else
+#endif
+        mbedtls_printf("  AES note: built-in implementation.\n");
+#endif /* MBEDTLS_AES_ALT */
+    }
+
+    /*
+     * ECB mode
+     */
+    for (i = 0; i < 6; i++) {
+        u = i >> 1;
+        keybits = 128 + u * 64;
+        mode = i & 1;
+
+        if (verbose != 0) {
+            mbedtls_printf("  AES-ECB-%3u (%s): ", keybits,
+                           (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc");
+        }
+
+        memset(buf, 0, 16);
+
+        if (mode == MBEDTLS_AES_DECRYPT) {
+            ret = mbedtls_aes_setkey_dec(&ctx, key, keybits);
+            aes_tests = aes_test_ecb_dec[u];
+        } else {
+            ret = mbedtls_aes_setkey_enc(&ctx, key, keybits);
+            aes_tests = aes_test_ecb_enc[u];
+        }
+
+        /*
+         * AES-192 is an optional feature that may be unavailable when
+         * there is an alternative underlying implementation i.e. when
+         * MBEDTLS_AES_ALT is defined.
+         */
+        if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) {
+            mbedtls_printf("skipped\n");
+            continue;
+        } else if (ret != 0) {
+            goto exit;
+        }
+
+        for (j = 0; j < 10000; j++) {
+            ret = mbedtls_aes_crypt_ecb(&ctx, mode, buf, buf);
+            if (ret != 0) {
+                goto exit;
+            }
+        }
+
+        if (memcmp(buf, aes_tests, 16) != 0) {
+            ret = 1;
+            goto exit;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    /*
+     * CBC mode
+     */
+    for (i = 0; i < 6; i++) {
+        u = i >> 1;
+        keybits = 128 + u * 64;
+        mode = i & 1;
+
+        if (verbose != 0) {
+            mbedtls_printf("  AES-CBC-%3u (%s): ", keybits,
+                           (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc");
+        }
+
+        memset(iv, 0, 16);
+        memset(prv, 0, 16);
+        memset(buf, 0, 16);
+
+        if (mode == MBEDTLS_AES_DECRYPT) {
+            ret = mbedtls_aes_setkey_dec(&ctx, key, keybits);
+            aes_tests = aes_test_cbc_dec[u];
+        } else {
+            ret = mbedtls_aes_setkey_enc(&ctx, key, keybits);
+            aes_tests = aes_test_cbc_enc[u];
+        }
+
+        /*
+         * AES-192 is an optional feature that may be unavailable when
+         * there is an alternative underlying implementation i.e. when
+         * MBEDTLS_AES_ALT is defined.
+         */
+        if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) {
+            mbedtls_printf("skipped\n");
+            continue;
+        } else if (ret != 0) {
+            goto exit;
+        }
+
+        for (j = 0; j < 10000; j++) {
+            if (mode == MBEDTLS_AES_ENCRYPT) {
+                unsigned char tmp[16];
+
+                memcpy(tmp, prv, 16);
+                memcpy(prv, buf, 16);
+                memcpy(buf, tmp, 16);
+            }
+
+            ret = mbedtls_aes_crypt_cbc(&ctx, mode, 16, iv, buf, buf);
+            if (ret != 0) {
+                goto exit;
+            }
+
+        }
+
+        if (memcmp(buf, aes_tests, 16) != 0) {
+            ret = 1;
+            goto exit;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    /*
+     * CFB128 mode
+     */
+    for (i = 0; i < 6; i++) {
+        u = i >> 1;
+        keybits = 128 + u * 64;
+        mode = i & 1;
+
+        if (verbose != 0) {
+            mbedtls_printf("  AES-CFB128-%3u (%s): ", keybits,
+                           (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc");
+        }
+
+        memcpy(iv,  aes_test_cfb128_iv, 16);
+        memcpy(key, aes_test_cfb128_key[u], keybits / 8);
+
+        offset = 0;
+        ret = mbedtls_aes_setkey_enc(&ctx, key, keybits);
+        /*
+         * AES-192 is an optional feature that may be unavailable when
+         * there is an alternative underlying implementation i.e. when
+         * MBEDTLS_AES_ALT is defined.
+         */
+        if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) {
+            mbedtls_printf("skipped\n");
+            continue;
+        } else if (ret != 0) {
+            goto exit;
+        }
+
+        if (mode == MBEDTLS_AES_DECRYPT) {
+            memcpy(buf, aes_test_cfb128_ct[u], 64);
+            aes_tests = aes_test_cfb128_pt;
+        } else {
+            memcpy(buf, aes_test_cfb128_pt, 64);
+            aes_tests = aes_test_cfb128_ct[u];
+        }
+
+        ret = mbedtls_aes_crypt_cfb128(&ctx, mode, 64, &offset, iv, buf, buf);
+        if (ret != 0) {
+            goto exit;
+        }
+
+        if (memcmp(buf, aes_tests, 64) != 0) {
+            ret = 1;
+            goto exit;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    /*
+     * OFB mode
+     */
+    for (i = 0; i < 6; i++) {
+        u = i >> 1;
+        keybits = 128 + u * 64;
+        mode = i & 1;
+
+        if (verbose != 0) {
+            mbedtls_printf("  AES-OFB-%3u (%s): ", keybits,
+                           (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc");
+        }
+
+        memcpy(iv,  aes_test_ofb_iv, 16);
+        memcpy(key, aes_test_ofb_key[u], keybits / 8);
+
+        offset = 0;
+        ret = mbedtls_aes_setkey_enc(&ctx, key, keybits);
+        /*
+         * AES-192 is an optional feature that may be unavailable when
+         * there is an alternative underlying implementation i.e. when
+         * MBEDTLS_AES_ALT is defined.
+         */
+        if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) {
+            mbedtls_printf("skipped\n");
+            continue;
+        } else if (ret != 0) {
+            goto exit;
+        }
+
+        if (mode == MBEDTLS_AES_DECRYPT) {
+            memcpy(buf, aes_test_ofb_ct[u], 64);
+            aes_tests = aes_test_ofb_pt;
+        } else {
+            memcpy(buf, aes_test_ofb_pt, 64);
+            aes_tests = aes_test_ofb_ct[u];
+        }
+
+        ret = mbedtls_aes_crypt_ofb(&ctx, 64, &offset, iv, buf, buf);
+        if (ret != 0) {
+            goto exit;
+        }
+
+        if (memcmp(buf, aes_tests, 64) != 0) {
+            ret = 1;
+            goto exit;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+#endif /* MBEDTLS_CIPHER_MODE_OFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    /*
+     * CTR mode
+     */
+    for (i = 0; i < 6; i++) {
+        u = i >> 1;
+        mode = i & 1;
+
+        if (verbose != 0) {
+            mbedtls_printf("  AES-CTR-128 (%s): ",
+                           (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc");
+        }
+
+        memcpy(nonce_counter, aes_test_ctr_nonce_counter[u], 16);
+        memcpy(key, aes_test_ctr_key[u], 16);
+
+        offset = 0;
+        if ((ret = mbedtls_aes_setkey_enc(&ctx, key, 128)) != 0) {
+            goto exit;
+        }
+
+        len = aes_test_ctr_len[u];
+
+        if (mode == MBEDTLS_AES_DECRYPT) {
+            memcpy(buf, aes_test_ctr_ct[u], len);
+            aes_tests = aes_test_ctr_pt[u];
+        } else {
+            memcpy(buf, aes_test_ctr_pt[u], len);
+            aes_tests = aes_test_ctr_ct[u];
+        }
+
+        ret = mbedtls_aes_crypt_ctr(&ctx, len, &offset, nonce_counter,
+                                    stream_block, buf, buf);
+        if (ret != 0) {
+            goto exit;
+        }
+
+        if (memcmp(buf, aes_tests, len) != 0) {
+            ret = 1;
+            goto exit;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    {
+        static const int num_tests =
+            sizeof(aes_test_xts_key) / sizeof(*aes_test_xts_key);
+        mbedtls_aes_xts_context ctx_xts;
+
+        /*
+         * XTS mode
+         */
+        mbedtls_aes_xts_init(&ctx_xts);
+
+        for (i = 0; i < num_tests << 1; i++) {
+            const unsigned char *data_unit;
+            u = i >> 1;
+            mode = i & 1;
+
+            if (verbose != 0) {
+                mbedtls_printf("  AES-XTS-128 (%s): ",
+                               (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc");
+            }
+
+            memset(key, 0, sizeof(key));
+            memcpy(key, aes_test_xts_key[u], 32);
+            data_unit = aes_test_xts_data_unit[u];
+
+            len = sizeof(*aes_test_xts_ct32);
+
+            if (mode == MBEDTLS_AES_DECRYPT) {
+                ret = mbedtls_aes_xts_setkey_dec(&ctx_xts, key, 256);
+                if (ret != 0) {
+                    goto exit;
+                }
+                memcpy(buf, aes_test_xts_ct32[u], len);
+                aes_tests = aes_test_xts_pt32[u];
+            } else {
+                ret = mbedtls_aes_xts_setkey_enc(&ctx_xts, key, 256);
+                if (ret != 0) {
+                    goto exit;
+                }
+                memcpy(buf, aes_test_xts_pt32[u], len);
+                aes_tests = aes_test_xts_ct32[u];
+            }
+
+
+            ret = mbedtls_aes_crypt_xts(&ctx_xts, mode, len, data_unit,
+                                        buf, buf);
+            if (ret != 0) {
+                goto exit;
+            }
+
+            if (memcmp(buf, aes_tests, len) != 0) {
+                ret = 1;
+                goto exit;
+            }
+
+            if (verbose != 0) {
+                mbedtls_printf("passed\n");
+            }
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("\n");
+        }
+
+        mbedtls_aes_xts_free(&ctx_xts);
+    }
+#endif /* MBEDTLS_CIPHER_MODE_XTS */
+
+    ret = 0;
+
+exit:
+    if (ret != 0 && verbose != 0) {
+        mbedtls_printf("failed\n");
+    }
+
+    mbedtls_aes_free(&ctx);
+
+    return ret;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_AES_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/aesni.c b/3rdparty/mbedtls-2.28.7/library/aesni.c
new file mode 100644
index 0000000..dd84c2b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/aesni.c
@@ -0,0 +1,796 @@
+/*
+ *  AES-NI support functions
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ * [AES-WP] https://www.intel.com/content/www/us/en/developer/articles/tool/intel-advanced-encryption-standard-aes-instructions-set.html
+ * [CLMUL-WP] https://www.intel.com/content/www/us/en/develop/download/intel-carry-less-multiplication-instruction-and-its-usage-for-computing-the-gcm-mode.html
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_AESNI_C)
+
+#include "mbedtls/aesni.h"
+
+#include <string.h>
+
+/* *INDENT-OFF* */
+#ifndef asm
+#define asm __asm
+#endif
+/* *INDENT-ON* */
+
+#if defined(MBEDTLS_AESNI_HAVE_CODE)
+
+#if MBEDTLS_AESNI_HAVE_CODE == 2
+#if !defined(_WIN32)
+#include <cpuid.h>
+#else
+#include <intrin.h>
+#endif
+#include <immintrin.h>
+#endif
+
+/*
+ * AES-NI support detection routine
+ */
+int mbedtls_aesni_has_support(unsigned int what)
+{
+    static int done = 0;
+    static unsigned int c = 0;
+
+    if (!done) {
+#if MBEDTLS_AESNI_HAVE_CODE == 2
+        static unsigned info[4] = { 0, 0, 0, 0 };
+#if defined(_MSC_VER)
+        __cpuid(info, 1);
+#else
+        __cpuid(1, info[0], info[1], info[2], info[3]);
+#endif
+        c = info[2];
+#else /* AESNI using asm */
+        asm ("movl  $1, %%eax   \n\t"
+             "cpuid             \n\t"
+             : "=c" (c)
+             :
+             : "eax", "ebx", "edx");
+#endif /* MBEDTLS_AESNI_HAVE_CODE */
+        done = 1;
+    }
+
+    return (c & what) != 0;
+}
+
+#if MBEDTLS_AESNI_HAVE_CODE == 2
+
+/*
+ * AES-NI AES-ECB block en(de)cryption
+ */
+int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx,
+                            int mode,
+                            const unsigned char input[16],
+                            unsigned char output[16])
+{
+    const __m128i *rk = (const __m128i *) (ctx->rk);
+    unsigned nr = ctx->nr; // Number of remaining rounds
+
+    // Load round key 0
+    __m128i state;
+    memcpy(&state, input, 16);
+    state = _mm_xor_si128(state, rk[0]);  // state ^= *rk;
+    ++rk;
+    --nr;
+
+    if (mode == 0) {
+        while (nr != 0) {
+            state = _mm_aesdec_si128(state, *rk);
+            ++rk;
+            --nr;
+        }
+        state = _mm_aesdeclast_si128(state, *rk);
+    } else {
+        while (nr != 0) {
+            state = _mm_aesenc_si128(state, *rk);
+            ++rk;
+            --nr;
+        }
+        state = _mm_aesenclast_si128(state, *rk);
+    }
+
+    memcpy(output, &state, 16);
+    return 0;
+}
+
+/*
+ * GCM multiplication: c = a times b in GF(2^128)
+ * Based on [CLMUL-WP] algorithms 1 (with equation 27) and 5.
+ */
+
+static void gcm_clmul(const __m128i aa, const __m128i bb,
+                      __m128i *cc, __m128i *dd)
+{
+    /*
+     * Caryless multiplication dd:cc = aa * bb
+     * using [CLMUL-WP] algorithm 1 (p. 12).
+     */
+    *cc = _mm_clmulepi64_si128(aa, bb, 0x00); // a0*b0 = c1:c0
+    *dd = _mm_clmulepi64_si128(aa, bb, 0x11); // a1*b1 = d1:d0
+    __m128i ee = _mm_clmulepi64_si128(aa, bb, 0x10); // a0*b1 = e1:e0
+    __m128i ff = _mm_clmulepi64_si128(aa, bb, 0x01); // a1*b0 = f1:f0
+    ff = _mm_xor_si128(ff, ee);                      // e1+f1:e0+f0
+    ee = ff;                                         // e1+f1:e0+f0
+    ff = _mm_srli_si128(ff, 8);                      // 0:e1+f1
+    ee = _mm_slli_si128(ee, 8);                      // e0+f0:0
+    *dd = _mm_xor_si128(*dd, ff);                    // d1:d0+e1+f1
+    *cc = _mm_xor_si128(*cc, ee);                    // c1+e0+f0:c0
+}
+
+static void gcm_shift(__m128i *cc, __m128i *dd)
+{
+    /* [CMUCL-WP] Algorithm 5 Step 1: shift cc:dd one bit to the left,
+     * taking advantage of [CLMUL-WP] eq 27 (p. 18). */
+    //                                        // *cc = r1:r0
+    //                                        // *dd = r3:r2
+    __m128i cc_lo = _mm_slli_epi64(*cc, 1);   // r1<<1:r0<<1
+    __m128i dd_lo = _mm_slli_epi64(*dd, 1);   // r3<<1:r2<<1
+    __m128i cc_hi = _mm_srli_epi64(*cc, 63);  // r1>>63:r0>>63
+    __m128i dd_hi = _mm_srli_epi64(*dd, 63);  // r3>>63:r2>>63
+    __m128i xmm5 = _mm_srli_si128(cc_hi, 8);  // 0:r1>>63
+    cc_hi = _mm_slli_si128(cc_hi, 8);         // r0>>63:0
+    dd_hi = _mm_slli_si128(dd_hi, 8);         // 0:r1>>63
+
+    *cc = _mm_or_si128(cc_lo, cc_hi);         // r1<<1|r0>>63:r0<<1
+    *dd = _mm_or_si128(_mm_or_si128(dd_lo, dd_hi), xmm5); // r3<<1|r2>>62:r2<<1|r1>>63
+}
+
+static __m128i gcm_reduce(__m128i xx)
+{
+    //                                            // xx = x1:x0
+    /* [CLMUL-WP] Algorithm 5 Step 2 */
+    __m128i aa = _mm_slli_epi64(xx, 63);          // x1<<63:x0<<63 = stuff:a
+    __m128i bb = _mm_slli_epi64(xx, 62);          // x1<<62:x0<<62 = stuff:b
+    __m128i cc = _mm_slli_epi64(xx, 57);          // x1<<57:x0<<57 = stuff:c
+    __m128i dd = _mm_slli_si128(_mm_xor_si128(_mm_xor_si128(aa, bb), cc), 8); // a+b+c:0
+    return _mm_xor_si128(dd, xx);                 // x1+a+b+c:x0 = d:x0
+}
+
+static __m128i gcm_mix(__m128i dx)
+{
+    /* [CLMUL-WP] Algorithm 5 Steps 3 and 4 */
+    __m128i ee = _mm_srli_epi64(dx, 1);           // e1:x0>>1 = e1:e0'
+    __m128i ff = _mm_srli_epi64(dx, 2);           // f1:x0>>2 = f1:f0'
+    __m128i gg = _mm_srli_epi64(dx, 7);           // g1:x0>>7 = g1:g0'
+
+    // e0'+f0'+g0' is almost e0+f0+g0, except for some missing
+    // bits carried from d. Now get those bits back in.
+    __m128i eh = _mm_slli_epi64(dx, 63);          // d<<63:stuff
+    __m128i fh = _mm_slli_epi64(dx, 62);          // d<<62:stuff
+    __m128i gh = _mm_slli_epi64(dx, 57);          // d<<57:stuff
+    __m128i hh = _mm_srli_si128(_mm_xor_si128(_mm_xor_si128(eh, fh), gh), 8); // 0:missing bits of d
+
+    return _mm_xor_si128(_mm_xor_si128(_mm_xor_si128(_mm_xor_si128(ee, ff), gg), hh), dx);
+}
+
+void mbedtls_aesni_gcm_mult(unsigned char c[16],
+                            const unsigned char a[16],
+                            const unsigned char b[16])
+{
+    __m128i aa, bb, cc, dd;
+
+    /* The inputs are in big-endian order, so byte-reverse them */
+    for (size_t i = 0; i < 16; i++) {
+        ((uint8_t *) &aa)[i] = a[15 - i];
+        ((uint8_t *) &bb)[i] = b[15 - i];
+    }
+
+    gcm_clmul(aa, bb, &cc, &dd);
+    gcm_shift(&cc, &dd);
+    /*
+     * Now reduce modulo the GCM polynomial x^128 + x^7 + x^2 + x + 1
+     * using [CLMUL-WP] algorithm 5 (p. 18).
+     * Currently dd:cc holds x3:x2:x1:x0 (already shifted).
+     */
+    __m128i dx = gcm_reduce(cc);
+    __m128i xh = gcm_mix(dx);
+    cc = _mm_xor_si128(xh, dd); // x3+h1:x2+h0
+
+    /* Now byte-reverse the outputs */
+    for (size_t i = 0; i < 16; i++) {
+        c[i] = ((uint8_t *) &cc)[15 - i];
+    }
+
+    return;
+}
+
+/*
+ * Compute decryption round keys from encryption round keys
+ */
+void mbedtls_aesni_inverse_key(unsigned char *invkey,
+                               const unsigned char *fwdkey, int nr)
+{
+    __m128i *ik = (__m128i *) invkey;
+    const __m128i *fk = (const __m128i *) fwdkey + nr;
+
+    *ik = *fk;
+    for (--fk, ++ik; fk > (const __m128i *) fwdkey; --fk, ++ik) {
+        *ik = _mm_aesimc_si128(*fk);
+    }
+    *ik = *fk;
+}
+
+/*
+ * Key expansion, 128-bit case
+ */
+static __m128i aesni_set_rk_128(__m128i state, __m128i xword)
+{
+    /*
+     * Finish generating the next round key.
+     *
+     * On entry state is r3:r2:r1:r0 and xword is X:stuff:stuff:stuff
+     * with X = rot( sub( r3 ) ) ^ RCON (obtained with AESKEYGENASSIST).
+     *
+     * On exit, xword is r7:r6:r5:r4
+     * with r4 = X + r0, r5 = r4 + r1, r6 = r5 + r2, r7 = r6 + r3
+     * and this is returned, to be written to the round key buffer.
+     */
+    xword = _mm_shuffle_epi32(xword, 0xff);   // X:X:X:X
+    xword = _mm_xor_si128(xword, state);      // X+r3:X+r2:X+r1:r4
+    state = _mm_slli_si128(state, 4);         // r2:r1:r0:0
+    xword = _mm_xor_si128(xword, state);      // X+r3+r2:X+r2+r1:r5:r4
+    state = _mm_slli_si128(state, 4);         // r1:r0:0:0
+    xword = _mm_xor_si128(xword, state);      // X+r3+r2+r1:r6:r5:r4
+    state = _mm_slli_si128(state, 4);         // r0:0:0:0
+    state = _mm_xor_si128(xword, state);      // r7:r6:r5:r4
+    return state;
+}
+
+static void aesni_setkey_enc_128(unsigned char *rk_bytes,
+                                 const unsigned char *key)
+{
+    __m128i *rk = (__m128i *) rk_bytes;
+
+    memcpy(&rk[0], key, 16);
+    rk[1] = aesni_set_rk_128(rk[0], _mm_aeskeygenassist_si128(rk[0], 0x01));
+    rk[2] = aesni_set_rk_128(rk[1], _mm_aeskeygenassist_si128(rk[1], 0x02));
+    rk[3] = aesni_set_rk_128(rk[2], _mm_aeskeygenassist_si128(rk[2], 0x04));
+    rk[4] = aesni_set_rk_128(rk[3], _mm_aeskeygenassist_si128(rk[3], 0x08));
+    rk[5] = aesni_set_rk_128(rk[4], _mm_aeskeygenassist_si128(rk[4], 0x10));
+    rk[6] = aesni_set_rk_128(rk[5], _mm_aeskeygenassist_si128(rk[5], 0x20));
+    rk[7] = aesni_set_rk_128(rk[6], _mm_aeskeygenassist_si128(rk[6], 0x40));
+    rk[8] = aesni_set_rk_128(rk[7], _mm_aeskeygenassist_si128(rk[7], 0x80));
+    rk[9] = aesni_set_rk_128(rk[8], _mm_aeskeygenassist_si128(rk[8], 0x1B));
+    rk[10] = aesni_set_rk_128(rk[9], _mm_aeskeygenassist_si128(rk[9], 0x36));
+}
+
+/*
+ * Key expansion, 192-bit case
+ */
+static void aesni_set_rk_192(__m128i *state0, __m128i *state1, __m128i xword,
+                             unsigned char *rk)
+{
+    /*
+     * Finish generating the next 6 quarter-keys.
+     *
+     * On entry state0 is r3:r2:r1:r0, state1 is stuff:stuff:r5:r4
+     * and xword is stuff:stuff:X:stuff with X = rot( sub( r3 ) ) ^ RCON
+     * (obtained with AESKEYGENASSIST).
+     *
+     * On exit, state0 is r9:r8:r7:r6 and state1 is stuff:stuff:r11:r10
+     * and those are written to the round key buffer.
+     */
+    xword = _mm_shuffle_epi32(xword, 0x55);   // X:X:X:X
+    xword = _mm_xor_si128(xword, *state0);    // X+r3:X+r2:X+r1:X+r0
+    *state0 = _mm_slli_si128(*state0, 4);     // r2:r1:r0:0
+    xword = _mm_xor_si128(xword, *state0);    // X+r3+r2:X+r2+r1:X+r1+r0:X+r0
+    *state0 = _mm_slli_si128(*state0, 4);     // r1:r0:0:0
+    xword = _mm_xor_si128(xword, *state0);    // X+r3+r2+r1:X+r2+r1+r0:X+r1+r0:X+r0
+    *state0 = _mm_slli_si128(*state0, 4);     // r0:0:0:0
+    xword = _mm_xor_si128(xword, *state0);    // X+r3+r2+r1+r0:X+r2+r1+r0:X+r1+r0:X+r0
+    *state0 = xword;                          // = r9:r8:r7:r6
+
+    xword = _mm_shuffle_epi32(xword, 0xff);   // r9:r9:r9:r9
+    xword = _mm_xor_si128(xword, *state1);    // stuff:stuff:r9+r5:r9+r4
+    *state1 = _mm_slli_si128(*state1, 4);     // stuff:stuff:r4:0
+    xword = _mm_xor_si128(xword, *state1);    // stuff:stuff:r9+r5+r4:r9+r4
+    *state1 = xword;                          // = stuff:stuff:r11:r10
+
+    /* Store state0 and the low half of state1 into rk, which is conceptually
+     * an array of 24-byte elements. Since 24 is not a multiple of 16,
+     * rk is not necessarily aligned so just `*rk = *state0` doesn't work. */
+    memcpy(rk, state0, 16);
+    memcpy(rk + 16, state1, 8);
+}
+
+static void aesni_setkey_enc_192(unsigned char *rk,
+                                 const unsigned char *key)
+{
+    /* First round: use original key */
+    memcpy(rk, key, 24);
+    /* aes.c guarantees that rk is aligned on a 16-byte boundary. */
+    __m128i state0 = ((__m128i *) rk)[0];
+    __m128i state1 = _mm_loadl_epi64(((__m128i *) rk) + 1);
+
+    aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x01), rk + 24 * 1);
+    aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x02), rk + 24 * 2);
+    aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x04), rk + 24 * 3);
+    aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x08), rk + 24 * 4);
+    aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x10), rk + 24 * 5);
+    aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x20), rk + 24 * 6);
+    aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x40), rk + 24 * 7);
+    aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x80), rk + 24 * 8);
+}
+
+/*
+ * Key expansion, 256-bit case
+ */
+static void aesni_set_rk_256(__m128i state0, __m128i state1, __m128i xword,
+                             __m128i *rk0, __m128i *rk1)
+{
+    /*
+     * Finish generating the next two round keys.
+     *
+     * On entry state0 is r3:r2:r1:r0, state1 is r7:r6:r5:r4 and
+     * xword is X:stuff:stuff:stuff with X = rot( sub( r7 )) ^ RCON
+     * (obtained with AESKEYGENASSIST).
+     *
+     * On exit, *rk0 is r11:r10:r9:r8 and *rk1 is r15:r14:r13:r12
+     */
+    xword = _mm_shuffle_epi32(xword, 0xff);
+    xword = _mm_xor_si128(xword, state0);
+    state0 = _mm_slli_si128(state0, 4);
+    xword = _mm_xor_si128(xword, state0);
+    state0 = _mm_slli_si128(state0, 4);
+    xword = _mm_xor_si128(xword, state0);
+    state0 = _mm_slli_si128(state0, 4);
+    state0 = _mm_xor_si128(state0, xword);
+    *rk0 = state0;
+
+    /* Set xword to stuff:Y:stuff:stuff with Y = subword( r11 )
+     * and proceed to generate next round key from there */
+    xword = _mm_aeskeygenassist_si128(state0, 0x00);
+    xword = _mm_shuffle_epi32(xword, 0xaa);
+    xword = _mm_xor_si128(xword, state1);
+    state1 = _mm_slli_si128(state1, 4);
+    xword = _mm_xor_si128(xword, state1);
+    state1 = _mm_slli_si128(state1, 4);
+    xword = _mm_xor_si128(xword, state1);
+    state1 = _mm_slli_si128(state1, 4);
+    state1 = _mm_xor_si128(state1, xword);
+    *rk1 = state1;
+}
+
+static void aesni_setkey_enc_256(unsigned char *rk_bytes,
+                                 const unsigned char *key)
+{
+    __m128i *rk = (__m128i *) rk_bytes;
+
+    memcpy(&rk[0], key, 16);
+    memcpy(&rk[1], key + 16, 16);
+
+    /*
+     * Main "loop" - Generating one more key than necessary,
+     * see definition of mbedtls_aes_context.buf
+     */
+    aesni_set_rk_256(rk[0], rk[1], _mm_aeskeygenassist_si128(rk[1], 0x01), &rk[2], &rk[3]);
+    aesni_set_rk_256(rk[2], rk[3], _mm_aeskeygenassist_si128(rk[3], 0x02), &rk[4], &rk[5]);
+    aesni_set_rk_256(rk[4], rk[5], _mm_aeskeygenassist_si128(rk[5], 0x04), &rk[6], &rk[7]);
+    aesni_set_rk_256(rk[6], rk[7], _mm_aeskeygenassist_si128(rk[7], 0x08), &rk[8], &rk[9]);
+    aesni_set_rk_256(rk[8], rk[9], _mm_aeskeygenassist_si128(rk[9], 0x10), &rk[10], &rk[11]);
+    aesni_set_rk_256(rk[10], rk[11], _mm_aeskeygenassist_si128(rk[11], 0x20), &rk[12], &rk[13]);
+    aesni_set_rk_256(rk[12], rk[13], _mm_aeskeygenassist_si128(rk[13], 0x40), &rk[14], &rk[15]);
+}
+
+#else /* MBEDTLS_AESNI_HAVE_CODE == 1 */
+
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer)
+#warning \
+    "MBEDTLS_AESNI_C is known to cause spurious error reports with some memory sanitizers as they do not understand the assembly code."
+#endif
+#endif
+
+/*
+ * Binutils needs to be at least 2.19 to support AES-NI instructions.
+ * Unfortunately, a lot of users have a lower version now (2014-04).
+ * Emit bytecode directly in order to support "old" version of gas.
+ *
+ * Opcodes from the Intel architecture reference manual, vol. 3.
+ * We always use registers, so we don't need prefixes for memory operands.
+ * Operand macros are in gas order (src, dst) as opposed to Intel order
+ * (dst, src) in order to blend better into the surrounding assembly code.
+ */
+#define AESDEC(regs)      ".byte 0x66,0x0F,0x38,0xDE," regs "\n\t"
+#define AESDECLAST(regs)  ".byte 0x66,0x0F,0x38,0xDF," regs "\n\t"
+#define AESENC(regs)      ".byte 0x66,0x0F,0x38,0xDC," regs "\n\t"
+#define AESENCLAST(regs)  ".byte 0x66,0x0F,0x38,0xDD," regs "\n\t"
+#define AESIMC(regs)      ".byte 0x66,0x0F,0x38,0xDB," regs "\n\t"
+#define AESKEYGENA(regs, imm)  ".byte 0x66,0x0F,0x3A,0xDF," regs "," imm "\n\t"
+#define PCLMULQDQ(regs, imm)   ".byte 0x66,0x0F,0x3A,0x44," regs "," imm "\n\t"
+
+#define xmm0_xmm0   "0xC0"
+#define xmm0_xmm1   "0xC8"
+#define xmm0_xmm2   "0xD0"
+#define xmm0_xmm3   "0xD8"
+#define xmm0_xmm4   "0xE0"
+#define xmm1_xmm0   "0xC1"
+#define xmm1_xmm2   "0xD1"
+
+/*
+ * AES-NI AES-ECB block en(de)cryption
+ */
+int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx,
+                            int mode,
+                            const unsigned char input[16],
+                            unsigned char output[16])
+{
+    asm ("movdqu    (%3), %%xmm0    \n\t" // load input
+         "movdqu    (%1), %%xmm1    \n\t" // load round key 0
+         "pxor      %%xmm1, %%xmm0  \n\t" // round 0
+         "add       $16, %1         \n\t" // point to next round key
+         "subl      $1, %0          \n\t" // normal rounds = nr - 1
+         "test      %2, %2          \n\t" // mode?
+         "jz        2f              \n\t" // 0 = decrypt
+
+         "1:                        \n\t" // encryption loop
+         "movdqu    (%1), %%xmm1    \n\t" // load round key
+         AESENC(xmm1_xmm0)                // do round
+         "add       $16, %1         \n\t" // point to next round key
+         "subl      $1, %0          \n\t" // loop
+         "jnz       1b              \n\t"
+         "movdqu    (%1), %%xmm1    \n\t" // load round key
+         AESENCLAST(xmm1_xmm0)            // last round
+         "jmp       3f              \n\t"
+
+         "2:                        \n\t" // decryption loop
+         "movdqu    (%1), %%xmm1    \n\t"
+         AESDEC(xmm1_xmm0)                // do round
+         "add       $16, %1         \n\t"
+         "subl      $1, %0          \n\t"
+         "jnz       2b              \n\t"
+         "movdqu    (%1), %%xmm1    \n\t" // load round key
+         AESDECLAST(xmm1_xmm0)            // last round
+
+         "3:                        \n\t"
+         "movdqu    %%xmm0, (%4)    \n\t" // export output
+         :
+         : "r" (ctx->nr), "r" (ctx->rk), "r" (mode), "r" (input), "r" (output)
+         : "memory", "cc", "xmm0", "xmm1");
+
+
+    return 0;
+}
+
+/*
+ * GCM multiplication: c = a times b in GF(2^128)
+ * Based on [CLMUL-WP] algorithms 1 (with equation 27) and 5.
+ */
+void mbedtls_aesni_gcm_mult(unsigned char c[16],
+                            const unsigned char a[16],
+                            const unsigned char b[16])
+{
+    unsigned char aa[16], bb[16], cc[16];
+    size_t i;
+
+    /* The inputs are in big-endian order, so byte-reverse them */
+    for (i = 0; i < 16; i++) {
+        aa[i] = a[15 - i];
+        bb[i] = b[15 - i];
+    }
+
+    asm ("movdqu (%0), %%xmm0               \n\t" // a1:a0
+         "movdqu (%1), %%xmm1               \n\t" // b1:b0
+
+         /*
+          * Caryless multiplication xmm2:xmm1 = xmm0 * xmm1
+          * using [CLMUL-WP] algorithm 1 (p. 12).
+          */
+         "movdqa %%xmm1, %%xmm2             \n\t" // copy of b1:b0
+         "movdqa %%xmm1, %%xmm3             \n\t" // same
+         "movdqa %%xmm1, %%xmm4             \n\t" // same
+         PCLMULQDQ(xmm0_xmm1, "0x00")             // a0*b0 = c1:c0
+         PCLMULQDQ(xmm0_xmm2, "0x11")             // a1*b1 = d1:d0
+         PCLMULQDQ(xmm0_xmm3, "0x10")             // a0*b1 = e1:e0
+         PCLMULQDQ(xmm0_xmm4, "0x01")             // a1*b0 = f1:f0
+         "pxor %%xmm3, %%xmm4               \n\t" // e1+f1:e0+f0
+         "movdqa %%xmm4, %%xmm3             \n\t" // same
+         "psrldq $8, %%xmm4                 \n\t" // 0:e1+f1
+         "pslldq $8, %%xmm3                 \n\t" // e0+f0:0
+         "pxor %%xmm4, %%xmm2               \n\t" // d1:d0+e1+f1
+         "pxor %%xmm3, %%xmm1               \n\t" // c1+e0+f1:c0
+
+         /*
+          * Now shift the result one bit to the left,
+          * taking advantage of [CLMUL-WP] eq 27 (p. 18)
+          */
+         "movdqa %%xmm1, %%xmm3             \n\t" // r1:r0
+         "movdqa %%xmm2, %%xmm4             \n\t" // r3:r2
+         "psllq $1, %%xmm1                  \n\t" // r1<<1:r0<<1
+         "psllq $1, %%xmm2                  \n\t" // r3<<1:r2<<1
+         "psrlq $63, %%xmm3                 \n\t" // r1>>63:r0>>63
+         "psrlq $63, %%xmm4                 \n\t" // r3>>63:r2>>63
+         "movdqa %%xmm3, %%xmm5             \n\t" // r1>>63:r0>>63
+         "pslldq $8, %%xmm3                 \n\t" // r0>>63:0
+         "pslldq $8, %%xmm4                 \n\t" // r2>>63:0
+         "psrldq $8, %%xmm5                 \n\t" // 0:r1>>63
+         "por %%xmm3, %%xmm1                \n\t" // r1<<1|r0>>63:r0<<1
+         "por %%xmm4, %%xmm2                \n\t" // r3<<1|r2>>62:r2<<1
+         "por %%xmm5, %%xmm2                \n\t" // r3<<1|r2>>62:r2<<1|r1>>63
+
+         /*
+          * Now reduce modulo the GCM polynomial x^128 + x^7 + x^2 + x + 1
+          * using [CLMUL-WP] algorithm 5 (p. 18).
+          * Currently xmm2:xmm1 holds x3:x2:x1:x0 (already shifted).
+          */
+         /* Step 2 (1) */
+         "movdqa %%xmm1, %%xmm3             \n\t" // x1:x0
+         "movdqa %%xmm1, %%xmm4             \n\t" // same
+         "movdqa %%xmm1, %%xmm5             \n\t" // same
+         "psllq $63, %%xmm3                 \n\t" // x1<<63:x0<<63 = stuff:a
+         "psllq $62, %%xmm4                 \n\t" // x1<<62:x0<<62 = stuff:b
+         "psllq $57, %%xmm5                 \n\t" // x1<<57:x0<<57 = stuff:c
+
+         /* Step 2 (2) */
+         "pxor %%xmm4, %%xmm3               \n\t" // stuff:a+b
+         "pxor %%xmm5, %%xmm3               \n\t" // stuff:a+b+c
+         "pslldq $8, %%xmm3                 \n\t" // a+b+c:0
+         "pxor %%xmm3, %%xmm1               \n\t" // x1+a+b+c:x0 = d:x0
+
+         /* Steps 3 and 4 */
+         "movdqa %%xmm1,%%xmm0              \n\t" // d:x0
+         "movdqa %%xmm1,%%xmm4              \n\t" // same
+         "movdqa %%xmm1,%%xmm5              \n\t" // same
+         "psrlq $1, %%xmm0                  \n\t" // e1:x0>>1 = e1:e0'
+         "psrlq $2, %%xmm4                  \n\t" // f1:x0>>2 = f1:f0'
+         "psrlq $7, %%xmm5                  \n\t" // g1:x0>>7 = g1:g0'
+         "pxor %%xmm4, %%xmm0               \n\t" // e1+f1:e0'+f0'
+         "pxor %%xmm5, %%xmm0               \n\t" // e1+f1+g1:e0'+f0'+g0'
+         // e0'+f0'+g0' is almost e0+f0+g0, ex\tcept for some missing
+         // bits carried from d. Now get those\t bits back in.
+         "movdqa %%xmm1,%%xmm3              \n\t" // d:x0
+         "movdqa %%xmm1,%%xmm4              \n\t" // same
+         "movdqa %%xmm1,%%xmm5              \n\t" // same
+         "psllq $63, %%xmm3                 \n\t" // d<<63:stuff
+         "psllq $62, %%xmm4                 \n\t" // d<<62:stuff
+         "psllq $57, %%xmm5                 \n\t" // d<<57:stuff
+         "pxor %%xmm4, %%xmm3               \n\t" // d<<63+d<<62:stuff
+         "pxor %%xmm5, %%xmm3               \n\t" // missing bits of d:stuff
+         "psrldq $8, %%xmm3                 \n\t" // 0:missing bits of d
+         "pxor %%xmm3, %%xmm0               \n\t" // e1+f1+g1:e0+f0+g0
+         "pxor %%xmm1, %%xmm0               \n\t" // h1:h0
+         "pxor %%xmm2, %%xmm0               \n\t" // x3+h1:x2+h0
+
+         "movdqu %%xmm0, (%2)               \n\t" // done
+         :
+         : "r" (aa), "r" (bb), "r" (cc)
+         : "memory", "cc", "xmm0", "xmm1", "xmm2", "xmm3", "xmm4", "xmm5");
+
+    /* Now byte-reverse the outputs */
+    for (i = 0; i < 16; i++) {
+        c[i] = cc[15 - i];
+    }
+
+    return;
+}
+
+/*
+ * Compute decryption round keys from encryption round keys
+ */
+void mbedtls_aesni_inverse_key(unsigned char *invkey,
+                               const unsigned char *fwdkey, int nr)
+{
+    unsigned char *ik = invkey;
+    const unsigned char *fk = fwdkey + 16 * nr;
+
+    memcpy(ik, fk, 16);
+
+    for (fk -= 16, ik += 16; fk > fwdkey; fk -= 16, ik += 16) {
+        asm ("movdqu (%0), %%xmm0       \n\t"
+             AESIMC(xmm0_xmm0)
+             "movdqu %%xmm0, (%1)       \n\t"
+             :
+             : "r" (fk), "r" (ik)
+             : "memory", "xmm0");
+    }
+
+    memcpy(ik, fk, 16);
+}
+
+/*
+ * Key expansion, 128-bit case
+ */
+static void aesni_setkey_enc_128(unsigned char *rk,
+                                 const unsigned char *key)
+{
+    asm ("movdqu (%1), %%xmm0               \n\t" // copy the original key
+         "movdqu %%xmm0, (%0)               \n\t" // as round key 0
+         "jmp 2f                            \n\t" // skip auxiliary routine
+
+         /*
+          * Finish generating the next round key.
+          *
+          * On entry xmm0 is r3:r2:r1:r0 and xmm1 is X:stuff:stuff:stuff
+          * with X = rot( sub( r3 ) ) ^ RCON.
+          *
+          * On exit, xmm0 is r7:r6:r5:r4
+          * with r4 = X + r0, r5 = r4 + r1, r6 = r5 + r2, r7 = r6 + r3
+          * and those are written to the round key buffer.
+          */
+         "1:                                \n\t"
+         "pshufd $0xff, %%xmm1, %%xmm1      \n\t" // X:X:X:X
+         "pxor %%xmm0, %%xmm1               \n\t" // X+r3:X+r2:X+r1:r4
+         "pslldq $4, %%xmm0                 \n\t" // r2:r1:r0:0
+         "pxor %%xmm0, %%xmm1               \n\t" // X+r3+r2:X+r2+r1:r5:r4
+         "pslldq $4, %%xmm0                 \n\t" // etc
+         "pxor %%xmm0, %%xmm1               \n\t"
+         "pslldq $4, %%xmm0                 \n\t"
+         "pxor %%xmm1, %%xmm0               \n\t" // update xmm0 for next time!
+         "add $16, %0                       \n\t" // point to next round key
+         "movdqu %%xmm0, (%0)               \n\t" // write it
+         "ret                               \n\t"
+
+         /* Main "loop" */
+         "2:                                \n\t"
+         AESKEYGENA(xmm0_xmm1, "0x01")      "call 1b \n\t"
+         AESKEYGENA(xmm0_xmm1, "0x02")      "call 1b \n\t"
+         AESKEYGENA(xmm0_xmm1, "0x04")      "call 1b \n\t"
+         AESKEYGENA(xmm0_xmm1, "0x08")      "call 1b \n\t"
+         AESKEYGENA(xmm0_xmm1, "0x10")      "call 1b \n\t"
+         AESKEYGENA(xmm0_xmm1, "0x20")      "call 1b \n\t"
+         AESKEYGENA(xmm0_xmm1, "0x40")      "call 1b \n\t"
+         AESKEYGENA(xmm0_xmm1, "0x80")      "call 1b \n\t"
+         AESKEYGENA(xmm0_xmm1, "0x1B")      "call 1b \n\t"
+         AESKEYGENA(xmm0_xmm1, "0x36")      "call 1b \n\t"
+         :
+         : "r" (rk), "r" (key)
+         : "memory", "cc", "0");
+}
+
+/*
+ * Key expansion, 192-bit case
+ */
+static void aesni_setkey_enc_192(unsigned char *rk,
+                                 const unsigned char *key)
+{
+    asm ("movdqu (%1), %%xmm0   \n\t" // copy original round key
+         "movdqu %%xmm0, (%0)   \n\t"
+         "add $16, %0           \n\t"
+         "movq 16(%1), %%xmm1   \n\t"
+         "movq %%xmm1, (%0)     \n\t"
+         "add $8, %0            \n\t"
+         "jmp 2f                \n\t" // skip auxiliary routine
+
+         /*
+          * Finish generating the next 6 quarter-keys.
+          *
+          * On entry xmm0 is r3:r2:r1:r0, xmm1 is stuff:stuff:r5:r4
+          * and xmm2 is stuff:stuff:X:stuff with X = rot( sub( r3 ) ) ^ RCON.
+          *
+          * On exit, xmm0 is r9:r8:r7:r6 and xmm1 is stuff:stuff:r11:r10
+          * and those are written to the round key buffer.
+          */
+         "1:                            \n\t"
+         "pshufd $0x55, %%xmm2, %%xmm2  \n\t" // X:X:X:X
+         "pxor %%xmm0, %%xmm2           \n\t" // X+r3:X+r2:X+r1:r4
+         "pslldq $4, %%xmm0             \n\t" // etc
+         "pxor %%xmm0, %%xmm2           \n\t"
+         "pslldq $4, %%xmm0             \n\t"
+         "pxor %%xmm0, %%xmm2           \n\t"
+         "pslldq $4, %%xmm0             \n\t"
+         "pxor %%xmm2, %%xmm0           \n\t" // update xmm0 = r9:r8:r7:r6
+         "movdqu %%xmm0, (%0)           \n\t"
+         "add $16, %0                   \n\t"
+         "pshufd $0xff, %%xmm0, %%xmm2  \n\t" // r9:r9:r9:r9
+         "pxor %%xmm1, %%xmm2           \n\t" // stuff:stuff:r9+r5:r10
+         "pslldq $4, %%xmm1             \n\t" // r2:r1:r0:0
+         "pxor %%xmm2, %%xmm1           \n\t" // xmm1 = stuff:stuff:r11:r10
+         "movq %%xmm1, (%0)             \n\t"
+         "add $8, %0                    \n\t"
+         "ret                           \n\t"
+
+         "2:                            \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x01")  "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x02")  "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x04")  "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x08")  "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x10")  "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x20")  "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x40")  "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x80")  "call 1b \n\t"
+
+         :
+         : "r" (rk), "r" (key)
+         : "memory", "cc", "0");
+}
+
+/*
+ * Key expansion, 256-bit case
+ */
+static void aesni_setkey_enc_256(unsigned char *rk,
+                                 const unsigned char *key)
+{
+    asm ("movdqu (%1), %%xmm0           \n\t"
+         "movdqu %%xmm0, (%0)           \n\t"
+         "add $16, %0                   \n\t"
+         "movdqu 16(%1), %%xmm1         \n\t"
+         "movdqu %%xmm1, (%0)           \n\t"
+         "jmp 2f                        \n\t" // skip auxiliary routine
+
+         /*
+          * Finish generating the next two round keys.
+          *
+          * On entry xmm0 is r3:r2:r1:r0, xmm1 is r7:r6:r5:r4 and
+          * xmm2 is X:stuff:stuff:stuff with X = rot( sub( r7 )) ^ RCON
+          *
+          * On exit, xmm0 is r11:r10:r9:r8 and xmm1 is r15:r14:r13:r12
+          * and those have been written to the output buffer.
+          */
+         "1:                                \n\t"
+         "pshufd $0xff, %%xmm2, %%xmm2      \n\t"
+         "pxor %%xmm0, %%xmm2               \n\t"
+         "pslldq $4, %%xmm0                 \n\t"
+         "pxor %%xmm0, %%xmm2               \n\t"
+         "pslldq $4, %%xmm0                 \n\t"
+         "pxor %%xmm0, %%xmm2               \n\t"
+         "pslldq $4, %%xmm0                 \n\t"
+         "pxor %%xmm2, %%xmm0               \n\t"
+         "add $16, %0                       \n\t"
+         "movdqu %%xmm0, (%0)               \n\t"
+
+         /* Set xmm2 to stuff:Y:stuff:stuff with Y = subword( r11 )
+          * and proceed to generate next round key from there */
+         AESKEYGENA(xmm0_xmm2, "0x00")
+         "pshufd $0xaa, %%xmm2, %%xmm2      \n\t"
+         "pxor %%xmm1, %%xmm2               \n\t"
+         "pslldq $4, %%xmm1                 \n\t"
+         "pxor %%xmm1, %%xmm2               \n\t"
+         "pslldq $4, %%xmm1                 \n\t"
+         "pxor %%xmm1, %%xmm2               \n\t"
+         "pslldq $4, %%xmm1                 \n\t"
+         "pxor %%xmm2, %%xmm1               \n\t"
+         "add $16, %0                       \n\t"
+         "movdqu %%xmm1, (%0)               \n\t"
+         "ret                               \n\t"
+
+         /*
+          * Main "loop" - Generating one more key than necessary,
+          * see definition of mbedtls_aes_context.buf
+          */
+         "2:                                \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x01")      "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x02")      "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x04")      "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x08")      "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x10")      "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x20")      "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x40")      "call 1b \n\t"
+         :
+         : "r" (rk), "r" (key)
+         : "memory", "cc", "0");
+}
+
+#endif  /* MBEDTLS_AESNI_HAVE_CODE */
+
+/*
+ * Key expansion, wrapper
+ */
+int mbedtls_aesni_setkey_enc(unsigned char *rk,
+                             const unsigned char *key,
+                             size_t bits)
+{
+    switch (bits) {
+        case 128: aesni_setkey_enc_128(rk, key); break;
+        case 192: aesni_setkey_enc_192(rk, key); break;
+        case 256: aesni_setkey_enc_256(rk, key); break;
+        default: return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH;
+    }
+
+    return 0;
+}
+
+#endif /* MBEDTLS_AESNI_HAVE_CODE */
+
+#endif /* MBEDTLS_AESNI_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/arc4.c b/3rdparty/mbedtls-2.28.7/library/arc4.c
new file mode 100644
index 0000000..7ff747d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/arc4.c
@@ -0,0 +1,180 @@
+/*
+ *  An implementation of the ARCFOUR algorithm
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  The ARCFOUR algorithm was publicly disclosed on 94/09.
+ *
+ *  http://groups.google.com/group/sci.crypt/msg/10a300c9d21afca0
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_ARC4_C)
+
+#include "mbedtls/arc4.h"
+#include "mbedtls/platform_util.h"
+
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_ARC4_ALT)
+
+void mbedtls_arc4_init(mbedtls_arc4_context *ctx)
+{
+    memset(ctx, 0, sizeof(mbedtls_arc4_context));
+}
+
+void mbedtls_arc4_free(mbedtls_arc4_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_arc4_context));
+}
+
+/*
+ * ARC4 key schedule
+ */
+void mbedtls_arc4_setup(mbedtls_arc4_context *ctx, const unsigned char *key,
+                        unsigned int keylen)
+{
+    int i, j, a;
+    unsigned int k;
+    unsigned char *m;
+
+    ctx->x = 0;
+    ctx->y = 0;
+    m = ctx->m;
+
+    for (i = 0; i < 256; i++) {
+        m[i] = (unsigned char) i;
+    }
+
+    j = k = 0;
+
+    for (i = 0; i < 256; i++, k++) {
+        if (k >= keylen) {
+            k = 0;
+        }
+
+        a = m[i];
+        j = (j + a + key[k]) & 0xFF;
+        m[i] = m[j];
+        m[j] = (unsigned char) a;
+    }
+}
+
+/*
+ * ARC4 cipher function
+ */
+int mbedtls_arc4_crypt(mbedtls_arc4_context *ctx, size_t length, const unsigned char *input,
+                       unsigned char *output)
+{
+    int x, y, a, b;
+    size_t i;
+    unsigned char *m;
+
+    x = ctx->x;
+    y = ctx->y;
+    m = ctx->m;
+
+    for (i = 0; i < length; i++) {
+        x = (x + 1) & 0xFF; a = m[x];
+        y = (y + a) & 0xFF; b = m[y];
+
+        m[x] = (unsigned char) b;
+        m[y] = (unsigned char) a;
+
+        output[i] = (unsigned char)
+                    (input[i] ^ m[(unsigned char) (a + b)]);
+    }
+
+    ctx->x = x;
+    ctx->y = y;
+
+    return 0;
+}
+
+#endif /* !MBEDTLS_ARC4_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+/*
+ * ARC4 tests vectors as posted by Eric Rescorla in sep. 1994:
+ *
+ * http://groups.google.com/group/comp.security.misc/msg/10a300c9d21afca0
+ */
+static const unsigned char arc4_test_key[3][8] =
+{
+    { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
+    { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
+    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
+};
+
+static const unsigned char arc4_test_pt[3][8] =
+{
+    { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
+    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
+};
+
+static const unsigned char arc4_test_ct[3][8] =
+{
+    { 0x75, 0xB7, 0x87, 0x80, 0x99, 0xE0, 0xC5, 0x96 },
+    { 0x74, 0x94, 0xC2, 0xE7, 0x10, 0x4B, 0x08, 0x79 },
+    { 0xDE, 0x18, 0x89, 0x41, 0xA3, 0x37, 0x5D, 0x3A }
+};
+
+/*
+ * Checkup routine
+ */
+int mbedtls_arc4_self_test(int verbose)
+{
+    int i, ret = 0;
+    unsigned char ibuf[8];
+    unsigned char obuf[8];
+    mbedtls_arc4_context ctx;
+
+    mbedtls_arc4_init(&ctx);
+
+    for (i = 0; i < 3; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  ARC4 test #%d: ", i + 1);
+        }
+
+        memcpy(ibuf, arc4_test_pt[i], 8);
+
+        mbedtls_arc4_setup(&ctx, arc4_test_key[i], 8);
+        mbedtls_arc4_crypt(&ctx, 8, ibuf, obuf);
+
+        if (memcmp(obuf, arc4_test_ct[i], 8) != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
+
+            ret = 1;
+            goto exit;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+exit:
+    mbedtls_arc4_free(&ctx);
+
+    return ret;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_ARC4_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/aria.c b/3rdparty/mbedtls-2.28.7/library/aria.c
new file mode 100644
index 0000000..c944105
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/aria.c
@@ -0,0 +1,1035 @@
+/*
+ *  ARIA implementation
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ * This implementation is based on the following standards:
+ * [1] http://210.104.33.10/ARIA/doc/ARIA-specification-e.pdf
+ * [2] https://tools.ietf.org/html/rfc5794
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_ARIA_C)
+
+#include "mbedtls/aria.h"
+
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_ARIA_ALT)
+
+#include "mbedtls/platform_util.h"
+
+/* Parameter validation macros */
+#define ARIA_VALIDATE_RET(cond)                                       \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ARIA_BAD_INPUT_DATA)
+#define ARIA_VALIDATE(cond)                                           \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+/*
+ * modify byte order: ( A B C D ) -> ( B A D C ), i.e. swap pairs of bytes
+ *
+ * This is submatrix P1 in [1] Appendix B.1
+ *
+ * Common compilers fail to translate this to minimal number of instructions,
+ * so let's provide asm versions for common platforms with C fallback.
+ */
+#if defined(MBEDTLS_HAVE_ASM)
+#if defined(__arm__) /* rev16 available from v6 up */
+/* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */
+#if defined(__GNUC__) && \
+    (!defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000) && \
+    __ARM_ARCH >= 6
+static inline uint32_t aria_p1(uint32_t x)
+{
+    uint32_t r;
+    __asm("rev16 %0, %1" : "=l" (r) : "l" (x));
+    return r;
+}
+#define ARIA_P1 aria_p1
+#elif defined(__ARMCC_VERSION) && __ARMCC_VERSION < 6000000 && \
+    (__TARGET_ARCH_ARM >= 6 || __TARGET_ARCH_THUMB >= 3)
+static inline uint32_t aria_p1(uint32_t x)
+{
+    uint32_t r;
+    __asm("rev16 r, x");
+    return r;
+}
+#define ARIA_P1 aria_p1
+#endif
+#endif /* arm */
+#if defined(__GNUC__) && \
+    defined(__i386__) || defined(__amd64__) || defined(__x86_64__)
+/* I couldn't find an Intel equivalent of rev16, so two instructions */
+#define ARIA_P1(x) ARIA_P2(ARIA_P3(x))
+#endif /* x86 gnuc */
+#endif /* MBEDTLS_HAVE_ASM && GNUC */
+#if !defined(ARIA_P1)
+#define ARIA_P1(x) ((((x) >> 8) & 0x00FF00FF) ^ (((x) & 0x00FF00FF) << 8))
+#endif
+
+/*
+ * modify byte order: ( A B C D ) -> ( C D A B ), i.e. rotate by 16 bits
+ *
+ * This is submatrix P2 in [1] Appendix B.1
+ *
+ * Common compilers will translate this to a single instruction.
+ */
+#define ARIA_P2(x) (((x) >> 16) ^ ((x) << 16))
+
+/*
+ * modify byte order: ( A B C D ) -> ( D C B A ), i.e. change endianness
+ *
+ * This is submatrix P3 in [1] Appendix B.1
+ *
+ * Some compilers fail to translate this to a single instruction,
+ * so let's provide asm versions for common platforms with C fallback.
+ */
+#if defined(MBEDTLS_HAVE_ASM)
+#if defined(__arm__) /* rev available from v6 up */
+/* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */
+#if defined(__GNUC__) && \
+    (!defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000) && \
+    __ARM_ARCH >= 6
+static inline uint32_t aria_p3(uint32_t x)
+{
+    uint32_t r;
+    __asm("rev %0, %1" : "=l" (r) : "l" (x));
+    return r;
+}
+#define ARIA_P3 aria_p3
+#elif defined(__ARMCC_VERSION) && __ARMCC_VERSION < 6000000 && \
+    (__TARGET_ARCH_ARM >= 6 || __TARGET_ARCH_THUMB >= 3)
+static inline uint32_t aria_p3(uint32_t x)
+{
+    uint32_t r;
+    __asm("rev r, x");
+    return r;
+}
+#define ARIA_P3 aria_p3
+#endif
+#endif /* arm */
+#if defined(__GNUC__) && \
+    defined(__i386__) || defined(__amd64__) || defined(__x86_64__)
+static inline uint32_t aria_p3(uint32_t x)
+{
+    __asm("bswap %0" : "=r" (x) : "0" (x));
+    return x;
+}
+#define ARIA_P3 aria_p3
+#endif /* x86 gnuc */
+#endif /* MBEDTLS_HAVE_ASM && GNUC */
+#if !defined(ARIA_P3)
+#define ARIA_P3(x) ARIA_P2(ARIA_P1(x))
+#endif
+
+/*
+ * ARIA Affine Transform
+ * (a, b, c, d) = state in/out
+ *
+ * If we denote the first byte of input by 0, ..., the last byte by f,
+ * then inputs are: a = 0123, b = 4567, c = 89ab, d = cdef.
+ *
+ * Reading [1] 2.4 or [2] 2.4.3 in columns and performing simple
+ * rearrangements on adjacent pairs, output is:
+ *
+ * a = 3210 + 4545 + 6767 + 88aa + 99bb + dccd + effe
+ *   = 3210 + 4567 + 6745 + 89ab + 98ba + dcfe + efcd
+ * b = 0101 + 2323 + 5476 + 8998 + baab + eecc + ffdd
+ *   = 0123 + 2301 + 5476 + 89ab + ba98 + efcd + fedc
+ * c = 0022 + 1133 + 4554 + 7667 + ab89 + dcdc + fefe
+ *   = 0123 + 1032 + 4567 + 7654 + ab89 + dcfe + fedc
+ * d = 1001 + 2332 + 6644 + 7755 + 9898 + baba + cdef
+ *   = 1032 + 2301 + 6745 + 7654 + 98ba + ba98 + cdef
+ *
+ * Note: another presentation of the A transform can be found as the first
+ * half of App. B.1 in [1] in terms of 4-byte operators P1, P2, P3 and P4.
+ * The implementation below uses only P1 and P2 as they are sufficient.
+ */
+static inline void aria_a(uint32_t *a, uint32_t *b,
+                          uint32_t *c, uint32_t *d)
+{
+    uint32_t ta, tb, tc;
+    ta  =  *b;                      // 4567
+    *b  =  *a;                      // 0123
+    *a  =  ARIA_P2(ta);             // 6745
+    tb  =  ARIA_P2(*d);             // efcd
+    *d  =  ARIA_P1(*c);             // 98ba
+    *c  =  ARIA_P1(tb);             // fedc
+    ta  ^= *d;                      // 4567+98ba
+    tc  =  ARIA_P2(*b);             // 2301
+    ta  =  ARIA_P1(ta) ^ tc ^ *c;   // 2301+5476+89ab+fedc
+    tb  ^= ARIA_P2(*d);             // ba98+efcd
+    tc  ^= ARIA_P1(*a);             // 2301+7654
+    *b  ^= ta ^ tb;                 // 0123+2301+5476+89ab+ba98+efcd+fedc OUT
+    tb  =  ARIA_P2(tb) ^ ta;        // 2301+5476+89ab+98ba+cdef+fedc
+    *a  ^= ARIA_P1(tb);             // 3210+4567+6745+89ab+98ba+dcfe+efcd OUT
+    ta  =  ARIA_P2(ta);             // 0123+7654+ab89+dcfe
+    *d  ^= ARIA_P1(ta) ^ tc;        // 1032+2301+6745+7654+98ba+ba98+cdef OUT
+    tc  =  ARIA_P2(tc);             // 0123+5476
+    *c  ^= ARIA_P1(tc) ^ ta;        // 0123+1032+4567+7654+ab89+dcfe+fedc OUT
+}
+
+/*
+ * ARIA Substitution Layer SL1 / SL2
+ * (a, b, c, d) = state in/out
+ * (sa, sb, sc, sd) = 256 8-bit S-Boxes (see below)
+ *
+ * By passing sb1, sb2, is1, is2 as S-Boxes you get SL1
+ * By passing is1, is2, sb1, sb2 as S-Boxes you get SL2
+ */
+static inline void aria_sl(uint32_t *a, uint32_t *b,
+                           uint32_t *c, uint32_t *d,
+                           const uint8_t sa[256], const uint8_t sb[256],
+                           const uint8_t sc[256], const uint8_t sd[256])
+{
+    *a = ((uint32_t) sa[MBEDTLS_BYTE_0(*a)]) ^
+         (((uint32_t) sb[MBEDTLS_BYTE_1(*a)]) <<  8) ^
+         (((uint32_t) sc[MBEDTLS_BYTE_2(*a)]) << 16) ^
+         (((uint32_t) sd[MBEDTLS_BYTE_3(*a)]) << 24);
+    *b = ((uint32_t) sa[MBEDTLS_BYTE_0(*b)]) ^
+         (((uint32_t) sb[MBEDTLS_BYTE_1(*b)]) <<  8) ^
+         (((uint32_t) sc[MBEDTLS_BYTE_2(*b)]) << 16) ^
+         (((uint32_t) sd[MBEDTLS_BYTE_3(*b)]) << 24);
+    *c = ((uint32_t) sa[MBEDTLS_BYTE_0(*c)]) ^
+         (((uint32_t) sb[MBEDTLS_BYTE_1(*c)]) <<  8) ^
+         (((uint32_t) sc[MBEDTLS_BYTE_2(*c)]) << 16) ^
+         (((uint32_t) sd[MBEDTLS_BYTE_3(*c)]) << 24);
+    *d = ((uint32_t) sa[MBEDTLS_BYTE_0(*d)]) ^
+         (((uint32_t) sb[MBEDTLS_BYTE_1(*d)]) <<  8) ^
+         (((uint32_t) sc[MBEDTLS_BYTE_2(*d)]) << 16) ^
+         (((uint32_t) sd[MBEDTLS_BYTE_3(*d)]) << 24);
+}
+
+/*
+ * S-Boxes
+ */
+static const uint8_t aria_sb1[256] =
+{
+    0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B,
+    0xFE, 0xD7, 0xAB, 0x76, 0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0,
+    0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0, 0xB7, 0xFD, 0x93, 0x26,
+    0x36, 0x3F, 0xF7, 0xCC, 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15,
+    0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, 0x07, 0x12, 0x80, 0xE2,
+    0xEB, 0x27, 0xB2, 0x75, 0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0,
+    0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84, 0x53, 0xD1, 0x00, 0xED,
+    0x20, 0xFC, 0xB1, 0x5B, 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF,
+    0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, 0x45, 0xF9, 0x02, 0x7F,
+    0x50, 0x3C, 0x9F, 0xA8, 0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5,
+    0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2, 0xCD, 0x0C, 0x13, 0xEC,
+    0x5F, 0x97, 0x44, 0x17, 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73,
+    0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, 0x46, 0xEE, 0xB8, 0x14,
+    0xDE, 0x5E, 0x0B, 0xDB, 0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C,
+    0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79, 0xE7, 0xC8, 0x37, 0x6D,
+    0x8D, 0xD5, 0x4E, 0xA9, 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08,
+    0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, 0xE8, 0xDD, 0x74, 0x1F,
+    0x4B, 0xBD, 0x8B, 0x8A, 0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E,
+    0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E, 0xE1, 0xF8, 0x98, 0x11,
+    0x69, 0xD9, 0x8E, 0x94, 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF,
+    0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F,
+    0xB0, 0x54, 0xBB, 0x16
+};
+
+static const uint8_t aria_sb2[256] =
+{
+    0xE2, 0x4E, 0x54, 0xFC, 0x94, 0xC2, 0x4A, 0xCC, 0x62, 0x0D, 0x6A, 0x46,
+    0x3C, 0x4D, 0x8B, 0xD1, 0x5E, 0xFA, 0x64, 0xCB, 0xB4, 0x97, 0xBE, 0x2B,
+    0xBC, 0x77, 0x2E, 0x03, 0xD3, 0x19, 0x59, 0xC1, 0x1D, 0x06, 0x41, 0x6B,
+    0x55, 0xF0, 0x99, 0x69, 0xEA, 0x9C, 0x18, 0xAE, 0x63, 0xDF, 0xE7, 0xBB,
+    0x00, 0x73, 0x66, 0xFB, 0x96, 0x4C, 0x85, 0xE4, 0x3A, 0x09, 0x45, 0xAA,
+    0x0F, 0xEE, 0x10, 0xEB, 0x2D, 0x7F, 0xF4, 0x29, 0xAC, 0xCF, 0xAD, 0x91,
+    0x8D, 0x78, 0xC8, 0x95, 0xF9, 0x2F, 0xCE, 0xCD, 0x08, 0x7A, 0x88, 0x38,
+    0x5C, 0x83, 0x2A, 0x28, 0x47, 0xDB, 0xB8, 0xC7, 0x93, 0xA4, 0x12, 0x53,
+    0xFF, 0x87, 0x0E, 0x31, 0x36, 0x21, 0x58, 0x48, 0x01, 0x8E, 0x37, 0x74,
+    0x32, 0xCA, 0xE9, 0xB1, 0xB7, 0xAB, 0x0C, 0xD7, 0xC4, 0x56, 0x42, 0x26,
+    0x07, 0x98, 0x60, 0xD9, 0xB6, 0xB9, 0x11, 0x40, 0xEC, 0x20, 0x8C, 0xBD,
+    0xA0, 0xC9, 0x84, 0x04, 0x49, 0x23, 0xF1, 0x4F, 0x50, 0x1F, 0x13, 0xDC,
+    0xD8, 0xC0, 0x9E, 0x57, 0xE3, 0xC3, 0x7B, 0x65, 0x3B, 0x02, 0x8F, 0x3E,
+    0xE8, 0x25, 0x92, 0xE5, 0x15, 0xDD, 0xFD, 0x17, 0xA9, 0xBF, 0xD4, 0x9A,
+    0x7E, 0xC5, 0x39, 0x67, 0xFE, 0x76, 0x9D, 0x43, 0xA7, 0xE1, 0xD0, 0xF5,
+    0x68, 0xF2, 0x1B, 0x34, 0x70, 0x05, 0xA3, 0x8A, 0xD5, 0x79, 0x86, 0xA8,
+    0x30, 0xC6, 0x51, 0x4B, 0x1E, 0xA6, 0x27, 0xF6, 0x35, 0xD2, 0x6E, 0x24,
+    0x16, 0x82, 0x5F, 0xDA, 0xE6, 0x75, 0xA2, 0xEF, 0x2C, 0xB2, 0x1C, 0x9F,
+    0x5D, 0x6F, 0x80, 0x0A, 0x72, 0x44, 0x9B, 0x6C, 0x90, 0x0B, 0x5B, 0x33,
+    0x7D, 0x5A, 0x52, 0xF3, 0x61, 0xA1, 0xF7, 0xB0, 0xD6, 0x3F, 0x7C, 0x6D,
+    0xED, 0x14, 0xE0, 0xA5, 0x3D, 0x22, 0xB3, 0xF8, 0x89, 0xDE, 0x71, 0x1A,
+    0xAF, 0xBA, 0xB5, 0x81
+};
+
+static const uint8_t aria_is1[256] =
+{
+    0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, 0xBF, 0x40, 0xA3, 0x9E,
+    0x81, 0xF3, 0xD7, 0xFB, 0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87,
+    0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB, 0x54, 0x7B, 0x94, 0x32,
+    0xA6, 0xC2, 0x23, 0x3D, 0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E,
+    0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2, 0x76, 0x5B, 0xA2, 0x49,
+    0x6D, 0x8B, 0xD1, 0x25, 0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16,
+    0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92, 0x6C, 0x70, 0x48, 0x50,
+    0xFD, 0xED, 0xB9, 0xDA, 0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84,
+    0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A, 0xF7, 0xE4, 0x58, 0x05,
+    0xB8, 0xB3, 0x45, 0x06, 0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02,
+    0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B, 0x3A, 0x91, 0x11, 0x41,
+    0x4F, 0x67, 0xDC, 0xEA, 0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73,
+    0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85, 0xE2, 0xF9, 0x37, 0xE8,
+    0x1C, 0x75, 0xDF, 0x6E, 0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89,
+    0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B, 0xFC, 0x56, 0x3E, 0x4B,
+    0xC6, 0xD2, 0x79, 0x20, 0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4,
+    0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31, 0xB1, 0x12, 0x10, 0x59,
+    0x27, 0x80, 0xEC, 0x5F, 0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D,
+    0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF, 0xA0, 0xE0, 0x3B, 0x4D,
+    0xAE, 0x2A, 0xF5, 0xB0, 0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61,
+    0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63,
+    0x55, 0x21, 0x0C, 0x7D
+};
+
+static const uint8_t aria_is2[256] =
+{
+    0x30, 0x68, 0x99, 0x1B, 0x87, 0xB9, 0x21, 0x78, 0x50, 0x39, 0xDB, 0xE1,
+    0x72, 0x09, 0x62, 0x3C, 0x3E, 0x7E, 0x5E, 0x8E, 0xF1, 0xA0, 0xCC, 0xA3,
+    0x2A, 0x1D, 0xFB, 0xB6, 0xD6, 0x20, 0xC4, 0x8D, 0x81, 0x65, 0xF5, 0x89,
+    0xCB, 0x9D, 0x77, 0xC6, 0x57, 0x43, 0x56, 0x17, 0xD4, 0x40, 0x1A, 0x4D,
+    0xC0, 0x63, 0x6C, 0xE3, 0xB7, 0xC8, 0x64, 0x6A, 0x53, 0xAA, 0x38, 0x98,
+    0x0C, 0xF4, 0x9B, 0xED, 0x7F, 0x22, 0x76, 0xAF, 0xDD, 0x3A, 0x0B, 0x58,
+    0x67, 0x88, 0x06, 0xC3, 0x35, 0x0D, 0x01, 0x8B, 0x8C, 0xC2, 0xE6, 0x5F,
+    0x02, 0x24, 0x75, 0x93, 0x66, 0x1E, 0xE5, 0xE2, 0x54, 0xD8, 0x10, 0xCE,
+    0x7A, 0xE8, 0x08, 0x2C, 0x12, 0x97, 0x32, 0xAB, 0xB4, 0x27, 0x0A, 0x23,
+    0xDF, 0xEF, 0xCA, 0xD9, 0xB8, 0xFA, 0xDC, 0x31, 0x6B, 0xD1, 0xAD, 0x19,
+    0x49, 0xBD, 0x51, 0x96, 0xEE, 0xE4, 0xA8, 0x41, 0xDA, 0xFF, 0xCD, 0x55,
+    0x86, 0x36, 0xBE, 0x61, 0x52, 0xF8, 0xBB, 0x0E, 0x82, 0x48, 0x69, 0x9A,
+    0xE0, 0x47, 0x9E, 0x5C, 0x04, 0x4B, 0x34, 0x15, 0x79, 0x26, 0xA7, 0xDE,
+    0x29, 0xAE, 0x92, 0xD7, 0x84, 0xE9, 0xD2, 0xBA, 0x5D, 0xF3, 0xC5, 0xB0,
+    0xBF, 0xA4, 0x3B, 0x71, 0x44, 0x46, 0x2B, 0xFC, 0xEB, 0x6F, 0xD5, 0xF6,
+    0x14, 0xFE, 0x7C, 0x70, 0x5A, 0x7D, 0xFD, 0x2F, 0x18, 0x83, 0x16, 0xA5,
+    0x91, 0x1F, 0x05, 0x95, 0x74, 0xA9, 0xC1, 0x5B, 0x4A, 0x85, 0x6D, 0x13,
+    0x07, 0x4F, 0x4E, 0x45, 0xB2, 0x0F, 0xC9, 0x1C, 0xA6, 0xBC, 0xEC, 0x73,
+    0x90, 0x7B, 0xCF, 0x59, 0x8F, 0xA1, 0xF9, 0x2D, 0xF2, 0xB1, 0x00, 0x94,
+    0x37, 0x9F, 0xD0, 0x2E, 0x9C, 0x6E, 0x28, 0x3F, 0x80, 0xF0, 0x3D, 0xD3,
+    0x25, 0x8A, 0xB5, 0xE7, 0x42, 0xB3, 0xC7, 0xEA, 0xF7, 0x4C, 0x11, 0x33,
+    0x03, 0xA2, 0xAC, 0x60
+};
+
+/*
+ * Helper for key schedule: r = FO( p, k ) ^ x
+ */
+static void aria_fo_xor(uint32_t r[4], const uint32_t p[4],
+                        const uint32_t k[4], const uint32_t x[4])
+{
+    uint32_t a, b, c, d;
+
+    a = p[0] ^ k[0];
+    b = p[1] ^ k[1];
+    c = p[2] ^ k[2];
+    d = p[3] ^ k[3];
+
+    aria_sl(&a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2);
+    aria_a(&a, &b, &c, &d);
+
+    r[0] = a ^ x[0];
+    r[1] = b ^ x[1];
+    r[2] = c ^ x[2];
+    r[3] = d ^ x[3];
+}
+
+/*
+ * Helper for key schedule: r = FE( p, k ) ^ x
+ */
+static void aria_fe_xor(uint32_t r[4], const uint32_t p[4],
+                        const uint32_t k[4], const uint32_t x[4])
+{
+    uint32_t a, b, c, d;
+
+    a = p[0] ^ k[0];
+    b = p[1] ^ k[1];
+    c = p[2] ^ k[2];
+    d = p[3] ^ k[3];
+
+    aria_sl(&a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2);
+    aria_a(&a, &b, &c, &d);
+
+    r[0] = a ^ x[0];
+    r[1] = b ^ x[1];
+    r[2] = c ^ x[2];
+    r[3] = d ^ x[3];
+}
+
+/*
+ * Big endian 128-bit rotation: r = a ^ (b <<< n), used only in key setup.
+ *
+ * We chose to store bytes into 32-bit words in little-endian format (see
+ * MBEDTLS_GET_UINT32_LE / MBEDTLS_PUT_UINT32_LE ) so we need to reverse
+ * bytes here.
+ */
+static void aria_rot128(uint32_t r[4], const uint32_t a[4],
+                        const uint32_t b[4], uint8_t n)
+{
+    uint8_t i, j;
+    uint32_t t, u;
+
+    const uint8_t n1 = n % 32;              // bit offset
+    const uint8_t n2 = n1 ? 32 - n1 : 0;    // reverse bit offset
+
+    j = (n / 32) % 4;                       // initial word offset
+    t = ARIA_P3(b[j]);                      // big endian
+    for (i = 0; i < 4; i++) {
+        j = (j + 1) % 4;                    // get next word, big endian
+        u = ARIA_P3(b[j]);
+        t <<= n1;                           // rotate
+        t |= u >> n2;
+        t = ARIA_P3(t);                     // back to little endian
+        r[i] = a[i] ^ t;                    // store
+        t = u;                              // move to next word
+    }
+}
+
+/*
+ * Set encryption key
+ */
+int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx,
+                            const unsigned char *key, unsigned int keybits)
+{
+    /* round constant masks */
+    const uint32_t rc[3][4] =
+    {
+        {   0xB7C17C51, 0x940A2227, 0xE8AB13FE, 0xE06E9AFA  },
+        {   0xCC4AB16D, 0x20C8219E, 0xD5B128FF, 0xB0E25DEF  },
+        {   0x1D3792DB, 0x70E92621, 0x75972403, 0x0EC9E804  }
+    };
+
+    int i;
+    uint32_t w[4][4], *w2;
+    ARIA_VALIDATE_RET(ctx != NULL);
+    ARIA_VALIDATE_RET(key != NULL);
+
+    if (keybits != 128 && keybits != 192 && keybits != 256) {
+        return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA;
+    }
+
+    /* Copy key to W0 (and potential remainder to W1) */
+    w[0][0] = MBEDTLS_GET_UINT32_LE(key,  0);
+    w[0][1] = MBEDTLS_GET_UINT32_LE(key,  4);
+    w[0][2] = MBEDTLS_GET_UINT32_LE(key,  8);
+    w[0][3] = MBEDTLS_GET_UINT32_LE(key, 12);
+
+    memset(w[1], 0, 16);
+    if (keybits >= 192) {
+        w[1][0] = MBEDTLS_GET_UINT32_LE(key, 16);    // 192 bit key
+        w[1][1] = MBEDTLS_GET_UINT32_LE(key, 20);
+    }
+    if (keybits == 256) {
+        w[1][2] = MBEDTLS_GET_UINT32_LE(key, 24);    // 256 bit key
+        w[1][3] = MBEDTLS_GET_UINT32_LE(key, 28);
+    }
+
+    i = (keybits - 128) >> 6;               // index: 0, 1, 2
+    ctx->nr = 12 + 2 * i;                   // no. rounds: 12, 14, 16
+
+    aria_fo_xor(w[1], w[0], rc[i], w[1]);   // W1 = FO(W0, CK1) ^ KR
+    i = i < 2 ? i + 1 : 0;
+    aria_fe_xor(w[2], w[1], rc[i], w[0]);   // W2 = FE(W1, CK2) ^ W0
+    i = i < 2 ? i + 1 : 0;
+    aria_fo_xor(w[3], w[2], rc[i], w[1]);   // W3 = FO(W2, CK3) ^ W1
+
+    for (i = 0; i < 4; i++) {               // create round keys
+        w2 = w[(i + 1) & 3];
+        aria_rot128(ctx->rk[i], w[i], w2, 128 - 19);
+        aria_rot128(ctx->rk[i +  4], w[i], w2, 128 - 31);
+        aria_rot128(ctx->rk[i +  8], w[i], w2,       61);
+        aria_rot128(ctx->rk[i + 12], w[i], w2,       31);
+    }
+    aria_rot128(ctx->rk[16], w[0], w[1], 19);
+
+    /* w holds enough info to reconstruct the round keys */
+    mbedtls_platform_zeroize(w, sizeof(w));
+
+    return 0;
+}
+
+/*
+ * Set decryption key
+ */
+int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx,
+                            const unsigned char *key, unsigned int keybits)
+{
+    int i, j, k, ret;
+    ARIA_VALIDATE_RET(ctx != NULL);
+    ARIA_VALIDATE_RET(key != NULL);
+
+    ret = mbedtls_aria_setkey_enc(ctx, key, keybits);
+    if (ret != 0) {
+        return ret;
+    }
+
+    /* flip the order of round keys */
+    for (i = 0, j = ctx->nr; i < j; i++, j--) {
+        for (k = 0; k < 4; k++) {
+            uint32_t t = ctx->rk[i][k];
+            ctx->rk[i][k] = ctx->rk[j][k];
+            ctx->rk[j][k] = t;
+        }
+    }
+
+    /* apply affine transform to middle keys */
+    for (i = 1; i < ctx->nr; i++) {
+        aria_a(&ctx->rk[i][0], &ctx->rk[i][1],
+               &ctx->rk[i][2], &ctx->rk[i][3]);
+    }
+
+    return 0;
+}
+
+/*
+ * Encrypt a block
+ */
+int mbedtls_aria_crypt_ecb(mbedtls_aria_context *ctx,
+                           const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE],
+                           unsigned char output[MBEDTLS_ARIA_BLOCKSIZE])
+{
+    int i;
+
+    uint32_t a, b, c, d;
+    ARIA_VALIDATE_RET(ctx != NULL);
+    ARIA_VALIDATE_RET(input != NULL);
+    ARIA_VALIDATE_RET(output != NULL);
+
+    a = MBEDTLS_GET_UINT32_LE(input,  0);
+    b = MBEDTLS_GET_UINT32_LE(input,  4);
+    c = MBEDTLS_GET_UINT32_LE(input,  8);
+    d = MBEDTLS_GET_UINT32_LE(input, 12);
+
+    i = 0;
+    while (1) {
+        a ^= ctx->rk[i][0];
+        b ^= ctx->rk[i][1];
+        c ^= ctx->rk[i][2];
+        d ^= ctx->rk[i][3];
+        i++;
+
+        aria_sl(&a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2);
+        aria_a(&a, &b, &c, &d);
+
+        a ^= ctx->rk[i][0];
+        b ^= ctx->rk[i][1];
+        c ^= ctx->rk[i][2];
+        d ^= ctx->rk[i][3];
+        i++;
+
+        aria_sl(&a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2);
+        if (i >= ctx->nr) {
+            break;
+        }
+        aria_a(&a, &b, &c, &d);
+    }
+
+    /* final key mixing */
+    a ^= ctx->rk[i][0];
+    b ^= ctx->rk[i][1];
+    c ^= ctx->rk[i][2];
+    d ^= ctx->rk[i][3];
+
+    MBEDTLS_PUT_UINT32_LE(a, output,  0);
+    MBEDTLS_PUT_UINT32_LE(b, output,  4);
+    MBEDTLS_PUT_UINT32_LE(c, output,  8);
+    MBEDTLS_PUT_UINT32_LE(d, output, 12);
+
+    return 0;
+}
+
+/* Initialize context */
+void mbedtls_aria_init(mbedtls_aria_context *ctx)
+{
+    ARIA_VALIDATE(ctx != NULL);
+    memset(ctx, 0, sizeof(mbedtls_aria_context));
+}
+
+/* Clear context */
+void mbedtls_aria_free(mbedtls_aria_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_aria_context));
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/*
+ * ARIA-CBC buffer encryption/decryption
+ */
+int mbedtls_aria_crypt_cbc(mbedtls_aria_context *ctx,
+                           int mode,
+                           size_t length,
+                           unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
+                           const unsigned char *input,
+                           unsigned char *output)
+{
+    int i;
+    unsigned char temp[MBEDTLS_ARIA_BLOCKSIZE];
+
+    ARIA_VALIDATE_RET(ctx != NULL);
+    ARIA_VALIDATE_RET(mode == MBEDTLS_ARIA_ENCRYPT ||
+                      mode == MBEDTLS_ARIA_DECRYPT);
+    ARIA_VALIDATE_RET(length == 0 || input  != NULL);
+    ARIA_VALIDATE_RET(length == 0 || output != NULL);
+    ARIA_VALIDATE_RET(iv != NULL);
+
+    if (length % MBEDTLS_ARIA_BLOCKSIZE) {
+        return MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH;
+    }
+
+    if (mode == MBEDTLS_ARIA_DECRYPT) {
+        while (length > 0) {
+            memcpy(temp, input, MBEDTLS_ARIA_BLOCKSIZE);
+            mbedtls_aria_crypt_ecb(ctx, input, output);
+
+            for (i = 0; i < MBEDTLS_ARIA_BLOCKSIZE; i++) {
+                output[i] = (unsigned char) (output[i] ^ iv[i]);
+            }
+
+            memcpy(iv, temp, MBEDTLS_ARIA_BLOCKSIZE);
+
+            input  += MBEDTLS_ARIA_BLOCKSIZE;
+            output += MBEDTLS_ARIA_BLOCKSIZE;
+            length -= MBEDTLS_ARIA_BLOCKSIZE;
+        }
+    } else {
+        while (length > 0) {
+            for (i = 0; i < MBEDTLS_ARIA_BLOCKSIZE; i++) {
+                output[i] = (unsigned char) (input[i] ^ iv[i]);
+            }
+
+            mbedtls_aria_crypt_ecb(ctx, output, output);
+            memcpy(iv, output, MBEDTLS_ARIA_BLOCKSIZE);
+
+            input  += MBEDTLS_ARIA_BLOCKSIZE;
+            output += MBEDTLS_ARIA_BLOCKSIZE;
+            length -= MBEDTLS_ARIA_BLOCKSIZE;
+        }
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+/*
+ * ARIA-CFB128 buffer encryption/decryption
+ */
+int mbedtls_aria_crypt_cfb128(mbedtls_aria_context *ctx,
+                              int mode,
+                              size_t length,
+                              size_t *iv_off,
+                              unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
+                              const unsigned char *input,
+                              unsigned char *output)
+{
+    unsigned char c;
+    size_t n;
+
+    ARIA_VALIDATE_RET(ctx != NULL);
+    ARIA_VALIDATE_RET(mode == MBEDTLS_ARIA_ENCRYPT ||
+                      mode == MBEDTLS_ARIA_DECRYPT);
+    ARIA_VALIDATE_RET(length == 0 || input  != NULL);
+    ARIA_VALIDATE_RET(length == 0 || output != NULL);
+    ARIA_VALIDATE_RET(iv != NULL);
+    ARIA_VALIDATE_RET(iv_off != NULL);
+
+    n = *iv_off;
+
+    /* An overly large value of n can lead to an unlimited
+     * buffer overflow. Therefore, guard against this
+     * outside of parameter validation. */
+    if (n >= MBEDTLS_ARIA_BLOCKSIZE) {
+        return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA;
+    }
+
+    if (mode == MBEDTLS_ARIA_DECRYPT) {
+        while (length--) {
+            if (n == 0) {
+                mbedtls_aria_crypt_ecb(ctx, iv, iv);
+            }
+
+            c = *input++;
+            *output++ = c ^ iv[n];
+            iv[n] = c;
+
+            n = (n + 1) & 0x0F;
+        }
+    } else {
+        while (length--) {
+            if (n == 0) {
+                mbedtls_aria_crypt_ecb(ctx, iv, iv);
+            }
+
+            iv[n] = *output++ = (unsigned char) (iv[n] ^ *input++);
+
+            n = (n + 1) & 0x0F;
+        }
+    }
+
+    *iv_off = n;
+
+    return 0;
+}
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+/*
+ * ARIA-CTR buffer encryption/decryption
+ */
+int mbedtls_aria_crypt_ctr(mbedtls_aria_context *ctx,
+                           size_t length,
+                           size_t *nc_off,
+                           unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE],
+                           unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE],
+                           const unsigned char *input,
+                           unsigned char *output)
+{
+    int c, i;
+    size_t n;
+
+    ARIA_VALIDATE_RET(ctx != NULL);
+    ARIA_VALIDATE_RET(length == 0 || input  != NULL);
+    ARIA_VALIDATE_RET(length == 0 || output != NULL);
+    ARIA_VALIDATE_RET(nonce_counter != NULL);
+    ARIA_VALIDATE_RET(stream_block  != NULL);
+    ARIA_VALIDATE_RET(nc_off != NULL);
+
+    n = *nc_off;
+    /* An overly large value of n can lead to an unlimited
+     * buffer overflow. Therefore, guard against this
+     * outside of parameter validation. */
+    if (n >= MBEDTLS_ARIA_BLOCKSIZE) {
+        return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA;
+    }
+
+    while (length--) {
+        if (n == 0) {
+            mbedtls_aria_crypt_ecb(ctx, nonce_counter,
+                                   stream_block);
+
+            for (i = MBEDTLS_ARIA_BLOCKSIZE; i > 0; i--) {
+                if (++nonce_counter[i - 1] != 0) {
+                    break;
+                }
+            }
+        }
+        c = *input++;
+        *output++ = (unsigned char) (c ^ stream_block[n]);
+
+        n = (n + 1) & 0x0F;
+    }
+
+    *nc_off = n;
+
+    return 0;
+}
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+#endif /* !MBEDTLS_ARIA_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/*
+ * Basic ARIA ECB test vectors from RFC 5794
+ */
+static const uint8_t aria_test1_ecb_key[32] =           // test key
+{
+    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,     // 128 bit
+    0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+    0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,     // 192 bit
+    0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F      // 256 bit
+};
+
+static const uint8_t aria_test1_ecb_pt[MBEDTLS_ARIA_BLOCKSIZE] =            // plaintext
+{
+    0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,     // same for all
+    0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF      // key sizes
+};
+
+static const uint8_t aria_test1_ecb_ct[3][MBEDTLS_ARIA_BLOCKSIZE] =         // ciphertext
+{
+    { 0xD7, 0x18, 0xFB, 0xD6, 0xAB, 0x64, 0x4C, 0x73,   // 128 bit
+      0x9D, 0xA9, 0x5F, 0x3B, 0xE6, 0x45, 0x17, 0x78 },
+    { 0x26, 0x44, 0x9C, 0x18, 0x05, 0xDB, 0xE7, 0xAA,   // 192 bit
+      0x25, 0xA4, 0x68, 0xCE, 0x26, 0x3A, 0x9E, 0x79 },
+    { 0xF9, 0x2B, 0xD7, 0xC7, 0x9F, 0xB7, 0x2E, 0x2F,   // 256 bit
+      0x2B, 0x8F, 0x80, 0xC1, 0x97, 0x2D, 0x24, 0xFC }
+};
+
+/*
+ * Mode tests from "Test Vectors for ARIA"  Version 1.0
+ * http://210.104.33.10/ARIA/doc/ARIA-testvector-e.pdf
+ */
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) || defined(MBEDTLS_CIPHER_MODE_CFB) || \
+    defined(MBEDTLS_CIPHER_MODE_CTR))
+static const uint8_t aria_test2_key[32] =
+{
+    0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,     // 128 bit
+    0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
+    0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,     // 192 bit
+    0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff      // 256 bit
+};
+
+static const uint8_t aria_test2_pt[48] =
+{
+    0x11, 0x11, 0x11, 0x11, 0xaa, 0xaa, 0xaa, 0xaa,     // same for all
+    0x11, 0x11, 0x11, 0x11, 0xbb, 0xbb, 0xbb, 0xbb,
+    0x11, 0x11, 0x11, 0x11, 0xcc, 0xcc, 0xcc, 0xcc,
+    0x11, 0x11, 0x11, 0x11, 0xdd, 0xdd, 0xdd, 0xdd,
+    0x22, 0x22, 0x22, 0x22, 0xaa, 0xaa, 0xaa, 0xaa,
+    0x22, 0x22, 0x22, 0x22, 0xbb, 0xbb, 0xbb, 0xbb,
+};
+#endif
+
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) || defined(MBEDTLS_CIPHER_MODE_CFB))
+static const uint8_t aria_test2_iv[MBEDTLS_ARIA_BLOCKSIZE] =
+{
+    0x0f, 0x1e, 0x2d, 0x3c, 0x4b, 0x5a, 0x69, 0x78,     // same for CBC, CFB
+    0x87, 0x96, 0xa5, 0xb4, 0xc3, 0xd2, 0xe1, 0xf0      // CTR has zero IV
+};
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static const uint8_t aria_test2_cbc_ct[3][48] =         // CBC ciphertext
+{
+    { 0x49, 0xd6, 0x18, 0x60, 0xb1, 0x49, 0x09, 0x10,   // 128-bit key
+      0x9c, 0xef, 0x0d, 0x22, 0xa9, 0x26, 0x81, 0x34,
+      0xfa, 0xdf, 0x9f, 0xb2, 0x31, 0x51, 0xe9, 0x64,
+      0x5f, 0xba, 0x75, 0x01, 0x8b, 0xdb, 0x15, 0x38,
+      0xb5, 0x33, 0x34, 0x63, 0x4b, 0xbf, 0x7d, 0x4c,
+      0xd4, 0xb5, 0x37, 0x70, 0x33, 0x06, 0x0c, 0x15 },
+    { 0xaf, 0xe6, 0xcf, 0x23, 0x97, 0x4b, 0x53, 0x3c,   // 192-bit key
+      0x67, 0x2a, 0x82, 0x62, 0x64, 0xea, 0x78, 0x5f,
+      0x4e, 0x4f, 0x7f, 0x78, 0x0d, 0xc7, 0xf3, 0xf1,
+      0xe0, 0x96, 0x2b, 0x80, 0x90, 0x23, 0x86, 0xd5,
+      0x14, 0xe9, 0xc3, 0xe7, 0x72, 0x59, 0xde, 0x92,
+      0xdd, 0x11, 0x02, 0xff, 0xab, 0x08, 0x6c, 0x1e },
+    { 0x52, 0x3a, 0x8a, 0x80, 0x6a, 0xe6, 0x21, 0xf1,   // 256-bit key
+      0x55, 0xfd, 0xd2, 0x8d, 0xbc, 0x34, 0xe1, 0xab,
+      0x7b, 0x9b, 0x42, 0x43, 0x2a, 0xd8, 0xb2, 0xef,
+      0xb9, 0x6e, 0x23, 0xb1, 0x3f, 0x0a, 0x6e, 0x52,
+      0xf3, 0x61, 0x85, 0xd5, 0x0a, 0xd0, 0x02, 0xc5,
+      0xf6, 0x01, 0xbe, 0xe5, 0x49, 0x3f, 0x11, 0x8b }
+};
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+static const uint8_t aria_test2_cfb_ct[3][48] =         // CFB ciphertext
+{
+    { 0x37, 0x20, 0xe5, 0x3b, 0xa7, 0xd6, 0x15, 0x38,   // 128-bit key
+      0x34, 0x06, 0xb0, 0x9f, 0x0a, 0x05, 0xa2, 0x00,
+      0xc0, 0x7c, 0x21, 0xe6, 0x37, 0x0f, 0x41, 0x3a,
+      0x5d, 0x13, 0x25, 0x00, 0xa6, 0x82, 0x85, 0x01,
+      0x7c, 0x61, 0xb4, 0x34, 0xc7, 0xb7, 0xca, 0x96,
+      0x85, 0xa5, 0x10, 0x71, 0x86, 0x1e, 0x4d, 0x4b },
+    { 0x41, 0x71, 0xf7, 0x19, 0x2b, 0xf4, 0x49, 0x54,   // 192-bit key
+      0x94, 0xd2, 0x73, 0x61, 0x29, 0x64, 0x0f, 0x5c,
+      0x4d, 0x87, 0xa9, 0xa2, 0x13, 0x66, 0x4c, 0x94,
+      0x48, 0x47, 0x7c, 0x6e, 0xcc, 0x20, 0x13, 0x59,
+      0x8d, 0x97, 0x66, 0x95, 0x2d, 0xd8, 0xc3, 0x86,
+      0x8f, 0x17, 0xe3, 0x6e, 0xf6, 0x6f, 0xd8, 0x4b },
+    { 0x26, 0x83, 0x47, 0x05, 0xb0, 0xf2, 0xc0, 0xe2,   // 256-bit key
+      0x58, 0x8d, 0x4a, 0x7f, 0x09, 0x00, 0x96, 0x35,
+      0xf2, 0x8b, 0xb9, 0x3d, 0x8c, 0x31, 0xf8, 0x70,
+      0xec, 0x1e, 0x0b, 0xdb, 0x08, 0x2b, 0x66, 0xfa,
+      0x40, 0x2d, 0xd9, 0xc2, 0x02, 0xbe, 0x30, 0x0c,
+      0x45, 0x17, 0xd1, 0x96, 0xb1, 0x4d, 0x4c, 0xe1 }
+};
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+static const uint8_t aria_test2_ctr_ct[3][48] =         // CTR ciphertext
+{
+    { 0xac, 0x5d, 0x7d, 0xe8, 0x05, 0xa0, 0xbf, 0x1c,   // 128-bit key
+      0x57, 0xc8, 0x54, 0x50, 0x1a, 0xf6, 0x0f, 0xa1,
+      0x14, 0x97, 0xe2, 0xa3, 0x45, 0x19, 0xde, 0xa1,
+      0x56, 0x9e, 0x91, 0xe5, 0xb5, 0xcc, 0xae, 0x2f,
+      0xf3, 0xbf, 0xa1, 0xbf, 0x97, 0x5f, 0x45, 0x71,
+      0xf4, 0x8b, 0xe1, 0x91, 0x61, 0x35, 0x46, 0xc3 },
+    { 0x08, 0x62, 0x5c, 0xa8, 0xfe, 0x56, 0x9c, 0x19,   // 192-bit key
+      0xba, 0x7a, 0xf3, 0x76, 0x0a, 0x6e, 0xd1, 0xce,
+      0xf4, 0xd1, 0x99, 0x26, 0x3e, 0x99, 0x9d, 0xde,
+      0x14, 0x08, 0x2d, 0xbb, 0xa7, 0x56, 0x0b, 0x79,
+      0xa4, 0xc6, 0xb4, 0x56, 0xb8, 0x70, 0x7d, 0xce,
+      0x75, 0x1f, 0x98, 0x54, 0xf1, 0x88, 0x93, 0xdf },
+    { 0x30, 0x02, 0x6c, 0x32, 0x96, 0x66, 0x14, 0x17,   // 256-bit key
+      0x21, 0x17, 0x8b, 0x99, 0xc0, 0xa1, 0xf1, 0xb2,
+      0xf0, 0x69, 0x40, 0x25, 0x3f, 0x7b, 0x30, 0x89,
+      0xe2, 0xa3, 0x0e, 0xa8, 0x6a, 0xa3, 0xc8, 0x8f,
+      0x59, 0x40, 0xf0, 0x5a, 0xd7, 0xee, 0x41, 0xd7,
+      0x13, 0x47, 0xbb, 0x72, 0x61, 0xe3, 0x48, 0xf1 }
+};
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#define ARIA_SELF_TEST_ASSERT(cond)                   \
+    do {                                            \
+        if (cond) {                                \
+            if (verbose)                           \
+            mbedtls_printf("failed\n");       \
+            goto exit;                              \
+        } else {                                    \
+            if (verbose)                           \
+            mbedtls_printf("passed\n");       \
+        }                                           \
+    } while (0)
+
+/*
+ * Checkup routine
+ */
+int mbedtls_aria_self_test(int verbose)
+{
+    int i;
+    uint8_t blk[MBEDTLS_ARIA_BLOCKSIZE];
+    mbedtls_aria_context ctx;
+    int ret = 1;
+
+#if (defined(MBEDTLS_CIPHER_MODE_CFB) || defined(MBEDTLS_CIPHER_MODE_CTR))
+    size_t j;
+#endif
+
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) || \
+    defined(MBEDTLS_CIPHER_MODE_CFB) || \
+    defined(MBEDTLS_CIPHER_MODE_CTR))
+    uint8_t buf[48], iv[MBEDTLS_ARIA_BLOCKSIZE];
+#endif
+
+    mbedtls_aria_init(&ctx);
+
+    /*
+     * Test set 1
+     */
+    for (i = 0; i < 3; i++) {
+        /* test ECB encryption */
+        if (verbose) {
+            mbedtls_printf("  ARIA-ECB-%d (enc): ", 128 + 64 * i);
+        }
+        mbedtls_aria_setkey_enc(&ctx, aria_test1_ecb_key, 128 + 64 * i);
+        mbedtls_aria_crypt_ecb(&ctx, aria_test1_ecb_pt, blk);
+        ARIA_SELF_TEST_ASSERT(
+            memcmp(blk, aria_test1_ecb_ct[i], MBEDTLS_ARIA_BLOCKSIZE)
+            != 0);
+
+        /* test ECB decryption */
+        if (verbose) {
+            mbedtls_printf("  ARIA-ECB-%d (dec): ", 128 + 64 * i);
+        }
+        mbedtls_aria_setkey_dec(&ctx, aria_test1_ecb_key, 128 + 64 * i);
+        mbedtls_aria_crypt_ecb(&ctx, aria_test1_ecb_ct[i], blk);
+        ARIA_SELF_TEST_ASSERT(
+            memcmp(blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE)
+            != 0);
+    }
+    if (verbose) {
+        mbedtls_printf("\n");
+    }
+
+    /*
+     * Test set 2
+     */
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    for (i = 0; i < 3; i++) {
+        /* Test CBC encryption */
+        if (verbose) {
+            mbedtls_printf("  ARIA-CBC-%d (enc): ", 128 + 64 * i);
+        }
+        mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i);
+        memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE);
+        memset(buf, 0x55, sizeof(buf));
+        mbedtls_aria_crypt_cbc(&ctx, MBEDTLS_ARIA_ENCRYPT, 48, iv,
+                               aria_test2_pt, buf);
+        ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_cbc_ct[i], 48)
+                              != 0);
+
+        /* Test CBC decryption */
+        if (verbose) {
+            mbedtls_printf("  ARIA-CBC-%d (dec): ", 128 + 64 * i);
+        }
+        mbedtls_aria_setkey_dec(&ctx, aria_test2_key, 128 + 64 * i);
+        memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE);
+        memset(buf, 0xAA, sizeof(buf));
+        mbedtls_aria_crypt_cbc(&ctx, MBEDTLS_ARIA_DECRYPT, 48, iv,
+                               aria_test2_cbc_ct[i], buf);
+        ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_pt, 48) != 0);
+    }
+    if (verbose) {
+        mbedtls_printf("\n");
+    }
+
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    for (i = 0; i < 3; i++) {
+        /* Test CFB encryption */
+        if (verbose) {
+            mbedtls_printf("  ARIA-CFB-%d (enc): ", 128 + 64 * i);
+        }
+        mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i);
+        memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE);
+        memset(buf, 0x55, sizeof(buf));
+        j = 0;
+        mbedtls_aria_crypt_cfb128(&ctx, MBEDTLS_ARIA_ENCRYPT, 48, &j, iv,
+                                  aria_test2_pt, buf);
+        ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_cfb_ct[i], 48) != 0);
+
+        /* Test CFB decryption */
+        if (verbose) {
+            mbedtls_printf("  ARIA-CFB-%d (dec): ", 128 + 64 * i);
+        }
+        mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i);
+        memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE);
+        memset(buf, 0xAA, sizeof(buf));
+        j = 0;
+        mbedtls_aria_crypt_cfb128(&ctx, MBEDTLS_ARIA_DECRYPT, 48, &j,
+                                  iv, aria_test2_cfb_ct[i], buf);
+        ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_pt, 48) != 0);
+    }
+    if (verbose) {
+        mbedtls_printf("\n");
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    for (i = 0; i < 3; i++) {
+        /* Test CTR encryption */
+        if (verbose) {
+            mbedtls_printf("  ARIA-CTR-%d (enc): ", 128 + 64 * i);
+        }
+        mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i);
+        memset(iv, 0, MBEDTLS_ARIA_BLOCKSIZE);                      // IV = 0
+        memset(buf, 0x55, sizeof(buf));
+        j = 0;
+        mbedtls_aria_crypt_ctr(&ctx, 48, &j, iv, blk,
+                               aria_test2_pt, buf);
+        ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_ctr_ct[i], 48) != 0);
+
+        /* Test CTR decryption */
+        if (verbose) {
+            mbedtls_printf("  ARIA-CTR-%d (dec): ", 128 + 64 * i);
+        }
+        mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i);
+        memset(iv, 0, MBEDTLS_ARIA_BLOCKSIZE);                      // IV = 0
+        memset(buf, 0xAA, sizeof(buf));
+        j = 0;
+        mbedtls_aria_crypt_ctr(&ctx, 48, &j, iv, blk,
+                               aria_test2_ctr_ct[i], buf);
+        ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_pt, 48) != 0);
+    }
+    if (verbose) {
+        mbedtls_printf("\n");
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+    ret = 0;
+
+exit:
+    mbedtls_aria_free(&ctx);
+    return ret;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_ARIA_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/asn1parse.c b/3rdparty/mbedtls-2.28.7/library/asn1parse.c
new file mode 100644
index 0000000..c7f7f0b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/asn1parse.c
@@ -0,0 +1,484 @@
+/*
+ *  Generic ASN.1 parsing
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+
+#include "mbedtls/asn1.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_BIGNUM_C)
+#include "mbedtls/bignum.h"
+#endif
+
+#include "mbedtls/platform.h"
+
+/*
+ * ASN.1 DER decoding routines
+ */
+int mbedtls_asn1_get_len(unsigned char **p,
+                         const unsigned char *end,
+                         size_t *len)
+{
+    if ((end - *p) < 1) {
+        return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
+    }
+
+    if ((**p & 0x80) == 0) {
+        *len = *(*p)++;
+    } else {
+        switch (**p & 0x7F) {
+            case 1:
+                if ((end - *p) < 2) {
+                    return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
+                }
+
+                *len = (*p)[1];
+                (*p) += 2;
+                break;
+
+            case 2:
+                if ((end - *p) < 3) {
+                    return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
+                }
+
+                *len = ((size_t) (*p)[1] << 8) | (*p)[2];
+                (*p) += 3;
+                break;
+
+            case 3:
+                if ((end - *p) < 4) {
+                    return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
+                }
+
+                *len = ((size_t) (*p)[1] << 16) |
+                       ((size_t) (*p)[2] << 8) | (*p)[3];
+                (*p) += 4;
+                break;
+
+            case 4:
+                if ((end - *p) < 5) {
+                    return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
+                }
+
+                *len = ((size_t) (*p)[1] << 24) | ((size_t) (*p)[2] << 16) |
+                       ((size_t) (*p)[3] << 8) |           (*p)[4];
+                (*p) += 5;
+                break;
+
+            default:
+                return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
+        }
+    }
+
+    if (*len > (size_t) (end - *p)) {
+        return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
+    }
+
+    return 0;
+}
+
+int mbedtls_asn1_get_tag(unsigned char **p,
+                         const unsigned char *end,
+                         size_t *len, int tag)
+{
+    if ((end - *p) < 1) {
+        return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
+    }
+
+    if (**p != tag) {
+        return MBEDTLS_ERR_ASN1_UNEXPECTED_TAG;
+    }
+
+    (*p)++;
+
+    return mbedtls_asn1_get_len(p, end, len);
+}
+
+int mbedtls_asn1_get_bool(unsigned char **p,
+                          const unsigned char *end,
+                          int *val)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_BOOLEAN)) != 0) {
+        return ret;
+    }
+
+    if (len != 1) {
+        return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
+    }
+
+    *val = (**p != 0) ? 1 : 0;
+    (*p)++;
+
+    return 0;
+}
+
+static int asn1_get_tagged_int(unsigned char **p,
+                               const unsigned char *end,
+                               int tag, int *val)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len, tag)) != 0) {
+        return ret;
+    }
+
+    /*
+     * len==0 is malformed (0 must be represented as 020100 for INTEGER,
+     * or 0A0100 for ENUMERATED tags
+     */
+    if (len == 0) {
+        return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
+    }
+    /* This is a cryptography library. Reject negative integers. */
+    if ((**p & 0x80) != 0) {
+        return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
+    }
+
+    /* Skip leading zeros. */
+    while (len > 0 && **p == 0) {
+        ++(*p);
+        --len;
+    }
+
+    /* Reject integers that don't fit in an int. This code assumes that
+     * the int type has no padding bit. */
+    if (len > sizeof(int)) {
+        return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
+    }
+    if (len == sizeof(int) && (**p & 0x80) != 0) {
+        return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
+    }
+
+    *val = 0;
+    while (len-- > 0) {
+        *val = (*val << 8) | **p;
+        (*p)++;
+    }
+
+    return 0;
+}
+
+int mbedtls_asn1_get_int(unsigned char **p,
+                         const unsigned char *end,
+                         int *val)
+{
+    return asn1_get_tagged_int(p, end, MBEDTLS_ASN1_INTEGER, val);
+}
+
+int mbedtls_asn1_get_enum(unsigned char **p,
+                          const unsigned char *end,
+                          int *val)
+{
+    return asn1_get_tagged_int(p, end, MBEDTLS_ASN1_ENUMERATED, val);
+}
+
+#if defined(MBEDTLS_BIGNUM_C)
+int mbedtls_asn1_get_mpi(unsigned char **p,
+                         const unsigned char *end,
+                         mbedtls_mpi *X)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) {
+        return ret;
+    }
+
+    ret = mbedtls_mpi_read_binary(X, *p, len);
+
+    *p += len;
+
+    return ret;
+}
+#endif /* MBEDTLS_BIGNUM_C */
+
+int mbedtls_asn1_get_bitstring(unsigned char **p, const unsigned char *end,
+                               mbedtls_asn1_bitstring *bs)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    /* Certificate type is a single byte bitstring */
+    if ((ret = mbedtls_asn1_get_tag(p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING)) != 0) {
+        return ret;
+    }
+
+    /* Check length, subtract one for actual bit string length */
+    if (bs->len < 1) {
+        return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
+    }
+    bs->len -= 1;
+
+    /* Get number of unused bits, ensure unused bits <= 7 */
+    bs->unused_bits = **p;
+    if (bs->unused_bits > 7) {
+        return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
+    }
+    (*p)++;
+
+    /* Get actual bitstring */
+    bs->p = *p;
+    *p += bs->len;
+
+    if (*p != end) {
+        return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
+    }
+
+    return 0;
+}
+
+/*
+ * Traverse an ASN.1 "SEQUENCE OF <tag>"
+ * and call a callback for each entry found.
+ */
+int mbedtls_asn1_traverse_sequence_of(
+    unsigned char **p,
+    const unsigned char *end,
+    unsigned char tag_must_mask, unsigned char tag_must_val,
+    unsigned char tag_may_mask, unsigned char tag_may_val,
+    int (*cb)(void *ctx, int tag,
+              unsigned char *start, size_t len),
+    void *ctx)
+{
+    int ret;
+    size_t len;
+
+    /* Get main sequence tag */
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        return ret;
+    }
+
+    if (*p + len != end) {
+        return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
+    }
+
+    while (*p < end) {
+        unsigned char const tag = *(*p)++;
+
+        if ((tag & tag_must_mask) != tag_must_val) {
+            return MBEDTLS_ERR_ASN1_UNEXPECTED_TAG;
+        }
+
+        if ((ret = mbedtls_asn1_get_len(p, end, &len)) != 0) {
+            return ret;
+        }
+
+        if ((tag & tag_may_mask) == tag_may_val) {
+            if (cb != NULL) {
+                ret = cb(ctx, tag, *p, len);
+                if (ret != 0) {
+                    return ret;
+                }
+            }
+        }
+
+        *p += len;
+    }
+
+    return 0;
+}
+
+/*
+ * Get a bit string without unused bits
+ */
+int mbedtls_asn1_get_bitstring_null(unsigned char **p, const unsigned char *end,
+                                    size_t *len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if ((ret = mbedtls_asn1_get_tag(p, end, len, MBEDTLS_ASN1_BIT_STRING)) != 0) {
+        return ret;
+    }
+
+    if (*len == 0) {
+        return MBEDTLS_ERR_ASN1_INVALID_DATA;
+    }
+    --(*len);
+
+    if (**p != 0) {
+        return MBEDTLS_ERR_ASN1_INVALID_DATA;
+    }
+    ++(*p);
+
+    return 0;
+}
+
+void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq)
+{
+    while (seq != NULL) {
+        mbedtls_asn1_sequence *next = seq->next;
+        mbedtls_platform_zeroize(seq, sizeof(*seq));
+        mbedtls_free(seq);
+        seq = next;
+    }
+}
+
+typedef struct {
+    int tag;
+    mbedtls_asn1_sequence *cur;
+} asn1_get_sequence_of_cb_ctx_t;
+
+static int asn1_get_sequence_of_cb(void *ctx,
+                                   int tag,
+                                   unsigned char *start,
+                                   size_t len)
+{
+    asn1_get_sequence_of_cb_ctx_t *cb_ctx =
+        (asn1_get_sequence_of_cb_ctx_t *) ctx;
+    mbedtls_asn1_sequence *cur =
+        cb_ctx->cur;
+
+    if (cur->buf.p != NULL) {
+        cur->next =
+            mbedtls_calloc(1, sizeof(mbedtls_asn1_sequence));
+
+        if (cur->next == NULL) {
+            return MBEDTLS_ERR_ASN1_ALLOC_FAILED;
+        }
+
+        cur = cur->next;
+    }
+
+    cur->buf.p = start;
+    cur->buf.len = len;
+    cur->buf.tag = tag;
+
+    cb_ctx->cur = cur;
+    return 0;
+}
+
+/*
+ *  Parses and splits an ASN.1 "SEQUENCE OF <tag>"
+ */
+int mbedtls_asn1_get_sequence_of(unsigned char **p,
+                                 const unsigned char *end,
+                                 mbedtls_asn1_sequence *cur,
+                                 int tag)
+{
+    asn1_get_sequence_of_cb_ctx_t cb_ctx = { tag, cur };
+    memset(cur, 0, sizeof(mbedtls_asn1_sequence));
+    return mbedtls_asn1_traverse_sequence_of(
+        p, end, 0xFF, tag, 0, 0,
+        asn1_get_sequence_of_cb, &cb_ctx);
+}
+
+int mbedtls_asn1_get_alg(unsigned char **p,
+                         const unsigned char *end,
+                         mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        return ret;
+    }
+
+    if ((end - *p) < 1) {
+        return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
+    }
+
+    alg->tag = **p;
+    end = *p + len;
+
+    if ((ret = mbedtls_asn1_get_tag(p, end, &alg->len, MBEDTLS_ASN1_OID)) != 0) {
+        return ret;
+    }
+
+    alg->p = *p;
+    *p += alg->len;
+
+    if (*p == end) {
+        mbedtls_platform_zeroize(params, sizeof(mbedtls_asn1_buf));
+        return 0;
+    }
+
+    params->tag = **p;
+    (*p)++;
+
+    if ((ret = mbedtls_asn1_get_len(p, end, &params->len)) != 0) {
+        return ret;
+    }
+
+    params->p = *p;
+    *p += params->len;
+
+    if (*p != end) {
+        return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
+    }
+
+    return 0;
+}
+
+int mbedtls_asn1_get_alg_null(unsigned char **p,
+                              const unsigned char *end,
+                              mbedtls_asn1_buf *alg)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_asn1_buf params;
+
+    memset(&params, 0, sizeof(mbedtls_asn1_buf));
+
+    if ((ret = mbedtls_asn1_get_alg(p, end, alg, &params)) != 0) {
+        return ret;
+    }
+
+    if ((params.tag != MBEDTLS_ASN1_NULL && params.tag != 0) || params.len != 0) {
+        return MBEDTLS_ERR_ASN1_INVALID_DATA;
+    }
+
+    return 0;
+}
+
+void mbedtls_asn1_free_named_data(mbedtls_asn1_named_data *cur)
+{
+    if (cur == NULL) {
+        return;
+    }
+
+    mbedtls_free(cur->oid.p);
+    mbedtls_free(cur->val.p);
+
+    mbedtls_platform_zeroize(cur, sizeof(mbedtls_asn1_named_data));
+}
+
+void mbedtls_asn1_free_named_data_list(mbedtls_asn1_named_data **head)
+{
+    mbedtls_asn1_named_data *cur;
+
+    while ((cur = *head) != NULL) {
+        *head = cur->next;
+        mbedtls_asn1_free_named_data(cur);
+        mbedtls_free(cur);
+    }
+}
+
+mbedtls_asn1_named_data *mbedtls_asn1_find_named_data(mbedtls_asn1_named_data *list,
+                                                      const char *oid, size_t len)
+{
+    while (list != NULL) {
+        if (list->oid.len == len &&
+            memcmp(list->oid.p, oid, len) == 0) {
+            break;
+        }
+
+        list = list->next;
+    }
+
+    return list;
+}
+
+#endif /* MBEDTLS_ASN1_PARSE_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/asn1write.c b/3rdparty/mbedtls-2.28.7/library/asn1write.c
new file mode 100644
index 0000000..0147c49
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/asn1write.c
@@ -0,0 +1,478 @@
+/*
+ * ASN.1 buffer writing functionality
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_ASN1_WRITE_C)
+
+#include "mbedtls/asn1write.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+int mbedtls_asn1_write_len(unsigned char **p, unsigned char *start, size_t len)
+{
+    if (len < 0x80) {
+        if (*p - start < 1) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
+
+        *--(*p) = (unsigned char) len;
+        return 1;
+    }
+
+    if (len <= 0xFF) {
+        if (*p - start < 2) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
+
+        *--(*p) = (unsigned char) len;
+        *--(*p) = 0x81;
+        return 2;
+    }
+
+    if (len <= 0xFFFF) {
+        if (*p - start < 3) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
+
+        *--(*p) = MBEDTLS_BYTE_0(len);
+        *--(*p) = MBEDTLS_BYTE_1(len);
+        *--(*p) = 0x82;
+        return 3;
+    }
+
+    if (len <= 0xFFFFFF) {
+        if (*p - start < 4) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
+
+        *--(*p) = MBEDTLS_BYTE_0(len);
+        *--(*p) = MBEDTLS_BYTE_1(len);
+        *--(*p) = MBEDTLS_BYTE_2(len);
+        *--(*p) = 0x83;
+        return 4;
+    }
+
+    int len_is_valid = 1;
+#if SIZE_MAX > 0xFFFFFFFF
+    len_is_valid = (len <= 0xFFFFFFFF);
+#endif
+    if (len_is_valid) {
+        if (*p - start < 5) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
+
+        *--(*p) = MBEDTLS_BYTE_0(len);
+        *--(*p) = MBEDTLS_BYTE_1(len);
+        *--(*p) = MBEDTLS_BYTE_2(len);
+        *--(*p) = MBEDTLS_BYTE_3(len);
+        *--(*p) = 0x84;
+        return 5;
+    }
+
+    return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
+}
+
+int mbedtls_asn1_write_tag(unsigned char **p, unsigned char *start, unsigned char tag)
+{
+    if (*p - start < 1) {
+        return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+    }
+
+    *--(*p) = tag;
+
+    return 1;
+}
+
+int mbedtls_asn1_write_raw_buffer(unsigned char **p, unsigned char *start,
+                                  const unsigned char *buf, size_t size)
+{
+    size_t len = 0;
+
+    if (*p < start || (size_t) (*p - start) < size) {
+        return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+    }
+
+    len = size;
+    (*p) -= len;
+    memcpy(*p, buf, len);
+
+    return (int) len;
+}
+
+#if defined(MBEDTLS_BIGNUM_C)
+int mbedtls_asn1_write_mpi(unsigned char **p, unsigned char *start, const mbedtls_mpi *X)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+
+    // Write the MPI
+    //
+    len = mbedtls_mpi_size(X);
+
+    /* DER represents 0 with a sign bit (0=nonnegative) and 7 value bits, not
+     * as 0 digits. We need to end up with 020100, not with 0200. */
+    if (len == 0) {
+        len = 1;
+    }
+
+    if (*p < start || (size_t) (*p - start) < len) {
+        return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+    }
+
+    (*p) -= len;
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(X, *p, len));
+
+    // DER format assumes 2s complement for numbers, so the leftmost bit
+    // should be 0 for positive numbers and 1 for negative numbers.
+    //
+    if (X->s == 1 && **p & 0x80) {
+        if (*p - start < 1) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
+
+        *--(*p) = 0x00;
+        len += 1;
+    }
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_INTEGER));
+
+    ret = (int) len;
+
+cleanup:
+    return ret;
+}
+#endif /* MBEDTLS_BIGNUM_C */
+
+int mbedtls_asn1_write_null(unsigned char **p, unsigned char *start)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+
+    // Write NULL
+    //
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, 0));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_NULL));
+
+    return (int) len;
+}
+
+int mbedtls_asn1_write_oid(unsigned char **p, unsigned char *start,
+                           const char *oid, size_t oid_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start,
+                                                            (const unsigned char *) oid, oid_len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_OID));
+
+    return (int) len;
+}
+
+int mbedtls_asn1_write_algorithm_identifier(unsigned char **p, unsigned char *start,
+                                            const char *oid, size_t oid_len,
+                                            size_t par_len)
+{
+    return mbedtls_asn1_write_algorithm_identifier_ext(p, start, oid, oid_len, par_len, 1);
+}
+
+int mbedtls_asn1_write_algorithm_identifier_ext(unsigned char **p, unsigned char *start,
+                                                const char *oid, size_t oid_len,
+                                                size_t par_len, int has_par)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+
+    if (has_par) {
+        if (par_len == 0) {
+            MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_null(p, start));
+        } else {
+            len += par_len;
+        }
+    }
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(p, start, oid, oid_len));
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start,
+                                                     MBEDTLS_ASN1_CONSTRUCTED |
+                                                     MBEDTLS_ASN1_SEQUENCE));
+
+    return (int) len;
+}
+
+int mbedtls_asn1_write_bool(unsigned char **p, unsigned char *start, int boolean)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+
+    if (*p - start < 1) {
+        return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+    }
+
+    *--(*p) = (boolean) ? 255 : 0;
+    len++;
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_BOOLEAN));
+
+    return (int) len;
+}
+
+static int asn1_write_tagged_int(unsigned char **p, unsigned char *start, int val, int tag)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+
+    do {
+        if (*p - start < 1) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
+        len += 1;
+        *--(*p) = val & 0xff;
+        val >>= 8;
+    } while (val > 0);
+
+    if (**p & 0x80) {
+        if (*p - start < 1) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
+        *--(*p) = 0x00;
+        len += 1;
+    }
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, tag));
+
+    return (int) len;
+}
+
+int mbedtls_asn1_write_int(unsigned char **p, unsigned char *start, int val)
+{
+    return asn1_write_tagged_int(p, start, val, MBEDTLS_ASN1_INTEGER);
+}
+
+int mbedtls_asn1_write_enum(unsigned char **p, unsigned char *start, int val)
+{
+    return asn1_write_tagged_int(p, start, val, MBEDTLS_ASN1_ENUMERATED);
+}
+
+int mbedtls_asn1_write_tagged_string(unsigned char **p, unsigned char *start, int tag,
+                                     const char *text, size_t text_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start,
+                                                            (const unsigned char *) text,
+                                                            text_len));
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, tag));
+
+    return (int) len;
+}
+
+int mbedtls_asn1_write_utf8_string(unsigned char **p, unsigned char *start,
+                                   const char *text, size_t text_len)
+{
+    return mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_UTF8_STRING, text, text_len);
+}
+
+int mbedtls_asn1_write_printable_string(unsigned char **p, unsigned char *start,
+                                        const char *text, size_t text_len)
+{
+    return mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_PRINTABLE_STRING, text,
+                                            text_len);
+}
+
+int mbedtls_asn1_write_ia5_string(unsigned char **p, unsigned char *start,
+                                  const char *text, size_t text_len)
+{
+    return mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_IA5_STRING, text, text_len);
+}
+
+int mbedtls_asn1_write_named_bitstring(unsigned char **p,
+                                       unsigned char *start,
+                                       const unsigned char *buf,
+                                       size_t bits)
+{
+    size_t unused_bits, byte_len;
+    const unsigned char *cur_byte;
+    unsigned char cur_byte_shifted;
+    unsigned char bit;
+
+    byte_len = (bits + 7) / 8;
+    unused_bits = (byte_len * 8) - bits;
+
+    /*
+     * Named bitstrings require that trailing 0s are excluded in the encoding
+     * of the bitstring. Trailing 0s are considered part of the 'unused' bits
+     * when encoding this value in the first content octet
+     */
+    if (bits != 0) {
+        cur_byte = buf + byte_len - 1;
+        cur_byte_shifted = *cur_byte >> unused_bits;
+
+        for (;;) {
+            bit = cur_byte_shifted & 0x1;
+            cur_byte_shifted >>= 1;
+
+            if (bit != 0) {
+                break;
+            }
+
+            bits--;
+            if (bits == 0) {
+                break;
+            }
+
+            if (bits % 8 == 0) {
+                cur_byte_shifted = *--cur_byte;
+            }
+        }
+    }
+
+    return mbedtls_asn1_write_bitstring(p, start, buf, bits);
+}
+
+int mbedtls_asn1_write_bitstring(unsigned char **p, unsigned char *start,
+                                 const unsigned char *buf, size_t bits)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+    size_t unused_bits, byte_len;
+
+    byte_len = (bits + 7) / 8;
+    unused_bits = (byte_len * 8) - bits;
+
+    if (*p < start || (size_t) (*p - start) < byte_len + 1) {
+        return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+    }
+
+    len = byte_len + 1;
+
+    /* Write the bitstring. Ensure the unused bits are zeroed */
+    if (byte_len > 0) {
+        byte_len--;
+        *--(*p) = buf[byte_len] & ~((0x1 << unused_bits) - 1);
+        (*p) -= byte_len;
+        memcpy(*p, buf, byte_len);
+    }
+
+    /* Write unused bits */
+    *--(*p) = (unsigned char) unused_bits;
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_BIT_STRING));
+
+    return (int) len;
+}
+
+int mbedtls_asn1_write_octet_string(unsigned char **p, unsigned char *start,
+                                    const unsigned char *buf, size_t size)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, buf, size));
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_OCTET_STRING));
+
+    return (int) len;
+}
+
+
+/* This is a copy of the ASN.1 parsing function mbedtls_asn1_find_named_data(),
+ * which is replicated to avoid a dependency ASN1_WRITE_C on ASN1_PARSE_C. */
+static mbedtls_asn1_named_data *asn1_find_named_data(
+    mbedtls_asn1_named_data *list,
+    const char *oid, size_t len)
+{
+    while (list != NULL) {
+        if (list->oid.len == len &&
+            memcmp(list->oid.p, oid, len) == 0) {
+            break;
+        }
+
+        list = list->next;
+    }
+
+    return list;
+}
+
+mbedtls_asn1_named_data *mbedtls_asn1_store_named_data(
+    mbedtls_asn1_named_data **head,
+    const char *oid, size_t oid_len,
+    const unsigned char *val,
+    size_t val_len)
+{
+    mbedtls_asn1_named_data *cur;
+
+    if ((cur = asn1_find_named_data(*head, oid, oid_len)) == NULL) {
+        // Add new entry if not present yet based on OID
+        //
+        cur = (mbedtls_asn1_named_data *) mbedtls_calloc(1,
+                                                         sizeof(mbedtls_asn1_named_data));
+        if (cur == NULL) {
+            return NULL;
+        }
+
+        cur->oid.len = oid_len;
+        cur->oid.p = mbedtls_calloc(1, oid_len);
+        if (cur->oid.p == NULL) {
+            mbedtls_free(cur);
+            return NULL;
+        }
+
+        memcpy(cur->oid.p, oid, oid_len);
+
+        cur->val.len = val_len;
+        if (val_len != 0) {
+            cur->val.p = mbedtls_calloc(1, val_len);
+            if (cur->val.p == NULL) {
+                mbedtls_free(cur->oid.p);
+                mbedtls_free(cur);
+                return NULL;
+            }
+        }
+
+        cur->next = *head;
+        *head = cur;
+    } else if (val_len == 0) {
+        mbedtls_free(cur->val.p);
+        cur->val.p = NULL;
+    } else if (cur->val.len != val_len) {
+        /*
+         * Enlarge existing value buffer if needed
+         * Preserve old data until the allocation succeeded, to leave list in
+         * a consistent state in case allocation fails.
+         */
+        void *p = mbedtls_calloc(1, val_len);
+        if (p == NULL) {
+            return NULL;
+        }
+
+        mbedtls_free(cur->val.p);
+        cur->val.p = p;
+        cur->val.len = val_len;
+    }
+
+    if (val != NULL && val_len != 0) {
+        memcpy(cur->val.p, val, val_len);
+    }
+
+    return cur;
+}
+#endif /* MBEDTLS_ASN1_WRITE_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/base64.c b/3rdparty/mbedtls-2.28.7/library/base64.c
new file mode 100644
index 0000000..1f1a90a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/base64.c
@@ -0,0 +1,265 @@
+/*
+ *  RFC 1521 base64 encoding/decoding
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_BASE64_C)
+
+#include "mbedtls/base64.h"
+#include "constant_time_internal.h"
+
+#include <stdint.h>
+
+#if defined(MBEDTLS_SELF_TEST)
+#include <string.h>
+#include "mbedtls/platform.h"
+#endif /* MBEDTLS_SELF_TEST */
+
+#define BASE64_SIZE_T_MAX   ((size_t) -1)   /* SIZE_T_MAX is not standard */
+
+/*
+ * Encode a buffer into base64 format
+ */
+int mbedtls_base64_encode(unsigned char *dst, size_t dlen, size_t *olen,
+                          const unsigned char *src, size_t slen)
+{
+    size_t i, n;
+    int C1, C2, C3;
+    unsigned char *p;
+
+    if (slen == 0) {
+        *olen = 0;
+        return 0;
+    }
+
+    n = slen / 3 + (slen % 3 != 0);
+
+    if (n > (BASE64_SIZE_T_MAX - 1) / 4) {
+        *olen = BASE64_SIZE_T_MAX;
+        return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL;
+    }
+
+    n *= 4;
+
+    if ((dlen < n + 1) || (NULL == dst)) {
+        *olen = n + 1;
+        return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL;
+    }
+
+    n = (slen / 3) * 3;
+
+    for (i = 0, p = dst; i < n; i += 3) {
+        C1 = *src++;
+        C2 = *src++;
+        C3 = *src++;
+
+        *p++ = mbedtls_ct_base64_enc_char((C1 >> 2) & 0x3F);
+        *p++ = mbedtls_ct_base64_enc_char((((C1 &  3) << 4) + (C2 >> 4))
+                                          & 0x3F);
+        *p++ = mbedtls_ct_base64_enc_char((((C2 & 15) << 2) + (C3 >> 6))
+                                          & 0x3F);
+        *p++ = mbedtls_ct_base64_enc_char(C3 & 0x3F);
+    }
+
+    if (i < slen) {
+        C1 = *src++;
+        C2 = ((i + 1) < slen) ? *src++ : 0;
+
+        *p++ = mbedtls_ct_base64_enc_char((C1 >> 2) & 0x3F);
+        *p++ = mbedtls_ct_base64_enc_char((((C1 & 3) << 4) + (C2 >> 4))
+                                          & 0x3F);
+
+        if ((i + 1) < slen) {
+            *p++ = mbedtls_ct_base64_enc_char(((C2 & 15) << 2) & 0x3F);
+        } else {
+            *p++ = '=';
+        }
+
+        *p++ = '=';
+    }
+
+    *olen = p - dst;
+    *p = 0;
+
+    return 0;
+}
+
+/*
+ * Decode a base64-formatted buffer
+ */
+int mbedtls_base64_decode(unsigned char *dst, size_t dlen, size_t *olen,
+                          const unsigned char *src, size_t slen)
+{
+    size_t i; /* index in source */
+    size_t n; /* number of digits or trailing = in source */
+    uint32_t x; /* value accumulator */
+    unsigned accumulated_digits = 0;
+    unsigned equals = 0;
+    int spaces_present = 0;
+    unsigned char *p;
+
+    /* First pass: check for validity and get output length */
+    for (i = n = 0; i < slen; i++) {
+        /* Skip spaces before checking for EOL */
+        spaces_present = 0;
+        while (i < slen && src[i] == ' ') {
+            ++i;
+            spaces_present = 1;
+        }
+
+        /* Spaces at end of buffer are OK */
+        if (i == slen) {
+            break;
+        }
+
+        if ((slen - i) >= 2 &&
+            src[i] == '\r' && src[i + 1] == '\n') {
+            continue;
+        }
+
+        if (src[i] == '\n') {
+            continue;
+        }
+
+        /* Space inside a line is an error */
+        if (spaces_present) {
+            return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
+        }
+
+        if (src[i] > 127) {
+            return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
+        }
+
+        if (src[i] == '=') {
+            if (++equals > 2) {
+                return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
+            }
+        } else {
+            if (equals != 0) {
+                return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
+            }
+            if (mbedtls_ct_base64_dec_value(src[i]) < 0) {
+                return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
+            }
+        }
+        n++;
+    }
+
+    if (n == 0) {
+        *olen = 0;
+        return 0;
+    }
+
+    /* The following expression is to calculate the following formula without
+     * risk of integer overflow in n:
+     *     n = ( ( n * 6 ) + 7 ) >> 3;
+     */
+    n = (6 * (n >> 3)) + ((6 * (n & 0x7) + 7) >> 3);
+    n -= equals;
+
+    if (dst == NULL || dlen < n) {
+        *olen = n;
+        return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL;
+    }
+
+    equals = 0;
+    for (x = 0, p = dst; i > 0; i--, src++) {
+        if (*src == '\r' || *src == '\n' || *src == ' ') {
+            continue;
+        }
+
+        x = x << 6;
+        if (*src == '=') {
+            ++equals;
+        } else {
+            x |= mbedtls_ct_base64_dec_value(*src);
+        }
+
+        if (++accumulated_digits == 4) {
+            accumulated_digits = 0;
+            *p++ = MBEDTLS_BYTE_2(x);
+            if (equals <= 1) {
+                *p++ = MBEDTLS_BYTE_1(x);
+            }
+            if (equals <= 0) {
+                *p++ = MBEDTLS_BYTE_0(x);
+            }
+        }
+    }
+
+    *olen = p - dst;
+
+    return 0;
+}
+
+#if defined(MBEDTLS_SELF_TEST)
+
+static const unsigned char base64_test_dec[64] =
+{
+    0x24, 0x48, 0x6E, 0x56, 0x87, 0x62, 0x5A, 0xBD,
+    0xBF, 0x17, 0xD9, 0xA2, 0xC4, 0x17, 0x1A, 0x01,
+    0x94, 0xED, 0x8F, 0x1E, 0x11, 0xB3, 0xD7, 0x09,
+    0x0C, 0xB6, 0xE9, 0x10, 0x6F, 0x22, 0xEE, 0x13,
+    0xCA, 0xB3, 0x07, 0x05, 0x76, 0xC9, 0xFA, 0x31,
+    0x6C, 0x08, 0x34, 0xFF, 0x8D, 0xC2, 0x6C, 0x38,
+    0x00, 0x43, 0xE9, 0x54, 0x97, 0xAF, 0x50, 0x4B,
+    0xD1, 0x41, 0xBA, 0x95, 0x31, 0x5A, 0x0B, 0x97
+};
+
+static const unsigned char base64_test_enc[] =
+    "JEhuVodiWr2/F9mixBcaAZTtjx4Rs9cJDLbpEG8i7hPK"
+    "swcFdsn6MWwINP+Nwmw4AEPpVJevUEvRQbqVMVoLlw==";
+
+/*
+ * Checkup routine
+ */
+int mbedtls_base64_self_test(int verbose)
+{
+    size_t len;
+    const unsigned char *src;
+    unsigned char buffer[128];
+
+    if (verbose != 0) {
+        mbedtls_printf("  Base64 encoding test: ");
+    }
+
+    src = base64_test_dec;
+
+    if (mbedtls_base64_encode(buffer, sizeof(buffer), &len, src, 64) != 0 ||
+        memcmp(base64_test_enc, buffer, 88) != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
+
+        return 1;
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n  Base64 decoding test: ");
+    }
+
+    src = base64_test_enc;
+
+    if (mbedtls_base64_decode(buffer, sizeof(buffer), &len, src, 88) != 0 ||
+        memcmp(base64_test_dec, buffer, 64) != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
+
+        return 1;
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n\n");
+    }
+
+    return 0;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_BASE64_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/bignum.c b/3rdparty/mbedtls-2.28.7/library/bignum.c
new file mode 100644
index 0000000..fadd9e9
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/bignum.c
@@ -0,0 +1,3187 @@
+/*
+ *  Multi-precision integer library
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ *  The following sources were referenced in the design of this Multi-precision
+ *  Integer library:
+ *
+ *  [1] Handbook of Applied Cryptography - 1997
+ *      Menezes, van Oorschot and Vanstone
+ *
+ *  [2] Multi-Precision Math
+ *      Tom St Denis
+ *      https://github.com/libtom/libtommath/blob/develop/tommath.pdf
+ *
+ *  [3] GNU Multi-Precision Arithmetic Library
+ *      https://gmplib.org/manual/index.html
+ *
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_BIGNUM_C)
+
+#include "mbedtls/bignum.h"
+#include "mbedtls/bn_mul.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+#include "constant_time_internal.h"
+#include "bignum_internal.h"
+
+#include <limits.h>
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#define MPI_VALIDATE_RET(cond)                                       \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_MPI_BAD_INPUT_DATA)
+#define MPI_VALIDATE(cond)                                           \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+#define ciL    (sizeof(mbedtls_mpi_uint))         /* chars in limb  */
+#define biL    (ciL << 3)               /* bits  in limb  */
+#define biH    (ciL << 2)               /* half limb size */
+
+#define MPI_SIZE_T_MAX  ((size_t) -1)   /* SIZE_T_MAX is not standard */
+
+/*
+ * Convert between bits/chars and number of limbs
+ * Divide first in order to avoid potential overflows
+ */
+#define BITS_TO_LIMBS(i)  ((i) / biL + ((i) % biL != 0))
+#define CHARS_TO_LIMBS(i) ((i) / ciL + ((i) % ciL != 0))
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_mpi_zeroize(mbedtls_mpi_uint *v, size_t n)
+{
+    mbedtls_platform_zeroize(v, ciL * n);
+}
+
+/*
+ * Initialize one MPI
+ */
+void mbedtls_mpi_init(mbedtls_mpi *X)
+{
+    MPI_VALIDATE(X != NULL);
+
+    X->s = 1;
+    X->n = 0;
+    X->p = NULL;
+}
+
+/*
+ * Unallocate one MPI
+ */
+void mbedtls_mpi_free(mbedtls_mpi *X)
+{
+    if (X == NULL) {
+        return;
+    }
+
+    if (X->p != NULL) {
+        mbedtls_mpi_zeroize(X->p, X->n);
+        mbedtls_free(X->p);
+    }
+
+    X->s = 1;
+    X->n = 0;
+    X->p = NULL;
+}
+
+/*
+ * Enlarge to the specified number of limbs
+ */
+int mbedtls_mpi_grow(mbedtls_mpi *X, size_t nblimbs)
+{
+    mbedtls_mpi_uint *p;
+    MPI_VALIDATE_RET(X != NULL);
+
+    if (nblimbs > MBEDTLS_MPI_MAX_LIMBS) {
+        return MBEDTLS_ERR_MPI_ALLOC_FAILED;
+    }
+
+    if (X->n < nblimbs) {
+        if ((p = (mbedtls_mpi_uint *) mbedtls_calloc(nblimbs, ciL)) == NULL) {
+            return MBEDTLS_ERR_MPI_ALLOC_FAILED;
+        }
+
+        if (X->p != NULL) {
+            memcpy(p, X->p, X->n * ciL);
+            mbedtls_mpi_zeroize(X->p, X->n);
+            mbedtls_free(X->p);
+        }
+
+        X->n = nblimbs;
+        X->p = p;
+    }
+
+    return 0;
+}
+
+/*
+ * Resize down as much as possible,
+ * while keeping at least the specified number of limbs
+ */
+int mbedtls_mpi_shrink(mbedtls_mpi *X, size_t nblimbs)
+{
+    mbedtls_mpi_uint *p;
+    size_t i;
+    MPI_VALIDATE_RET(X != NULL);
+
+    if (nblimbs > MBEDTLS_MPI_MAX_LIMBS) {
+        return MBEDTLS_ERR_MPI_ALLOC_FAILED;
+    }
+
+    /* Actually resize up if there are currently fewer than nblimbs limbs. */
+    if (X->n <= nblimbs) {
+        return mbedtls_mpi_grow(X, nblimbs);
+    }
+    /* After this point, then X->n > nblimbs and in particular X->n > 0. */
+
+    for (i = X->n - 1; i > 0; i--) {
+        if (X->p[i] != 0) {
+            break;
+        }
+    }
+    i++;
+
+    if (i < nblimbs) {
+        i = nblimbs;
+    }
+
+    if ((p = (mbedtls_mpi_uint *) mbedtls_calloc(i, ciL)) == NULL) {
+        return MBEDTLS_ERR_MPI_ALLOC_FAILED;
+    }
+
+    if (X->p != NULL) {
+        memcpy(p, X->p, i * ciL);
+        mbedtls_mpi_zeroize(X->p, X->n);
+        mbedtls_free(X->p);
+    }
+
+    X->n = i;
+    X->p = p;
+
+    return 0;
+}
+
+/* Resize X to have exactly n limbs and set it to 0. */
+static int mbedtls_mpi_resize_clear(mbedtls_mpi *X, size_t limbs)
+{
+    if (limbs == 0) {
+        mbedtls_mpi_free(X);
+        return 0;
+    } else if (X->n == limbs) {
+        memset(X->p, 0, limbs * ciL);
+        X->s = 1;
+        return 0;
+    } else {
+        mbedtls_mpi_free(X);
+        return mbedtls_mpi_grow(X, limbs);
+    }
+}
+
+/*
+ * Copy the contents of Y into X.
+ *
+ * This function is not constant-time. Leading zeros in Y may be removed.
+ *
+ * Ensure that X does not shrink. This is not guaranteed by the public API,
+ * but some code in the bignum module relies on this property, for example
+ * in mbedtls_mpi_exp_mod().
+ */
+int mbedtls_mpi_copy(mbedtls_mpi *X, const mbedtls_mpi *Y)
+{
+    int ret = 0;
+    size_t i;
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(Y != NULL);
+
+    if (X == Y) {
+        return 0;
+    }
+
+    if (Y->n == 0) {
+        if (X->n != 0) {
+            X->s = 1;
+            memset(X->p, 0, X->n * ciL);
+        }
+        return 0;
+    }
+
+    for (i = Y->n - 1; i > 0; i--) {
+        if (Y->p[i] != 0) {
+            break;
+        }
+    }
+    i++;
+
+    X->s = Y->s;
+
+    if (X->n < i) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, i));
+    } else {
+        memset(X->p + i, 0, (X->n - i) * ciL);
+    }
+
+    memcpy(X->p, Y->p, i * ciL);
+
+cleanup:
+
+    return ret;
+}
+
+/*
+ * Swap the contents of X and Y
+ */
+void mbedtls_mpi_swap(mbedtls_mpi *X, mbedtls_mpi *Y)
+{
+    mbedtls_mpi T;
+    MPI_VALIDATE(X != NULL);
+    MPI_VALIDATE(Y != NULL);
+
+    memcpy(&T,  X, sizeof(mbedtls_mpi));
+    memcpy(X,  Y, sizeof(mbedtls_mpi));
+    memcpy(Y, &T, sizeof(mbedtls_mpi));
+}
+
+static inline mbedtls_mpi_uint mpi_sint_abs(mbedtls_mpi_sint z)
+{
+    if (z >= 0) {
+        return z;
+    }
+    /* Take care to handle the most negative value (-2^(biL-1)) correctly.
+     * A naive -z would have undefined behavior.
+     * Write this in a way that makes popular compilers happy (GCC, Clang,
+     * MSVC). */
+    return (mbedtls_mpi_uint) 0 - (mbedtls_mpi_uint) z;
+}
+
+/*
+ * Set value from integer
+ */
+int mbedtls_mpi_lset(mbedtls_mpi *X, mbedtls_mpi_sint z)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    MPI_VALIDATE_RET(X != NULL);
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, 1));
+    memset(X->p, 0, X->n * ciL);
+
+    X->p[0] = mpi_sint_abs(z);
+    X->s    = (z < 0) ? -1 : 1;
+
+cleanup:
+
+    return ret;
+}
+
+/*
+ * Get a specific bit
+ */
+int mbedtls_mpi_get_bit(const mbedtls_mpi *X, size_t pos)
+{
+    MPI_VALIDATE_RET(X != NULL);
+
+    if (X->n * biL <= pos) {
+        return 0;
+    }
+
+    return (X->p[pos / biL] >> (pos % biL)) & 0x01;
+}
+
+/* Get a specific byte, without range checks. */
+#define GET_BYTE(X, i)                                \
+    (((X)->p[(i) / ciL] >> (((i) % ciL) * 8)) & 0xff)
+
+/*
+ * Set a bit to a specific value of 0 or 1
+ */
+int mbedtls_mpi_set_bit(mbedtls_mpi *X, size_t pos, unsigned char val)
+{
+    int ret = 0;
+    size_t off = pos / biL;
+    size_t idx = pos % biL;
+    MPI_VALIDATE_RET(X != NULL);
+
+    if (val != 0 && val != 1) {
+        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+
+    if (X->n * biL <= pos) {
+        if (val == 0) {
+            return 0;
+        }
+
+        MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, off + 1));
+    }
+
+    X->p[off] &= ~((mbedtls_mpi_uint) 0x01 << idx);
+    X->p[off] |= (mbedtls_mpi_uint) val << idx;
+
+cleanup:
+
+    return ret;
+}
+
+/*
+ * Return the number of less significant zero-bits
+ */
+size_t mbedtls_mpi_lsb(const mbedtls_mpi *X)
+{
+    size_t i, j, count = 0;
+    MBEDTLS_INTERNAL_VALIDATE_RET(X != NULL, 0);
+
+    for (i = 0; i < X->n; i++) {
+        for (j = 0; j < biL; j++, count++) {
+            if (((X->p[i] >> j) & 1) != 0) {
+                return count;
+            }
+        }
+    }
+
+    return 0;
+}
+
+/*
+ * Count leading zero bits in a given integer
+ */
+static size_t mbedtls_clz(const mbedtls_mpi_uint x)
+{
+    size_t j;
+    mbedtls_mpi_uint mask = (mbedtls_mpi_uint) 1 << (biL - 1);
+
+    for (j = 0; j < biL; j++) {
+        if (x & mask) {
+            break;
+        }
+
+        mask >>= 1;
+    }
+
+    return j;
+}
+
+/*
+ * Return the number of bits
+ */
+size_t mbedtls_mpi_bitlen(const mbedtls_mpi *X)
+{
+    size_t i, j;
+
+    if (X->n == 0) {
+        return 0;
+    }
+
+    for (i = X->n - 1; i > 0; i--) {
+        if (X->p[i] != 0) {
+            break;
+        }
+    }
+
+    j = biL - mbedtls_clz(X->p[i]);
+
+    return (i * biL) + j;
+}
+
+/*
+ * Return the total size in bytes
+ */
+size_t mbedtls_mpi_size(const mbedtls_mpi *X)
+{
+    return (mbedtls_mpi_bitlen(X) + 7) >> 3;
+}
+
+/*
+ * Convert an ASCII character to digit value
+ */
+static int mpi_get_digit(mbedtls_mpi_uint *d, int radix, char c)
+{
+    *d = 255;
+
+    if (c >= 0x30 && c <= 0x39) {
+        *d = c - 0x30;
+    }
+    if (c >= 0x41 && c <= 0x46) {
+        *d = c - 0x37;
+    }
+    if (c >= 0x61 && c <= 0x66) {
+        *d = c - 0x57;
+    }
+
+    if (*d >= (mbedtls_mpi_uint) radix) {
+        return MBEDTLS_ERR_MPI_INVALID_CHARACTER;
+    }
+
+    return 0;
+}
+
+/*
+ * Import from an ASCII string
+ */
+int mbedtls_mpi_read_string(mbedtls_mpi *X, int radix, const char *s)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t i, j, slen, n;
+    int sign = 1;
+    mbedtls_mpi_uint d;
+    mbedtls_mpi T;
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(s != NULL);
+
+    if (radix < 2 || radix > 16) {
+        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+
+    mbedtls_mpi_init(&T);
+
+    if (s[0] == 0) {
+        mbedtls_mpi_free(X);
+        return 0;
+    }
+
+    if (s[0] == '-') {
+        ++s;
+        sign = -1;
+    }
+
+    slen = strlen(s);
+
+    if (radix == 16) {
+        if (slen > MPI_SIZE_T_MAX >> 2) {
+            return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+        }
+
+        n = BITS_TO_LIMBS(slen << 2);
+
+        MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, n));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_lset(X, 0));
+
+        for (i = slen, j = 0; i > 0; i--, j++) {
+            MBEDTLS_MPI_CHK(mpi_get_digit(&d, radix, s[i - 1]));
+            X->p[j / (2 * ciL)] |= d << ((j % (2 * ciL)) << 2);
+        }
+    } else {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_lset(X, 0));
+
+        for (i = 0; i < slen; i++) {
+            MBEDTLS_MPI_CHK(mpi_get_digit(&d, radix, s[i]));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_mul_int(&T, X, radix));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(X, &T, d));
+        }
+    }
+
+    if (sign < 0 && mbedtls_mpi_bitlen(X) != 0) {
+        X->s = -1;
+    }
+
+cleanup:
+
+    mbedtls_mpi_free(&T);
+
+    return ret;
+}
+
+/*
+ * Helper to write the digits high-order first.
+ */
+static int mpi_write_hlp(mbedtls_mpi *X, int radix,
+                         char **p, const size_t buflen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_mpi_uint r;
+    size_t length = 0;
+    char *p_end = *p + buflen;
+
+    do {
+        if (length >= buflen) {
+            return MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL;
+        }
+
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_int(&r, X, radix));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_div_int(X, NULL, X, radix));
+        /*
+         * Write the residue in the current position, as an ASCII character.
+         */
+        if (r < 0xA) {
+            *(--p_end) = (char) ('0' + r);
+        } else {
+            *(--p_end) = (char) ('A' + (r - 0xA));
+        }
+
+        length++;
+    } while (mbedtls_mpi_cmp_int(X, 0) != 0);
+
+    memmove(*p, p_end, length);
+    *p += length;
+
+cleanup:
+
+    return ret;
+}
+
+/*
+ * Export into an ASCII string
+ */
+int mbedtls_mpi_write_string(const mbedtls_mpi *X, int radix,
+                             char *buf, size_t buflen, size_t *olen)
+{
+    int ret = 0;
+    size_t n;
+    char *p;
+    mbedtls_mpi T;
+    MPI_VALIDATE_RET(X    != NULL);
+    MPI_VALIDATE_RET(olen != NULL);
+    MPI_VALIDATE_RET(buflen == 0 || buf != NULL);
+
+    if (radix < 2 || radix > 16) {
+        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+
+    n = mbedtls_mpi_bitlen(X);   /* Number of bits necessary to present `n`. */
+    if (radix >=  4) {
+        n >>= 1;                 /* Number of 4-adic digits necessary to present
+                                  * `n`. If radix > 4, this might be a strict
+                                  * overapproximation of the number of
+                                  * radix-adic digits needed to present `n`. */
+    }
+    if (radix >= 16) {
+        n >>= 1;                 /* Number of hexadecimal digits necessary to
+                                  * present `n`. */
+
+    }
+    n += 1; /* Terminating null byte */
+    n += 1; /* Compensate for the divisions above, which round down `n`
+             * in case it's not even. */
+    n += 1; /* Potential '-'-sign. */
+    n += (n & 1);   /* Make n even to have enough space for hexadecimal writing,
+                     * which always uses an even number of hex-digits. */
+
+    if (buflen < n) {
+        *olen = n;
+        return MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL;
+    }
+
+    p = buf;
+    mbedtls_mpi_init(&T);
+
+    if (X->s == -1) {
+        *p++ = '-';
+        buflen--;
+    }
+
+    if (radix == 16) {
+        int c;
+        size_t i, j, k;
+
+        for (i = X->n, k = 0; i > 0; i--) {
+            for (j = ciL; j > 0; j--) {
+                c = (X->p[i - 1] >> ((j - 1) << 3)) & 0xFF;
+
+                if (c == 0 && k == 0 && (i + j) != 2) {
+                    continue;
+                }
+
+                *(p++) = "0123456789ABCDEF" [c / 16];
+                *(p++) = "0123456789ABCDEF" [c % 16];
+                k = 1;
+            }
+        }
+    } else {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&T, X));
+
+        if (T.s == -1) {
+            T.s = 1;
+        }
+
+        MBEDTLS_MPI_CHK(mpi_write_hlp(&T, radix, &p, buflen));
+    }
+
+    *p++ = '\0';
+    *olen = p - buf;
+
+cleanup:
+
+    mbedtls_mpi_free(&T);
+
+    return ret;
+}
+
+#if defined(MBEDTLS_FS_IO)
+/*
+ * Read X from an opened file
+ */
+int mbedtls_mpi_read_file(mbedtls_mpi *X, int radix, FILE *fin)
+{
+    mbedtls_mpi_uint d;
+    size_t slen;
+    char *p;
+    /*
+     * Buffer should have space for (short) label and decimal formatted MPI,
+     * newline characters and '\0'
+     */
+    char s[MBEDTLS_MPI_RW_BUFFER_SIZE];
+
+    MPI_VALIDATE_RET(X   != NULL);
+    MPI_VALIDATE_RET(fin != NULL);
+
+    if (radix < 2 || radix > 16) {
+        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+
+    memset(s, 0, sizeof(s));
+    if (fgets(s, sizeof(s) - 1, fin) == NULL) {
+        return MBEDTLS_ERR_MPI_FILE_IO_ERROR;
+    }
+
+    slen = strlen(s);
+    if (slen == sizeof(s) - 2) {
+        return MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL;
+    }
+
+    if (slen > 0 && s[slen - 1] == '\n') {
+        slen--; s[slen] = '\0';
+    }
+    if (slen > 0 && s[slen - 1] == '\r') {
+        slen--; s[slen] = '\0';
+    }
+
+    p = s + slen;
+    while (p-- > s) {
+        if (mpi_get_digit(&d, radix, *p) != 0) {
+            break;
+        }
+    }
+
+    return mbedtls_mpi_read_string(X, radix, p + 1);
+}
+
+/*
+ * Write X into an opened file (or stdout if fout == NULL)
+ */
+int mbedtls_mpi_write_file(const char *p, const mbedtls_mpi *X, int radix, FILE *fout)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t n, slen, plen;
+    /*
+     * Buffer should have space for (short) label and decimal formatted MPI,
+     * newline characters and '\0'
+     */
+    char s[MBEDTLS_MPI_RW_BUFFER_SIZE];
+    MPI_VALIDATE_RET(X != NULL);
+
+    if (radix < 2 || radix > 16) {
+        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+
+    memset(s, 0, sizeof(s));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_string(X, radix, s, sizeof(s) - 2, &n));
+
+    if (p == NULL) {
+        p = "";
+    }
+
+    plen = strlen(p);
+    slen = strlen(s);
+    s[slen++] = '\r';
+    s[slen++] = '\n';
+
+    if (fout != NULL) {
+        if (fwrite(p, 1, plen, fout) != plen ||
+            fwrite(s, 1, slen, fout) != slen) {
+            return MBEDTLS_ERR_MPI_FILE_IO_ERROR;
+        }
+    } else {
+        mbedtls_printf("%s%s", p, s);
+    }
+
+cleanup:
+
+    return ret;
+}
+#endif /* MBEDTLS_FS_IO */
+
+
+/* Convert a big-endian byte array aligned to the size of mbedtls_mpi_uint
+ * into the storage form used by mbedtls_mpi. */
+
+static mbedtls_mpi_uint mpi_uint_bigendian_to_host_c(mbedtls_mpi_uint x)
+{
+    uint8_t i;
+    unsigned char *x_ptr;
+    mbedtls_mpi_uint tmp = 0;
+
+    for (i = 0, x_ptr = (unsigned char *) &x; i < ciL; i++, x_ptr++) {
+        tmp <<= CHAR_BIT;
+        tmp |= (mbedtls_mpi_uint) *x_ptr;
+    }
+
+    return tmp;
+}
+
+static mbedtls_mpi_uint mpi_uint_bigendian_to_host(mbedtls_mpi_uint x)
+{
+#if defined(__BYTE_ORDER__)
+
+/* Nothing to do on bigendian systems. */
+#if (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__)
+    return x;
+#endif /* __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ */
+
+#if (__BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__)
+
+/* For GCC and Clang, have builtins for byte swapping. */
+#if defined(__GNUC__) && defined(__GNUC_PREREQ)
+#if __GNUC_PREREQ(4, 3)
+#define have_bswap
+#endif
+#endif
+
+#if defined(__clang__) && defined(__has_builtin)
+#if __has_builtin(__builtin_bswap32)  &&                 \
+    __has_builtin(__builtin_bswap64)
+#define have_bswap
+#endif
+#endif
+
+#if defined(have_bswap)
+    /* The compiler is hopefully able to statically evaluate this! */
+    switch (sizeof(mbedtls_mpi_uint)) {
+        case 4:
+            return __builtin_bswap32(x);
+        case 8:
+            return __builtin_bswap64(x);
+    }
+#endif
+#endif /* __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ */
+#endif /* __BYTE_ORDER__ */
+
+    /* Fall back to C-based reordering if we don't know the byte order
+     * or we couldn't use a compiler-specific builtin. */
+    return mpi_uint_bigendian_to_host_c(x);
+}
+
+static void mpi_bigendian_to_host(mbedtls_mpi_uint * const p, size_t limbs)
+{
+    mbedtls_mpi_uint *cur_limb_left;
+    mbedtls_mpi_uint *cur_limb_right;
+    if (limbs == 0) {
+        return;
+    }
+
+    /*
+     * Traverse limbs and
+     * - adapt byte-order in each limb
+     * - swap the limbs themselves.
+     * For that, simultaneously traverse the limbs from left to right
+     * and from right to left, as long as the left index is not bigger
+     * than the right index (it's not a problem if limbs is odd and the
+     * indices coincide in the last iteration).
+     */
+    for (cur_limb_left = p, cur_limb_right = p + (limbs - 1);
+         cur_limb_left <= cur_limb_right;
+         cur_limb_left++, cur_limb_right--) {
+        mbedtls_mpi_uint tmp;
+        /* Note that if cur_limb_left == cur_limb_right,
+         * this code effectively swaps the bytes only once. */
+        tmp             = mpi_uint_bigendian_to_host(*cur_limb_left);
+        *cur_limb_left  = mpi_uint_bigendian_to_host(*cur_limb_right);
+        *cur_limb_right = tmp;
+    }
+}
+
+/*
+ * Import X from unsigned binary data, little endian
+ */
+int mbedtls_mpi_read_binary_le(mbedtls_mpi *X,
+                               const unsigned char *buf, size_t buflen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t i;
+    size_t const limbs = CHARS_TO_LIMBS(buflen);
+
+    /* Ensure that target MPI has exactly the necessary number of limbs */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_resize_clear(X, limbs));
+
+    for (i = 0; i < buflen; i++) {
+        X->p[i / ciL] |= ((mbedtls_mpi_uint) buf[i]) << ((i % ciL) << 3);
+    }
+
+cleanup:
+
+    /*
+     * This function is also used to import keys. However, wiping the buffers
+     * upon failure is not necessary because failure only can happen before any
+     * input is copied.
+     */
+    return ret;
+}
+
+/*
+ * Import X from unsigned binary data, big endian
+ */
+int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf, size_t buflen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t const limbs    = CHARS_TO_LIMBS(buflen);
+    size_t const overhead = (limbs * ciL) - buflen;
+    unsigned char *Xp;
+
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(buflen == 0 || buf != NULL);
+
+    /* Ensure that target MPI has exactly the necessary number of limbs */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_resize_clear(X, limbs));
+
+    /* Avoid calling `memcpy` with NULL source or destination argument,
+     * even if buflen is 0. */
+    if (buflen != 0) {
+        Xp = (unsigned char *) X->p;
+        memcpy(Xp + overhead, buf, buflen);
+
+        mpi_bigendian_to_host(X->p, limbs);
+    }
+
+cleanup:
+
+    /*
+     * This function is also used to import keys. However, wiping the buffers
+     * upon failure is not necessary because failure only can happen before any
+     * input is copied.
+     */
+    return ret;
+}
+
+/*
+ * Export X into unsigned binary data, little endian
+ */
+int mbedtls_mpi_write_binary_le(const mbedtls_mpi *X,
+                                unsigned char *buf, size_t buflen)
+{
+    size_t stored_bytes = X->n * ciL;
+    size_t bytes_to_copy;
+    size_t i;
+
+    if (stored_bytes < buflen) {
+        bytes_to_copy = stored_bytes;
+    } else {
+        bytes_to_copy = buflen;
+
+        /* The output buffer is smaller than the allocated size of X.
+         * However X may fit if its leading bytes are zero. */
+        for (i = bytes_to_copy; i < stored_bytes; i++) {
+            if (GET_BYTE(X, i) != 0) {
+                return MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL;
+            }
+        }
+    }
+
+    for (i = 0; i < bytes_to_copy; i++) {
+        buf[i] = GET_BYTE(X, i);
+    }
+
+    if (stored_bytes < buflen) {
+        /* Write trailing 0 bytes */
+        memset(buf + stored_bytes, 0, buflen - stored_bytes);
+    }
+
+    return 0;
+}
+
+/*
+ * Export X into unsigned binary data, big endian
+ */
+int mbedtls_mpi_write_binary(const mbedtls_mpi *X,
+                             unsigned char *buf, size_t buflen)
+{
+    size_t stored_bytes;
+    size_t bytes_to_copy;
+    unsigned char *p;
+    size_t i;
+
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(buflen == 0 || buf != NULL);
+
+    stored_bytes = X->n * ciL;
+
+    if (stored_bytes < buflen) {
+        /* There is enough space in the output buffer. Write initial
+         * null bytes and record the position at which to start
+         * writing the significant bytes. In this case, the execution
+         * trace of this function does not depend on the value of the
+         * number. */
+        bytes_to_copy = stored_bytes;
+        p = buf + buflen - stored_bytes;
+        memset(buf, 0, buflen - stored_bytes);
+    } else {
+        /* The output buffer is smaller than the allocated size of X.
+         * However X may fit if its leading bytes are zero. */
+        bytes_to_copy = buflen;
+        p = buf;
+        for (i = bytes_to_copy; i < stored_bytes; i++) {
+            if (GET_BYTE(X, i) != 0) {
+                return MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL;
+            }
+        }
+    }
+
+    for (i = 0; i < bytes_to_copy; i++) {
+        p[bytes_to_copy - i - 1] = GET_BYTE(X, i);
+    }
+
+    return 0;
+}
+
+/*
+ * Left-shift: X <<= count
+ */
+int mbedtls_mpi_shift_l(mbedtls_mpi *X, size_t count)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t i, v0, t1;
+    mbedtls_mpi_uint r0 = 0, r1;
+    MPI_VALIDATE_RET(X != NULL);
+
+    v0 = count / (biL);
+    t1 = count & (biL - 1);
+
+    i = mbedtls_mpi_bitlen(X) + count;
+
+    if (X->n * biL < i) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, BITS_TO_LIMBS(i)));
+    }
+
+    ret = 0;
+
+    /*
+     * shift by count / limb_size
+     */
+    if (v0 > 0) {
+        for (i = X->n; i > v0; i--) {
+            X->p[i - 1] = X->p[i - v0 - 1];
+        }
+
+        for (; i > 0; i--) {
+            X->p[i - 1] = 0;
+        }
+    }
+
+    /*
+     * shift by count % limb_size
+     */
+    if (t1 > 0) {
+        for (i = v0; i < X->n; i++) {
+            r1 = X->p[i] >> (biL - t1);
+            X->p[i] <<= t1;
+            X->p[i] |= r0;
+            r0 = r1;
+        }
+    }
+
+cleanup:
+
+    return ret;
+}
+
+/*
+ * Right-shift: X >>= count
+ */
+int mbedtls_mpi_shift_r(mbedtls_mpi *X, size_t count)
+{
+    size_t i, v0, v1;
+    mbedtls_mpi_uint r0 = 0, r1;
+    MPI_VALIDATE_RET(X != NULL);
+
+    v0 = count /  biL;
+    v1 = count & (biL - 1);
+
+    if (v0 > X->n || (v0 == X->n && v1 > 0)) {
+        return mbedtls_mpi_lset(X, 0);
+    }
+
+    /*
+     * shift by count / limb_size
+     */
+    if (v0 > 0) {
+        for (i = 0; i < X->n - v0; i++) {
+            X->p[i] = X->p[i + v0];
+        }
+
+        for (; i < X->n; i++) {
+            X->p[i] = 0;
+        }
+    }
+
+    /*
+     * shift by count % limb_size
+     */
+    if (v1 > 0) {
+        for (i = X->n; i > 0; i--) {
+            r1 = X->p[i - 1] << (biL - v1);
+            X->p[i - 1] >>= v1;
+            X->p[i - 1] |= r0;
+            r0 = r1;
+        }
+    }
+
+    return 0;
+}
+
+/*
+ * Compare unsigned values
+ */
+int mbedtls_mpi_cmp_abs(const mbedtls_mpi *X, const mbedtls_mpi *Y)
+{
+    size_t i, j;
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(Y != NULL);
+
+    for (i = X->n; i > 0; i--) {
+        if (X->p[i - 1] != 0) {
+            break;
+        }
+    }
+
+    for (j = Y->n; j > 0; j--) {
+        if (Y->p[j - 1] != 0) {
+            break;
+        }
+    }
+
+    if (i == 0 && j == 0) {
+        return 0;
+    }
+
+    if (i > j) {
+        return 1;
+    }
+    if (j > i) {
+        return -1;
+    }
+
+    for (; i > 0; i--) {
+        if (X->p[i - 1] > Y->p[i - 1]) {
+            return 1;
+        }
+        if (X->p[i - 1] < Y->p[i - 1]) {
+            return -1;
+        }
+    }
+
+    return 0;
+}
+
+/*
+ * Compare signed values
+ */
+int mbedtls_mpi_cmp_mpi(const mbedtls_mpi *X, const mbedtls_mpi *Y)
+{
+    size_t i, j;
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(Y != NULL);
+
+    for (i = X->n; i > 0; i--) {
+        if (X->p[i - 1] != 0) {
+            break;
+        }
+    }
+
+    for (j = Y->n; j > 0; j--) {
+        if (Y->p[j - 1] != 0) {
+            break;
+        }
+    }
+
+    if (i == 0 && j == 0) {
+        return 0;
+    }
+
+    if (i > j) {
+        return X->s;
+    }
+    if (j > i) {
+        return -Y->s;
+    }
+
+    if (X->s > 0 && Y->s < 0) {
+        return 1;
+    }
+    if (Y->s > 0 && X->s < 0) {
+        return -1;
+    }
+
+    for (; i > 0; i--) {
+        if (X->p[i - 1] > Y->p[i - 1]) {
+            return X->s;
+        }
+        if (X->p[i - 1] < Y->p[i - 1]) {
+            return -X->s;
+        }
+    }
+
+    return 0;
+}
+
+/*
+ * Compare signed values
+ */
+int mbedtls_mpi_cmp_int(const mbedtls_mpi *X, mbedtls_mpi_sint z)
+{
+    mbedtls_mpi Y;
+    mbedtls_mpi_uint p[1];
+    MPI_VALIDATE_RET(X != NULL);
+
+    *p  = mpi_sint_abs(z);
+    Y.s = (z < 0) ? -1 : 1;
+    Y.n = 1;
+    Y.p = p;
+
+    return mbedtls_mpi_cmp_mpi(X, &Y);
+}
+
+/*
+ * Unsigned addition: X = |A| + |B|  (HAC 14.7)
+ */
+int mbedtls_mpi_add_abs(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t i, j;
+    mbedtls_mpi_uint *o, *p, c, tmp;
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(A != NULL);
+    MPI_VALIDATE_RET(B != NULL);
+
+    if (X == B) {
+        const mbedtls_mpi *T = A; A = X; B = T;
+    }
+
+    if (X != A) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_copy(X, A));
+    }
+
+    /*
+     * X should always be positive as a result of unsigned additions.
+     */
+    X->s = 1;
+
+    for (j = B->n; j > 0; j--) {
+        if (B->p[j - 1] != 0) {
+            break;
+        }
+    }
+
+    /* Exit early to avoid undefined behavior on NULL+0 when X->n == 0
+     * and B is 0 (of any size). */
+    if (j == 0) {
+        return 0;
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, j));
+
+    o = B->p; p = X->p; c = 0;
+
+    /*
+     * tmp is used because it might happen that p == o
+     */
+    for (i = 0; i < j; i++, o++, p++) {
+        tmp = *o;
+        *p +=  c; c  = (*p <  c);
+        *p += tmp; c += (*p < tmp);
+    }
+
+    while (c != 0) {
+        if (i >= X->n) {
+            MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, i + 1));
+            p = X->p + i;
+        }
+
+        *p += c; c = (*p < c); i++; p++;
+    }
+
+cleanup:
+
+    return ret;
+}
+
+/**
+ * Helper for mbedtls_mpi subtraction.
+ *
+ * Calculate l - r where l and r have the same size.
+ * This function operates modulo (2^ciL)^n and returns the carry
+ * (1 if there was a wraparound, i.e. if `l < r`, and 0 otherwise).
+ *
+ * d may be aliased to l or r.
+ *
+ * \param n             Number of limbs of \p d, \p l and \p r.
+ * \param[out] d        The result of the subtraction.
+ * \param[in] l         The left operand.
+ * \param[in] r         The right operand.
+ *
+ * \return              1 if `l < r`.
+ *                      0 if `l >= r`.
+ */
+static mbedtls_mpi_uint mpi_sub_hlp(size_t n,
+                                    mbedtls_mpi_uint *d,
+                                    const mbedtls_mpi_uint *l,
+                                    const mbedtls_mpi_uint *r)
+{
+    size_t i;
+    mbedtls_mpi_uint c = 0, t, z;
+
+    for (i = 0; i < n; i++) {
+        z = (l[i] <  c);    t = l[i] - c;
+        c = (t < r[i]) + z; d[i] = t - r[i];
+    }
+
+    return c;
+}
+
+/*
+ * Unsigned subtraction: X = |A| - |B|  (HAC 14.9, 14.10)
+ */
+int mbedtls_mpi_sub_abs(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t n;
+    mbedtls_mpi_uint carry;
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(A != NULL);
+    MPI_VALIDATE_RET(B != NULL);
+
+    for (n = B->n; n > 0; n--) {
+        if (B->p[n - 1] != 0) {
+            break;
+        }
+    }
+    if (n > A->n) {
+        /* B >= (2^ciL)^n > A */
+        ret = MBEDTLS_ERR_MPI_NEGATIVE_VALUE;
+        goto cleanup;
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, A->n));
+
+    /* Set the high limbs of X to match A. Don't touch the lower limbs
+     * because X might be aliased to B, and we must not overwrite the
+     * significant digits of B. */
+    if (A->n > n && A != X) {
+        memcpy(X->p + n, A->p + n, (A->n - n) * ciL);
+    }
+    if (X->n > A->n) {
+        memset(X->p + A->n, 0, (X->n - A->n) * ciL);
+    }
+
+    carry = mpi_sub_hlp(n, X->p, A->p, B->p);
+    if (carry != 0) {
+        /* Propagate the carry to the first nonzero limb of X. */
+        for (; n < X->n && X->p[n] == 0; n++) {
+            --X->p[n];
+        }
+        /* If we ran out of space for the carry, it means that the result
+         * is negative. */
+        if (n == X->n) {
+            ret = MBEDTLS_ERR_MPI_NEGATIVE_VALUE;
+            goto cleanup;
+        }
+        --X->p[n];
+    }
+
+    /* X should always be positive as a result of unsigned subtractions. */
+    X->s = 1;
+
+cleanup:
+    return ret;
+}
+
+/* Common function for signed addition and subtraction.
+ * Calculate A + B * flip_B where flip_B is 1 or -1.
+ */
+static int add_sub_mpi(mbedtls_mpi *X,
+                       const mbedtls_mpi *A, const mbedtls_mpi *B,
+                       int flip_B)
+{
+    int ret, s;
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(A != NULL);
+    MPI_VALIDATE_RET(B != NULL);
+
+    s = A->s;
+    if (A->s * B->s * flip_B < 0) {
+        int cmp = mbedtls_mpi_cmp_abs(A, B);
+        if (cmp >= 0) {
+            MBEDTLS_MPI_CHK(mbedtls_mpi_sub_abs(X, A, B));
+            /* If |A| = |B|, the result is 0 and we must set the sign bit
+             * to +1 regardless of which of A or B was negative. Otherwise,
+             * since |A| > |B|, the sign is the sign of A. */
+            X->s = cmp == 0 ? 1 : s;
+        } else {
+            MBEDTLS_MPI_CHK(mbedtls_mpi_sub_abs(X, B, A));
+            /* Since |A| < |B|, the sign is the opposite of A. */
+            X->s = -s;
+        }
+    } else {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_add_abs(X, A, B));
+        X->s = s;
+    }
+
+cleanup:
+
+    return ret;
+}
+
+/*
+ * Signed addition: X = A + B
+ */
+int mbedtls_mpi_add_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B)
+{
+    return add_sub_mpi(X, A, B, 1);
+}
+
+/*
+ * Signed subtraction: X = A - B
+ */
+int mbedtls_mpi_sub_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B)
+{
+    return add_sub_mpi(X, A, B, -1);
+}
+
+/*
+ * Signed addition: X = A + b
+ */
+int mbedtls_mpi_add_int(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b)
+{
+    mbedtls_mpi B;
+    mbedtls_mpi_uint p[1];
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(A != NULL);
+
+    p[0] = mpi_sint_abs(b);
+    B.s = (b < 0) ? -1 : 1;
+    B.n = 1;
+    B.p = p;
+
+    return mbedtls_mpi_add_mpi(X, A, &B);
+}
+
+/*
+ * Signed subtraction: X = A - b
+ */
+int mbedtls_mpi_sub_int(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b)
+{
+    mbedtls_mpi B;
+    mbedtls_mpi_uint p[1];
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(A != NULL);
+
+    p[0] = mpi_sint_abs(b);
+    B.s = (b < 0) ? -1 : 1;
+    B.n = 1;
+    B.p = p;
+
+    return mbedtls_mpi_sub_mpi(X, A, &B);
+}
+
+/** Helper for mbedtls_mpi multiplication.
+ *
+ * Add \p b * \p s to \p d.
+ *
+ * \param i             The number of limbs of \p s.
+ * \param[in] s         A bignum to multiply, of size \p i.
+ *                      It may overlap with \p d, but only if
+ *                      \p d <= \p s.
+ *                      Its leading limb must not be \c 0.
+ * \param[in,out] d     The bignum to add to.
+ *                      It must be sufficiently large to store the
+ *                      result of the multiplication. This means
+ *                      \p i + 1 limbs if \p d[\p i - 1] started as 0 and \p b
+ *                      is not known a priori.
+ * \param b             A scalar to multiply.
+ */
+static
+#if defined(__APPLE__) && defined(__arm__)
+/*
+ * Apple LLVM version 4.2 (clang-425.0.24) (based on LLVM 3.2svn)
+ * appears to need this to prevent bad ARM code generation at -O3.
+ */
+__attribute__((noinline))
+#endif
+void mpi_mul_hlp(size_t i,
+                 const mbedtls_mpi_uint *s,
+                 mbedtls_mpi_uint *d,
+                 mbedtls_mpi_uint b)
+{
+    mbedtls_mpi_uint c = 0, t = 0;
+    (void) t;                   /* Unused in some architectures */
+
+#if defined(MULADDC_HUIT)
+    for (; i >= 8; i -= 8) {
+        MULADDC_INIT
+        MULADDC_HUIT
+            MULADDC_STOP
+    }
+
+    for (; i > 0; i--) {
+        MULADDC_INIT
+        MULADDC_CORE
+            MULADDC_STOP
+    }
+#else /* MULADDC_HUIT */
+    for (; i >= 16; i -= 16) {
+        MULADDC_INIT
+        MULADDC_CORE   MULADDC_CORE
+        MULADDC_CORE   MULADDC_CORE
+        MULADDC_CORE   MULADDC_CORE
+        MULADDC_CORE   MULADDC_CORE
+
+        MULADDC_CORE   MULADDC_CORE
+        MULADDC_CORE   MULADDC_CORE
+        MULADDC_CORE   MULADDC_CORE
+        MULADDC_CORE   MULADDC_CORE
+            MULADDC_STOP
+    }
+
+    for (; i >= 8; i -= 8) {
+        MULADDC_INIT
+        MULADDC_CORE   MULADDC_CORE
+        MULADDC_CORE   MULADDC_CORE
+
+        MULADDC_CORE   MULADDC_CORE
+        MULADDC_CORE   MULADDC_CORE
+            MULADDC_STOP
+    }
+
+    for (; i > 0; i--) {
+        MULADDC_INIT
+        MULADDC_CORE
+            MULADDC_STOP
+    }
+#endif /* MULADDC_HUIT */
+
+    while (c != 0) {
+        *d += c; c = (*d < c); d++;
+    }
+}
+
+/*
+ * Baseline multiplication: X = A * B  (HAC 14.12)
+ */
+int mbedtls_mpi_mul_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t i, j;
+    mbedtls_mpi TA, TB;
+    int result_is_zero = 0;
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(A != NULL);
+    MPI_VALIDATE_RET(B != NULL);
+
+    mbedtls_mpi_init(&TA); mbedtls_mpi_init(&TB);
+
+    if (X == A) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TA, A)); A = &TA;
+    }
+    if (X == B) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TB, B)); B = &TB;
+    }
+
+    for (i = A->n; i > 0; i--) {
+        if (A->p[i - 1] != 0) {
+            break;
+        }
+    }
+    if (i == 0) {
+        result_is_zero = 1;
+    }
+
+    for (j = B->n; j > 0; j--) {
+        if (B->p[j - 1] != 0) {
+            break;
+        }
+    }
+    if (j == 0) {
+        result_is_zero = 1;
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, i + j));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(X, 0));
+
+    for (; j > 0; j--) {
+        mpi_mul_hlp(i, A->p, X->p + j - 1, B->p[j - 1]);
+    }
+
+    /* If the result is 0, we don't shortcut the operation, which reduces
+     * but does not eliminate side channels leaking the zero-ness. We do
+     * need to take care to set the sign bit properly since the library does
+     * not fully support an MPI object with a value of 0 and s == -1. */
+    if (result_is_zero) {
+        X->s = 1;
+    } else {
+        X->s = A->s * B->s;
+    }
+
+cleanup:
+
+    mbedtls_mpi_free(&TB); mbedtls_mpi_free(&TA);
+
+    return ret;
+}
+
+/*
+ * Baseline multiplication: X = A * b
+ */
+int mbedtls_mpi_mul_int(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint b)
+{
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(A != NULL);
+
+    /* mpi_mul_hlp can't deal with a leading 0. */
+    size_t n = A->n;
+    while (n > 0 && A->p[n - 1] == 0) {
+        --n;
+    }
+
+    /* The general method below doesn't work if n==0 or b==0. By chance
+     * calculating the result is trivial in those cases. */
+    if (b == 0 || n == 0) {
+        return mbedtls_mpi_lset(X, 0);
+    }
+
+    /* Calculate A*b as A + A*(b-1) to take advantage of mpi_mul_hlp */
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    /* In general, A * b requires 1 limb more than b. If
+     * A->p[n - 1] * b / b == A->p[n - 1], then A * b fits in the same
+     * number of limbs as A and the call to grow() is not required since
+     * copy() will take care of the growth if needed. However, experimentally,
+     * making the call to grow() unconditional causes slightly fewer
+     * calls to calloc() in ECP code, presumably because it reuses the
+     * same mpi for a while and this way the mpi is more likely to directly
+     * grow to its final size. */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, n + 1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(X, A));
+    mpi_mul_hlp(n, A->p, X->p, b - 1);
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Unsigned integer divide - double mbedtls_mpi_uint dividend, u1/u0, and
+ * mbedtls_mpi_uint divisor, d
+ */
+static mbedtls_mpi_uint mbedtls_int_div_int(mbedtls_mpi_uint u1,
+                                            mbedtls_mpi_uint u0,
+                                            mbedtls_mpi_uint d,
+                                            mbedtls_mpi_uint *r)
+{
+#if defined(MBEDTLS_HAVE_UDBL)
+    mbedtls_t_udbl dividend, quotient;
+#else
+    const mbedtls_mpi_uint radix = (mbedtls_mpi_uint) 1 << biH;
+    const mbedtls_mpi_uint uint_halfword_mask = ((mbedtls_mpi_uint) 1 << biH) - 1;
+    mbedtls_mpi_uint d0, d1, q0, q1, rAX, r0, quotient;
+    mbedtls_mpi_uint u0_msw, u0_lsw;
+    size_t s;
+#endif
+
+    /*
+     * Check for overflow
+     */
+    if (0 == d || u1 >= d) {
+        if (r != NULL) {
+            *r = ~(mbedtls_mpi_uint) 0u;
+        }
+
+        return ~(mbedtls_mpi_uint) 0u;
+    }
+
+#if defined(MBEDTLS_HAVE_UDBL)
+    dividend  = (mbedtls_t_udbl) u1 << biL;
+    dividend |= (mbedtls_t_udbl) u0;
+    quotient = dividend / d;
+    if (quotient > ((mbedtls_t_udbl) 1 << biL) - 1) {
+        quotient = ((mbedtls_t_udbl) 1 << biL) - 1;
+    }
+
+    if (r != NULL) {
+        *r = (mbedtls_mpi_uint) (dividend - (quotient * d));
+    }
+
+    return (mbedtls_mpi_uint) quotient;
+#else
+
+    /*
+     * Algorithm D, Section 4.3.1 - The Art of Computer Programming
+     *   Vol. 2 - Seminumerical Algorithms, Knuth
+     */
+
+    /*
+     * Normalize the divisor, d, and dividend, u0, u1
+     */
+    s = mbedtls_clz(d);
+    d = d << s;
+
+    u1 = u1 << s;
+    u1 |= (u0 >> (biL - s)) & (-(mbedtls_mpi_sint) s >> (biL - 1));
+    u0 =  u0 << s;
+
+    d1 = d >> biH;
+    d0 = d & uint_halfword_mask;
+
+    u0_msw = u0 >> biH;
+    u0_lsw = u0 & uint_halfword_mask;
+
+    /*
+     * Find the first quotient and remainder
+     */
+    q1 = u1 / d1;
+    r0 = u1 - d1 * q1;
+
+    while (q1 >= radix || (q1 * d0 > radix * r0 + u0_msw)) {
+        q1 -= 1;
+        r0 += d1;
+
+        if (r0 >= radix) {
+            break;
+        }
+    }
+
+    rAX = (u1 * radix) + (u0_msw - q1 * d);
+    q0 = rAX / d1;
+    r0 = rAX - q0 * d1;
+
+    while (q0 >= radix || (q0 * d0 > radix * r0 + u0_lsw)) {
+        q0 -= 1;
+        r0 += d1;
+
+        if (r0 >= radix) {
+            break;
+        }
+    }
+
+    if (r != NULL) {
+        *r = (rAX * radix + u0_lsw - q0 * d) >> s;
+    }
+
+    quotient = q1 * radix + q0;
+
+    return quotient;
+#endif
+}
+
+/*
+ * Division by mbedtls_mpi: A = Q * B + R  (HAC 14.20)
+ */
+int mbedtls_mpi_div_mpi(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
+                        const mbedtls_mpi *B)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t i, n, t, k;
+    mbedtls_mpi X, Y, Z, T1, T2;
+    mbedtls_mpi_uint TP2[3];
+    MPI_VALIDATE_RET(A != NULL);
+    MPI_VALIDATE_RET(B != NULL);
+
+    if (mbedtls_mpi_cmp_int(B, 0) == 0) {
+        return MBEDTLS_ERR_MPI_DIVISION_BY_ZERO;
+    }
+
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z);
+    mbedtls_mpi_init(&T1);
+    /*
+     * Avoid dynamic memory allocations for constant-size T2.
+     *
+     * T2 is used for comparison only and the 3 limbs are assigned explicitly,
+     * so nobody increase the size of the MPI and we're safe to use an on-stack
+     * buffer.
+     */
+    T2.s = 1;
+    T2.n = sizeof(TP2) / sizeof(*TP2);
+    T2.p = TP2;
+
+    if (mbedtls_mpi_cmp_abs(A, B) < 0) {
+        if (Q != NULL) {
+            MBEDTLS_MPI_CHK(mbedtls_mpi_lset(Q, 0));
+        }
+        if (R != NULL) {
+            MBEDTLS_MPI_CHK(mbedtls_mpi_copy(R, A));
+        }
+        return 0;
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&X, A));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&Y, B));
+    X.s = Y.s = 1;
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&Z, A->n + 2));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&Z,  0));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&T1, A->n + 2));
+
+    k = mbedtls_mpi_bitlen(&Y) % biL;
+    if (k < biL - 1) {
+        k = biL - 1 - k;
+        MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&X, k));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&Y, k));
+    } else {
+        k = 0;
+    }
+
+    n = X.n - 1;
+    t = Y.n - 1;
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&Y, biL * (n - t)));
+
+    while (mbedtls_mpi_cmp_mpi(&X, &Y) >= 0) {
+        Z.p[n - t]++;
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&X, &X, &Y));
+    }
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&Y, biL * (n - t)));
+
+    for (i = n; i > t; i--) {
+        if (X.p[i] >= Y.p[t]) {
+            Z.p[i - t - 1] = ~(mbedtls_mpi_uint) 0u;
+        } else {
+            Z.p[i - t - 1] = mbedtls_int_div_int(X.p[i], X.p[i - 1],
+                                                 Y.p[t], NULL);
+        }
+
+        T2.p[0] = (i < 2) ? 0 : X.p[i - 2];
+        T2.p[1] = (i < 1) ? 0 : X.p[i - 1];
+        T2.p[2] = X.p[i];
+
+        Z.p[i - t - 1]++;
+        do {
+            Z.p[i - t - 1]--;
+
+            MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&T1, 0));
+            T1.p[0] = (t < 1) ? 0 : Y.p[t - 1];
+            T1.p[1] = Y.p[t];
+            MBEDTLS_MPI_CHK(mbedtls_mpi_mul_int(&T1, &T1, Z.p[i - t - 1]));
+        } while (mbedtls_mpi_cmp_mpi(&T1, &T2) > 0);
+
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_int(&T1, &Y, Z.p[i - t - 1]));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&T1,  biL * (i - t - 1)));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&X, &X, &T1));
+
+        if (mbedtls_mpi_cmp_int(&X, 0) < 0) {
+            MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&T1, &Y));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&T1, biL * (i - t - 1)));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&X, &X, &T1));
+            Z.p[i - t - 1]--;
+        }
+    }
+
+    if (Q != NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_copy(Q, &Z));
+        Q->s = A->s * B->s;
+    }
+
+    if (R != NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&X, k));
+        X.s = A->s;
+        MBEDTLS_MPI_CHK(mbedtls_mpi_copy(R, &X));
+
+        if (mbedtls_mpi_cmp_int(R, 0) == 0) {
+            R->s = 1;
+        }
+    }
+
+cleanup:
+
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z);
+    mbedtls_mpi_free(&T1);
+    mbedtls_platform_zeroize(TP2, sizeof(TP2));
+
+    return ret;
+}
+
+/*
+ * Division by int: A = Q * b + R
+ */
+int mbedtls_mpi_div_int(mbedtls_mpi *Q, mbedtls_mpi *R,
+                        const mbedtls_mpi *A,
+                        mbedtls_mpi_sint b)
+{
+    mbedtls_mpi B;
+    mbedtls_mpi_uint p[1];
+    MPI_VALIDATE_RET(A != NULL);
+
+    p[0] = mpi_sint_abs(b);
+    B.s = (b < 0) ? -1 : 1;
+    B.n = 1;
+    B.p = p;
+
+    return mbedtls_mpi_div_mpi(Q, R, A, &B);
+}
+
+/*
+ * Modulo: R = A mod B
+ */
+int mbedtls_mpi_mod_mpi(mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    MPI_VALIDATE_RET(R != NULL);
+    MPI_VALIDATE_RET(A != NULL);
+    MPI_VALIDATE_RET(B != NULL);
+
+    if (mbedtls_mpi_cmp_int(B, 0) < 0) {
+        return MBEDTLS_ERR_MPI_NEGATIVE_VALUE;
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_div_mpi(NULL, R, A, B));
+
+    while (mbedtls_mpi_cmp_int(R, 0) < 0) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(R, R, B));
+    }
+
+    while (mbedtls_mpi_cmp_mpi(R, B) >= 0) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(R, R, B));
+    }
+
+cleanup:
+
+    return ret;
+}
+
+/*
+ * Modulo: r = A mod b
+ */
+int mbedtls_mpi_mod_int(mbedtls_mpi_uint *r, const mbedtls_mpi *A, mbedtls_mpi_sint b)
+{
+    size_t i;
+    mbedtls_mpi_uint x, y, z;
+    MPI_VALIDATE_RET(r != NULL);
+    MPI_VALIDATE_RET(A != NULL);
+
+    if (b == 0) {
+        return MBEDTLS_ERR_MPI_DIVISION_BY_ZERO;
+    }
+
+    if (b < 0) {
+        return MBEDTLS_ERR_MPI_NEGATIVE_VALUE;
+    }
+
+    /*
+     * handle trivial cases
+     */
+    if (b == 1 || A->n == 0) {
+        *r = 0;
+        return 0;
+    }
+
+    if (b == 2) {
+        *r = A->p[0] & 1;
+        return 0;
+    }
+
+    /*
+     * general case
+     */
+    for (i = A->n, y = 0; i > 0; i--) {
+        x  = A->p[i - 1];
+        y  = (y << biH) | (x >> biH);
+        z  = y / b;
+        y -= z * b;
+
+        x <<= biH;
+        y  = (y << biH) | (x >> biH);
+        z  = y / b;
+        y -= z * b;
+    }
+
+    /*
+     * If A is negative, then the current y represents a negative value.
+     * Flipping it to the positive side.
+     */
+    if (A->s < 0 && y != 0) {
+        y = b - y;
+    }
+
+    *r = y;
+
+    return 0;
+}
+
+/*
+ * Fast Montgomery initialization (thanks to Tom St Denis)
+ */
+mbedtls_mpi_uint mbedtls_mpi_montmul_init(const mbedtls_mpi_uint *N)
+{
+    mbedtls_mpi_uint x = N[0];
+
+    x += ((N[0] + 2) & 4) << 1;
+
+    for (unsigned int i = biL; i >= 8; i /= 2) {
+        x *= (2 - (N[0] * x));
+    }
+
+    return ~x + 1;
+}
+
+void mbedtls_mpi_montmul(mbedtls_mpi *A,
+                         const mbedtls_mpi *B,
+                         const mbedtls_mpi *N,
+                         mbedtls_mpi_uint mm,
+                         const mbedtls_mpi *T)
+{
+    size_t i, n, m;
+    mbedtls_mpi_uint u0, u1, *d;
+
+    memset(T->p, 0, T->n * ciL);
+
+    d = T->p;
+    n = N->n;
+    m = (B->n < n) ? B->n : n;
+
+    for (i = 0; i < n; i++) {
+        /*
+         * T = (T + u0*B + u1*N) / 2^biL
+         */
+        u0 = A->p[i];
+        u1 = (d[0] + u0 * B->p[0]) * mm;
+
+        mpi_mul_hlp(m, B->p, d, u0);
+        mpi_mul_hlp(n, N->p, d, u1);
+
+        *d++ = u0; d[n + 1] = 0;
+    }
+
+    /* At this point, d is either the desired result or the desired result
+     * plus N. We now potentially subtract N, avoiding leaking whether the
+     * subtraction is performed through side channels. */
+
+    /* Copy the n least significant limbs of d to A, so that
+     * A = d if d < N (recall that N has n limbs). */
+    memcpy(A->p, d, n * ciL);
+    /* If d >= N then we want to set A to d - N. To prevent timing attacks,
+     * do the calculation without using conditional tests. */
+    /* Set d to d0 + (2^biL)^n - N where d0 is the current value of d. */
+    d[n] += 1;
+    d[n] -= mpi_sub_hlp(n, d, d, N->p);
+    /* If d0 < N then d < (2^biL)^n
+     * so d[n] == 0 and we want to keep A as it is.
+     * If d0 >= N then d >= (2^biL)^n, and d <= (2^biL)^n + N < 2 * (2^biL)^n
+     * so d[n] == 1 and we want to set A to the result of the subtraction
+     * which is d - (2^biL)^n, i.e. the n least significant limbs of d.
+     * This exactly corresponds to a conditional assignment. */
+    mbedtls_ct_mpi_uint_cond_assign(n, A->p, d, (unsigned char) d[n]);
+}
+
+/*
+ * Montgomery reduction: A = A * R^-1 mod N
+ *
+ * See mbedtls_mpi_montmul() regarding constraints and guarantees on the
+ * parameters.
+ */
+static void mpi_montred(mbedtls_mpi *A, const mbedtls_mpi *N,
+                        mbedtls_mpi_uint mm, const mbedtls_mpi *T)
+{
+    mbedtls_mpi_uint z = 1;
+    mbedtls_mpi U;
+
+    U.n = U.s = (int) z;
+    U.p = &z;
+
+    mbedtls_mpi_montmul(A, &U, N, mm, T);
+}
+
+/**
+ * Select an MPI from a table without leaking the index.
+ *
+ * This is functionally equivalent to mbedtls_mpi_copy(R, T[idx]) except it
+ * reads the entire table in order to avoid leaking the value of idx to an
+ * attacker able to observe memory access patterns.
+ *
+ * \param[out] R        Where to write the selected MPI.
+ * \param[in] T         The table to read from.
+ * \param[in] T_size    The number of elements in the table.
+ * \param[in] idx       The index of the element to select;
+ *                      this must satisfy 0 <= idx < T_size.
+ *
+ * \return \c 0 on success, or a negative error code.
+ */
+static int mpi_select(mbedtls_mpi *R, const mbedtls_mpi *T, size_t T_size, size_t idx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    for (size_t i = 0; i < T_size; i++) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_assign(R, &T[i],
+                                                     (unsigned char) mbedtls_ct_size_bool_eq(i,
+                                                                                             idx)));
+    }
+
+cleanup:
+    return ret;
+}
+
+int mbedtls_mpi_get_mont_r2_unsafe(mbedtls_mpi *X,
+                                   const mbedtls_mpi *N)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(X, 1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(X, N->n * 2 * biL));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(X, X, N));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shrink(X, N->n));
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Sliding-window exponentiation: X = A^E mod N  (HAC 14.85)
+ */
+int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        const mbedtls_mpi *E, const mbedtls_mpi *N,
+                        mbedtls_mpi *prec_RR)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t window_bitsize;
+    size_t i, j, nblimbs;
+    size_t bufsize, nbits;
+    size_t exponent_bits_in_window = 0;
+    mbedtls_mpi_uint ei, mm, state;
+    mbedtls_mpi RR, T, W[(size_t) 1 << MBEDTLS_MPI_WINDOW_SIZE], WW, Apos;
+    int neg;
+
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(A != NULL);
+    MPI_VALIDATE_RET(E != NULL);
+    MPI_VALIDATE_RET(N != NULL);
+
+    if (mbedtls_mpi_cmp_int(N, 0) <= 0 || (N->p[0] & 1) == 0) {
+        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+
+    if (mbedtls_mpi_cmp_int(E, 0) < 0) {
+        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+
+    if (mbedtls_mpi_bitlen(E) > MBEDTLS_MPI_MAX_BITS ||
+        mbedtls_mpi_bitlen(N) > MBEDTLS_MPI_MAX_BITS) {
+        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+
+    /*
+     * Init temps and window size
+     */
+    mm = mbedtls_mpi_montmul_init(N->p);
+    mbedtls_mpi_init(&RR); mbedtls_mpi_init(&T);
+    mbedtls_mpi_init(&Apos);
+    mbedtls_mpi_init(&WW);
+    memset(W, 0, sizeof(W));
+
+    i = mbedtls_mpi_bitlen(E);
+
+    window_bitsize = (i > 671) ? 6 : (i > 239) ? 5 :
+                     (i >  79) ? 4 : (i >  23) ? 3 : 1;
+
+#if (MBEDTLS_MPI_WINDOW_SIZE < 6)
+    if (window_bitsize > MBEDTLS_MPI_WINDOW_SIZE) {
+        window_bitsize = MBEDTLS_MPI_WINDOW_SIZE;
+    }
+#endif
+
+    const size_t w_table_used_size = (size_t) 1 << window_bitsize;
+
+    /*
+     * This function is not constant-trace: its memory accesses depend on the
+     * exponent value. To defend against timing attacks, callers (such as RSA
+     * and DHM) should use exponent blinding. However this is not enough if the
+     * adversary can find the exponent in a single trace, so this function
+     * takes extra precautions against adversaries who can observe memory
+     * access patterns.
+     *
+     * This function performs a series of multiplications by table elements and
+     * squarings, and we want the prevent the adversary from finding out which
+     * table element was used, and from distinguishing between multiplications
+     * and squarings. Firstly, when multiplying by an element of the window
+     * W[i], we do a constant-trace table lookup to obfuscate i. This leaves
+     * squarings as having a different memory access patterns from other
+     * multiplications. So secondly, we put the accumulator in the table as
+     * well, and also do a constant-trace table lookup to multiply by the
+     * accumulator which is W[x_index].
+     *
+     * This way, all multiplications take the form of a lookup-and-multiply.
+     * The number of lookup-and-multiply operations inside each iteration of
+     * the main loop still depends on the bits of the exponent, but since the
+     * other operations in the loop don't have an easily recognizable memory
+     * trace, an adversary is unlikely to be able to observe the exact
+     * patterns.
+     *
+     * An adversary may still be able to recover the exponent if they can
+     * observe both memory accesses and branches. However, branch prediction
+     * exploitation typically requires many traces of execution over the same
+     * data, which is defeated by randomized blinding.
+     */
+    const size_t x_index = 0;
+    mbedtls_mpi_init(&W[x_index]);
+
+    j = N->n + 1;
+    /* All W[i] including the accumulator must have at least N->n limbs for
+     * the mbedtls_mpi_montmul() and mpi_montred() calls later. Here we ensure
+     * that W[1] and the accumulator W[x_index] are large enough. later we'll
+     * grow other W[i] to the same length. They must not be shrunk midway
+     * through this function!
+     */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&W[x_index], j));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&W[1],  j));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&T, j * 2));
+
+    /*
+     * Compensate for negative A (and correct at the end)
+     */
+    neg = (A->s == -1);
+    if (neg) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&Apos, A));
+        Apos.s = 1;
+        A = &Apos;
+    }
+
+    /*
+     * If 1st call, pre-compute R^2 mod N
+     */
+    if (prec_RR == NULL || prec_RR->p == NULL) {
+        mbedtls_mpi_get_mont_r2_unsafe(&RR, N);
+
+        if (prec_RR != NULL) {
+            memcpy(prec_RR, &RR, sizeof(mbedtls_mpi));
+        }
+    } else {
+        memcpy(&RR, prec_RR, sizeof(mbedtls_mpi));
+    }
+
+    /*
+     * W[1] = A * R^2 * R^-1 mod N = A * R mod N
+     */
+    if (mbedtls_mpi_cmp_mpi(A, N) >= 0) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&W[1], A, N));
+        /* This should be a no-op because W[1] is already that large before
+         * mbedtls_mpi_mod_mpi(), but it's necessary to avoid an overflow
+         * in mbedtls_mpi_montmul() below, so let's make sure. */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&W[1], N->n + 1));
+    } else {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&W[1], A));
+    }
+
+    /* Note that this is safe because W[1] always has at least N->n limbs
+     * (it grew above and was preserved by mbedtls_mpi_copy()). */
+    mbedtls_mpi_montmul(&W[1], &RR, N, mm, &T);
+
+    /*
+     * W[x_index] = R^2 * R^-1 mod N = R mod N
+     */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&W[x_index], &RR));
+    mpi_montred(&W[x_index], N, mm, &T);
+
+
+    if (window_bitsize > 1) {
+        /*
+         * W[i] = W[1] ^ i
+         *
+         * The first bit of the sliding window is always 1 and therefore we
+         * only need to store the second half of the table.
+         *
+         * (There are two special elements in the table: W[0] for the
+         * accumulator/result and W[1] for A in Montgomery form. Both of these
+         * are already set at this point.)
+         */
+        j = w_table_used_size / 2;
+
+        MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&W[j], N->n + 1));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&W[j], &W[1]));
+
+        for (i = 0; i < window_bitsize - 1; i++) {
+            mbedtls_mpi_montmul(&W[j], &W[j], N, mm, &T);
+        }
+
+        /*
+         * W[i] = W[i - 1] * W[1]
+         */
+        for (i = j + 1; i < w_table_used_size; i++) {
+            MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&W[i], N->n + 1));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&W[i], &W[i - 1]));
+
+            mbedtls_mpi_montmul(&W[i], &W[1], N, mm, &T);
+        }
+    }
+
+    nblimbs = E->n;
+    bufsize = 0;
+    nbits   = 0;
+    state   = 0;
+
+    while (1) {
+        if (bufsize == 0) {
+            if (nblimbs == 0) {
+                break;
+            }
+
+            nblimbs--;
+
+            bufsize = sizeof(mbedtls_mpi_uint) << 3;
+        }
+
+        bufsize--;
+
+        ei = (E->p[nblimbs] >> bufsize) & 1;
+
+        /*
+         * skip leading 0s
+         */
+        if (ei == 0 && state == 0) {
+            continue;
+        }
+
+        if (ei == 0 && state == 1) {
+            /*
+             * out of window, square W[x_index]
+             */
+            MBEDTLS_MPI_CHK(mpi_select(&WW, W, w_table_used_size, x_index));
+            mbedtls_mpi_montmul(&W[x_index], &WW, N, mm, &T);
+            continue;
+        }
+
+        /*
+         * add ei to current window
+         */
+        state = 2;
+
+        nbits++;
+        exponent_bits_in_window |= (ei << (window_bitsize - nbits));
+
+        if (nbits == window_bitsize) {
+            /*
+             * W[x_index] = W[x_index]^window_bitsize R^-1 mod N
+             */
+            for (i = 0; i < window_bitsize; i++) {
+                MBEDTLS_MPI_CHK(mpi_select(&WW, W, w_table_used_size,
+                                           x_index));
+                mbedtls_mpi_montmul(&W[x_index], &WW, N, mm, &T);
+            }
+
+            /*
+             * W[x_index] = W[x_index] * W[exponent_bits_in_window] R^-1 mod N
+             */
+            MBEDTLS_MPI_CHK(mpi_select(&WW, W, w_table_used_size,
+                                       exponent_bits_in_window));
+            mbedtls_mpi_montmul(&W[x_index], &WW, N, mm, &T);
+
+            state--;
+            nbits = 0;
+            exponent_bits_in_window = 0;
+        }
+    }
+
+    /*
+     * process the remaining bits
+     */
+    for (i = 0; i < nbits; i++) {
+        MBEDTLS_MPI_CHK(mpi_select(&WW, W, w_table_used_size, x_index));
+        mbedtls_mpi_montmul(&W[x_index], &WW, N, mm, &T);
+
+        exponent_bits_in_window <<= 1;
+
+        if ((exponent_bits_in_window & ((size_t) 1 << window_bitsize)) != 0) {
+            MBEDTLS_MPI_CHK(mpi_select(&WW, W, w_table_used_size, 1));
+            mbedtls_mpi_montmul(&W[x_index], &WW, N, mm, &T);
+        }
+    }
+
+    /*
+     * W[x_index] = A^E * R * R^-1 mod N = A^E mod N
+     */
+    mpi_montred(&W[x_index], N, mm, &T);
+
+    if (neg && E->n != 0 && (E->p[0] & 1) != 0) {
+        W[x_index].s = -1;
+        MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&W[x_index], N, &W[x_index]));
+    }
+
+    /*
+     * Load the result in the output variable.
+     */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(X, &W[x_index]));
+
+cleanup:
+
+    /* The first bit of the sliding window is always 1 and therefore the first
+     * half of the table was unused. */
+    for (i = w_table_used_size/2; i < w_table_used_size; i++) {
+        mbedtls_mpi_free(&W[i]);
+    }
+
+    mbedtls_mpi_free(&W[x_index]);
+    mbedtls_mpi_free(&W[1]);
+    mbedtls_mpi_free(&T);
+    mbedtls_mpi_free(&Apos);
+    mbedtls_mpi_free(&WW);
+
+    if (prec_RR == NULL || prec_RR->p == NULL) {
+        mbedtls_mpi_free(&RR);
+    }
+
+    return ret;
+}
+
+/*
+ * Greatest common divisor: G = gcd(A, B)  (HAC 14.54)
+ */
+int mbedtls_mpi_gcd(mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t lz, lzt;
+    mbedtls_mpi TA, TB;
+
+    MPI_VALIDATE_RET(G != NULL);
+    MPI_VALIDATE_RET(A != NULL);
+    MPI_VALIDATE_RET(B != NULL);
+
+    mbedtls_mpi_init(&TA); mbedtls_mpi_init(&TB);
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TA, A));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TB, B));
+
+    lz = mbedtls_mpi_lsb(&TA);
+    lzt = mbedtls_mpi_lsb(&TB);
+
+    /* The loop below gives the correct result when A==0 but not when B==0.
+     * So have a special case for B==0. Leverage the fact that we just
+     * calculated the lsb and lsb(B)==0 iff B is odd or 0 to make the test
+     * slightly more efficient than cmp_int(). */
+    if (lzt == 0 && mbedtls_mpi_get_bit(&TB, 0) == 0) {
+        ret = mbedtls_mpi_copy(G, A);
+        goto cleanup;
+    }
+
+    if (lzt < lz) {
+        lz = lzt;
+    }
+
+    TA.s = TB.s = 1;
+
+    /* We mostly follow the procedure described in HAC 14.54, but with some
+     * minor differences:
+     * - Sequences of multiplications or divisions by 2 are grouped into a
+     *   single shift operation.
+     * - The procedure in HAC assumes that 0 < TB <= TA.
+     *     - The condition TB <= TA is not actually necessary for correctness.
+     *       TA and TB have symmetric roles except for the loop termination
+     *       condition, and the shifts at the beginning of the loop body
+     *       remove any significance from the ordering of TA vs TB before
+     *       the shifts.
+     *     - If TA = 0, the loop goes through 0 iterations and the result is
+     *       correctly TB.
+     *     - The case TB = 0 was short-circuited above.
+     *
+     * For the correctness proof below, decompose the original values of
+     * A and B as
+     *   A = sa * 2^a * A' with A'=0 or A' odd, and sa = +-1
+     *   B = sb * 2^b * B' with B'=0 or B' odd, and sb = +-1
+     * Then gcd(A, B) = 2^{min(a,b)} * gcd(A',B'),
+     * and gcd(A',B') is odd or 0.
+     *
+     * At the beginning, we have TA = |A| and TB = |B| so gcd(A,B) = gcd(TA,TB).
+     * The code maintains the following invariant:
+     *     gcd(A,B) = 2^k * gcd(TA,TB) for some k   (I)
+     */
+
+    /* Proof that the loop terminates:
+     * At each iteration, either the right-shift by 1 is made on a nonzero
+     * value and the nonnegative integer bitlen(TA) + bitlen(TB) decreases
+     * by at least 1, or the right-shift by 1 is made on zero and then
+     * TA becomes 0 which ends the loop (TB cannot be 0 if it is right-shifted
+     * since in that case TB is calculated from TB-TA with the condition TB>TA).
+     */
+    while (mbedtls_mpi_cmp_int(&TA, 0) != 0) {
+        /* Divisions by 2 preserve the invariant (I). */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&TA, mbedtls_mpi_lsb(&TA)));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&TB, mbedtls_mpi_lsb(&TB)));
+
+        /* Set either TA or TB to |TA-TB|/2. Since TA and TB are both odd,
+         * TA-TB is even so the division by 2 has an integer result.
+         * Invariant (I) is preserved since any odd divisor of both TA and TB
+         * also divides |TA-TB|/2, and any odd divisor of both TA and |TA-TB|/2
+         * also divides TB, and any odd divisor of both TB and |TA-TB|/2 also
+         * divides TA.
+         */
+        if (mbedtls_mpi_cmp_mpi(&TA, &TB) >= 0) {
+            MBEDTLS_MPI_CHK(mbedtls_mpi_sub_abs(&TA, &TA, &TB));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&TA, 1));
+        } else {
+            MBEDTLS_MPI_CHK(mbedtls_mpi_sub_abs(&TB, &TB, &TA));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&TB, 1));
+        }
+        /* Note that one of TA or TB is still odd. */
+    }
+
+    /* By invariant (I), gcd(A,B) = 2^k * gcd(TA,TB) for some k.
+     * At the loop exit, TA = 0, so gcd(TA,TB) = TB.
+     * - If there was at least one loop iteration, then one of TA or TB is odd,
+     *   and TA = 0, so TB is odd and gcd(TA,TB) = gcd(A',B'). In this case,
+     *   lz = min(a,b) so gcd(A,B) = 2^lz * TB.
+     * - If there was no loop iteration, then A was 0, and gcd(A,B) = B.
+     *   In this case, lz = 0 and B = TB so gcd(A,B) = B = 2^lz * TB as well.
+     */
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&TB, lz));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(G, &TB));
+
+cleanup:
+
+    mbedtls_mpi_free(&TA); mbedtls_mpi_free(&TB);
+
+    return ret;
+}
+
+/* Fill X with n_bytes random bytes.
+ * X must already have room for those bytes.
+ * The ordering of the bytes returned from the RNG is suitable for
+ * deterministic ECDSA (see RFC 6979 §3.3 and mbedtls_mpi_random()).
+ * The size and sign of X are unchanged.
+ * n_bytes must not be 0.
+ */
+static int mpi_fill_random_internal(
+    mbedtls_mpi *X, size_t n_bytes,
+    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const size_t limbs = CHARS_TO_LIMBS(n_bytes);
+    const size_t overhead = (limbs * ciL) - n_bytes;
+
+    if (X->n < limbs) {
+        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+
+    memset(X->p, 0, overhead);
+    memset((unsigned char *) X->p + limbs * ciL, 0, (X->n - limbs) * ciL);
+    MBEDTLS_MPI_CHK(f_rng(p_rng, (unsigned char *) X->p + overhead, n_bytes));
+    mpi_bigendian_to_host(X->p, limbs);
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Fill X with size bytes of random.
+ *
+ * Use a temporary bytes representation to make sure the result is the same
+ * regardless of the platform endianness (useful when f_rng is actually
+ * deterministic, eg for tests).
+ */
+int mbedtls_mpi_fill_random(mbedtls_mpi *X, size_t size,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t const limbs = CHARS_TO_LIMBS(size);
+
+    MPI_VALIDATE_RET(X     != NULL);
+    MPI_VALIDATE_RET(f_rng != NULL);
+
+    /* Ensure that target MPI has exactly the necessary number of limbs */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_resize_clear(X, limbs));
+    if (size == 0) {
+        return 0;
+    }
+
+    ret = mpi_fill_random_internal(X, size, f_rng, p_rng);
+
+cleanup:
+    return ret;
+}
+
+int mbedtls_mpi_random(mbedtls_mpi *X,
+                       mbedtls_mpi_sint min,
+                       const mbedtls_mpi *N,
+                       int (*f_rng)(void *, unsigned char *, size_t),
+                       void *p_rng)
+{
+    int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    int count;
+    unsigned lt_lower = 1, lt_upper = 0;
+    size_t n_bits = mbedtls_mpi_bitlen(N);
+    size_t n_bytes = (n_bits + 7) / 8;
+    mbedtls_mpi lower_bound;
+
+    if (min < 0) {
+        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+    if (mbedtls_mpi_cmp_int(N, min) <= 0) {
+        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+
+    /*
+     * When min == 0, each try has at worst a probability 1/2 of failing
+     * (the msb has a probability 1/2 of being 0, and then the result will
+     * be < N), so after 30 tries failure probability is a most 2**(-30).
+     *
+     * When N is just below a power of 2, as is the case when generating
+     * a random scalar on most elliptic curves, 1 try is enough with
+     * overwhelming probability. When N is just above a power of 2,
+     * as when generating a random scalar on secp224k1, each try has
+     * a probability of failing that is almost 1/2.
+     *
+     * The probabilities are almost the same if min is nonzero but negligible
+     * compared to N. This is always the case when N is crypto-sized, but
+     * it's convenient to support small N for testing purposes. When N
+     * is small, use a higher repeat count, otherwise the probability of
+     * failure is macroscopic.
+     */
+    count = (n_bytes > 4 ? 30 : 250);
+
+    mbedtls_mpi_init(&lower_bound);
+
+    /* Ensure that target MPI has exactly the same number of limbs
+     * as the upper bound, even if the upper bound has leading zeros.
+     * This is necessary for the mbedtls_mpi_lt_mpi_ct() check. */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_resize_clear(X, N->n));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&lower_bound, N->n));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&lower_bound, min));
+
+    /*
+     * Match the procedure given in RFC 6979 §3.3 (deterministic ECDSA)
+     * when f_rng is a suitably parametrized instance of HMAC_DRBG:
+     * - use the same byte ordering;
+     * - keep the leftmost n_bits bits of the generated octet string;
+     * - try until result is in the desired range.
+     * This also avoids any bias, which is especially important for ECDSA.
+     */
+    do {
+        MBEDTLS_MPI_CHK(mpi_fill_random_internal(X, n_bytes, f_rng, p_rng));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(X, 8 * n_bytes - n_bits));
+
+        if (--count == 0) {
+            ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
+            goto cleanup;
+        }
+
+        MBEDTLS_MPI_CHK(mbedtls_mpi_lt_mpi_ct(X, &lower_bound, &lt_lower));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_lt_mpi_ct(X, N, &lt_upper));
+    } while (lt_lower != 0 || lt_upper == 0);
+
+cleanup:
+    mbedtls_mpi_free(&lower_bound);
+    return ret;
+}
+
+/*
+ * Modular inverse: X = A^-1 mod N  (HAC 14.61 / 14.64)
+ */
+int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *N)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_mpi G, TA, TU, U1, U2, TB, TV, V1, V2;
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(A != NULL);
+    MPI_VALIDATE_RET(N != NULL);
+
+    if (mbedtls_mpi_cmp_int(N, 1) <= 0) {
+        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+
+    mbedtls_mpi_init(&TA); mbedtls_mpi_init(&TU); mbedtls_mpi_init(&U1); mbedtls_mpi_init(&U2);
+    mbedtls_mpi_init(&G); mbedtls_mpi_init(&TB); mbedtls_mpi_init(&TV);
+    mbedtls_mpi_init(&V1); mbedtls_mpi_init(&V2);
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(&G, A, N));
+
+    if (mbedtls_mpi_cmp_int(&G, 1) != 0) {
+        ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
+        goto cleanup;
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&TA, A, N));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TU, &TA));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TB, N));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TV, N));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&U1, 1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&U2, 0));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&V1, 0));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&V2, 1));
+
+    do {
+        while ((TU.p[0] & 1) == 0) {
+            MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&TU, 1));
+
+            if ((U1.p[0] & 1) != 0 || (U2.p[0] & 1) != 0) {
+                MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&U1, &U1, &TB));
+                MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&U2, &U2, &TA));
+            }
+
+            MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&U1, 1));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&U2, 1));
+        }
+
+        while ((TV.p[0] & 1) == 0) {
+            MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&TV, 1));
+
+            if ((V1.p[0] & 1) != 0 || (V2.p[0] & 1) != 0) {
+                MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&V1, &V1, &TB));
+                MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&V2, &V2, &TA));
+            }
+
+            MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&V1, 1));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&V2, 1));
+        }
+
+        if (mbedtls_mpi_cmp_mpi(&TU, &TV) >= 0) {
+            MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&TU, &TU, &TV));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&U1, &U1, &V1));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&U2, &U2, &V2));
+        } else {
+            MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&TV, &TV, &TU));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&V1, &V1, &U1));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&V2, &V2, &U2));
+        }
+    } while (mbedtls_mpi_cmp_int(&TU, 0) != 0);
+
+    while (mbedtls_mpi_cmp_int(&V1, 0) < 0) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&V1, &V1, N));
+    }
+
+    while (mbedtls_mpi_cmp_mpi(&V1, N) >= 0) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&V1, &V1, N));
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(X, &V1));
+
+cleanup:
+
+    mbedtls_mpi_free(&TA); mbedtls_mpi_free(&TU); mbedtls_mpi_free(&U1); mbedtls_mpi_free(&U2);
+    mbedtls_mpi_free(&G); mbedtls_mpi_free(&TB); mbedtls_mpi_free(&TV);
+    mbedtls_mpi_free(&V1); mbedtls_mpi_free(&V2);
+
+    return ret;
+}
+
+#if defined(MBEDTLS_GENPRIME)
+
+static const int small_prime[] =
+{
+    3,    5,    7,   11,   13,   17,   19,   23,
+    29,   31,   37,   41,   43,   47,   53,   59,
+    61,   67,   71,   73,   79,   83,   89,   97,
+    101,  103,  107,  109,  113,  127,  131,  137,
+    139,  149,  151,  157,  163,  167,  173,  179,
+    181,  191,  193,  197,  199,  211,  223,  227,
+    229,  233,  239,  241,  251,  257,  263,  269,
+    271,  277,  281,  283,  293,  307,  311,  313,
+    317,  331,  337,  347,  349,  353,  359,  367,
+    373,  379,  383,  389,  397,  401,  409,  419,
+    421,  431,  433,  439,  443,  449,  457,  461,
+    463,  467,  479,  487,  491,  499,  503,  509,
+    521,  523,  541,  547,  557,  563,  569,  571,
+    577,  587,  593,  599,  601,  607,  613,  617,
+    619,  631,  641,  643,  647,  653,  659,  661,
+    673,  677,  683,  691,  701,  709,  719,  727,
+    733,  739,  743,  751,  757,  761,  769,  773,
+    787,  797,  809,  811,  821,  823,  827,  829,
+    839,  853,  857,  859,  863,  877,  881,  883,
+    887,  907,  911,  919,  929,  937,  941,  947,
+    953,  967,  971,  977,  983,  991,  997, -103
+};
+
+/*
+ * Small divisors test (X must be positive)
+ *
+ * Return values:
+ * 0: no small factor (possible prime, more tests needed)
+ * 1: certain prime
+ * MBEDTLS_ERR_MPI_NOT_ACCEPTABLE: certain non-prime
+ * other negative: error
+ */
+static int mpi_check_small_factors(const mbedtls_mpi *X)
+{
+    int ret = 0;
+    size_t i;
+    mbedtls_mpi_uint r;
+
+    if ((X->p[0] & 1) == 0) {
+        return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
+    }
+
+    for (i = 0; small_prime[i] > 0; i++) {
+        if (mbedtls_mpi_cmp_int(X, small_prime[i]) <= 0) {
+            return 1;
+        }
+
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_int(&r, X, small_prime[i]));
+
+        if (r == 0) {
+            return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
+        }
+    }
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Miller-Rabin pseudo-primality test  (HAC 4.24)
+ */
+static int mpi_miller_rabin(const mbedtls_mpi *X, size_t rounds,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng)
+{
+    int ret, count;
+    size_t i, j, k, s;
+    mbedtls_mpi W, R, T, A, RR;
+
+    MPI_VALIDATE_RET(X     != NULL);
+    MPI_VALIDATE_RET(f_rng != NULL);
+
+    mbedtls_mpi_init(&W); mbedtls_mpi_init(&R);
+    mbedtls_mpi_init(&T); mbedtls_mpi_init(&A);
+    mbedtls_mpi_init(&RR);
+
+    /*
+     * W = |X| - 1
+     * R = W >> lsb( W )
+     */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&W, X, 1));
+    s = mbedtls_mpi_lsb(&W);
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R, &W));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&R, s));
+
+    for (i = 0; i < rounds; i++) {
+        /*
+         * pick a random A, 1 < A < |X| - 1
+         */
+        count = 0;
+        do {
+            MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&A, X->n * ciL, f_rng, p_rng));
+
+            j = mbedtls_mpi_bitlen(&A);
+            k = mbedtls_mpi_bitlen(&W);
+            if (j > k) {
+                A.p[A.n - 1] &= ((mbedtls_mpi_uint) 1 << (k - (A.n - 1) * biL - 1)) - 1;
+            }
+
+            if (count++ > 30) {
+                ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
+                goto cleanup;
+            }
+
+        } while (mbedtls_mpi_cmp_mpi(&A, &W) >= 0 ||
+                 mbedtls_mpi_cmp_int(&A, 1)  <= 0);
+
+        /*
+         * A = A^R mod |X|
+         */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&A, &A, &R, X, &RR));
+
+        if (mbedtls_mpi_cmp_mpi(&A, &W) == 0 ||
+            mbedtls_mpi_cmp_int(&A,  1) == 0) {
+            continue;
+        }
+
+        j = 1;
+        while (j < s && mbedtls_mpi_cmp_mpi(&A, &W) != 0) {
+            /*
+             * A = A * A mod |X|
+             */
+            MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&T, &A, &A));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&A, &T, X));
+
+            if (mbedtls_mpi_cmp_int(&A, 1) == 0) {
+                break;
+            }
+
+            j++;
+        }
+
+        /*
+         * not prime if A != |X| - 1 or A == 1
+         */
+        if (mbedtls_mpi_cmp_mpi(&A, &W) != 0 ||
+            mbedtls_mpi_cmp_int(&A,  1) == 0) {
+            ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
+            break;
+        }
+    }
+
+cleanup:
+    mbedtls_mpi_free(&W); mbedtls_mpi_free(&R);
+    mbedtls_mpi_free(&T); mbedtls_mpi_free(&A);
+    mbedtls_mpi_free(&RR);
+
+    return ret;
+}
+
+/*
+ * Pseudo-primality test: small factors, then Miller-Rabin
+ */
+int mbedtls_mpi_is_prime_ext(const mbedtls_mpi *X, int rounds,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_mpi XX;
+    MPI_VALIDATE_RET(X     != NULL);
+    MPI_VALIDATE_RET(f_rng != NULL);
+
+    XX.s = 1;
+    XX.n = X->n;
+    XX.p = X->p;
+
+    if (mbedtls_mpi_cmp_int(&XX, 0) == 0 ||
+        mbedtls_mpi_cmp_int(&XX, 1) == 0) {
+        return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
+    }
+
+    if (mbedtls_mpi_cmp_int(&XX, 2) == 0) {
+        return 0;
+    }
+
+    if ((ret = mpi_check_small_factors(&XX)) != 0) {
+        if (ret == 1) {
+            return 0;
+        }
+
+        return ret;
+    }
+
+    return mpi_miller_rabin(&XX, rounds, f_rng, p_rng);
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+/*
+ * Pseudo-primality test, error probability 2^-80
+ */
+int mbedtls_mpi_is_prime(const mbedtls_mpi *X,
+                         int (*f_rng)(void *, unsigned char *, size_t),
+                         void *p_rng)
+{
+    MPI_VALIDATE_RET(X     != NULL);
+    MPI_VALIDATE_RET(f_rng != NULL);
+
+    /*
+     * In the past our key generation aimed for an error rate of at most
+     * 2^-80. Since this function is deprecated, aim for the same certainty
+     * here as well.
+     */
+    return mbedtls_mpi_is_prime_ext(X, 40, f_rng, p_rng);
+}
+#endif
+
+/*
+ * Prime number generation
+ *
+ * To generate an RSA key in a way recommended by FIPS 186-4, both primes must
+ * be either 1024 bits or 1536 bits long, and flags must contain
+ * MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR.
+ */
+int mbedtls_mpi_gen_prime(mbedtls_mpi *X, size_t nbits, int flags,
+                          int (*f_rng)(void *, unsigned char *, size_t),
+                          void *p_rng)
+{
+#ifdef MBEDTLS_HAVE_INT64
+// ceil(2^63.5)
+#define CEIL_MAXUINT_DIV_SQRT2 0xb504f333f9de6485ULL
+#else
+// ceil(2^31.5)
+#define CEIL_MAXUINT_DIV_SQRT2 0xb504f334U
+#endif
+    int ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
+    size_t k, n;
+    int rounds;
+    mbedtls_mpi_uint r;
+    mbedtls_mpi Y;
+
+    MPI_VALIDATE_RET(X     != NULL);
+    MPI_VALIDATE_RET(f_rng != NULL);
+
+    if (nbits < 3 || nbits > MBEDTLS_MPI_MAX_BITS) {
+        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+
+    mbedtls_mpi_init(&Y);
+
+    n = BITS_TO_LIMBS(nbits);
+
+    if ((flags & MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR) == 0) {
+        /*
+         * 2^-80 error probability, number of rounds chosen per HAC, table 4.4
+         */
+        rounds = ((nbits >= 1300) ?  2 : (nbits >=  850) ?  3 :
+                  (nbits >=  650) ?  4 : (nbits >=  350) ?  8 :
+                  (nbits >=  250) ? 12 : (nbits >=  150) ? 18 : 27);
+    } else {
+        /*
+         * 2^-100 error probability, number of rounds computed based on HAC,
+         * fact 4.48
+         */
+        rounds = ((nbits >= 1450) ?  4 : (nbits >=  1150) ?  5 :
+                  (nbits >= 1000) ?  6 : (nbits >=   850) ?  7 :
+                  (nbits >=  750) ?  8 : (nbits >=   500) ? 13 :
+                  (nbits >=  250) ? 28 : (nbits >=   150) ? 40 : 51);
+    }
+
+    while (1) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(X, n * ciL, f_rng, p_rng));
+        /* make sure generated number is at least (nbits-1)+0.5 bits (FIPS 186-4 §B.3.3 steps 4.4, 5.5) */
+        if (X->p[n-1] < CEIL_MAXUINT_DIV_SQRT2) {
+            continue;
+        }
+
+        k = n * biL;
+        if (k > nbits) {
+            MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(X, k - nbits));
+        }
+        X->p[0] |= 1;
+
+        if ((flags & MBEDTLS_MPI_GEN_PRIME_FLAG_DH) == 0) {
+            ret = mbedtls_mpi_is_prime_ext(X, rounds, f_rng, p_rng);
+
+            if (ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) {
+                goto cleanup;
+            }
+        } else {
+            /*
+             * A necessary condition for Y and X = 2Y + 1 to be prime
+             * is X = 2 mod 3 (which is equivalent to Y = 2 mod 3).
+             * Make sure it is satisfied, while keeping X = 3 mod 4
+             */
+
+            X->p[0] |= 2;
+
+            MBEDTLS_MPI_CHK(mbedtls_mpi_mod_int(&r, X, 3));
+            if (r == 0) {
+                MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(X, X, 8));
+            } else if (r == 1) {
+                MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(X, X, 4));
+            }
+
+            /* Set Y = (X-1) / 2, which is X / 2 because X is odd */
+            MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&Y, X));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&Y, 1));
+
+            while (1) {
+                /*
+                 * First, check small factors for X and Y
+                 * before doing Miller-Rabin on any of them
+                 */
+                if ((ret = mpi_check_small_factors(X)) == 0 &&
+                    (ret = mpi_check_small_factors(&Y)) == 0 &&
+                    (ret = mpi_miller_rabin(X, rounds, f_rng, p_rng))
+                    == 0 &&
+                    (ret = mpi_miller_rabin(&Y, rounds, f_rng, p_rng))
+                    == 0) {
+                    goto cleanup;
+                }
+
+                if (ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) {
+                    goto cleanup;
+                }
+
+                /*
+                 * Next candidates. We want to preserve Y = (X-1) / 2 and
+                 * Y = 1 mod 2 and Y = 2 mod 3 (eq X = 3 mod 4 and X = 2 mod 3)
+                 * so up Y by 6 and X by 12.
+                 */
+                MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(X,  X, 12));
+                MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(&Y, &Y, 6));
+            }
+        }
+    }
+
+cleanup:
+
+    mbedtls_mpi_free(&Y);
+
+    return ret;
+}
+
+#endif /* MBEDTLS_GENPRIME */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+#define GCD_PAIR_COUNT  3
+
+static const int gcd_pairs[GCD_PAIR_COUNT][3] =
+{
+    { 693, 609, 21 },
+    { 1764, 868, 28 },
+    { 768454923, 542167814, 1 }
+};
+
+/*
+ * Checkup routine
+ */
+int mbedtls_mpi_self_test(int verbose)
+{
+    int ret, i;
+    mbedtls_mpi A, E, N, X, Y, U, V;
+
+    mbedtls_mpi_init(&A); mbedtls_mpi_init(&E); mbedtls_mpi_init(&N); mbedtls_mpi_init(&X);
+    mbedtls_mpi_init(&Y); mbedtls_mpi_init(&U); mbedtls_mpi_init(&V);
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&A, 16,
+                                            "EFE021C2645FD1DC586E69184AF4A31E" \
+                                            "D5F53E93B5F123FA41680867BA110131" \
+                                            "944FE7952E2517337780CB0DB80E61AA" \
+                                            "E7C8DDC6C5C6AADEB34EB38A2F40D5E6"));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&E, 16,
+                                            "B2E7EFD37075B9F03FF989C7C5051C20" \
+                                            "34D2A323810251127E7BF8625A4F49A5" \
+                                            "F3E27F4DA8BD59C47D6DAABA4C8127BD" \
+                                            "5B5C25763222FEFCCFC38B832366C29E"));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&N, 16,
+                                            "0066A198186C18C10B2F5ED9B522752A" \
+                                            "9830B69916E535C8F047518A889A43A5" \
+                                            "94B6BED27A168D31D4A52F88925AA8F5"));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&X, &A, &N));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&U, 16,
+                                            "602AB7ECA597A3D6B56FF9829A5E8B85" \
+                                            "9E857EA95A03512E2BAE7391688D264A" \
+                                            "A5663B0341DB9CCFD2C4C5F421FEC814" \
+                                            "8001B72E848A38CAE1C65F78E56ABDEF" \
+                                            "E12D3C039B8A02D6BE593F0BBBDA56F1" \
+                                            "ECF677152EF804370C1A305CAF3B5BF1" \
+                                            "30879B56C61DE584A0F53A2447A51E"));
+
+    if (verbose != 0) {
+        mbedtls_printf("  MPI test #1 (mul_mpi): ");
+    }
+
+    if (mbedtls_mpi_cmp_mpi(&X, &U) != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
+
+        ret = 1;
+        goto cleanup;
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n");
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_div_mpi(&X, &Y, &A, &N));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&U, 16,
+                                            "256567336059E52CAE22925474705F39A94"));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&V, 16,
+                                            "6613F26162223DF488E9CD48CC132C7A" \
+                                            "0AC93C701B001B092E4E5B9F73BCD27B" \
+                                            "9EE50D0657C77F374E903CDFA4C642"));
+
+    if (verbose != 0) {
+        mbedtls_printf("  MPI test #2 (div_mpi): ");
+    }
+
+    if (mbedtls_mpi_cmp_mpi(&X, &U) != 0 ||
+        mbedtls_mpi_cmp_mpi(&Y, &V) != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
+
+        ret = 1;
+        goto cleanup;
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n");
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&X, &A, &E, &N, NULL));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&U, 16,
+                                            "36E139AEA55215609D2816998ED020BB" \
+                                            "BD96C37890F65171D948E9BC7CBAA4D9" \
+                                            "325D24D6A3C12710F10A09FA08AB87"));
+
+    if (verbose != 0) {
+        mbedtls_printf("  MPI test #3 (exp_mod): ");
+    }
+
+    if (mbedtls_mpi_cmp_mpi(&X, &U) != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
+
+        ret = 1;
+        goto cleanup;
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n");
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&X, &A, &N));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&U, 16,
+                                            "003A0AAEDD7E784FC07D8F9EC6E3BFD5" \
+                                            "C3DBA76456363A10869622EAC2DD84EC" \
+                                            "C5B8A74DAC4D09E03B5E0BE779F2DF61"));
+
+    if (verbose != 0) {
+        mbedtls_printf("  MPI test #4 (inv_mod): ");
+    }
+
+    if (mbedtls_mpi_cmp_mpi(&X, &U) != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
+
+        ret = 1;
+        goto cleanup;
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n");
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("  MPI test #5 (simple gcd): ");
+    }
+
+    for (i = 0; i < GCD_PAIR_COUNT; i++) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&X, gcd_pairs[i][0]));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&Y, gcd_pairs[i][1]));
+
+        MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(&A, &X, &Y));
+
+        if (mbedtls_mpi_cmp_int(&A, gcd_pairs[i][2]) != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("failed at %d\n", i);
+            }
+
+            ret = 1;
+            goto cleanup;
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n");
+    }
+
+cleanup:
+
+    if (ret != 0 && verbose != 0) {
+        mbedtls_printf("Unexpected error, return code = %08X\n", (unsigned int) ret);
+    }
+
+    mbedtls_mpi_free(&A); mbedtls_mpi_free(&E); mbedtls_mpi_free(&N); mbedtls_mpi_free(&X);
+    mbedtls_mpi_free(&Y); mbedtls_mpi_free(&U); mbedtls_mpi_free(&V);
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+    return ret;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_BIGNUM_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/bignum_internal.h b/3rdparty/mbedtls-2.28.7/library/bignum_internal.h
new file mode 100644
index 0000000..5435ebb
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/bignum_internal.h
@@ -0,0 +1,71 @@
+/**
+ *  Low level bignum functions
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MBEDTLS_BIGNUM_INTERNAL_H
+#define MBEDTLS_BIGNUM_INTERNAL_H
+
+#include "mbedtls/bignum.h"
+
+/**
+ * \brief Calculate the square of the Montgomery constant. (Needed
+ *        for conversion and operations in Montgomery form.)
+ *
+ * \param[out] X  A pointer to the result of the calculation of
+ *                the square of the Montgomery constant:
+ *                2^{2*n*biL} mod N.
+ * \param[in]  N  Little-endian presentation of the modulus, which must be odd.
+ *
+ * \return        0 if successful.
+ * \return        #MBEDTLS_ERR_MPI_ALLOC_FAILED if there is not enough space
+ *                to store the value of Montgomery constant squared.
+ * \return        #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p N modulus is zero.
+ * \return        #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p N modulus is negative.
+ */
+int mbedtls_mpi_get_mont_r2_unsafe(mbedtls_mpi *X,
+                                   const mbedtls_mpi *N);
+
+/**
+ * \brief Calculate initialisation value for fast Montgomery modular
+ *        multiplication
+ *
+ * \param[in] N  Little-endian presentation of the modulus. This must have
+ *               at least one limb.
+ *
+ * \return       The initialisation value for fast Montgomery modular multiplication
+ */
+mbedtls_mpi_uint mbedtls_mpi_montmul_init(const mbedtls_mpi_uint *N);
+
+/** Montgomery multiplication: A = A * B * R^-1 mod N  (HAC 14.36)
+ *
+ * \param[in,out]   A   One of the numbers to multiply.
+ *                      It must have at least as many limbs as N
+ *                      (A->n >= N->n), and any limbs beyond n are ignored.
+ *                      On successful completion, A contains the result of
+ *                      the multiplication A * B * R^-1 mod N where
+ *                      R = (2^ciL)^n.
+ * \param[in]       B   One of the numbers to multiply.
+ *                      It must be nonzero and must not have more limbs than N
+ *                      (B->n <= N->n).
+ * \param[in]       N   The modulo. N must be odd.
+ * \param           mm  The value calculated by
+ *                      `mbedtls_mpi_montg_init(&mm, N)`.
+ *                      This is -N^-1 mod 2^ciL.
+ * \param[in,out]   T   A bignum for temporary storage.
+ *                      It must be at least twice the limb size of N plus 2
+ *                      (T->n >= 2 * (N->n + 1)).
+ *                      Its initial content is unused and
+ *                      its final content is indeterminate.
+ *                      Note that unlike the usual convention in the library
+ *                      for `const mbedtls_mpi*`, the content of T can change.
+ */
+void mbedtls_mpi_montmul(mbedtls_mpi *A,
+                         const mbedtls_mpi *B,
+                         const mbedtls_mpi *N,
+                         mbedtls_mpi_uint mm,
+                         const mbedtls_mpi *T);
+
+#endif /* MBEDTLS_BIGNUM_INTERNAL_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/blowfish.c b/3rdparty/mbedtls-2.28.7/library/blowfish.c
new file mode 100644
index 0000000..d90456b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/blowfish.c
@@ -0,0 +1,644 @@
+/*
+ *  Blowfish implementation
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  The Blowfish block cipher was designed by Bruce Schneier in 1993.
+ *  http://www.schneier.com/blowfish.html
+ *  http://en.wikipedia.org/wiki/Blowfish_%28cipher%29
+ *
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_BLOWFISH_C)
+
+#include "mbedtls/blowfish.h"
+#include "mbedtls/platform_util.h"
+
+#include <string.h>
+
+#if !defined(MBEDTLS_BLOWFISH_ALT)
+
+/* Parameter validation macros */
+#define BLOWFISH_VALIDATE_RET(cond)                                       \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA)
+#define BLOWFISH_VALIDATE(cond)                                           \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+static const uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2] = {
+    0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L,
+    0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L,
+    0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL,
+    0xC0AC29B7L, 0xC97C50DDL, 0x3F84D5B5L, 0xB5470917L,
+    0x9216D5D9L, 0x8979FB1BL
+};
+
+/* declarations of data at the end of this file */
+static const uint32_t S[4][256];
+
+static uint32_t F(mbedtls_blowfish_context *ctx, uint32_t x)
+{
+    unsigned short a, b, c, d;
+    uint32_t  y;
+
+    d = MBEDTLS_BYTE_0(x);
+    x >>= 8;
+    c = MBEDTLS_BYTE_0(x);
+    x >>= 8;
+    b = MBEDTLS_BYTE_0(x);
+    x >>= 8;
+    a = MBEDTLS_BYTE_0(x);
+    y = ctx->S[0][a] + ctx->S[1][b];
+    y = y ^ ctx->S[2][c];
+    y = y + ctx->S[3][d];
+
+    return y;
+}
+
+static void blowfish_enc(mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr)
+{
+    uint32_t  Xl, Xr, temp;
+    short i;
+
+    Xl = *xl;
+    Xr = *xr;
+
+    for (i = 0; i < MBEDTLS_BLOWFISH_ROUNDS; ++i) {
+        Xl = Xl ^ ctx->P[i];
+        Xr = F(ctx, Xl) ^ Xr;
+
+        temp = Xl;
+        Xl = Xr;
+        Xr = temp;
+    }
+
+    temp = Xl;
+    Xl = Xr;
+    Xr = temp;
+
+    Xr = Xr ^ ctx->P[MBEDTLS_BLOWFISH_ROUNDS];
+    Xl = Xl ^ ctx->P[MBEDTLS_BLOWFISH_ROUNDS + 1];
+
+    *xl = Xl;
+    *xr = Xr;
+}
+
+static void blowfish_dec(mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr)
+{
+    uint32_t  Xl, Xr, temp;
+    short i;
+
+    Xl = *xl;
+    Xr = *xr;
+
+    for (i = MBEDTLS_BLOWFISH_ROUNDS + 1; i > 1; --i) {
+        Xl = Xl ^ ctx->P[i];
+        Xr = F(ctx, Xl) ^ Xr;
+
+        temp = Xl;
+        Xl = Xr;
+        Xr = temp;
+    }
+
+    temp = Xl;
+    Xl = Xr;
+    Xr = temp;
+
+    Xr = Xr ^ ctx->P[1];
+    Xl = Xl ^ ctx->P[0];
+
+    *xl = Xl;
+    *xr = Xr;
+}
+
+void mbedtls_blowfish_init(mbedtls_blowfish_context *ctx)
+{
+    BLOWFISH_VALIDATE(ctx != NULL);
+    memset(ctx, 0, sizeof(mbedtls_blowfish_context));
+}
+
+void mbedtls_blowfish_free(mbedtls_blowfish_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_blowfish_context));
+}
+
+/*
+ * Blowfish key schedule
+ */
+int mbedtls_blowfish_setkey(mbedtls_blowfish_context *ctx,
+                            const unsigned char *key,
+                            unsigned int keybits)
+{
+    unsigned int i, j, k;
+    uint32_t data, datal, datar;
+    BLOWFISH_VALIDATE_RET(ctx != NULL);
+    BLOWFISH_VALIDATE_RET(key != NULL);
+
+    if (keybits < MBEDTLS_BLOWFISH_MIN_KEY_BITS    ||
+        keybits > MBEDTLS_BLOWFISH_MAX_KEY_BITS    ||
+        keybits % 8 != 0) {
+        return MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA;
+    }
+
+    keybits >>= 3;
+
+    for (i = 0; i < 4; i++) {
+        for (j = 0; j < 256; j++) {
+            ctx->S[i][j] = S[i][j];
+        }
+    }
+
+    j = 0;
+    for (i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; ++i) {
+        data = 0x00000000;
+        for (k = 0; k < 4; ++k) {
+            data = (data << 8) | key[j++];
+            if (j >= keybits) {
+                j = 0;
+            }
+        }
+        ctx->P[i] = P[i] ^ data;
+    }
+
+    datal = 0x00000000;
+    datar = 0x00000000;
+
+    for (i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; i += 2) {
+        blowfish_enc(ctx, &datal, &datar);
+        ctx->P[i] = datal;
+        ctx->P[i + 1] = datar;
+    }
+
+    for (i = 0; i < 4; i++) {
+        for (j = 0; j < 256; j += 2) {
+            blowfish_enc(ctx, &datal, &datar);
+            ctx->S[i][j] = datal;
+            ctx->S[i][j + 1] = datar;
+        }
+    }
+    return 0;
+}
+
+/*
+ * Blowfish-ECB block encryption/decryption
+ */
+int mbedtls_blowfish_crypt_ecb(mbedtls_blowfish_context *ctx,
+                               int mode,
+                               const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                               unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE])
+{
+    uint32_t X0, X1;
+    BLOWFISH_VALIDATE_RET(ctx != NULL);
+    BLOWFISH_VALIDATE_RET(mode == MBEDTLS_BLOWFISH_ENCRYPT ||
+                          mode == MBEDTLS_BLOWFISH_DECRYPT);
+    BLOWFISH_VALIDATE_RET(input  != NULL);
+    BLOWFISH_VALIDATE_RET(output != NULL);
+
+    X0 = MBEDTLS_GET_UINT32_BE(input,  0);
+    X1 = MBEDTLS_GET_UINT32_BE(input,  4);
+
+    if (mode == MBEDTLS_BLOWFISH_DECRYPT) {
+        blowfish_dec(ctx, &X0, &X1);
+    } else { /* MBEDTLS_BLOWFISH_ENCRYPT */
+        blowfish_enc(ctx, &X0, &X1);
+    }
+
+    MBEDTLS_PUT_UINT32_BE(X0, output,  0);
+    MBEDTLS_PUT_UINT32_BE(X1, output,  4);
+
+    return 0;
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/*
+ * Blowfish-CBC buffer encryption/decryption
+ */
+int mbedtls_blowfish_crypt_cbc(mbedtls_blowfish_context *ctx,
+                               int mode,
+                               size_t length,
+                               unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                               const unsigned char *input,
+                               unsigned char *output)
+{
+    int i;
+    unsigned char temp[MBEDTLS_BLOWFISH_BLOCKSIZE];
+    BLOWFISH_VALIDATE_RET(ctx != NULL);
+    BLOWFISH_VALIDATE_RET(mode == MBEDTLS_BLOWFISH_ENCRYPT ||
+                          mode == MBEDTLS_BLOWFISH_DECRYPT);
+    BLOWFISH_VALIDATE_RET(iv != NULL);
+    BLOWFISH_VALIDATE_RET(length == 0 || input  != NULL);
+    BLOWFISH_VALIDATE_RET(length == 0 || output != NULL);
+
+    if (length % MBEDTLS_BLOWFISH_BLOCKSIZE) {
+        return MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH;
+    }
+
+    if (mode == MBEDTLS_BLOWFISH_DECRYPT) {
+        while (length > 0) {
+            memcpy(temp, input, MBEDTLS_BLOWFISH_BLOCKSIZE);
+            mbedtls_blowfish_crypt_ecb(ctx, mode, input, output);
+
+            for (i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE; i++) {
+                output[i] = (unsigned char) (output[i] ^ iv[i]);
+            }
+
+            memcpy(iv, temp, MBEDTLS_BLOWFISH_BLOCKSIZE);
+
+            input  += MBEDTLS_BLOWFISH_BLOCKSIZE;
+            output += MBEDTLS_BLOWFISH_BLOCKSIZE;
+            length -= MBEDTLS_BLOWFISH_BLOCKSIZE;
+        }
+    } else {
+        while (length > 0) {
+            for (i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE; i++) {
+                output[i] = (unsigned char) (input[i] ^ iv[i]);
+            }
+
+            mbedtls_blowfish_crypt_ecb(ctx, mode, output, output);
+            memcpy(iv, output, MBEDTLS_BLOWFISH_BLOCKSIZE);
+
+            input  += MBEDTLS_BLOWFISH_BLOCKSIZE;
+            output += MBEDTLS_BLOWFISH_BLOCKSIZE;
+            length -= MBEDTLS_BLOWFISH_BLOCKSIZE;
+        }
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+/*
+ * Blowfish CFB buffer encryption/decryption
+ */
+int mbedtls_blowfish_crypt_cfb64(mbedtls_blowfish_context *ctx,
+                                 int mode,
+                                 size_t length,
+                                 size_t *iv_off,
+                                 unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                                 const unsigned char *input,
+                                 unsigned char *output)
+{
+    int c;
+    size_t n;
+
+    BLOWFISH_VALIDATE_RET(ctx != NULL);
+    BLOWFISH_VALIDATE_RET(mode == MBEDTLS_BLOWFISH_ENCRYPT ||
+                          mode == MBEDTLS_BLOWFISH_DECRYPT);
+    BLOWFISH_VALIDATE_RET(iv     != NULL);
+    BLOWFISH_VALIDATE_RET(iv_off != NULL);
+    BLOWFISH_VALIDATE_RET(length == 0 || input  != NULL);
+    BLOWFISH_VALIDATE_RET(length == 0 || output != NULL);
+
+    n = *iv_off;
+    if (n >= 8) {
+        return MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA;
+    }
+
+    if (mode == MBEDTLS_BLOWFISH_DECRYPT) {
+        while (length--) {
+            if (n == 0) {
+                mbedtls_blowfish_crypt_ecb(ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv);
+            }
+
+            c = *input++;
+            *output++ = (unsigned char) (c ^ iv[n]);
+            iv[n] = (unsigned char) c;
+
+            n = (n + 1) % MBEDTLS_BLOWFISH_BLOCKSIZE;
+        }
+    } else {
+        while (length--) {
+            if (n == 0) {
+                mbedtls_blowfish_crypt_ecb(ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv);
+            }
+
+            iv[n] = *output++ = (unsigned char) (iv[n] ^ *input++);
+
+            n = (n + 1) % MBEDTLS_BLOWFISH_BLOCKSIZE;
+        }
+    }
+
+    *iv_off = n;
+
+    return 0;
+}
+#endif /*MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+/*
+ * Blowfish CTR buffer encryption/decryption
+ */
+int mbedtls_blowfish_crypt_ctr(mbedtls_blowfish_context *ctx,
+                               size_t length,
+                               size_t *nc_off,
+                               unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                               unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                               const unsigned char *input,
+                               unsigned char *output)
+{
+    int c, i;
+    size_t n;
+    BLOWFISH_VALIDATE_RET(ctx != NULL);
+    BLOWFISH_VALIDATE_RET(nonce_counter != NULL);
+    BLOWFISH_VALIDATE_RET(stream_block  != NULL);
+    BLOWFISH_VALIDATE_RET(nc_off != NULL);
+    BLOWFISH_VALIDATE_RET(length == 0 || input  != NULL);
+    BLOWFISH_VALIDATE_RET(length == 0 || output != NULL);
+
+    n = *nc_off;
+    if (n >= 8) {
+        return MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA;
+    }
+
+    while (length--) {
+        if (n == 0) {
+            mbedtls_blowfish_crypt_ecb(ctx, MBEDTLS_BLOWFISH_ENCRYPT, nonce_counter,
+                                       stream_block);
+
+            for (i = MBEDTLS_BLOWFISH_BLOCKSIZE; i > 0; i--) {
+                if (++nonce_counter[i - 1] != 0) {
+                    break;
+                }
+            }
+        }
+        c = *input++;
+        *output++ = (unsigned char) (c ^ stream_block[n]);
+
+        n = (n + 1) % MBEDTLS_BLOWFISH_BLOCKSIZE;
+    }
+
+    *nc_off = n;
+
+    return 0;
+}
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+static const uint32_t S[4][256] = {
+    {   0xD1310BA6L, 0x98DFB5ACL, 0x2FFD72DBL, 0xD01ADFB7L,
+        0xB8E1AFEDL, 0x6A267E96L, 0xBA7C9045L, 0xF12C7F99L,
+        0x24A19947L, 0xB3916CF7L, 0x0801F2E2L, 0x858EFC16L,
+        0x636920D8L, 0x71574E69L, 0xA458FEA3L, 0xF4933D7EL,
+        0x0D95748FL, 0x728EB658L, 0x718BCD58L, 0x82154AEEL,
+        0x7B54A41DL, 0xC25A59B5L, 0x9C30D539L, 0x2AF26013L,
+        0xC5D1B023L, 0x286085F0L, 0xCA417918L, 0xB8DB38EFL,
+        0x8E79DCB0L, 0x603A180EL, 0x6C9E0E8BL, 0xB01E8A3EL,
+        0xD71577C1L, 0xBD314B27L, 0x78AF2FDAL, 0x55605C60L,
+        0xE65525F3L, 0xAA55AB94L, 0x57489862L, 0x63E81440L,
+        0x55CA396AL, 0x2AAB10B6L, 0xB4CC5C34L, 0x1141E8CEL,
+        0xA15486AFL, 0x7C72E993L, 0xB3EE1411L, 0x636FBC2AL,
+        0x2BA9C55DL, 0x741831F6L, 0xCE5C3E16L, 0x9B87931EL,
+        0xAFD6BA33L, 0x6C24CF5CL, 0x7A325381L, 0x28958677L,
+        0x3B8F4898L, 0x6B4BB9AFL, 0xC4BFE81BL, 0x66282193L,
+        0x61D809CCL, 0xFB21A991L, 0x487CAC60L, 0x5DEC8032L,
+        0xEF845D5DL, 0xE98575B1L, 0xDC262302L, 0xEB651B88L,
+        0x23893E81L, 0xD396ACC5L, 0x0F6D6FF3L, 0x83F44239L,
+        0x2E0B4482L, 0xA4842004L, 0x69C8F04AL, 0x9E1F9B5EL,
+        0x21C66842L, 0xF6E96C9AL, 0x670C9C61L, 0xABD388F0L,
+        0x6A51A0D2L, 0xD8542F68L, 0x960FA728L, 0xAB5133A3L,
+        0x6EEF0B6CL, 0x137A3BE4L, 0xBA3BF050L, 0x7EFB2A98L,
+        0xA1F1651DL, 0x39AF0176L, 0x66CA593EL, 0x82430E88L,
+        0x8CEE8619L, 0x456F9FB4L, 0x7D84A5C3L, 0x3B8B5EBEL,
+        0xE06F75D8L, 0x85C12073L, 0x401A449FL, 0x56C16AA6L,
+        0x4ED3AA62L, 0x363F7706L, 0x1BFEDF72L, 0x429B023DL,
+        0x37D0D724L, 0xD00A1248L, 0xDB0FEAD3L, 0x49F1C09BL,
+        0x075372C9L, 0x80991B7BL, 0x25D479D8L, 0xF6E8DEF7L,
+        0xE3FE501AL, 0xB6794C3BL, 0x976CE0BDL, 0x04C006BAL,
+        0xC1A94FB6L, 0x409F60C4L, 0x5E5C9EC2L, 0x196A2463L,
+        0x68FB6FAFL, 0x3E6C53B5L, 0x1339B2EBL, 0x3B52EC6FL,
+        0x6DFC511FL, 0x9B30952CL, 0xCC814544L, 0xAF5EBD09L,
+        0xBEE3D004L, 0xDE334AFDL, 0x660F2807L, 0x192E4BB3L,
+        0xC0CBA857L, 0x45C8740FL, 0xD20B5F39L, 0xB9D3FBDBL,
+        0x5579C0BDL, 0x1A60320AL, 0xD6A100C6L, 0x402C7279L,
+        0x679F25FEL, 0xFB1FA3CCL, 0x8EA5E9F8L, 0xDB3222F8L,
+        0x3C7516DFL, 0xFD616B15L, 0x2F501EC8L, 0xAD0552ABL,
+        0x323DB5FAL, 0xFD238760L, 0x53317B48L, 0x3E00DF82L,
+        0x9E5C57BBL, 0xCA6F8CA0L, 0x1A87562EL, 0xDF1769DBL,
+        0xD542A8F6L, 0x287EFFC3L, 0xAC6732C6L, 0x8C4F5573L,
+        0x695B27B0L, 0xBBCA58C8L, 0xE1FFA35DL, 0xB8F011A0L,
+        0x10FA3D98L, 0xFD2183B8L, 0x4AFCB56CL, 0x2DD1D35BL,
+        0x9A53E479L, 0xB6F84565L, 0xD28E49BCL, 0x4BFB9790L,
+        0xE1DDF2DAL, 0xA4CB7E33L, 0x62FB1341L, 0xCEE4C6E8L,
+        0xEF20CADAL, 0x36774C01L, 0xD07E9EFEL, 0x2BF11FB4L,
+        0x95DBDA4DL, 0xAE909198L, 0xEAAD8E71L, 0x6B93D5A0L,
+        0xD08ED1D0L, 0xAFC725E0L, 0x8E3C5B2FL, 0x8E7594B7L,
+        0x8FF6E2FBL, 0xF2122B64L, 0x8888B812L, 0x900DF01CL,
+        0x4FAD5EA0L, 0x688FC31CL, 0xD1CFF191L, 0xB3A8C1ADL,
+        0x2F2F2218L, 0xBE0E1777L, 0xEA752DFEL, 0x8B021FA1L,
+        0xE5A0CC0FL, 0xB56F74E8L, 0x18ACF3D6L, 0xCE89E299L,
+        0xB4A84FE0L, 0xFD13E0B7L, 0x7CC43B81L, 0xD2ADA8D9L,
+        0x165FA266L, 0x80957705L, 0x93CC7314L, 0x211A1477L,
+        0xE6AD2065L, 0x77B5FA86L, 0xC75442F5L, 0xFB9D35CFL,
+        0xEBCDAF0CL, 0x7B3E89A0L, 0xD6411BD3L, 0xAE1E7E49L,
+        0x00250E2DL, 0x2071B35EL, 0x226800BBL, 0x57B8E0AFL,
+        0x2464369BL, 0xF009B91EL, 0x5563911DL, 0x59DFA6AAL,
+        0x78C14389L, 0xD95A537FL, 0x207D5BA2L, 0x02E5B9C5L,
+        0x83260376L, 0x6295CFA9L, 0x11C81968L, 0x4E734A41L,
+        0xB3472DCAL, 0x7B14A94AL, 0x1B510052L, 0x9A532915L,
+        0xD60F573FL, 0xBC9BC6E4L, 0x2B60A476L, 0x81E67400L,
+        0x08BA6FB5L, 0x571BE91FL, 0xF296EC6BL, 0x2A0DD915L,
+        0xB6636521L, 0xE7B9F9B6L, 0xFF34052EL, 0xC5855664L,
+        0x53B02D5DL, 0xA99F8FA1L, 0x08BA4799L, 0x6E85076AL   },
+    {   0x4B7A70E9L, 0xB5B32944L, 0xDB75092EL, 0xC4192623L,
+        0xAD6EA6B0L, 0x49A7DF7DL, 0x9CEE60B8L, 0x8FEDB266L,
+        0xECAA8C71L, 0x699A17FFL, 0x5664526CL, 0xC2B19EE1L,
+        0x193602A5L, 0x75094C29L, 0xA0591340L, 0xE4183A3EL,
+        0x3F54989AL, 0x5B429D65L, 0x6B8FE4D6L, 0x99F73FD6L,
+        0xA1D29C07L, 0xEFE830F5L, 0x4D2D38E6L, 0xF0255DC1L,
+        0x4CDD2086L, 0x8470EB26L, 0x6382E9C6L, 0x021ECC5EL,
+        0x09686B3FL, 0x3EBAEFC9L, 0x3C971814L, 0x6B6A70A1L,
+        0x687F3584L, 0x52A0E286L, 0xB79C5305L, 0xAA500737L,
+        0x3E07841CL, 0x7FDEAE5CL, 0x8E7D44ECL, 0x5716F2B8L,
+        0xB03ADA37L, 0xF0500C0DL, 0xF01C1F04L, 0x0200B3FFL,
+        0xAE0CF51AL, 0x3CB574B2L, 0x25837A58L, 0xDC0921BDL,
+        0xD19113F9L, 0x7CA92FF6L, 0x94324773L, 0x22F54701L,
+        0x3AE5E581L, 0x37C2DADCL, 0xC8B57634L, 0x9AF3DDA7L,
+        0xA9446146L, 0x0FD0030EL, 0xECC8C73EL, 0xA4751E41L,
+        0xE238CD99L, 0x3BEA0E2FL, 0x3280BBA1L, 0x183EB331L,
+        0x4E548B38L, 0x4F6DB908L, 0x6F420D03L, 0xF60A04BFL,
+        0x2CB81290L, 0x24977C79L, 0x5679B072L, 0xBCAF89AFL,
+        0xDE9A771FL, 0xD9930810L, 0xB38BAE12L, 0xDCCF3F2EL,
+        0x5512721FL, 0x2E6B7124L, 0x501ADDE6L, 0x9F84CD87L,
+        0x7A584718L, 0x7408DA17L, 0xBC9F9ABCL, 0xE94B7D8CL,
+        0xEC7AEC3AL, 0xDB851DFAL, 0x63094366L, 0xC464C3D2L,
+        0xEF1C1847L, 0x3215D908L, 0xDD433B37L, 0x24C2BA16L,
+        0x12A14D43L, 0x2A65C451L, 0x50940002L, 0x133AE4DDL,
+        0x71DFF89EL, 0x10314E55L, 0x81AC77D6L, 0x5F11199BL,
+        0x043556F1L, 0xD7A3C76BL, 0x3C11183BL, 0x5924A509L,
+        0xF28FE6EDL, 0x97F1FBFAL, 0x9EBABF2CL, 0x1E153C6EL,
+        0x86E34570L, 0xEAE96FB1L, 0x860E5E0AL, 0x5A3E2AB3L,
+        0x771FE71CL, 0x4E3D06FAL, 0x2965DCB9L, 0x99E71D0FL,
+        0x803E89D6L, 0x5266C825L, 0x2E4CC978L, 0x9C10B36AL,
+        0xC6150EBAL, 0x94E2EA78L, 0xA5FC3C53L, 0x1E0A2DF4L,
+        0xF2F74EA7L, 0x361D2B3DL, 0x1939260FL, 0x19C27960L,
+        0x5223A708L, 0xF71312B6L, 0xEBADFE6EL, 0xEAC31F66L,
+        0xE3BC4595L, 0xA67BC883L, 0xB17F37D1L, 0x018CFF28L,
+        0xC332DDEFL, 0xBE6C5AA5L, 0x65582185L, 0x68AB9802L,
+        0xEECEA50FL, 0xDB2F953BL, 0x2AEF7DADL, 0x5B6E2F84L,
+        0x1521B628L, 0x29076170L, 0xECDD4775L, 0x619F1510L,
+        0x13CCA830L, 0xEB61BD96L, 0x0334FE1EL, 0xAA0363CFL,
+        0xB5735C90L, 0x4C70A239L, 0xD59E9E0BL, 0xCBAADE14L,
+        0xEECC86BCL, 0x60622CA7L, 0x9CAB5CABL, 0xB2F3846EL,
+        0x648B1EAFL, 0x19BDF0CAL, 0xA02369B9L, 0x655ABB50L,
+        0x40685A32L, 0x3C2AB4B3L, 0x319EE9D5L, 0xC021B8F7L,
+        0x9B540B19L, 0x875FA099L, 0x95F7997EL, 0x623D7DA8L,
+        0xF837889AL, 0x97E32D77L, 0x11ED935FL, 0x16681281L,
+        0x0E358829L, 0xC7E61FD6L, 0x96DEDFA1L, 0x7858BA99L,
+        0x57F584A5L, 0x1B227263L, 0x9B83C3FFL, 0x1AC24696L,
+        0xCDB30AEBL, 0x532E3054L, 0x8FD948E4L, 0x6DBC3128L,
+        0x58EBF2EFL, 0x34C6FFEAL, 0xFE28ED61L, 0xEE7C3C73L,
+        0x5D4A14D9L, 0xE864B7E3L, 0x42105D14L, 0x203E13E0L,
+        0x45EEE2B6L, 0xA3AAABEAL, 0xDB6C4F15L, 0xFACB4FD0L,
+        0xC742F442L, 0xEF6ABBB5L, 0x654F3B1DL, 0x41CD2105L,
+        0xD81E799EL, 0x86854DC7L, 0xE44B476AL, 0x3D816250L,
+        0xCF62A1F2L, 0x5B8D2646L, 0xFC8883A0L, 0xC1C7B6A3L,
+        0x7F1524C3L, 0x69CB7492L, 0x47848A0BL, 0x5692B285L,
+        0x095BBF00L, 0xAD19489DL, 0x1462B174L, 0x23820E00L,
+        0x58428D2AL, 0x0C55F5EAL, 0x1DADF43EL, 0x233F7061L,
+        0x3372F092L, 0x8D937E41L, 0xD65FECF1L, 0x6C223BDBL,
+        0x7CDE3759L, 0xCBEE7460L, 0x4085F2A7L, 0xCE77326EL,
+        0xA6078084L, 0x19F8509EL, 0xE8EFD855L, 0x61D99735L,
+        0xA969A7AAL, 0xC50C06C2L, 0x5A04ABFCL, 0x800BCADCL,
+        0x9E447A2EL, 0xC3453484L, 0xFDD56705L, 0x0E1E9EC9L,
+        0xDB73DBD3L, 0x105588CDL, 0x675FDA79L, 0xE3674340L,
+        0xC5C43465L, 0x713E38D8L, 0x3D28F89EL, 0xF16DFF20L,
+        0x153E21E7L, 0x8FB03D4AL, 0xE6E39F2BL, 0xDB83ADF7L   },
+    {   0xE93D5A68L, 0x948140F7L, 0xF64C261CL, 0x94692934L,
+        0x411520F7L, 0x7602D4F7L, 0xBCF46B2EL, 0xD4A20068L,
+        0xD4082471L, 0x3320F46AL, 0x43B7D4B7L, 0x500061AFL,
+        0x1E39F62EL, 0x97244546L, 0x14214F74L, 0xBF8B8840L,
+        0x4D95FC1DL, 0x96B591AFL, 0x70F4DDD3L, 0x66A02F45L,
+        0xBFBC09ECL, 0x03BD9785L, 0x7FAC6DD0L, 0x31CB8504L,
+        0x96EB27B3L, 0x55FD3941L, 0xDA2547E6L, 0xABCA0A9AL,
+        0x28507825L, 0x530429F4L, 0x0A2C86DAL, 0xE9B66DFBL,
+        0x68DC1462L, 0xD7486900L, 0x680EC0A4L, 0x27A18DEEL,
+        0x4F3FFEA2L, 0xE887AD8CL, 0xB58CE006L, 0x7AF4D6B6L,
+        0xAACE1E7CL, 0xD3375FECL, 0xCE78A399L, 0x406B2A42L,
+        0x20FE9E35L, 0xD9F385B9L, 0xEE39D7ABL, 0x3B124E8BL,
+        0x1DC9FAF7L, 0x4B6D1856L, 0x26A36631L, 0xEAE397B2L,
+        0x3A6EFA74L, 0xDD5B4332L, 0x6841E7F7L, 0xCA7820FBL,
+        0xFB0AF54EL, 0xD8FEB397L, 0x454056ACL, 0xBA489527L,
+        0x55533A3AL, 0x20838D87L, 0xFE6BA9B7L, 0xD096954BL,
+        0x55A867BCL, 0xA1159A58L, 0xCCA92963L, 0x99E1DB33L,
+        0xA62A4A56L, 0x3F3125F9L, 0x5EF47E1CL, 0x9029317CL,
+        0xFDF8E802L, 0x04272F70L, 0x80BB155CL, 0x05282CE3L,
+        0x95C11548L, 0xE4C66D22L, 0x48C1133FL, 0xC70F86DCL,
+        0x07F9C9EEL, 0x41041F0FL, 0x404779A4L, 0x5D886E17L,
+        0x325F51EBL, 0xD59BC0D1L, 0xF2BCC18FL, 0x41113564L,
+        0x257B7834L, 0x602A9C60L, 0xDFF8E8A3L, 0x1F636C1BL,
+        0x0E12B4C2L, 0x02E1329EL, 0xAF664FD1L, 0xCAD18115L,
+        0x6B2395E0L, 0x333E92E1L, 0x3B240B62L, 0xEEBEB922L,
+        0x85B2A20EL, 0xE6BA0D99L, 0xDE720C8CL, 0x2DA2F728L,
+        0xD0127845L, 0x95B794FDL, 0x647D0862L, 0xE7CCF5F0L,
+        0x5449A36FL, 0x877D48FAL, 0xC39DFD27L, 0xF33E8D1EL,
+        0x0A476341L, 0x992EFF74L, 0x3A6F6EABL, 0xF4F8FD37L,
+        0xA812DC60L, 0xA1EBDDF8L, 0x991BE14CL, 0xDB6E6B0DL,
+        0xC67B5510L, 0x6D672C37L, 0x2765D43BL, 0xDCD0E804L,
+        0xF1290DC7L, 0xCC00FFA3L, 0xB5390F92L, 0x690FED0BL,
+        0x667B9FFBL, 0xCEDB7D9CL, 0xA091CF0BL, 0xD9155EA3L,
+        0xBB132F88L, 0x515BAD24L, 0x7B9479BFL, 0x763BD6EBL,
+        0x37392EB3L, 0xCC115979L, 0x8026E297L, 0xF42E312DL,
+        0x6842ADA7L, 0xC66A2B3BL, 0x12754CCCL, 0x782EF11CL,
+        0x6A124237L, 0xB79251E7L, 0x06A1BBE6L, 0x4BFB6350L,
+        0x1A6B1018L, 0x11CAEDFAL, 0x3D25BDD8L, 0xE2E1C3C9L,
+        0x44421659L, 0x0A121386L, 0xD90CEC6EL, 0xD5ABEA2AL,
+        0x64AF674EL, 0xDA86A85FL, 0xBEBFE988L, 0x64E4C3FEL,
+        0x9DBC8057L, 0xF0F7C086L, 0x60787BF8L, 0x6003604DL,
+        0xD1FD8346L, 0xF6381FB0L, 0x7745AE04L, 0xD736FCCCL,
+        0x83426B33L, 0xF01EAB71L, 0xB0804187L, 0x3C005E5FL,
+        0x77A057BEL, 0xBDE8AE24L, 0x55464299L, 0xBF582E61L,
+        0x4E58F48FL, 0xF2DDFDA2L, 0xF474EF38L, 0x8789BDC2L,
+        0x5366F9C3L, 0xC8B38E74L, 0xB475F255L, 0x46FCD9B9L,
+        0x7AEB2661L, 0x8B1DDF84L, 0x846A0E79L, 0x915F95E2L,
+        0x466E598EL, 0x20B45770L, 0x8CD55591L, 0xC902DE4CL,
+        0xB90BACE1L, 0xBB8205D0L, 0x11A86248L, 0x7574A99EL,
+        0xB77F19B6L, 0xE0A9DC09L, 0x662D09A1L, 0xC4324633L,
+        0xE85A1F02L, 0x09F0BE8CL, 0x4A99A025L, 0x1D6EFE10L,
+        0x1AB93D1DL, 0x0BA5A4DFL, 0xA186F20FL, 0x2868F169L,
+        0xDCB7DA83L, 0x573906FEL, 0xA1E2CE9BL, 0x4FCD7F52L,
+        0x50115E01L, 0xA70683FAL, 0xA002B5C4L, 0x0DE6D027L,
+        0x9AF88C27L, 0x773F8641L, 0xC3604C06L, 0x61A806B5L,
+        0xF0177A28L, 0xC0F586E0L, 0x006058AAL, 0x30DC7D62L,
+        0x11E69ED7L, 0x2338EA63L, 0x53C2DD94L, 0xC2C21634L,
+        0xBBCBEE56L, 0x90BCB6DEL, 0xEBFC7DA1L, 0xCE591D76L,
+        0x6F05E409L, 0x4B7C0188L, 0x39720A3DL, 0x7C927C24L,
+        0x86E3725FL, 0x724D9DB9L, 0x1AC15BB4L, 0xD39EB8FCL,
+        0xED545578L, 0x08FCA5B5L, 0xD83D7CD3L, 0x4DAD0FC4L,
+        0x1E50EF5EL, 0xB161E6F8L, 0xA28514D9L, 0x6C51133CL,
+        0x6FD5C7E7L, 0x56E14EC4L, 0x362ABFCEL, 0xDDC6C837L,
+        0xD79A3234L, 0x92638212L, 0x670EFA8EL, 0x406000E0L  },
+    {   0x3A39CE37L, 0xD3FAF5CFL, 0xABC27737L, 0x5AC52D1BL,
+        0x5CB0679EL, 0x4FA33742L, 0xD3822740L, 0x99BC9BBEL,
+        0xD5118E9DL, 0xBF0F7315L, 0xD62D1C7EL, 0xC700C47BL,
+        0xB78C1B6BL, 0x21A19045L, 0xB26EB1BEL, 0x6A366EB4L,
+        0x5748AB2FL, 0xBC946E79L, 0xC6A376D2L, 0x6549C2C8L,
+        0x530FF8EEL, 0x468DDE7DL, 0xD5730A1DL, 0x4CD04DC6L,
+        0x2939BBDBL, 0xA9BA4650L, 0xAC9526E8L, 0xBE5EE304L,
+        0xA1FAD5F0L, 0x6A2D519AL, 0x63EF8CE2L, 0x9A86EE22L,
+        0xC089C2B8L, 0x43242EF6L, 0xA51E03AAL, 0x9CF2D0A4L,
+        0x83C061BAL, 0x9BE96A4DL, 0x8FE51550L, 0xBA645BD6L,
+        0x2826A2F9L, 0xA73A3AE1L, 0x4BA99586L, 0xEF5562E9L,
+        0xC72FEFD3L, 0xF752F7DAL, 0x3F046F69L, 0x77FA0A59L,
+        0x80E4A915L, 0x87B08601L, 0x9B09E6ADL, 0x3B3EE593L,
+        0xE990FD5AL, 0x9E34D797L, 0x2CF0B7D9L, 0x022B8B51L,
+        0x96D5AC3AL, 0x017DA67DL, 0xD1CF3ED6L, 0x7C7D2D28L,
+        0x1F9F25CFL, 0xADF2B89BL, 0x5AD6B472L, 0x5A88F54CL,
+        0xE029AC71L, 0xE019A5E6L, 0x47B0ACFDL, 0xED93FA9BL,
+        0xE8D3C48DL, 0x283B57CCL, 0xF8D56629L, 0x79132E28L,
+        0x785F0191L, 0xED756055L, 0xF7960E44L, 0xE3D35E8CL,
+        0x15056DD4L, 0x88F46DBAL, 0x03A16125L, 0x0564F0BDL,
+        0xC3EB9E15L, 0x3C9057A2L, 0x97271AECL, 0xA93A072AL,
+        0x1B3F6D9BL, 0x1E6321F5L, 0xF59C66FBL, 0x26DCF319L,
+        0x7533D928L, 0xB155FDF5L, 0x03563482L, 0x8ABA3CBBL,
+        0x28517711L, 0xC20AD9F8L, 0xABCC5167L, 0xCCAD925FL,
+        0x4DE81751L, 0x3830DC8EL, 0x379D5862L, 0x9320F991L,
+        0xEA7A90C2L, 0xFB3E7BCEL, 0x5121CE64L, 0x774FBE32L,
+        0xA8B6E37EL, 0xC3293D46L, 0x48DE5369L, 0x6413E680L,
+        0xA2AE0810L, 0xDD6DB224L, 0x69852DFDL, 0x09072166L,
+        0xB39A460AL, 0x6445C0DDL, 0x586CDECFL, 0x1C20C8AEL,
+        0x5BBEF7DDL, 0x1B588D40L, 0xCCD2017FL, 0x6BB4E3BBL,
+        0xDDA26A7EL, 0x3A59FF45L, 0x3E350A44L, 0xBCB4CDD5L,
+        0x72EACEA8L, 0xFA6484BBL, 0x8D6612AEL, 0xBF3C6F47L,
+        0xD29BE463L, 0x542F5D9EL, 0xAEC2771BL, 0xF64E6370L,
+        0x740E0D8DL, 0xE75B1357L, 0xF8721671L, 0xAF537D5DL,
+        0x4040CB08L, 0x4EB4E2CCL, 0x34D2466AL, 0x0115AF84L,
+        0xE1B00428L, 0x95983A1DL, 0x06B89FB4L, 0xCE6EA048L,
+        0x6F3F3B82L, 0x3520AB82L, 0x011A1D4BL, 0x277227F8L,
+        0x611560B1L, 0xE7933FDCL, 0xBB3A792BL, 0x344525BDL,
+        0xA08839E1L, 0x51CE794BL, 0x2F32C9B7L, 0xA01FBAC9L,
+        0xE01CC87EL, 0xBCC7D1F6L, 0xCF0111C3L, 0xA1E8AAC7L,
+        0x1A908749L, 0xD44FBD9AL, 0xD0DADECBL, 0xD50ADA38L,
+        0x0339C32AL, 0xC6913667L, 0x8DF9317CL, 0xE0B12B4FL,
+        0xF79E59B7L, 0x43F5BB3AL, 0xF2D519FFL, 0x27D9459CL,
+        0xBF97222CL, 0x15E6FC2AL, 0x0F91FC71L, 0x9B941525L,
+        0xFAE59361L, 0xCEB69CEBL, 0xC2A86459L, 0x12BAA8D1L,
+        0xB6C1075EL, 0xE3056A0CL, 0x10D25065L, 0xCB03A442L,
+        0xE0EC6E0EL, 0x1698DB3BL, 0x4C98A0BEL, 0x3278E964L,
+        0x9F1F9532L, 0xE0D392DFL, 0xD3A0342BL, 0x8971F21EL,
+        0x1B0A7441L, 0x4BA3348CL, 0xC5BE7120L, 0xC37632D8L,
+        0xDF359F8DL, 0x9B992F2EL, 0xE60B6F47L, 0x0FE3F11DL,
+        0xE54CDA54L, 0x1EDAD891L, 0xCE6279CFL, 0xCD3E7E6FL,
+        0x1618B166L, 0xFD2C1D05L, 0x848FD2C5L, 0xF6FB2299L,
+        0xF523F357L, 0xA6327623L, 0x93A83531L, 0x56CCCD02L,
+        0xACF08162L, 0x5A75EBB5L, 0x6E163697L, 0x88D273CCL,
+        0xDE966292L, 0x81B949D0L, 0x4C50901BL, 0x71C65614L,
+        0xE6C6C7BDL, 0x327A140AL, 0x45E1D006L, 0xC3F27B9AL,
+        0xC9AA53FDL, 0x62A80F00L, 0xBB25BFE2L, 0x35BDD2F6L,
+        0x71126905L, 0xB2040222L, 0xB6CBCF7CL, 0xCD769C2BL,
+        0x53113EC0L, 0x1640E3D3L, 0x38ABBD60L, 0x2547ADF0L,
+        0xBA38209CL, 0xF746CE76L, 0x77AFA1C5L, 0x20756060L,
+        0x85CBFE4EL, 0x8AE88DD8L, 0x7AAAF9B0L, 0x4CF9AA7EL,
+        0x1948C25CL, 0x02FB8A8CL, 0x01C36AE4L, 0xD6EBE1F9L,
+        0x90D4F869L, 0xA65CDEA0L, 0x3F09252DL, 0xC208E69FL,
+        0xB74E6132L, 0xCE77E25BL, 0x578FDFE3L, 0x3AC372E6L  }
+};
+
+#endif /* !MBEDTLS_BLOWFISH_ALT */
+#endif /* MBEDTLS_BLOWFISH_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/camellia.c b/3rdparty/mbedtls-2.28.7/library/camellia.c
new file mode 100644
index 0000000..bd76ea8
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/camellia.c
@@ -0,0 +1,1076 @@
+/*
+ *  Camellia implementation
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  The Camellia block cipher was designed by NTT and Mitsubishi Electric
+ *  Corporation.
+ *
+ *  http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/01espec.pdf
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_CAMELLIA_C)
+
+#include "mbedtls/camellia.h"
+#include "mbedtls/platform_util.h"
+
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_CAMELLIA_ALT)
+
+/* Parameter validation macros */
+#define CAMELLIA_VALIDATE_RET(cond)                                       \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA)
+#define CAMELLIA_VALIDATE(cond)                                           \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+static const unsigned char SIGMA_CHARS[6][8] =
+{
+    { 0xa0, 0x9e, 0x66, 0x7f, 0x3b, 0xcc, 0x90, 0x8b },
+    { 0xb6, 0x7a, 0xe8, 0x58, 0x4c, 0xaa, 0x73, 0xb2 },
+    { 0xc6, 0xef, 0x37, 0x2f, 0xe9, 0x4f, 0x82, 0xbe },
+    { 0x54, 0xff, 0x53, 0xa5, 0xf1, 0xd3, 0x6f, 0x1c },
+    { 0x10, 0xe5, 0x27, 0xfa, 0xde, 0x68, 0x2d, 0x1d },
+    { 0xb0, 0x56, 0x88, 0xc2, 0xb3, 0xe6, 0xc1, 0xfd }
+};
+
+#if defined(MBEDTLS_CAMELLIA_SMALL_MEMORY)
+
+static const unsigned char FSb[256] =
+{
+    112, 130, 44, 236, 179, 39, 192, 229, 228, 133, 87, 53, 234, 12, 174, 65,
+    35, 239, 107, 147, 69, 25, 165, 33, 237, 14, 79, 78, 29, 101, 146, 189,
+    134, 184, 175, 143, 124, 235, 31, 206, 62, 48, 220, 95, 94, 197, 11, 26,
+    166, 225, 57, 202, 213, 71, 93, 61, 217,  1, 90, 214, 81, 86, 108, 77,
+    139, 13, 154, 102, 251, 204, 176, 45, 116, 18, 43, 32, 240, 177, 132, 153,
+    223, 76, 203, 194, 52, 126, 118,  5, 109, 183, 169, 49, 209, 23,  4, 215,
+    20, 88, 58, 97, 222, 27, 17, 28, 50, 15, 156, 22, 83, 24, 242, 34,
+    254, 68, 207, 178, 195, 181, 122, 145, 36,  8, 232, 168, 96, 252, 105, 80,
+    170, 208, 160, 125, 161, 137, 98, 151, 84, 91, 30, 149, 224, 255, 100, 210,
+    16, 196,  0, 72, 163, 247, 117, 219, 138,  3, 230, 218,  9, 63, 221, 148,
+    135, 92, 131,  2, 205, 74, 144, 51, 115, 103, 246, 243, 157, 127, 191, 226,
+    82, 155, 216, 38, 200, 55, 198, 59, 129, 150, 111, 75, 19, 190, 99, 46,
+    233, 121, 167, 140, 159, 110, 188, 142, 41, 245, 249, 182, 47, 253, 180, 89,
+    120, 152,  6, 106, 231, 70, 113, 186, 212, 37, 171, 66, 136, 162, 141, 250,
+    114,  7, 185, 85, 248, 238, 172, 10, 54, 73, 42, 104, 60, 56, 241, 164,
+    64, 40, 211, 123, 187, 201, 67, 193, 21, 227, 173, 244, 119, 199, 128, 158
+};
+
+#define SBOX1(n) FSb[(n)]
+#define SBOX2(n) (unsigned char) ((FSb[(n)] >> 7 ^ FSb[(n)] << 1) & 0xff)
+#define SBOX3(n) (unsigned char) ((FSb[(n)] >> 1 ^ FSb[(n)] << 7) & 0xff)
+#define SBOX4(n) FSb[((n) << 1 ^ (n) >> 7) &0xff]
+
+#else /* MBEDTLS_CAMELLIA_SMALL_MEMORY */
+
+static const unsigned char FSb[256] =
+{
+    112, 130,  44, 236, 179,  39, 192, 229, 228, 133,  87,  53, 234,  12, 174,  65,
+    35, 239, 107, 147,  69,  25, 165,  33, 237,  14,  79,  78,  29, 101, 146, 189,
+    134, 184, 175, 143, 124, 235,  31, 206,  62,  48, 220,  95,  94, 197,  11,  26,
+    166, 225,  57, 202, 213,  71,  93,  61, 217,   1,  90, 214,  81,  86, 108,  77,
+    139,  13, 154, 102, 251, 204, 176,  45, 116,  18,  43,  32, 240, 177, 132, 153,
+    223,  76, 203, 194,  52, 126, 118,   5, 109, 183, 169,  49, 209,  23,   4, 215,
+    20,  88,  58,  97, 222,  27,  17,  28,  50,  15, 156,  22,  83,  24, 242,  34,
+    254,  68, 207, 178, 195, 181, 122, 145,  36,   8, 232, 168,  96, 252, 105,  80,
+    170, 208, 160, 125, 161, 137,  98, 151,  84,  91,  30, 149, 224, 255, 100, 210,
+    16, 196,   0,  72, 163, 247, 117, 219, 138,   3, 230, 218,   9,  63, 221, 148,
+    135,  92, 131,   2, 205,  74, 144,  51, 115, 103, 246, 243, 157, 127, 191, 226,
+    82, 155, 216,  38, 200,  55, 198,  59, 129, 150, 111,  75,  19, 190,  99,  46,
+    233, 121, 167, 140, 159, 110, 188, 142,  41, 245, 249, 182,  47, 253, 180,  89,
+    120, 152,   6, 106, 231,  70, 113, 186, 212,  37, 171,  66, 136, 162, 141, 250,
+    114,   7, 185,  85, 248, 238, 172,  10,  54,  73,  42, 104,  60,  56, 241, 164,
+    64,  40, 211, 123, 187, 201,  67, 193,  21, 227, 173, 244, 119, 199, 128, 158
+};
+
+static const unsigned char FSb2[256] =
+{
+    224,   5,  88, 217, 103,  78, 129, 203, 201,  11, 174, 106, 213,  24,  93, 130,
+    70, 223, 214,  39, 138,  50,  75,  66, 219,  28, 158, 156,  58, 202,  37, 123,
+    13, 113,  95,  31, 248, 215,  62, 157, 124,  96, 185, 190, 188, 139,  22,  52,
+    77, 195, 114, 149, 171, 142, 186, 122, 179,   2, 180, 173, 162, 172, 216, 154,
+    23,  26,  53, 204, 247, 153,  97,  90, 232,  36,  86,  64, 225,  99,   9,  51,
+    191, 152, 151, 133, 104, 252, 236,  10, 218, 111,  83,  98, 163,  46,   8, 175,
+    40, 176, 116, 194, 189,  54,  34,  56, 100,  30,  57,  44, 166,  48, 229,  68,
+    253, 136, 159, 101, 135, 107, 244,  35,  72,  16, 209,  81, 192, 249, 210, 160,
+    85, 161,  65, 250,  67,  19, 196,  47, 168, 182,  60,  43, 193, 255, 200, 165,
+    32, 137,   0, 144,  71, 239, 234, 183,  21,   6, 205, 181,  18, 126, 187,  41,
+    15, 184,   7,   4, 155, 148,  33, 102, 230, 206, 237, 231,  59, 254, 127, 197,
+    164,  55, 177,  76, 145, 110, 141, 118,   3,  45, 222, 150,  38, 125, 198,  92,
+    211, 242,  79,  25,  63, 220, 121,  29,  82, 235, 243, 109,  94, 251, 105, 178,
+    240,  49,  12, 212, 207, 140, 226, 117, 169,  74,  87, 132,  17,  69,  27, 245,
+    228,  14, 115, 170, 241, 221,  89,  20, 108, 146,  84, 208, 120, 112, 227,  73,
+    128,  80, 167, 246, 119, 147, 134, 131,  42, 199,  91, 233, 238, 143,   1,  61
+};
+
+static const unsigned char FSb3[256] =
+{
+    56,  65,  22, 118, 217, 147,  96, 242, 114, 194, 171, 154, 117,   6,  87, 160,
+    145, 247, 181, 201, 162, 140, 210, 144, 246,   7, 167,  39, 142, 178,  73, 222,
+    67,  92, 215, 199,  62, 245, 143, 103,  31,  24, 110, 175,  47, 226, 133,  13,
+    83, 240, 156, 101, 234, 163, 174, 158, 236, 128,  45, 107, 168,  43,  54, 166,
+    197, 134,  77,  51, 253, 102,  88, 150,  58,   9, 149,  16, 120, 216,  66, 204,
+    239,  38, 229,  97,  26,  63,  59, 130, 182, 219, 212, 152, 232, 139,   2, 235,
+    10,  44,  29, 176, 111, 141, 136,  14,  25, 135,  78,  11, 169,  12, 121,  17,
+    127,  34, 231,  89, 225, 218,  61, 200,  18,   4, 116,  84,  48, 126, 180,  40,
+    85, 104,  80, 190, 208, 196,  49, 203,  42, 173,  15, 202, 112, 255,  50, 105,
+    8,  98,   0,  36, 209, 251, 186, 237,  69, 129, 115, 109, 132, 159, 238,  74,
+    195,  46, 193,   1, 230,  37,  72, 153, 185, 179, 123, 249, 206, 191, 223, 113,
+    41, 205, 108,  19, 100, 155,  99, 157, 192,  75, 183, 165, 137,  95, 177,  23,
+    244, 188, 211,  70, 207,  55,  94,  71, 148, 250, 252,  91, 151, 254,  90, 172,
+    60,  76,   3,  53, 243,  35, 184,  93, 106, 146, 213,  33,  68,  81, 198, 125,
+    57, 131, 220, 170, 124, 119,  86,   5,  27, 164,  21,  52,  30,  28, 248,  82,
+    32,  20, 233, 189, 221, 228, 161, 224, 138, 241, 214, 122, 187, 227,  64,  79
+};
+
+static const unsigned char FSb4[256] =
+{
+    112,  44, 179, 192, 228,  87, 234, 174,  35, 107,  69, 165, 237,  79,  29, 146,
+    134, 175, 124,  31,  62, 220,  94,  11, 166,  57, 213,  93, 217,  90,  81, 108,
+    139, 154, 251, 176, 116,  43, 240, 132, 223, 203,  52, 118, 109, 169, 209,   4,
+    20,  58, 222,  17,  50, 156,  83, 242, 254, 207, 195, 122,  36, 232,  96, 105,
+    170, 160, 161,  98,  84,  30, 224, 100,  16,   0, 163, 117, 138, 230,   9, 221,
+    135, 131, 205, 144, 115, 246, 157, 191,  82, 216, 200, 198, 129, 111,  19,  99,
+    233, 167, 159, 188,  41, 249,  47, 180, 120,   6, 231, 113, 212, 171, 136, 141,
+    114, 185, 248, 172,  54,  42,  60, 241,  64, 211, 187,  67,  21, 173, 119, 128,
+    130, 236,  39, 229, 133,  53,  12,  65, 239, 147,  25,  33,  14,  78, 101, 189,
+    184, 143, 235, 206,  48,  95, 197,  26, 225, 202,  71,  61,   1, 214,  86,  77,
+    13, 102, 204,  45,  18,  32, 177, 153,  76, 194, 126,   5, 183,  49,  23, 215,
+    88,  97,  27,  28,  15,  22,  24,  34,  68, 178, 181, 145,   8, 168, 252,  80,
+    208, 125, 137, 151,  91, 149, 255, 210, 196,  72, 247, 219,   3, 218,  63, 148,
+    92,   2,  74,  51, 103, 243, 127, 226, 155,  38,  55,  59, 150,  75, 190,  46,
+    121, 140, 110, 142, 245, 182, 253,  89, 152, 106,  70, 186,  37,  66, 162, 250,
+    7,  85, 238,  10,  73, 104,  56, 164,  40, 123, 201, 193, 227, 244, 199, 158
+};
+
+#define SBOX1(n) FSb[(n)]
+#define SBOX2(n) FSb2[(n)]
+#define SBOX3(n) FSb3[(n)]
+#define SBOX4(n) FSb4[(n)]
+
+#endif /* MBEDTLS_CAMELLIA_SMALL_MEMORY */
+
+static const unsigned char shifts[2][4][4] =
+{
+    {
+        { 1, 1, 1, 1 }, /* KL */
+        { 0, 0, 0, 0 }, /* KR */
+        { 1, 1, 1, 1 }, /* KA */
+        { 0, 0, 0, 0 }  /* KB */
+    },
+    {
+        { 1, 0, 1, 1 }, /* KL */
+        { 1, 1, 0, 1 }, /* KR */
+        { 1, 1, 1, 0 }, /* KA */
+        { 1, 1, 0, 1 }  /* KB */
+    }
+};
+
+static const signed char indexes[2][4][20] =
+{
+    {
+        {  0,  1,  2,  3,  8,  9, 10, 11, 38, 39,
+           36, 37, 23, 20, 21, 22, 27, -1, -1, 26 }, /* KL -> RK */
+        { -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+          -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 }, /* KR -> RK */
+        {  4,  5,  6,  7, 12, 13, 14, 15, 16, 17,
+           18, 19, -1, 24, 25, -1, 31, 28, 29, 30 }, /* KA -> RK */
+        { -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+          -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 }  /* KB -> RK */
+    },
+    {
+        {  0,  1,  2,  3, 61, 62, 63, 60, -1, -1,
+           -1, -1, 27, 24, 25, 26, 35, 32, 33, 34 }, /* KL -> RK */
+        { -1, -1, -1, -1,  8,  9, 10, 11, 16, 17,
+          18, 19, -1, -1, -1, -1, 39, 36, 37, 38 }, /* KR -> RK */
+        { -1, -1, -1, -1, 12, 13, 14, 15, 58, 59,
+          56, 57, 31, 28, 29, 30, -1, -1, -1, -1 }, /* KA -> RK */
+        {  4,  5,  6,  7, 65, 66, 67, 64, 20, 21,
+           22, 23, -1, -1, -1, -1, 43, 40, 41, 42 } /* KB -> RK */
+    }
+};
+
+static const signed char transposes[2][20] =
+{
+    {
+        21, 22, 23, 20,
+        -1, -1, -1, -1,
+        18, 19, 16, 17,
+        11,  8,  9, 10,
+        15, 12, 13, 14
+    },
+    {
+        25, 26, 27, 24,
+        29, 30, 31, 28,
+        18, 19, 16, 17,
+        -1, -1, -1, -1,
+        -1, -1, -1, -1
+    }
+};
+
+/* Shift macro for 128 bit strings with rotation smaller than 32 bits (!) */
+#define ROTL(DEST, SRC, SHIFT)                                      \
+    {                                                                   \
+        (DEST)[0] = (SRC)[0] << (SHIFT) ^ (SRC)[1] >> (32 - (SHIFT));   \
+        (DEST)[1] = (SRC)[1] << (SHIFT) ^ (SRC)[2] >> (32 - (SHIFT));   \
+        (DEST)[2] = (SRC)[2] << (SHIFT) ^ (SRC)[3] >> (32 - (SHIFT));   \
+        (DEST)[3] = (SRC)[3] << (SHIFT) ^ (SRC)[0] >> (32 - (SHIFT));   \
+    }
+
+#define FL(XL, XR, KL, KR)                                          \
+    {                                                                   \
+        (XR) = ((((XL) &(KL)) << 1) | (((XL) &(KL)) >> 31)) ^ (XR);   \
+        (XL) = ((XR) | (KR)) ^ (XL);                                    \
+    }
+
+#define FLInv(YL, YR, KL, KR)                                       \
+    {                                                                   \
+        (YL) = ((YR) | (KR)) ^ (YL);                                    \
+        (YR) = ((((YL) &(KL)) << 1) | (((YL) &(KL)) >> 31)) ^ (YR);   \
+    }
+
+#define SHIFT_AND_PLACE(INDEX, OFFSET)                      \
+    {                                                           \
+        TK[0] = KC[(OFFSET) * 4 + 0];                           \
+        TK[1] = KC[(OFFSET) * 4 + 1];                           \
+        TK[2] = KC[(OFFSET) * 4 + 2];                           \
+        TK[3] = KC[(OFFSET) * 4 + 3];                           \
+                                                            \
+        for (i = 1; i <= 4; i++)                               \
+        if (shifts[(INDEX)][(OFFSET)][i -1])               \
+        ROTL(TK + i * 4, TK, (15 * i) % 32);          \
+                                                            \
+        for (i = 0; i < 20; i++)                               \
+        if (indexes[(INDEX)][(OFFSET)][i] != -1) {         \
+            RK[indexes[(INDEX)][(OFFSET)][i]] = TK[i];    \
+        }                                                   \
+    }
+
+static void camellia_feistel(const uint32_t x[2], const uint32_t k[2],
+                             uint32_t z[2])
+{
+    uint32_t I0, I1;
+    I0 = x[0] ^ k[0];
+    I1 = x[1] ^ k[1];
+
+    I0 = ((uint32_t) SBOX1(MBEDTLS_BYTE_3(I0)) << 24) |
+         ((uint32_t) SBOX2(MBEDTLS_BYTE_2(I0)) << 16) |
+         ((uint32_t) SBOX3(MBEDTLS_BYTE_1(I0)) <<  8) |
+         ((uint32_t) SBOX4(MBEDTLS_BYTE_0(I0)));
+    I1 = ((uint32_t) SBOX2(MBEDTLS_BYTE_3(I1)) << 24) |
+         ((uint32_t) SBOX3(MBEDTLS_BYTE_2(I1)) << 16) |
+         ((uint32_t) SBOX4(MBEDTLS_BYTE_1(I1)) <<  8) |
+         ((uint32_t) SBOX1(MBEDTLS_BYTE_0(I1)));
+
+    I0 ^= (I1 << 8) | (I1 >> 24);
+    I1 ^= (I0 << 16) | (I0 >> 16);
+    I0 ^= (I1 >> 8) | (I1 << 24);
+    I1 ^= (I0 >> 8) | (I0 << 24);
+
+    z[0] ^= I1;
+    z[1] ^= I0;
+}
+
+void mbedtls_camellia_init(mbedtls_camellia_context *ctx)
+{
+    CAMELLIA_VALIDATE(ctx != NULL);
+    memset(ctx, 0, sizeof(mbedtls_camellia_context));
+}
+
+void mbedtls_camellia_free(mbedtls_camellia_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_camellia_context));
+}
+
+/*
+ * Camellia key schedule (encryption)
+ */
+int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx,
+                                const unsigned char *key,
+                                unsigned int keybits)
+{
+    int idx;
+    size_t i;
+    uint32_t *RK;
+    unsigned char t[64];
+    uint32_t SIGMA[6][2];
+    uint32_t KC[16];
+    uint32_t TK[20];
+
+    CAMELLIA_VALIDATE_RET(ctx != NULL);
+    CAMELLIA_VALIDATE_RET(key != NULL);
+
+    RK = ctx->rk;
+
+    memset(t, 0, 64);
+    memset(RK, 0, sizeof(ctx->rk));
+
+    switch (keybits) {
+        case 128: ctx->nr = 3; idx = 0; break;
+        case 192:
+        case 256: ctx->nr = 4; idx = 1; break;
+        default: return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA;
+    }
+
+    for (i = 0; i < keybits / 8; ++i) {
+        t[i] = key[i];
+    }
+
+    if (keybits == 192) {
+        for (i = 0; i < 8; i++) {
+            t[24 + i] = ~t[16 + i];
+        }
+    }
+
+    /*
+     * Prepare SIGMA values
+     */
+    for (i = 0; i < 6; i++) {
+        SIGMA[i][0] = MBEDTLS_GET_UINT32_BE(SIGMA_CHARS[i], 0);
+        SIGMA[i][1] = MBEDTLS_GET_UINT32_BE(SIGMA_CHARS[i], 4);
+    }
+
+    /*
+     * Key storage in KC
+     * Order: KL, KR, KA, KB
+     */
+    memset(KC, 0, sizeof(KC));
+
+    /* Store KL, KR */
+    for (i = 0; i < 8; i++) {
+        KC[i] = MBEDTLS_GET_UINT32_BE(t, i * 4);
+    }
+
+    /* Generate KA */
+    for (i = 0; i < 4; ++i) {
+        KC[8 + i] = KC[i] ^ KC[4 + i];
+    }
+
+    camellia_feistel(KC + 8, SIGMA[0], KC + 10);
+    camellia_feistel(KC + 10, SIGMA[1], KC + 8);
+
+    for (i = 0; i < 4; ++i) {
+        KC[8 + i] ^= KC[i];
+    }
+
+    camellia_feistel(KC + 8, SIGMA[2], KC + 10);
+    camellia_feistel(KC + 10, SIGMA[3], KC + 8);
+
+    if (keybits > 128) {
+        /* Generate KB */
+        for (i = 0; i < 4; ++i) {
+            KC[12 + i] = KC[4 + i] ^ KC[8 + i];
+        }
+
+        camellia_feistel(KC + 12, SIGMA[4], KC + 14);
+        camellia_feistel(KC + 14, SIGMA[5], KC + 12);
+    }
+
+    /*
+     * Generating subkeys
+     */
+
+    /* Manipulating KL */
+    SHIFT_AND_PLACE(idx, 0);
+
+    /* Manipulating KR */
+    if (keybits > 128) {
+        SHIFT_AND_PLACE(idx, 1);
+    }
+
+    /* Manipulating KA */
+    SHIFT_AND_PLACE(idx, 2);
+
+    /* Manipulating KB */
+    if (keybits > 128) {
+        SHIFT_AND_PLACE(idx, 3);
+    }
+
+    /* Do transpositions */
+    for (i = 0; i < 20; i++) {
+        if (transposes[idx][i] != -1) {
+            RK[32 + 12 * idx + i] = RK[transposes[idx][i]];
+        }
+    }
+
+    return 0;
+}
+
+/*
+ * Camellia key schedule (decryption)
+ */
+int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx,
+                                const unsigned char *key,
+                                unsigned int keybits)
+{
+    int idx, ret;
+    size_t i;
+    mbedtls_camellia_context cty;
+    uint32_t *RK;
+    uint32_t *SK;
+    CAMELLIA_VALIDATE_RET(ctx != NULL);
+    CAMELLIA_VALIDATE_RET(key != NULL);
+
+    mbedtls_camellia_init(&cty);
+
+    /* Also checks keybits */
+    if ((ret = mbedtls_camellia_setkey_enc(&cty, key, keybits)) != 0) {
+        goto exit;
+    }
+
+    ctx->nr = cty.nr;
+    idx = (ctx->nr == 4);
+
+    RK = ctx->rk;
+    SK = cty.rk + 24 * 2 + 8 * idx * 2;
+
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+
+    for (i = 22 + 8 * idx, SK -= 6; i > 0; i--, SK -= 4) {
+        *RK++ = *SK++;
+        *RK++ = *SK++;
+    }
+
+    SK -= 2;
+
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+
+exit:
+    mbedtls_camellia_free(&cty);
+
+    return ret;
+}
+
+/*
+ * Camellia-ECB block encryption/decryption
+ */
+int mbedtls_camellia_crypt_ecb(mbedtls_camellia_context *ctx,
+                               int mode,
+                               const unsigned char input[16],
+                               unsigned char output[16])
+{
+    int NR;
+    uint32_t *RK, X[4];
+    CAMELLIA_VALIDATE_RET(ctx != NULL);
+    CAMELLIA_VALIDATE_RET(mode == MBEDTLS_CAMELLIA_ENCRYPT ||
+                          mode == MBEDTLS_CAMELLIA_DECRYPT);
+    CAMELLIA_VALIDATE_RET(input  != NULL);
+    CAMELLIA_VALIDATE_RET(output != NULL);
+
+    ((void) mode);
+
+    NR = ctx->nr;
+    RK = ctx->rk;
+
+    X[0] = MBEDTLS_GET_UINT32_BE(input,  0);
+    X[1] = MBEDTLS_GET_UINT32_BE(input,  4);
+    X[2] = MBEDTLS_GET_UINT32_BE(input,  8);
+    X[3] = MBEDTLS_GET_UINT32_BE(input, 12);
+
+    X[0] ^= *RK++;
+    X[1] ^= *RK++;
+    X[2] ^= *RK++;
+    X[3] ^= *RK++;
+
+    while (NR) {
+        --NR;
+        camellia_feistel(X, RK, X + 2);
+        RK += 2;
+        camellia_feistel(X + 2, RK, X);
+        RK += 2;
+        camellia_feistel(X, RK, X + 2);
+        RK += 2;
+        camellia_feistel(X + 2, RK, X);
+        RK += 2;
+        camellia_feistel(X, RK, X + 2);
+        RK += 2;
+        camellia_feistel(X + 2, RK, X);
+        RK += 2;
+
+        if (NR) {
+            FL(X[0], X[1], RK[0], RK[1]);
+            RK += 2;
+            FLInv(X[2], X[3], RK[0], RK[1]);
+            RK += 2;
+        }
+    }
+
+    X[2] ^= *RK++;
+    X[3] ^= *RK++;
+    X[0] ^= *RK++;
+    X[1] ^= *RK++;
+
+    MBEDTLS_PUT_UINT32_BE(X[2], output,  0);
+    MBEDTLS_PUT_UINT32_BE(X[3], output,  4);
+    MBEDTLS_PUT_UINT32_BE(X[0], output,  8);
+    MBEDTLS_PUT_UINT32_BE(X[1], output, 12);
+
+    return 0;
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/*
+ * Camellia-CBC buffer encryption/decryption
+ */
+int mbedtls_camellia_crypt_cbc(mbedtls_camellia_context *ctx,
+                               int mode,
+                               size_t length,
+                               unsigned char iv[16],
+                               const unsigned char *input,
+                               unsigned char *output)
+{
+    int i;
+    unsigned char temp[16];
+    CAMELLIA_VALIDATE_RET(ctx != NULL);
+    CAMELLIA_VALIDATE_RET(mode == MBEDTLS_CAMELLIA_ENCRYPT ||
+                          mode == MBEDTLS_CAMELLIA_DECRYPT);
+    CAMELLIA_VALIDATE_RET(iv != NULL);
+    CAMELLIA_VALIDATE_RET(length == 0 || input  != NULL);
+    CAMELLIA_VALIDATE_RET(length == 0 || output != NULL);
+
+    if (length % 16) {
+        return MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH;
+    }
+
+    if (mode == MBEDTLS_CAMELLIA_DECRYPT) {
+        while (length > 0) {
+            memcpy(temp, input, 16);
+            mbedtls_camellia_crypt_ecb(ctx, mode, input, output);
+
+            for (i = 0; i < 16; i++) {
+                output[i] = (unsigned char) (output[i] ^ iv[i]);
+            }
+
+            memcpy(iv, temp, 16);
+
+            input  += 16;
+            output += 16;
+            length -= 16;
+        }
+    } else {
+        while (length > 0) {
+            for (i = 0; i < 16; i++) {
+                output[i] = (unsigned char) (input[i] ^ iv[i]);
+            }
+
+            mbedtls_camellia_crypt_ecb(ctx, mode, output, output);
+            memcpy(iv, output, 16);
+
+            input  += 16;
+            output += 16;
+            length -= 16;
+        }
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+/*
+ * Camellia-CFB128 buffer encryption/decryption
+ */
+int mbedtls_camellia_crypt_cfb128(mbedtls_camellia_context *ctx,
+                                  int mode,
+                                  size_t length,
+                                  size_t *iv_off,
+                                  unsigned char iv[16],
+                                  const unsigned char *input,
+                                  unsigned char *output)
+{
+    int c;
+    size_t n;
+    CAMELLIA_VALIDATE_RET(ctx != NULL);
+    CAMELLIA_VALIDATE_RET(mode == MBEDTLS_CAMELLIA_ENCRYPT ||
+                          mode == MBEDTLS_CAMELLIA_DECRYPT);
+    CAMELLIA_VALIDATE_RET(iv     != NULL);
+    CAMELLIA_VALIDATE_RET(iv_off != NULL);
+    CAMELLIA_VALIDATE_RET(length == 0 || input  != NULL);
+    CAMELLIA_VALIDATE_RET(length == 0 || output != NULL);
+
+    n = *iv_off;
+    if (n >= 16) {
+        return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA;
+    }
+
+    if (mode == MBEDTLS_CAMELLIA_DECRYPT) {
+        while (length--) {
+            if (n == 0) {
+                mbedtls_camellia_crypt_ecb(ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv);
+            }
+
+            c = *input++;
+            *output++ = (unsigned char) (c ^ iv[n]);
+            iv[n] = (unsigned char) c;
+
+            n = (n + 1) & 0x0F;
+        }
+    } else {
+        while (length--) {
+            if (n == 0) {
+                mbedtls_camellia_crypt_ecb(ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv);
+            }
+
+            iv[n] = *output++ = (unsigned char) (iv[n] ^ *input++);
+
+            n = (n + 1) & 0x0F;
+        }
+    }
+
+    *iv_off = n;
+
+    return 0;
+}
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+/*
+ * Camellia-CTR buffer encryption/decryption
+ */
+int mbedtls_camellia_crypt_ctr(mbedtls_camellia_context *ctx,
+                               size_t length,
+                               size_t *nc_off,
+                               unsigned char nonce_counter[16],
+                               unsigned char stream_block[16],
+                               const unsigned char *input,
+                               unsigned char *output)
+{
+    int c, i;
+    size_t n;
+    CAMELLIA_VALIDATE_RET(ctx != NULL);
+    CAMELLIA_VALIDATE_RET(nonce_counter != NULL);
+    CAMELLIA_VALIDATE_RET(stream_block  != NULL);
+    CAMELLIA_VALIDATE_RET(nc_off != NULL);
+    CAMELLIA_VALIDATE_RET(length == 0 || input  != NULL);
+    CAMELLIA_VALIDATE_RET(length == 0 || output != NULL);
+
+    n = *nc_off;
+    if (n >= 16) {
+        return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA;
+    }
+
+    while (length--) {
+        if (n == 0) {
+            mbedtls_camellia_crypt_ecb(ctx, MBEDTLS_CAMELLIA_ENCRYPT, nonce_counter,
+                                       stream_block);
+
+            for (i = 16; i > 0; i--) {
+                if (++nonce_counter[i - 1] != 0) {
+                    break;
+                }
+            }
+        }
+        c = *input++;
+        *output++ = (unsigned char) (c ^ stream_block[n]);
+
+        n = (n + 1) & 0x0F;
+    }
+
+    *nc_off = n;
+
+    return 0;
+}
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+#endif /* !MBEDTLS_CAMELLIA_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/*
+ * Camellia test vectors from:
+ *
+ * http://info.isl.ntt.co.jp/crypt/eng/camellia/technology.html:
+ *   http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/cryptrec/intermediate.txt
+ *   http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/cryptrec/t_camellia.txt
+ *                      (For each bitlength: Key 0, Nr 39)
+ */
+#define CAMELLIA_TESTS_ECB  2
+
+static const unsigned char camellia_test_ecb_key[3][CAMELLIA_TESTS_ECB][32] =
+{
+    {
+        { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+          0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 },
+        { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
+    },
+    {
+        { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+          0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
+          0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 },
+        { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
+    },
+    {
+        { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+          0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
+          0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
+          0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff },
+        { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
+    },
+};
+
+static const unsigned char camellia_test_ecb_plain[CAMELLIA_TESTS_ECB][16] =
+{
+    { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+      0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 },
+    { 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
+};
+
+static const unsigned char camellia_test_ecb_cipher[3][CAMELLIA_TESTS_ECB][16] =
+{
+    {
+        { 0x67, 0x67, 0x31, 0x38, 0x54, 0x96, 0x69, 0x73,
+          0x08, 0x57, 0x06, 0x56, 0x48, 0xea, 0xbe, 0x43 },
+        { 0x38, 0x3C, 0x6C, 0x2A, 0xAB, 0xEF, 0x7F, 0xDE,
+          0x25, 0xCD, 0x47, 0x0B, 0xF7, 0x74, 0xA3, 0x31 }
+    },
+    {
+        { 0xb4, 0x99, 0x34, 0x01, 0xb3, 0xe9, 0x96, 0xf8,
+          0x4e, 0xe5, 0xce, 0xe7, 0xd7, 0x9b, 0x09, 0xb9 },
+        { 0xD1, 0x76, 0x3F, 0xC0, 0x19, 0xD7, 0x7C, 0xC9,
+          0x30, 0xBF, 0xF2, 0xA5, 0x6F, 0x7C, 0x93, 0x64 }
+    },
+    {
+        { 0x9a, 0xcc, 0x23, 0x7d, 0xff, 0x16, 0xd7, 0x6c,
+          0x20, 0xef, 0x7c, 0x91, 0x9e, 0x3a, 0x75, 0x09 },
+        { 0x05, 0x03, 0xFB, 0x10, 0xAB, 0x24, 0x1E, 0x7C,
+          0xF4, 0x5D, 0x8C, 0xDE, 0xEE, 0x47, 0x43, 0x35 }
+    }
+};
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#define CAMELLIA_TESTS_CBC  3
+
+static const unsigned char camellia_test_cbc_key[3][32] =
+{
+    { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6,
+      0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C }
+    ,
+    { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52,
+      0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5,
+      0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B }
+    ,
+    { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE,
+      0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81,
+      0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7,
+      0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 }
+};
+
+static const unsigned char camellia_test_cbc_iv[16] =
+
+{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+  0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F }
+;
+
+static const unsigned char camellia_test_cbc_plain[CAMELLIA_TESTS_CBC][16] =
+{
+    { 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
+      0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A },
+    { 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
+      0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51 },
+    { 0x30, 0xC8, 0x1C, 0x46, 0xA3, 0x5C, 0xE4, 0x11,
+      0xE5, 0xFB, 0xC1, 0x19, 0x1A, 0x0A, 0x52, 0xEF }
+
+};
+
+static const unsigned char camellia_test_cbc_cipher[3][CAMELLIA_TESTS_CBC][16] =
+{
+    {
+        { 0x16, 0x07, 0xCF, 0x49, 0x4B, 0x36, 0xBB, 0xF0,
+          0x0D, 0xAE, 0xB0, 0xB5, 0x03, 0xC8, 0x31, 0xAB },
+        { 0xA2, 0xF2, 0xCF, 0x67, 0x16, 0x29, 0xEF, 0x78,
+          0x40, 0xC5, 0xA5, 0xDF, 0xB5, 0x07, 0x48, 0x87 },
+        { 0x0F, 0x06, 0x16, 0x50, 0x08, 0xCF, 0x8B, 0x8B,
+          0x5A, 0x63, 0x58, 0x63, 0x62, 0x54, 0x3E, 0x54 }
+    },
+    {
+        { 0x2A, 0x48, 0x30, 0xAB, 0x5A, 0xC4, 0xA1, 0xA2,
+          0x40, 0x59, 0x55, 0xFD, 0x21, 0x95, 0xCF, 0x93 },
+        { 0x5D, 0x5A, 0x86, 0x9B, 0xD1, 0x4C, 0xE5, 0x42,
+          0x64, 0xF8, 0x92, 0xA6, 0xDD, 0x2E, 0xC3, 0xD5 },
+        { 0x37, 0xD3, 0x59, 0xC3, 0x34, 0x98, 0x36, 0xD8,
+          0x84, 0xE3, 0x10, 0xAD, 0xDF, 0x68, 0xC4, 0x49 }
+    },
+    {
+        { 0xE6, 0xCF, 0xA3, 0x5F, 0xC0, 0x2B, 0x13, 0x4A,
+          0x4D, 0x2C, 0x0B, 0x67, 0x37, 0xAC, 0x3E, 0xDA },
+        { 0x36, 0xCB, 0xEB, 0x73, 0xBD, 0x50, 0x4B, 0x40,
+          0x70, 0xB1, 0xB7, 0xDE, 0x2B, 0x21, 0xEB, 0x50 },
+        { 0xE3, 0x1A, 0x60, 0x55, 0x29, 0x7D, 0x96, 0xCA,
+          0x33, 0x30, 0xCD, 0xF1, 0xB1, 0x86, 0x0A, 0x83 }
+    }
+};
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+/*
+ * Camellia-CTR test vectors from:
+ *
+ * http://www.faqs.org/rfcs/rfc5528.html
+ */
+
+static const unsigned char camellia_test_ctr_key[3][16] =
+{
+    { 0xAE, 0x68, 0x52, 0xF8, 0x12, 0x10, 0x67, 0xCC,
+      0x4B, 0xF7, 0xA5, 0x76, 0x55, 0x77, 0xF3, 0x9E },
+    { 0x7E, 0x24, 0x06, 0x78, 0x17, 0xFA, 0xE0, 0xD7,
+      0x43, 0xD6, 0xCE, 0x1F, 0x32, 0x53, 0x91, 0x63 },
+    { 0x76, 0x91, 0xBE, 0x03, 0x5E, 0x50, 0x20, 0xA8,
+      0xAC, 0x6E, 0x61, 0x85, 0x29, 0xF9, 0xA0, 0xDC }
+};
+
+static const unsigned char camellia_test_ctr_nonce_counter[3][16] =
+{
+    { 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
+    { 0x00, 0x6C, 0xB6, 0xDB, 0xC0, 0x54, 0x3B, 0x59,
+      0xDA, 0x48, 0xD9, 0x0B, 0x00, 0x00, 0x00, 0x01 },
+    { 0x00, 0xE0, 0x01, 0x7B, 0x27, 0x77, 0x7F, 0x3F,
+      0x4A, 0x17, 0x86, 0xF0, 0x00, 0x00, 0x00, 0x01 }
+};
+
+static const unsigned char camellia_test_ctr_pt[3][48] =
+{
+    { 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62,
+      0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67 },
+
+    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+      0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+      0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+      0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F },
+
+    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+      0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+      0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+      0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F,
+      0x20, 0x21, 0x22, 0x23 }
+};
+
+static const unsigned char camellia_test_ctr_ct[3][48] =
+{
+    { 0xD0, 0x9D, 0xC2, 0x9A, 0x82, 0x14, 0x61, 0x9A,
+      0x20, 0x87, 0x7C, 0x76, 0xDB, 0x1F, 0x0B, 0x3F },
+    { 0xDB, 0xF3, 0xC7, 0x8D, 0xC0, 0x83, 0x96, 0xD4,
+      0xDA, 0x7C, 0x90, 0x77, 0x65, 0xBB, 0xCB, 0x44,
+      0x2B, 0x8E, 0x8E, 0x0F, 0x31, 0xF0, 0xDC, 0xA7,
+      0x2C, 0x74, 0x17, 0xE3, 0x53, 0x60, 0xE0, 0x48 },
+    { 0xB1, 0x9D, 0x1F, 0xCD, 0xCB, 0x75, 0xEB, 0x88,
+      0x2F, 0x84, 0x9C, 0xE2, 0x4D, 0x85, 0xCF, 0x73,
+      0x9C, 0xE6, 0x4B, 0x2B, 0x5C, 0x9D, 0x73, 0xF1,
+      0x4F, 0x2D, 0x5D, 0x9D, 0xCE, 0x98, 0x89, 0xCD,
+      0xDF, 0x50, 0x86, 0x96 }
+};
+
+static const int camellia_test_ctr_len[3] =
+{ 16, 32, 36 };
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+/*
+ * Checkup routine
+ */
+int mbedtls_camellia_self_test(int verbose)
+{
+    int i, j, u, v;
+    unsigned char key[32];
+    unsigned char buf[64];
+    unsigned char src[16];
+    unsigned char dst[16];
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    unsigned char iv[16];
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    size_t offset, len;
+    unsigned char nonce_counter[16];
+    unsigned char stream_block[16];
+#endif
+    int ret = 1;
+
+    mbedtls_camellia_context ctx;
+
+    mbedtls_camellia_init(&ctx);
+    memset(key, 0, 32);
+
+    for (j = 0; j < 6; j++) {
+        u = j >> 1;
+        v = j & 1;
+
+        if (verbose != 0) {
+            mbedtls_printf("  CAMELLIA-ECB-%3d (%s): ", 128 + u * 64,
+                           (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc");
+        }
+
+        for (i = 0; i < CAMELLIA_TESTS_ECB; i++) {
+            memcpy(key, camellia_test_ecb_key[u][i], 16 + 8 * u);
+
+            if (v == MBEDTLS_CAMELLIA_DECRYPT) {
+                mbedtls_camellia_setkey_dec(&ctx, key, 128 + u * 64);
+                memcpy(src, camellia_test_ecb_cipher[u][i], 16);
+                memcpy(dst, camellia_test_ecb_plain[i], 16);
+            } else { /* MBEDTLS_CAMELLIA_ENCRYPT */
+                mbedtls_camellia_setkey_enc(&ctx, key, 128 + u * 64);
+                memcpy(src, camellia_test_ecb_plain[i], 16);
+                memcpy(dst, camellia_test_ecb_cipher[u][i], 16);
+            }
+
+            mbedtls_camellia_crypt_ecb(&ctx, v, src, buf);
+
+            if (memcmp(buf, dst, 16) != 0) {
+                if (verbose != 0) {
+                    mbedtls_printf("failed\n");
+                }
+                goto exit;
+            }
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    /*
+     * CBC mode
+     */
+    for (j = 0; j < 6; j++) {
+        u = j >> 1;
+        v = j  & 1;
+
+        if (verbose != 0) {
+            mbedtls_printf("  CAMELLIA-CBC-%3d (%s): ", 128 + u * 64,
+                           (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc");
+        }
+
+        memcpy(src, camellia_test_cbc_iv, 16);
+        memcpy(dst, camellia_test_cbc_iv, 16);
+        memcpy(key, camellia_test_cbc_key[u], 16 + 8 * u);
+
+        if (v == MBEDTLS_CAMELLIA_DECRYPT) {
+            mbedtls_camellia_setkey_dec(&ctx, key, 128 + u * 64);
+        } else {
+            mbedtls_camellia_setkey_enc(&ctx, key, 128 + u * 64);
+        }
+
+        for (i = 0; i < CAMELLIA_TESTS_CBC; i++) {
+
+            if (v == MBEDTLS_CAMELLIA_DECRYPT) {
+                memcpy(iv, src, 16);
+                memcpy(src, camellia_test_cbc_cipher[u][i], 16);
+                memcpy(dst, camellia_test_cbc_plain[i], 16);
+            } else { /* MBEDTLS_CAMELLIA_ENCRYPT */
+                memcpy(iv, dst, 16);
+                memcpy(src, camellia_test_cbc_plain[i], 16);
+                memcpy(dst, camellia_test_cbc_cipher[u][i], 16);
+            }
+
+            mbedtls_camellia_crypt_cbc(&ctx, v, 16, iv, src, buf);
+
+            if (memcmp(buf, dst, 16) != 0) {
+                if (verbose != 0) {
+                    mbedtls_printf("failed\n");
+                }
+                goto exit;
+            }
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    /*
+     * CTR mode
+     */
+    for (i = 0; i < 6; i++) {
+        u = i >> 1;
+        v = i  & 1;
+
+        if (verbose != 0) {
+            mbedtls_printf("  CAMELLIA-CTR-128 (%s): ",
+                           (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc");
+        }
+
+        memcpy(nonce_counter, camellia_test_ctr_nonce_counter[u], 16);
+        memcpy(key, camellia_test_ctr_key[u], 16);
+
+        offset = 0;
+        mbedtls_camellia_setkey_enc(&ctx, key, 128);
+
+        if (v == MBEDTLS_CAMELLIA_DECRYPT) {
+            len = camellia_test_ctr_len[u];
+            memcpy(buf, camellia_test_ctr_ct[u], len);
+
+            mbedtls_camellia_crypt_ctr(&ctx, len, &offset, nonce_counter, stream_block,
+                                       buf, buf);
+
+            if (memcmp(buf, camellia_test_ctr_pt[u], len) != 0) {
+                if (verbose != 0) {
+                    mbedtls_printf("failed\n");
+                }
+                goto exit;
+            }
+        } else {
+            len = camellia_test_ctr_len[u];
+            memcpy(buf, camellia_test_ctr_pt[u], len);
+
+            mbedtls_camellia_crypt_ctr(&ctx, len, &offset, nonce_counter, stream_block,
+                                       buf, buf);
+
+            if (memcmp(buf, camellia_test_ctr_ct[u], len) != 0) {
+                if (verbose != 0) {
+                    mbedtls_printf("failed\n");
+                }
+                goto exit;
+            }
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+    ret = 0;
+
+exit:
+    mbedtls_camellia_free(&ctx);
+    return ret;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_CAMELLIA_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/ccm.c b/3rdparty/mbedtls-2.28.7/library/ccm.c
new file mode 100644
index 0000000..2ba21c7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/ccm.c
@@ -0,0 +1,534 @@
+/*
+ *  NIST SP800-38C compliant CCM implementation
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ * Definition of CCM:
+ * http://csrc.nist.gov/publications/nistpubs/800-38C/SP800-38C_updated-July20_2007.pdf
+ * RFC 3610 "Counter with CBC-MAC (CCM)"
+ *
+ * Related:
+ * RFC 5116 "An Interface and Algorithms for Authenticated Encryption"
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_CCM_C)
+
+#include "mbedtls/ccm.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+#include "mbedtls/constant_time.h"
+
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_CCM_ALT)
+
+#define CCM_VALIDATE_RET(cond) \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_CCM_BAD_INPUT)
+#define CCM_VALIDATE(cond) \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+#define CCM_ENCRYPT 0
+#define CCM_DECRYPT 1
+
+/*
+ * Initialize context
+ */
+void mbedtls_ccm_init(mbedtls_ccm_context *ctx)
+{
+    CCM_VALIDATE(ctx != NULL);
+    memset(ctx, 0, sizeof(mbedtls_ccm_context));
+}
+
+int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx,
+                       mbedtls_cipher_id_t cipher,
+                       const unsigned char *key,
+                       unsigned int keybits)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const mbedtls_cipher_info_t *cipher_info;
+
+    CCM_VALIDATE_RET(ctx != NULL);
+    CCM_VALIDATE_RET(key != NULL);
+
+    cipher_info = mbedtls_cipher_info_from_values(cipher, keybits,
+                                                  MBEDTLS_MODE_ECB);
+    if (cipher_info == NULL) {
+        return MBEDTLS_ERR_CCM_BAD_INPUT;
+    }
+
+    if (cipher_info->block_size != 16) {
+        return MBEDTLS_ERR_CCM_BAD_INPUT;
+    }
+
+    mbedtls_cipher_free(&ctx->cipher_ctx);
+
+    if ((ret = mbedtls_cipher_setup(&ctx->cipher_ctx, cipher_info)) != 0) {
+        return ret;
+    }
+
+    if ((ret = mbedtls_cipher_setkey(&ctx->cipher_ctx, key, keybits,
+                                     MBEDTLS_ENCRYPT)) != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+
+/*
+ * Free context
+ */
+void mbedtls_ccm_free(mbedtls_ccm_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+    mbedtls_cipher_free(&ctx->cipher_ctx);
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ccm_context));
+}
+
+/*
+ * Macros for common operations.
+ * Results in smaller compiled code than static inline functions.
+ */
+
+/*
+ * Update the CBC-MAC state in y using a block in b
+ * (Always using b as the source helps the compiler optimise a bit better.)
+ */
+#define UPDATE_CBC_MAC                                                      \
+    for (i = 0; i < 16; i++)                                               \
+    y[i] ^= b[i];                                                       \
+                                                                            \
+    if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, y, 16, y, &olen)) != 0) \
+    return ret;
+
+/*
+ * Encrypt or decrypt a partial block with CTR
+ * Warning: using b for temporary storage! src and dst must not be b!
+ * This avoids allocating one more 16 bytes buffer while allowing src == dst.
+ */
+#define CTR_CRYPT(dst, src, len)                                            \
+    do                                                                  \
+    {                                                                   \
+        if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctr,       \
+                                         16, b, &olen)) != 0)      \
+        {                                                               \
+            return ret;                                              \
+        }                                                               \
+                                                                      \
+        for (i = 0; i < (len); i++)                                    \
+        (dst)[i] = (src)[i] ^ b[i];                                 \
+    } while (0)
+
+/*
+ * Authenticated encryption or decryption
+ */
+static int ccm_auth_crypt(mbedtls_ccm_context *ctx, int mode, size_t length,
+                          const unsigned char *iv, size_t iv_len,
+                          const unsigned char *add, size_t add_len,
+                          const unsigned char *input, unsigned char *output,
+                          unsigned char *tag, size_t tag_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char i;
+    unsigned char q;
+    size_t len_left, olen;
+    unsigned char b[16];
+    unsigned char y[16];
+    unsigned char ctr[16];
+    const unsigned char *src;
+    unsigned char *dst;
+
+    /*
+     * Check length requirements: SP800-38C A.1
+     * Additional requirement: a < 2^16 - 2^8 to simplify the code.
+     * 'length' checked later (when writing it to the first block)
+     *
+     * Also, loosen the requirements to enable support for CCM* (IEEE 802.15.4).
+     */
+    if (tag_len == 2 || tag_len > 16 || tag_len % 2 != 0) {
+        return MBEDTLS_ERR_CCM_BAD_INPUT;
+    }
+
+    /* Also implies q is within bounds */
+    if (iv_len < 7 || iv_len > 13) {
+        return MBEDTLS_ERR_CCM_BAD_INPUT;
+    }
+
+    if (add_len >= 0xFF00) {
+        return MBEDTLS_ERR_CCM_BAD_INPUT;
+    }
+
+    q = 16 - 1 - (unsigned char) iv_len;
+
+    /*
+     * First block B_0:
+     * 0        .. 0        flags
+     * 1        .. iv_len   nonce (aka iv)
+     * iv_len+1 .. 15       length
+     *
+     * With flags as (bits):
+     * 7        0
+     * 6        add present?
+     * 5 .. 3   (t - 2) / 2
+     * 2 .. 0   q - 1
+     */
+    b[0] = 0;
+    b[0] |= (add_len > 0) << 6;
+    b[0] |= ((tag_len - 2) / 2) << 3;
+    b[0] |= q - 1;
+
+    memcpy(b + 1, iv, iv_len);
+
+    for (i = 0, len_left = length; i < q; i++, len_left >>= 8) {
+        b[15-i] = MBEDTLS_BYTE_0(len_left);
+    }
+
+    if (len_left > 0) {
+        return MBEDTLS_ERR_CCM_BAD_INPUT;
+    }
+
+
+    /* Start CBC-MAC with first block */
+    memset(y, 0, 16);
+    UPDATE_CBC_MAC;
+
+    /*
+     * If there is additional data, update CBC-MAC with
+     * add_len, add, 0 (padding to a block boundary)
+     */
+    if (add_len > 0) {
+        size_t use_len;
+        len_left = add_len;
+        src = add;
+
+        memset(b, 0, 16);
+        MBEDTLS_PUT_UINT16_BE(add_len, b, 0);
+
+        use_len = len_left < 16 - 2 ? len_left : 16 - 2;
+        memcpy(b + 2, src, use_len);
+        len_left -= use_len;
+        src += use_len;
+
+        UPDATE_CBC_MAC;
+
+        while (len_left > 0) {
+            use_len = len_left > 16 ? 16 : len_left;
+
+            memset(b, 0, 16);
+            memcpy(b, src, use_len);
+            UPDATE_CBC_MAC;
+
+            len_left -= use_len;
+            src += use_len;
+        }
+    }
+
+    /*
+     * Prepare counter block for encryption:
+     * 0        .. 0        flags
+     * 1        .. iv_len   nonce (aka iv)
+     * iv_len+1 .. 15       counter (initially 1)
+     *
+     * With flags as (bits):
+     * 7 .. 3   0
+     * 2 .. 0   q - 1
+     */
+    ctr[0] = q - 1;
+    memcpy(ctr + 1, iv, iv_len);
+    memset(ctr + 1 + iv_len, 0, q);
+    ctr[15] = 1;
+
+    /*
+     * Authenticate and {en,de}crypt the message.
+     *
+     * The only difference between encryption and decryption is
+     * the respective order of authentication and {en,de}cryption.
+     */
+    len_left = length;
+    src = input;
+    dst = output;
+
+    while (len_left > 0) {
+        size_t use_len = len_left > 16 ? 16 : len_left;
+
+        if (mode == CCM_ENCRYPT) {
+            memset(b, 0, 16);
+            memcpy(b, src, use_len);
+            UPDATE_CBC_MAC;
+        }
+
+        CTR_CRYPT(dst, src, use_len);
+
+        if (mode == CCM_DECRYPT) {
+            memset(b, 0, 16);
+            memcpy(b, dst, use_len);
+            UPDATE_CBC_MAC;
+        }
+
+        dst += use_len;
+        src += use_len;
+        len_left -= use_len;
+
+        /*
+         * Increment counter.
+         * No need to check for overflow thanks to the length check above.
+         */
+        for (i = 0; i < q; i++) {
+            if (++ctr[15-i] != 0) {
+                break;
+            }
+        }
+    }
+
+    /*
+     * Authentication: reset counter and crypt/mask internal tag
+     */
+    for (i = 0; i < q; i++) {
+        ctr[15-i] = 0;
+    }
+
+    CTR_CRYPT(y, y, 16);
+    memcpy(tag, y, tag_len);
+
+    return 0;
+}
+
+/*
+ * Authenticated encryption
+ */
+int mbedtls_ccm_star_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length,
+                                     const unsigned char *iv, size_t iv_len,
+                                     const unsigned char *add, size_t add_len,
+                                     const unsigned char *input, unsigned char *output,
+                                     unsigned char *tag, size_t tag_len)
+{
+    CCM_VALIDATE_RET(ctx != NULL);
+    CCM_VALIDATE_RET(iv != NULL);
+    CCM_VALIDATE_RET(add_len == 0 || add != NULL);
+    CCM_VALIDATE_RET(length == 0 || input != NULL);
+    CCM_VALIDATE_RET(length == 0 || output != NULL);
+    CCM_VALIDATE_RET(tag_len == 0 || tag != NULL);
+    return ccm_auth_crypt(ctx, CCM_ENCRYPT, length, iv, iv_len,
+                          add, add_len, input, output, tag, tag_len);
+}
+
+int mbedtls_ccm_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length,
+                                const unsigned char *iv, size_t iv_len,
+                                const unsigned char *add, size_t add_len,
+                                const unsigned char *input, unsigned char *output,
+                                unsigned char *tag, size_t tag_len)
+{
+    CCM_VALIDATE_RET(ctx != NULL);
+    CCM_VALIDATE_RET(iv != NULL);
+    CCM_VALIDATE_RET(add_len == 0 || add != NULL);
+    CCM_VALIDATE_RET(length == 0 || input != NULL);
+    CCM_VALIDATE_RET(length == 0 || output != NULL);
+    CCM_VALIDATE_RET(tag_len == 0 || tag != NULL);
+    if (tag_len == 0) {
+        return MBEDTLS_ERR_CCM_BAD_INPUT;
+    }
+
+    return mbedtls_ccm_star_encrypt_and_tag(ctx, length, iv, iv_len, add,
+                                            add_len, input, output, tag, tag_len);
+}
+
+/*
+ * Authenticated decryption
+ */
+int mbedtls_ccm_star_auth_decrypt(mbedtls_ccm_context *ctx, size_t length,
+                                  const unsigned char *iv, size_t iv_len,
+                                  const unsigned char *add, size_t add_len,
+                                  const unsigned char *input, unsigned char *output,
+                                  const unsigned char *tag, size_t tag_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char check_tag[16];
+    int diff;
+
+    CCM_VALIDATE_RET(ctx != NULL);
+    CCM_VALIDATE_RET(iv != NULL);
+    CCM_VALIDATE_RET(add_len == 0 || add != NULL);
+    CCM_VALIDATE_RET(length == 0 || input != NULL);
+    CCM_VALIDATE_RET(length == 0 || output != NULL);
+    CCM_VALIDATE_RET(tag_len == 0 || tag != NULL);
+
+    if ((ret = ccm_auth_crypt(ctx, CCM_DECRYPT, length,
+                              iv, iv_len, add, add_len,
+                              input, output, check_tag, tag_len)) != 0) {
+        return ret;
+    }
+
+    /* Check tag in "constant-time" */
+    diff = mbedtls_ct_memcmp(tag, check_tag, tag_len);
+
+    if (diff != 0) {
+        mbedtls_platform_zeroize(output, length);
+        return MBEDTLS_ERR_CCM_AUTH_FAILED;
+    }
+
+    return 0;
+}
+
+int mbedtls_ccm_auth_decrypt(mbedtls_ccm_context *ctx, size_t length,
+                             const unsigned char *iv, size_t iv_len,
+                             const unsigned char *add, size_t add_len,
+                             const unsigned char *input, unsigned char *output,
+                             const unsigned char *tag, size_t tag_len)
+{
+    CCM_VALIDATE_RET(ctx != NULL);
+    CCM_VALIDATE_RET(iv != NULL);
+    CCM_VALIDATE_RET(add_len == 0 || add != NULL);
+    CCM_VALIDATE_RET(length == 0 || input != NULL);
+    CCM_VALIDATE_RET(length == 0 || output != NULL);
+    CCM_VALIDATE_RET(tag_len == 0 || tag != NULL);
+
+    if (tag_len == 0) {
+        return MBEDTLS_ERR_CCM_BAD_INPUT;
+    }
+
+    return mbedtls_ccm_star_auth_decrypt(ctx, length, iv, iv_len, add,
+                                         add_len, input, output, tag, tag_len);
+}
+#endif /* !MBEDTLS_CCM_ALT */
+
+#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
+/*
+ * Examples 1 to 3 from SP800-38C Appendix C
+ */
+
+#define NB_TESTS 3
+#define CCM_SELFTEST_PT_MAX_LEN 24
+#define CCM_SELFTEST_CT_MAX_LEN 32
+/*
+ * The data is the same for all tests, only the used length changes
+ */
+static const unsigned char key_test_data[] = {
+    0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
+    0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f
+};
+
+static const unsigned char iv_test_data[] = {
+    0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+    0x18, 0x19, 0x1a, 0x1b
+};
+
+static const unsigned char ad_test_data[] = {
+    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+    0x10, 0x11, 0x12, 0x13
+};
+
+static const unsigned char msg_test_data[CCM_SELFTEST_PT_MAX_LEN] = {
+    0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+    0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
+    0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
+};
+
+static const size_t iv_len_test_data[NB_TESTS] = { 7, 8,  12 };
+static const size_t add_len_test_data[NB_TESTS] = { 8, 16, 20 };
+static const size_t msg_len_test_data[NB_TESTS] = { 4, 16, 24 };
+static const size_t tag_len_test_data[NB_TESTS] = { 4, 6,  8  };
+
+static const unsigned char res_test_data[NB_TESTS][CCM_SELFTEST_CT_MAX_LEN] = {
+    {   0x71, 0x62, 0x01, 0x5b, 0x4d, 0xac, 0x25, 0x5d },
+    {   0xd2, 0xa1, 0xf0, 0xe0, 0x51, 0xea, 0x5f, 0x62,
+        0x08, 0x1a, 0x77, 0x92, 0x07, 0x3d, 0x59, 0x3d,
+        0x1f, 0xc6, 0x4f, 0xbf, 0xac, 0xcd },
+    {   0xe3, 0xb2, 0x01, 0xa9, 0xf5, 0xb7, 0x1a, 0x7a,
+        0x9b, 0x1c, 0xea, 0xec, 0xcd, 0x97, 0xe7, 0x0b,
+        0x61, 0x76, 0xaa, 0xd9, 0xa4, 0x42, 0x8a, 0xa5,
+        0x48, 0x43, 0x92, 0xfb, 0xc1, 0xb0, 0x99, 0x51 }
+};
+
+int mbedtls_ccm_self_test(int verbose)
+{
+    mbedtls_ccm_context ctx;
+    /*
+     * Some hardware accelerators require the input and output buffers
+     * would be in RAM, because the flash is not accessible.
+     * Use buffers on the stack to hold the test vectors data.
+     */
+    unsigned char plaintext[CCM_SELFTEST_PT_MAX_LEN];
+    unsigned char ciphertext[CCM_SELFTEST_CT_MAX_LEN];
+    size_t i;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    mbedtls_ccm_init(&ctx);
+
+    if (mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, key_test_data,
+                           8 * sizeof(key_test_data)) != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("  CCM: setup failed");
+        }
+
+        return 1;
+    }
+
+    for (i = 0; i < NB_TESTS; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  CCM-AES #%u: ", (unsigned int) i + 1);
+        }
+
+        memset(plaintext, 0, CCM_SELFTEST_PT_MAX_LEN);
+        memset(ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN);
+        memcpy(plaintext, msg_test_data, msg_len_test_data[i]);
+
+        ret = mbedtls_ccm_encrypt_and_tag(&ctx, msg_len_test_data[i],
+                                          iv_test_data, iv_len_test_data[i],
+                                          ad_test_data, add_len_test_data[i],
+                                          plaintext, ciphertext,
+                                          ciphertext + msg_len_test_data[i],
+                                          tag_len_test_data[i]);
+
+        if (ret != 0 ||
+            memcmp(ciphertext, res_test_data[i],
+                   msg_len_test_data[i] + tag_len_test_data[i]) != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
+
+            return 1;
+        }
+        memset(plaintext, 0, CCM_SELFTEST_PT_MAX_LEN);
+
+        ret = mbedtls_ccm_auth_decrypt(&ctx, msg_len_test_data[i],
+                                       iv_test_data, iv_len_test_data[i],
+                                       ad_test_data, add_len_test_data[i],
+                                       ciphertext, plaintext,
+                                       ciphertext + msg_len_test_data[i],
+                                       tag_len_test_data[i]);
+
+        if (ret != 0 ||
+            memcmp(plaintext, msg_test_data, msg_len_test_data[i]) != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
+
+            return 1;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    mbedtls_ccm_free(&ctx);
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+    return 0;
+}
+
+#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
+
+#endif /* MBEDTLS_CCM_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/certs.c b/3rdparty/mbedtls-2.28.7/library/certs.c
new file mode 100644
index 0000000..79856cd
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/certs.c
@@ -0,0 +1,1734 @@
+/*
+ *  X.509 test certificates
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#include "mbedtls/certs.h"
+
+#if defined(MBEDTLS_CERTS_C)
+
+/*
+ * Test CA Certificates
+ *
+ * We define test CA certificates for each choice of the following parameters:
+ * - PEM or DER encoding
+ * - SHA-1 or SHA-256 hash
+ * - RSA or EC key
+ *
+ * Things to add:
+ * - multiple EC curve types
+ *
+ */
+
+/* This is taken from tests/data_files/test-ca2.crt */
+/* BEGIN FILE string macro TEST_CA_CRT_EC_PEM tests/data_files/test-ca2.crt */
+#define TEST_CA_CRT_EC_PEM                                                     \
+    "-----BEGIN CERTIFICATE-----\r\n"                                          \
+    "MIICBDCCAYigAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE\r\n"     \
+    "BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0\r\n"     \
+    "IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE\r\n"     \
+    "BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0\r\n"     \
+    "IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO\r\n"     \
+    "4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK\r\n"     \
+    "6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1AwTjAMBgNVHRMEBTADAQH/\r\n"     \
+    "MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSdbSAk\r\n"     \
+    "SQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMFHKrjAPpHB0BN1a\r\n"     \
+    "LH8TwcJ3vh0AxeKZj30mRdOKBmg/jLS3rU3g8VQBHpn8sOTTBwIxANxPO5AerimZ\r\n"     \
+    "hCjMe0d4CTHf1gFZMF70+IqEP+o5VHsIp2Cqvflb0VGWFC5l9a4cQg==\r\n"             \
+    "-----END CERTIFICATE-----\r\n"
+/* END FILE */
+
+/* This is generated from tests/data_files/test-ca2.crt.der using `xxd -i`. */
+/* BEGIN FILE binary macro TEST_CA_CRT_EC_DER tests/data_files/test-ca2.crt.der */
+#define TEST_CA_CRT_EC_DER {                                                    \
+        0x30, 0x82, 0x02, 0x04, 0x30, 0x82, 0x01, 0x88, 0xa0, 0x03, 0x02, 0x01, \
+        0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, \
+        0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, \
+        0x05, 0x00, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, \
+        0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, \
+        0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \
+        0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50, \
+        0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, \
+        0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x39, \
+        0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, 0x5a, 0x17, \
+        0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, \
+        0x30, 0x5a, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, \
+        0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, \
+        0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \
+        0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50, \
+        0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, \
+        0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, \
+        0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, \
+        0x00, 0x22, 0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37, \
+        0x58, 0x2f, 0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e, \
+        0xe0, 0x6e, 0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4, \
+        0x91, 0x95, 0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc, \
+        0x1a, 0x95, 0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf, \
+        0xd6, 0x6a, 0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca, \
+        0xe8, 0xb2, 0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75, \
+        0xa7, 0x47, 0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20, \
+        0xb4, 0x66, 0x16, 0x60, 0x33, 0x1e, 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x0c, \
+        0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, \
+        0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x9d, \
+        0x6d, 0x20, 0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, \
+        0x7e, 0x24, 0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x1f, 0x06, 0x03, 0x55, \
+        0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, \
+        0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, \
+        0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \
+        0x3d, 0x04, 0x03, 0x02, 0x05, 0x00, 0x03, 0x68, 0x00, 0x30, 0x65, 0x02, \
+        0x30, 0x51, 0xca, 0xae, 0x30, 0x0f, 0xa4, 0x70, 0x74, 0x04, 0xdd, 0x5a, \
+        0x2c, 0x7f, 0x13, 0xc1, 0xc2, 0x77, 0xbe, 0x1d, 0x00, 0xc5, 0xe2, 0x99, \
+        0x8f, 0x7d, 0x26, 0x45, 0xd3, 0x8a, 0x06, 0x68, 0x3f, 0x8c, 0xb4, 0xb7, \
+        0xad, 0x4d, 0xe0, 0xf1, 0x54, 0x01, 0x1e, 0x99, 0xfc, 0xb0, 0xe4, 0xd3, \
+        0x07, 0x02, 0x31, 0x00, 0xdc, 0x4f, 0x3b, 0x90, 0x1e, 0xae, 0x29, 0x99, \
+        0x84, 0x28, 0xcc, 0x7b, 0x47, 0x78, 0x09, 0x31, 0xdf, 0xd6, 0x01, 0x59, \
+        0x30, 0x5e, 0xf4, 0xf8, 0x8a, 0x84, 0x3f, 0xea, 0x39, 0x54, 0x7b, 0x08, \
+        0xa7, 0x60, 0xaa, 0xbd, 0xf9, 0x5b, 0xd1, 0x51, 0x96, 0x14, 0x2e, 0x65, \
+        0xf5, 0xae, 0x1c, 0x42                                                  \
+}
+/* END FILE */
+
+/* This is taken from tests/data_files/test-ca2.key.enc */
+/* BEGIN FILE string macro TEST_CA_KEY_EC_PEM tests/data_files/test-ca2.key.enc */
+#define TEST_CA_KEY_EC_PEM                                                 \
+    "-----BEGIN EC PRIVATE KEY-----\r\n"                                   \
+    "Proc-Type: 4,ENCRYPTED\r\n"                                           \
+    "DEK-Info: DES-EDE3-CBC,307EAB469933D64E\r\n"                          \
+    "\r\n"                                                                 \
+    "IxbrRmKcAzctJqPdTQLA4SWyBYYGYJVkYEna+F7Pa5t5Yg/gKADrFKcm6B72e7DG\r\n" \
+    "ihExtZI648s0zdYw6qSJ74vrPSuWDe5qm93BqsfVH9svtCzWHW0pm1p0KTBCFfUq\r\n" \
+    "UsuWTITwJImcnlAs1gaRZ3sAWm7cOUidL0fo2G0fYUFNcYoCSLffCFTEHBuPnagb\r\n" \
+    "a77x/sY1Bvii8S9/XhDTb6pTMx06wzrm\r\n"                                 \
+    "-----END EC PRIVATE KEY-----\r\n"
+/* END FILE */
+
+#define TEST_CA_PWD_EC_PEM "PolarSSLTest"
+
+/* This is generated from tests/data_files/test-ca2.key.der using `xxd -i`. */
+/* BEGIN FILE binary macro TEST_CA_KEY_EC_DER tests/data_files/test-ca2.key.der */
+#define TEST_CA_KEY_EC_DER {                                                 \
+        0x30, 0x81, 0xa4, 0x02, 0x01, 0x01, 0x04, 0x30, 0x83, 0xd9, 0x15, 0x0e,  \
+        0xa0, 0x71, 0xf0, 0x57, 0x10, 0x33, 0xa3, 0x38, 0xb8, 0x86, 0xc1, 0xa6,  \
+        0x11, 0x5d, 0x6d, 0xb4, 0x03, 0xe1, 0x29, 0x76, 0x45, 0xd7, 0x87, 0x6f,  \
+        0x23, 0xab, 0x44, 0x20, 0xea, 0x64, 0x7b, 0x85, 0xb1, 0x76, 0xe7, 0x85,  \
+        0x95, 0xaa, 0x74, 0xd6, 0xd1, 0xa4, 0x5e, 0xea, 0xa0, 0x07, 0x06, 0x05,  \
+        0x2b, 0x81, 0x04, 0x00, 0x22, 0xa1, 0x64, 0x03, 0x62, 0x00, 0x04, 0xc3,  \
+        0xda, 0x2b, 0x34, 0x41, 0x37, 0x58, 0x2f, 0x87, 0x56, 0xfe, 0xfc, 0x89,  \
+        0xba, 0x29, 0x43, 0x4b, 0x4e, 0xe0, 0x6e, 0xc3, 0x0e, 0x57, 0x53, 0x33,  \
+        0x39, 0x58, 0xd4, 0x52, 0xb4, 0x91, 0x95, 0x39, 0x0b, 0x23, 0xdf, 0x5f,  \
+        0x17, 0x24, 0x62, 0x48, 0xfc, 0x1a, 0x95, 0x29, 0xce, 0x2c, 0x2d, 0x87,  \
+        0xc2, 0x88, 0x52, 0x80, 0xaf, 0xd6, 0x6a, 0xab, 0x21, 0xdd, 0xb8, 0xd3,  \
+        0x1c, 0x6e, 0x58, 0xb8, 0xca, 0xe8, 0xb2, 0x69, 0x8e, 0xf3, 0x41, 0xad,  \
+        0x29, 0xc3, 0xb4, 0x5f, 0x75, 0xa7, 0x47, 0x6f, 0xd5, 0x19, 0x29, 0x55,  \
+        0x69, 0x9a, 0x53, 0x3b, 0x20, 0xb4, 0x66, 0x16, 0x60, 0x33, 0x1e         \
+}
+/* END FILE */
+
+/* This is taken from tests/data_files/test-ca-sha256.crt. */
+/* BEGIN FILE string macro TEST_CA_CRT_RSA_SHA256_PEM tests/data_files/test-ca-sha256.crt */
+#define TEST_CA_CRT_RSA_SHA256_PEM                                         \
+    "-----BEGIN CERTIFICATE-----\r\n"                                      \
+    "MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \
+    "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \
+    "MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G\r\n" \
+    "A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n" \
+    "CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n" \
+    "mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n" \
+    "50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n" \
+    "YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n" \
+    "R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n" \
+    "KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n" \
+    "UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/\r\n" \
+    "MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBCwUA\r\n" \
+    "A4IBAQA4qFSCth2q22uJIdE4KGHJsJjVEfw2/xn+MkTvCMfxVrvmRvqCtjE4tKDl\r\n" \
+    "oK4MxFOek07oDZwvtAT9ijn1hHftTNS7RH9zd/fxNpfcHnMZXVC4w4DNA1fSANtW\r\n" \
+    "5sY1JB5Je9jScrsLSS+mAjyv0Ow3Hb2Bix8wu7xNNrV5fIf7Ubm+wt6SqEBxu3Kb\r\n" \
+    "+EfObAT4huf3czznhH3C17ed6NSbXwoXfby7stWUDeRJv08RaFOykf/Aae7bY5PL\r\n" \
+    "yTVrkAnikMntJ9YI+hNNYt3inqq11A5cN0+rVTst8UKCxzQ4GpvroSwPKTFkbMw4\r\n" \
+    "/anT1dVxr/BtwJfiESoK3/4CeXR1\r\n"                                     \
+    "-----END CERTIFICATE-----\r\n"
+/* END FILE */
+
+/* This is generated from tests/data_files/test-ca-sha256.crt.der
+ * using `xxd -i`. */
+/* BEGIN FILE binary macro TEST_CA_CRT_RSA_SHA256_DER tests/data_files/test-ca-sha256.crt.der */
+#define TEST_CA_CRT_RSA_SHA256_DER {                                         \
+        0x30, 0x82, 0x03, 0x41, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01,    \
+        0x02, 0x02, 0x01, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,    \
+        0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30,    \
+        0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11,    \
+        0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c,    \
+        0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55,    \
+        0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c,    \
+        0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d,    \
+        0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30,    \
+        0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34,    \
+        0x34, 0x30, 0x30, 0x5a, 0x30, 0x3b, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,    \
+        0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06,    \
+        0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53,    \
+        0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,    \
+        0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x54, 0x65,    \
+        0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06,    \
+        0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00,    \
+        0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01,    \
+        0x01, 0x00, 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f,    \
+        0x86, 0xde, 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1,    \
+        0x99, 0xd4, 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec,    \
+        0x9b, 0xc5, 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b,    \
+        0xc0, 0x8d, 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9,    \
+        0x93, 0xe8, 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2,    \
+        0xe7, 0x40, 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40,    \
+        0xf9, 0x3e, 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8,    \
+        0x29, 0x00, 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1,    \
+        0xbd, 0x83, 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27,    \
+        0x60, 0xc3, 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84,    \
+        0x32, 0xbe, 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5,    \
+        0xfb, 0xf5, 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e,    \
+        0xee, 0xe2, 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb,    \
+        0x47, 0xb1, 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab,    \
+        0xf1, 0x79, 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62,    \
+        0x6f, 0x27, 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37,    \
+        0xa1, 0x30, 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e,    \
+        0x28, 0xd1, 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64,    \
+        0x09, 0xea, 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b,    \
+        0xc9, 0xab, 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32,    \
+        0x9e, 0x99, 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3,    \
+        0x50, 0x30, 0x4e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05,    \
+        0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e,    \
+        0x04, 0x16, 0x04, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52,    \
+        0xf6, 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff,    \
+        0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80,    \
+        0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5,    \
+        0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06,    \
+        0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00,    \
+        0x03, 0x82, 0x01, 0x01, 0x00, 0x38, 0xa8, 0x54, 0x82, 0xb6, 0x1d, 0xaa,    \
+        0xdb, 0x6b, 0x89, 0x21, 0xd1, 0x38, 0x28, 0x61, 0xc9, 0xb0, 0x98, 0xd5,    \
+        0x11, 0xfc, 0x36, 0xff, 0x19, 0xfe, 0x32, 0x44, 0xef, 0x08, 0xc7, 0xf1,    \
+        0x56, 0xbb, 0xe6, 0x46, 0xfa, 0x82, 0xb6, 0x31, 0x38, 0xb4, 0xa0, 0xe5,    \
+        0xa0, 0xae, 0x0c, 0xc4, 0x53, 0x9e, 0x93, 0x4e, 0xe8, 0x0d, 0x9c, 0x2f,    \
+        0xb4, 0x04, 0xfd, 0x8a, 0x39, 0xf5, 0x84, 0x77, 0xed, 0x4c, 0xd4, 0xbb,    \
+        0x44, 0x7f, 0x73, 0x77, 0xf7, 0xf1, 0x36, 0x97, 0xdc, 0x1e, 0x73, 0x19,    \
+        0x5d, 0x50, 0xb8, 0xc3, 0x80, 0xcd, 0x03, 0x57, 0xd2, 0x00, 0xdb, 0x56,    \
+        0xe6, 0xc6, 0x35, 0x24, 0x1e, 0x49, 0x7b, 0xd8, 0xd2, 0x72, 0xbb, 0x0b,    \
+        0x49, 0x2f, 0xa6, 0x02, 0x3c, 0xaf, 0xd0, 0xec, 0x37, 0x1d, 0xbd, 0x81,    \
+        0x8b, 0x1f, 0x30, 0xbb, 0xbc, 0x4d, 0x36, 0xb5, 0x79, 0x7c, 0x87, 0xfb,    \
+        0x51, 0xb9, 0xbe, 0xc2, 0xde, 0x92, 0xa8, 0x40, 0x71, 0xbb, 0x72, 0x9b,    \
+        0xf8, 0x47, 0xce, 0x6c, 0x04, 0xf8, 0x86, 0xe7, 0xf7, 0x73, 0x3c, 0xe7,    \
+        0x84, 0x7d, 0xc2, 0xd7, 0xb7, 0x9d, 0xe8, 0xd4, 0x9b, 0x5f, 0x0a, 0x17,    \
+        0x7d, 0xbc, 0xbb, 0xb2, 0xd5, 0x94, 0x0d, 0xe4, 0x49, 0xbf, 0x4f, 0x11,    \
+        0x68, 0x53, 0xb2, 0x91, 0xff, 0xc0, 0x69, 0xee, 0xdb, 0x63, 0x93, 0xcb,    \
+        0xc9, 0x35, 0x6b, 0x90, 0x09, 0xe2, 0x90, 0xc9, 0xed, 0x27, 0xd6, 0x08,    \
+        0xfa, 0x13, 0x4d, 0x62, 0xdd, 0xe2, 0x9e, 0xaa, 0xb5, 0xd4, 0x0e, 0x5c,    \
+        0x37, 0x4f, 0xab, 0x55, 0x3b, 0x2d, 0xf1, 0x42, 0x82, 0xc7, 0x34, 0x38,    \
+        0x1a, 0x9b, 0xeb, 0xa1, 0x2c, 0x0f, 0x29, 0x31, 0x64, 0x6c, 0xcc, 0x38,    \
+        0xfd, 0xa9, 0xd3, 0xd5, 0xd5, 0x71, 0xaf, 0xf0, 0x6d, 0xc0, 0x97, 0xe2,    \
+        0x11, 0x2a, 0x0a, 0xdf, 0xfe, 0x02, 0x79, 0x74, 0x75                       \
+}
+/* END FILE */
+
+/* This is taken from tests/data_files/test-ca-sha1.crt. */
+/* BEGIN FILE string macro TEST_CA_CRT_RSA_SHA1_PEM tests/data_files/test-ca-sha1.crt */
+#define TEST_CA_CRT_RSA_SHA1_PEM                                           \
+    "-----BEGIN CERTIFICATE-----\r\n"                                      \
+    "MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \
+    "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \
+    "MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G\r\n" \
+    "A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n" \
+    "CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n" \
+    "mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n" \
+    "50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n" \
+    "YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n" \
+    "R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n" \
+    "KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n" \
+    "UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/\r\n" \
+    "MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA\r\n" \
+    "A4IBAQABE3OEPfEd/bcJW5ZdU3/VgPNS4tMzh8gnJP/V2FcvFtGylMpQq6YnEBYI\r\n" \
+    "yBHAL4DRvlMY5rnXGBp3ODR8MpqHC6AquRTCLzjS57iYff//4QFQqW9n92zctspv\r\n" \
+    "czkaPKgjqo1No3Uq0Xaz10rcxyTUPrf5wNVRZ2V0KvllvAAVSzbI4mpdUXztjhST\r\n" \
+    "S5A2BeWQAAOr0zq1F7TSRVJpJs7jmB2ai/igkh1IAjcuwV6VwlP+sbw0gjQ0NpGM\r\n" \
+    "iHpnlzRAi/tIbtOvMIGOBU2TIfax/5jq1agUx5aPmT5TWAiJPOOP6l5xXnDwxeYS\r\n" \
+    "NWqiX9GyusBZjezaCaHabjDLU0qQ\r\n"                                     \
+    "-----END CERTIFICATE-----\r\n"
+/* END FILE */
+
+/* This is taken from tests/data_files/test-ca-sha1.crt.der. */
+/* BEGIN FILE binary macro TEST_CA_CRT_RSA_SHA1_DER tests/data_files/test-ca-sha1.crt.der */
+#define TEST_CA_CRT_RSA_SHA1_DER {                                           \
+        0x30, 0x82, 0x03, 0x41, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01,  \
+        0x02, 0x02, 0x01, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,  \
+        0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30,  \
+        0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11,  \
+        0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c,  \
+        0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55,  \
+        0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c,  \
+        0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d,  \
+        0x31, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30,  \
+        0x5a, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34,  \
+        0x34, 0x30, 0x30, 0x5a, 0x30, 0x3b, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,  \
+        0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06,  \
+        0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53,  \
+        0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,  \
+        0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x54, 0x65,  \
+        0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06,  \
+        0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00,  \
+        0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01,  \
+        0x01, 0x00, 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f,  \
+        0x86, 0xde, 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1,  \
+        0x99, 0xd4, 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec,  \
+        0x9b, 0xc5, 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b,  \
+        0xc0, 0x8d, 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9,  \
+        0x93, 0xe8, 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2,  \
+        0xe7, 0x40, 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40,  \
+        0xf9, 0x3e, 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8,  \
+        0x29, 0x00, 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1,  \
+        0xbd, 0x83, 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27,  \
+        0x60, 0xc3, 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84,  \
+        0x32, 0xbe, 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5,  \
+        0xfb, 0xf5, 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e,  \
+        0xee, 0xe2, 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb,  \
+        0x47, 0xb1, 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab,  \
+        0xf1, 0x79, 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62,  \
+        0x6f, 0x27, 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37,  \
+        0xa1, 0x30, 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e,  \
+        0x28, 0xd1, 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64,  \
+        0x09, 0xea, 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b,  \
+        0xc9, 0xab, 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32,  \
+        0x9e, 0x99, 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3,  \
+        0x50, 0x30, 0x4e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05,  \
+        0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e,  \
+        0x04, 0x16, 0x04, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52,  \
+        0xf6, 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff,  \
+        0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80,  \
+        0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5,  \
+        0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06,  \
+        0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00,  \
+        0x03, 0x82, 0x01, 0x01, 0x00, 0x01, 0x13, 0x73, 0x84, 0x3d, 0xf1, 0x1d,  \
+        0xfd, 0xb7, 0x09, 0x5b, 0x96, 0x5d, 0x53, 0x7f, 0xd5, 0x80, 0xf3, 0x52,  \
+        0xe2, 0xd3, 0x33, 0x87, 0xc8, 0x27, 0x24, 0xff, 0xd5, 0xd8, 0x57, 0x2f,  \
+        0x16, 0xd1, 0xb2, 0x94, 0xca, 0x50, 0xab, 0xa6, 0x27, 0x10, 0x16, 0x08,  \
+        0xc8, 0x11, 0xc0, 0x2f, 0x80, 0xd1, 0xbe, 0x53, 0x18, 0xe6, 0xb9, 0xd7,  \
+        0x18, 0x1a, 0x77, 0x38, 0x34, 0x7c, 0x32, 0x9a, 0x87, 0x0b, 0xa0, 0x2a,  \
+        0xb9, 0x14, 0xc2, 0x2f, 0x38, 0xd2, 0xe7, 0xb8, 0x98, 0x7d, 0xff, 0xff,  \
+        0xe1, 0x01, 0x50, 0xa9, 0x6f, 0x67, 0xf7, 0x6c, 0xdc, 0xb6, 0xca, 0x6f,  \
+        0x73, 0x39, 0x1a, 0x3c, 0xa8, 0x23, 0xaa, 0x8d, 0x4d, 0xa3, 0x75, 0x2a,  \
+        0xd1, 0x76, 0xb3, 0xd7, 0x4a, 0xdc, 0xc7, 0x24, 0xd4, 0x3e, 0xb7, 0xf9,  \
+        0xc0, 0xd5, 0x51, 0x67, 0x65, 0x74, 0x2a, 0xf9, 0x65, 0xbc, 0x00, 0x15,  \
+        0x4b, 0x36, 0xc8, 0xe2, 0x6a, 0x5d, 0x51, 0x7c, 0xed, 0x8e, 0x14, 0x93,  \
+        0x4b, 0x90, 0x36, 0x05, 0xe5, 0x90, 0x00, 0x03, 0xab, 0xd3, 0x3a, 0xb5,  \
+        0x17, 0xb4, 0xd2, 0x45, 0x52, 0x69, 0x26, 0xce, 0xe3, 0x98, 0x1d, 0x9a,  \
+        0x8b, 0xf8, 0xa0, 0x92, 0x1d, 0x48, 0x02, 0x37, 0x2e, 0xc1, 0x5e, 0x95,  \
+        0xc2, 0x53, 0xfe, 0xb1, 0xbc, 0x34, 0x82, 0x34, 0x34, 0x36, 0x91, 0x8c,  \
+        0x88, 0x7a, 0x67, 0x97, 0x34, 0x40, 0x8b, 0xfb, 0x48, 0x6e, 0xd3, 0xaf,  \
+        0x30, 0x81, 0x8e, 0x05, 0x4d, 0x93, 0x21, 0xf6, 0xb1, 0xff, 0x98, 0xea,  \
+        0xd5, 0xa8, 0x14, 0xc7, 0x96, 0x8f, 0x99, 0x3e, 0x53, 0x58, 0x08, 0x89,  \
+        0x3c, 0xe3, 0x8f, 0xea, 0x5e, 0x71, 0x5e, 0x70, 0xf0, 0xc5, 0xe6, 0x12,  \
+        0x35, 0x6a, 0xa2, 0x5f, 0xd1, 0xb2, 0xba, 0xc0, 0x59, 0x8d, 0xec, 0xda,  \
+        0x09, 0xa1, 0xda, 0x6e, 0x30, 0xcb, 0x53, 0x4a, 0x90                     \
+}
+/* END FILE */
+
+/* This is taken from tests/data_files/test-ca.key */
+/* BEGIN FILE string macro TEST_CA_KEY_RSA_PEM tests/data_files/test-ca.key */
+#define TEST_CA_KEY_RSA_PEM                                                \
+    "-----BEGIN RSA PRIVATE KEY-----\r\n"                                  \
+    "Proc-Type: 4,ENCRYPTED\r\n"                                           \
+    "AES-128-CBC,781840E6B804AE83D2AF71127C4CE314\r\n"                          \
+    "\r\n"                                                                 \
+    "etQ3xgGLbuYF9vR1km03TH5fwfly1hOlix0PtfQ+t9HG065vTtSEHYc/OyHwdy79\r\n" \
+    "NCLX5RUrPh06E/XlKzMNVHAXqkwFnIwNzRLsOozeP1L7iZEZb9QMeiN5Org+btCO\r\n" \
+    "bylXPB4YirfuE7GSJalWY/pq3FQtD33zTIKmNhXfVj3sbwGI/8D9XjaKUb8PODOB\r\n" \
+    "skOalmx6RvYRvg0lmRxB3+T3wejIsrrDPweYqte9B6dVHIVG1ZmvoA6/wnKZZZeV\r\n" \
+    "sjj8OpL3OwUBrjuGSknE9Rs6kCuSCbHOYVK8VzcZmCYpie0TFnb3Sk8M6vjfW+45\r\n" \
+    "U7WUMlSAPxKH6lJDzWdwHqLvsVJwuNnaAaBXg9/8U/rzQEWuq8Ar3s8fw2Jg3F1G\r\n" \
+    "L6N5ZAEfCz3Sa0N9WKafR/RSQj+rq8Z3w4POAafhbzk249uo5K8B1Z3cQwLxeXIl\r\n" \
+    "UbRQz1TZy4oNTfQzCahYruPNyvwgTkfwAFFvbLAdaiJd2ZtLBoqYE64TYakYnvcC\r\n" \
+    "itim1bmySIKoxlMfBGFmMuF03epT0pSx701jlGzGi0l0m16NEjoVxDwo5j93SmiM\r\n" \
+    "sQdjC1lOGk2iCLkphIQqHFjFJYWjvh1UUIqWZf+ZWOOxlf4x9a1pUVj6FvtECxNB\r\n" \
+    "/mA/m4Iq4LAuVXHE1MpHeq067lJ6wWlrsb2WVmiNGfQ2AC7fMtpcPuunBVT9NV1m\r\n" \
+    "1rbDzIgLIWAzqz/cy3N8Q8vfxnrFtmNUyM191Zyq+YF14hIKWX9J1qR4LXwWAzVV\r\n" \
+    "UrC8IL4pA2mtRkW4qFsB0EmHAxO/cedDTPjVFty5WSzhNuvYZxX45HAkGIfK6d21\r\n" \
+    "7WHPhHG+zaaUTWMUVixB0IcKp6RecjYPFzBHS0YeX88Ue2cyT/90jMiQ9ssOgRrG\r\n" \
+    "ZJRJvZAc3TSCnY9sNPYoGrJPiZuCnlUj3ENNurYVy12ai0WFxwnNUZjRUhDS6hjm\r\n" \
+    "cDHD5TlI9MZ6M+Mb/Bw4Ig8HuTHOtQBYD9vhtXsG+B7H/j6cS+1umaKjrnG/kK4W\r\n" \
+    "R6YXwM2faAi+DwgjjoMXSzRqSTF8PdTIWbAXo3bc2qsXPTMBA8PEp4nb5scHZ4Ts\r\n" \
+    "EcBNp2jv0j4gBkRmGIab17cWMrlagjFy89DhqZUFwKdeZs+yJ92A5xstWxOUfpEP\r\n" \
+    "90T/bsp1G5d7WW5fl2TRJvYJNDM+djkKIh0zCkduiZ36oVM6nDdbjmXqjQXopeSD\r\n" \
+    "gtOourBRF8g99W0fW8QT+yPhP0Pkyz6EG8eQO6Zwh439xdoVwu9jUzQAPmZ0uNeR\r\n" \
+    "xTXXihYyv72z27rInjLiIPXL25K9eDVLlcSR3RyG7YYgjdQAL2VJDLcBz5jox1uQ\r\n" \
+    "0guoD5wmfu2FWLqYE7HeTYntdY53lCflwq0GHRMjrrsVpx+5VDQ6Yi47Ny9SWLcp\r\n" \
+    "fPI3iBkXuGRWupzs6N4pQdSO0dU28KfpMM5QvFoLIn67brCHEQij4dgFrCTYEyBX\r\n" \
+    "9+jiNImUFYUhAFuxvUbfZt4O/ABLIElvHLfJs1oYCmI/nWpvLFqXB5rnzPNfEi0H\r\n" \
+    "PGGe1Hj/t+CJIp/6ios3yNy2QtXO754TZH2UVu51Ykyig5PFjZVoUkbRvHQYcWfU\r\n" \
+    "-----END RSA PRIVATE KEY-----\r\n"
+/* END FILE */
+
+#define TEST_CA_PWD_RSA_PEM "PolarSSLTest"
+
+/* This was generated from test-ca.key.der using `xxd -i`. */
+/* BEGIN FILE binary macro TEST_CA_KEY_RSA_DER tests/data_files/test-ca.key.der */
+#define TEST_CA_KEY_RSA_DER {                                                \
+        0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,  \
+        0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, 0x86, 0xde,  \
+        0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, 0x99, 0xd4,  \
+        0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, 0x9b, 0xc5,  \
+        0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, 0xc0, 0x8d,  \
+        0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, 0x93, 0xe8,  \
+        0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, 0xe7, 0x40,  \
+        0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, 0xf9, 0x3e,  \
+        0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, 0x29, 0x00,  \
+        0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, 0xbd, 0x83,  \
+        0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, 0x60, 0xc3,  \
+        0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, 0x32, 0xbe,  \
+        0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, 0xfb, 0xf5,  \
+        0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, 0xee, 0xe2,  \
+        0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, 0x47, 0xb1,  \
+        0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, 0xf1, 0x79,  \
+        0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, 0x6f, 0x27,  \
+        0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, 0xa1, 0x30,  \
+        0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, 0x28, 0xd1,  \
+        0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, 0x09, 0xea,  \
+        0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, 0xc9, 0xab,  \
+        0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, 0x9e, 0x99,  \
+        0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,  \
+        0x00, 0x3f, 0xf7, 0x07, 0xd3, 0x34, 0x6f, 0xdb, 0xc9, 0x37, 0xb7, 0x84,  \
+        0xdc, 0x37, 0x45, 0xe1, 0x63, 0xad, 0xb8, 0xb6, 0x75, 0xb1, 0xc7, 0x35,  \
+        0xb4, 0x77, 0x2a, 0x5b, 0x77, 0xf9, 0x7e, 0xe0, 0xc1, 0xa3, 0xd1, 0xb7,  \
+        0xcb, 0xa9, 0x5a, 0xc1, 0x87, 0xda, 0x5a, 0xfa, 0x17, 0xe4, 0xd5, 0x38,  \
+        0x03, 0xde, 0x68, 0x98, 0x81, 0xec, 0xb5, 0xf2, 0x2a, 0x8d, 0xe9, 0x2c,  \
+        0xf3, 0xa6, 0xe5, 0x32, 0x17, 0x7f, 0x33, 0x81, 0xe8, 0x38, 0x72, 0xd5,  \
+        0x9c, 0xfa, 0x4e, 0xfb, 0x26, 0xf5, 0x15, 0x0b, 0xaf, 0x84, 0x66, 0xab,  \
+        0x02, 0xe0, 0x18, 0xd5, 0x91, 0x7c, 0xd6, 0x8f, 0xc9, 0x4b, 0x76, 0x08,  \
+        0x2b, 0x1d, 0x81, 0x68, 0x30, 0xe1, 0xfa, 0x70, 0x6c, 0x13, 0x4e, 0x10,  \
+        0x03, 0x35, 0x3e, 0xc5, 0xca, 0x58, 0x20, 0x8a, 0x21, 0x18, 0x38, 0xa0,  \
+        0x0f, 0xed, 0xc4, 0xbb, 0x45, 0x6f, 0xf5, 0x84, 0x5b, 0xb0, 0xcf, 0x4e,  \
+        0x9d, 0x58, 0x13, 0x6b, 0x35, 0x35, 0x69, 0xa1, 0xd2, 0xc4, 0xf2, 0xc1,  \
+        0x48, 0x04, 0x20, 0x51, 0xb9, 0x6b, 0xa4, 0x5d, 0xa5, 0x4b, 0x84, 0x88,  \
+        0x43, 0x48, 0x99, 0x2c, 0xbb, 0xa4, 0x97, 0xd6, 0xd6, 0x18, 0xf6, 0xec,  \
+        0x5c, 0xd1, 0x31, 0x49, 0xc9, 0xf2, 0x8f, 0x0b, 0x4d, 0xef, 0x09, 0x02,  \
+        0xfe, 0x7d, 0xfd, 0xbb, 0xaf, 0x2b, 0x83, 0x94, 0x22, 0xc4, 0xa7, 0x3e,  \
+        0x66, 0xf5, 0xe0, 0x57, 0xdc, 0xf2, 0xed, 0x2c, 0x3e, 0x81, 0x74, 0x76,  \
+        0x1e, 0x96, 0x6f, 0x74, 0x1e, 0x32, 0x0e, 0x14, 0x31, 0xd0, 0x74, 0xf0,  \
+        0xf4, 0x07, 0xbd, 0xc3, 0xd1, 0x22, 0xc2, 0xa8, 0x95, 0x92, 0x06, 0x7f,  \
+        0x43, 0x02, 0x91, 0xbc, 0xdd, 0x23, 0x01, 0x89, 0x94, 0x20, 0x44, 0x64,  \
+        0xf5, 0x1d, 0x67, 0xd2, 0x8f, 0xe8, 0x69, 0xa5, 0x29, 0x25, 0xe6, 0x50,  \
+        0x9c, 0xe3, 0xe9, 0xcb, 0x75, 0x02, 0x81, 0x81, 0x00, 0xe2, 0x29, 0x3e,  \
+        0xaa, 0x6b, 0xd5, 0x59, 0x1e, 0x9c, 0xe6, 0x47, 0xd5, 0xb6, 0xd7, 0xe3,  \
+        0xf1, 0x8e, 0x9e, 0xe9, 0x83, 0x5f, 0x10, 0x9f, 0x63, 0xec, 0x04, 0x44,  \
+        0xcc, 0x3f, 0xf8, 0xd9, 0x3a, 0x17, 0xe0, 0x4f, 0xfe, 0xd8, 0x4d, 0xcd,  \
+        0x46, 0x54, 0x74, 0xbf, 0x0a, 0xc4, 0x67, 0x9c, 0xa7, 0xd8, 0x89, 0x65,  \
+        0x4c, 0xfd, 0x58, 0x2a, 0x47, 0x0f, 0xf4, 0x37, 0xb6, 0x55, 0xb0, 0x1d,  \
+        0xed, 0xa7, 0x39, 0xfc, 0x4f, 0xa3, 0xc4, 0x75, 0x3a, 0xa3, 0x98, 0xa7,  \
+        0x45, 0xf5, 0x66, 0xcb, 0x7c, 0x65, 0xfb, 0x80, 0x23, 0xe6, 0xff, 0xfd,  \
+        0x99, 0x1f, 0x8e, 0x6b, 0xff, 0x5e, 0x93, 0x66, 0xdf, 0x6c, 0x6f, 0xc3,  \
+        0xf6, 0x38, 0x2e, 0xff, 0x69, 0xb5, 0xac, 0xae, 0xbb, 0xc6, 0x71, 0x16,  \
+        0x6b, 0xd0, 0xf8, 0x22, 0xd9, 0xf8, 0xa2, 0x72, 0x20, 0xd2, 0xe2, 0x3a,  \
+        0x70, 0x4b, 0xde, 0xab, 0x2f, 0x02, 0x81, 0x81, 0x00, 0xda, 0x51, 0x9b,  \
+        0xb8, 0xb2, 0x2a, 0x14, 0x75, 0x58, 0x40, 0x8d, 0x27, 0x70, 0xfa, 0x31,  \
+        0x48, 0xb0, 0x20, 0x21, 0x34, 0xfa, 0x4c, 0x57, 0xa8, 0x11, 0x88, 0xf3,  \
+        0xa7, 0xae, 0x21, 0xe9, 0xb6, 0x2b, 0xd1, 0xcd, 0xa7, 0xf8, 0xd8, 0x0c,  \
+        0x8a, 0x76, 0x22, 0x35, 0x44, 0xce, 0x3f, 0x25, 0x29, 0x83, 0x7d, 0x79,  \
+        0xa7, 0x31, 0xd6, 0xec, 0xb2, 0xbf, 0xda, 0x34, 0xb6, 0xf6, 0xb2, 0x3b,  \
+        0xf3, 0x78, 0x5a, 0x04, 0x83, 0x33, 0x3e, 0xa2, 0xe2, 0x81, 0x82, 0x13,  \
+        0xd4, 0x35, 0x17, 0x63, 0x9b, 0x9e, 0xc4, 0x8d, 0x91, 0x4c, 0x03, 0x77,  \
+        0xc7, 0x71, 0x5b, 0xee, 0x83, 0x6d, 0xd5, 0x78, 0x88, 0xf6, 0x2c, 0x79,  \
+        0xc2, 0x4a, 0xb4, 0x79, 0x90, 0x70, 0xbf, 0xdf, 0x34, 0x56, 0x96, 0x71,  \
+        0xe3, 0x0e, 0x68, 0x91, 0xbc, 0xea, 0xcb, 0x33, 0xc0, 0xbe, 0x45, 0xd7,  \
+        0xfc, 0x30, 0xfd, 0x01, 0x3b, 0x02, 0x81, 0x81, 0x00, 0xd2, 0x9f, 0x2a,  \
+        0xb7, 0x38, 0x19, 0xc7, 0x17, 0x95, 0x73, 0x78, 0xae, 0xf5, 0xcb, 0x75,  \
+        0x83, 0x7f, 0x19, 0x4b, 0xcb, 0x86, 0xfb, 0x4a, 0x15, 0x9a, 0xb6, 0x17,  \
+        0x04, 0x49, 0x07, 0x8d, 0xf6, 0x66, 0x4a, 0x06, 0xf6, 0x05, 0xa7, 0xdf,  \
+        0x66, 0x82, 0x3c, 0xff, 0xb6, 0x1d, 0x57, 0x89, 0x33, 0x5f, 0x9c, 0x05,  \
+        0x75, 0x7f, 0xf3, 0x5d, 0xdc, 0x34, 0x65, 0x72, 0x85, 0x22, 0xa4, 0x14,  \
+        0x1b, 0x41, 0xc3, 0xe4, 0xd0, 0x9e, 0x69, 0xd5, 0xeb, 0x38, 0x74, 0x70,  \
+        0x43, 0xdc, 0xd9, 0x50, 0xe4, 0x97, 0x6d, 0x73, 0xd6, 0xfb, 0xc8, 0xa7,  \
+        0xfa, 0xb4, 0xc2, 0xc4, 0x9d, 0x5d, 0x0c, 0xd5, 0x9f, 0x79, 0xb3, 0x54,  \
+        0xc2, 0xb7, 0x6c, 0x3d, 0x7d, 0xcb, 0x2d, 0xf8, 0xc4, 0xf3, 0x78, 0x5a,  \
+        0x33, 0x2a, 0xb8, 0x0c, 0x6d, 0x06, 0xfa, 0xf2, 0x62, 0xd3, 0x42, 0xd0,  \
+        0xbd, 0xc8, 0x4a, 0xa5, 0x0d, 0x02, 0x81, 0x81, 0x00, 0xd4, 0xa9, 0x90,  \
+        0x15, 0xde, 0xbf, 0x2c, 0xc4, 0x8d, 0x9d, 0xfb, 0xa1, 0xc2, 0xe4, 0x83,  \
+        0xe3, 0x79, 0x65, 0x22, 0xd3, 0xb7, 0x49, 0x6c, 0x4d, 0x94, 0x1f, 0x22,  \
+        0xb1, 0x60, 0xe7, 0x3a, 0x00, 0xb1, 0x38, 0xa2, 0xab, 0x0f, 0xb4, 0x6c,  \
+        0xaa, 0xe7, 0x9e, 0x34, 0xe3, 0x7c, 0x40, 0x78, 0x53, 0xb2, 0xf9, 0x23,  \
+        0xea, 0xa0, 0x9a, 0xea, 0x60, 0xc8, 0x8f, 0xa6, 0xaf, 0xdf, 0x29, 0x09,  \
+        0x4b, 0x06, 0x1e, 0x31, 0xad, 0x17, 0xda, 0xd8, 0xd1, 0xe9, 0x33, 0xab,  \
+        0x5b, 0x18, 0x08, 0x5b, 0x87, 0xf8, 0xa5, 0x1f, 0xfd, 0xbb, 0xdc, 0xd8,  \
+        0xed, 0x97, 0x57, 0xe4, 0xc3, 0x73, 0xd6, 0xf0, 0x9e, 0x01, 0xa6, 0x9b,  \
+        0x48, 0x8e, 0x7a, 0xb4, 0xbb, 0xe5, 0x88, 0x91, 0xc5, 0x2a, 0xdf, 0x4b,  \
+        0xba, 0xd0, 0x8b, 0x3e, 0x03, 0x97, 0x77, 0x2f, 0x47, 0x7e, 0x51, 0x0c,  \
+        0xae, 0x65, 0x8d, 0xde, 0x87, 0x02, 0x81, 0x80, 0x20, 0x24, 0x0f, 0xd2,  \
+        0xaf, 0xc2, 0x28, 0x3b, 0x97, 0x20, 0xb2, 0x92, 0x49, 0xeb, 0x09, 0x68,  \
+        0x40, 0xb2, 0xbe, 0xd1, 0xc3, 0x83, 0x94, 0x34, 0x38, 0xd6, 0xc9, 0xec,  \
+        0x34, 0x09, 0xf9, 0x41, 0x6d, 0x5c, 0x42, 0x94, 0xf7, 0x04, 0xfc, 0x32,  \
+        0x39, 0x69, 0xbc, 0x1c, 0xfb, 0x3e, 0x61, 0x98, 0xc0, 0x80, 0xd8, 0x36,  \
+        0x47, 0xc3, 0x6d, 0xc2, 0x2e, 0xe7, 0x81, 0x2a, 0x17, 0x34, 0x64, 0x30,  \
+        0x4e, 0x96, 0xbb, 0x26, 0x16, 0xb9, 0x41, 0x36, 0xfe, 0x8a, 0xd6, 0x53,  \
+        0x7c, 0xaa, 0xec, 0x39, 0x42, 0x50, 0xef, 0xe3, 0xb3, 0x01, 0x28, 0x32,  \
+        0xca, 0x6d, 0xf5, 0x9a, 0x1e, 0x9f, 0x37, 0xbe, 0xfe, 0x38, 0x20, 0x22,  \
+        0x91, 0x8c, 0xcd, 0x95, 0x02, 0xf2, 0x4d, 0x6f, 0x1a, 0xb4, 0x43, 0xf0,  \
+        0x19, 0xdf, 0x65, 0xc0, 0x92, 0xe7, 0x9d, 0x2f, 0x09, 0xe7, 0xec, 0x69,  \
+        0xa8, 0xc2, 0x8f, 0x0d                                                   \
+}
+/* END FILE */
+
+/*
+ * Test server Certificates
+ *
+ * Test server certificates are defined for each choice
+ * of the following parameters:
+ * - PEM or DER encoding
+ * - SHA-1 or SHA-256 hash
+ * - RSA or EC key
+ *
+ * Things to add:
+ * - multiple EC curve types
+ */
+
+/* This is taken from tests/data_files/server5.crt. */
+/* BEGIN FILE string macro TEST_SRV_CRT_EC_PEM tests/data_files/server5.crt */
+#define TEST_SRV_CRT_EC_PEM                                                    \
+    "-----BEGIN CERTIFICATE-----\r\n"                                          \
+    "MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n"     \
+    "A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n"     \
+    "MjMwNjE1MDMzNDE4WhcNMzMwNjEyMDMzNDE4WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n"     \
+    "A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\r\n"     \
+    "CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\r\n"     \
+    "2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\r\n"     \
+    "BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\r\n"     \
+    "PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh\r\n"     \
+    "clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\r\n"     \
+    "CCqGSM49BAMCA2gAMGUCMAHFbGEzx8dZaUlIltT5s1QO9FvKmvFer4uRY3ntEy9S\r\n"     \
+    "k7DCCozM86WWLjfzbJ78bwIxAJYRPF1CzNEiXPHb9O46ZPHKo2S5x//g/54RowAK\r\n"     \
+    "uZz+hKPuMi6YY6cIm81jfeaSZQ==\r\n"                                         \
+    "-----END CERTIFICATE-----\r\n"
+/* END FILE */
+
+/* This is generated from tests/data_files/server5.crt.der using `xxd -i`. */
+/* BEGIN FILE binary macro TEST_SRV_CRT_EC_DER tests/data_files/server5.crt.der */
+#define TEST_SRV_CRT_EC_DER {                                                   \
+        0x30, 0x82, 0x02, 0x1f, 0x30, 0x82, 0x01, 0xa5, 0xa0, 0x03, 0x02, 0x01, \
+        0x02, 0x02, 0x01, 0x09, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \
+        0x3d, 0x04, 0x03, 0x02, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \
+        0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \
+        0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \
+        0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \
+        0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, \
+        0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \
+        0x32, 0x33, 0x30, 0x36, 0x31, 0x35, 0x30, 0x33, 0x33, 0x34, 0x31, 0x38, \
+        0x5a, 0x17, 0x0d, 0x33, 0x33, 0x30, 0x36, 0x31, 0x32, 0x30, 0x33, 0x33, \
+        0x34, 0x31, 0x38, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \
+        0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \
+        0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \
+        0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \
+        0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x59, \
+        0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, \
+        0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, \
+        0x04, 0x37, 0xcc, 0x56, 0xd9, 0x76, 0x09, 0x1e, 0x5a, 0x72, 0x3e, 0xc7, \
+        0x59, 0x2d, 0xff, 0x20, 0x6e, 0xee, 0x7c, 0xf9, 0x06, 0x91, 0x74, 0xd0, \
+        0xad, 0x14, 0xb5, 0xf7, 0x68, 0x22, 0x59, 0x62, 0x92, 0x4e, 0xe5, 0x00, \
+        0xd8, 0x23, 0x11, 0xff, 0xea, 0x2f, 0xd2, 0x34, 0x5d, 0x5d, 0x16, 0xbd, \
+        0x8a, 0x88, 0xc2, 0x6b, 0x77, 0x0d, 0x55, 0xcd, 0x8a, 0x2a, 0x0e, 0xfa, \
+        0x01, 0xc8, 0xb4, 0xed, 0xff, 0xa3, 0x81, 0x9d, 0x30, 0x81, 0x9a, 0x30, \
+        0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, \
+        0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x50, 0x61, 0xa5, \
+        0x8f, 0xd4, 0x07, 0xd9, 0xd7, 0x82, 0x01, 0x0c, 0xe5, 0x65, 0x7f, 0x8c, \
+        0x63, 0x46, 0xa7, 0x13, 0xbe, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23, \
+        0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01, \
+        0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, \
+        0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \
+        0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \
+        0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \
+        0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \
+        0x03, 0x0c, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, \
+        0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09, \
+        0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0a, 0x06, \
+        0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x68, 0x00, \
+        0x30, 0x65, 0x02, 0x30, 0x01, 0xc5, 0x6c, 0x61, 0x33, 0xc7, 0xc7, 0x59, \
+        0x69, 0x49, 0x48, 0x96, 0xd4, 0xf9, 0xb3, 0x54, 0x0e, 0xf4, 0x5b, 0xca, \
+        0x9a, 0xf1, 0x5e, 0xaf, 0x8b, 0x91, 0x63, 0x79, 0xed, 0x13, 0x2f, 0x52, \
+        0x93, 0xb0, 0xc2, 0x0a, 0x8c, 0xcc, 0xf3, 0xa5, 0x96, 0x2e, 0x37, 0xf3, \
+        0x6c, 0x9e, 0xfc, 0x6f, 0x02, 0x31, 0x00, 0x96, 0x11, 0x3c, 0x5d, 0x42, \
+        0xcc, 0xd1, 0x22, 0x5c, 0xf1, 0xdb, 0xf4, 0xee, 0x3a, 0x64, 0xf1, 0xca, \
+        0xa3, 0x64, 0xb9, 0xc7, 0xff, 0xe0, 0xff, 0x9e, 0x11, 0xa3, 0x00, 0x0a, \
+        0xb9, 0x9c, 0xfe, 0x84, 0xa3, 0xee, 0x32, 0x2e, 0x98, 0x63, 0xa7, 0x08, \
+        0x9b, 0xcd, 0x63, 0x7d, 0xe6, 0x92, 0x65                                \
+}
+/* END FILE */
+
+/* This is taken from tests/data_files/server5.key. */
+/* BEGIN FILE string macro TEST_SRV_KEY_EC_PEM tests/data_files/server5.key */
+#define TEST_SRV_KEY_EC_PEM                                                \
+    "-----BEGIN EC PRIVATE KEY-----\r\n"                                   \
+    "MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\r\n" \
+    "AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\r\n" \
+    "6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\r\n"                             \
+    "-----END EC PRIVATE KEY-----\r\n"
+/* END FILE */
+
+/* This is generated from tests/data_files/server5.key.der using `xxd -i`. */
+/* BEGIN FILE binary macro TEST_SRV_KEY_EC_DER tests/data_files/server5.key.der */
+#define TEST_SRV_KEY_EC_DER {                                                \
+        0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xf1, 0x2a, 0x13, 0x20, 0x76,  \
+        0x02, 0x70, 0xa8, 0x3c, 0xbf, 0xfd, 0x53, 0xf6, 0x03, 0x1e, 0xf7, 0x6a,  \
+        0x5d, 0x86, 0xc8, 0xa2, 0x04, 0xf2, 0xc3, 0x0c, 0xa9, 0xeb, 0xf5, 0x1f,  \
+        0x0f, 0x0e, 0xa7, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,  \
+        0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x37, 0xcc, 0x56,  \
+        0xd9, 0x76, 0x09, 0x1e, 0x5a, 0x72, 0x3e, 0xc7, 0x59, 0x2d, 0xff, 0x20,  \
+        0x6e, 0xee, 0x7c, 0xf9, 0x06, 0x91, 0x74, 0xd0, 0xad, 0x14, 0xb5, 0xf7,  \
+        0x68, 0x22, 0x59, 0x62, 0x92, 0x4e, 0xe5, 0x00, 0xd8, 0x23, 0x11, 0xff,  \
+        0xea, 0x2f, 0xd2, 0x34, 0x5d, 0x5d, 0x16, 0xbd, 0x8a, 0x88, 0xc2, 0x6b,  \
+        0x77, 0x0d, 0x55, 0xcd, 0x8a, 0x2a, 0x0e, 0xfa, 0x01, 0xc8, 0xb4, 0xed,  \
+        0xff                                                                     \
+}
+/* END FILE */
+
+/* This is taken from tests/data_files/server2-sha256.crt. */
+/* BEGIN FILE string macro TEST_SRV_CRT_RSA_SHA256_PEM tests/data_files/server2-sha256.crt */
+#define TEST_SRV_CRT_RSA_SHA256_PEM                                        \
+    "-----BEGIN CERTIFICATE-----\r\n"                                      \
+    "MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \
+    "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \
+    "MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \
+    "A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n" \
+    "AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n" \
+    "owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n" \
+    "NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n" \
+    "tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n" \
+    "hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n" \
+    "HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n" \
+    "VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n" \
+    "FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQELBQADggEBAC465FJh\r\n" \
+    "Pqel7zJngHIHJrqj/wVAxGAFOTF396XKATGAp+HRCqJ81Ry60CNK1jDzk8dv6M6U\r\n" \
+    "HoS7RIFiM/9rXQCbJfiPD5xMTejZp5n5UYHAmxsxDaazfA5FuBhkfokKK6jD4Eq9\r\n" \
+    "1C94xGKb6X4/VkaPF7cqoBBw/bHxawXc0UEPjqayiBpCYU/rJoVZgLqFVP7Px3sv\r\n" \
+    "a1nOrNx8rPPI1hJ+ZOg8maiPTxHZnBVLakSSLQy/sWeWyazO1RnrbxjrbgQtYKz0\r\n" \
+    "e3nwGpu1w13vfckFmUSBhHXH7AAS/HpKC4IH7G2GAk3+n8iSSN71sZzpxonQwVbo\r\n" \
+    "pMZqLmbBm/7WPLc=\r\n"                                                 \
+    "-----END CERTIFICATE-----\r\n"
+/* END FILE */
+
+/* This is taken from tests/data_files/server2-sha256.crt.der. */
+/* BEGIN FILE binary macro TEST_SRV_CRT_RSA_SHA256_DER tests/data_files/server2-sha256.crt.der */
+#define TEST_SRV_CRT_RSA_SHA256_DER {                                        \
+        0x30, 0x82, 0x03, 0x37, 0x30, 0x82, 0x02, 0x1f, 0xa0, 0x03, 0x02, 0x01,    \
+        0x02, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,    \
+        0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30,    \
+        0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11,    \
+        0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c,    \
+        0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55,    \
+        0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c,    \
+        0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d,    \
+        0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36,    \
+        0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34,    \
+        0x34, 0x30, 0x36, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,    \
+        0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06,    \
+        0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53,    \
+        0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,    \
+        0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x82,    \
+        0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,    \
+        0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82,    \
+        0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc1, 0x4d, 0xa3, 0xdd, 0xe7,    \
+        0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, 0xb8, 0x99, 0xac, 0x0e, 0x78,    \
+        0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, 0x16, 0xd0, 0x5a, 0xe4, 0xcd,    \
+        0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, 0x96, 0xa7, 0x52, 0xb4, 0x90,    \
+        0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, 0xfc, 0xb6, 0x34, 0xac, 0x24,    \
+        0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, 0xb0, 0x28, 0x7d, 0xa1, 0xda,    \
+        0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, 0xfe, 0xc1, 0x04, 0x52, 0xb3,    \
+        0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, 0xd8, 0x90, 0xc1, 0x61, 0xb4,    \
+        0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, 0xab, 0x74, 0x5e, 0x07, 0x7d,    \
+        0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, 0xd9, 0x0d, 0x1c, 0x2d, 0x49,    \
+        0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, 0x0b, 0x8a, 0x4f, 0x69, 0x0c,    \
+        0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, 0x66, 0x7d, 0xae, 0x54, 0x2b,    \
+        0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, 0xc3, 0xcd, 0x40, 0x49, 0x08,    \
+        0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, 0x46, 0xbf, 0xd0, 0xb8, 0xaa,    \
+        0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, 0x1e, 0x44, 0x18, 0x0f, 0x0f,    \
+        0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, 0x18, 0xc6, 0x62, 0x2f, 0xc7,    \
+        0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, 0x27, 0x89, 0x29, 0x01, 0xc5,    \
+        0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, 0x4a, 0x0e, 0xef, 0xd6, 0xde,    \
+        0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, 0x7a, 0xc4, 0x02, 0x3c, 0x9a,    \
+        0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, 0xcb, 0x73, 0x4b, 0x52, 0x96,    \
+        0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, 0x39, 0x5a, 0xd3, 0x0f, 0xb0,    \
+        0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, 0x12, 0x01, 0x30, 0x97, 0x02,    \
+        0x03, 0x01, 0x00, 0x01, 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03,    \
+        0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55,    \
+        0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xa5, 0x05, 0xe8, 0x64, 0xb8, 0xdc,    \
+        0xdf, 0x60, 0x0f, 0x50, 0x12, 0x4d, 0x60, 0xa8, 0x64, 0xaf, 0x4d, 0x8b,    \
+        0x43, 0x93, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30,    \
+        0x16, 0x80, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6,    \
+        0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30,    \
+        0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,    \
+        0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x2e, 0x3a, 0xe4, 0x52, 0x61,    \
+        0x3e, 0xa7, 0xa5, 0xef, 0x32, 0x67, 0x80, 0x72, 0x07, 0x26, 0xba, 0xa3,    \
+        0xff, 0x05, 0x40, 0xc4, 0x60, 0x05, 0x39, 0x31, 0x77, 0xf7, 0xa5, 0xca,    \
+        0x01, 0x31, 0x80, 0xa7, 0xe1, 0xd1, 0x0a, 0xa2, 0x7c, 0xd5, 0x1c, 0xba,    \
+        0xd0, 0x23, 0x4a, 0xd6, 0x30, 0xf3, 0x93, 0xc7, 0x6f, 0xe8, 0xce, 0x94,    \
+        0x1e, 0x84, 0xbb, 0x44, 0x81, 0x62, 0x33, 0xff, 0x6b, 0x5d, 0x00, 0x9b,    \
+        0x25, 0xf8, 0x8f, 0x0f, 0x9c, 0x4c, 0x4d, 0xe8, 0xd9, 0xa7, 0x99, 0xf9,    \
+        0x51, 0x81, 0xc0, 0x9b, 0x1b, 0x31, 0x0d, 0xa6, 0xb3, 0x7c, 0x0e, 0x45,    \
+        0xb8, 0x18, 0x64, 0x7e, 0x89, 0x0a, 0x2b, 0xa8, 0xc3, 0xe0, 0x4a, 0xbd,    \
+        0xd4, 0x2f, 0x78, 0xc4, 0x62, 0x9b, 0xe9, 0x7e, 0x3f, 0x56, 0x46, 0x8f,    \
+        0x17, 0xb7, 0x2a, 0xa0, 0x10, 0x70, 0xfd, 0xb1, 0xf1, 0x6b, 0x05, 0xdc,    \
+        0xd1, 0x41, 0x0f, 0x8e, 0xa6, 0xb2, 0x88, 0x1a, 0x42, 0x61, 0x4f, 0xeb,    \
+        0x26, 0x85, 0x59, 0x80, 0xba, 0x85, 0x54, 0xfe, 0xcf, 0xc7, 0x7b, 0x2f,    \
+        0x6b, 0x59, 0xce, 0xac, 0xdc, 0x7c, 0xac, 0xf3, 0xc8, 0xd6, 0x12, 0x7e,    \
+        0x64, 0xe8, 0x3c, 0x99, 0xa8, 0x8f, 0x4f, 0x11, 0xd9, 0x9c, 0x15, 0x4b,    \
+        0x6a, 0x44, 0x92, 0x2d, 0x0c, 0xbf, 0xb1, 0x67, 0x96, 0xc9, 0xac, 0xce,    \
+        0xd5, 0x19, 0xeb, 0x6f, 0x18, 0xeb, 0x6e, 0x04, 0x2d, 0x60, 0xac, 0xf4,    \
+        0x7b, 0x79, 0xf0, 0x1a, 0x9b, 0xb5, 0xc3, 0x5d, 0xef, 0x7d, 0xc9, 0x05,    \
+        0x99, 0x44, 0x81, 0x84, 0x75, 0xc7, 0xec, 0x00, 0x12, 0xfc, 0x7a, 0x4a,    \
+        0x0b, 0x82, 0x07, 0xec, 0x6d, 0x86, 0x02, 0x4d, 0xfe, 0x9f, 0xc8, 0x92,    \
+        0x48, 0xde, 0xf5, 0xb1, 0x9c, 0xe9, 0xc6, 0x89, 0xd0, 0xc1, 0x56, 0xe8,    \
+        0xa4, 0xc6, 0x6a, 0x2e, 0x66, 0xc1, 0x9b, 0xfe, 0xd6, 0x3c, 0xb7           \
+}
+/* END FILE */
+
+/* This is taken from tests/data_files/server2.crt. */
+/* BEGIN FILE string macro TEST_SRV_CRT_RSA_SHA1_PEM tests/data_files/server2.crt */
+#define TEST_SRV_CRT_RSA_SHA1_PEM                                       \
+    "-----BEGIN CERTIFICATE-----\r\n"                                       \
+    "MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n"  \
+    "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"  \
+    "MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n"  \
+    "A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n"  \
+    "AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n"  \
+    "owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n"  \
+    "NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n"  \
+    "tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n"  \
+    "hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n"  \
+    "HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n"  \
+    "VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n"  \
+    "FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJklg3Q4\r\n"  \
+    "cB7v7BzsxM/vLyKccO6op0/gZzM4ghuLq2Y32kl0sM6kSNUUmduuq3u/+GmUZN2A\r\n"  \
+    "O/7c+Hw7hDFEIvZk98aBGjCLqn3DmgHIv8ToQ67nellQxx2Uj309PdgjNi/r9HOc\r\n"  \
+    "KNAYPbBcg6MJGWWj2TI6vNaceios/DhOYx5V0j5nfqSJ/pnU0g9Ign2LAhgYpGJE\r\n"  \
+    "iEM9wW7hEMkwmk0h/sqZsrJsGH5YsF/VThSq/JVO1e2mZH2vruyZKJVBq+8tDNYp\r\n"  \
+    "HkK6tSyVYQhzIt3StMJWKMl/o5k2AYz6tSC164+1oG+ML3LWg8XrGKa91H4UOKap\r\n"  \
+    "Awgk0+4m0T25cNs=\r\n"                                                  \
+    "-----END CERTIFICATE-----\r\n"
+/* END FILE */
+
+/* This is taken from tests/data_files/server2.crt.der. */
+/* BEGIN FILE binary macro TEST_SRV_CRT_RSA_SHA1_DER tests/data_files/server2.crt.der */
+#define TEST_SRV_CRT_RSA_SHA1_DER {                                          \
+        0x30, 0x82, 0x03, 0x37, 0x30, 0x82, 0x02, 0x1f, 0xa0, 0x03, 0x02, 0x01,  \
+        0x02, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,  \
+        0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30,  \
+        0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11,  \
+        0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c,  \
+        0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55,  \
+        0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c,  \
+        0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d,  \
+        0x31, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36,  \
+        0x5a, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34,  \
+        0x34, 0x30, 0x36, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,  \
+        0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06,  \
+        0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53,  \
+        0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,  \
+        0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x82,  \
+        0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,  \
+        0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82,  \
+        0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc1, 0x4d, 0xa3, 0xdd, 0xe7,  \
+        0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, 0xb8, 0x99, 0xac, 0x0e, 0x78,  \
+        0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, 0x16, 0xd0, 0x5a, 0xe4, 0xcd,  \
+        0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, 0x96, 0xa7, 0x52, 0xb4, 0x90,  \
+        0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, 0xfc, 0xb6, 0x34, 0xac, 0x24,  \
+        0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, 0xb0, 0x28, 0x7d, 0xa1, 0xda,  \
+        0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, 0xfe, 0xc1, 0x04, 0x52, 0xb3,  \
+        0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, 0xd8, 0x90, 0xc1, 0x61, 0xb4,  \
+        0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, 0xab, 0x74, 0x5e, 0x07, 0x7d,  \
+        0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, 0xd9, 0x0d, 0x1c, 0x2d, 0x49,  \
+        0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, 0x0b, 0x8a, 0x4f, 0x69, 0x0c,  \
+        0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, 0x66, 0x7d, 0xae, 0x54, 0x2b,  \
+        0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, 0xc3, 0xcd, 0x40, 0x49, 0x08,  \
+        0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, 0x46, 0xbf, 0xd0, 0xb8, 0xaa,  \
+        0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, 0x1e, 0x44, 0x18, 0x0f, 0x0f,  \
+        0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, 0x18, 0xc6, 0x62, 0x2f, 0xc7,  \
+        0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, 0x27, 0x89, 0x29, 0x01, 0xc5,  \
+        0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, 0x4a, 0x0e, 0xef, 0xd6, 0xde,  \
+        0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, 0x7a, 0xc4, 0x02, 0x3c, 0x9a,  \
+        0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, 0xcb, 0x73, 0x4b, 0x52, 0x96,  \
+        0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, 0x39, 0x5a, 0xd3, 0x0f, 0xb0,  \
+        0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, 0x12, 0x01, 0x30, 0x97, 0x02,  \
+        0x03, 0x01, 0x00, 0x01, 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03,  \
+        0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55,  \
+        0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xa5, 0x05, 0xe8, 0x64, 0xb8, 0xdc,  \
+        0xdf, 0x60, 0x0f, 0x50, 0x12, 0x4d, 0x60, 0xa8, 0x64, 0xaf, 0x4d, 0x8b,  \
+        0x43, 0x93, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30,  \
+        0x16, 0x80, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6,  \
+        0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30,  \
+        0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05,  \
+        0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x01, 0x73, 0x0b, 0x4a, 0xc5,  \
+        0xcb, 0xa0, 0xde, 0xf1, 0x63, 0x1c, 0x76, 0x04, 0x2b, 0x13, 0x0d, 0xc0,  \
+        0x84, 0x11, 0xc5, 0x8f, 0x3a, 0xa7, 0xc5, 0x9c, 0x35, 0x7a, 0x77, 0xb8,  \
+        0x20, 0x14, 0x82, 0xee, 0x54, 0xf0, 0xf2, 0xb0, 0x52, 0xcb, 0x78, 0xce,  \
+        0x59, 0x07, 0x4f, 0x51, 0x69, 0xfe, 0xd3, 0x2f, 0xe9, 0x09, 0xe7, 0x85,  \
+        0x92, 0xd8, 0xba, 0xb1, 0xeb, 0xc5, 0x76, 0x5d, 0x61, 0x2d, 0xe9, 0x86,  \
+        0xb5, 0xde, 0x2a, 0xf9, 0x3f, 0x53, 0x28, 0x42, 0x86, 0x83, 0x73, 0x43,  \
+        0xe0, 0x04, 0x5f, 0x07, 0x90, 0x14, 0x65, 0x9f, 0x6e, 0x10, 0x7a, 0xbc,  \
+        0x58, 0x19, 0x22, 0xc2, 0xeb, 0x39, 0x72, 0x51, 0x92, 0xd7, 0xb4, 0x1d,  \
+        0x75, 0x2f, 0xd3, 0x3a, 0x2b, 0x01, 0xe7, 0xdb, 0x50, 0xae, 0xe2, 0xf1,  \
+        0xd4, 0x4d, 0x5b, 0x3c, 0xbb, 0x41, 0x2b, 0x2a, 0xa4, 0xe2, 0x4a, 0x02,  \
+        0xe5, 0x60, 0x14, 0x2c, 0x9c, 0x1f, 0xa6, 0xcc, 0x06, 0x4b, 0x25, 0x89,  \
+        0x4e, 0x96, 0x30, 0x22, 0x9c, 0x5c, 0x58, 0x4d, 0xc3, 0xda, 0xd0, 0x6e,  \
+        0x50, 0x1e, 0x8c, 0x65, 0xf5, 0xd9, 0x17, 0x35, 0xa6, 0x58, 0x43, 0xb2,  \
+        0x29, 0xb7, 0xa8, 0x5e, 0x35, 0xde, 0xf0, 0x60, 0x42, 0x1a, 0x01, 0xcb,  \
+        0xcb, 0x0b, 0xd8, 0x0e, 0xc1, 0x90, 0xdf, 0xa1, 0xd2, 0x1a, 0xd1, 0x2c,  \
+        0x02, 0xf4, 0x76, 0x41, 0xa4, 0xcb, 0x4b, 0x15, 0x98, 0x71, 0xf9, 0x35,  \
+        0x7d, 0xb0, 0xe7, 0xe2, 0x34, 0x96, 0x91, 0xbe, 0x32, 0x67, 0x2d, 0x6b,  \
+        0xd3, 0x55, 0x04, 0x8a, 0x01, 0x50, 0xb4, 0xe3, 0x62, 0x78, 0x6c, 0x11,  \
+        0x15, 0xa5, 0x2a, 0x11, 0xc1, 0x49, 0x1c, 0x9b, 0xc4, 0x10, 0x65, 0x60,  \
+        0x87, 0xd9, 0x1e, 0x69, 0x59, 0x4e, 0x8f, 0x6b, 0xeb, 0xc1, 0xfe, 0x6b,  \
+        0xe2, 0x63, 0x78, 0x95, 0x6e, 0xe0, 0x2d, 0xd7, 0xa7, 0x37, 0xa8         \
+}
+/* END FILE */
+
+/* This is taken from tests/data_files/server2.key. */
+/* BEGIN FILE string macro TEST_SRV_KEY_RSA_PEM tests/data_files/server2.key */
+#define TEST_SRV_KEY_RSA_PEM                                               \
+    "-----BEGIN RSA PRIVATE KEY-----\r\n"                                  \
+    "MIIEpAIBAAKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r\r\n" \
+    "lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2\r\n" \
+    "2JDBYbRmUjaiJlOqq3ReB30Zgtsq2B+g2Q0cLUlm91slc0boC4pPaQy1AJDh2oIQ\r\n" \
+    "Zn2uVCuLZXmRoeJhw81ASQjuaAzxi4bSRr/QuKoRAx5/VqgaHkQYDw+Fi9qLRF7i\r\n" \
+    "GMZiL8dmjfpd2H3zJ4kpAcWQDj8n8TDISg7v1t7HxydrxwU9esQCPJodPg/oNJhb\r\n" \
+    "y3NLUpbYEaIsgIhpOVrTD7DeWS8Rx/fqEgEwlwIDAQABAoIBAQCXR0S8EIHFGORZ\r\n" \
+    "++AtOg6eENxD+xVs0f1IeGz57Tjo3QnXX7VBZNdj+p1ECvhCE/G7XnkgU5hLZX+G\r\n" \
+    "Z0jkz/tqJOI0vRSdLBbipHnWouyBQ4e/A1yIJdlBtqXxJ1KE/ituHRbNc4j4kL8Z\r\n" \
+    "/r6pvwnTI0PSx2Eqs048YdS92LT6qAv4flbNDxMn2uY7s4ycS4Q8w1JXnCeaAnYm\r\n" \
+    "WYI5wxO+bvRELR2Mcz5DmVnL8jRyml6l6582bSv5oufReFIbyPZbQWlXgYnpu6He\r\n" \
+    "GTc7E1zKYQGG/9+DQUl/1vQuCPqQwny0tQoX2w5tdYpdMdVm+zkLtbajzdTviJJa\r\n" \
+    "TWzL6lt5AoGBAN86+SVeJDcmQJcv4Eq6UhtRr4QGMiQMz0Sod6ettYxYzMgxtw28\r\n" \
+    "CIrgpozCc+UaZJLo7UxvC6an85r1b2nKPCLQFaggJ0H4Q0J/sZOhBIXaoBzWxveK\r\n" \
+    "nupceKdVxGsFi8CDy86DBfiyFivfBj+47BbaQzPBj7C4rK7UlLjab2rDAoGBAN2u\r\n" \
+    "AM2gchoFiu4v1HFL8D7lweEpi6ZnMJjnEu/dEgGQJFjwdpLnPbsj4c75odQ4Gz8g\r\n" \
+    "sw9lao9VVzbusoRE/JGI4aTdO0pATXyG7eG1Qu+5Yc1YGXcCrliA2xM9xx+d7f+s\r\n" \
+    "mPzN+WIEg5GJDYZDjAzHG5BNvi/FfM1C9dOtjv2dAoGAF0t5KmwbjWHBhcVqO4Ic\r\n" \
+    "BVvN3BIlc1ue2YRXEDlxY5b0r8N4XceMgKmW18OHApZxfl8uPDauWZLXOgl4uepv\r\n" \
+    "whZC3EuWrSyyICNhLY21Ah7hbIEBPF3L3ZsOwC+UErL+dXWLdB56Jgy3gZaBeW7b\r\n" \
+    "vDrEnocJbqCm7IukhXHOBK8CgYEAwqdHB0hqyNSzIOGY7v9abzB6pUdA3BZiQvEs\r\n" \
+    "3LjHVd4HPJ2x0N8CgrBIWOE0q8+0hSMmeE96WW/7jD3fPWwCR5zlXknxBQsfv0gP\r\n" \
+    "3BC5PR0Qdypz+d+9zfMf625kyit4T/hzwhDveZUzHnk1Cf+IG7Q+TOEnLnWAWBED\r\n" \
+    "ISOWmrUCgYAFEmRxgwAc/u+D6t0syCwAYh6POtscq9Y0i9GyWk89NzgC4NdwwbBH\r\n" \
+    "4AgahOxIxXx2gxJnq3yfkJfIjwf0s2DyP0kY2y6Ua1OeomPeY9mrIS4tCuDQ6LrE\r\n" \
+    "TB6l9VGoxJL4fyHnZb8L5gGvnB1bbD8cL6YPaDiOhcRseC9vBiEuVg==\r\n"         \
+    "-----END RSA PRIVATE KEY-----\r\n"
+/* END FILE */
+
+/* This was generated from tests/data_files/server2.key.der using `xxd -i`. */
+/* BEGIN FILE binary macro TEST_SRV_KEY_RSA_DER tests/data_files/server2.key.der */
+#define TEST_SRV_KEY_RSA_DER {                                               \
+        0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,  \
+        0xc1, 0x4d, 0xa3, 0xdd, 0xe7, 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72,  \
+        0xb8, 0x99, 0xac, 0x0e, 0x78, 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13,  \
+        0x16, 0xd0, 0x5a, 0xe4, 0xcd, 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b,  \
+        0x96, 0xa7, 0x52, 0xb4, 0x90, 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a,  \
+        0xfc, 0xb6, 0x34, 0xac, 0x24, 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c,  \
+        0xb0, 0x28, 0x7d, 0xa1, 0xda, 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc,  \
+        0xfe, 0xc1, 0x04, 0x52, 0xb3, 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76,  \
+        0xd8, 0x90, 0xc1, 0x61, 0xb4, 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa,  \
+        0xab, 0x74, 0x5e, 0x07, 0x7d, 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0,  \
+        0xd9, 0x0d, 0x1c, 0x2d, 0x49, 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8,  \
+        0x0b, 0x8a, 0x4f, 0x69, 0x0c, 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10,  \
+        0x66, 0x7d, 0xae, 0x54, 0x2b, 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61,  \
+        0xc3, 0xcd, 0x40, 0x49, 0x08, 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2,  \
+        0x46, 0xbf, 0xd0, 0xb8, 0xaa, 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a,  \
+        0x1e, 0x44, 0x18, 0x0f, 0x0f, 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2,  \
+        0x18, 0xc6, 0x62, 0x2f, 0xc7, 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3,  \
+        0x27, 0x89, 0x29, 0x01, 0xc5, 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8,  \
+        0x4a, 0x0e, 0xef, 0xd6, 0xde, 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d,  \
+        0x7a, 0xc4, 0x02, 0x3c, 0x9a, 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b,  \
+        0xcb, 0x73, 0x4b, 0x52, 0x96, 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69,  \
+        0x39, 0x5a, 0xd3, 0x0f, 0xb0, 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea,  \
+        0x12, 0x01, 0x30, 0x97, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,  \
+        0x01, 0x00, 0x97, 0x47, 0x44, 0xbc, 0x10, 0x81, 0xc5, 0x18, 0xe4, 0x59,  \
+        0xfb, 0xe0, 0x2d, 0x3a, 0x0e, 0x9e, 0x10, 0xdc, 0x43, 0xfb, 0x15, 0x6c,  \
+        0xd1, 0xfd, 0x48, 0x78, 0x6c, 0xf9, 0xed, 0x38, 0xe8, 0xdd, 0x09, 0xd7,  \
+        0x5f, 0xb5, 0x41, 0x64, 0xd7, 0x63, 0xfa, 0x9d, 0x44, 0x0a, 0xf8, 0x42,  \
+        0x13, 0xf1, 0xbb, 0x5e, 0x79, 0x20, 0x53, 0x98, 0x4b, 0x65, 0x7f, 0x86,  \
+        0x67, 0x48, 0xe4, 0xcf, 0xfb, 0x6a, 0x24, 0xe2, 0x34, 0xbd, 0x14, 0x9d,  \
+        0x2c, 0x16, 0xe2, 0xa4, 0x79, 0xd6, 0xa2, 0xec, 0x81, 0x43, 0x87, 0xbf,  \
+        0x03, 0x5c, 0x88, 0x25, 0xd9, 0x41, 0xb6, 0xa5, 0xf1, 0x27, 0x52, 0x84,  \
+        0xfe, 0x2b, 0x6e, 0x1d, 0x16, 0xcd, 0x73, 0x88, 0xf8, 0x90, 0xbf, 0x19,  \
+        0xfe, 0xbe, 0xa9, 0xbf, 0x09, 0xd3, 0x23, 0x43, 0xd2, 0xc7, 0x61, 0x2a,  \
+        0xb3, 0x4e, 0x3c, 0x61, 0xd4, 0xbd, 0xd8, 0xb4, 0xfa, 0xa8, 0x0b, 0xf8,  \
+        0x7e, 0x56, 0xcd, 0x0f, 0x13, 0x27, 0xda, 0xe6, 0x3b, 0xb3, 0x8c, 0x9c,  \
+        0x4b, 0x84, 0x3c, 0xc3, 0x52, 0x57, 0x9c, 0x27, 0x9a, 0x02, 0x76, 0x26,  \
+        0x59, 0x82, 0x39, 0xc3, 0x13, 0xbe, 0x6e, 0xf4, 0x44, 0x2d, 0x1d, 0x8c,  \
+        0x73, 0x3e, 0x43, 0x99, 0x59, 0xcb, 0xf2, 0x34, 0x72, 0x9a, 0x5e, 0xa5,  \
+        0xeb, 0x9f, 0x36, 0x6d, 0x2b, 0xf9, 0xa2, 0xe7, 0xd1, 0x78, 0x52, 0x1b,  \
+        0xc8, 0xf6, 0x5b, 0x41, 0x69, 0x57, 0x81, 0x89, 0xe9, 0xbb, 0xa1, 0xde,  \
+        0x19, 0x37, 0x3b, 0x13, 0x5c, 0xca, 0x61, 0x01, 0x86, 0xff, 0xdf, 0x83,  \
+        0x41, 0x49, 0x7f, 0xd6, 0xf4, 0x2e, 0x08, 0xfa, 0x90, 0xc2, 0x7c, 0xb4,  \
+        0xb5, 0x0a, 0x17, 0xdb, 0x0e, 0x6d, 0x75, 0x8a, 0x5d, 0x31, 0xd5, 0x66,  \
+        0xfb, 0x39, 0x0b, 0xb5, 0xb6, 0xa3, 0xcd, 0xd4, 0xef, 0x88, 0x92, 0x5a,  \
+        0x4d, 0x6c, 0xcb, 0xea, 0x5b, 0x79, 0x02, 0x81, 0x81, 0x00, 0xdf, 0x3a,  \
+        0xf9, 0x25, 0x5e, 0x24, 0x37, 0x26, 0x40, 0x97, 0x2f, 0xe0, 0x4a, 0xba,  \
+        0x52, 0x1b, 0x51, 0xaf, 0x84, 0x06, 0x32, 0x24, 0x0c, 0xcf, 0x44, 0xa8,  \
+        0x77, 0xa7, 0xad, 0xb5, 0x8c, 0x58, 0xcc, 0xc8, 0x31, 0xb7, 0x0d, 0xbc,  \
+        0x08, 0x8a, 0xe0, 0xa6, 0x8c, 0xc2, 0x73, 0xe5, 0x1a, 0x64, 0x92, 0xe8,  \
+        0xed, 0x4c, 0x6f, 0x0b, 0xa6, 0xa7, 0xf3, 0x9a, 0xf5, 0x6f, 0x69, 0xca,  \
+        0x3c, 0x22, 0xd0, 0x15, 0xa8, 0x20, 0x27, 0x41, 0xf8, 0x43, 0x42, 0x7f,  \
+        0xb1, 0x93, 0xa1, 0x04, 0x85, 0xda, 0xa0, 0x1c, 0xd6, 0xc6, 0xf7, 0x8a,  \
+        0x9e, 0xea, 0x5c, 0x78, 0xa7, 0x55, 0xc4, 0x6b, 0x05, 0x8b, 0xc0, 0x83,  \
+        0xcb, 0xce, 0x83, 0x05, 0xf8, 0xb2, 0x16, 0x2b, 0xdf, 0x06, 0x3f, 0xb8,  \
+        0xec, 0x16, 0xda, 0x43, 0x33, 0xc1, 0x8f, 0xb0, 0xb8, 0xac, 0xae, 0xd4,  \
+        0x94, 0xb8, 0xda, 0x6f, 0x6a, 0xc3, 0x02, 0x81, 0x81, 0x00, 0xdd, 0xae,  \
+        0x00, 0xcd, 0xa0, 0x72, 0x1a, 0x05, 0x8a, 0xee, 0x2f, 0xd4, 0x71, 0x4b,  \
+        0xf0, 0x3e, 0xe5, 0xc1, 0xe1, 0x29, 0x8b, 0xa6, 0x67, 0x30, 0x98, 0xe7,  \
+        0x12, 0xef, 0xdd, 0x12, 0x01, 0x90, 0x24, 0x58, 0xf0, 0x76, 0x92, 0xe7,  \
+        0x3d, 0xbb, 0x23, 0xe1, 0xce, 0xf9, 0xa1, 0xd4, 0x38, 0x1b, 0x3f, 0x20,  \
+        0xb3, 0x0f, 0x65, 0x6a, 0x8f, 0x55, 0x57, 0x36, 0xee, 0xb2, 0x84, 0x44,  \
+        0xfc, 0x91, 0x88, 0xe1, 0xa4, 0xdd, 0x3b, 0x4a, 0x40, 0x4d, 0x7c, 0x86,  \
+        0xed, 0xe1, 0xb5, 0x42, 0xef, 0xb9, 0x61, 0xcd, 0x58, 0x19, 0x77, 0x02,  \
+        0xae, 0x58, 0x80, 0xdb, 0x13, 0x3d, 0xc7, 0x1f, 0x9d, 0xed, 0xff, 0xac,  \
+        0x98, 0xfc, 0xcd, 0xf9, 0x62, 0x04, 0x83, 0x91, 0x89, 0x0d, 0x86, 0x43,  \
+        0x8c, 0x0c, 0xc7, 0x1b, 0x90, 0x4d, 0xbe, 0x2f, 0xc5, 0x7c, 0xcd, 0x42,  \
+        0xf5, 0xd3, 0xad, 0x8e, 0xfd, 0x9d, 0x02, 0x81, 0x80, 0x17, 0x4b, 0x79,  \
+        0x2a, 0x6c, 0x1b, 0x8d, 0x61, 0xc1, 0x85, 0xc5, 0x6a, 0x3b, 0x82, 0x1c,  \
+        0x05, 0x5b, 0xcd, 0xdc, 0x12, 0x25, 0x73, 0x5b, 0x9e, 0xd9, 0x84, 0x57,  \
+        0x10, 0x39, 0x71, 0x63, 0x96, 0xf4, 0xaf, 0xc3, 0x78, 0x5d, 0xc7, 0x8c,  \
+        0x80, 0xa9, 0x96, 0xd7, 0xc3, 0x87, 0x02, 0x96, 0x71, 0x7e, 0x5f, 0x2e,  \
+        0x3c, 0x36, 0xae, 0x59, 0x92, 0xd7, 0x3a, 0x09, 0x78, 0xb9, 0xea, 0x6f,  \
+        0xc2, 0x16, 0x42, 0xdc, 0x4b, 0x96, 0xad, 0x2c, 0xb2, 0x20, 0x23, 0x61,  \
+        0x2d, 0x8d, 0xb5, 0x02, 0x1e, 0xe1, 0x6c, 0x81, 0x01, 0x3c, 0x5d, 0xcb,  \
+        0xdd, 0x9b, 0x0e, 0xc0, 0x2f, 0x94, 0x12, 0xb2, 0xfe, 0x75, 0x75, 0x8b,  \
+        0x74, 0x1e, 0x7a, 0x26, 0x0c, 0xb7, 0x81, 0x96, 0x81, 0x79, 0x6e, 0xdb,  \
+        0xbc, 0x3a, 0xc4, 0x9e, 0x87, 0x09, 0x6e, 0xa0, 0xa6, 0xec, 0x8b, 0xa4,  \
+        0x85, 0x71, 0xce, 0x04, 0xaf, 0x02, 0x81, 0x81, 0x00, 0xc2, 0xa7, 0x47,  \
+        0x07, 0x48, 0x6a, 0xc8, 0xd4, 0xb3, 0x20, 0xe1, 0x98, 0xee, 0xff, 0x5a,  \
+        0x6f, 0x30, 0x7a, 0xa5, 0x47, 0x40, 0xdc, 0x16, 0x62, 0x42, 0xf1, 0x2c,  \
+        0xdc, 0xb8, 0xc7, 0x55, 0xde, 0x07, 0x3c, 0x9d, 0xb1, 0xd0, 0xdf, 0x02,  \
+        0x82, 0xb0, 0x48, 0x58, 0xe1, 0x34, 0xab, 0xcf, 0xb4, 0x85, 0x23, 0x26,  \
+        0x78, 0x4f, 0x7a, 0x59, 0x6f, 0xfb, 0x8c, 0x3d, 0xdf, 0x3d, 0x6c, 0x02,  \
+        0x47, 0x9c, 0xe5, 0x5e, 0x49, 0xf1, 0x05, 0x0b, 0x1f, 0xbf, 0x48, 0x0f,  \
+        0xdc, 0x10, 0xb9, 0x3d, 0x1d, 0x10, 0x77, 0x2a, 0x73, 0xf9, 0xdf, 0xbd,  \
+        0xcd, 0xf3, 0x1f, 0xeb, 0x6e, 0x64, 0xca, 0x2b, 0x78, 0x4f, 0xf8, 0x73,  \
+        0xc2, 0x10, 0xef, 0x79, 0x95, 0x33, 0x1e, 0x79, 0x35, 0x09, 0xff, 0x88,  \
+        0x1b, 0xb4, 0x3e, 0x4c, 0xe1, 0x27, 0x2e, 0x75, 0x80, 0x58, 0x11, 0x03,  \
+        0x21, 0x23, 0x96, 0x9a, 0xb5, 0x02, 0x81, 0x80, 0x05, 0x12, 0x64, 0x71,  \
+        0x83, 0x00, 0x1c, 0xfe, 0xef, 0x83, 0xea, 0xdd, 0x2c, 0xc8, 0x2c, 0x00,  \
+        0x62, 0x1e, 0x8f, 0x3a, 0xdb, 0x1c, 0xab, 0xd6, 0x34, 0x8b, 0xd1, 0xb2,  \
+        0x5a, 0x4f, 0x3d, 0x37, 0x38, 0x02, 0xe0, 0xd7, 0x70, 0xc1, 0xb0, 0x47,  \
+        0xe0, 0x08, 0x1a, 0x84, 0xec, 0x48, 0xc5, 0x7c, 0x76, 0x83, 0x12, 0x67,  \
+        0xab, 0x7c, 0x9f, 0x90, 0x97, 0xc8, 0x8f, 0x07, 0xf4, 0xb3, 0x60, 0xf2,  \
+        0x3f, 0x49, 0x18, 0xdb, 0x2e, 0x94, 0x6b, 0x53, 0x9e, 0xa2, 0x63, 0xde,  \
+        0x63, 0xd9, 0xab, 0x21, 0x2e, 0x2d, 0x0a, 0xe0, 0xd0, 0xe8, 0xba, 0xc4,  \
+        0x4c, 0x1e, 0xa5, 0xf5, 0x51, 0xa8, 0xc4, 0x92, 0xf8, 0x7f, 0x21, 0xe7,  \
+        0x65, 0xbf, 0x0b, 0xe6, 0x01, 0xaf, 0x9c, 0x1d, 0x5b, 0x6c, 0x3f, 0x1c,  \
+        0x2f, 0xa6, 0x0f, 0x68, 0x38, 0x8e, 0x85, 0xc4, 0x6c, 0x78, 0x2f, 0x6f,  \
+        0x06, 0x21, 0x2e, 0x56                                                   \
+}
+/* END FILE */
+
+/*
+ * Test client Certificates
+ *
+ * Test client certificates are defined for each choice
+ * of the following parameters:
+ * - PEM or DER encoding
+ * - RSA or EC key
+ *
+ * Things to add:
+ * - hash type
+ * - multiple EC curve types
+ */
+
+/* This is taken from tests/data_files/cli2.crt. */
+/* BEGIN FILE string macro TEST_CLI_CRT_EC_PEM tests/data_files/cli2.crt */
+#define TEST_CLI_CRT_EC_PEM                                                \
+    "-----BEGIN CERTIFICATE-----\r\n"                                      \
+    "MIIB3zCCAWOgAwIBAgIBDTAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw\r\n" \
+    "DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJTU0wgVGVzdCBFQyBDQTAe\r\n" \
+    "Fw0xOTAyMTAxNDQ0MDBaFw0yOTAyMTAxNDQ0MDBaMEExCzAJBgNVBAYTAk5MMREw\r\n" \
+    "DwYDVQQKDAhQb2xhclNTTDEfMB0GA1UEAwwWUG9sYXJTU0wgVGVzdCBDbGllbnQg\r\n" \
+    "MjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFflrrFz39Osu5O4gf8Sru7mU6zO\r\n" \
+    "VVP2NA7MLuNjJQvfmOLzXGA2lsDVGBRw5X+f1UtFGOWwbNVc+JaPh3Cj5MejTTBL\r\n" \
+    "MAkGA1UdEwQCMAAwHQYDVR0OBBYEFHoAX4Zk/OBd5REQO7LmO8QmP8/iMB8GA1Ud\r\n" \
+    "IwQYMBaAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8MAwGCCqGSM49BAMCBQADaAAwZQIx\r\n" \
+    "AMqme4DKMldUlplDET9Q6Eptre7uUWKhsLOF+zPkKDlfzpIkJYEFgcloDHGYw80u\r\n" \
+    "IgIwNftyPXsabTqMM7iEHgVpX/GRozKklY9yQI/5eoA6gGW7Y+imuGR/oao5ySOb\r\n" \
+    "a9Vk\r\n"       \
+    "-----END CERTIFICATE-----\r\n"
+/* END FILE */
+
+/* This is generated from tests/data_files/cli2.crt.der using `xxd -i`. */
+/* BEGIN FILE binary macro TEST_CLI_CRT_EC_DER tests/data_files/cli2.crt.der */
+#define TEST_CLI_CRT_EC_DER {                                                \
+        0x30, 0x82, 0x01, 0xdf, 0x30, 0x82, 0x01, 0x63, 0xa0, 0x03, 0x02, 0x01,  \
+        0x02, 0x02, 0x01, 0x0d, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,  \
+        0x3d, 0x04, 0x03, 0x02, 0x05, 0x00, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09,  \
+        0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30,  \
+        0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61,  \
+        0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04,  \
+        0x03, 0x0c, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20,  \
+        0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e,  \
+        0x17, 0x0d, 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34,  \
+        0x30, 0x30, 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31,  \
+        0x34, 0x34, 0x34, 0x30, 0x30, 0x5a, 0x30, 0x41, 0x31, 0x0b, 0x30, 0x09,  \
+        0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30,  \
+        0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61,  \
+        0x72, 0x53, 0x53, 0x4c, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x04,  \
+        0x03, 0x0c, 0x16, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20,  \
+        0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x20,  \
+        0x32, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d,  \
+        0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07,  \
+        0x03, 0x42, 0x00, 0x04, 0x57, 0xe5, 0xae, 0xb1, 0x73, 0xdf, 0xd3, 0xac,  \
+        0xbb, 0x93, 0xb8, 0x81, 0xff, 0x12, 0xae, 0xee, 0xe6, 0x53, 0xac, 0xce,  \
+        0x55, 0x53, 0xf6, 0x34, 0x0e, 0xcc, 0x2e, 0xe3, 0x63, 0x25, 0x0b, 0xdf,  \
+        0x98, 0xe2, 0xf3, 0x5c, 0x60, 0x36, 0x96, 0xc0, 0xd5, 0x18, 0x14, 0x70,  \
+        0xe5, 0x7f, 0x9f, 0xd5, 0x4b, 0x45, 0x18, 0xe5, 0xb0, 0x6c, 0xd5, 0x5c,  \
+        0xf8, 0x96, 0x8f, 0x87, 0x70, 0xa3, 0xe4, 0xc7, 0xa3, 0x4d, 0x30, 0x4b,  \
+        0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30,  \
+        0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x7a, 0x00,  \
+        0x5f, 0x86, 0x64, 0xfc, 0xe0, 0x5d, 0xe5, 0x11, 0x10, 0x3b, 0xb2, 0xe6,  \
+        0x3b, 0xc4, 0x26, 0x3f, 0xcf, 0xe2, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d,  \
+        0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49,  \
+        0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb,  \
+        0xfb, 0x36, 0x7c, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,  \
+        0x04, 0x03, 0x02, 0x05, 0x00, 0x03, 0x68, 0x00, 0x30, 0x65, 0x02, 0x31,  \
+        0x00, 0xca, 0xa6, 0x7b, 0x80, 0xca, 0x32, 0x57, 0x54, 0x96, 0x99, 0x43,  \
+        0x11, 0x3f, 0x50, 0xe8, 0x4a, 0x6d, 0xad, 0xee, 0xee, 0x51, 0x62, 0xa1,  \
+        0xb0, 0xb3, 0x85, 0xfb, 0x33, 0xe4, 0x28, 0x39, 0x5f, 0xce, 0x92, 0x24,  \
+        0x25, 0x81, 0x05, 0x81, 0xc9, 0x68, 0x0c, 0x71, 0x98, 0xc3, 0xcd, 0x2e,  \
+        0x22, 0x02, 0x30, 0x35, 0xfb, 0x72, 0x3d, 0x7b, 0x1a, 0x6d, 0x3a, 0x8c,  \
+        0x33, 0xb8, 0x84, 0x1e, 0x05, 0x69, 0x5f, 0xf1, 0x91, 0xa3, 0x32, 0xa4,  \
+        0x95, 0x8f, 0x72, 0x40, 0x8f, 0xf9, 0x7a, 0x80, 0x3a, 0x80, 0x65, 0xbb,  \
+        0x63, 0xe8, 0xa6, 0xb8, 0x64, 0x7f, 0xa1, 0xaa, 0x39, 0xc9, 0x23, 0x9b,  \
+        0x6b, 0xd5, 0x64                           \
+}
+/* END FILE */
+
+/* This is taken from tests/data_files/cli2.key. */
+/* BEGIN FILE string macro TEST_CLI_KEY_EC_PEM tests/data_files/cli2.key */
+#define TEST_CLI_KEY_EC_PEM                                                \
+    "-----BEGIN EC PRIVATE KEY-----\r\n"                                   \
+    "MHcCAQEEIPb3hmTxZ3/mZI3vyk7p3U3wBf+WIop6hDhkFzJhmLcqoAoGCCqGSM49\r\n" \
+    "AwEHoUQDQgAEV+WusXPf06y7k7iB/xKu7uZTrM5VU/Y0Dswu42MlC9+Y4vNcYDaW\r\n" \
+    "wNUYFHDlf5/VS0UY5bBs1Vz4lo+HcKPkxw==\r\n"                             \
+    "-----END EC PRIVATE KEY-----\r\n"
+/* END FILE */
+
+/* This is generated from tests/data_files/cli2.key.der using `xxd -i`. */
+/* BEGIN FILE binary macro TEST_CLI_KEY_EC_DER tests/data_files/cli2.key.der */
+#define TEST_CLI_KEY_EC_DER {                                                \
+        0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xf6, 0xf7, 0x86, 0x64, 0xf1,  \
+        0x67, 0x7f, 0xe6, 0x64, 0x8d, 0xef, 0xca, 0x4e, 0xe9, 0xdd, 0x4d, 0xf0,  \
+        0x05, 0xff, 0x96, 0x22, 0x8a, 0x7a, 0x84, 0x38, 0x64, 0x17, 0x32, 0x61,  \
+        0x98, 0xb7, 0x2a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,  \
+        0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x57, 0xe5, 0xae,  \
+        0xb1, 0x73, 0xdf, 0xd3, 0xac, 0xbb, 0x93, 0xb8, 0x81, 0xff, 0x12, 0xae,  \
+        0xee, 0xe6, 0x53, 0xac, 0xce, 0x55, 0x53, 0xf6, 0x34, 0x0e, 0xcc, 0x2e,  \
+        0xe3, 0x63, 0x25, 0x0b, 0xdf, 0x98, 0xe2, 0xf3, 0x5c, 0x60, 0x36, 0x96,  \
+        0xc0, 0xd5, 0x18, 0x14, 0x70, 0xe5, 0x7f, 0x9f, 0xd5, 0x4b, 0x45, 0x18,  \
+        0xe5, 0xb0, 0x6c, 0xd5, 0x5c, 0xf8, 0x96, 0x8f, 0x87, 0x70, 0xa3, 0xe4,  \
+        0xc7                                                                     \
+}
+/* END FILE */
+
+/* This is taken from tests/data_files/cli-rsa-sha256.crt. */
+/* BEGIN FILE string macro TEST_CLI_CRT_RSA_PEM tests/data_files/cli-rsa-sha256.crt */
+#define TEST_CLI_CRT_RSA_PEM                                               \
+    "-----BEGIN CERTIFICATE-----\r\n"                                      \
+    "MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \
+    "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \
+    "MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G\r\n" \
+    "A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENsaWVudCAyMIIBIjAN\r\n" \
+    "BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f\r\n" \
+    "M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu\r\n" \
+    "1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw\r\n" \
+    "MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v\r\n" \
+    "4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/\r\n" \
+    "/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB\r\n" \
+    "o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf\r\n" \
+    "BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQsFAAOC\r\n" \
+    "AQEAXidv1d4pLlBiKWED95rMycBdgDcgyNqJxakFkRfRyA2y1mlyTn7uBXRkNLY5\r\n" \
+    "ZFzK82GCjk2Q2OD4RZSCPAJJqLpHHU34t71ciffvy2KK81YvrxczRhMAE64i+qna\r\n" \
+    "yP3Td2XuWJR05PVPoSemsNELs9gWttdnYy3ce+EY2Y0n7Rsi7982EeLIAA7H6ca4\r\n" \
+    "2Es/NUH//JZJT32OP0doMxeDRA+vplkKqTLLWf7dX26LIriBkBaRCgR5Yv9LBPFc\r\n" \
+    "NOtpzu/LbrY7QFXKJMI+JXDudCsOn8KCmiA4d6Emisqfh3V3485l7HEQNcvLTxlD\r\n" \
+    "6zDQyi0/ykYUYZkwQTK1N2Nvlw==\r\n"                                     \
+    "-----END CERTIFICATE-----\r\n"
+/* END FILE */
+
+/* This was generated from tests/data_files/cli-rsa-sha256.crt.der
+   using `xxd -i.` */
+/* BEGIN FILE binary macro TEST_CLI_CRT_RSA_DER tests/data_files/cli-rsa-sha256.crt.der */
+#define TEST_CLI_CRT_RSA_DER {                                               \
+        0x30, 0x82, 0x03, 0x3f, 0x30, 0x82, 0x02, 0x27, 0xa0, 0x03, 0x02, 0x01,   \
+        0x02, 0x02, 0x01, 0x04, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,   \
+        0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30,   \
+        0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11,   \
+        0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c,   \
+        0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55,   \
+        0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c,   \
+        0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d,   \
+        0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36,   \
+        0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34,   \
+        0x34, 0x30, 0x36, 0x5a, 0x30, 0x3c, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,   \
+        0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06,   \
+        0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53,   \
+        0x53, 0x4c, 0x31, 0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,   \
+        0x11, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x43, 0x6c,   \
+        0x69, 0x65, 0x6e, 0x74, 0x20, 0x32, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d,   \
+        0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,   \
+        0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82,   \
+        0x01, 0x01, 0x00, 0xc8, 0x74, 0xc4, 0xcc, 0xb9, 0xf9, 0xb5, 0x79, 0xe9,   \
+        0x45, 0xd9, 0x14, 0x60, 0xb0, 0x7d, 0xbb, 0x93, 0xf2, 0x6b, 0x1e, 0x9f,   \
+        0x33, 0xad, 0x0d, 0x8f, 0x8a, 0x3c, 0x56, 0x65, 0xe5, 0xdc, 0x44, 0xd9,   \
+        0xcc, 0x66, 0x85, 0x07, 0xd5, 0xf8, 0x27, 0xb0, 0x4a, 0x35, 0xd0, 0x63,   \
+        0x9e, 0x0a, 0x6e, 0x1b, 0xb7, 0xda, 0xf0, 0x7e, 0xab, 0xee, 0x0c, 0x10,   \
+        0x93, 0x86, 0x49, 0x18, 0x34, 0xf3, 0xa8, 0x2a, 0xd2, 0x57, 0xf5, 0x2e,   \
+        0xd4, 0x2f, 0x77, 0x29, 0x84, 0x61, 0x4d, 0x82, 0x50, 0x8f, 0xa7, 0x95,   \
+        0x48, 0x70, 0xf5, 0x6e, 0x4d, 0xb2, 0xd5, 0x13, 0xc3, 0xd2, 0x1a, 0xed,   \
+        0xe6, 0x43, 0xea, 0x42, 0x14, 0xeb, 0x74, 0xea, 0xc0, 0xed, 0x1f, 0xd4,   \
+        0x57, 0x4e, 0xa9, 0xf3, 0xa8, 0xed, 0xd2, 0xe0, 0xc1, 0x30, 0x71, 0x30,   \
+        0x32, 0x30, 0xd5, 0xd3, 0xf6, 0x08, 0xd0, 0x56, 0x4f, 0x46, 0x8e, 0xf2,   \
+        0x5f, 0xf9, 0x3d, 0x67, 0x91, 0x88, 0x30, 0x2e, 0x42, 0xb2, 0xdf, 0x7d,   \
+        0xfb, 0xe5, 0x0c, 0x77, 0xff, 0xec, 0x31, 0xc0, 0x78, 0x8f, 0xbf, 0xc2,   \
+        0x7f, 0xca, 0xad, 0x6c, 0x21, 0xd6, 0x8d, 0xd9, 0x8b, 0x6a, 0x8e, 0x6f,   \
+        0xe0, 0x9b, 0xf8, 0x10, 0x56, 0xcc, 0xb3, 0x8e, 0x13, 0x15, 0xe6, 0x34,   \
+        0x04, 0x66, 0xc7, 0xee, 0xf9, 0x36, 0x0e, 0x6a, 0x95, 0xf6, 0x09, 0x9a,   \
+        0x06, 0x67, 0xf4, 0x65, 0x71, 0xf8, 0xca, 0xa4, 0xb1, 0x25, 0xe0, 0xfe,   \
+        0x3c, 0x8b, 0x35, 0x04, 0x67, 0xba, 0xe0, 0x4f, 0x76, 0x85, 0xfc, 0x7f,   \
+        0xfc, 0x36, 0x6b, 0xb5, 0xe9, 0xcd, 0x2d, 0x03, 0x62, 0x4e, 0xb3, 0x3d,   \
+        0x00, 0xcf, 0xaf, 0x76, 0xa0, 0x69, 0x56, 0x83, 0x6a, 0xd2, 0xa8, 0xd4,   \
+        0xe7, 0x50, 0x71, 0xe6, 0xb5, 0x36, 0x05, 0x77, 0x05, 0x6d, 0x7b, 0xc8,   \
+        0xe4, 0xc4, 0xfd, 0x4c, 0xd5, 0x21, 0x5f, 0x02, 0x03, 0x01, 0x00, 0x01,   \
+        0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04,   \
+        0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16,   \
+        0x04, 0x14, 0x71, 0xa1, 0x00, 0x73, 0x72, 0x40, 0x2f, 0x54, 0x76, 0x5e,   \
+        0x33, 0xfc, 0x52, 0x8f, 0xbc, 0xf1, 0xdd, 0x6b, 0x46, 0x21, 0x30, 0x1f,   \
+        0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xb4,   \
+        0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, 0xa6, 0x95,   \
+        0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, 0x09, 0x2a,   \
+        0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82,   \
+        0x01, 0x01, 0x00, 0x5e, 0x27, 0x6f, 0xd5, 0xde, 0x29, 0x2e, 0x50, 0x62,   \
+        0x29, 0x61, 0x03, 0xf7, 0x9a, 0xcc, 0xc9, 0xc0, 0x5d, 0x80, 0x37, 0x20,   \
+        0xc8, 0xda, 0x89, 0xc5, 0xa9, 0x05, 0x91, 0x17, 0xd1, 0xc8, 0x0d, 0xb2,   \
+        0xd6, 0x69, 0x72, 0x4e, 0x7e, 0xee, 0x05, 0x74, 0x64, 0x34, 0xb6, 0x39,   \
+        0x64, 0x5c, 0xca, 0xf3, 0x61, 0x82, 0x8e, 0x4d, 0x90, 0xd8, 0xe0, 0xf8,   \
+        0x45, 0x94, 0x82, 0x3c, 0x02, 0x49, 0xa8, 0xba, 0x47, 0x1d, 0x4d, 0xf8,   \
+        0xb7, 0xbd, 0x5c, 0x89, 0xf7, 0xef, 0xcb, 0x62, 0x8a, 0xf3, 0x56, 0x2f,   \
+        0xaf, 0x17, 0x33, 0x46, 0x13, 0x00, 0x13, 0xae, 0x22, 0xfa, 0xa9, 0xda,   \
+        0xc8, 0xfd, 0xd3, 0x77, 0x65, 0xee, 0x58, 0x94, 0x74, 0xe4, 0xf5, 0x4f,   \
+        0xa1, 0x27, 0xa6, 0xb0, 0xd1, 0x0b, 0xb3, 0xd8, 0x16, 0xb6, 0xd7, 0x67,   \
+        0x63, 0x2d, 0xdc, 0x7b, 0xe1, 0x18, 0xd9, 0x8d, 0x27, 0xed, 0x1b, 0x22,   \
+        0xef, 0xdf, 0x36, 0x11, 0xe2, 0xc8, 0x00, 0x0e, 0xc7, 0xe9, 0xc6, 0xb8,   \
+        0xd8, 0x4b, 0x3f, 0x35, 0x41, 0xff, 0xfc, 0x96, 0x49, 0x4f, 0x7d, 0x8e,   \
+        0x3f, 0x47, 0x68, 0x33, 0x17, 0x83, 0x44, 0x0f, 0xaf, 0xa6, 0x59, 0x0a,   \
+        0xa9, 0x32, 0xcb, 0x59, 0xfe, 0xdd, 0x5f, 0x6e, 0x8b, 0x22, 0xb8, 0x81,   \
+        0x90, 0x16, 0x91, 0x0a, 0x04, 0x79, 0x62, 0xff, 0x4b, 0x04, 0xf1, 0x5c,   \
+        0x34, 0xeb, 0x69, 0xce, 0xef, 0xcb, 0x6e, 0xb6, 0x3b, 0x40, 0x55, 0xca,   \
+        0x24, 0xc2, 0x3e, 0x25, 0x70, 0xee, 0x74, 0x2b, 0x0e, 0x9f, 0xc2, 0x82,   \
+        0x9a, 0x20, 0x38, 0x77, 0xa1, 0x26, 0x8a, 0xca, 0x9f, 0x87, 0x75, 0x77,   \
+        0xe3, 0xce, 0x65, 0xec, 0x71, 0x10, 0x35, 0xcb, 0xcb, 0x4f, 0x19, 0x43,   \
+        0xeb, 0x30, 0xd0, 0xca, 0x2d, 0x3f, 0xca, 0x46, 0x14, 0x61, 0x99, 0x30,   \
+        0x41, 0x32, 0xb5, 0x37, 0x63, 0x6f, 0x97                                  \
+}
+/* END FILE */
+
+/* This is taken from tests/data_files/cli-rsa.key. */
+/* BEGIN FILE string macro TEST_CLI_KEY_RSA_PEM tests/data_files/cli-rsa.key */
+#define TEST_CLI_KEY_RSA_PEM                                               \
+    "-----BEGIN RSA PRIVATE KEY-----\r\n"                                  \
+    "MIIEpAIBAAKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6fM60Nj4o8VmXl3ETZzGaF\r\n" \
+    "B9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu1C93KYRhTYJQj6eVSHD1\r\n" \
+    "bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEwMjDV0/YI0FZPRo7yX/k9\r\n" \
+    "Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v4Jv4EFbMs44TFeY0BGbH\r\n" \
+    "7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx//DZrtenNLQNiTrM9AM+v\r\n" \
+    "dqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQABAoIBAGdNtfYDiap6bzst\r\n" \
+    "yhCiI8m9TtrhZw4MisaEaN/ll3XSjaOG2dvV6xMZCMV+5TeXDHOAZnY18Yi18vzz\r\n" \
+    "4Ut2TnNFzizCECYNaA2fST3WgInnxUkV3YXAyP6CNxJaCmv2aA0yFr2kFVSeaKGt\r\n" \
+    "ymvljNp2NVkvm7Th8fBQBO7I7AXhz43k0mR7XmPgewe8ApZOG3hstkOaMvbWAvWA\r\n" \
+    "zCZupdDjZYjOJqlA4eEA4H8/w7F83r5CugeBE8LgEREjLPiyejrU5H1fubEY+h0d\r\n" \
+    "l5HZBJ68ybTXfQ5U9o/QKA3dd0toBEhhdRUDGzWtjvwkEQfqF1reGWj/tod/gCpf\r\n" \
+    "DFi6X0ECgYEA4wOv/pjSC3ty6TuOvKX2rOUiBrLXXv2JSxZnMoMiWI5ipLQt+RYT\r\n" \
+    "VPafL/m7Dn6MbwjayOkcZhBwk5CNz5A6Q4lJ64Mq/lqHznRCQQ2Mc1G8eyDF/fYL\r\n" \
+    "Ze2pLvwP9VD5jTc2miDfw+MnvJhywRRLcemDFP8k4hQVtm8PMp3ZmNECgYEA4gz7\r\n" \
+    "wzObR4gn8ibe617uQPZjWzUj9dUHYd+in1gwBCIrtNnaRn9I9U/Q6tegRYpii4ys\r\n" \
+    "c176NmU+umy6XmuSKV5qD9bSpZWG2nLFnslrN15Lm3fhZxoeMNhBaEDTnLT26yoi\r\n" \
+    "33gp0mSSWy94ZEqipms+ULF6sY1ZtFW6tpGFoy8CgYAQHhnnvJflIs2ky4q10B60\r\n" \
+    "ZcxFp3rtDpkp0JxhFLhiizFrujMtZSjYNm5U7KkgPVHhLELEUvCmOnKTt4ap/vZ0\r\n" \
+    "BxJNe1GZH3pW6SAvGDQpl9sG7uu/vTFP+lCxukmzxB0DrrDcvorEkKMom7ZCCRvW\r\n" \
+    "KZsZ6YeH2Z81BauRj218kQKBgQCUV/DgKP2985xDTT79N08jUo3hTP5MVYCCuj/+\r\n" \
+    "UeEw1TvZcx3LJby7P6Xad6a1/BqveaGyFKIfEFIaBUBItk801sDDpDaYc4gL00Xc\r\n" \
+    "7lFuBHOZkxJYlss5QrGpuOEl9ZwUt5IrFLBdYaKqNHzNVC1pCPfb/JyH6Dr2HUxq\r\n" \
+    "gxUwAQKBgQCcU6G2L8AG9d9c0UpOyL1tMvFe5Ttw0KjlQVdsh1MP6yigYo9DYuwu\r\n" \
+    "bHFVW2r0dBTqegP2/KTOxKzaHfC1qf0RGDsUoJCNJrd1cwoCLG8P2EF4w3OBrKqv\r\n" \
+    "8u4ytY0F+Vlanj5lm3TaoHSVF1+NWPyOTiwevIECGKwSxvlki4fDAA==\r\n"         \
+    "-----END RSA PRIVATE KEY-----\r\n"/* END FILE */
+
+/* This was generated from tests/data_files/cli-rsa.key.der using `xxd -i`. */
+/* BEGIN FILE binary macro TEST_CLI_KEY_RSA_DER tests/data_files/cli-rsa.key.der */
+#define TEST_CLI_KEY_RSA_DER {                                               \
+        0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,  \
+        0xc8, 0x74, 0xc4, 0xcc, 0xb9, 0xf9, 0xb5, 0x79, 0xe9, 0x45, 0xd9, 0x14,  \
+        0x60, 0xb0, 0x7d, 0xbb, 0x93, 0xf2, 0x6b, 0x1e, 0x9f, 0x33, 0xad, 0x0d,  \
+        0x8f, 0x8a, 0x3c, 0x56, 0x65, 0xe5, 0xdc, 0x44, 0xd9, 0xcc, 0x66, 0x85,  \
+        0x07, 0xd5, 0xf8, 0x27, 0xb0, 0x4a, 0x35, 0xd0, 0x63, 0x9e, 0x0a, 0x6e,  \
+        0x1b, 0xb7, 0xda, 0xf0, 0x7e, 0xab, 0xee, 0x0c, 0x10, 0x93, 0x86, 0x49,  \
+        0x18, 0x34, 0xf3, 0xa8, 0x2a, 0xd2, 0x57, 0xf5, 0x2e, 0xd4, 0x2f, 0x77,  \
+        0x29, 0x84, 0x61, 0x4d, 0x82, 0x50, 0x8f, 0xa7, 0x95, 0x48, 0x70, 0xf5,  \
+        0x6e, 0x4d, 0xb2, 0xd5, 0x13, 0xc3, 0xd2, 0x1a, 0xed, 0xe6, 0x43, 0xea,  \
+        0x42, 0x14, 0xeb, 0x74, 0xea, 0xc0, 0xed, 0x1f, 0xd4, 0x57, 0x4e, 0xa9,  \
+        0xf3, 0xa8, 0xed, 0xd2, 0xe0, 0xc1, 0x30, 0x71, 0x30, 0x32, 0x30, 0xd5,  \
+        0xd3, 0xf6, 0x08, 0xd0, 0x56, 0x4f, 0x46, 0x8e, 0xf2, 0x5f, 0xf9, 0x3d,  \
+        0x67, 0x91, 0x88, 0x30, 0x2e, 0x42, 0xb2, 0xdf, 0x7d, 0xfb, 0xe5, 0x0c,  \
+        0x77, 0xff, 0xec, 0x31, 0xc0, 0x78, 0x8f, 0xbf, 0xc2, 0x7f, 0xca, 0xad,  \
+        0x6c, 0x21, 0xd6, 0x8d, 0xd9, 0x8b, 0x6a, 0x8e, 0x6f, 0xe0, 0x9b, 0xf8,  \
+        0x10, 0x56, 0xcc, 0xb3, 0x8e, 0x13, 0x15, 0xe6, 0x34, 0x04, 0x66, 0xc7,  \
+        0xee, 0xf9, 0x36, 0x0e, 0x6a, 0x95, 0xf6, 0x09, 0x9a, 0x06, 0x67, 0xf4,  \
+        0x65, 0x71, 0xf8, 0xca, 0xa4, 0xb1, 0x25, 0xe0, 0xfe, 0x3c, 0x8b, 0x35,  \
+        0x04, 0x67, 0xba, 0xe0, 0x4f, 0x76, 0x85, 0xfc, 0x7f, 0xfc, 0x36, 0x6b,  \
+        0xb5, 0xe9, 0xcd, 0x2d, 0x03, 0x62, 0x4e, 0xb3, 0x3d, 0x00, 0xcf, 0xaf,  \
+        0x76, 0xa0, 0x69, 0x56, 0x83, 0x6a, 0xd2, 0xa8, 0xd4, 0xe7, 0x50, 0x71,  \
+        0xe6, 0xb5, 0x36, 0x05, 0x77, 0x05, 0x6d, 0x7b, 0xc8, 0xe4, 0xc4, 0xfd,  \
+        0x4c, 0xd5, 0x21, 0x5f, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,  \
+        0x00, 0x67, 0x4d, 0xb5, 0xf6, 0x03, 0x89, 0xaa, 0x7a, 0x6f, 0x3b, 0x2d,  \
+        0xca, 0x10, 0xa2, 0x23, 0xc9, 0xbd, 0x4e, 0xda, 0xe1, 0x67, 0x0e, 0x0c,  \
+        0x8a, 0xc6, 0x84, 0x68, 0xdf, 0xe5, 0x97, 0x75, 0xd2, 0x8d, 0xa3, 0x86,  \
+        0xd9, 0xdb, 0xd5, 0xeb, 0x13, 0x19, 0x08, 0xc5, 0x7e, 0xe5, 0x37, 0x97,  \
+        0x0c, 0x73, 0x80, 0x66, 0x76, 0x35, 0xf1, 0x88, 0xb5, 0xf2, 0xfc, 0xf3,  \
+        0xe1, 0x4b, 0x76, 0x4e, 0x73, 0x45, 0xce, 0x2c, 0xc2, 0x10, 0x26, 0x0d,  \
+        0x68, 0x0d, 0x9f, 0x49, 0x3d, 0xd6, 0x80, 0x89, 0xe7, 0xc5, 0x49, 0x15,  \
+        0xdd, 0x85, 0xc0, 0xc8, 0xfe, 0x82, 0x37, 0x12, 0x5a, 0x0a, 0x6b, 0xf6,  \
+        0x68, 0x0d, 0x32, 0x16, 0xbd, 0xa4, 0x15, 0x54, 0x9e, 0x68, 0xa1, 0xad,  \
+        0xca, 0x6b, 0xe5, 0x8c, 0xda, 0x76, 0x35, 0x59, 0x2f, 0x9b, 0xb4, 0xe1,  \
+        0xf1, 0xf0, 0x50, 0x04, 0xee, 0xc8, 0xec, 0x05, 0xe1, 0xcf, 0x8d, 0xe4,  \
+        0xd2, 0x64, 0x7b, 0x5e, 0x63, 0xe0, 0x7b, 0x07, 0xbc, 0x02, 0x96, 0x4e,  \
+        0x1b, 0x78, 0x6c, 0xb6, 0x43, 0x9a, 0x32, 0xf6, 0xd6, 0x02, 0xf5, 0x80,  \
+        0xcc, 0x26, 0x6e, 0xa5, 0xd0, 0xe3, 0x65, 0x88, 0xce, 0x26, 0xa9, 0x40,  \
+        0xe1, 0xe1, 0x00, 0xe0, 0x7f, 0x3f, 0xc3, 0xb1, 0x7c, 0xde, 0xbe, 0x42,  \
+        0xba, 0x07, 0x81, 0x13, 0xc2, 0xe0, 0x11, 0x11, 0x23, 0x2c, 0xf8, 0xb2,  \
+        0x7a, 0x3a, 0xd4, 0xe4, 0x7d, 0x5f, 0xb9, 0xb1, 0x18, 0xfa, 0x1d, 0x1d,  \
+        0x97, 0x91, 0xd9, 0x04, 0x9e, 0xbc, 0xc9, 0xb4, 0xd7, 0x7d, 0x0e, 0x54,  \
+        0xf6, 0x8f, 0xd0, 0x28, 0x0d, 0xdd, 0x77, 0x4b, 0x68, 0x04, 0x48, 0x61,  \
+        0x75, 0x15, 0x03, 0x1b, 0x35, 0xad, 0x8e, 0xfc, 0x24, 0x11, 0x07, 0xea,  \
+        0x17, 0x5a, 0xde, 0x19, 0x68, 0xff, 0xb6, 0x87, 0x7f, 0x80, 0x2a, 0x5f,  \
+        0x0c, 0x58, 0xba, 0x5f, 0x41, 0x02, 0x81, 0x81, 0x00, 0xe3, 0x03, 0xaf,  \
+        0xfe, 0x98, 0xd2, 0x0b, 0x7b, 0x72, 0xe9, 0x3b, 0x8e, 0xbc, 0xa5, 0xf6,  \
+        0xac, 0xe5, 0x22, 0x06, 0xb2, 0xd7, 0x5e, 0xfd, 0x89, 0x4b, 0x16, 0x67,  \
+        0x32, 0x83, 0x22, 0x58, 0x8e, 0x62, 0xa4, 0xb4, 0x2d, 0xf9, 0x16, 0x13,  \
+        0x54, 0xf6, 0x9f, 0x2f, 0xf9, 0xbb, 0x0e, 0x7e, 0x8c, 0x6f, 0x08, 0xda,  \
+        0xc8, 0xe9, 0x1c, 0x66, 0x10, 0x70, 0x93, 0x90, 0x8d, 0xcf, 0x90, 0x3a,  \
+        0x43, 0x89, 0x49, 0xeb, 0x83, 0x2a, 0xfe, 0x5a, 0x87, 0xce, 0x74, 0x42,  \
+        0x41, 0x0d, 0x8c, 0x73, 0x51, 0xbc, 0x7b, 0x20, 0xc5, 0xfd, 0xf6, 0x0b,  \
+        0x65, 0xed, 0xa9, 0x2e, 0xfc, 0x0f, 0xf5, 0x50, 0xf9, 0x8d, 0x37, 0x36,  \
+        0x9a, 0x20, 0xdf, 0xc3, 0xe3, 0x27, 0xbc, 0x98, 0x72, 0xc1, 0x14, 0x4b,  \
+        0x71, 0xe9, 0x83, 0x14, 0xff, 0x24, 0xe2, 0x14, 0x15, 0xb6, 0x6f, 0x0f,  \
+        0x32, 0x9d, 0xd9, 0x98, 0xd1, 0x02, 0x81, 0x81, 0x00, 0xe2, 0x0c, 0xfb,  \
+        0xc3, 0x33, 0x9b, 0x47, 0x88, 0x27, 0xf2, 0x26, 0xde, 0xeb, 0x5e, 0xee,  \
+        0x40, 0xf6, 0x63, 0x5b, 0x35, 0x23, 0xf5, 0xd5, 0x07, 0x61, 0xdf, 0xa2,  \
+        0x9f, 0x58, 0x30, 0x04, 0x22, 0x2b, 0xb4, 0xd9, 0xda, 0x46, 0x7f, 0x48,  \
+        0xf5, 0x4f, 0xd0, 0xea, 0xd7, 0xa0, 0x45, 0x8a, 0x62, 0x8b, 0x8c, 0xac,  \
+        0x73, 0x5e, 0xfa, 0x36, 0x65, 0x3e, 0xba, 0x6c, 0xba, 0x5e, 0x6b, 0x92,  \
+        0x29, 0x5e, 0x6a, 0x0f, 0xd6, 0xd2, 0xa5, 0x95, 0x86, 0xda, 0x72, 0xc5,  \
+        0x9e, 0xc9, 0x6b, 0x37, 0x5e, 0x4b, 0x9b, 0x77, 0xe1, 0x67, 0x1a, 0x1e,  \
+        0x30, 0xd8, 0x41, 0x68, 0x40, 0xd3, 0x9c, 0xb4, 0xf6, 0xeb, 0x2a, 0x22,  \
+        0xdf, 0x78, 0x29, 0xd2, 0x64, 0x92, 0x5b, 0x2f, 0x78, 0x64, 0x4a, 0xa2,  \
+        0xa6, 0x6b, 0x3e, 0x50, 0xb1, 0x7a, 0xb1, 0x8d, 0x59, 0xb4, 0x55, 0xba,  \
+        0xb6, 0x91, 0x85, 0xa3, 0x2f, 0x02, 0x81, 0x80, 0x10, 0x1e, 0x19, 0xe7,  \
+        0xbc, 0x97, 0xe5, 0x22, 0xcd, 0xa4, 0xcb, 0x8a, 0xb5, 0xd0, 0x1e, 0xb4,  \
+        0x65, 0xcc, 0x45, 0xa7, 0x7a, 0xed, 0x0e, 0x99, 0x29, 0xd0, 0x9c, 0x61,  \
+        0x14, 0xb8, 0x62, 0x8b, 0x31, 0x6b, 0xba, 0x33, 0x2d, 0x65, 0x28, 0xd8,  \
+        0x36, 0x6e, 0x54, 0xec, 0xa9, 0x20, 0x3d, 0x51, 0xe1, 0x2c, 0x42, 0xc4,  \
+        0x52, 0xf0, 0xa6, 0x3a, 0x72, 0x93, 0xb7, 0x86, 0xa9, 0xfe, 0xf6, 0x74,  \
+        0x07, 0x12, 0x4d, 0x7b, 0x51, 0x99, 0x1f, 0x7a, 0x56, 0xe9, 0x20, 0x2f,  \
+        0x18, 0x34, 0x29, 0x97, 0xdb, 0x06, 0xee, 0xeb, 0xbf, 0xbd, 0x31, 0x4f,  \
+        0xfa, 0x50, 0xb1, 0xba, 0x49, 0xb3, 0xc4, 0x1d, 0x03, 0xae, 0xb0, 0xdc,  \
+        0xbe, 0x8a, 0xc4, 0x90, 0xa3, 0x28, 0x9b, 0xb6, 0x42, 0x09, 0x1b, 0xd6,  \
+        0x29, 0x9b, 0x19, 0xe9, 0x87, 0x87, 0xd9, 0x9f, 0x35, 0x05, 0xab, 0x91,  \
+        0x8f, 0x6d, 0x7c, 0x91, 0x02, 0x81, 0x81, 0x00, 0x94, 0x57, 0xf0, 0xe0,  \
+        0x28, 0xfd, 0xbd, 0xf3, 0x9c, 0x43, 0x4d, 0x3e, 0xfd, 0x37, 0x4f, 0x23,  \
+        0x52, 0x8d, 0xe1, 0x4c, 0xfe, 0x4c, 0x55, 0x80, 0x82, 0xba, 0x3f, 0xfe,  \
+        0x51, 0xe1, 0x30, 0xd5, 0x3b, 0xd9, 0x73, 0x1d, 0xcb, 0x25, 0xbc, 0xbb,  \
+        0x3f, 0xa5, 0xda, 0x77, 0xa6, 0xb5, 0xfc, 0x1a, 0xaf, 0x79, 0xa1, 0xb2,  \
+        0x14, 0xa2, 0x1f, 0x10, 0x52, 0x1a, 0x05, 0x40, 0x48, 0xb6, 0x4f, 0x34,  \
+        0xd6, 0xc0, 0xc3, 0xa4, 0x36, 0x98, 0x73, 0x88, 0x0b, 0xd3, 0x45, 0xdc,  \
+        0xee, 0x51, 0x6e, 0x04, 0x73, 0x99, 0x93, 0x12, 0x58, 0x96, 0xcb, 0x39,  \
+        0x42, 0xb1, 0xa9, 0xb8, 0xe1, 0x25, 0xf5, 0x9c, 0x14, 0xb7, 0x92, 0x2b,  \
+        0x14, 0xb0, 0x5d, 0x61, 0xa2, 0xaa, 0x34, 0x7c, 0xcd, 0x54, 0x2d, 0x69,  \
+        0x08, 0xf7, 0xdb, 0xfc, 0x9c, 0x87, 0xe8, 0x3a, 0xf6, 0x1d, 0x4c, 0x6a,  \
+        0x83, 0x15, 0x30, 0x01, 0x02, 0x81, 0x81, 0x00, 0x9c, 0x53, 0xa1, 0xb6,  \
+        0x2f, 0xc0, 0x06, 0xf5, 0xdf, 0x5c, 0xd1, 0x4a, 0x4e, 0xc8, 0xbd, 0x6d,  \
+        0x32, 0xf1, 0x5e, 0xe5, 0x3b, 0x70, 0xd0, 0xa8, 0xe5, 0x41, 0x57, 0x6c,  \
+        0x87, 0x53, 0x0f, 0xeb, 0x28, 0xa0, 0x62, 0x8f, 0x43, 0x62, 0xec, 0x2e,  \
+        0x6c, 0x71, 0x55, 0x5b, 0x6a, 0xf4, 0x74, 0x14, 0xea, 0x7a, 0x03, 0xf6,  \
+        0xfc, 0xa4, 0xce, 0xc4, 0xac, 0xda, 0x1d, 0xf0, 0xb5, 0xa9, 0xfd, 0x11,  \
+        0x18, 0x3b, 0x14, 0xa0, 0x90, 0x8d, 0x26, 0xb7, 0x75, 0x73, 0x0a, 0x02,  \
+        0x2c, 0x6f, 0x0f, 0xd8, 0x41, 0x78, 0xc3, 0x73, 0x81, 0xac, 0xaa, 0xaf,  \
+        0xf2, 0xee, 0x32, 0xb5, 0x8d, 0x05, 0xf9, 0x59, 0x5a, 0x9e, 0x3e, 0x65,  \
+        0x9b, 0x74, 0xda, 0xa0, 0x74, 0x95, 0x17, 0x5f, 0x8d, 0x58, 0xfc, 0x8e,  \
+        0x4e, 0x2c, 0x1e, 0xbc, 0x81, 0x02, 0x18, 0xac, 0x12, 0xc6, 0xf9, 0x64,  \
+        0x8b, 0x87, 0xc3, 0x00                                                   \
+}
+/* END FILE */
+
+/*
+ *
+ * Test certificates and keys as C variables
+ *
+ */
+
+/*
+ * CA
+ */
+
+const char mbedtls_test_ca_crt_ec_pem[]           = TEST_CA_CRT_EC_PEM;
+const char mbedtls_test_ca_key_ec_pem[]           = TEST_CA_KEY_EC_PEM;
+const char mbedtls_test_ca_pwd_ec_pem[]           = TEST_CA_PWD_EC_PEM;
+const char mbedtls_test_ca_key_rsa_pem[]          = TEST_CA_KEY_RSA_PEM;
+const char mbedtls_test_ca_pwd_rsa_pem[]          = TEST_CA_PWD_RSA_PEM;
+const char mbedtls_test_ca_crt_rsa_sha1_pem[]     = TEST_CA_CRT_RSA_SHA1_PEM;
+const char mbedtls_test_ca_crt_rsa_sha256_pem[]   = TEST_CA_CRT_RSA_SHA256_PEM;
+
+const unsigned char mbedtls_test_ca_crt_ec_der[]   = TEST_CA_CRT_EC_DER;
+const unsigned char mbedtls_test_ca_key_ec_der[]   = TEST_CA_KEY_EC_DER;
+const unsigned char mbedtls_test_ca_key_rsa_der[]  = TEST_CA_KEY_RSA_DER;
+const unsigned char mbedtls_test_ca_crt_rsa_sha1_der[]   =
+    TEST_CA_CRT_RSA_SHA1_DER;
+const unsigned char mbedtls_test_ca_crt_rsa_sha256_der[] =
+    TEST_CA_CRT_RSA_SHA256_DER;
+
+const size_t mbedtls_test_ca_crt_ec_pem_len =
+    sizeof(mbedtls_test_ca_crt_ec_pem);
+const size_t mbedtls_test_ca_key_ec_pem_len =
+    sizeof(mbedtls_test_ca_key_ec_pem);
+const size_t mbedtls_test_ca_pwd_ec_pem_len =
+    sizeof(mbedtls_test_ca_pwd_ec_pem) - 1;
+const size_t mbedtls_test_ca_key_rsa_pem_len =
+    sizeof(mbedtls_test_ca_key_rsa_pem);
+const size_t mbedtls_test_ca_pwd_rsa_pem_len =
+    sizeof(mbedtls_test_ca_pwd_rsa_pem) - 1;
+const size_t mbedtls_test_ca_crt_rsa_sha1_pem_len =
+    sizeof(mbedtls_test_ca_crt_rsa_sha1_pem);
+const size_t mbedtls_test_ca_crt_rsa_sha256_pem_len =
+    sizeof(mbedtls_test_ca_crt_rsa_sha256_pem);
+
+const size_t mbedtls_test_ca_crt_ec_der_len =
+    sizeof(mbedtls_test_ca_crt_ec_der);
+const size_t mbedtls_test_ca_key_ec_der_len =
+    sizeof(mbedtls_test_ca_key_ec_der);
+const size_t mbedtls_test_ca_pwd_ec_der_len = 0;
+const size_t mbedtls_test_ca_key_rsa_der_len =
+    sizeof(mbedtls_test_ca_key_rsa_der);
+const size_t mbedtls_test_ca_pwd_rsa_der_len = 0;
+const size_t mbedtls_test_ca_crt_rsa_sha1_der_len =
+    sizeof(mbedtls_test_ca_crt_rsa_sha1_der);
+const size_t mbedtls_test_ca_crt_rsa_sha256_der_len =
+    sizeof(mbedtls_test_ca_crt_rsa_sha256_der);
+
+/*
+ * Server
+ */
+
+const char mbedtls_test_srv_crt_ec_pem[]           = TEST_SRV_CRT_EC_PEM;
+const char mbedtls_test_srv_key_ec_pem[]           = TEST_SRV_KEY_EC_PEM;
+const char mbedtls_test_srv_pwd_ec_pem[]           = "";
+const char mbedtls_test_srv_key_rsa_pem[]          = TEST_SRV_KEY_RSA_PEM;
+const char mbedtls_test_srv_pwd_rsa_pem[]          = "";
+const char mbedtls_test_srv_crt_rsa_sha1_pem[]     = TEST_SRV_CRT_RSA_SHA1_PEM;
+const char mbedtls_test_srv_crt_rsa_sha256_pem[]   = TEST_SRV_CRT_RSA_SHA256_PEM;
+
+const unsigned char mbedtls_test_srv_crt_ec_der[]   = TEST_SRV_CRT_EC_DER;
+const unsigned char mbedtls_test_srv_key_ec_der[]   = TEST_SRV_KEY_EC_DER;
+const unsigned char mbedtls_test_srv_key_rsa_der[]  = TEST_SRV_KEY_RSA_DER;
+const unsigned char mbedtls_test_srv_crt_rsa_sha1_der[]   =
+    TEST_SRV_CRT_RSA_SHA1_DER;
+const unsigned char mbedtls_test_srv_crt_rsa_sha256_der[] =
+    TEST_SRV_CRT_RSA_SHA256_DER;
+
+const size_t mbedtls_test_srv_crt_ec_pem_len =
+    sizeof(mbedtls_test_srv_crt_ec_pem);
+const size_t mbedtls_test_srv_key_ec_pem_len =
+    sizeof(mbedtls_test_srv_key_ec_pem);
+const size_t mbedtls_test_srv_pwd_ec_pem_len =
+    sizeof(mbedtls_test_srv_pwd_ec_pem) - 1;
+const size_t mbedtls_test_srv_key_rsa_pem_len =
+    sizeof(mbedtls_test_srv_key_rsa_pem);
+const size_t mbedtls_test_srv_pwd_rsa_pem_len =
+    sizeof(mbedtls_test_srv_pwd_rsa_pem) - 1;
+const size_t mbedtls_test_srv_crt_rsa_sha1_pem_len =
+    sizeof(mbedtls_test_srv_crt_rsa_sha1_pem);
+const size_t mbedtls_test_srv_crt_rsa_sha256_pem_len =
+    sizeof(mbedtls_test_srv_crt_rsa_sha256_pem);
+
+const size_t mbedtls_test_srv_crt_ec_der_len =
+    sizeof(mbedtls_test_srv_crt_ec_der);
+const size_t mbedtls_test_srv_key_ec_der_len =
+    sizeof(mbedtls_test_srv_key_ec_der);
+const size_t mbedtls_test_srv_pwd_ec_der_len = 0;
+const size_t mbedtls_test_srv_key_rsa_der_len =
+    sizeof(mbedtls_test_srv_key_rsa_der);
+const size_t mbedtls_test_srv_pwd_rsa_der_len = 0;
+const size_t mbedtls_test_srv_crt_rsa_sha1_der_len =
+    sizeof(mbedtls_test_srv_crt_rsa_sha1_der);
+const size_t mbedtls_test_srv_crt_rsa_sha256_der_len =
+    sizeof(mbedtls_test_srv_crt_rsa_sha256_der);
+
+/*
+ * Client
+ */
+
+const char mbedtls_test_cli_crt_ec_pem[]   = TEST_CLI_CRT_EC_PEM;
+const char mbedtls_test_cli_key_ec_pem[]   = TEST_CLI_KEY_EC_PEM;
+const char mbedtls_test_cli_pwd_ec_pem[]   = "";
+const char mbedtls_test_cli_key_rsa_pem[]  = TEST_CLI_KEY_RSA_PEM;
+const char mbedtls_test_cli_pwd_rsa_pem[]  = "";
+const char mbedtls_test_cli_crt_rsa_pem[]  = TEST_CLI_CRT_RSA_PEM;
+
+const unsigned char mbedtls_test_cli_crt_ec_der[]   = TEST_CLI_CRT_EC_DER;
+const unsigned char mbedtls_test_cli_key_ec_der[]   = TEST_CLI_KEY_EC_DER;
+const unsigned char mbedtls_test_cli_key_rsa_der[]  = TEST_CLI_KEY_RSA_DER;
+const unsigned char mbedtls_test_cli_crt_rsa_der[]  = TEST_CLI_CRT_RSA_DER;
+
+const size_t mbedtls_test_cli_crt_ec_pem_len =
+    sizeof(mbedtls_test_cli_crt_ec_pem);
+const size_t mbedtls_test_cli_key_ec_pem_len =
+    sizeof(mbedtls_test_cli_key_ec_pem);
+const size_t mbedtls_test_cli_pwd_ec_pem_len =
+    sizeof(mbedtls_test_cli_pwd_ec_pem) - 1;
+const size_t mbedtls_test_cli_key_rsa_pem_len =
+    sizeof(mbedtls_test_cli_key_rsa_pem);
+const size_t mbedtls_test_cli_pwd_rsa_pem_len =
+    sizeof(mbedtls_test_cli_pwd_rsa_pem) - 1;
+const size_t mbedtls_test_cli_crt_rsa_pem_len =
+    sizeof(mbedtls_test_cli_crt_rsa_pem);
+
+const size_t mbedtls_test_cli_crt_ec_der_len =
+    sizeof(mbedtls_test_cli_crt_ec_der);
+const size_t mbedtls_test_cli_key_ec_der_len =
+    sizeof(mbedtls_test_cli_key_ec_der);
+const size_t mbedtls_test_cli_key_rsa_der_len =
+    sizeof(mbedtls_test_cli_key_rsa_der);
+const size_t mbedtls_test_cli_crt_rsa_der_len =
+    sizeof(mbedtls_test_cli_crt_rsa_der);
+
+/*
+ *
+ * Definitions of test CRTs without specification of all parameters, choosing
+ * them automatically according to the config. For example, mbedtls_test_ca_crt
+ * is one of mbedtls_test_ca_crt_{rsa|ec}_{sha1|sha256}_{pem|der}.
+ *
+ */
+
+/*
+ * Dispatch between PEM and DER according to config
+ */
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+
+/* PEM encoded test CA certificates and keys */
+
+#define TEST_CA_KEY_RSA        TEST_CA_KEY_RSA_PEM
+#define TEST_CA_PWD_RSA        TEST_CA_PWD_RSA_PEM
+#define TEST_CA_CRT_RSA_SHA256 TEST_CA_CRT_RSA_SHA256_PEM
+#define TEST_CA_CRT_RSA_SHA1   TEST_CA_CRT_RSA_SHA1_PEM
+#define TEST_CA_KEY_EC         TEST_CA_KEY_EC_PEM
+#define TEST_CA_PWD_EC         TEST_CA_PWD_EC_PEM
+#define TEST_CA_CRT_EC         TEST_CA_CRT_EC_PEM
+
+/* PEM encoded test server certificates and keys */
+
+#define TEST_SRV_KEY_RSA        TEST_SRV_KEY_RSA_PEM
+#define TEST_SRV_PWD_RSA        ""
+#define TEST_SRV_CRT_RSA_SHA256 TEST_SRV_CRT_RSA_SHA256_PEM
+#define TEST_SRV_CRT_RSA_SHA1   TEST_SRV_CRT_RSA_SHA1_PEM
+#define TEST_SRV_KEY_EC         TEST_SRV_KEY_EC_PEM
+#define TEST_SRV_PWD_EC         ""
+#define TEST_SRV_CRT_EC         TEST_SRV_CRT_EC_PEM
+
+/* PEM encoded test client certificates and keys */
+
+#define TEST_CLI_KEY_RSA  TEST_CLI_KEY_RSA_PEM
+#define TEST_CLI_PWD_RSA  ""
+#define TEST_CLI_CRT_RSA  TEST_CLI_CRT_RSA_PEM
+#define TEST_CLI_KEY_EC   TEST_CLI_KEY_EC_PEM
+#define TEST_CLI_PWD_EC   ""
+#define TEST_CLI_CRT_EC   TEST_CLI_CRT_EC_PEM
+
+#else /* MBEDTLS_PEM_PARSE_C */
+
+/* DER encoded test CA certificates and keys */
+
+#define TEST_CA_KEY_RSA        TEST_CA_KEY_RSA_DER
+#define TEST_CA_PWD_RSA        ""
+#define TEST_CA_CRT_RSA_SHA256 TEST_CA_CRT_RSA_SHA256_DER
+#define TEST_CA_CRT_RSA_SHA1   TEST_CA_CRT_RSA_SHA1_DER
+#define TEST_CA_KEY_EC         TEST_CA_KEY_EC_DER
+#define TEST_CA_PWD_EC         ""
+#define TEST_CA_CRT_EC         TEST_CA_CRT_EC_DER
+
+/* DER encoded test server certificates and keys */
+
+#define TEST_SRV_KEY_RSA        TEST_SRV_KEY_RSA_DER
+#define TEST_SRV_PWD_RSA        ""
+#define TEST_SRV_CRT_RSA_SHA256 TEST_SRV_CRT_RSA_SHA256_DER
+#define TEST_SRV_CRT_RSA_SHA1   TEST_SRV_CRT_RSA_SHA1_DER
+#define TEST_SRV_KEY_EC         TEST_SRV_KEY_EC_DER
+#define TEST_SRV_PWD_EC         ""
+#define TEST_SRV_CRT_EC         TEST_SRV_CRT_EC_DER
+
+/* DER encoded test client certificates and keys */
+
+#define TEST_CLI_KEY_RSA  TEST_CLI_KEY_RSA_DER
+#define TEST_CLI_PWD_RSA  ""
+#define TEST_CLI_CRT_RSA  TEST_CLI_CRT_RSA_DER
+#define TEST_CLI_KEY_EC   TEST_CLI_KEY_EC_DER
+#define TEST_CLI_PWD_EC   ""
+#define TEST_CLI_CRT_EC   TEST_CLI_CRT_EC_DER
+
+#endif /* MBEDTLS_PEM_PARSE_C */
+
+const char mbedtls_test_ca_key_rsa[]         = TEST_CA_KEY_RSA;
+const char mbedtls_test_ca_pwd_rsa[]         = TEST_CA_PWD_RSA;
+const char mbedtls_test_ca_crt_rsa_sha256[]  = TEST_CA_CRT_RSA_SHA256;
+const char mbedtls_test_ca_crt_rsa_sha1[]    = TEST_CA_CRT_RSA_SHA1;
+const char mbedtls_test_ca_key_ec[]          = TEST_CA_KEY_EC;
+const char mbedtls_test_ca_pwd_ec[]          = TEST_CA_PWD_EC;
+const char mbedtls_test_ca_crt_ec[]          = TEST_CA_CRT_EC;
+
+const char mbedtls_test_srv_key_rsa[]        = TEST_SRV_KEY_RSA;
+const char mbedtls_test_srv_pwd_rsa[]        = TEST_SRV_PWD_RSA;
+const char mbedtls_test_srv_crt_rsa_sha256[] = TEST_SRV_CRT_RSA_SHA256;
+const char mbedtls_test_srv_crt_rsa_sha1[]   = TEST_SRV_CRT_RSA_SHA1;
+const char mbedtls_test_srv_key_ec[]         = TEST_SRV_KEY_EC;
+const char mbedtls_test_srv_pwd_ec[]         = TEST_SRV_PWD_EC;
+const char mbedtls_test_srv_crt_ec[]         = TEST_SRV_CRT_EC;
+
+const char mbedtls_test_cli_key_rsa[]        = TEST_CLI_KEY_RSA;
+const char mbedtls_test_cli_pwd_rsa[]        = TEST_CLI_PWD_RSA;
+const char mbedtls_test_cli_crt_rsa[]        = TEST_CLI_CRT_RSA;
+const char mbedtls_test_cli_key_ec[]         = TEST_CLI_KEY_EC;
+const char mbedtls_test_cli_pwd_ec[]         = TEST_CLI_PWD_EC;
+const char mbedtls_test_cli_crt_ec[]         = TEST_CLI_CRT_EC;
+
+const size_t mbedtls_test_ca_key_rsa_len =
+    sizeof(mbedtls_test_ca_key_rsa);
+const size_t mbedtls_test_ca_pwd_rsa_len =
+    sizeof(mbedtls_test_ca_pwd_rsa) - 1;
+const size_t mbedtls_test_ca_crt_rsa_sha256_len =
+    sizeof(mbedtls_test_ca_crt_rsa_sha256);
+const size_t mbedtls_test_ca_crt_rsa_sha1_len =
+    sizeof(mbedtls_test_ca_crt_rsa_sha1);
+const size_t mbedtls_test_ca_key_ec_len =
+    sizeof(mbedtls_test_ca_key_ec);
+const size_t mbedtls_test_ca_pwd_ec_len =
+    sizeof(mbedtls_test_ca_pwd_ec) - 1;
+const size_t mbedtls_test_ca_crt_ec_len =
+    sizeof(mbedtls_test_ca_crt_ec);
+
+const size_t mbedtls_test_srv_key_rsa_len =
+    sizeof(mbedtls_test_srv_key_rsa);
+const size_t mbedtls_test_srv_pwd_rsa_len =
+    sizeof(mbedtls_test_srv_pwd_rsa) -1;
+const size_t mbedtls_test_srv_crt_rsa_sha256_len =
+    sizeof(mbedtls_test_srv_crt_rsa_sha256);
+const size_t mbedtls_test_srv_crt_rsa_sha1_len =
+    sizeof(mbedtls_test_srv_crt_rsa_sha1);
+const size_t mbedtls_test_srv_key_ec_len =
+    sizeof(mbedtls_test_srv_key_ec);
+const size_t mbedtls_test_srv_pwd_ec_len =
+    sizeof(mbedtls_test_srv_pwd_ec) - 1;
+const size_t mbedtls_test_srv_crt_ec_len =
+    sizeof(mbedtls_test_srv_crt_ec);
+
+const size_t mbedtls_test_cli_key_rsa_len =
+    sizeof(mbedtls_test_cli_key_rsa);
+const size_t mbedtls_test_cli_pwd_rsa_len =
+    sizeof(mbedtls_test_cli_pwd_rsa) - 1;
+const size_t mbedtls_test_cli_crt_rsa_len =
+    sizeof(mbedtls_test_cli_crt_rsa);
+const size_t mbedtls_test_cli_key_ec_len =
+    sizeof(mbedtls_test_cli_key_ec);
+const size_t mbedtls_test_cli_pwd_ec_len =
+    sizeof(mbedtls_test_cli_pwd_ec) - 1;
+const size_t mbedtls_test_cli_crt_ec_len =
+    sizeof(mbedtls_test_cli_crt_ec);
+
+/*
+ * Dispatch between SHA-1 and SHA-256
+ */
+
+#if defined(MBEDTLS_SHA256_C)
+#define TEST_CA_CRT_RSA  TEST_CA_CRT_RSA_SHA256
+#define TEST_SRV_CRT_RSA TEST_SRV_CRT_RSA_SHA256
+#else
+#define TEST_CA_CRT_RSA  TEST_CA_CRT_RSA_SHA1
+#define TEST_SRV_CRT_RSA TEST_SRV_CRT_RSA_SHA1
+#endif /* MBEDTLS_SHA256_C */
+
+const char mbedtls_test_ca_crt_rsa[]  = TEST_CA_CRT_RSA;
+const char mbedtls_test_srv_crt_rsa[] = TEST_SRV_CRT_RSA;
+
+const size_t mbedtls_test_ca_crt_rsa_len =
+    sizeof(mbedtls_test_ca_crt_rsa);
+const size_t mbedtls_test_srv_crt_rsa_len =
+    sizeof(mbedtls_test_srv_crt_rsa);
+
+/*
+ * Dispatch between RSA and EC
+ */
+
+#if defined(MBEDTLS_RSA_C)
+
+#define TEST_CA_KEY TEST_CA_KEY_RSA
+#define TEST_CA_PWD TEST_CA_PWD_RSA
+#define TEST_CA_CRT TEST_CA_CRT_RSA
+
+#define TEST_SRV_KEY TEST_SRV_KEY_RSA
+#define TEST_SRV_PWD TEST_SRV_PWD_RSA
+#define TEST_SRV_CRT TEST_SRV_CRT_RSA
+
+#define TEST_CLI_KEY TEST_CLI_KEY_RSA
+#define TEST_CLI_PWD TEST_CLI_PWD_RSA
+#define TEST_CLI_CRT TEST_CLI_CRT_RSA
+
+#else /* no RSA, so assume ECDSA */
+
+#define TEST_CA_KEY TEST_CA_KEY_EC
+#define TEST_CA_PWD TEST_CA_PWD_EC
+#define TEST_CA_CRT TEST_CA_CRT_EC
+
+#define TEST_SRV_KEY TEST_SRV_KEY_EC
+#define TEST_SRV_PWD TEST_SRV_PWD_EC
+#define TEST_SRV_CRT TEST_SRV_CRT_EC
+
+#define TEST_CLI_KEY TEST_CLI_KEY_EC
+#define TEST_CLI_PWD TEST_CLI_PWD_EC
+#define TEST_CLI_CRT TEST_CLI_CRT_EC
+#endif /* MBEDTLS_RSA_C */
+
+/* API stability forces us to declare
+ *   mbedtls_test_{ca|srv|cli}_{key|pwd|crt}
+ * as pointers. */
+static const char test_ca_key[] = TEST_CA_KEY;
+static const char test_ca_pwd[] = TEST_CA_PWD;
+static const char test_ca_crt[] = TEST_CA_CRT;
+
+static const char test_srv_key[] = TEST_SRV_KEY;
+static const char test_srv_pwd[] = TEST_SRV_PWD;
+static const char test_srv_crt[] = TEST_SRV_CRT;
+
+static const char test_cli_key[] = TEST_CLI_KEY;
+static const char test_cli_pwd[] = TEST_CLI_PWD;
+static const char test_cli_crt[] = TEST_CLI_CRT;
+
+const char *mbedtls_test_ca_key = test_ca_key;
+const char *mbedtls_test_ca_pwd = test_ca_pwd;
+const char *mbedtls_test_ca_crt = test_ca_crt;
+
+const char *mbedtls_test_srv_key = test_srv_key;
+const char *mbedtls_test_srv_pwd = test_srv_pwd;
+const char *mbedtls_test_srv_crt = test_srv_crt;
+
+const char *mbedtls_test_cli_key = test_cli_key;
+const char *mbedtls_test_cli_pwd = test_cli_pwd;
+const char *mbedtls_test_cli_crt = test_cli_crt;
+
+const size_t mbedtls_test_ca_key_len =
+    sizeof(test_ca_key);
+const size_t mbedtls_test_ca_pwd_len =
+    sizeof(test_ca_pwd) - 1;
+const size_t mbedtls_test_ca_crt_len =
+    sizeof(test_ca_crt);
+
+const size_t mbedtls_test_srv_key_len =
+    sizeof(test_srv_key);
+const size_t mbedtls_test_srv_pwd_len =
+    sizeof(test_srv_pwd) - 1;
+const size_t mbedtls_test_srv_crt_len =
+    sizeof(test_srv_crt);
+
+const size_t mbedtls_test_cli_key_len =
+    sizeof(test_cli_key);
+const size_t mbedtls_test_cli_pwd_len =
+    sizeof(test_cli_pwd) - 1;
+const size_t mbedtls_test_cli_crt_len =
+    sizeof(test_cli_crt);
+
+/*
+ *
+ * Lists of certificates
+ *
+ */
+
+/* List of CAs in PEM or DER, depending on config */
+const char *mbedtls_test_cas[] = {
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA1_C)
+    mbedtls_test_ca_crt_rsa_sha1,
+#endif
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C)
+    mbedtls_test_ca_crt_rsa_sha256,
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+    mbedtls_test_ca_crt_ec,
+#endif
+    NULL
+};
+const size_t mbedtls_test_cas_len[] = {
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA1_C)
+    sizeof(mbedtls_test_ca_crt_rsa_sha1),
+#endif
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C)
+    sizeof(mbedtls_test_ca_crt_rsa_sha256),
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+    sizeof(mbedtls_test_ca_crt_ec),
+#endif
+    0
+};
+
+/* List of all available CA certificates in DER format */
+const unsigned char *mbedtls_test_cas_der[] = {
+#if defined(MBEDTLS_RSA_C)
+#if defined(MBEDTLS_SHA256_C)
+    mbedtls_test_ca_crt_rsa_sha256_der,
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA1_C)
+    mbedtls_test_ca_crt_rsa_sha1_der,
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECDSA_C)
+    mbedtls_test_ca_crt_ec_der,
+#endif /* MBEDTLS_ECDSA_C */
+    NULL
+};
+
+const size_t mbedtls_test_cas_der_len[] = {
+#if defined(MBEDTLS_RSA_C)
+#if defined(MBEDTLS_SHA256_C)
+    sizeof(mbedtls_test_ca_crt_rsa_sha256_der),
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA1_C)
+    sizeof(mbedtls_test_ca_crt_rsa_sha1_der),
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECDSA_C)
+    sizeof(mbedtls_test_ca_crt_ec_der),
+#endif /* MBEDTLS_ECDSA_C */
+    0
+};
+
+/* Concatenation of all available CA certificates in PEM format */
+#if defined(MBEDTLS_PEM_PARSE_C)
+const char mbedtls_test_cas_pem[] =
+#if defined(MBEDTLS_RSA_C)
+#if defined(MBEDTLS_SHA256_C)
+    TEST_CA_CRT_RSA_SHA256_PEM
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA1_C)
+    TEST_CA_CRT_RSA_SHA1_PEM
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECDSA_C)
+    TEST_CA_CRT_EC_PEM
+#endif /* MBEDTLS_ECDSA_C */
+    "";
+const size_t mbedtls_test_cas_pem_len = sizeof(mbedtls_test_cas_pem);
+#endif /* MBEDTLS_PEM_PARSE_C */
+
+#endif /* MBEDTLS_CERTS_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/chacha20.c b/3rdparty/mbedtls-2.28.7/library/chacha20.c
new file mode 100644
index 0000000..82b7b1d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/chacha20.c
@@ -0,0 +1,532 @@
+/**
+ * \file chacha20.c
+ *
+ * \brief ChaCha20 cipher.
+ *
+ * \author Daniel King <damaki.gh@gmail.com>
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_CHACHA20_C)
+
+#include "mbedtls/chacha20.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#include <stddef.h>
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_CHACHA20_ALT)
+
+/* Parameter validation macros */
+#define CHACHA20_VALIDATE_RET(cond)                                       \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA)
+#define CHACHA20_VALIDATE(cond)                                           \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+#define ROTL32(value, amount) \
+    ((uint32_t) ((value) << (amount)) | ((value) >> (32 - (amount))))
+
+#define CHACHA20_CTR_INDEX (12U)
+
+#define CHACHA20_BLOCK_SIZE_BYTES (4U * 16U)
+
+/**
+ * \brief           ChaCha20 quarter round operation.
+ *
+ *                  The quarter round is defined as follows (from RFC 7539):
+ *                      1.  a += b; d ^= a; d <<<= 16;
+ *                      2.  c += d; b ^= c; b <<<= 12;
+ *                      3.  a += b; d ^= a; d <<<= 8;
+ *                      4.  c += d; b ^= c; b <<<= 7;
+ *
+ * \param state     ChaCha20 state to modify.
+ * \param a         The index of 'a' in the state.
+ * \param b         The index of 'b' in the state.
+ * \param c         The index of 'c' in the state.
+ * \param d         The index of 'd' in the state.
+ */
+static inline void chacha20_quarter_round(uint32_t state[16],
+                                          size_t a,
+                                          size_t b,
+                                          size_t c,
+                                          size_t d)
+{
+    /* a += b; d ^= a; d <<<= 16; */
+    state[a] += state[b];
+    state[d] ^= state[a];
+    state[d] = ROTL32(state[d], 16);
+
+    /* c += d; b ^= c; b <<<= 12 */
+    state[c] += state[d];
+    state[b] ^= state[c];
+    state[b] = ROTL32(state[b], 12);
+
+    /* a += b; d ^= a; d <<<= 8; */
+    state[a] += state[b];
+    state[d] ^= state[a];
+    state[d] = ROTL32(state[d], 8);
+
+    /* c += d; b ^= c; b <<<= 7; */
+    state[c] += state[d];
+    state[b] ^= state[c];
+    state[b] = ROTL32(state[b], 7);
+}
+
+/**
+ * \brief           Perform the ChaCha20 inner block operation.
+ *
+ *                  This function performs two rounds: the column round and the
+ *                  diagonal round.
+ *
+ * \param state     The ChaCha20 state to update.
+ */
+static void chacha20_inner_block(uint32_t state[16])
+{
+    chacha20_quarter_round(state, 0, 4, 8,  12);
+    chacha20_quarter_round(state, 1, 5, 9,  13);
+    chacha20_quarter_round(state, 2, 6, 10, 14);
+    chacha20_quarter_round(state, 3, 7, 11, 15);
+
+    chacha20_quarter_round(state, 0, 5, 10, 15);
+    chacha20_quarter_round(state, 1, 6, 11, 12);
+    chacha20_quarter_round(state, 2, 7, 8,  13);
+    chacha20_quarter_round(state, 3, 4, 9,  14);
+}
+
+/**
+ * \brief               Generates a keystream block.
+ *
+ * \param initial_state The initial ChaCha20 state (key, nonce, counter).
+ * \param keystream     Generated keystream bytes are written to this buffer.
+ */
+static void chacha20_block(const uint32_t initial_state[16],
+                           unsigned char keystream[64])
+{
+    uint32_t working_state[16];
+    size_t i;
+
+    memcpy(working_state,
+           initial_state,
+           CHACHA20_BLOCK_SIZE_BYTES);
+
+    for (i = 0U; i < 10U; i++) {
+        chacha20_inner_block(working_state);
+    }
+
+    working_state[0] += initial_state[0];
+    working_state[1] += initial_state[1];
+    working_state[2] += initial_state[2];
+    working_state[3] += initial_state[3];
+    working_state[4] += initial_state[4];
+    working_state[5] += initial_state[5];
+    working_state[6] += initial_state[6];
+    working_state[7] += initial_state[7];
+    working_state[8] += initial_state[8];
+    working_state[9] += initial_state[9];
+    working_state[10] += initial_state[10];
+    working_state[11] += initial_state[11];
+    working_state[12] += initial_state[12];
+    working_state[13] += initial_state[13];
+    working_state[14] += initial_state[14];
+    working_state[15] += initial_state[15];
+
+    for (i = 0U; i < 16; i++) {
+        size_t offset = i * 4U;
+
+        MBEDTLS_PUT_UINT32_LE(working_state[i], keystream, offset);
+    }
+
+    mbedtls_platform_zeroize(working_state, sizeof(working_state));
+}
+
+void mbedtls_chacha20_init(mbedtls_chacha20_context *ctx)
+{
+    CHACHA20_VALIDATE(ctx != NULL);
+
+    mbedtls_platform_zeroize(ctx->state, sizeof(ctx->state));
+    mbedtls_platform_zeroize(ctx->keystream8, sizeof(ctx->keystream8));
+
+    /* Initially, there's no keystream bytes available */
+    ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES;
+}
+
+void mbedtls_chacha20_free(mbedtls_chacha20_context *ctx)
+{
+    if (ctx != NULL) {
+        mbedtls_platform_zeroize(ctx, sizeof(mbedtls_chacha20_context));
+    }
+}
+
+int mbedtls_chacha20_setkey(mbedtls_chacha20_context *ctx,
+                            const unsigned char key[32])
+{
+    CHACHA20_VALIDATE_RET(ctx != NULL);
+    CHACHA20_VALIDATE_RET(key != NULL);
+
+    /* ChaCha20 constants - the string "expand 32-byte k" */
+    ctx->state[0] = 0x61707865;
+    ctx->state[1] = 0x3320646e;
+    ctx->state[2] = 0x79622d32;
+    ctx->state[3] = 0x6b206574;
+
+    /* Set key */
+    ctx->state[4]  = MBEDTLS_GET_UINT32_LE(key, 0);
+    ctx->state[5]  = MBEDTLS_GET_UINT32_LE(key, 4);
+    ctx->state[6]  = MBEDTLS_GET_UINT32_LE(key, 8);
+    ctx->state[7]  = MBEDTLS_GET_UINT32_LE(key, 12);
+    ctx->state[8]  = MBEDTLS_GET_UINT32_LE(key, 16);
+    ctx->state[9]  = MBEDTLS_GET_UINT32_LE(key, 20);
+    ctx->state[10] = MBEDTLS_GET_UINT32_LE(key, 24);
+    ctx->state[11] = MBEDTLS_GET_UINT32_LE(key, 28);
+
+    return 0;
+}
+
+int mbedtls_chacha20_starts(mbedtls_chacha20_context *ctx,
+                            const unsigned char nonce[12],
+                            uint32_t counter)
+{
+    CHACHA20_VALIDATE_RET(ctx != NULL);
+    CHACHA20_VALIDATE_RET(nonce != NULL);
+
+    /* Counter */
+    ctx->state[12] = counter;
+
+    /* Nonce */
+    ctx->state[13] = MBEDTLS_GET_UINT32_LE(nonce, 0);
+    ctx->state[14] = MBEDTLS_GET_UINT32_LE(nonce, 4);
+    ctx->state[15] = MBEDTLS_GET_UINT32_LE(nonce, 8);
+
+    mbedtls_platform_zeroize(ctx->keystream8, sizeof(ctx->keystream8));
+
+    /* Initially, there's no keystream bytes available */
+    ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES;
+
+    return 0;
+}
+
+int mbedtls_chacha20_update(mbedtls_chacha20_context *ctx,
+                            size_t size,
+                            const unsigned char *input,
+                            unsigned char *output)
+{
+    size_t offset = 0U;
+    size_t i;
+
+    CHACHA20_VALIDATE_RET(ctx != NULL);
+    CHACHA20_VALIDATE_RET(size == 0 || input  != NULL);
+    CHACHA20_VALIDATE_RET(size == 0 || output != NULL);
+
+    /* Use leftover keystream bytes, if available */
+    while (size > 0U && ctx->keystream_bytes_used < CHACHA20_BLOCK_SIZE_BYTES) {
+        output[offset] = input[offset]
+                         ^ ctx->keystream8[ctx->keystream_bytes_used];
+
+        ctx->keystream_bytes_used++;
+        offset++;
+        size--;
+    }
+
+    /* Process full blocks */
+    while (size >= CHACHA20_BLOCK_SIZE_BYTES) {
+        /* Generate new keystream block and increment counter */
+        chacha20_block(ctx->state, ctx->keystream8);
+        ctx->state[CHACHA20_CTR_INDEX]++;
+
+        for (i = 0U; i < 64U; i += 8U) {
+            output[offset + i] = input[offset + i] ^ ctx->keystream8[i];
+            output[offset + i+1] = input[offset + i+1] ^ ctx->keystream8[i+1];
+            output[offset + i+2] = input[offset + i+2] ^ ctx->keystream8[i+2];
+            output[offset + i+3] = input[offset + i+3] ^ ctx->keystream8[i+3];
+            output[offset + i+4] = input[offset + i+4] ^ ctx->keystream8[i+4];
+            output[offset + i+5] = input[offset + i+5] ^ ctx->keystream8[i+5];
+            output[offset + i+6] = input[offset + i+6] ^ ctx->keystream8[i+6];
+            output[offset + i+7] = input[offset + i+7] ^ ctx->keystream8[i+7];
+        }
+
+        offset += CHACHA20_BLOCK_SIZE_BYTES;
+        size   -= CHACHA20_BLOCK_SIZE_BYTES;
+    }
+
+    /* Last (partial) block */
+    if (size > 0U) {
+        /* Generate new keystream block and increment counter */
+        chacha20_block(ctx->state, ctx->keystream8);
+        ctx->state[CHACHA20_CTR_INDEX]++;
+
+        for (i = 0U; i < size; i++) {
+            output[offset + i] = input[offset + i] ^ ctx->keystream8[i];
+        }
+
+        ctx->keystream_bytes_used = size;
+
+    }
+
+    return 0;
+}
+
+int mbedtls_chacha20_crypt(const unsigned char key[32],
+                           const unsigned char nonce[12],
+                           uint32_t counter,
+                           size_t data_len,
+                           const unsigned char *input,
+                           unsigned char *output)
+{
+    mbedtls_chacha20_context ctx;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    CHACHA20_VALIDATE_RET(key != NULL);
+    CHACHA20_VALIDATE_RET(nonce != NULL);
+    CHACHA20_VALIDATE_RET(data_len == 0 || input  != NULL);
+    CHACHA20_VALIDATE_RET(data_len == 0 || output != NULL);
+
+    mbedtls_chacha20_init(&ctx);
+
+    ret = mbedtls_chacha20_setkey(&ctx, key);
+    if (ret != 0) {
+        goto cleanup;
+    }
+
+    ret = mbedtls_chacha20_starts(&ctx, nonce, counter);
+    if (ret != 0) {
+        goto cleanup;
+    }
+
+    ret = mbedtls_chacha20_update(&ctx, data_len, input, output);
+
+cleanup:
+    mbedtls_chacha20_free(&ctx);
+    return ret;
+}
+
+#endif /* !MBEDTLS_CHACHA20_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+static const unsigned char test_keys[2][32] =
+{
+    {
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+    },
+    {
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
+    }
+};
+
+static const unsigned char test_nonces[2][12] =
+{
+    {
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00
+    },
+    {
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x02
+    }
+};
+
+static const uint32_t test_counters[2] =
+{
+    0U,
+    1U
+};
+
+static const unsigned char test_input[2][375] =
+{
+    {
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+    },
+    {
+        0x41, 0x6e, 0x79, 0x20, 0x73, 0x75, 0x62, 0x6d,
+        0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x20, 0x74,
+        0x6f, 0x20, 0x74, 0x68, 0x65, 0x20, 0x49, 0x45,
+        0x54, 0x46, 0x20, 0x69, 0x6e, 0x74, 0x65, 0x6e,
+        0x64, 0x65, 0x64, 0x20, 0x62, 0x79, 0x20, 0x74,
+        0x68, 0x65, 0x20, 0x43, 0x6f, 0x6e, 0x74, 0x72,
+        0x69, 0x62, 0x75, 0x74, 0x6f, 0x72, 0x20, 0x66,
+        0x6f, 0x72, 0x20, 0x70, 0x75, 0x62, 0x6c, 0x69,
+        0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x61,
+        0x73, 0x20, 0x61, 0x6c, 0x6c, 0x20, 0x6f, 0x72,
+        0x20, 0x70, 0x61, 0x72, 0x74, 0x20, 0x6f, 0x66,
+        0x20, 0x61, 0x6e, 0x20, 0x49, 0x45, 0x54, 0x46,
+        0x20, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65,
+        0x74, 0x2d, 0x44, 0x72, 0x61, 0x66, 0x74, 0x20,
+        0x6f, 0x72, 0x20, 0x52, 0x46, 0x43, 0x20, 0x61,
+        0x6e, 0x64, 0x20, 0x61, 0x6e, 0x79, 0x20, 0x73,
+        0x74, 0x61, 0x74, 0x65, 0x6d, 0x65, 0x6e, 0x74,
+        0x20, 0x6d, 0x61, 0x64, 0x65, 0x20, 0x77, 0x69,
+        0x74, 0x68, 0x69, 0x6e, 0x20, 0x74, 0x68, 0x65,
+        0x20, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74,
+        0x20, 0x6f, 0x66, 0x20, 0x61, 0x6e, 0x20, 0x49,
+        0x45, 0x54, 0x46, 0x20, 0x61, 0x63, 0x74, 0x69,
+        0x76, 0x69, 0x74, 0x79, 0x20, 0x69, 0x73, 0x20,
+        0x63, 0x6f, 0x6e, 0x73, 0x69, 0x64, 0x65, 0x72,
+        0x65, 0x64, 0x20, 0x61, 0x6e, 0x20, 0x22, 0x49,
+        0x45, 0x54, 0x46, 0x20, 0x43, 0x6f, 0x6e, 0x74,
+        0x72, 0x69, 0x62, 0x75, 0x74, 0x69, 0x6f, 0x6e,
+        0x22, 0x2e, 0x20, 0x53, 0x75, 0x63, 0x68, 0x20,
+        0x73, 0x74, 0x61, 0x74, 0x65, 0x6d, 0x65, 0x6e,
+        0x74, 0x73, 0x20, 0x69, 0x6e, 0x63, 0x6c, 0x75,
+        0x64, 0x65, 0x20, 0x6f, 0x72, 0x61, 0x6c, 0x20,
+        0x73, 0x74, 0x61, 0x74, 0x65, 0x6d, 0x65, 0x6e,
+        0x74, 0x73, 0x20, 0x69, 0x6e, 0x20, 0x49, 0x45,
+        0x54, 0x46, 0x20, 0x73, 0x65, 0x73, 0x73, 0x69,
+        0x6f, 0x6e, 0x73, 0x2c, 0x20, 0x61, 0x73, 0x20,
+        0x77, 0x65, 0x6c, 0x6c, 0x20, 0x61, 0x73, 0x20,
+        0x77, 0x72, 0x69, 0x74, 0x74, 0x65, 0x6e, 0x20,
+        0x61, 0x6e, 0x64, 0x20, 0x65, 0x6c, 0x65, 0x63,
+        0x74, 0x72, 0x6f, 0x6e, 0x69, 0x63, 0x20, 0x63,
+        0x6f, 0x6d, 0x6d, 0x75, 0x6e, 0x69, 0x63, 0x61,
+        0x74, 0x69, 0x6f, 0x6e, 0x73, 0x20, 0x6d, 0x61,
+        0x64, 0x65, 0x20, 0x61, 0x74, 0x20, 0x61, 0x6e,
+        0x79, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x20, 0x6f,
+        0x72, 0x20, 0x70, 0x6c, 0x61, 0x63, 0x65, 0x2c,
+        0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x61,
+        0x72, 0x65, 0x20, 0x61, 0x64, 0x64, 0x72, 0x65,
+        0x73, 0x73, 0x65, 0x64, 0x20, 0x74, 0x6f
+    }
+};
+
+static const unsigned char test_output[2][375] =
+{
+    {
+        0x76, 0xb8, 0xe0, 0xad, 0xa0, 0xf1, 0x3d, 0x90,
+        0x40, 0x5d, 0x6a, 0xe5, 0x53, 0x86, 0xbd, 0x28,
+        0xbd, 0xd2, 0x19, 0xb8, 0xa0, 0x8d, 0xed, 0x1a,
+        0xa8, 0x36, 0xef, 0xcc, 0x8b, 0x77, 0x0d, 0xc7,
+        0xda, 0x41, 0x59, 0x7c, 0x51, 0x57, 0x48, 0x8d,
+        0x77, 0x24, 0xe0, 0x3f, 0xb8, 0xd8, 0x4a, 0x37,
+        0x6a, 0x43, 0xb8, 0xf4, 0x15, 0x18, 0xa1, 0x1c,
+        0xc3, 0x87, 0xb6, 0x69, 0xb2, 0xee, 0x65, 0x86
+    },
+    {
+        0xa3, 0xfb, 0xf0, 0x7d, 0xf3, 0xfa, 0x2f, 0xde,
+        0x4f, 0x37, 0x6c, 0xa2, 0x3e, 0x82, 0x73, 0x70,
+        0x41, 0x60, 0x5d, 0x9f, 0x4f, 0x4f, 0x57, 0xbd,
+        0x8c, 0xff, 0x2c, 0x1d, 0x4b, 0x79, 0x55, 0xec,
+        0x2a, 0x97, 0x94, 0x8b, 0xd3, 0x72, 0x29, 0x15,
+        0xc8, 0xf3, 0xd3, 0x37, 0xf7, 0xd3, 0x70, 0x05,
+        0x0e, 0x9e, 0x96, 0xd6, 0x47, 0xb7, 0xc3, 0x9f,
+        0x56, 0xe0, 0x31, 0xca, 0x5e, 0xb6, 0x25, 0x0d,
+        0x40, 0x42, 0xe0, 0x27, 0x85, 0xec, 0xec, 0xfa,
+        0x4b, 0x4b, 0xb5, 0xe8, 0xea, 0xd0, 0x44, 0x0e,
+        0x20, 0xb6, 0xe8, 0xdb, 0x09, 0xd8, 0x81, 0xa7,
+        0xc6, 0x13, 0x2f, 0x42, 0x0e, 0x52, 0x79, 0x50,
+        0x42, 0xbd, 0xfa, 0x77, 0x73, 0xd8, 0xa9, 0x05,
+        0x14, 0x47, 0xb3, 0x29, 0x1c, 0xe1, 0x41, 0x1c,
+        0x68, 0x04, 0x65, 0x55, 0x2a, 0xa6, 0xc4, 0x05,
+        0xb7, 0x76, 0x4d, 0x5e, 0x87, 0xbe, 0xa8, 0x5a,
+        0xd0, 0x0f, 0x84, 0x49, 0xed, 0x8f, 0x72, 0xd0,
+        0xd6, 0x62, 0xab, 0x05, 0x26, 0x91, 0xca, 0x66,
+        0x42, 0x4b, 0xc8, 0x6d, 0x2d, 0xf8, 0x0e, 0xa4,
+        0x1f, 0x43, 0xab, 0xf9, 0x37, 0xd3, 0x25, 0x9d,
+        0xc4, 0xb2, 0xd0, 0xdf, 0xb4, 0x8a, 0x6c, 0x91,
+        0x39, 0xdd, 0xd7, 0xf7, 0x69, 0x66, 0xe9, 0x28,
+        0xe6, 0x35, 0x55, 0x3b, 0xa7, 0x6c, 0x5c, 0x87,
+        0x9d, 0x7b, 0x35, 0xd4, 0x9e, 0xb2, 0xe6, 0x2b,
+        0x08, 0x71, 0xcd, 0xac, 0x63, 0x89, 0x39, 0xe2,
+        0x5e, 0x8a, 0x1e, 0x0e, 0xf9, 0xd5, 0x28, 0x0f,
+        0xa8, 0xca, 0x32, 0x8b, 0x35, 0x1c, 0x3c, 0x76,
+        0x59, 0x89, 0xcb, 0xcf, 0x3d, 0xaa, 0x8b, 0x6c,
+        0xcc, 0x3a, 0xaf, 0x9f, 0x39, 0x79, 0xc9, 0x2b,
+        0x37, 0x20, 0xfc, 0x88, 0xdc, 0x95, 0xed, 0x84,
+        0xa1, 0xbe, 0x05, 0x9c, 0x64, 0x99, 0xb9, 0xfd,
+        0xa2, 0x36, 0xe7, 0xe8, 0x18, 0xb0, 0x4b, 0x0b,
+        0xc3, 0x9c, 0x1e, 0x87, 0x6b, 0x19, 0x3b, 0xfe,
+        0x55, 0x69, 0x75, 0x3f, 0x88, 0x12, 0x8c, 0xc0,
+        0x8a, 0xaa, 0x9b, 0x63, 0xd1, 0xa1, 0x6f, 0x80,
+        0xef, 0x25, 0x54, 0xd7, 0x18, 0x9c, 0x41, 0x1f,
+        0x58, 0x69, 0xca, 0x52, 0xc5, 0xb8, 0x3f, 0xa3,
+        0x6f, 0xf2, 0x16, 0xb9, 0xc1, 0xd3, 0x00, 0x62,
+        0xbe, 0xbc, 0xfd, 0x2d, 0xc5, 0xbc, 0xe0, 0x91,
+        0x19, 0x34, 0xfd, 0xa7, 0x9a, 0x86, 0xf6, 0xe6,
+        0x98, 0xce, 0xd7, 0x59, 0xc3, 0xff, 0x9b, 0x64,
+        0x77, 0x33, 0x8f, 0x3d, 0xa4, 0xf9, 0xcd, 0x85,
+        0x14, 0xea, 0x99, 0x82, 0xcc, 0xaf, 0xb3, 0x41,
+        0xb2, 0x38, 0x4d, 0xd9, 0x02, 0xf3, 0xd1, 0xab,
+        0x7a, 0xc6, 0x1d, 0xd2, 0x9c, 0x6f, 0x21, 0xba,
+        0x5b, 0x86, 0x2f, 0x37, 0x30, 0xe3, 0x7c, 0xfd,
+        0xc4, 0xfd, 0x80, 0x6c, 0x22, 0xf2, 0x21
+    }
+};
+
+static const size_t test_lengths[2] =
+{
+    64U,
+    375U
+};
+
+/* Make sure no other definition is already present. */
+#undef ASSERT
+
+#define ASSERT(cond, args)            \
+    do                                  \
+    {                                   \
+        if (!(cond))                \
+        {                               \
+            if (verbose != 0)          \
+            mbedtls_printf args;    \
+                                        \
+            return -1;               \
+        }                               \
+    }                                   \
+    while (0)
+
+int mbedtls_chacha20_self_test(int verbose)
+{
+    unsigned char output[381];
+    unsigned i;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    for (i = 0U; i < 2U; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  ChaCha20 test %u ", i);
+        }
+
+        ret = mbedtls_chacha20_crypt(test_keys[i],
+                                     test_nonces[i],
+                                     test_counters[i],
+                                     test_lengths[i],
+                                     test_input[i],
+                                     output);
+
+        ASSERT(0 == ret, ("error code: %i\n", ret));
+
+        ASSERT(0 == memcmp(output, test_output[i], test_lengths[i]),
+               ("failed (output)\n"));
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+    return 0;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* !MBEDTLS_CHACHA20_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/chachapoly.c b/3rdparty/mbedtls-2.28.7/library/chachapoly.c
new file mode 100644
index 0000000..dd678f4
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/chachapoly.c
@@ -0,0 +1,511 @@
+/**
+ * \file chachapoly.c
+ *
+ * \brief ChaCha20-Poly1305 AEAD construction based on RFC 7539.
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#include "common.h"
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+
+#include "mbedtls/chachapoly.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+#include "mbedtls/constant_time.h"
+
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_CHACHAPOLY_ALT)
+
+/* Parameter validation macros */
+#define CHACHAPOLY_VALIDATE_RET(cond)                                       \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA)
+#define CHACHAPOLY_VALIDATE(cond)                                           \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+#define CHACHAPOLY_STATE_INIT       (0)
+#define CHACHAPOLY_STATE_AAD        (1)
+#define CHACHAPOLY_STATE_CIPHERTEXT (2)   /* Encrypting or decrypting */
+#define CHACHAPOLY_STATE_FINISHED   (3)
+
+/**
+ * \brief           Adds nul bytes to pad the AAD for Poly1305.
+ *
+ * \param ctx       The ChaCha20-Poly1305 context.
+ */
+static int chachapoly_pad_aad(mbedtls_chachapoly_context *ctx)
+{
+    uint32_t partial_block_len = (uint32_t) (ctx->aad_len % 16U);
+    unsigned char zeroes[15];
+
+    if (partial_block_len == 0U) {
+        return 0;
+    }
+
+    memset(zeroes, 0, sizeof(zeroes));
+
+    return mbedtls_poly1305_update(&ctx->poly1305_ctx,
+                                   zeroes,
+                                   16U - partial_block_len);
+}
+
+/**
+ * \brief           Adds nul bytes to pad the ciphertext for Poly1305.
+ *
+ * \param ctx       The ChaCha20-Poly1305 context.
+ */
+static int chachapoly_pad_ciphertext(mbedtls_chachapoly_context *ctx)
+{
+    uint32_t partial_block_len = (uint32_t) (ctx->ciphertext_len % 16U);
+    unsigned char zeroes[15];
+
+    if (partial_block_len == 0U) {
+        return 0;
+    }
+
+    memset(zeroes, 0, sizeof(zeroes));
+    return mbedtls_poly1305_update(&ctx->poly1305_ctx,
+                                   zeroes,
+                                   16U - partial_block_len);
+}
+
+void mbedtls_chachapoly_init(mbedtls_chachapoly_context *ctx)
+{
+    CHACHAPOLY_VALIDATE(ctx != NULL);
+
+    mbedtls_chacha20_init(&ctx->chacha20_ctx);
+    mbedtls_poly1305_init(&ctx->poly1305_ctx);
+    ctx->aad_len        = 0U;
+    ctx->ciphertext_len = 0U;
+    ctx->state          = CHACHAPOLY_STATE_INIT;
+    ctx->mode           = MBEDTLS_CHACHAPOLY_ENCRYPT;
+}
+
+void mbedtls_chachapoly_free(mbedtls_chachapoly_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_chacha20_free(&ctx->chacha20_ctx);
+    mbedtls_poly1305_free(&ctx->poly1305_ctx);
+    ctx->aad_len        = 0U;
+    ctx->ciphertext_len = 0U;
+    ctx->state          = CHACHAPOLY_STATE_INIT;
+    ctx->mode           = MBEDTLS_CHACHAPOLY_ENCRYPT;
+}
+
+int mbedtls_chachapoly_setkey(mbedtls_chachapoly_context *ctx,
+                              const unsigned char key[32])
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    CHACHAPOLY_VALIDATE_RET(ctx != NULL);
+    CHACHAPOLY_VALIDATE_RET(key != NULL);
+
+    ret = mbedtls_chacha20_setkey(&ctx->chacha20_ctx, key);
+
+    return ret;
+}
+
+int mbedtls_chachapoly_starts(mbedtls_chachapoly_context *ctx,
+                              const unsigned char nonce[12],
+                              mbedtls_chachapoly_mode_t mode)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char poly1305_key[64];
+    CHACHAPOLY_VALIDATE_RET(ctx != NULL);
+    CHACHAPOLY_VALIDATE_RET(nonce != NULL);
+
+    /* Set counter = 0, will be update to 1 when generating Poly1305 key */
+    ret = mbedtls_chacha20_starts(&ctx->chacha20_ctx, nonce, 0U);
+    if (ret != 0) {
+        goto cleanup;
+    }
+
+    /* Generate the Poly1305 key by getting the ChaCha20 keystream output with
+     * counter = 0.  This is the same as encrypting a buffer of zeroes.
+     * Only the first 256-bits (32 bytes) of the key is used for Poly1305.
+     * The other 256 bits are discarded.
+     */
+    memset(poly1305_key, 0, sizeof(poly1305_key));
+    ret = mbedtls_chacha20_update(&ctx->chacha20_ctx, sizeof(poly1305_key),
+                                  poly1305_key, poly1305_key);
+    if (ret != 0) {
+        goto cleanup;
+    }
+
+    ret = mbedtls_poly1305_starts(&ctx->poly1305_ctx, poly1305_key);
+
+    if (ret == 0) {
+        ctx->aad_len        = 0U;
+        ctx->ciphertext_len = 0U;
+        ctx->state          = CHACHAPOLY_STATE_AAD;
+        ctx->mode           = mode;
+    }
+
+cleanup:
+    mbedtls_platform_zeroize(poly1305_key, 64U);
+    return ret;
+}
+
+int mbedtls_chachapoly_update_aad(mbedtls_chachapoly_context *ctx,
+                                  const unsigned char *aad,
+                                  size_t aad_len)
+{
+    CHACHAPOLY_VALIDATE_RET(ctx != NULL);
+    CHACHAPOLY_VALIDATE_RET(aad_len == 0 || aad != NULL);
+
+    if (ctx->state != CHACHAPOLY_STATE_AAD) {
+        return MBEDTLS_ERR_CHACHAPOLY_BAD_STATE;
+    }
+
+    ctx->aad_len += aad_len;
+
+    return mbedtls_poly1305_update(&ctx->poly1305_ctx, aad, aad_len);
+}
+
+int mbedtls_chachapoly_update(mbedtls_chachapoly_context *ctx,
+                              size_t len,
+                              const unsigned char *input,
+                              unsigned char *output)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    CHACHAPOLY_VALIDATE_RET(ctx != NULL);
+    CHACHAPOLY_VALIDATE_RET(len == 0 || input != NULL);
+    CHACHAPOLY_VALIDATE_RET(len == 0 || output != NULL);
+
+    if ((ctx->state != CHACHAPOLY_STATE_AAD) &&
+        (ctx->state != CHACHAPOLY_STATE_CIPHERTEXT)) {
+        return MBEDTLS_ERR_CHACHAPOLY_BAD_STATE;
+    }
+
+    if (ctx->state == CHACHAPOLY_STATE_AAD) {
+        ctx->state = CHACHAPOLY_STATE_CIPHERTEXT;
+
+        ret = chachapoly_pad_aad(ctx);
+        if (ret != 0) {
+            return ret;
+        }
+    }
+
+    ctx->ciphertext_len += len;
+
+    if (ctx->mode == MBEDTLS_CHACHAPOLY_ENCRYPT) {
+        ret = mbedtls_chacha20_update(&ctx->chacha20_ctx, len, input, output);
+        if (ret != 0) {
+            return ret;
+        }
+
+        ret = mbedtls_poly1305_update(&ctx->poly1305_ctx, output, len);
+        if (ret != 0) {
+            return ret;
+        }
+    } else { /* DECRYPT */
+        ret = mbedtls_poly1305_update(&ctx->poly1305_ctx, input, len);
+        if (ret != 0) {
+            return ret;
+        }
+
+        ret = mbedtls_chacha20_update(&ctx->chacha20_ctx, len, input, output);
+        if (ret != 0) {
+            return ret;
+        }
+    }
+
+    return 0;
+}
+
+int mbedtls_chachapoly_finish(mbedtls_chachapoly_context *ctx,
+                              unsigned char mac[16])
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char len_block[16];
+    CHACHAPOLY_VALIDATE_RET(ctx != NULL);
+    CHACHAPOLY_VALIDATE_RET(mac != NULL);
+
+    if (ctx->state == CHACHAPOLY_STATE_INIT) {
+        return MBEDTLS_ERR_CHACHAPOLY_BAD_STATE;
+    }
+
+    if (ctx->state == CHACHAPOLY_STATE_AAD) {
+        ret = chachapoly_pad_aad(ctx);
+        if (ret != 0) {
+            return ret;
+        }
+    } else if (ctx->state == CHACHAPOLY_STATE_CIPHERTEXT) {
+        ret = chachapoly_pad_ciphertext(ctx);
+        if (ret != 0) {
+            return ret;
+        }
+    }
+
+    ctx->state = CHACHAPOLY_STATE_FINISHED;
+
+    /* The lengths of the AAD and ciphertext are processed by
+     * Poly1305 as the final 128-bit block, encoded as little-endian integers.
+     */
+    MBEDTLS_PUT_UINT64_LE(ctx->aad_len, len_block, 0);
+    MBEDTLS_PUT_UINT64_LE(ctx->ciphertext_len, len_block, 8);
+
+    ret = mbedtls_poly1305_update(&ctx->poly1305_ctx, len_block, 16U);
+    if (ret != 0) {
+        return ret;
+    }
+
+    ret = mbedtls_poly1305_finish(&ctx->poly1305_ctx, mac);
+
+    return ret;
+}
+
+static int chachapoly_crypt_and_tag(mbedtls_chachapoly_context *ctx,
+                                    mbedtls_chachapoly_mode_t mode,
+                                    size_t length,
+                                    const unsigned char nonce[12],
+                                    const unsigned char *aad,
+                                    size_t aad_len,
+                                    const unsigned char *input,
+                                    unsigned char *output,
+                                    unsigned char tag[16])
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    ret = mbedtls_chachapoly_starts(ctx, nonce, mode);
+    if (ret != 0) {
+        goto cleanup;
+    }
+
+    ret = mbedtls_chachapoly_update_aad(ctx, aad, aad_len);
+    if (ret != 0) {
+        goto cleanup;
+    }
+
+    ret = mbedtls_chachapoly_update(ctx, length, input, output);
+    if (ret != 0) {
+        goto cleanup;
+    }
+
+    ret = mbedtls_chachapoly_finish(ctx, tag);
+
+cleanup:
+    return ret;
+}
+
+int mbedtls_chachapoly_encrypt_and_tag(mbedtls_chachapoly_context *ctx,
+                                       size_t length,
+                                       const unsigned char nonce[12],
+                                       const unsigned char *aad,
+                                       size_t aad_len,
+                                       const unsigned char *input,
+                                       unsigned char *output,
+                                       unsigned char tag[16])
+{
+    CHACHAPOLY_VALIDATE_RET(ctx   != NULL);
+    CHACHAPOLY_VALIDATE_RET(nonce != NULL);
+    CHACHAPOLY_VALIDATE_RET(tag   != NULL);
+    CHACHAPOLY_VALIDATE_RET(aad_len == 0 || aad    != NULL);
+    CHACHAPOLY_VALIDATE_RET(length  == 0 || input  != NULL);
+    CHACHAPOLY_VALIDATE_RET(length  == 0 || output != NULL);
+
+    return chachapoly_crypt_and_tag(ctx, MBEDTLS_CHACHAPOLY_ENCRYPT,
+                                    length, nonce, aad, aad_len,
+                                    input, output, tag);
+}
+
+int mbedtls_chachapoly_auth_decrypt(mbedtls_chachapoly_context *ctx,
+                                    size_t length,
+                                    const unsigned char nonce[12],
+                                    const unsigned char *aad,
+                                    size_t aad_len,
+                                    const unsigned char tag[16],
+                                    const unsigned char *input,
+                                    unsigned char *output)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char check_tag[16];
+    int diff;
+    CHACHAPOLY_VALIDATE_RET(ctx   != NULL);
+    CHACHAPOLY_VALIDATE_RET(nonce != NULL);
+    CHACHAPOLY_VALIDATE_RET(tag   != NULL);
+    CHACHAPOLY_VALIDATE_RET(aad_len == 0 || aad    != NULL);
+    CHACHAPOLY_VALIDATE_RET(length  == 0 || input  != NULL);
+    CHACHAPOLY_VALIDATE_RET(length  == 0 || output != NULL);
+
+    if ((ret = chachapoly_crypt_and_tag(ctx,
+                                        MBEDTLS_CHACHAPOLY_DECRYPT, length, nonce,
+                                        aad, aad_len, input, output, check_tag)) != 0) {
+        return ret;
+    }
+
+    /* Check tag in "constant-time" */
+    diff = mbedtls_ct_memcmp(tag, check_tag, sizeof(check_tag));
+
+    if (diff != 0) {
+        mbedtls_platform_zeroize(output, length);
+        return MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED;
+    }
+
+    return 0;
+}
+
+#endif /* MBEDTLS_CHACHAPOLY_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+static const unsigned char test_key[1][32] =
+{
+    {
+        0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
+        0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
+        0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
+        0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f
+    }
+};
+
+static const unsigned char test_nonce[1][12] =
+{
+    {
+        0x07, 0x00, 0x00, 0x00,                         /* 32-bit common part */
+        0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47  /* 64-bit IV */
+    }
+};
+
+static const unsigned char test_aad[1][12] =
+{
+    {
+        0x50, 0x51, 0x52, 0x53, 0xc0, 0xc1, 0xc2, 0xc3,
+        0xc4, 0xc5, 0xc6, 0xc7
+    }
+};
+
+static const size_t test_aad_len[1] =
+{
+    12U
+};
+
+static const unsigned char test_input[1][114] =
+{
+    {
+        0x4c, 0x61, 0x64, 0x69, 0x65, 0x73, 0x20, 0x61,
+        0x6e, 0x64, 0x20, 0x47, 0x65, 0x6e, 0x74, 0x6c,
+        0x65, 0x6d, 0x65, 0x6e, 0x20, 0x6f, 0x66, 0x20,
+        0x74, 0x68, 0x65, 0x20, 0x63, 0x6c, 0x61, 0x73,
+        0x73, 0x20, 0x6f, 0x66, 0x20, 0x27, 0x39, 0x39,
+        0x3a, 0x20, 0x49, 0x66, 0x20, 0x49, 0x20, 0x63,
+        0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6f, 0x66, 0x66,
+        0x65, 0x72, 0x20, 0x79, 0x6f, 0x75, 0x20, 0x6f,
+        0x6e, 0x6c, 0x79, 0x20, 0x6f, 0x6e, 0x65, 0x20,
+        0x74, 0x69, 0x70, 0x20, 0x66, 0x6f, 0x72, 0x20,
+        0x74, 0x68, 0x65, 0x20, 0x66, 0x75, 0x74, 0x75,
+        0x72, 0x65, 0x2c, 0x20, 0x73, 0x75, 0x6e, 0x73,
+        0x63, 0x72, 0x65, 0x65, 0x6e, 0x20, 0x77, 0x6f,
+        0x75, 0x6c, 0x64, 0x20, 0x62, 0x65, 0x20, 0x69,
+        0x74, 0x2e
+    }
+};
+
+static const unsigned char test_output[1][114] =
+{
+    {
+        0xd3, 0x1a, 0x8d, 0x34, 0x64, 0x8e, 0x60, 0xdb,
+        0x7b, 0x86, 0xaf, 0xbc, 0x53, 0xef, 0x7e, 0xc2,
+        0xa4, 0xad, 0xed, 0x51, 0x29, 0x6e, 0x08, 0xfe,
+        0xa9, 0xe2, 0xb5, 0xa7, 0x36, 0xee, 0x62, 0xd6,
+        0x3d, 0xbe, 0xa4, 0x5e, 0x8c, 0xa9, 0x67, 0x12,
+        0x82, 0xfa, 0xfb, 0x69, 0xda, 0x92, 0x72, 0x8b,
+        0x1a, 0x71, 0xde, 0x0a, 0x9e, 0x06, 0x0b, 0x29,
+        0x05, 0xd6, 0xa5, 0xb6, 0x7e, 0xcd, 0x3b, 0x36,
+        0x92, 0xdd, 0xbd, 0x7f, 0x2d, 0x77, 0x8b, 0x8c,
+        0x98, 0x03, 0xae, 0xe3, 0x28, 0x09, 0x1b, 0x58,
+        0xfa, 0xb3, 0x24, 0xe4, 0xfa, 0xd6, 0x75, 0x94,
+        0x55, 0x85, 0x80, 0x8b, 0x48, 0x31, 0xd7, 0xbc,
+        0x3f, 0xf4, 0xde, 0xf0, 0x8e, 0x4b, 0x7a, 0x9d,
+        0xe5, 0x76, 0xd2, 0x65, 0x86, 0xce, 0xc6, 0x4b,
+        0x61, 0x16
+    }
+};
+
+static const size_t test_input_len[1] =
+{
+    114U
+};
+
+static const unsigned char test_mac[1][16] =
+{
+    {
+        0x1a, 0xe1, 0x0b, 0x59, 0x4f, 0x09, 0xe2, 0x6a,
+        0x7e, 0x90, 0x2e, 0xcb, 0xd0, 0x60, 0x06, 0x91
+    }
+};
+
+/* Make sure no other definition is already present. */
+#undef ASSERT
+
+#define ASSERT(cond, args)            \
+    do                                  \
+    {                                   \
+        if (!(cond))                \
+        {                               \
+            if (verbose != 0)          \
+            mbedtls_printf args;    \
+                                        \
+            return -1;               \
+        }                               \
+    }                                   \
+    while (0)
+
+int mbedtls_chachapoly_self_test(int verbose)
+{
+    mbedtls_chachapoly_context ctx;
+    unsigned i;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char output[200];
+    unsigned char mac[16];
+
+    for (i = 0U; i < 1U; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  ChaCha20-Poly1305 test %u ", i);
+        }
+
+        mbedtls_chachapoly_init(&ctx);
+
+        ret = mbedtls_chachapoly_setkey(&ctx, test_key[i]);
+        ASSERT(0 == ret, ("setkey() error code: %i\n", ret));
+
+        ret = mbedtls_chachapoly_encrypt_and_tag(&ctx,
+                                                 test_input_len[i],
+                                                 test_nonce[i],
+                                                 test_aad[i],
+                                                 test_aad_len[i],
+                                                 test_input[i],
+                                                 output,
+                                                 mac);
+
+        ASSERT(0 == ret, ("crypt_and_tag() error code: %i\n", ret));
+
+        ASSERT(0 == memcmp(output, test_output[i], test_input_len[i]),
+               ("failure (wrong output)\n"));
+
+        ASSERT(0 == memcmp(mac, test_mac[i], 16U),
+               ("failure (wrong MAC)\n"));
+
+        mbedtls_chachapoly_free(&ctx);
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+    return 0;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_CHACHAPOLY_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/check_crypto_config.h b/3rdparty/mbedtls-2.28.7/library/check_crypto_config.h
new file mode 100644
index 0000000..0ba32bf
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/check_crypto_config.h
@@ -0,0 +1,79 @@
+/**
+ * \file check_crypto_config.h
+ *
+ * \brief Consistency checks for PSA configuration options
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ * It is recommended to include this file from your crypto_config.h
+ * in order to catch dependency issues early.
+ */
+
+#ifndef MBEDTLS_CHECK_CRYPTO_CONFIG_H
+#define MBEDTLS_CHECK_CRYPTO_CONFIG_H
+
+#if defined(PSA_WANT_ALG_CCM) && \
+    !(defined(PSA_WANT_KEY_TYPE_AES) || \
+    defined(PSA_WANT_KEY_TYPE_CAMELLIA))
+#error "PSA_WANT_ALG_CCM defined, but not all prerequisites"
+#endif
+
+#if defined(PSA_WANT_ALG_CMAC) && \
+    !(defined(PSA_WANT_KEY_TYPE_AES) || \
+    defined(PSA_WANT_KEY_TYPE_CAMELLIA) || \
+    defined(PSA_WANT_KEY_TYPE_DES))
+#error "PSA_WANT_ALG_CMAC defined, but not all prerequisites"
+#endif
+
+#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) && \
+    !(defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \
+    defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY))
+#error "PSA_WANT_ALG_DETERMINISTIC_ECDSA defined, but not all prerequisites"
+#endif
+
+#if defined(PSA_WANT_ALG_ECDSA) && \
+    !(defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \
+    defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY))
+#error "PSA_WANT_ALG_ECDSA defined, but not all prerequisites"
+#endif
+
+#if defined(PSA_WANT_ALG_GCM) && \
+    !(defined(PSA_WANT_KEY_TYPE_AES) || \
+    defined(PSA_WANT_KEY_TYPE_CAMELLIA))
+#error "PSA_WANT_ALG_GCM defined, but not all prerequisites"
+#endif
+
+#if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) && \
+    !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
+    defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY))
+#error "PSA_WANT_ALG_RSA_PKCS1V15_CRYPT defined, but not all prerequisites"
+#endif
+
+#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) && \
+    !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
+    defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY))
+#error "PSA_WANT_ALG_RSA_PKCS1V15_SIGN defined, but not all prerequisites"
+#endif
+
+#if defined(PSA_WANT_ALG_RSA_OAEP) && \
+    !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
+    defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY))
+#error "PSA_WANT_ALG_RSA_OAEP defined, but not all prerequisites"
+#endif
+
+#if defined(PSA_WANT_ALG_RSA_PSS) && \
+    !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
+    defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY))
+#error "PSA_WANT_ALG_RSA_PSS defined, but not all prerequisites"
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) && \
+    !defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
+#error "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR defined, but not all prerequisites"
+#endif
+
+#endif /* MBEDTLS_CHECK_CRYPTO_CONFIG_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/cipher.c b/3rdparty/mbedtls-2.28.7/library/cipher.c
new file mode 100644
index 0000000..37a2eff
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/cipher.c
@@ -0,0 +1,1622 @@
+/**
+ * \file cipher.c
+ *
+ * \brief Generic cipher wrapper for Mbed TLS
+ *
+ * \author Adriaan de Jong <dejong@fox-it.com>
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_CIPHER_C)
+
+#include "mbedtls/cipher.h"
+#include "mbedtls/cipher_internal.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+#include "mbedtls/constant_time.h"
+#include "constant_time_internal.h"
+
+#include <stdlib.h>
+#include <string.h>
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+#include "mbedtls/chachapoly.h"
+#endif
+
+#if defined(MBEDTLS_GCM_C)
+#include "mbedtls/gcm.h"
+#endif
+
+#if defined(MBEDTLS_CCM_C)
+#include "mbedtls/ccm.h"
+#endif
+
+#if defined(MBEDTLS_CHACHA20_C)
+#include "mbedtls/chacha20.h"
+#endif
+
+#if defined(MBEDTLS_CMAC_C)
+#include "mbedtls/cmac.h"
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_NIST_KW_C)
+#include "mbedtls/nist_kw.h"
+#endif
+
+#include "mbedtls/platform.h"
+
+#define CIPHER_VALIDATE_RET(cond)    \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA)
+#define CIPHER_VALIDATE(cond)        \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+static int supported_init = 0;
+
+const int *mbedtls_cipher_list(void)
+{
+    const mbedtls_cipher_definition_t *def;
+    int *type;
+
+    if (!supported_init) {
+        def = mbedtls_cipher_definitions;
+        type = mbedtls_cipher_supported;
+
+        while (def->type != 0) {
+            *type++ = (*def++).type;
+        }
+
+        *type = 0;
+
+        supported_init = 1;
+    }
+
+    return mbedtls_cipher_supported;
+}
+
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type(
+    const mbedtls_cipher_type_t cipher_type)
+{
+    const mbedtls_cipher_definition_t *def;
+
+    for (def = mbedtls_cipher_definitions; def->info != NULL; def++) {
+        if (def->type == cipher_type) {
+            return def->info;
+        }
+    }
+
+    return NULL;
+}
+
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string(
+    const char *cipher_name)
+{
+    const mbedtls_cipher_definition_t *def;
+
+    if (NULL == cipher_name) {
+        return NULL;
+    }
+
+    for (def = mbedtls_cipher_definitions; def->info != NULL; def++) {
+        if (!strcmp(def->info->name, cipher_name)) {
+            return def->info;
+        }
+    }
+
+    return NULL;
+}
+
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values(
+    const mbedtls_cipher_id_t cipher_id,
+    int key_bitlen,
+    const mbedtls_cipher_mode_t mode)
+{
+    const mbedtls_cipher_definition_t *def;
+
+    for (def = mbedtls_cipher_definitions; def->info != NULL; def++) {
+        if (def->info->base->cipher == cipher_id &&
+            def->info->key_bitlen == (unsigned) key_bitlen &&
+            def->info->mode == mode) {
+            return def->info;
+        }
+    }
+
+    return NULL;
+}
+
+void mbedtls_cipher_init(mbedtls_cipher_context_t *ctx)
+{
+    CIPHER_VALIDATE(ctx != NULL);
+    memset(ctx, 0, sizeof(mbedtls_cipher_context_t));
+}
+
+void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (ctx->psa_enabled == 1) {
+        if (ctx->cipher_ctx != NULL) {
+            mbedtls_cipher_context_psa * const cipher_psa =
+                (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
+
+            if (cipher_psa->slot_state == MBEDTLS_CIPHER_PSA_KEY_OWNED) {
+                /* xxx_free() doesn't allow to return failures. */
+                (void) psa_destroy_key(cipher_psa->slot);
+            }
+
+            mbedtls_platform_zeroize(cipher_psa, sizeof(*cipher_psa));
+            mbedtls_free(cipher_psa);
+        }
+
+        mbedtls_platform_zeroize(ctx, sizeof(mbedtls_cipher_context_t));
+        return;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_CMAC_C)
+    if (ctx->cmac_ctx) {
+        mbedtls_platform_zeroize(ctx->cmac_ctx,
+                                 sizeof(mbedtls_cmac_context_t));
+        mbedtls_free(ctx->cmac_ctx);
+    }
+#endif
+
+    if (ctx->cipher_ctx) {
+        ctx->cipher_info->base->ctx_free_func(ctx->cipher_ctx);
+    }
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_cipher_context_t));
+}
+
+int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx,
+                         const mbedtls_cipher_info_t *cipher_info)
+{
+    CIPHER_VALIDATE_RET(ctx != NULL);
+    if (cipher_info == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    memset(ctx, 0, sizeof(mbedtls_cipher_context_t));
+
+    if (NULL == (ctx->cipher_ctx = cipher_info->base->ctx_alloc_func())) {
+        return MBEDTLS_ERR_CIPHER_ALLOC_FAILED;
+    }
+
+    ctx->cipher_info = cipher_info;
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+    /*
+     * Ignore possible errors caused by a cipher mode that doesn't use padding
+     */
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+    (void) mbedtls_cipher_set_padding_mode(ctx, MBEDTLS_PADDING_PKCS7);
+#else
+    (void) mbedtls_cipher_set_padding_mode(ctx, MBEDTLS_PADDING_NONE);
+#endif
+#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
+
+    return 0;
+}
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+int mbedtls_cipher_setup_psa(mbedtls_cipher_context_t *ctx,
+                             const mbedtls_cipher_info_t *cipher_info,
+                             size_t taglen)
+{
+    psa_algorithm_t alg;
+    mbedtls_cipher_context_psa *cipher_psa;
+
+    if (NULL == cipher_info || NULL == ctx) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    /* Check that the underlying cipher mode and cipher type are
+     * supported by the underlying PSA Crypto implementation. */
+    alg = mbedtls_psa_translate_cipher_mode(cipher_info->mode, taglen);
+    if (alg == 0) {
+        return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+    }
+    if (mbedtls_psa_translate_cipher_type(cipher_info->type) == 0) {
+        return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+    }
+
+    memset(ctx, 0, sizeof(mbedtls_cipher_context_t));
+
+    cipher_psa = mbedtls_calloc(1, sizeof(mbedtls_cipher_context_psa));
+    if (cipher_psa == NULL) {
+        return MBEDTLS_ERR_CIPHER_ALLOC_FAILED;
+    }
+    cipher_psa->alg  = alg;
+    ctx->cipher_ctx  = cipher_psa;
+    ctx->cipher_info = cipher_info;
+    ctx->psa_enabled = 1;
+    return 0;
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx,
+                          const unsigned char *key,
+                          int key_bitlen,
+                          const mbedtls_operation_t operation)
+{
+    CIPHER_VALIDATE_RET(ctx != NULL);
+    CIPHER_VALIDATE_RET(key != NULL);
+    CIPHER_VALIDATE_RET(operation == MBEDTLS_ENCRYPT ||
+                        operation == MBEDTLS_DECRYPT);
+    if (ctx->cipher_info == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (ctx->psa_enabled == 1) {
+        mbedtls_cipher_context_psa * const cipher_psa =
+            (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
+
+        size_t const key_bytelen = ((size_t) key_bitlen + 7) / 8;
+
+        psa_status_t status;
+        psa_key_type_t key_type;
+        psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+        /* PSA Crypto API only accepts byte-aligned keys. */
+        if (key_bitlen % 8 != 0) {
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+        }
+
+        /* Don't allow keys to be set multiple times. */
+        if (cipher_psa->slot_state != MBEDTLS_CIPHER_PSA_KEY_UNSET) {
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+        }
+
+        key_type = mbedtls_psa_translate_cipher_type(
+            ctx->cipher_info->type);
+        if (key_type == 0) {
+            return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+        }
+        psa_set_key_type(&attributes, key_type);
+
+        /* Mbed TLS' cipher layer doesn't enforce the mode of operation
+         * (encrypt vs. decrypt): it is possible to setup a key for encryption
+         * and use it for AEAD decryption. Until tests relying on this
+         * are changed, allow any usage in PSA. */
+        psa_set_key_usage_flags(&attributes,
+                                /* mbedtls_psa_translate_cipher_operation( operation ); */
+                                PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
+        psa_set_key_algorithm(&attributes, cipher_psa->alg);
+
+        status = psa_import_key(&attributes, key, key_bytelen,
+                                &cipher_psa->slot);
+        switch (status) {
+            case PSA_SUCCESS:
+                break;
+            case PSA_ERROR_INSUFFICIENT_MEMORY:
+                return MBEDTLS_ERR_CIPHER_ALLOC_FAILED;
+            case PSA_ERROR_NOT_SUPPORTED:
+                return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+            default:
+                return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED;
+        }
+        /* Indicate that we own the key slot and need to
+         * destroy it in mbedtls_cipher_free(). */
+        cipher_psa->slot_state = MBEDTLS_CIPHER_PSA_KEY_OWNED;
+
+        ctx->key_bitlen = key_bitlen;
+        ctx->operation = operation;
+        return 0;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if ((ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN) == 0 &&
+        (int) ctx->cipher_info->key_bitlen != key_bitlen) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    ctx->key_bitlen = key_bitlen;
+    ctx->operation = operation;
+
+    /*
+     * For OFB, CFB and CTR mode always use the encryption key schedule
+     */
+    if (MBEDTLS_ENCRYPT == operation ||
+        MBEDTLS_MODE_CFB == ctx->cipher_info->mode ||
+        MBEDTLS_MODE_OFB == ctx->cipher_info->mode ||
+        MBEDTLS_MODE_CTR == ctx->cipher_info->mode) {
+        return ctx->cipher_info->base->setkey_enc_func(ctx->cipher_ctx, key,
+                                                       ctx->key_bitlen);
+    }
+
+    if (MBEDTLS_DECRYPT == operation) {
+        return ctx->cipher_info->base->setkey_dec_func(ctx->cipher_ctx, key,
+                                                       ctx->key_bitlen);
+    }
+
+    return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+}
+
+int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx,
+                          const unsigned char *iv,
+                          size_t iv_len)
+{
+    size_t actual_iv_size;
+
+    CIPHER_VALIDATE_RET(ctx != NULL);
+    CIPHER_VALIDATE_RET(iv_len == 0 || iv != NULL);
+    if (ctx->cipher_info == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (ctx->psa_enabled == 1) {
+        /* While PSA Crypto has an API for multipart
+         * operations, we currently don't make it
+         * accessible through the cipher layer. */
+        return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    /* avoid buffer overflow in ctx->iv */
+    if (iv_len > MBEDTLS_MAX_IV_LENGTH) {
+        return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+    }
+
+    if ((ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_IV_LEN) != 0) {
+        actual_iv_size = iv_len;
+    } else {
+        actual_iv_size = ctx->cipher_info->iv_size;
+
+        /* avoid reading past the end of input buffer */
+        if (actual_iv_size > iv_len) {
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+        }
+    }
+
+#if defined(MBEDTLS_CHACHA20_C)
+    if (ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20) {
+        /* Even though the actual_iv_size is overwritten with a correct value
+         * of 12 from the cipher info, return an error to indicate that
+         * the input iv_len is wrong. */
+        if (iv_len != 12) {
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+        }
+
+        if (0 != mbedtls_chacha20_starts((mbedtls_chacha20_context *) ctx->cipher_ctx,
+                                         iv,
+                                         0U)) {   /* Initial counter value */
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+        }
+    }
+#if defined(MBEDTLS_CHACHAPOLY_C)
+    if (ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305 &&
+        iv_len != 12) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+#endif
+#endif
+
+    if (actual_iv_size != 0) {
+        memcpy(ctx->iv, iv, actual_iv_size);
+        ctx->iv_size = actual_iv_size;
+    }
+
+    return 0;
+}
+
+int mbedtls_cipher_reset(mbedtls_cipher_context_t *ctx)
+{
+    CIPHER_VALIDATE_RET(ctx != NULL);
+    if (ctx->cipher_info == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (ctx->psa_enabled == 1) {
+        /* We don't support resetting PSA-based
+         * cipher contexts, yet. */
+        return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    ctx->unprocessed_len = 0;
+
+    return 0;
+}
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx,
+                             const unsigned char *ad, size_t ad_len)
+{
+    CIPHER_VALIDATE_RET(ctx != NULL);
+    CIPHER_VALIDATE_RET(ad_len == 0 || ad != NULL);
+    if (ctx->cipher_info == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (ctx->psa_enabled == 1) {
+        /* While PSA Crypto has an API for multipart
+         * operations, we currently don't make it
+         * accessible through the cipher layer. */
+        return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_GCM_C)
+    if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) {
+        return mbedtls_gcm_starts((mbedtls_gcm_context *) ctx->cipher_ctx, ctx->operation,
+                                  ctx->iv, ctx->iv_size, ad, ad_len);
+    }
+#endif
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+    if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) {
+        int result;
+        mbedtls_chachapoly_mode_t mode;
+
+        mode = (ctx->operation == MBEDTLS_ENCRYPT)
+                ? MBEDTLS_CHACHAPOLY_ENCRYPT
+                : MBEDTLS_CHACHAPOLY_DECRYPT;
+
+        result = mbedtls_chachapoly_starts((mbedtls_chachapoly_context *) ctx->cipher_ctx,
+                                           ctx->iv,
+                                           mode);
+        if (result != 0) {
+            return result;
+        }
+
+        return mbedtls_chachapoly_update_aad((mbedtls_chachapoly_context *) ctx->cipher_ctx,
+                                             ad, ad_len);
+    }
+#endif
+
+    return 0;
+}
+#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
+
+int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *input,
+                          size_t ilen, unsigned char *output, size_t *olen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t block_size;
+
+    CIPHER_VALIDATE_RET(ctx != NULL);
+    CIPHER_VALIDATE_RET(ilen == 0 || input != NULL);
+    CIPHER_VALIDATE_RET(output != NULL);
+    CIPHER_VALIDATE_RET(olen != NULL);
+    if (ctx->cipher_info == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (ctx->psa_enabled == 1) {
+        /* While PSA Crypto has an API for multipart
+         * operations, we currently don't make it
+         * accessible through the cipher layer. */
+        return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    *olen = 0;
+    block_size = mbedtls_cipher_get_block_size(ctx);
+    if (0 == block_size) {
+        return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT;
+    }
+
+    if (ctx->cipher_info->mode == MBEDTLS_MODE_ECB) {
+        if (ilen != block_size) {
+            return MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED;
+        }
+
+        *olen = ilen;
+
+        if (0 != (ret = ctx->cipher_info->base->ecb_func(ctx->cipher_ctx,
+                                                         ctx->operation, input, output))) {
+            return ret;
+        }
+
+        return 0;
+    }
+
+#if defined(MBEDTLS_GCM_C)
+    if (ctx->cipher_info->mode == MBEDTLS_MODE_GCM) {
+        *olen = ilen;
+        return mbedtls_gcm_update((mbedtls_gcm_context *) ctx->cipher_ctx, ilen, input,
+                                  output);
+    }
+#endif
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+    if (ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305) {
+        *olen = ilen;
+        return mbedtls_chachapoly_update((mbedtls_chachapoly_context *) ctx->cipher_ctx,
+                                         ilen, input, output);
+    }
+#endif
+
+    if (input == output &&
+        (ctx->unprocessed_len != 0 || ilen % block_size)) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    if (ctx->cipher_info->mode == MBEDTLS_MODE_CBC) {
+        size_t copy_len = 0;
+
+        /*
+         * If there is not enough data for a full block, cache it.
+         */
+        if ((ctx->operation == MBEDTLS_DECRYPT && NULL != ctx->add_padding &&
+             ilen <= block_size - ctx->unprocessed_len) ||
+            (ctx->operation == MBEDTLS_DECRYPT && NULL == ctx->add_padding &&
+             ilen < block_size - ctx->unprocessed_len) ||
+            (ctx->operation == MBEDTLS_ENCRYPT &&
+             ilen < block_size - ctx->unprocessed_len)) {
+            memcpy(&(ctx->unprocessed_data[ctx->unprocessed_len]), input,
+                   ilen);
+
+            ctx->unprocessed_len += ilen;
+            return 0;
+        }
+
+        /*
+         * Process cached data first
+         */
+        if (0 != ctx->unprocessed_len) {
+            copy_len = block_size - ctx->unprocessed_len;
+
+            memcpy(&(ctx->unprocessed_data[ctx->unprocessed_len]), input,
+                   copy_len);
+
+            if (0 != (ret = ctx->cipher_info->base->cbc_func(ctx->cipher_ctx,
+                                                             ctx->operation, block_size, ctx->iv,
+                                                             ctx->unprocessed_data, output))) {
+                return ret;
+            }
+
+            *olen += block_size;
+            output += block_size;
+            ctx->unprocessed_len = 0;
+
+            input += copy_len;
+            ilen -= copy_len;
+        }
+
+        /*
+         * Cache final, incomplete block
+         */
+        if (0 != ilen) {
+            /* Encryption: only cache partial blocks
+             * Decryption w/ padding: always keep at least one whole block
+             * Decryption w/o padding: only cache partial blocks
+             */
+            copy_len = ilen % block_size;
+            if (copy_len == 0 &&
+                ctx->operation == MBEDTLS_DECRYPT &&
+                NULL != ctx->add_padding) {
+                copy_len = block_size;
+            }
+
+            memcpy(ctx->unprocessed_data, &(input[ilen - copy_len]),
+                   copy_len);
+
+            ctx->unprocessed_len += copy_len;
+            ilen -= copy_len;
+        }
+
+        /*
+         * Process remaining full blocks
+         */
+        if (ilen) {
+            if (0 != (ret = ctx->cipher_info->base->cbc_func(ctx->cipher_ctx,
+                                                             ctx->operation, ilen, ctx->iv, input,
+                                                             output))) {
+                return ret;
+            }
+
+            *olen += ilen;
+        }
+
+        return 0;
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    if (ctx->cipher_info->mode == MBEDTLS_MODE_CFB) {
+        if (0 != (ret = ctx->cipher_info->base->cfb_func(ctx->cipher_ctx,
+                                                         ctx->operation, ilen,
+                                                         &ctx->unprocessed_len, ctx->iv,
+                                                         input, output))) {
+            return ret;
+        }
+
+        *olen = ilen;
+
+        return 0;
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    if (ctx->cipher_info->mode == MBEDTLS_MODE_OFB) {
+        if (0 != (ret = ctx->cipher_info->base->ofb_func(ctx->cipher_ctx,
+                                                         ilen, &ctx->unprocessed_len, ctx->iv,
+                                                         input, output))) {
+            return ret;
+        }
+
+        *olen = ilen;
+
+        return 0;
+    }
+#endif /* MBEDTLS_CIPHER_MODE_OFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    if (ctx->cipher_info->mode == MBEDTLS_MODE_CTR) {
+        if (0 != (ret = ctx->cipher_info->base->ctr_func(ctx->cipher_ctx,
+                                                         ilen, &ctx->unprocessed_len, ctx->iv,
+                                                         ctx->unprocessed_data, input, output))) {
+            return ret;
+        }
+
+        *olen = ilen;
+
+        return 0;
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    if (ctx->cipher_info->mode == MBEDTLS_MODE_XTS) {
+        if (ctx->unprocessed_len > 0) {
+            /* We can only process an entire data unit at a time. */
+            return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+        }
+
+        ret = ctx->cipher_info->base->xts_func(ctx->cipher_ctx,
+                                               ctx->operation, ilen, ctx->iv, input, output);
+        if (ret != 0) {
+            return ret;
+        }
+
+        *olen = ilen;
+
+        return 0;
+    }
+#endif /* MBEDTLS_CIPHER_MODE_XTS */
+
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    if (ctx->cipher_info->mode == MBEDTLS_MODE_STREAM) {
+        if (0 != (ret = ctx->cipher_info->base->stream_func(ctx->cipher_ctx,
+                                                            ilen, input, output))) {
+            return ret;
+        }
+
+        *olen = ilen;
+
+        return 0;
+    }
+#endif /* MBEDTLS_CIPHER_MODE_STREAM */
+
+    return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+/*
+ * PKCS7 (and PKCS5) padding: fill with ll bytes, with ll = padding_len
+ */
+static void add_pkcs_padding(unsigned char *output, size_t output_len,
+                             size_t data_len)
+{
+    size_t padding_len = output_len - data_len;
+    unsigned char i;
+
+    for (i = 0; i < padding_len; i++) {
+        output[data_len + i] = (unsigned char) padding_len;
+    }
+}
+
+static int get_pkcs_padding(unsigned char *input, size_t input_len,
+                            size_t *data_len)
+{
+    size_t i, pad_idx;
+    unsigned char padding_len, bad = 0;
+
+    if (NULL == input || NULL == data_len) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    padding_len = input[input_len - 1];
+    *data_len = input_len - padding_len;
+
+    /* Avoid logical || since it results in a branch */
+    bad |= ~mbedtls_ct_size_mask_ge(input_len, padding_len);
+    bad |= mbedtls_ct_size_bool_eq(padding_len, 0);
+
+    /* The number of bytes checked must be independent of padding_len,
+     * so pick input_len, which is usually 8 or 16 (one block) */
+    pad_idx = input_len - padding_len;
+    for (i = 0; i < input_len; i++) {
+        size_t mask = mbedtls_ct_size_mask_ge(i, pad_idx);
+        bad |= (input[i] ^ padding_len) & mask;
+    }
+    return -(int) mbedtls_ct_uint_if(bad, -MBEDTLS_ERR_CIPHER_INVALID_PADDING, 0);
+}
+#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */
+
+#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS)
+/*
+ * One and zeros padding: fill with 80 00 ... 00
+ */
+static void add_one_and_zeros_padding(unsigned char *output,
+                                      size_t output_len, size_t data_len)
+{
+    size_t padding_len = output_len - data_len;
+    unsigned char i = 0;
+
+    output[data_len] = 0x80;
+    for (i = 1; i < padding_len; i++) {
+        output[data_len + i] = 0x00;
+    }
+}
+
+static int get_one_and_zeros_padding(unsigned char *input, size_t input_len,
+                                     size_t *data_len)
+{
+    unsigned int bad = 1;
+
+    if (NULL == input || NULL == data_len) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    *data_len = 0;
+    size_t in_padding = ~0;
+
+    for (ptrdiff_t i = (ptrdiff_t) (input_len) - 1; i >= 0; i--) {
+        size_t is_nonzero = mbedtls_ct_uint_mask(input[i]);
+
+        size_t hit_first_nonzero = is_nonzero & in_padding;
+
+        *data_len = (*data_len & ~hit_first_nonzero) | ((size_t) i & hit_first_nonzero);
+
+        bad = mbedtls_ct_uint_if((unsigned int) hit_first_nonzero,
+                                 !mbedtls_ct_size_bool_eq(input[i], 0x80), bad);
+
+        in_padding = in_padding & ~is_nonzero;
+    }
+
+    return -(int) mbedtls_ct_uint_if(bad, -MBEDTLS_ERR_CIPHER_INVALID_PADDING, 0);
+}
+#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */
+
+#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN)
+/*
+ * Zeros and len padding: fill with 00 ... 00 ll, where ll is padding length
+ */
+static void add_zeros_and_len_padding(unsigned char *output,
+                                      size_t output_len, size_t data_len)
+{
+    size_t padding_len = output_len - data_len;
+    unsigned char i = 0;
+
+    for (i = 1; i < padding_len; i++) {
+        output[data_len + i - 1] = 0x00;
+    }
+    output[output_len - 1] = (unsigned char) padding_len;
+}
+
+static int get_zeros_and_len_padding(unsigned char *input, size_t input_len,
+                                     size_t *data_len)
+{
+    size_t i, pad_idx;
+    unsigned char padding_len, bad = 0;
+
+    if (NULL == input || NULL == data_len) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    padding_len = input[input_len - 1];
+    *data_len = input_len - padding_len;
+
+    /* Avoid logical || since it results in a branch */
+    bad |= mbedtls_ct_size_mask_ge(padding_len, input_len + 1);
+    bad |= mbedtls_ct_size_bool_eq(padding_len, 0);
+
+    /* The number of bytes checked must be independent of padding_len */
+    pad_idx = input_len - padding_len;
+    for (i = 0; i < input_len - 1; i++) {
+        size_t mask = mbedtls_ct_size_mask_ge(i, pad_idx);
+        bad |= input[i] & mask;
+    }
+
+    return -(int) mbedtls_ct_uint_if(bad, -MBEDTLS_ERR_CIPHER_INVALID_PADDING, 0);
+}
+#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */
+
+#if defined(MBEDTLS_CIPHER_PADDING_ZEROS)
+/*
+ * Zero padding: fill with 00 ... 00
+ */
+static void add_zeros_padding(unsigned char *output,
+                              size_t output_len, size_t data_len)
+{
+    size_t i;
+
+    for (i = data_len; i < output_len; i++) {
+        output[i] = 0x00;
+    }
+}
+
+static int get_zeros_padding(unsigned char *input, size_t input_len,
+                             size_t *data_len)
+{
+    size_t i;
+    unsigned char done = 0, prev_done;
+
+    if (NULL == input || NULL == data_len) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    *data_len = 0;
+    for (i = input_len; i > 0; i--) {
+        prev_done = done;
+        done |= !mbedtls_ct_size_bool_eq(input[i-1], 0);
+        size_t mask = mbedtls_ct_size_mask(done ^ prev_done);
+        *data_len |= i & mask;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_CIPHER_PADDING_ZEROS */
+
+/*
+ * No padding: don't pad :)
+ *
+ * There is no add_padding function (check for NULL in mbedtls_cipher_finish)
+ * but a trivial get_padding function
+ */
+static int get_no_padding(unsigned char *input, size_t input_len,
+                          size_t *data_len)
+{
+    if (NULL == input || NULL == data_len) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    *data_len = input_len;
+
+    return 0;
+}
+#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
+
+int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx,
+                          unsigned char *output, size_t *olen)
+{
+    CIPHER_VALIDATE_RET(ctx != NULL);
+    CIPHER_VALIDATE_RET(output != NULL);
+    CIPHER_VALIDATE_RET(olen != NULL);
+    if (ctx->cipher_info == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (ctx->psa_enabled == 1) {
+        /* While PSA Crypto has an API for multipart
+         * operations, we currently don't make it
+         * accessible through the cipher layer. */
+        return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    *olen = 0;
+
+    if (MBEDTLS_MODE_CFB == ctx->cipher_info->mode ||
+        MBEDTLS_MODE_OFB == ctx->cipher_info->mode ||
+        MBEDTLS_MODE_CTR == ctx->cipher_info->mode ||
+        MBEDTLS_MODE_GCM == ctx->cipher_info->mode ||
+        MBEDTLS_MODE_XTS == ctx->cipher_info->mode ||
+        MBEDTLS_MODE_STREAM == ctx->cipher_info->mode) {
+        return 0;
+    }
+
+    if ((MBEDTLS_CIPHER_CHACHA20          == ctx->cipher_info->type) ||
+        (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type)) {
+        return 0;
+    }
+
+    if (MBEDTLS_MODE_ECB == ctx->cipher_info->mode) {
+        if (ctx->unprocessed_len != 0) {
+            return MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED;
+        }
+
+        return 0;
+    }
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    if (MBEDTLS_MODE_CBC == ctx->cipher_info->mode) {
+        int ret = 0;
+
+        if (MBEDTLS_ENCRYPT == ctx->operation) {
+            /* check for 'no padding' mode */
+            if (NULL == ctx->add_padding) {
+                if (0 != ctx->unprocessed_len) {
+                    return MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED;
+                }
+
+                return 0;
+            }
+
+            ctx->add_padding(ctx->unprocessed_data, mbedtls_cipher_get_iv_size(ctx),
+                             ctx->unprocessed_len);
+        } else if (mbedtls_cipher_get_block_size(ctx) != ctx->unprocessed_len) {
+            /*
+             * For decrypt operations, expect a full block,
+             * or an empty block if no padding
+             */
+            if (NULL == ctx->add_padding && 0 == ctx->unprocessed_len) {
+                return 0;
+            }
+
+            return MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED;
+        }
+
+        /* cipher block */
+        if (0 != (ret = ctx->cipher_info->base->cbc_func(ctx->cipher_ctx,
+                                                         ctx->operation,
+                                                         mbedtls_cipher_get_block_size(ctx),
+                                                         ctx->iv,
+                                                         ctx->unprocessed_data, output))) {
+            return ret;
+        }
+
+        /* Set output size for decryption */
+        if (MBEDTLS_DECRYPT == ctx->operation) {
+            return ctx->get_padding(output, mbedtls_cipher_get_block_size(ctx),
+                                    olen);
+        }
+
+        /* Set output size for encryption */
+        *olen = mbedtls_cipher_get_block_size(ctx);
+        return 0;
+    }
+#else
+    ((void) output);
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+    return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx,
+                                    mbedtls_cipher_padding_t mode)
+{
+    CIPHER_VALIDATE_RET(ctx != NULL);
+
+    if (NULL == ctx->cipher_info || MBEDTLS_MODE_CBC != ctx->cipher_info->mode) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (ctx->psa_enabled == 1) {
+        /* While PSA Crypto knows about CBC padding
+         * schemes, we currently don't make them
+         * accessible through the cipher layer. */
+        if (mode != MBEDTLS_PADDING_NONE) {
+            return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+        }
+
+        return 0;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    switch (mode) {
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+        case MBEDTLS_PADDING_PKCS7:
+            ctx->add_padding = add_pkcs_padding;
+            ctx->get_padding = get_pkcs_padding;
+            break;
+#endif
+#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS)
+        case MBEDTLS_PADDING_ONE_AND_ZEROS:
+            ctx->add_padding = add_one_and_zeros_padding;
+            ctx->get_padding = get_one_and_zeros_padding;
+            break;
+#endif
+#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN)
+        case MBEDTLS_PADDING_ZEROS_AND_LEN:
+            ctx->add_padding = add_zeros_and_len_padding;
+            ctx->get_padding = get_zeros_and_len_padding;
+            break;
+#endif
+#if defined(MBEDTLS_CIPHER_PADDING_ZEROS)
+        case MBEDTLS_PADDING_ZEROS:
+            ctx->add_padding = add_zeros_padding;
+            ctx->get_padding = get_zeros_padding;
+            break;
+#endif
+        case MBEDTLS_PADDING_NONE:
+            ctx->add_padding = NULL;
+            ctx->get_padding = get_no_padding;
+            break;
+
+        default:
+            return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx,
+                             unsigned char *tag, size_t tag_len)
+{
+    CIPHER_VALIDATE_RET(ctx != NULL);
+    CIPHER_VALIDATE_RET(tag_len == 0 || tag != NULL);
+    if (ctx->cipher_info == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    if (MBEDTLS_ENCRYPT != ctx->operation) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (ctx->psa_enabled == 1) {
+        /* While PSA Crypto has an API for multipart
+         * operations, we currently don't make it
+         * accessible through the cipher layer. */
+        return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_GCM_C)
+    if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) {
+        return mbedtls_gcm_finish((mbedtls_gcm_context *) ctx->cipher_ctx,
+                                  tag, tag_len);
+    }
+#endif
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+    if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) {
+        /* Don't allow truncated MAC for Poly1305 */
+        if (tag_len != 16U) {
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+        }
+
+        return mbedtls_chachapoly_finish(
+            (mbedtls_chachapoly_context *) ctx->cipher_ctx, tag);
+    }
+#endif
+
+    return 0;
+}
+
+int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx,
+                             const unsigned char *tag, size_t tag_len)
+{
+    unsigned char check_tag[16];
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    CIPHER_VALIDATE_RET(ctx != NULL);
+    CIPHER_VALIDATE_RET(tag_len == 0 || tag != NULL);
+    if (ctx->cipher_info == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    if (MBEDTLS_DECRYPT != ctx->operation) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (ctx->psa_enabled == 1) {
+        /* While PSA Crypto has an API for multipart
+         * operations, we currently don't make it
+         * accessible through the cipher layer. */
+        return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    /* Status to return on a non-authenticated algorithm. It would make sense
+     * to return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT or perhaps
+     * MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, but at the time I write this our
+     * unit tests assume 0. */
+    ret = 0;
+
+#if defined(MBEDTLS_GCM_C)
+    if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) {
+        if (tag_len > sizeof(check_tag)) {
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+        }
+
+        if (0 != (ret = mbedtls_gcm_finish(
+                      (mbedtls_gcm_context *) ctx->cipher_ctx,
+                      check_tag, tag_len))) {
+            return ret;
+        }
+
+        /* Check the tag in "constant-time" */
+        if (mbedtls_ct_memcmp(tag, check_tag, tag_len) != 0) {
+            ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
+            goto exit;
+        }
+    }
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+    if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) {
+        /* Don't allow truncated MAC for Poly1305 */
+        if (tag_len != sizeof(check_tag)) {
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+        }
+
+        ret = mbedtls_chachapoly_finish(
+            (mbedtls_chachapoly_context *) ctx->cipher_ctx, check_tag);
+        if (ret != 0) {
+            return ret;
+        }
+
+        /* Check the tag in "constant-time" */
+        if (mbedtls_ct_memcmp(tag, check_tag, tag_len) != 0) {
+            ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
+            goto exit;
+        }
+    }
+#endif /* MBEDTLS_CHACHAPOLY_C */
+
+exit:
+    mbedtls_platform_zeroize(check_tag, tag_len);
+    return ret;
+}
+#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
+
+/*
+ * Packet-oriented wrapper for non-AEAD modes
+ */
+int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx,
+                         const unsigned char *iv, size_t iv_len,
+                         const unsigned char *input, size_t ilen,
+                         unsigned char *output, size_t *olen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t finish_olen;
+
+    CIPHER_VALIDATE_RET(ctx != NULL);
+    CIPHER_VALIDATE_RET(iv_len == 0 || iv != NULL);
+    CIPHER_VALIDATE_RET(ilen == 0 || input != NULL);
+    CIPHER_VALIDATE_RET(output != NULL);
+    CIPHER_VALIDATE_RET(olen != NULL);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (ctx->psa_enabled == 1) {
+        /* As in the non-PSA case, we don't check that
+         * a key has been set. If not, the key slot will
+         * still be in its default state of 0, which is
+         * guaranteed to be invalid, hence the PSA-call
+         * below will gracefully fail. */
+        mbedtls_cipher_context_psa * const cipher_psa =
+            (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
+
+        psa_status_t status;
+        psa_cipher_operation_t cipher_op = PSA_CIPHER_OPERATION_INIT;
+        size_t part_len;
+
+        if (ctx->operation == MBEDTLS_DECRYPT) {
+            status = psa_cipher_decrypt_setup(&cipher_op,
+                                              cipher_psa->slot,
+                                              cipher_psa->alg);
+        } else if (ctx->operation == MBEDTLS_ENCRYPT) {
+            status = psa_cipher_encrypt_setup(&cipher_op,
+                                              cipher_psa->slot,
+                                              cipher_psa->alg);
+        } else {
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+        }
+
+        /* In the following, we can immediately return on an error,
+         * because the PSA Crypto API guarantees that cipher operations
+         * are terminated by unsuccessful calls to psa_cipher_update(),
+         * and by any call to psa_cipher_finish(). */
+        if (status != PSA_SUCCESS) {
+            return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED;
+        }
+
+        if (ctx->cipher_info->mode != MBEDTLS_MODE_ECB) {
+            status = psa_cipher_set_iv(&cipher_op, iv, iv_len);
+            if (status != PSA_SUCCESS) {
+                return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED;
+            }
+        }
+
+        status = psa_cipher_update(&cipher_op,
+                                   input, ilen,
+                                   output, ilen, olen);
+        if (status != PSA_SUCCESS) {
+            return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED;
+        }
+
+        status = psa_cipher_finish(&cipher_op,
+                                   output + *olen, ilen - *olen,
+                                   &part_len);
+        if (status != PSA_SUCCESS) {
+            return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED;
+        }
+
+        *olen += part_len;
+        return 0;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if ((ret = mbedtls_cipher_set_iv(ctx, iv, iv_len)) != 0) {
+        return ret;
+    }
+
+    if ((ret = mbedtls_cipher_reset(ctx)) != 0) {
+        return ret;
+    }
+
+    if ((ret = mbedtls_cipher_update(ctx, input, ilen,
+                                     output, olen)) != 0) {
+        return ret;
+    }
+
+    if ((ret = mbedtls_cipher_finish(ctx, output + *olen,
+                                     &finish_olen)) != 0) {
+        return ret;
+    }
+
+    *olen += finish_olen;
+
+    return 0;
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_AEAD)
+/*
+ * Packet-oriented encryption for AEAD modes: internal function shared by
+ * mbedtls_cipher_auth_encrypt() and mbedtls_cipher_auth_encrypt_ext().
+ */
+static int mbedtls_cipher_aead_encrypt(mbedtls_cipher_context_t *ctx,
+                                       const unsigned char *iv, size_t iv_len,
+                                       const unsigned char *ad, size_t ad_len,
+                                       const unsigned char *input, size_t ilen,
+                                       unsigned char *output, size_t *olen,
+                                       unsigned char *tag, size_t tag_len)
+{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (ctx->psa_enabled == 1) {
+        /* As in the non-PSA case, we don't check that
+         * a key has been set. If not, the key slot will
+         * still be in its default state of 0, which is
+         * guaranteed to be invalid, hence the PSA-call
+         * below will gracefully fail. */
+        mbedtls_cipher_context_psa * const cipher_psa =
+            (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
+
+        psa_status_t status;
+
+        /* PSA Crypto API always writes the authentication tag
+         * at the end of the encrypted message. */
+        if (output == NULL || tag != output + ilen) {
+            return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+        }
+
+        status = psa_aead_encrypt(cipher_psa->slot,
+                                  cipher_psa->alg,
+                                  iv, iv_len,
+                                  ad, ad_len,
+                                  input, ilen,
+                                  output, ilen + tag_len, olen);
+        if (status != PSA_SUCCESS) {
+            return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED;
+        }
+
+        *olen -= tag_len;
+        return 0;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_GCM_C)
+    if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) {
+        *olen = ilen;
+        return mbedtls_gcm_crypt_and_tag(ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT,
+                                         ilen, iv, iv_len, ad, ad_len,
+                                         input, output, tag_len, tag);
+    }
+#endif /* MBEDTLS_GCM_C */
+#if defined(MBEDTLS_CCM_C)
+    if (MBEDTLS_MODE_CCM == ctx->cipher_info->mode) {
+        *olen = ilen;
+        return mbedtls_ccm_encrypt_and_tag(ctx->cipher_ctx, ilen,
+                                           iv, iv_len, ad, ad_len, input, output,
+                                           tag, tag_len);
+    }
+#endif /* MBEDTLS_CCM_C */
+#if defined(MBEDTLS_CHACHAPOLY_C)
+    if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) {
+        /* ChachaPoly has fixed length nonce and MAC (tag) */
+        if ((iv_len != ctx->cipher_info->iv_size) ||
+            (tag_len != 16U)) {
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+        }
+
+        *olen = ilen;
+        return mbedtls_chachapoly_encrypt_and_tag(ctx->cipher_ctx,
+                                                  ilen, iv, ad, ad_len, input, output, tag);
+    }
+#endif /* MBEDTLS_CHACHAPOLY_C */
+
+    return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+}
+
+/*
+ * Packet-oriented encryption for AEAD modes: internal function shared by
+ * mbedtls_cipher_auth_encrypt() and mbedtls_cipher_auth_encrypt_ext().
+ */
+static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx,
+                                       const unsigned char *iv, size_t iv_len,
+                                       const unsigned char *ad, size_t ad_len,
+                                       const unsigned char *input, size_t ilen,
+                                       unsigned char *output, size_t *olen,
+                                       const unsigned char *tag, size_t tag_len)
+{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (ctx->psa_enabled == 1) {
+        /* As in the non-PSA case, we don't check that
+         * a key has been set. If not, the key slot will
+         * still be in its default state of 0, which is
+         * guaranteed to be invalid, hence the PSA-call
+         * below will gracefully fail. */
+        mbedtls_cipher_context_psa * const cipher_psa =
+            (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
+
+        psa_status_t status;
+
+        /* PSA Crypto API always writes the authentication tag
+         * at the end of the encrypted message. */
+        if (input == NULL || tag != input + ilen) {
+            return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+        }
+
+        status = psa_aead_decrypt(cipher_psa->slot,
+                                  cipher_psa->alg,
+                                  iv, iv_len,
+                                  ad, ad_len,
+                                  input, ilen + tag_len,
+                                  output, ilen, olen);
+        if (status == PSA_ERROR_INVALID_SIGNATURE) {
+            return MBEDTLS_ERR_CIPHER_AUTH_FAILED;
+        } else if (status != PSA_SUCCESS) {
+            return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED;
+        }
+
+        return 0;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_GCM_C)
+    if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) {
+        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+        *olen = ilen;
+        ret = mbedtls_gcm_auth_decrypt(ctx->cipher_ctx, ilen,
+                                       iv, iv_len, ad, ad_len,
+                                       tag, tag_len, input, output);
+
+        if (ret == MBEDTLS_ERR_GCM_AUTH_FAILED) {
+            ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
+        }
+
+        return ret;
+    }
+#endif /* MBEDTLS_GCM_C */
+#if defined(MBEDTLS_CCM_C)
+    if (MBEDTLS_MODE_CCM == ctx->cipher_info->mode) {
+        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+        *olen = ilen;
+        ret = mbedtls_ccm_auth_decrypt(ctx->cipher_ctx, ilen,
+                                       iv, iv_len, ad, ad_len,
+                                       input, output, tag, tag_len);
+
+        if (ret == MBEDTLS_ERR_CCM_AUTH_FAILED) {
+            ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
+        }
+
+        return ret;
+    }
+#endif /* MBEDTLS_CCM_C */
+#if defined(MBEDTLS_CHACHAPOLY_C)
+    if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) {
+        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+        /* ChachaPoly has fixed length nonce and MAC (tag) */
+        if ((iv_len != ctx->cipher_info->iv_size) ||
+            (tag_len != 16U)) {
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+        }
+
+        *olen = ilen;
+        ret = mbedtls_chachapoly_auth_decrypt(ctx->cipher_ctx, ilen,
+                                              iv, ad, ad_len, tag, input, output);
+
+        if (ret == MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED) {
+            ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
+        }
+
+        return ret;
+    }
+#endif /* MBEDTLS_CHACHAPOLY_C */
+
+    return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+/*
+ * Packet-oriented encryption for AEAD modes: public legacy function.
+ */
+int mbedtls_cipher_auth_encrypt(mbedtls_cipher_context_t *ctx,
+                                const unsigned char *iv, size_t iv_len,
+                                const unsigned char *ad, size_t ad_len,
+                                const unsigned char *input, size_t ilen,
+                                unsigned char *output, size_t *olen,
+                                unsigned char *tag, size_t tag_len)
+{
+    CIPHER_VALIDATE_RET(ctx != NULL);
+    CIPHER_VALIDATE_RET(iv_len == 0 || iv != NULL);
+    CIPHER_VALIDATE_RET(ad_len == 0 || ad != NULL);
+    CIPHER_VALIDATE_RET(ilen == 0 || input != NULL);
+    CIPHER_VALIDATE_RET(ilen == 0 || output != NULL);
+    CIPHER_VALIDATE_RET(olen != NULL);
+    CIPHER_VALIDATE_RET(tag_len == 0 || tag != NULL);
+
+    return mbedtls_cipher_aead_encrypt(ctx, iv, iv_len, ad, ad_len,
+                                       input, ilen, output, olen,
+                                       tag, tag_len);
+}
+
+/*
+ * Packet-oriented decryption for AEAD modes: public legacy function.
+ */
+int mbedtls_cipher_auth_decrypt(mbedtls_cipher_context_t *ctx,
+                                const unsigned char *iv, size_t iv_len,
+                                const unsigned char *ad, size_t ad_len,
+                                const unsigned char *input, size_t ilen,
+                                unsigned char *output, size_t *olen,
+                                const unsigned char *tag, size_t tag_len)
+{
+    CIPHER_VALIDATE_RET(ctx != NULL);
+    CIPHER_VALIDATE_RET(iv_len == 0 || iv != NULL);
+    CIPHER_VALIDATE_RET(ad_len == 0 || ad != NULL);
+    CIPHER_VALIDATE_RET(ilen == 0 || input != NULL);
+    CIPHER_VALIDATE_RET(ilen == 0 || output != NULL);
+    CIPHER_VALIDATE_RET(olen != NULL);
+    CIPHER_VALIDATE_RET(tag_len == 0 || tag != NULL);
+
+    return mbedtls_cipher_aead_decrypt(ctx, iv, iv_len, ad, ad_len,
+                                       input, ilen, output, olen,
+                                       tag, tag_len);
+}
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+#endif /* MBEDTLS_CIPHER_MODE_AEAD */
+
+#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
+/*
+ * Packet-oriented encryption for AEAD/NIST_KW: public function.
+ */
+int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx,
+                                    const unsigned char *iv, size_t iv_len,
+                                    const unsigned char *ad, size_t ad_len,
+                                    const unsigned char *input, size_t ilen,
+                                    unsigned char *output, size_t output_len,
+                                    size_t *olen, size_t tag_len)
+{
+    CIPHER_VALIDATE_RET(ctx != NULL);
+    CIPHER_VALIDATE_RET(iv_len == 0 || iv != NULL);
+    CIPHER_VALIDATE_RET(ad_len == 0 || ad != NULL);
+    CIPHER_VALIDATE_RET(ilen == 0 || input != NULL);
+    CIPHER_VALIDATE_RET(output != NULL);
+    CIPHER_VALIDATE_RET(olen != NULL);
+
+#if defined(MBEDTLS_NIST_KW_C)
+    if (
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        ctx->psa_enabled == 0 &&
+#endif
+        (MBEDTLS_MODE_KW == ctx->cipher_info->mode ||
+         MBEDTLS_MODE_KWP == ctx->cipher_info->mode)) {
+        mbedtls_nist_kw_mode_t mode = (MBEDTLS_MODE_KW == ctx->cipher_info->mode) ?
+                                      MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP;
+
+        /* There is no iv, tag or ad associated with KW and KWP,
+         * so these length should be 0 as documented. */
+        if (iv_len != 0 || tag_len != 0 || ad_len != 0) {
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+        }
+
+        (void) iv;
+        (void) ad;
+
+        return mbedtls_nist_kw_wrap(ctx->cipher_ctx, mode, input, ilen,
+                                    output, olen, output_len);
+    }
+#endif /* MBEDTLS_NIST_KW_C */
+
+#if defined(MBEDTLS_CIPHER_MODE_AEAD)
+    /* AEAD case: check length before passing on to shared function */
+    if (output_len < ilen + tag_len) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    int ret = mbedtls_cipher_aead_encrypt(ctx, iv, iv_len, ad, ad_len,
+                                          input, ilen, output, olen,
+                                          output + ilen, tag_len);
+    *olen += tag_len;
+    return ret;
+#else
+    return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+#endif /* MBEDTLS_CIPHER_MODE_AEAD */
+}
+
+/*
+ * Packet-oriented decryption for AEAD/NIST_KW: public function.
+ */
+int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx,
+                                    const unsigned char *iv, size_t iv_len,
+                                    const unsigned char *ad, size_t ad_len,
+                                    const unsigned char *input, size_t ilen,
+                                    unsigned char *output, size_t output_len,
+                                    size_t *olen, size_t tag_len)
+{
+    CIPHER_VALIDATE_RET(ctx != NULL);
+    CIPHER_VALIDATE_RET(iv_len == 0 || iv != NULL);
+    CIPHER_VALIDATE_RET(ad_len == 0 || ad != NULL);
+    CIPHER_VALIDATE_RET(ilen == 0 || input != NULL);
+    CIPHER_VALIDATE_RET(output_len == 0 || output != NULL);
+    CIPHER_VALIDATE_RET(olen != NULL);
+
+#if defined(MBEDTLS_NIST_KW_C)
+    if (
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        ctx->psa_enabled == 0 &&
+#endif
+        (MBEDTLS_MODE_KW == ctx->cipher_info->mode ||
+         MBEDTLS_MODE_KWP == ctx->cipher_info->mode)) {
+        mbedtls_nist_kw_mode_t mode = (MBEDTLS_MODE_KW == ctx->cipher_info->mode) ?
+                                      MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP;
+
+        /* There is no iv, tag or ad associated with KW and KWP,
+         * so these length should be 0 as documented. */
+        if (iv_len != 0 || tag_len != 0 || ad_len != 0) {
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+        }
+
+        (void) iv;
+        (void) ad;
+
+        return mbedtls_nist_kw_unwrap(ctx->cipher_ctx, mode, input, ilen,
+                                      output, olen, output_len);
+    }
+#endif /* MBEDTLS_NIST_KW_C */
+
+#if defined(MBEDTLS_CIPHER_MODE_AEAD)
+    /* AEAD case: check length before passing on to shared function */
+    if (ilen < tag_len || output_len < ilen - tag_len) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    return mbedtls_cipher_aead_decrypt(ctx, iv, iv_len, ad, ad_len,
+                                       input, ilen - tag_len, output, olen,
+                                       input + ilen - tag_len, tag_len);
+#else
+    return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+#endif /* MBEDTLS_CIPHER_MODE_AEAD */
+}
+#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */
+
+#endif /* MBEDTLS_CIPHER_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/cipher_wrap.c b/3rdparty/mbedtls-2.28.7/library/cipher_wrap.c
new file mode 100644
index 0000000..5f8dde3
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/cipher_wrap.c
@@ -0,0 +1,2407 @@
+/**
+ * \file cipher_wrap.c
+ *
+ * \brief Generic cipher wrapper for Mbed TLS
+ *
+ * \author Adriaan de Jong <dejong@fox-it.com>
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_CIPHER_C)
+
+#include "mbedtls/cipher_internal.h"
+#include "mbedtls/error.h"
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+#include "mbedtls/chachapoly.h"
+#endif
+
+#if defined(MBEDTLS_AES_C)
+#include "mbedtls/aes.h"
+#endif
+
+#if defined(MBEDTLS_ARC4_C)
+#include "mbedtls/arc4.h"
+#endif
+
+#if defined(MBEDTLS_CAMELLIA_C)
+#include "mbedtls/camellia.h"
+#endif
+
+#if defined(MBEDTLS_ARIA_C)
+#include "mbedtls/aria.h"
+#endif
+
+#if defined(MBEDTLS_DES_C)
+#include "mbedtls/des.h"
+#endif
+
+#if defined(MBEDTLS_BLOWFISH_C)
+#include "mbedtls/blowfish.h"
+#endif
+
+#if defined(MBEDTLS_CHACHA20_C)
+#include "mbedtls/chacha20.h"
+#endif
+
+#if defined(MBEDTLS_GCM_C)
+#include "mbedtls/gcm.h"
+#endif
+
+#if defined(MBEDTLS_CCM_C)
+#include "mbedtls/ccm.h"
+#endif
+
+#if defined(MBEDTLS_NIST_KW_C)
+#include "mbedtls/nist_kw.h"
+#endif
+
+#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
+#include <string.h>
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_GCM_C)
+/* shared by all GCM ciphers */
+static void *gcm_ctx_alloc(void)
+{
+    void *ctx = mbedtls_calloc(1, sizeof(mbedtls_gcm_context));
+
+    if (ctx != NULL) {
+        mbedtls_gcm_init((mbedtls_gcm_context *) ctx);
+    }
+
+    return ctx;
+}
+
+static void gcm_ctx_free(void *ctx)
+{
+    mbedtls_gcm_free(ctx);
+    mbedtls_free(ctx);
+}
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_CCM_C)
+/* shared by all CCM ciphers */
+static void *ccm_ctx_alloc(void)
+{
+    void *ctx = mbedtls_calloc(1, sizeof(mbedtls_ccm_context));
+
+    if (ctx != NULL) {
+        mbedtls_ccm_init((mbedtls_ccm_context *) ctx);
+    }
+
+    return ctx;
+}
+
+static void ccm_ctx_free(void *ctx)
+{
+    mbedtls_ccm_free(ctx);
+    mbedtls_free(ctx);
+}
+#endif /* MBEDTLS_CCM_C */
+
+#if defined(MBEDTLS_AES_C)
+
+static int aes_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation,
+                              const unsigned char *input, unsigned char *output)
+{
+    return mbedtls_aes_crypt_ecb((mbedtls_aes_context *) ctx, operation, input, output);
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static int aes_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, size_t length,
+                              unsigned char *iv, const unsigned char *input, unsigned char *output)
+{
+    return mbedtls_aes_crypt_cbc((mbedtls_aes_context *) ctx, operation, length, iv, input,
+                                 output);
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+static int aes_crypt_cfb128_wrap(void *ctx, mbedtls_operation_t operation,
+                                 size_t length, size_t *iv_off, unsigned char *iv,
+                                 const unsigned char *input, unsigned char *output)
+{
+    return mbedtls_aes_crypt_cfb128((mbedtls_aes_context *) ctx, operation, length, iv_off, iv,
+                                    input, output);
+}
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+static int aes_crypt_ofb_wrap(void *ctx, size_t length, size_t *iv_off,
+                              unsigned char *iv, const unsigned char *input, unsigned char *output)
+{
+    return mbedtls_aes_crypt_ofb((mbedtls_aes_context *) ctx, length, iv_off,
+                                 iv, input, output);
+}
+#endif /* MBEDTLS_CIPHER_MODE_OFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+static int aes_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off,
+                              unsigned char *nonce_counter, unsigned char *stream_block,
+                              const unsigned char *input, unsigned char *output)
+{
+    return mbedtls_aes_crypt_ctr((mbedtls_aes_context *) ctx, length, nc_off, nonce_counter,
+                                 stream_block, input, output);
+}
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+static int aes_crypt_xts_wrap(void *ctx, mbedtls_operation_t operation,
+                              size_t length,
+                              const unsigned char data_unit[16],
+                              const unsigned char *input,
+                              unsigned char *output)
+{
+    mbedtls_aes_xts_context *xts_ctx = ctx;
+    int mode;
+
+    switch (operation) {
+        case MBEDTLS_ENCRYPT:
+            mode = MBEDTLS_AES_ENCRYPT;
+            break;
+        case MBEDTLS_DECRYPT:
+            mode = MBEDTLS_AES_DECRYPT;
+            break;
+        default:
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    return mbedtls_aes_crypt_xts(xts_ctx, mode, length,
+                                 data_unit, input, output);
+}
+#endif /* MBEDTLS_CIPHER_MODE_XTS */
+
+static int aes_setkey_dec_wrap(void *ctx, const unsigned char *key,
+                               unsigned int key_bitlen)
+{
+    return mbedtls_aes_setkey_dec((mbedtls_aes_context *) ctx, key, key_bitlen);
+}
+
+static int aes_setkey_enc_wrap(void *ctx, const unsigned char *key,
+                               unsigned int key_bitlen)
+{
+    return mbedtls_aes_setkey_enc((mbedtls_aes_context *) ctx, key, key_bitlen);
+}
+
+static void *aes_ctx_alloc(void)
+{
+    mbedtls_aes_context *aes = mbedtls_calloc(1, sizeof(mbedtls_aes_context));
+
+    if (aes == NULL) {
+        return NULL;
+    }
+
+    mbedtls_aes_init(aes);
+
+    return aes;
+}
+
+static void aes_ctx_free(void *ctx)
+{
+    mbedtls_aes_free((mbedtls_aes_context *) ctx);
+    mbedtls_free(ctx);
+}
+
+static const mbedtls_cipher_base_t aes_info = {
+    MBEDTLS_CIPHER_ID_AES,
+    aes_crypt_ecb_wrap,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    aes_crypt_cbc_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    aes_crypt_cfb128_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    aes_crypt_ofb_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    aes_crypt_ctr_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    aes_setkey_enc_wrap,
+    aes_setkey_dec_wrap,
+    aes_ctx_alloc,
+    aes_ctx_free
+};
+
+static const mbedtls_cipher_info_t aes_128_ecb_info = {
+    MBEDTLS_CIPHER_AES_128_ECB,
+    MBEDTLS_MODE_ECB,
+    128,
+    "AES-128-ECB",
+    0,
+    0,
+    16,
+    &aes_info
+};
+
+static const mbedtls_cipher_info_t aes_192_ecb_info = {
+    MBEDTLS_CIPHER_AES_192_ECB,
+    MBEDTLS_MODE_ECB,
+    192,
+    "AES-192-ECB",
+    0,
+    0,
+    16,
+    &aes_info
+};
+
+static const mbedtls_cipher_info_t aes_256_ecb_info = {
+    MBEDTLS_CIPHER_AES_256_ECB,
+    MBEDTLS_MODE_ECB,
+    256,
+    "AES-256-ECB",
+    0,
+    0,
+    16,
+    &aes_info
+};
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static const mbedtls_cipher_info_t aes_128_cbc_info = {
+    MBEDTLS_CIPHER_AES_128_CBC,
+    MBEDTLS_MODE_CBC,
+    128,
+    "AES-128-CBC",
+    16,
+    0,
+    16,
+    &aes_info
+};
+
+static const mbedtls_cipher_info_t aes_192_cbc_info = {
+    MBEDTLS_CIPHER_AES_192_CBC,
+    MBEDTLS_MODE_CBC,
+    192,
+    "AES-192-CBC",
+    16,
+    0,
+    16,
+    &aes_info
+};
+
+static const mbedtls_cipher_info_t aes_256_cbc_info = {
+    MBEDTLS_CIPHER_AES_256_CBC,
+    MBEDTLS_MODE_CBC,
+    256,
+    "AES-256-CBC",
+    16,
+    0,
+    16,
+    &aes_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+static const mbedtls_cipher_info_t aes_128_cfb128_info = {
+    MBEDTLS_CIPHER_AES_128_CFB128,
+    MBEDTLS_MODE_CFB,
+    128,
+    "AES-128-CFB128",
+    16,
+    0,
+    16,
+    &aes_info
+};
+
+static const mbedtls_cipher_info_t aes_192_cfb128_info = {
+    MBEDTLS_CIPHER_AES_192_CFB128,
+    MBEDTLS_MODE_CFB,
+    192,
+    "AES-192-CFB128",
+    16,
+    0,
+    16,
+    &aes_info
+};
+
+static const mbedtls_cipher_info_t aes_256_cfb128_info = {
+    MBEDTLS_CIPHER_AES_256_CFB128,
+    MBEDTLS_MODE_CFB,
+    256,
+    "AES-256-CFB128",
+    16,
+    0,
+    16,
+    &aes_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+static const mbedtls_cipher_info_t aes_128_ofb_info = {
+    MBEDTLS_CIPHER_AES_128_OFB,
+    MBEDTLS_MODE_OFB,
+    128,
+    "AES-128-OFB",
+    16,
+    0,
+    16,
+    &aes_info
+};
+
+static const mbedtls_cipher_info_t aes_192_ofb_info = {
+    MBEDTLS_CIPHER_AES_192_OFB,
+    MBEDTLS_MODE_OFB,
+    192,
+    "AES-192-OFB",
+    16,
+    0,
+    16,
+    &aes_info
+};
+
+static const mbedtls_cipher_info_t aes_256_ofb_info = {
+    MBEDTLS_CIPHER_AES_256_OFB,
+    MBEDTLS_MODE_OFB,
+    256,
+    "AES-256-OFB",
+    16,
+    0,
+    16,
+    &aes_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_OFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+static const mbedtls_cipher_info_t aes_128_ctr_info = {
+    MBEDTLS_CIPHER_AES_128_CTR,
+    MBEDTLS_MODE_CTR,
+    128,
+    "AES-128-CTR",
+    16,
+    0,
+    16,
+    &aes_info
+};
+
+static const mbedtls_cipher_info_t aes_192_ctr_info = {
+    MBEDTLS_CIPHER_AES_192_CTR,
+    MBEDTLS_MODE_CTR,
+    192,
+    "AES-192-CTR",
+    16,
+    0,
+    16,
+    &aes_info
+};
+
+static const mbedtls_cipher_info_t aes_256_ctr_info = {
+    MBEDTLS_CIPHER_AES_256_CTR,
+    MBEDTLS_MODE_CTR,
+    256,
+    "AES-256-CTR",
+    16,
+    0,
+    16,
+    &aes_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+static int xts_aes_setkey_enc_wrap(void *ctx, const unsigned char *key,
+                                   unsigned int key_bitlen)
+{
+    mbedtls_aes_xts_context *xts_ctx = ctx;
+    return mbedtls_aes_xts_setkey_enc(xts_ctx, key, key_bitlen);
+}
+
+static int xts_aes_setkey_dec_wrap(void *ctx, const unsigned char *key,
+                                   unsigned int key_bitlen)
+{
+    mbedtls_aes_xts_context *xts_ctx = ctx;
+    return mbedtls_aes_xts_setkey_dec(xts_ctx, key, key_bitlen);
+}
+
+static void *xts_aes_ctx_alloc(void)
+{
+    mbedtls_aes_xts_context *xts_ctx = mbedtls_calloc(1, sizeof(*xts_ctx));
+
+    if (xts_ctx != NULL) {
+        mbedtls_aes_xts_init(xts_ctx);
+    }
+
+    return xts_ctx;
+}
+
+static void xts_aes_ctx_free(void *ctx)
+{
+    mbedtls_aes_xts_context *xts_ctx = ctx;
+
+    if (xts_ctx == NULL) {
+        return;
+    }
+
+    mbedtls_aes_xts_free(xts_ctx);
+    mbedtls_free(xts_ctx);
+}
+
+static const mbedtls_cipher_base_t xts_aes_info = {
+    MBEDTLS_CIPHER_ID_AES,
+    NULL,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    aes_crypt_xts_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    xts_aes_setkey_enc_wrap,
+    xts_aes_setkey_dec_wrap,
+    xts_aes_ctx_alloc,
+    xts_aes_ctx_free
+};
+
+static const mbedtls_cipher_info_t aes_128_xts_info = {
+    MBEDTLS_CIPHER_AES_128_XTS,
+    MBEDTLS_MODE_XTS,
+    256,
+    "AES-128-XTS",
+    16,
+    0,
+    16,
+    &xts_aes_info
+};
+
+static const mbedtls_cipher_info_t aes_256_xts_info = {
+    MBEDTLS_CIPHER_AES_256_XTS,
+    MBEDTLS_MODE_XTS,
+    512,
+    "AES-256-XTS",
+    16,
+    0,
+    16,
+    &xts_aes_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_XTS */
+
+#if defined(MBEDTLS_GCM_C)
+static int gcm_aes_setkey_wrap(void *ctx, const unsigned char *key,
+                               unsigned int key_bitlen)
+{
+    return mbedtls_gcm_setkey((mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES,
+                              key, key_bitlen);
+}
+
+static const mbedtls_cipher_base_t gcm_aes_info = {
+    MBEDTLS_CIPHER_ID_AES,
+    NULL,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    gcm_aes_setkey_wrap,
+    gcm_aes_setkey_wrap,
+    gcm_ctx_alloc,
+    gcm_ctx_free,
+};
+
+static const mbedtls_cipher_info_t aes_128_gcm_info = {
+    MBEDTLS_CIPHER_AES_128_GCM,
+    MBEDTLS_MODE_GCM,
+    128,
+    "AES-128-GCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &gcm_aes_info
+};
+
+static const mbedtls_cipher_info_t aes_192_gcm_info = {
+    MBEDTLS_CIPHER_AES_192_GCM,
+    MBEDTLS_MODE_GCM,
+    192,
+    "AES-192-GCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &gcm_aes_info
+};
+
+static const mbedtls_cipher_info_t aes_256_gcm_info = {
+    MBEDTLS_CIPHER_AES_256_GCM,
+    MBEDTLS_MODE_GCM,
+    256,
+    "AES-256-GCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &gcm_aes_info
+};
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_CCM_C)
+static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key,
+                               unsigned int key_bitlen)
+{
+    return mbedtls_ccm_setkey((mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_AES,
+                              key, key_bitlen);
+}
+
+static const mbedtls_cipher_base_t ccm_aes_info = {
+    MBEDTLS_CIPHER_ID_AES,
+    NULL,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    ccm_aes_setkey_wrap,
+    ccm_aes_setkey_wrap,
+    ccm_ctx_alloc,
+    ccm_ctx_free,
+};
+
+static const mbedtls_cipher_info_t aes_128_ccm_info = {
+    MBEDTLS_CIPHER_AES_128_CCM,
+    MBEDTLS_MODE_CCM,
+    128,
+    "AES-128-CCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &ccm_aes_info
+};
+
+static const mbedtls_cipher_info_t aes_192_ccm_info = {
+    MBEDTLS_CIPHER_AES_192_CCM,
+    MBEDTLS_MODE_CCM,
+    192,
+    "AES-192-CCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &ccm_aes_info
+};
+
+static const mbedtls_cipher_info_t aes_256_ccm_info = {
+    MBEDTLS_CIPHER_AES_256_CCM,
+    MBEDTLS_MODE_CCM,
+    256,
+    "AES-256-CCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &ccm_aes_info
+};
+#endif /* MBEDTLS_CCM_C */
+
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_CAMELLIA_C)
+
+static int camellia_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation,
+                                   const unsigned char *input, unsigned char *output)
+{
+    return mbedtls_camellia_crypt_ecb((mbedtls_camellia_context *) ctx, operation, input,
+                                      output);
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static int camellia_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation,
+                                   size_t length, unsigned char *iv,
+                                   const unsigned char *input, unsigned char *output)
+{
+    return mbedtls_camellia_crypt_cbc((mbedtls_camellia_context *) ctx, operation, length, iv,
+                                      input, output);
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+static int camellia_crypt_cfb128_wrap(void *ctx, mbedtls_operation_t operation,
+                                      size_t length, size_t *iv_off, unsigned char *iv,
+                                      const unsigned char *input, unsigned char *output)
+{
+    return mbedtls_camellia_crypt_cfb128((mbedtls_camellia_context *) ctx, operation, length,
+                                         iv_off, iv, input, output);
+}
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+static int camellia_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off,
+                                   unsigned char *nonce_counter, unsigned char *stream_block,
+                                   const unsigned char *input, unsigned char *output)
+{
+    return mbedtls_camellia_crypt_ctr((mbedtls_camellia_context *) ctx, length, nc_off,
+                                      nonce_counter, stream_block, input, output);
+}
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+static int camellia_setkey_dec_wrap(void *ctx, const unsigned char *key,
+                                    unsigned int key_bitlen)
+{
+    return mbedtls_camellia_setkey_dec((mbedtls_camellia_context *) ctx, key, key_bitlen);
+}
+
+static int camellia_setkey_enc_wrap(void *ctx, const unsigned char *key,
+                                    unsigned int key_bitlen)
+{
+    return mbedtls_camellia_setkey_enc((mbedtls_camellia_context *) ctx, key, key_bitlen);
+}
+
+static void *camellia_ctx_alloc(void)
+{
+    mbedtls_camellia_context *ctx;
+    ctx = mbedtls_calloc(1, sizeof(mbedtls_camellia_context));
+
+    if (ctx == NULL) {
+        return NULL;
+    }
+
+    mbedtls_camellia_init(ctx);
+
+    return ctx;
+}
+
+static void camellia_ctx_free(void *ctx)
+{
+    mbedtls_camellia_free((mbedtls_camellia_context *) ctx);
+    mbedtls_free(ctx);
+}
+
+static const mbedtls_cipher_base_t camellia_info = {
+    MBEDTLS_CIPHER_ID_CAMELLIA,
+    camellia_crypt_ecb_wrap,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    camellia_crypt_cbc_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    camellia_crypt_cfb128_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    camellia_crypt_ctr_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    camellia_setkey_enc_wrap,
+    camellia_setkey_dec_wrap,
+    camellia_ctx_alloc,
+    camellia_ctx_free
+};
+
+static const mbedtls_cipher_info_t camellia_128_ecb_info = {
+    MBEDTLS_CIPHER_CAMELLIA_128_ECB,
+    MBEDTLS_MODE_ECB,
+    128,
+    "CAMELLIA-128-ECB",
+    0,
+    0,
+    16,
+    &camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_192_ecb_info = {
+    MBEDTLS_CIPHER_CAMELLIA_192_ECB,
+    MBEDTLS_MODE_ECB,
+    192,
+    "CAMELLIA-192-ECB",
+    0,
+    0,
+    16,
+    &camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_256_ecb_info = {
+    MBEDTLS_CIPHER_CAMELLIA_256_ECB,
+    MBEDTLS_MODE_ECB,
+    256,
+    "CAMELLIA-256-ECB",
+    0,
+    0,
+    16,
+    &camellia_info
+};
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static const mbedtls_cipher_info_t camellia_128_cbc_info = {
+    MBEDTLS_CIPHER_CAMELLIA_128_CBC,
+    MBEDTLS_MODE_CBC,
+    128,
+    "CAMELLIA-128-CBC",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_192_cbc_info = {
+    MBEDTLS_CIPHER_CAMELLIA_192_CBC,
+    MBEDTLS_MODE_CBC,
+    192,
+    "CAMELLIA-192-CBC",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_256_cbc_info = {
+    MBEDTLS_CIPHER_CAMELLIA_256_CBC,
+    MBEDTLS_MODE_CBC,
+    256,
+    "CAMELLIA-256-CBC",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+static const mbedtls_cipher_info_t camellia_128_cfb128_info = {
+    MBEDTLS_CIPHER_CAMELLIA_128_CFB128,
+    MBEDTLS_MODE_CFB,
+    128,
+    "CAMELLIA-128-CFB128",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_192_cfb128_info = {
+    MBEDTLS_CIPHER_CAMELLIA_192_CFB128,
+    MBEDTLS_MODE_CFB,
+    192,
+    "CAMELLIA-192-CFB128",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_256_cfb128_info = {
+    MBEDTLS_CIPHER_CAMELLIA_256_CFB128,
+    MBEDTLS_MODE_CFB,
+    256,
+    "CAMELLIA-256-CFB128",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+static const mbedtls_cipher_info_t camellia_128_ctr_info = {
+    MBEDTLS_CIPHER_CAMELLIA_128_CTR,
+    MBEDTLS_MODE_CTR,
+    128,
+    "CAMELLIA-128-CTR",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_192_ctr_info = {
+    MBEDTLS_CIPHER_CAMELLIA_192_CTR,
+    MBEDTLS_MODE_CTR,
+    192,
+    "CAMELLIA-192-CTR",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_256_ctr_info = {
+    MBEDTLS_CIPHER_CAMELLIA_256_CTR,
+    MBEDTLS_MODE_CTR,
+    256,
+    "CAMELLIA-256-CTR",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+#if defined(MBEDTLS_GCM_C)
+static int gcm_camellia_setkey_wrap(void *ctx, const unsigned char *key,
+                                    unsigned int key_bitlen)
+{
+    return mbedtls_gcm_setkey((mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA,
+                              key, key_bitlen);
+}
+
+static const mbedtls_cipher_base_t gcm_camellia_info = {
+    MBEDTLS_CIPHER_ID_CAMELLIA,
+    NULL,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    gcm_camellia_setkey_wrap,
+    gcm_camellia_setkey_wrap,
+    gcm_ctx_alloc,
+    gcm_ctx_free,
+};
+
+static const mbedtls_cipher_info_t camellia_128_gcm_info = {
+    MBEDTLS_CIPHER_CAMELLIA_128_GCM,
+    MBEDTLS_MODE_GCM,
+    128,
+    "CAMELLIA-128-GCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &gcm_camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_192_gcm_info = {
+    MBEDTLS_CIPHER_CAMELLIA_192_GCM,
+    MBEDTLS_MODE_GCM,
+    192,
+    "CAMELLIA-192-GCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &gcm_camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_256_gcm_info = {
+    MBEDTLS_CIPHER_CAMELLIA_256_GCM,
+    MBEDTLS_MODE_GCM,
+    256,
+    "CAMELLIA-256-GCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &gcm_camellia_info
+};
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_CCM_C)
+static int ccm_camellia_setkey_wrap(void *ctx, const unsigned char *key,
+                                    unsigned int key_bitlen)
+{
+    return mbedtls_ccm_setkey((mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA,
+                              key, key_bitlen);
+}
+
+static const mbedtls_cipher_base_t ccm_camellia_info = {
+    MBEDTLS_CIPHER_ID_CAMELLIA,
+    NULL,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    ccm_camellia_setkey_wrap,
+    ccm_camellia_setkey_wrap,
+    ccm_ctx_alloc,
+    ccm_ctx_free,
+};
+
+static const mbedtls_cipher_info_t camellia_128_ccm_info = {
+    MBEDTLS_CIPHER_CAMELLIA_128_CCM,
+    MBEDTLS_MODE_CCM,
+    128,
+    "CAMELLIA-128-CCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &ccm_camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_192_ccm_info = {
+    MBEDTLS_CIPHER_CAMELLIA_192_CCM,
+    MBEDTLS_MODE_CCM,
+    192,
+    "CAMELLIA-192-CCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &ccm_camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_256_ccm_info = {
+    MBEDTLS_CIPHER_CAMELLIA_256_CCM,
+    MBEDTLS_MODE_CCM,
+    256,
+    "CAMELLIA-256-CCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &ccm_camellia_info
+};
+#endif /* MBEDTLS_CCM_C */
+
+#endif /* MBEDTLS_CAMELLIA_C */
+
+#if defined(MBEDTLS_ARIA_C)
+
+static int aria_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation,
+                               const unsigned char *input, unsigned char *output)
+{
+    (void) operation;
+    return mbedtls_aria_crypt_ecb((mbedtls_aria_context *) ctx, input,
+                                  output);
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static int aria_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation,
+                               size_t length, unsigned char *iv,
+                               const unsigned char *input, unsigned char *output)
+{
+    return mbedtls_aria_crypt_cbc((mbedtls_aria_context *) ctx, operation, length, iv,
+                                  input, output);
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+static int aria_crypt_cfb128_wrap(void *ctx, mbedtls_operation_t operation,
+                                  size_t length, size_t *iv_off, unsigned char *iv,
+                                  const unsigned char *input, unsigned char *output)
+{
+    return mbedtls_aria_crypt_cfb128((mbedtls_aria_context *) ctx, operation, length,
+                                     iv_off, iv, input, output);
+}
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+static int aria_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off,
+                               unsigned char *nonce_counter, unsigned char *stream_block,
+                               const unsigned char *input, unsigned char *output)
+{
+    return mbedtls_aria_crypt_ctr((mbedtls_aria_context *) ctx, length, nc_off,
+                                  nonce_counter, stream_block, input, output);
+}
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+static int aria_setkey_dec_wrap(void *ctx, const unsigned char *key,
+                                unsigned int key_bitlen)
+{
+    return mbedtls_aria_setkey_dec((mbedtls_aria_context *) ctx, key, key_bitlen);
+}
+
+static int aria_setkey_enc_wrap(void *ctx, const unsigned char *key,
+                                unsigned int key_bitlen)
+{
+    return mbedtls_aria_setkey_enc((mbedtls_aria_context *) ctx, key, key_bitlen);
+}
+
+static void *aria_ctx_alloc(void)
+{
+    mbedtls_aria_context *ctx;
+    ctx = mbedtls_calloc(1, sizeof(mbedtls_aria_context));
+
+    if (ctx == NULL) {
+        return NULL;
+    }
+
+    mbedtls_aria_init(ctx);
+
+    return ctx;
+}
+
+static void aria_ctx_free(void *ctx)
+{
+    mbedtls_aria_free((mbedtls_aria_context *) ctx);
+    mbedtls_free(ctx);
+}
+
+static const mbedtls_cipher_base_t aria_info = {
+    MBEDTLS_CIPHER_ID_ARIA,
+    aria_crypt_ecb_wrap,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    aria_crypt_cbc_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    aria_crypt_cfb128_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    aria_crypt_ctr_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    aria_setkey_enc_wrap,
+    aria_setkey_dec_wrap,
+    aria_ctx_alloc,
+    aria_ctx_free
+};
+
+static const mbedtls_cipher_info_t aria_128_ecb_info = {
+    MBEDTLS_CIPHER_ARIA_128_ECB,
+    MBEDTLS_MODE_ECB,
+    128,
+    "ARIA-128-ECB",
+    0,
+    0,
+    16,
+    &aria_info
+};
+
+static const mbedtls_cipher_info_t aria_192_ecb_info = {
+    MBEDTLS_CIPHER_ARIA_192_ECB,
+    MBEDTLS_MODE_ECB,
+    192,
+    "ARIA-192-ECB",
+    0,
+    0,
+    16,
+    &aria_info
+};
+
+static const mbedtls_cipher_info_t aria_256_ecb_info = {
+    MBEDTLS_CIPHER_ARIA_256_ECB,
+    MBEDTLS_MODE_ECB,
+    256,
+    "ARIA-256-ECB",
+    0,
+    0,
+    16,
+    &aria_info
+};
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static const mbedtls_cipher_info_t aria_128_cbc_info = {
+    MBEDTLS_CIPHER_ARIA_128_CBC,
+    MBEDTLS_MODE_CBC,
+    128,
+    "ARIA-128-CBC",
+    16,
+    0,
+    16,
+    &aria_info
+};
+
+static const mbedtls_cipher_info_t aria_192_cbc_info = {
+    MBEDTLS_CIPHER_ARIA_192_CBC,
+    MBEDTLS_MODE_CBC,
+    192,
+    "ARIA-192-CBC",
+    16,
+    0,
+    16,
+    &aria_info
+};
+
+static const mbedtls_cipher_info_t aria_256_cbc_info = {
+    MBEDTLS_CIPHER_ARIA_256_CBC,
+    MBEDTLS_MODE_CBC,
+    256,
+    "ARIA-256-CBC",
+    16,
+    0,
+    16,
+    &aria_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+static const mbedtls_cipher_info_t aria_128_cfb128_info = {
+    MBEDTLS_CIPHER_ARIA_128_CFB128,
+    MBEDTLS_MODE_CFB,
+    128,
+    "ARIA-128-CFB128",
+    16,
+    0,
+    16,
+    &aria_info
+};
+
+static const mbedtls_cipher_info_t aria_192_cfb128_info = {
+    MBEDTLS_CIPHER_ARIA_192_CFB128,
+    MBEDTLS_MODE_CFB,
+    192,
+    "ARIA-192-CFB128",
+    16,
+    0,
+    16,
+    &aria_info
+};
+
+static const mbedtls_cipher_info_t aria_256_cfb128_info = {
+    MBEDTLS_CIPHER_ARIA_256_CFB128,
+    MBEDTLS_MODE_CFB,
+    256,
+    "ARIA-256-CFB128",
+    16,
+    0,
+    16,
+    &aria_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+static const mbedtls_cipher_info_t aria_128_ctr_info = {
+    MBEDTLS_CIPHER_ARIA_128_CTR,
+    MBEDTLS_MODE_CTR,
+    128,
+    "ARIA-128-CTR",
+    16,
+    0,
+    16,
+    &aria_info
+};
+
+static const mbedtls_cipher_info_t aria_192_ctr_info = {
+    MBEDTLS_CIPHER_ARIA_192_CTR,
+    MBEDTLS_MODE_CTR,
+    192,
+    "ARIA-192-CTR",
+    16,
+    0,
+    16,
+    &aria_info
+};
+
+static const mbedtls_cipher_info_t aria_256_ctr_info = {
+    MBEDTLS_CIPHER_ARIA_256_CTR,
+    MBEDTLS_MODE_CTR,
+    256,
+    "ARIA-256-CTR",
+    16,
+    0,
+    16,
+    &aria_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+#if defined(MBEDTLS_GCM_C)
+static int gcm_aria_setkey_wrap(void *ctx, const unsigned char *key,
+                                unsigned int key_bitlen)
+{
+    return mbedtls_gcm_setkey((mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_ARIA,
+                              key, key_bitlen);
+}
+
+static const mbedtls_cipher_base_t gcm_aria_info = {
+    MBEDTLS_CIPHER_ID_ARIA,
+    NULL,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    gcm_aria_setkey_wrap,
+    gcm_aria_setkey_wrap,
+    gcm_ctx_alloc,
+    gcm_ctx_free,
+};
+
+static const mbedtls_cipher_info_t aria_128_gcm_info = {
+    MBEDTLS_CIPHER_ARIA_128_GCM,
+    MBEDTLS_MODE_GCM,
+    128,
+    "ARIA-128-GCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &gcm_aria_info
+};
+
+static const mbedtls_cipher_info_t aria_192_gcm_info = {
+    MBEDTLS_CIPHER_ARIA_192_GCM,
+    MBEDTLS_MODE_GCM,
+    192,
+    "ARIA-192-GCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &gcm_aria_info
+};
+
+static const mbedtls_cipher_info_t aria_256_gcm_info = {
+    MBEDTLS_CIPHER_ARIA_256_GCM,
+    MBEDTLS_MODE_GCM,
+    256,
+    "ARIA-256-GCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &gcm_aria_info
+};
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_CCM_C)
+static int ccm_aria_setkey_wrap(void *ctx, const unsigned char *key,
+                                unsigned int key_bitlen)
+{
+    return mbedtls_ccm_setkey((mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_ARIA,
+                              key, key_bitlen);
+}
+
+static const mbedtls_cipher_base_t ccm_aria_info = {
+    MBEDTLS_CIPHER_ID_ARIA,
+    NULL,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    ccm_aria_setkey_wrap,
+    ccm_aria_setkey_wrap,
+    ccm_ctx_alloc,
+    ccm_ctx_free,
+};
+
+static const mbedtls_cipher_info_t aria_128_ccm_info = {
+    MBEDTLS_CIPHER_ARIA_128_CCM,
+    MBEDTLS_MODE_CCM,
+    128,
+    "ARIA-128-CCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &ccm_aria_info
+};
+
+static const mbedtls_cipher_info_t aria_192_ccm_info = {
+    MBEDTLS_CIPHER_ARIA_192_CCM,
+    MBEDTLS_MODE_CCM,
+    192,
+    "ARIA-192-CCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &ccm_aria_info
+};
+
+static const mbedtls_cipher_info_t aria_256_ccm_info = {
+    MBEDTLS_CIPHER_ARIA_256_CCM,
+    MBEDTLS_MODE_CCM,
+    256,
+    "ARIA-256-CCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &ccm_aria_info
+};
+#endif /* MBEDTLS_CCM_C */
+
+#endif /* MBEDTLS_ARIA_C */
+
+#if defined(MBEDTLS_DES_C)
+
+static int des_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation,
+                              const unsigned char *input, unsigned char *output)
+{
+    ((void) operation);
+    return mbedtls_des_crypt_ecb((mbedtls_des_context *) ctx, input, output);
+}
+
+static int des3_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation,
+                               const unsigned char *input, unsigned char *output)
+{
+    ((void) operation);
+    return mbedtls_des3_crypt_ecb((mbedtls_des3_context *) ctx, input, output);
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static int des_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, size_t length,
+                              unsigned char *iv, const unsigned char *input, unsigned char *output)
+{
+    return mbedtls_des_crypt_cbc((mbedtls_des_context *) ctx, operation, length, iv, input,
+                                 output);
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static int des3_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, size_t length,
+                               unsigned char *iv, const unsigned char *input, unsigned char *output)
+{
+    return mbedtls_des3_crypt_cbc((mbedtls_des3_context *) ctx, operation, length, iv, input,
+                                  output);
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+static int des_setkey_dec_wrap(void *ctx, const unsigned char *key,
+                               unsigned int key_bitlen)
+{
+    ((void) key_bitlen);
+
+    return mbedtls_des_setkey_dec((mbedtls_des_context *) ctx, key);
+}
+
+static int des_setkey_enc_wrap(void *ctx, const unsigned char *key,
+                               unsigned int key_bitlen)
+{
+    ((void) key_bitlen);
+
+    return mbedtls_des_setkey_enc((mbedtls_des_context *) ctx, key);
+}
+
+static int des3_set2key_dec_wrap(void *ctx, const unsigned char *key,
+                                 unsigned int key_bitlen)
+{
+    ((void) key_bitlen);
+
+    return mbedtls_des3_set2key_dec((mbedtls_des3_context *) ctx, key);
+}
+
+static int des3_set2key_enc_wrap(void *ctx, const unsigned char *key,
+                                 unsigned int key_bitlen)
+{
+    ((void) key_bitlen);
+
+    return mbedtls_des3_set2key_enc((mbedtls_des3_context *) ctx, key);
+}
+
+static int des3_set3key_dec_wrap(void *ctx, const unsigned char *key,
+                                 unsigned int key_bitlen)
+{
+    ((void) key_bitlen);
+
+    return mbedtls_des3_set3key_dec((mbedtls_des3_context *) ctx, key);
+}
+
+static int des3_set3key_enc_wrap(void *ctx, const unsigned char *key,
+                                 unsigned int key_bitlen)
+{
+    ((void) key_bitlen);
+
+    return mbedtls_des3_set3key_enc((mbedtls_des3_context *) ctx, key);
+}
+
+static void *des_ctx_alloc(void)
+{
+    mbedtls_des_context *des = mbedtls_calloc(1, sizeof(mbedtls_des_context));
+
+    if (des == NULL) {
+        return NULL;
+    }
+
+    mbedtls_des_init(des);
+
+    return des;
+}
+
+static void des_ctx_free(void *ctx)
+{
+    mbedtls_des_free((mbedtls_des_context *) ctx);
+    mbedtls_free(ctx);
+}
+
+static void *des3_ctx_alloc(void)
+{
+    mbedtls_des3_context *des3;
+    des3 = mbedtls_calloc(1, sizeof(mbedtls_des3_context));
+
+    if (des3 == NULL) {
+        return NULL;
+    }
+
+    mbedtls_des3_init(des3);
+
+    return des3;
+}
+
+static void des3_ctx_free(void *ctx)
+{
+    mbedtls_des3_free((mbedtls_des3_context *) ctx);
+    mbedtls_free(ctx);
+}
+
+static const mbedtls_cipher_base_t des_info = {
+    MBEDTLS_CIPHER_ID_DES,
+    des_crypt_ecb_wrap,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    des_crypt_cbc_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    des_setkey_enc_wrap,
+    des_setkey_dec_wrap,
+    des_ctx_alloc,
+    des_ctx_free
+};
+
+static const mbedtls_cipher_info_t des_ecb_info = {
+    MBEDTLS_CIPHER_DES_ECB,
+    MBEDTLS_MODE_ECB,
+    MBEDTLS_KEY_LENGTH_DES,
+    "DES-ECB",
+    0,
+    0,
+    8,
+    &des_info
+};
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static const mbedtls_cipher_info_t des_cbc_info = {
+    MBEDTLS_CIPHER_DES_CBC,
+    MBEDTLS_MODE_CBC,
+    MBEDTLS_KEY_LENGTH_DES,
+    "DES-CBC",
+    8,
+    0,
+    8,
+    &des_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+static const mbedtls_cipher_base_t des_ede_info = {
+    MBEDTLS_CIPHER_ID_DES,
+    des3_crypt_ecb_wrap,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    des3_crypt_cbc_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    des3_set2key_enc_wrap,
+    des3_set2key_dec_wrap,
+    des3_ctx_alloc,
+    des3_ctx_free
+};
+
+static const mbedtls_cipher_info_t des_ede_ecb_info = {
+    MBEDTLS_CIPHER_DES_EDE_ECB,
+    MBEDTLS_MODE_ECB,
+    MBEDTLS_KEY_LENGTH_DES_EDE,
+    "DES-EDE-ECB",
+    0,
+    0,
+    8,
+    &des_ede_info
+};
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static const mbedtls_cipher_info_t des_ede_cbc_info = {
+    MBEDTLS_CIPHER_DES_EDE_CBC,
+    MBEDTLS_MODE_CBC,
+    MBEDTLS_KEY_LENGTH_DES_EDE,
+    "DES-EDE-CBC",
+    8,
+    0,
+    8,
+    &des_ede_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+static const mbedtls_cipher_base_t des_ede3_info = {
+    MBEDTLS_CIPHER_ID_3DES,
+    des3_crypt_ecb_wrap,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    des3_crypt_cbc_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    des3_set3key_enc_wrap,
+    des3_set3key_dec_wrap,
+    des3_ctx_alloc,
+    des3_ctx_free
+};
+
+static const mbedtls_cipher_info_t des_ede3_ecb_info = {
+    MBEDTLS_CIPHER_DES_EDE3_ECB,
+    MBEDTLS_MODE_ECB,
+    MBEDTLS_KEY_LENGTH_DES_EDE3,
+    "DES-EDE3-ECB",
+    0,
+    0,
+    8,
+    &des_ede3_info
+};
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static const mbedtls_cipher_info_t des_ede3_cbc_info = {
+    MBEDTLS_CIPHER_DES_EDE3_CBC,
+    MBEDTLS_MODE_CBC,
+    MBEDTLS_KEY_LENGTH_DES_EDE3,
+    "DES-EDE3-CBC",
+    8,
+    0,
+    8,
+    &des_ede3_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_BLOWFISH_C)
+
+static int blowfish_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation,
+                                   const unsigned char *input, unsigned char *output)
+{
+    return mbedtls_blowfish_crypt_ecb((mbedtls_blowfish_context *) ctx, operation, input,
+                                      output);
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static int blowfish_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation,
+                                   size_t length, unsigned char *iv, const unsigned char *input,
+                                   unsigned char *output)
+{
+    return mbedtls_blowfish_crypt_cbc((mbedtls_blowfish_context *) ctx, operation, length, iv,
+                                      input, output);
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+static int blowfish_crypt_cfb64_wrap(void *ctx, mbedtls_operation_t operation,
+                                     size_t length, size_t *iv_off, unsigned char *iv,
+                                     const unsigned char *input, unsigned char *output)
+{
+    return mbedtls_blowfish_crypt_cfb64((mbedtls_blowfish_context *) ctx, operation, length,
+                                        iv_off, iv, input, output);
+}
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+static int blowfish_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off,
+                                   unsigned char *nonce_counter, unsigned char *stream_block,
+                                   const unsigned char *input, unsigned char *output)
+{
+    return mbedtls_blowfish_crypt_ctr((mbedtls_blowfish_context *) ctx, length, nc_off,
+                                      nonce_counter, stream_block, input, output);
+}
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+static int blowfish_setkey_wrap(void *ctx, const unsigned char *key,
+                                unsigned int key_bitlen)
+{
+    return mbedtls_blowfish_setkey((mbedtls_blowfish_context *) ctx, key, key_bitlen);
+}
+
+static void *blowfish_ctx_alloc(void)
+{
+    mbedtls_blowfish_context *ctx;
+    ctx = mbedtls_calloc(1, sizeof(mbedtls_blowfish_context));
+
+    if (ctx == NULL) {
+        return NULL;
+    }
+
+    mbedtls_blowfish_init(ctx);
+
+    return ctx;
+}
+
+static void blowfish_ctx_free(void *ctx)
+{
+    mbedtls_blowfish_free((mbedtls_blowfish_context *) ctx);
+    mbedtls_free(ctx);
+}
+
+static const mbedtls_cipher_base_t blowfish_info = {
+    MBEDTLS_CIPHER_ID_BLOWFISH,
+    blowfish_crypt_ecb_wrap,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    blowfish_crypt_cbc_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    blowfish_crypt_cfb64_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    blowfish_crypt_ctr_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    blowfish_setkey_wrap,
+    blowfish_setkey_wrap,
+    blowfish_ctx_alloc,
+    blowfish_ctx_free
+};
+
+static const mbedtls_cipher_info_t blowfish_ecb_info = {
+    MBEDTLS_CIPHER_BLOWFISH_ECB,
+    MBEDTLS_MODE_ECB,
+    128,
+    "BLOWFISH-ECB",
+    0,
+    MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
+    8,
+    &blowfish_info
+};
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static const mbedtls_cipher_info_t blowfish_cbc_info = {
+    MBEDTLS_CIPHER_BLOWFISH_CBC,
+    MBEDTLS_MODE_CBC,
+    128,
+    "BLOWFISH-CBC",
+    8,
+    MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
+    8,
+    &blowfish_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+static const mbedtls_cipher_info_t blowfish_cfb64_info = {
+    MBEDTLS_CIPHER_BLOWFISH_CFB64,
+    MBEDTLS_MODE_CFB,
+    128,
+    "BLOWFISH-CFB64",
+    8,
+    MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
+    8,
+    &blowfish_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+static const mbedtls_cipher_info_t blowfish_ctr_info = {
+    MBEDTLS_CIPHER_BLOWFISH_CTR,
+    MBEDTLS_MODE_CTR,
+    128,
+    "BLOWFISH-CTR",
+    8,
+    MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
+    8,
+    &blowfish_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+#endif /* MBEDTLS_BLOWFISH_C */
+
+#if defined(MBEDTLS_ARC4_C)
+static int arc4_crypt_stream_wrap(void *ctx, size_t length,
+                                  const unsigned char *input,
+                                  unsigned char *output)
+{
+    return mbedtls_arc4_crypt((mbedtls_arc4_context *) ctx, length, input, output);
+}
+
+static int arc4_setkey_wrap(void *ctx, const unsigned char *key,
+                            unsigned int key_bitlen)
+{
+    /* we get key_bitlen in bits, arc4 expects it in bytes */
+    if (key_bitlen % 8 != 0) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    mbedtls_arc4_setup((mbedtls_arc4_context *) ctx, key, key_bitlen / 8);
+    return 0;
+}
+
+static void *arc4_ctx_alloc(void)
+{
+    mbedtls_arc4_context *ctx;
+    ctx = mbedtls_calloc(1, sizeof(mbedtls_arc4_context));
+
+    if (ctx == NULL) {
+        return NULL;
+    }
+
+    mbedtls_arc4_init(ctx);
+
+    return ctx;
+}
+
+static void arc4_ctx_free(void *ctx)
+{
+    mbedtls_arc4_free((mbedtls_arc4_context *) ctx);
+    mbedtls_free(ctx);
+}
+
+static const mbedtls_cipher_base_t arc4_base_info = {
+    MBEDTLS_CIPHER_ID_ARC4,
+    NULL,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    arc4_crypt_stream_wrap,
+#endif
+    arc4_setkey_wrap,
+    arc4_setkey_wrap,
+    arc4_ctx_alloc,
+    arc4_ctx_free
+};
+
+static const mbedtls_cipher_info_t arc4_128_info = {
+    MBEDTLS_CIPHER_ARC4_128,
+    MBEDTLS_MODE_STREAM,
+    128,
+    "ARC4-128",
+    0,
+    0,
+    1,
+    &arc4_base_info
+};
+#endif /* MBEDTLS_ARC4_C */
+
+#if defined(MBEDTLS_CHACHA20_C)
+
+static int chacha20_setkey_wrap(void *ctx, const unsigned char *key,
+                                unsigned int key_bitlen)
+{
+    if (key_bitlen != 256U) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    if (0 != mbedtls_chacha20_setkey((mbedtls_chacha20_context *) ctx, key)) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    return 0;
+}
+
+static int chacha20_stream_wrap(void *ctx,  size_t length,
+                                const unsigned char *input,
+                                unsigned char *output)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    ret = mbedtls_chacha20_update(ctx, length, input, output);
+    if (ret == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    return ret;
+}
+
+static void *chacha20_ctx_alloc(void)
+{
+    mbedtls_chacha20_context *ctx;
+    ctx = mbedtls_calloc(1, sizeof(mbedtls_chacha20_context));
+
+    if (ctx == NULL) {
+        return NULL;
+    }
+
+    mbedtls_chacha20_init(ctx);
+
+    return ctx;
+}
+
+static void chacha20_ctx_free(void *ctx)
+{
+    mbedtls_chacha20_free((mbedtls_chacha20_context *) ctx);
+    mbedtls_free(ctx);
+}
+
+static const mbedtls_cipher_base_t chacha20_base_info = {
+    MBEDTLS_CIPHER_ID_CHACHA20,
+    NULL,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    chacha20_stream_wrap,
+#endif
+    chacha20_setkey_wrap,
+    chacha20_setkey_wrap,
+    chacha20_ctx_alloc,
+    chacha20_ctx_free
+};
+static const mbedtls_cipher_info_t chacha20_info = {
+    MBEDTLS_CIPHER_CHACHA20,
+    MBEDTLS_MODE_STREAM,
+    256,
+    "CHACHA20",
+    12,
+    0,
+    1,
+    &chacha20_base_info
+};
+#endif /* MBEDTLS_CHACHA20_C */
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+
+static int chachapoly_setkey_wrap(void *ctx,
+                                  const unsigned char *key,
+                                  unsigned int key_bitlen)
+{
+    if (key_bitlen != 256U) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    if (0 != mbedtls_chachapoly_setkey((mbedtls_chachapoly_context *) ctx, key)) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    return 0;
+}
+
+static void *chachapoly_ctx_alloc(void)
+{
+    mbedtls_chachapoly_context *ctx;
+    ctx = mbedtls_calloc(1, sizeof(mbedtls_chachapoly_context));
+
+    if (ctx == NULL) {
+        return NULL;
+    }
+
+    mbedtls_chachapoly_init(ctx);
+
+    return ctx;
+}
+
+static void chachapoly_ctx_free(void *ctx)
+{
+    mbedtls_chachapoly_free((mbedtls_chachapoly_context *) ctx);
+    mbedtls_free(ctx);
+}
+
+static const mbedtls_cipher_base_t chachapoly_base_info = {
+    MBEDTLS_CIPHER_ID_CHACHA20,
+    NULL,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    chachapoly_setkey_wrap,
+    chachapoly_setkey_wrap,
+    chachapoly_ctx_alloc,
+    chachapoly_ctx_free
+};
+static const mbedtls_cipher_info_t chachapoly_info = {
+    MBEDTLS_CIPHER_CHACHA20_POLY1305,
+    MBEDTLS_MODE_CHACHAPOLY,
+    256,
+    "CHACHA20-POLY1305",
+    12,
+    0,
+    1,
+    &chachapoly_base_info
+};
+#endif /* MBEDTLS_CHACHAPOLY_C */
+
+#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
+static int null_crypt_stream(void *ctx, size_t length,
+                             const unsigned char *input,
+                             unsigned char *output)
+{
+    ((void) ctx);
+    memmove(output, input, length);
+    return 0;
+}
+
+static int null_setkey(void *ctx, const unsigned char *key,
+                       unsigned int key_bitlen)
+{
+    ((void) ctx);
+    ((void) key);
+    ((void) key_bitlen);
+
+    return 0;
+}
+
+static void *null_ctx_alloc(void)
+{
+    return (void *) 1;
+}
+
+static void null_ctx_free(void *ctx)
+{
+    ((void) ctx);
+}
+
+static const mbedtls_cipher_base_t null_base_info = {
+    MBEDTLS_CIPHER_ID_NULL,
+    NULL,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    null_crypt_stream,
+#endif
+    null_setkey,
+    null_setkey,
+    null_ctx_alloc,
+    null_ctx_free
+};
+
+static const mbedtls_cipher_info_t null_cipher_info = {
+    MBEDTLS_CIPHER_NULL,
+    MBEDTLS_MODE_STREAM,
+    0,
+    "NULL",
+    0,
+    0,
+    1,
+    &null_base_info
+};
+#endif /* defined(MBEDTLS_CIPHER_NULL_CIPHER) */
+
+#if defined(MBEDTLS_NIST_KW_C)
+static void *kw_ctx_alloc(void)
+{
+    void *ctx = mbedtls_calloc(1, sizeof(mbedtls_nist_kw_context));
+
+    if (ctx != NULL) {
+        mbedtls_nist_kw_init((mbedtls_nist_kw_context *) ctx);
+    }
+
+    return ctx;
+}
+
+static void kw_ctx_free(void *ctx)
+{
+    mbedtls_nist_kw_free(ctx);
+    mbedtls_free(ctx);
+}
+
+static int kw_aes_setkey_wrap(void *ctx, const unsigned char *key,
+                              unsigned int key_bitlen)
+{
+    return mbedtls_nist_kw_setkey((mbedtls_nist_kw_context *) ctx,
+                                  MBEDTLS_CIPHER_ID_AES, key, key_bitlen, 1);
+}
+
+static int kw_aes_setkey_unwrap(void *ctx, const unsigned char *key,
+                                unsigned int key_bitlen)
+{
+    return mbedtls_nist_kw_setkey((mbedtls_nist_kw_context *) ctx,
+                                  MBEDTLS_CIPHER_ID_AES, key, key_bitlen, 0);
+}
+
+static const mbedtls_cipher_base_t kw_aes_info = {
+    MBEDTLS_CIPHER_ID_AES,
+    NULL,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    kw_aes_setkey_wrap,
+    kw_aes_setkey_unwrap,
+    kw_ctx_alloc,
+    kw_ctx_free,
+};
+
+static const mbedtls_cipher_info_t aes_128_nist_kw_info = {
+    MBEDTLS_CIPHER_AES_128_KW,
+    MBEDTLS_MODE_KW,
+    128,
+    "AES-128-KW",
+    0,
+    0,
+    16,
+    &kw_aes_info
+};
+
+static const mbedtls_cipher_info_t aes_192_nist_kw_info = {
+    MBEDTLS_CIPHER_AES_192_KW,
+    MBEDTLS_MODE_KW,
+    192,
+    "AES-192-KW",
+    0,
+    0,
+    16,
+    &kw_aes_info
+};
+
+static const mbedtls_cipher_info_t aes_256_nist_kw_info = {
+    MBEDTLS_CIPHER_AES_256_KW,
+    MBEDTLS_MODE_KW,
+    256,
+    "AES-256-KW",
+    0,
+    0,
+    16,
+    &kw_aes_info
+};
+
+static const mbedtls_cipher_info_t aes_128_nist_kwp_info = {
+    MBEDTLS_CIPHER_AES_128_KWP,
+    MBEDTLS_MODE_KWP,
+    128,
+    "AES-128-KWP",
+    0,
+    0,
+    16,
+    &kw_aes_info
+};
+
+static const mbedtls_cipher_info_t aes_192_nist_kwp_info = {
+    MBEDTLS_CIPHER_AES_192_KWP,
+    MBEDTLS_MODE_KWP,
+    192,
+    "AES-192-KWP",
+    0,
+    0,
+    16,
+    &kw_aes_info
+};
+
+static const mbedtls_cipher_info_t aes_256_nist_kwp_info = {
+    MBEDTLS_CIPHER_AES_256_KWP,
+    MBEDTLS_MODE_KWP,
+    256,
+    "AES-256-KWP",
+    0,
+    0,
+    16,
+    &kw_aes_info
+};
+#endif /* MBEDTLS_NIST_KW_C */
+
+const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] =
+{
+#if defined(MBEDTLS_AES_C)
+    { MBEDTLS_CIPHER_AES_128_ECB,          &aes_128_ecb_info },
+    { MBEDTLS_CIPHER_AES_192_ECB,          &aes_192_ecb_info },
+    { MBEDTLS_CIPHER_AES_256_ECB,          &aes_256_ecb_info },
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_CIPHER_AES_128_CBC,          &aes_128_cbc_info },
+    { MBEDTLS_CIPHER_AES_192_CBC,          &aes_192_cbc_info },
+    { MBEDTLS_CIPHER_AES_256_CBC,          &aes_256_cbc_info },
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    { MBEDTLS_CIPHER_AES_128_CFB128,       &aes_128_cfb128_info },
+    { MBEDTLS_CIPHER_AES_192_CFB128,       &aes_192_cfb128_info },
+    { MBEDTLS_CIPHER_AES_256_CFB128,       &aes_256_cfb128_info },
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    { MBEDTLS_CIPHER_AES_128_OFB,          &aes_128_ofb_info },
+    { MBEDTLS_CIPHER_AES_192_OFB,          &aes_192_ofb_info },
+    { MBEDTLS_CIPHER_AES_256_OFB,          &aes_256_ofb_info },
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    { MBEDTLS_CIPHER_AES_128_CTR,          &aes_128_ctr_info },
+    { MBEDTLS_CIPHER_AES_192_CTR,          &aes_192_ctr_info },
+    { MBEDTLS_CIPHER_AES_256_CTR,          &aes_256_ctr_info },
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    { MBEDTLS_CIPHER_AES_128_XTS,          &aes_128_xts_info },
+    { MBEDTLS_CIPHER_AES_256_XTS,          &aes_256_xts_info },
+#endif
+#if defined(MBEDTLS_GCM_C)
+    { MBEDTLS_CIPHER_AES_128_GCM,          &aes_128_gcm_info },
+    { MBEDTLS_CIPHER_AES_192_GCM,          &aes_192_gcm_info },
+    { MBEDTLS_CIPHER_AES_256_GCM,          &aes_256_gcm_info },
+#endif
+#if defined(MBEDTLS_CCM_C)
+    { MBEDTLS_CIPHER_AES_128_CCM,          &aes_128_ccm_info },
+    { MBEDTLS_CIPHER_AES_192_CCM,          &aes_192_ccm_info },
+    { MBEDTLS_CIPHER_AES_256_CCM,          &aes_256_ccm_info },
+#endif
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_ARC4_C)
+    { MBEDTLS_CIPHER_ARC4_128,             &arc4_128_info },
+#endif
+
+#if defined(MBEDTLS_BLOWFISH_C)
+    { MBEDTLS_CIPHER_BLOWFISH_ECB,         &blowfish_ecb_info },
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_CIPHER_BLOWFISH_CBC,         &blowfish_cbc_info },
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    { MBEDTLS_CIPHER_BLOWFISH_CFB64,       &blowfish_cfb64_info },
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    { MBEDTLS_CIPHER_BLOWFISH_CTR,         &blowfish_ctr_info },
+#endif
+#endif /* MBEDTLS_BLOWFISH_C */
+
+#if defined(MBEDTLS_CAMELLIA_C)
+    { MBEDTLS_CIPHER_CAMELLIA_128_ECB,     &camellia_128_ecb_info },
+    { MBEDTLS_CIPHER_CAMELLIA_192_ECB,     &camellia_192_ecb_info },
+    { MBEDTLS_CIPHER_CAMELLIA_256_ECB,     &camellia_256_ecb_info },
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_CIPHER_CAMELLIA_128_CBC,     &camellia_128_cbc_info },
+    { MBEDTLS_CIPHER_CAMELLIA_192_CBC,     &camellia_192_cbc_info },
+    { MBEDTLS_CIPHER_CAMELLIA_256_CBC,     &camellia_256_cbc_info },
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    { MBEDTLS_CIPHER_CAMELLIA_128_CFB128,  &camellia_128_cfb128_info },
+    { MBEDTLS_CIPHER_CAMELLIA_192_CFB128,  &camellia_192_cfb128_info },
+    { MBEDTLS_CIPHER_CAMELLIA_256_CFB128,  &camellia_256_cfb128_info },
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    { MBEDTLS_CIPHER_CAMELLIA_128_CTR,     &camellia_128_ctr_info },
+    { MBEDTLS_CIPHER_CAMELLIA_192_CTR,     &camellia_192_ctr_info },
+    { MBEDTLS_CIPHER_CAMELLIA_256_CTR,     &camellia_256_ctr_info },
+#endif
+#if defined(MBEDTLS_GCM_C)
+    { MBEDTLS_CIPHER_CAMELLIA_128_GCM,     &camellia_128_gcm_info },
+    { MBEDTLS_CIPHER_CAMELLIA_192_GCM,     &camellia_192_gcm_info },
+    { MBEDTLS_CIPHER_CAMELLIA_256_GCM,     &camellia_256_gcm_info },
+#endif
+#if defined(MBEDTLS_CCM_C)
+    { MBEDTLS_CIPHER_CAMELLIA_128_CCM,     &camellia_128_ccm_info },
+    { MBEDTLS_CIPHER_CAMELLIA_192_CCM,     &camellia_192_ccm_info },
+    { MBEDTLS_CIPHER_CAMELLIA_256_CCM,     &camellia_256_ccm_info },
+#endif
+#endif /* MBEDTLS_CAMELLIA_C */
+
+#if defined(MBEDTLS_ARIA_C)
+    { MBEDTLS_CIPHER_ARIA_128_ECB,     &aria_128_ecb_info },
+    { MBEDTLS_CIPHER_ARIA_192_ECB,     &aria_192_ecb_info },
+    { MBEDTLS_CIPHER_ARIA_256_ECB,     &aria_256_ecb_info },
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_CIPHER_ARIA_128_CBC,     &aria_128_cbc_info },
+    { MBEDTLS_CIPHER_ARIA_192_CBC,     &aria_192_cbc_info },
+    { MBEDTLS_CIPHER_ARIA_256_CBC,     &aria_256_cbc_info },
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    { MBEDTLS_CIPHER_ARIA_128_CFB128,  &aria_128_cfb128_info },
+    { MBEDTLS_CIPHER_ARIA_192_CFB128,  &aria_192_cfb128_info },
+    { MBEDTLS_CIPHER_ARIA_256_CFB128,  &aria_256_cfb128_info },
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    { MBEDTLS_CIPHER_ARIA_128_CTR,     &aria_128_ctr_info },
+    { MBEDTLS_CIPHER_ARIA_192_CTR,     &aria_192_ctr_info },
+    { MBEDTLS_CIPHER_ARIA_256_CTR,     &aria_256_ctr_info },
+#endif
+#if defined(MBEDTLS_GCM_C)
+    { MBEDTLS_CIPHER_ARIA_128_GCM,     &aria_128_gcm_info },
+    { MBEDTLS_CIPHER_ARIA_192_GCM,     &aria_192_gcm_info },
+    { MBEDTLS_CIPHER_ARIA_256_GCM,     &aria_256_gcm_info },
+#endif
+#if defined(MBEDTLS_CCM_C)
+    { MBEDTLS_CIPHER_ARIA_128_CCM,     &aria_128_ccm_info },
+    { MBEDTLS_CIPHER_ARIA_192_CCM,     &aria_192_ccm_info },
+    { MBEDTLS_CIPHER_ARIA_256_CCM,     &aria_256_ccm_info },
+#endif
+#endif /* MBEDTLS_ARIA_C */
+
+#if defined(MBEDTLS_DES_C)
+    { MBEDTLS_CIPHER_DES_ECB,              &des_ecb_info },
+    { MBEDTLS_CIPHER_DES_EDE_ECB,          &des_ede_ecb_info },
+    { MBEDTLS_CIPHER_DES_EDE3_ECB,         &des_ede3_ecb_info },
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_CIPHER_DES_CBC,              &des_cbc_info },
+    { MBEDTLS_CIPHER_DES_EDE_CBC,          &des_ede_cbc_info },
+    { MBEDTLS_CIPHER_DES_EDE3_CBC,         &des_ede3_cbc_info },
+#endif
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_CHACHA20_C)
+    { MBEDTLS_CIPHER_CHACHA20,             &chacha20_info },
+#endif
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+    { MBEDTLS_CIPHER_CHACHA20_POLY1305,    &chachapoly_info },
+#endif
+
+#if defined(MBEDTLS_NIST_KW_C)
+    { MBEDTLS_CIPHER_AES_128_KW,          &aes_128_nist_kw_info },
+    { MBEDTLS_CIPHER_AES_192_KW,          &aes_192_nist_kw_info },
+    { MBEDTLS_CIPHER_AES_256_KW,          &aes_256_nist_kw_info },
+    { MBEDTLS_CIPHER_AES_128_KWP,         &aes_128_nist_kwp_info },
+    { MBEDTLS_CIPHER_AES_192_KWP,         &aes_192_nist_kwp_info },
+    { MBEDTLS_CIPHER_AES_256_KWP,         &aes_256_nist_kwp_info },
+#endif
+
+#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
+    { MBEDTLS_CIPHER_NULL,                 &null_cipher_info },
+#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
+
+    { MBEDTLS_CIPHER_NONE, NULL }
+};
+
+#define NUM_CIPHERS (sizeof(mbedtls_cipher_definitions) /      \
+                     sizeof(mbedtls_cipher_definitions[0]))
+int mbedtls_cipher_supported[NUM_CIPHERS];
+
+#endif /* MBEDTLS_CIPHER_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/cmac.c b/3rdparty/mbedtls-2.28.7/library/cmac.c
new file mode 100644
index 0000000..32a9a0e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/cmac.c
@@ -0,0 +1,1069 @@
+/**
+ * \file cmac.c
+ *
+ * \brief NIST SP800-38B compliant CMAC implementation for AES and 3DES
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ * References:
+ *
+ * - NIST SP 800-38B Recommendation for Block Cipher Modes of Operation: The
+ *      CMAC Mode for Authentication
+ *   http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38b.pdf
+ *
+ * - RFC 4493 - The AES-CMAC Algorithm
+ *   https://tools.ietf.org/html/rfc4493
+ *
+ * - RFC 4615 - The Advanced Encryption Standard-Cipher-based Message
+ *      Authentication Code-Pseudo-Random Function-128 (AES-CMAC-PRF-128)
+ *      Algorithm for the Internet Key Exchange Protocol (IKE)
+ *   https://tools.ietf.org/html/rfc4615
+ *
+ *   Additional test vectors: ISO/IEC 9797-1
+ *
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_CMAC_C)
+
+#include "mbedtls/cmac.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+#include "mbedtls/platform.h"
+
+#include <string.h>
+
+#if !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST)
+
+/*
+ * Multiplication by u in the Galois field of GF(2^n)
+ *
+ * As explained in NIST SP 800-38B, this can be computed:
+ *
+ *   If MSB(p) = 0, then p = (p << 1)
+ *   If MSB(p) = 1, then p = (p << 1) ^ R_n
+ *   with R_64 = 0x1B and  R_128 = 0x87
+ *
+ * Input and output MUST NOT point to the same buffer
+ * Block size must be 8 bytes or 16 bytes - the block sizes for DES and AES.
+ */
+static int cmac_multiply_by_u(unsigned char *output,
+                              const unsigned char *input,
+                              size_t blocksize)
+{
+    const unsigned char R_128 = 0x87;
+    const unsigned char R_64 = 0x1B;
+    unsigned char R_n, mask;
+    unsigned char overflow = 0x00;
+    int i;
+
+    if (blocksize == MBEDTLS_AES_BLOCK_SIZE) {
+        R_n = R_128;
+    } else if (blocksize == MBEDTLS_DES3_BLOCK_SIZE) {
+        R_n = R_64;
+    } else {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    for (i = (int) blocksize - 1; i >= 0; i--) {
+        output[i] = input[i] << 1 | overflow;
+        overflow = input[i] >> 7;
+    }
+
+    /* mask = ( input[0] >> 7 ) ? 0xff : 0x00
+     * using bit operations to avoid branches */
+
+    /* MSVC has a warning about unary minus on unsigned, but this is
+     * well-defined and precisely what we want to do here */
+#if defined(_MSC_VER)
+#pragma warning( push )
+#pragma warning( disable : 4146 )
+#endif
+    mask = -(input[0] >> 7);
+#if defined(_MSC_VER)
+#pragma warning( pop )
+#endif
+
+    output[blocksize - 1] ^= R_n & mask;
+
+    return 0;
+}
+
+/*
+ * Generate subkeys
+ *
+ * - as specified by RFC 4493, section 2.3 Subkey Generation Algorithm
+ */
+static int cmac_generate_subkeys(mbedtls_cipher_context_t *ctx,
+                                 unsigned char *K1, unsigned char *K2)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char L[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    size_t olen, block_size;
+
+    mbedtls_platform_zeroize(L, sizeof(L));
+
+    block_size = ctx->cipher_info->block_size;
+
+    /* Calculate Ek(0) */
+    if ((ret = mbedtls_cipher_update(ctx, L, block_size, L, &olen)) != 0) {
+        goto exit;
+    }
+
+    /*
+     * Generate K1 and K2
+     */
+    if ((ret = cmac_multiply_by_u(K1, L, block_size)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = cmac_multiply_by_u(K2, K1, block_size)) != 0) {
+        goto exit;
+    }
+
+exit:
+    mbedtls_platform_zeroize(L, sizeof(L));
+
+    return ret;
+}
+#endif /* !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST) */
+
+#if !defined(MBEDTLS_CMAC_ALT)
+static void cmac_xor_block(unsigned char *output, const unsigned char *input1,
+                           const unsigned char *input2,
+                           const size_t block_size)
+{
+    size_t idx;
+
+    for (idx = 0; idx < block_size; idx++) {
+        output[idx] = input1[idx] ^ input2[idx];
+    }
+}
+
+/*
+ * Create padded last block from (partial) last block.
+ *
+ * We can't use the padding option from the cipher layer, as it only works for
+ * CBC and we use ECB mode, and anyway we need to XOR K1 or K2 in addition.
+ */
+static void cmac_pad(unsigned char padded_block[MBEDTLS_CIPHER_BLKSIZE_MAX],
+                     size_t padded_block_len,
+                     const unsigned char *last_block,
+                     size_t last_block_len)
+{
+    size_t j;
+
+    for (j = 0; j < padded_block_len; j++) {
+        if (j < last_block_len) {
+            padded_block[j] = last_block[j];
+        } else if (j == last_block_len) {
+            padded_block[j] = 0x80;
+        } else {
+            padded_block[j] = 0x00;
+        }
+    }
+}
+
+int mbedtls_cipher_cmac_starts(mbedtls_cipher_context_t *ctx,
+                               const unsigned char *key, size_t keybits)
+{
+    mbedtls_cipher_type_t type;
+    mbedtls_cmac_context_t *cmac_ctx;
+    int retval;
+
+    if (ctx == NULL || ctx->cipher_info == NULL || key == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    if ((retval = mbedtls_cipher_setkey(ctx, key, (int) keybits,
+                                        MBEDTLS_ENCRYPT)) != 0) {
+        return retval;
+    }
+
+    type = ctx->cipher_info->type;
+
+    switch (type) {
+        case MBEDTLS_CIPHER_AES_128_ECB:
+        case MBEDTLS_CIPHER_AES_192_ECB:
+        case MBEDTLS_CIPHER_AES_256_ECB:
+        case MBEDTLS_CIPHER_DES_EDE3_ECB:
+            break;
+        default:
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    /* Allocated and initialise in the cipher context memory for the CMAC
+     * context */
+    cmac_ctx = mbedtls_calloc(1, sizeof(mbedtls_cmac_context_t));
+    if (cmac_ctx == NULL) {
+        return MBEDTLS_ERR_CIPHER_ALLOC_FAILED;
+    }
+
+    ctx->cmac_ctx = cmac_ctx;
+
+    mbedtls_platform_zeroize(cmac_ctx->state, sizeof(cmac_ctx->state));
+
+    return 0;
+}
+
+int mbedtls_cipher_cmac_update(mbedtls_cipher_context_t *ctx,
+                               const unsigned char *input, size_t ilen)
+{
+    mbedtls_cmac_context_t *cmac_ctx;
+    unsigned char *state;
+    int ret = 0;
+    size_t n, j, olen, block_size;
+
+    if (ctx == NULL || ctx->cipher_info == NULL || input == NULL ||
+        ctx->cmac_ctx == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    cmac_ctx = ctx->cmac_ctx;
+    block_size = ctx->cipher_info->block_size;
+    state = ctx->cmac_ctx->state;
+
+    /* Is there data still to process from the last call, that's greater in
+     * size than a block? */
+    if (cmac_ctx->unprocessed_len > 0 &&
+        ilen > block_size - cmac_ctx->unprocessed_len) {
+        memcpy(&cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len],
+               input,
+               block_size - cmac_ctx->unprocessed_len);
+
+        cmac_xor_block(state, cmac_ctx->unprocessed_block, state, block_size);
+
+        if ((ret = mbedtls_cipher_update(ctx, state, block_size, state,
+                                         &olen)) != 0) {
+            goto exit;
+        }
+
+        input += block_size - cmac_ctx->unprocessed_len;
+        ilen -= block_size - cmac_ctx->unprocessed_len;
+        cmac_ctx->unprocessed_len = 0;
+    }
+
+    /* n is the number of blocks including any final partial block */
+    n = (ilen + block_size - 1) / block_size;
+
+    /* Iterate across the input data in block sized chunks, excluding any
+     * final partial or complete block */
+    for (j = 1; j < n; j++) {
+        cmac_xor_block(state, input, state, block_size);
+
+        if ((ret = mbedtls_cipher_update(ctx, state, block_size, state,
+                                         &olen)) != 0) {
+            goto exit;
+        }
+
+        ilen -= block_size;
+        input += block_size;
+    }
+
+    /* If there is data left over that wasn't aligned to a block */
+    if (ilen > 0) {
+        memcpy(&cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len],
+               input,
+               ilen);
+        cmac_ctx->unprocessed_len += ilen;
+    }
+
+exit:
+    return ret;
+}
+
+int mbedtls_cipher_cmac_finish(mbedtls_cipher_context_t *ctx,
+                               unsigned char *output)
+{
+    mbedtls_cmac_context_t *cmac_ctx;
+    unsigned char *state, *last_block;
+    unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    unsigned char K2[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    unsigned char M_last[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t olen, block_size;
+
+    if (ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL ||
+        output == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    cmac_ctx = ctx->cmac_ctx;
+    block_size = ctx->cipher_info->block_size;
+    state = cmac_ctx->state;
+
+    mbedtls_platform_zeroize(K1, sizeof(K1));
+    mbedtls_platform_zeroize(K2, sizeof(K2));
+    cmac_generate_subkeys(ctx, K1, K2);
+
+    last_block = cmac_ctx->unprocessed_block;
+
+    /* Calculate last block */
+    if (cmac_ctx->unprocessed_len < block_size) {
+        cmac_pad(M_last, block_size, last_block, cmac_ctx->unprocessed_len);
+        cmac_xor_block(M_last, M_last, K2, block_size);
+    } else {
+        /* Last block is complete block */
+        cmac_xor_block(M_last, last_block, K1, block_size);
+    }
+
+
+    cmac_xor_block(state, M_last, state, block_size);
+    if ((ret = mbedtls_cipher_update(ctx, state, block_size, state,
+                                     &olen)) != 0) {
+        goto exit;
+    }
+
+    memcpy(output, state, block_size);
+
+exit:
+    /* Wipe the generated keys on the stack, and any other transients to avoid
+     * side channel leakage */
+    mbedtls_platform_zeroize(K1, sizeof(K1));
+    mbedtls_platform_zeroize(K2, sizeof(K2));
+
+    cmac_ctx->unprocessed_len = 0;
+    mbedtls_platform_zeroize(cmac_ctx->unprocessed_block,
+                             sizeof(cmac_ctx->unprocessed_block));
+
+    mbedtls_platform_zeroize(state, MBEDTLS_CIPHER_BLKSIZE_MAX);
+    return ret;
+}
+
+int mbedtls_cipher_cmac_reset(mbedtls_cipher_context_t *ctx)
+{
+    mbedtls_cmac_context_t *cmac_ctx;
+
+    if (ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    cmac_ctx = ctx->cmac_ctx;
+
+    /* Reset the internal state */
+    cmac_ctx->unprocessed_len = 0;
+    mbedtls_platform_zeroize(cmac_ctx->unprocessed_block,
+                             sizeof(cmac_ctx->unprocessed_block));
+    mbedtls_platform_zeroize(cmac_ctx->state,
+                             sizeof(cmac_ctx->state));
+
+    return 0;
+}
+
+int mbedtls_cipher_cmac(const mbedtls_cipher_info_t *cipher_info,
+                        const unsigned char *key, size_t keylen,
+                        const unsigned char *input, size_t ilen,
+                        unsigned char *output)
+{
+    mbedtls_cipher_context_t ctx;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if (cipher_info == NULL || key == NULL || input == NULL || output == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    mbedtls_cipher_init(&ctx);
+
+    if ((ret = mbedtls_cipher_setup(&ctx, cipher_info)) != 0) {
+        goto exit;
+    }
+
+    ret = mbedtls_cipher_cmac_starts(&ctx, key, keylen);
+    if (ret != 0) {
+        goto exit;
+    }
+
+    ret = mbedtls_cipher_cmac_update(&ctx, input, ilen);
+    if (ret != 0) {
+        goto exit;
+    }
+
+    ret = mbedtls_cipher_cmac_finish(&ctx, output);
+
+exit:
+    mbedtls_cipher_free(&ctx);
+
+    return ret;
+}
+
+#if defined(MBEDTLS_AES_C)
+/*
+ * Implementation of AES-CMAC-PRF-128 defined in RFC 4615
+ */
+int mbedtls_aes_cmac_prf_128(const unsigned char *key, size_t key_length,
+                             const unsigned char *input, size_t in_len,
+                             unsigned char output[16])
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const mbedtls_cipher_info_t *cipher_info;
+    unsigned char zero_key[MBEDTLS_AES_BLOCK_SIZE];
+    unsigned char int_key[MBEDTLS_AES_BLOCK_SIZE];
+
+    if (key == NULL || input == NULL || output == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_ECB);
+    if (cipher_info == NULL) {
+        /* Failing at this point must be due to a build issue */
+        ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+        goto exit;
+    }
+
+    if (key_length == MBEDTLS_AES_BLOCK_SIZE) {
+        /* Use key as is */
+        memcpy(int_key, key, MBEDTLS_AES_BLOCK_SIZE);
+    } else {
+        memset(zero_key, 0, MBEDTLS_AES_BLOCK_SIZE);
+
+        ret = mbedtls_cipher_cmac(cipher_info, zero_key, 128, key,
+                                  key_length, int_key);
+        if (ret != 0) {
+            goto exit;
+        }
+    }
+
+    ret = mbedtls_cipher_cmac(cipher_info, int_key, 128, input, in_len,
+                              output);
+
+exit:
+    mbedtls_platform_zeroize(int_key, sizeof(int_key));
+
+    return ret;
+}
+#endif /* MBEDTLS_AES_C */
+
+#endif /* !MBEDTLS_CMAC_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+/*
+ * CMAC test data for SP800-38B
+ * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/AES_CMAC.pdf
+ * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/TDES_CMAC.pdf
+ *
+ * AES-CMAC-PRF-128 test data from RFC 4615
+ * https://tools.ietf.org/html/rfc4615#page-4
+ */
+
+#define NB_CMAC_TESTS_PER_KEY 4
+#define NB_PRF_TESTS 3
+
+#if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C)
+/* All CMAC test inputs are truncated from the same 64 byte buffer. */
+static const unsigned char test_message[] = {
+    /* PT */
+    0x6b, 0xc1, 0xbe, 0xe2,     0x2e, 0x40, 0x9f, 0x96,
+    0xe9, 0x3d, 0x7e, 0x11,     0x73, 0x93, 0x17, 0x2a,
+    0xae, 0x2d, 0x8a, 0x57,     0x1e, 0x03, 0xac, 0x9c,
+    0x9e, 0xb7, 0x6f, 0xac,     0x45, 0xaf, 0x8e, 0x51,
+    0x30, 0xc8, 0x1c, 0x46,     0xa3, 0x5c, 0xe4, 0x11,
+    0xe5, 0xfb, 0xc1, 0x19,     0x1a, 0x0a, 0x52, 0xef,
+    0xf6, 0x9f, 0x24, 0x45,     0xdf, 0x4f, 0x9b, 0x17,
+    0xad, 0x2b, 0x41, 0x7b,     0xe6, 0x6c, 0x37, 0x10
+};
+#endif /* MBEDTLS_AES_C || MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_AES_C)
+/* Truncation point of message for AES CMAC tests  */
+static const  unsigned int  aes_message_lengths[NB_CMAC_TESTS_PER_KEY] = {
+    /* Mlen */
+    0,
+    16,
+    20,
+    64
+};
+
+/* CMAC-AES128 Test Data */
+static const unsigned char aes_128_key[16] = {
+    0x2b, 0x7e, 0x15, 0x16,     0x28, 0xae, 0xd2, 0xa6,
+    0xab, 0xf7, 0x15, 0x88,     0x09, 0xcf, 0x4f, 0x3c
+};
+static const unsigned char aes_128_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
+    {
+        /* K1 */
+        0xfb, 0xee, 0xd6, 0x18,     0x35, 0x71, 0x33, 0x66,
+        0x7c, 0x85, 0xe0, 0x8f,     0x72, 0x36, 0xa8, 0xde
+    },
+    {
+        /* K2 */
+        0xf7, 0xdd, 0xac, 0x30,     0x6a, 0xe2, 0x66, 0xcc,
+        0xf9, 0x0b, 0xc1, 0x1e,     0xe4, 0x6d, 0x51, 0x3b
+    }
+};
+static const unsigned char aes_128_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] =
+{
+    {
+        /* Example #1 */
+        0xbb, 0x1d, 0x69, 0x29,     0xe9, 0x59, 0x37, 0x28,
+        0x7f, 0xa3, 0x7d, 0x12,     0x9b, 0x75, 0x67, 0x46
+    },
+    {
+        /* Example #2 */
+        0x07, 0x0a, 0x16, 0xb4,     0x6b, 0x4d, 0x41, 0x44,
+        0xf7, 0x9b, 0xdd, 0x9d,     0xd0, 0x4a, 0x28, 0x7c
+    },
+    {
+        /* Example #3 */
+        0x7d, 0x85, 0x44, 0x9e,     0xa6, 0xea, 0x19, 0xc8,
+        0x23, 0xa7, 0xbf, 0x78,     0x83, 0x7d, 0xfa, 0xde
+    },
+    {
+        /* Example #4 */
+        0x51, 0xf0, 0xbe, 0xbf,     0x7e, 0x3b, 0x9d, 0x92,
+        0xfc, 0x49, 0x74, 0x17,     0x79, 0x36, 0x3c, 0xfe
+    }
+};
+
+/* CMAC-AES192 Test Data */
+static const unsigned char aes_192_key[24] = {
+    0x8e, 0x73, 0xb0, 0xf7,     0xda, 0x0e, 0x64, 0x52,
+    0xc8, 0x10, 0xf3, 0x2b,     0x80, 0x90, 0x79, 0xe5,
+    0x62, 0xf8, 0xea, 0xd2,     0x52, 0x2c, 0x6b, 0x7b
+};
+static const unsigned char aes_192_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
+    {
+        /* K1 */
+        0x44, 0x8a, 0x5b, 0x1c,     0x93, 0x51, 0x4b, 0x27,
+        0x3e, 0xe6, 0x43, 0x9d,     0xd4, 0xda, 0xa2, 0x96
+    },
+    {
+        /* K2 */
+        0x89, 0x14, 0xb6, 0x39,     0x26, 0xa2, 0x96, 0x4e,
+        0x7d, 0xcc, 0x87, 0x3b,     0xa9, 0xb5, 0x45, 0x2c
+    }
+};
+static const unsigned char aes_192_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] =
+{
+    {
+        /* Example #1 */
+        0xd1, 0x7d, 0xdf, 0x46,     0xad, 0xaa, 0xcd, 0xe5,
+        0x31, 0xca, 0xc4, 0x83,     0xde, 0x7a, 0x93, 0x67
+    },
+    {
+        /* Example #2 */
+        0x9e, 0x99, 0xa7, 0xbf,     0x31, 0xe7, 0x10, 0x90,
+        0x06, 0x62, 0xf6, 0x5e,     0x61, 0x7c, 0x51, 0x84
+    },
+    {
+        /* Example #3 */
+        0x3d, 0x75, 0xc1, 0x94,     0xed, 0x96, 0x07, 0x04,
+        0x44, 0xa9, 0xfa, 0x7e,     0xc7, 0x40, 0xec, 0xf8
+    },
+    {
+        /* Example #4 */
+        0xa1, 0xd5, 0xdf, 0x0e,     0xed, 0x79, 0x0f, 0x79,
+        0x4d, 0x77, 0x58, 0x96,     0x59, 0xf3, 0x9a, 0x11
+    }
+};
+
+/* CMAC-AES256 Test Data */
+static const unsigned char aes_256_key[32] = {
+    0x60, 0x3d, 0xeb, 0x10,     0x15, 0xca, 0x71, 0xbe,
+    0x2b, 0x73, 0xae, 0xf0,     0x85, 0x7d, 0x77, 0x81,
+    0x1f, 0x35, 0x2c, 0x07,     0x3b, 0x61, 0x08, 0xd7,
+    0x2d, 0x98, 0x10, 0xa3,     0x09, 0x14, 0xdf, 0xf4
+};
+static const unsigned char aes_256_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
+    {
+        /* K1 */
+        0xca, 0xd1, 0xed, 0x03,     0x29, 0x9e, 0xed, 0xac,
+        0x2e, 0x9a, 0x99, 0x80,     0x86, 0x21, 0x50, 0x2f
+    },
+    {
+        /* K2 */
+        0x95, 0xa3, 0xda, 0x06,     0x53, 0x3d, 0xdb, 0x58,
+        0x5d, 0x35, 0x33, 0x01,     0x0c, 0x42, 0xa0, 0xd9
+    }
+};
+static const unsigned char aes_256_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] =
+{
+    {
+        /* Example #1 */
+        0x02, 0x89, 0x62, 0xf6,     0x1b, 0x7b, 0xf8, 0x9e,
+        0xfc, 0x6b, 0x55, 0x1f,     0x46, 0x67, 0xd9, 0x83
+    },
+    {
+        /* Example #2 */
+        0x28, 0xa7, 0x02, 0x3f,     0x45, 0x2e, 0x8f, 0x82,
+        0xbd, 0x4b, 0xf2, 0x8d,     0x8c, 0x37, 0xc3, 0x5c
+    },
+    {
+        /* Example #3 */
+        0x15, 0x67, 0x27, 0xdc,     0x08, 0x78, 0x94, 0x4a,
+        0x02, 0x3c, 0x1f, 0xe0,     0x3b, 0xad, 0x6d, 0x93
+    },
+    {
+        /* Example #4 */
+        0xe1, 0x99, 0x21, 0x90,     0x54, 0x9f, 0x6e, 0xd5,
+        0x69, 0x6a, 0x2c, 0x05,     0x6c, 0x31, 0x54, 0x10
+    }
+};
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_DES_C)
+/* Truncation point of message for 3DES CMAC tests  */
+static const unsigned int des3_message_lengths[NB_CMAC_TESTS_PER_KEY] = {
+    0,
+    16,
+    20,
+    32
+};
+
+/* CMAC-TDES (Generation) - 2 Key Test Data */
+static const unsigned char des3_2key_key[24] = {
+    /* Key1 */
+    0x01, 0x23, 0x45, 0x67,     0x89, 0xab, 0xcd, 0xef,
+    /* Key2 */
+    0x23, 0x45, 0x67, 0x89,     0xab, 0xcd, 0xEF, 0x01,
+    /* Key3 */
+    0x01, 0x23, 0x45, 0x67,     0x89, 0xab, 0xcd, 0xef
+};
+static const unsigned char des3_2key_subkeys[2][8] = {
+    {
+        /* K1 */
+        0x0d, 0xd2, 0xcb, 0x7a,     0x3d, 0x88, 0x88, 0xd9
+    },
+    {
+        /* K2 */
+        0x1b, 0xa5, 0x96, 0xf4,     0x7b, 0x11, 0x11, 0xb2
+    }
+};
+static const unsigned char des3_2key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE]
+    = {
+    {
+        /* Sample #1 */
+        0x79, 0xce, 0x52, 0xa7,     0xf7, 0x86, 0xa9, 0x60
+    },
+    {
+        /* Sample #2 */
+        0xcc, 0x18, 0xa0, 0xb7,     0x9a, 0xf2, 0x41, 0x3b
+    },
+    {
+        /* Sample #3 */
+        0xc0, 0x6d, 0x37, 0x7e,     0xcd, 0x10, 0x19, 0x69
+    },
+    {
+        /* Sample #4 */
+        0x9c, 0xd3, 0x35, 0x80,     0xf9, 0xb6, 0x4d, 0xfb
+    }
+    };
+
+/* CMAC-TDES (Generation) - 3 Key Test Data */
+static const unsigned char des3_3key_key[24] = {
+    /* Key1 */
+    0x01, 0x23, 0x45, 0x67,     0x89, 0xaa, 0xcd, 0xef,
+    /* Key2 */
+    0x23, 0x45, 0x67, 0x89,     0xab, 0xcd, 0xef, 0x01,
+    /* Key3 */
+    0x45, 0x67, 0x89, 0xab,     0xcd, 0xef, 0x01, 0x23
+};
+static const unsigned char des3_3key_subkeys[2][8] = {
+    {
+        /* K1 */
+        0x9d, 0x74, 0xe7, 0x39,     0x33, 0x17, 0x96, 0xc0
+    },
+    {
+        /* K2 */
+        0x3a, 0xe9, 0xce, 0x72,     0x66, 0x2f, 0x2d, 0x9b
+    }
+};
+static const unsigned char des3_3key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE]
+    = {
+    {
+        /* Sample #1 */
+        0x7d, 0xb0, 0xd3, 0x7d,     0xf9, 0x36, 0xc5, 0x50
+    },
+    {
+        /* Sample #2 */
+        0x30, 0x23, 0x9c, 0xf1,     0xf5, 0x2e, 0x66, 0x09
+    },
+    {
+        /* Sample #3 */
+        0x6c, 0x9f, 0x3e, 0xe4,     0x92, 0x3f, 0x6b, 0xe2
+    },
+    {
+        /* Sample #4 */
+        0x99, 0x42, 0x9b, 0xd0,     0xbF, 0x79, 0x04, 0xe5
+    }
+    };
+
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_AES_C)
+/* AES AES-CMAC-PRF-128 Test Data */
+static const unsigned char PRFK[] = {
+    /* Key */
+    0x00, 0x01, 0x02, 0x03,     0x04, 0x05, 0x06, 0x07,
+    0x08, 0x09, 0x0a, 0x0b,     0x0c, 0x0d, 0x0e, 0x0f,
+    0xed, 0xcb
+};
+
+/* Sizes in bytes */
+static const size_t PRFKlen[NB_PRF_TESTS] = {
+    18,
+    16,
+    10
+};
+
+/* Message */
+static const unsigned char PRFM[] = {
+    0x00, 0x01, 0x02, 0x03,     0x04, 0x05, 0x06, 0x07,
+    0x08, 0x09, 0x0a, 0x0b,     0x0c, 0x0d, 0x0e, 0x0f,
+    0x10, 0x11, 0x12, 0x13
+};
+
+static const unsigned char PRFT[NB_PRF_TESTS][16] = {
+    {
+        0x84, 0xa3, 0x48, 0xa4,     0xa4, 0x5d, 0x23, 0x5b,
+        0xab, 0xff, 0xfc, 0x0d,     0x2b, 0x4d, 0xa0, 0x9a
+    },
+    {
+        0x98, 0x0a, 0xe8, 0x7b,     0x5f, 0x4c, 0x9c, 0x52,
+        0x14, 0xf5, 0xb6, 0xa8,     0x45, 0x5e, 0x4c, 0x2d
+    },
+    {
+        0x29, 0x0d, 0x9e, 0x11,     0x2e, 0xdb, 0x09, 0xee,
+        0x14, 0x1f, 0xcf, 0x64,     0xc0, 0xb7, 0x2f, 0x3d
+    }
+};
+#endif /* MBEDTLS_AES_C */
+
+static int cmac_test_subkeys(int verbose,
+                             const char *testname,
+                             const unsigned char *key,
+                             int keybits,
+                             const unsigned char *subkeys,
+                             mbedtls_cipher_type_t cipher_type,
+                             int block_size,
+                             int num_tests)
+{
+    int i, ret = 0;
+    mbedtls_cipher_context_t ctx;
+    const mbedtls_cipher_info_t *cipher_info;
+    unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    unsigned char K2[MBEDTLS_CIPHER_BLKSIZE_MAX];
+
+    cipher_info = mbedtls_cipher_info_from_type(cipher_type);
+    if (cipher_info == NULL) {
+        /* Failing at this point must be due to a build issue */
+        return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+    }
+
+    for (i = 0; i < num_tests; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  %s CMAC subkey #%d: ", testname, i + 1);
+        }
+
+        mbedtls_cipher_init(&ctx);
+
+        if ((ret = mbedtls_cipher_setup(&ctx, cipher_info)) != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("test execution failed\n");
+            }
+
+            goto cleanup;
+        }
+
+        if ((ret = mbedtls_cipher_setkey(&ctx, key, keybits,
+                                         MBEDTLS_ENCRYPT)) != 0) {
+            /* When CMAC is implemented by an alternative implementation, or
+             * the underlying primitive itself is implemented alternatively,
+             * AES-192 may be unavailable. This should not cause the selftest
+             * function to fail. */
+            if ((ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ||
+                 ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) &&
+                cipher_type == MBEDTLS_CIPHER_AES_192_ECB) {
+                if (verbose != 0) {
+                    mbedtls_printf("skipped\n");
+                }
+                goto next_test;
+            }
+
+            if (verbose != 0) {
+                mbedtls_printf("test execution failed\n");
+            }
+
+            goto cleanup;
+        }
+
+        ret = cmac_generate_subkeys(&ctx, K1, K2);
+        if (ret != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
+
+            goto cleanup;
+        }
+
+        if ((ret = memcmp(K1, subkeys, block_size)) != 0  ||
+            (ret = memcmp(K2, &subkeys[block_size], block_size)) != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
+
+            goto cleanup;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+
+next_test:
+        mbedtls_cipher_free(&ctx);
+    }
+
+    ret = 0;
+    goto exit;
+
+cleanup:
+    mbedtls_cipher_free(&ctx);
+
+exit:
+    return ret;
+}
+
+static int cmac_test_wth_cipher(int verbose,
+                                const char *testname,
+                                const unsigned char *key,
+                                int keybits,
+                                const unsigned char *messages,
+                                const unsigned int message_lengths[4],
+                                const unsigned char *expected_result,
+                                mbedtls_cipher_type_t cipher_type,
+                                int block_size,
+                                int num_tests)
+{
+    const mbedtls_cipher_info_t *cipher_info;
+    int i, ret = 0;
+    unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX];
+
+    cipher_info = mbedtls_cipher_info_from_type(cipher_type);
+    if (cipher_info == NULL) {
+        /* Failing at this point must be due to a build issue */
+        ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+        goto exit;
+    }
+
+    for (i = 0; i < num_tests; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  %s CMAC #%d: ", testname, i + 1);
+        }
+
+        if ((ret = mbedtls_cipher_cmac(cipher_info, key, keybits, messages,
+                                       message_lengths[i], output)) != 0) {
+            /* When CMAC is implemented by an alternative implementation, or
+             * the underlying primitive itself is implemented alternatively,
+             * AES-192 and/or 3DES may be unavailable. This should not cause
+             * the selftest function to fail. */
+            if ((ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ||
+                 ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) &&
+                (cipher_type == MBEDTLS_CIPHER_AES_192_ECB ||
+                 cipher_type == MBEDTLS_CIPHER_DES_EDE3_ECB)) {
+                if (verbose != 0) {
+                    mbedtls_printf("skipped\n");
+                }
+                continue;
+            }
+
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
+            goto exit;
+        }
+
+        if ((ret = memcmp(output, &expected_result[i * block_size], block_size)) != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
+            goto exit;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+    ret = 0;
+
+exit:
+    return ret;
+}
+
+#if defined(MBEDTLS_AES_C)
+static int test_aes128_cmac_prf(int verbose)
+{
+    int i;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char output[MBEDTLS_AES_BLOCK_SIZE];
+
+    for (i = 0; i < NB_PRF_TESTS; i++) {
+        mbedtls_printf("  AES CMAC 128 PRF #%d: ", i);
+        ret = mbedtls_aes_cmac_prf_128(PRFK, PRFKlen[i], PRFM, 20, output);
+        if (ret != 0 ||
+            memcmp(output, PRFT[i], MBEDTLS_AES_BLOCK_SIZE) != 0) {
+
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
+
+            return ret;
+        } else if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+    return ret;
+}
+#endif /* MBEDTLS_AES_C */
+
+int mbedtls_cmac_self_test(int verbose)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+#if defined(MBEDTLS_AES_C)
+    /* AES-128 */
+    if ((ret = cmac_test_subkeys(verbose,
+                                 "AES 128",
+                                 aes_128_key,
+                                 128,
+                                 (const unsigned char *) aes_128_subkeys,
+                                 MBEDTLS_CIPHER_AES_128_ECB,
+                                 MBEDTLS_AES_BLOCK_SIZE,
+                                 NB_CMAC_TESTS_PER_KEY)) != 0) {
+        return ret;
+    }
+
+    if ((ret = cmac_test_wth_cipher(verbose,
+                                    "AES 128",
+                                    aes_128_key,
+                                    128,
+                                    test_message,
+                                    aes_message_lengths,
+                                    (const unsigned char *) aes_128_expected_result,
+                                    MBEDTLS_CIPHER_AES_128_ECB,
+                                    MBEDTLS_AES_BLOCK_SIZE,
+                                    NB_CMAC_TESTS_PER_KEY)) != 0) {
+        return ret;
+    }
+
+    /* AES-192 */
+    if ((ret = cmac_test_subkeys(verbose,
+                                 "AES 192",
+                                 aes_192_key,
+                                 192,
+                                 (const unsigned char *) aes_192_subkeys,
+                                 MBEDTLS_CIPHER_AES_192_ECB,
+                                 MBEDTLS_AES_BLOCK_SIZE,
+                                 NB_CMAC_TESTS_PER_KEY)) != 0) {
+        return ret;
+    }
+
+    if ((ret = cmac_test_wth_cipher(verbose,
+                                    "AES 192",
+                                    aes_192_key,
+                                    192,
+                                    test_message,
+                                    aes_message_lengths,
+                                    (const unsigned char *) aes_192_expected_result,
+                                    MBEDTLS_CIPHER_AES_192_ECB,
+                                    MBEDTLS_AES_BLOCK_SIZE,
+                                    NB_CMAC_TESTS_PER_KEY)) != 0) {
+        return ret;
+    }
+
+    /* AES-256 */
+    if ((ret = cmac_test_subkeys(verbose,
+                                 "AES 256",
+                                 aes_256_key,
+                                 256,
+                                 (const unsigned char *) aes_256_subkeys,
+                                 MBEDTLS_CIPHER_AES_256_ECB,
+                                 MBEDTLS_AES_BLOCK_SIZE,
+                                 NB_CMAC_TESTS_PER_KEY)) != 0) {
+        return ret;
+    }
+
+    if ((ret = cmac_test_wth_cipher(verbose,
+                                    "AES 256",
+                                    aes_256_key,
+                                    256,
+                                    test_message,
+                                    aes_message_lengths,
+                                    (const unsigned char *) aes_256_expected_result,
+                                    MBEDTLS_CIPHER_AES_256_ECB,
+                                    MBEDTLS_AES_BLOCK_SIZE,
+                                    NB_CMAC_TESTS_PER_KEY)) != 0) {
+        return ret;
+    }
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_DES_C)
+    /* 3DES 2 key */
+    if ((ret = cmac_test_subkeys(verbose,
+                                 "3DES 2 key",
+                                 des3_2key_key,
+                                 192,
+                                 (const unsigned char *) des3_2key_subkeys,
+                                 MBEDTLS_CIPHER_DES_EDE3_ECB,
+                                 MBEDTLS_DES3_BLOCK_SIZE,
+                                 NB_CMAC_TESTS_PER_KEY)) != 0) {
+        return ret;
+    }
+
+    if ((ret = cmac_test_wth_cipher(verbose,
+                                    "3DES 2 key",
+                                    des3_2key_key,
+                                    192,
+                                    test_message,
+                                    des3_message_lengths,
+                                    (const unsigned char *) des3_2key_expected_result,
+                                    MBEDTLS_CIPHER_DES_EDE3_ECB,
+                                    MBEDTLS_DES3_BLOCK_SIZE,
+                                    NB_CMAC_TESTS_PER_KEY)) != 0) {
+        return ret;
+    }
+
+    /* 3DES 3 key */
+    if ((ret = cmac_test_subkeys(verbose,
+                                 "3DES 3 key",
+                                 des3_3key_key,
+                                 192,
+                                 (const unsigned char *) des3_3key_subkeys,
+                                 MBEDTLS_CIPHER_DES_EDE3_ECB,
+                                 MBEDTLS_DES3_BLOCK_SIZE,
+                                 NB_CMAC_TESTS_PER_KEY)) != 0) {
+        return ret;
+    }
+
+    if ((ret = cmac_test_wth_cipher(verbose,
+                                    "3DES 3 key",
+                                    des3_3key_key,
+                                    192,
+                                    test_message,
+                                    des3_message_lengths,
+                                    (const unsigned char *) des3_3key_expected_result,
+                                    MBEDTLS_CIPHER_DES_EDE3_ECB,
+                                    MBEDTLS_DES3_BLOCK_SIZE,
+                                    NB_CMAC_TESTS_PER_KEY)) != 0) {
+        return ret;
+    }
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_AES_C)
+    if ((ret = test_aes128_cmac_prf(verbose)) != 0) {
+        return ret;
+    }
+#endif /* MBEDTLS_AES_C */
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+    return 0;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_CMAC_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/common.h b/3rdparty/mbedtls-2.28.7/library/common.h
new file mode 100644
index 0000000..bf18d72
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/common.h
@@ -0,0 +1,353 @@
+/**
+ * \file common.h
+ *
+ * \brief Utility macros for internal use in the library
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MBEDTLS_LIBRARY_COMMON_H
+#define MBEDTLS_LIBRARY_COMMON_H
+
+#if defined(MBEDTLS_CONFIG_FILE)
+#include MBEDTLS_CONFIG_FILE
+#else
+#include "mbedtls/config.h"
+#endif
+
+#include <assert.h>
+#include <stddef.h>
+#include <stdint.h>
+
+/* Define `inline` on some non-C99-compliant compilers. */
+#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+/** Helper to define a function as static except when building invasive tests.
+ *
+ * If a function is only used inside its own source file and should be
+ * declared `static` to allow the compiler to optimize for code size,
+ * but that function has unit tests, define it with
+ * ```
+ * MBEDTLS_STATIC_TESTABLE int mbedtls_foo(...) { ... }
+ * ```
+ * and declare it in a header in the `library/` directory with
+ * ```
+ * #if defined(MBEDTLS_TEST_HOOKS)
+ * int mbedtls_foo(...);
+ * #endif
+ * ```
+ */
+#if defined(MBEDTLS_TEST_HOOKS)
+#define MBEDTLS_STATIC_TESTABLE
+#else
+#define MBEDTLS_STATIC_TESTABLE static
+#endif
+
+/** Return an offset into a buffer.
+ *
+ * This is just the addition of an offset to a pointer, except that this
+ * function also accepts an offset of 0 into a buffer whose pointer is null.
+ * (`p + n` has undefined behavior when `p` is null, even when `n == 0`.
+ * A null pointer is a valid buffer pointer when the size is 0, for example
+ * as the result of `malloc(0)` on some platforms.)
+ *
+ * \param p     Pointer to a buffer of at least n bytes.
+ *              This may be \p NULL if \p n is zero.
+ * \param n     An offset in bytes.
+ * \return      Pointer to offset \p n in the buffer \p p.
+ *              Note that this is only a valid pointer if the size of the
+ *              buffer is at least \p n + 1.
+ */
+static inline unsigned char *mbedtls_buffer_offset(
+    unsigned char *p, size_t n)
+{
+    return p == NULL ? NULL : p + n;
+}
+
+/** Return an offset into a read-only buffer.
+ *
+ * Similar to mbedtls_buffer_offset(), but for const pointers.
+ *
+ * \param p     Pointer to a buffer of at least n bytes.
+ *              This may be \p NULL if \p n is zero.
+ * \param n     An offset in bytes.
+ * \return      Pointer to offset \p n in the buffer \p p.
+ *              Note that this is only a valid pointer if the size of the
+ *              buffer is at least \p n + 1.
+ */
+static inline const unsigned char *mbedtls_buffer_offset_const(
+    const unsigned char *p, size_t n)
+{
+    return p == NULL ? NULL : p + n;
+}
+
+/** Byte Reading Macros
+ *
+ * Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th
+ * byte from x, where byte 0 is the least significant byte.
+ */
+#define MBEDTLS_BYTE_0(x) ((uint8_t) ((x)         & 0xff))
+#define MBEDTLS_BYTE_1(x) ((uint8_t) (((x) >> 8) & 0xff))
+#define MBEDTLS_BYTE_2(x) ((uint8_t) (((x) >> 16) & 0xff))
+#define MBEDTLS_BYTE_3(x) ((uint8_t) (((x) >> 24) & 0xff))
+#define MBEDTLS_BYTE_4(x) ((uint8_t) (((x) >> 32) & 0xff))
+#define MBEDTLS_BYTE_5(x) ((uint8_t) (((x) >> 40) & 0xff))
+#define MBEDTLS_BYTE_6(x) ((uint8_t) (((x) >> 48) & 0xff))
+#define MBEDTLS_BYTE_7(x) ((uint8_t) (((x) >> 56) & 0xff))
+
+/**
+ * Get the unsigned 32 bits integer corresponding to four bytes in
+ * big-endian order (MSB first).
+ *
+ * \param   data    Base address of the memory to get the four bytes from.
+ * \param   offset  Offset from \p base of the first and most significant
+ *                  byte of the four bytes to build the 32 bits unsigned
+ *                  integer from.
+ */
+#ifndef MBEDTLS_GET_UINT32_BE
+#define MBEDTLS_GET_UINT32_BE(data, offset)                  \
+    (                                                           \
+        ((uint32_t) (data)[(offset)] << 24)         \
+        | ((uint32_t) (data)[(offset) + 1] << 16)         \
+        | ((uint32_t) (data)[(offset) + 2] <<  8)         \
+        | ((uint32_t) (data)[(offset) + 3])         \
+    )
+#endif
+
+/**
+ * Put in memory a 32 bits unsigned integer in big-endian order.
+ *
+ * \param   n       32 bits unsigned integer to put in memory.
+ * \param   data    Base address of the memory where to put the 32
+ *                  bits unsigned integer in.
+ * \param   offset  Offset from \p base where to put the most significant
+ *                  byte of the 32 bits unsigned integer \p n.
+ */
+#ifndef MBEDTLS_PUT_UINT32_BE
+#define MBEDTLS_PUT_UINT32_BE(n, data, offset)                \
+    {                                                               \
+        (data)[(offset)] = MBEDTLS_BYTE_3(n);             \
+        (data)[(offset) + 1] = MBEDTLS_BYTE_2(n);             \
+        (data)[(offset) + 2] = MBEDTLS_BYTE_1(n);             \
+        (data)[(offset) + 3] = MBEDTLS_BYTE_0(n);             \
+    }
+#endif
+
+/**
+ * Get the unsigned 32 bits integer corresponding to four bytes in
+ * little-endian order (LSB first).
+ *
+ * \param   data    Base address of the memory to get the four bytes from.
+ * \param   offset  Offset from \p base of the first and least significant
+ *                  byte of the four bytes to build the 32 bits unsigned
+ *                  integer from.
+ */
+#ifndef MBEDTLS_GET_UINT32_LE
+#define MBEDTLS_GET_UINT32_LE(data, offset)                   \
+    (                                                           \
+        ((uint32_t) (data)[(offset)])         \
+        | ((uint32_t) (data)[(offset) + 1] <<  8)         \
+        | ((uint32_t) (data)[(offset) + 2] << 16)         \
+        | ((uint32_t) (data)[(offset) + 3] << 24)         \
+    )
+#endif
+
+/**
+ * Put in memory a 32 bits unsigned integer in little-endian order.
+ *
+ * \param   n       32 bits unsigned integer to put in memory.
+ * \param   data    Base address of the memory where to put the 32
+ *                  bits unsigned integer in.
+ * \param   offset  Offset from \p base where to put the least significant
+ *                  byte of the 32 bits unsigned integer \p n.
+ */
+#ifndef MBEDTLS_PUT_UINT32_LE
+#define MBEDTLS_PUT_UINT32_LE(n, data, offset)                \
+    {                                                               \
+        (data)[(offset)] = MBEDTLS_BYTE_0(n);             \
+        (data)[(offset) + 1] = MBEDTLS_BYTE_1(n);             \
+        (data)[(offset) + 2] = MBEDTLS_BYTE_2(n);             \
+        (data)[(offset) + 3] = MBEDTLS_BYTE_3(n);             \
+    }
+#endif
+
+/**
+ * Get the unsigned 16 bits integer corresponding to two bytes in
+ * little-endian order (LSB first).
+ *
+ * \param   data    Base address of the memory to get the two bytes from.
+ * \param   offset  Offset from \p base of the first and least significant
+ *                  byte of the two bytes to build the 16 bits unsigned
+ *                  integer from.
+ */
+#ifndef MBEDTLS_GET_UINT16_LE
+#define MBEDTLS_GET_UINT16_LE(data, offset)                   \
+    (                                                           \
+        ((uint16_t) (data)[(offset)])         \
+        | ((uint16_t) (data)[(offset) + 1] <<  8)         \
+    )
+#endif
+
+/**
+ * Put in memory a 16 bits unsigned integer in little-endian order.
+ *
+ * \param   n       16 bits unsigned integer to put in memory.
+ * \param   data    Base address of the memory where to put the 16
+ *                  bits unsigned integer in.
+ * \param   offset  Offset from \p base where to put the least significant
+ *                  byte of the 16 bits unsigned integer \p n.
+ */
+#ifndef MBEDTLS_PUT_UINT16_LE
+#define MBEDTLS_PUT_UINT16_LE(n, data, offset)                \
+    {                                                               \
+        (data)[(offset)] = MBEDTLS_BYTE_0(n);             \
+        (data)[(offset) + 1] = MBEDTLS_BYTE_1(n);             \
+    }
+#endif
+
+/**
+ * Get the unsigned 16 bits integer corresponding to two bytes in
+ * big-endian order (MSB first).
+ *
+ * \param   data    Base address of the memory to get the two bytes from.
+ * \param   offset  Offset from \p base of the first and most significant
+ *                  byte of the two bytes to build the 16 bits unsigned
+ *                  integer from.
+ */
+#ifndef MBEDTLS_GET_UINT16_BE
+#define MBEDTLS_GET_UINT16_BE(data, offset)                   \
+    (                                                           \
+        ((uint16_t) (data)[(offset)] << 8)          \
+        | ((uint16_t) (data)[(offset) + 1])          \
+    )
+#endif
+
+/**
+ * Put in memory a 16 bits unsigned integer in big-endian order.
+ *
+ * \param   n       16 bits unsigned integer to put in memory.
+ * \param   data    Base address of the memory where to put the 16
+ *                  bits unsigned integer in.
+ * \param   offset  Offset from \p base where to put the most significant
+ *                  byte of the 16 bits unsigned integer \p n.
+ */
+#ifndef MBEDTLS_PUT_UINT16_BE
+#define MBEDTLS_PUT_UINT16_BE(n, data, offset)                \
+    {                                                               \
+        (data)[(offset)] = MBEDTLS_BYTE_1(n);             \
+        (data)[(offset) + 1] = MBEDTLS_BYTE_0(n);             \
+    }
+#endif
+
+/**
+ * Get the unsigned 64 bits integer corresponding to eight bytes in
+ * big-endian order (MSB first).
+ *
+ * \param   data    Base address of the memory to get the eight bytes from.
+ * \param   offset  Offset from \p base of the first and most significant
+ *                  byte of the eight bytes to build the 64 bits unsigned
+ *                  integer from.
+ */
+#ifndef MBEDTLS_GET_UINT64_BE
+#define MBEDTLS_GET_UINT64_BE(data, offset)                   \
+    (                                                           \
+        ((uint64_t) (data)[(offset)] << 56)         \
+        | ((uint64_t) (data)[(offset) + 1] << 48)         \
+        | ((uint64_t) (data)[(offset) + 2] << 40)         \
+        | ((uint64_t) (data)[(offset) + 3] << 32)         \
+        | ((uint64_t) (data)[(offset) + 4] << 24)         \
+        | ((uint64_t) (data)[(offset) + 5] << 16)         \
+        | ((uint64_t) (data)[(offset) + 6] <<  8)         \
+        | ((uint64_t) (data)[(offset) + 7])         \
+    )
+#endif
+
+/**
+ * Put in memory a 64 bits unsigned integer in big-endian order.
+ *
+ * \param   n       64 bits unsigned integer to put in memory.
+ * \param   data    Base address of the memory where to put the 64
+ *                  bits unsigned integer in.
+ * \param   offset  Offset from \p base where to put the most significant
+ *                  byte of the 64 bits unsigned integer \p n.
+ */
+#ifndef MBEDTLS_PUT_UINT64_BE
+#define MBEDTLS_PUT_UINT64_BE(n, data, offset)                \
+    {                                                               \
+        (data)[(offset)] = MBEDTLS_BYTE_7(n);             \
+        (data)[(offset) + 1] = MBEDTLS_BYTE_6(n);             \
+        (data)[(offset) + 2] = MBEDTLS_BYTE_5(n);             \
+        (data)[(offset) + 3] = MBEDTLS_BYTE_4(n);             \
+        (data)[(offset) + 4] = MBEDTLS_BYTE_3(n);             \
+        (data)[(offset) + 5] = MBEDTLS_BYTE_2(n);             \
+        (data)[(offset) + 6] = MBEDTLS_BYTE_1(n);             \
+        (data)[(offset) + 7] = MBEDTLS_BYTE_0(n);             \
+    }
+#endif
+
+/**
+ * Get the unsigned 64 bits integer corresponding to eight bytes in
+ * little-endian order (LSB first).
+ *
+ * \param   data    Base address of the memory to get the eight bytes from.
+ * \param   offset  Offset from \p base of the first and least significant
+ *                  byte of the eight bytes to build the 64 bits unsigned
+ *                  integer from.
+ */
+#ifndef MBEDTLS_GET_UINT64_LE
+#define MBEDTLS_GET_UINT64_LE(data, offset)                   \
+    (                                                           \
+        ((uint64_t) (data)[(offset) + 7] << 56)         \
+        | ((uint64_t) (data)[(offset) + 6] << 48)         \
+        | ((uint64_t) (data)[(offset) + 5] << 40)         \
+        | ((uint64_t) (data)[(offset) + 4] << 32)         \
+        | ((uint64_t) (data)[(offset) + 3] << 24)         \
+        | ((uint64_t) (data)[(offset) + 2] << 16)         \
+        | ((uint64_t) (data)[(offset) + 1] <<  8)         \
+        | ((uint64_t) (data)[(offset)])         \
+    )
+#endif
+
+/**
+ * Put in memory a 64 bits unsigned integer in little-endian order.
+ *
+ * \param   n       64 bits unsigned integer to put in memory.
+ * \param   data    Base address of the memory where to put the 64
+ *                  bits unsigned integer in.
+ * \param   offset  Offset from \p base where to put the least significant
+ *                  byte of the 64 bits unsigned integer \p n.
+ */
+#ifndef MBEDTLS_PUT_UINT64_LE
+#define MBEDTLS_PUT_UINT64_LE(n, data, offset)                \
+    {                                                               \
+        (data)[(offset)] = MBEDTLS_BYTE_0(n);             \
+        (data)[(offset) + 1] = MBEDTLS_BYTE_1(n);             \
+        (data)[(offset) + 2] = MBEDTLS_BYTE_2(n);             \
+        (data)[(offset) + 3] = MBEDTLS_BYTE_3(n);             \
+        (data)[(offset) + 4] = MBEDTLS_BYTE_4(n);             \
+        (data)[(offset) + 5] = MBEDTLS_BYTE_5(n);             \
+        (data)[(offset) + 6] = MBEDTLS_BYTE_6(n);             \
+        (data)[(offset) + 7] = MBEDTLS_BYTE_7(n);             \
+    }
+#endif
+
+/* Always provide a static assert macro, so it can be used unconditionally.
+ * It will expand to nothing on some systems.
+ * Can be used outside functions (but don't add a trailing ';' in that case:
+ * the semicolon is included here to avoid triggering -Wextra-semi when
+ * MBEDTLS_STATIC_ASSERT() expands to nothing).
+ * Can't use the C11-style `defined(static_assert)` on FreeBSD, since it
+ * defines static_assert even with -std=c99, but then complains about it.
+ */
+#if defined(static_assert) && !defined(__FreeBSD__)
+#define MBEDTLS_STATIC_ASSERT(expr, msg)    static_assert(expr, msg);
+#else
+#define MBEDTLS_STATIC_ASSERT(expr, msg)
+#endif
+
+#endif /* MBEDTLS_LIBRARY_COMMON_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/constant_time.c b/3rdparty/mbedtls-2.28.7/library/constant_time.c
new file mode 100644
index 0000000..002ca49
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/constant_time.c
@@ -0,0 +1,786 @@
+/**
+ *  Constant-time functions
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ * The following functions are implemented without using comparison operators, as those
+ * might be translated to branches by some compilers on some platforms.
+ */
+
+#include "common.h"
+#include "constant_time_internal.h"
+#include "mbedtls/constant_time.h"
+#include "mbedtls/error.h"
+#include "mbedtls/platform_util.h"
+
+#if defined(MBEDTLS_BIGNUM_C)
+#include "mbedtls/bignum.h"
+#endif
+
+#if defined(MBEDTLS_SSL_TLS_C)
+#include "mbedtls/ssl_internal.h"
+#endif
+
+#if defined(MBEDTLS_RSA_C)
+#include "mbedtls/rsa.h"
+#endif
+
+#if defined(MBEDTLS_BASE64_C)
+#include "constant_time_invasive.h"
+#endif
+
+#include <string.h>
+
+int mbedtls_ct_memcmp(const void *a,
+                      const void *b,
+                      size_t n)
+{
+    size_t i;
+    volatile const unsigned char *A = (volatile const unsigned char *) a;
+    volatile const unsigned char *B = (volatile const unsigned char *) b;
+    volatile unsigned char diff = 0;
+
+    for (i = 0; i < n; i++) {
+        /* Read volatile data in order before computing diff.
+         * This avoids IAR compiler warning:
+         * 'the order of volatile accesses is undefined ..' */
+        unsigned char x = A[i], y = B[i];
+        diff |= x ^ y;
+    }
+
+    return (int) diff;
+}
+
+unsigned mbedtls_ct_uint_mask(unsigned value)
+{
+    /* MSVC has a warning about unary minus on unsigned, but this is
+     * well-defined and precisely what we want to do here */
+#if defined(_MSC_VER)
+#pragma warning( push )
+#pragma warning( disable : 4146 )
+#endif
+    return -((value | -value) >> (sizeof(value) * 8 - 1));
+#if defined(_MSC_VER)
+#pragma warning( pop )
+#endif
+}
+
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) || defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || \
+    defined(MBEDTLS_NIST_KW_C) || defined(MBEDTLS_CIPHER_MODE_CBC)
+
+size_t mbedtls_ct_size_mask(size_t value)
+{
+    /* MSVC has a warning about unary minus on unsigned integer types,
+     * but this is well-defined and precisely what we want to do here. */
+#if defined(_MSC_VER)
+#pragma warning( push )
+#pragma warning( disable : 4146 )
+#endif
+    return -((value | -value) >> (sizeof(value) * 8 - 1));
+#if defined(_MSC_VER)
+#pragma warning( pop )
+#endif
+}
+
+#endif /* defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) || defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) ||
+          defined(MBEDTLS_NIST_KW_C) || defined(MBEDTLS_CIPHER_MODE_CBC) */
+
+#if defined(MBEDTLS_BIGNUM_C)
+
+mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask(mbedtls_mpi_uint value)
+{
+    /* MSVC has a warning about unary minus on unsigned, but this is
+     * well-defined and precisely what we want to do here */
+#if defined(_MSC_VER)
+#pragma warning( push )
+#pragma warning( disable : 4146 )
+#endif
+    return -((value | -value) >> (sizeof(value) * 8 - 1));
+#if defined(_MSC_VER)
+#pragma warning( pop )
+#endif
+}
+
+#endif /* MBEDTLS_BIGNUM_C */
+
+#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || defined(MBEDTLS_NIST_KW_C) || \
+    defined(MBEDTLS_CIPHER_MODE_CBC)
+
+/** Constant-flow mask generation for "less than" comparison:
+ * - if \p x < \p y, return all-bits 1, that is (size_t) -1
+ * - otherwise, return all bits 0, that is 0
+ *
+ * This function can be used to write constant-time code by replacing branches
+ * with bit operations using masks.
+ *
+ * \param x     The first value to analyze.
+ * \param y     The second value to analyze.
+ *
+ * \return      All-bits-one if \p x is less than \p y, otherwise zero.
+ */
+static size_t mbedtls_ct_size_mask_lt(size_t x,
+                                      size_t y)
+{
+    /* This has the most significant bit set if and only if x < y */
+    const size_t sub = x - y;
+
+    /* sub1 = (x < y) ? 1 : 0 */
+    const size_t sub1 = sub >> (sizeof(sub) * 8 - 1);
+
+    /* mask = (x < y) ? 0xff... : 0x00... */
+    const size_t mask = mbedtls_ct_size_mask(sub1);
+
+    return mask;
+}
+
+size_t mbedtls_ct_size_mask_ge(size_t x,
+                               size_t y)
+{
+    return ~mbedtls_ct_size_mask_lt(x, y);
+}
+
+#endif /* defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || defined(MBEDTLS_NIST_KW_C) ||
+          defined(MBEDTLS_CIPHER_MODE_CBC) */
+
+#if defined(MBEDTLS_BASE64_C)
+
+/* Return 0xff if low <= c <= high, 0 otherwise.
+ *
+ * Constant flow with respect to c.
+ */
+MBEDTLS_STATIC_TESTABLE
+unsigned char mbedtls_ct_uchar_mask_of_range(unsigned char low,
+                                             unsigned char high,
+                                             unsigned char c)
+{
+    /* low_mask is: 0 if low <= c, 0x...ff if low > c */
+    unsigned low_mask = ((unsigned) c - low) >> 8;
+    /* high_mask is: 0 if c <= high, 0x...ff if c > high */
+    unsigned high_mask = ((unsigned) high - c) >> 8;
+    return ~(low_mask | high_mask) & 0xff;
+}
+
+#endif /* MBEDTLS_BASE64_C */
+
+unsigned mbedtls_ct_size_bool_eq(size_t x,
+                                 size_t y)
+{
+    /* diff = 0 if x == y, non-zero otherwise */
+    const size_t diff = x ^ y;
+
+    /* MSVC has a warning about unary minus on unsigned integer types,
+     * but this is well-defined and precisely what we want to do here. */
+#if defined(_MSC_VER)
+#pragma warning( push )
+#pragma warning( disable : 4146 )
+#endif
+
+    /* diff_msb's most significant bit is equal to x != y */
+    const size_t diff_msb = (diff | (size_t) -diff);
+
+#if defined(_MSC_VER)
+#pragma warning( pop )
+#endif
+
+    /* diff1 = (x != y) ? 1 : 0 */
+    const unsigned diff1 = diff_msb >> (sizeof(diff_msb) * 8 - 1);
+
+    return 1 ^ diff1;
+}
+
+#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)
+
+/** Constant-flow "greater than" comparison:
+ * return x > y
+ *
+ * This is equivalent to \p x > \p y, but is likely to be compiled
+ * to code using bitwise operation rather than a branch.
+ *
+ * \param x     The first value to analyze.
+ * \param y     The second value to analyze.
+ *
+ * \return      1 if \p x greater than \p y, otherwise 0.
+ */
+static unsigned mbedtls_ct_size_gt(size_t x,
+                                   size_t y)
+{
+    /* Return the sign bit (1 for negative) of (y - x). */
+    return (y - x) >> (sizeof(size_t) * 8 - 1);
+}
+
+#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */
+
+#if defined(MBEDTLS_BIGNUM_C)
+
+unsigned mbedtls_ct_mpi_uint_lt(const mbedtls_mpi_uint x,
+                                const mbedtls_mpi_uint y)
+{
+    mbedtls_mpi_uint ret;
+    mbedtls_mpi_uint cond;
+
+    /*
+     * Check if the most significant bits (MSB) of the operands are different.
+     */
+    cond = (x ^ y);
+    /*
+     * If the MSB are the same then the difference x-y will be negative (and
+     * have its MSB set to 1 during conversion to unsigned) if and only if x<y.
+     */
+    ret = (x - y) & ~cond;
+    /*
+     * If the MSB are different, then the operand with the MSB of 1 is the
+     * bigger. (That is if y has MSB of 1, then x<y is true and it is false if
+     * the MSB of y is 0.)
+     */
+    ret |= y & cond;
+
+
+    ret = ret >> (sizeof(mbedtls_mpi_uint) * 8 - 1);
+
+    return (unsigned) ret;
+}
+
+#endif /* MBEDTLS_BIGNUM_C */
+
+unsigned mbedtls_ct_uint_if(unsigned condition,
+                            unsigned if1,
+                            unsigned if0)
+{
+    unsigned mask = mbedtls_ct_uint_mask(condition);
+    return (mask & if1) | (~mask & if0);
+}
+
+#if defined(MBEDTLS_BIGNUM_C)
+
+void mbedtls_ct_mpi_uint_cond_assign(size_t n,
+                                     mbedtls_mpi_uint *dest,
+                                     const mbedtls_mpi_uint *src,
+                                     unsigned char condition)
+{
+    size_t i;
+
+    /* MSVC has a warning about unary minus on unsigned integer types,
+     * but this is well-defined and precisely what we want to do here. */
+#if defined(_MSC_VER)
+#pragma warning( push )
+#pragma warning( disable : 4146 )
+#endif
+
+    /* all-bits 1 if condition is 1, all-bits 0 if condition is 0 */
+    const mbedtls_mpi_uint mask = -condition;
+
+#if defined(_MSC_VER)
+#pragma warning( pop )
+#endif
+
+    for (i = 0; i < n; i++) {
+        dest[i] = (src[i] & mask) | (dest[i] & ~mask);
+    }
+}
+
+#endif /* MBEDTLS_BIGNUM_C */
+
+#if defined(MBEDTLS_BASE64_C)
+
+unsigned char mbedtls_ct_base64_enc_char(unsigned char value)
+{
+    unsigned char digit = 0;
+    /* For each range of values, if value is in that range, mask digit with
+     * the corresponding value. Since value can only be in a single range,
+     * only at most one masking will change digit. */
+    digit |= mbedtls_ct_uchar_mask_of_range(0, 25, value) & ('A' + value);
+    digit |= mbedtls_ct_uchar_mask_of_range(26, 51, value) & ('a' + value - 26);
+    digit |= mbedtls_ct_uchar_mask_of_range(52, 61, value) & ('0' + value - 52);
+    digit |= mbedtls_ct_uchar_mask_of_range(62, 62, value) & '+';
+    digit |= mbedtls_ct_uchar_mask_of_range(63, 63, value) & '/';
+    return digit;
+}
+
+signed char mbedtls_ct_base64_dec_value(unsigned char c)
+{
+    unsigned char val = 0;
+    /* For each range of digits, if c is in that range, mask val with
+     * the corresponding value. Since c can only be in a single range,
+     * only at most one masking will change val. Set val to one plus
+     * the desired value so that it stays 0 if c is in none of the ranges. */
+    val |= mbedtls_ct_uchar_mask_of_range('A', 'Z', c) & (c - 'A' +  0 + 1);
+    val |= mbedtls_ct_uchar_mask_of_range('a', 'z', c) & (c - 'a' + 26 + 1);
+    val |= mbedtls_ct_uchar_mask_of_range('0', '9', c) & (c - '0' + 52 + 1);
+    val |= mbedtls_ct_uchar_mask_of_range('+', '+', c) & (c - '+' + 62 + 1);
+    val |= mbedtls_ct_uchar_mask_of_range('/', '/', c) & (c - '/' + 63 + 1);
+    /* At this point, val is 0 if c is an invalid digit and v+1 if c is
+     * a digit with the value v. */
+    return val - 1;
+}
+
+#endif /* MBEDTLS_BASE64_C */
+
+#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)
+
+/** Shift some data towards the left inside a buffer.
+ *
+ * `mbedtls_ct_mem_move_to_left(start, total, offset)` is functionally
+ * equivalent to
+ * ```
+ * memmove(start, start + offset, total - offset);
+ * memset(start + offset, 0, total - offset);
+ * ```
+ * but it strives to use a memory access pattern (and thus total timing)
+ * that does not depend on \p offset. This timing independence comes at
+ * the expense of performance.
+ *
+ * \param start     Pointer to the start of the buffer.
+ * \param total     Total size of the buffer.
+ * \param offset    Offset from which to copy \p total - \p offset bytes.
+ */
+static void mbedtls_ct_mem_move_to_left(void *start,
+                                        size_t total,
+                                        size_t offset)
+{
+    volatile unsigned char *buf = start;
+    size_t i, n;
+    if (total == 0) {
+        return;
+    }
+    for (i = 0; i < total; i++) {
+        unsigned no_op = mbedtls_ct_size_gt(total - offset, i);
+        /* The first `total - offset` passes are a no-op. The last
+         * `offset` passes shift the data one byte to the left and
+         * zero out the last byte. */
+        for (n = 0; n < total - 1; n++) {
+            unsigned char current = buf[n];
+            unsigned char next = buf[n+1];
+            buf[n] = mbedtls_ct_uint_if(no_op, current, next);
+        }
+        buf[total-1] = mbedtls_ct_uint_if(no_op, buf[total-1], 0);
+    }
+}
+
+#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */
+
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+void mbedtls_ct_memcpy_if_eq(unsigned char *dest,
+                             const unsigned char *src,
+                             size_t len,
+                             size_t c1,
+                             size_t c2)
+{
+    /* mask = c1 == c2 ? 0xff : 0x00 */
+    const size_t equal = mbedtls_ct_size_bool_eq(c1, c2);
+    const unsigned char mask = (unsigned char) mbedtls_ct_size_mask(equal);
+
+    /* dest[i] = c1 == c2 ? src[i] : dest[i] */
+    for (size_t i = 0; i < len; i++) {
+        dest[i] = (src[i] & mask) | (dest[i] & ~mask);
+    }
+}
+
+void mbedtls_ct_memcpy_offset(unsigned char *dest,
+                              const unsigned char *src,
+                              size_t offset,
+                              size_t offset_min,
+                              size_t offset_max,
+                              size_t len)
+{
+    size_t offsetval;
+
+    for (offsetval = offset_min; offsetval <= offset_max; offsetval++) {
+        mbedtls_ct_memcpy_if_eq(dest, src + offsetval, len,
+                                offsetval, offset);
+    }
+}
+
+int mbedtls_ct_hmac(mbedtls_md_context_t *ctx,
+                    const unsigned char *add_data,
+                    size_t add_data_len,
+                    const unsigned char *data,
+                    size_t data_len_secret,
+                    size_t min_data_len,
+                    size_t max_data_len,
+                    unsigned char *output)
+{
+    /*
+     * This function breaks the HMAC abstraction and uses the md_clone()
+     * extension to the MD API in order to get constant-flow behaviour.
+     *
+     * HMAC(msg) is defined as HASH(okey + HASH(ikey + msg)) where + means
+     * concatenation, and okey/ikey are the XOR of the key with some fixed bit
+     * patterns (see RFC 2104, sec. 2), which are stored in ctx->hmac_ctx.
+     *
+     * We'll first compute inner_hash = HASH(ikey + msg) by hashing up to
+     * minlen, then cloning the context, and for each byte up to maxlen
+     * finishing up the hash computation, keeping only the correct result.
+     *
+     * Then we only need to compute HASH(okey + inner_hash) and we're done.
+     */
+    const mbedtls_md_type_t md_alg = mbedtls_md_get_type(ctx->md_info);
+    /* TLS 1.0-1.2 only support SHA-384, SHA-256, SHA-1, MD-5,
+     * all of which have the same block size except SHA-384. */
+    const size_t block_size = md_alg == MBEDTLS_MD_SHA384 ? 128 : 64;
+    const unsigned char * const ikey = ctx->hmac_ctx;
+    const unsigned char * const okey = ikey + block_size;
+    const size_t hash_size = mbedtls_md_get_size(ctx->md_info);
+
+    unsigned char aux_out[MBEDTLS_MD_MAX_SIZE];
+    mbedtls_md_context_t aux;
+    size_t offset;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    mbedtls_md_init(&aux);
+
+#define MD_CHK(func_call) \
+    do {                    \
+        ret = (func_call);  \
+        if (ret != 0)      \
+        goto cleanup;   \
+    } while (0)
+
+    MD_CHK(mbedtls_md_setup(&aux, ctx->md_info, 0));
+
+    /* After hmac_start() of hmac_reset(), ikey has already been hashed,
+     * so we can start directly with the message */
+    MD_CHK(mbedtls_md_update(ctx, add_data, add_data_len));
+    MD_CHK(mbedtls_md_update(ctx, data, min_data_len));
+
+    /* Fill the hash buffer in advance with something that is
+     * not a valid hash (barring an attack on the hash and
+     * deliberately-crafted input), in case the caller doesn't
+     * check the return status properly. */
+    memset(output, '!', hash_size);
+
+    /* For each possible length, compute the hash up to that point */
+    for (offset = min_data_len; offset <= max_data_len; offset++) {
+        MD_CHK(mbedtls_md_clone(&aux, ctx));
+        MD_CHK(mbedtls_md_finish(&aux, aux_out));
+        /* Keep only the correct inner_hash in the output buffer */
+        mbedtls_ct_memcpy_if_eq(output, aux_out, hash_size,
+                                offset, data_len_secret);
+
+        if (offset < max_data_len) {
+            MD_CHK(mbedtls_md_update(ctx, data + offset, 1));
+        }
+    }
+
+    /* The context needs to finish() before it starts() again */
+    MD_CHK(mbedtls_md_finish(ctx, aux_out));
+
+    /* Now compute HASH(okey + inner_hash) */
+    MD_CHK(mbedtls_md_starts(ctx));
+    MD_CHK(mbedtls_md_update(ctx, okey, block_size));
+    MD_CHK(mbedtls_md_update(ctx, output, hash_size));
+    MD_CHK(mbedtls_md_finish(ctx, output));
+
+    /* Done, get ready for next time */
+    MD_CHK(mbedtls_md_hmac_reset(ctx));
+
+#undef MD_CHK
+
+cleanup:
+    mbedtls_md_free(&aux);
+    return ret;
+}
+
+#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
+
+#if defined(MBEDTLS_BIGNUM_C)
+
+#define MPI_VALIDATE_RET(cond)                                       \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_MPI_BAD_INPUT_DATA)
+
+/*
+ * Conditionally assign X = Y, without leaking information
+ * about whether the assignment was made or not.
+ * (Leaking information about the respective sizes of X and Y is ok however.)
+ */
+#if defined(_MSC_VER) && defined(_M_ARM64) && (_MSC_FULL_VER < 193131103)
+/*
+ * MSVC miscompiles this function if it's inlined prior to Visual Studio 2022 version 17.1. See:
+ * https://developercommunity.visualstudio.com/t/c-compiler-miscompiles-part-of-mbedtls-library-on/1646989
+ */
+__declspec(noinline)
+#endif
+int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X,
+                                 const mbedtls_mpi *Y,
+                                 unsigned char assign)
+{
+    int ret = 0;
+    size_t i;
+    mbedtls_mpi_uint limb_mask;
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(Y != NULL);
+
+    /* all-bits 1 if assign is 1, all-bits 0 if assign is 0 */
+    limb_mask = mbedtls_ct_mpi_uint_mask(assign);;
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, Y->n));
+
+    X->s = (int) mbedtls_ct_uint_if(assign, Y->s, X->s);
+
+    mbedtls_ct_mpi_uint_cond_assign(Y->n, X->p, Y->p, assign);
+
+    for (i = Y->n; i < X->n; i++) {
+        X->p[i] &= ~limb_mask;
+    }
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Conditionally swap X and Y, without leaking information
+ * about whether the swap was made or not.
+ * Here it is not ok to simply swap the pointers, which would lead to
+ * different memory access patterns when X and Y are used afterwards.
+ */
+int mbedtls_mpi_safe_cond_swap(mbedtls_mpi *X,
+                               mbedtls_mpi *Y,
+                               unsigned char swap)
+{
+    int ret, s;
+    size_t i;
+    mbedtls_mpi_uint limb_mask;
+    mbedtls_mpi_uint tmp;
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(Y != NULL);
+
+    if (X == Y) {
+        return 0;
+    }
+
+    /* all-bits 1 if swap is 1, all-bits 0 if swap is 0 */
+    limb_mask = mbedtls_ct_mpi_uint_mask(swap);
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, Y->n));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(Y, X->n));
+
+    s = X->s;
+    X->s = (int) mbedtls_ct_uint_if(swap, Y->s, X->s);
+    Y->s = (int) mbedtls_ct_uint_if(swap, s, Y->s);
+
+
+    for (i = 0; i < X->n; i++) {
+        tmp = X->p[i];
+        X->p[i] = (X->p[i] & ~limb_mask) | (Y->p[i] & limb_mask);
+        Y->p[i] = (Y->p[i] & ~limb_mask) | (tmp & limb_mask);
+    }
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Compare signed values in constant time
+ */
+int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X,
+                          const mbedtls_mpi *Y,
+                          unsigned *ret)
+{
+    size_t i;
+    /* The value of any of these variables is either 0 or 1 at all times. */
+    unsigned cond, done, X_is_negative, Y_is_negative;
+
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(Y != NULL);
+    MPI_VALIDATE_RET(ret != NULL);
+
+    if (X->n != Y->n) {
+        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+
+    /*
+     * Set sign_N to 1 if N >= 0, 0 if N < 0.
+     * We know that N->s == 1 if N >= 0 and N->s == -1 if N < 0.
+     */
+    X_is_negative = (X->s & 2) >> 1;
+    Y_is_negative = (Y->s & 2) >> 1;
+
+    /*
+     * If the signs are different, then the positive operand is the bigger.
+     * That is if X is negative (X_is_negative == 1), then X < Y is true and it
+     * is false if X is positive (X_is_negative == 0).
+     */
+    cond = (X_is_negative ^ Y_is_negative);
+    *ret = cond & X_is_negative;
+
+    /*
+     * This is a constant-time function. We might have the result, but we still
+     * need to go through the loop. Record if we have the result already.
+     */
+    done = cond;
+
+    for (i = X->n; i > 0; i--) {
+        /*
+         * If Y->p[i - 1] < X->p[i - 1] then X < Y is true if and only if both
+         * X and Y are negative.
+         *
+         * Again even if we can make a decision, we just mark the result and
+         * the fact that we are done and continue looping.
+         */
+        cond = mbedtls_ct_mpi_uint_lt(Y->p[i - 1], X->p[i - 1]);
+        *ret |= cond & (1 - done) & X_is_negative;
+        done |= cond;
+
+        /*
+         * If X->p[i - 1] < Y->p[i - 1] then X < Y is true if and only if both
+         * X and Y are positive.
+         *
+         * Again even if we can make a decision, we just mark the result and
+         * the fact that we are done and continue looping.
+         */
+        cond = mbedtls_ct_mpi_uint_lt(X->p[i - 1], Y->p[i - 1]);
+        *ret |= cond & (1 - done) & (1 - X_is_negative);
+        done |= cond;
+    }
+
+    return 0;
+}
+
+#endif /* MBEDTLS_BIGNUM_C */
+
+#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)
+
+int mbedtls_ct_rsaes_pkcs1_v15_unpadding(int mode,
+                                         unsigned char *input,
+                                         size_t ilen,
+                                         unsigned char *output,
+                                         size_t output_max_len,
+                                         size_t *olen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t i, plaintext_max_size;
+
+    /* The following variables take sensitive values: their value must
+     * not leak into the observable behavior of the function other than
+     * the designated outputs (output, olen, return value). Otherwise
+     * this would open the execution of the function to
+     * side-channel-based variants of the Bleichenbacher padding oracle
+     * attack. Potential side channels include overall timing, memory
+     * access patterns (especially visible to an adversary who has access
+     * to a shared memory cache), and branches (especially visible to
+     * an adversary who has access to a shared code cache or to a shared
+     * branch predictor). */
+    size_t pad_count = 0;
+    unsigned bad = 0;
+    unsigned char pad_done = 0;
+    size_t plaintext_size = 0;
+    unsigned output_too_large;
+
+    plaintext_max_size = (output_max_len > ilen - 11) ? ilen - 11
+                                                        : output_max_len;
+
+    /* Check and get padding length in constant time and constant
+     * memory trace. The first byte must be 0. */
+    bad |= input[0];
+
+    if (mode == MBEDTLS_RSA_PRIVATE) {
+        /* Decode EME-PKCS1-v1_5 padding: 0x00 || 0x02 || PS || 0x00
+         * where PS must be at least 8 nonzero bytes. */
+        bad |= input[1] ^ MBEDTLS_RSA_CRYPT;
+
+        /* Read the whole buffer. Set pad_done to nonzero if we find
+         * the 0x00 byte and remember the padding length in pad_count. */
+        for (i = 2; i < ilen; i++) {
+            pad_done  |= ((input[i] | (unsigned char) -input[i]) >> 7) ^ 1;
+            pad_count += ((pad_done | (unsigned char) -pad_done) >> 7) ^ 1;
+        }
+    } else {
+        /* Decode EMSA-PKCS1-v1_5 padding: 0x00 || 0x01 || PS || 0x00
+         * where PS must be at least 8 bytes with the value 0xFF. */
+        bad |= input[1] ^ MBEDTLS_RSA_SIGN;
+
+        /* Read the whole buffer. Set pad_done to nonzero if we find
+         * the 0x00 byte and remember the padding length in pad_count.
+         * If there's a non-0xff byte in the padding, the padding is bad. */
+        for (i = 2; i < ilen; i++) {
+            pad_done |= mbedtls_ct_uint_if(input[i], 0, 1);
+            pad_count += mbedtls_ct_uint_if(pad_done, 0, 1);
+            bad |= mbedtls_ct_uint_if(pad_done, 0, input[i] ^ 0xFF);
+        }
+    }
+
+    /* If pad_done is still zero, there's no data, only unfinished padding. */
+    bad |= mbedtls_ct_uint_if(pad_done, 0, 1);
+
+    /* There must be at least 8 bytes of padding. */
+    bad |= mbedtls_ct_size_gt(8, pad_count);
+
+    /* If the padding is valid, set plaintext_size to the number of
+     * remaining bytes after stripping the padding. If the padding
+     * is invalid, avoid leaking this fact through the size of the
+     * output: use the maximum message size that fits in the output
+     * buffer. Do it without branches to avoid leaking the padding
+     * validity through timing. RSA keys are small enough that all the
+     * size_t values involved fit in unsigned int. */
+    plaintext_size = mbedtls_ct_uint_if(
+        bad, (unsigned) plaintext_max_size,
+        (unsigned) (ilen - pad_count - 3));
+
+    /* Set output_too_large to 0 if the plaintext fits in the output
+     * buffer and to 1 otherwise. */
+    output_too_large = mbedtls_ct_size_gt(plaintext_size,
+                                          plaintext_max_size);
+
+    /* Set ret without branches to avoid timing attacks. Return:
+     * - INVALID_PADDING if the padding is bad (bad != 0).
+     * - OUTPUT_TOO_LARGE if the padding is good but the decrypted
+     *   plaintext does not fit in the output buffer.
+     * - 0 if the padding is correct. */
+    ret = -(int) mbedtls_ct_uint_if(
+        bad, -MBEDTLS_ERR_RSA_INVALID_PADDING,
+        mbedtls_ct_uint_if(output_too_large,
+                           -MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE,
+                           0));
+
+    /* If the padding is bad or the plaintext is too large, zero the
+     * data that we're about to copy to the output buffer.
+     * We need to copy the same amount of data
+     * from the same buffer whether the padding is good or not to
+     * avoid leaking the padding validity through overall timing or
+     * through memory or cache access patterns. */
+    bad = mbedtls_ct_uint_mask(bad | output_too_large);
+    for (i = 11; i < ilen; i++) {
+        input[i] &= ~bad;
+    }
+
+    /* If the plaintext is too large, truncate it to the buffer size.
+     * Copy anyway to avoid revealing the length through timing, because
+     * revealing the length is as bad as revealing the padding validity
+     * for a Bleichenbacher attack. */
+    plaintext_size = mbedtls_ct_uint_if(output_too_large,
+                                        (unsigned) plaintext_max_size,
+                                        (unsigned) plaintext_size);
+
+    /* Move the plaintext to the leftmost position where it can start in
+     * the working buffer, i.e. make it start plaintext_max_size from
+     * the end of the buffer. Do this with a memory access trace that
+     * does not depend on the plaintext size. After this move, the
+     * starting location of the plaintext is no longer sensitive
+     * information. */
+    mbedtls_ct_mem_move_to_left(input + ilen - plaintext_max_size,
+                                plaintext_max_size,
+                                plaintext_max_size - plaintext_size);
+
+    /* Finally copy the decrypted plaintext plus trailing zeros into the output
+     * buffer. If output_max_len is 0, then output may be an invalid pointer
+     * and the result of memcpy() would be undefined; prevent undefined
+     * behavior making sure to depend only on output_max_len (the size of the
+     * user-provided output buffer), which is independent from plaintext
+     * length, validity of padding, success of the decryption, and other
+     * secrets. */
+    if (output_max_len != 0) {
+        memcpy(output, input + ilen - plaintext_max_size, plaintext_max_size);
+    }
+
+    /* Report the amount of data we copied to the output buffer. In case
+     * of errors (bad padding or output too large), the value of *olen
+     * when this function returns is not specified. Making it equivalent
+     * to the good case limits the risks of leaking the padding validity. */
+    *olen = plaintext_size;
+
+    return ret;
+}
+
+#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */
diff --git a/3rdparty/mbedtls-2.28.7/library/constant_time_internal.h b/3rdparty/mbedtls-2.28.7/library/constant_time_internal.h
new file mode 100644
index 0000000..82e65cc
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/constant_time_internal.h
@@ -0,0 +1,327 @@
+/**
+ *  Constant-time functions
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MBEDTLS_CONSTANT_TIME_INTERNAL_H
+#define MBEDTLS_CONSTANT_TIME_INTERNAL_H
+
+#include "common.h"
+
+#if defined(MBEDTLS_BIGNUM_C)
+#include "mbedtls/bignum.h"
+#endif
+
+#if defined(MBEDTLS_SSL_TLS_C)
+#include "mbedtls/ssl_internal.h"
+#endif
+
+#include <stddef.h>
+
+/** Turn a value into a mask:
+ * - if \p value == 0, return the all-bits 0 mask, aka 0
+ * - otherwise, return the all-bits 1 mask, aka (unsigned) -1
+ *
+ * This function can be used to write constant-time code by replacing branches
+ * with bit operations using masks.
+ *
+ * \param value     The value to analyze.
+ *
+ * \return          Zero if \p value is zero, otherwise all-bits-one.
+ */
+unsigned mbedtls_ct_uint_mask(unsigned value);
+
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) || defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || \
+    defined(MBEDTLS_NIST_KW_C) || defined(MBEDTLS_CIPHER_MODE_CBC)
+
+/** Turn a value into a mask:
+ * - if \p value == 0, return the all-bits 0 mask, aka 0
+ * - otherwise, return the all-bits 1 mask, aka (size_t) -1
+ *
+ * This function can be used to write constant-time code by replacing branches
+ * with bit operations using masks.
+ *
+ * \param value     The value to analyze.
+ *
+ * \return          Zero if \p value is zero, otherwise all-bits-one.
+ */
+size_t mbedtls_ct_size_mask(size_t value);
+
+#endif /* defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) || defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) ||
+          defined(MBEDTLS_NIST_KW_C) || defined(MBEDTLS_CIPHER_MODE_CBC) */
+
+#if defined(MBEDTLS_BIGNUM_C)
+
+/** Turn a value into a mask:
+ * - if \p value == 0, return the all-bits 0 mask, aka 0
+ * - otherwise, return the all-bits 1 mask, aka (mbedtls_mpi_uint) -1
+ *
+ * This function can be used to write constant-time code by replacing branches
+ * with bit operations using masks.
+ *
+ * \param value     The value to analyze.
+ *
+ * \return          Zero if \p value is zero, otherwise all-bits-one.
+ */
+mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask(mbedtls_mpi_uint value);
+
+#endif /* MBEDTLS_BIGNUM_C */
+
+#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || defined(MBEDTLS_NIST_KW_C) || \
+    defined(MBEDTLS_CIPHER_MODE_CBC)
+
+/** Constant-flow mask generation for "greater or equal" comparison:
+ * - if \p x >= \p y, return all-bits 1, that is (size_t) -1
+ * - otherwise, return all bits 0, that is 0
+ *
+ * This function can be used to write constant-time code by replacing branches
+ * with bit operations using masks.
+ *
+ * \param x     The first value to analyze.
+ * \param y     The second value to analyze.
+ *
+ * \return      All-bits-one if \p x is greater or equal than \p y,
+ *              otherwise zero.
+ */
+size_t mbedtls_ct_size_mask_ge(size_t x,
+                               size_t y);
+
+#endif /* defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || defined(MBEDTLS_NIST_KW_C) ||
+          defined(MBEDTLS_CIPHER_MODE_CBC) */
+
+/** Constant-flow boolean "equal" comparison:
+ * return x == y
+ *
+ * This is equivalent to \p x == \p y, but is likely to be compiled
+ * to code using bitwise operation rather than a branch.
+ *
+ * \param x     The first value to analyze.
+ * \param y     The second value to analyze.
+ *
+ * \return      1 if \p x equals to \p y, otherwise 0.
+ */
+unsigned mbedtls_ct_size_bool_eq(size_t x,
+                                 size_t y);
+
+#if defined(MBEDTLS_BIGNUM_C)
+
+/** Decide if an integer is less than the other, without branches.
+ *
+ * This is equivalent to \p x < \p y, but is likely to be compiled
+ * to code using bitwise operation rather than a branch.
+ *
+ * \param x     The first value to analyze.
+ * \param y     The second value to analyze.
+ *
+ * \return      1 if \p x is less than \p y, otherwise 0.
+ */
+unsigned mbedtls_ct_mpi_uint_lt(const mbedtls_mpi_uint x,
+                                const mbedtls_mpi_uint y);
+
+#endif /* MBEDTLS_BIGNUM_C */
+
+/** Choose between two integer values without branches.
+ *
+ * This is equivalent to `condition ? if1 : if0`, but is likely to be compiled
+ * to code using bitwise operation rather than a branch.
+ *
+ * \param condition     Condition to test.
+ * \param if1           Value to use if \p condition is nonzero.
+ * \param if0           Value to use if \p condition is zero.
+ *
+ * \return  \c if1 if \p condition is nonzero, otherwise \c if0.
+ */
+unsigned mbedtls_ct_uint_if(unsigned condition,
+                            unsigned if1,
+                            unsigned if0);
+
+#if defined(MBEDTLS_BIGNUM_C)
+
+/** Conditionally assign a value without branches.
+ *
+ * This is equivalent to `if ( condition ) dest = src`, but is likely
+ * to be compiled to code using bitwise operation rather than a branch.
+ *
+ * \param n             \p dest and \p src must be arrays of limbs of size n.
+ * \param dest          The MPI to conditionally assign to. This must point
+ *                      to an initialized MPI.
+ * \param src           The MPI to be assigned from. This must point to an
+ *                      initialized MPI.
+ * \param condition     Condition to test, must be 0 or 1.
+ */
+void mbedtls_ct_mpi_uint_cond_assign(size_t n,
+                                     mbedtls_mpi_uint *dest,
+                                     const mbedtls_mpi_uint *src,
+                                     unsigned char condition);
+
+#endif /* MBEDTLS_BIGNUM_C */
+
+#if defined(MBEDTLS_BASE64_C)
+
+/** Given a value in the range 0..63, return the corresponding Base64 digit.
+ *
+ * The implementation assumes that letters are consecutive (e.g. ASCII
+ * but not EBCDIC).
+ *
+ * \param value     A value in the range 0..63.
+ *
+ * \return          A base64 digit converted from \p value.
+ */
+unsigned char mbedtls_ct_base64_enc_char(unsigned char value);
+
+/** Given a Base64 digit, return its value.
+ *
+ * If c is not a Base64 digit ('A'..'Z', 'a'..'z', '0'..'9', '+' or '/'),
+ * return -1.
+ *
+ * The implementation assumes that letters are consecutive (e.g. ASCII
+ * but not EBCDIC).
+ *
+ * \param c     A base64 digit.
+ *
+ * \return      The value of the base64 digit \p c.
+ */
+signed char mbedtls_ct_base64_dec_value(unsigned char c);
+
+#endif /* MBEDTLS_BASE64_C */
+
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+
+/** Conditional memcpy without branches.
+ *
+ * This is equivalent to `if ( c1 == c2 ) memcpy(dest, src, len)`, but is likely
+ * to be compiled to code using bitwise operation rather than a branch.
+ *
+ * \param dest      The pointer to conditionally copy to.
+ * \param src       The pointer to copy from. Shouldn't overlap with \p dest.
+ * \param len       The number of bytes to copy.
+ * \param c1        The first value to analyze in the condition.
+ * \param c2        The second value to analyze in the condition.
+ */
+void mbedtls_ct_memcpy_if_eq(unsigned char *dest,
+                             const unsigned char *src,
+                             size_t len,
+                             size_t c1, size_t c2);
+
+/** Copy data from a secret position with constant flow.
+ *
+ * This function copies \p len bytes from \p src_base + \p offset_secret to \p
+ * dst, with a code flow and memory access pattern that does not depend on \p
+ * offset_secret, but only on \p offset_min, \p offset_max and \p len.
+ * Functionally equivalent to `memcpy(dst, src + offset_secret, len)`.
+ *
+ * \note                This function reads from \p dest, but the value that
+ *                      is read does not influence the result and this
+ *                      function's behavior is well-defined regardless of the
+ *                      contents of the buffers. This may result in false
+ *                      positives from static or dynamic analyzers, especially
+ *                      if \p dest is not initialized.
+ *
+ * \param dest          The destination buffer. This must point to a writable
+ *                      buffer of at least \p len bytes.
+ * \param src           The base of the source buffer. This must point to a
+ *                      readable buffer of at least \p offset_max + \p len
+ *                      bytes. Shouldn't overlap with \p dest.
+ * \param offset        The offset in the source buffer from which to copy.
+ *                      This must be no less than \p offset_min and no greater
+ *                      than \p offset_max.
+ * \param offset_min    The minimal value of \p offset.
+ * \param offset_max    The maximal value of \p offset.
+ * \param len           The number of bytes to copy.
+ */
+void mbedtls_ct_memcpy_offset(unsigned char *dest,
+                              const unsigned char *src,
+                              size_t offset,
+                              size_t offset_min,
+                              size_t offset_max,
+                              size_t len);
+
+/** Compute the HMAC of variable-length data with constant flow.
+ *
+ * This function computes the HMAC of the concatenation of \p add_data and \p
+ * data, and does with a code flow and memory access pattern that does not
+ * depend on \p data_len_secret, but only on \p min_data_len and \p
+ * max_data_len. In particular, this function always reads exactly \p
+ * max_data_len bytes from \p data.
+ *
+ * \param ctx               The HMAC context. It must have keys configured
+ *                          with mbedtls_md_hmac_starts() and use one of the
+ *                          following hashes: SHA-384, SHA-256, SHA-1 or MD-5.
+ *                          It is reset using mbedtls_md_hmac_reset() after
+ *                          the computation is complete to prepare for the
+ *                          next computation.
+ * \param add_data          The first part of the message whose HMAC is being
+ *                          calculated. This must point to a readable buffer
+ *                          of \p add_data_len bytes.
+ * \param add_data_len      The length of \p add_data in bytes.
+ * \param data              The buffer containing the second part of the
+ *                          message. This must point to a readable buffer
+ *                          of \p max_data_len bytes.
+ * \param data_len_secret   The length of the data to process in \p data.
+ *                          This must be no less than \p min_data_len and no
+ *                          greater than \p max_data_len.
+ * \param min_data_len      The minimal length of the second part of the
+ *                          message, read from \p data.
+ * \param max_data_len      The maximal length of the second part of the
+ *                          message, read from \p data.
+ * \param output            The HMAC will be written here. This must point to
+ *                          a writable buffer of sufficient size to hold the
+ *                          HMAC value.
+ *
+ * \retval 0 on success.
+ * \retval #MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED
+ *         The hardware accelerator failed.
+ */
+int mbedtls_ct_hmac(mbedtls_md_context_t *ctx,
+                    const unsigned char *add_data,
+                    size_t add_data_len,
+                    const unsigned char *data,
+                    size_t data_len_secret,
+                    size_t min_data_len,
+                    size_t max_data_len,
+                    unsigned char *output);
+
+#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
+
+#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)
+
+/** This function performs the unpadding part of a PKCS#1 v1.5 decryption
+ *  operation (EME-PKCS1-v1_5 decoding).
+ *
+ * \note The return value from this function is a sensitive value
+ *       (this is unusual). #MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE shouldn't happen
+ *       in a well-written application, but 0 vs #MBEDTLS_ERR_RSA_INVALID_PADDING
+ *       is often a situation that an attacker can provoke and leaking which
+ *       one is the result is precisely the information the attacker wants.
+ *
+ * \param mode           The mode of operation. This must be either
+ *                       #MBEDTLS_RSA_PRIVATE or #MBEDTLS_RSA_PUBLIC (deprecated).
+ * \param input          The input buffer which is the payload inside PKCS#1v1.5
+ *                       encryption padding, called the "encoded message EM"
+ *                       by the terminology.
+ * \param ilen           The length of the payload in the \p input buffer.
+ * \param output         The buffer for the payload, called "message M" by the
+ *                       PKCS#1 terminology. This must be a writable buffer of
+ *                       length \p output_max_len bytes.
+ * \param olen           The address at which to store the length of
+ *                       the payload. This must not be \c NULL.
+ * \param output_max_len The length in bytes of the output buffer \p output.
+ *
+ * \return      \c 0 on success.
+ * \return      #MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE
+ *              The output buffer is too small for the unpadded payload.
+ * \return      #MBEDTLS_ERR_RSA_INVALID_PADDING
+ *              The input doesn't contain properly formatted padding.
+ */
+int mbedtls_ct_rsaes_pkcs1_v15_unpadding(int mode,
+                                         unsigned char *input,
+                                         size_t ilen,
+                                         unsigned char *output,
+                                         size_t output_max_len,
+                                         size_t *olen);
+
+#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */
+
+#endif /* MBEDTLS_CONSTANT_TIME_INTERNAL_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/constant_time_invasive.h b/3rdparty/mbedtls-2.28.7/library/constant_time_invasive.h
new file mode 100644
index 0000000..14e0bec
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/constant_time_invasive.h
@@ -0,0 +1,39 @@
+/**
+ * \file constant_time_invasive.h
+ *
+ * \brief Constant-time module: interfaces for invasive testing only.
+ *
+ * The interfaces in this file are intended for testing purposes only.
+ * They SHOULD NOT be made available in library integrations except when
+ * building the library for testing.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MBEDTLS_CONSTANT_TIME_INVASIVE_H
+#define MBEDTLS_CONSTANT_TIME_INVASIVE_H
+
+#include "common.h"
+
+#if defined(MBEDTLS_TEST_HOOKS)
+
+/** Turn a value into a mask:
+ * - if \p low <= \p c <= \p high,
+ *   return the all-bits 1 mask, aka (unsigned) -1
+ * - otherwise, return the all-bits 0 mask, aka 0
+ *
+ * \param low   The value to analyze.
+ * \param high  The value to analyze.
+ * \param c     The value to analyze.
+ *
+ * \return      All-bits-one if \p low <= \p c <= \p high, otherwise zero.
+ */
+unsigned char mbedtls_ct_uchar_mask_of_range(unsigned char low,
+                                             unsigned char high,
+                                             unsigned char c);
+
+#endif /* MBEDTLS_TEST_HOOKS */
+
+#endif /* MBEDTLS_CONSTANT_TIME_INVASIVE_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/ctr_drbg.c b/3rdparty/mbedtls-2.28.7/library/ctr_drbg.c
new file mode 100644
index 0000000..53987a2
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/ctr_drbg.c
@@ -0,0 +1,894 @@
+/*
+ *  CTR_DRBG implementation based on AES-256 (NIST SP 800-90)
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  The NIST SP 800-90 DRBGs are described in the following publication.
+ *
+ *  https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-90r.pdf
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#include <limits.h>
+#include <string.h>
+
+#if defined(MBEDTLS_FS_IO)
+#include <stdio.h>
+#endif
+
+#include "mbedtls/platform.h"
+
+/*
+ * CTR_DRBG context initialization
+ */
+void mbedtls_ctr_drbg_init(mbedtls_ctr_drbg_context *ctx)
+{
+    memset(ctx, 0, sizeof(mbedtls_ctr_drbg_context));
+    /* Indicate that the entropy nonce length is not set explicitly.
+     * See mbedtls_ctr_drbg_set_nonce_len(). */
+    ctx->reseed_counter = -1;
+
+    ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL;
+}
+
+/*
+ *  This function resets CTR_DRBG context to the state immediately
+ *  after initial call of mbedtls_ctr_drbg_init().
+ */
+void mbedtls_ctr_drbg_free(mbedtls_ctr_drbg_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+#if defined(MBEDTLS_THREADING_C)
+    /* The mutex is initialized iff f_entropy is set. */
+    if (ctx->f_entropy != NULL) {
+        mbedtls_mutex_free(&ctx->mutex);
+    }
+#endif
+    mbedtls_aes_free(&ctx->aes_ctx);
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ctr_drbg_context));
+    ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL;
+    ctx->reseed_counter = -1;
+}
+
+void mbedtls_ctr_drbg_set_prediction_resistance(mbedtls_ctr_drbg_context *ctx,
+                                                int resistance)
+{
+    ctx->prediction_resistance = resistance;
+}
+
+void mbedtls_ctr_drbg_set_entropy_len(mbedtls_ctr_drbg_context *ctx,
+                                      size_t len)
+{
+    ctx->entropy_len = len;
+}
+
+int mbedtls_ctr_drbg_set_nonce_len(mbedtls_ctr_drbg_context *ctx,
+                                   size_t len)
+{
+    /* If mbedtls_ctr_drbg_seed() has already been called, it's
+     * too late. Return the error code that's closest to making sense. */
+    if (ctx->f_entropy != NULL) {
+        return MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED;
+    }
+
+    if (len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) {
+        return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG;
+    }
+#if SIZE_MAX > INT_MAX
+    /* This shouldn't be an issue because
+     * MBEDTLS_CTR_DRBG_MAX_SEED_INPUT < INT_MAX in any sensible
+     * configuration, but make sure anyway. */
+    if (len > INT_MAX) {
+        return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG;
+    }
+#endif
+
+    /* For backward compatibility with Mbed TLS <= 2.19, store the
+     * entropy nonce length in a field that already exists, but isn't
+     * used until after the initial seeding. */
+    /* Due to the capping of len above, the value fits in an int. */
+    ctx->reseed_counter = (int) len;
+    return 0;
+}
+
+void mbedtls_ctr_drbg_set_reseed_interval(mbedtls_ctr_drbg_context *ctx,
+                                          int interval)
+{
+    ctx->reseed_interval = interval;
+}
+
+static int block_cipher_df(unsigned char *output,
+                           const unsigned char *data, size_t data_len)
+{
+    unsigned char buf[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT +
+                      MBEDTLS_CTR_DRBG_BLOCKSIZE + 16];
+    unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
+    unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE];
+    unsigned char chain[MBEDTLS_CTR_DRBG_BLOCKSIZE];
+    unsigned char *p, *iv;
+    mbedtls_aes_context aes_ctx;
+    int ret = 0;
+
+    int i, j;
+    size_t buf_len, use_len;
+
+    if (data_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) {
+        return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG;
+    }
+
+    memset(buf, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT +
+           MBEDTLS_CTR_DRBG_BLOCKSIZE + 16);
+    mbedtls_aes_init(&aes_ctx);
+
+    /*
+     * Construct IV (16 bytes) and S in buffer
+     * IV = Counter (in 32-bits) padded to 16 with zeroes
+     * S = Length input string (in 32-bits) || Length of output (in 32-bits) ||
+     *     data || 0x80
+     *     (Total is padded to a multiple of 16-bytes with zeroes)
+     */
+    p = buf + MBEDTLS_CTR_DRBG_BLOCKSIZE;
+    MBEDTLS_PUT_UINT32_BE(data_len, p, 0);
+    p += 4 + 3;
+    *p++ = MBEDTLS_CTR_DRBG_SEEDLEN;
+    memcpy(p, data, data_len);
+    p[data_len] = 0x80;
+
+    buf_len = MBEDTLS_CTR_DRBG_BLOCKSIZE + 8 + data_len + 1;
+
+    for (i = 0; i < MBEDTLS_CTR_DRBG_KEYSIZE; i++) {
+        key[i] = i;
+    }
+
+    if ((ret = mbedtls_aes_setkey_enc(&aes_ctx, key,
+                                      MBEDTLS_CTR_DRBG_KEYBITS)) != 0) {
+        goto exit;
+    }
+
+    /*
+     * Reduce data to MBEDTLS_CTR_DRBG_SEEDLEN bytes of data
+     */
+    for (j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE) {
+        p = buf;
+        memset(chain, 0, MBEDTLS_CTR_DRBG_BLOCKSIZE);
+        use_len = buf_len;
+
+        while (use_len > 0) {
+            for (i = 0; i < MBEDTLS_CTR_DRBG_BLOCKSIZE; i++) {
+                chain[i] ^= p[i];
+            }
+            p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
+            use_len -= (use_len >= MBEDTLS_CTR_DRBG_BLOCKSIZE) ?
+                       MBEDTLS_CTR_DRBG_BLOCKSIZE : use_len;
+
+            if ((ret = mbedtls_aes_crypt_ecb(&aes_ctx, MBEDTLS_AES_ENCRYPT,
+                                             chain, chain)) != 0) {
+                goto exit;
+            }
+        }
+
+        memcpy(tmp + j, chain, MBEDTLS_CTR_DRBG_BLOCKSIZE);
+
+        /*
+         * Update IV
+         */
+        buf[3]++;
+    }
+
+    /*
+     * Do final encryption with reduced data
+     */
+    if ((ret = mbedtls_aes_setkey_enc(&aes_ctx, tmp,
+                                      MBEDTLS_CTR_DRBG_KEYBITS)) != 0) {
+        goto exit;
+    }
+    iv = tmp + MBEDTLS_CTR_DRBG_KEYSIZE;
+    p = output;
+
+    for (j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE) {
+        if ((ret = mbedtls_aes_crypt_ecb(&aes_ctx, MBEDTLS_AES_ENCRYPT,
+                                         iv, iv)) != 0) {
+            goto exit;
+        }
+        memcpy(p, iv, MBEDTLS_CTR_DRBG_BLOCKSIZE);
+        p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
+    }
+exit:
+    mbedtls_aes_free(&aes_ctx);
+    /*
+     * tidy up the stack
+     */
+    mbedtls_platform_zeroize(buf, sizeof(buf));
+    mbedtls_platform_zeroize(tmp, sizeof(tmp));
+    mbedtls_platform_zeroize(key, sizeof(key));
+    mbedtls_platform_zeroize(chain, sizeof(chain));
+    if (0 != ret) {
+        /*
+         * wipe partial seed from memory
+         */
+        mbedtls_platform_zeroize(output, MBEDTLS_CTR_DRBG_SEEDLEN);
+    }
+
+    return ret;
+}
+
+/* CTR_DRBG_Update (SP 800-90A &sect;10.2.1.2)
+ * ctr_drbg_update_internal(ctx, provided_data)
+ * implements
+ * CTR_DRBG_Update(provided_data, Key, V)
+ * with inputs and outputs
+ *   ctx->aes_ctx = Key
+ *   ctx->counter = V
+ */
+static int ctr_drbg_update_internal(mbedtls_ctr_drbg_context *ctx,
+                                    const unsigned char data[MBEDTLS_CTR_DRBG_SEEDLEN])
+{
+    unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
+    unsigned char *p = tmp;
+    int i, j;
+    int ret = 0;
+
+    memset(tmp, 0, MBEDTLS_CTR_DRBG_SEEDLEN);
+
+    for (j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE) {
+        /*
+         * Increase counter
+         */
+        for (i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i--) {
+            if (++ctx->counter[i - 1] != 0) {
+                break;
+            }
+        }
+
+        /*
+         * Crypt counter block
+         */
+        if ((ret = mbedtls_aes_crypt_ecb(&ctx->aes_ctx, MBEDTLS_AES_ENCRYPT,
+                                         ctx->counter, p)) != 0) {
+            goto exit;
+        }
+
+        p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
+    }
+
+    for (i = 0; i < MBEDTLS_CTR_DRBG_SEEDLEN; i++) {
+        tmp[i] ^= data[i];
+    }
+
+    /*
+     * Update key and counter
+     */
+    if ((ret = mbedtls_aes_setkey_enc(&ctx->aes_ctx, tmp,
+                                      MBEDTLS_CTR_DRBG_KEYBITS)) != 0) {
+        goto exit;
+    }
+    memcpy(ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE,
+           MBEDTLS_CTR_DRBG_BLOCKSIZE);
+
+exit:
+    mbedtls_platform_zeroize(tmp, sizeof(tmp));
+    return ret;
+}
+
+/* CTR_DRBG_Instantiate with derivation function (SP 800-90A &sect;10.2.1.3.2)
+ * mbedtls_ctr_drbg_update(ctx, additional, add_len)
+ * implements
+ * CTR_DRBG_Instantiate(entropy_input, nonce, personalization_string,
+ *                      security_strength) -> initial_working_state
+ * with inputs
+ *   ctx->counter = all-bits-0
+ *   ctx->aes_ctx = context from all-bits-0 key
+ *   additional[:add_len] = entropy_input || nonce || personalization_string
+ * and with outputs
+ *   ctx = initial_working_state
+ */
+int mbedtls_ctr_drbg_update_ret(mbedtls_ctr_drbg_context *ctx,
+                                const unsigned char *additional,
+                                size_t add_len)
+{
+    unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN];
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if (add_len == 0) {
+        return 0;
+    }
+
+    if ((ret = block_cipher_df(add_input, additional, add_len)) != 0) {
+        goto exit;
+    }
+    if ((ret = ctr_drbg_update_internal(ctx, add_input)) != 0) {
+        goto exit;
+    }
+
+exit:
+    mbedtls_platform_zeroize(add_input, sizeof(add_input));
+    return ret;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_ctr_drbg_update(mbedtls_ctr_drbg_context *ctx,
+                             const unsigned char *additional,
+                             size_t add_len)
+{
+    /* MAX_INPUT would be more logical here, but we have to match
+     * block_cipher_df()'s limits since we can't propagate errors */
+    if (add_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) {
+        add_len = MBEDTLS_CTR_DRBG_MAX_SEED_INPUT;
+    }
+    (void) mbedtls_ctr_drbg_update_ret(ctx, additional, add_len);
+}
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
+
+/* CTR_DRBG_Reseed with derivation function (SP 800-90A &sect;10.2.1.4.2)
+ * mbedtls_ctr_drbg_reseed(ctx, additional, len, nonce_len)
+ * implements
+ * CTR_DRBG_Reseed(working_state, entropy_input, additional_input)
+ *                -> new_working_state
+ * with inputs
+ *   ctx contains working_state
+ *   additional[:len] = additional_input
+ * and entropy_input comes from calling ctx->f_entropy
+ *                              for (ctx->entropy_len + nonce_len) bytes
+ * and with output
+ *   ctx contains new_working_state
+ */
+static int mbedtls_ctr_drbg_reseed_internal(mbedtls_ctr_drbg_context *ctx,
+                                            const unsigned char *additional,
+                                            size_t len,
+                                            size_t nonce_len)
+{
+    unsigned char seed[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT];
+    size_t seedlen = 0;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if (ctx->entropy_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) {
+        return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG;
+    }
+    if (nonce_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len) {
+        return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG;
+    }
+    if (len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len - nonce_len) {
+        return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG;
+    }
+
+    memset(seed, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT);
+
+    /* Gather entropy_len bytes of entropy to seed state. */
+    if (0 != ctx->f_entropy(ctx->p_entropy, seed, ctx->entropy_len)) {
+        return MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED;
+    }
+    seedlen += ctx->entropy_len;
+
+    /* Gather entropy for a nonce if requested. */
+    if (nonce_len != 0) {
+        if (0 != ctx->f_entropy(ctx->p_entropy, seed + seedlen, nonce_len)) {
+            return MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED;
+        }
+        seedlen += nonce_len;
+    }
+
+    /* Add additional data if provided. */
+    if (additional != NULL && len != 0) {
+        memcpy(seed + seedlen, additional, len);
+        seedlen += len;
+    }
+
+    /* Reduce to 384 bits. */
+    if ((ret = block_cipher_df(seed, seed, seedlen)) != 0) {
+        goto exit;
+    }
+
+    /* Update state. */
+    if ((ret = ctr_drbg_update_internal(ctx, seed)) != 0) {
+        goto exit;
+    }
+    ctx->reseed_counter = 1;
+
+exit:
+    mbedtls_platform_zeroize(seed, sizeof(seed));
+    return ret;
+}
+
+int mbedtls_ctr_drbg_reseed(mbedtls_ctr_drbg_context *ctx,
+                            const unsigned char *additional, size_t len)
+{
+    return mbedtls_ctr_drbg_reseed_internal(ctx, additional, len, 0);
+}
+
+/* Return a "good" nonce length for CTR_DRBG. The chosen nonce length
+ * is sufficient to achieve the maximum security strength given the key
+ * size and entropy length. If there is enough entropy in the initial
+ * call to the entropy function to serve as both the entropy input and
+ * the nonce, don't make a second call to get a nonce. */
+static size_t good_nonce_len(size_t entropy_len)
+{
+    if (entropy_len >= MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2) {
+        return 0;
+    } else {
+        return (entropy_len + 1) / 2;
+    }
+}
+
+/* CTR_DRBG_Instantiate with derivation function (SP 800-90A &sect;10.2.1.3.2)
+ * mbedtls_ctr_drbg_seed(ctx, f_entropy, p_entropy, custom, len)
+ * implements
+ * CTR_DRBG_Instantiate(entropy_input, nonce, personalization_string,
+ *                      security_strength) -> initial_working_state
+ * with inputs
+ *   custom[:len] = nonce || personalization_string
+ * where entropy_input comes from f_entropy for ctx->entropy_len bytes
+ * and with outputs
+ *   ctx = initial_working_state
+ */
+int mbedtls_ctr_drbg_seed(mbedtls_ctr_drbg_context *ctx,
+                          int (*f_entropy)(void *, unsigned char *, size_t),
+                          void *p_entropy,
+                          const unsigned char *custom,
+                          size_t len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE];
+    size_t nonce_len;
+
+    memset(key, 0, MBEDTLS_CTR_DRBG_KEYSIZE);
+
+    /* The mutex is initialized iff f_entropy is set. */
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_init(&ctx->mutex);
+#endif
+
+    mbedtls_aes_init(&ctx->aes_ctx);
+
+    ctx->f_entropy = f_entropy;
+    ctx->p_entropy = p_entropy;
+
+    if (ctx->entropy_len == 0) {
+        ctx->entropy_len = MBEDTLS_CTR_DRBG_ENTROPY_LEN;
+    }
+    /* ctx->reseed_counter contains the desired amount of entropy to
+     * grab for a nonce (see mbedtls_ctr_drbg_set_nonce_len()).
+     * If it's -1, indicating that the entropy nonce length was not set
+     * explicitly, use a sufficiently large nonce for security. */
+    nonce_len = (ctx->reseed_counter >= 0 ?
+                 (size_t) ctx->reseed_counter :
+                 good_nonce_len(ctx->entropy_len));
+
+    /* Initialize with an empty key. */
+    if ((ret = mbedtls_aes_setkey_enc(&ctx->aes_ctx, key,
+                                      MBEDTLS_CTR_DRBG_KEYBITS)) != 0) {
+        return ret;
+    }
+
+    /* Do the initial seeding. */
+    if ((ret = mbedtls_ctr_drbg_reseed_internal(ctx, custom, len,
+                                                nonce_len)) != 0) {
+        return ret;
+    }
+    return 0;
+}
+
+/* CTR_DRBG_Generate with derivation function (SP 800-90A &sect;10.2.1.5.2)
+ * mbedtls_ctr_drbg_random_with_add(ctx, output, output_len, additional, add_len)
+ * implements
+ * CTR_DRBG_Reseed(working_state, entropy_input, additional[:add_len])
+ *                -> working_state_after_reseed
+ *                if required, then
+ * CTR_DRBG_Generate(working_state_after_reseed,
+ *                   requested_number_of_bits, additional_input)
+ *                -> status, returned_bits, new_working_state
+ * with inputs
+ *   ctx contains working_state
+ *   requested_number_of_bits = 8 * output_len
+ *   additional[:add_len] = additional_input
+ * and entropy_input comes from calling ctx->f_entropy
+ * and with outputs
+ *   status = SUCCESS (this function does the reseed internally)
+ *   returned_bits = output[:output_len]
+ *   ctx contains new_working_state
+ */
+int mbedtls_ctr_drbg_random_with_add(void *p_rng,
+                                     unsigned char *output, size_t output_len,
+                                     const unsigned char *additional, size_t add_len)
+{
+    int ret = 0;
+    mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng;
+    unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN];
+    unsigned char *p = output;
+    unsigned char tmp[MBEDTLS_CTR_DRBG_BLOCKSIZE];
+    int i;
+    size_t use_len;
+
+    if (output_len > MBEDTLS_CTR_DRBG_MAX_REQUEST) {
+        return MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG;
+    }
+
+    if (add_len > MBEDTLS_CTR_DRBG_MAX_INPUT) {
+        return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG;
+    }
+
+    memset(add_input, 0, MBEDTLS_CTR_DRBG_SEEDLEN);
+
+    if (ctx->reseed_counter > ctx->reseed_interval ||
+        ctx->prediction_resistance) {
+        if ((ret = mbedtls_ctr_drbg_reseed(ctx, additional, add_len)) != 0) {
+            return ret;
+        }
+        add_len = 0;
+    }
+
+    if (add_len > 0) {
+        if ((ret = block_cipher_df(add_input, additional, add_len)) != 0) {
+            goto exit;
+        }
+        if ((ret = ctr_drbg_update_internal(ctx, add_input)) != 0) {
+            goto exit;
+        }
+    }
+
+    while (output_len > 0) {
+        /*
+         * Increase counter
+         */
+        for (i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i--) {
+            if (++ctx->counter[i - 1] != 0) {
+                break;
+            }
+        }
+
+        /*
+         * Crypt counter block
+         */
+        if ((ret = mbedtls_aes_crypt_ecb(&ctx->aes_ctx, MBEDTLS_AES_ENCRYPT,
+                                         ctx->counter, tmp)) != 0) {
+            goto exit;
+        }
+
+        use_len = (output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE)
+            ? MBEDTLS_CTR_DRBG_BLOCKSIZE : output_len;
+        /*
+         * Copy random block to destination
+         */
+        memcpy(p, tmp, use_len);
+        p += use_len;
+        output_len -= use_len;
+    }
+
+    if ((ret = ctr_drbg_update_internal(ctx, add_input)) != 0) {
+        goto exit;
+    }
+
+    ctx->reseed_counter++;
+
+exit:
+    mbedtls_platform_zeroize(add_input, sizeof(add_input));
+    mbedtls_platform_zeroize(tmp, sizeof(tmp));
+    return ret;
+}
+
+int mbedtls_ctr_drbg_random(void *p_rng, unsigned char *output,
+                            size_t output_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng;
+
+#if defined(MBEDTLS_THREADING_C)
+    if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) {
+        return ret;
+    }
+#endif
+
+    ret = mbedtls_ctr_drbg_random_with_add(ctx, output, output_len, NULL, 0);
+
+#if defined(MBEDTLS_THREADING_C)
+    if (mbedtls_mutex_unlock(&ctx->mutex) != 0) {
+        return MBEDTLS_ERR_THREADING_MUTEX_ERROR;
+    }
+#endif
+
+    return ret;
+}
+
+#if defined(MBEDTLS_FS_IO)
+int mbedtls_ctr_drbg_write_seed_file(mbedtls_ctr_drbg_context *ctx,
+                                     const char *path)
+{
+    int ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
+    FILE *f;
+    unsigned char buf[MBEDTLS_CTR_DRBG_MAX_INPUT];
+
+    if ((f = fopen(path, "wb")) == NULL) {
+        return MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
+    }
+
+    if ((ret = mbedtls_ctr_drbg_random(ctx, buf,
+                                       MBEDTLS_CTR_DRBG_MAX_INPUT)) != 0) {
+        goto exit;
+    }
+
+    if (fwrite(buf, 1, MBEDTLS_CTR_DRBG_MAX_INPUT, f) !=
+        MBEDTLS_CTR_DRBG_MAX_INPUT) {
+        ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
+    } else {
+        ret = 0;
+    }
+
+exit:
+    mbedtls_platform_zeroize(buf, sizeof(buf));
+
+    fclose(f);
+    return ret;
+}
+
+int mbedtls_ctr_drbg_update_seed_file(mbedtls_ctr_drbg_context *ctx,
+                                      const char *path)
+{
+    int ret = 0;
+    FILE *f = NULL;
+    size_t n;
+    unsigned char buf[MBEDTLS_CTR_DRBG_MAX_INPUT];
+    unsigned char c;
+
+    if ((f = fopen(path, "rb")) == NULL) {
+        return MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
+    }
+
+    n = fread(buf, 1, sizeof(buf), f);
+    if (fread(&c, 1, 1, f) != 0) {
+        ret = MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG;
+        goto exit;
+    }
+    if (n == 0 || ferror(f)) {
+        ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
+        goto exit;
+    }
+    fclose(f);
+    f = NULL;
+
+    ret = mbedtls_ctr_drbg_update_ret(ctx, buf, n);
+
+exit:
+    mbedtls_platform_zeroize(buf, sizeof(buf));
+    if (f != NULL) {
+        fclose(f);
+    }
+    if (ret != 0) {
+        return ret;
+    }
+    return mbedtls_ctr_drbg_write_seed_file(ctx, path);
+}
+#endif /* MBEDTLS_FS_IO */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/* The CTR_DRBG NIST test vectors used here are available at
+ * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/drbg/drbgtestvectors.zip
+ *
+ * The parameters used to derive the test data are:
+ *
+ * [AES-128 use df]
+ * [PredictionResistance = True/False]
+ * [EntropyInputLen = 128]
+ * [NonceLen = 64]
+ * [PersonalizationStringLen = 128]
+ * [AdditionalInputLen = 0]
+ * [ReturnedBitsLen = 512]
+ *
+ * [AES-256 use df]
+ * [PredictionResistance = True/False]
+ * [EntropyInputLen = 256]
+ * [NonceLen = 128]
+ * [PersonalizationStringLen = 256]
+ * [AdditionalInputLen = 0]
+ * [ReturnedBitsLen = 512]
+ *
+ */
+
+#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
+static const unsigned char entropy_source_pr[] =
+{ 0x04, 0xd9, 0x49, 0xa6, 0xdc, 0xe8, 0x6e, 0xbb,
+  0xf1, 0x08, 0x77, 0x2b, 0x9e, 0x08, 0xca, 0x92,
+  0x65, 0x16, 0xda, 0x99, 0xa2, 0x59, 0xf3, 0xe8,
+  0x38, 0x7e, 0x3f, 0x6b, 0x51, 0x70, 0x7b, 0x20,
+  0xec, 0x53, 0xd0, 0x66, 0xc3, 0x0f, 0xe3, 0xb0,
+  0xe0, 0x86, 0xa6, 0xaa, 0x5f, 0x72, 0x2f, 0xad,
+  0xf7, 0xef, 0x06, 0xb8, 0xd6, 0x9c, 0x9d, 0xe8 };
+
+static const unsigned char entropy_source_nopr[] =
+{ 0x07, 0x0d, 0x59, 0x63, 0x98, 0x73, 0xa5, 0x45,
+  0x27, 0x38, 0x22, 0x7b, 0x76, 0x85, 0xd1, 0xa9,
+  0x74, 0x18, 0x1f, 0x3c, 0x22, 0xf6, 0x49, 0x20,
+  0x4a, 0x47, 0xc2, 0xf3, 0x85, 0x16, 0xb4, 0x6f,
+  0x00, 0x2e, 0x71, 0xda, 0xed, 0x16, 0x9b, 0x5c };
+
+static const unsigned char pers_pr[] =
+{ 0xbf, 0xa4, 0x9a, 0x8f, 0x7b, 0xd8, 0xb1, 0x7a,
+  0x9d, 0xfa, 0x45, 0xed, 0x21, 0x52, 0xb3, 0xad };
+
+static const unsigned char pers_nopr[] =
+{ 0x4e, 0x61, 0x79, 0xd4, 0xc2, 0x72, 0xa1, 0x4c,
+  0xf1, 0x3d, 0xf6, 0x5e, 0xa3, 0xa6, 0xe5, 0x0f };
+
+static const unsigned char result_pr[] =
+{ 0xc9, 0x0a, 0xaf, 0x85, 0x89, 0x71, 0x44, 0x66,
+  0x4f, 0x25, 0x0b, 0x2b, 0xde, 0xd8, 0xfa, 0xff,
+  0x52, 0x5a, 0x1b, 0x32, 0x5e, 0x41, 0x7a, 0x10,
+  0x1f, 0xef, 0x1e, 0x62, 0x23, 0xe9, 0x20, 0x30,
+  0xc9, 0x0d, 0xad, 0x69, 0xb4, 0x9c, 0x5b, 0xf4,
+  0x87, 0x42, 0xd5, 0xae, 0x5e, 0x5e, 0x43, 0xcc,
+  0xd9, 0xfd, 0x0b, 0x93, 0x4a, 0xe3, 0xd4, 0x06,
+  0x37, 0x36, 0x0f, 0x3f, 0x72, 0x82, 0x0c, 0xcf };
+
+static const unsigned char result_nopr[] =
+{ 0x31, 0xc9, 0x91, 0x09, 0xf8, 0xc5, 0x10, 0x13,
+  0x3c, 0xd3, 0x96, 0xf9, 0xbc, 0x2c, 0x12, 0xc0,
+  0x7c, 0xc1, 0x61, 0x5f, 0xa3, 0x09, 0x99, 0xaf,
+  0xd7, 0xf2, 0x36, 0xfd, 0x40, 0x1a, 0x8b, 0xf2,
+  0x33, 0x38, 0xee, 0x1d, 0x03, 0x5f, 0x83, 0xb7,
+  0xa2, 0x53, 0xdc, 0xee, 0x18, 0xfc, 0xa7, 0xf2,
+  0xee, 0x96, 0xc6, 0xc2, 0xcd, 0x0c, 0xff, 0x02,
+  0x76, 0x70, 0x69, 0xaa, 0x69, 0xd1, 0x3b, 0xe8 };
+#else /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */
+
+static const unsigned char entropy_source_pr[] =
+{ 0xca, 0x58, 0xfd, 0xf2, 0xb9, 0x77, 0xcb, 0x49,
+  0xd4, 0xe0, 0x5b, 0xe2, 0x39, 0x50, 0xd9, 0x8a,
+  0x6a, 0xb3, 0xc5, 0x2f, 0xdf, 0x74, 0xd5, 0x85,
+  0x8f, 0xd1, 0xba, 0x64, 0x54, 0x7b, 0xdb, 0x1e,
+  0xc5, 0xea, 0x24, 0xc0, 0xfa, 0x0c, 0x90, 0x15,
+  0x09, 0x20, 0x92, 0x42, 0x32, 0x36, 0x45, 0x45,
+  0x7d, 0x20, 0x76, 0x6b, 0xcf, 0xa2, 0x15, 0xc8,
+  0x2f, 0x9f, 0xbc, 0x88, 0x3f, 0x80, 0xd1, 0x2c,
+  0xb7, 0x16, 0xd1, 0x80, 0x9e, 0xe1, 0xc9, 0xb3,
+  0x88, 0x1b, 0x21, 0x45, 0xef, 0xa1, 0x7f, 0xce,
+  0xc8, 0x92, 0x35, 0x55, 0x2a, 0xd9, 0x1d, 0x8e,
+  0x12, 0x38, 0xac, 0x01, 0x4e, 0x38, 0x18, 0x76,
+  0x9c, 0xf2, 0xb6, 0xd4, 0x13, 0xb6, 0x2c, 0x77,
+  0xc0, 0xe7, 0xe6, 0x0c, 0x47, 0x44, 0x95, 0xbe };
+
+static const unsigned char entropy_source_nopr[] =
+{ 0x4c, 0xfb, 0x21, 0x86, 0x73, 0x34, 0x6d, 0x9d,
+  0x50, 0xc9, 0x22, 0xe4, 0x9b, 0x0d, 0xfc, 0xd0,
+  0x90, 0xad, 0xf0, 0x4f, 0x5c, 0x3b, 0xa4, 0x73,
+  0x27, 0xdf, 0xcd, 0x6f, 0xa6, 0x3a, 0x78, 0x5c,
+  0x01, 0x69, 0x62, 0xa7, 0xfd, 0x27, 0x87, 0xa2,
+  0x4b, 0xf6, 0xbe, 0x47, 0xef, 0x37, 0x83, 0xf1,
+  0xb7, 0xec, 0x46, 0x07, 0x23, 0x63, 0x83, 0x4a,
+  0x1b, 0x01, 0x33, 0xf2, 0xc2, 0x38, 0x91, 0xdb,
+  0x4f, 0x11, 0xa6, 0x86, 0x51, 0xf2, 0x3e, 0x3a,
+  0x8b, 0x1f, 0xdc, 0x03, 0xb1, 0x92, 0xc7, 0xe7 };
+
+static const unsigned char pers_pr[] =
+{ 0x5a, 0x70, 0x95, 0xe9, 0x81, 0x40, 0x52, 0x33,
+  0x91, 0x53, 0x7e, 0x75, 0xd6, 0x19, 0x9d, 0x1e,
+  0xad, 0x0d, 0xc6, 0xa7, 0xde, 0x6c, 0x1f, 0xe0,
+  0xea, 0x18, 0x33, 0xa8, 0x7e, 0x06, 0x20, 0xe9 };
+
+static const unsigned char pers_nopr[] =
+{ 0x88, 0xee, 0xb8, 0xe0, 0xe8, 0x3b, 0xf3, 0x29,
+  0x4b, 0xda, 0xcd, 0x60, 0x99, 0xeb, 0xe4, 0xbf,
+  0x55, 0xec, 0xd9, 0x11, 0x3f, 0x71, 0xe5, 0xeb,
+  0xcb, 0x45, 0x75, 0xf3, 0xd6, 0xa6, 0x8a, 0x6b };
+
+static const unsigned char result_pr[] =
+{ 0xce, 0x2f, 0xdb, 0xb6, 0xd9, 0xb7, 0x39, 0x85,
+  0x04, 0xc5, 0xc0, 0x42, 0xc2, 0x31, 0xc6, 0x1d,
+  0x9b, 0x5a, 0x59, 0xf8, 0x7e, 0x0d, 0xcc, 0x62,
+  0x7b, 0x65, 0x11, 0x55, 0x10, 0xeb, 0x9e, 0x3d,
+  0xa4, 0xfb, 0x1c, 0x6a, 0x18, 0xc0, 0x74, 0xdb,
+  0xdd, 0xe7, 0x02, 0x23, 0x63, 0x21, 0xd0, 0x39,
+  0xf9, 0xa7, 0xc4, 0x52, 0x84, 0x3b, 0x49, 0x40,
+  0x72, 0x2b, 0xb0, 0x6c, 0x9c, 0xdb, 0xc3, 0x43 };
+
+static const unsigned char result_nopr[] =
+{ 0xa5, 0x51, 0x80, 0xa1, 0x90, 0xbe, 0xf3, 0xad,
+  0xaf, 0x28, 0xf6, 0xb7, 0x95, 0xe9, 0xf1, 0xf3,
+  0xd6, 0xdf, 0xa1, 0xb2, 0x7d, 0xd0, 0x46, 0x7b,
+  0x0c, 0x75, 0xf5, 0xfa, 0x93, 0x1e, 0x97, 0x14,
+  0x75, 0xb2, 0x7c, 0xae, 0x03, 0xa2, 0x96, 0x54,
+  0xe2, 0xf4, 0x09, 0x66, 0xea, 0x33, 0x64, 0x30,
+  0x40, 0xd1, 0x40, 0x0f, 0xe6, 0x77, 0x87, 0x3a,
+  0xf8, 0x09, 0x7c, 0x1f, 0xe9, 0xf0, 0x02, 0x98 };
+#endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */
+
+static size_t test_offset;
+static int ctr_drbg_self_test_entropy(void *data, unsigned char *buf,
+                                      size_t len)
+{
+    const unsigned char *p = data;
+    memcpy(buf, p + test_offset, len);
+    test_offset += len;
+    return 0;
+}
+
+#define CHK(c)    if ((c) != 0)                          \
+    {                                       \
+        if (verbose != 0)                  \
+        mbedtls_printf("failed\n");  \
+        return 1;                        \
+    }
+
+#define SELF_TEST_OUTPUT_DISCARD_LENGTH 64
+
+/*
+ * Checkup routine
+ */
+int mbedtls_ctr_drbg_self_test(int verbose)
+{
+    mbedtls_ctr_drbg_context ctx;
+    unsigned char buf[sizeof(result_pr)];
+
+    mbedtls_ctr_drbg_init(&ctx);
+
+    /*
+     * Based on a NIST CTR_DRBG test vector (PR = True)
+     */
+    if (verbose != 0) {
+        mbedtls_printf("  CTR_DRBG (PR = TRUE) : ");
+    }
+
+    test_offset = 0;
+    mbedtls_ctr_drbg_set_entropy_len(&ctx, MBEDTLS_CTR_DRBG_KEYSIZE);
+    mbedtls_ctr_drbg_set_nonce_len(&ctx, MBEDTLS_CTR_DRBG_KEYSIZE / 2);
+    CHK(mbedtls_ctr_drbg_seed(&ctx,
+                              ctr_drbg_self_test_entropy,
+                              (void *) entropy_source_pr,
+                              pers_pr, MBEDTLS_CTR_DRBG_KEYSIZE));
+    mbedtls_ctr_drbg_set_prediction_resistance(&ctx, MBEDTLS_CTR_DRBG_PR_ON);
+    CHK(mbedtls_ctr_drbg_random(&ctx, buf, SELF_TEST_OUTPUT_DISCARD_LENGTH));
+    CHK(mbedtls_ctr_drbg_random(&ctx, buf, sizeof(result_pr)));
+    CHK(memcmp(buf, result_pr, sizeof(result_pr)));
+
+    mbedtls_ctr_drbg_free(&ctx);
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n");
+    }
+
+    /*
+     * Based on a NIST CTR_DRBG test vector (PR = FALSE)
+     */
+    if (verbose != 0) {
+        mbedtls_printf("  CTR_DRBG (PR = FALSE): ");
+    }
+
+    mbedtls_ctr_drbg_init(&ctx);
+
+    test_offset = 0;
+    mbedtls_ctr_drbg_set_entropy_len(&ctx, MBEDTLS_CTR_DRBG_KEYSIZE);
+    mbedtls_ctr_drbg_set_nonce_len(&ctx, MBEDTLS_CTR_DRBG_KEYSIZE / 2);
+    CHK(mbedtls_ctr_drbg_seed(&ctx,
+                              ctr_drbg_self_test_entropy,
+                              (void *) entropy_source_nopr,
+                              pers_nopr, MBEDTLS_CTR_DRBG_KEYSIZE));
+    CHK(mbedtls_ctr_drbg_reseed(&ctx, NULL, 0));
+    CHK(mbedtls_ctr_drbg_random(&ctx, buf, SELF_TEST_OUTPUT_DISCARD_LENGTH));
+    CHK(mbedtls_ctr_drbg_random(&ctx, buf, sizeof(result_nopr)));
+    CHK(memcmp(buf, result_nopr, sizeof(result_nopr)));
+
+    mbedtls_ctr_drbg_free(&ctx);
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n");
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/debug.c b/3rdparty/mbedtls-2.28.7/library/debug.c
new file mode 100644
index 0000000..f2d8dce
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/debug.c
@@ -0,0 +1,385 @@
+/*
+ *  Debugging routines
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_DEBUG_C)
+
+#include "mbedtls/platform.h"
+
+#include "mbedtls/debug.h"
+#include "mbedtls/error.h"
+
+#include <stdarg.h>
+#include <stdio.h>
+#include <string.h>
+
+/* DEBUG_BUF_SIZE must be at least 2 */
+#define DEBUG_BUF_SIZE      512
+
+static int debug_threshold = 0;
+
+void mbedtls_debug_set_threshold(int threshold)
+{
+    debug_threshold = threshold;
+}
+
+/*
+ * All calls to f_dbg must be made via this function
+ */
+static inline void debug_send_line(const mbedtls_ssl_context *ssl, int level,
+                                   const char *file, int line,
+                                   const char *str)
+{
+    /*
+     * If in a threaded environment, we need a thread identifier.
+     * Since there is no portable way to get one, use the address of the ssl
+     * context instead, as it shouldn't be shared between threads.
+     */
+#if defined(MBEDTLS_THREADING_C)
+    char idstr[20 + DEBUG_BUF_SIZE]; /* 0x + 16 nibbles + ': ' */
+    mbedtls_snprintf(idstr, sizeof(idstr), "%p: %s", (void *) ssl, str);
+    ssl->conf->f_dbg(ssl->conf->p_dbg, level, file, line, idstr);
+#else
+    ssl->conf->f_dbg(ssl->conf->p_dbg, level, file, line, str);
+#endif
+}
+
+MBEDTLS_PRINTF_ATTRIBUTE(5, 6)
+void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level,
+                             const char *file, int line,
+                             const char *format, ...)
+{
+    va_list argp;
+    char str[DEBUG_BUF_SIZE];
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    MBEDTLS_STATIC_ASSERT(DEBUG_BUF_SIZE >= 2, "DEBUG_BUF_SIZE too small");
+
+    if (NULL == ssl              ||
+        NULL == ssl->conf        ||
+        NULL == ssl->conf->f_dbg ||
+        level > debug_threshold) {
+        return;
+    }
+
+    va_start(argp, format);
+    ret = mbedtls_vsnprintf(str, DEBUG_BUF_SIZE, format, argp);
+    va_end(argp);
+
+    if (ret < 0) {
+        ret = 0;
+    } else {
+        if (ret >= DEBUG_BUF_SIZE - 1) {
+            ret = DEBUG_BUF_SIZE - 2;
+        }
+    }
+    str[ret]     = '\n';
+    str[ret + 1] = '\0';
+
+    debug_send_line(ssl, level, file, line, str);
+}
+
+void mbedtls_debug_print_ret(const mbedtls_ssl_context *ssl, int level,
+                             const char *file, int line,
+                             const char *text, int ret)
+{
+    char str[DEBUG_BUF_SIZE];
+
+    if (NULL == ssl              ||
+        NULL == ssl->conf        ||
+        NULL == ssl->conf->f_dbg ||
+        level > debug_threshold) {
+        return;
+    }
+
+    /*
+     * With non-blocking I/O and examples that just retry immediately,
+     * the logs would be quickly flooded with WANT_READ, so ignore that.
+     * Don't ignore WANT_WRITE however, since is is usually rare.
+     */
+    if (ret == MBEDTLS_ERR_SSL_WANT_READ) {
+        return;
+    }
+
+    mbedtls_snprintf(str, sizeof(str), "%s() returned %d (-0x%04x)\n",
+                     text, ret, (unsigned int) -ret);
+
+    debug_send_line(ssl, level, file, line, str);
+}
+
+void mbedtls_debug_print_buf(const mbedtls_ssl_context *ssl, int level,
+                             const char *file, int line, const char *text,
+                             const unsigned char *buf, size_t len)
+{
+    char str[DEBUG_BUF_SIZE];
+    char txt[17];
+    size_t i, idx = 0;
+
+    if (NULL == ssl              ||
+        NULL == ssl->conf        ||
+        NULL == ssl->conf->f_dbg ||
+        level > debug_threshold) {
+        return;
+    }
+
+    mbedtls_snprintf(str + idx, sizeof(str) - idx, "dumping '%s' (%u bytes)\n",
+                     text, (unsigned int) len);
+
+    debug_send_line(ssl, level, file, line, str);
+
+    idx = 0;
+    memset(txt, 0, sizeof(txt));
+    for (i = 0; i < len; i++) {
+        if (i >= 4096) {
+            break;
+        }
+
+        if (i % 16 == 0) {
+            if (i > 0) {
+                mbedtls_snprintf(str + idx, sizeof(str) - idx, "  %s\n", txt);
+                debug_send_line(ssl, level, file, line, str);
+
+                idx = 0;
+                memset(txt, 0, sizeof(txt));
+            }
+
+            idx += mbedtls_snprintf(str + idx, sizeof(str) - idx, "%04x: ",
+                                    (unsigned int) i);
+
+        }
+
+        idx += mbedtls_snprintf(str + idx, sizeof(str) - idx, " %02x",
+                                (unsigned int) buf[i]);
+        txt[i % 16] = (buf[i] > 31 && buf[i] < 127) ? buf[i] : '.';
+    }
+
+    if (len > 0) {
+        for (/* i = i */; i % 16 != 0; i++) {
+            idx += mbedtls_snprintf(str + idx, sizeof(str) - idx, "   ");
+        }
+
+        mbedtls_snprintf(str + idx, sizeof(str) - idx, "  %s\n", txt);
+        debug_send_line(ssl, level, file, line, str);
+    }
+}
+
+#if defined(MBEDTLS_ECP_C)
+void mbedtls_debug_print_ecp(const mbedtls_ssl_context *ssl, int level,
+                             const char *file, int line,
+                             const char *text, const mbedtls_ecp_point *X)
+{
+    char str[DEBUG_BUF_SIZE];
+
+    if (NULL == ssl              ||
+        NULL == ssl->conf        ||
+        NULL == ssl->conf->f_dbg ||
+        level > debug_threshold) {
+        return;
+    }
+
+    mbedtls_snprintf(str, sizeof(str), "%s(X)", text);
+    mbedtls_debug_print_mpi(ssl, level, file, line, str, &X->X);
+
+    mbedtls_snprintf(str, sizeof(str), "%s(Y)", text);
+    mbedtls_debug_print_mpi(ssl, level, file, line, str, &X->Y);
+}
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_BIGNUM_C)
+void mbedtls_debug_print_mpi(const mbedtls_ssl_context *ssl, int level,
+                             const char *file, int line,
+                             const char *text, const mbedtls_mpi *X)
+{
+    char str[DEBUG_BUF_SIZE];
+    size_t bitlen;
+    size_t idx = 0;
+
+    if (NULL == ssl              ||
+        NULL == ssl->conf        ||
+        NULL == ssl->conf->f_dbg ||
+        NULL == X                ||
+        level > debug_threshold) {
+        return;
+    }
+
+    bitlen = mbedtls_mpi_bitlen(X);
+
+    mbedtls_snprintf(str, sizeof(str), "value of '%s' (%u bits) is:\n",
+                     text, (unsigned) bitlen);
+    debug_send_line(ssl, level, file, line, str);
+
+    if (bitlen == 0) {
+        str[0] = ' '; str[1] = '0'; str[2] = '0';
+        idx = 3;
+    } else {
+        int n;
+        for (n = (int) ((bitlen - 1) / 8); n >= 0; n--) {
+            size_t limb_offset = n / sizeof(mbedtls_mpi_uint);
+            size_t offset_in_limb = n % sizeof(mbedtls_mpi_uint);
+            unsigned char octet =
+                (X->p[limb_offset] >> (offset_in_limb * 8)) & 0xff;
+            mbedtls_snprintf(str + idx, sizeof(str) - idx, " %02x", octet);
+            idx += 3;
+            /* Wrap lines after 16 octets that each take 3 columns */
+            if (idx >= 3 * 16) {
+                mbedtls_snprintf(str + idx, sizeof(str) - idx, "\n");
+                debug_send_line(ssl, level, file, line, str);
+                idx = 0;
+            }
+        }
+    }
+
+    if (idx != 0) {
+        mbedtls_snprintf(str + idx, sizeof(str) - idx, "\n");
+        debug_send_line(ssl, level, file, line, str);
+    }
+}
+#endif /* MBEDTLS_BIGNUM_C */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+static void debug_print_pk(const mbedtls_ssl_context *ssl, int level,
+                           const char *file, int line,
+                           const char *text, const mbedtls_pk_context *pk)
+{
+    size_t i;
+    mbedtls_pk_debug_item items[MBEDTLS_PK_DEBUG_MAX_ITEMS];
+    char name[16];
+
+    memset(items, 0, sizeof(items));
+
+    if (mbedtls_pk_debug(pk, items) != 0) {
+        debug_send_line(ssl, level, file, line,
+                        "invalid PK context\n");
+        return;
+    }
+
+    for (i = 0; i < MBEDTLS_PK_DEBUG_MAX_ITEMS; i++) {
+        if (items[i].type == MBEDTLS_PK_DEBUG_NONE) {
+            return;
+        }
+
+        mbedtls_snprintf(name, sizeof(name), "%s%s", text, items[i].name);
+        name[sizeof(name) - 1] = '\0';
+
+        if (items[i].type == MBEDTLS_PK_DEBUG_MPI) {
+            mbedtls_debug_print_mpi(ssl, level, file, line, name, items[i].value);
+        } else
+#if defined(MBEDTLS_ECP_C)
+        if (items[i].type == MBEDTLS_PK_DEBUG_ECP) {
+            mbedtls_debug_print_ecp(ssl, level, file, line, name, items[i].value);
+        } else
+#endif
+        { debug_send_line(ssl, level, file, line,
+                          "should not happen\n"); }
+    }
+}
+
+static void debug_print_line_by_line(const mbedtls_ssl_context *ssl, int level,
+                                     const char *file, int line, const char *text)
+{
+    char str[DEBUG_BUF_SIZE];
+    const char *start, *cur;
+
+    start = text;
+    for (cur = text; *cur != '\0'; cur++) {
+        if (*cur == '\n') {
+            size_t len = cur - start + 1;
+            if (len > DEBUG_BUF_SIZE - 1) {
+                len = DEBUG_BUF_SIZE - 1;
+            }
+
+            memcpy(str, start, len);
+            str[len] = '\0';
+
+            debug_send_line(ssl, level, file, line, str);
+
+            start = cur + 1;
+        }
+    }
+}
+
+void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level,
+                             const char *file, int line,
+                             const char *text, const mbedtls_x509_crt *crt)
+{
+    char str[DEBUG_BUF_SIZE];
+    int i = 0;
+
+    if (NULL == ssl              ||
+        NULL == ssl->conf        ||
+        NULL == ssl->conf->f_dbg ||
+        NULL == crt              ||
+        level > debug_threshold) {
+        return;
+    }
+
+    while (crt != NULL) {
+        char buf[1024];
+
+        mbedtls_snprintf(str, sizeof(str), "%s #%d:\n", text, ++i);
+        debug_send_line(ssl, level, file, line, str);
+
+        mbedtls_x509_crt_info(buf, sizeof(buf) - 1, "", crt);
+        debug_print_line_by_line(ssl, level, file, line, buf);
+
+        debug_print_pk(ssl, level, file, line, "crt->", &crt->pk);
+
+        crt = crt->next;
+    }
+}
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_ECDH_C)
+static void mbedtls_debug_printf_ecdh_internal(const mbedtls_ssl_context *ssl,
+                                               int level, const char *file,
+                                               int line,
+                                               const mbedtls_ecdh_context *ecdh,
+                                               mbedtls_debug_ecdh_attr attr)
+{
+#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
+    const mbedtls_ecdh_context *ctx = ecdh;
+#else
+    const mbedtls_ecdh_context_mbed *ctx = &ecdh->ctx.mbed_ecdh;
+#endif
+
+    switch (attr) {
+        case MBEDTLS_DEBUG_ECDH_Q:
+            mbedtls_debug_print_ecp(ssl, level, file, line, "ECDH: Q",
+                                    &ctx->Q);
+            break;
+        case MBEDTLS_DEBUG_ECDH_QP:
+            mbedtls_debug_print_ecp(ssl, level, file, line, "ECDH: Qp",
+                                    &ctx->Qp);
+            break;
+        case MBEDTLS_DEBUG_ECDH_Z:
+            mbedtls_debug_print_mpi(ssl, level, file, line, "ECDH: z",
+                                    &ctx->z);
+            break;
+        default:
+            break;
+    }
+}
+
+void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level,
+                               const char *file, int line,
+                               const mbedtls_ecdh_context *ecdh,
+                               mbedtls_debug_ecdh_attr attr)
+{
+#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
+    mbedtls_debug_printf_ecdh_internal(ssl, level, file, line, ecdh, attr);
+#else
+    switch (ecdh->var) {
+        default:
+            mbedtls_debug_printf_ecdh_internal(ssl, level, file, line, ecdh,
+                                               attr);
+    }
+#endif
+}
+#endif /* MBEDTLS_ECDH_C */
+
+#endif /* MBEDTLS_DEBUG_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/des.c b/3rdparty/mbedtls-2.28.7/library/des.c
new file mode 100644
index 0000000..afe72ce
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/des.c
@@ -0,0 +1,1052 @@
+/*
+ *  FIPS-46-3 compliant Triple-DES implementation
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  DES, on which TDES is based, was originally designed by Horst Feistel
+ *  at IBM in 1974, and was adopted as a standard by NIST (formerly NBS).
+ *
+ *  http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_DES_C)
+
+#include "mbedtls/des.h"
+#include "mbedtls/error.h"
+#include "mbedtls/platform_util.h"
+
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_DES_ALT)
+
+/*
+ * Expanded DES S-boxes
+ */
+static const uint32_t SB1[64] =
+{
+    0x01010400, 0x00000000, 0x00010000, 0x01010404,
+    0x01010004, 0x00010404, 0x00000004, 0x00010000,
+    0x00000400, 0x01010400, 0x01010404, 0x00000400,
+    0x01000404, 0x01010004, 0x01000000, 0x00000004,
+    0x00000404, 0x01000400, 0x01000400, 0x00010400,
+    0x00010400, 0x01010000, 0x01010000, 0x01000404,
+    0x00010004, 0x01000004, 0x01000004, 0x00010004,
+    0x00000000, 0x00000404, 0x00010404, 0x01000000,
+    0x00010000, 0x01010404, 0x00000004, 0x01010000,
+    0x01010400, 0x01000000, 0x01000000, 0x00000400,
+    0x01010004, 0x00010000, 0x00010400, 0x01000004,
+    0x00000400, 0x00000004, 0x01000404, 0x00010404,
+    0x01010404, 0x00010004, 0x01010000, 0x01000404,
+    0x01000004, 0x00000404, 0x00010404, 0x01010400,
+    0x00000404, 0x01000400, 0x01000400, 0x00000000,
+    0x00010004, 0x00010400, 0x00000000, 0x01010004
+};
+
+static const uint32_t SB2[64] =
+{
+    0x80108020, 0x80008000, 0x00008000, 0x00108020,
+    0x00100000, 0x00000020, 0x80100020, 0x80008020,
+    0x80000020, 0x80108020, 0x80108000, 0x80000000,
+    0x80008000, 0x00100000, 0x00000020, 0x80100020,
+    0x00108000, 0x00100020, 0x80008020, 0x00000000,
+    0x80000000, 0x00008000, 0x00108020, 0x80100000,
+    0x00100020, 0x80000020, 0x00000000, 0x00108000,
+    0x00008020, 0x80108000, 0x80100000, 0x00008020,
+    0x00000000, 0x00108020, 0x80100020, 0x00100000,
+    0x80008020, 0x80100000, 0x80108000, 0x00008000,
+    0x80100000, 0x80008000, 0x00000020, 0x80108020,
+    0x00108020, 0x00000020, 0x00008000, 0x80000000,
+    0x00008020, 0x80108000, 0x00100000, 0x80000020,
+    0x00100020, 0x80008020, 0x80000020, 0x00100020,
+    0x00108000, 0x00000000, 0x80008000, 0x00008020,
+    0x80000000, 0x80100020, 0x80108020, 0x00108000
+};
+
+static const uint32_t SB3[64] =
+{
+    0x00000208, 0x08020200, 0x00000000, 0x08020008,
+    0x08000200, 0x00000000, 0x00020208, 0x08000200,
+    0x00020008, 0x08000008, 0x08000008, 0x00020000,
+    0x08020208, 0x00020008, 0x08020000, 0x00000208,
+    0x08000000, 0x00000008, 0x08020200, 0x00000200,
+    0x00020200, 0x08020000, 0x08020008, 0x00020208,
+    0x08000208, 0x00020200, 0x00020000, 0x08000208,
+    0x00000008, 0x08020208, 0x00000200, 0x08000000,
+    0x08020200, 0x08000000, 0x00020008, 0x00000208,
+    0x00020000, 0x08020200, 0x08000200, 0x00000000,
+    0x00000200, 0x00020008, 0x08020208, 0x08000200,
+    0x08000008, 0x00000200, 0x00000000, 0x08020008,
+    0x08000208, 0x00020000, 0x08000000, 0x08020208,
+    0x00000008, 0x00020208, 0x00020200, 0x08000008,
+    0x08020000, 0x08000208, 0x00000208, 0x08020000,
+    0x00020208, 0x00000008, 0x08020008, 0x00020200
+};
+
+static const uint32_t SB4[64] =
+{
+    0x00802001, 0x00002081, 0x00002081, 0x00000080,
+    0x00802080, 0x00800081, 0x00800001, 0x00002001,
+    0x00000000, 0x00802000, 0x00802000, 0x00802081,
+    0x00000081, 0x00000000, 0x00800080, 0x00800001,
+    0x00000001, 0x00002000, 0x00800000, 0x00802001,
+    0x00000080, 0x00800000, 0x00002001, 0x00002080,
+    0x00800081, 0x00000001, 0x00002080, 0x00800080,
+    0x00002000, 0x00802080, 0x00802081, 0x00000081,
+    0x00800080, 0x00800001, 0x00802000, 0x00802081,
+    0x00000081, 0x00000000, 0x00000000, 0x00802000,
+    0x00002080, 0x00800080, 0x00800081, 0x00000001,
+    0x00802001, 0x00002081, 0x00002081, 0x00000080,
+    0x00802081, 0x00000081, 0x00000001, 0x00002000,
+    0x00800001, 0x00002001, 0x00802080, 0x00800081,
+    0x00002001, 0x00002080, 0x00800000, 0x00802001,
+    0x00000080, 0x00800000, 0x00002000, 0x00802080
+};
+
+static const uint32_t SB5[64] =
+{
+    0x00000100, 0x02080100, 0x02080000, 0x42000100,
+    0x00080000, 0x00000100, 0x40000000, 0x02080000,
+    0x40080100, 0x00080000, 0x02000100, 0x40080100,
+    0x42000100, 0x42080000, 0x00080100, 0x40000000,
+    0x02000000, 0x40080000, 0x40080000, 0x00000000,
+    0x40000100, 0x42080100, 0x42080100, 0x02000100,
+    0x42080000, 0x40000100, 0x00000000, 0x42000000,
+    0x02080100, 0x02000000, 0x42000000, 0x00080100,
+    0x00080000, 0x42000100, 0x00000100, 0x02000000,
+    0x40000000, 0x02080000, 0x42000100, 0x40080100,
+    0x02000100, 0x40000000, 0x42080000, 0x02080100,
+    0x40080100, 0x00000100, 0x02000000, 0x42080000,
+    0x42080100, 0x00080100, 0x42000000, 0x42080100,
+    0x02080000, 0x00000000, 0x40080000, 0x42000000,
+    0x00080100, 0x02000100, 0x40000100, 0x00080000,
+    0x00000000, 0x40080000, 0x02080100, 0x40000100
+};
+
+static const uint32_t SB6[64] =
+{
+    0x20000010, 0x20400000, 0x00004000, 0x20404010,
+    0x20400000, 0x00000010, 0x20404010, 0x00400000,
+    0x20004000, 0x00404010, 0x00400000, 0x20000010,
+    0x00400010, 0x20004000, 0x20000000, 0x00004010,
+    0x00000000, 0x00400010, 0x20004010, 0x00004000,
+    0x00404000, 0x20004010, 0x00000010, 0x20400010,
+    0x20400010, 0x00000000, 0x00404010, 0x20404000,
+    0x00004010, 0x00404000, 0x20404000, 0x20000000,
+    0x20004000, 0x00000010, 0x20400010, 0x00404000,
+    0x20404010, 0x00400000, 0x00004010, 0x20000010,
+    0x00400000, 0x20004000, 0x20000000, 0x00004010,
+    0x20000010, 0x20404010, 0x00404000, 0x20400000,
+    0x00404010, 0x20404000, 0x00000000, 0x20400010,
+    0x00000010, 0x00004000, 0x20400000, 0x00404010,
+    0x00004000, 0x00400010, 0x20004010, 0x00000000,
+    0x20404000, 0x20000000, 0x00400010, 0x20004010
+};
+
+static const uint32_t SB7[64] =
+{
+    0x00200000, 0x04200002, 0x04000802, 0x00000000,
+    0x00000800, 0x04000802, 0x00200802, 0x04200800,
+    0x04200802, 0x00200000, 0x00000000, 0x04000002,
+    0x00000002, 0x04000000, 0x04200002, 0x00000802,
+    0x04000800, 0x00200802, 0x00200002, 0x04000800,
+    0x04000002, 0x04200000, 0x04200800, 0x00200002,
+    0x04200000, 0x00000800, 0x00000802, 0x04200802,
+    0x00200800, 0x00000002, 0x04000000, 0x00200800,
+    0x04000000, 0x00200800, 0x00200000, 0x04000802,
+    0x04000802, 0x04200002, 0x04200002, 0x00000002,
+    0x00200002, 0x04000000, 0x04000800, 0x00200000,
+    0x04200800, 0x00000802, 0x00200802, 0x04200800,
+    0x00000802, 0x04000002, 0x04200802, 0x04200000,
+    0x00200800, 0x00000000, 0x00000002, 0x04200802,
+    0x00000000, 0x00200802, 0x04200000, 0x00000800,
+    0x04000002, 0x04000800, 0x00000800, 0x00200002
+};
+
+static const uint32_t SB8[64] =
+{
+    0x10001040, 0x00001000, 0x00040000, 0x10041040,
+    0x10000000, 0x10001040, 0x00000040, 0x10000000,
+    0x00040040, 0x10040000, 0x10041040, 0x00041000,
+    0x10041000, 0x00041040, 0x00001000, 0x00000040,
+    0x10040000, 0x10000040, 0x10001000, 0x00001040,
+    0x00041000, 0x00040040, 0x10040040, 0x10041000,
+    0x00001040, 0x00000000, 0x00000000, 0x10040040,
+    0x10000040, 0x10001000, 0x00041040, 0x00040000,
+    0x00041040, 0x00040000, 0x10041000, 0x00001000,
+    0x00000040, 0x10040040, 0x00001000, 0x00041040,
+    0x10001000, 0x00000040, 0x10000040, 0x10040000,
+    0x10040040, 0x10000000, 0x00040000, 0x10001040,
+    0x00000000, 0x10041040, 0x00040040, 0x10000040,
+    0x10040000, 0x10001000, 0x10001040, 0x00000000,
+    0x10041040, 0x00041000, 0x00041000, 0x00001040,
+    0x00001040, 0x00040040, 0x10000000, 0x10041000
+};
+
+/*
+ * PC1: left and right halves bit-swap
+ */
+static const uint32_t LHs[16] =
+{
+    0x00000000, 0x00000001, 0x00000100, 0x00000101,
+    0x00010000, 0x00010001, 0x00010100, 0x00010101,
+    0x01000000, 0x01000001, 0x01000100, 0x01000101,
+    0x01010000, 0x01010001, 0x01010100, 0x01010101
+};
+
+static const uint32_t RHs[16] =
+{
+    0x00000000, 0x01000000, 0x00010000, 0x01010000,
+    0x00000100, 0x01000100, 0x00010100, 0x01010100,
+    0x00000001, 0x01000001, 0x00010001, 0x01010001,
+    0x00000101, 0x01000101, 0x00010101, 0x01010101,
+};
+
+/*
+ * Initial Permutation macro
+ */
+#define DES_IP(X, Y)                                                       \
+    do                                                                    \
+    {                                                                     \
+        T = (((X) >>  4) ^ (Y)) & 0x0F0F0F0F; (Y) ^= T; (X) ^= (T <<  4); \
+        T = (((X) >> 16) ^ (Y)) & 0x0000FFFF; (Y) ^= T; (X) ^= (T << 16); \
+        T = (((Y) >>  2) ^ (X)) & 0x33333333; (X) ^= T; (Y) ^= (T <<  2); \
+        T = (((Y) >>  8) ^ (X)) & 0x00FF00FF; (X) ^= T; (Y) ^= (T <<  8); \
+        (Y) = (((Y) << 1) | ((Y) >> 31)) & 0xFFFFFFFF;                    \
+        T = ((X) ^ (Y)) & 0xAAAAAAAA; (Y) ^= T; (X) ^= T;                 \
+        (X) = (((X) << 1) | ((X) >> 31)) & 0xFFFFFFFF;                    \
+    } while (0)
+
+/*
+ * Final Permutation macro
+ */
+#define DES_FP(X, Y)                                                       \
+    do                                                                    \
+    {                                                                     \
+        (X) = (((X) << 31) | ((X) >> 1)) & 0xFFFFFFFF;                    \
+        T = ((X) ^ (Y)) & 0xAAAAAAAA; (X) ^= T; (Y) ^= T;                 \
+        (Y) = (((Y) << 31) | ((Y) >> 1)) & 0xFFFFFFFF;                    \
+        T = (((Y) >>  8) ^ (X)) & 0x00FF00FF; (X) ^= T; (Y) ^= (T <<  8); \
+        T = (((Y) >>  2) ^ (X)) & 0x33333333; (X) ^= T; (Y) ^= (T <<  2); \
+        T = (((X) >> 16) ^ (Y)) & 0x0000FFFF; (Y) ^= T; (X) ^= (T << 16); \
+        T = (((X) >>  4) ^ (Y)) & 0x0F0F0F0F; (Y) ^= T; (X) ^= (T <<  4); \
+    } while (0)
+
+/*
+ * DES round macro
+ */
+#define DES_ROUND(X, Y)                              \
+    do                                              \
+    {                                               \
+        T = *SK++ ^ (X);                            \
+        (Y) ^= SB8[(T) & 0x3F] ^            \
+               SB6[(T >>  8) & 0x3F] ^            \
+               SB4[(T >> 16) & 0x3F] ^            \
+               SB2[(T >> 24) & 0x3F];             \
+                                                    \
+        T = *SK++ ^ (((X) << 28) | ((X) >> 4));     \
+        (Y) ^= SB7[(T) & 0x3F] ^            \
+               SB5[(T >>  8) & 0x3F] ^            \
+               SB3[(T >> 16) & 0x3F] ^            \
+               SB1[(T >> 24) & 0x3F];             \
+    } while (0)
+
+#define SWAP(a, b)                                       \
+    do                                                  \
+    {                                                   \
+        uint32_t t = (a); (a) = (b); (b) = t; t = 0;    \
+    } while (0)
+
+void mbedtls_des_init(mbedtls_des_context *ctx)
+{
+    memset(ctx, 0, sizeof(mbedtls_des_context));
+}
+
+void mbedtls_des_free(mbedtls_des_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_des_context));
+}
+
+void mbedtls_des3_init(mbedtls_des3_context *ctx)
+{
+    memset(ctx, 0, sizeof(mbedtls_des3_context));
+}
+
+void mbedtls_des3_free(mbedtls_des3_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_des3_context));
+}
+
+static const unsigned char odd_parity_table[128] = { 1,  2,  4,  7,  8,
+                                                     11, 13, 14, 16, 19, 21, 22, 25, 26, 28, 31, 32,
+                                                     35, 37, 38, 41, 42, 44,
+                                                     47, 49, 50, 52, 55, 56, 59, 61, 62, 64, 67, 69,
+                                                     70, 73, 74, 76, 79, 81,
+                                                     82, 84, 87, 88, 91, 93, 94, 97, 98, 100, 103,
+                                                     104, 107, 109, 110, 112,
+                                                     115, 117, 118, 121, 122, 124, 127, 128, 131,
+                                                     133, 134, 137, 138, 140,
+                                                     143, 145, 146, 148, 151, 152, 155, 157, 158,
+                                                     161, 162, 164, 167, 168,
+                                                     171, 173, 174, 176, 179, 181, 182, 185, 186,
+                                                     188, 191, 193, 194, 196,
+                                                     199, 200, 203, 205, 206, 208, 211, 213, 214,
+                                                     217, 218, 220, 223, 224,
+                                                     227, 229, 230, 233, 234, 236, 239, 241, 242,
+                                                     244, 247, 248, 251, 253,
+                                                     254 };
+
+void mbedtls_des_key_set_parity(unsigned char key[MBEDTLS_DES_KEY_SIZE])
+{
+    int i;
+
+    for (i = 0; i < MBEDTLS_DES_KEY_SIZE; i++) {
+        key[i] = odd_parity_table[key[i] / 2];
+    }
+}
+
+/*
+ * Check the given key's parity, returns 1 on failure, 0 on SUCCESS
+ */
+int mbedtls_des_key_check_key_parity(const unsigned char key[MBEDTLS_DES_KEY_SIZE])
+{
+    int i;
+
+    for (i = 0; i < MBEDTLS_DES_KEY_SIZE; i++) {
+        if (key[i] != odd_parity_table[key[i] / 2]) {
+            return 1;
+        }
+    }
+
+    return 0;
+}
+
+/*
+ * Table of weak and semi-weak keys
+ *
+ * Source: http://en.wikipedia.org/wiki/Weak_key
+ *
+ * Weak:
+ * Alternating ones + zeros (0x0101010101010101)
+ * Alternating 'F' + 'E' (0xFEFEFEFEFEFEFEFE)
+ * '0xE0E0E0E0F1F1F1F1'
+ * '0x1F1F1F1F0E0E0E0E'
+ *
+ * Semi-weak:
+ * 0x011F011F010E010E and 0x1F011F010E010E01
+ * 0x01E001E001F101F1 and 0xE001E001F101F101
+ * 0x01FE01FE01FE01FE and 0xFE01FE01FE01FE01
+ * 0x1FE01FE00EF10EF1 and 0xE01FE01FF10EF10E
+ * 0x1FFE1FFE0EFE0EFE and 0xFE1FFE1FFE0EFE0E
+ * 0xE0FEE0FEF1FEF1FE and 0xFEE0FEE0FEF1FEF1
+ *
+ */
+
+#define WEAK_KEY_COUNT 16
+
+static const unsigned char weak_key_table[WEAK_KEY_COUNT][MBEDTLS_DES_KEY_SIZE] =
+{
+    { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
+    { 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE },
+    { 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E },
+    { 0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1 },
+
+    { 0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E },
+    { 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01 },
+    { 0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1 },
+    { 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01 },
+    { 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE },
+    { 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01 },
+    { 0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1 },
+    { 0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E },
+    { 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE },
+    { 0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E },
+    { 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE },
+    { 0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1 }
+};
+
+int mbedtls_des_key_check_weak(const unsigned char key[MBEDTLS_DES_KEY_SIZE])
+{
+    int i;
+
+    for (i = 0; i < WEAK_KEY_COUNT; i++) {
+        if (memcmp(weak_key_table[i], key, MBEDTLS_DES_KEY_SIZE) == 0) {
+            return 1;
+        }
+    }
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DES_SETKEY_ALT)
+void mbedtls_des_setkey(uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KEY_SIZE])
+{
+    int i;
+    uint32_t X, Y, T;
+
+    X = MBEDTLS_GET_UINT32_BE(key, 0);
+    Y = MBEDTLS_GET_UINT32_BE(key, 4);
+
+    /*
+     * Permuted Choice 1
+     */
+    T =  ((Y >>  4) ^ X) & 0x0F0F0F0F;  X ^= T; Y ^= (T <<  4);
+    T =  ((Y) ^ X) & 0x10101010;  X ^= T; Y ^= (T);
+
+    X =   (LHs[(X) & 0xF] << 3) | (LHs[(X >>  8) & 0xF] << 2)
+        | (LHs[(X >> 16) & 0xF] << 1) | (LHs[(X >> 24) & 0xF])
+        | (LHs[(X >>  5) & 0xF] << 7) | (LHs[(X >> 13) & 0xF] << 6)
+        | (LHs[(X >> 21) & 0xF] << 5) | (LHs[(X >> 29) & 0xF] << 4);
+
+    Y =   (RHs[(Y >>  1) & 0xF] << 3) | (RHs[(Y >>  9) & 0xF] << 2)
+        | (RHs[(Y >> 17) & 0xF] << 1) | (RHs[(Y >> 25) & 0xF])
+        | (RHs[(Y >>  4) & 0xF] << 7) | (RHs[(Y >> 12) & 0xF] << 6)
+        | (RHs[(Y >> 20) & 0xF] << 5) | (RHs[(Y >> 28) & 0xF] << 4);
+
+    X &= 0x0FFFFFFF;
+    Y &= 0x0FFFFFFF;
+
+    /*
+     * calculate subkeys
+     */
+    for (i = 0; i < 16; i++) {
+        if (i < 2 || i == 8 || i == 15) {
+            X = ((X <<  1) | (X >> 27)) & 0x0FFFFFFF;
+            Y = ((Y <<  1) | (Y >> 27)) & 0x0FFFFFFF;
+        } else {
+            X = ((X <<  2) | (X >> 26)) & 0x0FFFFFFF;
+            Y = ((Y <<  2) | (Y >> 26)) & 0x0FFFFFFF;
+        }
+
+        *SK++ =   ((X <<  4) & 0x24000000) | ((X << 28) & 0x10000000)
+                | ((X << 14) & 0x08000000) | ((X << 18) & 0x02080000)
+                | ((X <<  6) & 0x01000000) | ((X <<  9) & 0x00200000)
+                | ((X >>  1) & 0x00100000) | ((X << 10) & 0x00040000)
+                | ((X <<  2) & 0x00020000) | ((X >> 10) & 0x00010000)
+                | ((Y >> 13) & 0x00002000) | ((Y >>  4) & 0x00001000)
+                | ((Y <<  6) & 0x00000800) | ((Y >>  1) & 0x00000400)
+                | ((Y >> 14) & 0x00000200) | ((Y) & 0x00000100)
+                | ((Y >>  5) & 0x00000020) | ((Y >> 10) & 0x00000010)
+                | ((Y >>  3) & 0x00000008) | ((Y >> 18) & 0x00000004)
+                | ((Y >> 26) & 0x00000002) | ((Y >> 24) & 0x00000001);
+
+        *SK++ =   ((X << 15) & 0x20000000) | ((X << 17) & 0x10000000)
+                | ((X << 10) & 0x08000000) | ((X << 22) & 0x04000000)
+                | ((X >>  2) & 0x02000000) | ((X <<  1) & 0x01000000)
+                | ((X << 16) & 0x00200000) | ((X << 11) & 0x00100000)
+                | ((X <<  3) & 0x00080000) | ((X >>  6) & 0x00040000)
+                | ((X << 15) & 0x00020000) | ((X >>  4) & 0x00010000)
+                | ((Y >>  2) & 0x00002000) | ((Y <<  8) & 0x00001000)
+                | ((Y >> 14) & 0x00000808) | ((Y >>  9) & 0x00000400)
+                | ((Y) & 0x00000200) | ((Y <<  7) & 0x00000100)
+                | ((Y >>  7) & 0x00000020) | ((Y >>  3) & 0x00000011)
+                | ((Y <<  2) & 0x00000004) | ((Y >> 21) & 0x00000002);
+    }
+}
+#endif /* !MBEDTLS_DES_SETKEY_ALT */
+
+/*
+ * DES key schedule (56-bit, encryption)
+ */
+int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE])
+{
+    mbedtls_des_setkey(ctx->sk, key);
+
+    return 0;
+}
+
+/*
+ * DES key schedule (56-bit, decryption)
+ */
+int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE])
+{
+    int i;
+
+    mbedtls_des_setkey(ctx->sk, key);
+
+    for (i = 0; i < 16; i += 2) {
+        SWAP(ctx->sk[i], ctx->sk[30 - i]);
+        SWAP(ctx->sk[i + 1], ctx->sk[31 - i]);
+    }
+
+    return 0;
+}
+
+static void des3_set2key(uint32_t esk[96],
+                         uint32_t dsk[96],
+                         const unsigned char key[MBEDTLS_DES_KEY_SIZE*2])
+{
+    int i;
+
+    mbedtls_des_setkey(esk, key);
+    mbedtls_des_setkey(dsk + 32, key + 8);
+
+    for (i = 0; i < 32; i += 2) {
+        dsk[i] = esk[30 - i];
+        dsk[i +  1] = esk[31 - i];
+
+        esk[i + 32] = dsk[62 - i];
+        esk[i + 33] = dsk[63 - i];
+
+        esk[i + 64] = esk[i];
+        esk[i + 65] = esk[i + 1];
+
+        dsk[i + 64] = dsk[i];
+        dsk[i + 65] = dsk[i + 1];
+    }
+}
+
+/*
+ * Triple-DES key schedule (112-bit, encryption)
+ */
+int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx,
+                             const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2])
+{
+    uint32_t sk[96];
+
+    des3_set2key(ctx->sk, sk, key);
+    mbedtls_platform_zeroize(sk,  sizeof(sk));
+
+    return 0;
+}
+
+/*
+ * Triple-DES key schedule (112-bit, decryption)
+ */
+int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx,
+                             const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2])
+{
+    uint32_t sk[96];
+
+    des3_set2key(sk, ctx->sk, key);
+    mbedtls_platform_zeroize(sk,  sizeof(sk));
+
+    return 0;
+}
+
+static void des3_set3key(uint32_t esk[96],
+                         uint32_t dsk[96],
+                         const unsigned char key[24])
+{
+    int i;
+
+    mbedtls_des_setkey(esk, key);
+    mbedtls_des_setkey(dsk + 32, key +  8);
+    mbedtls_des_setkey(esk + 64, key + 16);
+
+    for (i = 0; i < 32; i += 2) {
+        dsk[i] = esk[94 - i];
+        dsk[i +  1] = esk[95 - i];
+
+        esk[i + 32] = dsk[62 - i];
+        esk[i + 33] = dsk[63 - i];
+
+        dsk[i + 64] = esk[30 - i];
+        dsk[i + 65] = esk[31 - i];
+    }
+}
+
+/*
+ * Triple-DES key schedule (168-bit, encryption)
+ */
+int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx,
+                             const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3])
+{
+    uint32_t sk[96];
+
+    des3_set3key(ctx->sk, sk, key);
+    mbedtls_platform_zeroize(sk,  sizeof(sk));
+
+    return 0;
+}
+
+/*
+ * Triple-DES key schedule (168-bit, decryption)
+ */
+int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx,
+                             const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3])
+{
+    uint32_t sk[96];
+
+    des3_set3key(sk, ctx->sk, key);
+    mbedtls_platform_zeroize(sk,  sizeof(sk));
+
+    return 0;
+}
+
+/*
+ * DES-ECB block encryption/decryption
+ */
+#if !defined(MBEDTLS_DES_CRYPT_ECB_ALT)
+int mbedtls_des_crypt_ecb(mbedtls_des_context *ctx,
+                          const unsigned char input[8],
+                          unsigned char output[8])
+{
+    int i;
+    uint32_t X, Y, T, *SK;
+
+    SK = ctx->sk;
+
+    X = MBEDTLS_GET_UINT32_BE(input, 0);
+    Y = MBEDTLS_GET_UINT32_BE(input, 4);
+
+    DES_IP(X, Y);
+
+    for (i = 0; i < 8; i++) {
+        DES_ROUND(Y, X);
+        DES_ROUND(X, Y);
+    }
+
+    DES_FP(Y, X);
+
+    MBEDTLS_PUT_UINT32_BE(Y, output, 0);
+    MBEDTLS_PUT_UINT32_BE(X, output, 4);
+
+    return 0;
+}
+#endif /* !MBEDTLS_DES_CRYPT_ECB_ALT */
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/*
+ * DES-CBC buffer encryption/decryption
+ */
+int mbedtls_des_crypt_cbc(mbedtls_des_context *ctx,
+                          int mode,
+                          size_t length,
+                          unsigned char iv[8],
+                          const unsigned char *input,
+                          unsigned char *output)
+{
+    int i;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char temp[8];
+
+    if (length % 8) {
+        return MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH;
+    }
+
+    if (mode == MBEDTLS_DES_ENCRYPT) {
+        while (length > 0) {
+            for (i = 0; i < 8; i++) {
+                output[i] = (unsigned char) (input[i] ^ iv[i]);
+            }
+
+            ret = mbedtls_des_crypt_ecb(ctx, output, output);
+            if (ret != 0) {
+                goto exit;
+            }
+            memcpy(iv, output, 8);
+
+            input  += 8;
+            output += 8;
+            length -= 8;
+        }
+    } else { /* MBEDTLS_DES_DECRYPT */
+        while (length > 0) {
+            memcpy(temp, input, 8);
+            ret = mbedtls_des_crypt_ecb(ctx, input, output);
+            if (ret != 0) {
+                goto exit;
+            }
+
+            for (i = 0; i < 8; i++) {
+                output[i] = (unsigned char) (output[i] ^ iv[i]);
+            }
+
+            memcpy(iv, temp, 8);
+
+            input  += 8;
+            output += 8;
+            length -= 8;
+        }
+    }
+    ret = 0;
+
+exit:
+    return ret;
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+/*
+ * 3DES-ECB block encryption/decryption
+ */
+#if !defined(MBEDTLS_DES3_CRYPT_ECB_ALT)
+int mbedtls_des3_crypt_ecb(mbedtls_des3_context *ctx,
+                           const unsigned char input[8],
+                           unsigned char output[8])
+{
+    int i;
+    uint32_t X, Y, T, *SK;
+
+    SK = ctx->sk;
+
+    X = MBEDTLS_GET_UINT32_BE(input, 0);
+    Y = MBEDTLS_GET_UINT32_BE(input, 4);
+
+    DES_IP(X, Y);
+
+    for (i = 0; i < 8; i++) {
+        DES_ROUND(Y, X);
+        DES_ROUND(X, Y);
+    }
+
+    for (i = 0; i < 8; i++) {
+        DES_ROUND(X, Y);
+        DES_ROUND(Y, X);
+    }
+
+    for (i = 0; i < 8; i++) {
+        DES_ROUND(Y, X);
+        DES_ROUND(X, Y);
+    }
+
+    DES_FP(Y, X);
+
+    MBEDTLS_PUT_UINT32_BE(Y, output, 0);
+    MBEDTLS_PUT_UINT32_BE(X, output, 4);
+
+    return 0;
+}
+#endif /* !MBEDTLS_DES3_CRYPT_ECB_ALT */
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/*
+ * 3DES-CBC buffer encryption/decryption
+ */
+int mbedtls_des3_crypt_cbc(mbedtls_des3_context *ctx,
+                           int mode,
+                           size_t length,
+                           unsigned char iv[8],
+                           const unsigned char *input,
+                           unsigned char *output)
+{
+    int i;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char temp[8];
+
+    if (length % 8) {
+        return MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH;
+    }
+
+    if (mode == MBEDTLS_DES_ENCRYPT) {
+        while (length > 0) {
+            for (i = 0; i < 8; i++) {
+                output[i] = (unsigned char) (input[i] ^ iv[i]);
+            }
+
+            ret = mbedtls_des3_crypt_ecb(ctx, output, output);
+            if (ret != 0) {
+                goto exit;
+            }
+            memcpy(iv, output, 8);
+
+            input  += 8;
+            output += 8;
+            length -= 8;
+        }
+    } else { /* MBEDTLS_DES_DECRYPT */
+        while (length > 0) {
+            memcpy(temp, input, 8);
+            ret = mbedtls_des3_crypt_ecb(ctx, input, output);
+            if (ret != 0) {
+                goto exit;
+            }
+
+            for (i = 0; i < 8; i++) {
+                output[i] = (unsigned char) (output[i] ^ iv[i]);
+            }
+
+            memcpy(iv, temp, 8);
+
+            input  += 8;
+            output += 8;
+            length -= 8;
+        }
+    }
+    ret = 0;
+
+exit:
+    return ret;
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#endif /* !MBEDTLS_DES_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+/*
+ * DES and 3DES test vectors from:
+ *
+ * http://csrc.nist.gov/groups/STM/cavp/documents/des/tripledes-vectors.zip
+ */
+static const unsigned char des3_test_keys[24] =
+{
+    0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+    0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01,
+    0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23
+};
+
+static const unsigned char des3_test_buf[8] =
+{
+    0x4E, 0x6F, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74
+};
+
+static const unsigned char des3_test_ecb_dec[3][8] =
+{
+    { 0x37, 0x2B, 0x98, 0xBF, 0x52, 0x65, 0xB0, 0x59 },
+    { 0xC2, 0x10, 0x19, 0x9C, 0x38, 0x5A, 0x65, 0xA1 },
+    { 0xA2, 0x70, 0x56, 0x68, 0x69, 0xE5, 0x15, 0x1D }
+};
+
+static const unsigned char des3_test_ecb_enc[3][8] =
+{
+    { 0x1C, 0xD5, 0x97, 0xEA, 0x84, 0x26, 0x73, 0xFB },
+    { 0xB3, 0x92, 0x4D, 0xF3, 0xC5, 0xB5, 0x42, 0x93 },
+    { 0xDA, 0x37, 0x64, 0x41, 0xBA, 0x6F, 0x62, 0x6F }
+};
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static const unsigned char des3_test_iv[8] =
+{
+    0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF,
+};
+
+static const unsigned char des3_test_cbc_dec[3][8] =
+{
+    { 0x58, 0xD9, 0x48, 0xEF, 0x85, 0x14, 0x65, 0x9A },
+    { 0x5F, 0xC8, 0x78, 0xD4, 0xD7, 0x92, 0xD9, 0x54 },
+    { 0x25, 0xF9, 0x75, 0x85, 0xA8, 0x1E, 0x48, 0xBF }
+};
+
+static const unsigned char des3_test_cbc_enc[3][8] =
+{
+    { 0x91, 0x1C, 0x6D, 0xCF, 0x48, 0xA7, 0xC3, 0x4D },
+    { 0x60, 0x1A, 0x76, 0x8F, 0xA1, 0xF9, 0x66, 0xF1 },
+    { 0xA1, 0x50, 0x0F, 0x99, 0xB2, 0xCD, 0x64, 0x76 }
+};
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+/*
+ * Checkup routine
+ */
+int mbedtls_des_self_test(int verbose)
+{
+    int i, j, u, v, ret = 0;
+    mbedtls_des_context ctx;
+    mbedtls_des3_context ctx3;
+    unsigned char buf[8];
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    unsigned char prv[8];
+    unsigned char iv[8];
+#endif
+
+    mbedtls_des_init(&ctx);
+    mbedtls_des3_init(&ctx3);
+    /*
+     * ECB mode
+     */
+    for (i = 0; i < 6; i++) {
+        u = i >> 1;
+        v = i  & 1;
+
+        if (verbose != 0) {
+            mbedtls_printf("  DES%c-ECB-%3d (%s): ",
+                           (u == 0) ? ' ' : '3', 56 + u * 56,
+                           (v == MBEDTLS_DES_DECRYPT) ? "dec" : "enc");
+        }
+
+        memcpy(buf, des3_test_buf, 8);
+
+        switch (i) {
+            case 0:
+                ret = mbedtls_des_setkey_dec(&ctx, des3_test_keys);
+                break;
+
+            case 1:
+                ret = mbedtls_des_setkey_enc(&ctx, des3_test_keys);
+                break;
+
+            case 2:
+                ret = mbedtls_des3_set2key_dec(&ctx3, des3_test_keys);
+                break;
+
+            case 3:
+                ret = mbedtls_des3_set2key_enc(&ctx3, des3_test_keys);
+                break;
+
+            case 4:
+                ret = mbedtls_des3_set3key_dec(&ctx3, des3_test_keys);
+                break;
+
+            case 5:
+                ret = mbedtls_des3_set3key_enc(&ctx3, des3_test_keys);
+                break;
+
+            default:
+                return 1;
+        }
+        if (ret != 0) {
+            goto exit;
+        }
+
+        for (j = 0; j < 100; j++) {
+            if (u == 0) {
+                ret = mbedtls_des_crypt_ecb(&ctx, buf, buf);
+            } else {
+                ret = mbedtls_des3_crypt_ecb(&ctx3, buf, buf);
+            }
+            if (ret != 0) {
+                goto exit;
+            }
+        }
+
+        if ((v == MBEDTLS_DES_DECRYPT &&
+             memcmp(buf, des3_test_ecb_dec[u], 8) != 0) ||
+            (v != MBEDTLS_DES_DECRYPT &&
+             memcmp(buf, des3_test_ecb_enc[u], 8) != 0)) {
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
+
+            ret = 1;
+            goto exit;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    /*
+     * CBC mode
+     */
+    for (i = 0; i < 6; i++) {
+        u = i >> 1;
+        v = i  & 1;
+
+        if (verbose != 0) {
+            mbedtls_printf("  DES%c-CBC-%3d (%s): ",
+                           (u == 0) ? ' ' : '3', 56 + u * 56,
+                           (v == MBEDTLS_DES_DECRYPT) ? "dec" : "enc");
+        }
+
+        memcpy(iv,  des3_test_iv,  8);
+        memcpy(prv, des3_test_iv,  8);
+        memcpy(buf, des3_test_buf, 8);
+
+        switch (i) {
+            case 0:
+                ret = mbedtls_des_setkey_dec(&ctx, des3_test_keys);
+                break;
+
+            case 1:
+                ret = mbedtls_des_setkey_enc(&ctx, des3_test_keys);
+                break;
+
+            case 2:
+                ret = mbedtls_des3_set2key_dec(&ctx3, des3_test_keys);
+                break;
+
+            case 3:
+                ret = mbedtls_des3_set2key_enc(&ctx3, des3_test_keys);
+                break;
+
+            case 4:
+                ret = mbedtls_des3_set3key_dec(&ctx3, des3_test_keys);
+                break;
+
+            case 5:
+                ret = mbedtls_des3_set3key_enc(&ctx3, des3_test_keys);
+                break;
+
+            default:
+                return 1;
+        }
+        if (ret != 0) {
+            goto exit;
+        }
+
+        if (v == MBEDTLS_DES_DECRYPT) {
+            for (j = 0; j < 100; j++) {
+                if (u == 0) {
+                    ret = mbedtls_des_crypt_cbc(&ctx, v, 8, iv, buf, buf);
+                } else {
+                    ret = mbedtls_des3_crypt_cbc(&ctx3, v, 8, iv, buf, buf);
+                }
+                if (ret != 0) {
+                    goto exit;
+                }
+            }
+        } else {
+            for (j = 0; j < 100; j++) {
+                unsigned char tmp[8];
+
+                if (u == 0) {
+                    ret = mbedtls_des_crypt_cbc(&ctx, v, 8, iv, buf, buf);
+                } else {
+                    ret = mbedtls_des3_crypt_cbc(&ctx3, v, 8, iv, buf, buf);
+                }
+                if (ret != 0) {
+                    goto exit;
+                }
+
+                memcpy(tmp, prv, 8);
+                memcpy(prv, buf, 8);
+                memcpy(buf, tmp, 8);
+            }
+
+            memcpy(buf, prv, 8);
+        }
+
+        if ((v == MBEDTLS_DES_DECRYPT &&
+             memcmp(buf, des3_test_cbc_dec[u], 8) != 0) ||
+            (v != MBEDTLS_DES_DECRYPT &&
+             memcmp(buf, des3_test_cbc_enc[u], 8) != 0)) {
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
+
+            ret = 1;
+            goto exit;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+exit:
+    mbedtls_des_free(&ctx);
+    mbedtls_des3_free(&ctx3);
+
+    if (ret != 0) {
+        ret = 1;
+    }
+    return ret;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_DES_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/dhm.c b/3rdparty/mbedtls-2.28.7/library/dhm.c
new file mode 100644
index 0000000..1a41b91
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/dhm.c
@@ -0,0 +1,711 @@
+/*
+ *  Diffie-Hellman-Merkle key exchange
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  The following sources were referenced in the design of this implementation
+ *  of the Diffie-Hellman-Merkle algorithm:
+ *
+ *  [1] Handbook of Applied Cryptography - 1997, Chapter 12
+ *      Menezes, van Oorschot and Vanstone
+ *
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_DHM_C)
+
+#include "mbedtls/dhm.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+#include "mbedtls/pem.h"
+#endif
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+#include "mbedtls/asn1.h"
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_DHM_ALT)
+
+#define DHM_VALIDATE_RET(cond)    \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_DHM_BAD_INPUT_DATA)
+#define DHM_VALIDATE(cond)        \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+/*
+ * helper to validate the mbedtls_mpi size and import it
+ */
+static int dhm_read_bignum(mbedtls_mpi *X,
+                           unsigned char **p,
+                           const unsigned char *end)
+{
+    int ret, n;
+
+    if (end - *p < 2) {
+        return MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
+    }
+
+    n = ((*p)[0] << 8) | (*p)[1];
+    (*p) += 2;
+
+    if ((int) (end - *p) < n) {
+        return MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
+    }
+
+    if ((ret = mbedtls_mpi_read_binary(X, *p, n)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_READ_PARAMS_FAILED, ret);
+    }
+
+    (*p) += n;
+
+    return 0;
+}
+
+/*
+ * Verify sanity of parameter with regards to P
+ *
+ * Parameter should be: 2 <= public_param <= P - 2
+ *
+ * This means that we need to return an error if
+ *              public_param < 2 or public_param > P-2
+ *
+ * For more information on the attack, see:
+ *  http://www.cl.cam.ac.uk/~rja14/Papers/psandqs.pdf
+ *  http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2643
+ */
+static int dhm_check_range(const mbedtls_mpi *param, const mbedtls_mpi *P)
+{
+    mbedtls_mpi U;
+    int ret = 0;
+
+    mbedtls_mpi_init(&U);
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&U, P, 2));
+
+    if (mbedtls_mpi_cmp_int(param, 2) < 0 ||
+        mbedtls_mpi_cmp_mpi(param, &U) > 0) {
+        ret = MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
+    }
+
+cleanup:
+    mbedtls_mpi_free(&U);
+    return ret;
+}
+
+void mbedtls_dhm_init(mbedtls_dhm_context *ctx)
+{
+    DHM_VALIDATE(ctx != NULL);
+    memset(ctx, 0, sizeof(mbedtls_dhm_context));
+}
+
+/*
+ * Parse the ServerKeyExchange parameters
+ */
+int mbedtls_dhm_read_params(mbedtls_dhm_context *ctx,
+                            unsigned char **p,
+                            const unsigned char *end)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    DHM_VALIDATE_RET(ctx != NULL);
+    DHM_VALIDATE_RET(p != NULL && *p != NULL);
+    DHM_VALIDATE_RET(end != NULL);
+
+    if ((ret = dhm_read_bignum(&ctx->P,  p, end)) != 0 ||
+        (ret = dhm_read_bignum(&ctx->G,  p, end)) != 0 ||
+        (ret = dhm_read_bignum(&ctx->GY, p, end)) != 0) {
+        return ret;
+    }
+
+    if ((ret = dhm_check_range(&ctx->GY, &ctx->P)) != 0) {
+        return ret;
+    }
+
+    ctx->len = mbedtls_mpi_size(&ctx->P);
+
+    return 0;
+}
+
+/*
+ * Pick a random R in the range [2, M-2] for blinding or key generation.
+ */
+static int dhm_random_below(mbedtls_mpi *R, const mbedtls_mpi *M,
+                            int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+    int ret;
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_random(R, 3, M, f_rng, p_rng));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(R, R, 1));
+
+cleanup:
+    return ret;
+}
+
+static int dhm_make_common(mbedtls_dhm_context *ctx, int x_size,
+                           int (*f_rng)(void *, unsigned char *, size_t),
+                           void *p_rng)
+{
+    int ret = 0;
+
+    if (mbedtls_mpi_cmp_int(&ctx->P, 0) == 0) {
+        return MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
+    }
+    if (x_size < 0) {
+        return MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
+    }
+
+    if ((unsigned) x_size < mbedtls_mpi_size(&ctx->P)) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&ctx->X, x_size, f_rng, p_rng));
+    } else {
+        /* Generate X as large as possible ( <= P - 2 ) */
+        ret = dhm_random_below(&ctx->X, &ctx->P, f_rng, p_rng);
+        if (ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) {
+            return MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED;
+        }
+        if (ret != 0) {
+            return ret;
+        }
+    }
+
+    /*
+     * Calculate GX = G^X mod P
+     */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&ctx->GX, &ctx->G, &ctx->X,
+                                        &ctx->P, &ctx->RP));
+
+    if ((ret = dhm_check_range(&ctx->GX, &ctx->P)) != 0) {
+        return ret;
+    }
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Setup and write the ServerKeyExchange parameters
+ */
+int mbedtls_dhm_make_params(mbedtls_dhm_context *ctx, int x_size,
+                            unsigned char *output, size_t *olen,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng)
+{
+    int ret;
+    size_t n1, n2, n3;
+    unsigned char *p;
+    DHM_VALIDATE_RET(ctx != NULL);
+    DHM_VALIDATE_RET(output != NULL);
+    DHM_VALIDATE_RET(olen != NULL);
+    DHM_VALIDATE_RET(f_rng != NULL);
+
+    ret = dhm_make_common(ctx, x_size, f_rng, p_rng);
+    if (ret != 0) {
+        goto cleanup;
+    }
+
+    /*
+     * Export P, G, GX. RFC 5246 §4.4 states that "leading zero octets are
+     * not required". We omit leading zeros for compactness.
+     */
+#define DHM_MPI_EXPORT(X, n)                                          \
+    do {                                                                \
+        MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary((X),               \
+                                                 p + 2,               \
+                                                 (n)));           \
+        *p++ = MBEDTLS_BYTE_1(n);                                     \
+        *p++ = MBEDTLS_BYTE_0(n);                                     \
+        p += (n);                                                     \
+    } while (0)
+
+    n1 = mbedtls_mpi_size(&ctx->P);
+    n2 = mbedtls_mpi_size(&ctx->G);
+    n3 = mbedtls_mpi_size(&ctx->GX);
+
+    p = output;
+    DHM_MPI_EXPORT(&ctx->P, n1);
+    DHM_MPI_EXPORT(&ctx->G, n2);
+    DHM_MPI_EXPORT(&ctx->GX, n3);
+
+    *olen = p - output;
+
+    ctx->len = n1;
+
+cleanup:
+    if (ret != 0 && ret > -128) {
+        ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED, ret);
+    }
+    return ret;
+}
+
+/*
+ * Set prime modulus and generator
+ */
+int mbedtls_dhm_set_group(mbedtls_dhm_context *ctx,
+                          const mbedtls_mpi *P,
+                          const mbedtls_mpi *G)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    DHM_VALIDATE_RET(ctx != NULL);
+    DHM_VALIDATE_RET(P != NULL);
+    DHM_VALIDATE_RET(G != NULL);
+
+    if ((ret = mbedtls_mpi_copy(&ctx->P, P)) != 0 ||
+        (ret = mbedtls_mpi_copy(&ctx->G, G)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_SET_GROUP_FAILED, ret);
+    }
+
+    ctx->len = mbedtls_mpi_size(&ctx->P);
+    return 0;
+}
+
+/*
+ * Import the peer's public value G^Y
+ */
+int mbedtls_dhm_read_public(mbedtls_dhm_context *ctx,
+                            const unsigned char *input, size_t ilen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    DHM_VALIDATE_RET(ctx != NULL);
+    DHM_VALIDATE_RET(input != NULL);
+
+    if (ilen < 1 || ilen > ctx->len) {
+        return MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
+    }
+
+    if ((ret = mbedtls_mpi_read_binary(&ctx->GY, input, ilen)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED, ret);
+    }
+
+    return 0;
+}
+
+/*
+ * Create own private value X and export G^X
+ */
+int mbedtls_dhm_make_public(mbedtls_dhm_context *ctx, int x_size,
+                            unsigned char *output, size_t olen,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng)
+{
+    int ret;
+    DHM_VALIDATE_RET(ctx != NULL);
+    DHM_VALIDATE_RET(output != NULL);
+    DHM_VALIDATE_RET(f_rng != NULL);
+
+    if (olen < 1 || olen > ctx->len) {
+        return MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
+    }
+
+    ret = dhm_make_common(ctx, x_size, f_rng, p_rng);
+    if (ret == MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED) {
+        return MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED;
+    }
+    if (ret != 0) {
+        goto cleanup;
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->GX, output, olen));
+
+cleanup:
+    if (ret != 0 && ret > -128) {
+        ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED, ret);
+    }
+    return ret;
+}
+
+
+/*
+ * Use the blinding method and optimisation suggested in section 10 of:
+ *  KOCHER, Paul C. Timing attacks on implementations of Diffie-Hellman, RSA,
+ *  DSS, and other systems. In : Advances in Cryptology-CRYPTO'96. Springer
+ *  Berlin Heidelberg, 1996. p. 104-113.
+ */
+static int dhm_update_blinding(mbedtls_dhm_context *ctx,
+                               int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+    int ret;
+    mbedtls_mpi R;
+
+    mbedtls_mpi_init(&R);
+
+    /*
+     * Don't use any blinding the first time a particular X is used,
+     * but remember it to use blinding next time.
+     */
+    if (mbedtls_mpi_cmp_mpi(&ctx->X, &ctx->pX) != 0) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&ctx->pX, &ctx->X));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&ctx->Vi, 1));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&ctx->Vf, 1));
+
+        return 0;
+    }
+
+    /*
+     * Ok, we need blinding. Can we re-use existing values?
+     * If yes, just update them by squaring them.
+     */
+    if (mbedtls_mpi_cmp_int(&ctx->Vi, 1) != 0) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vi, &ctx->Vi, &ctx->Vi));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vi, &ctx->Vi, &ctx->P));
+
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vf, &ctx->Vf, &ctx->Vf));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vf, &ctx->Vf, &ctx->P));
+
+        return 0;
+    }
+
+    /*
+     * We need to generate blinding values from scratch
+     */
+
+    /* Vi = random( 2, P-2 ) */
+    MBEDTLS_MPI_CHK(dhm_random_below(&ctx->Vi, &ctx->P, f_rng, p_rng));
+
+    /* Vf = Vi^-X mod P
+     * First compute Vi^-1 = R * (R Vi)^-1, (avoiding leaks from inv_mod),
+     * then elevate to the Xth power. */
+    MBEDTLS_MPI_CHK(dhm_random_below(&R, &ctx->P, f_rng, p_rng));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vf, &ctx->Vi, &R));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vf, &ctx->Vf, &ctx->P));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&ctx->Vf, &ctx->Vf, &ctx->P));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vf, &ctx->Vf, &R));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vf, &ctx->Vf, &ctx->P));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&ctx->Vf, &ctx->Vf, &ctx->X, &ctx->P, &ctx->RP));
+
+cleanup:
+    mbedtls_mpi_free(&R);
+
+    return ret;
+}
+
+/*
+ * Derive and export the shared secret (G^Y)^X mod P
+ */
+int mbedtls_dhm_calc_secret(mbedtls_dhm_context *ctx,
+                            unsigned char *output, size_t output_size, size_t *olen,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_mpi GYb;
+    DHM_VALIDATE_RET(ctx != NULL);
+    DHM_VALIDATE_RET(output != NULL);
+    DHM_VALIDATE_RET(olen != NULL);
+
+    if (output_size < ctx->len) {
+        return MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
+    }
+
+    if ((ret = dhm_check_range(&ctx->GY, &ctx->P)) != 0) {
+        return ret;
+    }
+
+    mbedtls_mpi_init(&GYb);
+
+    /* Blind peer's value */
+    if (f_rng != NULL) {
+        MBEDTLS_MPI_CHK(dhm_update_blinding(ctx, f_rng, p_rng));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&GYb, &ctx->GY, &ctx->Vi));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&GYb, &GYb, &ctx->P));
+    } else {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&GYb, &ctx->GY));
+    }
+
+    /* Do modular exponentiation */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&ctx->K, &GYb, &ctx->X,
+                                        &ctx->P, &ctx->RP));
+
+    /* Unblind secret value */
+    if (f_rng != NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->K, &ctx->K, &ctx->Vf));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->K, &ctx->K, &ctx->P));
+    }
+
+    /* Output the secret without any leading zero byte. This is mandatory
+     * for TLS per RFC 5246 §8.1.2. */
+    *olen = mbedtls_mpi_size(&ctx->K);
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->K, output, *olen));
+
+cleanup:
+    mbedtls_mpi_free(&GYb);
+
+    if (ret != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_CALC_SECRET_FAILED, ret);
+    }
+
+    return 0;
+}
+
+/*
+ * Free the components of a DHM key
+ */
+void mbedtls_dhm_free(mbedtls_dhm_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_mpi_free(&ctx->pX);
+    mbedtls_mpi_free(&ctx->Vf);
+    mbedtls_mpi_free(&ctx->Vi);
+    mbedtls_mpi_free(&ctx->RP);
+    mbedtls_mpi_free(&ctx->K);
+    mbedtls_mpi_free(&ctx->GY);
+    mbedtls_mpi_free(&ctx->GX);
+    mbedtls_mpi_free(&ctx->X);
+    mbedtls_mpi_free(&ctx->G);
+    mbedtls_mpi_free(&ctx->P);
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_dhm_context));
+}
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+/*
+ * Parse DHM parameters
+ */
+int mbedtls_dhm_parse_dhm(mbedtls_dhm_context *dhm, const unsigned char *dhmin,
+                          size_t dhminlen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+    unsigned char *p, *end;
+#if defined(MBEDTLS_PEM_PARSE_C)
+    mbedtls_pem_context pem;
+#endif /* MBEDTLS_PEM_PARSE_C */
+
+    DHM_VALIDATE_RET(dhm != NULL);
+    DHM_VALIDATE_RET(dhmin != NULL);
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+    mbedtls_pem_init(&pem);
+
+    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
+    if (dhminlen == 0 || dhmin[dhminlen - 1] != '\0') {
+        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
+    } else {
+        ret = mbedtls_pem_read_buffer(&pem,
+                                      "-----BEGIN DH PARAMETERS-----",
+                                      "-----END DH PARAMETERS-----",
+                                      dhmin, NULL, 0, &dhminlen);
+    }
+
+    if (ret == 0) {
+        /*
+         * Was PEM encoded
+         */
+        dhminlen = pem.buflen;
+    } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) {
+        goto exit;
+    }
+
+    p = (ret == 0) ? pem.buf : (unsigned char *) dhmin;
+#else
+    p = (unsigned char *) dhmin;
+#endif /* MBEDTLS_PEM_PARSE_C */
+    end = p + dhminlen;
+
+    /*
+     *  DHParams ::= SEQUENCE {
+     *      prime              INTEGER,  -- P
+     *      generator          INTEGER,  -- g
+     *      privateValueLength INTEGER OPTIONAL
+     *  }
+     */
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_INVALID_FORMAT, ret);
+        goto exit;
+    }
+
+    end = p + len;
+
+    if ((ret = mbedtls_asn1_get_mpi(&p, end, &dhm->P)) != 0 ||
+        (ret = mbedtls_asn1_get_mpi(&p, end, &dhm->G)) != 0) {
+        ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_INVALID_FORMAT, ret);
+        goto exit;
+    }
+
+    if (p != end) {
+        /* This might be the optional privateValueLength.
+         * If so, we can cleanly discard it */
+        mbedtls_mpi rec;
+        mbedtls_mpi_init(&rec);
+        ret = mbedtls_asn1_get_mpi(&p, end, &rec);
+        mbedtls_mpi_free(&rec);
+        if (ret != 0) {
+            ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_INVALID_FORMAT, ret);
+            goto exit;
+        }
+        if (p != end) {
+            ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_INVALID_FORMAT,
+                                    MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+            goto exit;
+        }
+    }
+
+    ret = 0;
+
+    dhm->len = mbedtls_mpi_size(&dhm->P);
+
+exit:
+#if defined(MBEDTLS_PEM_PARSE_C)
+    mbedtls_pem_free(&pem);
+#endif
+    if (ret != 0) {
+        mbedtls_dhm_free(dhm);
+    }
+
+    return ret;
+}
+
+#if defined(MBEDTLS_FS_IO)
+/*
+ * Load all data from a file into a given buffer.
+ *
+ * The file is expected to contain either PEM or DER encoded data.
+ * A terminating null byte is always appended. It is included in the announced
+ * length only if the data looks like it is PEM encoded.
+ */
+static int load_file(const char *path, unsigned char **buf, size_t *n)
+{
+    FILE *f;
+    long size;
+
+    if ((f = fopen(path, "rb")) == NULL) {
+        return MBEDTLS_ERR_DHM_FILE_IO_ERROR;
+    }
+
+    fseek(f, 0, SEEK_END);
+    if ((size = ftell(f)) == -1) {
+        fclose(f);
+        return MBEDTLS_ERR_DHM_FILE_IO_ERROR;
+    }
+    fseek(f, 0, SEEK_SET);
+
+    *n = (size_t) size;
+
+    if (*n + 1 == 0 ||
+        (*buf = mbedtls_calloc(1, *n + 1)) == NULL) {
+        fclose(f);
+        return MBEDTLS_ERR_DHM_ALLOC_FAILED;
+    }
+
+    if (fread(*buf, 1, *n, f) != *n) {
+        fclose(f);
+
+        mbedtls_platform_zeroize(*buf, *n + 1);
+        mbedtls_free(*buf);
+
+        return MBEDTLS_ERR_DHM_FILE_IO_ERROR;
+    }
+
+    fclose(f);
+
+    (*buf)[*n] = '\0';
+
+    if (strstr((const char *) *buf, "-----BEGIN ") != NULL) {
+        ++*n;
+    }
+
+    return 0;
+}
+
+/*
+ * Load and parse DHM parameters
+ */
+int mbedtls_dhm_parse_dhmfile(mbedtls_dhm_context *dhm, const char *path)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t n;
+    unsigned char *buf;
+    DHM_VALIDATE_RET(dhm != NULL);
+    DHM_VALIDATE_RET(path != NULL);
+
+    if ((ret = load_file(path, &buf, &n)) != 0) {
+        return ret;
+    }
+
+    ret = mbedtls_dhm_parse_dhm(dhm, buf, n);
+
+    mbedtls_platform_zeroize(buf, n);
+    mbedtls_free(buf);
+
+    return ret;
+}
+#endif /* MBEDTLS_FS_IO */
+#endif /* MBEDTLS_ASN1_PARSE_C */
+#endif /* MBEDTLS_DHM_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+static const char mbedtls_test_dhm_params[] =
+    "-----BEGIN DH PARAMETERS-----\r\n"
+    "MIGHAoGBAJ419DBEOgmQTzo5qXl5fQcN9TN455wkOL7052HzxxRVMyhYmwQcgJvh\r\n"
+    "1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32\r\n"
+    "9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC\r\n"
+    "-----END DH PARAMETERS-----\r\n";
+#else /* MBEDTLS_PEM_PARSE_C */
+static const char mbedtls_test_dhm_params[] = {
+    0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0x9e, 0x35, 0xf4, 0x30, 0x44,
+    0x3a, 0x09, 0x90, 0x4f, 0x3a, 0x39, 0xa9, 0x79, 0x79, 0x7d, 0x07, 0x0d,
+    0xf5, 0x33, 0x78, 0xe7, 0x9c, 0x24, 0x38, 0xbe, 0xf4, 0xe7, 0x61, 0xf3,
+    0xc7, 0x14, 0x55, 0x33, 0x28, 0x58, 0x9b, 0x04, 0x1c, 0x80, 0x9b, 0xe1,
+    0xd6, 0xc6, 0xb5, 0xf1, 0xfc, 0x9f, 0x47, 0xd3, 0xa2, 0x54, 0x43, 0x18,
+    0x82, 0x53, 0xa9, 0x92, 0xa5, 0x68, 0x18, 0xb3, 0x7b, 0xa9, 0xde, 0x5a,
+    0x40, 0xd3, 0x62, 0xe5, 0x6e, 0xff, 0x0b, 0xe5, 0x41, 0x74, 0x74, 0xc1,
+    0x25, 0xc1, 0x99, 0x27, 0x2c, 0x8f, 0xe4, 0x1d, 0xea, 0x73, 0x3d, 0xf6,
+    0xf6, 0x62, 0xc9, 0x2a, 0xe7, 0x65, 0x56, 0xe7, 0x55, 0xd1, 0x0c, 0x64,
+    0xe6, 0xa5, 0x09, 0x68, 0xf6, 0x7f, 0xc6, 0xea, 0x73, 0xd0, 0xdc, 0xa8,
+    0x56, 0x9b, 0xe2, 0xba, 0x20, 0x4e, 0x23, 0x58, 0x0d, 0x8b, 0xca, 0x2f,
+    0x49, 0x75, 0xb3, 0x02, 0x01, 0x02
+};
+#endif /* MBEDTLS_PEM_PARSE_C */
+
+static const size_t mbedtls_test_dhm_params_len = sizeof(mbedtls_test_dhm_params);
+
+/*
+ * Checkup routine
+ */
+int mbedtls_dhm_self_test(int verbose)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_dhm_context dhm;
+
+    mbedtls_dhm_init(&dhm);
+
+    if (verbose != 0) {
+        mbedtls_printf("  DHM parameter load: ");
+    }
+
+    if ((ret = mbedtls_dhm_parse_dhm(&dhm,
+                                     (const unsigned char *) mbedtls_test_dhm_params,
+                                     mbedtls_test_dhm_params_len)) != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
+
+        ret = 1;
+        goto exit;
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n\n");
+    }
+
+exit:
+    mbedtls_dhm_free(&dhm);
+
+    return ret;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_DHM_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/ecdh.c b/3rdparty/mbedtls-2.28.7/library/ecdh.c
new file mode 100644
index 0000000..29a732a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/ecdh.c
@@ -0,0 +1,729 @@
+/*
+ *  Elliptic curve Diffie-Hellman
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ * References:
+ *
+ * SEC1 https://www.secg.org/sec1-v2.pdf
+ * RFC 4492
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_ECDH_C)
+
+#include "mbedtls/ecdh.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+/* Parameter validation macros based on platform_util.h */
+#define ECDH_VALIDATE_RET(cond)    \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA)
+#define ECDH_VALIDATE(cond)        \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
+typedef mbedtls_ecdh_context mbedtls_ecdh_context_mbed;
+#endif
+
+static mbedtls_ecp_group_id mbedtls_ecdh_grp_id(
+    const mbedtls_ecdh_context *ctx)
+{
+#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
+    return ctx->grp.id;
+#else
+    return ctx->grp_id;
+#endif
+}
+
+int mbedtls_ecdh_can_do(mbedtls_ecp_group_id gid)
+{
+    /* At this time, all groups support ECDH. */
+    (void) gid;
+    return 1;
+}
+
+#if !defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT)
+/*
+ * Generate public key (restartable version)
+ *
+ * Note: this internal function relies on its caller preserving the value of
+ * the output parameter 'd' across continuation calls. This would not be
+ * acceptable for a public function but is OK here as we control call sites.
+ */
+static int ecdh_gen_public_restartable(mbedtls_ecp_group *grp,
+                                       mbedtls_mpi *d, mbedtls_ecp_point *Q,
+                                       int (*f_rng)(void *, unsigned char *, size_t),
+                                       void *p_rng,
+                                       mbedtls_ecp_restart_ctx *rs_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    int restarting = 0;
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    restarting = (rs_ctx != NULL && rs_ctx->rsm != NULL);
+#endif
+    /* If multiplication is in progress, we already generated a privkey */
+    if (!restarting) {
+        MBEDTLS_MPI_CHK(mbedtls_ecp_gen_privkey(grp, d, f_rng, p_rng));
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_ecp_mul_restartable(grp, Q, d, &grp->G,
+                                                f_rng, p_rng, rs_ctx));
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Generate public key
+ */
+int mbedtls_ecdh_gen_public(mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng)
+{
+    ECDH_VALIDATE_RET(grp != NULL);
+    ECDH_VALIDATE_RET(d != NULL);
+    ECDH_VALIDATE_RET(Q != NULL);
+    ECDH_VALIDATE_RET(f_rng != NULL);
+    return ecdh_gen_public_restartable(grp, d, Q, f_rng, p_rng, NULL);
+}
+#endif /* !MBEDTLS_ECDH_GEN_PUBLIC_ALT */
+
+#if !defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT)
+/*
+ * Compute shared secret (SEC1 3.3.1)
+ */
+static int ecdh_compute_shared_restartable(mbedtls_ecp_group *grp,
+                                           mbedtls_mpi *z,
+                                           const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
+                                           int (*f_rng)(void *, unsigned char *, size_t),
+                                           void *p_rng,
+                                           mbedtls_ecp_restart_ctx *rs_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ecp_point P;
+
+    mbedtls_ecp_point_init(&P);
+
+    MBEDTLS_MPI_CHK(mbedtls_ecp_mul_restartable(grp, &P, d, Q,
+                                                f_rng, p_rng, rs_ctx));
+
+    if (mbedtls_ecp_is_zero(&P)) {
+        ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(z, &P.X));
+
+cleanup:
+    mbedtls_ecp_point_free(&P);
+
+    return ret;
+}
+
+/*
+ * Compute shared secret (SEC1 3.3.1)
+ */
+int mbedtls_ecdh_compute_shared(mbedtls_ecp_group *grp, mbedtls_mpi *z,
+                                const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
+                                int (*f_rng)(void *, unsigned char *, size_t),
+                                void *p_rng)
+{
+    ECDH_VALIDATE_RET(grp != NULL);
+    ECDH_VALIDATE_RET(Q != NULL);
+    ECDH_VALIDATE_RET(d != NULL);
+    ECDH_VALIDATE_RET(z != NULL);
+    return ecdh_compute_shared_restartable(grp, z, Q, d,
+                                           f_rng, p_rng, NULL);
+}
+#endif /* !MBEDTLS_ECDH_COMPUTE_SHARED_ALT */
+
+static void ecdh_init_internal(mbedtls_ecdh_context_mbed *ctx)
+{
+    mbedtls_ecp_group_init(&ctx->grp);
+    mbedtls_mpi_init(&ctx->d);
+    mbedtls_ecp_point_init(&ctx->Q);
+    mbedtls_ecp_point_init(&ctx->Qp);
+    mbedtls_mpi_init(&ctx->z);
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    mbedtls_ecp_restart_init(&ctx->rs);
+#endif
+}
+
+/*
+ * Initialize context
+ */
+void mbedtls_ecdh_init(mbedtls_ecdh_context *ctx)
+{
+    ECDH_VALIDATE(ctx != NULL);
+
+#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
+    ecdh_init_internal(ctx);
+    mbedtls_ecp_point_init(&ctx->Vi);
+    mbedtls_ecp_point_init(&ctx->Vf);
+    mbedtls_mpi_init(&ctx->_d);
+#else
+    memset(ctx, 0, sizeof(mbedtls_ecdh_context));
+
+    ctx->var = MBEDTLS_ECDH_VARIANT_NONE;
+#endif
+    ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED;
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    ctx->restart_enabled = 0;
+#endif
+}
+
+static int ecdh_setup_internal(mbedtls_ecdh_context_mbed *ctx,
+                               mbedtls_ecp_group_id grp_id)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    ret = mbedtls_ecp_group_load(&ctx->grp, grp_id);
+    if (ret != 0) {
+        return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+    }
+
+    return 0;
+}
+
+/*
+ * Setup context
+ */
+int mbedtls_ecdh_setup(mbedtls_ecdh_context *ctx, mbedtls_ecp_group_id grp_id)
+{
+    ECDH_VALIDATE_RET(ctx != NULL);
+
+#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
+    return ecdh_setup_internal(ctx, grp_id);
+#else
+    switch (grp_id) {
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+        case MBEDTLS_ECP_DP_CURVE25519:
+            ctx->point_format = MBEDTLS_ECP_PF_COMPRESSED;
+            ctx->var = MBEDTLS_ECDH_VARIANT_EVEREST;
+            ctx->grp_id = grp_id;
+            return mbedtls_everest_setup(&ctx->ctx.everest_ecdh, grp_id);
+#endif
+        default:
+            ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED;
+            ctx->var = MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0;
+            ctx->grp_id = grp_id;
+            ecdh_init_internal(&ctx->ctx.mbed_ecdh);
+            return ecdh_setup_internal(&ctx->ctx.mbed_ecdh, grp_id);
+    }
+#endif
+}
+
+static void ecdh_free_internal(mbedtls_ecdh_context_mbed *ctx)
+{
+    mbedtls_ecp_group_free(&ctx->grp);
+    mbedtls_mpi_free(&ctx->d);
+    mbedtls_ecp_point_free(&ctx->Q);
+    mbedtls_ecp_point_free(&ctx->Qp);
+    mbedtls_mpi_free(&ctx->z);
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    mbedtls_ecp_restart_free(&ctx->rs);
+#endif
+}
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+/*
+ * Enable restartable operations for context
+ */
+void mbedtls_ecdh_enable_restart(mbedtls_ecdh_context *ctx)
+{
+    ECDH_VALIDATE(ctx != NULL);
+
+    ctx->restart_enabled = 1;
+}
+#endif
+
+/*
+ * Free context
+ */
+void mbedtls_ecdh_free(mbedtls_ecdh_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
+    mbedtls_ecp_point_free(&ctx->Vi);
+    mbedtls_ecp_point_free(&ctx->Vf);
+    mbedtls_mpi_free(&ctx->_d);
+    ecdh_free_internal(ctx);
+#else
+    switch (ctx->var) {
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+        case MBEDTLS_ECDH_VARIANT_EVEREST:
+            mbedtls_everest_free(&ctx->ctx.everest_ecdh);
+            break;
+#endif
+        case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
+            ecdh_free_internal(&ctx->ctx.mbed_ecdh);
+            break;
+        default:
+            break;
+    }
+
+    ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED;
+    ctx->var = MBEDTLS_ECDH_VARIANT_NONE;
+    ctx->grp_id = MBEDTLS_ECP_DP_NONE;
+#endif
+}
+
+static int ecdh_make_params_internal(mbedtls_ecdh_context_mbed *ctx,
+                                     size_t *olen, int point_format,
+                                     unsigned char *buf, size_t blen,
+                                     int (*f_rng)(void *,
+                                                  unsigned char *,
+                                                  size_t),
+                                     void *p_rng,
+                                     int restart_enabled)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t grp_len, pt_len;
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    mbedtls_ecp_restart_ctx *rs_ctx = NULL;
+#endif
+
+    if (ctx->grp.pbits == 0) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (restart_enabled) {
+        rs_ctx = &ctx->rs;
+    }
+#else
+    (void) restart_enabled;
+#endif
+
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if ((ret = ecdh_gen_public_restartable(&ctx->grp, &ctx->d, &ctx->Q,
+                                           f_rng, p_rng, rs_ctx)) != 0) {
+        return ret;
+    }
+#else
+    if ((ret = mbedtls_ecdh_gen_public(&ctx->grp, &ctx->d, &ctx->Q,
+                                       f_rng, p_rng)) != 0) {
+        return ret;
+    }
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+    if ((ret = mbedtls_ecp_tls_write_group(&ctx->grp, &grp_len, buf,
+                                           blen)) != 0) {
+        return ret;
+    }
+
+    buf += grp_len;
+    blen -= grp_len;
+
+    if ((ret = mbedtls_ecp_tls_write_point(&ctx->grp, &ctx->Q, point_format,
+                                           &pt_len, buf, blen)) != 0) {
+        return ret;
+    }
+
+    *olen = grp_len + pt_len;
+    return 0;
+}
+
+/*
+ * Setup and write the ServerKeyExchange parameters (RFC 4492)
+ *      struct {
+ *          ECParameters    curve_params;
+ *          ECPoint         public;
+ *      } ServerECDHParams;
+ */
+int mbedtls_ecdh_make_params(mbedtls_ecdh_context *ctx, size_t *olen,
+                             unsigned char *buf, size_t blen,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng)
+{
+    int restart_enabled = 0;
+    ECDH_VALIDATE_RET(ctx != NULL);
+    ECDH_VALIDATE_RET(olen != NULL);
+    ECDH_VALIDATE_RET(buf != NULL);
+    ECDH_VALIDATE_RET(f_rng != NULL);
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    restart_enabled = ctx->restart_enabled;
+#else
+    (void) restart_enabled;
+#endif
+
+#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
+    return ecdh_make_params_internal(ctx, olen, ctx->point_format, buf, blen,
+                                     f_rng, p_rng, restart_enabled);
+#else
+    switch (ctx->var) {
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+        case MBEDTLS_ECDH_VARIANT_EVEREST:
+            return mbedtls_everest_make_params(&ctx->ctx.everest_ecdh, olen,
+                                               buf, blen, f_rng, p_rng);
+#endif
+        case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
+            return ecdh_make_params_internal(&ctx->ctx.mbed_ecdh, olen,
+                                             ctx->point_format, buf, blen,
+                                             f_rng, p_rng,
+                                             restart_enabled);
+        default:
+            return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+#endif
+}
+
+static int ecdh_read_params_internal(mbedtls_ecdh_context_mbed *ctx,
+                                     const unsigned char **buf,
+                                     const unsigned char *end)
+{
+    return mbedtls_ecp_tls_read_point(&ctx->grp, &ctx->Qp, buf,
+                                      end - *buf);
+}
+
+/*
+ * Read the ServerKeyExchange parameters (RFC 4492)
+ *      struct {
+ *          ECParameters    curve_params;
+ *          ECPoint         public;
+ *      } ServerECDHParams;
+ */
+int mbedtls_ecdh_read_params(mbedtls_ecdh_context *ctx,
+                             const unsigned char **buf,
+                             const unsigned char *end)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ecp_group_id grp_id;
+    ECDH_VALIDATE_RET(ctx != NULL);
+    ECDH_VALIDATE_RET(buf != NULL);
+    ECDH_VALIDATE_RET(*buf != NULL);
+    ECDH_VALIDATE_RET(end != NULL);
+
+    if ((ret = mbedtls_ecp_tls_read_group_id(&grp_id, buf, end - *buf))
+        != 0) {
+        return ret;
+    }
+
+    if ((ret = mbedtls_ecdh_setup(ctx, grp_id)) != 0) {
+        return ret;
+    }
+
+#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
+    return ecdh_read_params_internal(ctx, buf, end);
+#else
+    switch (ctx->var) {
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+        case MBEDTLS_ECDH_VARIANT_EVEREST:
+            return mbedtls_everest_read_params(&ctx->ctx.everest_ecdh,
+                                               buf, end);
+#endif
+        case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
+            return ecdh_read_params_internal(&ctx->ctx.mbed_ecdh,
+                                             buf, end);
+        default:
+            return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+#endif
+}
+
+static int ecdh_get_params_internal(mbedtls_ecdh_context_mbed *ctx,
+                                    const mbedtls_ecp_keypair *key,
+                                    mbedtls_ecdh_side side)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    /* If it's not our key, just import the public part as Qp */
+    if (side == MBEDTLS_ECDH_THEIRS) {
+        return mbedtls_ecp_copy(&ctx->Qp, &key->Q);
+    }
+
+    /* Our key: import public (as Q) and private parts */
+    if (side != MBEDTLS_ECDH_OURS) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+    if ((ret = mbedtls_ecp_copy(&ctx->Q, &key->Q)) != 0 ||
+        (ret = mbedtls_mpi_copy(&ctx->d, &key->d)) != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+
+/*
+ * Get parameters from a keypair
+ */
+int mbedtls_ecdh_get_params(mbedtls_ecdh_context *ctx,
+                            const mbedtls_ecp_keypair *key,
+                            mbedtls_ecdh_side side)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    ECDH_VALIDATE_RET(ctx != NULL);
+    ECDH_VALIDATE_RET(key != NULL);
+    ECDH_VALIDATE_RET(side == MBEDTLS_ECDH_OURS ||
+                      side == MBEDTLS_ECDH_THEIRS);
+
+    if (mbedtls_ecdh_grp_id(ctx) == MBEDTLS_ECP_DP_NONE) {
+        /* This is the first call to get_params(). Set up the context
+         * for use with the group. */
+        if ((ret = mbedtls_ecdh_setup(ctx, key->grp.id)) != 0) {
+            return ret;
+        }
+    } else {
+        /* This is not the first call to get_params(). Check that the
+         * current key's group is the same as the context's, which was set
+         * from the first key's group. */
+        if (mbedtls_ecdh_grp_id(ctx) != key->grp.id) {
+            return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+        }
+    }
+
+#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
+    return ecdh_get_params_internal(ctx, key, side);
+#else
+    switch (ctx->var) {
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+        case MBEDTLS_ECDH_VARIANT_EVEREST:
+        {
+            mbedtls_everest_ecdh_side s = side == MBEDTLS_ECDH_OURS ?
+                                          MBEDTLS_EVEREST_ECDH_OURS :
+                                          MBEDTLS_EVEREST_ECDH_THEIRS;
+            return mbedtls_everest_get_params(&ctx->ctx.everest_ecdh,
+                                              key, s);
+        }
+#endif
+        case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
+            return ecdh_get_params_internal(&ctx->ctx.mbed_ecdh,
+                                            key, side);
+        default:
+            return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+#endif
+}
+
+static int ecdh_make_public_internal(mbedtls_ecdh_context_mbed *ctx,
+                                     size_t *olen, int point_format,
+                                     unsigned char *buf, size_t blen,
+                                     int (*f_rng)(void *,
+                                                  unsigned char *,
+                                                  size_t),
+                                     void *p_rng,
+                                     int restart_enabled)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    mbedtls_ecp_restart_ctx *rs_ctx = NULL;
+#endif
+
+    if (ctx->grp.pbits == 0) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (restart_enabled) {
+        rs_ctx = &ctx->rs;
+    }
+#else
+    (void) restart_enabled;
+#endif
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if ((ret = ecdh_gen_public_restartable(&ctx->grp, &ctx->d, &ctx->Q,
+                                           f_rng, p_rng, rs_ctx)) != 0) {
+        return ret;
+    }
+#else
+    if ((ret = mbedtls_ecdh_gen_public(&ctx->grp, &ctx->d, &ctx->Q,
+                                       f_rng, p_rng)) != 0) {
+        return ret;
+    }
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+    return mbedtls_ecp_tls_write_point(&ctx->grp, &ctx->Q, point_format, olen,
+                                       buf, blen);
+}
+
+/*
+ * Setup and export the client public value
+ */
+int mbedtls_ecdh_make_public(mbedtls_ecdh_context *ctx, size_t *olen,
+                             unsigned char *buf, size_t blen,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng)
+{
+    int restart_enabled = 0;
+    ECDH_VALIDATE_RET(ctx != NULL);
+    ECDH_VALIDATE_RET(olen != NULL);
+    ECDH_VALIDATE_RET(buf != NULL);
+    ECDH_VALIDATE_RET(f_rng != NULL);
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    restart_enabled = ctx->restart_enabled;
+#endif
+
+#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
+    return ecdh_make_public_internal(ctx, olen, ctx->point_format, buf, blen,
+                                     f_rng, p_rng, restart_enabled);
+#else
+    switch (ctx->var) {
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+        case MBEDTLS_ECDH_VARIANT_EVEREST:
+            return mbedtls_everest_make_public(&ctx->ctx.everest_ecdh, olen,
+                                               buf, blen, f_rng, p_rng);
+#endif
+        case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
+            return ecdh_make_public_internal(&ctx->ctx.mbed_ecdh, olen,
+                                             ctx->point_format, buf, blen,
+                                             f_rng, p_rng,
+                                             restart_enabled);
+        default:
+            return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+#endif
+}
+
+static int ecdh_read_public_internal(mbedtls_ecdh_context_mbed *ctx,
+                                     const unsigned char *buf, size_t blen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const unsigned char *p = buf;
+
+    if ((ret = mbedtls_ecp_tls_read_point(&ctx->grp, &ctx->Qp, &p,
+                                          blen)) != 0) {
+        return ret;
+    }
+
+    if ((size_t) (p - buf) != blen) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+    return 0;
+}
+
+/*
+ * Parse and import the client's public value
+ */
+int mbedtls_ecdh_read_public(mbedtls_ecdh_context *ctx,
+                             const unsigned char *buf, size_t blen)
+{
+    ECDH_VALIDATE_RET(ctx != NULL);
+    ECDH_VALIDATE_RET(buf != NULL);
+
+#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
+    return ecdh_read_public_internal(ctx, buf, blen);
+#else
+    switch (ctx->var) {
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+        case MBEDTLS_ECDH_VARIANT_EVEREST:
+            return mbedtls_everest_read_public(&ctx->ctx.everest_ecdh,
+                                               buf, blen);
+#endif
+        case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
+            return ecdh_read_public_internal(&ctx->ctx.mbed_ecdh,
+                                             buf, blen);
+        default:
+            return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+#endif
+}
+
+static int ecdh_calc_secret_internal(mbedtls_ecdh_context_mbed *ctx,
+                                     size_t *olen, unsigned char *buf,
+                                     size_t blen,
+                                     int (*f_rng)(void *,
+                                                  unsigned char *,
+                                                  size_t),
+                                     void *p_rng,
+                                     int restart_enabled)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    mbedtls_ecp_restart_ctx *rs_ctx = NULL;
+#endif
+
+    if (ctx == NULL || ctx->grp.pbits == 0) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (restart_enabled) {
+        rs_ctx = &ctx->rs;
+    }
+#else
+    (void) restart_enabled;
+#endif
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if ((ret = ecdh_compute_shared_restartable(&ctx->grp, &ctx->z, &ctx->Qp,
+                                               &ctx->d, f_rng, p_rng,
+                                               rs_ctx)) != 0) {
+        return ret;
+    }
+#else
+    if ((ret = mbedtls_ecdh_compute_shared(&ctx->grp, &ctx->z, &ctx->Qp,
+                                           &ctx->d, f_rng, p_rng)) != 0) {
+        return ret;
+    }
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+    if (mbedtls_mpi_size(&ctx->z) > blen) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+    *olen = ctx->grp.pbits / 8 + ((ctx->grp.pbits % 8) != 0);
+
+    if (mbedtls_ecp_get_type(&ctx->grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) {
+        return mbedtls_mpi_write_binary_le(&ctx->z, buf, *olen);
+    }
+
+    return mbedtls_mpi_write_binary(&ctx->z, buf, *olen);
+}
+
+/*
+ * Derive and export the shared secret
+ */
+int mbedtls_ecdh_calc_secret(mbedtls_ecdh_context *ctx, size_t *olen,
+                             unsigned char *buf, size_t blen,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng)
+{
+    int restart_enabled = 0;
+    ECDH_VALIDATE_RET(ctx != NULL);
+    ECDH_VALIDATE_RET(olen != NULL);
+    ECDH_VALIDATE_RET(buf != NULL);
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    restart_enabled = ctx->restart_enabled;
+#endif
+
+#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
+    return ecdh_calc_secret_internal(ctx, olen, buf, blen, f_rng, p_rng,
+                                     restart_enabled);
+#else
+    switch (ctx->var) {
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+        case MBEDTLS_ECDH_VARIANT_EVEREST:
+            return mbedtls_everest_calc_secret(&ctx->ctx.everest_ecdh, olen,
+                                               buf, blen, f_rng, p_rng);
+#endif
+        case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0:
+            return ecdh_calc_secret_internal(&ctx->ctx.mbed_ecdh, olen, buf,
+                                             blen, f_rng, p_rng,
+                                             restart_enabled);
+        default:
+            return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+#endif
+}
+
+#endif /* MBEDTLS_ECDH_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/ecdsa.c b/3rdparty/mbedtls-2.28.7/library/ecdsa.c
new file mode 100644
index 0000000..51aba0e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/ecdsa.c
@@ -0,0 +1,997 @@
+/*
+ *  Elliptic curve DSA
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ * References:
+ *
+ * SEC1 https://www.secg.org/sec1-v2.pdf
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_ECDSA_C)
+
+#include "mbedtls/ecdsa.h"
+#include "mbedtls/asn1write.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+#include "mbedtls/hmac_drbg.h"
+#endif
+
+#include "mbedtls/platform.h"
+
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+/* Parameter validation macros based on platform_util.h */
+#define ECDSA_VALIDATE_RET(cond)    \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA)
+#define ECDSA_VALIDATE(cond)        \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+
+/*
+ * Sub-context for ecdsa_verify()
+ */
+struct mbedtls_ecdsa_restart_ver {
+    mbedtls_mpi u1, u2;     /* intermediate values  */
+    enum {                  /* what to do next?     */
+        ecdsa_ver_init = 0, /* getting started      */
+        ecdsa_ver_muladd,   /* muladd step          */
+    } state;
+};
+
+/*
+ * Init verify restart sub-context
+ */
+static void ecdsa_restart_ver_init(mbedtls_ecdsa_restart_ver_ctx *ctx)
+{
+    mbedtls_mpi_init(&ctx->u1);
+    mbedtls_mpi_init(&ctx->u2);
+    ctx->state = ecdsa_ver_init;
+}
+
+/*
+ * Free the components of a verify restart sub-context
+ */
+static void ecdsa_restart_ver_free(mbedtls_ecdsa_restart_ver_ctx *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_mpi_free(&ctx->u1);
+    mbedtls_mpi_free(&ctx->u2);
+
+    ecdsa_restart_ver_init(ctx);
+}
+
+/*
+ * Sub-context for ecdsa_sign()
+ */
+struct mbedtls_ecdsa_restart_sig {
+    int sign_tries;
+    int key_tries;
+    mbedtls_mpi k;          /* per-signature random */
+    mbedtls_mpi r;          /* r value              */
+    enum {                  /* what to do next?     */
+        ecdsa_sig_init = 0, /* getting started      */
+        ecdsa_sig_mul,      /* doing ecp_mul()      */
+        ecdsa_sig_modn,     /* mod N computations   */
+    } state;
+};
+
+/*
+ * Init verify sign sub-context
+ */
+static void ecdsa_restart_sig_init(mbedtls_ecdsa_restart_sig_ctx *ctx)
+{
+    ctx->sign_tries = 0;
+    ctx->key_tries = 0;
+    mbedtls_mpi_init(&ctx->k);
+    mbedtls_mpi_init(&ctx->r);
+    ctx->state = ecdsa_sig_init;
+}
+
+/*
+ * Free the components of a sign restart sub-context
+ */
+static void ecdsa_restart_sig_free(mbedtls_ecdsa_restart_sig_ctx *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_mpi_free(&ctx->k);
+    mbedtls_mpi_free(&ctx->r);
+}
+
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+/*
+ * Sub-context for ecdsa_sign_det()
+ */
+struct mbedtls_ecdsa_restart_det {
+    mbedtls_hmac_drbg_context rng_ctx;  /* DRBG state   */
+    enum {                      /* what to do next?     */
+        ecdsa_det_init = 0,     /* getting started      */
+        ecdsa_det_sign,         /* make signature       */
+    } state;
+};
+
+/*
+ * Init verify sign_det sub-context
+ */
+static void ecdsa_restart_det_init(mbedtls_ecdsa_restart_det_ctx *ctx)
+{
+    mbedtls_hmac_drbg_init(&ctx->rng_ctx);
+    ctx->state = ecdsa_det_init;
+}
+
+/*
+ * Free the components of a sign_det restart sub-context
+ */
+static void ecdsa_restart_det_free(mbedtls_ecdsa_restart_det_ctx *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_hmac_drbg_free(&ctx->rng_ctx);
+
+    ecdsa_restart_det_init(ctx);
+}
+#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
+
+#define ECDSA_RS_ECP    (rs_ctx == NULL ? NULL : &rs_ctx->ecp)
+
+/* Utility macro for checking and updating ops budget */
+#define ECDSA_BUDGET(ops)   \
+    MBEDTLS_MPI_CHK(mbedtls_ecp_check_budget(grp, ECDSA_RS_ECP, ops));
+
+/* Call this when entering a function that needs its own sub-context */
+#define ECDSA_RS_ENTER(SUB)   do {                                 \
+        /* reset ops count for this call if top-level */                 \
+        if (rs_ctx != NULL && rs_ctx->ecp.depth++ == 0)                 \
+        rs_ctx->ecp.ops_done = 0;                                    \
+                                                                     \
+        /* set up our own sub-context if needed */                       \
+        if (mbedtls_ecp_restart_is_enabled() &&                          \
+            rs_ctx != NULL && rs_ctx->SUB == NULL)                      \
+        {                                                                \
+            rs_ctx->SUB = mbedtls_calloc(1, sizeof(*rs_ctx->SUB));   \
+            if (rs_ctx->SUB == NULL)                                    \
+            return MBEDTLS_ERR_ECP_ALLOC_FAILED;                  \
+                                                                   \
+            ecdsa_restart_## SUB ##_init(rs_ctx->SUB);                 \
+        }                                                                \
+} while (0)
+
+/* Call this when leaving a function that needs its own sub-context */
+#define ECDSA_RS_LEAVE(SUB)   do {                                 \
+        /* clear our sub-context when not in progress (done or error) */ \
+        if (rs_ctx != NULL && rs_ctx->SUB != NULL &&                     \
+            ret != MBEDTLS_ERR_ECP_IN_PROGRESS)                         \
+        {                                                                \
+            ecdsa_restart_## SUB ##_free(rs_ctx->SUB);                 \
+            mbedtls_free(rs_ctx->SUB);                                 \
+            rs_ctx->SUB = NULL;                                          \
+        }                                                                \
+                                                                     \
+        if (rs_ctx != NULL)                                             \
+        rs_ctx->ecp.depth--;                                         \
+} while (0)
+
+#else /* MBEDTLS_ECP_RESTARTABLE */
+
+#define ECDSA_RS_ECP    NULL
+
+#define ECDSA_BUDGET(ops)     /* no-op; for compatibility */
+
+#define ECDSA_RS_ENTER(SUB)   (void) rs_ctx
+#define ECDSA_RS_LEAVE(SUB)   (void) rs_ctx
+
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC) || \
+    !defined(MBEDTLS_ECDSA_SIGN_ALT)     || \
+    !defined(MBEDTLS_ECDSA_VERIFY_ALT)
+/*
+ * Derive a suitable integer for group grp from a buffer of length len
+ * SEC1 4.1.3 step 5 aka SEC1 4.1.4 step 3
+ */
+static int derive_mpi(const mbedtls_ecp_group *grp, mbedtls_mpi *x,
+                      const unsigned char *buf, size_t blen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t n_size = (grp->nbits + 7) / 8;
+    size_t use_size = blen > n_size ? n_size : blen;
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(x, buf, use_size));
+    if (use_size * 8 > grp->nbits) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(x, use_size * 8 - grp->nbits));
+    }
+
+    /* While at it, reduce modulo N */
+    if (mbedtls_mpi_cmp_mpi(x, &grp->N) >= 0) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(x, x, &grp->N));
+    }
+
+cleanup:
+    return ret;
+}
+#endif /* ECDSA_DETERMINISTIC || !ECDSA_SIGN_ALT || !ECDSA_VERIFY_ALT */
+
+int mbedtls_ecdsa_can_do(mbedtls_ecp_group_id gid)
+{
+    switch (gid) {
+#ifdef MBEDTLS_ECP_DP_CURVE25519_ENABLED
+        case MBEDTLS_ECP_DP_CURVE25519: return 0;
+#endif
+#ifdef MBEDTLS_ECP_DP_CURVE448_ENABLED
+        case MBEDTLS_ECP_DP_CURVE448: return 0;
+#endif
+        default: return 1;
+    }
+}
+
+#if !defined(MBEDTLS_ECDSA_SIGN_ALT)
+/*
+ * Compute ECDSA signature of a hashed message (SEC1 4.1.3)
+ * Obviously, compared to SEC1 4.1.3, we skip step 4 (hash message)
+ */
+static int ecdsa_sign_restartable(mbedtls_ecp_group *grp,
+                                  mbedtls_mpi *r, mbedtls_mpi *s,
+                                  const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
+                                  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+                                  int (*f_rng_blind)(void *, unsigned char *, size_t),
+                                  void *p_rng_blind,
+                                  mbedtls_ecdsa_restart_ctx *rs_ctx)
+{
+    int ret, key_tries, sign_tries;
+    int *p_sign_tries = &sign_tries, *p_key_tries = &key_tries;
+    mbedtls_ecp_point R;
+    mbedtls_mpi k, e, t;
+    mbedtls_mpi *pk = &k, *pr = r;
+
+    /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
+    if (!mbedtls_ecdsa_can_do(grp->id) || grp->N.p == NULL) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+    /* Make sure d is in range 1..n-1 */
+    if (mbedtls_mpi_cmp_int(d, 1) < 0 || mbedtls_mpi_cmp_mpi(d, &grp->N) >= 0) {
+        return MBEDTLS_ERR_ECP_INVALID_KEY;
+    }
+
+    mbedtls_ecp_point_init(&R);
+    mbedtls_mpi_init(&k); mbedtls_mpi_init(&e); mbedtls_mpi_init(&t);
+
+    ECDSA_RS_ENTER(sig);
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->sig != NULL) {
+        /* redirect to our context */
+        p_sign_tries = &rs_ctx->sig->sign_tries;
+        p_key_tries = &rs_ctx->sig->key_tries;
+        pk = &rs_ctx->sig->k;
+        pr = &rs_ctx->sig->r;
+
+        /* jump to current step */
+        if (rs_ctx->sig->state == ecdsa_sig_mul) {
+            goto mul;
+        }
+        if (rs_ctx->sig->state == ecdsa_sig_modn) {
+            goto modn;
+        }
+    }
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+    *p_sign_tries = 0;
+    do {
+        if ((*p_sign_tries)++ > 10) {
+            ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
+            goto cleanup;
+        }
+
+        /*
+         * Steps 1-3: generate a suitable ephemeral keypair
+         * and set r = xR mod n
+         */
+        *p_key_tries = 0;
+        do {
+            if ((*p_key_tries)++ > 10) {
+                ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
+                goto cleanup;
+            }
+
+            MBEDTLS_MPI_CHK(mbedtls_ecp_gen_privkey(grp, pk, f_rng, p_rng));
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+            if (rs_ctx != NULL && rs_ctx->sig != NULL) {
+                rs_ctx->sig->state = ecdsa_sig_mul;
+            }
+
+mul:
+#endif
+            MBEDTLS_MPI_CHK(mbedtls_ecp_mul_restartable(grp, &R, pk, &grp->G,
+                                                        f_rng_blind,
+                                                        p_rng_blind,
+                                                        ECDSA_RS_ECP));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pr, &R.X, &grp->N));
+        } while (mbedtls_mpi_cmp_int(pr, 0) == 0);
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+        if (rs_ctx != NULL && rs_ctx->sig != NULL) {
+            rs_ctx->sig->state = ecdsa_sig_modn;
+        }
+
+modn:
+#endif
+        /*
+         * Accounting for everything up to the end of the loop
+         * (step 6, but checking now avoids saving e and t)
+         */
+        ECDSA_BUDGET(MBEDTLS_ECP_OPS_INV + 4);
+
+        /*
+         * Step 5: derive MPI from hashed message
+         */
+        MBEDTLS_MPI_CHK(derive_mpi(grp, &e, buf, blen));
+
+        /*
+         * Generate a random value to blind inv_mod in next step,
+         * avoiding a potential timing leak.
+         */
+        MBEDTLS_MPI_CHK(mbedtls_ecp_gen_privkey(grp, &t, f_rng_blind,
+                                                p_rng_blind));
+
+        /*
+         * Step 6: compute s = (e + r * d) / k = t (e + rd) / (kt) mod n
+         */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(s, pr, d));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&e, &e, s));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&e, &e, &t));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(pk, pk, &t));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pk, pk, &grp->N));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(s, pk, &grp->N));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(s, s, &e));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(s, s, &grp->N));
+    } while (mbedtls_mpi_cmp_int(s, 0) == 0);
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->sig != NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_copy(r, pr));
+    }
+#endif
+
+cleanup:
+    mbedtls_ecp_point_free(&R);
+    mbedtls_mpi_free(&k); mbedtls_mpi_free(&e); mbedtls_mpi_free(&t);
+
+    ECDSA_RS_LEAVE(sig);
+
+    return ret;
+}
+
+/*
+ * Compute ECDSA signature of a hashed message
+ */
+int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
+                       const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
+                       int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+    ECDSA_VALIDATE_RET(grp   != NULL);
+    ECDSA_VALIDATE_RET(r     != NULL);
+    ECDSA_VALIDATE_RET(s     != NULL);
+    ECDSA_VALIDATE_RET(d     != NULL);
+    ECDSA_VALIDATE_RET(f_rng != NULL);
+    ECDSA_VALIDATE_RET(buf   != NULL || blen == 0);
+
+    /* Use the same RNG for both blinding and ephemeral key generation */
+    return ecdsa_sign_restartable(grp, r, s, d, buf, blen,
+                                  f_rng, p_rng, f_rng, p_rng, NULL);
+}
+#endif /* !MBEDTLS_ECDSA_SIGN_ALT */
+
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+/*
+ * Deterministic signature wrapper
+ */
+static int ecdsa_sign_det_restartable(mbedtls_ecp_group *grp,
+                                      mbedtls_mpi *r, mbedtls_mpi *s,
+                                      const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
+                                      mbedtls_md_type_t md_alg,
+                                      int (*f_rng_blind)(void *, unsigned char *, size_t),
+                                      void *p_rng_blind,
+                                      mbedtls_ecdsa_restart_ctx *rs_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_hmac_drbg_context rng_ctx;
+    mbedtls_hmac_drbg_context *p_rng = &rng_ctx;
+    unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES];
+    size_t grp_len = (grp->nbits + 7) / 8;
+    const mbedtls_md_info_t *md_info;
+    mbedtls_mpi h;
+
+    if ((md_info = mbedtls_md_info_from_type(md_alg)) == NULL) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+    mbedtls_mpi_init(&h);
+    mbedtls_hmac_drbg_init(&rng_ctx);
+
+    ECDSA_RS_ENTER(det);
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->det != NULL) {
+        /* redirect to our context */
+        p_rng = &rs_ctx->det->rng_ctx;
+
+        /* jump to current step */
+        if (rs_ctx->det->state == ecdsa_det_sign) {
+            goto sign;
+        }
+    }
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+    /* Use private key and message hash (reduced) to initialize HMAC_DRBG */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(d, data, grp_len));
+    MBEDTLS_MPI_CHK(derive_mpi(grp, &h, buf, blen));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&h, data + grp_len, grp_len));
+    MBEDTLS_MPI_CHK(mbedtls_hmac_drbg_seed_buf(p_rng, md_info, data, 2 * grp_len));
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->det != NULL) {
+        rs_ctx->det->state = ecdsa_det_sign;
+    }
+
+sign:
+#endif
+#if defined(MBEDTLS_ECDSA_SIGN_ALT)
+    (void) f_rng_blind;
+    (void) p_rng_blind;
+    ret = mbedtls_ecdsa_sign(grp, r, s, d, buf, blen,
+                             mbedtls_hmac_drbg_random, p_rng);
+#else
+    if (f_rng_blind != NULL) {
+        ret = ecdsa_sign_restartable(grp, r, s, d, buf, blen,
+                                     mbedtls_hmac_drbg_random, p_rng,
+                                     f_rng_blind, p_rng_blind, rs_ctx);
+    } else {
+        mbedtls_hmac_drbg_context *p_rng_blind_det;
+
+#if !defined(MBEDTLS_ECP_RESTARTABLE)
+        /*
+         * To avoid reusing rng_ctx and risking incorrect behavior we seed a
+         * second HMAC-DRBG with the same seed. We also apply a label to avoid
+         * reusing the bits of the ephemeral key for blinding and eliminate the
+         * risk that they leak this way.
+         */
+        const char *blind_label = "BLINDING CONTEXT";
+        mbedtls_hmac_drbg_context rng_ctx_blind;
+
+        mbedtls_hmac_drbg_init(&rng_ctx_blind);
+        p_rng_blind_det = &rng_ctx_blind;
+        mbedtls_hmac_drbg_seed_buf(p_rng_blind_det, md_info,
+                                   data, 2 * grp_len);
+        ret = mbedtls_hmac_drbg_update_ret(p_rng_blind_det,
+                                           (const unsigned char *) blind_label,
+                                           strlen(blind_label));
+        if (ret != 0) {
+            mbedtls_hmac_drbg_free(&rng_ctx_blind);
+            goto cleanup;
+        }
+#else
+        /*
+         * In the case of restartable computations we would either need to store
+         * the second RNG in the restart context too or set it up at every
+         * restart. The first option would penalize the correct application of
+         * the function and the second would defeat the purpose of the
+         * restartable feature.
+         *
+         * Therefore in this case we reuse the original RNG. This comes with the
+         * price that the resulting signature might not be a valid deterministic
+         * ECDSA signature with a very low probability (same magnitude as
+         * successfully guessing the private key). However even then it is still
+         * a valid ECDSA signature.
+         */
+        p_rng_blind_det = p_rng;
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+        /*
+         * Since the output of the RNGs is always the same for the same key and
+         * message, this limits the efficiency of blinding and leaks information
+         * through side channels. After mbedtls_ecdsa_sign_det() is removed NULL
+         * won't be a valid value for f_rng_blind anymore. Therefore it should
+         * be checked by the caller and this branch and check can be removed.
+         */
+        ret = ecdsa_sign_restartable(grp, r, s, d, buf, blen,
+                                     mbedtls_hmac_drbg_random, p_rng,
+                                     mbedtls_hmac_drbg_random, p_rng_blind_det,
+                                     rs_ctx);
+
+#if !defined(MBEDTLS_ECP_RESTARTABLE)
+        mbedtls_hmac_drbg_free(&rng_ctx_blind);
+#endif
+    }
+#endif /* MBEDTLS_ECDSA_SIGN_ALT */
+
+cleanup:
+    mbedtls_hmac_drbg_free(&rng_ctx);
+    mbedtls_mpi_free(&h);
+
+    ECDSA_RS_LEAVE(det);
+
+    return ret;
+}
+
+/*
+ * Deterministic signature wrappers
+ */
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+int mbedtls_ecdsa_sign_det(mbedtls_ecp_group *grp, mbedtls_mpi *r,
+                           mbedtls_mpi *s, const mbedtls_mpi *d,
+                           const unsigned char *buf, size_t blen,
+                           mbedtls_md_type_t md_alg)
+{
+    ECDSA_VALIDATE_RET(grp   != NULL);
+    ECDSA_VALIDATE_RET(r     != NULL);
+    ECDSA_VALIDATE_RET(s     != NULL);
+    ECDSA_VALIDATE_RET(d     != NULL);
+    ECDSA_VALIDATE_RET(buf   != NULL || blen == 0);
+
+    return ecdsa_sign_det_restartable(grp, r, s, d, buf, blen, md_alg,
+                                      NULL, NULL, NULL);
+}
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
+
+int mbedtls_ecdsa_sign_det_ext(mbedtls_ecp_group *grp, mbedtls_mpi *r,
+                               mbedtls_mpi *s, const mbedtls_mpi *d,
+                               const unsigned char *buf, size_t blen,
+                               mbedtls_md_type_t md_alg,
+                               int (*f_rng_blind)(void *, unsigned char *,
+                                                  size_t),
+                               void *p_rng_blind)
+{
+    ECDSA_VALIDATE_RET(grp   != NULL);
+    ECDSA_VALIDATE_RET(r     != NULL);
+    ECDSA_VALIDATE_RET(s     != NULL);
+    ECDSA_VALIDATE_RET(d     != NULL);
+    ECDSA_VALIDATE_RET(buf   != NULL || blen == 0);
+    ECDSA_VALIDATE_RET(f_rng_blind != NULL);
+
+    return ecdsa_sign_det_restartable(grp, r, s, d, buf, blen, md_alg,
+                                      f_rng_blind, p_rng_blind, NULL);
+}
+#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
+
+#if !defined(MBEDTLS_ECDSA_VERIFY_ALT)
+/*
+ * Verify ECDSA signature of hashed message (SEC1 4.1.4)
+ * Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message)
+ */
+static int ecdsa_verify_restartable(mbedtls_ecp_group *grp,
+                                    const unsigned char *buf, size_t blen,
+                                    const mbedtls_ecp_point *Q,
+                                    const mbedtls_mpi *r, const mbedtls_mpi *s,
+                                    mbedtls_ecdsa_restart_ctx *rs_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_mpi e, s_inv, u1, u2;
+    mbedtls_ecp_point R;
+    mbedtls_mpi *pu1 = &u1, *pu2 = &u2;
+
+    mbedtls_ecp_point_init(&R);
+    mbedtls_mpi_init(&e); mbedtls_mpi_init(&s_inv);
+    mbedtls_mpi_init(&u1); mbedtls_mpi_init(&u2);
+
+    /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
+    if (!mbedtls_ecdsa_can_do(grp->id) || grp->N.p == NULL) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+    ECDSA_RS_ENTER(ver);
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->ver != NULL) {
+        /* redirect to our context */
+        pu1 = &rs_ctx->ver->u1;
+        pu2 = &rs_ctx->ver->u2;
+
+        /* jump to current step */
+        if (rs_ctx->ver->state == ecdsa_ver_muladd) {
+            goto muladd;
+        }
+    }
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+    /*
+     * Step 1: make sure r and s are in range 1..n-1
+     */
+    if (mbedtls_mpi_cmp_int(r, 1) < 0 || mbedtls_mpi_cmp_mpi(r, &grp->N) >= 0 ||
+        mbedtls_mpi_cmp_int(s, 1) < 0 || mbedtls_mpi_cmp_mpi(s, &grp->N) >= 0) {
+        ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
+        goto cleanup;
+    }
+
+    /*
+     * Step 3: derive MPI from hashed message
+     */
+    MBEDTLS_MPI_CHK(derive_mpi(grp, &e, buf, blen));
+
+    /*
+     * Step 4: u1 = e / s mod n, u2 = r / s mod n
+     */
+    ECDSA_BUDGET(MBEDTLS_ECP_OPS_CHK + MBEDTLS_ECP_OPS_INV + 2);
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&s_inv, s, &grp->N));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(pu1, &e, &s_inv));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pu1, pu1, &grp->N));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(pu2, r, &s_inv));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pu2, pu2, &grp->N));
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->ver != NULL) {
+        rs_ctx->ver->state = ecdsa_ver_muladd;
+    }
+
+muladd:
+#endif
+    /*
+     * Step 5: R = u1 G + u2 Q
+     */
+    MBEDTLS_MPI_CHK(mbedtls_ecp_muladd_restartable(grp,
+                                                   &R, pu1, &grp->G, pu2, Q, ECDSA_RS_ECP));
+
+    if (mbedtls_ecp_is_zero(&R)) {
+        ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
+        goto cleanup;
+    }
+
+    /*
+     * Step 6: convert xR to an integer (no-op)
+     * Step 7: reduce xR mod n (gives v)
+     */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&R.X, &R.X, &grp->N));
+
+    /*
+     * Step 8: check if v (that is, R.X) is equal to r
+     */
+    if (mbedtls_mpi_cmp_mpi(&R.X, r) != 0) {
+        ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
+        goto cleanup;
+    }
+
+cleanup:
+    mbedtls_ecp_point_free(&R);
+    mbedtls_mpi_free(&e); mbedtls_mpi_free(&s_inv);
+    mbedtls_mpi_free(&u1); mbedtls_mpi_free(&u2);
+
+    ECDSA_RS_LEAVE(ver);
+
+    return ret;
+}
+
+/*
+ * Verify ECDSA signature of hashed message
+ */
+int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp,
+                         const unsigned char *buf, size_t blen,
+                         const mbedtls_ecp_point *Q,
+                         const mbedtls_mpi *r,
+                         const mbedtls_mpi *s)
+{
+    ECDSA_VALIDATE_RET(grp != NULL);
+    ECDSA_VALIDATE_RET(Q   != NULL);
+    ECDSA_VALIDATE_RET(r   != NULL);
+    ECDSA_VALIDATE_RET(s   != NULL);
+    ECDSA_VALIDATE_RET(buf != NULL || blen == 0);
+
+    return ecdsa_verify_restartable(grp, buf, blen, Q, r, s, NULL);
+}
+#endif /* !MBEDTLS_ECDSA_VERIFY_ALT */
+
+/*
+ * Convert a signature (given by context) to ASN.1
+ */
+static int ecdsa_signature_to_asn1(const mbedtls_mpi *r, const mbedtls_mpi *s,
+                                   unsigned char *sig, size_t *slen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char buf[MBEDTLS_ECDSA_MAX_LEN] = { 0 };
+    unsigned char *p = buf + sizeof(buf);
+    size_t len = 0;
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_mpi(&p, buf, s));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_mpi(&p, buf, r));
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, buf,
+                                                     MBEDTLS_ASN1_CONSTRUCTED |
+                                                     MBEDTLS_ASN1_SEQUENCE));
+
+    memcpy(sig, p, len);
+    *slen = len;
+
+    return 0;
+}
+
+/*
+ * Compute and write signature
+ */
+int mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx,
+                                              mbedtls_md_type_t md_alg,
+                                              const unsigned char *hash, size_t hlen,
+                                              unsigned char *sig, size_t *slen,
+                                              int (*f_rng)(void *, unsigned char *, size_t),
+                                              void *p_rng,
+                                              mbedtls_ecdsa_restart_ctx *rs_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_mpi r, s;
+    ECDSA_VALIDATE_RET(ctx  != NULL);
+    ECDSA_VALIDATE_RET(hash != NULL);
+    ECDSA_VALIDATE_RET(sig  != NULL);
+    ECDSA_VALIDATE_RET(slen != NULL);
+
+    mbedtls_mpi_init(&r);
+    mbedtls_mpi_init(&s);
+
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+    MBEDTLS_MPI_CHK(ecdsa_sign_det_restartable(&ctx->grp, &r, &s, &ctx->d,
+                                               hash, hlen, md_alg, f_rng,
+                                               p_rng, rs_ctx));
+#else
+    (void) md_alg;
+
+#if defined(MBEDTLS_ECDSA_SIGN_ALT)
+    (void) rs_ctx;
+
+    MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign(&ctx->grp, &r, &s, &ctx->d,
+                                       hash, hlen, f_rng, p_rng));
+#else
+    /* Use the same RNG for both blinding and ephemeral key generation */
+    MBEDTLS_MPI_CHK(ecdsa_sign_restartable(&ctx->grp, &r, &s, &ctx->d,
+                                           hash, hlen, f_rng, p_rng, f_rng,
+                                           p_rng, rs_ctx));
+#endif /* MBEDTLS_ECDSA_SIGN_ALT */
+#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
+
+    MBEDTLS_MPI_CHK(ecdsa_signature_to_asn1(&r, &s, sig, slen));
+
+cleanup:
+    mbedtls_mpi_free(&r);
+    mbedtls_mpi_free(&s);
+
+    return ret;
+}
+
+/*
+ * Compute and write signature
+ */
+int mbedtls_ecdsa_write_signature(mbedtls_ecdsa_context *ctx,
+                                  mbedtls_md_type_t md_alg,
+                                  const unsigned char *hash, size_t hlen,
+                                  unsigned char *sig, size_t *slen,
+                                  int (*f_rng)(void *, unsigned char *, size_t),
+                                  void *p_rng)
+{
+    ECDSA_VALIDATE_RET(ctx  != NULL);
+    ECDSA_VALIDATE_RET(hash != NULL);
+    ECDSA_VALIDATE_RET(sig  != NULL);
+    ECDSA_VALIDATE_RET(slen != NULL);
+    return mbedtls_ecdsa_write_signature_restartable(
+        ctx, md_alg, hash, hlen, sig, slen, f_rng, p_rng, NULL);
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED) && \
+    defined(MBEDTLS_ECDSA_DETERMINISTIC)
+int mbedtls_ecdsa_write_signature_det(mbedtls_ecdsa_context *ctx,
+                                      const unsigned char *hash, size_t hlen,
+                                      unsigned char *sig, size_t *slen,
+                                      mbedtls_md_type_t md_alg)
+{
+    ECDSA_VALIDATE_RET(ctx  != NULL);
+    ECDSA_VALIDATE_RET(hash != NULL);
+    ECDSA_VALIDATE_RET(sig  != NULL);
+    ECDSA_VALIDATE_RET(slen != NULL);
+    return mbedtls_ecdsa_write_signature(ctx, md_alg, hash, hlen, sig, slen,
+                                         NULL, NULL);
+}
+#endif
+
+/*
+ * Read and check signature
+ */
+int mbedtls_ecdsa_read_signature(mbedtls_ecdsa_context *ctx,
+                                 const unsigned char *hash, size_t hlen,
+                                 const unsigned char *sig, size_t slen)
+{
+    ECDSA_VALIDATE_RET(ctx  != NULL);
+    ECDSA_VALIDATE_RET(hash != NULL);
+    ECDSA_VALIDATE_RET(sig  != NULL);
+    return mbedtls_ecdsa_read_signature_restartable(
+        ctx, hash, hlen, sig, slen, NULL);
+}
+
+/*
+ * Restartable read and check signature
+ */
+int mbedtls_ecdsa_read_signature_restartable(mbedtls_ecdsa_context *ctx,
+                                             const unsigned char *hash, size_t hlen,
+                                             const unsigned char *sig, size_t slen,
+                                             mbedtls_ecdsa_restart_ctx *rs_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *p = (unsigned char *) sig;
+    const unsigned char *end = sig + slen;
+    size_t len;
+    mbedtls_mpi r, s;
+    ECDSA_VALIDATE_RET(ctx  != NULL);
+    ECDSA_VALIDATE_RET(hash != NULL);
+    ECDSA_VALIDATE_RET(sig  != NULL);
+
+    mbedtls_mpi_init(&r);
+    mbedtls_mpi_init(&s);
+
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    if (p + len != end) {
+        ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+        goto cleanup;
+    }
+
+    if ((ret = mbedtls_asn1_get_mpi(&p, end, &r)) != 0 ||
+        (ret = mbedtls_asn1_get_mpi(&p, end, &s)) != 0) {
+        ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+#if defined(MBEDTLS_ECDSA_VERIFY_ALT)
+    (void) rs_ctx;
+
+    if ((ret = mbedtls_ecdsa_verify(&ctx->grp, hash, hlen,
+                                    &ctx->Q, &r, &s)) != 0) {
+        goto cleanup;
+    }
+#else
+    if ((ret = ecdsa_verify_restartable(&ctx->grp, hash, hlen,
+                                        &ctx->Q, &r, &s, rs_ctx)) != 0) {
+        goto cleanup;
+    }
+#endif /* MBEDTLS_ECDSA_VERIFY_ALT */
+
+    /* At this point we know that the buffer starts with a valid signature.
+     * Return 0 if the buffer just contains the signature, and a specific
+     * error code if the valid signature is followed by more data. */
+    if (p != end) {
+        ret = MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH;
+    }
+
+cleanup:
+    mbedtls_mpi_free(&r);
+    mbedtls_mpi_free(&s);
+
+    return ret;
+}
+
+#if !defined(MBEDTLS_ECDSA_GENKEY_ALT)
+/*
+ * Generate key pair
+ */
+int mbedtls_ecdsa_genkey(mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
+                         int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+    int ret = 0;
+    ECDSA_VALIDATE_RET(ctx   != NULL);
+    ECDSA_VALIDATE_RET(f_rng != NULL);
+
+    ret = mbedtls_ecp_group_load(&ctx->grp, gid);
+    if (ret != 0) {
+        return ret;
+    }
+
+    return mbedtls_ecp_gen_keypair(&ctx->grp, &ctx->d,
+                                   &ctx->Q, f_rng, p_rng);
+}
+#endif /* !MBEDTLS_ECDSA_GENKEY_ALT */
+
+/*
+ * Set context from an mbedtls_ecp_keypair
+ */
+int mbedtls_ecdsa_from_keypair(mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    ECDSA_VALIDATE_RET(ctx != NULL);
+    ECDSA_VALIDATE_RET(key != NULL);
+
+    if ((ret = mbedtls_ecp_group_copy(&ctx->grp, &key->grp)) != 0 ||
+        (ret = mbedtls_mpi_copy(&ctx->d, &key->d)) != 0 ||
+        (ret = mbedtls_ecp_copy(&ctx->Q, &key->Q)) != 0) {
+        mbedtls_ecdsa_free(ctx);
+    }
+
+    return ret;
+}
+
+/*
+ * Initialize context
+ */
+void mbedtls_ecdsa_init(mbedtls_ecdsa_context *ctx)
+{
+    ECDSA_VALIDATE(ctx != NULL);
+
+    mbedtls_ecp_keypair_init(ctx);
+}
+
+/*
+ * Free context
+ */
+void mbedtls_ecdsa_free(mbedtls_ecdsa_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_ecp_keypair_free(ctx);
+}
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+/*
+ * Initialize a restart context
+ */
+void mbedtls_ecdsa_restart_init(mbedtls_ecdsa_restart_ctx *ctx)
+{
+    ECDSA_VALIDATE(ctx != NULL);
+
+    mbedtls_ecp_restart_init(&ctx->ecp);
+
+    ctx->ver = NULL;
+    ctx->sig = NULL;
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+    ctx->det = NULL;
+#endif
+}
+
+/*
+ * Free the components of a restart context
+ */
+void mbedtls_ecdsa_restart_free(mbedtls_ecdsa_restart_ctx *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_ecp_restart_free(&ctx->ecp);
+
+    ecdsa_restart_ver_free(ctx->ver);
+    mbedtls_free(ctx->ver);
+    ctx->ver = NULL;
+
+    ecdsa_restart_sig_free(ctx->sig);
+    mbedtls_free(ctx->sig);
+    ctx->sig = NULL;
+
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+    ecdsa_restart_det_free(ctx->det);
+    mbedtls_free(ctx->det);
+    ctx->det = NULL;
+#endif
+}
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+#endif /* MBEDTLS_ECDSA_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/ecjpake.c b/3rdparty/mbedtls-2.28.7/library/ecjpake.c
new file mode 100644
index 0000000..102c24a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/ecjpake.c
@@ -0,0 +1,1131 @@
+/*
+ *  Elliptic curve J-PAKE
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ * References in the code are to the Thread v1.0 Specification,
+ * available to members of the Thread Group http://threadgroup.org/
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_ECJPAKE_C)
+
+#include "mbedtls/ecjpake.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+#if !defined(MBEDTLS_ECJPAKE_ALT)
+
+/* Parameter validation macros based on platform_util.h */
+#define ECJPAKE_VALIDATE_RET(cond)    \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA)
+#define ECJPAKE_VALIDATE(cond)        \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+/*
+ * Convert a mbedtls_ecjpake_role to identifier string
+ */
+static const char * const ecjpake_id[] = {
+    "client",
+    "server"
+};
+
+#define ID_MINE     (ecjpake_id[ctx->role])
+#define ID_PEER     (ecjpake_id[1 - ctx->role])
+
+/*
+ * Initialize context
+ */
+void mbedtls_ecjpake_init(mbedtls_ecjpake_context *ctx)
+{
+    ECJPAKE_VALIDATE(ctx != NULL);
+
+    ctx->md_info = NULL;
+    mbedtls_ecp_group_init(&ctx->grp);
+    ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED;
+
+    mbedtls_ecp_point_init(&ctx->Xm1);
+    mbedtls_ecp_point_init(&ctx->Xm2);
+    mbedtls_ecp_point_init(&ctx->Xp1);
+    mbedtls_ecp_point_init(&ctx->Xp2);
+    mbedtls_ecp_point_init(&ctx->Xp);
+
+    mbedtls_mpi_init(&ctx->xm1);
+    mbedtls_mpi_init(&ctx->xm2);
+    mbedtls_mpi_init(&ctx->s);
+}
+
+/*
+ * Free context
+ */
+void mbedtls_ecjpake_free(mbedtls_ecjpake_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    ctx->md_info = NULL;
+    mbedtls_ecp_group_free(&ctx->grp);
+
+    mbedtls_ecp_point_free(&ctx->Xm1);
+    mbedtls_ecp_point_free(&ctx->Xm2);
+    mbedtls_ecp_point_free(&ctx->Xp1);
+    mbedtls_ecp_point_free(&ctx->Xp2);
+    mbedtls_ecp_point_free(&ctx->Xp);
+
+    mbedtls_mpi_free(&ctx->xm1);
+    mbedtls_mpi_free(&ctx->xm2);
+    mbedtls_mpi_free(&ctx->s);
+}
+
+/*
+ * Setup context
+ */
+int mbedtls_ecjpake_setup(mbedtls_ecjpake_context *ctx,
+                          mbedtls_ecjpake_role role,
+                          mbedtls_md_type_t hash,
+                          mbedtls_ecp_group_id curve,
+                          const unsigned char *secret,
+                          size_t len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    ECJPAKE_VALIDATE_RET(ctx != NULL);
+    ECJPAKE_VALIDATE_RET(role == MBEDTLS_ECJPAKE_CLIENT ||
+                         role == MBEDTLS_ECJPAKE_SERVER);
+    ECJPAKE_VALIDATE_RET(secret != NULL || len == 0);
+
+    ctx->role = role;
+
+    if ((ctx->md_info = mbedtls_md_info_from_type(hash)) == NULL) {
+        return MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE;
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_ecp_group_load(&ctx->grp, curve));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->s, secret, len));
+
+cleanup:
+    if (ret != 0) {
+        mbedtls_ecjpake_free(ctx);
+    }
+
+    return ret;
+}
+
+/*
+ * Check if context is ready for use
+ */
+int mbedtls_ecjpake_check(const mbedtls_ecjpake_context *ctx)
+{
+    ECJPAKE_VALIDATE_RET(ctx != NULL);
+
+    if (ctx->md_info == NULL ||
+        ctx->grp.id == MBEDTLS_ECP_DP_NONE ||
+        ctx->s.p == NULL) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+    return 0;
+}
+
+/*
+ * Write a point plus its length to a buffer
+ */
+static int ecjpake_write_len_point(unsigned char **p,
+                                   const unsigned char *end,
+                                   const mbedtls_ecp_group *grp,
+                                   const int pf,
+                                   const mbedtls_ecp_point *P)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+
+    /* Need at least 4 for length plus 1 for point */
+    if (end < *p || end - *p < 5) {
+        return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+    }
+
+    ret = mbedtls_ecp_point_write_binary(grp, P, pf,
+                                         &len, *p + 4, end - (*p + 4));
+    if (ret != 0) {
+        return ret;
+    }
+
+    MBEDTLS_PUT_UINT32_BE(len, *p, 0);
+
+    *p += 4 + len;
+
+    return 0;
+}
+
+/*
+ * Size of the temporary buffer for ecjpake_hash:
+ * 3 EC points plus their length, plus ID and its length (4 + 6 bytes)
+ */
+#define ECJPAKE_HASH_BUF_LEN    (3 * (4 + MBEDTLS_ECP_MAX_PT_LEN) + 4 + 6)
+
+/*
+ * Compute hash for ZKP (7.4.2.2.2.1)
+ */
+static int ecjpake_hash(const mbedtls_md_info_t *md_info,
+                        const mbedtls_ecp_group *grp,
+                        const int pf,
+                        const mbedtls_ecp_point *G,
+                        const mbedtls_ecp_point *V,
+                        const mbedtls_ecp_point *X,
+                        const char *id,
+                        mbedtls_mpi *h)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char buf[ECJPAKE_HASH_BUF_LEN];
+    unsigned char *p = buf;
+    const unsigned char *end = buf + sizeof(buf);
+    const size_t id_len = strlen(id);
+    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+
+    /* Write things to temporary buffer */
+    MBEDTLS_MPI_CHK(ecjpake_write_len_point(&p, end, grp, pf, G));
+    MBEDTLS_MPI_CHK(ecjpake_write_len_point(&p, end, grp, pf, V));
+    MBEDTLS_MPI_CHK(ecjpake_write_len_point(&p, end, grp, pf, X));
+
+    if (end - p < 4) {
+        return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+    }
+
+    MBEDTLS_PUT_UINT32_BE(id_len, p, 0);
+    p += 4;
+
+    if (end < p || (size_t) (end - p) < id_len) {
+        return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+    }
+
+    memcpy(p, id, id_len);
+    p += id_len;
+
+    /* Compute hash */
+    MBEDTLS_MPI_CHK(mbedtls_md(md_info, buf, p - buf, hash));
+
+    /* Turn it into an integer mod n */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(h, hash,
+                                            mbedtls_md_get_size(md_info)));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(h, h, &grp->N));
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Parse a ECShnorrZKP (7.4.2.2.2) and verify it (7.4.2.3.3)
+ */
+static int ecjpake_zkp_read(const mbedtls_md_info_t *md_info,
+                            const mbedtls_ecp_group *grp,
+                            const int pf,
+                            const mbedtls_ecp_point *G,
+                            const mbedtls_ecp_point *X,
+                            const char *id,
+                            const unsigned char **p,
+                            const unsigned char *end)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ecp_point V, VV;
+    mbedtls_mpi r, h;
+    size_t r_len;
+
+    mbedtls_ecp_point_init(&V);
+    mbedtls_ecp_point_init(&VV);
+    mbedtls_mpi_init(&r);
+    mbedtls_mpi_init(&h);
+
+    /*
+     * struct {
+     *     ECPoint V;
+     *     opaque r<1..2^8-1>;
+     * } ECSchnorrZKP;
+     */
+    if (end < *p) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_point(grp, &V, p, end - *p));
+
+    if (end < *p || (size_t) (end - *p) < 1) {
+        ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    r_len = *(*p)++;
+
+    if (end < *p || (size_t) (end - *p) < r_len || r_len == 0) {
+        ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&r, *p, r_len));
+    *p += r_len;
+
+    /*
+     * Verification
+     */
+    MBEDTLS_MPI_CHK(ecjpake_hash(md_info, grp, pf, G, &V, X, id, &h));
+    MBEDTLS_MPI_CHK(mbedtls_ecp_muladd((mbedtls_ecp_group *) grp,
+                                       &VV, &h, X, &r, G));
+
+    if (mbedtls_ecp_point_cmp(&VV, &V) != 0) {
+        ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
+        goto cleanup;
+    }
+
+cleanup:
+    mbedtls_ecp_point_free(&V);
+    mbedtls_ecp_point_free(&VV);
+    mbedtls_mpi_free(&r);
+    mbedtls_mpi_free(&h);
+
+    return ret;
+}
+
+/*
+ * Generate ZKP (7.4.2.3.2) and write it as ECSchnorrZKP (7.4.2.2.2)
+ */
+static int ecjpake_zkp_write(const mbedtls_md_info_t *md_info,
+                             const mbedtls_ecp_group *grp,
+                             const int pf,
+                             const mbedtls_ecp_point *G,
+                             const mbedtls_mpi *x,
+                             const mbedtls_ecp_point *X,
+                             const char *id,
+                             unsigned char **p,
+                             const unsigned char *end,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ecp_point V;
+    mbedtls_mpi v;
+    mbedtls_mpi h; /* later recycled to hold r */
+    size_t len;
+
+    if (end < *p) {
+        return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+    }
+
+    mbedtls_ecp_point_init(&V);
+    mbedtls_mpi_init(&v);
+    mbedtls_mpi_init(&h);
+
+    /* Compute signature */
+    MBEDTLS_MPI_CHK(mbedtls_ecp_gen_keypair_base((mbedtls_ecp_group *) grp,
+                                                 G, &v, &V, f_rng, p_rng));
+    MBEDTLS_MPI_CHK(ecjpake_hash(md_info, grp, pf, G, &V, X, id, &h));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&h, &h, x));     /* x*h */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&h, &v, &h));     /* v - x*h */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&h, &h, &grp->N));     /* r */
+
+    /* Write it out */
+    MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_point(grp, &V,
+                                                pf, &len, *p, end - *p));
+    *p += len;
+
+    len = mbedtls_mpi_size(&h);   /* actually r */
+    if (end < *p || (size_t) (end - *p) < 1 + len || len > 255) {
+        ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+        goto cleanup;
+    }
+
+    *(*p)++ = MBEDTLS_BYTE_0(len);
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&h, *p, len));     /* r */
+    *p += len;
+
+cleanup:
+    mbedtls_ecp_point_free(&V);
+    mbedtls_mpi_free(&v);
+    mbedtls_mpi_free(&h);
+
+    return ret;
+}
+
+/*
+ * Parse a ECJPAKEKeyKP (7.4.2.2.1) and check proof
+ * Output: verified public key X
+ */
+static int ecjpake_kkp_read(const mbedtls_md_info_t *md_info,
+                            const mbedtls_ecp_group *grp,
+                            const int pf,
+                            const mbedtls_ecp_point *G,
+                            mbedtls_ecp_point *X,
+                            const char *id,
+                            const unsigned char **p,
+                            const unsigned char *end)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if (end < *p) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+    /*
+     * struct {
+     *     ECPoint X;
+     *     ECSchnorrZKP zkp;
+     * } ECJPAKEKeyKP;
+     */
+    MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_point(grp, X, p, end - *p));
+    if (mbedtls_ecp_is_zero(X)) {
+        ret = MBEDTLS_ERR_ECP_INVALID_KEY;
+        goto cleanup;
+    }
+
+    MBEDTLS_MPI_CHK(ecjpake_zkp_read(md_info, grp, pf, G, X, id, p, end));
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Generate an ECJPAKEKeyKP
+ * Output: the serialized structure, plus private/public key pair
+ */
+static int ecjpake_kkp_write(const mbedtls_md_info_t *md_info,
+                             const mbedtls_ecp_group *grp,
+                             const int pf,
+                             const mbedtls_ecp_point *G,
+                             mbedtls_mpi *x,
+                             mbedtls_ecp_point *X,
+                             const char *id,
+                             unsigned char **p,
+                             const unsigned char *end,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+
+    if (end < *p) {
+        return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+    }
+
+    /* Generate key (7.4.2.3.1) and write it out */
+    MBEDTLS_MPI_CHK(mbedtls_ecp_gen_keypair_base((mbedtls_ecp_group *) grp, G, x, X,
+                                                 f_rng, p_rng));
+    MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_point(grp, X,
+                                                pf, &len, *p, end - *p));
+    *p += len;
+
+    /* Generate and write proof */
+    MBEDTLS_MPI_CHK(ecjpake_zkp_write(md_info, grp, pf, G, x, X, id,
+                                      p, end, f_rng, p_rng));
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Read a ECJPAKEKeyKPPairList (7.4.2.3) and check proofs
+ * Outputs: verified peer public keys Xa, Xb
+ */
+static int ecjpake_kkpp_read(const mbedtls_md_info_t *md_info,
+                             const mbedtls_ecp_group *grp,
+                             const int pf,
+                             const mbedtls_ecp_point *G,
+                             mbedtls_ecp_point *Xa,
+                             mbedtls_ecp_point *Xb,
+                             const char *id,
+                             const unsigned char *buf,
+                             size_t len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const unsigned char *p = buf;
+    const unsigned char *end = buf + len;
+
+    /*
+     * struct {
+     *     ECJPAKEKeyKP ecjpake_key_kp_pair_list[2];
+     * } ECJPAKEKeyKPPairList;
+     */
+    MBEDTLS_MPI_CHK(ecjpake_kkp_read(md_info, grp, pf, G, Xa, id, &p, end));
+    MBEDTLS_MPI_CHK(ecjpake_kkp_read(md_info, grp, pf, G, Xb, id, &p, end));
+
+    if (p != end) {
+        ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Generate a ECJPAKEKeyKPPairList
+ * Outputs: the serialized structure, plus two private/public key pairs
+ */
+static int ecjpake_kkpp_write(const mbedtls_md_info_t *md_info,
+                              const mbedtls_ecp_group *grp,
+                              const int pf,
+                              const mbedtls_ecp_point *G,
+                              mbedtls_mpi *xm1,
+                              mbedtls_ecp_point *Xa,
+                              mbedtls_mpi *xm2,
+                              mbedtls_ecp_point *Xb,
+                              const char *id,
+                              unsigned char *buf,
+                              size_t len,
+                              size_t *olen,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *p = buf;
+    const unsigned char *end = buf + len;
+
+    MBEDTLS_MPI_CHK(ecjpake_kkp_write(md_info, grp, pf, G, xm1, Xa, id,
+                                      &p, end, f_rng, p_rng));
+    MBEDTLS_MPI_CHK(ecjpake_kkp_write(md_info, grp, pf, G, xm2, Xb, id,
+                                      &p, end, f_rng, p_rng));
+
+    *olen = p - buf;
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Read and process the first round message
+ */
+int mbedtls_ecjpake_read_round_one(mbedtls_ecjpake_context *ctx,
+                                   const unsigned char *buf,
+                                   size_t len)
+{
+    ECJPAKE_VALIDATE_RET(ctx != NULL);
+    ECJPAKE_VALIDATE_RET(buf != NULL);
+
+    return ecjpake_kkpp_read(ctx->md_info, &ctx->grp, ctx->point_format,
+                             &ctx->grp.G,
+                             &ctx->Xp1, &ctx->Xp2, ID_PEER,
+                             buf, len);
+}
+
+/*
+ * Generate and write the first round message
+ */
+int mbedtls_ecjpake_write_round_one(mbedtls_ecjpake_context *ctx,
+                                    unsigned char *buf, size_t len, size_t *olen,
+                                    int (*f_rng)(void *, unsigned char *, size_t),
+                                    void *p_rng)
+{
+    ECJPAKE_VALIDATE_RET(ctx   != NULL);
+    ECJPAKE_VALIDATE_RET(buf   != NULL);
+    ECJPAKE_VALIDATE_RET(olen  != NULL);
+    ECJPAKE_VALIDATE_RET(f_rng != NULL);
+
+    return ecjpake_kkpp_write(ctx->md_info, &ctx->grp, ctx->point_format,
+                              &ctx->grp.G,
+                              &ctx->xm1, &ctx->Xm1, &ctx->xm2, &ctx->Xm2,
+                              ID_MINE, buf, len, olen, f_rng, p_rng);
+}
+
+/*
+ * Compute the sum of three points R = A + B + C
+ */
+static int ecjpake_ecp_add3(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                            const mbedtls_ecp_point *A,
+                            const mbedtls_ecp_point *B,
+                            const mbedtls_ecp_point *C)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_mpi one;
+
+    mbedtls_mpi_init(&one);
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&one, 1));
+    MBEDTLS_MPI_CHK(mbedtls_ecp_muladd(grp, R, &one, A, &one, B));
+    MBEDTLS_MPI_CHK(mbedtls_ecp_muladd(grp, R, &one, R, &one, C));
+
+cleanup:
+    mbedtls_mpi_free(&one);
+
+    return ret;
+}
+
+/*
+ * Read and process second round message (C: 7.4.2.5, S: 7.4.2.6)
+ */
+int mbedtls_ecjpake_read_round_two(mbedtls_ecjpake_context *ctx,
+                                   const unsigned char *buf,
+                                   size_t len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const unsigned char *p = buf;
+    const unsigned char *end = buf + len;
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point G;    /* C: GB, S: GA */
+
+    ECJPAKE_VALIDATE_RET(ctx != NULL);
+    ECJPAKE_VALIDATE_RET(buf != NULL);
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecp_point_init(&G);
+
+    /*
+     * Server: GA = X3  + X4  + X1      (7.4.2.6.1)
+     * Client: GB = X1  + X2  + X3      (7.4.2.5.1)
+     * Unified: G = Xm1 + Xm2 + Xp1
+     * We need that before parsing in order to check Xp as we read it
+     */
+    MBEDTLS_MPI_CHK(ecjpake_ecp_add3(&ctx->grp, &G,
+                                     &ctx->Xm1, &ctx->Xm2, &ctx->Xp1));
+
+    /*
+     * struct {
+     *     ECParameters curve_params;   // only client reading server msg
+     *     ECJPAKEKeyKP ecjpake_key_kp;
+     * } Client/ServerECJPAKEParams;
+     */
+    if (ctx->role == MBEDTLS_ECJPAKE_CLIENT) {
+        MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_group(&grp, &p, len));
+        if (grp.id != ctx->grp.id) {
+            ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+            goto cleanup;
+        }
+    }
+
+    MBEDTLS_MPI_CHK(ecjpake_kkp_read(ctx->md_info, &ctx->grp,
+                                     ctx->point_format,
+                                     &G, &ctx->Xp, ID_PEER, &p, end));
+
+    if (p != end) {
+        ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+cleanup:
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_ecp_point_free(&G);
+
+    return ret;
+}
+
+/*
+ * Compute R = +/- X * S mod N, taking care not to leak S
+ */
+static int ecjpake_mul_secret(mbedtls_mpi *R, int sign,
+                              const mbedtls_mpi *X,
+                              const mbedtls_mpi *S,
+                              const mbedtls_mpi *N,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_mpi b; /* Blinding value, then s + N * blinding */
+
+    mbedtls_mpi_init(&b);
+
+    /* b = s + rnd-128-bit * N */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&b, 16, f_rng, p_rng));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&b, &b, N));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&b, &b, S));
+
+    /* R = sign * X * b mod N */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(R, X, &b));
+    R->s *= sign;
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(R, R, N));
+
+cleanup:
+    mbedtls_mpi_free(&b);
+
+    return ret;
+}
+
+/*
+ * Generate and write the second round message (S: 7.4.2.5, C: 7.4.2.6)
+ */
+int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx,
+                                    unsigned char *buf, size_t len, size_t *olen,
+                                    int (*f_rng)(void *, unsigned char *, size_t),
+                                    void *p_rng)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ecp_point G;    /* C: GA, S: GB */
+    mbedtls_ecp_point Xm;   /* C: Xc, S: Xs */
+    mbedtls_mpi xm;         /* C: xc, S: xs */
+    unsigned char *p = buf;
+    const unsigned char *end = buf + len;
+    size_t ec_len;
+
+    ECJPAKE_VALIDATE_RET(ctx   != NULL);
+    ECJPAKE_VALIDATE_RET(buf   != NULL);
+    ECJPAKE_VALIDATE_RET(olen  != NULL);
+    ECJPAKE_VALIDATE_RET(f_rng != NULL);
+
+    mbedtls_ecp_point_init(&G);
+    mbedtls_ecp_point_init(&Xm);
+    mbedtls_mpi_init(&xm);
+
+    /*
+     * First generate private/public key pair (S: 7.4.2.5.1, C: 7.4.2.6.1)
+     *
+     * Client:  GA = X1  + X3  + X4  | xs = x2  * s | Xc = xc * GA
+     * Server:  GB = X3  + X1  + X2  | xs = x4  * s | Xs = xs * GB
+     * Unified: G  = Xm1 + Xp1 + Xp2 | xm = xm2 * s | Xm = xm * G
+     */
+    MBEDTLS_MPI_CHK(ecjpake_ecp_add3(&ctx->grp, &G,
+                                     &ctx->Xp1, &ctx->Xp2, &ctx->Xm1));
+    MBEDTLS_MPI_CHK(ecjpake_mul_secret(&xm, 1, &ctx->xm2, &ctx->s,
+                                       &ctx->grp.N, f_rng, p_rng));
+    MBEDTLS_MPI_CHK(mbedtls_ecp_mul(&ctx->grp, &Xm, &xm, &G, f_rng, p_rng));
+
+    /*
+     * Now write things out
+     *
+     * struct {
+     *     ECParameters curve_params;   // only server writing its message
+     *     ECJPAKEKeyKP ecjpake_key_kp;
+     * } Client/ServerECJPAKEParams;
+     */
+    if (ctx->role == MBEDTLS_ECJPAKE_SERVER) {
+        if (end < p) {
+            ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+            goto cleanup;
+        }
+        MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_group(&ctx->grp, &ec_len,
+                                                    p, end - p));
+        p += ec_len;
+    }
+
+    if (end < p) {
+        ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+        goto cleanup;
+    }
+    MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_point(&ctx->grp, &Xm,
+                                                ctx->point_format, &ec_len, p, end - p));
+    p += ec_len;
+
+    MBEDTLS_MPI_CHK(ecjpake_zkp_write(ctx->md_info, &ctx->grp,
+                                      ctx->point_format,
+                                      &G, &xm, &Xm, ID_MINE,
+                                      &p, end, f_rng, p_rng));
+
+    *olen = p - buf;
+
+cleanup:
+    mbedtls_ecp_point_free(&G);
+    mbedtls_ecp_point_free(&Xm);
+    mbedtls_mpi_free(&xm);
+
+    return ret;
+}
+
+/*
+ * Derive PMS (7.4.2.7 / 7.4.2.8)
+ */
+int mbedtls_ecjpake_derive_secret(mbedtls_ecjpake_context *ctx,
+                                  unsigned char *buf, size_t len, size_t *olen,
+                                  int (*f_rng)(void *, unsigned char *, size_t),
+                                  void *p_rng)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ecp_point K;
+    mbedtls_mpi m_xm2_s, one;
+    unsigned char kx[MBEDTLS_ECP_MAX_BYTES];
+    size_t x_bytes;
+
+    ECJPAKE_VALIDATE_RET(ctx   != NULL);
+    ECJPAKE_VALIDATE_RET(buf   != NULL);
+    ECJPAKE_VALIDATE_RET(olen  != NULL);
+    ECJPAKE_VALIDATE_RET(f_rng != NULL);
+
+    *olen = mbedtls_md_get_size(ctx->md_info);
+    if (len < *olen) {
+        return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+    }
+
+    mbedtls_ecp_point_init(&K);
+    mbedtls_mpi_init(&m_xm2_s);
+    mbedtls_mpi_init(&one);
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&one, 1));
+
+    /*
+     * Client:  K = ( Xs - X4  * x2  * s ) * x2
+     * Server:  K = ( Xc - X2  * x4  * s ) * x4
+     * Unified: K = ( Xp - Xp2 * xm2 * s ) * xm2
+     */
+    MBEDTLS_MPI_CHK(ecjpake_mul_secret(&m_xm2_s, -1, &ctx->xm2, &ctx->s,
+                                       &ctx->grp.N, f_rng, p_rng));
+    MBEDTLS_MPI_CHK(mbedtls_ecp_muladd(&ctx->grp, &K,
+                                       &one, &ctx->Xp,
+                                       &m_xm2_s, &ctx->Xp2));
+    MBEDTLS_MPI_CHK(mbedtls_ecp_mul(&ctx->grp, &K, &ctx->xm2, &K,
+                                    f_rng, p_rng));
+
+    /* PMS = SHA-256( K.X ) */
+    x_bytes = (ctx->grp.pbits + 7) / 8;
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&K.X, kx, x_bytes));
+    MBEDTLS_MPI_CHK(mbedtls_md(ctx->md_info, kx, x_bytes, buf));
+
+cleanup:
+    mbedtls_ecp_point_free(&K);
+    mbedtls_mpi_free(&m_xm2_s);
+    mbedtls_mpi_free(&one);
+
+    return ret;
+}
+
+#undef ID_MINE
+#undef ID_PEER
+
+#endif /* ! MBEDTLS_ECJPAKE_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
+    !defined(MBEDTLS_SHA256_C)
+int mbedtls_ecjpake_self_test(int verbose)
+{
+    (void) verbose;
+    return 0;
+}
+#else
+
+static const unsigned char ecjpake_test_password[] = {
+    0x74, 0x68, 0x72, 0x65, 0x61, 0x64, 0x6a, 0x70, 0x61, 0x6b, 0x65, 0x74,
+    0x65, 0x73, 0x74
+};
+
+#if !defined(MBEDTLS_ECJPAKE_ALT)
+
+static const unsigned char ecjpake_test_x1[] = {
+    0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
+    0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+    0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x21
+};
+
+static const unsigned char ecjpake_test_x2[] = {
+    0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c,
+    0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78,
+    0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x81
+};
+
+static const unsigned char ecjpake_test_x3[] = {
+    0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c,
+    0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78,
+    0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x81
+};
+
+static const unsigned char ecjpake_test_x4[] = {
+    0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc,
+    0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8,
+    0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, 0xe1
+};
+
+static const unsigned char ecjpake_test_cli_one[] = {
+    0x41, 0x04, 0xac, 0xcf, 0x01, 0x06, 0xef, 0x85, 0x8f, 0xa2, 0xd9, 0x19,
+    0x33, 0x13, 0x46, 0x80, 0x5a, 0x78, 0xb5, 0x8b, 0xba, 0xd0, 0xb8, 0x44,
+    0xe5, 0xc7, 0x89, 0x28, 0x79, 0x14, 0x61, 0x87, 0xdd, 0x26, 0x66, 0xad,
+    0xa7, 0x81, 0xbb, 0x7f, 0x11, 0x13, 0x72, 0x25, 0x1a, 0x89, 0x10, 0x62,
+    0x1f, 0x63, 0x4d, 0xf1, 0x28, 0xac, 0x48, 0xe3, 0x81, 0xfd, 0x6e, 0xf9,
+    0x06, 0x07, 0x31, 0xf6, 0x94, 0xa4, 0x41, 0x04, 0x1d, 0xd0, 0xbd, 0x5d,
+    0x45, 0x66, 0xc9, 0xbe, 0xd9, 0xce, 0x7d, 0xe7, 0x01, 0xb5, 0xe8, 0x2e,
+    0x08, 0xe8, 0x4b, 0x73, 0x04, 0x66, 0x01, 0x8a, 0xb9, 0x03, 0xc7, 0x9e,
+    0xb9, 0x82, 0x17, 0x22, 0x36, 0xc0, 0xc1, 0x72, 0x8a, 0xe4, 0xbf, 0x73,
+    0x61, 0x0d, 0x34, 0xde, 0x44, 0x24, 0x6e, 0xf3, 0xd9, 0xc0, 0x5a, 0x22,
+    0x36, 0xfb, 0x66, 0xa6, 0x58, 0x3d, 0x74, 0x49, 0x30, 0x8b, 0xab, 0xce,
+    0x20, 0x72, 0xfe, 0x16, 0x66, 0x29, 0x92, 0xe9, 0x23, 0x5c, 0x25, 0x00,
+    0x2f, 0x11, 0xb1, 0x50, 0x87, 0xb8, 0x27, 0x38, 0xe0, 0x3c, 0x94, 0x5b,
+    0xf7, 0xa2, 0x99, 0x5d, 0xda, 0x1e, 0x98, 0x34, 0x58, 0x41, 0x04, 0x7e,
+    0xa6, 0xe3, 0xa4, 0x48, 0x70, 0x37, 0xa9, 0xe0, 0xdb, 0xd7, 0x92, 0x62,
+    0xb2, 0xcc, 0x27, 0x3e, 0x77, 0x99, 0x30, 0xfc, 0x18, 0x40, 0x9a, 0xc5,
+    0x36, 0x1c, 0x5f, 0xe6, 0x69, 0xd7, 0x02, 0xe1, 0x47, 0x79, 0x0a, 0xeb,
+    0x4c, 0xe7, 0xfd, 0x65, 0x75, 0xab, 0x0f, 0x6c, 0x7f, 0xd1, 0xc3, 0x35,
+    0x93, 0x9a, 0xa8, 0x63, 0xba, 0x37, 0xec, 0x91, 0xb7, 0xe3, 0x2b, 0xb0,
+    0x13, 0xbb, 0x2b, 0x41, 0x04, 0xa4, 0x95, 0x58, 0xd3, 0x2e, 0xd1, 0xeb,
+    0xfc, 0x18, 0x16, 0xaf, 0x4f, 0xf0, 0x9b, 0x55, 0xfc, 0xb4, 0xca, 0x47,
+    0xb2, 0xa0, 0x2d, 0x1e, 0x7c, 0xaf, 0x11, 0x79, 0xea, 0x3f, 0xe1, 0x39,
+    0x5b, 0x22, 0xb8, 0x61, 0x96, 0x40, 0x16, 0xfa, 0xba, 0xf7, 0x2c, 0x97,
+    0x56, 0x95, 0xd9, 0x3d, 0x4d, 0xf0, 0xe5, 0x19, 0x7f, 0xe9, 0xf0, 0x40,
+    0x63, 0x4e, 0xd5, 0x97, 0x64, 0x93, 0x77, 0x87, 0xbe, 0x20, 0xbc, 0x4d,
+    0xee, 0xbb, 0xf9, 0xb8, 0xd6, 0x0a, 0x33, 0x5f, 0x04, 0x6c, 0xa3, 0xaa,
+    0x94, 0x1e, 0x45, 0x86, 0x4c, 0x7c, 0xad, 0xef, 0x9c, 0xf7, 0x5b, 0x3d,
+    0x8b, 0x01, 0x0e, 0x44, 0x3e, 0xf0
+};
+
+static const unsigned char ecjpake_test_srv_one[] = {
+    0x41, 0x04, 0x7e, 0xa6, 0xe3, 0xa4, 0x48, 0x70, 0x37, 0xa9, 0xe0, 0xdb,
+    0xd7, 0x92, 0x62, 0xb2, 0xcc, 0x27, 0x3e, 0x77, 0x99, 0x30, 0xfc, 0x18,
+    0x40, 0x9a, 0xc5, 0x36, 0x1c, 0x5f, 0xe6, 0x69, 0xd7, 0x02, 0xe1, 0x47,
+    0x79, 0x0a, 0xeb, 0x4c, 0xe7, 0xfd, 0x65, 0x75, 0xab, 0x0f, 0x6c, 0x7f,
+    0xd1, 0xc3, 0x35, 0x93, 0x9a, 0xa8, 0x63, 0xba, 0x37, 0xec, 0x91, 0xb7,
+    0xe3, 0x2b, 0xb0, 0x13, 0xbb, 0x2b, 0x41, 0x04, 0x09, 0xf8, 0x5b, 0x3d,
+    0x20, 0xeb, 0xd7, 0x88, 0x5c, 0xe4, 0x64, 0xc0, 0x8d, 0x05, 0x6d, 0x64,
+    0x28, 0xfe, 0x4d, 0xd9, 0x28, 0x7a, 0xa3, 0x65, 0xf1, 0x31, 0xf4, 0x36,
+    0x0f, 0xf3, 0x86, 0xd8, 0x46, 0x89, 0x8b, 0xc4, 0xb4, 0x15, 0x83, 0xc2,
+    0xa5, 0x19, 0x7f, 0x65, 0xd7, 0x87, 0x42, 0x74, 0x6c, 0x12, 0xa5, 0xec,
+    0x0a, 0x4f, 0xfe, 0x2f, 0x27, 0x0a, 0x75, 0x0a, 0x1d, 0x8f, 0xb5, 0x16,
+    0x20, 0x93, 0x4d, 0x74, 0xeb, 0x43, 0xe5, 0x4d, 0xf4, 0x24, 0xfd, 0x96,
+    0x30, 0x6c, 0x01, 0x17, 0xbf, 0x13, 0x1a, 0xfa, 0xbf, 0x90, 0xa9, 0xd3,
+    0x3d, 0x11, 0x98, 0xd9, 0x05, 0x19, 0x37, 0x35, 0x14, 0x41, 0x04, 0x19,
+    0x0a, 0x07, 0x70, 0x0f, 0xfa, 0x4b, 0xe6, 0xae, 0x1d, 0x79, 0xee, 0x0f,
+    0x06, 0xae, 0xb5, 0x44, 0xcd, 0x5a, 0xdd, 0xaa, 0xbe, 0xdf, 0x70, 0xf8,
+    0x62, 0x33, 0x21, 0x33, 0x2c, 0x54, 0xf3, 0x55, 0xf0, 0xfb, 0xfe, 0xc7,
+    0x83, 0xed, 0x35, 0x9e, 0x5d, 0x0b, 0xf7, 0x37, 0x7a, 0x0f, 0xc4, 0xea,
+    0x7a, 0xce, 0x47, 0x3c, 0x9c, 0x11, 0x2b, 0x41, 0xcc, 0xd4, 0x1a, 0xc5,
+    0x6a, 0x56, 0x12, 0x41, 0x04, 0x36, 0x0a, 0x1c, 0xea, 0x33, 0xfc, 0xe6,
+    0x41, 0x15, 0x64, 0x58, 0xe0, 0xa4, 0xea, 0xc2, 0x19, 0xe9, 0x68, 0x31,
+    0xe6, 0xae, 0xbc, 0x88, 0xb3, 0xf3, 0x75, 0x2f, 0x93, 0xa0, 0x28, 0x1d,
+    0x1b, 0xf1, 0xfb, 0x10, 0x60, 0x51, 0xdb, 0x96, 0x94, 0xa8, 0xd6, 0xe8,
+    0x62, 0xa5, 0xef, 0x13, 0x24, 0xa3, 0xd9, 0xe2, 0x78, 0x94, 0xf1, 0xee,
+    0x4f, 0x7c, 0x59, 0x19, 0x99, 0x65, 0xa8, 0xdd, 0x4a, 0x20, 0x91, 0x84,
+    0x7d, 0x2d, 0x22, 0xdf, 0x3e, 0xe5, 0x5f, 0xaa, 0x2a, 0x3f, 0xb3, 0x3f,
+    0xd2, 0xd1, 0xe0, 0x55, 0xa0, 0x7a, 0x7c, 0x61, 0xec, 0xfb, 0x8d, 0x80,
+    0xec, 0x00, 0xc2, 0xc9, 0xeb, 0x12
+};
+
+static const unsigned char ecjpake_test_srv_two[] = {
+    0x03, 0x00, 0x17, 0x41, 0x04, 0x0f, 0xb2, 0x2b, 0x1d, 0x5d, 0x11, 0x23,
+    0xe0, 0xef, 0x9f, 0xeb, 0x9d, 0x8a, 0x2e, 0x59, 0x0a, 0x1f, 0x4d, 0x7c,
+    0xed, 0x2c, 0x2b, 0x06, 0x58, 0x6e, 0x8f, 0x2a, 0x16, 0xd4, 0xeb, 0x2f,
+    0xda, 0x43, 0x28, 0xa2, 0x0b, 0x07, 0xd8, 0xfd, 0x66, 0x76, 0x54, 0xca,
+    0x18, 0xc5, 0x4e, 0x32, 0xa3, 0x33, 0xa0, 0x84, 0x54, 0x51, 0xe9, 0x26,
+    0xee, 0x88, 0x04, 0xfd, 0x7a, 0xf0, 0xaa, 0xa7, 0xa6, 0x41, 0x04, 0x55,
+    0x16, 0xea, 0x3e, 0x54, 0xa0, 0xd5, 0xd8, 0xb2, 0xce, 0x78, 0x6b, 0x38,
+    0xd3, 0x83, 0x37, 0x00, 0x29, 0xa5, 0xdb, 0xe4, 0x45, 0x9c, 0x9d, 0xd6,
+    0x01, 0xb4, 0x08, 0xa2, 0x4a, 0xe6, 0x46, 0x5c, 0x8a, 0xc9, 0x05, 0xb9,
+    0xeb, 0x03, 0xb5, 0xd3, 0x69, 0x1c, 0x13, 0x9e, 0xf8, 0x3f, 0x1c, 0xd4,
+    0x20, 0x0f, 0x6c, 0x9c, 0xd4, 0xec, 0x39, 0x22, 0x18, 0xa5, 0x9e, 0xd2,
+    0x43, 0xd3, 0xc8, 0x20, 0xff, 0x72, 0x4a, 0x9a, 0x70, 0xb8, 0x8c, 0xb8,
+    0x6f, 0x20, 0xb4, 0x34, 0xc6, 0x86, 0x5a, 0xa1, 0xcd, 0x79, 0x06, 0xdd,
+    0x7c, 0x9b, 0xce, 0x35, 0x25, 0xf5, 0x08, 0x27, 0x6f, 0x26, 0x83, 0x6c
+};
+
+static const unsigned char ecjpake_test_cli_two[] = {
+    0x41, 0x04, 0x69, 0xd5, 0x4e, 0xe8, 0x5e, 0x90, 0xce, 0x3f, 0x12, 0x46,
+    0x74, 0x2d, 0xe5, 0x07, 0xe9, 0x39, 0xe8, 0x1d, 0x1d, 0xc1, 0xc5, 0xcb,
+    0x98, 0x8b, 0x58, 0xc3, 0x10, 0xc9, 0xfd, 0xd9, 0x52, 0x4d, 0x93, 0x72,
+    0x0b, 0x45, 0x54, 0x1c, 0x83, 0xee, 0x88, 0x41, 0x19, 0x1d, 0xa7, 0xce,
+    0xd8, 0x6e, 0x33, 0x12, 0xd4, 0x36, 0x23, 0xc1, 0xd6, 0x3e, 0x74, 0x98,
+    0x9a, 0xba, 0x4a, 0xff, 0xd1, 0xee, 0x41, 0x04, 0x07, 0x7e, 0x8c, 0x31,
+    0xe2, 0x0e, 0x6b, 0xed, 0xb7, 0x60, 0xc1, 0x35, 0x93, 0xe6, 0x9f, 0x15,
+    0xbe, 0x85, 0xc2, 0x7d, 0x68, 0xcd, 0x09, 0xcc, 0xb8, 0xc4, 0x18, 0x36,
+    0x08, 0x91, 0x7c, 0x5c, 0x3d, 0x40, 0x9f, 0xac, 0x39, 0xfe, 0xfe, 0xe8,
+    0x2f, 0x72, 0x92, 0xd3, 0x6f, 0x0d, 0x23, 0xe0, 0x55, 0x91, 0x3f, 0x45,
+    0xa5, 0x2b, 0x85, 0xdd, 0x8a, 0x20, 0x52, 0xe9, 0xe1, 0x29, 0xbb, 0x4d,
+    0x20, 0x0f, 0x01, 0x1f, 0x19, 0x48, 0x35, 0x35, 0xa6, 0xe8, 0x9a, 0x58,
+    0x0c, 0x9b, 0x00, 0x03, 0xba, 0xf2, 0x14, 0x62, 0xec, 0xe9, 0x1a, 0x82,
+    0xcc, 0x38, 0xdb, 0xdc, 0xae, 0x60, 0xd9, 0xc5, 0x4c
+};
+
+static const unsigned char ecjpake_test_pms[] = {
+    0xf3, 0xd4, 0x7f, 0x59, 0x98, 0x44, 0xdb, 0x92, 0xa5, 0x69, 0xbb, 0xe7,
+    0x98, 0x1e, 0x39, 0xd9, 0x31, 0xfd, 0x74, 0x3b, 0xf2, 0x2e, 0x98, 0xf9,
+    0xb4, 0x38, 0xf7, 0x19, 0xd3, 0xc4, 0xf3, 0x51
+};
+
+/* Load my private keys and generate the corresponding public keys */
+static int ecjpake_test_load(mbedtls_ecjpake_context *ctx,
+                             const unsigned char *xm1, size_t len1,
+                             const unsigned char *xm2, size_t len2)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->xm1, xm1, len1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->xm2, xm2, len2));
+    MBEDTLS_MPI_CHK(mbedtls_ecp_mul(&ctx->grp, &ctx->Xm1, &ctx->xm1,
+                                    &ctx->grp.G, NULL, NULL));
+    MBEDTLS_MPI_CHK(mbedtls_ecp_mul(&ctx->grp, &ctx->Xm2, &ctx->xm2,
+                                    &ctx->grp.G, NULL, NULL));
+
+cleanup:
+    return ret;
+}
+
+#endif /* ! MBEDTLS_ECJPAKE_ALT */
+
+/* For tests we don't need a secure RNG;
+ * use the LGC from Numerical Recipes for simplicity */
+static int ecjpake_lgc(void *p, unsigned char *out, size_t len)
+{
+    static uint32_t x = 42;
+    (void) p;
+
+    while (len > 0) {
+        size_t use_len = len > 4 ? 4 : len;
+        x = 1664525 * x + 1013904223;
+        memcpy(out, &x, use_len);
+        out += use_len;
+        len -= use_len;
+    }
+
+    return 0;
+}
+
+#define TEST_ASSERT(x)    \
+    do {                    \
+        if (x)             \
+        ret = 0;        \
+        else                \
+        {                   \
+            ret = 1;        \
+            goto cleanup;   \
+        }                   \
+    } while (0)
+
+/*
+ * Checkup routine
+ */
+int mbedtls_ecjpake_self_test(int verbose)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ecjpake_context cli;
+    mbedtls_ecjpake_context srv;
+    unsigned char buf[512], pms[32];
+    size_t len, pmslen;
+
+    mbedtls_ecjpake_init(&cli);
+    mbedtls_ecjpake_init(&srv);
+
+    if (verbose != 0) {
+        mbedtls_printf("  ECJPAKE test #0 (setup): ");
+    }
+
+    TEST_ASSERT(mbedtls_ecjpake_setup(&cli, MBEDTLS_ECJPAKE_CLIENT,
+                                      MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1,
+                                      ecjpake_test_password,
+                                      sizeof(ecjpake_test_password)) == 0);
+
+    TEST_ASSERT(mbedtls_ecjpake_setup(&srv, MBEDTLS_ECJPAKE_SERVER,
+                                      MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1,
+                                      ecjpake_test_password,
+                                      sizeof(ecjpake_test_password)) == 0);
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n");
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("  ECJPAKE test #1 (random handshake): ");
+    }
+
+    TEST_ASSERT(mbedtls_ecjpake_write_round_one(&cli,
+                                                buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0);
+
+    TEST_ASSERT(mbedtls_ecjpake_read_round_one(&srv, buf, len) == 0);
+
+    TEST_ASSERT(mbedtls_ecjpake_write_round_one(&srv,
+                                                buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0);
+
+    TEST_ASSERT(mbedtls_ecjpake_read_round_one(&cli, buf, len) == 0);
+
+    TEST_ASSERT(mbedtls_ecjpake_write_round_two(&srv,
+                                                buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0);
+
+    TEST_ASSERT(mbedtls_ecjpake_read_round_two(&cli, buf, len) == 0);
+
+    TEST_ASSERT(mbedtls_ecjpake_derive_secret(&cli,
+                                              pms, sizeof(pms), &pmslen, ecjpake_lgc, NULL) == 0);
+
+    TEST_ASSERT(mbedtls_ecjpake_write_round_two(&cli,
+                                                buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0);
+
+    TEST_ASSERT(mbedtls_ecjpake_read_round_two(&srv, buf, len) == 0);
+
+    TEST_ASSERT(mbedtls_ecjpake_derive_secret(&srv,
+                                              buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0);
+
+    TEST_ASSERT(len == pmslen);
+    TEST_ASSERT(memcmp(buf, pms, len) == 0);
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n");
+    }
+
+#if !defined(MBEDTLS_ECJPAKE_ALT)
+    /* 'reference handshake' tests can only be run against implementations
+     * for which we have 100% control over how the random ephemeral keys
+     * are generated. This is only the case for the internal Mbed TLS
+     * implementation, so these tests are skipped in case the internal
+     * implementation is swapped out for an alternative one. */
+    if (verbose != 0) {
+        mbedtls_printf("  ECJPAKE test #2 (reference handshake): ");
+    }
+
+    /* Simulate generation of round one */
+    MBEDTLS_MPI_CHK(ecjpake_test_load(&cli,
+                                      ecjpake_test_x1, sizeof(ecjpake_test_x1),
+                                      ecjpake_test_x2, sizeof(ecjpake_test_x2)));
+
+    MBEDTLS_MPI_CHK(ecjpake_test_load(&srv,
+                                      ecjpake_test_x3, sizeof(ecjpake_test_x3),
+                                      ecjpake_test_x4, sizeof(ecjpake_test_x4)));
+
+    /* Read round one */
+    TEST_ASSERT(mbedtls_ecjpake_read_round_one(&srv,
+                                               ecjpake_test_cli_one,
+                                               sizeof(ecjpake_test_cli_one)) == 0);
+
+    TEST_ASSERT(mbedtls_ecjpake_read_round_one(&cli,
+                                               ecjpake_test_srv_one,
+                                               sizeof(ecjpake_test_srv_one)) == 0);
+
+    /* Skip generation of round two, read round two */
+    TEST_ASSERT(mbedtls_ecjpake_read_round_two(&cli,
+                                               ecjpake_test_srv_two,
+                                               sizeof(ecjpake_test_srv_two)) == 0);
+
+    TEST_ASSERT(mbedtls_ecjpake_read_round_two(&srv,
+                                               ecjpake_test_cli_two,
+                                               sizeof(ecjpake_test_cli_two)) == 0);
+
+    /* Server derives PMS */
+    TEST_ASSERT(mbedtls_ecjpake_derive_secret(&srv,
+                                              buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0);
+
+    TEST_ASSERT(len == sizeof(ecjpake_test_pms));
+    TEST_ASSERT(memcmp(buf, ecjpake_test_pms, len) == 0);
+
+    memset(buf, 0, len);   /* Avoid interferences with next step */
+
+    /* Client derives PMS */
+    TEST_ASSERT(mbedtls_ecjpake_derive_secret(&cli,
+                                              buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0);
+
+    TEST_ASSERT(len == sizeof(ecjpake_test_pms));
+    TEST_ASSERT(memcmp(buf, ecjpake_test_pms, len) == 0);
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n");
+    }
+#endif /* ! MBEDTLS_ECJPAKE_ALT */
+
+cleanup:
+    mbedtls_ecjpake_free(&cli);
+    mbedtls_ecjpake_free(&srv);
+
+    if (ret != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
+
+        ret = 1;
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+    return ret;
+}
+
+#undef TEST_ASSERT
+
+#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED && MBEDTLS_SHA256_C */
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_ECJPAKE_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/ecp.c b/3rdparty/mbedtls-2.28.7/library/ecp.c
new file mode 100644
index 0000000..31a6b9e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/ecp.c
@@ -0,0 +1,3647 @@
+/*
+ *  Elliptic curves over GF(p): generic functions
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ * References:
+ *
+ * SEC1 https://www.secg.org/sec1-v2.pdf
+ * GECC = Guide to Elliptic Curve Cryptography - Hankerson, Menezes, Vanstone
+ * FIPS 186-3 http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf
+ * RFC 4492 for the related TLS structures and constants
+ * - https://www.rfc-editor.org/rfc/rfc4492
+ * RFC 7748 for the Curve448 and Curve25519 curve definitions
+ * - https://www.rfc-editor.org/rfc/rfc7748
+ *
+ * [Curve25519] https://cr.yp.to/ecdh/curve25519-20060209.pdf
+ *
+ * [2] CORON, Jean-S'ebastien. Resistance against differential power analysis
+ *     for elliptic curve cryptosystems. In : Cryptographic Hardware and
+ *     Embedded Systems. Springer Berlin Heidelberg, 1999. p. 292-302.
+ *     <http://link.springer.com/chapter/10.1007/3-540-48059-5_25>
+ *
+ * [3] HEDABOU, Mustapha, PINEL, Pierre, et B'EN'ETEAU, Lucien. A comb method to
+ *     render ECC resistant against Side Channel Attacks. IACR Cryptology
+ *     ePrint Archive, 2004, vol. 2004, p. 342.
+ *     <http://eprint.iacr.org/2004/342.pdf>
+ */
+
+#include "common.h"
+
+/**
+ * \brief Function level alternative implementation.
+ *
+ * The MBEDTLS_ECP_INTERNAL_ALT macro enables alternative implementations to
+ * replace certain functions in this module. The alternative implementations are
+ * typically hardware accelerators and need to activate the hardware before the
+ * computation starts and deactivate it after it finishes. The
+ * mbedtls_internal_ecp_init() and mbedtls_internal_ecp_free() functions serve
+ * this purpose.
+ *
+ * To preserve the correct functionality the following conditions must hold:
+ *
+ * - The alternative implementation must be activated by
+ *   mbedtls_internal_ecp_init() before any of the replaceable functions is
+ *   called.
+ * - mbedtls_internal_ecp_free() must \b only be called when the alternative
+ *   implementation is activated.
+ * - mbedtls_internal_ecp_init() must \b not be called when the alternative
+ *   implementation is activated.
+ * - Public functions must not return while the alternative implementation is
+ *   activated.
+ * - Replaceable functions are guarded by \c MBEDTLS_ECP_XXX_ALT macros and
+ *   before calling them an \code if( mbedtls_internal_ecp_grp_capable( grp ) )
+ *   \endcode ensures that the alternative implementation supports the current
+ *   group.
+ */
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+
+#include "mbedtls/ecp.h"
+#include "mbedtls/threading.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+#include "mbedtls/bn_mul.h"
+
+#include "ecp_invasive.h"
+
+#include <string.h>
+
+#if !defined(MBEDTLS_ECP_ALT)
+
+/* Parameter validation macros based on platform_util.h */
+#define ECP_VALIDATE_RET(cond)    \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA)
+#define ECP_VALIDATE(cond)        \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+#include "mbedtls/platform.h"
+
+#include "mbedtls/ecp_internal.h"
+
+#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
+#if defined(MBEDTLS_HMAC_DRBG_C)
+#include "mbedtls/hmac_drbg.h"
+#elif defined(MBEDTLS_CTR_DRBG_C)
+#include "mbedtls/ctr_drbg.h"
+#else
+#error \
+    "Invalid configuration detected. Include check_config.h to ensure that the configuration is valid."
+#endif
+#endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */
+
+#if defined(MBEDTLS_SELF_TEST)
+/*
+ * Counts of point addition and doubling, and field multiplications.
+ * Used to test resistance of point multiplication to simple timing attacks.
+ */
+static unsigned long add_count, dbl_count, mul_count;
+#endif
+
+#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
+/*
+ * Currently ecp_mul() takes a RNG function as an argument, used for
+ * side-channel protection, but it can be NULL. The initial reasoning was
+ * that people will pass non-NULL RNG when they care about side-channels, but
+ * unfortunately we have some APIs that call ecp_mul() with a NULL RNG, with
+ * no opportunity for the user to do anything about it.
+ *
+ * The obvious strategies for addressing that include:
+ * - change those APIs so that they take RNG arguments;
+ * - require a global RNG to be available to all crypto modules.
+ *
+ * Unfortunately those would break compatibility. So what we do instead is
+ * have our own internal DRBG instance, seeded from the secret scalar.
+ *
+ * The following is a light-weight abstraction layer for doing that with
+ * HMAC_DRBG (first choice) or CTR_DRBG.
+ */
+
+#if defined(MBEDTLS_HMAC_DRBG_C)
+
+/* DRBG context type */
+typedef mbedtls_hmac_drbg_context ecp_drbg_context;
+
+/* DRBG context init */
+static inline void ecp_drbg_init(ecp_drbg_context *ctx)
+{
+    mbedtls_hmac_drbg_init(ctx);
+}
+
+/* DRBG context free */
+static inline void ecp_drbg_free(ecp_drbg_context *ctx)
+{
+    mbedtls_hmac_drbg_free(ctx);
+}
+
+/* DRBG function */
+static inline int ecp_drbg_random(void *p_rng,
+                                  unsigned char *output, size_t output_len)
+{
+    return mbedtls_hmac_drbg_random(p_rng, output, output_len);
+}
+
+/* DRBG context seeding */
+static int ecp_drbg_seed(ecp_drbg_context *ctx,
+                         const mbedtls_mpi *secret, size_t secret_len)
+{
+    int ret;
+    unsigned char secret_bytes[MBEDTLS_ECP_MAX_BYTES];
+    /* The list starts with strong hashes */
+    const mbedtls_md_type_t md_type =
+        (mbedtls_md_type_t) (mbedtls_md_list()[0]);
+    const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type);
+
+    if (secret_len > MBEDTLS_ECP_MAX_BYTES) {
+        ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
+        goto cleanup;
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(secret,
+                                             secret_bytes, secret_len));
+
+    ret = mbedtls_hmac_drbg_seed_buf(ctx, md_info, secret_bytes, secret_len);
+
+cleanup:
+    mbedtls_platform_zeroize(secret_bytes, secret_len);
+
+    return ret;
+}
+
+#elif defined(MBEDTLS_CTR_DRBG_C)
+
+/* DRBG context type */
+typedef mbedtls_ctr_drbg_context ecp_drbg_context;
+
+/* DRBG context init */
+static inline void ecp_drbg_init(ecp_drbg_context *ctx)
+{
+    mbedtls_ctr_drbg_init(ctx);
+}
+
+/* DRBG context free */
+static inline void ecp_drbg_free(ecp_drbg_context *ctx)
+{
+    mbedtls_ctr_drbg_free(ctx);
+}
+
+/* DRBG function */
+static inline int ecp_drbg_random(void *p_rng,
+                                  unsigned char *output, size_t output_len)
+{
+    return mbedtls_ctr_drbg_random(p_rng, output, output_len);
+}
+
+/*
+ * Since CTR_DRBG doesn't have a seed_buf() function the way HMAC_DRBG does,
+ * we need to pass an entropy function when seeding. So we use a dummy
+ * function for that, and pass the actual entropy as customisation string.
+ * (During seeding of CTR_DRBG the entropy input and customisation string are
+ * concatenated before being used to update the secret state.)
+ */
+static int ecp_ctr_drbg_null_entropy(void *ctx, unsigned char *out, size_t len)
+{
+    (void) ctx;
+    memset(out, 0, len);
+    return 0;
+}
+
+/* DRBG context seeding */
+static int ecp_drbg_seed(ecp_drbg_context *ctx,
+                         const mbedtls_mpi *secret, size_t secret_len)
+{
+    int ret;
+    unsigned char secret_bytes[MBEDTLS_ECP_MAX_BYTES];
+
+    if (secret_len > MBEDTLS_ECP_MAX_BYTES) {
+        ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
+        goto cleanup;
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(secret,
+                                             secret_bytes, secret_len));
+
+    ret = mbedtls_ctr_drbg_seed(ctx, ecp_ctr_drbg_null_entropy, NULL,
+                                secret_bytes, secret_len);
+
+cleanup:
+    mbedtls_platform_zeroize(secret_bytes, secret_len);
+
+    return ret;
+}
+
+#else
+#error \
+    "Invalid configuration detected. Include check_config.h to ensure that the configuration is valid."
+#endif /* DRBG modules */
+#endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+/*
+ * Maximum number of "basic operations" to be done in a row.
+ *
+ * Default value 0 means that ECC operations will not yield.
+ * Note that regardless of the value of ecp_max_ops, always at
+ * least one step is performed before yielding.
+ *
+ * Setting ecp_max_ops=1 can be suitable for testing purposes
+ * as it will interrupt computation at all possible points.
+ */
+static unsigned ecp_max_ops = 0;
+
+/*
+ * Set ecp_max_ops
+ */
+void mbedtls_ecp_set_max_ops(unsigned max_ops)
+{
+    ecp_max_ops = max_ops;
+}
+
+/*
+ * Check if restart is enabled
+ */
+int mbedtls_ecp_restart_is_enabled(void)
+{
+    return ecp_max_ops != 0;
+}
+
+/*
+ * Restart sub-context for ecp_mul_comb()
+ */
+struct mbedtls_ecp_restart_mul {
+    mbedtls_ecp_point R;    /* current intermediate result                  */
+    size_t i;               /* current index in various loops, 0 outside    */
+    mbedtls_ecp_point *T;   /* table for precomputed points                 */
+    unsigned char T_size;   /* number of points in table T                  */
+    enum {                  /* what were we doing last time we returned?    */
+        ecp_rsm_init = 0,       /* nothing so far, dummy initial state      */
+        ecp_rsm_pre_dbl,        /* precompute 2^n multiples                 */
+        ecp_rsm_pre_norm_dbl,   /* normalize precomputed 2^n multiples      */
+        ecp_rsm_pre_add,        /* precompute remaining points by adding    */
+        ecp_rsm_pre_norm_add,   /* normalize all precomputed points         */
+        ecp_rsm_comb_core,      /* ecp_mul_comb_core()                      */
+        ecp_rsm_final_norm,     /* do the final normalization               */
+    } state;
+#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
+    ecp_drbg_context drbg_ctx;
+    unsigned char drbg_seeded;
+#endif
+};
+
+/*
+ * Init restart_mul sub-context
+ */
+static void ecp_restart_rsm_init(mbedtls_ecp_restart_mul_ctx *ctx)
+{
+    mbedtls_ecp_point_init(&ctx->R);
+    ctx->i = 0;
+    ctx->T = NULL;
+    ctx->T_size = 0;
+    ctx->state = ecp_rsm_init;
+#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
+    ecp_drbg_init(&ctx->drbg_ctx);
+    ctx->drbg_seeded = 0;
+#endif
+}
+
+/*
+ * Free the components of a restart_mul sub-context
+ */
+static void ecp_restart_rsm_free(mbedtls_ecp_restart_mul_ctx *ctx)
+{
+    unsigned char i;
+
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_ecp_point_free(&ctx->R);
+
+    if (ctx->T != NULL) {
+        for (i = 0; i < ctx->T_size; i++) {
+            mbedtls_ecp_point_free(ctx->T + i);
+        }
+        mbedtls_free(ctx->T);
+    }
+
+#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
+    ecp_drbg_free(&ctx->drbg_ctx);
+#endif
+
+    ecp_restart_rsm_init(ctx);
+}
+
+/*
+ * Restart context for ecp_muladd()
+ */
+struct mbedtls_ecp_restart_muladd {
+    mbedtls_ecp_point mP;       /* mP value                             */
+    mbedtls_ecp_point R;        /* R intermediate result                */
+    enum {                      /* what should we do next?              */
+        ecp_rsma_mul1 = 0,      /* first multiplication                 */
+        ecp_rsma_mul2,          /* second multiplication                */
+        ecp_rsma_add,           /* addition                             */
+        ecp_rsma_norm,          /* normalization                        */
+    } state;
+};
+
+/*
+ * Init restart_muladd sub-context
+ */
+static void ecp_restart_ma_init(mbedtls_ecp_restart_muladd_ctx *ctx)
+{
+    mbedtls_ecp_point_init(&ctx->mP);
+    mbedtls_ecp_point_init(&ctx->R);
+    ctx->state = ecp_rsma_mul1;
+}
+
+/*
+ * Free the components of a restart_muladd sub-context
+ */
+static void ecp_restart_ma_free(mbedtls_ecp_restart_muladd_ctx *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_ecp_point_free(&ctx->mP);
+    mbedtls_ecp_point_free(&ctx->R);
+
+    ecp_restart_ma_init(ctx);
+}
+
+/*
+ * Initialize a restart context
+ */
+void mbedtls_ecp_restart_init(mbedtls_ecp_restart_ctx *ctx)
+{
+    ECP_VALIDATE(ctx != NULL);
+    ctx->ops_done = 0;
+    ctx->depth = 0;
+    ctx->rsm = NULL;
+    ctx->ma = NULL;
+}
+
+/*
+ * Free the components of a restart context
+ */
+void mbedtls_ecp_restart_free(mbedtls_ecp_restart_ctx *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    ecp_restart_rsm_free(ctx->rsm);
+    mbedtls_free(ctx->rsm);
+
+    ecp_restart_ma_free(ctx->ma);
+    mbedtls_free(ctx->ma);
+
+    mbedtls_ecp_restart_init(ctx);
+}
+
+/*
+ * Check if we can do the next step
+ */
+int mbedtls_ecp_check_budget(const mbedtls_ecp_group *grp,
+                             mbedtls_ecp_restart_ctx *rs_ctx,
+                             unsigned ops)
+{
+    ECP_VALIDATE_RET(grp != NULL);
+
+    if (rs_ctx != NULL && ecp_max_ops != 0) {
+        /* scale depending on curve size: the chosen reference is 256-bit,
+         * and multiplication is quadratic. Round to the closest integer. */
+        if (grp->pbits >= 512) {
+            ops *= 4;
+        } else if (grp->pbits >= 384) {
+            ops *= 2;
+        }
+
+        /* Avoid infinite loops: always allow first step.
+         * Because of that, however, it's not generally true
+         * that ops_done <= ecp_max_ops, so the check
+         * ops_done > ecp_max_ops below is mandatory. */
+        if ((rs_ctx->ops_done != 0) &&
+            (rs_ctx->ops_done > ecp_max_ops ||
+             ops > ecp_max_ops - rs_ctx->ops_done)) {
+            return MBEDTLS_ERR_ECP_IN_PROGRESS;
+        }
+
+        /* update running count */
+        rs_ctx->ops_done += ops;
+    }
+
+    return 0;
+}
+
+/* Call this when entering a function that needs its own sub-context */
+#define ECP_RS_ENTER(SUB)   do {                                      \
+        /* reset ops count for this call if top-level */                    \
+        if (rs_ctx != NULL && rs_ctx->depth++ == 0)                        \
+        rs_ctx->ops_done = 0;                                           \
+                                                                        \
+        /* set up our own sub-context if needed */                          \
+        if (mbedtls_ecp_restart_is_enabled() &&                             \
+            rs_ctx != NULL && rs_ctx->SUB == NULL)                         \
+        {                                                                   \
+            rs_ctx->SUB = mbedtls_calloc(1, sizeof(*rs_ctx->SUB));      \
+            if (rs_ctx->SUB == NULL)                                       \
+            return MBEDTLS_ERR_ECP_ALLOC_FAILED;                     \
+                                                                      \
+            ecp_restart_## SUB ##_init(rs_ctx->SUB);                      \
+        }                                                                   \
+} while (0)
+
+/* Call this when leaving a function that needs its own sub-context */
+#define ECP_RS_LEAVE(SUB)   do {                                      \
+        /* clear our sub-context when not in progress (done or error) */    \
+        if (rs_ctx != NULL && rs_ctx->SUB != NULL &&                        \
+            ret != MBEDTLS_ERR_ECP_IN_PROGRESS)                            \
+        {                                                                   \
+            ecp_restart_## SUB ##_free(rs_ctx->SUB);                      \
+            mbedtls_free(rs_ctx->SUB);                                    \
+            rs_ctx->SUB = NULL;                                             \
+        }                                                                   \
+                                                                        \
+        if (rs_ctx != NULL)                                                \
+        rs_ctx->depth--;                                                \
+} while (0)
+
+#else /* MBEDTLS_ECP_RESTARTABLE */
+
+#define ECP_RS_ENTER(sub)     (void) rs_ctx;
+#define ECP_RS_LEAVE(sub)     (void) rs_ctx;
+
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+/*
+ * List of supported curves:
+ *  - internal ID
+ *  - TLS NamedCurve ID (RFC 4492 sec. 5.1.1, RFC 7071 sec. 2, RFC 8446 sec. 4.2.7)
+ *  - size in bits
+ *  - readable name
+ *
+ * Curves are listed in order: largest curves first, and for a given size,
+ * fastest curves first. This provides the default order for the SSL module.
+ *
+ * Reminder: update profiles in x509_crt.c when adding a new curves!
+ */
+static const mbedtls_ecp_curve_info ecp_supported_curves[] =
+{
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+    { MBEDTLS_ECP_DP_SECP521R1,    25,     521,    "secp521r1"         },
+#endif
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+    { MBEDTLS_ECP_DP_BP512R1,      28,     512,    "brainpoolP512r1"   },
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+    { MBEDTLS_ECP_DP_SECP384R1,    24,     384,    "secp384r1"         },
+#endif
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+    { MBEDTLS_ECP_DP_BP384R1,      27,     384,    "brainpoolP384r1"   },
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+    { MBEDTLS_ECP_DP_SECP256R1,    23,     256,    "secp256r1"         },
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+    { MBEDTLS_ECP_DP_SECP256K1,    22,     256,    "secp256k1"         },
+#endif
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+    { MBEDTLS_ECP_DP_BP256R1,      26,     256,    "brainpoolP256r1"   },
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+    { MBEDTLS_ECP_DP_SECP224R1,    21,     224,    "secp224r1"         },
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+    { MBEDTLS_ECP_DP_SECP224K1,    20,     224,    "secp224k1"         },
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+    { MBEDTLS_ECP_DP_SECP192R1,    19,     192,    "secp192r1"         },
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+    { MBEDTLS_ECP_DP_SECP192K1,    18,     192,    "secp192k1"         },
+#endif
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+    { MBEDTLS_ECP_DP_CURVE25519,   29,     256,    "x25519"            },
+#endif
+#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+    { MBEDTLS_ECP_DP_CURVE448,     30,     448,    "x448"              },
+#endif
+    { MBEDTLS_ECP_DP_NONE,          0,     0,      NULL                },
+};
+
+#define ECP_NB_CURVES   sizeof(ecp_supported_curves) /    \
+    sizeof(ecp_supported_curves[0])
+
+static mbedtls_ecp_group_id ecp_supported_grp_id[ECP_NB_CURVES];
+
+/*
+ * List of supported curves and associated info
+ */
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list(void)
+{
+    return ecp_supported_curves;
+}
+
+/*
+ * List of supported curves, group ID only
+ */
+const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list(void)
+{
+    static int init_done = 0;
+
+    if (!init_done) {
+        size_t i = 0;
+        const mbedtls_ecp_curve_info *curve_info;
+
+        for (curve_info = mbedtls_ecp_curve_list();
+             curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
+             curve_info++) {
+            ecp_supported_grp_id[i++] = curve_info->grp_id;
+        }
+        ecp_supported_grp_id[i] = MBEDTLS_ECP_DP_NONE;
+
+        init_done = 1;
+    }
+
+    return ecp_supported_grp_id;
+}
+
+/*
+ * Get the curve info for the internal identifier
+ */
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id(mbedtls_ecp_group_id grp_id)
+{
+    const mbedtls_ecp_curve_info *curve_info;
+
+    for (curve_info = mbedtls_ecp_curve_list();
+         curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
+         curve_info++) {
+        if (curve_info->grp_id == grp_id) {
+            return curve_info;
+        }
+    }
+
+    return NULL;
+}
+
+/*
+ * Get the curve info from the TLS identifier
+ */
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id(uint16_t tls_id)
+{
+    const mbedtls_ecp_curve_info *curve_info;
+
+    for (curve_info = mbedtls_ecp_curve_list();
+         curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
+         curve_info++) {
+        if (curve_info->tls_id == tls_id) {
+            return curve_info;
+        }
+    }
+
+    return NULL;
+}
+
+/*
+ * Get the curve info from the name
+ */
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name(const char *name)
+{
+    const mbedtls_ecp_curve_info *curve_info;
+
+    if (name == NULL) {
+        return NULL;
+    }
+
+    for (curve_info = mbedtls_ecp_curve_list();
+         curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
+         curve_info++) {
+        if (strcmp(curve_info->name, name) == 0) {
+            return curve_info;
+        }
+    }
+
+    return NULL;
+}
+
+/*
+ * Get the type of a curve
+ */
+mbedtls_ecp_curve_type mbedtls_ecp_get_type(const mbedtls_ecp_group *grp)
+{
+    if (grp->G.X.p == NULL) {
+        return MBEDTLS_ECP_TYPE_NONE;
+    }
+
+    if (grp->G.Y.p == NULL) {
+        return MBEDTLS_ECP_TYPE_MONTGOMERY;
+    } else {
+        return MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS;
+    }
+}
+
+/*
+ * Initialize (the components of) a point
+ */
+void mbedtls_ecp_point_init(mbedtls_ecp_point *pt)
+{
+    ECP_VALIDATE(pt != NULL);
+
+    mbedtls_mpi_init(&pt->X);
+    mbedtls_mpi_init(&pt->Y);
+    mbedtls_mpi_init(&pt->Z);
+}
+
+/*
+ * Initialize (the components of) a group
+ */
+void mbedtls_ecp_group_init(mbedtls_ecp_group *grp)
+{
+    ECP_VALIDATE(grp != NULL);
+
+    grp->id = MBEDTLS_ECP_DP_NONE;
+    mbedtls_mpi_init(&grp->P);
+    mbedtls_mpi_init(&grp->A);
+    mbedtls_mpi_init(&grp->B);
+    mbedtls_ecp_point_init(&grp->G);
+    mbedtls_mpi_init(&grp->N);
+    grp->pbits = 0;
+    grp->nbits = 0;
+    grp->h = 0;
+    grp->modp = NULL;
+    grp->t_pre = NULL;
+    grp->t_post = NULL;
+    grp->t_data = NULL;
+    grp->T = NULL;
+    grp->T_size = 0;
+}
+
+/*
+ * Initialize (the components of) a key pair
+ */
+void mbedtls_ecp_keypair_init(mbedtls_ecp_keypair *key)
+{
+    ECP_VALIDATE(key != NULL);
+
+    mbedtls_ecp_group_init(&key->grp);
+    mbedtls_mpi_init(&key->d);
+    mbedtls_ecp_point_init(&key->Q);
+}
+
+/*
+ * Unallocate (the components of) a point
+ */
+void mbedtls_ecp_point_free(mbedtls_ecp_point *pt)
+{
+    if (pt == NULL) {
+        return;
+    }
+
+    mbedtls_mpi_free(&(pt->X));
+    mbedtls_mpi_free(&(pt->Y));
+    mbedtls_mpi_free(&(pt->Z));
+}
+
+/*
+ * Unallocate (the components of) a group
+ */
+void mbedtls_ecp_group_free(mbedtls_ecp_group *grp)
+{
+    size_t i;
+
+    if (grp == NULL) {
+        return;
+    }
+
+    if (grp->h != 1) {
+        mbedtls_mpi_free(&grp->P);
+        mbedtls_mpi_free(&grp->A);
+        mbedtls_mpi_free(&grp->B);
+        mbedtls_ecp_point_free(&grp->G);
+        mbedtls_mpi_free(&grp->N);
+    }
+
+    if (grp->T != NULL) {
+        for (i = 0; i < grp->T_size; i++) {
+            mbedtls_ecp_point_free(&grp->T[i]);
+        }
+        mbedtls_free(grp->T);
+    }
+
+    mbedtls_platform_zeroize(grp, sizeof(mbedtls_ecp_group));
+}
+
+/*
+ * Unallocate (the components of) a key pair
+ */
+void mbedtls_ecp_keypair_free(mbedtls_ecp_keypair *key)
+{
+    if (key == NULL) {
+        return;
+    }
+
+    mbedtls_ecp_group_free(&key->grp);
+    mbedtls_mpi_free(&key->d);
+    mbedtls_ecp_point_free(&key->Q);
+}
+
+/*
+ * Copy the contents of a point
+ */
+int mbedtls_ecp_copy(mbedtls_ecp_point *P, const mbedtls_ecp_point *Q)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    ECP_VALIDATE_RET(P != NULL);
+    ECP_VALIDATE_RET(Q != NULL);
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&P->X, &Q->X));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&P->Y, &Q->Y));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&P->Z, &Q->Z));
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Copy the contents of a group object
+ */
+int mbedtls_ecp_group_copy(mbedtls_ecp_group *dst, const mbedtls_ecp_group *src)
+{
+    ECP_VALIDATE_RET(dst != NULL);
+    ECP_VALIDATE_RET(src != NULL);
+
+    return mbedtls_ecp_group_load(dst, src->id);
+}
+
+/*
+ * Set point to zero
+ */
+int mbedtls_ecp_set_zero(mbedtls_ecp_point *pt)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    ECP_VALIDATE_RET(pt != NULL);
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&pt->X, 1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&pt->Y, 1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&pt->Z, 0));
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Tell if a point is zero
+ */
+int mbedtls_ecp_is_zero(mbedtls_ecp_point *pt)
+{
+    ECP_VALIDATE_RET(pt != NULL);
+
+    return mbedtls_mpi_cmp_int(&pt->Z, 0) == 0;
+}
+
+/*
+ * Compare two points lazily
+ */
+int mbedtls_ecp_point_cmp(const mbedtls_ecp_point *P,
+                          const mbedtls_ecp_point *Q)
+{
+    ECP_VALIDATE_RET(P != NULL);
+    ECP_VALIDATE_RET(Q != NULL);
+
+    if (mbedtls_mpi_cmp_mpi(&P->X, &Q->X) == 0 &&
+        mbedtls_mpi_cmp_mpi(&P->Y, &Q->Y) == 0 &&
+        mbedtls_mpi_cmp_mpi(&P->Z, &Q->Z) == 0) {
+        return 0;
+    }
+
+    return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+}
+
+/*
+ * Import a non-zero point from ASCII strings
+ */
+int mbedtls_ecp_point_read_string(mbedtls_ecp_point *P, int radix,
+                                  const char *x, const char *y)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    ECP_VALIDATE_RET(P != NULL);
+    ECP_VALIDATE_RET(x != NULL);
+    ECP_VALIDATE_RET(y != NULL);
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&P->X, radix, x));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&P->Y, radix, y));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&P->Z, 1));
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Export a point into unsigned binary data (SEC1 2.3.3 and RFC7748)
+ */
+int mbedtls_ecp_point_write_binary(const mbedtls_ecp_group *grp,
+                                   const mbedtls_ecp_point *P,
+                                   int format, size_t *olen,
+                                   unsigned char *buf, size_t buflen)
+{
+    int ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+    size_t plen;
+    ECP_VALIDATE_RET(grp  != NULL);
+    ECP_VALIDATE_RET(P    != NULL);
+    ECP_VALIDATE_RET(olen != NULL);
+    ECP_VALIDATE_RET(buf  != NULL);
+    ECP_VALIDATE_RET(format == MBEDTLS_ECP_PF_UNCOMPRESSED ||
+                     format == MBEDTLS_ECP_PF_COMPRESSED);
+
+    plen = mbedtls_mpi_size(&grp->P);
+
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
+    (void) format; /* Montgomery curves always use the same point format */
+    if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) {
+        *olen = plen;
+        if (buflen < *olen) {
+            return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+        }
+
+        MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary_le(&P->X, buf, plen));
+    }
+#endif
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
+    if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) {
+        /*
+         * Common case: P == 0
+         */
+        if (mbedtls_mpi_cmp_int(&P->Z, 0) == 0) {
+            if (buflen < 1) {
+                return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+            }
+
+            buf[0] = 0x00;
+            *olen = 1;
+
+            return 0;
+        }
+
+        if (format == MBEDTLS_ECP_PF_UNCOMPRESSED) {
+            *olen = 2 * plen + 1;
+
+            if (buflen < *olen) {
+                return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+            }
+
+            buf[0] = 0x04;
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&P->X, buf + 1, plen));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&P->Y, buf + 1 + plen, plen));
+        } else if (format == MBEDTLS_ECP_PF_COMPRESSED) {
+            *olen = plen + 1;
+
+            if (buflen < *olen) {
+                return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+            }
+
+            buf[0] = 0x02 + mbedtls_mpi_get_bit(&P->Y, 0);
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&P->X, buf + 1, plen));
+        }
+    }
+#endif
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Import a point from unsigned binary data (SEC1 2.3.4 and RFC7748)
+ */
+int mbedtls_ecp_point_read_binary(const mbedtls_ecp_group *grp,
+                                  mbedtls_ecp_point *pt,
+                                  const unsigned char *buf, size_t ilen)
+{
+    int ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+    size_t plen;
+    ECP_VALIDATE_RET(grp != NULL);
+    ECP_VALIDATE_RET(pt  != NULL);
+    ECP_VALIDATE_RET(buf != NULL);
+
+    if (ilen < 1) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+    plen = mbedtls_mpi_size(&grp->P);
+
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
+    if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) {
+        if (plen != ilen) {
+            return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+        }
+
+        MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary_le(&pt->X, buf, plen));
+        mbedtls_mpi_free(&pt->Y);
+
+        if (grp->id == MBEDTLS_ECP_DP_CURVE25519) {
+            /* Set most significant bit to 0 as prescribed in RFC7748 §5 */
+            MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(&pt->X, plen * 8 - 1, 0));
+        }
+
+        MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&pt->Z, 1));
+    }
+#endif
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
+    if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) {
+        if (buf[0] == 0x00) {
+            if (ilen == 1) {
+                return mbedtls_ecp_set_zero(pt);
+            } else {
+                return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+            }
+        }
+
+        if (buf[0] != 0x04) {
+            return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+        }
+
+        if (ilen != 2 * plen + 1) {
+            return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+        }
+
+        MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&pt->X, buf + 1, plen));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&pt->Y,
+                                                buf + 1 + plen, plen));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&pt->Z, 1));
+    }
+#endif
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Import a point from a TLS ECPoint record (RFC 4492)
+ *      struct {
+ *          opaque point <1..2^8-1>;
+ *      } ECPoint;
+ */
+int mbedtls_ecp_tls_read_point(const mbedtls_ecp_group *grp,
+                               mbedtls_ecp_point *pt,
+                               const unsigned char **buf, size_t buf_len)
+{
+    unsigned char data_len;
+    const unsigned char *buf_start;
+    ECP_VALIDATE_RET(grp != NULL);
+    ECP_VALIDATE_RET(pt  != NULL);
+    ECP_VALIDATE_RET(buf != NULL);
+    ECP_VALIDATE_RET(*buf != NULL);
+
+    /*
+     * We must have at least two bytes (1 for length, at least one for data)
+     */
+    if (buf_len < 2) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+    data_len = *(*buf)++;
+    if (data_len < 1 || data_len > buf_len - 1) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+    /*
+     * Save buffer start for read_binary and update buf
+     */
+    buf_start = *buf;
+    *buf += data_len;
+
+    return mbedtls_ecp_point_read_binary(grp, pt, buf_start, data_len);
+}
+
+/*
+ * Export a point as a TLS ECPoint record (RFC 4492)
+ *      struct {
+ *          opaque point <1..2^8-1>;
+ *      } ECPoint;
+ */
+int mbedtls_ecp_tls_write_point(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt,
+                                int format, size_t *olen,
+                                unsigned char *buf, size_t blen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    ECP_VALIDATE_RET(grp  != NULL);
+    ECP_VALIDATE_RET(pt   != NULL);
+    ECP_VALIDATE_RET(olen != NULL);
+    ECP_VALIDATE_RET(buf  != NULL);
+    ECP_VALIDATE_RET(format == MBEDTLS_ECP_PF_UNCOMPRESSED ||
+                     format == MBEDTLS_ECP_PF_COMPRESSED);
+
+    /*
+     * buffer length must be at least one, for our length byte
+     */
+    if (blen < 1) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+    if ((ret = mbedtls_ecp_point_write_binary(grp, pt, format,
+                                              olen, buf + 1, blen - 1)) != 0) {
+        return ret;
+    }
+
+    /*
+     * write length to the first byte and update total length
+     */
+    buf[0] = (unsigned char) *olen;
+    ++*olen;
+
+    return 0;
+}
+
+/*
+ * Set a group from an ECParameters record (RFC 4492)
+ */
+int mbedtls_ecp_tls_read_group(mbedtls_ecp_group *grp,
+                               const unsigned char **buf, size_t len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ecp_group_id grp_id;
+    ECP_VALIDATE_RET(grp  != NULL);
+    ECP_VALIDATE_RET(buf  != NULL);
+    ECP_VALIDATE_RET(*buf != NULL);
+
+    if ((ret = mbedtls_ecp_tls_read_group_id(&grp_id, buf, len)) != 0) {
+        return ret;
+    }
+
+    return mbedtls_ecp_group_load(grp, grp_id);
+}
+
+/*
+ * Read a group id from an ECParameters record (RFC 4492) and convert it to
+ * mbedtls_ecp_group_id.
+ */
+int mbedtls_ecp_tls_read_group_id(mbedtls_ecp_group_id *grp,
+                                  const unsigned char **buf, size_t len)
+{
+    uint16_t tls_id;
+    const mbedtls_ecp_curve_info *curve_info;
+    ECP_VALIDATE_RET(grp  != NULL);
+    ECP_VALIDATE_RET(buf  != NULL);
+    ECP_VALIDATE_RET(*buf != NULL);
+
+    /*
+     * We expect at least three bytes (see below)
+     */
+    if (len < 3) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+    /*
+     * First byte is curve_type; only named_curve is handled
+     */
+    if (*(*buf)++ != MBEDTLS_ECP_TLS_NAMED_CURVE) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+    /*
+     * Next two bytes are the namedcurve value
+     */
+    tls_id = *(*buf)++;
+    tls_id <<= 8;
+    tls_id |= *(*buf)++;
+
+    if ((curve_info = mbedtls_ecp_curve_info_from_tls_id(tls_id)) == NULL) {
+        return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+    }
+
+    *grp = curve_info->grp_id;
+
+    return 0;
+}
+
+/*
+ * Write the ECParameters record corresponding to a group (RFC 4492)
+ */
+int mbedtls_ecp_tls_write_group(const mbedtls_ecp_group *grp, size_t *olen,
+                                unsigned char *buf, size_t blen)
+{
+    const mbedtls_ecp_curve_info *curve_info;
+    ECP_VALIDATE_RET(grp  != NULL);
+    ECP_VALIDATE_RET(buf  != NULL);
+    ECP_VALIDATE_RET(olen != NULL);
+
+    if ((curve_info = mbedtls_ecp_curve_info_from_grp_id(grp->id)) == NULL) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+    /*
+     * We are going to write 3 bytes (see below)
+     */
+    *olen = 3;
+    if (blen < *olen) {
+        return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+    }
+
+    /*
+     * First byte is curve_type, always named_curve
+     */
+    *buf++ = MBEDTLS_ECP_TLS_NAMED_CURVE;
+
+    /*
+     * Next two bytes are the namedcurve value
+     */
+    MBEDTLS_PUT_UINT16_BE(curve_info->tls_id, buf, 0);
+
+    return 0;
+}
+
+/*
+ * Wrapper around fast quasi-modp functions, with fall-back to mbedtls_mpi_mod_mpi.
+ * See the documentation of struct mbedtls_ecp_group.
+ *
+ * This function is in the critial loop for mbedtls_ecp_mul, so pay attention to perf.
+ */
+static int ecp_modp(mbedtls_mpi *N, const mbedtls_ecp_group *grp)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if (grp->modp == NULL) {
+        return mbedtls_mpi_mod_mpi(N, N, &grp->P);
+    }
+
+    /* N->s < 0 is a much faster test, which fails only if N is 0 */
+    if ((N->s < 0 && mbedtls_mpi_cmp_int(N, 0) != 0) ||
+        mbedtls_mpi_bitlen(N) > 2 * grp->pbits) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+    MBEDTLS_MPI_CHK(grp->modp(N));
+
+    /* N->s < 0 is a much faster test, which fails only if N is 0 */
+    while (N->s < 0 && mbedtls_mpi_cmp_int(N, 0) != 0) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(N, N, &grp->P));
+    }
+
+    while (mbedtls_mpi_cmp_mpi(N, &grp->P) >= 0) {
+        /* we known P, N and the result are positive */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_abs(N, N, &grp->P));
+    }
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Fast mod-p functions expect their argument to be in the 0..p^2 range.
+ *
+ * In order to guarantee that, we need to ensure that operands of
+ * mbedtls_mpi_mul_mpi are in the 0..p range. So, after each operation we will
+ * bring the result back to this range.
+ *
+ * The following macros are shortcuts for doing that.
+ */
+
+/*
+ * Reduce a mbedtls_mpi mod p in-place, general case, to use after mbedtls_mpi_mul_mpi
+ */
+#if defined(MBEDTLS_SELF_TEST)
+#define INC_MUL_COUNT   mul_count++;
+#else
+#define INC_MUL_COUNT
+#endif
+
+#define MOD_MUL(N)                                                    \
+    do                                                                  \
+    {                                                                   \
+        MBEDTLS_MPI_CHK(ecp_modp(&(N), grp));                       \
+        INC_MUL_COUNT                                                   \
+    } while (0)
+
+static inline int mbedtls_mpi_mul_mod(const mbedtls_ecp_group *grp,
+                                      mbedtls_mpi *X,
+                                      const mbedtls_mpi *A,
+                                      const mbedtls_mpi *B)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(X, A, B));
+    MOD_MUL(*X);
+cleanup:
+    return ret;
+}
+
+/*
+ * Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_sub_mpi
+ * N->s < 0 is a very fast test, which fails only if N is 0
+ */
+#define MOD_SUB(N)                                                    \
+    while ((N).s < 0 && mbedtls_mpi_cmp_int(&(N), 0) != 0)           \
+    MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&(N), &(N), &grp->P))
+
+#if (defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) && \
+    !(defined(MBEDTLS_ECP_NO_FALLBACK) && \
+    defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) && \
+    defined(MBEDTLS_ECP_ADD_MIXED_ALT))) || \
+    (defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) && \
+    !(defined(MBEDTLS_ECP_NO_FALLBACK) && \
+    defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)))
+static inline int mbedtls_mpi_sub_mod(const mbedtls_ecp_group *grp,
+                                      mbedtls_mpi *X,
+                                      const mbedtls_mpi *A,
+                                      const mbedtls_mpi *B)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(X, A, B));
+    MOD_SUB(*X);
+cleanup:
+    return ret;
+}
+#endif /* All functions referencing mbedtls_mpi_sub_mod() are alt-implemented without fallback */
+
+/*
+ * Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_add_mpi and mbedtls_mpi_mul_int.
+ * We known P, N and the result are positive, so sub_abs is correct, and
+ * a bit faster.
+ */
+#define MOD_ADD(N)                                                    \
+    while (mbedtls_mpi_cmp_mpi(&(N), &grp->P) >= 0)                  \
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_abs(&(N), &(N), &grp->P))
+
+static inline int mbedtls_mpi_add_mod(const mbedtls_ecp_group *grp,
+                                      mbedtls_mpi *X,
+                                      const mbedtls_mpi *A,
+                                      const mbedtls_mpi *B)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(X, A, B));
+    MOD_ADD(*X);
+cleanup:
+    return ret;
+}
+
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) && \
+    !(defined(MBEDTLS_ECP_NO_FALLBACK) && \
+    defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) && \
+    defined(MBEDTLS_ECP_ADD_MIXED_ALT))
+static inline int mbedtls_mpi_shift_l_mod(const mbedtls_ecp_group *grp,
+                                          mbedtls_mpi *X,
+                                          size_t count)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(X, count));
+    MOD_ADD(*X);
+cleanup:
+    return ret;
+}
+#endif \
+    /* All functions referencing mbedtls_mpi_shift_l_mod() are alt-implemented without fallback */
+
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
+/*
+ * For curves in short Weierstrass form, we do all the internal operations in
+ * Jacobian coordinates.
+ *
+ * For multiplication, we'll use a comb method with countermeasures against
+ * SPA, hence timing attacks.
+ */
+
+/*
+ * Normalize jacobian coordinates so that Z == 0 || Z == 1  (GECC 3.2.1)
+ * Cost: 1N := 1I + 3M + 1S
+ */
+static int ecp_normalize_jac(const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt)
+{
+    if (mbedtls_mpi_cmp_int(&pt->Z, 0) == 0) {
+        return 0;
+    }
+
+#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT)
+    if (mbedtls_internal_ecp_grp_capable(grp)) {
+        return mbedtls_internal_ecp_normalize_jac(grp, pt);
+    }
+#endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */
+
+#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT)
+    return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+#else
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_mpi Zi, ZZi;
+    mbedtls_mpi_init(&Zi); mbedtls_mpi_init(&ZZi);
+
+    /*
+     * X = X / Z^2  mod p
+     */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&Zi,      &pt->Z,     &grp->P));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &ZZi,     &Zi,        &Zi));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &pt->X,   &pt->X,     &ZZi));
+
+    /*
+     * Y = Y / Z^3  mod p
+     */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &pt->Y,   &pt->Y,     &ZZi));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &pt->Y,   &pt->Y,     &Zi));
+
+    /*
+     * Z = 1
+     */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&pt->Z, 1));
+
+cleanup:
+
+    mbedtls_mpi_free(&Zi); mbedtls_mpi_free(&ZZi);
+
+    return ret;
+#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) */
+}
+
+/*
+ * Normalize jacobian coordinates of an array of (pointers to) points,
+ * using Montgomery's trick to perform only one inversion mod P.
+ * (See for example Cohen's "A Course in Computational Algebraic Number
+ * Theory", Algorithm 10.3.4.)
+ *
+ * Warning: fails (returning an error) if one of the points is zero!
+ * This should never happen, see choice of w in ecp_mul_comb().
+ *
+ * Cost: 1N(t) := 1I + (6t - 3)M + 1S
+ */
+static int ecp_normalize_jac_many(const mbedtls_ecp_group *grp,
+                                  mbedtls_ecp_point *T[], size_t T_size)
+{
+    if (T_size < 2) {
+        return ecp_normalize_jac(grp, *T);
+    }
+
+#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT)
+    if (mbedtls_internal_ecp_grp_capable(grp)) {
+        return mbedtls_internal_ecp_normalize_jac_many(grp, T, T_size);
+    }
+#endif
+
+#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT)
+    return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+#else
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t i;
+    mbedtls_mpi *c, u, Zi, ZZi;
+
+    if ((c = mbedtls_calloc(T_size, sizeof(mbedtls_mpi))) == NULL) {
+        return MBEDTLS_ERR_ECP_ALLOC_FAILED;
+    }
+
+    for (i = 0; i < T_size; i++) {
+        mbedtls_mpi_init(&c[i]);
+    }
+
+    mbedtls_mpi_init(&u); mbedtls_mpi_init(&Zi); mbedtls_mpi_init(&ZZi);
+
+    /*
+     * c[i] = Z_0 * ... * Z_i
+     */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&c[0], &T[0]->Z));
+    for (i = 1; i < T_size; i++) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &c[i], &c[i-1], &T[i]->Z));
+    }
+
+    /*
+     * u = 1 / (Z_0 * ... * Z_n) mod P
+     */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&u, &c[T_size-1], &grp->P));
+
+    for (i = T_size - 1;; i--) {
+        /*
+         * Zi = 1 / Z_i mod p
+         * u = 1 / (Z_0 * ... * Z_i) mod P
+         */
+        if (i == 0) {
+            MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&Zi, &u));
+        } else {
+            MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &Zi, &u, &c[i-1]));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &u,  &u, &T[i]->Z));
+        }
+
+        /*
+         * proceed as in normalize()
+         */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &ZZi,     &Zi,      &Zi));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T[i]->X, &T[i]->X, &ZZi));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T[i]->Y, &T[i]->Y, &ZZi));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T[i]->Y, &T[i]->Y, &Zi));
+
+        /*
+         * Post-precessing: reclaim some memory by shrinking coordinates
+         * - not storing Z (always 1)
+         * - shrinking other coordinates, but still keeping the same number of
+         *   limbs as P, as otherwise it will too likely be regrown too fast.
+         */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_shrink(&T[i]->X, grp->P.n));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_shrink(&T[i]->Y, grp->P.n));
+        mbedtls_mpi_free(&T[i]->Z);
+
+        if (i == 0) {
+            break;
+        }
+    }
+
+cleanup:
+
+    mbedtls_mpi_free(&u); mbedtls_mpi_free(&Zi); mbedtls_mpi_free(&ZZi);
+    for (i = 0; i < T_size; i++) {
+        mbedtls_mpi_free(&c[i]);
+    }
+    mbedtls_free(c);
+
+    return ret;
+#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) */
+}
+
+/*
+ * Conditional point inversion: Q -> -Q = (Q.X, -Q.Y, Q.Z) without leak.
+ * "inv" must be 0 (don't invert) or 1 (invert) or the result will be invalid
+ */
+static int ecp_safe_invert_jac(const mbedtls_ecp_group *grp,
+                               mbedtls_ecp_point *Q,
+                               unsigned char inv)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char nonzero;
+    mbedtls_mpi mQY;
+
+    mbedtls_mpi_init(&mQY);
+
+    /* Use the fact that -Q.Y mod P = P - Q.Y unless Q.Y == 0 */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&mQY, &grp->P, &Q->Y));
+    nonzero = mbedtls_mpi_cmp_int(&Q->Y, 0) != 0;
+    MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_assign(&Q->Y, &mQY, inv & nonzero));
+
+cleanup:
+    mbedtls_mpi_free(&mQY);
+
+    return ret;
+}
+
+/*
+ * Point doubling R = 2 P, Jacobian coordinates
+ *
+ * Based on http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian.html#doubling-dbl-1998-cmo-2 .
+ *
+ * We follow the variable naming fairly closely. The formula variations that trade a MUL for a SQR
+ * (plus a few ADDs) aren't useful as our bignum implementation doesn't distinguish squaring.
+ *
+ * Standard optimizations are applied when curve parameter A is one of { 0, -3 }.
+ *
+ * Cost: 1D := 3M + 4S          (A ==  0)
+ *             4M + 4S          (A == -3)
+ *             3M + 6S + 1a     otherwise
+ */
+static int ecp_double_jac(const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                          const mbedtls_ecp_point *P)
+{
+#if defined(MBEDTLS_SELF_TEST)
+    dbl_count++;
+#endif
+
+#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT)
+    if (mbedtls_internal_ecp_grp_capable(grp)) {
+        return mbedtls_internal_ecp_double_jac(grp, R, P);
+    }
+#endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */
+
+#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_DOUBLE_JAC_ALT)
+    return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+#else
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_mpi M, S, T, U;
+
+    mbedtls_mpi_init(&M); mbedtls_mpi_init(&S); mbedtls_mpi_init(&T); mbedtls_mpi_init(&U);
+
+    /* Special case for A = -3 */
+    if (grp->A.p == NULL) {
+        /* M = 3(X + Z^2)(X - Z^2) */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S,  &P->Z,  &P->Z));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &T,  &P->X,  &S));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &U,  &P->X,  &S));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S,  &T,     &U));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_int(&M,  &S,     3)); MOD_ADD(M);
+    } else {
+        /* M = 3.X^2 */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S,  &P->X,  &P->X));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_int(&M,  &S,     3)); MOD_ADD(M);
+
+        /* Optimize away for "koblitz" curves with A = 0 */
+        if (mbedtls_mpi_cmp_int(&grp->A, 0) != 0) {
+            /* M += A.Z^4 */
+            MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S,  &P->Z,  &P->Z));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T,  &S,     &S));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S,  &T,     &grp->A));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &M,  &M,     &S));
+        }
+    }
+
+    /* S = 4.X.Y^2 */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T,  &P->Y,  &P->Y));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l_mod(grp, &T,  1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S,  &P->X,  &T));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l_mod(grp, &S,  1));
+
+    /* U = 8.Y^4 */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &U,  &T,     &T));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l_mod(grp, &U,  1));
+
+    /* T = M^2 - 2.S */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T,  &M,     &M));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &T,  &T,     &S));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &T,  &T,     &S));
+
+    /* S = M(S - T) - U */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &S,  &S,     &T));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S,  &S,     &M));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &S,  &S,     &U));
+
+    /* U = 2.Y.Z */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &U,  &P->Y,  &P->Z));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l_mod(grp, &U,  1));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R->X, &T));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R->Y, &S));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R->Z, &U));
+
+cleanup:
+    mbedtls_mpi_free(&M); mbedtls_mpi_free(&S); mbedtls_mpi_free(&T); mbedtls_mpi_free(&U);
+
+    return ret;
+#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) */
+}
+
+/*
+ * Addition: R = P + Q, mixed affine-Jacobian coordinates (GECC 3.22)
+ *
+ * The coordinates of Q must be normalized (= affine),
+ * but those of P don't need to. R is not normalized.
+ *
+ * Special cases: (1) P or Q is zero, (2) R is zero, (3) P == Q.
+ * None of these cases can happen as intermediate step in ecp_mul_comb():
+ * - at each step, P, Q and R are multiples of the base point, the factor
+ *   being less than its order, so none of them is zero;
+ * - Q is an odd multiple of the base point, P an even multiple,
+ *   due to the choice of precomputed points in the modified comb method.
+ * So branches for these cases do not leak secret information.
+ *
+ * We accept Q->Z being unset (saving memory in tables) as meaning 1.
+ *
+ * Cost: 1A := 8M + 3S
+ */
+static int ecp_add_mixed(const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                         const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q)
+{
+#if defined(MBEDTLS_SELF_TEST)
+    add_count++;
+#endif
+
+#if defined(MBEDTLS_ECP_ADD_MIXED_ALT)
+    if (mbedtls_internal_ecp_grp_capable(grp)) {
+        return mbedtls_internal_ecp_add_mixed(grp, R, P, Q);
+    }
+#endif /* MBEDTLS_ECP_ADD_MIXED_ALT */
+
+#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_ADD_MIXED_ALT)
+    return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+#else
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_mpi T1, T2, T3, T4, X, Y, Z;
+
+    /*
+     * Trivial cases: P == 0 or Q == 0 (case 1)
+     */
+    if (mbedtls_mpi_cmp_int(&P->Z, 0) == 0) {
+        return mbedtls_ecp_copy(R, Q);
+    }
+
+    if (Q->Z.p != NULL && mbedtls_mpi_cmp_int(&Q->Z, 0) == 0) {
+        return mbedtls_ecp_copy(R, P);
+    }
+
+    /*
+     * Make sure Q coordinates are normalized
+     */
+    if (Q->Z.p != NULL && mbedtls_mpi_cmp_int(&Q->Z, 1) != 0) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+    mbedtls_mpi_init(&T1); mbedtls_mpi_init(&T2); mbedtls_mpi_init(&T3); mbedtls_mpi_init(&T4);
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z);
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T1,  &P->Z,  &P->Z));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T2,  &T1,    &P->Z));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T1,  &T1,    &Q->X));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T2,  &T2,    &Q->Y));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &T1,  &T1,    &P->X));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &T2,  &T2,    &P->Y));
+
+    /* Special cases (2) and (3) */
+    if (mbedtls_mpi_cmp_int(&T1, 0) == 0) {
+        if (mbedtls_mpi_cmp_int(&T2, 0) == 0) {
+            ret = ecp_double_jac(grp, R, P);
+            goto cleanup;
+        } else {
+            ret = mbedtls_ecp_set_zero(R);
+            goto cleanup;
+        }
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &Z,   &P->Z,  &T1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T3,  &T1,    &T1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T4,  &T3,    &T1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T3,  &T3,    &P->X));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&T1, &T3));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l_mod(grp, &T1,  1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &X,   &T2,    &T2));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &X,   &X,     &T1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &X,   &X,     &T4));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &T3,  &T3,    &X));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T3,  &T3,    &T2));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T4,  &T4,    &P->Y));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &Y,   &T3,    &T4));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R->X, &X));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R->Y, &Y));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R->Z, &Z));
+
+cleanup:
+
+    mbedtls_mpi_free(&T1); mbedtls_mpi_free(&T2); mbedtls_mpi_free(&T3); mbedtls_mpi_free(&T4);
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z);
+
+    return ret;
+#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_ADD_MIXED_ALT) */
+}
+
+/*
+ * Randomize jacobian coordinates:
+ * (X, Y, Z) -> (l^2 X, l^3 Y, l Z) for random l
+ * This is sort of the reverse operation of ecp_normalize_jac().
+ *
+ * This countermeasure was first suggested in [2].
+ */
+static int ecp_randomize_jac(const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt,
+                             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT)
+    if (mbedtls_internal_ecp_grp_capable(grp)) {
+        return mbedtls_internal_ecp_randomize_jac(grp, pt, f_rng, p_rng);
+    }
+#endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */
+
+#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT)
+    return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+#else
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_mpi l, ll;
+
+    mbedtls_mpi_init(&l); mbedtls_mpi_init(&ll);
+
+    /* Generate l such that 1 < l < p */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_random(&l, 2, &grp->P, f_rng, p_rng));
+
+    /* Z = l * Z */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &pt->Z,   &pt->Z,     &l));
+
+    /* X = l^2 * X */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &ll,      &l,         &l));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &pt->X,   &pt->X,     &ll));
+
+    /* Y = l^3 * Y */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &ll,      &ll,        &l));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &pt->Y,   &pt->Y,     &ll));
+
+cleanup:
+    mbedtls_mpi_free(&l); mbedtls_mpi_free(&ll);
+
+    if (ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) {
+        ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
+    }
+    return ret;
+#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) */
+}
+
+/*
+ * Check and define parameters used by the comb method (see below for details)
+ */
+#if MBEDTLS_ECP_WINDOW_SIZE < 2 || MBEDTLS_ECP_WINDOW_SIZE > 7
+#error "MBEDTLS_ECP_WINDOW_SIZE out of bounds"
+#endif
+
+/* d = ceil( n / w ) */
+#define COMB_MAX_D      (MBEDTLS_ECP_MAX_BITS + 1) / 2
+
+/* number of precomputed points */
+#define COMB_MAX_PRE    (1 << (MBEDTLS_ECP_WINDOW_SIZE - 1))
+
+/*
+ * Compute the representation of m that will be used with our comb method.
+ *
+ * The basic comb method is described in GECC 3.44 for example. We use a
+ * modified version that provides resistance to SPA by avoiding zero
+ * digits in the representation as in [3]. We modify the method further by
+ * requiring that all K_i be odd, which has the small cost that our
+ * representation uses one more K_i, due to carries, but saves on the size of
+ * the precomputed table.
+ *
+ * Summary of the comb method and its modifications:
+ *
+ * - The goal is to compute m*P for some w*d-bit integer m.
+ *
+ * - The basic comb method splits m into the w-bit integers
+ *   x[0] .. x[d-1] where x[i] consists of the bits in m whose
+ *   index has residue i modulo d, and computes m * P as
+ *   S[x[0]] + 2 * S[x[1]] + .. + 2^(d-1) S[x[d-1]], where
+ *   S[i_{w-1} .. i_0] := i_{w-1} 2^{(w-1)d} P + ... + i_1 2^d P + i_0 P.
+ *
+ * - If it happens that, say, x[i+1]=0 (=> S[x[i+1]]=0), one can replace the sum by
+ *    .. + 2^{i-1} S[x[i-1]] - 2^i S[x[i]] + 2^{i+1} S[x[i]] + 2^{i+2} S[x[i+2]] ..,
+ *   thereby successively converting it into a form where all summands
+ *   are nonzero, at the cost of negative summands. This is the basic idea of [3].
+ *
+ * - More generally, even if x[i+1] != 0, we can first transform the sum as
+ *   .. - 2^i S[x[i]] + 2^{i+1} ( S[x[i]] + S[x[i+1]] ) + 2^{i+2} S[x[i+2]] ..,
+ *   and then replace S[x[i]] + S[x[i+1]] = S[x[i] ^ x[i+1]] + 2 S[x[i] & x[i+1]].
+ *   Performing and iterating this procedure for those x[i] that are even
+ *   (keeping track of carry), we can transform the original sum into one of the form
+ *   S[x'[0]] +- 2 S[x'[1]] +- .. +- 2^{d-1} S[x'[d-1]] + 2^d S[x'[d]]
+ *   with all x'[i] odd. It is therefore only necessary to know S at odd indices,
+ *   which is why we are only computing half of it in the first place in
+ *   ecp_precompute_comb and accessing it with index abs(i) / 2 in ecp_select_comb.
+ *
+ * - For the sake of compactness, only the seven low-order bits of x[i]
+ *   are used to represent its absolute value (K_i in the paper), and the msb
+ *   of x[i] encodes the sign (s_i in the paper): it is set if and only if
+ *   if s_i == -1;
+ *
+ * Calling conventions:
+ * - x is an array of size d + 1
+ * - w is the size, ie number of teeth, of the comb, and must be between
+ *   2 and 7 (in practice, between 2 and MBEDTLS_ECP_WINDOW_SIZE)
+ * - m is the MPI, expected to be odd and such that bitlength(m) <= w * d
+ *   (the result will be incorrect if these assumptions are not satisfied)
+ */
+static void ecp_comb_recode_core(unsigned char x[], size_t d,
+                                 unsigned char w, const mbedtls_mpi *m)
+{
+    size_t i, j;
+    unsigned char c, cc, adjust;
+
+    memset(x, 0, d+1);
+
+    /* First get the classical comb values (except for x_d = 0) */
+    for (i = 0; i < d; i++) {
+        for (j = 0; j < w; j++) {
+            x[i] |= mbedtls_mpi_get_bit(m, i + d * j) << j;
+        }
+    }
+
+    /* Now make sure x_1 .. x_d are odd */
+    c = 0;
+    for (i = 1; i <= d; i++) {
+        /* Add carry and update it */
+        cc   = x[i] & c;
+        x[i] = x[i] ^ c;
+        c = cc;
+
+        /* Adjust if needed, avoiding branches */
+        adjust = 1 - (x[i] & 0x01);
+        c   |= x[i] & (x[i-1] * adjust);
+        x[i] = x[i] ^ (x[i-1] * adjust);
+        x[i-1] |= adjust << 7;
+    }
+}
+
+/*
+ * Precompute points for the adapted comb method
+ *
+ * Assumption: T must be able to hold 2^{w - 1} elements.
+ *
+ * Operation: If i = i_{w-1} ... i_1 is the binary representation of i,
+ *            sets T[i] = i_{w-1} 2^{(w-1)d} P + ... + i_1 2^d P + P.
+ *
+ * Cost: d(w-1) D + (2^{w-1} - 1) A + 1 N(w-1) + 1 N(2^{w-1} - 1)
+ *
+ * Note: Even comb values (those where P would be omitted from the
+ *       sum defining T[i] above) are not needed in our adaption
+ *       the comb method. See ecp_comb_recode_core().
+ *
+ * This function currently works in four steps:
+ * (1) [dbl]      Computation of intermediate T[i] for 2-power values of i
+ * (2) [norm_dbl] Normalization of coordinates of these T[i]
+ * (3) [add]      Computation of all T[i]
+ * (4) [norm_add] Normalization of all T[i]
+ *
+ * Step 1 can be interrupted but not the others; together with the final
+ * coordinate normalization they are the largest steps done at once, depending
+ * on the window size. Here are operation counts for P-256:
+ *
+ * step     (2)     (3)     (4)
+ * w = 5    142     165     208
+ * w = 4    136      77     160
+ * w = 3    130      33     136
+ * w = 2    124      11     124
+ *
+ * So if ECC operations are blocking for too long even with a low max_ops
+ * value, it's useful to set MBEDTLS_ECP_WINDOW_SIZE to a lower value in order
+ * to minimize maximum blocking time.
+ */
+static int ecp_precompute_comb(const mbedtls_ecp_group *grp,
+                               mbedtls_ecp_point T[], const mbedtls_ecp_point *P,
+                               unsigned char w, size_t d,
+                               mbedtls_ecp_restart_ctx *rs_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char i;
+    size_t j = 0;
+    const unsigned char T_size = 1U << (w - 1);
+    mbedtls_ecp_point *cur, *TT[COMB_MAX_PRE - 1];
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->rsm != NULL) {
+        if (rs_ctx->rsm->state == ecp_rsm_pre_dbl) {
+            goto dbl;
+        }
+        if (rs_ctx->rsm->state == ecp_rsm_pre_norm_dbl) {
+            goto norm_dbl;
+        }
+        if (rs_ctx->rsm->state == ecp_rsm_pre_add) {
+            goto add;
+        }
+        if (rs_ctx->rsm->state == ecp_rsm_pre_norm_add) {
+            goto norm_add;
+        }
+    }
+#else
+    (void) rs_ctx;
+#endif
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->rsm != NULL) {
+        rs_ctx->rsm->state = ecp_rsm_pre_dbl;
+
+        /* initial state for the loop */
+        rs_ctx->rsm->i = 0;
+    }
+
+dbl:
+#endif
+    /*
+     * Set T[0] = P and
+     * T[2^{l-1}] = 2^{dl} P for l = 1 .. w-1 (this is not the final value)
+     */
+    MBEDTLS_MPI_CHK(mbedtls_ecp_copy(&T[0], P));
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->i != 0) {
+        j = rs_ctx->rsm->i;
+    } else
+#endif
+    j = 0;
+
+    for (; j < d * (w - 1); j++) {
+        MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_DBL);
+
+        i = 1U << (j / d);
+        cur = T + i;
+
+        if (j % d == 0) {
+            MBEDTLS_MPI_CHK(mbedtls_ecp_copy(cur, T + (i >> 1)));
+        }
+
+        MBEDTLS_MPI_CHK(ecp_double_jac(grp, cur, cur));
+    }
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->rsm != NULL) {
+        rs_ctx->rsm->state = ecp_rsm_pre_norm_dbl;
+    }
+
+norm_dbl:
+#endif
+    /*
+     * Normalize current elements in T. As T has holes,
+     * use an auxiliary array of pointers to elements in T.
+     */
+    j = 0;
+    for (i = 1; i < T_size; i <<= 1) {
+        TT[j++] = T + i;
+    }
+
+    MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_INV + 6 * j - 2);
+
+    MBEDTLS_MPI_CHK(ecp_normalize_jac_many(grp, TT, j));
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->rsm != NULL) {
+        rs_ctx->rsm->state = ecp_rsm_pre_add;
+    }
+
+add:
+#endif
+    /*
+     * Compute the remaining ones using the minimal number of additions
+     * Be careful to update T[2^l] only after using it!
+     */
+    MBEDTLS_ECP_BUDGET((T_size - 1) * MBEDTLS_ECP_OPS_ADD);
+
+    for (i = 1; i < T_size; i <<= 1) {
+        j = i;
+        while (j--) {
+            MBEDTLS_MPI_CHK(ecp_add_mixed(grp, &T[i + j], &T[j], &T[i]));
+        }
+    }
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->rsm != NULL) {
+        rs_ctx->rsm->state = ecp_rsm_pre_norm_add;
+    }
+
+norm_add:
+#endif
+    /*
+     * Normalize final elements in T. Even though there are no holes now, we
+     * still need the auxiliary array for homogeneity with the previous
+     * call. Also, skip T[0] which is already normalised, being a copy of P.
+     */
+    for (j = 0; j + 1 < T_size; j++) {
+        TT[j] = T + j + 1;
+    }
+
+    MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_INV + 6 * j - 2);
+
+    MBEDTLS_MPI_CHK(ecp_normalize_jac_many(grp, TT, j));
+
+cleanup:
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->rsm != NULL &&
+        ret == MBEDTLS_ERR_ECP_IN_PROGRESS) {
+        if (rs_ctx->rsm->state == ecp_rsm_pre_dbl) {
+            rs_ctx->rsm->i = j;
+        }
+    }
+#endif
+
+    return ret;
+}
+
+/*
+ * Select precomputed point: R = sign(i) * T[ abs(i) / 2 ]
+ *
+ * See ecp_comb_recode_core() for background
+ */
+static int ecp_select_comb(const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                           const mbedtls_ecp_point T[], unsigned char T_size,
+                           unsigned char i)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char ii, j;
+
+    /* Ignore the "sign" bit and scale down */
+    ii =  (i & 0x7Fu) >> 1;
+
+    /* Read the whole table to thwart cache-based timing attacks */
+    for (j = 0; j < T_size; j++) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_assign(&R->X, &T[j].X, j == ii));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_assign(&R->Y, &T[j].Y, j == ii));
+    }
+
+    /* Safely invert result if i is "negative" */
+    MBEDTLS_MPI_CHK(ecp_safe_invert_jac(grp, R, i >> 7));
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Core multiplication algorithm for the (modified) comb method.
+ * This part is actually common with the basic comb method (GECC 3.44)
+ *
+ * Cost: d A + d D + 1 R
+ */
+static int ecp_mul_comb_core(const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                             const mbedtls_ecp_point T[], unsigned char T_size,
+                             const unsigned char x[], size_t d,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng,
+                             mbedtls_ecp_restart_ctx *rs_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ecp_point Txi;
+    size_t i;
+
+    mbedtls_ecp_point_init(&Txi);
+
+#if !defined(MBEDTLS_ECP_RESTARTABLE)
+    (void) rs_ctx;
+#endif
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->rsm != NULL &&
+        rs_ctx->rsm->state != ecp_rsm_comb_core) {
+        rs_ctx->rsm->i = 0;
+        rs_ctx->rsm->state = ecp_rsm_comb_core;
+    }
+
+    /* new 'if' instead of nested for the sake of the 'else' branch */
+    if (rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->i != 0) {
+        /* restore current index (R already pointing to rs_ctx->rsm->R) */
+        i = rs_ctx->rsm->i;
+    } else
+#endif
+    {
+        int have_rng = 1;
+
+        /* Start with a non-zero point and randomize its coordinates */
+        i = d;
+        MBEDTLS_MPI_CHK(ecp_select_comb(grp, R, T, T_size, x[i]));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&R->Z, 1));
+
+#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
+        if (f_rng == NULL) {
+            have_rng = 0;
+        }
+#endif
+        if (have_rng) {
+            MBEDTLS_MPI_CHK(ecp_randomize_jac(grp, R, f_rng, p_rng));
+        }
+    }
+
+    while (i != 0) {
+        MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_DBL + MBEDTLS_ECP_OPS_ADD);
+        --i;
+
+        MBEDTLS_MPI_CHK(ecp_double_jac(grp, R, R));
+        MBEDTLS_MPI_CHK(ecp_select_comb(grp, &Txi, T, T_size, x[i]));
+        MBEDTLS_MPI_CHK(ecp_add_mixed(grp, R, R, &Txi));
+    }
+
+cleanup:
+
+    mbedtls_ecp_point_free(&Txi);
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->rsm != NULL &&
+        ret == MBEDTLS_ERR_ECP_IN_PROGRESS) {
+        rs_ctx->rsm->i = i;
+        /* no need to save R, already pointing to rs_ctx->rsm->R */
+    }
+#endif
+
+    return ret;
+}
+
+/*
+ * Recode the scalar to get constant-time comb multiplication
+ *
+ * As the actual scalar recoding needs an odd scalar as a starting point,
+ * this wrapper ensures that by replacing m by N - m if necessary, and
+ * informs the caller that the result of multiplication will be negated.
+ *
+ * This works because we only support large prime order for Short Weierstrass
+ * curves, so N is always odd hence either m or N - m is.
+ *
+ * See ecp_comb_recode_core() for background.
+ */
+static int ecp_comb_recode_scalar(const mbedtls_ecp_group *grp,
+                                  const mbedtls_mpi *m,
+                                  unsigned char k[COMB_MAX_D + 1],
+                                  size_t d,
+                                  unsigned char w,
+                                  unsigned char *parity_trick)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_mpi M, mm;
+
+    mbedtls_mpi_init(&M);
+    mbedtls_mpi_init(&mm);
+
+    /* N is always odd (see above), just make extra sure */
+    if (mbedtls_mpi_get_bit(&grp->N, 0) != 1) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+    /* do we need the parity trick? */
+    *parity_trick = (mbedtls_mpi_get_bit(m, 0) == 0);
+
+    /* execute parity fix in constant time */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&M, m));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&mm, &grp->N, m));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_assign(&M, &mm, *parity_trick));
+
+    /* actual scalar recoding */
+    ecp_comb_recode_core(k, d, w, &M);
+
+cleanup:
+    mbedtls_mpi_free(&mm);
+    mbedtls_mpi_free(&M);
+
+    return ret;
+}
+
+/*
+ * Perform comb multiplication (for short Weierstrass curves)
+ * once the auxiliary table has been pre-computed.
+ *
+ * Scalar recoding may use a parity trick that makes us compute -m * P,
+ * if that is the case we'll need to recover m * P at the end.
+ */
+static int ecp_mul_comb_after_precomp(const mbedtls_ecp_group *grp,
+                                      mbedtls_ecp_point *R,
+                                      const mbedtls_mpi *m,
+                                      const mbedtls_ecp_point *T,
+                                      unsigned char T_size,
+                                      unsigned char w,
+                                      size_t d,
+                                      int (*f_rng)(void *, unsigned char *, size_t),
+                                      void *p_rng,
+                                      mbedtls_ecp_restart_ctx *rs_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char parity_trick;
+    unsigned char k[COMB_MAX_D + 1];
+    mbedtls_ecp_point *RR = R;
+    int have_rng = 1;
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->rsm != NULL) {
+        RR = &rs_ctx->rsm->R;
+
+        if (rs_ctx->rsm->state == ecp_rsm_final_norm) {
+            goto final_norm;
+        }
+    }
+#endif
+
+    MBEDTLS_MPI_CHK(ecp_comb_recode_scalar(grp, m, k, d, w,
+                                           &parity_trick));
+    MBEDTLS_MPI_CHK(ecp_mul_comb_core(grp, RR, T, T_size, k, d,
+                                      f_rng, p_rng, rs_ctx));
+    MBEDTLS_MPI_CHK(ecp_safe_invert_jac(grp, RR, parity_trick));
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->rsm != NULL) {
+        rs_ctx->rsm->state = ecp_rsm_final_norm;
+    }
+
+final_norm:
+    MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_INV);
+#endif
+    /*
+     * Knowledge of the jacobian coordinates may leak the last few bits of the
+     * scalar [1], and since our MPI implementation isn't constant-flow,
+     * inversion (used for coordinate normalization) may leak the full value
+     * of its input via side-channels [2].
+     *
+     * [1] https://eprint.iacr.org/2003/191
+     * [2] https://eprint.iacr.org/2020/055
+     *
+     * Avoid the leak by randomizing coordinates before we normalize them.
+     */
+#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
+    if (f_rng == NULL) {
+        have_rng = 0;
+    }
+#endif
+    if (have_rng) {
+        MBEDTLS_MPI_CHK(ecp_randomize_jac(grp, RR, f_rng, p_rng));
+    }
+
+    MBEDTLS_MPI_CHK(ecp_normalize_jac(grp, RR));
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->rsm != NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_ecp_copy(R, RR));
+    }
+#endif
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Pick window size based on curve size and whether we optimize for base point
+ */
+static unsigned char ecp_pick_window_size(const mbedtls_ecp_group *grp,
+                                          unsigned char p_eq_g)
+{
+    unsigned char w;
+
+    /*
+     * Minimize the number of multiplications, that is minimize
+     * 10 * d * w + 18 * 2^(w-1) + 11 * d + 7 * w, with d = ceil( nbits / w )
+     * (see costs of the various parts, with 1S = 1M)
+     */
+    w = grp->nbits >= 384 ? 5 : 4;
+
+    /*
+     * If P == G, pre-compute a bit more, since this may be re-used later.
+     * Just adding one avoids upping the cost of the first mul too much,
+     * and the memory cost too.
+     */
+    if (p_eq_g) {
+        w++;
+    }
+
+    /*
+     * Make sure w is within bounds.
+     * (The last test is useful only for very small curves in the test suite.)
+     */
+#if (MBEDTLS_ECP_WINDOW_SIZE < 6)
+    if (w > MBEDTLS_ECP_WINDOW_SIZE) {
+        w = MBEDTLS_ECP_WINDOW_SIZE;
+    }
+#endif
+    if (w >= grp->nbits) {
+        w = 2;
+    }
+
+    return w;
+}
+
+/*
+ * Multiplication using the comb method - for curves in short Weierstrass form
+ *
+ * This function is mainly responsible for administrative work:
+ * - managing the restart context if enabled
+ * - managing the table of precomputed points (passed between the below two
+ *   functions): allocation, computation, ownership transfer, freeing.
+ *
+ * It delegates the actual arithmetic work to:
+ *      ecp_precompute_comb() and ecp_mul_comb_with_precomp()
+ *
+ * See comments on ecp_comb_recode_core() regarding the computation strategy.
+ */
+static int ecp_mul_comb(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                        const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+                        int (*f_rng)(void *, unsigned char *, size_t),
+                        void *p_rng,
+                        mbedtls_ecp_restart_ctx *rs_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char w, p_eq_g, i;
+    size_t d;
+    unsigned char T_size = 0, T_ok = 0;
+    mbedtls_ecp_point *T = NULL;
+#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
+    ecp_drbg_context drbg_ctx;
+
+    ecp_drbg_init(&drbg_ctx);
+#endif
+
+    ECP_RS_ENTER(rsm);
+
+#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
+    if (f_rng == NULL) {
+        /* Adjust pointers */
+        f_rng = &ecp_drbg_random;
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+        if (rs_ctx != NULL && rs_ctx->rsm != NULL) {
+            p_rng = &rs_ctx->rsm->drbg_ctx;
+        } else
+#endif
+        p_rng = &drbg_ctx;
+
+        /* Initialize internal DRBG if necessary */
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+        if (rs_ctx == NULL || rs_ctx->rsm == NULL ||
+            rs_ctx->rsm->drbg_seeded == 0)
+#endif
+        {
+            const size_t m_len = (grp->nbits + 7) / 8;
+            MBEDTLS_MPI_CHK(ecp_drbg_seed(p_rng, m, m_len));
+        }
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+        if (rs_ctx != NULL && rs_ctx->rsm != NULL) {
+            rs_ctx->rsm->drbg_seeded = 1;
+        }
+#endif
+    }
+#endif /* !MBEDTLS_ECP_NO_INTERNAL_RNG */
+
+    /* Is P the base point ? */
+#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1
+    p_eq_g = (mbedtls_mpi_cmp_mpi(&P->Y, &grp->G.Y) == 0 &&
+              mbedtls_mpi_cmp_mpi(&P->X, &grp->G.X) == 0);
+#else
+    p_eq_g = 0;
+#endif
+
+    /* Pick window size and deduce related sizes */
+    w = ecp_pick_window_size(grp, p_eq_g);
+    T_size = 1U << (w - 1);
+    d = (grp->nbits + w - 1) / w;
+
+    /* Pre-computed table: do we have it already for the base point? */
+    if (p_eq_g && grp->T != NULL) {
+        /* second pointer to the same table, will be deleted on exit */
+        T = grp->T;
+        T_ok = 1;
+    } else
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    /* Pre-computed table: do we have one in progress? complete? */
+    if (rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->T != NULL) {
+        /* transfer ownership of T from rsm to local function */
+        T = rs_ctx->rsm->T;
+        rs_ctx->rsm->T = NULL;
+        rs_ctx->rsm->T_size = 0;
+
+        /* This effectively jumps to the call to mul_comb_after_precomp() */
+        T_ok = rs_ctx->rsm->state >= ecp_rsm_comb_core;
+    } else
+#endif
+    /* Allocate table if we didn't have any */
+    {
+        T = mbedtls_calloc(T_size, sizeof(mbedtls_ecp_point));
+        if (T == NULL) {
+            ret = MBEDTLS_ERR_ECP_ALLOC_FAILED;
+            goto cleanup;
+        }
+
+        for (i = 0; i < T_size; i++) {
+            mbedtls_ecp_point_init(&T[i]);
+        }
+
+        T_ok = 0;
+    }
+
+    /* Compute table (or finish computing it) if not done already */
+    if (!T_ok) {
+        MBEDTLS_MPI_CHK(ecp_precompute_comb(grp, T, P, w, d, rs_ctx));
+
+        if (p_eq_g) {
+            /* almost transfer ownership of T to the group, but keep a copy of
+             * the pointer to use for calling the next function more easily */
+            grp->T = T;
+            grp->T_size = T_size;
+        }
+    }
+
+    /* Actual comb multiplication using precomputed points */
+    MBEDTLS_MPI_CHK(ecp_mul_comb_after_precomp(grp, R, m,
+                                               T, T_size, w, d,
+                                               f_rng, p_rng, rs_ctx));
+
+cleanup:
+
+#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
+    ecp_drbg_free(&drbg_ctx);
+#endif
+
+    /* does T belong to the group? */
+    if (T == grp->T) {
+        T = NULL;
+    }
+
+    /* does T belong to the restart context? */
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->rsm != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS && T != NULL) {
+        /* transfer ownership of T from local function to rsm */
+        rs_ctx->rsm->T_size = T_size;
+        rs_ctx->rsm->T = T;
+        T = NULL;
+    }
+#endif
+
+    /* did T belong to us? then let's destroy it! */
+    if (T != NULL) {
+        for (i = 0; i < T_size; i++) {
+            mbedtls_ecp_point_free(&T[i]);
+        }
+        mbedtls_free(T);
+    }
+
+    /* prevent caller from using invalid value */
+    int should_free_R = (ret != 0);
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    /* don't free R while in progress in case R == P */
+    if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) {
+        should_free_R = 0;
+    }
+#endif
+    if (should_free_R) {
+        mbedtls_ecp_point_free(R);
+    }
+
+    ECP_RS_LEAVE(rsm);
+
+    return ret;
+}
+
+#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
+
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
+/*
+ * For Montgomery curves, we do all the internal arithmetic in projective
+ * coordinates. Import/export of points uses only the x coordinates, which is
+ * internally represented as X / Z.
+ *
+ * For scalar multiplication, we'll use a Montgomery ladder.
+ */
+
+/*
+ * Normalize Montgomery x/z coordinates: X = X/Z, Z = 1
+ * Cost: 1M + 1I
+ */
+static int ecp_normalize_mxz(const mbedtls_ecp_group *grp, mbedtls_ecp_point *P)
+{
+#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
+    if (mbedtls_internal_ecp_grp_capable(grp)) {
+        return mbedtls_internal_ecp_normalize_mxz(grp, P);
+    }
+#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */
+
+#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
+    return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+#else
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&P->Z, &P->Z, &grp->P));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &P->X, &P->X, &P->Z));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&P->Z, 1));
+
+cleanup:
+    return ret;
+#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) */
+}
+
+/*
+ * Randomize projective x/z coordinates:
+ * (X, Z) -> (l X, l Z) for random l
+ * This is sort of the reverse operation of ecp_normalize_mxz().
+ *
+ * This countermeasure was first suggested in [2].
+ * Cost: 2M
+ */
+static int ecp_randomize_mxz(const mbedtls_ecp_group *grp, mbedtls_ecp_point *P,
+                             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT)
+    if (mbedtls_internal_ecp_grp_capable(grp)) {
+        return mbedtls_internal_ecp_randomize_mxz(grp, P, f_rng, p_rng);
+    }
+#endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */
+
+#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT)
+    return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+#else
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_mpi l;
+    mbedtls_mpi_init(&l);
+
+    /* Generate l such that 1 < l < p */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_random(&l, 2, &grp->P, f_rng, p_rng));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &P->X, &P->X, &l));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &P->Z, &P->Z, &l));
+
+cleanup:
+    mbedtls_mpi_free(&l);
+
+    if (ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) {
+        ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
+    }
+    return ret;
+#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) */
+}
+
+/*
+ * Double-and-add: R = 2P, S = P + Q, with d = X(P - Q),
+ * for Montgomery curves in x/z coordinates.
+ *
+ * http://www.hyperelliptic.org/EFD/g1p/auto-code/montgom/xz/ladder/mladd-1987-m.op3
+ * with
+ * d =  X1
+ * P = (X2, Z2)
+ * Q = (X3, Z3)
+ * R = (X4, Z4)
+ * S = (X5, Z5)
+ * and eliminating temporary variables tO, ..., t4.
+ *
+ * Cost: 5M + 4S
+ */
+static int ecp_double_add_mxz(const mbedtls_ecp_group *grp,
+                              mbedtls_ecp_point *R, mbedtls_ecp_point *S,
+                              const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q,
+                              const mbedtls_mpi *d)
+{
+#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)
+    if (mbedtls_internal_ecp_grp_capable(grp)) {
+        return mbedtls_internal_ecp_double_add_mxz(grp, R, S, P, Q, d);
+    }
+#endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */
+
+#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)
+    return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+#else
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_mpi A, AA, B, BB, E, C, D, DA, CB;
+
+    mbedtls_mpi_init(&A); mbedtls_mpi_init(&AA); mbedtls_mpi_init(&B);
+    mbedtls_mpi_init(&BB); mbedtls_mpi_init(&E); mbedtls_mpi_init(&C);
+    mbedtls_mpi_init(&D); mbedtls_mpi_init(&DA); mbedtls_mpi_init(&CB);
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &A,    &P->X,   &P->Z));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &AA,   &A,      &A));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &B,    &P->X,   &P->Z));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &BB,   &B,      &B));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &E,    &AA,     &BB));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &C,    &Q->X,   &Q->Z));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &D,    &Q->X,   &Q->Z));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &DA,   &D,      &A));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &CB,   &C,      &B));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &S->X, &DA,     &CB));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S->X, &S->X,   &S->X));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &S->Z, &DA,     &CB));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S->Z, &S->Z,   &S->Z));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S->Z, d,       &S->Z));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &R->X, &AA,     &BB));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &R->Z, &grp->A, &E));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &R->Z, &BB,     &R->Z));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &R->Z, &E,      &R->Z));
+
+cleanup:
+    mbedtls_mpi_free(&A); mbedtls_mpi_free(&AA); mbedtls_mpi_free(&B);
+    mbedtls_mpi_free(&BB); mbedtls_mpi_free(&E); mbedtls_mpi_free(&C);
+    mbedtls_mpi_free(&D); mbedtls_mpi_free(&DA); mbedtls_mpi_free(&CB);
+
+    return ret;
+#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) */
+}
+
+/*
+ * Multiplication with Montgomery ladder in x/z coordinates,
+ * for curves in Montgomery form
+ */
+static int ecp_mul_mxz(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                       const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+                       int (*f_rng)(void *, unsigned char *, size_t),
+                       void *p_rng)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    int have_rng = 1;
+    size_t i;
+    unsigned char b;
+    mbedtls_ecp_point RP;
+    mbedtls_mpi PX;
+#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
+    ecp_drbg_context drbg_ctx;
+
+    ecp_drbg_init(&drbg_ctx);
+#endif
+    mbedtls_ecp_point_init(&RP); mbedtls_mpi_init(&PX);
+
+#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
+    if (f_rng == NULL) {
+        const size_t m_len = (grp->nbits + 7) / 8;
+        MBEDTLS_MPI_CHK(ecp_drbg_seed(&drbg_ctx, m, m_len));
+        f_rng = &ecp_drbg_random;
+        p_rng = &drbg_ctx;
+    }
+#endif /* !MBEDTLS_ECP_NO_INTERNAL_RNG */
+
+    /* Save PX and read from P before writing to R, in case P == R */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&PX, &P->X));
+    MBEDTLS_MPI_CHK(mbedtls_ecp_copy(&RP, P));
+
+    /* Set R to zero in modified x/z coordinates */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&R->X, 1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&R->Z, 0));
+    mbedtls_mpi_free(&R->Y);
+
+    /* RP.X might be slightly larger than P, so reduce it */
+    MOD_ADD(RP.X);
+
+#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
+    /* Derandomize coordinates of the starting point */
+    if (f_rng == NULL) {
+        have_rng = 0;
+    }
+#endif
+    if (have_rng) {
+        MBEDTLS_MPI_CHK(ecp_randomize_mxz(grp, &RP, f_rng, p_rng));
+    }
+
+    /* Loop invariant: R = result so far, RP = R + P */
+    i = grp->nbits + 1; /* one past the (zero-based) required msb for private keys */
+    while (i-- > 0) {
+        b = mbedtls_mpi_get_bit(m, i);
+        /*
+         *  if (b) R = 2R + P else R = 2R,
+         * which is:
+         *  if (b) double_add( RP, R, RP, R )
+         *  else   double_add( R, RP, R, RP )
+         * but using safe conditional swaps to avoid leaks
+         */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_swap(&R->X, &RP.X, b));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_swap(&R->Z, &RP.Z, b));
+        MBEDTLS_MPI_CHK(ecp_double_add_mxz(grp, R, &RP, R, &RP, &PX));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_swap(&R->X, &RP.X, b));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_swap(&R->Z, &RP.Z, b));
+    }
+
+    /*
+     * Knowledge of the projective coordinates may leak the last few bits of the
+     * scalar [1], and since our MPI implementation isn't constant-flow,
+     * inversion (used for coordinate normalization) may leak the full value
+     * of its input via side-channels [2].
+     *
+     * [1] https://eprint.iacr.org/2003/191
+     * [2] https://eprint.iacr.org/2020/055
+     *
+     * Avoid the leak by randomizing coordinates before we normalize them.
+     */
+    have_rng = 1;
+#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
+    if (f_rng == NULL) {
+        have_rng = 0;
+    }
+#endif
+    if (have_rng) {
+        MBEDTLS_MPI_CHK(ecp_randomize_mxz(grp, R, f_rng, p_rng));
+    }
+
+    MBEDTLS_MPI_CHK(ecp_normalize_mxz(grp, R));
+
+cleanup:
+#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
+    ecp_drbg_free(&drbg_ctx);
+#endif
+
+    mbedtls_ecp_point_free(&RP); mbedtls_mpi_free(&PX);
+
+    return ret;
+}
+
+#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
+
+/*
+ * Restartable multiplication R = m * P
+ */
+int mbedtls_ecp_mul_restartable(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                                const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+                                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+                                mbedtls_ecp_restart_ctx *rs_ctx)
+{
+    int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+    char is_grp_capable = 0;
+#endif
+    ECP_VALIDATE_RET(grp != NULL);
+    ECP_VALIDATE_RET(R   != NULL);
+    ECP_VALIDATE_RET(m   != NULL);
+    ECP_VALIDATE_RET(P   != NULL);
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    /* reset ops count for this call if top-level */
+    if (rs_ctx != NULL && rs_ctx->depth++ == 0) {
+        rs_ctx->ops_done = 0;
+    }
+#else
+    (void) rs_ctx;
+#endif
+
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+    if ((is_grp_capable = mbedtls_internal_ecp_grp_capable(grp))) {
+        MBEDTLS_MPI_CHK(mbedtls_internal_ecp_init(grp));
+    }
+#endif /* MBEDTLS_ECP_INTERNAL_ALT */
+
+    int restarting = 0;
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    restarting = (rs_ctx != NULL && rs_ctx->rsm != NULL);
+#endif
+    /* skip argument check when restarting */
+    if (!restarting) {
+        /* check_privkey is free */
+        MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_CHK);
+
+        /* Common sanity checks */
+        MBEDTLS_MPI_CHK(mbedtls_ecp_check_privkey(grp, m));
+        MBEDTLS_MPI_CHK(mbedtls_ecp_check_pubkey(grp, P));
+    }
+
+    ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
+    if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) {
+        MBEDTLS_MPI_CHK(ecp_mul_mxz(grp, R, m, P, f_rng, p_rng));
+    }
+#endif
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
+    if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) {
+        MBEDTLS_MPI_CHK(ecp_mul_comb(grp, R, m, P, f_rng, p_rng, rs_ctx));
+    }
+#endif
+
+cleanup:
+
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+    if (is_grp_capable) {
+        mbedtls_internal_ecp_free(grp);
+    }
+#endif /* MBEDTLS_ECP_INTERNAL_ALT */
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL) {
+        rs_ctx->depth--;
+    }
+#endif
+
+    return ret;
+}
+
+/*
+ * Multiplication R = m * P
+ */
+int mbedtls_ecp_mul(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                    const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+    ECP_VALIDATE_RET(grp != NULL);
+    ECP_VALIDATE_RET(R   != NULL);
+    ECP_VALIDATE_RET(m   != NULL);
+    ECP_VALIDATE_RET(P   != NULL);
+    return mbedtls_ecp_mul_restartable(grp, R, m, P, f_rng, p_rng, NULL);
+}
+
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
+/*
+ * Check that an affine point is valid as a public key,
+ * short weierstrass curves (SEC1 3.2.3.1)
+ */
+static int ecp_check_pubkey_sw(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_mpi YY, RHS;
+
+    /* pt coordinates must be normalized for our checks */
+    if (mbedtls_mpi_cmp_int(&pt->X, 0) < 0 ||
+        mbedtls_mpi_cmp_int(&pt->Y, 0) < 0 ||
+        mbedtls_mpi_cmp_mpi(&pt->X, &grp->P) >= 0 ||
+        mbedtls_mpi_cmp_mpi(&pt->Y, &grp->P) >= 0) {
+        return MBEDTLS_ERR_ECP_INVALID_KEY;
+    }
+
+    mbedtls_mpi_init(&YY); mbedtls_mpi_init(&RHS);
+
+    /*
+     * YY = Y^2
+     * RHS = X (X^2 + A) + B = X^3 + A X + B
+     */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &YY,  &pt->Y,   &pt->Y));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &RHS, &pt->X,   &pt->X));
+
+    /* Special case for A = -3 */
+    if (grp->A.p == NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&RHS, &RHS, 3));  MOD_SUB(RHS);
+    } else {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &RHS, &RHS, &grp->A));
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &RHS, &RHS,     &pt->X));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &RHS, &RHS,     &grp->B));
+
+    if (mbedtls_mpi_cmp_mpi(&YY, &RHS) != 0) {
+        ret = MBEDTLS_ERR_ECP_INVALID_KEY;
+    }
+
+cleanup:
+
+    mbedtls_mpi_free(&YY); mbedtls_mpi_free(&RHS);
+
+    return ret;
+}
+#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
+
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
+/*
+ * R = m * P with shortcuts for m == 0, m == 1 and m == -1
+ * NOT constant-time - ONLY for short Weierstrass!
+ */
+static int mbedtls_ecp_mul_shortcuts(mbedtls_ecp_group *grp,
+                                     mbedtls_ecp_point *R,
+                                     const mbedtls_mpi *m,
+                                     const mbedtls_ecp_point *P,
+                                     mbedtls_ecp_restart_ctx *rs_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if (mbedtls_mpi_cmp_int(m, 0) == 0) {
+        MBEDTLS_MPI_CHK(mbedtls_ecp_check_pubkey(grp, P));
+        MBEDTLS_MPI_CHK(mbedtls_ecp_set_zero(R));
+    } else if (mbedtls_mpi_cmp_int(m, 1) == 0) {
+        MBEDTLS_MPI_CHK(mbedtls_ecp_check_pubkey(grp, P));
+        MBEDTLS_MPI_CHK(mbedtls_ecp_copy(R, P));
+    } else if (mbedtls_mpi_cmp_int(m, -1) == 0) {
+        MBEDTLS_MPI_CHK(mbedtls_ecp_check_pubkey(grp, P));
+        MBEDTLS_MPI_CHK(mbedtls_ecp_copy(R, P));
+        if (mbedtls_mpi_cmp_int(&R->Y, 0) != 0) {
+            MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&R->Y, &grp->P, &R->Y));
+        }
+    } else {
+        MBEDTLS_MPI_CHK(mbedtls_ecp_mul_restartable(grp, R, m, P,
+                                                    NULL, NULL, rs_ctx));
+    }
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Restartable linear combination
+ * NOT constant-time
+ */
+int mbedtls_ecp_muladd_restartable(
+    mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+    const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+    const mbedtls_mpi *n, const mbedtls_ecp_point *Q,
+    mbedtls_ecp_restart_ctx *rs_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ecp_point mP;
+    mbedtls_ecp_point *pmP = &mP;
+    mbedtls_ecp_point *pR = R;
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+    char is_grp_capable = 0;
+#endif
+    ECP_VALIDATE_RET(grp != NULL);
+    ECP_VALIDATE_RET(R   != NULL);
+    ECP_VALIDATE_RET(m   != NULL);
+    ECP_VALIDATE_RET(P   != NULL);
+    ECP_VALIDATE_RET(n   != NULL);
+    ECP_VALIDATE_RET(Q   != NULL);
+
+    if (mbedtls_ecp_get_type(grp) != MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) {
+        return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+    }
+
+    mbedtls_ecp_point_init(&mP);
+
+    ECP_RS_ENTER(ma);
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->ma != NULL) {
+        /* redirect intermediate results to restart context */
+        pmP = &rs_ctx->ma->mP;
+        pR  = &rs_ctx->ma->R;
+
+        /* jump to next operation */
+        if (rs_ctx->ma->state == ecp_rsma_mul2) {
+            goto mul2;
+        }
+        if (rs_ctx->ma->state == ecp_rsma_add) {
+            goto add;
+        }
+        if (rs_ctx->ma->state == ecp_rsma_norm) {
+            goto norm;
+        }
+    }
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+    MBEDTLS_MPI_CHK(mbedtls_ecp_mul_shortcuts(grp, pmP, m, P, rs_ctx));
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->ma != NULL) {
+        rs_ctx->ma->state = ecp_rsma_mul2;
+    }
+
+mul2:
+#endif
+    MBEDTLS_MPI_CHK(mbedtls_ecp_mul_shortcuts(grp, pR,  n, Q, rs_ctx));
+
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+    if ((is_grp_capable = mbedtls_internal_ecp_grp_capable(grp))) {
+        MBEDTLS_MPI_CHK(mbedtls_internal_ecp_init(grp));
+    }
+#endif /* MBEDTLS_ECP_INTERNAL_ALT */
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->ma != NULL) {
+        rs_ctx->ma->state = ecp_rsma_add;
+    }
+
+add:
+#endif
+    MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_ADD);
+    MBEDTLS_MPI_CHK(ecp_add_mixed(grp, pR, pmP, pR));
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->ma != NULL) {
+        rs_ctx->ma->state = ecp_rsma_norm;
+    }
+
+norm:
+#endif
+    MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_INV);
+    MBEDTLS_MPI_CHK(ecp_normalize_jac(grp, pR));
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && rs_ctx->ma != NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_ecp_copy(R, pR));
+    }
+#endif
+
+cleanup:
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+    if (is_grp_capable) {
+        mbedtls_internal_ecp_free(grp);
+    }
+#endif /* MBEDTLS_ECP_INTERNAL_ALT */
+
+    mbedtls_ecp_point_free(&mP);
+
+    ECP_RS_LEAVE(ma);
+
+    return ret;
+}
+
+/*
+ * Linear combination
+ * NOT constant-time
+ */
+int mbedtls_ecp_muladd(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                       const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+                       const mbedtls_mpi *n, const mbedtls_ecp_point *Q)
+{
+    ECP_VALIDATE_RET(grp != NULL);
+    ECP_VALIDATE_RET(R   != NULL);
+    ECP_VALIDATE_RET(m   != NULL);
+    ECP_VALIDATE_RET(P   != NULL);
+    ECP_VALIDATE_RET(n   != NULL);
+    ECP_VALIDATE_RET(Q   != NULL);
+    return mbedtls_ecp_muladd_restartable(grp, R, m, P, n, Q, NULL);
+}
+#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
+
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+#define ECP_MPI_INIT(s, n, p) { s, (n), (mbedtls_mpi_uint *) (p) }
+#define ECP_MPI_INIT_ARRAY(x)   \
+    ECP_MPI_INIT(1, sizeof(x) / sizeof(mbedtls_mpi_uint), x)
+/*
+ * Constants for the two points other than 0, 1, -1 (mod p) in
+ * https://cr.yp.to/ecdh.html#validate
+ * See ecp_check_pubkey_x25519().
+ */
+static const mbedtls_mpi_uint x25519_bad_point_1[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0xe0, 0xeb, 0x7a, 0x7c, 0x3b, 0x41, 0xb8, 0xae),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x16, 0x56, 0xe3, 0xfa, 0xf1, 0x9f, 0xc4, 0x6a),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xda, 0x09, 0x8d, 0xeb, 0x9c, 0x32, 0xb1, 0xfd),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x86, 0x62, 0x05, 0x16, 0x5f, 0x49, 0xb8, 0x00),
+};
+static const mbedtls_mpi_uint x25519_bad_point_2[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x5f, 0x9c, 0x95, 0xbc, 0xa3, 0x50, 0x8c, 0x24),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xb1, 0xd0, 0xb1, 0x55, 0x9c, 0x83, 0xef, 0x5b),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x04, 0x44, 0x5c, 0xc4, 0x58, 0x1c, 0x8e, 0x86),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xd8, 0x22, 0x4e, 0xdd, 0xd0, 0x9f, 0x11, 0x57),
+};
+static const mbedtls_mpi ecp_x25519_bad_point_1 = ECP_MPI_INIT_ARRAY(
+    x25519_bad_point_1);
+static const mbedtls_mpi ecp_x25519_bad_point_2 = ECP_MPI_INIT_ARRAY(
+    x25519_bad_point_2);
+#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */
+
+/*
+ * Check that the input point is not one of the low-order points.
+ * This is recommended by the "May the Fourth" paper:
+ * https://eprint.iacr.org/2017/806.pdf
+ * Those points are never sent by an honest peer.
+ */
+static int ecp_check_bad_points_mx(const mbedtls_mpi *X, const mbedtls_mpi *P,
+                                   const mbedtls_ecp_group_id grp_id)
+{
+    int ret;
+    mbedtls_mpi XmP;
+
+    mbedtls_mpi_init(&XmP);
+
+    /* Reduce X mod P so that we only need to check values less than P.
+     * We know X < 2^256 so we can proceed by subtraction. */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&XmP, X));
+    while (mbedtls_mpi_cmp_mpi(&XmP, P) >= 0) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&XmP, &XmP, P));
+    }
+
+    /* Check against the known bad values that are less than P. For Curve448
+     * these are 0, 1 and -1. For Curve25519 we check the values less than P
+     * from the following list: https://cr.yp.to/ecdh.html#validate */
+    if (mbedtls_mpi_cmp_int(&XmP, 1) <= 0) {  /* takes care of 0 and 1 */
+        ret = MBEDTLS_ERR_ECP_INVALID_KEY;
+        goto cleanup;
+    }
+
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+    if (grp_id == MBEDTLS_ECP_DP_CURVE25519) {
+        if (mbedtls_mpi_cmp_mpi(&XmP, &ecp_x25519_bad_point_1) == 0) {
+            ret = MBEDTLS_ERR_ECP_INVALID_KEY;
+            goto cleanup;
+        }
+
+        if (mbedtls_mpi_cmp_mpi(&XmP, &ecp_x25519_bad_point_2) == 0) {
+            ret = MBEDTLS_ERR_ECP_INVALID_KEY;
+            goto cleanup;
+        }
+    }
+#else
+    (void) grp_id;
+#endif
+
+    /* Final check: check if XmP + 1 is P (final because it changes XmP!) */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(&XmP, &XmP, 1));
+    if (mbedtls_mpi_cmp_mpi(&XmP, P) == 0) {
+        ret = MBEDTLS_ERR_ECP_INVALID_KEY;
+        goto cleanup;
+    }
+
+    ret = 0;
+
+cleanup:
+    mbedtls_mpi_free(&XmP);
+
+    return ret;
+}
+
+/*
+ * Check validity of a public key for Montgomery curves with x-only schemes
+ */
+static int ecp_check_pubkey_mx(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt)
+{
+    /* [Curve25519 p. 5] Just check X is the correct number of bytes */
+    /* Allow any public value, if it's too big then we'll just reduce it mod p
+     * (RFC 7748 sec. 5 para. 3). */
+    if (mbedtls_mpi_size(&pt->X) > (grp->nbits + 7) / 8) {
+        return MBEDTLS_ERR_ECP_INVALID_KEY;
+    }
+
+    /* Implicit in all standards (as they don't consider negative numbers):
+     * X must be non-negative. This is normally ensured by the way it's
+     * encoded for transmission, but let's be extra sure. */
+    if (mbedtls_mpi_cmp_int(&pt->X, 0) < 0) {
+        return MBEDTLS_ERR_ECP_INVALID_KEY;
+    }
+
+    return ecp_check_bad_points_mx(&pt->X, &grp->P, grp->id);
+}
+#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
+
+/*
+ * Check that a point is valid as a public key
+ */
+int mbedtls_ecp_check_pubkey(const mbedtls_ecp_group *grp,
+                             const mbedtls_ecp_point *pt)
+{
+    ECP_VALIDATE_RET(grp != NULL);
+    ECP_VALIDATE_RET(pt  != NULL);
+
+    /* Must use affine coordinates */
+    if (mbedtls_mpi_cmp_int(&pt->Z, 1) != 0) {
+        return MBEDTLS_ERR_ECP_INVALID_KEY;
+    }
+
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
+    if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) {
+        return ecp_check_pubkey_mx(grp, pt);
+    }
+#endif
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
+    if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) {
+        return ecp_check_pubkey_sw(grp, pt);
+    }
+#endif
+    return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+}
+
+/*
+ * Check that an mbedtls_mpi is valid as a private key
+ */
+int mbedtls_ecp_check_privkey(const mbedtls_ecp_group *grp,
+                              const mbedtls_mpi *d)
+{
+    ECP_VALIDATE_RET(grp != NULL);
+    ECP_VALIDATE_RET(d   != NULL);
+
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
+    if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) {
+        /* see RFC 7748 sec. 5 para. 5 */
+        if (mbedtls_mpi_get_bit(d, 0) != 0 ||
+            mbedtls_mpi_get_bit(d, 1) != 0 ||
+            mbedtls_mpi_bitlen(d) - 1 != grp->nbits) {  /* mbedtls_mpi_bitlen is one-based! */
+            return MBEDTLS_ERR_ECP_INVALID_KEY;
+        }
+
+        /* see [Curve25519] page 5 */
+        if (grp->nbits == 254 && mbedtls_mpi_get_bit(d, 2) != 0) {
+            return MBEDTLS_ERR_ECP_INVALID_KEY;
+        }
+
+        return 0;
+    }
+#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
+    if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) {
+        /* see SEC1 3.2 */
+        if (mbedtls_mpi_cmp_int(d, 1) < 0 ||
+            mbedtls_mpi_cmp_mpi(d, &grp->N) >= 0) {
+            return MBEDTLS_ERR_ECP_INVALID_KEY;
+        } else {
+            return 0;
+        }
+    }
+#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
+
+    return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+}
+
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
+MBEDTLS_STATIC_TESTABLE
+int mbedtls_ecp_gen_privkey_mx(size_t high_bit,
+                               mbedtls_mpi *d,
+                               int (*f_rng)(void *, unsigned char *, size_t),
+                               void *p_rng)
+{
+    int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    size_t n_random_bytes = high_bit / 8 + 1;
+
+    /* [Curve25519] page 5 */
+    /* Generate a (high_bit+1)-bit random number by generating just enough
+     * random bytes, then shifting out extra bits from the top (necessary
+     * when (high_bit+1) is not a multiple of 8). */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(d, n_random_bytes,
+                                            f_rng, p_rng));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(d, 8 * n_random_bytes - high_bit - 1));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(d, high_bit, 1));
+
+    /* Make sure the last two bits are unset for Curve448, three bits for
+       Curve25519 */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(d, 0, 0));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(d, 1, 0));
+    if (high_bit == 254) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(d, 2, 0));
+    }
+
+cleanup:
+    return ret;
+}
+#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
+
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
+static int mbedtls_ecp_gen_privkey_sw(
+    const mbedtls_mpi *N, mbedtls_mpi *d,
+    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+    int ret = mbedtls_mpi_random(d, 1, N, f_rng, p_rng);
+    switch (ret) {
+        case MBEDTLS_ERR_MPI_NOT_ACCEPTABLE:
+            return MBEDTLS_ERR_ECP_RANDOM_FAILED;
+        default:
+            return ret;
+    }
+}
+#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
+
+/*
+ * Generate a private key
+ */
+int mbedtls_ecp_gen_privkey(const mbedtls_ecp_group *grp,
+                            mbedtls_mpi *d,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng)
+{
+    ECP_VALIDATE_RET(grp   != NULL);
+    ECP_VALIDATE_RET(d     != NULL);
+    ECP_VALIDATE_RET(f_rng != NULL);
+
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
+    if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) {
+        return mbedtls_ecp_gen_privkey_mx(grp->nbits, d, f_rng, p_rng);
+    }
+#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
+
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
+    if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) {
+        return mbedtls_ecp_gen_privkey_sw(&grp->N, d, f_rng, p_rng);
+    }
+#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
+
+    return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+}
+
+/*
+ * Generate a keypair with configurable base point
+ */
+int mbedtls_ecp_gen_keypair_base(mbedtls_ecp_group *grp,
+                                 const mbedtls_ecp_point *G,
+                                 mbedtls_mpi *d, mbedtls_ecp_point *Q,
+                                 int (*f_rng)(void *, unsigned char *, size_t),
+                                 void *p_rng)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    ECP_VALIDATE_RET(grp   != NULL);
+    ECP_VALIDATE_RET(d     != NULL);
+    ECP_VALIDATE_RET(G     != NULL);
+    ECP_VALIDATE_RET(Q     != NULL);
+    ECP_VALIDATE_RET(f_rng != NULL);
+
+    MBEDTLS_MPI_CHK(mbedtls_ecp_gen_privkey(grp, d, f_rng, p_rng));
+    MBEDTLS_MPI_CHK(mbedtls_ecp_mul(grp, Q, d, G, f_rng, p_rng));
+
+cleanup:
+    return ret;
+}
+
+/*
+ * Generate key pair, wrapper for conventional base point
+ */
+int mbedtls_ecp_gen_keypair(mbedtls_ecp_group *grp,
+                            mbedtls_mpi *d, mbedtls_ecp_point *Q,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng)
+{
+    ECP_VALIDATE_RET(grp   != NULL);
+    ECP_VALIDATE_RET(d     != NULL);
+    ECP_VALIDATE_RET(Q     != NULL);
+    ECP_VALIDATE_RET(f_rng != NULL);
+
+    return mbedtls_ecp_gen_keypair_base(grp, &grp->G, d, Q, f_rng, p_rng);
+}
+
+/*
+ * Generate a keypair, prettier wrapper
+ */
+int mbedtls_ecp_gen_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
+                        int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    ECP_VALIDATE_RET(key   != NULL);
+    ECP_VALIDATE_RET(f_rng != NULL);
+
+    if ((ret = mbedtls_ecp_group_load(&key->grp, grp_id)) != 0) {
+        return ret;
+    }
+
+    return mbedtls_ecp_gen_keypair(&key->grp, &key->d, &key->Q, f_rng, p_rng);
+}
+
+#define ECP_CURVE25519_KEY_SIZE 32
+/*
+ * Read a private key.
+ */
+int mbedtls_ecp_read_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
+                         const unsigned char *buf, size_t buflen)
+{
+    int ret = 0;
+
+    ECP_VALIDATE_RET(key  != NULL);
+    ECP_VALIDATE_RET(buf  != NULL);
+
+    if ((ret = mbedtls_ecp_group_load(&key->grp, grp_id)) != 0) {
+        return ret;
+    }
+
+    ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
+    if (mbedtls_ecp_get_type(&key->grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) {
+        /*
+         * If it is Curve25519 curve then mask the key as mandated by RFC7748
+         */
+        if (grp_id == MBEDTLS_ECP_DP_CURVE25519) {
+            if (buflen != ECP_CURVE25519_KEY_SIZE) {
+                return MBEDTLS_ERR_ECP_INVALID_KEY;
+            }
+
+            MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary_le(&key->d, buf, buflen));
+
+            /* Set the three least significant bits to 0 */
+            MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(&key->d, 0, 0));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(&key->d, 1, 0));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(&key->d, 2, 0));
+
+            /* Set the most significant bit to 0 */
+            MBEDTLS_MPI_CHK(
+                mbedtls_mpi_set_bit(&key->d,
+                                    ECP_CURVE25519_KEY_SIZE * 8 - 1, 0)
+                );
+
+            /* Set the second most significant bit to 1 */
+            MBEDTLS_MPI_CHK(
+                mbedtls_mpi_set_bit(&key->d,
+                                    ECP_CURVE25519_KEY_SIZE * 8 - 2, 1)
+                );
+        } else {
+            ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+        }
+    }
+
+#endif
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
+    if (mbedtls_ecp_get_type(&key->grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&key->d, buf, buflen));
+
+        MBEDTLS_MPI_CHK(mbedtls_ecp_check_privkey(&key->grp, &key->d));
+    }
+
+#endif
+cleanup:
+
+    if (ret != 0) {
+        mbedtls_mpi_free(&key->d);
+    }
+
+    return ret;
+}
+
+/*
+ * Write a private key.
+ */
+int mbedtls_ecp_write_key(mbedtls_ecp_keypair *key,
+                          unsigned char *buf, size_t buflen)
+{
+    int ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+
+    ECP_VALIDATE_RET(key != NULL);
+    ECP_VALIDATE_RET(buf != NULL);
+
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
+    if (mbedtls_ecp_get_type(&key->grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) {
+        if (key->grp.id == MBEDTLS_ECP_DP_CURVE25519) {
+            if (buflen < ECP_CURVE25519_KEY_SIZE) {
+                return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+            }
+
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary_le(&key->d, buf, buflen));
+        } else {
+            ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+        }
+    }
+
+#endif
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
+    if (mbedtls_ecp_get_type(&key->grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&key->d, buf, buflen));
+    }
+
+#endif
+cleanup:
+
+    return ret;
+}
+
+
+/*
+ * Check a public-private key pair
+ */
+int mbedtls_ecp_check_pub_priv(const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ecp_point Q;
+    mbedtls_ecp_group grp;
+    ECP_VALIDATE_RET(pub != NULL);
+    ECP_VALIDATE_RET(prv != NULL);
+
+    if (pub->grp.id == MBEDTLS_ECP_DP_NONE ||
+        pub->grp.id != prv->grp.id ||
+        mbedtls_mpi_cmp_mpi(&pub->Q.X, &prv->Q.X) ||
+        mbedtls_mpi_cmp_mpi(&pub->Q.Y, &prv->Q.Y) ||
+        mbedtls_mpi_cmp_mpi(&pub->Q.Z, &prv->Q.Z)) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+
+    mbedtls_ecp_point_init(&Q);
+    mbedtls_ecp_group_init(&grp);
+
+    /* mbedtls_ecp_mul() needs a non-const group... */
+    mbedtls_ecp_group_copy(&grp, &prv->grp);
+
+    /* Also checks d is valid */
+    MBEDTLS_MPI_CHK(mbedtls_ecp_mul(&grp, &Q, &prv->d, &prv->grp.G, NULL, NULL));
+
+    if (mbedtls_mpi_cmp_mpi(&Q.X, &prv->Q.X) ||
+        mbedtls_mpi_cmp_mpi(&Q.Y, &prv->Q.Y) ||
+        mbedtls_mpi_cmp_mpi(&Q.Z, &prv->Q.Z)) {
+        ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+cleanup:
+    mbedtls_ecp_point_free(&Q);
+    mbedtls_ecp_group_free(&grp);
+
+    return ret;
+}
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/* Adjust the exponent to be a valid private point for the specified curve.
+ * This is sometimes necessary because we use a single set of exponents
+ * for all curves but the validity of values depends on the curve. */
+static int self_test_adjust_exponent(const mbedtls_ecp_group *grp,
+                                     mbedtls_mpi *m)
+{
+    int ret = 0;
+    switch (grp->id) {
+    /* If Curve25519 is available, then that's what we use for the
+     * Montgomery test, so we don't need the adjustment code. */
+#if !defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+        case MBEDTLS_ECP_DP_CURVE448:
+            /* Move highest bit from 254 to N-1. Setting bit N-1 is
+             * necessary to enforce the highest-bit-set constraint. */
+            MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(m, 254, 0));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(m, grp->nbits, 1));
+            /* Copy second-highest bit from 253 to N-2. This is not
+             * necessary but improves the test variety a bit. */
+            MBEDTLS_MPI_CHK(
+                mbedtls_mpi_set_bit(m, grp->nbits - 1,
+                                    mbedtls_mpi_get_bit(m, 253)));
+            break;
+#endif
+#endif /* ! defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) */
+        default:
+            /* Non-Montgomery curves and Curve25519 need no adjustment. */
+            (void) grp;
+            (void) m;
+            goto cleanup;
+    }
+cleanup:
+    return ret;
+}
+
+/* Calculate R = m.P for each m in exponents. Check that the number of
+ * basic operations doesn't depend on the value of m. */
+static int self_test_point(int verbose,
+                           mbedtls_ecp_group *grp,
+                           mbedtls_ecp_point *R,
+                           mbedtls_mpi *m,
+                           const mbedtls_ecp_point *P,
+                           const char *const *exponents,
+                           size_t n_exponents)
+{
+    int ret = 0;
+    size_t i = 0;
+    unsigned long add_c_prev, dbl_c_prev, mul_c_prev;
+    add_count = 0;
+    dbl_count = 0;
+    mul_count = 0;
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(m, 16, exponents[0]));
+    MBEDTLS_MPI_CHK(self_test_adjust_exponent(grp, m));
+    MBEDTLS_MPI_CHK(mbedtls_ecp_mul(grp, R, m, P, NULL, NULL));
+
+    for (i = 1; i < n_exponents; i++) {
+        add_c_prev = add_count;
+        dbl_c_prev = dbl_count;
+        mul_c_prev = mul_count;
+        add_count = 0;
+        dbl_count = 0;
+        mul_count = 0;
+
+        MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(m, 16, exponents[i]));
+        MBEDTLS_MPI_CHK(self_test_adjust_exponent(grp, m));
+        MBEDTLS_MPI_CHK(mbedtls_ecp_mul(grp, R, m, P, NULL, NULL));
+
+        if (add_count != add_c_prev ||
+            dbl_count != dbl_c_prev ||
+            mul_count != mul_c_prev) {
+            ret = 1;
+            break;
+        }
+    }
+
+cleanup:
+    if (verbose != 0) {
+        if (ret != 0) {
+            mbedtls_printf("failed (%u)\n", (unsigned int) i);
+        } else {
+            mbedtls_printf("passed\n");
+        }
+    }
+    return ret;
+}
+
+/*
+ * Checkup routine
+ */
+int mbedtls_ecp_self_test(int verbose)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point R, P;
+    mbedtls_mpi m;
+
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
+    /* Exponents especially adapted for secp192k1, which has the lowest
+     * order n of all supported curves (secp192r1 is in a slightly larger
+     * field but the order of its base point is slightly smaller). */
+    const char *sw_exponents[] =
+    {
+        "000000000000000000000000000000000000000000000001", /* one */
+        "FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8C", /* n - 1 */
+        "5EA6F389A38B8BC81E767753B15AA5569E1782E30ABE7D25", /* random */
+        "400000000000000000000000000000000000000000000000", /* one and zeros */
+        "7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", /* all ones */
+        "555555555555555555555555555555555555555555555555", /* 101010... */
+    };
+#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
+    const char *m_exponents[] =
+    {
+        /* Valid private values for Curve25519. In a build with Curve448
+         * but not Curve25519, they will be adjusted in
+         * self_test_adjust_exponent(). */
+        "4000000000000000000000000000000000000000000000000000000000000000",
+        "5C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C30",
+        "5715ECCE24583F7A7023C24164390586842E816D7280A49EF6DF4EAE6B280BF8",
+        "41A2B017516F6D254E1F002BCCBADD54BE30F8CEC737A0E912B4963B6BA74460",
+        "5555555555555555555555555555555555555555555555555555555555555550",
+        "7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF8",
+    };
+#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecp_point_init(&R);
+    mbedtls_ecp_point_init(&P);
+    mbedtls_mpi_init(&m);
+
+#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
+    /* Use secp192r1 if available, or any available curve */
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+    MBEDTLS_MPI_CHK(mbedtls_ecp_group_load(&grp, MBEDTLS_ECP_DP_SECP192R1));
+#else
+    MBEDTLS_MPI_CHK(mbedtls_ecp_group_load(&grp, mbedtls_ecp_curve_list()->grp_id));
+#endif
+
+    if (verbose != 0) {
+        mbedtls_printf("  ECP SW test #1 (constant op_count, base point G): ");
+    }
+    /* Do a dummy multiplication first to trigger precomputation */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&m, 2));
+    MBEDTLS_MPI_CHK(mbedtls_ecp_mul(&grp, &P, &m, &grp.G, NULL, NULL));
+    ret = self_test_point(verbose,
+                          &grp, &R, &m, &grp.G,
+                          sw_exponents,
+                          sizeof(sw_exponents) / sizeof(sw_exponents[0]));
+    if (ret != 0) {
+        goto cleanup;
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("  ECP SW test #2 (constant op_count, other point): ");
+    }
+    /* We computed P = 2G last time, use it */
+    ret = self_test_point(verbose,
+                          &grp, &R, &m, &P,
+                          sw_exponents,
+                          sizeof(sw_exponents) / sizeof(sw_exponents[0]));
+    if (ret != 0) {
+        goto cleanup;
+    }
+
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_ecp_point_free(&R);
+#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
+
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
+    if (verbose != 0) {
+        mbedtls_printf("  ECP Montgomery test (constant op_count): ");
+    }
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+    MBEDTLS_MPI_CHK(mbedtls_ecp_group_load(&grp, MBEDTLS_ECP_DP_CURVE25519));
+#elif defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+    MBEDTLS_MPI_CHK(mbedtls_ecp_group_load(&grp, MBEDTLS_ECP_DP_CURVE448));
+#else
+#error "MBEDTLS_ECP_MONTGOMERY_ENABLED is defined, but no curve is supported for self-test"
+#endif
+    ret = self_test_point(verbose,
+                          &grp, &R, &m, &grp.G,
+                          m_exponents,
+                          sizeof(m_exponents) / sizeof(m_exponents[0]));
+    if (ret != 0) {
+        goto cleanup;
+    }
+#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
+
+cleanup:
+
+    if (ret < 0 && verbose != 0) {
+        mbedtls_printf("Unexpected error, return code = %08X\n", (unsigned int) ret);
+    }
+
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_ecp_point_free(&R);
+    mbedtls_ecp_point_free(&P);
+    mbedtls_mpi_free(&m);
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+    return ret;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* !MBEDTLS_ECP_ALT */
+
+#endif /* MBEDTLS_ECP_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/ecp_curves.c b/3rdparty/mbedtls-2.28.7/library/ecp_curves.c
new file mode 100644
index 0000000..c7565cc
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/ecp_curves.c
@@ -0,0 +1,1486 @@
+/*
+ *  Elliptic curves over GF(p): curve-specific data and functions
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_ECP_C)
+
+#include "mbedtls/ecp.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+#include "mbedtls/bn_mul.h"
+
+#include "ecp_invasive.h"
+
+#include <string.h>
+
+#if !defined(MBEDTLS_ECP_ALT)
+
+/* Parameter validation macros based on platform_util.h */
+#define ECP_VALIDATE_RET(cond)    \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA)
+#define ECP_VALIDATE(cond)        \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+#define ECP_MPI_INIT(s, n, p) { s, (n), (mbedtls_mpi_uint *) (p) }
+
+#define ECP_MPI_INIT_ARRAY(x)   \
+    ECP_MPI_INIT(1, sizeof(x) / sizeof(mbedtls_mpi_uint), x)
+
+/*
+ * Note: the constants are in little-endian order
+ * to be directly usable in MPIs
+ */
+
+/*
+ * Domain parameters for secp192r1
+ */
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+static const mbedtls_mpi_uint secp192r1_p[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+};
+static const mbedtls_mpi_uint secp192r1_b[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0xB1, 0xB9, 0x46, 0xC1, 0xEC, 0xDE, 0xB8, 0xFE),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x49, 0x30, 0x24, 0x72, 0xAB, 0xE9, 0xA7, 0x0F),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0x80, 0x9C, 0xE5, 0x19, 0x05, 0x21, 0x64),
+};
+static const mbedtls_mpi_uint secp192r1_gx[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x12, 0x10, 0xFF, 0x82, 0xFD, 0x0A, 0xFF, 0xF4),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x88, 0xA1, 0x43, 0xEB, 0x20, 0xBF, 0x7C),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xF6, 0x90, 0x30, 0xB0, 0x0E, 0xA8, 0x8D, 0x18),
+};
+static const mbedtls_mpi_uint secp192r1_gy[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0x48, 0x79, 0x1E, 0xA1, 0x77, 0xF9, 0x73),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xD5, 0xCD, 0x24, 0x6B, 0xED, 0x11, 0x10, 0x63),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x78, 0xDA, 0xC8, 0xFF, 0x95, 0x2B, 0x19, 0x07),
+};
+static const mbedtls_mpi_uint secp192r1_n[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x31, 0x28, 0xD2, 0xB4, 0xB1, 0xC9, 0x6B, 0x14),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x36, 0xF8, 0xDE, 0x99, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+};
+#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
+
+/*
+ * Domain parameters for secp224r1
+ */
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+static const mbedtls_mpi_uint secp224r1_p[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00),
+};
+static const mbedtls_mpi_uint secp224r1_b[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0xFF, 0x55, 0x23, 0x43, 0x39, 0x0B, 0x27),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0xD8, 0xBF, 0xD7, 0xB7, 0xB0, 0x44, 0x50),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x56, 0x32, 0x41, 0xF5, 0xAB, 0xB3, 0x04, 0x0C),
+    MBEDTLS_BYTES_TO_T_UINT_4(0x85, 0x0A, 0x05, 0xB4),
+};
+static const mbedtls_mpi_uint secp224r1_gx[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0x1D, 0x5C, 0x11, 0xD6, 0x80, 0x32, 0x34),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x22, 0x11, 0xC2, 0x56, 0xD3, 0xC1, 0x03, 0x4A),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xB9, 0x90, 0x13, 0x32, 0x7F, 0xBF, 0xB4, 0x6B),
+    MBEDTLS_BYTES_TO_T_UINT_4(0xBD, 0x0C, 0x0E, 0xB7),
+};
+static const mbedtls_mpi_uint secp224r1_gy[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0x7E, 0x00, 0x85, 0x99, 0x81, 0xD5, 0x44),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0x47, 0x07, 0x5A, 0xA0, 0x75, 0x43, 0xCD),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0xDF, 0x22, 0x4C, 0xFB, 0x23, 0xF7, 0xB5),
+    MBEDTLS_BYTES_TO_T_UINT_4(0x88, 0x63, 0x37, 0xBD),
+};
+static const mbedtls_mpi_uint secp224r1_n[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x3D, 0x2A, 0x5C, 0x5C, 0x45, 0x29, 0xDD, 0x13),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x3E, 0xF0, 0xB8, 0xE0, 0xA2, 0x16, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_4(0xFF, 0xFF, 0xFF, 0xFF),
+};
+#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
+
+/*
+ * Domain parameters for secp256r1
+ */
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+static const mbedtls_mpi_uint secp256r1_p[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF),
+};
+static const mbedtls_mpi_uint secp256r1_b[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x4B, 0x60, 0xD2, 0x27, 0x3E, 0x3C, 0xCE, 0x3B),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xF6, 0xB0, 0x53, 0xCC, 0xB0, 0x06, 0x1D, 0x65),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0x86, 0x98, 0x76, 0x55, 0xBD, 0xEB, 0xB3),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0x93, 0x3A, 0xAA, 0xD8, 0x35, 0xC6, 0x5A),
+};
+static const mbedtls_mpi_uint secp256r1_gx[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x96, 0xC2, 0x98, 0xD8, 0x45, 0x39, 0xA1, 0xF4),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0x33, 0xEB, 0x2D, 0x81, 0x7D, 0x03, 0x77),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xF2, 0x40, 0xA4, 0x63, 0xE5, 0xE6, 0xBC, 0xF8),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x47, 0x42, 0x2C, 0xE1, 0xF2, 0xD1, 0x17, 0x6B),
+};
+static const mbedtls_mpi_uint secp256r1_gy[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0x51, 0xBF, 0x37, 0x68, 0x40, 0xB6, 0xCB),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xCE, 0x5E, 0x31, 0x6B, 0x57, 0x33, 0xCE, 0x2B),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x16, 0x9E, 0x0F, 0x7C, 0x4A, 0xEB, 0xE7, 0x8E),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0x7F, 0x1A, 0xFE, 0xE2, 0x42, 0xE3, 0x4F),
+};
+static const mbedtls_mpi_uint secp256r1_n[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x51, 0x25, 0x63, 0xFC, 0xC2, 0xCA, 0xB9, 0xF3),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x84, 0x9E, 0x17, 0xA7, 0xAD, 0xFA, 0xE6, 0xBC),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF),
+};
+#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+
+/*
+ * Domain parameters for secp384r1
+ */
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+static const mbedtls_mpi_uint secp384r1_p[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+};
+static const mbedtls_mpi_uint secp384r1_b[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0xEF, 0x2A, 0xEC, 0xD3, 0xED, 0xC8, 0x85, 0x2A),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0xD1, 0x2E, 0x8A, 0x8D, 0x39, 0x56, 0xC6),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0x87, 0x13, 0x50, 0x8F, 0x08, 0x14, 0x03),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x12, 0x41, 0x81, 0xFE, 0x6E, 0x9C, 0x1D, 0x18),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x2D, 0xF8, 0xE3, 0x6B, 0x05, 0x8E, 0x98),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xE4, 0xE7, 0x3E, 0xE2, 0xA7, 0x2F, 0x31, 0xB3),
+};
+static const mbedtls_mpi_uint secp384r1_gx[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0x0A, 0x76, 0x72, 0x38, 0x5E, 0x54, 0x3A),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x29, 0x55, 0xBF, 0x5D, 0xF2, 0x02, 0x55),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x38, 0x2A, 0x54, 0x82, 0xE0, 0x41, 0xF7, 0x59),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0x9B, 0xA7, 0x8B, 0x62, 0x3B, 0x1D, 0x6E),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x74, 0xAD, 0x20, 0xF3, 0x1E, 0xC7, 0xB1, 0x8E),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0x05, 0x8B, 0xBE, 0x22, 0xCA, 0x87, 0xAA),
+};
+static const mbedtls_mpi_uint secp384r1_gy[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x5F, 0x0E, 0xEA, 0x90, 0x7C, 0x1D, 0x43, 0x7A),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0x81, 0x7E, 0x1D, 0xCE, 0xB1, 0x60, 0x0A),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xC0, 0xB8, 0xF0, 0xB5, 0x13, 0x31, 0xDA, 0xE9),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0x14, 0x9A, 0x28, 0xBD, 0x1D, 0xF4, 0xF8),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x29, 0xDC, 0x92, 0x92, 0xBF, 0x98, 0x9E, 0x5D),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x6F, 0x2C, 0x26, 0x96, 0x4A, 0xDE, 0x17, 0x36),
+};
+static const mbedtls_mpi_uint secp384r1_n[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x73, 0x29, 0xC5, 0xCC, 0x6A, 0x19, 0xEC, 0xEC),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x7A, 0xA7, 0xB0, 0x48, 0xB2, 0x0D, 0x1A, 0x58),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xDF, 0x2D, 0x37, 0xF4, 0x81, 0x4D, 0x63, 0xC7),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+};
+#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
+
+/*
+ * Domain parameters for secp521r1
+ */
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+static const mbedtls_mpi_uint secp521r1_p[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_2(0xFF, 0x01),
+};
+static const mbedtls_mpi_uint secp521r1_b[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x3F, 0x50, 0x6B, 0xD4, 0x1F, 0x45, 0xEF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xF1, 0x34, 0x2C, 0x3D, 0x88, 0xDF, 0x73, 0x35),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0xBF, 0xB1, 0x3B, 0xBD, 0xC0, 0x52, 0x16),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x7B, 0x93, 0x7E, 0xEC, 0x51, 0x39, 0x19, 0x56),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xE1, 0x09, 0xF1, 0x8E, 0x91, 0x89, 0xB4, 0xB8),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xF3, 0x15, 0xB3, 0x99, 0x5B, 0x72, 0xDA, 0xA2),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xEE, 0x40, 0x85, 0xB6, 0xA0, 0x21, 0x9A, 0x92),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x1F, 0x9A, 0x1C, 0x8E, 0x61, 0xB9, 0x3E, 0x95),
+    MBEDTLS_BYTES_TO_T_UINT_2(0x51, 0x00),
+};
+static const mbedtls_mpi_uint secp521r1_gx[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x66, 0xBD, 0xE5, 0xC2, 0x31, 0x7E, 0x7E, 0xF9),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0x42, 0x6A, 0x85, 0xC1, 0xB3, 0x48, 0x33),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xDE, 0xA8, 0xFF, 0xA2, 0x27, 0xC1, 0x1D, 0xFE),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x59, 0xE7, 0xEF, 0x77, 0x5E, 0x4B, 0xA1),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0x3D, 0x4D, 0x6B, 0x60, 0xAF, 0x28, 0xF8),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0xB5, 0x3F, 0x05, 0x39, 0x81, 0x64, 0x9C),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x42, 0xB4, 0x95, 0x23, 0x66, 0xCB, 0x3E, 0x9E),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xCD, 0xE9, 0x04, 0x04, 0xB7, 0x06, 0x8E, 0x85),
+    MBEDTLS_BYTES_TO_T_UINT_2(0xC6, 0x00),
+};
+static const mbedtls_mpi_uint secp521r1_gy[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x50, 0x66, 0xD1, 0x9F, 0x76, 0x94, 0xBE, 0x88),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x40, 0xC2, 0x72, 0xA2, 0x86, 0x70, 0x3C, 0x35),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x61, 0x07, 0xAD, 0x3F, 0x01, 0xB9, 0x50, 0xC5),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x40, 0x26, 0xF4, 0x5E, 0x99, 0x72, 0xEE, 0x97),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x2C, 0x66, 0x3E, 0x27, 0x17, 0xBD, 0xAF, 0x17),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x68, 0x44, 0x9B, 0x57, 0x49, 0x44, 0xF5, 0x98),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0x1B, 0x7D, 0x2C, 0xB4, 0x5F, 0x8A, 0x5C),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x04, 0xC0, 0x3B, 0x9A, 0x78, 0x6A, 0x29, 0x39),
+    MBEDTLS_BYTES_TO_T_UINT_2(0x18, 0x01),
+};
+static const mbedtls_mpi_uint secp521r1_n[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x09, 0x64, 0x38, 0x91, 0x1E, 0xB7, 0x6F, 0xBB),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0x47, 0x9C, 0x89, 0xB8, 0xC9, 0xB5, 0x3B),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xD0, 0xA5, 0x09, 0xF7, 0x48, 0x01, 0xCC, 0x7F),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x6B, 0x96, 0x2F, 0xBF, 0x83, 0x87, 0x86, 0x51),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_2(0xFF, 0x01),
+};
+#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+static const mbedtls_mpi_uint secp192k1_p[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0xEE, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+};
+static const mbedtls_mpi_uint secp192k1_a[] = {
+    MBEDTLS_BYTES_TO_T_UINT_2(0x00, 0x00),
+};
+static const mbedtls_mpi_uint secp192k1_b[] = {
+    MBEDTLS_BYTES_TO_T_UINT_2(0x03, 0x00),
+};
+static const mbedtls_mpi_uint secp192k1_gx[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x7D, 0x6C, 0xE0, 0xEA, 0xB1, 0xD1, 0xA5, 0x1D),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0xF4, 0xB7, 0x80, 0x02, 0x7D, 0xB0, 0x26),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0xE9, 0x57, 0xC0, 0x0E, 0xF1, 0x4F, 0xDB),
+};
+static const mbedtls_mpi_uint secp192k1_gy[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0x2F, 0x5E, 0xD9, 0x88, 0xAA, 0x82, 0x40),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0x86, 0xBE, 0x15, 0xD0, 0x63, 0x41, 0x84),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x28, 0x56, 0x9C, 0x6D, 0x2F, 0x2F, 0x9B),
+};
+static const mbedtls_mpi_uint secp192k1_n[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x8D, 0xFD, 0xDE, 0x74, 0x6A, 0x46, 0x69, 0x0F),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x17, 0xFC, 0xF2, 0x26, 0xFE, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+};
+#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+static const mbedtls_mpi_uint secp224k1_p[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0xE5, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_4(0xFF, 0xFF, 0xFF, 0xFF),
+};
+static const mbedtls_mpi_uint secp224k1_a[] = {
+    MBEDTLS_BYTES_TO_T_UINT_2(0x00, 0x00),
+};
+static const mbedtls_mpi_uint secp224k1_b[] = {
+    MBEDTLS_BYTES_TO_T_UINT_2(0x05, 0x00),
+};
+static const mbedtls_mpi_uint secp224k1_gx[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x5C, 0xA4, 0xB7, 0xB6, 0x0E, 0x65, 0x7E, 0x0F),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xA9, 0x75, 0x70, 0xE4, 0xE9, 0x67, 0xA4, 0x69),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xA1, 0x28, 0xFC, 0x30, 0xDF, 0x99, 0xF0, 0x4D),
+    MBEDTLS_BYTES_TO_T_UINT_4(0x33, 0x5B, 0x45, 0xA1),
+};
+static const mbedtls_mpi_uint secp224k1_gy[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0xA5, 0x61, 0x6D, 0x55, 0xDB, 0x4B, 0xCA, 0xE2),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x59, 0xBD, 0xB0, 0xC0, 0xF7, 0x19, 0xE3, 0xF7),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xD6, 0xFB, 0xCA, 0x82, 0x42, 0x34, 0xBA, 0x7F),
+    MBEDTLS_BYTES_TO_T_UINT_4(0xED, 0x9F, 0x08, 0x7E),
+};
+static const mbedtls_mpi_uint secp224k1_n[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0xF7, 0xB1, 0x9F, 0x76, 0x71, 0xA9, 0xF0, 0xCA),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x84, 0x61, 0xEC, 0xD2, 0xE8, 0xDC, 0x01, 0x00),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00),
+};
+#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+static const mbedtls_mpi_uint secp256k1_p[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x2F, 0xFC, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+};
+static const mbedtls_mpi_uint secp256k1_a[] = {
+    MBEDTLS_BYTES_TO_T_UINT_2(0x00, 0x00),
+};
+static const mbedtls_mpi_uint secp256k1_b[] = {
+    MBEDTLS_BYTES_TO_T_UINT_2(0x07, 0x00),
+};
+static const mbedtls_mpi_uint secp256k1_gx[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0x17, 0xF8, 0x16, 0x5B, 0x81, 0xF2, 0x59),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0x28, 0xCE, 0x2D, 0xDB, 0xFC, 0x9B, 0x02),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0x0B, 0x87, 0xCE, 0x95, 0x62, 0xA0, 0x55),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0xBB, 0xDC, 0xF9, 0x7E, 0x66, 0xBE, 0x79),
+};
+static const mbedtls_mpi_uint secp256k1_gy[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0xB8, 0xD4, 0x10, 0xFB, 0x8F, 0xD0, 0x47, 0x9C),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x54, 0x85, 0xA6, 0x48, 0xB4, 0x17, 0xFD),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xA8, 0x08, 0x11, 0x0E, 0xFC, 0xFB, 0xA4, 0x5D),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x65, 0xC4, 0xA3, 0x26, 0x77, 0xDA, 0x3A, 0x48),
+};
+static const mbedtls_mpi_uint secp256k1_n[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x41, 0x41, 0x36, 0xD0, 0x8C, 0x5E, 0xD2, 0xBF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x3B, 0xA0, 0x48, 0xAF, 0xE6, 0xDC, 0xAE, 0xBA),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF),
+};
+#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
+
+/*
+ * Domain parameters for brainpoolP256r1 (RFC 5639 3.4)
+ */
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+static const mbedtls_mpi_uint brainpoolP256r1_p[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x77, 0x53, 0x6E, 0x1F, 0x1D, 0x48, 0x13, 0x20),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x20, 0x26, 0xD5, 0x23, 0xF6, 0x3B, 0x6E),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x72, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9),
+};
+static const mbedtls_mpi_uint brainpoolP256r1_a[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0xB5, 0x30, 0xF3, 0x44, 0x4B, 0x4A, 0xE9),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x5C, 0xDC, 0x26, 0xC1, 0x55, 0x80, 0xFB),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0xFF, 0x7A, 0x41, 0x30, 0x75, 0xF6, 0xEE),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x57, 0x30, 0x2C, 0xFC, 0x75, 0x09, 0x5A, 0x7D),
+};
+static const mbedtls_mpi_uint brainpoolP256r1_b[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0x07, 0x8C, 0xFF, 0x18, 0xDC, 0xCC, 0x6B),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xCE, 0xE1, 0xF7, 0x5C, 0x29, 0x16, 0x84, 0x95),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xBF, 0x7C, 0xD7, 0xBB, 0xD9, 0xB5, 0x30, 0xF3),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x44, 0x4B, 0x4A, 0xE9, 0x6C, 0x5C, 0xDC, 0x26),
+};
+static const mbedtls_mpi_uint brainpoolP256r1_gx[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x62, 0x32, 0xCE, 0x9A, 0xBD, 0x53, 0x44, 0x3A),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xC2, 0x23, 0xBD, 0xE3, 0xE1, 0x27, 0xDE, 0xB9),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xAF, 0xB7, 0x81, 0xFC, 0x2F, 0x48, 0x4B, 0x2C),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xCB, 0x57, 0x7E, 0xCB, 0xB9, 0xAE, 0xD2, 0x8B),
+};
+static const mbedtls_mpi_uint brainpoolP256r1_gy[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x97, 0x69, 0x04, 0x2F, 0xC7, 0x54, 0x1D, 0x5C),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x54, 0x8E, 0xED, 0x2D, 0x13, 0x45, 0x77, 0xC2),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x1D, 0x61, 0x14, 0x1A, 0x46, 0xF8, 0x97),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFD, 0xC4, 0xDA, 0xC3, 0x35, 0xF8, 0x7E, 0x54),
+};
+static const mbedtls_mpi_uint brainpoolP256r1_n[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x56, 0x48, 0x97, 0x82, 0x0E, 0x1E, 0x90),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xF7, 0xA6, 0x61, 0xB5, 0xA3, 0x7A, 0x39, 0x8C),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9),
+};
+#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
+
+/*
+ * Domain parameters for brainpoolP384r1 (RFC 5639 3.6)
+ */
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+static const mbedtls_mpi_uint brainpoolP384r1_p[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x53, 0xEC, 0x07, 0x31, 0x13, 0x00, 0x47, 0x87),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0x1A, 0x1D, 0x90, 0x29, 0xA7, 0xD3, 0xAC),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x23, 0x11, 0xB7, 0x7F, 0x19, 0xDA, 0xB1, 0x12),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C),
+};
+static const mbedtls_mpi_uint brainpoolP384r1_a[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xEB, 0xD4, 0x3A, 0x50, 0x4A, 0x81, 0xA5, 0x8A),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x0F, 0xF9, 0x91, 0xBA, 0xEF, 0x65, 0x91, 0x13),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x87, 0x27, 0xB2, 0x4F, 0x8E, 0xA2, 0xBE, 0xC2),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0xAF, 0x05, 0xCE, 0x0A, 0x08, 0x72, 0x3C),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x0C, 0x15, 0x8C, 0x3D, 0xC6, 0x82, 0xC3, 0x7B),
+};
+static const mbedtls_mpi_uint brainpoolP384r1_b[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0x4C, 0x50, 0xFA, 0x96, 0x86, 0xB7, 0x3A),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x94, 0xC9, 0xDB, 0x95, 0x02, 0x39, 0xB4, 0x7C),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xD5, 0x62, 0xEB, 0x3E, 0xA5, 0x0E, 0x88, 0x2E),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xA6, 0xD2, 0xDC, 0x07, 0xE1, 0x7D, 0xB7, 0x2F),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0x44, 0xF0, 0x16, 0x54, 0xB5, 0x39, 0x8B),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04),
+};
+static const mbedtls_mpi_uint brainpoolP384r1_gx[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0xAF, 0xD4, 0x47, 0xE2, 0xB2, 0x87, 0xEF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xAA, 0x46, 0xD6, 0x36, 0x34, 0xE0, 0x26, 0xE8),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0x10, 0xBD, 0x0C, 0xFE, 0xCA, 0x7F, 0xDB),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xE3, 0x4F, 0xF1, 0x7E, 0xE7, 0xA3, 0x47, 0x88),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x6B, 0x3F, 0xC1, 0xB7, 0x81, 0x3A, 0xA6, 0xA2),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0x45, 0xCF, 0x68, 0xF0, 0x64, 0x1C, 0x1D),
+};
+static const mbedtls_mpi_uint brainpoolP384r1_gy[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0x53, 0x3C, 0x26, 0x41, 0x03, 0x82, 0x42),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0x81, 0x91, 0x77, 0x21, 0x46, 0x46, 0x0E),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x29, 0x91, 0xF9, 0x4F, 0x05, 0x9C, 0xE1),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0x58, 0xEC, 0xFE, 0x29, 0x0B, 0xB7, 0x62),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x52, 0xD5, 0xCF, 0x95, 0x8E, 0xEB, 0xB1, 0x5C),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xA4, 0xC2, 0xF9, 0x20, 0x75, 0x1D, 0xBE, 0x8A),
+};
+static const mbedtls_mpi_uint brainpoolP384r1_n[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x65, 0x65, 0x04, 0xE9, 0x02, 0x32, 0x88, 0x3B),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x10, 0xC3, 0x7F, 0x6B, 0xAF, 0xB6, 0x3A, 0xCF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x25, 0x04, 0xAC, 0x6C, 0x6E, 0x16, 0x1F),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xB3, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C),
+};
+#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
+
+/*
+ * Domain parameters for brainpoolP512r1 (RFC 5639 3.7)
+ */
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+static const mbedtls_mpi_uint brainpoolP512r1_p[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0xF3, 0x48, 0x3A, 0x58, 0x56, 0x60, 0xAA, 0x28),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x85, 0xC6, 0x82, 0x2D, 0x2F, 0xFF, 0x81, 0x28),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0x80, 0xA3, 0xE6, 0x2A, 0xA1, 0xCD, 0xAE),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x42, 0x68, 0xC6, 0x9B, 0x00, 0x9B, 0x4D, 0x7D),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA),
+};
+static const mbedtls_mpi_uint brainpoolP512r1_a[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0xCA, 0x94, 0xFC, 0x77, 0x4D, 0xAC, 0xC1, 0xE7),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xB9, 0xC7, 0xF2, 0x2B, 0xA7, 0x17, 0x11, 0x7F),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xB5, 0xC8, 0x9A, 0x8B, 0xC9, 0xF1, 0x2E, 0x0A),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xA1, 0x3A, 0x25, 0xA8, 0x5A, 0x5D, 0xED, 0x2D),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0x63, 0x98, 0xEA, 0xCA, 0x41, 0x34, 0xA8),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x10, 0x16, 0xF9, 0x3D, 0x8D, 0xDD, 0xCB, 0x94),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xC5, 0x4C, 0x23, 0xAC, 0x45, 0x71, 0x32, 0xE2),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x89, 0x3B, 0x60, 0x8B, 0x31, 0xA3, 0x30, 0x78),
+};
+static const mbedtls_mpi_uint brainpoolP512r1_b[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x23, 0xF7, 0x16, 0x80, 0x63, 0xBD, 0x09, 0x28),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xDD, 0xE5, 0xBA, 0x5E, 0xB7, 0x50, 0x40, 0x98),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x67, 0x3E, 0x08, 0xDC, 0xCA, 0x94, 0xFC, 0x77),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x4D, 0xAC, 0xC1, 0xE7, 0xB9, 0xC7, 0xF2, 0x2B),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x17, 0x11, 0x7F, 0xB5, 0xC8, 0x9A, 0x8B),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0xF1, 0x2E, 0x0A, 0xA1, 0x3A, 0x25, 0xA8),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0x5D, 0xED, 0x2D, 0xBC, 0x63, 0x98, 0xEA),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xCA, 0x41, 0x34, 0xA8, 0x10, 0x16, 0xF9, 0x3D),
+};
+static const mbedtls_mpi_uint brainpoolP512r1_gx[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x22, 0xF8, 0xB9, 0xBC, 0x09, 0x22, 0x35, 0x8B),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x68, 0x5E, 0x6A, 0x40, 0x47, 0x50, 0x6D, 0x7C),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x5F, 0x7D, 0xB9, 0x93, 0x7B, 0x68, 0xD1, 0x50),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x8D, 0xD4, 0xD0, 0xE2, 0x78, 0x1F, 0x3B, 0xFF),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x8E, 0x09, 0xD0, 0xF4, 0xEE, 0x62, 0x3B, 0xB4),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xC1, 0x16, 0xD9, 0xB5, 0x70, 0x9F, 0xED, 0x85),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x93, 0x6A, 0x4C, 0x9C, 0x2E, 0x32, 0x21, 0x5A),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0xD9, 0x2E, 0xD8, 0xBD, 0xE4, 0xAE, 0x81),
+};
+static const mbedtls_mpi_uint brainpoolP512r1_gy[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x92, 0x08, 0xD8, 0x3A, 0x0F, 0x1E, 0xCD, 0x78),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x06, 0x54, 0xF0, 0xA8, 0x2F, 0x2B, 0xCA, 0xD1),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0x63, 0x27, 0x8A, 0xD8, 0x4B, 0xCA, 0x5B),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x5E, 0x48, 0x5F, 0x4A, 0x49, 0xDE, 0xDC, 0xB2),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0x81, 0x1F, 0x88, 0x5B, 0xC5, 0x00, 0xA0),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x1A, 0x7B, 0xA5, 0x24, 0x00, 0xF7, 0x09, 0xF2),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xFD, 0x22, 0x78, 0xCF, 0xA9, 0xBF, 0xEA, 0xC0),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xEC, 0x32, 0x63, 0x56, 0x5D, 0x38, 0xDE, 0x7D),
+};
+static const mbedtls_mpi_uint brainpoolP512r1_n[] = {
+    MBEDTLS_BYTES_TO_T_UINT_8(0x69, 0x00, 0xA9, 0x9C, 0x82, 0x96, 0x87, 0xB5),
+    MBEDTLS_BYTES_TO_T_UINT_8(0xDD, 0xDA, 0x5D, 0x08, 0x81, 0xD3, 0xB1, 0x1D),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x47, 0x10, 0xAC, 0x7F, 0x19, 0x61, 0x86, 0x41),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x26, 0xA9, 0x4C, 0x41, 0x5C, 0x3E, 0x55),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x70, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F),
+    MBEDTLS_BYTES_TO_T_UINT_8(0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA),
+};
+#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)   ||   \
+    defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)   ||   \
+    defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)   ||   \
+    defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+/* For these curves, we build the group parameters dynamically. */
+#define ECP_LOAD_GROUP
+#endif
+
+#if defined(ECP_LOAD_GROUP)
+/*
+ * Create an MPI from embedded constants
+ * (assumes len is an exact multiple of sizeof(mbedtls_mpi_uint))
+ */
+static inline void ecp_mpi_load(mbedtls_mpi *X, const mbedtls_mpi_uint *p, size_t len)
+{
+    X->s = 1;
+    X->n = len / sizeof(mbedtls_mpi_uint);
+    X->p = (mbedtls_mpi_uint *) p;
+}
+
+/*
+ * Set an MPI to static value 1
+ */
+static inline void ecp_mpi_set1(mbedtls_mpi *X)
+{
+    static mbedtls_mpi_uint one[] = { 1 };
+    X->s = 1;
+    X->n = 1;
+    X->p = one;
+}
+
+/*
+ * Make group available from embedded constants
+ */
+static int ecp_group_load(mbedtls_ecp_group *grp,
+                          const mbedtls_mpi_uint *p,  size_t plen,
+                          const mbedtls_mpi_uint *a,  size_t alen,
+                          const mbedtls_mpi_uint *b,  size_t blen,
+                          const mbedtls_mpi_uint *gx, size_t gxlen,
+                          const mbedtls_mpi_uint *gy, size_t gylen,
+                          const mbedtls_mpi_uint *n,  size_t nlen)
+{
+    ecp_mpi_load(&grp->P, p, plen);
+    if (a != NULL) {
+        ecp_mpi_load(&grp->A, a, alen);
+    }
+    ecp_mpi_load(&grp->B, b, blen);
+    ecp_mpi_load(&grp->N, n, nlen);
+
+    ecp_mpi_load(&grp->G.X, gx, gxlen);
+    ecp_mpi_load(&grp->G.Y, gy, gylen);
+    ecp_mpi_set1(&grp->G.Z);
+
+    grp->pbits = mbedtls_mpi_bitlen(&grp->P);
+    grp->nbits = mbedtls_mpi_bitlen(&grp->N);
+
+    grp->h = 1;
+
+    return 0;
+}
+#endif /* ECP_LOAD_GROUP */
+
+#if defined(MBEDTLS_ECP_NIST_OPTIM)
+/* Forward declarations */
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+static int ecp_mod_p192(mbedtls_mpi *);
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+static int ecp_mod_p224(mbedtls_mpi *);
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+static int ecp_mod_p256(mbedtls_mpi *);
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+static int ecp_mod_p384(mbedtls_mpi *);
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+static int ecp_mod_p521(mbedtls_mpi *);
+#endif
+
+#define NIST_MODP(P)      grp->modp = ecp_mod_ ## P;
+#else
+#define NIST_MODP(P)
+#endif /* MBEDTLS_ECP_NIST_OPTIM */
+
+/* Additional forward declarations */
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+static int ecp_mod_p255(mbedtls_mpi *);
+#endif
+#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+static int ecp_mod_p448(mbedtls_mpi *);
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+static int ecp_mod_p192k1(mbedtls_mpi *);
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+static int ecp_mod_p224k1(mbedtls_mpi *);
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+static int ecp_mod_p256k1(mbedtls_mpi *);
+#endif
+
+#if defined(ECP_LOAD_GROUP)
+#define LOAD_GROUP_A(G)   ecp_group_load(grp,            \
+                                         G ## _p,  sizeof(G ## _p),   \
+                                         G ## _a,  sizeof(G ## _a),   \
+                                         G ## _b,  sizeof(G ## _b),   \
+                                         G ## _gx, sizeof(G ## _gx),   \
+                                         G ## _gy, sizeof(G ## _gy),   \
+                                         G ## _n,  sizeof(G ## _n))
+
+#define LOAD_GROUP(G)     ecp_group_load(grp,            \
+                                         G ## _p,  sizeof(G ## _p),   \
+                                         NULL,     0,                    \
+                                         G ## _b,  sizeof(G ## _b),   \
+                                         G ## _gx, sizeof(G ## _gx),   \
+                                         G ## _gy, sizeof(G ## _gy),   \
+                                         G ## _n,  sizeof(G ## _n))
+#endif /* ECP_LOAD_GROUP */
+
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+/* Constants used by ecp_use_curve25519() */
+static const mbedtls_mpi_sint curve25519_a24 = 0x01DB42;
+static const unsigned char curve25519_part_of_n[] = {
+    0x14, 0xDE, 0xF9, 0xDE, 0xA2, 0xF7, 0x9C, 0xD6,
+    0x58, 0x12, 0x63, 0x1A, 0x5C, 0xF5, 0xD3, 0xED,
+};
+
+/*
+ * Specialized function for creating the Curve25519 group
+ */
+static int ecp_use_curve25519(mbedtls_ecp_group *grp)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    /* Actually ( A + 2 ) / 4 */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->A, curve25519_a24));
+
+    /* P = 2^255 - 19 */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->P, 1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&grp->P, 255));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&grp->P, &grp->P, 19));
+    grp->pbits = mbedtls_mpi_bitlen(&grp->P);
+
+    /* N = 2^252 + 27742317777372353535851937790883648493 */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&grp->N,
+                                            curve25519_part_of_n, sizeof(curve25519_part_of_n)));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(&grp->N, 252, 1));
+
+    /* Y intentionally not set, since we use x/z coordinates.
+     * This is used as a marker to identify Montgomery curves! */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->G.X, 9));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->G.Z, 1));
+    mbedtls_mpi_free(&grp->G.Y);
+
+    /* Actually, the required msb for private keys */
+    grp->nbits = 254;
+
+cleanup:
+    if (ret != 0) {
+        mbedtls_ecp_group_free(grp);
+    }
+
+    return ret;
+}
+#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+/* Constants used by ecp_use_curve448() */
+static const mbedtls_mpi_sint curve448_a24 = 0x98AA;
+static const unsigned char curve448_part_of_n[] = {
+    0x83, 0x35, 0xDC, 0x16, 0x3B, 0xB1, 0x24,
+    0xB6, 0x51, 0x29, 0xC9, 0x6F, 0xDE, 0x93,
+    0x3D, 0x8D, 0x72, 0x3A, 0x70, 0xAA, 0xDC,
+    0x87, 0x3D, 0x6D, 0x54, 0xA7, 0xBB, 0x0D,
+};
+
+/*
+ * Specialized function for creating the Curve448 group
+ */
+static int ecp_use_curve448(mbedtls_ecp_group *grp)
+{
+    mbedtls_mpi Ns;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    mbedtls_mpi_init(&Ns);
+
+    /* Actually ( A + 2 ) / 4 */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->A, curve448_a24));
+
+    /* P = 2^448 - 2^224 - 1 */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->P, 1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&grp->P, 224));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&grp->P, &grp->P, 1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&grp->P, 224));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&grp->P, &grp->P, 1));
+    grp->pbits = mbedtls_mpi_bitlen(&grp->P);
+
+    /* Y intentionally not set, since we use x/z coordinates.
+     * This is used as a marker to identify Montgomery curves! */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->G.X, 5));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->G.Z, 1));
+    mbedtls_mpi_free(&grp->G.Y);
+
+    /* N = 2^446 - 13818066809895115352007386748515426880336692474882178609894547503885 */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(&grp->N, 446, 1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&Ns,
+                                            curve448_part_of_n, sizeof(curve448_part_of_n)));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&grp->N, &grp->N, &Ns));
+
+    /* Actually, the required msb for private keys */
+    grp->nbits = 447;
+
+cleanup:
+    mbedtls_mpi_free(&Ns);
+    if (ret != 0) {
+        mbedtls_ecp_group_free(grp);
+    }
+
+    return ret;
+}
+#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */
+
+/*
+ * Set a group using well-known domain parameters
+ */
+int mbedtls_ecp_group_load(mbedtls_ecp_group *grp, mbedtls_ecp_group_id id)
+{
+    ECP_VALIDATE_RET(grp != NULL);
+    mbedtls_ecp_group_free(grp);
+
+    mbedtls_ecp_group_init(grp);
+
+    grp->id = id;
+
+    switch (id) {
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP192R1:
+            NIST_MODP(p192);
+            return LOAD_GROUP(secp192r1);
+#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP224R1:
+            NIST_MODP(p224);
+            return LOAD_GROUP(secp224r1);
+#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP256R1:
+            NIST_MODP(p256);
+            return LOAD_GROUP(secp256r1);
+#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP384R1:
+            NIST_MODP(p384);
+            return LOAD_GROUP(secp384r1);
+#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP521R1:
+            NIST_MODP(p521);
+            return LOAD_GROUP(secp521r1);
+#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP192K1:
+            grp->modp = ecp_mod_p192k1;
+            return LOAD_GROUP_A(secp192k1);
+#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP224K1:
+            grp->modp = ecp_mod_p224k1;
+            return LOAD_GROUP_A(secp224k1);
+#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP256K1:
+            grp->modp = ecp_mod_p256k1;
+            return LOAD_GROUP_A(secp256k1);
+#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+        case MBEDTLS_ECP_DP_BP256R1:
+            return LOAD_GROUP_A(brainpoolP256r1);
+#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+        case MBEDTLS_ECP_DP_BP384R1:
+            return LOAD_GROUP_A(brainpoolP384r1);
+#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+        case MBEDTLS_ECP_DP_BP512R1:
+            return LOAD_GROUP_A(brainpoolP512r1);
+#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+        case MBEDTLS_ECP_DP_CURVE25519:
+            grp->modp = ecp_mod_p255;
+            return ecp_use_curve25519(grp);
+#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+        case MBEDTLS_ECP_DP_CURVE448:
+            grp->modp = ecp_mod_p448;
+            return ecp_use_curve448(grp);
+#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */
+
+        default:
+            grp->id = MBEDTLS_ECP_DP_NONE;
+            return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+    }
+}
+
+#if defined(MBEDTLS_ECP_NIST_OPTIM)
+/*
+ * Fast reduction modulo the primes used by the NIST curves.
+ *
+ * These functions are critical for speed, but not needed for correct
+ * operations. So, we make the choice to heavily rely on the internals of our
+ * bignum library, which creates a tight coupling between these functions and
+ * our MPI implementation.  However, the coupling between the ECP module and
+ * MPI remains loose, since these functions can be deactivated at will.
+ */
+
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+/*
+ * Compared to the way things are presented in FIPS 186-3 D.2,
+ * we proceed in columns, from right (least significant chunk) to left,
+ * adding chunks to N in place, and keeping a carry for the next chunk.
+ * This avoids moving things around in memory, and uselessly adding zeros,
+ * compared to the more straightforward, line-oriented approach.
+ *
+ * For this prime we need to handle data in chunks of 64 bits.
+ * Since this is always a multiple of our basic mbedtls_mpi_uint, we can
+ * use a mbedtls_mpi_uint * to designate such a chunk, and small loops to handle it.
+ */
+
+/* Add 64-bit chunks (dst += src) and update carry */
+static inline void add64(mbedtls_mpi_uint *dst, mbedtls_mpi_uint *src, mbedtls_mpi_uint *carry)
+{
+    unsigned char i;
+    mbedtls_mpi_uint c = 0;
+    for (i = 0; i < 8 / sizeof(mbedtls_mpi_uint); i++, dst++, src++) {
+        *dst += c;      c  = (*dst < c);
+        *dst += *src;   c += (*dst < *src);
+    }
+    *carry += c;
+}
+
+/* Add carry to a 64-bit chunk and update carry */
+static inline void carry64(mbedtls_mpi_uint *dst, mbedtls_mpi_uint *carry)
+{
+    unsigned char i;
+    for (i = 0; i < 8 / sizeof(mbedtls_mpi_uint); i++, dst++) {
+        *dst += *carry;
+        *carry  = (*dst < *carry);
+    }
+}
+
+#define WIDTH       8 / sizeof(mbedtls_mpi_uint)
+#define A(i)      N->p + (i) * WIDTH
+#define ADD(i)    add64(p, A(i), &c)
+#define NEXT        p += WIDTH; carry64(p, &c)
+#define LAST        p += WIDTH; *p = c; while (++p < end) *p = 0
+
+/*
+ * Fast quasi-reduction modulo p192 (FIPS 186-3 D.2.1)
+ */
+static int ecp_mod_p192(mbedtls_mpi *N)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_mpi_uint c = 0;
+    mbedtls_mpi_uint *p, *end;
+
+    /* Make sure we have enough blocks so that A(5) is legal */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(N, 6 * WIDTH));
+
+    p = N->p;
+    end = p + N->n;
+
+    ADD(3); ADD(5);             NEXT;     // A0 += A3 + A5
+    ADD(3); ADD(4); ADD(5);   NEXT;       // A1 += A3 + A4 + A5
+    ADD(4); ADD(5);             LAST;     // A2 += A4 + A5
+
+cleanup:
+    return ret;
+}
+
+#undef WIDTH
+#undef A
+#undef ADD
+#undef NEXT
+#undef LAST
+#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+/*
+ * The reader is advised to first understand ecp_mod_p192() since the same
+ * general structure is used here, but with additional complications:
+ * (1) chunks of 32 bits, and (2) subtractions.
+ */
+
+/*
+ * For these primes, we need to handle data in chunks of 32 bits.
+ * This makes it more complicated if we use 64 bits limbs in MPI,
+ * which prevents us from using a uniform access method as for p192.
+ *
+ * So, we define a mini abstraction layer to access 32 bit chunks,
+ * load them in 'cur' for work, and store them back from 'cur' when done.
+ *
+ * While at it, also define the size of N in terms of 32-bit chunks.
+ */
+#define LOAD32      cur = A(i);
+
+#if defined(MBEDTLS_HAVE_INT32)  /* 32 bit */
+
+#define MAX32       N->n
+#define A(j)      N->p[j]
+#define STORE32     N->p[i] = cur;
+
+#else                               /* 64-bit */
+
+#define MAX32       N->n * 2
+#define A(j) (j) % 2 ? (uint32_t) (N->p[(j)/2] >> 32) : \
+    (uint32_t) (N->p[(j)/2])
+#define STORE32                                   \
+    if (i % 2) {                                 \
+        N->p[i/2] &= 0x00000000FFFFFFFF;          \
+        N->p[i/2] |= ((mbedtls_mpi_uint) cur) << 32;        \
+    } else {                                      \
+        N->p[i/2] &= 0xFFFFFFFF00000000;          \
+        N->p[i/2] |= (mbedtls_mpi_uint) cur;                \
+    }
+
+#endif /* sizeof( mbedtls_mpi_uint ) */
+
+/*
+ * Helpers for addition and subtraction of chunks, with signed carry.
+ */
+static inline void add32(uint32_t *dst, uint32_t src, signed char *carry)
+{
+    *dst += src;
+    *carry += (*dst < src);
+}
+
+static inline void sub32(uint32_t *dst, uint32_t src, signed char *carry)
+{
+    *carry -= (*dst < src);
+    *dst -= src;
+}
+
+#define ADD(j)    add32(&cur, A(j), &c);
+#define SUB(j)    sub32(&cur, A(j), &c);
+
+#define ciL    (sizeof(mbedtls_mpi_uint))         /* chars in limb  */
+#define biL    (ciL << 3)                         /* bits  in limb  */
+
+/*
+ * Helpers for the main 'loop'
+ */
+#define INIT(b)                                                       \
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;                    \
+    signed char c = 0, cc;                                              \
+    uint32_t cur;                                                       \
+    size_t i = 0, bits = (b);                                           \
+    /* N is the size of the product of two b-bit numbers, plus one */   \
+    /* limb for fix_negative */                                         \
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(N, (b) * 2 / biL + 1));      \
+    LOAD32;
+
+#define NEXT                    \
+    STORE32; i++; LOAD32;       \
+    cc = c; c = 0;              \
+    if (cc < 0)                \
+    sub32(&cur, -cc, &c); \
+    else                        \
+    add32(&cur, cc, &c);  \
+
+#define LAST                                    \
+    STORE32; i++;                               \
+    cur = c > 0 ? c : 0; STORE32;               \
+    cur = 0; while (++i < MAX32) { STORE32; }  \
+    if (c < 0) mbedtls_ecp_fix_negative(N, c, bits);
+
+/*
+ * If the result is negative, we get it in the form
+ * c * 2^bits + N, with c negative and N positive shorter than 'bits'
+ */
+MBEDTLS_STATIC_TESTABLE
+void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits)
+{
+    size_t i;
+
+    /* Set N := 2^bits - 1 - N. We know that 0 <= N < 2^bits, so
+     * set the absolute value to 0xfff...fff - N. There is no carry
+     * since we're subtracting from all-bits-one.  */
+    for (i = 0; i <= bits / 8 / sizeof(mbedtls_mpi_uint); i++) {
+        N->p[i] = ~(mbedtls_mpi_uint) 0 - N->p[i];
+    }
+    /* Add 1, taking care of the carry. */
+    i = 0;
+    do {
+        ++N->p[i];
+    } while (N->p[i++] == 0 && i <= bits / 8 / sizeof(mbedtls_mpi_uint));
+    /* Invert the sign.
+     * Now N = N0 - 2^bits where N0 is the initial value of N. */
+    N->s = -1;
+
+    /* Add |c| * 2^bits to the absolute value. Since c and N are
+     * negative, this adds c * 2^bits. */
+    mbedtls_mpi_uint msw = (mbedtls_mpi_uint) -c;
+#if defined(MBEDTLS_HAVE_INT64)
+    if (bits == 224) {
+        msw <<= 32;
+    }
+#endif
+    N->p[bits / 8 / sizeof(mbedtls_mpi_uint)] += msw;
+}
+
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+/*
+ * Fast quasi-reduction modulo p224 (FIPS 186-3 D.2.2)
+ */
+static int ecp_mod_p224(mbedtls_mpi *N)
+{
+    INIT(224);
+
+    SUB(7); SUB(11);               NEXT;      // A0 += -A7 - A11
+    SUB(8); SUB(12);               NEXT;      // A1 += -A8 - A12
+    SUB(9); SUB(13);               NEXT;      // A2 += -A9 - A13
+    SUB(10); ADD(7); ADD(11);    NEXT;        // A3 += -A10 + A7 + A11
+    SUB(11); ADD(8); ADD(12);    NEXT;        // A4 += -A11 + A8 + A12
+    SUB(12); ADD(9); ADD(13);    NEXT;        // A5 += -A12 + A9 + A13
+    SUB(13); ADD(10);               LAST;     // A6 += -A13 + A10
+
+cleanup:
+    return ret;
+}
+#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+/*
+ * Fast quasi-reduction modulo p256 (FIPS 186-3 D.2.3)
+ */
+static int ecp_mod_p256(mbedtls_mpi *N)
+{
+    INIT(256);
+
+    ADD(8); ADD(9);
+    SUB(11); SUB(12); SUB(13); SUB(14);             NEXT;         // A0
+
+    ADD(9); ADD(10);
+    SUB(12); SUB(13); SUB(14); SUB(15);             NEXT;         // A1
+
+    ADD(10); ADD(11);
+    SUB(13); SUB(14); SUB(15);                        NEXT;       // A2
+
+    ADD(11); ADD(11); ADD(12); ADD(12); ADD(13);
+    SUB(15); SUB(8); SUB(9);                        NEXT;         // A3
+
+    ADD(12); ADD(12); ADD(13); ADD(13); ADD(14);
+    SUB(9); SUB(10);                                   NEXT;      // A4
+
+    ADD(13); ADD(13); ADD(14); ADD(14); ADD(15);
+    SUB(10); SUB(11);                                   NEXT;     // A5
+
+    ADD(14); ADD(14); ADD(15); ADD(15); ADD(14); ADD(13);
+    SUB(8); SUB(9);                                   NEXT;       // A6
+
+    ADD(15); ADD(15); ADD(15); ADD(8);
+    SUB(10); SUB(11); SUB(12); SUB(13);             LAST;         // A7
+
+cleanup:
+    return ret;
+}
+#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+/*
+ * Fast quasi-reduction modulo p384 (FIPS 186-3 D.2.4)
+ */
+static int ecp_mod_p384(mbedtls_mpi *N)
+{
+    INIT(384);
+
+    ADD(12); ADD(21); ADD(20);
+    SUB(23);                                              NEXT;   // A0
+
+    ADD(13); ADD(22); ADD(23);
+    SUB(12); SUB(20);                                   NEXT;     // A2
+
+    ADD(14); ADD(23);
+    SUB(13); SUB(21);                                   NEXT;     // A2
+
+    ADD(15); ADD(12); ADD(20); ADD(21);
+    SUB(14); SUB(22); SUB(23);                        NEXT;       // A3
+
+    ADD(21); ADD(21); ADD(16); ADD(13); ADD(12); ADD(20); ADD(22);
+    SUB(15); SUB(23); SUB(23);                        NEXT;       // A4
+
+    ADD(22); ADD(22); ADD(17); ADD(14); ADD(13); ADD(21); ADD(23);
+    SUB(16);                                              NEXT;   // A5
+
+    ADD(23); ADD(23); ADD(18); ADD(15); ADD(14); ADD(22);
+    SUB(17);                                              NEXT;   // A6
+
+    ADD(19); ADD(16); ADD(15); ADD(23);
+    SUB(18);                                              NEXT;   // A7
+
+    ADD(20); ADD(17); ADD(16);
+    SUB(19);                                              NEXT;   // A8
+
+    ADD(21); ADD(18); ADD(17);
+    SUB(20);                                              NEXT;   // A9
+
+    ADD(22); ADD(19); ADD(18);
+    SUB(21);                                              NEXT;   // A10
+
+    ADD(23); ADD(20); ADD(19);
+    SUB(22);                                              LAST;   // A11
+
+cleanup:
+    return ret;
+}
+#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
+
+#undef A
+#undef LOAD32
+#undef STORE32
+#undef MAX32
+#undef INIT
+#undef NEXT
+#undef LAST
+
+#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED ||
+          MBEDTLS_ECP_DP_SECP256R1_ENABLED ||
+          MBEDTLS_ECP_DP_SECP384R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+/*
+ * Here we have an actual Mersenne prime, so things are more straightforward.
+ * However, chunks are aligned on a 'weird' boundary (521 bits).
+ */
+
+/* Size of p521 in terms of mbedtls_mpi_uint */
+#define P521_WIDTH      (521 / 8 / sizeof(mbedtls_mpi_uint) + 1)
+
+/* Bits to keep in the most significant mbedtls_mpi_uint */
+#define P521_MASK       0x01FF
+
+/*
+ * Fast quasi-reduction modulo p521 (FIPS 186-3 D.2.5)
+ * Write N as A1 + 2^521 A0, return A0 + A1
+ */
+static int ecp_mod_p521(mbedtls_mpi *N)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t i;
+    mbedtls_mpi M;
+    mbedtls_mpi_uint Mp[P521_WIDTH + 1];
+    /* Worst case for the size of M is when mbedtls_mpi_uint is 16 bits:
+     * we need to hold bits 513 to 1056, which is 34 limbs, that is
+     * P521_WIDTH + 1. Otherwise P521_WIDTH is enough. */
+
+    if (N->n < P521_WIDTH) {
+        return 0;
+    }
+
+    /* M = A1 */
+    M.s = 1;
+    M.n = N->n - (P521_WIDTH - 1);
+    if (M.n > P521_WIDTH + 1) {
+        M.n = P521_WIDTH + 1;
+    }
+    M.p = Mp;
+    memcpy(Mp, N->p + P521_WIDTH - 1, M.n * sizeof(mbedtls_mpi_uint));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&M, 521 % (8 * sizeof(mbedtls_mpi_uint))));
+
+    /* N = A0 */
+    N->p[P521_WIDTH - 1] &= P521_MASK;
+    for (i = P521_WIDTH; i < N->n; i++) {
+        N->p[i] = 0;
+    }
+
+    /* N = A0 + A1 */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_add_abs(N, N, &M));
+
+cleanup:
+    return ret;
+}
+
+#undef P521_WIDTH
+#undef P521_MASK
+#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
+
+#endif /* MBEDTLS_ECP_NIST_OPTIM */
+
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+
+/* Size of p255 in terms of mbedtls_mpi_uint */
+#define P255_WIDTH      (255 / 8 / sizeof(mbedtls_mpi_uint) + 1)
+
+/*
+ * Fast quasi-reduction modulo p255 = 2^255 - 19
+ * Write N as A0 + 2^255 A1, return A0 + 19 * A1
+ */
+static int ecp_mod_p255(mbedtls_mpi *N)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t i;
+    mbedtls_mpi M;
+    mbedtls_mpi_uint Mp[P255_WIDTH + 2];
+
+    if (N->n < P255_WIDTH) {
+        return 0;
+    }
+
+    /* M = A1 */
+    M.s = 1;
+    M.n = N->n - (P255_WIDTH - 1);
+    if (M.n > P255_WIDTH + 1) {
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+    M.p = Mp;
+    memset(Mp, 0, sizeof(Mp));
+    memcpy(Mp, N->p + P255_WIDTH - 1, M.n * sizeof(mbedtls_mpi_uint));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&M, 255 % (8 * sizeof(mbedtls_mpi_uint))));
+    M.n++; /* Make room for multiplication by 19 */
+
+    /* N = A0 */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(N, 255, 0));
+    for (i = P255_WIDTH; i < N->n; i++) {
+        N->p[i] = 0;
+    }
+
+    /* N = A0 + 19 * A1 */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_int(&M, &M, 19));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_add_abs(N, N, &M));
+
+cleanup:
+    return ret;
+}
+#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+
+/* Size of p448 in terms of mbedtls_mpi_uint */
+#define P448_WIDTH      (448 / 8 / sizeof(mbedtls_mpi_uint))
+
+/* Number of limbs fully occupied by 2^224 (max), and limbs used by it (min) */
+#define DIV_ROUND_UP(X, Y) (((X) + (Y) -1) / (Y))
+#define P224_WIDTH_MIN   (28 / sizeof(mbedtls_mpi_uint))
+#define P224_WIDTH_MAX   DIV_ROUND_UP(28, sizeof(mbedtls_mpi_uint))
+#define P224_UNUSED_BITS ((P224_WIDTH_MAX * sizeof(mbedtls_mpi_uint) * 8) - 224)
+
+/*
+ * Fast quasi-reduction modulo p448 = 2^448 - 2^224 - 1
+ * Write N as A0 + 2^448 A1 and A1 as B0 + 2^224 B1, and return
+ * A0 + A1 + B1 + (B0 + B1) * 2^224.  This is different to the reference
+ * implementation of Curve448, which uses its own special 56-bit limbs rather
+ * than a generic bignum library.  We could squeeze some extra speed out on
+ * 32-bit machines by splitting N up into 32-bit limbs and doing the
+ * arithmetic using the limbs directly as we do for the NIST primes above,
+ * but for 64-bit targets it should use half the number of operations if we do
+ * the reduction with 224-bit limbs, since mpi_add_mpi will then use 64-bit adds.
+ */
+static int ecp_mod_p448(mbedtls_mpi *N)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t i;
+    mbedtls_mpi M, Q;
+    mbedtls_mpi_uint Mp[P448_WIDTH + 1], Qp[P448_WIDTH];
+
+    if (N->n <= P448_WIDTH) {
+        return 0;
+    }
+
+    /* M = A1 */
+    M.s = 1;
+    M.n = N->n - (P448_WIDTH);
+    if (M.n > P448_WIDTH) {
+        /* Shouldn't be called with N larger than 2^896! */
+        return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+    }
+    M.p = Mp;
+    memset(Mp, 0, sizeof(Mp));
+    memcpy(Mp, N->p + P448_WIDTH, M.n * sizeof(mbedtls_mpi_uint));
+
+    /* N = A0 */
+    for (i = P448_WIDTH; i < N->n; i++) {
+        N->p[i] = 0;
+    }
+
+    /* N += A1 */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(N, N, &M));
+
+    /* Q = B1, N += B1 */
+    Q = M;
+    Q.p = Qp;
+    memcpy(Qp, Mp, sizeof(Qp));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&Q, 224));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(N, N, &Q));
+
+    /* M = (B0 + B1) * 2^224, N += M */
+    if (sizeof(mbedtls_mpi_uint) > 4) {
+        Mp[P224_WIDTH_MIN] &= ((mbedtls_mpi_uint)-1) >> (P224_UNUSED_BITS);
+    }
+    for (i = P224_WIDTH_MAX; i < M.n; ++i) {
+        Mp[i] = 0;
+    }
+    MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&M, &M, &Q));
+    M.n = P448_WIDTH + 1; /* Make room for shifted carry bit from the addition */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&M, 224));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(N, N, &M));
+
+cleanup:
+    return ret;
+}
+#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+/*
+ * Fast quasi-reduction modulo P = 2^s - R,
+ * with R about 33 bits, used by the Koblitz curves.
+ *
+ * Write N as A0 + 2^224 A1, return A0 + R * A1.
+ * Actually do two passes, since R is big.
+ */
+#define P_KOBLITZ_MAX   (256 / 8 / sizeof(mbedtls_mpi_uint))      // Max limbs in P
+#define P_KOBLITZ_R     (8 / sizeof(mbedtls_mpi_uint))            // Limbs in R
+static inline int ecp_mod_koblitz(mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t p_limbs,
+                                  size_t adjust, size_t shift, mbedtls_mpi_uint mask)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t i;
+    mbedtls_mpi M, R;
+    mbedtls_mpi_uint Mp[P_KOBLITZ_MAX + P_KOBLITZ_R + 1];
+
+    if (N->n < p_limbs) {
+        return 0;
+    }
+
+    /* Init R */
+    R.s = 1;
+    R.p = Rp;
+    R.n = P_KOBLITZ_R;
+
+    /* Common setup for M */
+    M.s = 1;
+    M.p = Mp;
+
+    /* M = A1 */
+    M.n = N->n - (p_limbs - adjust);
+    if (M.n > p_limbs + adjust) {
+        M.n = p_limbs + adjust;
+    }
+    memset(Mp, 0, sizeof(Mp));
+    memcpy(Mp, N->p + p_limbs - adjust, M.n * sizeof(mbedtls_mpi_uint));
+    if (shift != 0) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&M, shift));
+    }
+    M.n += R.n; /* Make room for multiplication by R */
+
+    /* N = A0 */
+    if (mask != 0) {
+        N->p[p_limbs - 1] &= mask;
+    }
+    for (i = p_limbs; i < N->n; i++) {
+        N->p[i] = 0;
+    }
+
+    /* N = A0 + R * A1 */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&M, &M, &R));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_add_abs(N, N, &M));
+
+    /* Second pass */
+
+    /* M = A1 */
+    M.n = N->n - (p_limbs - adjust);
+    if (M.n > p_limbs + adjust) {
+        M.n = p_limbs + adjust;
+    }
+    memset(Mp, 0, sizeof(Mp));
+    memcpy(Mp, N->p + p_limbs - adjust, M.n * sizeof(mbedtls_mpi_uint));
+    if (shift != 0) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&M, shift));
+    }
+    M.n += R.n; /* Make room for multiplication by R */
+
+    /* N = A0 */
+    if (mask != 0) {
+        N->p[p_limbs - 1] &= mask;
+    }
+    for (i = p_limbs; i < N->n; i++) {
+        N->p[i] = 0;
+    }
+
+    /* N = A0 + R * A1 */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&M, &M, &R));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_add_abs(N, N, &M));
+
+cleanup:
+    return ret;
+}
+#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED) ||
+          MBEDTLS_ECP_DP_SECP224K1_ENABLED) ||
+          MBEDTLS_ECP_DP_SECP256K1_ENABLED) */
+
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+/*
+ * Fast quasi-reduction modulo p192k1 = 2^192 - R,
+ * with R = 2^32 + 2^12 + 2^8 + 2^7 + 2^6 + 2^3 + 1 = 0x0100001119
+ */
+static int ecp_mod_p192k1(mbedtls_mpi *N)
+{
+    static mbedtls_mpi_uint Rp[] = {
+        MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x11, 0x00, 0x00, 0x01, 0x00, 0x00,
+                                  0x00)
+    };
+
+    return ecp_mod_koblitz(N, Rp, 192 / 8 / sizeof(mbedtls_mpi_uint), 0, 0,
+                           0);
+}
+#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+/*
+ * Fast quasi-reduction modulo p224k1 = 2^224 - R,
+ * with R = 2^32 + 2^12 + 2^11 + 2^9 + 2^7 + 2^4 + 2 + 1 = 0x0100001A93
+ */
+static int ecp_mod_p224k1(mbedtls_mpi *N)
+{
+    static mbedtls_mpi_uint Rp[] = {
+        MBEDTLS_BYTES_TO_T_UINT_8(0x93, 0x1A, 0x00, 0x00, 0x01, 0x00, 0x00,
+                                  0x00)
+    };
+
+#if defined(MBEDTLS_HAVE_INT64)
+    return ecp_mod_koblitz(N, Rp, 4, 1, 32, 0xFFFFFFFF);
+#else
+    return ecp_mod_koblitz(N, Rp, 224 / 8 / sizeof(mbedtls_mpi_uint), 0, 0,
+                           0);
+#endif
+}
+
+#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+/*
+ * Fast quasi-reduction modulo p256k1 = 2^256 - R,
+ * with R = 2^32 + 2^9 + 2^8 + 2^7 + 2^6 + 2^4 + 1 = 0x01000003D1
+ */
+static int ecp_mod_p256k1(mbedtls_mpi *N)
+{
+    static mbedtls_mpi_uint Rp[] = {
+        MBEDTLS_BYTES_TO_T_UINT_8(0xD1, 0x03, 0x00, 0x00, 0x01, 0x00, 0x00,
+                                  0x00)
+    };
+    return ecp_mod_koblitz(N, Rp, 256 / 8 / sizeof(mbedtls_mpi_uint), 0, 0,
+                           0);
+}
+#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
+
+#endif /* !MBEDTLS_ECP_ALT */
+
+#endif /* MBEDTLS_ECP_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/ecp_invasive.h b/3rdparty/mbedtls-2.28.7/library/ecp_invasive.h
new file mode 100644
index 0000000..b5a1f7c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/ecp_invasive.h
@@ -0,0 +1,69 @@
+/**
+ * \file ecp_invasive.h
+ *
+ * \brief ECP module: interfaces for invasive testing only.
+ *
+ * The interfaces in this file are intended for testing purposes only.
+ * They SHOULD NOT be made available in library integrations except when
+ * building the library for testing.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_ECP_INVASIVE_H
+#define MBEDTLS_ECP_INVASIVE_H
+
+#include "common.h"
+#include "mbedtls/bignum.h"
+#include "mbedtls/ecp.h"
+
+#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_ECP_C)
+
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+/* Preconditions:
+ *   - bits is a multiple of 64 or is 224
+ *   - c is -1 or -2
+ *   - 0 <= N < 2^bits
+ *   - N has room for bits plus one limb
+ *
+ * Behavior:
+ * Set N to c * 2^bits + old_value_of_N.
+ */
+void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits);
+#endif
+
+#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
+/** Generate a private key on a Montgomery curve (Curve25519 or Curve448).
+ *
+ * This function implements key generation for the set of secret keys
+ * specified in [Curve25519] p. 5 and in [Curve448]. The resulting value
+ * has the lower bits masked but is not necessarily canonical.
+ *
+ * \note            - [Curve25519] http://cr.yp.to/ecdh/curve25519-20060209.pdf
+ *                  - [RFC7748] https://tools.ietf.org/html/rfc7748
+ *
+ * \p high_bit      The position of the high-order bit of the key to generate.
+ *                  This is the bit-size of the key minus 1:
+ *                  254 for Curve25519 or 447 for Curve448.
+ * \param d         The randomly generated key. This is a number of size
+ *                  exactly \p high_bit + 1 bits, with the least significant bits
+ *                  masked as specified in [Curve25519] and in [RFC7748] §5.
+ * \param f_rng     The RNG function.
+ * \param p_rng     The RNG context to be passed to \p f_rng.
+ *
+ * \return          \c 0 on success.
+ * \return          \c MBEDTLS_ERR_ECP_xxx or MBEDTLS_ERR_MPI_xxx on failure.
+ */
+int mbedtls_ecp_gen_privkey_mx(size_t high_bit,
+                               mbedtls_mpi *d,
+                               int (*f_rng)(void *, unsigned char *, size_t),
+                               void *p_rng);
+
+#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
+
+#endif /* MBEDTLS_TEST_HOOKS && MBEDTLS_ECP_C */
+
+#endif /* MBEDTLS_ECP_INVASIVE_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/entropy.c b/3rdparty/mbedtls-2.28.7/library/entropy.c
new file mode 100644
index 0000000..339dc0e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/entropy.c
@@ -0,0 +1,752 @@
+/*
+ *  Entropy accumulator implementation
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_ENTROPY_C)
+
+#if defined(MBEDTLS_TEST_NULL_ENTROPY)
+#warning "**** WARNING!  MBEDTLS_TEST_NULL_ENTROPY defined! "
+#warning "**** THIS BUILD HAS NO DEFINED ENTROPY SOURCES "
+#warning "**** THIS BUILD IS *NOT* SUITABLE FOR PRODUCTION USE "
+#endif
+
+#include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_FS_IO)
+#include <stdio.h>
+#endif
+
+#include "mbedtls/platform.h"
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_HAVEGE_C)
+#include "mbedtls/havege.h"
+#endif
+
+#define ENTROPY_MAX_LOOP    256     /**< Maximum amount to loop before error */
+
+void mbedtls_entropy_init(mbedtls_entropy_context *ctx)
+{
+    ctx->source_count = 0;
+    memset(ctx->source, 0, sizeof(ctx->source));
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_init(&ctx->mutex);
+#endif
+
+    ctx->accumulator_started = 0;
+#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
+    mbedtls_sha512_init(&ctx->accumulator);
+#else
+    mbedtls_sha256_init(&ctx->accumulator);
+#endif
+#if defined(MBEDTLS_HAVEGE_C)
+    mbedtls_havege_init(&ctx->havege_data);
+#endif
+
+    /* Reminder: Update ENTROPY_HAVE_STRONG in the test files
+     *           when adding more strong entropy sources here. */
+
+#if defined(MBEDTLS_TEST_NULL_ENTROPY)
+    mbedtls_entropy_add_source(ctx, mbedtls_null_entropy_poll, NULL,
+                               1, MBEDTLS_ENTROPY_SOURCE_STRONG);
+#endif
+
+#if !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
+#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
+    mbedtls_entropy_add_source(ctx, mbedtls_platform_entropy_poll, NULL,
+                               MBEDTLS_ENTROPY_MIN_PLATFORM,
+                               MBEDTLS_ENTROPY_SOURCE_STRONG);
+#endif
+#if defined(MBEDTLS_TIMING_C)
+    mbedtls_entropy_add_source(ctx, mbedtls_hardclock_poll, NULL,
+                               MBEDTLS_ENTROPY_MIN_HARDCLOCK,
+                               MBEDTLS_ENTROPY_SOURCE_WEAK);
+#endif
+#if defined(MBEDTLS_HAVEGE_C)
+    mbedtls_entropy_add_source(ctx, mbedtls_havege_poll, &ctx->havege_data,
+                               MBEDTLS_ENTROPY_MIN_HAVEGE,
+                               MBEDTLS_ENTROPY_SOURCE_STRONG);
+#endif
+#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+    mbedtls_entropy_add_source(ctx, mbedtls_hardware_poll, NULL,
+                               MBEDTLS_ENTROPY_MIN_HARDWARE,
+                               MBEDTLS_ENTROPY_SOURCE_STRONG);
+#endif
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+    mbedtls_entropy_add_source(ctx, mbedtls_nv_seed_poll, NULL,
+                               MBEDTLS_ENTROPY_BLOCK_SIZE,
+                               MBEDTLS_ENTROPY_SOURCE_STRONG);
+    ctx->initial_entropy_run = 0;
+#endif
+#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */
+}
+
+void mbedtls_entropy_free(mbedtls_entropy_context *ctx)
+{
+    /* If the context was already free, don't call free() again.
+     * This is important for mutexes which don't allow double-free. */
+    if (ctx->accumulator_started == -1) {
+        return;
+    }
+
+#if defined(MBEDTLS_HAVEGE_C)
+    mbedtls_havege_free(&ctx->havege_data);
+#endif
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_free(&ctx->mutex);
+#endif
+#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
+    mbedtls_sha512_free(&ctx->accumulator);
+#else
+    mbedtls_sha256_free(&ctx->accumulator);
+#endif
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+    ctx->initial_entropy_run = 0;
+#endif
+    ctx->source_count = 0;
+    mbedtls_platform_zeroize(ctx->source, sizeof(ctx->source));
+    ctx->accumulator_started = -1;
+}
+
+int mbedtls_entropy_add_source(mbedtls_entropy_context *ctx,
+                               mbedtls_entropy_f_source_ptr f_source, void *p_source,
+                               size_t threshold, int strong)
+{
+    int idx, ret = 0;
+
+#if defined(MBEDTLS_THREADING_C)
+    if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) {
+        return ret;
+    }
+#endif
+
+    idx = ctx->source_count;
+    if (idx >= MBEDTLS_ENTROPY_MAX_SOURCES) {
+        ret = MBEDTLS_ERR_ENTROPY_MAX_SOURCES;
+        goto exit;
+    }
+
+    ctx->source[idx].f_source  = f_source;
+    ctx->source[idx].p_source  = p_source;
+    ctx->source[idx].threshold = threshold;
+    ctx->source[idx].strong    = strong;
+
+    ctx->source_count++;
+
+exit:
+#if defined(MBEDTLS_THREADING_C)
+    if (mbedtls_mutex_unlock(&ctx->mutex) != 0) {
+        return MBEDTLS_ERR_THREADING_MUTEX_ERROR;
+    }
+#endif
+
+    return ret;
+}
+
+/*
+ * Entropy accumulator update
+ */
+static int entropy_update(mbedtls_entropy_context *ctx, unsigned char source_id,
+                          const unsigned char *data, size_t len)
+{
+    unsigned char header[2];
+    unsigned char tmp[MBEDTLS_ENTROPY_BLOCK_SIZE];
+    size_t use_len = len;
+    const unsigned char *p = data;
+    int ret = 0;
+
+    if (use_len > MBEDTLS_ENTROPY_BLOCK_SIZE) {
+#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
+        if ((ret = mbedtls_sha512_ret(data, len, tmp, 0)) != 0) {
+            goto cleanup;
+        }
+#else
+        if ((ret = mbedtls_sha256_ret(data, len, tmp, 0)) != 0) {
+            goto cleanup;
+        }
+#endif
+        p = tmp;
+        use_len = MBEDTLS_ENTROPY_BLOCK_SIZE;
+    }
+
+    header[0] = source_id;
+    header[1] = use_len & 0xFF;
+
+    /*
+     * Start the accumulator if this has not already happened. Note that
+     * it is sufficient to start the accumulator here only because all calls to
+     * gather entropy eventually execute this code.
+     */
+#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
+    if (ctx->accumulator_started == 0 &&
+        (ret = mbedtls_sha512_starts_ret(&ctx->accumulator, 0)) != 0) {
+        goto cleanup;
+    } else {
+        ctx->accumulator_started = 1;
+    }
+    if ((ret = mbedtls_sha512_update_ret(&ctx->accumulator, header, 2)) != 0) {
+        goto cleanup;
+    }
+    ret = mbedtls_sha512_update_ret(&ctx->accumulator, p, use_len);
+#else
+    if (ctx->accumulator_started == 0 &&
+        (ret = mbedtls_sha256_starts_ret(&ctx->accumulator, 0)) != 0) {
+        goto cleanup;
+    } else {
+        ctx->accumulator_started = 1;
+    }
+    if ((ret = mbedtls_sha256_update_ret(&ctx->accumulator, header, 2)) != 0) {
+        goto cleanup;
+    }
+    ret = mbedtls_sha256_update_ret(&ctx->accumulator, p, use_len);
+#endif
+
+cleanup:
+    mbedtls_platform_zeroize(tmp, sizeof(tmp));
+
+    return ret;
+}
+
+int mbedtls_entropy_update_manual(mbedtls_entropy_context *ctx,
+                                  const unsigned char *data, size_t len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+#if defined(MBEDTLS_THREADING_C)
+    if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) {
+        return ret;
+    }
+#endif
+
+    ret = entropy_update(ctx, MBEDTLS_ENTROPY_SOURCE_MANUAL, data, len);
+
+#if defined(MBEDTLS_THREADING_C)
+    if (mbedtls_mutex_unlock(&ctx->mutex) != 0) {
+        return MBEDTLS_ERR_THREADING_MUTEX_ERROR;
+    }
+#endif
+
+    return ret;
+}
+
+/*
+ * Run through the different sources to add entropy to our accumulator
+ */
+static int entropy_gather_internal(mbedtls_entropy_context *ctx)
+{
+    int ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+    int i;
+    int have_one_strong = 0;
+    unsigned char buf[MBEDTLS_ENTROPY_MAX_GATHER];
+    size_t olen;
+
+    if (ctx->source_count == 0) {
+        return MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED;
+    }
+
+    /*
+     * Run through our entropy sources
+     */
+    for (i = 0; i < ctx->source_count; i++) {
+        if (ctx->source[i].strong == MBEDTLS_ENTROPY_SOURCE_STRONG) {
+            have_one_strong = 1;
+        }
+
+        olen = 0;
+        if ((ret = ctx->source[i].f_source(ctx->source[i].p_source,
+                                           buf, MBEDTLS_ENTROPY_MAX_GATHER, &olen)) != 0) {
+            goto cleanup;
+        }
+
+        /*
+         * Add if we actually gathered something
+         */
+        if (olen > 0) {
+            if ((ret = entropy_update(ctx, (unsigned char) i,
+                                      buf, olen)) != 0) {
+                return ret;
+            }
+            ctx->source[i].size += olen;
+        }
+    }
+
+    if (have_one_strong == 0) {
+        ret = MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE;
+    }
+
+cleanup:
+    mbedtls_platform_zeroize(buf, sizeof(buf));
+
+    return ret;
+}
+
+/*
+ * Thread-safe wrapper for entropy_gather_internal()
+ */
+int mbedtls_entropy_gather(mbedtls_entropy_context *ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+#if defined(MBEDTLS_THREADING_C)
+    if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) {
+        return ret;
+    }
+#endif
+
+    ret = entropy_gather_internal(ctx);
+
+#if defined(MBEDTLS_THREADING_C)
+    if (mbedtls_mutex_unlock(&ctx->mutex) != 0) {
+        return MBEDTLS_ERR_THREADING_MUTEX_ERROR;
+    }
+#endif
+
+    return ret;
+}
+
+int mbedtls_entropy_func(void *data, unsigned char *output, size_t len)
+{
+    int ret, count = 0, i, thresholds_reached;
+    size_t strong_size;
+    mbedtls_entropy_context *ctx = (mbedtls_entropy_context *) data;
+    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
+
+    if (len > MBEDTLS_ENTROPY_BLOCK_SIZE) {
+        return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+    }
+
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+    /* Update the NV entropy seed before generating any entropy for outside
+     * use.
+     */
+    if (ctx->initial_entropy_run == 0) {
+        ctx->initial_entropy_run = 1;
+        if ((ret = mbedtls_entropy_update_nv_seed(ctx)) != 0) {
+            return ret;
+        }
+    }
+#endif
+
+#if defined(MBEDTLS_THREADING_C)
+    if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) {
+        return ret;
+    }
+#endif
+
+    /*
+     * Always gather extra entropy before a call
+     */
+    do {
+        if (count++ > ENTROPY_MAX_LOOP) {
+            ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+            goto exit;
+        }
+
+        if ((ret = entropy_gather_internal(ctx)) != 0) {
+            goto exit;
+        }
+
+        thresholds_reached = 1;
+        strong_size = 0;
+        for (i = 0; i < ctx->source_count; i++) {
+            if (ctx->source[i].size < ctx->source[i].threshold) {
+                thresholds_reached = 0;
+            }
+            if (ctx->source[i].strong == MBEDTLS_ENTROPY_SOURCE_STRONG) {
+                strong_size += ctx->source[i].size;
+            }
+        }
+    } while (!thresholds_reached || strong_size < MBEDTLS_ENTROPY_BLOCK_SIZE);
+
+    memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE);
+
+#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
+    /*
+     * Note that at this stage it is assumed that the accumulator was started
+     * in a previous call to entropy_update(). If this is not guaranteed, the
+     * code below will fail.
+     */
+    if ((ret = mbedtls_sha512_finish_ret(&ctx->accumulator, buf)) != 0) {
+        goto exit;
+    }
+
+    /*
+     * Reset accumulator and counters and recycle existing entropy
+     */
+    mbedtls_sha512_free(&ctx->accumulator);
+    mbedtls_sha512_init(&ctx->accumulator);
+    if ((ret = mbedtls_sha512_starts_ret(&ctx->accumulator, 0)) != 0) {
+        goto exit;
+    }
+    if ((ret = mbedtls_sha512_update_ret(&ctx->accumulator, buf,
+                                         MBEDTLS_ENTROPY_BLOCK_SIZE)) != 0) {
+        goto exit;
+    }
+
+    /*
+     * Perform second SHA-512 on entropy
+     */
+    if ((ret = mbedtls_sha512_ret(buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
+                                  buf, 0)) != 0) {
+        goto exit;
+    }
+#else /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */
+    if ((ret = mbedtls_sha256_finish_ret(&ctx->accumulator, buf)) != 0) {
+        goto exit;
+    }
+
+    /*
+     * Reset accumulator and counters and recycle existing entropy
+     */
+    mbedtls_sha256_free(&ctx->accumulator);
+    mbedtls_sha256_init(&ctx->accumulator);
+    if ((ret = mbedtls_sha256_starts_ret(&ctx->accumulator, 0)) != 0) {
+        goto exit;
+    }
+    if ((ret = mbedtls_sha256_update_ret(&ctx->accumulator, buf,
+                                         MBEDTLS_ENTROPY_BLOCK_SIZE)) != 0) {
+        goto exit;
+    }
+
+    /*
+     * Perform second SHA-256 on entropy
+     */
+    if ((ret = mbedtls_sha256_ret(buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
+                                  buf, 0)) != 0) {
+        goto exit;
+    }
+#endif /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */
+
+    for (i = 0; i < ctx->source_count; i++) {
+        ctx->source[i].size = 0;
+    }
+
+    memcpy(output, buf, len);
+
+    ret = 0;
+
+exit:
+    mbedtls_platform_zeroize(buf, sizeof(buf));
+
+#if defined(MBEDTLS_THREADING_C)
+    if (mbedtls_mutex_unlock(&ctx->mutex) != 0) {
+        return MBEDTLS_ERR_THREADING_MUTEX_ERROR;
+    }
+#endif
+
+    return ret;
+}
+
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+int mbedtls_entropy_update_nv_seed(mbedtls_entropy_context *ctx)
+{
+    int ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
+    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
+
+    /* Read new seed  and write it to NV */
+    if ((ret = mbedtls_entropy_func(ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE)) != 0) {
+        return ret;
+    }
+
+    if (mbedtls_nv_seed_write(buf, MBEDTLS_ENTROPY_BLOCK_SIZE) < 0) {
+        return MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
+    }
+
+    /* Manually update the remaining stream with a separator value to diverge */
+    memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE);
+    ret = mbedtls_entropy_update_manual(ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE);
+
+    return ret;
+}
+#endif /* MBEDTLS_ENTROPY_NV_SEED */
+
+#if defined(MBEDTLS_FS_IO)
+int mbedtls_entropy_write_seed_file(mbedtls_entropy_context *ctx, const char *path)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    FILE *f = NULL;
+    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
+
+    if ((ret = mbedtls_entropy_func(ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE)) != 0) {
+        ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+        goto exit;
+    }
+
+    if ((f = fopen(path, "wb")) == NULL) {
+        ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
+        goto exit;
+    }
+
+    if (fwrite(buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f) != MBEDTLS_ENTROPY_BLOCK_SIZE) {
+        ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
+        goto exit;
+    }
+
+    ret = 0;
+
+exit:
+    mbedtls_platform_zeroize(buf, sizeof(buf));
+
+    if (f != NULL) {
+        fclose(f);
+    }
+
+    return ret;
+}
+
+int mbedtls_entropy_update_seed_file(mbedtls_entropy_context *ctx, const char *path)
+{
+    int ret = 0;
+    FILE *f;
+    size_t n;
+    unsigned char buf[MBEDTLS_ENTROPY_MAX_SEED_SIZE];
+
+    if ((f = fopen(path, "rb")) == NULL) {
+        return MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
+    }
+
+    fseek(f, 0, SEEK_END);
+    n = (size_t) ftell(f);
+    fseek(f, 0, SEEK_SET);
+
+    if (n > MBEDTLS_ENTROPY_MAX_SEED_SIZE) {
+        n = MBEDTLS_ENTROPY_MAX_SEED_SIZE;
+    }
+
+    if (fread(buf, 1, n, f) != n) {
+        ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
+    } else {
+        ret = mbedtls_entropy_update_manual(ctx, buf, n);
+    }
+
+    fclose(f);
+
+    mbedtls_platform_zeroize(buf, sizeof(buf));
+
+    if (ret != 0) {
+        return ret;
+    }
+
+    return mbedtls_entropy_write_seed_file(ctx, path);
+}
+#endif /* MBEDTLS_FS_IO */
+
+#if defined(MBEDTLS_SELF_TEST)
+#if !defined(MBEDTLS_TEST_NULL_ENTROPY)
+/*
+ * Dummy source function
+ */
+static int entropy_dummy_source(void *data, unsigned char *output,
+                                size_t len, size_t *olen)
+{
+    ((void) data);
+
+    memset(output, 0x2a, len);
+    *olen = len;
+
+    return 0;
+}
+#endif /* !MBEDTLS_TEST_NULL_ENTROPY */
+
+#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+
+static int mbedtls_entropy_source_self_test_gather(unsigned char *buf, size_t buf_len)
+{
+    int ret = 0;
+    size_t entropy_len = 0;
+    size_t olen = 0;
+    size_t attempts = buf_len;
+
+    while (attempts > 0 && entropy_len < buf_len) {
+        if ((ret = mbedtls_hardware_poll(NULL, buf + entropy_len,
+                                         buf_len - entropy_len, &olen)) != 0) {
+            return ret;
+        }
+
+        entropy_len += olen;
+        attempts--;
+    }
+
+    if (entropy_len < buf_len) {
+        ret = 1;
+    }
+
+    return ret;
+}
+
+
+static int mbedtls_entropy_source_self_test_check_bits(const unsigned char *buf,
+                                                       size_t buf_len)
+{
+    unsigned char set = 0xFF;
+    unsigned char unset = 0x00;
+    size_t i;
+
+    for (i = 0; i < buf_len; i++) {
+        set &= buf[i];
+        unset |= buf[i];
+    }
+
+    return set == 0xFF || unset == 0x00;
+}
+
+/*
+ * A test to ensure that the entropy sources are functioning correctly
+ * and there is no obvious failure. The test performs the following checks:
+ *  - The entropy source is not providing only 0s (all bits unset) or 1s (all
+ *    bits set).
+ *  - The entropy source is not providing values in a pattern. Because the
+ *    hardware could be providing data in an arbitrary length, this check polls
+ *    the hardware entropy source twice and compares the result to ensure they
+ *    are not equal.
+ *  - The error code returned by the entropy source is not an error.
+ */
+int mbedtls_entropy_source_self_test(int verbose)
+{
+    int ret = 0;
+    unsigned char buf0[2 * sizeof(unsigned long long int)];
+    unsigned char buf1[2 * sizeof(unsigned long long int)];
+
+    if (verbose != 0) {
+        mbedtls_printf("  ENTROPY_BIAS test: ");
+    }
+
+    memset(buf0, 0x00, sizeof(buf0));
+    memset(buf1, 0x00, sizeof(buf1));
+
+    if ((ret = mbedtls_entropy_source_self_test_gather(buf0, sizeof(buf0))) != 0) {
+        goto cleanup;
+    }
+    if ((ret = mbedtls_entropy_source_self_test_gather(buf1, sizeof(buf1))) != 0) {
+        goto cleanup;
+    }
+
+    /* Make sure that the returned values are not all 0 or 1 */
+    if ((ret = mbedtls_entropy_source_self_test_check_bits(buf0, sizeof(buf0))) != 0) {
+        goto cleanup;
+    }
+    if ((ret = mbedtls_entropy_source_self_test_check_bits(buf1, sizeof(buf1))) != 0) {
+        goto cleanup;
+    }
+
+    /* Make sure that the entropy source is not returning values in a
+     * pattern */
+    ret = memcmp(buf0, buf1, sizeof(buf0)) == 0;
+
+cleanup:
+    if (verbose != 0) {
+        if (ret != 0) {
+            mbedtls_printf("failed\n");
+        } else {
+            mbedtls_printf("passed\n");
+        }
+
+        mbedtls_printf("\n");
+    }
+
+    return ret != 0;
+}
+
+#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */
+
+/*
+ * The actual entropy quality is hard to test, but we can at least
+ * test that the functions don't cause errors and write the correct
+ * amount of data to buffers.
+ */
+int mbedtls_entropy_self_test(int verbose)
+{
+    int ret = 1;
+#if !defined(MBEDTLS_TEST_NULL_ENTROPY)
+    mbedtls_entropy_context ctx;
+    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
+    unsigned char acc[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
+    size_t i, j;
+#endif /* !MBEDTLS_TEST_NULL_ENTROPY */
+
+    if (verbose != 0) {
+        mbedtls_printf("  ENTROPY test: ");
+    }
+
+#if !defined(MBEDTLS_TEST_NULL_ENTROPY)
+    mbedtls_entropy_init(&ctx);
+
+    /* First do a gather to make sure we have default sources */
+    if ((ret = mbedtls_entropy_gather(&ctx)) != 0) {
+        goto cleanup;
+    }
+
+    ret = mbedtls_entropy_add_source(&ctx, entropy_dummy_source, NULL, 16,
+                                     MBEDTLS_ENTROPY_SOURCE_WEAK);
+    if (ret != 0) {
+        goto cleanup;
+    }
+
+    if ((ret = mbedtls_entropy_update_manual(&ctx, buf, sizeof(buf))) != 0) {
+        goto cleanup;
+    }
+
+    /*
+     * To test that mbedtls_entropy_func writes correct number of bytes:
+     * - use the whole buffer and rely on ASan to detect overruns
+     * - collect entropy 8 times and OR the result in an accumulator:
+     *   any byte should then be 0 with probably 2^(-64), so requiring
+     *   each of the 32 or 64 bytes to be non-zero has a false failure rate
+     *   of at most 2^(-58) which is acceptable.
+     */
+    for (i = 0; i < 8; i++) {
+        if ((ret = mbedtls_entropy_func(&ctx, buf, sizeof(buf))) != 0) {
+            goto cleanup;
+        }
+
+        for (j = 0; j < sizeof(buf); j++) {
+            acc[j] |= buf[j];
+        }
+    }
+
+    for (j = 0; j < sizeof(buf); j++) {
+        if (acc[j] == 0) {
+            ret = 1;
+            goto cleanup;
+        }
+    }
+
+#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+    if ((ret = mbedtls_entropy_source_self_test(0)) != 0) {
+        goto cleanup;
+    }
+#endif
+
+cleanup:
+    mbedtls_entropy_free(&ctx);
+#endif /* !MBEDTLS_TEST_NULL_ENTROPY */
+
+    if (verbose != 0) {
+        if (ret != 0) {
+            mbedtls_printf("failed\n");
+        } else {
+            mbedtls_printf("passed\n");
+        }
+
+        mbedtls_printf("\n");
+    }
+
+    return ret != 0;
+}
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_ENTROPY_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/entropy_poll.c b/3rdparty/mbedtls-2.28.7/library/entropy_poll.c
new file mode 100644
index 0000000..cde49e6
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/entropy_poll.c
@@ -0,0 +1,281 @@
+/*
+ *  Platform-specific and custom entropy polling functions
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if defined(__linux__) && !defined(_GNU_SOURCE)
+/* Ensure that syscall() is available even when compiling with -std=c99 */
+#define _GNU_SOURCE
+#endif
+
+#include "common.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_ENTROPY_C)
+
+#include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
+#include "mbedtls/error.h"
+
+#if defined(MBEDTLS_TIMING_C)
+#include "mbedtls/timing.h"
+#endif
+#if defined(MBEDTLS_HAVEGE_C)
+#include "mbedtls/havege.h"
+#endif
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
+
+#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \
+    !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \
+    !defined(__HAIKU__) && !defined(__midipix__)
+#error \
+    "Platform entropy sources only work on Unix and Windows, see MBEDTLS_NO_PLATFORM_ENTROPY in config.h"
+#endif
+
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+
+#if !defined(_WIN32_WINNT)
+#define _WIN32_WINNT 0x0400
+#endif
+#include <windows.h>
+#include <wincrypt.h>
+
+int mbedtls_platform_entropy_poll(void *data, unsigned char *output, size_t len,
+                                  size_t *olen)
+{
+    HCRYPTPROV provider;
+    ((void) data);
+    *olen = 0;
+
+    if (CryptAcquireContext(&provider, NULL, NULL,
+                            PROV_RSA_FULL, CRYPT_VERIFYCONTEXT) == FALSE) {
+        return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+    }
+
+    if (CryptGenRandom(provider, (DWORD) len, output) == FALSE) {
+        CryptReleaseContext(provider, 0);
+        return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+    }
+
+    CryptReleaseContext(provider, 0);
+    *olen = len;
+
+    return 0;
+}
+#else /* _WIN32 && !EFIX64 && !EFI32 */
+
+/*
+ * Test for Linux getrandom() support.
+ * Since there is no wrapper in the libc yet, use the generic syscall wrapper
+ * available in GNU libc and compatible libc's (eg uClibc).
+ */
+#if ((defined(__linux__) && defined(__GLIBC__)) || defined(__midipix__))
+#include <unistd.h>
+#include <sys/syscall.h>
+#if defined(SYS_getrandom)
+#define HAVE_GETRANDOM
+#include <errno.h>
+
+static int getrandom_wrapper(void *buf, size_t buflen, unsigned int flags)
+{
+    /* MemSan cannot understand that the syscall writes to the buffer */
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer)
+    memset(buf, 0, buflen);
+#endif
+#endif
+    return syscall(SYS_getrandom, buf, buflen, flags);
+}
+#endif /* SYS_getrandom */
+#endif /* __linux__ || __midipix__ */
+
+#if defined(__FreeBSD__) || defined(__DragonFly__)
+#include <sys/param.h>
+#if (defined(__FreeBSD__) && __FreeBSD_version >= 1200000) || \
+    (defined(__DragonFly__) && __DragonFly_version >= 500700)
+#include <errno.h>
+#include <sys/random.h>
+#define HAVE_GETRANDOM
+static int getrandom_wrapper(void *buf, size_t buflen, unsigned int flags)
+{
+    return getrandom(buf, buflen, flags);
+}
+#endif /* (__FreeBSD__ && __FreeBSD_version >= 1200000) ||
+          (__DragonFly__ && __DragonFly_version >= 500700) */
+#endif /* __FreeBSD__ || __DragonFly__ */
+
+/*
+ * Some BSD systems provide KERN_ARND.
+ * This is equivalent to reading from /dev/urandom, only it doesn't require an
+ * open file descriptor, and provides up to 256 bytes per call (basically the
+ * same as getentropy(), but with a longer history).
+ *
+ * Documentation: https://netbsd.gw.com/cgi-bin/man-cgi?sysctl+7
+ */
+#if (defined(__FreeBSD__) || defined(__NetBSD__)) && !defined(HAVE_GETRANDOM)
+#include <sys/param.h>
+#include <sys/sysctl.h>
+#if defined(KERN_ARND)
+#define HAVE_SYSCTL_ARND
+
+static int sysctl_arnd_wrapper(unsigned char *buf, size_t buflen)
+{
+    int name[2];
+    size_t len;
+
+    name[0] = CTL_KERN;
+    name[1] = KERN_ARND;
+
+    while (buflen > 0) {
+        len = buflen > 256 ? 256 : buflen;
+        if (sysctl(name, 2, buf, &len, NULL, 0) == -1) {
+            return -1;
+        }
+        buflen -= len;
+        buf += len;
+    }
+    return 0;
+}
+#endif /* KERN_ARND */
+#endif /* __FreeBSD__ || __NetBSD__ */
+
+#include <stdio.h>
+
+int mbedtls_platform_entropy_poll(void *data,
+                                  unsigned char *output, size_t len, size_t *olen)
+{
+    FILE *file;
+    size_t read_len;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    ((void) data);
+
+#if defined(HAVE_GETRANDOM)
+    ret = getrandom_wrapper(output, len, 0);
+    if (ret >= 0) {
+        *olen = ret;
+        return 0;
+    } else if (errno != ENOSYS) {
+        return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+    }
+    /* Fall through if the system call isn't known. */
+#else
+    ((void) ret);
+#endif /* HAVE_GETRANDOM */
+
+#if defined(HAVE_SYSCTL_ARND)
+    ((void) file);
+    ((void) read_len);
+    if (sysctl_arnd_wrapper(output, len) == -1) {
+        return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+    }
+    *olen = len;
+    return 0;
+#else
+
+    *olen = 0;
+
+    file = fopen("/dev/urandom", "rb");
+    if (file == NULL) {
+        return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+    }
+
+    read_len = fread(output, 1, len, file);
+    if (read_len != len) {
+        fclose(file);
+        return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+    }
+
+    fclose(file);
+    *olen = len;
+
+    return 0;
+#endif /* HAVE_SYSCTL_ARND */
+}
+#endif /* _WIN32 && !EFIX64 && !EFI32 */
+#endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */
+
+#if defined(MBEDTLS_TEST_NULL_ENTROPY)
+int mbedtls_null_entropy_poll(void *data,
+                              unsigned char *output, size_t len, size_t *olen)
+{
+    ((void) data);
+    ((void) output);
+
+    *olen = 0;
+    if (len < sizeof(unsigned char)) {
+        return 0;
+    }
+
+    output[0] = 0;
+    *olen = sizeof(unsigned char);
+    return 0;
+}
+#endif
+
+#if defined(MBEDTLS_TIMING_C)
+int mbedtls_hardclock_poll(void *data,
+                           unsigned char *output, size_t len, size_t *olen)
+{
+    unsigned long timer = mbedtls_timing_hardclock();
+    ((void) data);
+    *olen = 0;
+
+    if (len < sizeof(unsigned long)) {
+        return 0;
+    }
+
+    memcpy(output, &timer, sizeof(unsigned long));
+    *olen = sizeof(unsigned long);
+
+    return 0;
+}
+#endif /* MBEDTLS_TIMING_C */
+
+#if defined(MBEDTLS_HAVEGE_C)
+int mbedtls_havege_poll(void *data,
+                        unsigned char *output, size_t len, size_t *olen)
+{
+    mbedtls_havege_state *hs = (mbedtls_havege_state *) data;
+    *olen = 0;
+
+    if (mbedtls_havege_random(hs, output, len) != 0) {
+        return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+    }
+
+    *olen = len;
+
+    return 0;
+}
+#endif /* MBEDTLS_HAVEGE_C */
+
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+int mbedtls_nv_seed_poll(void *data,
+                         unsigned char *output, size_t len, size_t *olen)
+{
+    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
+    size_t use_len = MBEDTLS_ENTROPY_BLOCK_SIZE;
+    ((void) data);
+
+    memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE);
+
+    if (mbedtls_nv_seed_read(buf, MBEDTLS_ENTROPY_BLOCK_SIZE) < 0) {
+        return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+    }
+
+    if (len < use_len) {
+        use_len = len;
+    }
+
+    memcpy(output, buf, use_len);
+    *olen = use_len;
+
+    return 0;
+}
+#endif /* MBEDTLS_ENTROPY_NV_SEED */
+
+#endif /* MBEDTLS_ENTROPY_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/error.c b/3rdparty/mbedtls-2.28.7/library/error.c
similarity index 94%
rename from 3rdparty/mbedtls-2.25.0/library/error.c
rename to 3rdparty/mbedtls-2.28.7/library/error.c
index 901a369..cb7ad57 100644
--- a/3rdparty/mbedtls-2.25.0/library/error.c
+++ b/3rdparty/mbedtls-2.28.7/library/error.c
@@ -2,19 +2,7 @@
  *  Error message information
  *
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #include "common.h"
@@ -25,11 +13,7 @@
 
 #if defined(MBEDTLS_ERROR_C)
 
-#if defined(MBEDTLS_PLATFORM_C)
 #include "mbedtls/platform.h"
-#else
-#define mbedtls_snprintf snprintf
-#endif
 
 #include <stdio.h>
 #include <string.h>
@@ -211,20 +195,20 @@
 #endif
 
 
-const char * mbedtls_high_level_strerr( int error_code )
+const char *mbedtls_high_level_strerr(int error_code)
 {
     int high_level_error_code;
 
-    if( error_code < 0 )
+    if (error_code < 0) {
         error_code = -error_code;
+    }
 
     /* Extract the high-level part from the error code. */
     high_level_error_code = error_code & 0xFF80;
 
-    switch( high_level_error_code )
-    {
-        /* Begin Auto-Generated Code. */
-#if defined(MBEDTLS_CIPHER_C)
+    switch (high_level_error_code) {
+    /* Begin Auto-Generated Code. */
+    #if defined(MBEDTLS_CIPHER_C)
         case -(MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE):
             return( "CIPHER - The selected feature is not available" );
         case -(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA):
@@ -522,6 +506,8 @@ const char * mbedtls_high_level_strerr( int error_code )
             return( "SSL - A cryptographic operation is in progress. Try again later" );
         case -(MBEDTLS_ERR_SSL_BAD_CONFIG):
             return( "SSL - Invalid value in SSL config" );
+        case -(MBEDTLS_ERR_SSL_CACHE_ENTRY_NOT_FOUND):
+            return( "SSL - Cache entry not found" );
 #endif /* MBEDTLS_SSL_TLS_C */
 
 #if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
@@ -572,23 +558,23 @@ const char * mbedtls_high_level_strerr( int error_code )
             break;
     }
 
-    return( NULL );
+    return NULL;
 }
 
-const char * mbedtls_low_level_strerr( int error_code )
+const char *mbedtls_low_level_strerr(int error_code)
 {
     int low_level_error_code;
 
-    if( error_code < 0 )
+    if (error_code < 0) {
         error_code = -error_code;
+    }
 
     /* Extract the low-level part from the error code. */
     low_level_error_code = error_code & ~0xFF80;
 
-    switch( low_level_error_code )
-    {
-        /* Begin Auto-Generated Code. */
-#if defined(MBEDTLS_AES_C)
+    switch (low_level_error_code) {
+    /* Begin Auto-Generated Code. */
+    #if defined(MBEDTLS_AES_C)
         case -(MBEDTLS_ERR_AES_INVALID_KEY_LENGTH):
             return( "AES - Invalid key length" );
         case -(MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH):
@@ -890,87 +876,97 @@ const char * mbedtls_low_level_strerr( int error_code )
             break;
     }
 
-    return( NULL );
+    return NULL;
 }
 
-void mbedtls_strerror( int ret, char *buf, size_t buflen )
+void mbedtls_strerror(int ret, char *buf, size_t buflen)
 {
     size_t len;
     int use_ret;
-    const char * high_level_error_description = NULL;
-    const char * low_level_error_description = NULL;
+    const char *high_level_error_description = NULL;
+    const char *low_level_error_description = NULL;
 
-    if( buflen == 0 )
+    if (buflen == 0) {
         return;
+    }
 
-    memset( buf, 0x00, buflen );
+    memset(buf, 0x00, buflen);
 
-    if( ret < 0 )
+    if (ret < 0) {
         ret = -ret;
+    }
 
-    if( ret & 0xFF80 )
-    {
+    if (ret & 0xFF80) {
         use_ret = ret & 0xFF80;
 
         // Translate high level error code.
-        high_level_error_description = mbedtls_high_level_strerr( ret );
+        high_level_error_description = mbedtls_high_level_strerr(ret);
 
-        if( high_level_error_description == NULL )
-            mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret );
-        else
-            mbedtls_snprintf( buf, buflen, "%s", high_level_error_description );
+        if (high_level_error_description == NULL) {
+            mbedtls_snprintf(buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret);
+        } else {
+            mbedtls_snprintf(buf, buflen, "%s", high_level_error_description);
+        }
 
 #if defined(MBEDTLS_SSL_TLS_C)
         // Early return in case of a fatal error - do not try to translate low
         // level code.
-        if(use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE))
+        if (use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE)) {
             return;
+        }
 #endif /* MBEDTLS_SSL_TLS_C */
     }
 
     use_ret = ret & ~0xFF80;
 
-    if( use_ret == 0 )
+    if (use_ret == 0) {
         return;
+    }
 
     // If high level code is present, make a concatenation between both
     // error strings.
     //
-    len = strlen( buf );
+    len = strlen(buf);
 
-    if( len > 0 )
-    {
-        if( buflen - len < 5 )
+    if (len > 0) {
+        if (buflen - len < 5) {
             return;
+        }
 
-        mbedtls_snprintf( buf + len, buflen - len, " : " );
+        mbedtls_snprintf(buf + len, buflen - len, " : ");
 
         buf += len + 3;
         buflen -= len + 3;
     }
 
     // Translate low level error code.
-    low_level_error_description = mbedtls_low_level_strerr( ret );
+    low_level_error_description = mbedtls_low_level_strerr(ret);
 
-    if( low_level_error_description == NULL )
-        mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret );
-    else
-        mbedtls_snprintf( buf, buflen, "%s", low_level_error_description );
+    if (low_level_error_description == NULL) {
+        mbedtls_snprintf(buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret);
+    } else {
+        mbedtls_snprintf(buf, buflen, "%s", low_level_error_description);
+    }
 }
 
 #else /* MBEDTLS_ERROR_C */
 
 /*
- * Provide an non-function in case MBEDTLS_ERROR_C is not defined
+ * Provide a dummy implementation when MBEDTLS_ERROR_C is not defined
  */
-void mbedtls_strerror( int ret, char *buf, size_t buflen )
+void mbedtls_strerror(int ret, char *buf, size_t buflen)
 {
     ((void) ret);
 
-    if( buflen > 0 )
+    if (buflen > 0) {
         buf[0] = '\0';
+    }
 }
 
 #endif /* MBEDTLS_ERROR_C */
 
+#if defined(MBEDTLS_TEST_HOOKS)
+void (*mbedtls_test_hook_error_add)(int, int, const char *, int);
+#endif
+
 #endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */
diff --git a/3rdparty/mbedtls-2.28.7/library/gcm.c b/3rdparty/mbedtls-2.28.7/library/gcm.c
new file mode 100644
index 0000000..86d5fa2
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/gcm.c
@@ -0,0 +1,1012 @@
+/*
+ *  NIST SP800-38D compliant GCM implementation
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ * http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf
+ *
+ * See also:
+ * [MGV] http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf
+ *
+ * We use the algorithm described as Shoup's method with 4-bit tables in
+ * [MGV] 4.1, pp. 12-13, to enhance speed without using too much memory.
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_GCM_C)
+
+#include "mbedtls/gcm.h"
+#include "mbedtls/platform.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+#include "mbedtls/constant_time.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_AESNI_C)
+#include "mbedtls/aesni.h"
+#endif
+
+#if !defined(MBEDTLS_GCM_ALT)
+
+/* Parameter validation macros */
+#define GCM_VALIDATE_RET(cond) \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_GCM_BAD_INPUT)
+#define GCM_VALIDATE(cond) \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+/*
+ * Initialize a context
+ */
+void mbedtls_gcm_init(mbedtls_gcm_context *ctx)
+{
+    GCM_VALIDATE(ctx != NULL);
+    memset(ctx, 0, sizeof(mbedtls_gcm_context));
+}
+
+/*
+ * Precompute small multiples of H, that is set
+ *      HH[i] || HL[i] = H times i,
+ * where i is seen as a field element as in [MGV], ie high-order bits
+ * correspond to low powers of P. The result is stored in the same way, that
+ * is the high-order bit of HH corresponds to P^0 and the low-order bit of HL
+ * corresponds to P^127.
+ */
+static int gcm_gen_table(mbedtls_gcm_context *ctx)
+{
+    int ret, i, j;
+    uint64_t hi, lo;
+    uint64_t vl, vh;
+    unsigned char h[16];
+    size_t olen = 0;
+
+    memset(h, 0, 16);
+    if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, h, 16, h, &olen)) != 0) {
+        return ret;
+    }
+
+    /* pack h as two 64-bits ints, big-endian */
+    hi = MBEDTLS_GET_UINT32_BE(h,  0);
+    lo = MBEDTLS_GET_UINT32_BE(h,  4);
+    vh = (uint64_t) hi << 32 | lo;
+
+    hi = MBEDTLS_GET_UINT32_BE(h,  8);
+    lo = MBEDTLS_GET_UINT32_BE(h,  12);
+    vl = (uint64_t) hi << 32 | lo;
+
+    /* 8 = 1000 corresponds to 1 in GF(2^128) */
+    ctx->HL[8] = vl;
+    ctx->HH[8] = vh;
+
+#if defined(MBEDTLS_AESNI_HAVE_CODE)
+    /* With CLMUL support, we need only h, not the rest of the table */
+    if (mbedtls_aesni_has_support(MBEDTLS_AESNI_CLMUL)) {
+        return 0;
+    }
+#endif
+
+    /* 0 corresponds to 0 in GF(2^128) */
+    ctx->HH[0] = 0;
+    ctx->HL[0] = 0;
+
+    for (i = 4; i > 0; i >>= 1) {
+        uint32_t T = (vl & 1) * 0xe1000000U;
+        vl  = (vh << 63) | (vl >> 1);
+        vh  = (vh >> 1) ^ ((uint64_t) T << 32);
+
+        ctx->HL[i] = vl;
+        ctx->HH[i] = vh;
+    }
+
+    for (i = 2; i <= 8; i *= 2) {
+        uint64_t *HiL = ctx->HL + i, *HiH = ctx->HH + i;
+        vh = *HiH;
+        vl = *HiL;
+        for (j = 1; j < i; j++) {
+            HiH[j] = vh ^ ctx->HH[j];
+            HiL[j] = vl ^ ctx->HL[j];
+        }
+    }
+
+    return 0;
+}
+
+int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx,
+                       mbedtls_cipher_id_t cipher,
+                       const unsigned char *key,
+                       unsigned int keybits)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const mbedtls_cipher_info_t *cipher_info;
+
+    GCM_VALIDATE_RET(ctx != NULL);
+    GCM_VALIDATE_RET(key != NULL);
+    GCM_VALIDATE_RET(keybits == 128 || keybits == 192 || keybits == 256);
+
+    cipher_info = mbedtls_cipher_info_from_values(cipher, keybits,
+                                                  MBEDTLS_MODE_ECB);
+    if (cipher_info == NULL) {
+        return MBEDTLS_ERR_GCM_BAD_INPUT;
+    }
+
+    if (cipher_info->block_size != 16) {
+        return MBEDTLS_ERR_GCM_BAD_INPUT;
+    }
+
+    mbedtls_cipher_free(&ctx->cipher_ctx);
+
+    if ((ret = mbedtls_cipher_setup(&ctx->cipher_ctx, cipher_info)) != 0) {
+        return ret;
+    }
+
+    if ((ret = mbedtls_cipher_setkey(&ctx->cipher_ctx, key, keybits,
+                                     MBEDTLS_ENCRYPT)) != 0) {
+        return ret;
+    }
+
+    if ((ret = gcm_gen_table(ctx)) != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+
+/*
+ * Shoup's method for multiplication use this table with
+ *      last4[x] = x times P^128
+ * where x and last4[x] are seen as elements of GF(2^128) as in [MGV]
+ */
+static const uint64_t last4[16] =
+{
+    0x0000, 0x1c20, 0x3840, 0x2460,
+    0x7080, 0x6ca0, 0x48c0, 0x54e0,
+    0xe100, 0xfd20, 0xd940, 0xc560,
+    0x9180, 0x8da0, 0xa9c0, 0xb5e0
+};
+
+/*
+ * Sets output to x times H using the precomputed tables.
+ * x and output are seen as elements of GF(2^128) as in [MGV].
+ */
+static void gcm_mult(mbedtls_gcm_context *ctx, const unsigned char x[16],
+                     unsigned char output[16])
+{
+    int i = 0;
+    unsigned char lo, hi, rem;
+    uint64_t zh, zl;
+
+#if defined(MBEDTLS_AESNI_HAVE_CODE)
+    if (mbedtls_aesni_has_support(MBEDTLS_AESNI_CLMUL)) {
+        unsigned char h[16];
+
+        MBEDTLS_PUT_UINT32_BE(ctx->HH[8] >> 32, h,  0);
+        MBEDTLS_PUT_UINT32_BE(ctx->HH[8],       h,  4);
+        MBEDTLS_PUT_UINT32_BE(ctx->HL[8] >> 32, h,  8);
+        MBEDTLS_PUT_UINT32_BE(ctx->HL[8],       h, 12);
+
+        mbedtls_aesni_gcm_mult(output, x, h);
+        return;
+    }
+#endif /* MBEDTLS_AESNI_HAVE_CODE */
+
+    lo = x[15] & 0xf;
+
+    zh = ctx->HH[lo];
+    zl = ctx->HL[lo];
+
+    for (i = 15; i >= 0; i--) {
+        lo = x[i] & 0xf;
+        hi = (x[i] >> 4) & 0xf;
+
+        if (i != 15) {
+            rem = (unsigned char) zl & 0xf;
+            zl = (zh << 60) | (zl >> 4);
+            zh = (zh >> 4);
+            zh ^= (uint64_t) last4[rem] << 48;
+            zh ^= ctx->HH[lo];
+            zl ^= ctx->HL[lo];
+
+        }
+
+        rem = (unsigned char) zl & 0xf;
+        zl = (zh << 60) | (zl >> 4);
+        zh = (zh >> 4);
+        zh ^= (uint64_t) last4[rem] << 48;
+        zh ^= ctx->HH[hi];
+        zl ^= ctx->HL[hi];
+    }
+
+    MBEDTLS_PUT_UINT32_BE(zh >> 32, output, 0);
+    MBEDTLS_PUT_UINT32_BE(zh, output, 4);
+    MBEDTLS_PUT_UINT32_BE(zl >> 32, output, 8);
+    MBEDTLS_PUT_UINT32_BE(zl, output, 12);
+}
+
+int mbedtls_gcm_starts(mbedtls_gcm_context *ctx,
+                       int mode,
+                       const unsigned char *iv,
+                       size_t iv_len,
+                       const unsigned char *add,
+                       size_t add_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char work_buf[16];
+    size_t i;
+    const unsigned char *p;
+    size_t use_len, olen = 0;
+    uint64_t iv_bits;
+
+    GCM_VALIDATE_RET(ctx != NULL);
+    GCM_VALIDATE_RET(iv != NULL);
+    GCM_VALIDATE_RET(add_len == 0 || add != NULL);
+
+    /* IV and AD are limited to 2^64 bits, so 2^61 bytes */
+    /* IV is not allowed to be zero length */
+    if (iv_len == 0 ||
+        ((uint64_t) iv_len) >> 61 != 0 ||
+        ((uint64_t) add_len) >> 61 != 0) {
+        return MBEDTLS_ERR_GCM_BAD_INPUT;
+    }
+
+    memset(ctx->y, 0x00, sizeof(ctx->y));
+    memset(ctx->buf, 0x00, sizeof(ctx->buf));
+
+    ctx->mode = mode;
+    ctx->len = 0;
+    ctx->add_len = 0;
+
+    if (iv_len == 12) {
+        memcpy(ctx->y, iv, iv_len);
+        ctx->y[15] = 1;
+    } else {
+        memset(work_buf, 0x00, 16);
+        iv_bits = (uint64_t) iv_len * 8;
+        MBEDTLS_PUT_UINT64_BE(iv_bits, work_buf, 8);
+
+        p = iv;
+        while (iv_len > 0) {
+            use_len = (iv_len < 16) ? iv_len : 16;
+
+            for (i = 0; i < use_len; i++) {
+                ctx->y[i] ^= p[i];
+            }
+
+            gcm_mult(ctx, ctx->y, ctx->y);
+
+            iv_len -= use_len;
+            p += use_len;
+        }
+
+        for (i = 0; i < 16; i++) {
+            ctx->y[i] ^= work_buf[i];
+        }
+
+        gcm_mult(ctx, ctx->y, ctx->y);
+    }
+
+    if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16,
+                                     ctx->base_ectr, &olen)) != 0) {
+        return ret;
+    }
+
+    ctx->add_len = add_len;
+    p = add;
+    while (add_len > 0) {
+        use_len = (add_len < 16) ? add_len : 16;
+
+        for (i = 0; i < use_len; i++) {
+            ctx->buf[i] ^= p[i];
+        }
+
+        gcm_mult(ctx, ctx->buf, ctx->buf);
+
+        add_len -= use_len;
+        p += use_len;
+    }
+
+    return 0;
+}
+
+int mbedtls_gcm_update(mbedtls_gcm_context *ctx,
+                       size_t length,
+                       const unsigned char *input,
+                       unsigned char *output)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char ectr[16];
+    size_t i;
+    const unsigned char *p;
+    unsigned char *out_p = output;
+    size_t use_len, olen = 0;
+
+    GCM_VALIDATE_RET(ctx != NULL);
+    GCM_VALIDATE_RET(length == 0 || input != NULL);
+    GCM_VALIDATE_RET(length == 0 || output != NULL);
+
+    if (output > input && (size_t) (output - input) < length) {
+        return MBEDTLS_ERR_GCM_BAD_INPUT;
+    }
+
+    /* Total length is restricted to 2^39 - 256 bits, ie 2^36 - 2^5 bytes
+     * Also check for possible overflow */
+    if (ctx->len + length < ctx->len ||
+        (uint64_t) ctx->len + length > 0xFFFFFFFE0ull) {
+        return MBEDTLS_ERR_GCM_BAD_INPUT;
+    }
+
+    ctx->len += length;
+
+    p = input;
+    while (length > 0) {
+        use_len = (length < 16) ? length : 16;
+
+        for (i = 16; i > 12; i--) {
+            if (++ctx->y[i - 1] != 0) {
+                break;
+            }
+        }
+
+        if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ectr,
+                                         &olen)) != 0) {
+            return ret;
+        }
+
+        for (i = 0; i < use_len; i++) {
+            if (ctx->mode == MBEDTLS_GCM_DECRYPT) {
+                ctx->buf[i] ^= p[i];
+            }
+            out_p[i] = ectr[i] ^ p[i];
+            if (ctx->mode == MBEDTLS_GCM_ENCRYPT) {
+                ctx->buf[i] ^= out_p[i];
+            }
+        }
+
+        gcm_mult(ctx, ctx->buf, ctx->buf);
+
+        length -= use_len;
+        p += use_len;
+        out_p += use_len;
+    }
+
+    return 0;
+}
+
+int mbedtls_gcm_finish(mbedtls_gcm_context *ctx,
+                       unsigned char *tag,
+                       size_t tag_len)
+{
+    unsigned char work_buf[16];
+    size_t i;
+    uint64_t orig_len;
+    uint64_t orig_add_len;
+
+    GCM_VALIDATE_RET(ctx != NULL);
+    GCM_VALIDATE_RET(tag != NULL);
+
+    orig_len = ctx->len * 8;
+    orig_add_len = ctx->add_len * 8;
+
+    if (tag_len > 16 || tag_len < 4) {
+        return MBEDTLS_ERR_GCM_BAD_INPUT;
+    }
+
+    memcpy(tag, ctx->base_ectr, tag_len);
+
+    if (orig_len || orig_add_len) {
+        memset(work_buf, 0x00, 16);
+
+        MBEDTLS_PUT_UINT32_BE((orig_add_len >> 32), work_buf, 0);
+        MBEDTLS_PUT_UINT32_BE((orig_add_len), work_buf, 4);
+        MBEDTLS_PUT_UINT32_BE((orig_len     >> 32), work_buf, 8);
+        MBEDTLS_PUT_UINT32_BE((orig_len), work_buf, 12);
+
+        for (i = 0; i < 16; i++) {
+            ctx->buf[i] ^= work_buf[i];
+        }
+
+        gcm_mult(ctx, ctx->buf, ctx->buf);
+
+        for (i = 0; i < tag_len; i++) {
+            tag[i] ^= ctx->buf[i];
+        }
+    }
+
+    return 0;
+}
+
+int mbedtls_gcm_crypt_and_tag(mbedtls_gcm_context *ctx,
+                              int mode,
+                              size_t length,
+                              const unsigned char *iv,
+                              size_t iv_len,
+                              const unsigned char *add,
+                              size_t add_len,
+                              const unsigned char *input,
+                              unsigned char *output,
+                              size_t tag_len,
+                              unsigned char *tag)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    GCM_VALIDATE_RET(ctx != NULL);
+    GCM_VALIDATE_RET(iv != NULL);
+    GCM_VALIDATE_RET(add_len == 0 || add != NULL);
+    GCM_VALIDATE_RET(length == 0 || input != NULL);
+    GCM_VALIDATE_RET(length == 0 || output != NULL);
+    GCM_VALIDATE_RET(tag != NULL);
+
+    if ((ret = mbedtls_gcm_starts(ctx, mode, iv, iv_len, add, add_len)) != 0) {
+        return ret;
+    }
+
+    if ((ret = mbedtls_gcm_update(ctx, length, input, output)) != 0) {
+        return ret;
+    }
+
+    if ((ret = mbedtls_gcm_finish(ctx, tag, tag_len)) != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+
+int mbedtls_gcm_auth_decrypt(mbedtls_gcm_context *ctx,
+                             size_t length,
+                             const unsigned char *iv,
+                             size_t iv_len,
+                             const unsigned char *add,
+                             size_t add_len,
+                             const unsigned char *tag,
+                             size_t tag_len,
+                             const unsigned char *input,
+                             unsigned char *output)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char check_tag[16];
+    int diff;
+
+    GCM_VALIDATE_RET(ctx != NULL);
+    GCM_VALIDATE_RET(iv != NULL);
+    GCM_VALIDATE_RET(add_len == 0 || add != NULL);
+    GCM_VALIDATE_RET(tag != NULL);
+    GCM_VALIDATE_RET(length == 0 || input != NULL);
+    GCM_VALIDATE_RET(length == 0 || output != NULL);
+
+    if ((ret = mbedtls_gcm_crypt_and_tag(ctx, MBEDTLS_GCM_DECRYPT, length,
+                                         iv, iv_len, add, add_len,
+                                         input, output, tag_len, check_tag)) != 0) {
+        return ret;
+    }
+
+    /* Check tag in "constant-time" */
+    diff = mbedtls_ct_memcmp(tag, check_tag, tag_len);
+
+    if (diff != 0) {
+        mbedtls_platform_zeroize(output, length);
+        return MBEDTLS_ERR_GCM_AUTH_FAILED;
+    }
+
+    return 0;
+}
+
+void mbedtls_gcm_free(mbedtls_gcm_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+    mbedtls_cipher_free(&ctx->cipher_ctx);
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_gcm_context));
+}
+
+#endif /* !MBEDTLS_GCM_ALT */
+
+#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
+/*
+ * AES-GCM test vectors from:
+ *
+ * http://csrc.nist.gov/groups/STM/cavp/documents/mac/gcmtestvectors.zip
+ */
+#define MAX_TESTS   6
+
+static const int key_index_test_data[MAX_TESTS] =
+{ 0, 0, 1, 1, 1, 1 };
+
+static const unsigned char key_test_data[MAX_TESTS][32] =
+{
+    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+    { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
+      0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
+      0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
+      0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 },
+};
+
+static const size_t iv_len_test_data[MAX_TESTS] =
+{ 12, 12, 12, 12, 8, 60 };
+
+static const int iv_index_test_data[MAX_TESTS] =
+{ 0, 0, 1, 1, 1, 2 };
+
+static const unsigned char iv_test_data[MAX_TESTS][64] =
+{
+    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00 },
+    { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
+      0xde, 0xca, 0xf8, 0x88 },
+    { 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
+      0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
+      0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
+      0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
+      0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
+      0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
+      0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
+      0xa6, 0x37, 0xb3, 0x9b },
+};
+
+static const size_t add_len_test_data[MAX_TESTS] =
+{ 0, 0, 0, 20, 20, 20 };
+
+static const int add_index_test_data[MAX_TESTS] =
+{ 0, 0, 0, 1, 1, 1 };
+
+static const unsigned char additional_test_data[MAX_TESTS][64] =
+{
+    { 0x00 },
+    { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
+      0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
+      0xab, 0xad, 0xda, 0xd2 },
+};
+
+static const size_t pt_len_test_data[MAX_TESTS] =
+{ 0, 16, 64, 60, 60, 60 };
+
+static const int pt_index_test_data[MAX_TESTS] =
+{ 0, 0, 1, 1, 1, 1 };
+
+static const unsigned char pt_test_data[MAX_TESTS][64] =
+{
+    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+    { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
+      0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
+      0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
+      0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
+      0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
+      0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
+      0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
+      0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 },
+};
+
+static const unsigned char ct_test_data[MAX_TESTS * 3][64] =
+{
+    { 0x00 },
+    { 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92,
+      0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78 },
+    { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
+      0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
+      0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
+      0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
+      0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
+      0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
+      0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
+      0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85 },
+    { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
+      0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
+      0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
+      0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
+      0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
+      0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
+      0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
+      0x3d, 0x58, 0xe0, 0x91 },
+    { 0x61, 0x35, 0x3b, 0x4c, 0x28, 0x06, 0x93, 0x4a,
+      0x77, 0x7f, 0xf5, 0x1f, 0xa2, 0x2a, 0x47, 0x55,
+      0x69, 0x9b, 0x2a, 0x71, 0x4f, 0xcd, 0xc6, 0xf8,
+      0x37, 0x66, 0xe5, 0xf9, 0x7b, 0x6c, 0x74, 0x23,
+      0x73, 0x80, 0x69, 0x00, 0xe4, 0x9f, 0x24, 0xb2,
+      0x2b, 0x09, 0x75, 0x44, 0xd4, 0x89, 0x6b, 0x42,
+      0x49, 0x89, 0xb5, 0xe1, 0xeb, 0xac, 0x0f, 0x07,
+      0xc2, 0x3f, 0x45, 0x98 },
+    { 0x8c, 0xe2, 0x49, 0x98, 0x62, 0x56, 0x15, 0xb6,
+      0x03, 0xa0, 0x33, 0xac, 0xa1, 0x3f, 0xb8, 0x94,
+      0xbe, 0x91, 0x12, 0xa5, 0xc3, 0xa2, 0x11, 0xa8,
+      0xba, 0x26, 0x2a, 0x3c, 0xca, 0x7e, 0x2c, 0xa7,
+      0x01, 0xe4, 0xa9, 0xa4, 0xfb, 0xa4, 0x3c, 0x90,
+      0xcc, 0xdc, 0xb2, 0x81, 0xd4, 0x8c, 0x7c, 0x6f,
+      0xd6, 0x28, 0x75, 0xd2, 0xac, 0xa4, 0x17, 0x03,
+      0x4c, 0x34, 0xae, 0xe5 },
+    { 0x00 },
+    { 0x98, 0xe7, 0x24, 0x7c, 0x07, 0xf0, 0xfe, 0x41,
+      0x1c, 0x26, 0x7e, 0x43, 0x84, 0xb0, 0xf6, 0x00 },
+    { 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
+      0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
+      0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
+      0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
+      0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
+      0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
+      0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
+      0xcc, 0xda, 0x27, 0x10, 0xac, 0xad, 0xe2, 0x56 },
+    { 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
+      0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
+      0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
+      0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
+      0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
+      0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
+      0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
+      0xcc, 0xda, 0x27, 0x10 },
+    { 0x0f, 0x10, 0xf5, 0x99, 0xae, 0x14, 0xa1, 0x54,
+      0xed, 0x24, 0xb3, 0x6e, 0x25, 0x32, 0x4d, 0xb8,
+      0xc5, 0x66, 0x63, 0x2e, 0xf2, 0xbb, 0xb3, 0x4f,
+      0x83, 0x47, 0x28, 0x0f, 0xc4, 0x50, 0x70, 0x57,
+      0xfd, 0xdc, 0x29, 0xdf, 0x9a, 0x47, 0x1f, 0x75,
+      0xc6, 0x65, 0x41, 0xd4, 0xd4, 0xda, 0xd1, 0xc9,
+      0xe9, 0x3a, 0x19, 0xa5, 0x8e, 0x8b, 0x47, 0x3f,
+      0xa0, 0xf0, 0x62, 0xf7 },
+    { 0xd2, 0x7e, 0x88, 0x68, 0x1c, 0xe3, 0x24, 0x3c,
+      0x48, 0x30, 0x16, 0x5a, 0x8f, 0xdc, 0xf9, 0xff,
+      0x1d, 0xe9, 0xa1, 0xd8, 0xe6, 0xb4, 0x47, 0xef,
+      0x6e, 0xf7, 0xb7, 0x98, 0x28, 0x66, 0x6e, 0x45,
+      0x81, 0xe7, 0x90, 0x12, 0xaf, 0x34, 0xdd, 0xd9,
+      0xe2, 0xf0, 0x37, 0x58, 0x9b, 0x29, 0x2d, 0xb3,
+      0xe6, 0x7c, 0x03, 0x67, 0x45, 0xfa, 0x22, 0xe7,
+      0xe9, 0xb7, 0x37, 0x3b },
+    { 0x00 },
+    { 0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e,
+      0x07, 0x4e, 0xc5, 0xd3, 0xba, 0xf3, 0x9d, 0x18 },
+    { 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
+      0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
+      0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
+      0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
+      0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
+      0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
+      0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
+      0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad },
+    { 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
+      0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
+      0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
+      0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
+      0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
+      0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
+      0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
+      0xbc, 0xc9, 0xf6, 0x62 },
+    { 0xc3, 0x76, 0x2d, 0xf1, 0xca, 0x78, 0x7d, 0x32,
+      0xae, 0x47, 0xc1, 0x3b, 0xf1, 0x98, 0x44, 0xcb,
+      0xaf, 0x1a, 0xe1, 0x4d, 0x0b, 0x97, 0x6a, 0xfa,
+      0xc5, 0x2f, 0xf7, 0xd7, 0x9b, 0xba, 0x9d, 0xe0,
+      0xfe, 0xb5, 0x82, 0xd3, 0x39, 0x34, 0xa4, 0xf0,
+      0x95, 0x4c, 0xc2, 0x36, 0x3b, 0xc7, 0x3f, 0x78,
+      0x62, 0xac, 0x43, 0x0e, 0x64, 0xab, 0xe4, 0x99,
+      0xf4, 0x7c, 0x9b, 0x1f },
+    { 0x5a, 0x8d, 0xef, 0x2f, 0x0c, 0x9e, 0x53, 0xf1,
+      0xf7, 0x5d, 0x78, 0x53, 0x65, 0x9e, 0x2a, 0x20,
+      0xee, 0xb2, 0xb2, 0x2a, 0xaf, 0xde, 0x64, 0x19,
+      0xa0, 0x58, 0xab, 0x4f, 0x6f, 0x74, 0x6b, 0xf4,
+      0x0f, 0xc0, 0xc3, 0xb7, 0x80, 0xf2, 0x44, 0x45,
+      0x2d, 0xa3, 0xeb, 0xf1, 0xc5, 0xd8, 0x2c, 0xde,
+      0xa2, 0x41, 0x89, 0x97, 0x20, 0x0e, 0xf8, 0x2e,
+      0x44, 0xae, 0x7e, 0x3f },
+};
+
+static const unsigned char tag_test_data[MAX_TESTS * 3][16] =
+{
+    { 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61,
+      0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a },
+    { 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd,
+      0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf },
+    { 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6,
+      0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4 },
+    { 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb,
+      0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47 },
+    { 0x36, 0x12, 0xd2, 0xe7, 0x9e, 0x3b, 0x07, 0x85,
+      0x56, 0x1b, 0xe1, 0x4a, 0xac, 0xa2, 0xfc, 0xcb },
+    { 0x61, 0x9c, 0xc5, 0xae, 0xff, 0xfe, 0x0b, 0xfa,
+      0x46, 0x2a, 0xf4, 0x3c, 0x16, 0x99, 0xd0, 0x50 },
+    { 0xcd, 0x33, 0xb2, 0x8a, 0xc7, 0x73, 0xf7, 0x4b,
+      0xa0, 0x0e, 0xd1, 0xf3, 0x12, 0x57, 0x24, 0x35 },
+    { 0x2f, 0xf5, 0x8d, 0x80, 0x03, 0x39, 0x27, 0xab,
+      0x8e, 0xf4, 0xd4, 0x58, 0x75, 0x14, 0xf0, 0xfb },
+    { 0x99, 0x24, 0xa7, 0xc8, 0x58, 0x73, 0x36, 0xbf,
+      0xb1, 0x18, 0x02, 0x4d, 0xb8, 0x67, 0x4a, 0x14 },
+    { 0x25, 0x19, 0x49, 0x8e, 0x80, 0xf1, 0x47, 0x8f,
+      0x37, 0xba, 0x55, 0xbd, 0x6d, 0x27, 0x61, 0x8c },
+    { 0x65, 0xdc, 0xc5, 0x7f, 0xcf, 0x62, 0x3a, 0x24,
+      0x09, 0x4f, 0xcc, 0xa4, 0x0d, 0x35, 0x33, 0xf8 },
+    { 0xdc, 0xf5, 0x66, 0xff, 0x29, 0x1c, 0x25, 0xbb,
+      0xb8, 0x56, 0x8f, 0xc3, 0xd3, 0x76, 0xa6, 0xd9 },
+    { 0x53, 0x0f, 0x8a, 0xfb, 0xc7, 0x45, 0x36, 0xb9,
+      0xa9, 0x63, 0xb4, 0xf1, 0xc4, 0xcb, 0x73, 0x8b },
+    { 0xd0, 0xd1, 0xc8, 0xa7, 0x99, 0x99, 0x6b, 0xf0,
+      0x26, 0x5b, 0x98, 0xb5, 0xd4, 0x8a, 0xb9, 0x19 },
+    { 0xb0, 0x94, 0xda, 0xc5, 0xd9, 0x34, 0x71, 0xbd,
+      0xec, 0x1a, 0x50, 0x22, 0x70, 0xe3, 0xcc, 0x6c },
+    { 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
+      0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b },
+    { 0x3a, 0x33, 0x7d, 0xbf, 0x46, 0xa7, 0x92, 0xc4,
+      0x5e, 0x45, 0x49, 0x13, 0xfe, 0x2e, 0xa8, 0xf2 },
+    { 0xa4, 0x4a, 0x82, 0x66, 0xee, 0x1c, 0x8e, 0xb0,
+      0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a },
+};
+
+int mbedtls_gcm_self_test(int verbose)
+{
+    mbedtls_gcm_context ctx;
+    unsigned char buf[64];
+    unsigned char tag_buf[16];
+    int i, j, ret;
+    mbedtls_cipher_id_t cipher = MBEDTLS_CIPHER_ID_AES;
+
+    if (verbose != 0) {
+#if defined(MBEDTLS_GCM_ALT)
+        mbedtls_printf("  GCM note: alternative implementation.\n");
+#else /* MBEDTLS_GCM_ALT */
+#if defined(MBEDTLS_AESNI_HAVE_CODE)
+        if (mbedtls_aesni_has_support(MBEDTLS_AESNI_CLMUL)) {
+            mbedtls_printf("  GCM note: using AESNI via ");
+#if MBEDTLS_AESNI_HAVE_CODE == 1
+            mbedtls_printf("assembly");
+#elif MBEDTLS_AESNI_HAVE_CODE == 2
+            mbedtls_printf("intrinsics");
+#else
+            mbedtls_printf("(unknown)");
+#endif
+            mbedtls_printf(".\n");
+        } else
+#endif
+        mbedtls_printf("  GCM note: built-in implementation.\n");
+#endif /* MBEDTLS_GCM_ALT */
+    }
+
+    for (j = 0; j < 3; j++) {
+        int key_len = 128 + 64 * j;
+
+        for (i = 0; i < MAX_TESTS; i++) {
+            mbedtls_gcm_init(&ctx);
+
+            if (verbose != 0) {
+                mbedtls_printf("  AES-GCM-%3d #%d (%s): ",
+                               key_len, i, "enc");
+            }
+
+            ret = mbedtls_gcm_setkey(&ctx, cipher,
+                                     key_test_data[key_index_test_data[i]],
+                                     key_len);
+            /*
+             * AES-192 is an optional feature that may be unavailable when
+             * there is an alternative underlying implementation i.e. when
+             * MBEDTLS_AES_ALT is defined.
+             */
+            if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && key_len == 192) {
+                mbedtls_printf("skipped\n");
+                break;
+            } else if (ret != 0) {
+                goto exit;
+            }
+
+            ret = mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_GCM_ENCRYPT,
+                                            pt_len_test_data[i],
+                                            iv_test_data[iv_index_test_data[i]],
+                                            iv_len_test_data[i],
+                                            additional_test_data[add_index_test_data[i]],
+                                            add_len_test_data[i],
+                                            pt_test_data[pt_index_test_data[i]],
+                                            buf, 16, tag_buf);
+#if defined(MBEDTLS_GCM_ALT)
+            /* Allow alternative implementations to only support 12-byte nonces. */
+            if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED &&
+                iv_len_test_data[i] != 12) {
+                mbedtls_printf("skipped\n");
+                break;
+            }
+#endif /* defined(MBEDTLS_GCM_ALT) */
+            if (ret != 0) {
+                goto exit;
+            }
+
+            if (memcmp(buf, ct_test_data[j * 6 + i],
+                       pt_len_test_data[i]) != 0 ||
+                memcmp(tag_buf, tag_test_data[j * 6 + i], 16) != 0) {
+                ret = 1;
+                goto exit;
+            }
+
+            mbedtls_gcm_free(&ctx);
+
+            if (verbose != 0) {
+                mbedtls_printf("passed\n");
+            }
+
+            mbedtls_gcm_init(&ctx);
+
+            if (verbose != 0) {
+                mbedtls_printf("  AES-GCM-%3d #%d (%s): ",
+                               key_len, i, "dec");
+            }
+
+            ret = mbedtls_gcm_setkey(&ctx, cipher,
+                                     key_test_data[key_index_test_data[i]],
+                                     key_len);
+            if (ret != 0) {
+                goto exit;
+            }
+
+            ret = mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_GCM_DECRYPT,
+                                            pt_len_test_data[i],
+                                            iv_test_data[iv_index_test_data[i]],
+                                            iv_len_test_data[i],
+                                            additional_test_data[add_index_test_data[i]],
+                                            add_len_test_data[i],
+                                            ct_test_data[j * 6 + i], buf, 16, tag_buf);
+
+            if (ret != 0) {
+                goto exit;
+            }
+
+            if (memcmp(buf, pt_test_data[pt_index_test_data[i]],
+                       pt_len_test_data[i]) != 0 ||
+                memcmp(tag_buf, tag_test_data[j * 6 + i], 16) != 0) {
+                ret = 1;
+                goto exit;
+            }
+
+            mbedtls_gcm_free(&ctx);
+
+            if (verbose != 0) {
+                mbedtls_printf("passed\n");
+            }
+
+            mbedtls_gcm_init(&ctx);
+
+            if (verbose != 0) {
+                mbedtls_printf("  AES-GCM-%3d #%d split (%s): ",
+                               key_len, i, "enc");
+            }
+
+            ret = mbedtls_gcm_setkey(&ctx, cipher,
+                                     key_test_data[key_index_test_data[i]],
+                                     key_len);
+            if (ret != 0) {
+                goto exit;
+            }
+
+            ret = mbedtls_gcm_starts(&ctx, MBEDTLS_GCM_ENCRYPT,
+                                     iv_test_data[iv_index_test_data[i]],
+                                     iv_len_test_data[i],
+                                     additional_test_data[add_index_test_data[i]],
+                                     add_len_test_data[i]);
+            if (ret != 0) {
+                goto exit;
+            }
+
+            if (pt_len_test_data[i] > 32) {
+                size_t rest_len = pt_len_test_data[i] - 32;
+                ret = mbedtls_gcm_update(&ctx, 32,
+                                         pt_test_data[pt_index_test_data[i]],
+                                         buf);
+                if (ret != 0) {
+                    goto exit;
+                }
+
+                ret = mbedtls_gcm_update(&ctx, rest_len,
+                                         pt_test_data[pt_index_test_data[i]] + 32,
+                                         buf + 32);
+                if (ret != 0) {
+                    goto exit;
+                }
+            } else {
+                ret = mbedtls_gcm_update(&ctx, pt_len_test_data[i],
+                                         pt_test_data[pt_index_test_data[i]],
+                                         buf);
+                if (ret != 0) {
+                    goto exit;
+                }
+            }
+
+            ret = mbedtls_gcm_finish(&ctx, tag_buf, 16);
+            if (ret != 0) {
+                goto exit;
+            }
+
+            if (memcmp(buf, ct_test_data[j * 6 + i],
+                       pt_len_test_data[i]) != 0 ||
+                memcmp(tag_buf, tag_test_data[j * 6 + i], 16) != 0) {
+                ret = 1;
+                goto exit;
+            }
+
+            mbedtls_gcm_free(&ctx);
+
+            if (verbose != 0) {
+                mbedtls_printf("passed\n");
+            }
+
+            mbedtls_gcm_init(&ctx);
+
+            if (verbose != 0) {
+                mbedtls_printf("  AES-GCM-%3d #%d split (%s): ",
+                               key_len, i, "dec");
+            }
+
+            ret = mbedtls_gcm_setkey(&ctx, cipher,
+                                     key_test_data[key_index_test_data[i]],
+                                     key_len);
+            if (ret != 0) {
+                goto exit;
+            }
+
+            ret = mbedtls_gcm_starts(&ctx, MBEDTLS_GCM_DECRYPT,
+                                     iv_test_data[iv_index_test_data[i]],
+                                     iv_len_test_data[i],
+                                     additional_test_data[add_index_test_data[i]],
+                                     add_len_test_data[i]);
+            if (ret != 0) {
+                goto exit;
+            }
+
+            if (pt_len_test_data[i] > 32) {
+                size_t rest_len = pt_len_test_data[i] - 32;
+                ret = mbedtls_gcm_update(&ctx, 32, ct_test_data[j * 6 + i],
+                                         buf);
+                if (ret != 0) {
+                    goto exit;
+                }
+
+                ret = mbedtls_gcm_update(&ctx, rest_len,
+                                         ct_test_data[j * 6 + i] + 32,
+                                         buf + 32);
+                if (ret != 0) {
+                    goto exit;
+                }
+            } else {
+                ret = mbedtls_gcm_update(&ctx, pt_len_test_data[i],
+                                         ct_test_data[j * 6 + i],
+                                         buf);
+                if (ret != 0) {
+                    goto exit;
+                }
+            }
+
+            ret = mbedtls_gcm_finish(&ctx, tag_buf, 16);
+            if (ret != 0) {
+                goto exit;
+            }
+
+            if (memcmp(buf, pt_test_data[pt_index_test_data[i]],
+                       pt_len_test_data[i]) != 0 ||
+                memcmp(tag_buf, tag_test_data[j * 6 + i], 16) != 0) {
+                ret = 1;
+                goto exit;
+            }
+
+            mbedtls_gcm_free(&ctx);
+
+            if (verbose != 0) {
+                mbedtls_printf("passed\n");
+            }
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+    ret = 0;
+
+exit:
+    if (ret != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
+        mbedtls_gcm_free(&ctx);
+    }
+
+    return ret;
+}
+
+#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
+
+#endif /* MBEDTLS_GCM_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/havege.c b/3rdparty/mbedtls-2.28.7/library/havege.c
similarity index 76%
rename from 3rdparty/mbedtls-2.25.0/library/havege.c
rename to 3rdparty/mbedtls-2.28.7/library/havege.c
index 2a360a1..3d1f6f4 100644
--- a/3rdparty/mbedtls-2.25.0/library/havege.c
+++ b/3rdparty/mbedtls-2.28.7/library/havege.c
@@ -2,19 +2,7 @@
  *  \brief HAVEGE: HArdware Volatile Entropy Gathering and Expansion
  *
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 /*
  *  The HAVEGE RNG was designed by Andre Seznec in 2002.
@@ -49,10 +37,10 @@
  * ------------------------------------------------------------------------
  */
 
-#define SWAP(X,Y) { uint32_t *T = (X); (X) = (Y); (Y) = T; }
+#define SWAP(X, Y) { uint32_t *T = (X); (X) = (Y); (Y) = T; }
 
-#define TST1_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1;
-#define TST2_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1;
+#define TST1_ENTER if (PTEST & 1) { PTEST ^= 3; PTEST >>= 1;
+#define TST2_ENTER if (PTEST & 1) { PTEST ^= 3; PTEST >>= 1;
 
 #define TST1_LEAVE U1++; }
 #define TST2_LEAVE U2++; }
@@ -69,14 +57,14 @@
     TST1_LEAVE  TST1_LEAVE  TST1_LEAVE  TST1_LEAVE      \
     TST1_LEAVE  TST1_LEAVE  TST1_LEAVE  TST1_LEAVE      \
                                                         \
-    PTX = (PT1 >> 18) & 7;                              \
+        PTX = (PT1 >> 18) & 7;                              \
     PT1 &= 0x1FFF;                                      \
     PT2 &= 0x1FFF;                                      \
     CLK = (uint32_t) mbedtls_timing_hardclock();        \
                                                         \
     i = 0;                                              \
-    A = &WALK[PT1    ]; RES[i++] ^= *A;                 \
-    B = &WALK[PT2    ]; RES[i++] ^= *B;                 \
+    A = &WALK[PT1]; RES[i++] ^= *A;                 \
+    B = &WALK[PT2]; RES[i++] ^= *B;                 \
     C = &WALK[PT1 ^ 1]; RES[i++] ^= *C;                 \
     D = &WALK[PT2 ^ 4]; RES[i++] ^= *D;                 \
                                                         \
@@ -91,7 +79,7 @@
     C = &WALK[PT1 ^ 3]; RES[i++] ^= *C;                 \
     D = &WALK[PT2 ^ 6]; RES[i++] ^= *D;                 \
                                                         \
-    if( PTEST & 1 ) SWAP( A, C );                       \
+    if (PTEST & 1) SWAP(A, C);                       \
                                                         \
     IN = (*A >> (5)) ^ (*A << (27)) ^ CLK;              \
     *A = (*B >> (6)) ^ (*B << (26)) ^ CLK;              \
@@ -116,7 +104,7 @@
     TST2_LEAVE  TST2_LEAVE  TST2_LEAVE  TST2_LEAVE      \
     TST2_LEAVE  TST2_LEAVE  TST2_LEAVE  TST2_LEAVE      \
                                                         \
-    C = &WALK[PT1 ^ 5];                                 \
+        C = &WALK[PT1 ^ 5];                                 \
     D = &WALK[PT2 ^ 5];                                 \
                                                         \
     RES[i++] ^= *A;                                     \
@@ -124,7 +112,7 @@
     RES[i++] ^= *C;                                     \
     RES[i++] ^= *D;                                     \
                                                         \
-    IN = (*A >> ( 9)) ^ (*A << (23)) ^ CLK;             \
+    IN = (*A >> (9)) ^ (*A << (23)) ^ CLK;             \
     *A = (*B >> (10)) ^ (*B << (22)) ^ CLK;             \
     *B = IN ^ U2;                                       \
     *C = (*C >> (11)) ^ (*C << (21)) ^ CLK;             \
@@ -141,17 +129,17 @@
     *C = (*C >> (15)) ^ (*C << (17)) ^ CLK;             \
     *D = (*D >> (16)) ^ (*D << (16)) ^ CLK;             \
                                                         \
-    PT1 = ( RES[( i - 8 ) ^ PTX] ^                      \
-            WALK[PT1 ^ PTX ^ 7] ) & (~1);               \
+    PT1 = (RES[(i - 8) ^ PTX] ^                      \
+           WALK[PT1 ^ PTX ^ 7]) & (~1);               \
     PT1 ^= (PT2 ^ 0x10) & 0x10;                         \
                                                         \
-    for( n++, i = 0; i < 16; i++ )                      \
-        hs->pool[n % MBEDTLS_HAVEGE_COLLECT_SIZE] ^= RES[i];
+    for (n++, i = 0; i < 16; i++)                      \
+    hs->pool[n % MBEDTLS_HAVEGE_COLLECT_SIZE] ^= RES[i];
 
 /*
  * Entropy gathering function
  */
-static void havege_fill( mbedtls_havege_state *hs )
+static void havege_fill(mbedtls_havege_state *hs)
 {
     size_t n = 0;
     size_t i;
@@ -166,16 +154,15 @@ static void havege_fill( mbedtls_havege_state *hs )
     PTX  = U1 = 0;
     PTY  = U2 = 0;
 
-    (void)PTX;
+    (void) PTX;
 
-    memset( RES, 0, sizeof( RES ) );
+    memset(RES, 0, sizeof(RES));
 
-    while( n < MBEDTLS_HAVEGE_COLLECT_SIZE * 4 )
-    {
-        ONE_ITERATION
+    while (n < MBEDTLS_HAVEGE_COLLECT_SIZE * 4) {
         ONE_ITERATION
         ONE_ITERATION
         ONE_ITERATION
+            ONE_ITERATION
     }
 
     hs->PT1 = PT1;
@@ -188,50 +175,52 @@ static void havege_fill( mbedtls_havege_state *hs )
 /*
  * HAVEGE initialization
  */
-void mbedtls_havege_init( mbedtls_havege_state *hs )
+void mbedtls_havege_init(mbedtls_havege_state *hs)
 {
-    memset( hs, 0, sizeof( mbedtls_havege_state ) );
+    memset(hs, 0, sizeof(mbedtls_havege_state));
 
-    havege_fill( hs );
+    havege_fill(hs);
 }
 
-void mbedtls_havege_free( mbedtls_havege_state *hs )
+void mbedtls_havege_free(mbedtls_havege_state *hs)
 {
-    if( hs == NULL )
+    if (hs == NULL) {
         return;
+    }
 
-    mbedtls_platform_zeroize( hs, sizeof( mbedtls_havege_state ) );
+    mbedtls_platform_zeroize(hs, sizeof(mbedtls_havege_state));
 }
 
 /*
  * HAVEGE rand function
  */
-int mbedtls_havege_random( void *p_rng, unsigned char *buf, size_t len )
+int mbedtls_havege_random(void *p_rng, unsigned char *buf, size_t len)
 {
     uint32_t val;
     size_t use_len;
     mbedtls_havege_state *hs = (mbedtls_havege_state *) p_rng;
     unsigned char *p = buf;
 
-    while( len > 0 )
-    {
+    while (len > 0) {
         use_len = len;
-        if( use_len > sizeof( val ) )
-            use_len = sizeof( val );
+        if (use_len > sizeof(val)) {
+            use_len = sizeof(val);
+        }
 
-        if( hs->offset[1] >= MBEDTLS_HAVEGE_COLLECT_SIZE )
-            havege_fill( hs );
+        if (hs->offset[1] >= MBEDTLS_HAVEGE_COLLECT_SIZE) {
+            havege_fill(hs);
+        }
 
         val  = hs->pool[hs->offset[0]++];
         val ^= hs->pool[hs->offset[1]++];
 
-        memcpy( p, &val, use_len );
+        memcpy(p, &val, use_len);
 
         len -= use_len;
         p += use_len;
     }
 
-    return( 0 );
+    return 0;
 }
 
 #endif /* MBEDTLS_HAVEGE_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/hkdf.c b/3rdparty/mbedtls-2.28.7/library/hkdf.c
new file mode 100644
index 0000000..631ac24
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/hkdf.c
@@ -0,0 +1,161 @@
+/*
+ *  HKDF implementation -- RFC 5869
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#include "common.h"
+
+#if defined(MBEDTLS_HKDF_C)
+
+#include <string.h>
+#include "mbedtls/hkdf.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+int mbedtls_hkdf(const mbedtls_md_info_t *md, const unsigned char *salt,
+                 size_t salt_len, const unsigned char *ikm, size_t ikm_len,
+                 const unsigned char *info, size_t info_len,
+                 unsigned char *okm, size_t okm_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char prk[MBEDTLS_MD_MAX_SIZE];
+
+    ret = mbedtls_hkdf_extract(md, salt, salt_len, ikm, ikm_len, prk);
+
+    if (ret == 0) {
+        ret = mbedtls_hkdf_expand(md, prk, mbedtls_md_get_size(md),
+                                  info, info_len, okm, okm_len);
+    }
+
+    mbedtls_platform_zeroize(prk, sizeof(prk));
+
+    return ret;
+}
+
+int mbedtls_hkdf_extract(const mbedtls_md_info_t *md,
+                         const unsigned char *salt, size_t salt_len,
+                         const unsigned char *ikm, size_t ikm_len,
+                         unsigned char *prk)
+{
+    unsigned char null_salt[MBEDTLS_MD_MAX_SIZE] = { '\0' };
+
+    if (salt == NULL) {
+        size_t hash_len;
+
+        if (salt_len != 0) {
+            return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA;
+        }
+
+        hash_len = mbedtls_md_get_size(md);
+
+        if (hash_len == 0) {
+            return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA;
+        }
+
+        salt = null_salt;
+        salt_len = hash_len;
+    }
+
+    return mbedtls_md_hmac(md, salt, salt_len, ikm, ikm_len, prk);
+}
+
+int mbedtls_hkdf_expand(const mbedtls_md_info_t *md, const unsigned char *prk,
+                        size_t prk_len, const unsigned char *info,
+                        size_t info_len, unsigned char *okm, size_t okm_len)
+{
+    size_t hash_len;
+    size_t where = 0;
+    size_t n;
+    size_t t_len = 0;
+    size_t i;
+    int ret = 0;
+    mbedtls_md_context_t ctx;
+    unsigned char t[MBEDTLS_MD_MAX_SIZE];
+
+    if (okm == NULL) {
+        return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA;
+    }
+
+    hash_len = mbedtls_md_get_size(md);
+
+    if (prk_len < hash_len || hash_len == 0) {
+        return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA;
+    }
+
+    if (info == NULL) {
+        info = (const unsigned char *) "";
+        info_len = 0;
+    }
+
+    n = okm_len / hash_len;
+
+    if (okm_len % hash_len != 0) {
+        n++;
+    }
+
+    /*
+     * Per RFC 5869 Section 2.3, okm_len must not exceed
+     * 255 times the hash length
+     */
+    if (n > 255) {
+        return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA;
+    }
+
+    mbedtls_md_init(&ctx);
+
+    if ((ret = mbedtls_md_setup(&ctx, md, 1)) != 0) {
+        goto exit;
+    }
+
+    memset(t, 0, hash_len);
+
+    /*
+     * Compute T = T(1) | T(2) | T(3) | ... | T(N)
+     * Where T(N) is defined in RFC 5869 Section 2.3
+     */
+    for (i = 1; i <= n; i++) {
+        size_t num_to_copy;
+        unsigned char c = i & 0xff;
+
+        ret = mbedtls_md_hmac_starts(&ctx, prk, prk_len);
+        if (ret != 0) {
+            goto exit;
+        }
+
+        ret = mbedtls_md_hmac_update(&ctx, t, t_len);
+        if (ret != 0) {
+            goto exit;
+        }
+
+        ret = mbedtls_md_hmac_update(&ctx, info, info_len);
+        if (ret != 0) {
+            goto exit;
+        }
+
+        /* The constant concatenated to the end of each T(n) is a single octet.
+         * */
+        ret = mbedtls_md_hmac_update(&ctx, &c, 1);
+        if (ret != 0) {
+            goto exit;
+        }
+
+        ret = mbedtls_md_hmac_finish(&ctx, t);
+        if (ret != 0) {
+            goto exit;
+        }
+
+        num_to_copy = i != n ? hash_len : okm_len - where;
+        memcpy(okm + where, t, num_to_copy);
+        where += hash_len;
+        t_len = hash_len;
+    }
+
+exit:
+    mbedtls_md_free(&ctx);
+    mbedtls_platform_zeroize(t, sizeof(t));
+
+    return ret;
+}
+
+#endif /* MBEDTLS_HKDF_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/hmac_drbg.c b/3rdparty/mbedtls-2.28.7/library/hmac_drbg.c
new file mode 100644
index 0000000..ee8f8e3
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/hmac_drbg.c
@@ -0,0 +1,636 @@
+/*
+ *  HMAC_DRBG implementation (NIST SP 800-90)
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ *  The NIST SP 800-90A DRBGs are described in the following publication.
+ *  http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf
+ *  References below are based on rev. 1 (January 2012).
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_HMAC_DRBG_C)
+
+#include "mbedtls/hmac_drbg.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_FS_IO)
+#include <stdio.h>
+#endif
+
+#include "mbedtls/platform.h"
+
+/*
+ * HMAC_DRBG context initialization
+ */
+void mbedtls_hmac_drbg_init(mbedtls_hmac_drbg_context *ctx)
+{
+    memset(ctx, 0, sizeof(mbedtls_hmac_drbg_context));
+
+    ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL;
+}
+
+/*
+ * HMAC_DRBG update, using optional additional data (10.1.2.2)
+ */
+int mbedtls_hmac_drbg_update_ret(mbedtls_hmac_drbg_context *ctx,
+                                 const unsigned char *additional,
+                                 size_t add_len)
+{
+    size_t md_len = mbedtls_md_get_size(ctx->md_ctx.md_info);
+    unsigned char rounds = (additional != NULL && add_len != 0) ? 2 : 1;
+    unsigned char sep[1];
+    unsigned char K[MBEDTLS_MD_MAX_SIZE];
+    int ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+
+    for (sep[0] = 0; sep[0] < rounds; sep[0]++) {
+        /* Step 1 or 4 */
+        if ((ret = mbedtls_md_hmac_reset(&ctx->md_ctx)) != 0) {
+            goto exit;
+        }
+        if ((ret = mbedtls_md_hmac_update(&ctx->md_ctx,
+                                          ctx->V, md_len)) != 0) {
+            goto exit;
+        }
+        if ((ret = mbedtls_md_hmac_update(&ctx->md_ctx,
+                                          sep, 1)) != 0) {
+            goto exit;
+        }
+        if (rounds == 2) {
+            if ((ret = mbedtls_md_hmac_update(&ctx->md_ctx,
+                                              additional, add_len)) != 0) {
+                goto exit;
+            }
+        }
+        if ((ret = mbedtls_md_hmac_finish(&ctx->md_ctx, K)) != 0) {
+            goto exit;
+        }
+
+        /* Step 2 or 5 */
+        if ((ret = mbedtls_md_hmac_starts(&ctx->md_ctx, K, md_len)) != 0) {
+            goto exit;
+        }
+        if ((ret = mbedtls_md_hmac_update(&ctx->md_ctx,
+                                          ctx->V, md_len)) != 0) {
+            goto exit;
+        }
+        if ((ret = mbedtls_md_hmac_finish(&ctx->md_ctx, ctx->V)) != 0) {
+            goto exit;
+        }
+    }
+
+exit:
+    mbedtls_platform_zeroize(K, sizeof(K));
+    return ret;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_hmac_drbg_update(mbedtls_hmac_drbg_context *ctx,
+                              const unsigned char *additional,
+                              size_t add_len)
+{
+    (void) mbedtls_hmac_drbg_update_ret(ctx, additional, add_len);
+}
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
+
+/*
+ * Simplified HMAC_DRBG initialisation (for use with deterministic ECDSA)
+ */
+int mbedtls_hmac_drbg_seed_buf(mbedtls_hmac_drbg_context *ctx,
+                               const mbedtls_md_info_t *md_info,
+                               const unsigned char *data, size_t data_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if ((ret = mbedtls_md_setup(&ctx->md_ctx, md_info, 1)) != 0) {
+        return ret;
+    }
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_init(&ctx->mutex);
+#endif
+
+    /*
+     * Set initial working state.
+     * Use the V memory location, which is currently all 0, to initialize the
+     * MD context with an all-zero key. Then set V to its initial value.
+     */
+    if ((ret = mbedtls_md_hmac_starts(&ctx->md_ctx, ctx->V,
+                                      mbedtls_md_get_size(md_info))) != 0) {
+        return ret;
+    }
+    memset(ctx->V, 0x01, mbedtls_md_get_size(md_info));
+
+    if ((ret = mbedtls_hmac_drbg_update_ret(ctx, data, data_len)) != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+
+/*
+ * Internal function used both for seeding and reseeding the DRBG.
+ * Comments starting with arabic numbers refer to section 10.1.2.4
+ * of SP800-90A, while roman numbers refer to section 9.2.
+ */
+static int hmac_drbg_reseed_core(mbedtls_hmac_drbg_context *ctx,
+                                 const unsigned char *additional, size_t len,
+                                 int use_nonce)
+{
+    unsigned char seed[MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT];
+    size_t seedlen = 0;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    {
+        size_t total_entropy_len;
+
+        if (use_nonce == 0) {
+            total_entropy_len = ctx->entropy_len;
+        } else {
+            total_entropy_len = ctx->entropy_len * 3 / 2;
+        }
+
+        /* III. Check input length */
+        if (len > MBEDTLS_HMAC_DRBG_MAX_INPUT ||
+            total_entropy_len + len > MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT) {
+            return MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG;
+        }
+    }
+
+    memset(seed, 0, MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT);
+
+    /* IV. Gather entropy_len bytes of entropy for the seed */
+    if ((ret = ctx->f_entropy(ctx->p_entropy,
+                              seed, ctx->entropy_len)) != 0) {
+        return MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED;
+    }
+    seedlen += ctx->entropy_len;
+
+    /* For initial seeding, allow adding of nonce generated
+     * from the entropy source. See Sect 8.6.7 in SP800-90A. */
+    if (use_nonce) {
+        /* Note: We don't merge the two calls to f_entropy() in order
+         *       to avoid requesting too much entropy from f_entropy()
+         *       at once. Specifically, if the underlying digest is not
+         *       SHA-1, 3 / 2 * entropy_len is at least 36 Bytes, which
+         *       is larger than the maximum of 32 Bytes that our own
+         *       entropy source implementation can emit in a single
+         *       call in configurations disabling SHA-512. */
+        if ((ret = ctx->f_entropy(ctx->p_entropy,
+                                  seed + seedlen,
+                                  ctx->entropy_len / 2)) != 0) {
+            return MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED;
+        }
+
+        seedlen += ctx->entropy_len / 2;
+    }
+
+
+    /* 1. Concatenate entropy and additional data if any */
+    if (additional != NULL && len != 0) {
+        memcpy(seed + seedlen, additional, len);
+        seedlen += len;
+    }
+
+    /* 2. Update state */
+    if ((ret = mbedtls_hmac_drbg_update_ret(ctx, seed, seedlen)) != 0) {
+        goto exit;
+    }
+
+    /* 3. Reset reseed_counter */
+    ctx->reseed_counter = 1;
+
+exit:
+    /* 4. Done */
+    mbedtls_platform_zeroize(seed, seedlen);
+    return ret;
+}
+
+/*
+ * HMAC_DRBG reseeding: 10.1.2.4 + 9.2
+ */
+int mbedtls_hmac_drbg_reseed(mbedtls_hmac_drbg_context *ctx,
+                             const unsigned char *additional, size_t len)
+{
+    return hmac_drbg_reseed_core(ctx, additional, len, 0);
+}
+
+/*
+ * HMAC_DRBG initialisation (10.1.2.3 + 9.1)
+ *
+ * The nonce is not passed as a separate parameter but extracted
+ * from the entropy source as suggested in 8.6.7.
+ */
+int mbedtls_hmac_drbg_seed(mbedtls_hmac_drbg_context *ctx,
+                           const mbedtls_md_info_t *md_info,
+                           int (*f_entropy)(void *, unsigned char *, size_t),
+                           void *p_entropy,
+                           const unsigned char *custom,
+                           size_t len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t md_size;
+
+    if ((ret = mbedtls_md_setup(&ctx->md_ctx, md_info, 1)) != 0) {
+        return ret;
+    }
+
+    /* The mutex is initialized iff the md context is set up. */
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_init(&ctx->mutex);
+#endif
+
+    md_size = mbedtls_md_get_size(md_info);
+
+    /*
+     * Set initial working state.
+     * Use the V memory location, which is currently all 0, to initialize the
+     * MD context with an all-zero key. Then set V to its initial value.
+     */
+    if ((ret = mbedtls_md_hmac_starts(&ctx->md_ctx, ctx->V, md_size)) != 0) {
+        return ret;
+    }
+    memset(ctx->V, 0x01, md_size);
+
+    ctx->f_entropy = f_entropy;
+    ctx->p_entropy = p_entropy;
+
+    if (ctx->entropy_len == 0) {
+        /*
+         * See SP800-57 5.6.1 (p. 65-66) for the security strength provided by
+         * each hash function, then according to SP800-90A rev1 10.1 table 2,
+         * min_entropy_len (in bits) is security_strength.
+         *
+         * (This also matches the sizes used in the NIST test vectors.)
+         */
+        ctx->entropy_len = md_size <= 20 ? 16 : /* 160-bits hash -> 128 bits */
+                           md_size <= 28 ? 24 : /* 224-bits hash -> 192 bits */
+                           32;  /* better (256+) -> 256 bits */
+    }
+
+    if ((ret = hmac_drbg_reseed_core(ctx, custom, len,
+                                     1 /* add nonce */)) != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+
+/*
+ * Set prediction resistance
+ */
+void mbedtls_hmac_drbg_set_prediction_resistance(mbedtls_hmac_drbg_context *ctx,
+                                                 int resistance)
+{
+    ctx->prediction_resistance = resistance;
+}
+
+/*
+ * Set entropy length grabbed for seeding
+ */
+void mbedtls_hmac_drbg_set_entropy_len(mbedtls_hmac_drbg_context *ctx, size_t len)
+{
+    ctx->entropy_len = len;
+}
+
+/*
+ * Set reseed interval
+ */
+void mbedtls_hmac_drbg_set_reseed_interval(mbedtls_hmac_drbg_context *ctx, int interval)
+{
+    ctx->reseed_interval = interval;
+}
+
+/*
+ * HMAC_DRBG random function with optional additional data:
+ * 10.1.2.5 (arabic) + 9.3 (Roman)
+ */
+int mbedtls_hmac_drbg_random_with_add(void *p_rng,
+                                      unsigned char *output, size_t out_len,
+                                      const unsigned char *additional, size_t add_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng;
+    size_t md_len = mbedtls_md_get_size(ctx->md_ctx.md_info);
+    size_t left = out_len;
+    unsigned char *out = output;
+
+    /* II. Check request length */
+    if (out_len > MBEDTLS_HMAC_DRBG_MAX_REQUEST) {
+        return MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG;
+    }
+
+    /* III. Check input length */
+    if (add_len > MBEDTLS_HMAC_DRBG_MAX_INPUT) {
+        return MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG;
+    }
+
+    /* 1. (aka VII and IX) Check reseed counter and PR */
+    if (ctx->f_entropy != NULL && /* For no-reseeding instances */
+        (ctx->prediction_resistance == MBEDTLS_HMAC_DRBG_PR_ON ||
+         ctx->reseed_counter > ctx->reseed_interval)) {
+        if ((ret = mbedtls_hmac_drbg_reseed(ctx, additional, add_len)) != 0) {
+            return ret;
+        }
+
+        add_len = 0; /* VII.4 */
+    }
+
+    /* 2. Use additional data if any */
+    if (additional != NULL && add_len != 0) {
+        if ((ret = mbedtls_hmac_drbg_update_ret(ctx,
+                                                additional, add_len)) != 0) {
+            goto exit;
+        }
+    }
+
+    /* 3, 4, 5. Generate bytes */
+    while (left != 0) {
+        size_t use_len = left > md_len ? md_len : left;
+
+        if ((ret = mbedtls_md_hmac_reset(&ctx->md_ctx)) != 0) {
+            goto exit;
+        }
+        if ((ret = mbedtls_md_hmac_update(&ctx->md_ctx,
+                                          ctx->V, md_len)) != 0) {
+            goto exit;
+        }
+        if ((ret = mbedtls_md_hmac_finish(&ctx->md_ctx, ctx->V)) != 0) {
+            goto exit;
+        }
+
+        memcpy(out, ctx->V, use_len);
+        out += use_len;
+        left -= use_len;
+    }
+
+    /* 6. Update */
+    if ((ret = mbedtls_hmac_drbg_update_ret(ctx,
+                                            additional, add_len)) != 0) {
+        goto exit;
+    }
+
+    /* 7. Update reseed counter */
+    ctx->reseed_counter++;
+
+exit:
+    /* 8. Done */
+    return ret;
+}
+
+/*
+ * HMAC_DRBG random function
+ */
+int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng;
+
+#if defined(MBEDTLS_THREADING_C)
+    if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) {
+        return ret;
+    }
+#endif
+
+    ret = mbedtls_hmac_drbg_random_with_add(ctx, output, out_len, NULL, 0);
+
+#if defined(MBEDTLS_THREADING_C)
+    if (mbedtls_mutex_unlock(&ctx->mutex) != 0) {
+        return MBEDTLS_ERR_THREADING_MUTEX_ERROR;
+    }
+#endif
+
+    return ret;
+}
+
+/*
+ *  This function resets HMAC_DRBG context to the state immediately
+ *  after initial call of mbedtls_hmac_drbg_init().
+ */
+void mbedtls_hmac_drbg_free(mbedtls_hmac_drbg_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+#if defined(MBEDTLS_THREADING_C)
+    /* The mutex is initialized iff the md context is set up. */
+    if (ctx->md_ctx.md_info != NULL) {
+        mbedtls_mutex_free(&ctx->mutex);
+    }
+#endif
+    mbedtls_md_free(&ctx->md_ctx);
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_hmac_drbg_context));
+    ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL;
+}
+
+#if defined(MBEDTLS_FS_IO)
+int mbedtls_hmac_drbg_write_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    FILE *f;
+    unsigned char buf[MBEDTLS_HMAC_DRBG_MAX_INPUT];
+
+    if ((f = fopen(path, "wb")) == NULL) {
+        return MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR;
+    }
+
+    if ((ret = mbedtls_hmac_drbg_random(ctx, buf, sizeof(buf))) != 0) {
+        goto exit;
+    }
+
+    if (fwrite(buf, 1, sizeof(buf), f) != sizeof(buf)) {
+        ret = MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR;
+        goto exit;
+    }
+
+    ret = 0;
+
+exit:
+    fclose(f);
+    mbedtls_platform_zeroize(buf, sizeof(buf));
+
+    return ret;
+}
+
+int mbedtls_hmac_drbg_update_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path)
+{
+    int ret = 0;
+    FILE *f = NULL;
+    size_t n;
+    unsigned char buf[MBEDTLS_HMAC_DRBG_MAX_INPUT];
+    unsigned char c;
+
+    if ((f = fopen(path, "rb")) == NULL) {
+        return MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR;
+    }
+
+    n = fread(buf, 1, sizeof(buf), f);
+    if (fread(&c, 1, 1, f) != 0) {
+        ret = MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG;
+        goto exit;
+    }
+    if (n == 0 || ferror(f)) {
+        ret = MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR;
+        goto exit;
+    }
+    fclose(f);
+    f = NULL;
+
+    ret = mbedtls_hmac_drbg_update_ret(ctx, buf, n);
+
+exit:
+    mbedtls_platform_zeroize(buf, sizeof(buf));
+    if (f != NULL) {
+        fclose(f);
+    }
+    if (ret != 0) {
+        return ret;
+    }
+    return mbedtls_hmac_drbg_write_seed_file(ctx, path);
+}
+#endif /* MBEDTLS_FS_IO */
+
+
+#if defined(MBEDTLS_SELF_TEST)
+
+#if !defined(MBEDTLS_SHA1_C)
+/* Dummy checkup routine */
+int mbedtls_hmac_drbg_self_test(int verbose)
+{
+    (void) verbose;
+    return 0;
+}
+#else
+
+#define OUTPUT_LEN  80
+
+/* From a NIST PR=true test vector */
+static const unsigned char entropy_pr[] = {
+    0xa0, 0xc9, 0xab, 0x58, 0xf1, 0xe2, 0xe5, 0xa4, 0xde, 0x3e, 0xbd, 0x4f,
+    0xf7, 0x3e, 0x9c, 0x5b, 0x64, 0xef, 0xd8, 0xca, 0x02, 0x8c, 0xf8, 0x11,
+    0x48, 0xa5, 0x84, 0xfe, 0x69, 0xab, 0x5a, 0xee, 0x42, 0xaa, 0x4d, 0x42,
+    0x17, 0x60, 0x99, 0xd4, 0x5e, 0x13, 0x97, 0xdc, 0x40, 0x4d, 0x86, 0xa3,
+    0x7b, 0xf5, 0x59, 0x54, 0x75, 0x69, 0x51, 0xe4
+};
+static const unsigned char result_pr[OUTPUT_LEN] = {
+    0x9a, 0x00, 0xa2, 0xd0, 0x0e, 0xd5, 0x9b, 0xfe, 0x31, 0xec, 0xb1, 0x39,
+    0x9b, 0x60, 0x81, 0x48, 0xd1, 0x96, 0x9d, 0x25, 0x0d, 0x3c, 0x1e, 0x94,
+    0x10, 0x10, 0x98, 0x12, 0x93, 0x25, 0xca, 0xb8, 0xfc, 0xcc, 0x2d, 0x54,
+    0x73, 0x19, 0x70, 0xc0, 0x10, 0x7a, 0xa4, 0x89, 0x25, 0x19, 0x95, 0x5e,
+    0x4b, 0xc6, 0x00, 0x1d, 0x7f, 0x4e, 0x6a, 0x2b, 0xf8, 0xa3, 0x01, 0xab,
+    0x46, 0x05, 0x5c, 0x09, 0xa6, 0x71, 0x88, 0xf1, 0xa7, 0x40, 0xee, 0xf3,
+    0xe1, 0x5c, 0x02, 0x9b, 0x44, 0xaf, 0x03, 0x44
+};
+
+/* From a NIST PR=false test vector */
+static const unsigned char entropy_nopr[] = {
+    0x79, 0x34, 0x9b, 0xbf, 0x7c, 0xdd, 0xa5, 0x79, 0x95, 0x57, 0x86, 0x66,
+    0x21, 0xc9, 0x13, 0x83, 0x11, 0x46, 0x73, 0x3a, 0xbf, 0x8c, 0x35, 0xc8,
+    0xc7, 0x21, 0x5b, 0x5b, 0x96, 0xc4, 0x8e, 0x9b, 0x33, 0x8c, 0x74, 0xe3,
+    0xe9, 0x9d, 0xfe, 0xdf
+};
+static const unsigned char result_nopr[OUTPUT_LEN] = {
+    0xc6, 0xa1, 0x6a, 0xb8, 0xd4, 0x20, 0x70, 0x6f, 0x0f, 0x34, 0xab, 0x7f,
+    0xec, 0x5a, 0xdc, 0xa9, 0xd8, 0xca, 0x3a, 0x13, 0x3e, 0x15, 0x9c, 0xa6,
+    0xac, 0x43, 0xc6, 0xf8, 0xa2, 0xbe, 0x22, 0x83, 0x4a, 0x4c, 0x0a, 0x0a,
+    0xff, 0xb1, 0x0d, 0x71, 0x94, 0xf1, 0xc1, 0xa5, 0xcf, 0x73, 0x22, 0xec,
+    0x1a, 0xe0, 0x96, 0x4e, 0xd4, 0xbf, 0x12, 0x27, 0x46, 0xe0, 0x87, 0xfd,
+    0xb5, 0xb3, 0xe9, 0x1b, 0x34, 0x93, 0xd5, 0xbb, 0x98, 0xfa, 0xed, 0x49,
+    0xe8, 0x5f, 0x13, 0x0f, 0xc8, 0xa4, 0x59, 0xb7
+};
+
+/* "Entropy" from buffer */
+static size_t test_offset;
+static int hmac_drbg_self_test_entropy(void *data,
+                                       unsigned char *buf, size_t len)
+{
+    const unsigned char *p = data;
+    memcpy(buf, p + test_offset, len);
+    test_offset += len;
+    return 0;
+}
+
+#define CHK(c)    if ((c) != 0)                          \
+    {                                       \
+        if (verbose != 0)                  \
+        mbedtls_printf("failed\n");  \
+        return 1;                        \
+    }
+
+/*
+ * Checkup routine for HMAC_DRBG with SHA-1
+ */
+int mbedtls_hmac_drbg_self_test(int verbose)
+{
+    mbedtls_hmac_drbg_context ctx;
+    unsigned char buf[OUTPUT_LEN];
+    const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1);
+
+    mbedtls_hmac_drbg_init(&ctx);
+
+    /*
+     * PR = True
+     */
+    if (verbose != 0) {
+        mbedtls_printf("  HMAC_DRBG (PR = True) : ");
+    }
+
+    test_offset = 0;
+    CHK(mbedtls_hmac_drbg_seed(&ctx, md_info,
+                               hmac_drbg_self_test_entropy, (void *) entropy_pr,
+                               NULL, 0));
+    mbedtls_hmac_drbg_set_prediction_resistance(&ctx, MBEDTLS_HMAC_DRBG_PR_ON);
+    CHK(mbedtls_hmac_drbg_random(&ctx, buf, OUTPUT_LEN));
+    CHK(mbedtls_hmac_drbg_random(&ctx, buf, OUTPUT_LEN));
+    CHK(memcmp(buf, result_pr, OUTPUT_LEN));
+    mbedtls_hmac_drbg_free(&ctx);
+
+    mbedtls_hmac_drbg_free(&ctx);
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n");
+    }
+
+    /*
+     * PR = False
+     */
+    if (verbose != 0) {
+        mbedtls_printf("  HMAC_DRBG (PR = False) : ");
+    }
+
+    mbedtls_hmac_drbg_init(&ctx);
+
+    test_offset = 0;
+    CHK(mbedtls_hmac_drbg_seed(&ctx, md_info,
+                               hmac_drbg_self_test_entropy, (void *) entropy_nopr,
+                               NULL, 0));
+    CHK(mbedtls_hmac_drbg_reseed(&ctx, NULL, 0));
+    CHK(mbedtls_hmac_drbg_random(&ctx, buf, OUTPUT_LEN));
+    CHK(mbedtls_hmac_drbg_random(&ctx, buf, OUTPUT_LEN));
+    CHK(memcmp(buf, result_nopr, OUTPUT_LEN));
+    mbedtls_hmac_drbg_free(&ctx);
+
+    mbedtls_hmac_drbg_free(&ctx);
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n");
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_HMAC_DRBG_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/md.c b/3rdparty/mbedtls-2.28.7/library/md.c
new file mode 100644
index 0000000..3e4a1c1
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/md.c
@@ -0,0 +1,902 @@
+/**
+ * \file md.c
+ *
+ * \brief Generic message digest wrapper for Mbed TLS
+ *
+ * \author Adriaan de Jong <dejong@fox-it.com>
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_MD_C)
+
+#include "mbedtls/md.h"
+#include "mbedtls/md_internal.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#include "mbedtls/md2.h"
+#include "mbedtls/md4.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/ripemd160.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+
+#include "mbedtls/platform.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_FS_IO)
+#include <stdio.h>
+#endif
+
+#if defined(MBEDTLS_MD2_C)
+const mbedtls_md_info_t mbedtls_md2_info = {
+    "MD2",
+    MBEDTLS_MD_MD2,
+    16,
+    16,
+};
+#endif
+
+#if defined(MBEDTLS_MD4_C)
+const mbedtls_md_info_t mbedtls_md4_info = {
+    "MD4",
+    MBEDTLS_MD_MD4,
+    16,
+    64,
+};
+#endif
+
+#if defined(MBEDTLS_MD5_C)
+const mbedtls_md_info_t mbedtls_md5_info = {
+    "MD5",
+    MBEDTLS_MD_MD5,
+    16,
+    64,
+};
+#endif
+
+#if defined(MBEDTLS_RIPEMD160_C)
+const mbedtls_md_info_t mbedtls_ripemd160_info = {
+    "RIPEMD160",
+    MBEDTLS_MD_RIPEMD160,
+    20,
+    64,
+};
+#endif
+
+#if defined(MBEDTLS_SHA1_C)
+const mbedtls_md_info_t mbedtls_sha1_info = {
+    "SHA1",
+    MBEDTLS_MD_SHA1,
+    20,
+    64,
+};
+#endif
+
+#if defined(MBEDTLS_SHA256_C)
+const mbedtls_md_info_t mbedtls_sha224_info = {
+    "SHA224",
+    MBEDTLS_MD_SHA224,
+    28,
+    64,
+};
+
+const mbedtls_md_info_t mbedtls_sha256_info = {
+    "SHA256",
+    MBEDTLS_MD_SHA256,
+    32,
+    64,
+};
+#endif
+
+#if defined(MBEDTLS_SHA512_C)
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
+const mbedtls_md_info_t mbedtls_sha384_info = {
+    "SHA384",
+    MBEDTLS_MD_SHA384,
+    48,
+    128,
+};
+#endif
+
+const mbedtls_md_info_t mbedtls_sha512_info = {
+    "SHA512",
+    MBEDTLS_MD_SHA512,
+    64,
+    128,
+};
+#endif
+
+/*
+ * Reminder: update profiles in x509_crt.c when adding a new hash!
+ */
+static const int supported_digests[] = {
+
+#if defined(MBEDTLS_SHA512_C)
+    MBEDTLS_MD_SHA512,
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
+    MBEDTLS_MD_SHA384,
+#endif
+#endif
+
+#if defined(MBEDTLS_SHA256_C)
+    MBEDTLS_MD_SHA256,
+    MBEDTLS_MD_SHA224,
+#endif
+
+#if defined(MBEDTLS_SHA1_C)
+    MBEDTLS_MD_SHA1,
+#endif
+
+#if defined(MBEDTLS_RIPEMD160_C)
+    MBEDTLS_MD_RIPEMD160,
+#endif
+
+#if defined(MBEDTLS_MD5_C)
+    MBEDTLS_MD_MD5,
+#endif
+
+#if defined(MBEDTLS_MD4_C)
+    MBEDTLS_MD_MD4,
+#endif
+
+#if defined(MBEDTLS_MD2_C)
+    MBEDTLS_MD_MD2,
+#endif
+
+    MBEDTLS_MD_NONE
+};
+
+const int *mbedtls_md_list(void)
+{
+    return supported_digests;
+}
+
+const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name)
+{
+    if (NULL == md_name) {
+        return NULL;
+    }
+
+    /* Get the appropriate digest information */
+#if defined(MBEDTLS_MD2_C)
+    if (!strcmp("MD2", md_name)) {
+        return mbedtls_md_info_from_type(MBEDTLS_MD_MD2);
+    }
+#endif
+#if defined(MBEDTLS_MD4_C)
+    if (!strcmp("MD4", md_name)) {
+        return mbedtls_md_info_from_type(MBEDTLS_MD_MD4);
+    }
+#endif
+#if defined(MBEDTLS_MD5_C)
+    if (!strcmp("MD5", md_name)) {
+        return mbedtls_md_info_from_type(MBEDTLS_MD_MD5);
+    }
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+    if (!strcmp("RIPEMD160", md_name)) {
+        return mbedtls_md_info_from_type(MBEDTLS_MD_RIPEMD160);
+    }
+#endif
+#if defined(MBEDTLS_SHA1_C)
+    if (!strcmp("SHA1", md_name) || !strcmp("SHA", md_name)) {
+        return mbedtls_md_info_from_type(MBEDTLS_MD_SHA1);
+    }
+#endif
+#if defined(MBEDTLS_SHA256_C)
+    if (!strcmp("SHA224", md_name)) {
+        return mbedtls_md_info_from_type(MBEDTLS_MD_SHA224);
+    }
+    if (!strcmp("SHA256", md_name)) {
+        return mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
+    }
+#endif
+#if defined(MBEDTLS_SHA512_C)
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
+    if (!strcmp("SHA384", md_name)) {
+        return mbedtls_md_info_from_type(MBEDTLS_MD_SHA384);
+    }
+#endif
+    if (!strcmp("SHA512", md_name)) {
+        return mbedtls_md_info_from_type(MBEDTLS_MD_SHA512);
+    }
+#endif
+    return NULL;
+}
+
+const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type)
+{
+    switch (md_type) {
+#if defined(MBEDTLS_MD2_C)
+        case MBEDTLS_MD_MD2:
+            return &mbedtls_md2_info;
+#endif
+#if defined(MBEDTLS_MD4_C)
+        case MBEDTLS_MD_MD4:
+            return &mbedtls_md4_info;
+#endif
+#if defined(MBEDTLS_MD5_C)
+        case MBEDTLS_MD_MD5:
+            return &mbedtls_md5_info;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+        case MBEDTLS_MD_RIPEMD160:
+            return &mbedtls_ripemd160_info;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case MBEDTLS_MD_SHA1:
+            return &mbedtls_sha1_info;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case MBEDTLS_MD_SHA224:
+            return &mbedtls_sha224_info;
+        case MBEDTLS_MD_SHA256:
+            return &mbedtls_sha256_info;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
+        case MBEDTLS_MD_SHA384:
+            return &mbedtls_sha384_info;
+#endif
+        case MBEDTLS_MD_SHA512:
+            return &mbedtls_sha512_info;
+#endif
+        default:
+            return NULL;
+    }
+}
+
+void mbedtls_md_init(mbedtls_md_context_t *ctx)
+{
+    memset(ctx, 0, sizeof(mbedtls_md_context_t));
+}
+
+void mbedtls_md_free(mbedtls_md_context_t *ctx)
+{
+    if (ctx == NULL || ctx->md_info == NULL) {
+        return;
+    }
+
+    if (ctx->md_ctx != NULL) {
+        switch (ctx->md_info->type) {
+#if defined(MBEDTLS_MD2_C)
+            case MBEDTLS_MD_MD2:
+                mbedtls_md2_free(ctx->md_ctx);
+                break;
+#endif
+#if defined(MBEDTLS_MD4_C)
+            case MBEDTLS_MD_MD4:
+                mbedtls_md4_free(ctx->md_ctx);
+                break;
+#endif
+#if defined(MBEDTLS_MD5_C)
+            case MBEDTLS_MD_MD5:
+                mbedtls_md5_free(ctx->md_ctx);
+                break;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+            case MBEDTLS_MD_RIPEMD160:
+                mbedtls_ripemd160_free(ctx->md_ctx);
+                break;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+            case MBEDTLS_MD_SHA1:
+                mbedtls_sha1_free(ctx->md_ctx);
+                break;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+            case MBEDTLS_MD_SHA224:
+            case MBEDTLS_MD_SHA256:
+                mbedtls_sha256_free(ctx->md_ctx);
+                break;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
+            case MBEDTLS_MD_SHA384:
+#endif
+            case MBEDTLS_MD_SHA512:
+                mbedtls_sha512_free(ctx->md_ctx);
+                break;
+#endif
+            default:
+                /* Shouldn't happen */
+                break;
+        }
+        mbedtls_free(ctx->md_ctx);
+    }
+
+    if (ctx->hmac_ctx != NULL) {
+        mbedtls_platform_zeroize(ctx->hmac_ctx,
+                                 2 * ctx->md_info->block_size);
+        mbedtls_free(ctx->hmac_ctx);
+    }
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_md_context_t));
+}
+
+int mbedtls_md_clone(mbedtls_md_context_t *dst,
+                     const mbedtls_md_context_t *src)
+{
+    if (dst == NULL || dst->md_info == NULL ||
+        src == NULL || src->md_info == NULL ||
+        dst->md_info != src->md_info) {
+        return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+    }
+
+    switch (src->md_info->type) {
+#if defined(MBEDTLS_MD2_C)
+        case MBEDTLS_MD_MD2:
+            mbedtls_md2_clone(dst->md_ctx, src->md_ctx);
+            break;
+#endif
+#if defined(MBEDTLS_MD4_C)
+        case MBEDTLS_MD_MD4:
+            mbedtls_md4_clone(dst->md_ctx, src->md_ctx);
+            break;
+#endif
+#if defined(MBEDTLS_MD5_C)
+        case MBEDTLS_MD_MD5:
+            mbedtls_md5_clone(dst->md_ctx, src->md_ctx);
+            break;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+        case MBEDTLS_MD_RIPEMD160:
+            mbedtls_ripemd160_clone(dst->md_ctx, src->md_ctx);
+            break;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case MBEDTLS_MD_SHA1:
+            mbedtls_sha1_clone(dst->md_ctx, src->md_ctx);
+            break;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case MBEDTLS_MD_SHA224:
+        case MBEDTLS_MD_SHA256:
+            mbedtls_sha256_clone(dst->md_ctx, src->md_ctx);
+            break;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
+        case MBEDTLS_MD_SHA384:
+#endif
+        case MBEDTLS_MD_SHA512:
+            mbedtls_sha512_clone(dst->md_ctx, src->md_ctx);
+            break;
+#endif
+        default:
+            return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+    }
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+int mbedtls_md_init_ctx(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info)
+{
+    return mbedtls_md_setup(ctx, md_info, 1);
+}
+#endif
+
+#define ALLOC(type)                                                   \
+    do {                                                                \
+        ctx->md_ctx = mbedtls_calloc(1, sizeof(mbedtls_##type##_context)); \
+        if (ctx->md_ctx == NULL)                                       \
+        return MBEDTLS_ERR_MD_ALLOC_FAILED;                      \
+        mbedtls_##type##_init(ctx->md_ctx);                           \
+    }                                                                   \
+    while (0)
+
+int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac)
+{
+    if (md_info == NULL || ctx == NULL) {
+        return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+    }
+
+    ctx->md_info = md_info;
+    ctx->md_ctx = NULL;
+    ctx->hmac_ctx = NULL;
+
+    switch (md_info->type) {
+#if defined(MBEDTLS_MD2_C)
+        case MBEDTLS_MD_MD2:
+            ALLOC(md2);
+            break;
+#endif
+#if defined(MBEDTLS_MD4_C)
+        case MBEDTLS_MD_MD4:
+            ALLOC(md4);
+            break;
+#endif
+#if defined(MBEDTLS_MD5_C)
+        case MBEDTLS_MD_MD5:
+            ALLOC(md5);
+            break;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+        case MBEDTLS_MD_RIPEMD160:
+            ALLOC(ripemd160);
+            break;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case MBEDTLS_MD_SHA1:
+            ALLOC(sha1);
+            break;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case MBEDTLS_MD_SHA224:
+        case MBEDTLS_MD_SHA256:
+            ALLOC(sha256);
+            break;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
+        case MBEDTLS_MD_SHA384:
+#endif
+        case MBEDTLS_MD_SHA512:
+            ALLOC(sha512);
+            break;
+#endif
+        default:
+            return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+    }
+
+    if (hmac != 0) {
+        ctx->hmac_ctx = mbedtls_calloc(2, md_info->block_size);
+        if (ctx->hmac_ctx == NULL) {
+            mbedtls_md_free(ctx);
+            return MBEDTLS_ERR_MD_ALLOC_FAILED;
+        }
+    }
+
+    return 0;
+}
+#undef ALLOC
+
+int mbedtls_md_starts(mbedtls_md_context_t *ctx)
+{
+    if (ctx == NULL || ctx->md_info == NULL) {
+        return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+    }
+
+    switch (ctx->md_info->type) {
+#if defined(MBEDTLS_MD2_C)
+        case MBEDTLS_MD_MD2:
+            return mbedtls_md2_starts_ret(ctx->md_ctx);
+#endif
+#if defined(MBEDTLS_MD4_C)
+        case MBEDTLS_MD_MD4:
+            return mbedtls_md4_starts_ret(ctx->md_ctx);
+#endif
+#if defined(MBEDTLS_MD5_C)
+        case MBEDTLS_MD_MD5:
+            return mbedtls_md5_starts_ret(ctx->md_ctx);
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+        case MBEDTLS_MD_RIPEMD160:
+            return mbedtls_ripemd160_starts_ret(ctx->md_ctx);
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case MBEDTLS_MD_SHA1:
+            return mbedtls_sha1_starts_ret(ctx->md_ctx);
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case MBEDTLS_MD_SHA224:
+            return mbedtls_sha256_starts_ret(ctx->md_ctx, 1);
+        case MBEDTLS_MD_SHA256:
+            return mbedtls_sha256_starts_ret(ctx->md_ctx, 0);
+#endif
+#if defined(MBEDTLS_SHA512_C)
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
+        case MBEDTLS_MD_SHA384:
+            return mbedtls_sha512_starts_ret(ctx->md_ctx, 1);
+#endif
+        case MBEDTLS_MD_SHA512:
+            return mbedtls_sha512_starts_ret(ctx->md_ctx, 0);
+#endif
+        default:
+            return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+    }
+}
+
+int mbedtls_md_update(mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen)
+{
+    if (ctx == NULL || ctx->md_info == NULL) {
+        return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+    }
+
+    switch (ctx->md_info->type) {
+#if defined(MBEDTLS_MD2_C)
+        case MBEDTLS_MD_MD2:
+            return mbedtls_md2_update_ret(ctx->md_ctx, input, ilen);
+#endif
+#if defined(MBEDTLS_MD4_C)
+        case MBEDTLS_MD_MD4:
+            return mbedtls_md4_update_ret(ctx->md_ctx, input, ilen);
+#endif
+#if defined(MBEDTLS_MD5_C)
+        case MBEDTLS_MD_MD5:
+            return mbedtls_md5_update_ret(ctx->md_ctx, input, ilen);
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+        case MBEDTLS_MD_RIPEMD160:
+            return mbedtls_ripemd160_update_ret(ctx->md_ctx, input, ilen);
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case MBEDTLS_MD_SHA1:
+            return mbedtls_sha1_update_ret(ctx->md_ctx, input, ilen);
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case MBEDTLS_MD_SHA224:
+        case MBEDTLS_MD_SHA256:
+            return mbedtls_sha256_update_ret(ctx->md_ctx, input, ilen);
+#endif
+#if defined(MBEDTLS_SHA512_C)
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
+        case MBEDTLS_MD_SHA384:
+#endif
+        case MBEDTLS_MD_SHA512:
+            return mbedtls_sha512_update_ret(ctx->md_ctx, input, ilen);
+#endif
+        default:
+            return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+    }
+}
+
+int mbedtls_md_finish(mbedtls_md_context_t *ctx, unsigned char *output)
+{
+    if (ctx == NULL || ctx->md_info == NULL) {
+        return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+    }
+
+    switch (ctx->md_info->type) {
+#if defined(MBEDTLS_MD2_C)
+        case MBEDTLS_MD_MD2:
+            return mbedtls_md2_finish_ret(ctx->md_ctx, output);
+#endif
+#if defined(MBEDTLS_MD4_C)
+        case MBEDTLS_MD_MD4:
+            return mbedtls_md4_finish_ret(ctx->md_ctx, output);
+#endif
+#if defined(MBEDTLS_MD5_C)
+        case MBEDTLS_MD_MD5:
+            return mbedtls_md5_finish_ret(ctx->md_ctx, output);
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+        case MBEDTLS_MD_RIPEMD160:
+            return mbedtls_ripemd160_finish_ret(ctx->md_ctx, output);
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case MBEDTLS_MD_SHA1:
+            return mbedtls_sha1_finish_ret(ctx->md_ctx, output);
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case MBEDTLS_MD_SHA224:
+        case MBEDTLS_MD_SHA256:
+            return mbedtls_sha256_finish_ret(ctx->md_ctx, output);
+#endif
+#if defined(MBEDTLS_SHA512_C)
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
+        case MBEDTLS_MD_SHA384:
+#endif
+        case MBEDTLS_MD_SHA512:
+            return mbedtls_sha512_finish_ret(ctx->md_ctx, output);
+#endif
+        default:
+            return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+    }
+}
+
+int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
+               unsigned char *output)
+{
+    if (md_info == NULL) {
+        return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+    }
+
+    switch (md_info->type) {
+#if defined(MBEDTLS_MD2_C)
+        case MBEDTLS_MD_MD2:
+            return mbedtls_md2_ret(input, ilen, output);
+#endif
+#if defined(MBEDTLS_MD4_C)
+        case MBEDTLS_MD_MD4:
+            return mbedtls_md4_ret(input, ilen, output);
+#endif
+#if defined(MBEDTLS_MD5_C)
+        case MBEDTLS_MD_MD5:
+            return mbedtls_md5_ret(input, ilen, output);
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+        case MBEDTLS_MD_RIPEMD160:
+            return mbedtls_ripemd160_ret(input, ilen, output);
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case MBEDTLS_MD_SHA1:
+            return mbedtls_sha1_ret(input, ilen, output);
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case MBEDTLS_MD_SHA224:
+            return mbedtls_sha256_ret(input, ilen, output, 1);
+        case MBEDTLS_MD_SHA256:
+            return mbedtls_sha256_ret(input, ilen, output, 0);
+#endif
+#if defined(MBEDTLS_SHA512_C)
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
+        case MBEDTLS_MD_SHA384:
+            return mbedtls_sha512_ret(input, ilen, output, 1);
+#endif
+        case MBEDTLS_MD_SHA512:
+            return mbedtls_sha512_ret(input, ilen, output, 0);
+#endif
+        default:
+            return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+    }
+}
+
+#if defined(MBEDTLS_FS_IO)
+int mbedtls_md_file(const mbedtls_md_info_t *md_info, const char *path, unsigned char *output)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    FILE *f;
+    size_t n;
+    mbedtls_md_context_t ctx;
+    unsigned char buf[1024];
+
+    if (md_info == NULL) {
+        return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+    }
+
+    if ((f = fopen(path, "rb")) == NULL) {
+        return MBEDTLS_ERR_MD_FILE_IO_ERROR;
+    }
+
+    mbedtls_md_init(&ctx);
+
+    if ((ret = mbedtls_md_setup(&ctx, md_info, 0)) != 0) {
+        goto cleanup;
+    }
+
+    if ((ret = mbedtls_md_starts(&ctx)) != 0) {
+        goto cleanup;
+    }
+
+    while ((n = fread(buf, 1, sizeof(buf), f)) > 0) {
+        if ((ret = mbedtls_md_update(&ctx, buf, n)) != 0) {
+            goto cleanup;
+        }
+    }
+
+    if (ferror(f) != 0) {
+        ret = MBEDTLS_ERR_MD_FILE_IO_ERROR;
+    } else {
+        ret = mbedtls_md_finish(&ctx, output);
+    }
+
+cleanup:
+    mbedtls_platform_zeroize(buf, sizeof(buf));
+    fclose(f);
+    mbedtls_md_free(&ctx);
+
+    return ret;
+}
+#endif /* MBEDTLS_FS_IO */
+
+int mbedtls_md_hmac_starts(mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char sum[MBEDTLS_MD_MAX_SIZE];
+    unsigned char *ipad, *opad;
+    size_t i;
+
+    if (ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL) {
+        return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+    }
+
+    if (keylen > (size_t) ctx->md_info->block_size) {
+        if ((ret = mbedtls_md_starts(ctx)) != 0) {
+            goto cleanup;
+        }
+        if ((ret = mbedtls_md_update(ctx, key, keylen)) != 0) {
+            goto cleanup;
+        }
+        if ((ret = mbedtls_md_finish(ctx, sum)) != 0) {
+            goto cleanup;
+        }
+
+        keylen = ctx->md_info->size;
+        key = sum;
+    }
+
+    ipad = (unsigned char *) ctx->hmac_ctx;
+    opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
+
+    memset(ipad, 0x36, ctx->md_info->block_size);
+    memset(opad, 0x5C, ctx->md_info->block_size);
+
+    for (i = 0; i < keylen; i++) {
+        ipad[i] = (unsigned char) (ipad[i] ^ key[i]);
+        opad[i] = (unsigned char) (opad[i] ^ key[i]);
+    }
+
+    if ((ret = mbedtls_md_starts(ctx)) != 0) {
+        goto cleanup;
+    }
+    if ((ret = mbedtls_md_update(ctx, ipad,
+                                 ctx->md_info->block_size)) != 0) {
+        goto cleanup;
+    }
+
+cleanup:
+    mbedtls_platform_zeroize(sum, sizeof(sum));
+
+    return ret;
+}
+
+int mbedtls_md_hmac_update(mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen)
+{
+    if (ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL) {
+        return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+    }
+
+    return mbedtls_md_update(ctx, input, ilen);
+}
+
+int mbedtls_md_hmac_finish(mbedtls_md_context_t *ctx, unsigned char *output)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
+    unsigned char *opad;
+
+    if (ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL) {
+        return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+    }
+
+    opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
+
+    if ((ret = mbedtls_md_finish(ctx, tmp)) != 0) {
+        return ret;
+    }
+    if ((ret = mbedtls_md_starts(ctx)) != 0) {
+        return ret;
+    }
+    if ((ret = mbedtls_md_update(ctx, opad,
+                                 ctx->md_info->block_size)) != 0) {
+        return ret;
+    }
+    if ((ret = mbedtls_md_update(ctx, tmp,
+                                 ctx->md_info->size)) != 0) {
+        return ret;
+    }
+    return mbedtls_md_finish(ctx, output);
+}
+
+int mbedtls_md_hmac_reset(mbedtls_md_context_t *ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *ipad;
+
+    if (ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL) {
+        return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+    }
+
+    ipad = (unsigned char *) ctx->hmac_ctx;
+
+    if ((ret = mbedtls_md_starts(ctx)) != 0) {
+        return ret;
+    }
+    return mbedtls_md_update(ctx, ipad, ctx->md_info->block_size);
+}
+
+int mbedtls_md_hmac(const mbedtls_md_info_t *md_info,
+                    const unsigned char *key, size_t keylen,
+                    const unsigned char *input, size_t ilen,
+                    unsigned char *output)
+{
+    mbedtls_md_context_t ctx;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if (md_info == NULL) {
+        return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+    }
+
+    mbedtls_md_init(&ctx);
+
+    if ((ret = mbedtls_md_setup(&ctx, md_info, 1)) != 0) {
+        goto cleanup;
+    }
+
+    if ((ret = mbedtls_md_hmac_starts(&ctx, key, keylen)) != 0) {
+        goto cleanup;
+    }
+    if ((ret = mbedtls_md_hmac_update(&ctx, input, ilen)) != 0) {
+        goto cleanup;
+    }
+    if ((ret = mbedtls_md_hmac_finish(&ctx, output)) != 0) {
+        goto cleanup;
+    }
+
+cleanup:
+    mbedtls_md_free(&ctx);
+
+    return ret;
+}
+
+int mbedtls_md_process(mbedtls_md_context_t *ctx, const unsigned char *data)
+{
+    if (ctx == NULL || ctx->md_info == NULL) {
+        return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+    }
+
+    switch (ctx->md_info->type) {
+#if defined(MBEDTLS_MD2_C)
+        case MBEDTLS_MD_MD2:
+            return mbedtls_internal_md2_process(ctx->md_ctx);
+#endif
+#if defined(MBEDTLS_MD4_C)
+        case MBEDTLS_MD_MD4:
+            return mbedtls_internal_md4_process(ctx->md_ctx, data);
+#endif
+#if defined(MBEDTLS_MD5_C)
+        case MBEDTLS_MD_MD5:
+            return mbedtls_internal_md5_process(ctx->md_ctx, data);
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+        case MBEDTLS_MD_RIPEMD160:
+            return mbedtls_internal_ripemd160_process(ctx->md_ctx, data);
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case MBEDTLS_MD_SHA1:
+            return mbedtls_internal_sha1_process(ctx->md_ctx, data);
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case MBEDTLS_MD_SHA224:
+        case MBEDTLS_MD_SHA256:
+            return mbedtls_internal_sha256_process(ctx->md_ctx, data);
+#endif
+#if defined(MBEDTLS_SHA512_C)
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
+        case MBEDTLS_MD_SHA384:
+#endif
+        case MBEDTLS_MD_SHA512:
+            return mbedtls_internal_sha512_process(ctx->md_ctx, data);
+#endif
+        default:
+            return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+    }
+}
+
+unsigned char mbedtls_md_get_size(const mbedtls_md_info_t *md_info)
+{
+    if (md_info == NULL) {
+        return 0;
+    }
+
+    return md_info->size;
+}
+
+mbedtls_md_type_t mbedtls_md_get_type(const mbedtls_md_info_t *md_info)
+{
+    if (md_info == NULL) {
+        return MBEDTLS_MD_NONE;
+    }
+
+    return md_info->type;
+}
+
+const char *mbedtls_md_get_name(const mbedtls_md_info_t *md_info)
+{
+    if (md_info == NULL) {
+        return NULL;
+    }
+
+    return md_info->name;
+}
+
+#endif /* MBEDTLS_MD_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/md2.c b/3rdparty/mbedtls-2.28.7/library/md2.c
new file mode 100644
index 0000000..b552d5f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/md2.c
@@ -0,0 +1,347 @@
+/*
+ *  RFC 1115/1319 compliant MD2 implementation
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  The MD2 algorithm was designed by Ron Rivest in 1989.
+ *
+ *  http://www.ietf.org/rfc/rfc1115.txt
+ *  http://www.ietf.org/rfc/rfc1319.txt
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_MD2_C)
+
+#include "mbedtls/md2.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_MD2_ALT)
+
+static const unsigned char PI_SUBST[256] =
+{
+    0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01, 0x3D, 0x36,
+    0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13, 0x62, 0xA7, 0x05, 0xF3,
+    0xC0, 0xC7, 0x73, 0x8C, 0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C,
+    0x82, 0xCA, 0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16,
+    0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12, 0xBE, 0x4E,
+    0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49, 0xA0, 0xFB, 0xF5, 0x8E,
+    0xBB, 0x2F, 0xEE, 0x7A, 0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2,
+    0x07, 0x3F, 0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21,
+    0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27, 0x35, 0x3E,
+    0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03, 0xFF, 0x19, 0x30, 0xB3,
+    0x48, 0xA5, 0xB5, 0xD1, 0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56,
+    0xAA, 0xC6, 0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6,
+    0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1, 0x45, 0x9D,
+    0x70, 0x59, 0x64, 0x71, 0x87, 0x20, 0x86, 0x5B, 0xCF, 0x65,
+    0xE6, 0x2D, 0xA8, 0x02, 0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0,
+    0xB9, 0xF6, 0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F,
+    0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A, 0xC3, 0x5C,
+    0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26, 0x2C, 0x53, 0x0D, 0x6E,
+    0x85, 0x28, 0x84, 0x09, 0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81,
+    0x4D, 0x52, 0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA,
+    0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A, 0x78, 0x88,
+    0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D, 0xE9, 0xCB, 0xD5, 0xFE,
+    0x3B, 0x00, 0x1D, 0x39, 0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58,
+    0xD0, 0xE4, 0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A,
+    0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A, 0xDB, 0x99,
+    0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14
+};
+
+void mbedtls_md2_init(mbedtls_md2_context *ctx)
+{
+    memset(ctx, 0, sizeof(mbedtls_md2_context));
+}
+
+void mbedtls_md2_free(mbedtls_md2_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_md2_context));
+}
+
+void mbedtls_md2_clone(mbedtls_md2_context *dst,
+                       const mbedtls_md2_context *src)
+{
+    *dst = *src;
+}
+
+/*
+ * MD2 context setup
+ */
+int mbedtls_md2_starts_ret(mbedtls_md2_context *ctx)
+{
+    memset(ctx->cksum, 0, 16);
+    memset(ctx->state, 0, 46);
+    memset(ctx->buffer, 0, 16);
+    ctx->left = 0;
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_md2_starts(mbedtls_md2_context *ctx)
+{
+    mbedtls_md2_starts_ret(ctx);
+}
+#endif
+
+#if !defined(MBEDTLS_MD2_PROCESS_ALT)
+int mbedtls_internal_md2_process(mbedtls_md2_context *ctx)
+{
+    int i, j;
+    unsigned char t = 0;
+
+    for (i = 0; i < 16; i++) {
+        ctx->state[i + 16] = ctx->buffer[i];
+        ctx->state[i + 32] =
+            (unsigned char) (ctx->buffer[i] ^ ctx->state[i]);
+    }
+
+    for (i = 0; i < 18; i++) {
+        for (j = 0; j < 48; j++) {
+            ctx->state[j] = (unsigned char)
+                            (ctx->state[j] ^ PI_SUBST[t]);
+            t  = ctx->state[j];
+        }
+
+        t = (unsigned char) (t + i);
+    }
+
+    t = ctx->cksum[15];
+
+    for (i = 0; i < 16; i++) {
+        ctx->cksum[i] = (unsigned char)
+                        (ctx->cksum[i] ^ PI_SUBST[ctx->buffer[i] ^ t]);
+        t  = ctx->cksum[i];
+    }
+
+    /* Zeroise variables to clear sensitive data from memory. */
+    mbedtls_platform_zeroize(&t, sizeof(t));
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_md2_process(mbedtls_md2_context *ctx)
+{
+    mbedtls_internal_md2_process(ctx);
+}
+#endif
+#endif /* !MBEDTLS_MD2_PROCESS_ALT */
+
+/*
+ * MD2 process buffer
+ */
+int mbedtls_md2_update_ret(mbedtls_md2_context *ctx,
+                           const unsigned char *input,
+                           size_t ilen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t fill;
+
+    while (ilen > 0) {
+        if (ilen > 16 - ctx->left) {
+            fill = 16 - ctx->left;
+        } else {
+            fill = ilen;
+        }
+
+        memcpy(ctx->buffer + ctx->left, input, fill);
+
+        ctx->left += fill;
+        input += fill;
+        ilen  -= fill;
+
+        if (ctx->left == 16) {
+            ctx->left = 0;
+            if ((ret = mbedtls_internal_md2_process(ctx)) != 0) {
+                return ret;
+            }
+        }
+    }
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_md2_update(mbedtls_md2_context *ctx,
+                        const unsigned char *input,
+                        size_t ilen)
+{
+    mbedtls_md2_update_ret(ctx, input, ilen);
+}
+#endif
+
+/*
+ * MD2 final digest
+ */
+int mbedtls_md2_finish_ret(mbedtls_md2_context *ctx,
+                           unsigned char output[16])
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t i;
+    unsigned char x;
+
+    x = (unsigned char) (16 - ctx->left);
+
+    for (i = ctx->left; i < 16; i++) {
+        ctx->buffer[i] = x;
+    }
+
+    if ((ret = mbedtls_internal_md2_process(ctx)) != 0) {
+        return ret;
+    }
+
+    memcpy(ctx->buffer, ctx->cksum, 16);
+    if ((ret = mbedtls_internal_md2_process(ctx)) != 0) {
+        return ret;
+    }
+
+    memcpy(output, ctx->state, 16);
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_md2_finish(mbedtls_md2_context *ctx,
+                        unsigned char output[16])
+{
+    mbedtls_md2_finish_ret(ctx, output);
+}
+#endif
+
+#endif /* !MBEDTLS_MD2_ALT */
+
+/*
+ * output = MD2( input buffer )
+ */
+int mbedtls_md2_ret(const unsigned char *input,
+                    size_t ilen,
+                    unsigned char output[16])
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_md2_context ctx;
+
+    mbedtls_md2_init(&ctx);
+
+    if ((ret = mbedtls_md2_starts_ret(&ctx)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_md2_update_ret(&ctx, input, ilen)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_md2_finish_ret(&ctx, output)) != 0) {
+        goto exit;
+    }
+
+exit:
+    mbedtls_md2_free(&ctx);
+
+    return ret;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_md2(const unsigned char *input,
+                 size_t ilen,
+                 unsigned char output[16])
+{
+    mbedtls_md2_ret(input, ilen, output);
+}
+#endif
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/*
+ * RFC 1319 test vectors
+ */
+static const unsigned char md2_test_str[7][81] =
+{
+    { "" },
+    { "a" },
+    { "abc" },
+    { "message digest" },
+    { "abcdefghijklmnopqrstuvwxyz" },
+    { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
+    { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" }
+};
+
+static const size_t md2_test_strlen[7] =
+{
+    0, 1, 3, 14, 26, 62, 80
+};
+
+static const unsigned char md2_test_sum[7][16] =
+{
+    { 0x83, 0x50, 0xE5, 0xA3, 0xE2, 0x4C, 0x15, 0x3D,
+      0xF2, 0x27, 0x5C, 0x9F, 0x80, 0x69, 0x27, 0x73 },
+    { 0x32, 0xEC, 0x01, 0xEC, 0x4A, 0x6D, 0xAC, 0x72,
+      0xC0, 0xAB, 0x96, 0xFB, 0x34, 0xC0, 0xB5, 0xD1 },
+    { 0xDA, 0x85, 0x3B, 0x0D, 0x3F, 0x88, 0xD9, 0x9B,
+      0x30, 0x28, 0x3A, 0x69, 0xE6, 0xDE, 0xD6, 0xBB },
+    { 0xAB, 0x4F, 0x49, 0x6B, 0xFB, 0x2A, 0x53, 0x0B,
+      0x21, 0x9F, 0xF3, 0x30, 0x31, 0xFE, 0x06, 0xB0 },
+    { 0x4E, 0x8D, 0xDF, 0xF3, 0x65, 0x02, 0x92, 0xAB,
+      0x5A, 0x41, 0x08, 0xC3, 0xAA, 0x47, 0x94, 0x0B },
+    { 0xDA, 0x33, 0xDE, 0xF2, 0xA4, 0x2D, 0xF1, 0x39,
+      0x75, 0x35, 0x28, 0x46, 0xC3, 0x03, 0x38, 0xCD },
+    { 0xD5, 0x97, 0x6F, 0x79, 0xD8, 0x3D, 0x3A, 0x0D,
+      0xC9, 0x80, 0x6C, 0x3C, 0x66, 0xF3, 0xEF, 0xD8 }
+};
+
+/*
+ * Checkup routine
+ */
+int mbedtls_md2_self_test(int verbose)
+{
+    int i, ret = 0;
+    unsigned char md2sum[16];
+
+    for (i = 0; i < 7; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  MD2 test #%d: ", i + 1);
+        }
+
+        ret = mbedtls_md2_ret(md2_test_str[i], md2_test_strlen[i], md2sum);
+        if (ret != 0) {
+            goto fail;
+        }
+
+        if (memcmp(md2sum, md2_test_sum[i], 16) != 0) {
+            ret = 1;
+            goto fail;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+    return 0;
+
+fail:
+    if (verbose != 0) {
+        mbedtls_printf("failed\n");
+    }
+
+    return ret;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_MD2_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/md4.c b/3rdparty/mbedtls-2.28.7/library/md4.c
new file mode 100644
index 0000000..8de85fb
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/md4.c
@@ -0,0 +1,451 @@
+/*
+ *  RFC 1186/1320 compliant MD4 implementation
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  The MD4 algorithm was designed by Ron Rivest in 1990.
+ *
+ *  http://www.ietf.org/rfc/rfc1186.txt
+ *  http://www.ietf.org/rfc/rfc1320.txt
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_MD4_C)
+
+#include "mbedtls/md4.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_MD4_ALT)
+
+void mbedtls_md4_init(mbedtls_md4_context *ctx)
+{
+    memset(ctx, 0, sizeof(mbedtls_md4_context));
+}
+
+void mbedtls_md4_free(mbedtls_md4_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_md4_context));
+}
+
+void mbedtls_md4_clone(mbedtls_md4_context *dst,
+                       const mbedtls_md4_context *src)
+{
+    *dst = *src;
+}
+
+/*
+ * MD4 context setup
+ */
+int mbedtls_md4_starts_ret(mbedtls_md4_context *ctx)
+{
+    ctx->total[0] = 0;
+    ctx->total[1] = 0;
+
+    ctx->state[0] = 0x67452301;
+    ctx->state[1] = 0xEFCDAB89;
+    ctx->state[2] = 0x98BADCFE;
+    ctx->state[3] = 0x10325476;
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_md4_starts(mbedtls_md4_context *ctx)
+{
+    mbedtls_md4_starts_ret(ctx);
+}
+#endif
+
+#if !defined(MBEDTLS_MD4_PROCESS_ALT)
+int mbedtls_internal_md4_process(mbedtls_md4_context *ctx,
+                                 const unsigned char data[64])
+{
+    struct {
+        uint32_t X[16], A, B, C, D;
+    } local;
+
+    local.X[0] = MBEDTLS_GET_UINT32_LE(data,  0);
+    local.X[1] = MBEDTLS_GET_UINT32_LE(data,  4);
+    local.X[2] = MBEDTLS_GET_UINT32_LE(data,  8);
+    local.X[3] = MBEDTLS_GET_UINT32_LE(data, 12);
+    local.X[4] = MBEDTLS_GET_UINT32_LE(data, 16);
+    local.X[5] = MBEDTLS_GET_UINT32_LE(data, 20);
+    local.X[6] = MBEDTLS_GET_UINT32_LE(data, 24);
+    local.X[7] = MBEDTLS_GET_UINT32_LE(data, 28);
+    local.X[8] = MBEDTLS_GET_UINT32_LE(data, 32);
+    local.X[9] = MBEDTLS_GET_UINT32_LE(data, 36);
+    local.X[10] = MBEDTLS_GET_UINT32_LE(data, 40);
+    local.X[11] = MBEDTLS_GET_UINT32_LE(data, 44);
+    local.X[12] = MBEDTLS_GET_UINT32_LE(data, 48);
+    local.X[13] = MBEDTLS_GET_UINT32_LE(data, 52);
+    local.X[14] = MBEDTLS_GET_UINT32_LE(data, 56);
+    local.X[15] = MBEDTLS_GET_UINT32_LE(data, 60);
+
+#define S(x, n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n))))
+
+    local.A = ctx->state[0];
+    local.B = ctx->state[1];
+    local.C = ctx->state[2];
+    local.D = ctx->state[3];
+
+#define F(x, y, z) (((x) & (y)) | ((~(x)) & (z)))
+#define P(a, b, c, d, x, s)                           \
+    do                                           \
+    {                                            \
+        (a) += F((b), (c), (d)) + (x);             \
+        (a) = S((a), (s));                        \
+    } while (0)
+
+
+    P(local.A, local.B, local.C, local.D, local.X[0],  3);
+    P(local.D, local.A, local.B, local.C, local.X[1],  7);
+    P(local.C, local.D, local.A, local.B, local.X[2], 11);
+    P(local.B, local.C, local.D, local.A, local.X[3], 19);
+    P(local.A, local.B, local.C, local.D, local.X[4],  3);
+    P(local.D, local.A, local.B, local.C, local.X[5],  7);
+    P(local.C, local.D, local.A, local.B, local.X[6], 11);
+    P(local.B, local.C, local.D, local.A, local.X[7], 19);
+    P(local.A, local.B, local.C, local.D, local.X[8],  3);
+    P(local.D, local.A, local.B, local.C, local.X[9],  7);
+    P(local.C, local.D, local.A, local.B, local.X[10], 11);
+    P(local.B, local.C, local.D, local.A, local.X[11], 19);
+    P(local.A, local.B, local.C, local.D, local.X[12],  3);
+    P(local.D, local.A, local.B, local.C, local.X[13],  7);
+    P(local.C, local.D, local.A, local.B, local.X[14], 11);
+    P(local.B, local.C, local.D, local.A, local.X[15], 19);
+
+#undef P
+#undef F
+
+#define F(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z)))
+#define P(a, b, c, d, x, s)                          \
+    do                                          \
+    {                                           \
+        (a) += F((b), (c), (d)) + (x) + 0x5A827999;       \
+        (a) = S((a), (s));                               \
+    } while (0)
+
+    P(local.A, local.B, local.C, local.D, local.X[0],  3);
+    P(local.D, local.A, local.B, local.C, local.X[4],  5);
+    P(local.C, local.D, local.A, local.B, local.X[8],  9);
+    P(local.B, local.C, local.D, local.A, local.X[12], 13);
+    P(local.A, local.B, local.C, local.D, local.X[1],  3);
+    P(local.D, local.A, local.B, local.C, local.X[5],  5);
+    P(local.C, local.D, local.A, local.B, local.X[9],  9);
+    P(local.B, local.C, local.D, local.A, local.X[13], 13);
+    P(local.A, local.B, local.C, local.D, local.X[2],  3);
+    P(local.D, local.A, local.B, local.C, local.X[6],  5);
+    P(local.C, local.D, local.A, local.B, local.X[10],  9);
+    P(local.B, local.C, local.D, local.A, local.X[14], 13);
+    P(local.A, local.B, local.C, local.D, local.X[3],  3);
+    P(local.D, local.A, local.B, local.C, local.X[7],  5);
+    P(local.C, local.D, local.A, local.B, local.X[11],  9);
+    P(local.B, local.C, local.D, local.A, local.X[15], 13);
+
+#undef P
+#undef F
+
+#define F(x, y, z) ((x) ^ (y) ^ (z))
+#define P(a, b, c, d, x, s)                                  \
+    do                                                  \
+    {                                                   \
+        (a) += F((b), (c), (d)) + (x) + 0x6ED9EBA1;       \
+        (a) = S((a), (s));                               \
+    } while (0)
+
+    P(local.A, local.B, local.C, local.D, local.X[0],  3);
+    P(local.D, local.A, local.B, local.C, local.X[8],  9);
+    P(local.C, local.D, local.A, local.B, local.X[4], 11);
+    P(local.B, local.C, local.D, local.A, local.X[12], 15);
+    P(local.A, local.B, local.C, local.D, local.X[2],  3);
+    P(local.D, local.A, local.B, local.C, local.X[10],  9);
+    P(local.C, local.D, local.A, local.B, local.X[6], 11);
+    P(local.B, local.C, local.D, local.A, local.X[14], 15);
+    P(local.A, local.B, local.C, local.D, local.X[1],  3);
+    P(local.D, local.A, local.B, local.C, local.X[9],  9);
+    P(local.C, local.D, local.A, local.B, local.X[5], 11);
+    P(local.B, local.C, local.D, local.A, local.X[13], 15);
+    P(local.A, local.B, local.C, local.D, local.X[3],  3);
+    P(local.D, local.A, local.B, local.C, local.X[11],  9);
+    P(local.C, local.D, local.A, local.B, local.X[7], 11);
+    P(local.B, local.C, local.D, local.A, local.X[15], 15);
+
+#undef F
+#undef P
+
+    ctx->state[0] += local.A;
+    ctx->state[1] += local.B;
+    ctx->state[2] += local.C;
+    ctx->state[3] += local.D;
+
+    /* Zeroise variables to clear sensitive data from memory. */
+    mbedtls_platform_zeroize(&local, sizeof(local));
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_md4_process(mbedtls_md4_context *ctx,
+                         const unsigned char data[64])
+{
+    mbedtls_internal_md4_process(ctx, data);
+}
+#endif
+#endif /* !MBEDTLS_MD4_PROCESS_ALT */
+
+/*
+ * MD4 process buffer
+ */
+int mbedtls_md4_update_ret(mbedtls_md4_context *ctx,
+                           const unsigned char *input,
+                           size_t ilen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t fill;
+    uint32_t left;
+
+    if (ilen == 0) {
+        return 0;
+    }
+
+    left = ctx->total[0] & 0x3F;
+    fill = 64 - left;
+
+    ctx->total[0] += (uint32_t) ilen;
+    ctx->total[0] &= 0xFFFFFFFF;
+
+    if (ctx->total[0] < (uint32_t) ilen) {
+        ctx->total[1]++;
+    }
+
+    if (left && ilen >= fill) {
+        memcpy((void *) (ctx->buffer + left),
+               (void *) input, fill);
+
+        if ((ret = mbedtls_internal_md4_process(ctx, ctx->buffer)) != 0) {
+            return ret;
+        }
+
+        input += fill;
+        ilen  -= fill;
+        left = 0;
+    }
+
+    while (ilen >= 64) {
+        if ((ret = mbedtls_internal_md4_process(ctx, input)) != 0) {
+            return ret;
+        }
+
+        input += 64;
+        ilen  -= 64;
+    }
+
+    if (ilen > 0) {
+        memcpy((void *) (ctx->buffer + left),
+               (void *) input, ilen);
+    }
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_md4_update(mbedtls_md4_context *ctx,
+                        const unsigned char *input,
+                        size_t ilen)
+{
+    mbedtls_md4_update_ret(ctx, input, ilen);
+}
+#endif
+
+static const unsigned char md4_padding[64] =
+{
+    0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+/*
+ * MD4 final digest
+ */
+int mbedtls_md4_finish_ret(mbedtls_md4_context *ctx,
+                           unsigned char output[16])
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    uint32_t last, padn;
+    uint32_t high, low;
+    unsigned char msglen[8];
+
+    high = (ctx->total[0] >> 29)
+           | (ctx->total[1] <<  3);
+    low  = (ctx->total[0] <<  3);
+
+    MBEDTLS_PUT_UINT32_LE(low,  msglen, 0);
+    MBEDTLS_PUT_UINT32_LE(high, msglen, 4);
+
+    last = ctx->total[0] & 0x3F;
+    padn = (last < 56) ? (56 - last) : (120 - last);
+
+    ret = mbedtls_md4_update_ret(ctx, (unsigned char *) md4_padding, padn);
+    if (ret != 0) {
+        return ret;
+    }
+
+    if ((ret = mbedtls_md4_update_ret(ctx, msglen, 8)) != 0) {
+        return ret;
+    }
+
+
+    MBEDTLS_PUT_UINT32_LE(ctx->state[0], output,  0);
+    MBEDTLS_PUT_UINT32_LE(ctx->state[1], output,  4);
+    MBEDTLS_PUT_UINT32_LE(ctx->state[2], output,  8);
+    MBEDTLS_PUT_UINT32_LE(ctx->state[3], output, 12);
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_md4_finish(mbedtls_md4_context *ctx,
+                        unsigned char output[16])
+{
+    mbedtls_md4_finish_ret(ctx, output);
+}
+#endif
+
+#endif /* !MBEDTLS_MD4_ALT */
+
+/*
+ * output = MD4( input buffer )
+ */
+int mbedtls_md4_ret(const unsigned char *input,
+                    size_t ilen,
+                    unsigned char output[16])
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_md4_context ctx;
+
+    mbedtls_md4_init(&ctx);
+
+    if ((ret = mbedtls_md4_starts_ret(&ctx)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_md4_update_ret(&ctx, input, ilen)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_md4_finish_ret(&ctx, output)) != 0) {
+        goto exit;
+    }
+
+exit:
+    mbedtls_md4_free(&ctx);
+
+    return ret;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_md4(const unsigned char *input,
+                 size_t ilen,
+                 unsigned char output[16])
+{
+    mbedtls_md4_ret(input, ilen, output);
+}
+#endif
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/*
+ * RFC 1320 test vectors
+ */
+static const unsigned char md4_test_str[7][81] =
+{
+    { "" },
+    { "a" },
+    { "abc" },
+    { "message digest" },
+    { "abcdefghijklmnopqrstuvwxyz" },
+    { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
+    { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" }
+};
+
+static const size_t md4_test_strlen[7] =
+{
+    0, 1, 3, 14, 26, 62, 80
+};
+
+static const unsigned char md4_test_sum[7][16] =
+{
+    { 0x31, 0xD6, 0xCF, 0xE0, 0xD1, 0x6A, 0xE9, 0x31,
+      0xB7, 0x3C, 0x59, 0xD7, 0xE0, 0xC0, 0x89, 0xC0 },
+    { 0xBD, 0xE5, 0x2C, 0xB3, 0x1D, 0xE3, 0x3E, 0x46,
+      0x24, 0x5E, 0x05, 0xFB, 0xDB, 0xD6, 0xFB, 0x24 },
+    { 0xA4, 0x48, 0x01, 0x7A, 0xAF, 0x21, 0xD8, 0x52,
+      0x5F, 0xC1, 0x0A, 0xE8, 0x7A, 0xA6, 0x72, 0x9D },
+    { 0xD9, 0x13, 0x0A, 0x81, 0x64, 0x54, 0x9F, 0xE8,
+      0x18, 0x87, 0x48, 0x06, 0xE1, 0xC7, 0x01, 0x4B },
+    { 0xD7, 0x9E, 0x1C, 0x30, 0x8A, 0xA5, 0xBB, 0xCD,
+      0xEE, 0xA8, 0xED, 0x63, 0xDF, 0x41, 0x2D, 0xA9 },
+    { 0x04, 0x3F, 0x85, 0x82, 0xF2, 0x41, 0xDB, 0x35,
+      0x1C, 0xE6, 0x27, 0xE1, 0x53, 0xE7, 0xF0, 0xE4 },
+    { 0xE3, 0x3B, 0x4D, 0xDC, 0x9C, 0x38, 0xF2, 0x19,
+      0x9C, 0x3E, 0x7B, 0x16, 0x4F, 0xCC, 0x05, 0x36 }
+};
+
+/*
+ * Checkup routine
+ */
+int mbedtls_md4_self_test(int verbose)
+{
+    int i, ret = 0;
+    unsigned char md4sum[16];
+
+    for (i = 0; i < 7; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  MD4 test #%d: ", i + 1);
+        }
+
+        ret = mbedtls_md4_ret(md4_test_str[i], md4_test_strlen[i], md4sum);
+        if (ret != 0) {
+            goto fail;
+        }
+
+        if (memcmp(md4sum, md4_test_sum[i], 16) != 0) {
+            ret = 1;
+            goto fail;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+    return 0;
+
+fail:
+    if (verbose != 0) {
+        mbedtls_printf("failed\n");
+    }
+
+    return ret;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_MD4_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/md5.c b/3rdparty/mbedtls-2.28.7/library/md5.c
new file mode 100644
index 0000000..4ad24fc
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/md5.c
@@ -0,0 +1,462 @@
+/*
+ *  RFC 1321 compliant MD5 implementation
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  The MD5 algorithm was designed by Ron Rivest in 1991.
+ *
+ *  http://www.ietf.org/rfc/rfc1321.txt
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_MD5_C)
+
+#include "mbedtls/md5.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_MD5_ALT)
+
+void mbedtls_md5_init(mbedtls_md5_context *ctx)
+{
+    memset(ctx, 0, sizeof(mbedtls_md5_context));
+}
+
+void mbedtls_md5_free(mbedtls_md5_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_md5_context));
+}
+
+void mbedtls_md5_clone(mbedtls_md5_context *dst,
+                       const mbedtls_md5_context *src)
+{
+    *dst = *src;
+}
+
+/*
+ * MD5 context setup
+ */
+int mbedtls_md5_starts_ret(mbedtls_md5_context *ctx)
+{
+    ctx->total[0] = 0;
+    ctx->total[1] = 0;
+
+    ctx->state[0] = 0x67452301;
+    ctx->state[1] = 0xEFCDAB89;
+    ctx->state[2] = 0x98BADCFE;
+    ctx->state[3] = 0x10325476;
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_md5_starts(mbedtls_md5_context *ctx)
+{
+    mbedtls_md5_starts_ret(ctx);
+}
+#endif
+
+#if !defined(MBEDTLS_MD5_PROCESS_ALT)
+int mbedtls_internal_md5_process(mbedtls_md5_context *ctx,
+                                 const unsigned char data[64])
+{
+    struct {
+        uint32_t X[16], A, B, C, D;
+    } local;
+
+    local.X[0] = MBEDTLS_GET_UINT32_LE(data,  0);
+    local.X[1] = MBEDTLS_GET_UINT32_LE(data,  4);
+    local.X[2] = MBEDTLS_GET_UINT32_LE(data,  8);
+    local.X[3] = MBEDTLS_GET_UINT32_LE(data, 12);
+    local.X[4] = MBEDTLS_GET_UINT32_LE(data, 16);
+    local.X[5] = MBEDTLS_GET_UINT32_LE(data, 20);
+    local.X[6] = MBEDTLS_GET_UINT32_LE(data, 24);
+    local.X[7] = MBEDTLS_GET_UINT32_LE(data, 28);
+    local.X[8] = MBEDTLS_GET_UINT32_LE(data, 32);
+    local.X[9] = MBEDTLS_GET_UINT32_LE(data, 36);
+    local.X[10] = MBEDTLS_GET_UINT32_LE(data, 40);
+    local.X[11] = MBEDTLS_GET_UINT32_LE(data, 44);
+    local.X[12] = MBEDTLS_GET_UINT32_LE(data, 48);
+    local.X[13] = MBEDTLS_GET_UINT32_LE(data, 52);
+    local.X[14] = MBEDTLS_GET_UINT32_LE(data, 56);
+    local.X[15] = MBEDTLS_GET_UINT32_LE(data, 60);
+
+#define S(x, n)                                                          \
+    (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n))))
+
+#define P(a, b, c, d, k, s, t)                                                \
+    do                                                                  \
+    {                                                                   \
+        (a) += F((b), (c), (d)) + local.X[(k)] + (t);                     \
+        (a) = S((a), (s)) + (b);                                         \
+    } while (0)
+
+    local.A = ctx->state[0];
+    local.B = ctx->state[1];
+    local.C = ctx->state[2];
+    local.D = ctx->state[3];
+
+#define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z))))
+
+    P(local.A, local.B, local.C, local.D,  0,  7, 0xD76AA478);
+    P(local.D, local.A, local.B, local.C,  1, 12, 0xE8C7B756);
+    P(local.C, local.D, local.A, local.B,  2, 17, 0x242070DB);
+    P(local.B, local.C, local.D, local.A,  3, 22, 0xC1BDCEEE);
+    P(local.A, local.B, local.C, local.D,  4,  7, 0xF57C0FAF);
+    P(local.D, local.A, local.B, local.C,  5, 12, 0x4787C62A);
+    P(local.C, local.D, local.A, local.B,  6, 17, 0xA8304613);
+    P(local.B, local.C, local.D, local.A,  7, 22, 0xFD469501);
+    P(local.A, local.B, local.C, local.D,  8,  7, 0x698098D8);
+    P(local.D, local.A, local.B, local.C,  9, 12, 0x8B44F7AF);
+    P(local.C, local.D, local.A, local.B, 10, 17, 0xFFFF5BB1);
+    P(local.B, local.C, local.D, local.A, 11, 22, 0x895CD7BE);
+    P(local.A, local.B, local.C, local.D, 12,  7, 0x6B901122);
+    P(local.D, local.A, local.B, local.C, 13, 12, 0xFD987193);
+    P(local.C, local.D, local.A, local.B, 14, 17, 0xA679438E);
+    P(local.B, local.C, local.D, local.A, 15, 22, 0x49B40821);
+
+#undef F
+
+#define F(x, y, z) ((y) ^ ((z) & ((x) ^ (y))))
+
+    P(local.A, local.B, local.C, local.D,  1,  5, 0xF61E2562);
+    P(local.D, local.A, local.B, local.C,  6,  9, 0xC040B340);
+    P(local.C, local.D, local.A, local.B, 11, 14, 0x265E5A51);
+    P(local.B, local.C, local.D, local.A,  0, 20, 0xE9B6C7AA);
+    P(local.A, local.B, local.C, local.D,  5,  5, 0xD62F105D);
+    P(local.D, local.A, local.B, local.C, 10,  9, 0x02441453);
+    P(local.C, local.D, local.A, local.B, 15, 14, 0xD8A1E681);
+    P(local.B, local.C, local.D, local.A,  4, 20, 0xE7D3FBC8);
+    P(local.A, local.B, local.C, local.D,  9,  5, 0x21E1CDE6);
+    P(local.D, local.A, local.B, local.C, 14,  9, 0xC33707D6);
+    P(local.C, local.D, local.A, local.B,  3, 14, 0xF4D50D87);
+    P(local.B, local.C, local.D, local.A,  8, 20, 0x455A14ED);
+    P(local.A, local.B, local.C, local.D, 13,  5, 0xA9E3E905);
+    P(local.D, local.A, local.B, local.C,  2,  9, 0xFCEFA3F8);
+    P(local.C, local.D, local.A, local.B,  7, 14, 0x676F02D9);
+    P(local.B, local.C, local.D, local.A, 12, 20, 0x8D2A4C8A);
+
+#undef F
+
+#define F(x, y, z) ((x) ^ (y) ^ (z))
+
+    P(local.A, local.B, local.C, local.D,  5,  4, 0xFFFA3942);
+    P(local.D, local.A, local.B, local.C,  8, 11, 0x8771F681);
+    P(local.C, local.D, local.A, local.B, 11, 16, 0x6D9D6122);
+    P(local.B, local.C, local.D, local.A, 14, 23, 0xFDE5380C);
+    P(local.A, local.B, local.C, local.D,  1,  4, 0xA4BEEA44);
+    P(local.D, local.A, local.B, local.C,  4, 11, 0x4BDECFA9);
+    P(local.C, local.D, local.A, local.B,  7, 16, 0xF6BB4B60);
+    P(local.B, local.C, local.D, local.A, 10, 23, 0xBEBFBC70);
+    P(local.A, local.B, local.C, local.D, 13,  4, 0x289B7EC6);
+    P(local.D, local.A, local.B, local.C,  0, 11, 0xEAA127FA);
+    P(local.C, local.D, local.A, local.B,  3, 16, 0xD4EF3085);
+    P(local.B, local.C, local.D, local.A,  6, 23, 0x04881D05);
+    P(local.A, local.B, local.C, local.D,  9,  4, 0xD9D4D039);
+    P(local.D, local.A, local.B, local.C, 12, 11, 0xE6DB99E5);
+    P(local.C, local.D, local.A, local.B, 15, 16, 0x1FA27CF8);
+    P(local.B, local.C, local.D, local.A,  2, 23, 0xC4AC5665);
+
+#undef F
+
+#define F(x, y, z) ((y) ^ ((x) | ~(z)))
+
+    P(local.A, local.B, local.C, local.D,  0,  6, 0xF4292244);
+    P(local.D, local.A, local.B, local.C,  7, 10, 0x432AFF97);
+    P(local.C, local.D, local.A, local.B, 14, 15, 0xAB9423A7);
+    P(local.B, local.C, local.D, local.A,  5, 21, 0xFC93A039);
+    P(local.A, local.B, local.C, local.D, 12,  6, 0x655B59C3);
+    P(local.D, local.A, local.B, local.C,  3, 10, 0x8F0CCC92);
+    P(local.C, local.D, local.A, local.B, 10, 15, 0xFFEFF47D);
+    P(local.B, local.C, local.D, local.A,  1, 21, 0x85845DD1);
+    P(local.A, local.B, local.C, local.D,  8,  6, 0x6FA87E4F);
+    P(local.D, local.A, local.B, local.C, 15, 10, 0xFE2CE6E0);
+    P(local.C, local.D, local.A, local.B,  6, 15, 0xA3014314);
+    P(local.B, local.C, local.D, local.A, 13, 21, 0x4E0811A1);
+    P(local.A, local.B, local.C, local.D,  4,  6, 0xF7537E82);
+    P(local.D, local.A, local.B, local.C, 11, 10, 0xBD3AF235);
+    P(local.C, local.D, local.A, local.B,  2, 15, 0x2AD7D2BB);
+    P(local.B, local.C, local.D, local.A,  9, 21, 0xEB86D391);
+
+#undef F
+
+    ctx->state[0] += local.A;
+    ctx->state[1] += local.B;
+    ctx->state[2] += local.C;
+    ctx->state[3] += local.D;
+
+    /* Zeroise variables to clear sensitive data from memory. */
+    mbedtls_platform_zeroize(&local, sizeof(local));
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_md5_process(mbedtls_md5_context *ctx,
+                         const unsigned char data[64])
+{
+    mbedtls_internal_md5_process(ctx, data);
+}
+#endif
+#endif /* !MBEDTLS_MD5_PROCESS_ALT */
+
+/*
+ * MD5 process buffer
+ */
+int mbedtls_md5_update_ret(mbedtls_md5_context *ctx,
+                           const unsigned char *input,
+                           size_t ilen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t fill;
+    uint32_t left;
+
+    if (ilen == 0) {
+        return 0;
+    }
+
+    left = ctx->total[0] & 0x3F;
+    fill = 64 - left;
+
+    ctx->total[0] += (uint32_t) ilen;
+    ctx->total[0] &= 0xFFFFFFFF;
+
+    if (ctx->total[0] < (uint32_t) ilen) {
+        ctx->total[1]++;
+    }
+
+    if (left && ilen >= fill) {
+        memcpy((void *) (ctx->buffer + left), input, fill);
+        if ((ret = mbedtls_internal_md5_process(ctx, ctx->buffer)) != 0) {
+            return ret;
+        }
+
+        input += fill;
+        ilen  -= fill;
+        left = 0;
+    }
+
+    while (ilen >= 64) {
+        if ((ret = mbedtls_internal_md5_process(ctx, input)) != 0) {
+            return ret;
+        }
+
+        input += 64;
+        ilen  -= 64;
+    }
+
+    if (ilen > 0) {
+        memcpy((void *) (ctx->buffer + left), input, ilen);
+    }
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_md5_update(mbedtls_md5_context *ctx,
+                        const unsigned char *input,
+                        size_t ilen)
+{
+    mbedtls_md5_update_ret(ctx, input, ilen);
+}
+#endif
+
+/*
+ * MD5 final digest
+ */
+int mbedtls_md5_finish_ret(mbedtls_md5_context *ctx,
+                           unsigned char output[16])
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    uint32_t used;
+    uint32_t high, low;
+
+    /*
+     * Add padding: 0x80 then 0x00 until 8 bytes remain for the length
+     */
+    used = ctx->total[0] & 0x3F;
+
+    ctx->buffer[used++] = 0x80;
+
+    if (used <= 56) {
+        /* Enough room for padding + length in current block */
+        memset(ctx->buffer + used, 0, 56 - used);
+    } else {
+        /* We'll need an extra block */
+        memset(ctx->buffer + used, 0, 64 - used);
+
+        if ((ret = mbedtls_internal_md5_process(ctx, ctx->buffer)) != 0) {
+            return ret;
+        }
+
+        memset(ctx->buffer, 0, 56);
+    }
+
+    /*
+     * Add message length
+     */
+    high = (ctx->total[0] >> 29)
+           | (ctx->total[1] <<  3);
+    low  = (ctx->total[0] <<  3);
+
+    MBEDTLS_PUT_UINT32_LE(low,  ctx->buffer, 56);
+    MBEDTLS_PUT_UINT32_LE(high, ctx->buffer, 60);
+
+    if ((ret = mbedtls_internal_md5_process(ctx, ctx->buffer)) != 0) {
+        return ret;
+    }
+
+    /*
+     * Output final state
+     */
+    MBEDTLS_PUT_UINT32_LE(ctx->state[0], output,  0);
+    MBEDTLS_PUT_UINT32_LE(ctx->state[1], output,  4);
+    MBEDTLS_PUT_UINT32_LE(ctx->state[2], output,  8);
+    MBEDTLS_PUT_UINT32_LE(ctx->state[3], output, 12);
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_md5_finish(mbedtls_md5_context *ctx,
+                        unsigned char output[16])
+{
+    mbedtls_md5_finish_ret(ctx, output);
+}
+#endif
+
+#endif /* !MBEDTLS_MD5_ALT */
+
+/*
+ * output = MD5( input buffer )
+ */
+int mbedtls_md5_ret(const unsigned char *input,
+                    size_t ilen,
+                    unsigned char output[16])
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_md5_context ctx;
+
+    mbedtls_md5_init(&ctx);
+
+    if ((ret = mbedtls_md5_starts_ret(&ctx)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_md5_update_ret(&ctx, input, ilen)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_md5_finish_ret(&ctx, output)) != 0) {
+        goto exit;
+    }
+
+exit:
+    mbedtls_md5_free(&ctx);
+
+    return ret;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_md5(const unsigned char *input,
+                 size_t ilen,
+                 unsigned char output[16])
+{
+    mbedtls_md5_ret(input, ilen, output);
+}
+#endif
+
+#if defined(MBEDTLS_SELF_TEST)
+/*
+ * RFC 1321 test vectors
+ */
+static const unsigned char md5_test_buf[7][81] =
+{
+    { "" },
+    { "a" },
+    { "abc" },
+    { "message digest" },
+    { "abcdefghijklmnopqrstuvwxyz" },
+    { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
+    { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" }
+};
+
+static const size_t md5_test_buflen[7] =
+{
+    0, 1, 3, 14, 26, 62, 80
+};
+
+static const unsigned char md5_test_sum[7][16] =
+{
+    { 0xD4, 0x1D, 0x8C, 0xD9, 0x8F, 0x00, 0xB2, 0x04,
+      0xE9, 0x80, 0x09, 0x98, 0xEC, 0xF8, 0x42, 0x7E },
+    { 0x0C, 0xC1, 0x75, 0xB9, 0xC0, 0xF1, 0xB6, 0xA8,
+      0x31, 0xC3, 0x99, 0xE2, 0x69, 0x77, 0x26, 0x61 },
+    { 0x90, 0x01, 0x50, 0x98, 0x3C, 0xD2, 0x4F, 0xB0,
+      0xD6, 0x96, 0x3F, 0x7D, 0x28, 0xE1, 0x7F, 0x72 },
+    { 0xF9, 0x6B, 0x69, 0x7D, 0x7C, 0xB7, 0x93, 0x8D,
+      0x52, 0x5A, 0x2F, 0x31, 0xAA, 0xF1, 0x61, 0xD0 },
+    { 0xC3, 0xFC, 0xD3, 0xD7, 0x61, 0x92, 0xE4, 0x00,
+      0x7D, 0xFB, 0x49, 0x6C, 0xCA, 0x67, 0xE1, 0x3B },
+    { 0xD1, 0x74, 0xAB, 0x98, 0xD2, 0x77, 0xD9, 0xF5,
+      0xA5, 0x61, 0x1C, 0x2C, 0x9F, 0x41, 0x9D, 0x9F },
+    { 0x57, 0xED, 0xF4, 0xA2, 0x2B, 0xE3, 0xC9, 0x55,
+      0xAC, 0x49, 0xDA, 0x2E, 0x21, 0x07, 0xB6, 0x7A }
+};
+
+/*
+ * Checkup routine
+ */
+int mbedtls_md5_self_test(int verbose)
+{
+    int i, ret = 0;
+    unsigned char md5sum[16];
+
+    for (i = 0; i < 7; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  MD5 test #%d: ", i + 1);
+        }
+
+        ret = mbedtls_md5_ret(md5_test_buf[i], md5_test_buflen[i], md5sum);
+        if (ret != 0) {
+            goto fail;
+        }
+
+        if (memcmp(md5sum, md5_test_sum[i], 16) != 0) {
+            ret = 1;
+            goto fail;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+    return 0;
+
+fail:
+    if (verbose != 0) {
+        mbedtls_printf("failed\n");
+    }
+
+    return ret;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_MD5_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/memory_buffer_alloc.c b/3rdparty/mbedtls-2.28.7/library/memory_buffer_alloc.c
new file mode 100644
index 0000000..d6a47ba
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/memory_buffer_alloc.c
@@ -0,0 +1,739 @@
+/*
+ *  Buffer-based memory allocator
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+#include "mbedtls/memory_buffer_alloc.h"
+
+/* No need for the header guard as MBEDTLS_MEMORY_BUFFER_ALLOC_C
+   is dependent upon MBEDTLS_PLATFORM_C */
+#include "mbedtls/platform.h"
+#include "mbedtls/platform_util.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+#include <execinfo.h>
+#endif
+
+#if defined(MBEDTLS_THREADING_C)
+#include "mbedtls/threading.h"
+#endif
+
+#define MAGIC1       0xFF00AA55
+#define MAGIC2       0xEE119966
+#define MAX_BT 20
+
+typedef struct _memory_header memory_header;
+struct _memory_header {
+    size_t          magic1;
+    size_t          size;
+    size_t          alloc;
+    memory_header   *prev;
+    memory_header   *next;
+    memory_header   *prev_free;
+    memory_header   *next_free;
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+    char            **trace;
+    size_t          trace_count;
+#endif
+    size_t          magic2;
+};
+
+typedef struct {
+    unsigned char   *buf;
+    size_t          len;
+    memory_header   *first;
+    memory_header   *first_free;
+    int             verify;
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    size_t          alloc_count;
+    size_t          free_count;
+    size_t          total_used;
+    size_t          maximum_used;
+    size_t          header_count;
+    size_t          maximum_header_count;
+#endif
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_threading_mutex_t   mutex;
+#endif
+}
+buffer_alloc_ctx;
+
+static buffer_alloc_ctx heap;
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+static void debug_header(memory_header *hdr)
+{
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+    size_t i;
+#endif
+
+    mbedtls_fprintf(stderr, "HDR:  PTR(%10zu), PREV(%10zu), NEXT(%10zu), "
+                            "ALLOC(%zu), SIZE(%10zu)\n",
+                    (size_t) hdr, (size_t) hdr->prev, (size_t) hdr->next,
+                    hdr->alloc, hdr->size);
+    mbedtls_fprintf(stderr, "      FPREV(%10zu), FNEXT(%10zu)\n",
+                    (size_t) hdr->prev_free, (size_t) hdr->next_free);
+
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+    mbedtls_fprintf(stderr, "TRACE: \n");
+    for (i = 0; i < hdr->trace_count; i++) {
+        mbedtls_fprintf(stderr, "%s\n", hdr->trace[i]);
+    }
+    mbedtls_fprintf(stderr, "\n");
+#endif
+}
+
+static void debug_chain(void)
+{
+    memory_header *cur = heap.first;
+
+    mbedtls_fprintf(stderr, "\nBlock list\n");
+    while (cur != NULL) {
+        debug_header(cur);
+        cur = cur->next;
+    }
+
+    mbedtls_fprintf(stderr, "Free list\n");
+    cur = heap.first_free;
+
+    while (cur != NULL) {
+        debug_header(cur);
+        cur = cur->next_free;
+    }
+}
+#endif /* MBEDTLS_MEMORY_DEBUG */
+
+static int verify_header(memory_header *hdr)
+{
+    if (hdr->magic1 != MAGIC1) {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_fprintf(stderr, "FATAL: MAGIC1 mismatch\n");
+#endif
+        return 1;
+    }
+
+    if (hdr->magic2 != MAGIC2) {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_fprintf(stderr, "FATAL: MAGIC2 mismatch\n");
+#endif
+        return 1;
+    }
+
+    if (hdr->alloc > 1) {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_fprintf(stderr, "FATAL: alloc has illegal value\n");
+#endif
+        return 1;
+    }
+
+    if (hdr->prev != NULL && hdr->prev == hdr->next) {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_fprintf(stderr, "FATAL: prev == next\n");
+#endif
+        return 1;
+    }
+
+    if (hdr->prev_free != NULL && hdr->prev_free == hdr->next_free) {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_fprintf(stderr, "FATAL: prev_free == next_free\n");
+#endif
+        return 1;
+    }
+
+    return 0;
+}
+
+static int verify_chain(void)
+{
+    memory_header *prv = heap.first, *cur;
+
+    if (prv == NULL || verify_header(prv) != 0) {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_fprintf(stderr, "FATAL: verification of first header "
+                                "failed\n");
+#endif
+        return 1;
+    }
+
+    if (heap.first->prev != NULL) {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_fprintf(stderr, "FATAL: verification failed: "
+                                "first->prev != NULL\n");
+#endif
+        return 1;
+    }
+
+    cur = heap.first->next;
+
+    while (cur != NULL) {
+        if (verify_header(cur) != 0) {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+            mbedtls_fprintf(stderr, "FATAL: verification of header "
+                                    "failed\n");
+#endif
+            return 1;
+        }
+
+        if (cur->prev != prv) {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+            mbedtls_fprintf(stderr, "FATAL: verification failed: "
+                                    "cur->prev != prv\n");
+#endif
+            return 1;
+        }
+
+        prv = cur;
+        cur = cur->next;
+    }
+
+    return 0;
+}
+
+static void *buffer_alloc_calloc(size_t n, size_t size)
+{
+    memory_header *new, *cur = heap.first_free;
+    unsigned char *p;
+    void *ret;
+    size_t original_len, len;
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+    void *trace_buffer[MAX_BT];
+    size_t trace_cnt;
+#endif
+
+    if (heap.buf == NULL || heap.first == NULL) {
+        return NULL;
+    }
+
+    original_len = len = n * size;
+
+    if (n == 0 || size == 0 || len / n != size) {
+        return NULL;
+    } else if (len > (size_t) -MBEDTLS_MEMORY_ALIGN_MULTIPLE) {
+        return NULL;
+    }
+
+    if (len % MBEDTLS_MEMORY_ALIGN_MULTIPLE) {
+        len -= len % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
+        len += MBEDTLS_MEMORY_ALIGN_MULTIPLE;
+    }
+
+    // Find block that fits
+    //
+    while (cur != NULL) {
+        if (cur->size >= len) {
+            break;
+        }
+
+        cur = cur->next_free;
+    }
+
+    if (cur == NULL) {
+        return NULL;
+    }
+
+    if (cur->alloc != 0) {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_fprintf(stderr, "FATAL: block in free_list but allocated "
+                                "data\n");
+#endif
+        mbedtls_exit(1);
+    }
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    heap.alloc_count++;
+#endif
+
+    // Found location, split block if > memory_header + 4 room left
+    //
+    if (cur->size - len < sizeof(memory_header) +
+        MBEDTLS_MEMORY_ALIGN_MULTIPLE) {
+        cur->alloc = 1;
+
+        // Remove from free_list
+        //
+        if (cur->prev_free != NULL) {
+            cur->prev_free->next_free = cur->next_free;
+        } else {
+            heap.first_free = cur->next_free;
+        }
+
+        if (cur->next_free != NULL) {
+            cur->next_free->prev_free = cur->prev_free;
+        }
+
+        cur->prev_free = NULL;
+        cur->next_free = NULL;
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        heap.total_used += cur->size;
+        if (heap.total_used > heap.maximum_used) {
+            heap.maximum_used = heap.total_used;
+        }
+#endif
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+        trace_cnt = backtrace(trace_buffer, MAX_BT);
+        cur->trace = backtrace_symbols(trace_buffer, trace_cnt);
+        cur->trace_count = trace_cnt;
+#endif
+
+        if ((heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC) && verify_chain() != 0) {
+            mbedtls_exit(1);
+        }
+
+        ret = (unsigned char *) cur + sizeof(memory_header);
+        memset(ret, 0, original_len);
+
+        return ret;
+    }
+
+    p = ((unsigned char *) cur) + sizeof(memory_header) + len;
+    new = (memory_header *) p;
+
+    new->size = cur->size - len - sizeof(memory_header);
+    new->alloc = 0;
+    new->prev = cur;
+    new->next = cur->next;
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+    new->trace = NULL;
+    new->trace_count = 0;
+#endif
+    new->magic1 = MAGIC1;
+    new->magic2 = MAGIC2;
+
+    if (new->next != NULL) {
+        new->next->prev = new;
+    }
+
+    // Replace cur with new in free_list
+    //
+    new->prev_free = cur->prev_free;
+    new->next_free = cur->next_free;
+    if (new->prev_free != NULL) {
+        new->prev_free->next_free = new;
+    } else {
+        heap.first_free = new;
+    }
+
+    if (new->next_free != NULL) {
+        new->next_free->prev_free = new;
+    }
+
+    cur->alloc = 1;
+    cur->size = len;
+    cur->next = new;
+    cur->prev_free = NULL;
+    cur->next_free = NULL;
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    heap.header_count++;
+    if (heap.header_count > heap.maximum_header_count) {
+        heap.maximum_header_count = heap.header_count;
+    }
+    heap.total_used += cur->size;
+    if (heap.total_used > heap.maximum_used) {
+        heap.maximum_used = heap.total_used;
+    }
+#endif
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+    trace_cnt = backtrace(trace_buffer, MAX_BT);
+    cur->trace = backtrace_symbols(trace_buffer, trace_cnt);
+    cur->trace_count = trace_cnt;
+#endif
+
+    if ((heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC) && verify_chain() != 0) {
+        mbedtls_exit(1);
+    }
+
+    ret = (unsigned char *) cur + sizeof(memory_header);
+    memset(ret, 0, original_len);
+
+    return ret;
+}
+
+static void buffer_alloc_free(void *ptr)
+{
+    memory_header *hdr, *old = NULL;
+    unsigned char *p = (unsigned char *) ptr;
+
+    if (ptr == NULL || heap.buf == NULL || heap.first == NULL) {
+        return;
+    }
+
+    if (p < heap.buf || p >= heap.buf + heap.len) {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_fprintf(stderr, "FATAL: mbedtls_free() outside of managed "
+                                "space\n");
+#endif
+        mbedtls_exit(1);
+    }
+
+    p -= sizeof(memory_header);
+    hdr = (memory_header *) p;
+
+    if (verify_header(hdr) != 0) {
+        mbedtls_exit(1);
+    }
+
+    if (hdr->alloc != 1) {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_fprintf(stderr, "FATAL: mbedtls_free() on unallocated "
+                                "data\n");
+#endif
+        mbedtls_exit(1);
+    }
+
+    hdr->alloc = 0;
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    heap.free_count++;
+    heap.total_used -= hdr->size;
+#endif
+
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+    free(hdr->trace);
+    hdr->trace = NULL;
+    hdr->trace_count = 0;
+#endif
+
+    // Regroup with block before
+    //
+    if (hdr->prev != NULL && hdr->prev->alloc == 0) {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        heap.header_count--;
+#endif
+        hdr->prev->size += sizeof(memory_header) + hdr->size;
+        hdr->prev->next = hdr->next;
+        old = hdr;
+        hdr = hdr->prev;
+
+        if (hdr->next != NULL) {
+            hdr->next->prev = hdr;
+        }
+
+        memset(old, 0, sizeof(memory_header));
+    }
+
+    // Regroup with block after
+    //
+    if (hdr->next != NULL && hdr->next->alloc == 0) {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        heap.header_count--;
+#endif
+        hdr->size += sizeof(memory_header) + hdr->next->size;
+        old = hdr->next;
+        hdr->next = hdr->next->next;
+
+        if (hdr->prev_free != NULL || hdr->next_free != NULL) {
+            if (hdr->prev_free != NULL) {
+                hdr->prev_free->next_free = hdr->next_free;
+            } else {
+                heap.first_free = hdr->next_free;
+            }
+
+            if (hdr->next_free != NULL) {
+                hdr->next_free->prev_free = hdr->prev_free;
+            }
+        }
+
+        hdr->prev_free = old->prev_free;
+        hdr->next_free = old->next_free;
+
+        if (hdr->prev_free != NULL) {
+            hdr->prev_free->next_free = hdr;
+        } else {
+            heap.first_free = hdr;
+        }
+
+        if (hdr->next_free != NULL) {
+            hdr->next_free->prev_free = hdr;
+        }
+
+        if (hdr->next != NULL) {
+            hdr->next->prev = hdr;
+        }
+
+        memset(old, 0, sizeof(memory_header));
+    }
+
+    // Prepend to free_list if we have not merged
+    // (Does not have to stay in same order as prev / next list)
+    //
+    if (old == NULL) {
+        hdr->next_free = heap.first_free;
+        if (heap.first_free != NULL) {
+            heap.first_free->prev_free = hdr;
+        }
+        heap.first_free = hdr;
+    }
+
+    if ((heap.verify & MBEDTLS_MEMORY_VERIFY_FREE) && verify_chain() != 0) {
+        mbedtls_exit(1);
+    }
+}
+
+void mbedtls_memory_buffer_set_verify(int verify)
+{
+    heap.verify = verify;
+}
+
+int mbedtls_memory_buffer_alloc_verify(void)
+{
+    return verify_chain();
+}
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+void mbedtls_memory_buffer_alloc_status(void)
+{
+    mbedtls_fprintf(stderr,
+                    "Current use: %zu blocks / %zu bytes, max: %zu blocks / "
+                    "%zu bytes (total %zu bytes), alloc / free: %zu / %zu\n",
+                    heap.header_count, heap.total_used,
+                    heap.maximum_header_count, heap.maximum_used,
+                    heap.maximum_header_count * sizeof(memory_header)
+                    + heap.maximum_used,
+                    heap.alloc_count, heap.free_count);
+
+    if (heap.first->next == NULL) {
+        mbedtls_fprintf(stderr, "All memory de-allocated in stack buffer\n");
+    } else {
+        mbedtls_fprintf(stderr, "Memory currently allocated:\n");
+        debug_chain();
+    }
+}
+
+void mbedtls_memory_buffer_alloc_max_get(size_t *max_used, size_t *max_blocks)
+{
+    *max_used   = heap.maximum_used;
+    *max_blocks = heap.maximum_header_count;
+}
+
+void mbedtls_memory_buffer_alloc_max_reset(void)
+{
+    heap.maximum_used = 0;
+    heap.maximum_header_count = 0;
+}
+
+void mbedtls_memory_buffer_alloc_cur_get(size_t *cur_used, size_t *cur_blocks)
+{
+    *cur_used   = heap.total_used;
+    *cur_blocks = heap.header_count;
+}
+#endif /* MBEDTLS_MEMORY_DEBUG */
+
+#if defined(MBEDTLS_THREADING_C)
+static void *buffer_alloc_calloc_mutexed(size_t n, size_t size)
+{
+    void *buf;
+    if (mbedtls_mutex_lock(&heap.mutex) != 0) {
+        return NULL;
+    }
+    buf = buffer_alloc_calloc(n, size);
+    if (mbedtls_mutex_unlock(&heap.mutex)) {
+        return NULL;
+    }
+    return buf;
+}
+
+static void buffer_alloc_free_mutexed(void *ptr)
+{
+    /* We have no good option here, but corrupting the heap seems
+     * worse than losing memory. */
+    if (mbedtls_mutex_lock(&heap.mutex)) {
+        return;
+    }
+    buffer_alloc_free(ptr);
+    (void) mbedtls_mutex_unlock(&heap.mutex);
+}
+#endif /* MBEDTLS_THREADING_C */
+
+void mbedtls_memory_buffer_alloc_init(unsigned char *buf, size_t len)
+{
+    memset(&heap, 0, sizeof(buffer_alloc_ctx));
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_init(&heap.mutex);
+    mbedtls_platform_set_calloc_free(buffer_alloc_calloc_mutexed,
+                                     buffer_alloc_free_mutexed);
+#else
+    mbedtls_platform_set_calloc_free(buffer_alloc_calloc, buffer_alloc_free);
+#endif
+
+    if (len < sizeof(memory_header) + MBEDTLS_MEMORY_ALIGN_MULTIPLE) {
+        return;
+    } else if ((size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE) {
+        /* Adjust len first since buf is used in the computation */
+        len -= MBEDTLS_MEMORY_ALIGN_MULTIPLE
+               - (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
+        buf += MBEDTLS_MEMORY_ALIGN_MULTIPLE
+               - (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
+    }
+
+    memset(buf, 0, len);
+
+    heap.buf = buf;
+    heap.len = len;
+
+    heap.first = (memory_header *) buf;
+    heap.first->size = len - sizeof(memory_header);
+    heap.first->magic1 = MAGIC1;
+    heap.first->magic2 = MAGIC2;
+    heap.first_free = heap.first;
+}
+
+void mbedtls_memory_buffer_alloc_free(void)
+{
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_free(&heap.mutex);
+#endif
+    mbedtls_platform_zeroize(&heap, sizeof(buffer_alloc_ctx));
+}
+
+#if defined(MBEDTLS_SELF_TEST)
+static int check_pointer(void *p)
+{
+    if (p == NULL) {
+        return -1;
+    }
+
+    if ((size_t) p % MBEDTLS_MEMORY_ALIGN_MULTIPLE != 0) {
+        return -1;
+    }
+
+    return 0;
+}
+
+static int check_all_free(void)
+{
+    if (
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        heap.total_used != 0 ||
+#endif
+        heap.first != heap.first_free ||
+        (void *) heap.first != (void *) heap.buf) {
+        return -1;
+    }
+
+    return 0;
+}
+
+#define TEST_ASSERT(condition)            \
+    if (!(condition))                     \
+    {                                       \
+        if (verbose != 0)                  \
+        mbedtls_printf("failed\n");  \
+                                            \
+        ret = 1;                            \
+        goto cleanup;                       \
+    }
+
+int mbedtls_memory_buffer_alloc_self_test(int verbose)
+{
+    unsigned char buf[1024];
+    unsigned char *p, *q, *r, *end;
+    int ret = 0;
+
+    if (verbose != 0) {
+        mbedtls_printf("  MBA test #1 (basic alloc-free cycle): ");
+    }
+
+    mbedtls_memory_buffer_alloc_init(buf, sizeof(buf));
+
+    p = mbedtls_calloc(1, 1);
+    q = mbedtls_calloc(1, 128);
+    r = mbedtls_calloc(1, 16);
+
+    TEST_ASSERT(check_pointer(p) == 0 &&
+                check_pointer(q) == 0 &&
+                check_pointer(r) == 0);
+
+    mbedtls_free(r);
+    mbedtls_free(q);
+    mbedtls_free(p);
+
+    TEST_ASSERT(check_all_free() == 0);
+
+    /* Memorize end to compare with the next test */
+    end = heap.buf + heap.len;
+
+    mbedtls_memory_buffer_alloc_free();
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n");
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("  MBA test #2 (buf not aligned): ");
+    }
+
+    mbedtls_memory_buffer_alloc_init(buf + 1, sizeof(buf) - 1);
+
+    TEST_ASSERT(heap.buf + heap.len == end);
+
+    p = mbedtls_calloc(1, 1);
+    q = mbedtls_calloc(1, 128);
+    r = mbedtls_calloc(1, 16);
+
+    TEST_ASSERT(check_pointer(p) == 0 &&
+                check_pointer(q) == 0 &&
+                check_pointer(r) == 0);
+
+    mbedtls_free(r);
+    mbedtls_free(q);
+    mbedtls_free(p);
+
+    TEST_ASSERT(check_all_free() == 0);
+
+    mbedtls_memory_buffer_alloc_free();
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n");
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("  MBA test #3 (full): ");
+    }
+
+    mbedtls_memory_buffer_alloc_init(buf, sizeof(buf));
+
+    p = mbedtls_calloc(1, sizeof(buf) - sizeof(memory_header));
+
+    TEST_ASSERT(check_pointer(p) == 0);
+    TEST_ASSERT(mbedtls_calloc(1, 1) == NULL);
+
+    mbedtls_free(p);
+
+    p = mbedtls_calloc(1, sizeof(buf) - 2 * sizeof(memory_header) - 16);
+    q = mbedtls_calloc(1, 16);
+
+    TEST_ASSERT(check_pointer(p) == 0 && check_pointer(q) == 0);
+    TEST_ASSERT(mbedtls_calloc(1, 1) == NULL);
+
+    mbedtls_free(q);
+
+    TEST_ASSERT(mbedtls_calloc(1, 17) == NULL);
+
+    mbedtls_free(p);
+
+    TEST_ASSERT(check_all_free() == 0);
+
+    mbedtls_memory_buffer_alloc_free();
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n");
+    }
+
+cleanup:
+    mbedtls_memory_buffer_alloc_free();
+
+    return ret;
+}
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/mps_common.h b/3rdparty/mbedtls-2.28.7/library/mps_common.h
new file mode 100644
index 0000000..a41eb9a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/mps_common.h
@@ -0,0 +1,181 @@
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/**
+ * \file mps_common.h
+ *
+ * \brief Common functions and macros used by MPS
+ */
+
+#ifndef MBEDTLS_MPS_COMMON_H
+#define MBEDTLS_MPS_COMMON_H
+
+#include "mps_error.h"
+
+#include <stdio.h>
+
+/**
+ * \name SECTION:       MPS Configuration
+ *
+ * \{
+ */
+
+/*! This flag controls whether the MPS-internal components
+ *  (reader, writer, Layer 1-3) perform validation of the
+ *  expected abstract state at the entry of API calls.
+ *
+ *  Context: All MPS API functions impose assumptions/preconditions on the
+ *  context on which they operate. For example, every structure has a notion of
+ *  state integrity which is established by `xxx_init()` and preserved by any
+ *  calls to the MPS API which satisfy their preconditions and either succeed,
+ *  or fail with an error code which is explicitly documented to not corrupt
+ *  structure integrity (such as WANT_READ and WANT_WRITE);
+ *  apart from `xxx_init()` any function assumes state integrity as a
+ *  precondition (but usually more). If any of the preconditions is violated,
+ *  the function's behavior is entirely undefined.
+ *  In addition to state integrity, all MPS structures have a more refined
+ *  notion of abstract state that the API operates on. For example, all layers
+ *  have a notion of 'abstract read state' which indicates if incoming data has
+ *  been passed to the user, e.g. through mps_l2_read_start() for Layer 2
+ *  or mps_l3_read() in Layer 3. After such a call, it doesn't make sense to
+ *  call these reading functions again until the incoming data has been
+ *  explicitly 'consumed', e.g. through mps_l2_read_consume() for Layer 2 or
+ *  mps_l3_read_consume() on Layer 3. However, even if it doesn't make sense,
+ *  it's a design choice whether the API should fail gracefully on such
+ *  non-sensical calls or not, and that's what this option is about:
+ *
+ *  This option determines whether the expected abstract state
+ *  is part of the API preconditions or not: If the option is set,
+ *  then the abstract state is not part of the precondition and is
+ *  thus required to be validated by the implementation. If an unexpected
+ *  abstract state is encountered, the implementation must fail gracefully
+ *  with error #MBEDTLS_ERR_MPS_OPERATION_UNEXPECTED.
+ *  Conversely, if this option is not set, then the expected abstract state
+ *  is included in the preconditions of the respective API calls, and
+ *  an implementation's behaviour is undefined if the abstract state is
+ *  not as expected.
+ *
+ *  For example: Enabling this makes mps_l2_read_done() fail if
+ *  no incoming record is currently open; disabling this would
+ *  lead to undefined behavior in this case.
+ *
+ *  Comment this to remove state validation.
+ */
+#define MBEDTLS_MPS_STATE_VALIDATION
+
+/*! This flag enables/disables assertions on the internal state of MPS.
+ *
+ *  Assertions are sanity checks that should never trigger when MPS
+ *  is used within the bounds of its API and preconditions.
+ *
+ *  Enabling this increases security by limiting the scope of
+ *  potential bugs, but comes at the cost of increased code size.
+ *
+ *  Note: So far, there is no guiding principle as to what
+ *  expected conditions merit an assertion, and which don't.
+ *
+ *  Comment this to disable assertions.
+ */
+#define MBEDTLS_MPS_ENABLE_ASSERTIONS
+
+/*! This flag controls whether tracing for MPS should be enabled. */
+//#define MBEDTLS_MPS_ENABLE_TRACE
+
+#if defined(MBEDTLS_MPS_STATE_VALIDATION)
+
+#define MBEDTLS_MPS_STATE_VALIDATE_RAW(cond, string)                         \
+    do                                                                         \
+    {                                                                          \
+        if (!(cond))                                                          \
+        {                                                                      \
+            MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_ERROR, string);         \
+            MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_OPERATION_UNEXPECTED);  \
+        }                                                                      \
+    } while (0)
+
+#else /* MBEDTLS_MPS_STATE_VALIDATION */
+
+#define MBEDTLS_MPS_STATE_VALIDATE_RAW(cond, string)           \
+    do                                                           \
+    {                                                            \
+        (cond);                                                \
+    } while (0)
+
+#endif /* MBEDTLS_MPS_STATE_VALIDATION */
+
+#if defined(MBEDTLS_MPS_ENABLE_ASSERTIONS)
+
+#define MBEDTLS_MPS_ASSERT_RAW(cond, string)                          \
+    do                                                                  \
+    {                                                                   \
+        if (!(cond))                                                   \
+        {                                                               \
+            MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_ERROR, string);  \
+            MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_INTERNAL_ERROR); \
+        }                                                               \
+    } while (0)
+
+#else /* MBEDTLS_MPS_ENABLE_ASSERTIONS */
+
+#define MBEDTLS_MPS_ASSERT_RAW(cond, string) do {} while (0)
+
+#endif /* MBEDTLS_MPS_ENABLE_ASSERTIONS */
+
+
+/* \} name SECTION: MPS Configuration */
+
+/**
+ * \name SECTION:       Common types
+ *
+ * Various common types used throughout MPS.
+ * \{
+ */
+
+/** \brief   The type of buffer sizes and offsets used in MPS structures.
+ *
+ *           This is an unsigned integer type that should be large enough to
+ *           hold the length of any buffer or message processed by MPS.
+ *
+ *           The reason to pick a value as small as possible here is
+ *           to reduce the size of MPS structures.
+ *
+ * \warning  Care has to be taken when using a narrower type
+ *           than ::mbedtls_mps_size_t here because of
+ *           potential truncation during conversion.
+ *
+ * \warning  Handshake messages in TLS may be up to 2^24 ~ 16Mb in size.
+ *           If mbedtls_mps_[opt_]stored_size_t is smaller than that, the
+ *           maximum handshake message is restricted accordingly.
+ *
+ * For now, we use the default type of size_t throughout, and the use of
+ * smaller types or different types for ::mbedtls_mps_size_t and
+ * ::mbedtls_mps_stored_size_t is not yet supported.
+ *
+ */
+typedef size_t mbedtls_mps_stored_size_t;
+#define MBEDTLS_MPS_STORED_SIZE_MAX  ((mbedtls_mps_stored_size_t) -1)
+
+/** \brief The type of buffer sizes and offsets used in the MPS API
+ *         and implementation.
+ *
+ *         This must be at least as wide as ::mbedtls_stored_size_t but
+ *         may be chosen to be strictly larger if more suitable for the
+ *         target architecture.
+ *
+ *         For example, in a test build for ARM Thumb, using uint_fast16_t
+ *         instead of uint16_t reduced the code size from 1060 Byte to 962 Byte,
+ *         so almost 10%.
+ */
+typedef size_t mbedtls_mps_size_t;
+#define MBEDTLS_MPS_SIZE_MAX  ((mbedtls_mps_size_t) -1)
+
+#if MBEDTLS_MPS_STORED_SIZE_MAX > MBEDTLS_MPS_SIZE_MAX
+#error "Misconfiguration of mbedtls_mps_size_t and mbedtls_mps_stored_size_t."
+#endif
+
+/* \} SECTION: Common types */
+
+
+#endif /* MBEDTLS_MPS_COMMON_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/mps_error.h b/3rdparty/mbedtls-2.28.7/library/mps_error.h
new file mode 100644
index 0000000..016a84c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/mps_error.h
@@ -0,0 +1,89 @@
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/**
+ * \file mps_error.h
+ *
+ * \brief Error codes used by MPS
+ */
+
+#ifndef MBEDTLS_MPS_ERROR_H
+#define MBEDTLS_MPS_ERROR_H
+
+
+/* TODO: The error code allocation needs to be revisited:
+ *
+ * - Should we make (some of) the MPS Reader error codes public?
+ *   If so, we need to adjust MBEDTLS_MPS_READER_MAKE_ERROR() to hit
+ *   a gap in the Mbed TLS public error space.
+ *   If not, we have to make sure we don't forward those errors
+ *   at the level of the public API -- no risk at the moment as
+ *   long as MPS is an experimental component not accessible from
+ *   public API.
+ */
+
+/**
+ * \name SECTION:       MPS general error codes
+ *
+ * \{
+ */
+
+#ifndef MBEDTLS_MPS_ERR_BASE
+#define MBEDTLS_MPS_ERR_BASE (0)
+#endif
+
+#define MBEDTLS_MPS_MAKE_ERROR(code) \
+    (-(MBEDTLS_MPS_ERR_BASE | (code)))
+
+#define MBEDTLS_ERR_MPS_OPERATION_UNEXPECTED  MBEDTLS_MPS_MAKE_ERROR(0x1)
+#define MBEDTLS_ERR_MPS_INTERNAL_ERROR        MBEDTLS_MPS_MAKE_ERROR(0x2)
+
+/* \} name SECTION: MPS general error codes */
+
+/**
+ * \name SECTION:       MPS Reader error codes
+ *
+ * \{
+ */
+
+#ifndef MBEDTLS_MPS_READER_ERR_BASE
+#define MBEDTLS_MPS_READER_ERR_BASE (1 << 8)
+#endif
+
+#define MBEDTLS_MPS_READER_MAKE_ERROR(code) \
+    (-(MBEDTLS_MPS_READER_ERR_BASE | (code)))
+
+/*! An attempt to reclaim the data buffer from a reader failed because
+ *  the user hasn't yet read and committed all of it. */
+#define MBEDTLS_ERR_MPS_READER_DATA_LEFT             MBEDTLS_MPS_READER_MAKE_ERROR(0x1)
+
+/*! An invalid argument was passed to the reader. */
+#define MBEDTLS_ERR_MPS_READER_INVALID_ARG           MBEDTLS_MPS_READER_MAKE_ERROR(0x2)
+
+/*! An attempt to move a reader to consuming mode through mbedtls_mps_reader_feed()
+ *  after pausing failed because the provided data is not sufficient to serve the
+ *  read requests that led to the pausing. */
+#define MBEDTLS_ERR_MPS_READER_NEED_MORE             MBEDTLS_MPS_READER_MAKE_ERROR(0x3)
+
+/*! A get request failed because not enough data is available in the reader. */
+#define MBEDTLS_ERR_MPS_READER_OUT_OF_DATA           MBEDTLS_MPS_READER_MAKE_ERROR(0x4)
+
+/*!< A get request after pausing and reactivating the reader failed because
+ *   the request is not in line with the request made prior to pausing. The user
+ *   must not change it's 'strategy' after pausing and reactivating a reader. */
+#define MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS MBEDTLS_MPS_READER_MAKE_ERROR(0x5)
+
+/*! An attempt to reclaim the data buffer from a reader failed because the reader
+ *  has no accumulator it can use to backup the data that hasn't been processed. */
+#define MBEDTLS_ERR_MPS_READER_NEED_ACCUMULATOR      MBEDTLS_MPS_READER_MAKE_ERROR(0x6)
+
+/*! An attempt to reclaim the data buffer from a reader failed because the
+ *  accumulator passed to the reader is not large enough to hold both the
+ *  data that hasn't been processed and the excess of the last read-request. */
+#define MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL MBEDTLS_MPS_READER_MAKE_ERROR(0x7)
+
+/* \} name SECTION: MPS Reader error codes */
+
+#endif /* MBEDTLS_MPS_ERROR_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/mps_reader.c b/3rdparty/mbedtls-2.28.7/library/mps_reader.c
new file mode 100644
index 0000000..36ca070
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/mps_reader.c
@@ -0,0 +1,538 @@
+/*
+ *  Message Processing Stack, Reader implementation
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+
+#include "mps_reader.h"
+#include "mps_common.h"
+#include "mps_trace.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_MPS_ENABLE_TRACE)
+static int mbedtls_mps_trace_id = MBEDTLS_MPS_TRACE_BIT_READER;
+#endif /* MBEDTLS_MPS_ENABLE_TRACE */
+
+/*
+ * GENERAL NOTE ON CODING STYLE
+ *
+ * The following code intentionally separates memory loads
+ * and stores from other operations (arithmetic or branches).
+ * This leads to the introduction of many local variables
+ * and significantly increases the C-code line count, but
+ * should not increase the size of generated assembly.
+ *
+ * The reason for this is twofold:
+ * (1) It will ease verification efforts using the VST
+ *     (Verified Software Toolchain)
+ *     whose program logic cannot directly reason
+ *     about instructions containing a load or store in
+ *     addition to other operations (e.g. *p = *q or
+ *     tmp = *p + 42).
+ * (2) Operating on local variables and writing the results
+ *     back to the target contexts on success only
+ *     allows to maintain structure invariants even
+ *     on failure - this in turn has two benefits:
+ *     (2.a) If for some reason an error code is not caught
+ *           and operation continues, functions are nonetheless
+ *           called with sane contexts, reducing the risk
+ *           of dangerous behavior.
+ *     (2.b) Randomized testing is easier if structures
+ *           remain intact even in the face of failing
+ *           and/or non-sensical calls.
+ *     Moreover, it might even reduce code-size because
+ *     the compiler need not write back temporary results
+ *     to memory in case of failure.
+ *
+ */
+
+static inline int mps_reader_is_accumulating(
+    mbedtls_mps_reader const *rd)
+{
+    mbedtls_mps_size_t acc_remaining;
+    if (rd->acc == NULL) {
+        return 0;
+    }
+
+    acc_remaining = rd->acc_share.acc_remaining;
+    return acc_remaining > 0;
+}
+
+static inline int mps_reader_is_producing(
+    mbedtls_mps_reader const *rd)
+{
+    unsigned char *frag = rd->frag;
+    return frag == NULL;
+}
+
+static inline int mps_reader_is_consuming(
+    mbedtls_mps_reader const *rd)
+{
+    return !mps_reader_is_producing(rd);
+}
+
+static inline mbedtls_mps_size_t mps_reader_get_fragment_offset(
+    mbedtls_mps_reader const *rd)
+{
+    unsigned char *acc = rd->acc;
+    mbedtls_mps_size_t frag_offset;
+
+    if (acc == NULL) {
+        return 0;
+    }
+
+    frag_offset = rd->acc_share.frag_offset;
+    return frag_offset;
+}
+
+static inline mbedtls_mps_size_t mps_reader_serving_from_accumulator(
+    mbedtls_mps_reader const *rd)
+{
+    mbedtls_mps_size_t frag_offset, end;
+
+    frag_offset = mps_reader_get_fragment_offset(rd);
+    end = rd->end;
+
+    return end < frag_offset;
+}
+
+static inline void mps_reader_zero(mbedtls_mps_reader *rd)
+{
+    /* A plain memset() would likely be more efficient,
+     * but the current way of zeroing makes it harder
+     * to overlook fields which should not be zero-initialized.
+     * It's also more suitable for FV efforts since it
+     * doesn't require reasoning about structs being
+     * interpreted as unstructured binary blobs. */
+    static mbedtls_mps_reader const zero =
+    { .frag          = NULL,
+      .frag_len      = 0,
+      .commit        = 0,
+      .end           = 0,
+      .pending       = 0,
+      .acc           = NULL,
+      .acc_len       = 0,
+      .acc_available = 0,
+      .acc_share     = { .acc_remaining = 0 } };
+    *rd = zero;
+}
+
+int mbedtls_mps_reader_init(mbedtls_mps_reader *rd,
+                            unsigned char *acc,
+                            mbedtls_mps_size_t acc_len)
+{
+    MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_init");
+    MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+                      "* Accumulator size: %u bytes", (unsigned) acc_len);
+    mps_reader_zero(rd);
+    rd->acc = acc;
+    rd->acc_len = acc_len;
+    MBEDTLS_MPS_TRACE_RETURN(0);
+}
+
+int mbedtls_mps_reader_free(mbedtls_mps_reader *rd)
+{
+    MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_free");
+    mps_reader_zero(rd);
+    MBEDTLS_MPS_TRACE_RETURN(0);
+}
+
+int mbedtls_mps_reader_feed(mbedtls_mps_reader *rd,
+                            unsigned char *new_frag,
+                            mbedtls_mps_size_t new_frag_len)
+{
+    mbedtls_mps_size_t copy_to_acc;
+    MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_feed");
+    MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+                      "* Fragment length: %u bytes", (unsigned) new_frag_len);
+
+    if (new_frag == NULL) {
+        MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_READER_INVALID_ARG);
+    }
+
+    MBEDTLS_MPS_STATE_VALIDATE_RAW(mps_reader_is_producing(
+                                       rd),
+                                   "mbedtls_mps_reader_feed() requires reader to be in producing mode");
+
+    if (mps_reader_is_accumulating(rd)) {
+        unsigned char *acc    = rd->acc;
+        mbedtls_mps_size_t acc_remaining = rd->acc_share.acc_remaining;
+        mbedtls_mps_size_t acc_available = rd->acc_available;
+
+        /* Skip over parts of the accumulator that have already been filled. */
+        acc += acc_available;
+
+        copy_to_acc = acc_remaining;
+        if (copy_to_acc > new_frag_len) {
+            copy_to_acc = new_frag_len;
+        }
+
+        /* Copy new contents to accumulator. */
+        memcpy(acc, new_frag, copy_to_acc);
+
+        MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+                          "Copy new data of size %u of %u into accumulator at offset %u",
+                          (unsigned) copy_to_acc, (unsigned) new_frag_len,
+                          (unsigned) acc_available);
+
+        /* Check if, with the new fragment, we have enough data. */
+        acc_remaining -= copy_to_acc;
+        if (acc_remaining > 0) {
+            /* We need to accumulate more data. Stay in producing mode. */
+            acc_available += copy_to_acc;
+            rd->acc_share.acc_remaining = acc_remaining;
+            rd->acc_available = acc_available;
+            MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_READER_NEED_MORE);
+        }
+
+        /* We have filled the accumulator: Move to consuming mode. */
+
+        MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+                          "Enough data available to serve user request");
+
+        /* Remember overlap of accumulator and fragment. */
+        rd->acc_share.frag_offset = acc_available;
+        acc_available += copy_to_acc;
+        rd->acc_available = acc_available;
+    } else { /* Not accumulating */
+        rd->acc_share.frag_offset = 0;
+    }
+
+    rd->frag = new_frag;
+    rd->frag_len = new_frag_len;
+    rd->commit = 0;
+    rd->end = 0;
+    MBEDTLS_MPS_TRACE_RETURN(0);
+}
+
+
+int mbedtls_mps_reader_get(mbedtls_mps_reader *rd,
+                           mbedtls_mps_size_t desired,
+                           unsigned char **buffer,
+                           mbedtls_mps_size_t *buflen)
+{
+    unsigned char *frag;
+    mbedtls_mps_size_t frag_len, frag_offset, end, frag_fetched, frag_remaining;
+    MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_get");
+    MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+                      "* Bytes requested: %u", (unsigned) desired);
+
+    MBEDTLS_MPS_STATE_VALIDATE_RAW(mps_reader_is_consuming(
+                                       rd),
+                                   "mbedtls_mps_reader_get() requires reader to be in consuming mode");
+
+    end = rd->end;
+    frag_offset = mps_reader_get_fragment_offset(rd);
+
+    /* Check if we're still serving from the accumulator. */
+    if (mps_reader_serving_from_accumulator(rd)) {
+        /* Illustration of supported and unsupported cases:
+         *
+         * - Allowed #1
+         *
+         *                          +-----------------------------------+
+         *                          |               frag                |
+         *                          +-----------------------------------+
+         *
+         *             end end+desired
+         *              |       |
+         *        +-----v-------v-------------+
+         *        |          acc              |
+         *        +---------------------------+
+         *                          |         |
+         *                     frag_offset  acc_available
+         *
+         * - Allowed #2
+         *
+         *                          +-----------------------------------+
+         *                          |               frag                |
+         *                          +-----------------------------------+
+         *
+         *                  end          end+desired
+         *                   |                |
+         *        +----------v----------------v
+         *        |          acc              |
+         *        +---------------------------+
+         *                          |         |
+         *                   frag_offset acc_available
+         *
+         * - Not allowed #1 (could be served, but we don't actually use it):
+         *
+         *                      +-----------------------------------+
+         *                      |               frag                |
+         *                      +-----------------------------------+
+         *
+         *              end        end+desired
+         *               |             |
+         *        +------v-------------v------+
+         *        |          acc              |
+         *        +---------------------------+
+         *                      |             |
+         *                frag_offset   acc_available
+         *
+         *
+         * - Not allowed #2 (can't be served with a contiguous buffer):
+         *
+         *                      +-----------------------------------+
+         *                      |               frag                |
+         *                      +-----------------------------------+
+         *
+         *              end                 end + desired
+         *               |                        |
+         *        +------v--------------------+   v
+         *        |            acc            |
+         *        +---------------------------+
+         *                      |             |
+         *                frag_offset   acc_available
+         *
+         * In case of Allowed #2 we're switching to serve from
+         * `frag` starting from the next call to mbedtls_mps_reader_get().
+         */
+
+        unsigned char *acc;
+
+        MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+                          "Serve the request from the accumulator");
+        if (frag_offset - end < desired) {
+            mbedtls_mps_size_t acc_available;
+            acc_available = rd->acc_available;
+            if (acc_available - end != desired) {
+                /* It might be possible to serve some of these situations by
+                 * making additional space in the accumulator, removing those
+                 * parts that have already been committed.
+                 * On the other hand, this brings additional complexity and
+                 * enlarges the code size, while there doesn't seem to be a use
+                 * case where we don't attempt exactly the same `get` calls when
+                 * resuming on a reader than what we tried before pausing it.
+                 * If we believe we adhere to this restricted usage throughout
+                 * the library, this check is a good opportunity to
+                 * validate this. */
+                MBEDTLS_MPS_TRACE_RETURN(
+                    MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS);
+            }
+        }
+
+        acc = rd->acc;
+        acc += end;
+
+        *buffer = acc;
+        if (buflen != NULL) {
+            *buflen = desired;
+        }
+
+        end += desired;
+        rd->end = end;
+        rd->pending = 0;
+
+        MBEDTLS_MPS_TRACE_RETURN(0);
+    }
+
+    /* Attempt to serve the request from the current fragment */
+    MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+                      "Serve the request from the current fragment.");
+
+    frag_len = rd->frag_len;
+    frag_fetched = end - frag_offset; /* The amount of data from the current
+                                       * fragment that has already been passed
+                                       * to the user. */
+    frag_remaining = frag_len - frag_fetched; /* Remaining data in fragment */
+
+    /* Check if we can serve the read request from the fragment. */
+    if (frag_remaining < desired) {
+        MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+                          "There's not enough data in the current fragment "
+                          "to serve the request.");
+        /* There's not enough data in the current fragment,
+         * so either just RETURN what we have or fail. */
+        if (buflen == NULL) {
+            if (frag_remaining > 0) {
+                rd->pending = desired - frag_remaining;
+                MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+                                  "Remember to collect %u bytes before re-opening",
+                                  (unsigned) rd->pending);
+            }
+            MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_READER_OUT_OF_DATA);
+        }
+
+        desired = frag_remaining;
+    }
+
+    /* There's enough data in the current fragment to serve the
+     * (potentially modified) read request. */
+
+    frag = rd->frag;
+    frag += frag_fetched;
+
+    *buffer = frag;
+    if (buflen != NULL) {
+        *buflen = desired;
+    }
+
+    end += desired;
+    rd->end = end;
+    rd->pending = 0;
+    MBEDTLS_MPS_TRACE_RETURN(0);
+}
+
+int mbedtls_mps_reader_commit(mbedtls_mps_reader *rd)
+{
+    mbedtls_mps_size_t end;
+    MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_commit");
+    MBEDTLS_MPS_STATE_VALIDATE_RAW(mps_reader_is_consuming(
+                                       rd),
+                                   "mbedtls_mps_reader_commit() requires reader to be in consuming mode");
+
+    end = rd->end;
+    rd->commit = end;
+
+    MBEDTLS_MPS_TRACE_RETURN(0);
+}
+
+int mbedtls_mps_reader_reclaim(mbedtls_mps_reader *rd,
+                               int *paused)
+{
+    unsigned char *frag, *acc;
+    mbedtls_mps_size_t pending, commit;
+    mbedtls_mps_size_t acc_len, frag_offset, frag_len;
+    MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_reclaim");
+
+    if (paused != NULL) {
+        *paused = 0;
+    }
+
+    MBEDTLS_MPS_STATE_VALIDATE_RAW(mps_reader_is_consuming(
+                                       rd),
+                                   "mbedtls_mps_reader_reclaim() requires reader to be in consuming mode");
+
+    frag     = rd->frag;
+    acc      = rd->acc;
+    pending  = rd->pending;
+    commit   = rd->commit;
+    frag_len = rd->frag_len;
+
+    frag_offset = mps_reader_get_fragment_offset(rd);
+
+    if (pending == 0) {
+        MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+                          "No unsatisfied read-request has been logged.");
+
+        /* Check if there's data left to be consumed. */
+        if (commit < frag_offset || commit - frag_offset < frag_len) {
+            MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+                              "There is data left to be consumed.");
+            rd->end = commit;
+            MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_READER_DATA_LEFT);
+        }
+
+        rd->acc_available = 0;
+        rd->acc_share.acc_remaining = 0;
+
+        MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+                          "Fragment has been fully processed and committed.");
+    } else {
+        int overflow;
+
+        mbedtls_mps_size_t acc_backup_offset;
+        mbedtls_mps_size_t acc_backup_len;
+        mbedtls_mps_size_t frag_backup_offset;
+        mbedtls_mps_size_t frag_backup_len;
+
+        mbedtls_mps_size_t backup_len;
+        mbedtls_mps_size_t acc_len_needed;
+
+        MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+                          "There has been an unsatisfied read with %u bytes overhead.",
+                          (unsigned) pending);
+
+        if (acc == NULL) {
+            MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+                              "No accumulator present");
+            MBEDTLS_MPS_TRACE_RETURN(
+                MBEDTLS_ERR_MPS_READER_NEED_ACCUMULATOR);
+        }
+        acc_len = rd->acc_len;
+
+        /* Check if the upper layer has already fetched
+         * and committed the contents of the accumulator. */
+        if (commit < frag_offset) {
+            /* No, accumulator is still being processed. */
+            frag_backup_offset = 0;
+            frag_backup_len = frag_len;
+            acc_backup_offset = commit;
+            acc_backup_len = frag_offset - commit;
+        } else {
+            /* Yes, the accumulator is already processed. */
+            frag_backup_offset = commit - frag_offset;
+            frag_backup_len = frag_len - frag_backup_offset;
+            acc_backup_offset = 0;
+            acc_backup_len = 0;
+        }
+
+        backup_len = acc_backup_len + frag_backup_len;
+        acc_len_needed = backup_len + pending;
+
+        overflow  = 0;
+        overflow |= (backup_len     < acc_backup_len);
+        overflow |= (acc_len_needed < backup_len);
+
+        if (overflow || acc_len < acc_len_needed) {
+            /* Except for the different return code, we behave as if
+             * there hadn't been a call to mbedtls_mps_reader_get()
+             * since the last commit. */
+            rd->end = commit;
+            rd->pending = 0;
+            MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_ERROR,
+                              "The accumulator is too small to handle the backup.");
+            MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_ERROR,
+                              "* Size: %u", (unsigned) acc_len);
+            MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_ERROR,
+                              "* Needed: %u (%u + %u)",
+                              (unsigned) acc_len_needed,
+                              (unsigned) backup_len, (unsigned) pending);
+            MBEDTLS_MPS_TRACE_RETURN(
+                MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL);
+        }
+
+        MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+                          "Fragment backup: %u", (unsigned) frag_backup_len);
+        MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+                          "Accumulator backup: %u", (unsigned) acc_backup_len);
+
+        /* Move uncommitted parts from the accumulator to the front
+         * of the accumulator. */
+        memmove(acc, acc + acc_backup_offset, acc_backup_len);
+
+        /* Copy uncommitted parts of the current fragment to the
+         * accumulator. */
+        memcpy(acc + acc_backup_len,
+               frag + frag_backup_offset, frag_backup_len);
+
+        rd->acc_available = backup_len;
+        rd->acc_share.acc_remaining = pending;
+
+        if (paused != NULL) {
+            *paused = 1;
+        }
+    }
+
+    rd->frag     = NULL;
+    rd->frag_len = 0;
+
+    rd->commit  = 0;
+    rd->end     = 0;
+    rd->pending = 0;
+
+    MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+                      "Final state: aa %u, al %u, ar %u",
+                      (unsigned) rd->acc_available, (unsigned) rd->acc_len,
+                      (unsigned) rd->acc_share.acc_remaining);
+    MBEDTLS_MPS_TRACE_RETURN(0);
+}
+
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
diff --git a/3rdparty/mbedtls-2.28.7/library/mps_reader.h b/3rdparty/mbedtls-2.28.7/library/mps_reader.h
new file mode 100644
index 0000000..3193a5e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/mps_reader.h
@@ -0,0 +1,366 @@
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/**
+ * \file mps_reader.h
+ *
+ * \brief This file defines reader objects, which together with their
+ *        sibling writer objects form the basis for the communication
+ *        between the various layers of the Mbed TLS messaging stack,
+ *        as well as the communication between the messaging stack and
+ *        the (D)TLS handshake protocol implementation.
+ *
+ * Readers provide a means of transferring incoming data from
+ * a 'producer' providing it in chunks of arbitrary size, to
+ * a 'consumer' which fetches and processes it in chunks of
+ * again arbitrary, and potentially different, size.
+ *
+ * Readers can thus be seen as datagram-to-stream converters,
+ * and they abstract away the following two tasks from the user:
+ * 1. The pointer arithmetic of stepping through a producer-
+ *    provided chunk in smaller chunks.
+ * 2. The merging of incoming data chunks in case the
+ *    consumer requests data in larger chunks than what the
+ *    producer provides.
+ *
+ * The basic abstract flow of operation is the following:
+ * - Initially, the reader is in 'producing mode'.
+ * - The producer hands an incoming data buffer to the reader,
+ *   moving it from 'producing' to 'consuming' mode.
+ * - The consumer subsequently fetches and processes the buffer
+ *   content. Once that's done -- or partially done and a consumer's
+ *   request can't be fulfilled -- the producer revokes the reader's
+ *   access to the incoming data buffer, putting the reader back to
+ *   producing mode.
+ * - The producer subsequently gathers more incoming data and hands
+ *   it to the reader until it switches back to consuming mode
+ *   if enough data is available for the last consumer request to
+ *   be satisfiable.
+ * - Repeat the above.
+ *
+ * The abstract states of the reader from the producer's and
+ * consumer's perspective are as follows:
+ *
+ * - From the perspective of the consumer, the state of the
+ *   reader consists of the following:
+ *   - A byte stream representing (concatenation of) the data
+ *     received through calls to mbedtls_mps_reader_get(),
+ *   - A marker within that byte stream indicating which data
+ *     can be considered processed, and hence need not be retained,
+ *     when the reader is passed back to the producer via
+ *     mbedtls_mps_reader_reclaim().
+ *     The marker is set via mbedtls_mps_reader_commit()
+ *     which places it at the end of the current byte stream.
+ *   The consumer need not be aware of the distinction between consumer
+ *   and producer mode, because it only interfaces with the reader
+ *   when the latter is in consuming mode.
+ *
+ * - From the perspective of the producer, the reader's state is one of:
+ *   - Attached: The reader is in consuming mode.
+ *   - Unset: No incoming data buffer is currently managed by the reader,
+ *            and all previously handed incoming data buffers have been
+ *            fully processed. More data needs to be fed into the reader
+ *            via mbedtls_mps_reader_feed().
+ *
+ *   - Accumulating: No incoming data buffer is currently managed by the
+ *                   reader, but some data from the previous incoming data
+ *                   buffer hasn't been processed yet and is internally
+ *                   held back.
+ *   The Attached state belongs to consuming mode, while the Unset and
+ *   Accumulating states belong to producing mode.
+ *
+ * Transitioning from the Unset or Accumulating state to Attached is
+ * done via successful calls to mbedtls_mps_reader_feed(), while
+ * transitioning from Attached to either Unset or Accumulating (depending
+ * on what has been processed) is done via mbedtls_mps_reader_reclaim().
+ *
+ * The following diagram depicts the producer-state progression:
+ *
+ *        +------------------+             reclaim
+ *        |      Unset       +<-------------------------------------+       get
+ *        +--------|---------+                                      |   +------+
+ *                 |                                                |   |      |
+ *                 |                                                |   |      |
+ *                 |                feed                  +---------+---+--+   |
+ *                 +-------------------------------------->                <---+
+ *                                                        |    Attached    |
+ *                 +-------------------------------------->                <---+
+ *                 |     feed, enough data available      +---------+---+--+   |
+ *                 |     to serve previous consumer request         |   |      |
+ *                 |                                                |   |      |
+ *        +--------+---------+                                      |   +------+
+ *   +---->   Accumulating   |<-------------------------------------+    commit
+ *   |    +---+--------------+      reclaim, previous read request
+ *   |        |                        couldn't be fulfilled
+ *   |        |
+ *   +--------+
+ *     feed, need more data to serve
+ *     previous consumer request
+ *                                         |
+ *                                         |
+ *               producing mode            |           consuming mode
+ *                                         |
+ *
+ */
+
+#ifndef MBEDTLS_READER_H
+#define MBEDTLS_READER_H
+
+#include <stdio.h>
+
+#include "mps_common.h"
+#include "mps_error.h"
+
+struct mbedtls_mps_reader;
+typedef struct mbedtls_mps_reader mbedtls_mps_reader;
+
+/*
+ * Structure definitions
+ */
+
+struct mbedtls_mps_reader {
+    unsigned char *frag;  /*!< The fragment of incoming data managed by
+                           *   the reader; it is provided to the reader
+                           *   through mbedtls_mps_reader_feed(). The reader
+                           *   does not own the fragment and does not
+                           *   perform any allocation operations on it,
+                           *   but does have read and write access to it.
+                           *
+                           *   The reader is in consuming mode if
+                           *   and only if \c frag is not \c NULL.          */
+    mbedtls_mps_stored_size_t frag_len;
+    /*!< The length of the current fragment.
+     *   Must be 0 if \c frag == \c NULL.             */
+    mbedtls_mps_stored_size_t commit;
+    /*!< The offset of the last commit, relative
+     *   to the first byte in the fragment, if
+     *   no accumulator is present. If an accumulator
+     *   is present, it is viewed as a prefix to the
+     *   current fragment, and this variable contains
+     *   an offset from the beginning of the accumulator.
+     *
+     *   This is only used when the reader is in
+     *   consuming mode, i.e. \c frag != \c NULL;
+     *   otherwise, its value is \c 0.                */
+    mbedtls_mps_stored_size_t end;
+    /*!< The offset of the end of the last chunk
+     *   passed to the user through a call to
+     *   mbedtls_mps_reader_get(), relative to the first
+     *   byte in the fragment, if no accumulator is
+     *   present. If an accumulator is present, it is
+     *   viewed as a prefix to the current fragment, and
+     *   this variable contains an offset from the
+     *   beginning of the accumulator.
+     *
+     *   This is only used when the reader is in
+     *   consuming mode, i.e. \c frag != \c NULL;
+     *   otherwise, its value is \c 0.                */
+    mbedtls_mps_stored_size_t pending;
+    /*!< The amount of incoming data missing on the
+     *   last call to mbedtls_mps_reader_get().
+     *   In particular, it is \c 0 if the last call
+     *   was successful.
+     *   If a reader is reclaimed after an
+     *   unsuccessful call to mbedtls_mps_reader_get(),
+     *   this variable is used to have the reader
+     *   remember how much data should be accumulated
+     *   so that the call to mbedtls_mps_reader_get()
+     *   succeeds next time.
+     *   This is only used when the reader is in
+     *   consuming mode, i.e. \c frag != \c NULL;
+     *   otherwise, its value is \c 0.                */
+
+    /* The accumulator is only needed if we need to be able to pause
+     * the reader. A few bytes could be saved by moving this to a
+     * separate struct and using a pointer here. */
+
+    unsigned char *acc;   /*!< The accumulator is used to gather incoming
+                           *   data if a read-request via mbedtls_mps_reader_get()
+                           *   cannot be served from the current fragment.   */
+    mbedtls_mps_stored_size_t acc_len;
+    /*!< The total size of the accumulator.           */
+    mbedtls_mps_stored_size_t acc_available;
+    /*!< The number of bytes currently gathered in
+     *   the accumulator. This is both used in
+     *   producing and in consuming mode:
+     *   While producing, it is increased until
+     *   it reaches the value of \c acc_remaining below.
+     *   While consuming, it is used to judge if a
+     *   get request can be served from the
+     *   accumulator or not.
+     *   Must not be larger than \c acc_len.           */
+    union {
+        mbedtls_mps_stored_size_t acc_remaining;
+        /*!< This indicates the amount of data still
+         *   to be gathered in the accumulator. It is
+         *   only used in producing mode.
+         *   Must be at most acc_len - acc_available.  */
+        mbedtls_mps_stored_size_t frag_offset;
+        /*!< If an accumulator is present and in use, this
+         *   field indicates the offset of the current
+         *   fragment from the beginning of the
+         *   accumulator. If no accumulator is present
+         *   or the accumulator is not in use, this is \c 0.
+         *   It is only used in consuming mode.
+         *   Must not be larger than \c acc_available. */
+    } acc_share;
+};
+
+/*
+ * API organization:
+ * A reader object is usually prepared and maintained
+ * by some lower layer and passed for usage to an upper
+ * layer, and the API naturally splits according to which
+ * layer is supposed to use the respective functions.
+ */
+
+/*
+ * Maintenance API (Lower layer)
+ */
+
+/**
+ * \brief           Initialize a reader object
+ *
+ * \param reader    The reader to be initialized.
+ * \param acc       The buffer to be used as a temporary accumulator
+ *                  in case get requests through mbedtls_mps_reader_get()
+ *                  exceed the buffer provided by mbedtls_mps_reader_feed().
+ *                  This buffer is owned by the caller and exclusive use
+ *                  for reading and writing is given to the reader for the
+ *                  duration of the reader's lifetime. It is thus the caller's
+ *                  responsibility to maintain (and not touch) the buffer for
+ *                  the lifetime of the reader, and to properly zeroize and
+ *                  free the memory after the reader has been destroyed.
+ * \param acc_len   The size in Bytes of \p acc.
+ *
+ * \return          \c 0 on success.
+ * \return          A negative \c MBEDTLS_ERR_READER_XXX error code on failure.
+ */
+int mbedtls_mps_reader_init(mbedtls_mps_reader *reader,
+                            unsigned char *acc,
+                            mbedtls_mps_size_t acc_len);
+
+/**
+ * \brief           Free a reader object
+ *
+ * \param reader    The reader to be freed.
+ *
+ * \return          \c 0 on success.
+ * \return          A negative \c MBEDTLS_ERR_READER_XXX error code on failure.
+ */
+int mbedtls_mps_reader_free(mbedtls_mps_reader *reader);
+
+/**
+ * \brief           Pass chunk of data for the reader to manage.
+ *
+ * \param reader    The reader context to use. The reader must be
+ *                  in producing mode.
+ * \param buf       The buffer to be managed by the reader.
+ * \param buflen    The size in Bytes of \p buffer.
+ *
+ * \return          \c 0 on success. In this case, the reader will be
+ *                  moved to consuming mode and obtains read access
+ *                  of \p buf until mbedtls_mps_reader_reclaim()
+ *                  is called. It is the responsibility of the caller
+ *                  to ensure that the \p buf persists and is not changed
+ *                  between successful calls to mbedtls_mps_reader_feed()
+ *                  and mbedtls_mps_reader_reclaim().
+ * \return          \c MBEDTLS_ERR_MPS_READER_NEED_MORE if more input data is
+ *                  required to fulfill a previous request to mbedtls_mps_reader_get().
+ *                  In this case, the reader remains in producing mode and
+ *                  takes no ownership of the provided buffer (an internal copy
+ *                  is made instead).
+ * \return          Another negative \c MBEDTLS_ERR_READER_XXX error code on
+ *                  different kinds of failures.
+ */
+int mbedtls_mps_reader_feed(mbedtls_mps_reader *reader,
+                            unsigned char *buf,
+                            mbedtls_mps_size_t buflen);
+
+/**
+ * \brief           Reclaim reader's access to the current input buffer.
+ *
+ * \param reader    The reader context to use. The reader must be
+ *                  in consuming mode.
+ * \param paused    If not \c NULL, the integer at address \p paused will be
+ *                  modified to indicate whether the reader has been paused
+ *                  (value \c 1) or not (value \c 0). Pausing happens if there
+ *                  is uncommitted data and a previous request to
+ *                  mbedtls_mps_reader_get() has exceeded the bounds of the
+ *                  input buffer.
+ *
+ * \return          \c 0 on success.
+ * \return          A negative \c MBEDTLS_ERR_READER_XXX error code on failure.
+ */
+int mbedtls_mps_reader_reclaim(mbedtls_mps_reader *reader,
+                               int *paused);
+
+/*
+ * Usage API (Upper layer)
+ */
+
+/**
+ * \brief           Request data from the reader.
+ *
+ * \param reader    The reader context to use. The reader must
+ *                  be in consuming mode.
+ * \param desired   The desired amount of data to be read, in Bytes.
+ * \param buffer    The address to store the buffer pointer in.
+ *                  This must not be \c NULL.
+ * \param buflen    The address to store the actual buffer
+ *                  length in, or \c NULL.
+ *
+ * \return          \c 0 on success. In this case, \c *buf holds the
+ *                  address of a buffer of size \c *buflen
+ *                  (if \c buflen != \c NULL) or \c desired
+ *                  (if \c buflen == \c NULL). The user has read access
+ *                  to the buffer and guarantee of stability of the data
+ *                  until the next call to mbedtls_mps_reader_reclaim().
+ * \return          #MBEDTLS_ERR_MPS_READER_OUT_OF_DATA if there is not enough
+ *                  data available to serve the get request. In this case, the
+ *                  reader remains intact and in consuming mode, and the consumer
+ *                  should retry the call after a successful cycle of
+ *                  mbedtls_mps_reader_reclaim() and mbedtls_mps_reader_feed().
+ *                  If, after such a cycle, the consumer requests a different
+ *                  amount of data, the result is implementation-defined;
+ *                  progress is guaranteed only if the same amount of data
+ *                  is requested after a mbedtls_mps_reader_reclaim() and
+ *                  mbedtls_mps_reader_feed() cycle.
+ * \return          Another negative \c MBEDTLS_ERR_READER_XXX error
+ *                  code for different kinds of failure.
+ *
+ * \note            Passing \c NULL as \p buflen is a convenient way to
+ *                  indicate that fragmentation is not tolerated.
+ *                  It's functionally equivalent to passing a valid
+ *                  address as buflen and checking \c *buflen == \c desired
+ *                  afterwards.
+ */
+int mbedtls_mps_reader_get(mbedtls_mps_reader *reader,
+                           mbedtls_mps_size_t desired,
+                           unsigned char **buffer,
+                           mbedtls_mps_size_t *buflen);
+
+/**
+ * \brief         Mark data obtained from mbedtls_mps_reader_get() as processed.
+ *
+ *                This call indicates that all data received from prior calls to
+ *                mbedtls_mps_reader_get() has been or will have been
+ *                processed when mbedtls_mps_reader_reclaim() is called,
+ *                and thus need not be backed up.
+ *
+ *                This function has no user observable effect until
+ *                mbedtls_mps_reader_reclaim() is called. In particular,
+ *                buffers received from mbedtls_mps_reader_get() remain
+ *                valid until mbedtls_mps_reader_reclaim() is called.
+ *
+ * \param reader  The reader context to use.
+ *
+ * \return        \c 0 on success.
+ * \return        A negative \c MBEDTLS_ERR_READER_XXX error code on failure.
+ *
+ */
+int mbedtls_mps_reader_commit(mbedtls_mps_reader *reader);
+
+#endif /* MBEDTLS_READER_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/mps_trace.c b/3rdparty/mbedtls-2.28.7/library/mps_trace.c
new file mode 100644
index 0000000..4f580d7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/mps_trace.c
@@ -0,0 +1,112 @@
+/*
+ *  Message Processing Stack, Trace module
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+
+#include "mps_common.h"
+
+#if defined(MBEDTLS_MPS_ENABLE_TRACE)
+
+#include "mps_trace.h"
+#include <stdarg.h>
+
+static int trace_depth = 0;
+
+#define color_default  "\x1B[0m"
+#define color_red      "\x1B[1;31m"
+#define color_green    "\x1B[1;32m"
+#define color_yellow   "\x1B[1;33m"
+#define color_blue     "\x1B[1;34m"
+#define color_magenta  "\x1B[1;35m"
+#define color_cyan     "\x1B[1;36m"
+#define color_white    "\x1B[1;37m"
+
+static char const *colors[] =
+{
+    color_default,
+    color_green,
+    color_yellow,
+    color_magenta,
+    color_cyan,
+    color_blue,
+    color_white
+};
+
+#define MPS_TRACE_BUF_SIZE 100
+
+void mbedtls_mps_trace_print_msg(int id, int line, const char *format, ...)
+{
+    int ret;
+    char str[MPS_TRACE_BUF_SIZE];
+    va_list argp;
+    va_start(argp, format);
+    ret = mbedtls_vsnprintf(str, MPS_TRACE_BUF_SIZE, format, argp);
+    va_end(argp);
+
+    if (ret >= 0 && ret < MPS_TRACE_BUF_SIZE) {
+        str[ret] = '\0';
+        mbedtls_printf("[%d|L%d]: %s\n", id, line, str);
+    }
+}
+
+int mbedtls_mps_trace_get_depth()
+{
+    return trace_depth;
+}
+void mbedtls_mps_trace_dec_depth()
+{
+    trace_depth--;
+}
+void mbedtls_mps_trace_inc_depth()
+{
+    trace_depth++;
+}
+
+void mbedtls_mps_trace_color(int id)
+{
+    if (id > (int) (sizeof(colors) / sizeof(*colors))) {
+        return;
+    }
+    printf("%s", colors[id]);
+}
+
+void mbedtls_mps_trace_indent(int level, mbedtls_mps_trace_type ty)
+{
+    if (level > 0) {
+        while (--level) {
+            printf("|  ");
+        }
+
+        printf("|  ");
+    }
+
+    switch (ty) {
+        case MBEDTLS_MPS_TRACE_TYPE_COMMENT:
+            mbedtls_printf("@ ");
+            break;
+
+        case MBEDTLS_MPS_TRACE_TYPE_CALL:
+            mbedtls_printf("+--> ");
+            break;
+
+        case MBEDTLS_MPS_TRACE_TYPE_ERROR:
+            mbedtls_printf("E ");
+            break;
+
+        case MBEDTLS_MPS_TRACE_TYPE_RETURN:
+            mbedtls_printf("< ");
+            break;
+
+        default:
+            break;
+    }
+}
+
+#endif /* MBEDTLS_MPS_ENABLE_TRACE */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
diff --git a/3rdparty/mbedtls-2.28.7/library/mps_trace.h b/3rdparty/mbedtls-2.28.7/library/mps_trace.h
new file mode 100644
index 0000000..b456b2f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/mps_trace.h
@@ -0,0 +1,154 @@
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/**
+ * \file mps_trace.h
+ *
+ * \brief Tracing module for MPS
+ */
+
+#ifndef MBEDTLS_MPS_MBEDTLS_MPS_TRACE_H
+#define MBEDTLS_MPS_MBEDTLS_MPS_TRACE_H
+
+#include "common.h"
+#include "mps_common.h"
+#include "mps_trace.h"
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_MPS_ENABLE_TRACE)
+
+/*
+ * Adapt this to enable/disable tracing output
+ * from the various layers of the MPS.
+ */
+
+#define MBEDTLS_MPS_TRACE_ENABLE_LAYER_1
+#define MBEDTLS_MPS_TRACE_ENABLE_LAYER_2
+#define MBEDTLS_MPS_TRACE_ENABLE_LAYER_3
+#define MBEDTLS_MPS_TRACE_ENABLE_LAYER_4
+#define MBEDTLS_MPS_TRACE_ENABLE_READER
+#define MBEDTLS_MPS_TRACE_ENABLE_WRITER
+
+/*
+ * To use the existing trace module, only change
+ * MBEDTLS_MPS_TRACE_ENABLE_XXX above, but don't modify the
+ * rest of this file.
+ */
+
+typedef enum {
+    MBEDTLS_MPS_TRACE_TYPE_COMMENT,
+    MBEDTLS_MPS_TRACE_TYPE_CALL,
+    MBEDTLS_MPS_TRACE_TYPE_ERROR,
+    MBEDTLS_MPS_TRACE_TYPE_RETURN
+} mbedtls_mps_trace_type;
+
+#define MBEDTLS_MPS_TRACE_BIT_LAYER_1 1
+#define MBEDTLS_MPS_TRACE_BIT_LAYER_2 2
+#define MBEDTLS_MPS_TRACE_BIT_LAYER_3 3
+#define MBEDTLS_MPS_TRACE_BIT_LAYER_4 4
+#define MBEDTLS_MPS_TRACE_BIT_WRITER  5
+#define MBEDTLS_MPS_TRACE_BIT_READER  6
+
+#if defined(MBEDTLS_MPS_TRACE_ENABLE_LAYER_1)
+#define MBEDTLS_MPS_TRACE_MASK_LAYER_1 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_1)
+#else
+#define MBEDTLS_MPS_TRACE_MASK_LAYER_1 0
+#endif
+
+#if defined(MBEDTLS_MPS_TRACE_ENABLE_LAYER_2)
+#define MBEDTLS_MPS_TRACE_MASK_LAYER_2 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_2)
+#else
+#define MBEDTLS_MPS_TRACE_MASK_LAYER_2 0
+#endif
+
+#if defined(MBEDTLS_MPS_TRACE_ENABLE_LAYER_3)
+#define MBEDTLS_MPS_TRACE_MASK_LAYER_3 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_3)
+#else
+#define MBEDTLS_MPS_TRACE_MASK_LAYER_3 0
+#endif
+
+#if defined(MBEDTLS_MPS_TRACE_ENABLE_LAYER_4)
+#define MBEDTLS_MPS_TRACE_MASK_LAYER_4 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_4)
+#else
+#define MBEDTLS_MPS_TRACE_MASK_LAYER_4 0
+#endif
+
+#if defined(MBEDTLS_MPS_TRACE_ENABLE_READER)
+#define MBEDTLS_MPS_TRACE_MASK_READER (1u << MBEDTLS_MPS_TRACE_BIT_READER)
+#else
+#define MBEDTLS_MPS_TRACE_MASK_READER 0
+#endif
+
+#if defined(MBEDTLS_MPS_TRACE_ENABLE_WRITER)
+#define MBEDTLS_MPS_TRACE_MASK_WRITER (1u << MBEDTLS_MPS_TRACE_BIT_WRITER)
+#else
+#define MBEDTLS_MPS_TRACE_MASK_WRITER 0
+#endif
+
+#define MBEDTLS_MPS_TRACE_MASK (MBEDTLS_MPS_TRACE_MASK_LAYER_1 |       \
+                                MBEDTLS_MPS_TRACE_MASK_LAYER_2 |       \
+                                MBEDTLS_MPS_TRACE_MASK_LAYER_3 |       \
+                                MBEDTLS_MPS_TRACE_MASK_LAYER_4 |       \
+                                MBEDTLS_MPS_TRACE_MASK_READER  |       \
+                                MBEDTLS_MPS_TRACE_MASK_WRITER)
+
+/* We have to avoid globals because E-ACSL chokes on them...
+ * Wrap everything in stub functions. */
+int  mbedtls_mps_trace_get_depth(void);
+void mbedtls_mps_trace_inc_depth(void);
+void mbedtls_mps_trace_dec_depth(void);
+
+void mbedtls_mps_trace_color(int id);
+void mbedtls_mps_trace_indent(int level, mbedtls_mps_trace_type ty);
+
+void mbedtls_mps_trace_print_msg(int id, int line, const char *format, ...);
+
+#define MBEDTLS_MPS_TRACE(type, ...)                                              \
+    do {                                                                            \
+        if (!(MBEDTLS_MPS_TRACE_MASK & (1u << mbedtls_mps_trace_id)))         \
+        break;                                                                  \
+        mbedtls_mps_trace_indent(mbedtls_mps_trace_get_depth(), type);            \
+        mbedtls_mps_trace_color(mbedtls_mps_trace_id);                            \
+        mbedtls_mps_trace_print_msg(mbedtls_mps_trace_id, __LINE__, __VA_ARGS__); \
+        mbedtls_mps_trace_color(0);                                               \
+    } while (0)
+
+#define MBEDTLS_MPS_TRACE_INIT(...)                                         \
+    do {                                                                      \
+        if (!(MBEDTLS_MPS_TRACE_MASK & (1u << mbedtls_mps_trace_id)))   \
+        break;                                                            \
+        MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_CALL, __VA_ARGS__);        \
+        mbedtls_mps_trace_inc_depth();                                        \
+    } while (0)
+
+#define MBEDTLS_MPS_TRACE_END(val)                                        \
+    do {                                                                    \
+        if (!(MBEDTLS_MPS_TRACE_MASK & (1u << mbedtls_mps_trace_id))) \
+        break;                                                          \
+        MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_RETURN, "%d (-%#04x)",    \
+                          (int) (val), -((unsigned) (val)));                           \
+        mbedtls_mps_trace_dec_depth();                                      \
+    } while (0)
+
+#define MBEDTLS_MPS_TRACE_RETURN(val)         \
+    do {                                        \
+        /* Breaks tail recursion. */            \
+        int ret__ = val;                        \
+        MBEDTLS_MPS_TRACE_END(ret__);         \
+        return ret__;                        \
+    } while (0)
+
+#else /* MBEDTLS_MPS_TRACE */
+
+#define MBEDTLS_MPS_TRACE(type, ...) do { } while (0)
+#define MBEDTLS_MPS_TRACE_INIT(...)  do { } while (0)
+#define MBEDTLS_MPS_TRACE_END          do { } while (0)
+
+#define MBEDTLS_MPS_TRACE_RETURN(val) return val;
+
+#endif /* MBEDTLS_MPS_TRACE */
+
+#endif /* MBEDTLS_MPS_MBEDTLS_MPS_TRACE_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/net_sockets.c b/3rdparty/mbedtls-2.28.7/library/net_sockets.c
new file mode 100644
index 0000000..8140eea
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/net_sockets.c
@@ -0,0 +1,701 @@
+/*
+ *  TCP/IP or UDP/IP networking functions
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/* Enable definition of getaddrinfo() even when compiling with -std=c99. Must
+ * be set before config.h, which pulls in glibc's features.h indirectly.
+ * Harmless on other platforms. */
+#ifndef _POSIX_C_SOURCE
+#define _POSIX_C_SOURCE 200112L
+#endif
+#ifndef _XOPEN_SOURCE
+#define _XOPEN_SOURCE 600 /* sockaddr_storage */
+#endif
+
+#include "common.h"
+
+#if defined(MBEDTLS_NET_C)
+
+#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \
+    !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \
+    !defined(__HAIKU__) && !defined(__midipix__)
+#error "This module only works on Unix and Windows, see MBEDTLS_NET_C in config.h"
+#endif
+
+#include "mbedtls/platform.h"
+
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
+    !defined(EFI32)
+
+#define IS_EINTR(ret) ((ret) == WSAEINTR)
+
+#if !defined(_WIN32_WINNT)
+/* Enables getaddrinfo() & Co */
+#define _WIN32_WINNT 0x0501
+#endif
+
+#include <ws2tcpip.h>
+
+#include <winsock2.h>
+#include <windows.h>
+#if (_WIN32_WINNT < 0x0501)
+#include <wspiapi.h>
+#endif
+
+#if defined(_MSC_VER)
+#if defined(_WIN32_WCE)
+#pragma comment( lib, "ws2.lib" )
+#else
+#pragma comment( lib, "ws2_32.lib" )
+#endif
+#endif /* _MSC_VER */
+
+#define read(fd, buf, len)        recv(fd, (char *) (buf), (int) (len), 0)
+#define write(fd, buf, len)       send(fd, (char *) (buf), (int) (len), 0)
+#define close(fd)               closesocket(fd)
+
+static int wsa_init_done = 0;
+
+#else /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <sys/time.h>
+#include <unistd.h>
+#include <signal.h>
+#include <fcntl.h>
+#include <netdb.h>
+#include <errno.h>
+
+#define IS_EINTR(ret) ((ret) == EINTR)
+#define SOCKET int
+
+#endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
+
+/* Some MS functions want int and MSVC warns if we pass size_t,
+ * but the standard functions use socklen_t, so cast only for MSVC */
+#if defined(_MSC_VER)
+#define MSVC_INT_CAST   (int)
+#else
+#define MSVC_INT_CAST
+#endif
+
+#include <stdio.h>
+
+#if defined(MBEDTLS_HAVE_TIME)
+#include <time.h>
+#endif
+
+#include <stdint.h>
+
+/*
+ * Prepare for using the sockets interface
+ */
+static int net_prepare(void)
+{
+#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
+    !defined(EFI32)
+    WSADATA wsaData;
+
+    if (wsa_init_done == 0) {
+        if (WSAStartup(MAKEWORD(2, 0), &wsaData) != 0) {
+            return MBEDTLS_ERR_NET_SOCKET_FAILED;
+        }
+
+        wsa_init_done = 1;
+    }
+#else
+#if !defined(EFIX64) && !defined(EFI32)
+    signal(SIGPIPE, SIG_IGN);
+#endif
+#endif
+    return 0;
+}
+
+/*
+ * Return 0 if the file descriptor is valid, an error otherwise.
+ * If for_select != 0, check whether the file descriptor is within the range
+ * allowed for fd_set used for the FD_xxx macros and the select() function.
+ */
+static int check_fd(int fd, int for_select)
+{
+    if (fd < 0) {
+        return MBEDTLS_ERR_NET_INVALID_CONTEXT;
+    }
+
+#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
+    !defined(EFI32)
+    (void) for_select;
+#else
+    /* A limitation of select() is that it only works with file descriptors
+     * that are strictly less than FD_SETSIZE. This is a limitation of the
+     * fd_set type. Error out early, because attempting to call FD_SET on a
+     * large file descriptor is a buffer overflow on typical platforms. */
+    if (for_select && fd >= FD_SETSIZE) {
+        return MBEDTLS_ERR_NET_POLL_FAILED;
+    }
+#endif
+
+    return 0;
+}
+
+/*
+ * Initialize a context
+ */
+void mbedtls_net_init(mbedtls_net_context *ctx)
+{
+    ctx->fd = -1;
+}
+
+/*
+ * Initiate a TCP connection with host:port and the given protocol
+ */
+int mbedtls_net_connect(mbedtls_net_context *ctx, const char *host,
+                        const char *port, int proto)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    struct addrinfo hints, *addr_list, *cur;
+
+    if ((ret = net_prepare()) != 0) {
+        return ret;
+    }
+
+    /* Do name resolution with both IPv6 and IPv4 */
+    memset(&hints, 0, sizeof(hints));
+    hints.ai_family = AF_UNSPEC;
+    hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM;
+    hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP;
+
+    if (getaddrinfo(host, port, &hints, &addr_list) != 0) {
+        return MBEDTLS_ERR_NET_UNKNOWN_HOST;
+    }
+
+    /* Try the sockaddrs until a connection succeeds */
+    ret = MBEDTLS_ERR_NET_UNKNOWN_HOST;
+    for (cur = addr_list; cur != NULL; cur = cur->ai_next) {
+        ctx->fd = (int) socket(cur->ai_family, cur->ai_socktype,
+                               cur->ai_protocol);
+        if (ctx->fd < 0) {
+            ret = MBEDTLS_ERR_NET_SOCKET_FAILED;
+            continue;
+        }
+
+        if (connect(ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen) == 0) {
+            ret = 0;
+            break;
+        }
+
+        close(ctx->fd);
+        ret = MBEDTLS_ERR_NET_CONNECT_FAILED;
+    }
+
+    freeaddrinfo(addr_list);
+
+    return ret;
+}
+
+/*
+ * Create a listening socket on bind_ip:port
+ */
+int mbedtls_net_bind(mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto)
+{
+    int n, ret;
+    struct addrinfo hints, *addr_list, *cur;
+
+    if ((ret = net_prepare()) != 0) {
+        return ret;
+    }
+
+    /* Bind to IPv6 and/or IPv4, but only in the desired protocol */
+    memset(&hints, 0, sizeof(hints));
+    hints.ai_family = AF_UNSPEC;
+    hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM;
+    hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP;
+    if (bind_ip == NULL) {
+        hints.ai_flags = AI_PASSIVE;
+    }
+
+    if (getaddrinfo(bind_ip, port, &hints, &addr_list) != 0) {
+        return MBEDTLS_ERR_NET_UNKNOWN_HOST;
+    }
+
+    /* Try the sockaddrs until a binding succeeds */
+    ret = MBEDTLS_ERR_NET_UNKNOWN_HOST;
+    for (cur = addr_list; cur != NULL; cur = cur->ai_next) {
+        ctx->fd = (int) socket(cur->ai_family, cur->ai_socktype,
+                               cur->ai_protocol);
+        if (ctx->fd < 0) {
+            ret = MBEDTLS_ERR_NET_SOCKET_FAILED;
+            continue;
+        }
+
+        n = 1;
+        if (setsockopt(ctx->fd, SOL_SOCKET, SO_REUSEADDR,
+                       (const char *) &n, sizeof(n)) != 0) {
+            close(ctx->fd);
+            ret = MBEDTLS_ERR_NET_SOCKET_FAILED;
+            continue;
+        }
+
+        if (bind(ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen) != 0) {
+            close(ctx->fd);
+            ret = MBEDTLS_ERR_NET_BIND_FAILED;
+            continue;
+        }
+
+        /* Listen only makes sense for TCP */
+        if (proto == MBEDTLS_NET_PROTO_TCP) {
+            if (listen(ctx->fd, MBEDTLS_NET_LISTEN_BACKLOG) != 0) {
+                close(ctx->fd);
+                ret = MBEDTLS_ERR_NET_LISTEN_FAILED;
+                continue;
+            }
+        }
+
+        /* Bind was successful */
+        ret = 0;
+        break;
+    }
+
+    freeaddrinfo(addr_list);
+
+    return ret;
+
+}
+
+#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
+    !defined(EFI32)
+/*
+ * Check if the requested operation would be blocking on a non-blocking socket
+ * and thus 'failed' with a negative return value.
+ */
+static int net_would_block(const mbedtls_net_context *ctx)
+{
+    ((void) ctx);
+    return WSAGetLastError() == WSAEWOULDBLOCK;
+}
+#else
+/*
+ * Check if the requested operation would be blocking on a non-blocking socket
+ * and thus 'failed' with a negative return value.
+ *
+ * Note: on a blocking socket this function always returns 0!
+ */
+static int net_would_block(const mbedtls_net_context *ctx)
+{
+    int err = errno;
+
+    /*
+     * Never return 'WOULD BLOCK' on a blocking socket
+     */
+    if ((fcntl(ctx->fd, F_GETFL) & O_NONBLOCK) != O_NONBLOCK) {
+        errno = err;
+        return 0;
+    }
+
+    switch (errno = err) {
+#if defined EAGAIN
+        case EAGAIN:
+#endif
+#if defined EWOULDBLOCK && EWOULDBLOCK != EAGAIN
+        case EWOULDBLOCK:
+#endif
+    return 1;
+    }
+    return 0;
+}
+#endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
+
+/*
+ * Accept a connection from a remote client
+ */
+int mbedtls_net_accept(mbedtls_net_context *bind_ctx,
+                       mbedtls_net_context *client_ctx,
+                       void *client_ip, size_t buf_size, size_t *ip_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    int type;
+
+    struct sockaddr_storage client_addr;
+
+#if defined(__socklen_t_defined) || defined(_SOCKLEN_T) ||  \
+    defined(_SOCKLEN_T_DECLARED) || defined(__DEFINED_socklen_t) || \
+    defined(socklen_t) || (defined(_POSIX_VERSION) && _POSIX_VERSION >= 200112L)
+    socklen_t n = (socklen_t) sizeof(client_addr);
+    socklen_t type_len = (socklen_t) sizeof(type);
+#else
+    int n = (int) sizeof(client_addr);
+    int type_len = (int) sizeof(type);
+#endif
+
+    /* Is this a TCP or UDP socket? */
+    if (getsockopt(bind_ctx->fd, SOL_SOCKET, SO_TYPE,
+                   (void *) &type, &type_len) != 0 ||
+        (type != SOCK_STREAM && type != SOCK_DGRAM)) {
+        return MBEDTLS_ERR_NET_ACCEPT_FAILED;
+    }
+
+    if (type == SOCK_STREAM) {
+        /* TCP: actual accept() */
+        ret = client_ctx->fd = (int) accept(bind_ctx->fd,
+                                            (struct sockaddr *) &client_addr, &n);
+    } else {
+        /* UDP: wait for a message, but keep it in the queue */
+        char buf[1] = { 0 };
+
+        ret = (int) recvfrom(bind_ctx->fd, buf, sizeof(buf), MSG_PEEK,
+                             (struct sockaddr *) &client_addr, &n);
+
+#if defined(_WIN32)
+        if (ret == SOCKET_ERROR &&
+            WSAGetLastError() == WSAEMSGSIZE) {
+            /* We know buf is too small, thanks, just peeking here */
+            ret = 0;
+        }
+#endif
+    }
+
+    if (ret < 0) {
+        if (net_would_block(bind_ctx) != 0) {
+            return MBEDTLS_ERR_SSL_WANT_READ;
+        }
+
+        return MBEDTLS_ERR_NET_ACCEPT_FAILED;
+    }
+
+    /* UDP: hijack the listening socket to communicate with the client,
+     * then bind a new socket to accept new connections */
+    if (type != SOCK_STREAM) {
+        struct sockaddr_storage local_addr;
+        int one = 1;
+
+        if (connect(bind_ctx->fd, (struct sockaddr *) &client_addr, n) != 0) {
+            return MBEDTLS_ERR_NET_ACCEPT_FAILED;
+        }
+
+        client_ctx->fd = bind_ctx->fd;
+        bind_ctx->fd   = -1; /* In case we exit early */
+
+        n = sizeof(struct sockaddr_storage);
+        if (getsockname(client_ctx->fd,
+                        (struct sockaddr *) &local_addr, &n) != 0 ||
+            (bind_ctx->fd = (int) socket(local_addr.ss_family,
+                                         SOCK_DGRAM, IPPROTO_UDP)) < 0 ||
+            setsockopt(bind_ctx->fd, SOL_SOCKET, SO_REUSEADDR,
+                       (const char *) &one, sizeof(one)) != 0) {
+            return MBEDTLS_ERR_NET_SOCKET_FAILED;
+        }
+
+        if (bind(bind_ctx->fd, (struct sockaddr *) &local_addr, n) != 0) {
+            return MBEDTLS_ERR_NET_BIND_FAILED;
+        }
+    }
+
+    if (client_ip != NULL) {
+        if (client_addr.ss_family == AF_INET) {
+            struct sockaddr_in *addr4 = (struct sockaddr_in *) &client_addr;
+            *ip_len = sizeof(addr4->sin_addr.s_addr);
+
+            if (buf_size < *ip_len) {
+                return MBEDTLS_ERR_NET_BUFFER_TOO_SMALL;
+            }
+
+            memcpy(client_ip, &addr4->sin_addr.s_addr, *ip_len);
+        } else {
+            struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *) &client_addr;
+            *ip_len = sizeof(addr6->sin6_addr.s6_addr);
+
+            if (buf_size < *ip_len) {
+                return MBEDTLS_ERR_NET_BUFFER_TOO_SMALL;
+            }
+
+            memcpy(client_ip, &addr6->sin6_addr.s6_addr, *ip_len);
+        }
+    }
+
+    return 0;
+}
+
+/*
+ * Set the socket blocking or non-blocking
+ */
+int mbedtls_net_set_block(mbedtls_net_context *ctx)
+{
+#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
+    !defined(EFI32)
+    u_long n = 0;
+    return ioctlsocket(ctx->fd, FIONBIO, &n);
+#else
+    return fcntl(ctx->fd, F_SETFL, fcntl(ctx->fd, F_GETFL) & ~O_NONBLOCK);
+#endif
+}
+
+int mbedtls_net_set_nonblock(mbedtls_net_context *ctx)
+{
+#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
+    !defined(EFI32)
+    u_long n = 1;
+    return ioctlsocket(ctx->fd, FIONBIO, &n);
+#else
+    return fcntl(ctx->fd, F_SETFL, fcntl(ctx->fd, F_GETFL) | O_NONBLOCK);
+#endif
+}
+
+/*
+ * Check if data is available on the socket
+ */
+
+int mbedtls_net_poll(mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    struct timeval tv;
+
+    fd_set read_fds;
+    fd_set write_fds;
+
+    int fd = ctx->fd;
+
+    ret = check_fd(fd, 1);
+    if (ret != 0) {
+        return ret;
+    }
+
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer)
+    /* Ensure that memory sanitizers consider read_fds and write_fds as
+     * initialized even on platforms such as Glibc/x86_64 where FD_ZERO
+     * is implemented in assembly. */
+    memset(&read_fds, 0, sizeof(read_fds));
+    memset(&write_fds, 0, sizeof(write_fds));
+#endif
+#endif
+
+    FD_ZERO(&read_fds);
+    if (rw & MBEDTLS_NET_POLL_READ) {
+        rw &= ~MBEDTLS_NET_POLL_READ;
+        FD_SET((SOCKET) fd, &read_fds);
+    }
+
+    FD_ZERO(&write_fds);
+    if (rw & MBEDTLS_NET_POLL_WRITE) {
+        rw &= ~MBEDTLS_NET_POLL_WRITE;
+        FD_SET((SOCKET) fd, &write_fds);
+    }
+
+    if (rw != 0) {
+        return MBEDTLS_ERR_NET_BAD_INPUT_DATA;
+    }
+
+    tv.tv_sec  = timeout / 1000;
+    tv.tv_usec = (timeout % 1000) * 1000;
+
+    do {
+        ret = select(fd + 1, &read_fds, &write_fds, NULL,
+                     timeout == (uint32_t) -1 ? NULL : &tv);
+    } while (IS_EINTR(ret));
+
+    if (ret < 0) {
+        return MBEDTLS_ERR_NET_POLL_FAILED;
+    }
+
+    ret = 0;
+    if (FD_ISSET(fd, &read_fds)) {
+        ret |= MBEDTLS_NET_POLL_READ;
+    }
+    if (FD_ISSET(fd, &write_fds)) {
+        ret |= MBEDTLS_NET_POLL_WRITE;
+    }
+
+    return ret;
+}
+
+/*
+ * Portable usleep helper
+ */
+void mbedtls_net_usleep(unsigned long usec)
+{
+#if defined(_WIN32)
+    Sleep((usec + 999) / 1000);
+#else
+    struct timeval tv;
+    tv.tv_sec  = usec / 1000000;
+#if defined(__unix__) || defined(__unix) || \
+    (defined(__APPLE__) && defined(__MACH__))
+    tv.tv_usec = (suseconds_t) usec % 1000000;
+#else
+    tv.tv_usec = usec % 1000000;
+#endif
+    select(0, NULL, NULL, NULL, &tv);
+#endif
+}
+
+/*
+ * Read at most 'len' characters
+ */
+int mbedtls_net_recv(void *ctx, unsigned char *buf, size_t len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    int fd = ((mbedtls_net_context *) ctx)->fd;
+
+    ret = check_fd(fd, 0);
+    if (ret != 0) {
+        return ret;
+    }
+
+    ret = (int) read(fd, buf, len);
+
+    if (ret < 0) {
+        if (net_would_block(ctx) != 0) {
+            return MBEDTLS_ERR_SSL_WANT_READ;
+        }
+
+#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
+        !defined(EFI32)
+        if (WSAGetLastError() == WSAECONNRESET) {
+            return MBEDTLS_ERR_NET_CONN_RESET;
+        }
+#else
+        if (errno == EPIPE || errno == ECONNRESET) {
+            return MBEDTLS_ERR_NET_CONN_RESET;
+        }
+
+        if (errno == EINTR) {
+            return MBEDTLS_ERR_SSL_WANT_READ;
+        }
+#endif
+
+        return MBEDTLS_ERR_NET_RECV_FAILED;
+    }
+
+    return ret;
+}
+
+/*
+ * Read at most 'len' characters, blocking for at most 'timeout' ms
+ */
+int mbedtls_net_recv_timeout(void *ctx, unsigned char *buf,
+                             size_t len, uint32_t timeout)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    struct timeval tv;
+    fd_set read_fds;
+    int fd = ((mbedtls_net_context *) ctx)->fd;
+
+    ret = check_fd(fd, 1);
+    if (ret != 0) {
+        return ret;
+    }
+
+    FD_ZERO(&read_fds);
+    FD_SET((SOCKET) fd, &read_fds);
+
+    tv.tv_sec  = timeout / 1000;
+    tv.tv_usec = (timeout % 1000) * 1000;
+
+    ret = select(fd + 1, &read_fds, NULL, NULL, timeout == 0 ? NULL : &tv);
+
+    /* Zero fds ready means we timed out */
+    if (ret == 0) {
+        return MBEDTLS_ERR_SSL_TIMEOUT;
+    }
+
+    if (ret < 0) {
+#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
+        !defined(EFI32)
+        if (WSAGetLastError() == WSAEINTR) {
+            return MBEDTLS_ERR_SSL_WANT_READ;
+        }
+#else
+        if (errno == EINTR) {
+            return MBEDTLS_ERR_SSL_WANT_READ;
+        }
+#endif
+
+        return MBEDTLS_ERR_NET_RECV_FAILED;
+    }
+
+    /* This call will not block */
+    return mbedtls_net_recv(ctx, buf, len);
+}
+
+/*
+ * Write at most 'len' characters
+ */
+int mbedtls_net_send(void *ctx, const unsigned char *buf, size_t len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    int fd = ((mbedtls_net_context *) ctx)->fd;
+
+    ret = check_fd(fd, 0);
+    if (ret != 0) {
+        return ret;
+    }
+
+    ret = (int) write(fd, buf, len);
+
+    if (ret < 0) {
+        if (net_would_block(ctx) != 0) {
+            return MBEDTLS_ERR_SSL_WANT_WRITE;
+        }
+
+#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
+        !defined(EFI32)
+        if (WSAGetLastError() == WSAECONNRESET) {
+            return MBEDTLS_ERR_NET_CONN_RESET;
+        }
+#else
+        if (errno == EPIPE || errno == ECONNRESET) {
+            return MBEDTLS_ERR_NET_CONN_RESET;
+        }
+
+        if (errno == EINTR) {
+            return MBEDTLS_ERR_SSL_WANT_WRITE;
+        }
+#endif
+
+        return MBEDTLS_ERR_NET_SEND_FAILED;
+    }
+
+    return ret;
+}
+
+/*
+ * Close the connection
+ */
+void mbedtls_net_close(mbedtls_net_context *ctx)
+{
+    if (ctx->fd == -1) {
+        return;
+    }
+
+    close(ctx->fd);
+
+    ctx->fd = -1;
+}
+
+/*
+ * Gracefully close the connection
+ */
+void mbedtls_net_free(mbedtls_net_context *ctx)
+{
+    if (ctx->fd == -1) {
+        return;
+    }
+
+    shutdown(ctx->fd, 2);
+    close(ctx->fd);
+
+    ctx->fd = -1;
+}
+
+#endif /* MBEDTLS_NET_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/nist_kw.c b/3rdparty/mbedtls-2.28.7/library/nist_kw.c
new file mode 100644
index 0000000..5a5b995
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/nist_kw.c
@@ -0,0 +1,670 @@
+/*
+ *  Implementation of NIST SP 800-38F key wrapping, supporting KW and KWP modes
+ *  only
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ * Definition of Key Wrapping:
+ * https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf
+ * RFC 3394 "Advanced Encryption Standard (AES) Key Wrap Algorithm"
+ * RFC 5649 "Advanced Encryption Standard (AES) Key Wrap with Padding Algorithm"
+ *
+ * Note: RFC 3394 defines different methodology for intermediate operations for
+ * the wrapping and unwrapping operation than the definition in NIST SP 800-38F.
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_NIST_KW_C)
+
+#include "mbedtls/nist_kw.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+#include "mbedtls/constant_time.h"
+#include "constant_time_internal.h"
+
+#include <stdint.h>
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_NIST_KW_ALT)
+
+#define KW_SEMIBLOCK_LENGTH    8
+#define MIN_SEMIBLOCKS_COUNT   3
+
+/*! The 64-bit default integrity check value (ICV) for KW mode. */
+static const unsigned char NIST_KW_ICV1[] = { 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6 };
+/*! The 32-bit default integrity check value (ICV) for KWP mode. */
+static const  unsigned char NIST_KW_ICV2[] = { 0xA6, 0x59, 0x59, 0xA6 };
+
+/*
+ * Initialize context
+ */
+void mbedtls_nist_kw_init(mbedtls_nist_kw_context *ctx)
+{
+    memset(ctx, 0, sizeof(mbedtls_nist_kw_context));
+}
+
+int mbedtls_nist_kw_setkey(mbedtls_nist_kw_context *ctx,
+                           mbedtls_cipher_id_t cipher,
+                           const unsigned char *key,
+                           unsigned int keybits,
+                           const int is_wrap)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const mbedtls_cipher_info_t *cipher_info;
+
+    cipher_info = mbedtls_cipher_info_from_values(cipher,
+                                                  keybits,
+                                                  MBEDTLS_MODE_ECB);
+    if (cipher_info == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    if (cipher_info->block_size != 16) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    /*
+     * SP 800-38F currently defines AES cipher as the only block cipher allowed:
+     * "For KW and KWP, the underlying block cipher shall be approved, and the
+     *  block size shall be 128 bits. Currently, the AES block cipher, with key
+     *  lengths of 128, 192, or 256 bits, is the only block cipher that fits
+     *  this profile."
+     *  Currently we don't support other 128 bit block ciphers for key wrapping,
+     *  such as Camellia and Aria.
+     */
+    if (cipher != MBEDTLS_CIPHER_ID_AES) {
+        return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+    }
+
+    mbedtls_cipher_free(&ctx->cipher_ctx);
+
+    if ((ret = mbedtls_cipher_setup(&ctx->cipher_ctx, cipher_info)) != 0) {
+        return ret;
+    }
+
+    if ((ret = mbedtls_cipher_setkey(&ctx->cipher_ctx, key, keybits,
+                                     is_wrap ? MBEDTLS_ENCRYPT :
+                                     MBEDTLS_DECRYPT)
+         ) != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+
+/*
+ * Free context
+ */
+void mbedtls_nist_kw_free(mbedtls_nist_kw_context *ctx)
+{
+    mbedtls_cipher_free(&ctx->cipher_ctx);
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_nist_kw_context));
+}
+
+/*
+ * Helper function for Xoring the uint64_t "t" with the encrypted A.
+ * Defined in NIST SP 800-38F section 6.1
+ */
+static void calc_a_xor_t(unsigned char A[KW_SEMIBLOCK_LENGTH], uint64_t t)
+{
+    size_t i = 0;
+    for (i = 0; i < sizeof(t); i++) {
+        A[i] ^= (t >> ((sizeof(t) - 1 - i) * 8)) & 0xff;
+    }
+}
+
+/*
+ * KW-AE as defined in SP 800-38F section 6.2
+ * KWP-AE as defined in SP 800-38F section 6.3
+ */
+int mbedtls_nist_kw_wrap(mbedtls_nist_kw_context *ctx,
+                         mbedtls_nist_kw_mode_t mode,
+                         const unsigned char *input, size_t in_len,
+                         unsigned char *output, size_t *out_len, size_t out_size)
+{
+    int ret = 0;
+    size_t semiblocks = 0;
+    size_t s;
+    size_t olen, padlen = 0;
+    uint64_t t = 0;
+    unsigned char outbuff[KW_SEMIBLOCK_LENGTH * 2];
+    unsigned char inbuff[KW_SEMIBLOCK_LENGTH * 2];
+
+    *out_len = 0;
+    /*
+     * Generate the String to work on
+     */
+    if (mode == MBEDTLS_KW_MODE_KW) {
+        if (out_size < in_len + KW_SEMIBLOCK_LENGTH) {
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+        }
+
+        /*
+         * According to SP 800-38F Table 1, the plaintext length for KW
+         * must be between 2 to 2^54-1 semiblocks inclusive.
+         */
+        if (in_len < 16 ||
+#if SIZE_MAX > 0x1FFFFFFFFFFFFF8
+            in_len > 0x1FFFFFFFFFFFFF8 ||
+#endif
+            in_len % KW_SEMIBLOCK_LENGTH != 0) {
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+        }
+
+        memcpy(output, NIST_KW_ICV1, KW_SEMIBLOCK_LENGTH);
+        memmove(output + KW_SEMIBLOCK_LENGTH, input, in_len);
+    } else {
+        if (in_len % 8 != 0) {
+            padlen = (8 - (in_len % 8));
+        }
+
+        if (out_size < in_len + KW_SEMIBLOCK_LENGTH + padlen) {
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+        }
+
+        /*
+         * According to SP 800-38F Table 1, the plaintext length for KWP
+         * must be between 1 and 2^32-1 octets inclusive.
+         */
+        if (in_len < 1
+#if SIZE_MAX > 0xFFFFFFFF
+            || in_len > 0xFFFFFFFF
+#endif
+            ) {
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+        }
+
+        memcpy(output, NIST_KW_ICV2, KW_SEMIBLOCK_LENGTH / 2);
+        MBEDTLS_PUT_UINT32_BE((in_len & 0xffffffff), output,
+                              KW_SEMIBLOCK_LENGTH / 2);
+
+        memcpy(output + KW_SEMIBLOCK_LENGTH, input, in_len);
+        memset(output + KW_SEMIBLOCK_LENGTH + in_len, 0, padlen);
+    }
+    semiblocks = ((in_len + padlen) / KW_SEMIBLOCK_LENGTH) + 1;
+
+    s = 6 * (semiblocks - 1);
+
+    if (mode == MBEDTLS_KW_MODE_KWP
+        && in_len <= KW_SEMIBLOCK_LENGTH) {
+        memcpy(inbuff, output, 16);
+        ret = mbedtls_cipher_update(&ctx->cipher_ctx,
+                                    inbuff, 16, output, &olen);
+        if (ret != 0) {
+            goto cleanup;
+        }
+    } else {
+        unsigned char *R2 = output + KW_SEMIBLOCK_LENGTH;
+        unsigned char *A = output;
+
+        /*
+         * Do the wrapping function W, as defined in RFC 3394 section 2.2.1
+         */
+        if (semiblocks < MIN_SEMIBLOCKS_COUNT) {
+            ret = MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+            goto cleanup;
+        }
+
+        /* Calculate intermediate values */
+        for (t = 1; t <= s; t++) {
+            memcpy(inbuff, A, KW_SEMIBLOCK_LENGTH);
+            memcpy(inbuff + KW_SEMIBLOCK_LENGTH, R2, KW_SEMIBLOCK_LENGTH);
+
+            ret = mbedtls_cipher_update(&ctx->cipher_ctx,
+                                        inbuff, 16, outbuff, &olen);
+            if (ret != 0) {
+                goto cleanup;
+            }
+
+            memcpy(A, outbuff, KW_SEMIBLOCK_LENGTH);
+            calc_a_xor_t(A, t);
+
+            memcpy(R2, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH);
+            R2 += KW_SEMIBLOCK_LENGTH;
+            if (R2 >= output + (semiblocks * KW_SEMIBLOCK_LENGTH)) {
+                R2 = output + KW_SEMIBLOCK_LENGTH;
+            }
+        }
+    }
+
+    *out_len = semiblocks * KW_SEMIBLOCK_LENGTH;
+
+cleanup:
+
+    if (ret != 0) {
+        memset(output, 0, semiblocks * KW_SEMIBLOCK_LENGTH);
+    }
+    mbedtls_platform_zeroize(inbuff, KW_SEMIBLOCK_LENGTH * 2);
+    mbedtls_platform_zeroize(outbuff, KW_SEMIBLOCK_LENGTH * 2);
+
+    return ret;
+}
+
+/*
+ * W-1 function as defined in RFC 3394 section 2.2.2
+ * This function assumes the following:
+ * 1. Output buffer is at least of size ( semiblocks - 1 ) * KW_SEMIBLOCK_LENGTH.
+ * 2. The input buffer is of size semiblocks * KW_SEMIBLOCK_LENGTH.
+ * 3. Minimal number of semiblocks is 3.
+ * 4. A is a buffer to hold the first semiblock of the input buffer.
+ */
+static int unwrap(mbedtls_nist_kw_context *ctx,
+                  const unsigned char *input, size_t semiblocks,
+                  unsigned char A[KW_SEMIBLOCK_LENGTH],
+                  unsigned char *output, size_t *out_len)
+{
+    int ret = 0;
+    const size_t s = 6 * (semiblocks - 1);
+    size_t olen;
+    uint64_t t = 0;
+    unsigned char outbuff[KW_SEMIBLOCK_LENGTH * 2];
+    unsigned char inbuff[KW_SEMIBLOCK_LENGTH * 2];
+    unsigned char *R = NULL;
+    *out_len = 0;
+
+    if (semiblocks < MIN_SEMIBLOCKS_COUNT) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    memcpy(A, input, KW_SEMIBLOCK_LENGTH);
+    memmove(output, input + KW_SEMIBLOCK_LENGTH, (semiblocks - 1) * KW_SEMIBLOCK_LENGTH);
+    R = output + (semiblocks - 2) * KW_SEMIBLOCK_LENGTH;
+
+    /* Calculate intermediate values */
+    for (t = s; t >= 1; t--) {
+        calc_a_xor_t(A, t);
+
+        memcpy(inbuff, A, KW_SEMIBLOCK_LENGTH);
+        memcpy(inbuff + KW_SEMIBLOCK_LENGTH, R, KW_SEMIBLOCK_LENGTH);
+
+        ret = mbedtls_cipher_update(&ctx->cipher_ctx,
+                                    inbuff, 16, outbuff, &olen);
+        if (ret != 0) {
+            goto cleanup;
+        }
+
+        memcpy(A, outbuff, KW_SEMIBLOCK_LENGTH);
+
+        /* Set R as LSB64 of outbuff */
+        memcpy(R, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH);
+
+        if (R == output) {
+            R = output + (semiblocks - 2) * KW_SEMIBLOCK_LENGTH;
+        } else {
+            R -= KW_SEMIBLOCK_LENGTH;
+        }
+    }
+
+    *out_len = (semiblocks - 1) * KW_SEMIBLOCK_LENGTH;
+
+cleanup:
+    if (ret != 0) {
+        memset(output, 0, (semiblocks - 1) * KW_SEMIBLOCK_LENGTH);
+    }
+    mbedtls_platform_zeroize(inbuff, sizeof(inbuff));
+    mbedtls_platform_zeroize(outbuff, sizeof(outbuff));
+
+    return ret;
+}
+
+/*
+ * KW-AD as defined in SP 800-38F section 6.2
+ * KWP-AD as defined in SP 800-38F section 6.3
+ */
+int mbedtls_nist_kw_unwrap(mbedtls_nist_kw_context *ctx,
+                           mbedtls_nist_kw_mode_t mode,
+                           const unsigned char *input, size_t in_len,
+                           unsigned char *output, size_t *out_len, size_t out_size)
+{
+    int ret = 0;
+    size_t i, olen;
+    unsigned char A[KW_SEMIBLOCK_LENGTH];
+    unsigned char diff;
+
+    *out_len = 0;
+    if (out_size < in_len - KW_SEMIBLOCK_LENGTH) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+    if (mode == MBEDTLS_KW_MODE_KW) {
+        /*
+         * According to SP 800-38F Table 1, the ciphertext length for KW
+         * must be between 3 to 2^54 semiblocks inclusive.
+         */
+        if (in_len < 24 ||
+#if SIZE_MAX > 0x200000000000000
+            in_len > 0x200000000000000 ||
+#endif
+            in_len % KW_SEMIBLOCK_LENGTH != 0) {
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+        }
+
+        ret = unwrap(ctx, input, in_len / KW_SEMIBLOCK_LENGTH,
+                     A, output, out_len);
+        if (ret != 0) {
+            goto cleanup;
+        }
+
+        /* Check ICV in "constant-time" */
+        diff = mbedtls_ct_memcmp(NIST_KW_ICV1, A, KW_SEMIBLOCK_LENGTH);
+
+        if (diff != 0) {
+            ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
+            goto cleanup;
+        }
+
+    } else if (mode == MBEDTLS_KW_MODE_KWP) {
+        size_t padlen = 0;
+        uint32_t Plen;
+        /*
+         * According to SP 800-38F Table 1, the ciphertext length for KWP
+         * must be between 2 to 2^29 semiblocks inclusive.
+         */
+        if (in_len < KW_SEMIBLOCK_LENGTH * 2 ||
+#if SIZE_MAX > 0x100000000
+            in_len > 0x100000000 ||
+#endif
+            in_len % KW_SEMIBLOCK_LENGTH != 0) {
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+        }
+
+        if (in_len == KW_SEMIBLOCK_LENGTH * 2) {
+            unsigned char outbuff[KW_SEMIBLOCK_LENGTH * 2];
+            ret = mbedtls_cipher_update(&ctx->cipher_ctx,
+                                        input, 16, outbuff, &olen);
+            if (ret != 0) {
+                goto cleanup;
+            }
+
+            memcpy(A, outbuff, KW_SEMIBLOCK_LENGTH);
+            memcpy(output, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH);
+            mbedtls_platform_zeroize(outbuff, sizeof(outbuff));
+            *out_len = KW_SEMIBLOCK_LENGTH;
+        } else {
+            /* in_len >=  KW_SEMIBLOCK_LENGTH * 3 */
+            ret = unwrap(ctx, input, in_len / KW_SEMIBLOCK_LENGTH,
+                         A, output, out_len);
+            if (ret != 0) {
+                goto cleanup;
+            }
+        }
+
+        /* Check ICV in "constant-time" */
+        diff = mbedtls_ct_memcmp(NIST_KW_ICV2, A, KW_SEMIBLOCK_LENGTH / 2);
+
+        if (diff != 0) {
+            ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
+        }
+
+        Plen = MBEDTLS_GET_UINT32_BE(A, KW_SEMIBLOCK_LENGTH / 2);
+
+        /*
+         * Plen is the length of the plaintext, when the input is valid.
+         * If Plen is larger than the plaintext and padding, padlen will be
+         * larger than 8, because of the type wrap around.
+         */
+        padlen = in_len - KW_SEMIBLOCK_LENGTH - Plen;
+        ret = -(int) mbedtls_ct_uint_if(padlen & ~7, -MBEDTLS_ERR_CIPHER_AUTH_FAILED, -ret);
+        padlen &= 7;
+
+        /* Check padding in "constant-time" */
+        for (diff = 0, i = 0; i < KW_SEMIBLOCK_LENGTH; i++) {
+            size_t mask = mbedtls_ct_size_mask_ge(i, KW_SEMIBLOCK_LENGTH - padlen);
+            diff |= (unsigned char) (mask & output[*out_len - KW_SEMIBLOCK_LENGTH + i]);
+        }
+
+        if (diff != 0) {
+            ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
+        }
+
+        if (ret != 0) {
+            goto cleanup;
+        }
+        memset(output + Plen, 0, padlen);
+        *out_len = Plen;
+    } else {
+        ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+        goto cleanup;
+    }
+
+cleanup:
+    if (ret != 0) {
+        memset(output, 0, *out_len);
+        *out_len = 0;
+    }
+
+    mbedtls_platform_zeroize(&diff, sizeof(diff));
+    mbedtls_platform_zeroize(A, sizeof(A));
+
+    return ret;
+}
+
+#endif /* !MBEDTLS_NIST_KW_ALT */
+
+#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
+
+#define KW_TESTS 3
+
+/*
+ * Test vectors taken from NIST
+ * https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/CAVP-TESTING-BLOCK-CIPHER-MODES#KW
+ */
+static const unsigned int key_len[KW_TESTS] = { 16, 24, 32 };
+
+static const unsigned char kw_key[KW_TESTS][32] = {
+    { 0x75, 0x75, 0xda, 0x3a, 0x93, 0x60, 0x7c, 0xc2,
+      0xbf, 0xd8, 0xce, 0xc7, 0xaa, 0xdf, 0xd9, 0xa6 },
+    { 0x2d, 0x85, 0x26, 0x08, 0x1d, 0x02, 0xfb, 0x5b,
+      0x85, 0xf6, 0x9a, 0xc2, 0x86, 0xec, 0xd5, 0x7d,
+      0x40, 0xdf, 0x5d, 0xf3, 0x49, 0x47, 0x44, 0xd3 },
+    { 0x11, 0x2a, 0xd4, 0x1b, 0x48, 0x56, 0xc7, 0x25,
+      0x4a, 0x98, 0x48, 0xd3, 0x0f, 0xdd, 0x78, 0x33,
+      0x5b, 0x03, 0x9a, 0x48, 0xa8, 0x96, 0x2c, 0x4d,
+      0x1c, 0xb7, 0x8e, 0xab, 0xd5, 0xda, 0xd7, 0x88 }
+};
+
+static const unsigned char kw_msg[KW_TESTS][40] = {
+    { 0x42, 0x13, 0x6d, 0x3c, 0x38, 0x4a, 0x3e, 0xea,
+      0xc9, 0x5a, 0x06, 0x6f, 0xd2, 0x8f, 0xed, 0x3f },
+    { 0x95, 0xc1, 0x1b, 0xf5, 0x35, 0x3a, 0xfe, 0xdb,
+      0x98, 0xfd, 0xd6, 0xc8, 0xca, 0x6f, 0xdb, 0x6d,
+      0xa5, 0x4b, 0x74, 0xb4, 0x99, 0x0f, 0xdc, 0x45,
+      0xc0, 0x9d, 0x15, 0x8f, 0x51, 0xce, 0x62, 0x9d,
+      0xe2, 0xaf, 0x26, 0xe3, 0x25, 0x0e, 0x6b, 0x4c },
+    { 0x1b, 0x20, 0xbf, 0x19, 0x90, 0xb0, 0x65, 0xd7,
+      0x98, 0xe1, 0xb3, 0x22, 0x64, 0xad, 0x50, 0xa8,
+      0x74, 0x74, 0x92, 0xba, 0x09, 0xa0, 0x4d, 0xd1 }
+};
+
+static const size_t kw_msg_len[KW_TESTS] = { 16, 40, 24 };
+static const size_t kw_out_len[KW_TESTS] = { 24, 48, 32 };
+static const unsigned char kw_res[KW_TESTS][48] = {
+    { 0x03, 0x1f, 0x6b, 0xd7, 0xe6, 0x1e, 0x64, 0x3d,
+      0xf6, 0x85, 0x94, 0x81, 0x6f, 0x64, 0xca, 0xa3,
+      0xf5, 0x6f, 0xab, 0xea, 0x25, 0x48, 0xf5, 0xfb },
+    { 0x44, 0x3c, 0x6f, 0x15, 0x09, 0x83, 0x71, 0x91,
+      0x3e, 0x5c, 0x81, 0x4c, 0xa1, 0xa0, 0x42, 0xec,
+      0x68, 0x2f, 0x7b, 0x13, 0x6d, 0x24, 0x3a, 0x4d,
+      0x6c, 0x42, 0x6f, 0xc6, 0x97, 0x15, 0x63, 0xe8,
+      0xa1, 0x4a, 0x55, 0x8e, 0x09, 0x64, 0x16, 0x19,
+      0xbf, 0x03, 0xfc, 0xaf, 0x90, 0xb1, 0xfc, 0x2d },
+    { 0xba, 0x8a, 0x25, 0x9a, 0x47, 0x1b, 0x78, 0x7d,
+      0xd5, 0xd5, 0x40, 0xec, 0x25, 0xd4, 0x3d, 0x87,
+      0x20, 0x0f, 0xda, 0xdc, 0x6d, 0x1f, 0x05, 0xd9,
+      0x16, 0x58, 0x4f, 0xa9, 0xf6, 0xcb, 0xf5, 0x12 }
+};
+
+static const unsigned char kwp_key[KW_TESTS][32] = {
+    { 0x78, 0x65, 0xe2, 0x0f, 0x3c, 0x21, 0x65, 0x9a,
+      0xb4, 0x69, 0x0b, 0x62, 0x9c, 0xdf, 0x3c, 0xc4 },
+    { 0xf5, 0xf8, 0x96, 0xa3, 0xbd, 0x2f, 0x4a, 0x98,
+      0x23, 0xef, 0x16, 0x2b, 0x00, 0xb8, 0x05, 0xd7,
+      0xde, 0x1e, 0xa4, 0x66, 0x26, 0x96, 0xa2, 0x58 },
+    { 0x95, 0xda, 0x27, 0x00, 0xca, 0x6f, 0xd9, 0xa5,
+      0x25, 0x54, 0xee, 0x2a, 0x8d, 0xf1, 0x38, 0x6f,
+      0x5b, 0x94, 0xa1, 0xa6, 0x0e, 0xd8, 0xa4, 0xae,
+      0xf6, 0x0a, 0x8d, 0x61, 0xab, 0x5f, 0x22, 0x5a }
+};
+
+static const unsigned char kwp_msg[KW_TESTS][31] = {
+    { 0xbd, 0x68, 0x43, 0xd4, 0x20, 0x37, 0x8d, 0xc8,
+      0x96 },
+    { 0x6c, 0xcd, 0xd5, 0x85, 0x18, 0x40, 0x97, 0xeb,
+      0xd5, 0xc3, 0xaf, 0x3e, 0x47, 0xd0, 0x2c, 0x19,
+      0x14, 0x7b, 0x4d, 0x99, 0x5f, 0x96, 0x43, 0x66,
+      0x91, 0x56, 0x75, 0x8c, 0x13, 0x16, 0x8f },
+    { 0xd1 }
+};
+static const size_t kwp_msg_len[KW_TESTS] = { 9, 31, 1 };
+
+static const unsigned char kwp_res[KW_TESTS][48] = {
+    { 0x41, 0xec, 0xa9, 0x56, 0xd4, 0xaa, 0x04, 0x7e,
+      0xb5, 0xcf, 0x4e, 0xfe, 0x65, 0x96, 0x61, 0xe7,
+      0x4d, 0xb6, 0xf8, 0xc5, 0x64, 0xe2, 0x35, 0x00 },
+    { 0x4e, 0x9b, 0xc2, 0xbc, 0xbc, 0x6c, 0x1e, 0x13,
+      0xd3, 0x35, 0xbc, 0xc0, 0xf7, 0x73, 0x6a, 0x88,
+      0xfa, 0x87, 0x53, 0x66, 0x15, 0xbb, 0x8e, 0x63,
+      0x8b, 0xcc, 0x81, 0x66, 0x84, 0x68, 0x17, 0x90,
+      0x67, 0xcf, 0xa9, 0x8a, 0x9d, 0x0e, 0x33, 0x26 },
+    { 0x06, 0xba, 0x7a, 0xe6, 0xf3, 0x24, 0x8c, 0xfd,
+      0xcf, 0x26, 0x75, 0x07, 0xfa, 0x00, 0x1b, 0xc4  }
+};
+static const size_t kwp_out_len[KW_TESTS] = { 24, 40, 16 };
+
+int mbedtls_nist_kw_self_test(int verbose)
+{
+    mbedtls_nist_kw_context ctx;
+    unsigned char out[48];
+    size_t olen;
+    int i;
+    int ret = 0;
+    mbedtls_nist_kw_init(&ctx);
+
+    for (i = 0; i < KW_TESTS; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  KW-AES-%u ", (unsigned int) key_len[i] * 8);
+        }
+
+        ret = mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES,
+                                     kw_key[i], key_len[i] * 8, 1);
+        if (ret != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("  KW: setup failed ");
+            }
+
+            goto end;
+        }
+
+        ret = mbedtls_nist_kw_wrap(&ctx, MBEDTLS_KW_MODE_KW, kw_msg[i],
+                                   kw_msg_len[i], out, &olen, sizeof(out));
+        if (ret != 0 || kw_out_len[i] != olen ||
+            memcmp(out, kw_res[i], kw_out_len[i]) != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("failed. ");
+            }
+
+            ret = 1;
+            goto end;
+        }
+
+        if ((ret = mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES,
+                                          kw_key[i], key_len[i] * 8, 0))
+            != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("  KW: setup failed ");
+            }
+
+            goto end;
+        }
+
+        ret = mbedtls_nist_kw_unwrap(&ctx, MBEDTLS_KW_MODE_KW,
+                                     out, olen, out, &olen, sizeof(out));
+
+        if (ret != 0 || olen != kw_msg_len[i] ||
+            memcmp(out, kw_msg[i], kw_msg_len[i]) != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
+
+            ret = 1;
+            goto end;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf(" passed\n");
+        }
+    }
+
+    for (i = 0; i < KW_TESTS; i++) {
+        olen = sizeof(out);
+        if (verbose != 0) {
+            mbedtls_printf("  KWP-AES-%u ", (unsigned int) key_len[i] * 8);
+        }
+
+        ret = mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, kwp_key[i],
+                                     key_len[i] * 8, 1);
+        if (ret  != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("  KWP: setup failed ");
+            }
+
+            goto end;
+        }
+        ret = mbedtls_nist_kw_wrap(&ctx, MBEDTLS_KW_MODE_KWP, kwp_msg[i],
+                                   kwp_msg_len[i], out, &olen, sizeof(out));
+
+        if (ret != 0 || kwp_out_len[i] != olen ||
+            memcmp(out, kwp_res[i], kwp_out_len[i]) != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("failed. ");
+            }
+
+            ret = 1;
+            goto end;
+        }
+
+        if ((ret = mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES,
+                                          kwp_key[i], key_len[i] * 8, 0))
+            != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("  KWP: setup failed ");
+            }
+
+            goto end;
+        }
+
+        ret = mbedtls_nist_kw_unwrap(&ctx, MBEDTLS_KW_MODE_KWP, out,
+                                     olen, out, &olen, sizeof(out));
+
+        if (ret != 0 || olen != kwp_msg_len[i] ||
+            memcmp(out, kwp_msg[i], kwp_msg_len[i]) != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("failed. ");
+            }
+
+            ret = 1;
+            goto end;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf(" passed\n");
+        }
+    }
+end:
+    mbedtls_nist_kw_free(&ctx);
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+    return ret;
+}
+
+#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
+
+#endif /* MBEDTLS_NIST_KW_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/oid.c b/3rdparty/mbedtls-2.28.7/library/oid.c
new file mode 100644
index 0000000..7d7f1bf
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/oid.c
@@ -0,0 +1,835 @@
+/**
+ * \file oid.c
+ *
+ * \brief Object Identifier (OID) database
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_OID_C)
+
+#include "mbedtls/oid.h"
+#include "mbedtls/rsa.h"
+#include "mbedtls/error.h"
+
+#include <stdio.h>
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+/*
+ * Macro to automatically add the size of #define'd OIDs
+ */
+#define ADD_LEN(s)      s, MBEDTLS_OID_SIZE(s)
+
+/*
+ * Macro to generate an internal function for oid_XXX_from_asn1() (used by
+ * the other functions)
+ */
+#define FN_OID_TYPED_FROM_ASN1(TYPE_T, NAME, LIST)                    \
+    static const TYPE_T *oid_ ## NAME ## _from_asn1(                   \
+        const mbedtls_asn1_buf *oid)     \
+    {                                                                   \
+        const TYPE_T *p = (LIST);                                       \
+        const mbedtls_oid_descriptor_t *cur =                           \
+            (const mbedtls_oid_descriptor_t *) p;                       \
+        if (p == NULL || oid == NULL) return NULL;                  \
+        while (cur->asn1 != NULL) {                                    \
+            if (cur->asn1_len == oid->len &&                            \
+                memcmp(cur->asn1, oid->p, oid->len) == 0) {          \
+                return p;                                            \
+            }                                                           \
+            p++;                                                        \
+            cur = (const mbedtls_oid_descriptor_t *) p;                 \
+        }                                                               \
+        return NULL;                                                 \
+    }
+
+/*
+ * Macro to generate a function for retrieving a single attribute from the
+ * descriptor of an mbedtls_oid_descriptor_t wrapper.
+ */
+#define FN_OID_GET_DESCRIPTOR_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
+    int FN_NAME(const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1)                  \
+    {                                                                       \
+        const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1(oid);        \
+        if (data == NULL) return MBEDTLS_ERR_OID_NOT_FOUND;            \
+        *ATTR1 = data->descriptor.ATTR1;                                    \
+        return 0;                                                        \
+    }
+
+/*
+ * Macro to generate a function for retrieving a single attribute from an
+ * mbedtls_oid_descriptor_t wrapper.
+ */
+#define FN_OID_GET_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
+    int FN_NAME(const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1)                  \
+    {                                                                       \
+        const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1(oid);        \
+        if (data == NULL) return MBEDTLS_ERR_OID_NOT_FOUND;            \
+        *ATTR1 = data->ATTR1;                                               \
+        return 0;                                                        \
+    }
+
+/*
+ * Macro to generate a function for retrieving two attributes from an
+ * mbedtls_oid_descriptor_t wrapper.
+ */
+#define FN_OID_GET_ATTR2(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1,     \
+                         ATTR2_TYPE, ATTR2)                                 \
+    int FN_NAME(const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1,               \
+                ATTR2_TYPE * ATTR2)              \
+    {                                                                           \
+        const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1(oid);            \
+        if (data == NULL) return MBEDTLS_ERR_OID_NOT_FOUND;                 \
+        *(ATTR1) = data->ATTR1;                                                 \
+        *(ATTR2) = data->ATTR2;                                                 \
+        return 0;                                                            \
+    }
+
+/*
+ * Macro to generate a function for retrieving the OID based on a single
+ * attribute from a mbedtls_oid_descriptor_t wrapper.
+ */
+#define FN_OID_GET_OID_BY_ATTR1(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1)   \
+    int FN_NAME(ATTR1_TYPE ATTR1, const char **oid, size_t *olen)             \
+    {                                                                           \
+        const TYPE_T *cur = (LIST);                                             \
+        while (cur->descriptor.asn1 != NULL) {                                 \
+            if (cur->ATTR1 == (ATTR1)) {                                       \
+                *oid = cur->descriptor.asn1;                                    \
+                *olen = cur->descriptor.asn1_len;                               \
+                return 0;                                                    \
+            }                                                                   \
+            cur++;                                                              \
+        }                                                                       \
+        return MBEDTLS_ERR_OID_NOT_FOUND;                                    \
+    }
+
+/*
+ * Macro to generate a function for retrieving the OID based on two
+ * attributes from a mbedtls_oid_descriptor_t wrapper.
+ */
+#define FN_OID_GET_OID_BY_ATTR2(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1,   \
+                                ATTR2_TYPE, ATTR2)                          \
+    int FN_NAME(ATTR1_TYPE ATTR1, ATTR2_TYPE ATTR2, const char **oid,         \
+                size_t *olen)                                                 \
+    {                                                                           \
+        const TYPE_T *cur = (LIST);                                             \
+        while (cur->descriptor.asn1 != NULL) {                                 \
+            if (cur->ATTR1 == (ATTR1) && cur->ATTR2 == (ATTR2)) {              \
+                *oid = cur->descriptor.asn1;                                    \
+                *olen = cur->descriptor.asn1_len;                               \
+                return 0;                                                    \
+            }                                                                   \
+            cur++;                                                              \
+        }                                                                       \
+        return MBEDTLS_ERR_OID_NOT_FOUND;                                   \
+    }
+
+/*
+ * For X520 attribute types
+ */
+typedef struct {
+    mbedtls_oid_descriptor_t    descriptor;
+    const char          *short_name;
+} oid_x520_attr_t;
+
+static const oid_x520_attr_t oid_x520_attr_type[] =
+{
+    {
+        { ADD_LEN(MBEDTLS_OID_AT_CN),          "id-at-commonName",               "Common Name" },
+        "CN",
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_AT_COUNTRY),     "id-at-countryName",              "Country" },
+        "C",
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_AT_LOCALITY),    "id-at-locality",                 "Locality" },
+        "L",
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_AT_STATE),       "id-at-state",                    "State" },
+        "ST",
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_AT_ORGANIZATION), "id-at-organizationName",         "Organization" },
+        "O",
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_AT_ORG_UNIT),    "id-at-organizationalUnitName",   "Org Unit" },
+        "OU",
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_PKCS9_EMAIL),    "emailAddress",                   "E-mail address" },
+        "emailAddress",
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_AT_SERIAL_NUMBER), "id-at-serialNumber",            "Serial number" },
+        "serialNumber",
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_AT_POSTAL_ADDRESS), "id-at-postalAddress",
+          "Postal address" },
+        "postalAddress",
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_AT_POSTAL_CODE), "id-at-postalCode",               "Postal code" },
+        "postalCode",
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_AT_SUR_NAME),    "id-at-surName",                  "Surname" },
+        "SN",
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_AT_GIVEN_NAME),  "id-at-givenName",                "Given name" },
+        "GN",
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_AT_INITIALS),    "id-at-initials",                 "Initials" },
+        "initials",
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_AT_GENERATION_QUALIFIER), "id-at-generationQualifier",
+          "Generation qualifier" },
+        "generationQualifier",
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_AT_TITLE),       "id-at-title",                    "Title" },
+        "title",
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_AT_DN_QUALIFIER), "id-at-dnQualifier",
+          "Distinguished Name qualifier" },
+        "dnQualifier",
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_AT_PSEUDONYM),   "id-at-pseudonym",                "Pseudonym" },
+        "pseudonym",
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_DOMAIN_COMPONENT), "id-domainComponent",
+          "Domain component" },
+        "DC",
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_AT_UNIQUE_IDENTIFIER), "id-at-uniqueIdentifier",
+          "Unique Identifier" },
+        "uniqueIdentifier",
+    },
+    {
+        { NULL, 0, NULL, NULL },
+        NULL,
+    }
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_x520_attr_t, x520_attr, oid_x520_attr_type)
+FN_OID_GET_ATTR1(mbedtls_oid_get_attr_short_name,
+                 oid_x520_attr_t,
+                 x520_attr,
+                 const char *,
+                 short_name)
+
+/*
+ * For X509 extensions
+ */
+typedef struct {
+    mbedtls_oid_descriptor_t    descriptor;
+    int                 ext_type;
+} oid_x509_ext_t;
+
+static const oid_x509_ext_t oid_x509_ext[] =
+{
+    {
+        { ADD_LEN(MBEDTLS_OID_BASIC_CONSTRAINTS),    "id-ce-basicConstraints",
+          "Basic Constraints" },
+        MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS,
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_KEY_USAGE),            "id-ce-keyUsage",            "Key Usage" },
+        MBEDTLS_OID_X509_EXT_KEY_USAGE,
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_EXTENDED_KEY_USAGE),   "id-ce-extKeyUsage",
+          "Extended Key Usage" },
+        MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE,
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_SUBJECT_ALT_NAME),     "id-ce-subjectAltName",
+          "Subject Alt Name" },
+        MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME,
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_NS_CERT_TYPE),         "id-netscape-certtype",
+          "Netscape Certificate Type" },
+        MBEDTLS_OID_X509_EXT_NS_CERT_TYPE,
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_CERTIFICATE_POLICIES), "id-ce-certificatePolicies",
+          "Certificate Policies" },
+        MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES,
+    },
+    {
+        { NULL, 0, NULL, NULL },
+        0,
+    },
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_x509_ext_t, x509_ext, oid_x509_ext)
+FN_OID_GET_ATTR1(mbedtls_oid_get_x509_ext_type, oid_x509_ext_t, x509_ext, int, ext_type)
+
+static const mbedtls_oid_descriptor_t oid_ext_key_usage[] =
+{
+    { ADD_LEN(MBEDTLS_OID_SERVER_AUTH),      "id-kp-serverAuth",
+      "TLS Web Server Authentication" },
+    { ADD_LEN(MBEDTLS_OID_CLIENT_AUTH),      "id-kp-clientAuth",
+      "TLS Web Client Authentication" },
+    { ADD_LEN(MBEDTLS_OID_CODE_SIGNING),     "id-kp-codeSigning",      "Code Signing" },
+    { ADD_LEN(MBEDTLS_OID_EMAIL_PROTECTION), "id-kp-emailProtection",  "E-mail Protection" },
+    { ADD_LEN(MBEDTLS_OID_TIME_STAMPING),    "id-kp-timeStamping",     "Time Stamping" },
+    { ADD_LEN(MBEDTLS_OID_OCSP_SIGNING),     "id-kp-OCSPSigning",      "OCSP Signing" },
+    { ADD_LEN(MBEDTLS_OID_WISUN_FAN),        "id-kp-wisun-fan-device",
+      "Wi-SUN Alliance Field Area Network (FAN)" },
+    { NULL, 0, NULL, NULL },
+};
+
+FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, ext_key_usage, oid_ext_key_usage)
+FN_OID_GET_ATTR1(mbedtls_oid_get_extended_key_usage,
+                 mbedtls_oid_descriptor_t,
+                 ext_key_usage,
+                 const char *,
+                 description)
+
+static const mbedtls_oid_descriptor_t oid_certificate_policies[] =
+{
+    { ADD_LEN(MBEDTLS_OID_ANY_POLICY),      "anyPolicy",       "Any Policy" },
+    { NULL, 0, NULL, NULL },
+};
+
+FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, certificate_policies, oid_certificate_policies)
+FN_OID_GET_ATTR1(mbedtls_oid_get_certificate_policies,
+                 mbedtls_oid_descriptor_t,
+                 certificate_policies,
+                 const char *,
+                 description)
+
+#if defined(MBEDTLS_MD_C)
+/*
+ * For SignatureAlgorithmIdentifier
+ */
+typedef struct {
+    mbedtls_oid_descriptor_t    descriptor;
+    mbedtls_md_type_t           md_alg;
+    mbedtls_pk_type_t           pk_alg;
+} oid_sig_alg_t;
+
+static const oid_sig_alg_t oid_sig_alg[] =
+{
+#if defined(MBEDTLS_RSA_C)
+#if defined(MBEDTLS_MD2_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_PKCS1_MD2),        "md2WithRSAEncryption",     "RSA with MD2" },
+        MBEDTLS_MD_MD2,      MBEDTLS_PK_RSA,
+    },
+#endif /* MBEDTLS_MD2_C */
+#if defined(MBEDTLS_MD4_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_PKCS1_MD4),        "md4WithRSAEncryption",     "RSA with MD4" },
+        MBEDTLS_MD_MD4,      MBEDTLS_PK_RSA,
+    },
+#endif /* MBEDTLS_MD4_C */
+#if defined(MBEDTLS_MD5_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_PKCS1_MD5),        "md5WithRSAEncryption",     "RSA with MD5" },
+        MBEDTLS_MD_MD5,      MBEDTLS_PK_RSA,
+    },
+#endif /* MBEDTLS_MD5_C */
+#if defined(MBEDTLS_SHA1_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_PKCS1_SHA1),       "sha-1WithRSAEncryption",   "RSA with SHA1" },
+        MBEDTLS_MD_SHA1,     MBEDTLS_PK_RSA,
+    },
+#endif /* MBEDTLS_SHA1_C */
+#if defined(MBEDTLS_SHA256_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_PKCS1_SHA224),     "sha224WithRSAEncryption",  "RSA with SHA-224" },
+        MBEDTLS_MD_SHA224,   MBEDTLS_PK_RSA,
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_PKCS1_SHA256),     "sha256WithRSAEncryption",  "RSA with SHA-256" },
+        MBEDTLS_MD_SHA256,   MBEDTLS_PK_RSA,
+    },
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA512_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_PKCS1_SHA384),     "sha384WithRSAEncryption",  "RSA with SHA-384" },
+        MBEDTLS_MD_SHA384,   MBEDTLS_PK_RSA,
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_PKCS1_SHA512),     "sha512WithRSAEncryption",  "RSA with SHA-512" },
+        MBEDTLS_MD_SHA512,   MBEDTLS_PK_RSA,
+    },
+#endif /* MBEDTLS_SHA512_C */
+#if defined(MBEDTLS_SHA1_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_RSA_SHA_OBS),      "sha-1WithRSAEncryption",   "RSA with SHA1" },
+        MBEDTLS_MD_SHA1,     MBEDTLS_PK_RSA,
+    },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECDSA_C)
+#if defined(MBEDTLS_SHA1_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_ECDSA_SHA1),       "ecdsa-with-SHA1",      "ECDSA with SHA1" },
+        MBEDTLS_MD_SHA1,     MBEDTLS_PK_ECDSA,
+    },
+#endif /* MBEDTLS_SHA1_C */
+#if defined(MBEDTLS_SHA256_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_ECDSA_SHA224),     "ecdsa-with-SHA224",    "ECDSA with SHA224" },
+        MBEDTLS_MD_SHA224,   MBEDTLS_PK_ECDSA,
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_ECDSA_SHA256),     "ecdsa-with-SHA256",    "ECDSA with SHA256" },
+        MBEDTLS_MD_SHA256,   MBEDTLS_PK_ECDSA,
+    },
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA512_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_ECDSA_SHA384),     "ecdsa-with-SHA384",    "ECDSA with SHA384" },
+        MBEDTLS_MD_SHA384,   MBEDTLS_PK_ECDSA,
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_ECDSA_SHA512),     "ecdsa-with-SHA512",    "ECDSA with SHA512" },
+        MBEDTLS_MD_SHA512,   MBEDTLS_PK_ECDSA,
+    },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_ECDSA_C */
+#if defined(MBEDTLS_RSA_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_RSASSA_PSS),        "RSASSA-PSS",           "RSASSA-PSS" },
+        MBEDTLS_MD_NONE,     MBEDTLS_PK_RSASSA_PSS,
+    },
+#endif /* MBEDTLS_RSA_C */
+    {
+        { NULL, 0, NULL, NULL },
+        MBEDTLS_MD_NONE, MBEDTLS_PK_NONE,
+    },
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_sig_alg_t, sig_alg, oid_sig_alg)
+FN_OID_GET_DESCRIPTOR_ATTR1(mbedtls_oid_get_sig_alg_desc,
+                            oid_sig_alg_t,
+                            sig_alg,
+                            const char *,
+                            description)
+FN_OID_GET_ATTR2(mbedtls_oid_get_sig_alg,
+                 oid_sig_alg_t,
+                 sig_alg,
+                 mbedtls_md_type_t,
+                 md_alg,
+                 mbedtls_pk_type_t,
+                 pk_alg)
+FN_OID_GET_OID_BY_ATTR2(mbedtls_oid_get_oid_by_sig_alg,
+                        oid_sig_alg_t,
+                        oid_sig_alg,
+                        mbedtls_pk_type_t,
+                        pk_alg,
+                        mbedtls_md_type_t,
+                        md_alg)
+#endif /* MBEDTLS_MD_C */
+
+/*
+ * For PublicKeyInfo (PKCS1, RFC 5480)
+ */
+typedef struct {
+    mbedtls_oid_descriptor_t    descriptor;
+    mbedtls_pk_type_t           pk_alg;
+} oid_pk_alg_t;
+
+static const oid_pk_alg_t oid_pk_alg[] =
+{
+    {
+        { ADD_LEN(MBEDTLS_OID_PKCS1_RSA),      "rsaEncryption",   "RSA" },
+        MBEDTLS_PK_RSA,
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_EC_ALG_UNRESTRICTED),  "id-ecPublicKey",   "Generic EC key" },
+        MBEDTLS_PK_ECKEY,
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_EC_ALG_ECDH),          "id-ecDH",          "EC key for ECDH" },
+        MBEDTLS_PK_ECKEY_DH,
+    },
+    {
+        { NULL, 0, NULL, NULL },
+        MBEDTLS_PK_NONE,
+    },
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_pk_alg_t, pk_alg, oid_pk_alg)
+FN_OID_GET_ATTR1(mbedtls_oid_get_pk_alg, oid_pk_alg_t, pk_alg, mbedtls_pk_type_t, pk_alg)
+FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_pk_alg,
+                        oid_pk_alg_t,
+                        oid_pk_alg,
+                        mbedtls_pk_type_t,
+                        pk_alg)
+
+#if defined(MBEDTLS_ECP_C)
+/*
+ * For namedCurve (RFC 5480)
+ */
+typedef struct {
+    mbedtls_oid_descriptor_t    descriptor;
+    mbedtls_ecp_group_id        grp_id;
+} oid_ecp_grp_t;
+
+static const oid_ecp_grp_t oid_ecp_grp[] =
+{
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+    {
+        { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP192R1), "secp192r1",    "secp192r1" },
+        MBEDTLS_ECP_DP_SECP192R1,
+    },
+#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+    {
+        { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP224R1), "secp224r1",    "secp224r1" },
+        MBEDTLS_ECP_DP_SECP224R1,
+    },
+#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+    {
+        { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP256R1), "secp256r1",    "secp256r1" },
+        MBEDTLS_ECP_DP_SECP256R1,
+    },
+#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+    {
+        { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP384R1), "secp384r1",    "secp384r1" },
+        MBEDTLS_ECP_DP_SECP384R1,
+    },
+#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+    {
+        { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP521R1), "secp521r1",    "secp521r1" },
+        MBEDTLS_ECP_DP_SECP521R1,
+    },
+#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+    {
+        { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP192K1), "secp192k1",    "secp192k1" },
+        MBEDTLS_ECP_DP_SECP192K1,
+    },
+#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+    {
+        { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP224K1), "secp224k1",    "secp224k1" },
+        MBEDTLS_ECP_DP_SECP224K1,
+    },
+#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+    {
+        { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP256K1), "secp256k1",    "secp256k1" },
+        MBEDTLS_ECP_DP_SECP256K1,
+    },
+#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+    {
+        { ADD_LEN(MBEDTLS_OID_EC_GRP_BP256R1),   "brainpoolP256r1", "brainpool256r1" },
+        MBEDTLS_ECP_DP_BP256R1,
+    },
+#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+    {
+        { ADD_LEN(MBEDTLS_OID_EC_GRP_BP384R1),   "brainpoolP384r1", "brainpool384r1" },
+        MBEDTLS_ECP_DP_BP384R1,
+    },
+#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+    {
+        { ADD_LEN(MBEDTLS_OID_EC_GRP_BP512R1),   "brainpoolP512r1", "brainpool512r1" },
+        MBEDTLS_ECP_DP_BP512R1,
+    },
+#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
+    {
+        { NULL, 0, NULL, NULL },
+        MBEDTLS_ECP_DP_NONE,
+    },
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_ecp_grp_t, grp_id, oid_ecp_grp)
+FN_OID_GET_ATTR1(mbedtls_oid_get_ec_grp, oid_ecp_grp_t, grp_id, mbedtls_ecp_group_id, grp_id)
+FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_ec_grp,
+                        oid_ecp_grp_t,
+                        oid_ecp_grp,
+                        mbedtls_ecp_group_id,
+                        grp_id)
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_CIPHER_C)
+/*
+ * For PKCS#5 PBES2 encryption algorithm
+ */
+typedef struct {
+    mbedtls_oid_descriptor_t    descriptor;
+    mbedtls_cipher_type_t       cipher_alg;
+} oid_cipher_alg_t;
+
+static const oid_cipher_alg_t oid_cipher_alg[] =
+{
+    {
+        { ADD_LEN(MBEDTLS_OID_DES_CBC),              "desCBC",       "DES-CBC" },
+        MBEDTLS_CIPHER_DES_CBC,
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_DES_EDE3_CBC),         "des-ede3-cbc", "DES-EDE3-CBC" },
+        MBEDTLS_CIPHER_DES_EDE3_CBC,
+    },
+    {
+        { NULL, 0, NULL, NULL },
+        MBEDTLS_CIPHER_NONE,
+    },
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_cipher_alg_t, cipher_alg, oid_cipher_alg)
+FN_OID_GET_ATTR1(mbedtls_oid_get_cipher_alg,
+                 oid_cipher_alg_t,
+                 cipher_alg,
+                 mbedtls_cipher_type_t,
+                 cipher_alg)
+#endif /* MBEDTLS_CIPHER_C */
+
+#if defined(MBEDTLS_MD_C)
+/*
+ * For digestAlgorithm
+ */
+typedef struct {
+    mbedtls_oid_descriptor_t    descriptor;
+    mbedtls_md_type_t           md_alg;
+} oid_md_alg_t;
+
+static const oid_md_alg_t oid_md_alg[] =
+{
+#if defined(MBEDTLS_MD2_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_MD2),       "id-md2",       "MD2" },
+        MBEDTLS_MD_MD2,
+    },
+#endif /* MBEDTLS_MD2_C */
+#if defined(MBEDTLS_MD4_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_MD4),       "id-md4",       "MD4" },
+        MBEDTLS_MD_MD4,
+    },
+#endif /* MBEDTLS_MD4_C */
+#if defined(MBEDTLS_MD5_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_MD5),       "id-md5",       "MD5" },
+        MBEDTLS_MD_MD5,
+    },
+#endif /* MBEDTLS_MD5_C */
+#if defined(MBEDTLS_SHA1_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_SHA1),      "id-sha1",      "SHA-1" },
+        MBEDTLS_MD_SHA1,
+    },
+#endif /* MBEDTLS_SHA1_C */
+#if defined(MBEDTLS_SHA256_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_SHA224),    "id-sha224",    "SHA-224" },
+        MBEDTLS_MD_SHA224,
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_SHA256),    "id-sha256",    "SHA-256" },
+        MBEDTLS_MD_SHA256,
+    },
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA512_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_SHA384),    "id-sha384",    "SHA-384" },
+        MBEDTLS_MD_SHA384,
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_SHA512),    "id-sha512",    "SHA-512" },
+        MBEDTLS_MD_SHA512,
+    },
+#endif /* MBEDTLS_SHA512_C */
+#if defined(MBEDTLS_RIPEMD160_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_RIPEMD160),       "id-ripemd160",       "RIPEMD-160" },
+        MBEDTLS_MD_RIPEMD160,
+    },
+#endif /* MBEDTLS_RIPEMD160_C */
+    {
+        { NULL, 0, NULL, NULL },
+        MBEDTLS_MD_NONE,
+    },
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg)
+FN_OID_GET_ATTR1(mbedtls_oid_get_md_alg, oid_md_alg_t, md_alg, mbedtls_md_type_t, md_alg)
+FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_md,
+                        oid_md_alg_t,
+                        oid_md_alg,
+                        mbedtls_md_type_t,
+                        md_alg)
+
+/*
+ * For HMAC digestAlgorithm
+ */
+typedef struct {
+    mbedtls_oid_descriptor_t    descriptor;
+    mbedtls_md_type_t           md_hmac;
+} oid_md_hmac_t;
+
+static const oid_md_hmac_t oid_md_hmac[] =
+{
+#if defined(MBEDTLS_SHA1_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_HMAC_SHA1),      "hmacSHA1",      "HMAC-SHA-1" },
+        MBEDTLS_MD_SHA1,
+    },
+#endif /* MBEDTLS_SHA1_C */
+#if defined(MBEDTLS_SHA256_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_HMAC_SHA224),    "hmacSHA224",    "HMAC-SHA-224" },
+        MBEDTLS_MD_SHA224,
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_HMAC_SHA256),    "hmacSHA256",    "HMAC-SHA-256" },
+        MBEDTLS_MD_SHA256,
+    },
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA512_C)
+    {
+        { ADD_LEN(MBEDTLS_OID_HMAC_SHA384),    "hmacSHA384",    "HMAC-SHA-384" },
+        MBEDTLS_MD_SHA384,
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_HMAC_SHA512),    "hmacSHA512",    "HMAC-SHA-512" },
+        MBEDTLS_MD_SHA512,
+    },
+#endif /* MBEDTLS_SHA512_C */
+    {
+        { NULL, 0, NULL, NULL },
+        MBEDTLS_MD_NONE,
+    },
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_md_hmac_t, md_hmac, oid_md_hmac)
+FN_OID_GET_ATTR1(mbedtls_oid_get_md_hmac, oid_md_hmac_t, md_hmac, mbedtls_md_type_t, md_hmac)
+#endif /* MBEDTLS_MD_C */
+
+#if defined(MBEDTLS_PKCS12_C)
+/*
+ * For PKCS#12 PBEs
+ */
+typedef struct {
+    mbedtls_oid_descriptor_t    descriptor;
+    mbedtls_md_type_t           md_alg;
+    mbedtls_cipher_type_t       cipher_alg;
+} oid_pkcs12_pbe_alg_t;
+
+static const oid_pkcs12_pbe_alg_t oid_pkcs12_pbe_alg[] =
+{
+    {
+        { ADD_LEN(MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC), "pbeWithSHAAnd3-KeyTripleDES-CBC",
+          "PBE with SHA1 and 3-Key 3DES" },
+        MBEDTLS_MD_SHA1,      MBEDTLS_CIPHER_DES_EDE3_CBC,
+    },
+    {
+        { ADD_LEN(MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC), "pbeWithSHAAnd2-KeyTripleDES-CBC",
+          "PBE with SHA1 and 2-Key 3DES" },
+        MBEDTLS_MD_SHA1,      MBEDTLS_CIPHER_DES_EDE_CBC,
+    },
+    {
+        { NULL, 0, NULL, NULL },
+        MBEDTLS_MD_NONE, MBEDTLS_CIPHER_NONE,
+    },
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, oid_pkcs12_pbe_alg)
+FN_OID_GET_ATTR2(mbedtls_oid_get_pkcs12_pbe_alg,
+                 oid_pkcs12_pbe_alg_t,
+                 pkcs12_pbe_alg,
+                 mbedtls_md_type_t,
+                 md_alg,
+                 mbedtls_cipher_type_t,
+                 cipher_alg)
+#endif /* MBEDTLS_PKCS12_C */
+
+/* Return the x.y.z.... style numeric string for the given OID */
+int mbedtls_oid_get_numeric_string(char *buf, size_t size,
+                                   const mbedtls_asn1_buf *oid)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    char *p = buf;
+    size_t n = size;
+    unsigned int value = 0;
+
+    if (size > INT_MAX) {
+        /* Avoid overflow computing return value */
+        return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
+    }
+
+    if (oid->len <= 0) {
+        /* OID must not be empty */
+        return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
+    }
+
+    for (size_t i = 0; i < oid->len; i++) {
+        /* Prevent overflow in value. */
+        if (value > (UINT_MAX >> 7)) {
+            return MBEDTLS_ERR_ASN1_INVALID_DATA;
+        }
+        if ((value == 0) && ((oid->p[i]) == 0x80)) {
+            /* Overlong encoding is not allowed */
+            return MBEDTLS_ERR_ASN1_INVALID_DATA;
+        }
+
+        value <<= 7;
+        value |= oid->p[i] & 0x7F;
+
+        if (!(oid->p[i] & 0x80)) {
+            /* Last byte */
+            if (n == size) {
+                int component1;
+                unsigned int component2;
+                /* First subidentifier contains first two OID components */
+                if (value >= 80) {
+                    component1 = '2';
+                    component2 = value - 80;
+                } else if (value >= 40) {
+                    component1 = '1';
+                    component2 = value - 40;
+                } else {
+                    component1 = '0';
+                    component2 = value;
+                }
+                ret = mbedtls_snprintf(p, n, "%c.%u", component1, component2);
+            } else {
+                ret = mbedtls_snprintf(p, n, ".%u", value);
+            }
+            if (ret < 2 || (size_t) ret >= n) {
+                return MBEDTLS_ERR_OID_BUF_TOO_SMALL;
+            }
+            n -= (size_t) ret;
+            p += ret;
+            value = 0;
+        }
+    }
+
+    if (value != 0) {
+        /* Unterminated subidentifier */
+        return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
+    }
+
+    return (int) (size - n);
+}
+
+#endif /* MBEDTLS_OID_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/padlock.c b/3rdparty/mbedtls-2.28.7/library/padlock.c
new file mode 100644
index 0000000..0b4b610
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/padlock.c
@@ -0,0 +1,154 @@
+/*
+ *  VIA PadLock support functions
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  This implementation is based on the VIA PadLock Programming Guide:
+ *
+ *  http://www.via.com.tw/en/downloads/whitepapers/initiatives/padlock/
+ *  programming_guide.pdf
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PADLOCK_C)
+
+#include "mbedtls/padlock.h"
+
+#include <string.h>
+
+/* *INDENT-OFF* */
+#ifndef asm
+#define asm __asm
+#endif
+/* *INDENT-ON* */
+
+#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)
+
+/*
+ * PadLock detection routine
+ */
+int mbedtls_padlock_has_support(int feature)
+{
+    static int flags = -1;
+    int ebx = 0, edx = 0;
+
+    if (flags == -1) {
+        asm ("movl  %%ebx, %0           \n\t"
+             "movl  $0xC0000000, %%eax  \n\t"
+             "cpuid                     \n\t"
+             "cmpl  $0xC0000001, %%eax  \n\t"
+             "movl  $0, %%edx           \n\t"
+             "jb    1f                  \n\t"
+             "movl  $0xC0000001, %%eax  \n\t"
+             "cpuid                     \n\t"
+             "1:                        \n\t"
+             "movl  %%edx, %1           \n\t"
+             "movl  %2, %%ebx           \n\t"
+             : "=m" (ebx), "=m" (edx)
+             :  "m" (ebx)
+             : "eax", "ecx", "edx");
+
+        flags = edx;
+    }
+
+    return flags & feature;
+}
+
+/*
+ * PadLock AES-ECB block en(de)cryption
+ */
+int mbedtls_padlock_xcryptecb(mbedtls_aes_context *ctx,
+                              int mode,
+                              const unsigned char input[16],
+                              unsigned char output[16])
+{
+    int ebx = 0;
+    uint32_t *rk;
+    uint32_t *blk;
+    uint32_t *ctrl;
+    unsigned char buf[256];
+
+    rk  = ctx->rk;
+    blk = MBEDTLS_PADLOCK_ALIGN16(buf);
+    memcpy(blk, input, 16);
+
+    ctrl = blk + 4;
+    *ctrl = 0x80 | ctx->nr | ((ctx->nr + (mode^1) - 10) << 9);
+
+    asm ("pushfl                        \n\t"
+         "popfl                         \n\t"
+         "movl    %%ebx, %0             \n\t"
+         "movl    $1, %%ecx             \n\t"
+         "movl    %2, %%edx             \n\t"
+         "movl    %3, %%ebx             \n\t"
+         "movl    %4, %%esi             \n\t"
+         "movl    %4, %%edi             \n\t"
+         ".byte  0xf3,0x0f,0xa7,0xc8    \n\t"
+         "movl    %1, %%ebx             \n\t"
+         : "=m" (ebx)
+         :  "m" (ebx), "m" (ctrl), "m" (rk), "m" (blk)
+         : "memory", "ecx", "edx", "esi", "edi");
+
+    memcpy(output, blk, 16);
+
+    return 0;
+}
+
+/*
+ * PadLock AES-CBC buffer en(de)cryption
+ */
+int mbedtls_padlock_xcryptcbc(mbedtls_aes_context *ctx,
+                              int mode,
+                              size_t length,
+                              unsigned char iv[16],
+                              const unsigned char *input,
+                              unsigned char *output)
+{
+    int ebx = 0;
+    size_t count;
+    uint32_t *rk;
+    uint32_t *iw;
+    uint32_t *ctrl;
+    unsigned char buf[256];
+
+    if (((long) input  & 15) != 0 ||
+        ((long) output & 15) != 0) {
+        return MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED;
+    }
+
+    rk = ctx->rk;
+    iw = MBEDTLS_PADLOCK_ALIGN16(buf);
+    memcpy(iw, iv, 16);
+
+    ctrl = iw + 4;
+    *ctrl = 0x80 | ctx->nr | ((ctx->nr + (mode ^ 1) - 10) << 9);
+
+    count = (length + 15) >> 4;
+
+    asm ("pushfl                        \n\t"
+         "popfl                         \n\t"
+         "movl    %%ebx, %0             \n\t"
+         "movl    %2, %%ecx             \n\t"
+         "movl    %3, %%edx             \n\t"
+         "movl    %4, %%ebx             \n\t"
+         "movl    %5, %%esi             \n\t"
+         "movl    %6, %%edi             \n\t"
+         "movl    %7, %%eax             \n\t"
+         ".byte  0xf3,0x0f,0xa7,0xd0    \n\t"
+         "movl    %1, %%ebx             \n\t"
+         : "=m" (ebx)
+         :  "m" (ebx), "m" (count), "m" (ctrl),
+         "m"  (rk), "m" (input), "m" (output), "m" (iw)
+         : "memory", "eax", "ecx", "edx", "esi", "edi");
+
+    memcpy(iv, iw, 16);
+
+    return 0;
+}
+
+#endif /* MBEDTLS_VIA_PADLOCK_HAVE_CODE */
+
+#endif /* MBEDTLS_PADLOCK_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/pem.c b/3rdparty/mbedtls-2.28.7/library/pem.c
new file mode 100644
index 0000000..c1a47b0
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/pem.c
@@ -0,0 +1,514 @@
+/*
+ *  Privacy Enhanced Mail (PEM) decoding
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C)
+
+#include "mbedtls/pem.h"
+#include "mbedtls/base64.h"
+#include "mbedtls/des.h"
+#include "mbedtls/aes.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/cipher.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+void mbedtls_pem_init(mbedtls_pem_context *ctx)
+{
+    memset(ctx, 0, sizeof(mbedtls_pem_context));
+}
+
+#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) &&         \
+    (defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C))
+/*
+ * Read a 16-byte hex string and convert it to binary
+ */
+static int pem_get_iv(const unsigned char *s, unsigned char *iv,
+                      size_t iv_len)
+{
+    size_t i, j, k;
+
+    memset(iv, 0, iv_len);
+
+    for (i = 0; i < iv_len * 2; i++, s++) {
+        if (*s >= '0' && *s <= '9') {
+            j = *s - '0';
+        } else
+        if (*s >= 'A' && *s <= 'F') {
+            j = *s - '7';
+        } else
+        if (*s >= 'a' && *s <= 'f') {
+            j = *s - 'W';
+        } else {
+            return MBEDTLS_ERR_PEM_INVALID_ENC_IV;
+        }
+
+        k = ((i & 1) != 0) ? j : j << 4;
+
+        iv[i >> 1] = (unsigned char) (iv[i >> 1] | k);
+    }
+
+    return 0;
+}
+
+static int pem_pbkdf1(unsigned char *key, size_t keylen,
+                      unsigned char *iv,
+                      const unsigned char *pwd, size_t pwdlen)
+{
+    mbedtls_md5_context md5_ctx;
+    unsigned char md5sum[16];
+    size_t use_len;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    mbedtls_md5_init(&md5_ctx);
+
+    /*
+     * key[ 0..15] = MD5(pwd || IV)
+     */
+    if ((ret = mbedtls_md5_starts_ret(&md5_ctx)) != 0) {
+        goto exit;
+    }
+    if ((ret = mbedtls_md5_update_ret(&md5_ctx, pwd, pwdlen)) != 0) {
+        goto exit;
+    }
+    if ((ret = mbedtls_md5_update_ret(&md5_ctx, iv,  8)) != 0) {
+        goto exit;
+    }
+    if ((ret = mbedtls_md5_finish_ret(&md5_ctx, md5sum)) != 0) {
+        goto exit;
+    }
+
+    if (keylen <= 16) {
+        memcpy(key, md5sum, keylen);
+        goto exit;
+    }
+
+    memcpy(key, md5sum, 16);
+
+    /*
+     * key[16..23] = MD5(key[ 0..15] || pwd || IV])
+     */
+    if ((ret = mbedtls_md5_starts_ret(&md5_ctx)) != 0) {
+        goto exit;
+    }
+    if ((ret = mbedtls_md5_update_ret(&md5_ctx, md5sum, 16)) != 0) {
+        goto exit;
+    }
+    if ((ret = mbedtls_md5_update_ret(&md5_ctx, pwd, pwdlen)) != 0) {
+        goto exit;
+    }
+    if ((ret = mbedtls_md5_update_ret(&md5_ctx, iv, 8)) != 0) {
+        goto exit;
+    }
+    if ((ret = mbedtls_md5_finish_ret(&md5_ctx, md5sum)) != 0) {
+        goto exit;
+    }
+
+    use_len = 16;
+    if (keylen < 32) {
+        use_len = keylen - 16;
+    }
+
+    memcpy(key + 16, md5sum, use_len);
+
+exit:
+    mbedtls_md5_free(&md5_ctx);
+    mbedtls_platform_zeroize(md5sum, 16);
+
+    return ret;
+}
+
+#if defined(MBEDTLS_DES_C)
+/*
+ * Decrypt with DES-CBC, using PBKDF1 for key derivation
+ */
+static int pem_des_decrypt(unsigned char des_iv[8],
+                           unsigned char *buf, size_t buflen,
+                           const unsigned char *pwd, size_t pwdlen)
+{
+    mbedtls_des_context des_ctx;
+    unsigned char des_key[8];
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    mbedtls_des_init(&des_ctx);
+
+    if ((ret = pem_pbkdf1(des_key, 8, des_iv, pwd, pwdlen)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_des_setkey_dec(&des_ctx, des_key)) != 0) {
+        goto exit;
+    }
+    ret = mbedtls_des_crypt_cbc(&des_ctx, MBEDTLS_DES_DECRYPT, buflen,
+                                des_iv, buf, buf);
+
+exit:
+    mbedtls_des_free(&des_ctx);
+    mbedtls_platform_zeroize(des_key, 8);
+
+    return ret;
+}
+
+/*
+ * Decrypt with 3DES-CBC, using PBKDF1 for key derivation
+ */
+static int pem_des3_decrypt(unsigned char des3_iv[8],
+                            unsigned char *buf, size_t buflen,
+                            const unsigned char *pwd, size_t pwdlen)
+{
+    mbedtls_des3_context des3_ctx;
+    unsigned char des3_key[24];
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    mbedtls_des3_init(&des3_ctx);
+
+    if ((ret = pem_pbkdf1(des3_key, 24, des3_iv, pwd, pwdlen)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_des3_set3key_dec(&des3_ctx, des3_key)) != 0) {
+        goto exit;
+    }
+    ret = mbedtls_des3_crypt_cbc(&des3_ctx, MBEDTLS_DES_DECRYPT, buflen,
+                                 des3_iv, buf, buf);
+
+exit:
+    mbedtls_des3_free(&des3_ctx);
+    mbedtls_platform_zeroize(des3_key, 24);
+
+    return ret;
+}
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_AES_C)
+/*
+ * Decrypt with AES-XXX-CBC, using PBKDF1 for key derivation
+ */
+static int pem_aes_decrypt(unsigned char aes_iv[16], unsigned int keylen,
+                           unsigned char *buf, size_t buflen,
+                           const unsigned char *pwd, size_t pwdlen)
+{
+    mbedtls_aes_context aes_ctx;
+    unsigned char aes_key[32];
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    mbedtls_aes_init(&aes_ctx);
+
+    if ((ret = pem_pbkdf1(aes_key, keylen, aes_iv, pwd, pwdlen)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_aes_setkey_dec(&aes_ctx, aes_key, keylen * 8)) != 0) {
+        goto exit;
+    }
+    ret = mbedtls_aes_crypt_cbc(&aes_ctx, MBEDTLS_AES_DECRYPT, buflen,
+                                aes_iv, buf, buf);
+
+exit:
+    mbedtls_aes_free(&aes_ctx);
+    mbedtls_platform_zeroize(aes_key, keylen);
+
+    return ret;
+}
+#endif /* MBEDTLS_AES_C */
+
+#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
+          ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
+
+int mbedtls_pem_read_buffer(mbedtls_pem_context *ctx, const char *header, const char *footer,
+                            const unsigned char *data, const unsigned char *pwd,
+                            size_t pwdlen, size_t *use_len)
+{
+    int ret, enc;
+    size_t len;
+    unsigned char *buf;
+    const unsigned char *s1, *s2, *end;
+#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) &&         \
+    (defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C))
+    unsigned char pem_iv[16];
+    mbedtls_cipher_type_t enc_alg = MBEDTLS_CIPHER_NONE;
+#else
+    ((void) pwd);
+    ((void) pwdlen);
+#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
+          ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
+
+    if (ctx == NULL) {
+        return MBEDTLS_ERR_PEM_BAD_INPUT_DATA;
+    }
+
+    s1 = (unsigned char *) strstr((const char *) data, header);
+
+    if (s1 == NULL) {
+        return MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
+    }
+
+    s2 = (unsigned char *) strstr((const char *) data, footer);
+
+    if (s2 == NULL || s2 <= s1) {
+        return MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
+    }
+
+    s1 += strlen(header);
+    if (*s1 == ' ') {
+        s1++;
+    }
+    if (*s1 == '\r') {
+        s1++;
+    }
+    if (*s1 == '\n') {
+        s1++;
+    } else {
+        return MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
+    }
+
+    end = s2;
+    end += strlen(footer);
+    if (*end == ' ') {
+        end++;
+    }
+    if (*end == '\r') {
+        end++;
+    }
+    if (*end == '\n') {
+        end++;
+    }
+    *use_len = end - data;
+
+    enc = 0;
+
+    if (s2 - s1 >= 22 && memcmp(s1, "Proc-Type: 4,ENCRYPTED", 22) == 0) {
+#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) &&         \
+        (defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C))
+        enc++;
+
+        s1 += 22;
+        if (*s1 == '\r') {
+            s1++;
+        }
+        if (*s1 == '\n') {
+            s1++;
+        } else {
+            return MBEDTLS_ERR_PEM_INVALID_DATA;
+        }
+
+
+#if defined(MBEDTLS_DES_C)
+        if (s2 - s1 >= 23 && memcmp(s1, "DEK-Info: DES-EDE3-CBC,", 23) == 0) {
+            enc_alg = MBEDTLS_CIPHER_DES_EDE3_CBC;
+
+            s1 += 23;
+            if (s2 - s1 < 16 || pem_get_iv(s1, pem_iv, 8) != 0) {
+                return MBEDTLS_ERR_PEM_INVALID_ENC_IV;
+            }
+
+            s1 += 16;
+        } else if (s2 - s1 >= 18 && memcmp(s1, "DEK-Info: DES-CBC,", 18) == 0) {
+            enc_alg = MBEDTLS_CIPHER_DES_CBC;
+
+            s1 += 18;
+            if (s2 - s1 < 16 || pem_get_iv(s1, pem_iv, 8) != 0) {
+                return MBEDTLS_ERR_PEM_INVALID_ENC_IV;
+            }
+
+            s1 += 16;
+        }
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_AES_C)
+        if (s2 - s1 >= 14 && memcmp(s1, "DEK-Info: AES-", 14) == 0) {
+            if (s2 - s1 < 22) {
+                return MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG;
+            } else if (memcmp(s1, "DEK-Info: AES-128-CBC,", 22) == 0) {
+                enc_alg = MBEDTLS_CIPHER_AES_128_CBC;
+            } else if (memcmp(s1, "DEK-Info: AES-192-CBC,", 22) == 0) {
+                enc_alg = MBEDTLS_CIPHER_AES_192_CBC;
+            } else if (memcmp(s1, "DEK-Info: AES-256-CBC,", 22) == 0) {
+                enc_alg = MBEDTLS_CIPHER_AES_256_CBC;
+            } else {
+                return MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG;
+            }
+
+            s1 += 22;
+            if (s2 - s1 < 32 || pem_get_iv(s1, pem_iv, 16) != 0) {
+                return MBEDTLS_ERR_PEM_INVALID_ENC_IV;
+            }
+
+            s1 += 32;
+        }
+#endif /* MBEDTLS_AES_C */
+
+        if (enc_alg == MBEDTLS_CIPHER_NONE) {
+            return MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG;
+        }
+
+        if (*s1 == '\r') {
+            s1++;
+        }
+        if (*s1 == '\n') {
+            s1++;
+        } else {
+            return MBEDTLS_ERR_PEM_INVALID_DATA;
+        }
+#else
+        return MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE;
+#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
+          ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
+    }
+
+    if (s1 >= s2) {
+        return MBEDTLS_ERR_PEM_INVALID_DATA;
+    }
+
+    ret = mbedtls_base64_decode(NULL, 0, &len, s1, s2 - s1);
+
+    if (ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PEM_INVALID_DATA, ret);
+    }
+
+    if ((buf = mbedtls_calloc(1, len)) == NULL) {
+        return MBEDTLS_ERR_PEM_ALLOC_FAILED;
+    }
+
+    if ((ret = mbedtls_base64_decode(buf, len, &len, s1, s2 - s1)) != 0) {
+        mbedtls_platform_zeroize(buf, len);
+        mbedtls_free(buf);
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PEM_INVALID_DATA, ret);
+    }
+
+    if (enc != 0) {
+#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) &&         \
+        (defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C))
+        if (pwd == NULL) {
+            mbedtls_platform_zeroize(buf, len);
+            mbedtls_free(buf);
+            return MBEDTLS_ERR_PEM_PASSWORD_REQUIRED;
+        }
+
+        ret = 0;
+
+#if defined(MBEDTLS_DES_C)
+        if (enc_alg == MBEDTLS_CIPHER_DES_EDE3_CBC) {
+            ret = pem_des3_decrypt(pem_iv, buf, len, pwd, pwdlen);
+        } else if (enc_alg == MBEDTLS_CIPHER_DES_CBC) {
+            ret = pem_des_decrypt(pem_iv, buf, len, pwd, pwdlen);
+        }
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_AES_C)
+        if (enc_alg == MBEDTLS_CIPHER_AES_128_CBC) {
+            ret = pem_aes_decrypt(pem_iv, 16, buf, len, pwd, pwdlen);
+        } else if (enc_alg == MBEDTLS_CIPHER_AES_192_CBC) {
+            ret = pem_aes_decrypt(pem_iv, 24, buf, len, pwd, pwdlen);
+        } else if (enc_alg == MBEDTLS_CIPHER_AES_256_CBC) {
+            ret = pem_aes_decrypt(pem_iv, 32, buf, len, pwd, pwdlen);
+        }
+#endif /* MBEDTLS_AES_C */
+
+        if (ret != 0) {
+            mbedtls_free(buf);
+            return ret;
+        }
+
+        /*
+         * The result will be ASN.1 starting with a SEQUENCE tag, with 1 to 3
+         * length bytes (allow 4 to be sure) in all known use cases.
+         *
+         * Use that as a heuristic to try to detect password mismatches.
+         */
+        if (len <= 2 || buf[0] != 0x30 || buf[1] > 0x83) {
+            mbedtls_platform_zeroize(buf, len);
+            mbedtls_free(buf);
+            return MBEDTLS_ERR_PEM_PASSWORD_MISMATCH;
+        }
+#else
+        mbedtls_platform_zeroize(buf, len);
+        mbedtls_free(buf);
+        return MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE;
+#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
+          ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
+    }
+
+    ctx->buf = buf;
+    ctx->buflen = len;
+
+    return 0;
+}
+
+void mbedtls_pem_free(mbedtls_pem_context *ctx)
+{
+    if (ctx->buf != NULL) {
+        mbedtls_platform_zeroize(ctx->buf, ctx->buflen);
+        mbedtls_free(ctx->buf);
+    }
+    mbedtls_free(ctx->info);
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_pem_context));
+}
+#endif /* MBEDTLS_PEM_PARSE_C */
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+int mbedtls_pem_write_buffer(const char *header, const char *footer,
+                             const unsigned char *der_data, size_t der_len,
+                             unsigned char *buf, size_t buf_len, size_t *olen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *encode_buf = NULL, *c, *p = buf;
+    size_t len = 0, use_len, add_len = 0;
+
+    mbedtls_base64_encode(NULL, 0, &use_len, der_data, der_len);
+    add_len = strlen(header) + strlen(footer) + (use_len / 64) + 1;
+
+    if (use_len + add_len > buf_len) {
+        *olen = use_len + add_len;
+        return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL;
+    }
+
+    if (use_len != 0 &&
+        ((encode_buf = mbedtls_calloc(1, use_len)) == NULL)) {
+        return MBEDTLS_ERR_PEM_ALLOC_FAILED;
+    }
+
+    if ((ret = mbedtls_base64_encode(encode_buf, use_len, &use_len, der_data,
+                                     der_len)) != 0) {
+        mbedtls_free(encode_buf);
+        return ret;
+    }
+
+    memcpy(p, header, strlen(header));
+    p += strlen(header);
+    c = encode_buf;
+
+    while (use_len) {
+        len = (use_len > 64) ? 64 : use_len;
+        memcpy(p, c, len);
+        use_len -= len;
+        p += len;
+        c += len;
+        *p++ = '\n';
+    }
+
+    memcpy(p, footer, strlen(footer));
+    p += strlen(footer);
+
+    *p++ = '\0';
+    *olen = p - buf;
+
+    /* Clean any remaining data previously written to the buffer */
+    memset(buf + *olen, 0, buf_len - *olen);
+
+    mbedtls_free(encode_buf);
+    return 0;
+}
+#endif /* MBEDTLS_PEM_WRITE_C */
+#endif /* MBEDTLS_PEM_PARSE_C || MBEDTLS_PEM_WRITE_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/pk.c b/3rdparty/mbedtls-2.28.7/library/pk.c
new file mode 100644
index 0000000..6b5008d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/pk.c
@@ -0,0 +1,674 @@
+/*
+ *  Public Key abstraction layer
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PK_C)
+#include "mbedtls/pk.h"
+#include "mbedtls/pk_internal.h"
+
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#if defined(MBEDTLS_RSA_C)
+#include "mbedtls/rsa.h"
+#endif
+#if defined(MBEDTLS_ECP_C)
+#include "mbedtls/ecp.h"
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+#include "mbedtls/ecdsa.h"
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "mbedtls/psa_util.h"
+#endif
+
+#include <limits.h>
+#include <stdint.h>
+
+/* Parameter validation macros based on platform_util.h */
+#define PK_VALIDATE_RET(cond)    \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA)
+#define PK_VALIDATE(cond)        \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+/*
+ * Initialise a mbedtls_pk_context
+ */
+void mbedtls_pk_init(mbedtls_pk_context *ctx)
+{
+    PK_VALIDATE(ctx != NULL);
+
+    ctx->pk_info = NULL;
+    ctx->pk_ctx = NULL;
+}
+
+/*
+ * Free (the components of) a mbedtls_pk_context
+ */
+void mbedtls_pk_free(mbedtls_pk_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    if (ctx->pk_info != NULL) {
+        ctx->pk_info->ctx_free_func(ctx->pk_ctx);
+    }
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_pk_context));
+}
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+/*
+ * Initialize a restart context
+ */
+void mbedtls_pk_restart_init(mbedtls_pk_restart_ctx *ctx)
+{
+    PK_VALIDATE(ctx != NULL);
+    ctx->pk_info = NULL;
+    ctx->rs_ctx = NULL;
+}
+
+/*
+ * Free the components of a restart context
+ */
+void mbedtls_pk_restart_free(mbedtls_pk_restart_ctx *ctx)
+{
+    if (ctx == NULL || ctx->pk_info == NULL ||
+        ctx->pk_info->rs_free_func == NULL) {
+        return;
+    }
+
+    ctx->pk_info->rs_free_func(ctx->rs_ctx);
+
+    ctx->pk_info = NULL;
+    ctx->rs_ctx = NULL;
+}
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
+/*
+ * Get pk_info structure from type
+ */
+const mbedtls_pk_info_t *mbedtls_pk_info_from_type(mbedtls_pk_type_t pk_type)
+{
+    switch (pk_type) {
+#if defined(MBEDTLS_RSA_C)
+        case MBEDTLS_PK_RSA:
+            return &mbedtls_rsa_info;
+#endif
+#if defined(MBEDTLS_ECP_C)
+        case MBEDTLS_PK_ECKEY:
+            return &mbedtls_eckey_info;
+        case MBEDTLS_PK_ECKEY_DH:
+            return &mbedtls_eckeydh_info;
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+        case MBEDTLS_PK_ECDSA:
+            return &mbedtls_ecdsa_info;
+#endif
+        /* MBEDTLS_PK_RSA_ALT omitted on purpose */
+        default:
+            return NULL;
+    }
+}
+
+/*
+ * Initialise context
+ */
+int mbedtls_pk_setup(mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info)
+{
+    PK_VALIDATE_RET(ctx != NULL);
+    if (info == NULL || ctx->pk_info != NULL) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+
+    if ((ctx->pk_ctx = info->ctx_alloc_func()) == NULL) {
+        return MBEDTLS_ERR_PK_ALLOC_FAILED;
+    }
+
+    ctx->pk_info = info;
+
+    return 0;
+}
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/*
+ * Initialise a PSA-wrapping context
+ */
+int mbedtls_pk_setup_opaque(mbedtls_pk_context *ctx,
+                            const psa_key_id_t key)
+{
+    const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_info;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_id_t *pk_ctx;
+    psa_key_type_t type;
+
+    if (ctx == NULL || ctx->pk_info != NULL) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+
+    if (PSA_SUCCESS != psa_get_key_attributes(key, &attributes)) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+    type = psa_get_key_type(&attributes);
+    psa_reset_key_attributes(&attributes);
+
+    /* Current implementation of can_do() relies on this. */
+    if (!PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) {
+        return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+    }
+
+    if ((ctx->pk_ctx = info->ctx_alloc_func()) == NULL) {
+        return MBEDTLS_ERR_PK_ALLOC_FAILED;
+    }
+
+    ctx->pk_info = info;
+
+    pk_ctx = (psa_key_id_t *) ctx->pk_ctx;
+    *pk_ctx = key;
+
+    return 0;
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+/*
+ * Initialize an RSA-alt context
+ */
+int mbedtls_pk_setup_rsa_alt(mbedtls_pk_context *ctx, void *key,
+                             mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
+                             mbedtls_pk_rsa_alt_sign_func sign_func,
+                             mbedtls_pk_rsa_alt_key_len_func key_len_func)
+{
+    mbedtls_rsa_alt_context *rsa_alt;
+    const mbedtls_pk_info_t *info = &mbedtls_rsa_alt_info;
+
+    PK_VALIDATE_RET(ctx != NULL);
+    if (ctx->pk_info != NULL) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+
+    if ((ctx->pk_ctx = info->ctx_alloc_func()) == NULL) {
+        return MBEDTLS_ERR_PK_ALLOC_FAILED;
+    }
+
+    ctx->pk_info = info;
+
+    rsa_alt = (mbedtls_rsa_alt_context *) ctx->pk_ctx;
+
+    rsa_alt->key = key;
+    rsa_alt->decrypt_func = decrypt_func;
+    rsa_alt->sign_func = sign_func;
+    rsa_alt->key_len_func = key_len_func;
+
+    return 0;
+}
+#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
+
+/*
+ * Tell if a PK can do the operations of the given type
+ */
+int mbedtls_pk_can_do(const mbedtls_pk_context *ctx, mbedtls_pk_type_t type)
+{
+    /* A context with null pk_info is not set up yet and can't do anything.
+     * For backward compatibility, also accept NULL instead of a context
+     * pointer. */
+    if (ctx == NULL || ctx->pk_info == NULL) {
+        return 0;
+    }
+
+    return ctx->pk_info->can_do(type);
+}
+
+/*
+ * Helper for mbedtls_pk_sign and mbedtls_pk_verify
+ */
+static inline int pk_hashlen_helper(mbedtls_md_type_t md_alg, size_t *hash_len)
+{
+    const mbedtls_md_info_t *md_info;
+
+    if (*hash_len != 0 && md_alg == MBEDTLS_MD_NONE) {
+        return 0;
+    }
+
+    if ((md_info = mbedtls_md_info_from_type(md_alg)) == NULL) {
+        return -1;
+    }
+
+    if (*hash_len != 0 && *hash_len != mbedtls_md_get_size(md_info)) {
+        return -1;
+    }
+
+    *hash_len = mbedtls_md_get_size(md_info);
+    return 0;
+}
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+/*
+ * Helper to set up a restart context if needed
+ */
+static int pk_restart_setup(mbedtls_pk_restart_ctx *ctx,
+                            const mbedtls_pk_info_t *info)
+{
+    /* Don't do anything if already set up or invalid */
+    if (ctx == NULL || ctx->pk_info != NULL) {
+        return 0;
+    }
+
+    /* Should never happen when we're called */
+    if (info->rs_alloc_func == NULL || info->rs_free_func == NULL) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+
+    if ((ctx->rs_ctx = info->rs_alloc_func()) == NULL) {
+        return MBEDTLS_ERR_PK_ALLOC_FAILED;
+    }
+
+    ctx->pk_info = info;
+
+    return 0;
+}
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
+/*
+ * Verify a signature (restartable)
+ */
+int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx,
+                                  mbedtls_md_type_t md_alg,
+                                  const unsigned char *hash, size_t hash_len,
+                                  const unsigned char *sig, size_t sig_len,
+                                  mbedtls_pk_restart_ctx *rs_ctx)
+{
+    PK_VALIDATE_RET(ctx != NULL);
+    PK_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && hash_len == 0) ||
+                    hash != NULL);
+    PK_VALIDATE_RET(sig != NULL);
+
+    if (ctx->pk_info == NULL ||
+        pk_hashlen_helper(md_alg, &hash_len) != 0) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    /* optimization: use non-restartable version if restart disabled */
+    if (rs_ctx != NULL &&
+        mbedtls_ecp_restart_is_enabled() &&
+        ctx->pk_info->verify_rs_func != NULL) {
+        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+        if ((ret = pk_restart_setup(rs_ctx, ctx->pk_info)) != 0) {
+            return ret;
+        }
+
+        ret = ctx->pk_info->verify_rs_func(ctx->pk_ctx,
+                                           md_alg, hash, hash_len, sig, sig_len, rs_ctx->rs_ctx);
+
+        if (ret != MBEDTLS_ERR_ECP_IN_PROGRESS) {
+            mbedtls_pk_restart_free(rs_ctx);
+        }
+
+        return ret;
+    }
+#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+    (void) rs_ctx;
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
+    if (ctx->pk_info->verify_func == NULL) {
+        return MBEDTLS_ERR_PK_TYPE_MISMATCH;
+    }
+
+    return ctx->pk_info->verify_func(ctx->pk_ctx, md_alg, hash, hash_len,
+                                     sig, sig_len);
+}
+
+/*
+ * Verify a signature
+ */
+int mbedtls_pk_verify(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
+                      const unsigned char *hash, size_t hash_len,
+                      const unsigned char *sig, size_t sig_len)
+{
+    return mbedtls_pk_verify_restartable(ctx, md_alg, hash, hash_len,
+                                         sig, sig_len, NULL);
+}
+
+/*
+ * Verify a signature with options
+ */
+int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options,
+                          mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
+                          const unsigned char *hash, size_t hash_len,
+                          const unsigned char *sig, size_t sig_len)
+{
+    PK_VALIDATE_RET(ctx != NULL);
+    PK_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && hash_len == 0) ||
+                    hash != NULL);
+    PK_VALIDATE_RET(sig != NULL);
+
+    if (ctx->pk_info == NULL) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+
+    if (!mbedtls_pk_can_do(ctx, type)) {
+        return MBEDTLS_ERR_PK_TYPE_MISMATCH;
+    }
+
+    if (type == MBEDTLS_PK_RSASSA_PSS) {
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21)
+        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+        const mbedtls_pk_rsassa_pss_options *pss_opts;
+
+#if SIZE_MAX > UINT_MAX
+        if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) {
+            return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+        }
+#endif /* SIZE_MAX > UINT_MAX */
+
+        if (options == NULL) {
+            return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+        }
+
+        pss_opts = (const mbedtls_pk_rsassa_pss_options *) options;
+
+        if (sig_len < mbedtls_pk_get_len(ctx)) {
+            return MBEDTLS_ERR_RSA_VERIFY_FAILED;
+        }
+
+        ret = mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_pk_rsa(*ctx),
+                                                NULL, NULL, MBEDTLS_RSA_PUBLIC,
+                                                md_alg, (unsigned int) hash_len, hash,
+                                                pss_opts->mgf1_hash_id,
+                                                pss_opts->expected_salt_len,
+                                                sig);
+        if (ret != 0) {
+            return ret;
+        }
+
+        if (sig_len > mbedtls_pk_get_len(ctx)) {
+            return MBEDTLS_ERR_PK_SIG_LEN_MISMATCH;
+        }
+
+        return 0;
+#else
+        return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+#endif /* MBEDTLS_RSA_C && MBEDTLS_PKCS1_V21 */
+    }
+
+    /* General case: no options */
+    if (options != NULL) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+
+    return mbedtls_pk_verify(ctx, md_alg, hash, hash_len, sig, sig_len);
+}
+
+/*
+ * Make a signature (restartable)
+ */
+int mbedtls_pk_sign_restartable(mbedtls_pk_context *ctx,
+                                mbedtls_md_type_t md_alg,
+                                const unsigned char *hash, size_t hash_len,
+                                unsigned char *sig, size_t *sig_len,
+                                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+                                mbedtls_pk_restart_ctx *rs_ctx)
+{
+    PK_VALIDATE_RET(ctx != NULL);
+    PK_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && hash_len == 0) ||
+                    hash != NULL);
+    PK_VALIDATE_RET(sig != NULL);
+
+    if (ctx->pk_info == NULL ||
+        pk_hashlen_helper(md_alg, &hash_len) != 0) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    /* optimization: use non-restartable version if restart disabled */
+    if (rs_ctx != NULL &&
+        mbedtls_ecp_restart_is_enabled() &&
+        ctx->pk_info->sign_rs_func != NULL) {
+        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+        if ((ret = pk_restart_setup(rs_ctx, ctx->pk_info)) != 0) {
+            return ret;
+        }
+
+        ret = ctx->pk_info->sign_rs_func(ctx->pk_ctx, md_alg,
+                                         hash, hash_len, sig, sig_len, f_rng, p_rng,
+                                         rs_ctx->rs_ctx);
+
+        if (ret != MBEDTLS_ERR_ECP_IN_PROGRESS) {
+            mbedtls_pk_restart_free(rs_ctx);
+        }
+
+        return ret;
+    }
+#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+    (void) rs_ctx;
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
+    if (ctx->pk_info->sign_func == NULL) {
+        return MBEDTLS_ERR_PK_TYPE_MISMATCH;
+    }
+
+    return ctx->pk_info->sign_func(ctx->pk_ctx, md_alg, hash, hash_len,
+                                   sig, sig_len, f_rng, p_rng);
+}
+
+/*
+ * Make a signature
+ */
+int mbedtls_pk_sign(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
+                    const unsigned char *hash, size_t hash_len,
+                    unsigned char *sig, size_t *sig_len,
+                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+    return mbedtls_pk_sign_restartable(ctx, md_alg, hash, hash_len,
+                                       sig, sig_len, f_rng, p_rng, NULL);
+}
+
+/*
+ * Decrypt message
+ */
+int mbedtls_pk_decrypt(mbedtls_pk_context *ctx,
+                       const unsigned char *input, size_t ilen,
+                       unsigned char *output, size_t *olen, size_t osize,
+                       int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+    PK_VALIDATE_RET(ctx != NULL);
+    PK_VALIDATE_RET(input != NULL || ilen == 0);
+    PK_VALIDATE_RET(output != NULL || osize == 0);
+    PK_VALIDATE_RET(olen != NULL);
+
+    if (ctx->pk_info == NULL) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+
+    if (ctx->pk_info->decrypt_func == NULL) {
+        return MBEDTLS_ERR_PK_TYPE_MISMATCH;
+    }
+
+    return ctx->pk_info->decrypt_func(ctx->pk_ctx, input, ilen,
+                                      output, olen, osize, f_rng, p_rng);
+}
+
+/*
+ * Encrypt message
+ */
+int mbedtls_pk_encrypt(mbedtls_pk_context *ctx,
+                       const unsigned char *input, size_t ilen,
+                       unsigned char *output, size_t *olen, size_t osize,
+                       int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+    PK_VALIDATE_RET(ctx != NULL);
+    PK_VALIDATE_RET(input != NULL || ilen == 0);
+    PK_VALIDATE_RET(output != NULL || osize == 0);
+    PK_VALIDATE_RET(olen != NULL);
+
+    if (ctx->pk_info == NULL) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+
+    if (ctx->pk_info->encrypt_func == NULL) {
+        return MBEDTLS_ERR_PK_TYPE_MISMATCH;
+    }
+
+    return ctx->pk_info->encrypt_func(ctx->pk_ctx, input, ilen,
+                                      output, olen, osize, f_rng, p_rng);
+}
+
+/*
+ * Check public-private key pair
+ */
+int mbedtls_pk_check_pair(const mbedtls_pk_context *pub, const mbedtls_pk_context *prv)
+{
+    PK_VALIDATE_RET(pub != NULL);
+    PK_VALIDATE_RET(prv != NULL);
+
+    if (pub->pk_info == NULL ||
+        prv->pk_info == NULL) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+
+    if (prv->pk_info->check_pair_func == NULL) {
+        return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+    }
+
+    if (prv->pk_info->type == MBEDTLS_PK_RSA_ALT) {
+        if (pub->pk_info->type != MBEDTLS_PK_RSA) {
+            return MBEDTLS_ERR_PK_TYPE_MISMATCH;
+        }
+    } else {
+        if (pub->pk_info != prv->pk_info) {
+            return MBEDTLS_ERR_PK_TYPE_MISMATCH;
+        }
+    }
+
+    return prv->pk_info->check_pair_func(pub->pk_ctx, prv->pk_ctx);
+}
+
+/*
+ * Get key size in bits
+ */
+size_t mbedtls_pk_get_bitlen(const mbedtls_pk_context *ctx)
+{
+    /* For backward compatibility, accept NULL or a context that
+     * isn't set up yet, and return a fake value that should be safe. */
+    if (ctx == NULL || ctx->pk_info == NULL) {
+        return 0;
+    }
+
+    return ctx->pk_info->get_bitlen(ctx->pk_ctx);
+}
+
+/*
+ * Export debug information
+ */
+int mbedtls_pk_debug(const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items)
+{
+    PK_VALIDATE_RET(ctx != NULL);
+    if (ctx->pk_info == NULL) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+
+    if (ctx->pk_info->debug_func == NULL) {
+        return MBEDTLS_ERR_PK_TYPE_MISMATCH;
+    }
+
+    ctx->pk_info->debug_func(ctx->pk_ctx, items);
+    return 0;
+}
+
+/*
+ * Access the PK type name
+ */
+const char *mbedtls_pk_get_name(const mbedtls_pk_context *ctx)
+{
+    if (ctx == NULL || ctx->pk_info == NULL) {
+        return "invalid PK";
+    }
+
+    return ctx->pk_info->name;
+}
+
+/*
+ * Access the PK type
+ */
+mbedtls_pk_type_t mbedtls_pk_get_type(const mbedtls_pk_context *ctx)
+{
+    if (ctx == NULL || ctx->pk_info == NULL) {
+        return MBEDTLS_PK_NONE;
+    }
+
+    return ctx->pk_info->type;
+}
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/*
+ * Load the key to a PSA key slot,
+ * then turn the PK context into a wrapper for that key slot.
+ *
+ * Currently only works for EC private keys.
+ */
+int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk,
+                              psa_key_id_t *key,
+                              psa_algorithm_t hash_alg)
+{
+#if !defined(MBEDTLS_ECP_C)
+    ((void) pk);
+    ((void) key);
+    ((void) hash_alg);
+    return MBEDTLS_ERR_PK_TYPE_MISMATCH;
+#else
+    const mbedtls_ecp_keypair *ec;
+    unsigned char d[MBEDTLS_ECP_MAX_BYTES];
+    size_t d_len;
+    psa_ecc_family_t curve_id;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_type_t key_type;
+    size_t bits;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    psa_status_t status;
+
+    /* export the private key material in the format PSA wants */
+    if (mbedtls_pk_get_type(pk) != MBEDTLS_PK_ECKEY) {
+        return MBEDTLS_ERR_PK_TYPE_MISMATCH;
+    }
+
+    ec = mbedtls_pk_ec(*pk);
+    d_len = (ec->grp.nbits + 7) / 8;
+    if ((ret = mbedtls_mpi_write_binary(&ec->d, d, d_len)) != 0) {
+        return ret;
+    }
+
+    curve_id = mbedtls_ecc_group_to_psa(ec->grp.id, &bits);
+    key_type = PSA_KEY_TYPE_ECC_KEY_PAIR(curve_id);
+
+    /* prepare the key attributes */
+    psa_set_key_type(&attributes, key_type);
+    psa_set_key_bits(&attributes, bits);
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH);
+    psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(hash_alg));
+
+    /* import private key into PSA */
+    status = psa_import_key(&attributes, d, d_len, key);
+    mbedtls_platform_zeroize(d, sizeof(d));
+    if (status != PSA_SUCCESS) {
+        return MBEDTLS_ERR_PK_HW_ACCEL_FAILED;
+    }
+
+    /* make PK context wrap the key slot */
+    mbedtls_pk_free(pk);
+    mbedtls_pk_init(pk);
+
+    return mbedtls_pk_setup_opaque(pk, *key);
+#endif /* MBEDTLS_ECP_C */
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#endif /* MBEDTLS_PK_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/pk_wrap.c b/3rdparty/mbedtls-2.28.7/library/pk_wrap.c
new file mode 100644
index 0000000..14c6d3f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/pk_wrap.c
@@ -0,0 +1,1077 @@
+/*
+ *  Public Key abstraction layer: wrapper functions
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PK_C)
+#include "mbedtls/pk_internal.h"
+#include "mbedtls/error.h"
+
+/* Even if RSA not activated, for the sake of RSA-alt */
+#include "mbedtls/rsa.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_ECP_C)
+#include "mbedtls/ecp.h"
+#endif
+
+#if defined(MBEDTLS_ECDSA_C)
+#include "mbedtls/ecdsa.h"
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "mbedtls/asn1write.h"
+#endif
+
+#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+#include "mbedtls/platform_util.h"
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#include "mbedtls/asn1.h"
+#endif
+
+#include "mbedtls/platform.h"
+
+#include <limits.h>
+#include <stdint.h>
+
+#if defined(MBEDTLS_RSA_C)
+static int rsa_can_do(mbedtls_pk_type_t type)
+{
+    return type == MBEDTLS_PK_RSA ||
+           type == MBEDTLS_PK_RSASSA_PSS;
+}
+
+static size_t rsa_get_bitlen(const void *ctx)
+{
+    const mbedtls_rsa_context *rsa = (const mbedtls_rsa_context *) ctx;
+    return 8 * mbedtls_rsa_get_len(rsa);
+}
+
+static int rsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg,
+                           const unsigned char *hash, size_t hash_len,
+                           const unsigned char *sig, size_t sig_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx;
+    size_t rsa_len = mbedtls_rsa_get_len(rsa);
+
+#if SIZE_MAX > UINT_MAX
+    if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+#endif /* SIZE_MAX > UINT_MAX */
+
+    if (sig_len < rsa_len) {
+        return MBEDTLS_ERR_RSA_VERIFY_FAILED;
+    }
+
+    if ((ret = mbedtls_rsa_pkcs1_verify(rsa, NULL, NULL,
+                                        MBEDTLS_RSA_PUBLIC, md_alg,
+                                        (unsigned int) hash_len, hash, sig)) != 0) {
+        return ret;
+    }
+
+    /* The buffer contains a valid signature followed by extra data.
+     * We have a special error code for that so that so that callers can
+     * use mbedtls_pk_verify() to check "Does the buffer start with a
+     * valid signature?" and not just "Does the buffer contain a valid
+     * signature?". */
+    if (sig_len > rsa_len) {
+        return MBEDTLS_ERR_PK_SIG_LEN_MISMATCH;
+    }
+
+    return 0;
+}
+
+static int rsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg,
+                         const unsigned char *hash, size_t hash_len,
+                         unsigned char *sig, size_t *sig_len,
+                         int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+    mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx;
+
+#if SIZE_MAX > UINT_MAX
+    if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+#endif /* SIZE_MAX > UINT_MAX */
+
+    *sig_len = mbedtls_rsa_get_len(rsa);
+
+    return mbedtls_rsa_pkcs1_sign(rsa, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
+                                  md_alg, (unsigned int) hash_len, hash, sig);
+}
+
+static int rsa_decrypt_wrap(void *ctx,
+                            const unsigned char *input, size_t ilen,
+                            unsigned char *output, size_t *olen, size_t osize,
+                            int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+    mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx;
+
+    if (ilen != mbedtls_rsa_get_len(rsa)) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    return mbedtls_rsa_pkcs1_decrypt(rsa, f_rng, p_rng,
+                                     MBEDTLS_RSA_PRIVATE, olen, input, output, osize);
+}
+
+static int rsa_encrypt_wrap(void *ctx,
+                            const unsigned char *input, size_t ilen,
+                            unsigned char *output, size_t *olen, size_t osize,
+                            int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+    mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx;
+    *olen = mbedtls_rsa_get_len(rsa);
+
+    if (*olen > osize) {
+        return MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE;
+    }
+
+    return mbedtls_rsa_pkcs1_encrypt(rsa, f_rng, p_rng, MBEDTLS_RSA_PUBLIC,
+                                     ilen, input, output);
+}
+
+static int rsa_check_pair_wrap(const void *pub, const void *prv)
+{
+    return mbedtls_rsa_check_pub_priv((const mbedtls_rsa_context *) pub,
+                                      (const mbedtls_rsa_context *) prv);
+}
+
+static void *rsa_alloc_wrap(void)
+{
+    void *ctx = mbedtls_calloc(1, sizeof(mbedtls_rsa_context));
+
+    if (ctx != NULL) {
+        mbedtls_rsa_init((mbedtls_rsa_context *) ctx, 0, 0);
+    }
+
+    return ctx;
+}
+
+static void rsa_free_wrap(void *ctx)
+{
+    mbedtls_rsa_free((mbedtls_rsa_context *) ctx);
+    mbedtls_free(ctx);
+}
+
+static void rsa_debug(const void *ctx, mbedtls_pk_debug_item *items)
+{
+    items->type = MBEDTLS_PK_DEBUG_MPI;
+    items->name = "rsa.N";
+    items->value = &(((mbedtls_rsa_context *) ctx)->N);
+
+    items++;
+
+    items->type = MBEDTLS_PK_DEBUG_MPI;
+    items->name = "rsa.E";
+    items->value = &(((mbedtls_rsa_context *) ctx)->E);
+}
+
+const mbedtls_pk_info_t mbedtls_rsa_info = {
+    MBEDTLS_PK_RSA,
+    "RSA",
+    rsa_get_bitlen,
+    rsa_can_do,
+    rsa_verify_wrap,
+    rsa_sign_wrap,
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    NULL,
+    NULL,
+#endif
+    rsa_decrypt_wrap,
+    rsa_encrypt_wrap,
+    rsa_check_pair_wrap,
+    rsa_alloc_wrap,
+    rsa_free_wrap,
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    NULL,
+    NULL,
+#endif
+    rsa_debug,
+};
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_ECP_C)
+/*
+ * Generic EC key
+ */
+static int eckey_can_do(mbedtls_pk_type_t type)
+{
+    return type == MBEDTLS_PK_ECKEY ||
+           type == MBEDTLS_PK_ECKEY_DH ||
+           type == MBEDTLS_PK_ECDSA;
+}
+
+static size_t eckey_get_bitlen(const void *ctx)
+{
+    return ((mbedtls_ecp_keypair *) ctx)->grp.pbits;
+}
+
+#if defined(MBEDTLS_ECDSA_C)
+/* Forward declarations */
+static int ecdsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg,
+                             const unsigned char *hash, size_t hash_len,
+                             const unsigned char *sig, size_t sig_len);
+
+static int ecdsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg,
+                           const unsigned char *hash, size_t hash_len,
+                           unsigned char *sig, size_t *sig_len,
+                           int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
+
+static int eckey_verify_wrap(void *ctx, mbedtls_md_type_t md_alg,
+                             const unsigned char *hash, size_t hash_len,
+                             const unsigned char *sig, size_t sig_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ecdsa_context ecdsa;
+
+    mbedtls_ecdsa_init(&ecdsa);
+
+    if ((ret = mbedtls_ecdsa_from_keypair(&ecdsa, ctx)) == 0) {
+        ret = ecdsa_verify_wrap(&ecdsa, md_alg, hash, hash_len, sig, sig_len);
+    }
+
+    mbedtls_ecdsa_free(&ecdsa);
+
+    return ret;
+}
+
+static int eckey_sign_wrap(void *ctx, mbedtls_md_type_t md_alg,
+                           const unsigned char *hash, size_t hash_len,
+                           unsigned char *sig, size_t *sig_len,
+                           int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ecdsa_context ecdsa;
+
+    mbedtls_ecdsa_init(&ecdsa);
+
+    if ((ret = mbedtls_ecdsa_from_keypair(&ecdsa, ctx)) == 0) {
+        ret = ecdsa_sign_wrap(&ecdsa, md_alg, hash, hash_len, sig, sig_len,
+                              f_rng, p_rng);
+    }
+
+    mbedtls_ecdsa_free(&ecdsa);
+
+    return ret;
+}
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+/* Forward declarations */
+static int ecdsa_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg,
+                                const unsigned char *hash, size_t hash_len,
+                                const unsigned char *sig, size_t sig_len,
+                                void *rs_ctx);
+
+static int ecdsa_sign_rs_wrap(void *ctx, mbedtls_md_type_t md_alg,
+                              const unsigned char *hash, size_t hash_len,
+                              unsigned char *sig, size_t *sig_len,
+                              int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+                              void *rs_ctx);
+
+/*
+ * Restart context for ECDSA operations with ECKEY context
+ *
+ * We need to store an actual ECDSA context, as we need to pass the same to
+ * the underlying ecdsa function, so we can't create it on the fly every time.
+ */
+typedef struct {
+    mbedtls_ecdsa_restart_ctx ecdsa_rs;
+    mbedtls_ecdsa_context ecdsa_ctx;
+} eckey_restart_ctx;
+
+static void *eckey_rs_alloc(void)
+{
+    eckey_restart_ctx *rs_ctx;
+
+    void *ctx = mbedtls_calloc(1, sizeof(eckey_restart_ctx));
+
+    if (ctx != NULL) {
+        rs_ctx = ctx;
+        mbedtls_ecdsa_restart_init(&rs_ctx->ecdsa_rs);
+        mbedtls_ecdsa_init(&rs_ctx->ecdsa_ctx);
+    }
+
+    return ctx;
+}
+
+static void eckey_rs_free(void *ctx)
+{
+    eckey_restart_ctx *rs_ctx;
+
+    if (ctx == NULL) {
+        return;
+    }
+
+    rs_ctx = ctx;
+    mbedtls_ecdsa_restart_free(&rs_ctx->ecdsa_rs);
+    mbedtls_ecdsa_free(&rs_ctx->ecdsa_ctx);
+
+    mbedtls_free(ctx);
+}
+
+static int eckey_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg,
+                                const unsigned char *hash, size_t hash_len,
+                                const unsigned char *sig, size_t sig_len,
+                                void *rs_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    eckey_restart_ctx *rs = rs_ctx;
+
+    /* Should never happen */
+    if (rs == NULL) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+
+    /* set up our own sub-context if needed (that is, on first run) */
+    if (rs->ecdsa_ctx.grp.pbits == 0) {
+        MBEDTLS_MPI_CHK(mbedtls_ecdsa_from_keypair(&rs->ecdsa_ctx, ctx));
+    }
+
+    MBEDTLS_MPI_CHK(ecdsa_verify_rs_wrap(&rs->ecdsa_ctx,
+                                         md_alg, hash, hash_len,
+                                         sig, sig_len, &rs->ecdsa_rs));
+
+cleanup:
+    return ret;
+}
+
+static int eckey_sign_rs_wrap(void *ctx, mbedtls_md_type_t md_alg,
+                              const unsigned char *hash, size_t hash_len,
+                              unsigned char *sig, size_t *sig_len,
+                              int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+                              void *rs_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    eckey_restart_ctx *rs = rs_ctx;
+
+    /* Should never happen */
+    if (rs == NULL) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+
+    /* set up our own sub-context if needed (that is, on first run) */
+    if (rs->ecdsa_ctx.grp.pbits == 0) {
+        MBEDTLS_MPI_CHK(mbedtls_ecdsa_from_keypair(&rs->ecdsa_ctx, ctx));
+    }
+
+    MBEDTLS_MPI_CHK(ecdsa_sign_rs_wrap(&rs->ecdsa_ctx, md_alg,
+                                       hash, hash_len, sig, sig_len,
+                                       f_rng, p_rng, &rs->ecdsa_rs));
+
+cleanup:
+    return ret;
+}
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+#endif /* MBEDTLS_ECDSA_C */
+
+static int eckey_check_pair(const void *pub, const void *prv)
+{
+    return mbedtls_ecp_check_pub_priv((const mbedtls_ecp_keypair *) pub,
+                                      (const mbedtls_ecp_keypair *) prv);
+}
+
+static void *eckey_alloc_wrap(void)
+{
+    void *ctx = mbedtls_calloc(1, sizeof(mbedtls_ecp_keypair));
+
+    if (ctx != NULL) {
+        mbedtls_ecp_keypair_init(ctx);
+    }
+
+    return ctx;
+}
+
+static void eckey_free_wrap(void *ctx)
+{
+    mbedtls_ecp_keypair_free((mbedtls_ecp_keypair *) ctx);
+    mbedtls_free(ctx);
+}
+
+static void eckey_debug(const void *ctx, mbedtls_pk_debug_item *items)
+{
+    items->type = MBEDTLS_PK_DEBUG_ECP;
+    items->name = "eckey.Q";
+    items->value = &(((mbedtls_ecp_keypair *) ctx)->Q);
+}
+
+const mbedtls_pk_info_t mbedtls_eckey_info = {
+    MBEDTLS_PK_ECKEY,
+    "EC",
+    eckey_get_bitlen,
+    eckey_can_do,
+#if defined(MBEDTLS_ECDSA_C)
+    eckey_verify_wrap,
+    eckey_sign_wrap,
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    eckey_verify_rs_wrap,
+    eckey_sign_rs_wrap,
+#endif
+#else /* MBEDTLS_ECDSA_C */
+    NULL,
+    NULL,
+#endif /* MBEDTLS_ECDSA_C */
+    NULL,
+    NULL,
+    eckey_check_pair,
+    eckey_alloc_wrap,
+    eckey_free_wrap,
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    eckey_rs_alloc,
+    eckey_rs_free,
+#endif
+    eckey_debug,
+};
+
+/*
+ * EC key restricted to ECDH
+ */
+static int eckeydh_can_do(mbedtls_pk_type_t type)
+{
+    return type == MBEDTLS_PK_ECKEY ||
+           type == MBEDTLS_PK_ECKEY_DH;
+}
+
+const mbedtls_pk_info_t mbedtls_eckeydh_info = {
+    MBEDTLS_PK_ECKEY_DH,
+    "EC_DH",
+    eckey_get_bitlen,         /* Same underlying key structure */
+    eckeydh_can_do,
+    NULL,
+    NULL,
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    NULL,
+    NULL,
+#endif
+    NULL,
+    NULL,
+    eckey_check_pair,
+    eckey_alloc_wrap,       /* Same underlying key structure */
+    eckey_free_wrap,        /* Same underlying key structure */
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    NULL,
+    NULL,
+#endif
+    eckey_debug,            /* Same underlying key structure */
+};
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_ECDSA_C)
+static int ecdsa_can_do(mbedtls_pk_type_t type)
+{
+    return type == MBEDTLS_PK_ECDSA;
+}
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/*
+ * An ASN.1 encoded signature is a sequence of two ASN.1 integers. Parse one of
+ * those integers and convert it to the fixed-length encoding expected by PSA.
+ */
+static int extract_ecdsa_sig_int(unsigned char **from, const unsigned char *end,
+                                 unsigned char *to, size_t to_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t unpadded_len, padding_len;
+
+    if ((ret = mbedtls_asn1_get_tag(from, end, &unpadded_len,
+                                    MBEDTLS_ASN1_INTEGER)) != 0) {
+        return ret;
+    }
+
+    while (unpadded_len > 0 && **from == 0x00) {
+        (*from)++;
+        unpadded_len--;
+    }
+
+    if (unpadded_len > to_len || unpadded_len == 0) {
+        return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
+    }
+
+    padding_len = to_len - unpadded_len;
+    memset(to, 0x00, padding_len);
+    memcpy(to + padding_len, *from, unpadded_len);
+    (*from) += unpadded_len;
+
+    return 0;
+}
+
+/*
+ * Convert a signature from an ASN.1 sequence of two integers
+ * to a raw {r,s} buffer. Note: the provided sig buffer must be at least
+ * twice as big as int_size.
+ */
+static int extract_ecdsa_sig(unsigned char **p, const unsigned char *end,
+                             unsigned char *sig, size_t int_size)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t tmp_size;
+
+    if ((ret = mbedtls_asn1_get_tag(p, end, &tmp_size,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        return ret;
+    }
+
+    /* Extract r */
+    if ((ret = extract_ecdsa_sig_int(p, end, sig, int_size)) != 0) {
+        return ret;
+    }
+    /* Extract s */
+    if ((ret = extract_ecdsa_sig_int(p, end, sig + int_size, int_size)) != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+
+static int ecdsa_verify_wrap(void *ctx_arg, mbedtls_md_type_t md_alg,
+                             const unsigned char *hash, size_t hash_len,
+                             const unsigned char *sig, size_t sig_len)
+{
+    mbedtls_ecdsa_context *ctx = ctx_arg;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_id_t key_id = 0;
+    psa_status_t status;
+    mbedtls_pk_context key;
+    int key_len;
+    /* see ECP_PUB_DER_MAX_BYTES in pkwrite.c */
+    unsigned char buf[30 + 2 * MBEDTLS_ECP_MAX_BYTES];
+    unsigned char *p;
+    mbedtls_pk_info_t pk_info = mbedtls_eckey_info;
+    psa_algorithm_t psa_sig_md = PSA_ALG_ECDSA_ANY;
+    size_t curve_bits;
+    psa_ecc_family_t curve =
+        mbedtls_ecc_group_to_psa(ctx->grp.id, &curve_bits);
+    const size_t signature_part_size = (ctx->grp.nbits + 7) / 8;
+    ((void) md_alg);
+
+    if (curve == 0) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+
+    /* mbedtls_pk_write_pubkey() expects a full PK context;
+     * re-construct one to make it happy */
+    key.pk_info = &pk_info;
+    key.pk_ctx = ctx;
+    p = buf + sizeof(buf);
+    key_len = mbedtls_pk_write_pubkey(&p, buf, &key);
+    if (key_len <= 0) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve));
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH);
+    psa_set_key_algorithm(&attributes, psa_sig_md);
+
+    status = psa_import_key(&attributes,
+                            buf + sizeof(buf) - key_len, key_len,
+                            &key_id);
+    if (status != PSA_SUCCESS) {
+        ret = mbedtls_psa_err_translate_pk(status);
+        goto cleanup;
+    }
+
+    /* We don't need the exported key anymore and can
+     * reuse its buffer for signature extraction. */
+    if (2 * signature_part_size > sizeof(buf)) {
+        ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    p = (unsigned char *) sig;
+    if ((ret = extract_ecdsa_sig(&p, sig + sig_len, buf,
+                                 signature_part_size)) != 0) {
+        goto cleanup;
+    }
+
+    if (psa_verify_hash(key_id, psa_sig_md,
+                        hash, hash_len,
+                        buf, 2 * signature_part_size)
+        != PSA_SUCCESS) {
+        ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
+        goto cleanup;
+    }
+
+    if (p != sig + sig_len) {
+        ret = MBEDTLS_ERR_PK_SIG_LEN_MISMATCH;
+        goto cleanup;
+    }
+    ret = 0;
+
+cleanup:
+    psa_destroy_key(key_id);
+    return ret;
+}
+#else /* MBEDTLS_USE_PSA_CRYPTO */
+static int ecdsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg,
+                             const unsigned char *hash, size_t hash_len,
+                             const unsigned char *sig, size_t sig_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    ((void) md_alg);
+
+    ret = mbedtls_ecdsa_read_signature((mbedtls_ecdsa_context *) ctx,
+                                       hash, hash_len, sig, sig_len);
+
+    if (ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH) {
+        return MBEDTLS_ERR_PK_SIG_LEN_MISMATCH;
+    }
+
+    return ret;
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+static int ecdsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg,
+                           const unsigned char *hash, size_t hash_len,
+                           unsigned char *sig, size_t *sig_len,
+                           int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+    return mbedtls_ecdsa_write_signature((mbedtls_ecdsa_context *) ctx,
+                                         md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng);
+}
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+static int ecdsa_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg,
+                                const unsigned char *hash, size_t hash_len,
+                                const unsigned char *sig, size_t sig_len,
+                                void *rs_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    ((void) md_alg);
+
+    ret = mbedtls_ecdsa_read_signature_restartable(
+        (mbedtls_ecdsa_context *) ctx,
+        hash, hash_len, sig, sig_len,
+        (mbedtls_ecdsa_restart_ctx *) rs_ctx);
+
+    if (ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH) {
+        return MBEDTLS_ERR_PK_SIG_LEN_MISMATCH;
+    }
+
+    return ret;
+}
+
+static int ecdsa_sign_rs_wrap(void *ctx, mbedtls_md_type_t md_alg,
+                              const unsigned char *hash, size_t hash_len,
+                              unsigned char *sig, size_t *sig_len,
+                              int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+                              void *rs_ctx)
+{
+    return mbedtls_ecdsa_write_signature_restartable(
+        (mbedtls_ecdsa_context *) ctx,
+        md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng,
+        (mbedtls_ecdsa_restart_ctx *) rs_ctx);
+
+}
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+static void *ecdsa_alloc_wrap(void)
+{
+    void *ctx = mbedtls_calloc(1, sizeof(mbedtls_ecdsa_context));
+
+    if (ctx != NULL) {
+        mbedtls_ecdsa_init((mbedtls_ecdsa_context *) ctx);
+    }
+
+    return ctx;
+}
+
+static void ecdsa_free_wrap(void *ctx)
+{
+    mbedtls_ecdsa_free((mbedtls_ecdsa_context *) ctx);
+    mbedtls_free(ctx);
+}
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+static void *ecdsa_rs_alloc(void)
+{
+    void *ctx = mbedtls_calloc(1, sizeof(mbedtls_ecdsa_restart_ctx));
+
+    if (ctx != NULL) {
+        mbedtls_ecdsa_restart_init(ctx);
+    }
+
+    return ctx;
+}
+
+static void ecdsa_rs_free(void *ctx)
+{
+    mbedtls_ecdsa_restart_free(ctx);
+    mbedtls_free(ctx);
+}
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+const mbedtls_pk_info_t mbedtls_ecdsa_info = {
+    MBEDTLS_PK_ECDSA,
+    "ECDSA",
+    eckey_get_bitlen,     /* Compatible key structures */
+    ecdsa_can_do,
+    ecdsa_verify_wrap,
+    ecdsa_sign_wrap,
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    ecdsa_verify_rs_wrap,
+    ecdsa_sign_rs_wrap,
+#endif
+    NULL,
+    NULL,
+    eckey_check_pair,   /* Compatible key structures */
+    ecdsa_alloc_wrap,
+    ecdsa_free_wrap,
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    ecdsa_rs_alloc,
+    ecdsa_rs_free,
+#endif
+    eckey_debug,        /* Compatible key structures */
+};
+#endif /* MBEDTLS_ECDSA_C */
+
+#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+/*
+ * Support for alternative RSA-private implementations
+ */
+
+static int rsa_alt_can_do(mbedtls_pk_type_t type)
+{
+    return type == MBEDTLS_PK_RSA;
+}
+
+static size_t rsa_alt_get_bitlen(const void *ctx)
+{
+    const mbedtls_rsa_alt_context *rsa_alt = (const mbedtls_rsa_alt_context *) ctx;
+
+    return 8 * rsa_alt->key_len_func(rsa_alt->key);
+}
+
+static int rsa_alt_sign_wrap(void *ctx, mbedtls_md_type_t md_alg,
+                             const unsigned char *hash, size_t hash_len,
+                             unsigned char *sig, size_t *sig_len,
+                             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+    mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx;
+
+#if SIZE_MAX > UINT_MAX
+    if (UINT_MAX < hash_len) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+#endif /* SIZE_MAX > UINT_MAX */
+
+    *sig_len = rsa_alt->key_len_func(rsa_alt->key);
+    if (*sig_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+
+    return rsa_alt->sign_func(rsa_alt->key, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
+                              md_alg, (unsigned int) hash_len, hash, sig);
+}
+
+static int rsa_alt_decrypt_wrap(void *ctx,
+                                const unsigned char *input, size_t ilen,
+                                unsigned char *output, size_t *olen, size_t osize,
+                                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+    mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx;
+
+    ((void) f_rng);
+    ((void) p_rng);
+
+    if (ilen != rsa_alt->key_len_func(rsa_alt->key)) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    return rsa_alt->decrypt_func(rsa_alt->key,
+                                 MBEDTLS_RSA_PRIVATE, olen, input, output, osize);
+}
+
+#if defined(MBEDTLS_RSA_C)
+static int rsa_alt_check_pair(const void *pub, const void *prv)
+{
+    unsigned char sig[MBEDTLS_MPI_MAX_SIZE];
+    unsigned char hash[32];
+    size_t sig_len = 0;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if (rsa_alt_get_bitlen(prv) != rsa_get_bitlen(pub)) {
+        return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+    }
+
+    memset(hash, 0x2a, sizeof(hash));
+
+    if ((ret = rsa_alt_sign_wrap((void *) prv, MBEDTLS_MD_NONE,
+                                 hash, sizeof(hash),
+                                 sig, &sig_len, NULL, NULL)) != 0) {
+        return ret;
+    }
+
+    if (rsa_verify_wrap((void *) pub, MBEDTLS_MD_NONE,
+                        hash, sizeof(hash), sig, sig_len) != 0) {
+        return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_RSA_C */
+
+static void *rsa_alt_alloc_wrap(void)
+{
+    void *ctx = mbedtls_calloc(1, sizeof(mbedtls_rsa_alt_context));
+
+    if (ctx != NULL) {
+        memset(ctx, 0, sizeof(mbedtls_rsa_alt_context));
+    }
+
+    return ctx;
+}
+
+static void rsa_alt_free_wrap(void *ctx)
+{
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_rsa_alt_context));
+    mbedtls_free(ctx);
+}
+
+const mbedtls_pk_info_t mbedtls_rsa_alt_info = {
+    MBEDTLS_PK_RSA_ALT,
+    "RSA-alt",
+    rsa_alt_get_bitlen,
+    rsa_alt_can_do,
+    NULL,
+    rsa_alt_sign_wrap,
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    NULL,
+    NULL,
+#endif
+    rsa_alt_decrypt_wrap,
+    NULL,
+#if defined(MBEDTLS_RSA_C)
+    rsa_alt_check_pair,
+#else
+    NULL,
+#endif
+    rsa_alt_alloc_wrap,
+    rsa_alt_free_wrap,
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    NULL,
+    NULL,
+#endif
+    NULL,
+};
+
+#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+
+static void *pk_opaque_alloc_wrap(void)
+{
+    void *ctx = mbedtls_calloc(1, sizeof(psa_key_id_t));
+
+    /* no _init() function to call, as calloc() already zeroized */
+
+    return ctx;
+}
+
+static void pk_opaque_free_wrap(void *ctx)
+{
+    mbedtls_platform_zeroize(ctx, sizeof(psa_key_id_t));
+    mbedtls_free(ctx);
+}
+
+static size_t pk_opaque_get_bitlen(const void *ctx)
+{
+    const psa_key_id_t *key = (const psa_key_id_t *) ctx;
+    size_t bits;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    if (PSA_SUCCESS != psa_get_key_attributes(*key, &attributes)) {
+        return 0;
+    }
+
+    bits = psa_get_key_bits(&attributes);
+    psa_reset_key_attributes(&attributes);
+    return bits;
+}
+
+static int pk_opaque_can_do(mbedtls_pk_type_t type)
+{
+    /* For now opaque PSA keys can only wrap ECC keypairs,
+     * as checked by setup_psa().
+     * Also, ECKEY_DH does not really make sense with the current API. */
+    return type == MBEDTLS_PK_ECKEY ||
+           type == MBEDTLS_PK_ECDSA;
+}
+
+#if defined(MBEDTLS_ECDSA_C)
+
+/*
+ * Simultaneously convert and move raw MPI from the beginning of a buffer
+ * to an ASN.1 MPI at the end of the buffer.
+ * See also mbedtls_asn1_write_mpi().
+ *
+ * p: pointer to the end of the output buffer
+ * start: start of the output buffer, and also of the mpi to write at the end
+ * n_len: length of the mpi to read from start
+ */
+static int asn1_write_mpibuf(unsigned char **p, unsigned char *start,
+                             size_t n_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+
+    if ((size_t) (*p - start) < n_len) {
+        return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+    }
+
+    len = n_len;
+    *p -= len;
+    memmove(*p, start, len);
+
+    /* ASN.1 DER encoding requires minimal length, so skip leading 0s.
+     * Neither r nor s should be 0, but as a failsafe measure, still detect
+     * that rather than overflowing the buffer in case of a PSA error. */
+    while (len > 0 && **p == 0x00) {
+        ++(*p);
+        --len;
+    }
+
+    /* this is only reached if the signature was invalid */
+    if (len == 0) {
+        return MBEDTLS_ERR_PK_HW_ACCEL_FAILED;
+    }
+
+    /* if the msb is 1, ASN.1 requires that we prepend a 0.
+     * Neither r nor s can be 0, so we can assume len > 0 at all times. */
+    if (**p & 0x80) {
+        if (*p - start < 1) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
+
+        *--(*p) = 0x00;
+        len += 1;
+    }
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start,
+                                                     MBEDTLS_ASN1_INTEGER));
+
+    return (int) len;
+}
+
+/* Transcode signature from PSA format to ASN.1 sequence.
+ * See ecdsa_signature_to_asn1 in ecdsa.c, but with byte buffers instead of
+ * MPIs, and in-place.
+ *
+ * [in/out] sig: the signature pre- and post-transcoding
+ * [in/out] sig_len: signature length pre- and post-transcoding
+ * [int] buf_len: the available size the in/out buffer
+ */
+static int pk_ecdsa_sig_asn1_from_psa(unsigned char *sig, size_t *sig_len,
+                                      size_t buf_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+    const size_t rs_len = *sig_len / 2;
+    unsigned char *p = sig + buf_len;
+
+    MBEDTLS_ASN1_CHK_ADD(len, asn1_write_mpibuf(&p, sig + rs_len, rs_len));
+    MBEDTLS_ASN1_CHK_ADD(len, asn1_write_mpibuf(&p, sig, rs_len));
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, sig, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, sig,
+                                                     MBEDTLS_ASN1_CONSTRUCTED |
+                                                     MBEDTLS_ASN1_SEQUENCE));
+
+    memmove(sig, p, len);
+    *sig_len = len;
+
+    return 0;
+}
+
+#endif /* MBEDTLS_ECDSA_C */
+
+static int pk_opaque_sign_wrap(void *ctx, mbedtls_md_type_t md_alg,
+                               const unsigned char *hash, size_t hash_len,
+                               unsigned char *sig, size_t *sig_len,
+                               int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+#if !defined(MBEDTLS_ECDSA_C)
+    ((void) ctx);
+    ((void) md_alg);
+    ((void) hash);
+    ((void) hash_len);
+    ((void) sig);
+    ((void) sig_len);
+    ((void) f_rng);
+    ((void) p_rng);
+    return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+#else /* !MBEDTLS_ECDSA_C */
+    const psa_key_id_t *key = (const psa_key_id_t *) ctx;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_algorithm_t alg = PSA_ALG_ECDSA(mbedtls_psa_translate_md(md_alg));
+    size_t buf_len;
+    psa_status_t status;
+
+    /* PSA has its own RNG */
+    (void) f_rng;
+    (void) p_rng;
+
+    /* PSA needs an output buffer of known size, but our API doesn't provide
+     * that information. Assume that the buffer is large enough for a
+     * maximal-length signature with that key (otherwise the application is
+     * buggy anyway). */
+    status = psa_get_key_attributes(*key, &attributes);
+    if (status != PSA_SUCCESS) {
+        return mbedtls_psa_err_translate_pk(status);
+    }
+    buf_len = MBEDTLS_ECDSA_MAX_SIG_LEN(psa_get_key_bits(&attributes));
+    psa_reset_key_attributes(&attributes);
+    if (buf_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE) {
+        return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+    }
+
+    /* make the signature */
+    status = psa_sign_hash(*key, alg, hash, hash_len,
+                           sig, buf_len, sig_len);
+    if (status != PSA_SUCCESS) {
+        return mbedtls_psa_err_translate_pk(status);
+    }
+
+    /* transcode it to ASN.1 sequence */
+    return pk_ecdsa_sig_asn1_from_psa(sig, sig_len, buf_len);
+#endif /* !MBEDTLS_ECDSA_C */
+}
+
+const mbedtls_pk_info_t mbedtls_pk_opaque_info = {
+    MBEDTLS_PK_OPAQUE,
+    "Opaque",
+    pk_opaque_get_bitlen,
+    pk_opaque_can_do,
+    NULL, /* verify - will be done later */
+    pk_opaque_sign_wrap,
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    NULL, /* restartable verify - not relevant */
+    NULL, /* restartable sign - not relevant */
+#endif
+    NULL, /* decrypt - will be done later */
+    NULL, /* encrypt - will be done later */
+    NULL, /* check_pair - could be done later or left NULL */
+    pk_opaque_alloc_wrap,
+    pk_opaque_free_wrap,
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    NULL, /* restart alloc - not relevant */
+    NULL, /* restart free - not relevant */
+#endif
+    NULL, /* debug - could be done later, or even left NULL */
+};
+
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#endif /* MBEDTLS_PK_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/pkcs11.c b/3rdparty/mbedtls-2.28.7/library/pkcs11.c
new file mode 100644
index 0000000..45ea4af
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/pkcs11.c
@@ -0,0 +1,221 @@
+/**
+ * \file pkcs11.c
+ *
+ * \brief Wrapper for PKCS#11 library libpkcs11-helper
+ *
+ * \author Adriaan de Jong <dejong@fox-it.com>
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "mbedtls/pkcs11.h"
+
+#if defined(MBEDTLS_PKCS11_C)
+
+#include "mbedtls/md.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/x509_crt.h"
+
+#include "mbedtls/platform.h"
+
+#include <string.h>
+
+void mbedtls_pkcs11_init(mbedtls_pkcs11_context *ctx)
+{
+    memset(ctx, 0, sizeof(mbedtls_pkcs11_context));
+}
+
+int mbedtls_pkcs11_x509_cert_bind(mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11_cert)
+{
+    int ret = 1;
+    unsigned char *cert_blob = NULL;
+    size_t cert_blob_size = 0;
+
+    if (cert == NULL) {
+        ret = 2;
+        goto cleanup;
+    }
+
+    if (pkcs11h_certificate_getCertificateBlob(pkcs11_cert, NULL,
+                                               &cert_blob_size) != CKR_OK) {
+        ret = 3;
+        goto cleanup;
+    }
+
+    cert_blob = mbedtls_calloc(1, cert_blob_size);
+    if (NULL == cert_blob) {
+        ret = 4;
+        goto cleanup;
+    }
+
+    if (pkcs11h_certificate_getCertificateBlob(pkcs11_cert, cert_blob,
+                                               &cert_blob_size) != CKR_OK) {
+        ret = 5;
+        goto cleanup;
+    }
+
+    if (0 != mbedtls_x509_crt_parse(cert, cert_blob, cert_blob_size)) {
+        ret = 6;
+        goto cleanup;
+    }
+
+    ret = 0;
+
+cleanup:
+    if (NULL != cert_blob) {
+        mbedtls_free(cert_blob);
+    }
+
+    return ret;
+}
+
+
+int mbedtls_pkcs11_priv_key_bind(mbedtls_pkcs11_context *priv_key,
+                                 pkcs11h_certificate_t pkcs11_cert)
+{
+    int ret = 1;
+    mbedtls_x509_crt cert;
+
+    mbedtls_x509_crt_init(&cert);
+
+    if (priv_key == NULL) {
+        goto cleanup;
+    }
+
+    if (0 != mbedtls_pkcs11_x509_cert_bind(&cert, pkcs11_cert)) {
+        goto cleanup;
+    }
+
+    priv_key->len = mbedtls_pk_get_len(&cert.pk);
+    priv_key->pkcs11h_cert = pkcs11_cert;
+
+    ret = 0;
+
+cleanup:
+    mbedtls_x509_crt_free(&cert);
+
+    return ret;
+}
+
+void mbedtls_pkcs11_priv_key_free(mbedtls_pkcs11_context *priv_key)
+{
+    if (NULL != priv_key) {
+        pkcs11h_certificate_freeCertificate(priv_key->pkcs11h_cert);
+    }
+}
+
+int mbedtls_pkcs11_decrypt(mbedtls_pkcs11_context *ctx,
+                           int mode, size_t *olen,
+                           const unsigned char *input,
+                           unsigned char *output,
+                           size_t output_max_len)
+{
+    size_t input_len, output_len;
+
+    if (NULL == ctx) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    if (MBEDTLS_RSA_PRIVATE != mode) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    output_len = input_len = ctx->len;
+
+    if (input_len < 16 || input_len > output_max_len) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    /* Determine size of output buffer */
+    if (pkcs11h_certificate_decryptAny(ctx->pkcs11h_cert, CKM_RSA_PKCS, input,
+                                       input_len, NULL, &output_len) != CKR_OK) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    if (output_len > output_max_len) {
+        return MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE;
+    }
+
+    if (pkcs11h_certificate_decryptAny(ctx->pkcs11h_cert, CKM_RSA_PKCS, input,
+                                       input_len, output, &output_len) != CKR_OK) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+    *olen = output_len;
+    return 0;
+}
+
+int mbedtls_pkcs11_sign(mbedtls_pkcs11_context *ctx,
+                        int mode,
+                        mbedtls_md_type_t md_alg,
+                        unsigned int hashlen,
+                        const unsigned char *hash,
+                        unsigned char *sig)
+{
+    size_t sig_len = 0, asn_len = 0, oid_size = 0;
+    unsigned char *p = sig;
+    const char *oid;
+
+    if (NULL == ctx) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    if (MBEDTLS_RSA_PRIVATE != mode) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    if (md_alg != MBEDTLS_MD_NONE) {
+        const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_alg);
+        if (md_info == NULL) {
+            return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+        }
+
+        if (mbedtls_oid_get_oid_by_md(md_alg, &oid, &oid_size) != 0) {
+            return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+        }
+
+        hashlen = mbedtls_md_get_size(md_info);
+        asn_len = 10 + oid_size;
+    }
+
+    sig_len = ctx->len;
+    if (hashlen > sig_len || asn_len > sig_len ||
+        hashlen + asn_len > sig_len) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    if (md_alg != MBEDTLS_MD_NONE) {
+        /*
+         * DigestInfo ::= SEQUENCE {
+         *   digestAlgorithm DigestAlgorithmIdentifier,
+         *   digest Digest }
+         *
+         * DigestAlgorithmIdentifier ::= AlgorithmIdentifier
+         *
+         * Digest ::= OCTET STRING
+         */
+        *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED;
+        *p++ = (unsigned char) (0x08 + oid_size + hashlen);
+        *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED;
+        *p++ = (unsigned char) (0x04 + oid_size);
+        *p++ = MBEDTLS_ASN1_OID;
+        *p++ = oid_size & 0xFF;
+        memcpy(p, oid, oid_size);
+        p += oid_size;
+        *p++ = MBEDTLS_ASN1_NULL;
+        *p++ = 0x00;
+        *p++ = MBEDTLS_ASN1_OCTET_STRING;
+        *p++ = hashlen;
+    }
+
+    memcpy(p, hash, hashlen);
+
+    if (pkcs11h_certificate_signAny(ctx->pkcs11h_cert, CKM_RSA_PKCS, sig,
+                                    asn_len + hashlen, sig, &sig_len) != CKR_OK) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    return 0;
+}
+
+#endif /* defined(MBEDTLS_PKCS11_C) */
diff --git a/3rdparty/mbedtls-2.28.7/library/pkcs12.c b/3rdparty/mbedtls-2.28.7/library/pkcs12.c
new file mode 100644
index 0000000..7124882
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/pkcs12.c
@@ -0,0 +1,468 @@
+/*
+ *  PKCS#12 Personal Information Exchange Syntax
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  The PKCS #12 Personal Information Exchange Syntax Standard v1.1
+ *
+ *  http://www.rsa.com/rsalabs/pkcs/files/h11301-wp-pkcs-12v1-1-personal-information-exchange-syntax.pdf
+ *  ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1-1.asn
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PKCS12_C)
+
+#include "mbedtls/pkcs12.h"
+#include "mbedtls/asn1.h"
+#include "mbedtls/cipher.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_ARC4_C)
+#include "mbedtls/arc4.h"
+#endif
+
+#if defined(MBEDTLS_DES_C)
+#include "mbedtls/des.h"
+#endif
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+
+static int pkcs12_parse_pbe_params(mbedtls_asn1_buf *params,
+                                   mbedtls_asn1_buf *salt, int *iterations)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char **p = &params->p;
+    const unsigned char *end = params->p + params->len;
+
+    /*
+     *  pkcs-12PbeParams ::= SEQUENCE {
+     *    salt          OCTET STRING,
+     *    iterations    INTEGER
+     *  }
+     *
+     */
+    if (params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT,
+                                 MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
+    }
+
+    if ((ret = mbedtls_asn1_get_tag(p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, ret);
+    }
+
+    salt->p = *p;
+    *p += salt->len;
+
+    if ((ret = mbedtls_asn1_get_int(p, end, iterations)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, ret);
+    }
+
+    if (*p != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    return 0;
+}
+
+#define PKCS12_MAX_PWDLEN 128
+
+static int pkcs12_pbe_derive_key_iv(mbedtls_asn1_buf *pbe_params, mbedtls_md_type_t md_type,
+                                    const unsigned char *pwd,  size_t pwdlen,
+                                    unsigned char *key, size_t keylen,
+                                    unsigned char *iv,  size_t ivlen)
+{
+    int ret, iterations = 0;
+    mbedtls_asn1_buf salt;
+    size_t i;
+    unsigned char unipwd[PKCS12_MAX_PWDLEN * 2 + 2];
+
+    if (pwdlen > PKCS12_MAX_PWDLEN) {
+        return MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA;
+    }
+
+    memset(&salt, 0, sizeof(mbedtls_asn1_buf));
+    memset(&unipwd, 0, sizeof(unipwd));
+
+    if ((ret = pkcs12_parse_pbe_params(pbe_params, &salt,
+                                       &iterations)) != 0) {
+        return ret;
+    }
+
+    for (i = 0; i < pwdlen; i++) {
+        unipwd[i * 2 + 1] = pwd[i];
+    }
+
+    if ((ret = mbedtls_pkcs12_derivation(key, keylen, unipwd, pwdlen * 2 + 2,
+                                         salt.p, salt.len, md_type,
+                                         MBEDTLS_PKCS12_DERIVE_KEY, iterations)) != 0) {
+        return ret;
+    }
+
+    if (iv == NULL || ivlen == 0) {
+        return 0;
+    }
+
+    if ((ret = mbedtls_pkcs12_derivation(iv, ivlen, unipwd, pwdlen * 2 + 2,
+                                         salt.p, salt.len, md_type,
+                                         MBEDTLS_PKCS12_DERIVE_IV, iterations)) != 0) {
+        return ret;
+    }
+    return 0;
+}
+
+#undef PKCS12_MAX_PWDLEN
+
+int mbedtls_pkcs12_pbe_sha1_rc4_128(mbedtls_asn1_buf *pbe_params, int mode,
+                                    const unsigned char *pwd,  size_t pwdlen,
+                                    const unsigned char *data, size_t len,
+                                    unsigned char *output)
+{
+#if !defined(MBEDTLS_ARC4_C)
+    ((void) pbe_params);
+    ((void) mode);
+    ((void) pwd);
+    ((void) pwdlen);
+    ((void) data);
+    ((void) len);
+    ((void) output);
+    return MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE;
+#else
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char key[16];
+    mbedtls_arc4_context ctx;
+    ((void) mode);
+
+    mbedtls_arc4_init(&ctx);
+
+    if ((ret = pkcs12_pbe_derive_key_iv(pbe_params, MBEDTLS_MD_SHA1,
+                                        pwd, pwdlen,
+                                        key, 16, NULL, 0)) != 0) {
+        return ret;
+    }
+
+    mbedtls_arc4_setup(&ctx, key, 16);
+    if ((ret = mbedtls_arc4_crypt(&ctx, len, data, output)) != 0) {
+        goto exit;
+    }
+
+exit:
+    mbedtls_platform_zeroize(key, sizeof(key));
+    mbedtls_arc4_free(&ctx);
+
+    return ret;
+#endif /* MBEDTLS_ARC4_C */
+}
+
+#if !defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+int mbedtls_pkcs12_pbe_ext(mbedtls_asn1_buf *pbe_params, int mode,
+                           mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
+                           const unsigned char *pwd,  size_t pwdlen,
+                           const unsigned char *data, size_t len,
+                           unsigned char *output, size_t output_size,
+                           size_t *output_len);
+#endif
+
+int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode,
+                       mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
+                       const unsigned char *pwd,  size_t pwdlen,
+                       const unsigned char *data, size_t len,
+                       unsigned char *output)
+{
+    size_t output_len = 0;
+
+    /* We assume caller of the function is providing a big enough output buffer
+     * so we pass output_size as SIZE_MAX to pass checks, However, no guarantees
+     * for the output size actually being correct.
+     */
+    return mbedtls_pkcs12_pbe_ext(pbe_params, mode, cipher_type, md_type,
+                                  pwd, pwdlen, data, len, output, SIZE_MAX,
+                                  &output_len);
+}
+
+int mbedtls_pkcs12_pbe_ext(mbedtls_asn1_buf *pbe_params, int mode,
+                           mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
+                           const unsigned char *pwd,  size_t pwdlen,
+                           const unsigned char *data, size_t len,
+                           unsigned char *output, size_t output_size,
+                           size_t *output_len)
+{
+    int ret, keylen = 0;
+    unsigned char key[32];
+    unsigned char iv[16];
+    const mbedtls_cipher_info_t *cipher_info;
+    mbedtls_cipher_context_t cipher_ctx;
+    size_t finish_olen = 0;
+    unsigned int padlen = 0;
+
+    if (pwd == NULL && pwdlen != 0) {
+        return MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA;
+    }
+
+    cipher_info = mbedtls_cipher_info_from_type(cipher_type);
+    if (cipher_info == NULL) {
+        return MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE;
+    }
+
+    keylen = cipher_info->key_bitlen / 8;
+
+    if (mode == MBEDTLS_PKCS12_PBE_DECRYPT) {
+        if (output_size < len) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
+    }
+
+    if (mode == MBEDTLS_PKCS12_PBE_ENCRYPT) {
+        padlen = cipher_info->block_size - (len % cipher_info->block_size);
+        if (output_size < (len + padlen)) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
+    }
+
+    if ((ret = pkcs12_pbe_derive_key_iv(pbe_params, md_type, pwd, pwdlen,
+                                        key, keylen,
+                                        iv, cipher_info->iv_size)) != 0) {
+        return ret;
+    }
+
+    mbedtls_cipher_init(&cipher_ctx);
+
+    if ((ret = mbedtls_cipher_setup(&cipher_ctx, cipher_info)) != 0) {
+        goto exit;
+    }
+
+    if ((ret =
+             mbedtls_cipher_setkey(&cipher_ctx, key, 8 * keylen,
+                                   (mbedtls_operation_t) mode)) != 0) {
+        goto exit;
+    }
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+    /* PKCS12 uses CBC with PKCS7 padding */
+
+    mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7;
+#if !defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+    /* For historical reasons, when decrypting, this function works when
+     * decrypting even when support for PKCS7 padding is disabled. In this
+     * case, it ignores the padding, and so will never report a
+     * password mismatch.
+     */
+    if (mode == MBEDTLS_PKCS12_PBE_DECRYPT) {
+        padding = MBEDTLS_PADDING_NONE;
+    }
+#endif
+    if ((ret = mbedtls_cipher_set_padding_mode(&cipher_ctx, padding)) != 0) {
+        goto exit;
+    }
+#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
+
+    if ((ret = mbedtls_cipher_set_iv(&cipher_ctx, iv, cipher_info->iv_size)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_cipher_reset(&cipher_ctx)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_cipher_update(&cipher_ctx, data, len,
+                                     output, output_len)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_cipher_finish(&cipher_ctx, output + (*output_len), &finish_olen)) != 0) {
+        ret = MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH;
+    }
+
+    *output_len += finish_olen;
+
+exit:
+    mbedtls_platform_zeroize(key, sizeof(key));
+    mbedtls_platform_zeroize(iv,  sizeof(iv));
+    mbedtls_cipher_free(&cipher_ctx);
+
+    return ret;
+}
+
+#endif /* MBEDTLS_ASN1_PARSE_C */
+
+static void pkcs12_fill_buffer(unsigned char *data, size_t data_len,
+                               const unsigned char *filler, size_t fill_len)
+{
+    unsigned char *p = data;
+    size_t use_len;
+
+    if (filler != NULL && fill_len != 0) {
+        while (data_len > 0) {
+            use_len = (data_len > fill_len) ? fill_len : data_len;
+            memcpy(p, filler, use_len);
+            p += use_len;
+            data_len -= use_len;
+        }
+    } else {
+        /* If either of the above are not true then clearly there is nothing
+         * that this function can do. The function should *not* be called
+         * under either of those circumstances, as you could end up with an
+         * incorrect output but for safety's sake, leaving the check in as
+         * otherwise we could end up with memory corruption.*/
+    }
+}
+
+int mbedtls_pkcs12_derivation(unsigned char *data, size_t datalen,
+                              const unsigned char *pwd, size_t pwdlen,
+                              const unsigned char *salt, size_t saltlen,
+                              mbedtls_md_type_t md_type, int id, int iterations)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned int j;
+
+    unsigned char diversifier[128];
+    unsigned char salt_block[128], pwd_block[128], hash_block[128];
+    unsigned char hash_output[MBEDTLS_MD_MAX_SIZE];
+    unsigned char *p;
+    unsigned char c;
+    int           use_password = 0;
+    int           use_salt = 0;
+
+    size_t hlen, use_len, v, i;
+
+    const mbedtls_md_info_t *md_info;
+    mbedtls_md_context_t md_ctx;
+
+    // This version only allows max of 64 bytes of password or salt
+    if (datalen > 128 || pwdlen > 64 || saltlen > 64) {
+        return MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA;
+    }
+
+    if (pwd == NULL && pwdlen != 0) {
+        return MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA;
+    }
+
+    if (salt == NULL && saltlen != 0) {
+        return MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA;
+    }
+
+    use_password = (pwd && pwdlen != 0);
+    use_salt = (salt && saltlen != 0);
+
+    md_info = mbedtls_md_info_from_type(md_type);
+    if (md_info == NULL) {
+        return MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE;
+    }
+
+    mbedtls_md_init(&md_ctx);
+
+    if ((ret = mbedtls_md_setup(&md_ctx, md_info, 0)) != 0) {
+        return ret;
+    }
+    hlen = mbedtls_md_get_size(md_info);
+
+    if (hlen <= 32) {
+        v = 64;
+    } else {
+        v = 128;
+    }
+
+    memset(diversifier, (unsigned char) id, v);
+
+    if (use_salt != 0) {
+        pkcs12_fill_buffer(salt_block, v, salt, saltlen);
+    }
+
+    if (use_password != 0) {
+        pkcs12_fill_buffer(pwd_block,  v, pwd,  pwdlen);
+    }
+
+    p = data;
+    while (datalen > 0) {
+        // Calculate hash( diversifier || salt_block || pwd_block )
+        if ((ret = mbedtls_md_starts(&md_ctx)) != 0) {
+            goto exit;
+        }
+
+        if ((ret = mbedtls_md_update(&md_ctx, diversifier, v)) != 0) {
+            goto exit;
+        }
+
+        if (use_salt != 0) {
+            if ((ret = mbedtls_md_update(&md_ctx, salt_block, v)) != 0) {
+                goto exit;
+            }
+        }
+
+        if (use_password != 0) {
+            if ((ret = mbedtls_md_update(&md_ctx, pwd_block, v)) != 0) {
+                goto exit;
+            }
+        }
+
+        if ((ret = mbedtls_md_finish(&md_ctx, hash_output)) != 0) {
+            goto exit;
+        }
+
+        // Perform remaining ( iterations - 1 ) recursive hash calculations
+        for (i = 1; i < (size_t) iterations; i++) {
+            if ((ret = mbedtls_md(md_info, hash_output, hlen, hash_output)) != 0) {
+                goto exit;
+            }
+        }
+
+        use_len = (datalen > hlen) ? hlen : datalen;
+        memcpy(p, hash_output, use_len);
+        datalen -= use_len;
+        p += use_len;
+
+        if (datalen == 0) {
+            break;
+        }
+
+        // Concatenating copies of hash_output into hash_block (B)
+        pkcs12_fill_buffer(hash_block, v, hash_output, hlen);
+
+        // B += 1
+        for (i = v; i > 0; i--) {
+            if (++hash_block[i - 1] != 0) {
+                break;
+            }
+        }
+
+        if (use_salt != 0) {
+            // salt_block += B
+            c = 0;
+            for (i = v; i > 0; i--) {
+                j = salt_block[i - 1] + hash_block[i - 1] + c;
+                c = MBEDTLS_BYTE_1(j);
+                salt_block[i - 1] = MBEDTLS_BYTE_0(j);
+            }
+        }
+
+        if (use_password != 0) {
+            // pwd_block  += B
+            c = 0;
+            for (i = v; i > 0; i--) {
+                j = pwd_block[i - 1] + hash_block[i - 1] + c;
+                c = MBEDTLS_BYTE_1(j);
+                pwd_block[i - 1] = MBEDTLS_BYTE_0(j);
+            }
+        }
+    }
+
+    ret = 0;
+
+exit:
+    mbedtls_platform_zeroize(salt_block, sizeof(salt_block));
+    mbedtls_platform_zeroize(pwd_block, sizeof(pwd_block));
+    mbedtls_platform_zeroize(hash_block, sizeof(hash_block));
+    mbedtls_platform_zeroize(hash_output, sizeof(hash_output));
+
+    mbedtls_md_free(&md_ctx);
+
+    return ret;
+}
+
+#endif /* MBEDTLS_PKCS12_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/pkcs5.c b/3rdparty/mbedtls-2.28.7/library/pkcs5.c
new file mode 100644
index 0000000..8e5b751
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/pkcs5.c
@@ -0,0 +1,487 @@
+/**
+ * \file pkcs5.c
+ *
+ * \brief PKCS#5 functions
+ *
+ * \author Mathias Olsson <mathias@kompetensum.com>
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ * PKCS#5 includes PBKDF2 and more
+ *
+ * http://tools.ietf.org/html/rfc2898 (Specification)
+ * http://tools.ietf.org/html/rfc6070 (Test vectors)
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PKCS5_C)
+
+#include "mbedtls/pkcs5.h"
+#include "mbedtls/error.h"
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+#include "mbedtls/asn1.h"
+#include "mbedtls/cipher.h"
+#include "mbedtls/oid.h"
+#endif /* MBEDTLS_ASN1_PARSE_C */
+
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+static int pkcs5_parse_pbkdf2_params(const mbedtls_asn1_buf *params,
+                                     mbedtls_asn1_buf *salt, int *iterations,
+                                     int *keylen, mbedtls_md_type_t *md_type)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_asn1_buf prf_alg_oid;
+    unsigned char *p = params->p;
+    const unsigned char *end = params->p + params->len;
+
+    if (params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT,
+                                 MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
+    }
+    /*
+     *  PBKDF2-params ::= SEQUENCE {
+     *    salt              OCTET STRING,
+     *    iterationCount    INTEGER,
+     *    keyLength         INTEGER OPTIONAL
+     *    prf               AlgorithmIdentifier DEFAULT algid-hmacWithSHA1
+     *  }
+     *
+     */
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &salt->len,
+                                    MBEDTLS_ASN1_OCTET_STRING)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret);
+    }
+
+    salt->p = p;
+    p += salt->len;
+
+    if ((ret = mbedtls_asn1_get_int(&p, end, iterations)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret);
+    }
+
+    if (p == end) {
+        return 0;
+    }
+
+    if ((ret = mbedtls_asn1_get_int(&p, end, keylen)) != 0) {
+        if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret);
+        }
+    }
+
+    if (p == end) {
+        return 0;
+    }
+
+    if ((ret = mbedtls_asn1_get_alg_null(&p, end, &prf_alg_oid)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret);
+    }
+
+    if (mbedtls_oid_get_md_hmac(&prf_alg_oid, md_type) != 0) {
+        return MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE;
+    }
+
+    if (p != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+int mbedtls_pkcs5_pbes2_ext(const mbedtls_asn1_buf *pbe_params, int mode,
+                            const unsigned char *pwd,  size_t pwdlen,
+                            const unsigned char *data, size_t datalen,
+                            unsigned char *output, size_t output_size,
+                            size_t *output_len);
+#endif
+
+int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode,
+                        const unsigned char *pwd,  size_t pwdlen,
+                        const unsigned char *data, size_t datalen,
+                        unsigned char *output)
+{
+    size_t output_len = 0;
+
+    /* We assume caller of the function is providing a big enough output buffer
+     * so we pass output_size as SIZE_MAX to pass checks, However, no guarantees
+     * for the output size actually being correct.
+     */
+    return mbedtls_pkcs5_pbes2_ext(pbe_params, mode, pwd, pwdlen, data,
+                                   datalen, output, SIZE_MAX, &output_len);
+}
+
+int mbedtls_pkcs5_pbes2_ext(const mbedtls_asn1_buf *pbe_params, int mode,
+                            const unsigned char *pwd,  size_t pwdlen,
+                            const unsigned char *data, size_t datalen,
+                            unsigned char *output, size_t output_size,
+                            size_t *output_len)
+{
+    int ret, iterations = 0, keylen = 0;
+    unsigned char *p, *end;
+    mbedtls_asn1_buf kdf_alg_oid, enc_scheme_oid, kdf_alg_params, enc_scheme_params;
+    mbedtls_asn1_buf salt;
+    mbedtls_md_type_t md_type = MBEDTLS_MD_SHA1;
+    unsigned char key[32], iv[32];
+    const mbedtls_md_info_t *md_info;
+    const mbedtls_cipher_info_t *cipher_info;
+    mbedtls_md_context_t md_ctx;
+    mbedtls_cipher_type_t cipher_alg;
+    mbedtls_cipher_context_t cipher_ctx;
+    unsigned int padlen = 0;
+
+    p = pbe_params->p;
+    end = p + pbe_params->len;
+
+    /*
+     *  PBES2-params ::= SEQUENCE {
+     *    keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}},
+     *    encryptionScheme AlgorithmIdentifier {{PBES2-Encs}}
+     *  }
+     */
+    if (pbe_params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT,
+                                 MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
+    }
+
+    if ((ret = mbedtls_asn1_get_alg(&p, end, &kdf_alg_oid,
+                                    &kdf_alg_params)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret);
+    }
+
+    // Only PBKDF2 supported at the moment
+    //
+    if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS5_PBKDF2, &kdf_alg_oid) != 0) {
+        return MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE;
+    }
+
+    if ((ret = pkcs5_parse_pbkdf2_params(&kdf_alg_params,
+                                         &salt, &iterations, &keylen,
+                                         &md_type)) != 0) {
+        return ret;
+    }
+
+    md_info = mbedtls_md_info_from_type(md_type);
+    if (md_info == NULL) {
+        return MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE;
+    }
+
+    if ((ret = mbedtls_asn1_get_alg(&p, end, &enc_scheme_oid,
+                                    &enc_scheme_params)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret);
+    }
+
+    if (mbedtls_oid_get_cipher_alg(&enc_scheme_oid, &cipher_alg) != 0) {
+        return MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE;
+    }
+
+    cipher_info = mbedtls_cipher_info_from_type(cipher_alg);
+    if (cipher_info == NULL) {
+        return MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE;
+    }
+
+    /*
+     * The value of keylen from pkcs5_parse_pbkdf2_params() is ignored
+     * since it is optional and we don't know if it was set or not
+     */
+    keylen = cipher_info->key_bitlen / 8;
+
+    if (enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING ||
+        enc_scheme_params.len != cipher_info->iv_size) {
+        return MBEDTLS_ERR_PKCS5_INVALID_FORMAT;
+    }
+
+    if (mode == MBEDTLS_PKCS5_DECRYPT) {
+        if (output_size < datalen) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
+    }
+
+    if (mode == MBEDTLS_PKCS5_ENCRYPT) {
+        padlen = cipher_info->block_size - (datalen % cipher_info->block_size);
+        if (output_size < (datalen + padlen)) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
+    }
+
+    mbedtls_md_init(&md_ctx);
+
+    mbedtls_cipher_init(&cipher_ctx);
+
+    memcpy(iv, enc_scheme_params.p, enc_scheme_params.len);
+
+    if ((ret = mbedtls_md_setup(&md_ctx, md_info, 1)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_pkcs5_pbkdf2_hmac(&md_ctx, pwd, pwdlen, salt.p, salt.len,
+                                         iterations, keylen, key)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_cipher_setup(&cipher_ctx, cipher_info)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_cipher_setkey(&cipher_ctx, key, 8 * keylen,
+                                     (mbedtls_operation_t) mode)) != 0) {
+        goto exit;
+    }
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+    /* PKCS5 uses CBC with PKCS7 padding (which is the same as
+     * "PKCS5 padding" except that it's typically only called PKCS5
+     * with 64-bit-block ciphers).
+     */
+    mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7;
+#if !defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+    /* For historical reasons, when decrypting, this function works when
+     * decrypting even when support for PKCS7 padding is disabled. In this
+     * case, it ignores the padding, and so will never report a
+     * password mismatch.
+     */
+    if (mode == MBEDTLS_DECRYPT) {
+        padding = MBEDTLS_PADDING_NONE;
+    }
+#endif
+    if ((ret = mbedtls_cipher_set_padding_mode(&cipher_ctx, padding)) != 0) {
+        goto exit;
+    }
+#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
+    if ((ret = mbedtls_cipher_crypt(&cipher_ctx, iv, enc_scheme_params.len,
+                                    data, datalen, output, output_len)) != 0) {
+        ret = MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH;
+    }
+
+exit:
+    mbedtls_md_free(&md_ctx);
+    mbedtls_cipher_free(&cipher_ctx);
+
+    return ret;
+}
+#endif /* MBEDTLS_ASN1_PARSE_C */
+
+int mbedtls_pkcs5_pbkdf2_hmac(mbedtls_md_context_t *ctx,
+                              const unsigned char *password,
+                              size_t plen, const unsigned char *salt, size_t slen,
+                              unsigned int iteration_count,
+                              uint32_t key_length, unsigned char *output)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    int j;
+    unsigned int i;
+    unsigned char md1[MBEDTLS_MD_MAX_SIZE];
+    unsigned char work[MBEDTLS_MD_MAX_SIZE];
+    unsigned char md_size = mbedtls_md_get_size(ctx->md_info);
+    size_t use_len;
+    unsigned char *out_p = output;
+    unsigned char counter[4];
+
+    memset(counter, 0, 4);
+    counter[3] = 1;
+
+#if UINT_MAX > 0xFFFFFFFF
+    if (iteration_count > 0xFFFFFFFF) {
+        return MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA;
+    }
+#endif
+
+    if ((ret = mbedtls_md_hmac_starts(ctx, password, plen)) != 0) {
+        return ret;
+    }
+    while (key_length) {
+        // U1 ends up in work
+        //
+        if ((ret = mbedtls_md_hmac_update(ctx, salt, slen)) != 0) {
+            goto cleanup;
+        }
+
+        if ((ret = mbedtls_md_hmac_update(ctx, counter, 4)) != 0) {
+            goto cleanup;
+        }
+
+        if ((ret = mbedtls_md_hmac_finish(ctx, work)) != 0) {
+            goto cleanup;
+        }
+
+        if ((ret = mbedtls_md_hmac_reset(ctx)) != 0) {
+            goto cleanup;
+        }
+
+        memcpy(md1, work, md_size);
+
+        for (i = 1; i < iteration_count; i++) {
+            // U2 ends up in md1
+            //
+            if ((ret = mbedtls_md_hmac_update(ctx, md1, md_size)) != 0) {
+                goto cleanup;
+            }
+
+            if ((ret = mbedtls_md_hmac_finish(ctx, md1)) != 0) {
+                goto cleanup;
+            }
+
+            if ((ret = mbedtls_md_hmac_reset(ctx)) != 0) {
+                goto cleanup;
+            }
+
+            // U1 xor U2
+            //
+            for (j = 0; j < md_size; j++) {
+                work[j] ^= md1[j];
+            }
+        }
+
+        use_len = (key_length < md_size) ? key_length : md_size;
+        memcpy(out_p, work, use_len);
+
+        key_length -= (uint32_t) use_len;
+        out_p += use_len;
+
+        for (i = 4; i > 0; i--) {
+            if (++counter[i - 1] != 0) {
+                break;
+            }
+        }
+    }
+
+cleanup:
+    /* Zeroise buffers to clear sensitive data from memory. */
+    mbedtls_platform_zeroize(work, MBEDTLS_MD_MAX_SIZE);
+    mbedtls_platform_zeroize(md1, MBEDTLS_MD_MAX_SIZE);
+
+    return ret;
+}
+
+#if defined(MBEDTLS_SELF_TEST)
+
+#if !defined(MBEDTLS_SHA1_C)
+int mbedtls_pkcs5_self_test(int verbose)
+{
+    if (verbose != 0) {
+        mbedtls_printf("  PBKDF2 (SHA1): skipped\n\n");
+    }
+
+    return 0;
+}
+#else
+
+#define MAX_TESTS   6
+
+static const size_t plen_test_data[MAX_TESTS] =
+{ 8, 8, 8, 24, 9 };
+
+static const unsigned char password_test_data[MAX_TESTS][32] =
+{
+    "password",
+    "password",
+    "password",
+    "passwordPASSWORDpassword",
+    "pass\0word",
+};
+
+static const size_t slen_test_data[MAX_TESTS] =
+{ 4, 4, 4, 36, 5 };
+
+static const unsigned char salt_test_data[MAX_TESTS][40] =
+{
+    "salt",
+    "salt",
+    "salt",
+    "saltSALTsaltSALTsaltSALTsaltSALTsalt",
+    "sa\0lt",
+};
+
+static const uint32_t it_cnt_test_data[MAX_TESTS] =
+{ 1, 2, 4096, 4096, 4096 };
+
+static const uint32_t key_len_test_data[MAX_TESTS] =
+{ 20, 20, 20, 25, 16 };
+
+static const unsigned char result_key_test_data[MAX_TESTS][32] =
+{
+    { 0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71,
+      0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06,
+      0x2f, 0xe0, 0x37, 0xa6 },
+    { 0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c,
+      0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0,
+      0xd8, 0xde, 0x89, 0x57 },
+    { 0x4b, 0x00, 0x79, 0x01, 0xb7, 0x65, 0x48, 0x9a,
+      0xbe, 0xad, 0x49, 0xd9, 0x26, 0xf7, 0x21, 0xd0,
+      0x65, 0xa4, 0x29, 0xc1 },
+    { 0x3d, 0x2e, 0xec, 0x4f, 0xe4, 0x1c, 0x84, 0x9b,
+      0x80, 0xc8, 0xd8, 0x36, 0x62, 0xc0, 0xe4, 0x4a,
+      0x8b, 0x29, 0x1a, 0x96, 0x4c, 0xf2, 0xf0, 0x70,
+      0x38 },
+    { 0x56, 0xfa, 0x6a, 0xa7, 0x55, 0x48, 0x09, 0x9d,
+      0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3 },
+};
+
+int mbedtls_pkcs5_self_test(int verbose)
+{
+    mbedtls_md_context_t sha1_ctx;
+    const mbedtls_md_info_t *info_sha1;
+    int ret, i;
+    unsigned char key[64];
+
+    mbedtls_md_init(&sha1_ctx);
+
+    info_sha1 = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1);
+    if (info_sha1 == NULL) {
+        ret = 1;
+        goto exit;
+    }
+
+    if ((ret = mbedtls_md_setup(&sha1_ctx, info_sha1, 1)) != 0) {
+        ret = 1;
+        goto exit;
+    }
+
+    for (i = 0; i < MAX_TESTS; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  PBKDF2 (SHA1) #%d: ", i);
+        }
+
+        ret = mbedtls_pkcs5_pbkdf2_hmac(&sha1_ctx, password_test_data[i],
+                                        plen_test_data[i], salt_test_data[i],
+                                        slen_test_data[i], it_cnt_test_data[i],
+                                        key_len_test_data[i], key);
+        if (ret != 0 ||
+            memcmp(result_key_test_data[i], key, key_len_test_data[i]) != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
+
+            ret = 1;
+            goto exit;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+exit:
+    mbedtls_md_free(&sha1_ctx);
+
+    return ret;
+}
+#endif /* MBEDTLS_SHA1_C */
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_PKCS5_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/pkparse.c b/3rdparty/mbedtls-2.28.7/library/pkparse.c
new file mode 100644
index 0000000..37d5016
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/pkparse.c
@@ -0,0 +1,1537 @@
+/*
+ *  Public Key layer for parsing key files and structures
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PK_PARSE_C)
+
+#include "mbedtls/pk.h"
+#include "mbedtls/asn1.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_RSA_C)
+#include "mbedtls/rsa.h"
+#endif
+#if defined(MBEDTLS_ECP_C)
+#include "mbedtls/ecp.h"
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+#include "mbedtls/ecdsa.h"
+#endif
+#if defined(MBEDTLS_PEM_PARSE_C)
+#include "mbedtls/pem.h"
+#endif
+#if defined(MBEDTLS_PKCS5_C)
+#include "mbedtls/pkcs5.h"
+#endif
+#if defined(MBEDTLS_PKCS12_C)
+#include "mbedtls/pkcs12.h"
+#endif
+
+#include "mbedtls/platform.h"
+
+/* Parameter validation macros based on platform_util.h */
+#define PK_VALIDATE_RET(cond)    \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA)
+#define PK_VALIDATE(cond)        \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+#if defined(MBEDTLS_FS_IO)
+/*
+ * Load all data from a file into a given buffer.
+ *
+ * The file is expected to contain either PEM or DER encoded data.
+ * A terminating null byte is always appended. It is included in the announced
+ * length only if the data looks like it is PEM encoded.
+ */
+int mbedtls_pk_load_file(const char *path, unsigned char **buf, size_t *n)
+{
+    FILE *f;
+    long size;
+
+    PK_VALIDATE_RET(path != NULL);
+    PK_VALIDATE_RET(buf != NULL);
+    PK_VALIDATE_RET(n != NULL);
+
+    if ((f = fopen(path, "rb")) == NULL) {
+        return MBEDTLS_ERR_PK_FILE_IO_ERROR;
+    }
+
+    fseek(f, 0, SEEK_END);
+    if ((size = ftell(f)) == -1) {
+        fclose(f);
+        return MBEDTLS_ERR_PK_FILE_IO_ERROR;
+    }
+    fseek(f, 0, SEEK_SET);
+
+    *n = (size_t) size;
+
+    if (*n + 1 == 0 ||
+        (*buf = mbedtls_calloc(1, *n + 1)) == NULL) {
+        fclose(f);
+        return MBEDTLS_ERR_PK_ALLOC_FAILED;
+    }
+
+    if (fread(*buf, 1, *n, f) != *n) {
+        fclose(f);
+
+        mbedtls_platform_zeroize(*buf, *n);
+        mbedtls_free(*buf);
+
+        return MBEDTLS_ERR_PK_FILE_IO_ERROR;
+    }
+
+    fclose(f);
+
+    (*buf)[*n] = '\0';
+
+    if (strstr((const char *) *buf, "-----BEGIN ") != NULL) {
+        ++*n;
+    }
+
+    return 0;
+}
+
+/*
+ * Load and parse a private key
+ */
+int mbedtls_pk_parse_keyfile(mbedtls_pk_context *ctx,
+                             const char *path, const char *pwd)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t n;
+    unsigned char *buf;
+
+    PK_VALIDATE_RET(ctx != NULL);
+    PK_VALIDATE_RET(path != NULL);
+
+    if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) {
+        return ret;
+    }
+
+    if (pwd == NULL) {
+        ret = mbedtls_pk_parse_key(ctx, buf, n, NULL, 0);
+    } else {
+        ret = mbedtls_pk_parse_key(ctx, buf, n,
+                                   (const unsigned char *) pwd, strlen(pwd));
+    }
+
+    mbedtls_platform_zeroize(buf, n);
+    mbedtls_free(buf);
+
+    return ret;
+}
+
+/*
+ * Load and parse a public key
+ */
+int mbedtls_pk_parse_public_keyfile(mbedtls_pk_context *ctx, const char *path)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t n;
+    unsigned char *buf;
+
+    PK_VALIDATE_RET(ctx != NULL);
+    PK_VALIDATE_RET(path != NULL);
+
+    if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) {
+        return ret;
+    }
+
+    ret = mbedtls_pk_parse_public_key(ctx, buf, n);
+
+    mbedtls_platform_zeroize(buf, n);
+    mbedtls_free(buf);
+
+    return ret;
+}
+#endif /* MBEDTLS_FS_IO */
+
+#if defined(MBEDTLS_ECP_C)
+/* Minimally parse an ECParameters buffer to and mbedtls_asn1_buf
+ *
+ * ECParameters ::= CHOICE {
+ *   namedCurve         OBJECT IDENTIFIER
+ *   specifiedCurve     SpecifiedECDomain -- = SEQUENCE { ... }
+ *   -- implicitCurve   NULL
+ * }
+ */
+static int pk_get_ecparams(unsigned char **p, const unsigned char *end,
+                           mbedtls_asn1_buf *params)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if (end - *p < 1) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT,
+                                 MBEDTLS_ERR_ASN1_OUT_OF_DATA);
+    }
+
+    /* Tag may be either OID or SEQUENCE */
+    params->tag = **p;
+    if (params->tag != MBEDTLS_ASN1_OID
+#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED)
+        && params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)
+#endif
+        ) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT,
+                                 MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
+    }
+
+    if ((ret = mbedtls_asn1_get_tag(p, end, &params->len, params->tag)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    params->p = *p;
+    *p += params->len;
+
+    if (*p != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    return 0;
+}
+
+#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED)
+/*
+ * Parse a SpecifiedECDomain (SEC 1 C.2) and (mostly) fill the group with it.
+ * WARNING: the resulting group should only be used with
+ * pk_group_id_from_specified(), since its base point may not be set correctly
+ * if it was encoded compressed.
+ *
+ *  SpecifiedECDomain ::= SEQUENCE {
+ *      version SpecifiedECDomainVersion(ecdpVer1 | ecdpVer2 | ecdpVer3, ...),
+ *      fieldID FieldID {{FieldTypes}},
+ *      curve Curve,
+ *      base ECPoint,
+ *      order INTEGER,
+ *      cofactor INTEGER OPTIONAL,
+ *      hash HashAlgorithm OPTIONAL,
+ *      ...
+ *  }
+ *
+ * We only support prime-field as field type, and ignore hash and cofactor.
+ */
+static int pk_group_from_specified(const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *p = params->p;
+    const unsigned char * const end = params->p + params->len;
+    const unsigned char *end_field, *end_curve;
+    size_t len;
+    int ver;
+
+    /* SpecifiedECDomainVersion ::= INTEGER { 1, 2, 3 } */
+    if ((ret = mbedtls_asn1_get_int(&p, end, &ver)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    if (ver < 1 || ver > 3) {
+        return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
+    }
+
+    /*
+     * FieldID { FIELD-ID:IOSet } ::= SEQUENCE { -- Finite field
+     *       fieldType FIELD-ID.&id({IOSet}),
+     *       parameters FIELD-ID.&Type({IOSet}{@fieldType})
+     * }
+     */
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        return ret;
+    }
+
+    end_field = p + len;
+
+    /*
+     * FIELD-ID ::= TYPE-IDENTIFIER
+     * FieldTypes FIELD-ID ::= {
+     *       { Prime-p IDENTIFIED BY prime-field } |
+     *       { Characteristic-two IDENTIFIED BY characteristic-two-field }
+     * }
+     * prime-field OBJECT IDENTIFIER ::= { id-fieldType 1 }
+     */
+    if ((ret = mbedtls_asn1_get_tag(&p, end_field, &len, MBEDTLS_ASN1_OID)) != 0) {
+        return ret;
+    }
+
+    if (len != MBEDTLS_OID_SIZE(MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD) ||
+        memcmp(p, MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD, len) != 0) {
+        return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+    }
+
+    p += len;
+
+    /* Prime-p ::= INTEGER -- Field of size p. */
+    if ((ret = mbedtls_asn1_get_mpi(&p, end_field, &grp->P)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    grp->pbits = mbedtls_mpi_bitlen(&grp->P);
+
+    if (p != end_field) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    /*
+     * Curve ::= SEQUENCE {
+     *       a FieldElement,
+     *       b FieldElement,
+     *       seed BIT STRING OPTIONAL
+     *       -- Shall be present if used in SpecifiedECDomain
+     *       -- with version equal to ecdpVer2 or ecdpVer3
+     * }
+     */
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        return ret;
+    }
+
+    end_curve = p + len;
+
+    /*
+     * FieldElement ::= OCTET STRING
+     * containing an integer in the case of a prime field
+     */
+    if ((ret = mbedtls_asn1_get_tag(&p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING)) != 0 ||
+        (ret = mbedtls_mpi_read_binary(&grp->A, p, len)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    p += len;
+
+    if ((ret = mbedtls_asn1_get_tag(&p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING)) != 0 ||
+        (ret = mbedtls_mpi_read_binary(&grp->B, p, len)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    p += len;
+
+    /* Ignore seed BIT STRING OPTIONAL */
+    if ((ret = mbedtls_asn1_get_tag(&p, end_curve, &len, MBEDTLS_ASN1_BIT_STRING)) == 0) {
+        p += len;
+    }
+
+    if (p != end_curve) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    /*
+     * ECPoint ::= OCTET STRING
+     */
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    if ((ret = mbedtls_ecp_point_read_binary(grp, &grp->G,
+                                             (const unsigned char *) p, len)) != 0) {
+        /*
+         * If we can't read the point because it's compressed, cheat by
+         * reading only the X coordinate and the parity bit of Y.
+         */
+        if (ret != MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ||
+            (p[0] != 0x02 && p[0] != 0x03) ||
+            len != mbedtls_mpi_size(&grp->P) + 1 ||
+            mbedtls_mpi_read_binary(&grp->G.X, p + 1, len - 1) != 0 ||
+            mbedtls_mpi_lset(&grp->G.Y, p[0] - 2) != 0 ||
+            mbedtls_mpi_lset(&grp->G.Z, 1) != 0) {
+            return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
+        }
+    }
+
+    p += len;
+
+    /*
+     * order INTEGER
+     */
+    if ((ret = mbedtls_asn1_get_mpi(&p, end, &grp->N)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    grp->nbits = mbedtls_mpi_bitlen(&grp->N);
+
+    /*
+     * Allow optional elements by purposefully not enforcing p == end here.
+     */
+
+    return 0;
+}
+
+/*
+ * Find the group id associated with an (almost filled) group as generated by
+ * pk_group_from_specified(), or return an error if unknown.
+ */
+static int pk_group_id_from_group(const mbedtls_ecp_group *grp, mbedtls_ecp_group_id *grp_id)
+{
+    int ret = 0;
+    mbedtls_ecp_group ref;
+    const mbedtls_ecp_group_id *id;
+
+    mbedtls_ecp_group_init(&ref);
+
+    for (id = mbedtls_ecp_grp_id_list(); *id != MBEDTLS_ECP_DP_NONE; id++) {
+        /* Load the group associated to that id */
+        mbedtls_ecp_group_free(&ref);
+        MBEDTLS_MPI_CHK(mbedtls_ecp_group_load(&ref, *id));
+
+        /* Compare to the group we were given, starting with easy tests */
+        if (grp->pbits == ref.pbits && grp->nbits == ref.nbits &&
+            mbedtls_mpi_cmp_mpi(&grp->P, &ref.P) == 0 &&
+            mbedtls_mpi_cmp_mpi(&grp->A, &ref.A) == 0 &&
+            mbedtls_mpi_cmp_mpi(&grp->B, &ref.B) == 0 &&
+            mbedtls_mpi_cmp_mpi(&grp->N, &ref.N) == 0 &&
+            mbedtls_mpi_cmp_mpi(&grp->G.X, &ref.G.X) == 0 &&
+            mbedtls_mpi_cmp_mpi(&grp->G.Z, &ref.G.Z) == 0 &&
+            /* For Y we may only know the parity bit, so compare only that */
+            mbedtls_mpi_get_bit(&grp->G.Y, 0) == mbedtls_mpi_get_bit(&ref.G.Y, 0)) {
+            break;
+        }
+
+    }
+
+cleanup:
+    mbedtls_ecp_group_free(&ref);
+
+    *grp_id = *id;
+
+    if (ret == 0 && *id == MBEDTLS_ECP_DP_NONE) {
+        ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+    }
+
+    return ret;
+}
+
+/*
+ * Parse a SpecifiedECDomain (SEC 1 C.2) and find the associated group ID
+ */
+static int pk_group_id_from_specified(const mbedtls_asn1_buf *params,
+                                      mbedtls_ecp_group_id *grp_id)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ecp_group grp;
+
+    mbedtls_ecp_group_init(&grp);
+
+    if ((ret = pk_group_from_specified(params, &grp)) != 0) {
+        goto cleanup;
+    }
+
+    ret = pk_group_id_from_group(&grp, grp_id);
+
+cleanup:
+    mbedtls_ecp_group_free(&grp);
+
+    return ret;
+}
+#endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */
+
+/*
+ * Use EC parameters to initialise an EC group
+ *
+ * ECParameters ::= CHOICE {
+ *   namedCurve         OBJECT IDENTIFIER
+ *   specifiedCurve     SpecifiedECDomain -- = SEQUENCE { ... }
+ *   -- implicitCurve   NULL
+ */
+static int pk_use_ecparams(const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ecp_group_id grp_id;
+
+    if (params->tag == MBEDTLS_ASN1_OID) {
+        if (mbedtls_oid_get_ec_grp(params, &grp_id) != 0) {
+            return MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE;
+        }
+    } else {
+#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED)
+        if ((ret = pk_group_id_from_specified(params, &grp_id)) != 0) {
+            return ret;
+        }
+#else
+        return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
+#endif
+    }
+
+    /*
+     * grp may already be initialized; if so, make sure IDs match
+     */
+    if (grp->id != MBEDTLS_ECP_DP_NONE && grp->id != grp_id) {
+        return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
+    }
+
+    if ((ret = mbedtls_ecp_group_load(grp, grp_id)) != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+
+/*
+ * EC public key is an EC point
+ *
+ * The caller is responsible for clearing the structure upon failure if
+ * desired. Take care to pass along the possible ECP_FEATURE_UNAVAILABLE
+ * return code of mbedtls_ecp_point_read_binary() and leave p in a usable state.
+ */
+static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end,
+                           mbedtls_ecp_keypair *key)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if ((ret = mbedtls_ecp_point_read_binary(&key->grp, &key->Q,
+                                             (const unsigned char *) *p, end - *p)) == 0) {
+        ret = mbedtls_ecp_check_pubkey(&key->grp, &key->Q);
+    }
+
+    /*
+     * We know mbedtls_ecp_point_read_binary consumed all bytes or failed
+     */
+    *p = (unsigned char *) end;
+
+    return ret;
+}
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_RSA_C)
+/*
+ *  RSAPublicKey ::= SEQUENCE {
+ *      modulus           INTEGER,  -- n
+ *      publicExponent    INTEGER   -- e
+ *  }
+ */
+static int pk_get_rsapubkey(unsigned char **p,
+                            const unsigned char *end,
+                            mbedtls_rsa_context *rsa)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret);
+    }
+
+    if (*p + len != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    /* Import N */
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret);
+    }
+
+    if ((ret = mbedtls_rsa_import_raw(rsa, *p, len, NULL, 0, NULL, 0,
+                                      NULL, 0, NULL, 0)) != 0) {
+        return MBEDTLS_ERR_PK_INVALID_PUBKEY;
+    }
+
+    *p += len;
+
+    /* Import E */
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret);
+    }
+
+    if ((ret = mbedtls_rsa_import_raw(rsa, NULL, 0, NULL, 0, NULL, 0,
+                                      NULL, 0, *p, len)) != 0) {
+        return MBEDTLS_ERR_PK_INVALID_PUBKEY;
+    }
+
+    *p += len;
+
+    if (mbedtls_rsa_complete(rsa) != 0 ||
+        mbedtls_rsa_check_pubkey(rsa) != 0) {
+        return MBEDTLS_ERR_PK_INVALID_PUBKEY;
+    }
+
+    if (*p != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_RSA_C */
+
+/* Get a PK algorithm identifier
+ *
+ *  AlgorithmIdentifier  ::=  SEQUENCE  {
+ *       algorithm               OBJECT IDENTIFIER,
+ *       parameters              ANY DEFINED BY algorithm OPTIONAL  }
+ */
+static int pk_get_pk_alg(unsigned char **p,
+                         const unsigned char *end,
+                         mbedtls_pk_type_t *pk_alg, mbedtls_asn1_buf *params)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_asn1_buf alg_oid;
+
+    memset(params, 0, sizeof(mbedtls_asn1_buf));
+
+    if ((ret = mbedtls_asn1_get_alg(p, end, &alg_oid, params)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_ALG, ret);
+    }
+
+    if (mbedtls_oid_get_pk_alg(&alg_oid, pk_alg) != 0) {
+        return MBEDTLS_ERR_PK_UNKNOWN_PK_ALG;
+    }
+
+    /*
+     * No parameters with RSA (only for EC)
+     */
+    if (*pk_alg == MBEDTLS_PK_RSA &&
+        ((params->tag != MBEDTLS_ASN1_NULL && params->tag != 0) ||
+         params->len != 0)) {
+        return MBEDTLS_ERR_PK_INVALID_ALG;
+    }
+
+    return 0;
+}
+
+/*
+ *  SubjectPublicKeyInfo  ::=  SEQUENCE  {
+ *       algorithm            AlgorithmIdentifier,
+ *       subjectPublicKey     BIT STRING }
+ */
+int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end,
+                               mbedtls_pk_context *pk)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+    mbedtls_asn1_buf alg_params;
+    mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE;
+    const mbedtls_pk_info_t *pk_info;
+
+    PK_VALIDATE_RET(p != NULL);
+    PK_VALIDATE_RET(*p != NULL);
+    PK_VALIDATE_RET(end != NULL);
+    PK_VALIDATE_RET(pk != NULL);
+
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    end = *p + len;
+
+    if ((ret = pk_get_pk_alg(p, end, &pk_alg, &alg_params)) != 0) {
+        return ret;
+    }
+
+    if ((ret = mbedtls_asn1_get_bitstring_null(p, end, &len)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret);
+    }
+
+    if (*p + len != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    if ((pk_info = mbedtls_pk_info_from_type(pk_alg)) == NULL) {
+        return MBEDTLS_ERR_PK_UNKNOWN_PK_ALG;
+    }
+
+    if ((ret = mbedtls_pk_setup(pk, pk_info)) != 0) {
+        return ret;
+    }
+
+#if defined(MBEDTLS_RSA_C)
+    if (pk_alg == MBEDTLS_PK_RSA) {
+        ret = pk_get_rsapubkey(p, end, mbedtls_pk_rsa(*pk));
+    } else
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECP_C)
+    if (pk_alg == MBEDTLS_PK_ECKEY_DH || pk_alg == MBEDTLS_PK_ECKEY) {
+        ret = pk_use_ecparams(&alg_params, &mbedtls_pk_ec(*pk)->grp);
+        if (ret == 0) {
+            ret = pk_get_ecpubkey(p, end, mbedtls_pk_ec(*pk));
+        }
+    } else
+#endif /* MBEDTLS_ECP_C */
+    ret = MBEDTLS_ERR_PK_UNKNOWN_PK_ALG;
+
+    if (ret == 0 && *p != end) {
+        ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY,
+                                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    if (ret != 0) {
+        mbedtls_pk_free(pk);
+    }
+
+    return ret;
+}
+
+#if defined(MBEDTLS_RSA_C)
+/*
+ * Wrapper around mbedtls_asn1_get_mpi() that rejects zero.
+ *
+ * The value zero is:
+ * - never a valid value for an RSA parameter
+ * - interpreted as "omitted, please reconstruct" by mbedtls_rsa_complete().
+ *
+ * Since values can't be omitted in PKCS#1, passing a zero value to
+ * rsa_complete() would be incorrect, so reject zero values early.
+ */
+static int asn1_get_nonzero_mpi(unsigned char **p,
+                                const unsigned char *end,
+                                mbedtls_mpi *X)
+{
+    int ret;
+
+    ret = mbedtls_asn1_get_mpi(p, end, X);
+    if (ret != 0) {
+        return ret;
+    }
+
+    if (mbedtls_mpi_cmp_int(X, 0) == 0) {
+        return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
+    }
+
+    return 0;
+}
+
+/*
+ * Parse a PKCS#1 encoded private RSA key
+ */
+static int pk_parse_key_pkcs1_der(mbedtls_rsa_context *rsa,
+                                  const unsigned char *key,
+                                  size_t keylen)
+{
+    int ret, version;
+    size_t len;
+    unsigned char *p, *end;
+
+    mbedtls_mpi T;
+    mbedtls_mpi_init(&T);
+
+    p = (unsigned char *) key;
+    end = p + keylen;
+
+    /*
+     * This function parses the RSAPrivateKey (PKCS#1)
+     *
+     *  RSAPrivateKey ::= SEQUENCE {
+     *      version           Version,
+     *      modulus           INTEGER,  -- n
+     *      publicExponent    INTEGER,  -- e
+     *      privateExponent   INTEGER,  -- d
+     *      prime1            INTEGER,  -- p
+     *      prime2            INTEGER,  -- q
+     *      exponent1         INTEGER,  -- d mod (p-1)
+     *      exponent2         INTEGER,  -- d mod (q-1)
+     *      coefficient       INTEGER,  -- (inverse of q) mod p
+     *      otherPrimeInfos   OtherPrimeInfos OPTIONAL
+     *  }
+     */
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    end = p + len;
+
+    if ((ret = mbedtls_asn1_get_int(&p, end, &version)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    if (version != 0) {
+        return MBEDTLS_ERR_PK_KEY_INVALID_VERSION;
+    }
+
+    /* Import N */
+    if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 ||
+        (ret = mbedtls_rsa_import(rsa, &T, NULL, NULL,
+                                  NULL, NULL)) != 0) {
+        goto cleanup;
+    }
+
+    /* Import E */
+    if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 ||
+        (ret = mbedtls_rsa_import(rsa, NULL, NULL, NULL,
+                                  NULL, &T)) != 0) {
+        goto cleanup;
+    }
+
+    /* Import D */
+    if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 ||
+        (ret = mbedtls_rsa_import(rsa, NULL, NULL, NULL,
+                                  &T, NULL)) != 0) {
+        goto cleanup;
+    }
+
+    /* Import P */
+    if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 ||
+        (ret = mbedtls_rsa_import(rsa, NULL, &T, NULL,
+                                  NULL, NULL)) != 0) {
+        goto cleanup;
+    }
+
+    /* Import Q */
+    if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 ||
+        (ret = mbedtls_rsa_import(rsa, NULL, NULL, &T,
+                                  NULL, NULL)) != 0) {
+        goto cleanup;
+    }
+
+#if !defined(MBEDTLS_RSA_NO_CRT) && !defined(MBEDTLS_RSA_ALT)
+    /*
+     * The RSA CRT parameters DP, DQ and QP are nominally redundant, in
+     * that they can be easily recomputed from D, P and Q. However by
+     * parsing them from the PKCS1 structure it is possible to avoid
+     * recalculating them which both reduces the overhead of loading
+     * RSA private keys into memory and also avoids side channels which
+     * can arise when computing those values, since all of D, P, and Q
+     * are secret. See https://eprint.iacr.org/2020/055 for a
+     * description of one such attack.
+     */
+
+    /* Import DP */
+    if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 ||
+        (ret = mbedtls_mpi_copy(&rsa->DP, &T)) != 0) {
+        goto cleanup;
+    }
+
+    /* Import DQ */
+    if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 ||
+        (ret = mbedtls_mpi_copy(&rsa->DQ, &T)) != 0) {
+        goto cleanup;
+    }
+
+    /* Import QP */
+    if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 ||
+        (ret = mbedtls_mpi_copy(&rsa->QP, &T)) != 0) {
+        goto cleanup;
+    }
+
+#else
+    /* Verify existence of the CRT params */
+    if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 ||
+        (ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 ||
+        (ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0) {
+        goto cleanup;
+    }
+#endif
+
+    /* rsa_complete() doesn't complete anything with the default
+     * implementation but is still called:
+     * - for the benefit of alternative implementation that may want to
+     *   pre-compute stuff beyond what's provided (eg Montgomery factors)
+     * - as is also sanity-checks the key
+     *
+     * Furthermore, we also check the public part for consistency with
+     * mbedtls_pk_parse_pubkey(), as it includes size minima for example.
+     */
+    if ((ret = mbedtls_rsa_complete(rsa)) != 0 ||
+        (ret = mbedtls_rsa_check_pubkey(rsa)) != 0) {
+        goto cleanup;
+    }
+
+    if (p != end) {
+        ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT,
+                                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+cleanup:
+
+    mbedtls_mpi_free(&T);
+
+    if (ret != 0) {
+        /* Wrap error code if it's coming from a lower level */
+        if ((ret & 0xff80) == 0) {
+            ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+        } else {
+            ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
+        }
+
+        mbedtls_rsa_free(rsa);
+    }
+
+    return ret;
+}
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_ECP_C)
+/*
+ * Parse a SEC1 encoded private EC key
+ */
+static int pk_parse_key_sec1_der(mbedtls_ecp_keypair *eck,
+                                 const unsigned char *key,
+                                 size_t keylen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    int version, pubkey_done;
+    size_t len;
+    mbedtls_asn1_buf params;
+    unsigned char *p = (unsigned char *) key;
+    unsigned char *end = p + keylen;
+    unsigned char *end2;
+
+    /*
+     * RFC 5915, or SEC1 Appendix C.4
+     *
+     * ECPrivateKey ::= SEQUENCE {
+     *      version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
+     *      privateKey     OCTET STRING,
+     *      parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
+     *      publicKey  [1] BIT STRING OPTIONAL
+     *    }
+     */
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    end = p + len;
+
+    if ((ret = mbedtls_asn1_get_int(&p, end, &version)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    if (version != 1) {
+        return MBEDTLS_ERR_PK_KEY_INVALID_VERSION;
+    }
+
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    if ((ret = mbedtls_mpi_read_binary(&eck->d, p, len)) != 0) {
+        mbedtls_ecp_keypair_free(eck);
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    p += len;
+
+    pubkey_done = 0;
+    if (p != end) {
+        /*
+         * Is 'parameters' present?
+         */
+        if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                        MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED |
+                                        0)) == 0) {
+            if ((ret = pk_get_ecparams(&p, p + len, &params)) != 0 ||
+                (ret = pk_use_ecparams(&params, &eck->grp)) != 0) {
+                mbedtls_ecp_keypair_free(eck);
+                return ret;
+            }
+        } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
+            mbedtls_ecp_keypair_free(eck);
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+        }
+    }
+
+    if (p != end) {
+        /*
+         * Is 'publickey' present? If not, or if we can't read it (eg because it
+         * is compressed), create it from the private key.
+         */
+        if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                        MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED |
+                                        1)) == 0) {
+            end2 = p + len;
+
+            if ((ret = mbedtls_asn1_get_bitstring_null(&p, end2, &len)) != 0) {
+                return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+            }
+
+            if (p + len != end2) {
+                return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT,
+                                         MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+            }
+
+            if ((ret = pk_get_ecpubkey(&p, end2, eck)) == 0) {
+                pubkey_done = 1;
+            } else {
+                /*
+                 * The only acceptable failure mode of pk_get_ecpubkey() above
+                 * is if the point format is not recognized.
+                 */
+                if (ret != MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE) {
+                    return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
+                }
+            }
+        } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
+            mbedtls_ecp_keypair_free(eck);
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+        }
+    }
+
+    if (!pubkey_done &&
+        (ret = mbedtls_ecp_mul(&eck->grp, &eck->Q, &eck->d, &eck->grp.G,
+                               NULL, NULL)) != 0) {
+        mbedtls_ecp_keypair_free(eck);
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    if ((ret = mbedtls_ecp_check_privkey(&eck->grp, &eck->d)) != 0) {
+        mbedtls_ecp_keypair_free(eck);
+        return ret;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_ECP_C */
+
+/*
+ * Parse an unencrypted PKCS#8 encoded private key
+ *
+ * Notes:
+ *
+ * - This function does not own the key buffer. It is the
+ *   responsibility of the caller to take care of zeroizing
+ *   and freeing it after use.
+ *
+ * - The function is responsible for freeing the provided
+ *   PK context on failure.
+ *
+ */
+static int pk_parse_key_pkcs8_unencrypted_der(
+    mbedtls_pk_context *pk,
+    const unsigned char *key,
+    size_t keylen)
+{
+    int ret, version;
+    size_t len;
+    mbedtls_asn1_buf params;
+    unsigned char *p = (unsigned char *) key;
+    unsigned char *end = p + keylen;
+    mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE;
+    const mbedtls_pk_info_t *pk_info;
+
+    /*
+     * This function parses the PrivateKeyInfo object (PKCS#8 v1.2 = RFC 5208)
+     *
+     *    PrivateKeyInfo ::= SEQUENCE {
+     *      version                   Version,
+     *      privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
+     *      privateKey                PrivateKey,
+     *      attributes           [0]  IMPLICIT Attributes OPTIONAL }
+     *
+     *    Version ::= INTEGER
+     *    PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
+     *    PrivateKey ::= OCTET STRING
+     *
+     *  The PrivateKey OCTET STRING is a SEC1 ECPrivateKey
+     */
+
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    end = p + len;
+
+    if ((ret = mbedtls_asn1_get_int(&p, end, &version)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    if (version != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_VERSION, ret);
+    }
+
+    if ((ret = pk_get_pk_alg(&p, end, &pk_alg, &params)) != 0) {
+        return ret;
+    }
+
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    if (len < 1) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT,
+                                 MBEDTLS_ERR_ASN1_OUT_OF_DATA);
+    }
+
+    if ((pk_info = mbedtls_pk_info_from_type(pk_alg)) == NULL) {
+        return MBEDTLS_ERR_PK_UNKNOWN_PK_ALG;
+    }
+
+    if ((ret = mbedtls_pk_setup(pk, pk_info)) != 0) {
+        return ret;
+    }
+
+#if defined(MBEDTLS_RSA_C)
+    if (pk_alg == MBEDTLS_PK_RSA) {
+        if ((ret = pk_parse_key_pkcs1_der(mbedtls_pk_rsa(*pk), p, len)) != 0) {
+            mbedtls_pk_free(pk);
+            return ret;
+        }
+    } else
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECP_C)
+    if (pk_alg == MBEDTLS_PK_ECKEY || pk_alg == MBEDTLS_PK_ECKEY_DH) {
+        if ((ret = pk_use_ecparams(&params, &mbedtls_pk_ec(*pk)->grp)) != 0 ||
+            (ret = pk_parse_key_sec1_der(mbedtls_pk_ec(*pk), p, len)) != 0) {
+            mbedtls_pk_free(pk);
+            return ret;
+        }
+    } else
+#endif /* MBEDTLS_ECP_C */
+    return MBEDTLS_ERR_PK_UNKNOWN_PK_ALG;
+
+    return 0;
+}
+
+/*
+ * Parse an encrypted PKCS#8 encoded private key
+ *
+ * To save space, the decryption happens in-place on the given key buffer.
+ * Also, while this function may modify the keybuffer, it doesn't own it,
+ * and instead it is the responsibility of the caller to zeroize and properly
+ * free it after use.
+ *
+ */
+#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
+static int pk_parse_key_pkcs8_encrypted_der(
+    mbedtls_pk_context *pk,
+    unsigned char *key, size_t keylen,
+    const unsigned char *pwd, size_t pwdlen)
+{
+    int ret, decrypted = 0;
+    size_t len;
+    unsigned char *buf;
+    unsigned char *p, *end;
+    mbedtls_asn1_buf pbe_alg_oid, pbe_params;
+#if defined(MBEDTLS_PKCS12_C)
+    mbedtls_cipher_type_t cipher_alg;
+    mbedtls_md_type_t md_alg;
+#endif
+
+    p = key;
+    end = p + keylen;
+
+    if (pwdlen == 0) {
+        return MBEDTLS_ERR_PK_PASSWORD_REQUIRED;
+    }
+
+    /*
+     * This function parses the EncryptedPrivateKeyInfo object (PKCS#8)
+     *
+     *  EncryptedPrivateKeyInfo ::= SEQUENCE {
+     *    encryptionAlgorithm  EncryptionAlgorithmIdentifier,
+     *    encryptedData        EncryptedData
+     *  }
+     *
+     *  EncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
+     *
+     *  EncryptedData ::= OCTET STRING
+     *
+     *  The EncryptedData OCTET STRING is a PKCS#8 PrivateKeyInfo
+     *
+     */
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    end = p + len;
+
+    if ((ret = mbedtls_asn1_get_alg(&p, end, &pbe_alg_oid, &pbe_params)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret);
+    }
+
+    buf = p;
+
+    /*
+     * Decrypt EncryptedData with appropriate PBE
+     */
+#if defined(MBEDTLS_PKCS12_C)
+    if (mbedtls_oid_get_pkcs12_pbe_alg(&pbe_alg_oid, &md_alg, &cipher_alg) == 0) {
+        if ((ret = mbedtls_pkcs12_pbe(&pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT,
+                                      cipher_alg, md_alg,
+                                      pwd, pwdlen, p, len, buf)) != 0) {
+            if (ret == MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH) {
+                return MBEDTLS_ERR_PK_PASSWORD_MISMATCH;
+            }
+
+            return ret;
+        }
+
+        decrypted = 1;
+    } else if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128, &pbe_alg_oid) == 0) {
+        if ((ret = mbedtls_pkcs12_pbe_sha1_rc4_128(&pbe_params,
+                                                   MBEDTLS_PKCS12_PBE_DECRYPT,
+                                                   pwd, pwdlen,
+                                                   p, len, buf)) != 0) {
+            return ret;
+        }
+
+        // Best guess for password mismatch when using RC4. If first tag is
+        // not MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE
+        //
+        if (*buf != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) {
+            return MBEDTLS_ERR_PK_PASSWORD_MISMATCH;
+        }
+
+        decrypted = 1;
+    } else
+#endif /* MBEDTLS_PKCS12_C */
+#if defined(MBEDTLS_PKCS5_C)
+    if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS5_PBES2, &pbe_alg_oid) == 0) {
+        if ((ret = mbedtls_pkcs5_pbes2(&pbe_params, MBEDTLS_PKCS5_DECRYPT, pwd, pwdlen,
+                                       p, len, buf)) != 0) {
+            if (ret == MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH) {
+                return MBEDTLS_ERR_PK_PASSWORD_MISMATCH;
+            }
+
+            return ret;
+        }
+
+        decrypted = 1;
+    } else
+#endif /* MBEDTLS_PKCS5_C */
+    {
+        ((void) pwd);
+    }
+
+    if (decrypted == 0) {
+        return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+    }
+
+    return pk_parse_key_pkcs8_unencrypted_der(pk, buf, len);
+}
+#endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */
+
+/*
+ * Parse a private key
+ */
+int mbedtls_pk_parse_key(mbedtls_pk_context *pk,
+                         const unsigned char *key, size_t keylen,
+                         const unsigned char *pwd, size_t pwdlen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const mbedtls_pk_info_t *pk_info;
+#if defined(MBEDTLS_PEM_PARSE_C)
+    size_t len;
+    mbedtls_pem_context pem;
+#endif
+
+    (void) pk_info;
+
+    PK_VALIDATE_RET(pk != NULL);
+    if (keylen == 0) {
+        return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
+    }
+    PK_VALIDATE_RET(key != NULL);
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+    mbedtls_pem_init(&pem);
+
+#if defined(MBEDTLS_RSA_C)
+    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
+    if (key[keylen - 1] != '\0') {
+        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
+    } else {
+        ret = mbedtls_pem_read_buffer(&pem,
+                                      "-----BEGIN RSA PRIVATE KEY-----",
+                                      "-----END RSA PRIVATE KEY-----",
+                                      key, pwd, pwdlen, &len);
+    }
+
+    if (ret == 0) {
+        pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_RSA);
+        if ((ret = mbedtls_pk_setup(pk, pk_info)) != 0 ||
+            (ret = pk_parse_key_pkcs1_der(mbedtls_pk_rsa(*pk),
+                                          pem.buf, pem.buflen)) != 0) {
+            mbedtls_pk_free(pk);
+        }
+
+        mbedtls_pem_free(&pem);
+        return ret;
+    } else if (ret == MBEDTLS_ERR_PEM_PASSWORD_MISMATCH) {
+        return MBEDTLS_ERR_PK_PASSWORD_MISMATCH;
+    } else if (ret == MBEDTLS_ERR_PEM_PASSWORD_REQUIRED) {
+        return MBEDTLS_ERR_PK_PASSWORD_REQUIRED;
+    } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) {
+        return ret;
+    }
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_ECP_C)
+    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
+    if (key[keylen - 1] != '\0') {
+        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
+    } else {
+        ret = mbedtls_pem_read_buffer(&pem,
+                                      "-----BEGIN EC PRIVATE KEY-----",
+                                      "-----END EC PRIVATE KEY-----",
+                                      key, pwd, pwdlen, &len);
+    }
+    if (ret == 0) {
+        pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY);
+
+        if ((ret = mbedtls_pk_setup(pk, pk_info)) != 0 ||
+            (ret = pk_parse_key_sec1_der(mbedtls_pk_ec(*pk),
+                                         pem.buf, pem.buflen)) != 0) {
+            mbedtls_pk_free(pk);
+        }
+
+        mbedtls_pem_free(&pem);
+        return ret;
+    } else if (ret == MBEDTLS_ERR_PEM_PASSWORD_MISMATCH) {
+        return MBEDTLS_ERR_PK_PASSWORD_MISMATCH;
+    } else if (ret == MBEDTLS_ERR_PEM_PASSWORD_REQUIRED) {
+        return MBEDTLS_ERR_PK_PASSWORD_REQUIRED;
+    } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) {
+        return ret;
+    }
+#endif /* MBEDTLS_ECP_C */
+
+    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
+    if (key[keylen - 1] != '\0') {
+        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
+    } else {
+        ret = mbedtls_pem_read_buffer(&pem,
+                                      "-----BEGIN PRIVATE KEY-----",
+                                      "-----END PRIVATE KEY-----",
+                                      key, NULL, 0, &len);
+    }
+    if (ret == 0) {
+        if ((ret = pk_parse_key_pkcs8_unencrypted_der(pk,
+                                                      pem.buf, pem.buflen)) != 0) {
+            mbedtls_pk_free(pk);
+        }
+
+        mbedtls_pem_free(&pem);
+        return ret;
+    } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) {
+        return ret;
+    }
+
+#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
+    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
+    if (key[keylen - 1] != '\0') {
+        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
+    } else {
+        ret = mbedtls_pem_read_buffer(&pem,
+                                      "-----BEGIN ENCRYPTED PRIVATE KEY-----",
+                                      "-----END ENCRYPTED PRIVATE KEY-----",
+                                      key, NULL, 0, &len);
+    }
+    if (ret == 0) {
+        if ((ret = pk_parse_key_pkcs8_encrypted_der(pk,
+                                                    pem.buf, pem.buflen,
+                                                    pwd, pwdlen)) != 0) {
+            mbedtls_pk_free(pk);
+        }
+
+        mbedtls_pem_free(&pem);
+        return ret;
+    } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) {
+        return ret;
+    }
+#endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */
+#else
+    ((void) pwd);
+    ((void) pwdlen);
+#endif /* MBEDTLS_PEM_PARSE_C */
+
+    /*
+     * At this point we only know it's not a PEM formatted key. Could be any
+     * of the known DER encoded private key formats
+     *
+     * We try the different DER format parsers to see if one passes without
+     * error
+     */
+#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
+    {
+        unsigned char *key_copy;
+
+        if ((key_copy = mbedtls_calloc(1, keylen)) == NULL) {
+            return MBEDTLS_ERR_PK_ALLOC_FAILED;
+        }
+
+        memcpy(key_copy, key, keylen);
+
+        ret = pk_parse_key_pkcs8_encrypted_der(pk, key_copy, keylen,
+                                               pwd, pwdlen);
+
+        mbedtls_platform_zeroize(key_copy, keylen);
+        mbedtls_free(key_copy);
+    }
+
+    if (ret == 0) {
+        return 0;
+    }
+
+    mbedtls_pk_free(pk);
+    mbedtls_pk_init(pk);
+
+    if (ret == MBEDTLS_ERR_PK_PASSWORD_MISMATCH) {
+        return ret;
+    }
+#endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */
+
+    ret = pk_parse_key_pkcs8_unencrypted_der(pk, key, keylen);
+    if (ret == 0) {
+        return 0;
+    }
+
+    mbedtls_pk_free(pk);
+    mbedtls_pk_init(pk);
+
+#if defined(MBEDTLS_RSA_C)
+
+    pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_RSA);
+    if (mbedtls_pk_setup(pk, pk_info) == 0 &&
+        pk_parse_key_pkcs1_der(mbedtls_pk_rsa(*pk), key, keylen) == 0) {
+        return 0;
+    }
+
+    mbedtls_pk_free(pk);
+    mbedtls_pk_init(pk);
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_ECP_C)
+    pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY);
+    if (mbedtls_pk_setup(pk, pk_info) == 0 &&
+        pk_parse_key_sec1_der(mbedtls_pk_ec(*pk),
+                              key, keylen) == 0) {
+        return 0;
+    }
+    mbedtls_pk_free(pk);
+#endif /* MBEDTLS_ECP_C */
+
+    /* If MBEDTLS_RSA_C is defined but MBEDTLS_ECP_C isn't,
+     * it is ok to leave the PK context initialized but not
+     * freed: It is the caller's responsibility to call pk_init()
+     * before calling this function, and to call pk_free()
+     * when it fails. If MBEDTLS_ECP_C is defined but MBEDTLS_RSA_C
+     * isn't, this leads to mbedtls_pk_free() being called
+     * twice, once here and once by the caller, but this is
+     * also ok and in line with the mbedtls_pk_free() calls
+     * on failed PEM parsing attempts. */
+
+    return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
+}
+
+/*
+ * Parse a public key
+ */
+int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx,
+                                const unsigned char *key, size_t keylen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *p;
+#if defined(MBEDTLS_RSA_C)
+    const mbedtls_pk_info_t *pk_info;
+#endif
+#if defined(MBEDTLS_PEM_PARSE_C)
+    size_t len;
+    mbedtls_pem_context pem;
+#endif
+
+    PK_VALIDATE_RET(ctx != NULL);
+    if (keylen == 0) {
+        return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
+    }
+    PK_VALIDATE_RET(key != NULL || keylen == 0);
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+    mbedtls_pem_init(&pem);
+#if defined(MBEDTLS_RSA_C)
+    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
+    if (key[keylen - 1] != '\0') {
+        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
+    } else {
+        ret = mbedtls_pem_read_buffer(&pem,
+                                      "-----BEGIN RSA PUBLIC KEY-----",
+                                      "-----END RSA PUBLIC KEY-----",
+                                      key, NULL, 0, &len);
+    }
+
+    if (ret == 0) {
+        p = pem.buf;
+        if ((pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == NULL) {
+            mbedtls_pem_free(&pem);
+            return MBEDTLS_ERR_PK_UNKNOWN_PK_ALG;
+        }
+
+        if ((ret = mbedtls_pk_setup(ctx, pk_info)) != 0) {
+            mbedtls_pem_free(&pem);
+            return ret;
+        }
+
+        if ((ret = pk_get_rsapubkey(&p, p + pem.buflen, mbedtls_pk_rsa(*ctx))) != 0) {
+            mbedtls_pk_free(ctx);
+        }
+
+        mbedtls_pem_free(&pem);
+        return ret;
+    } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) {
+        mbedtls_pem_free(&pem);
+        return ret;
+    }
+#endif /* MBEDTLS_RSA_C */
+
+    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
+    if (key[keylen - 1] != '\0') {
+        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
+    } else {
+        ret = mbedtls_pem_read_buffer(&pem,
+                                      "-----BEGIN PUBLIC KEY-----",
+                                      "-----END PUBLIC KEY-----",
+                                      key, NULL, 0, &len);
+    }
+
+    if (ret == 0) {
+        /*
+         * Was PEM encoded
+         */
+        p = pem.buf;
+
+        ret = mbedtls_pk_parse_subpubkey(&p,  p + pem.buflen, ctx);
+        mbedtls_pem_free(&pem);
+        return ret;
+    } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) {
+        mbedtls_pem_free(&pem);
+        return ret;
+    }
+    mbedtls_pem_free(&pem);
+#endif /* MBEDTLS_PEM_PARSE_C */
+
+#if defined(MBEDTLS_RSA_C)
+    if ((pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == NULL) {
+        return MBEDTLS_ERR_PK_UNKNOWN_PK_ALG;
+    }
+
+    if ((ret = mbedtls_pk_setup(ctx, pk_info)) != 0) {
+        return ret;
+    }
+
+    p = (unsigned char *) key;
+    ret = pk_get_rsapubkey(&p, p + keylen, mbedtls_pk_rsa(*ctx));
+    if (ret == 0) {
+        return ret;
+    }
+    mbedtls_pk_free(ctx);
+    if (ret != (MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY,
+                                  MBEDTLS_ERR_ASN1_UNEXPECTED_TAG))) {
+        return ret;
+    }
+#endif /* MBEDTLS_RSA_C */
+    p = (unsigned char *) key;
+
+    ret = mbedtls_pk_parse_subpubkey(&p, p + keylen, ctx);
+
+    return ret;
+}
+
+#endif /* MBEDTLS_PK_PARSE_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/pkwrite.c b/3rdparty/mbedtls-2.28.7/library/pkwrite.c
new file mode 100644
index 0000000..fafcf0e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/pkwrite.c
@@ -0,0 +1,620 @@
+/*
+ *  Public Key layer for writing key files and structures
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PK_WRITE_C)
+
+#include "mbedtls/pk.h"
+#include "mbedtls/asn1write.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_RSA_C)
+#include "mbedtls/rsa.h"
+#endif
+#if defined(MBEDTLS_ECP_C)
+#include "mbedtls/bignum.h"
+#include "mbedtls/ecp.h"
+#include "mbedtls/platform_util.h"
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+#include "mbedtls/ecdsa.h"
+#endif
+#if defined(MBEDTLS_PEM_WRITE_C)
+#include "mbedtls/pem.h"
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#endif
+#include "mbedtls/platform.h"
+
+/* Parameter validation macros based on platform_util.h */
+#define PK_VALIDATE_RET(cond)    \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA)
+#define PK_VALIDATE(cond)        \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+#if defined(MBEDTLS_RSA_C)
+/*
+ *  RSAPublicKey ::= SEQUENCE {
+ *      modulus           INTEGER,  -- n
+ *      publicExponent    INTEGER   -- e
+ *  }
+ */
+static int pk_write_rsa_pubkey(unsigned char **p, unsigned char *start,
+                               mbedtls_rsa_context *rsa)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+    mbedtls_mpi T;
+
+    mbedtls_mpi_init(&T);
+
+    /* Export E */
+    if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, NULL, &T)) != 0 ||
+        (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) {
+        goto end_of_export;
+    }
+    len += ret;
+
+    /* Export N */
+    if ((ret = mbedtls_rsa_export(rsa, &T, NULL, NULL, NULL, NULL)) != 0 ||
+        (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) {
+        goto end_of_export;
+    }
+    len += ret;
+
+end_of_export:
+
+    mbedtls_mpi_free(&T);
+    if (ret < 0) {
+        return ret;
+    }
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_CONSTRUCTED |
+                                                     MBEDTLS_ASN1_SEQUENCE));
+
+    return (int) len;
+}
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_ECP_C)
+/*
+ * EC public key is an EC point
+ */
+static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start,
+                              mbedtls_ecp_keypair *ec)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+    unsigned char buf[MBEDTLS_ECP_MAX_PT_LEN];
+
+    if ((ret = mbedtls_ecp_point_write_binary(&ec->grp, &ec->Q,
+                                              MBEDTLS_ECP_PF_UNCOMPRESSED,
+                                              &len, buf, sizeof(buf))) != 0) {
+        return ret;
+    }
+
+    if (*p < start || (size_t) (*p - start) < len) {
+        return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+    }
+
+    *p -= len;
+    memcpy(*p, buf, len);
+
+    return (int) len;
+}
+
+/*
+ * ECParameters ::= CHOICE {
+ *   namedCurve         OBJECT IDENTIFIER
+ * }
+ */
+static int pk_write_ec_param(unsigned char **p, unsigned char *start,
+                             mbedtls_ecp_keypair *ec)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+    const char *oid;
+    size_t oid_len;
+
+    if ((ret = mbedtls_oid_get_oid_by_ec_grp(ec->grp.id, &oid, &oid_len)) != 0) {
+        return ret;
+    }
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(p, start, oid, oid_len));
+
+    return (int) len;
+}
+
+/*
+ * privateKey  OCTET STRING -- always of length ceil(log2(n)/8)
+ */
+static int pk_write_ec_private(unsigned char **p, unsigned char *start,
+                               mbedtls_ecp_keypair *ec)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t byte_length = (ec->grp.pbits + 7) / 8;
+    unsigned char tmp[MBEDTLS_ECP_MAX_BYTES];
+
+    ret = mbedtls_ecp_write_key(ec, tmp, byte_length);
+    if (ret != 0) {
+        goto exit;
+    }
+    ret = mbedtls_asn1_write_octet_string(p, start, tmp, byte_length);
+
+exit:
+    mbedtls_platform_zeroize(tmp, byte_length);
+    return ret;
+}
+#endif /* MBEDTLS_ECP_C */
+
+int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start,
+                            const mbedtls_pk_context *key)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+
+    (void) p;
+    (void) start;
+    (void) key;
+    (void) ret;
+
+    PK_VALIDATE_RET(p != NULL);
+    PK_VALIDATE_RET(*p != NULL);
+    PK_VALIDATE_RET(start != NULL);
+    PK_VALIDATE_RET(key != NULL);
+
+#if defined(MBEDTLS_RSA_C)
+    if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) {
+        MBEDTLS_ASN1_CHK_ADD(len, pk_write_rsa_pubkey(p, start, mbedtls_pk_rsa(*key)));
+    } else
+#endif
+#if defined(MBEDTLS_ECP_C)
+    if (mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) {
+        MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_pubkey(p, start, mbedtls_pk_ec(*key)));
+    } else
+#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (mbedtls_pk_get_type(key) == MBEDTLS_PK_OPAQUE) {
+        size_t buffer_size;
+        psa_key_id_t *key_id = (psa_key_id_t *) key->pk_ctx;
+
+        if (*p < start) {
+            return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+        }
+
+        buffer_size = (size_t) (*p - start);
+        if (psa_export_public_key(*key_id, start, buffer_size, &len)
+            != PSA_SUCCESS) {
+            return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+        } else {
+            *p -= len;
+            memmove(*p, start, len);
+        }
+    } else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+
+    return (int) len;
+}
+
+int mbedtls_pk_write_pubkey_der(mbedtls_pk_context *key, unsigned char *buf, size_t size)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *c;
+    size_t len = 0, par_len = 0, oid_len;
+    mbedtls_pk_type_t pk_type;
+    const char *oid;
+
+    PK_VALIDATE_RET(key != NULL);
+    if (size == 0) {
+        return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+    }
+    PK_VALIDATE_RET(buf != NULL);
+
+    c = buf + size;
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_pk_write_pubkey(&c, buf, key));
+
+    if (c - buf < 1) {
+        return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+    }
+
+    /*
+     *  SubjectPublicKeyInfo  ::=  SEQUENCE  {
+     *       algorithm            AlgorithmIdentifier,
+     *       subjectPublicKey     BIT STRING }
+     */
+    *--c = 0;
+    len += 1;
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_BIT_STRING));
+
+    pk_type = mbedtls_pk_get_type(key);
+#if defined(MBEDTLS_ECP_C)
+    if (pk_type == MBEDTLS_PK_ECKEY) {
+        MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(&c, buf, mbedtls_pk_ec(*key)));
+    }
+#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (pk_type == MBEDTLS_PK_OPAQUE) {
+        psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+        psa_key_type_t key_type;
+        psa_key_id_t key_id;
+        psa_ecc_family_t curve;
+        size_t bits;
+
+        key_id = *((psa_key_id_t *) key->pk_ctx);
+        if (PSA_SUCCESS != psa_get_key_attributes(key_id, &attributes)) {
+            return MBEDTLS_ERR_PK_HW_ACCEL_FAILED;
+        }
+        key_type = psa_get_key_type(&attributes);
+        bits = psa_get_key_bits(&attributes);
+        psa_reset_key_attributes(&attributes);
+
+        curve = PSA_KEY_TYPE_ECC_GET_FAMILY(key_type);
+        if (curve == 0) {
+            return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+        }
+
+        ret = mbedtls_psa_get_ecc_oid_from_id(curve, bits, &oid, &oid_len);
+        if (ret != 0) {
+            return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+        }
+
+        /* Write EC algorithm parameters; that's akin
+         * to pk_write_ec_param() above. */
+        MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_oid(&c, buf,
+                                                             oid, oid_len));
+
+        /* The rest of the function works as for legacy EC contexts. */
+        pk_type = MBEDTLS_PK_ECKEY;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if ((ret = mbedtls_oid_get_oid_by_pk_alg(pk_type, &oid,
+                                             &oid_len)) != 0) {
+        return ret;
+    }
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_algorithm_identifier(&c, buf, oid, oid_len,
+                                                                      par_len));
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_CONSTRUCTED |
+                                                     MBEDTLS_ASN1_SEQUENCE));
+
+    return (int) len;
+}
+
+int mbedtls_pk_write_key_der(mbedtls_pk_context *key, unsigned char *buf, size_t size)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *c;
+    size_t len = 0;
+
+    (void) ret;
+    (void) c;
+    (void) key;
+
+    PK_VALIDATE_RET(key != NULL);
+    if (size == 0) {
+        return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+    }
+    PK_VALIDATE_RET(buf != NULL);
+
+    c = buf + size;
+
+#if defined(MBEDTLS_RSA_C)
+    if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) {
+        mbedtls_mpi T; /* Temporary holding the exported parameters */
+        mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*key);
+
+        /*
+         * Export the parameters one after another to avoid simultaneous copies.
+         */
+
+        mbedtls_mpi_init(&T);
+
+        /* Export QP */
+        if ((ret = mbedtls_rsa_export_crt(rsa, NULL, NULL, &T)) != 0 ||
+            (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) {
+            goto end_of_export;
+        }
+        len += ret;
+
+        /* Export DQ */
+        if ((ret = mbedtls_rsa_export_crt(rsa, NULL, &T, NULL)) != 0 ||
+            (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) {
+            goto end_of_export;
+        }
+        len += ret;
+
+        /* Export DP */
+        if ((ret = mbedtls_rsa_export_crt(rsa, &T, NULL, NULL)) != 0 ||
+            (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) {
+            goto end_of_export;
+        }
+        len += ret;
+
+        /* Export Q */
+        if ((ret = mbedtls_rsa_export(rsa, NULL, NULL,
+                                      &T, NULL, NULL)) != 0 ||
+            (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) {
+            goto end_of_export;
+        }
+        len += ret;
+
+        /* Export P */
+        if ((ret = mbedtls_rsa_export(rsa, NULL, &T,
+                                      NULL, NULL, NULL)) != 0 ||
+            (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) {
+            goto end_of_export;
+        }
+        len += ret;
+
+        /* Export D */
+        if ((ret = mbedtls_rsa_export(rsa, NULL, NULL,
+                                      NULL, &T, NULL)) != 0 ||
+            (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) {
+            goto end_of_export;
+        }
+        len += ret;
+
+        /* Export E */
+        if ((ret = mbedtls_rsa_export(rsa, NULL, NULL,
+                                      NULL, NULL, &T)) != 0 ||
+            (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) {
+            goto end_of_export;
+        }
+        len += ret;
+
+        /* Export N */
+        if ((ret = mbedtls_rsa_export(rsa, &T, NULL,
+                                      NULL, NULL, NULL)) != 0 ||
+            (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) {
+            goto end_of_export;
+        }
+        len += ret;
+
+end_of_export:
+
+        mbedtls_mpi_free(&T);
+        if (ret < 0) {
+            return ret;
+        }
+
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(&c, buf, 0));
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c,
+                                                         buf, MBEDTLS_ASN1_CONSTRUCTED |
+                                                         MBEDTLS_ASN1_SEQUENCE));
+    } else
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECP_C)
+    if (mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) {
+        mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*key);
+        size_t pub_len = 0, par_len = 0;
+
+        /*
+         * RFC 5915, or SEC1 Appendix C.4
+         *
+         * ECPrivateKey ::= SEQUENCE {
+         *      version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
+         *      privateKey     OCTET STRING,
+         *      parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
+         *      publicKey  [1] BIT STRING OPTIONAL
+         *    }
+         */
+
+        /* publicKey */
+        MBEDTLS_ASN1_CHK_ADD(pub_len, pk_write_ec_pubkey(&c, buf, ec));
+
+        if (c - buf < 1) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
+        *--c = 0;
+        pub_len += 1;
+
+        MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_len(&c, buf, pub_len));
+        MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_BIT_STRING));
+
+        MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_len(&c, buf, pub_len));
+        MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_tag(&c, buf,
+                                                             MBEDTLS_ASN1_CONTEXT_SPECIFIC |
+                                                             MBEDTLS_ASN1_CONSTRUCTED | 1));
+        len += pub_len;
+
+        /* parameters */
+        MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(&c, buf, ec));
+
+        MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_len(&c, buf, par_len));
+        MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_tag(&c, buf,
+                                                             MBEDTLS_ASN1_CONTEXT_SPECIFIC |
+                                                             MBEDTLS_ASN1_CONSTRUCTED | 0));
+        len += par_len;
+
+        /* privateKey */
+        MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_private(&c, buf, ec));
+
+        /* version */
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(&c, buf, 1));
+
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_CONSTRUCTED |
+                                                         MBEDTLS_ASN1_SEQUENCE));
+    } else
+#endif /* MBEDTLS_ECP_C */
+    return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+
+    return (int) len;
+}
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+
+#define PEM_BEGIN_PUBLIC_KEY    "-----BEGIN PUBLIC KEY-----\n"
+#define PEM_END_PUBLIC_KEY      "-----END PUBLIC KEY-----\n"
+
+#define PEM_BEGIN_PRIVATE_KEY_RSA   "-----BEGIN RSA PRIVATE KEY-----\n"
+#define PEM_END_PRIVATE_KEY_RSA     "-----END RSA PRIVATE KEY-----\n"
+#define PEM_BEGIN_PRIVATE_KEY_EC    "-----BEGIN EC PRIVATE KEY-----\n"
+#define PEM_END_PRIVATE_KEY_EC      "-----END EC PRIVATE KEY-----\n"
+
+/*
+ * Max sizes of key per types. Shown as tag + len (+ content).
+ */
+
+#if defined(MBEDTLS_RSA_C)
+/*
+ * RSA public keys:
+ *  SubjectPublicKeyInfo  ::=  SEQUENCE  {          1 + 3
+ *       algorithm            AlgorithmIdentifier,  1 + 1 (sequence)
+ *                                                + 1 + 1 + 9 (rsa oid)
+ *                                                + 1 + 1 (params null)
+ *       subjectPublicKey     BIT STRING }          1 + 3 + (1 + below)
+ *  RSAPublicKey ::= SEQUENCE {                     1 + 3
+ *      modulus           INTEGER,  -- n            1 + 3 + MPI_MAX + 1
+ *      publicExponent    INTEGER   -- e            1 + 3 + MPI_MAX + 1
+ *  }
+ */
+#define RSA_PUB_DER_MAX_BYTES   (38 + 2 * MBEDTLS_MPI_MAX_SIZE)
+
+/*
+ * RSA private keys:
+ *  RSAPrivateKey ::= SEQUENCE {                    1 + 3
+ *      version           Version,                  1 + 1 + 1
+ *      modulus           INTEGER,                  1 + 3 + MPI_MAX + 1
+ *      publicExponent    INTEGER,                  1 + 3 + MPI_MAX + 1
+ *      privateExponent   INTEGER,                  1 + 3 + MPI_MAX + 1
+ *      prime1            INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
+ *      prime2            INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
+ *      exponent1         INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
+ *      exponent2         INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
+ *      coefficient       INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
+ *      otherPrimeInfos   OtherPrimeInfos OPTIONAL  0 (not supported)
+ *  }
+ */
+#define MPI_MAX_SIZE_2          (MBEDTLS_MPI_MAX_SIZE / 2 + \
+                                 MBEDTLS_MPI_MAX_SIZE % 2)
+#define RSA_PRV_DER_MAX_BYTES   (47 + 3 * MBEDTLS_MPI_MAX_SIZE \
+                                 + 5 * MPI_MAX_SIZE_2)
+
+#else /* MBEDTLS_RSA_C */
+
+#define RSA_PUB_DER_MAX_BYTES   0
+#define RSA_PRV_DER_MAX_BYTES   0
+
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_ECP_C)
+/*
+ * EC public keys:
+ *  SubjectPublicKeyInfo  ::=  SEQUENCE  {      1 + 2
+ *    algorithm         AlgorithmIdentifier,    1 + 1 (sequence)
+ *                                            + 1 + 1 + 7 (ec oid)
+ *                                            + 1 + 1 + 9 (namedCurve oid)
+ *    subjectPublicKey  BIT STRING              1 + 2 + 1               [1]
+ *                                            + 1 (point format)        [1]
+ *                                            + 2 * ECP_MAX (coords)    [1]
+ *  }
+ */
+#define ECP_PUB_DER_MAX_BYTES   (30 + 2 * MBEDTLS_ECP_MAX_BYTES)
+
+/*
+ * EC private keys:
+ * ECPrivateKey ::= SEQUENCE {                  1 + 2
+ *      version        INTEGER ,                1 + 1 + 1
+ *      privateKey     OCTET STRING,            1 + 1 + ECP_MAX
+ *      parameters [0] ECParameters OPTIONAL,   1 + 1 + (1 + 1 + 9)
+ *      publicKey  [1] BIT STRING OPTIONAL      1 + 2 + [1] above
+ *    }
+ */
+#define ECP_PRV_DER_MAX_BYTES   (29 + 3 * MBEDTLS_ECP_MAX_BYTES)
+
+#else /* MBEDTLS_ECP_C */
+
+#define ECP_PUB_DER_MAX_BYTES   0
+#define ECP_PRV_DER_MAX_BYTES   0
+
+#endif /* MBEDTLS_ECP_C */
+
+#define PUB_DER_MAX_BYTES   (RSA_PUB_DER_MAX_BYTES > ECP_PUB_DER_MAX_BYTES ? \
+                             RSA_PUB_DER_MAX_BYTES : ECP_PUB_DER_MAX_BYTES)
+#define PRV_DER_MAX_BYTES   (RSA_PRV_DER_MAX_BYTES > ECP_PRV_DER_MAX_BYTES ? \
+                             RSA_PRV_DER_MAX_BYTES : ECP_PRV_DER_MAX_BYTES)
+
+int mbedtls_pk_write_pubkey_pem(mbedtls_pk_context *key, unsigned char *buf, size_t size)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char output_buf[PUB_DER_MAX_BYTES];
+    size_t olen = 0;
+
+    PK_VALIDATE_RET(key != NULL);
+    PK_VALIDATE_RET(buf != NULL || size == 0);
+
+    if ((ret = mbedtls_pk_write_pubkey_der(key, output_buf,
+                                           sizeof(output_buf))) < 0) {
+        return ret;
+    }
+
+    if ((ret = mbedtls_pem_write_buffer(PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY,
+                                        output_buf + sizeof(output_buf) - ret,
+                                        ret, buf, size, &olen)) != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+
+int mbedtls_pk_write_key_pem(mbedtls_pk_context *key, unsigned char *buf, size_t size)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char output_buf[PRV_DER_MAX_BYTES];
+    const char *begin, *end;
+    size_t olen = 0;
+
+    PK_VALIDATE_RET(key != NULL);
+    PK_VALIDATE_RET(buf != NULL || size == 0);
+
+    if ((ret = mbedtls_pk_write_key_der(key, output_buf, sizeof(output_buf))) < 0) {
+        return ret;
+    }
+
+#if defined(MBEDTLS_RSA_C)
+    if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) {
+        begin = PEM_BEGIN_PRIVATE_KEY_RSA;
+        end = PEM_END_PRIVATE_KEY_RSA;
+    } else
+#endif
+#if defined(MBEDTLS_ECP_C)
+    if (mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) {
+        begin = PEM_BEGIN_PRIVATE_KEY_EC;
+        end = PEM_END_PRIVATE_KEY_EC;
+    } else
+#endif
+    return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+
+    if ((ret = mbedtls_pem_write_buffer(begin, end,
+                                        output_buf + sizeof(output_buf) - ret,
+                                        ret, buf, size, &olen)) != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_PEM_WRITE_C */
+
+#endif /* MBEDTLS_PK_WRITE_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/platform.c b/3rdparty/mbedtls-2.28.7/library/platform.c
new file mode 100644
index 0000000..e82cbeb
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/platform.c
@@ -0,0 +1,374 @@
+/*
+ *  Platform abstraction layer
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PLATFORM_C)
+
+#include "mbedtls/platform.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+/* The compile time configuration of memory allocation via the macros
+ * MBEDTLS_PLATFORM_{FREE/CALLOC}_MACRO takes precedence over the runtime
+ * configuration via mbedtls_platform_set_calloc_free(). So, omit everything
+ * related to the latter if MBEDTLS_PLATFORM_{FREE/CALLOC}_MACRO are defined. */
+#if defined(MBEDTLS_PLATFORM_MEMORY) &&                 \
+    !(defined(MBEDTLS_PLATFORM_CALLOC_MACRO) &&        \
+    defined(MBEDTLS_PLATFORM_FREE_MACRO))
+
+#if !defined(MBEDTLS_PLATFORM_STD_CALLOC)
+static void *platform_calloc_uninit(size_t n, size_t size)
+{
+    ((void) n);
+    ((void) size);
+    return NULL;
+}
+
+#define MBEDTLS_PLATFORM_STD_CALLOC   platform_calloc_uninit
+#endif /* !MBEDTLS_PLATFORM_STD_CALLOC */
+
+#if !defined(MBEDTLS_PLATFORM_STD_FREE)
+static void platform_free_uninit(void *ptr)
+{
+    ((void) ptr);
+}
+
+#define MBEDTLS_PLATFORM_STD_FREE     platform_free_uninit
+#endif /* !MBEDTLS_PLATFORM_STD_FREE */
+
+static void * (*mbedtls_calloc_func)(size_t, size_t) = MBEDTLS_PLATFORM_STD_CALLOC;
+static void (*mbedtls_free_func)(void *) = MBEDTLS_PLATFORM_STD_FREE;
+
+void *mbedtls_calloc(size_t nmemb, size_t size)
+{
+    return (*mbedtls_calloc_func)(nmemb, size);
+}
+
+void mbedtls_free(void *ptr)
+{
+    (*mbedtls_free_func)(ptr);
+}
+
+int mbedtls_platform_set_calloc_free(void *(*calloc_func)(size_t, size_t),
+                                     void (*free_func)(void *))
+{
+    mbedtls_calloc_func = calloc_func;
+    mbedtls_free_func = free_func;
+    return 0;
+}
+#endif /* MBEDTLS_PLATFORM_MEMORY &&
+          !( defined(MBEDTLS_PLATFORM_CALLOC_MACRO) &&
+             defined(MBEDTLS_PLATFORM_FREE_MACRO) ) */
+
+#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF)
+#include <stdarg.h>
+int mbedtls_platform_win32_snprintf(char *s, size_t n, const char *fmt, ...)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    va_list argp;
+
+    va_start(argp, fmt);
+    ret = mbedtls_vsnprintf(s, n, fmt, argp);
+    va_end(argp);
+
+    return ret;
+}
+#endif
+
+#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
+#if !defined(MBEDTLS_PLATFORM_STD_SNPRINTF)
+/*
+ * Make dummy function to prevent NULL pointer dereferences
+ */
+static int platform_snprintf_uninit(char *s, size_t n,
+                                    const char *format, ...)
+{
+    ((void) s);
+    ((void) n);
+    ((void) format);
+    return 0;
+}
+
+#define MBEDTLS_PLATFORM_STD_SNPRINTF    platform_snprintf_uninit
+#endif /* !MBEDTLS_PLATFORM_STD_SNPRINTF */
+
+int (*mbedtls_snprintf)(char *s, size_t n,
+                        const char *format,
+                        ...) = MBEDTLS_PLATFORM_STD_SNPRINTF;
+
+int mbedtls_platform_set_snprintf(int (*snprintf_func)(char *s, size_t n,
+                                                       const char *format,
+                                                       ...))
+{
+    mbedtls_snprintf = snprintf_func;
+    return 0;
+}
+#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
+
+#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF)
+#include <stdarg.h>
+int mbedtls_platform_win32_vsnprintf(char *s, size_t n, const char *fmt, va_list arg)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    /* Avoid calling the invalid parameter handler by checking ourselves */
+    if (s == NULL || n == 0 || fmt == NULL) {
+        return -1;
+    }
+
+#if defined(_TRUNCATE)
+    ret = vsnprintf_s(s, n, _TRUNCATE, fmt, arg);
+#else
+    ret = vsnprintf(s, n, fmt, arg);
+    if (ret < 0 || (size_t) ret == n) {
+        s[n-1] = '\0';
+        ret = -1;
+    }
+#endif
+
+    return ret;
+}
+#endif
+
+#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT)
+#if !defined(MBEDTLS_PLATFORM_STD_VSNPRINTF)
+/*
+ * Make dummy function to prevent NULL pointer dereferences
+ */
+static int platform_vsnprintf_uninit(char *s, size_t n,
+                                     const char *format, va_list arg)
+{
+    ((void) s);
+    ((void) n);
+    ((void) format);
+    ((void) arg);
+    return -1;
+}
+
+#define MBEDTLS_PLATFORM_STD_VSNPRINTF    platform_vsnprintf_uninit
+#endif /* !MBEDTLS_PLATFORM_STD_VSNPRINTF */
+
+int (*mbedtls_vsnprintf)(char *s, size_t n,
+                         const char *format,
+                         va_list arg) = MBEDTLS_PLATFORM_STD_VSNPRINTF;
+
+int mbedtls_platform_set_vsnprintf(int (*vsnprintf_func)(char *s, size_t n,
+                                                         const char *format,
+                                                         va_list arg))
+{
+    mbedtls_vsnprintf = vsnprintf_func;
+    return 0;
+}
+#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
+
+#if defined(MBEDTLS_PLATFORM_PRINTF_ALT)
+#if !defined(MBEDTLS_PLATFORM_STD_PRINTF)
+/*
+ * Make dummy function to prevent NULL pointer dereferences
+ */
+static int platform_printf_uninit(const char *format, ...)
+{
+    ((void) format);
+    return 0;
+}
+
+#define MBEDTLS_PLATFORM_STD_PRINTF    platform_printf_uninit
+#endif /* !MBEDTLS_PLATFORM_STD_PRINTF */
+
+int (*mbedtls_printf)(const char *, ...) = MBEDTLS_PLATFORM_STD_PRINTF;
+
+int mbedtls_platform_set_printf(int (*printf_func)(const char *, ...))
+{
+    mbedtls_printf = printf_func;
+    return 0;
+}
+#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */
+
+#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
+#if !defined(MBEDTLS_PLATFORM_STD_FPRINTF)
+/*
+ * Make dummy function to prevent NULL pointer dereferences
+ */
+static int platform_fprintf_uninit(FILE *stream, const char *format, ...)
+{
+    ((void) stream);
+    ((void) format);
+    return 0;
+}
+
+#define MBEDTLS_PLATFORM_STD_FPRINTF   platform_fprintf_uninit
+#endif /* !MBEDTLS_PLATFORM_STD_FPRINTF */
+
+int (*mbedtls_fprintf)(FILE *, const char *, ...) =
+    MBEDTLS_PLATFORM_STD_FPRINTF;
+
+int mbedtls_platform_set_fprintf(int (*fprintf_func)(FILE *, const char *, ...))
+{
+    mbedtls_fprintf = fprintf_func;
+    return 0;
+}
+#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */
+
+#if defined(MBEDTLS_PLATFORM_EXIT_ALT)
+#if !defined(MBEDTLS_PLATFORM_STD_EXIT)
+/*
+ * Make dummy function to prevent NULL pointer dereferences
+ */
+static void platform_exit_uninit(int status)
+{
+    ((void) status);
+}
+
+#define MBEDTLS_PLATFORM_STD_EXIT   platform_exit_uninit
+#endif /* !MBEDTLS_PLATFORM_STD_EXIT */
+
+void (*mbedtls_exit)(int status) = MBEDTLS_PLATFORM_STD_EXIT;
+
+int mbedtls_platform_set_exit(void (*exit_func)(int status))
+{
+    mbedtls_exit = exit_func;
+    return 0;
+}
+#endif /* MBEDTLS_PLATFORM_EXIT_ALT */
+
+#if defined(MBEDTLS_HAVE_TIME)
+
+#if defined(MBEDTLS_PLATFORM_TIME_ALT)
+#if !defined(MBEDTLS_PLATFORM_STD_TIME)
+/*
+ * Make dummy function to prevent NULL pointer dereferences
+ */
+static mbedtls_time_t platform_time_uninit(mbedtls_time_t *timer)
+{
+    ((void) timer);
+    return 0;
+}
+
+#define MBEDTLS_PLATFORM_STD_TIME   platform_time_uninit
+#endif /* !MBEDTLS_PLATFORM_STD_TIME */
+
+mbedtls_time_t (*mbedtls_time)(mbedtls_time_t *timer) = MBEDTLS_PLATFORM_STD_TIME;
+
+int mbedtls_platform_set_time(mbedtls_time_t (*time_func)(mbedtls_time_t *timer))
+{
+    mbedtls_time = time_func;
+    return 0;
+}
+#endif /* MBEDTLS_PLATFORM_TIME_ALT */
+
+#endif /* MBEDTLS_HAVE_TIME */
+
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+#if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) && defined(MBEDTLS_FS_IO)
+/* Default implementations for the platform independent seed functions use
+ * standard libc file functions to read from and write to a pre-defined filename
+ */
+int mbedtls_platform_std_nv_seed_read(unsigned char *buf, size_t buf_len)
+{
+    FILE *file;
+    size_t n;
+
+    if ((file = fopen(MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "rb")) == NULL) {
+        return -1;
+    }
+
+    if ((n = fread(buf, 1, buf_len, file)) != buf_len) {
+        fclose(file);
+        mbedtls_platform_zeroize(buf, buf_len);
+        return -1;
+    }
+
+    fclose(file);
+    return (int) n;
+}
+
+int mbedtls_platform_std_nv_seed_write(unsigned char *buf, size_t buf_len)
+{
+    FILE *file;
+    size_t n;
+
+    if ((file = fopen(MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "w")) == NULL) {
+        return -1;
+    }
+
+    if ((n = fwrite(buf, 1, buf_len, file)) != buf_len) {
+        fclose(file);
+        return -1;
+    }
+
+    fclose(file);
+    return (int) n;
+}
+#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */
+
+#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
+#if !defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ)
+/*
+ * Make dummy function to prevent NULL pointer dereferences
+ */
+static int platform_nv_seed_read_uninit(unsigned char *buf, size_t buf_len)
+{
+    ((void) buf);
+    ((void) buf_len);
+    return -1;
+}
+
+#define MBEDTLS_PLATFORM_STD_NV_SEED_READ   platform_nv_seed_read_uninit
+#endif /* !MBEDTLS_PLATFORM_STD_NV_SEED_READ */
+
+#if !defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE)
+/*
+ * Make dummy function to prevent NULL pointer dereferences
+ */
+static int platform_nv_seed_write_uninit(unsigned char *buf, size_t buf_len)
+{
+    ((void) buf);
+    ((void) buf_len);
+    return -1;
+}
+
+#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE   platform_nv_seed_write_uninit
+#endif /* !MBEDTLS_PLATFORM_STD_NV_SEED_WRITE */
+
+int (*mbedtls_nv_seed_read)(unsigned char *buf, size_t buf_len) =
+    MBEDTLS_PLATFORM_STD_NV_SEED_READ;
+int (*mbedtls_nv_seed_write)(unsigned char *buf, size_t buf_len) =
+    MBEDTLS_PLATFORM_STD_NV_SEED_WRITE;
+
+int mbedtls_platform_set_nv_seed(
+    int (*nv_seed_read_func)(unsigned char *buf, size_t buf_len),
+    int (*nv_seed_write_func)(unsigned char *buf, size_t buf_len))
+{
+    mbedtls_nv_seed_read = nv_seed_read_func;
+    mbedtls_nv_seed_write = nv_seed_write_func;
+    return 0;
+}
+#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */
+#endif /* MBEDTLS_ENTROPY_NV_SEED */
+
+#if !defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT)
+/*
+ * Placeholder platform setup that does nothing by default
+ */
+int mbedtls_platform_setup(mbedtls_platform_context *ctx)
+{
+    (void) ctx;
+
+    return 0;
+}
+
+/*
+ * Placeholder platform teardown that does nothing by default
+ */
+void mbedtls_platform_teardown(mbedtls_platform_context *ctx)
+{
+    (void) ctx;
+}
+#endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */
+
+#endif /* MBEDTLS_PLATFORM_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/platform_util.c b/3rdparty/mbedtls-2.28.7/library/platform_util.c
new file mode 100644
index 0000000..a86b07f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/platform_util.c
@@ -0,0 +1,123 @@
+/*
+ * Common and shared functions used by multiple modules in the Mbed TLS
+ * library.
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ * Ensure gmtime_r is available even with -std=c99; must be defined before
+ * config.h, which pulls in glibc's features.h. Harmless on other platforms.
+ */
+#if !defined(_POSIX_C_SOURCE)
+#define _POSIX_C_SOURCE 200112L
+#endif
+
+#include "common.h"
+
+#include "mbedtls/platform_util.h"
+#include "mbedtls/platform.h"
+#include "mbedtls/threading.h"
+
+#include <stddef.h>
+#include <string.h>
+
+#if !defined(MBEDTLS_PLATFORM_ZEROIZE_ALT)
+/*
+ * This implementation should never be optimized out by the compiler
+ *
+ * This implementation for mbedtls_platform_zeroize() was inspired from Colin
+ * Percival's blog article at:
+ *
+ * http://www.daemonology.net/blog/2014-09-04-how-to-zero-a-buffer.html
+ *
+ * It uses a volatile function pointer to the standard memset(). Because the
+ * pointer is volatile the compiler expects it to change at
+ * any time and will not optimize out the call that could potentially perform
+ * other operations on the input buffer instead of just setting it to 0.
+ * Nevertheless, as pointed out by davidtgoldblatt on Hacker News
+ * (refer to http://www.daemonology.net/blog/2014-09-05-erratum.html for
+ * details), optimizations of the following form are still possible:
+ *
+ * if( memset_func != memset )
+ *     memset_func( buf, 0, len );
+ *
+ * Note that it is extremely difficult to guarantee that
+ * mbedtls_platform_zeroize() will not be optimized out by aggressive compilers
+ * in a portable way. For this reason, Mbed TLS also provides the configuration
+ * option MBEDTLS_PLATFORM_ZEROIZE_ALT, which allows users to configure
+ * mbedtls_platform_zeroize() to use a suitable implementation for their
+ * platform and needs.
+ */
+static void *(*const volatile memset_func)(void *, int, size_t) = memset;
+
+void mbedtls_platform_zeroize(void *buf, size_t len)
+{
+    MBEDTLS_INTERNAL_VALIDATE(len == 0 || buf != NULL);
+
+    if (len > 0) {
+        memset_func(buf, 0, len);
+    }
+}
+#endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */
+
+#if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_PLATFORM_GMTIME_R_ALT)
+#include <time.h>
+#if !defined(_WIN32) && (defined(unix) || \
+    defined(__unix) || defined(__unix__) || (defined(__APPLE__) && \
+    defined(__MACH__)))
+#include <unistd.h>
+#endif /* !_WIN32 && (unix || __unix || __unix__ ||
+        * (__APPLE__ && __MACH__)) */
+
+#if !((defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L) ||     \
+    (defined(_POSIX_THREAD_SAFE_FUNCTIONS) &&                     \
+    _POSIX_THREAD_SAFE_FUNCTIONS >= 200112L))
+/*
+ * This is a convenience shorthand macro to avoid checking the long
+ * preprocessor conditions above. Ideally, we could expose this macro in
+ * platform_util.h and simply use it in platform_util.c, threading.c and
+ * threading.h. However, this macro is not part of the Mbed TLS public API, so
+ * we keep it private by only defining it in this file
+ */
+#if !(defined(_WIN32) && !defined(EFIX64) && !defined(EFI32))
+#define PLATFORM_UTIL_USE_GMTIME
+#endif /* ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) ) */
+
+#endif /* !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \
+             ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \
+                _POSIX_THREAD_SAFE_FUNCTIONS >= 200112L ) ) */
+
+struct tm *mbedtls_platform_gmtime_r(const mbedtls_time_t *tt,
+                                     struct tm *tm_buf)
+{
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+    return (gmtime_s(tm_buf, tt) == 0) ? tm_buf : NULL;
+#elif !defined(PLATFORM_UTIL_USE_GMTIME)
+    return gmtime_r(tt, tm_buf);
+#else
+    struct tm *lt;
+
+#if defined(MBEDTLS_THREADING_C)
+    if (mbedtls_mutex_lock(&mbedtls_threading_gmtime_mutex) != 0) {
+        return NULL;
+    }
+#endif /* MBEDTLS_THREADING_C */
+
+    lt = gmtime(tt);
+
+    if (lt != NULL) {
+        memcpy(tm_buf, lt, sizeof(struct tm));
+    }
+
+#if defined(MBEDTLS_THREADING_C)
+    if (mbedtls_mutex_unlock(&mbedtls_threading_gmtime_mutex) != 0) {
+        return NULL;
+    }
+#endif /* MBEDTLS_THREADING_C */
+
+    return (lt == NULL) ? NULL : tm_buf;
+#endif /* _WIN32 && !EFIX64 && !EFI32 */
+}
+#endif /* MBEDTLS_HAVE_TIME_DATE && MBEDTLS_PLATFORM_GMTIME_R_ALT */
diff --git a/3rdparty/mbedtls-2.28.7/library/poly1305.c b/3rdparty/mbedtls-2.28.7/library/poly1305.c
new file mode 100644
index 0000000..c781107
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/poly1305.c
@@ -0,0 +1,511 @@
+/**
+ * \file poly1305.c
+ *
+ * \brief Poly1305 authentication algorithm.
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#include "common.h"
+
+#if defined(MBEDTLS_POLY1305_C)
+
+#include "mbedtls/poly1305.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_POLY1305_ALT)
+
+/* Parameter validation macros */
+#define POLY1305_VALIDATE_RET(cond)                                       \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA)
+#define POLY1305_VALIDATE(cond)                                           \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+#define POLY1305_BLOCK_SIZE_BYTES (16U)
+
+/*
+ * Our implementation is tuned for 32-bit platforms with a 64-bit multiplier.
+ * However we provided an alternative for platforms without such a multiplier.
+ */
+#if defined(MBEDTLS_NO_64BIT_MULTIPLICATION)
+static uint64_t mul64(uint32_t a, uint32_t b)
+{
+    /* a = al + 2**16 ah, b = bl + 2**16 bh */
+    const uint16_t al = (uint16_t) a;
+    const uint16_t bl = (uint16_t) b;
+    const uint16_t ah = a >> 16;
+    const uint16_t bh = b >> 16;
+
+    /* ab = al*bl + 2**16 (ah*bl + bl*bh) + 2**32 ah*bh */
+    const uint32_t lo = (uint32_t) al * bl;
+    const uint64_t me = (uint64_t) ((uint32_t) ah * bl) + (uint32_t) al * bh;
+    const uint32_t hi = (uint32_t) ah * bh;
+
+    return lo + (me << 16) + ((uint64_t) hi << 32);
+}
+#else
+static inline uint64_t mul64(uint32_t a, uint32_t b)
+{
+    return (uint64_t) a * b;
+}
+#endif
+
+
+/**
+ * \brief                   Process blocks with Poly1305.
+ *
+ * \param ctx               The Poly1305 context.
+ * \param nblocks           Number of blocks to process. Note that this
+ *                          function only processes full blocks.
+ * \param input             Buffer containing the input block(s).
+ * \param needs_padding     Set to 0 if the padding bit has already been
+ *                          applied to the input data before calling this
+ *                          function.  Otherwise, set this parameter to 1.
+ */
+static void poly1305_process(mbedtls_poly1305_context *ctx,
+                             size_t nblocks,
+                             const unsigned char *input,
+                             uint32_t needs_padding)
+{
+    uint64_t d0, d1, d2, d3;
+    uint32_t acc0, acc1, acc2, acc3, acc4;
+    uint32_t r0, r1, r2, r3;
+    uint32_t rs1, rs2, rs3;
+    size_t offset  = 0U;
+    size_t i;
+
+    r0 = ctx->r[0];
+    r1 = ctx->r[1];
+    r2 = ctx->r[2];
+    r3 = ctx->r[3];
+
+    rs1 = r1 + (r1 >> 2U);
+    rs2 = r2 + (r2 >> 2U);
+    rs3 = r3 + (r3 >> 2U);
+
+    acc0 = ctx->acc[0];
+    acc1 = ctx->acc[1];
+    acc2 = ctx->acc[2];
+    acc3 = ctx->acc[3];
+    acc4 = ctx->acc[4];
+
+    /* Process full blocks */
+    for (i = 0U; i < nblocks; i++) {
+        /* The input block is treated as a 128-bit little-endian integer */
+        d0   = MBEDTLS_GET_UINT32_LE(input, offset + 0);
+        d1   = MBEDTLS_GET_UINT32_LE(input, offset + 4);
+        d2   = MBEDTLS_GET_UINT32_LE(input, offset + 8);
+        d3   = MBEDTLS_GET_UINT32_LE(input, offset + 12);
+
+        /* Compute: acc += (padded) block as a 130-bit integer */
+        d0  += (uint64_t) acc0;
+        d1  += (uint64_t) acc1 + (d0 >> 32U);
+        d2  += (uint64_t) acc2 + (d1 >> 32U);
+        d3  += (uint64_t) acc3 + (d2 >> 32U);
+        acc0 = (uint32_t) d0;
+        acc1 = (uint32_t) d1;
+        acc2 = (uint32_t) d2;
+        acc3 = (uint32_t) d3;
+        acc4 += (uint32_t) (d3 >> 32U) + needs_padding;
+
+        /* Compute: acc *= r */
+        d0 = mul64(acc0, r0) +
+             mul64(acc1, rs3) +
+             mul64(acc2, rs2) +
+             mul64(acc3, rs1);
+        d1 = mul64(acc0, r1) +
+             mul64(acc1, r0) +
+             mul64(acc2, rs3) +
+             mul64(acc3, rs2) +
+             mul64(acc4, rs1);
+        d2 = mul64(acc0, r2) +
+             mul64(acc1, r1) +
+             mul64(acc2, r0) +
+             mul64(acc3, rs3) +
+             mul64(acc4, rs2);
+        d3 = mul64(acc0, r3) +
+             mul64(acc1, r2) +
+             mul64(acc2, r1) +
+             mul64(acc3, r0) +
+             mul64(acc4, rs3);
+        acc4 *= r0;
+
+        /* Compute: acc %= (2^130 - 5) (partial remainder) */
+        d1 += (d0 >> 32);
+        d2 += (d1 >> 32);
+        d3 += (d2 >> 32);
+        acc0 = (uint32_t) d0;
+        acc1 = (uint32_t) d1;
+        acc2 = (uint32_t) d2;
+        acc3 = (uint32_t) d3;
+        acc4 = (uint32_t) (d3 >> 32) + acc4;
+
+        d0 = (uint64_t) acc0 + (acc4 >> 2) + (acc4 & 0xFFFFFFFCU);
+        acc4 &= 3U;
+        acc0 = (uint32_t) d0;
+        d0 = (uint64_t) acc1 + (d0 >> 32U);
+        acc1 = (uint32_t) d0;
+        d0 = (uint64_t) acc2 + (d0 >> 32U);
+        acc2 = (uint32_t) d0;
+        d0 = (uint64_t) acc3 + (d0 >> 32U);
+        acc3 = (uint32_t) d0;
+        d0 = (uint64_t) acc4 + (d0 >> 32U);
+        acc4 = (uint32_t) d0;
+
+        offset    += POLY1305_BLOCK_SIZE_BYTES;
+    }
+
+    ctx->acc[0] = acc0;
+    ctx->acc[1] = acc1;
+    ctx->acc[2] = acc2;
+    ctx->acc[3] = acc3;
+    ctx->acc[4] = acc4;
+}
+
+/**
+ * \brief                   Compute the Poly1305 MAC
+ *
+ * \param ctx               The Poly1305 context.
+ * \param mac               The buffer to where the MAC is written. Must be
+ *                          big enough to contain the 16-byte MAC.
+ */
+static void poly1305_compute_mac(const mbedtls_poly1305_context *ctx,
+                                 unsigned char mac[16])
+{
+    uint64_t d;
+    uint32_t g0, g1, g2, g3, g4;
+    uint32_t acc0, acc1, acc2, acc3, acc4;
+    uint32_t mask;
+    uint32_t mask_inv;
+
+    acc0 = ctx->acc[0];
+    acc1 = ctx->acc[1];
+    acc2 = ctx->acc[2];
+    acc3 = ctx->acc[3];
+    acc4 = ctx->acc[4];
+
+    /* Before adding 's' we ensure that the accumulator is mod 2^130 - 5.
+     * We do this by calculating acc - (2^130 - 5), then checking if
+     * the 131st bit is set. If it is, then reduce: acc -= (2^130 - 5)
+     */
+
+    /* Calculate acc + -(2^130 - 5) */
+    d  = ((uint64_t) acc0 + 5U);
+    g0 = (uint32_t) d;
+    d  = ((uint64_t) acc1 + (d >> 32));
+    g1 = (uint32_t) d;
+    d  = ((uint64_t) acc2 + (d >> 32));
+    g2 = (uint32_t) d;
+    d  = ((uint64_t) acc3 + (d >> 32));
+    g3 = (uint32_t) d;
+    g4 = acc4 + (uint32_t) (d >> 32U);
+
+    /* mask == 0xFFFFFFFF if 131st bit is set, otherwise mask == 0 */
+    mask = (uint32_t) 0U - (g4 >> 2U);
+    mask_inv = ~mask;
+
+    /* If 131st bit is set then acc=g, otherwise, acc is unmodified */
+    acc0 = (acc0 & mask_inv) | (g0 & mask);
+    acc1 = (acc1 & mask_inv) | (g1 & mask);
+    acc2 = (acc2 & mask_inv) | (g2 & mask);
+    acc3 = (acc3 & mask_inv) | (g3 & mask);
+
+    /* Add 's' */
+    d = (uint64_t) acc0 + ctx->s[0];
+    acc0 = (uint32_t) d;
+    d = (uint64_t) acc1 + ctx->s[1] + (d >> 32U);
+    acc1 = (uint32_t) d;
+    d = (uint64_t) acc2 + ctx->s[2] + (d >> 32U);
+    acc2 = (uint32_t) d;
+    acc3 += ctx->s[3] + (uint32_t) (d >> 32U);
+
+    /* Compute MAC (128 least significant bits of the accumulator) */
+    MBEDTLS_PUT_UINT32_LE(acc0, mac,  0);
+    MBEDTLS_PUT_UINT32_LE(acc1, mac,  4);
+    MBEDTLS_PUT_UINT32_LE(acc2, mac,  8);
+    MBEDTLS_PUT_UINT32_LE(acc3, mac, 12);
+}
+
+void mbedtls_poly1305_init(mbedtls_poly1305_context *ctx)
+{
+    POLY1305_VALIDATE(ctx != NULL);
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_poly1305_context));
+}
+
+void mbedtls_poly1305_free(mbedtls_poly1305_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_poly1305_context));
+}
+
+int mbedtls_poly1305_starts(mbedtls_poly1305_context *ctx,
+                            const unsigned char key[32])
+{
+    POLY1305_VALIDATE_RET(ctx != NULL);
+    POLY1305_VALIDATE_RET(key != NULL);
+
+    /* r &= 0x0ffffffc0ffffffc0ffffffc0fffffff */
+    ctx->r[0] = MBEDTLS_GET_UINT32_LE(key, 0)  & 0x0FFFFFFFU;
+    ctx->r[1] = MBEDTLS_GET_UINT32_LE(key, 4)  & 0x0FFFFFFCU;
+    ctx->r[2] = MBEDTLS_GET_UINT32_LE(key, 8)  & 0x0FFFFFFCU;
+    ctx->r[3] = MBEDTLS_GET_UINT32_LE(key, 12) & 0x0FFFFFFCU;
+
+    ctx->s[0] = MBEDTLS_GET_UINT32_LE(key, 16);
+    ctx->s[1] = MBEDTLS_GET_UINT32_LE(key, 20);
+    ctx->s[2] = MBEDTLS_GET_UINT32_LE(key, 24);
+    ctx->s[3] = MBEDTLS_GET_UINT32_LE(key, 28);
+
+    /* Initial accumulator state */
+    ctx->acc[0] = 0U;
+    ctx->acc[1] = 0U;
+    ctx->acc[2] = 0U;
+    ctx->acc[3] = 0U;
+    ctx->acc[4] = 0U;
+
+    /* Queue initially empty */
+    mbedtls_platform_zeroize(ctx->queue, sizeof(ctx->queue));
+    ctx->queue_len = 0U;
+
+    return 0;
+}
+
+int mbedtls_poly1305_update(mbedtls_poly1305_context *ctx,
+                            const unsigned char *input,
+                            size_t ilen)
+{
+    size_t offset    = 0U;
+    size_t remaining = ilen;
+    size_t queue_free_len;
+    size_t nblocks;
+    POLY1305_VALIDATE_RET(ctx != NULL);
+    POLY1305_VALIDATE_RET(ilen == 0 || input != NULL);
+
+    if ((remaining > 0U) && (ctx->queue_len > 0U)) {
+        queue_free_len = (POLY1305_BLOCK_SIZE_BYTES - ctx->queue_len);
+
+        if (ilen < queue_free_len) {
+            /* Not enough data to complete the block.
+             * Store this data with the other leftovers.
+             */
+            memcpy(&ctx->queue[ctx->queue_len],
+                   input,
+                   ilen);
+
+            ctx->queue_len += ilen;
+
+            remaining = 0U;
+        } else {
+            /* Enough data to produce a complete block */
+            memcpy(&ctx->queue[ctx->queue_len],
+                   input,
+                   queue_free_len);
+
+            ctx->queue_len = 0U;
+
+            poly1305_process(ctx, 1U, ctx->queue, 1U);   /* add padding bit */
+
+            offset    += queue_free_len;
+            remaining -= queue_free_len;
+        }
+    }
+
+    if (remaining >= POLY1305_BLOCK_SIZE_BYTES) {
+        nblocks = remaining / POLY1305_BLOCK_SIZE_BYTES;
+
+        poly1305_process(ctx, nblocks, &input[offset], 1U);
+
+        offset += nblocks * POLY1305_BLOCK_SIZE_BYTES;
+        remaining %= POLY1305_BLOCK_SIZE_BYTES;
+    }
+
+    if (remaining > 0U) {
+        /* Store partial block */
+        ctx->queue_len = remaining;
+        memcpy(ctx->queue, &input[offset], remaining);
+    }
+
+    return 0;
+}
+
+int mbedtls_poly1305_finish(mbedtls_poly1305_context *ctx,
+                            unsigned char mac[16])
+{
+    POLY1305_VALIDATE_RET(ctx != NULL);
+    POLY1305_VALIDATE_RET(mac != NULL);
+
+    /* Process any leftover data */
+    if (ctx->queue_len > 0U) {
+        /* Add padding bit */
+        ctx->queue[ctx->queue_len] = 1U;
+        ctx->queue_len++;
+
+        /* Pad with zeroes */
+        memset(&ctx->queue[ctx->queue_len],
+               0,
+               POLY1305_BLOCK_SIZE_BYTES - ctx->queue_len);
+
+        poly1305_process(ctx, 1U,           /* Process 1 block */
+                         ctx->queue, 0U);   /* Already padded above */
+    }
+
+    poly1305_compute_mac(ctx, mac);
+
+    return 0;
+}
+
+int mbedtls_poly1305_mac(const unsigned char key[32],
+                         const unsigned char *input,
+                         size_t ilen,
+                         unsigned char mac[16])
+{
+    mbedtls_poly1305_context ctx;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    POLY1305_VALIDATE_RET(key != NULL);
+    POLY1305_VALIDATE_RET(mac != NULL);
+    POLY1305_VALIDATE_RET(ilen == 0 || input != NULL);
+
+    mbedtls_poly1305_init(&ctx);
+
+    ret = mbedtls_poly1305_starts(&ctx, key);
+    if (ret != 0) {
+        goto cleanup;
+    }
+
+    ret = mbedtls_poly1305_update(&ctx, input, ilen);
+    if (ret != 0) {
+        goto cleanup;
+    }
+
+    ret = mbedtls_poly1305_finish(&ctx, mac);
+
+cleanup:
+    mbedtls_poly1305_free(&ctx);
+    return ret;
+}
+
+#endif /* MBEDTLS_POLY1305_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+static const unsigned char test_keys[2][32] =
+{
+    {
+        0x85, 0xd6, 0xbe, 0x78, 0x57, 0x55, 0x6d, 0x33,
+        0x7f, 0x44, 0x52, 0xfe, 0x42, 0xd5, 0x06, 0xa8,
+        0x01, 0x03, 0x80, 0x8a, 0xfb, 0x0d, 0xb2, 0xfd,
+        0x4a, 0xbf, 0xf6, 0xaf, 0x41, 0x49, 0xf5, 0x1b
+    },
+    {
+        0x1c, 0x92, 0x40, 0xa5, 0xeb, 0x55, 0xd3, 0x8a,
+        0xf3, 0x33, 0x88, 0x86, 0x04, 0xf6, 0xb5, 0xf0,
+        0x47, 0x39, 0x17, 0xc1, 0x40, 0x2b, 0x80, 0x09,
+        0x9d, 0xca, 0x5c, 0xbc, 0x20, 0x70, 0x75, 0xc0
+    }
+};
+
+static const unsigned char test_data[2][127] =
+{
+    {
+        0x43, 0x72, 0x79, 0x70, 0x74, 0x6f, 0x67, 0x72,
+        0x61, 0x70, 0x68, 0x69, 0x63, 0x20, 0x46, 0x6f,
+        0x72, 0x75, 0x6d, 0x20, 0x52, 0x65, 0x73, 0x65,
+        0x61, 0x72, 0x63, 0x68, 0x20, 0x47, 0x72, 0x6f,
+        0x75, 0x70
+    },
+    {
+        0x27, 0x54, 0x77, 0x61, 0x73, 0x20, 0x62, 0x72,
+        0x69, 0x6c, 0x6c, 0x69, 0x67, 0x2c, 0x20, 0x61,
+        0x6e, 0x64, 0x20, 0x74, 0x68, 0x65, 0x20, 0x73,
+        0x6c, 0x69, 0x74, 0x68, 0x79, 0x20, 0x74, 0x6f,
+        0x76, 0x65, 0x73, 0x0a, 0x44, 0x69, 0x64, 0x20,
+        0x67, 0x79, 0x72, 0x65, 0x20, 0x61, 0x6e, 0x64,
+        0x20, 0x67, 0x69, 0x6d, 0x62, 0x6c, 0x65, 0x20,
+        0x69, 0x6e, 0x20, 0x74, 0x68, 0x65, 0x20, 0x77,
+        0x61, 0x62, 0x65, 0x3a, 0x0a, 0x41, 0x6c, 0x6c,
+        0x20, 0x6d, 0x69, 0x6d, 0x73, 0x79, 0x20, 0x77,
+        0x65, 0x72, 0x65, 0x20, 0x74, 0x68, 0x65, 0x20,
+        0x62, 0x6f, 0x72, 0x6f, 0x67, 0x6f, 0x76, 0x65,
+        0x73, 0x2c, 0x0a, 0x41, 0x6e, 0x64, 0x20, 0x74,
+        0x68, 0x65, 0x20, 0x6d, 0x6f, 0x6d, 0x65, 0x20,
+        0x72, 0x61, 0x74, 0x68, 0x73, 0x20, 0x6f, 0x75,
+        0x74, 0x67, 0x72, 0x61, 0x62, 0x65, 0x2e
+    }
+};
+
+static const size_t test_data_len[2] =
+{
+    34U,
+    127U
+};
+
+static const unsigned char test_mac[2][16] =
+{
+    {
+        0xa8, 0x06, 0x1d, 0xc1, 0x30, 0x51, 0x36, 0xc6,
+        0xc2, 0x2b, 0x8b, 0xaf, 0x0c, 0x01, 0x27, 0xa9
+    },
+    {
+        0x45, 0x41, 0x66, 0x9a, 0x7e, 0xaa, 0xee, 0x61,
+        0xe7, 0x08, 0xdc, 0x7c, 0xbc, 0xc5, 0xeb, 0x62
+    }
+};
+
+/* Make sure no other definition is already present. */
+#undef ASSERT
+
+#define ASSERT(cond, args)            \
+    do                                  \
+    {                                   \
+        if (!(cond))                \
+        {                               \
+            if (verbose != 0)          \
+            mbedtls_printf args;    \
+                                        \
+            return -1;               \
+        }                               \
+    }                                   \
+    while (0)
+
+int mbedtls_poly1305_self_test(int verbose)
+{
+    unsigned char mac[16];
+    unsigned i;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    for (i = 0U; i < 2U; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  Poly1305 test %u ", i);
+        }
+
+        ret = mbedtls_poly1305_mac(test_keys[i],
+                                   test_data[i],
+                                   test_data_len[i],
+                                   mac);
+        ASSERT(0 == ret, ("error code: %i\n", ret));
+
+        ASSERT(0 == memcmp(mac, test_mac[i], 16U), ("failed (mac)\n"));
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+    return 0;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_POLY1305_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto.c b/3rdparty/mbedtls-2.28.7/library/psa_crypto.c
new file mode 100644
index 0000000..533ded6
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto.c
@@ -0,0 +1,5514 @@
+/*
+ *  PSA crypto layer on top of Mbed TLS crypto
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
+#include "check_crypto_config.h"
+#endif
+
+#include "psa/crypto.h"
+
+#include "psa_crypto_cipher.h"
+#include "psa_crypto_core.h"
+#include "psa_crypto_invasive.h"
+#include "psa_crypto_driver_wrappers.h"
+#include "psa_crypto_ecp.h"
+#include "psa_crypto_hash.h"
+#include "psa_crypto_mac.h"
+#include "psa_crypto_rsa.h"
+#include "psa_crypto_ecp.h"
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+#include "psa_crypto_se.h"
+#endif
+#include "psa_crypto_slot_management.h"
+/* Include internal declarations that are useful for implementing persistently
+ * stored keys. */
+#include "psa_crypto_storage.h"
+
+#include "psa_crypto_random_impl.h"
+
+#include <stdlib.h>
+#include <string.h>
+#include "mbedtls/platform.h"
+
+#include "mbedtls/aes.h"
+#include "mbedtls/arc4.h"
+#include "mbedtls/asn1.h"
+#include "mbedtls/asn1write.h"
+#include "mbedtls/bignum.h"
+#include "mbedtls/blowfish.h"
+#include "mbedtls/camellia.h"
+#include "mbedtls/chacha20.h"
+#include "mbedtls/chachapoly.h"
+#include "mbedtls/cipher.h"
+#include "mbedtls/ccm.h"
+#include "mbedtls/cmac.h"
+#include "mbedtls/des.h"
+#include "mbedtls/ecdh.h"
+#include "mbedtls/ecp.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/error.h"
+#include "mbedtls/gcm.h"
+#include "mbedtls/md2.h"
+#include "mbedtls/md4.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/md.h"
+#include "mbedtls/md_internal.h"
+#include "mbedtls/pk.h"
+#include "mbedtls/pk_internal.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+#include "mbedtls/ripemd160.h"
+#include "mbedtls/rsa.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+#include "mbedtls/xtea.h"
+
+#define ARRAY_LENGTH(array) (sizeof(array) / sizeof(*(array)))
+
+/****************************************************************/
+/* Global data, support functions and library management */
+/****************************************************************/
+
+static int key_type_is_raw_bytes(psa_key_type_t type)
+{
+    return PSA_KEY_TYPE_IS_UNSTRUCTURED(type);
+}
+
+/* Values for psa_global_data_t::rng_state */
+#define RNG_NOT_INITIALIZED 0
+#define RNG_INITIALIZED 1
+#define RNG_SEEDED 2
+
+typedef struct {
+    unsigned initialized : 1;
+    unsigned rng_state : 2;
+    mbedtls_psa_random_context_t rng;
+} psa_global_data_t;
+
+static psa_global_data_t global_data;
+
+#if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state =
+    &global_data.rng.drbg;
+#endif
+
+#define GUARD_MODULE_INITIALIZED        \
+    if (global_data.initialized == 0)  \
+    return PSA_ERROR_BAD_STATE;
+
+psa_status_t mbedtls_to_psa_error(int ret)
+{
+    /* Mbed TLS error codes can combine a high-level error code and a
+     * low-level error code. The low-level error usually reflects the
+     * root cause better, so dispatch on that preferably. */
+    int low_level_ret = -(-ret & 0x007f);
+    switch (low_level_ret != 0 ? low_level_ret : ret) {
+        case 0:
+            return PSA_SUCCESS;
+
+        case MBEDTLS_ERR_AES_INVALID_KEY_LENGTH:
+        case MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH:
+        case MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE:
+            return PSA_ERROR_NOT_SUPPORTED;
+        case MBEDTLS_ERR_AES_HW_ACCEL_FAILED:
+            return PSA_ERROR_HARDWARE_FAILURE;
+
+        case MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED:
+            return PSA_ERROR_HARDWARE_FAILURE;
+
+        case MBEDTLS_ERR_ASN1_OUT_OF_DATA:
+        case MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:
+        case MBEDTLS_ERR_ASN1_INVALID_LENGTH:
+        case MBEDTLS_ERR_ASN1_LENGTH_MISMATCH:
+        case MBEDTLS_ERR_ASN1_INVALID_DATA:
+            return PSA_ERROR_INVALID_ARGUMENT;
+        case MBEDTLS_ERR_ASN1_ALLOC_FAILED:
+            return PSA_ERROR_INSUFFICIENT_MEMORY;
+        case MBEDTLS_ERR_ASN1_BUF_TOO_SMALL:
+            return PSA_ERROR_BUFFER_TOO_SMALL;
+
+#if defined(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA)
+        case MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA:
+#elif defined(MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH)
+        case MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH:
+#endif
+        case MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH:
+            return PSA_ERROR_NOT_SUPPORTED;
+        case MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED:
+            return PSA_ERROR_HARDWARE_FAILURE;
+
+#if defined(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA)
+        case MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA:
+#elif defined(MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH)
+        case MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH:
+#endif
+        case MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH:
+            return PSA_ERROR_NOT_SUPPORTED;
+        case MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED:
+            return PSA_ERROR_HARDWARE_FAILURE;
+
+        case MBEDTLS_ERR_CCM_BAD_INPUT:
+            return PSA_ERROR_INVALID_ARGUMENT;
+        case MBEDTLS_ERR_CCM_AUTH_FAILED:
+            return PSA_ERROR_INVALID_SIGNATURE;
+        case MBEDTLS_ERR_CCM_HW_ACCEL_FAILED:
+            return PSA_ERROR_HARDWARE_FAILURE;
+
+        case MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA:
+            return PSA_ERROR_INVALID_ARGUMENT;
+
+        case MBEDTLS_ERR_CHACHAPOLY_BAD_STATE:
+            return PSA_ERROR_BAD_STATE;
+        case MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED:
+            return PSA_ERROR_INVALID_SIGNATURE;
+
+        case MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:
+            return PSA_ERROR_NOT_SUPPORTED;
+        case MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA:
+            return PSA_ERROR_INVALID_ARGUMENT;
+        case MBEDTLS_ERR_CIPHER_ALLOC_FAILED:
+            return PSA_ERROR_INSUFFICIENT_MEMORY;
+        case MBEDTLS_ERR_CIPHER_INVALID_PADDING:
+            return PSA_ERROR_INVALID_PADDING;
+        case MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED:
+            return PSA_ERROR_INVALID_ARGUMENT;
+        case MBEDTLS_ERR_CIPHER_AUTH_FAILED:
+            return PSA_ERROR_INVALID_SIGNATURE;
+        case MBEDTLS_ERR_CIPHER_INVALID_CONTEXT:
+            return PSA_ERROR_CORRUPTION_DETECTED;
+        case MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED:
+            return PSA_ERROR_HARDWARE_FAILURE;
+
+        case MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED:
+            return PSA_ERROR_HARDWARE_FAILURE;
+
+#if !(defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) ||      \
+            defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE))
+        /* Only check CTR_DRBG error codes if underlying mbedtls_xxx
+         * functions are passed a CTR_DRBG instance. */
+        case MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED:
+            return PSA_ERROR_INSUFFICIENT_ENTROPY;
+        case MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG:
+        case MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG:
+            return PSA_ERROR_NOT_SUPPORTED;
+        case MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR:
+            return PSA_ERROR_INSUFFICIENT_ENTROPY;
+#endif
+
+        case MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH:
+            return PSA_ERROR_NOT_SUPPORTED;
+        case MBEDTLS_ERR_DES_HW_ACCEL_FAILED:
+            return PSA_ERROR_HARDWARE_FAILURE;
+
+        case MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED:
+        case MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE:
+        case MBEDTLS_ERR_ENTROPY_SOURCE_FAILED:
+            return PSA_ERROR_INSUFFICIENT_ENTROPY;
+
+        case MBEDTLS_ERR_GCM_AUTH_FAILED:
+            return PSA_ERROR_INVALID_SIGNATURE;
+        case MBEDTLS_ERR_GCM_BAD_INPUT:
+            return PSA_ERROR_INVALID_ARGUMENT;
+        case MBEDTLS_ERR_GCM_HW_ACCEL_FAILED:
+            return PSA_ERROR_HARDWARE_FAILURE;
+
+#if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) &&        \
+            defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE)
+        /* Only check HMAC_DRBG error codes if underlying mbedtls_xxx
+         * functions are passed a HMAC_DRBG instance. */
+        case MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED:
+            return PSA_ERROR_INSUFFICIENT_ENTROPY;
+        case MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG:
+        case MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG:
+            return PSA_ERROR_NOT_SUPPORTED;
+        case MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR:
+            return PSA_ERROR_INSUFFICIENT_ENTROPY;
+#endif
+
+        case MBEDTLS_ERR_MD2_HW_ACCEL_FAILED:
+        case MBEDTLS_ERR_MD4_HW_ACCEL_FAILED:
+        case MBEDTLS_ERR_MD5_HW_ACCEL_FAILED:
+            return PSA_ERROR_HARDWARE_FAILURE;
+
+        case MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE:
+            return PSA_ERROR_NOT_SUPPORTED;
+        case MBEDTLS_ERR_MD_BAD_INPUT_DATA:
+            return PSA_ERROR_INVALID_ARGUMENT;
+        case MBEDTLS_ERR_MD_ALLOC_FAILED:
+            return PSA_ERROR_INSUFFICIENT_MEMORY;
+        case MBEDTLS_ERR_MD_FILE_IO_ERROR:
+            return PSA_ERROR_STORAGE_FAILURE;
+        case MBEDTLS_ERR_MD_HW_ACCEL_FAILED:
+            return PSA_ERROR_HARDWARE_FAILURE;
+
+        case MBEDTLS_ERR_MPI_FILE_IO_ERROR:
+            return PSA_ERROR_STORAGE_FAILURE;
+        case MBEDTLS_ERR_MPI_BAD_INPUT_DATA:
+            return PSA_ERROR_INVALID_ARGUMENT;
+        case MBEDTLS_ERR_MPI_INVALID_CHARACTER:
+            return PSA_ERROR_INVALID_ARGUMENT;
+        case MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL:
+            return PSA_ERROR_BUFFER_TOO_SMALL;
+        case MBEDTLS_ERR_MPI_NEGATIVE_VALUE:
+            return PSA_ERROR_INVALID_ARGUMENT;
+        case MBEDTLS_ERR_MPI_DIVISION_BY_ZERO:
+            return PSA_ERROR_INVALID_ARGUMENT;
+        case MBEDTLS_ERR_MPI_NOT_ACCEPTABLE:
+            return PSA_ERROR_INVALID_ARGUMENT;
+        case MBEDTLS_ERR_MPI_ALLOC_FAILED:
+            return PSA_ERROR_INSUFFICIENT_MEMORY;
+
+        case MBEDTLS_ERR_PK_ALLOC_FAILED:
+            return PSA_ERROR_INSUFFICIENT_MEMORY;
+        case MBEDTLS_ERR_PK_TYPE_MISMATCH:
+        case MBEDTLS_ERR_PK_BAD_INPUT_DATA:
+            return PSA_ERROR_INVALID_ARGUMENT;
+        case MBEDTLS_ERR_PK_FILE_IO_ERROR:
+            return PSA_ERROR_STORAGE_FAILURE;
+        case MBEDTLS_ERR_PK_KEY_INVALID_VERSION:
+        case MBEDTLS_ERR_PK_KEY_INVALID_FORMAT:
+            return PSA_ERROR_INVALID_ARGUMENT;
+        case MBEDTLS_ERR_PK_UNKNOWN_PK_ALG:
+            return PSA_ERROR_NOT_SUPPORTED;
+        case MBEDTLS_ERR_PK_PASSWORD_REQUIRED:
+        case MBEDTLS_ERR_PK_PASSWORD_MISMATCH:
+            return PSA_ERROR_NOT_PERMITTED;
+        case MBEDTLS_ERR_PK_INVALID_PUBKEY:
+            return PSA_ERROR_INVALID_ARGUMENT;
+        case MBEDTLS_ERR_PK_INVALID_ALG:
+        case MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE:
+        case MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE:
+            return PSA_ERROR_NOT_SUPPORTED;
+        case MBEDTLS_ERR_PK_SIG_LEN_MISMATCH:
+            return PSA_ERROR_INVALID_SIGNATURE;
+        case MBEDTLS_ERR_PK_HW_ACCEL_FAILED:
+            return PSA_ERROR_HARDWARE_FAILURE;
+
+        case MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED:
+            return PSA_ERROR_HARDWARE_FAILURE;
+        case MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED:
+            return PSA_ERROR_NOT_SUPPORTED;
+
+        case MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED:
+            return PSA_ERROR_HARDWARE_FAILURE;
+
+        case MBEDTLS_ERR_RSA_BAD_INPUT_DATA:
+            return PSA_ERROR_INVALID_ARGUMENT;
+        case MBEDTLS_ERR_RSA_INVALID_PADDING:
+            return PSA_ERROR_INVALID_PADDING;
+        case MBEDTLS_ERR_RSA_KEY_GEN_FAILED:
+            return PSA_ERROR_HARDWARE_FAILURE;
+        case MBEDTLS_ERR_RSA_KEY_CHECK_FAILED:
+            return PSA_ERROR_INVALID_ARGUMENT;
+        case MBEDTLS_ERR_RSA_PUBLIC_FAILED:
+        case MBEDTLS_ERR_RSA_PRIVATE_FAILED:
+            return PSA_ERROR_CORRUPTION_DETECTED;
+        case MBEDTLS_ERR_RSA_VERIFY_FAILED:
+            return PSA_ERROR_INVALID_SIGNATURE;
+        case MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE:
+            return PSA_ERROR_BUFFER_TOO_SMALL;
+        case MBEDTLS_ERR_RSA_RNG_FAILED:
+            return PSA_ERROR_INSUFFICIENT_ENTROPY;
+        case MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION:
+            return PSA_ERROR_NOT_SUPPORTED;
+        case MBEDTLS_ERR_RSA_HW_ACCEL_FAILED:
+            return PSA_ERROR_HARDWARE_FAILURE;
+
+        case MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED:
+        case MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED:
+        case MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED:
+            return PSA_ERROR_HARDWARE_FAILURE;
+
+        case MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH:
+            return PSA_ERROR_INVALID_ARGUMENT;
+        case MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED:
+            return PSA_ERROR_HARDWARE_FAILURE;
+
+        case MBEDTLS_ERR_ECP_BAD_INPUT_DATA:
+        case MBEDTLS_ERR_ECP_INVALID_KEY:
+            return PSA_ERROR_INVALID_ARGUMENT;
+        case MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL:
+            return PSA_ERROR_BUFFER_TOO_SMALL;
+        case MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:
+            return PSA_ERROR_NOT_SUPPORTED;
+        case MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH:
+        case MBEDTLS_ERR_ECP_VERIFY_FAILED:
+            return PSA_ERROR_INVALID_SIGNATURE;
+        case MBEDTLS_ERR_ECP_ALLOC_FAILED:
+            return PSA_ERROR_INSUFFICIENT_MEMORY;
+        case MBEDTLS_ERR_ECP_RANDOM_FAILED:
+            return PSA_ERROR_INSUFFICIENT_ENTROPY;
+        case MBEDTLS_ERR_ECP_HW_ACCEL_FAILED:
+            return PSA_ERROR_HARDWARE_FAILURE;
+
+        case MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED:
+            return PSA_ERROR_CORRUPTION_DETECTED;
+
+        default:
+            return PSA_ERROR_GENERIC_ERROR;
+    }
+}
+
+
+
+
+/****************************************************************/
+/* Key management */
+/****************************************************************/
+
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH)
+mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve,
+                                              size_t bits,
+                                              int bits_is_sloppy)
+{
+    switch (curve) {
+        case PSA_ECC_FAMILY_SECP_R1:
+            switch (bits) {
+#if defined(PSA_WANT_ECC_SECP_R1_192)
+                case 192:
+                    return MBEDTLS_ECP_DP_SECP192R1;
+#endif
+#if defined(PSA_WANT_ECC_SECP_R1_224)
+                case 224:
+                    return MBEDTLS_ECP_DP_SECP224R1;
+#endif
+#if defined(PSA_WANT_ECC_SECP_R1_256)
+                case 256:
+                    return MBEDTLS_ECP_DP_SECP256R1;
+#endif
+#if defined(PSA_WANT_ECC_SECP_R1_384)
+                case 384:
+                    return MBEDTLS_ECP_DP_SECP384R1;
+#endif
+#if defined(PSA_WANT_ECC_SECP_R1_521)
+                case 521:
+                    return MBEDTLS_ECP_DP_SECP521R1;
+                case 528:
+                    if (bits_is_sloppy) {
+                        return MBEDTLS_ECP_DP_SECP521R1;
+                    }
+                    break;
+#endif
+            }
+            break;
+
+        case PSA_ECC_FAMILY_BRAINPOOL_P_R1:
+            switch (bits) {
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
+                case 256:
+                    return MBEDTLS_ECP_DP_BP256R1;
+#endif
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
+                case 384:
+                    return MBEDTLS_ECP_DP_BP384R1;
+#endif
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
+                case 512:
+                    return MBEDTLS_ECP_DP_BP512R1;
+#endif
+            }
+            break;
+
+        case PSA_ECC_FAMILY_MONTGOMERY:
+            switch (bits) {
+#if defined(PSA_WANT_ECC_MONTGOMERY_255)
+                case 255:
+                    return MBEDTLS_ECP_DP_CURVE25519;
+                case 256:
+                    if (bits_is_sloppy) {
+                        return MBEDTLS_ECP_DP_CURVE25519;
+                    }
+                    break;
+#endif
+#if defined(PSA_WANT_ECC_MONTGOMERY_448)
+                case 448:
+                    return MBEDTLS_ECP_DP_CURVE448;
+#endif
+            }
+            break;
+
+        case PSA_ECC_FAMILY_SECP_K1:
+            switch (bits) {
+#if defined(PSA_WANT_ECC_SECP_K1_192)
+                case 192:
+                    return MBEDTLS_ECP_DP_SECP192K1;
+#endif
+#if defined(PSA_WANT_ECC_SECP_K1_224)
+                case 224:
+                    return MBEDTLS_ECP_DP_SECP224K1;
+#endif
+#if defined(PSA_WANT_ECC_SECP_K1_256)
+                case 256:
+                    return MBEDTLS_ECP_DP_SECP256K1;
+#endif
+            }
+            break;
+    }
+
+    (void) bits_is_sloppy;
+    return MBEDTLS_ECP_DP_NONE;
+}
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
+          defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ||
+          defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
+          defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) ||
+          defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */
+
+static psa_status_t validate_unstructured_key_bit_size(psa_key_type_t type,
+                                                       size_t bits)
+{
+    /* Check that the bit size is acceptable for the key type */
+    switch (type) {
+        case PSA_KEY_TYPE_RAW_DATA:
+        case PSA_KEY_TYPE_HMAC:
+        case PSA_KEY_TYPE_DERIVE:
+            break;
+#if defined(PSA_WANT_KEY_TYPE_AES)
+        case PSA_KEY_TYPE_AES:
+            if (bits != 128 && bits != 192 && bits != 256) {
+                return PSA_ERROR_INVALID_ARGUMENT;
+            }
+            break;
+#endif
+#if defined(PSA_WANT_KEY_TYPE_ARIA)
+        case PSA_KEY_TYPE_ARIA:
+            if (bits != 128 && bits != 192 && bits != 256) {
+                return PSA_ERROR_INVALID_ARGUMENT;
+            }
+            break;
+#endif
+#if defined(PSA_WANT_KEY_TYPE_CAMELLIA)
+        case PSA_KEY_TYPE_CAMELLIA:
+            if (bits != 128 && bits != 192 && bits != 256) {
+                return PSA_ERROR_INVALID_ARGUMENT;
+            }
+            break;
+#endif
+#if defined(PSA_WANT_KEY_TYPE_DES)
+        case PSA_KEY_TYPE_DES:
+            if (bits != 64 && bits != 128 && bits != 192) {
+                return PSA_ERROR_INVALID_ARGUMENT;
+            }
+            break;
+#endif
+#if defined(PSA_WANT_KEY_TYPE_ARC4)
+        case PSA_KEY_TYPE_ARC4:
+            if (bits < 8 || bits > 2048) {
+                return PSA_ERROR_INVALID_ARGUMENT;
+            }
+            break;
+#endif
+#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
+        case PSA_KEY_TYPE_CHACHA20:
+            if (bits != 256) {
+                return PSA_ERROR_INVALID_ARGUMENT;
+            }
+            break;
+#endif
+        default:
+            return PSA_ERROR_NOT_SUPPORTED;
+    }
+    if (bits % 8 != 0) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    return PSA_SUCCESS;
+}
+
+/** Check whether a given key type is valid for use with a given MAC algorithm
+ *
+ * Upon successful return of this function, the behavior of #PSA_MAC_LENGTH
+ * when called with the validated \p algorithm and \p key_type is well-defined.
+ *
+ * \param[in] algorithm     The specific MAC algorithm (can be wildcard).
+ * \param[in] key_type      The key type of the key to be used with the
+ *                          \p algorithm.
+ *
+ * \retval #PSA_SUCCESS
+ *         The \p key_type is valid for use with the \p algorithm
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         The \p key_type is not valid for use with the \p algorithm
+ */
+MBEDTLS_STATIC_TESTABLE psa_status_t psa_mac_key_can_do(
+    psa_algorithm_t algorithm,
+    psa_key_type_t key_type)
+{
+    if (PSA_ALG_IS_HMAC(algorithm)) {
+        if (key_type == PSA_KEY_TYPE_HMAC) {
+            return PSA_SUCCESS;
+        }
+    }
+
+    if (PSA_ALG_IS_BLOCK_CIPHER_MAC(algorithm)) {
+        /* Check that we're calling PSA_BLOCK_CIPHER_BLOCK_LENGTH with a cipher
+         * key. */
+        if ((key_type & PSA_KEY_TYPE_CATEGORY_MASK) ==
+            PSA_KEY_TYPE_CATEGORY_SYMMETRIC) {
+            /* PSA_BLOCK_CIPHER_BLOCK_LENGTH returns 1 for stream ciphers and
+             * the block length (larger than 1) for block ciphers. */
+            if (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) > 1) {
+                return PSA_SUCCESS;
+            }
+        }
+    }
+
+    return PSA_ERROR_INVALID_ARGUMENT;
+}
+
+psa_status_t psa_allocate_buffer_to_slot(psa_key_slot_t *slot,
+                                         size_t buffer_length)
+{
+    if (slot->key.data != NULL) {
+        return PSA_ERROR_ALREADY_EXISTS;
+    }
+
+    slot->key.data = mbedtls_calloc(1, buffer_length);
+    if (slot->key.data == NULL) {
+        return PSA_ERROR_INSUFFICIENT_MEMORY;
+    }
+
+    slot->key.bytes = buffer_length;
+    return PSA_SUCCESS;
+}
+
+psa_status_t psa_copy_key_material_into_slot(psa_key_slot_t *slot,
+                                             const uint8_t *data,
+                                             size_t data_length)
+{
+    psa_status_t status = psa_allocate_buffer_to_slot(slot,
+                                                      data_length);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    memcpy(slot->key.data, data, data_length);
+    return PSA_SUCCESS;
+}
+
+psa_status_t psa_import_key_into_slot(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *data, size_t data_length,
+    uint8_t *key_buffer, size_t key_buffer_size,
+    size_t *key_buffer_length, size_t *bits)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_type_t type = attributes->core.type;
+
+    /* zero-length keys are never supported. */
+    if (data_length == 0) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    if (key_type_is_raw_bytes(type)) {
+        *bits = PSA_BYTES_TO_BITS(data_length);
+
+        /* Ensure that the bytes-to-bits conversion hasn't overflown. */
+        if (data_length > SIZE_MAX / 8) {
+            return PSA_ERROR_NOT_SUPPORTED;
+        }
+
+        /* Enforce a size limit, and in particular ensure that the bit
+         * size fits in its representation type. */
+        if ((*bits) > PSA_MAX_KEY_BITS) {
+            return PSA_ERROR_NOT_SUPPORTED;
+        }
+
+        status = validate_unstructured_key_bit_size(type, *bits);
+        if (status != PSA_SUCCESS) {
+            return status;
+        }
+
+        /* Copy the key material. */
+        memcpy(key_buffer, data, data_length);
+        *key_buffer_length = data_length;
+        (void) key_buffer_size;
+
+        return PSA_SUCCESS;
+    } else if (PSA_KEY_TYPE_IS_ASYMMETRIC(type)) {
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+        defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
+        if (PSA_KEY_TYPE_IS_ECC(type)) {
+            return mbedtls_psa_ecp_import_key(attributes,
+                                              data, data_length,
+                                              key_buffer, key_buffer_size,
+                                              key_buffer_length,
+                                              bits);
+        }
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
+        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+        defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+        if (PSA_KEY_TYPE_IS_RSA(type)) {
+            return mbedtls_psa_rsa_import_key(attributes,
+                                              data, data_length,
+                                              key_buffer, key_buffer_size,
+                                              key_buffer_length,
+                                              bits);
+        }
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
+        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
+    }
+
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+/** Calculate the intersection of two algorithm usage policies.
+ *
+ * Return 0 (which allows no operation) on incompatibility.
+ */
+static psa_algorithm_t psa_key_policy_algorithm_intersection(
+    psa_key_type_t key_type,
+    psa_algorithm_t alg1,
+    psa_algorithm_t alg2)
+{
+    /* Common case: both sides actually specify the same policy. */
+    if (alg1 == alg2) {
+        return alg1;
+    }
+    /* If the policies are from the same hash-and-sign family, check
+     * if one is a wildcard. If so the other has the specific algorithm. */
+    if (PSA_ALG_IS_SIGN_HASH(alg1) &&
+        PSA_ALG_IS_SIGN_HASH(alg2) &&
+        (alg1 & ~PSA_ALG_HASH_MASK) == (alg2 & ~PSA_ALG_HASH_MASK)) {
+        if (PSA_ALG_SIGN_GET_HASH(alg1) == PSA_ALG_ANY_HASH) {
+            return alg2;
+        }
+        if (PSA_ALG_SIGN_GET_HASH(alg2) == PSA_ALG_ANY_HASH) {
+            return alg1;
+        }
+    }
+    /* If the policies are from the same AEAD family, check whether
+     * one of them is a minimum-tag-length wildcard. Calculate the most
+     * restrictive tag length. */
+    if (PSA_ALG_IS_AEAD(alg1) && PSA_ALG_IS_AEAD(alg2) &&
+        (PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg1, 0) ==
+         PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg2, 0))) {
+        size_t alg1_len = PSA_ALG_AEAD_GET_TAG_LENGTH(alg1);
+        size_t alg2_len = PSA_ALG_AEAD_GET_TAG_LENGTH(alg2);
+        size_t restricted_len = alg1_len > alg2_len ? alg1_len : alg2_len;
+
+        /* If both are wildcards, return most restrictive wildcard */
+        if (((alg1 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0) &&
+            ((alg2 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0)) {
+            return PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(
+                alg1, restricted_len);
+        }
+        /* If only one is a wildcard, return specific algorithm if compatible. */
+        if (((alg1 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0) &&
+            (alg1_len <= alg2_len)) {
+            return alg2;
+        }
+        if (((alg2 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0) &&
+            (alg2_len <= alg1_len)) {
+            return alg1;
+        }
+    }
+    /* If the policies are from the same MAC family, check whether one
+     * of them is a minimum-MAC-length policy. Calculate the most
+     * restrictive tag length. */
+    if (PSA_ALG_IS_MAC(alg1) && PSA_ALG_IS_MAC(alg2) &&
+        (PSA_ALG_FULL_LENGTH_MAC(alg1) ==
+         PSA_ALG_FULL_LENGTH_MAC(alg2))) {
+        /* Validate the combination of key type and algorithm. Since the base
+         * algorithm of alg1 and alg2 are the same, we only need this once. */
+        if (PSA_SUCCESS != psa_mac_key_can_do(alg1, key_type)) {
+            return 0;
+        }
+
+        /* Get the (exact or at-least) output lengths for both sides of the
+         * requested intersection. None of the currently supported algorithms
+         * have an output length dependent on the actual key size, so setting it
+         * to a bogus value of 0 is currently OK.
+         *
+         * Note that for at-least-this-length wildcard algorithms, the output
+         * length is set to the shortest allowed length, which allows us to
+         * calculate the most restrictive tag length for the intersection. */
+        size_t alg1_len = PSA_MAC_LENGTH(key_type, 0, alg1);
+        size_t alg2_len = PSA_MAC_LENGTH(key_type, 0, alg2);
+        size_t restricted_len = alg1_len > alg2_len ? alg1_len : alg2_len;
+
+        /* If both are wildcards, return most restrictive wildcard */
+        if (((alg1 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0) &&
+            ((alg2 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0)) {
+            return PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg1, restricted_len);
+        }
+
+        /* If only one is an at-least-this-length policy, the intersection would
+         * be the other (fixed-length) policy as long as said fixed length is
+         * equal to or larger than the shortest allowed length. */
+        if ((alg1 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0) {
+            return (alg1_len <= alg2_len) ? alg2 : 0;
+        }
+        if ((alg2 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0) {
+            return (alg2_len <= alg1_len) ? alg1 : 0;
+        }
+
+        /* If none of them are wildcards, check whether they define the same tag
+         * length. This is still possible here when one is default-length and
+         * the other specific-length. Ensure to always return the
+         * specific-length version for the intersection. */
+        if (alg1_len == alg2_len) {
+            return PSA_ALG_TRUNCATED_MAC(alg1, alg1_len);
+        }
+    }
+    /* If the policies are incompatible, allow nothing. */
+    return 0;
+}
+
+static int psa_key_algorithm_permits(psa_key_type_t key_type,
+                                     psa_algorithm_t policy_alg,
+                                     psa_algorithm_t requested_alg)
+{
+    /* Common case: the policy only allows requested_alg. */
+    if (requested_alg == policy_alg) {
+        return 1;
+    }
+    /* If policy_alg is a hash-and-sign with a wildcard for the hash,
+     * and requested_alg is the same hash-and-sign family with any hash,
+     * then requested_alg is compliant with policy_alg. */
+    if (PSA_ALG_IS_SIGN_HASH(requested_alg) &&
+        PSA_ALG_SIGN_GET_HASH(policy_alg) == PSA_ALG_ANY_HASH) {
+        return (policy_alg & ~PSA_ALG_HASH_MASK) ==
+               (requested_alg & ~PSA_ALG_HASH_MASK);
+    }
+    /* If policy_alg is a wildcard AEAD algorithm of the same base as
+     * the requested algorithm, check the requested tag length to be
+     * equal-length or longer than the wildcard-specified length. */
+    if (PSA_ALG_IS_AEAD(policy_alg) &&
+        PSA_ALG_IS_AEAD(requested_alg) &&
+        (PSA_ALG_AEAD_WITH_SHORTENED_TAG(policy_alg, 0) ==
+         PSA_ALG_AEAD_WITH_SHORTENED_TAG(requested_alg, 0)) &&
+        ((policy_alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0)) {
+        return PSA_ALG_AEAD_GET_TAG_LENGTH(policy_alg) <=
+               PSA_ALG_AEAD_GET_TAG_LENGTH(requested_alg);
+    }
+    /* If policy_alg is a MAC algorithm of the same base as the requested
+     * algorithm, check whether their MAC lengths are compatible. */
+    if (PSA_ALG_IS_MAC(policy_alg) &&
+        PSA_ALG_IS_MAC(requested_alg) &&
+        (PSA_ALG_FULL_LENGTH_MAC(policy_alg) ==
+         PSA_ALG_FULL_LENGTH_MAC(requested_alg))) {
+        /* Validate the combination of key type and algorithm. Since the policy
+         * and requested algorithms are the same, we only need this once. */
+        if (PSA_SUCCESS != psa_mac_key_can_do(policy_alg, key_type)) {
+            return 0;
+        }
+
+        /* Get both the requested output length for the algorithm which is to be
+         * verified, and the default output length for the base algorithm.
+         * Note that none of the currently supported algorithms have an output
+         * length dependent on actual key size, so setting it to a bogus value
+         * of 0 is currently OK. */
+        size_t requested_output_length = PSA_MAC_LENGTH(
+            key_type, 0, requested_alg);
+        size_t default_output_length = PSA_MAC_LENGTH(
+            key_type, 0,
+            PSA_ALG_FULL_LENGTH_MAC(requested_alg));
+
+        /* If the policy is default-length, only allow an algorithm with
+         * a declared exact-length matching the default. */
+        if (PSA_MAC_TRUNCATED_LENGTH(policy_alg) == 0) {
+            return requested_output_length == default_output_length;
+        }
+
+        /* If the requested algorithm is default-length, allow it if the policy
+         * length exactly matches the default length. */
+        if (PSA_MAC_TRUNCATED_LENGTH(requested_alg) == 0 &&
+            PSA_MAC_TRUNCATED_LENGTH(policy_alg) == default_output_length) {
+            return 1;
+        }
+
+        /* If policy_alg is an at-least-this-length wildcard MAC algorithm,
+         * check for the requested MAC length to be equal to or longer than the
+         * minimum allowed length. */
+        if ((policy_alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0) {
+            return PSA_MAC_TRUNCATED_LENGTH(policy_alg) <=
+                   requested_output_length;
+        }
+    }
+    /* If policy_alg is a generic key agreement operation, then using it for
+     * a key derivation with that key agreement should also be allowed. This
+     * behaviour is expected to be defined in a future specification version. */
+    if (PSA_ALG_IS_RAW_KEY_AGREEMENT(policy_alg) &&
+        PSA_ALG_IS_KEY_AGREEMENT(requested_alg)) {
+        return PSA_ALG_KEY_AGREEMENT_GET_BASE(requested_alg) ==
+               policy_alg;
+    }
+    /* If it isn't explicitly permitted, it's forbidden. */
+    return 0;
+}
+
+/** Test whether a policy permits an algorithm.
+ *
+ * The caller must test usage flags separately.
+ *
+ * \note This function requires providing the key type for which the policy is
+ *       being validated, since some algorithm policy definitions (e.g. MAC)
+ *       have different properties depending on what kind of cipher it is
+ *       combined with.
+ *
+ * \retval PSA_SUCCESS                  When \p alg is a specific algorithm
+ *                                      allowed by the \p policy.
+ * \retval PSA_ERROR_INVALID_ARGUMENT   When \p alg is not a specific algorithm
+ * \retval PSA_ERROR_NOT_PERMITTED      When \p alg is a specific algorithm, but
+ *                                      the \p policy does not allow it.
+ */
+static psa_status_t psa_key_policy_permits(const psa_key_policy_t *policy,
+                                           psa_key_type_t key_type,
+                                           psa_algorithm_t alg)
+{
+    /* '0' is not a valid algorithm */
+    if (alg == 0) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    /* A requested algorithm cannot be a wildcard. */
+    if (PSA_ALG_IS_WILDCARD(alg)) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    if (psa_key_algorithm_permits(key_type, policy->alg, alg) ||
+        psa_key_algorithm_permits(key_type, policy->alg2, alg)) {
+        return PSA_SUCCESS;
+    } else {
+        return PSA_ERROR_NOT_PERMITTED;
+    }
+}
+
+/** Restrict a key policy based on a constraint.
+ *
+ * \note This function requires providing the key type for which the policy is
+ *       being restricted, since some algorithm policy definitions (e.g. MAC)
+ *       have different properties depending on what kind of cipher it is
+ *       combined with.
+ *
+ * \param[in] key_type      The key type for which to restrict the policy
+ * \param[in,out] policy    The policy to restrict.
+ * \param[in] constraint    The policy constraint to apply.
+ *
+ * \retval #PSA_SUCCESS
+ *         \c *policy contains the intersection of the original value of
+ *         \c *policy and \c *constraint.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         \c key_type, \c *policy and \c *constraint are incompatible.
+ *         \c *policy is unchanged.
+ */
+static psa_status_t psa_restrict_key_policy(
+    psa_key_type_t key_type,
+    psa_key_policy_t *policy,
+    const psa_key_policy_t *constraint)
+{
+    psa_algorithm_t intersection_alg =
+        psa_key_policy_algorithm_intersection(key_type, policy->alg,
+                                              constraint->alg);
+    psa_algorithm_t intersection_alg2 =
+        psa_key_policy_algorithm_intersection(key_type, policy->alg2,
+                                              constraint->alg2);
+    if (intersection_alg == 0 && policy->alg != 0 && constraint->alg != 0) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+    if (intersection_alg2 == 0 && policy->alg2 != 0 && constraint->alg2 != 0) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+    policy->usage &= constraint->usage;
+    policy->alg = intersection_alg;
+    policy->alg2 = intersection_alg2;
+    return PSA_SUCCESS;
+}
+
+/** Get the description of a key given its identifier and policy constraints
+ *  and lock it.
+ *
+ * The key must have allow all the usage flags set in \p usage. If \p alg is
+ * nonzero, the key must allow operations with this algorithm. If \p alg is
+ * zero, the algorithm is not checked.
+ *
+ * In case of a persistent key, the function loads the description of the key
+ * into a key slot if not already done.
+ *
+ * On success, the returned key slot is locked. It is the responsibility of
+ * the caller to unlock the key slot when it does not access it anymore.
+ */
+static psa_status_t psa_get_and_lock_key_slot_with_policy(
+    mbedtls_svc_key_id_t key,
+    psa_key_slot_t **p_slot,
+    psa_key_usage_t usage,
+    psa_algorithm_t alg)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_slot_t *slot;
+
+    status = psa_get_and_lock_key_slot(key, p_slot);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+    slot = *p_slot;
+
+    /* Enforce that usage policy for the key slot contains all the flags
+     * required by the usage parameter. There is one exception: public
+     * keys can always be exported, so we treat public key objects as
+     * if they had the export flag. */
+    if (PSA_KEY_TYPE_IS_PUBLIC_KEY(slot->attr.type)) {
+        usage &= ~PSA_KEY_USAGE_EXPORT;
+    }
+
+    if ((slot->attr.policy.usage & usage) != usage) {
+        status = PSA_ERROR_NOT_PERMITTED;
+        goto error;
+    }
+
+    /* Enforce that the usage policy permits the requested algorithm. */
+    if (alg != 0) {
+        status = psa_key_policy_permits(&slot->attr.policy,
+                                        slot->attr.type,
+                                        alg);
+        if (status != PSA_SUCCESS) {
+            goto error;
+        }
+    }
+
+    return PSA_SUCCESS;
+
+error:
+    *p_slot = NULL;
+    psa_unlock_key_slot(slot);
+
+    return status;
+}
+
+/** Get a key slot containing a transparent key and lock it.
+ *
+ * A transparent key is a key for which the key material is directly
+ * available, as opposed to a key in a secure element and/or to be used
+ * by a secure element.
+ *
+ * This is a temporary function that may be used instead of
+ * psa_get_and_lock_key_slot_with_policy() when there is no opaque key support
+ * for a cryptographic operation.
+ *
+ * On success, the returned key slot is locked. It is the responsibility of the
+ * caller to unlock the key slot when it does not access it anymore.
+ */
+static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy(
+    mbedtls_svc_key_id_t key,
+    psa_key_slot_t **p_slot,
+    psa_key_usage_t usage,
+    psa_algorithm_t alg)
+{
+    psa_status_t status = psa_get_and_lock_key_slot_with_policy(key, p_slot,
+                                                                usage, alg);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    if (psa_key_lifetime_is_external((*p_slot)->attr.lifetime)) {
+        psa_unlock_key_slot(*p_slot);
+        *p_slot = NULL;
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    return PSA_SUCCESS;
+}
+
+psa_status_t psa_remove_key_data_from_memory(psa_key_slot_t *slot)
+{
+    /* Data pointer will always be either a valid pointer or NULL in an
+     * initialized slot, so we can just free it. */
+    if (slot->key.data != NULL) {
+        mbedtls_platform_zeroize(slot->key.data, slot->key.bytes);
+    }
+
+    mbedtls_free(slot->key.data);
+    slot->key.data = NULL;
+    slot->key.bytes = 0;
+
+    return PSA_SUCCESS;
+}
+
+/** Completely wipe a slot in memory, including its policy.
+ * Persistent storage is not affected. */
+psa_status_t psa_wipe_key_slot(psa_key_slot_t *slot)
+{
+    psa_status_t status = psa_remove_key_data_from_memory(slot);
+
+    /*
+     * As the return error code may not be handled in case of multiple errors,
+     * do our best to report an unexpected lock counter: if available
+     * call MBEDTLS_PARAM_FAILED that may terminate execution (if called as
+     * part of the execution of a test suite this will stop the test suite
+     * execution).
+     */
+    if (slot->lock_count != 1) {
+#ifdef MBEDTLS_CHECK_PARAMS
+        MBEDTLS_PARAM_FAILED(slot->lock_count == 1);
+#endif
+        status = PSA_ERROR_CORRUPTION_DETECTED;
+    }
+
+    /* Multipart operations may still be using the key. This is safe
+     * because all multipart operation objects are independent from
+     * the key slot: if they need to access the key after the setup
+     * phase, they have a copy of the key. Note that this means that
+     * key material can linger until all operations are completed. */
+    /* At this point, key material and other type-specific content has
+     * been wiped. Clear remaining metadata. We can call memset and not
+     * zeroize because the metadata is not particularly sensitive. */
+    memset(slot, 0, sizeof(*slot));
+    return status;
+}
+
+psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key)
+{
+    psa_key_slot_t *slot;
+    psa_status_t status; /* status of the last operation */
+    psa_status_t overall_status = PSA_SUCCESS;
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    psa_se_drv_table_entry_t *driver;
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+    if (mbedtls_svc_key_id_is_null(key)) {
+        return PSA_SUCCESS;
+    }
+
+    /*
+     * Get the description of the key in a key slot. In case of a persistent
+     * key, this will load the key description from persistent memory if not
+     * done yet. We cannot avoid this loading as without it we don't know if
+     * the key is operated by an SE or not and this information is needed by
+     * the current implementation.
+     */
+    status = psa_get_and_lock_key_slot(key, &slot);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    /*
+     * If the key slot containing the key description is under access by the
+     * library (apart from the present access), the key cannot be destroyed
+     * yet. For the time being, just return in error. Eventually (to be
+     * implemented), the key should be destroyed when all accesses have
+     * stopped.
+     */
+    if (slot->lock_count > 1) {
+        psa_unlock_key_slot(slot);
+        return PSA_ERROR_GENERIC_ERROR;
+    }
+
+    if (PSA_KEY_LIFETIME_IS_READ_ONLY(slot->attr.lifetime)) {
+        /* Refuse the destruction of a read-only key (which may or may not work
+         * if we attempt it, depending on whether the key is merely read-only
+         * by policy or actually physically read-only).
+         * Just do the best we can, which is to wipe the copy in memory
+         * (done in this function's cleanup code). */
+        overall_status = PSA_ERROR_NOT_PERMITTED;
+        goto exit;
+    }
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    driver = psa_get_se_driver_entry(slot->attr.lifetime);
+    if (driver != NULL) {
+        /* For a key in a secure element, we need to do three things:
+         * remove the key file in internal storage, destroy the
+         * key inside the secure element, and update the driver's
+         * persistent data. Start a transaction that will encompass these
+         * three actions. */
+        psa_crypto_prepare_transaction(PSA_CRYPTO_TRANSACTION_DESTROY_KEY);
+        psa_crypto_transaction.key.lifetime = slot->attr.lifetime;
+        psa_crypto_transaction.key.slot = psa_key_slot_get_slot_number(slot);
+        psa_crypto_transaction.key.id = slot->attr.id;
+        status = psa_crypto_save_transaction();
+        if (status != PSA_SUCCESS) {
+            (void) psa_crypto_stop_transaction();
+            /* We should still try to destroy the key in the secure
+             * element and the key metadata in storage. This is especially
+             * important if the error is that the storage is full.
+             * But how to do it exactly without risking an inconsistent
+             * state after a reset?
+             * https://github.com/ARMmbed/mbed-crypto/issues/215
+             */
+            overall_status = status;
+            goto exit;
+        }
+
+        status = psa_destroy_se_key(driver,
+                                    psa_key_slot_get_slot_number(slot));
+        if (overall_status == PSA_SUCCESS) {
+            overall_status = status;
+        }
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+    if (!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) {
+        status = psa_destroy_persistent_key(slot->attr.id);
+        if (overall_status == PSA_SUCCESS) {
+            overall_status = status;
+        }
+
+        /* TODO: other slots may have a copy of the same key. We should
+         * invalidate them.
+         * https://github.com/ARMmbed/mbed-crypto/issues/214
+         */
+    }
+#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    if (driver != NULL) {
+        status = psa_save_se_persistent_data(driver);
+        if (overall_status == PSA_SUCCESS) {
+            overall_status = status;
+        }
+        status = psa_crypto_stop_transaction();
+        if (overall_status == PSA_SUCCESS) {
+            overall_status = status;
+        }
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+exit:
+    status = psa_wipe_key_slot(slot);
+    /* Prioritize CORRUPTION_DETECTED from wiping over a storage error */
+    if (status != PSA_SUCCESS) {
+        overall_status = status;
+    }
+    return overall_status;
+}
+
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+static psa_status_t psa_get_rsa_public_exponent(
+    const mbedtls_rsa_context *rsa,
+    psa_key_attributes_t *attributes)
+{
+    mbedtls_mpi mpi;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    uint8_t *buffer = NULL;
+    size_t buflen;
+    mbedtls_mpi_init(&mpi);
+
+    ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, NULL, &mpi);
+    if (ret != 0) {
+        goto exit;
+    }
+    if (mbedtls_mpi_cmp_int(&mpi, 65537) == 0) {
+        /* It's the default value, which is reported as an empty string,
+         * so there's nothing to do. */
+        goto exit;
+    }
+
+    buflen = mbedtls_mpi_size(&mpi);
+    buffer = mbedtls_calloc(1, buflen);
+    if (buffer == NULL) {
+        ret = MBEDTLS_ERR_MPI_ALLOC_FAILED;
+        goto exit;
+    }
+    ret = mbedtls_mpi_write_binary(&mpi, buffer, buflen);
+    if (ret != 0) {
+        goto exit;
+    }
+    attributes->domain_parameters = buffer;
+    attributes->domain_parameters_size = buflen;
+
+exit:
+    mbedtls_mpi_free(&mpi);
+    if (ret != 0) {
+        mbedtls_free(buffer);
+    }
+    return mbedtls_to_psa_error(ret);
+}
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
+        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
+
+/** Retrieve all the publicly-accessible attributes of a key.
+ */
+psa_status_t psa_get_key_attributes(mbedtls_svc_key_id_t key,
+                                    psa_key_attributes_t *attributes)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_slot_t *slot;
+
+    psa_reset_key_attributes(attributes);
+
+    status = psa_get_and_lock_key_slot_with_policy(key, &slot, 0, 0);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    attributes->core = slot->attr;
+    attributes->core.flags &= (MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY |
+                               MBEDTLS_PSA_KA_MASK_DUAL_USE);
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    if (psa_get_se_driver_entry(slot->attr.lifetime) != NULL) {
+        psa_set_key_slot_number(attributes,
+                                psa_key_slot_get_slot_number(slot));
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+    switch (slot->attr.type) {
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+        case PSA_KEY_TYPE_RSA_KEY_PAIR:
+        case PSA_KEY_TYPE_RSA_PUBLIC_KEY:
+            /* TODO: reporting the public exponent for opaque keys
+             * is not yet implemented.
+             * https://github.com/ARMmbed/mbed-crypto/issues/216
+             */
+            if (!psa_key_lifetime_is_external(slot->attr.lifetime)) {
+                mbedtls_rsa_context *rsa = NULL;
+
+                status = mbedtls_psa_rsa_load_representation(
+                    slot->attr.type,
+                    slot->key.data,
+                    slot->key.bytes,
+                    &rsa);
+                if (status != PSA_SUCCESS) {
+                    break;
+                }
+
+                status = psa_get_rsa_public_exponent(rsa,
+                                                     attributes);
+                mbedtls_rsa_free(rsa);
+                mbedtls_free(rsa);
+            }
+            break;
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
+        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
+        default:
+            /* Nothing else to do. */
+            break;
+    }
+
+    if (status != PSA_SUCCESS) {
+        psa_reset_key_attributes(attributes);
+    }
+
+    unlock_status = psa_unlock_key_slot(slot);
+
+    return (status == PSA_SUCCESS) ? unlock_status : status;
+}
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+psa_status_t psa_get_key_slot_number(
+    const psa_key_attributes_t *attributes,
+    psa_key_slot_number_t *slot_number)
+{
+    if (attributes->core.flags & MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER) {
+        *slot_number = attributes->slot_number;
+        return PSA_SUCCESS;
+    } else {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+}
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+static psa_status_t psa_export_key_buffer_internal(const uint8_t *key_buffer,
+                                                   size_t key_buffer_size,
+                                                   uint8_t *data,
+                                                   size_t data_size,
+                                                   size_t *data_length)
+{
+    if (key_buffer_size > data_size) {
+        return PSA_ERROR_BUFFER_TOO_SMALL;
+    }
+    memcpy(data, key_buffer, key_buffer_size);
+    memset(data + key_buffer_size, 0,
+           data_size - key_buffer_size);
+    *data_length = key_buffer_size;
+    return PSA_SUCCESS;
+}
+
+psa_status_t psa_export_key_internal(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    uint8_t *data, size_t data_size, size_t *data_length)
+{
+    psa_key_type_t type = attributes->core.type;
+
+    if (key_type_is_raw_bytes(type) ||
+        PSA_KEY_TYPE_IS_RSA(type)   ||
+        PSA_KEY_TYPE_IS_ECC(type)) {
+        return psa_export_key_buffer_internal(
+            key_buffer, key_buffer_size,
+            data, data_size, data_length);
+    } else {
+        /* This shouldn't happen in the reference implementation, but
+           it is valid for a special-purpose implementation to omit
+           support for exporting certain key types. */
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+}
+
+psa_status_t psa_export_key(mbedtls_svc_key_id_t key,
+                            uint8_t *data,
+                            size_t data_size,
+                            size_t *data_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_slot_t *slot;
+
+    /* Reject a zero-length output buffer now, since this can never be a
+     * valid key representation. This way we know that data must be a valid
+     * pointer and we can do things like memset(data, ..., data_size). */
+    if (data_size == 0) {
+        return PSA_ERROR_BUFFER_TOO_SMALL;
+    }
+
+    /* Set the key to empty now, so that even when there are errors, we always
+     * set data_length to a value between 0 and data_size. On error, setting
+     * the key to empty is a good choice because an empty key representation is
+     * unlikely to be accepted anywhere. */
+    *data_length = 0;
+
+    /* Export requires the EXPORT flag. There is an exception for public keys,
+     * which don't require any flag, but
+     * psa_get_and_lock_key_slot_with_policy() takes care of this.
+     */
+    status = psa_get_and_lock_key_slot_with_policy(key, &slot,
+                                                   PSA_KEY_USAGE_EXPORT, 0);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    psa_key_attributes_t attributes = {
+        .core = slot->attr
+    };
+    status = psa_driver_wrapper_export_key(&attributes,
+                                           slot->key.data, slot->key.bytes,
+                                           data, data_size, data_length);
+
+    unlock_status = psa_unlock_key_slot(slot);
+
+    return (status == PSA_SUCCESS) ? unlock_status : status;
+}
+
+psa_status_t psa_export_public_key_internal(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    uint8_t *data,
+    size_t data_size,
+    size_t *data_length)
+{
+    psa_key_type_t type = attributes->core.type;
+
+    if (PSA_KEY_TYPE_IS_RSA(type) || PSA_KEY_TYPE_IS_ECC(type)) {
+        if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type)) {
+            /* Exporting public -> public */
+            return psa_export_key_buffer_internal(
+                key_buffer, key_buffer_size,
+                data, data_size, data_length);
+        }
+
+        if (PSA_KEY_TYPE_IS_RSA(type)) {
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+            defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+            return mbedtls_psa_rsa_export_public_key(attributes,
+                                                     key_buffer,
+                                                     key_buffer_size,
+                                                     data,
+                                                     data_size,
+                                                     data_length);
+#else
+            /* We don't know how to convert a private RSA key to public. */
+            return PSA_ERROR_NOT_SUPPORTED;
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
+        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
+        } else {
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+            defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
+            return mbedtls_psa_ecp_export_public_key(attributes,
+                                                     key_buffer,
+                                                     key_buffer_size,
+                                                     data,
+                                                     data_size,
+                                                     data_length);
+#else
+            /* We don't know how to convert a private ECC key to public */
+            return PSA_ERROR_NOT_SUPPORTED;
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
+        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */
+        }
+    } else {
+        /* This shouldn't happen in the reference implementation, but
+           it is valid for a special-purpose implementation to omit
+           support for exporting certain key types. */
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+}
+
+psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key,
+                                   uint8_t *data,
+                                   size_t data_size,
+                                   size_t *data_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_attributes_t attributes;
+    psa_key_slot_t *slot;
+
+    /* Reject a zero-length output buffer now, since this can never be a
+     * valid key representation. This way we know that data must be a valid
+     * pointer and we can do things like memset(data, ..., data_size). */
+    if (data_size == 0) {
+        return PSA_ERROR_BUFFER_TOO_SMALL;
+    }
+
+    /* Set the key to empty now, so that even when there are errors, we always
+     * set data_length to a value between 0 and data_size. On error, setting
+     * the key to empty is a good choice because an empty key representation is
+     * unlikely to be accepted anywhere. */
+    *data_length = 0;
+
+    /* Exporting a public key doesn't require a usage flag. */
+    status = psa_get_and_lock_key_slot_with_policy(key, &slot, 0, 0);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    if (!PSA_KEY_TYPE_IS_ASYMMETRIC(slot->attr.type)) {
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
+    }
+
+    attributes = (psa_key_attributes_t) {
+        .core = slot->attr
+    };
+    status = psa_driver_wrapper_export_public_key(
+        &attributes, slot->key.data, slot->key.bytes,
+        data, data_size, data_length);
+
+exit:
+    unlock_status = psa_unlock_key_slot(slot);
+
+    return (status == PSA_SUCCESS) ? unlock_status : status;
+}
+
+MBEDTLS_STATIC_ASSERT((MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE) == 0,
+                      "One or more key attribute flag is listed as both external-only and dual-use")
+MBEDTLS_STATIC_ASSERT((PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE) == 0,
+                      "One or more key attribute flag is listed as both internal-only and dual-use")
+MBEDTLS_STATIC_ASSERT((PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY) == 0,
+                      "One or more key attribute flag is listed as both internal-only and external-only")
+
+/** Validate that a key policy is internally well-formed.
+ *
+ * This function only rejects invalid policies. It does not validate the
+ * consistency of the policy with respect to other attributes of the key
+ * such as the key type.
+ */
+static psa_status_t psa_validate_key_policy(const psa_key_policy_t *policy)
+{
+    if ((policy->usage & ~(PSA_KEY_USAGE_EXPORT |
+                           PSA_KEY_USAGE_COPY |
+                           PSA_KEY_USAGE_ENCRYPT |
+                           PSA_KEY_USAGE_DECRYPT |
+                           PSA_KEY_USAGE_SIGN_MESSAGE |
+                           PSA_KEY_USAGE_VERIFY_MESSAGE |
+                           PSA_KEY_USAGE_SIGN_HASH |
+                           PSA_KEY_USAGE_VERIFY_HASH |
+                           PSA_KEY_USAGE_DERIVE)) != 0) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    return PSA_SUCCESS;
+}
+
+/** Validate the internal consistency of key attributes.
+ *
+ * This function only rejects invalid attribute values. If does not
+ * validate the consistency of the attributes with any key data that may
+ * be involved in the creation of the key.
+ *
+ * Call this function early in the key creation process.
+ *
+ * \param[in] attributes    Key attributes for the new key.
+ * \param[out] p_drv        On any return, the driver for the key, if any.
+ *                          NULL for a transparent key.
+ *
+ */
+static psa_status_t psa_validate_key_attributes(
+    const psa_key_attributes_t *attributes,
+    psa_se_drv_table_entry_t **p_drv)
+{
+    psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
+    psa_key_lifetime_t lifetime = psa_get_key_lifetime(attributes);
+    mbedtls_svc_key_id_t key = psa_get_key_id(attributes);
+
+    status = psa_validate_key_location(lifetime, p_drv);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    status = psa_validate_key_persistence(lifetime);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
+        if (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key) != 0) {
+            return PSA_ERROR_INVALID_ARGUMENT;
+        }
+    } else {
+        if (!psa_is_valid_key_id(psa_get_key_id(attributes), 0)) {
+            return PSA_ERROR_INVALID_ARGUMENT;
+        }
+    }
+
+    status = psa_validate_key_policy(&attributes->core.policy);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    /* Refuse to create overly large keys.
+     * Note that this doesn't trigger on import if the attributes don't
+     * explicitly specify a size (so psa_get_key_bits returns 0), so
+     * psa_import_key() needs its own checks. */
+    if (psa_get_key_bits(attributes) > PSA_MAX_KEY_BITS) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    /* Reject invalid flags. These should not be reachable through the API. */
+    if (attributes->core.flags & ~(MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY |
+                                   MBEDTLS_PSA_KA_MASK_DUAL_USE)) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    return PSA_SUCCESS;
+}
+
+/** Prepare a key slot to receive key material.
+ *
+ * This function allocates a key slot and sets its metadata.
+ *
+ * If this function fails, call psa_fail_key_creation().
+ *
+ * This function is intended to be used as follows:
+ * -# Call psa_start_key_creation() to allocate a key slot, prepare
+ *    it with the specified attributes, and in case of a volatile key assign it
+ *    a volatile key identifier.
+ * -# Populate the slot with the key material.
+ * -# Call psa_finish_key_creation() to finalize the creation of the slot.
+ * In case of failure at any step, stop the sequence and call
+ * psa_fail_key_creation().
+ *
+ * On success, the key slot is locked. It is the responsibility of the caller
+ * to unlock the key slot when it does not access it anymore.
+ *
+ * \param method            An identification of the calling function.
+ * \param[in] attributes    Key attributes for the new key.
+ * \param[out] p_slot       On success, a pointer to the prepared slot.
+ * \param[out] p_drv        On any return, the driver for the key, if any.
+ *                          NULL for a transparent key.
+ *
+ * \retval #PSA_SUCCESS
+ *         The key slot is ready to receive key material.
+ * \return If this function fails, the key slot is an invalid state.
+ *         You must call psa_fail_key_creation() to wipe and free the slot.
+ */
+static psa_status_t psa_start_key_creation(
+    psa_key_creation_method_t method,
+    const psa_key_attributes_t *attributes,
+    psa_key_slot_t **p_slot,
+    psa_se_drv_table_entry_t **p_drv)
+{
+    psa_status_t status;
+    psa_key_id_t volatile_key_id;
+    psa_key_slot_t *slot;
+
+    (void) method;
+    *p_drv = NULL;
+
+    status = psa_validate_key_attributes(attributes, p_drv);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    status = psa_get_empty_key_slot(&volatile_key_id, p_slot);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+    slot = *p_slot;
+
+    /* We're storing the declared bit-size of the key. It's up to each
+     * creation mechanism to verify that this information is correct.
+     * It's automatically correct for mechanisms that use the bit-size as
+     * an input (generate, device) but not for those where the bit-size
+     * is optional (import, copy). In case of a volatile key, assign it the
+     * volatile key identifier associated to the slot returned to contain its
+     * definition. */
+
+    slot->attr = attributes->core;
+    if (PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) {
+#if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+        slot->attr.id = volatile_key_id;
+#else
+        slot->attr.id.key_id = volatile_key_id;
+#endif
+    }
+
+    /* Erase external-only flags from the internal copy. To access
+     * external-only flags, query `attributes`. Thanks to the check
+     * in psa_validate_key_attributes(), this leaves the dual-use
+     * flags and any internal flag that psa_get_empty_key_slot()
+     * may have set. */
+    slot->attr.flags &= ~MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY;
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    /* For a key in a secure element, we need to do three things
+     * when creating or registering a persistent key:
+     * create the key file in internal storage, create the
+     * key inside the secure element, and update the driver's
+     * persistent data. This is done by starting a transaction that will
+     * encompass these three actions.
+     * For registering a volatile key, we just need to find an appropriate
+     * slot number inside the SE. Since the key is designated volatile, creating
+     * a transaction is not required. */
+    /* The first thing to do is to find a slot number for the new key.
+     * We save the slot number in persistent storage as part of the
+     * transaction data. It will be needed to recover if the power
+     * fails during the key creation process, to clean up on the secure
+     * element side after restarting. Obtaining a slot number from the
+     * secure element driver updates its persistent state, but we do not yet
+     * save the driver's persistent state, so that if the power fails,
+     * we can roll back to a state where the key doesn't exist. */
+    if (*p_drv != NULL) {
+        psa_key_slot_number_t slot_number;
+        status = psa_find_se_slot_for_key(attributes, method, *p_drv,
+                                          &slot_number);
+        if (status != PSA_SUCCESS) {
+            return status;
+        }
+
+        if (!PSA_KEY_LIFETIME_IS_VOLATILE(attributes->core.lifetime)) {
+            psa_crypto_prepare_transaction(PSA_CRYPTO_TRANSACTION_CREATE_KEY);
+            psa_crypto_transaction.key.lifetime = slot->attr.lifetime;
+            psa_crypto_transaction.key.slot = slot_number;
+            psa_crypto_transaction.key.id = slot->attr.id;
+            status = psa_crypto_save_transaction();
+            if (status != PSA_SUCCESS) {
+                (void) psa_crypto_stop_transaction();
+                return status;
+            }
+        }
+
+        status = psa_copy_key_material_into_slot(
+            slot, (uint8_t *) (&slot_number), sizeof(slot_number));
+    }
+
+    if (*p_drv == NULL && method == PSA_KEY_CREATION_REGISTER) {
+        /* Key registration only makes sense with a secure element. */
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+    return PSA_SUCCESS;
+}
+
+/** Finalize the creation of a key once its key material has been set.
+ *
+ * This entails writing the key to persistent storage.
+ *
+ * If this function fails, call psa_fail_key_creation().
+ * See the documentation of psa_start_key_creation() for the intended use
+ * of this function.
+ *
+ * If the finalization succeeds, the function unlocks the key slot (it was
+ * locked by psa_start_key_creation()) and the key slot cannot be accessed
+ * anymore as part of the key creation process.
+ *
+ * \param[in,out] slot  Pointer to the slot with key material.
+ * \param[in] driver    The secure element driver for the key,
+ *                      or NULL for a transparent key.
+ * \param[out] key      On success, identifier of the key. Note that the
+ *                      key identifier is also stored in the key slot.
+ *
+ * \retval #PSA_SUCCESS
+ *         The key was successfully created.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription
+ * \retval #PSA_ERROR_ALREADY_EXISTS \emptydescription
+ * \retval #PSA_ERROR_DATA_INVALID \emptydescription
+ * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ *
+ * \return If this function fails, the key slot is an invalid state.
+ *         You must call psa_fail_key_creation() to wipe and free the slot.
+ */
+static psa_status_t psa_finish_key_creation(
+    psa_key_slot_t *slot,
+    psa_se_drv_table_entry_t *driver,
+    mbedtls_svc_key_id_t *key)
+{
+    psa_status_t status = PSA_SUCCESS;
+    (void) slot;
+    (void) driver;
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+    if (!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) {
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+        if (driver != NULL) {
+            psa_se_key_data_storage_t data;
+            psa_key_slot_number_t slot_number =
+                psa_key_slot_get_slot_number(slot);
+
+            MBEDTLS_STATIC_ASSERT(sizeof(slot_number) ==
+                                  sizeof(data.slot_number),
+                                  "Slot number size does not match psa_se_key_data_storage_t");
+
+            memcpy(&data.slot_number, &slot_number, sizeof(slot_number));
+            status = psa_save_persistent_key(&slot->attr,
+                                             (uint8_t *) &data,
+                                             sizeof(data));
+        } else
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+        {
+            /* Key material is saved in export representation in the slot, so
+             * just pass the slot buffer for storage. */
+            status = psa_save_persistent_key(&slot->attr,
+                                             slot->key.data,
+                                             slot->key.bytes);
+        }
+    }
+#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    /* Finish the transaction for a key creation. This does not
+     * happen when registering an existing key. Detect this case
+     * by checking whether a transaction is in progress (actual
+     * creation of a persistent key in a secure element requires a transaction,
+     * but registration or volatile key creation doesn't use one). */
+    if (driver != NULL &&
+        psa_crypto_transaction.unknown.type == PSA_CRYPTO_TRANSACTION_CREATE_KEY) {
+        status = psa_save_se_persistent_data(driver);
+        if (status != PSA_SUCCESS) {
+            psa_destroy_persistent_key(slot->attr.id);
+            return status;
+        }
+        status = psa_crypto_stop_transaction();
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+    if (status == PSA_SUCCESS) {
+        *key = slot->attr.id;
+        status = psa_unlock_key_slot(slot);
+        if (status != PSA_SUCCESS) {
+            *key = MBEDTLS_SVC_KEY_ID_INIT;
+        }
+    }
+
+    return status;
+}
+
+/** Abort the creation of a key.
+ *
+ * You may call this function after calling psa_start_key_creation(),
+ * or after psa_finish_key_creation() fails. In other circumstances, this
+ * function may not clean up persistent storage.
+ * See the documentation of psa_start_key_creation() for the intended use
+ * of this function.
+ *
+ * \param[in,out] slot  Pointer to the slot with key material.
+ * \param[in] driver    The secure element driver for the key,
+ *                      or NULL for a transparent key.
+ */
+static void psa_fail_key_creation(psa_key_slot_t *slot,
+                                  psa_se_drv_table_entry_t *driver)
+{
+    (void) driver;
+
+    if (slot == NULL) {
+        return;
+    }
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    /* TODO: If the key has already been created in the secure
+     * element, and the failure happened later (when saving metadata
+     * to internal storage), we need to destroy the key in the secure
+     * element.
+     * https://github.com/ARMmbed/mbed-crypto/issues/217
+     */
+
+    /* Abort the ongoing transaction if any (there may not be one if
+     * the creation process failed before starting one, or if the
+     * key creation is a registration of a key in a secure element).
+     * Earlier functions must already have done what it takes to undo any
+     * partial creation. All that's left is to update the transaction data
+     * itself. */
+    (void) psa_crypto_stop_transaction();
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+    psa_wipe_key_slot(slot);
+}
+
+/** Validate optional attributes during key creation.
+ *
+ * Some key attributes are optional during key creation. If they are
+ * specified in the attributes structure, check that they are consistent
+ * with the data in the slot.
+ *
+ * This function should be called near the end of key creation, after
+ * the slot in memory is fully populated but before saving persistent data.
+ */
+static psa_status_t psa_validate_optional_attributes(
+    const psa_key_slot_t *slot,
+    const psa_key_attributes_t *attributes)
+{
+    if (attributes->core.type != 0) {
+        if (attributes->core.type != slot->attr.type) {
+            return PSA_ERROR_INVALID_ARGUMENT;
+        }
+    }
+
+    if (attributes->domain_parameters_size != 0) {
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+        defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+        if (PSA_KEY_TYPE_IS_RSA(slot->attr.type)) {
+            mbedtls_rsa_context *rsa = NULL;
+            mbedtls_mpi actual, required;
+            int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+            psa_status_t status = mbedtls_psa_rsa_load_representation(
+                slot->attr.type,
+                slot->key.data,
+                slot->key.bytes,
+                &rsa);
+            if (status != PSA_SUCCESS) {
+                return status;
+            }
+
+            mbedtls_mpi_init(&actual);
+            mbedtls_mpi_init(&required);
+            ret = mbedtls_rsa_export(rsa,
+                                     NULL, NULL, NULL, NULL, &actual);
+            mbedtls_rsa_free(rsa);
+            mbedtls_free(rsa);
+            if (ret != 0) {
+                goto rsa_exit;
+            }
+            ret = mbedtls_mpi_read_binary(&required,
+                                          attributes->domain_parameters,
+                                          attributes->domain_parameters_size);
+            if (ret != 0) {
+                goto rsa_exit;
+            }
+            if (mbedtls_mpi_cmp_mpi(&actual, &required) != 0) {
+                ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+            }
+rsa_exit:
+            mbedtls_mpi_free(&actual);
+            mbedtls_mpi_free(&required);
+            if (ret != 0) {
+                return mbedtls_to_psa_error(ret);
+            }
+        } else
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
+        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
+        {
+            return PSA_ERROR_INVALID_ARGUMENT;
+        }
+    }
+
+    if (attributes->core.bits != 0) {
+        if (attributes->core.bits != slot->attr.bits) {
+            return PSA_ERROR_INVALID_ARGUMENT;
+        }
+    }
+
+    return PSA_SUCCESS;
+}
+
+psa_status_t psa_import_key(const psa_key_attributes_t *attributes,
+                            const uint8_t *data,
+                            size_t data_length,
+                            mbedtls_svc_key_id_t *key)
+{
+    psa_status_t status;
+    psa_key_slot_t *slot = NULL;
+    psa_se_drv_table_entry_t *driver = NULL;
+    size_t bits;
+
+    *key = MBEDTLS_SVC_KEY_ID_INIT;
+
+    /* Reject zero-length symmetric keys (including raw data key objects).
+     * This also rejects any key which might be encoded as an empty string,
+     * which is never valid. */
+    if (data_length == 0) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    status = psa_start_key_creation(PSA_KEY_CREATION_IMPORT, attributes,
+                                    &slot, &driver);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    /* In the case of a transparent key or an opaque key stored in local
+     * storage (thus not in the case of generating a key in a secure element
+     * or cryptoprocessor with storage), we have to allocate a buffer to
+     * hold the generated key material. */
+    if (slot->key.data == NULL) {
+        status = psa_allocate_buffer_to_slot(slot, data_length);
+        if (status != PSA_SUCCESS) {
+            goto exit;
+        }
+    }
+
+    bits = slot->attr.bits;
+    status = psa_driver_wrapper_import_key(attributes,
+                                           data, data_length,
+                                           slot->key.data,
+                                           slot->key.bytes,
+                                           &slot->key.bytes, &bits);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    if (slot->attr.bits == 0) {
+        slot->attr.bits = (psa_key_bits_t) bits;
+    } else if (bits != slot->attr.bits) {
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
+    }
+
+    status = psa_validate_optional_attributes(slot, attributes);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    status = psa_finish_key_creation(slot, driver, key);
+exit:
+    if (status != PSA_SUCCESS) {
+        psa_fail_key_creation(slot, driver);
+    }
+
+    return status;
+}
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+psa_status_t mbedtls_psa_register_se_key(
+    const psa_key_attributes_t *attributes)
+{
+    psa_status_t status;
+    psa_key_slot_t *slot = NULL;
+    psa_se_drv_table_entry_t *driver = NULL;
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+
+    /* Leaving attributes unspecified is not currently supported.
+     * It could make sense to query the key type and size from the
+     * secure element, but not all secure elements support this
+     * and the driver HAL doesn't currently support it. */
+    if (psa_get_key_type(attributes) == PSA_KEY_TYPE_NONE) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+    if (psa_get_key_bits(attributes) == 0) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    status = psa_start_key_creation(PSA_KEY_CREATION_REGISTER, attributes,
+                                    &slot, &driver);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    status = psa_finish_key_creation(slot, driver, &key);
+
+exit:
+    if (status != PSA_SUCCESS) {
+        psa_fail_key_creation(slot, driver);
+    }
+
+    /* Registration doesn't keep the key in RAM. */
+    psa_close_key(key);
+    return status;
+}
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+static psa_status_t psa_copy_key_material(const psa_key_slot_t *source,
+                                          psa_key_slot_t *target)
+{
+    psa_status_t status = psa_copy_key_material_into_slot(target,
+                                                          source->key.data,
+                                                          source->key.bytes);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    target->attr.type = source->attr.type;
+    target->attr.bits = source->attr.bits;
+
+    return PSA_SUCCESS;
+}
+
+psa_status_t psa_copy_key(mbedtls_svc_key_id_t source_key,
+                          const psa_key_attributes_t *specified_attributes,
+                          mbedtls_svc_key_id_t *target_key)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_slot_t *source_slot = NULL;
+    psa_key_slot_t *target_slot = NULL;
+    psa_key_attributes_t actual_attributes = *specified_attributes;
+    psa_se_drv_table_entry_t *driver = NULL;
+
+    *target_key = MBEDTLS_SVC_KEY_ID_INIT;
+
+    status = psa_get_and_lock_transparent_key_slot_with_policy(
+        source_key, &source_slot, PSA_KEY_USAGE_COPY, 0);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    status = psa_validate_optional_attributes(source_slot,
+                                              specified_attributes);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    status = psa_restrict_key_policy(source_slot->attr.type,
+                                     &actual_attributes.core.policy,
+                                     &source_slot->attr.policy);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    status = psa_start_key_creation(PSA_KEY_CREATION_COPY, &actual_attributes,
+                                    &target_slot, &driver);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    if (driver != NULL) {
+        /* Copying to a secure element is not implemented yet. */
+        status = PSA_ERROR_NOT_SUPPORTED;
+        goto exit;
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+    if (psa_key_lifetime_is_external(actual_attributes.core.lifetime)) {
+        /*
+         * Copying through an opaque driver is not implemented yet, consider
+         * a lifetime with an external location as an invalid parameter for
+         * now.
+         */
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
+    }
+
+    status = psa_copy_key_material(source_slot, target_slot);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    status = psa_finish_key_creation(target_slot, driver, target_key);
+exit:
+    if (status != PSA_SUCCESS) {
+        psa_fail_key_creation(target_slot, driver);
+    }
+
+    unlock_status = psa_unlock_key_slot(source_slot);
+
+    return (status == PSA_SUCCESS) ? unlock_status : status;
+}
+
+
+
+/****************************************************************/
+/* Message digests */
+/****************************************************************/
+
+psa_status_t psa_hash_abort(psa_hash_operation_t *operation)
+{
+    /* Aborting a non-active operation is allowed */
+    if (operation->id == 0) {
+        return PSA_SUCCESS;
+    }
+
+    psa_status_t status = psa_driver_wrapper_hash_abort(operation);
+    operation->id = 0;
+
+    return status;
+}
+
+psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
+                            psa_algorithm_t alg)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+    /* A context must be freshly initialized before it can be set up. */
+    if (operation->id != 0) {
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
+    if (!PSA_ALG_IS_HASH(alg)) {
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
+    }
+
+    /* Ensure all of the context is zeroized, since PSA_HASH_OPERATION_INIT only
+     * directly zeroes the int-sized dummy member of the context union. */
+    memset(&operation->ctx, 0, sizeof(operation->ctx));
+
+    status = psa_driver_wrapper_hash_setup(operation, alg);
+
+exit:
+    if (status != PSA_SUCCESS) {
+        psa_hash_abort(operation);
+    }
+
+    return status;
+}
+
+psa_status_t psa_hash_update(psa_hash_operation_t *operation,
+                             const uint8_t *input,
+                             size_t input_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+    if (operation->id == 0) {
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
+    /* Don't require hash implementations to behave correctly on a
+     * zero-length input, which may have an invalid pointer. */
+    if (input_length == 0) {
+        return PSA_SUCCESS;
+    }
+
+    status = psa_driver_wrapper_hash_update(operation, input, input_length);
+
+exit:
+    if (status != PSA_SUCCESS) {
+        psa_hash_abort(operation);
+    }
+
+    return status;
+}
+
+psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
+                             uint8_t *hash,
+                             size_t hash_size,
+                             size_t *hash_length)
+{
+    *hash_length = 0;
+    if (operation->id == 0) {
+        return PSA_ERROR_BAD_STATE;
+    }
+
+    psa_status_t status = psa_driver_wrapper_hash_finish(
+        operation, hash, hash_size, hash_length);
+    psa_hash_abort(operation);
+    return status;
+}
+
+psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
+                             const uint8_t *hash,
+                             size_t hash_length)
+{
+    uint8_t actual_hash[PSA_HASH_MAX_SIZE];
+    size_t actual_hash_length;
+    psa_status_t status = psa_hash_finish(
+        operation,
+        actual_hash, sizeof(actual_hash),
+        &actual_hash_length);
+
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    if (actual_hash_length != hash_length) {
+        status = PSA_ERROR_INVALID_SIGNATURE;
+        goto exit;
+    }
+
+    if (mbedtls_psa_safer_memcmp(hash, actual_hash, actual_hash_length) != 0) {
+        status = PSA_ERROR_INVALID_SIGNATURE;
+    }
+
+exit:
+    mbedtls_platform_zeroize(actual_hash, sizeof(actual_hash));
+    if (status != PSA_SUCCESS) {
+        psa_hash_abort(operation);
+    }
+
+    return status;
+}
+
+psa_status_t psa_hash_compute(psa_algorithm_t alg,
+                              const uint8_t *input, size_t input_length,
+                              uint8_t *hash, size_t hash_size,
+                              size_t *hash_length)
+{
+    *hash_length = 0;
+    if (!PSA_ALG_IS_HASH(alg)) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    return psa_driver_wrapper_hash_compute(alg, input, input_length,
+                                           hash, hash_size, hash_length);
+}
+
+psa_status_t psa_hash_compare(psa_algorithm_t alg,
+                              const uint8_t *input, size_t input_length,
+                              const uint8_t *hash, size_t hash_length)
+{
+    uint8_t actual_hash[PSA_HASH_MAX_SIZE];
+    size_t actual_hash_length;
+
+    if (!PSA_ALG_IS_HASH(alg)) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    psa_status_t status = psa_driver_wrapper_hash_compute(
+        alg, input, input_length,
+        actual_hash, sizeof(actual_hash),
+        &actual_hash_length);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+    if (actual_hash_length != hash_length) {
+        status = PSA_ERROR_INVALID_SIGNATURE;
+        goto exit;
+    }
+    if (mbedtls_psa_safer_memcmp(hash, actual_hash, actual_hash_length) != 0) {
+        status = PSA_ERROR_INVALID_SIGNATURE;
+    }
+
+exit:
+    mbedtls_platform_zeroize(actual_hash, sizeof(actual_hash));
+    return status;
+}
+
+psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation,
+                            psa_hash_operation_t *target_operation)
+{
+    if (source_operation->id == 0 ||
+        target_operation->id != 0) {
+        return PSA_ERROR_BAD_STATE;
+    }
+
+    psa_status_t status = psa_driver_wrapper_hash_clone(source_operation,
+                                                        target_operation);
+    if (status != PSA_SUCCESS) {
+        psa_hash_abort(target_operation);
+    }
+
+    return status;
+}
+
+
+/****************************************************************/
+/* MAC */
+/****************************************************************/
+
+psa_status_t psa_mac_abort(psa_mac_operation_t *operation)
+{
+    /* Aborting a non-active operation is allowed */
+    if (operation->id == 0) {
+        return PSA_SUCCESS;
+    }
+
+    psa_status_t status = psa_driver_wrapper_mac_abort(operation);
+    operation->mac_size = 0;
+    operation->is_sign = 0;
+    operation->id = 0;
+
+    return status;
+}
+
+static psa_status_t psa_mac_finalize_alg_and_key_validation(
+    psa_algorithm_t alg,
+    const psa_key_attributes_t *attributes,
+    uint8_t *mac_size)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_type_t key_type = psa_get_key_type(attributes);
+    size_t key_bits = psa_get_key_bits(attributes);
+
+    if (!PSA_ALG_IS_MAC(alg)) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    /* Validate the combination of key type and algorithm */
+    status = psa_mac_key_can_do(alg, key_type);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    /* Get the output length for the algorithm and key combination */
+    *mac_size = PSA_MAC_LENGTH(key_type, key_bits, alg);
+
+    if (*mac_size < 4) {
+        /* A very short MAC is too short for security since it can be
+         * brute-forced. Ancient protocols with 32-bit MACs do exist,
+         * so we make this our minimum, even though 32 bits is still
+         * too small for security. */
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    if (*mac_size > PSA_MAC_LENGTH(key_type, key_bits,
+                                   PSA_ALG_FULL_LENGTH_MAC(alg))) {
+        /* It's impossible to "truncate" to a larger length than the full length
+         * of the algorithm. */
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    if (*mac_size > PSA_MAC_MAX_SIZE) {
+        /* PSA_MAC_LENGTH returns the correct length even for a MAC algorithm
+         * that is disabled in the compile-time configuration. The result can
+         * therefore be larger than PSA_MAC_MAX_SIZE, which does take the
+         * configuration into account. In this case, force a return of
+         * PSA_ERROR_NOT_SUPPORTED here. Otherwise psa_mac_verify(), or
+         * psa_mac_compute(mac_size=PSA_MAC_MAX_SIZE), would return
+         * PSA_ERROR_BUFFER_TOO_SMALL for an unsupported algorithm whose MAC size
+         * is larger than PSA_MAC_MAX_SIZE, which is misleading and which breaks
+         * systematically generated tests. */
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    return PSA_SUCCESS;
+}
+
+static psa_status_t psa_mac_setup(psa_mac_operation_t *operation,
+                                  mbedtls_svc_key_id_t key,
+                                  psa_algorithm_t alg,
+                                  int is_sign)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_attributes_t attributes;
+    psa_key_slot_t *slot = NULL;
+
+    /* A context must be freshly initialized before it can be set up. */
+    if (operation->id != 0) {
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
+    status = psa_get_and_lock_key_slot_with_policy(
+        key,
+        &slot,
+        is_sign ? PSA_KEY_USAGE_SIGN_MESSAGE : PSA_KEY_USAGE_VERIFY_MESSAGE,
+        alg);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    attributes = (psa_key_attributes_t) {
+        .core = slot->attr
+    };
+
+    status = psa_mac_finalize_alg_and_key_validation(alg, &attributes,
+                                                     &operation->mac_size);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    operation->is_sign = is_sign;
+    /* Dispatch the MAC setup call with validated input */
+    if (is_sign) {
+        status = psa_driver_wrapper_mac_sign_setup(operation,
+                                                   &attributes,
+                                                   slot->key.data,
+                                                   slot->key.bytes,
+                                                   alg);
+    } else {
+        status = psa_driver_wrapper_mac_verify_setup(operation,
+                                                     &attributes,
+                                                     slot->key.data,
+                                                     slot->key.bytes,
+                                                     alg);
+    }
+
+exit:
+    if (status != PSA_SUCCESS) {
+        psa_mac_abort(operation);
+    }
+
+    unlock_status = psa_unlock_key_slot(slot);
+
+    return (status == PSA_SUCCESS) ? unlock_status : status;
+}
+
+psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
+                                mbedtls_svc_key_id_t key,
+                                psa_algorithm_t alg)
+{
+    return psa_mac_setup(operation, key, alg, 1);
+}
+
+psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
+                                  mbedtls_svc_key_id_t key,
+                                  psa_algorithm_t alg)
+{
+    return psa_mac_setup(operation, key, alg, 0);
+}
+
+psa_status_t psa_mac_update(psa_mac_operation_t *operation,
+                            const uint8_t *input,
+                            size_t input_length)
+{
+    if (operation->id == 0) {
+        return PSA_ERROR_BAD_STATE;
+    }
+
+    /* Don't require hash implementations to behave correctly on a
+     * zero-length input, which may have an invalid pointer. */
+    if (input_length == 0) {
+        return PSA_SUCCESS;
+    }
+
+    psa_status_t status = psa_driver_wrapper_mac_update(operation,
+                                                        input, input_length);
+    if (status != PSA_SUCCESS) {
+        psa_mac_abort(operation);
+    }
+
+    return status;
+}
+
+psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
+                                 uint8_t *mac,
+                                 size_t mac_size,
+                                 size_t *mac_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED;
+
+    if (operation->id == 0) {
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
+    if (!operation->is_sign) {
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
+    /* Sanity check. This will guarantee that mac_size != 0 (and so mac != NULL)
+     * once all the error checks are done. */
+    if (operation->mac_size == 0) {
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
+    if (mac_size < operation->mac_size) {
+        status = PSA_ERROR_BUFFER_TOO_SMALL;
+        goto exit;
+    }
+
+    status = psa_driver_wrapper_mac_sign_finish(operation,
+                                                mac, operation->mac_size,
+                                                mac_length);
+
+exit:
+    /* In case of success, set the potential excess room in the output buffer
+     * to an invalid value, to avoid potentially leaking a longer MAC.
+     * In case of error, set the output length and content to a safe default,
+     * such that in case the caller misses an error check, the output would be
+     * an unachievable MAC.
+     */
+    if (status != PSA_SUCCESS) {
+        *mac_length = mac_size;
+        operation->mac_size = 0;
+    }
+
+    if (mac_size > operation->mac_size) {
+        memset(&mac[operation->mac_size], '!',
+               mac_size - operation->mac_size);
+    }
+
+    abort_status = psa_mac_abort(operation);
+
+    return status == PSA_SUCCESS ? abort_status : status;
+}
+
+psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
+                                   const uint8_t *mac,
+                                   size_t mac_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED;
+
+    if (operation->id == 0) {
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
+    if (operation->is_sign) {
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
+    if (operation->mac_size != mac_length) {
+        status = PSA_ERROR_INVALID_SIGNATURE;
+        goto exit;
+    }
+
+    status = psa_driver_wrapper_mac_verify_finish(operation,
+                                                  mac, mac_length);
+
+exit:
+    abort_status = psa_mac_abort(operation);
+
+    return status == PSA_SUCCESS ? abort_status : status;
+}
+
+static psa_status_t psa_mac_compute_internal(mbedtls_svc_key_id_t key,
+                                             psa_algorithm_t alg,
+                                             const uint8_t *input,
+                                             size_t input_length,
+                                             uint8_t *mac,
+                                             size_t mac_size,
+                                             size_t *mac_length,
+                                             int is_sign)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_attributes_t attributes;
+    psa_key_slot_t *slot;
+    uint8_t operation_mac_size = 0;
+
+    status = psa_get_and_lock_key_slot_with_policy(
+        key,
+        &slot,
+        is_sign ? PSA_KEY_USAGE_SIGN_MESSAGE : PSA_KEY_USAGE_VERIFY_MESSAGE,
+        alg);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    attributes = (psa_key_attributes_t) {
+        .core = slot->attr
+    };
+
+    status = psa_mac_finalize_alg_and_key_validation(alg, &attributes,
+                                                     &operation_mac_size);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    if (mac_size < operation_mac_size) {
+        status = PSA_ERROR_BUFFER_TOO_SMALL;
+        goto exit;
+    }
+
+    status = psa_driver_wrapper_mac_compute(
+        &attributes,
+        slot->key.data, slot->key.bytes,
+        alg,
+        input, input_length,
+        mac, operation_mac_size, mac_length);
+
+exit:
+    /* In case of success, set the potential excess room in the output buffer
+     * to an invalid value, to avoid potentially leaking a longer MAC.
+     * In case of error, set the output length and content to a safe default,
+     * such that in case the caller misses an error check, the output would be
+     * an unachievable MAC.
+     */
+    if (status != PSA_SUCCESS) {
+        *mac_length = mac_size;
+        operation_mac_size = 0;
+    }
+    if (mac_size > operation_mac_size) {
+        memset(&mac[operation_mac_size], '!', mac_size - operation_mac_size);
+    }
+
+    unlock_status = psa_unlock_key_slot(slot);
+
+    return (status == PSA_SUCCESS) ? unlock_status : status;
+}
+
+psa_status_t psa_mac_compute(mbedtls_svc_key_id_t key,
+                             psa_algorithm_t alg,
+                             const uint8_t *input,
+                             size_t input_length,
+                             uint8_t *mac,
+                             size_t mac_size,
+                             size_t *mac_length)
+{
+    return psa_mac_compute_internal(key, alg,
+                                    input, input_length,
+                                    mac, mac_size, mac_length, 1);
+}
+
+psa_status_t psa_mac_verify(mbedtls_svc_key_id_t key,
+                            psa_algorithm_t alg,
+                            const uint8_t *input,
+                            size_t input_length,
+                            const uint8_t *mac,
+                            size_t mac_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    uint8_t actual_mac[PSA_MAC_MAX_SIZE];
+    size_t actual_mac_length;
+
+    status = psa_mac_compute_internal(key, alg,
+                                      input, input_length,
+                                      actual_mac, sizeof(actual_mac),
+                                      &actual_mac_length, 0);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    if (mac_length != actual_mac_length) {
+        status = PSA_ERROR_INVALID_SIGNATURE;
+        goto exit;
+    }
+    if (mbedtls_psa_safer_memcmp(mac, actual_mac, actual_mac_length) != 0) {
+        status = PSA_ERROR_INVALID_SIGNATURE;
+        goto exit;
+    }
+
+exit:
+    mbedtls_platform_zeroize(actual_mac, sizeof(actual_mac));
+
+    return status;
+}
+
+/****************************************************************/
+/* Asymmetric cryptography */
+/****************************************************************/
+
+static psa_status_t psa_sign_verify_check_alg(int input_is_message,
+                                              psa_algorithm_t alg)
+{
+    if (input_is_message) {
+        if (!PSA_ALG_IS_SIGN_MESSAGE(alg)) {
+            return PSA_ERROR_INVALID_ARGUMENT;
+        }
+
+        if (PSA_ALG_IS_SIGN_HASH(alg)) {
+            if (!PSA_ALG_IS_HASH(PSA_ALG_SIGN_GET_HASH(alg))) {
+                return PSA_ERROR_INVALID_ARGUMENT;
+            }
+        }
+    } else {
+        if (!PSA_ALG_IS_SIGN_HASH(alg)) {
+            return PSA_ERROR_INVALID_ARGUMENT;
+        }
+    }
+
+    return PSA_SUCCESS;
+}
+
+static psa_status_t psa_sign_internal(mbedtls_svc_key_id_t key,
+                                      int input_is_message,
+                                      psa_algorithm_t alg,
+                                      const uint8_t *input,
+                                      size_t input_length,
+                                      uint8_t *signature,
+                                      size_t signature_size,
+                                      size_t *signature_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_attributes_t attributes;
+    psa_key_slot_t *slot;
+
+    *signature_length = 0;
+
+    status = psa_sign_verify_check_alg(input_is_message, alg);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    /* Immediately reject a zero-length signature buffer. This guarantees
+     * that signature must be a valid pointer. (On the other hand, the input
+     * buffer can in principle be empty since it doesn't actually have
+     * to be a hash.) */
+    if (signature_size == 0) {
+        return PSA_ERROR_BUFFER_TOO_SMALL;
+    }
+
+    status = psa_get_and_lock_key_slot_with_policy(
+        key, &slot,
+        input_is_message ? PSA_KEY_USAGE_SIGN_MESSAGE :
+        PSA_KEY_USAGE_SIGN_HASH,
+        alg);
+
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    if (!PSA_KEY_TYPE_IS_KEY_PAIR(slot->attr.type)) {
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
+    }
+
+    attributes = (psa_key_attributes_t)  {
+        .core = slot->attr
+    };
+
+    if (input_is_message) {
+        status = psa_driver_wrapper_sign_message(
+            &attributes, slot->key.data, slot->key.bytes,
+            alg, input, input_length,
+            signature, signature_size, signature_length);
+    } else {
+
+        status = psa_driver_wrapper_sign_hash(
+            &attributes, slot->key.data, slot->key.bytes,
+            alg, input, input_length,
+            signature, signature_size, signature_length);
+    }
+
+
+exit:
+    /* Fill the unused part of the output buffer (the whole buffer on error,
+     * the trailing part on success) with something that isn't a valid signature
+     * (barring an attack on the signature and deliberately-crafted input),
+     * in case the caller doesn't check the return status properly. */
+    if (status == PSA_SUCCESS) {
+        memset(signature + *signature_length, '!',
+               signature_size - *signature_length);
+    } else {
+        memset(signature, '!', signature_size);
+    }
+    /* If signature_size is 0 then we have nothing to do. We must not call
+     * memset because signature may be NULL in this case. */
+
+    unlock_status = psa_unlock_key_slot(slot);
+
+    return (status == PSA_SUCCESS) ? unlock_status : status;
+}
+
+static psa_status_t psa_verify_internal(mbedtls_svc_key_id_t key,
+                                        int input_is_message,
+                                        psa_algorithm_t alg,
+                                        const uint8_t *input,
+                                        size_t input_length,
+                                        const uint8_t *signature,
+                                        size_t signature_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_slot_t *slot;
+
+    status = psa_sign_verify_check_alg(input_is_message, alg);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    status = psa_get_and_lock_key_slot_with_policy(
+        key, &slot,
+        input_is_message ? PSA_KEY_USAGE_VERIFY_MESSAGE :
+        PSA_KEY_USAGE_VERIFY_HASH,
+        alg);
+
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    psa_key_attributes_t attributes = {
+        .core = slot->attr
+    };
+
+    if (input_is_message) {
+        status = psa_driver_wrapper_verify_message(
+            &attributes, slot->key.data, slot->key.bytes,
+            alg, input, input_length,
+            signature, signature_length);
+    } else {
+        status = psa_driver_wrapper_verify_hash(
+            &attributes, slot->key.data, slot->key.bytes,
+            alg, input, input_length,
+            signature, signature_length);
+    }
+
+    unlock_status = psa_unlock_key_slot(slot);
+
+    return (status == PSA_SUCCESS) ? unlock_status : status;
+
+}
+
+psa_status_t psa_sign_message_builtin(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *signature,
+    size_t signature_size,
+    size_t *signature_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+    if (PSA_ALG_IS_SIGN_HASH(alg)) {
+        size_t hash_length;
+        uint8_t hash[PSA_HASH_MAX_SIZE];
+
+        status = psa_driver_wrapper_hash_compute(
+            PSA_ALG_SIGN_GET_HASH(alg),
+            input, input_length,
+            hash, sizeof(hash), &hash_length);
+
+        if (status != PSA_SUCCESS) {
+            return status;
+        }
+
+        return psa_driver_wrapper_sign_hash(
+            attributes, key_buffer, key_buffer_size,
+            alg, hash, hash_length,
+            signature, signature_size, signature_length);
+    }
+
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_sign_message(mbedtls_svc_key_id_t key,
+                              psa_algorithm_t alg,
+                              const uint8_t *input,
+                              size_t input_length,
+                              uint8_t *signature,
+                              size_t signature_size,
+                              size_t *signature_length)
+{
+    return psa_sign_internal(
+        key, 1, alg, input, input_length,
+        signature, signature_size, signature_length);
+}
+
+psa_status_t psa_verify_message_builtin(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    const uint8_t *signature,
+    size_t signature_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+    if (PSA_ALG_IS_SIGN_HASH(alg)) {
+        size_t hash_length;
+        uint8_t hash[PSA_HASH_MAX_SIZE];
+
+        status = psa_driver_wrapper_hash_compute(
+            PSA_ALG_SIGN_GET_HASH(alg),
+            input, input_length,
+            hash, sizeof(hash), &hash_length);
+
+        if (status != PSA_SUCCESS) {
+            return status;
+        }
+
+        return psa_driver_wrapper_verify_hash(
+            attributes, key_buffer, key_buffer_size,
+            alg, hash, hash_length,
+            signature, signature_length);
+    }
+
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_verify_message(mbedtls_svc_key_id_t key,
+                                psa_algorithm_t alg,
+                                const uint8_t *input,
+                                size_t input_length,
+                                const uint8_t *signature,
+                                size_t signature_length)
+{
+    return psa_verify_internal(
+        key, 1, alg, input, input_length,
+        signature, signature_length);
+}
+
+psa_status_t psa_sign_hash_builtin(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+    uint8_t *signature, size_t signature_size, size_t *signature_length)
+{
+    if (attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR) {
+        if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) ||
+            PSA_ALG_IS_RSA_PSS(alg)) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+            defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
+            return mbedtls_psa_rsa_sign_hash(
+                attributes,
+                key_buffer, key_buffer_size,
+                alg, hash, hash_length,
+                signature, signature_size, signature_length);
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
+        } else {
+            return PSA_ERROR_INVALID_ARGUMENT;
+        }
+    } else if (PSA_KEY_TYPE_IS_ECC(attributes->core.type)) {
+        if (PSA_ALG_IS_ECDSA(alg)) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+            defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
+            return mbedtls_psa_ecdsa_sign_hash(
+                attributes,
+                key_buffer, key_buffer_size,
+                alg, hash, hash_length,
+                signature, signature_size, signature_length);
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
+        } else {
+            return PSA_ERROR_INVALID_ARGUMENT;
+        }
+    }
+
+    (void) key_buffer;
+    (void) key_buffer_size;
+    (void) hash;
+    (void) hash_length;
+    (void) signature;
+    (void) signature_size;
+    (void) signature_length;
+
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_sign_hash(mbedtls_svc_key_id_t key,
+                           psa_algorithm_t alg,
+                           const uint8_t *hash,
+                           size_t hash_length,
+                           uint8_t *signature,
+                           size_t signature_size,
+                           size_t *signature_length)
+{
+    return psa_sign_internal(
+        key, 0, alg, hash, hash_length,
+        signature, signature_size, signature_length);
+}
+
+psa_status_t psa_verify_hash_builtin(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+    const uint8_t *signature, size_t signature_length)
+{
+    if (PSA_KEY_TYPE_IS_RSA(attributes->core.type)) {
+        if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) ||
+            PSA_ALG_IS_RSA_PSS(alg)) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+            defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
+            return mbedtls_psa_rsa_verify_hash(
+                attributes,
+                key_buffer, key_buffer_size,
+                alg, hash, hash_length,
+                signature, signature_length);
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
+        } else {
+            return PSA_ERROR_INVALID_ARGUMENT;
+        }
+    } else if (PSA_KEY_TYPE_IS_ECC(attributes->core.type)) {
+        if (PSA_ALG_IS_ECDSA(alg)) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+            defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
+            return mbedtls_psa_ecdsa_verify_hash(
+                attributes,
+                key_buffer, key_buffer_size,
+                alg, hash, hash_length,
+                signature, signature_length);
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
+        } else {
+            return PSA_ERROR_INVALID_ARGUMENT;
+        }
+    }
+
+    (void) key_buffer;
+    (void) key_buffer_size;
+    (void) hash;
+    (void) hash_length;
+    (void) signature;
+    (void) signature_length;
+
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_verify_hash(mbedtls_svc_key_id_t key,
+                             psa_algorithm_t alg,
+                             const uint8_t *hash,
+                             size_t hash_length,
+                             const uint8_t *signature,
+                             size_t signature_length)
+{
+    return psa_verify_internal(
+        key, 0, alg, hash, hash_length,
+        signature, signature_length);
+}
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
+static void psa_rsa_oaep_set_padding_mode(psa_algorithm_t alg,
+                                          mbedtls_rsa_context *rsa)
+{
+    psa_algorithm_t hash_alg = PSA_ALG_RSA_OAEP_GET_HASH(alg);
+    const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa(hash_alg);
+    mbedtls_md_type_t md_alg = mbedtls_md_get_type(md_info);
+    mbedtls_rsa_set_padding(rsa, MBEDTLS_RSA_PKCS_V21, md_alg);
+}
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
+
+psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key,
+                                    psa_algorithm_t alg,
+                                    const uint8_t *input,
+                                    size_t input_length,
+                                    const uint8_t *salt,
+                                    size_t salt_length,
+                                    uint8_t *output,
+                                    size_t output_size,
+                                    size_t *output_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_slot_t *slot;
+
+    (void) input;
+    (void) input_length;
+    (void) salt;
+    (void) output;
+    (void) output_size;
+
+    *output_length = 0;
+
+    if (!PSA_ALG_IS_RSA_OAEP(alg) && salt_length != 0) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    status = psa_get_and_lock_transparent_key_slot_with_policy(
+        key, &slot, PSA_KEY_USAGE_ENCRYPT, alg);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+    if (!(PSA_KEY_TYPE_IS_PUBLIC_KEY(slot->attr.type) ||
+          PSA_KEY_TYPE_IS_KEY_PAIR(slot->attr.type))) {
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
+    }
+
+    if (PSA_KEY_TYPE_IS_RSA(slot->attr.type)) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
+        defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
+        mbedtls_rsa_context *rsa = NULL;
+        status = mbedtls_psa_rsa_load_representation(slot->attr.type,
+                                                     slot->key.data,
+                                                     slot->key.bytes,
+                                                     &rsa);
+        if (status != PSA_SUCCESS) {
+            goto rsa_exit;
+        }
+
+        if (output_size < mbedtls_rsa_get_len(rsa)) {
+            status = PSA_ERROR_BUFFER_TOO_SMALL;
+            goto rsa_exit;
+        }
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
+        if (alg == PSA_ALG_RSA_PKCS1V15_CRYPT) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT)
+            status = mbedtls_to_psa_error(
+                mbedtls_rsa_pkcs1_encrypt(rsa,
+                                          mbedtls_psa_get_random,
+                                          MBEDTLS_PSA_RANDOM_STATE,
+                                          MBEDTLS_RSA_PUBLIC,
+                                          input_length,
+                                          input,
+                                          output));
+#else
+            status = PSA_ERROR_NOT_SUPPORTED;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */
+        } else
+        if (PSA_ALG_IS_RSA_OAEP(alg)) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
+            psa_rsa_oaep_set_padding_mode(alg, rsa);
+            status = mbedtls_to_psa_error(
+                mbedtls_rsa_rsaes_oaep_encrypt(rsa,
+                                               mbedtls_psa_get_random,
+                                               MBEDTLS_PSA_RANDOM_STATE,
+                                               MBEDTLS_RSA_PUBLIC,
+                                               salt, salt_length,
+                                               input_length,
+                                               input,
+                                               output));
+#else
+            status = PSA_ERROR_NOT_SUPPORTED;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */
+        } else {
+            status = PSA_ERROR_INVALID_ARGUMENT;
+        }
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
+        defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
+rsa_exit:
+        if (status == PSA_SUCCESS) {
+            *output_length = mbedtls_rsa_get_len(rsa);
+        }
+
+        mbedtls_rsa_free(rsa);
+        mbedtls_free(rsa);
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
+    } else {
+        status = PSA_ERROR_NOT_SUPPORTED;
+    }
+
+exit:
+    unlock_status = psa_unlock_key_slot(slot);
+
+    return (status == PSA_SUCCESS) ? unlock_status : status;
+}
+
+psa_status_t psa_asymmetric_decrypt(mbedtls_svc_key_id_t key,
+                                    psa_algorithm_t alg,
+                                    const uint8_t *input,
+                                    size_t input_length,
+                                    const uint8_t *salt,
+                                    size_t salt_length,
+                                    uint8_t *output,
+                                    size_t output_size,
+                                    size_t *output_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_slot_t *slot;
+
+    (void) input;
+    (void) input_length;
+    (void) salt;
+    (void) output;
+    (void) output_size;
+
+    *output_length = 0;
+
+    if (!PSA_ALG_IS_RSA_OAEP(alg) && salt_length != 0) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    status = psa_get_and_lock_transparent_key_slot_with_policy(
+        key, &slot, PSA_KEY_USAGE_DECRYPT, alg);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+    if (!PSA_KEY_TYPE_IS_KEY_PAIR(slot->attr.type)) {
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
+    }
+
+    if (slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
+        defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
+        mbedtls_rsa_context *rsa = NULL;
+        status = mbedtls_psa_rsa_load_representation(slot->attr.type,
+                                                     slot->key.data,
+                                                     slot->key.bytes,
+                                                     &rsa);
+        if (status != PSA_SUCCESS) {
+            goto exit;
+        }
+
+        if (input_length != mbedtls_rsa_get_len(rsa)) {
+            status = PSA_ERROR_INVALID_ARGUMENT;
+            goto rsa_exit;
+        }
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
+
+        if (alg == PSA_ALG_RSA_PKCS1V15_CRYPT) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT)
+            status = mbedtls_to_psa_error(
+                mbedtls_rsa_pkcs1_decrypt(rsa,
+                                          mbedtls_psa_get_random,
+                                          MBEDTLS_PSA_RANDOM_STATE,
+                                          MBEDTLS_RSA_PRIVATE,
+                                          output_length,
+                                          input,
+                                          output,
+                                          output_size));
+#else
+            status = PSA_ERROR_NOT_SUPPORTED;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */
+        } else
+        if (PSA_ALG_IS_RSA_OAEP(alg)) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
+            psa_rsa_oaep_set_padding_mode(alg, rsa);
+            status = mbedtls_to_psa_error(
+                mbedtls_rsa_rsaes_oaep_decrypt(rsa,
+                                               mbedtls_psa_get_random,
+                                               MBEDTLS_PSA_RANDOM_STATE,
+                                               MBEDTLS_RSA_PRIVATE,
+                                               salt, salt_length,
+                                               output_length,
+                                               input,
+                                               output,
+                                               output_size));
+#else
+            status = PSA_ERROR_NOT_SUPPORTED;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */
+        } else {
+            status = PSA_ERROR_INVALID_ARGUMENT;
+        }
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
+        defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
+rsa_exit:
+        mbedtls_rsa_free(rsa);
+        mbedtls_free(rsa);
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
+    } else {
+        status = PSA_ERROR_NOT_SUPPORTED;
+    }
+
+exit:
+    unlock_status = psa_unlock_key_slot(slot);
+
+    return (status == PSA_SUCCESS) ? unlock_status : status;
+}
+
+
+
+/****************************************************************/
+/* Symmetric cryptography */
+/****************************************************************/
+
+static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
+                                     mbedtls_svc_key_id_t key,
+                                     psa_algorithm_t alg,
+                                     mbedtls_operation_t cipher_operation)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_attributes_t attributes;
+    psa_key_slot_t *slot = NULL;
+    psa_key_usage_t usage = (cipher_operation == MBEDTLS_ENCRYPT ?
+                             PSA_KEY_USAGE_ENCRYPT :
+                             PSA_KEY_USAGE_DECRYPT);
+
+    /* A context must be freshly initialized before it can be set up. */
+    if (operation->id != 0) {
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
+    if (!PSA_ALG_IS_CIPHER(alg)) {
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
+    }
+
+    status = psa_get_and_lock_key_slot_with_policy(key, &slot, usage, alg);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    /* Initialize the operation struct members, except for id. The id member
+     * is used to indicate to psa_cipher_abort that there are resources to free,
+     * so we only set it (in the driver wrapper) after resources have been
+     * allocated/initialized. */
+    operation->iv_set = 0;
+    if (alg == PSA_ALG_ECB_NO_PADDING) {
+        operation->iv_required = 0;
+    } else if (slot->attr.type == PSA_KEY_TYPE_ARC4) {
+        operation->iv_required = 0;
+    } else {
+        operation->iv_required = 1;
+    }
+    operation->default_iv_length = PSA_CIPHER_IV_LENGTH(slot->attr.type, alg);
+
+    attributes = (psa_key_attributes_t) {
+        .core = slot->attr
+    };
+
+    /* Try doing the operation through a driver before using software fallback. */
+    if (cipher_operation == MBEDTLS_ENCRYPT) {
+        status = psa_driver_wrapper_cipher_encrypt_setup(operation,
+                                                         &attributes,
+                                                         slot->key.data,
+                                                         slot->key.bytes,
+                                                         alg);
+    } else {
+        status = psa_driver_wrapper_cipher_decrypt_setup(operation,
+                                                         &attributes,
+                                                         slot->key.data,
+                                                         slot->key.bytes,
+                                                         alg);
+    }
+
+exit:
+    if (status != PSA_SUCCESS) {
+        psa_cipher_abort(operation);
+    }
+
+    unlock_status = psa_unlock_key_slot(slot);
+
+    return (status == PSA_SUCCESS) ? unlock_status : status;
+}
+
+psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
+                                      mbedtls_svc_key_id_t key,
+                                      psa_algorithm_t alg)
+{
+    return psa_cipher_setup(operation, key, alg, MBEDTLS_ENCRYPT);
+}
+
+psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
+                                      mbedtls_svc_key_id_t key,
+                                      psa_algorithm_t alg)
+{
+    return psa_cipher_setup(operation, key, alg, MBEDTLS_DECRYPT);
+}
+
+psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
+                                    uint8_t *iv,
+                                    size_t iv_size,
+                                    size_t *iv_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    uint8_t local_iv[PSA_CIPHER_IV_MAX_SIZE];
+    size_t default_iv_length = 0;
+
+    if (operation->id == 0) {
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
+    if (operation->iv_set || !operation->iv_required) {
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
+    default_iv_length = operation->default_iv_length;
+    if (iv_size < default_iv_length) {
+        status = PSA_ERROR_BUFFER_TOO_SMALL;
+        goto exit;
+    }
+
+    if (default_iv_length > PSA_CIPHER_IV_MAX_SIZE) {
+        status = PSA_ERROR_GENERIC_ERROR;
+        goto exit;
+    }
+
+    status = psa_generate_random(local_iv, default_iv_length);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    status = psa_driver_wrapper_cipher_set_iv(operation,
+                                              local_iv, default_iv_length);
+
+exit:
+    if (status == PSA_SUCCESS) {
+        memcpy(iv, local_iv, default_iv_length);
+        *iv_length = default_iv_length;
+        operation->iv_set = 1;
+    } else {
+        *iv_length = 0;
+        psa_cipher_abort(operation);
+    }
+
+    return status;
+}
+
+psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
+                               const uint8_t *iv,
+                               size_t iv_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+    if (operation->id == 0) {
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
+    if (operation->iv_set || !operation->iv_required) {
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
+    if (iv_length > PSA_CIPHER_IV_MAX_SIZE) {
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
+    }
+
+    status = psa_driver_wrapper_cipher_set_iv(operation,
+                                              iv,
+                                              iv_length);
+
+exit:
+    if (status == PSA_SUCCESS) {
+        operation->iv_set = 1;
+    } else {
+        psa_cipher_abort(operation);
+    }
+    return status;
+}
+
+psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
+                               const uint8_t *input,
+                               size_t input_length,
+                               uint8_t *output,
+                               size_t output_size,
+                               size_t *output_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+    if (operation->id == 0) {
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
+    if (operation->iv_required && !operation->iv_set) {
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
+    status = psa_driver_wrapper_cipher_update(operation,
+                                              input,
+                                              input_length,
+                                              output,
+                                              output_size,
+                                              output_length);
+
+exit:
+    if (status != PSA_SUCCESS) {
+        psa_cipher_abort(operation);
+    }
+
+    return status;
+}
+
+psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
+                               uint8_t *output,
+                               size_t output_size,
+                               size_t *output_length)
+{
+    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+
+    if (operation->id == 0) {
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
+    if (operation->iv_required && !operation->iv_set) {
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
+    status = psa_driver_wrapper_cipher_finish(operation,
+                                              output,
+                                              output_size,
+                                              output_length);
+
+exit:
+    if (status == PSA_SUCCESS) {
+        return psa_cipher_abort(operation);
+    } else {
+        *output_length = 0;
+        (void) psa_cipher_abort(operation);
+
+        return status;
+    }
+}
+
+psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
+{
+    if (operation->id == 0) {
+        /* The object has (apparently) been initialized but it is not (yet)
+         * in use. It's ok to call abort on such an object, and there's
+         * nothing to do. */
+        return PSA_SUCCESS;
+    }
+
+    psa_driver_wrapper_cipher_abort(operation);
+
+    operation->id = 0;
+    operation->iv_set = 0;
+    operation->iv_required = 0;
+
+    return PSA_SUCCESS;
+}
+
+psa_status_t psa_cipher_encrypt(mbedtls_svc_key_id_t key,
+                                psa_algorithm_t alg,
+                                const uint8_t *input,
+                                size_t input_length,
+                                uint8_t *output,
+                                size_t output_size,
+                                size_t *output_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_attributes_t attributes;
+    psa_key_slot_t *slot = NULL;
+    uint8_t local_iv[PSA_CIPHER_IV_MAX_SIZE];
+    size_t default_iv_length = 0;
+
+    if (!PSA_ALG_IS_CIPHER(alg)) {
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
+    }
+
+    status = psa_get_and_lock_key_slot_with_policy(key, &slot,
+                                                   PSA_KEY_USAGE_ENCRYPT,
+                                                   alg);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    attributes = (psa_key_attributes_t) {
+        .core = slot->attr
+    };
+
+    default_iv_length = PSA_CIPHER_IV_LENGTH(slot->attr.type, alg);
+    if (default_iv_length > PSA_CIPHER_IV_MAX_SIZE) {
+        status = PSA_ERROR_GENERIC_ERROR;
+        goto exit;
+    }
+
+    if (default_iv_length > 0) {
+        if (output_size < default_iv_length) {
+            status = PSA_ERROR_BUFFER_TOO_SMALL;
+            goto exit;
+        }
+
+        status = psa_generate_random(local_iv, default_iv_length);
+        if (status != PSA_SUCCESS) {
+            goto exit;
+        }
+    }
+
+    status = psa_driver_wrapper_cipher_encrypt(
+        &attributes, slot->key.data, slot->key.bytes,
+        alg, local_iv, default_iv_length, input, input_length,
+        mbedtls_buffer_offset(output, default_iv_length),
+        output_size - default_iv_length, output_length);
+
+exit:
+    unlock_status = psa_unlock_key_slot(slot);
+    if (status == PSA_SUCCESS) {
+        status = unlock_status;
+    }
+
+    if (status == PSA_SUCCESS) {
+        if (default_iv_length > 0) {
+            memcpy(output, local_iv, default_iv_length);
+        }
+        *output_length += default_iv_length;
+    } else {
+        *output_length = 0;
+    }
+
+    return status;
+}
+
+psa_status_t psa_cipher_decrypt(mbedtls_svc_key_id_t key,
+                                psa_algorithm_t alg,
+                                const uint8_t *input,
+                                size_t input_length,
+                                uint8_t *output,
+                                size_t output_size,
+                                size_t *output_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_attributes_t attributes;
+    psa_key_slot_t *slot = NULL;
+
+    if (!PSA_ALG_IS_CIPHER(alg)) {
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
+    }
+
+    status = psa_get_and_lock_key_slot_with_policy(key, &slot,
+                                                   PSA_KEY_USAGE_DECRYPT,
+                                                   alg);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    attributes = (psa_key_attributes_t) {
+        .core = slot->attr
+    };
+
+    if (input_length < PSA_CIPHER_IV_LENGTH(slot->attr.type, alg)) {
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
+    }
+
+    status = psa_driver_wrapper_cipher_decrypt(
+        &attributes, slot->key.data, slot->key.bytes,
+        alg, input, input_length,
+        output, output_size, output_length);
+
+exit:
+    unlock_status = psa_unlock_key_slot(slot);
+    if (status == PSA_SUCCESS) {
+        status = unlock_status;
+    }
+
+    if (status != PSA_SUCCESS) {
+        *output_length = 0;
+    }
+
+    return status;
+}
+
+
+/****************************************************************/
+/* AEAD */
+/****************************************************************/
+
+psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key,
+                              psa_algorithm_t alg,
+                              const uint8_t *nonce,
+                              size_t nonce_length,
+                              const uint8_t *additional_data,
+                              size_t additional_data_length,
+                              const uint8_t *plaintext,
+                              size_t plaintext_length,
+                              uint8_t *ciphertext,
+                              size_t ciphertext_size,
+                              size_t *ciphertext_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_slot_t *slot;
+
+    *ciphertext_length = 0;
+
+    if (!PSA_ALG_IS_AEAD(alg) || PSA_ALG_IS_WILDCARD(alg)) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    status = psa_get_and_lock_key_slot_with_policy(
+        key, &slot, PSA_KEY_USAGE_ENCRYPT, alg);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    psa_key_attributes_t attributes = {
+        .core = slot->attr
+    };
+
+    status = psa_driver_wrapper_aead_encrypt(
+        &attributes, slot->key.data, slot->key.bytes,
+        alg,
+        nonce, nonce_length,
+        additional_data, additional_data_length,
+        plaintext, plaintext_length,
+        ciphertext, ciphertext_size, ciphertext_length);
+
+    if (status != PSA_SUCCESS && ciphertext_size != 0) {
+        memset(ciphertext, 0, ciphertext_size);
+    }
+
+    psa_unlock_key_slot(slot);
+
+    return status;
+}
+
+psa_status_t psa_aead_decrypt(mbedtls_svc_key_id_t key,
+                              psa_algorithm_t alg,
+                              const uint8_t *nonce,
+                              size_t nonce_length,
+                              const uint8_t *additional_data,
+                              size_t additional_data_length,
+                              const uint8_t *ciphertext,
+                              size_t ciphertext_length,
+                              uint8_t *plaintext,
+                              size_t plaintext_size,
+                              size_t *plaintext_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_slot_t *slot;
+
+    *plaintext_length = 0;
+
+    if (!PSA_ALG_IS_AEAD(alg) || PSA_ALG_IS_WILDCARD(alg)) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    status = psa_get_and_lock_key_slot_with_policy(
+        key, &slot, PSA_KEY_USAGE_DECRYPT, alg);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    psa_key_attributes_t attributes = {
+        .core = slot->attr
+    };
+
+    status = psa_driver_wrapper_aead_decrypt(
+        &attributes, slot->key.data, slot->key.bytes,
+        alg,
+        nonce, nonce_length,
+        additional_data, additional_data_length,
+        ciphertext, ciphertext_length,
+        plaintext, plaintext_size, plaintext_length);
+
+    if (status != PSA_SUCCESS && plaintext_size != 0) {
+        memset(plaintext, 0, plaintext_size);
+    }
+
+    psa_unlock_key_slot(slot);
+
+    return status;
+}
+
+/****************************************************************/
+/* Generators */
+/****************************************************************/
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
+#define AT_LEAST_ONE_BUILTIN_KDF
+#endif /* At least one builtin KDF */
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
+static psa_status_t psa_key_derivation_start_hmac(
+    psa_mac_operation_t *operation,
+    psa_algorithm_t hash_alg,
+    const uint8_t *hmac_key,
+    size_t hmac_key_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_HMAC);
+    psa_set_key_bits(&attributes, PSA_BYTES_TO_BITS(hmac_key_length));
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH);
+
+    operation->is_sign = 1;
+    operation->mac_size = PSA_HASH_LENGTH(hash_alg);
+
+    status = psa_driver_wrapper_mac_sign_setup(operation,
+                                               &attributes,
+                                               hmac_key, hmac_key_length,
+                                               PSA_ALG_HMAC(hash_alg));
+
+    psa_reset_key_attributes(&attributes);
+    return status;
+}
+#endif /* KDF algorithms reliant on HMAC */
+
+#define HKDF_STATE_INIT 0 /* no input yet */
+#define HKDF_STATE_STARTED 1 /* got salt */
+#define HKDF_STATE_KEYED 2 /* got key */
+#define HKDF_STATE_OUTPUT 3 /* output started */
+
+static psa_algorithm_t psa_key_derivation_get_kdf_alg(
+    const psa_key_derivation_operation_t *operation)
+{
+    if (PSA_ALG_IS_KEY_AGREEMENT(operation->alg)) {
+        return PSA_ALG_KEY_AGREEMENT_GET_KDF(operation->alg);
+    } else {
+        return operation->alg;
+    }
+}
+
+psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation)
+{
+    psa_status_t status = PSA_SUCCESS;
+    psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg(operation);
+    if (kdf_alg == 0) {
+        /* The object has (apparently) been initialized but it is not
+         * in use. It's ok to call abort on such an object, and there's
+         * nothing to do. */
+    } else
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
+    if (PSA_ALG_IS_HKDF(kdf_alg)) {
+        mbedtls_free(operation->ctx.hkdf.info);
+        status = psa_mac_abort(&operation->ctx.hkdf.hmac);
+    } else
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
+    if (PSA_ALG_IS_TLS12_PRF(kdf_alg) ||
+        /* TLS-1.2 PSK-to-MS KDF uses the same core as TLS-1.2 PRF */
+        PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) {
+        if (operation->ctx.tls12_prf.secret != NULL) {
+            mbedtls_platform_zeroize(operation->ctx.tls12_prf.secret,
+                                     operation->ctx.tls12_prf.secret_length);
+            mbedtls_free(operation->ctx.tls12_prf.secret);
+        }
+
+        if (operation->ctx.tls12_prf.seed != NULL) {
+            mbedtls_platform_zeroize(operation->ctx.tls12_prf.seed,
+                                     operation->ctx.tls12_prf.seed_length);
+            mbedtls_free(operation->ctx.tls12_prf.seed);
+        }
+
+        if (operation->ctx.tls12_prf.label != NULL) {
+            mbedtls_platform_zeroize(operation->ctx.tls12_prf.label,
+                                     operation->ctx.tls12_prf.label_length);
+            mbedtls_free(operation->ctx.tls12_prf.label);
+        }
+
+        status = PSA_SUCCESS;
+
+        /* We leave the fields Ai and output_block to be erased safely by the
+         * mbedtls_platform_zeroize() in the end of this function. */
+    } else
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) ||
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) */
+    {
+        status = PSA_ERROR_BAD_STATE;
+    }
+    mbedtls_platform_zeroize(operation, sizeof(*operation));
+    return status;
+}
+
+psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_t *operation,
+                                             size_t *capacity)
+{
+    if (operation->alg == 0) {
+        /* This is a blank key derivation operation. */
+        return PSA_ERROR_BAD_STATE;
+    }
+
+    *capacity = operation->capacity;
+    return PSA_SUCCESS;
+}
+
+psa_status_t psa_key_derivation_set_capacity(psa_key_derivation_operation_t *operation,
+                                             size_t capacity)
+{
+    if (operation->alg == 0) {
+        return PSA_ERROR_BAD_STATE;
+    }
+    if (capacity > operation->capacity) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+    operation->capacity = capacity;
+    return PSA_SUCCESS;
+}
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
+/* Read some bytes from an HKDF-based operation. This performs a chunk
+ * of the expand phase of the HKDF algorithm. */
+static psa_status_t psa_key_derivation_hkdf_read(psa_hkdf_key_derivation_t *hkdf,
+                                                 psa_algorithm_t hash_alg,
+                                                 uint8_t *output,
+                                                 size_t output_length)
+{
+    uint8_t hash_length = PSA_HASH_LENGTH(hash_alg);
+    size_t hmac_output_length;
+    psa_status_t status;
+
+    if (hkdf->state < HKDF_STATE_KEYED || !hkdf->info_set) {
+        return PSA_ERROR_BAD_STATE;
+    }
+    hkdf->state = HKDF_STATE_OUTPUT;
+
+    while (output_length != 0) {
+        /* Copy what remains of the current block */
+        uint8_t n = hash_length - hkdf->offset_in_block;
+        if (n > output_length) {
+            n = (uint8_t) output_length;
+        }
+        memcpy(output, hkdf->output_block + hkdf->offset_in_block, n);
+        output += n;
+        output_length -= n;
+        hkdf->offset_in_block += n;
+        if (output_length == 0) {
+            break;
+        }
+        /* We can't be wanting more output after block 0xff, otherwise
+         * the capacity check in psa_key_derivation_output_bytes() would have
+         * prevented this call. It could happen only if the operation
+         * object was corrupted or if this function is called directly
+         * inside the library. */
+        if (hkdf->block_number == 0xff) {
+            return PSA_ERROR_BAD_STATE;
+        }
+
+        /* We need a new block */
+        ++hkdf->block_number;
+        hkdf->offset_in_block = 0;
+
+        status = psa_key_derivation_start_hmac(&hkdf->hmac,
+                                               hash_alg,
+                                               hkdf->prk,
+                                               hash_length);
+        if (status != PSA_SUCCESS) {
+            return status;
+        }
+
+        if (hkdf->block_number != 1) {
+            status = psa_mac_update(&hkdf->hmac,
+                                    hkdf->output_block,
+                                    hash_length);
+            if (status != PSA_SUCCESS) {
+                return status;
+            }
+        }
+        status = psa_mac_update(&hkdf->hmac,
+                                hkdf->info,
+                                hkdf->info_length);
+        if (status != PSA_SUCCESS) {
+            return status;
+        }
+        status = psa_mac_update(&hkdf->hmac,
+                                &hkdf->block_number, 1);
+        if (status != PSA_SUCCESS) {
+            return status;
+        }
+        status = psa_mac_sign_finish(&hkdf->hmac,
+                                     hkdf->output_block,
+                                     sizeof(hkdf->output_block),
+                                     &hmac_output_length);
+        if (status != PSA_SUCCESS) {
+            return status;
+        }
+    }
+
+    return PSA_SUCCESS;
+}
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
+static psa_status_t psa_key_derivation_tls12_prf_generate_next_block(
+    psa_tls12_prf_key_derivation_t *tls12_prf,
+    psa_algorithm_t alg)
+{
+    psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH(alg);
+    uint8_t hash_length = PSA_HASH_LENGTH(hash_alg);
+    psa_mac_operation_t hmac = PSA_MAC_OPERATION_INIT;
+    size_t hmac_output_length;
+    psa_status_t status, cleanup_status;
+
+    /* We can't be wanting more output after block 0xff, otherwise
+     * the capacity check in psa_key_derivation_output_bytes() would have
+     * prevented this call. It could happen only if the operation
+     * object was corrupted or if this function is called directly
+     * inside the library. */
+    if (tls12_prf->block_number == 0xff) {
+        return PSA_ERROR_CORRUPTION_DETECTED;
+    }
+
+    /* We need a new block */
+    ++tls12_prf->block_number;
+    tls12_prf->left_in_block = hash_length;
+
+    /* Recall the definition of the TLS-1.2-PRF from RFC 5246:
+     *
+     * PRF(secret, label, seed) = P_<hash>(secret, label + seed)
+     *
+     * P_hash(secret, seed) = HMAC_hash(secret, A(1) + seed) +
+     *                        HMAC_hash(secret, A(2) + seed) +
+     *                        HMAC_hash(secret, A(3) + seed) + ...
+     *
+     * A(0) = seed
+     * A(i) = HMAC_hash(secret, A(i-1))
+     *
+     * The `psa_tls12_prf_key_derivation` structure saves the block
+     * `HMAC_hash(secret, A(i) + seed)` from which the output
+     * is currently extracted as `output_block` and where i is
+     * `block_number`.
+     */
+
+    status = psa_key_derivation_start_hmac(&hmac,
+                                           hash_alg,
+                                           tls12_prf->secret,
+                                           tls12_prf->secret_length);
+    if (status != PSA_SUCCESS) {
+        goto cleanup;
+    }
+
+    /* Calculate A(i) where i = tls12_prf->block_number. */
+    if (tls12_prf->block_number == 1) {
+        /* A(1) = HMAC_hash(secret, A(0)), where A(0) = seed. (The RFC overloads
+         * the variable seed and in this instance means it in the context of the
+         * P_hash function, where seed = label + seed.) */
+        status = psa_mac_update(&hmac,
+                                tls12_prf->label,
+                                tls12_prf->label_length);
+        if (status != PSA_SUCCESS) {
+            goto cleanup;
+        }
+        status = psa_mac_update(&hmac,
+                                tls12_prf->seed,
+                                tls12_prf->seed_length);
+        if (status != PSA_SUCCESS) {
+            goto cleanup;
+        }
+    } else {
+        /* A(i) = HMAC_hash(secret, A(i-1)) */
+        status = psa_mac_update(&hmac, tls12_prf->Ai, hash_length);
+        if (status != PSA_SUCCESS) {
+            goto cleanup;
+        }
+    }
+
+    status = psa_mac_sign_finish(&hmac,
+                                 tls12_prf->Ai, hash_length,
+                                 &hmac_output_length);
+    if (hmac_output_length != hash_length) {
+        status = PSA_ERROR_CORRUPTION_DETECTED;
+    }
+    if (status != PSA_SUCCESS) {
+        goto cleanup;
+    }
+
+    /* Calculate HMAC_hash(secret, A(i) + label + seed). */
+    status = psa_key_derivation_start_hmac(&hmac,
+                                           hash_alg,
+                                           tls12_prf->secret,
+                                           tls12_prf->secret_length);
+    if (status != PSA_SUCCESS) {
+        goto cleanup;
+    }
+    status = psa_mac_update(&hmac, tls12_prf->Ai, hash_length);
+    if (status != PSA_SUCCESS) {
+        goto cleanup;
+    }
+    status = psa_mac_update(&hmac, tls12_prf->label, tls12_prf->label_length);
+    if (status != PSA_SUCCESS) {
+        goto cleanup;
+    }
+    status = psa_mac_update(&hmac, tls12_prf->seed, tls12_prf->seed_length);
+    if (status != PSA_SUCCESS) {
+        goto cleanup;
+    }
+    status = psa_mac_sign_finish(&hmac,
+                                 tls12_prf->output_block, hash_length,
+                                 &hmac_output_length);
+    if (status != PSA_SUCCESS) {
+        goto cleanup;
+    }
+
+
+cleanup:
+    cleanup_status = psa_mac_abort(&hmac);
+    if (status == PSA_SUCCESS && cleanup_status != PSA_SUCCESS) {
+        status = cleanup_status;
+    }
+
+    return status;
+}
+
+static psa_status_t psa_key_derivation_tls12_prf_read(
+    psa_tls12_prf_key_derivation_t *tls12_prf,
+    psa_algorithm_t alg,
+    uint8_t *output,
+    size_t output_length)
+{
+    psa_algorithm_t hash_alg = PSA_ALG_TLS12_PRF_GET_HASH(alg);
+    uint8_t hash_length = PSA_HASH_LENGTH(hash_alg);
+    psa_status_t status;
+    uint8_t offset, length;
+
+    switch (tls12_prf->state) {
+        case PSA_TLS12_PRF_STATE_LABEL_SET:
+            tls12_prf->state = PSA_TLS12_PRF_STATE_OUTPUT;
+            break;
+        case PSA_TLS12_PRF_STATE_OUTPUT:
+            break;
+        default:
+            return PSA_ERROR_BAD_STATE;
+    }
+
+    while (output_length != 0) {
+        /* Check if we have fully processed the current block. */
+        if (tls12_prf->left_in_block == 0) {
+            status = psa_key_derivation_tls12_prf_generate_next_block(tls12_prf,
+                                                                      alg);
+            if (status != PSA_SUCCESS) {
+                return status;
+            }
+
+            continue;
+        }
+
+        if (tls12_prf->left_in_block > output_length) {
+            length = (uint8_t) output_length;
+        } else {
+            length = tls12_prf->left_in_block;
+        }
+
+        offset = hash_length - tls12_prf->left_in_block;
+        memcpy(output, tls12_prf->output_block + offset, length);
+        output += length;
+        output_length -= length;
+        tls12_prf->left_in_block -= length;
+    }
+
+    return PSA_SUCCESS;
+}
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF ||
+        * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
+
+psa_status_t psa_key_derivation_output_bytes(
+    psa_key_derivation_operation_t *operation,
+    uint8_t *output,
+    size_t output_length)
+{
+    psa_status_t status;
+    psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg(operation);
+
+    if (operation->alg == 0) {
+        /* This is a blank operation. */
+        return PSA_ERROR_BAD_STATE;
+    }
+
+    if (output_length > operation->capacity) {
+        operation->capacity = 0;
+        /* Go through the error path to wipe all confidential data now
+         * that the operation object is useless. */
+        status = PSA_ERROR_INSUFFICIENT_DATA;
+        goto exit;
+    }
+    if (output_length == 0 && operation->capacity == 0) {
+        /* Edge case: this is a finished operation, and 0 bytes
+         * were requested. The right error in this case could
+         * be either INSUFFICIENT_CAPACITY or BAD_STATE. Return
+         * INSUFFICIENT_CAPACITY, which is right for a finished
+         * operation, for consistency with the case when
+         * output_length > 0. */
+        return PSA_ERROR_INSUFFICIENT_DATA;
+    }
+    operation->capacity -= output_length;
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
+    if (PSA_ALG_IS_HKDF(kdf_alg)) {
+        psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH(kdf_alg);
+        status = psa_key_derivation_hkdf_read(&operation->ctx.hkdf, hash_alg,
+                                              output, output_length);
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
+    if (PSA_ALG_IS_TLS12_PRF(kdf_alg) ||
+        PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) {
+        status = psa_key_derivation_tls12_prf_read(&operation->ctx.tls12_prf,
+                                                   kdf_alg, output,
+                                                   output_length);
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF ||
+        * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
+    {
+        (void) kdf_alg;
+        return PSA_ERROR_BAD_STATE;
+    }
+
+exit:
+    if (status != PSA_SUCCESS) {
+        /* Preserve the algorithm upon errors, but clear all sensitive state.
+         * This allows us to differentiate between exhausted operations and
+         * blank operations, so we can return PSA_ERROR_BAD_STATE on blank
+         * operations. */
+        psa_algorithm_t alg = operation->alg;
+        psa_key_derivation_abort(operation);
+        operation->alg = alg;
+        memset(output, '!', output_length);
+    }
+    return status;
+}
+
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES)
+static void psa_des_set_key_parity(uint8_t *data, size_t data_size)
+{
+    if (data_size >= 8) {
+        mbedtls_des_key_set_parity(data);
+    }
+    if (data_size >= 16) {
+        mbedtls_des_key_set_parity(data + 8);
+    }
+    if (data_size >= 24) {
+        mbedtls_des_key_set_parity(data + 16);
+    }
+}
+#endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES */
+
+static psa_status_t psa_generate_derived_key_internal(
+    psa_key_slot_t *slot,
+    size_t bits,
+    psa_key_derivation_operation_t *operation)
+{
+    uint8_t *data = NULL;
+    size_t bytes = PSA_BITS_TO_BYTES(bits);
+    psa_status_t status;
+    psa_key_attributes_t attributes;
+
+    if (!key_type_is_raw_bytes(slot->attr.type)) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+    if (bits % 8 != 0) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+    data = mbedtls_calloc(1, bytes);
+    if (data == NULL) {
+        return PSA_ERROR_INSUFFICIENT_MEMORY;
+    }
+
+    status = psa_key_derivation_output_bytes(operation, data, bytes);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES)
+    if (slot->attr.type == PSA_KEY_TYPE_DES) {
+        psa_des_set_key_parity(data, bytes);
+    }
+#endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES */
+
+    status = psa_allocate_buffer_to_slot(slot, bytes);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    slot->attr.bits = (psa_key_bits_t) bits;
+    attributes = (psa_key_attributes_t) {
+        .core = slot->attr
+    };
+
+    status = psa_driver_wrapper_import_key(&attributes,
+                                           data, bytes,
+                                           slot->key.data,
+                                           slot->key.bytes,
+                                           &slot->key.bytes, &bits);
+    if (bits != slot->attr.bits) {
+        status = PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+exit:
+    mbedtls_free(data);
+    return status;
+}
+
+psa_status_t psa_key_derivation_output_key(const psa_key_attributes_t *attributes,
+                                           psa_key_derivation_operation_t *operation,
+                                           mbedtls_svc_key_id_t *key)
+{
+    psa_status_t status;
+    psa_key_slot_t *slot = NULL;
+    psa_se_drv_table_entry_t *driver = NULL;
+
+    *key = MBEDTLS_SVC_KEY_ID_INIT;
+
+    /* Reject any attempt to create a zero-length key so that we don't
+     * risk tripping up later, e.g. on a malloc(0) that returns NULL. */
+    if (psa_get_key_bits(attributes) == 0) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    if (operation->alg == PSA_ALG_NONE) {
+        return PSA_ERROR_BAD_STATE;
+    }
+
+    if (!operation->can_output_key) {
+        return PSA_ERROR_NOT_PERMITTED;
+    }
+
+    status = psa_start_key_creation(PSA_KEY_CREATION_DERIVE, attributes,
+                                    &slot, &driver);
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    if (driver != NULL) {
+        /* Deriving a key in a secure element is not implemented yet. */
+        status = PSA_ERROR_NOT_SUPPORTED;
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+    if (status == PSA_SUCCESS) {
+        status = psa_generate_derived_key_internal(slot,
+                                                   attributes->core.bits,
+                                                   operation);
+    }
+    if (status == PSA_SUCCESS) {
+        status = psa_finish_key_creation(slot, driver, key);
+    }
+    if (status != PSA_SUCCESS) {
+        psa_fail_key_creation(slot, driver);
+    }
+
+    return status;
+}
+
+
+
+/****************************************************************/
+/* Key derivation */
+/****************************************************************/
+
+#if defined(AT_LEAST_ONE_BUILTIN_KDF)
+static int is_kdf_alg_supported(psa_algorithm_t kdf_alg)
+{
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
+    if (PSA_ALG_IS_HKDF(kdf_alg)) {
+        return 1;
+    }
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF)
+    if (PSA_ALG_IS_TLS12_PRF(kdf_alg)) {
+        return 1;
+    }
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
+    if (PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) {
+        return 1;
+    }
+#endif
+    return 0;
+}
+
+static psa_status_t psa_hash_try_support(psa_algorithm_t alg)
+{
+    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+    psa_status_t status = psa_hash_setup(&operation, alg);
+    psa_hash_abort(&operation);
+    return status;
+}
+
+static psa_status_t psa_key_derivation_setup_kdf(
+    psa_key_derivation_operation_t *operation,
+    psa_algorithm_t kdf_alg)
+{
+    /* Make sure that operation->ctx is properly zero-initialised. (Macro
+     * initialisers for this union leave some bytes unspecified.) */
+    memset(&operation->ctx, 0, sizeof(operation->ctx));
+
+    /* Make sure that kdf_alg is a supported key derivation algorithm. */
+    if (!is_kdf_alg_supported(kdf_alg)) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    /* All currently supported key derivation algorithms are based on a
+     * hash algorithm. */
+    psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH(kdf_alg);
+    size_t hash_size = PSA_HASH_LENGTH(hash_alg);
+    if (hash_size == 0) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    /* Make sure that hash_alg is a supported hash algorithm. Otherwise
+     * we might fail later, which is somewhat unfriendly and potentially
+     * risk-prone. */
+    psa_status_t status = psa_hash_try_support(hash_alg);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    if ((PSA_ALG_IS_TLS12_PRF(kdf_alg) ||
+         PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) &&
+        !(hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384)) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    operation->capacity = 255 * hash_size;
+    return PSA_SUCCESS;
+}
+
+static psa_status_t psa_key_agreement_try_support(psa_algorithm_t alg)
+{
+#if defined(PSA_WANT_ALG_ECDH)
+    if (alg == PSA_ALG_ECDH) {
+        return PSA_SUCCESS;
+    }
+#endif
+    (void) alg;
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+#endif /* AT_LEAST_ONE_BUILTIN_KDF */
+
+psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation,
+                                      psa_algorithm_t alg)
+{
+    psa_status_t status;
+
+    if (operation->alg != 0) {
+        return PSA_ERROR_BAD_STATE;
+    }
+
+    if (PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    } else if (PSA_ALG_IS_KEY_AGREEMENT(alg)) {
+#if defined(AT_LEAST_ONE_BUILTIN_KDF)
+        psa_algorithm_t kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF(alg);
+        psa_algorithm_t ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE(alg);
+        status = psa_key_agreement_try_support(ka_alg);
+        if (status != PSA_SUCCESS) {
+            return status;
+        }
+        status = psa_key_derivation_setup_kdf(operation, kdf_alg);
+#else
+        return PSA_ERROR_NOT_SUPPORTED;
+#endif /* AT_LEAST_ONE_BUILTIN_KDF */
+    } else if (PSA_ALG_IS_KEY_DERIVATION(alg)) {
+#if defined(AT_LEAST_ONE_BUILTIN_KDF)
+        status = psa_key_derivation_setup_kdf(operation, alg);
+#else
+        return PSA_ERROR_NOT_SUPPORTED;
+#endif /* AT_LEAST_ONE_BUILTIN_KDF */
+    } else {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    if (status == PSA_SUCCESS) {
+        operation->alg = alg;
+    }
+    return status;
+}
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
+static psa_status_t psa_hkdf_input(psa_hkdf_key_derivation_t *hkdf,
+                                   psa_algorithm_t hash_alg,
+                                   psa_key_derivation_step_t step,
+                                   const uint8_t *data,
+                                   size_t data_length)
+{
+    psa_status_t status;
+    switch (step) {
+        case PSA_KEY_DERIVATION_INPUT_SALT:
+            if (hkdf->state != HKDF_STATE_INIT) {
+                return PSA_ERROR_BAD_STATE;
+            } else {
+                status = psa_key_derivation_start_hmac(&hkdf->hmac,
+                                                       hash_alg,
+                                                       data, data_length);
+                if (status != PSA_SUCCESS) {
+                    return status;
+                }
+                hkdf->state = HKDF_STATE_STARTED;
+                return PSA_SUCCESS;
+            }
+        case PSA_KEY_DERIVATION_INPUT_SECRET:
+            /* If no salt was provided, use an empty salt. */
+            if (hkdf->state == HKDF_STATE_INIT) {
+                status = psa_key_derivation_start_hmac(&hkdf->hmac,
+                                                       hash_alg,
+                                                       NULL, 0);
+                if (status != PSA_SUCCESS) {
+                    return status;
+                }
+                hkdf->state = HKDF_STATE_STARTED;
+            }
+            if (hkdf->state != HKDF_STATE_STARTED) {
+                return PSA_ERROR_BAD_STATE;
+            }
+            status = psa_mac_update(&hkdf->hmac,
+                                    data, data_length);
+            if (status != PSA_SUCCESS) {
+                return status;
+            }
+            status = psa_mac_sign_finish(&hkdf->hmac,
+                                         hkdf->prk,
+                                         sizeof(hkdf->prk),
+                                         &data_length);
+            if (status != PSA_SUCCESS) {
+                return status;
+            }
+            hkdf->offset_in_block = PSA_HASH_LENGTH(hash_alg);
+            hkdf->block_number = 0;
+            hkdf->state = HKDF_STATE_KEYED;
+            return PSA_SUCCESS;
+        case PSA_KEY_DERIVATION_INPUT_INFO:
+            if (hkdf->state == HKDF_STATE_OUTPUT) {
+                return PSA_ERROR_BAD_STATE;
+            }
+            if (hkdf->info_set) {
+                return PSA_ERROR_BAD_STATE;
+            }
+            hkdf->info_length = data_length;
+            if (data_length != 0) {
+                hkdf->info = mbedtls_calloc(1, data_length);
+                if (hkdf->info == NULL) {
+                    return PSA_ERROR_INSUFFICIENT_MEMORY;
+                }
+                memcpy(hkdf->info, data, data_length);
+            }
+            hkdf->info_set = 1;
+            return PSA_SUCCESS;
+        default:
+            return PSA_ERROR_INVALID_ARGUMENT;
+    }
+}
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
+static psa_status_t psa_tls12_prf_set_seed(psa_tls12_prf_key_derivation_t *prf,
+                                           const uint8_t *data,
+                                           size_t data_length)
+{
+    if (prf->state != PSA_TLS12_PRF_STATE_INIT) {
+        return PSA_ERROR_BAD_STATE;
+    }
+
+    if (data_length != 0) {
+        prf->seed = mbedtls_calloc(1, data_length);
+        if (prf->seed == NULL) {
+            return PSA_ERROR_INSUFFICIENT_MEMORY;
+        }
+
+        memcpy(prf->seed, data, data_length);
+        prf->seed_length = data_length;
+    }
+
+    prf->state = PSA_TLS12_PRF_STATE_SEED_SET;
+
+    return PSA_SUCCESS;
+}
+
+static psa_status_t psa_tls12_prf_set_key(psa_tls12_prf_key_derivation_t *prf,
+                                          const uint8_t *data,
+                                          size_t data_length)
+{
+    if (prf->state != PSA_TLS12_PRF_STATE_SEED_SET) {
+        return PSA_ERROR_BAD_STATE;
+    }
+
+    if (data_length != 0) {
+        prf->secret = mbedtls_calloc(1, data_length);
+        if (prf->secret == NULL) {
+            return PSA_ERROR_INSUFFICIENT_MEMORY;
+        }
+
+        memcpy(prf->secret, data, data_length);
+        prf->secret_length = data_length;
+    }
+
+    prf->state = PSA_TLS12_PRF_STATE_KEY_SET;
+
+    return PSA_SUCCESS;
+}
+
+static psa_status_t psa_tls12_prf_set_label(psa_tls12_prf_key_derivation_t *prf,
+                                            const uint8_t *data,
+                                            size_t data_length)
+{
+    if (prf->state != PSA_TLS12_PRF_STATE_KEY_SET) {
+        return PSA_ERROR_BAD_STATE;
+    }
+
+    if (data_length != 0) {
+        prf->label = mbedtls_calloc(1, data_length);
+        if (prf->label == NULL) {
+            return PSA_ERROR_INSUFFICIENT_MEMORY;
+        }
+
+        memcpy(prf->label, data, data_length);
+        prf->label_length = data_length;
+    }
+
+    prf->state = PSA_TLS12_PRF_STATE_LABEL_SET;
+
+    return PSA_SUCCESS;
+}
+
+static psa_status_t psa_tls12_prf_input(psa_tls12_prf_key_derivation_t *prf,
+                                        psa_key_derivation_step_t step,
+                                        const uint8_t *data,
+                                        size_t data_length)
+{
+    switch (step) {
+        case PSA_KEY_DERIVATION_INPUT_SEED:
+            return psa_tls12_prf_set_seed(prf, data, data_length);
+        case PSA_KEY_DERIVATION_INPUT_SECRET:
+            return psa_tls12_prf_set_key(prf, data, data_length);
+        case PSA_KEY_DERIVATION_INPUT_LABEL:
+            return psa_tls12_prf_set_label(prf, data, data_length);
+        default:
+            return PSA_ERROR_INVALID_ARGUMENT;
+    }
+}
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) ||
+        * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
+static psa_status_t psa_tls12_prf_psk_to_ms_set_key(
+    psa_tls12_prf_key_derivation_t *prf,
+    const uint8_t *data,
+    size_t data_length)
+{
+    psa_status_t status;
+    uint8_t pms[4 + 2 * PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE];
+    uint8_t *cur = pms;
+
+    if (data_length > PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    /* Quoting RFC 4279, Section 2:
+     *
+     * The premaster secret is formed as follows: if the PSK is N octets
+     * long, concatenate a uint16 with the value N, N zero octets, a second
+     * uint16 with the value N, and the PSK itself.
+     */
+
+    *cur++ = MBEDTLS_BYTE_1(data_length);
+    *cur++ = MBEDTLS_BYTE_0(data_length);
+    memset(cur, 0, data_length);
+    cur += data_length;
+    *cur++ = pms[0];
+    *cur++ = pms[1];
+    memcpy(cur, data, data_length);
+    cur += data_length;
+
+    status = psa_tls12_prf_set_key(prf, pms, cur - pms);
+
+    mbedtls_platform_zeroize(pms, sizeof(pms));
+    return status;
+}
+
+static psa_status_t psa_tls12_prf_psk_to_ms_input(
+    psa_tls12_prf_key_derivation_t *prf,
+    psa_key_derivation_step_t step,
+    const uint8_t *data,
+    size_t data_length)
+{
+    if (step == PSA_KEY_DERIVATION_INPUT_SECRET) {
+        return psa_tls12_prf_psk_to_ms_set_key(prf,
+                                               data, data_length);
+    }
+
+    return psa_tls12_prf_input(prf, step, data, data_length);
+}
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
+
+/** Check whether the given key type is acceptable for the given
+ * input step of a key derivation.
+ *
+ * Secret inputs must have the type #PSA_KEY_TYPE_DERIVE.
+ * Non-secret inputs must have the type #PSA_KEY_TYPE_RAW_DATA.
+ * Both secret and non-secret inputs can alternatively have the type
+ * #PSA_KEY_TYPE_NONE, which is never the type of a key object, meaning
+ * that the input was passed as a buffer rather than via a key object.
+ */
+static int psa_key_derivation_check_input_type(
+    psa_key_derivation_step_t step,
+    psa_key_type_t key_type)
+{
+    switch (step) {
+        case PSA_KEY_DERIVATION_INPUT_SECRET:
+            if (key_type == PSA_KEY_TYPE_DERIVE) {
+                return PSA_SUCCESS;
+            }
+            if (key_type == PSA_KEY_TYPE_NONE) {
+                return PSA_SUCCESS;
+            }
+            break;
+        case PSA_KEY_DERIVATION_INPUT_LABEL:
+        case PSA_KEY_DERIVATION_INPUT_SALT:
+        case PSA_KEY_DERIVATION_INPUT_INFO:
+        case PSA_KEY_DERIVATION_INPUT_SEED:
+            if (key_type == PSA_KEY_TYPE_RAW_DATA) {
+                return PSA_SUCCESS;
+            }
+            if (key_type == PSA_KEY_TYPE_NONE) {
+                return PSA_SUCCESS;
+            }
+            break;
+    }
+    return PSA_ERROR_INVALID_ARGUMENT;
+}
+
+static psa_status_t psa_key_derivation_input_internal(
+    psa_key_derivation_operation_t *operation,
+    psa_key_derivation_step_t step,
+    psa_key_type_t key_type,
+    const uint8_t *data,
+    size_t data_length)
+{
+    psa_status_t status;
+    psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg(operation);
+
+    status = psa_key_derivation_check_input_type(step, key_type);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
+    if (PSA_ALG_IS_HKDF(kdf_alg)) {
+        status = psa_hkdf_input(&operation->ctx.hkdf,
+                                PSA_ALG_HKDF_GET_HASH(kdf_alg),
+                                step, data, data_length);
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF)
+    if (PSA_ALG_IS_TLS12_PRF(kdf_alg)) {
+        status = psa_tls12_prf_input(&operation->ctx.tls12_prf,
+                                     step, data, data_length);
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
+    if (PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) {
+        status = psa_tls12_prf_psk_to_ms_input(&operation->ctx.tls12_prf,
+                                               step, data, data_length);
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
+    {
+        /* This can't happen unless the operation object was not initialized */
+        (void) data;
+        (void) data_length;
+        (void) kdf_alg;
+        return PSA_ERROR_BAD_STATE;
+    }
+
+exit:
+    if (status != PSA_SUCCESS) {
+        psa_key_derivation_abort(operation);
+    }
+    return status;
+}
+
+psa_status_t psa_key_derivation_input_bytes(
+    psa_key_derivation_operation_t *operation,
+    psa_key_derivation_step_t step,
+    const uint8_t *data,
+    size_t data_length)
+{
+    return psa_key_derivation_input_internal(operation, step,
+                                             PSA_KEY_TYPE_NONE,
+                                             data, data_length);
+}
+
+psa_status_t psa_key_derivation_input_key(
+    psa_key_derivation_operation_t *operation,
+    psa_key_derivation_step_t step,
+    mbedtls_svc_key_id_t key)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_slot_t *slot;
+
+    status = psa_get_and_lock_transparent_key_slot_with_policy(
+        key, &slot, PSA_KEY_USAGE_DERIVE, operation->alg);
+    if (status != PSA_SUCCESS) {
+        psa_key_derivation_abort(operation);
+        return status;
+    }
+
+    /* Passing a key object as a SECRET input unlocks the permission
+     * to output to a key object. */
+    if (step == PSA_KEY_DERIVATION_INPUT_SECRET) {
+        operation->can_output_key = 1;
+    }
+
+    status = psa_key_derivation_input_internal(operation,
+                                               step, slot->attr.type,
+                                               slot->key.data,
+                                               slot->key.bytes);
+
+    unlock_status = psa_unlock_key_slot(slot);
+
+    return (status == PSA_SUCCESS) ? unlock_status : status;
+}
+
+
+
+/****************************************************************/
+/* Key agreement */
+/****************************************************************/
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH)
+static psa_status_t psa_key_agreement_ecdh(const uint8_t *peer_key,
+                                           size_t peer_key_length,
+                                           const mbedtls_ecp_keypair *our_key,
+                                           uint8_t *shared_secret,
+                                           size_t shared_secret_size,
+                                           size_t *shared_secret_length)
+{
+    mbedtls_ecp_keypair *their_key = NULL;
+    mbedtls_ecdh_context ecdh;
+    psa_status_t status;
+    size_t bits = 0;
+    psa_ecc_family_t curve = mbedtls_ecc_group_to_psa(our_key->grp.id, &bits);
+    mbedtls_ecdh_init(&ecdh);
+
+    status = mbedtls_psa_ecp_load_representation(
+        PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve),
+        bits,
+        peer_key,
+        peer_key_length,
+        &their_key);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    status = mbedtls_to_psa_error(
+        mbedtls_ecdh_get_params(&ecdh, their_key, MBEDTLS_ECDH_THEIRS));
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+    status = mbedtls_to_psa_error(
+        mbedtls_ecdh_get_params(&ecdh, our_key, MBEDTLS_ECDH_OURS));
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    status = mbedtls_to_psa_error(
+        mbedtls_ecdh_calc_secret(&ecdh,
+                                 shared_secret_length,
+                                 shared_secret, shared_secret_size,
+                                 mbedtls_psa_get_random,
+                                 MBEDTLS_PSA_RANDOM_STATE));
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+    if (PSA_BITS_TO_BYTES(bits) != *shared_secret_length) {
+        status = PSA_ERROR_CORRUPTION_DETECTED;
+    }
+
+exit:
+    if (status != PSA_SUCCESS) {
+        mbedtls_platform_zeroize(shared_secret, shared_secret_size);
+    }
+    mbedtls_ecdh_free(&ecdh);
+    mbedtls_ecp_keypair_free(their_key);
+    mbedtls_free(their_key);
+
+    return status;
+}
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_ECDH */
+
+#define PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE MBEDTLS_ECP_MAX_BYTES
+
+static psa_status_t psa_key_agreement_raw_internal(psa_algorithm_t alg,
+                                                   psa_key_slot_t *private_key,
+                                                   const uint8_t *peer_key,
+                                                   size_t peer_key_length,
+                                                   uint8_t *shared_secret,
+                                                   size_t shared_secret_size,
+                                                   size_t *shared_secret_length)
+{
+    mbedtls_ecp_keypair *ecp = NULL;
+    psa_status_t status;
+
+    switch (alg) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH)
+        case PSA_ALG_ECDH:
+            if (!PSA_KEY_TYPE_IS_ECC_KEY_PAIR(private_key->attr.type)) {
+                return PSA_ERROR_INVALID_ARGUMENT;
+            }
+            status = mbedtls_psa_ecp_load_representation(
+                private_key->attr.type,
+                private_key->attr.bits,
+                private_key->key.data,
+                private_key->key.bytes,
+                &ecp);
+            if (status != PSA_SUCCESS) {
+                return status;
+            }
+            status = psa_key_agreement_ecdh(peer_key, peer_key_length,
+                                            ecp,
+                                            shared_secret, shared_secret_size,
+                                            shared_secret_length);
+            mbedtls_ecp_keypair_free(ecp);
+            mbedtls_free(ecp);
+            return status;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_ECDH */
+        default:
+            (void) ecp;
+            (void) status;
+            (void) private_key;
+            (void) peer_key;
+            (void) peer_key_length;
+            (void) shared_secret;
+            (void) shared_secret_size;
+            (void) shared_secret_length;
+            return PSA_ERROR_NOT_SUPPORTED;
+    }
+}
+
+/* Note that if this function fails, you must call psa_key_derivation_abort()
+ * to potentially free embedded data structures and wipe confidential data.
+ */
+static psa_status_t psa_key_agreement_internal(psa_key_derivation_operation_t *operation,
+                                               psa_key_derivation_step_t step,
+                                               psa_key_slot_t *private_key,
+                                               const uint8_t *peer_key,
+                                               size_t peer_key_length)
+{
+    psa_status_t status;
+    uint8_t shared_secret[PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE];
+    size_t shared_secret_length = 0;
+    psa_algorithm_t ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE(operation->alg);
+
+    /* Step 1: run the secret agreement algorithm to generate the shared
+     * secret. */
+    status = psa_key_agreement_raw_internal(ka_alg,
+                                            private_key,
+                                            peer_key, peer_key_length,
+                                            shared_secret,
+                                            sizeof(shared_secret),
+                                            &shared_secret_length);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    /* Step 2: set up the key derivation to generate key material from
+     * the shared secret. A shared secret is permitted wherever a key
+     * of type DERIVE is permitted. */
+    status = psa_key_derivation_input_internal(operation, step,
+                                               PSA_KEY_TYPE_DERIVE,
+                                               shared_secret,
+                                               shared_secret_length);
+exit:
+    mbedtls_platform_zeroize(shared_secret, shared_secret_length);
+    return status;
+}
+
+psa_status_t psa_key_derivation_key_agreement(psa_key_derivation_operation_t *operation,
+                                              psa_key_derivation_step_t step,
+                                              mbedtls_svc_key_id_t private_key,
+                                              const uint8_t *peer_key,
+                                              size_t peer_key_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_slot_t *slot;
+
+    if (!PSA_ALG_IS_KEY_AGREEMENT(operation->alg)) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+    status = psa_get_and_lock_transparent_key_slot_with_policy(
+        private_key, &slot, PSA_KEY_USAGE_DERIVE, operation->alg);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+    status = psa_key_agreement_internal(operation, step,
+                                        slot,
+                                        peer_key, peer_key_length);
+    if (status != PSA_SUCCESS) {
+        psa_key_derivation_abort(operation);
+    } else {
+        /* If a private key has been added as SECRET, we allow the derived
+         * key material to be used as a key in PSA Crypto. */
+        if (step == PSA_KEY_DERIVATION_INPUT_SECRET) {
+            operation->can_output_key = 1;
+        }
+    }
+
+    unlock_status = psa_unlock_key_slot(slot);
+
+    return (status == PSA_SUCCESS) ? unlock_status : status;
+}
+
+psa_status_t psa_raw_key_agreement(psa_algorithm_t alg,
+                                   mbedtls_svc_key_id_t private_key,
+                                   const uint8_t *peer_key,
+                                   size_t peer_key_length,
+                                   uint8_t *output,
+                                   size_t output_size,
+                                   size_t *output_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_slot_t *slot = NULL;
+    size_t expected_length;
+
+    if (!PSA_ALG_IS_KEY_AGREEMENT(alg)) {
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
+    }
+    status = psa_get_and_lock_transparent_key_slot_with_policy(
+        private_key, &slot, PSA_KEY_USAGE_DERIVE, alg);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    /* PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE() is in general an upper bound
+     * for the output size. The PSA specification only guarantees that this
+     * function works if output_size >= PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(...),
+     * but it might be nice to allow smaller buffers if the output fits.
+     * At the time of writing this comment, with only ECDH implemented,
+     * PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE() is exact so the point is moot.
+     * If FFDH is implemented, PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE() can easily
+     * be exact for it as well. */
+    expected_length =
+        PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(slot->attr.type, slot->attr.bits);
+    if (output_size < expected_length) {
+        status = PSA_ERROR_BUFFER_TOO_SMALL;
+        goto exit;
+    }
+
+    status = psa_key_agreement_raw_internal(alg, slot,
+                                            peer_key, peer_key_length,
+                                            output, output_size,
+                                            output_length);
+
+exit:
+    if (status != PSA_SUCCESS) {
+        /* If an error happens and is not handled properly, the output
+         * may be used as a key to protect sensitive data. Arrange for such
+         * a key to be random, which is likely to result in decryption or
+         * verification errors. This is better than filling the buffer with
+         * some constant data such as zeros, which would result in the data
+         * being protected with a reproducible, easily knowable key.
+         */
+        psa_generate_random(output, output_size);
+        *output_length = output_size;
+    }
+
+    unlock_status = psa_unlock_key_slot(slot);
+
+    return (status == PSA_SUCCESS) ? unlock_status : status;
+}
+
+
+
+/****************************************************************/
+/* Random generation */
+/****************************************************************/
+
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
+#include "mbedtls/entropy_poll.h"
+#endif
+
+/** Initialize the PSA random generator.
+ */
+static void mbedtls_psa_random_init(mbedtls_psa_random_context_t *rng)
+{
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+    memset(rng, 0, sizeof(*rng));
+#else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+    /* Set default configuration if
+     * mbedtls_psa_crypto_configure_entropy_sources() hasn't been called. */
+    if (rng->entropy_init == NULL) {
+        rng->entropy_init = mbedtls_entropy_init;
+    }
+    if (rng->entropy_free == NULL) {
+        rng->entropy_free = mbedtls_entropy_free;
+    }
+
+    rng->entropy_init(&rng->entropy);
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \
+    defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
+    /* The PSA entropy injection feature depends on using NV seed as an entropy
+     * source. Add NV seed as an entropy source for PSA entropy injection. */
+    mbedtls_entropy_add_source(&rng->entropy,
+                               mbedtls_nv_seed_poll, NULL,
+                               MBEDTLS_ENTROPY_BLOCK_SIZE,
+                               MBEDTLS_ENTROPY_SOURCE_STRONG);
+#endif
+
+    mbedtls_psa_drbg_init(MBEDTLS_PSA_RANDOM_STATE);
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+}
+
+/** Deinitialize the PSA random generator.
+ */
+static void mbedtls_psa_random_free(mbedtls_psa_random_context_t *rng)
+{
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+    memset(rng, 0, sizeof(*rng));
+#else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+    mbedtls_psa_drbg_free(MBEDTLS_PSA_RANDOM_STATE);
+    rng->entropy_free(&rng->entropy);
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+}
+
+/** Seed the PSA random generator.
+ */
+static psa_status_t mbedtls_psa_random_seed(mbedtls_psa_random_context_t *rng)
+{
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+    /* Do nothing: the external RNG seeds itself. */
+    (void) rng;
+    return PSA_SUCCESS;
+#else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+    const unsigned char drbg_seed[] = "PSA";
+    int ret = mbedtls_psa_drbg_seed(&rng->entropy,
+                                    drbg_seed, sizeof(drbg_seed) - 1);
+    return mbedtls_to_psa_error(ret);
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+}
+
+psa_status_t psa_generate_random(uint8_t *output,
+                                 size_t output_size)
+{
+    GUARD_MODULE_INITIALIZED;
+
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+
+    size_t output_length = 0;
+    psa_status_t status = mbedtls_psa_external_get_random(&global_data.rng,
+                                                          output, output_size,
+                                                          &output_length);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+    /* Breaking up a request into smaller chunks is currently not supported
+     * for the external RNG interface. */
+    if (output_length != output_size) {
+        return PSA_ERROR_INSUFFICIENT_ENTROPY;
+    }
+    return PSA_SUCCESS;
+
+#else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+    while (output_size > 0) {
+        size_t request_size =
+            (output_size > MBEDTLS_PSA_RANDOM_MAX_REQUEST ?
+             MBEDTLS_PSA_RANDOM_MAX_REQUEST :
+             output_size);
+        int ret = mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE,
+                                         output, request_size);
+        if (ret != 0) {
+            return mbedtls_to_psa_error(ret);
+        }
+        output_size -= request_size;
+        output += request_size;
+    }
+    return PSA_SUCCESS;
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+}
+
+/* Wrapper function allowing the classic API to use the PSA RNG.
+ *
+ * `mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, ...)` calls
+ * `psa_generate_random(...)`. The state parameter is ignored since the
+ * PSA API doesn't support passing an explicit state.
+ *
+ * In the non-external case, psa_generate_random() calls an
+ * `mbedtls_xxx_drbg_random` function which has exactly the same signature
+ * and semantics as mbedtls_psa_get_random(). As an optimization,
+ * instead of doing this back-and-forth between the PSA API and the
+ * classic API, psa_crypto_random_impl.h defines `mbedtls_psa_get_random`
+ * as a constant function pointer to `mbedtls_xxx_drbg_random`.
+ */
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+int mbedtls_psa_get_random(void *p_rng,
+                           unsigned char *output,
+                           size_t output_size)
+{
+    /* This function takes a pointer to the RNG state because that's what
+     * classic mbedtls functions using an RNG expect. The PSA RNG manages
+     * its own state internally and doesn't let the caller access that state.
+     * So we just ignore the state parameter, and in practice we'll pass
+     * NULL. */
+    (void) p_rng;
+    psa_status_t status = psa_generate_random(output, output_size);
+    if (status == PSA_SUCCESS) {
+        return 0;
+    } else {
+        return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+    }
+}
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
+psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
+                                        size_t seed_size)
+{
+    if (global_data.initialized) {
+        return PSA_ERROR_NOT_PERMITTED;
+    }
+
+    if (((seed_size < MBEDTLS_ENTROPY_MIN_PLATFORM) ||
+         (seed_size < MBEDTLS_ENTROPY_BLOCK_SIZE)) ||
+        (seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE)) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    return mbedtls_psa_storage_inject_entropy(seed, seed_size);
+}
+#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
+
+/** Validate the key type and size for key generation
+ *
+ * \param  type  The key type
+ * \param  bits  The number of bits of the key
+ *
+ * \retval #PSA_SUCCESS
+ *         The key type and size are valid.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         The size in bits of the key is not valid.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ *         The type and/or the size in bits of the key or the combination of
+ *         the two is not supported.
+ */
+static psa_status_t psa_validate_key_type_and_size_for_key_generation(
+    psa_key_type_t type, size_t bits)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+    if (key_type_is_raw_bytes(type)) {
+        status = validate_unstructured_key_bit_size(type, bits);
+        if (status != PSA_SUCCESS) {
+            return status;
+        }
+    } else
+#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR)
+    if (PSA_KEY_TYPE_IS_RSA(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) {
+        if (bits > PSA_VENDOR_RSA_MAX_KEY_BITS) {
+            return PSA_ERROR_NOT_SUPPORTED;
+        }
+
+        /* Accept only byte-aligned keys, for the same reasons as
+         * in psa_import_rsa_key(). */
+        if (bits % 8 != 0) {
+            return PSA_ERROR_NOT_SUPPORTED;
+        }
+    } else
+#endif /* defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) */
+
+#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR)
+    if (PSA_KEY_TYPE_IS_ECC(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) {
+        /* To avoid empty block, return successfully here. */
+        return PSA_SUCCESS;
+    } else
+#endif /* defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) */
+    {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    return PSA_SUCCESS;
+}
+
+psa_status_t psa_generate_key_internal(
+    const psa_key_attributes_t *attributes,
+    uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_type_t type = attributes->core.type;
+
+    if ((attributes->domain_parameters == NULL) &&
+        (attributes->domain_parameters_size != 0)) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    if (key_type_is_raw_bytes(type)) {
+        status = psa_generate_random(key_buffer, key_buffer_size);
+        if (status != PSA_SUCCESS) {
+            return status;
+        }
+
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES)
+        if (type == PSA_KEY_TYPE_DES) {
+            psa_des_set_key_parity(key_buffer, key_buffer_size);
+        }
+#endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES */
+    } else
+
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \
+    defined(MBEDTLS_GENPRIME)
+    if (type == PSA_KEY_TYPE_RSA_KEY_PAIR) {
+        return mbedtls_psa_rsa_generate_key(attributes,
+                                            key_buffer,
+                                            key_buffer_size,
+                                            key_buffer_length);
+    } else
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
+        * defined(MBEDTLS_GENPRIME) */
+
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
+    if (PSA_KEY_TYPE_IS_ECC(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) {
+        return mbedtls_psa_ecp_generate_key(attributes,
+                                            key_buffer,
+                                            key_buffer_size,
+                                            key_buffer_length);
+    } else
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */
+    {
+        (void) key_buffer_length;
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    return PSA_SUCCESS;
+}
+
+psa_status_t psa_generate_key(const psa_key_attributes_t *attributes,
+                              mbedtls_svc_key_id_t *key)
+{
+    psa_status_t status;
+    psa_key_slot_t *slot = NULL;
+    psa_se_drv_table_entry_t *driver = NULL;
+    size_t key_buffer_size;
+
+    *key = MBEDTLS_SVC_KEY_ID_INIT;
+
+    /* Reject any attempt to create a zero-length key so that we don't
+     * risk tripping up later, e.g. on a malloc(0) that returns NULL. */
+    if (psa_get_key_bits(attributes) == 0) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    /* Reject any attempt to create a public key. */
+    if (PSA_KEY_TYPE_IS_PUBLIC_KEY(attributes->core.type)) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    status = psa_start_key_creation(PSA_KEY_CREATION_GENERATE, attributes,
+                                    &slot, &driver);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    /* In the case of a transparent key or an opaque key stored in local
+     * storage (thus not in the case of generating a key in a secure element
+     * or cryptoprocessor with storage), we have to allocate a buffer to
+     * hold the generated key material. */
+    if (slot->key.data == NULL) {
+        if (PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime) ==
+            PSA_KEY_LOCATION_LOCAL_STORAGE) {
+            status = psa_validate_key_type_and_size_for_key_generation(
+                attributes->core.type, attributes->core.bits);
+            if (status != PSA_SUCCESS) {
+                goto exit;
+            }
+
+            key_buffer_size = PSA_EXPORT_KEY_OUTPUT_SIZE(
+                attributes->core.type,
+                attributes->core.bits);
+        } else {
+            status = psa_driver_wrapper_get_key_buffer_size(
+                attributes, &key_buffer_size);
+            if (status != PSA_SUCCESS) {
+                goto exit;
+            }
+        }
+
+        status = psa_allocate_buffer_to_slot(slot, key_buffer_size);
+        if (status != PSA_SUCCESS) {
+            goto exit;
+        }
+    }
+
+    status = psa_driver_wrapper_generate_key(attributes,
+                                             slot->key.data, slot->key.bytes, &slot->key.bytes);
+
+    if (status != PSA_SUCCESS) {
+        psa_remove_key_data_from_memory(slot);
+    }
+
+exit:
+    if (status == PSA_SUCCESS) {
+        status = psa_finish_key_creation(slot, driver, key);
+    }
+    if (status != PSA_SUCCESS) {
+        psa_fail_key_creation(slot, driver);
+    }
+
+    return status;
+}
+
+/****************************************************************/
+/* Module setup */
+/****************************************************************/
+
+#if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+psa_status_t mbedtls_psa_crypto_configure_entropy_sources(
+    void (* entropy_init)(mbedtls_entropy_context *ctx),
+    void (* entropy_free)(mbedtls_entropy_context *ctx))
+{
+    if (global_data.rng_state != RNG_NOT_INITIALIZED) {
+        return PSA_ERROR_BAD_STATE;
+    }
+    global_data.rng.entropy_init = entropy_init;
+    global_data.rng.entropy_free = entropy_free;
+    return PSA_SUCCESS;
+}
+#endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
+
+void mbedtls_psa_crypto_free(void)
+{
+    psa_wipe_all_key_slots();
+    if (global_data.rng_state != RNG_NOT_INITIALIZED) {
+        mbedtls_psa_random_free(&global_data.rng);
+    }
+    /* Wipe all remaining data, including configuration.
+     * In particular, this sets all state indicator to the value
+     * indicating "uninitialized". */
+    mbedtls_platform_zeroize(&global_data, sizeof(global_data));
+
+    /* Terminate drivers */
+    psa_driver_wrapper_free();
+}
+
+#if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS)
+/** Recover a transaction that was interrupted by a power failure.
+ *
+ * This function is called during initialization, before psa_crypto_init()
+ * returns. If this function returns a failure status, the initialization
+ * fails.
+ */
+static psa_status_t psa_crypto_recover_transaction(
+    const psa_crypto_transaction_t *transaction)
+{
+    switch (transaction->unknown.type) {
+        case PSA_CRYPTO_TRANSACTION_CREATE_KEY:
+        case PSA_CRYPTO_TRANSACTION_DESTROY_KEY:
+        /* TODO - fall through to the failure case until this
+         * is implemented.
+         * https://github.com/ARMmbed/mbed-crypto/issues/218
+         */
+        default:
+            /* We found an unsupported transaction in the storage.
+             * We don't know what state the storage is in. Give up. */
+            return PSA_ERROR_DATA_INVALID;
+    }
+}
+#endif /* PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS */
+
+psa_status_t psa_crypto_init(void)
+{
+    psa_status_t status;
+
+    /* Double initialization is explicitly allowed. */
+    if (global_data.initialized != 0) {
+        return PSA_SUCCESS;
+    }
+
+    /* Initialize and seed the random generator. */
+    mbedtls_psa_random_init(&global_data.rng);
+    global_data.rng_state = RNG_INITIALIZED;
+    status = mbedtls_psa_random_seed(&global_data.rng);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+    global_data.rng_state = RNG_SEEDED;
+
+    status = psa_initialize_key_slots();
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    /* Init drivers */
+    status = psa_driver_wrapper_init();
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+#if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS)
+    status = psa_crypto_load_transaction();
+    if (status == PSA_SUCCESS) {
+        status = psa_crypto_recover_transaction(&psa_crypto_transaction);
+        if (status != PSA_SUCCESS) {
+            goto exit;
+        }
+        status = psa_crypto_stop_transaction();
+    } else if (status == PSA_ERROR_DOES_NOT_EXIST) {
+        /* There's no transaction to complete. It's all good. */
+        status = PSA_SUCCESS;
+    }
+#endif /* PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS */
+
+    /* All done. */
+    global_data.initialized = 1;
+
+exit:
+    if (status != PSA_SUCCESS) {
+        mbedtls_psa_crypto_free();
+    }
+    return status;
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_aead.c b/3rdparty/mbedtls-2.28.7/library/psa_crypto_aead.c
new file mode 100644
index 0000000..ed9e55a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_aead.c
@@ -0,0 +1,382 @@
+/*
+ *  PSA AEAD entry points
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include "psa_crypto_aead.h"
+#include "psa_crypto_core.h"
+#include "psa_crypto_cipher.h"
+
+#include "mbedtls/ccm.h"
+#include "mbedtls/chachapoly.h"
+#include "mbedtls/cipher.h"
+#include "mbedtls/gcm.h"
+
+typedef struct {
+    psa_algorithm_t core_alg;
+    uint8_t tag_length;
+    union {
+        unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+        mbedtls_ccm_context ccm;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
+        mbedtls_gcm_context gcm;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
+        mbedtls_chachapoly_context chachapoly;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
+    } ctx;
+} aead_operation_t;
+
+#define AEAD_OPERATION_INIT { 0, 0, { 0 } }
+
+static void psa_aead_abort_internal(aead_operation_t *operation)
+{
+    switch (operation->core_alg) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+        case PSA_ALG_CCM:
+            mbedtls_ccm_free(&operation->ctx.ccm);
+            break;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
+        case PSA_ALG_GCM:
+            mbedtls_gcm_free(&operation->ctx.gcm);
+            break;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
+        case PSA_ALG_CHACHA20_POLY1305:
+            mbedtls_chachapoly_free(&operation->ctx.chachapoly);
+            break;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
+    }
+}
+
+static psa_status_t psa_aead_setup(
+    aead_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    psa_algorithm_t alg)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    size_t key_bits;
+    const mbedtls_cipher_info_t *cipher_info;
+    mbedtls_cipher_id_t cipher_id;
+    size_t full_tag_length = 0;
+
+    key_bits = attributes->core.bits;
+
+    cipher_info = mbedtls_cipher_info_from_psa(alg,
+                                               attributes->core.type, key_bits,
+                                               &cipher_id);
+    if (cipher_info == NULL) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    switch (PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 0)) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+        case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 0):
+            operation->core_alg = PSA_ALG_CCM;
+            full_tag_length = 16;
+            /* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16.
+             * The call to mbedtls_ccm_encrypt_and_tag or
+             * mbedtls_ccm_auth_decrypt will validate the tag length. */
+            if (PSA_BLOCK_CIPHER_BLOCK_LENGTH(attributes->core.type) != 16) {
+                return PSA_ERROR_INVALID_ARGUMENT;
+            }
+
+            mbedtls_ccm_init(&operation->ctx.ccm);
+            status = mbedtls_to_psa_error(
+                mbedtls_ccm_setkey(&operation->ctx.ccm, cipher_id,
+                                   key_buffer, (unsigned int) key_bits));
+            if (status != PSA_SUCCESS) {
+                return status;
+            }
+            break;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
+        case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0):
+            operation->core_alg = PSA_ALG_GCM;
+            full_tag_length = 16;
+            /* GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16.
+             * The call to mbedtls_gcm_crypt_and_tag or
+             * mbedtls_gcm_auth_decrypt will validate the tag length. */
+            if (PSA_BLOCK_CIPHER_BLOCK_LENGTH(attributes->core.type) != 16) {
+                return PSA_ERROR_INVALID_ARGUMENT;
+            }
+
+            mbedtls_gcm_init(&operation->ctx.gcm);
+            status = mbedtls_to_psa_error(
+                mbedtls_gcm_setkey(&operation->ctx.gcm, cipher_id,
+                                   key_buffer, (unsigned int) key_bits));
+            if (status != PSA_SUCCESS) {
+                return status;
+            }
+            break;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
+        case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 0):
+            operation->core_alg = PSA_ALG_CHACHA20_POLY1305;
+            full_tag_length = 16;
+            /* We only support the default tag length. */
+            if (alg != PSA_ALG_CHACHA20_POLY1305) {
+                return PSA_ERROR_NOT_SUPPORTED;
+            }
+
+            mbedtls_chachapoly_init(&operation->ctx.chachapoly);
+            status = mbedtls_to_psa_error(
+                mbedtls_chachapoly_setkey(&operation->ctx.chachapoly,
+                                          key_buffer));
+            if (status != PSA_SUCCESS) {
+                return status;
+            }
+            break;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
+
+        default:
+            (void) status;
+            (void) key_buffer;
+            return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    if (PSA_AEAD_TAG_LENGTH(attributes->core.type,
+                            key_bits, alg)
+        > full_tag_length) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    operation->tag_length = PSA_AEAD_TAG_LENGTH(attributes->core.type,
+                                                key_bits,
+                                                alg);
+
+    return PSA_SUCCESS;
+}
+
+psa_status_t mbedtls_psa_aead_encrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *nonce, size_t nonce_length,
+    const uint8_t *additional_data, size_t additional_data_length,
+    const uint8_t *plaintext, size_t plaintext_length,
+    uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    aead_operation_t operation = AEAD_OPERATION_INIT;
+    uint8_t *tag;
+    (void) key_buffer_size;
+
+    status = psa_aead_setup(&operation, attributes, key_buffer, alg);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    /* For all currently supported modes, the tag is at the end of the
+     * ciphertext. */
+    if (ciphertext_size < (plaintext_length + operation.tag_length)) {
+        status = PSA_ERROR_BUFFER_TOO_SMALL;
+        goto exit;
+    }
+    tag = ciphertext + plaintext_length;
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+    if (operation.core_alg == PSA_ALG_CCM) {
+        status = mbedtls_to_psa_error(
+            mbedtls_ccm_encrypt_and_tag(&operation.ctx.ccm,
+                                        plaintext_length,
+                                        nonce, nonce_length,
+                                        additional_data,
+                                        additional_data_length,
+                                        plaintext, ciphertext,
+                                        tag, operation.tag_length));
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
+    if (operation.core_alg == PSA_ALG_GCM) {
+        status = mbedtls_to_psa_error(
+            mbedtls_gcm_crypt_and_tag(&operation.ctx.gcm,
+                                      MBEDTLS_GCM_ENCRYPT,
+                                      plaintext_length,
+                                      nonce, nonce_length,
+                                      additional_data, additional_data_length,
+                                      plaintext, ciphertext,
+                                      operation.tag_length, tag));
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
+    if (operation.core_alg == PSA_ALG_CHACHA20_POLY1305) {
+        if (nonce_length != 12) {
+            if (nonce_length == 8) {
+                status = PSA_ERROR_NOT_SUPPORTED;
+            } else {
+                status = PSA_ERROR_INVALID_ARGUMENT;
+            }
+            goto exit;
+        }
+
+        if (operation.tag_length != 16) {
+            status = PSA_ERROR_NOT_SUPPORTED;
+            goto exit;
+        }
+        status = mbedtls_to_psa_error(
+            mbedtls_chachapoly_encrypt_and_tag(&operation.ctx.chachapoly,
+                                               plaintext_length,
+                                               nonce,
+                                               additional_data,
+                                               additional_data_length,
+                                               plaintext,
+                                               ciphertext,
+                                               tag));
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
+    {
+        (void) tag;
+        (void) nonce;
+        (void) nonce_length;
+        (void) additional_data;
+        (void) additional_data_length;
+        (void) plaintext;
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    if (status == PSA_SUCCESS) {
+        *ciphertext_length = plaintext_length + operation.tag_length;
+    }
+
+exit:
+    psa_aead_abort_internal(&operation);
+
+    return status;
+}
+
+/* Locate the tag in a ciphertext buffer containing the encrypted data
+ * followed by the tag. Return the length of the part preceding the tag in
+ * *plaintext_length. This is the size of the plaintext in modes where
+ * the encrypted data has the same size as the plaintext, such as
+ * CCM and GCM. */
+static psa_status_t psa_aead_unpadded_locate_tag(size_t tag_length,
+                                                 const uint8_t *ciphertext,
+                                                 size_t ciphertext_length,
+                                                 size_t plaintext_size,
+                                                 const uint8_t **p_tag)
+{
+    size_t payload_length;
+    if (tag_length > ciphertext_length) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+    payload_length = ciphertext_length - tag_length;
+    if (payload_length > plaintext_size) {
+        return PSA_ERROR_BUFFER_TOO_SMALL;
+    }
+    *p_tag = ciphertext + payload_length;
+    return PSA_SUCCESS;
+}
+
+psa_status_t mbedtls_psa_aead_decrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *nonce, size_t nonce_length,
+    const uint8_t *additional_data, size_t additional_data_length,
+    const uint8_t *ciphertext, size_t ciphertext_length,
+    uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    aead_operation_t operation = AEAD_OPERATION_INIT;
+    const uint8_t *tag = NULL;
+    (void) key_buffer_size;
+
+    status = psa_aead_setup(&operation, attributes, key_buffer, alg);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    status = psa_aead_unpadded_locate_tag(operation.tag_length,
+                                          ciphertext, ciphertext_length,
+                                          plaintext_size, &tag);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+    if (operation.core_alg == PSA_ALG_CCM) {
+        status = mbedtls_to_psa_error(
+            mbedtls_ccm_auth_decrypt(&operation.ctx.ccm,
+                                     ciphertext_length - operation.tag_length,
+                                     nonce, nonce_length,
+                                     additional_data,
+                                     additional_data_length,
+                                     ciphertext, plaintext,
+                                     tag, operation.tag_length));
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
+    if (operation.core_alg == PSA_ALG_GCM) {
+        status = mbedtls_to_psa_error(
+            mbedtls_gcm_auth_decrypt(&operation.ctx.gcm,
+                                     ciphertext_length - operation.tag_length,
+                                     nonce, nonce_length,
+                                     additional_data,
+                                     additional_data_length,
+                                     tag, operation.tag_length,
+                                     ciphertext, plaintext));
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
+    if (operation.core_alg == PSA_ALG_CHACHA20_POLY1305) {
+        if (nonce_length != 12) {
+            if (nonce_length == 8) {
+                status = PSA_ERROR_NOT_SUPPORTED;
+            } else {
+                status = PSA_ERROR_INVALID_ARGUMENT;
+            }
+            goto exit;
+        }
+
+        if (operation.tag_length != 16) {
+            status = PSA_ERROR_NOT_SUPPORTED;
+            goto exit;
+        }
+        status = mbedtls_to_psa_error(
+            mbedtls_chachapoly_auth_decrypt(&operation.ctx.chachapoly,
+                                            ciphertext_length - operation.tag_length,
+                                            nonce,
+                                            additional_data,
+                                            additional_data_length,
+                                            tag,
+                                            ciphertext,
+                                            plaintext));
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
+    {
+        (void) nonce;
+        (void) nonce_length;
+        (void) additional_data;
+        (void) additional_data_length;
+        (void) plaintext;
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    if (status == PSA_SUCCESS) {
+        *plaintext_length = ciphertext_length - operation.tag_length;
+    }
+
+exit:
+    psa_aead_abort_internal(&operation);
+
+    if (status == PSA_SUCCESS) {
+        *plaintext_length = ciphertext_length - operation.tag_length;
+    }
+    return status;
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_aead.h b/3rdparty/mbedtls-2.28.7/library/psa_crypto_aead.h
new file mode 100644
index 0000000..e1ff0e5
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_aead.h
@@ -0,0 +1,139 @@
+/*
+ *  PSA AEAD driver entry points
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_AEAD_H
+#define PSA_CRYPTO_AEAD_H
+
+#include <psa/crypto.h>
+
+/**
+ * \brief Process an authenticated encryption operation.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       aead_encrypt entry point. This function behaves as an aead_encrypt
+ *       entry point as defined in the PSA driver interface specification for
+ *       transparent drivers.
+ *
+ * \param[in]  attributes         The attributes of the key to use for the
+ *                                operation.
+ * \param[in]  key_buffer         The buffer containing the key context.
+ * \param      key_buffer_size    Size of the \p key_buffer buffer in bytes.
+ * \param      alg                The AEAD algorithm to compute.
+ * \param[in]  nonce              Nonce or IV to use.
+ * \param      nonce_length       Size of the nonce buffer in bytes. This must
+ *                                be appropriate for the selected algorithm.
+ *                                The default nonce size is
+ *                                PSA_AEAD_NONCE_LENGTH(key_type, alg) where
+ *                                key_type is the type of key.
+ * \param[in]  additional_data    Additional data that will be authenticated
+ *                                but not encrypted.
+ * \param      additional_data_length  Size of additional_data in bytes.
+ * \param[in]  plaintext          Data that will be authenticated and encrypted.
+ * \param      plaintext_length   Size of plaintext in bytes.
+ * \param[out] ciphertext         Output buffer for the authenticated and
+ *                                encrypted data. The additional data is not
+ *                                part of this output. For algorithms where the
+ *                                encrypted data and the authentication tag are
+ *                                defined as separate outputs, the
+ *                                authentication tag is appended to the
+ *                                encrypted data.
+ * \param      ciphertext_size    Size of the ciphertext buffer in bytes. This
+ *                                must be appropriate for the selected algorithm
+ *                                and key:
+ *                                - A sufficient output size is
+ *                                  PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg,
+ *                                  plaintext_length) where key_type is the type
+ *                                  of key.
+ *                                - PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(
+ *                                  plaintext_length) evaluates to the maximum
+ *                                  ciphertext size of any supported AEAD
+ *                                  encryption.
+ * \param[out] ciphertext_length  On success, the size of the output in the
+ *                                ciphertext buffer.
+ *
+ * \retval #PSA_SUCCESS Success.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ *         \p alg is not supported.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         ciphertext_size is too small.
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ */
+psa_status_t mbedtls_psa_aead_encrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *nonce, size_t nonce_length,
+    const uint8_t *additional_data, size_t additional_data_length,
+    const uint8_t *plaintext, size_t plaintext_length,
+    uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length);
+
+/**
+ * \brief Process an authenticated decryption operation.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       aead_decrypt entry point. This function behaves as an aead_decrypt
+ *       entry point as defined in the PSA driver interface specification for
+ *       transparent drivers.
+ *
+ * \param[in]  attributes         The attributes of the key to use for the
+ *                                operation.
+ * \param[in]  key_buffer         The buffer containing the key context.
+ * \param      key_buffer_size    Size of the \p key_buffer buffer in bytes.
+ * \param      alg                The AEAD algorithm to compute.
+ * \param[in]  nonce              Nonce or IV to use.
+ * \param      nonce_length       Size of the nonce buffer in bytes. This must
+ *                                be appropriate for the selected algorithm.
+ *                                The default nonce size is
+ *                                PSA_AEAD_NONCE_LENGTH(key_type, alg) where
+ *                                key_type is the type of key.
+ * \param[in]  additional_data    Additional data that has been authenticated
+ *                                but not encrypted.
+ * \param      additional_data_length  Size of additional_data in bytes.
+ * \param[in]  ciphertext         Data that has been authenticated and
+ *                                encrypted. For algorithms where the encrypted
+ *                                data and the authentication tag are defined
+ *                                as separate inputs, the buffer contains
+ *                                encrypted data followed by the authentication
+ *                                tag.
+ * \param      ciphertext_length  Size of ciphertext in bytes.
+ * \param[out] plaintext          Output buffer for the decrypted data.
+ * \param      plaintext_size     Size of the plaintext buffer in bytes. This
+ *                                must be appropriate for the selected algorithm
+ *                                and key:
+ *                                - A sufficient output size is
+ *                                  PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg,
+ *                                  ciphertext_length) where key_type is the
+ *                                  type of key.
+ *                                - PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(
+ *                                  ciphertext_length) evaluates to the maximum
+ *                                  plaintext size of any supported AEAD
+ *                                  decryption.
+ * \param[out] plaintext_length   On success, the size of the output in the
+ *                                plaintext buffer.
+ *
+ * \retval #PSA_SUCCESS Success.
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
+ *         The cipher is not authentic.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ *         \p alg is not supported.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         plaintext_size is too small.
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ */
+psa_status_t mbedtls_psa_aead_decrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *nonce, size_t nonce_length,
+    const uint8_t *additional_data, size_t additional_data_length,
+    const uint8_t *ciphertext, size_t ciphertext_length,
+    uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length);
+
+#endif /* PSA_CRYPTO_AEAD_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_cipher.c b/3rdparty/mbedtls-2.28.7/library/psa_crypto_cipher.c
new file mode 100644
index 0000000..545bb50
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_cipher.c
@@ -0,0 +1,588 @@
+/*
+ *  PSA cipher driver entry points
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include "psa_crypto_cipher.h"
+#include "psa_crypto_core.h"
+#include "psa_crypto_random_impl.h"
+
+#include "mbedtls/cipher.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
+    psa_algorithm_t alg,
+    psa_key_type_t key_type,
+    size_t key_bits,
+    mbedtls_cipher_id_t *cipher_id)
+{
+    mbedtls_cipher_mode_t mode;
+    mbedtls_cipher_id_t cipher_id_tmp;
+
+    if (PSA_ALG_IS_AEAD(alg)) {
+        alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 0);
+    }
+
+    if (PSA_ALG_IS_CIPHER(alg) || PSA_ALG_IS_AEAD(alg)) {
+        switch (alg) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER)
+            case PSA_ALG_STREAM_CIPHER:
+                mode = MBEDTLS_MODE_STREAM;
+                break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CTR)
+            case PSA_ALG_CTR:
+                mode = MBEDTLS_MODE_CTR;
+                break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CFB)
+            case PSA_ALG_CFB:
+                mode = MBEDTLS_MODE_CFB;
+                break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_OFB)
+            case PSA_ALG_OFB:
+                mode = MBEDTLS_MODE_OFB;
+                break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING)
+            case PSA_ALG_ECB_NO_PADDING:
+                mode = MBEDTLS_MODE_ECB;
+                break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING)
+            case PSA_ALG_CBC_NO_PADDING:
+                mode = MBEDTLS_MODE_CBC;
+                break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7)
+            case PSA_ALG_CBC_PKCS7:
+                mode = MBEDTLS_MODE_CBC;
+                break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+            case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 0):
+                mode = MBEDTLS_MODE_CCM;
+                break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
+            case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0):
+                mode = MBEDTLS_MODE_GCM;
+                break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
+            case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 0):
+                mode = MBEDTLS_MODE_CHACHAPOLY;
+                break;
+#endif
+            default:
+                return NULL;
+        }
+    } else if (alg == PSA_ALG_CMAC) {
+        mode = MBEDTLS_MODE_ECB;
+    } else {
+        return NULL;
+    }
+
+    switch (key_type) {
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES)
+        case PSA_KEY_TYPE_AES:
+            cipher_id_tmp = MBEDTLS_CIPHER_ID_AES;
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA)
+        case PSA_KEY_TYPE_ARIA:
+            cipher_id_tmp = MBEDTLS_CIPHER_ID_ARIA;
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES)
+        case PSA_KEY_TYPE_DES:
+            /* key_bits is 64 for Single-DES, 128 for two-key Triple-DES,
+             * and 192 for three-key Triple-DES. */
+            if (key_bits == 64) {
+                cipher_id_tmp = MBEDTLS_CIPHER_ID_DES;
+            } else {
+                cipher_id_tmp = MBEDTLS_CIPHER_ID_3DES;
+            }
+            /* mbedtls doesn't recognize two-key Triple-DES as an algorithm,
+             * but two-key Triple-DES is functionally three-key Triple-DES
+             * with K1=K3, so that's how we present it to mbedtls. */
+            if (key_bits == 128) {
+                key_bits = 192;
+            }
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA)
+        case PSA_KEY_TYPE_CAMELLIA:
+            cipher_id_tmp = MBEDTLS_CIPHER_ID_CAMELLIA;
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARC4)
+        case PSA_KEY_TYPE_ARC4:
+            cipher_id_tmp = MBEDTLS_CIPHER_ID_ARC4;
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20)
+        case PSA_KEY_TYPE_CHACHA20:
+            cipher_id_tmp = MBEDTLS_CIPHER_ID_CHACHA20;
+            break;
+#endif
+        default:
+            return NULL;
+    }
+    if (cipher_id != NULL) {
+        *cipher_id = cipher_id_tmp;
+    }
+
+    return mbedtls_cipher_info_from_values(cipher_id_tmp,
+                                           (int) key_bits, mode);
+}
+
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+
+static psa_status_t psa_cipher_setup(
+    mbedtls_psa_cipher_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg,
+    mbedtls_operation_t cipher_operation)
+{
+    int ret = 0;
+    size_t key_bits;
+    const mbedtls_cipher_info_t *cipher_info = NULL;
+    psa_key_type_t key_type = attributes->core.type;
+
+    (void) key_buffer_size;
+
+    mbedtls_cipher_init(&operation->ctx.cipher);
+
+    operation->alg = alg;
+    key_bits = attributes->core.bits;
+    cipher_info = mbedtls_cipher_info_from_psa(alg, key_type,
+                                               key_bits, NULL);
+    if (cipher_info == NULL) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    ret = mbedtls_cipher_setup(&operation->ctx.cipher, cipher_info);
+    if (ret != 0) {
+        goto exit;
+    }
+
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES)
+    if (key_type == PSA_KEY_TYPE_DES && key_bits == 128) {
+        /* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */
+        uint8_t keys[24];
+        memcpy(keys, key_buffer, 16);
+        memcpy(keys + 16, key_buffer, 8);
+        ret = mbedtls_cipher_setkey(&operation->ctx.cipher,
+                                    keys,
+                                    192, cipher_operation);
+    } else
+#endif
+    {
+        ret = mbedtls_cipher_setkey(&operation->ctx.cipher, key_buffer,
+                                    (int) key_bits, cipher_operation);
+    }
+    if (ret != 0) {
+        goto exit;
+    }
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7)
+    switch (alg) {
+        case PSA_ALG_CBC_NO_PADDING:
+            ret = mbedtls_cipher_set_padding_mode(&operation->ctx.cipher,
+                                                  MBEDTLS_PADDING_NONE);
+            break;
+        case PSA_ALG_CBC_PKCS7:
+            ret = mbedtls_cipher_set_padding_mode(&operation->ctx.cipher,
+                                                  MBEDTLS_PADDING_PKCS7);
+            break;
+        default:
+            /* The algorithm doesn't involve padding. */
+            ret = 0;
+            break;
+    }
+    if (ret != 0) {
+        goto exit;
+    }
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING ||
+          MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 */
+
+    operation->block_length = (PSA_ALG_IS_STREAM_CIPHER(alg) ? 1 :
+                               PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type));
+    operation->iv_length = PSA_CIPHER_IV_LENGTH(key_type, alg);
+
+exit:
+    return mbedtls_to_psa_error(ret);
+}
+
+psa_status_t mbedtls_psa_cipher_encrypt_setup(
+    mbedtls_psa_cipher_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg)
+{
+    return psa_cipher_setup(operation, attributes,
+                            key_buffer, key_buffer_size,
+                            alg, MBEDTLS_ENCRYPT);
+}
+
+psa_status_t mbedtls_psa_cipher_decrypt_setup(
+    mbedtls_psa_cipher_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg)
+{
+    return psa_cipher_setup(operation, attributes,
+                            key_buffer, key_buffer_size,
+                            alg, MBEDTLS_DECRYPT);
+}
+
+psa_status_t mbedtls_psa_cipher_set_iv(
+    mbedtls_psa_cipher_operation_t *operation,
+    const uint8_t *iv, size_t iv_length)
+{
+    if (iv_length != operation->iv_length) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    return mbedtls_to_psa_error(
+        mbedtls_cipher_set_iv(&operation->ctx.cipher,
+                              iv, iv_length));
+}
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING)
+/** Process input for which the algorithm is set to ECB mode.
+ *
+ * This requires manual processing, since the PSA API is defined as being
+ * able to process arbitrary-length calls to psa_cipher_update() with ECB mode,
+ * but the underlying mbedtls_cipher_update only takes full blocks.
+ *
+ * \param ctx           The mbedtls cipher context to use. It must have been
+ *                      set up for ECB.
+ * \param[in] input     The input plaintext or ciphertext to process.
+ * \param input_length  The number of bytes to process from \p input.
+ *                      This does not need to be aligned to a block boundary.
+ *                      If there is a partial block at the end of the input,
+ *                      it is stored in \p ctx for future processing.
+ * \param output        The buffer where the output is written. It must be
+ *                      at least `BS * floor((p + input_length) / BS)` bytes
+ *                      long, where `p` is the number of bytes in the
+ *                      unprocessed partial block in \p ctx (with
+ *                      `0 <= p <= BS - 1`) and `BS` is the block size.
+ * \param output_length On success, the number of bytes written to \p output.
+ *                      \c 0 on error.
+ *
+ * \return #PSA_SUCCESS or an error from a hardware accelerator
+ */
+static psa_status_t psa_cipher_update_ecb(
+    mbedtls_cipher_context_t *ctx,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *output,
+    size_t *output_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    size_t block_size = ctx->cipher_info->block_size;
+    size_t internal_output_length = 0;
+    *output_length = 0;
+
+    if (input_length == 0) {
+        status = PSA_SUCCESS;
+        goto exit;
+    }
+
+    if (ctx->unprocessed_len > 0) {
+        /* Fill up to block size, and run the block if there's a full one. */
+        size_t bytes_to_copy = block_size - ctx->unprocessed_len;
+
+        if (input_length < bytes_to_copy) {
+            bytes_to_copy = input_length;
+        }
+
+        memcpy(&(ctx->unprocessed_data[ctx->unprocessed_len]),
+               input, bytes_to_copy);
+        input_length -= bytes_to_copy;
+        input += bytes_to_copy;
+        ctx->unprocessed_len += bytes_to_copy;
+
+        if (ctx->unprocessed_len == block_size) {
+            status = mbedtls_to_psa_error(
+                mbedtls_cipher_update(ctx,
+                                      ctx->unprocessed_data,
+                                      block_size,
+                                      output, &internal_output_length));
+
+            if (status != PSA_SUCCESS) {
+                goto exit;
+            }
+
+            output += internal_output_length;
+            *output_length += internal_output_length;
+            ctx->unprocessed_len = 0;
+        }
+    }
+
+    while (input_length >= block_size) {
+        /* Run all full blocks we have, one by one */
+        status = mbedtls_to_psa_error(
+            mbedtls_cipher_update(ctx, input,
+                                  block_size,
+                                  output, &internal_output_length));
+
+        if (status != PSA_SUCCESS) {
+            goto exit;
+        }
+
+        input_length -= block_size;
+        input += block_size;
+
+        output += internal_output_length;
+        *output_length += internal_output_length;
+    }
+
+    if (input_length > 0) {
+        /* Save unprocessed bytes for later processing */
+        memcpy(&(ctx->unprocessed_data[ctx->unprocessed_len]),
+               input, input_length);
+        ctx->unprocessed_len += input_length;
+    }
+
+    status = PSA_SUCCESS;
+
+exit:
+    return status;
+}
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING */
+
+psa_status_t mbedtls_psa_cipher_update(
+    mbedtls_psa_cipher_operation_t *operation,
+    const uint8_t *input, size_t input_length,
+    uint8_t *output, size_t output_size, size_t *output_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    size_t expected_output_size;
+
+    if (!PSA_ALG_IS_STREAM_CIPHER(operation->alg)) {
+        /* Take the unprocessed partial block left over from previous
+         * update calls, if any, plus the input to this call. Remove
+         * the last partial block, if any. You get the data that will be
+         * output in this call. */
+        expected_output_size =
+            (operation->ctx.cipher.unprocessed_len + input_length)
+            / operation->block_length * operation->block_length;
+    } else {
+        expected_output_size = input_length;
+    }
+
+    if (output_size < expected_output_size) {
+        return PSA_ERROR_BUFFER_TOO_SMALL;
+    }
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING)
+    if (operation->alg == PSA_ALG_ECB_NO_PADDING) {
+        /* mbedtls_cipher_update has an API inconsistency: it will only
+         * process a single block at a time in ECB mode. Abstract away that
+         * inconsistency here to match the PSA API behaviour. */
+        status = psa_cipher_update_ecb(&operation->ctx.cipher,
+                                       input,
+                                       input_length,
+                                       output,
+                                       output_length);
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING */
+    {
+        status = mbedtls_to_psa_error(
+            mbedtls_cipher_update(&operation->ctx.cipher, input,
+                                  input_length, output, output_length));
+
+        if (*output_length > output_size) {
+            return PSA_ERROR_CORRUPTION_DETECTED;
+        }
+    }
+
+    return status;
+}
+
+psa_status_t mbedtls_psa_cipher_finish(
+    mbedtls_psa_cipher_operation_t *operation,
+    uint8_t *output, size_t output_size, size_t *output_length)
+{
+    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+    uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH];
+
+    if (operation->ctx.cipher.unprocessed_len != 0) {
+        if (operation->alg == PSA_ALG_ECB_NO_PADDING ||
+            operation->alg == PSA_ALG_CBC_NO_PADDING) {
+            status = PSA_ERROR_INVALID_ARGUMENT;
+            goto exit;
+        }
+    }
+
+    status = mbedtls_to_psa_error(
+        mbedtls_cipher_finish(&operation->ctx.cipher,
+                              temp_output_buffer,
+                              output_length));
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    if (*output_length == 0) {
+        ; /* Nothing to copy. Note that output may be NULL in this case. */
+    } else if (output_size >= *output_length) {
+        memcpy(output, temp_output_buffer, *output_length);
+    } else {
+        status = PSA_ERROR_BUFFER_TOO_SMALL;
+    }
+
+exit:
+    mbedtls_platform_zeroize(temp_output_buffer,
+                             sizeof(temp_output_buffer));
+
+    return status;
+}
+
+psa_status_t mbedtls_psa_cipher_abort(
+    mbedtls_psa_cipher_operation_t *operation)
+{
+    /* Sanity check (shouldn't happen: operation->alg should
+     * always have been initialized to a valid value). */
+    if (!PSA_ALG_IS_CIPHER(operation->alg)) {
+        return PSA_ERROR_BAD_STATE;
+    }
+
+    mbedtls_cipher_free(&operation->ctx.cipher);
+
+    return PSA_SUCCESS;
+}
+
+psa_status_t mbedtls_psa_cipher_encrypt(const psa_key_attributes_t *attributes,
+                                        const uint8_t *key_buffer,
+                                        size_t key_buffer_size,
+                                        psa_algorithm_t alg,
+                                        const uint8_t *iv,
+                                        size_t iv_length,
+                                        const uint8_t *input,
+                                        size_t input_length,
+                                        uint8_t *output,
+                                        size_t output_size,
+                                        size_t *output_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT;
+    size_t update_output_length, finish_output_length;
+
+    status = mbedtls_psa_cipher_encrypt_setup(&operation, attributes,
+                                              key_buffer, key_buffer_size,
+                                              alg);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    if (iv_length > 0) {
+        status = mbedtls_psa_cipher_set_iv(&operation, iv, iv_length);
+        if (status != PSA_SUCCESS) {
+            goto exit;
+        }
+    }
+
+    status = mbedtls_psa_cipher_update(&operation, input, input_length,
+                                       output, output_size, &update_output_length);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    status = mbedtls_psa_cipher_finish(
+        &operation,
+        mbedtls_buffer_offset(output, update_output_length),
+        output_size - update_output_length, &finish_output_length);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    *output_length = update_output_length + finish_output_length;
+
+exit:
+    if (status == PSA_SUCCESS) {
+        status = mbedtls_psa_cipher_abort(&operation);
+    } else {
+        mbedtls_psa_cipher_abort(&operation);
+    }
+
+    return status;
+}
+
+psa_status_t mbedtls_psa_cipher_decrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *output,
+    size_t output_size,
+    size_t *output_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT;
+    size_t olength, accumulated_length;
+
+    status = mbedtls_psa_cipher_decrypt_setup(&operation, attributes,
+                                              key_buffer, key_buffer_size,
+                                              alg);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    if (operation.iv_length > 0) {
+        status = mbedtls_psa_cipher_set_iv(&operation,
+                                           input, operation.iv_length);
+        if (status != PSA_SUCCESS) {
+            goto exit;
+        }
+    }
+
+    status = mbedtls_psa_cipher_update(
+        &operation,
+        mbedtls_buffer_offset_const(input, operation.iv_length),
+        input_length - operation.iv_length,
+        output, output_size, &olength);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    accumulated_length = olength;
+
+    status = mbedtls_psa_cipher_finish(
+        &operation,
+        mbedtls_buffer_offset(output, accumulated_length),
+        output_size - accumulated_length, &olength);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    *output_length = accumulated_length + olength;
+
+exit:
+    if (status == PSA_SUCCESS) {
+        status = mbedtls_psa_cipher_abort(&operation);
+    } else {
+        mbedtls_psa_cipher_abort(&operation);
+    }
+
+    return status;
+}
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_cipher.h b/3rdparty/mbedtls-2.28.7/library/psa_crypto_cipher.h
new file mode 100644
index 0000000..2478d58
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_cipher.h
@@ -0,0 +1,293 @@
+/*
+ *  PSA cipher driver entry points and associated auxiliary functions
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_CIPHER_H
+#define PSA_CRYPTO_CIPHER_H
+
+#include <mbedtls/cipher.h>
+#include <psa/crypto.h>
+
+/** Get Mbed TLS cipher information given the cipher algorithm PSA identifier
+ *  as well as the PSA type and size of the key to be used with the cipher
+ *  algorithm.
+ *
+ * \param       alg        PSA cipher algorithm identifier
+ * \param       key_type   PSA key type
+ * \param       key_bits   Size of the key in bits
+ * \param[out]  cipher_id  Mbed TLS cipher algorithm identifier
+ *
+ * \return  The Mbed TLS cipher information of the cipher algorithm.
+ *          \c NULL if the PSA cipher algorithm is not supported.
+ */
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
+    psa_algorithm_t alg, psa_key_type_t key_type, size_t key_bits,
+    mbedtls_cipher_id_t *cipher_id);
+
+/**
+ * \brief Set the key for a multipart symmetric encryption operation.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       cipher_encrypt_setup entry point. This function behaves as a
+ *       cipher_encrypt_setup entry point as defined in the PSA driver
+ *       interface specification for transparent drivers.
+ *
+ * \param[in,out] operation     The operation object to set up. It has been
+ *                              initialized as per the documentation for
+ *                              #psa_cipher_operation_t and not yet in use.
+ * \param[in] attributes        The attributes of the key to use for the
+ *                              operation.
+ * \param[in] key_buffer        The buffer containing the key context.
+ * \param[in] key_buffer_size   Size of the \p key_buffer buffer in bytes.
+ * \param[in] alg               The cipher algorithm to compute
+ *                              (\c PSA_ALG_XXX value such that
+ *                              #PSA_ALG_IS_CIPHER(\p alg) is true).
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ */
+psa_status_t mbedtls_psa_cipher_encrypt_setup(
+    mbedtls_psa_cipher_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg);
+
+/**
+ * \brief Set the key for a multipart symmetric decryption operation.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       cipher_decrypt_setup entry point. This function behaves as a
+ *       cipher_decrypt_setup entry point as defined in the PSA driver
+ *       interface specification for transparent drivers.
+ *
+ * \param[in,out] operation     The operation object to set up. It has been
+ *                              initialized as per the documentation for
+ *                              #psa_cipher_operation_t and not yet in use.
+ * \param[in] attributes        The attributes of the key to use for the
+ *                              operation.
+ * \param[in] key_buffer        The buffer containing the key context.
+ * \param[in] key_buffer_size   Size of the \p key_buffer buffer in bytes.
+ * \param[in] alg               The cipher algorithm to compute
+ *                              (\c PSA_ALG_XXX value such that
+ *                              #PSA_ALG_IS_CIPHER(\p alg) is true).
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ */
+psa_status_t mbedtls_psa_cipher_decrypt_setup(
+    mbedtls_psa_cipher_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg);
+
+/** Set the IV for a symmetric encryption or decryption operation.
+ *
+ * This function sets the IV (initialization vector), nonce
+ * or initial counter value for the encryption or decryption operation.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       cipher_set_iv entry point. This function behaves as a
+ *       cipher_set_iv entry point as defined in the PSA driver
+ *       interface specification for transparent drivers.
+ *
+ * \param[in,out] operation     Active cipher operation.
+ * \param[in] iv                Buffer containing the IV to use.
+ * \param[in] iv_length         Size of the IV in bytes. It is guaranteed by
+ *                              the core to be less or equal to
+ *                              PSA_CIPHER_IV_MAX_SIZE.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         The size of \p iv is not acceptable for the chosen algorithm,
+ *         or the chosen algorithm does not use an IV.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ */
+psa_status_t mbedtls_psa_cipher_set_iv(
+    mbedtls_psa_cipher_operation_t *operation,
+    const uint8_t *iv, size_t iv_length);
+
+/** Encrypt or decrypt a message fragment in an active cipher operation.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       cipher_update entry point. This function behaves as a
+ *       cipher_update entry point as defined in the PSA driver
+ *       interface specification for transparent drivers.
+ *
+ * \param[in,out] operation     Active cipher operation.
+ * \param[in] input             Buffer containing the message fragment to
+ *                              encrypt or decrypt.
+ * \param[in] input_length      Size of the \p input buffer in bytes.
+ * \param[out] output           Buffer where the output is to be written.
+ * \param[in]  output_size      Size of the \p output buffer in bytes.
+ * \param[out] output_length    On success, the number of bytes
+ *                              that make up the returned output.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \p output buffer is too small.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ */
+psa_status_t mbedtls_psa_cipher_update(
+    mbedtls_psa_cipher_operation_t *operation,
+    const uint8_t *input, size_t input_length,
+    uint8_t *output, size_t output_size, size_t *output_length);
+
+/** Finish encrypting or decrypting a message in a cipher operation.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       cipher_finish entry point. This function behaves as a
+ *       cipher_finish entry point as defined in the PSA driver
+ *       interface specification for transparent drivers.
+ *
+ * \param[in,out] operation     Active cipher operation.
+ * \param[out] output           Buffer where the output is to be written.
+ * \param[in]  output_size      Size of the \p output buffer in bytes.
+ * \param[out] output_length    On success, the number of bytes
+ *                              that make up the returned output.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         The total input size passed to this operation is not valid for
+ *         this particular algorithm. For example, the algorithm is a based
+ *         on block cipher and requires a whole number of blocks, but the
+ *         total input size is not a multiple of the block size.
+ * \retval #PSA_ERROR_INVALID_PADDING
+ *         This is a decryption operation for an algorithm that includes
+ *         padding, and the ciphertext does not contain valid padding.
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \p output buffer is too small.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ */
+psa_status_t mbedtls_psa_cipher_finish(
+    mbedtls_psa_cipher_operation_t *operation,
+    uint8_t *output, size_t output_size, size_t *output_length);
+
+/** Abort a cipher operation.
+ *
+ * Aborting an operation frees all associated resources except for the
+ * \p operation structure itself. Once aborted, the operation object
+ * can be reused for another operation.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       cipher_abort entry point. This function behaves as a
+ *       cipher_abort entry point as defined in the PSA driver
+ *       interface specification for transparent drivers.
+ *
+ * \param[in,out] operation     Initialized cipher operation.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ */
+psa_status_t mbedtls_psa_cipher_abort(mbedtls_psa_cipher_operation_t *operation);
+
+/** Encrypt a message using a symmetric cipher.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       cipher_encrypt entry point. This function behaves as a
+ *       cipher_encrypt entry point as defined in the PSA driver
+ *       interface specification for transparent drivers.
+ *
+ * \param[in] attributes        The attributes of the key to use for the
+ *                              operation.
+ * \param[in] key_buffer        The buffer containing the key context.
+ * \param[in] key_buffer_size   Size of the \p key_buffer buffer in bytes.
+ * \param[in] alg               The cipher algorithm to compute
+ *                              (\c PSA_ALG_XXX value such that
+ *                              #PSA_ALG_IS_CIPHER(\p alg) is true).
+ * \param[in] iv                Buffer containing the IV for encryption. The
+ *                              IV has been generated by the core.
+ * \param[in] iv_length         Size of the \p iv in bytes.
+ * \param[in] input             Buffer containing the message to encrypt.
+ * \param[in] input_length      Size of the \p input buffer in bytes.
+ * \param[in,out] output        Buffer where the output is to be written.
+ * \param[in]  output_size      Size of the \p output buffer in bytes.
+ * \param[out] output_length    On success, the number of bytes that make up
+ *                              the returned output. Initialized to zero
+ *                              by the core.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \p output buffer is too small.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         The size \p iv_length is not acceptable for the chosen algorithm,
+ *         or the chosen algorithm does not use an IV.
+ *         The total input size passed to this operation is not valid for
+ *         this particular algorithm. For example, the algorithm is a based
+ *         on block cipher and requires a whole number of blocks, but the
+ *         total input size is not a multiple of the block size.
+ * \retval #PSA_ERROR_INVALID_PADDING
+ *         This is a decryption operation for an algorithm that includes
+ *         padding, and the ciphertext does not contain valid padding.
+ */
+psa_status_t mbedtls_psa_cipher_encrypt(const psa_key_attributes_t *attributes,
+                                        const uint8_t *key_buffer,
+                                        size_t key_buffer_size,
+                                        psa_algorithm_t alg,
+                                        const uint8_t *iv,
+                                        size_t iv_length,
+                                        const uint8_t *input,
+                                        size_t input_length,
+                                        uint8_t *output,
+                                        size_t output_size,
+                                        size_t *output_length);
+
+/** Decrypt a message using a symmetric cipher.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       cipher_decrypt entry point. This function behaves as a
+ *       cipher_decrypt entry point as defined in the PSA driver
+ *       interface specification for transparent drivers.
+ *
+ * \param[in]  attributes       The attributes of the key to use for the
+ *                              operation.
+ * \param[in]  key_buffer       The buffer containing the key context.
+ * \param[in]  key_buffer_size  Size of the \p key_buffer buffer in bytes.
+ * \param[in]  alg              The cipher algorithm to compute
+ *                              (\c PSA_ALG_XXX value such that
+ *                              #PSA_ALG_IS_CIPHER(\p alg) is true).
+ * \param[in]  input            Buffer containing the iv and the ciphertext.
+ * \param[in]  input_length     Size of the \p input buffer in bytes.
+ * \param[out] output           Buffer where the output is to be written.
+ * \param[in]  output_size      Size of the \p output buffer in bytes.
+ * \param[out] output_length    On success, the number of bytes that make up
+ *                              the returned output. Initialized to zero
+ *                              by the core.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \p output buffer is too small.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         The size of \p iv is not acceptable for the chosen algorithm,
+ *         or the chosen algorithm does not use an IV.
+ *         The total input size passed to this operation is not valid for
+ *         this particular algorithm. For example, the algorithm is a based
+ *         on block cipher and requires a whole number of blocks, but the
+ *         total input size is not a multiple of the block size.
+ * \retval #PSA_ERROR_INVALID_PADDING
+ *         This is a decryption operation for an algorithm that includes
+ *         padding, and the ciphertext does not contain valid padding.
+ */
+psa_status_t mbedtls_psa_cipher_decrypt(const psa_key_attributes_t *attributes,
+                                        const uint8_t *key_buffer,
+                                        size_t key_buffer_size,
+                                        psa_algorithm_t alg,
+                                        const uint8_t *input,
+                                        size_t input_length,
+                                        uint8_t *output,
+                                        size_t output_size,
+                                        size_t *output_length);
+
+#endif /* PSA_CRYPTO_CIPHER_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_client.c b/3rdparty/mbedtls-2.28.7/library/psa_crypto_client.c
new file mode 100644
index 0000000..564463f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_client.c
@@ -0,0 +1,67 @@
+/*
+ *  PSA crypto client code
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+#include "psa/crypto.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
+
+#include <string.h>
+#include "mbedtls/platform.h"
+
+void psa_reset_key_attributes(psa_key_attributes_t *attributes)
+{
+    mbedtls_free(attributes->domain_parameters);
+    memset(attributes, 0, sizeof(*attributes));
+}
+
+psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes,
+                                           psa_key_type_t type,
+                                           const uint8_t *data,
+                                           size_t data_length)
+{
+    uint8_t *copy = NULL;
+
+    if (data_length != 0) {
+        copy = mbedtls_calloc(1, data_length);
+        if (copy == NULL) {
+            return PSA_ERROR_INSUFFICIENT_MEMORY;
+        }
+        memcpy(copy, data, data_length);
+    }
+    /* After this point, this function is guaranteed to succeed, so it
+     * can start modifying `*attributes`. */
+
+    if (attributes->domain_parameters != NULL) {
+        mbedtls_free(attributes->domain_parameters);
+        attributes->domain_parameters = NULL;
+        attributes->domain_parameters_size = 0;
+    }
+
+    attributes->domain_parameters = copy;
+    attributes->domain_parameters_size = data_length;
+    attributes->core.type = type;
+    return PSA_SUCCESS;
+}
+
+psa_status_t psa_get_key_domain_parameters(
+    const psa_key_attributes_t *attributes,
+    uint8_t *data, size_t data_size, size_t *data_length)
+{
+    if (attributes->domain_parameters_size > data_size) {
+        return PSA_ERROR_BUFFER_TOO_SMALL;
+    }
+    *data_length = attributes->domain_parameters_size;
+    if (attributes->domain_parameters_size != 0) {
+        memcpy(data, attributes->domain_parameters,
+               attributes->domain_parameters_size);
+    }
+    return PSA_SUCCESS;
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_core.h b/3rdparty/mbedtls-2.28.7/library/psa_crypto_core.h
new file mode 100644
index 0000000..6bcd78f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_core.h
@@ -0,0 +1,506 @@
+/*
+ *  PSA crypto core internal interfaces
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_CORE_H
+#define PSA_CRYPTO_CORE_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "psa/crypto.h"
+#include "psa/crypto_se_driver.h"
+
+/** Constant-time buffer comparison
+ *
+ * \param[in]  a    Left-hand buffer for comparison.
+ * \param[in]  b    Right-hand buffer for comparison.
+ * \param n         Amount of bytes to compare.
+ *
+ * \return 0 if the buffer contents are equal, non-zero otherwise
+ */
+static inline int mbedtls_psa_safer_memcmp(
+    const uint8_t *a, const uint8_t *b, size_t n)
+{
+    size_t i;
+    unsigned char diff = 0;
+
+    for (i = 0; i < n; i++) {
+        diff |= a[i] ^ b[i];
+    }
+
+    return diff;
+}
+
+/** The data structure representing a key slot, containing key material
+ * and metadata for one key.
+ */
+typedef struct {
+    psa_core_key_attributes_t attr;
+
+    /*
+     * Number of locks on the key slot held by the library.
+     *
+     * This counter is incremented by one each time a library function
+     * retrieves through one of the dedicated internal API a pointer to the
+     * key slot.
+     *
+     * This counter is decremented by one each time a library function stops
+     * accessing the key slot and states it by calling the
+     * psa_unlock_key_slot() API.
+     *
+     * This counter is used to prevent resetting the key slot while the library
+     * may access it. For example, such control is needed in the following
+     * scenarios:
+     * . In case of key slot starvation, all key slots contain the description
+     *   of a key, and the library asks for the description of a persistent
+     *   key not present in the key slots, the key slots currently accessed by
+     *   the library cannot be reclaimed to free a key slot to load the
+     *   persistent key.
+     * . In case of a multi-threaded application where one thread asks to close
+     *   or purge or destroy a key while it is in used by the library through
+     *   another thread.
+     */
+    size_t lock_count;
+
+    /* Dynamically allocated key data buffer.
+     * Format as specified in psa_export_key(). */
+    struct key_data {
+        uint8_t *data;
+        size_t bytes;
+    } key;
+} psa_key_slot_t;
+
+/* A mask of key attribute flags used only internally.
+ * Currently there aren't any. */
+#define PSA_KA_MASK_INTERNAL_ONLY (     \
+        0)
+
+/** Test whether a key slot is occupied.
+ *
+ * A key slot is occupied iff the key type is nonzero. This works because
+ * no valid key can have 0 as its key type.
+ *
+ * \param[in] slot      The key slot to test.
+ *
+ * \return 1 if the slot is occupied, 0 otherwise.
+ */
+static inline int psa_is_key_slot_occupied(const psa_key_slot_t *slot)
+{
+    return slot->attr.type != 0;
+}
+
+/** Test whether a key slot is locked.
+ *
+ * A key slot is locked iff its lock counter is strictly greater than 0.
+ *
+ * \param[in] slot  The key slot to test.
+ *
+ * \return 1 if the slot is locked, 0 otherwise.
+ */
+static inline int psa_is_key_slot_locked(const psa_key_slot_t *slot)
+{
+    return slot->lock_count > 0;
+}
+
+/** Retrieve flags from psa_key_slot_t::attr::core::flags.
+ *
+ * \param[in] slot      The key slot to query.
+ * \param mask          The mask of bits to extract.
+ *
+ * \return The key attribute flags in the given slot,
+ *         bitwise-anded with \p mask.
+ */
+static inline uint16_t psa_key_slot_get_flags(const psa_key_slot_t *slot,
+                                              uint16_t mask)
+{
+    return slot->attr.flags & mask;
+}
+
+/** Set flags in psa_key_slot_t::attr::core::flags.
+ *
+ * \param[in,out] slot  The key slot to modify.
+ * \param mask          The mask of bits to modify.
+ * \param value         The new value of the selected bits.
+ */
+static inline void psa_key_slot_set_flags(psa_key_slot_t *slot,
+                                          uint16_t mask,
+                                          uint16_t value)
+{
+    slot->attr.flags = ((~mask & slot->attr.flags) |
+                        (mask & value));
+}
+
+/** Turn on flags in psa_key_slot_t::attr::core::flags.
+ *
+ * \param[in,out] slot  The key slot to modify.
+ * \param mask          The mask of bits to set.
+ */
+static inline void psa_key_slot_set_bits_in_flags(psa_key_slot_t *slot,
+                                                  uint16_t mask)
+{
+    slot->attr.flags |= mask;
+}
+
+/** Turn off flags in psa_key_slot_t::attr::core::flags.
+ *
+ * \param[in,out] slot  The key slot to modify.
+ * \param mask          The mask of bits to clear.
+ */
+static inline void psa_key_slot_clear_bits(psa_key_slot_t *slot,
+                                           uint16_t mask)
+{
+    slot->attr.flags &= ~mask;
+}
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+/** Get the SE slot number of a key from the key slot storing its description.
+ *
+ * \param[in]  slot  The key slot to query. This must be a key slot storing
+ *                   the description of a key of a dynamically registered
+ *                   secure element, otherwise the behaviour is undefined.
+ */
+static inline psa_key_slot_number_t psa_key_slot_get_slot_number(
+    const psa_key_slot_t *slot)
+{
+    return *((psa_key_slot_number_t *) (slot->key.data));
+}
+#endif
+
+/** Completely wipe a slot in memory, including its policy.
+ *
+ * Persistent storage is not affected.
+ *
+ * \param[in,out] slot  The key slot to wipe.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success. This includes the case of a key slot that was
+ *         already fully wiped.
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ */
+psa_status_t psa_wipe_key_slot(psa_key_slot_t *slot);
+
+/** Try to allocate a buffer to an empty key slot.
+ *
+ * \param[in,out] slot          Key slot to attach buffer to.
+ * \param[in] buffer_length     Requested size of the buffer.
+ *
+ * \retval #PSA_SUCCESS
+ *         The buffer has been successfully allocated.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ *         Not enough memory was available for allocation.
+ * \retval #PSA_ERROR_ALREADY_EXISTS
+ *         Trying to allocate a buffer to a non-empty key slot.
+ */
+psa_status_t psa_allocate_buffer_to_slot(psa_key_slot_t *slot,
+                                         size_t buffer_length);
+
+/** Wipe key data from a slot. Preserves metadata such as the policy. */
+psa_status_t psa_remove_key_data_from_memory(psa_key_slot_t *slot);
+
+/** Copy key data (in export format) into an empty key slot.
+ *
+ * This function assumes that the slot does not contain
+ * any key material yet. On failure, the slot content is unchanged.
+ *
+ * \param[in,out] slot          Key slot to copy the key into.
+ * \param[in] data              Buffer containing the key material.
+ * \param data_length           Size of the key buffer.
+ *
+ * \retval #PSA_SUCCESS
+ *         The key has been copied successfully.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ *         Not enough memory was available for allocation of the
+ *         copy buffer.
+ * \retval #PSA_ERROR_ALREADY_EXISTS
+ *         There was other key material already present in the slot.
+ */
+psa_status_t psa_copy_key_material_into_slot(psa_key_slot_t *slot,
+                                             const uint8_t *data,
+                                             size_t data_length);
+
+/** Convert an Mbed TLS error code to a PSA error code
+ *
+ * \note This function is provided solely for the convenience of
+ *       Mbed TLS and may be removed at any time without notice.
+ *
+ * \param ret           An Mbed TLS-thrown error code
+ *
+ * \return              The corresponding PSA error code
+ */
+psa_status_t mbedtls_to_psa_error(int ret);
+
+/** Import a key in binary format.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       import_key entry point. This function behaves as an import_key
+ *       entry point as defined in the PSA driver interface specification for
+ *       transparent drivers.
+ *
+ * \param[in]  attributes       The attributes for the key to import.
+ * \param[in]  data             The buffer containing the key data in import
+ *                              format.
+ * \param[in]  data_length      Size of the \p data buffer in bytes.
+ * \param[out] key_buffer       The buffer to contain the key data in output
+ *                              format upon successful return.
+ * \param[in]  key_buffer_size  Size of the \p key_buffer buffer in bytes. This
+ *                              size is greater or equal to \p data_length.
+ * \param[out] key_buffer_length  The length of the data written in \p
+ *                                key_buffer in bytes.
+ * \param[out] bits             The key size in number of bits.
+ *
+ * \retval #PSA_SUCCESS  The key was imported successfully.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         The key data is not correctly formatted.
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ */
+psa_status_t psa_import_key_into_slot(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *data, size_t data_length,
+    uint8_t *key_buffer, size_t key_buffer_size,
+    size_t *key_buffer_length, size_t *bits);
+
+/** Export a key in binary format
+ *
+ * \note The signature of this function is that of a PSA driver export_key
+ *       entry point. This function behaves as an export_key entry point as
+ *       defined in the PSA driver interface specification.
+ *
+ * \param[in]  attributes       The attributes for the key to export.
+ * \param[in]  key_buffer       Material or context of the key to export.
+ * \param[in]  key_buffer_size  Size of the \p key_buffer buffer in bytes.
+ * \param[out] data             Buffer where the key data is to be written.
+ * \param[in]  data_size        Size of the \p data buffer in bytes.
+ * \param[out] data_length      On success, the number of bytes written in
+ *                              \p data
+ *
+ * \retval #PSA_SUCCESS  The key was exported successfully.
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ */
+psa_status_t psa_export_key_internal(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    uint8_t *data, size_t data_size, size_t *data_length);
+
+/** Export a public key or the public part of a key pair in binary format.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       export_public_key entry point. This function behaves as an
+ *       export_public_key entry point as defined in the PSA driver interface
+ *       specification.
+ *
+ * \param[in]  attributes       The attributes for the key to export.
+ * \param[in]  key_buffer       Material or context of the key to export.
+ * \param[in]  key_buffer_size  Size of the \p key_buffer buffer in bytes.
+ * \param[out] data             Buffer where the key data is to be written.
+ * \param[in]  data_size        Size of the \p data buffer in bytes.
+ * \param[out] data_length      On success, the number of bytes written in
+ *                              \p data
+ *
+ * \retval #PSA_SUCCESS  The public key was exported successfully.
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ */
+psa_status_t psa_export_public_key_internal(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    uint8_t *data, size_t data_size, size_t *data_length);
+
+/**
+ * \brief Generate a key.
+ *
+ * \note The signature of the function is that of a PSA driver generate_key
+ *       entry point.
+ *
+ * \param[in]  attributes         The attributes for the key to generate.
+ * \param[out] key_buffer         Buffer where the key data is to be written.
+ * \param[in]  key_buffer_size    Size of \p key_buffer in bytes.
+ * \param[out] key_buffer_length  On success, the number of bytes written in
+ *                                \p key_buffer.
+ *
+ * \retval #PSA_SUCCESS
+ *         The key was generated successfully.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ *         Key size in bits or type not supported.
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of \p key_buffer is too small.
+ */
+psa_status_t psa_generate_key_internal(const psa_key_attributes_t *attributes,
+                                       uint8_t *key_buffer,
+                                       size_t key_buffer_size,
+                                       size_t *key_buffer_length);
+
+/** Sign a message with a private key. For hash-and-sign algorithms,
+ *  this includes the hashing step.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       sign_message entry point. This function behaves as a sign_message
+ *       entry point as defined in the PSA driver interface specification for
+ *       transparent drivers.
+ *
+ * \note This function will call the driver for psa_sign_hash
+ *       and go through driver dispatch again.
+ *
+ * \param[in]  attributes       The attributes of the key to use for the
+ *                              operation.
+ * \param[in]  key_buffer       The buffer containing the key context.
+ * \param[in]  key_buffer_size  Size of the \p key_buffer buffer in bytes.
+ * \param[in]  alg              A signature algorithm that is compatible with
+ *                              the type of the key.
+ * \param[in]  input            The input message to sign.
+ * \param[in]  input_length     Size of the \p input buffer in bytes.
+ * \param[out] signature        Buffer where the signature is to be written.
+ * \param[in]  signature_size   Size of the \p signature buffer in bytes.
+ * \param[out] signature_length On success, the number of bytes
+ *                              that make up the returned signature value.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \p signature buffer is too small. You can
+ *         determine a sufficient buffer size by calling
+ *         #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
+ *         where \c key_type and \c key_bits are the type and bit-size
+ *         respectively of the key.
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription
+ */
+psa_status_t psa_sign_message_builtin(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg, const uint8_t *input, size_t input_length,
+    uint8_t *signature, size_t signature_size, size_t *signature_length);
+
+/** Verify the signature of a message with a public key, using
+ *  a hash-and-sign verification algorithm.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       verify_message entry point. This function behaves as a verify_message
+ *       entry point as defined in the PSA driver interface specification for
+ *       transparent drivers.
+ *
+ * \note This function will call the driver for psa_verify_hash
+ *       and go through driver dispatch again.
+ *
+ * \param[in]  attributes       The attributes of the key to use for the
+ *                              operation.
+ * \param[in]  key_buffer       The buffer containing the key context.
+ * \param[in]  key_buffer_size  Size of the \p key_buffer buffer in bytes.
+ * \param[in]  alg              A signature algorithm that is compatible with
+ *                              the type of the key.
+ * \param[in]  input            The message whose signature is to be verified.
+ * \param[in]  input_length     Size of the \p input buffer in bytes.
+ * \param[in]  signature        Buffer containing the signature to verify.
+ * \param[in]  signature_length Size of the \p signature buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ *         The signature is valid.
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
+ *         The calculation was performed successfully, but the passed
+ *         signature is not a valid signature.
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ */
+psa_status_t psa_verify_message_builtin(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg, const uint8_t *input, size_t input_length,
+    const uint8_t *signature, size_t signature_length);
+
+/** Sign an already-calculated hash with a private key.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       sign_hash entry point. This function behaves as a sign_hash
+ *       entry point as defined in the PSA driver interface specification for
+ *       transparent drivers.
+ *
+ * \param[in]  attributes       The attributes of the key to use for the
+ *                              operation.
+ * \param[in]  key_buffer       The buffer containing the key context.
+ * \param[in]  key_buffer_size  Size of the \p key_buffer buffer in bytes.
+ * \param[in]  alg              A signature algorithm that is compatible with
+ *                              the type of the key.
+ * \param[in]  hash             The hash or message to sign.
+ * \param[in]  hash_length      Size of the \p hash buffer in bytes.
+ * \param[out] signature        Buffer where the signature is to be written.
+ * \param[in]  signature_size   Size of the \p signature buffer in bytes.
+ * \param[out] signature_length On success, the number of bytes
+ *                              that make up the returned signature value.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \p signature buffer is too small. You can
+ *         determine a sufficient buffer size by calling
+ *         #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
+ *         where \c key_type and \c key_bits are the type and bit-size
+ *         respectively of the key.
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription
+ */
+psa_status_t psa_sign_hash_builtin(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+    uint8_t *signature, size_t signature_size, size_t *signature_length);
+
+/**
+ * \brief Verify the signature a hash or short message using a public key.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       verify_hash entry point. This function behaves as a verify_hash
+ *       entry point as defined in the PSA driver interface specification for
+ *       transparent drivers.
+ *
+ * \param[in]  attributes       The attributes of the key to use for the
+ *                              operation.
+ * \param[in]  key_buffer       The buffer containing the key context.
+ * \param[in]  key_buffer_size  Size of the \p key_buffer buffer in bytes.
+ * \param[in]  alg              A signature algorithm that is compatible with
+ *                              the type of the key.
+ * \param[in]  hash             The hash or message whose signature is to be
+ *                              verified.
+ * \param[in]  hash_length      Size of the \p hash buffer in bytes.
+ * \param[in]  signature        Buffer containing the signature to verify.
+ * \param[in]  signature_length Size of the \p signature buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ *         The signature is valid.
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
+ *         The calculation was performed successfully, but the passed
+ *         signature is not a valid signature.
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ */
+psa_status_t psa_verify_hash_builtin(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+    const uint8_t *signature, size_t signature_length);
+
+#endif /* PSA_CRYPTO_CORE_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_driver_wrappers.c b/3rdparty/mbedtls-2.28.7/library/psa_crypto_driver_wrappers.c
new file mode 100644
index 0000000..196cd2e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_driver_wrappers.c
@@ -0,0 +1,1856 @@
+/*
+ *  Functions to delegate cryptographic operations to an available
+ *  and appropriate accelerator.
+ *  Warning: This file will be auto-generated in the future.
+ */
+/*  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "psa_crypto_aead.h"
+#include "psa_crypto_cipher.h"
+#include "psa_crypto_core.h"
+#include "psa_crypto_driver_wrappers.h"
+#include "psa_crypto_hash.h"
+#include "psa_crypto_mac.h"
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
+
+/* Include test driver definition when running tests */
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#ifndef PSA_CRYPTO_DRIVER_PRESENT
+#define PSA_CRYPTO_DRIVER_PRESENT
+#endif
+#ifndef PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT
+#define PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT
+#endif
+#include "test/drivers/test_driver.h"
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
+/* Repeat above block for each JSON-declared driver during autogeneration */
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */
+
+/* Auto-generated values depending on which drivers are registered.
+ * ID 0 is reserved for unallocated operations.
+ * ID 1 is reserved for the Mbed TLS software driver. */
+#define PSA_CRYPTO_MBED_TLS_DRIVER_ID (1)
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#define PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID (2)
+#define PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID (3)
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
+/* Support the 'old' SE interface when asked to */
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+/* PSA_CRYPTO_DRIVER_PRESENT is defined when either a new-style or old-style
+ * SE driver is present, to avoid unused argument errors at compile time. */
+#ifndef PSA_CRYPTO_DRIVER_PRESENT
+#define PSA_CRYPTO_DRIVER_PRESENT
+#endif
+#include "psa_crypto_se.h"
+#endif
+
+psa_status_t psa_driver_wrapper_init(void)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    status = psa_init_all_se_drivers();
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+#endif
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+    status = mbedtls_test_transparent_init();
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    status = mbedtls_test_opaque_init();
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+#endif
+
+    (void) status;
+    return PSA_SUCCESS;
+}
+
+void psa_driver_wrapper_free(void)
+{
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    /* Unregister all secure element drivers, so that we restart from
+     * a pristine state. */
+    psa_unregister_all_se_drivers();
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+    mbedtls_test_transparent_free();
+    mbedtls_test_opaque_free();
+#endif
+}
+
+/* Start delegation functions */
+psa_status_t psa_driver_wrapper_sign_message(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *signature,
+    size_t signature_size,
+    size_t *signature_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_location_t location =
+        PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
+
+    switch (location) {
+        case PSA_KEY_LOCATION_LOCAL_STORAGE:
+            /* Key is stored in the slot in export representation, so
+             * cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+            status = mbedtls_test_transparent_signature_sign_message(
+                attributes,
+                key_buffer,
+                key_buffer_size,
+                alg,
+                input,
+                input_length,
+                signature,
+                signature_size,
+                signature_length);
+            /* Declared with fallback == true */
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+            break;
+
+            /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+            status = mbedtls_test_opaque_signature_sign_message(
+                attributes,
+                key_buffer,
+                key_buffer_size,
+                alg,
+                input,
+                input_length,
+                signature,
+                signature_size,
+                signature_length);
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+            break;
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+        default:
+            /* Key is declared with a lifetime not known to us */
+            (void) status;
+            break;
+    }
+
+    return psa_sign_message_builtin(attributes,
+                                    key_buffer,
+                                    key_buffer_size,
+                                    alg,
+                                    input,
+                                    input_length,
+                                    signature,
+                                    signature_size,
+                                    signature_length);
+}
+
+psa_status_t psa_driver_wrapper_verify_message(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    const uint8_t *signature,
+    size_t signature_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_location_t location =
+        PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
+
+    switch (location) {
+        case PSA_KEY_LOCATION_LOCAL_STORAGE:
+            /* Key is stored in the slot in export representation, so
+             * cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+            status = mbedtls_test_transparent_signature_verify_message(
+                attributes,
+                key_buffer,
+                key_buffer_size,
+                alg,
+                input,
+                input_length,
+                signature,
+                signature_length);
+            /* Declared with fallback == true */
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+            break;
+
+            /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+            return mbedtls_test_opaque_signature_verify_message(
+                attributes,
+                key_buffer,
+                key_buffer_size,
+                alg,
+                input,
+                input_length,
+                signature,
+                signature_length);
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+            break;
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+        default:
+            /* Key is declared with a lifetime not known to us */
+            (void) status;
+            break;
+    }
+
+    return psa_verify_message_builtin(attributes,
+                                      key_buffer,
+                                      key_buffer_size,
+                                      alg,
+                                      input,
+                                      input_length,
+                                      signature,
+                                      signature_length);
+}
+
+psa_status_t psa_driver_wrapper_sign_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+    uint8_t *signature, size_t signature_size, size_t *signature_length)
+{
+    /* Try dynamically-registered SE interface first */
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    const psa_drv_se_t *drv;
+    psa_drv_se_context_t *drv_context;
+
+    if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) {
+        if (drv->asymmetric == NULL ||
+            drv->asymmetric->p_sign == NULL) {
+            /* Key is defined in SE, but we have no way to exercise it */
+            return PSA_ERROR_NOT_SUPPORTED;
+        }
+        return drv->asymmetric->p_sign(
+            drv_context, *((psa_key_slot_number_t *) key_buffer),
+            alg, hash, hash_length,
+            signature, signature_size, signature_length);
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_location_t location =
+        PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
+
+    switch (location) {
+        case PSA_KEY_LOCATION_LOCAL_STORAGE:
+            /* Key is stored in the slot in export representation, so
+             * cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+            status = mbedtls_test_transparent_signature_sign_hash(attributes,
+                                                                  key_buffer,
+                                                                  key_buffer_size,
+                                                                  alg,
+                                                                  hash,
+                                                                  hash_length,
+                                                                  signature,
+                                                                  signature_size,
+                                                                  signature_length);
+            /* Declared with fallback == true */
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+            /* Fell through, meaning no accelerator supports this operation */
+            return psa_sign_hash_builtin(attributes,
+                                         key_buffer,
+                                         key_buffer_size,
+                                         alg,
+                                         hash,
+                                         hash_length,
+                                         signature,
+                                         signature_size,
+                                         signature_length);
+
+            /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+            return mbedtls_test_opaque_signature_sign_hash(attributes,
+                                                           key_buffer,
+                                                           key_buffer_size,
+                                                           alg,
+                                                           hash,
+                                                           hash_length,
+                                                           signature,
+                                                           signature_size,
+                                                           signature_length);
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+        default:
+            /* Key is declared with a lifetime not known to us */
+            (void) status;
+            return PSA_ERROR_INVALID_ARGUMENT;
+    }
+}
+
+psa_status_t psa_driver_wrapper_verify_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+    const uint8_t *signature, size_t signature_length)
+{
+    /* Try dynamically-registered SE interface first */
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    const psa_drv_se_t *drv;
+    psa_drv_se_context_t *drv_context;
+
+    if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) {
+        if (drv->asymmetric == NULL ||
+            drv->asymmetric->p_verify == NULL) {
+            /* Key is defined in SE, but we have no way to exercise it */
+            return PSA_ERROR_NOT_SUPPORTED;
+        }
+        return drv->asymmetric->p_verify(
+            drv_context, *((psa_key_slot_number_t *) key_buffer),
+            alg, hash, hash_length,
+            signature, signature_length);
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_location_t location =
+        PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
+
+    switch (location) {
+        case PSA_KEY_LOCATION_LOCAL_STORAGE:
+            /* Key is stored in the slot in export representation, so
+             * cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+            status = mbedtls_test_transparent_signature_verify_hash(
+                attributes,
+                key_buffer,
+                key_buffer_size,
+                alg,
+                hash,
+                hash_length,
+                signature,
+                signature_length);
+            /* Declared with fallback == true */
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
+            return psa_verify_hash_builtin(attributes,
+                                           key_buffer,
+                                           key_buffer_size,
+                                           alg,
+                                           hash,
+                                           hash_length,
+                                           signature,
+                                           signature_length);
+
+            /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+            return mbedtls_test_opaque_signature_verify_hash(attributes,
+                                                             key_buffer,
+                                                             key_buffer_size,
+                                                             alg,
+                                                             hash,
+                                                             hash_length,
+                                                             signature,
+                                                             signature_length);
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+        default:
+            /* Key is declared with a lifetime not known to us */
+            (void) status;
+            return PSA_ERROR_INVALID_ARGUMENT;
+    }
+}
+
+/** Get the key buffer size required to store the key material of a key
+ *  associated with an opaque driver without storage.
+ *
+ * \param[in] attributes  The key attributes.
+ * \param[out] key_buffer_size  Minimum buffer size to contain the key material
+ *
+ * \retval #PSA_SUCCESS
+ *         The minimum size for a buffer to contain the key material has been
+ *         returned successfully.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         The size in bits of the key is not valid.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ *         The type and/or the size in bits of the key or the combination of
+ *         the two is not supported.
+ */
+psa_status_t psa_driver_wrapper_get_key_buffer_size(
+    const psa_key_attributes_t *attributes,
+    size_t *key_buffer_size)
+{
+    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
+    psa_key_type_t key_type = attributes->core.type;
+    size_t key_bits = attributes->core.bits;
+
+    *key_buffer_size = 0;
+    switch (location) {
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
+            /* Emulate property 'builtin_key_size' */
+            if (psa_key_id_is_builtin(
+                    MBEDTLS_SVC_KEY_ID_GET_KEY_ID(
+                        psa_get_key_id(attributes)))) {
+                *key_buffer_size = sizeof(psa_drv_slot_number_t);
+                return PSA_SUCCESS;
+            }
+#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+            *key_buffer_size = mbedtls_test_size_function(key_type, key_bits);
+            return (*key_buffer_size != 0) ?
+                   PSA_SUCCESS : PSA_ERROR_NOT_SUPPORTED;
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
+        default:
+            (void) key_type;
+            (void) key_bits;
+            return PSA_ERROR_NOT_SUPPORTED;
+    }
+}
+
+psa_status_t psa_driver_wrapper_generate_key(
+    const psa_key_attributes_t *attributes,
+    uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_location_t location =
+        PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
+
+    /* Try dynamically-registered SE interface first */
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    const psa_drv_se_t *drv;
+    psa_drv_se_context_t *drv_context;
+
+    if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) {
+        size_t pubkey_length = 0; /* We don't support this feature yet */
+        if (drv->key_management == NULL ||
+            drv->key_management->p_generate == NULL) {
+            /* Key is defined as being in SE, but we have no way to generate it */
+            return PSA_ERROR_NOT_SUPPORTED;
+        }
+        return drv->key_management->p_generate(
+            drv_context,
+            *((psa_key_slot_number_t *) key_buffer),
+            attributes, NULL, 0, &pubkey_length);
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+    switch (location) {
+        case PSA_KEY_LOCATION_LOCAL_STORAGE:
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+            /* Transparent drivers are limited to generating asymmetric keys */
+            if (PSA_KEY_TYPE_IS_ASYMMETRIC(attributes->core.type)) {
+                /* Cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+                status = mbedtls_test_transparent_generate_key(
+                    attributes, key_buffer, key_buffer_size,
+                    key_buffer_length);
+                /* Declared with fallback == true */
+                if (status != PSA_ERROR_NOT_SUPPORTED) {
+                    break;
+                }
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+            }
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
+            /* Software fallback */
+            status = psa_generate_key_internal(
+                attributes, key_buffer, key_buffer_size, key_buffer_length);
+            break;
+
+            /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+            status = mbedtls_test_opaque_generate_key(
+                attributes, key_buffer, key_buffer_size, key_buffer_length);
+            break;
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
+        default:
+            /* Key is declared with a lifetime not known to us */
+            status = PSA_ERROR_INVALID_ARGUMENT;
+            break;
+    }
+
+    return status;
+}
+
+psa_status_t psa_driver_wrapper_import_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *data,
+    size_t data_length,
+    uint8_t *key_buffer,
+    size_t key_buffer_size,
+    size_t *key_buffer_length,
+    size_t *bits)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
+        psa_get_key_lifetime(attributes));
+
+    /* Try dynamically-registered SE interface first */
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    const psa_drv_se_t *drv;
+    psa_drv_se_context_t *drv_context;
+
+    if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) {
+        if (drv->key_management == NULL ||
+            drv->key_management->p_import == NULL) {
+            return PSA_ERROR_NOT_SUPPORTED;
+        }
+
+        /* The driver should set the number of key bits, however in
+         * case it doesn't, we initialize bits to an invalid value. */
+        *bits = PSA_MAX_KEY_BITS + 1;
+        status = drv->key_management->p_import(
+            drv_context,
+            *((psa_key_slot_number_t *) key_buffer),
+            attributes, data, data_length, bits);
+
+        if (status != PSA_SUCCESS) {
+            return status;
+        }
+
+        if ((*bits) > PSA_MAX_KEY_BITS) {
+            return PSA_ERROR_NOT_SUPPORTED;
+        }
+
+        return PSA_SUCCESS;
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+    switch (location) {
+        case PSA_KEY_LOCATION_LOCAL_STORAGE:
+            /* Key is stored in the slot in export representation, so
+             * cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+            status = mbedtls_test_transparent_import_key(
+                attributes,
+                data, data_length,
+                key_buffer, key_buffer_size,
+                key_buffer_length, bits);
+            /* Declared with fallback == true */
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+            /* Fell through, meaning no accelerator supports this operation */
+            return psa_import_key_into_slot(attributes,
+                                            data, data_length,
+                                            key_buffer, key_buffer_size,
+                                            key_buffer_length, bits);
+
+        default:
+            /* Importing a key with external storage in not yet supported.
+             * Return in error indicating that the lifetime is not valid. */
+            (void) status;
+            return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+}
+
+psa_status_t psa_driver_wrapper_export_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    uint8_t *data, size_t data_size, size_t *data_length)
+
+{
+    psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
+    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
+        psa_get_key_lifetime(attributes));
+
+    /* Try dynamically-registered SE interface first */
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    const psa_drv_se_t *drv;
+    psa_drv_se_context_t *drv_context;
+
+    if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) {
+        if ((drv->key_management == NULL) ||
+            (drv->key_management->p_export == NULL)) {
+            return PSA_ERROR_NOT_SUPPORTED;
+        }
+
+        return drv->key_management->p_export(
+            drv_context,
+            *((psa_key_slot_number_t *) key_buffer),
+            data, data_size, data_length);
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+    switch (location) {
+        case PSA_KEY_LOCATION_LOCAL_STORAGE:
+            return psa_export_key_internal(attributes,
+                                           key_buffer,
+                                           key_buffer_size,
+                                           data,
+                                           data_size,
+                                           data_length);
+
+            /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+            return mbedtls_test_opaque_export_key(attributes,
+                                                  key_buffer,
+                                                  key_buffer_size,
+                                                  data,
+                                                  data_size,
+                                                  data_length);
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+        default:
+            /* Key is declared with a lifetime not known to us */
+            return status;
+    }
+}
+
+psa_status_t psa_driver_wrapper_export_public_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    uint8_t *data, size_t data_size, size_t *data_length)
+
+{
+    psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
+    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
+        psa_get_key_lifetime(attributes));
+
+    /* Try dynamically-registered SE interface first */
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    const psa_drv_se_t *drv;
+    psa_drv_se_context_t *drv_context;
+
+    if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) {
+        if ((drv->key_management == NULL) ||
+            (drv->key_management->p_export_public == NULL)) {
+            return PSA_ERROR_NOT_SUPPORTED;
+        }
+
+        return drv->key_management->p_export_public(
+            drv_context,
+            *((psa_key_slot_number_t *) key_buffer),
+            data, data_size, data_length);
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+    switch (location) {
+        case PSA_KEY_LOCATION_LOCAL_STORAGE:
+            /* Key is stored in the slot in export representation, so
+             * cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+            status = mbedtls_test_transparent_export_public_key(
+                attributes,
+                key_buffer,
+                key_buffer_size,
+                data,
+                data_size,
+                data_length);
+            /* Declared with fallback == true */
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+            /* Fell through, meaning no accelerator supports this operation */
+            return psa_export_public_key_internal(attributes,
+                                                  key_buffer,
+                                                  key_buffer_size,
+                                                  data,
+                                                  data_size,
+                                                  data_length);
+
+            /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+            return mbedtls_test_opaque_export_public_key(attributes,
+                                                         key_buffer,
+                                                         key_buffer_size,
+                                                         data,
+                                                         data_size,
+                                                         data_length);
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+        default:
+            /* Key is declared with a lifetime not known to us */
+            return status;
+    }
+}
+
+psa_status_t psa_driver_wrapper_get_builtin_key(
+    psa_drv_slot_number_t slot_number,
+    psa_key_attributes_t *attributes,
+    uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
+{
+    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
+    switch (location) {
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+            return mbedtls_test_opaque_get_builtin_key(
+                slot_number,
+                attributes,
+                key_buffer, key_buffer_size, key_buffer_length);
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+        default:
+            (void) slot_number;
+            (void) key_buffer;
+            (void) key_buffer_size;
+            (void) key_buffer_length;
+            return PSA_ERROR_DOES_NOT_EXIST;
+    }
+}
+
+/*
+ * Cipher functions
+ */
+psa_status_t psa_driver_wrapper_cipher_encrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *iv,
+    size_t iv_length,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *output,
+    size_t output_size,
+    size_t *output_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_location_t location =
+        PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
+
+    switch (location) {
+        case PSA_KEY_LOCATION_LOCAL_STORAGE:
+            /* Key is stored in the slot in export representation, so
+             * cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+            status = mbedtls_test_transparent_cipher_encrypt(attributes,
+                                                             key_buffer,
+                                                             key_buffer_size,
+                                                             alg,
+                                                             iv,
+                                                             iv_length,
+                                                             input,
+                                                             input_length,
+                                                             output,
+                                                             output_size,
+                                                             output_length);
+            /* Declared with fallback == true */
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+            return mbedtls_psa_cipher_encrypt(attributes,
+                                              key_buffer,
+                                              key_buffer_size,
+                                              alg,
+                                              iv,
+                                              iv_length,
+                                              input,
+                                              input_length,
+                                              output,
+                                              output_size,
+                                              output_length);
+#else
+            return PSA_ERROR_NOT_SUPPORTED;
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
+
+            /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+            return mbedtls_test_opaque_cipher_encrypt(attributes,
+                                                      key_buffer,
+                                                      key_buffer_size,
+                                                      alg,
+                                                      iv,
+                                                      iv_length,
+                                                      input,
+                                                      input_length,
+                                                      output,
+                                                      output_size,
+                                                      output_length);
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
+        default:
+            /* Key is declared with a lifetime not known to us */
+            (void) status;
+            (void) key_buffer;
+            (void) key_buffer_size;
+            (void) alg;
+            (void) iv;
+            (void) iv_length;
+            (void) input;
+            (void) input_length;
+            (void) output;
+            (void) output_size;
+            (void) output_length;
+            return PSA_ERROR_INVALID_ARGUMENT;
+    }
+}
+
+psa_status_t psa_driver_wrapper_cipher_decrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *output,
+    size_t output_size,
+    size_t *output_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_location_t location =
+        PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
+
+    switch (location) {
+        case PSA_KEY_LOCATION_LOCAL_STORAGE:
+            /* Key is stored in the slot in export representation, so
+             * cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+            status = mbedtls_test_transparent_cipher_decrypt(attributes,
+                                                             key_buffer,
+                                                             key_buffer_size,
+                                                             alg,
+                                                             input,
+                                                             input_length,
+                                                             output,
+                                                             output_size,
+                                                             output_length);
+            /* Declared with fallback == true */
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+            return mbedtls_psa_cipher_decrypt(attributes,
+                                              key_buffer,
+                                              key_buffer_size,
+                                              alg,
+                                              input,
+                                              input_length,
+                                              output,
+                                              output_size,
+                                              output_length);
+#else
+            return PSA_ERROR_NOT_SUPPORTED;
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
+
+            /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+            return mbedtls_test_opaque_cipher_decrypt(attributes,
+                                                      key_buffer,
+                                                      key_buffer_size,
+                                                      alg,
+                                                      input,
+                                                      input_length,
+                                                      output,
+                                                      output_size,
+                                                      output_length);
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
+        default:
+            /* Key is declared with a lifetime not known to us */
+            (void) status;
+            (void) key_buffer;
+            (void) key_buffer_size;
+            (void) alg;
+            (void) input;
+            (void) input_length;
+            (void) output;
+            (void) output_size;
+            (void) output_length;
+            return PSA_ERROR_INVALID_ARGUMENT;
+    }
+}
+
+psa_status_t psa_driver_wrapper_cipher_encrypt_setup(
+    psa_cipher_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_location_t location =
+        PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
+
+    switch (location) {
+        case PSA_KEY_LOCATION_LOCAL_STORAGE:
+            /* Key is stored in the slot in export representation, so
+             * cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+            status = mbedtls_test_transparent_cipher_encrypt_setup(
+                &operation->ctx.transparent_test_driver_ctx,
+                attributes,
+                key_buffer,
+                key_buffer_size,
+                alg);
+            /* Declared with fallback == true */
+            if (status == PSA_SUCCESS) {
+                operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
+            }
+
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+            /* Fell through, meaning no accelerator supports this operation */
+            status = mbedtls_psa_cipher_encrypt_setup(&operation->ctx.mbedtls_ctx,
+                                                      attributes,
+                                                      key_buffer,
+                                                      key_buffer_size,
+                                                      alg);
+            if (status == PSA_SUCCESS) {
+                operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
+            }
+
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
+            return PSA_ERROR_NOT_SUPPORTED;
+
+            /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+            status = mbedtls_test_opaque_cipher_encrypt_setup(
+                &operation->ctx.opaque_test_driver_ctx,
+                attributes,
+                key_buffer, key_buffer_size,
+                alg);
+
+            if (status == PSA_SUCCESS) {
+                operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
+            }
+
+            return status;
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+        default:
+            /* Key is declared with a lifetime not known to us */
+            (void) status;
+            (void) operation;
+            (void) key_buffer;
+            (void) key_buffer_size;
+            (void) alg;
+            return PSA_ERROR_INVALID_ARGUMENT;
+    }
+}
+
+psa_status_t psa_driver_wrapper_cipher_decrypt_setup(
+    psa_cipher_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg)
+{
+    psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
+    psa_key_location_t location =
+        PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
+
+    switch (location) {
+        case PSA_KEY_LOCATION_LOCAL_STORAGE:
+            /* Key is stored in the slot in export representation, so
+             * cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+            status = mbedtls_test_transparent_cipher_decrypt_setup(
+                &operation->ctx.transparent_test_driver_ctx,
+                attributes,
+                key_buffer,
+                key_buffer_size,
+                alg);
+            /* Declared with fallback == true */
+            if (status == PSA_SUCCESS) {
+                operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
+            }
+
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+            /* Fell through, meaning no accelerator supports this operation */
+            status = mbedtls_psa_cipher_decrypt_setup(&operation->ctx.mbedtls_ctx,
+                                                      attributes,
+                                                      key_buffer,
+                                                      key_buffer_size,
+                                                      alg);
+            if (status == PSA_SUCCESS) {
+                operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
+            }
+
+            return status;
+#else /* MBEDTLS_PSA_BUILTIN_CIPHER */
+            return PSA_ERROR_NOT_SUPPORTED;
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
+
+            /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+            status = mbedtls_test_opaque_cipher_decrypt_setup(
+                &operation->ctx.opaque_test_driver_ctx,
+                attributes,
+                key_buffer, key_buffer_size,
+                alg);
+
+            if (status == PSA_SUCCESS) {
+                operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
+            }
+
+            return status;
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+        default:
+            /* Key is declared with a lifetime not known to us */
+            (void) status;
+            (void) operation;
+            (void) key_buffer;
+            (void) key_buffer_size;
+            (void) alg;
+            return PSA_ERROR_INVALID_ARGUMENT;
+    }
+}
+
+psa_status_t psa_driver_wrapper_cipher_set_iv(
+    psa_cipher_operation_t *operation,
+    const uint8_t *iv,
+    size_t iv_length)
+{
+    switch (operation->id) {
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+        case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+            return mbedtls_psa_cipher_set_iv(&operation->ctx.mbedtls_ctx,
+                                             iv,
+                                             iv_length);
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
+
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+            return mbedtls_test_transparent_cipher_set_iv(
+                &operation->ctx.transparent_test_driver_ctx,
+                iv, iv_length);
+
+        case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
+            return mbedtls_test_opaque_cipher_set_iv(
+                &operation->ctx.opaque_test_driver_ctx,
+                iv, iv_length);
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+    }
+
+    (void) iv;
+    (void) iv_length;
+
+    return PSA_ERROR_INVALID_ARGUMENT;
+}
+
+psa_status_t psa_driver_wrapper_cipher_update(
+    psa_cipher_operation_t *operation,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *output,
+    size_t output_size,
+    size_t *output_length)
+{
+    switch (operation->id) {
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+        case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+            return mbedtls_psa_cipher_update(&operation->ctx.mbedtls_ctx,
+                                             input,
+                                             input_length,
+                                             output,
+                                             output_size,
+                                             output_length);
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
+
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+            return mbedtls_test_transparent_cipher_update(
+                &operation->ctx.transparent_test_driver_ctx,
+                input, input_length,
+                output, output_size, output_length);
+
+        case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
+            return mbedtls_test_opaque_cipher_update(
+                &operation->ctx.opaque_test_driver_ctx,
+                input, input_length,
+                output, output_size, output_length);
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+    }
+
+    (void) input;
+    (void) input_length;
+    (void) output;
+    (void) output_size;
+    (void) output_length;
+
+    return PSA_ERROR_INVALID_ARGUMENT;
+}
+
+psa_status_t psa_driver_wrapper_cipher_finish(
+    psa_cipher_operation_t *operation,
+    uint8_t *output,
+    size_t output_size,
+    size_t *output_length)
+{
+    switch (operation->id) {
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+        case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+            return mbedtls_psa_cipher_finish(&operation->ctx.mbedtls_ctx,
+                                             output,
+                                             output_size,
+                                             output_length);
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
+
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+            return mbedtls_test_transparent_cipher_finish(
+                &operation->ctx.transparent_test_driver_ctx,
+                output, output_size, output_length);
+
+        case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
+            return mbedtls_test_opaque_cipher_finish(
+                &operation->ctx.opaque_test_driver_ctx,
+                output, output_size, output_length);
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+    }
+
+    (void) output;
+    (void) output_size;
+    (void) output_length;
+
+    return PSA_ERROR_INVALID_ARGUMENT;
+}
+
+psa_status_t psa_driver_wrapper_cipher_abort(
+    psa_cipher_operation_t *operation)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+    switch (operation->id) {
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+        case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+            return mbedtls_psa_cipher_abort(&operation->ctx.mbedtls_ctx);
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
+
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+            status = mbedtls_test_transparent_cipher_abort(
+                &operation->ctx.transparent_test_driver_ctx);
+            mbedtls_platform_zeroize(
+                &operation->ctx.transparent_test_driver_ctx,
+                sizeof(operation->ctx.transparent_test_driver_ctx));
+            return status;
+
+        case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
+            status = mbedtls_test_opaque_cipher_abort(
+                &operation->ctx.opaque_test_driver_ctx);
+            mbedtls_platform_zeroize(
+                &operation->ctx.opaque_test_driver_ctx,
+                sizeof(operation->ctx.opaque_test_driver_ctx));
+            return status;
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+    }
+
+    (void) status;
+    return PSA_ERROR_INVALID_ARGUMENT;
+}
+
+/*
+ * Hashing functions
+ */
+psa_status_t psa_driver_wrapper_hash_compute(
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *hash,
+    size_t hash_size,
+    size_t *hash_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+    /* Try accelerators first */
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+    status = mbedtls_test_transparent_hash_compute(
+        alg, input, input_length, hash, hash_size, hash_length);
+    if (status != PSA_ERROR_NOT_SUPPORTED) {
+        return status;
+    }
+#endif
+
+    /* If software fallback is compiled in, try fallback */
+#if defined(MBEDTLS_PSA_BUILTIN_HASH)
+    status = mbedtls_psa_hash_compute(alg, input, input_length,
+                                      hash, hash_size, hash_length);
+    if (status != PSA_ERROR_NOT_SUPPORTED) {
+        return status;
+    }
+#endif
+    (void) status;
+    (void) alg;
+    (void) input;
+    (void) input_length;
+    (void) hash;
+    (void) hash_size;
+    (void) hash_length;
+
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_driver_wrapper_hash_setup(
+    psa_hash_operation_t *operation,
+    psa_algorithm_t alg)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+    /* Try setup on accelerators first */
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+    status = mbedtls_test_transparent_hash_setup(
+        &operation->ctx.test_driver_ctx, alg);
+    if (status == PSA_SUCCESS) {
+        operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
+    }
+
+    if (status != PSA_ERROR_NOT_SUPPORTED) {
+        return status;
+    }
+#endif
+
+    /* If software fallback is compiled in, try fallback */
+#if defined(MBEDTLS_PSA_BUILTIN_HASH)
+    status = mbedtls_psa_hash_setup(&operation->ctx.mbedtls_ctx, alg);
+    if (status == PSA_SUCCESS) {
+        operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
+    }
+
+    if (status != PSA_ERROR_NOT_SUPPORTED) {
+        return status;
+    }
+#endif
+    /* Nothing left to try if we fall through here */
+    (void) status;
+    (void) operation;
+    (void) alg;
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_driver_wrapper_hash_clone(
+    const psa_hash_operation_t *source_operation,
+    psa_hash_operation_t *target_operation)
+{
+    switch (source_operation->id) {
+#if defined(MBEDTLS_PSA_BUILTIN_HASH)
+        case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+            target_operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
+            return mbedtls_psa_hash_clone(&source_operation->ctx.mbedtls_ctx,
+                                          &target_operation->ctx.mbedtls_ctx);
+#endif
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+            target_operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
+            return mbedtls_test_transparent_hash_clone(
+                &source_operation->ctx.test_driver_ctx,
+                &target_operation->ctx.test_driver_ctx);
+#endif
+        default:
+            (void) target_operation;
+            return PSA_ERROR_BAD_STATE;
+    }
+}
+
+psa_status_t psa_driver_wrapper_hash_update(
+    psa_hash_operation_t *operation,
+    const uint8_t *input,
+    size_t input_length)
+{
+    switch (operation->id) {
+#if defined(MBEDTLS_PSA_BUILTIN_HASH)
+        case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+            return mbedtls_psa_hash_update(&operation->ctx.mbedtls_ctx,
+                                           input, input_length);
+#endif
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+            return mbedtls_test_transparent_hash_update(
+                &operation->ctx.test_driver_ctx,
+                input, input_length);
+#endif
+        default:
+            (void) input;
+            (void) input_length;
+            return PSA_ERROR_BAD_STATE;
+    }
+}
+
+psa_status_t psa_driver_wrapper_hash_finish(
+    psa_hash_operation_t *operation,
+    uint8_t *hash,
+    size_t hash_size,
+    size_t *hash_length)
+{
+    switch (operation->id) {
+#if defined(MBEDTLS_PSA_BUILTIN_HASH)
+        case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+            return mbedtls_psa_hash_finish(&operation->ctx.mbedtls_ctx,
+                                           hash, hash_size, hash_length);
+#endif
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+            return mbedtls_test_transparent_hash_finish(
+                &operation->ctx.test_driver_ctx,
+                hash, hash_size, hash_length);
+#endif
+        default:
+            (void) hash;
+            (void) hash_size;
+            (void) hash_length;
+            return PSA_ERROR_BAD_STATE;
+    }
+}
+
+psa_status_t psa_driver_wrapper_hash_abort(
+    psa_hash_operation_t *operation)
+{
+    switch (operation->id) {
+#if defined(MBEDTLS_PSA_BUILTIN_HASH)
+        case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+            return mbedtls_psa_hash_abort(&operation->ctx.mbedtls_ctx);
+#endif
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+            return mbedtls_test_transparent_hash_abort(
+                &operation->ctx.test_driver_ctx);
+#endif
+        default:
+            return PSA_ERROR_BAD_STATE;
+    }
+}
+
+psa_status_t psa_driver_wrapper_aead_encrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *nonce, size_t nonce_length,
+    const uint8_t *additional_data, size_t additional_data_length,
+    const uint8_t *plaintext, size_t plaintext_length,
+    uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_location_t location =
+        PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
+
+    switch (location) {
+        case PSA_KEY_LOCATION_LOCAL_STORAGE:
+            /* Key is stored in the slot in export representation, so
+             * cycle through all known transparent accelerators */
+
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+            status = mbedtls_test_transparent_aead_encrypt(
+                attributes, key_buffer, key_buffer_size,
+                alg,
+                nonce, nonce_length,
+                additional_data, additional_data_length,
+                plaintext, plaintext_length,
+                ciphertext, ciphertext_size, ciphertext_length);
+            /* Declared with fallback == true */
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
+            /* Fell through, meaning no accelerator supports this operation */
+            return mbedtls_psa_aead_encrypt(
+                attributes, key_buffer, key_buffer_size,
+                alg,
+                nonce, nonce_length,
+                additional_data, additional_data_length,
+                plaintext, plaintext_length,
+                ciphertext, ciphertext_size, ciphertext_length);
+
+        /* Add cases for opaque driver here */
+
+        default:
+            /* Key is declared with a lifetime not known to us */
+            (void) status;
+            return PSA_ERROR_INVALID_ARGUMENT;
+    }
+}
+
+psa_status_t psa_driver_wrapper_aead_decrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *nonce, size_t nonce_length,
+    const uint8_t *additional_data, size_t additional_data_length,
+    const uint8_t *ciphertext, size_t ciphertext_length,
+    uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_location_t location =
+        PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
+
+    switch (location) {
+        case PSA_KEY_LOCATION_LOCAL_STORAGE:
+            /* Key is stored in the slot in export representation, so
+             * cycle through all known transparent accelerators */
+
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+            status = mbedtls_test_transparent_aead_decrypt(
+                attributes, key_buffer, key_buffer_size,
+                alg,
+                nonce, nonce_length,
+                additional_data, additional_data_length,
+                ciphertext, ciphertext_length,
+                plaintext, plaintext_size, plaintext_length);
+            /* Declared with fallback == true */
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
+            /* Fell through, meaning no accelerator supports this operation */
+            return mbedtls_psa_aead_decrypt(
+                attributes, key_buffer, key_buffer_size,
+                alg,
+                nonce, nonce_length,
+                additional_data, additional_data_length,
+                ciphertext, ciphertext_length,
+                plaintext, plaintext_size, plaintext_length);
+
+        /* Add cases for opaque driver here */
+
+        default:
+            /* Key is declared with a lifetime not known to us */
+            (void) status;
+            return PSA_ERROR_INVALID_ARGUMENT;
+    }
+}
+
+
+/*
+ * MAC functions
+ */
+psa_status_t psa_driver_wrapper_mac_compute(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *mac,
+    size_t mac_size,
+    size_t *mac_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_location_t location =
+        PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
+
+    switch (location) {
+        case PSA_KEY_LOCATION_LOCAL_STORAGE:
+            /* Key is stored in the slot in export representation, so
+             * cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+            status = mbedtls_test_transparent_mac_compute(
+                attributes, key_buffer, key_buffer_size, alg,
+                input, input_length,
+                mac, mac_size, mac_length);
+            /* Declared with fallback == true */
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+#if defined(MBEDTLS_PSA_BUILTIN_MAC)
+            /* Fell through, meaning no accelerator supports this operation */
+            status = mbedtls_psa_mac_compute(
+                attributes, key_buffer, key_buffer_size, alg,
+                input, input_length,
+                mac, mac_size, mac_length);
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+#endif /* MBEDTLS_PSA_BUILTIN_MAC */
+            return PSA_ERROR_NOT_SUPPORTED;
+
+            /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+            status = mbedtls_test_opaque_mac_compute(
+                attributes, key_buffer, key_buffer_size, alg,
+                input, input_length,
+                mac, mac_size, mac_length);
+            return status;
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+        default:
+            /* Key is declared with a lifetime not known to us */
+            (void) key_buffer;
+            (void) key_buffer_size;
+            (void) alg;
+            (void) input;
+            (void) input_length;
+            (void) mac;
+            (void) mac_size;
+            (void) mac_length;
+            (void) status;
+            return PSA_ERROR_INVALID_ARGUMENT;
+    }
+}
+
+psa_status_t psa_driver_wrapper_mac_sign_setup(
+    psa_mac_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_location_t location =
+        PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
+
+    switch (location) {
+        case PSA_KEY_LOCATION_LOCAL_STORAGE:
+            /* Key is stored in the slot in export representation, so
+             * cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+            status = mbedtls_test_transparent_mac_sign_setup(
+                &operation->ctx.transparent_test_driver_ctx,
+                attributes,
+                key_buffer, key_buffer_size,
+                alg);
+            /* Declared with fallback == true */
+            if (status == PSA_SUCCESS) {
+                operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
+            }
+
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+#if defined(MBEDTLS_PSA_BUILTIN_MAC)
+            /* Fell through, meaning no accelerator supports this operation */
+            status = mbedtls_psa_mac_sign_setup(&operation->ctx.mbedtls_ctx,
+                                                attributes,
+                                                key_buffer, key_buffer_size,
+                                                alg);
+            if (status == PSA_SUCCESS) {
+                operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
+            }
+
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+#endif /* MBEDTLS_PSA_BUILTIN_MAC */
+            return PSA_ERROR_NOT_SUPPORTED;
+
+            /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+            status = mbedtls_test_opaque_mac_sign_setup(
+                &operation->ctx.opaque_test_driver_ctx,
+                attributes,
+                key_buffer, key_buffer_size,
+                alg);
+
+            if (status == PSA_SUCCESS) {
+                operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
+            }
+
+            return status;
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+        default:
+            /* Key is declared with a lifetime not known to us */
+            (void) status;
+            (void) operation;
+            (void) key_buffer;
+            (void) key_buffer_size;
+            (void) alg;
+            return PSA_ERROR_INVALID_ARGUMENT;
+    }
+}
+
+psa_status_t psa_driver_wrapper_mac_verify_setup(
+    psa_mac_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_location_t location =
+        PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime);
+
+    switch (location) {
+        case PSA_KEY_LOCATION_LOCAL_STORAGE:
+            /* Key is stored in the slot in export representation, so
+             * cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+            status = mbedtls_test_transparent_mac_verify_setup(
+                &operation->ctx.transparent_test_driver_ctx,
+                attributes,
+                key_buffer, key_buffer_size,
+                alg);
+            /* Declared with fallback == true */
+            if (status == PSA_SUCCESS) {
+                operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
+            }
+
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+#if defined(MBEDTLS_PSA_BUILTIN_MAC)
+            /* Fell through, meaning no accelerator supports this operation */
+            status = mbedtls_psa_mac_verify_setup(&operation->ctx.mbedtls_ctx,
+                                                  attributes,
+                                                  key_buffer, key_buffer_size,
+                                                  alg);
+            if (status == PSA_SUCCESS) {
+                operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
+            }
+
+            if (status != PSA_ERROR_NOT_SUPPORTED) {
+                return status;
+            }
+#endif /* MBEDTLS_PSA_BUILTIN_MAC */
+            return PSA_ERROR_NOT_SUPPORTED;
+
+            /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TEST_DRIVER_LOCATION:
+            status = mbedtls_test_opaque_mac_verify_setup(
+                &operation->ctx.opaque_test_driver_ctx,
+                attributes,
+                key_buffer, key_buffer_size,
+                alg);
+
+            if (status == PSA_SUCCESS) {
+                operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID;
+            }
+
+            return status;
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+        default:
+            /* Key is declared with a lifetime not known to us */
+            (void) status;
+            (void) operation;
+            (void) key_buffer;
+            (void) key_buffer_size;
+            (void) alg;
+            return PSA_ERROR_INVALID_ARGUMENT;
+    }
+}
+
+psa_status_t psa_driver_wrapper_mac_update(
+    psa_mac_operation_t *operation,
+    const uint8_t *input,
+    size_t input_length)
+{
+    switch (operation->id) {
+#if defined(MBEDTLS_PSA_BUILTIN_MAC)
+        case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+            return mbedtls_psa_mac_update(&operation->ctx.mbedtls_ctx,
+                                          input, input_length);
+#endif /* MBEDTLS_PSA_BUILTIN_MAC */
+
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+            return mbedtls_test_transparent_mac_update(
+                &operation->ctx.transparent_test_driver_ctx,
+                input, input_length);
+
+        case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
+            return mbedtls_test_opaque_mac_update(
+                &operation->ctx.opaque_test_driver_ctx,
+                input, input_length);
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+        default:
+            (void) input;
+            (void) input_length;
+            return PSA_ERROR_INVALID_ARGUMENT;
+    }
+}
+
+psa_status_t psa_driver_wrapper_mac_sign_finish(
+    psa_mac_operation_t *operation,
+    uint8_t *mac,
+    size_t mac_size,
+    size_t *mac_length)
+{
+    switch (operation->id) {
+#if defined(MBEDTLS_PSA_BUILTIN_MAC)
+        case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+            return mbedtls_psa_mac_sign_finish(&operation->ctx.mbedtls_ctx,
+                                               mac, mac_size, mac_length);
+#endif /* MBEDTLS_PSA_BUILTIN_MAC */
+
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+            return mbedtls_test_transparent_mac_sign_finish(
+                &operation->ctx.transparent_test_driver_ctx,
+                mac, mac_size, mac_length);
+
+        case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
+            return mbedtls_test_opaque_mac_sign_finish(
+                &operation->ctx.opaque_test_driver_ctx,
+                mac, mac_size, mac_length);
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+        default:
+            (void) mac;
+            (void) mac_size;
+            (void) mac_length;
+            return PSA_ERROR_INVALID_ARGUMENT;
+    }
+}
+
+psa_status_t psa_driver_wrapper_mac_verify_finish(
+    psa_mac_operation_t *operation,
+    const uint8_t *mac,
+    size_t mac_length)
+{
+    switch (operation->id) {
+#if defined(MBEDTLS_PSA_BUILTIN_MAC)
+        case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+            return mbedtls_psa_mac_verify_finish(&operation->ctx.mbedtls_ctx,
+                                                 mac, mac_length);
+#endif /* MBEDTLS_PSA_BUILTIN_MAC */
+
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+            return mbedtls_test_transparent_mac_verify_finish(
+                &operation->ctx.transparent_test_driver_ctx,
+                mac, mac_length);
+
+        case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
+            return mbedtls_test_opaque_mac_verify_finish(
+                &operation->ctx.opaque_test_driver_ctx,
+                mac, mac_length);
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+        default:
+            (void) mac;
+            (void) mac_length;
+            return PSA_ERROR_INVALID_ARGUMENT;
+    }
+}
+
+psa_status_t psa_driver_wrapper_mac_abort(
+    psa_mac_operation_t *operation)
+{
+    switch (operation->id) {
+#if defined(MBEDTLS_PSA_BUILTIN_MAC)
+        case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
+            return mbedtls_psa_mac_abort(&operation->ctx.mbedtls_ctx);
+#endif /* MBEDTLS_PSA_BUILTIN_MAC */
+
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+        case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
+            return mbedtls_test_transparent_mac_abort(
+                &operation->ctx.transparent_test_driver_ctx);
+        case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID:
+            return mbedtls_test_opaque_mac_abort(
+                &operation->ctx.opaque_test_driver_ctx);
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+        default:
+            return PSA_ERROR_INVALID_ARGUMENT;
+    }
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_driver_wrappers.h b/3rdparty/mbedtls-2.28.7/library/psa_crypto_driver_wrappers.h
new file mode 100644
index 0000000..7e76977
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_driver_wrappers.h
@@ -0,0 +1,256 @@
+/*
+ *  Function signatures for functionality that can be provided by
+ *  cryptographic accelerators.
+ *  Warning: This file will be auto-generated in the future.
+ */
+/*  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_DRIVER_WRAPPERS_H
+#define PSA_CRYPTO_DRIVER_WRAPPERS_H
+
+#include "psa/crypto.h"
+#include "psa/crypto_driver_common.h"
+
+/*
+ * Initialization and termination functions
+ */
+psa_status_t psa_driver_wrapper_init(void);
+void psa_driver_wrapper_free(void);
+
+/*
+ * Signature functions
+ */
+psa_status_t psa_driver_wrapper_sign_message(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *signature,
+    size_t signature_size,
+    size_t *signature_length);
+
+psa_status_t psa_driver_wrapper_verify_message(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    const uint8_t *signature,
+    size_t signature_length);
+
+psa_status_t psa_driver_wrapper_sign_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+    uint8_t *signature, size_t signature_size, size_t *signature_length);
+
+psa_status_t psa_driver_wrapper_verify_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+    const uint8_t *signature, size_t signature_length);
+
+/*
+ * Key handling functions
+ */
+
+psa_status_t psa_driver_wrapper_import_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *data, size_t data_length,
+    uint8_t *key_buffer, size_t key_buffer_size,
+    size_t *key_buffer_length, size_t *bits);
+
+psa_status_t psa_driver_wrapper_export_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    uint8_t *data, size_t data_size, size_t *data_length);
+
+psa_status_t psa_driver_wrapper_export_public_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    uint8_t *data, size_t data_size, size_t *data_length);
+
+psa_status_t psa_driver_wrapper_get_key_buffer_size(
+    const psa_key_attributes_t *attributes,
+    size_t *key_buffer_size);
+
+psa_status_t psa_driver_wrapper_generate_key(
+    const psa_key_attributes_t *attributes,
+    uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length);
+
+psa_status_t psa_driver_wrapper_get_builtin_key(
+    psa_drv_slot_number_t slot_number,
+    psa_key_attributes_t *attributes,
+    uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length);
+
+/*
+ * Cipher functions
+ */
+psa_status_t psa_driver_wrapper_cipher_encrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *iv,
+    size_t iv_length,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *output,
+    size_t output_size,
+    size_t *output_length);
+
+psa_status_t psa_driver_wrapper_cipher_decrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *output,
+    size_t output_size,
+    size_t *output_length);
+
+psa_status_t psa_driver_wrapper_cipher_encrypt_setup(
+    psa_cipher_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg);
+
+psa_status_t psa_driver_wrapper_cipher_decrypt_setup(
+    psa_cipher_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg);
+
+psa_status_t psa_driver_wrapper_cipher_set_iv(
+    psa_cipher_operation_t *operation,
+    const uint8_t *iv,
+    size_t iv_length);
+
+psa_status_t psa_driver_wrapper_cipher_update(
+    psa_cipher_operation_t *operation,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *output,
+    size_t output_size,
+    size_t *output_length);
+
+psa_status_t psa_driver_wrapper_cipher_finish(
+    psa_cipher_operation_t *operation,
+    uint8_t *output,
+    size_t output_size,
+    size_t *output_length);
+
+psa_status_t psa_driver_wrapper_cipher_abort(
+    psa_cipher_operation_t *operation);
+
+/*
+ * Hashing functions
+ */
+psa_status_t psa_driver_wrapper_hash_compute(
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *hash,
+    size_t hash_size,
+    size_t *hash_length);
+
+psa_status_t psa_driver_wrapper_hash_setup(
+    psa_hash_operation_t *operation,
+    psa_algorithm_t alg);
+
+psa_status_t psa_driver_wrapper_hash_clone(
+    const psa_hash_operation_t *source_operation,
+    psa_hash_operation_t *target_operation);
+
+psa_status_t psa_driver_wrapper_hash_update(
+    psa_hash_operation_t *operation,
+    const uint8_t *input,
+    size_t input_length);
+
+psa_status_t psa_driver_wrapper_hash_finish(
+    psa_hash_operation_t *operation,
+    uint8_t *hash,
+    size_t hash_size,
+    size_t *hash_length);
+
+psa_status_t psa_driver_wrapper_hash_abort(
+    psa_hash_operation_t *operation);
+
+/*
+ * AEAD functions
+ */
+
+psa_status_t psa_driver_wrapper_aead_encrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *nonce, size_t nonce_length,
+    const uint8_t *additional_data, size_t additional_data_length,
+    const uint8_t *plaintext, size_t plaintext_length,
+    uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length);
+
+psa_status_t psa_driver_wrapper_aead_decrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *nonce, size_t nonce_length,
+    const uint8_t *additional_data, size_t additional_data_length,
+    const uint8_t *ciphertext, size_t ciphertext_length,
+    uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length);
+
+/*
+ * MAC functions
+ */
+psa_status_t psa_driver_wrapper_mac_compute(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *mac,
+    size_t mac_size,
+    size_t *mac_length);
+
+psa_status_t psa_driver_wrapper_mac_sign_setup(
+    psa_mac_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg);
+
+psa_status_t psa_driver_wrapper_mac_verify_setup(
+    psa_mac_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg);
+
+psa_status_t psa_driver_wrapper_mac_update(
+    psa_mac_operation_t *operation,
+    const uint8_t *input,
+    size_t input_length);
+
+psa_status_t psa_driver_wrapper_mac_sign_finish(
+    psa_mac_operation_t *operation,
+    uint8_t *mac,
+    size_t mac_size,
+    size_t *mac_length);
+
+psa_status_t psa_driver_wrapper_mac_verify_finish(
+    psa_mac_operation_t *operation,
+    const uint8_t *mac,
+    size_t mac_length);
+
+psa_status_t psa_driver_wrapper_mac_abort(
+    psa_mac_operation_t *operation);
+
+#endif /* PSA_CRYPTO_DRIVER_WRAPPERS_H */
+
+/* End of automatically generated file. */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_ecp.c b/3rdparty/mbedtls-2.28.7/library/psa_crypto_ecp.c
new file mode 100644
index 0000000..b00f558
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_ecp.c
@@ -0,0 +1,456 @@
+/*
+ *  PSA ECP layer on top of Mbed TLS crypto
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include <psa/crypto.h>
+#include "psa_crypto_core.h"
+#include "psa_crypto_ecp.h"
+#include "psa_crypto_random_impl.h"
+#include "psa_crypto_hash.h"
+
+#include <stdlib.h>
+#include <string.h>
+#include "mbedtls/platform.h"
+
+#include <mbedtls/ecdsa.h>
+#include <mbedtls/ecp.h>
+#include <mbedtls/error.h>
+
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH)
+psa_status_t mbedtls_psa_ecp_load_representation(
+    psa_key_type_t type, size_t curve_bits,
+    const uint8_t *data, size_t data_length,
+    mbedtls_ecp_keypair **p_ecp)
+{
+    mbedtls_ecp_group_id grp_id = MBEDTLS_ECP_DP_NONE;
+    psa_status_t status;
+    mbedtls_ecp_keypair *ecp = NULL;
+    size_t curve_bytes = data_length;
+    int explicit_bits = (curve_bits != 0);
+
+    if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type) &&
+        PSA_KEY_TYPE_ECC_GET_FAMILY(type) != PSA_ECC_FAMILY_MONTGOMERY) {
+        /* A Weierstrass public key is represented as:
+         * - The byte 0x04;
+         * - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
+         * - `y_P` as a `ceiling(m/8)`-byte string, big-endian.
+         * So its data length is 2m+1 where m is the curve size in bits.
+         */
+        if ((data_length & 1) == 0) {
+            return PSA_ERROR_INVALID_ARGUMENT;
+        }
+        curve_bytes = data_length / 2;
+
+        /* Montgomery public keys are represented in compressed format, meaning
+         * their curve_bytes is equal to the amount of input. */
+
+        /* Private keys are represented in uncompressed private random integer
+         * format, meaning their curve_bytes is equal to the amount of input. */
+    }
+
+    if (explicit_bits) {
+        /* With an explicit bit-size, the data must have the matching length. */
+        if (curve_bytes != PSA_BITS_TO_BYTES(curve_bits)) {
+            return PSA_ERROR_INVALID_ARGUMENT;
+        }
+    } else {
+        /* We need to infer the bit-size from the data. Since the only
+         * information we have is the length in bytes, the value of curve_bits
+         * at this stage is rounded up to the nearest multiple of 8. */
+        curve_bits = PSA_BYTES_TO_BITS(curve_bytes);
+    }
+
+    /* Allocate and initialize a key representation. */
+    ecp = mbedtls_calloc(1, sizeof(mbedtls_ecp_keypair));
+    if (ecp == NULL) {
+        return PSA_ERROR_INSUFFICIENT_MEMORY;
+    }
+    mbedtls_ecp_keypair_init(ecp);
+
+    /* Load the group. */
+    grp_id = mbedtls_ecc_group_of_psa(PSA_KEY_TYPE_ECC_GET_FAMILY(type),
+                                      curve_bits, !explicit_bits);
+    if (grp_id == MBEDTLS_ECP_DP_NONE) {
+        /* We can't distinguish between a nonsensical family/size combination
+         * (which would warrant PSA_ERROR_INVALID_ARGUMENT) and a
+         * well-regarded curve that Mbed TLS just doesn't know about (which
+         * would warrant PSA_ERROR_NOT_SUPPORTED). For uniformity with how
+         * curves that Mbed TLS knows about but for which support is disabled
+         * at build time, return NOT_SUPPORTED. */
+        status = PSA_ERROR_NOT_SUPPORTED;
+        goto exit;
+    }
+
+    status = mbedtls_to_psa_error(
+        mbedtls_ecp_group_load(&ecp->grp, grp_id));
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    /* Load the key material. */
+    if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type)) {
+        /* Load the public value. */
+        status = mbedtls_to_psa_error(
+            mbedtls_ecp_point_read_binary(&ecp->grp, &ecp->Q,
+                                          data,
+                                          data_length));
+        if (status != PSA_SUCCESS) {
+            goto exit;
+        }
+
+        /* Check that the point is on the curve. */
+        status = mbedtls_to_psa_error(
+            mbedtls_ecp_check_pubkey(&ecp->grp, &ecp->Q));
+        if (status != PSA_SUCCESS) {
+            goto exit;
+        }
+    } else {
+        /* Load and validate the secret value. */
+        status = mbedtls_to_psa_error(
+            mbedtls_ecp_read_key(ecp->grp.id,
+                                 ecp,
+                                 data,
+                                 data_length));
+        if (status != PSA_SUCCESS) {
+            goto exit;
+        }
+    }
+
+    *p_ecp = ecp;
+exit:
+    if (status != PSA_SUCCESS) {
+        mbedtls_ecp_keypair_free(ecp);
+        mbedtls_free(ecp);
+    }
+
+    return status;
+}
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
+        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ||
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) ||
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */
+
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
+
+psa_status_t mbedtls_psa_ecp_import_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *data, size_t data_length,
+    uint8_t *key_buffer, size_t key_buffer_size,
+    size_t *key_buffer_length, size_t *bits)
+{
+    psa_status_t status;
+    mbedtls_ecp_keypair *ecp = NULL;
+
+    /* Parse input */
+    status = mbedtls_psa_ecp_load_representation(attributes->core.type,
+                                                 attributes->core.bits,
+                                                 data,
+                                                 data_length,
+                                                 &ecp);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    if (PSA_KEY_TYPE_ECC_GET_FAMILY(attributes->core.type) ==
+        PSA_ECC_FAMILY_MONTGOMERY) {
+        *bits = ecp->grp.nbits + 1;
+    } else {
+        *bits = ecp->grp.nbits;
+    }
+
+    /* Re-export the data to PSA export format. There is currently no support
+     * for other input formats then the export format, so this is a 1-1
+     * copy operation. */
+    status = mbedtls_psa_ecp_export_key(attributes->core.type,
+                                        ecp,
+                                        key_buffer,
+                                        key_buffer_size,
+                                        key_buffer_length);
+exit:
+    /* Always free the PK object (will also free contained ECP context) */
+    mbedtls_ecp_keypair_free(ecp);
+    mbedtls_free(ecp);
+
+    return status;
+}
+
+psa_status_t mbedtls_psa_ecp_export_key(psa_key_type_t type,
+                                        mbedtls_ecp_keypair *ecp,
+                                        uint8_t *data,
+                                        size_t data_size,
+                                        size_t *data_length)
+{
+    psa_status_t status;
+
+    if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type)) {
+        /* Check whether the public part is loaded */
+        if (mbedtls_ecp_is_zero(&ecp->Q)) {
+            /* Calculate the public key */
+            status = mbedtls_to_psa_error(
+                mbedtls_ecp_mul(&ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G,
+                                mbedtls_psa_get_random,
+                                MBEDTLS_PSA_RANDOM_STATE));
+            if (status != PSA_SUCCESS) {
+                return status;
+            }
+        }
+
+        status = mbedtls_to_psa_error(
+            mbedtls_ecp_point_write_binary(&ecp->grp, &ecp->Q,
+                                           MBEDTLS_ECP_PF_UNCOMPRESSED,
+                                           data_length,
+                                           data,
+                                           data_size));
+        if (status != PSA_SUCCESS) {
+            memset(data, 0, data_size);
+        }
+
+        return status;
+    } else {
+        if (data_size < PSA_BITS_TO_BYTES(ecp->grp.nbits)) {
+            return PSA_ERROR_BUFFER_TOO_SMALL;
+        }
+
+        status = mbedtls_to_psa_error(
+            mbedtls_ecp_write_key(ecp,
+                                  data,
+                                  PSA_BITS_TO_BYTES(ecp->grp.nbits)));
+        if (status == PSA_SUCCESS) {
+            *data_length = PSA_BITS_TO_BYTES(ecp->grp.nbits);
+        } else {
+            memset(data, 0, data_size);
+        }
+
+        return status;
+    }
+}
+
+psa_status_t mbedtls_psa_ecp_export_public_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    uint8_t *data, size_t data_size, size_t *data_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ecp_keypair *ecp = NULL;
+
+    status = mbedtls_psa_ecp_load_representation(
+        attributes->core.type, attributes->core.bits,
+        key_buffer, key_buffer_size, &ecp);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    status = mbedtls_psa_ecp_export_key(
+        PSA_KEY_TYPE_ECC_PUBLIC_KEY(
+            PSA_KEY_TYPE_ECC_GET_FAMILY(attributes->core.type)),
+        ecp, data, data_size, data_length);
+
+    mbedtls_ecp_keypair_free(ecp);
+    mbedtls_free(ecp);
+
+    return status;
+}
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
+        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */
+
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
+psa_status_t mbedtls_psa_ecp_generate_key(
+    const psa_key_attributes_t *attributes,
+    uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY(
+        attributes->core.type);
+    mbedtls_ecp_group_id grp_id =
+        mbedtls_ecc_group_of_psa(curve, attributes->core.bits, 0);
+
+    const mbedtls_ecp_curve_info *curve_info =
+        mbedtls_ecp_curve_info_from_grp_id(grp_id);
+    mbedtls_ecp_keypair ecp;
+
+    if (attributes->domain_parameters_size != 0) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    if (grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    mbedtls_ecp_keypair_init(&ecp);
+    ret = mbedtls_ecp_gen_key(grp_id, &ecp,
+                              mbedtls_psa_get_random,
+                              MBEDTLS_PSA_RANDOM_STATE);
+    if (ret != 0) {
+        mbedtls_ecp_keypair_free(&ecp);
+        return mbedtls_to_psa_error(ret);
+    }
+
+    status = mbedtls_to_psa_error(
+        mbedtls_ecp_write_key(&ecp, key_buffer, key_buffer_size));
+
+    mbedtls_ecp_keypair_free(&ecp);
+
+    if (status == PSA_SUCCESS) {
+        *key_buffer_length = key_buffer_size;
+    }
+
+    return status;
+}
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */
+
+/****************************************************************/
+/* ECDSA sign/verify */
+/****************************************************************/
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
+psa_status_t mbedtls_psa_ecdsa_sign_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+    uint8_t *signature, size_t signature_size, size_t *signature_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ecp_keypair *ecp = NULL;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t curve_bytes;
+    mbedtls_mpi r, s;
+
+    status = mbedtls_psa_ecp_load_representation(attributes->core.type,
+                                                 attributes->core.bits,
+                                                 key_buffer,
+                                                 key_buffer_size,
+                                                 &ecp);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    curve_bytes = PSA_BITS_TO_BYTES(ecp->grp.pbits);
+    mbedtls_mpi_init(&r);
+    mbedtls_mpi_init(&s);
+
+    if (signature_size < 2 * curve_bytes) {
+        ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+        goto cleanup;
+    }
+
+    if (PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
+        psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH(alg);
+        const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa(hash_alg);
+        mbedtls_md_type_t md_alg = mbedtls_md_get_type(md_info);
+        MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign_det_ext(
+                            &ecp->grp, &r, &s,
+                            &ecp->d, hash,
+                            hash_length, md_alg,
+                            mbedtls_psa_get_random,
+                            MBEDTLS_PSA_RANDOM_STATE));
+#else
+        ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+        goto cleanup;
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
+    } else {
+        (void) alg;
+        MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign(&ecp->grp, &r, &s, &ecp->d,
+                                           hash, hash_length,
+                                           mbedtls_psa_get_random,
+                                           MBEDTLS_PSA_RANDOM_STATE));
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&r,
+                                             signature,
+                                             curve_bytes));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&s,
+                                             signature + curve_bytes,
+                                             curve_bytes));
+cleanup:
+    mbedtls_mpi_free(&r);
+    mbedtls_mpi_free(&s);
+    if (ret == 0) {
+        *signature_length = 2 * curve_bytes;
+    }
+
+    mbedtls_ecp_keypair_free(ecp);
+    mbedtls_free(ecp);
+
+    return mbedtls_to_psa_error(ret);
+}
+
+psa_status_t mbedtls_psa_ecdsa_verify_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+    const uint8_t *signature, size_t signature_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ecp_keypair *ecp = NULL;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t curve_bytes;
+    mbedtls_mpi r, s;
+
+    (void) alg;
+
+    status = mbedtls_psa_ecp_load_representation(attributes->core.type,
+                                                 attributes->core.bits,
+                                                 key_buffer,
+                                                 key_buffer_size,
+                                                 &ecp);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    curve_bytes = PSA_BITS_TO_BYTES(ecp->grp.pbits);
+    mbedtls_mpi_init(&r);
+    mbedtls_mpi_init(&s);
+
+    if (signature_length != 2 * curve_bytes) {
+        ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
+        goto cleanup;
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&r,
+                                            signature,
+                                            curve_bytes));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&s,
+                                            signature + curve_bytes,
+                                            curve_bytes));
+
+    /* Check whether the public part is loaded. If not, load it. */
+    if (mbedtls_ecp_is_zero(&ecp->Q)) {
+        MBEDTLS_MPI_CHK(
+            mbedtls_ecp_mul(&ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G,
+                            mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE));
+    }
+
+    ret = mbedtls_ecdsa_verify(&ecp->grp, hash, hash_length,
+                               &ecp->Q, &r, &s);
+
+cleanup:
+    mbedtls_mpi_free(&r);
+    mbedtls_mpi_free(&s);
+    mbedtls_ecp_keypair_free(ecp);
+    mbedtls_free(ecp);
+
+    return mbedtls_to_psa_error(ret);
+}
+
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_ecp.h b/3rdparty/mbedtls-2.28.7/library/psa_crypto_ecp.h
new file mode 100644
index 0000000..44c4a58
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_ecp.h
@@ -0,0 +1,210 @@
+/*
+ *  PSA ECP layer on top of Mbed TLS crypto
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_ECP_H
+#define PSA_CRYPTO_ECP_H
+
+#include <psa/crypto.h>
+#include <mbedtls/ecp.h>
+
+/** Load the contents of a key buffer into an internal ECP representation
+ *
+ * \param[in] type          The type of key contained in \p data.
+ * \param[in] curve_bits    The nominal bit-size of the curve.
+ *                          It must be consistent with the representation
+ *                          passed in \p data.
+ *                          This can be 0, in which case the bit-size
+ *                          is inferred from \p data_length (which is possible
+ *                          for all key types and representation formats
+ *                          formats that are currently supported or will
+ *                          be in the foreseeable future).
+ * \param[in] data          The buffer from which to load the representation.
+ * \param[in] data_length   The size in bytes of \p data.
+ * \param[out] p_ecp        Returns a pointer to an ECP context on success.
+ *                          The caller is responsible for freeing both the
+ *                          contents of the context and the context itself
+ *                          when done.
+ */
+psa_status_t mbedtls_psa_ecp_load_representation(psa_key_type_t type,
+                                                 size_t curve_bits,
+                                                 const uint8_t *data,
+                                                 size_t data_length,
+                                                 mbedtls_ecp_keypair **p_ecp);
+
+/** Import an ECP key in binary format.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       import_key entry point. This function behaves as an import_key
+ *       entry point as defined in the PSA driver interface specification for
+ *       transparent drivers.
+ *
+ * \param[in]  attributes       The attributes for the key to import.
+ * \param[in]  data             The buffer containing the key data in import
+ *                              format.
+ * \param[in]  data_length      Size of the \p data buffer in bytes.
+ * \param[out] key_buffer       The buffer containing the key data in output
+ *                              format.
+ * \param[in]  key_buffer_size  Size of the \p key_buffer buffer in bytes. This
+ *                              size is greater or equal to \p data_length.
+ * \param[out] key_buffer_length  The length of the data written in \p
+ *                                key_buffer in bytes.
+ * \param[out] bits             The key size in number of bits.
+ *
+ * \retval #PSA_SUCCESS  The ECP key was imported successfully.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         The key data is not correctly formatted.
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ */
+psa_status_t mbedtls_psa_ecp_import_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *data, size_t data_length,
+    uint8_t *key_buffer, size_t key_buffer_size,
+    size_t *key_buffer_length, size_t *bits);
+
+/** Export an ECP key to export representation
+ *
+ * \param[in] type          The type of key (public/private) to export
+ * \param[in] ecp           The internal ECP representation from which to export
+ * \param[out] data         The buffer to export to
+ * \param[in] data_size     The length of the buffer to export to
+ * \param[out] data_length  The amount of bytes written to \p data
+ */
+psa_status_t mbedtls_psa_ecp_export_key(psa_key_type_t type,
+                                        mbedtls_ecp_keypair *ecp,
+                                        uint8_t *data,
+                                        size_t data_size,
+                                        size_t *data_length);
+
+/** Export an ECP public key or the public part of an ECP key pair in binary
+ *  format.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       export_public_key entry point. This function behaves as an
+ *       export_public_key entry point as defined in the PSA driver interface
+ *       specification.
+ *
+ * \param[in]  attributes       The attributes for the key to export.
+ * \param[in]  key_buffer       Material or context of the key to export.
+ * \param[in]  key_buffer_size  Size of the \p key_buffer buffer in bytes.
+ * \param[out] data             Buffer where the key data is to be written.
+ * \param[in]  data_size        Size of the \p data buffer in bytes.
+ * \param[out] data_length      On success, the number of bytes written in
+ *                              \p data
+ *
+ * \retval #PSA_SUCCESS  The ECP public key was exported successfully.
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ */
+psa_status_t mbedtls_psa_ecp_export_public_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    uint8_t *data, size_t data_size, size_t *data_length);
+
+/**
+ * \brief Generate an ECP key.
+ *
+ * \note The signature of the function is that of a PSA driver generate_key
+ *       entry point.
+ *
+ * \param[in]  attributes         The attributes for the ECP key to generate.
+ * \param[out] key_buffer         Buffer where the key data is to be written.
+ * \param[in]  key_buffer_size    Size of \p key_buffer in bytes.
+ * \param[out] key_buffer_length  On success, the number of bytes written in
+ *                                \p key_buffer.
+ *
+ * \retval #PSA_SUCCESS
+ *         The key was successfully generated.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ *         Key length or type not supported.
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of \p key_buffer is too small.
+ */
+psa_status_t mbedtls_psa_ecp_generate_key(
+    const psa_key_attributes_t *attributes,
+    uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length);
+
+/** Sign an already-calculated hash with ECDSA.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       sign_hash entry point. This function behaves as a sign_hash
+ *       entry point as defined in the PSA driver interface specification for
+ *       transparent drivers.
+ *
+ * \param[in]  attributes       The attributes of the ECC key to use for the
+ *                              operation.
+ * \param[in]  key_buffer       The buffer containing the ECC key context.
+ *                              format.
+ * \param[in]  key_buffer_size  Size of the \p key_buffer buffer in bytes.
+ * \param[in]  alg              Randomized or deterministic ECDSA algorithm.
+ * \param[in]  hash             The hash or message to sign.
+ * \param[in]  hash_length      Size of the \p hash buffer in bytes.
+ * \param[out] signature        Buffer where the signature is to be written.
+ * \param[in]  signature_size   Size of the \p signature buffer in bytes.
+ * \param[out] signature_length On success, the number of bytes
+ *                              that make up the returned signature value.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \p signature buffer is too small. You can
+ *         determine a sufficient buffer size by calling
+ *         #PSA_SIGN_OUTPUT_SIZE(\c PSA_KEY_TYPE_ECC_KEY_PAIR, \c key_bits,
+ *         \p alg) where \c key_bits is the bit-size of the ECC key.
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription
+ */
+psa_status_t mbedtls_psa_ecdsa_sign_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+    uint8_t *signature, size_t signature_size, size_t *signature_length);
+
+/**
+ * \brief Verify an ECDSA hash or short message signature.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       verify_hash entry point. This function behaves as a verify_hash
+ *       entry point as defined in the PSA driver interface specification for
+ *       transparent drivers.
+ *
+ * \param[in]  attributes       The attributes of the ECC key to use for the
+ *                              operation.
+ * \param[in]  key_buffer       The buffer containing the ECC key context.
+ *                              format.
+ * \param[in]  key_buffer_size  Size of the \p key_buffer buffer in bytes.
+ * \param[in]  alg              Randomized or deterministic ECDSA algorithm.
+ * \param[in]  hash             The hash or message whose signature is to be
+ *                              verified.
+ * \param[in]  hash_length      Size of the \p hash buffer in bytes.
+ * \param[in]  signature        Buffer containing the signature to verify.
+ * \param[in]  signature_length Size of the \p signature buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ *         The signature is valid.
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
+ *         The calculation was performed successfully, but the passed
+ *         signature is not a valid signature.
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ */
+psa_status_t mbedtls_psa_ecdsa_verify_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+    const uint8_t *signature, size_t signature_length);
+
+#endif /* PSA_CRYPTO_ECP_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_hash.c b/3rdparty/mbedtls-2.28.7/library/psa_crypto_hash.c
new file mode 100644
index 0000000..484c81b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_hash.c
@@ -0,0 +1,476 @@
+/*
+ *  PSA hashing layer on top of Mbed TLS software crypto
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include <psa/crypto.h>
+#include "psa_crypto_core.h"
+#include "psa_crypto_hash.h"
+
+#include <mbedtls/error.h>
+#include <string.h>
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
+const mbedtls_md_info_t *mbedtls_md_info_from_psa(psa_algorithm_t alg)
+{
+    switch (alg) {
+#if defined(MBEDTLS_MD2_C)
+        case PSA_ALG_MD2:
+            return &mbedtls_md2_info;
+#endif
+#if defined(MBEDTLS_MD4_C)
+        case PSA_ALG_MD4:
+            return &mbedtls_md4_info;
+#endif
+#if defined(MBEDTLS_MD5_C)
+        case PSA_ALG_MD5:
+            return &mbedtls_md5_info;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+        case PSA_ALG_RIPEMD160:
+            return &mbedtls_ripemd160_info;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case PSA_ALG_SHA_1:
+            return &mbedtls_sha1_info;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case PSA_ALG_SHA_224:
+            return &mbedtls_sha224_info;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case PSA_ALG_SHA_256:
+            return &mbedtls_sha256_info;
+#endif
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+        case PSA_ALG_SHA_384:
+            return &mbedtls_sha384_info;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+        case PSA_ALG_SHA_512:
+            return &mbedtls_sha512_info;
+#endif
+        default:
+            return NULL;
+    }
+}
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ||
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
+
+#if defined(MBEDTLS_PSA_BUILTIN_HASH)
+psa_status_t mbedtls_psa_hash_abort(
+    mbedtls_psa_hash_operation_t *operation)
+{
+    switch (operation->alg) {
+        case 0:
+            /* The object has (apparently) been initialized but it is not
+             * in use. It's ok to call abort on such an object, and there's
+             * nothing to do. */
+            break;
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
+        case PSA_ALG_MD2:
+            mbedtls_md2_free(&operation->ctx.md2);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
+        case PSA_ALG_MD4:
+            mbedtls_md4_free(&operation->ctx.md4);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
+        case PSA_ALG_MD5:
+            mbedtls_md5_free(&operation->ctx.md5);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
+        case PSA_ALG_RIPEMD160:
+            mbedtls_ripemd160_free(&operation->ctx.ripemd160);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
+        case PSA_ALG_SHA_1:
+            mbedtls_sha1_free(&operation->ctx.sha1);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
+        case PSA_ALG_SHA_224:
+            mbedtls_sha256_free(&operation->ctx.sha256);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
+        case PSA_ALG_SHA_256:
+            mbedtls_sha256_free(&operation->ctx.sha256);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
+        case PSA_ALG_SHA_384:
+            mbedtls_sha512_free(&operation->ctx.sha512);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
+        case PSA_ALG_SHA_512:
+            mbedtls_sha512_free(&operation->ctx.sha512);
+            break;
+#endif
+        default:
+            return PSA_ERROR_BAD_STATE;
+    }
+    operation->alg = 0;
+    return PSA_SUCCESS;
+}
+
+psa_status_t mbedtls_psa_hash_setup(
+    mbedtls_psa_hash_operation_t *operation,
+    psa_algorithm_t alg)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    /* A context must be freshly initialized before it can be set up. */
+    if (operation->alg != 0) {
+        return PSA_ERROR_BAD_STATE;
+    }
+
+    switch (alg) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
+        case PSA_ALG_MD2:
+            mbedtls_md2_init(&operation->ctx.md2);
+            ret = mbedtls_md2_starts_ret(&operation->ctx.md2);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
+        case PSA_ALG_MD4:
+            mbedtls_md4_init(&operation->ctx.md4);
+            ret = mbedtls_md4_starts_ret(&operation->ctx.md4);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
+        case PSA_ALG_MD5:
+            mbedtls_md5_init(&operation->ctx.md5);
+            ret = mbedtls_md5_starts_ret(&operation->ctx.md5);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
+        case PSA_ALG_RIPEMD160:
+            mbedtls_ripemd160_init(&operation->ctx.ripemd160);
+            ret = mbedtls_ripemd160_starts_ret(&operation->ctx.ripemd160);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
+        case PSA_ALG_SHA_1:
+            mbedtls_sha1_init(&operation->ctx.sha1);
+            ret = mbedtls_sha1_starts_ret(&operation->ctx.sha1);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
+        case PSA_ALG_SHA_224:
+            mbedtls_sha256_init(&operation->ctx.sha256);
+            ret = mbedtls_sha256_starts_ret(&operation->ctx.sha256, 1);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
+        case PSA_ALG_SHA_256:
+            mbedtls_sha256_init(&operation->ctx.sha256);
+            ret = mbedtls_sha256_starts_ret(&operation->ctx.sha256, 0);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
+        case PSA_ALG_SHA_384:
+            mbedtls_sha512_init(&operation->ctx.sha512);
+            ret = mbedtls_sha512_starts_ret(&operation->ctx.sha512, 1);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
+        case PSA_ALG_SHA_512:
+            mbedtls_sha512_init(&operation->ctx.sha512);
+            ret = mbedtls_sha512_starts_ret(&operation->ctx.sha512, 0);
+            break;
+#endif
+        default:
+            return PSA_ALG_IS_HASH(alg) ?
+                   PSA_ERROR_NOT_SUPPORTED :
+                   PSA_ERROR_INVALID_ARGUMENT;
+    }
+    if (ret == 0) {
+        operation->alg = alg;
+    } else {
+        mbedtls_psa_hash_abort(operation);
+    }
+    return mbedtls_to_psa_error(ret);
+}
+
+psa_status_t mbedtls_psa_hash_clone(
+    const mbedtls_psa_hash_operation_t *source_operation,
+    mbedtls_psa_hash_operation_t *target_operation)
+{
+    switch (source_operation->alg) {
+        case 0:
+            return PSA_ERROR_BAD_STATE;
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
+        case PSA_ALG_MD2:
+            mbedtls_md2_clone(&target_operation->ctx.md2,
+                              &source_operation->ctx.md2);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
+        case PSA_ALG_MD4:
+            mbedtls_md4_clone(&target_operation->ctx.md4,
+                              &source_operation->ctx.md4);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
+        case PSA_ALG_MD5:
+            mbedtls_md5_clone(&target_operation->ctx.md5,
+                              &source_operation->ctx.md5);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
+        case PSA_ALG_RIPEMD160:
+            mbedtls_ripemd160_clone(&target_operation->ctx.ripemd160,
+                                    &source_operation->ctx.ripemd160);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
+        case PSA_ALG_SHA_1:
+            mbedtls_sha1_clone(&target_operation->ctx.sha1,
+                               &source_operation->ctx.sha1);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
+        case PSA_ALG_SHA_224:
+            mbedtls_sha256_clone(&target_operation->ctx.sha256,
+                                 &source_operation->ctx.sha256);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
+        case PSA_ALG_SHA_256:
+            mbedtls_sha256_clone(&target_operation->ctx.sha256,
+                                 &source_operation->ctx.sha256);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
+        case PSA_ALG_SHA_384:
+            mbedtls_sha512_clone(&target_operation->ctx.sha512,
+                                 &source_operation->ctx.sha512);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
+        case PSA_ALG_SHA_512:
+            mbedtls_sha512_clone(&target_operation->ctx.sha512,
+                                 &source_operation->ctx.sha512);
+            break;
+#endif
+        default:
+            (void) source_operation;
+            (void) target_operation;
+            return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    target_operation->alg = source_operation->alg;
+    return PSA_SUCCESS;
+}
+
+psa_status_t mbedtls_psa_hash_update(
+    mbedtls_psa_hash_operation_t *operation,
+    const uint8_t *input,
+    size_t input_length)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    switch (operation->alg) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
+        case PSA_ALG_MD2:
+            ret = mbedtls_md2_update_ret(&operation->ctx.md2,
+                                         input, input_length);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
+        case PSA_ALG_MD4:
+            ret = mbedtls_md4_update_ret(&operation->ctx.md4,
+                                         input, input_length);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
+        case PSA_ALG_MD5:
+            ret = mbedtls_md5_update_ret(&operation->ctx.md5,
+                                         input, input_length);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
+        case PSA_ALG_RIPEMD160:
+            ret = mbedtls_ripemd160_update_ret(&operation->ctx.ripemd160,
+                                               input, input_length);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
+        case PSA_ALG_SHA_1:
+            ret = mbedtls_sha1_update_ret(&operation->ctx.sha1,
+                                          input, input_length);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
+        case PSA_ALG_SHA_224:
+            ret = mbedtls_sha256_update_ret(&operation->ctx.sha256,
+                                            input, input_length);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
+        case PSA_ALG_SHA_256:
+            ret = mbedtls_sha256_update_ret(&operation->ctx.sha256,
+                                            input, input_length);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
+        case PSA_ALG_SHA_384:
+            ret = mbedtls_sha512_update_ret(&operation->ctx.sha512,
+                                            input, input_length);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
+        case PSA_ALG_SHA_512:
+            ret = mbedtls_sha512_update_ret(&operation->ctx.sha512,
+                                            input, input_length);
+            break;
+#endif
+        default:
+            (void) input;
+            (void) input_length;
+            return PSA_ERROR_BAD_STATE;
+    }
+
+    return mbedtls_to_psa_error(ret);
+}
+
+psa_status_t mbedtls_psa_hash_finish(
+    mbedtls_psa_hash_operation_t *operation,
+    uint8_t *hash,
+    size_t hash_size,
+    size_t *hash_length)
+{
+    psa_status_t status;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t actual_hash_length = PSA_HASH_LENGTH(operation->alg);
+
+    /* Fill the output buffer with something that isn't a valid hash
+     * (barring an attack on the hash and deliberately-crafted input),
+     * in case the caller doesn't check the return status properly. */
+    *hash_length = hash_size;
+    /* If hash_size is 0 then hash may be NULL and then the
+     * call to memset would have undefined behavior. */
+    if (hash_size != 0) {
+        memset(hash, '!', hash_size);
+    }
+
+    if (hash_size < actual_hash_length) {
+        status = PSA_ERROR_BUFFER_TOO_SMALL;
+        goto exit;
+    }
+
+    switch (operation->alg) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
+        case PSA_ALG_MD2:
+            ret = mbedtls_md2_finish_ret(&operation->ctx.md2, hash);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
+        case PSA_ALG_MD4:
+            ret = mbedtls_md4_finish_ret(&operation->ctx.md4, hash);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
+        case PSA_ALG_MD5:
+            ret = mbedtls_md5_finish_ret(&operation->ctx.md5, hash);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
+        case PSA_ALG_RIPEMD160:
+            ret = mbedtls_ripemd160_finish_ret(&operation->ctx.ripemd160, hash);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
+        case PSA_ALG_SHA_1:
+            ret = mbedtls_sha1_finish_ret(&operation->ctx.sha1, hash);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
+        case PSA_ALG_SHA_224:
+            ret = mbedtls_sha256_finish_ret(&operation->ctx.sha256, hash);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
+        case PSA_ALG_SHA_256:
+            ret = mbedtls_sha256_finish_ret(&operation->ctx.sha256, hash);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
+        case PSA_ALG_SHA_384:
+            ret = mbedtls_sha512_finish_ret(&operation->ctx.sha512, hash);
+            break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
+        case PSA_ALG_SHA_512:
+            ret = mbedtls_sha512_finish_ret(&operation->ctx.sha512, hash);
+            break;
+#endif
+        default:
+            (void) hash;
+            return PSA_ERROR_BAD_STATE;
+    }
+    status = mbedtls_to_psa_error(ret);
+
+exit:
+    if (status == PSA_SUCCESS) {
+        *hash_length = actual_hash_length;
+    }
+    return status;
+}
+
+psa_status_t mbedtls_psa_hash_compute(
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *hash,
+    size_t hash_size,
+    size_t *hash_length)
+{
+    mbedtls_psa_hash_operation_t operation = MBEDTLS_PSA_HASH_OPERATION_INIT;
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED;
+
+    *hash_length = hash_size;
+    status = mbedtls_psa_hash_setup(&operation, alg);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+    status = mbedtls_psa_hash_update(&operation, input, input_length);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+    status = mbedtls_psa_hash_finish(&operation, hash, hash_size, hash_length);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+exit:
+    abort_status = mbedtls_psa_hash_abort(&operation);
+    if (status == PSA_SUCCESS) {
+        return abort_status;
+    } else {
+        return status;
+    }
+
+}
+#endif /* MBEDTLS_PSA_BUILTIN_HASH */
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_hash.h b/3rdparty/mbedtls-2.28.7/library/psa_crypto_hash.h
new file mode 100644
index 0000000..5c196b2
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_hash.h
@@ -0,0 +1,222 @@
+/*
+ *  PSA hashing layer on top of Mbed TLS software crypto
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_HASH_H
+#define PSA_CRYPTO_HASH_H
+
+#include <psa/crypto.h>
+
+#include <mbedtls/md_internal.h>
+
+/** Get Mbed TLS MD information of a hash algorithm given its PSA identifier
+ *
+ * \param[in] alg  PSA hash algorithm identifier
+ *
+ * \return  The Mbed TLS MD information of the hash algorithm. \c NULL if the
+ *          PSA hash algorithm is not supported.
+ */
+const mbedtls_md_info_t *mbedtls_md_info_from_psa(psa_algorithm_t alg);
+
+/** Calculate the hash (digest) of a message using Mbed TLS routines.
+ *
+ * \note The signature of this function is that of a PSA driver hash_compute
+ *       entry point. This function behaves as a hash_compute entry point as
+ *       defined in the PSA driver interface specification for transparent
+ *       drivers.
+ *
+ * \param alg               The hash algorithm to compute (\c PSA_ALG_XXX value
+ *                          such that #PSA_ALG_IS_HASH(\p alg) is true).
+ * \param[in] input         Buffer containing the message to hash.
+ * \param input_length      Size of the \p input buffer in bytes.
+ * \param[out] hash         Buffer where the hash is to be written.
+ * \param hash_size         Size of the \p hash buffer in bytes.
+ * \param[out] hash_length  On success, the number of bytes
+ *                          that make up the hash value. This is always
+ *                          #PSA_HASH_LENGTH(\p alg).
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ *         \p alg is not supported
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         \p hash_size is too small
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ */
+psa_status_t mbedtls_psa_hash_compute(
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *hash,
+    size_t hash_size,
+    size_t *hash_length);
+
+/** Set up a multipart hash operation using Mbed TLS routines.
+ *
+ * \note The signature of this function is that of a PSA driver hash_setup
+ *       entry point. This function behaves as a hash_setup entry point as
+ *       defined in the PSA driver interface specification for transparent
+ *       drivers.
+ *
+ * If an error occurs at any step after a call to mbedtls_psa_hash_setup(), the
+ * operation will need to be reset by a call to mbedtls_psa_hash_abort(). The
+ * core may call mbedtls_psa_hash_abort() at any time after the operation
+ * has been initialized.
+ *
+ * After a successful call to mbedtls_psa_hash_setup(), the core must
+ * eventually terminate the operation. The following events terminate an
+ * operation:
+ * - A successful call to mbedtls_psa_hash_finish() or mbedtls_psa_hash_verify().
+ * - A call to mbedtls_psa_hash_abort().
+ *
+ * \param[in,out] operation The operation object to set up. It must have
+ *                          been initialized to all-zero and not yet be in use.
+ * \param alg               The hash algorithm to compute (\c PSA_ALG_XXX value
+ *                          such that #PSA_ALG_IS_HASH(\p alg) is true).
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ *         \p alg is not supported
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (it must be inactive).
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ */
+psa_status_t mbedtls_psa_hash_setup(
+    mbedtls_psa_hash_operation_t *operation,
+    psa_algorithm_t alg);
+
+/** Clone an Mbed TLS hash operation.
+ *
+ * \note The signature of this function is that of a PSA driver hash_clone
+ *       entry point. This function behaves as a hash_clone entry point as
+ *       defined in the PSA driver interface specification for transparent
+ *       drivers.
+ *
+ * This function copies the state of an ongoing hash operation to
+ * a new operation object. In other words, this function is equivalent
+ * to calling mbedtls_psa_hash_setup() on \p target_operation with the same
+ * algorithm that \p source_operation was set up for, then
+ * mbedtls_psa_hash_update() on \p target_operation with the same input that
+ * that was passed to \p source_operation. After this function returns, the
+ * two objects are independent, i.e. subsequent calls involving one of
+ * the objects do not affect the other object.
+ *
+ * \param[in] source_operation      The active hash operation to clone.
+ * \param[in,out] target_operation  The operation object to set up.
+ *                                  It must be initialized but not active.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The \p source_operation state is not valid (it must be active).
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The \p target_operation state is not valid (it must be inactive).
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ */
+psa_status_t mbedtls_psa_hash_clone(
+    const mbedtls_psa_hash_operation_t *source_operation,
+    mbedtls_psa_hash_operation_t *target_operation);
+
+/** Add a message fragment to a multipart Mbed TLS hash operation.
+ *
+ * \note The signature of this function is that of a PSA driver hash_update
+ *       entry point. This function behaves as a hash_update entry point as
+ *       defined in the PSA driver interface specification for transparent
+ *       drivers.
+ *
+ * The application must call mbedtls_psa_hash_setup() before calling this function.
+ *
+ * If this function returns an error status, the operation enters an error
+ * state and must be aborted by calling mbedtls_psa_hash_abort().
+ *
+ * \param[in,out] operation Active hash operation.
+ * \param[in] input         Buffer containing the message fragment to hash.
+ * \param input_length      Size of the \p input buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (it must be active).
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ */
+psa_status_t mbedtls_psa_hash_update(
+    mbedtls_psa_hash_operation_t *operation,
+    const uint8_t *input,
+    size_t input_length);
+
+/** Finish the calculation of the Mbed TLS-calculated hash of a message.
+ *
+ * \note The signature of this function is that of a PSA driver hash_finish
+ *       entry point. This function behaves as a hash_finish entry point as
+ *       defined in the PSA driver interface specification for transparent
+ *       drivers.
+ *
+ * The application must call mbedtls_psa_hash_setup() before calling this function.
+ * This function calculates the hash of the message formed by concatenating
+ * the inputs passed to preceding calls to mbedtls_psa_hash_update().
+ *
+ * When this function returns successfully, the operation becomes inactive.
+ * If this function returns an error status, the operation enters an error
+ * state and must be aborted by calling mbedtls_psa_hash_abort().
+ *
+ * \param[in,out] operation     Active hash operation.
+ * \param[out] hash             Buffer where the hash is to be written.
+ * \param hash_size             Size of the \p hash buffer in bytes.
+ * \param[out] hash_length      On success, the number of bytes
+ *                              that make up the hash value. This is always
+ *                              #PSA_HASH_LENGTH(\c alg) where \c alg is the
+ *                              hash algorithm that is calculated.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (it must be active).
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \p hash buffer is too small. You can determine a
+ *         sufficient buffer size by calling #PSA_HASH_LENGTH(\c alg)
+ *         where \c alg is the hash algorithm that is calculated.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ */
+psa_status_t mbedtls_psa_hash_finish(
+    mbedtls_psa_hash_operation_t *operation,
+    uint8_t *hash,
+    size_t hash_size,
+    size_t *hash_length);
+
+/** Abort an Mbed TLS hash operation.
+ *
+ * \note The signature of this function is that of a PSA driver hash_abort
+ *       entry point. This function behaves as a hash_abort entry point as
+ *       defined in the PSA driver interface specification for transparent
+ *       drivers.
+ *
+ * Aborting an operation frees all associated resources except for the
+ * \p operation structure itself. Once aborted, the operation object
+ * can be reused for another operation by calling
+ * mbedtls_psa_hash_setup() again.
+ *
+ * You may call this function any time after the operation object has
+ * been initialized by one of the methods described in #psa_hash_operation_t.
+ *
+ * In particular, calling mbedtls_psa_hash_abort() after the operation has been
+ * terminated by a call to mbedtls_psa_hash_abort(), mbedtls_psa_hash_finish() or
+ * mbedtls_psa_hash_verify() is safe and has no effect.
+ *
+ * \param[in,out] operation     Initialized hash operation.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ */
+psa_status_t mbedtls_psa_hash_abort(
+    mbedtls_psa_hash_operation_t *operation);
+
+#endif /* PSA_CRYPTO_HASH_H */
diff --git a/3rdparty/mbedtls-2.25.0/library/psa_crypto_invasive.h b/3rdparty/mbedtls-2.28.7/library/psa_crypto_invasive.h
similarity index 75%
rename from 3rdparty/mbedtls-2.25.0/library/psa_crypto_invasive.h
rename to 3rdparty/mbedtls-2.28.7/library/psa_crypto_invasive.h
index 2b4ee1f..c70d896 100644
--- a/3rdparty/mbedtls-2.25.0/library/psa_crypto_invasive.h
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_invasive.h
@@ -10,19 +10,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #ifndef PSA_CRYPTO_INVASIVE_H
@@ -35,9 +23,11 @@
 #endif
 
 #include "psa/crypto.h"
+#include "common.h"
 
 #include "mbedtls/entropy.h"
 
+#if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
 /** \brief Configure entropy sources.
  *
  * This function may only be called before a call to psa_crypto_init(),
@@ -71,7 +61,14 @@
  *         The library has already been initialized.
  */
 psa_status_t mbedtls_psa_crypto_configure_entropy_sources(
-    void (* entropy_init )( mbedtls_entropy_context *ctx ),
-    void (* entropy_free )( mbedtls_entropy_context *ctx ) );
+    void (* entropy_init)(mbedtls_entropy_context *ctx),
+    void (* entropy_free)(mbedtls_entropy_context *ctx));
+#endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
+
+#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_PSA_CRYPTO_C)
+psa_status_t psa_mac_key_can_do(
+    psa_algorithm_t algorithm,
+    psa_key_type_t key_type);
+#endif /* MBEDTLS_TEST_HOOKS && MBEDTLS_PSA_CRYPTO_C */
 
 #endif /* PSA_CRYPTO_INVASIVE_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_its.h b/3rdparty/mbedtls-2.28.7/library/psa_crypto_its.h
new file mode 100644
index 0000000..877063b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_its.h
@@ -0,0 +1,131 @@
+/** \file psa_crypto_its.h
+ * \brief Interface of trusted storage that crypto is built on.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_ITS_H
+#define PSA_CRYPTO_ITS_H
+
+#include <stddef.h>
+#include <stdint.h>
+
+#include <psa/crypto_types.h>
+#include <psa/crypto_values.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/** \brief Flags used when creating a data entry
+ */
+typedef uint32_t psa_storage_create_flags_t;
+
+/** \brief A type for UIDs used for identifying data
+ */
+typedef uint64_t psa_storage_uid_t;
+
+#define PSA_STORAGE_FLAG_NONE        0         /**< No flags to pass */
+#define PSA_STORAGE_FLAG_WRITE_ONCE (1 << 0) /**< The data associated with the uid will not be able to be modified or deleted. Intended to be used to set bits in `psa_storage_create_flags_t`*/
+
+/**
+ * \brief A container for metadata associated with a specific uid
+ */
+struct psa_storage_info_t {
+    uint32_t size;                  /**< The size of the data associated with a uid **/
+    psa_storage_create_flags_t flags;    /**< The flags set when the uid was created **/
+};
+
+/** Flag indicating that \ref psa_storage_create and \ref psa_storage_set_extended are supported */
+#define PSA_STORAGE_SUPPORT_SET_EXTENDED (1 << 0)
+
+#define PSA_ITS_API_VERSION_MAJOR  1  /**< The major version number of the PSA ITS API. It will be incremented on significant updates that may include breaking changes */
+#define PSA_ITS_API_VERSION_MINOR  1  /**< The minor version number of the PSA ITS API. It will be incremented in small updates that are unlikely to include breaking changes */
+
+/**
+ * \brief create a new or modify an existing uid/value pair
+ *
+ * \param[in] uid           the identifier for the data
+ * \param[in] data_length   The size in bytes of the data in `p_data`
+ * \param[in] p_data        A buffer containing the data
+ * \param[in] create_flags  The flags that the data will be stored with
+ *
+ * \return      A status indicating the success/failure of the operation
+ *
+ * \retval      #PSA_SUCCESS                     The operation completed successfully
+ * \retval      #PSA_ERROR_NOT_PERMITTED         The operation failed because the provided `uid` value was already created with PSA_STORAGE_FLAG_WRITE_ONCE
+ * \retval      #PSA_ERROR_NOT_SUPPORTED         The operation failed because one or more of the flags provided in `create_flags` is not supported or is not valid
+ * \retval      #PSA_ERROR_INSUFFICIENT_STORAGE  The operation failed because there was insufficient space on the storage medium
+ * \retval      #PSA_ERROR_STORAGE_FAILURE       The operation failed because the physical storage has failed (Fatal error)
+ * \retval      #PSA_ERROR_INVALID_ARGUMENT      The operation failed because one of the provided pointers(`p_data`)
+ *                                               is invalid, for example is `NULL` or references memory the caller cannot access
+ */
+psa_status_t psa_its_set(psa_storage_uid_t uid,
+                         uint32_t data_length,
+                         const void *p_data,
+                         psa_storage_create_flags_t create_flags);
+
+/**
+ * \brief Retrieve the value associated with a provided uid
+ *
+ * \param[in] uid               The uid value
+ * \param[in] data_offset       The starting offset of the data requested
+ * \param[in] data_length       the amount of data requested (and the minimum allocated size of the `p_data` buffer)
+ * \param[out] p_data           The buffer where the data will be placed upon successful completion
+ * \param[out] p_data_length    The amount of data returned in the p_data buffer
+ *
+ *
+ * \return      A status indicating the success/failure of the operation
+ *
+ * \retval      #PSA_SUCCESS                 The operation completed successfully
+ * \retval      #PSA_ERROR_DOES_NOT_EXIST    The operation failed because the provided `uid` value was not found in the storage
+ * \retval      #PSA_ERROR_STORAGE_FAILURE   The operation failed because the physical storage has failed (Fatal error)
+ * \retval      #PSA_ERROR_DATA_CORRUPT      The operation failed because stored data has been corrupted
+ * \retval      #PSA_ERROR_INVALID_ARGUMENT  The operation failed because one of the provided pointers(`p_data`, `p_data_length`)
+ *                                           is invalid. For example is `NULL` or references memory the caller cannot access.
+ *                                           In addition, this can also happen if an invalid offset was provided.
+ */
+psa_status_t psa_its_get(psa_storage_uid_t uid,
+                         uint32_t data_offset,
+                         uint32_t data_length,
+                         void *p_data,
+                         size_t *p_data_length);
+
+/**
+ * \brief Retrieve the metadata about the provided uid
+ *
+ * \param[in] uid           The uid value
+ * \param[out] p_info       A pointer to the `psa_storage_info_t` struct that will be populated with the metadata
+ *
+ * \return      A status indicating the success/failure of the operation
+ *
+ * \retval      #PSA_SUCCESS                 The operation completed successfully
+ * \retval      #PSA_ERROR_DOES_NOT_EXIST    The operation failed because the provided uid value was not found in the storage
+ * \retval      #PSA_ERROR_DATA_CORRUPT      The operation failed because stored data has been corrupted
+ * \retval      #PSA_ERROR_INVALID_ARGUMENT  The operation failed because one of the provided pointers(`p_info`)
+ *                                           is invalid, for example is `NULL` or references memory the caller cannot access
+ */
+psa_status_t psa_its_get_info(psa_storage_uid_t uid,
+                              struct psa_storage_info_t *p_info);
+
+/**
+ * \brief Remove the provided key and its associated data from the storage
+ *
+ * \param[in] uid   The uid value
+ *
+ * \return  A status indicating the success/failure of the operation
+ *
+ * \retval      #PSA_SUCCESS                  The operation completed successfully
+ * \retval      #PSA_ERROR_DOES_NOT_EXIST     The operation failed because the provided key value was not found in the storage
+ * \retval      #PSA_ERROR_NOT_PERMITTED      The operation failed because the provided key value was created with PSA_STORAGE_FLAG_WRITE_ONCE
+ * \retval      #PSA_ERROR_STORAGE_FAILURE    The operation failed because the physical storage has failed (Fatal error)
+ */
+psa_status_t psa_its_remove(psa_storage_uid_t uid);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* PSA_CRYPTO_ITS_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_mac.c b/3rdparty/mbedtls-2.28.7/library/psa_crypto_mac.c
new file mode 100644
index 0000000..2e722d2
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_mac.c
@@ -0,0 +1,495 @@
+/*
+ *  PSA MAC layer on top of Mbed TLS software crypto
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include <psa/crypto.h>
+#include "psa_crypto_core.h"
+#include "psa_crypto_cipher.h"
+#include "psa_crypto_mac.h"
+#include <mbedtls/md.h>
+
+#include <mbedtls/error.h>
+#include <string.h>
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
+static psa_status_t psa_hmac_abort_internal(
+    mbedtls_psa_hmac_operation_t *hmac)
+{
+    mbedtls_platform_zeroize(hmac->opad, sizeof(hmac->opad));
+    return psa_hash_abort(&hmac->hash_ctx);
+}
+
+static psa_status_t psa_hmac_setup_internal(
+    mbedtls_psa_hmac_operation_t *hmac,
+    const uint8_t *key,
+    size_t key_length,
+    psa_algorithm_t hash_alg)
+{
+    uint8_t ipad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
+    size_t i;
+    size_t hash_size = PSA_HASH_LENGTH(hash_alg);
+    size_t block_size = PSA_HASH_BLOCK_LENGTH(hash_alg);
+    psa_status_t status;
+
+    hmac->alg = hash_alg;
+
+    /* Sanity checks on block_size, to guarantee that there won't be a buffer
+     * overflow below. This should never trigger if the hash algorithm
+     * is implemented correctly. */
+    /* The size checks against the ipad and opad buffers cannot be written
+     * `block_size > sizeof( ipad ) || block_size > sizeof( hmac->opad )`
+     * because that triggers -Wlogical-op on GCC 7.3. */
+    if (block_size > sizeof(ipad)) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+    if (block_size > sizeof(hmac->opad)) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+    if (block_size < hash_size) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    if (key_length > block_size) {
+        status = psa_hash_compute(hash_alg, key, key_length,
+                                  ipad, sizeof(ipad), &key_length);
+        if (status != PSA_SUCCESS) {
+            goto cleanup;
+        }
+    }
+    /* A 0-length key is not commonly used in HMAC when used as a MAC,
+     * but it is permitted. It is common when HMAC is used in HKDF, for
+     * example. Don't call `memcpy` in the 0-length because `key` could be
+     * an invalid pointer which would make the behavior undefined. */
+    else if (key_length != 0) {
+        memcpy(ipad, key, key_length);
+    }
+
+    /* ipad contains the key followed by garbage. Xor and fill with 0x36
+     * to create the ipad value. */
+    for (i = 0; i < key_length; i++) {
+        ipad[i] ^= 0x36;
+    }
+    memset(ipad + key_length, 0x36, block_size - key_length);
+
+    /* Copy the key material from ipad to opad, flipping the requisite bits,
+     * and filling the rest of opad with the requisite constant. */
+    for (i = 0; i < key_length; i++) {
+        hmac->opad[i] = ipad[i] ^ 0x36 ^ 0x5C;
+    }
+    memset(hmac->opad + key_length, 0x5C, block_size - key_length);
+
+    status = psa_hash_setup(&hmac->hash_ctx, hash_alg);
+    if (status != PSA_SUCCESS) {
+        goto cleanup;
+    }
+
+    status = psa_hash_update(&hmac->hash_ctx, ipad, block_size);
+
+cleanup:
+    mbedtls_platform_zeroize(ipad, sizeof(ipad));
+
+    return status;
+}
+
+static psa_status_t psa_hmac_update_internal(
+    mbedtls_psa_hmac_operation_t *hmac,
+    const uint8_t *data,
+    size_t data_length)
+{
+    return psa_hash_update(&hmac->hash_ctx, data, data_length);
+}
+
+static psa_status_t psa_hmac_finish_internal(
+    mbedtls_psa_hmac_operation_t *hmac,
+    uint8_t *mac,
+    size_t mac_size)
+{
+    uint8_t tmp[PSA_HASH_MAX_SIZE];
+    psa_algorithm_t hash_alg = hmac->alg;
+    size_t hash_size = 0;
+    size_t block_size = PSA_HASH_BLOCK_LENGTH(hash_alg);
+    psa_status_t status;
+
+    status = psa_hash_finish(&hmac->hash_ctx, tmp, sizeof(tmp), &hash_size);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+    /* From here on, tmp needs to be wiped. */
+
+    status = psa_hash_setup(&hmac->hash_ctx, hash_alg);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    status = psa_hash_update(&hmac->hash_ctx, hmac->opad, block_size);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    status = psa_hash_update(&hmac->hash_ctx, tmp, hash_size);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    status = psa_hash_finish(&hmac->hash_ctx, tmp, sizeof(tmp), &hash_size);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    memcpy(mac, tmp, mac_size);
+
+exit:
+    mbedtls_platform_zeroize(tmp, hash_size);
+    return status;
+}
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
+static psa_status_t cmac_setup(mbedtls_psa_mac_operation_t *operation,
+                               const psa_key_attributes_t *attributes,
+                               const uint8_t *key_buffer)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+#if defined(PSA_WANT_KEY_TYPE_DES)
+    /* Mbed TLS CMAC does not accept 3DES with only two keys, nor does it accept
+     * to do CMAC with pure DES, so return NOT_SUPPORTED here. */
+    if (psa_get_key_type(attributes) == PSA_KEY_TYPE_DES &&
+        (psa_get_key_bits(attributes) == 64 ||
+         psa_get_key_bits(attributes) == 128)) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+#endif
+
+    const mbedtls_cipher_info_t *cipher_info =
+        mbedtls_cipher_info_from_psa(
+            PSA_ALG_CMAC,
+            psa_get_key_type(attributes),
+            psa_get_key_bits(attributes),
+            NULL);
+
+    if (cipher_info == NULL) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    ret = mbedtls_cipher_setup(&operation->ctx.cmac, cipher_info);
+    if (ret != 0) {
+        goto exit;
+    }
+
+    ret = mbedtls_cipher_cmac_starts(&operation->ctx.cmac,
+                                     key_buffer,
+                                     psa_get_key_bits(attributes));
+exit:
+    return mbedtls_to_psa_error(ret);
+}
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
+
+/* Initialize this driver's MAC operation structure. Once this function has been
+ * called, mbedtls_psa_mac_abort can run and will do the right thing. */
+static psa_status_t mac_init(
+    mbedtls_psa_mac_operation_t *operation,
+    psa_algorithm_t alg)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+    operation->alg = alg;
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
+    if (PSA_ALG_FULL_LENGTH_MAC(operation->alg) == PSA_ALG_CMAC) {
+        mbedtls_cipher_init(&operation->ctx.cmac);
+        status = PSA_SUCCESS;
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
+    if (PSA_ALG_IS_HMAC(operation->alg)) {
+        /* We'll set up the hash operation later in psa_hmac_setup_internal. */
+        operation->ctx.hmac.alg = 0;
+        status = PSA_SUCCESS;
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
+    {
+        (void) operation;
+        status = PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    if (status != PSA_SUCCESS) {
+        memset(operation, 0, sizeof(*operation));
+    }
+    return status;
+}
+
+psa_status_t mbedtls_psa_mac_abort(mbedtls_psa_mac_operation_t *operation)
+{
+    if (operation->alg == 0) {
+        /* The object has (apparently) been initialized but it is not
+         * in use. It's ok to call abort on such an object, and there's
+         * nothing to do. */
+        return PSA_SUCCESS;
+    } else
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
+    if (PSA_ALG_FULL_LENGTH_MAC(operation->alg) == PSA_ALG_CMAC) {
+        mbedtls_cipher_free(&operation->ctx.cmac);
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
+    if (PSA_ALG_IS_HMAC(operation->alg)) {
+        psa_hmac_abort_internal(&operation->ctx.hmac);
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
+    {
+        /* Sanity check (shouldn't happen: operation->alg should
+         * always have been initialized to a valid value). */
+        goto bad_state;
+    }
+
+    operation->alg = 0;
+
+    return PSA_SUCCESS;
+
+bad_state:
+    /* If abort is called on an uninitialized object, we can't trust
+     * anything. Wipe the object in case it contains confidential data.
+     * This may result in a memory leak if a pointer gets overwritten,
+     * but it's too late to do anything about this. */
+    memset(operation, 0, sizeof(*operation));
+    return PSA_ERROR_BAD_STATE;
+}
+
+static psa_status_t psa_mac_setup(mbedtls_psa_mac_operation_t *operation,
+                                  const psa_key_attributes_t *attributes,
+                                  const uint8_t *key_buffer,
+                                  size_t key_buffer_size,
+                                  psa_algorithm_t alg)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+    /* A context must be freshly initialized before it can be set up. */
+    if (operation->alg != 0) {
+        return PSA_ERROR_BAD_STATE;
+    }
+
+    status = mac_init(operation, alg);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
+    if (PSA_ALG_FULL_LENGTH_MAC(alg) == PSA_ALG_CMAC) {
+        /* Key buffer size for CMAC is dictated by the key bits set on the
+         * attributes, and previously validated by the core on key import. */
+        (void) key_buffer_size;
+        status = cmac_setup(operation, attributes, key_buffer);
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
+    if (PSA_ALG_IS_HMAC(alg)) {
+        status = psa_hmac_setup_internal(&operation->ctx.hmac,
+                                         key_buffer,
+                                         key_buffer_size,
+                                         PSA_ALG_HMAC_GET_HASH(alg));
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
+    {
+        (void) attributes;
+        (void) key_buffer;
+        (void) key_buffer_size;
+        status = PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    if (status != PSA_SUCCESS) {
+        mbedtls_psa_mac_abort(operation);
+    }
+
+    return status;
+}
+
+psa_status_t mbedtls_psa_mac_sign_setup(
+    mbedtls_psa_mac_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg)
+{
+    return psa_mac_setup(operation, attributes,
+                         key_buffer, key_buffer_size, alg);
+}
+
+psa_status_t mbedtls_psa_mac_verify_setup(
+    mbedtls_psa_mac_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg)
+{
+    return psa_mac_setup(operation, attributes,
+                         key_buffer, key_buffer_size, alg);
+}
+
+psa_status_t mbedtls_psa_mac_update(
+    mbedtls_psa_mac_operation_t *operation,
+    const uint8_t *input,
+    size_t input_length)
+{
+    if (operation->alg == 0) {
+        return PSA_ERROR_BAD_STATE;
+    }
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
+    if (PSA_ALG_FULL_LENGTH_MAC(operation->alg) == PSA_ALG_CMAC) {
+        return mbedtls_to_psa_error(
+            mbedtls_cipher_cmac_update(&operation->ctx.cmac,
+                                       input, input_length));
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
+    if (PSA_ALG_IS_HMAC(operation->alg)) {
+        return psa_hmac_update_internal(&operation->ctx.hmac,
+                                        input, input_length);
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
+    {
+        /* This shouldn't happen if `operation` was initialized by
+         * a setup function. */
+        (void) input;
+        (void) input_length;
+        return PSA_ERROR_BAD_STATE;
+    }
+}
+
+static psa_status_t psa_mac_finish_internal(
+    mbedtls_psa_mac_operation_t *operation,
+    uint8_t *mac, size_t mac_size)
+{
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
+    if (PSA_ALG_FULL_LENGTH_MAC(operation->alg) == PSA_ALG_CMAC) {
+        uint8_t tmp[PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE];
+        int ret = mbedtls_cipher_cmac_finish(&operation->ctx.cmac, tmp);
+        if (ret == 0) {
+            memcpy(mac, tmp, mac_size);
+        }
+        mbedtls_platform_zeroize(tmp, sizeof(tmp));
+        return mbedtls_to_psa_error(ret);
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
+    if (PSA_ALG_IS_HMAC(operation->alg)) {
+        return psa_hmac_finish_internal(&operation->ctx.hmac,
+                                        mac, mac_size);
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
+    {
+        /* This shouldn't happen if `operation` was initialized by
+         * a setup function. */
+        (void) operation;
+        (void) mac;
+        (void) mac_size;
+        return PSA_ERROR_BAD_STATE;
+    }
+}
+
+psa_status_t mbedtls_psa_mac_sign_finish(
+    mbedtls_psa_mac_operation_t *operation,
+    uint8_t *mac,
+    size_t mac_size,
+    size_t *mac_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+    if (operation->alg == 0) {
+        return PSA_ERROR_BAD_STATE;
+    }
+
+    status = psa_mac_finish_internal(operation, mac, mac_size);
+    if (status == PSA_SUCCESS) {
+        *mac_length = mac_size;
+    }
+
+    return status;
+}
+
+psa_status_t mbedtls_psa_mac_verify_finish(
+    mbedtls_psa_mac_operation_t *operation,
+    const uint8_t *mac,
+    size_t mac_length)
+{
+    uint8_t actual_mac[PSA_MAC_MAX_SIZE];
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+    if (operation->alg == 0) {
+        return PSA_ERROR_BAD_STATE;
+    }
+
+    /* Consistency check: requested MAC length fits our local buffer */
+    if (mac_length > sizeof(actual_mac)) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    status = psa_mac_finish_internal(operation, actual_mac, mac_length);
+    if (status != PSA_SUCCESS) {
+        goto cleanup;
+    }
+
+    if (mbedtls_psa_safer_memcmp(mac, actual_mac, mac_length) != 0) {
+        status = PSA_ERROR_INVALID_SIGNATURE;
+    }
+
+cleanup:
+    mbedtls_platform_zeroize(actual_mac, sizeof(actual_mac));
+
+    return status;
+}
+
+psa_status_t mbedtls_psa_mac_compute(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *mac,
+    size_t mac_size,
+    size_t *mac_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    mbedtls_psa_mac_operation_t operation = MBEDTLS_PSA_MAC_OPERATION_INIT;
+
+    status = psa_mac_setup(&operation,
+                           attributes, key_buffer, key_buffer_size,
+                           alg);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    if (input_length > 0) {
+        status = mbedtls_psa_mac_update(&operation, input, input_length);
+        if (status != PSA_SUCCESS) {
+            goto exit;
+        }
+    }
+
+    status = psa_mac_finish_internal(&operation, mac, mac_size);
+    if (status == PSA_SUCCESS) {
+        *mac_length = mac_size;
+    }
+
+exit:
+    mbedtls_psa_mac_abort(&operation);
+
+    return status;
+}
+
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC || MBEDTLS_PSA_BUILTIN_ALG_CMAC */
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_mac.h b/3rdparty/mbedtls-2.28.7/library/psa_crypto_mac.h
new file mode 100644
index 0000000..2f614bc
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_mac.h
@@ -0,0 +1,264 @@
+/*
+ *  PSA MAC layer on top of Mbed TLS software crypto
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_MAC_H
+#define PSA_CRYPTO_MAC_H
+
+#include <psa/crypto.h>
+
+/** Calculate the MAC (message authentication code) of a message using Mbed TLS.
+ *
+ * \note The signature of this function is that of a PSA driver mac_compute
+ *       entry point. This function behaves as a mac_compute entry point as
+ *       defined in the PSA driver interface specification for transparent
+ *       drivers.
+ *
+ * \param[in] attributes        The attributes of the key to use for the
+ *                              operation.
+ * \param[in] key_buffer        The buffer containing the key to use for
+ *                              computing the MAC. This buffer contains the key
+ *                              in export representation as defined by
+ *                              psa_export_key() (i.e. the raw key bytes).
+ * \param key_buffer_size       Size of the \p key_buffer buffer in bytes.
+ * \param alg                   The MAC algorithm to use (\c PSA_ALG_XXX value
+ *                              such that #PSA_ALG_IS_MAC(\p alg) is true).
+ * \param[in] input             Buffer containing the input message.
+ * \param input_length          Size of the \p input buffer in bytes.
+ * \param[out] mac              Buffer where the MAC value is to be written.
+ * \param mac_size              Size of the \p mac buffer in bytes.
+ * \param[out] mac_length       On success, the number of bytes
+ *                              that make up the MAC value.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ *         \p alg is not supported.
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         \p mac_size is too small
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ */
+psa_status_t mbedtls_psa_mac_compute(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *mac,
+    size_t mac_size,
+    size_t *mac_length);
+
+/** Set up a multipart MAC calculation operation using Mbed TLS.
+ *
+ * \note The signature of this function is that of a PSA driver mac_sign_setup
+ *       entry point. This function behaves as a mac_sign_setup entry point as
+ *       defined in the PSA driver interface specification for transparent
+ *       drivers.
+ *
+ * \param[in,out] operation     The operation object to set up. It must have
+ *                              been initialized and not yet in use.
+ * \param[in] attributes        The attributes of the key to use for the
+ *                              operation.
+ * \param[in] key_buffer        The buffer containing the key to use for
+ *                              computing the MAC. This buffer contains the key
+ *                              in export representation as defined by
+ *                              psa_export_key() (i.e. the raw key bytes).
+ * \param key_buffer_size       Size of the \p key_buffer buffer in bytes.
+ * \param alg                   The MAC algorithm to use (\c PSA_ALG_XXX value
+ *                              such that #PSA_ALG_IS_MAC(\p alg) is true).
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ *         \p alg is not supported.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (it must be inactive).
+ */
+psa_status_t mbedtls_psa_mac_sign_setup(
+    mbedtls_psa_mac_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg);
+
+/** Set up a multipart MAC verification operation using Mbed TLS.
+ *
+ * \note The signature of this function is that of a PSA driver mac_verify_setup
+ *       entry point. This function behaves as a mac_verify_setup entry point as
+ *       defined in the PSA driver interface specification for transparent
+ *       drivers.
+ *
+ * \param[in,out] operation     The operation object to set up. It must have
+ *                              been initialized and not yet in use.
+ * \param[in] attributes        The attributes of the key to use for the
+ *                              operation.
+ * \param[in] key_buffer        The buffer containing the key to use for
+ *                              computing the MAC. This buffer contains the key
+ *                              in export representation as defined by
+ *                              psa_export_key() (i.e. the raw key bytes).
+ * \param key_buffer_size       Size of the \p key_buffer buffer in bytes.
+ * \param alg                   The MAC algorithm to use (\c PSA_ALG_XXX value
+ *                              such that #PSA_ALG_IS_MAC(\p alg) is true).
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ *         \p alg is not supported.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (it must be inactive).
+ */
+psa_status_t mbedtls_psa_mac_verify_setup(
+    mbedtls_psa_mac_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg);
+
+/** Add a message fragment to a multipart MAC operation using Mbed TLS.
+ *
+ * \note The signature of this function is that of a PSA driver mac_update
+ *       entry point. This function behaves as a mac_update entry point as
+ *       defined in the PSA driver interface specification for transparent
+ *       drivers.
+ *
+ * The PSA core calls mbedtls_psa_mac_sign_setup() or
+ * mbedtls_psa_mac_verify_setup() before calling this function.
+ *
+ * If this function returns an error status, the PSA core aborts the
+ * operation by calling mbedtls_psa_mac_abort().
+ *
+ * \param[in,out] operation Active MAC operation.
+ * \param[in] input         Buffer containing the message fragment to add to
+ *                          the MAC calculation.
+ * \param input_length      Size of the \p input buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (it must be active).
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ */
+psa_status_t mbedtls_psa_mac_update(
+    mbedtls_psa_mac_operation_t *operation,
+    const uint8_t *input,
+    size_t input_length);
+
+/** Finish the calculation of the MAC of a message using Mbed TLS.
+ *
+ * \note The signature of this function is that of a PSA driver mac_sign_finish
+ *       entry point. This function behaves as a mac_sign_finish entry point as
+ *       defined in the PSA driver interface specification for transparent
+ *       drivers.
+ *
+ * The PSA core calls mbedtls_psa_mac_sign_setup() before calling this function.
+ * This function calculates the MAC of the message formed by concatenating
+ * the inputs passed to preceding calls to mbedtls_psa_mac_update().
+ *
+ * Whether this function returns successfully or not, the PSA core subsequently
+ * aborts the operation by calling mbedtls_psa_mac_abort().
+ *
+ * \param[in,out] operation Active MAC operation.
+ * \param[out] mac          Buffer where the MAC value is to be written.
+ * \param mac_size          Output size requested for the MAC algorithm. The PSA
+ *                          core guarantees this is a valid MAC length for the
+ *                          algorithm and key combination passed to
+ *                          mbedtls_psa_mac_sign_setup(). It also guarantees the
+ *                          \p mac buffer is large enough to contain the
+ *                          requested output size.
+ * \param[out] mac_length   On success, the number of bytes output to buffer
+ *                          \p mac, which will be equal to the requested length
+ *                          \p mac_size.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (it must be an active mac sign
+ *         operation).
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \p mac buffer is too small. A sufficient buffer size
+ *         can be determined by calling PSA_MAC_LENGTH().
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ */
+psa_status_t mbedtls_psa_mac_sign_finish(
+    mbedtls_psa_mac_operation_t *operation,
+    uint8_t *mac,
+    size_t mac_size,
+    size_t *mac_length);
+
+/** Finish the calculation of the MAC of a message and compare it with
+ * an expected value using Mbed TLS.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       mac_verify_finish entry point. This function behaves as a
+ *       mac_verify_finish entry point as defined in the PSA driver interface
+ *       specification for transparent drivers.
+ *
+ * The PSA core calls mbedtls_psa_mac_verify_setup() before calling this
+ * function. This function calculates the MAC of the message formed by
+ * concatenating the inputs passed to preceding calls to
+ * mbedtls_psa_mac_update(). It then compares the calculated MAC with the
+ * expected MAC passed as a parameter to this function.
+ *
+ * Whether this function returns successfully or not, the PSA core subsequently
+ * aborts the operation by calling mbedtls_psa_mac_abort().
+ *
+ * \param[in,out] operation Active MAC operation.
+ * \param[in] mac           Buffer containing the expected MAC value.
+ * \param mac_length        Length in bytes of the expected MAC value. The PSA
+ *                          core guarantees that this length is a valid MAC
+ *                          length for the algorithm and key combination passed
+ *                          to mbedtls_psa_mac_verify_setup().
+ *
+ * \retval #PSA_SUCCESS
+ *         The expected MAC is identical to the actual MAC of the message.
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
+ *         The MAC of the message was calculated successfully, but it
+ *         differs from the expected MAC.
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (it must be an active mac verify
+ *         operation).
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ */
+psa_status_t mbedtls_psa_mac_verify_finish(
+    mbedtls_psa_mac_operation_t *operation,
+    const uint8_t *mac,
+    size_t mac_length);
+
+/** Abort a MAC operation using Mbed TLS.
+ *
+ * Aborting an operation frees all associated resources except for the
+ * \p operation structure itself. Once aborted, the operation object
+ * can be reused for another operation by calling
+ * mbedtls_psa_mac_sign_setup() or mbedtls_psa_mac_verify_setup() again.
+ *
+ * The PSA core may call this function any time after the operation object has
+ * been initialized by one of the methods described in
+ * #mbedtls_psa_mac_operation_t.
+ *
+ * In particular, calling mbedtls_psa_mac_abort() after the operation has been
+ * terminated by a call to mbedtls_psa_mac_abort(),
+ * mbedtls_psa_mac_sign_finish() or mbedtls_psa_mac_verify_finish() is safe and
+ * has no effect.
+ *
+ * \param[in,out] operation Initialized MAC operation.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ */
+psa_status_t mbedtls_psa_mac_abort(
+    mbedtls_psa_mac_operation_t *operation);
+
+#endif /* PSA_CRYPTO_MAC_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_random_impl.h b/3rdparty/mbedtls-2.28.7/library/psa_crypto_random_impl.h
new file mode 100644
index 0000000..6150fee
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_random_impl.h
@@ -0,0 +1,192 @@
+/** \file psa_crypto_random_impl.h
+ *
+ * \brief PSA crypto random generator implementation abstraction.
+ *
+ * The definitions here need to be consistent with the declarations
+ * in include/mbedtls/psa_util.h. This file contains some redundant
+ * declarations to increase the chance that a compiler will detect
+ * inconsistencies if one file is changed without updating the other,
+ * but not all potential inconsistencies can be enforced, so make sure
+ * to check the public declarations and contracts in
+ * include/mbedtls/psa_util.h if you modify this file.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_RANDOM_IMPL_H
+#define PSA_CRYPTO_RANDOM_IMPL_H
+
+#include <mbedtls/psa_util.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+
+#include <string.h>
+#include <mbedtls/entropy.h> // only for error codes
+#include <psa/crypto.h>
+
+typedef mbedtls_psa_external_random_context_t mbedtls_psa_random_context_t;
+
+/* Trivial wrapper around psa_generate_random(). */
+int mbedtls_psa_get_random(void *p_rng,
+                           unsigned char *output,
+                           size_t output_size);
+
+/* The PSA RNG API doesn't need any externally maintained state. */
+#define MBEDTLS_PSA_RANDOM_STATE NULL
+
+#else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+/* Choose a DRBG based on configuration and availability */
+#if defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE)
+
+#include "mbedtls/hmac_drbg.h"
+
+#elif defined(MBEDTLS_CTR_DRBG_C)
+
+#include "mbedtls/ctr_drbg.h"
+
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+
+#include "mbedtls/hmac_drbg.h"
+#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_SHA256_C)
+#include <limits.h>
+#if SIZE_MAX > 0xffffffff
+/* Looks like a 64-bit system, so prefer SHA-512. */
+#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA512
+#else
+/* Looks like a 32-bit system, so prefer SHA-256. */
+#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
+#endif
+#elif defined(MBEDTLS_SHA512_C)
+#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA512
+#elif defined(MBEDTLS_SHA256_C)
+#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
+#else
+#error "No hash algorithm available for HMAC_DBRG."
+#endif
+
+#else
+#error "No DRBG module available for the psa_crypto module."
+#endif
+
+#include "mbedtls/entropy.h"
+
+/** Initialize the PSA DRBG.
+ *
+ * \param p_rng        Pointer to the Mbed TLS DRBG state.
+ */
+static inline void mbedtls_psa_drbg_init(mbedtls_psa_drbg_context_t *p_rng)
+{
+#if defined(MBEDTLS_CTR_DRBG_C)
+    mbedtls_ctr_drbg_init(p_rng);
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+    mbedtls_hmac_drbg_init(p_rng);
+#endif
+}
+
+/** Deinitialize the PSA DRBG.
+ *
+ * \param p_rng        Pointer to the Mbed TLS DRBG state.
+ */
+static inline void mbedtls_psa_drbg_free(mbedtls_psa_drbg_context_t *p_rng)
+{
+#if defined(MBEDTLS_CTR_DRBG_C)
+    mbedtls_ctr_drbg_free(p_rng);
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+    mbedtls_hmac_drbg_free(p_rng);
+#endif
+}
+
+/** The type of the PSA random generator context.
+ *
+ * The random generator context is composed of an entropy context and
+ * a DRBG context.
+ */
+typedef struct {
+    void (* entropy_init)(mbedtls_entropy_context *ctx);
+    void (* entropy_free)(mbedtls_entropy_context *ctx);
+    mbedtls_entropy_context entropy;
+    mbedtls_psa_drbg_context_t drbg;
+} mbedtls_psa_random_context_t;
+
+/* Defined in include/mbedtls/psa_util.h so that it's visible to
+ * application code. The declaration here is redundant, but included
+ * as a safety net to make it more likely that a future change that
+ * accidentally causes the implementation to diverge from the interface
+ * will be noticed. */
+/* Do not include the declaration under MSVC because it doesn't accept it
+ * ("error C2370: 'mbedtls_psa_get_random' : redefinition; different storage class").
+ * Observed with Visual Studio 2013. A known bug apparently:
+ * https://stackoverflow.com/questions/8146541/duplicate-external-static-declarations-not-allowed-in-visual-studio
+ */
+#if !defined(_MSC_VER)
+static mbedtls_f_rng_t *const mbedtls_psa_get_random;
+#endif
+
+/** The maximum number of bytes that mbedtls_psa_get_random() is expected to
+ * return.
+ */
+#if defined(MBEDTLS_CTR_DRBG_C)
+#define MBEDTLS_PSA_RANDOM_MAX_REQUEST MBEDTLS_CTR_DRBG_MAX_REQUEST
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+#define MBEDTLS_PSA_RANDOM_MAX_REQUEST MBEDTLS_HMAC_DRBG_MAX_REQUEST
+#endif
+
+/** A pointer to the PSA DRBG state.
+ *
+ * This variable is only intended to be used through the macro
+ * #MBEDTLS_PSA_RANDOM_STATE.
+ */
+/* psa_crypto.c sets this variable to a pointer to the DRBG state in the
+ * global PSA crypto state. */
+/* The type `mbedtls_psa_drbg_context_t` is defined in
+ * include/mbedtls/psa_util.h so that `mbedtls_psa_random_state` can be
+ * declared there and be visible to application code. */
+extern mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state;
+
+/** A pointer to the PSA DRBG state.
+ *
+ * This macro expands to an expression that is suitable as the \c p_rng
+ * parameter to pass to mbedtls_psa_get_random().
+ *
+ * This macro exists in all configurations where the psa_crypto module is
+ * enabled. Its expansion depends on the configuration.
+ */
+#define MBEDTLS_PSA_RANDOM_STATE mbedtls_psa_random_state
+
+/** Seed the PSA DRBG.
+ *
+ * \param entropy       An entropy context to read the seed from.
+ * \param custom        The personalization string.
+ *                      This can be \c NULL, in which case the personalization
+ *                      string is empty regardless of the value of \p len.
+ * \param len           The length of the personalization string.
+ *
+ * \return              \c 0 on success.
+ * \return              An Mbed TLS error code (\c MBEDTLS_ERR_xxx) on failure.
+ */
+static inline int mbedtls_psa_drbg_seed(
+    mbedtls_entropy_context *entropy,
+    const unsigned char *custom, size_t len)
+{
+#if defined(MBEDTLS_CTR_DRBG_C)
+    return mbedtls_ctr_drbg_seed(MBEDTLS_PSA_RANDOM_STATE,
+                                 mbedtls_entropy_func,
+                                 entropy,
+                                 custom, len);
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+    const mbedtls_md_info_t *md_info =
+        mbedtls_md_info_from_type(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE);
+    return mbedtls_hmac_drbg_seed(MBEDTLS_PSA_RANDOM_STATE,
+                                  md_info,
+                                  mbedtls_entropy_func,
+                                  entropy,
+                                  custom, len);
+#endif
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+#endif /* PSA_CRYPTO_RANDOM_IMPL_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_rsa.c b/3rdparty/mbedtls-2.28.7/library/psa_crypto_rsa.c
new file mode 100644
index 0000000..cc3ceca
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_rsa.c
@@ -0,0 +1,517 @@
+/*
+ *  PSA RSA layer on top of Mbed TLS crypto
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include <psa/crypto.h>
+#include "psa_crypto_core.h"
+#include "psa_crypto_random_impl.h"
+#include "psa_crypto_rsa.h"
+#include "psa_crypto_hash.h"
+
+#include <stdlib.h>
+#include <string.h>
+#include "mbedtls/platform.h"
+
+#include <mbedtls/rsa.h>
+#include <mbedtls/error.h>
+#include <mbedtls/pk.h>
+#include <mbedtls/pk_internal.h>
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
+    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+
+/* Mbed TLS doesn't support non-byte-aligned key sizes (i.e. key sizes
+ * that are not a multiple of 8) well. For example, there is only
+ * mbedtls_rsa_get_len(), which returns a number of bytes, and no
+ * way to return the exact bit size of a key.
+ * To keep things simple, reject non-byte-aligned key sizes. */
+static psa_status_t psa_check_rsa_key_byte_aligned(
+    const mbedtls_rsa_context *rsa)
+{
+    mbedtls_mpi n;
+    psa_status_t status;
+    mbedtls_mpi_init(&n);
+    status = mbedtls_to_psa_error(
+        mbedtls_rsa_export(rsa, &n, NULL, NULL, NULL, NULL));
+    if (status == PSA_SUCCESS) {
+        if (mbedtls_mpi_bitlen(&n) % 8 != 0) {
+            status = PSA_ERROR_NOT_SUPPORTED;
+        }
+    }
+    mbedtls_mpi_free(&n);
+    return status;
+}
+
+psa_status_t mbedtls_psa_rsa_load_representation(
+    psa_key_type_t type, const uint8_t *data, size_t data_length,
+    mbedtls_rsa_context **p_rsa)
+{
+    psa_status_t status;
+    mbedtls_pk_context ctx;
+    size_t bits;
+    mbedtls_pk_init(&ctx);
+
+    /* Parse the data. */
+    if (PSA_KEY_TYPE_IS_KEY_PAIR(type)) {
+        status = mbedtls_to_psa_error(
+            mbedtls_pk_parse_key(&ctx, data, data_length, NULL, 0));
+    } else {
+        status = mbedtls_to_psa_error(
+            mbedtls_pk_parse_public_key(&ctx, data, data_length));
+    }
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    /* We have something that the pkparse module recognizes. If it is a
+     * valid RSA key, store it. */
+    if (mbedtls_pk_get_type(&ctx) != MBEDTLS_PK_RSA) {
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
+    }
+
+    /* The size of an RSA key doesn't have to be a multiple of 8. Mbed TLS
+     * supports non-byte-aligned key sizes, but not well. For example,
+     * mbedtls_rsa_get_len() returns the key size in bytes, not in bits. */
+    bits = PSA_BYTES_TO_BITS(mbedtls_rsa_get_len(mbedtls_pk_rsa(ctx)));
+    if (bits > PSA_VENDOR_RSA_MAX_KEY_BITS) {
+        status = PSA_ERROR_NOT_SUPPORTED;
+        goto exit;
+    }
+    status = psa_check_rsa_key_byte_aligned(mbedtls_pk_rsa(ctx));
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    /* Copy out the pointer to the RSA context, and reset the PK context
+     * such that pk_free doesn't free the RSA context we just grabbed. */
+    *p_rsa = mbedtls_pk_rsa(ctx);
+    ctx.pk_info = NULL;
+
+exit:
+    mbedtls_pk_free(&ctx);
+    return status;
+}
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ||
+        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
+        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
+
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+
+psa_status_t mbedtls_psa_rsa_import_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *data, size_t data_length,
+    uint8_t *key_buffer, size_t key_buffer_size,
+    size_t *key_buffer_length, size_t *bits)
+{
+    psa_status_t status;
+    mbedtls_rsa_context *rsa = NULL;
+
+    /* Parse input */
+    status = mbedtls_psa_rsa_load_representation(attributes->core.type,
+                                                 data,
+                                                 data_length,
+                                                 &rsa);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    *bits = (psa_key_bits_t) PSA_BYTES_TO_BITS(mbedtls_rsa_get_len(rsa));
+
+    /* Re-export the data to PSA export format, such that we can store export
+     * representation in the key slot. Export representation in case of RSA is
+     * the smallest representation that's allowed as input, so a straight-up
+     * allocation of the same size as the input buffer will be large enough. */
+    status = mbedtls_psa_rsa_export_key(attributes->core.type,
+                                        rsa,
+                                        key_buffer,
+                                        key_buffer_size,
+                                        key_buffer_length);
+exit:
+    /* Always free the RSA object */
+    mbedtls_rsa_free(rsa);
+    mbedtls_free(rsa);
+
+    return status;
+}
+
+psa_status_t mbedtls_psa_rsa_export_key(psa_key_type_t type,
+                                        mbedtls_rsa_context *rsa,
+                                        uint8_t *data,
+                                        size_t data_size,
+                                        size_t *data_length)
+{
+#if defined(MBEDTLS_PK_WRITE_C)
+    int ret;
+    mbedtls_pk_context pk;
+    uint8_t *pos = data + data_size;
+
+    mbedtls_pk_init(&pk);
+    pk.pk_info = &mbedtls_rsa_info;
+    pk.pk_ctx = rsa;
+
+    /* PSA Crypto API defines the format of an RSA key as a DER-encoded
+     * representation of the non-encrypted PKCS#1 RSAPrivateKey for a
+     * private key and of the RFC3279 RSAPublicKey for a public key. */
+    if (PSA_KEY_TYPE_IS_KEY_PAIR(type)) {
+        ret = mbedtls_pk_write_key_der(&pk, data, data_size);
+    } else {
+        ret = mbedtls_pk_write_pubkey(&pos, data, &pk);
+    }
+
+    if (ret < 0) {
+        /* Clean up in case pk_write failed halfway through. */
+        memset(data, 0, data_size);
+        return mbedtls_to_psa_error(ret);
+    }
+
+    /* The mbedtls_pk_xxx functions write to the end of the buffer.
+     * Move the data to the beginning and erase remaining data
+     * at the original location. */
+    if (2 * (size_t) ret <= data_size) {
+        memcpy(data, data + data_size - ret, ret);
+        memset(data + data_size - ret, 0, ret);
+    } else if ((size_t) ret < data_size) {
+        memmove(data, data + data_size - ret, ret);
+        memset(data + ret, 0, data_size - ret);
+    }
+
+    *data_length = ret;
+    return PSA_SUCCESS;
+#else
+    (void) type;
+    (void) rsa;
+    (void) data;
+    (void) data_size;
+    (void) data_length;
+    return PSA_ERROR_NOT_SUPPORTED;
+#endif /* MBEDTLS_PK_WRITE_C */
+}
+
+psa_status_t mbedtls_psa_rsa_export_public_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    uint8_t *data, size_t data_size, size_t *data_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    mbedtls_rsa_context *rsa = NULL;
+
+    status = mbedtls_psa_rsa_load_representation(
+        attributes->core.type, key_buffer, key_buffer_size, &rsa);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    status = mbedtls_psa_rsa_export_key(PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+                                        rsa,
+                                        data,
+                                        data_size,
+                                        data_length);
+
+    mbedtls_rsa_free(rsa);
+    mbedtls_free(rsa);
+
+    return status;
+}
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
+        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
+
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \
+    defined(MBEDTLS_GENPRIME)
+static psa_status_t psa_rsa_read_exponent(const uint8_t *domain_parameters,
+                                          size_t domain_parameters_size,
+                                          int *exponent)
+{
+    size_t i;
+    uint32_t acc = 0;
+
+    if (domain_parameters_size == 0) {
+        *exponent = 65537;
+        return PSA_SUCCESS;
+    }
+
+    /* Mbed TLS encodes the public exponent as an int. For simplicity, only
+     * support values that fit in a 32-bit integer, which is larger than
+     * int on just about every platform anyway. */
+    if (domain_parameters_size > sizeof(acc)) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+    for (i = 0; i < domain_parameters_size; i++) {
+        acc = (acc << 8) | domain_parameters[i];
+    }
+    if (acc > INT_MAX) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+    *exponent = acc;
+    return PSA_SUCCESS;
+}
+
+psa_status_t mbedtls_psa_rsa_generate_key(
+    const psa_key_attributes_t *attributes,
+    uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
+{
+    psa_status_t status;
+    mbedtls_rsa_context rsa;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    int exponent;
+
+    status = psa_rsa_read_exponent(attributes->domain_parameters,
+                                   attributes->domain_parameters_size,
+                                   &exponent);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE);
+    ret = mbedtls_rsa_gen_key(&rsa,
+                              mbedtls_psa_get_random,
+                              MBEDTLS_PSA_RANDOM_STATE,
+                              (unsigned int) attributes->core.bits,
+                              exponent);
+    if (ret != 0) {
+        return mbedtls_to_psa_error(ret);
+    }
+
+    status = mbedtls_psa_rsa_export_key(attributes->core.type,
+                                        &rsa, key_buffer, key_buffer_size,
+                                        key_buffer_length);
+    mbedtls_rsa_free(&rsa);
+
+    return status;
+}
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
+        * defined(MBEDTLS_GENPRIME) */
+
+/****************************************************************/
+/* Sign/verify hashes */
+/****************************************************************/
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
+
+/* Decode the hash algorithm from alg and store the mbedtls encoding in
+ * md_alg. Verify that the hash length is acceptable. */
+static psa_status_t psa_rsa_decode_md_type(psa_algorithm_t alg,
+                                           size_t hash_length,
+                                           mbedtls_md_type_t *md_alg)
+{
+    psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH(alg);
+    const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa(hash_alg);
+    *md_alg = mbedtls_md_get_type(md_info);
+
+    /* The Mbed TLS RSA module uses an unsigned int for hash length
+     * parameters. Validate that it fits so that we don't risk an
+     * overflow later. */
+#if SIZE_MAX > UINT_MAX
+    if (hash_length > UINT_MAX) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+#endif
+
+    /* For signatures using a hash, the hash length must be correct. */
+    if (alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW) {
+        if (md_info == NULL) {
+            return PSA_ERROR_NOT_SUPPORTED;
+        }
+        if (mbedtls_md_get_size(md_info) != hash_length) {
+            return PSA_ERROR_INVALID_ARGUMENT;
+        }
+    }
+
+    return PSA_SUCCESS;
+}
+
+psa_status_t mbedtls_psa_rsa_sign_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+    uint8_t *signature, size_t signature_size, size_t *signature_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    mbedtls_rsa_context *rsa = NULL;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_md_type_t md_alg;
+
+    status = mbedtls_psa_rsa_load_representation(attributes->core.type,
+                                                 key_buffer,
+                                                 key_buffer_size,
+                                                 &rsa);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    status = psa_rsa_decode_md_type(alg, hash_length, &md_alg);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    if (signature_size < mbedtls_rsa_get_len(rsa)) {
+        status = PSA_ERROR_BUFFER_TOO_SMALL;
+        goto exit;
+    }
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
+    if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)) {
+        mbedtls_rsa_set_padding(rsa, MBEDTLS_RSA_PKCS_V15,
+                                MBEDTLS_MD_NONE);
+        ret = mbedtls_rsa_pkcs1_sign(rsa,
+                                     mbedtls_psa_get_random,
+                                     MBEDTLS_PSA_RANDOM_STATE,
+                                     MBEDTLS_RSA_PRIVATE,
+                                     md_alg,
+                                     (unsigned int) hash_length,
+                                     hash,
+                                     signature);
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
+    if (PSA_ALG_IS_RSA_PSS(alg)) {
+        mbedtls_rsa_set_padding(rsa, MBEDTLS_RSA_PKCS_V21, md_alg);
+        ret = mbedtls_rsa_rsassa_pss_sign(rsa,
+                                          mbedtls_psa_get_random,
+                                          MBEDTLS_PSA_RANDOM_STATE,
+                                          MBEDTLS_RSA_PRIVATE,
+                                          MBEDTLS_MD_NONE,
+                                          (unsigned int) hash_length,
+                                          hash,
+                                          signature);
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
+    {
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
+    }
+
+    if (ret == 0) {
+        *signature_length = mbedtls_rsa_get_len(rsa);
+    }
+    status = mbedtls_to_psa_error(ret);
+
+exit:
+    mbedtls_rsa_free(rsa);
+    mbedtls_free(rsa);
+
+    return status;
+}
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
+static int rsa_pss_expected_salt_len(psa_algorithm_t alg,
+                                     const mbedtls_rsa_context *rsa,
+                                     size_t hash_length)
+{
+    if (PSA_ALG_IS_RSA_PSS_ANY_SALT(alg)) {
+        return MBEDTLS_RSA_SALT_LEN_ANY;
+    }
+    /* Otherwise: standard salt length, i.e. largest possible salt length
+     * up to the hash length. */
+    int klen = (int) mbedtls_rsa_get_len(rsa);   // known to fit
+    int hlen = (int) hash_length; // known to fit
+    int room = klen - 2 - hlen;
+    if (room < 0) {
+        return 0;  // there is no valid signature in this case anyway
+    } else if (room > hlen) {
+        return hlen;
+    } else {
+        return room;
+    }
+}
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
+
+psa_status_t mbedtls_psa_rsa_verify_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+    const uint8_t *signature, size_t signature_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    mbedtls_rsa_context *rsa = NULL;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_md_type_t md_alg;
+
+    status = mbedtls_psa_rsa_load_representation(attributes->core.type,
+                                                 key_buffer,
+                                                 key_buffer_size,
+                                                 &rsa);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    status = psa_rsa_decode_md_type(alg, hash_length, &md_alg);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    if (signature_length != mbedtls_rsa_get_len(rsa)) {
+        status = PSA_ERROR_INVALID_SIGNATURE;
+        goto exit;
+    }
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
+    if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)) {
+        mbedtls_rsa_set_padding(rsa, MBEDTLS_RSA_PKCS_V15,
+                                MBEDTLS_MD_NONE);
+        ret = mbedtls_rsa_pkcs1_verify(rsa,
+                                       mbedtls_psa_get_random,
+                                       MBEDTLS_PSA_RANDOM_STATE,
+                                       MBEDTLS_RSA_PUBLIC,
+                                       md_alg,
+                                       (unsigned int) hash_length,
+                                       hash,
+                                       signature);
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
+    if (PSA_ALG_IS_RSA_PSS(alg)) {
+        int slen = rsa_pss_expected_salt_len(alg, rsa, hash_length);
+        mbedtls_rsa_set_padding(rsa, MBEDTLS_RSA_PKCS_V21, md_alg);
+        ret = mbedtls_rsa_rsassa_pss_verify_ext(rsa,
+                                                mbedtls_psa_get_random,
+                                                MBEDTLS_PSA_RANDOM_STATE,
+                                                MBEDTLS_RSA_PUBLIC,
+                                                md_alg,
+                                                (unsigned int) hash_length,
+                                                hash,
+                                                md_alg,
+                                                slen,
+                                                signature);
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
+    {
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
+    }
+
+    /* Mbed TLS distinguishes "invalid padding" from "valid padding but
+     * the rest of the signature is invalid". This has little use in
+     * practice and PSA doesn't report this distinction. */
+    status = (ret == MBEDTLS_ERR_RSA_INVALID_PADDING) ?
+             PSA_ERROR_INVALID_SIGNATURE :
+             mbedtls_to_psa_error(ret);
+
+exit:
+    mbedtls_rsa_free(rsa);
+    mbedtls_free(rsa);
+
+    return status;
+}
+
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_rsa.h b/3rdparty/mbedtls-2.28.7/library/psa_crypto_rsa.h
new file mode 100644
index 0000000..f4aadda
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_rsa.h
@@ -0,0 +1,203 @@
+/*
+ *  PSA RSA layer on top of Mbed TLS crypto
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_RSA_H
+#define PSA_CRYPTO_RSA_H
+
+#include <psa/crypto.h>
+#include <mbedtls/rsa.h>
+
+/** Load the contents of a key buffer into an internal RSA representation
+ *
+ * \param[in] type          The type of key contained in \p data.
+ * \param[in] data          The buffer from which to load the representation.
+ * \param[in] data_length   The size in bytes of \p data.
+ * \param[out] p_rsa        Returns a pointer to an RSA context on success.
+ *                          The caller is responsible for freeing both the
+ *                          contents of the context and the context itself
+ *                          when done.
+ */
+psa_status_t mbedtls_psa_rsa_load_representation(psa_key_type_t type,
+                                                 const uint8_t *data,
+                                                 size_t data_length,
+                                                 mbedtls_rsa_context **p_rsa);
+
+/** Import an RSA key in binary format.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       import_key entry point. This function behaves as an import_key
+ *       entry point as defined in the PSA driver interface specification for
+ *       transparent drivers.
+ *
+ * \param[in]  attributes       The attributes for the key to import.
+ * \param[in]  data             The buffer containing the key data in import
+ *                              format.
+ * \param[in]  data_length      Size of the \p data buffer in bytes.
+ * \param[out] key_buffer       The buffer containing the key data in output
+ *                              format.
+ * \param[in]  key_buffer_size  Size of the \p key_buffer buffer in bytes. This
+ *                              size is greater or equal to \p data_length.
+ * \param[out] key_buffer_length  The length of the data written in \p
+ *                                key_buffer in bytes.
+ * \param[out] bits             The key size in number of bits.
+ *
+ * \retval #PSA_SUCCESS  The RSA key was imported successfully.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         The key data is not correctly formatted.
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ */
+psa_status_t mbedtls_psa_rsa_import_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *data, size_t data_length,
+    uint8_t *key_buffer, size_t key_buffer_size,
+    size_t *key_buffer_length, size_t *bits);
+
+/** Export an RSA key to export representation
+ *
+ * \param[in] type          The type of key (public/private) to export
+ * \param[in] rsa           The internal RSA representation from which to export
+ * \param[out] data         The buffer to export to
+ * \param[in] data_size     The length of the buffer to export to
+ * \param[out] data_length  The amount of bytes written to \p data
+ */
+psa_status_t mbedtls_psa_rsa_export_key(psa_key_type_t type,
+                                        mbedtls_rsa_context *rsa,
+                                        uint8_t *data,
+                                        size_t data_size,
+                                        size_t *data_length);
+
+/** Export a public RSA key or the public part of an RSA key pair in binary
+ *  format.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       export_public_key entry point. This function behaves as an
+ *       export_public_key entry point as defined in the PSA driver interface
+ *       specification.
+ *
+ * \param[in]  attributes       The attributes for the key to export.
+ * \param[in]  key_buffer       Material or context of the key to export.
+ * \param[in]  key_buffer_size  Size of the \p key_buffer buffer in bytes.
+ * \param[out] data             Buffer where the key data is to be written.
+ * \param[in]  data_size        Size of the \p data buffer in bytes.
+ * \param[out] data_length      On success, the number of bytes written in
+ *                              \p data.
+ *
+ * \retval #PSA_SUCCESS  The RSA public key was exported successfully.
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ */
+psa_status_t mbedtls_psa_rsa_export_public_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    uint8_t *data, size_t data_size, size_t *data_length);
+
+/**
+ * \brief Generate an RSA key.
+ *
+ * \note The signature of the function is that of a PSA driver generate_key
+ *       entry point.
+ *
+ * \param[in]  attributes         The attributes for the RSA key to generate.
+ * \param[out] key_buffer         Buffer where the key data is to be written.
+ * \param[in]  key_buffer_size    Size of \p key_buffer in bytes.
+ * \param[out] key_buffer_length  On success, the number of bytes written in
+ *                                \p key_buffer.
+ *
+ * \retval #PSA_SUCCESS
+ *         The key was successfully generated.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ *         Key length or type not supported.
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of \p key_buffer is too small.
+ */
+psa_status_t mbedtls_psa_rsa_generate_key(
+    const psa_key_attributes_t *attributes,
+    uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length);
+
+/** Sign an already-calculated hash with an RSA private key.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       sign_hash entry point. This function behaves as a sign_hash
+ *       entry point as defined in the PSA driver interface specification for
+ *       transparent drivers.
+ *
+ * \param[in]  attributes       The attributes of the RSA key to use for the
+ *                              operation.
+ * \param[in]  key_buffer       The buffer containing the RSA key context.
+ *                              format.
+ * \param[in]  key_buffer_size  Size of the \p key_buffer buffer in bytes.
+ * \param[in]  alg              A signature algorithm that is compatible with
+ *                              an RSA key.
+ * \param[in]  hash             The hash or message to sign.
+ * \param[in]  hash_length      Size of the \p hash buffer in bytes.
+ * \param[out] signature        Buffer where the signature is to be written.
+ * \param[in]  signature_size   Size of the \p signature buffer in bytes.
+ * \param[out] signature_length On success, the number of bytes
+ *                              that make up the returned signature value.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \p signature buffer is too small. You can
+ *         determine a sufficient buffer size by calling
+ *         #PSA_SIGN_OUTPUT_SIZE(\c PSA_KEY_TYPE_RSA_KEY_PAIR, \c key_bits,
+ *         \p alg) where \c key_bits is the bit-size of the RSA key.
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription
+ */
+psa_status_t mbedtls_psa_rsa_sign_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+    uint8_t *signature, size_t signature_size, size_t *signature_length);
+
+/**
+ * \brief Verify the signature a hash or short message using a public RSA key.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       verify_hash entry point. This function behaves as a verify_hash
+ *       entry point as defined in the PSA driver interface specification for
+ *       transparent drivers.
+ *
+ * \param[in]  attributes       The attributes of the RSA key to use for the
+ *                              operation.
+ * \param[in]  key_buffer       The buffer containing the RSA key context.
+ *                              format.
+ * \param[in]  key_buffer_size  Size of the \p key_buffer buffer in bytes.
+ * \param[in]  alg              A signature algorithm that is compatible with
+ *                              an RSA key.
+ * \param[in]  hash             The hash or message whose signature is to be
+ *                              verified.
+ * \param[in]  hash_length      Size of the \p hash buffer in bytes.
+ * \param[in]  signature        Buffer containing the signature to verify.
+ * \param[in]  signature_length Size of the \p signature buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ *         The signature is valid.
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
+ *         The calculation was performed successfully, but the passed
+ *         signature is not a valid signature.
+ * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
+ * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ */
+psa_status_t mbedtls_psa_rsa_verify_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
+    const uint8_t *signature, size_t signature_length);
+
+#endif /* PSA_CRYPTO_RSA_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_se.c b/3rdparty/mbedtls-2.28.7/library/psa_crypto_se.c
new file mode 100644
index 0000000..9628ff2
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_se.c
@@ -0,0 +1,374 @@
+/*
+ *  PSA crypto support for secure element drivers
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+
+#include <stdint.h>
+#include <string.h>
+
+#include "psa/crypto_se_driver.h"
+
+#include "psa_crypto_se.h"
+
+#if defined(MBEDTLS_PSA_ITS_FILE_C)
+#include "psa_crypto_its.h"
+#else /* Native ITS implementation */
+#include "psa/error.h"
+#include "psa/internal_trusted_storage.h"
+#endif
+
+#include "mbedtls/platform.h"
+
+
+
+/****************************************************************/
+/* Driver lookup */
+/****************************************************************/
+
+/* This structure is identical to psa_drv_se_context_t declared in
+ * `crypto_se_driver.h`, except that some parts are writable here
+ * (non-const, or pointer to non-const). */
+typedef struct {
+    void *persistent_data;
+    size_t persistent_data_size;
+    uintptr_t transient_data;
+} psa_drv_se_internal_context_t;
+
+struct psa_se_drv_table_entry_s {
+    psa_key_location_t location;
+    const psa_drv_se_t *methods;
+    union {
+        psa_drv_se_internal_context_t internal;
+        psa_drv_se_context_t context;
+    } u;
+};
+
+static psa_se_drv_table_entry_t driver_table[PSA_MAX_SE_DRIVERS];
+
+psa_se_drv_table_entry_t *psa_get_se_driver_entry(
+    psa_key_lifetime_t lifetime)
+{
+    size_t i;
+    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime);
+    /* In the driver table, location=0 means an entry that isn't used.
+     * No driver has a location of 0 because it's a reserved value
+     * (which designates transparent keys). Make sure we never return
+     * a driver entry for location 0. */
+    if (location == 0) {
+        return NULL;
+    }
+    for (i = 0; i < PSA_MAX_SE_DRIVERS; i++) {
+        if (driver_table[i].location == location) {
+            return &driver_table[i];
+        }
+    }
+    return NULL;
+}
+
+const psa_drv_se_t *psa_get_se_driver_methods(
+    const psa_se_drv_table_entry_t *driver)
+{
+    return driver->methods;
+}
+
+psa_drv_se_context_t *psa_get_se_driver_context(
+    psa_se_drv_table_entry_t *driver)
+{
+    return &driver->u.context;
+}
+
+int psa_get_se_driver(psa_key_lifetime_t lifetime,
+                      const psa_drv_se_t **p_methods,
+                      psa_drv_se_context_t **p_drv_context)
+{
+    psa_se_drv_table_entry_t *driver = psa_get_se_driver_entry(lifetime);
+    if (p_methods != NULL) {
+        *p_methods = (driver ? driver->methods : NULL);
+    }
+    if (p_drv_context != NULL) {
+        *p_drv_context = (driver ? &driver->u.context : NULL);
+    }
+    return driver != NULL;
+}
+
+
+
+/****************************************************************/
+/* Persistent data management */
+/****************************************************************/
+
+static psa_status_t psa_get_se_driver_its_file_uid(
+    const psa_se_drv_table_entry_t *driver,
+    psa_storage_uid_t *uid)
+{
+    if (driver->location > PSA_MAX_SE_LOCATION) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+#if SIZE_MAX > UINT32_MAX
+    /* ITS file sizes are limited to 32 bits. */
+    if (driver->u.internal.persistent_data_size > UINT32_MAX) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+#endif
+
+    /* See the documentation of PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE. */
+    *uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + driver->location;
+    return PSA_SUCCESS;
+}
+
+psa_status_t psa_load_se_persistent_data(
+    const psa_se_drv_table_entry_t *driver)
+{
+    psa_status_t status;
+    psa_storage_uid_t uid;
+    size_t length;
+
+    status = psa_get_se_driver_its_file_uid(driver, &uid);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    /* Read the amount of persistent data that the driver requests.
+     * If the data in storage is larger, it is truncated. If the data
+     * in storage is smaller, silently keep what is already at the end
+     * of the output buffer. */
+    /* psa_get_se_driver_its_file_uid ensures that the size_t
+     * persistent_data_size is in range, but compilers don't know that,
+     * so cast to reassure them. */
+    return psa_its_get(uid, 0,
+                       (uint32_t) driver->u.internal.persistent_data_size,
+                       driver->u.internal.persistent_data,
+                       &length);
+}
+
+psa_status_t psa_save_se_persistent_data(
+    const psa_se_drv_table_entry_t *driver)
+{
+    psa_status_t status;
+    psa_storage_uid_t uid;
+
+    status = psa_get_se_driver_its_file_uid(driver, &uid);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    /* psa_get_se_driver_its_file_uid ensures that the size_t
+     * persistent_data_size is in range, but compilers don't know that,
+     * so cast to reassure them. */
+    return psa_its_set(uid,
+                       (uint32_t) driver->u.internal.persistent_data_size,
+                       driver->u.internal.persistent_data,
+                       0);
+}
+
+psa_status_t psa_destroy_se_persistent_data(psa_key_location_t location)
+{
+    psa_storage_uid_t uid;
+    if (location > PSA_MAX_SE_LOCATION) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+    uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + location;
+    return psa_its_remove(uid);
+}
+
+psa_status_t psa_find_se_slot_for_key(
+    const psa_key_attributes_t *attributes,
+    psa_key_creation_method_t method,
+    psa_se_drv_table_entry_t *driver,
+    psa_key_slot_number_t *slot_number)
+{
+    psa_status_t status;
+    psa_key_location_t key_location =
+        PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes));
+
+    /* If the location is wrong, it's a bug in the library. */
+    if (driver->location != key_location) {
+        return PSA_ERROR_CORRUPTION_DETECTED;
+    }
+
+    /* If the driver doesn't support key creation in any way, give up now. */
+    if (driver->methods->key_management == NULL) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    if (psa_get_key_slot_number(attributes, slot_number) == PSA_SUCCESS) {
+        /* The application wants to use a specific slot. Allow it if
+         * the driver supports it. On a system with isolation,
+         * the crypto service must check that the application is
+         * permitted to request this slot. */
+        psa_drv_se_validate_slot_number_t p_validate_slot_number =
+            driver->methods->key_management->p_validate_slot_number;
+        if (p_validate_slot_number == NULL) {
+            return PSA_ERROR_NOT_SUPPORTED;
+        }
+        status = p_validate_slot_number(&driver->u.context,
+                                        driver->u.internal.persistent_data,
+                                        attributes, method,
+                                        *slot_number);
+    } else if (method == PSA_KEY_CREATION_REGISTER) {
+        /* The application didn't specify a slot number. This doesn't
+         * make sense when registering a slot. */
+        return PSA_ERROR_INVALID_ARGUMENT;
+    } else {
+        /* The application didn't tell us which slot to use. Let the driver
+         * choose. This is the normal case. */
+        psa_drv_se_allocate_key_t p_allocate =
+            driver->methods->key_management->p_allocate;
+        if (p_allocate == NULL) {
+            return PSA_ERROR_NOT_SUPPORTED;
+        }
+        status = p_allocate(&driver->u.context,
+                            driver->u.internal.persistent_data,
+                            attributes, method,
+                            slot_number);
+    }
+    return status;
+}
+
+psa_status_t psa_destroy_se_key(psa_se_drv_table_entry_t *driver,
+                                psa_key_slot_number_t slot_number)
+{
+    psa_status_t status;
+    psa_status_t storage_status;
+    /* Normally a missing method would mean that the action is not
+     * supported. But psa_destroy_key() is not supposed to return
+     * PSA_ERROR_NOT_SUPPORTED: if you can create a key, you should
+     * be able to destroy it. The only use case for a driver that
+     * does not have a way to destroy keys at all is if the keys are
+     * locked in a read-only state: we can use the keys but not
+     * destroy them. Hence, if the driver doesn't support destroying
+     * keys, it's really a lack of permission. */
+    if (driver->methods->key_management == NULL ||
+        driver->methods->key_management->p_destroy == NULL) {
+        return PSA_ERROR_NOT_PERMITTED;
+    }
+    status = driver->methods->key_management->p_destroy(
+        &driver->u.context,
+        driver->u.internal.persistent_data,
+        slot_number);
+    storage_status = psa_save_se_persistent_data(driver);
+    return status == PSA_SUCCESS ? storage_status : status;
+}
+
+psa_status_t psa_init_all_se_drivers(void)
+{
+    size_t i;
+    for (i = 0; i < PSA_MAX_SE_DRIVERS; i++) {
+        psa_se_drv_table_entry_t *driver = &driver_table[i];
+        if (driver->location == 0) {
+            continue; /* skipping unused entry */
+        }
+        const psa_drv_se_t *methods = psa_get_se_driver_methods(driver);
+        if (methods->p_init != NULL) {
+            psa_status_t status = methods->p_init(
+                &driver->u.context,
+                driver->u.internal.persistent_data,
+                driver->location);
+            if (status != PSA_SUCCESS) {
+                return status;
+            }
+            status = psa_save_se_persistent_data(driver);
+            if (status != PSA_SUCCESS) {
+                return status;
+            }
+        }
+    }
+    return PSA_SUCCESS;
+}
+
+
+
+/****************************************************************/
+/* Driver registration */
+/****************************************************************/
+
+psa_status_t psa_register_se_driver(
+    psa_key_location_t location,
+    const psa_drv_se_t *methods)
+{
+    size_t i;
+    psa_status_t status;
+
+    if (methods->hal_version != PSA_DRV_SE_HAL_VERSION) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+    /* Driver table entries are 0-initialized. 0 is not a valid driver
+     * location because it means a transparent key. */
+    MBEDTLS_STATIC_ASSERT(PSA_KEY_LOCATION_LOCAL_STORAGE == 0,
+                          "Secure element support requires 0 to mean a local key");
+    if (location == PSA_KEY_LOCATION_LOCAL_STORAGE) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+    if (location > PSA_MAX_SE_LOCATION) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    for (i = 0; i < PSA_MAX_SE_DRIVERS; i++) {
+        if (driver_table[i].location == 0) {
+            break;
+        }
+        /* Check that location isn't already in use up to the first free
+         * entry. Since entries are created in order and never deleted,
+         * there can't be a used entry after the first free entry. */
+        if (driver_table[i].location == location) {
+            return PSA_ERROR_ALREADY_EXISTS;
+        }
+    }
+    if (i == PSA_MAX_SE_DRIVERS) {
+        return PSA_ERROR_INSUFFICIENT_MEMORY;
+    }
+
+    driver_table[i].location = location;
+    driver_table[i].methods = methods;
+    driver_table[i].u.internal.persistent_data_size =
+        methods->persistent_data_size;
+
+    if (methods->persistent_data_size != 0) {
+        driver_table[i].u.internal.persistent_data =
+            mbedtls_calloc(1, methods->persistent_data_size);
+        if (driver_table[i].u.internal.persistent_data == NULL) {
+            status = PSA_ERROR_INSUFFICIENT_MEMORY;
+            goto error;
+        }
+        /* Load the driver's persistent data. On first use, the persistent
+         * data does not exist in storage, and is initialized to
+         * all-bits-zero by the calloc call just above. */
+        status = psa_load_se_persistent_data(&driver_table[i]);
+        if (status != PSA_SUCCESS && status != PSA_ERROR_DOES_NOT_EXIST) {
+            goto error;
+        }
+    }
+
+    return PSA_SUCCESS;
+
+error:
+    memset(&driver_table[i], 0, sizeof(driver_table[i]));
+    return status;
+}
+
+void psa_unregister_all_se_drivers(void)
+{
+    size_t i;
+    for (i = 0; i < PSA_MAX_SE_DRIVERS; i++) {
+        if (driver_table[i].u.internal.persistent_data != NULL) {
+            mbedtls_free(driver_table[i].u.internal.persistent_data);
+        }
+    }
+    memset(driver_table, 0, sizeof(driver_table));
+}
+
+
+
+/****************************************************************/
+/* The end */
+/****************************************************************/
+
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/psa_crypto_se.h b/3rdparty/mbedtls-2.28.7/library/psa_crypto_se.h
similarity index 77%
rename from 3rdparty/mbedtls-2.25.0/library/psa_crypto_se.h
rename to 3rdparty/mbedtls-2.28.7/library/psa_crypto_se.h
index 67fadf8..14a7000 100644
--- a/3rdparty/mbedtls-2.25.0/library/psa_crypto_se.h
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_se.h
@@ -3,19 +3,7 @@
  */
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #ifndef PSA_CRYPTO_SE_H
@@ -51,7 +39,7 @@
  * actually not used since it corresponds to #PSA_KEY_LOCATION_LOCAL_STORAGE
  * which doesn't have a driver.
  */
-#define PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE ( (psa_key_id_t) 0xfffffe00 )
+#define PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE ((psa_key_id_t) 0xfffffe00)
 
 /** The maximum number of registered secure element driver locations. */
 #define PSA_MAX_SE_DRIVERS 4
@@ -62,13 +50,13 @@
  *          state. This function is only intended to be called at the end
  *          of mbedtls_psa_crypto_free().
  */
-void psa_unregister_all_se_drivers( void );
+void psa_unregister_all_se_drivers(void);
 
 /** Initialize all secure element drivers.
  *
  * Called from psa_crypto_init().
  */
-psa_status_t psa_init_all_se_drivers( void );
+psa_status_t psa_init_all_se_drivers(void);
 
 /** A structure that describes a registered secure element driver.
  *
@@ -93,9 +81,9 @@ typedef struct psa_se_drv_table_entry_s psa_se_drv_table_entry_t;
  * \retval 0
  *         \p lifetime does not correspond to a registered driver.
  */
-int psa_get_se_driver( psa_key_lifetime_t lifetime,
-                       const psa_drv_se_t **p_methods,
-                       psa_drv_se_context_t **p_drv_context);
+int psa_get_se_driver(psa_key_lifetime_t lifetime,
+                      const psa_drv_se_t **p_methods,
+                      psa_drv_se_context_t **p_drv_context);
 
 /** Return the secure element driver table entry for a lifetime value.
  *
@@ -105,7 +93,7 @@ int psa_get_se_driver( psa_key_lifetime_t lifetime,
  *         \p NULL if \p lifetime does not correspond to a registered driver.
  */
 psa_se_drv_table_entry_t *psa_get_se_driver_entry(
-    psa_key_lifetime_t lifetime );
+    psa_key_lifetime_t lifetime);
 
 /** Return the method table for a secure element driver.
  *
@@ -115,7 +103,7 @@ psa_se_drv_table_entry_t *psa_get_se_driver_entry(
  *         \c NULL if \p driver is \c NULL.
  */
 const psa_drv_se_t *psa_get_se_driver_methods(
-    const psa_se_drv_table_entry_t *driver );
+    const psa_se_drv_table_entry_t *driver);
 
 /** Return the context of a secure element driver.
  *
@@ -125,7 +113,7 @@ const psa_drv_se_t *psa_get_se_driver_methods(
  *         \c NULL if \p driver is \c NULL.
  */
 psa_drv_se_context_t *psa_get_se_driver_context(
-    psa_se_drv_table_entry_t *driver );
+    psa_se_drv_table_entry_t *driver);
 
 /** Find a free slot for a key that is to be created.
  *
@@ -141,31 +129,46 @@ psa_status_t psa_find_se_slot_for_key(
     const psa_key_attributes_t *attributes,
     psa_key_creation_method_t method,
     psa_se_drv_table_entry_t *driver,
-    psa_key_slot_number_t *slot_number );
+    psa_key_slot_number_t *slot_number);
 
-/** Destoy a key in a secure element.
+/** Destroy a key in a secure element.
  *
  * This function calls the relevant driver method to destroy a key
  * and updates the driver's persistent data.
  */
-psa_status_t psa_destroy_se_key( psa_se_drv_table_entry_t *driver,
-                                 psa_key_slot_number_t slot_number );
+psa_status_t psa_destroy_se_key(psa_se_drv_table_entry_t *driver,
+                                psa_key_slot_number_t slot_number);
 
 /** Load the persistent data of a secure element driver.
  *
  * \param driver        The driver table entry containing the persistent
  *                      data to load from storage.
+ *
+ * \return #PSA_SUCCESS
+ * \return #PSA_ERROR_NOT_SUPPORTED
+ * \return #PSA_ERROR_DOES_NOT_EXIST
+ * \return #PSA_ERROR_STORAGE_FAILURE
+ * \return #PSA_ERROR_DATA_CORRUPT
+ * \return #PSA_ERROR_INVALID_ARGUMENT
  */
 psa_status_t psa_load_se_persistent_data(
-    const psa_se_drv_table_entry_t *driver );
+    const psa_se_drv_table_entry_t *driver);
 
 /** Save the persistent data of a secure element driver.
  *
  * \param[in] driver    The driver table entry containing the persistent
  *                      data to save to storage.
+ *
+ * \return #PSA_SUCCESS
+ * \return #PSA_ERROR_NOT_SUPPORTED
+ * \return #PSA_ERROR_NOT_PERMITTED
+ * \return #PSA_ERROR_NOT_SUPPORTED
+ * \return #PSA_ERROR_INSUFFICIENT_STORAGE
+ * \return #PSA_ERROR_STORAGE_FAILURE
+ * \return #PSA_ERROR_INVALID_ARGUMENT
  */
 psa_status_t psa_save_se_persistent_data(
-    const psa_se_drv_table_entry_t *driver );
+    const psa_se_drv_table_entry_t *driver);
 
 /** Destroy the persistent data of a secure element driver.
  *
@@ -174,14 +177,13 @@ psa_status_t psa_save_se_persistent_data(
  * \param[in] location  The location identifier for the driver whose
  *                      persistent data is to be erased.
  */
-psa_status_t psa_destroy_se_persistent_data( psa_key_location_t location );
+psa_status_t psa_destroy_se_persistent_data(psa_key_location_t location);
 
 
 /** The storage representation of a key whose data is in a secure element.
  */
-typedef struct
-{
-    uint8_t slot_number[sizeof( psa_key_slot_number_t )];
+typedef struct {
+    uint8_t slot_number[sizeof(psa_key_slot_number_t)];
 } psa_se_key_data_storage_t;
 
 #endif /* PSA_CRYPTO_SE_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_slot_management.c b/3rdparty/mbedtls-2.28.7/library/psa_crypto_slot_management.c
new file mode 100644
index 0000000..b79c713
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_slot_management.c
@@ -0,0 +1,569 @@
+/*
+ *  PSA crypto layer on top of Mbed TLS crypto
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include "psa/crypto.h"
+
+#include "psa_crypto_core.h"
+#include "psa_crypto_driver_wrappers.h"
+#include "psa_crypto_slot_management.h"
+#include "psa_crypto_storage.h"
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+#include "psa_crypto_se.h"
+#endif
+
+#include <stdlib.h>
+#include <string.h>
+#include "mbedtls/platform.h"
+
+#define ARRAY_LENGTH(array) (sizeof(array) / sizeof(*(array)))
+
+typedef struct {
+    psa_key_slot_t key_slots[MBEDTLS_PSA_KEY_SLOT_COUNT];
+    unsigned key_slots_initialized : 1;
+} psa_global_data_t;
+
+static psa_global_data_t global_data;
+
+int psa_is_valid_key_id(mbedtls_svc_key_id_t key, int vendor_ok)
+{
+    psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key);
+
+    if ((PSA_KEY_ID_USER_MIN <= key_id) &&
+        (key_id <= PSA_KEY_ID_USER_MAX)) {
+        return 1;
+    }
+
+    if (vendor_ok &&
+        (PSA_KEY_ID_VENDOR_MIN <= key_id) &&
+        (key_id <= PSA_KEY_ID_VENDOR_MAX)) {
+        return 1;
+    }
+
+    return 0;
+}
+
+/** Get the description in memory of a key given its identifier and lock it.
+ *
+ * The descriptions of volatile keys and loaded persistent keys are
+ * stored in key slots. This function returns a pointer to the key slot
+ * containing the description of a key given its identifier.
+ *
+ * The function searches the key slots containing the description of the key
+ * with \p key identifier. The function does only read accesses to the key
+ * slots. The function does not load any persistent key thus does not access
+ * any storage.
+ *
+ * For volatile key identifiers, only one key slot is queried as a volatile
+ * key with identifier key_id can only be stored in slot of index
+ * ( key_id - #PSA_KEY_ID_VOLATILE_MIN ).
+ *
+ * On success, the function locks the key slot. It is the responsibility of
+ * the caller to unlock the key slot when it does not access it anymore.
+ *
+ * \param key           Key identifier to query.
+ * \param[out] p_slot   On success, `*p_slot` contains a pointer to the
+ *                      key slot containing the description of the key
+ *                      identified by \p key.
+ *
+ * \retval #PSA_SUCCESS
+ *         The pointer to the key slot containing the description of the key
+ *         identified by \p key was returned.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ *         \p key is not a valid key identifier.
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ *         There is no key with key identifier \p key in the key slots.
+ */
+static psa_status_t psa_get_and_lock_key_slot_in_memory(
+    mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key);
+    size_t slot_idx;
+    psa_key_slot_t *slot = NULL;
+
+    if (psa_key_id_is_volatile(key_id)) {
+        slot = &global_data.key_slots[key_id - PSA_KEY_ID_VOLATILE_MIN];
+
+        /*
+         * Check if both the PSA key identifier key_id and the owner
+         * identifier of key match those of the key slot.
+         *
+         * Note that, if the key slot is not occupied, its PSA key identifier
+         * is equal to zero. This is an invalid value for a PSA key identifier
+         * and thus cannot be equal to the valid PSA key identifier key_id.
+         */
+        status = mbedtls_svc_key_id_equal(key, slot->attr.id) ?
+                 PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST;
+    } else {
+        if (!psa_is_valid_key_id(key, 1)) {
+            return PSA_ERROR_INVALID_HANDLE;
+        }
+
+        for (slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++) {
+            slot = &global_data.key_slots[slot_idx];
+            if (mbedtls_svc_key_id_equal(key, slot->attr.id)) {
+                break;
+            }
+        }
+        status = (slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT) ?
+                 PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST;
+    }
+
+    if (status == PSA_SUCCESS) {
+        status = psa_lock_key_slot(slot);
+        if (status == PSA_SUCCESS) {
+            *p_slot = slot;
+        }
+    }
+
+    return status;
+}
+
+psa_status_t psa_initialize_key_slots(void)
+{
+    /* Nothing to do: program startup and psa_wipe_all_key_slots() both
+     * guarantee that the key slots are initialized to all-zero, which
+     * means that all the key slots are in a valid, empty state. */
+    global_data.key_slots_initialized = 1;
+    return PSA_SUCCESS;
+}
+
+void psa_wipe_all_key_slots(void)
+{
+    size_t slot_idx;
+
+    for (slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++) {
+        psa_key_slot_t *slot = &global_data.key_slots[slot_idx];
+        slot->lock_count = 1;
+        (void) psa_wipe_key_slot(slot);
+    }
+    global_data.key_slots_initialized = 0;
+}
+
+psa_status_t psa_get_empty_key_slot(psa_key_id_t *volatile_key_id,
+                                    psa_key_slot_t **p_slot)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    size_t slot_idx;
+    psa_key_slot_t *selected_slot, *unlocked_persistent_key_slot;
+
+    if (!global_data.key_slots_initialized) {
+        status = PSA_ERROR_BAD_STATE;
+        goto error;
+    }
+
+    selected_slot = unlocked_persistent_key_slot = NULL;
+    for (slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++) {
+        psa_key_slot_t *slot = &global_data.key_slots[slot_idx];
+        if (!psa_is_key_slot_occupied(slot)) {
+            selected_slot = slot;
+            break;
+        }
+
+        if ((unlocked_persistent_key_slot == NULL) &&
+            (!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) &&
+            (!psa_is_key_slot_locked(slot))) {
+            unlocked_persistent_key_slot = slot;
+        }
+    }
+
+    /*
+     * If there is no unused key slot and there is at least one unlocked key
+     * slot containing the description of a persistent key, recycle the first
+     * such key slot we encountered. If we later need to operate on the
+     * persistent key we are evicting now, we will reload its description from
+     * storage.
+     */
+    if ((selected_slot == NULL) &&
+        (unlocked_persistent_key_slot != NULL)) {
+        selected_slot = unlocked_persistent_key_slot;
+        selected_slot->lock_count = 1;
+        psa_wipe_key_slot(selected_slot);
+    }
+
+    if (selected_slot != NULL) {
+        status = psa_lock_key_slot(selected_slot);
+        if (status != PSA_SUCCESS) {
+            goto error;
+        }
+
+        *volatile_key_id = PSA_KEY_ID_VOLATILE_MIN +
+                           ((psa_key_id_t) (selected_slot - global_data.key_slots));
+        *p_slot = selected_slot;
+
+        return PSA_SUCCESS;
+    }
+    status = PSA_ERROR_INSUFFICIENT_MEMORY;
+
+error:
+    *p_slot = NULL;
+    *volatile_key_id = 0;
+
+    return status;
+}
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+static psa_status_t psa_load_persistent_key_into_slot(psa_key_slot_t *slot)
+{
+    psa_status_t status = PSA_SUCCESS;
+    uint8_t *key_data = NULL;
+    size_t key_data_length = 0;
+
+    status = psa_load_persistent_key(&slot->attr,
+                                     &key_data, &key_data_length);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    /* Special handling is required for loading keys associated with a
+     * dynamically registered SE interface. */
+    const psa_drv_se_t *drv;
+    psa_drv_se_context_t *drv_context;
+    if (psa_get_se_driver(slot->attr.lifetime, &drv, &drv_context)) {
+        psa_se_key_data_storage_t *data;
+
+        if (key_data_length != sizeof(*data)) {
+            status = PSA_ERROR_DATA_INVALID;
+            goto exit;
+        }
+        data = (psa_se_key_data_storage_t *) key_data;
+        status = psa_copy_key_material_into_slot(
+            slot, data->slot_number, sizeof(data->slot_number));
+        goto exit;
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+    status = psa_copy_key_material_into_slot(slot, key_data, key_data_length);
+
+exit:
+    psa_free_persistent_key_data(key_data, key_data_length);
+    return status;
+}
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+
+#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
+
+static psa_status_t psa_load_builtin_key_into_slot(psa_key_slot_t *slot)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_lifetime_t lifetime = PSA_KEY_LIFETIME_VOLATILE;
+    psa_drv_slot_number_t slot_number = 0;
+    size_t key_buffer_size = 0;
+    size_t key_buffer_length = 0;
+
+    if (!psa_key_id_is_builtin(
+            MBEDTLS_SVC_KEY_ID_GET_KEY_ID(slot->attr.id))) {
+        return PSA_ERROR_DOES_NOT_EXIST;
+    }
+
+    /* Check the platform function to see whether this key actually exists */
+    status = mbedtls_psa_platform_get_builtin_key(
+        slot->attr.id, &lifetime, &slot_number);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    /* Set required key attributes to ensure get_builtin_key can retrieve the
+     * full attributes. */
+    psa_set_key_id(&attributes, slot->attr.id);
+    psa_set_key_lifetime(&attributes, lifetime);
+
+    /* Get the full key attributes from the driver in order to be able to
+     * calculate the required buffer size. */
+    status = psa_driver_wrapper_get_builtin_key(
+        slot_number, &attributes,
+        NULL, 0, NULL);
+    if (status != PSA_ERROR_BUFFER_TOO_SMALL) {
+        /* Builtin keys cannot be defined by the attributes alone */
+        if (status == PSA_SUCCESS) {
+            status = PSA_ERROR_CORRUPTION_DETECTED;
+        }
+        return status;
+    }
+
+    /* If the key should exist according to the platform, then ask the driver
+     * what its expected size is. */
+    status = psa_driver_wrapper_get_key_buffer_size(&attributes,
+                                                    &key_buffer_size);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    /* Allocate a buffer of the required size and load the builtin key directly
+     * into the (now properly sized) slot buffer. */
+    status = psa_allocate_buffer_to_slot(slot, key_buffer_size);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    status = psa_driver_wrapper_get_builtin_key(
+        slot_number, &attributes,
+        slot->key.data, slot->key.bytes, &key_buffer_length);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    /* Copy actual key length and core attributes into the slot on success */
+    slot->key.bytes = key_buffer_length;
+    slot->attr = attributes.core;
+
+exit:
+    if (status != PSA_SUCCESS) {
+        psa_remove_key_data_from_memory(slot);
+    }
+    return status;
+}
+#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+
+psa_status_t psa_get_and_lock_key_slot(mbedtls_svc_key_id_t key,
+                                       psa_key_slot_t **p_slot)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+    *p_slot = NULL;
+    if (!global_data.key_slots_initialized) {
+        return PSA_ERROR_BAD_STATE;
+    }
+
+    /*
+     * On success, the pointer to the slot is passed directly to the caller
+     * thus no need to unlock the key slot here.
+     */
+    status = psa_get_and_lock_key_slot_in_memory(key, p_slot);
+    if (status != PSA_ERROR_DOES_NOT_EXIST) {
+        return status;
+    }
+
+    /* Loading keys from storage requires support for such a mechanism */
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) || \
+    defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
+    psa_key_id_t volatile_key_id;
+
+    status = psa_get_empty_key_slot(&volatile_key_id, p_slot);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    (*p_slot)->attr.id = key;
+    (*p_slot)->attr.lifetime = PSA_KEY_LIFETIME_PERSISTENT;
+
+    status = PSA_ERROR_DOES_NOT_EXIST;
+#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
+    /* Load keys in the 'builtin' range through their own interface */
+    status = psa_load_builtin_key_into_slot(*p_slot);
+#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+    if (status == PSA_ERROR_DOES_NOT_EXIST) {
+        status = psa_load_persistent_key_into_slot(*p_slot);
+    }
+#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
+
+    if (status != PSA_SUCCESS) {
+        psa_wipe_key_slot(*p_slot);
+        if (status == PSA_ERROR_DOES_NOT_EXIST) {
+            status = PSA_ERROR_INVALID_HANDLE;
+        }
+    } else {
+        /* Add implicit usage flags. */
+        psa_extend_key_usage_flags(&(*p_slot)->attr.policy.usage);
+    }
+
+    return status;
+#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+    return PSA_ERROR_INVALID_HANDLE;
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+}
+
+psa_status_t psa_unlock_key_slot(psa_key_slot_t *slot)
+{
+    if (slot == NULL) {
+        return PSA_SUCCESS;
+    }
+
+    if (slot->lock_count > 0) {
+        slot->lock_count--;
+        return PSA_SUCCESS;
+    }
+
+    /*
+     * As the return error code may not be handled in case of multiple errors,
+     * do our best to report if the lock counter is equal to zero: if
+     * available call MBEDTLS_PARAM_FAILED that may terminate execution (if
+     * called as part of the execution of a unit test suite this will stop the
+     * test suite execution).
+     */
+#ifdef MBEDTLS_CHECK_PARAMS
+    MBEDTLS_PARAM_FAILED(slot->lock_count > 0);
+#endif
+
+    return PSA_ERROR_CORRUPTION_DETECTED;
+}
+
+psa_status_t psa_validate_key_location(psa_key_lifetime_t lifetime,
+                                       psa_se_drv_table_entry_t **p_drv)
+{
+    if (psa_key_lifetime_is_external(lifetime)) {
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+        /* Check whether a driver is registered against this lifetime */
+        psa_se_drv_table_entry_t *driver = psa_get_se_driver_entry(lifetime);
+        if (driver != NULL) {
+            if (p_drv != NULL) {
+                *p_drv = driver;
+            }
+            return PSA_SUCCESS;
+        }
+#else /* MBEDTLS_PSA_CRYPTO_SE_C */
+        (void) p_drv;
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
+        /* Key location for external keys gets checked by the wrapper */
+        return PSA_SUCCESS;
+#else /* MBEDTLS_PSA_CRYPTO_DRIVERS */
+        /* No support for external lifetimes at all, or dynamic interface
+         * did not find driver for requested lifetime. */
+        return PSA_ERROR_INVALID_ARGUMENT;
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */
+    } else {
+        /* Local/internal keys are always valid */
+        return PSA_SUCCESS;
+    }
+}
+
+psa_status_t psa_validate_key_persistence(psa_key_lifetime_t lifetime)
+{
+    if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
+        /* Volatile keys are always supported */
+        return PSA_SUCCESS;
+    } else {
+        /* Persistent keys require storage support */
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+        if (PSA_KEY_LIFETIME_IS_READ_ONLY(lifetime)) {
+            return PSA_ERROR_INVALID_ARGUMENT;
+        } else {
+            return PSA_SUCCESS;
+        }
+#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+        return PSA_ERROR_NOT_SUPPORTED;
+#endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */
+    }
+}
+
+psa_status_t psa_open_key(mbedtls_svc_key_id_t key, psa_key_handle_t *handle)
+{
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) || \
+    defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
+    psa_status_t status;
+    psa_key_slot_t *slot;
+
+    status = psa_get_and_lock_key_slot(key, &slot);
+    if (status != PSA_SUCCESS) {
+        *handle = PSA_KEY_HANDLE_INIT;
+        if (status == PSA_ERROR_INVALID_HANDLE) {
+            status = PSA_ERROR_DOES_NOT_EXIST;
+        }
+
+        return status;
+    }
+
+    *handle = key;
+
+    return psa_unlock_key_slot(slot);
+
+#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+    (void) key;
+    *handle = PSA_KEY_HANDLE_INIT;
+    return PSA_ERROR_NOT_SUPPORTED;
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+}
+
+psa_status_t psa_close_key(psa_key_handle_t handle)
+{
+    psa_status_t status;
+    psa_key_slot_t *slot;
+
+    if (psa_key_handle_is_null(handle)) {
+        return PSA_SUCCESS;
+    }
+
+    status = psa_get_and_lock_key_slot_in_memory(handle, &slot);
+    if (status != PSA_SUCCESS) {
+        if (status == PSA_ERROR_DOES_NOT_EXIST) {
+            status = PSA_ERROR_INVALID_HANDLE;
+        }
+
+        return status;
+    }
+    if (slot->lock_count <= 1) {
+        return psa_wipe_key_slot(slot);
+    } else {
+        return psa_unlock_key_slot(slot);
+    }
+}
+
+psa_status_t psa_purge_key(mbedtls_svc_key_id_t key)
+{
+    psa_status_t status;
+    psa_key_slot_t *slot;
+
+    status = psa_get_and_lock_key_slot_in_memory(key, &slot);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    if ((!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) &&
+        (slot->lock_count <= 1)) {
+        return psa_wipe_key_slot(slot);
+    } else {
+        return psa_unlock_key_slot(slot);
+    }
+}
+
+void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats)
+{
+    size_t slot_idx;
+
+    memset(stats, 0, sizeof(*stats));
+
+    for (slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++) {
+        const psa_key_slot_t *slot = &global_data.key_slots[slot_idx];
+        if (psa_is_key_slot_locked(slot)) {
+            ++stats->locked_slots;
+        }
+        if (!psa_is_key_slot_occupied(slot)) {
+            ++stats->empty_slots;
+            continue;
+        }
+        if (PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) {
+            ++stats->volatile_slots;
+        } else {
+            psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(slot->attr.id);
+            ++stats->persistent_slots;
+            if (id > stats->max_open_internal_key_id) {
+                stats->max_open_internal_key_id = id;
+            }
+        }
+        if (PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime) !=
+            PSA_KEY_LOCATION_LOCAL_STORAGE) {
+            psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(slot->attr.id);
+            ++stats->external_slots;
+            if (id > stats->max_open_external_key_id) {
+                stats->max_open_external_key_id = id;
+            }
+        }
+    }
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_slot_management.h b/3rdparty/mbedtls-2.28.7/library/psa_crypto_slot_management.h
new file mode 100644
index 0000000..6041a35
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_slot_management.h
@@ -0,0 +1,213 @@
+/*
+ *  PSA crypto layer on top of Mbed TLS crypto
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_SLOT_MANAGEMENT_H
+#define PSA_CRYPTO_SLOT_MANAGEMENT_H
+
+#include "psa/crypto.h"
+#include "psa_crypto_core.h"
+#include "psa_crypto_se.h"
+
+/** Range of volatile key identifiers.
+ *
+ *  The last #MBEDTLS_PSA_KEY_SLOT_COUNT identifiers of the implementation
+ *  range of key identifiers are reserved for volatile key identifiers.
+ *  A volatile key identifier is equal to #PSA_KEY_ID_VOLATILE_MIN plus the
+ *  index of the key slot containing the volatile key definition.
+ */
+
+/** The minimum value for a volatile key identifier.
+ */
+#define PSA_KEY_ID_VOLATILE_MIN  (PSA_KEY_ID_VENDOR_MAX - \
+                                  MBEDTLS_PSA_KEY_SLOT_COUNT + 1)
+
+/** The maximum value for a volatile key identifier.
+ */
+#define PSA_KEY_ID_VOLATILE_MAX  PSA_KEY_ID_VENDOR_MAX
+
+/** Test whether a key identifier is a volatile key identifier.
+ *
+ * \param key_id  Key identifier to test.
+ *
+ * \retval 1
+ *         The key identifier is a volatile key identifier.
+ * \retval 0
+ *         The key identifier is not a volatile key identifier.
+ */
+static inline int psa_key_id_is_volatile(psa_key_id_t key_id)
+{
+    return (key_id >= PSA_KEY_ID_VOLATILE_MIN) &&
+           (key_id <= PSA_KEY_ID_VOLATILE_MAX);
+}
+
+/** Get the description of a key given its identifier and lock it.
+ *
+ * The descriptions of volatile keys and loaded persistent keys are stored in
+ * key slots. This function returns a pointer to the key slot containing the
+ * description of a key given its identifier.
+ *
+ * In case of a persistent key, the function loads the description of the key
+ * into a key slot if not already done.
+ *
+ * On success, the returned key slot is locked. It is the responsibility of
+ * the caller to unlock the key slot when it does not access it anymore.
+ *
+ * \param key           Key identifier to query.
+ * \param[out] p_slot   On success, `*p_slot` contains a pointer to the
+ *                      key slot containing the description of the key
+ *                      identified by \p key.
+ *
+ * \retval #PSA_SUCCESS
+ *         \p *p_slot contains a pointer to the key slot containing the
+ *         description of the key identified by \p key.
+ *         The key slot counter has been incremented.
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been initialized.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ *         \p key is not a valid key identifier.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ *         \p key is a persistent key identifier. The implementation does not
+ *         have sufficient resources to load the persistent key. This can be
+ *         due to a lack of empty key slot, or available memory.
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ *         There is no key with key identifier \p key.
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
+ */
+psa_status_t psa_get_and_lock_key_slot(mbedtls_svc_key_id_t key,
+                                       psa_key_slot_t **p_slot);
+
+/** Initialize the key slot structures.
+ *
+ * \retval #PSA_SUCCESS
+ *         Currently this function always succeeds.
+ */
+psa_status_t psa_initialize_key_slots(void);
+
+/** Delete all data from key slots in memory.
+ *
+ * This does not affect persistent storage. */
+void psa_wipe_all_key_slots(void);
+
+/** Find a free key slot.
+ *
+ * This function returns a key slot that is available for use and is in its
+ * ground state (all-bits-zero). On success, the key slot is locked. It is
+ * the responsibility of the caller to unlock the key slot when it does not
+ * access it anymore.
+ *
+ * \param[out] volatile_key_id   On success, volatile key identifier
+ *                               associated to the returned slot.
+ * \param[out] p_slot            On success, a pointer to the slot.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_BAD_STATE \emptydescription
+ */
+psa_status_t psa_get_empty_key_slot(psa_key_id_t *volatile_key_id,
+                                    psa_key_slot_t **p_slot);
+
+/** Lock a key slot.
+ *
+ * This function increments the key slot lock counter by one.
+ *
+ * \param[in] slot  The key slot.
+ *
+ * \retval #PSA_SUCCESS
+               The key slot lock counter was incremented.
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ *             The lock counter already reached its maximum value and was not
+ *             increased.
+ */
+static inline psa_status_t psa_lock_key_slot(psa_key_slot_t *slot)
+{
+    if (slot->lock_count >= SIZE_MAX) {
+        return PSA_ERROR_CORRUPTION_DETECTED;
+    }
+
+    slot->lock_count++;
+
+    return PSA_SUCCESS;
+}
+
+/** Unlock a key slot.
+ *
+ * This function decrements the key slot lock counter by one.
+ *
+ * \note To ease the handling of errors in retrieving a key slot
+ *       a NULL input pointer is valid, and the function returns
+ *       successfully without doing anything in that case.
+ *
+ * \param[in] slot  The key slot.
+ * \retval #PSA_SUCCESS
+ *             \p slot is NULL or the key slot lock counter has been
+ *             decremented successfully.
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ *             The lock counter was equal to 0.
+ *
+ */
+psa_status_t psa_unlock_key_slot(psa_key_slot_t *slot);
+
+/** Test whether a lifetime designates a key in an external cryptoprocessor.
+ *
+ * \param lifetime      The lifetime to test.
+ *
+ * \retval 1
+ *         The lifetime designates an external key. There should be a
+ *         registered driver for this lifetime, otherwise the key cannot
+ *         be created or manipulated.
+ * \retval 0
+ *         The lifetime designates a key that is volatile or in internal
+ *         storage.
+ */
+static inline int psa_key_lifetime_is_external(psa_key_lifetime_t lifetime)
+{
+    return PSA_KEY_LIFETIME_GET_LOCATION(lifetime)
+           != PSA_KEY_LOCATION_LOCAL_STORAGE;
+}
+
+/** Validate a key's location.
+ *
+ * This function checks whether the key's attributes point to a location that
+ * is known to the PSA Core, and returns the driver function table if the key
+ * is to be found in an external location.
+ *
+ * \param[in] lifetime      The key lifetime attribute.
+ * \param[out] p_drv        On success, when a key is located in external
+ *                          storage, returns a pointer to the driver table
+ *                          associated with the key's storage location.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
+ */
+psa_status_t psa_validate_key_location(psa_key_lifetime_t lifetime,
+                                       psa_se_drv_table_entry_t **p_drv);
+
+/** Validate the persistence of a key.
+ *
+ * \param[in] lifetime  The key lifetime attribute.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_NOT_SUPPORTED The key is persistent but persistent keys
+ *             are not supported.
+ */
+psa_status_t psa_validate_key_persistence(psa_key_lifetime_t lifetime);
+
+/** Validate a key identifier.
+ *
+ * \param[in] key           The key identifier.
+ * \param[in] vendor_ok     Non-zero to indicate that key identifiers in the
+ *                          vendor range are allowed, volatile key identifiers
+ *                          excepted \c 0 otherwise.
+ *
+ * \retval <> 0 if the key identifier is valid, 0 otherwise.
+ */
+int psa_is_valid_key_id(mbedtls_svc_key_id_t key, int vendor_ok);
+
+#endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_storage.c b/3rdparty/mbedtls-2.28.7/library/psa_crypto_storage.c
new file mode 100644
index 0000000..a0e40c8
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_storage.c
@@ -0,0 +1,484 @@
+/*
+ *  PSA persistent key storage
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+
+#include <stdlib.h>
+#include <string.h>
+
+#include "psa/crypto.h"
+#include "psa_crypto_storage.h"
+#include "mbedtls/platform_util.h"
+
+#if defined(MBEDTLS_PSA_ITS_FILE_C)
+#include "psa_crypto_its.h"
+#else /* Native ITS implementation */
+#include "psa/error.h"
+#include "psa/internal_trusted_storage.h"
+#endif
+
+#include "mbedtls/platform.h"
+
+/****************************************************************/
+/* Key storage */
+/****************************************************************/
+
+/* Determine a file name (ITS file identifier) for the given key identifier.
+ * The file name must be distinct from any file that is used for a purpose
+ * other than storing a key. Currently, the only such file is the random seed
+ * file whose name is PSA_CRYPTO_ITS_RANDOM_SEED_UID and whose value is
+ * 0xFFFFFF52. */
+static psa_storage_uid_t psa_its_identifier_of_slot(mbedtls_svc_key_id_t key)
+{
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+    /* Encode the owner in the upper 32 bits. This means that if
+     * owner values are nonzero (as they are on a PSA platform),
+     * no key file will ever have a value less than 0x100000000, so
+     * the whole range 0..0xffffffff is available for non-key files. */
+    uint32_t unsigned_owner_id = MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(key);
+    return ((uint64_t) unsigned_owner_id << 32) |
+           MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key);
+#else
+    /* Use the key id directly as a file name.
+     * psa_is_key_id_valid() in psa_crypto_slot_management.c
+     * is responsible for ensuring that key identifiers do not have a
+     * value that is reserved for non-key files. */
+    return key;
+#endif
+}
+
+/**
+ * \brief Load persistent data for the given key slot number.
+ *
+ * This function reads data from a storage backend and returns the data in a
+ * buffer.
+ *
+ * \param key               Persistent identifier of the key to be loaded. This
+ *                          should be an occupied storage location.
+ * \param[out] data         Buffer where the data is to be written.
+ * \param data_size         Size of the \c data buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_DATA_INVALID \emptydescription
+ * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_DOES_NOT_EXIST \emptydescription
+ */
+static psa_status_t psa_crypto_storage_load(
+    const mbedtls_svc_key_id_t key, uint8_t *data, size_t data_size)
+{
+    psa_status_t status;
+    psa_storage_uid_t data_identifier = psa_its_identifier_of_slot(key);
+    struct psa_storage_info_t data_identifier_info;
+    size_t data_length = 0;
+
+    status = psa_its_get_info(data_identifier, &data_identifier_info);
+    if (status  != PSA_SUCCESS) {
+        return status;
+    }
+
+    status = psa_its_get(data_identifier, 0, (uint32_t) data_size, data, &data_length);
+    if (data_size  != data_length) {
+        return PSA_ERROR_DATA_INVALID;
+    }
+
+    return status;
+}
+
+int psa_is_key_present_in_storage(const mbedtls_svc_key_id_t key)
+{
+    psa_status_t ret;
+    psa_storage_uid_t data_identifier = psa_its_identifier_of_slot(key);
+    struct psa_storage_info_t data_identifier_info;
+
+    ret = psa_its_get_info(data_identifier, &data_identifier_info);
+
+    if (ret == PSA_ERROR_DOES_NOT_EXIST) {
+        return 0;
+    }
+    return 1;
+}
+
+/**
+ * \brief Store persistent data for the given key slot number.
+ *
+ * This function stores the given data buffer to a persistent storage.
+ *
+ * \param key           Persistent identifier of the key to be stored. This
+ *                      should be an unoccupied storage location.
+ * \param[in] data      Buffer containing the data to be stored.
+ * \param data_length   The number of bytes
+ *                      that make up the data.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription
+ * \retval #PSA_ERROR_ALREADY_EXISTS \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_DATA_INVALID \emptydescription
+ */
+static psa_status_t psa_crypto_storage_store(const mbedtls_svc_key_id_t key,
+                                             const uint8_t *data,
+                                             size_t data_length)
+{
+    psa_status_t status;
+    psa_storage_uid_t data_identifier = psa_its_identifier_of_slot(key);
+    struct psa_storage_info_t data_identifier_info;
+
+    if (psa_is_key_present_in_storage(key) == 1) {
+        return PSA_ERROR_ALREADY_EXISTS;
+    }
+
+    status = psa_its_set(data_identifier, (uint32_t) data_length, data, 0);
+    if (status != PSA_SUCCESS) {
+        return PSA_ERROR_DATA_INVALID;
+    }
+
+    status = psa_its_get_info(data_identifier, &data_identifier_info);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    if (data_identifier_info.size != data_length) {
+        status = PSA_ERROR_DATA_INVALID;
+        goto exit;
+    }
+
+exit:
+    if (status != PSA_SUCCESS) {
+        /* Remove the file in case we managed to create it but something
+         * went wrong. It's ok if the file doesn't exist. If the file exists
+         * but the removal fails, we're already reporting an error so there's
+         * nothing else we can do. */
+        (void) psa_its_remove(data_identifier);
+    }
+    return status;
+}
+
+psa_status_t psa_destroy_persistent_key(const mbedtls_svc_key_id_t key)
+{
+    psa_status_t ret;
+    psa_storage_uid_t data_identifier = psa_its_identifier_of_slot(key);
+    struct psa_storage_info_t data_identifier_info;
+
+    ret = psa_its_get_info(data_identifier, &data_identifier_info);
+    if (ret == PSA_ERROR_DOES_NOT_EXIST) {
+        return PSA_SUCCESS;
+    }
+
+    if (psa_its_remove(data_identifier) != PSA_SUCCESS) {
+        return PSA_ERROR_DATA_INVALID;
+    }
+
+    ret = psa_its_get_info(data_identifier, &data_identifier_info);
+    if (ret != PSA_ERROR_DOES_NOT_EXIST) {
+        return PSA_ERROR_DATA_INVALID;
+    }
+
+    return PSA_SUCCESS;
+}
+
+/**
+ * \brief Get data length for given key slot number.
+ *
+ * \param key               Persistent identifier whose stored data length
+ *                          is to be obtained.
+ * \param[out] data_length  The number of bytes that make up the data.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_DOES_NOT_EXIST \emptydescription
+ * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
+ */
+static psa_status_t psa_crypto_storage_get_data_length(
+    const mbedtls_svc_key_id_t key,
+    size_t *data_length)
+{
+    psa_status_t status;
+    psa_storage_uid_t data_identifier = psa_its_identifier_of_slot(key);
+    struct psa_storage_info_t data_identifier_info;
+
+    status = psa_its_get_info(data_identifier, &data_identifier_info);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    *data_length = (size_t) data_identifier_info.size;
+
+    return PSA_SUCCESS;
+}
+
+/**
+ * Persistent key storage magic header.
+ */
+#define PSA_KEY_STORAGE_MAGIC_HEADER "PSA\0KEY"
+#define PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH (sizeof(PSA_KEY_STORAGE_MAGIC_HEADER))
+
+typedef struct {
+    uint8_t magic[PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH];
+    uint8_t version[4];
+    uint8_t lifetime[sizeof(psa_key_lifetime_t)];
+    uint8_t type[2];
+    uint8_t bits[2];
+    uint8_t policy[sizeof(psa_key_policy_t)];
+    uint8_t data_len[4];
+    uint8_t key_data[];
+} psa_persistent_key_storage_format;
+
+void psa_format_key_data_for_storage(const uint8_t *data,
+                                     const size_t data_length,
+                                     const psa_core_key_attributes_t *attr,
+                                     uint8_t *storage_data)
+{
+    psa_persistent_key_storage_format *storage_format =
+        (psa_persistent_key_storage_format *) storage_data;
+
+    memcpy(storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER,
+           PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH);
+    MBEDTLS_PUT_UINT32_LE(0, storage_format->version, 0);
+    MBEDTLS_PUT_UINT32_LE(attr->lifetime, storage_format->lifetime, 0);
+    MBEDTLS_PUT_UINT16_LE((uint16_t) attr->type, storage_format->type, 0);
+    MBEDTLS_PUT_UINT16_LE((uint16_t) attr->bits, storage_format->bits, 0);
+    MBEDTLS_PUT_UINT32_LE(attr->policy.usage, storage_format->policy, 0);
+    MBEDTLS_PUT_UINT32_LE(attr->policy.alg, storage_format->policy, sizeof(uint32_t));
+    MBEDTLS_PUT_UINT32_LE(attr->policy.alg2, storage_format->policy, 2 * sizeof(uint32_t));
+    MBEDTLS_PUT_UINT32_LE(data_length, storage_format->data_len, 0);
+    memcpy(storage_format->key_data, data, data_length);
+}
+
+static psa_status_t check_magic_header(const uint8_t *data)
+{
+    if (memcmp(data, PSA_KEY_STORAGE_MAGIC_HEADER,
+               PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH) != 0) {
+        return PSA_ERROR_DATA_INVALID;
+    }
+    return PSA_SUCCESS;
+}
+
+psa_status_t psa_parse_key_data_from_storage(const uint8_t *storage_data,
+                                             size_t storage_data_length,
+                                             uint8_t **key_data,
+                                             size_t *key_data_length,
+                                             psa_core_key_attributes_t *attr)
+{
+    psa_status_t status;
+    const psa_persistent_key_storage_format *storage_format =
+        (const psa_persistent_key_storage_format *) storage_data;
+    uint32_t version;
+
+    if (storage_data_length < sizeof(*storage_format)) {
+        return PSA_ERROR_DATA_INVALID;
+    }
+
+    status = check_magic_header(storage_data);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    version = MBEDTLS_GET_UINT32_LE(storage_format->version, 0);
+    if (version != 0) {
+        return PSA_ERROR_DATA_INVALID;
+    }
+
+    *key_data_length = MBEDTLS_GET_UINT32_LE(storage_format->data_len, 0);
+    if (*key_data_length > (storage_data_length - sizeof(*storage_format)) ||
+        *key_data_length > PSA_CRYPTO_MAX_STORAGE_SIZE) {
+        return PSA_ERROR_DATA_INVALID;
+    }
+
+    if (*key_data_length == 0) {
+        *key_data = NULL;
+    } else {
+        *key_data = mbedtls_calloc(1, *key_data_length);
+        if (*key_data == NULL) {
+            return PSA_ERROR_INSUFFICIENT_MEMORY;
+        }
+        memcpy(*key_data, storage_format->key_data, *key_data_length);
+    }
+
+    attr->lifetime = MBEDTLS_GET_UINT32_LE(storage_format->lifetime, 0);
+    attr->type = MBEDTLS_GET_UINT16_LE(storage_format->type, 0);
+    attr->bits = MBEDTLS_GET_UINT16_LE(storage_format->bits, 0);
+    attr->policy.usage = MBEDTLS_GET_UINT32_LE(storage_format->policy, 0);
+    attr->policy.alg = MBEDTLS_GET_UINT32_LE(storage_format->policy, sizeof(uint32_t));
+    attr->policy.alg2 = MBEDTLS_GET_UINT32_LE(storage_format->policy, 2 * sizeof(uint32_t));
+
+    return PSA_SUCCESS;
+}
+
+psa_status_t psa_save_persistent_key(const psa_core_key_attributes_t *attr,
+                                     const uint8_t *data,
+                                     const size_t data_length)
+{
+    size_t storage_data_length;
+    uint8_t *storage_data;
+    psa_status_t status;
+
+    /* All keys saved to persistent storage always have a key context */
+    if (data == NULL || data_length == 0) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+
+    if (data_length > PSA_CRYPTO_MAX_STORAGE_SIZE) {
+        return PSA_ERROR_INSUFFICIENT_STORAGE;
+    }
+    storage_data_length = data_length + sizeof(psa_persistent_key_storage_format);
+
+    storage_data = mbedtls_calloc(1, storage_data_length);
+    if (storage_data == NULL) {
+        return PSA_ERROR_INSUFFICIENT_MEMORY;
+    }
+
+    psa_format_key_data_for_storage(data, data_length, attr, storage_data);
+
+    status = psa_crypto_storage_store(attr->id,
+                                      storage_data, storage_data_length);
+
+    mbedtls_platform_zeroize(storage_data, storage_data_length);
+    mbedtls_free(storage_data);
+
+    return status;
+}
+
+void psa_free_persistent_key_data(uint8_t *key_data, size_t key_data_length)
+{
+    if (key_data != NULL) {
+        mbedtls_platform_zeroize(key_data, key_data_length);
+    }
+    mbedtls_free(key_data);
+}
+
+psa_status_t psa_load_persistent_key(psa_core_key_attributes_t *attr,
+                                     uint8_t **data,
+                                     size_t *data_length)
+{
+    psa_status_t status = PSA_SUCCESS;
+    uint8_t *loaded_data;
+    size_t storage_data_length = 0;
+    mbedtls_svc_key_id_t key = attr->id;
+
+    status = psa_crypto_storage_get_data_length(key, &storage_data_length);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    loaded_data = mbedtls_calloc(1, storage_data_length);
+
+    if (loaded_data == NULL) {
+        return PSA_ERROR_INSUFFICIENT_MEMORY;
+    }
+
+    status = psa_crypto_storage_load(key, loaded_data, storage_data_length);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    status = psa_parse_key_data_from_storage(loaded_data, storage_data_length,
+                                             data, data_length, attr);
+
+    /* All keys saved to persistent storage always have a key context */
+    if (status == PSA_SUCCESS &&
+        (*data == NULL || *data_length == 0)) {
+        status = PSA_ERROR_STORAGE_FAILURE;
+    }
+
+exit:
+    mbedtls_platform_zeroize(loaded_data, storage_data_length);
+    mbedtls_free(loaded_data);
+    return status;
+}
+
+
+
+/****************************************************************/
+/* Transactions */
+/****************************************************************/
+
+#if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS)
+
+psa_crypto_transaction_t psa_crypto_transaction;
+
+psa_status_t psa_crypto_save_transaction(void)
+{
+    struct psa_storage_info_t p_info;
+    psa_status_t status;
+    status = psa_its_get_info(PSA_CRYPTO_ITS_TRANSACTION_UID, &p_info);
+    if (status == PSA_SUCCESS) {
+        /* This shouldn't happen: we're trying to start a transaction while
+         * there is still a transaction that hasn't been replayed. */
+        return PSA_ERROR_CORRUPTION_DETECTED;
+    } else if (status != PSA_ERROR_DOES_NOT_EXIST) {
+        return status;
+    }
+    return psa_its_set(PSA_CRYPTO_ITS_TRANSACTION_UID,
+                       sizeof(psa_crypto_transaction),
+                       &psa_crypto_transaction,
+                       0);
+}
+
+psa_status_t psa_crypto_load_transaction(void)
+{
+    psa_status_t status;
+    size_t length;
+    status = psa_its_get(PSA_CRYPTO_ITS_TRANSACTION_UID, 0,
+                         sizeof(psa_crypto_transaction),
+                         &psa_crypto_transaction, &length);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+    if (length != sizeof(psa_crypto_transaction)) {
+        return PSA_ERROR_DATA_INVALID;
+    }
+    return PSA_SUCCESS;
+}
+
+psa_status_t psa_crypto_stop_transaction(void)
+{
+    psa_status_t status = psa_its_remove(PSA_CRYPTO_ITS_TRANSACTION_UID);
+    /* Whether or not updating the storage succeeded, the transaction is
+     * finished now. It's too late to go back, so zero out the in-memory
+     * data. */
+    memset(&psa_crypto_transaction, 0, sizeof(psa_crypto_transaction));
+    return status;
+}
+
+#endif /* PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS */
+
+
+
+/****************************************************************/
+/* Random generator state */
+/****************************************************************/
+
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
+psa_status_t mbedtls_psa_storage_inject_entropy(const unsigned char *seed,
+                                                size_t seed_size)
+{
+    psa_status_t status;
+    struct psa_storage_info_t p_info;
+
+    status = psa_its_get_info(PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info);
+
+    if (PSA_ERROR_DOES_NOT_EXIST == status) { /* No seed exists */
+        status = psa_its_set(PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0);
+    } else if (PSA_SUCCESS == status) {
+        /* You should not be here. Seed needs to be injected only once */
+        status = PSA_ERROR_NOT_PERMITTED;
+    }
+    return status;
+}
+#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
+
+
+
+/****************************************************************/
+/* The end */
+/****************************************************************/
+
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_crypto_storage.h b/3rdparty/mbedtls-2.28.7/library/psa_crypto_storage.h
new file mode 100644
index 0000000..b6b5e15
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_crypto_storage.h
@@ -0,0 +1,384 @@
+/**
+ * \file psa_crypto_storage.h
+ *
+ * \brief PSA cryptography module: Mbed TLS key storage
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_STORAGE_H
+#define PSA_CRYPTO_STORAGE_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "psa/crypto.h"
+#include "psa/crypto_se_driver.h"
+
+#include <stdint.h>
+#include <string.h>
+
+/* Limit the maximum key size in storage. This should have no effect
+ * since the key size is limited in memory. */
+#define PSA_CRYPTO_MAX_STORAGE_SIZE (PSA_BITS_TO_BYTES(PSA_MAX_KEY_BITS))
+/* Sanity check: a file size must fit in 32 bits. Allow a generous
+ * 64kB of metadata. */
+#if PSA_CRYPTO_MAX_STORAGE_SIZE > 0xffff0000
+#error "PSA_CRYPTO_MAX_STORAGE_SIZE > 0xffff0000"
+#endif
+
+/** The maximum permitted persistent slot number.
+ *
+ * In Mbed Crypto 0.1.0b:
+ * - Using the file backend, all key ids are ok except 0.
+ * - Using the ITS backend, all key ids are ok except 0xFFFFFF52
+ *   (#PSA_CRYPTO_ITS_RANDOM_SEED_UID) for which the file contains the
+ *   device's random seed (if this feature is enabled).
+ * - Only key ids from 1 to #MBEDTLS_PSA_KEY_SLOT_COUNT are actually used.
+ *
+ * Since we need to preserve the random seed, avoid using that key slot.
+ * Reserve a whole range of key slots just in case something else comes up.
+ *
+ * This limitation will probably become moot when we implement client
+ * separation for key storage.
+ */
+#define PSA_MAX_PERSISTENT_KEY_IDENTIFIER PSA_KEY_ID_VENDOR_MAX
+
+/**
+ * \brief Checks if persistent data is stored for the given key slot number
+ *
+ * This function checks if any key data or metadata exists for the key slot in
+ * the persistent storage.
+ *
+ * \param key           Persistent identifier to check.
+ *
+ * \retval 0
+ *         No persistent data present for slot number
+ * \retval 1
+ *         Persistent data present for slot number
+ */
+int psa_is_key_present_in_storage(const mbedtls_svc_key_id_t key);
+
+/**
+ * \brief Format key data and metadata and save to a location for given key
+ *        slot.
+ *
+ * This function formats the key data and metadata and saves it to a
+ * persistent storage backend. The storage location corresponding to the
+ * key slot must be empty, otherwise this function will fail. This function
+ * should be called after loading the key into an internal slot to ensure the
+ * persistent key is not saved into a storage location corresponding to an
+ * already occupied non-persistent key, as well as ensuring the key data is
+ * validated.
+ *
+ * Note: This function will only succeed for key buffers which are not
+ * empty. If passed a NULL pointer or zero-length, the function will fail
+ * with #PSA_ERROR_INVALID_ARGUMENT.
+ *
+ * \param[in] attr          The attributes of the key to save.
+ *                          The key identifier field in the attributes
+ *                          determines the key's location.
+ * \param[in] data          Buffer containing the key data.
+ * \param data_length       The number of bytes that make up the key data.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_ALREADY_EXISTS \emptydescription
+ * \retval #PSA_ERROR_DATA_INVALID \emptydescription
+ * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
+ */
+psa_status_t psa_save_persistent_key(const psa_core_key_attributes_t *attr,
+                                     const uint8_t *data,
+                                     const size_t data_length);
+
+/**
+ * \brief Parses key data and metadata and load persistent key for given
+ * key slot number.
+ *
+ * This function reads from a storage backend, parses the key data and
+ * metadata and writes them to the appropriate output parameters.
+ *
+ * Note: This function allocates a buffer and returns a pointer to it through
+ * the data parameter. On successful return, the pointer is guaranteed to be
+ * valid and the buffer contains at least one byte of data.
+ * psa_free_persistent_key_data() must be called on the data buffer
+ * afterwards to zeroize and free this buffer.
+ *
+ * \param[in,out] attr      On input, the key identifier field identifies
+ *                          the key to load. Other fields are ignored.
+ *                          On success, the attribute structure contains
+ *                          the key metadata that was loaded from storage.
+ * \param[out] data         Pointer to an allocated key data buffer on return.
+ * \param[out] data_length  The number of bytes that make up the key data.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_DATA_INVALID \emptydescription
+ * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
+ * \retval #PSA_ERROR_DOES_NOT_EXIST \emptydescription
+ */
+psa_status_t psa_load_persistent_key(psa_core_key_attributes_t *attr,
+                                     uint8_t **data,
+                                     size_t *data_length);
+
+/**
+ * \brief Remove persistent data for the given key slot number.
+ *
+ * \param key           Persistent identifier of the key to remove
+ *                      from persistent storage.
+ *
+ * \retval #PSA_SUCCESS
+ *         The key was successfully removed,
+ *         or the key did not exist.
+ * \retval #PSA_ERROR_DATA_INVALID \emptydescription
+ */
+psa_status_t psa_destroy_persistent_key(const mbedtls_svc_key_id_t key);
+
+/**
+ * \brief Free the temporary buffer allocated by psa_load_persistent_key().
+ *
+ * This function must be called at some point after psa_load_persistent_key()
+ * to zeroize and free the memory allocated to the buffer in that function.
+ *
+ * \param key_data        Buffer for the key data.
+ * \param key_data_length Size of the key data buffer.
+ *
+ */
+void psa_free_persistent_key_data(uint8_t *key_data, size_t key_data_length);
+
+/**
+ * \brief Formats key data and metadata for persistent storage
+ *
+ * \param[in] data          Buffer containing the key data.
+ * \param data_length       Length of the key data buffer.
+ * \param[in] attr          The core attributes of the key.
+ * \param[out] storage_data Output buffer for the formatted data.
+ *
+ */
+void psa_format_key_data_for_storage(const uint8_t *data,
+                                     const size_t data_length,
+                                     const psa_core_key_attributes_t *attr,
+                                     uint8_t *storage_data);
+
+/**
+ * \brief Parses persistent storage data into key data and metadata
+ *
+ * \param[in] storage_data     Buffer for the storage data.
+ * \param storage_data_length  Length of the storage data buffer
+ * \param[out] key_data        On output, pointer to a newly allocated buffer
+ *                             containing the key data. This must be freed
+ *                             using psa_free_persistent_key_data()
+ * \param[out] key_data_length Length of the key data buffer
+ * \param[out] attr            On success, the attribute structure is filled
+ *                             with the loaded key metadata.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
+ * \retval #PSA_ERROR_DATA_INVALID \emptydescription
+ */
+psa_status_t psa_parse_key_data_from_storage(const uint8_t *storage_data,
+                                             size_t storage_data_length,
+                                             uint8_t **key_data,
+                                             size_t *key_data_length,
+                                             psa_core_key_attributes_t *attr);
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+/** This symbol is defined if transaction support is required. */
+#define PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS 1
+#endif
+
+#if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS)
+
+/** The type of transaction that is in progress.
+ */
+/* This is an integer type rather than an enum for two reasons: to support
+ * unknown values when loading a transaction file, and to ensure that the
+ * type has a known size.
+ */
+typedef uint16_t psa_crypto_transaction_type_t;
+
+/** No transaction is in progress.
+ *
+ * This has the value 0, so zero-initialization sets a transaction's type to
+ * this value.
+ */
+#define PSA_CRYPTO_TRANSACTION_NONE             ((psa_crypto_transaction_type_t) 0x0000)
+
+/** A key creation transaction.
+ *
+ * This is only used for keys in an external cryptoprocessor (secure element).
+ * Keys in RAM or in internal storage are created atomically in storage
+ * (simple file creation), so they do not need a transaction mechanism.
+ */
+#define PSA_CRYPTO_TRANSACTION_CREATE_KEY       ((psa_crypto_transaction_type_t) 0x0001)
+
+/** A key destruction transaction.
+ *
+ * This is only used for keys in an external cryptoprocessor (secure element).
+ * Keys in RAM or in internal storage are destroyed atomically in storage
+ * (simple file deletion), so they do not need a transaction mechanism.
+ */
+#define PSA_CRYPTO_TRANSACTION_DESTROY_KEY      ((psa_crypto_transaction_type_t) 0x0002)
+
+/** Transaction data.
+ *
+ * This type is designed to be serialized by writing the memory representation
+ * and reading it back on the same device.
+ *
+ * \note The transaction mechanism is designed for a single active transaction
+ *       at a time. The transaction object is #psa_crypto_transaction.
+ *
+ * \note If an API call starts a transaction, it must complete this transaction
+ *       before returning to the application.
+ *
+ * The lifetime of a transaction is the following (note that only one
+ * transaction may be active at a time):
+ *
+ * -# Call psa_crypto_prepare_transaction() to initialize the transaction
+ *    object in memory and declare the type of transaction that is starting.
+ * -# Fill in the type-specific fields of #psa_crypto_transaction.
+ * -# Call psa_crypto_save_transaction() to start the transaction. This
+ *    saves the transaction data to internal storage.
+ * -# Perform the work of the transaction by modifying files, contacting
+ *    external entities, or whatever needs doing. Note that the transaction
+ *    may be interrupted by a power failure, so you need to have a way
+ *    recover from interruptions either by undoing what has been done
+ *    so far or by resuming where you left off.
+ * -# If there are intermediate stages in the transaction, update
+ *    the fields of #psa_crypto_transaction and call
+ *    psa_crypto_save_transaction() again when each stage is reached.
+ * -# When the transaction is over, call psa_crypto_stop_transaction() to
+ *    remove the transaction data in storage and in memory.
+ *
+ * If the system crashes while a transaction is in progress, psa_crypto_init()
+ * calls psa_crypto_load_transaction() and takes care of completing or
+ * rewinding the transaction. This is done in psa_crypto_recover_transaction()
+ * in psa_crypto.c. If you add a new type of transaction, be
+ * sure to add code for it in psa_crypto_recover_transaction().
+ */
+typedef union {
+    /* Each element of this union must have the following properties
+     * to facilitate serialization and deserialization:
+     *
+     * - The element is a struct.
+     * - The first field of the struct is `psa_crypto_transaction_type_t type`.
+     * - Elements of the struct are arranged such a way that there is
+     *   no padding.
+     */
+    struct psa_crypto_transaction_unknown_s {
+        psa_crypto_transaction_type_t type;
+        uint16_t unused1;
+        uint32_t unused2;
+        uint64_t unused3;
+        uint64_t unused4;
+    } unknown;
+    /* ::type is #PSA_CRYPTO_TRANSACTION_CREATE_KEY or
+     * #PSA_CRYPTO_TRANSACTION_DESTROY_KEY. */
+    struct psa_crypto_transaction_key_s {
+        psa_crypto_transaction_type_t type;
+        uint16_t unused1;
+        psa_key_lifetime_t lifetime;
+        psa_key_slot_number_t slot;
+        mbedtls_svc_key_id_t id;
+    } key;
+} psa_crypto_transaction_t;
+
+/** The single active transaction.
+ */
+extern psa_crypto_transaction_t psa_crypto_transaction;
+
+/** Prepare for a transaction.
+ *
+ * There must not be an ongoing transaction.
+ *
+ * \param type          The type of transaction to start.
+ */
+static inline void psa_crypto_prepare_transaction(
+    psa_crypto_transaction_type_t type)
+{
+    psa_crypto_transaction.unknown.type = type;
+}
+
+/** Save the transaction data to storage.
+ *
+ * You may call this function multiple times during a transaction to
+ * atomically update the transaction state.
+ *
+ * \retval #PSA_SUCCESS \emptydescription
+ * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ */
+psa_status_t psa_crypto_save_transaction(void);
+
+/** Load the transaction data from storage, if any.
+ *
+ * This function is meant to be called from psa_crypto_init() to recover
+ * in case a transaction was interrupted by a system crash.
+ *
+ * \retval #PSA_SUCCESS
+ *         The data about the ongoing transaction has been loaded to
+ *         #psa_crypto_transaction.
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ *         There is no ongoing transaction.
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_DATA_INVALID \emptydescription
+ * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
+ */
+psa_status_t psa_crypto_load_transaction(void);
+
+/** Indicate that the current transaction is finished.
+ *
+ * Call this function at the very end of transaction processing.
+ * This function does not "commit" or "abort" the transaction: the storage
+ * subsystem has no concept of "commit" and "abort", just saving and
+ * removing the transaction information in storage.
+ *
+ * This function erases the transaction data in storage (if any) and
+ * resets the transaction data in memory.
+ *
+ * \retval #PSA_SUCCESS
+ *         There was transaction data in storage.
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ *         There was no transaction data in storage.
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ *         It was impossible to determine whether there was transaction data
+ *         in storage, or the transaction data could not be erased.
+ */
+psa_status_t psa_crypto_stop_transaction(void);
+
+/** The ITS file identifier for the transaction data.
+ *
+ * 0xffffffNN = special file; 0x74 = 't' for transaction.
+ */
+#define PSA_CRYPTO_ITS_TRANSACTION_UID ((psa_key_id_t) 0xffffff74)
+
+#endif /* PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS */
+
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
+/** Backend side of mbedtls_psa_inject_entropy().
+ *
+ * This function stores the supplied data into the entropy seed file.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ *         The entropy seed file already exists.
+ */
+psa_status_t mbedtls_psa_storage_inject_entropy(const unsigned char *seed,
+                                                size_t seed_size);
+#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* PSA_CRYPTO_STORAGE_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/psa_its_file.c b/3rdparty/mbedtls-2.28.7/library/psa_its_file.c
new file mode 100644
index 0000000..7ac99bd
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/psa_its_file.c
@@ -0,0 +1,252 @@
+/*
+ *  PSA ITS simulator over stdio files.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PSA_ITS_FILE_C)
+
+#include "mbedtls/platform.h"
+
+#if defined(_WIN32)
+#include <windows.h>
+#endif
+
+#include "psa_crypto_its.h"
+
+#include <limits.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <string.h>
+
+#if !defined(PSA_ITS_STORAGE_PREFIX)
+#define PSA_ITS_STORAGE_PREFIX ""
+#endif
+
+#define PSA_ITS_STORAGE_FILENAME_PATTERN "%08x%08x"
+#define PSA_ITS_STORAGE_SUFFIX ".psa_its"
+#define PSA_ITS_STORAGE_FILENAME_LENGTH         \
+    (sizeof(PSA_ITS_STORAGE_PREFIX) - 1 +    /*prefix without terminating 0*/ \
+     16 +  /*UID (64-bit number in hex)*/                               \
+     sizeof(PSA_ITS_STORAGE_SUFFIX) - 1 +    /*suffix without terminating 0*/ \
+     1 /*terminating null byte*/)
+#define PSA_ITS_STORAGE_TEMP \
+    PSA_ITS_STORAGE_PREFIX "tempfile" PSA_ITS_STORAGE_SUFFIX
+
+/* The maximum value of psa_storage_info_t.size */
+#define PSA_ITS_MAX_SIZE 0xffffffff
+
+#define PSA_ITS_MAGIC_STRING "PSA\0ITS\0"
+#define PSA_ITS_MAGIC_LENGTH 8
+
+/* As rename fails on Windows if the new filepath already exists,
+ * use MoveFileExA with the MOVEFILE_REPLACE_EXISTING flag instead.
+ * Returns 0 on success, nonzero on failure. */
+#if defined(_WIN32)
+#define rename_replace_existing(oldpath, newpath) \
+    (!MoveFileExA(oldpath, newpath, MOVEFILE_REPLACE_EXISTING))
+#else
+#define rename_replace_existing(oldpath, newpath) rename(oldpath, newpath)
+#endif
+
+typedef struct {
+    uint8_t magic[PSA_ITS_MAGIC_LENGTH];
+    uint8_t size[sizeof(uint32_t)];
+    uint8_t flags[sizeof(psa_storage_create_flags_t)];
+} psa_its_file_header_t;
+
+static void psa_its_fill_filename(psa_storage_uid_t uid, char *filename)
+{
+    /* Break up the UID into two 32-bit pieces so as not to rely on
+     * long long support in snprintf. */
+    mbedtls_snprintf(filename, PSA_ITS_STORAGE_FILENAME_LENGTH,
+                     "%s" PSA_ITS_STORAGE_FILENAME_PATTERN "%s",
+                     PSA_ITS_STORAGE_PREFIX,
+                     (unsigned) (uid >> 32),
+                     (unsigned) (uid & 0xffffffff),
+                     PSA_ITS_STORAGE_SUFFIX);
+}
+
+static psa_status_t psa_its_read_file(psa_storage_uid_t uid,
+                                      struct psa_storage_info_t *p_info,
+                                      FILE **p_stream)
+{
+    char filename[PSA_ITS_STORAGE_FILENAME_LENGTH];
+    psa_its_file_header_t header;
+    size_t n;
+
+    *p_stream = NULL;
+    psa_its_fill_filename(uid, filename);
+    *p_stream = fopen(filename, "rb");
+    if (*p_stream == NULL) {
+        return PSA_ERROR_DOES_NOT_EXIST;
+    }
+
+    n = fread(&header, 1, sizeof(header), *p_stream);
+    if (n != sizeof(header)) {
+        return PSA_ERROR_DATA_CORRUPT;
+    }
+    if (memcmp(header.magic, PSA_ITS_MAGIC_STRING,
+               PSA_ITS_MAGIC_LENGTH) != 0) {
+        return PSA_ERROR_DATA_CORRUPT;
+    }
+
+    p_info->size = (header.size[0] |
+                    header.size[1] << 8 |
+                    header.size[2] << 16 |
+                    header.size[3] << 24);
+    p_info->flags = (header.flags[0] |
+                     header.flags[1] << 8 |
+                     header.flags[2] << 16 |
+                     header.flags[3] << 24);
+    return PSA_SUCCESS;
+}
+
+psa_status_t psa_its_get_info(psa_storage_uid_t uid,
+                              struct psa_storage_info_t *p_info)
+{
+    psa_status_t status;
+    FILE *stream = NULL;
+    status = psa_its_read_file(uid, p_info, &stream);
+    if (stream != NULL) {
+        fclose(stream);
+    }
+    return status;
+}
+
+psa_status_t psa_its_get(psa_storage_uid_t uid,
+                         uint32_t data_offset,
+                         uint32_t data_length,
+                         void *p_data,
+                         size_t *p_data_length)
+{
+    psa_status_t status;
+    FILE *stream = NULL;
+    size_t n;
+    struct psa_storage_info_t info;
+
+    status = psa_its_read_file(uid, &info, &stream);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+    status = PSA_ERROR_INVALID_ARGUMENT;
+    if (data_offset + data_length < data_offset) {
+        goto exit;
+    }
+#if SIZE_MAX < 0xffffffff
+    if (data_offset + data_length > SIZE_MAX) {
+        goto exit;
+    }
+#endif
+    if (data_offset + data_length > info.size) {
+        goto exit;
+    }
+
+    status = PSA_ERROR_STORAGE_FAILURE;
+#if LONG_MAX < 0xffffffff
+    while (data_offset > LONG_MAX) {
+        if (fseek(stream, LONG_MAX, SEEK_CUR) != 0) {
+            goto exit;
+        }
+        data_offset -= LONG_MAX;
+    }
+#endif
+    if (fseek(stream, data_offset, SEEK_CUR) != 0) {
+        goto exit;
+    }
+    n = fread(p_data, 1, data_length, stream);
+    if (n != data_length) {
+        goto exit;
+    }
+    status = PSA_SUCCESS;
+    if (p_data_length != NULL) {
+        *p_data_length = n;
+    }
+
+exit:
+    if (stream != NULL) {
+        fclose(stream);
+    }
+    return status;
+}
+
+psa_status_t psa_its_set(psa_storage_uid_t uid,
+                         uint32_t data_length,
+                         const void *p_data,
+                         psa_storage_create_flags_t create_flags)
+{
+    if (uid == 0) {
+        return PSA_ERROR_INVALID_HANDLE;
+    }
+
+    psa_status_t status = PSA_ERROR_STORAGE_FAILURE;
+    char filename[PSA_ITS_STORAGE_FILENAME_LENGTH];
+    FILE *stream = NULL;
+    psa_its_file_header_t header;
+    size_t n;
+
+    memcpy(header.magic, PSA_ITS_MAGIC_STRING, PSA_ITS_MAGIC_LENGTH);
+    MBEDTLS_PUT_UINT32_LE(data_length, header.size, 0);
+    MBEDTLS_PUT_UINT32_LE(create_flags, header.flags, 0);
+
+    psa_its_fill_filename(uid, filename);
+    stream = fopen(PSA_ITS_STORAGE_TEMP, "wb");
+    if (stream == NULL) {
+        goto exit;
+    }
+
+    status = PSA_ERROR_INSUFFICIENT_STORAGE;
+    n = fwrite(&header, 1, sizeof(header), stream);
+    if (n != sizeof(header)) {
+        goto exit;
+    }
+    if (data_length != 0) {
+        n = fwrite(p_data, 1, data_length, stream);
+        if (n != data_length) {
+            goto exit;
+        }
+    }
+    status = PSA_SUCCESS;
+
+exit:
+    if (stream != NULL) {
+        int ret = fclose(stream);
+        if (status == PSA_SUCCESS && ret != 0) {
+            status = PSA_ERROR_INSUFFICIENT_STORAGE;
+        }
+    }
+    if (status == PSA_SUCCESS) {
+        if (rename_replace_existing(PSA_ITS_STORAGE_TEMP, filename) != 0) {
+            status = PSA_ERROR_STORAGE_FAILURE;
+        }
+    }
+    /* The temporary file may still exist, but only in failure cases where
+     * we're already reporting an error. So there's nothing we can do on
+     * failure. If the function succeeded, and in some error cases, the
+     * temporary file doesn't exist and so remove() is expected to fail.
+     * Thus we just ignore the return status of remove(). */
+    (void) remove(PSA_ITS_STORAGE_TEMP);
+    return status;
+}
+
+psa_status_t psa_its_remove(psa_storage_uid_t uid)
+{
+    char filename[PSA_ITS_STORAGE_FILENAME_LENGTH];
+    FILE *stream;
+    psa_its_fill_filename(uid, filename);
+    stream = fopen(filename, "rb");
+    if (stream == NULL) {
+        return PSA_ERROR_DOES_NOT_EXIST;
+    }
+    fclose(stream);
+    if (remove(filename) != 0) {
+        return PSA_ERROR_STORAGE_FAILURE;
+    }
+    return PSA_SUCCESS;
+}
+
+#endif /* MBEDTLS_PSA_ITS_FILE_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/ripemd160.c b/3rdparty/mbedtls-2.28.7/library/ripemd160.c
new file mode 100644
index 0000000..3e8ede3
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/ripemd160.c
@@ -0,0 +1,526 @@
+/*
+ *  RIPE MD-160 implementation
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ *  The RIPEMD-160 algorithm was designed by RIPE in 1996
+ *  http://homes.esat.kuleuven.be/~bosselae/mbedtls_ripemd160.html
+ *  http://ehash.iaik.tugraz.at/wiki/RIPEMD-160
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_RIPEMD160_C)
+
+#include "mbedtls/ripemd160.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_RIPEMD160_ALT)
+
+void mbedtls_ripemd160_init(mbedtls_ripemd160_context *ctx)
+{
+    memset(ctx, 0, sizeof(mbedtls_ripemd160_context));
+}
+
+void mbedtls_ripemd160_free(mbedtls_ripemd160_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ripemd160_context));
+}
+
+void mbedtls_ripemd160_clone(mbedtls_ripemd160_context *dst,
+                             const mbedtls_ripemd160_context *src)
+{
+    *dst = *src;
+}
+
+/*
+ * RIPEMD-160 context setup
+ */
+int mbedtls_ripemd160_starts_ret(mbedtls_ripemd160_context *ctx)
+{
+    ctx->total[0] = 0;
+    ctx->total[1] = 0;
+
+    ctx->state[0] = 0x67452301;
+    ctx->state[1] = 0xEFCDAB89;
+    ctx->state[2] = 0x98BADCFE;
+    ctx->state[3] = 0x10325476;
+    ctx->state[4] = 0xC3D2E1F0;
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_ripemd160_starts(mbedtls_ripemd160_context *ctx)
+{
+    mbedtls_ripemd160_starts_ret(ctx);
+}
+#endif
+
+#if !defined(MBEDTLS_RIPEMD160_PROCESS_ALT)
+/*
+ * Process one block
+ */
+int mbedtls_internal_ripemd160_process(mbedtls_ripemd160_context *ctx,
+                                       const unsigned char data[64])
+{
+    struct {
+        uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16];
+    } local;
+
+    local.X[0] = MBEDTLS_GET_UINT32_LE(data,  0);
+    local.X[1] = MBEDTLS_GET_UINT32_LE(data,  4);
+    local.X[2] = MBEDTLS_GET_UINT32_LE(data,  8);
+    local.X[3] = MBEDTLS_GET_UINT32_LE(data, 12);
+    local.X[4] = MBEDTLS_GET_UINT32_LE(data, 16);
+    local.X[5] = MBEDTLS_GET_UINT32_LE(data, 20);
+    local.X[6] = MBEDTLS_GET_UINT32_LE(data, 24);
+    local.X[7] = MBEDTLS_GET_UINT32_LE(data, 28);
+    local.X[8] = MBEDTLS_GET_UINT32_LE(data, 32);
+    local.X[9] = MBEDTLS_GET_UINT32_LE(data, 36);
+    local.X[10] = MBEDTLS_GET_UINT32_LE(data, 40);
+    local.X[11] = MBEDTLS_GET_UINT32_LE(data, 44);
+    local.X[12] = MBEDTLS_GET_UINT32_LE(data, 48);
+    local.X[13] = MBEDTLS_GET_UINT32_LE(data, 52);
+    local.X[14] = MBEDTLS_GET_UINT32_LE(data, 56);
+    local.X[15] = MBEDTLS_GET_UINT32_LE(data, 60);
+
+    local.A = local.Ap = ctx->state[0];
+    local.B = local.Bp = ctx->state[1];
+    local.C = local.Cp = ctx->state[2];
+    local.D = local.Dp = ctx->state[3];
+    local.E = local.Ep = ctx->state[4];
+
+#define F1(x, y, z)   ((x) ^ (y) ^ (z))
+#define F2(x, y, z)   (((x) & (y)) | (~(x) & (z)))
+#define F3(x, y, z)   (((x) | ~(y)) ^ (z))
+#define F4(x, y, z)   (((x) & (z)) | ((y) & ~(z)))
+#define F5(x, y, z)   ((x) ^ ((y) | ~(z)))
+
+#define S(x, n) (((x) << (n)) | ((x) >> (32 - (n))))
+
+#define P(a, b, c, d, e, r, s, f, k)                      \
+    do                                                      \
+    {                                                       \
+        (a) += f((b), (c), (d)) + local.X[r] + (k);       \
+        (a) = S((a), (s)) + (e);                          \
+        (c) = S((c), 10);                                 \
+    } while (0)
+
+#define P2(a, b, c, d, e, r, s, rp, sp)                               \
+    do                                                                  \
+    {                                                                   \
+        P((a), (b), (c), (d), (e), (r), (s), F, K);                   \
+        P(a ## p, b ## p, c ## p, d ## p, e ## p,                      \
+          (rp), (sp), Fp, Kp);                                        \
+    } while (0)
+
+#define F   F1
+#define K   0x00000000
+#define Fp  F5
+#define Kp  0x50A28BE6
+    P2(local.A, local.B, local.C, local.D, local.E,  0, 11,  5,  8);
+    P2(local.E, local.A, local.B, local.C, local.D,  1, 14, 14,  9);
+    P2(local.D, local.E, local.A, local.B, local.C,  2, 15,  7,  9);
+    P2(local.C, local.D, local.E, local.A, local.B,  3, 12,  0, 11);
+    P2(local.B, local.C, local.D, local.E, local.A,  4,  5,  9, 13);
+    P2(local.A, local.B, local.C, local.D, local.E,  5,  8,  2, 15);
+    P2(local.E, local.A, local.B, local.C, local.D,  6,  7, 11, 15);
+    P2(local.D, local.E, local.A, local.B, local.C,  7,  9,  4,  5);
+    P2(local.C, local.D, local.E, local.A, local.B,  8, 11, 13,  7);
+    P2(local.B, local.C, local.D, local.E, local.A,  9, 13,  6,  7);
+    P2(local.A, local.B, local.C, local.D, local.E, 10, 14, 15,  8);
+    P2(local.E, local.A, local.B, local.C, local.D, 11, 15,  8, 11);
+    P2(local.D, local.E, local.A, local.B, local.C, 12,  6,  1, 14);
+    P2(local.C, local.D, local.E, local.A, local.B, 13,  7, 10, 14);
+    P2(local.B, local.C, local.D, local.E, local.A, 14,  9,  3, 12);
+    P2(local.A, local.B, local.C, local.D, local.E, 15,  8, 12,  6);
+#undef F
+#undef K
+#undef Fp
+#undef Kp
+
+#define F   F2
+#define K   0x5A827999
+#define Fp  F4
+#define Kp  0x5C4DD124
+    P2(local.E, local.A, local.B, local.C, local.D,  7,  7,  6,  9);
+    P2(local.D, local.E, local.A, local.B, local.C,  4,  6, 11, 13);
+    P2(local.C, local.D, local.E, local.A, local.B, 13,  8,  3, 15);
+    P2(local.B, local.C, local.D, local.E, local.A,  1, 13,  7,  7);
+    P2(local.A, local.B, local.C, local.D, local.E, 10, 11,  0, 12);
+    P2(local.E, local.A, local.B, local.C, local.D,  6,  9, 13,  8);
+    P2(local.D, local.E, local.A, local.B, local.C, 15,  7,  5,  9);
+    P2(local.C, local.D, local.E, local.A, local.B,  3, 15, 10, 11);
+    P2(local.B, local.C, local.D, local.E, local.A, 12,  7, 14,  7);
+    P2(local.A, local.B, local.C, local.D, local.E,  0, 12, 15,  7);
+    P2(local.E, local.A, local.B, local.C, local.D,  9, 15,  8, 12);
+    P2(local.D, local.E, local.A, local.B, local.C,  5,  9, 12,  7);
+    P2(local.C, local.D, local.E, local.A, local.B,  2, 11,  4,  6);
+    P2(local.B, local.C, local.D, local.E, local.A, 14,  7,  9, 15);
+    P2(local.A, local.B, local.C, local.D, local.E, 11, 13,  1, 13);
+    P2(local.E, local.A, local.B, local.C, local.D,  8, 12,  2, 11);
+#undef F
+#undef K
+#undef Fp
+#undef Kp
+
+#define F   F3
+#define K   0x6ED9EBA1
+#define Fp  F3
+#define Kp  0x6D703EF3
+    P2(local.D, local.E, local.A, local.B, local.C,  3, 11, 15,  9);
+    P2(local.C, local.D, local.E, local.A, local.B, 10, 13,  5,  7);
+    P2(local.B, local.C, local.D, local.E, local.A, 14,  6,  1, 15);
+    P2(local.A, local.B, local.C, local.D, local.E,  4,  7,  3, 11);
+    P2(local.E, local.A, local.B, local.C, local.D,  9, 14,  7,  8);
+    P2(local.D, local.E, local.A, local.B, local.C, 15,  9, 14,  6);
+    P2(local.C, local.D, local.E, local.A, local.B,  8, 13,  6,  6);
+    P2(local.B, local.C, local.D, local.E, local.A,  1, 15,  9, 14);
+    P2(local.A, local.B, local.C, local.D, local.E,  2, 14, 11, 12);
+    P2(local.E, local.A, local.B, local.C, local.D,  7,  8,  8, 13);
+    P2(local.D, local.E, local.A, local.B, local.C,  0, 13, 12,  5);
+    P2(local.C, local.D, local.E, local.A, local.B,  6,  6,  2, 14);
+    P2(local.B, local.C, local.D, local.E, local.A, 13,  5, 10, 13);
+    P2(local.A, local.B, local.C, local.D, local.E, 11, 12,  0, 13);
+    P2(local.E, local.A, local.B, local.C, local.D,  5,  7,  4,  7);
+    P2(local.D, local.E, local.A, local.B, local.C, 12,  5, 13,  5);
+#undef F
+#undef K
+#undef Fp
+#undef Kp
+
+#define F   F4
+#define K   0x8F1BBCDC
+#define Fp  F2
+#define Kp  0x7A6D76E9
+    P2(local.C, local.D, local.E, local.A, local.B,  1, 11,  8, 15);
+    P2(local.B, local.C, local.D, local.E, local.A,  9, 12,  6,  5);
+    P2(local.A, local.B, local.C, local.D, local.E, 11, 14,  4,  8);
+    P2(local.E, local.A, local.B, local.C, local.D, 10, 15,  1, 11);
+    P2(local.D, local.E, local.A, local.B, local.C,  0, 14,  3, 14);
+    P2(local.C, local.D, local.E, local.A, local.B,  8, 15, 11, 14);
+    P2(local.B, local.C, local.D, local.E, local.A, 12,  9, 15,  6);
+    P2(local.A, local.B, local.C, local.D, local.E,  4,  8,  0, 14);
+    P2(local.E, local.A, local.B, local.C, local.D, 13,  9,  5,  6);
+    P2(local.D, local.E, local.A, local.B, local.C,  3, 14, 12,  9);
+    P2(local.C, local.D, local.E, local.A, local.B,  7,  5,  2, 12);
+    P2(local.B, local.C, local.D, local.E, local.A, 15,  6, 13,  9);
+    P2(local.A, local.B, local.C, local.D, local.E, 14,  8,  9, 12);
+    P2(local.E, local.A, local.B, local.C, local.D,  5,  6,  7,  5);
+    P2(local.D, local.E, local.A, local.B, local.C,  6,  5, 10, 15);
+    P2(local.C, local.D, local.E, local.A, local.B,  2, 12, 14,  8);
+#undef F
+#undef K
+#undef Fp
+#undef Kp
+
+#define F   F5
+#define K   0xA953FD4E
+#define Fp  F1
+#define Kp  0x00000000
+    P2(local.B, local.C, local.D, local.E, local.A,  4,  9, 12,  8);
+    P2(local.A, local.B, local.C, local.D, local.E,  0, 15, 15,  5);
+    P2(local.E, local.A, local.B, local.C, local.D,  5,  5, 10, 12);
+    P2(local.D, local.E, local.A, local.B, local.C,  9, 11,  4,  9);
+    P2(local.C, local.D, local.E, local.A, local.B,  7,  6,  1, 12);
+    P2(local.B, local.C, local.D, local.E, local.A, 12,  8,  5,  5);
+    P2(local.A, local.B, local.C, local.D, local.E,  2, 13,  8, 14);
+    P2(local.E, local.A, local.B, local.C, local.D, 10, 12,  7,  6);
+    P2(local.D, local.E, local.A, local.B, local.C, 14,  5,  6,  8);
+    P2(local.C, local.D, local.E, local.A, local.B,  1, 12,  2, 13);
+    P2(local.B, local.C, local.D, local.E, local.A,  3, 13, 13,  6);
+    P2(local.A, local.B, local.C, local.D, local.E,  8, 14, 14,  5);
+    P2(local.E, local.A, local.B, local.C, local.D, 11, 11,  0, 15);
+    P2(local.D, local.E, local.A, local.B, local.C,  6,  8,  3, 13);
+    P2(local.C, local.D, local.E, local.A, local.B, 15,  5,  9, 11);
+    P2(local.B, local.C, local.D, local.E, local.A, 13,  6, 11, 11);
+#undef F
+#undef K
+#undef Fp
+#undef Kp
+
+    local.C       = ctx->state[1] + local.C + local.Dp;
+    ctx->state[1] = ctx->state[2] + local.D + local.Ep;
+    ctx->state[2] = ctx->state[3] + local.E + local.Ap;
+    ctx->state[3] = ctx->state[4] + local.A + local.Bp;
+    ctx->state[4] = ctx->state[0] + local.B + local.Cp;
+    ctx->state[0] = local.C;
+
+    /* Zeroise variables to clear sensitive data from memory. */
+    mbedtls_platform_zeroize(&local, sizeof(local));
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_ripemd160_process(mbedtls_ripemd160_context *ctx,
+                               const unsigned char data[64])
+{
+    mbedtls_internal_ripemd160_process(ctx, data);
+}
+#endif
+#endif /* !MBEDTLS_RIPEMD160_PROCESS_ALT */
+
+/*
+ * RIPEMD-160 process buffer
+ */
+int mbedtls_ripemd160_update_ret(mbedtls_ripemd160_context *ctx,
+                                 const unsigned char *input,
+                                 size_t ilen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t fill;
+    uint32_t left;
+
+    if (ilen == 0) {
+        return 0;
+    }
+
+    left = ctx->total[0] & 0x3F;
+    fill = 64 - left;
+
+    ctx->total[0] += (uint32_t) ilen;
+    ctx->total[0] &= 0xFFFFFFFF;
+
+    if (ctx->total[0] < (uint32_t) ilen) {
+        ctx->total[1]++;
+    }
+
+    if (left && ilen >= fill) {
+        memcpy((void *) (ctx->buffer + left), input, fill);
+
+        if ((ret = mbedtls_internal_ripemd160_process(ctx, ctx->buffer)) != 0) {
+            return ret;
+        }
+
+        input += fill;
+        ilen  -= fill;
+        left = 0;
+    }
+
+    while (ilen >= 64) {
+        if ((ret = mbedtls_internal_ripemd160_process(ctx, input)) != 0) {
+            return ret;
+        }
+
+        input += 64;
+        ilen  -= 64;
+    }
+
+    if (ilen > 0) {
+        memcpy((void *) (ctx->buffer + left), input, ilen);
+    }
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_ripemd160_update(mbedtls_ripemd160_context *ctx,
+                              const unsigned char *input,
+                              size_t ilen)
+{
+    mbedtls_ripemd160_update_ret(ctx, input, ilen);
+}
+#endif
+
+static const unsigned char ripemd160_padding[64] =
+{
+    0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+/*
+ * RIPEMD-160 final digest
+ */
+int mbedtls_ripemd160_finish_ret(mbedtls_ripemd160_context *ctx,
+                                 unsigned char output[20])
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    uint32_t last, padn;
+    uint32_t high, low;
+    unsigned char msglen[8];
+
+    high = (ctx->total[0] >> 29)
+           | (ctx->total[1] <<  3);
+    low  = (ctx->total[0] <<  3);
+
+    MBEDTLS_PUT_UINT32_LE(low,  msglen, 0);
+    MBEDTLS_PUT_UINT32_LE(high, msglen, 4);
+
+    last = ctx->total[0] & 0x3F;
+    padn = (last < 56) ? (56 - last) : (120 - last);
+
+    ret = mbedtls_ripemd160_update_ret(ctx, ripemd160_padding, padn);
+    if (ret != 0) {
+        return ret;
+    }
+
+    ret = mbedtls_ripemd160_update_ret(ctx, msglen, 8);
+    if (ret != 0) {
+        return ret;
+    }
+
+    MBEDTLS_PUT_UINT32_LE(ctx->state[0], output,  0);
+    MBEDTLS_PUT_UINT32_LE(ctx->state[1], output,  4);
+    MBEDTLS_PUT_UINT32_LE(ctx->state[2], output,  8);
+    MBEDTLS_PUT_UINT32_LE(ctx->state[3], output, 12);
+    MBEDTLS_PUT_UINT32_LE(ctx->state[4], output, 16);
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_ripemd160_finish(mbedtls_ripemd160_context *ctx,
+                              unsigned char output[20])
+{
+    mbedtls_ripemd160_finish_ret(ctx, output);
+}
+#endif
+
+#endif /* ! MBEDTLS_RIPEMD160_ALT */
+
+/*
+ * output = RIPEMD-160( input buffer )
+ */
+int mbedtls_ripemd160_ret(const unsigned char *input,
+                          size_t ilen,
+                          unsigned char output[20])
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ripemd160_context ctx;
+
+    mbedtls_ripemd160_init(&ctx);
+
+    if ((ret = mbedtls_ripemd160_starts_ret(&ctx)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_ripemd160_update_ret(&ctx, input, ilen)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_ripemd160_finish_ret(&ctx, output)) != 0) {
+        goto exit;
+    }
+
+exit:
+    mbedtls_ripemd160_free(&ctx);
+
+    return ret;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_ripemd160(const unsigned char *input,
+                       size_t ilen,
+                       unsigned char output[20])
+{
+    mbedtls_ripemd160_ret(input, ilen, output);
+}
+#endif
+
+#if defined(MBEDTLS_SELF_TEST)
+/*
+ * Test vectors from the RIPEMD-160 paper and
+ * http://homes.esat.kuleuven.be/~bosselae/mbedtls_ripemd160.html#HMAC
+ */
+#define TESTS   8
+static const unsigned char ripemd160_test_str[TESTS][81] =
+{
+    { "" },
+    { "a" },
+    { "abc" },
+    { "message digest" },
+    { "abcdefghijklmnopqrstuvwxyz" },
+    { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
+    { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
+    { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" },
+};
+
+static const size_t ripemd160_test_strlen[TESTS] =
+{
+    0, 1, 3, 14, 26, 56, 62, 80
+};
+
+static const unsigned char ripemd160_test_md[TESTS][20] =
+{
+    { 0x9c, 0x11, 0x85, 0xa5, 0xc5, 0xe9, 0xfc, 0x54, 0x61, 0x28,
+      0x08, 0x97, 0x7e, 0xe8, 0xf5, 0x48, 0xb2, 0x25, 0x8d, 0x31 },
+    { 0x0b, 0xdc, 0x9d, 0x2d, 0x25, 0x6b, 0x3e, 0xe9, 0xda, 0xae,
+      0x34, 0x7b, 0xe6, 0xf4, 0xdc, 0x83, 0x5a, 0x46, 0x7f, 0xfe },
+    { 0x8e, 0xb2, 0x08, 0xf7, 0xe0, 0x5d, 0x98, 0x7a, 0x9b, 0x04,
+      0x4a, 0x8e, 0x98, 0xc6, 0xb0, 0x87, 0xf1, 0x5a, 0x0b, 0xfc },
+    { 0x5d, 0x06, 0x89, 0xef, 0x49, 0xd2, 0xfa, 0xe5, 0x72, 0xb8,
+      0x81, 0xb1, 0x23, 0xa8, 0x5f, 0xfa, 0x21, 0x59, 0x5f, 0x36 },
+    { 0xf7, 0x1c, 0x27, 0x10, 0x9c, 0x69, 0x2c, 0x1b, 0x56, 0xbb,
+      0xdc, 0xeb, 0x5b, 0x9d, 0x28, 0x65, 0xb3, 0x70, 0x8d, 0xbc },
+    { 0x12, 0xa0, 0x53, 0x38, 0x4a, 0x9c, 0x0c, 0x88, 0xe4, 0x05,
+      0xa0, 0x6c, 0x27, 0xdc, 0xf4, 0x9a, 0xda, 0x62, 0xeb, 0x2b },
+    { 0xb0, 0xe2, 0x0b, 0x6e, 0x31, 0x16, 0x64, 0x02, 0x86, 0xed,
+      0x3a, 0x87, 0xa5, 0x71, 0x30, 0x79, 0xb2, 0x1f, 0x51, 0x89 },
+    { 0x9b, 0x75, 0x2e, 0x45, 0x57, 0x3d, 0x4b, 0x39, 0xf4, 0xdb,
+      0xd3, 0x32, 0x3c, 0xab, 0x82, 0xbf, 0x63, 0x32, 0x6b, 0xfb },
+};
+
+/*
+ * Checkup routine
+ */
+int mbedtls_ripemd160_self_test(int verbose)
+{
+    int i, ret = 0;
+    unsigned char output[20];
+
+    memset(output, 0, sizeof(output));
+
+    for (i = 0; i < TESTS; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  RIPEMD-160 test #%d: ", i + 1);
+        }
+
+        ret = mbedtls_ripemd160_ret(ripemd160_test_str[i],
+                                    ripemd160_test_strlen[i], output);
+        if (ret != 0) {
+            goto fail;
+        }
+
+        if (memcmp(output, ripemd160_test_md[i], 20) != 0) {
+            ret = 1;
+            goto fail;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+    return 0;
+
+fail:
+    if (verbose != 0) {
+        mbedtls_printf("failed\n");
+    }
+
+    return ret;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_RIPEMD160_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/rsa.c b/3rdparty/mbedtls-2.28.7/library/rsa.c
new file mode 100644
index 0000000..0a0c2e3
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/rsa.c
@@ -0,0 +1,2657 @@
+/*
+ *  The RSA public-key cryptosystem
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ *  The following sources were referenced in the design of this implementation
+ *  of the RSA algorithm:
+ *
+ *  [1] A method for obtaining digital signatures and public-key cryptosystems
+ *      R Rivest, A Shamir, and L Adleman
+ *      http://people.csail.mit.edu/rivest/pubs.html#RSA78
+ *
+ *  [2] Handbook of Applied Cryptography - 1997, Chapter 8
+ *      Menezes, van Oorschot and Vanstone
+ *
+ *  [3] Malware Guard Extension: Using SGX to Conceal Cache Attacks
+ *      Michael Schwarz, Samuel Weiser, Daniel Gruss, Clémentine Maurice and
+ *      Stefan Mangard
+ *      https://arxiv.org/abs/1702.08719v2
+ *
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_RSA_C)
+
+#include "mbedtls/rsa.h"
+#include "mbedtls/rsa_internal.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+#include "constant_time_internal.h"
+#include "mbedtls/constant_time.h"
+#include "bignum_internal.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_PKCS1_V21)
+#include "mbedtls/md.h"
+#endif
+
+#if defined(MBEDTLS_PKCS1_V15) && !defined(__OpenBSD__) && !defined(__NetBSD__)
+#include <stdlib.h>
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_RSA_ALT)
+
+/* Parameter validation macros */
+#define RSA_VALIDATE_RET(cond)                                       \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_RSA_BAD_INPUT_DATA)
+#define RSA_VALIDATE(cond)                                           \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
+
+int mbedtls_rsa_import(mbedtls_rsa_context *ctx,
+                       const mbedtls_mpi *N,
+                       const mbedtls_mpi *P, const mbedtls_mpi *Q,
+                       const mbedtls_mpi *D, const mbedtls_mpi *E)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    RSA_VALIDATE_RET(ctx != NULL);
+
+    if ((N != NULL && (ret = mbedtls_mpi_copy(&ctx->N, N)) != 0) ||
+        (P != NULL && (ret = mbedtls_mpi_copy(&ctx->P, P)) != 0) ||
+        (Q != NULL && (ret = mbedtls_mpi_copy(&ctx->Q, Q)) != 0) ||
+        (D != NULL && (ret = mbedtls_mpi_copy(&ctx->D, D)) != 0) ||
+        (E != NULL && (ret = mbedtls_mpi_copy(&ctx->E, E)) != 0)) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret);
+    }
+
+    if (N != NULL) {
+        ctx->len = mbedtls_mpi_size(&ctx->N);
+    }
+
+    return 0;
+}
+
+int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx,
+                           unsigned char const *N, size_t N_len,
+                           unsigned char const *P, size_t P_len,
+                           unsigned char const *Q, size_t Q_len,
+                           unsigned char const *D, size_t D_len,
+                           unsigned char const *E, size_t E_len)
+{
+    int ret = 0;
+    RSA_VALIDATE_RET(ctx != NULL);
+
+    if (N != NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->N, N, N_len));
+        ctx->len = mbedtls_mpi_size(&ctx->N);
+    }
+
+    if (P != NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->P, P, P_len));
+    }
+
+    if (Q != NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->Q, Q, Q_len));
+    }
+
+    if (D != NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->D, D, D_len));
+    }
+
+    if (E != NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->E, E, E_len));
+    }
+
+cleanup:
+
+    if (ret != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret);
+    }
+
+    return 0;
+}
+
+/*
+ * Checks whether the context fields are set in such a way
+ * that the RSA primitives will be able to execute without error.
+ * It does *not* make guarantees for consistency of the parameters.
+ */
+static int rsa_check_context(mbedtls_rsa_context const *ctx, int is_priv,
+                             int blinding_needed)
+{
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    /* blinding_needed is only used for NO_CRT to decide whether
+     * P,Q need to be present or not. */
+    ((void) blinding_needed);
+#endif
+
+    if (ctx->len != mbedtls_mpi_size(&ctx->N) ||
+        ctx->len > MBEDTLS_MPI_MAX_SIZE) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    /*
+     * 1. Modular exponentiation needs positive, odd moduli.
+     */
+
+    /* Modular exponentiation wrt. N is always used for
+     * RSA public key operations. */
+    if (mbedtls_mpi_cmp_int(&ctx->N, 0) <= 0 ||
+        mbedtls_mpi_get_bit(&ctx->N, 0) == 0) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    /* Modular exponentiation for P and Q is only
+     * used for private key operations and if CRT
+     * is used. */
+    if (is_priv &&
+        (mbedtls_mpi_cmp_int(&ctx->P, 0) <= 0 ||
+         mbedtls_mpi_get_bit(&ctx->P, 0) == 0 ||
+         mbedtls_mpi_cmp_int(&ctx->Q, 0) <= 0 ||
+         mbedtls_mpi_get_bit(&ctx->Q, 0) == 0)) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+#endif /* !MBEDTLS_RSA_NO_CRT */
+
+    /*
+     * 2. Exponents must be positive
+     */
+
+    /* Always need E for public key operations */
+    if (mbedtls_mpi_cmp_int(&ctx->E, 0) <= 0) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_RSA_NO_CRT)
+    /* For private key operations, use D or DP & DQ
+     * as (unblinded) exponents. */
+    if (is_priv && mbedtls_mpi_cmp_int(&ctx->D, 0) <= 0) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+#else
+    if (is_priv &&
+        (mbedtls_mpi_cmp_int(&ctx->DP, 0) <= 0 ||
+         mbedtls_mpi_cmp_int(&ctx->DQ, 0) <= 0)) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+#endif /* MBEDTLS_RSA_NO_CRT */
+
+    /* Blinding shouldn't make exponents negative either,
+     * so check that P, Q >= 1 if that hasn't yet been
+     * done as part of 1. */
+#if defined(MBEDTLS_RSA_NO_CRT)
+    if (is_priv && blinding_needed &&
+        (mbedtls_mpi_cmp_int(&ctx->P, 0) <= 0 ||
+         mbedtls_mpi_cmp_int(&ctx->Q, 0) <= 0)) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+#endif
+
+    /* It wouldn't lead to an error if it wasn't satisfied,
+     * but check for QP >= 1 nonetheless. */
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    if (is_priv &&
+        mbedtls_mpi_cmp_int(&ctx->QP, 0) <= 0) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+#endif
+
+    return 0;
+}
+
+int mbedtls_rsa_complete(mbedtls_rsa_context *ctx)
+{
+    int ret = 0;
+    int have_N, have_P, have_Q, have_D, have_E;
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    int have_DP, have_DQ, have_QP;
+#endif
+    int n_missing, pq_missing, d_missing, is_pub, is_priv;
+
+    RSA_VALIDATE_RET(ctx != NULL);
+
+    have_N = (mbedtls_mpi_cmp_int(&ctx->N, 0) != 0);
+    have_P = (mbedtls_mpi_cmp_int(&ctx->P, 0) != 0);
+    have_Q = (mbedtls_mpi_cmp_int(&ctx->Q, 0) != 0);
+    have_D = (mbedtls_mpi_cmp_int(&ctx->D, 0) != 0);
+    have_E = (mbedtls_mpi_cmp_int(&ctx->E, 0) != 0);
+
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    have_DP = (mbedtls_mpi_cmp_int(&ctx->DP, 0) != 0);
+    have_DQ = (mbedtls_mpi_cmp_int(&ctx->DQ, 0) != 0);
+    have_QP = (mbedtls_mpi_cmp_int(&ctx->QP, 0) != 0);
+#endif
+
+    /*
+     * Check whether provided parameters are enough
+     * to deduce all others. The following incomplete
+     * parameter sets for private keys are supported:
+     *
+     * (1) P, Q missing.
+     * (2) D and potentially N missing.
+     *
+     */
+
+    n_missing  =              have_P &&  have_Q &&  have_D && have_E;
+    pq_missing =   have_N && !have_P && !have_Q &&  have_D && have_E;
+    d_missing  =              have_P &&  have_Q && !have_D && have_E;
+    is_pub     =   have_N && !have_P && !have_Q && !have_D && have_E;
+
+    /* These three alternatives are mutually exclusive */
+    is_priv = n_missing || pq_missing || d_missing;
+
+    if (!is_priv && !is_pub) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    /*
+     * Step 1: Deduce N if P, Q are provided.
+     */
+
+    if (!have_N && have_P && have_Q) {
+        if ((ret = mbedtls_mpi_mul_mpi(&ctx->N, &ctx->P,
+                                       &ctx->Q)) != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret);
+        }
+
+        ctx->len = mbedtls_mpi_size(&ctx->N);
+    }
+
+    /*
+     * Step 2: Deduce and verify all remaining core parameters.
+     */
+
+    if (pq_missing) {
+        ret = mbedtls_rsa_deduce_primes(&ctx->N, &ctx->E, &ctx->D,
+                                        &ctx->P, &ctx->Q);
+        if (ret != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret);
+        }
+
+    } else if (d_missing) {
+        if ((ret = mbedtls_rsa_deduce_private_exponent(&ctx->P,
+                                                       &ctx->Q,
+                                                       &ctx->E,
+                                                       &ctx->D)) != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret);
+        }
+    }
+
+    /*
+     * Step 3: Deduce all additional parameters specific
+     *         to our current RSA implementation.
+     */
+
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    if (is_priv && !(have_DP && have_DQ && have_QP)) {
+        ret = mbedtls_rsa_deduce_crt(&ctx->P,  &ctx->Q,  &ctx->D,
+                                     &ctx->DP, &ctx->DQ, &ctx->QP);
+        if (ret != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret);
+        }
+    }
+#endif /* MBEDTLS_RSA_NO_CRT */
+
+    /*
+     * Step 3: Basic sanity checks
+     */
+
+    return rsa_check_context(ctx, is_priv, 1);
+}
+
+int mbedtls_rsa_export_raw(const mbedtls_rsa_context *ctx,
+                           unsigned char *N, size_t N_len,
+                           unsigned char *P, size_t P_len,
+                           unsigned char *Q, size_t Q_len,
+                           unsigned char *D, size_t D_len,
+                           unsigned char *E, size_t E_len)
+{
+    int ret = 0;
+    int is_priv;
+    RSA_VALIDATE_RET(ctx != NULL);
+
+    /* Check if key is private or public */
+    is_priv =
+        mbedtls_mpi_cmp_int(&ctx->N, 0) != 0 &&
+        mbedtls_mpi_cmp_int(&ctx->P, 0) != 0 &&
+        mbedtls_mpi_cmp_int(&ctx->Q, 0) != 0 &&
+        mbedtls_mpi_cmp_int(&ctx->D, 0) != 0 &&
+        mbedtls_mpi_cmp_int(&ctx->E, 0) != 0;
+
+    if (!is_priv) {
+        /* If we're trying to export private parameters for a public key,
+         * something must be wrong. */
+        if (P != NULL || Q != NULL || D != NULL) {
+            return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+        }
+
+    }
+
+    if (N != NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->N, N, N_len));
+    }
+
+    if (P != NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->P, P, P_len));
+    }
+
+    if (Q != NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->Q, Q, Q_len));
+    }
+
+    if (D != NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->D, D, D_len));
+    }
+
+    if (E != NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->E, E, E_len));
+    }
+
+cleanup:
+
+    return ret;
+}
+
+int mbedtls_rsa_export(const mbedtls_rsa_context *ctx,
+                       mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q,
+                       mbedtls_mpi *D, mbedtls_mpi *E)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    int is_priv;
+    RSA_VALIDATE_RET(ctx != NULL);
+
+    /* Check if key is private or public */
+    is_priv =
+        mbedtls_mpi_cmp_int(&ctx->N, 0) != 0 &&
+        mbedtls_mpi_cmp_int(&ctx->P, 0) != 0 &&
+        mbedtls_mpi_cmp_int(&ctx->Q, 0) != 0 &&
+        mbedtls_mpi_cmp_int(&ctx->D, 0) != 0 &&
+        mbedtls_mpi_cmp_int(&ctx->E, 0) != 0;
+
+    if (!is_priv) {
+        /* If we're trying to export private parameters for a public key,
+         * something must be wrong. */
+        if (P != NULL || Q != NULL || D != NULL) {
+            return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+        }
+
+    }
+
+    /* Export all requested core parameters. */
+
+    if ((N != NULL && (ret = mbedtls_mpi_copy(N, &ctx->N)) != 0) ||
+        (P != NULL && (ret = mbedtls_mpi_copy(P, &ctx->P)) != 0) ||
+        (Q != NULL && (ret = mbedtls_mpi_copy(Q, &ctx->Q)) != 0) ||
+        (D != NULL && (ret = mbedtls_mpi_copy(D, &ctx->D)) != 0) ||
+        (E != NULL && (ret = mbedtls_mpi_copy(E, &ctx->E)) != 0)) {
+        return ret;
+    }
+
+    return 0;
+}
+
+/*
+ * Export CRT parameters
+ * This must also be implemented if CRT is not used, for being able to
+ * write DER encoded RSA keys. The helper function mbedtls_rsa_deduce_crt
+ * can be used in this case.
+ */
+int mbedtls_rsa_export_crt(const mbedtls_rsa_context *ctx,
+                           mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    int is_priv;
+    RSA_VALIDATE_RET(ctx != NULL);
+
+    /* Check if key is private or public */
+    is_priv =
+        mbedtls_mpi_cmp_int(&ctx->N, 0) != 0 &&
+        mbedtls_mpi_cmp_int(&ctx->P, 0) != 0 &&
+        mbedtls_mpi_cmp_int(&ctx->Q, 0) != 0 &&
+        mbedtls_mpi_cmp_int(&ctx->D, 0) != 0 &&
+        mbedtls_mpi_cmp_int(&ctx->E, 0) != 0;
+
+    if (!is_priv) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    /* Export all requested blinding parameters. */
+    if ((DP != NULL && (ret = mbedtls_mpi_copy(DP, &ctx->DP)) != 0) ||
+        (DQ != NULL && (ret = mbedtls_mpi_copy(DQ, &ctx->DQ)) != 0) ||
+        (QP != NULL && (ret = mbedtls_mpi_copy(QP, &ctx->QP)) != 0)) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret);
+    }
+#else
+    if ((ret = mbedtls_rsa_deduce_crt(&ctx->P, &ctx->Q, &ctx->D,
+                                      DP, DQ, QP)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret);
+    }
+#endif
+
+    return 0;
+}
+
+/*
+ * Initialize an RSA context
+ */
+void mbedtls_rsa_init(mbedtls_rsa_context *ctx,
+                      int padding,
+                      int hash_id)
+{
+    RSA_VALIDATE(ctx != NULL);
+    RSA_VALIDATE(padding == MBEDTLS_RSA_PKCS_V15 ||
+                 padding == MBEDTLS_RSA_PKCS_V21);
+
+    memset(ctx, 0, sizeof(mbedtls_rsa_context));
+
+    mbedtls_rsa_set_padding(ctx, padding, hash_id);
+
+#if defined(MBEDTLS_THREADING_C)
+    /* Set ctx->ver to nonzero to indicate that the mutex has been
+     * initialized and will need to be freed. */
+    ctx->ver = 1;
+    mbedtls_mutex_init(&ctx->mutex);
+#endif
+}
+
+/*
+ * Set padding for an existing RSA context
+ */
+void mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding,
+                             int hash_id)
+{
+    RSA_VALIDATE(ctx != NULL);
+    RSA_VALIDATE(padding == MBEDTLS_RSA_PKCS_V15 ||
+                 padding == MBEDTLS_RSA_PKCS_V21);
+
+    ctx->padding = padding;
+    ctx->hash_id = hash_id;
+}
+
+/*
+ * Get length in bytes of RSA modulus
+ */
+
+size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx)
+{
+    return ctx->len;
+}
+
+
+#if defined(MBEDTLS_GENPRIME)
+
+/*
+ * Generate an RSA keypair
+ *
+ * This generation method follows the RSA key pair generation procedure of
+ * FIPS 186-4 if 2^16 < exponent < 2^256 and nbits = 2048 or nbits = 3072.
+ */
+int mbedtls_rsa_gen_key(mbedtls_rsa_context *ctx,
+                        int (*f_rng)(void *, unsigned char *, size_t),
+                        void *p_rng,
+                        unsigned int nbits, int exponent)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_mpi H, G, L;
+    int prime_quality = 0;
+    RSA_VALIDATE_RET(ctx != NULL);
+    RSA_VALIDATE_RET(f_rng != NULL);
+
+    /*
+     * If the modulus is 1024 bit long or shorter, then the security strength of
+     * the RSA algorithm is less than or equal to 80 bits and therefore an error
+     * rate of 2^-80 is sufficient.
+     */
+    if (nbits > 1024) {
+        prime_quality = MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR;
+    }
+
+    mbedtls_mpi_init(&H);
+    mbedtls_mpi_init(&G);
+    mbedtls_mpi_init(&L);
+
+    if (nbits < 128 || exponent < 3 || nbits % 2 != 0) {
+        ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    /*
+     * find primes P and Q with Q < P so that:
+     * 1.  |P-Q| > 2^( nbits / 2 - 100 )
+     * 2.  GCD( E, (P-1)*(Q-1) ) == 1
+     * 3.  E^-1 mod LCM(P-1, Q-1) > 2^( nbits / 2 )
+     */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&ctx->E, exponent));
+
+    do {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_gen_prime(&ctx->P, nbits >> 1,
+                                              prime_quality, f_rng, p_rng));
+
+        MBEDTLS_MPI_CHK(mbedtls_mpi_gen_prime(&ctx->Q, nbits >> 1,
+                                              prime_quality, f_rng, p_rng));
+
+        /* make sure the difference between p and q is not too small (FIPS 186-4 §B.3.3 step 5.4) */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&H, &ctx->P, &ctx->Q));
+        if (mbedtls_mpi_bitlen(&H) <= ((nbits >= 200) ? ((nbits >> 1) - 99) : 0)) {
+            continue;
+        }
+
+        /* not required by any standards, but some users rely on the fact that P > Q */
+        if (H.s < 0) {
+            mbedtls_mpi_swap(&ctx->P, &ctx->Q);
+        }
+
+        /* Temporarily replace P,Q by P-1, Q-1 */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&ctx->P, &ctx->P, 1));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&ctx->Q, &ctx->Q, 1));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&H, &ctx->P, &ctx->Q));
+
+        /* check GCD( E, (P-1)*(Q-1) ) == 1 (FIPS 186-4 §B.3.1 criterion 2(a)) */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(&G, &ctx->E, &H));
+        if (mbedtls_mpi_cmp_int(&G, 1) != 0) {
+            continue;
+        }
+
+        /* compute smallest possible D = E^-1 mod LCM(P-1, Q-1) (FIPS 186-4 §B.3.1 criterion 3(b)) */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(&G, &ctx->P, &ctx->Q));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_div_mpi(&L, NULL, &H, &G));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&ctx->D, &ctx->E, &L));
+
+        if (mbedtls_mpi_bitlen(&ctx->D) <= ((nbits + 1) / 2)) {      // (FIPS 186-4 §B.3.1 criterion 3(a))
+            continue;
+        }
+
+        break;
+    } while (1);
+
+    /* Restore P,Q */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(&ctx->P,  &ctx->P, 1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(&ctx->Q,  &ctx->Q, 1));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->N, &ctx->P, &ctx->Q));
+
+    ctx->len = mbedtls_mpi_size(&ctx->N);
+
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    /*
+     * DP = D mod (P - 1)
+     * DQ = D mod (Q - 1)
+     * QP = Q^-1 mod P
+     */
+    MBEDTLS_MPI_CHK(mbedtls_rsa_deduce_crt(&ctx->P, &ctx->Q, &ctx->D,
+                                           &ctx->DP, &ctx->DQ, &ctx->QP));
+#endif /* MBEDTLS_RSA_NO_CRT */
+
+    /* Double-check */
+    MBEDTLS_MPI_CHK(mbedtls_rsa_check_privkey(ctx));
+
+cleanup:
+
+    mbedtls_mpi_free(&H);
+    mbedtls_mpi_free(&G);
+    mbedtls_mpi_free(&L);
+
+    if (ret != 0) {
+        mbedtls_rsa_free(ctx);
+
+        if ((-ret & ~0x7f) == 0) {
+            ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_KEY_GEN_FAILED, ret);
+        }
+        return ret;
+    }
+
+    return 0;
+}
+
+#endif /* MBEDTLS_GENPRIME */
+
+/*
+ * Check a public RSA key
+ */
+int mbedtls_rsa_check_pubkey(const mbedtls_rsa_context *ctx)
+{
+    RSA_VALIDATE_RET(ctx != NULL);
+
+    if (rsa_check_context(ctx, 0 /* public */, 0 /* no blinding */) != 0) {
+        return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+    }
+
+    if (mbedtls_mpi_bitlen(&ctx->N) < 128) {
+        return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+    }
+
+    if (mbedtls_mpi_get_bit(&ctx->E, 0) == 0 ||
+        mbedtls_mpi_bitlen(&ctx->E)     < 2  ||
+        mbedtls_mpi_cmp_mpi(&ctx->E, &ctx->N) >= 0) {
+        return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+    }
+
+    return 0;
+}
+
+/*
+ * Check for the consistency of all fields in an RSA private key context
+ */
+int mbedtls_rsa_check_privkey(const mbedtls_rsa_context *ctx)
+{
+    RSA_VALIDATE_RET(ctx != NULL);
+
+    if (mbedtls_rsa_check_pubkey(ctx) != 0 ||
+        rsa_check_context(ctx, 1 /* private */, 1 /* blinding */) != 0) {
+        return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+    }
+
+    if (mbedtls_rsa_validate_params(&ctx->N, &ctx->P, &ctx->Q,
+                                    &ctx->D, &ctx->E, NULL, NULL) != 0) {
+        return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+    }
+
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    else if (mbedtls_rsa_validate_crt(&ctx->P, &ctx->Q, &ctx->D,
+                                      &ctx->DP, &ctx->DQ, &ctx->QP) != 0) {
+        return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+    }
+#endif
+
+    return 0;
+}
+
+/*
+ * Check if contexts holding a public and private key match
+ */
+int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub,
+                               const mbedtls_rsa_context *prv)
+{
+    RSA_VALIDATE_RET(pub != NULL);
+    RSA_VALIDATE_RET(prv != NULL);
+
+    if (mbedtls_rsa_check_pubkey(pub)  != 0 ||
+        mbedtls_rsa_check_privkey(prv) != 0) {
+        return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+    }
+
+    if (mbedtls_mpi_cmp_mpi(&pub->N, &prv->N) != 0 ||
+        mbedtls_mpi_cmp_mpi(&pub->E, &prv->E) != 0) {
+        return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+    }
+
+    return 0;
+}
+
+/*
+ * Do an RSA public key operation
+ */
+int mbedtls_rsa_public(mbedtls_rsa_context *ctx,
+                       const unsigned char *input,
+                       unsigned char *output)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t olen;
+    mbedtls_mpi T;
+    RSA_VALIDATE_RET(ctx != NULL);
+    RSA_VALIDATE_RET(input != NULL);
+    RSA_VALIDATE_RET(output != NULL);
+
+    if (rsa_check_context(ctx, 0 /* public */, 0 /* no blinding */)) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    mbedtls_mpi_init(&T);
+
+#if defined(MBEDTLS_THREADING_C)
+    if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) {
+        return ret;
+    }
+#endif
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&T, input, ctx->len));
+
+    if (mbedtls_mpi_cmp_mpi(&T, &ctx->N) >= 0) {
+        ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    olen = ctx->len;
+    MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&T, &T, &ctx->E, &ctx->N, &ctx->RN));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&T, output, olen));
+
+cleanup:
+#if defined(MBEDTLS_THREADING_C)
+    if (mbedtls_mutex_unlock(&ctx->mutex) != 0) {
+        return MBEDTLS_ERR_THREADING_MUTEX_ERROR;
+    }
+#endif
+
+    mbedtls_mpi_free(&T);
+
+    if (ret != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_PUBLIC_FAILED, ret);
+    }
+
+    return 0;
+}
+
+/*
+ * Generate or update blinding values, see section 10 of:
+ *  KOCHER, Paul C. Timing attacks on implementations of Diffie-Hellman, RSA,
+ *  DSS, and other systems. In : Advances in Cryptology-CRYPTO'96. Springer
+ *  Berlin Heidelberg, 1996. p. 104-113.
+ */
+static int rsa_prepare_blinding(mbedtls_rsa_context *ctx,
+                                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+{
+    int ret, count = 0;
+    mbedtls_mpi R;
+
+    mbedtls_mpi_init(&R);
+
+    if (ctx->Vf.p != NULL) {
+        /* We already have blinding values, just update them by squaring */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vi, &ctx->Vi, &ctx->Vi));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vi, &ctx->Vi, &ctx->N));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vf, &ctx->Vf, &ctx->Vf));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vf, &ctx->Vf, &ctx->N));
+
+        goto cleanup;
+    }
+
+    /* Unblinding value: Vf = random number, invertible mod N */
+    do {
+        if (count++ > 10) {
+            ret = MBEDTLS_ERR_RSA_RNG_FAILED;
+            goto cleanup;
+        }
+
+        MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&ctx->Vf, ctx->len - 1, f_rng, p_rng));
+
+        /* Compute Vf^-1 as R * (R Vf)^-1 to avoid leaks from inv_mod. */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&R, ctx->len - 1, f_rng, p_rng));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vi, &ctx->Vf, &R));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vi, &ctx->Vi, &ctx->N));
+
+        /* At this point, Vi is invertible mod N if and only if both Vf and R
+         * are invertible mod N. If one of them isn't, we don't need to know
+         * which one, we just loop and choose new values for both of them.
+         * (Each iteration succeeds with overwhelming probability.) */
+        ret = mbedtls_mpi_inv_mod(&ctx->Vi, &ctx->Vi, &ctx->N);
+        if (ret != 0 && ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) {
+            goto cleanup;
+        }
+
+    } while (ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE);
+
+    /* Finish the computation of Vf^-1 = R * (R Vf)^-1 */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vi, &ctx->Vi, &R));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vi, &ctx->Vi, &ctx->N));
+
+    /* Blinding value: Vi = Vf^(-e) mod N
+     * (Vi already contains Vf^-1 at this point) */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&ctx->Vi, &ctx->Vi, &ctx->E, &ctx->N, &ctx->RN));
+
+
+cleanup:
+    mbedtls_mpi_free(&R);
+
+    return ret;
+}
+
+/*
+ * Unblind
+ * T = T * Vf mod N
+ */
+static int rsa_unblind(mbedtls_mpi *T, mbedtls_mpi *Vf, const mbedtls_mpi *N)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const size_t nlimbs = N->n;
+    const size_t tlimbs = 2 * (nlimbs + 1);
+
+    mbedtls_mpi_uint mm = mbedtls_mpi_montmul_init(N->p);
+
+    mbedtls_mpi RR, M_T;
+
+    mbedtls_mpi_init(&RR);
+    mbedtls_mpi_init(&M_T);
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_get_mont_r2_unsafe(&RR, N));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&M_T, tlimbs));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(T, nlimbs));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(Vf, nlimbs));
+
+    /* T = T * Vf mod N
+     * Reminder: montmul(A, B, N) = A * B * R^-1 mod N
+     * Usually both operands are multiplied by R mod N beforehand, yielding a
+     * result that's also * R mod N (aka "in the Montgomery domain"). Here we
+     * only multiply one operand by R mod N, so the result is directly what we
+     * want - no need to call `mpi_montred()` on it. */
+    mbedtls_mpi_montmul(T, &RR, N, mm, &M_T);
+    mbedtls_mpi_montmul(T, Vf, N, mm, &M_T);
+
+cleanup:
+
+    mbedtls_mpi_free(&RR);
+    mbedtls_mpi_free(&M_T);
+
+    return ret;
+}
+
+/*
+ * Exponent blinding supposed to prevent side-channel attacks using multiple
+ * traces of measurements to recover the RSA key. The more collisions are there,
+ * the more bits of the key can be recovered. See [3].
+ *
+ * Collecting n collisions with m bit long blinding value requires 2^(m-m/n)
+ * observations on average.
+ *
+ * For example with 28 byte blinding to achieve 2 collisions the adversary has
+ * to make 2^112 observations on average.
+ *
+ * (With the currently (as of 2017 April) known best algorithms breaking 2048
+ * bit RSA requires approximately as much time as trying out 2^112 random keys.
+ * Thus in this sense with 28 byte blinding the security is not reduced by
+ * side-channel attacks like the one in [3])
+ *
+ * This countermeasure does not help if the key recovery is possible with a
+ * single trace.
+ */
+#define RSA_EXPONENT_BLINDING 28
+
+/*
+ * Do an RSA private key operation
+ */
+int mbedtls_rsa_private(mbedtls_rsa_context *ctx,
+                        int (*f_rng)(void *, unsigned char *, size_t),
+                        void *p_rng,
+                        const unsigned char *input,
+                        unsigned char *output)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t olen;
+
+    /* Temporary holding the result */
+    mbedtls_mpi T;
+
+    /* Temporaries holding P-1, Q-1 and the
+     * exponent blinding factor, respectively. */
+    mbedtls_mpi P1, Q1, R;
+
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    /* Temporaries holding the results mod p resp. mod q. */
+    mbedtls_mpi TP, TQ;
+
+    /* Temporaries holding the blinded exponents for
+     * the mod p resp. mod q computation (if used). */
+    mbedtls_mpi DP_blind, DQ_blind;
+
+    /* Pointers to actual exponents to be used - either the unblinded
+     * or the blinded ones, depending on the presence of a PRNG. */
+    mbedtls_mpi *DP = &ctx->DP;
+    mbedtls_mpi *DQ = &ctx->DQ;
+#else
+    /* Temporary holding the blinded exponent (if used). */
+    mbedtls_mpi D_blind;
+
+    /* Pointer to actual exponent to be used - either the unblinded
+     * or the blinded one, depending on the presence of a PRNG. */
+    mbedtls_mpi *D = &ctx->D;
+#endif /* MBEDTLS_RSA_NO_CRT */
+
+    /* Temporaries holding the initial input and the double
+     * checked result; should be the same in the end. */
+    mbedtls_mpi input_blinded, check_result_blinded;
+
+    RSA_VALIDATE_RET(ctx != NULL);
+    RSA_VALIDATE_RET(input  != NULL);
+    RSA_VALIDATE_RET(output != NULL);
+
+    if (rsa_check_context(ctx, 1 /* private key checks */,
+                          f_rng != NULL /* blinding y/n       */) != 0) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_THREADING_C)
+    if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) {
+        return ret;
+    }
+#endif
+
+    /* MPI Initialization */
+    mbedtls_mpi_init(&T);
+
+    mbedtls_mpi_init(&P1);
+    mbedtls_mpi_init(&Q1);
+    mbedtls_mpi_init(&R);
+
+    if (f_rng != NULL) {
+#if defined(MBEDTLS_RSA_NO_CRT)
+        mbedtls_mpi_init(&D_blind);
+#else
+        mbedtls_mpi_init(&DP_blind);
+        mbedtls_mpi_init(&DQ_blind);
+#endif
+    }
+
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    mbedtls_mpi_init(&TP); mbedtls_mpi_init(&TQ);
+#endif
+
+    mbedtls_mpi_init(&input_blinded);
+    mbedtls_mpi_init(&check_result_blinded);
+
+    /* End of MPI initialization */
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&T, input, ctx->len));
+    if (mbedtls_mpi_cmp_mpi(&T, &ctx->N) >= 0) {
+        ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    if (f_rng != NULL) {
+        /*
+         * Blinding
+         * T = T * Vi mod N
+         */
+        MBEDTLS_MPI_CHK(rsa_prepare_blinding(ctx, f_rng, p_rng));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&T, &T, &ctx->Vi));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&T, &T, &ctx->N));
+
+        /*
+         * Exponent blinding
+         */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&P1, &ctx->P, 1));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&Q1, &ctx->Q, 1));
+
+#if defined(MBEDTLS_RSA_NO_CRT)
+        /*
+         * D_blind = ( P - 1 ) * ( Q - 1 ) * R + D
+         */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&R, RSA_EXPONENT_BLINDING,
+                                                f_rng, p_rng));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&D_blind, &P1, &Q1));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&D_blind, &D_blind, &R));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&D_blind, &D_blind, &ctx->D));
+
+        D = &D_blind;
+#else
+        /*
+         * DP_blind = ( P - 1 ) * R + DP
+         */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&R, RSA_EXPONENT_BLINDING,
+                                                f_rng, p_rng));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&DP_blind, &P1, &R));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&DP_blind, &DP_blind,
+                                            &ctx->DP));
+
+        DP = &DP_blind;
+
+        /*
+         * DQ_blind = ( Q - 1 ) * R + DQ
+         */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&R, RSA_EXPONENT_BLINDING,
+                                                f_rng, p_rng));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&DQ_blind, &Q1, &R));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&DQ_blind, &DQ_blind,
+                                            &ctx->DQ));
+
+        DQ = &DQ_blind;
+#endif /* MBEDTLS_RSA_NO_CRT */
+    }
+
+    /* Make a copy of the input (after blinding if there was any) */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&input_blinded, &T));
+
+#if defined(MBEDTLS_RSA_NO_CRT)
+    MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&T, &T, D, &ctx->N, &ctx->RN));
+#else
+    /*
+     * Faster decryption using the CRT
+     *
+     * TP = input ^ dP mod P
+     * TQ = input ^ dQ mod Q
+     */
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&TP, &T, DP, &ctx->P, &ctx->RP));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&TQ, &T, DQ, &ctx->Q, &ctx->RQ));
+
+    /*
+     * T = (TP - TQ) * (Q^-1 mod P) mod P
+     */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&T, &TP, &TQ));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&TP, &T, &ctx->QP));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&T, &TP, &ctx->P));
+
+    /*
+     * T = TQ + T * Q
+     */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&TP, &T, &ctx->Q));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&T, &TQ, &TP));
+#endif /* MBEDTLS_RSA_NO_CRT */
+
+    /* Verify the result to prevent glitching attacks. */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&check_result_blinded, &T, &ctx->E,
+                                        &ctx->N, &ctx->RN));
+    if (mbedtls_mpi_cmp_mpi(&check_result_blinded, &input_blinded) != 0) {
+        ret = MBEDTLS_ERR_RSA_VERIFY_FAILED;
+        goto cleanup;
+    }
+
+    if (f_rng != NULL) {
+        /*
+         * Unblind
+         * T = T * Vf mod N
+         */
+        MBEDTLS_MPI_CHK(rsa_unblind(&T, &ctx->Vf, &ctx->N));
+    }
+
+    olen = ctx->len;
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&T, output, olen));
+
+cleanup:
+#if defined(MBEDTLS_THREADING_C)
+    if (mbedtls_mutex_unlock(&ctx->mutex) != 0) {
+        return MBEDTLS_ERR_THREADING_MUTEX_ERROR;
+    }
+#endif
+
+    mbedtls_mpi_free(&P1);
+    mbedtls_mpi_free(&Q1);
+    mbedtls_mpi_free(&R);
+
+    if (f_rng != NULL) {
+#if defined(MBEDTLS_RSA_NO_CRT)
+        mbedtls_mpi_free(&D_blind);
+#else
+        mbedtls_mpi_free(&DP_blind);
+        mbedtls_mpi_free(&DQ_blind);
+#endif
+    }
+
+    mbedtls_mpi_free(&T);
+
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    mbedtls_mpi_free(&TP); mbedtls_mpi_free(&TQ);
+#endif
+
+    mbedtls_mpi_free(&check_result_blinded);
+    mbedtls_mpi_free(&input_blinded);
+
+    if (ret != 0 && ret >= -0x007f) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_PRIVATE_FAILED, ret);
+    }
+
+    return ret;
+}
+
+#if defined(MBEDTLS_PKCS1_V21)
+/**
+ * Generate and apply the MGF1 operation (from PKCS#1 v2.1) to a buffer.
+ *
+ * \param dst       buffer to mask
+ * \param dlen      length of destination buffer
+ * \param src       source of the mask generation
+ * \param slen      length of the source buffer
+ * \param md_ctx    message digest context to use
+ */
+static int mgf_mask(unsigned char *dst, size_t dlen, unsigned char *src,
+                    size_t slen, mbedtls_md_context_t *md_ctx)
+{
+    unsigned char mask[MBEDTLS_MD_MAX_SIZE];
+    unsigned char counter[4];
+    unsigned char *p;
+    unsigned int hlen;
+    size_t i, use_len;
+    int ret = 0;
+
+    memset(mask, 0, MBEDTLS_MD_MAX_SIZE);
+    memset(counter, 0, 4);
+
+    hlen = mbedtls_md_get_size(md_ctx->md_info);
+
+    /* Generate and apply dbMask */
+    p = dst;
+
+    while (dlen > 0) {
+        use_len = hlen;
+        if (dlen < hlen) {
+            use_len = dlen;
+        }
+
+        if ((ret = mbedtls_md_starts(md_ctx)) != 0) {
+            goto exit;
+        }
+        if ((ret = mbedtls_md_update(md_ctx, src, slen)) != 0) {
+            goto exit;
+        }
+        if ((ret = mbedtls_md_update(md_ctx, counter, 4)) != 0) {
+            goto exit;
+        }
+        if ((ret = mbedtls_md_finish(md_ctx, mask)) != 0) {
+            goto exit;
+        }
+
+        for (i = 0; i < use_len; ++i) {
+            *p++ ^= mask[i];
+        }
+
+        counter[3]++;
+
+        dlen -= use_len;
+    }
+
+exit:
+    mbedtls_platform_zeroize(mask, sizeof(mask));
+
+    return ret;
+}
+#endif /* MBEDTLS_PKCS1_V21 */
+
+#if defined(MBEDTLS_PKCS1_V21)
+/*
+ * Implementation of the PKCS#1 v2.1 RSAES-OAEP-ENCRYPT function
+ */
+int mbedtls_rsa_rsaes_oaep_encrypt(mbedtls_rsa_context *ctx,
+                                   int (*f_rng)(void *, unsigned char *, size_t),
+                                   void *p_rng,
+                                   int mode,
+                                   const unsigned char *label, size_t label_len,
+                                   size_t ilen,
+                                   const unsigned char *input,
+                                   unsigned char *output)
+{
+    size_t olen;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *p = output;
+    unsigned int hlen;
+    const mbedtls_md_info_t *md_info;
+    mbedtls_md_context_t md_ctx;
+
+    RSA_VALIDATE_RET(ctx != NULL);
+    RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE ||
+                     mode == MBEDTLS_RSA_PUBLIC);
+    RSA_VALIDATE_RET(output != NULL);
+    RSA_VALIDATE_RET(ilen == 0 || input != NULL);
+    RSA_VALIDATE_RET(label_len == 0 || label != NULL);
+
+    if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    if (f_rng == NULL) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    md_info = mbedtls_md_info_from_type((mbedtls_md_type_t) ctx->hash_id);
+    if (md_info == NULL) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    olen = ctx->len;
+    hlen = mbedtls_md_get_size(md_info);
+
+    /* first comparison checks for overflow */
+    if (ilen + 2 * hlen + 2 < ilen || olen < ilen + 2 * hlen + 2) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    memset(output, 0, olen);
+
+    *p++ = 0;
+
+    /* Generate a random octet string seed */
+    if ((ret = f_rng(p_rng, p, hlen)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_RNG_FAILED, ret);
+    }
+
+    p += hlen;
+
+    /* Construct DB */
+    if ((ret = mbedtls_md(md_info, label, label_len, p)) != 0) {
+        return ret;
+    }
+    p += hlen;
+    p += olen - 2 * hlen - 2 - ilen;
+    *p++ = 1;
+    if (ilen != 0) {
+        memcpy(p, input, ilen);
+    }
+
+    mbedtls_md_init(&md_ctx);
+    if ((ret = mbedtls_md_setup(&md_ctx, md_info, 0)) != 0) {
+        goto exit;
+    }
+
+    /* maskedDB: Apply dbMask to DB */
+    if ((ret = mgf_mask(output + hlen + 1, olen - hlen - 1, output + 1, hlen,
+                        &md_ctx)) != 0) {
+        goto exit;
+    }
+
+    /* maskedSeed: Apply seedMask to seed */
+    if ((ret = mgf_mask(output + 1, hlen, output + hlen + 1, olen - hlen - 1,
+                        &md_ctx)) != 0) {
+        goto exit;
+    }
+
+exit:
+    mbedtls_md_free(&md_ctx);
+
+    if (ret != 0) {
+        return ret;
+    }
+
+    return (mode == MBEDTLS_RSA_PUBLIC)
+            ? mbedtls_rsa_public(ctx, output, output)
+            : mbedtls_rsa_private(ctx, f_rng, p_rng, output, output);
+}
+#endif /* MBEDTLS_PKCS1_V21 */
+
+#if defined(MBEDTLS_PKCS1_V15)
+/*
+ * Implementation of the PKCS#1 v2.1 RSAES-PKCS1-V1_5-ENCRYPT function
+ */
+int mbedtls_rsa_rsaes_pkcs1_v15_encrypt(mbedtls_rsa_context *ctx,
+                                        int (*f_rng)(void *, unsigned char *, size_t),
+                                        void *p_rng,
+                                        int mode, size_t ilen,
+                                        const unsigned char *input,
+                                        unsigned char *output)
+{
+    size_t nb_pad, olen;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *p = output;
+
+    RSA_VALIDATE_RET(ctx != NULL);
+    RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE ||
+                     mode == MBEDTLS_RSA_PUBLIC);
+    RSA_VALIDATE_RET(output != NULL);
+    RSA_VALIDATE_RET(ilen == 0 || input != NULL);
+
+    if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    olen = ctx->len;
+
+    /* first comparison checks for overflow */
+    if (ilen + 11 < ilen || olen < ilen + 11) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    nb_pad = olen - 3 - ilen;
+
+    *p++ = 0;
+    if (mode == MBEDTLS_RSA_PUBLIC) {
+        if (f_rng == NULL) {
+            return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+        }
+
+        *p++ = MBEDTLS_RSA_CRYPT;
+
+        while (nb_pad-- > 0) {
+            int rng_dl = 100;
+
+            do {
+                ret = f_rng(p_rng, p, 1);
+            } while (*p == 0 && --rng_dl && ret == 0);
+
+            /* Check if RNG failed to generate data */
+            if (rng_dl == 0 || ret != 0) {
+                return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_RNG_FAILED, ret);
+            }
+
+            p++;
+        }
+    } else {
+        *p++ = MBEDTLS_RSA_SIGN;
+
+        while (nb_pad-- > 0) {
+            *p++ = 0xFF;
+        }
+    }
+
+    *p++ = 0;
+    if (ilen != 0) {
+        memcpy(p, input, ilen);
+    }
+
+    return (mode == MBEDTLS_RSA_PUBLIC)
+            ? mbedtls_rsa_public(ctx, output, output)
+            : mbedtls_rsa_private(ctx, f_rng, p_rng, output, output);
+}
+#endif /* MBEDTLS_PKCS1_V15 */
+
+/*
+ * Add the message padding, then do an RSA operation
+ */
+int mbedtls_rsa_pkcs1_encrypt(mbedtls_rsa_context *ctx,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng,
+                              int mode, size_t ilen,
+                              const unsigned char *input,
+                              unsigned char *output)
+{
+    RSA_VALIDATE_RET(ctx != NULL);
+    RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE ||
+                     mode == MBEDTLS_RSA_PUBLIC);
+    RSA_VALIDATE_RET(output != NULL);
+    RSA_VALIDATE_RET(ilen == 0 || input != NULL);
+
+    switch (ctx->padding) {
+#if defined(MBEDTLS_PKCS1_V15)
+        case MBEDTLS_RSA_PKCS_V15:
+            return mbedtls_rsa_rsaes_pkcs1_v15_encrypt(ctx, f_rng, p_rng, mode, ilen,
+                                                       input, output);
+#endif
+
+#if defined(MBEDTLS_PKCS1_V21)
+        case MBEDTLS_RSA_PKCS_V21:
+            return mbedtls_rsa_rsaes_oaep_encrypt(ctx, f_rng, p_rng, mode, NULL, 0,
+                                                  ilen, input, output);
+#endif
+
+        default:
+            return MBEDTLS_ERR_RSA_INVALID_PADDING;
+    }
+}
+
+#if defined(MBEDTLS_PKCS1_V21)
+/*
+ * Implementation of the PKCS#1 v2.1 RSAES-OAEP-DECRYPT function
+ */
+int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx,
+                                   int (*f_rng)(void *, unsigned char *, size_t),
+                                   void *p_rng,
+                                   int mode,
+                                   const unsigned char *label, size_t label_len,
+                                   size_t *olen,
+                                   const unsigned char *input,
+                                   unsigned char *output,
+                                   size_t output_max_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t ilen, i, pad_len;
+    unsigned char *p, pad_done;
+    int bad;
+    unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
+    unsigned char lhash[MBEDTLS_MD_MAX_SIZE];
+    unsigned int hlen;
+    const mbedtls_md_info_t *md_info;
+    mbedtls_md_context_t md_ctx;
+
+    RSA_VALIDATE_RET(ctx != NULL);
+    RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE ||
+                     mode == MBEDTLS_RSA_PUBLIC);
+    RSA_VALIDATE_RET(output_max_len == 0 || output != NULL);
+    RSA_VALIDATE_RET(label_len == 0 || label != NULL);
+    RSA_VALIDATE_RET(input != NULL);
+    RSA_VALIDATE_RET(olen != NULL);
+
+    /*
+     * Parameters sanity checks
+     */
+    if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    ilen = ctx->len;
+
+    if (ilen < 16 || ilen > sizeof(buf)) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    md_info = mbedtls_md_info_from_type((mbedtls_md_type_t) ctx->hash_id);
+    if (md_info == NULL) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    hlen = mbedtls_md_get_size(md_info);
+
+    // checking for integer underflow
+    if (2 * hlen + 2 > ilen) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    /*
+     * RSA operation
+     */
+    ret = (mode == MBEDTLS_RSA_PUBLIC)
+          ? mbedtls_rsa_public(ctx, input, buf)
+          : mbedtls_rsa_private(ctx, f_rng, p_rng, input, buf);
+
+    if (ret != 0) {
+        goto cleanup;
+    }
+
+    /*
+     * Unmask data and generate lHash
+     */
+    mbedtls_md_init(&md_ctx);
+    if ((ret = mbedtls_md_setup(&md_ctx, md_info, 0)) != 0) {
+        mbedtls_md_free(&md_ctx);
+        goto cleanup;
+    }
+
+    /* seed: Apply seedMask to maskedSeed */
+    if ((ret = mgf_mask(buf + 1, hlen, buf + hlen + 1, ilen - hlen - 1,
+                        &md_ctx)) != 0 ||
+        /* DB: Apply dbMask to maskedDB */
+        (ret = mgf_mask(buf + hlen + 1, ilen - hlen - 1, buf + 1, hlen,
+                        &md_ctx)) != 0) {
+        mbedtls_md_free(&md_ctx);
+        goto cleanup;
+    }
+
+    mbedtls_md_free(&md_ctx);
+
+    /* Generate lHash */
+    if ((ret = mbedtls_md(md_info, label, label_len, lhash)) != 0) {
+        goto cleanup;
+    }
+
+    /*
+     * Check contents, in "constant-time"
+     */
+    p = buf;
+    bad = 0;
+
+    bad |= *p++; /* First byte must be 0 */
+
+    p += hlen; /* Skip seed */
+
+    /* Check lHash */
+    bad |= mbedtls_ct_memcmp(lhash, p, hlen);
+    p += hlen;
+
+    /* Get zero-padding len, but always read till end of buffer
+     * (minus one, for the 01 byte) */
+    pad_len = 0;
+    pad_done = 0;
+    for (i = 0; i < ilen - 2 * hlen - 2; i++) {
+        pad_done |= p[i];
+        pad_len += ((pad_done | (unsigned char) -pad_done) >> 7) ^ 1;
+    }
+
+    p += pad_len;
+    bad |= *p++ ^ 0x01;
+
+    /*
+     * The only information "leaked" is whether the padding was correct or not
+     * (eg, no data is copied if it was not correct). This meets the
+     * recommendations in PKCS#1 v2.2: an opponent cannot distinguish between
+     * the different error conditions.
+     */
+    if (bad != 0) {
+        ret = MBEDTLS_ERR_RSA_INVALID_PADDING;
+        goto cleanup;
+    }
+
+    if (ilen - (p - buf) > output_max_len) {
+        ret = MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE;
+        goto cleanup;
+    }
+
+    *olen = ilen - (p - buf);
+    if (*olen != 0) {
+        memcpy(output, p, *olen);
+    }
+    ret = 0;
+
+cleanup:
+    mbedtls_platform_zeroize(buf, sizeof(buf));
+    mbedtls_platform_zeroize(lhash, sizeof(lhash));
+
+    return ret;
+}
+#endif /* MBEDTLS_PKCS1_V21 */
+
+#if defined(MBEDTLS_PKCS1_V15)
+/*
+ * Implementation of the PKCS#1 v2.1 RSAES-PKCS1-V1_5-DECRYPT function
+ */
+int mbedtls_rsa_rsaes_pkcs1_v15_decrypt(mbedtls_rsa_context *ctx,
+                                        int (*f_rng)(void *, unsigned char *, size_t),
+                                        void *p_rng,
+                                        int mode,
+                                        size_t *olen,
+                                        const unsigned char *input,
+                                        unsigned char *output,
+                                        size_t output_max_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t ilen;
+    unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
+
+    RSA_VALIDATE_RET(ctx != NULL);
+    RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE ||
+                     mode == MBEDTLS_RSA_PUBLIC);
+    RSA_VALIDATE_RET(output_max_len == 0 || output != NULL);
+    RSA_VALIDATE_RET(input != NULL);
+    RSA_VALIDATE_RET(olen != NULL);
+
+    ilen = ctx->len;
+
+    if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    if (ilen < 16 || ilen > sizeof(buf)) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    ret = (mode == MBEDTLS_RSA_PUBLIC)
+          ? mbedtls_rsa_public(ctx, input, buf)
+          : mbedtls_rsa_private(ctx, f_rng, p_rng, input, buf);
+
+    if (ret != 0) {
+        goto cleanup;
+    }
+
+    ret = mbedtls_ct_rsaes_pkcs1_v15_unpadding(mode, buf, ilen,
+                                               output, output_max_len, olen);
+
+cleanup:
+    mbedtls_platform_zeroize(buf, sizeof(buf));
+
+    return ret;
+}
+#endif /* MBEDTLS_PKCS1_V15 */
+
+/*
+ * Do an RSA operation, then remove the message padding
+ */
+int mbedtls_rsa_pkcs1_decrypt(mbedtls_rsa_context *ctx,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng,
+                              int mode, size_t *olen,
+                              const unsigned char *input,
+                              unsigned char *output,
+                              size_t output_max_len)
+{
+    RSA_VALIDATE_RET(ctx != NULL);
+    RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE ||
+                     mode == MBEDTLS_RSA_PUBLIC);
+    RSA_VALIDATE_RET(output_max_len == 0 || output != NULL);
+    RSA_VALIDATE_RET(input != NULL);
+    RSA_VALIDATE_RET(olen != NULL);
+
+    switch (ctx->padding) {
+#if defined(MBEDTLS_PKCS1_V15)
+        case MBEDTLS_RSA_PKCS_V15:
+            return mbedtls_rsa_rsaes_pkcs1_v15_decrypt(ctx, f_rng, p_rng, mode, olen,
+                                                       input, output, output_max_len);
+#endif
+
+#if defined(MBEDTLS_PKCS1_V21)
+        case MBEDTLS_RSA_PKCS_V21:
+            return mbedtls_rsa_rsaes_oaep_decrypt(ctx, f_rng, p_rng, mode, NULL, 0,
+                                                  olen, input, output,
+                                                  output_max_len);
+#endif
+
+        default:
+            return MBEDTLS_ERR_RSA_INVALID_PADDING;
+    }
+}
+
+#if defined(MBEDTLS_PKCS1_V21)
+static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
+                               int (*f_rng)(void *, unsigned char *, size_t),
+                               void *p_rng,
+                               int mode,
+                               mbedtls_md_type_t md_alg,
+                               unsigned int hashlen,
+                               const unsigned char *hash,
+                               int saltlen,
+                               unsigned char *sig)
+{
+    size_t olen;
+    unsigned char *p = sig;
+    unsigned char *salt = NULL;
+    size_t slen, min_slen, hlen, offset = 0;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t msb;
+    const mbedtls_md_info_t *md_info;
+    mbedtls_md_context_t md_ctx;
+    RSA_VALIDATE_RET(ctx != NULL);
+    RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE ||
+                     mode == MBEDTLS_RSA_PUBLIC);
+    RSA_VALIDATE_RET((md_alg  == MBEDTLS_MD_NONE &&
+                      hashlen == 0) ||
+                     hash != NULL);
+    RSA_VALIDATE_RET(sig != NULL);
+
+    if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    if (f_rng == NULL) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    olen = ctx->len;
+
+    if (md_alg != MBEDTLS_MD_NONE) {
+        /* Gather length of hash to sign */
+        md_info = mbedtls_md_info_from_type(md_alg);
+        if (md_info == NULL) {
+            return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+        }
+
+        hashlen = mbedtls_md_get_size(md_info);
+    }
+
+    md_info = mbedtls_md_info_from_type((mbedtls_md_type_t) ctx->hash_id);
+    if (md_info == NULL) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    hlen = mbedtls_md_get_size(md_info);
+
+    if (saltlen == MBEDTLS_RSA_SALT_LEN_ANY) {
+        /* Calculate the largest possible salt length, up to the hash size.
+         * Normally this is the hash length, which is the maximum salt length
+         * according to FIPS 185-4 §5.5 (e) and common practice. If there is not
+         * enough room, use the maximum salt length that fits. The constraint is
+         * that the hash length plus the salt length plus 2 bytes must be at most
+         * the key length. This complies with FIPS 186-4 §5.5 (e) and RFC 8017
+         * (PKCS#1 v2.2) §9.1.1 step 3. */
+        min_slen = hlen - 2;
+        if (olen < hlen + min_slen + 2) {
+            return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+        } else if (olen >= hlen + hlen + 2) {
+            slen = hlen;
+        } else {
+            slen = olen - hlen - 2;
+        }
+    } else if ((saltlen < 0) || (saltlen + hlen + 2 > olen)) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    } else {
+        slen = (size_t) saltlen;
+    }
+
+    memset(sig, 0, olen);
+
+    /* Note: EMSA-PSS encoding is over the length of N - 1 bits */
+    msb = mbedtls_mpi_bitlen(&ctx->N) - 1;
+    p += olen - hlen - slen - 2;
+    *p++ = 0x01;
+
+    /* Generate salt of length slen in place in the encoded message */
+    salt = p;
+    if ((ret = f_rng(p_rng, salt, slen)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_RNG_FAILED, ret);
+    }
+
+    p += slen;
+
+    mbedtls_md_init(&md_ctx);
+    if ((ret = mbedtls_md_setup(&md_ctx, md_info, 0)) != 0) {
+        goto exit;
+    }
+
+    /* Generate H = Hash( M' ) */
+    if ((ret = mbedtls_md_starts(&md_ctx)) != 0) {
+        goto exit;
+    }
+    if ((ret = mbedtls_md_update(&md_ctx, p, 8)) != 0) {
+        goto exit;
+    }
+    if ((ret = mbedtls_md_update(&md_ctx, hash, hashlen)) != 0) {
+        goto exit;
+    }
+    if ((ret = mbedtls_md_update(&md_ctx, salt, slen)) != 0) {
+        goto exit;
+    }
+    if ((ret = mbedtls_md_finish(&md_ctx, p)) != 0) {
+        goto exit;
+    }
+
+    /* Compensate for boundary condition when applying mask */
+    if (msb % 8 == 0) {
+        offset = 1;
+    }
+
+    /* maskedDB: Apply dbMask to DB */
+    if ((ret = mgf_mask(sig + offset, olen - hlen - 1 - offset, p, hlen,
+                        &md_ctx)) != 0) {
+        goto exit;
+    }
+
+    msb = mbedtls_mpi_bitlen(&ctx->N) - 1;
+    sig[0] &= 0xFF >> (olen * 8 - msb);
+
+    p += hlen;
+    *p++ = 0xBC;
+
+exit:
+    mbedtls_md_free(&md_ctx);
+
+    if (ret != 0) {
+        return ret;
+    }
+
+    return (mode == MBEDTLS_RSA_PUBLIC)
+            ? mbedtls_rsa_public(ctx, sig, sig)
+            : mbedtls_rsa_private(ctx, f_rng, p_rng, sig, sig);
+}
+
+/*
+ * Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function with
+ * the option to pass in the salt length.
+ */
+int mbedtls_rsa_rsassa_pss_sign_ext(mbedtls_rsa_context *ctx,
+                                    int (*f_rng)(void *, unsigned char *, size_t),
+                                    void *p_rng,
+                                    mbedtls_md_type_t md_alg,
+                                    unsigned int hashlen,
+                                    const unsigned char *hash,
+                                    int saltlen,
+                                    unsigned char *sig)
+{
+    return rsa_rsassa_pss_sign(ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, md_alg,
+                               hashlen, hash, saltlen, sig);
+}
+
+
+/*
+ * Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function
+ */
+int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
+                                int (*f_rng)(void *, unsigned char *, size_t),
+                                void *p_rng,
+                                int mode,
+                                mbedtls_md_type_t md_alg,
+                                unsigned int hashlen,
+                                const unsigned char *hash,
+                                unsigned char *sig)
+{
+    return rsa_rsassa_pss_sign(ctx, f_rng, p_rng, mode, md_alg,
+                               hashlen, hash, MBEDTLS_RSA_SALT_LEN_ANY, sig);
+}
+#endif /* MBEDTLS_PKCS1_V21 */
+
+#if defined(MBEDTLS_PKCS1_V15)
+/*
+ * Implementation of the PKCS#1 v2.1 RSASSA-PKCS1-V1_5-SIGN function
+ */
+
+/* Construct a PKCS v1.5 encoding of a hashed message
+ *
+ * This is used both for signature generation and verification.
+ *
+ * Parameters:
+ * - md_alg:  Identifies the hash algorithm used to generate the given hash;
+ *            MBEDTLS_MD_NONE if raw data is signed.
+ * - hashlen: Length of hash in case hashlen is MBEDTLS_MD_NONE.
+ * - hash:    Buffer containing the hashed message or the raw data.
+ * - dst_len: Length of the encoded message.
+ * - dst:     Buffer to hold the encoded message.
+ *
+ * Assumptions:
+ * - hash has size hashlen if md_alg == MBEDTLS_MD_NONE.
+ * - hash has size corresponding to md_alg if md_alg != MBEDTLS_MD_NONE.
+ * - dst points to a buffer of size at least dst_len.
+ *
+ */
+static int rsa_rsassa_pkcs1_v15_encode(mbedtls_md_type_t md_alg,
+                                       unsigned int hashlen,
+                                       const unsigned char *hash,
+                                       size_t dst_len,
+                                       unsigned char *dst)
+{
+    size_t oid_size  = 0;
+    size_t nb_pad    = dst_len;
+    unsigned char *p = dst;
+    const char *oid  = NULL;
+
+    /* Are we signing hashed or raw data? */
+    if (md_alg != MBEDTLS_MD_NONE) {
+        const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_alg);
+        if (md_info == NULL) {
+            return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+        }
+
+        if (mbedtls_oid_get_oid_by_md(md_alg, &oid, &oid_size) != 0) {
+            return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+        }
+
+        hashlen = mbedtls_md_get_size(md_info);
+
+        /* Double-check that 8 + hashlen + oid_size can be used as a
+         * 1-byte ASN.1 length encoding and that there's no overflow. */
+        if (8 + hashlen + oid_size  >= 0x80         ||
+            10 + hashlen            <  hashlen      ||
+            10 + hashlen + oid_size <  10 + hashlen) {
+            return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+        }
+
+        /*
+         * Static bounds check:
+         * - Need 10 bytes for five tag-length pairs.
+         *   (Insist on 1-byte length encodings to protect against variants of
+         *    Bleichenbacher's forgery attack against lax PKCS#1v1.5 verification)
+         * - Need hashlen bytes for hash
+         * - Need oid_size bytes for hash alg OID.
+         */
+        if (nb_pad < 10 + hashlen + oid_size) {
+            return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+        }
+        nb_pad -= 10 + hashlen + oid_size;
+    } else {
+        if (nb_pad < hashlen) {
+            return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+        }
+
+        nb_pad -= hashlen;
+    }
+
+    /* Need space for signature header and padding delimiter (3 bytes),
+     * and 8 bytes for the minimal padding */
+    if (nb_pad < 3 + 8) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+    nb_pad -= 3;
+
+    /* Now nb_pad is the amount of memory to be filled
+     * with padding, and at least 8 bytes long. */
+
+    /* Write signature header and padding */
+    *p++ = 0;
+    *p++ = MBEDTLS_RSA_SIGN;
+    memset(p, 0xFF, nb_pad);
+    p += nb_pad;
+    *p++ = 0;
+
+    /* Are we signing raw data? */
+    if (md_alg == MBEDTLS_MD_NONE) {
+        memcpy(p, hash, hashlen);
+        return 0;
+    }
+
+    /* Signing hashed data, add corresponding ASN.1 structure
+     *
+     * DigestInfo ::= SEQUENCE {
+     *   digestAlgorithm DigestAlgorithmIdentifier,
+     *   digest Digest }
+     * DigestAlgorithmIdentifier ::= AlgorithmIdentifier
+     * Digest ::= OCTET STRING
+     *
+     * Schematic:
+     * TAG-SEQ + LEN [ TAG-SEQ + LEN [ TAG-OID  + LEN [ OID  ]
+     *                                 TAG-NULL + LEN [ NULL ] ]
+     *                 TAG-OCTET + LEN [ HASH ] ]
+     */
+    *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED;
+    *p++ = (unsigned char) (0x08 + oid_size + hashlen);
+    *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED;
+    *p++ = (unsigned char) (0x04 + oid_size);
+    *p++ = MBEDTLS_ASN1_OID;
+    *p++ = (unsigned char) oid_size;
+    memcpy(p, oid, oid_size);
+    p += oid_size;
+    *p++ = MBEDTLS_ASN1_NULL;
+    *p++ = 0x00;
+    *p++ = MBEDTLS_ASN1_OCTET_STRING;
+    *p++ = (unsigned char) hashlen;
+    memcpy(p, hash, hashlen);
+    p += hashlen;
+
+    /* Just a sanity-check, should be automatic
+     * after the initial bounds check. */
+    if (p != dst + dst_len) {
+        mbedtls_platform_zeroize(dst, dst_len);
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    return 0;
+}
+
+/*
+ * Do an RSA operation to sign the message digest
+ */
+int mbedtls_rsa_rsassa_pkcs1_v15_sign(mbedtls_rsa_context *ctx,
+                                      int (*f_rng)(void *, unsigned char *, size_t),
+                                      void *p_rng,
+                                      int mode,
+                                      mbedtls_md_type_t md_alg,
+                                      unsigned int hashlen,
+                                      const unsigned char *hash,
+                                      unsigned char *sig)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *sig_try = NULL, *verif = NULL;
+
+    RSA_VALIDATE_RET(ctx != NULL);
+    RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE ||
+                     mode == MBEDTLS_RSA_PUBLIC);
+    RSA_VALIDATE_RET((md_alg  == MBEDTLS_MD_NONE &&
+                      hashlen == 0) ||
+                     hash != NULL);
+    RSA_VALIDATE_RET(sig != NULL);
+
+    if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    /*
+     * Prepare PKCS1-v1.5 encoding (padding and hash identifier)
+     */
+
+    if ((ret = rsa_rsassa_pkcs1_v15_encode(md_alg, hashlen, hash,
+                                           ctx->len, sig)) != 0) {
+        return ret;
+    }
+
+    /*
+     * Call respective RSA primitive
+     */
+
+    if (mode == MBEDTLS_RSA_PUBLIC) {
+        /* Skip verification on a public key operation */
+        return mbedtls_rsa_public(ctx, sig, sig);
+    }
+
+    /* Private key operation
+     *
+     * In order to prevent Lenstra's attack, make the signature in a
+     * temporary buffer and check it before returning it.
+     */
+
+    sig_try = mbedtls_calloc(1, ctx->len);
+    if (sig_try == NULL) {
+        return MBEDTLS_ERR_MPI_ALLOC_FAILED;
+    }
+
+    verif = mbedtls_calloc(1, ctx->len);
+    if (verif == NULL) {
+        mbedtls_free(sig_try);
+        return MBEDTLS_ERR_MPI_ALLOC_FAILED;
+    }
+
+    MBEDTLS_MPI_CHK(mbedtls_rsa_private(ctx, f_rng, p_rng, sig, sig_try));
+    MBEDTLS_MPI_CHK(mbedtls_rsa_public(ctx, sig_try, verif));
+
+    if (mbedtls_ct_memcmp(verif, sig, ctx->len) != 0) {
+        ret = MBEDTLS_ERR_RSA_PRIVATE_FAILED;
+        goto cleanup;
+    }
+
+    memcpy(sig, sig_try, ctx->len);
+
+cleanup:
+    mbedtls_platform_zeroize(sig_try, ctx->len);
+    mbedtls_platform_zeroize(verif, ctx->len);
+    mbedtls_free(sig_try);
+    mbedtls_free(verif);
+
+    if (ret != 0) {
+        memset(sig, '!', ctx->len);
+    }
+    return ret;
+}
+#endif /* MBEDTLS_PKCS1_V15 */
+
+/*
+ * Do an RSA operation to sign the message digest
+ */
+int mbedtls_rsa_pkcs1_sign(mbedtls_rsa_context *ctx,
+                           int (*f_rng)(void *, unsigned char *, size_t),
+                           void *p_rng,
+                           int mode,
+                           mbedtls_md_type_t md_alg,
+                           unsigned int hashlen,
+                           const unsigned char *hash,
+                           unsigned char *sig)
+{
+    RSA_VALIDATE_RET(ctx != NULL);
+    RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE ||
+                     mode == MBEDTLS_RSA_PUBLIC);
+    RSA_VALIDATE_RET((md_alg  == MBEDTLS_MD_NONE &&
+                      hashlen == 0) ||
+                     hash != NULL);
+    RSA_VALIDATE_RET(sig != NULL);
+
+    switch (ctx->padding) {
+#if defined(MBEDTLS_PKCS1_V15)
+        case MBEDTLS_RSA_PKCS_V15:
+            return mbedtls_rsa_rsassa_pkcs1_v15_sign(ctx, f_rng, p_rng, mode, md_alg,
+                                                     hashlen, hash, sig);
+#endif
+
+#if defined(MBEDTLS_PKCS1_V21)
+        case MBEDTLS_RSA_PKCS_V21:
+            return mbedtls_rsa_rsassa_pss_sign(ctx, f_rng, p_rng, mode, md_alg,
+                                               hashlen, hash, sig);
+#endif
+
+        default:
+            return MBEDTLS_ERR_RSA_INVALID_PADDING;
+    }
+}
+
+#if defined(MBEDTLS_PKCS1_V21)
+/*
+ * Implementation of the PKCS#1 v2.1 RSASSA-PSS-VERIFY function
+ */
+int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx,
+                                      int (*f_rng)(void *, unsigned char *, size_t),
+                                      void *p_rng,
+                                      int mode,
+                                      mbedtls_md_type_t md_alg,
+                                      unsigned int hashlen,
+                                      const unsigned char *hash,
+                                      mbedtls_md_type_t mgf1_hash_id,
+                                      int expected_salt_len,
+                                      const unsigned char *sig)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t siglen;
+    unsigned char *p;
+    unsigned char *hash_start;
+    unsigned char result[MBEDTLS_MD_MAX_SIZE];
+    unsigned char zeros[8];
+    unsigned int hlen;
+    size_t observed_salt_len, msb;
+    const mbedtls_md_info_t *md_info;
+    mbedtls_md_context_t md_ctx;
+    unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
+
+    RSA_VALIDATE_RET(ctx != NULL);
+    RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE ||
+                     mode == MBEDTLS_RSA_PUBLIC);
+    RSA_VALIDATE_RET(sig != NULL);
+    RSA_VALIDATE_RET((md_alg  == MBEDTLS_MD_NONE &&
+                      hashlen == 0) ||
+                     hash != NULL);
+
+    if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    siglen = ctx->len;
+
+    if (siglen < 16 || siglen > sizeof(buf)) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    ret = (mode == MBEDTLS_RSA_PUBLIC)
+          ? mbedtls_rsa_public(ctx, sig, buf)
+          : mbedtls_rsa_private(ctx, f_rng, p_rng, sig, buf);
+
+    if (ret != 0) {
+        return ret;
+    }
+
+    p = buf;
+
+    if (buf[siglen - 1] != 0xBC) {
+        return MBEDTLS_ERR_RSA_INVALID_PADDING;
+    }
+
+    if (md_alg != MBEDTLS_MD_NONE) {
+        /* Gather length of hash to sign */
+        md_info = mbedtls_md_info_from_type(md_alg);
+        if (md_info == NULL) {
+            return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+        }
+
+        hashlen = mbedtls_md_get_size(md_info);
+    }
+
+    md_info = mbedtls_md_info_from_type(mgf1_hash_id);
+    if (md_info == NULL) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    hlen = mbedtls_md_get_size(md_info);
+
+    memset(zeros, 0, 8);
+
+    /*
+     * Note: EMSA-PSS verification is over the length of N - 1 bits
+     */
+    msb = mbedtls_mpi_bitlen(&ctx->N) - 1;
+
+    if (buf[0] >> (8 - siglen * 8 + msb)) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    /* Compensate for boundary condition when applying mask */
+    if (msb % 8 == 0) {
+        p++;
+        siglen -= 1;
+    }
+
+    if (siglen < hlen + 2) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+    hash_start = p + siglen - hlen - 1;
+
+    mbedtls_md_init(&md_ctx);
+    if ((ret = mbedtls_md_setup(&md_ctx, md_info, 0)) != 0) {
+        goto exit;
+    }
+
+    ret = mgf_mask(p, siglen - hlen - 1, hash_start, hlen, &md_ctx);
+    if (ret != 0) {
+        goto exit;
+    }
+
+    buf[0] &= 0xFF >> (siglen * 8 - msb);
+
+    while (p < hash_start - 1 && *p == 0) {
+        p++;
+    }
+
+    if (*p++ != 0x01) {
+        ret = MBEDTLS_ERR_RSA_INVALID_PADDING;
+        goto exit;
+    }
+
+    observed_salt_len = hash_start - p;
+
+    if (expected_salt_len != MBEDTLS_RSA_SALT_LEN_ANY &&
+        observed_salt_len != (size_t) expected_salt_len) {
+        ret = MBEDTLS_ERR_RSA_INVALID_PADDING;
+        goto exit;
+    }
+
+    /*
+     * Generate H = Hash( M' )
+     */
+    ret = mbedtls_md_starts(&md_ctx);
+    if (ret != 0) {
+        goto exit;
+    }
+    ret = mbedtls_md_update(&md_ctx, zeros, 8);
+    if (ret != 0) {
+        goto exit;
+    }
+    ret = mbedtls_md_update(&md_ctx, hash, hashlen);
+    if (ret != 0) {
+        goto exit;
+    }
+    ret = mbedtls_md_update(&md_ctx, p, observed_salt_len);
+    if (ret != 0) {
+        goto exit;
+    }
+    ret = mbedtls_md_finish(&md_ctx, result);
+    if (ret != 0) {
+        goto exit;
+    }
+
+    if (memcmp(hash_start, result, hlen) != 0) {
+        ret = MBEDTLS_ERR_RSA_VERIFY_FAILED;
+        goto exit;
+    }
+
+exit:
+    mbedtls_md_free(&md_ctx);
+
+    return ret;
+}
+
+/*
+ * Simplified PKCS#1 v2.1 RSASSA-PSS-VERIFY function
+ */
+int mbedtls_rsa_rsassa_pss_verify(mbedtls_rsa_context *ctx,
+                                  int (*f_rng)(void *, unsigned char *, size_t),
+                                  void *p_rng,
+                                  int mode,
+                                  mbedtls_md_type_t md_alg,
+                                  unsigned int hashlen,
+                                  const unsigned char *hash,
+                                  const unsigned char *sig)
+{
+    mbedtls_md_type_t mgf1_hash_id;
+    RSA_VALIDATE_RET(ctx != NULL);
+    RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE ||
+                     mode == MBEDTLS_RSA_PUBLIC);
+    RSA_VALIDATE_RET(sig != NULL);
+    RSA_VALIDATE_RET((md_alg  == MBEDTLS_MD_NONE &&
+                      hashlen == 0) ||
+                     hash != NULL);
+
+    mgf1_hash_id = (ctx->hash_id != MBEDTLS_MD_NONE)
+                             ? (mbedtls_md_type_t) ctx->hash_id
+                             : md_alg;
+
+    return mbedtls_rsa_rsassa_pss_verify_ext(ctx, f_rng, p_rng, mode,
+                                             md_alg, hashlen, hash,
+                                             mgf1_hash_id, MBEDTLS_RSA_SALT_LEN_ANY,
+                                             sig);
+
+}
+#endif /* MBEDTLS_PKCS1_V21 */
+
+#if defined(MBEDTLS_PKCS1_V15)
+/*
+ * Implementation of the PKCS#1 v2.1 RSASSA-PKCS1-v1_5-VERIFY function
+ */
+int mbedtls_rsa_rsassa_pkcs1_v15_verify(mbedtls_rsa_context *ctx,
+                                        int (*f_rng)(void *, unsigned char *, size_t),
+                                        void *p_rng,
+                                        int mode,
+                                        mbedtls_md_type_t md_alg,
+                                        unsigned int hashlen,
+                                        const unsigned char *hash,
+                                        const unsigned char *sig)
+{
+    int ret = 0;
+    size_t sig_len;
+    unsigned char *encoded = NULL, *encoded_expected = NULL;
+
+    RSA_VALIDATE_RET(ctx != NULL);
+    RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE ||
+                     mode == MBEDTLS_RSA_PUBLIC);
+    RSA_VALIDATE_RET(sig != NULL);
+    RSA_VALIDATE_RET((md_alg  == MBEDTLS_MD_NONE &&
+                      hashlen == 0) ||
+                     hash != NULL);
+
+    sig_len = ctx->len;
+
+    if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15) {
+        return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+    }
+
+    /*
+     * Prepare expected PKCS1 v1.5 encoding of hash.
+     */
+
+    if ((encoded          = mbedtls_calloc(1, sig_len)) == NULL ||
+        (encoded_expected = mbedtls_calloc(1, sig_len)) == NULL) {
+        ret = MBEDTLS_ERR_MPI_ALLOC_FAILED;
+        goto cleanup;
+    }
+
+    if ((ret = rsa_rsassa_pkcs1_v15_encode(md_alg, hashlen, hash, sig_len,
+                                           encoded_expected)) != 0) {
+        goto cleanup;
+    }
+
+    /*
+     * Apply RSA primitive to get what should be PKCS1 encoded hash.
+     */
+
+    ret = (mode == MBEDTLS_RSA_PUBLIC)
+          ? mbedtls_rsa_public(ctx, sig, encoded)
+          : mbedtls_rsa_private(ctx, f_rng, p_rng, sig, encoded);
+    if (ret != 0) {
+        goto cleanup;
+    }
+
+    /*
+     * Compare
+     */
+
+    if ((ret = mbedtls_ct_memcmp(encoded, encoded_expected,
+                                 sig_len)) != 0) {
+        ret = MBEDTLS_ERR_RSA_VERIFY_FAILED;
+        goto cleanup;
+    }
+
+cleanup:
+
+    if (encoded != NULL) {
+        mbedtls_platform_zeroize(encoded, sig_len);
+        mbedtls_free(encoded);
+    }
+
+    if (encoded_expected != NULL) {
+        mbedtls_platform_zeroize(encoded_expected, sig_len);
+        mbedtls_free(encoded_expected);
+    }
+
+    return ret;
+}
+#endif /* MBEDTLS_PKCS1_V15 */
+
+/*
+ * Do an RSA operation and check the message digest
+ */
+int mbedtls_rsa_pkcs1_verify(mbedtls_rsa_context *ctx,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng,
+                             int mode,
+                             mbedtls_md_type_t md_alg,
+                             unsigned int hashlen,
+                             const unsigned char *hash,
+                             const unsigned char *sig)
+{
+    RSA_VALIDATE_RET(ctx != NULL);
+    RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE ||
+                     mode == MBEDTLS_RSA_PUBLIC);
+    RSA_VALIDATE_RET(sig != NULL);
+    RSA_VALIDATE_RET((md_alg  == MBEDTLS_MD_NONE &&
+                      hashlen == 0) ||
+                     hash != NULL);
+
+    switch (ctx->padding) {
+#if defined(MBEDTLS_PKCS1_V15)
+        case MBEDTLS_RSA_PKCS_V15:
+            return mbedtls_rsa_rsassa_pkcs1_v15_verify(ctx, f_rng, p_rng, mode, md_alg,
+                                                       hashlen, hash, sig);
+#endif
+
+#if defined(MBEDTLS_PKCS1_V21)
+        case MBEDTLS_RSA_PKCS_V21:
+            return mbedtls_rsa_rsassa_pss_verify(ctx, f_rng, p_rng, mode, md_alg,
+                                                 hashlen, hash, sig);
+#endif
+
+        default:
+            return MBEDTLS_ERR_RSA_INVALID_PADDING;
+    }
+}
+
+/*
+ * Copy the components of an RSA key
+ */
+int mbedtls_rsa_copy(mbedtls_rsa_context *dst, const mbedtls_rsa_context *src)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    RSA_VALIDATE_RET(dst != NULL);
+    RSA_VALIDATE_RET(src != NULL);
+
+    dst->len = src->len;
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->N, &src->N));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->E, &src->E));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->D, &src->D));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->P, &src->P));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->Q, &src->Q));
+
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->DP, &src->DP));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->DQ, &src->DQ));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->QP, &src->QP));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->RP, &src->RP));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->RQ, &src->RQ));
+#endif
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->RN, &src->RN));
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->Vi, &src->Vi));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->Vf, &src->Vf));
+
+    dst->padding = src->padding;
+    dst->hash_id = src->hash_id;
+
+cleanup:
+    if (ret != 0) {
+        mbedtls_rsa_free(dst);
+    }
+
+    return ret;
+}
+
+/*
+ * Free the components of an RSA key
+ */
+void mbedtls_rsa_free(mbedtls_rsa_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_mpi_free(&ctx->Vi);
+    mbedtls_mpi_free(&ctx->Vf);
+    mbedtls_mpi_free(&ctx->RN);
+    mbedtls_mpi_free(&ctx->D);
+    mbedtls_mpi_free(&ctx->Q);
+    mbedtls_mpi_free(&ctx->P);
+    mbedtls_mpi_free(&ctx->E);
+    mbedtls_mpi_free(&ctx->N);
+
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    mbedtls_mpi_free(&ctx->RQ);
+    mbedtls_mpi_free(&ctx->RP);
+    mbedtls_mpi_free(&ctx->QP);
+    mbedtls_mpi_free(&ctx->DQ);
+    mbedtls_mpi_free(&ctx->DP);
+#endif /* MBEDTLS_RSA_NO_CRT */
+
+#if defined(MBEDTLS_THREADING_C)
+    /* Free the mutex, but only if it hasn't been freed already. */
+    if (ctx->ver != 0) {
+        mbedtls_mutex_free(&ctx->mutex);
+        ctx->ver = 0;
+    }
+#endif
+}
+
+#endif /* !MBEDTLS_RSA_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+#include "mbedtls/sha1.h"
+
+/*
+ * Example RSA-1024 keypair, for test purposes
+ */
+#define KEY_LEN 128
+
+#define RSA_N   "9292758453063D803DD603D5E777D788" \
+                "8ED1D5BF35786190FA2F23EBC0848AEA" \
+                "DDA92CA6C3D80B32C4D109BE0F36D6AE" \
+                "7130B9CED7ACDF54CFC7555AC14EEBAB" \
+                "93A89813FBF3C4F8066D2D800F7C38A8" \
+                "1AE31942917403FF4946B0A83D3D3E05" \
+                "EE57C6F5F5606FB5D4BC6CD34EE0801A" \
+                "5E94BB77B07507233A0BC7BAC8F90F79"
+
+#define RSA_E   "10001"
+
+#define RSA_D   "24BF6185468786FDD303083D25E64EFC" \
+                "66CA472BC44D253102F8B4A9D3BFA750" \
+                "91386C0077937FE33FA3252D28855837" \
+                "AE1B484A8A9A45F7EE8C0C634F99E8CD" \
+                "DF79C5CE07EE72C7F123142198164234" \
+                "CABB724CF78B8173B9F880FC86322407" \
+                "AF1FEDFDDE2BEB674CA15F3E81A1521E" \
+                "071513A1E85B5DFA031F21ECAE91A34D"
+
+#define RSA_P   "C36D0EB7FCD285223CFB5AABA5BDA3D8" \
+                "2C01CAD19EA484A87EA4377637E75500" \
+                "FCB2005C5C7DD6EC4AC023CDA285D796" \
+                "C3D9E75E1EFC42488BB4F1D13AC30A57"
+
+#define RSA_Q   "C000DF51A7C77AE8D7C7370C1FF55B69" \
+                "E211C2B9E5DB1ED0BF61D0D9899620F4" \
+                "910E4168387E3C30AA1E00C339A79508" \
+                "8452DD96A9A5EA5D9DCA68DA636032AF"
+
+#define PT_LEN  24
+#define RSA_PT  "\xAA\xBB\xCC\x03\x02\x01\x00\xFF\xFF\xFF\xFF\xFF" \
+                "\x11\x22\x33\x0A\x0B\x0C\xCC\xDD\xDD\xDD\xDD\xDD"
+
+#if defined(MBEDTLS_PKCS1_V15)
+static int myrand(void *rng_state, unsigned char *output, size_t len)
+{
+#if !defined(__OpenBSD__) && !defined(__NetBSD__)
+    size_t i;
+
+    if (rng_state != NULL) {
+        rng_state  = NULL;
+    }
+
+    for (i = 0; i < len; ++i) {
+        output[i] = rand();
+    }
+#else
+    if (rng_state != NULL) {
+        rng_state = NULL;
+    }
+
+    arc4random_buf(output, len);
+#endif /* !OpenBSD && !NetBSD */
+
+    return 0;
+}
+#endif /* MBEDTLS_PKCS1_V15 */
+
+/*
+ * Checkup routine
+ */
+int mbedtls_rsa_self_test(int verbose)
+{
+    int ret = 0;
+#if defined(MBEDTLS_PKCS1_V15)
+    size_t len;
+    mbedtls_rsa_context rsa;
+    unsigned char rsa_plaintext[PT_LEN];
+    unsigned char rsa_decrypted[PT_LEN];
+    unsigned char rsa_ciphertext[KEY_LEN];
+#if defined(MBEDTLS_SHA1_C)
+    unsigned char sha1sum[20];
+#endif
+
+    mbedtls_mpi K;
+
+    mbedtls_mpi_init(&K);
+    mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0);
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&K, 16, RSA_N));
+    MBEDTLS_MPI_CHK(mbedtls_rsa_import(&rsa, &K, NULL, NULL, NULL, NULL));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&K, 16, RSA_P));
+    MBEDTLS_MPI_CHK(mbedtls_rsa_import(&rsa, NULL, &K, NULL, NULL, NULL));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&K, 16, RSA_Q));
+    MBEDTLS_MPI_CHK(mbedtls_rsa_import(&rsa, NULL, NULL, &K, NULL, NULL));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&K, 16, RSA_D));
+    MBEDTLS_MPI_CHK(mbedtls_rsa_import(&rsa, NULL, NULL, NULL, &K, NULL));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&K, 16, RSA_E));
+    MBEDTLS_MPI_CHK(mbedtls_rsa_import(&rsa, NULL, NULL, NULL, NULL, &K));
+
+    MBEDTLS_MPI_CHK(mbedtls_rsa_complete(&rsa));
+
+    if (verbose != 0) {
+        mbedtls_printf("  RSA key validation: ");
+    }
+
+    if (mbedtls_rsa_check_pubkey(&rsa) != 0 ||
+        mbedtls_rsa_check_privkey(&rsa) != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
+
+        ret = 1;
+        goto cleanup;
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n  PKCS#1 encryption : ");
+    }
+
+    memcpy(rsa_plaintext, RSA_PT, PT_LEN);
+
+    if (mbedtls_rsa_pkcs1_encrypt(&rsa, myrand, NULL, MBEDTLS_RSA_PUBLIC,
+                                  PT_LEN, rsa_plaintext,
+                                  rsa_ciphertext) != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
+
+        ret = 1;
+        goto cleanup;
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n  PKCS#1 decryption : ");
+    }
+
+    if (mbedtls_rsa_pkcs1_decrypt(&rsa, myrand, NULL, MBEDTLS_RSA_PRIVATE,
+                                  &len, rsa_ciphertext, rsa_decrypted,
+                                  sizeof(rsa_decrypted)) != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
+
+        ret = 1;
+        goto cleanup;
+    }
+
+    if (memcmp(rsa_decrypted, rsa_plaintext, len) != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
+
+        ret = 1;
+        goto cleanup;
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n");
+    }
+
+#if defined(MBEDTLS_SHA1_C)
+    if (verbose != 0) {
+        mbedtls_printf("  PKCS#1 data sign  : ");
+    }
+
+    if (mbedtls_sha1_ret(rsa_plaintext, PT_LEN, sha1sum) != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
+
+        return 1;
+    }
+
+    if (mbedtls_rsa_pkcs1_sign(&rsa, myrand, NULL,
+                               MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA1, 0,
+                               sha1sum, rsa_ciphertext) != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
+
+        ret = 1;
+        goto cleanup;
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n  PKCS#1 sig. verify: ");
+    }
+
+    if (mbedtls_rsa_pkcs1_verify(&rsa, NULL, NULL,
+                                 MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0,
+                                 sha1sum, rsa_ciphertext) != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
+
+        ret = 1;
+        goto cleanup;
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n");
+    }
+#endif /* MBEDTLS_SHA1_C */
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+cleanup:
+    mbedtls_mpi_free(&K);
+    mbedtls_rsa_free(&rsa);
+#else /* MBEDTLS_PKCS1_V15 */
+    ((void) verbose);
+#endif /* MBEDTLS_PKCS1_V15 */
+    return ret;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_RSA_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/rsa_internal.c b/3rdparty/mbedtls-2.28.7/library/rsa_internal.c
new file mode 100644
index 0000000..5a9e5c3
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/rsa_internal.c
@@ -0,0 +1,447 @@
+/*
+ *  Helper functions for the RSA module
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ *
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_RSA_C)
+
+#include "mbedtls/rsa.h"
+#include "mbedtls/bignum.h"
+#include "mbedtls/rsa_internal.h"
+
+/*
+ * Compute RSA prime factors from public and private exponents
+ *
+ * Summary of algorithm:
+ * Setting F := lcm(P-1,Q-1), the idea is as follows:
+ *
+ * (a) For any 1 <= X < N with gcd(X,N)=1, we have X^F = 1 modulo N, so X^(F/2)
+ *     is a square root of 1 in Z/NZ. Since Z/NZ ~= Z/PZ x Z/QZ by CRT and the
+ *     square roots of 1 in Z/PZ and Z/QZ are +1 and -1, this leaves the four
+ *     possibilities X^(F/2) = (+-1, +-1). If it happens that X^(F/2) = (-1,+1)
+ *     or (+1,-1), then gcd(X^(F/2) + 1, N) will be equal to one of the prime
+ *     factors of N.
+ *
+ * (b) If we don't know F/2 but (F/2) * K for some odd (!) K, then the same
+ *     construction still applies since (-)^K is the identity on the set of
+ *     roots of 1 in Z/NZ.
+ *
+ * The public and private key primitives (-)^E and (-)^D are mutually inverse
+ * bijections on Z/NZ if and only if (-)^(DE) is the identity on Z/NZ, i.e.
+ * if and only if DE - 1 is a multiple of F, say DE - 1 = F * L.
+ * Splitting L = 2^t * K with K odd, we have
+ *
+ *   DE - 1 = FL = (F/2) * (2^(t+1)) * K,
+ *
+ * so (F / 2) * K is among the numbers
+ *
+ *   (DE - 1) >> 1, (DE - 1) >> 2, ..., (DE - 1) >> ord
+ *
+ * where ord is the order of 2 in (DE - 1).
+ * We can therefore iterate through these numbers apply the construction
+ * of (a) and (b) above to attempt to factor N.
+ *
+ */
+int mbedtls_rsa_deduce_primes(mbedtls_mpi const *N,
+                              mbedtls_mpi const *E, mbedtls_mpi const *D,
+                              mbedtls_mpi *P, mbedtls_mpi *Q)
+{
+    int ret = 0;
+
+    uint16_t attempt;  /* Number of current attempt  */
+    uint16_t iter;     /* Number of squares computed in the current attempt */
+
+    uint16_t order;    /* Order of 2 in DE - 1 */
+
+    mbedtls_mpi T;  /* Holds largest odd divisor of DE - 1     */
+    mbedtls_mpi K;  /* Temporary holding the current candidate */
+
+    const unsigned char primes[] = { 2,
+                                     3,    5,    7,   11,   13,   17,   19,   23,
+                                     29,   31,   37,   41,   43,   47,   53,   59,
+                                     61,   67,   71,   73,   79,   83,   89,   97,
+                                     101,  103,  107,  109,  113,  127,  131,  137,
+                                     139,  149,  151,  157,  163,  167,  173,  179,
+                                     181,  191,  193,  197,  199,  211,  223,  227,
+                                     229,  233,  239,  241,  251 };
+
+    const size_t num_primes = sizeof(primes) / sizeof(*primes);
+
+    if (P == NULL || Q == NULL || P->p != NULL || Q->p != NULL) {
+        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+
+    if (mbedtls_mpi_cmp_int(N, 0) <= 0 ||
+        mbedtls_mpi_cmp_int(D, 1) <= 0 ||
+        mbedtls_mpi_cmp_mpi(D, N) >= 0 ||
+        mbedtls_mpi_cmp_int(E, 1) <= 0 ||
+        mbedtls_mpi_cmp_mpi(E, N) >= 0) {
+        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+
+    /*
+     * Initializations and temporary changes
+     */
+
+    mbedtls_mpi_init(&K);
+    mbedtls_mpi_init(&T);
+
+    /* T := DE - 1 */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&T, D,  E));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&T, &T, 1));
+
+    if ((order = (uint16_t) mbedtls_mpi_lsb(&T)) == 0) {
+        ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    /* After this operation, T holds the largest odd divisor of DE - 1. */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&T, order));
+
+    /*
+     * Actual work
+     */
+
+    /* Skip trying 2 if N == 1 mod 8 */
+    attempt = 0;
+    if (N->p[0] % 8 == 1) {
+        attempt = 1;
+    }
+
+    for (; attempt < num_primes; ++attempt) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&K, primes[attempt]));
+
+        /* Check if gcd(K,N) = 1 */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(P, &K, N));
+        if (mbedtls_mpi_cmp_int(P, 1) != 0) {
+            continue;
+        }
+
+        /* Go through K^T + 1, K^(2T) + 1, K^(4T) + 1, ...
+         * and check whether they have nontrivial GCD with N. */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&K, &K, &T, N,
+                                            Q /* temporarily use Q for storing Montgomery
+                                               * multiplication helper values */));
+
+        for (iter = 1; iter <= order; ++iter) {
+            /* If we reach 1 prematurely, there's no point
+             * in continuing to square K */
+            if (mbedtls_mpi_cmp_int(&K, 1) == 0) {
+                break;
+            }
+
+            MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(&K, &K, 1));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(P, &K, N));
+
+            if (mbedtls_mpi_cmp_int(P, 1) ==  1 &&
+                mbedtls_mpi_cmp_mpi(P, N) == -1) {
+                /*
+                 * Have found a nontrivial divisor P of N.
+                 * Set Q := N / P.
+                 */
+
+                MBEDTLS_MPI_CHK(mbedtls_mpi_div_mpi(Q, NULL, N, P));
+                goto cleanup;
+            }
+
+            MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, &K, 1));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&K, &K, &K));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&K, &K, N));
+        }
+
+        /*
+         * If we get here, then either we prematurely aborted the loop because
+         * we reached 1, or K holds primes[attempt]^(DE - 1) mod N, which must
+         * be 1 if D,E,N were consistent.
+         * Check if that's the case and abort if not, to avoid very long,
+         * yet eventually failing, computations if N,D,E were not sane.
+         */
+        if (mbedtls_mpi_cmp_int(&K, 1) != 0) {
+            break;
+        }
+    }
+
+    ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+
+cleanup:
+
+    mbedtls_mpi_free(&K);
+    mbedtls_mpi_free(&T);
+    return ret;
+}
+
+/*
+ * Given P, Q and the public exponent E, deduce D.
+ * This is essentially a modular inversion.
+ */
+int mbedtls_rsa_deduce_private_exponent(mbedtls_mpi const *P,
+                                        mbedtls_mpi const *Q,
+                                        mbedtls_mpi const *E,
+                                        mbedtls_mpi *D)
+{
+    int ret = 0;
+    mbedtls_mpi K, L;
+
+    if (D == NULL || mbedtls_mpi_cmp_int(D, 0) != 0) {
+        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+
+    if (mbedtls_mpi_cmp_int(P, 1) <= 0 ||
+        mbedtls_mpi_cmp_int(Q, 1) <= 0 ||
+        mbedtls_mpi_cmp_int(E, 0) == 0) {
+        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+
+    mbedtls_mpi_init(&K);
+    mbedtls_mpi_init(&L);
+
+    /* Temporarily put K := P-1 and L := Q-1 */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, P, 1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&L, Q, 1));
+
+    /* Temporarily put D := gcd(P-1, Q-1) */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(D, &K, &L));
+
+    /* K := LCM(P-1, Q-1) */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&K, &K, &L));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_div_mpi(&K, NULL, &K, D));
+
+    /* Compute modular inverse of E in LCM(P-1, Q-1) */
+    MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(D, E, &K));
+
+cleanup:
+
+    mbedtls_mpi_free(&K);
+    mbedtls_mpi_free(&L);
+
+    return ret;
+}
+
+/*
+ * Check that RSA CRT parameters are in accordance with core parameters.
+ */
+int mbedtls_rsa_validate_crt(const mbedtls_mpi *P,  const mbedtls_mpi *Q,
+                             const mbedtls_mpi *D,  const mbedtls_mpi *DP,
+                             const mbedtls_mpi *DQ, const mbedtls_mpi *QP)
+{
+    int ret = 0;
+
+    mbedtls_mpi K, L;
+    mbedtls_mpi_init(&K);
+    mbedtls_mpi_init(&L);
+
+    /* Check that DP - D == 0 mod P - 1 */
+    if (DP != NULL) {
+        if (P == NULL) {
+            ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+            goto cleanup;
+        }
+
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, P, 1));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&L, DP, D));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&L, &L, &K));
+
+        if (mbedtls_mpi_cmp_int(&L, 0) != 0) {
+            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+            goto cleanup;
+        }
+    }
+
+    /* Check that DQ - D == 0 mod Q - 1 */
+    if (DQ != NULL) {
+        if (Q == NULL) {
+            ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+            goto cleanup;
+        }
+
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, Q, 1));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&L, DQ, D));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&L, &L, &K));
+
+        if (mbedtls_mpi_cmp_int(&L, 0) != 0) {
+            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+            goto cleanup;
+        }
+    }
+
+    /* Check that QP * Q - 1 == 0 mod P */
+    if (QP != NULL) {
+        if (P == NULL || Q == NULL) {
+            ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+            goto cleanup;
+        }
+
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&K, QP, Q));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, &K, 1));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&K, &K, P));
+        if (mbedtls_mpi_cmp_int(&K, 0) != 0) {
+            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+            goto cleanup;
+        }
+    }
+
+cleanup:
+
+    /* Wrap MPI error codes by RSA check failure error code */
+    if (ret != 0 &&
+        ret != MBEDTLS_ERR_RSA_KEY_CHECK_FAILED &&
+        ret != MBEDTLS_ERR_RSA_BAD_INPUT_DATA) {
+        ret += MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+    }
+
+    mbedtls_mpi_free(&K);
+    mbedtls_mpi_free(&L);
+
+    return ret;
+}
+
+/*
+ * Check that core RSA parameters are sane.
+ */
+int mbedtls_rsa_validate_params(const mbedtls_mpi *N, const mbedtls_mpi *P,
+                                const mbedtls_mpi *Q, const mbedtls_mpi *D,
+                                const mbedtls_mpi *E,
+                                int (*f_rng)(void *, unsigned char *, size_t),
+                                void *p_rng)
+{
+    int ret = 0;
+    mbedtls_mpi K, L;
+
+    mbedtls_mpi_init(&K);
+    mbedtls_mpi_init(&L);
+
+    /*
+     * Step 1: If PRNG provided, check that P and Q are prime
+     */
+
+#if defined(MBEDTLS_GENPRIME)
+    /*
+     * When generating keys, the strongest security we support aims for an error
+     * rate of at most 2^-100 and we are aiming for the same certainty here as
+     * well.
+     */
+    if (f_rng != NULL && P != NULL &&
+        (ret = mbedtls_mpi_is_prime_ext(P, 50, f_rng, p_rng)) != 0) {
+        ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+        goto cleanup;
+    }
+
+    if (f_rng != NULL && Q != NULL &&
+        (ret = mbedtls_mpi_is_prime_ext(Q, 50, f_rng, p_rng)) != 0) {
+        ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+        goto cleanup;
+    }
+#else
+    ((void) f_rng);
+    ((void) p_rng);
+#endif /* MBEDTLS_GENPRIME */
+
+    /*
+     * Step 2: Check that 1 < N = P * Q
+     */
+
+    if (P != NULL && Q != NULL && N != NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&K, P, Q));
+        if (mbedtls_mpi_cmp_int(N, 1)  <= 0 ||
+            mbedtls_mpi_cmp_mpi(&K, N) != 0) {
+            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+            goto cleanup;
+        }
+    }
+
+    /*
+     * Step 3: Check and 1 < D, E < N if present.
+     */
+
+    if (N != NULL && D != NULL && E != NULL) {
+        if (mbedtls_mpi_cmp_int(D, 1) <= 0 ||
+            mbedtls_mpi_cmp_int(E, 1) <= 0 ||
+            mbedtls_mpi_cmp_mpi(D, N) >= 0 ||
+            mbedtls_mpi_cmp_mpi(E, N) >= 0) {
+            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+            goto cleanup;
+        }
+    }
+
+    /*
+     * Step 4: Check that D, E are inverse modulo P-1 and Q-1
+     */
+
+    if (P != NULL && Q != NULL && D != NULL && E != NULL) {
+        if (mbedtls_mpi_cmp_int(P, 1) <= 0 ||
+            mbedtls_mpi_cmp_int(Q, 1) <= 0) {
+            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+            goto cleanup;
+        }
+
+        /* Compute DE-1 mod P-1 */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&K, D, E));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, &K, 1));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&L, P, 1));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&K, &K, &L));
+        if (mbedtls_mpi_cmp_int(&K, 0) != 0) {
+            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+            goto cleanup;
+        }
+
+        /* Compute DE-1 mod Q-1 */
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&K, D, E));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, &K, 1));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&L, Q, 1));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&K, &K, &L));
+        if (mbedtls_mpi_cmp_int(&K, 0) != 0) {
+            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+            goto cleanup;
+        }
+    }
+
+cleanup:
+
+    mbedtls_mpi_free(&K);
+    mbedtls_mpi_free(&L);
+
+    /* Wrap MPI error codes by RSA check failure error code */
+    if (ret != 0 && ret != MBEDTLS_ERR_RSA_KEY_CHECK_FAILED) {
+        ret += MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+    }
+
+    return ret;
+}
+
+int mbedtls_rsa_deduce_crt(const mbedtls_mpi *P, const mbedtls_mpi *Q,
+                           const mbedtls_mpi *D, mbedtls_mpi *DP,
+                           mbedtls_mpi *DQ, mbedtls_mpi *QP)
+{
+    int ret = 0;
+    mbedtls_mpi K;
+    mbedtls_mpi_init(&K);
+
+    /* DP = D mod P-1 */
+    if (DP != NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, P, 1));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(DP, D, &K));
+    }
+
+    /* DQ = D mod Q-1 */
+    if (DQ != NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, Q, 1));
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(DQ, D, &K));
+    }
+
+    /* QP = Q^{-1} mod P */
+    if (QP != NULL) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(QP, Q, P));
+    }
+
+cleanup:
+    mbedtls_mpi_free(&K);
+
+    return ret;
+}
+
+#endif /* MBEDTLS_RSA_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/sha1.c b/3rdparty/mbedtls-2.28.7/library/sha1.c
new file mode 100644
index 0000000..9dd958e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/sha1.c
@@ -0,0 +1,541 @@
+/*
+ *  FIPS-180-1 compliant SHA-1 implementation
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  The SHA-1 standard was published by NIST in 1993.
+ *
+ *  http://www.itl.nist.gov/fipspubs/fip180-1.htm
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_SHA1_C)
+
+#include "mbedtls/sha1.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#define SHA1_VALIDATE_RET(cond)                             \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_SHA1_BAD_INPUT_DATA)
+
+#define SHA1_VALIDATE(cond)  MBEDTLS_INTERNAL_VALIDATE(cond)
+
+#if !defined(MBEDTLS_SHA1_ALT)
+
+void mbedtls_sha1_init(mbedtls_sha1_context *ctx)
+{
+    SHA1_VALIDATE(ctx != NULL);
+
+    memset(ctx, 0, sizeof(mbedtls_sha1_context));
+}
+
+void mbedtls_sha1_free(mbedtls_sha1_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_sha1_context));
+}
+
+void mbedtls_sha1_clone(mbedtls_sha1_context *dst,
+                        const mbedtls_sha1_context *src)
+{
+    SHA1_VALIDATE(dst != NULL);
+    SHA1_VALIDATE(src != NULL);
+
+    *dst = *src;
+}
+
+/*
+ * SHA-1 context setup
+ */
+int mbedtls_sha1_starts_ret(mbedtls_sha1_context *ctx)
+{
+    SHA1_VALIDATE_RET(ctx != NULL);
+
+    ctx->total[0] = 0;
+    ctx->total[1] = 0;
+
+    ctx->state[0] = 0x67452301;
+    ctx->state[1] = 0xEFCDAB89;
+    ctx->state[2] = 0x98BADCFE;
+    ctx->state[3] = 0x10325476;
+    ctx->state[4] = 0xC3D2E1F0;
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_sha1_starts(mbedtls_sha1_context *ctx)
+{
+    mbedtls_sha1_starts_ret(ctx);
+}
+#endif
+
+#if !defined(MBEDTLS_SHA1_PROCESS_ALT)
+int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx,
+                                  const unsigned char data[64])
+{
+    struct {
+        uint32_t temp, W[16], A, B, C, D, E;
+    } local;
+
+    SHA1_VALIDATE_RET(ctx != NULL);
+    SHA1_VALIDATE_RET((const unsigned char *) data != NULL);
+
+    local.W[0] = MBEDTLS_GET_UINT32_BE(data,  0);
+    local.W[1] = MBEDTLS_GET_UINT32_BE(data,  4);
+    local.W[2] = MBEDTLS_GET_UINT32_BE(data,  8);
+    local.W[3] = MBEDTLS_GET_UINT32_BE(data, 12);
+    local.W[4] = MBEDTLS_GET_UINT32_BE(data, 16);
+    local.W[5] = MBEDTLS_GET_UINT32_BE(data, 20);
+    local.W[6] = MBEDTLS_GET_UINT32_BE(data, 24);
+    local.W[7] = MBEDTLS_GET_UINT32_BE(data, 28);
+    local.W[8] = MBEDTLS_GET_UINT32_BE(data, 32);
+    local.W[9] = MBEDTLS_GET_UINT32_BE(data, 36);
+    local.W[10] = MBEDTLS_GET_UINT32_BE(data, 40);
+    local.W[11] = MBEDTLS_GET_UINT32_BE(data, 44);
+    local.W[12] = MBEDTLS_GET_UINT32_BE(data, 48);
+    local.W[13] = MBEDTLS_GET_UINT32_BE(data, 52);
+    local.W[14] = MBEDTLS_GET_UINT32_BE(data, 56);
+    local.W[15] = MBEDTLS_GET_UINT32_BE(data, 60);
+
+#define S(x, n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n))))
+
+#define R(t)                                                    \
+    (                                                           \
+        local.temp = local.W[((t) -  3) & 0x0F] ^             \
+                     local.W[((t) -  8) & 0x0F] ^             \
+                     local.W[((t) - 14) & 0x0F] ^             \
+                     local.W[(t)        & 0x0F],              \
+        (local.W[(t) & 0x0F] = S(local.temp, 1))               \
+    )
+
+#define P(a, b, c, d, e, x)                                          \
+    do                                                          \
+    {                                                           \
+        (e) += S((a), 5) + F((b), (c), (d)) + K + (x);             \
+        (b) = S((b), 30);                                        \
+    } while (0)
+
+    local.A = ctx->state[0];
+    local.B = ctx->state[1];
+    local.C = ctx->state[2];
+    local.D = ctx->state[3];
+    local.E = ctx->state[4];
+
+#define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z))))
+#define K 0x5A827999
+
+    P(local.A, local.B, local.C, local.D, local.E, local.W[0]);
+    P(local.E, local.A, local.B, local.C, local.D, local.W[1]);
+    P(local.D, local.E, local.A, local.B, local.C, local.W[2]);
+    P(local.C, local.D, local.E, local.A, local.B, local.W[3]);
+    P(local.B, local.C, local.D, local.E, local.A, local.W[4]);
+    P(local.A, local.B, local.C, local.D, local.E, local.W[5]);
+    P(local.E, local.A, local.B, local.C, local.D, local.W[6]);
+    P(local.D, local.E, local.A, local.B, local.C, local.W[7]);
+    P(local.C, local.D, local.E, local.A, local.B, local.W[8]);
+    P(local.B, local.C, local.D, local.E, local.A, local.W[9]);
+    P(local.A, local.B, local.C, local.D, local.E, local.W[10]);
+    P(local.E, local.A, local.B, local.C, local.D, local.W[11]);
+    P(local.D, local.E, local.A, local.B, local.C, local.W[12]);
+    P(local.C, local.D, local.E, local.A, local.B, local.W[13]);
+    P(local.B, local.C, local.D, local.E, local.A, local.W[14]);
+    P(local.A, local.B, local.C, local.D, local.E, local.W[15]);
+    P(local.E, local.A, local.B, local.C, local.D, R(16));
+    P(local.D, local.E, local.A, local.B, local.C, R(17));
+    P(local.C, local.D, local.E, local.A, local.B, R(18));
+    P(local.B, local.C, local.D, local.E, local.A, R(19));
+
+#undef K
+#undef F
+
+#define F(x, y, z) ((x) ^ (y) ^ (z))
+#define K 0x6ED9EBA1
+
+    P(local.A, local.B, local.C, local.D, local.E, R(20));
+    P(local.E, local.A, local.B, local.C, local.D, R(21));
+    P(local.D, local.E, local.A, local.B, local.C, R(22));
+    P(local.C, local.D, local.E, local.A, local.B, R(23));
+    P(local.B, local.C, local.D, local.E, local.A, R(24));
+    P(local.A, local.B, local.C, local.D, local.E, R(25));
+    P(local.E, local.A, local.B, local.C, local.D, R(26));
+    P(local.D, local.E, local.A, local.B, local.C, R(27));
+    P(local.C, local.D, local.E, local.A, local.B, R(28));
+    P(local.B, local.C, local.D, local.E, local.A, R(29));
+    P(local.A, local.B, local.C, local.D, local.E, R(30));
+    P(local.E, local.A, local.B, local.C, local.D, R(31));
+    P(local.D, local.E, local.A, local.B, local.C, R(32));
+    P(local.C, local.D, local.E, local.A, local.B, R(33));
+    P(local.B, local.C, local.D, local.E, local.A, R(34));
+    P(local.A, local.B, local.C, local.D, local.E, R(35));
+    P(local.E, local.A, local.B, local.C, local.D, R(36));
+    P(local.D, local.E, local.A, local.B, local.C, R(37));
+    P(local.C, local.D, local.E, local.A, local.B, R(38));
+    P(local.B, local.C, local.D, local.E, local.A, R(39));
+
+#undef K
+#undef F
+
+#define F(x, y, z) (((x) & (y)) | ((z) & ((x) | (y))))
+#define K 0x8F1BBCDC
+
+    P(local.A, local.B, local.C, local.D, local.E, R(40));
+    P(local.E, local.A, local.B, local.C, local.D, R(41));
+    P(local.D, local.E, local.A, local.B, local.C, R(42));
+    P(local.C, local.D, local.E, local.A, local.B, R(43));
+    P(local.B, local.C, local.D, local.E, local.A, R(44));
+    P(local.A, local.B, local.C, local.D, local.E, R(45));
+    P(local.E, local.A, local.B, local.C, local.D, R(46));
+    P(local.D, local.E, local.A, local.B, local.C, R(47));
+    P(local.C, local.D, local.E, local.A, local.B, R(48));
+    P(local.B, local.C, local.D, local.E, local.A, R(49));
+    P(local.A, local.B, local.C, local.D, local.E, R(50));
+    P(local.E, local.A, local.B, local.C, local.D, R(51));
+    P(local.D, local.E, local.A, local.B, local.C, R(52));
+    P(local.C, local.D, local.E, local.A, local.B, R(53));
+    P(local.B, local.C, local.D, local.E, local.A, R(54));
+    P(local.A, local.B, local.C, local.D, local.E, R(55));
+    P(local.E, local.A, local.B, local.C, local.D, R(56));
+    P(local.D, local.E, local.A, local.B, local.C, R(57));
+    P(local.C, local.D, local.E, local.A, local.B, R(58));
+    P(local.B, local.C, local.D, local.E, local.A, R(59));
+
+#undef K
+#undef F
+
+#define F(x, y, z) ((x) ^ (y) ^ (z))
+#define K 0xCA62C1D6
+
+    P(local.A, local.B, local.C, local.D, local.E, R(60));
+    P(local.E, local.A, local.B, local.C, local.D, R(61));
+    P(local.D, local.E, local.A, local.B, local.C, R(62));
+    P(local.C, local.D, local.E, local.A, local.B, R(63));
+    P(local.B, local.C, local.D, local.E, local.A, R(64));
+    P(local.A, local.B, local.C, local.D, local.E, R(65));
+    P(local.E, local.A, local.B, local.C, local.D, R(66));
+    P(local.D, local.E, local.A, local.B, local.C, R(67));
+    P(local.C, local.D, local.E, local.A, local.B, R(68));
+    P(local.B, local.C, local.D, local.E, local.A, R(69));
+    P(local.A, local.B, local.C, local.D, local.E, R(70));
+    P(local.E, local.A, local.B, local.C, local.D, R(71));
+    P(local.D, local.E, local.A, local.B, local.C, R(72));
+    P(local.C, local.D, local.E, local.A, local.B, R(73));
+    P(local.B, local.C, local.D, local.E, local.A, R(74));
+    P(local.A, local.B, local.C, local.D, local.E, R(75));
+    P(local.E, local.A, local.B, local.C, local.D, R(76));
+    P(local.D, local.E, local.A, local.B, local.C, R(77));
+    P(local.C, local.D, local.E, local.A, local.B, R(78));
+    P(local.B, local.C, local.D, local.E, local.A, R(79));
+
+#undef K
+#undef F
+
+    ctx->state[0] += local.A;
+    ctx->state[1] += local.B;
+    ctx->state[2] += local.C;
+    ctx->state[3] += local.D;
+    ctx->state[4] += local.E;
+
+    /* Zeroise buffers and variables to clear sensitive data from memory. */
+    mbedtls_platform_zeroize(&local, sizeof(local));
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_sha1_process(mbedtls_sha1_context *ctx,
+                          const unsigned char data[64])
+{
+    mbedtls_internal_sha1_process(ctx, data);
+}
+#endif
+#endif /* !MBEDTLS_SHA1_PROCESS_ALT */
+
+/*
+ * SHA-1 process buffer
+ */
+int mbedtls_sha1_update_ret(mbedtls_sha1_context *ctx,
+                            const unsigned char *input,
+                            size_t ilen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t fill;
+    uint32_t left;
+
+    SHA1_VALIDATE_RET(ctx != NULL);
+    SHA1_VALIDATE_RET(ilen == 0 || input != NULL);
+
+    if (ilen == 0) {
+        return 0;
+    }
+
+    left = ctx->total[0] & 0x3F;
+    fill = 64 - left;
+
+    ctx->total[0] += (uint32_t) ilen;
+    ctx->total[0] &= 0xFFFFFFFF;
+
+    if (ctx->total[0] < (uint32_t) ilen) {
+        ctx->total[1]++;
+    }
+
+    if (left && ilen >= fill) {
+        memcpy((void *) (ctx->buffer + left), input, fill);
+
+        if ((ret = mbedtls_internal_sha1_process(ctx, ctx->buffer)) != 0) {
+            return ret;
+        }
+
+        input += fill;
+        ilen  -= fill;
+        left = 0;
+    }
+
+    while (ilen >= 64) {
+        if ((ret = mbedtls_internal_sha1_process(ctx, input)) != 0) {
+            return ret;
+        }
+
+        input += 64;
+        ilen  -= 64;
+    }
+
+    if (ilen > 0) {
+        memcpy((void *) (ctx->buffer + left), input, ilen);
+    }
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_sha1_update(mbedtls_sha1_context *ctx,
+                         const unsigned char *input,
+                         size_t ilen)
+{
+    mbedtls_sha1_update_ret(ctx, input, ilen);
+}
+#endif
+
+/*
+ * SHA-1 final digest
+ */
+int mbedtls_sha1_finish_ret(mbedtls_sha1_context *ctx,
+                            unsigned char output[20])
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    uint32_t used;
+    uint32_t high, low;
+
+    SHA1_VALIDATE_RET(ctx != NULL);
+    SHA1_VALIDATE_RET((unsigned char *) output != NULL);
+
+    /*
+     * Add padding: 0x80 then 0x00 until 8 bytes remain for the length
+     */
+    used = ctx->total[0] & 0x3F;
+
+    ctx->buffer[used++] = 0x80;
+
+    if (used <= 56) {
+        /* Enough room for padding + length in current block */
+        memset(ctx->buffer + used, 0, 56 - used);
+    } else {
+        /* We'll need an extra block */
+        memset(ctx->buffer + used, 0, 64 - used);
+
+        if ((ret = mbedtls_internal_sha1_process(ctx, ctx->buffer)) != 0) {
+            return ret;
+        }
+
+        memset(ctx->buffer, 0, 56);
+    }
+
+    /*
+     * Add message length
+     */
+    high = (ctx->total[0] >> 29)
+           | (ctx->total[1] <<  3);
+    low  = (ctx->total[0] <<  3);
+
+    MBEDTLS_PUT_UINT32_BE(high, ctx->buffer, 56);
+    MBEDTLS_PUT_UINT32_BE(low,  ctx->buffer, 60);
+
+    if ((ret = mbedtls_internal_sha1_process(ctx, ctx->buffer)) != 0) {
+        return ret;
+    }
+
+    /*
+     * Output final state
+     */
+    MBEDTLS_PUT_UINT32_BE(ctx->state[0], output,  0);
+    MBEDTLS_PUT_UINT32_BE(ctx->state[1], output,  4);
+    MBEDTLS_PUT_UINT32_BE(ctx->state[2], output,  8);
+    MBEDTLS_PUT_UINT32_BE(ctx->state[3], output, 12);
+    MBEDTLS_PUT_UINT32_BE(ctx->state[4], output, 16);
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_sha1_finish(mbedtls_sha1_context *ctx,
+                         unsigned char output[20])
+{
+    mbedtls_sha1_finish_ret(ctx, output);
+}
+#endif
+
+#endif /* !MBEDTLS_SHA1_ALT */
+
+/*
+ * output = SHA-1( input buffer )
+ */
+int mbedtls_sha1_ret(const unsigned char *input,
+                     size_t ilen,
+                     unsigned char output[20])
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_sha1_context ctx;
+
+    SHA1_VALIDATE_RET(ilen == 0 || input != NULL);
+    SHA1_VALIDATE_RET((unsigned char *) output != NULL);
+
+    mbedtls_sha1_init(&ctx);
+
+    if ((ret = mbedtls_sha1_starts_ret(&ctx)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_sha1_update_ret(&ctx, input, ilen)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_sha1_finish_ret(&ctx, output)) != 0) {
+        goto exit;
+    }
+
+exit:
+    mbedtls_sha1_free(&ctx);
+
+    return ret;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_sha1(const unsigned char *input,
+                  size_t ilen,
+                  unsigned char output[20])
+{
+    mbedtls_sha1_ret(input, ilen, output);
+}
+#endif
+
+#if defined(MBEDTLS_SELF_TEST)
+/*
+ * FIPS-180-1 test vectors
+ */
+static const unsigned char sha1_test_buf[3][57] =
+{
+    { "abc" },
+    { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
+    { "" }
+};
+
+static const size_t sha1_test_buflen[3] =
+{
+    3, 56, 1000
+};
+
+static const unsigned char sha1_test_sum[3][20] =
+{
+    { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E,
+      0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D },
+    { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE,
+      0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 },
+    { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E,
+      0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F }
+};
+
+/*
+ * Checkup routine
+ */
+int mbedtls_sha1_self_test(int verbose)
+{
+    int i, j, buflen, ret = 0;
+    unsigned char buf[1024];
+    unsigned char sha1sum[20];
+    mbedtls_sha1_context ctx;
+
+    mbedtls_sha1_init(&ctx);
+
+    /*
+     * SHA-1
+     */
+    for (i = 0; i < 3; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  SHA-1 test #%d: ", i + 1);
+        }
+
+        if ((ret = mbedtls_sha1_starts_ret(&ctx)) != 0) {
+            goto fail;
+        }
+
+        if (i == 2) {
+            memset(buf, 'a', buflen = 1000);
+
+            for (j = 0; j < 1000; j++) {
+                ret = mbedtls_sha1_update_ret(&ctx, buf, buflen);
+                if (ret != 0) {
+                    goto fail;
+                }
+            }
+        } else {
+            ret = mbedtls_sha1_update_ret(&ctx, sha1_test_buf[i],
+                                          sha1_test_buflen[i]);
+            if (ret != 0) {
+                goto fail;
+            }
+        }
+
+        if ((ret = mbedtls_sha1_finish_ret(&ctx, sha1sum)) != 0) {
+            goto fail;
+        }
+
+        if (memcmp(sha1sum, sha1_test_sum[i], 20) != 0) {
+            ret = 1;
+            goto fail;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+    goto exit;
+
+fail:
+    if (verbose != 0) {
+        mbedtls_printf("failed\n");
+    }
+
+exit:
+    mbedtls_sha1_free(&ctx);
+
+    return ret;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_SHA1_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/sha256.c b/3rdparty/mbedtls-2.28.7/library/sha256.c
new file mode 100644
index 0000000..74f3236
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/sha256.c
@@ -0,0 +1,569 @@
+/*
+ *  FIPS-180-2 compliant SHA-256 implementation
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  The SHA-256 Secure Hash Standard was published by NIST in 2002.
+ *
+ *  http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_SHA256_C)
+
+#include "mbedtls/sha256.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#define SHA256_VALIDATE_RET(cond)                           \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_SHA256_BAD_INPUT_DATA)
+#define SHA256_VALIDATE(cond)  MBEDTLS_INTERNAL_VALIDATE(cond)
+
+#if !defined(MBEDTLS_SHA256_ALT)
+
+void mbedtls_sha256_init(mbedtls_sha256_context *ctx)
+{
+    SHA256_VALIDATE(ctx != NULL);
+
+    memset(ctx, 0, sizeof(mbedtls_sha256_context));
+}
+
+void mbedtls_sha256_free(mbedtls_sha256_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_sha256_context));
+}
+
+void mbedtls_sha256_clone(mbedtls_sha256_context *dst,
+                          const mbedtls_sha256_context *src)
+{
+    SHA256_VALIDATE(dst != NULL);
+    SHA256_VALIDATE(src != NULL);
+
+    *dst = *src;
+}
+
+/*
+ * SHA-256 context setup
+ */
+int mbedtls_sha256_starts_ret(mbedtls_sha256_context *ctx, int is224)
+{
+    SHA256_VALIDATE_RET(ctx != NULL);
+    SHA256_VALIDATE_RET(is224 == 0 || is224 == 1);
+
+    ctx->total[0] = 0;
+    ctx->total[1] = 0;
+
+    if (is224 == 0) {
+        /* SHA-256 */
+        ctx->state[0] = 0x6A09E667;
+        ctx->state[1] = 0xBB67AE85;
+        ctx->state[2] = 0x3C6EF372;
+        ctx->state[3] = 0xA54FF53A;
+        ctx->state[4] = 0x510E527F;
+        ctx->state[5] = 0x9B05688C;
+        ctx->state[6] = 0x1F83D9AB;
+        ctx->state[7] = 0x5BE0CD19;
+    } else {
+        /* SHA-224 */
+        ctx->state[0] = 0xC1059ED8;
+        ctx->state[1] = 0x367CD507;
+        ctx->state[2] = 0x3070DD17;
+        ctx->state[3] = 0xF70E5939;
+        ctx->state[4] = 0xFFC00B31;
+        ctx->state[5] = 0x68581511;
+        ctx->state[6] = 0x64F98FA7;
+        ctx->state[7] = 0xBEFA4FA4;
+    }
+
+    ctx->is224 = is224;
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_sha256_starts(mbedtls_sha256_context *ctx,
+                           int is224)
+{
+    mbedtls_sha256_starts_ret(ctx, is224);
+}
+#endif
+
+#if !defined(MBEDTLS_SHA256_PROCESS_ALT)
+static const uint32_t K[] =
+{
+    0x428A2F98, 0x71374491, 0xB5C0FBCF, 0xE9B5DBA5,
+    0x3956C25B, 0x59F111F1, 0x923F82A4, 0xAB1C5ED5,
+    0xD807AA98, 0x12835B01, 0x243185BE, 0x550C7DC3,
+    0x72BE5D74, 0x80DEB1FE, 0x9BDC06A7, 0xC19BF174,
+    0xE49B69C1, 0xEFBE4786, 0x0FC19DC6, 0x240CA1CC,
+    0x2DE92C6F, 0x4A7484AA, 0x5CB0A9DC, 0x76F988DA,
+    0x983E5152, 0xA831C66D, 0xB00327C8, 0xBF597FC7,
+    0xC6E00BF3, 0xD5A79147, 0x06CA6351, 0x14292967,
+    0x27B70A85, 0x2E1B2138, 0x4D2C6DFC, 0x53380D13,
+    0x650A7354, 0x766A0ABB, 0x81C2C92E, 0x92722C85,
+    0xA2BFE8A1, 0xA81A664B, 0xC24B8B70, 0xC76C51A3,
+    0xD192E819, 0xD6990624, 0xF40E3585, 0x106AA070,
+    0x19A4C116, 0x1E376C08, 0x2748774C, 0x34B0BCB5,
+    0x391C0CB3, 0x4ED8AA4A, 0x5B9CCA4F, 0x682E6FF3,
+    0x748F82EE, 0x78A5636F, 0x84C87814, 0x8CC70208,
+    0x90BEFFFA, 0xA4506CEB, 0xBEF9A3F7, 0xC67178F2,
+};
+
+#define  SHR(x, n) (((x) & 0xFFFFFFFF) >> (n))
+#define ROTR(x, n) (SHR(x, n) | ((x) << (32 - (n))))
+
+#define S0(x) (ROTR(x, 7) ^ ROTR(x, 18) ^  SHR(x, 3))
+#define S1(x) (ROTR(x, 17) ^ ROTR(x, 19) ^  SHR(x, 10))
+
+#define S2(x) (ROTR(x, 2) ^ ROTR(x, 13) ^ ROTR(x, 22))
+#define S3(x) (ROTR(x, 6) ^ ROTR(x, 11) ^ ROTR(x, 25))
+
+#define F0(x, y, z) (((x) & (y)) | ((z) & ((x) | (y))))
+#define F1(x, y, z) ((z) ^ ((x) & ((y) ^ (z))))
+
+#define R(t)                                                        \
+    (                                                               \
+        local.W[t] = S1(local.W[(t) -  2]) + local.W[(t) -  7] +    \
+                     S0(local.W[(t) - 15]) + local.W[(t) - 16]      \
+    )
+
+#define P(a, b, c, d, e, f, g, h, x, K)                                      \
+    do                                                              \
+    {                                                               \
+        local.temp1 = (h) + S3(e) + F1((e), (f), (g)) + (K) + (x);    \
+        local.temp2 = S2(a) + F0((a), (b), (c));                      \
+        (d) += local.temp1; (h) = local.temp1 + local.temp2;        \
+    } while (0)
+
+int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx,
+                                    const unsigned char data[64])
+{
+    struct {
+        uint32_t temp1, temp2, W[64];
+        uint32_t A[8];
+    } local;
+
+    unsigned int i;
+
+    SHA256_VALIDATE_RET(ctx != NULL);
+    SHA256_VALIDATE_RET((const unsigned char *) data != NULL);
+
+    for (i = 0; i < 8; i++) {
+        local.A[i] = ctx->state[i];
+    }
+
+#if defined(MBEDTLS_SHA256_SMALLER)
+    for (i = 0; i < 64; i++) {
+        if (i < 16) {
+            local.W[i] = MBEDTLS_GET_UINT32_BE(data, 4 * i);
+        } else {
+            R(i);
+        }
+
+        P(local.A[0], local.A[1], local.A[2], local.A[3], local.A[4],
+          local.A[5], local.A[6], local.A[7], local.W[i], K[i]);
+
+        local.temp1 = local.A[7]; local.A[7] = local.A[6];
+        local.A[6] = local.A[5]; local.A[5] = local.A[4];
+        local.A[4] = local.A[3]; local.A[3] = local.A[2];
+        local.A[2] = local.A[1]; local.A[1] = local.A[0];
+        local.A[0] = local.temp1;
+    }
+#else /* MBEDTLS_SHA256_SMALLER */
+    for (i = 0; i < 16; i++) {
+        local.W[i] = MBEDTLS_GET_UINT32_BE(data, 4 * i);
+    }
+
+    for (i = 0; i < 16; i += 8) {
+        P(local.A[0], local.A[1], local.A[2], local.A[3], local.A[4],
+          local.A[5], local.A[6], local.A[7], local.W[i+0], K[i+0]);
+        P(local.A[7], local.A[0], local.A[1], local.A[2], local.A[3],
+          local.A[4], local.A[5], local.A[6], local.W[i+1], K[i+1]);
+        P(local.A[6], local.A[7], local.A[0], local.A[1], local.A[2],
+          local.A[3], local.A[4], local.A[5], local.W[i+2], K[i+2]);
+        P(local.A[5], local.A[6], local.A[7], local.A[0], local.A[1],
+          local.A[2], local.A[3], local.A[4], local.W[i+3], K[i+3]);
+        P(local.A[4], local.A[5], local.A[6], local.A[7], local.A[0],
+          local.A[1], local.A[2], local.A[3], local.W[i+4], K[i+4]);
+        P(local.A[3], local.A[4], local.A[5], local.A[6], local.A[7],
+          local.A[0], local.A[1], local.A[2], local.W[i+5], K[i+5]);
+        P(local.A[2], local.A[3], local.A[4], local.A[5], local.A[6],
+          local.A[7], local.A[0], local.A[1], local.W[i+6], K[i+6]);
+        P(local.A[1], local.A[2], local.A[3], local.A[4], local.A[5],
+          local.A[6], local.A[7], local.A[0], local.W[i+7], K[i+7]);
+    }
+
+    for (i = 16; i < 64; i += 8) {
+        P(local.A[0], local.A[1], local.A[2], local.A[3], local.A[4],
+          local.A[5], local.A[6], local.A[7], R(i+0), K[i+0]);
+        P(local.A[7], local.A[0], local.A[1], local.A[2], local.A[3],
+          local.A[4], local.A[5], local.A[6], R(i+1), K[i+1]);
+        P(local.A[6], local.A[7], local.A[0], local.A[1], local.A[2],
+          local.A[3], local.A[4], local.A[5], R(i+2), K[i+2]);
+        P(local.A[5], local.A[6], local.A[7], local.A[0], local.A[1],
+          local.A[2], local.A[3], local.A[4], R(i+3), K[i+3]);
+        P(local.A[4], local.A[5], local.A[6], local.A[7], local.A[0],
+          local.A[1], local.A[2], local.A[3], R(i+4), K[i+4]);
+        P(local.A[3], local.A[4], local.A[5], local.A[6], local.A[7],
+          local.A[0], local.A[1], local.A[2], R(i+5), K[i+5]);
+        P(local.A[2], local.A[3], local.A[4], local.A[5], local.A[6],
+          local.A[7], local.A[0], local.A[1], R(i+6), K[i+6]);
+        P(local.A[1], local.A[2], local.A[3], local.A[4], local.A[5],
+          local.A[6], local.A[7], local.A[0], R(i+7), K[i+7]);
+    }
+#endif /* MBEDTLS_SHA256_SMALLER */
+
+    for (i = 0; i < 8; i++) {
+        ctx->state[i] += local.A[i];
+    }
+
+    /* Zeroise buffers and variables to clear sensitive data from memory. */
+    mbedtls_platform_zeroize(&local, sizeof(local));
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_sha256_process(mbedtls_sha256_context *ctx,
+                            const unsigned char data[64])
+{
+    mbedtls_internal_sha256_process(ctx, data);
+}
+#endif
+#endif /* !MBEDTLS_SHA256_PROCESS_ALT */
+
+/*
+ * SHA-256 process buffer
+ */
+int mbedtls_sha256_update_ret(mbedtls_sha256_context *ctx,
+                              const unsigned char *input,
+                              size_t ilen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t fill;
+    uint32_t left;
+
+    SHA256_VALIDATE_RET(ctx != NULL);
+    SHA256_VALIDATE_RET(ilen == 0 || input != NULL);
+
+    if (ilen == 0) {
+        return 0;
+    }
+
+    left = ctx->total[0] & 0x3F;
+    fill = 64 - left;
+
+    ctx->total[0] += (uint32_t) ilen;
+    ctx->total[0] &= 0xFFFFFFFF;
+
+    if (ctx->total[0] < (uint32_t) ilen) {
+        ctx->total[1]++;
+    }
+
+    if (left && ilen >= fill) {
+        memcpy((void *) (ctx->buffer + left), input, fill);
+
+        if ((ret = mbedtls_internal_sha256_process(ctx, ctx->buffer)) != 0) {
+            return ret;
+        }
+
+        input += fill;
+        ilen  -= fill;
+        left = 0;
+    }
+
+    while (ilen >= 64) {
+        if ((ret = mbedtls_internal_sha256_process(ctx, input)) != 0) {
+            return ret;
+        }
+
+        input += 64;
+        ilen  -= 64;
+    }
+
+    if (ilen > 0) {
+        memcpy((void *) (ctx->buffer + left), input, ilen);
+    }
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_sha256_update(mbedtls_sha256_context *ctx,
+                           const unsigned char *input,
+                           size_t ilen)
+{
+    mbedtls_sha256_update_ret(ctx, input, ilen);
+}
+#endif
+
+/*
+ * SHA-256 final digest
+ */
+int mbedtls_sha256_finish_ret(mbedtls_sha256_context *ctx,
+                              unsigned char output[32])
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    uint32_t used;
+    uint32_t high, low;
+
+    SHA256_VALIDATE_RET(ctx != NULL);
+    SHA256_VALIDATE_RET((unsigned char *) output != NULL);
+
+    /*
+     * Add padding: 0x80 then 0x00 until 8 bytes remain for the length
+     */
+    used = ctx->total[0] & 0x3F;
+
+    ctx->buffer[used++] = 0x80;
+
+    if (used <= 56) {
+        /* Enough room for padding + length in current block */
+        memset(ctx->buffer + used, 0, 56 - used);
+    } else {
+        /* We'll need an extra block */
+        memset(ctx->buffer + used, 0, 64 - used);
+
+        if ((ret = mbedtls_internal_sha256_process(ctx, ctx->buffer)) != 0) {
+            return ret;
+        }
+
+        memset(ctx->buffer, 0, 56);
+    }
+
+    /*
+     * Add message length
+     */
+    high = (ctx->total[0] >> 29)
+           | (ctx->total[1] <<  3);
+    low  = (ctx->total[0] <<  3);
+
+    MBEDTLS_PUT_UINT32_BE(high, ctx->buffer, 56);
+    MBEDTLS_PUT_UINT32_BE(low,  ctx->buffer, 60);
+
+    if ((ret = mbedtls_internal_sha256_process(ctx, ctx->buffer)) != 0) {
+        return ret;
+    }
+
+    /*
+     * Output final state
+     */
+    MBEDTLS_PUT_UINT32_BE(ctx->state[0], output,  0);
+    MBEDTLS_PUT_UINT32_BE(ctx->state[1], output,  4);
+    MBEDTLS_PUT_UINT32_BE(ctx->state[2], output,  8);
+    MBEDTLS_PUT_UINT32_BE(ctx->state[3], output, 12);
+    MBEDTLS_PUT_UINT32_BE(ctx->state[4], output, 16);
+    MBEDTLS_PUT_UINT32_BE(ctx->state[5], output, 20);
+    MBEDTLS_PUT_UINT32_BE(ctx->state[6], output, 24);
+
+    if (ctx->is224 == 0) {
+        MBEDTLS_PUT_UINT32_BE(ctx->state[7], output, 28);
+    }
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_sha256_finish(mbedtls_sha256_context *ctx,
+                           unsigned char output[32])
+{
+    mbedtls_sha256_finish_ret(ctx, output);
+}
+#endif
+
+#endif /* !MBEDTLS_SHA256_ALT */
+
+/*
+ * output = SHA-256( input buffer )
+ */
+int mbedtls_sha256_ret(const unsigned char *input,
+                       size_t ilen,
+                       unsigned char output[32],
+                       int is224)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_sha256_context ctx;
+
+    SHA256_VALIDATE_RET(is224 == 0 || is224 == 1);
+    SHA256_VALIDATE_RET(ilen == 0 || input != NULL);
+    SHA256_VALIDATE_RET((unsigned char *) output != NULL);
+
+    mbedtls_sha256_init(&ctx);
+
+    if ((ret = mbedtls_sha256_starts_ret(&ctx, is224)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_sha256_update_ret(&ctx, input, ilen)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_sha256_finish_ret(&ctx, output)) != 0) {
+        goto exit;
+    }
+
+exit:
+    mbedtls_sha256_free(&ctx);
+
+    return ret;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_sha256(const unsigned char *input,
+                    size_t ilen,
+                    unsigned char output[32],
+                    int is224)
+{
+    mbedtls_sha256_ret(input, ilen, output, is224);
+}
+#endif
+
+#if defined(MBEDTLS_SELF_TEST)
+/*
+ * FIPS-180-2 test vectors
+ */
+static const unsigned char sha256_test_buf[3][57] =
+{
+    { "abc" },
+    { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
+    { "" }
+};
+
+static const size_t sha256_test_buflen[3] =
+{
+    3, 56, 1000
+};
+
+static const unsigned char sha256_test_sum[6][32] =
+{
+    /*
+     * SHA-224 test vectors
+     */
+    { 0x23, 0x09, 0x7D, 0x22, 0x34, 0x05, 0xD8, 0x22,
+      0x86, 0x42, 0xA4, 0x77, 0xBD, 0xA2, 0x55, 0xB3,
+      0x2A, 0xAD, 0xBC, 0xE4, 0xBD, 0xA0, 0xB3, 0xF7,
+      0xE3, 0x6C, 0x9D, 0xA7 },
+    { 0x75, 0x38, 0x8B, 0x16, 0x51, 0x27, 0x76, 0xCC,
+      0x5D, 0xBA, 0x5D, 0xA1, 0xFD, 0x89, 0x01, 0x50,
+      0xB0, 0xC6, 0x45, 0x5C, 0xB4, 0xF5, 0x8B, 0x19,
+      0x52, 0x52, 0x25, 0x25 },
+    { 0x20, 0x79, 0x46, 0x55, 0x98, 0x0C, 0x91, 0xD8,
+      0xBB, 0xB4, 0xC1, 0xEA, 0x97, 0x61, 0x8A, 0x4B,
+      0xF0, 0x3F, 0x42, 0x58, 0x19, 0x48, 0xB2, 0xEE,
+      0x4E, 0xE7, 0xAD, 0x67 },
+
+    /*
+     * SHA-256 test vectors
+     */
+    { 0xBA, 0x78, 0x16, 0xBF, 0x8F, 0x01, 0xCF, 0xEA,
+      0x41, 0x41, 0x40, 0xDE, 0x5D, 0xAE, 0x22, 0x23,
+      0xB0, 0x03, 0x61, 0xA3, 0x96, 0x17, 0x7A, 0x9C,
+      0xB4, 0x10, 0xFF, 0x61, 0xF2, 0x00, 0x15, 0xAD },
+    { 0x24, 0x8D, 0x6A, 0x61, 0xD2, 0x06, 0x38, 0xB8,
+      0xE5, 0xC0, 0x26, 0x93, 0x0C, 0x3E, 0x60, 0x39,
+      0xA3, 0x3C, 0xE4, 0x59, 0x64, 0xFF, 0x21, 0x67,
+      0xF6, 0xEC, 0xED, 0xD4, 0x19, 0xDB, 0x06, 0xC1 },
+    { 0xCD, 0xC7, 0x6E, 0x5C, 0x99, 0x14, 0xFB, 0x92,
+      0x81, 0xA1, 0xC7, 0xE2, 0x84, 0xD7, 0x3E, 0x67,
+      0xF1, 0x80, 0x9A, 0x48, 0xA4, 0x97, 0x20, 0x0E,
+      0x04, 0x6D, 0x39, 0xCC, 0xC7, 0x11, 0x2C, 0xD0 }
+};
+
+/*
+ * Checkup routine
+ */
+int mbedtls_sha256_self_test(int verbose)
+{
+    int i, j, k, buflen, ret = 0;
+    unsigned char *buf;
+    unsigned char sha256sum[32];
+    mbedtls_sha256_context ctx;
+
+    buf = mbedtls_calloc(1024, sizeof(unsigned char));
+    if (NULL == buf) {
+        if (verbose != 0) {
+            mbedtls_printf("Buffer allocation failed\n");
+        }
+
+        return 1;
+    }
+
+    mbedtls_sha256_init(&ctx);
+
+    for (i = 0; i < 6; i++) {
+        j = i % 3;
+        k = i < 3;
+
+        if (verbose != 0) {
+            mbedtls_printf("  SHA-%d test #%d: ", 256 - k * 32, j + 1);
+        }
+
+        if ((ret = mbedtls_sha256_starts_ret(&ctx, k)) != 0) {
+            goto fail;
+        }
+
+        if (j == 2) {
+            memset(buf, 'a', buflen = 1000);
+
+            for (j = 0; j < 1000; j++) {
+                ret = mbedtls_sha256_update_ret(&ctx, buf, buflen);
+                if (ret != 0) {
+                    goto fail;
+                }
+            }
+
+        } else {
+            ret = mbedtls_sha256_update_ret(&ctx, sha256_test_buf[j],
+                                            sha256_test_buflen[j]);
+            if (ret != 0) {
+                goto fail;
+            }
+        }
+
+        if ((ret = mbedtls_sha256_finish_ret(&ctx, sha256sum)) != 0) {
+            goto fail;
+        }
+
+
+        if (memcmp(sha256sum, sha256_test_sum[i], 32 - k * 4) != 0) {
+            ret = 1;
+            goto fail;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+    goto exit;
+
+fail:
+    if (verbose != 0) {
+        mbedtls_printf("failed\n");
+    }
+
+exit:
+    mbedtls_sha256_free(&ctx);
+    mbedtls_free(buf);
+
+    return ret;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_SHA256_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/sha512.c b/3rdparty/mbedtls-2.28.7/library/sha512.c
new file mode 100644
index 0000000..77bdc2e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/sha512.c
@@ -0,0 +1,639 @@
+/*
+ *  FIPS-180-2 compliant SHA-384/512 implementation
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  The SHA-512 Secure Hash Standard was published by NIST in 2002.
+ *
+ *  http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_SHA512_C)
+
+#include "mbedtls/sha512.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+
+#if defined(_MSC_VER) || defined(__WATCOMC__)
+  #define UL64(x) x##ui64
+#else
+  #define UL64(x) x##ULL
+#endif
+
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#define SHA512_VALIDATE_RET(cond)                           \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_SHA512_BAD_INPUT_DATA)
+#define SHA512_VALIDATE(cond)  MBEDTLS_INTERNAL_VALIDATE(cond)
+
+#if !defined(MBEDTLS_SHA512_ALT)
+
+#if defined(MBEDTLS_SHA512_SMALLER)
+static void sha512_put_uint64_be(uint64_t n, unsigned char *b, uint8_t i)
+{
+    MBEDTLS_PUT_UINT64_BE(n, b, i);
+}
+#else
+#define sha512_put_uint64_be    MBEDTLS_PUT_UINT64_BE
+#endif /* MBEDTLS_SHA512_SMALLER */
+
+void mbedtls_sha512_init(mbedtls_sha512_context *ctx)
+{
+    SHA512_VALIDATE(ctx != NULL);
+
+    memset(ctx, 0, sizeof(mbedtls_sha512_context));
+}
+
+void mbedtls_sha512_free(mbedtls_sha512_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_sha512_context));
+}
+
+void mbedtls_sha512_clone(mbedtls_sha512_context *dst,
+                          const mbedtls_sha512_context *src)
+{
+    SHA512_VALIDATE(dst != NULL);
+    SHA512_VALIDATE(src != NULL);
+
+    *dst = *src;
+}
+
+/*
+ * SHA-512 context setup
+ */
+int mbedtls_sha512_starts_ret(mbedtls_sha512_context *ctx, int is384)
+{
+    SHA512_VALIDATE_RET(ctx != NULL);
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
+    SHA512_VALIDATE_RET(is384 == 0 || is384 == 1);
+#else
+    SHA512_VALIDATE_RET(is384 == 0);
+#endif
+
+    ctx->total[0] = 0;
+    ctx->total[1] = 0;
+
+    if (is384 == 0) {
+        /* SHA-512 */
+        ctx->state[0] = UL64(0x6A09E667F3BCC908);
+        ctx->state[1] = UL64(0xBB67AE8584CAA73B);
+        ctx->state[2] = UL64(0x3C6EF372FE94F82B);
+        ctx->state[3] = UL64(0xA54FF53A5F1D36F1);
+        ctx->state[4] = UL64(0x510E527FADE682D1);
+        ctx->state[5] = UL64(0x9B05688C2B3E6C1F);
+        ctx->state[6] = UL64(0x1F83D9ABFB41BD6B);
+        ctx->state[7] = UL64(0x5BE0CD19137E2179);
+    } else {
+#if defined(MBEDTLS_SHA512_NO_SHA384)
+        return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA;
+#else
+        /* SHA-384 */
+        ctx->state[0] = UL64(0xCBBB9D5DC1059ED8);
+        ctx->state[1] = UL64(0x629A292A367CD507);
+        ctx->state[2] = UL64(0x9159015A3070DD17);
+        ctx->state[3] = UL64(0x152FECD8F70E5939);
+        ctx->state[4] = UL64(0x67332667FFC00B31);
+        ctx->state[5] = UL64(0x8EB44A8768581511);
+        ctx->state[6] = UL64(0xDB0C2E0D64F98FA7);
+        ctx->state[7] = UL64(0x47B5481DBEFA4FA4);
+#endif /* MBEDTLS_SHA512_NO_SHA384 */
+    }
+
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
+    ctx->is384 = is384;
+#endif
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_sha512_starts(mbedtls_sha512_context *ctx,
+                           int is384)
+{
+    mbedtls_sha512_starts_ret(ctx, is384);
+}
+#endif
+
+#if !defined(MBEDTLS_SHA512_PROCESS_ALT)
+
+/*
+ * Round constants
+ */
+static const uint64_t K[80] =
+{
+    UL64(0x428A2F98D728AE22),  UL64(0x7137449123EF65CD),
+    UL64(0xB5C0FBCFEC4D3B2F),  UL64(0xE9B5DBA58189DBBC),
+    UL64(0x3956C25BF348B538),  UL64(0x59F111F1B605D019),
+    UL64(0x923F82A4AF194F9B),  UL64(0xAB1C5ED5DA6D8118),
+    UL64(0xD807AA98A3030242),  UL64(0x12835B0145706FBE),
+    UL64(0x243185BE4EE4B28C),  UL64(0x550C7DC3D5FFB4E2),
+    UL64(0x72BE5D74F27B896F),  UL64(0x80DEB1FE3B1696B1),
+    UL64(0x9BDC06A725C71235),  UL64(0xC19BF174CF692694),
+    UL64(0xE49B69C19EF14AD2),  UL64(0xEFBE4786384F25E3),
+    UL64(0x0FC19DC68B8CD5B5),  UL64(0x240CA1CC77AC9C65),
+    UL64(0x2DE92C6F592B0275),  UL64(0x4A7484AA6EA6E483),
+    UL64(0x5CB0A9DCBD41FBD4),  UL64(0x76F988DA831153B5),
+    UL64(0x983E5152EE66DFAB),  UL64(0xA831C66D2DB43210),
+    UL64(0xB00327C898FB213F),  UL64(0xBF597FC7BEEF0EE4),
+    UL64(0xC6E00BF33DA88FC2),  UL64(0xD5A79147930AA725),
+    UL64(0x06CA6351E003826F),  UL64(0x142929670A0E6E70),
+    UL64(0x27B70A8546D22FFC),  UL64(0x2E1B21385C26C926),
+    UL64(0x4D2C6DFC5AC42AED),  UL64(0x53380D139D95B3DF),
+    UL64(0x650A73548BAF63DE),  UL64(0x766A0ABB3C77B2A8),
+    UL64(0x81C2C92E47EDAEE6),  UL64(0x92722C851482353B),
+    UL64(0xA2BFE8A14CF10364),  UL64(0xA81A664BBC423001),
+    UL64(0xC24B8B70D0F89791),  UL64(0xC76C51A30654BE30),
+    UL64(0xD192E819D6EF5218),  UL64(0xD69906245565A910),
+    UL64(0xF40E35855771202A),  UL64(0x106AA07032BBD1B8),
+    UL64(0x19A4C116B8D2D0C8),  UL64(0x1E376C085141AB53),
+    UL64(0x2748774CDF8EEB99),  UL64(0x34B0BCB5E19B48A8),
+    UL64(0x391C0CB3C5C95A63),  UL64(0x4ED8AA4AE3418ACB),
+    UL64(0x5B9CCA4F7763E373),  UL64(0x682E6FF3D6B2B8A3),
+    UL64(0x748F82EE5DEFB2FC),  UL64(0x78A5636F43172F60),
+    UL64(0x84C87814A1F0AB72),  UL64(0x8CC702081A6439EC),
+    UL64(0x90BEFFFA23631E28),  UL64(0xA4506CEBDE82BDE9),
+    UL64(0xBEF9A3F7B2C67915),  UL64(0xC67178F2E372532B),
+    UL64(0xCA273ECEEA26619C),  UL64(0xD186B8C721C0C207),
+    UL64(0xEADA7DD6CDE0EB1E),  UL64(0xF57D4F7FEE6ED178),
+    UL64(0x06F067AA72176FBA),  UL64(0x0A637DC5A2C898A6),
+    UL64(0x113F9804BEF90DAE),  UL64(0x1B710B35131C471B),
+    UL64(0x28DB77F523047D84),  UL64(0x32CAAB7B40C72493),
+    UL64(0x3C9EBE0A15C9BEBC),  UL64(0x431D67C49C100D4C),
+    UL64(0x4CC5D4BECB3E42B6),  UL64(0x597F299CFC657E2A),
+    UL64(0x5FCB6FAB3AD6FAEC),  UL64(0x6C44198C4A475817)
+};
+
+int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx,
+                                    const unsigned char data[128])
+{
+    int i;
+    struct {
+        uint64_t temp1, temp2, W[80];
+        uint64_t A[8];
+    } local;
+
+    SHA512_VALIDATE_RET(ctx != NULL);
+    SHA512_VALIDATE_RET((const unsigned char *) data != NULL);
+
+#define  SHR(x, n) ((x) >> (n))
+#define ROTR(x, n) (SHR((x), (n)) | ((x) << (64 - (n))))
+
+#define S0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^  SHR(x, 7))
+#define S1(x) (ROTR(x, 19) ^ ROTR(x, 61) ^  SHR(x, 6))
+
+#define S2(x) (ROTR(x, 28) ^ ROTR(x, 34) ^ ROTR(x, 39))
+#define S3(x) (ROTR(x, 14) ^ ROTR(x, 18) ^ ROTR(x, 41))
+
+#define F0(x, y, z) (((x) & (y)) | ((z) & ((x) | (y))))
+#define F1(x, y, z) ((z) ^ ((x) & ((y) ^ (z))))
+
+#define P(a, b, c, d, e, f, g, h, x, K)                                      \
+    do                                                              \
+    {                                                               \
+        local.temp1 = (h) + S3(e) + F1((e), (f), (g)) + (K) + (x);    \
+        local.temp2 = S2(a) + F0((a), (b), (c));                      \
+        (d) += local.temp1; (h) = local.temp1 + local.temp2;        \
+    } while (0)
+
+    for (i = 0; i < 8; i++) {
+        local.A[i] = ctx->state[i];
+    }
+
+#if defined(MBEDTLS_SHA512_SMALLER)
+    for (i = 0; i < 80; i++) {
+        if (i < 16) {
+            local.W[i] = MBEDTLS_GET_UINT64_BE(data, i << 3);
+        } else {
+            local.W[i] = S1(local.W[i -  2]) + local.W[i -  7] +
+                         S0(local.W[i - 15]) + local.W[i - 16];
+        }
+
+        P(local.A[0], local.A[1], local.A[2], local.A[3], local.A[4],
+          local.A[5], local.A[6], local.A[7], local.W[i], K[i]);
+
+        local.temp1 = local.A[7]; local.A[7] = local.A[6];
+        local.A[6] = local.A[5]; local.A[5] = local.A[4];
+        local.A[4] = local.A[3]; local.A[3] = local.A[2];
+        local.A[2] = local.A[1]; local.A[1] = local.A[0];
+        local.A[0] = local.temp1;
+    }
+#else /* MBEDTLS_SHA512_SMALLER */
+    for (i = 0; i < 16; i++) {
+        local.W[i] = MBEDTLS_GET_UINT64_BE(data, i << 3);
+    }
+
+    for (; i < 80; i++) {
+        local.W[i] = S1(local.W[i -  2]) + local.W[i -  7] +
+                     S0(local.W[i - 15]) + local.W[i - 16];
+    }
+
+    i = 0;
+    do {
+        P(local.A[0], local.A[1], local.A[2], local.A[3], local.A[4],
+          local.A[5], local.A[6], local.A[7], local.W[i], K[i]); i++;
+        P(local.A[7], local.A[0], local.A[1], local.A[2], local.A[3],
+          local.A[4], local.A[5], local.A[6], local.W[i], K[i]); i++;
+        P(local.A[6], local.A[7], local.A[0], local.A[1], local.A[2],
+          local.A[3], local.A[4], local.A[5], local.W[i], K[i]); i++;
+        P(local.A[5], local.A[6], local.A[7], local.A[0], local.A[1],
+          local.A[2], local.A[3], local.A[4], local.W[i], K[i]); i++;
+        P(local.A[4], local.A[5], local.A[6], local.A[7], local.A[0],
+          local.A[1], local.A[2], local.A[3], local.W[i], K[i]); i++;
+        P(local.A[3], local.A[4], local.A[5], local.A[6], local.A[7],
+          local.A[0], local.A[1], local.A[2], local.W[i], K[i]); i++;
+        P(local.A[2], local.A[3], local.A[4], local.A[5], local.A[6],
+          local.A[7], local.A[0], local.A[1], local.W[i], K[i]); i++;
+        P(local.A[1], local.A[2], local.A[3], local.A[4], local.A[5],
+          local.A[6], local.A[7], local.A[0], local.W[i], K[i]); i++;
+    } while (i < 80);
+#endif /* MBEDTLS_SHA512_SMALLER */
+
+    for (i = 0; i < 8; i++) {
+        ctx->state[i] += local.A[i];
+    }
+
+    /* Zeroise buffers and variables to clear sensitive data from memory. */
+    mbedtls_platform_zeroize(&local, sizeof(local));
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_sha512_process(mbedtls_sha512_context *ctx,
+                            const unsigned char data[128])
+{
+    mbedtls_internal_sha512_process(ctx, data);
+}
+#endif
+#endif /* !MBEDTLS_SHA512_PROCESS_ALT */
+
+/*
+ * SHA-512 process buffer
+ */
+int mbedtls_sha512_update_ret(mbedtls_sha512_context *ctx,
+                              const unsigned char *input,
+                              size_t ilen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t fill;
+    unsigned int left;
+
+    SHA512_VALIDATE_RET(ctx != NULL);
+    SHA512_VALIDATE_RET(ilen == 0 || input != NULL);
+
+    if (ilen == 0) {
+        return 0;
+    }
+
+    left = (unsigned int) (ctx->total[0] & 0x7F);
+    fill = 128 - left;
+
+    ctx->total[0] += (uint64_t) ilen;
+
+    if (ctx->total[0] < (uint64_t) ilen) {
+        ctx->total[1]++;
+    }
+
+    if (left && ilen >= fill) {
+        memcpy((void *) (ctx->buffer + left), input, fill);
+
+        if ((ret = mbedtls_internal_sha512_process(ctx, ctx->buffer)) != 0) {
+            return ret;
+        }
+
+        input += fill;
+        ilen  -= fill;
+        left = 0;
+    }
+
+    while (ilen >= 128) {
+        if ((ret = mbedtls_internal_sha512_process(ctx, input)) != 0) {
+            return ret;
+        }
+
+        input += 128;
+        ilen  -= 128;
+    }
+
+    if (ilen > 0) {
+        memcpy((void *) (ctx->buffer + left), input, ilen);
+    }
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_sha512_update(mbedtls_sha512_context *ctx,
+                           const unsigned char *input,
+                           size_t ilen)
+{
+    mbedtls_sha512_update_ret(ctx, input, ilen);
+}
+#endif
+
+/*
+ * SHA-512 final digest
+ */
+int mbedtls_sha512_finish_ret(mbedtls_sha512_context *ctx,
+                              unsigned char output[64])
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned used;
+    uint64_t high, low;
+
+    SHA512_VALIDATE_RET(ctx != NULL);
+    SHA512_VALIDATE_RET((unsigned char *) output != NULL);
+
+    /*
+     * Add padding: 0x80 then 0x00 until 16 bytes remain for the length
+     */
+    used = ctx->total[0] & 0x7F;
+
+    ctx->buffer[used++] = 0x80;
+
+    if (used <= 112) {
+        /* Enough room for padding + length in current block */
+        memset(ctx->buffer + used, 0, 112 - used);
+    } else {
+        /* We'll need an extra block */
+        memset(ctx->buffer + used, 0, 128 - used);
+
+        if ((ret = mbedtls_internal_sha512_process(ctx, ctx->buffer)) != 0) {
+            return ret;
+        }
+
+        memset(ctx->buffer, 0, 112);
+    }
+
+    /*
+     * Add message length
+     */
+    high = (ctx->total[0] >> 61)
+           | (ctx->total[1] <<  3);
+    low  = (ctx->total[0] <<  3);
+
+    sha512_put_uint64_be(high, ctx->buffer, 112);
+    sha512_put_uint64_be(low,  ctx->buffer, 120);
+
+    if ((ret = mbedtls_internal_sha512_process(ctx, ctx->buffer)) != 0) {
+        return ret;
+    }
+
+    /*
+     * Output final state
+     */
+    sha512_put_uint64_be(ctx->state[0], output,  0);
+    sha512_put_uint64_be(ctx->state[1], output,  8);
+    sha512_put_uint64_be(ctx->state[2], output, 16);
+    sha512_put_uint64_be(ctx->state[3], output, 24);
+    sha512_put_uint64_be(ctx->state[4], output, 32);
+    sha512_put_uint64_be(ctx->state[5], output, 40);
+
+    int truncated = 0;
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
+    truncated = ctx->is384;
+#endif
+    if (!truncated) {
+        sha512_put_uint64_be(ctx->state[6], output, 48);
+        sha512_put_uint64_be(ctx->state[7], output, 56);
+    }
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_sha512_finish(mbedtls_sha512_context *ctx,
+                           unsigned char output[64])
+{
+    mbedtls_sha512_finish_ret(ctx, output);
+}
+#endif
+
+#endif /* !MBEDTLS_SHA512_ALT */
+
+/*
+ * output = SHA-512( input buffer )
+ */
+int mbedtls_sha512_ret(const unsigned char *input,
+                       size_t ilen,
+                       unsigned char output[64],
+                       int is384)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_sha512_context ctx;
+
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
+    SHA512_VALIDATE_RET(is384 == 0 || is384 == 1);
+#else
+    SHA512_VALIDATE_RET(is384 == 0);
+#endif
+    SHA512_VALIDATE_RET(ilen == 0 || input != NULL);
+    SHA512_VALIDATE_RET((unsigned char *) output != NULL);
+
+    mbedtls_sha512_init(&ctx);
+
+    if ((ret = mbedtls_sha512_starts_ret(&ctx, is384)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_sha512_update_ret(&ctx, input, ilen)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_sha512_finish_ret(&ctx, output)) != 0) {
+        goto exit;
+    }
+
+exit:
+    mbedtls_sha512_free(&ctx);
+
+    return ret;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_sha512(const unsigned char *input,
+                    size_t ilen,
+                    unsigned char output[64],
+                    int is384)
+{
+    mbedtls_sha512_ret(input, ilen, output, is384);
+}
+#endif
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/*
+ * FIPS-180-2 test vectors
+ */
+static const unsigned char sha512_test_buf[3][113] =
+{
+    { "abc" },
+    {
+        "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
+    },
+    { "" }
+};
+
+static const size_t sha512_test_buflen[3] =
+{
+    3, 112, 1000
+};
+
+static const unsigned char sha512_test_sum[][64] =
+{
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
+    /*
+     * SHA-384 test vectors
+     */
+    { 0xCB, 0x00, 0x75, 0x3F, 0x45, 0xA3, 0x5E, 0x8B,
+      0xB5, 0xA0, 0x3D, 0x69, 0x9A, 0xC6, 0x50, 0x07,
+      0x27, 0x2C, 0x32, 0xAB, 0x0E, 0xDE, 0xD1, 0x63,
+      0x1A, 0x8B, 0x60, 0x5A, 0x43, 0xFF, 0x5B, 0xED,
+      0x80, 0x86, 0x07, 0x2B, 0xA1, 0xE7, 0xCC, 0x23,
+      0x58, 0xBA, 0xEC, 0xA1, 0x34, 0xC8, 0x25, 0xA7 },
+    { 0x09, 0x33, 0x0C, 0x33, 0xF7, 0x11, 0x47, 0xE8,
+      0x3D, 0x19, 0x2F, 0xC7, 0x82, 0xCD, 0x1B, 0x47,
+      0x53, 0x11, 0x1B, 0x17, 0x3B, 0x3B, 0x05, 0xD2,
+      0x2F, 0xA0, 0x80, 0x86, 0xE3, 0xB0, 0xF7, 0x12,
+      0xFC, 0xC7, 0xC7, 0x1A, 0x55, 0x7E, 0x2D, 0xB9,
+      0x66, 0xC3, 0xE9, 0xFA, 0x91, 0x74, 0x60, 0x39 },
+    { 0x9D, 0x0E, 0x18, 0x09, 0x71, 0x64, 0x74, 0xCB,
+      0x08, 0x6E, 0x83, 0x4E, 0x31, 0x0A, 0x4A, 0x1C,
+      0xED, 0x14, 0x9E, 0x9C, 0x00, 0xF2, 0x48, 0x52,
+      0x79, 0x72, 0xCE, 0xC5, 0x70, 0x4C, 0x2A, 0x5B,
+      0x07, 0xB8, 0xB3, 0xDC, 0x38, 0xEC, 0xC4, 0xEB,
+      0xAE, 0x97, 0xDD, 0xD8, 0x7F, 0x3D, 0x89, 0x85 },
+#endif /* !MBEDTLS_SHA512_NO_SHA384 */
+
+    /*
+     * SHA-512 test vectors
+     */
+    { 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA,
+      0xCC, 0x41, 0x73, 0x49, 0xAE, 0x20, 0x41, 0x31,
+      0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
+      0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A,
+      0x21, 0x92, 0x99, 0x2A, 0x27, 0x4F, 0xC1, 0xA8,
+      0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD,
+      0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E,
+      0x2A, 0x9A, 0xC9, 0x4F, 0xA5, 0x4C, 0xA4, 0x9F },
+    { 0x8E, 0x95, 0x9B, 0x75, 0xDA, 0xE3, 0x13, 0xDA,
+      0x8C, 0xF4, 0xF7, 0x28, 0x14, 0xFC, 0x14, 0x3F,
+      0x8F, 0x77, 0x79, 0xC6, 0xEB, 0x9F, 0x7F, 0xA1,
+      0x72, 0x99, 0xAE, 0xAD, 0xB6, 0x88, 0x90, 0x18,
+      0x50, 0x1D, 0x28, 0x9E, 0x49, 0x00, 0xF7, 0xE4,
+      0x33, 0x1B, 0x99, 0xDE, 0xC4, 0xB5, 0x43, 0x3A,
+      0xC7, 0xD3, 0x29, 0xEE, 0xB6, 0xDD, 0x26, 0x54,
+      0x5E, 0x96, 0xE5, 0x5B, 0x87, 0x4B, 0xE9, 0x09 },
+    { 0xE7, 0x18, 0x48, 0x3D, 0x0C, 0xE7, 0x69, 0x64,
+      0x4E, 0x2E, 0x42, 0xC7, 0xBC, 0x15, 0xB4, 0x63,
+      0x8E, 0x1F, 0x98, 0xB1, 0x3B, 0x20, 0x44, 0x28,
+      0x56, 0x32, 0xA8, 0x03, 0xAF, 0xA9, 0x73, 0xEB,
+      0xDE, 0x0F, 0xF2, 0x44, 0x87, 0x7E, 0xA6, 0x0A,
+      0x4C, 0xB0, 0x43, 0x2C, 0xE5, 0x77, 0xC3, 0x1B,
+      0xEB, 0x00, 0x9C, 0x5C, 0x2C, 0x49, 0xAA, 0x2E,
+      0x4E, 0xAD, 0xB2, 0x17, 0xAD, 0x8C, 0xC0, 0x9B }
+};
+
+#define ARRAY_LENGTH(a)   (sizeof(a) / sizeof((a)[0]))
+
+/*
+ * Checkup routine
+ */
+int mbedtls_sha512_self_test(int verbose)
+{
+    int i, j, k, buflen, ret = 0;
+    unsigned char *buf;
+    unsigned char sha512sum[64];
+    mbedtls_sha512_context ctx;
+
+    buf = mbedtls_calloc(1024, sizeof(unsigned char));
+    if (NULL == buf) {
+        if (verbose != 0) {
+            mbedtls_printf("Buffer allocation failed\n");
+        }
+
+        return 1;
+    }
+
+    mbedtls_sha512_init(&ctx);
+
+    for (i = 0; i < (int) ARRAY_LENGTH(sha512_test_sum); i++) {
+        j = i % 3;
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
+        k = i < 3;
+#else
+        k = 0;
+#endif
+
+        if (verbose != 0) {
+            mbedtls_printf("  SHA-%d test #%d: ", 512 - k * 128, j + 1);
+        }
+
+        if ((ret = mbedtls_sha512_starts_ret(&ctx, k)) != 0) {
+            goto fail;
+        }
+
+        if (j == 2) {
+            memset(buf, 'a', buflen = 1000);
+
+            for (j = 0; j < 1000; j++) {
+                ret = mbedtls_sha512_update_ret(&ctx, buf, buflen);
+                if (ret != 0) {
+                    goto fail;
+                }
+            }
+        } else {
+            ret = mbedtls_sha512_update_ret(&ctx, sha512_test_buf[j],
+                                            sha512_test_buflen[j]);
+            if (ret != 0) {
+                goto fail;
+            }
+        }
+
+        if ((ret = mbedtls_sha512_finish_ret(&ctx, sha512sum)) != 0) {
+            goto fail;
+        }
+
+        if (memcmp(sha512sum, sha512_test_sum[i], 64 - k * 16) != 0) {
+            ret = 1;
+            goto fail;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+    goto exit;
+
+fail:
+    if (verbose != 0) {
+        mbedtls_printf("failed\n");
+    }
+
+exit:
+    mbedtls_sha512_free(&ctx);
+    mbedtls_free(buf);
+
+    return ret;
+}
+
+#undef ARRAY_LENGTH
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_SHA512_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/ssl_cache.c b/3rdparty/mbedtls-2.28.7/library/ssl_cache.c
new file mode 100644
index 0000000..21e38cd
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/ssl_cache.c
@@ -0,0 +1,317 @@
+/*
+ *  SSL session cache implementation
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ * These session callbacks use a simple chained list
+ * to store and retrieve the session information.
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_SSL_CACHE_C)
+
+#include "mbedtls/platform.h"
+#include "mbedtls/error.h"
+
+#include "mbedtls/ssl_cache.h"
+#include "mbedtls/ssl_internal.h"
+
+#include <string.h>
+
+void mbedtls_ssl_cache_init(mbedtls_ssl_cache_context *cache)
+{
+    memset(cache, 0, sizeof(mbedtls_ssl_cache_context));
+
+    cache->timeout = MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT;
+    cache->max_entries = MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES;
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_init(&cache->mutex);
+#endif
+}
+
+int mbedtls_ssl_cache_get(void *data, mbedtls_ssl_session *session)
+{
+    int ret = MBEDTLS_ERR_SSL_CACHE_ENTRY_NOT_FOUND;
+#if defined(MBEDTLS_HAVE_TIME)
+    mbedtls_time_t t = mbedtls_time(NULL);
+#endif
+    mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data;
+    mbedtls_ssl_cache_entry *cur, *entry;
+
+#if defined(MBEDTLS_THREADING_C)
+    if ((ret = mbedtls_mutex_lock(&cache->mutex)) != 0) {
+        return ret;
+    }
+#endif
+
+    cur = cache->chain;
+    entry = NULL;
+
+    while (cur != NULL) {
+        entry = cur;
+        cur = cur->next;
+
+#if defined(MBEDTLS_HAVE_TIME)
+        if (cache->timeout != 0 &&
+            (int) (t - entry->timestamp) > cache->timeout) {
+            continue;
+        }
+#endif
+
+        if (session->id_len != entry->session.id_len ||
+            memcmp(session->id, entry->session.id,
+                   entry->session.id_len) != 0) {
+            continue;
+        }
+
+        ret = mbedtls_ssl_session_copy(session, &entry->session);
+        if (ret != 0) {
+            goto exit;
+        }
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
+        defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+        /*
+         * Restore peer certificate (without rest of the original chain)
+         */
+        if (entry->peer_cert.p != NULL) {
+            /* `session->peer_cert` is NULL after the call to
+             * mbedtls_ssl_session_copy(), because cache entries
+             * have the `peer_cert` field set to NULL. */
+
+            if ((session->peer_cert = mbedtls_calloc(1,
+                                                     sizeof(mbedtls_x509_crt))) == NULL) {
+                ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
+                goto exit;
+            }
+
+            mbedtls_x509_crt_init(session->peer_cert);
+            if ((ret = mbedtls_x509_crt_parse(session->peer_cert, entry->peer_cert.p,
+                                              entry->peer_cert.len)) != 0) {
+                mbedtls_free(session->peer_cert);
+                session->peer_cert = NULL;
+                goto exit;
+            }
+        }
+#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+        ret = 0;
+        goto exit;
+    }
+
+exit:
+#if defined(MBEDTLS_THREADING_C)
+    if (mbedtls_mutex_unlock(&cache->mutex) != 0) {
+        ret = MBEDTLS_ERR_THREADING_MUTEX_ERROR;
+    }
+#endif
+
+    return ret;
+}
+
+int mbedtls_ssl_cache_set(void *data, const mbedtls_ssl_session *session)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+#if defined(MBEDTLS_HAVE_TIME)
+    mbedtls_time_t t = mbedtls_time(NULL), oldest = 0;
+    mbedtls_ssl_cache_entry *old = NULL;
+#endif
+    mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data;
+    mbedtls_ssl_cache_entry *cur, *prv;
+    int count = 0;
+
+#if defined(MBEDTLS_THREADING_C)
+    if ((ret = mbedtls_mutex_lock(&cache->mutex)) != 0) {
+        return ret;
+    }
+#endif
+
+    cur = cache->chain;
+    prv = NULL;
+
+    while (cur != NULL) {
+        count++;
+
+#if defined(MBEDTLS_HAVE_TIME)
+        if (cache->timeout != 0 &&
+            (int) (t - cur->timestamp) > cache->timeout) {
+            cur->timestamp = t;
+            break; /* expired, reuse this slot, update timestamp */
+        }
+#endif
+
+        if (memcmp(session->id, cur->session.id, cur->session.id_len) == 0) {
+            break; /* client reconnected, keep timestamp for session id */
+
+        }
+#if defined(MBEDTLS_HAVE_TIME)
+        if (oldest == 0 || cur->timestamp < oldest) {
+            oldest = cur->timestamp;
+            old = cur;
+        }
+#endif
+
+        prv = cur;
+        cur = cur->next;
+    }
+
+    if (cur == NULL) {
+#if defined(MBEDTLS_HAVE_TIME)
+        /*
+         * Reuse oldest entry if max_entries reached
+         */
+        if (count >= cache->max_entries) {
+            if (old == NULL) {
+                /* This should only happen on an ill-configured cache
+                 * with max_entries == 0. */
+                ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+                goto exit;
+            }
+
+            cur = old;
+        }
+#else /* MBEDTLS_HAVE_TIME */
+        /*
+         * Reuse first entry in chain if max_entries reached,
+         * but move to last place
+         */
+        if (count >= cache->max_entries) {
+            if (cache->chain == NULL) {
+                ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+                goto exit;
+            }
+
+            cur = cache->chain;
+            cache->chain = cur->next;
+            cur->next = NULL;
+            prv->next = cur;
+        }
+#endif /* MBEDTLS_HAVE_TIME */
+        else {
+            /*
+             * max_entries not reached, create new entry
+             */
+            cur = mbedtls_calloc(1, sizeof(mbedtls_ssl_cache_entry));
+            if (cur == NULL) {
+                ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
+                goto exit;
+            }
+
+            if (prv == NULL) {
+                cache->chain = cur;
+            } else {
+                prv->next = cur;
+            }
+        }
+
+#if defined(MBEDTLS_HAVE_TIME)
+        cur->timestamp = t;
+#endif
+    }
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
+    defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    /*
+     * If we're reusing an entry, free its certificate first
+     */
+    if (cur->peer_cert.p != NULL) {
+        mbedtls_free(cur->peer_cert.p);
+        memset(&cur->peer_cert, 0, sizeof(mbedtls_x509_buf));
+    }
+#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+    /* Copy the entire session; this temporarily makes a copy of the
+     * X.509 CRT structure even though we only want to store the raw CRT.
+     * This inefficiency will go away as soon as we implement on-demand
+     * parsing of CRTs, in which case there's no need for the `peer_cert`
+     * field anymore in the first place, and we're done after this call. */
+    ret = mbedtls_ssl_session_copy(&cur->session, session);
+    if (ret != 0) {
+        goto exit;
+    }
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
+    defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    /* If present, free the X.509 structure and only store the raw CRT data. */
+    if (cur->session.peer_cert != NULL) {
+        cur->peer_cert.p =
+            mbedtls_calloc(1, cur->session.peer_cert->raw.len);
+        if (cur->peer_cert.p == NULL) {
+            ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
+            goto exit;
+        }
+
+        memcpy(cur->peer_cert.p,
+               cur->session.peer_cert->raw.p,
+               cur->session.peer_cert->raw.len);
+        cur->peer_cert.len = session->peer_cert->raw.len;
+
+        mbedtls_x509_crt_free(cur->session.peer_cert);
+        mbedtls_free(cur->session.peer_cert);
+        cur->session.peer_cert = NULL;
+    }
+#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+    ret = 0;
+
+exit:
+#if defined(MBEDTLS_THREADING_C)
+    if (mbedtls_mutex_unlock(&cache->mutex) != 0) {
+        ret = MBEDTLS_ERR_THREADING_MUTEX_ERROR;
+    }
+#endif
+
+    return ret;
+}
+
+#if defined(MBEDTLS_HAVE_TIME)
+void mbedtls_ssl_cache_set_timeout(mbedtls_ssl_cache_context *cache, int timeout)
+{
+    if (timeout < 0) {
+        timeout = 0;
+    }
+
+    cache->timeout = timeout;
+}
+#endif /* MBEDTLS_HAVE_TIME */
+
+void mbedtls_ssl_cache_set_max_entries(mbedtls_ssl_cache_context *cache, int max)
+{
+    if (max < 0) {
+        max = 0;
+    }
+
+    cache->max_entries = max;
+}
+
+void mbedtls_ssl_cache_free(mbedtls_ssl_cache_context *cache)
+{
+    mbedtls_ssl_cache_entry *cur, *prv;
+
+    cur = cache->chain;
+
+    while (cur != NULL) {
+        prv = cur;
+        cur = cur->next;
+
+        mbedtls_ssl_session_free(&prv->session);
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
+        defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+        mbedtls_free(prv->peer_cert.p);
+#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+        mbedtls_free(prv);
+    }
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_free(&cache->mutex);
+#endif
+    cache->chain = NULL;
+}
+
+#endif /* MBEDTLS_SSL_CACHE_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/ssl_ciphersuites.c b/3rdparty/mbedtls-2.28.7/library/ssl_ciphersuites.c
similarity index 89%
rename from 3rdparty/mbedtls-2.25.0/library/ssl_ciphersuites.c
rename to 3rdparty/mbedtls-2.28.7/library/ssl_ciphersuites.c
index 6985fe5..7a46537 100644
--- a/3rdparty/mbedtls-2.25.0/library/ssl_ciphersuites.c
+++ b/3rdparty/mbedtls-2.28.7/library/ssl_ciphersuites.c
@@ -1,39 +1,28 @@
 /**
  * \file ssl_ciphersuites.c
  *
- * \brief SSL ciphersuites for mbed TLS
+ * \brief SSL ciphersuites for Mbed TLS
  *
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #include "common.h"
 
 #if defined(MBEDTLS_SSL_TLS_C)
 
-#if defined(MBEDTLS_PLATFORM_C)
 #include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#endif
 
 #include "mbedtls/ssl_ciphersuites.h"
 #include "mbedtls/ssl.h"
 
 #include <string.h>
 
+#undef HAVE_SHA384
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+#define HAVE_SHA384
+#endif
+
 /*
  * Ordered from most preferred to least preferred in terms of security.
  *
@@ -411,7 +400,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       0 },
 #endif /* MBEDTLS_GCM_C */
 #endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
@@ -426,7 +415,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif /* MBEDTLS_GCM_C */
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #if defined(MBEDTLS_CCM_C)
     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
       MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
@@ -454,36 +443,40 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #if defined(MBEDTLS_CAMELLIA_C)
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
 #if defined(MBEDTLS_SHA256_C)
-    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
+      "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
       MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
-    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
+#if defined(HAVE_SHA384)
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
+      "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
       MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
 #if defined(MBEDTLS_GCM_C)
 #if defined(MBEDTLS_SHA256_C)
-    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
+      "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
       MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
-    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
+#if defined(HAVE_SHA384)
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
+      "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
       MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_GCM_C */
 #endif /* MBEDTLS_CAMELLIA_C */
 
@@ -552,7 +545,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       0 },
 #endif /* MBEDTLS_GCM_C */
 #endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
     { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
@@ -567,42 +560,46 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif /* MBEDTLS_GCM_C */
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_AES_C */
 
 #if defined(MBEDTLS_CAMELLIA_C)
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
 #if defined(MBEDTLS_SHA256_C)
-    { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
+    { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+      "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
       MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
-    { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
+#if defined(HAVE_SHA384)
+    { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
+      "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
       MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
 #if defined(MBEDTLS_GCM_C)
 #if defined(MBEDTLS_SHA256_C)
-    { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
+    { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
+      "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
       MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
-    { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
+#if defined(HAVE_SHA384)
+    { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
+      "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
       MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_GCM_C */
 #endif /* MBEDTLS_CAMELLIA_C */
 
@@ -641,13 +638,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 
 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
 #if defined(MBEDTLS_AES_C)
-#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
+#if defined(HAVE_SHA384) && defined(MBEDTLS_GCM_C)
     { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
       MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
+#endif /* HAVE_SHA384 && MBEDTLS_GCM_C */
 
 #if defined(MBEDTLS_SHA256_C)
 #if defined(MBEDTLS_GCM_C)
@@ -751,13 +748,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       0 },
 #endif /* MBEDTLS_SHA256_C */
 
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
     { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
       MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_GCM_C */
 #endif /* MBEDTLS_CAMELLIA_C */
 
@@ -776,13 +773,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 
 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
 #if defined(MBEDTLS_AES_C)
-#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
+#if defined(HAVE_SHA384) && defined(MBEDTLS_GCM_C)
     { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
       MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
+#endif /* HAVE_SHA384 && MBEDTLS_GCM_C */
 
 #if defined(MBEDTLS_SHA256_C)
 #if defined(MBEDTLS_GCM_C)
@@ -887,13 +884,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       0 },
 #endif /* MBEDTLS_SHA256_C */
 
-#if defined(MBEDTLS_SHA1_C)
+#if defined(HAVE_SHA384)
     { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
       MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA1_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_GCM_C */
 #endif /* MBEDTLS_CAMELLIA_C */
 
@@ -960,7 +957,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       0 },
 #endif /* MBEDTLS_GCM_C */
 #endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
     { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
@@ -975,42 +972,46 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif /* MBEDTLS_GCM_C */
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_AES_C */
 
 #if defined(MBEDTLS_CAMELLIA_C)
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
 #if defined(MBEDTLS_SHA256_C)
-    { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
+    { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+      "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
       MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
-    { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
+#if defined(HAVE_SHA384)
+    { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
+      "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
       MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
 #if defined(MBEDTLS_GCM_C)
 #if defined(MBEDTLS_SHA256_C)
-    { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
+    { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
+      "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
       MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
-    { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
+#if defined(HAVE_SHA384)
+    { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
+      "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
       MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_GCM_C */
 #endif /* MBEDTLS_CAMELLIA_C */
 
@@ -1079,7 +1080,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       0 },
 #endif /* MBEDTLS_GCM_C */
 #endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
     { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
@@ -1094,42 +1095,46 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif /* MBEDTLS_GCM_C */
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_AES_C */
 
 #if defined(MBEDTLS_CAMELLIA_C)
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
 #if defined(MBEDTLS_SHA256_C)
-    { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
+    { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
+      "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
       MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
-    { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
+#if defined(HAVE_SHA384)
+    { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
+      "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
       MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
 #if defined(MBEDTLS_GCM_C)
 #if defined(MBEDTLS_SHA256_C)
-    { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
+    { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
+      "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
       MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif /* MBEDTLS_SHA256_C */
-#if defined(MBEDTLS_SHA512_C)
-    { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
+#if defined(HAVE_SHA384)
+    { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
+      "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
       MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_GCM_C */
 #endif /* MBEDTLS_CAMELLIA_C */
 
@@ -1177,13 +1182,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       0 },
 #endif /* MBEDTLS_SHA256_C */
 
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
     { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
       MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_GCM_C */
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
@@ -1195,13 +1200,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       0 },
 #endif /* MBEDTLS_SHA256_C */
 
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
     { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 
 #if defined(MBEDTLS_SHA1_C)
     { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
@@ -1251,13 +1256,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       0 },
 #endif /* MBEDTLS_SHA256_C */
 
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
     { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
       MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
 #if defined(MBEDTLS_GCM_C)
@@ -1269,13 +1274,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       0 },
 #endif /* MBEDTLS_SHA256_C */
 
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
     { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
       MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_GCM_C */
 #endif /* MBEDTLS_CAMELLIA_C */
 
@@ -1313,13 +1318,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       0 },
 #endif /* MBEDTLS_SHA256_C */
 
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
     { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
       MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_GCM_C */
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
@@ -1331,13 +1336,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       0 },
 #endif /* MBEDTLS_SHA256_C */
 
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
     { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 
 #if defined(MBEDTLS_SHA1_C)
     { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
@@ -1387,13 +1392,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       0 },
 #endif /* MBEDTLS_SHA256_C */
 
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
     { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
       MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
 #if defined(MBEDTLS_GCM_C)
@@ -1405,13 +1410,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       0 },
 #endif /* MBEDTLS_SHA256_C */
 
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
     { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
       MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_GCM_C */
 #endif /* MBEDTLS_CAMELLIA_C */
 
@@ -1450,13 +1455,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       0 },
 #endif /* MBEDTLS_SHA256_C */
 
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
     { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 
 #if defined(MBEDTLS_SHA1_C)
     { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
@@ -1477,20 +1482,22 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #if defined(MBEDTLS_CAMELLIA_C)
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
 #if defined(MBEDTLS_SHA256_C)
-    { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
+    { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
+      "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
       MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif /* MBEDTLS_SHA256_C */
 
-#if defined(MBEDTLS_SHA512_C)
-    { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
+#if defined(HAVE_SHA384)
+    { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
+      "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
       MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 #endif /* MBEDTLS_CAMELLIA_C */
 
@@ -1528,13 +1535,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       0 },
 #endif /* MBEDTLS_SHA256_C */
 
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
     { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
       MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_GCM_C */
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
@@ -1546,13 +1553,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       0 },
 #endif /* MBEDTLS_SHA256_C */
 
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
     { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 
 #if defined(MBEDTLS_SHA1_C)
     { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
@@ -1580,13 +1587,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       0 },
 #endif /* MBEDTLS_SHA256_C */
 
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
     { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
       MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
 #if defined(MBEDTLS_GCM_C)
@@ -1598,13 +1605,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       0 },
 #endif /* MBEDTLS_SHA256_C */
 
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
     { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
       MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
-#endif /* MBEDTLS_SHA512_C */
+#endif /* HAVE_SHA384 */
 #endif /* MBEDTLS_GCM_C */
 #endif /* MBEDTLS_CAMELLIA_C */
 
@@ -1688,7 +1695,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       MBEDTLS_CIPHERSUITE_WEAK },
 #endif
 
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
     { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
@@ -1714,7 +1721,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       MBEDTLS_CIPHERSUITE_WEAK },
 #endif
 
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
     { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
@@ -1740,7 +1747,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       MBEDTLS_CIPHERSUITE_WEAK },
 #endif
 
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
     { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
@@ -1766,7 +1773,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
       MBEDTLS_CIPHERSUITE_WEAK },
 #endif
 
-#if defined(MBEDTLS_SHA512_C)
+#if defined(HAVE_SHA384)
     { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
@@ -1805,17 +1812,17 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 
 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
 
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
     { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
-             "TLS-RSA-WITH-ARIA-256-GCM-SHA384",
+      "TLS-RSA-WITH-ARIA-256-GCM-SHA384",
       MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
     { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
-             "TLS-RSA-WITH-ARIA-256-CBC-SHA384",
+      "TLS-RSA-WITH-ARIA-256-CBC-SHA384",
       MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -1823,7 +1830,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif
 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
     { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
-             "TLS-RSA-WITH-ARIA-128-GCM-SHA256",
+      "TLS-RSA-WITH-ARIA-128-GCM-SHA256",
       MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -1831,7 +1838,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif
 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
     { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
-             "TLS-RSA-WITH-ARIA-128-CBC-SHA256",
+      "TLS-RSA-WITH-ARIA-128-CBC-SHA256",
       MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -1842,17 +1849,17 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 
 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
 
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
     { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
-             "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384",
+      "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384",
       MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
     { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
-             "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
+      "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
       MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -1860,7 +1867,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif
 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
     { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
-             "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256",
+      "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256",
       MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -1868,7 +1875,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif
 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
     { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
-             "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
+      "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
       MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -1879,17 +1886,17 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 
 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
 
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
     { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
-             "TLS-PSK-WITH-ARIA-256-GCM-SHA384",
-      MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK,
+      "TLS-PSK-WITH-ARIA-256-GCM-SHA384",
+      MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
     { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
-             "TLS-PSK-WITH-ARIA-256-CBC-SHA384",
+      "TLS-PSK-WITH-ARIA-256-CBC-SHA384",
       MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -1897,7 +1904,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif
 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
     { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
-             "TLS-PSK-WITH-ARIA-128-GCM-SHA256",
+      "TLS-PSK-WITH-ARIA-128-GCM-SHA256",
       MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -1905,7 +1912,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif
 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
     { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
-             "TLS-PSK-WITH-ARIA-128-CBC-SHA256",
+      "TLS-PSK-WITH-ARIA-128-CBC-SHA256",
       MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -1916,17 +1923,17 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 
 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
 
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
     { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
-             "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384",
+      "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384",
       MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
     { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
-             "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384",
+      "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384",
       MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -1934,7 +1941,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif
 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
     { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
-             "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256",
+      "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256",
       MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -1942,7 +1949,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif
 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
     { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
-             "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256",
+      "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256",
       MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -1953,17 +1960,17 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 
 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
 
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
     { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
-             "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
+      "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
       MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
     { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
-             "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384",
+      "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384",
       MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -1971,7 +1978,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif
 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
     { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
-             "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256",
+      "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256",
       MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -1979,7 +1986,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif
 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
     { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
-             "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256",
+      "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256",
       MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -1990,9 +1997,9 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 
 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
 
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
     { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
-             "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384",
+      "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384",
       MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -2000,7 +2007,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif
 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
     { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
-             "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256",
+      "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256",
       MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -2011,17 +2018,17 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 
 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
 
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
-             "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
+      "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
       MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
-             "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384",
+      "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384",
       MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -2029,7 +2036,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif
 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
-             "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256",
+      "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256",
       MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -2037,7 +2044,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif
 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
-             "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256",
+      "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256",
       MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -2048,17 +2055,17 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 
 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
 
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
     { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
-             "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384",
+      "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384",
       MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
     { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
-             "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384",
+      "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384",
       MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -2066,7 +2073,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif
 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
     { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
-             "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256",
+      "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256",
       MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -2074,7 +2081,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif
 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
     { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
-             "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256",
+      "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256",
       MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -2085,17 +2092,17 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 
 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
 
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
     { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
-             "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
+      "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
       MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
     { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
-             "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384",
+      "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384",
       MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -2103,7 +2110,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif
 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
     { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
-             "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256",
+      "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256",
       MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -2111,7 +2118,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif
 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
     { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
-             "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256",
+      "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256",
       MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -2122,17 +2129,17 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 
 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
 
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
     { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
-             "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
+      "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
       MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       0 },
 #endif
-#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
+#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
     { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
-             "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
+      "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
       MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -2140,7 +2147,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif
 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
     { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
-             "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
+      "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
       MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -2148,7 +2155,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif
 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
     { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
-             "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256",
+      "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256",
       MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
@@ -2166,55 +2173,53 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
 };
 
 #if defined(MBEDTLS_SSL_CIPHERSUITES)
-const int *mbedtls_ssl_list_ciphersuites( void )
+const int *mbedtls_ssl_list_ciphersuites(void)
 {
-    return( ciphersuite_preference );
+    return ciphersuite_preference;
 }
 #else
-#define MAX_CIPHERSUITES    sizeof( ciphersuite_definitions     ) /         \
-                            sizeof( ciphersuite_definitions[0]  )
+#define MAX_CIPHERSUITES    sizeof(ciphersuite_definitions) /         \
+    sizeof(ciphersuite_definitions[0])
 static int supported_ciphersuites[MAX_CIPHERSUITES];
 static int supported_init = 0;
 
-static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info )
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ciphersuite_is_removed(const mbedtls_ssl_ciphersuite_t *cs_info)
 {
-    (void)cs_info;
+    (void) cs_info;
 
 #if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
-    if( cs_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
-        return( 1 );
+    if (cs_info->cipher == MBEDTLS_CIPHER_ARC4_128) {
+        return 1;
+    }
 #endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */
 
 #if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES)
-    if( cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB ||
-        cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC )
-    {
-        return( 1 );
+    if (cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB ||
+        cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC) {
+        return 1;
     }
 #endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */
 
-    return( 0 );
+    return 0;
 }
 
-const int *mbedtls_ssl_list_ciphersuites( void )
+const int *mbedtls_ssl_list_ciphersuites(void)
 {
     /*
      * On initial call filter out all ciphersuites not supported by current
      * build based on presence in the ciphersuite_definitions.
      */
-    if( supported_init == 0 )
-    {
+    if (supported_init == 0) {
         const int *p;
         int *q;
 
-        for( p = ciphersuite_preference, q = supported_ciphersuites;
+        for (p = ciphersuite_preference, q = supported_ciphersuites;
              *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
-             p++ )
-        {
+             p++) {
             const mbedtls_ssl_ciphersuite_t *cs_info;
-            if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL &&
-                !ciphersuite_is_removed( cs_info ) )
-            {
+            if ((cs_info = mbedtls_ssl_ciphersuite_from_id(*p)) != NULL &&
+                !ciphersuite_is_removed(cs_info)) {
                 *(q++) = *p;
             }
         }
@@ -2223,105 +2228,106 @@ const int *mbedtls_ssl_list_ciphersuites( void )
         supported_init = 1;
     }
 
-    return( supported_ciphersuites );
+    return supported_ciphersuites;
 }
 #endif /* MBEDTLS_SSL_CIPHERSUITES */
 
 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
-                                                const char *ciphersuite_name )
+    const char *ciphersuite_name)
 {
     const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
 
-    if( NULL == ciphersuite_name )
-        return( NULL );
+    if (NULL == ciphersuite_name) {
+        return NULL;
+    }
 
-    while( cur->id != 0 )
-    {
-        if( 0 == strcmp( cur->name, ciphersuite_name ) )
-            return( cur );
+    while (cur->id != 0) {
+        if (0 == strcmp(cur->name, ciphersuite_name)) {
+            return cur;
+        }
 
         cur++;
     }
 
-    return( NULL );
+    return NULL;
 }
 
-const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite )
+const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id(int ciphersuite)
 {
     const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
 
-    while( cur->id != 0 )
-    {
-        if( cur->id == ciphersuite )
-            return( cur );
+    while (cur->id != 0) {
+        if (cur->id == ciphersuite) {
+            return cur;
+        }
 
         cur++;
     }
 
-    return( NULL );
+    return NULL;
 }
 
-const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id )
+const char *mbedtls_ssl_get_ciphersuite_name(const int ciphersuite_id)
 {
     const mbedtls_ssl_ciphersuite_t *cur;
 
-    cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
+    cur = mbedtls_ssl_ciphersuite_from_id(ciphersuite_id);
 
-    if( cur == NULL )
-        return( "unknown" );
+    if (cur == NULL) {
+        return "unknown";
+    }
 
-    return( cur->name );
+    return cur->name;
 }
 
-int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
+int mbedtls_ssl_get_ciphersuite_id(const char *ciphersuite_name)
 {
     const mbedtls_ssl_ciphersuite_t *cur;
 
-    cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name );
+    cur = mbedtls_ssl_ciphersuite_from_string(ciphersuite_name);
 
-    if( cur == NULL )
-        return( 0 );
+    if (cur == NULL) {
+        return 0;
+    }
 
-    return( cur->id );
+    return cur->id;
 }
 
 #if defined(MBEDTLS_PK_C)
-mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info )
+mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info)
 {
-    switch( info->key_exchange )
-    {
+    switch (info->key_exchange) {
         case MBEDTLS_KEY_EXCHANGE_RSA:
         case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
-            return( MBEDTLS_PK_RSA );
+            return MBEDTLS_PK_RSA;
 
         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
-            return( MBEDTLS_PK_ECDSA );
+            return MBEDTLS_PK_ECDSA;
 
         case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
-            return( MBEDTLS_PK_ECKEY );
+            return MBEDTLS_PK_ECKEY;
 
         default:
-            return( MBEDTLS_PK_NONE );
+            return MBEDTLS_PK_NONE;
     }
 }
 
-mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info )
+mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info)
 {
-    switch( info->key_exchange )
-    {
+    switch (info->key_exchange) {
         case MBEDTLS_KEY_EXCHANGE_RSA:
         case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
-            return( MBEDTLS_PK_RSA );
+            return MBEDTLS_PK_RSA;
 
         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
-            return( MBEDTLS_PK_ECDSA );
+            return MBEDTLS_PK_ECDSA;
 
         default:
-            return( MBEDTLS_PK_NONE );
+            return MBEDTLS_PK_NONE;
     }
 }
 
@@ -2329,37 +2335,35 @@ mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphers
 
 #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
     defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
+int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info)
 {
-    switch( info->key_exchange )
-    {
+    switch (info->key_exchange) {
         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
         case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
         case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
-            return( 1 );
+            return 1;
 
         default:
-            return( 0 );
+            return 0;
     }
 }
 #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/
 
 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
-int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info )
+int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info)
 {
-    switch( info->key_exchange )
-    {
+    switch (info->key_exchange) {
         case MBEDTLS_KEY_EXCHANGE_PSK:
         case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
         case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
-            return( 1 );
+            return 1;
 
         default:
-            return( 0 );
+            return 0;
     }
 }
 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
diff --git a/3rdparty/mbedtls-2.28.7/library/ssl_cli.c b/3rdparty/mbedtls-2.28.7/library/ssl_cli.c
new file mode 100644
index 0000000..4fde783
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/ssl_cli.c
@@ -0,0 +1,4385 @@
+/*
+ *  SSLv3/TLSv1 client-side functions
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_SSL_CLI_C)
+
+#include "mbedtls/platform.h"
+
+#include "mbedtls/ssl.h"
+#include "mbedtls/ssl_internal.h"
+#include "mbedtls/debug.h"
+#include "mbedtls/error.h"
+#include "mbedtls/constant_time.h"
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "mbedtls/psa_util.h"
+#include "psa/crypto.h"
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#include <string.h>
+
+#include <stdint.h>
+
+#if defined(MBEDTLS_HAVE_TIME)
+#include "mbedtls/platform_time.h"
+#endif
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+#include "mbedtls/platform_util.h"
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_conf_has_static_psk(mbedtls_ssl_config const *conf)
+{
+    if (conf->psk_identity     == NULL ||
+        conf->psk_identity_len == 0) {
+        return 0;
+    }
+
+    if (conf->psk != NULL && conf->psk_len != 0) {
+        return 1;
+    }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (!mbedtls_svc_key_id_is_null(conf->psk_opaque)) {
+        return 1;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    return 0;
+}
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_conf_has_static_raw_psk(mbedtls_ssl_config const *conf)
+{
+    if (conf->psk_identity     == NULL ||
+        conf->psk_identity_len == 0) {
+        return 0;
+    }
+
+    if (conf->psk != NULL && conf->psk_len != 0) {
+        return 1;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_hostname_ext(mbedtls_ssl_context *ssl,
+                                  unsigned char *buf,
+                                  const unsigned char *end,
+                                  size_t *olen)
+{
+    unsigned char *p = buf;
+    size_t hostname_len;
+
+    *olen = 0;
+
+    if (ssl->hostname == NULL) {
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3,
+                          ("client hello, adding server name extension: %s",
+                           ssl->hostname));
+
+    hostname_len = strlen(ssl->hostname);
+
+    MBEDTLS_SSL_CHK_BUF_PTR(p, end, hostname_len + 9);
+
+    /*
+     * Sect. 3, RFC 6066 (TLS Extensions Definitions)
+     *
+     * In order to provide any of the server names, clients MAY include an
+     * extension of type "server_name" in the (extended) client hello. The
+     * "extension_data" field of this extension SHALL contain
+     * "ServerNameList" where:
+     *
+     * struct {
+     *     NameType name_type;
+     *     select (name_type) {
+     *         case host_name: HostName;
+     *     } name;
+     * } ServerName;
+     *
+     * enum {
+     *     host_name(0), (255)
+     * } NameType;
+     *
+     * opaque HostName<1..2^16-1>;
+     *
+     * struct {
+     *     ServerName server_name_list<1..2^16-1>
+     * } ServerNameList;
+     *
+     */
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SERVERNAME, p, 0);
+    p += 2;
+
+    MBEDTLS_PUT_UINT16_BE(hostname_len + 5, p, 0);
+    p += 2;
+
+    MBEDTLS_PUT_UINT16_BE(hostname_len + 3, p, 0);
+    p += 2;
+
+    *p++ = MBEDTLS_BYTE_0(MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME);
+
+    MBEDTLS_PUT_UINT16_BE(hostname_len, p, 0);
+    p += 2;
+
+    memcpy(p, ssl->hostname, hostname_len);
+
+    *olen = hostname_len + 9;
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_renegotiation_ext(mbedtls_ssl_context *ssl,
+                                       unsigned char *buf,
+                                       const unsigned char *end,
+                                       size_t *olen)
+{
+    unsigned char *p = buf;
+
+    *olen = 0;
+
+    /* We're always including a TLS_EMPTY_RENEGOTIATION_INFO_SCSV in the
+     * initial ClientHello, in which case also adding the renegotiation
+     * info extension is NOT RECOMMENDED as per RFC 5746 Section 3.4. */
+    if (ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) {
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3,
+                          ("client hello, adding renegotiation extension"));
+
+    MBEDTLS_SSL_CHK_BUF_PTR(p, end, 5 + ssl->verify_data_len);
+
+    /*
+     * Secure renegotiation
+     */
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_RENEGOTIATION_INFO, p, 0);
+    p += 2;
+
+    *p++ = 0x00;
+    *p++ = MBEDTLS_BYTE_0(ssl->verify_data_len + 1);
+    *p++ = MBEDTLS_BYTE_0(ssl->verify_data_len);
+
+    memcpy(p, ssl->own_verify_data, ssl->verify_data_len);
+
+    *olen = 5 + ssl->verify_data_len;
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+/*
+ * Only if we handle at least one key exchange that needs signatures.
+ */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_signature_algorithms_ext(mbedtls_ssl_context *ssl,
+                                              unsigned char *buf,
+                                              const unsigned char *end,
+                                              size_t *olen)
+{
+    unsigned char *p = buf;
+    size_t sig_alg_len = 0;
+    const int *md;
+
+#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_C)
+    unsigned char *sig_alg_list = buf + 6;
+#endif
+
+    *olen = 0;
+
+    if (ssl->conf->max_minor_ver != MBEDTLS_SSL_MINOR_VERSION_3) {
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3,
+                          ("client hello, adding signature_algorithms extension"));
+
+    if (ssl->conf->sig_hashes == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_CONFIG;
+    }
+
+    for (md = ssl->conf->sig_hashes; *md != MBEDTLS_MD_NONE; md++) {
+#if defined(MBEDTLS_ECDSA_C)
+        sig_alg_len += 2;
+#endif
+#if defined(MBEDTLS_RSA_C)
+        sig_alg_len += 2;
+#endif
+        if (sig_alg_len > MBEDTLS_SSL_MAX_SIG_HASH_ALG_LIST_LEN) {
+            MBEDTLS_SSL_DEBUG_MSG(3,
+                                  ("length in bytes of sig-hash-alg extension too big"));
+            return MBEDTLS_ERR_SSL_BAD_CONFIG;
+        }
+    }
+
+    /* Empty signature algorithms list, this is a configuration error. */
+    if (sig_alg_len == 0) {
+        return MBEDTLS_ERR_SSL_BAD_CONFIG;
+    }
+
+    MBEDTLS_SSL_CHK_BUF_PTR(p, end, sig_alg_len + 6);
+
+    /*
+     * Prepare signature_algorithms extension (TLS 1.2)
+     */
+    sig_alg_len = 0;
+
+    for (md = ssl->conf->sig_hashes; *md != MBEDTLS_MD_NONE; md++) {
+#if defined(MBEDTLS_ECDSA_C)
+        sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg(*md);
+        sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_ECDSA;
+#endif
+#if defined(MBEDTLS_RSA_C)
+        sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg(*md);
+        sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_RSA;
+#endif
+    }
+
+    /*
+     * enum {
+     *     none(0), md5(1), sha1(2), sha224(3), sha256(4), sha384(5),
+     *     sha512(6), (255)
+     * } HashAlgorithm;
+     *
+     * enum { anonymous(0), rsa(1), dsa(2), ecdsa(3), (255) }
+     *   SignatureAlgorithm;
+     *
+     * struct {
+     *     HashAlgorithm hash;
+     *     SignatureAlgorithm signature;
+     * } SignatureAndHashAlgorithm;
+     *
+     * SignatureAndHashAlgorithm
+     *   supported_signature_algorithms<2..2^16-2>;
+     */
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SIG_ALG, p, 0);
+    p += 2;
+
+    MBEDTLS_PUT_UINT16_BE(sig_alg_len + 2, p, 0);
+    p += 2;
+
+    MBEDTLS_PUT_UINT16_BE(sig_alg_len, p, 0);
+    p += 2;
+
+    *olen = 6 + sig_alg_len;
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
+          MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_supported_elliptic_curves_ext(mbedtls_ssl_context *ssl,
+                                                   unsigned char *buf,
+                                                   const unsigned char *end,
+                                                   size_t *olen)
+{
+    unsigned char *p = buf;
+    unsigned char *elliptic_curve_list = p + 6;
+    size_t elliptic_curve_len = 0;
+    const mbedtls_ecp_curve_info *info;
+    const mbedtls_ecp_group_id *grp_id;
+
+    *olen = 0;
+
+    MBEDTLS_SSL_DEBUG_MSG(3,
+                          ("client hello, adding supported_elliptic_curves extension"));
+
+    if (ssl->conf->curve_list == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_CONFIG;
+    }
+
+    for (grp_id = ssl->conf->curve_list;
+         *grp_id != MBEDTLS_ECP_DP_NONE;
+         grp_id++) {
+        info = mbedtls_ecp_curve_info_from_grp_id(*grp_id);
+        if (info == NULL) {
+            MBEDTLS_SSL_DEBUG_MSG(1,
+                                  ("invalid curve in ssl configuration"));
+            return MBEDTLS_ERR_SSL_BAD_CONFIG;
+        }
+        elliptic_curve_len += 2;
+
+        if (elliptic_curve_len > MBEDTLS_SSL_MAX_CURVE_LIST_LEN) {
+            MBEDTLS_SSL_DEBUG_MSG(3,
+                                  ("malformed supported_elliptic_curves extension in config"));
+            return MBEDTLS_ERR_SSL_BAD_CONFIG;
+        }
+    }
+
+    /* Empty elliptic curve list, this is a configuration error. */
+    if (elliptic_curve_len == 0) {
+        return MBEDTLS_ERR_SSL_BAD_CONFIG;
+    }
+
+    MBEDTLS_SSL_CHK_BUF_PTR(p, end, 6 + elliptic_curve_len);
+
+    elliptic_curve_len = 0;
+
+    for (grp_id = ssl->conf->curve_list;
+         *grp_id != MBEDTLS_ECP_DP_NONE;
+         grp_id++) {
+        info = mbedtls_ecp_curve_info_from_grp_id(*grp_id);
+        elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_1(info->tls_id);
+        elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_0(info->tls_id);
+    }
+
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES, p, 0);
+    p += 2;
+
+    MBEDTLS_PUT_UINT16_BE(elliptic_curve_len + 2, p, 0);
+    p += 2;
+
+    MBEDTLS_PUT_UINT16_BE(elliptic_curve_len, p, 0);
+    p += 2;
+
+    *olen = 6 + elliptic_curve_len;
+
+    return 0;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_supported_point_formats_ext(mbedtls_ssl_context *ssl,
+                                                 unsigned char *buf,
+                                                 const unsigned char *end,
+                                                 size_t *olen)
+{
+    unsigned char *p = buf;
+    (void) ssl; /* ssl used for debugging only */
+
+    *olen = 0;
+
+    MBEDTLS_SSL_DEBUG_MSG(3,
+                          ("client hello, adding supported_point_formats extension"));
+    MBEDTLS_SSL_CHK_BUF_PTR(p, end, 6);
+
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS, p, 0);
+    p += 2;
+
+    *p++ = 0x00;
+    *p++ = 2;
+
+    *p++ = 1;
+    *p++ = MBEDTLS_ECP_PF_UNCOMPRESSED;
+
+    *olen = 6;
+
+    return 0;
+}
+#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
+          MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_ecjpake_kkpp_ext(mbedtls_ssl_context *ssl,
+                                      unsigned char *buf,
+                                      const unsigned char *end,
+                                      size_t *olen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *p = buf;
+    size_t kkpp_len;
+
+    *olen = 0;
+
+    /* Skip costly extension if we can't use EC J-PAKE anyway */
+    if (mbedtls_ecjpake_check(&ssl->handshake->ecjpake_ctx) != 0) {
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3,
+                          ("client hello, adding ecjpake_kkpp extension"));
+
+    MBEDTLS_SSL_CHK_BUF_PTR(p, end, 4);
+
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_ECJPAKE_KKPP, p, 0);
+    p += 2;
+
+    /*
+     * We may need to send ClientHello multiple times for Hello verification.
+     * We don't want to compute fresh values every time (both for performance
+     * and consistency reasons), so cache the extension content.
+     */
+    if (ssl->handshake->ecjpake_cache == NULL ||
+        ssl->handshake->ecjpake_cache_len == 0) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("generating new ecjpake parameters"));
+
+        ret = mbedtls_ecjpake_write_round_one(&ssl->handshake->ecjpake_ctx,
+                                              p + 2, end - p - 2, &kkpp_len,
+                                              ssl->conf->f_rng, ssl->conf->p_rng);
+        if (ret != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1,
+                                  "mbedtls_ecjpake_write_round_one", ret);
+            return ret;
+        }
+
+        ssl->handshake->ecjpake_cache = mbedtls_calloc(1, kkpp_len);
+        if (ssl->handshake->ecjpake_cache == NULL) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("allocation failed"));
+            return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+        }
+
+        memcpy(ssl->handshake->ecjpake_cache, p + 2, kkpp_len);
+        ssl->handshake->ecjpake_cache_len = kkpp_len;
+    } else {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("re-using cached ecjpake parameters"));
+
+        kkpp_len = ssl->handshake->ecjpake_cache_len;
+        MBEDTLS_SSL_CHK_BUF_PTR(p + 2, end, kkpp_len);
+
+        memcpy(p + 2, ssl->handshake->ecjpake_cache, kkpp_len);
+    }
+
+    MBEDTLS_PUT_UINT16_BE(kkpp_len, p, 0);
+    p += 2;
+
+    *olen = kkpp_len + 4;
+
+    return 0;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_cid_ext(mbedtls_ssl_context *ssl,
+                             unsigned char *buf,
+                             const unsigned char *end,
+                             size_t *olen)
+{
+    unsigned char *p = buf;
+    size_t ext_len;
+
+    /*
+     * Quoting draft-ietf-tls-dtls-connection-id-05
+     * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05
+     *
+     *   struct {
+     *      opaque cid<0..2^8-1>;
+     *   } ConnectionId;
+     */
+
+    *olen = 0;
+    if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ||
+        ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED) {
+        return 0;
+    }
+    MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, adding CID extension"));
+
+    /* ssl->own_cid_len is at most MBEDTLS_SSL_CID_IN_LEN_MAX
+     * which is at most 255, so the increment cannot overflow. */
+    MBEDTLS_SSL_CHK_BUF_PTR(p, end, (unsigned) (ssl->own_cid_len + 5));
+
+    /* Add extension ID + size */
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_CID, p, 0);
+    p += 2;
+    ext_len = (size_t) ssl->own_cid_len + 1;
+    MBEDTLS_PUT_UINT16_BE(ext_len, p, 0);
+    p += 2;
+
+    *p++ = (uint8_t) ssl->own_cid_len;
+    memcpy(p, ssl->own_cid, ssl->own_cid_len);
+
+    *olen = ssl->own_cid_len + 5;
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_max_fragment_length_ext(mbedtls_ssl_context *ssl,
+                                             unsigned char *buf,
+                                             const unsigned char *end,
+                                             size_t *olen)
+{
+    unsigned char *p = buf;
+
+    *olen = 0;
+
+    if (ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE) {
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3,
+                          ("client hello, adding max_fragment_length extension"));
+
+    MBEDTLS_SSL_CHK_BUF_PTR(p, end, 5);
+
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH, p, 0);
+    p += 2;
+
+    *p++ = 0x00;
+    *p++ = 1;
+
+    *p++ = ssl->conf->mfl_code;
+
+    *olen = 5;
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_truncated_hmac_ext(mbedtls_ssl_context *ssl,
+                                        unsigned char *buf,
+                                        const unsigned char *end,
+                                        size_t *olen)
+{
+    unsigned char *p = buf;
+
+    *olen = 0;
+
+    if (ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED) {
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3,
+                          ("client hello, adding truncated_hmac extension"));
+
+    MBEDTLS_SSL_CHK_BUF_PTR(p, end, 4);
+
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_TRUNCATED_HMAC, p, 0);
+    p += 2;
+
+    *p++ = 0x00;
+    *p++ = 0x00;
+
+    *olen = 4;
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_encrypt_then_mac_ext(mbedtls_ssl_context *ssl,
+                                          unsigned char *buf,
+                                          const unsigned char *end,
+                                          size_t *olen)
+{
+    unsigned char *p = buf;
+
+    *olen = 0;
+
+    if (ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED ||
+        ssl->conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) {
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3,
+                          ("client hello, adding encrypt_then_mac extension"));
+
+    MBEDTLS_SSL_CHK_BUF_PTR(p, end, 4);
+
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC, p, 0);
+    p += 2;
+
+    *p++ = 0x00;
+    *p++ = 0x00;
+
+    *olen = 4;
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_extended_ms_ext(mbedtls_ssl_context *ssl,
+                                     unsigned char *buf,
+                                     const unsigned char *end,
+                                     size_t *olen)
+{
+    unsigned char *p = buf;
+
+    *olen = 0;
+
+    if (ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED ||
+        ssl->conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) {
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3,
+                          ("client hello, adding extended_master_secret extension"));
+
+    MBEDTLS_SSL_CHK_BUF_PTR(p, end, 4);
+
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET, p, 0);
+    p += 2;
+
+    *p++ = 0x00;
+    *p++ = 0x00;
+
+    *olen = 4;
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_session_ticket_ext(mbedtls_ssl_context *ssl,
+                                        unsigned char *buf,
+                                        const unsigned char *end,
+                                        size_t *olen)
+{
+    unsigned char *p = buf;
+    size_t tlen = ssl->session_negotiate->ticket_len;
+
+    *olen = 0;
+
+    if (ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED) {
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3,
+                          ("client hello, adding session ticket extension"));
+
+    /* The addition is safe here since the ticket length is 16 bit. */
+    MBEDTLS_SSL_CHK_BUF_PTR(p, end, 4 + tlen);
+
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SESSION_TICKET, p, 0);
+    p += 2;
+
+    MBEDTLS_PUT_UINT16_BE(tlen, p, 0);
+    p += 2;
+
+    *olen = 4;
+
+    if (ssl->session_negotiate->ticket == NULL || tlen == 0) {
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3,
+                          ("sending session ticket of length %" MBEDTLS_PRINTF_SIZET, tlen));
+
+    memcpy(p, ssl->session_negotiate->ticket, tlen);
+
+    *olen += tlen;
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_SSL_ALPN)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_alpn_ext(mbedtls_ssl_context *ssl,
+                              unsigned char *buf,
+                              const unsigned char *end,
+                              size_t *olen)
+{
+    unsigned char *p = buf;
+    size_t alpnlen = 0;
+    const char **cur;
+
+    *olen = 0;
+
+    if (ssl->conf->alpn_list == NULL) {
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, adding alpn extension"));
+
+    for (cur = ssl->conf->alpn_list; *cur != NULL; cur++) {
+        alpnlen += strlen(*cur) + 1;
+    }
+
+    MBEDTLS_SSL_CHK_BUF_PTR(p, end, 6 + alpnlen);
+
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_ALPN, p, 0);
+    p += 2;
+
+    /*
+     * opaque ProtocolName<1..2^8-1>;
+     *
+     * struct {
+     *     ProtocolName protocol_name_list<2..2^16-1>
+     * } ProtocolNameList;
+     */
+
+    /* Skip writing extension and list length for now */
+    p += 4;
+
+    for (cur = ssl->conf->alpn_list; *cur != NULL; cur++) {
+        /*
+         * mbedtls_ssl_conf_set_alpn_protocols() checked that the length of
+         * protocol names is less than 255.
+         */
+        *p = (unsigned char) strlen(*cur);
+        memcpy(p + 1, *cur, *p);
+        p += 1 + *p;
+    }
+
+    *olen = p - buf;
+
+    /* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */
+    MBEDTLS_PUT_UINT16_BE(*olen - 6, buf, 4);
+
+    /* Extension length = olen - 2 (ext_type) - 2 (ext_len) */
+    MBEDTLS_PUT_UINT16_BE(*olen - 4, buf, 2);
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_ALPN */
+
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_use_srtp_ext(mbedtls_ssl_context *ssl,
+                                  unsigned char *buf,
+                                  const unsigned char *end,
+                                  size_t *olen)
+{
+    unsigned char *p = buf;
+    size_t protection_profiles_index = 0, ext_len = 0;
+    uint16_t mki_len = 0, profile_value = 0;
+
+    *olen = 0;
+
+    if ((ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) ||
+        (ssl->conf->dtls_srtp_profile_list == NULL) ||
+        (ssl->conf->dtls_srtp_profile_list_len == 0)) {
+        return 0;
+    }
+
+    /* RFC 5764 section 4.1.1
+     * uint8 SRTPProtectionProfile[2];
+     *
+     * struct {
+     *   SRTPProtectionProfiles SRTPProtectionProfiles;
+     *   opaque srtp_mki<0..255>;
+     * } UseSRTPData;
+     * SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1>;
+     */
+    if (ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED) {
+        mki_len = ssl->dtls_srtp_info.mki_len;
+    }
+    /* Extension length = 2 bytes for profiles length,
+     *                    ssl->conf->dtls_srtp_profile_list_len * 2 (each profile is 2 bytes length ),
+     *                    1 byte for srtp_mki vector length and the mki_len value
+     */
+    ext_len = 2 + 2 * (ssl->conf->dtls_srtp_profile_list_len) + 1 + mki_len;
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, adding use_srtp extension"));
+
+    /* Check there is room in the buffer for the extension + 4 bytes
+     * - the extension tag (2 bytes)
+     * - the extension length (2 bytes)
+     */
+    MBEDTLS_SSL_CHK_BUF_PTR(p, end, ext_len + 4);
+
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_USE_SRTP, p, 0);
+    p += 2;
+
+    MBEDTLS_PUT_UINT16_BE(ext_len, p, 0);
+    p += 2;
+
+    /* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */
+    /* micro-optimization:
+     * the list size is limited to MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH
+     * which is lower than 127, so the upper byte of the length is always 0
+     * For the documentation, the more generic code is left in comments
+     * *p++ = (unsigned char)( ( ( 2 * ssl->conf->dtls_srtp_profile_list_len )
+     *                        >> 8 ) & 0xFF );
+     */
+    *p++ = 0;
+    *p++ = MBEDTLS_BYTE_0(2 * ssl->conf->dtls_srtp_profile_list_len);
+
+    for (protection_profiles_index = 0;
+         protection_profiles_index < ssl->conf->dtls_srtp_profile_list_len;
+         protection_profiles_index++) {
+        profile_value = mbedtls_ssl_check_srtp_profile_value
+                            (ssl->conf->dtls_srtp_profile_list[protection_profiles_index]);
+        if (profile_value != MBEDTLS_TLS_SRTP_UNSET) {
+            MBEDTLS_SSL_DEBUG_MSG(3, ("ssl_write_use_srtp_ext, add profile: %04x",
+                                      profile_value));
+            MBEDTLS_PUT_UINT16_BE(profile_value, p, 0);
+            p += 2;
+        } else {
+            /*
+             * Note: we shall never arrive here as protection profiles
+             * is checked by mbedtls_ssl_conf_dtls_srtp_protection_profiles function
+             */
+            MBEDTLS_SSL_DEBUG_MSG(3,
+                                  ("client hello, "
+                                   "illegal DTLS-SRTP protection profile %d",
+                                   ssl->conf->dtls_srtp_profile_list[protection_profiles_index]
+                                  ));
+            return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+        }
+    }
+
+    *p++ = mki_len & 0xFF;
+
+    if (mki_len != 0) {
+        memcpy(p, ssl->dtls_srtp_info.mki_value, mki_len);
+        /*
+         * Increment p to point to the current position.
+         */
+        p += mki_len;
+        MBEDTLS_SSL_DEBUG_BUF(3, "sending mki",  ssl->dtls_srtp_info.mki_value,
+                              ssl->dtls_srtp_info.mki_len);
+    }
+
+    /*
+     * total extension length: extension type (2 bytes)
+     *                         + extension length (2 bytes)
+     *                         + protection profile length (2 bytes)
+     *                         + 2 * number of protection profiles
+     *                         + srtp_mki vector length(1 byte)
+     *                         + mki value
+     */
+    *olen = p - buf;
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
+/*
+ * Generate random bytes for ClientHello
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_generate_random(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *p = ssl->handshake->randbytes;
+#if defined(MBEDTLS_HAVE_TIME)
+    mbedtls_time_t t;
+#endif
+
+    /*
+     * When responding to a verify request, MUST reuse random (RFC 6347 4.2.1)
+     */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ssl->handshake->verify_cookie != NULL) {
+        return 0;
+    }
+#endif
+
+#if defined(MBEDTLS_HAVE_TIME)
+    t = mbedtls_time(NULL);
+    MBEDTLS_PUT_UINT32_BE(t, p, 0);
+    p += 4;
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, current time: %" MBEDTLS_PRINTF_LONGLONG,
+                              (long long) t));
+#else
+    if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 4)) != 0) {
+        return ret;
+    }
+
+    p += 4;
+#endif /* MBEDTLS_HAVE_TIME */
+
+    if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 28)) != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+
+/**
+ * \brief           Validate cipher suite against config in SSL context.
+ *
+ * \param suite_info    cipher suite to validate
+ * \param ssl           SSL context
+ * \param min_minor_ver Minimal minor version to accept a cipher suite
+ * \param max_minor_ver Maximal minor version to accept a cipher suite
+ *
+ * \return          0 if valid, else 1
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_validate_ciphersuite(
+    const mbedtls_ssl_ciphersuite_t *suite_info,
+    const mbedtls_ssl_context *ssl,
+    int min_minor_ver, int max_minor_ver)
+{
+    (void) ssl;
+    if (suite_info == NULL) {
+        return 1;
+    }
+
+    if (suite_info->min_minor_ver > max_minor_ver ||
+        suite_info->max_minor_ver < min_minor_ver) {
+        return 1;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        (suite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS)) {
+        return 1;
+    }
+#endif
+
+#if defined(MBEDTLS_ARC4_C)
+    if (ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED &&
+        suite_info->cipher == MBEDTLS_CIPHER_ARC4_128) {
+        return 1;
+    }
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    if (suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE &&
+        mbedtls_ecjpake_check(&ssl->handshake->ecjpake_ctx) != 0) {
+        return 1;
+    }
+#endif
+
+    /* Don't suggest PSK-based ciphersuite if no PSK is available. */
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+    if (mbedtls_ssl_ciphersuite_uses_psk(suite_info) &&
+        ssl_conf_has_static_psk(ssl->conf) == 0) {
+        return 1;
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+
+    return 0;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_client_hello(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t i, n, olen, ext_len = 0;
+
+    unsigned char *buf;
+    unsigned char *p, *q;
+    const unsigned char *end;
+
+    unsigned char offer_compress;
+    const int *ciphersuites;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    int uses_ec = 0;
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write client hello"));
+
+    if (ssl->conf->f_rng == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("no RNG provided"));
+        return MBEDTLS_ERR_SSL_NO_RNG;
+    }
+
+    int renegotiating = 0;
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) {
+        renegotiating = 1;
+    }
+#endif
+    if (!renegotiating) {
+        ssl->major_ver = ssl->conf->min_major_ver;
+        ssl->minor_ver = ssl->conf->min_minor_ver;
+    }
+
+    if (ssl->conf->max_major_ver == 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              (
+                                  "configured max major version is invalid, consider using mbedtls_ssl_config_defaults()"));
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    buf = ssl->out_msg;
+    end = buf + MBEDTLS_SSL_OUT_CONTENT_LEN;
+
+    /*
+     * Check if there's enough space for the first part of the ClientHello
+     * consisting of the 38 bytes described below, the session identifier (at
+     * most 32 bytes) and its length (1 byte).
+     *
+     * Use static upper bounds instead of the actual values
+     * to allow the compiler to optimize this away.
+     */
+    MBEDTLS_SSL_CHK_BUF_PTR(buf, end, 38 + 1 + 32);
+
+    /*
+     * The 38 first bytes of the ClientHello:
+     *     0  .   0   handshake type (written later)
+     *     1  .   3   handshake length (written later)
+     *     4  .   5   highest version supported
+     *     6  .   9   current UNIX time
+     *    10  .  37   random bytes
+     *
+     * The current UNIX time (4 bytes) and following 28 random bytes are written
+     * by ssl_generate_random() into ssl->handshake->randbytes buffer and then
+     * copied from there into the output buffer.
+     */
+
+    p = buf + 4;
+    mbedtls_ssl_write_version(ssl->conf->max_major_ver,
+                              ssl->conf->max_minor_ver,
+                              ssl->conf->transport, p);
+    p += 2;
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, max version: [%d:%d]",
+                              buf[4], buf[5]));
+
+    if ((ret = ssl_generate_random(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "ssl_generate_random", ret);
+        return ret;
+    }
+
+    memcpy(p, ssl->handshake->randbytes, 32);
+    MBEDTLS_SSL_DEBUG_BUF(3, "client hello, random bytes", p, 32);
+    p += 32;
+
+    /*
+     *    38  .  38   session id length
+     *    39  . 39+n  session id
+     *   39+n . 39+n  DTLS only: cookie length (1 byte)
+     *   40+n .  ..   DTLS only: cookie
+     *   ..   . ..    ciphersuitelist length (2 bytes)
+     *   ..   . ..    ciphersuitelist
+     *   ..   . ..    compression methods length (1 byte)
+     *   ..   . ..    compression methods
+     *   ..   . ..    extensions length (2 bytes)
+     *   ..   . ..    extensions
+     */
+    n = ssl->session_negotiate->id_len;
+
+    if (n < 16 || n > 32 ||
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+        ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ||
+#endif
+        ssl->handshake->resume == 0) {
+        n = 0;
+    }
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    /*
+     * RFC 5077 section 3.4: "When presenting a ticket, the client MAY
+     * generate and include a Session ID in the TLS ClientHello."
+     */
+    if (!renegotiating) {
+        if (ssl->session_negotiate->ticket != NULL &&
+            ssl->session_negotiate->ticket_len != 0) {
+            ret = ssl->conf->f_rng(ssl->conf->p_rng,
+                                   ssl->session_negotiate->id, 32);
+
+            if (ret != 0) {
+                return ret;
+            }
+
+            ssl->session_negotiate->id_len = n = 32;
+        }
+    }
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+    /*
+     * The first check of the output buffer size above (
+     * MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 38 + 1 + 32 );)
+     * has checked that there is enough space in the output buffer for the
+     * session identifier length byte and the session identifier (n <= 32).
+     */
+    *p++ = (unsigned char) n;
+
+    for (i = 0; i < n; i++) {
+        *p++ = ssl->session_negotiate->id[i];
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, session id len.: %" MBEDTLS_PRINTF_SIZET, n));
+    MBEDTLS_SSL_DEBUG_BUF(3,   "client hello, session id", buf + 39, n);
+
+    /*
+     *   With 'n' being the length of the session identifier
+     *
+     *   39+n . 39+n  DTLS only: cookie length (1 byte)
+     *   40+n .  ..   DTLS only: cookie
+     *   ..   . ..    ciphersuitelist length (2 bytes)
+     *   ..   . ..    ciphersuitelist
+     *   ..   . ..    compression methods length (1 byte)
+     *   ..   . ..    compression methods
+     *   ..   . ..    extensions length (2 bytes)
+     *   ..   . ..    extensions
+     */
+
+    /*
+     * DTLS cookie
+     */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        MBEDTLS_SSL_CHK_BUF_PTR(p, end, 1);
+
+        if (ssl->handshake->verify_cookie == NULL) {
+            MBEDTLS_SSL_DEBUG_MSG(3, ("no verify cookie to send"));
+            *p++ = 0;
+        } else {
+            MBEDTLS_SSL_DEBUG_BUF(3, "client hello, cookie",
+                                  ssl->handshake->verify_cookie,
+                                  ssl->handshake->verify_cookie_len);
+
+            *p++ = ssl->handshake->verify_cookie_len;
+
+            MBEDTLS_SSL_CHK_BUF_PTR(p, end,
+                                    ssl->handshake->verify_cookie_len);
+            memcpy(p, ssl->handshake->verify_cookie,
+                   ssl->handshake->verify_cookie_len);
+            p += ssl->handshake->verify_cookie_len;
+        }
+    }
+#endif
+
+    /*
+     * Ciphersuite list
+     */
+    ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver];
+
+    /* Skip writing ciphersuite length for now */
+    n = 0;
+    q = p;
+
+    MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2);
+    p += 2;
+
+    for (i = 0; ciphersuites[i] != 0; i++) {
+        ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(ciphersuites[i]);
+
+        if (ssl_validate_ciphersuite(ciphersuite_info, ssl,
+                                     ssl->conf->min_minor_ver,
+                                     ssl->conf->max_minor_ver) != 0) {
+            continue;
+        }
+
+        MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, add ciphersuite: %#04x (%s)",
+                                  (unsigned int) ciphersuites[i], ciphersuite_info->name));
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+        defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+        uses_ec |= mbedtls_ssl_ciphersuite_uses_ec(ciphersuite_info);
+#endif
+
+        MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2);
+
+        n++;
+        MBEDTLS_PUT_UINT16_BE(ciphersuites[i], p, 0);
+        p += 2;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3,
+                          ("client hello, got %" MBEDTLS_PRINTF_SIZET
+                           " ciphersuites (excluding SCSVs)", n));
+
+    /*
+     * Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV
+     */
+    if (!renegotiating) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("adding EMPTY_RENEGOTIATION_INFO_SCSV"));
+        MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2);
+        MBEDTLS_PUT_UINT16_BE(MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO, p, 0);
+        p += 2;
+        n++;
+    }
+
+    /* Some versions of OpenSSL don't handle it correctly if not at end */
+#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
+    if (ssl->conf->fallback == MBEDTLS_SSL_IS_FALLBACK) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("adding FALLBACK_SCSV"));
+
+        MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2);
+        MBEDTLS_PUT_UINT16_BE(MBEDTLS_SSL_FALLBACK_SCSV_VALUE, p, 0);
+        p += 2;
+        n++;
+    }
+#endif
+
+    *q++ = (unsigned char) (n >> 7);
+    *q++ = (unsigned char) (n << 1);
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    offer_compress = 1;
+#else
+    offer_compress = 0;
+#endif
+
+    /*
+     * We don't support compression with DTLS right now: if many records come
+     * in the same datagram, uncompressing one could overwrite the next one.
+     * We don't want to add complexity for handling that case unless there is
+     * an actual need for it.
+     */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        offer_compress = 0;
+    }
+#endif
+
+    if (offer_compress) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, compress len.: %d", 2));
+        MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, compress alg.: %d %d",
+                                  MBEDTLS_SSL_COMPRESS_DEFLATE,
+                                  MBEDTLS_SSL_COMPRESS_NULL));
+
+        MBEDTLS_SSL_CHK_BUF_PTR(p, end, 3);
+        *p++ = 2;
+        *p++ = MBEDTLS_SSL_COMPRESS_DEFLATE;
+        *p++ = MBEDTLS_SSL_COMPRESS_NULL;
+    } else {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, compress len.: %d", 1));
+        MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, compress alg.: %d",
+                                  MBEDTLS_SSL_COMPRESS_NULL));
+
+        MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2);
+        *p++ = 1;
+        *p++ = MBEDTLS_SSL_COMPRESS_NULL;
+    }
+
+    /* First write extensions, then the total length */
+
+    MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2);
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    if ((ret = ssl_write_hostname_ext(ssl, p + 2 + ext_len,
+                                      end, &olen)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_hostname_ext", ret);
+        return ret;
+    }
+    ext_len += olen;
+#endif
+
+    /* Note that TLS_EMPTY_RENEGOTIATION_INFO_SCSV is always added
+     * even if MBEDTLS_SSL_RENEGOTIATION is not defined. */
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if ((ret = ssl_write_renegotiation_ext(ssl, p + 2 + ext_len,
+                                           end, &olen)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_renegotiation_ext", ret);
+        return ret;
+    }
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    if ((ret = ssl_write_signature_algorithms_ext(ssl, p + 2 + ext_len,
+                                                  end, &olen)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_signature_algorithms_ext", ret);
+        return ret;
+    }
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    if (uses_ec) {
+        if ((ret = ssl_write_supported_elliptic_curves_ext(ssl, p + 2 + ext_len,
+                                                           end, &olen)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_supported_elliptic_curves_ext", ret);
+            return ret;
+        }
+        ext_len += olen;
+
+        if ((ret = ssl_write_supported_point_formats_ext(ssl, p + 2 + ext_len,
+                                                         end, &olen)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_supported_point_formats_ext", ret);
+            return ret;
+        }
+        ext_len += olen;
+    }
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    if ((ret = ssl_write_ecjpake_kkpp_ext(ssl, p + 2 + ext_len,
+                                          end, &olen)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_ecjpake_kkpp_ext", ret);
+        return ret;
+    }
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    if ((ret = ssl_write_cid_ext(ssl, p + 2 + ext_len, end, &olen)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_cid_ext", ret);
+        return ret;
+    }
+    ext_len += olen;
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    if ((ret = ssl_write_max_fragment_length_ext(ssl, p + 2 + ext_len,
+                                                 end, &olen)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_max_fragment_length_ext", ret);
+        return ret;
+    }
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    if ((ret = ssl_write_truncated_hmac_ext(ssl, p + 2 + ext_len,
+                                            end, &olen)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_truncated_hmac_ext", ret);
+        return ret;
+    }
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    if ((ret = ssl_write_encrypt_then_mac_ext(ssl, p + 2 + ext_len,
+                                              end, &olen)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_encrypt_then_mac_ext", ret);
+        return ret;
+    }
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    if ((ret = ssl_write_extended_ms_ext(ssl, p + 2 + ext_len,
+                                         end, &olen)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_extended_ms_ext", ret);
+        return ret;
+    }
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_ALPN)
+    if ((ret = ssl_write_alpn_ext(ssl, p + 2 + ext_len,
+                                  end, &olen)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_alpn_ext", ret);
+        return ret;
+    }
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+    if ((ret = ssl_write_use_srtp_ext(ssl, p + 2 + ext_len,
+                                      end, &olen)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_use_srtp_ext", ret);
+        return ret;
+    }
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    if ((ret = ssl_write_session_ticket_ext(ssl, p + 2 + ext_len,
+                                            end, &olen)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_session_ticket_ext", ret);
+        return ret;
+    }
+    ext_len += olen;
+#endif
+
+    /* olen unused if all extensions are disabled */
+    ((void) olen);
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, total extension length: %" MBEDTLS_PRINTF_SIZET,
+                              ext_len));
+
+    if (ext_len > 0) {
+        /* No need to check for space here, because the extension
+         * writing functions already took care of that. */
+        MBEDTLS_PUT_UINT16_BE(ext_len, p, 0);
+        p += 2 + ext_len;
+    }
+
+    ssl->out_msglen  = p - buf;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_CLIENT_HELLO;
+
+    ssl->state++;
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        mbedtls_ssl_send_flight_completed(ssl);
+    }
+#endif
+
+    if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret);
+        return ret;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        (ret = mbedtls_ssl_flight_transmit(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_flight_transmit", ret);
+        return ret;
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= write client hello"));
+
+    return 0;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_renegotiation_info(mbedtls_ssl_context *ssl,
+                                        const unsigned char *buf,
+                                        size_t len)
+{
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) {
+        /* Check verify-data in constant-time. The length OTOH is no secret */
+        if (len    != 1 + ssl->verify_data_len * 2 ||
+            buf[0] !=     ssl->verify_data_len * 2 ||
+            mbedtls_ct_memcmp(buf + 1,
+                              ssl->own_verify_data, ssl->verify_data_len) != 0 ||
+            mbedtls_ct_memcmp(buf + 1 + ssl->verify_data_len,
+                              ssl->peer_verify_data, ssl->verify_data_len) != 0) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("non-matching renegotiation info"));
+            mbedtls_ssl_send_alert_message(
+                ssl,
+                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+            return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+        }
+    } else
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+    {
+        if (len != 1 || buf[0] != 0x00) {
+            MBEDTLS_SSL_DEBUG_MSG(1,
+                                  ("non-zero length renegotiation info"));
+            mbedtls_ssl_send_alert_message(
+                ssl,
+                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+            return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+        }
+
+        ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION;
+    }
+
+    return 0;
+}
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_max_fragment_length_ext(mbedtls_ssl_context *ssl,
+                                             const unsigned char *buf,
+                                             size_t len)
+{
+    /*
+     * server should use the extension only if we did,
+     * and if so the server's value should match ours (and len is always 1)
+     */
+    if (ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE ||
+        len != 1 ||
+        buf[0] != ssl->conf->mfl_code) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              ("non-matching max fragment length extension"));
+        mbedtls_ssl_send_alert_message(
+            ssl,
+            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+            MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_truncated_hmac_ext(mbedtls_ssl_context *ssl,
+                                        const unsigned char *buf,
+                                        size_t len)
+{
+    if (ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED ||
+        len != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              ("non-matching truncated HMAC extension"));
+        mbedtls_ssl_send_alert_message(
+            ssl,
+            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+            MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    ((void) buf);
+
+    ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED;
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_cid_ext(mbedtls_ssl_context *ssl,
+                             const unsigned char *buf,
+                             size_t len)
+{
+    size_t peer_cid_len;
+
+    if ( /* CID extension only makes sense in DTLS */
+        ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ||
+        /* The server must only send the CID extension if we have offered it. */
+        ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("CID extension unexpected"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    if (len == 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("CID extension invalid"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    peer_cid_len = *buf++;
+    len--;
+
+    if (peer_cid_len > MBEDTLS_SSL_CID_OUT_LEN_MAX) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("CID extension invalid"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    if (len != peer_cid_len) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("CID extension invalid"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED;
+    ssl->handshake->peer_cid_len = (uint8_t) peer_cid_len;
+    memcpy(ssl->handshake->peer_cid, buf, peer_cid_len);
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("Use of CID extension negotiated"));
+    MBEDTLS_SSL_DEBUG_BUF(3, "Server CID", buf, peer_cid_len);
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_encrypt_then_mac_ext(mbedtls_ssl_context *ssl,
+                                          const unsigned char *buf,
+                                          size_t len)
+{
+    if (ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED ||
+        ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ||
+        len != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              ("non-matching encrypt-then-MAC extension"));
+        mbedtls_ssl_send_alert_message(
+            ssl,
+            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+            MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    ((void) buf);
+
+    ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED;
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_extended_ms_ext(mbedtls_ssl_context *ssl,
+                                     const unsigned char *buf,
+                                     size_t len)
+{
+    if (ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED ||
+        ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ||
+        len != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              ("non-matching extended master secret extension"));
+        mbedtls_ssl_send_alert_message(
+            ssl,
+            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+            MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    ((void) buf);
+
+    ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED;
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_session_ticket_ext(mbedtls_ssl_context *ssl,
+                                        const unsigned char *buf,
+                                        size_t len)
+{
+    if (ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED ||
+        len != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              ("non-matching session ticket extension"));
+        mbedtls_ssl_send_alert_message(
+            ssl,
+            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+            MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    ((void) buf);
+
+    ssl->handshake->new_session_ticket = 1;
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_supported_point_formats_ext(mbedtls_ssl_context *ssl,
+                                                 const unsigned char *buf,
+                                                 size_t len)
+{
+    size_t list_size;
+    const unsigned char *p;
+
+    if (len == 0 || (size_t) (buf[0] + 1) != len) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+    list_size = buf[0];
+
+    p = buf + 1;
+    while (list_size > 0) {
+        if (p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED ||
+            p[0] == MBEDTLS_ECP_PF_COMPRESSED) {
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
+            ssl->handshake->ecdh_ctx.point_format = p[0];
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+            ssl->handshake->ecjpake_ctx.point_format = p[0];
+#endif
+            MBEDTLS_SSL_DEBUG_MSG(4, ("point format selected: %d", p[0]));
+            return 0;
+        }
+
+        list_size--;
+        p++;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(1, ("no point format in common"));
+    mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                   MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+    return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+}
+#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
+          MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_ecjpake_kkpp(mbedtls_ssl_context *ssl,
+                                  const unsigned char *buf,
+                                  size_t len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if (ssl->handshake->ciphersuite_info->key_exchange !=
+        MBEDTLS_KEY_EXCHANGE_ECJPAKE) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("skip ecjpake kkpp extension"));
+        return 0;
+    }
+
+    /* If we got here, we no longer need our cached extension */
+    mbedtls_free(ssl->handshake->ecjpake_cache);
+    ssl->handshake->ecjpake_cache = NULL;
+    ssl->handshake->ecjpake_cache_len = 0;
+
+    if ((ret = mbedtls_ecjpake_read_round_one(&ssl->handshake->ecjpake_ctx,
+                                              buf, len)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_read_round_one", ret);
+        mbedtls_ssl_send_alert_message(
+            ssl,
+            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+            MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+        return ret;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_SSL_ALPN)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_alpn_ext(mbedtls_ssl_context *ssl,
+                              const unsigned char *buf, size_t len)
+{
+    size_t list_len, name_len;
+    const char **p;
+
+    /* If we didn't send it, the server shouldn't send it */
+    if (ssl->conf->alpn_list == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("non-matching ALPN extension"));
+        mbedtls_ssl_send_alert_message(
+            ssl,
+            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+            MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    /*
+     * opaque ProtocolName<1..2^8-1>;
+     *
+     * struct {
+     *     ProtocolName protocol_name_list<2..2^16-1>
+     * } ProtocolNameList;
+     *
+     * the "ProtocolNameList" MUST contain exactly one "ProtocolName"
+     */
+
+    /* Min length is 2 (list_len) + 1 (name_len) + 1 (name) */
+    if (len < 4) {
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    list_len = (buf[0] << 8) | buf[1];
+    if (list_len != len - 2) {
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    name_len = buf[2];
+    if (name_len != list_len - 1) {
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    /* Check that the server chosen protocol was in our list and save it */
+    for (p = ssl->conf->alpn_list; *p != NULL; p++) {
+        if (name_len == strlen(*p) &&
+            memcmp(buf + 3, *p, name_len) == 0) {
+            ssl->alpn_chosen = *p;
+            return 0;
+        }
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(1, ("ALPN extension: no matching protocol"));
+    mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                   MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+    return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+}
+#endif /* MBEDTLS_SSL_ALPN */
+
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_use_srtp_ext(mbedtls_ssl_context *ssl,
+                                  const unsigned char *buf,
+                                  size_t len)
+{
+    mbedtls_ssl_srtp_profile server_protection = MBEDTLS_TLS_SRTP_UNSET;
+    size_t i, mki_len = 0;
+    uint16_t server_protection_profile_value = 0;
+
+    /* If use_srtp is not configured, just ignore the extension */
+    if ((ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) ||
+        (ssl->conf->dtls_srtp_profile_list == NULL) ||
+        (ssl->conf->dtls_srtp_profile_list_len == 0)) {
+        return 0;
+    }
+
+    /* RFC 5764 section 4.1.1
+     * uint8 SRTPProtectionProfile[2];
+     *
+     * struct {
+     *   SRTPProtectionProfiles SRTPProtectionProfiles;
+     *   opaque srtp_mki<0..255>;
+     * } UseSRTPData;
+
+     * SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1>;
+     *
+     */
+    if (ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED) {
+        mki_len = ssl->dtls_srtp_info.mki_len;
+    }
+
+    /*
+     * Length is 5 + optional mki_value : one protection profile length (2 bytes)
+     *                                      + protection profile (2 bytes)
+     *                                      + mki_len(1 byte)
+     *                                      and optional srtp_mki
+     */
+    if ((len < 5) || (len != (buf[4] + 5u))) {
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    /*
+     * get the server protection profile
+     */
+
+    /*
+     * protection profile length must be 0x0002 as we must have only
+     * one protection profile in server Hello
+     */
+    if ((buf[0] != 0) || (buf[1] != 2)) {
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    server_protection_profile_value = (buf[2] << 8) | buf[3];
+    server_protection = mbedtls_ssl_check_srtp_profile_value(
+        server_protection_profile_value);
+    if (server_protection != MBEDTLS_TLS_SRTP_UNSET) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("found srtp profile: %s",
+                                  mbedtls_ssl_get_srtp_profile_as_string(
+                                      server_protection)));
+    }
+
+    ssl->dtls_srtp_info.chosen_dtls_srtp_profile = MBEDTLS_TLS_SRTP_UNSET;
+
+    /*
+     * Check we have the server profile in our list
+     */
+    for (i = 0; i < ssl->conf->dtls_srtp_profile_list_len; i++) {
+        if (server_protection == ssl->conf->dtls_srtp_profile_list[i]) {
+            ssl->dtls_srtp_info.chosen_dtls_srtp_profile = ssl->conf->dtls_srtp_profile_list[i];
+            MBEDTLS_SSL_DEBUG_MSG(3, ("selected srtp profile: %s",
+                                      mbedtls_ssl_get_srtp_profile_as_string(
+                                          server_protection)));
+            break;
+        }
+    }
+
+    /* If no match was found : server problem, it shall never answer with incompatible profile */
+    if (ssl->dtls_srtp_info.chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET) {
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    /* If server does not use mki in its reply, make sure the client won't keep
+     * one as negotiated */
+    if (len == 5) {
+        ssl->dtls_srtp_info.mki_len = 0;
+    }
+
+    /*
+     * RFC5764:
+     *  If the client detects a nonzero-length MKI in the server's response
+     *  that is different than the one the client offered, then the client
+     *  MUST abort the handshake and SHOULD send an invalid_parameter alert.
+     */
+    if (len > 5  && (buf[4] != mki_len ||
+                     (memcmp(ssl->dtls_srtp_info.mki_value, &buf[5], mki_len)))) {
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+#if defined(MBEDTLS_DEBUG_C)
+    if (len > 5) {
+        MBEDTLS_SSL_DEBUG_BUF(3, "received mki", ssl->dtls_srtp_info.mki_value,
+                              ssl->dtls_srtp_info.mki_len);
+    }
+#endif
+    return 0;
+}
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
+/*
+ * Parse HelloVerifyRequest.  Only called after verifying the HS type.
+ */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_hello_verify_request(mbedtls_ssl_context *ssl)
+{
+    const unsigned char *p = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl);
+    int major_ver, minor_ver;
+    unsigned char cookie_len;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse hello verify request"));
+
+    /* Check that there is enough room for:
+     * - 2 bytes of version
+     * - 1 byte of cookie_len
+     */
+    if (mbedtls_ssl_hs_hdr_len(ssl) + 3 > ssl->in_msglen) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              ("incoming HelloVerifyRequest message is too short"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    /*
+     * struct {
+     *   ProtocolVersion server_version;
+     *   opaque cookie<0..2^8-1>;
+     * } HelloVerifyRequest;
+     */
+    MBEDTLS_SSL_DEBUG_BUF(3, "server version", p, 2);
+    mbedtls_ssl_read_version(&major_ver, &minor_ver, ssl->conf->transport, p);
+    p += 2;
+
+    /*
+     * Since the RFC is not clear on this point, accept DTLS 1.0 (TLS 1.1)
+     * even is lower than our min version.
+     */
+    if (major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 ||
+        minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ||
+        major_ver > ssl->conf->max_major_ver  ||
+        minor_ver > ssl->conf->max_minor_ver) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad server version"));
+
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION);
+
+        return MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION;
+    }
+
+    cookie_len = *p++;
+    if ((ssl->in_msg + ssl->in_msglen) - p < cookie_len) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              ("cookie length does not match incoming message size"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+    MBEDTLS_SSL_DEBUG_BUF(3, "cookie", p, cookie_len);
+
+    mbedtls_free(ssl->handshake->verify_cookie);
+
+    ssl->handshake->verify_cookie = mbedtls_calloc(1, cookie_len);
+    if (ssl->handshake->verify_cookie  == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("alloc failed (%d bytes)", cookie_len));
+        return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+    }
+
+    memcpy(ssl->handshake->verify_cookie, p, cookie_len);
+    ssl->handshake->verify_cookie_len = cookie_len;
+
+    /* Start over at ClientHello */
+    ssl->state = MBEDTLS_SSL_CLIENT_HELLO;
+    mbedtls_ssl_reset_checksum(ssl);
+
+    mbedtls_ssl_recv_flight_completed(ssl);
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse hello verify request"));
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+static int is_compression_bad(mbedtls_ssl_context *ssl, unsigned char comp)
+{
+    int bad_comp = 0;
+
+    /* Suppress warnings in some configurations */
+    (void) ssl;
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    /* See comments in ssl_write_client_hello() */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        comp != MBEDTLS_SSL_COMPRESS_NULL) {
+        bad_comp = 1;
+    }
+#endif
+
+    if (comp != MBEDTLS_SSL_COMPRESS_NULL &&
+        comp != MBEDTLS_SSL_COMPRESS_DEFLATE) {
+        bad_comp = 1;
+    }
+#else /* MBEDTLS_ZLIB_SUPPORT */
+    if (comp != MBEDTLS_SSL_COMPRESS_NULL) {
+        bad_comp = 1;
+    }
+#endif /* MBEDTLS_ZLIB_SUPPORT */
+    return bad_comp;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_server_hello(mbedtls_ssl_context *ssl)
+{
+    int ret, i;
+    size_t n;
+    size_t ext_len;
+    unsigned char *buf, *ext;
+    unsigned char comp;
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    int renegotiation_info_seen = 0;
+#endif
+    int handshake_failure = 0;
+    const mbedtls_ssl_ciphersuite_t *suite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse server hello"));
+
+    if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) {
+        /* No alert on a read error. */
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret);
+        return ret;
+    }
+
+    buf = ssl->in_msg;
+
+    if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) {
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+        if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) {
+            ssl->renego_records_seen++;
+
+            if (ssl->conf->renego_max_records >= 0 &&
+                ssl->renego_records_seen > ssl->conf->renego_max_records) {
+                MBEDTLS_SSL_DEBUG_MSG(1,
+                                      ("renegotiation requested, but not honored by server"));
+                return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+            }
+
+            MBEDTLS_SSL_DEBUG_MSG(1,
+                                  ("non-handshake message during renegotiation"));
+
+            ssl->keep_current_message = 1;
+            return MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO;
+        }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message"));
+        mbedtls_ssl_send_alert_message(
+            ssl,
+            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+            MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE);
+        return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        if (buf[0] == MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST) {
+            MBEDTLS_SSL_DEBUG_MSG(2, ("received hello verify request"));
+            MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse server hello"));
+            return ssl_parse_hello_verify_request(ssl);
+        } else {
+            /* We made it through the verification process */
+            mbedtls_free(ssl->handshake->verify_cookie);
+            ssl->handshake->verify_cookie = NULL;
+            ssl->handshake->verify_cookie_len = 0;
+        }
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    if (ssl->in_hslen < 38 + mbedtls_ssl_hs_hdr_len(ssl) ||
+        buf[0] != MBEDTLS_SSL_HS_SERVER_HELLO) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    /*
+     *  0   .  1    server_version
+     *  2   . 33    random (maybe including 4 bytes of Unix time)
+     * 34   . 34    session_id length = n
+     * 35   . 34+n  session_id
+     * 35+n . 36+n  cipher_suite
+     * 37+n . 37+n  compression_method
+     *
+     * 38+n . 39+n  extensions length (optional)
+     * 40+n .  ..   extensions
+     */
+    buf += mbedtls_ssl_hs_hdr_len(ssl);
+
+    MBEDTLS_SSL_DEBUG_BUF(3, "server hello, version", buf + 0, 2);
+    mbedtls_ssl_read_version(&ssl->major_ver, &ssl->minor_ver,
+                             ssl->conf->transport, buf + 0);
+
+    if (ssl->major_ver < ssl->conf->min_major_ver ||
+        ssl->minor_ver < ssl->conf->min_minor_ver ||
+        ssl->major_ver > ssl->conf->max_major_ver ||
+        ssl->minor_ver > ssl->conf->max_minor_ver) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              (
+                                  "server version out of bounds -  min: [%d:%d], server: [%d:%d], max: [%d:%d]",
+                                  ssl->conf->min_major_ver,
+                                  ssl->conf->min_minor_ver,
+                                  ssl->major_ver, ssl->minor_ver,
+                                  ssl->conf->max_major_ver,
+                                  ssl->conf->max_minor_ver));
+
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION);
+
+        return MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, current time: %lu",
+                              ((unsigned long) buf[2] << 24) |
+                              ((unsigned long) buf[3] << 16) |
+                              ((unsigned long) buf[4] <<  8) |
+                              ((unsigned long) buf[5])));
+
+    memcpy(ssl->handshake->randbytes + 32, buf + 2, 32);
+
+    n = buf[34];
+
+    MBEDTLS_SSL_DEBUG_BUF(3,   "server hello, random bytes", buf + 2, 32);
+
+    if (n > 32) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    if (ssl->in_hslen > mbedtls_ssl_hs_hdr_len(ssl) + 39 + n) {
+        ext_len = ((buf[38 + n] <<  8)
+                   | (buf[39 + n]));
+
+        if ((ext_len > 0 && ext_len < 4) ||
+            ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl) + 40 + n + ext_len) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message"));
+            mbedtls_ssl_send_alert_message(
+                ssl,
+                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+            return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+        }
+    } else if (ssl->in_hslen == mbedtls_ssl_hs_hdr_len(ssl) + 38 + n) {
+        ext_len = 0;
+    } else {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    /* ciphersuite (used later) */
+    i = (buf[35 + n] << 8) | buf[36 + n];
+
+    /*
+     * Read and check compression
+     */
+    comp = buf[37 + n];
+
+    if (is_compression_bad(ssl, comp)) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              ("server hello, bad compression: %d", comp));
+        mbedtls_ssl_send_alert_message(
+            ssl,
+            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+            MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+        return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+    }
+
+    /*
+     * Initialize update checksum functions
+     */
+    ssl->handshake->ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(i);
+    if (ssl->handshake->ciphersuite_info == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              ("ciphersuite info for %04x not found", (unsigned int) i));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    mbedtls_ssl_optimize_checksum(ssl, ssl->handshake->ciphersuite_info);
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, session id len.: %" MBEDTLS_PRINTF_SIZET, n));
+    MBEDTLS_SSL_DEBUG_BUF(3,   "server hello, session id", buf + 35, n);
+
+    /*
+     * Check if the session can be resumed
+     */
+    if (ssl->handshake->resume == 0 || n == 0 ||
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+        ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ||
+#endif
+        ssl->session_negotiate->ciphersuite != i ||
+        ssl->session_negotiate->compression != comp ||
+        ssl->session_negotiate->id_len != n ||
+        memcmp(ssl->session_negotiate->id, buf + 35, n) != 0) {
+        ssl->state++;
+        ssl->handshake->resume = 0;
+#if defined(MBEDTLS_HAVE_TIME)
+        ssl->session_negotiate->start = mbedtls_time(NULL);
+#endif
+        ssl->session_negotiate->ciphersuite = i;
+        ssl->session_negotiate->compression = comp;
+        ssl->session_negotiate->id_len = n;
+        memcpy(ssl->session_negotiate->id, buf + 35, n);
+    } else {
+        ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("%s session has been resumed",
+                              ssl->handshake->resume ? "a" : "no"));
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, chosen ciphersuite: %04x", (unsigned) i));
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, compress alg.: %d",
+                              buf[37 + n]));
+
+    /*
+     * Perform cipher suite validation in same way as in ssl_write_client_hello.
+     */
+    i = 0;
+    while (1) {
+        if (ssl->conf->ciphersuite_list[ssl->minor_ver][i] == 0) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message"));
+            mbedtls_ssl_send_alert_message(
+                ssl,
+                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+            return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+        }
+
+        if (ssl->conf->ciphersuite_list[ssl->minor_ver][i++] ==
+            ssl->session_negotiate->ciphersuite) {
+            break;
+        }
+    }
+
+    suite_info = mbedtls_ssl_ciphersuite_from_id(
+        ssl->session_negotiate->ciphersuite);
+    if (ssl_validate_ciphersuite(suite_info, ssl, ssl->minor_ver,
+                                 ssl->minor_ver) != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message"));
+        mbedtls_ssl_send_alert_message(
+            ssl,
+            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+            MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3,
+                          ("server hello, chosen ciphersuite: %s", suite_info->name));
+
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+    if (suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA &&
+        ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) {
+        ssl->handshake->ecrs_enabled = 1;
+    }
+#endif
+
+    if (comp != MBEDTLS_SSL_COMPRESS_NULL
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+        && comp != MBEDTLS_SSL_COMPRESS_DEFLATE
+#endif
+        ) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message"));
+        mbedtls_ssl_send_alert_message(
+            ssl,
+            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+            MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+    ssl->session_negotiate->compression = comp;
+
+    ext = buf + 40 + n;
+
+    MBEDTLS_SSL_DEBUG_MSG(2,
+                          ("server hello, total extension length: %" MBEDTLS_PRINTF_SIZET,
+                           ext_len));
+
+    while (ext_len) {
+        unsigned int ext_id   = ((ext[0] <<  8)
+                                 | (ext[1]));
+        unsigned int ext_size = ((ext[2] <<  8)
+                                 | (ext[3]));
+
+        if (ext_size + 4 > ext_len) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message"));
+            mbedtls_ssl_send_alert_message(
+                ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+            return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+        }
+
+        switch (ext_id) {
+            case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found renegotiation extension"));
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+                renegotiation_info_seen = 1;
+#endif
+
+                if ((ret = ssl_parse_renegotiation_info(ssl, ext + 4,
+                                                        ext_size)) != 0) {
+                    return ret;
+                }
+
+                break;
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+            case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH:
+                MBEDTLS_SSL_DEBUG_MSG(3,
+                                      ("found max_fragment_length extension"));
+
+                if ((ret = ssl_parse_max_fragment_length_ext(ssl,
+                                                             ext + 4, ext_size)) != 0) {
+                    return ret;
+                }
+
+                break;
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+            case MBEDTLS_TLS_EXT_TRUNCATED_HMAC:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found truncated_hmac extension"));
+
+                if ((ret = ssl_parse_truncated_hmac_ext(ssl,
+                                                        ext + 4, ext_size)) != 0) {
+                    return ret;
+                }
+
+                break;
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+            case MBEDTLS_TLS_EXT_CID:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found CID extension"));
+
+                if ((ret = ssl_parse_cid_ext(ssl,
+                                             ext + 4,
+                                             ext_size)) != 0) {
+                    return ret;
+                }
+
+                break;
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+            case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found encrypt_then_mac extension"));
+
+                if ((ret = ssl_parse_encrypt_then_mac_ext(ssl,
+                                                          ext + 4, ext_size)) != 0) {
+                    return ret;
+                }
+
+                break;
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+            case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET:
+                MBEDTLS_SSL_DEBUG_MSG(3,
+                                      ("found extended_master_secret extension"));
+
+                if ((ret = ssl_parse_extended_ms_ext(ssl,
+                                                     ext + 4, ext_size)) != 0) {
+                    return ret;
+                }
+
+                break;
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+            case MBEDTLS_TLS_EXT_SESSION_TICKET:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found session_ticket extension"));
+
+                if ((ret = ssl_parse_session_ticket_ext(ssl,
+                                                        ext + 4, ext_size)) != 0) {
+                    return ret;
+                }
+
+                break;
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+                defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+            case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS:
+                MBEDTLS_SSL_DEBUG_MSG(3,
+                                      ("found supported_point_formats extension"));
+
+                if ((ret = ssl_parse_supported_point_formats_ext(ssl,
+                                                                 ext + 4, ext_size)) != 0) {
+                    return ret;
+                }
+
+                break;
+#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
+          MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+            case MBEDTLS_TLS_EXT_ECJPAKE_KKPP:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found ecjpake_kkpp extension"));
+
+                if ((ret = ssl_parse_ecjpake_kkpp(ssl,
+                                                  ext + 4, ext_size)) != 0) {
+                    return ret;
+                }
+
+                break;
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_SSL_ALPN)
+            case MBEDTLS_TLS_EXT_ALPN:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found alpn extension"));
+
+                if ((ret = ssl_parse_alpn_ext(ssl, ext + 4, ext_size)) != 0) {
+                    return ret;
+                }
+
+                break;
+#endif /* MBEDTLS_SSL_ALPN */
+
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+            case MBEDTLS_TLS_EXT_USE_SRTP:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found use_srtp extension"));
+
+                if ((ret = ssl_parse_use_srtp_ext(ssl, ext + 4, ext_size)) != 0) {
+                    return ret;
+                }
+
+                break;
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
+            default:
+                MBEDTLS_SSL_DEBUG_MSG(3,
+                                      ("unknown extension found: %u (ignoring)", ext_id));
+        }
+
+        ext_len -= 4 + ext_size;
+        ext += 4 + ext_size;
+
+        if (ext_len > 0 && ext_len < 4) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message"));
+            return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+        }
+    }
+
+    /*
+     * mbedtls_ssl_derive_keys() has to be called after the parsing of the
+     * extensions. It sets the transform data for the resumed session which in
+     * case of DTLS includes the server CID extracted from the CID extension.
+     */
+    if (ssl->handshake->resume) {
+        if ((ret = mbedtls_ssl_derive_keys(ssl)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_derive_keys", ret);
+            mbedtls_ssl_send_alert_message(
+                ssl,
+                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR);
+            return ret;
+        }
+    }
+
+    /*
+     * Renegotiation security checks
+     */
+    if (ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
+        ssl->conf->allow_legacy_renegotiation ==
+        MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              ("legacy renegotiation, breaking off handshake"));
+        handshake_failure = 1;
+    }
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
+             ssl->secure_renegotiation == MBEDTLS_SSL_SECURE_RENEGOTIATION &&
+             renegotiation_info_seen == 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              ("renegotiation_info extension missing (secure)"));
+        handshake_failure = 1;
+    } else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
+               ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
+               ssl->conf->allow_legacy_renegotiation ==
+               MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("legacy renegotiation not allowed"));
+        handshake_failure = 1;
+    } else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
+               ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
+               renegotiation_info_seen == 1) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              ("renegotiation_info extension present (legacy)"));
+        handshake_failure = 1;
+    }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+    if (handshake_failure == 1) {
+        mbedtls_ssl_send_alert_message(
+            ssl,
+            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+            MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse server hello"));
+
+    return 0;
+}
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) ||                       \
+    defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_server_dh_params(mbedtls_ssl_context *ssl,
+                                      unsigned char **p,
+                                      unsigned char *end)
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+    size_t dhm_actual_bitlen;
+
+    /*
+     * Ephemeral DH parameters:
+     *
+     * struct {
+     *     opaque dh_p<1..2^16-1>;
+     *     opaque dh_g<1..2^16-1>;
+     *     opaque dh_Ys<1..2^16-1>;
+     * } ServerDHParams;
+     */
+    if ((ret = mbedtls_dhm_read_params(&ssl->handshake->dhm_ctx,
+                                       p, end)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(2, ("mbedtls_dhm_read_params"), ret);
+        return ret;
+    }
+
+    dhm_actual_bitlen = mbedtls_mpi_bitlen(&ssl->handshake->dhm_ctx.P);
+    if (dhm_actual_bitlen < ssl->conf->dhm_min_bitlen) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("DHM prime too short: %" MBEDTLS_PRINTF_SIZET " < %u",
+                                  dhm_actual_bitlen,
+                                  ssl->conf->dhm_min_bitlen));
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+    }
+
+    MBEDTLS_SSL_DEBUG_MPI(3, "DHM: P ", &ssl->handshake->dhm_ctx.P);
+    MBEDTLS_SSL_DEBUG_MPI(3, "DHM: G ", &ssl->handshake->dhm_ctx.G);
+    MBEDTLS_SSL_DEBUG_MPI(3, "DHM: GY", &ssl->handshake->dhm_ctx.GY);
+
+    return ret;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||                     \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ||                   \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) ||                     \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) ||                      \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_check_server_ecdh_params(const mbedtls_ssl_context *ssl)
+{
+    const mbedtls_ecp_curve_info *curve_info;
+    mbedtls_ecp_group_id grp_id;
+#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
+    grp_id = ssl->handshake->ecdh_ctx.grp.id;
+#else
+    grp_id = ssl->handshake->ecdh_ctx.grp_id;
+#endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */
+
+    curve_info = mbedtls_ecp_curve_info_from_grp_id(grp_id);
+    if (curve_info == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("ECDH curve: %s", curve_info->name));
+
+#if defined(MBEDTLS_ECP_C)
+    if (mbedtls_ssl_check_curve(ssl, grp_id) != 0) {
+        return -1;
+    }
+#else
+    if (ssl->handshake->ecdh_ctx.grp.nbits < 163 ||
+        ssl->handshake->ecdh_ctx.grp.nbits > 521) {
+        return -1;
+    }
+#endif /* MBEDTLS_ECP_C */
+
+    MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx,
+                           MBEDTLS_DEBUG_ECDH_QP);
+
+    return 0;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO) &&                           \
+    (defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||     \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED))
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_server_ecdh_params_psa(mbedtls_ssl_context *ssl,
+                                            unsigned char **p,
+                                            unsigned char *end)
+{
+    uint16_t tls_id;
+    size_t ecdh_bits = 0;
+    uint8_t ecpoint_len;
+    mbedtls_ssl_handshake_params *handshake = ssl->handshake;
+
+    /*
+     * Parse ECC group
+     */
+
+    if (end - *p < 4) {
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+    }
+
+    /* First byte is curve_type; only named_curve is handled */
+    if (*(*p)++ != MBEDTLS_ECP_TLS_NAMED_CURVE) {
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+    }
+
+    /* Next two bytes are the namedcurve value */
+    tls_id = *(*p)++;
+    tls_id <<= 8;
+    tls_id |= *(*p)++;
+
+    /* Check it's a curve we offered */
+    if (mbedtls_ssl_check_curve_tls_id(ssl, tls_id) != 0) {
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+    }
+
+    /* Convert EC group to PSA key type. */
+    if ((handshake->ecdh_psa_type =
+             mbedtls_psa_parse_tls_ecc_group(tls_id, &ecdh_bits)) == 0) {
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+    }
+    if (ecdh_bits > 0xffff) {
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+    }
+    handshake->ecdh_bits = (uint16_t) ecdh_bits;
+
+    /*
+     * Put peer's ECDH public key in the format understood by PSA.
+     */
+
+    ecpoint_len = *(*p)++;
+    if ((size_t) (end - *p) < ecpoint_len) {
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+    }
+
+    if (mbedtls_psa_tls_ecpoint_to_psa_ec(
+            *p, ecpoint_len,
+            handshake->ecdh_psa_peerkey,
+            sizeof(handshake->ecdh_psa_peerkey),
+            &handshake->ecdh_psa_peerkey_len) != 0) {
+        return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+    }
+
+    *p += ecpoint_len;
+    return 0;
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO &&
+            ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
+              MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||                     \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ||                   \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_server_ecdh_params(mbedtls_ssl_context *ssl,
+                                        unsigned char **p,
+                                        unsigned char *end)
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+
+    /*
+     * Ephemeral ECDH parameters:
+     *
+     * struct {
+     *     ECParameters curve_params;
+     *     ECPoint      public;
+     * } ServerECDHParams;
+     */
+    if ((ret = mbedtls_ecdh_read_params(&ssl->handshake->ecdh_ctx,
+                                        (const unsigned char **) p, end)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ecdh_read_params"), ret);
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+        if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) {
+            ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS;
+        }
+#endif
+        return ret;
+    }
+
+    if (ssl_check_server_ecdh_params(ssl) != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              ("bad server key exchange message (ECDHE curve)"));
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+    }
+
+    return ret;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_server_psk_hint(mbedtls_ssl_context *ssl,
+                                     unsigned char **p,
+                                     unsigned char *end)
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+    uint16_t  len;
+    ((void) ssl);
+
+    /*
+     * PSK parameters:
+     *
+     * opaque psk_identity_hint<0..2^16-1>;
+     */
+    if (end - (*p) < 2) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              ("bad server key exchange message (psk_identity_hint length)"));
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+    }
+    len = (*p)[0] << 8 | (*p)[1];
+    *p += 2;
+
+    if (end - (*p) < len) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              ("bad server key exchange message (psk_identity_hint length)"));
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+    }
+
+    /*
+     * Note: we currently ignore the PSK identity hint, as we only allow one
+     * PSK to be provisioned on the client. This could be changed later if
+     * someone needs that feature.
+     */
+    *p += len;
+    ret = 0;
+
+    return ret;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) ||                           \
+    defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+/*
+ * Generate a pre-master secret and encrypt it with the server's RSA key
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_encrypted_pms(mbedtls_ssl_context *ssl,
+                                   size_t offset, size_t *olen,
+                                   size_t pms_offset)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len_bytes = ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ? 0 : 2;
+    unsigned char *p = ssl->handshake->premaster + pms_offset;
+    mbedtls_pk_context *peer_pk;
+
+    if (offset + len_bytes > MBEDTLS_SSL_OUT_CONTENT_LEN) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("buffer too small for encrypted pms"));
+        return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
+    }
+
+    /*
+     * Generate (part of) the pre-master as
+     *  struct {
+     *      ProtocolVersion client_version;
+     *      opaque random[46];
+     *  } PreMasterSecret;
+     */
+    mbedtls_ssl_write_version(ssl->conf->max_major_ver,
+                              ssl->conf->max_minor_ver,
+                              ssl->conf->transport, p);
+
+    if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p + 2, 46)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "f_rng", ret);
+        return ret;
+    }
+
+    ssl->handshake->pmslen = 48;
+
+#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    peer_pk = &ssl->handshake->peer_pubkey;
+#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+    if (ssl->session_negotiate->peer_cert == NULL) {
+        /* Should never happen */
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+    peer_pk = &ssl->session_negotiate->peer_cert->pk;
+#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+    /*
+     * Now write it out, encrypted
+     */
+    if (!mbedtls_pk_can_do(peer_pk, MBEDTLS_PK_RSA)) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("certificate key type mismatch"));
+        return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH;
+    }
+
+    if ((ret = mbedtls_pk_encrypt(peer_pk,
+                                  p, ssl->handshake->pmslen,
+                                  ssl->out_msg + offset + len_bytes, olen,
+                                  MBEDTLS_SSL_OUT_CONTENT_LEN - offset - len_bytes,
+                                  ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_rsa_pkcs1_encrypt", ret);
+        return ret;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if (len_bytes == 2) {
+        MBEDTLS_PUT_UINT16_BE(*olen, ssl->out_msg, offset);
+        *olen += 2;
+    }
+#endif
+
+#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    /* We don't need the peer's public key anymore. Free it. */
+    mbedtls_pk_free(peer_pk);
+#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+    return 0;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) ||                       \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||                     \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_signature_algorithm(mbedtls_ssl_context *ssl,
+                                         unsigned char **p,
+                                         unsigned char *end,
+                                         mbedtls_md_type_t *md_alg,
+                                         mbedtls_pk_type_t *pk_alg)
+{
+    ((void) ssl);
+    *md_alg = MBEDTLS_MD_NONE;
+    *pk_alg = MBEDTLS_PK_NONE;
+
+    /* Only in TLS 1.2 */
+    if (ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3) {
+        return 0;
+    }
+
+    if ((*p) + 2 > end) {
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+    }
+
+    /*
+     * Get hash algorithm
+     */
+    if ((*md_alg = mbedtls_ssl_md_alg_from_hash((*p)[0]))
+        == MBEDTLS_MD_NONE) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              ("Server used unsupported HashAlgorithm %d", *(p)[0]));
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+    }
+
+    /*
+     * Get signature algorithm
+     */
+    if ((*pk_alg = mbedtls_ssl_pk_alg_from_sig((*p)[1]))
+        == MBEDTLS_PK_NONE) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              ("server used unsupported SignatureAlgorithm %d", (*p)[1]));
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+    }
+
+    /*
+     * Check if the hash is acceptable
+     */
+    if (mbedtls_ssl_check_sig_hash(ssl, *md_alg) != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              ("server used HashAlgorithm %d that was not offered", *(p)[0]));
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("Server used SignatureAlgorithm %d",
+                              (*p)[1]));
+    MBEDTLS_SSL_DEBUG_MSG(2, ("Server used HashAlgorithm %d",
+                              (*p)[0]));
+    *p += 2;
+
+    return 0;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const mbedtls_ecp_keypair *peer_key;
+    mbedtls_pk_context *peer_pk;
+
+#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    peer_pk = &ssl->handshake->peer_pubkey;
+#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+    if (ssl->session_negotiate->peer_cert == NULL) {
+        /* Should never happen */
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+    peer_pk = &ssl->session_negotiate->peer_cert->pk;
+#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+    /* This is a public key, so it can't be opaque, so can_do() is a good
+     * enough check to ensure pk_ec() is safe to use below. */
+    if (!mbedtls_pk_can_do(peer_pk, MBEDTLS_PK_ECKEY)) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("server key not ECDH capable"));
+        return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH;
+    }
+
+    peer_key = mbedtls_pk_ec(*peer_pk);
+
+    if ((ret = mbedtls_ecdh_get_params(&ssl->handshake->ecdh_ctx, peer_key,
+                                       MBEDTLS_ECDH_THEIRS)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ecdh_get_params"), ret);
+        return ret;
+    }
+
+    if (ssl_check_server_ecdh_params(ssl) != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad server certificate (ECDH curve)"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE;
+    }
+
+#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    /* We don't need the peer's public key anymore. Free it,
+     * so that more RAM is available for upcoming expensive
+     * operations like ECDHE. */
+    mbedtls_pk_free(peer_pk);
+#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+    return ret;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) ||
+          MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_server_key_exchange(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->handshake->ciphersuite_info;
+    unsigned char *p = NULL, *end = NULL;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse server key exchange"));
+
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse server key exchange"));
+        ssl->state++;
+        return 0;
+    }
+    ((void) p);
+    ((void) end);
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA) {
+        if ((ret = ssl_get_ecdh_params_from_cert(ssl)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "ssl_get_ecdh_params_from_cert", ret);
+            mbedtls_ssl_send_alert_message(
+                ssl,
+                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+            return ret;
+        }
+
+        MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse server key exchange"));
+        ssl->state++;
+        return 0;
+    }
+    ((void) p);
+    ((void) end);
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
+
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+    if (ssl->handshake->ecrs_enabled &&
+        ssl->handshake->ecrs_state == ssl_ecrs_ske_start_processing) {
+        goto start_processing;
+    }
+#endif
+
+    if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret);
+        return ret;
+    }
+
+    if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message"));
+        mbedtls_ssl_send_alert_message(
+            ssl,
+            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+            MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE);
+        return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+    }
+
+    /*
+     * ServerKeyExchange may be skipped with PSK and RSA-PSK when the server
+     * doesn't use a psk_identity_hint
+     */
+    if (ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE) {
+        if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
+            ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) {
+            /* Current message is probably either
+             * CertificateRequest or ServerHelloDone */
+            ssl->keep_current_message = 1;
+            goto exit;
+        }
+
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              ("server key exchange message must not be skipped"));
+        mbedtls_ssl_send_alert_message(
+            ssl,
+            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+            MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE);
+
+        return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+    }
+
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+    if (ssl->handshake->ecrs_enabled) {
+        ssl->handshake->ecrs_state = ssl_ecrs_ske_start_processing;
+    }
+
+start_processing:
+#endif
+    p   = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl);
+    end = ssl->in_msg + ssl->in_hslen;
+    MBEDTLS_SSL_DEBUG_BUF(3,   "server key exchange", p, end - p);
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) {
+        if (ssl_parse_server_psk_hint(ssl, &p, end) != 0) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message"));
+            mbedtls_ssl_send_alert_message(
+                ssl,
+                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+            return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+        }
+    } /* FALLTHROUGH */
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) ||                       \
+    defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) {
+        ; /* nothing more to do */
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) ||                       \
+    defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK) {
+        if (ssl_parse_server_dh_params(ssl, &p, end) != 0) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message"));
+            mbedtls_ssl_send_alert_message(
+                ssl,
+                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+            return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+        }
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+#if defined(MBEDTLS_USE_PSA_CRYPTO) &&                           \
+    (defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||     \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED))
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA) {
+        if (ssl_parse_server_ecdh_params_psa(ssl, &p, end) != 0) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message"));
+            mbedtls_ssl_send_alert_message(
+                ssl,
+                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+            return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+        }
+    } else
+#endif /* MBEDTLS_USE_PSA_CRYPTO &&
+            ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
+              MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||                     \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) ||                     \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA) {
+        if (ssl_parse_server_ecdh_params(ssl, &p, end) != 0) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message"));
+            mbedtls_ssl_send_alert_message(
+                ssl,
+                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+            return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+        }
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) {
+        ret = mbedtls_ecjpake_read_round_two(&ssl->handshake->ecjpake_ctx,
+                                             p, end - p);
+        if (ret != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_read_round_two", ret);
+            mbedtls_ssl_send_alert_message(
+                ssl,
+                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+            return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+        }
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+    {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
+    if (mbedtls_ssl_ciphersuite_uses_server_signature(ciphersuite_info)) {
+        size_t sig_len, hashlen;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        unsigned char hash[PSA_HASH_MAX_SIZE];
+#else
+        unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+#endif
+        mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
+        mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE;
+        unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl);
+        size_t params_len = p - params;
+        void *rs_ctx = NULL;
+
+        mbedtls_pk_context *peer_pk;
+
+        /*
+         * Handle the digitally-signed structure
+         */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) {
+            if (ssl_parse_signature_algorithm(ssl, &p, end,
+                                              &md_alg, &pk_alg) != 0) {
+                MBEDTLS_SSL_DEBUG_MSG(1,
+                                      ("bad server key exchange message"));
+                mbedtls_ssl_send_alert_message(
+                    ssl,
+                    MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                    MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+                return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+            }
+
+            if (pk_alg !=
+                mbedtls_ssl_get_ciphersuite_sig_pk_alg(ciphersuite_info)) {
+                MBEDTLS_SSL_DEBUG_MSG(1,
+                                      ("bad server key exchange message"));
+                mbedtls_ssl_send_alert_message(
+                    ssl,
+                    MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                    MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+                return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+            }
+        } else
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+        defined(MBEDTLS_SSL_PROTO_TLS1_1)
+        if (ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3) {
+            pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg(ciphersuite_info);
+
+            /* Default hash for ECDSA is SHA-1 */
+            if (pk_alg == MBEDTLS_PK_ECDSA && md_alg == MBEDTLS_MD_NONE) {
+                md_alg = MBEDTLS_MD_SHA1;
+            }
+        } else
+#endif
+        {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        }
+
+        /*
+         * Read signature
+         */
+
+        if (p > end - 2) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message"));
+            mbedtls_ssl_send_alert_message(
+                ssl,
+                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+            return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+        }
+        sig_len = (p[0] << 8) | p[1];
+        p += 2;
+
+        if (p != end - sig_len) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message"));
+            mbedtls_ssl_send_alert_message(
+                ssl,
+                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+            return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+        }
+
+        MBEDTLS_SSL_DEBUG_BUF(3, "signature", p, sig_len);
+
+        /*
+         * Compute the hash that has been signed
+         */
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+        defined(MBEDTLS_SSL_PROTO_TLS1_1)
+        if (md_alg == MBEDTLS_MD_NONE) {
+            hashlen = 36;
+            ret = mbedtls_ssl_get_key_exchange_md_ssl_tls(ssl, hash, params,
+                                                          params_len);
+            if (ret != 0) {
+                return ret;
+            }
+        } else
+#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
+          MBEDTLS_SSL_PROTO_TLS1_1 */
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+        defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        if (md_alg != MBEDTLS_MD_NONE) {
+            ret = mbedtls_ssl_get_key_exchange_md_tls1_2(ssl, hash, &hashlen,
+                                                         params, params_len,
+                                                         md_alg);
+            if (ret != 0) {
+                return ret;
+            }
+        } else
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
+          MBEDTLS_SSL_PROTO_TLS1_2 */
+        {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        }
+
+        MBEDTLS_SSL_DEBUG_BUF(3, "parameters hash", hash, hashlen);
+
+#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+        peer_pk = &ssl->handshake->peer_pubkey;
+#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+        if (ssl->session_negotiate->peer_cert == NULL) {
+            /* Should never happen */
+            MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        }
+        peer_pk = &ssl->session_negotiate->peer_cert->pk;
+#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+        /*
+         * Verify signature
+         */
+        if (!mbedtls_pk_can_do(peer_pk, pk_alg)) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message"));
+            mbedtls_ssl_send_alert_message(
+                ssl,
+                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+            return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH;
+        }
+
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+        if (ssl->handshake->ecrs_enabled) {
+            rs_ctx = &ssl->handshake->ecrs_ctx.pk;
+        }
+#endif /* MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED */
+
+        if ((ret = mbedtls_pk_verify_restartable(peer_pk,
+                                                 md_alg, hash, hashlen, p, sig_len, rs_ctx)) != 0) {
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+            if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) {
+                MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_verify", ret);
+                return MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS;
+            }
+#endif /* MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED */
+            mbedtls_ssl_send_alert_message(
+                ssl,
+                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR);
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_verify", ret);
+            return ret;
+        }
+
+#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+        /* We don't need the peer's public key anymore. Free it,
+         * so that more RAM is available for upcoming expensive
+         * operations like ECDHE. */
+        mbedtls_pk_free(peer_pk);
+#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */
+
+exit:
+    ssl->state++;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse server key exchange"));
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_certificate_request(mbedtls_ssl_context *ssl)
+{
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->handshake->ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate request"));
+
+    if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate request"));
+        ssl->state++;
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+    return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+}
+#else /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_certificate_request(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *buf;
+    size_t n = 0;
+    size_t cert_type_len = 0, dn_len = 0;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->handshake->ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate request"));
+
+    if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate request"));
+        ssl->state++;
+        return 0;
+    }
+
+    if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret);
+        return ret;
+    }
+
+    if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate request message"));
+        mbedtls_ssl_send_alert_message(
+            ssl,
+            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+            MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE);
+        return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+    }
+
+    ssl->state++;
+    ssl->client_auth = (ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST);
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("got %s certificate request",
+                              ssl->client_auth ? "a" : "no"));
+
+    if (ssl->client_auth == 0) {
+        /* Current message is probably the ServerHelloDone */
+        ssl->keep_current_message = 1;
+        goto exit;
+    }
+
+    /*
+     *  struct {
+     *      ClientCertificateType certificate_types<1..2^8-1>;
+     *      SignatureAndHashAlgorithm
+     *        supported_signature_algorithms<2^16-1>; -- TLS 1.2 only
+     *      DistinguishedName certificate_authorities<0..2^16-1>;
+     *  } CertificateRequest;
+     *
+     *  Since we only support a single certificate on clients, let's just
+     *  ignore all the information that's supposed to help us pick a
+     *  certificate.
+     *
+     *  We could check that our certificate matches the request, and bail out
+     *  if it doesn't, but it's simpler to just send the certificate anyway,
+     *  and give the server the opportunity to decide if it should terminate
+     *  the connection when it doesn't like our certificate.
+     *
+     *  Same goes for the hash in TLS 1.2's signature_algorithms: at this
+     *  point we only have one hash available (see comments in
+     *  write_certificate_verify), so let's just use what we have.
+     *
+     *  However, we still minimally parse the message to check it is at least
+     *  superficially sane.
+     */
+    buf = ssl->in_msg;
+
+    /* certificate_types */
+    if (ssl->in_hslen <= mbedtls_ssl_hs_hdr_len(ssl)) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate request message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST;
+    }
+    cert_type_len = buf[mbedtls_ssl_hs_hdr_len(ssl)];
+    n = cert_type_len;
+
+    /*
+     * In the subsequent code there are two paths that read from buf:
+     *     * the length of the signature algorithms field (if minor version of
+     *       SSL is 3),
+     *     * distinguished name length otherwise.
+     * Both reach at most the index:
+     *    ...hdr_len + 2 + n,
+     * therefore the buffer length at this point must be greater than that
+     * regardless of the actual code path.
+     */
+    if (ssl->in_hslen <= mbedtls_ssl_hs_hdr_len(ssl) + 2 + n) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate request message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST;
+    }
+
+    /* supported_signature_algorithms */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) {
+        size_t sig_alg_len =
+            ((buf[mbedtls_ssl_hs_hdr_len(ssl) + 1 + n] <<  8)
+             | (buf[mbedtls_ssl_hs_hdr_len(ssl) + 2 + n]));
+#if defined(MBEDTLS_DEBUG_C)
+        unsigned char *sig_alg;
+        size_t i;
+#endif
+
+        /*
+         * The furthest access in buf is in the loop few lines below:
+         *     sig_alg[i + 1],
+         * where:
+         *     sig_alg = buf + ...hdr_len + 3 + n,
+         *     max(i) = sig_alg_len - 1.
+         * Therefore the furthest access is:
+         *     buf[...hdr_len + 3 + n + sig_alg_len - 1 + 1],
+         * which reduces to:
+         *     buf[...hdr_len + 3 + n + sig_alg_len],
+         * which is one less than we need the buf to be.
+         */
+        if (ssl->in_hslen <= mbedtls_ssl_hs_hdr_len(ssl)
+            + 3 + n + sig_alg_len) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate request message"));
+            mbedtls_ssl_send_alert_message(
+                ssl,
+                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+            return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST;
+        }
+
+#if defined(MBEDTLS_DEBUG_C)
+        sig_alg = buf + mbedtls_ssl_hs_hdr_len(ssl) + 3 + n;
+        for (i = 0; i < sig_alg_len; i += 2) {
+            MBEDTLS_SSL_DEBUG_MSG(3,
+                                  ("Supported Signature Algorithm found: %d,%d",
+                                   sig_alg[i], sig_alg[i + 1]));
+        }
+#endif
+
+        n += 2 + sig_alg_len;
+    }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+    /* certificate_authorities */
+    dn_len = ((buf[mbedtls_ssl_hs_hdr_len(ssl) + 1 + n] <<  8)
+              | (buf[mbedtls_ssl_hs_hdr_len(ssl) + 2 + n]));
+
+    n += dn_len;
+    if (ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl) + 3 + n) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate request message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST;
+    }
+
+exit:
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse certificate request"));
+
+    return 0;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_server_hello_done(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse server hello done"));
+
+    if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret);
+        return ret;
+    }
+
+    if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello done message"));
+        return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+    }
+
+    if (ssl->in_hslen  != mbedtls_ssl_hs_hdr_len(ssl) ||
+        ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_HELLO_DONE) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello done message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE;
+    }
+
+    ssl->state++;
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        mbedtls_ssl_recv_flight_completed(ssl);
+    }
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse server hello done"));
+
+    return 0;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_client_key_exchange(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    size_t header_len;
+    size_t content_len;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->handshake->ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write client key exchange"));
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA) {
+        /*
+         * DHM key exchange -- send G^X mod P
+         */
+        content_len = ssl->handshake->dhm_ctx.len;
+
+        MBEDTLS_PUT_UINT16_BE(content_len, ssl->out_msg, 4);
+        header_len = 6;
+
+        ret = mbedtls_dhm_make_public(&ssl->handshake->dhm_ctx,
+                                      (int) mbedtls_mpi_size(&ssl->handshake->dhm_ctx.P),
+                                      &ssl->out_msg[header_len], content_len,
+                                      ssl->conf->f_rng, ssl->conf->p_rng);
+        if (ret != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_make_public", ret);
+            return ret;
+        }
+
+        MBEDTLS_SSL_DEBUG_MPI(3, "DHM: X ", &ssl->handshake->dhm_ctx.X);
+        MBEDTLS_SSL_DEBUG_MPI(3, "DHM: GX", &ssl->handshake->dhm_ctx.GX);
+
+        if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx,
+                                           ssl->handshake->premaster,
+                                           MBEDTLS_PREMASTER_SIZE,
+                                           &ssl->handshake->pmslen,
+                                           ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_calc_secret", ret);
+            return ret;
+        }
+
+        MBEDTLS_SSL_DEBUG_MPI(3, "DHM: K ", &ssl->handshake->dhm_ctx.K);
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
+#if defined(MBEDTLS_USE_PSA_CRYPTO) &&                           \
+    (defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||     \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED))
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA) {
+        psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+        psa_status_t destruction_status = PSA_ERROR_CORRUPTION_DETECTED;
+        psa_key_attributes_t key_attributes;
+
+        mbedtls_ssl_handshake_params *handshake = ssl->handshake;
+
+        unsigned char own_pubkey[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH];
+        size_t own_pubkey_len;
+        unsigned char *own_pubkey_ecpoint;
+        size_t own_pubkey_ecpoint_len;
+
+        header_len = 4;
+
+        MBEDTLS_SSL_DEBUG_MSG(1, ("Perform PSA-based ECDH computation."));
+
+        /*
+         * Generate EC private key for ECDHE exchange.
+         */
+
+        /* The master secret is obtained from the shared ECDH secret by
+         * applying the TLS 1.2 PRF with a specific salt and label. While
+         * the PSA Crypto API encourages combining key agreement schemes
+         * such as ECDH with fixed KDFs such as TLS 1.2 PRF, it does not
+         * yet support the provisioning of salt + label to the KDF.
+         * For the time being, we therefore need to split the computation
+         * of the ECDH secret and the application of the TLS 1.2 PRF. */
+        key_attributes = psa_key_attributes_init();
+        psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE);
+        psa_set_key_algorithm(&key_attributes, PSA_ALG_ECDH);
+        psa_set_key_type(&key_attributes, handshake->ecdh_psa_type);
+        psa_set_key_bits(&key_attributes, handshake->ecdh_bits);
+
+        /* Generate ECDH private key. */
+        status = psa_generate_key(&key_attributes,
+                                  &handshake->ecdh_psa_privkey);
+        if (status != PSA_SUCCESS) {
+            return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        }
+
+        /* Export the public part of the ECDH private key from PSA
+         * and convert it to ECPoint format used in ClientKeyExchange. */
+        status = psa_export_public_key(handshake->ecdh_psa_privkey,
+                                       own_pubkey, sizeof(own_pubkey),
+                                       &own_pubkey_len);
+        if (status != PSA_SUCCESS) {
+            psa_destroy_key(handshake->ecdh_psa_privkey);
+            handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
+            return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        }
+
+        if (mbedtls_psa_tls_psa_ec_to_ecpoint(own_pubkey,
+                                              own_pubkey_len,
+                                              &own_pubkey_ecpoint,
+                                              &own_pubkey_ecpoint_len) != 0) {
+            psa_destroy_key(handshake->ecdh_psa_privkey);
+            handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
+            return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        }
+
+        /* Copy ECPoint structure to outgoing message buffer. */
+        ssl->out_msg[header_len] = (unsigned char) own_pubkey_ecpoint_len;
+        memcpy(ssl->out_msg + header_len + 1,
+               own_pubkey_ecpoint, own_pubkey_ecpoint_len);
+        content_len = own_pubkey_ecpoint_len + 1;
+
+        /* The ECDH secret is the premaster secret used for key derivation. */
+
+        /* Compute ECDH shared secret. */
+        status = psa_raw_key_agreement(PSA_ALG_ECDH,
+                                       handshake->ecdh_psa_privkey,
+                                       handshake->ecdh_psa_peerkey,
+                                       handshake->ecdh_psa_peerkey_len,
+                                       ssl->handshake->premaster,
+                                       sizeof(ssl->handshake->premaster),
+                                       &ssl->handshake->pmslen);
+
+        destruction_status = psa_destroy_key(handshake->ecdh_psa_privkey);
+        handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
+
+        if (status != PSA_SUCCESS || destruction_status != PSA_SUCCESS) {
+            return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        }
+    } else
+#endif /* MBEDTLS_USE_PSA_CRYPTO &&
+            ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
+              MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||                     \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ||                   \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) ||                      \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA) {
+        /*
+         * ECDH key exchange -- send client public value
+         */
+        header_len = 4;
+
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+        if (ssl->handshake->ecrs_enabled) {
+            if (ssl->handshake->ecrs_state == ssl_ecrs_cke_ecdh_calc_secret) {
+                goto ecdh_calc_secret;
+            }
+
+            mbedtls_ecdh_enable_restart(&ssl->handshake->ecdh_ctx);
+        }
+#endif
+
+        ret = mbedtls_ecdh_make_public(&ssl->handshake->ecdh_ctx,
+                                       &content_len,
+                                       &ssl->out_msg[header_len], 1000,
+                                       ssl->conf->f_rng, ssl->conf->p_rng);
+        if (ret != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_make_public", ret);
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+            if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) {
+                ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS;
+            }
+#endif
+            return ret;
+        }
+
+        MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx,
+                               MBEDTLS_DEBUG_ECDH_Q);
+
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+        if (ssl->handshake->ecrs_enabled) {
+            ssl->handshake->ecrs_n = content_len;
+            ssl->handshake->ecrs_state = ssl_ecrs_cke_ecdh_calc_secret;
+        }
+
+ecdh_calc_secret:
+        if (ssl->handshake->ecrs_enabled) {
+            content_len = ssl->handshake->ecrs_n;
+        }
+#endif
+        if ((ret = mbedtls_ecdh_calc_secret(&ssl->handshake->ecdh_ctx,
+                                            &ssl->handshake->pmslen,
+                                            ssl->handshake->premaster,
+                                            MBEDTLS_MPI_MAX_SIZE,
+                                            ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_calc_secret", ret);
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+            if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) {
+                ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS;
+            }
+#endif
+            return ret;
+        }
+
+        MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx,
+                               MBEDTLS_DEBUG_ECDH_Z);
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+    if (mbedtls_ssl_ciphersuite_uses_psk(ciphersuite_info)) {
+        /*
+         * opaque psk_identity<0..2^16-1>;
+         */
+        if (ssl_conf_has_static_psk(ssl->conf) == 0) {
+            /* We don't offer PSK suites if we don't have a PSK,
+             * and we check that the server's choice is among the
+             * ciphersuites we offered, so this should never happen. */
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        }
+
+        header_len = 4;
+        content_len = ssl->conf->psk_identity_len;
+
+        if (header_len + 2 + content_len > MBEDTLS_SSL_OUT_CONTENT_LEN) {
+            MBEDTLS_SSL_DEBUG_MSG(1,
+                                  ("psk identity too long or SSL buffer too short"));
+            return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
+        }
+
+        ssl->out_msg[header_len++] = MBEDTLS_BYTE_1(content_len);
+        ssl->out_msg[header_len++] = MBEDTLS_BYTE_0(content_len);
+
+        memcpy(ssl->out_msg + header_len,
+               ssl->conf->psk_identity,
+               ssl->conf->psk_identity_len);
+        header_len += ssl->conf->psk_identity_len;
+
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+        if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK) {
+            content_len = 0;
+        } else
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+        if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+            /* Opaque PSKs are currently only supported for PSK-only suites. */
+            if (ssl_conf_has_static_raw_psk(ssl->conf) == 0) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("opaque PSK not supported with RSA-PSK"));
+                return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+            }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+            if ((ret = ssl_write_encrypted_pms(ssl, header_len,
+                                               &content_len, 2)) != 0) {
+                return ret;
+            }
+        } else
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+        if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK) {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+            /* Opaque PSKs are currently only supported for PSK-only suites. */
+            if (ssl_conf_has_static_raw_psk(ssl->conf) == 0) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("opaque PSK not supported with DHE-PSK"));
+                return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+            }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+            /*
+             * ClientDiffieHellmanPublic public (DHM send G^X mod P)
+             */
+            content_len = ssl->handshake->dhm_ctx.len;
+
+            if (header_len + 2 + content_len >
+                MBEDTLS_SSL_OUT_CONTENT_LEN) {
+                MBEDTLS_SSL_DEBUG_MSG(1,
+                                      ("psk identity or DHM size too long or SSL buffer too short"));
+                return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
+            }
+
+            ssl->out_msg[header_len++] = MBEDTLS_BYTE_1(content_len);
+            ssl->out_msg[header_len++] = MBEDTLS_BYTE_0(content_len);
+
+            ret = mbedtls_dhm_make_public(&ssl->handshake->dhm_ctx,
+                                          (int) mbedtls_mpi_size(&ssl->handshake->dhm_ctx.P),
+                                          &ssl->out_msg[header_len], content_len,
+                                          ssl->conf->f_rng, ssl->conf->p_rng);
+            if (ret != 0) {
+                MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_make_public", ret);
+                return ret;
+            }
+        } else
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+        if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+            /* Opaque PSKs are currently only supported for PSK-only suites. */
+            if (ssl_conf_has_static_raw_psk(ssl->conf) == 0) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("opaque PSK not supported with ECDHE-PSK"));
+                return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+            }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+            /*
+             * ClientECDiffieHellmanPublic public;
+             */
+            ret = mbedtls_ecdh_make_public(&ssl->handshake->ecdh_ctx,
+                                           &content_len,
+                                           &ssl->out_msg[header_len],
+                                           MBEDTLS_SSL_OUT_CONTENT_LEN - header_len,
+                                           ssl->conf->f_rng, ssl->conf->p_rng);
+            if (ret != 0) {
+                MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_make_public", ret);
+                return ret;
+            }
+
+            MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx,
+                                   MBEDTLS_DEBUG_ECDH_Q);
+        } else
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
+        {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO) &&          \
+        defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+        if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK &&
+            ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 &&
+            ssl_conf_has_static_raw_psk(ssl->conf) == 0) {
+            MBEDTLS_SSL_DEBUG_MSG(1,
+                                  ("skip PMS generation for opaque PSK"));
+        } else
+#endif /* MBEDTLS_USE_PSA_CRYPTO &&
+          MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
+        if ((ret = mbedtls_ssl_psk_derive_premaster(ssl,
+                                                    ciphersuite_info->key_exchange)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1,
+                                  "mbedtls_ssl_psk_derive_premaster", ret);
+            return ret;
+        }
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA) {
+        header_len = 4;
+        if ((ret = ssl_write_encrypted_pms(ssl, header_len,
+                                           &content_len, 0)) != 0) {
+            return ret;
+        }
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) {
+        header_len = 4;
+
+        ret = mbedtls_ecjpake_write_round_two(&ssl->handshake->ecjpake_ctx,
+                                              ssl->out_msg + header_len,
+                                              MBEDTLS_SSL_OUT_CONTENT_LEN - header_len,
+                                              &content_len,
+                                              ssl->conf->f_rng, ssl->conf->p_rng);
+        if (ret != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_write_round_two", ret);
+            return ret;
+        }
+
+        ret = mbedtls_ecjpake_derive_secret(&ssl->handshake->ecjpake_ctx,
+                                            ssl->handshake->premaster, 32, &ssl->handshake->pmslen,
+                                            ssl->conf->f_rng, ssl->conf->p_rng);
+        if (ret != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_derive_secret", ret);
+            return ret;
+        }
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
+    {
+        ((void) ciphersuite_info);
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    ssl->out_msglen  = header_len + content_len;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE;
+
+    ssl->state++;
+
+    if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret);
+        return ret;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= write client key exchange"));
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_certificate_verify(mbedtls_ssl_context *ssl)
+{
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->handshake->ciphersuite_info;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate verify"));
+
+    if ((ret = mbedtls_ssl_derive_keys(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_derive_keys", ret);
+        return ret;
+    }
+
+    if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate verify"));
+        ssl->state++;
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+    return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+}
+#else /* !MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_certificate_verify(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->handshake->ciphersuite_info;
+    size_t n = 0, offset = 0;
+    unsigned char hash[48];
+    unsigned char *hash_start = hash;
+    mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
+    size_t hashlen;
+    void *rs_ctx = NULL;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate verify"));
+
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+    if (ssl->handshake->ecrs_enabled &&
+        ssl->handshake->ecrs_state == ssl_ecrs_crt_vrfy_sign) {
+        goto sign;
+    }
+#endif
+
+    if ((ret = mbedtls_ssl_derive_keys(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_derive_keys", ret);
+        return ret;
+    }
+
+    if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate verify"));
+        ssl->state++;
+        return 0;
+    }
+
+    if (ssl->client_auth == 0 || mbedtls_ssl_own_cert(ssl) == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate verify"));
+        ssl->state++;
+        return 0;
+    }
+
+    if (mbedtls_ssl_own_key(ssl) == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("got no private key for certificate"));
+        return MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED;
+    }
+
+    /*
+     * Make a signature of the handshake digests
+     */
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+    if (ssl->handshake->ecrs_enabled) {
+        ssl->handshake->ecrs_state = ssl_ecrs_crt_vrfy_sign;
+    }
+
+sign:
+#endif
+
+    ssl->handshake->calc_verify(ssl, hash, &hashlen);
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+    if (ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3) {
+        /*
+         * digitally-signed struct {
+         *     opaque md5_hash[16];
+         *     opaque sha_hash[20];
+         * };
+         *
+         * md5_hash
+         *     MD5(handshake_messages);
+         *
+         * sha_hash
+         *     SHA(handshake_messages);
+         */
+        md_alg = MBEDTLS_MD_NONE;
+
+        /*
+         * For ECDSA, default hash is SHA-1 only
+         */
+        if (mbedtls_pk_can_do(mbedtls_ssl_own_key(ssl), MBEDTLS_PK_ECDSA)) {
+            hash_start += 16;
+            hashlen -= 16;
+            md_alg = MBEDTLS_MD_SHA1;
+        }
+    } else
+#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
+          MBEDTLS_SSL_PROTO_TLS1_1 */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) {
+        /*
+         * digitally-signed struct {
+         *     opaque handshake_messages[handshake_messages_length];
+         * };
+         *
+         * Taking shortcut here. We assume that the server always allows the
+         * PRF Hash function and has sent it in the allowed signature
+         * algorithms list received in the Certificate Request message.
+         *
+         * Until we encounter a server that does not, we will take this
+         * shortcut.
+         *
+         * Reason: Otherwise we should have running hashes for SHA512 and
+         *         SHA224 in order to satisfy 'weird' needs from the server
+         *         side.
+         */
+        if (ssl->handshake->ciphersuite_info->mac == MBEDTLS_MD_SHA384) {
+            md_alg = MBEDTLS_MD_SHA384;
+            ssl->out_msg[4] = MBEDTLS_SSL_HASH_SHA384;
+        } else {
+            md_alg = MBEDTLS_MD_SHA256;
+            ssl->out_msg[4] = MBEDTLS_SSL_HASH_SHA256;
+        }
+        ssl->out_msg[5] = mbedtls_ssl_sig_from_pk(mbedtls_ssl_own_key(ssl));
+
+        /* Info from md_alg will be used instead */
+        hashlen = 0;
+        offset = 2;
+    } else
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+    {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+    if (ssl->handshake->ecrs_enabled) {
+        rs_ctx = &ssl->handshake->ecrs_ctx.pk;
+    }
+#endif
+
+    if ((ret = mbedtls_pk_sign_restartable(mbedtls_ssl_own_key(ssl),
+                                           md_alg, hash_start, hashlen,
+                                           ssl->out_msg + 6 + offset, &n,
+                                           ssl->conf->f_rng, ssl->conf->p_rng, rs_ctx)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_sign", ret);
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+        if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) {
+            ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS;
+        }
+#endif
+        return ret;
+    }
+
+    MBEDTLS_PUT_UINT16_BE(n, ssl->out_msg, offset + 4);
+
+    ssl->out_msglen  = 6 + n + offset;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_CERTIFICATE_VERIFY;
+
+    ssl->state++;
+
+    if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret);
+        return ret;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= write certificate verify"));
+
+    return ret;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_new_session_ticket(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    uint32_t lifetime;
+    size_t ticket_len;
+    unsigned char *ticket;
+    const unsigned char *msg;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse new session ticket"));
+
+    if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret);
+        return ret;
+    }
+
+    if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad new session ticket message"));
+        mbedtls_ssl_send_alert_message(
+            ssl,
+            MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+            MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE);
+        return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+    }
+
+    /*
+     * struct {
+     *     uint32 ticket_lifetime_hint;
+     *     opaque ticket<0..2^16-1>;
+     * } NewSessionTicket;
+     *
+     * 0  .  3   ticket_lifetime_hint
+     * 4  .  5   ticket_len (n)
+     * 6  .  5+n ticket content
+     */
+    if (ssl->in_msg[0] != MBEDTLS_SSL_HS_NEW_SESSION_TICKET ||
+        ssl->in_hslen < 6 + mbedtls_ssl_hs_hdr_len(ssl)) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad new session ticket message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET;
+    }
+
+    msg = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl);
+
+    lifetime = (((uint32_t) msg[0]) << 24) | (msg[1] << 16) |
+               (msg[2] << 8) | (msg[3]);
+
+    ticket_len = (msg[4] << 8) | (msg[5]);
+
+    if (ticket_len + 6 + mbedtls_ssl_hs_hdr_len(ssl) != ssl->in_hslen) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad new session ticket message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("ticket length: %" MBEDTLS_PRINTF_SIZET, ticket_len));
+
+    /* We're not waiting for a NewSessionTicket message any more */
+    ssl->handshake->new_session_ticket = 0;
+    ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC;
+
+    /*
+     * Zero-length ticket means the server changed his mind and doesn't want
+     * to send a ticket after all, so just forget it
+     */
+    if (ticket_len == 0) {
+        return 0;
+    }
+
+    if (ssl->session != NULL && ssl->session->ticket != NULL) {
+        mbedtls_platform_zeroize(ssl->session->ticket,
+                                 ssl->session->ticket_len);
+        mbedtls_free(ssl->session->ticket);
+        ssl->session->ticket = NULL;
+        ssl->session->ticket_len = 0;
+    }
+
+    mbedtls_platform_zeroize(ssl->session_negotiate->ticket,
+                             ssl->session_negotiate->ticket_len);
+    mbedtls_free(ssl->session_negotiate->ticket);
+    ssl->session_negotiate->ticket = NULL;
+    ssl->session_negotiate->ticket_len = 0;
+
+    if ((ticket = mbedtls_calloc(1, ticket_len)) == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("ticket alloc failed"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR);
+        return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+    }
+
+    memcpy(ticket, msg + 6, ticket_len);
+
+    ssl->session_negotiate->ticket = ticket;
+    ssl->session_negotiate->ticket_len = ticket_len;
+    ssl->session_negotiate->ticket_lifetime = lifetime;
+
+    /*
+     * RFC 5077 section 3.4:
+     * "If the client receives a session ticket from the server, then it
+     * discards any Session ID that was sent in the ServerHello."
+     */
+    MBEDTLS_SSL_DEBUG_MSG(3, ("ticket in use, discarding session id"));
+    ssl->session_negotiate->id_len = 0;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse new session ticket"));
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+/*
+ * SSL handshake -- client side -- single step
+ */
+int mbedtls_ssl_handshake_client_step(mbedtls_ssl_context *ssl)
+{
+    int ret = 0;
+
+    if (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("client state: %d", ssl->state));
+
+    if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) {
+        return ret;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING) {
+        if ((ret = mbedtls_ssl_flight_transmit(ssl)) != 0) {
+            return ret;
+        }
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    /* Change state now, so that it is right in mbedtls_ssl_read_record(), used
+     * by DTLS for dropping out-of-sequence ChangeCipherSpec records */
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    if (ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC &&
+        ssl->handshake->new_session_ticket != 0) {
+        ssl->state = MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET;
+    }
+#endif
+
+    switch (ssl->state) {
+        case MBEDTLS_SSL_HELLO_REQUEST:
+            ssl->state = MBEDTLS_SSL_CLIENT_HELLO;
+            break;
+
+        /*
+         *  ==>   ClientHello
+         */
+        case MBEDTLS_SSL_CLIENT_HELLO:
+            ret = ssl_write_client_hello(ssl);
+            break;
+
+        /*
+         *  <==   ServerHello
+         *        Certificate
+         *      ( ServerKeyExchange  )
+         *      ( CertificateRequest )
+         *        ServerHelloDone
+         */
+        case MBEDTLS_SSL_SERVER_HELLO:
+            ret = ssl_parse_server_hello(ssl);
+            break;
+
+        case MBEDTLS_SSL_SERVER_CERTIFICATE:
+            ret = mbedtls_ssl_parse_certificate(ssl);
+            break;
+
+        case MBEDTLS_SSL_SERVER_KEY_EXCHANGE:
+            ret = ssl_parse_server_key_exchange(ssl);
+            break;
+
+        case MBEDTLS_SSL_CERTIFICATE_REQUEST:
+            ret = ssl_parse_certificate_request(ssl);
+            break;
+
+        case MBEDTLS_SSL_SERVER_HELLO_DONE:
+            ret = ssl_parse_server_hello_done(ssl);
+            break;
+
+        /*
+         *  ==> ( Certificate/Alert  )
+         *        ClientKeyExchange
+         *      ( CertificateVerify  )
+         *        ChangeCipherSpec
+         *        Finished
+         */
+        case MBEDTLS_SSL_CLIENT_CERTIFICATE:
+            ret = mbedtls_ssl_write_certificate(ssl);
+            break;
+
+        case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE:
+            ret = ssl_write_client_key_exchange(ssl);
+            break;
+
+        case MBEDTLS_SSL_CERTIFICATE_VERIFY:
+            ret = ssl_write_certificate_verify(ssl);
+            break;
+
+        case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC:
+            ret = mbedtls_ssl_write_change_cipher_spec(ssl);
+            break;
+
+        case MBEDTLS_SSL_CLIENT_FINISHED:
+            ret = mbedtls_ssl_write_finished(ssl);
+            break;
+
+            /*
+             *  <==   ( NewSessionTicket )
+             *        ChangeCipherSpec
+             *        Finished
+             */
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+        case MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET:
+            ret = ssl_parse_new_session_ticket(ssl);
+            break;
+#endif
+
+        case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC:
+            ret = mbedtls_ssl_parse_change_cipher_spec(ssl);
+            break;
+
+        case MBEDTLS_SSL_SERVER_FINISHED:
+            ret = mbedtls_ssl_parse_finished(ssl);
+            break;
+
+        case MBEDTLS_SSL_FLUSH_BUFFERS:
+            MBEDTLS_SSL_DEBUG_MSG(2, ("handshake: done"));
+            ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP;
+            break;
+
+        case MBEDTLS_SSL_HANDSHAKE_WRAPUP:
+            mbedtls_ssl_handshake_wrapup(ssl);
+            break;
+
+        default:
+            MBEDTLS_SSL_DEBUG_MSG(1, ("invalid state %d", ssl->state));
+            return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    return ret;
+}
+#endif /* MBEDTLS_SSL_CLI_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/ssl_cookie.c b/3rdparty/mbedtls-2.28.7/library/ssl_cookie.c
new file mode 100644
index 0000000..067a491
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/ssl_cookie.c
@@ -0,0 +1,248 @@
+/*
+ *  DTLS cookie callbacks implementation
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ * These session callbacks use a simple chained list
+ * to store and retrieve the session information.
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_SSL_COOKIE_C)
+
+#include "mbedtls/platform.h"
+
+#include "mbedtls/ssl_cookie.h"
+#include "mbedtls/ssl_internal.h"
+#include "mbedtls/error.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/constant_time.h"
+
+#include <string.h>
+
+/*
+ * If DTLS is in use, then at least one of SHA-1, SHA-256, SHA-512 is
+ * available. Try SHA-256 first, 512 wastes resources since we need to stay
+ * with max 32 bytes of cookie for DTLS 1.0
+ */
+#if defined(MBEDTLS_SHA256_C)
+#define COOKIE_MD           MBEDTLS_MD_SHA224
+#define COOKIE_MD_OUTLEN    32
+#define COOKIE_HMAC_LEN     28
+#elif defined(MBEDTLS_SHA512_C)
+#define COOKIE_MD           MBEDTLS_MD_SHA384
+#define COOKIE_MD_OUTLEN    48
+#define COOKIE_HMAC_LEN     28
+#elif defined(MBEDTLS_SHA1_C)
+#define COOKIE_MD           MBEDTLS_MD_SHA1
+#define COOKIE_MD_OUTLEN    20
+#define COOKIE_HMAC_LEN     20
+#else
+#error "DTLS hello verify needs SHA-1 or SHA-2"
+#endif
+
+/*
+ * Cookies are formed of a 4-bytes timestamp (or serial number) and
+ * an HMAC of timestamp and client ID.
+ */
+#define COOKIE_LEN      (4 + COOKIE_HMAC_LEN)
+
+void mbedtls_ssl_cookie_init(mbedtls_ssl_cookie_ctx *ctx)
+{
+    mbedtls_md_init(&ctx->hmac_ctx);
+#if !defined(MBEDTLS_HAVE_TIME)
+    ctx->serial = 0;
+#endif
+    ctx->timeout = MBEDTLS_SSL_COOKIE_TIMEOUT;
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_init(&ctx->mutex);
+#endif
+}
+
+void mbedtls_ssl_cookie_set_timeout(mbedtls_ssl_cookie_ctx *ctx, unsigned long delay)
+{
+    ctx->timeout = delay;
+}
+
+void mbedtls_ssl_cookie_free(mbedtls_ssl_cookie_ctx *ctx)
+{
+    mbedtls_md_free(&ctx->hmac_ctx);
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_free(&ctx->mutex);
+#endif
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ssl_cookie_ctx));
+}
+
+int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char key[COOKIE_MD_OUTLEN];
+
+    if ((ret = f_rng(p_rng, key, sizeof(key))) != 0) {
+        return ret;
+    }
+
+    ret = mbedtls_md_setup(&ctx->hmac_ctx, mbedtls_md_info_from_type(COOKIE_MD), 1);
+    if (ret != 0) {
+        return ret;
+    }
+
+    ret = mbedtls_md_hmac_starts(&ctx->hmac_ctx, key, sizeof(key));
+    if (ret != 0) {
+        return ret;
+    }
+
+    mbedtls_platform_zeroize(key, sizeof(key));
+
+    return 0;
+}
+
+/*
+ * Generate the HMAC part of a cookie
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_cookie_hmac(mbedtls_md_context_t *hmac_ctx,
+                           const unsigned char time[4],
+                           unsigned char **p, unsigned char *end,
+                           const unsigned char *cli_id, size_t cli_id_len)
+{
+    unsigned char hmac_out[COOKIE_MD_OUTLEN];
+
+    MBEDTLS_SSL_CHK_BUF_PTR(*p, end, COOKIE_HMAC_LEN);
+
+    if (mbedtls_md_hmac_reset(hmac_ctx) != 0 ||
+        mbedtls_md_hmac_update(hmac_ctx, time, 4) != 0 ||
+        mbedtls_md_hmac_update(hmac_ctx, cli_id, cli_id_len) != 0 ||
+        mbedtls_md_hmac_finish(hmac_ctx, hmac_out) != 0) {
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    memcpy(*p, hmac_out, COOKIE_HMAC_LEN);
+    *p += COOKIE_HMAC_LEN;
+
+    return 0;
+}
+
+/*
+ * Generate cookie for DTLS ClientHello verification
+ */
+int mbedtls_ssl_cookie_write(void *p_ctx,
+                             unsigned char **p, unsigned char *end,
+                             const unsigned char *cli_id, size_t cli_id_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx;
+    unsigned long t;
+
+    if (ctx == NULL || cli_id == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    MBEDTLS_SSL_CHK_BUF_PTR(*p, end, COOKIE_LEN);
+
+#if defined(MBEDTLS_HAVE_TIME)
+    t = (unsigned long) mbedtls_time(NULL);
+#else
+    t = ctx->serial++;
+#endif
+
+    MBEDTLS_PUT_UINT32_BE(t, *p, 0);
+    *p += 4;
+
+#if defined(MBEDTLS_THREADING_C)
+    if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_SSL_INTERNAL_ERROR, ret);
+    }
+#endif
+
+    ret = ssl_cookie_hmac(&ctx->hmac_ctx, *p - 4,
+                          p, end, cli_id, cli_id_len);
+
+#if defined(MBEDTLS_THREADING_C)
+    if (mbedtls_mutex_unlock(&ctx->mutex) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_SSL_INTERNAL_ERROR,
+                                 MBEDTLS_ERR_THREADING_MUTEX_ERROR);
+    }
+#endif
+
+    return ret;
+}
+
+/*
+ * Check a cookie
+ */
+int mbedtls_ssl_cookie_check(void *p_ctx,
+                             const unsigned char *cookie, size_t cookie_len,
+                             const unsigned char *cli_id, size_t cli_id_len)
+{
+    unsigned char ref_hmac[COOKIE_HMAC_LEN];
+    int ret = 0;
+    unsigned char *p = ref_hmac;
+    mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx;
+    unsigned long cur_time, cookie_time;
+
+    if (ctx == NULL || cli_id == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    if (cookie_len != COOKIE_LEN) {
+        return -1;
+    }
+
+#if defined(MBEDTLS_THREADING_C)
+    if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_SSL_INTERNAL_ERROR, ret);
+    }
+#endif
+
+    if (ssl_cookie_hmac(&ctx->hmac_ctx, cookie,
+                        &p, p + sizeof(ref_hmac),
+                        cli_id, cli_id_len) != 0) {
+        ret = -1;
+    }
+
+#if defined(MBEDTLS_THREADING_C)
+    if (mbedtls_mutex_unlock(&ctx->mutex) != 0) {
+        ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_SSL_INTERNAL_ERROR,
+                                MBEDTLS_ERR_THREADING_MUTEX_ERROR);
+    }
+#endif
+
+    if (ret != 0) {
+        goto exit;
+    }
+
+    if (mbedtls_ct_memcmp(cookie + 4, ref_hmac, sizeof(ref_hmac)) != 0) {
+        ret = -1;
+        goto exit;
+    }
+
+#if defined(MBEDTLS_HAVE_TIME)
+    cur_time = (unsigned long) mbedtls_time(NULL);
+#else
+    cur_time = ctx->serial;
+#endif
+
+    cookie_time = ((unsigned long) cookie[0] << 24) |
+                  ((unsigned long) cookie[1] << 16) |
+                  ((unsigned long) cookie[2] <<  8) |
+                  ((unsigned long) cookie[3]);
+
+    if (ctx->timeout != 0 && cur_time - cookie_time > ctx->timeout) {
+        ret = -1;
+        goto exit;
+    }
+
+exit:
+    mbedtls_platform_zeroize(ref_hmac, sizeof(ref_hmac));
+    return ret;
+}
+#endif /* MBEDTLS_SSL_COOKIE_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/ssl_msg.c b/3rdparty/mbedtls-2.28.7/library/ssl_msg.c
new file mode 100644
index 0000000..5e85679
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/ssl_msg.c
@@ -0,0 +1,5738 @@
+/*
+ *  Generic SSL/TLS messaging layer functions
+ *  (record layer + retransmission state machine)
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  The SSL 3.0 specification was drafted by Netscape in 1996,
+ *  and became an IETF standard in 1999.
+ *
+ *  http://wp.netscape.com/eng/ssl3/
+ *  http://www.ietf.org/rfc/rfc2246.txt
+ *  http://www.ietf.org/rfc/rfc4346.txt
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_SSL_TLS_C)
+
+#include "mbedtls/platform.h"
+
+#include "mbedtls/ssl.h"
+#include "mbedtls/ssl_internal.h"
+#include "mbedtls/debug.h"
+#include "mbedtls/error.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/version.h"
+#include "constant_time_internal.h"
+#include "mbedtls/constant_time.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "mbedtls/psa_util.h"
+#include "psa/crypto.h"
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#include "mbedtls/oid.h"
+#endif
+
+static uint32_t ssl_get_hs_total_len(mbedtls_ssl_context const *ssl);
+
+/*
+ * Start a timer.
+ * Passing millisecs = 0 cancels a running timer.
+ */
+void mbedtls_ssl_set_timer(mbedtls_ssl_context *ssl, uint32_t millisecs)
+{
+    if (ssl->f_set_timer == NULL) {
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("set_timer to %d ms", (int) millisecs));
+    ssl->f_set_timer(ssl->p_timer, millisecs / 4, millisecs);
+}
+
+/*
+ * Return -1 is timer is expired, 0 if it isn't.
+ */
+int mbedtls_ssl_check_timer(mbedtls_ssl_context *ssl)
+{
+    if (ssl->f_get_timer == NULL) {
+        return 0;
+    }
+
+    if (ssl->f_get_timer(ssl->p_timer) == 2) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("timer expired"));
+        return -1;
+    }
+
+    return 0;
+}
+
+#if defined(MBEDTLS_SSL_RECORD_CHECKING)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_record_header(mbedtls_ssl_context const *ssl,
+                                   unsigned char *buf,
+                                   size_t len,
+                                   mbedtls_record *rec);
+
+int mbedtls_ssl_check_record(mbedtls_ssl_context const *ssl,
+                             unsigned char *buf,
+                             size_t buflen)
+{
+    int ret = 0;
+    MBEDTLS_SSL_DEBUG_MSG(1, ("=> mbedtls_ssl_check_record"));
+    MBEDTLS_SSL_DEBUG_BUF(3, "record buffer", buf, buflen);
+
+    /* We don't support record checking in TLS because
+     * (a) there doesn't seem to be a usecase for it, and
+     * (b) In SSLv3 and TLS 1.0, CBC record decryption has state
+     *     and we'd need to backup the transform here.
+     */
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM) {
+        ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+        goto exit;
+    }
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    else {
+        mbedtls_record rec;
+
+        ret = ssl_parse_record_header(ssl, buf, buflen, &rec);
+        if (ret != 0) {
+            MBEDTLS_SSL_DEBUG_RET(3, "ssl_parse_record_header", ret);
+            goto exit;
+        }
+
+        if (ssl->transform_in != NULL) {
+            ret = mbedtls_ssl_decrypt_buf(ssl, ssl->transform_in, &rec);
+            if (ret != 0) {
+                MBEDTLS_SSL_DEBUG_RET(3, "mbedtls_ssl_decrypt_buf", ret);
+                goto exit;
+            }
+        }
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+exit:
+    /* On success, we have decrypted the buffer in-place, so make
+     * sure we don't leak any plaintext data. */
+    mbedtls_platform_zeroize(buf, buflen);
+
+    /* For the purpose of this API, treat messages with unexpected CID
+     * as well as such from future epochs as unexpected. */
+    if (ret == MBEDTLS_ERR_SSL_UNEXPECTED_CID ||
+        ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE) {
+        ret = MBEDTLS_ERR_SSL_UNEXPECTED_RECORD;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(1, ("<= mbedtls_ssl_check_record"));
+    return ret;
+}
+#endif /* MBEDTLS_SSL_RECORD_CHECKING */
+
+#define SSL_DONT_FORCE_FLUSH 0
+#define SSL_FORCE_FLUSH      1
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+
+/* Forward declarations for functions related to message buffering. */
+static void ssl_buffering_free_slot(mbedtls_ssl_context *ssl,
+                                    uint8_t slot);
+static void ssl_free_buffered_record(mbedtls_ssl_context *ssl);
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_load_buffered_message(mbedtls_ssl_context *ssl);
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_load_buffered_record(mbedtls_ssl_context *ssl);
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_buffer_message(mbedtls_ssl_context *ssl);
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_buffer_future_record(mbedtls_ssl_context *ssl,
+                                    mbedtls_record const *rec);
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_next_record_is_in_datagram(mbedtls_ssl_context *ssl);
+
+static size_t ssl_get_maximum_datagram_size(mbedtls_ssl_context const *ssl)
+{
+    size_t mtu = mbedtls_ssl_get_current_mtu(ssl);
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+    size_t out_buf_len = ssl->out_buf_len;
+#else
+    size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN;
+#endif
+
+    if (mtu != 0 && mtu < out_buf_len) {
+        return mtu;
+    }
+
+    return out_buf_len;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_get_remaining_space_in_datagram(mbedtls_ssl_context const *ssl)
+{
+    size_t const bytes_written = ssl->out_left;
+    size_t const mtu           = ssl_get_maximum_datagram_size(ssl);
+
+    /* Double-check that the write-index hasn't gone
+     * past what we can transmit in a single datagram. */
+    if (bytes_written > mtu) {
+        /* Should never happen... */
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    return (int) (mtu - bytes_written);
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_get_remaining_payload_in_datagram(mbedtls_ssl_context const *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t remaining, expansion;
+    size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN;
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    const size_t mfl = mbedtls_ssl_get_output_max_frag_len(ssl);
+
+    if (max_len > mfl) {
+        max_len = mfl;
+    }
+
+    /* By the standard (RFC 6066 Sect. 4), the MFL extension
+     * only limits the maximum record payload size, so in theory
+     * we would be allowed to pack multiple records of payload size
+     * MFL into a single datagram. However, this would mean that there's
+     * no way to explicitly communicate MTU restrictions to the peer.
+     *
+     * The following reduction of max_len makes sure that we never
+     * write datagrams larger than MFL + Record Expansion Overhead.
+     */
+    if (max_len <= ssl->out_left) {
+        return 0;
+    }
+
+    max_len -= ssl->out_left;
+#endif
+
+    ret = ssl_get_remaining_space_in_datagram(ssl);
+    if (ret < 0) {
+        return ret;
+    }
+    remaining = (size_t) ret;
+
+    ret = mbedtls_ssl_get_record_expansion(ssl);
+    if (ret < 0) {
+        return ret;
+    }
+    expansion = (size_t) ret;
+
+    if (remaining <= expansion) {
+        return 0;
+    }
+
+    remaining -= expansion;
+    if (remaining >= max_len) {
+        remaining = max_len;
+    }
+
+    return (int) remaining;
+}
+
+/*
+ * Double the retransmit timeout value, within the allowed range,
+ * returning -1 if the maximum value has already been reached.
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_double_retransmit_timeout(mbedtls_ssl_context *ssl)
+{
+    uint32_t new_timeout;
+
+    if (ssl->handshake->retransmit_timeout >= ssl->conf->hs_timeout_max) {
+        return -1;
+    }
+
+    /* Implement the final paragraph of RFC 6347 section 4.1.1.1
+     * in the following way: after the initial transmission and a first
+     * retransmission, back off to a temporary estimated MTU of 508 bytes.
+     * This value is guaranteed to be deliverable (if not guaranteed to be
+     * delivered) of any compliant IPv4 (and IPv6) network, and should work
+     * on most non-IP stacks too. */
+    if (ssl->handshake->retransmit_timeout != ssl->conf->hs_timeout_min) {
+        ssl->handshake->mtu = 508;
+        MBEDTLS_SSL_DEBUG_MSG(2, ("mtu autoreduction to %d bytes", ssl->handshake->mtu));
+    }
+
+    new_timeout = 2 * ssl->handshake->retransmit_timeout;
+
+    /* Avoid arithmetic overflow and range overflow */
+    if (new_timeout < ssl->handshake->retransmit_timeout ||
+        new_timeout > ssl->conf->hs_timeout_max) {
+        new_timeout = ssl->conf->hs_timeout_max;
+    }
+
+    ssl->handshake->retransmit_timeout = new_timeout;
+    MBEDTLS_SSL_DEBUG_MSG(3, ("update timeout value to %lu millisecs",
+                              (unsigned long) ssl->handshake->retransmit_timeout));
+
+    return 0;
+}
+
+static void ssl_reset_retransmit_timeout(mbedtls_ssl_context *ssl)
+{
+    ssl->handshake->retransmit_timeout = ssl->conf->hs_timeout_min;
+    MBEDTLS_SSL_DEBUG_MSG(3, ("update timeout value to %lu millisecs",
+                              (unsigned long) ssl->handshake->retransmit_timeout));
+}
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+int (*mbedtls_ssl_hw_record_init)(mbedtls_ssl_context *ssl,
+                                  const unsigned char *key_enc, const unsigned char *key_dec,
+                                  size_t keylen,
+                                  const unsigned char *iv_enc,  const unsigned char *iv_dec,
+                                  size_t ivlen,
+                                  const unsigned char *mac_enc, const unsigned char *mac_dec,
+                                  size_t maclen) = NULL;
+int (*mbedtls_ssl_hw_record_activate)(mbedtls_ssl_context *ssl, int direction) = NULL;
+int (*mbedtls_ssl_hw_record_reset)(mbedtls_ssl_context *ssl) = NULL;
+int (*mbedtls_ssl_hw_record_write)(mbedtls_ssl_context *ssl) = NULL;
+int (*mbedtls_ssl_hw_record_read)(mbedtls_ssl_context *ssl) = NULL;
+int (*mbedtls_ssl_hw_record_finish)(mbedtls_ssl_context *ssl) = NULL;
+#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
+
+/*
+ * Encryption/decryption functions
+ */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) ||  \
+    defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+
+static size_t ssl_compute_padding_length(size_t len,
+                                         size_t granularity)
+{
+    return (granularity - (len + 1) % granularity) % granularity;
+}
+
+/* This functions transforms a (D)TLS plaintext fragment and a record content
+ * type into an instance of the (D)TLSInnerPlaintext structure. This is used
+ * in DTLS 1.2 + CID and within TLS 1.3 to allow flexible padding and to protect
+ * a record's content type.
+ *
+ *        struct {
+ *            opaque content[DTLSPlaintext.length];
+ *            ContentType real_type;
+ *            uint8 zeros[length_of_padding];
+ *        } (D)TLSInnerPlaintext;
+ *
+ *  Input:
+ *  - `content`: The beginning of the buffer holding the
+ *               plaintext to be wrapped.
+ *  - `*content_size`: The length of the plaintext in Bytes.
+ *  - `max_len`: The number of Bytes available starting from
+ *               `content`. This must be `>= *content_size`.
+ *  - `rec_type`: The desired record content type.
+ *
+ *  Output:
+ *  - `content`: The beginning of the resulting (D)TLSInnerPlaintext structure.
+ *  - `*content_size`: The length of the resulting (D)TLSInnerPlaintext structure.
+ *
+ *  Returns:
+ *  - `0` on success.
+ *  - A negative error code if `max_len` didn't offer enough space
+ *    for the expansion.
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_build_inner_plaintext(unsigned char *content,
+                                     size_t *content_size,
+                                     size_t remaining,
+                                     uint8_t rec_type,
+                                     size_t pad)
+{
+    size_t len = *content_size;
+
+    /* Write real content type */
+    if (remaining == 0) {
+        return -1;
+    }
+    content[len] = rec_type;
+    len++;
+    remaining--;
+
+    if (remaining < pad) {
+        return -1;
+    }
+    memset(content + len, 0, pad);
+    len += pad;
+    remaining -= pad;
+
+    *content_size = len;
+    return 0;
+}
+
+/* This function parses a (D)TLSInnerPlaintext structure.
+ * See ssl_build_inner_plaintext() for details. */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_inner_plaintext(unsigned char const *content,
+                                     size_t *content_size,
+                                     uint8_t *rec_type)
+{
+    size_t remaining = *content_size;
+
+    /* Determine length of padding by skipping zeroes from the back. */
+    do {
+        if (remaining == 0) {
+            return -1;
+        }
+        remaining--;
+    } while (content[remaining] == 0);
+
+    *content_size = remaining;
+    *rec_type = content[remaining];
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID ||
+          MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+
+/* `add_data` must have size 13 Bytes if the CID extension is disabled,
+ * and 13 + 1 + CID-length Bytes if the CID extension is enabled. */
+static void ssl_extract_add_data_from_record(unsigned char *add_data,
+                                             size_t *add_data_len,
+                                             mbedtls_record *rec,
+                                             unsigned minor_ver)
+{
+    /* Quoting RFC 5246 (TLS 1.2):
+     *
+     *    additional_data = seq_num + TLSCompressed.type +
+     *                      TLSCompressed.version + TLSCompressed.length;
+     *
+     * For the CID extension, this is extended as follows
+     * (quoting draft-ietf-tls-dtls-connection-id-05,
+     *  https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05):
+     *
+     *       additional_data = seq_num + DTLSPlaintext.type +
+     *                         DTLSPlaintext.version +
+     *                         cid +
+     *                         cid_length +
+     *                         length_of_DTLSInnerPlaintext;
+     *
+     * For TLS 1.3, the record sequence number is dropped from the AAD
+     * and encoded within the nonce of the AEAD operation instead.
+     */
+
+    unsigned char *cur = add_data;
+
+    int is_tls13 = 0;
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+    if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_4) {
+        is_tls13 = 1;
+    }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+    if (!is_tls13) {
+        ((void) minor_ver);
+        memcpy(cur, rec->ctr, sizeof(rec->ctr));
+        cur += sizeof(rec->ctr);
+    }
+
+    *cur = rec->type;
+    cur++;
+
+    memcpy(cur, rec->ver, sizeof(rec->ver));
+    cur += sizeof(rec->ver);
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    if (rec->cid_len != 0) {
+        memcpy(cur, rec->cid, rec->cid_len);
+        cur += rec->cid_len;
+
+        *cur = rec->cid_len;
+        cur++;
+
+        MBEDTLS_PUT_UINT16_BE(rec->data_len, cur, 0);
+        cur += 2;
+    } else
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+    {
+        MBEDTLS_PUT_UINT16_BE(rec->data_len, cur, 0);
+        cur += 2;
+    }
+
+    *add_data_len = cur - add_data;
+}
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+
+#define SSL3_MAC_MAX_BYTES   20  /* MD-5 or SHA-1 */
+
+/*
+ * SSLv3.0 MAC functions
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_mac(mbedtls_md_context_t *md_ctx,
+                   const unsigned char *secret,
+                   const unsigned char *buf, size_t len,
+                   const unsigned char *ctr, int type,
+                   unsigned char out[SSL3_MAC_MAX_BYTES])
+{
+    unsigned char header[11];
+    unsigned char padding[48];
+    int padlen;
+    int md_size = mbedtls_md_get_size(md_ctx->md_info);
+    int md_type = mbedtls_md_get_type(md_ctx->md_info);
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    /* Only MD5 and SHA-1 supported */
+    if (md_type == MBEDTLS_MD_MD5) {
+        padlen = 48;
+    } else {
+        padlen = 40;
+    }
+
+    memcpy(header, ctr, 8);
+    header[8] = (unsigned char)  type;
+    MBEDTLS_PUT_UINT16_BE(len, header, 9);
+
+    memset(padding, 0x36, padlen);
+    ret = mbedtls_md_starts(md_ctx);
+    if (ret != 0) {
+        return ret;
+    }
+    ret = mbedtls_md_update(md_ctx, secret,  md_size);
+    if (ret != 0) {
+        return ret;
+    }
+    ret = mbedtls_md_update(md_ctx, padding, padlen);
+    if (ret != 0) {
+        return ret;
+    }
+    ret = mbedtls_md_update(md_ctx, header,  11);
+    if (ret != 0) {
+        return ret;
+    }
+    ret = mbedtls_md_update(md_ctx, buf,     len);
+    if (ret != 0) {
+        return ret;
+    }
+    ret = mbedtls_md_finish(md_ctx, out);
+    if (ret != 0) {
+        return ret;
+    }
+
+    memset(padding, 0x5C, padlen);
+    ret = mbedtls_md_starts(md_ctx);
+    if (ret != 0) {
+        return ret;
+    }
+    ret = mbedtls_md_update(md_ctx, secret,    md_size);
+    if (ret != 0) {
+        return ret;
+    }
+    ret = mbedtls_md_update(md_ctx, padding,   padlen);
+    if (ret != 0) {
+        return ret;
+    }
+    ret = mbedtls_md_update(md_ctx, out,       md_size);
+    if (ret != 0) {
+        return ret;
+    }
+    ret = mbedtls_md_finish(md_ctx, out);
+    if (ret != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+
+#if defined(MBEDTLS_GCM_C) || \
+    defined(MBEDTLS_CCM_C) || \
+    defined(MBEDTLS_CHACHAPOLY_C)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_transform_aead_dynamic_iv_is_explicit(
+    mbedtls_ssl_transform const *transform)
+{
+    return transform->ivlen != transform->fixed_ivlen;
+}
+
+/* Compute IV := ( fixed_iv || 0 ) XOR ( 0 || dynamic_IV )
+ *
+ * Concretely, this occurs in two variants:
+ *
+ * a) Fixed and dynamic IV lengths add up to total IV length, giving
+ *       IV = fixed_iv || dynamic_iv
+ *
+ *    This variant is used in TLS 1.2 when used with GCM or CCM.
+ *
+ * b) Fixed IV lengths matches total IV length, giving
+ *       IV = fixed_iv XOR ( 0 || dynamic_iv )
+ *
+ *    This variant occurs in TLS 1.3 and for TLS 1.2 when using ChaChaPoly.
+ *
+ * See also the documentation of mbedtls_ssl_transform.
+ *
+ * This function has the precondition that
+ *
+ *     dst_iv_len >= max( fixed_iv_len, dynamic_iv_len )
+ *
+ * which has to be ensured by the caller. If this precondition
+ * violated, the behavior of this function is undefined.
+ */
+static void ssl_build_record_nonce(unsigned char *dst_iv,
+                                   size_t dst_iv_len,
+                                   unsigned char const *fixed_iv,
+                                   size_t fixed_iv_len,
+                                   unsigned char const *dynamic_iv,
+                                   size_t dynamic_iv_len)
+{
+    size_t i;
+
+    /* Start with Fixed IV || 0 */
+    memset(dst_iv, 0, dst_iv_len);
+    memcpy(dst_iv, fixed_iv, fixed_iv_len);
+
+    dst_iv += dst_iv_len - dynamic_iv_len;
+    for (i = 0; i < dynamic_iv_len; i++) {
+        dst_iv[i] ^= dynamic_iv[i];
+    }
+}
+#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */
+
+int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl,
+                            mbedtls_ssl_transform *transform,
+                            mbedtls_record *rec,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng)
+{
+    mbedtls_cipher_mode_t mode;
+    int auth_done = 0;
+    unsigned char *data;
+    unsigned char add_data[13 + 1 + MBEDTLS_SSL_CID_OUT_LEN_MAX];
+    size_t add_data_len;
+    size_t post_avail;
+
+    /* The SSL context is only used for debugging purposes! */
+#if !defined(MBEDTLS_DEBUG_C)
+    ssl = NULL; /* make sure we don't use it except for debug */
+    ((void) ssl);
+#endif
+
+    /* The PRNG is used for dynamic IV generation that's used
+     * for CBC transformations in TLS 1.1 and TLS 1.2. */
+#if !(defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) && \
+    (defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)))
+    ((void) f_rng);
+    ((void) p_rng);
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> encrypt buf"));
+
+    if (transform == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("no transform provided to encrypt_buf"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+    if (rec == NULL
+        || rec->buf == NULL
+        || rec->buf_len < rec->data_offset
+        || rec->buf_len - rec->data_offset < rec->data_len
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+        || rec->cid_len != 0
+#endif
+        ) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad record structure provided to encrypt_buf"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    data = rec->buf + rec->data_offset;
+    post_avail = rec->buf_len - (rec->data_len + rec->data_offset);
+    MBEDTLS_SSL_DEBUG_BUF(4, "before encrypt: output payload",
+                          data, rec->data_len);
+
+    mode = mbedtls_cipher_get_cipher_mode(&transform->cipher_ctx_enc);
+
+    if (rec->data_len > MBEDTLS_SSL_OUT_CONTENT_LEN) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("Record content %" MBEDTLS_PRINTF_SIZET
+                                  " too large, maximum %" MBEDTLS_PRINTF_SIZET,
+                                  rec->data_len,
+                                  (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN));
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    /* The following two code paths implement the (D)TLSInnerPlaintext
+     * structure present in TLS 1.3 and DTLS 1.2 + CID.
+     *
+     * See ssl_build_inner_plaintext() for more information.
+     *
+     * Note that this changes `rec->data_len`, and hence
+     * `post_avail` needs to be recalculated afterwards.
+     *
+     * Note also that the two code paths cannot occur simultaneously
+     * since they apply to different versions of the protocol. There
+     * is hence no risk of double-addition of the inner plaintext.
+     */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+    if (transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4) {
+        size_t padding =
+            ssl_compute_padding_length(rec->data_len,
+                                       MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY);
+        if (ssl_build_inner_plaintext(data,
+                                      &rec->data_len,
+                                      post_avail,
+                                      rec->type,
+                                      padding) != 0) {
+            return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
+        }
+
+        rec->type = MBEDTLS_SSL_MSG_APPLICATION_DATA;
+    }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    /*
+     * Add CID information
+     */
+    rec->cid_len = transform->out_cid_len;
+    memcpy(rec->cid, transform->out_cid, transform->out_cid_len);
+    MBEDTLS_SSL_DEBUG_BUF(3, "CID", rec->cid, rec->cid_len);
+
+    if (rec->cid_len != 0) {
+        size_t padding =
+            ssl_compute_padding_length(rec->data_len,
+                                       MBEDTLS_SSL_CID_PADDING_GRANULARITY);
+        /*
+         * Wrap plaintext into DTLSInnerPlaintext structure.
+         * See ssl_build_inner_plaintext() for more information.
+         *
+         * Note that this changes `rec->data_len`, and hence
+         * `post_avail` needs to be recalculated afterwards.
+         */
+        if (ssl_build_inner_plaintext(data,
+                                      &rec->data_len,
+                                      post_avail,
+                                      rec->type,
+                                      padding) != 0) {
+            return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
+        }
+
+        rec->type = MBEDTLS_SSL_MSG_CID;
+    }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+    post_avail = rec->buf_len - (rec->data_len + rec->data_offset);
+
+    /*
+     * Add MAC before if needed
+     */
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+    if (mode == MBEDTLS_MODE_STREAM ||
+        (mode == MBEDTLS_MODE_CBC
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+         && transform->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED
+#endif
+        )) {
+        if (post_avail < transform->maclen) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer provided for encrypted record not large enough"));
+            return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
+        }
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+        if (transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) {
+            unsigned char mac[SSL3_MAC_MAX_BYTES];
+            int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+            ret = ssl_mac(&transform->md_ctx_enc, transform->mac_enc,
+                          data, rec->data_len, rec->ctr, rec->type, mac);
+            if (ret == 0) {
+                memcpy(data + rec->data_len, mac, transform->maclen);
+            }
+            mbedtls_platform_zeroize(mac, transform->maclen);
+            if (ret != 0) {
+                MBEDTLS_SSL_DEBUG_RET(1, "ssl_mac", ret);
+                return ret;
+            }
+        } else
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+        defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        if (transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1) {
+            unsigned char mac[MBEDTLS_SSL_MAC_ADD];
+            int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+            ssl_extract_add_data_from_record(add_data, &add_data_len, rec,
+                                             transform->minor_ver);
+
+            ret = mbedtls_md_hmac_update(&transform->md_ctx_enc,
+                                         add_data, add_data_len);
+            if (ret != 0) {
+                goto hmac_failed_etm_disabled;
+            }
+            ret = mbedtls_md_hmac_update(&transform->md_ctx_enc,
+                                         data, rec->data_len);
+            if (ret != 0) {
+                goto hmac_failed_etm_disabled;
+            }
+            ret = mbedtls_md_hmac_finish(&transform->md_ctx_enc, mac);
+            if (ret != 0) {
+                goto hmac_failed_etm_disabled;
+            }
+            ret = mbedtls_md_hmac_reset(&transform->md_ctx_enc);
+            if (ret != 0) {
+                goto hmac_failed_etm_disabled;
+            }
+
+            memcpy(data + rec->data_len, mac, transform->maclen);
+
+hmac_failed_etm_disabled:
+            mbedtls_platform_zeroize(mac, transform->maclen);
+            if (ret != 0) {
+                MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_hmac_xxx", ret);
+                return ret;
+            }
+        } else
+#endif
+        {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        }
+
+        MBEDTLS_SSL_DEBUG_BUF(4, "computed mac", data + rec->data_len,
+                              transform->maclen);
+
+        rec->data_len += transform->maclen;
+        post_avail -= transform->maclen;
+        auth_done++;
+    }
+#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
+
+    /*
+     * Encrypt
+     */
+#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
+    if (mode == MBEDTLS_MODE_STREAM) {
+        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+        size_t olen;
+        MBEDTLS_SSL_DEBUG_MSG(3, ("before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", "
+                                                                                    "including %d bytes of padding",
+                                  rec->data_len, 0));
+
+        if ((ret = mbedtls_cipher_crypt(&transform->cipher_ctx_enc,
+                                        transform->iv_enc, transform->ivlen,
+                                        data, rec->data_len,
+                                        data, &olen)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_crypt", ret);
+            return ret;
+        }
+
+        if (rec->data_len != olen) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        }
+    } else
+#endif /* MBEDTLS_ARC4_C || MBEDTLS_CIPHER_NULL_CIPHER */
+
+#if defined(MBEDTLS_GCM_C) || \
+    defined(MBEDTLS_CCM_C) || \
+    defined(MBEDTLS_CHACHAPOLY_C)
+    if (mode == MBEDTLS_MODE_GCM ||
+        mode == MBEDTLS_MODE_CCM ||
+        mode == MBEDTLS_MODE_CHACHAPOLY) {
+        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+        unsigned char iv[12];
+        unsigned char *dynamic_iv;
+        size_t dynamic_iv_len;
+        int dynamic_iv_is_explicit =
+            ssl_transform_aead_dynamic_iv_is_explicit(transform);
+
+        /* Check that there's space for the authentication tag. */
+        if (post_avail < transform->taglen) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer provided for encrypted record not large enough"));
+            return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
+        }
+
+        /*
+         * Build nonce for AEAD encryption.
+         *
+         * Note: In the case of CCM and GCM in TLS 1.2, the dynamic
+         *       part of the IV is prepended to the ciphertext and
+         *       can be chosen freely - in particular, it need not
+         *       agree with the record sequence number.
+         *       However, since ChaChaPoly as well as all AEAD modes
+         *       in TLS 1.3 use the record sequence number as the
+         *       dynamic part of the nonce, we uniformly use the
+         *       record sequence number here in all cases.
+         */
+        dynamic_iv     = rec->ctr;
+        dynamic_iv_len = sizeof(rec->ctr);
+
+        ssl_build_record_nonce(iv, sizeof(iv),
+                               transform->iv_enc,
+                               transform->fixed_ivlen,
+                               dynamic_iv,
+                               dynamic_iv_len);
+
+        /*
+         * Build additional data for AEAD encryption.
+         * This depends on the TLS version.
+         */
+        ssl_extract_add_data_from_record(add_data, &add_data_len, rec,
+                                         transform->minor_ver);
+
+        MBEDTLS_SSL_DEBUG_BUF(4, "IV used (internal)",
+                              iv, transform->ivlen);
+        MBEDTLS_SSL_DEBUG_BUF(4, "IV used (transmitted)",
+                              dynamic_iv,
+                              dynamic_iv_is_explicit ? dynamic_iv_len : 0);
+        MBEDTLS_SSL_DEBUG_BUF(4, "additional data used for AEAD",
+                              add_data, add_data_len);
+        MBEDTLS_SSL_DEBUG_MSG(3, ("before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", "
+                                                                                    "including 0 bytes of padding",
+                                  rec->data_len));
+
+        /*
+         * Encrypt and authenticate
+         */
+
+        if ((ret = mbedtls_cipher_auth_encrypt_ext(&transform->cipher_ctx_enc,
+                                                   iv, transform->ivlen,
+                                                   add_data, add_data_len,
+                                                   data, rec->data_len, /* src */
+                                                   data, rec->buf_len - (data - rec->buf), /* dst */
+                                                   &rec->data_len,
+                                                   transform->taglen)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_auth_encrypt", ret);
+            return ret;
+        }
+        MBEDTLS_SSL_DEBUG_BUF(4, "after encrypt: tag",
+                              data + rec->data_len - transform->taglen,
+                              transform->taglen);
+        /* Account for authentication tag. */
+        post_avail -= transform->taglen;
+
+        /*
+         * Prefix record content with dynamic IV in case it is explicit.
+         */
+        if (dynamic_iv_is_explicit != 0) {
+            if (rec->data_offset < dynamic_iv_len) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer provided for encrypted record not large enough"));
+                return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
+            }
+
+            memcpy(data - dynamic_iv_len, dynamic_iv, dynamic_iv_len);
+            rec->data_offset -= dynamic_iv_len;
+            rec->data_len    += dynamic_iv_len;
+        }
+
+        auth_done++;
+    } else
+#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */
+#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC)
+    if (mode == MBEDTLS_MODE_CBC) {
+        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+        size_t padlen, i;
+        size_t olen;
+
+        /* Currently we're always using minimal padding
+         * (up to 255 bytes would be allowed). */
+        padlen = transform->ivlen - (rec->data_len + 1) % transform->ivlen;
+        if (padlen == transform->ivlen) {
+            padlen = 0;
+        }
+
+        /* Check there's enough space in the buffer for the padding. */
+        if (post_avail < padlen + 1) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer provided for encrypted record not large enough"));
+            return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
+        }
+
+        for (i = 0; i <= padlen; i++) {
+            data[rec->data_len + i] = (unsigned char) padlen;
+        }
+
+        rec->data_len += padlen + 1;
+        post_avail -= padlen + 1;
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        /*
+         * Prepend per-record IV for block cipher in TLS v1.1 and up as per
+         * Method 1 (6.2.3.2. in RFC4346 and RFC5246)
+         */
+        if (transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2) {
+            if (f_rng == NULL) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("No PRNG provided to encrypt_record routine"));
+                return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+            }
+
+            if (rec->data_offset < transform->ivlen) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer provided for encrypted record not large enough"));
+                return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
+            }
+
+            /*
+             * Generate IV
+             */
+            ret = f_rng(p_rng, transform->iv_enc, transform->ivlen);
+            if (ret != 0) {
+                return ret;
+            }
+
+            memcpy(data - transform->ivlen, transform->iv_enc,
+                   transform->ivlen);
+
+        }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */
+
+        MBEDTLS_SSL_DEBUG_MSG(3, ("before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", "
+                                                                                    "including %"
+                                  MBEDTLS_PRINTF_SIZET
+                                  " bytes of IV and %" MBEDTLS_PRINTF_SIZET " bytes of padding",
+                                  rec->data_len, transform->ivlen,
+                                  padlen + 1));
+
+        if ((ret = mbedtls_cipher_crypt(&transform->cipher_ctx_enc,
+                                        transform->iv_enc,
+                                        transform->ivlen,
+                                        data, rec->data_len,
+                                        data, &olen)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_crypt", ret);
+            return ret;
+        }
+
+        if (rec->data_len != olen) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        }
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1)
+        if (transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2) {
+            /*
+             * Save IV in SSL3 and TLS1
+             */
+            memcpy(transform->iv_enc, transform->cipher_ctx_enc.iv,
+                   transform->ivlen);
+        } else
+#endif
+        {
+            data             -= transform->ivlen;
+            rec->data_offset -= transform->ivlen;
+            rec->data_len    += transform->ivlen;
+        }
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+        if (auth_done == 0) {
+            unsigned char mac[MBEDTLS_SSL_MAC_ADD];
+
+            /*
+             * MAC(MAC_write_key, seq_num +
+             *     TLSCipherText.type +
+             *     TLSCipherText.version +
+             *     length_of( (IV +) ENC(...) ) +
+             *     IV + // except for TLS 1.0
+             *     ENC(content + padding + padding_length));
+             */
+
+            if (post_avail < transform->maclen) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer provided for encrypted record not large enough"));
+                return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
+            }
+
+            ssl_extract_add_data_from_record(add_data, &add_data_len,
+                                             rec, transform->minor_ver);
+
+            MBEDTLS_SSL_DEBUG_MSG(3, ("using encrypt then mac"));
+            MBEDTLS_SSL_DEBUG_BUF(4, "MAC'd meta-data", add_data,
+                                  add_data_len);
+
+            ret = mbedtls_md_hmac_update(&transform->md_ctx_enc, add_data,
+                                         add_data_len);
+            if (ret != 0) {
+                goto hmac_failed_etm_enabled;
+            }
+            ret = mbedtls_md_hmac_update(&transform->md_ctx_enc,
+                                         data, rec->data_len);
+            if (ret != 0) {
+                goto hmac_failed_etm_enabled;
+            }
+            ret = mbedtls_md_hmac_finish(&transform->md_ctx_enc, mac);
+            if (ret != 0) {
+                goto hmac_failed_etm_enabled;
+            }
+            ret = mbedtls_md_hmac_reset(&transform->md_ctx_enc);
+            if (ret != 0) {
+                goto hmac_failed_etm_enabled;
+            }
+
+            memcpy(data + rec->data_len, mac, transform->maclen);
+
+            rec->data_len += transform->maclen;
+            post_avail -= transform->maclen;
+            auth_done++;
+
+hmac_failed_etm_enabled:
+            mbedtls_platform_zeroize(mac, transform->maclen);
+            if (ret != 0) {
+                MBEDTLS_SSL_DEBUG_RET(1, "HMAC calculation failed", ret);
+                return ret;
+            }
+        }
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+    } else
+#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC) */
+    {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    /* Make extra sure authentication was performed, exactly once */
+    if (auth_done != 1) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= encrypt buf"));
+
+    return 0;
+}
+
+int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl,
+                            mbedtls_ssl_transform *transform,
+                            mbedtls_record *rec)
+{
+    size_t olen;
+    mbedtls_cipher_mode_t mode;
+    int ret, auth_done = 0;
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+    size_t padlen = 0, correct = 1;
+#endif
+    unsigned char *data;
+    unsigned char add_data[13 + 1 + MBEDTLS_SSL_CID_IN_LEN_MAX];
+    size_t add_data_len;
+
+#if !defined(MBEDTLS_DEBUG_C)
+    ssl = NULL; /* make sure we don't use it except for debug */
+    ((void) ssl);
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> decrypt buf"));
+    if (rec == NULL                     ||
+        rec->buf == NULL                ||
+        rec->buf_len < rec->data_offset ||
+        rec->buf_len - rec->data_offset < rec->data_len) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad record structure provided to decrypt_buf"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    data = rec->buf + rec->data_offset;
+    mode = mbedtls_cipher_get_cipher_mode(&transform->cipher_ctx_dec);
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    /*
+     * Match record's CID with incoming CID.
+     */
+    if (rec->cid_len != transform->in_cid_len ||
+        memcmp(rec->cid, transform->in_cid, rec->cid_len) != 0) {
+        return MBEDTLS_ERR_SSL_UNEXPECTED_CID;
+    }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
+    if (mode == MBEDTLS_MODE_STREAM) {
+        if (rec->data_len < transform->maclen) {
+            MBEDTLS_SSL_DEBUG_MSG(1,
+                                  ("Record too short for MAC:"
+                                   " %" MBEDTLS_PRINTF_SIZET " < %" MBEDTLS_PRINTF_SIZET,
+                                   rec->data_len, transform->maclen));
+            return MBEDTLS_ERR_SSL_INVALID_MAC;
+        }
+
+        padlen = 0;
+        if ((ret = mbedtls_cipher_crypt(&transform->cipher_ctx_dec,
+                                        transform->iv_dec,
+                                        transform->ivlen,
+                                        data, rec->data_len,
+                                        data, &olen)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_crypt", ret);
+            return ret;
+        }
+
+        if (rec->data_len != olen) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        }
+    } else
+#endif /* MBEDTLS_ARC4_C || MBEDTLS_CIPHER_NULL_CIPHER */
+#if defined(MBEDTLS_GCM_C) || \
+    defined(MBEDTLS_CCM_C) || \
+    defined(MBEDTLS_CHACHAPOLY_C)
+    if (mode == MBEDTLS_MODE_GCM ||
+        mode == MBEDTLS_MODE_CCM ||
+        mode == MBEDTLS_MODE_CHACHAPOLY) {
+        unsigned char iv[12];
+        unsigned char *dynamic_iv;
+        size_t dynamic_iv_len;
+
+        /*
+         * Extract dynamic part of nonce for AEAD decryption.
+         *
+         * Note: In the case of CCM and GCM in TLS 1.2, the dynamic
+         *       part of the IV is prepended to the ciphertext and
+         *       can be chosen freely - in particular, it need not
+         *       agree with the record sequence number.
+         */
+        dynamic_iv_len = sizeof(rec->ctr);
+        if (ssl_transform_aead_dynamic_iv_is_explicit(transform) == 1) {
+            if (rec->data_len < dynamic_iv_len) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("msglen (%" MBEDTLS_PRINTF_SIZET
+                                          " ) < explicit_iv_len (%" MBEDTLS_PRINTF_SIZET ") ",
+                                          rec->data_len,
+                                          dynamic_iv_len));
+                return MBEDTLS_ERR_SSL_INVALID_MAC;
+            }
+            dynamic_iv = data;
+
+            data += dynamic_iv_len;
+            rec->data_offset += dynamic_iv_len;
+            rec->data_len    -= dynamic_iv_len;
+        } else {
+            dynamic_iv = rec->ctr;
+        }
+
+        /* Check that there's space for the authentication tag. */
+        if (rec->data_len < transform->taglen) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("msglen (%" MBEDTLS_PRINTF_SIZET
+                                      ") < taglen (%" MBEDTLS_PRINTF_SIZET ") ",
+                                      rec->data_len,
+                                      transform->taglen));
+            return MBEDTLS_ERR_SSL_INVALID_MAC;
+        }
+        rec->data_len -= transform->taglen;
+
+        /*
+         * Prepare nonce from dynamic and static parts.
+         */
+        ssl_build_record_nonce(iv, sizeof(iv),
+                               transform->iv_dec,
+                               transform->fixed_ivlen,
+                               dynamic_iv,
+                               dynamic_iv_len);
+
+        /*
+         * Build additional data for AEAD encryption.
+         * This depends on the TLS version.
+         */
+        ssl_extract_add_data_from_record(add_data, &add_data_len, rec,
+                                         transform->minor_ver);
+        MBEDTLS_SSL_DEBUG_BUF(4, "additional data used for AEAD",
+                              add_data, add_data_len);
+
+        /* Because of the check above, we know that there are
+         * explicit_iv_len Bytes preceding data, and taglen
+         * bytes following data + data_len. This justifies
+         * the debug message and the invocation of
+         * mbedtls_cipher_auth_decrypt() below. */
+
+        MBEDTLS_SSL_DEBUG_BUF(4, "IV used", iv, transform->ivlen);
+        MBEDTLS_SSL_DEBUG_BUF(4, "TAG used", data + rec->data_len,
+                              transform->taglen);
+
+        /*
+         * Decrypt and authenticate
+         */
+        if ((ret = mbedtls_cipher_auth_decrypt_ext(&transform->cipher_ctx_dec,
+                                                   iv, transform->ivlen,
+                                                   add_data, add_data_len,
+                                                   data, rec->data_len + transform->taglen, /* src */
+                                                   data, rec->buf_len - (data - rec->buf), &olen, /* dst */
+                                                   transform->taglen)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_auth_decrypt", ret);
+
+            if (ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED) {
+                return MBEDTLS_ERR_SSL_INVALID_MAC;
+            }
+
+            return ret;
+        }
+        auth_done++;
+
+        /* Double-check that AEAD decryption doesn't change content length. */
+        if (olen != rec->data_len) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        }
+    } else
+#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C */
+#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC)
+    if (mode == MBEDTLS_MODE_CBC) {
+        size_t minlen = 0;
+
+        /*
+         * Check immediate ciphertext sanity
+         */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        if (transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2) {
+            /* The ciphertext is prefixed with the CBC IV. */
+            minlen += transform->ivlen;
+        }
+#endif
+
+        /* Size considerations:
+         *
+         * - The CBC cipher text must not be empty and hence
+         *   at least of size transform->ivlen.
+         *
+         * Together with the potential IV-prefix, this explains
+         * the first of the two checks below.
+         *
+         * - The record must contain a MAC, either in plain or
+         *   encrypted, depending on whether Encrypt-then-MAC
+         *   is used or not.
+         *   - If it is, the message contains the IV-prefix,
+         *     the CBC ciphertext, and the MAC.
+         *   - If it is not, the padded plaintext, and hence
+         *     the CBC ciphertext, has at least length maclen + 1
+         *     because there is at least the padding length byte.
+         *
+         * As the CBC ciphertext is not empty, both cases give the
+         * lower bound minlen + maclen + 1 on the record size, which
+         * we test for in the second check below.
+         */
+        if (rec->data_len < minlen + transform->ivlen ||
+            rec->data_len < minlen + transform->maclen + 1) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("msglen (%" MBEDTLS_PRINTF_SIZET
+                                      ") < max( ivlen(%" MBEDTLS_PRINTF_SIZET
+                                      "), maclen (%" MBEDTLS_PRINTF_SIZET ") "
+                                                                          "+ 1 ) ( + expl IV )",
+                                      rec->data_len,
+                                      transform->ivlen,
+                                      transform->maclen));
+            return MBEDTLS_ERR_SSL_INVALID_MAC;
+        }
+
+        /*
+         * Authenticate before decrypt if enabled
+         */
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+        if (transform->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED) {
+            unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD];
+
+            MBEDTLS_SSL_DEBUG_MSG(3, ("using encrypt then mac"));
+
+            /* Update data_len in tandem with add_data.
+             *
+             * The subtraction is safe because of the previous check
+             * data_len >= minlen + maclen + 1.
+             *
+             * Afterwards, we know that data + data_len is followed by at
+             * least maclen Bytes, which justifies the call to
+             * mbedtls_ct_memcmp() below.
+             *
+             * Further, we still know that data_len > minlen */
+            rec->data_len -= transform->maclen;
+            ssl_extract_add_data_from_record(add_data, &add_data_len, rec,
+                                             transform->minor_ver);
+
+            /* Calculate expected MAC. */
+            MBEDTLS_SSL_DEBUG_BUF(4, "MAC'd meta-data", add_data,
+                                  add_data_len);
+            ret = mbedtls_md_hmac_update(&transform->md_ctx_dec, add_data,
+                                         add_data_len);
+            if (ret != 0) {
+                goto hmac_failed_etm_enabled;
+            }
+            ret = mbedtls_md_hmac_update(&transform->md_ctx_dec,
+                                         data, rec->data_len);
+            if (ret != 0) {
+                goto hmac_failed_etm_enabled;
+            }
+            ret = mbedtls_md_hmac_finish(&transform->md_ctx_dec, mac_expect);
+            if (ret != 0) {
+                goto hmac_failed_etm_enabled;
+            }
+            ret = mbedtls_md_hmac_reset(&transform->md_ctx_dec);
+            if (ret != 0) {
+                goto hmac_failed_etm_enabled;
+            }
+
+            MBEDTLS_SSL_DEBUG_BUF(4, "message  mac", data + rec->data_len,
+                                  transform->maclen);
+            MBEDTLS_SSL_DEBUG_BUF(4, "expected mac", mac_expect,
+                                  transform->maclen);
+
+            /* Compare expected MAC with MAC at the end of the record. */
+            if (mbedtls_ct_memcmp(data + rec->data_len, mac_expect,
+                                  transform->maclen) != 0) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("message mac does not match"));
+                ret = MBEDTLS_ERR_SSL_INVALID_MAC;
+                goto hmac_failed_etm_enabled;
+            }
+            auth_done++;
+
+hmac_failed_etm_enabled:
+            mbedtls_platform_zeroize(mac_expect, transform->maclen);
+            if (ret != 0) {
+                if (ret != MBEDTLS_ERR_SSL_INVALID_MAC) {
+                    MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_hmac_xxx", ret);
+                }
+                return ret;
+            }
+        }
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+
+        /*
+         * Check length sanity
+         */
+
+        /* We know from above that data_len > minlen >= 0,
+         * so the following check in particular implies that
+         * data_len >= minlen + ivlen ( = minlen or 2 * minlen ). */
+        if (rec->data_len % transform->ivlen != 0) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("msglen (%" MBEDTLS_PRINTF_SIZET
+                                      ") %% ivlen (%" MBEDTLS_PRINTF_SIZET ") != 0",
+                                      rec->data_len, transform->ivlen));
+            return MBEDTLS_ERR_SSL_INVALID_MAC;
+        }
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        /*
+         * Initialize for prepended IV for block cipher in TLS v1.1 and up
+         */
+        if (transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2) {
+            /* Safe because data_len >= minlen + ivlen = 2 * ivlen. */
+            memcpy(transform->iv_dec, data, transform->ivlen);
+
+            data += transform->ivlen;
+            rec->data_offset += transform->ivlen;
+            rec->data_len -= transform->ivlen;
+        }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */
+
+        /* We still have data_len % ivlen == 0 and data_len >= ivlen here. */
+
+        if ((ret = mbedtls_cipher_crypt(&transform->cipher_ctx_dec,
+                                        transform->iv_dec, transform->ivlen,
+                                        data, rec->data_len, data, &olen)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_crypt", ret);
+            return ret;
+        }
+
+        /* Double-check that length hasn't changed during decryption. */
+        if (rec->data_len != olen) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        }
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1)
+        if (transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2) {
+            /*
+             * Save IV in SSL3 and TLS1, where CBC decryption of consecutive
+             * records is equivalent to CBC decryption of the concatenation
+             * of the records; in other words, IVs are maintained across
+             * record decryptions.
+             */
+            memcpy(transform->iv_dec, transform->cipher_ctx_dec.iv,
+                   transform->ivlen);
+        }
+#endif
+
+        /* Safe since data_len >= minlen + maclen + 1, so after having
+         * subtracted at most minlen and maclen up to this point,
+         * data_len > 0 (because of data_len % ivlen == 0, it's actually
+         * >= ivlen ). */
+        padlen = data[rec->data_len - 1];
+
+        if (auth_done == 1) {
+            const size_t mask = mbedtls_ct_size_mask_ge(
+                rec->data_len,
+                padlen + 1);
+            correct &= mask;
+            padlen  &= mask;
+        } else {
+#if defined(MBEDTLS_SSL_DEBUG_ALL)
+            if (rec->data_len < transform->maclen + padlen + 1) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("msglen (%" MBEDTLS_PRINTF_SIZET
+                                          ") < maclen (%" MBEDTLS_PRINTF_SIZET
+                                          ") + padlen (%" MBEDTLS_PRINTF_SIZET ")",
+                                          rec->data_len,
+                                          transform->maclen,
+                                          padlen + 1));
+            }
+#endif
+
+            const size_t mask = mbedtls_ct_size_mask_ge(
+                rec->data_len,
+                transform->maclen + padlen + 1);
+            correct &= mask;
+            padlen  &= mask;
+        }
+
+        padlen++;
+
+        /* Regardless of the validity of the padding,
+         * we have data_len >= padlen here. */
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+        if (transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) {
+            /* This is the SSL 3.0 path, we don't have to worry about Lucky
+             * 13, because there's a strictly worse padding attack built in
+             * the protocol (known as part of POODLE), so we don't care if the
+             * code is not constant-time, in particular branches are OK. */
+            if (padlen > transform->ivlen) {
+#if defined(MBEDTLS_SSL_DEBUG_ALL)
+                MBEDTLS_SSL_DEBUG_MSG(1, ("bad padding length: is %" MBEDTLS_PRINTF_SIZET ", "
+                                                                                          "should be no more than %"
+                                          MBEDTLS_PRINTF_SIZET,
+                                          padlen, transform->ivlen));
+#endif
+                correct = 0;
+            }
+        } else
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+        defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        if (transform->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0) {
+            /* The padding check involves a series of up to 256
+             * consecutive memory reads at the end of the record
+             * plaintext buffer. In order to hide the length and
+             * validity of the padding, always perform exactly
+             * `min(256,plaintext_len)` reads (but take into account
+             * only the last `padlen` bytes for the padding check). */
+            size_t pad_count = 0;
+            volatile unsigned char * const check = data;
+
+            /* Index of first padding byte; it has been ensured above
+             * that the subtraction is safe. */
+            size_t const padding_idx = rec->data_len - padlen;
+            size_t const num_checks = rec->data_len <= 256 ? rec->data_len : 256;
+            size_t const start_idx = rec->data_len - num_checks;
+            size_t idx;
+
+            for (idx = start_idx; idx < rec->data_len; idx++) {
+                /* pad_count += (idx >= padding_idx) &&
+                 *              (check[idx] == padlen - 1);
+                 */
+                const size_t mask = mbedtls_ct_size_mask_ge(idx, padding_idx);
+                const size_t equal = mbedtls_ct_size_bool_eq(check[idx],
+                                                             padlen - 1);
+                pad_count += mask & equal;
+            }
+            correct &= mbedtls_ct_size_bool_eq(pad_count, padlen);
+
+#if defined(MBEDTLS_SSL_DEBUG_ALL)
+            if (padlen > 0 && correct == 0) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("bad padding byte detected"));
+            }
+#endif
+            padlen &= mbedtls_ct_size_mask(correct);
+        } else
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
+          MBEDTLS_SSL_PROTO_TLS1_2 */
+        {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        }
+
+        /* If the padding was found to be invalid, padlen == 0
+         * and the subtraction is safe. If the padding was found valid,
+         * padlen hasn't been changed and the previous assertion
+         * data_len >= padlen still holds. */
+        rec->data_len -= padlen;
+    } else
+#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC */
+    {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+#if defined(MBEDTLS_SSL_DEBUG_ALL)
+    MBEDTLS_SSL_DEBUG_BUF(4, "raw buffer after decryption",
+                          data, rec->data_len);
+#endif
+
+    /*
+     * Authenticate if not done yet.
+     * Compute the MAC regardless of the padding result (RFC4346, CBCTIME).
+     */
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+    if (auth_done == 0) {
+        unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD] = { 0 };
+        unsigned char mac_peer[MBEDTLS_SSL_MAC_ADD] = { 0 };
+
+        /* For CBC+MAC, If the initial value of padlen was such that
+         * data_len < maclen + padlen + 1, then padlen
+         * got reset to 1, and the initial check
+         * data_len >= minlen + maclen + 1
+         * guarantees that at this point we still
+         * have at least data_len >= maclen.
+         *
+         * If the initial value of padlen was such that
+         * data_len >= maclen + padlen + 1, then we have
+         * subtracted either padlen + 1 (if the padding was correct)
+         * or 0 (if the padding was incorrect) since then,
+         * hence data_len >= maclen in any case.
+         *
+         * For stream ciphers, we checked above that
+         * data_len >= maclen.
+         */
+        rec->data_len -= transform->maclen;
+        ssl_extract_add_data_from_record(add_data, &add_data_len, rec,
+                                         transform->minor_ver);
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+        if (transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) {
+            ret = ssl_mac(&transform->md_ctx_dec,
+                          transform->mac_dec,
+                          data, rec->data_len,
+                          rec->ctr, rec->type,
+                          mac_expect);
+            if (ret != 0) {
+                MBEDTLS_SSL_DEBUG_RET(1, "ssl_mac", ret);
+                goto hmac_failed_etm_disabled;
+            }
+            memcpy(mac_peer, data + rec->data_len, transform->maclen);
+        } else
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+        defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        if (transform->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0) {
+            /*
+             * The next two sizes are the minimum and maximum values of
+             * data_len over all padlen values.
+             *
+             * They're independent of padlen, since we previously did
+             * data_len -= padlen.
+             *
+             * Note that max_len + maclen is never more than the buffer
+             * length, as we previously did in_msglen -= maclen too.
+             */
+            const size_t max_len = rec->data_len + padlen;
+            const size_t min_len = (max_len > 256) ? max_len - 256 : 0;
+
+            ret = mbedtls_ct_hmac(&transform->md_ctx_dec,
+                                  add_data, add_data_len,
+                                  data, rec->data_len, min_len, max_len,
+                                  mac_expect);
+            if (ret != 0) {
+                MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ct_hmac", ret);
+                goto hmac_failed_etm_disabled;
+            }
+
+            mbedtls_ct_memcpy_offset(mac_peer, data,
+                                     rec->data_len,
+                                     min_len, max_len,
+                                     transform->maclen);
+        } else
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
+              MBEDTLS_SSL_PROTO_TLS1_2 */
+        {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        }
+
+#if defined(MBEDTLS_SSL_DEBUG_ALL)
+        MBEDTLS_SSL_DEBUG_BUF(4, "expected mac", mac_expect, transform->maclen);
+        MBEDTLS_SSL_DEBUG_BUF(4, "message  mac", mac_peer, transform->maclen);
+#endif
+
+        if (mbedtls_ct_memcmp(mac_peer, mac_expect,
+                              transform->maclen) != 0) {
+#if defined(MBEDTLS_SSL_DEBUG_ALL)
+            MBEDTLS_SSL_DEBUG_MSG(1, ("message mac does not match"));
+#endif
+            correct = 0;
+        }
+        auth_done++;
+
+hmac_failed_etm_disabled:
+        mbedtls_platform_zeroize(mac_peer, transform->maclen);
+        mbedtls_platform_zeroize(mac_expect, transform->maclen);
+        if (ret != 0) {
+            return ret;
+        }
+    }
+
+    /*
+     * Finally check the correct flag
+     */
+    if (correct == 0) {
+        return MBEDTLS_ERR_SSL_INVALID_MAC;
+    }
+#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
+
+    /* Make extra sure authentication was performed, exactly once */
+    if (auth_done != 1) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+    if (transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4) {
+        /* Remove inner padding and infer true content type. */
+        ret = ssl_parse_inner_plaintext(data, &rec->data_len,
+                                        &rec->type);
+
+        if (ret != 0) {
+            return MBEDTLS_ERR_SSL_INVALID_RECORD;
+        }
+    }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    if (rec->cid_len != 0) {
+        ret = ssl_parse_inner_plaintext(data, &rec->data_len,
+                                        &rec->type);
+        if (ret != 0) {
+            return MBEDTLS_ERR_SSL_INVALID_RECORD;
+        }
+    }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= decrypt buf"));
+
+    return 0;
+}
+
+#undef MAC_NONE
+#undef MAC_PLAINTEXT
+#undef MAC_CIPHERTEXT
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+/*
+ * Compression/decompression functions
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_compress_buf(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *msg_post = ssl->out_msg;
+    ptrdiff_t bytes_written = ssl->out_msg - ssl->out_buf;
+    size_t len_pre = ssl->out_msglen;
+    unsigned char *msg_pre = ssl->compress_buf;
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+    size_t out_buf_len = ssl->out_buf_len;
+#else
+    size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN;
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> compress buf"));
+
+    if (len_pre == 0) {
+        return 0;
+    }
+
+    memcpy(msg_pre, ssl->out_msg, len_pre);
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("before compression: msglen = %" MBEDTLS_PRINTF_SIZET ", ",
+                              ssl->out_msglen));
+
+    MBEDTLS_SSL_DEBUG_BUF(4, "before compression: output payload",
+                          ssl->out_msg, ssl->out_msglen);
+
+    ssl->transform_out->ctx_deflate.next_in = msg_pre;
+    ssl->transform_out->ctx_deflate.avail_in = len_pre;
+    ssl->transform_out->ctx_deflate.next_out = msg_post;
+    ssl->transform_out->ctx_deflate.avail_out = out_buf_len - bytes_written;
+
+    ret = deflate(&ssl->transform_out->ctx_deflate, Z_SYNC_FLUSH);
+    if (ret != Z_OK) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("failed to perform compression (%d)", ret));
+        return MBEDTLS_ERR_SSL_COMPRESSION_FAILED;
+    }
+
+    ssl->out_msglen = out_buf_len -
+                      ssl->transform_out->ctx_deflate.avail_out - bytes_written;
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("after compression: msglen = %" MBEDTLS_PRINTF_SIZET ", ",
+                              ssl->out_msglen));
+
+    MBEDTLS_SSL_DEBUG_BUF(4, "after compression: output payload",
+                          ssl->out_msg, ssl->out_msglen);
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= compress buf"));
+
+    return 0;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_decompress_buf(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *msg_post = ssl->in_msg;
+    ptrdiff_t header_bytes = ssl->in_msg - ssl->in_buf;
+    size_t len_pre = ssl->in_msglen;
+    unsigned char *msg_pre = ssl->compress_buf;
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+    size_t in_buf_len = ssl->in_buf_len;
+#else
+    size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN;
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> decompress buf"));
+
+    if (len_pre == 0) {
+        return 0;
+    }
+
+    memcpy(msg_pre, ssl->in_msg, len_pre);
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("before decompression: msglen = %" MBEDTLS_PRINTF_SIZET ", ",
+                              ssl->in_msglen));
+
+    MBEDTLS_SSL_DEBUG_BUF(4, "before decompression: input payload",
+                          ssl->in_msg, ssl->in_msglen);
+
+    ssl->transform_in->ctx_inflate.next_in = msg_pre;
+    ssl->transform_in->ctx_inflate.avail_in = len_pre;
+    ssl->transform_in->ctx_inflate.next_out = msg_post;
+    ssl->transform_in->ctx_inflate.avail_out = in_buf_len - header_bytes;
+
+    ret = inflate(&ssl->transform_in->ctx_inflate, Z_SYNC_FLUSH);
+    if (ret != Z_OK) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("failed to perform decompression (%d)", ret));
+        return MBEDTLS_ERR_SSL_COMPRESSION_FAILED;
+    }
+
+    ssl->in_msglen = in_buf_len -
+                     ssl->transform_in->ctx_inflate.avail_out - header_bytes;
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("after decompression: msglen = %" MBEDTLS_PRINTF_SIZET ", ",
+                              ssl->in_msglen));
+
+    MBEDTLS_SSL_DEBUG_BUF(4, "after decompression: input payload",
+                          ssl->in_msg, ssl->in_msglen);
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= decompress buf"));
+
+    return 0;
+}
+#endif /* MBEDTLS_ZLIB_SUPPORT */
+
+/*
+ * Fill the input message buffer by appending data to it.
+ * The amount of data already fetched is in ssl->in_left.
+ *
+ * If we return 0, is it guaranteed that (at least) nb_want bytes are
+ * available (from this read and/or a previous one). Otherwise, an error code
+ * is returned (possibly EOF or WANT_READ).
+ *
+ * With stream transport (TLS) on success ssl->in_left == nb_want, but
+ * with datagram transport (DTLS) on success ssl->in_left >= nb_want,
+ * since we always read a whole datagram at once.
+ *
+ * For DTLS, it is up to the caller to set ssl->next_record_offset when
+ * they're done reading a record.
+ */
+int mbedtls_ssl_fetch_input(mbedtls_ssl_context *ssl, size_t nb_want)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+    size_t in_buf_len = ssl->in_buf_len;
+#else
+    size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN;
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> fetch input"));
+
+    if (ssl->f_recv == NULL && ssl->f_recv_timeout == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("Bad usage of mbedtls_ssl_set_bio() "));
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    if (nb_want > in_buf_len - (size_t) (ssl->in_hdr - ssl->in_buf)) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("requesting more data than fits"));
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        uint32_t timeout;
+
+        /*
+         * The point is, we need to always read a full datagram at once, so we
+         * sometimes read more then requested, and handle the additional data.
+         * It could be the rest of the current record (while fetching the
+         * header) and/or some other records in the same datagram.
+         */
+
+        /*
+         * Move to the next record in the already read datagram if applicable
+         */
+        if (ssl->next_record_offset != 0) {
+            if (ssl->in_left < ssl->next_record_offset) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+                return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+            }
+
+            ssl->in_left -= ssl->next_record_offset;
+
+            if (ssl->in_left != 0) {
+                MBEDTLS_SSL_DEBUG_MSG(2, ("next record in same datagram, offset: %"
+                                          MBEDTLS_PRINTF_SIZET,
+                                          ssl->next_record_offset));
+                memmove(ssl->in_hdr,
+                        ssl->in_hdr + ssl->next_record_offset,
+                        ssl->in_left);
+            }
+
+            ssl->next_record_offset = 0;
+        }
+
+        MBEDTLS_SSL_DEBUG_MSG(2, ("in_left: %" MBEDTLS_PRINTF_SIZET
+                                  ", nb_want: %" MBEDTLS_PRINTF_SIZET,
+                                  ssl->in_left, nb_want));
+
+        /*
+         * Done if we already have enough data.
+         */
+        if (nb_want <= ssl->in_left) {
+            MBEDTLS_SSL_DEBUG_MSG(2, ("<= fetch input"));
+            return 0;
+        }
+
+        /*
+         * A record can't be split across datagrams. If we need to read but
+         * are not at the beginning of a new record, the caller did something
+         * wrong.
+         */
+        if (ssl->in_left != 0) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        }
+
+        /*
+         * Don't even try to read if time's out already.
+         * This avoids by-passing the timer when repeatedly receiving messages
+         * that will end up being dropped.
+         */
+        if (mbedtls_ssl_check_timer(ssl) != 0) {
+            MBEDTLS_SSL_DEBUG_MSG(2, ("timer has expired"));
+            ret = MBEDTLS_ERR_SSL_TIMEOUT;
+        } else {
+            len = in_buf_len - (ssl->in_hdr - ssl->in_buf);
+
+            if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) {
+                timeout = ssl->handshake->retransmit_timeout;
+            } else {
+                timeout = ssl->conf->read_timeout;
+            }
+
+            MBEDTLS_SSL_DEBUG_MSG(3, ("f_recv_timeout: %lu ms", (unsigned long) timeout));
+
+            if (ssl->f_recv_timeout != NULL) {
+                ret = ssl->f_recv_timeout(ssl->p_bio, ssl->in_hdr, len,
+                                          timeout);
+            } else {
+                ret = ssl->f_recv(ssl->p_bio, ssl->in_hdr, len);
+            }
+
+            MBEDTLS_SSL_DEBUG_RET(2, "ssl->f_recv(_timeout)", ret);
+
+            if (ret == 0) {
+                return MBEDTLS_ERR_SSL_CONN_EOF;
+            }
+        }
+
+        if (ret == MBEDTLS_ERR_SSL_TIMEOUT) {
+            MBEDTLS_SSL_DEBUG_MSG(2, ("timeout"));
+            mbedtls_ssl_set_timer(ssl, 0);
+
+            if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) {
+                if (ssl_double_retransmit_timeout(ssl) != 0) {
+                    MBEDTLS_SSL_DEBUG_MSG(1, ("handshake timeout"));
+                    return MBEDTLS_ERR_SSL_TIMEOUT;
+                }
+
+                if ((ret = mbedtls_ssl_resend(ssl)) != 0) {
+                    MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_resend", ret);
+                    return ret;
+                }
+
+                return MBEDTLS_ERR_SSL_WANT_READ;
+            }
+#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION)
+            else if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
+                     ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING) {
+                if ((ret = mbedtls_ssl_resend_hello_request(ssl)) != 0) {
+                    MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_resend_hello_request",
+                                          ret);
+                    return ret;
+                }
+
+                return MBEDTLS_ERR_SSL_WANT_READ;
+            }
+#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */
+        }
+
+        if (ret < 0) {
+            return ret;
+        }
+
+        ssl->in_left = ret;
+    } else
+#endif
+    {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("in_left: %" MBEDTLS_PRINTF_SIZET
+                                  ", nb_want: %" MBEDTLS_PRINTF_SIZET,
+                                  ssl->in_left, nb_want));
+
+        while (ssl->in_left < nb_want) {
+            len = nb_want - ssl->in_left;
+
+            if (mbedtls_ssl_check_timer(ssl) != 0) {
+                ret = MBEDTLS_ERR_SSL_TIMEOUT;
+            } else {
+                if (ssl->f_recv_timeout != NULL) {
+                    ret = ssl->f_recv_timeout(ssl->p_bio,
+                                              ssl->in_hdr + ssl->in_left, len,
+                                              ssl->conf->read_timeout);
+                } else {
+                    ret = ssl->f_recv(ssl->p_bio,
+                                      ssl->in_hdr + ssl->in_left, len);
+                }
+            }
+
+            MBEDTLS_SSL_DEBUG_MSG(2, ("in_left: %" MBEDTLS_PRINTF_SIZET
+                                      ", nb_want: %" MBEDTLS_PRINTF_SIZET,
+                                      ssl->in_left, nb_want));
+            MBEDTLS_SSL_DEBUG_RET(2, "ssl->f_recv(_timeout)", ret);
+
+            if (ret == 0) {
+                return MBEDTLS_ERR_SSL_CONN_EOF;
+            }
+
+            if (ret < 0) {
+                return ret;
+            }
+
+            if ((size_t) ret > len || (INT_MAX > SIZE_MAX && ret > (int) SIZE_MAX)) {
+                MBEDTLS_SSL_DEBUG_MSG(1,
+                                      ("f_recv returned %d bytes but only %" MBEDTLS_PRINTF_SIZET
+                                       " were requested",
+                                       ret, len));
+                return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+            }
+
+            ssl->in_left += ret;
+        }
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= fetch input"));
+
+    return 0;
+}
+
+/*
+ * Flush any data not yet written
+ */
+int mbedtls_ssl_flush_output(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *buf;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> flush output"));
+
+    if (ssl->f_send == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("Bad usage of mbedtls_ssl_set_bio() "));
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    /* Avoid incrementing counter if data is flushed */
+    if (ssl->out_left == 0) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("<= flush output"));
+        return 0;
+    }
+
+    while (ssl->out_left > 0) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("message length: %" MBEDTLS_PRINTF_SIZET
+                                  ", out_left: %" MBEDTLS_PRINTF_SIZET,
+                                  mbedtls_ssl_out_hdr_len(ssl) + ssl->out_msglen, ssl->out_left));
+
+        buf = ssl->out_hdr - ssl->out_left;
+        ret = ssl->f_send(ssl->p_bio, buf, ssl->out_left);
+
+        MBEDTLS_SSL_DEBUG_RET(2, "ssl->f_send", ret);
+
+        if (ret <= 0) {
+            return ret;
+        }
+
+        if ((size_t) ret > ssl->out_left || (INT_MAX > SIZE_MAX && ret > (int) SIZE_MAX)) {
+            MBEDTLS_SSL_DEBUG_MSG(1,
+                                  ("f_send returned %d bytes but only %" MBEDTLS_PRINTF_SIZET
+                                   " bytes were sent",
+                                   ret, ssl->out_left));
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        }
+
+        ssl->out_left -= ret;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        ssl->out_hdr = ssl->out_buf;
+    } else
+#endif
+    {
+        ssl->out_hdr = ssl->out_buf + 8;
+    }
+    mbedtls_ssl_update_out_pointers(ssl, ssl->transform_out);
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= flush output"));
+
+    return 0;
+}
+
+/*
+ * Functions to handle the DTLS retransmission state machine
+ */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+/*
+ * Append current handshake message to current outgoing flight
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_flight_append(mbedtls_ssl_context *ssl)
+{
+    mbedtls_ssl_flight_item *msg;
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_flight_append"));
+    MBEDTLS_SSL_DEBUG_BUF(4, "message appended to flight",
+                          ssl->out_msg, ssl->out_msglen);
+
+    /* Allocate space for current message */
+    if ((msg = mbedtls_calloc(1, sizeof(mbedtls_ssl_flight_item))) == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("alloc %" MBEDTLS_PRINTF_SIZET " bytes failed",
+                                  sizeof(mbedtls_ssl_flight_item)));
+        return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+    }
+
+    if ((msg->p = mbedtls_calloc(1, ssl->out_msglen)) == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("alloc %" MBEDTLS_PRINTF_SIZET " bytes failed",
+                                  ssl->out_msglen));
+        mbedtls_free(msg);
+        return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+    }
+
+    /* Copy current handshake message with headers */
+    memcpy(msg->p, ssl->out_msg, ssl->out_msglen);
+    msg->len = ssl->out_msglen;
+    msg->type = ssl->out_msgtype;
+    msg->next = NULL;
+
+    /* Append to the current flight */
+    if (ssl->handshake->flight == NULL) {
+        ssl->handshake->flight = msg;
+    } else {
+        mbedtls_ssl_flight_item *cur = ssl->handshake->flight;
+        while (cur->next != NULL) {
+            cur = cur->next;
+        }
+        cur->next = msg;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_flight_append"));
+    return 0;
+}
+
+/*
+ * Free the current flight of handshake messages
+ */
+void mbedtls_ssl_flight_free(mbedtls_ssl_flight_item *flight)
+{
+    mbedtls_ssl_flight_item *cur = flight;
+    mbedtls_ssl_flight_item *next;
+
+    while (cur != NULL) {
+        next = cur->next;
+
+        mbedtls_free(cur->p);
+        mbedtls_free(cur);
+
+        cur = next;
+    }
+}
+
+/*
+ * Swap transform_out and out_ctr with the alternative ones
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_swap_epochs(mbedtls_ssl_context *ssl)
+{
+    mbedtls_ssl_transform *tmp_transform;
+    unsigned char tmp_out_ctr[8];
+
+    if (ssl->transform_out == ssl->handshake->alt_transform_out) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("skip swap epochs"));
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("swap epochs"));
+
+    /* Swap transforms */
+    tmp_transform                     = ssl->transform_out;
+    ssl->transform_out                = ssl->handshake->alt_transform_out;
+    ssl->handshake->alt_transform_out = tmp_transform;
+
+    /* Swap epoch + sequence_number */
+    memcpy(tmp_out_ctr,                 ssl->cur_out_ctr,            8);
+    memcpy(ssl->cur_out_ctr,            ssl->handshake->alt_out_ctr, 8);
+    memcpy(ssl->handshake->alt_out_ctr, tmp_out_ctr,                 8);
+
+    /* Adjust to the newly activated transform */
+    mbedtls_ssl_update_out_pointers(ssl, ssl->transform_out);
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+    if (mbedtls_ssl_hw_record_activate != NULL) {
+        int ret = mbedtls_ssl_hw_record_activate(ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND);
+        if (ret != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_activate", ret);
+            return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        }
+    }
+#endif
+
+    return 0;
+}
+
+/*
+ * Retransmit the current flight of messages.
+ */
+int mbedtls_ssl_resend(mbedtls_ssl_context *ssl)
+{
+    int ret = 0;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> mbedtls_ssl_resend"));
+
+    ret = mbedtls_ssl_flight_transmit(ssl);
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= mbedtls_ssl_resend"));
+
+    return ret;
+}
+
+/*
+ * Transmit or retransmit the current flight of messages.
+ *
+ * Need to remember the current message in case flush_output returns
+ * WANT_WRITE, causing us to exit this function and come back later.
+ * This function must be called until state is no longer SENDING.
+ */
+int mbedtls_ssl_flight_transmit(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> mbedtls_ssl_flight_transmit"));
+
+    if (ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("initialise flight transmission"));
+
+        ssl->handshake->cur_msg = ssl->handshake->flight;
+        ssl->handshake->cur_msg_p = ssl->handshake->flight->p + 12;
+        ret = ssl_swap_epochs(ssl);
+        if (ret != 0) {
+            return ret;
+        }
+
+        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_SENDING;
+    }
+
+    while (ssl->handshake->cur_msg != NULL) {
+        size_t max_frag_len;
+        const mbedtls_ssl_flight_item * const cur = ssl->handshake->cur_msg;
+
+        int const is_finished =
+            (cur->type == MBEDTLS_SSL_MSG_HANDSHAKE &&
+             cur->p[0] == MBEDTLS_SSL_HS_FINISHED);
+
+        uint8_t const force_flush = ssl->disable_datagram_packing == 1 ?
+                                    SSL_FORCE_FLUSH : SSL_DONT_FORCE_FLUSH;
+
+        /* Swap epochs before sending Finished: we can't do it after
+         * sending ChangeCipherSpec, in case write returns WANT_READ.
+         * Must be done before copying, may change out_msg pointer */
+        if (is_finished && ssl->handshake->cur_msg_p == (cur->p + 12)) {
+            MBEDTLS_SSL_DEBUG_MSG(2, ("swap epochs to send finished message"));
+            ret = ssl_swap_epochs(ssl);
+            if (ret != 0) {
+                return ret;
+            }
+        }
+
+        ret = ssl_get_remaining_payload_in_datagram(ssl);
+        if (ret < 0) {
+            return ret;
+        }
+        max_frag_len = (size_t) ret;
+
+        /* CCS is copied as is, while HS messages may need fragmentation */
+        if (cur->type == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC) {
+            if (max_frag_len == 0) {
+                if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) {
+                    return ret;
+                }
+
+                continue;
+            }
+
+            memcpy(ssl->out_msg, cur->p, cur->len);
+            ssl->out_msglen  = cur->len;
+            ssl->out_msgtype = cur->type;
+
+            /* Update position inside current message */
+            ssl->handshake->cur_msg_p += cur->len;
+        } else {
+            const unsigned char * const p = ssl->handshake->cur_msg_p;
+            const size_t hs_len = cur->len - 12;
+            const size_t frag_off = p - (cur->p + 12);
+            const size_t rem_len = hs_len - frag_off;
+            size_t cur_hs_frag_len, max_hs_frag_len;
+
+            if ((max_frag_len < 12) || (max_frag_len == 12 && hs_len != 0)) {
+                if (is_finished) {
+                    ret = ssl_swap_epochs(ssl);
+                    if (ret != 0) {
+                        return ret;
+                    }
+                }
+
+                if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) {
+                    return ret;
+                }
+
+                continue;
+            }
+            max_hs_frag_len = max_frag_len - 12;
+
+            cur_hs_frag_len = rem_len > max_hs_frag_len ?
+                              max_hs_frag_len : rem_len;
+
+            if (frag_off == 0 && cur_hs_frag_len != hs_len) {
+                MBEDTLS_SSL_DEBUG_MSG(2, ("fragmenting handshake message (%u > %u)",
+                                          (unsigned) cur_hs_frag_len,
+                                          (unsigned) max_hs_frag_len));
+            }
+
+            /* Messages are stored with handshake headers as if not fragmented,
+             * copy beginning of headers then fill fragmentation fields.
+             * Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */
+            memcpy(ssl->out_msg, cur->p, 6);
+
+            ssl->out_msg[6] = MBEDTLS_BYTE_2(frag_off);
+            ssl->out_msg[7] = MBEDTLS_BYTE_1(frag_off);
+            ssl->out_msg[8] = MBEDTLS_BYTE_0(frag_off);
+
+            ssl->out_msg[9] = MBEDTLS_BYTE_2(cur_hs_frag_len);
+            ssl->out_msg[10] = MBEDTLS_BYTE_1(cur_hs_frag_len);
+            ssl->out_msg[11] = MBEDTLS_BYTE_0(cur_hs_frag_len);
+
+            MBEDTLS_SSL_DEBUG_BUF(3, "handshake header", ssl->out_msg, 12);
+
+            /* Copy the handshake message content and set records fields */
+            memcpy(ssl->out_msg + 12, p, cur_hs_frag_len);
+            ssl->out_msglen = cur_hs_frag_len + 12;
+            ssl->out_msgtype = cur->type;
+
+            /* Update position inside current message */
+            ssl->handshake->cur_msg_p += cur_hs_frag_len;
+        }
+
+        /* If done with the current message move to the next one if any */
+        if (ssl->handshake->cur_msg_p >= cur->p + cur->len) {
+            if (cur->next != NULL) {
+                ssl->handshake->cur_msg = cur->next;
+                ssl->handshake->cur_msg_p = cur->next->p + 12;
+            } else {
+                ssl->handshake->cur_msg = NULL;
+                ssl->handshake->cur_msg_p = NULL;
+            }
+        }
+
+        /* Actually send the message out */
+        if ((ret = mbedtls_ssl_write_record(ssl, force_flush)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_record", ret);
+            return ret;
+        }
+    }
+
+    if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) {
+        return ret;
+    }
+
+    /* Update state and set timer */
+    if (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER) {
+        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED;
+    } else {
+        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING;
+        mbedtls_ssl_set_timer(ssl, ssl->handshake->retransmit_timeout);
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= mbedtls_ssl_flight_transmit"));
+
+    return 0;
+}
+
+/*
+ * To be called when the last message of an incoming flight is received.
+ */
+void mbedtls_ssl_recv_flight_completed(mbedtls_ssl_context *ssl)
+{
+    /* We won't need to resend that one any more */
+    mbedtls_ssl_flight_free(ssl->handshake->flight);
+    ssl->handshake->flight = NULL;
+    ssl->handshake->cur_msg = NULL;
+
+    /* The next incoming flight will start with this msg_seq */
+    ssl->handshake->in_flight_start_seq = ssl->handshake->in_msg_seq;
+
+    /* We don't want to remember CCS's across flight boundaries. */
+    ssl->handshake->buffering.seen_ccs = 0;
+
+    /* Clear future message buffering structure. */
+    mbedtls_ssl_buffering_free(ssl);
+
+    /* Cancel timer */
+    mbedtls_ssl_set_timer(ssl, 0);
+
+    if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
+        ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED) {
+        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED;
+    } else {
+        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING;
+    }
+}
+
+/*
+ * To be called when the last message of an outgoing flight is send.
+ */
+void mbedtls_ssl_send_flight_completed(mbedtls_ssl_context *ssl)
+{
+    ssl_reset_retransmit_timeout(ssl);
+    mbedtls_ssl_set_timer(ssl, ssl->handshake->retransmit_timeout);
+
+    if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
+        ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED) {
+        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED;
+    } else {
+        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING;
+    }
+}
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+/*
+ * Handshake layer functions
+ */
+
+/*
+ * Write (DTLS: or queue) current handshake (including CCS) message.
+ *
+ *  - fill in handshake headers
+ *  - update handshake checksum
+ *  - DTLS: save message for resending
+ *  - then pass to the record layer
+ *
+ * DTLS: except for HelloRequest, messages are only queued, and will only be
+ * actually sent when calling flight_transmit() or resend().
+ *
+ * Inputs:
+ *  - ssl->out_msglen: 4 + actual handshake message len
+ *      (4 is the size of handshake headers for TLS)
+ *  - ssl->out_msg[0]: the handshake type (ClientHello, ServerHello, etc)
+ *  - ssl->out_msg + 4: the handshake message body
+ *
+ * Outputs, ie state before passing to flight_append() or write_record():
+ *   - ssl->out_msglen: the length of the record contents
+ *      (including handshake headers but excluding record headers)
+ *   - ssl->out_msg: the record contents (handshake headers + content)
+ */
+int mbedtls_ssl_write_handshake_msg(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const size_t hs_len = ssl->out_msglen - 4;
+    const unsigned char hs_type = ssl->out_msg[0];
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write handshake message"));
+
+    /*
+     * Sanity checks
+     */
+    if (ssl->out_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE          &&
+        ssl->out_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC) {
+        /* In SSLv3, the client might send a NoCertificate alert. */
+#if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_CLI_C)
+        if (!(ssl->minor_ver      == MBEDTLS_SSL_MINOR_VERSION_0 &&
+              ssl->out_msgtype    == MBEDTLS_SSL_MSG_ALERT       &&
+              ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT))
+#endif /* MBEDTLS_SSL_PROTO_SSL3 && MBEDTLS_SSL_SRV_C */
+        {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        }
+    }
+
+    /* Whenever we send anything different from a
+     * HelloRequest we should be in a handshake - double check. */
+    if (!(ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
+          hs_type          == MBEDTLS_SSL_HS_HELLO_REQUEST) &&
+        ssl->handshake == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ssl->handshake != NULL &&
+        ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+#endif
+
+    /* Double-check that we did not exceed the bounds
+     * of the outgoing record buffer.
+     * This should never fail as the various message
+     * writing functions must obey the bounds of the
+     * outgoing record buffer, but better be safe.
+     *
+     * Note: We deliberately do not check for the MTU or MFL here.
+     */
+    if (ssl->out_msglen > MBEDTLS_SSL_OUT_CONTENT_LEN) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("Record too large: "
+                                  "size %" MBEDTLS_PRINTF_SIZET
+                                  ", maximum %" MBEDTLS_PRINTF_SIZET,
+                                  ssl->out_msglen,
+                                  (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    /*
+     * Fill handshake headers
+     */
+    if (ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE) {
+        ssl->out_msg[1] = MBEDTLS_BYTE_2(hs_len);
+        ssl->out_msg[2] = MBEDTLS_BYTE_1(hs_len);
+        ssl->out_msg[3] = MBEDTLS_BYTE_0(hs_len);
+
+        /*
+         * DTLS has additional fields in the Handshake layer,
+         * between the length field and the actual payload:
+         *      uint16 message_seq;
+         *      uint24 fragment_offset;
+         *      uint24 fragment_length;
+         */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+        if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+            /* Make room for the additional DTLS fields */
+            if (MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen < 8) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("DTLS handshake message too large: "
+                                          "size %" MBEDTLS_PRINTF_SIZET ", maximum %"
+                                          MBEDTLS_PRINTF_SIZET,
+                                          hs_len,
+                                          (size_t) (MBEDTLS_SSL_OUT_CONTENT_LEN - 12)));
+                return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+            }
+
+            memmove(ssl->out_msg + 12, ssl->out_msg + 4, hs_len);
+            ssl->out_msglen += 8;
+
+            /* Write message_seq and update it, except for HelloRequest */
+            if (hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST) {
+                MBEDTLS_PUT_UINT16_BE(ssl->handshake->out_msg_seq, ssl->out_msg, 4);
+                ++(ssl->handshake->out_msg_seq);
+            } else {
+                ssl->out_msg[4] = 0;
+                ssl->out_msg[5] = 0;
+            }
+
+            /* Handshake hashes are computed without fragmentation,
+             * so set frag_offset = 0 and frag_len = hs_len for now */
+            memset(ssl->out_msg + 6, 0x00, 3);
+            memcpy(ssl->out_msg + 9, ssl->out_msg + 1, 3);
+        }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+        /* Update running hashes of handshake messages seen */
+        if (hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST) {
+            ssl->handshake->update_checksum(ssl, ssl->out_msg, ssl->out_msglen);
+        }
+    }
+
+    /* Either send now, or just save to be sent (and resent) later */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        !(ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
+          hs_type          == MBEDTLS_SSL_HS_HELLO_REQUEST)) {
+        if ((ret = ssl_flight_append(ssl)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "ssl_flight_append", ret);
+            return ret;
+        }
+    } else
+#endif
+    {
+        if ((ret = mbedtls_ssl_write_record(ssl, SSL_FORCE_FLUSH)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_record", ret);
+            return ret;
+        }
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= write handshake message"));
+
+    return 0;
+}
+
+/*
+ * Record layer functions
+ */
+
+/*
+ * Write current record.
+ *
+ * Uses:
+ *  - ssl->out_msgtype: type of the message (AppData, Handshake, Alert, CCS)
+ *  - ssl->out_msglen: length of the record content (excl headers)
+ *  - ssl->out_msg: record content
+ */
+int mbedtls_ssl_write_record(mbedtls_ssl_context *ssl, uint8_t force_flush)
+{
+    int ret, done = 0;
+    size_t len = ssl->out_msglen;
+    uint8_t flush = force_flush;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write record"));
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    if (ssl->transform_out != NULL &&
+        ssl->session_out->compression == MBEDTLS_SSL_COMPRESS_DEFLATE) {
+        if ((ret = ssl_compress_buf(ssl)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "ssl_compress_buf", ret);
+            return ret;
+        }
+
+        len = ssl->out_msglen;
+    }
+#endif /*MBEDTLS_ZLIB_SUPPORT */
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+    if (mbedtls_ssl_hw_record_write != NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("going for mbedtls_ssl_hw_record_write()"));
+
+        ret = mbedtls_ssl_hw_record_write(ssl);
+        if (ret != 0 && ret != MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_write", ret);
+            return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        }
+
+        if (ret == 0) {
+            done = 1;
+        }
+    }
+#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
+    if (!done) {
+        unsigned i;
+        size_t protected_record_size;
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+        size_t out_buf_len = ssl->out_buf_len;
+#else
+        size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN;
+#endif
+        /* Skip writing the record content type to after the encryption,
+         * as it may change when using the CID extension. */
+
+        mbedtls_ssl_write_version(ssl->major_ver, ssl->minor_ver,
+                                  ssl->conf->transport, ssl->out_hdr + 1);
+
+        memcpy(ssl->out_ctr, ssl->cur_out_ctr, 8);
+        MBEDTLS_PUT_UINT16_BE(len, ssl->out_len, 0);
+
+        if (ssl->transform_out != NULL) {
+            mbedtls_record rec;
+
+            rec.buf         = ssl->out_iv;
+            rec.buf_len     = out_buf_len - (ssl->out_iv - ssl->out_buf);
+            rec.data_len    = ssl->out_msglen;
+            rec.data_offset = ssl->out_msg - rec.buf;
+
+            memcpy(&rec.ctr[0], ssl->out_ctr, 8);
+            mbedtls_ssl_write_version(ssl->major_ver, ssl->minor_ver,
+                                      ssl->conf->transport, rec.ver);
+            rec.type = ssl->out_msgtype;
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+            /* The CID is set by mbedtls_ssl_encrypt_buf(). */
+            rec.cid_len = 0;
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+            if ((ret = mbedtls_ssl_encrypt_buf(ssl, ssl->transform_out, &rec,
+                                               ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
+                MBEDTLS_SSL_DEBUG_RET(1, "ssl_encrypt_buf", ret);
+                return ret;
+            }
+
+            if (rec.data_offset != 0) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+                return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+            }
+
+            /* Update the record content type and CID. */
+            ssl->out_msgtype = rec.type;
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+            memcpy(ssl->out_cid, rec.cid, rec.cid_len);
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+            ssl->out_msglen = len = rec.data_len;
+            MBEDTLS_PUT_UINT16_BE(rec.data_len, ssl->out_len, 0);
+        }
+
+        protected_record_size = len + mbedtls_ssl_out_hdr_len(ssl);
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+        /* In case of DTLS, double-check that we don't exceed
+         * the remaining space in the datagram. */
+        if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+            ret = ssl_get_remaining_space_in_datagram(ssl);
+            if (ret < 0) {
+                return ret;
+            }
+
+            if (protected_record_size > (size_t) ret) {
+                /* Should never happen */
+                return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+            }
+        }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+        /* Now write the potentially updated record content type. */
+        ssl->out_hdr[0] = (unsigned char) ssl->out_msgtype;
+
+        MBEDTLS_SSL_DEBUG_MSG(3, ("output record: msgtype = %u, "
+                                  "version = [%u:%u], msglen = %" MBEDTLS_PRINTF_SIZET,
+                                  ssl->out_hdr[0], ssl->out_hdr[1],
+                                  ssl->out_hdr[2], len));
+
+        MBEDTLS_SSL_DEBUG_BUF(4, "output record sent to network",
+                              ssl->out_hdr, protected_record_size);
+
+        ssl->out_left += protected_record_size;
+        ssl->out_hdr  += protected_record_size;
+        mbedtls_ssl_update_out_pointers(ssl, ssl->transform_out);
+
+        for (i = 8; i > mbedtls_ssl_ep_len(ssl); i--) {
+            if (++ssl->cur_out_ctr[i - 1] != 0) {
+                break;
+            }
+        }
+
+        /* The loop goes to its end iff the counter is wrapping */
+        if (i == mbedtls_ssl_ep_len(ssl)) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("outgoing message counter would wrap"));
+            return MBEDTLS_ERR_SSL_COUNTER_WRAPPING;
+        }
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        flush == SSL_DONT_FORCE_FLUSH) {
+        size_t remaining;
+        ret = ssl_get_remaining_payload_in_datagram(ssl);
+        if (ret < 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "ssl_get_remaining_payload_in_datagram",
+                                  ret);
+            return ret;
+        }
+
+        remaining = (size_t) ret;
+        if (remaining == 0) {
+            flush = SSL_FORCE_FLUSH;
+        } else {
+            MBEDTLS_SSL_DEBUG_MSG(2,
+                                  ("Still %u bytes available in current datagram",
+                                   (unsigned) remaining));
+        }
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    if ((flush == SSL_FORCE_FLUSH) &&
+        (ret = mbedtls_ssl_flush_output(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_flush_output", ret);
+        return ret;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= write record"));
+
+    return 0;
+}
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_hs_is_proper_fragment(mbedtls_ssl_context *ssl)
+{
+    if (ssl->in_msglen < ssl->in_hslen ||
+        memcmp(ssl->in_msg + 6, "\0\0\0",        3) != 0 ||
+        memcmp(ssl->in_msg + 9, ssl->in_msg + 1, 3) != 0) {
+        return 1;
+    }
+    return 0;
+}
+
+static uint32_t ssl_get_hs_frag_len(mbedtls_ssl_context const *ssl)
+{
+    return (ssl->in_msg[9] << 16) |
+           (ssl->in_msg[10] << 8) |
+           ssl->in_msg[11];
+}
+
+static uint32_t ssl_get_hs_frag_off(mbedtls_ssl_context const *ssl)
+{
+    return (ssl->in_msg[6] << 16) |
+           (ssl->in_msg[7] << 8) |
+           ssl->in_msg[8];
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_check_hs_header(mbedtls_ssl_context const *ssl)
+{
+    uint32_t msg_len, frag_off, frag_len;
+
+    msg_len  = ssl_get_hs_total_len(ssl);
+    frag_off = ssl_get_hs_frag_off(ssl);
+    frag_len = ssl_get_hs_frag_len(ssl);
+
+    if (frag_off > msg_len) {
+        return -1;
+    }
+
+    if (frag_len > msg_len - frag_off) {
+        return -1;
+    }
+
+    if (frag_len + 12 > ssl->in_msglen) {
+        return -1;
+    }
+
+    return 0;
+}
+
+/*
+ * Mark bits in bitmask (used for DTLS HS reassembly)
+ */
+static void ssl_bitmask_set(unsigned char *mask, size_t offset, size_t len)
+{
+    unsigned int start_bits, end_bits;
+
+    start_bits = 8 - (offset % 8);
+    if (start_bits != 8) {
+        size_t first_byte_idx = offset / 8;
+
+        /* Special case */
+        if (len <= start_bits) {
+            for (; len != 0; len--) {
+                mask[first_byte_idx] |= 1 << (start_bits - len);
+            }
+
+            /* Avoid potential issues with offset or len becoming invalid */
+            return;
+        }
+
+        offset += start_bits; /* Now offset % 8 == 0 */
+        len -= start_bits;
+
+        for (; start_bits != 0; start_bits--) {
+            mask[first_byte_idx] |= 1 << (start_bits - 1);
+        }
+    }
+
+    end_bits = len % 8;
+    if (end_bits != 0) {
+        size_t last_byte_idx = (offset + len) / 8;
+
+        len -= end_bits; /* Now len % 8 == 0 */
+
+        for (; end_bits != 0; end_bits--) {
+            mask[last_byte_idx] |= 1 << (8 - end_bits);
+        }
+    }
+
+    memset(mask + offset / 8, 0xFF, len / 8);
+}
+
+/*
+ * Check that bitmask is full
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_bitmask_check(unsigned char *mask, size_t len)
+{
+    size_t i;
+
+    for (i = 0; i < len / 8; i++) {
+        if (mask[i] != 0xFF) {
+            return -1;
+        }
+    }
+
+    for (i = 0; i < len % 8; i++) {
+        if ((mask[len / 8] & (1 << (7 - i))) == 0) {
+            return -1;
+        }
+    }
+
+    return 0;
+}
+
+/* msg_len does not include the handshake header */
+static size_t ssl_get_reassembly_buffer_size(size_t msg_len,
+                                             unsigned add_bitmap)
+{
+    size_t alloc_len;
+
+    alloc_len  = 12;                                 /* Handshake header */
+    alloc_len += msg_len;                            /* Content buffer   */
+
+    if (add_bitmap) {
+        alloc_len += msg_len / 8 + (msg_len % 8 != 0);   /* Bitmap       */
+
+    }
+    return alloc_len;
+}
+
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+static uint32_t ssl_get_hs_total_len(mbedtls_ssl_context const *ssl)
+{
+    return (ssl->in_msg[1] << 16) |
+           (ssl->in_msg[2] << 8) |
+           ssl->in_msg[3];
+}
+
+int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl)
+{
+    if (ssl->in_msglen < mbedtls_ssl_hs_hdr_len(ssl)) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("handshake message too short: %" MBEDTLS_PRINTF_SIZET,
+                                  ssl->in_msglen));
+        return MBEDTLS_ERR_SSL_INVALID_RECORD;
+    }
+
+    ssl->in_hslen = mbedtls_ssl_hs_hdr_len(ssl) + ssl_get_hs_total_len(ssl);
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("handshake message: msglen ="
+                              " %" MBEDTLS_PRINTF_SIZET ", type = %u, hslen = %"
+                              MBEDTLS_PRINTF_SIZET,
+                              ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen));
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+        unsigned int recv_msg_seq = (ssl->in_msg[4] << 8) | ssl->in_msg[5];
+
+        if (ssl_check_hs_header(ssl) != 0) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("invalid handshake header"));
+            return MBEDTLS_ERR_SSL_INVALID_RECORD;
+        }
+
+        if (ssl->handshake != NULL &&
+            ((ssl->state   != MBEDTLS_SSL_HANDSHAKE_OVER &&
+              recv_msg_seq != ssl->handshake->in_msg_seq) ||
+             (ssl->state  == MBEDTLS_SSL_HANDSHAKE_OVER &&
+              ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO))) {
+            if (recv_msg_seq > ssl->handshake->in_msg_seq) {
+                MBEDTLS_SSL_DEBUG_MSG(2,
+                                      (
+                                          "received future handshake message of sequence number %u (next %u)",
+                                          recv_msg_seq,
+                                          ssl->handshake->in_msg_seq));
+                return MBEDTLS_ERR_SSL_EARLY_MESSAGE;
+            }
+
+            /* Retransmit only on last message from previous flight, to avoid
+             * too many retransmissions.
+             * Besides, No sane server ever retransmits HelloVerifyRequest */
+            if (recv_msg_seq == ssl->handshake->in_flight_start_seq - 1 &&
+                ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST) {
+                MBEDTLS_SSL_DEBUG_MSG(2, ("received message from last flight, "
+                                          "message_seq = %u, start_of_flight = %u",
+                                          recv_msg_seq,
+                                          ssl->handshake->in_flight_start_seq));
+
+                if ((ret = mbedtls_ssl_resend(ssl)) != 0) {
+                    MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_resend", ret);
+                    return ret;
+                }
+            } else {
+                MBEDTLS_SSL_DEBUG_MSG(2, ("dropping out-of-sequence message: "
+                                          "message_seq = %u, expected = %u",
+                                          recv_msg_seq,
+                                          ssl->handshake->in_msg_seq));
+            }
+
+            return MBEDTLS_ERR_SSL_CONTINUE_PROCESSING;
+        }
+        /* Wait until message completion to increment in_msg_seq */
+
+        /* Message reassembly is handled alongside buffering of future
+         * messages; the commonality is that both handshake fragments and
+         * future messages cannot be forwarded immediately to the
+         * handshake logic layer. */
+        if (ssl_hs_is_proper_fragment(ssl) == 1) {
+            MBEDTLS_SSL_DEBUG_MSG(2, ("found fragmented DTLS handshake message"));
+            return MBEDTLS_ERR_SSL_EARLY_MESSAGE;
+        }
+    } else
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+    /* With TLS we don't handle fragmentation (for now) */
+    if (ssl->in_msglen < ssl->in_hslen) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("TLS handshake fragmentation not supported"));
+        return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+    }
+
+    return 0;
+}
+
+void mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl)
+{
+    mbedtls_ssl_handshake_params * const hs = ssl->handshake;
+
+    if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && hs != NULL) {
+        ssl->handshake->update_checksum(ssl, ssl->in_msg, ssl->in_hslen);
+    }
+
+    /* Handshake message is complete, increment counter */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ssl->handshake != NULL) {
+        unsigned offset;
+        mbedtls_ssl_hs_buffer *hs_buf;
+
+        /* Increment handshake sequence number */
+        hs->in_msg_seq++;
+
+        /*
+         * Clear up handshake buffering and reassembly structure.
+         */
+
+        /* Free first entry */
+        ssl_buffering_free_slot(ssl, 0);
+
+        /* Shift all other entries */
+        for (offset = 0, hs_buf = &hs->buffering.hs[0];
+             offset + 1 < MBEDTLS_SSL_MAX_BUFFERED_HS;
+             offset++, hs_buf++) {
+            *hs_buf = *(hs_buf + 1);
+        }
+
+        /* Create a fresh last entry */
+        memset(hs_buf, 0, sizeof(mbedtls_ssl_hs_buffer));
+    }
+#endif
+}
+
+/*
+ * DTLS anti-replay: RFC 6347 4.1.2.6
+ *
+ * in_window is a field of bits numbered from 0 (lsb) to 63 (msb).
+ * Bit n is set iff record number in_window_top - n has been seen.
+ *
+ * Usually, in_window_top is the last record number seen and the lsb of
+ * in_window is set. The only exception is the initial state (record number 0
+ * not seen yet).
+ */
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+void mbedtls_ssl_dtls_replay_reset(mbedtls_ssl_context *ssl)
+{
+    ssl->in_window_top = 0;
+    ssl->in_window = 0;
+}
+
+static inline uint64_t ssl_load_six_bytes(unsigned char *buf)
+{
+    return ((uint64_t) buf[0] << 40) |
+           ((uint64_t) buf[1] << 32) |
+           ((uint64_t) buf[2] << 24) |
+           ((uint64_t) buf[3] << 16) |
+           ((uint64_t) buf[4] <<  8) |
+           ((uint64_t) buf[5]);
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int mbedtls_ssl_dtls_record_replay_check(mbedtls_ssl_context *ssl, uint8_t *record_in_ctr)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *original_in_ctr;
+
+    // save original in_ctr
+    original_in_ctr = ssl->in_ctr;
+
+    // use counter from record
+    ssl->in_ctr = record_in_ctr;
+
+    ret = mbedtls_ssl_dtls_replay_check((mbedtls_ssl_context const *) ssl);
+
+    // restore the counter
+    ssl->in_ctr = original_in_ctr;
+
+    return ret;
+}
+
+/*
+ * Return 0 if sequence number is acceptable, -1 otherwise
+ */
+int mbedtls_ssl_dtls_replay_check(mbedtls_ssl_context const *ssl)
+{
+    uint64_t rec_seqnum = ssl_load_six_bytes(ssl->in_ctr + 2);
+    uint64_t bit;
+
+    if (ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED) {
+        return 0;
+    }
+
+    if (rec_seqnum > ssl->in_window_top) {
+        return 0;
+    }
+
+    bit = ssl->in_window_top - rec_seqnum;
+
+    if (bit >= 64) {
+        return -1;
+    }
+
+    if ((ssl->in_window & ((uint64_t) 1 << bit)) != 0) {
+        return -1;
+    }
+
+    return 0;
+}
+
+/*
+ * Update replay window on new validated record
+ */
+void mbedtls_ssl_dtls_replay_update(mbedtls_ssl_context *ssl)
+{
+    uint64_t rec_seqnum = ssl_load_six_bytes(ssl->in_ctr + 2);
+
+    if (ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED) {
+        return;
+    }
+
+    if (rec_seqnum > ssl->in_window_top) {
+        /* Update window_top and the contents of the window */
+        uint64_t shift = rec_seqnum - ssl->in_window_top;
+
+        if (shift >= 64) {
+            ssl->in_window = 1;
+        } else {
+            ssl->in_window <<= shift;
+            ssl->in_window |= 1;
+        }
+
+        ssl->in_window_top = rec_seqnum;
+    } else {
+        /* Mark that number as seen in the current window */
+        uint64_t bit = ssl->in_window_top - rec_seqnum;
+
+        if (bit < 64) { /* Always true, but be extra sure */
+            ssl->in_window |= (uint64_t) 1 << bit;
+        }
+    }
+}
+#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
+
+#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C)
+/*
+ * Check if a datagram looks like a ClientHello with a valid cookie,
+ * and if it doesn't, generate a HelloVerifyRequest message.
+ * Both input and output include full DTLS headers.
+ *
+ * - if cookie is valid, return 0
+ * - if ClientHello looks superficially valid but cookie is not,
+ *   fill obuf and set olen, then
+ *   return MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED
+ * - otherwise return a specific error code
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+MBEDTLS_STATIC_TESTABLE
+int mbedtls_ssl_check_dtls_clihlo_cookie(
+    mbedtls_ssl_context *ssl,
+    const unsigned char *cli_id, size_t cli_id_len,
+    const unsigned char *in, size_t in_len,
+    unsigned char *obuf, size_t buf_len, size_t *olen)
+{
+    size_t sid_len, cookie_len;
+    unsigned char *p;
+
+    /*
+     * Structure of ClientHello with record and handshake headers,
+     * and expected values. We don't need to check a lot, more checks will be
+     * done when actually parsing the ClientHello - skipping those checks
+     * avoids code duplication and does not make cookie forging any easier.
+     *
+     *  0-0  ContentType type;                  copied, must be handshake
+     *  1-2  ProtocolVersion version;           copied
+     *  3-4  uint16 epoch;                      copied, must be 0
+     *  5-10 uint48 sequence_number;            copied
+     * 11-12 uint16 length;                     (ignored)
+     *
+     * 13-13 HandshakeType msg_type;            (ignored)
+     * 14-16 uint24 length;                     (ignored)
+     * 17-18 uint16 message_seq;                copied
+     * 19-21 uint24 fragment_offset;            copied, must be 0
+     * 22-24 uint24 fragment_length;            (ignored)
+     *
+     * 25-26 ProtocolVersion client_version;    (ignored)
+     * 27-58 Random random;                     (ignored)
+     * 59-xx SessionID session_id;              1 byte len + sid_len content
+     * 60+   opaque cookie<0..2^8-1>;           1 byte len + content
+     *       ...
+     *
+     * Minimum length is 61 bytes.
+     */
+    MBEDTLS_SSL_DEBUG_MSG(4, ("check cookie: in_len=%u",
+                              (unsigned) in_len));
+    MBEDTLS_SSL_DEBUG_BUF(4, "cli_id", cli_id, cli_id_len);
+    if (in_len < 61) {
+        MBEDTLS_SSL_DEBUG_MSG(4, ("check cookie: record too short"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+    if (in[0] != MBEDTLS_SSL_MSG_HANDSHAKE ||
+        in[3] != 0 || in[4] != 0 ||
+        in[19] != 0 || in[20] != 0 || in[21] != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(4, ("check cookie: not a good ClientHello"));
+        MBEDTLS_SSL_DEBUG_MSG(4, ("    type=%u epoch=%u fragment_offset=%u",
+                                  in[0],
+                                  (unsigned) in[3] << 8 | in[4],
+                                  (unsigned) in[19] << 16 | in[20] << 8 | in[21]));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    sid_len = in[59];
+    if (59 + 1 + sid_len + 1 > in_len) {
+        MBEDTLS_SSL_DEBUG_MSG(4, ("check cookie: sid_len=%u > %u",
+                                  (unsigned) sid_len,
+                                  (unsigned) in_len - 61));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+    MBEDTLS_SSL_DEBUG_BUF(4, "sid received from network",
+                          in + 60, sid_len);
+
+    cookie_len = in[60 + sid_len];
+    if (59 + 1 + sid_len + 1 + cookie_len > in_len) {
+        MBEDTLS_SSL_DEBUG_MSG(4, ("check cookie: cookie_len=%u > %u",
+                                  (unsigned) cookie_len,
+                                  (unsigned) (in_len - sid_len - 61)));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    MBEDTLS_SSL_DEBUG_BUF(4, "cookie received from network",
+                          in + sid_len + 61, cookie_len);
+    if (ssl->conf->f_cookie_check(ssl->conf->p_cookie,
+                                  in + sid_len + 61, cookie_len,
+                                  cli_id, cli_id_len) == 0) {
+        MBEDTLS_SSL_DEBUG_MSG(4, ("check cookie: valid"));
+        return 0;
+    }
+
+    /*
+     * If we get here, we've got an invalid cookie, let's prepare HVR.
+     *
+     *  0-0  ContentType type;                  copied
+     *  1-2  ProtocolVersion version;           copied
+     *  3-4  uint16 epoch;                      copied
+     *  5-10 uint48 sequence_number;            copied
+     * 11-12 uint16 length;                     olen - 13
+     *
+     * 13-13 HandshakeType msg_type;            hello_verify_request
+     * 14-16 uint24 length;                     olen - 25
+     * 17-18 uint16 message_seq;                copied
+     * 19-21 uint24 fragment_offset;            copied
+     * 22-24 uint24 fragment_length;            olen - 25
+     *
+     * 25-26 ProtocolVersion server_version;    0xfe 0xff
+     * 27-27 opaque cookie<0..2^8-1>;           cookie_len = olen - 27, cookie
+     *
+     * Minimum length is 28.
+     */
+    if (buf_len < 28) {
+        return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
+    }
+
+    /* Copy most fields and adapt others */
+    memcpy(obuf, in, 25);
+    obuf[13] = MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST;
+    obuf[25] = 0xfe;
+    obuf[26] = 0xff;
+
+    /* Generate and write actual cookie */
+    p = obuf + 28;
+    if (ssl->conf->f_cookie_write(ssl->conf->p_cookie,
+                                  &p, obuf + buf_len,
+                                  cli_id, cli_id_len) != 0) {
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    *olen = p - obuf;
+
+    /* Go back and fill length fields */
+    obuf[27] = (unsigned char) (*olen - 28);
+
+    obuf[14] = obuf[22] = MBEDTLS_BYTE_2(*olen - 25);
+    obuf[15] = obuf[23] = MBEDTLS_BYTE_1(*olen - 25);
+    obuf[16] = obuf[24] = MBEDTLS_BYTE_0(*olen - 25);
+
+    MBEDTLS_PUT_UINT16_BE(*olen - 13, obuf, 11);
+
+    return MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED;
+}
+
+/*
+ * Handle possible client reconnect with the same UDP quadruplet
+ * (RFC 6347 Section 4.2.8).
+ *
+ * Called by ssl_parse_record_header() in case we receive an epoch 0 record
+ * that looks like a ClientHello.
+ *
+ * - if the input looks like a ClientHello without cookies,
+ *   send back HelloVerifyRequest, then return 0
+ * - if the input looks like a ClientHello with a valid cookie,
+ *   reset the session of the current context, and
+ *   return MBEDTLS_ERR_SSL_CLIENT_RECONNECT
+ * - if anything goes wrong, return a specific error code
+ *
+ * This function is called (through ssl_check_client_reconnect()) when an
+ * unexpected record is found in ssl_get_next_record(), which will discard the
+ * record if we return 0, and bubble up the return value otherwise (this
+ * includes the case of MBEDTLS_ERR_SSL_CLIENT_RECONNECT and of unexpected
+ * errors, and is the right thing to do in both cases).
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_handle_possible_reconnect(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+
+    if (ssl->conf->f_cookie_write == NULL ||
+        ssl->conf->f_cookie_check == NULL) {
+        /* If we can't use cookies to verify reachability of the peer,
+         * drop the record. */
+        MBEDTLS_SSL_DEBUG_MSG(1, ("no cookie callbacks, "
+                                  "can't check reconnect validity"));
+        return 0;
+    }
+
+    ret = mbedtls_ssl_check_dtls_clihlo_cookie(
+        ssl,
+        ssl->cli_id, ssl->cli_id_len,
+        ssl->in_buf, ssl->in_left,
+        ssl->out_buf, MBEDTLS_SSL_OUT_CONTENT_LEN, &len);
+
+    MBEDTLS_SSL_DEBUG_RET(2, "mbedtls_ssl_check_dtls_clihlo_cookie", ret);
+
+    if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) {
+        int send_ret;
+        MBEDTLS_SSL_DEBUG_MSG(1, ("sending HelloVerifyRequest"));
+        MBEDTLS_SSL_DEBUG_BUF(4, "output record sent to network",
+                              ssl->out_buf, len);
+        /* Don't check write errors as we can't do anything here.
+         * If the error is permanent we'll catch it later,
+         * if it's not, then hopefully it'll work next time. */
+        send_ret = ssl->f_send(ssl->p_bio, ssl->out_buf, len);
+        MBEDTLS_SSL_DEBUG_RET(2, "ssl->f_send", send_ret);
+        (void) send_ret;
+
+        return 0;
+    }
+
+    if (ret == 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("cookie is valid, resetting context"));
+        if ((ret = mbedtls_ssl_session_reset_int(ssl, 1)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "reset", ret);
+            return ret;
+        }
+
+        return MBEDTLS_ERR_SSL_CLIENT_RECONNECT;
+    }
+
+    return ret;
+}
+#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_check_record_type(uint8_t record_type)
+{
+    if (record_type != MBEDTLS_SSL_MSG_HANDSHAKE &&
+        record_type != MBEDTLS_SSL_MSG_ALERT &&
+        record_type != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC &&
+        record_type != MBEDTLS_SSL_MSG_APPLICATION_DATA) {
+        return MBEDTLS_ERR_SSL_INVALID_RECORD;
+    }
+
+    return 0;
+}
+
+/*
+ * ContentType type;
+ * ProtocolVersion version;
+ * uint16 epoch;            // DTLS only
+ * uint48 sequence_number;  // DTLS only
+ * uint16 length;
+ *
+ * Return 0 if header looks sane (and, for DTLS, the record is expected)
+ * MBEDTLS_ERR_SSL_INVALID_RECORD if the header looks bad,
+ * MBEDTLS_ERR_SSL_UNEXPECTED_RECORD (DTLS only) if sane but unexpected.
+ *
+ * With DTLS, mbedtls_ssl_read_record() will:
+ * 1. proceed with the record if this function returns 0
+ * 2. drop only the current record if this function returns UNEXPECTED_RECORD
+ * 3. return CLIENT_RECONNECT if this function return that value
+ * 4. drop the whole datagram if this function returns anything else.
+ * Point 2 is needed when the peer is resending, and we have already received
+ * the first record from a datagram but are still waiting for the others.
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_record_header(mbedtls_ssl_context const *ssl,
+                                   unsigned char *buf,
+                                   size_t len,
+                                   mbedtls_record *rec)
+{
+    int major_ver, minor_ver;
+
+    size_t const rec_hdr_type_offset    = 0;
+    size_t const rec_hdr_type_len       = 1;
+
+    size_t const rec_hdr_version_offset = rec_hdr_type_offset +
+                                          rec_hdr_type_len;
+    size_t const rec_hdr_version_len    = 2;
+
+    size_t const rec_hdr_ctr_len        = 8;
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    uint32_t     rec_epoch;
+    size_t const rec_hdr_ctr_offset     = rec_hdr_version_offset +
+                                          rec_hdr_version_len;
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    size_t const rec_hdr_cid_offset     = rec_hdr_ctr_offset +
+                                          rec_hdr_ctr_len;
+    size_t       rec_hdr_cid_len        = 0;
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    size_t       rec_hdr_len_offset; /* To be determined */
+    size_t const rec_hdr_len_len    = 2;
+
+    /*
+     * Check minimum lengths for record header.
+     */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        rec_hdr_len_offset = rec_hdr_ctr_offset + rec_hdr_ctr_len;
+    } else
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+    {
+        rec_hdr_len_offset = rec_hdr_version_offset + rec_hdr_version_len;
+    }
+
+    if (len < rec_hdr_len_offset + rec_hdr_len_len) {
+        MBEDTLS_SSL_DEBUG_MSG(1,
+                              (
+                                  "datagram of length %u too small to hold DTLS record header of length %u",
+                                  (unsigned) len,
+                                  (unsigned) (rec_hdr_len_len + rec_hdr_len_len)));
+        return MBEDTLS_ERR_SSL_INVALID_RECORD;
+    }
+
+    /*
+     * Parse and validate record content type
+     */
+
+    rec->type = buf[rec_hdr_type_offset];
+
+    /* Check record content type */
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    rec->cid_len = 0;
+
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ssl->conf->cid_len != 0                                &&
+        rec->type == MBEDTLS_SSL_MSG_CID) {
+        /* Shift pointers to account for record header including CID
+         * struct {
+         *   ContentType special_type = tls12_cid;
+         *   ProtocolVersion version;
+         *   uint16 epoch;
+         *   uint48 sequence_number;
+         *   opaque cid[cid_length]; // Additional field compared to
+         *                           // default DTLS record format
+         *   uint16 length;
+         *   opaque enc_content[DTLSCiphertext.length];
+         * } DTLSCiphertext;
+         */
+
+        /* So far, we only support static CID lengths
+         * fixed in the configuration. */
+        rec_hdr_cid_len = ssl->conf->cid_len;
+        rec_hdr_len_offset += rec_hdr_cid_len;
+
+        if (len < rec_hdr_len_offset + rec_hdr_len_len) {
+            MBEDTLS_SSL_DEBUG_MSG(1,
+                                  (
+                                      "datagram of length %u too small to hold DTLS record header including CID, length %u",
+                                      (unsigned) len,
+                                      (unsigned) (rec_hdr_len_offset + rec_hdr_len_len)));
+            return MBEDTLS_ERR_SSL_INVALID_RECORD;
+        }
+
+        /* configured CID len is guaranteed at most 255, see
+         * MBEDTLS_SSL_CID_OUT_LEN_MAX in check_config.h */
+        rec->cid_len = (uint8_t) rec_hdr_cid_len;
+        memcpy(rec->cid, buf + rec_hdr_cid_offset, rec_hdr_cid_len);
+    } else
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+    {
+        if (ssl_check_record_type(rec->type)) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("unknown record type %u",
+                                      (unsigned) rec->type));
+            return MBEDTLS_ERR_SSL_INVALID_RECORD;
+        }
+    }
+
+    /*
+     * Parse and validate record version
+     */
+    rec->ver[0] = buf[rec_hdr_version_offset + 0];
+    rec->ver[1] = buf[rec_hdr_version_offset + 1];
+    mbedtls_ssl_read_version(&major_ver, &minor_ver,
+                             ssl->conf->transport,
+                             &rec->ver[0]);
+
+    if (major_ver != ssl->major_ver) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("major version mismatch: got %u, expected %u",
+                                  (unsigned) major_ver,
+                                  (unsigned) ssl->major_ver));
+        return MBEDTLS_ERR_SSL_INVALID_RECORD;
+    }
+
+    if (minor_ver > ssl->conf->max_minor_ver) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("minor version mismatch: got %u, expected max %u",
+                                  (unsigned) minor_ver,
+                                  (unsigned) ssl->conf->max_minor_ver));
+        return MBEDTLS_ERR_SSL_INVALID_RECORD;
+    }
+    /*
+     * Parse/Copy record sequence number.
+     */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        /* Copy explicit record sequence number from input buffer. */
+        memcpy(&rec->ctr[0], buf + rec_hdr_ctr_offset,
+               rec_hdr_ctr_len);
+    } else
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+    {
+        /* Copy implicit record sequence number from SSL context structure. */
+        memcpy(&rec->ctr[0], ssl->in_ctr, rec_hdr_ctr_len);
+    }
+
+    /*
+     * Parse record length.
+     */
+
+    rec->data_offset = rec_hdr_len_offset + rec_hdr_len_len;
+    rec->data_len    = ((size_t) buf[rec_hdr_len_offset + 0] << 8) |
+                       ((size_t) buf[rec_hdr_len_offset + 1] << 0);
+    MBEDTLS_SSL_DEBUG_BUF(4, "input record header", buf, rec->data_offset);
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("input record: msgtype = %u, "
+                              "version = [%d:%d], msglen = %" MBEDTLS_PRINTF_SIZET,
+                              rec->type,
+                              major_ver, minor_ver, rec->data_len));
+
+    rec->buf     = buf;
+    rec->buf_len = rec->data_offset + rec->data_len;
+
+    if (rec->data_len == 0) {
+        return MBEDTLS_ERR_SSL_INVALID_RECORD;
+    }
+
+    /*
+     * DTLS-related tests.
+     * Check epoch before checking length constraint because
+     * the latter varies with the epoch. E.g., if a ChangeCipherSpec
+     * message gets duplicated before the corresponding Finished message,
+     * the second ChangeCipherSpec should be discarded because it belongs
+     * to an old epoch, but not because its length is shorter than
+     * the minimum record length for packets using the new record transform.
+     * Note that these two kinds of failures are handled differently,
+     * as an unexpected record is silently skipped but an invalid
+     * record leads to the entire datagram being dropped.
+     */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        rec_epoch = (rec->ctr[0] << 8) | rec->ctr[1];
+
+        /* Check that the datagram is large enough to contain a record
+         * of the advertised length. */
+        if (len < rec->data_offset + rec->data_len) {
+            MBEDTLS_SSL_DEBUG_MSG(1,
+                                  (
+                                      "Datagram of length %u too small to contain record of advertised length %u.",
+                                      (unsigned) len,
+                                      (unsigned) (rec->data_offset + rec->data_len)));
+            return MBEDTLS_ERR_SSL_INVALID_RECORD;
+        }
+
+        /* Records from other, non-matching epochs are silently discarded.
+         * (The case of same-port Client reconnects must be considered in
+         *  the caller). */
+        if (rec_epoch != ssl->in_epoch) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("record from another epoch: "
+                                      "expected %u, received %lu",
+                                      ssl->in_epoch, (unsigned long) rec_epoch));
+
+            /* Records from the next epoch are considered for buffering
+             * (concretely: early Finished messages). */
+            if (rec_epoch == (unsigned) ssl->in_epoch + 1) {
+                MBEDTLS_SSL_DEBUG_MSG(2, ("Consider record for buffering"));
+                return MBEDTLS_ERR_SSL_EARLY_MESSAGE;
+            }
+
+            return MBEDTLS_ERR_SSL_UNEXPECTED_RECORD;
+        }
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+        /* For records from the correct epoch, check whether their
+         * sequence number has been seen before. */
+        else if (mbedtls_ssl_dtls_record_replay_check((mbedtls_ssl_context *) ssl,
+                                                      &rec->ctr[0]) != 0) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("replayed record"));
+            return MBEDTLS_ERR_SSL_UNEXPECTED_RECORD;
+        }
+#endif
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    return 0;
+}
+
+
+#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_check_client_reconnect(mbedtls_ssl_context *ssl)
+{
+    unsigned int rec_epoch = (ssl->in_ctr[0] << 8) | ssl->in_ctr[1];
+
+    /*
+     * Check for an epoch 0 ClientHello. We can't use in_msg here to
+     * access the first byte of record content (handshake type), as we
+     * have an active transform (possibly iv_len != 0), so use the
+     * fact that the record header len is 13 instead.
+     */
+    if (rec_epoch == 0 &&
+        ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
+        ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER &&
+        ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
+        ssl->in_left > 13 &&
+        ssl->in_buf[13] == MBEDTLS_SSL_HS_CLIENT_HELLO) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("possible client reconnect "
+                                  "from the same port"));
+        return ssl_handle_possible_reconnect(ssl);
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */
+
+/*
+ * If applicable, decrypt record content
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_prepare_record_content(mbedtls_ssl_context *ssl,
+                                      mbedtls_record *rec)
+{
+    int ret, done = 0;
+
+    MBEDTLS_SSL_DEBUG_BUF(4, "input record from network",
+                          rec->buf, rec->buf_len);
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+    if (mbedtls_ssl_hw_record_read != NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("going for mbedtls_ssl_hw_record_read()"));
+
+        ret = mbedtls_ssl_hw_record_read(ssl);
+        if (ret != 0 && ret != MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_read", ret);
+            return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        }
+
+        if (ret == 0) {
+            done = 1;
+        }
+    }
+#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
+    if (!done && ssl->transform_in != NULL) {
+        unsigned char const old_msg_type = rec->type;
+
+        if ((ret = mbedtls_ssl_decrypt_buf(ssl, ssl->transform_in,
+                                           rec)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "ssl_decrypt_buf", ret);
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+            if (ret == MBEDTLS_ERR_SSL_UNEXPECTED_CID &&
+                ssl->conf->ignore_unexpected_cid
+                == MBEDTLS_SSL_UNEXPECTED_CID_IGNORE) {
+                MBEDTLS_SSL_DEBUG_MSG(3, ("ignoring unexpected CID"));
+                ret = MBEDTLS_ERR_SSL_CONTINUE_PROCESSING;
+            }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+            return ret;
+        }
+
+        if (old_msg_type != rec->type) {
+            MBEDTLS_SSL_DEBUG_MSG(4, ("record type after decrypt (before %d): %d",
+                                      old_msg_type, rec->type));
+        }
+
+        MBEDTLS_SSL_DEBUG_BUF(4, "input payload after decrypt",
+                              rec->buf + rec->data_offset, rec->data_len);
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+        /* We have already checked the record content type
+         * in ssl_parse_record_header(), failing or silently
+         * dropping the record in the case of an unknown type.
+         *
+         * Since with the use of CIDs, the record content type
+         * might change during decryption, re-check the record
+         * content type, but treat a failure as fatal this time. */
+        if (ssl_check_record_type(rec->type)) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("unknown record type"));
+            return MBEDTLS_ERR_SSL_INVALID_RECORD;
+        }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+        if (rec->data_len == 0) {
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+            if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3
+                && rec->type != MBEDTLS_SSL_MSG_APPLICATION_DATA) {
+                /* TLS v1.2 explicitly disallows zero-length messages which are not application data */
+                MBEDTLS_SSL_DEBUG_MSG(1, ("invalid zero-length message type: %d", ssl->in_msgtype));
+                return MBEDTLS_ERR_SSL_INVALID_RECORD;
+            }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+            ssl->nb_zero++;
+
+            /*
+             * Three or more empty messages may be a DoS attack
+             * (excessive CPU consumption).
+             */
+            if (ssl->nb_zero > 3) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("received four consecutive empty "
+                                          "messages, possible DoS attack"));
+                /* Treat the records as if they were not properly authenticated,
+                 * thereby failing the connection if we see more than allowed
+                 * by the configured bad MAC threshold. */
+                return MBEDTLS_ERR_SSL_INVALID_MAC;
+            }
+        } else {
+            ssl->nb_zero = 0;
+        }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+        if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+            ; /* in_ctr read from peer, not maintained internally */
+        } else
+#endif
+        {
+            unsigned i;
+            for (i = 8; i > mbedtls_ssl_ep_len(ssl); i--) {
+                if (++ssl->in_ctr[i - 1] != 0) {
+                    break;
+                }
+            }
+
+            /* The loop goes to its end iff the counter is wrapping */
+            if (i == mbedtls_ssl_ep_len(ssl)) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("incoming message counter would wrap"));
+                return MBEDTLS_ERR_SSL_COUNTER_WRAPPING;
+            }
+        }
+
+    }
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        mbedtls_ssl_dtls_replay_update(ssl);
+    }
+#endif
+
+    /* Check actual (decrypted) record content length against
+     * configured maximum. */
+    if (rec->data_len > MBEDTLS_SSL_IN_CONTENT_LEN) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad message length"));
+        return MBEDTLS_ERR_SSL_INVALID_RECORD;
+    }
+
+    return 0;
+}
+
+/*
+ * Read a record.
+ *
+ * Silently ignore non-fatal alert (and for DTLS, invalid records as well,
+ * RFC 6347 4.1.2.7) and continue reading until a valid record is found.
+ *
+ */
+
+/* Helper functions for mbedtls_ssl_read_record(). */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_consume_current_message(mbedtls_ssl_context *ssl);
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_get_next_record(mbedtls_ssl_context *ssl);
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_record_is_in_progress(mbedtls_ssl_context *ssl);
+
+int mbedtls_ssl_read_record(mbedtls_ssl_context *ssl,
+                            unsigned update_hs_digest)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> read record"));
+
+    if (ssl->keep_current_message == 0) {
+        do {
+
+            ret = ssl_consume_current_message(ssl);
+            if (ret != 0) {
+                return ret;
+            }
+
+            if (ssl_record_is_in_progress(ssl) == 0) {
+                int dtls_have_buffered = 0;
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+
+                /* We only check for buffered messages if the
+                 * current datagram is fully consumed. */
+                if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+                    ssl_next_record_is_in_datagram(ssl) == 0) {
+                    if (ssl_load_buffered_message(ssl) == 0) {
+                        dtls_have_buffered = 1;
+                    }
+                }
+
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+                if (dtls_have_buffered == 0) {
+                    ret = ssl_get_next_record(ssl);
+                    if (ret == MBEDTLS_ERR_SSL_CONTINUE_PROCESSING) {
+                        continue;
+                    }
+
+                    if (ret != 0) {
+                        MBEDTLS_SSL_DEBUG_RET(1, ("ssl_get_next_record"), ret);
+                        return ret;
+                    }
+                }
+            }
+
+            ret = mbedtls_ssl_handle_message_type(ssl);
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+            if (ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE) {
+                /* Buffer future message */
+                ret = ssl_buffer_message(ssl);
+                if (ret != 0) {
+                    return ret;
+                }
+
+                ret = MBEDTLS_ERR_SSL_CONTINUE_PROCESSING;
+            }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+        } while (MBEDTLS_ERR_SSL_NON_FATAL           == ret  ||
+                 MBEDTLS_ERR_SSL_CONTINUE_PROCESSING == ret);
+
+        if (0 != ret) {
+            MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ssl_handle_message_type"), ret);
+            return ret;
+        }
+
+        if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
+            update_hs_digest == 1) {
+            mbedtls_ssl_update_handshake_status(ssl);
+        }
+    } else {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("reuse previously read message"));
+        ssl->keep_current_message = 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= read record"));
+
+    return 0;
+}
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_next_record_is_in_datagram(mbedtls_ssl_context *ssl)
+{
+    if (ssl->in_left > ssl->next_record_offset) {
+        return 1;
+    }
+
+    return 0;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_load_buffered_message(mbedtls_ssl_context *ssl)
+{
+    mbedtls_ssl_handshake_params * const hs = ssl->handshake;
+    mbedtls_ssl_hs_buffer *hs_buf;
+    int ret = 0;
+
+    if (hs == NULL) {
+        return -1;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_load_buffered_message"));
+
+    if (ssl->state == MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC ||
+        ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC) {
+        /* Check if we have seen a ChangeCipherSpec before.
+         * If yes, synthesize a CCS record. */
+        if (!hs->buffering.seen_ccs) {
+            MBEDTLS_SSL_DEBUG_MSG(2, ("CCS not seen in the current flight"));
+            ret = -1;
+            goto exit;
+        }
+
+        MBEDTLS_SSL_DEBUG_MSG(2, ("Injecting buffered CCS message"));
+        ssl->in_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC;
+        ssl->in_msglen = 1;
+        ssl->in_msg[0] = 1;
+
+        /* As long as they are equal, the exact value doesn't matter. */
+        ssl->in_left            = 0;
+        ssl->next_record_offset = 0;
+
+        hs->buffering.seen_ccs = 0;
+        goto exit;
+    }
+
+#if defined(MBEDTLS_DEBUG_C)
+    /* Debug only */
+    {
+        unsigned offset;
+        for (offset = 1; offset < MBEDTLS_SSL_MAX_BUFFERED_HS; offset++) {
+            hs_buf = &hs->buffering.hs[offset];
+            if (hs_buf->is_valid == 1) {
+                MBEDTLS_SSL_DEBUG_MSG(2, ("Future message with sequence number %u %s buffered.",
+                                          hs->in_msg_seq + offset,
+                                          hs_buf->is_complete ? "fully" : "partially"));
+            }
+        }
+    }
+#endif /* MBEDTLS_DEBUG_C */
+
+    /* Check if we have buffered and/or fully reassembled the
+     * next handshake message. */
+    hs_buf = &hs->buffering.hs[0];
+    if ((hs_buf->is_valid == 1) && (hs_buf->is_complete == 1)) {
+        /* Synthesize a record containing the buffered HS message. */
+        size_t msg_len = (hs_buf->data[1] << 16) |
+                         (hs_buf->data[2] << 8) |
+                         hs_buf->data[3];
+
+        /* Double-check that we haven't accidentally buffered
+         * a message that doesn't fit into the input buffer. */
+        if (msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        }
+
+        MBEDTLS_SSL_DEBUG_MSG(2, ("Next handshake message has been buffered - load"));
+        MBEDTLS_SSL_DEBUG_BUF(3, "Buffered handshake message (incl. header)",
+                              hs_buf->data, msg_len + 12);
+
+        ssl->in_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+        ssl->in_hslen   = msg_len + 12;
+        ssl->in_msglen  = msg_len + 12;
+        memcpy(ssl->in_msg, hs_buf->data, ssl->in_hslen);
+
+        ret = 0;
+        goto exit;
+    } else {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("Next handshake message %u not or only partially bufffered",
+                                  hs->in_msg_seq));
+    }
+
+    ret = -1;
+
+exit:
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_load_buffered_message"));
+    return ret;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_buffer_make_space(mbedtls_ssl_context *ssl,
+                                 size_t desired)
+{
+    int offset;
+    mbedtls_ssl_handshake_params * const hs = ssl->handshake;
+    MBEDTLS_SSL_DEBUG_MSG(2, ("Attempt to free buffered messages to have %u bytes available",
+                              (unsigned) desired));
+
+    /* Get rid of future records epoch first, if such exist. */
+    ssl_free_buffered_record(ssl);
+
+    /* Check if we have enough space available now. */
+    if (desired <= (MBEDTLS_SSL_DTLS_MAX_BUFFERING -
+                    hs->buffering.total_bytes_buffered)) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("Enough space available after freeing future epoch record"));
+        return 0;
+    }
+
+    /* We don't have enough space to buffer the next expected handshake
+     * message. Remove buffers used for future messages to gain space,
+     * starting with the most distant one. */
+    for (offset = MBEDTLS_SSL_MAX_BUFFERED_HS - 1;
+         offset >= 0; offset--) {
+        MBEDTLS_SSL_DEBUG_MSG(2,
+                              (
+                                  "Free buffering slot %d to make space for reassembly of next handshake message",
+                                  offset));
+
+        ssl_buffering_free_slot(ssl, (uint8_t) offset);
+
+        /* Check if we have enough space available now. */
+        if (desired <= (MBEDTLS_SSL_DTLS_MAX_BUFFERING -
+                        hs->buffering.total_bytes_buffered)) {
+            MBEDTLS_SSL_DEBUG_MSG(2, ("Enough space available after freeing buffered HS messages"));
+            return 0;
+        }
+    }
+
+    return -1;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_buffer_message(mbedtls_ssl_context *ssl)
+{
+    int ret = 0;
+    mbedtls_ssl_handshake_params * const hs = ssl->handshake;
+
+    if (hs == NULL) {
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_buffer_message"));
+
+    switch (ssl->in_msgtype) {
+        case MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC:
+            MBEDTLS_SSL_DEBUG_MSG(2, ("Remember CCS message"));
+
+            hs->buffering.seen_ccs = 1;
+            break;
+
+        case MBEDTLS_SSL_MSG_HANDSHAKE:
+        {
+            unsigned recv_msg_seq_offset;
+            unsigned recv_msg_seq = (ssl->in_msg[4] << 8) | ssl->in_msg[5];
+            mbedtls_ssl_hs_buffer *hs_buf;
+            size_t msg_len = ssl->in_hslen - 12;
+
+            /* We should never receive an old handshake
+             * message - double-check nonetheless. */
+            if (recv_msg_seq < ssl->handshake->in_msg_seq) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+                return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+            }
+
+            recv_msg_seq_offset = recv_msg_seq - ssl->handshake->in_msg_seq;
+            if (recv_msg_seq_offset >= MBEDTLS_SSL_MAX_BUFFERED_HS) {
+                /* Silently ignore -- message too far in the future */
+                MBEDTLS_SSL_DEBUG_MSG(2,
+                                      ("Ignore future HS message with sequence number %u, "
+                                       "buffering window %u - %u",
+                                       recv_msg_seq, ssl->handshake->in_msg_seq,
+                                       ssl->handshake->in_msg_seq + MBEDTLS_SSL_MAX_BUFFERED_HS -
+                                       1));
+
+                goto exit;
+            }
+
+            MBEDTLS_SSL_DEBUG_MSG(2, ("Buffering HS message with sequence number %u, offset %u ",
+                                      recv_msg_seq, recv_msg_seq_offset));
+
+            hs_buf = &hs->buffering.hs[recv_msg_seq_offset];
+
+            /* Check if the buffering for this seq nr has already commenced. */
+            if (!hs_buf->is_valid) {
+                size_t reassembly_buf_sz;
+
+                hs_buf->is_fragmented =
+                    (ssl_hs_is_proper_fragment(ssl) == 1);
+
+                /* We copy the message back into the input buffer
+                 * after reassembly, so check that it's not too large.
+                 * This is an implementation-specific limitation
+                 * and not one from the standard, hence it is not
+                 * checked in ssl_check_hs_header(). */
+                if (msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN) {
+                    /* Ignore message */
+                    goto exit;
+                }
+
+                /* Check if we have enough space to buffer the message. */
+                if (hs->buffering.total_bytes_buffered >
+                    MBEDTLS_SSL_DTLS_MAX_BUFFERING) {
+                    MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+                    return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+                }
+
+                reassembly_buf_sz = ssl_get_reassembly_buffer_size(msg_len,
+                                                                   hs_buf->is_fragmented);
+
+                if (reassembly_buf_sz > (MBEDTLS_SSL_DTLS_MAX_BUFFERING -
+                                         hs->buffering.total_bytes_buffered)) {
+                    if (recv_msg_seq_offset > 0) {
+                        /* If we can't buffer a future message because
+                         * of space limitations -- ignore. */
+                        MBEDTLS_SSL_DEBUG_MSG(2,
+                                              ("Buffering of future message of size %"
+                                               MBEDTLS_PRINTF_SIZET
+                                               " would exceed the compile-time limit %"
+                                               MBEDTLS_PRINTF_SIZET
+                                               " (already %" MBEDTLS_PRINTF_SIZET
+                                               " bytes buffered) -- ignore\n",
+                                               msg_len, (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING,
+                                               hs->buffering.total_bytes_buffered));
+                        goto exit;
+                    } else {
+                        MBEDTLS_SSL_DEBUG_MSG(2,
+                                              ("Buffering of future message of size %"
+                                               MBEDTLS_PRINTF_SIZET
+                                               " would exceed the compile-time limit %"
+                                               MBEDTLS_PRINTF_SIZET
+                                               " (already %" MBEDTLS_PRINTF_SIZET
+                                               " bytes buffered) -- attempt to make space by freeing buffered future messages\n",
+                                               msg_len, (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING,
+                                               hs->buffering.total_bytes_buffered));
+                    }
+
+                    if (ssl_buffer_make_space(ssl, reassembly_buf_sz) != 0) {
+                        MBEDTLS_SSL_DEBUG_MSG(2,
+                                              ("Reassembly of next message of size %"
+                                               MBEDTLS_PRINTF_SIZET
+                                               " (%" MBEDTLS_PRINTF_SIZET
+                                               " with bitmap) would exceed"
+                                               " the compile-time limit %"
+                                               MBEDTLS_PRINTF_SIZET
+                                               " (already %" MBEDTLS_PRINTF_SIZET
+                                               " bytes buffered) -- fail\n",
+                                               msg_len,
+                                               reassembly_buf_sz,
+                                               (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING,
+                                               hs->buffering.total_bytes_buffered));
+                        ret = MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
+                        goto exit;
+                    }
+                }
+
+                MBEDTLS_SSL_DEBUG_MSG(2,
+                                      ("initialize reassembly, total length = %"
+                                       MBEDTLS_PRINTF_SIZET,
+                                       msg_len));
+
+                hs_buf->data = mbedtls_calloc(1, reassembly_buf_sz);
+                if (hs_buf->data == NULL) {
+                    ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
+                    goto exit;
+                }
+                hs_buf->data_len = reassembly_buf_sz;
+
+                /* Prepare final header: copy msg_type, length and message_seq,
+                 * then add standardised fragment_offset and fragment_length */
+                memcpy(hs_buf->data, ssl->in_msg, 6);
+                memset(hs_buf->data + 6, 0, 3);
+                memcpy(hs_buf->data + 9, hs_buf->data + 1, 3);
+
+                hs_buf->is_valid = 1;
+
+                hs->buffering.total_bytes_buffered += reassembly_buf_sz;
+            } else {
+                /* Make sure msg_type and length are consistent */
+                if (memcmp(hs_buf->data, ssl->in_msg, 4) != 0) {
+                    MBEDTLS_SSL_DEBUG_MSG(1, ("Fragment header mismatch - ignore"));
+                    /* Ignore */
+                    goto exit;
+                }
+            }
+
+            if (!hs_buf->is_complete) {
+                size_t frag_len, frag_off;
+                unsigned char * const msg = hs_buf->data + 12;
+
+                /*
+                 * Check and copy current fragment
+                 */
+
+                /* Validation of header fields already done in
+                 * mbedtls_ssl_prepare_handshake_record(). */
+                frag_off = ssl_get_hs_frag_off(ssl);
+                frag_len = ssl_get_hs_frag_len(ssl);
+
+                MBEDTLS_SSL_DEBUG_MSG(2, ("adding fragment, offset = %" MBEDTLS_PRINTF_SIZET
+                                          ", length = %" MBEDTLS_PRINTF_SIZET,
+                                          frag_off, frag_len));
+                memcpy(msg + frag_off, ssl->in_msg + 12, frag_len);
+
+                if (hs_buf->is_fragmented) {
+                    unsigned char * const bitmask = msg + msg_len;
+                    ssl_bitmask_set(bitmask, frag_off, frag_len);
+                    hs_buf->is_complete = (ssl_bitmask_check(bitmask,
+                                                             msg_len) == 0);
+                } else {
+                    hs_buf->is_complete = 1;
+                }
+
+                MBEDTLS_SSL_DEBUG_MSG(2, ("message %scomplete",
+                                          hs_buf->is_complete ? "" : "not yet "));
+            }
+
+            break;
+        }
+
+        default:
+            /* We don't buffer other types of messages. */
+            break;
+    }
+
+exit:
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_buffer_message"));
+    return ret;
+}
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_consume_current_message(mbedtls_ssl_context *ssl)
+{
+    /*
+     * Consume last content-layer message and potentially
+     * update in_msglen which keeps track of the contents'
+     * consumption state.
+     *
+     * (1) Handshake messages:
+     *     Remove last handshake message, move content
+     *     and adapt in_msglen.
+     *
+     * (2) Alert messages:
+     *     Consume whole record content, in_msglen = 0.
+     *
+     * (3) Change cipher spec:
+     *     Consume whole record content, in_msglen = 0.
+     *
+     * (4) Application data:
+     *     Don't do anything - the record layer provides
+     *     the application data as a stream transport
+     *     and consumes through mbedtls_ssl_read only.
+     *
+     */
+
+    /* Case (1): Handshake messages */
+    if (ssl->in_hslen != 0) {
+        /* Hard assertion to be sure that no application data
+         * is in flight, as corrupting ssl->in_msglen during
+         * ssl->in_offt != NULL is fatal. */
+        if (ssl->in_offt != NULL) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        }
+
+        /*
+         * Get next Handshake message in the current record
+         */
+
+        /* Notes:
+         * (1) in_hslen is not necessarily the size of the
+         *     current handshake content: If DTLS handshake
+         *     fragmentation is used, that's the fragment
+         *     size instead. Using the total handshake message
+         *     size here is faulty and should be changed at
+         *     some point.
+         * (2) While it doesn't seem to cause problems, one
+         *     has to be very careful not to assume that in_hslen
+         *     is always <= in_msglen in a sensible communication.
+         *     Again, it's wrong for DTLS handshake fragmentation.
+         *     The following check is therefore mandatory, and
+         *     should not be treated as a silently corrected assertion.
+         *     Additionally, ssl->in_hslen might be arbitrarily out of
+         *     bounds after handling a DTLS message with an unexpected
+         *     sequence number, see mbedtls_ssl_prepare_handshake_record.
+         */
+        if (ssl->in_hslen < ssl->in_msglen) {
+            ssl->in_msglen -= ssl->in_hslen;
+            memmove(ssl->in_msg, ssl->in_msg + ssl->in_hslen,
+                    ssl->in_msglen);
+
+            MBEDTLS_SSL_DEBUG_BUF(4, "remaining content in record",
+                                  ssl->in_msg, ssl->in_msglen);
+        } else {
+            ssl->in_msglen = 0;
+        }
+
+        ssl->in_hslen   = 0;
+    }
+    /* Case (4): Application data */
+    else if (ssl->in_offt != NULL) {
+        return 0;
+    }
+    /* Everything else (CCS & Alerts) */
+    else {
+        ssl->in_msglen = 0;
+    }
+
+    return 0;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_record_is_in_progress(mbedtls_ssl_context *ssl)
+{
+    if (ssl->in_msglen > 0) {
+        return 1;
+    }
+
+    return 0;
+}
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+
+static void ssl_free_buffered_record(mbedtls_ssl_context *ssl)
+{
+    mbedtls_ssl_handshake_params * const hs = ssl->handshake;
+    if (hs == NULL) {
+        return;
+    }
+
+    if (hs->buffering.future_record.data != NULL) {
+        hs->buffering.total_bytes_buffered -=
+            hs->buffering.future_record.len;
+
+        mbedtls_free(hs->buffering.future_record.data);
+        hs->buffering.future_record.data = NULL;
+    }
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_load_buffered_record(mbedtls_ssl_context *ssl)
+{
+    mbedtls_ssl_handshake_params * const hs = ssl->handshake;
+    unsigned char *rec;
+    size_t rec_len;
+    unsigned rec_epoch;
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+    size_t in_buf_len = ssl->in_buf_len;
+#else
+    size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN;
+#endif
+    if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        return 0;
+    }
+
+    if (hs == NULL) {
+        return 0;
+    }
+
+    rec       = hs->buffering.future_record.data;
+    rec_len   = hs->buffering.future_record.len;
+    rec_epoch = hs->buffering.future_record.epoch;
+
+    if (rec == NULL) {
+        return 0;
+    }
+
+    /* Only consider loading future records if the
+     * input buffer is empty. */
+    if (ssl_next_record_is_in_datagram(ssl) == 1) {
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_load_buffered_record"));
+
+    if (rec_epoch != ssl->in_epoch) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("Buffered record not from current epoch."));
+        goto exit;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("Found buffered record from current epoch - load"));
+
+    /* Double-check that the record is not too large */
+    if (rec_len > in_buf_len - (size_t) (ssl->in_hdr - ssl->in_buf)) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    memcpy(ssl->in_hdr, rec, rec_len);
+    ssl->in_left = rec_len;
+    ssl->next_record_offset = 0;
+
+    ssl_free_buffered_record(ssl);
+
+exit:
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_load_buffered_record"));
+    return 0;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_buffer_future_record(mbedtls_ssl_context *ssl,
+                                    mbedtls_record const *rec)
+{
+    mbedtls_ssl_handshake_params * const hs = ssl->handshake;
+
+    /* Don't buffer future records outside handshakes. */
+    if (hs == NULL) {
+        return 0;
+    }
+
+    /* Only buffer handshake records (we are only interested
+     * in Finished messages). */
+    if (rec->type != MBEDTLS_SSL_MSG_HANDSHAKE) {
+        return 0;
+    }
+
+    /* Don't buffer more than one future epoch record. */
+    if (hs->buffering.future_record.data != NULL) {
+        return 0;
+    }
+
+    /* Don't buffer record if there's not enough buffering space remaining. */
+    if (rec->buf_len > (MBEDTLS_SSL_DTLS_MAX_BUFFERING -
+                        hs->buffering.total_bytes_buffered)) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("Buffering of future epoch record of size %" MBEDTLS_PRINTF_SIZET
+                                  " would exceed the compile-time limit %" MBEDTLS_PRINTF_SIZET
+                                  " (already %" MBEDTLS_PRINTF_SIZET
+                                  " bytes buffered) -- ignore\n",
+                                  rec->buf_len, (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING,
+                                  hs->buffering.total_bytes_buffered));
+        return 0;
+    }
+
+    /* Buffer record */
+    MBEDTLS_SSL_DEBUG_MSG(2, ("Buffer record from epoch %u",
+                              ssl->in_epoch + 1U));
+    MBEDTLS_SSL_DEBUG_BUF(3, "Buffered record", rec->buf, rec->buf_len);
+
+    /* ssl_parse_record_header() only considers records
+     * of the next epoch as candidates for buffering. */
+    hs->buffering.future_record.epoch = ssl->in_epoch + 1;
+    hs->buffering.future_record.len   = rec->buf_len;
+
+    hs->buffering.future_record.data =
+        mbedtls_calloc(1, hs->buffering.future_record.len);
+    if (hs->buffering.future_record.data == NULL) {
+        /* If we run out of RAM trying to buffer a
+         * record from the next epoch, just ignore. */
+        return 0;
+    }
+
+    memcpy(hs->buffering.future_record.data, rec->buf, rec->buf_len);
+
+    hs->buffering.total_bytes_buffered += rec->buf_len;
+    return 0;
+}
+
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_get_next_record(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_record rec;
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    /* We might have buffered a future record; if so,
+     * and if the epoch matches now, load it.
+     * On success, this call will set ssl->in_left to
+     * the length of the buffered record, so that
+     * the calls to ssl_fetch_input() below will
+     * essentially be no-ops. */
+    ret = ssl_load_buffered_record(ssl);
+    if (ret != 0) {
+        return ret;
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    /* Ensure that we have enough space available for the default form
+     * of TLS / DTLS record headers (5 Bytes for TLS, 13 Bytes for DTLS,
+     * with no space for CIDs counted in). */
+    ret = mbedtls_ssl_fetch_input(ssl, mbedtls_ssl_in_hdr_len(ssl));
+    if (ret != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_fetch_input", ret);
+        return ret;
+    }
+
+    ret = ssl_parse_record_header(ssl, ssl->in_hdr, ssl->in_left, &rec);
+    if (ret != 0) {
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+        if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+            if (ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE) {
+                ret = ssl_buffer_future_record(ssl, &rec);
+                if (ret != 0) {
+                    return ret;
+                }
+
+                /* Fall through to handling of unexpected records */
+                ret = MBEDTLS_ERR_SSL_UNEXPECTED_RECORD;
+            }
+
+            if (ret == MBEDTLS_ERR_SSL_UNEXPECTED_RECORD) {
+#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C)
+                /* Reset in pointers to default state for TLS/DTLS records,
+                 * assuming no CID and no offset between record content and
+                 * record plaintext. */
+                mbedtls_ssl_update_in_pointers(ssl);
+
+                /* Setup internal message pointers from record structure. */
+                ssl->in_msgtype = rec.type;
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+                ssl->in_len = ssl->in_cid + rec.cid_len;
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+                ssl->in_iv  = ssl->in_msg = ssl->in_len + 2;
+                ssl->in_msglen = rec.data_len;
+
+                ret = ssl_check_client_reconnect(ssl);
+                MBEDTLS_SSL_DEBUG_RET(2, "ssl_check_client_reconnect", ret);
+                if (ret != 0) {
+                    return ret;
+                }
+#endif
+
+                /* Skip unexpected record (but not whole datagram) */
+                ssl->next_record_offset = rec.buf_len;
+
+                MBEDTLS_SSL_DEBUG_MSG(1, ("discarding unexpected record "
+                                          "(header)"));
+            } else {
+                /* Skip invalid record and the rest of the datagram */
+                ssl->next_record_offset = 0;
+                ssl->in_left = 0;
+
+                MBEDTLS_SSL_DEBUG_MSG(1, ("discarding invalid record "
+                                          "(header)"));
+            }
+
+            /* Get next record */
+            return MBEDTLS_ERR_SSL_CONTINUE_PROCESSING;
+        } else
+#endif
+        {
+            return ret;
+        }
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        /* Remember offset of next record within datagram. */
+        ssl->next_record_offset = rec.buf_len;
+        if (ssl->next_record_offset < ssl->in_left) {
+            MBEDTLS_SSL_DEBUG_MSG(3, ("more than one record within datagram"));
+        }
+    } else
+#endif
+    {
+        /*
+         * Fetch record contents from underlying transport.
+         */
+        ret = mbedtls_ssl_fetch_input(ssl, rec.buf_len);
+        if (ret != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_fetch_input", ret);
+            return ret;
+        }
+
+        ssl->in_left = 0;
+    }
+
+    /*
+     * Decrypt record contents.
+     */
+
+    if ((ret = ssl_prepare_record_content(ssl, &rec)) != 0) {
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+        if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+            /* Silently discard invalid records */
+            if (ret == MBEDTLS_ERR_SSL_INVALID_MAC) {
+                /* Except when waiting for Finished as a bad mac here
+                 * probably means something went wrong in the handshake
+                 * (eg wrong psk used, mitm downgrade attempt, etc.) */
+                if (ssl->state == MBEDTLS_SSL_CLIENT_FINISHED ||
+                    ssl->state == MBEDTLS_SSL_SERVER_FINISHED) {
+#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES)
+                    if (ret == MBEDTLS_ERR_SSL_INVALID_MAC) {
+                        mbedtls_ssl_send_alert_message(ssl,
+                                                       MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                                       MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC);
+                    }
+#endif
+                    return ret;
+                }
+
+#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
+                if (ssl->conf->badmac_limit != 0 &&
+                    ++ssl->badmac_seen >= ssl->conf->badmac_limit) {
+                    MBEDTLS_SSL_DEBUG_MSG(1, ("too many records with bad MAC"));
+                    return MBEDTLS_ERR_SSL_INVALID_MAC;
+                }
+#endif
+
+                /* As above, invalid records cause
+                 * dismissal of the whole datagram. */
+
+                ssl->next_record_offset = 0;
+                ssl->in_left = 0;
+
+                MBEDTLS_SSL_DEBUG_MSG(1, ("discarding invalid record (mac)"));
+                return MBEDTLS_ERR_SSL_CONTINUE_PROCESSING;
+            }
+
+            return ret;
+        } else
+#endif
+        {
+            /* Error out (and send alert) on invalid records */
+#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES)
+            if (ret == MBEDTLS_ERR_SSL_INVALID_MAC) {
+                mbedtls_ssl_send_alert_message(ssl,
+                                               MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                               MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC);
+            }
+#endif
+            return ret;
+        }
+    }
+
+
+    /* Reset in pointers to default state for TLS/DTLS records,
+     * assuming no CID and no offset between record content and
+     * record plaintext. */
+    mbedtls_ssl_update_in_pointers(ssl);
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    ssl->in_len = ssl->in_cid + rec.cid_len;
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+    ssl->in_iv  = ssl->in_len + 2;
+
+    /* The record content type may change during decryption,
+     * so re-read it. */
+    ssl->in_msgtype = rec.type;
+    /* Also update the input buffer, because unfortunately
+     * the server-side ssl_parse_client_hello() reparses the
+     * record header when receiving a ClientHello initiating
+     * a renegotiation. */
+    ssl->in_hdr[0] = rec.type;
+    ssl->in_msg    = rec.buf + rec.data_offset;
+    ssl->in_msglen = rec.data_len;
+    MBEDTLS_PUT_UINT16_BE(rec.data_len, ssl->in_len, 0);
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    if (ssl->transform_in != NULL &&
+        ssl->session_in->compression == MBEDTLS_SSL_COMPRESS_DEFLATE) {
+        if ((ret = ssl_decompress_buf(ssl)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "ssl_decompress_buf", ret);
+            return ret;
+        }
+
+        /* Check actual (decompress) record content length against
+         * configured maximum. */
+        if (ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad message length"));
+            return MBEDTLS_ERR_SSL_INVALID_RECORD;
+        }
+    }
+#endif /* MBEDTLS_ZLIB_SUPPORT */
+
+    return 0;
+}
+
+int mbedtls_ssl_handle_message_type(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    /*
+     * Handle particular types of records
+     */
+    if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE) {
+        if ((ret = mbedtls_ssl_prepare_handshake_record(ssl)) != 0) {
+            return ret;
+        }
+    }
+
+    if (ssl->in_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC) {
+        if (ssl->in_msglen != 1) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("invalid CCS message, len: %" MBEDTLS_PRINTF_SIZET,
+                                      ssl->in_msglen));
+            return MBEDTLS_ERR_SSL_INVALID_RECORD;
+        }
+
+        if (ssl->in_msg[0] != 1) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("invalid CCS message, content: %02x",
+                                      ssl->in_msg[0]));
+            return MBEDTLS_ERR_SSL_INVALID_RECORD;
+        }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+        if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+            ssl->state != MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC    &&
+            ssl->state != MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC) {
+            if (ssl->handshake == NULL) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("dropping ChangeCipherSpec outside handshake"));
+                return MBEDTLS_ERR_SSL_UNEXPECTED_RECORD;
+            }
+
+            MBEDTLS_SSL_DEBUG_MSG(1, ("received out-of-order ChangeCipherSpec - remember"));
+            return MBEDTLS_ERR_SSL_EARLY_MESSAGE;
+        }
+#endif
+    }
+
+    if (ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT) {
+        if (ssl->in_msglen != 2) {
+            /* Note: Standard allows for more than one 2 byte alert
+               to be packed in a single message, but Mbed TLS doesn't
+               currently support this. */
+            MBEDTLS_SSL_DEBUG_MSG(1, ("invalid alert message, len: %" MBEDTLS_PRINTF_SIZET,
+                                      ssl->in_msglen));
+            return MBEDTLS_ERR_SSL_INVALID_RECORD;
+        }
+
+        MBEDTLS_SSL_DEBUG_MSG(2, ("got an alert message, type: [%u:%u]",
+                                  ssl->in_msg[0], ssl->in_msg[1]));
+
+        /*
+         * Ignore non-fatal alerts, except close_notify and no_renegotiation
+         */
+        if (ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_FATAL) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("is a fatal alert message (msg %d)",
+                                      ssl->in_msg[1]));
+            return MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE;
+        }
+
+        if (ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING &&
+            ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY) {
+            MBEDTLS_SSL_DEBUG_MSG(2, ("is a close notify message"));
+            return MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY;
+        }
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION_ENABLED)
+        if (ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING &&
+            ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION) {
+            MBEDTLS_SSL_DEBUG_MSG(2, ("is a SSLv3 no renegotiation alert"));
+            /* Will be handled when trying to parse ServerHello */
+            return 0;
+        }
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_SRV_C)
+        if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 &&
+            ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
+            ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING &&
+            ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_CERT) {
+            MBEDTLS_SSL_DEBUG_MSG(2, ("is a SSLv3 no_cert"));
+            /* Will be handled in mbedtls_ssl_parse_certificate() */
+            return 0;
+        }
+#endif /* MBEDTLS_SSL_PROTO_SSL3 && MBEDTLS_SSL_SRV_C */
+
+        /* Silently ignore: fetch new message */
+        return MBEDTLS_ERR_SSL_NON_FATAL;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        /* Drop unexpected ApplicationData records,
+         * except at the beginning of renegotiations */
+        if (ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA &&
+            ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+            && !(ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
+                 ssl->state == MBEDTLS_SSL_SERVER_HELLO)
+#endif
+            ) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("dropping unexpected ApplicationData"));
+            return MBEDTLS_ERR_SSL_NON_FATAL;
+        }
+
+        if (ssl->handshake != NULL &&
+            ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER) {
+            mbedtls_ssl_handshake_wrapup_free_hs_transform(ssl);
+        }
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    return 0;
+}
+
+int mbedtls_ssl_send_fatal_handshake_failure(mbedtls_ssl_context *ssl)
+{
+    return mbedtls_ssl_send_alert_message(ssl,
+                                          MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                          MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+}
+
+int mbedtls_ssl_send_alert_message(mbedtls_ssl_context *ssl,
+                                   unsigned char level,
+                                   unsigned char message)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if (ssl == NULL || ssl->conf == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    if (ssl->out_left != 0) {
+        return mbedtls_ssl_flush_output(ssl);
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> send alert message"));
+    MBEDTLS_SSL_DEBUG_MSG(3, ("send alert level=%u message=%u", level, message));
+
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_ALERT;
+    ssl->out_msglen = 2;
+    ssl->out_msg[0] = level;
+    ssl->out_msg[1] = message;
+
+    if ((ret = mbedtls_ssl_write_record(ssl, SSL_FORCE_FLUSH)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_record", ret);
+        return ret;
+    }
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= send alert message"));
+
+    return 0;
+}
+
+int mbedtls_ssl_write_change_cipher_spec(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write change cipher spec"));
+
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC;
+    ssl->out_msglen  = 1;
+    ssl->out_msg[0]  = 1;
+
+    ssl->state++;
+
+    if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret);
+        return ret;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= write change cipher spec"));
+
+    return 0;
+}
+
+int mbedtls_ssl_parse_change_cipher_spec(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse change cipher spec"));
+
+    if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret);
+        return ret;
+    }
+
+    if (ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad change cipher spec message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE);
+        return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+    }
+
+    /* CCS records are only accepted if they have length 1 and content '1',
+     * so we don't need to check this here. */
+
+    /*
+     * Switch to our negotiated transform and session parameters for inbound
+     * data.
+     */
+    MBEDTLS_SSL_DEBUG_MSG(3, ("switching to new transform spec for inbound data"));
+    ssl->transform_in = ssl->transform_negotiate;
+    ssl->session_in = ssl->session_negotiate;
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+        mbedtls_ssl_dtls_replay_reset(ssl);
+#endif
+
+        /* Increment epoch */
+        if (++ssl->in_epoch == 0) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("DTLS epoch would wrap"));
+            /* This is highly unlikely to happen for legitimate reasons, so
+               treat it as an attack and don't send an alert. */
+            return MBEDTLS_ERR_SSL_COUNTER_WRAPPING;
+        }
+    } else
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+    memset(ssl->in_ctr, 0, 8);
+
+    mbedtls_ssl_update_in_pointers(ssl);
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+    if (mbedtls_ssl_hw_record_activate != NULL) {
+        if ((ret = mbedtls_ssl_hw_record_activate(ssl, MBEDTLS_SSL_CHANNEL_INBOUND)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_activate", ret);
+            mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                           MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR);
+            return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        }
+    }
+#endif
+
+    ssl->state++;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse change cipher spec"));
+
+    return 0;
+}
+
+/* Once ssl->out_hdr as the address of the beginning of the
+ * next outgoing record is set, deduce the other pointers.
+ *
+ * Note: For TLS, we save the implicit record sequence number
+ *       (entering MAC computation) in the 8 bytes before ssl->out_hdr,
+ *       and the caller has to make sure there's space for this.
+ */
+
+static size_t ssl_transform_get_explicit_iv_len(
+    mbedtls_ssl_transform const *transform)
+{
+    if (transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2) {
+        return 0;
+    }
+
+    return transform->ivlen - transform->fixed_ivlen;
+}
+
+void mbedtls_ssl_update_out_pointers(mbedtls_ssl_context *ssl,
+                                     mbedtls_ssl_transform *transform)
+{
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        ssl->out_ctr = ssl->out_hdr +  3;
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+        ssl->out_cid = ssl->out_ctr +  8;
+        ssl->out_len = ssl->out_cid;
+        if (transform != NULL) {
+            ssl->out_len += transform->out_cid_len;
+        }
+#else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+        ssl->out_len = ssl->out_ctr + 8;
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+        ssl->out_iv  = ssl->out_len + 2;
+    } else
+#endif
+    {
+        ssl->out_ctr = ssl->out_hdr - 8;
+        ssl->out_len = ssl->out_hdr + 3;
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+        ssl->out_cid = ssl->out_len;
+#endif
+        ssl->out_iv  = ssl->out_hdr + 5;
+    }
+
+    ssl->out_msg = ssl->out_iv;
+    /* Adjust out_msg to make space for explicit IV, if used. */
+    if (transform != NULL) {
+        ssl->out_msg += ssl_transform_get_explicit_iv_len(transform);
+    }
+}
+
+/* Once ssl->in_hdr as the address of the beginning of the
+ * next incoming record is set, deduce the other pointers.
+ *
+ * Note: For TLS, we save the implicit record sequence number
+ *       (entering MAC computation) in the 8 bytes before ssl->in_hdr,
+ *       and the caller has to make sure there's space for this.
+ */
+
+void mbedtls_ssl_update_in_pointers(mbedtls_ssl_context *ssl)
+{
+    /* This function sets the pointers to match the case
+     * of unprotected TLS/DTLS records, with both  ssl->in_iv
+     * and ssl->in_msg pointing to the beginning of the record
+     * content.
+     *
+     * When decrypting a protected record, ssl->in_msg
+     * will be shifted to point to the beginning of the
+     * record plaintext.
+     */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        /* This sets the header pointers to match records
+         * without CID. When we receive a record containing
+         * a CID, the fields are shifted accordingly in
+         * ssl_parse_record_header(). */
+        ssl->in_ctr = ssl->in_hdr +  3;
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+        ssl->in_cid = ssl->in_ctr +  8;
+        ssl->in_len = ssl->in_cid; /* Default: no CID */
+#else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+        ssl->in_len = ssl->in_ctr + 8;
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+        ssl->in_iv  = ssl->in_len + 2;
+    } else
+#endif
+    {
+        ssl->in_ctr = ssl->in_hdr - 8;
+        ssl->in_len = ssl->in_hdr + 3;
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+        ssl->in_cid = ssl->in_len;
+#endif
+        ssl->in_iv  = ssl->in_hdr + 5;
+    }
+
+    /* This will be adjusted at record decryption time. */
+    ssl->in_msg = ssl->in_iv;
+}
+
+/*
+ * Setup an SSL context
+ */
+
+void mbedtls_ssl_reset_in_out_pointers(mbedtls_ssl_context *ssl)
+{
+    /* Set the incoming and outgoing record pointers. */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        ssl->out_hdr = ssl->out_buf;
+        ssl->in_hdr  = ssl->in_buf;
+    } else
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+    {
+        ssl->out_hdr = ssl->out_buf + 8;
+        ssl->in_hdr  = ssl->in_buf  + 8;
+    }
+
+    /* Derive other internal pointers. */
+    mbedtls_ssl_update_out_pointers(ssl, NULL /* no transform enabled */);
+    mbedtls_ssl_update_in_pointers(ssl);
+}
+
+/*
+ * SSL get accessors
+ */
+size_t mbedtls_ssl_get_bytes_avail(const mbedtls_ssl_context *ssl)
+{
+    return ssl->in_offt == NULL ? 0 : ssl->in_msglen;
+}
+
+int mbedtls_ssl_check_pending(const mbedtls_ssl_context *ssl)
+{
+    /*
+     * Case A: We're currently holding back
+     * a message for further processing.
+     */
+
+    if (ssl->keep_current_message == 1) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("ssl_check_pending: record held back for processing"));
+        return 1;
+    }
+
+    /*
+     * Case B: Further records are pending in the current datagram.
+     */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ssl->in_left > ssl->next_record_offset) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("ssl_check_pending: more records within current datagram"));
+        return 1;
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    /*
+     * Case C: A handshake message is being processed.
+     */
+
+    if (ssl->in_hslen > 0 && ssl->in_hslen < ssl->in_msglen) {
+        MBEDTLS_SSL_DEBUG_MSG(3,
+                              ("ssl_check_pending: more handshake messages within current record"));
+        return 1;
+    }
+
+    /*
+     * Case D: An application data message is being processed
+     */
+    if (ssl->in_offt != NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("ssl_check_pending: application data record is being processed"));
+        return 1;
+    }
+
+    /*
+     * In all other cases, the rest of the message can be dropped.
+     * As in ssl_get_next_record, this needs to be adapted if
+     * we implement support for multiple alerts in single records.
+     */
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("ssl_check_pending: nothing pending"));
+    return 0;
+}
+
+
+int mbedtls_ssl_get_record_expansion(const mbedtls_ssl_context *ssl)
+{
+    size_t transform_expansion = 0;
+    const mbedtls_ssl_transform *transform = ssl->transform_out;
+    unsigned block_size;
+
+    size_t out_hdr_len = mbedtls_ssl_out_hdr_len(ssl);
+
+    if (transform == NULL) {
+        return (int) out_hdr_len;
+    }
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    if (ssl->session_out->compression != MBEDTLS_SSL_COMPRESS_NULL) {
+        return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+    }
+#endif
+
+    switch (mbedtls_cipher_get_cipher_mode(&transform->cipher_ctx_enc)) {
+        case MBEDTLS_MODE_GCM:
+        case MBEDTLS_MODE_CCM:
+        case MBEDTLS_MODE_CHACHAPOLY:
+        case MBEDTLS_MODE_STREAM:
+            transform_expansion = transform->minlen;
+            break;
+
+        case MBEDTLS_MODE_CBC:
+
+            block_size = mbedtls_cipher_get_block_size(
+                &transform->cipher_ctx_enc);
+
+            /* Expansion due to the addition of the MAC. */
+            transform_expansion += transform->maclen;
+
+            /* Expansion due to the addition of CBC padding;
+             * Theoretically up to 256 bytes, but we never use
+             * more than the block size of the underlying cipher. */
+            transform_expansion += block_size;
+
+            /* For TLS 1.1 or higher, an explicit IV is added
+             * after the record header. */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
+            if (ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2) {
+                transform_expansion += block_size;
+            }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */
+
+            break;
+
+        default:
+            MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    if (transform->out_cid_len != 0) {
+        transform_expansion += MBEDTLS_SSL_MAX_CID_EXPANSION;
+    }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+    return (int) (out_hdr_len + transform_expansion);
+}
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+/*
+ * Check record counters and renegotiate if they're above the limit.
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_check_ctr_renegotiate(mbedtls_ssl_context *ssl)
+{
+    size_t ep_len = mbedtls_ssl_ep_len(ssl);
+    int in_ctr_cmp;
+    int out_ctr_cmp;
+
+    if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ||
+        ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ||
+        ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED) {
+        return 0;
+    }
+
+    in_ctr_cmp = memcmp(ssl->in_ctr + ep_len,
+                        ssl->conf->renego_period + ep_len, 8 - ep_len);
+    out_ctr_cmp = memcmp(ssl->cur_out_ctr + ep_len,
+                         ssl->conf->renego_period + ep_len, 8 - ep_len);
+
+    if (in_ctr_cmp <= 0 && out_ctr_cmp <= 0) {
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(1, ("record counter limit reached: renegotiate"));
+    return mbedtls_ssl_renegotiate(ssl);
+}
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+/*
+ * Receive application data decrypted from the SSL layer
+ */
+int mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t n;
+
+    if (ssl == NULL || ssl->conf == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> read"));
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) {
+            return ret;
+        }
+
+        if (ssl->handshake != NULL &&
+            ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING) {
+            if ((ret = mbedtls_ssl_flight_transmit(ssl)) != 0) {
+                return ret;
+            }
+        }
+    }
+#endif
+
+    /*
+     * Check if renegotiation is necessary and/or handshake is
+     * in process. If yes, perform/continue, and fall through
+     * if an unexpected packet is received while the client
+     * is waiting for the ServerHello.
+     *
+     * (There is no equivalent to the last condition on
+     *  the server-side as it is not treated as within
+     *  a handshake while waiting for the ClientHello
+     *  after a renegotiation request.)
+     */
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    ret = ssl_check_ctr_renegotiate(ssl);
+    if (ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO &&
+        ret != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "ssl_check_ctr_renegotiate", ret);
+        return ret;
+    }
+#endif
+
+    if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) {
+        ret = mbedtls_ssl_handshake(ssl);
+        if (ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO &&
+            ret != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_handshake", ret);
+            return ret;
+        }
+    }
+
+    /* Loop as long as no application data record is available */
+    while (ssl->in_offt == NULL) {
+        /* Start timer if not already running */
+        if (ssl->f_get_timer != NULL &&
+            ssl->f_get_timer(ssl->p_timer) == -1) {
+            mbedtls_ssl_set_timer(ssl, ssl->conf->read_timeout);
+        }
+
+        if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) {
+            if (ret == MBEDTLS_ERR_SSL_CONN_EOF) {
+                return 0;
+            }
+
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret);
+            return ret;
+        }
+
+        if (ssl->in_msglen  == 0 &&
+            ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA) {
+            /*
+             * OpenSSL sends empty messages to randomize the IV
+             */
+            if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) {
+                if (ret == MBEDTLS_ERR_SSL_CONN_EOF) {
+                    return 0;
+                }
+
+                MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret);
+                return ret;
+            }
+        }
+
+        if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("received handshake message"));
+
+            /*
+             * - For client-side, expect SERVER_HELLO_REQUEST.
+             * - For server-side, expect CLIENT_HELLO.
+             * - Fail (TLS) or silently drop record (DTLS) in other cases.
+             */
+
+#if defined(MBEDTLS_SSL_CLI_C)
+            if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT &&
+                (ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST ||
+                 ssl->in_hslen  != mbedtls_ssl_hs_hdr_len(ssl))) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("handshake received (not HelloRequest)"));
+
+                /* With DTLS, drop the packet (probably from last handshake) */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+                if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+                    continue;
+                }
+#endif
+                return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+            }
+#endif /* MBEDTLS_SSL_CLI_C */
+
+#if defined(MBEDTLS_SSL_SRV_C)
+            if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
+                ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("handshake received (not ClientHello)"));
+
+                /* With DTLS, drop the packet (probably from last handshake) */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+                if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+                    continue;
+                }
+#endif
+                return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+            }
+#endif /* MBEDTLS_SSL_SRV_C */
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+            /* Determine whether renegotiation attempt should be accepted */
+            if (!(ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED ||
+                  (ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
+                   ssl->conf->allow_legacy_renegotiation ==
+                   MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION))) {
+                /*
+                 * Accept renegotiation request
+                 */
+
+                /* DTLS clients need to know renego is server-initiated */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+                if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+                    ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) {
+                    ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING;
+                }
+#endif
+                ret = mbedtls_ssl_start_renegotiation(ssl);
+                if (ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO &&
+                    ret != 0) {
+                    MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_start_renegotiation",
+                                          ret);
+                    return ret;
+                }
+            } else
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+            {
+                /*
+                 * Refuse renegotiation
+                 */
+
+                MBEDTLS_SSL_DEBUG_MSG(3, ("refusing renegotiation, sending alert"));
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+                if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) {
+                    /* SSLv3 does not have a "no_renegotiation" warning, so
+                       we send a fatal alert and abort the connection. */
+                    mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                                   MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE);
+                    return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+                } else
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+                defined(MBEDTLS_SSL_PROTO_TLS1_2)
+                if (ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1) {
+                    if ((ret = mbedtls_ssl_send_alert_message(ssl,
+                                                              MBEDTLS_SSL_ALERT_LEVEL_WARNING,
+                                                              MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION))
+                        != 0) {
+                        return ret;
+                    }
+                } else
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 ||
+          MBEDTLS_SSL_PROTO_TLS1_2 */
+                {
+                    MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+                    return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+                }
+            }
+
+            /* At this point, we don't know whether the renegotiation has been
+             * completed or not. The cases to consider are the following:
+             * 1) The renegotiation is complete. In this case, no new record
+             *    has been read yet.
+             * 2) The renegotiation is incomplete because the client received
+             *    an application data record while awaiting the ServerHello.
+             * 3) The renegotiation is incomplete because the client received
+             *    a non-handshake, non-application data message while awaiting
+             *    the ServerHello.
+             * In each of these case, looping will be the proper action:
+             * - For 1), the next iteration will read a new record and check
+             *   if it's application data.
+             * - For 2), the loop condition isn't satisfied as application data
+             *   is present, hence continue is the same as break
+             * - For 3), the loop condition is satisfied and read_record
+             *   will re-deliver the message that was held back by the client
+             *   when expecting the ServerHello.
+             */
+            continue;
+        }
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+        else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING) {
+            if (ssl->conf->renego_max_records >= 0) {
+                if (++ssl->renego_records_seen > ssl->conf->renego_max_records) {
+                    MBEDTLS_SSL_DEBUG_MSG(1, ("renegotiation requested, "
+                                              "but not honored by client"));
+                    return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+                }
+            }
+        }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+        /* Fatal and closure alerts handled by mbedtls_ssl_read_record() */
+        if (ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT) {
+            MBEDTLS_SSL_DEBUG_MSG(2, ("ignoring non-fatal non-closure alert"));
+            return MBEDTLS_ERR_SSL_WANT_READ;
+        }
+
+        if (ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad application data message"));
+            return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+        }
+
+        ssl->in_offt = ssl->in_msg;
+
+        /* We're going to return something now, cancel timer,
+         * except if handshake (renegotiation) is in progress */
+        if (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER) {
+            mbedtls_ssl_set_timer(ssl, 0);
+        }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+        /* If we requested renego but received AppData, resend HelloRequest.
+         * Do it now, after setting in_offt, to avoid taking this branch
+         * again if ssl_write_hello_request() returns WANT_WRITE */
+#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION)
+        if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
+            ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING) {
+            if ((ret = mbedtls_ssl_resend_hello_request(ssl)) != 0) {
+                MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_resend_hello_request",
+                                      ret);
+                return ret;
+            }
+        }
+#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+    }
+
+    n = (len < ssl->in_msglen)
+        ? len : ssl->in_msglen;
+
+    if (len != 0) {
+        memcpy(buf, ssl->in_offt, n);
+        ssl->in_msglen -= n;
+    }
+
+    /* Zeroising the plaintext buffer to erase unused application data
+       from the memory. */
+    mbedtls_platform_zeroize(ssl->in_offt, n);
+
+    if (ssl->in_msglen == 0) {
+        /* all bytes consumed */
+        ssl->in_offt = NULL;
+        ssl->keep_current_message = 0;
+    } else {
+        /* more data available */
+        ssl->in_offt += n;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= read"));
+
+    return (int) n;
+}
+
+/*
+ * Send application data to be encrypted by the SSL layer, taking care of max
+ * fragment length and buffer size.
+ *
+ * According to RFC 5246 Section 6.2.1:
+ *
+ *      Zero-length fragments of Application data MAY be sent as they are
+ *      potentially useful as a traffic analysis countermeasure.
+ *
+ * Therefore, it is possible that the input message length is 0 and the
+ * corresponding return code is 0 on success.
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_real(mbedtls_ssl_context *ssl,
+                          const unsigned char *buf, size_t len)
+{
+    int ret = mbedtls_ssl_get_max_out_record_payload(ssl);
+    const size_t max_len = (size_t) ret;
+
+    if (ret < 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_get_max_out_record_payload", ret);
+        return ret;
+    }
+
+    if (len > max_len) {
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+        if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("fragment larger than the (negotiated) "
+                                      "maximum fragment length: %" MBEDTLS_PRINTF_SIZET
+                                      " > %" MBEDTLS_PRINTF_SIZET,
+                                      len, max_len));
+            return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+        } else
+#endif
+        len = max_len;
+    }
+
+    if (ssl->out_left != 0) {
+        /*
+         * The user has previously tried to send the data and
+         * MBEDTLS_ERR_SSL_WANT_WRITE or the message was only partially
+         * written. In this case, we expect the high-level write function
+         * (e.g. mbedtls_ssl_write()) to be called with the same parameters
+         */
+        if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_flush_output", ret);
+            return ret;
+        }
+    } else {
+        /*
+         * The user is trying to send a message the first time, so we need to
+         * copy the data into the internal buffers and setup the data structure
+         * to keep track of partial writes
+         */
+        ssl->out_msglen  = len;
+        ssl->out_msgtype = MBEDTLS_SSL_MSG_APPLICATION_DATA;
+        if (len > 0) {
+            memcpy(ssl->out_msg, buf, len);
+        }
+
+        if ((ret = mbedtls_ssl_write_record(ssl, SSL_FORCE_FLUSH)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_record", ret);
+            return ret;
+        }
+    }
+
+    return (int) len;
+}
+
+/*
+ * Write application data, doing 1/n-1 splitting if necessary.
+ *
+ * With non-blocking I/O, ssl_write_real() may return WANT_WRITE,
+ * then the caller will call us again with the same arguments, so
+ * remember whether we already did the split or not.
+ */
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_split(mbedtls_ssl_context *ssl,
+                           const unsigned char *buf, size_t len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if (ssl->conf->cbc_record_splitting ==
+        MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ||
+        len <= 1 ||
+        ssl->minor_ver > MBEDTLS_SSL_MINOR_VERSION_1 ||
+        mbedtls_cipher_get_cipher_mode(&ssl->transform_out->cipher_ctx_enc)
+        != MBEDTLS_MODE_CBC) {
+        return ssl_write_real(ssl, buf, len);
+    }
+
+    if (ssl->split_done == 0) {
+        if ((ret = ssl_write_real(ssl, buf, 1)) <= 0) {
+            return ret;
+        }
+        ssl->split_done = 1;
+    }
+
+    if ((ret = ssl_write_real(ssl, buf + 1, len - 1)) <= 0) {
+        return ret;
+    }
+    ssl->split_done = 0;
+
+    return ret + 1;
+}
+#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */
+
+/*
+ * Write application data (public-facing wrapper)
+ */
+int mbedtls_ssl_write(mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write"));
+
+    if (ssl == NULL || ssl->conf == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if ((ret = ssl_check_ctr_renegotiate(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "ssl_check_ctr_renegotiate", ret);
+        return ret;
+    }
+#endif
+
+    if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) {
+        if ((ret = mbedtls_ssl_handshake(ssl)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_handshake", ret);
+            return ret;
+        }
+    }
+
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+    ret = ssl_write_split(ssl, buf, len);
+#else
+    ret = ssl_write_real(ssl, buf, len);
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= write"));
+
+    return ret;
+}
+
+/*
+ * Notify the peer that the connection is being closed
+ */
+int mbedtls_ssl_close_notify(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if (ssl == NULL || ssl->conf == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write close notify"));
+
+    if (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER) {
+        if ((ret = mbedtls_ssl_send_alert_message(ssl,
+                                                  MBEDTLS_SSL_ALERT_LEVEL_WARNING,
+                                                  MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_send_alert_message", ret);
+            return ret;
+        }
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= write close notify"));
+
+    return 0;
+}
+
+void mbedtls_ssl_transform_free(mbedtls_ssl_transform *transform)
+{
+    if (transform == NULL) {
+        return;
+    }
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    deflateEnd(&transform->ctx_deflate);
+    inflateEnd(&transform->ctx_inflate);
+#endif
+
+    mbedtls_cipher_free(&transform->cipher_ctx_enc);
+    mbedtls_cipher_free(&transform->cipher_ctx_dec);
+
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+    mbedtls_md_free(&transform->md_ctx_enc);
+    mbedtls_md_free(&transform->md_ctx_dec);
+#endif
+
+    mbedtls_platform_zeroize(transform, sizeof(mbedtls_ssl_transform));
+}
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+
+void mbedtls_ssl_buffering_free(mbedtls_ssl_context *ssl)
+{
+    unsigned offset;
+    mbedtls_ssl_handshake_params * const hs = ssl->handshake;
+
+    if (hs == NULL) {
+        return;
+    }
+
+    ssl_free_buffered_record(ssl);
+
+    for (offset = 0; offset < MBEDTLS_SSL_MAX_BUFFERED_HS; offset++) {
+        ssl_buffering_free_slot(ssl, offset);
+    }
+}
+
+static void ssl_buffering_free_slot(mbedtls_ssl_context *ssl,
+                                    uint8_t slot)
+{
+    mbedtls_ssl_handshake_params * const hs = ssl->handshake;
+    mbedtls_ssl_hs_buffer * const hs_buf = &hs->buffering.hs[slot];
+
+    if (slot >= MBEDTLS_SSL_MAX_BUFFERED_HS) {
+        return;
+    }
+
+    if (hs_buf->is_valid == 1) {
+        hs->buffering.total_bytes_buffered -= hs_buf->data_len;
+        mbedtls_platform_zeroize(hs_buf->data, hs_buf->data_len);
+        mbedtls_free(hs_buf->data);
+        memset(hs_buf, 0, sizeof(mbedtls_ssl_hs_buffer));
+    }
+}
+
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+/*
+ * Convert version numbers to/from wire format
+ * and, for DTLS, to/from TLS equivalent.
+ *
+ * For TLS this is the identity.
+ * For DTLS, use 1's complement (v -> 255 - v, and then map as follows:
+ * 1.0 <-> 3.2      (DTLS 1.0 is based on TLS 1.1)
+ * 1.x <-> 3.x+1    for x != 0 (DTLS 1.2 based on TLS 1.2)
+ */
+void mbedtls_ssl_write_version(int major, int minor, int transport,
+                               unsigned char ver[2])
+{
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        if (minor == MBEDTLS_SSL_MINOR_VERSION_2) {
+            --minor; /* DTLS 1.0 stored as TLS 1.1 internally */
+
+        }
+        ver[0] = (unsigned char) (255 - (major - 2));
+        ver[1] = (unsigned char) (255 - (minor - 1));
+    } else
+#else
+    ((void) transport);
+#endif
+    {
+        ver[0] = (unsigned char) major;
+        ver[1] = (unsigned char) minor;
+    }
+}
+
+void mbedtls_ssl_read_version(int *major, int *minor, int transport,
+                              const unsigned char ver[2])
+{
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        *major = 255 - ver[0] + 2;
+        *minor = 255 - ver[1] + 1;
+
+        if (*minor == MBEDTLS_SSL_MINOR_VERSION_1) {
+            ++*minor; /* DTLS 1.0 stored as TLS 1.1 internally */
+        }
+    } else
+#else
+    ((void) transport);
+#endif
+    {
+        *major = ver[0];
+        *minor = ver[1];
+    }
+}
+
+#endif /* MBEDTLS_SSL_TLS_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/ssl_srv.c b/3rdparty/mbedtls-2.28.7/library/ssl_srv.c
new file mode 100644
index 0000000..544e50e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/ssl_srv.c
@@ -0,0 +1,4619 @@
+/*
+ *  SSLv3/TLSv1 server-side functions
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_SSL_SRV_C)
+
+#include "mbedtls/platform.h"
+
+#include "mbedtls/ssl.h"
+#include "mbedtls/ssl_internal.h"
+#include "mbedtls/debug.h"
+#include "mbedtls/error.h"
+#include "mbedtls/platform_util.h"
+#include "constant_time_internal.h"
+#include "mbedtls/constant_time.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_ECP_C)
+#include "mbedtls/ecp.h"
+#endif
+
+#if defined(MBEDTLS_HAVE_TIME)
+#include "mbedtls/platform_time.h"
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
+int mbedtls_ssl_set_client_transport_id(mbedtls_ssl_context *ssl,
+                                        const unsigned char *info,
+                                        size_t ilen)
+{
+    if (ssl->conf->endpoint != MBEDTLS_SSL_IS_SERVER) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    mbedtls_free(ssl->cli_id);
+
+    if ((ssl->cli_id = mbedtls_calloc(1, ilen)) == NULL) {
+        return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+    }
+
+    memcpy(ssl->cli_id, info, ilen);
+    ssl->cli_id_len = ilen;
+
+    return 0;
+}
+
+void mbedtls_ssl_conf_dtls_cookies(mbedtls_ssl_config *conf,
+                                   mbedtls_ssl_cookie_write_t *f_cookie_write,
+                                   mbedtls_ssl_cookie_check_t *f_cookie_check,
+                                   void *p_cookie)
+{
+    conf->f_cookie_write = f_cookie_write;
+    conf->f_cookie_check = f_cookie_check;
+    conf->p_cookie       = p_cookie;
+}
+#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_servername_ext(mbedtls_ssl_context *ssl,
+                                    const unsigned char *buf,
+                                    size_t len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t servername_list_size, hostname_len;
+    const unsigned char *p;
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("parse ServerName extension"));
+
+    if (len < 2) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+    servername_list_size = ((buf[0] << 8) | (buf[1]));
+    if (servername_list_size + 2 != len) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    p = buf + 2;
+    while (servername_list_size > 2) {
+        hostname_len = ((p[1] << 8) | p[2]);
+        if (hostname_len + 3 > servername_list_size) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+            mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                           MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+        }
+
+        if (p[0] == MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME) {
+            ret = ssl->conf->f_sni(ssl->conf->p_sni,
+                                   ssl, p + 3, hostname_len);
+            if (ret != 0) {
+                MBEDTLS_SSL_DEBUG_RET(1, "ssl_sni_wrapper", ret);
+                mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                               MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME);
+                return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+            }
+            return 0;
+        }
+
+        servername_list_size -= hostname_len + 3;
+        p += hostname_len + 3;
+    }
+
+    if (servername_list_size != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_conf_has_psk_or_cb(mbedtls_ssl_config const *conf)
+{
+    if (conf->f_psk != NULL) {
+        return 1;
+    }
+
+    if (conf->psk_identity_len == 0 || conf->psk_identity == NULL) {
+        return 0;
+    }
+
+    if (conf->psk != NULL && conf->psk_len != 0) {
+        return 1;
+    }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (!mbedtls_svc_key_id_is_null(conf->psk_opaque)) {
+        return 1;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    return 0;
+}
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_use_opaque_psk(mbedtls_ssl_context const *ssl)
+{
+    if (ssl->conf->f_psk != NULL) {
+        /* If we've used a callback to select the PSK,
+         * the static configuration is irrelevant. */
+
+        if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) {
+            return 1;
+        }
+
+        return 0;
+    }
+
+    if (!mbedtls_svc_key_id_is_null(ssl->conf->psk_opaque)) {
+        return 1;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_renegotiation_info(mbedtls_ssl_context *ssl,
+                                        const unsigned char *buf,
+                                        size_t len)
+{
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) {
+        /* Check verify-data in constant-time. The length OTOH is no secret */
+        if (len    != 1 + ssl->verify_data_len ||
+            buf[0] !=     ssl->verify_data_len ||
+            mbedtls_ct_memcmp(buf + 1, ssl->peer_verify_data,
+                              ssl->verify_data_len) != 0) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("non-matching renegotiation info"));
+            mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                           MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+        }
+    } else
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+    {
+        if (len != 1 || buf[0] != 0x0) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("non-zero length renegotiation info"));
+            mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                           MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+        }
+
+        ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION;
+    }
+
+    return 0;
+}
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+
+/*
+ * Status of the implementation of signature-algorithms extension:
+ *
+ * Currently, we are only considering the signature-algorithm extension
+ * to pick a ciphersuite which allows us to send the ServerKeyExchange
+ * message with a signature-hash combination that the user allows.
+ *
+ * We do *not* check whether all certificates in our certificate
+ * chain are signed with an allowed signature-hash pair.
+ * This needs to be done at a later stage.
+ *
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_signature_algorithms_ext(mbedtls_ssl_context *ssl,
+                                              const unsigned char *buf,
+                                              size_t len)
+{
+    size_t sig_alg_list_size;
+
+    const unsigned char *p;
+    const unsigned char *end = buf + len;
+
+    mbedtls_md_type_t md_cur;
+    mbedtls_pk_type_t sig_cur;
+
+    if (len < 2) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+    sig_alg_list_size = ((buf[0] << 8) | (buf[1]));
+    if (sig_alg_list_size + 2 != len ||
+        sig_alg_list_size % 2 != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    /* Currently we only guarantee signing the ServerKeyExchange message according
+     * to the constraints specified in this extension (see above), so it suffices
+     * to remember only one suitable hash for each possible signature algorithm.
+     *
+     * This will change when we also consider certificate signatures,
+     * in which case we will need to remember the whole signature-hash
+     * pair list from the extension.
+     */
+
+    for (p = buf + 2; p < end; p += 2) {
+        /* Silently ignore unknown signature or hash algorithms. */
+
+        if ((sig_cur = mbedtls_ssl_pk_alg_from_sig(p[1])) == MBEDTLS_PK_NONE) {
+            MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, signature_algorithm ext"
+                                      " unknown sig alg encoding %d", p[1]));
+            continue;
+        }
+
+        /* Check if we support the hash the user proposes */
+        md_cur = mbedtls_ssl_md_alg_from_hash(p[0]);
+        if (md_cur == MBEDTLS_MD_NONE) {
+            MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, signature_algorithm ext:"
+                                      " unknown hash alg encoding %d", p[0]));
+            continue;
+        }
+
+        if (mbedtls_ssl_check_sig_hash(ssl, md_cur) == 0) {
+            mbedtls_ssl_sig_hash_set_add(&ssl->handshake->hash_algs, sig_cur, md_cur);
+            MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, signature_algorithm ext:"
+                                      " match sig %u and hash %u",
+                                      (unsigned) sig_cur, (unsigned) md_cur));
+        } else {
+            MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, signature_algorithm ext: "
+                                      "hash alg %u not supported", (unsigned) md_cur));
+        }
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
+          MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_supported_elliptic_curves(mbedtls_ssl_context *ssl,
+                                               const unsigned char *buf,
+                                               size_t len)
+{
+    size_t list_size, our_size;
+    const unsigned char *p;
+    const mbedtls_ecp_curve_info *curve_info, **curves;
+
+    if (len < 2) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+    list_size = ((buf[0] << 8) | (buf[1]));
+    if (list_size + 2 != len ||
+        list_size % 2 != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    /* Should never happen unless client duplicates the extension */
+    if (ssl->handshake->curves != NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    /* Don't allow our peer to make us allocate too much memory,
+     * and leave room for a final 0 */
+    our_size = list_size / 2 + 1;
+    if (our_size > MBEDTLS_ECP_DP_MAX) {
+        our_size = MBEDTLS_ECP_DP_MAX;
+    }
+
+    if ((curves = mbedtls_calloc(our_size, sizeof(*curves))) == NULL) {
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR);
+        return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+    }
+
+    ssl->handshake->curves = curves;
+
+    p = buf + 2;
+    while (list_size > 0 && our_size > 1) {
+        curve_info = mbedtls_ecp_curve_info_from_tls_id((p[0] << 8) | p[1]);
+
+        if (curve_info != NULL) {
+            *curves++ = curve_info;
+            our_size--;
+        }
+
+        list_size -= 2;
+        p += 2;
+    }
+
+    return 0;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_supported_point_formats(mbedtls_ssl_context *ssl,
+                                             const unsigned char *buf,
+                                             size_t len)
+{
+    size_t list_size;
+    const unsigned char *p;
+
+    if (len == 0 || (size_t) (buf[0] + 1) != len) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+    list_size = buf[0];
+
+    p = buf + 1;
+    while (list_size > 0) {
+        if (p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED ||
+            p[0] == MBEDTLS_ECP_PF_COMPRESSED) {
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
+            ssl->handshake->ecdh_ctx.point_format = p[0];
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+            ssl->handshake->ecjpake_ctx.point_format = p[0];
+#endif
+            MBEDTLS_SSL_DEBUG_MSG(4, ("point format selected: %d", p[0]));
+            return 0;
+        }
+
+        list_size--;
+        p++;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
+          MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_ecjpake_kkpp(mbedtls_ssl_context *ssl,
+                                  const unsigned char *buf,
+                                  size_t len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if (mbedtls_ecjpake_check(&ssl->handshake->ecjpake_ctx) != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("skip ecjpake kkpp extension"));
+        return 0;
+    }
+
+    if ((ret = mbedtls_ecjpake_read_round_one(&ssl->handshake->ecjpake_ctx,
+                                              buf, len)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_read_round_one", ret);
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+        return ret;
+    }
+
+    /* Only mark the extension as OK when we're sure it is */
+    ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK;
+
+    return 0;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_max_fragment_length_ext(mbedtls_ssl_context *ssl,
+                                             const unsigned char *buf,
+                                             size_t len)
+{
+    if (len != 1 || buf[0] >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    ssl->session_negotiate->mfl_code = buf[0];
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_cid_ext(mbedtls_ssl_context *ssl,
+                             const unsigned char *buf,
+                             size_t len)
+{
+    size_t peer_cid_len;
+
+    /* CID extension only makes sense in DTLS */
+    if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    /*
+     * Quoting draft-ietf-tls-dtls-connection-id-05
+     * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05
+     *
+     *   struct {
+     *      opaque cid<0..2^8-1>;
+     *   } ConnectionId;
+     */
+
+    if (len < 1) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    peer_cid_len = *buf++;
+    len--;
+
+    if (len != peer_cid_len) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    /* Ignore CID if the user has disabled its use. */
+    if (ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED) {
+        /* Leave ssl->handshake->cid_in_use in its default
+         * value of MBEDTLS_SSL_CID_DISABLED. */
+        MBEDTLS_SSL_DEBUG_MSG(3, ("Client sent CID extension, but CID disabled"));
+        return 0;
+    }
+
+    if (peer_cid_len > MBEDTLS_SSL_CID_OUT_LEN_MAX) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED;
+    ssl->handshake->peer_cid_len = (uint8_t) peer_cid_len;
+    memcpy(ssl->handshake->peer_cid, buf, peer_cid_len);
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("Use of CID extension negotiated"));
+    MBEDTLS_SSL_DEBUG_BUF(3, "Client CID", buf, peer_cid_len);
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_truncated_hmac_ext(mbedtls_ssl_context *ssl,
+                                        const unsigned char *buf,
+                                        size_t len)
+{
+    if (len != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    ((void) buf);
+
+    if (ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED) {
+        ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_encrypt_then_mac_ext(mbedtls_ssl_context *ssl,
+                                          const unsigned char *buf,
+                                          size_t len)
+{
+    if (len != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    ((void) buf);
+
+    if (ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED &&
+        ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0) {
+        ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_extended_ms_ext(mbedtls_ssl_context *ssl,
+                                     const unsigned char *buf,
+                                     size_t len)
+{
+    if (len != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    ((void) buf);
+
+    if (ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED &&
+        ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0) {
+        ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_session_ticket_ext(mbedtls_ssl_context *ssl,
+                                        unsigned char *buf,
+                                        size_t len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ssl_session session;
+
+    mbedtls_ssl_session_init(&session);
+
+    if (ssl->conf->f_ticket_parse == NULL ||
+        ssl->conf->f_ticket_write == NULL) {
+        return 0;
+    }
+
+    /* Remember the client asked us to send a new ticket */
+    ssl->handshake->new_session_ticket = 1;
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("ticket length: %" MBEDTLS_PRINTF_SIZET, len));
+
+    if (len == 0) {
+        return 0;
+    }
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("ticket rejected: renegotiating"));
+        return 0;
+    }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+    /*
+     * Failures are ok: just ignore the ticket and proceed.
+     */
+    if ((ret = ssl->conf->f_ticket_parse(ssl->conf->p_ticket, &session,
+                                         buf, len)) != 0) {
+        mbedtls_ssl_session_free(&session);
+
+        if (ret == MBEDTLS_ERR_SSL_INVALID_MAC) {
+            MBEDTLS_SSL_DEBUG_MSG(3, ("ticket is not authentic"));
+        } else if (ret == MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED) {
+            MBEDTLS_SSL_DEBUG_MSG(3, ("ticket is expired"));
+        } else {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_ticket_parse", ret);
+        }
+
+        return 0;
+    }
+
+    /*
+     * Keep the session ID sent by the client, since we MUST send it back to
+     * inform them we're accepting the ticket  (RFC 5077 section 3.4)
+     */
+    session.id_len = ssl->session_negotiate->id_len;
+    memcpy(&session.id, ssl->session_negotiate->id, session.id_len);
+
+    mbedtls_ssl_session_free(ssl->session_negotiate);
+    memcpy(ssl->session_negotiate, &session, sizeof(mbedtls_ssl_session));
+
+    /* Zeroize instead of free as we copied the content */
+    mbedtls_platform_zeroize(&session, sizeof(mbedtls_ssl_session));
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("session successfully restored from ticket"));
+
+    ssl->handshake->resume = 1;
+
+    /* Don't send a new ticket after all, this one is OK */
+    ssl->handshake->new_session_ticket = 0;
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_SSL_ALPN)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_alpn_ext(mbedtls_ssl_context *ssl,
+                              const unsigned char *buf, size_t len)
+{
+    size_t list_len, cur_len, ours_len;
+    const unsigned char *theirs, *start, *end;
+    const char **ours;
+
+    /* If ALPN not configured, just ignore the extension */
+    if (ssl->conf->alpn_list == NULL) {
+        return 0;
+    }
+
+    /*
+     * opaque ProtocolName<1..2^8-1>;
+     *
+     * struct {
+     *     ProtocolName protocol_name_list<2..2^16-1>
+     * } ProtocolNameList;
+     */
+
+    /* Min length is 2 (list_len) + 1 (name_len) + 1 (name) */
+    if (len < 4) {
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    list_len = (buf[0] << 8) | buf[1];
+    if (list_len != len - 2) {
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    /*
+     * Validate peer's list (lengths)
+     */
+    start = buf + 2;
+    end = buf + len;
+    for (theirs = start; theirs != end; theirs += cur_len) {
+        cur_len = *theirs++;
+
+        /* Current identifier must fit in list */
+        if (cur_len > (size_t) (end - theirs)) {
+            mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                           MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+        }
+
+        /* Empty strings MUST NOT be included */
+        if (cur_len == 0) {
+            mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                           MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER);
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+        }
+    }
+
+    /*
+     * Use our order of preference
+     */
+    for (ours = ssl->conf->alpn_list; *ours != NULL; ours++) {
+        ours_len = strlen(*ours);
+        for (theirs = start; theirs != end; theirs += cur_len) {
+            cur_len = *theirs++;
+
+            if (cur_len == ours_len &&
+                memcmp(theirs, *ours, cur_len) == 0) {
+                ssl->alpn_chosen = *ours;
+                return 0;
+            }
+        }
+    }
+
+    /* If we get there, no match was found */
+    mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                   MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL);
+    return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+}
+#endif /* MBEDTLS_SSL_ALPN */
+
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_use_srtp_ext(mbedtls_ssl_context *ssl,
+                                  const unsigned char *buf,
+                                  size_t len)
+{
+    mbedtls_ssl_srtp_profile client_protection = MBEDTLS_TLS_SRTP_UNSET;
+    size_t i, j;
+    size_t profile_length;
+    uint16_t mki_length;
+    /*! 2 bytes for profile length and 1 byte for mki len */
+    const size_t size_of_lengths = 3;
+
+    /* If use_srtp is not configured, just ignore the extension */
+    if ((ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) ||
+        (ssl->conf->dtls_srtp_profile_list == NULL) ||
+        (ssl->conf->dtls_srtp_profile_list_len == 0)) {
+        return 0;
+    }
+
+    /* RFC5764 section 4.1.1
+     * uint8 SRTPProtectionProfile[2];
+     *
+     * struct {
+     *   SRTPProtectionProfiles SRTPProtectionProfiles;
+     *   opaque srtp_mki<0..255>;
+     * } UseSRTPData;
+
+     * SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1>;
+     */
+
+    /*
+     * Min length is 5: at least one protection profile(2 bytes)
+     *                  and length(2 bytes) + srtp_mki length(1 byte)
+     * Check here that we have at least 2 bytes of protection profiles length
+     * and one of srtp_mki length
+     */
+    if (len < size_of_lengths) {
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    ssl->dtls_srtp_info.chosen_dtls_srtp_profile = MBEDTLS_TLS_SRTP_UNSET;
+
+    /* first 2 bytes are protection profile length(in bytes) */
+    profile_length = (buf[0] << 8) | buf[1];
+    buf += 2;
+
+    /* The profile length cannot be bigger than input buffer size - lengths fields */
+    if (profile_length > len - size_of_lengths ||
+        profile_length % 2 != 0) { /* profiles are 2 bytes long, so the length must be even */
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+    /*
+     * parse the extension list values are defined in
+     * http://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml
+     */
+    for (j = 0; j < profile_length; j += 2) {
+        uint16_t protection_profile_value = buf[j] << 8 | buf[j + 1];
+        client_protection = mbedtls_ssl_check_srtp_profile_value(protection_profile_value);
+
+        if (client_protection != MBEDTLS_TLS_SRTP_UNSET) {
+            MBEDTLS_SSL_DEBUG_MSG(3, ("found srtp profile: %s",
+                                      mbedtls_ssl_get_srtp_profile_as_string(
+                                          client_protection)));
+        } else {
+            continue;
+        }
+        /* check if suggested profile is in our list */
+        for (i = 0; i < ssl->conf->dtls_srtp_profile_list_len; i++) {
+            if (client_protection == ssl->conf->dtls_srtp_profile_list[i]) {
+                ssl->dtls_srtp_info.chosen_dtls_srtp_profile = ssl->conf->dtls_srtp_profile_list[i];
+                MBEDTLS_SSL_DEBUG_MSG(3, ("selected srtp profile: %s",
+                                          mbedtls_ssl_get_srtp_profile_as_string(
+                                              client_protection)));
+                break;
+            }
+        }
+        if (ssl->dtls_srtp_info.chosen_dtls_srtp_profile != MBEDTLS_TLS_SRTP_UNSET) {
+            break;
+        }
+    }
+    buf += profile_length; /* buf points to the mki length */
+    mki_length = *buf;
+    buf++;
+
+    if (mki_length > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH ||
+        mki_length + profile_length + size_of_lengths != len) {
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    /* Parse the mki only if present and mki is supported locally */
+    if (ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED &&
+        mki_length > 0) {
+        ssl->dtls_srtp_info.mki_len = mki_length;
+
+        memcpy(ssl->dtls_srtp_info.mki_value, buf, mki_length);
+
+        MBEDTLS_SSL_DEBUG_BUF(3, "using mki",  ssl->dtls_srtp_info.mki_value,
+                              ssl->dtls_srtp_info.mki_len);
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
+/*
+ * Auxiliary functions for ServerHello parsing and related actions
+ */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+/*
+ * Return 0 if the given key uses one of the acceptable curves, -1 otherwise
+ */
+#if defined(MBEDTLS_ECDSA_C)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_check_key_curve(mbedtls_pk_context *pk,
+                               const mbedtls_ecp_curve_info **curves)
+{
+    const mbedtls_ecp_curve_info **crv = curves;
+    mbedtls_ecp_group_id grp_id = mbedtls_pk_ec(*pk)->grp.id;
+
+    while (*crv != NULL) {
+        if ((*crv)->grp_id == grp_id) {
+            return 0;
+        }
+        crv++;
+    }
+
+    return -1;
+}
+#endif /* MBEDTLS_ECDSA_C */
+
+/*
+ * Try picking a certificate for this ciphersuite,
+ * return 0 on success and -1 on failure.
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_pick_cert(mbedtls_ssl_context *ssl,
+                         const mbedtls_ssl_ciphersuite_t *ciphersuite_info)
+{
+    mbedtls_ssl_key_cert *cur, *list, *fallback = NULL;
+    mbedtls_pk_type_t pk_alg =
+        mbedtls_ssl_get_ciphersuite_sig_pk_alg(ciphersuite_info);
+    uint32_t flags;
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    if (ssl->handshake->sni_key_cert != NULL) {
+        list = ssl->handshake->sni_key_cert;
+    } else
+#endif
+    list = ssl->conf->key_cert;
+
+    if (pk_alg == MBEDTLS_PK_NONE) {
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite requires certificate"));
+
+    if (list == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("server has no certificate"));
+        return -1;
+    }
+
+    for (cur = list; cur != NULL; cur = cur->next) {
+        flags = 0;
+        MBEDTLS_SSL_DEBUG_CRT(3, "candidate certificate chain, certificate",
+                              cur->cert);
+
+        if (!mbedtls_pk_can_do(&cur->cert->pk, pk_alg)) {
+            MBEDTLS_SSL_DEBUG_MSG(3, ("certificate mismatch: key type"));
+            continue;
+        }
+
+        /*
+         * This avoids sending the client a cert it'll reject based on
+         * keyUsage or other extensions.
+         *
+         * It also allows the user to provision different certificates for
+         * different uses based on keyUsage, eg if they want to avoid signing
+         * and decrypting with the same RSA key.
+         */
+        if (mbedtls_ssl_check_cert_usage(cur->cert, ciphersuite_info,
+                                         MBEDTLS_SSL_IS_SERVER, &flags) != 0) {
+            MBEDTLS_SSL_DEBUG_MSG(3, ("certificate mismatch: "
+                                      "(extended) key usage extension"));
+            continue;
+        }
+
+#if defined(MBEDTLS_ECDSA_C)
+        if (pk_alg == MBEDTLS_PK_ECDSA &&
+            ssl_check_key_curve(&cur->cert->pk, ssl->handshake->curves) != 0) {
+            MBEDTLS_SSL_DEBUG_MSG(3, ("certificate mismatch: elliptic curve"));
+            continue;
+        }
+#endif
+
+        /*
+         * Try to select a SHA-1 certificate for pre-1.2 clients, but still
+         * present them a SHA-higher cert rather than failing if it's the only
+         * one we got that satisfies the other conditions.
+         */
+        if (ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 &&
+            cur->cert->sig_md != MBEDTLS_MD_SHA1) {
+            if (fallback == NULL) {
+                fallback = cur;
+            }
+            {
+                MBEDTLS_SSL_DEBUG_MSG(3, ("certificate not preferred: "
+                                          "sha-2 with pre-TLS 1.2 client"));
+                continue;
+            }
+        }
+
+        /* If we get there, we got a winner */
+        break;
+    }
+
+    if (cur == NULL) {
+        cur = fallback;
+    }
+
+    /* Do not update ssl->handshake->key_cert unless there is a match */
+    if (cur != NULL) {
+        ssl->handshake->key_cert = cur;
+        MBEDTLS_SSL_DEBUG_CRT(3, "selected certificate chain, certificate",
+                              ssl->handshake->key_cert->cert);
+        return 0;
+    }
+
+    return -1;
+}
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+/*
+ * Check if a given ciphersuite is suitable for use with our config/keys/etc
+ * Sets ciphersuite_info only if the suite matches.
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_ciphersuite_match(mbedtls_ssl_context *ssl, int suite_id,
+                                 const mbedtls_ssl_ciphersuite_t **ciphersuite_info)
+{
+    const mbedtls_ssl_ciphersuite_t *suite_info;
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    mbedtls_pk_type_t sig_type;
+#endif
+
+    suite_info = mbedtls_ssl_ciphersuite_from_id(suite_id);
+    if (suite_info == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("trying ciphersuite: %#04x (%s)",
+                              (unsigned int) suite_id, suite_info->name));
+
+    if (suite_info->min_minor_ver > ssl->minor_ver ||
+        suite_info->max_minor_ver < ssl->minor_ver) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: version"));
+        return 0;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        (suite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS)) {
+        return 0;
+    }
+#endif
+
+#if defined(MBEDTLS_ARC4_C)
+    if (ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED &&
+        suite_info->cipher == MBEDTLS_CIPHER_ARC4_128) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: rc4"));
+        return 0;
+    }
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    if (suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE &&
+        (ssl->handshake->cli_exts & MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK) == 0) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: ecjpake "
+                                  "not configured or ext missing"));
+        return 0;
+    }
+#endif
+
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
+    if (mbedtls_ssl_ciphersuite_uses_ec(suite_info) &&
+        (ssl->handshake->curves == NULL ||
+         ssl->handshake->curves[0] == NULL)) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: "
+                                  "no common elliptic curve"));
+        return 0;
+    }
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+    /* If the ciphersuite requires a pre-shared key and we don't
+     * have one, skip it now rather than failing later */
+    if (mbedtls_ssl_ciphersuite_uses_psk(suite_info) &&
+        ssl_conf_has_psk_or_cb(ssl->conf) == 0) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: no pre-shared key"));
+        return 0;
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    /* If the ciphersuite requires signing, check whether
+     * a suitable hash algorithm is present. */
+    if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) {
+        sig_type = mbedtls_ssl_get_ciphersuite_sig_alg(suite_info);
+        if (sig_type != MBEDTLS_PK_NONE &&
+            mbedtls_ssl_sig_hash_set_find(&ssl->handshake->hash_algs,
+                                          sig_type) == MBEDTLS_MD_NONE) {
+            MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: no suitable hash algorithm "
+                                      "for signature algorithm %u", (unsigned) sig_type));
+            return 0;
+        }
+    }
+
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
+          MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    /*
+     * Final check: if ciphersuite requires us to have a
+     * certificate/key of a particular type:
+     * - select the appropriate certificate if we have one, or
+     * - try the next ciphersuite if we don't
+     * This must be done last since we modify the key_cert list.
+     */
+    if (ssl_pick_cert(ssl, suite_info) != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: "
+                                  "no suitable certificate"));
+        return 0;
+    }
+#endif
+
+    *ciphersuite_info = suite_info;
+    return 0;
+}
+
+#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_client_hello_v2(mbedtls_ssl_context *ssl)
+{
+    int ret, got_common_suite;
+    unsigned int i, j;
+    size_t n;
+    unsigned int ciph_len, sess_len, chal_len;
+    unsigned char *buf, *p;
+    const int *ciphersuites;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse client hello v2"));
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("client hello v2 illegal for renegotiation"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+    buf = ssl->in_hdr;
+
+    MBEDTLS_SSL_DEBUG_BUF(4, "record header", buf, 5);
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v2, message type: %d",
+                              buf[2]));
+    MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v2, message len.: %d",
+                              ((buf[0] & 0x7F) << 8) | buf[1]));
+    MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v2, max. version: [%d:%d]",
+                              buf[3], buf[4]));
+
+    /*
+     * SSLv2 Client Hello
+     *
+     * Record layer:
+     *     0  .   1   message length
+     *
+     * SSL layer:
+     *     2  .   2   message type
+     *     3  .   4   protocol version
+     */
+    if (buf[2] != MBEDTLS_SSL_HS_CLIENT_HELLO ||
+        buf[3] != MBEDTLS_SSL_MAJOR_VERSION_3) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    n = ((buf[0] << 8) | buf[1]) & 0x7FFF;
+
+    if (n < 17 || n > 512) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    ssl->major_ver = MBEDTLS_SSL_MAJOR_VERSION_3;
+    ssl->minor_ver = (buf[4] <= ssl->conf->max_minor_ver)
+                     ? buf[4]  : ssl->conf->max_minor_ver;
+
+    if (ssl->minor_ver < ssl->conf->min_minor_ver) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("client only supports ssl smaller than minimum"
+                                  " [%d:%d] < [%d:%d]",
+                                  ssl->major_ver, ssl->minor_ver,
+                                  ssl->conf->min_major_ver, ssl->conf->min_minor_ver));
+
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION);
+        return MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION;
+    }
+
+    ssl->handshake->max_major_ver = buf[3];
+    ssl->handshake->max_minor_ver = buf[4];
+
+    if ((ret = mbedtls_ssl_fetch_input(ssl, 2 + n)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_fetch_input", ret);
+        return ret;
+    }
+
+    ssl->handshake->update_checksum(ssl, buf + 2, n);
+
+    buf = ssl->in_msg;
+    n = ssl->in_left - 5;
+
+    /*
+     *    0  .   1   ciphersuitelist length
+     *    2  .   3   session id length
+     *    4  .   5   challenge length
+     *    6  .  ..   ciphersuitelist
+     *   ..  .  ..   session id
+     *   ..  .  ..   challenge
+     */
+    MBEDTLS_SSL_DEBUG_BUF(4, "record contents", buf, n);
+
+    ciph_len = (buf[0] << 8) | buf[1];
+    sess_len = (buf[2] << 8) | buf[3];
+    chal_len = (buf[4] << 8) | buf[5];
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("ciph_len: %u, sess_len: %u, chal_len: %u",
+                              ciph_len, sess_len, chal_len));
+
+    /*
+     * Make sure each parameter length is valid
+     */
+    if (ciph_len < 3 || (ciph_len % 3) != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    if (sess_len > 32) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    if (chal_len < 8 || chal_len > 32) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    if (n != 6 + ciph_len + sess_len + chal_len) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    MBEDTLS_SSL_DEBUG_BUF(3, "client hello, ciphersuitelist",
+                          buf + 6, ciph_len);
+    MBEDTLS_SSL_DEBUG_BUF(3, "client hello, session id",
+                          buf + 6 + ciph_len, sess_len);
+    MBEDTLS_SSL_DEBUG_BUF(3, "client hello, challenge",
+                          buf + 6 + ciph_len + sess_len, chal_len);
+
+    p = buf + 6 + ciph_len;
+    ssl->session_negotiate->id_len = sess_len;
+    memset(ssl->session_negotiate->id, 0,
+           sizeof(ssl->session_negotiate->id));
+    memcpy(ssl->session_negotiate->id, p, ssl->session_negotiate->id_len);
+
+    p += sess_len;
+    memset(ssl->handshake->randbytes, 0, 64);
+    memcpy(ssl->handshake->randbytes + 32 - chal_len, p, chal_len);
+
+    /*
+     * Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV
+     */
+    for (i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3) {
+        if (p[0] == 0 && p[1] == 0 && p[2] == MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO) {
+            MBEDTLS_SSL_DEBUG_MSG(3, ("received TLS_EMPTY_RENEGOTIATION_INFO "));
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+            if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("received RENEGOTIATION SCSV "
+                                          "during renegotiation"));
+
+                mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                               MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+                return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+            }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+            ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION;
+            break;
+        }
+    }
+
+#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
+    for (i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3) {
+        if (p[0] == 0 &&
+            MBEDTLS_GET_UINT16_BE(p, 1) != MBEDTLS_SSL_FALLBACK_SCSV_VALUE) {
+            MBEDTLS_SSL_DEBUG_MSG(3, ("received FALLBACK_SCSV"));
+
+            if (ssl->minor_ver < ssl->conf->max_minor_ver) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("inapropriate fallback"));
+
+                mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                               MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK);
+
+                return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+            }
+
+            break;
+        }
+    }
+#endif /* MBEDTLS_SSL_FALLBACK_SCSV */
+
+    got_common_suite = 0;
+    ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver];
+    ciphersuite_info = NULL;
+#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE)
+    for (j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3) {
+        for (i = 0; ciphersuites[i] != 0; i++) {
+            if (p[0] != 0 ||
+                MBEDTLS_GET_UINT16_BE(p, 1) != ciphersuites[i]) {
+                continue;
+            }
+
+            got_common_suite = 1;
+
+            if ((ret = ssl_ciphersuite_match(ssl, ciphersuites[i],
+                                             &ciphersuite_info)) != 0) {
+                return ret;
+            }
+
+            if (ciphersuite_info != NULL) {
+                goto have_ciphersuite_v2;
+            }
+        }
+    }
+#else
+    for (i = 0; ciphersuites[i] != 0; i++) {
+        for (j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3) {
+            if (p[0] != 0 ||
+                MBEDTLS_GET_UINT16_BE(p, 1) != ciphersuites[i]) {
+                continue;
+            }
+
+            got_common_suite = 1;
+
+            if ((ret = ssl_ciphersuite_match(ssl, ciphersuites[i],
+                                             &ciphersuite_info)) != 0) {
+                return ret;
+            }
+
+            if (ciphersuite_info != NULL) {
+                goto have_ciphersuite_v2;
+            }
+        }
+    }
+#endif
+
+    if (got_common_suite) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("got ciphersuites in common, "
+                                  "but none of them usable"));
+        return MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE;
+    } else {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("got no ciphersuites in common"));
+        return MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN;
+    }
+
+have_ciphersuite_v2:
+    MBEDTLS_SSL_DEBUG_MSG(2, ("selected ciphersuite: %s", ciphersuite_info->name));
+
+    ssl->session_negotiate->ciphersuite = ciphersuites[i];
+    ssl->handshake->ciphersuite_info = ciphersuite_info;
+
+    /*
+     * SSLv2 Client Hello relevant renegotiation security checks
+     */
+    if (ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
+        ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("legacy renegotiation, breaking off handshake"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    ssl->in_left = 0;
+    ssl->state++;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse client hello v2"));
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */
+
+/* This function doesn't alert on errors that happen early during
+   ClientHello parsing because they might indicate that the client is
+   not talking SSL/TLS at all and would not understand our alert. */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_client_hello(mbedtls_ssl_context *ssl)
+{
+    int ret, got_common_suite;
+    size_t i, j;
+    size_t ciph_offset, comp_offset, ext_offset;
+    size_t msg_len, ciph_len, sess_len, comp_len, ext_len;
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    size_t cookie_offset, cookie_len;
+#endif
+    unsigned char *buf, *p, *ext;
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    int renegotiation_info_seen = 0;
+#endif
+    int handshake_failure = 0;
+    const int *ciphersuites;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
+    int major, minor;
+
+    /* If there is no signature-algorithm extension present,
+     * we need to fall back to the default values for allowed
+     * signature-hash pairs. */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    int sig_hash_alg_ext_present = 0;
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
+          MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse client hello"));
+
+    int renegotiating = 0;
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+read_record_header:
+#endif
+    /*
+     * If renegotiating, then the input was read with mbedtls_ssl_read_record(),
+     * otherwise read it ourselves manually in order to support SSLv2
+     * ClientHello, which doesn't use the same record layer format.
+     */
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) {
+        renegotiating = 1;
+    }
+#endif
+    if (!renegotiating) {
+        if ((ret = mbedtls_ssl_fetch_input(ssl, 5)) != 0) {
+            /* No alert on a read error. */
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_fetch_input", ret);
+            return ret;
+        }
+    }
+
+    buf = ssl->in_hdr;
+
+#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO)
+    int is_dtls = 0;
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        is_dtls = 1;
+    }
+#endif
+    if (!is_dtls) {
+        if ((buf[0] & 0x80) != 0) {
+            return ssl_parse_client_hello_v2(ssl);
+        }
+    }
+#endif
+
+    MBEDTLS_SSL_DEBUG_BUF(4, "record header", buf, mbedtls_ssl_in_hdr_len(ssl));
+
+    /*
+     * SSLv3/TLS Client Hello
+     *
+     * Record layer:
+     *     0  .   0   message type
+     *     1  .   2   protocol version
+     *     3  .   11  DTLS: epoch + record sequence number
+     *     3  .   4   message length
+     */
+    MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, message type: %d",
+                              buf[0]));
+
+    if (buf[0] != MBEDTLS_SSL_MSG_HANDSHAKE) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, message len.: %d",
+                              (ssl->in_len[0] << 8) | ssl->in_len[1]));
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, protocol version: [%d:%d]",
+                              buf[1], buf[2]));
+
+    mbedtls_ssl_read_version(&major, &minor, ssl->conf->transport, buf + 1);
+
+    /* According to RFC 5246 Appendix E.1, the version here is typically
+     * "{03,00}, the lowest version number supported by the client, [or] the
+     * value of ClientHello.client_version", so the only meaningful check here
+     * is the major version shouldn't be less than 3 */
+    if (major < MBEDTLS_SSL_MAJOR_VERSION_3) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    /* For DTLS if this is the initial handshake, remember the client sequence
+     * number to use it in our next message (RFC 6347 4.2.1) */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+        && ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE
+#endif
+        ) {
+        /* Epoch should be 0 for initial handshakes */
+        if (ssl->in_ctr[0] != 0 || ssl->in_ctr[1] != 0) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+        }
+
+        memcpy(ssl->cur_out_ctr + 2, ssl->in_ctr + 2, 6);
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+        if (mbedtls_ssl_dtls_replay_check(ssl) != 0) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("replayed record, discarding"));
+            ssl->next_record_offset = 0;
+            ssl->in_left = 0;
+            goto read_record_header;
+        }
+
+        /* No MAC to check yet, so we can update right now */
+        mbedtls_ssl_dtls_replay_update(ssl);
+#endif
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    msg_len = (ssl->in_len[0] << 8) | ssl->in_len[1];
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) {
+        /* Set by mbedtls_ssl_read_record() */
+        msg_len = ssl->in_hslen;
+    } else
+#endif
+    {
+        if (msg_len > MBEDTLS_SSL_IN_CONTENT_LEN) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+        }
+
+        if ((ret = mbedtls_ssl_fetch_input(ssl,
+                                           mbedtls_ssl_in_hdr_len(ssl) + msg_len)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_fetch_input", ret);
+            return ret;
+        }
+
+        /* Done reading this record, get ready for the next one */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+        if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+            ssl->next_record_offset = msg_len + mbedtls_ssl_in_hdr_len(ssl);
+        } else
+#endif
+        ssl->in_left = 0;
+    }
+
+    buf = ssl->in_msg;
+
+    MBEDTLS_SSL_DEBUG_BUF(4, "record contents", buf, msg_len);
+
+    ssl->handshake->update_checksum(ssl, buf, msg_len);
+
+    /*
+     * Handshake layer:
+     *     0  .   0   handshake type
+     *     1  .   3   handshake length
+     *     4  .   5   DTLS only: message sequence number
+     *     6  .   8   DTLS only: fragment offset
+     *     9  .  11   DTLS only: fragment length
+     */
+    if (msg_len < mbedtls_ssl_hs_hdr_len(ssl)) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, handshake type: %d", buf[0]));
+
+    if (buf[0] != MBEDTLS_SSL_HS_CLIENT_HELLO) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, handshake len.: %d",
+                              (buf[1] << 16) | (buf[2] << 8) | buf[3]));
+
+    if (buf[1] != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message: %u != 0",
+                                  (unsigned) buf[1]));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+    /* We don't support fragmentation of ClientHello (yet?) */
+    if (msg_len != mbedtls_ssl_hs_hdr_len(ssl) + ((buf[2] << 8) | buf[3])) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message: %u != %u + %u",
+                                  (unsigned) msg_len,
+                                  (unsigned) mbedtls_ssl_hs_hdr_len(ssl),
+                                  (unsigned) (buf[2] << 8) | buf[3]));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        /*
+         * Copy the client's handshake message_seq on initial handshakes,
+         * check sequence number on renego.
+         */
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+        if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) {
+            /* This couldn't be done in ssl_prepare_handshake_record() */
+            unsigned int cli_msg_seq = (ssl->in_msg[4] << 8) |
+                                       ssl->in_msg[5];
+
+            if (cli_msg_seq != ssl->handshake->in_msg_seq) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message_seq: "
+                                          "%u (expected %u)", cli_msg_seq,
+                                          ssl->handshake->in_msg_seq));
+                return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+            }
+
+            ssl->handshake->in_msg_seq++;
+        } else
+#endif
+        {
+            unsigned int cli_msg_seq = (ssl->in_msg[4] << 8) |
+                                       ssl->in_msg[5];
+            ssl->handshake->out_msg_seq = cli_msg_seq;
+            ssl->handshake->in_msg_seq  = cli_msg_seq + 1;
+        }
+
+        /*
+         * For now we don't support fragmentation, so make sure
+         * fragment_offset == 0 and fragment_length == length
+         */
+        MBEDTLS_SSL_DEBUG_MSG(
+            4, ("fragment_offset=%u fragment_length=%u length=%u",
+                (unsigned) (ssl->in_msg[6] << 16 | ssl->in_msg[7] << 8 | ssl->in_msg[8]),
+                (unsigned) (ssl->in_msg[9] << 16 | ssl->in_msg[10] << 8 | ssl->in_msg[11]),
+                (unsigned) (ssl->in_msg[1] << 16 | ssl->in_msg[2] << 8 | ssl->in_msg[3])));
+        if (ssl->in_msg[6] != 0 || ssl->in_msg[7] != 0 || ssl->in_msg[8] != 0 ||
+            memcmp(ssl->in_msg + 1, ssl->in_msg + 9, 3) != 0) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("ClientHello fragmentation not supported"));
+            return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+        }
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    buf += mbedtls_ssl_hs_hdr_len(ssl);
+    msg_len -= mbedtls_ssl_hs_hdr_len(ssl);
+
+    /*
+     * ClientHello layer:
+     *     0  .   1   protocol version
+     *     2  .  33   random bytes (starting with 4 bytes of Unix time)
+     *    34  .  35   session id length (1 byte)
+     *    35  . 34+x  session id
+     *   35+x . 35+x  DTLS only: cookie length (1 byte)
+     *   36+x .  ..   DTLS only: cookie
+     *    ..  .  ..   ciphersuite list length (2 bytes)
+     *    ..  .  ..   ciphersuite list
+     *    ..  .  ..   compression alg. list length (1 byte)
+     *    ..  .  ..   compression alg. list
+     *    ..  .  ..   extensions length (2 bytes, optional)
+     *    ..  .  ..   extensions (optional)
+     */
+
+    /*
+     * Minimal length (with everything empty and extensions omitted) is
+     * 2 + 32 + 1 + 2 + 1 = 38 bytes. Check that first, so that we can
+     * read at least up to session id length without worrying.
+     */
+    if (msg_len < 38) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    /*
+     * Check and save the protocol version
+     */
+    MBEDTLS_SSL_DEBUG_BUF(3, "client hello, version", buf, 2);
+
+    mbedtls_ssl_read_version(&ssl->major_ver, &ssl->minor_ver,
+                             ssl->conf->transport, buf);
+
+    ssl->handshake->max_major_ver = ssl->major_ver;
+    ssl->handshake->max_minor_ver = ssl->minor_ver;
+
+    if (ssl->major_ver < ssl->conf->min_major_ver ||
+        ssl->minor_ver < ssl->conf->min_minor_ver) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("client only supports ssl smaller than minimum"
+                                  " [%d:%d] < [%d:%d]",
+                                  ssl->major_ver, ssl->minor_ver,
+                                  ssl->conf->min_major_ver, ssl->conf->min_minor_ver));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION);
+        return MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION;
+    }
+
+    if (ssl->major_ver > ssl->conf->max_major_ver) {
+        ssl->major_ver = ssl->conf->max_major_ver;
+        ssl->minor_ver = ssl->conf->max_minor_ver;
+    } else if (ssl->minor_ver > ssl->conf->max_minor_ver) {
+        ssl->minor_ver = ssl->conf->max_minor_ver;
+    }
+
+    /*
+     * Save client random (inc. Unix time)
+     */
+    MBEDTLS_SSL_DEBUG_BUF(3, "client hello, random bytes", buf + 2, 32);
+
+    memcpy(ssl->handshake->randbytes, buf + 2, 32);
+
+    /*
+     * Check the session ID length and save session ID
+     */
+    sess_len = buf[34];
+
+    if (sess_len > sizeof(ssl->session_negotiate->id) ||
+        sess_len + 34 + 2 > msg_len) { /* 2 for cipherlist length field */
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    MBEDTLS_SSL_DEBUG_BUF(3, "client hello, session id", buf + 35, sess_len);
+
+    ssl->session_negotiate->id_len = sess_len;
+    memset(ssl->session_negotiate->id, 0,
+           sizeof(ssl->session_negotiate->id));
+    memcpy(ssl->session_negotiate->id, buf + 35,
+           ssl->session_negotiate->id_len);
+
+    /*
+     * Check the cookie length and content
+     */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        cookie_offset = 35 + sess_len;
+        cookie_len = buf[cookie_offset];
+
+        if (cookie_offset + 1 + cookie_len + 2 > msg_len) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+            mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                           MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION);
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+        }
+
+        MBEDTLS_SSL_DEBUG_BUF(3, "client hello, cookie",
+                              buf + cookie_offset + 1, cookie_len);
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
+        if (ssl->conf->f_cookie_check != NULL
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+            && ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE
+#endif
+            ) {
+            if (ssl->conf->f_cookie_check(ssl->conf->p_cookie,
+                                          buf + cookie_offset + 1, cookie_len,
+                                          ssl->cli_id, ssl->cli_id_len) != 0) {
+                MBEDTLS_SSL_DEBUG_MSG(2, ("cookie verification failed"));
+                ssl->handshake->verify_cookie_len = 1;
+            } else {
+                MBEDTLS_SSL_DEBUG_MSG(2, ("cookie verification passed"));
+                ssl->handshake->verify_cookie_len = 0;
+            }
+        } else
+#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
+        {
+            /* We know we didn't send a cookie, so it should be empty */
+            if (cookie_len != 0) {
+                /* This may be an attacker's probe, so don't send an alert */
+                MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+                return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+            }
+
+            MBEDTLS_SSL_DEBUG_MSG(2, ("cookie verification skipped"));
+        }
+
+        /*
+         * Check the ciphersuitelist length (will be parsed later)
+         */
+        ciph_offset = cookie_offset + 1 + cookie_len;
+    } else
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+    ciph_offset = 35 + sess_len;
+
+    ciph_len = (buf[ciph_offset + 0] << 8)
+               | (buf[ciph_offset + 1]);
+
+    if (ciph_len < 2 ||
+        ciph_len + 2 + ciph_offset + 1 > msg_len || /* 1 for comp. alg. len */
+        (ciph_len % 2) != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    MBEDTLS_SSL_DEBUG_BUF(3, "client hello, ciphersuitelist",
+                          buf + ciph_offset + 2,  ciph_len);
+
+    /*
+     * Check the compression algorithms length and pick one
+     */
+    comp_offset = ciph_offset + 2 + ciph_len;
+
+    comp_len = buf[comp_offset];
+
+    if (comp_len < 1 ||
+        comp_len > 16 ||
+        comp_len + comp_offset + 1 > msg_len) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    MBEDTLS_SSL_DEBUG_BUF(3, "client hello, compression",
+                          buf + comp_offset + 1, comp_len);
+
+    ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL;
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    for (i = 0; i < comp_len; ++i) {
+        if (buf[comp_offset + 1 + i] == MBEDTLS_SSL_COMPRESS_DEFLATE) {
+            ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_DEFLATE;
+            break;
+        }
+    }
+#endif
+
+    /* See comments in ssl_write_client_hello() */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL;
+    }
+#endif
+
+    /* Do not parse the extensions if the protocol is SSLv3 */
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    if ((ssl->major_ver != 3) || (ssl->minor_ver != 0)) {
+#endif
+    /*
+     * Check the extension length
+     */
+    ext_offset = comp_offset + 1 + comp_len;
+    if (msg_len > ext_offset) {
+        if (msg_len < ext_offset + 2) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+            mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                           MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+        }
+
+        ext_len = (buf[ext_offset + 0] << 8)
+                  | (buf[ext_offset + 1]);
+
+        if (msg_len != ext_offset + 2 + ext_len) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+            mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                           MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+        }
+    } else {
+        ext_len = 0;
+    }
+
+    ext = buf + ext_offset + 2;
+    MBEDTLS_SSL_DEBUG_BUF(3, "client hello extensions", ext, ext_len);
+
+    while (ext_len != 0) {
+        unsigned int ext_id;
+        unsigned int ext_size;
+        if (ext_len < 4) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+            mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                           MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+        }
+        ext_id   = ((ext[0] <<  8) | (ext[1]));
+        ext_size = ((ext[2] <<  8) | (ext[3]));
+
+        if (ext_size + 4 > ext_len) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message"));
+            mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                           MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+        }
+        switch (ext_id) {
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+            case MBEDTLS_TLS_EXT_SERVERNAME:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found ServerName extension"));
+                if (ssl->conf->f_sni == NULL) {
+                    break;
+                }
+
+                ret = ssl_parse_servername_ext(ssl, ext + 4, ext_size);
+                if (ret != 0) {
+                    return ret;
+                }
+                break;
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+
+            case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found renegotiation extension"));
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+                renegotiation_info_seen = 1;
+#endif
+
+                ret = ssl_parse_renegotiation_info(ssl, ext + 4, ext_size);
+                if (ret != 0) {
+                    return ret;
+                }
+                break;
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+                defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+            case MBEDTLS_TLS_EXT_SIG_ALG:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found signature_algorithms extension"));
+
+                ret = ssl_parse_signature_algorithms_ext(ssl, ext + 4, ext_size);
+                if (ret != 0) {
+                    return ret;
+                }
+
+                sig_hash_alg_ext_present = 1;
+                break;
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
+          MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+                defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+            case MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found supported elliptic curves extension"));
+
+                ret = ssl_parse_supported_elliptic_curves(ssl, ext + 4, ext_size);
+                if (ret != 0) {
+                    return ret;
+                }
+                break;
+
+            case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found supported point formats extension"));
+                ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT;
+
+                ret = ssl_parse_supported_point_formats(ssl, ext + 4, ext_size);
+                if (ret != 0) {
+                    return ret;
+                }
+                break;
+#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
+          MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+            case MBEDTLS_TLS_EXT_ECJPAKE_KKPP:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found ecjpake kkpp extension"));
+
+                ret = ssl_parse_ecjpake_kkpp(ssl, ext + 4, ext_size);
+                if (ret != 0) {
+                    return ret;
+                }
+                break;
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+            case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found max fragment length extension"));
+
+                ret = ssl_parse_max_fragment_length_ext(ssl, ext + 4, ext_size);
+                if (ret != 0) {
+                    return ret;
+                }
+                break;
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+            case MBEDTLS_TLS_EXT_TRUNCATED_HMAC:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found truncated hmac extension"));
+
+                ret = ssl_parse_truncated_hmac_ext(ssl, ext + 4, ext_size);
+                if (ret != 0) {
+                    return ret;
+                }
+                break;
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+            case MBEDTLS_TLS_EXT_CID:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found CID extension"));
+
+                ret = ssl_parse_cid_ext(ssl, ext + 4, ext_size);
+                if (ret != 0) {
+                    return ret;
+                }
+                break;
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+            case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found encrypt then mac extension"));
+
+                ret = ssl_parse_encrypt_then_mac_ext(ssl, ext + 4, ext_size);
+                if (ret != 0) {
+                    return ret;
+                }
+                break;
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+            case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found extended master secret extension"));
+
+                ret = ssl_parse_extended_ms_ext(ssl, ext + 4, ext_size);
+                if (ret != 0) {
+                    return ret;
+                }
+                break;
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+            case MBEDTLS_TLS_EXT_SESSION_TICKET:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found session ticket extension"));
+
+                ret = ssl_parse_session_ticket_ext(ssl, ext + 4, ext_size);
+                if (ret != 0) {
+                    return ret;
+                }
+                break;
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_SSL_ALPN)
+            case MBEDTLS_TLS_EXT_ALPN:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found alpn extension"));
+
+                ret = ssl_parse_alpn_ext(ssl, ext + 4, ext_size);
+                if (ret != 0) {
+                    return ret;
+                }
+                break;
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+            case MBEDTLS_TLS_EXT_USE_SRTP:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("found use_srtp extension"));
+
+                ret = ssl_parse_use_srtp_ext(ssl, ext + 4, ext_size);
+                if (ret != 0) {
+                    return ret;
+                }
+                break;
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
+            default:
+                MBEDTLS_SSL_DEBUG_MSG(3, ("unknown extension found: %u (ignoring)",
+                                          ext_id));
+        }
+
+        ext_len -= 4 + ext_size;
+        ext += 4 + ext_size;
+    }
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+}
+#endif
+
+#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
+    for (i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2) {
+        if (MBEDTLS_GET_UINT16_BE(p, 0) == MBEDTLS_SSL_FALLBACK_SCSV_VALUE) {
+            MBEDTLS_SSL_DEBUG_MSG(2, ("received FALLBACK_SCSV"));
+
+            if (ssl->minor_ver < ssl->conf->max_minor_ver) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("inapropriate fallback"));
+
+                mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                               MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK);
+
+                return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+            }
+
+            break;
+        }
+    }
+#endif /* MBEDTLS_SSL_FALLBACK_SCSV */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+
+    /*
+     * Try to fall back to default hash SHA1 if the client
+     * hasn't provided any preferred signature-hash combinations.
+     */
+    if (sig_hash_alg_ext_present == 0) {
+        mbedtls_md_type_t md_default = MBEDTLS_MD_SHA1;
+
+        if (mbedtls_ssl_check_sig_hash(ssl, md_default) != 0) {
+            md_default = MBEDTLS_MD_NONE;
+        }
+
+        mbedtls_ssl_sig_hash_set_const_hash(&ssl->handshake->hash_algs, md_default);
+    }
+
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
+          MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+    /*
+     * Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV
+     */
+    for (i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2) {
+        if (p[0] == 0 && p[1] == MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO) {
+            MBEDTLS_SSL_DEBUG_MSG(3, ("received TLS_EMPTY_RENEGOTIATION_INFO "));
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+            if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("received RENEGOTIATION SCSV "
+                                          "during renegotiation"));
+                mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                               MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+                return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+            }
+#endif
+            ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION;
+            break;
+        }
+    }
+
+    /*
+     * Renegotiation security checks
+     */
+    if (ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION &&
+        ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("legacy renegotiation, breaking off handshake"));
+        handshake_failure = 1;
+    }
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
+             ssl->secure_renegotiation == MBEDTLS_SSL_SECURE_RENEGOTIATION &&
+             renegotiation_info_seen == 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("renegotiation_info extension missing (secure)"));
+        handshake_failure = 1;
+    } else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
+               ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
+               ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("legacy renegotiation not allowed"));
+        handshake_failure = 1;
+    } else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
+               ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
+               renegotiation_info_seen == 1) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("renegotiation_info extension present (legacy)"));
+        handshake_failure = 1;
+    }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+    if (handshake_failure == 1) {
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO;
+    }
+
+    /*
+     * Search for a matching ciphersuite
+     * (At the end because we need information from the EC-based extensions
+     * and certificate from the SNI callback triggered by the SNI extension.)
+     */
+    got_common_suite = 0;
+    ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver];
+    ciphersuite_info = NULL;
+#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE)
+    for (j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2) {
+        for (i = 0; ciphersuites[i] != 0; i++) {
+            if (MBEDTLS_GET_UINT16_BE(p, 0) != ciphersuites[i]) {
+                continue;
+            }
+
+            got_common_suite = 1;
+
+            if ((ret = ssl_ciphersuite_match(ssl, ciphersuites[i],
+                                             &ciphersuite_info)) != 0) {
+                return ret;
+            }
+
+            if (ciphersuite_info != NULL) {
+                goto have_ciphersuite;
+            }
+        }
+    }
+#else
+    for (i = 0; ciphersuites[i] != 0; i++) {
+        for (j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2) {
+            if (MBEDTLS_GET_UINT16_BE(p, 0) != ciphersuites[i]) {
+                continue;
+            }
+
+            got_common_suite = 1;
+
+            if ((ret = ssl_ciphersuite_match(ssl, ciphersuites[i],
+                                             &ciphersuite_info)) != 0) {
+                return ret;
+            }
+
+            if (ciphersuite_info != NULL) {
+                goto have_ciphersuite;
+            }
+        }
+    }
+#endif
+
+    if (got_common_suite) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("got ciphersuites in common, "
+                                  "but none of them usable"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+        return MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE;
+    } else {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("got no ciphersuites in common"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
+        return MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN;
+    }
+
+have_ciphersuite:
+    MBEDTLS_SSL_DEBUG_MSG(2, ("selected ciphersuite: %s", ciphersuite_info->name));
+
+    ssl->session_negotiate->ciphersuite = ciphersuites[i];
+    ssl->handshake->ciphersuite_info = ciphersuite_info;
+
+    ssl->state++;
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        mbedtls_ssl_recv_flight_completed(ssl);
+    }
+#endif
+
+    /* Debugging-only output for testsuite */
+#if defined(MBEDTLS_DEBUG_C)                         && \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2)                && \
+    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) {
+        mbedtls_pk_type_t sig_alg = mbedtls_ssl_get_ciphersuite_sig_alg(ciphersuite_info);
+        if (sig_alg != MBEDTLS_PK_NONE) {
+            mbedtls_md_type_t md_alg = mbedtls_ssl_sig_hash_set_find(&ssl->handshake->hash_algs,
+                                                                     sig_alg);
+            MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, signature_algorithm ext: %d",
+                                      mbedtls_ssl_hash_from_md_alg(md_alg)));
+        } else {
+            MBEDTLS_SSL_DEBUG_MSG(3, ("no hash algorithm for signature algorithm "
+                                      "%u - should not happen", (unsigned) sig_alg));
+        }
+    }
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse client hello"));
+
+    return 0;
+}
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+static void ssl_write_truncated_hmac_ext(mbedtls_ssl_context *ssl,
+                                         unsigned char *buf,
+                                         size_t *olen)
+{
+    unsigned char *p = buf;
+
+    if (ssl->session_negotiate->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED) {
+        *olen = 0;
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding truncated hmac extension"));
+
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_TRUNCATED_HMAC, p, 0);
+    p += 2;
+
+    *p++ = 0x00;
+    *p++ = 0x00;
+
+    *olen = 4;
+}
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+static void ssl_write_cid_ext(mbedtls_ssl_context *ssl,
+                              unsigned char *buf,
+                              size_t *olen)
+{
+    unsigned char *p = buf;
+    size_t ext_len;
+    const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
+
+    *olen = 0;
+
+    /* Skip writing the extension if we don't want to use it or if
+     * the client hasn't offered it. */
+    if (ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_DISABLED) {
+        return;
+    }
+
+    /* ssl->own_cid_len is at most MBEDTLS_SSL_CID_IN_LEN_MAX
+     * which is at most 255, so the increment cannot overflow. */
+    if (end < p || (size_t) (end - p) < (unsigned) (ssl->own_cid_len + 5)) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("buffer too small"));
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding CID extension"));
+
+    /*
+     * Quoting draft-ietf-tls-dtls-connection-id-05
+     * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05
+     *
+     *   struct {
+     *      opaque cid<0..2^8-1>;
+     *   } ConnectionId;
+     */
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_CID, p, 0);
+    p += 2;
+    ext_len = (size_t) ssl->own_cid_len + 1;
+    MBEDTLS_PUT_UINT16_BE(ext_len, p, 0);
+    p += 2;
+
+    *p++ = (uint8_t) ssl->own_cid_len;
+    memcpy(p, ssl->own_cid, ssl->own_cid_len);
+
+    *olen = ssl->own_cid_len + 5;
+}
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+static void ssl_write_encrypt_then_mac_ext(mbedtls_ssl_context *ssl,
+                                           unsigned char *buf,
+                                           size_t *olen)
+{
+    unsigned char *p = buf;
+    const mbedtls_ssl_ciphersuite_t *suite = NULL;
+    const mbedtls_cipher_info_t *cipher = NULL;
+
+    if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) {
+        ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_DISABLED;
+    }
+
+    /*
+     * RFC 7366: "If a server receives an encrypt-then-MAC request extension
+     * from a client and then selects a stream or Authenticated Encryption
+     * with Associated Data (AEAD) ciphersuite, it MUST NOT send an
+     * encrypt-then-MAC response extension back to the client."
+     */
+    if ((suite = mbedtls_ssl_ciphersuite_from_id(
+             ssl->session_negotiate->ciphersuite)) == NULL ||
+        (cipher = mbedtls_cipher_info_from_type(suite->cipher)) == NULL ||
+        cipher->mode != MBEDTLS_MODE_CBC) {
+        ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_DISABLED;
+    }
+
+    if (ssl->session_negotiate->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED) {
+        *olen = 0;
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding encrypt then mac extension"));
+
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC, p, 0);
+    p += 2;
+
+    *p++ = 0x00;
+    *p++ = 0x00;
+
+    *olen = 4;
+}
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+static void ssl_write_extended_ms_ext(mbedtls_ssl_context *ssl,
+                                      unsigned char *buf,
+                                      size_t *olen)
+{
+    unsigned char *p = buf;
+
+    if (ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED ||
+        ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) {
+        *olen = 0;
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding extended master secret "
+                              "extension"));
+
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET, p, 0);
+    p += 2;
+
+    *p++ = 0x00;
+    *p++ = 0x00;
+
+    *olen = 4;
+}
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+static void ssl_write_session_ticket_ext(mbedtls_ssl_context *ssl,
+                                         unsigned char *buf,
+                                         size_t *olen)
+{
+    unsigned char *p = buf;
+
+    if (ssl->handshake->new_session_ticket == 0) {
+        *olen = 0;
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding session ticket extension"));
+
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SESSION_TICKET, p, 0);
+    p += 2;
+
+    *p++ = 0x00;
+    *p++ = 0x00;
+
+    *olen = 4;
+}
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+static void ssl_write_renegotiation_ext(mbedtls_ssl_context *ssl,
+                                        unsigned char *buf,
+                                        size_t *olen)
+{
+    unsigned char *p = buf;
+
+    if (ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION) {
+        *olen = 0;
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, secure renegotiation extension"));
+
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_RENEGOTIATION_INFO, p, 0);
+    p += 2;
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) {
+        *p++ = 0x00;
+        *p++ = (ssl->verify_data_len * 2 + 1) & 0xFF;
+        *p++ = ssl->verify_data_len * 2 & 0xFF;
+
+        memcpy(p, ssl->peer_verify_data, ssl->verify_data_len);
+        p += ssl->verify_data_len;
+        memcpy(p, ssl->own_verify_data, ssl->verify_data_len);
+        p += ssl->verify_data_len;
+    } else
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+    {
+        *p++ = 0x00;
+        *p++ = 0x01;
+        *p++ = 0x00;
+    }
+
+    *olen = p - buf;
+}
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+static void ssl_write_max_fragment_length_ext(mbedtls_ssl_context *ssl,
+                                              unsigned char *buf,
+                                              size_t *olen)
+{
+    unsigned char *p = buf;
+
+    if (ssl->session_negotiate->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE) {
+        *olen = 0;
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, max_fragment_length extension"));
+
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH, p, 0);
+    p += 2;
+
+    *p++ = 0x00;
+    *p++ = 1;
+
+    *p++ = ssl->session_negotiate->mfl_code;
+
+    *olen = 5;
+}
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+static void ssl_write_supported_point_formats_ext(mbedtls_ssl_context *ssl,
+                                                  unsigned char *buf,
+                                                  size_t *olen)
+{
+    unsigned char *p = buf;
+    ((void) ssl);
+
+    if ((ssl->handshake->cli_exts &
+         MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT) == 0) {
+        *olen = 0;
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, supported_point_formats extension"));
+
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS, p, 0);
+    p += 2;
+
+    *p++ = 0x00;
+    *p++ = 2;
+
+    *p++ = 1;
+    *p++ = MBEDTLS_ECP_PF_UNCOMPRESSED;
+
+    *olen = 6;
+}
+#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+static void ssl_write_ecjpake_kkpp_ext(mbedtls_ssl_context *ssl,
+                                       unsigned char *buf,
+                                       size_t *olen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *p = buf;
+    const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
+    size_t kkpp_len;
+
+    *olen = 0;
+
+    /* Skip costly computation if not needed */
+    if (ssl->handshake->ciphersuite_info->key_exchange !=
+        MBEDTLS_KEY_EXCHANGE_ECJPAKE) {
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, ecjpake kkpp extension"));
+
+    if (end - p < 4) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("buffer too small"));
+        return;
+    }
+
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_ECJPAKE_KKPP, p, 0);
+    p += 2;
+
+    ret = mbedtls_ecjpake_write_round_one(&ssl->handshake->ecjpake_ctx,
+                                          p + 2, end - p - 2, &kkpp_len,
+                                          ssl->conf->f_rng, ssl->conf->p_rng);
+    if (ret != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_write_round_one", ret);
+        return;
+    }
+
+    MBEDTLS_PUT_UINT16_BE(kkpp_len, p, 0);
+    p += 2;
+
+    *olen = kkpp_len + 4;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_SSL_ALPN)
+static void ssl_write_alpn_ext(mbedtls_ssl_context *ssl,
+                               unsigned char *buf, size_t *olen)
+{
+    if (ssl->alpn_chosen == NULL) {
+        *olen = 0;
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding alpn extension"));
+
+    /*
+     * 0 . 1    ext identifier
+     * 2 . 3    ext length
+     * 4 . 5    protocol list length
+     * 6 . 6    protocol name length
+     * 7 . 7+n  protocol name
+     */
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_ALPN, buf, 0);
+
+    *olen = 7 + strlen(ssl->alpn_chosen);
+
+    MBEDTLS_PUT_UINT16_BE(*olen - 4, buf, 2);
+
+    MBEDTLS_PUT_UINT16_BE(*olen - 6, buf, 4);
+
+    buf[6] = MBEDTLS_BYTE_0(*olen - 7);
+
+    memcpy(buf + 7, ssl->alpn_chosen, *olen - 7);
+}
+#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */
+
+#if defined(MBEDTLS_SSL_DTLS_SRTP) && defined(MBEDTLS_SSL_PROTO_DTLS)
+static void ssl_write_use_srtp_ext(mbedtls_ssl_context *ssl,
+                                   unsigned char *buf,
+                                   size_t *olen)
+{
+    size_t mki_len = 0, ext_len = 0;
+    uint16_t profile_value = 0;
+    const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
+
+    *olen = 0;
+
+    if ((ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) ||
+        (ssl->dtls_srtp_info.chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET)) {
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding use_srtp extension"));
+
+    if (ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED) {
+        mki_len = ssl->dtls_srtp_info.mki_len;
+    }
+
+    /* The extension total size is 9 bytes :
+     * - 2 bytes for the extension tag
+     * - 2 bytes for the total size
+     * - 2 bytes for the protection profile length
+     * - 2 bytes for the protection profile
+     * - 1 byte for the mki length
+     * +  the actual mki length
+     * Check we have enough room in the output buffer */
+    if ((size_t) (end - buf) < mki_len + 9) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("buffer too small"));
+        return;
+    }
+
+    /* extension */
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_USE_SRTP, buf, 0);
+    /*
+     * total length 5 and mki value: only one profile(2 bytes)
+     *              and length(2 bytes) and srtp_mki  )
+     */
+    ext_len = 5 + mki_len;
+    MBEDTLS_PUT_UINT16_BE(ext_len, buf, 2);
+
+    /* protection profile length: 2 */
+    buf[4] = 0x00;
+    buf[5] = 0x02;
+    profile_value = mbedtls_ssl_check_srtp_profile_value(
+        ssl->dtls_srtp_info.chosen_dtls_srtp_profile);
+    if (profile_value != MBEDTLS_TLS_SRTP_UNSET) {
+        MBEDTLS_PUT_UINT16_BE(profile_value, buf, 6);
+    } else {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("use_srtp extension invalid profile"));
+        return;
+    }
+
+    buf[8] = mki_len & 0xFF;
+    memcpy(&buf[9], ssl->dtls_srtp_info.mki_value, mki_len);
+
+    *olen = 9 + mki_len;
+}
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_hello_verify_request(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *p = ssl->out_msg + 4;
+    unsigned char *cookie_len_byte;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write hello verify request"));
+
+    /*
+     * struct {
+     *   ProtocolVersion server_version;
+     *   opaque cookie<0..2^8-1>;
+     * } HelloVerifyRequest;
+     */
+
+    /* The RFC is not clear on this point, but sending the actual negotiated
+     * version looks like the most interoperable thing to do. */
+    mbedtls_ssl_write_version(ssl->major_ver, ssl->minor_ver,
+                              ssl->conf->transport, p);
+    MBEDTLS_SSL_DEBUG_BUF(3, "server version", p, 2);
+    p += 2;
+
+    /* If we get here, f_cookie_check is not null */
+    if (ssl->conf->f_cookie_write == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("inconsistent cookie callbacks"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    /* Skip length byte until we know the length */
+    cookie_len_byte = p++;
+
+    if ((ret = ssl->conf->f_cookie_write(ssl->conf->p_cookie,
+                                         &p, ssl->out_buf + MBEDTLS_SSL_OUT_BUFFER_LEN,
+                                         ssl->cli_id, ssl->cli_id_len)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "f_cookie_write", ret);
+        return ret;
+    }
+
+    *cookie_len_byte = (unsigned char) (p - (cookie_len_byte + 1));
+
+    MBEDTLS_SSL_DEBUG_BUF(3, "cookie sent", cookie_len_byte + 1, *cookie_len_byte);
+
+    ssl->out_msglen  = p - ssl->out_msg;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST;
+
+    ssl->state = MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT;
+
+    if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret);
+        return ret;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        (ret = mbedtls_ssl_flight_transmit(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_flight_transmit", ret);
+        return ret;
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= write hello verify request"));
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
+
+static void ssl_handle_id_based_session_resumption(mbedtls_ssl_context *ssl)
+{
+    int ret;
+    mbedtls_ssl_session session_tmp;
+    mbedtls_ssl_session * const session = ssl->session_negotiate;
+
+    /* Resume is 0  by default, see ssl_handshake_init().
+     * It may be already set to 1 by ssl_parse_session_ticket_ext(). */
+    if (ssl->handshake->resume == 1) {
+        return;
+    }
+    if (session->id_len == 0) {
+        return;
+    }
+    if (ssl->conf->f_get_cache == NULL) {
+        return;
+    }
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) {
+        return;
+    }
+#endif
+
+    mbedtls_ssl_session_init(&session_tmp);
+
+    session_tmp.id_len = session->id_len;
+    memcpy(session_tmp.id, session->id, session->id_len);
+
+    ret = ssl->conf->f_get_cache(ssl->conf->p_cache,
+                                 &session_tmp);
+    if (ret != 0) {
+        goto exit;
+    }
+
+    if (session->ciphersuite != session_tmp.ciphersuite ||
+        session->compression != session_tmp.compression) {
+        /* Mismatch between cached and negotiated session */
+        goto exit;
+    }
+
+    /* Move semantics */
+    mbedtls_ssl_session_free(session);
+    *session = session_tmp;
+    memset(&session_tmp, 0, sizeof(session_tmp));
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("session successfully restored from cache"));
+    ssl->handshake->resume = 1;
+
+exit:
+
+    mbedtls_ssl_session_free(&session_tmp);
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_server_hello(mbedtls_ssl_context *ssl)
+{
+#if defined(MBEDTLS_HAVE_TIME)
+    mbedtls_time_t t;
+#endif
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t olen, ext_len = 0, n;
+    unsigned char *buf, *p;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write server hello"));
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ssl->handshake->verify_cookie_len != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("client hello was not authenticated"));
+        MBEDTLS_SSL_DEBUG_MSG(2, ("<= write server hello"));
+
+        return ssl_write_hello_verify_request(ssl);
+    }
+#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
+
+    if (ssl->conf->f_rng == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("no RNG provided"));
+        return MBEDTLS_ERR_SSL_NO_RNG;
+    }
+
+    /*
+     *     0  .   0   handshake type
+     *     1  .   3   handshake length
+     *     4  .   5   protocol version
+     *     6  .   9   UNIX time()
+     *    10  .  37   random bytes
+     */
+    buf = ssl->out_msg;
+    p = buf + 4;
+
+    mbedtls_ssl_write_version(ssl->major_ver, ssl->minor_ver,
+                              ssl->conf->transport, p);
+    p += 2;
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, chosen version: [%d:%d]",
+                              buf[4], buf[5]));
+
+#if defined(MBEDTLS_HAVE_TIME)
+    t = mbedtls_time(NULL);
+    MBEDTLS_PUT_UINT32_BE(t, p, 0);
+    p += 4;
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, current time: %" MBEDTLS_PRINTF_LONGLONG,
+                              (long long) t));
+#else
+    if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 4)) != 0) {
+        return ret;
+    }
+
+    p += 4;
+#endif /* MBEDTLS_HAVE_TIME */
+
+    if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 28)) != 0) {
+        return ret;
+    }
+
+    p += 28;
+
+    memcpy(ssl->handshake->randbytes + 32, buf + 6, 32);
+
+    MBEDTLS_SSL_DEBUG_BUF(3, "server hello, random bytes", buf + 6, 32);
+
+    ssl_handle_id_based_session_resumption(ssl);
+
+    if (ssl->handshake->resume == 0) {
+        /*
+         * New session, create a new session id,
+         * unless we're about to issue a session ticket
+         */
+        ssl->state++;
+
+#if defined(MBEDTLS_HAVE_TIME)
+        ssl->session_negotiate->start = mbedtls_time(NULL);
+#endif
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+        if (ssl->handshake->new_session_ticket != 0) {
+            ssl->session_negotiate->id_len = n = 0;
+            memset(ssl->session_negotiate->id, 0, 32);
+        } else
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+        {
+            ssl->session_negotiate->id_len = n = 32;
+            if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, ssl->session_negotiate->id,
+                                        n)) != 0) {
+                return ret;
+            }
+        }
+    } else {
+        /*
+         * Resuming a session
+         */
+        n = ssl->session_negotiate->id_len;
+        ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC;
+
+        if ((ret = mbedtls_ssl_derive_keys(ssl)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_derive_keys", ret);
+            return ret;
+        }
+    }
+
+    /*
+     *    38  .  38     session id length
+     *    39  . 38+n    session id
+     *   39+n . 40+n    chosen ciphersuite
+     *   41+n . 41+n    chosen compression alg.
+     *   42+n . 43+n    extensions length
+     *   44+n . 43+n+m  extensions
+     */
+    *p++ = (unsigned char) ssl->session_negotiate->id_len;
+    memcpy(p, ssl->session_negotiate->id, ssl->session_negotiate->id_len);
+    p += ssl->session_negotiate->id_len;
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, session id len.: %" MBEDTLS_PRINTF_SIZET, n));
+    MBEDTLS_SSL_DEBUG_BUF(3,   "server hello, session id", buf + 39, n);
+    MBEDTLS_SSL_DEBUG_MSG(3, ("%s session has been resumed",
+                              ssl->handshake->resume ? "a" : "no"));
+
+    MBEDTLS_PUT_UINT16_BE(ssl->session_negotiate->ciphersuite, p, 0);
+    p += 2;
+    *p++ = MBEDTLS_BYTE_0(ssl->session_negotiate->compression);
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, chosen ciphersuite: %s",
+                              mbedtls_ssl_get_ciphersuite_name(ssl->session_negotiate->ciphersuite)));
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, compress alg.: 0x%02X",
+                              (unsigned int) ssl->session_negotiate->compression));
+
+    /* Do not write the extensions if the protocol is SSLv3 */
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    if ((ssl->major_ver != 3) || (ssl->minor_ver != 0)) {
+#endif
+
+    /*
+     *  First write extensions, then the total length
+     */
+    ssl_write_renegotiation_ext(ssl, p + 2 + ext_len, &olen);
+    ext_len += olen;
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    ssl_write_max_fragment_length_ext(ssl, p + 2 + ext_len, &olen);
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    ssl_write_truncated_hmac_ext(ssl, p + 2 + ext_len, &olen);
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    ssl_write_cid_ext(ssl, p + 2 + ext_len, &olen);
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    ssl_write_encrypt_then_mac_ext(ssl, p + 2 + ext_len, &olen);
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    ssl_write_extended_ms_ext(ssl, p + 2 + ext_len, &olen);
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    ssl_write_session_ticket_ext(ssl, p + 2 + ext_len, &olen);
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    if (mbedtls_ssl_ciphersuite_uses_ec(
+            mbedtls_ssl_ciphersuite_from_id(ssl->session_negotiate->ciphersuite))) {
+        ssl_write_supported_point_formats_ext(ssl, p + 2 + ext_len, &olen);
+        ext_len += olen;
+    }
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    ssl_write_ecjpake_kkpp_ext(ssl, p + 2 + ext_len, &olen);
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_ALPN)
+    ssl_write_alpn_ext(ssl, p + 2 + ext_len, &olen);
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+    ssl_write_use_srtp_ext(ssl, p + 2 + ext_len, &olen);
+    ext_len += olen;
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, total extension length: %" MBEDTLS_PRINTF_SIZET,
+                              ext_len));
+
+    if (ext_len > 0) {
+        MBEDTLS_PUT_UINT16_BE(ext_len, p, 0);
+        p += 2 + ext_len;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+}
+#endif
+
+    ssl->out_msglen  = p - buf;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_SERVER_HELLO;
+
+    ret = mbedtls_ssl_write_handshake_msg(ssl);
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= write server hello"));
+
+    return ret;
+}
+
+#if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_certificate_request(mbedtls_ssl_context *ssl)
+{
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->handshake->ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate request"));
+
+    if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate request"));
+        ssl->state++;
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+    return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+}
+#else /* !MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_certificate_request(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->handshake->ciphersuite_info;
+    uint16_t dn_size, total_dn_size; /* excluding length bytes */
+    size_t ct_len, sa_len; /* including length bytes */
+    unsigned char *buf, *p;
+    const unsigned char * const end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
+    const mbedtls_x509_crt *crt;
+    int authmode;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate request"));
+
+    ssl->state++;
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    if (ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET) {
+        authmode = ssl->handshake->sni_authmode;
+    } else
+#endif
+    authmode = ssl->conf->authmode;
+
+    if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info) ||
+        authmode == MBEDTLS_SSL_VERIFY_NONE) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate request"));
+        return 0;
+    }
+
+    /*
+     *     0  .   0   handshake type
+     *     1  .   3   handshake length
+     *     4  .   4   cert type count
+     *     5  .. m-1  cert types
+     *     m  .. m+1  sig alg length (TLS 1.2 only)
+     *    m+1 .. n-1  SignatureAndHashAlgorithms (TLS 1.2 only)
+     *     n  .. n+1  length of all DNs
+     *    n+2 .. n+3  length of DN 1
+     *    n+4 .. ...  Distinguished Name #1
+     *    ... .. ...  length of DN 2, etc.
+     */
+    buf = ssl->out_msg;
+    p = buf + 4;
+
+    /*
+     * Supported certificate types
+     *
+     *     ClientCertificateType certificate_types<1..2^8-1>;
+     *     enum { (255) } ClientCertificateType;
+     */
+    ct_len = 0;
+
+#if defined(MBEDTLS_RSA_C)
+    p[1 + ct_len++] = MBEDTLS_SSL_CERT_TYPE_RSA_SIGN;
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+    p[1 + ct_len++] = MBEDTLS_SSL_CERT_TYPE_ECDSA_SIGN;
+#endif
+
+    p[0] = (unsigned char) ct_len++;
+    p += ct_len;
+
+    sa_len = 0;
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    /*
+     * Add signature_algorithms for verify (TLS 1.2)
+     *
+     *     SignatureAndHashAlgorithm supported_signature_algorithms<2..2^16-2>;
+     *
+     *     struct {
+     *           HashAlgorithm hash;
+     *           SignatureAlgorithm signature;
+     *     } SignatureAndHashAlgorithm;
+     *
+     *     enum { (255) } HashAlgorithm;
+     *     enum { (255) } SignatureAlgorithm;
+     */
+    if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) {
+        const int *cur;
+
+        /*
+         * Supported signature algorithms
+         */
+        for (cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++) {
+            unsigned char hash = mbedtls_ssl_hash_from_md_alg(*cur);
+
+            if (MBEDTLS_SSL_HASH_NONE == hash || mbedtls_ssl_set_calc_verify_md(ssl, hash)) {
+                continue;
+            }
+
+#if defined(MBEDTLS_RSA_C)
+            p[2 + sa_len++] = hash;
+            p[2 + sa_len++] = MBEDTLS_SSL_SIG_RSA;
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+            p[2 + sa_len++] = hash;
+            p[2 + sa_len++] = MBEDTLS_SSL_SIG_ECDSA;
+#endif
+        }
+
+        MBEDTLS_PUT_UINT16_BE(sa_len, p, 0);
+        sa_len += 2;
+        p += sa_len;
+    }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+    /*
+     * DistinguishedName certificate_authorities<0..2^16-1>;
+     * opaque DistinguishedName<1..2^16-1>;
+     */
+    p += 2;
+
+    total_dn_size = 0;
+
+    if (ssl->conf->cert_req_ca_list ==  MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED) {
+        /* NOTE: If trusted certificates are provisioned
+         *       via a CA callback (configured through
+         *       `mbedtls_ssl_conf_ca_cb()`, then the
+         *       CertificateRequest is currently left empty. */
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+        if (ssl->handshake->sni_ca_chain != NULL) {
+            crt = ssl->handshake->sni_ca_chain;
+        } else
+#endif
+        crt = ssl->conf->ca_chain;
+
+        while (crt != NULL && crt->version != 0) {
+            /* It follows from RFC 5280 A.1 that this length
+             * can be represented in at most 11 bits. */
+            dn_size = (uint16_t) crt->subject_raw.len;
+
+            if (end < p || (size_t) (end - p) < 2 + (size_t) dn_size) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("skipping CAs: buffer too short"));
+                break;
+            }
+
+            MBEDTLS_PUT_UINT16_BE(dn_size, p, 0);
+            p += 2;
+            memcpy(p, crt->subject_raw.p, dn_size);
+            p += dn_size;
+
+            MBEDTLS_SSL_DEBUG_BUF(3, "requested DN", p - dn_size, dn_size);
+
+            total_dn_size += 2 + dn_size;
+            crt = crt->next;
+        }
+    }
+
+    ssl->out_msglen  = p - buf;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST;
+    MBEDTLS_PUT_UINT16_BE(total_dn_size, ssl->out_msg, 4 + ct_len + sa_len);
+
+    ret = mbedtls_ssl_write_handshake_msg(ssl);
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= write certificate request"));
+
+    return ret;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_pk_context *own_key = mbedtls_ssl_own_key(ssl);
+
+    /* Check if the key is a transparent ECDH key.
+     * This also ensures that it is safe to call mbedtls_pk_ec(). */
+    if (mbedtls_pk_get_type(own_key) != MBEDTLS_PK_ECKEY &&
+        mbedtls_pk_get_type(own_key) != MBEDTLS_PK_ECKEY_DH) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("server key not ECDH capable"));
+        return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH;
+    }
+
+    if ((ret = mbedtls_ecdh_get_params(&ssl->handshake->ecdh_ctx,
+                                       mbedtls_pk_ec(*own_key),
+                                       MBEDTLS_ECDH_OURS)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ecdh_get_params"), ret);
+        return ret;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) ||
+          MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) && \
+    defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_resume_server_key_exchange(mbedtls_ssl_context *ssl,
+                                          size_t *signature_len)
+{
+    /* Append the signature to ssl->out_msg, leaving 2 bytes for the
+     * signature length which will be added in ssl_write_server_key_exchange
+     * after the call to ssl_prepare_server_key_exchange.
+     * ssl_write_server_key_exchange also takes care of incrementing
+     * ssl->out_msglen. */
+    unsigned char *sig_start = ssl->out_msg + ssl->out_msglen + 2;
+    size_t sig_max_len = (ssl->out_buf + MBEDTLS_SSL_OUT_CONTENT_LEN
+                          - sig_start);
+    int ret = ssl->conf->f_async_resume(ssl,
+                                        sig_start, signature_len, sig_max_len);
+    if (ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS) {
+        ssl->handshake->async_in_progress = 0;
+        mbedtls_ssl_set_async_operation_data(ssl, NULL);
+    }
+    MBEDTLS_SSL_DEBUG_RET(2, "ssl_resume_server_key_exchange", ret);
+    return ret;
+}
+#endif /* defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) &&
+          defined(MBEDTLS_SSL_ASYNC_PRIVATE) */
+
+/* Prepare the ServerKeyExchange message, up to and including
+ * calculating the signature if any, but excluding formatting the
+ * signature and sending the message. */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_prepare_server_key_exchange(mbedtls_ssl_context *ssl,
+                                           size_t *signature_len)
+{
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->handshake->ciphersuite_info;
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
+    unsigned char *dig_signed = NULL;
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED */
+
+    (void) ciphersuite_info; /* unused in some configurations */
+#if !defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
+    (void) signature_len;
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */
+
+    ssl->out_msglen = 4; /* header (type:1, length:3) to be written later */
+
+    /*
+     *
+     * Part 1: Provide key exchange parameters for chosen ciphersuite.
+     *
+     */
+
+    /*
+     * - ECJPAKE key exchanges
+     */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) {
+        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+        size_t len = 0;
+
+        ret = mbedtls_ecjpake_write_round_two(
+            &ssl->handshake->ecjpake_ctx,
+            ssl->out_msg + ssl->out_msglen,
+            MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen, &len,
+            ssl->conf->f_rng, ssl->conf->p_rng);
+        if (ret != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_write_round_two", ret);
+            return ret;
+        }
+
+        ssl->out_msglen += len;
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+    /*
+     * For (EC)DHE key exchanges with PSK, parameters are prefixed by support
+     * identity hint (RFC 4279, Sec. 3). Until someone needs this feature,
+     * we use empty support identity hints here.
+     **/
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)   || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) {
+        ssl->out_msg[ssl->out_msglen++] = 0x00;
+        ssl->out_msg[ssl->out_msglen++] = 0x00;
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
+
+    /*
+     * - DHE key exchanges
+     */
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED)
+    if (mbedtls_ssl_ciphersuite_uses_dhe(ciphersuite_info)) {
+        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+        size_t len = 0;
+
+        if (ssl->conf->dhm_P.p == NULL || ssl->conf->dhm_G.p == NULL) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("no DH parameters set"));
+            return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+        }
+
+        /*
+         * Ephemeral DH parameters:
+         *
+         * struct {
+         *     opaque dh_p<1..2^16-1>;
+         *     opaque dh_g<1..2^16-1>;
+         *     opaque dh_Ys<1..2^16-1>;
+         * } ServerDHParams;
+         */
+        if ((ret = mbedtls_dhm_set_group(&ssl->handshake->dhm_ctx,
+                                         &ssl->conf->dhm_P,
+                                         &ssl->conf->dhm_G)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_set_group", ret);
+            return ret;
+        }
+
+        if ((ret = mbedtls_dhm_make_params(
+                 &ssl->handshake->dhm_ctx,
+                 (int) mbedtls_mpi_size(&ssl->handshake->dhm_ctx.P),
+                 ssl->out_msg + ssl->out_msglen, &len,
+                 ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_make_params", ret);
+            return ret;
+        }
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
+        dig_signed = ssl->out_msg + ssl->out_msglen;
+#endif
+
+        ssl->out_msglen += len;
+
+        MBEDTLS_SSL_DEBUG_MPI(3, "DHM: X ", &ssl->handshake->dhm_ctx.X);
+        MBEDTLS_SSL_DEBUG_MPI(3, "DHM: P ", &ssl->handshake->dhm_ctx.P);
+        MBEDTLS_SSL_DEBUG_MPI(3, "DHM: G ", &ssl->handshake->dhm_ctx.G);
+        MBEDTLS_SSL_DEBUG_MPI(3, "DHM: GX", &ssl->handshake->dhm_ctx.GX);
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED */
+
+    /*
+     * - ECDHE key exchanges
+     */
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
+    if (mbedtls_ssl_ciphersuite_uses_ecdhe(ciphersuite_info)) {
+        /*
+         * Ephemeral ECDH parameters:
+         *
+         * struct {
+         *     ECParameters curve_params;
+         *     ECPoint      public;
+         * } ServerECDHParams;
+         */
+        const mbedtls_ecp_curve_info **curve = NULL;
+        const mbedtls_ecp_group_id *gid;
+        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+        size_t len = 0;
+
+        /* Match our preference list against the offered curves */
+        for (gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++) {
+            for (curve = ssl->handshake->curves; *curve != NULL; curve++) {
+                if ((*curve)->grp_id == *gid) {
+                    goto curve_matching_done;
+                }
+            }
+        }
+
+curve_matching_done:
+        if (curve == NULL || *curve == NULL) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("no matching curve for ECDHE"));
+            return MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN;
+        }
+
+        MBEDTLS_SSL_DEBUG_MSG(2, ("ECDHE curve: %s", (*curve)->name));
+
+        if ((ret = mbedtls_ecdh_setup(&ssl->handshake->ecdh_ctx,
+                                      (*curve)->grp_id)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecp_group_load", ret);
+            return ret;
+        }
+
+        if ((ret = mbedtls_ecdh_make_params(
+                 &ssl->handshake->ecdh_ctx, &len,
+                 ssl->out_msg + ssl->out_msglen,
+                 MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen,
+                 ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_make_params", ret);
+            return ret;
+        }
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
+        dig_signed = ssl->out_msg + ssl->out_msglen;
+#endif
+
+        ssl->out_msglen += len;
+
+        MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx,
+                               MBEDTLS_DEBUG_ECDH_Q);
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED */
+
+    /*
+     *
+     * Part 2: For key exchanges involving the server signing the
+     *         exchange parameters, compute and add the signature here.
+     *
+     */
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
+    if (mbedtls_ssl_ciphersuite_uses_server_signature(ciphersuite_info)) {
+        size_t dig_signed_len = ssl->out_msg + ssl->out_msglen - dig_signed;
+        size_t hashlen = 0;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        unsigned char hash[PSA_HASH_MAX_SIZE];
+#else
+        unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+#endif
+        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+        /*
+         * 2.1: Choose hash algorithm:
+         * A: For TLS 1.2, obey signature-hash-algorithm extension
+         *    to choose appropriate hash.
+         * B: For SSL3, TLS1.0, TLS1.1 and ECDHE_ECDSA, use SHA1
+         *    (RFC 4492, Sec. 5.4)
+         * C: Otherwise, use MD5 + SHA1 (RFC 4346, Sec. 7.4.3)
+         */
+
+        mbedtls_md_type_t md_alg;
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        mbedtls_pk_type_t sig_alg =
+            mbedtls_ssl_get_ciphersuite_sig_pk_alg(ciphersuite_info);
+        if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) {
+            /* A: For TLS 1.2, obey signature-hash-algorithm extension
+             *    (RFC 5246, Sec. 7.4.1.4.1). */
+            if (sig_alg == MBEDTLS_PK_NONE ||
+                (md_alg = mbedtls_ssl_sig_hash_set_find(&ssl->handshake->hash_algs,
+                                                        sig_alg)) == MBEDTLS_MD_NONE) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+                /* (... because we choose a cipher suite
+                 *      only if there is a matching hash.) */
+                return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+            }
+        } else
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+        defined(MBEDTLS_SSL_PROTO_TLS1_1)
+        if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA) {
+            /* B: Default hash SHA1 */
+            md_alg = MBEDTLS_MD_SHA1;
+        } else
+#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
+          MBEDTLS_SSL_PROTO_TLS1_1 */
+        {
+            /* C: MD5 + SHA1 */
+            md_alg = MBEDTLS_MD_NONE;
+        }
+
+        MBEDTLS_SSL_DEBUG_MSG(3, ("pick hash algorithm %u for signing", (unsigned) md_alg));
+
+        /*
+         * 2.2: Compute the hash to be signed
+         */
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+        defined(MBEDTLS_SSL_PROTO_TLS1_1)
+        if (md_alg == MBEDTLS_MD_NONE) {
+            hashlen = 36;
+            ret = mbedtls_ssl_get_key_exchange_md_ssl_tls(ssl, hash,
+                                                          dig_signed,
+                                                          dig_signed_len);
+            if (ret != 0) {
+                return ret;
+            }
+        } else
+#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
+          MBEDTLS_SSL_PROTO_TLS1_1 */
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+        defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        if (md_alg != MBEDTLS_MD_NONE) {
+            ret = mbedtls_ssl_get_key_exchange_md_tls1_2(ssl, hash, &hashlen,
+                                                         dig_signed,
+                                                         dig_signed_len,
+                                                         md_alg);
+            if (ret != 0) {
+                return ret;
+            }
+        } else
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
+          MBEDTLS_SSL_PROTO_TLS1_2 */
+        {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        }
+
+        MBEDTLS_SSL_DEBUG_BUF(3, "parameters hash", hash, hashlen);
+
+        /*
+         * 2.3: Compute and add the signature
+         */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) {
+            /*
+             * For TLS 1.2, we need to specify signature and hash algorithm
+             * explicitly through a prefix to the signature.
+             *
+             * struct {
+             *    HashAlgorithm hash;
+             *    SignatureAlgorithm signature;
+             * } SignatureAndHashAlgorithm;
+             *
+             * struct {
+             *    SignatureAndHashAlgorithm algorithm;
+             *    opaque signature<0..2^16-1>;
+             * } DigitallySigned;
+             *
+             */
+
+            ssl->out_msg[ssl->out_msglen++] =
+                mbedtls_ssl_hash_from_md_alg(md_alg);
+            ssl->out_msg[ssl->out_msglen++] =
+                mbedtls_ssl_sig_from_pk_alg(sig_alg);
+        }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+        if (ssl->conf->f_async_sign_start != NULL) {
+            ret = ssl->conf->f_async_sign_start(ssl,
+                                                mbedtls_ssl_own_cert(ssl),
+                                                md_alg, hash, hashlen);
+            switch (ret) {
+                case MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH:
+                    /* act as if f_async_sign was null */
+                    break;
+                case 0:
+                    ssl->handshake->async_in_progress = 1;
+                    return ssl_resume_server_key_exchange(ssl, signature_len);
+                case MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS:
+                    ssl->handshake->async_in_progress = 1;
+                    return MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS;
+                default:
+                    MBEDTLS_SSL_DEBUG_RET(1, "f_async_sign_start", ret);
+                    return ret;
+            }
+        }
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+
+        if (mbedtls_ssl_own_key(ssl) == NULL) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("got no private key"));
+            return MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED;
+        }
+
+        /* Append the signature to ssl->out_msg, leaving 2 bytes for the
+         * signature length which will be added in ssl_write_server_key_exchange
+         * after the call to ssl_prepare_server_key_exchange.
+         * ssl_write_server_key_exchange also takes care of incrementing
+         * ssl->out_msglen. */
+        if ((ret = mbedtls_pk_sign(mbedtls_ssl_own_key(ssl),
+                                   md_alg, hash, hashlen,
+                                   ssl->out_msg + ssl->out_msglen + 2,
+                                   signature_len,
+                                   ssl->conf->f_rng,
+                                   ssl->conf->p_rng)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_sign", ret);
+            return ret;
+        }
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */
+
+    return 0;
+}
+
+/* Prepare the ServerKeyExchange message and send it. For ciphersuites
+ * that do not include a ServerKeyExchange message, do nothing. Either
+ * way, if successful, move on to the next step in the SSL state
+ * machine. */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_server_key_exchange(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t signature_len = 0;
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED)
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->handshake->ciphersuite_info;
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write server key exchange"));
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED)
+    /* Extract static ECDH parameters and abort if ServerKeyExchange
+     * is not needed. */
+    if (mbedtls_ssl_ciphersuite_no_pfs(ciphersuite_info)) {
+        /* For suites involving ECDH, extract DH parameters
+         * from certificate at this point. */
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED)
+        if (mbedtls_ssl_ciphersuite_uses_ecdh(ciphersuite_info)) {
+            ret = ssl_get_ecdh_params_from_cert(ssl);
+            if (ret != 0) {
+                MBEDTLS_SSL_DEBUG_RET(1, "ssl_get_ecdh_params_from_cert", ret);
+                return ret;
+            }
+        }
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */
+
+        /* Key exchanges not involving ephemeral keys don't use
+         * ServerKeyExchange, so end here. */
+        MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write server key exchange"));
+        ssl->state++;
+        return 0;
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) && \
+    defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+    /* If we have already prepared the message and there is an ongoing
+     * signature operation, resume signing. */
+    if (ssl->handshake->async_in_progress != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("resuming signature operation"));
+        ret = ssl_resume_server_key_exchange(ssl, &signature_len);
+    } else
+#endif /* defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) &&
+          defined(MBEDTLS_SSL_ASYNC_PRIVATE) */
+    {
+        /* ServerKeyExchange is needed. Prepare the message. */
+        ret = ssl_prepare_server_key_exchange(ssl, &signature_len);
+    }
+
+    if (ret != 0) {
+        /* If we're starting to write a new message, set ssl->out_msglen
+         * to 0. But if we're resuming after an asynchronous message,
+         * out_msglen is the amount of data written so far and mst be
+         * preserved. */
+        if (ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS) {
+            MBEDTLS_SSL_DEBUG_MSG(2, ("<= write server key exchange (pending)"));
+        } else {
+            ssl->out_msglen = 0;
+        }
+        return ret;
+    }
+
+    /* If there is a signature, write its length.
+     * ssl_prepare_server_key_exchange already wrote the signature
+     * itself at its proper place in the output buffer. */
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
+    if (signature_len != 0) {
+        ssl->out_msg[ssl->out_msglen++] = MBEDTLS_BYTE_1(signature_len);
+        ssl->out_msg[ssl->out_msglen++] = MBEDTLS_BYTE_0(signature_len);
+
+        MBEDTLS_SSL_DEBUG_BUF(3, "my signature",
+                              ssl->out_msg + ssl->out_msglen,
+                              signature_len);
+
+        /* Skip over the already-written signature */
+        ssl->out_msglen += signature_len;
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */
+
+    /* Add header and send. */
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE;
+
+    ssl->state++;
+
+    if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret);
+        return ret;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= write server key exchange"));
+    return 0;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_server_hello_done(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write server hello done"));
+
+    ssl->out_msglen  = 4;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_SERVER_HELLO_DONE;
+
+    ssl->state++;
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        mbedtls_ssl_send_flight_completed(ssl);
+    }
+#endif
+
+    if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret);
+        return ret;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        (ret = mbedtls_ssl_flight_transmit(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_flight_transmit", ret);
+        return ret;
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= write server hello done"));
+
+    return 0;
+}
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) ||                       \
+    defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_client_dh_public(mbedtls_ssl_context *ssl, unsigned char **p,
+                                      const unsigned char *end)
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+    size_t n;
+
+    /*
+     * Receive G^Y mod P, premaster = (G^Y)^X mod P
+     */
+    if (*p + 2 > end) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE;
+    }
+
+    n = ((*p)[0] << 8) | (*p)[1];
+    *p += 2;
+
+    if (*p + n > end) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE;
+    }
+
+    if ((ret = mbedtls_dhm_read_public(&ssl->handshake->dhm_ctx, *p, n)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_read_public", ret);
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP;
+    }
+
+    *p += n;
+
+    MBEDTLS_SSL_DEBUG_MPI(3, "DHM: GY", &ssl->handshake->dhm_ctx.GY);
+
+    return ret;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) ||                           \
+    defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_resume_decrypt_pms(mbedtls_ssl_context *ssl,
+                                  unsigned char *peer_pms,
+                                  size_t *peer_pmslen,
+                                  size_t peer_pmssize)
+{
+    int ret = ssl->conf->f_async_resume(ssl,
+                                        peer_pms, peer_pmslen, peer_pmssize);
+    if (ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS) {
+        ssl->handshake->async_in_progress = 0;
+        mbedtls_ssl_set_async_operation_data(ssl, NULL);
+    }
+    MBEDTLS_SSL_DEBUG_RET(2, "ssl_decrypt_encrypted_pms", ret);
+    return ret;
+}
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_decrypt_encrypted_pms(mbedtls_ssl_context *ssl,
+                                     const unsigned char *p,
+                                     const unsigned char *end,
+                                     unsigned char *peer_pms,
+                                     size_t *peer_pmslen,
+                                     size_t peer_pmssize)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    mbedtls_x509_crt *own_cert = mbedtls_ssl_own_cert(ssl);
+    if (own_cert == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("got no local certificate"));
+        return MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE;
+    }
+    mbedtls_pk_context *public_key = &own_cert->pk;
+    mbedtls_pk_context *private_key = mbedtls_ssl_own_key(ssl);
+    size_t len = mbedtls_pk_get_len(public_key);
+
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+    /* If we have already started decoding the message and there is an ongoing
+     * decryption operation, resume signing. */
+    if (ssl->handshake->async_in_progress != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("resuming decryption operation"));
+        return ssl_resume_decrypt_pms(ssl,
+                                      peer_pms, peer_pmslen, peer_pmssize);
+    }
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+
+    /*
+     * Prepare to decrypt the premaster using own private RSA key
+     */
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if (ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0) {
+        if (p + 2 > end) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message"));
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE;
+        }
+        if (*p++ != MBEDTLS_BYTE_1(len) ||
+            *p++ != MBEDTLS_BYTE_0(len)) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message"));
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE;
+        }
+    }
+#endif
+
+    if (p + len != end) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE;
+    }
+
+    /*
+     * Decrypt the premaster secret
+     */
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+    if (ssl->conf->f_async_decrypt_start != NULL) {
+        ret = ssl->conf->f_async_decrypt_start(ssl,
+                                               mbedtls_ssl_own_cert(ssl),
+                                               p, len);
+        switch (ret) {
+            case MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH:
+                /* act as if f_async_decrypt_start was null */
+                break;
+            case 0:
+                ssl->handshake->async_in_progress = 1;
+                return ssl_resume_decrypt_pms(ssl,
+                                              peer_pms,
+                                              peer_pmslen,
+                                              peer_pmssize);
+            case MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS:
+                ssl->handshake->async_in_progress = 1;
+                return MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS;
+            default:
+                MBEDTLS_SSL_DEBUG_RET(1, "f_async_decrypt_start", ret);
+                return ret;
+        }
+    }
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+
+    if (!mbedtls_pk_can_do(private_key, MBEDTLS_PK_RSA)) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("got no RSA private key"));
+        return MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED;
+    }
+
+    ret = mbedtls_pk_decrypt(private_key, p, len,
+                             peer_pms, peer_pmslen, peer_pmssize,
+                             ssl->conf->f_rng, ssl->conf->p_rng);
+    return ret;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_encrypted_pms(mbedtls_ssl_context *ssl,
+                                   const unsigned char *p,
+                                   const unsigned char *end,
+                                   size_t pms_offset)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *pms = ssl->handshake->premaster + pms_offset;
+    unsigned char ver[2];
+    unsigned char fake_pms[48], peer_pms[48];
+    unsigned char mask;
+    size_t i, peer_pmslen;
+    unsigned int diff;
+
+    /* In case of a failure in decryption, the decryption may write less than
+     * 2 bytes of output, but we always read the first two bytes. It doesn't
+     * matter in the end because diff will be nonzero in that case due to
+     * ret being nonzero, and we only care whether diff is 0.
+     * But do initialize peer_pms and peer_pmslen for robustness anyway. This
+     * also makes memory analyzers happy (don't access uninitialized memory,
+     * even if it's an unsigned char). */
+    peer_pms[0] = peer_pms[1] = ~0;
+    peer_pmslen = 0;
+
+    ret = ssl_decrypt_encrypted_pms(ssl, p, end,
+                                    peer_pms,
+                                    &peer_pmslen,
+                                    sizeof(peer_pms));
+
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+    if (ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS) {
+        return ret;
+    }
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+
+    mbedtls_ssl_write_version(ssl->handshake->max_major_ver,
+                              ssl->handshake->max_minor_ver,
+                              ssl->conf->transport, ver);
+
+    /* Avoid data-dependent branches while checking for invalid
+     * padding, to protect against timing-based Bleichenbacher-type
+     * attacks. */
+    diff  = (unsigned int) ret;
+    diff |= peer_pmslen ^ 48;
+    diff |= peer_pms[0] ^ ver[0];
+    diff |= peer_pms[1] ^ ver[1];
+
+    /* mask = diff ? 0xff : 0x00 using bit operations to avoid branches */
+    mask = mbedtls_ct_uint_mask(diff);
+
+    /*
+     * Protection against Bleichenbacher's attack: invalid PKCS#1 v1.5 padding
+     * must not cause the connection to end immediately; instead, send a
+     * bad_record_mac later in the handshake.
+     * To protect against timing-based variants of the attack, we must
+     * not have any branch that depends on whether the decryption was
+     * successful. In particular, always generate the fake premaster secret,
+     * regardless of whether it will ultimately influence the output or not.
+     */
+    ret = ssl->conf->f_rng(ssl->conf->p_rng, fake_pms, sizeof(fake_pms));
+    if (ret != 0) {
+        /* It's ok to abort on an RNG failure, since this does not reveal
+         * anything about the RSA decryption. */
+        return ret;
+    }
+
+#if defined(MBEDTLS_SSL_DEBUG_ALL)
+    if (diff != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message"));
+    }
+#endif
+
+    if (sizeof(ssl->handshake->premaster) < pms_offset ||
+        sizeof(ssl->handshake->premaster) - pms_offset < 48) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+    ssl->handshake->pmslen = 48;
+
+    /* Set pms to either the true or the fake PMS, without
+     * data-dependent branches. */
+    for (i = 0; i < ssl->handshake->pmslen; i++) {
+        pms[i] = (mask & fake_pms[i]) | ((~mask) & peer_pms[i]);
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_client_psk_identity(mbedtls_ssl_context *ssl, unsigned char **p,
+                                         const unsigned char *end)
+{
+    int ret = 0;
+    uint16_t n;
+
+    if (ssl_conf_has_psk_or_cb(ssl->conf) == 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("got no pre-shared key"));
+        return MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED;
+    }
+
+    /*
+     * Receive client pre-shared key identity name
+     */
+    if (end - *p < 2) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE;
+    }
+
+    n = ((*p)[0] << 8) | (*p)[1];
+    *p += 2;
+
+    if (n == 0 || n > end - *p) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE;
+    }
+
+    if (ssl->conf->f_psk != NULL) {
+        if (ssl->conf->f_psk(ssl->conf->p_psk, ssl, *p, n) != 0) {
+            ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY;
+        }
+    } else {
+        /* Identity is not a big secret since clients send it in the clear,
+         * but treat it carefully anyway, just in case */
+        if (n != ssl->conf->psk_identity_len ||
+            mbedtls_ct_memcmp(ssl->conf->psk_identity, *p, n) != 0) {
+            ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY;
+        }
+    }
+
+    if (ret == MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY) {
+        MBEDTLS_SSL_DEBUG_BUF(3, "Unknown PSK identity", *p, n);
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY);
+        return MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY;
+    }
+
+    *p += n;
+
+    return 0;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_client_key_exchange(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
+    unsigned char *p, *end;
+
+    ciphersuite_info = ssl->handshake->ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse client key exchange"));
+
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) && \
+    (defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
+    defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED))
+    if ((ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
+         ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA) &&
+        (ssl->handshake->async_in_progress != 0)) {
+        /* We've already read a record and there is an asynchronous
+         * operation in progress to decrypt it. So skip reading the
+         * record. */
+        MBEDTLS_SSL_DEBUG_MSG(3, ("will resume decryption of previously-read record"));
+    } else
+#endif
+    if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret);
+        return ret;
+    }
+
+    p = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl);
+    end = ssl->in_msg + ssl->in_hslen;
+
+    if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE;
+    }
+
+    if (ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE;
+    }
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA) {
+        if ((ret = ssl_parse_client_dh_public(ssl, &p, end)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_dh_public"), ret);
+            return ret;
+        }
+
+        if (p != end) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange"));
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE;
+        }
+
+        if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx,
+                                           ssl->handshake->premaster,
+                                           MBEDTLS_PREMASTER_SIZE,
+                                           &ssl->handshake->pmslen,
+                                           ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_calc_secret", ret);
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS;
+        }
+
+        MBEDTLS_SSL_DEBUG_MPI(3, "DHM: K ", &ssl->handshake->dhm_ctx.K);
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||                     \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ||                   \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) ||                      \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA) {
+        if ((ret = mbedtls_ecdh_read_public(&ssl->handshake->ecdh_ctx,
+                                            p, end - p)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_read_public", ret);
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP;
+        }
+
+        MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx,
+                               MBEDTLS_DEBUG_ECDH_QP);
+
+        if ((ret = mbedtls_ecdh_calc_secret(&ssl->handshake->ecdh_ctx,
+                                            &ssl->handshake->pmslen,
+                                            ssl->handshake->premaster,
+                                            MBEDTLS_MPI_MAX_SIZE,
+                                            ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_calc_secret", ret);
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS;
+        }
+
+        MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx,
+                               MBEDTLS_DEBUG_ECDH_Z);
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK) {
+        if ((ret = ssl_parse_client_psk_identity(ssl, &p, end)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_psk_identity"), ret);
+            return ret;
+        }
+
+        if (p != end) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange"));
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE;
+        }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        /* For opaque PSKs, we perform the PSK-to-MS derivation automatically
+         * and skip the intermediate PMS. */
+        if (ssl_use_opaque_psk(ssl) == 1) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("skip PMS generation for opaque PSK"));
+        } else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+        if ((ret = mbedtls_ssl_psk_derive_premaster(ssl,
+                                                    ciphersuite_info->key_exchange)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_psk_derive_premaster", ret);
+            return ret;
+        }
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) {
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+        if (ssl->handshake->async_in_progress != 0) {
+            /* There is an asynchronous operation in progress to
+             * decrypt the encrypted premaster secret, so skip
+             * directly to resuming this operation. */
+            MBEDTLS_SSL_DEBUG_MSG(3, ("PSK identity already parsed"));
+            /* Update p to skip the PSK identity. ssl_parse_encrypted_pms
+             * won't actually use it, but maintain p anyway for robustness. */
+            p += ssl->conf->psk_identity_len + 2;
+        } else
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+        if ((ret = ssl_parse_client_psk_identity(ssl, &p, end)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_psk_identity"), ret);
+            return ret;
+        }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        /* Opaque PSKs are currently only supported for PSK-only. */
+        if (ssl_use_opaque_psk(ssl) == 1) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("opaque PSK not supported with RSA-PSK"));
+            return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+        }
+#endif
+
+        if ((ret = ssl_parse_encrypted_pms(ssl, p, end, 2)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_encrypted_pms"), ret);
+            return ret;
+        }
+
+        if ((ret = mbedtls_ssl_psk_derive_premaster(ssl,
+                                                    ciphersuite_info->key_exchange)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_psk_derive_premaster", ret);
+            return ret;
+        }
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK) {
+        if ((ret = ssl_parse_client_psk_identity(ssl, &p, end)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_psk_identity"), ret);
+            return ret;
+        }
+        if ((ret = ssl_parse_client_dh_public(ssl, &p, end)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_dh_public"), ret);
+            return ret;
+        }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        /* Opaque PSKs are currently only supported for PSK-only. */
+        if (ssl_use_opaque_psk(ssl) == 1) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("opaque PSK not supported with DHE-PSK"));
+            return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+        }
+#endif
+
+        if (p != end) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange"));
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE;
+        }
+
+        if ((ret = mbedtls_ssl_psk_derive_premaster(ssl,
+                                                    ciphersuite_info->key_exchange)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_psk_derive_premaster", ret);
+            return ret;
+        }
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) {
+        if ((ret = ssl_parse_client_psk_identity(ssl, &p, end)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_psk_identity"), ret);
+            return ret;
+        }
+
+        if ((ret = mbedtls_ecdh_read_public(&ssl->handshake->ecdh_ctx,
+                                            p, end - p)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_read_public", ret);
+            return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP;
+        }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        /* Opaque PSKs are currently only supported for PSK-only. */
+        if (ssl_use_opaque_psk(ssl) == 1) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("opaque PSK not supported with ECDHE-PSK"));
+            return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+        }
+#endif
+
+        MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx,
+                               MBEDTLS_DEBUG_ECDH_QP);
+
+        if ((ret = mbedtls_ssl_psk_derive_premaster(ssl,
+                                                    ciphersuite_info->key_exchange)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_psk_derive_premaster", ret);
+            return ret;
+        }
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA) {
+        if ((ret = ssl_parse_encrypted_pms(ssl, p, end, 0)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_parse_encrypted_pms_secret"), ret);
+            return ret;
+        }
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) {
+        ret = mbedtls_ecjpake_read_round_two(&ssl->handshake->ecjpake_ctx,
+                                             p, end - p);
+        if (ret != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_read_round_two", ret);
+            return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE;
+        }
+
+        ret = mbedtls_ecjpake_derive_secret(&ssl->handshake->ecjpake_ctx,
+                                            ssl->handshake->premaster, 32, &ssl->handshake->pmslen,
+                                            ssl->conf->f_rng, ssl->conf->p_rng);
+        if (ret != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_derive_secret", ret);
+            return ret;
+        }
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+    {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    if ((ret = mbedtls_ssl_derive_keys(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_derive_keys", ret);
+        return ret;
+    }
+
+    ssl->state++;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse client key exchange"));
+
+    return 0;
+}
+
+#if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl)
+{
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->handshake->ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate verify"));
+
+    if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate verify"));
+        ssl->state++;
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+    return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+}
+#else /* !MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+    size_t i, sig_len;
+    unsigned char hash[48];
+    unsigned char *hash_start = hash;
+    size_t hashlen;
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    mbedtls_pk_type_t pk_alg;
+#endif
+    mbedtls_md_type_t md_alg;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->handshake->ciphersuite_info;
+    mbedtls_pk_context *peer_pk;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate verify"));
+
+    if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate verify"));
+        ssl->state++;
+        return 0;
+    }
+
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    if (ssl->session_negotiate->peer_cert == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate verify"));
+        ssl->state++;
+        return 0;
+    }
+#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+    if (ssl->session_negotiate->peer_cert_digest == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate verify"));
+        ssl->state++;
+        return 0;
+    }
+#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+    /* Read the message without adding it to the checksum */
+    ret = mbedtls_ssl_read_record(ssl, 0 /* no checksum update */);
+    if (0 != ret) {
+        MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ssl_read_record"), ret);
+        return ret;
+    }
+
+    ssl->state++;
+
+    /* Process the message contents */
+    if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ||
+        ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE_VERIFY) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate verify message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY;
+    }
+
+    i = mbedtls_ssl_hs_hdr_len(ssl);
+
+#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    peer_pk = &ssl->handshake->peer_pubkey;
+#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+    if (ssl->session_negotiate->peer_cert == NULL) {
+        /* Should never happen */
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+    peer_pk = &ssl->session_negotiate->peer_cert->pk;
+#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+    /*
+     *  struct {
+     *     SignatureAndHashAlgorithm algorithm; -- TLS 1.2 only
+     *     opaque signature<0..2^16-1>;
+     *  } DigitallySigned;
+     */
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+    if (ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3) {
+        md_alg = MBEDTLS_MD_NONE;
+        hashlen = 36;
+
+        /* For ECDSA, use SHA-1, not MD-5 + SHA-1 */
+        if (mbedtls_pk_can_do(peer_pk, MBEDTLS_PK_ECDSA)) {
+            hash_start += 16;
+            hashlen -= 16;
+            md_alg = MBEDTLS_MD_SHA1;
+        }
+    } else
+#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 ||
+          MBEDTLS_SSL_PROTO_TLS1_1 */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) {
+        if (i + 2 > ssl->in_hslen) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate verify message"));
+            return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY;
+        }
+
+        /*
+         * Hash
+         */
+        md_alg = mbedtls_ssl_md_alg_from_hash(ssl->in_msg[i]);
+
+        if (md_alg == MBEDTLS_MD_NONE || mbedtls_ssl_set_calc_verify_md(ssl, ssl->in_msg[i])) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("peer not adhering to requested sig_alg"
+                                      " for verify message"));
+            return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY;
+        }
+
+#if !defined(MBEDTLS_MD_SHA1)
+        if (MBEDTLS_MD_SHA1 == md_alg) {
+            hash_start += 16;
+        }
+#endif
+
+        /* Info from md_alg will be used instead */
+        hashlen = 0;
+
+        i++;
+
+        /*
+         * Signature
+         */
+        if ((pk_alg = mbedtls_ssl_pk_alg_from_sig(ssl->in_msg[i]))
+            == MBEDTLS_PK_NONE) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("peer not adhering to requested sig_alg"
+                                      " for verify message"));
+            return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY;
+        }
+
+        /*
+         * Check the certificate's key type matches the signature alg
+         */
+        if (!mbedtls_pk_can_do(peer_pk, pk_alg)) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("sig_alg doesn't match cert key"));
+            return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY;
+        }
+
+        i++;
+    } else
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+    {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    if (i + 2 > ssl->in_hslen) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate verify message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY;
+    }
+
+    sig_len = (ssl->in_msg[i] << 8) | ssl->in_msg[i+1];
+    i += 2;
+
+    if (i + sig_len != ssl->in_hslen) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate verify message"));
+        return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY;
+    }
+
+    /* Calculate hash and verify signature */
+    {
+        size_t dummy_hlen;
+        ssl->handshake->calc_verify(ssl, hash, &dummy_hlen);
+    }
+
+    if ((ret = mbedtls_pk_verify(peer_pk,
+                                 md_alg, hash_start, hashlen,
+                                 ssl->in_msg + i, sig_len)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_verify", ret);
+        return ret;
+    }
+
+    mbedtls_ssl_update_handshake_status(ssl);
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse certificate verify"));
+
+    return ret;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_new_session_ticket(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t tlen;
+    uint32_t lifetime;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write new session ticket"));
+
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_NEW_SESSION_TICKET;
+
+    /*
+     * struct {
+     *     uint32 ticket_lifetime_hint;
+     *     opaque ticket<0..2^16-1>;
+     * } NewSessionTicket;
+     *
+     * 4  .  7   ticket_lifetime_hint (0 = unspecified)
+     * 8  .  9   ticket_len (n)
+     * 10 .  9+n ticket content
+     */
+
+    if ((ret = ssl->conf->f_ticket_write(ssl->conf->p_ticket,
+                                         ssl->session_negotiate,
+                                         ssl->out_msg + 10,
+                                         ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN,
+                                         &tlen, &lifetime)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_ticket_write", ret);
+        tlen = 0;
+    }
+
+    MBEDTLS_PUT_UINT32_BE(lifetime, ssl->out_msg, 4);
+    MBEDTLS_PUT_UINT16_BE(tlen, ssl->out_msg, 8);
+    ssl->out_msglen = 10 + tlen;
+
+    /*
+     * Morally equivalent to updating ssl->state, but NewSessionTicket and
+     * ChangeCipherSpec share the same state.
+     */
+    ssl->handshake->new_session_ticket = 0;
+
+    if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret);
+        return ret;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= write new session ticket"));
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+/*
+ * SSL handshake -- server side -- single step
+ */
+int mbedtls_ssl_handshake_server_step(mbedtls_ssl_context *ssl)
+{
+    int ret = 0;
+
+    if (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("server state: %d", ssl->state));
+
+    if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) {
+        return ret;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING) {
+        if ((ret = mbedtls_ssl_flight_transmit(ssl)) != 0) {
+            return ret;
+        }
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    switch (ssl->state) {
+        case MBEDTLS_SSL_HELLO_REQUEST:
+            ssl->state = MBEDTLS_SSL_CLIENT_HELLO;
+            break;
+
+        /*
+         *  <==   ClientHello
+         */
+        case MBEDTLS_SSL_CLIENT_HELLO:
+            ret = ssl_parse_client_hello(ssl);
+            break;
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+        case MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT:
+            return MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED;
+#endif
+
+        /*
+         *  ==>   ServerHello
+         *        Certificate
+         *      ( ServerKeyExchange  )
+         *      ( CertificateRequest )
+         *        ServerHelloDone
+         */
+        case MBEDTLS_SSL_SERVER_HELLO:
+            ret = ssl_write_server_hello(ssl);
+            break;
+
+        case MBEDTLS_SSL_SERVER_CERTIFICATE:
+            ret = mbedtls_ssl_write_certificate(ssl);
+            break;
+
+        case MBEDTLS_SSL_SERVER_KEY_EXCHANGE:
+            ret = ssl_write_server_key_exchange(ssl);
+            break;
+
+        case MBEDTLS_SSL_CERTIFICATE_REQUEST:
+            ret = ssl_write_certificate_request(ssl);
+            break;
+
+        case MBEDTLS_SSL_SERVER_HELLO_DONE:
+            ret = ssl_write_server_hello_done(ssl);
+            break;
+
+        /*
+         *  <== ( Certificate/Alert  )
+         *        ClientKeyExchange
+         *      ( CertificateVerify  )
+         *        ChangeCipherSpec
+         *        Finished
+         */
+        case MBEDTLS_SSL_CLIENT_CERTIFICATE:
+            ret = mbedtls_ssl_parse_certificate(ssl);
+            break;
+
+        case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE:
+            ret = ssl_parse_client_key_exchange(ssl);
+            break;
+
+        case MBEDTLS_SSL_CERTIFICATE_VERIFY:
+            ret = ssl_parse_certificate_verify(ssl);
+            break;
+
+        case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC:
+            ret = mbedtls_ssl_parse_change_cipher_spec(ssl);
+            break;
+
+        case MBEDTLS_SSL_CLIENT_FINISHED:
+            ret = mbedtls_ssl_parse_finished(ssl);
+            break;
+
+        /*
+         *  ==> ( NewSessionTicket )
+         *        ChangeCipherSpec
+         *        Finished
+         */
+        case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC:
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+            if (ssl->handshake->new_session_ticket != 0) {
+                ret = ssl_write_new_session_ticket(ssl);
+            } else
+#endif
+            ret = mbedtls_ssl_write_change_cipher_spec(ssl);
+            break;
+
+        case MBEDTLS_SSL_SERVER_FINISHED:
+            ret = mbedtls_ssl_write_finished(ssl);
+            break;
+
+        case MBEDTLS_SSL_FLUSH_BUFFERS:
+            MBEDTLS_SSL_DEBUG_MSG(2, ("handshake: done"));
+            ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP;
+            break;
+
+        case MBEDTLS_SSL_HANDSHAKE_WRAPUP:
+            mbedtls_ssl_handshake_wrapup(ssl);
+            break;
+
+        default:
+            MBEDTLS_SSL_DEBUG_MSG(1, ("invalid state %d", ssl->state));
+            return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    return ret;
+}
+#endif /* MBEDTLS_SSL_SRV_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/ssl_ticket.c b/3rdparty/mbedtls-2.28.7/library/ssl_ticket.c
new file mode 100644
index 0000000..f910290
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/ssl_ticket.c
@@ -0,0 +1,416 @@
+/*
+ *  TLS server tickets callbacks implementation
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_SSL_TICKET_C)
+
+#include "mbedtls/platform.h"
+
+#include "mbedtls/ssl_internal.h"
+#include "mbedtls/ssl_ticket.h"
+#include "mbedtls/error.h"
+#include "mbedtls/platform_util.h"
+
+#include <string.h>
+
+/*
+ * Initialize context
+ */
+void mbedtls_ssl_ticket_init(mbedtls_ssl_ticket_context *ctx)
+{
+    memset(ctx, 0, sizeof(mbedtls_ssl_ticket_context));
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_init(&ctx->mutex);
+#endif
+}
+
+#define MAX_KEY_BYTES 32    /* 256 bits */
+
+#define TICKET_KEY_NAME_BYTES    4
+#define TICKET_IV_BYTES         12
+#define TICKET_CRYPT_LEN_BYTES   2
+#define TICKET_AUTH_TAG_BYTES   16
+
+#define TICKET_MIN_LEN (TICKET_KEY_NAME_BYTES  +        \
+                        TICKET_IV_BYTES        +        \
+                        TICKET_CRYPT_LEN_BYTES +        \
+                        TICKET_AUTH_TAG_BYTES)
+#define TICKET_ADD_DATA_LEN (TICKET_KEY_NAME_BYTES  +        \
+                             TICKET_IV_BYTES        +        \
+                             TICKET_CRYPT_LEN_BYTES)
+
+/*
+ * Generate/update a key
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_ticket_gen_key(mbedtls_ssl_ticket_context *ctx,
+                              unsigned char index)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char buf[MAX_KEY_BYTES];
+    mbedtls_ssl_ticket_key *key = ctx->keys + index;
+
+#if defined(MBEDTLS_HAVE_TIME)
+    key->generation_time = (uint32_t) mbedtls_time(NULL);
+#endif
+
+    if ((ret = ctx->f_rng(ctx->p_rng, key->name, sizeof(key->name))) != 0) {
+        return ret;
+    }
+
+    if ((ret = ctx->f_rng(ctx->p_rng, buf, sizeof(buf))) != 0) {
+        return ret;
+    }
+
+    /* With GCM and CCM, same context can encrypt & decrypt */
+    ret = mbedtls_cipher_setkey(&key->ctx, buf,
+                                mbedtls_cipher_get_key_bitlen(&key->ctx),
+                                MBEDTLS_ENCRYPT);
+
+    mbedtls_platform_zeroize(buf, sizeof(buf));
+
+    return ret;
+}
+
+/*
+ * Rotate/generate keys if necessary
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_ticket_update_keys(mbedtls_ssl_ticket_context *ctx)
+{
+#if !defined(MBEDTLS_HAVE_TIME)
+    ((void) ctx);
+#else
+    if (ctx->ticket_lifetime != 0) {
+        uint32_t current_time = (uint32_t) mbedtls_time(NULL);
+        uint32_t key_time = ctx->keys[ctx->active].generation_time;
+
+        if (current_time >= key_time &&
+            current_time - key_time < ctx->ticket_lifetime) {
+            return 0;
+        }
+
+        ctx->active = 1 - ctx->active;
+
+        return ssl_ticket_gen_key(ctx, ctx->active);
+    } else
+#endif /* MBEDTLS_HAVE_TIME */
+    return 0;
+}
+
+/*
+ * Setup context for actual use
+ */
+int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx,
+                             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+                             mbedtls_cipher_type_t cipher,
+                             uint32_t lifetime)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const mbedtls_cipher_info_t *cipher_info;
+
+    ctx->f_rng = f_rng;
+    ctx->p_rng = p_rng;
+
+    ctx->ticket_lifetime = lifetime;
+
+    cipher_info = mbedtls_cipher_info_from_type(cipher);
+    if (cipher_info == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    if (cipher_info->mode != MBEDTLS_MODE_GCM &&
+        cipher_info->mode != MBEDTLS_MODE_CCM) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    if (cipher_info->key_bitlen > 8 * MAX_KEY_BYTES) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    int do_mbedtls_cipher_setup = 1;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    ret = mbedtls_cipher_setup_psa(&ctx->keys[0].ctx,
+                                   cipher_info, TICKET_AUTH_TAG_BYTES);
+
+    switch (ret) {
+        case 0:
+            do_mbedtls_cipher_setup = 0;
+            break;
+        case MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:
+            /* We don't yet expect to support all ciphers through PSA,
+             * so allow fallback to ordinary mbedtls_cipher_setup(). */
+            do_mbedtls_cipher_setup = 1;
+            break;
+        default:
+            return ret;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    if (do_mbedtls_cipher_setup) {
+        if ((ret = mbedtls_cipher_setup(&ctx->keys[0].ctx, cipher_info))
+            != 0) {
+            return ret;
+        }
+    }
+
+    do_mbedtls_cipher_setup = 1;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    do_mbedtls_cipher_setup = 0;
+
+    ret = mbedtls_cipher_setup_psa(&ctx->keys[1].ctx,
+                                   cipher_info, TICKET_AUTH_TAG_BYTES);
+    if (ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) {
+        return ret;
+    }
+    if (ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) {
+        do_mbedtls_cipher_setup = 1;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    if (do_mbedtls_cipher_setup) {
+        if ((ret = mbedtls_cipher_setup(&ctx->keys[1].ctx, cipher_info))
+            != 0) {
+            return ret;
+        }
+    }
+
+    if ((ret = ssl_ticket_gen_key(ctx, 0)) != 0 ||
+        (ret = ssl_ticket_gen_key(ctx, 1)) != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+
+/*
+ * Create session ticket, with the following structure:
+ *
+ *    struct {
+ *        opaque key_name[4];
+ *        opaque iv[12];
+ *        opaque encrypted_state<0..2^16-1>;
+ *        opaque tag[16];
+ *    } ticket;
+ *
+ * The key_name, iv, and length of encrypted_state are the additional
+ * authenticated data.
+ */
+
+int mbedtls_ssl_ticket_write(void *p_ticket,
+                             const mbedtls_ssl_session *session,
+                             unsigned char *start,
+                             const unsigned char *end,
+                             size_t *tlen,
+                             uint32_t *ticket_lifetime)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ssl_ticket_context *ctx = p_ticket;
+    mbedtls_ssl_ticket_key *key;
+    unsigned char *key_name = start;
+    unsigned char *iv = start + TICKET_KEY_NAME_BYTES;
+    unsigned char *state_len_bytes = iv + TICKET_IV_BYTES;
+    unsigned char *state = state_len_bytes + TICKET_CRYPT_LEN_BYTES;
+    size_t clear_len, ciph_len;
+
+    *tlen = 0;
+
+    if (ctx == NULL || ctx->f_rng == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    /* We need at least 4 bytes for key_name, 12 for IV, 2 for len 16 for tag,
+     * in addition to session itself, that will be checked when writing it. */
+    MBEDTLS_SSL_CHK_BUF_PTR(start, end, TICKET_MIN_LEN);
+
+#if defined(MBEDTLS_THREADING_C)
+    if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) {
+        return ret;
+    }
+#endif
+
+    if ((ret = ssl_ticket_update_keys(ctx)) != 0) {
+        goto cleanup;
+    }
+
+    key = &ctx->keys[ctx->active];
+
+    *ticket_lifetime = ctx->ticket_lifetime;
+
+    memcpy(key_name, key->name, TICKET_KEY_NAME_BYTES);
+
+    if ((ret = ctx->f_rng(ctx->p_rng, iv, TICKET_IV_BYTES)) != 0) {
+        goto cleanup;
+    }
+
+    /* Dump session state */
+    if ((ret = mbedtls_ssl_session_save(session,
+                                        state, end - state,
+                                        &clear_len)) != 0 ||
+        (unsigned long) clear_len > 65535) {
+        goto cleanup;
+    }
+    MBEDTLS_PUT_UINT16_BE(clear_len, state_len_bytes, 0);
+
+    /* Encrypt and authenticate */
+    if ((ret = mbedtls_cipher_auth_encrypt_ext(&key->ctx,
+                                               iv, TICKET_IV_BYTES,
+                                               /* Additional data: key name, IV and length */
+                                               key_name, TICKET_ADD_DATA_LEN,
+                                               state, clear_len,
+                                               state, end - state, &ciph_len,
+                                               TICKET_AUTH_TAG_BYTES)) != 0) {
+        goto cleanup;
+    }
+    if (ciph_len != clear_len + TICKET_AUTH_TAG_BYTES) {
+        ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        goto cleanup;
+    }
+
+    *tlen = TICKET_MIN_LEN + ciph_len - TICKET_AUTH_TAG_BYTES;
+
+cleanup:
+#if defined(MBEDTLS_THREADING_C)
+    if (mbedtls_mutex_unlock(&ctx->mutex) != 0) {
+        return MBEDTLS_ERR_THREADING_MUTEX_ERROR;
+    }
+#endif
+
+    return ret;
+}
+
+/*
+ * Select key based on name
+ */
+static mbedtls_ssl_ticket_key *ssl_ticket_select_key(
+    mbedtls_ssl_ticket_context *ctx,
+    const unsigned char name[4])
+{
+    unsigned char i;
+
+    for (i = 0; i < sizeof(ctx->keys) / sizeof(*ctx->keys); i++) {
+        if (memcmp(name, ctx->keys[i].name, 4) == 0) {
+            return &ctx->keys[i];
+        }
+    }
+
+    return NULL;
+}
+
+/*
+ * Load session ticket (see mbedtls_ssl_ticket_write for structure)
+ */
+int mbedtls_ssl_ticket_parse(void *p_ticket,
+                             mbedtls_ssl_session *session,
+                             unsigned char *buf,
+                             size_t len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_ssl_ticket_context *ctx = p_ticket;
+    mbedtls_ssl_ticket_key *key;
+    unsigned char *key_name = buf;
+    unsigned char *iv = buf + TICKET_KEY_NAME_BYTES;
+    unsigned char *enc_len_p = iv + TICKET_IV_BYTES;
+    unsigned char *ticket = enc_len_p + TICKET_CRYPT_LEN_BYTES;
+    size_t enc_len, clear_len;
+
+    if (ctx == NULL || ctx->f_rng == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    if (len < TICKET_MIN_LEN) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_THREADING_C)
+    if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) {
+        return ret;
+    }
+#endif
+
+    if ((ret = ssl_ticket_update_keys(ctx)) != 0) {
+        goto cleanup;
+    }
+
+    enc_len = (enc_len_p[0] << 8) | enc_len_p[1];
+
+    if (len != TICKET_MIN_LEN + enc_len) {
+        ret = MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    /* Select key */
+    if ((key = ssl_ticket_select_key(ctx, key_name)) == NULL) {
+        /* We can't know for sure but this is a likely option unless we're
+         * under attack - this is only informative anyway */
+        ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED;
+        goto cleanup;
+    }
+
+    /* Decrypt and authenticate */
+    if ((ret = mbedtls_cipher_auth_decrypt_ext(&key->ctx,
+                                               iv, TICKET_IV_BYTES,
+                                               /* Additional data: key name, IV and length */
+                                               key_name, TICKET_ADD_DATA_LEN,
+                                               ticket, enc_len + TICKET_AUTH_TAG_BYTES,
+                                               ticket, enc_len, &clear_len,
+                                               TICKET_AUTH_TAG_BYTES)) != 0) {
+        if (ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED) {
+            ret = MBEDTLS_ERR_SSL_INVALID_MAC;
+        }
+
+        goto cleanup;
+    }
+    if (clear_len != enc_len) {
+        ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        goto cleanup;
+    }
+
+    /* Actually load session */
+    if ((ret = mbedtls_ssl_session_load(session, ticket, clear_len)) != 0) {
+        goto cleanup;
+    }
+
+#if defined(MBEDTLS_HAVE_TIME)
+    {
+        /* Check for expiration */
+        mbedtls_time_t current_time = mbedtls_time(NULL);
+
+        if (current_time < session->start ||
+            (uint32_t) (current_time - session->start) > ctx->ticket_lifetime) {
+            ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED;
+            goto cleanup;
+        }
+    }
+#endif
+
+cleanup:
+#if defined(MBEDTLS_THREADING_C)
+    if (mbedtls_mutex_unlock(&ctx->mutex) != 0) {
+        return MBEDTLS_ERR_THREADING_MUTEX_ERROR;
+    }
+#endif
+
+    return ret;
+}
+
+/*
+ * Free context
+ */
+void mbedtls_ssl_ticket_free(mbedtls_ssl_ticket_context *ctx)
+{
+    mbedtls_cipher_free(&ctx->keys[0].ctx);
+    mbedtls_cipher_free(&ctx->keys[1].ctx);
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_free(&ctx->mutex);
+#endif
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ssl_ticket_context));
+}
+
+#endif /* MBEDTLS_SSL_TICKET_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/ssl_tls.c b/3rdparty/mbedtls-2.28.7/library/ssl_tls.c
new file mode 100644
index 0000000..1a2bc7b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/ssl_tls.c
@@ -0,0 +1,7610 @@
+/*
+ *  SSLv3/TLSv1 shared functions
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  The SSL 3.0 specification was drafted by Netscape in 1996,
+ *  and became an IETF standard in 1999.
+ *
+ *  http://wp.netscape.com/eng/ssl3/
+ *  http://www.ietf.org/rfc/rfc2246.txt
+ *  http://www.ietf.org/rfc/rfc4346.txt
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_SSL_TLS_C)
+
+#include "mbedtls/platform.h"
+
+#include "mbedtls/ssl.h"
+#include "mbedtls/ssl_internal.h"
+#include "mbedtls/debug.h"
+#include "mbedtls/error.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/version.h"
+#include "mbedtls/constant_time.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "mbedtls/psa_util.h"
+#include "psa/crypto.h"
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#include "mbedtls/oid.h"
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+/* Top-level Connection ID API */
+
+int mbedtls_ssl_conf_cid(mbedtls_ssl_config *conf,
+                         size_t len,
+                         int ignore_other_cid)
+{
+    if (len > MBEDTLS_SSL_CID_IN_LEN_MAX) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    if (ignore_other_cid != MBEDTLS_SSL_UNEXPECTED_CID_FAIL &&
+        ignore_other_cid != MBEDTLS_SSL_UNEXPECTED_CID_IGNORE) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    conf->ignore_unexpected_cid = ignore_other_cid;
+    conf->cid_len = len;
+    return 0;
+}
+
+int mbedtls_ssl_set_cid(mbedtls_ssl_context *ssl,
+                        int enable,
+                        unsigned char const *own_cid,
+                        size_t own_cid_len)
+{
+    if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    ssl->negotiate_cid = enable;
+    if (enable == MBEDTLS_SSL_CID_DISABLED) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("Disable use of CID extension."));
+        return 0;
+    }
+    MBEDTLS_SSL_DEBUG_MSG(3, ("Enable use of CID extension."));
+    MBEDTLS_SSL_DEBUG_BUF(3, "Own CID", own_cid, own_cid_len);
+
+    if (own_cid_len != ssl->conf->cid_len) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("CID length %u does not match CID length %u in config",
+                                  (unsigned) own_cid_len,
+                                  (unsigned) ssl->conf->cid_len));
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    memcpy(ssl->own_cid, own_cid, own_cid_len);
+    /* Truncation is not an issue here because
+     * MBEDTLS_SSL_CID_IN_LEN_MAX at most 255. */
+    ssl->own_cid_len = (uint8_t) own_cid_len;
+
+    return 0;
+}
+
+int mbedtls_ssl_get_peer_cid(mbedtls_ssl_context *ssl,
+                             int *enabled,
+                             unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX],
+                             size_t *peer_cid_len)
+{
+    *enabled = MBEDTLS_SSL_CID_DISABLED;
+
+    if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ||
+        ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    /* We report MBEDTLS_SSL_CID_DISABLED in case the CID extensions
+     * were used, but client and server requested the empty CID.
+     * This is indistinguishable from not using the CID extension
+     * in the first place. */
+    if (ssl->transform_in->in_cid_len  == 0 &&
+        ssl->transform_in->out_cid_len == 0) {
+        return 0;
+    }
+
+    if (peer_cid_len != NULL) {
+        *peer_cid_len = ssl->transform_in->out_cid_len;
+        if (peer_cid != NULL) {
+            memcpy(peer_cid, ssl->transform_in->out_cid,
+                   ssl->transform_in->out_cid_len);
+        }
+    }
+
+    *enabled = MBEDTLS_SSL_CID_ENABLED;
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+/*
+ * Convert max_fragment_length codes to length.
+ * RFC 6066 says:
+ *    enum{
+ *        2^9(1), 2^10(2), 2^11(3), 2^12(4), (255)
+ *    } MaxFragmentLength;
+ * and we add 0 -> extension unused
+ */
+static unsigned int ssl_mfl_code_to_length(int mfl)
+{
+    switch (mfl) {
+        case MBEDTLS_SSL_MAX_FRAG_LEN_NONE:
+            return MBEDTLS_TLS_EXT_ADV_CONTENT_LEN;
+        case MBEDTLS_SSL_MAX_FRAG_LEN_512:
+            return 512;
+        case MBEDTLS_SSL_MAX_FRAG_LEN_1024:
+            return 1024;
+        case MBEDTLS_SSL_MAX_FRAG_LEN_2048:
+            return 2048;
+        case MBEDTLS_SSL_MAX_FRAG_LEN_4096:
+            return 4096;
+        default:
+            return MBEDTLS_TLS_EXT_ADV_CONTENT_LEN;
+    }
+}
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+int mbedtls_ssl_session_copy(mbedtls_ssl_session *dst,
+                             const mbedtls_ssl_session *src)
+{
+    mbedtls_ssl_session_free(dst);
+    memcpy(dst, src, sizeof(mbedtls_ssl_session));
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
+    dst->ticket = NULL;
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    if (src->peer_cert != NULL) {
+        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+        dst->peer_cert = mbedtls_calloc(1, sizeof(mbedtls_x509_crt));
+        if (dst->peer_cert == NULL) {
+            return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+        }
+
+        mbedtls_x509_crt_init(dst->peer_cert);
+
+        if ((ret = mbedtls_x509_crt_parse_der(dst->peer_cert, src->peer_cert->raw.p,
+                                              src->peer_cert->raw.len)) != 0) {
+            mbedtls_free(dst->peer_cert);
+            dst->peer_cert = NULL;
+            return ret;
+        }
+    }
+#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+    if (src->peer_cert_digest != NULL) {
+        dst->peer_cert_digest =
+            mbedtls_calloc(1, src->peer_cert_digest_len);
+        if (dst->peer_cert_digest == NULL) {
+            return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+        }
+
+        memcpy(dst->peer_cert_digest, src->peer_cert_digest,
+               src->peer_cert_digest_len);
+        dst->peer_cert_digest_type = src->peer_cert_digest_type;
+        dst->peer_cert_digest_len = src->peer_cert_digest_len;
+    }
+#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
+    if (src->ticket != NULL) {
+        dst->ticket = mbedtls_calloc(1, src->ticket_len);
+        if (dst->ticket == NULL) {
+            return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+        }
+
+        memcpy(dst->ticket, src->ticket, src->ticket_len);
+    }
+#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
+
+    return 0;
+}
+
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int resize_buffer(unsigned char **buffer, size_t len_new, size_t *len_old)
+{
+    unsigned char *resized_buffer = mbedtls_calloc(1, len_new);
+    if (resized_buffer == NULL) {
+        return -1;
+    }
+
+    /* We want to copy len_new bytes when downsizing the buffer, and
+     * len_old bytes when upsizing, so we choose the smaller of two sizes,
+     * to fit one buffer into another. Size checks, ensuring that no data is
+     * lost, are done outside of this function. */
+    memcpy(resized_buffer, *buffer,
+           (len_new < *len_old) ? len_new : *len_old);
+    mbedtls_platform_zeroize(*buffer, *len_old);
+    mbedtls_free(*buffer);
+
+    *buffer = resized_buffer;
+    *len_old = len_new;
+
+    return 0;
+}
+
+static void handle_buffer_resizing(mbedtls_ssl_context *ssl, int downsizing,
+                                   size_t in_buf_new_len,
+                                   size_t out_buf_new_len)
+{
+    int modified = 0;
+    size_t written_in = 0, iv_offset_in = 0, len_offset_in = 0;
+    size_t written_out = 0, iv_offset_out = 0, len_offset_out = 0;
+    if (ssl->in_buf != NULL) {
+        written_in = ssl->in_msg - ssl->in_buf;
+        iv_offset_in = ssl->in_iv - ssl->in_buf;
+        len_offset_in = ssl->in_len - ssl->in_buf;
+        if (downsizing ?
+            ssl->in_buf_len > in_buf_new_len && ssl->in_left < in_buf_new_len :
+            ssl->in_buf_len < in_buf_new_len) {
+            if (resize_buffer(&ssl->in_buf, in_buf_new_len, &ssl->in_buf_len) != 0) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("input buffer resizing failed - out of memory"));
+            } else {
+                MBEDTLS_SSL_DEBUG_MSG(2, ("Reallocating in_buf to %" MBEDTLS_PRINTF_SIZET,
+                                          in_buf_new_len));
+                modified = 1;
+            }
+        }
+    }
+
+    if (ssl->out_buf != NULL) {
+        written_out = ssl->out_msg - ssl->out_buf;
+        iv_offset_out = ssl->out_iv - ssl->out_buf;
+        len_offset_out = ssl->out_len - ssl->out_buf;
+        if (downsizing ?
+            ssl->out_buf_len > out_buf_new_len && ssl->out_left < out_buf_new_len :
+            ssl->out_buf_len < out_buf_new_len) {
+            if (resize_buffer(&ssl->out_buf, out_buf_new_len, &ssl->out_buf_len) != 0) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("output buffer resizing failed - out of memory"));
+            } else {
+                MBEDTLS_SSL_DEBUG_MSG(2, ("Reallocating out_buf to %" MBEDTLS_PRINTF_SIZET,
+                                          out_buf_new_len));
+                modified = 1;
+            }
+        }
+    }
+    if (modified) {
+        /* Update pointers here to avoid doing it twice. */
+        mbedtls_ssl_reset_in_out_pointers(ssl);
+        /* Fields below might not be properly updated with record
+         * splitting or with CID, so they are manually updated here. */
+        ssl->out_msg = ssl->out_buf + written_out;
+        ssl->out_len = ssl->out_buf + len_offset_out;
+        ssl->out_iv = ssl->out_buf + iv_offset_out;
+
+        ssl->in_msg = ssl->in_buf + written_in;
+        ssl->in_len = ssl->in_buf + len_offset_in;
+        ssl->in_iv = ssl->in_buf + iv_offset_in;
+    }
+}
+#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */
+
+/*
+ * Key material generation
+ */
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl3_prf(const unsigned char *secret, size_t slen,
+                    const char *label,
+                    const unsigned char *random, size_t rlen,
+                    unsigned char *dstbuf, size_t dlen)
+{
+    int ret = 0;
+    size_t i;
+    mbedtls_md5_context md5;
+    mbedtls_sha1_context sha1;
+    unsigned char padding[16];
+    unsigned char sha1sum[20];
+    ((void) label);
+
+    mbedtls_md5_init(&md5);
+    mbedtls_sha1_init(&sha1);
+
+    /*
+     *  SSLv3:
+     *    block =
+     *      MD5( secret + SHA1( 'A'    + secret + random ) ) +
+     *      MD5( secret + SHA1( 'BB'   + secret + random ) ) +
+     *      MD5( secret + SHA1( 'CCC'  + secret + random ) ) +
+     *      ...
+     */
+    for (i = 0; i < dlen / 16; i++) {
+        memset(padding, (unsigned char) ('A' + i), 1 + i);
+
+        if ((ret = mbedtls_sha1_starts_ret(&sha1)) != 0) {
+            goto exit;
+        }
+        if ((ret = mbedtls_sha1_update_ret(&sha1, padding, 1 + i)) != 0) {
+            goto exit;
+        }
+        if ((ret = mbedtls_sha1_update_ret(&sha1, secret, slen)) != 0) {
+            goto exit;
+        }
+        if ((ret = mbedtls_sha1_update_ret(&sha1, random, rlen)) != 0) {
+            goto exit;
+        }
+        if ((ret = mbedtls_sha1_finish_ret(&sha1, sha1sum)) != 0) {
+            goto exit;
+        }
+
+        if ((ret = mbedtls_md5_starts_ret(&md5)) != 0) {
+            goto exit;
+        }
+        if ((ret = mbedtls_md5_update_ret(&md5, secret, slen)) != 0) {
+            goto exit;
+        }
+        if ((ret = mbedtls_md5_update_ret(&md5, sha1sum, 20)) != 0) {
+            goto exit;
+        }
+        if ((ret = mbedtls_md5_finish_ret(&md5, dstbuf + i * 16)) != 0) {
+            goto exit;
+        }
+    }
+
+exit:
+    mbedtls_md5_free(&md5);
+    mbedtls_sha1_free(&sha1);
+
+    mbedtls_platform_zeroize(padding, sizeof(padding));
+    mbedtls_platform_zeroize(sha1sum, sizeof(sha1sum));
+
+    return ret;
+}
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int tls1_prf(const unsigned char *secret, size_t slen,
+                    const char *label,
+                    const unsigned char *random, size_t rlen,
+                    unsigned char *dstbuf, size_t dlen)
+{
+    size_t nb, hs;
+    size_t i, j, k;
+    const unsigned char *S1, *S2;
+    unsigned char *tmp;
+    size_t tmp_len = 0;
+    unsigned char h_i[20];
+    const mbedtls_md_info_t *md_info;
+    mbedtls_md_context_t md_ctx;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    mbedtls_md_init(&md_ctx);
+
+    tmp_len = 20 + strlen(label) + rlen;
+    tmp = mbedtls_calloc(1, tmp_len);
+    if (tmp == NULL) {
+        ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
+        goto exit;
+    }
+
+    hs = (slen + 1) / 2;
+    S1 = secret;
+    S2 = secret + slen - hs;
+
+    nb = strlen(label);
+    memcpy(tmp + 20, label, nb);
+    memcpy(tmp + 20 + nb, random, rlen);
+    nb += rlen;
+
+    /*
+     * First compute P_md5(secret,label+random)[0..dlen]
+     */
+    if ((md_info = mbedtls_md_info_from_type(MBEDTLS_MD_MD5)) == NULL) {
+        ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        goto exit;
+    }
+
+    if ((ret = mbedtls_md_setup(&md_ctx, md_info, 1)) != 0) {
+        goto exit;
+    }
+
+    ret = mbedtls_md_hmac_starts(&md_ctx, S1, hs);
+    if (ret != 0) {
+        goto exit;
+    }
+    ret = mbedtls_md_hmac_update(&md_ctx, tmp + 20, nb);
+    if (ret != 0) {
+        goto exit;
+    }
+    ret = mbedtls_md_hmac_finish(&md_ctx, 4 + tmp);
+    if (ret != 0) {
+        goto exit;
+    }
+
+    for (i = 0; i < dlen; i += 16) {
+        ret = mbedtls_md_hmac_reset(&md_ctx);
+        if (ret != 0) {
+            goto exit;
+        }
+        ret = mbedtls_md_hmac_update(&md_ctx, 4 + tmp, 16 + nb);
+        if (ret != 0) {
+            goto exit;
+        }
+        ret = mbedtls_md_hmac_finish(&md_ctx, h_i);
+        if (ret != 0) {
+            goto exit;
+        }
+
+        ret = mbedtls_md_hmac_reset(&md_ctx);
+        if (ret != 0) {
+            goto exit;
+        }
+        ret = mbedtls_md_hmac_update(&md_ctx, 4 + tmp, 16);
+        if (ret != 0) {
+            goto exit;
+        }
+        ret = mbedtls_md_hmac_finish(&md_ctx, 4 + tmp);
+        if (ret != 0) {
+            goto exit;
+        }
+
+        k = (i + 16 > dlen) ? dlen % 16 : 16;
+
+        for (j = 0; j < k; j++) {
+            dstbuf[i + j]  = h_i[j];
+        }
+    }
+
+    mbedtls_md_free(&md_ctx);
+
+    /*
+     * XOR out with P_sha1(secret,label+random)[0..dlen]
+     */
+    if ((md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1)) == NULL) {
+        ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        goto exit;
+    }
+
+    if ((ret = mbedtls_md_setup(&md_ctx, md_info, 1)) != 0) {
+        goto exit;
+    }
+
+    ret = mbedtls_md_hmac_starts(&md_ctx, S2, hs);
+    if (ret != 0) {
+        goto exit;
+    }
+    ret = mbedtls_md_hmac_update(&md_ctx, tmp + 20, nb);
+    if (ret != 0) {
+        goto exit;
+    }
+    ret = mbedtls_md_hmac_finish(&md_ctx, tmp);
+    if (ret != 0) {
+        goto exit;
+    }
+
+    for (i = 0; i < dlen; i += 20) {
+        ret = mbedtls_md_hmac_reset(&md_ctx);
+        if (ret != 0) {
+            goto exit;
+        }
+        ret = mbedtls_md_hmac_update(&md_ctx, tmp, 20 + nb);
+        if (ret != 0) {
+            goto exit;
+        }
+        ret = mbedtls_md_hmac_finish(&md_ctx, h_i);
+        if (ret != 0) {
+            goto exit;
+        }
+
+        ret = mbedtls_md_hmac_reset(&md_ctx);
+        if (ret != 0) {
+            goto exit;
+        }
+        ret = mbedtls_md_hmac_update(&md_ctx, tmp, 20);
+        if (ret != 0) {
+            goto exit;
+        }
+        ret = mbedtls_md_hmac_finish(&md_ctx, tmp);
+        if (ret != 0) {
+            goto exit;
+        }
+
+        k = (i + 20 > dlen) ? dlen % 20 : 20;
+
+        for (j = 0; j < k; j++) {
+            dstbuf[i + j] = (unsigned char) (dstbuf[i + j] ^ h_i[j]);
+        }
+    }
+
+exit:
+    mbedtls_md_free(&md_ctx);
+
+    mbedtls_platform_zeroize(tmp, tmp_len);
+    mbedtls_platform_zeroize(h_i, sizeof(h_i));
+
+    mbedtls_free(tmp);
+    return ret;
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1) || MBEDTLS_SSL_PROTO_TLS1_1 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+
+static psa_status_t setup_psa_key_derivation(psa_key_derivation_operation_t *derivation,
+                                             psa_key_id_t key,
+                                             psa_algorithm_t alg,
+                                             const unsigned char *seed, size_t seed_length,
+                                             const unsigned char *label, size_t label_length,
+                                             size_t capacity)
+{
+    psa_status_t status;
+
+    status = psa_key_derivation_setup(derivation, alg);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    if (PSA_ALG_IS_TLS12_PRF(alg) || PSA_ALG_IS_TLS12_PSK_TO_MS(alg)) {
+        status = psa_key_derivation_input_bytes(derivation,
+                                                PSA_KEY_DERIVATION_INPUT_SEED,
+                                                seed, seed_length);
+        if (status != PSA_SUCCESS) {
+            return status;
+        }
+
+        if (mbedtls_svc_key_id_is_null(key)) {
+            status = psa_key_derivation_input_bytes(
+                derivation, PSA_KEY_DERIVATION_INPUT_SECRET,
+                NULL, 0);
+        } else {
+            status = psa_key_derivation_input_key(
+                derivation, PSA_KEY_DERIVATION_INPUT_SECRET, key);
+        }
+        if (status != PSA_SUCCESS) {
+            return status;
+        }
+
+        status = psa_key_derivation_input_bytes(derivation,
+                                                PSA_KEY_DERIVATION_INPUT_LABEL,
+                                                label, label_length);
+        if (status != PSA_SUCCESS) {
+            return status;
+        }
+    } else {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    status = psa_key_derivation_set_capacity(derivation, capacity);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    return PSA_SUCCESS;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int tls_prf_generic(mbedtls_md_type_t md_type,
+                           const unsigned char *secret, size_t slen,
+                           const char *label,
+                           const unsigned char *random, size_t rlen,
+                           unsigned char *dstbuf, size_t dlen)
+{
+    psa_status_t status;
+    psa_algorithm_t alg;
+    psa_key_id_t master_key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_derivation_operation_t derivation =
+        PSA_KEY_DERIVATION_OPERATION_INIT;
+
+    if (md_type == MBEDTLS_MD_SHA384) {
+        alg = PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384);
+    } else {
+        alg = PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256);
+    }
+
+    /* Normally a "secret" should be long enough to be impossible to
+     * find by brute force, and in particular should not be empty. But
+     * this PRF is also used to derive an IV, in particular in EAP-TLS,
+     * and for this use case it makes sense to have a 0-length "secret".
+     * Since the key API doesn't allow importing a key of length 0,
+     * keep master_key=0, which setup_psa_key_derivation() understands
+     * to mean a 0-length "secret" input. */
+    if (slen != 0) {
+        psa_key_attributes_t key_attributes = psa_key_attributes_init();
+        psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE);
+        psa_set_key_algorithm(&key_attributes, alg);
+        psa_set_key_type(&key_attributes, PSA_KEY_TYPE_DERIVE);
+
+        status = psa_import_key(&key_attributes, secret, slen, &master_key);
+        if (status != PSA_SUCCESS) {
+            return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        }
+    }
+
+    status = setup_psa_key_derivation(&derivation,
+                                      master_key, alg,
+                                      random, rlen,
+                                      (unsigned char const *) label,
+                                      (size_t) strlen(label),
+                                      dlen);
+    if (status != PSA_SUCCESS) {
+        psa_key_derivation_abort(&derivation);
+        psa_destroy_key(master_key);
+        return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+    }
+
+    status = psa_key_derivation_output_bytes(&derivation, dstbuf, dlen);
+    if (status != PSA_SUCCESS) {
+        psa_key_derivation_abort(&derivation);
+        psa_destroy_key(master_key);
+        return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+    }
+
+    status = psa_key_derivation_abort(&derivation);
+    if (status != PSA_SUCCESS) {
+        psa_destroy_key(master_key);
+        return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+    }
+
+    if (!mbedtls_svc_key_id_is_null(master_key)) {
+        status = psa_destroy_key(master_key);
+    }
+    if (status != PSA_SUCCESS) {
+        return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+    }
+
+    return 0;
+}
+
+#else /* MBEDTLS_USE_PSA_CRYPTO */
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int tls_prf_generic(mbedtls_md_type_t md_type,
+                           const unsigned char *secret, size_t slen,
+                           const char *label,
+                           const unsigned char *random, size_t rlen,
+                           unsigned char *dstbuf, size_t dlen)
+{
+    size_t nb;
+    size_t i, j, k, md_len;
+    unsigned char *tmp;
+    size_t tmp_len = 0;
+    unsigned char h_i[MBEDTLS_MD_MAX_SIZE];
+    const mbedtls_md_info_t *md_info;
+    mbedtls_md_context_t md_ctx;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    mbedtls_md_init(&md_ctx);
+
+    if ((md_info = mbedtls_md_info_from_type(md_type)) == NULL) {
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    md_len = mbedtls_md_get_size(md_info);
+
+    tmp_len = md_len + strlen(label) + rlen;
+    tmp = mbedtls_calloc(1, tmp_len);
+    if (tmp == NULL) {
+        ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
+        goto exit;
+    }
+
+    nb = strlen(label);
+    memcpy(tmp + md_len, label, nb);
+    memcpy(tmp + md_len + nb, random, rlen);
+    nb += rlen;
+
+    /*
+     * Compute P_<hash>(secret, label + random)[0..dlen]
+     */
+    if ((ret = mbedtls_md_setup(&md_ctx, md_info, 1)) != 0) {
+        goto exit;
+    }
+
+    ret = mbedtls_md_hmac_starts(&md_ctx, secret, slen);
+    if (ret != 0) {
+        goto exit;
+    }
+    ret = mbedtls_md_hmac_update(&md_ctx, tmp + md_len, nb);
+    if (ret != 0) {
+        goto exit;
+    }
+    ret = mbedtls_md_hmac_finish(&md_ctx, tmp);
+    if (ret != 0) {
+        goto exit;
+    }
+
+    for (i = 0; i < dlen; i += md_len) {
+        ret = mbedtls_md_hmac_reset(&md_ctx);
+        if (ret != 0) {
+            goto exit;
+        }
+        ret = mbedtls_md_hmac_update(&md_ctx, tmp, md_len + nb);
+        if (ret != 0) {
+            goto exit;
+        }
+        ret = mbedtls_md_hmac_finish(&md_ctx, h_i);
+        if (ret != 0) {
+            goto exit;
+        }
+
+        ret = mbedtls_md_hmac_reset(&md_ctx);
+        if (ret != 0) {
+            goto exit;
+        }
+        ret = mbedtls_md_hmac_update(&md_ctx, tmp, md_len);
+        if (ret != 0) {
+            goto exit;
+        }
+        ret = mbedtls_md_hmac_finish(&md_ctx, tmp);
+        if (ret != 0) {
+            goto exit;
+        }
+
+        k = (i + md_len > dlen) ? dlen % md_len : md_len;
+
+        for (j = 0; j < k; j++) {
+            dstbuf[i + j]  = h_i[j];
+        }
+    }
+
+exit:
+    mbedtls_md_free(&md_ctx);
+
+    if (tmp != NULL) {
+        mbedtls_platform_zeroize(tmp, tmp_len);
+    }
+
+    mbedtls_platform_zeroize(h_i, sizeof(h_i));
+
+    mbedtls_free(tmp);
+
+    return ret;
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#if defined(MBEDTLS_SHA256_C)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int tls_prf_sha256(const unsigned char *secret, size_t slen,
+                          const char *label,
+                          const unsigned char *random, size_t rlen,
+                          unsigned char *dstbuf, size_t dlen)
+{
+    return tls_prf_generic(MBEDTLS_MD_SHA256, secret, slen,
+                           label, random, rlen, dstbuf, dlen);
+}
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int tls_prf_sha384(const unsigned char *secret, size_t slen,
+                          const char *label,
+                          const unsigned char *random, size_t rlen,
+                          unsigned char *dstbuf, size_t dlen)
+{
+    return tls_prf_generic(MBEDTLS_MD_SHA384, secret, slen,
+                           label, random, rlen, dstbuf, dlen);
+}
+#endif /* MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384 */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+static void ssl_update_checksum_start(mbedtls_ssl_context *, const unsigned char *, size_t);
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+static void ssl_update_checksum_md5sha1(mbedtls_ssl_context *, const unsigned char *, size_t);
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+static void ssl_calc_verify_ssl(const mbedtls_ssl_context *, unsigned char *, size_t *);
+static void ssl_calc_finished_ssl(mbedtls_ssl_context *, unsigned char *, int);
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
+static void ssl_calc_verify_tls(const mbedtls_ssl_context *, unsigned char *, size_t *);
+static void ssl_calc_finished_tls(mbedtls_ssl_context *, unsigned char *, int);
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA256_C)
+static void ssl_update_checksum_sha256(mbedtls_ssl_context *, const unsigned char *, size_t);
+static void ssl_calc_verify_tls_sha256(const mbedtls_ssl_context *, unsigned char *, size_t *);
+static void ssl_calc_finished_tls_sha256(mbedtls_ssl_context *, unsigned char *, int);
+#endif
+
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+static void ssl_update_checksum_sha384(mbedtls_ssl_context *, const unsigned char *, size_t);
+static void ssl_calc_verify_tls_sha384(const mbedtls_ssl_context *, unsigned char *, size_t *);
+static void ssl_calc_finished_tls_sha384(mbedtls_ssl_context *, unsigned char *, int);
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) && \
+    defined(MBEDTLS_USE_PSA_CRYPTO)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_use_opaque_psk(mbedtls_ssl_context const *ssl)
+{
+    if (ssl->conf->f_psk != NULL) {
+        /* If we've used a callback to select the PSK,
+         * the static configuration is irrelevant. */
+        if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) {
+            return 1;
+        }
+
+        return 0;
+    }
+
+    if (!mbedtls_svc_key_id_is_null(ssl->conf->psk_opaque)) {
+        return 1;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO &&
+          MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+static mbedtls_tls_prf_types tls_prf_get_type(mbedtls_ssl_tls_prf_cb *tls_prf)
+{
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    if (tls_prf == ssl3_prf) {
+        return MBEDTLS_SSL_TLS_PRF_SSL3;
+    } else
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
+    if (tls_prf == tls1_prf) {
+        return MBEDTLS_SSL_TLS_PRF_TLS1;
+    } else
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+    if (tls_prf == tls_prf_sha384) {
+        return MBEDTLS_SSL_TLS_PRF_SHA384;
+    } else
+#endif
+#if defined(MBEDTLS_SHA256_C)
+    if (tls_prf == tls_prf_sha256) {
+        return MBEDTLS_SSL_TLS_PRF_SHA256;
+    } else
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+    return MBEDTLS_SSL_TLS_PRF_NONE;
+}
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
+int  mbedtls_ssl_tls_prf(const mbedtls_tls_prf_types prf,
+                         const unsigned char *secret, size_t slen,
+                         const char *label,
+                         const unsigned char *random, size_t rlen,
+                         unsigned char *dstbuf, size_t dlen)
+{
+    mbedtls_ssl_tls_prf_cb *tls_prf = NULL;
+
+    switch (prf) {
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+        case MBEDTLS_SSL_TLS_PRF_SSL3:
+            tls_prf = ssl3_prf;
+            break;
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
+        case MBEDTLS_SSL_TLS_PRF_TLS1:
+            tls_prf = tls1_prf;
+            break;
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+        case MBEDTLS_SSL_TLS_PRF_SHA384:
+            tls_prf = tls_prf_sha384;
+            break;
+#endif /* MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384 */
+#if defined(MBEDTLS_SHA256_C)
+        case MBEDTLS_SSL_TLS_PRF_SHA256:
+            tls_prf = tls_prf_sha256;
+            break;
+#endif /* MBEDTLS_SHA256_C */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+        default:
+            return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+    }
+
+    return tls_prf(secret, slen, label, random, rlen, dstbuf, dlen);
+}
+
+/* Type for the TLS PRF */
+typedef int ssl_tls_prf_t(const unsigned char *, size_t, const char *,
+                          const unsigned char *, size_t,
+                          unsigned char *, size_t);
+
+/*
+ * Populate a transform structure with session keys and all the other
+ * necessary information.
+ *
+ * Parameters:
+ * - [in/out]: transform: structure to populate
+ *      [in] must be just initialised with mbedtls_ssl_transform_init()
+ *      [out] fully populated, ready for use by mbedtls_ssl_{en,de}crypt_buf()
+ * - [in] ciphersuite
+ * - [in] master
+ * - [in] encrypt_then_mac
+ * - [in] trunc_hmac
+ * - [in] compression
+ * - [in] tls_prf: pointer to PRF to use for key derivation
+ * - [in] randbytes: buffer holding ServerHello.random + ClientHello.random
+ * - [in] minor_ver: SSL/TLS minor version
+ * - [in] endpoint: client or server
+ * - [in] ssl: optionally used for:
+ *        - MBEDTLS_SSL_HW_RECORD_ACCEL: whole context (non-const)
+ *        - MBEDTLS_SSL_EXPORT_KEYS: ssl->conf->{f,p}_export_keys
+ *        - MBEDTLS_DEBUG_C: ssl->conf->{f,p}_dbg
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_populate_transform(mbedtls_ssl_transform *transform,
+                                  int ciphersuite,
+                                  const unsigned char master[48],
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+                                  int encrypt_then_mac,
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+                                  int trunc_hmac,
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+                                  int compression,
+#endif
+                                  ssl_tls_prf_t tls_prf,
+                                  const unsigned char randbytes[64],
+                                  int minor_ver,
+                                  unsigned endpoint,
+#if !defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+                                  const
+#endif
+                                  mbedtls_ssl_context *ssl)
+{
+    int ret = 0;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    int psa_fallthrough;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    int do_mbedtls_cipher_setup;
+    unsigned char keyblk[256];
+    unsigned char *key1;
+    unsigned char *key2;
+    unsigned char *mac_enc;
+    unsigned char *mac_dec;
+    size_t mac_key_len = 0;
+    size_t iv_copy_len;
+    unsigned keylen;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
+    const mbedtls_cipher_info_t *cipher_info;
+    const mbedtls_md_info_t *md_info;
+
+#if !defined(MBEDTLS_SSL_HW_RECORD_ACCEL) && \
+    !defined(MBEDTLS_SSL_EXPORT_KEYS) && \
+    !defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) && \
+    !defined(MBEDTLS_DEBUG_C)
+    ssl = NULL; /* make sure we don't use it except for those cases */
+    (void) ssl;
+#endif
+
+    /*
+     * Some data just needs copying into the structure
+     */
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \
+    defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+    transform->encrypt_then_mac = encrypt_then_mac;
+#endif
+    transform->minor_ver = minor_ver;
+
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+    memcpy(transform->randbytes, randbytes, sizeof(transform->randbytes));
+#endif
+
+    /*
+     * Get various info structures
+     */
+    ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(ciphersuite);
+    if (ciphersuite_info == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("ciphersuite info for %d not found",
+                                  ciphersuite));
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    cipher_info = mbedtls_cipher_info_from_type(ciphersuite_info->cipher);
+    if (cipher_info == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("cipher info for %u not found",
+                                  ciphersuite_info->cipher));
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    md_info = mbedtls_md_info_from_type(ciphersuite_info->mac);
+    if (md_info == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("mbedtls_md info for %u not found",
+                                  (unsigned) ciphersuite_info->mac));
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    /* Copy own and peer's CID if the use of the CID
+     * extension has been negotiated. */
+    if (ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_ENABLED) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("Copy CIDs into SSL transform"));
+
+        transform->in_cid_len = ssl->own_cid_len;
+        memcpy(transform->in_cid, ssl->own_cid, ssl->own_cid_len);
+        MBEDTLS_SSL_DEBUG_BUF(3, "Incoming CID", transform->in_cid,
+                              transform->in_cid_len);
+
+        transform->out_cid_len = ssl->handshake->peer_cid_len;
+        memcpy(transform->out_cid, ssl->handshake->peer_cid,
+               ssl->handshake->peer_cid_len);
+        MBEDTLS_SSL_DEBUG_BUF(3, "Outgoing CID", transform->out_cid,
+                              transform->out_cid_len);
+    }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+    /*
+     * Compute key block using the PRF
+     */
+    ret = tls_prf(master, 48, "key expansion", randbytes, 64, keyblk, 256);
+    if (ret != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "prf", ret);
+        return ret;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite = %s",
+                              mbedtls_ssl_get_ciphersuite_name(ciphersuite)));
+    MBEDTLS_SSL_DEBUG_BUF(3, "master secret", master, 48);
+    MBEDTLS_SSL_DEBUG_BUF(4, "random bytes", randbytes, 64);
+    MBEDTLS_SSL_DEBUG_BUF(4, "key block", keyblk, 256);
+
+    /*
+     * Determine the appropriate key, IV and MAC length.
+     */
+
+    keylen = cipher_info->key_bitlen / 8;
+
+#if defined(MBEDTLS_GCM_C) ||                           \
+    defined(MBEDTLS_CCM_C) ||                           \
+    defined(MBEDTLS_CHACHAPOLY_C)
+    if (cipher_info->mode == MBEDTLS_MODE_GCM ||
+        cipher_info->mode == MBEDTLS_MODE_CCM ||
+        cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY) {
+        size_t explicit_ivlen;
+
+        transform->maclen = 0;
+        mac_key_len = 0;
+        transform->taglen =
+            ciphersuite_info->flags & MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16;
+
+        /* All modes haves 96-bit IVs, but the length of the static parts vary
+         * with mode and version:
+         * - For GCM and CCM in TLS 1.2, there's a static IV of 4 Bytes
+         *   (to be concatenated with a dynamically chosen IV of 8 Bytes)
+         * - For ChaChaPoly in TLS 1.2, and all modes in TLS 1.3, there's
+         *   a static IV of 12 Bytes (to be XOR'ed with the 8 Byte record
+         *   sequence number).
+         */
+        transform->ivlen = 12;
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+        if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_4) {
+            transform->fixed_ivlen = 12;
+        } else
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+        {
+            if (cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY) {
+                transform->fixed_ivlen = 12;
+            } else {
+                transform->fixed_ivlen = 4;
+            }
+        }
+
+        /* Minimum length of encrypted record */
+        explicit_ivlen = transform->ivlen - transform->fixed_ivlen;
+        transform->minlen = explicit_ivlen + transform->taglen;
+    } else
+#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+    if (cipher_info->mode == MBEDTLS_MODE_STREAM ||
+        cipher_info->mode == MBEDTLS_MODE_CBC) {
+        /* Initialize HMAC contexts */
+        if ((ret = mbedtls_md_setup(&transform->md_ctx_enc, md_info, 1)) != 0 ||
+            (ret = mbedtls_md_setup(&transform->md_ctx_dec, md_info, 1)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_setup", ret);
+            goto end;
+        }
+
+        /* Get MAC length */
+        mac_key_len = mbedtls_md_get_size(md_info);
+        transform->maclen = mac_key_len;
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+        /*
+         * If HMAC is to be truncated, we shall keep the leftmost bytes,
+         * (rfc 6066 page 13 or rfc 2104 section 4),
+         * so we only need to adjust the length here.
+         */
+        if (trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED) {
+            transform->maclen = MBEDTLS_SSL_TRUNCATED_HMAC_LEN;
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT)
+            /* Fall back to old, non-compliant version of the truncated
+             * HMAC implementation which also truncates the key
+             * (Mbed TLS versions from 1.3 to 2.6.0) */
+            mac_key_len = transform->maclen;
+#endif
+        }
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+        /* IV length */
+        transform->ivlen = cipher_info->iv_size;
+
+        /* Minimum length */
+        if (cipher_info->mode == MBEDTLS_MODE_STREAM) {
+            transform->minlen = transform->maclen;
+        } else {
+            /*
+             * GenericBlockCipher:
+             * 1. if EtM is in use: one block plus MAC
+             *    otherwise: * first multiple of blocklen greater than maclen
+             * 2. IV except for SSL3 and TLS 1.0
+             */
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+            if (encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED) {
+                transform->minlen = transform->maclen
+                                    + cipher_info->block_size;
+            } else
+#endif
+            {
+                transform->minlen = transform->maclen
+                                    + cipher_info->block_size
+                                    - transform->maclen % cipher_info->block_size;
+            }
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1)
+            if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ||
+                minor_ver == MBEDTLS_SSL_MINOR_VERSION_1) {
+                ; /* No need to adjust minlen */
+            } else
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
+            if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_2 ||
+                minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) {
+                transform->minlen += transform->ivlen;
+            } else
+#endif
+            {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+                ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+                goto end;
+            }
+        }
+    } else
+#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
+    {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("keylen: %u, minlen: %u, ivlen: %u, maclen: %u",
+                              (unsigned) keylen,
+                              (unsigned) transform->minlen,
+                              (unsigned) transform->ivlen,
+                              (unsigned) transform->maclen));
+
+    /*
+     * Finally setup the cipher contexts, IVs and MAC secrets.
+     */
+#if defined(MBEDTLS_SSL_CLI_C)
+    if (endpoint == MBEDTLS_SSL_IS_CLIENT) {
+        key1 = keyblk + mac_key_len * 2;
+        key2 = keyblk + mac_key_len * 2 + keylen;
+
+        mac_enc = keyblk;
+        mac_dec = keyblk + mac_key_len;
+
+        /*
+         * This is not used in TLS v1.1.
+         */
+        iv_copy_len = (transform->fixed_ivlen) ?
+                      transform->fixed_ivlen : transform->ivlen;
+        memcpy(transform->iv_enc, key2 + keylen,  iv_copy_len);
+        memcpy(transform->iv_dec, key2 + keylen + iv_copy_len,
+               iv_copy_len);
+    } else
+#endif /* MBEDTLS_SSL_CLI_C */
+#if defined(MBEDTLS_SSL_SRV_C)
+    if (endpoint == MBEDTLS_SSL_IS_SERVER) {
+        key1 = keyblk + mac_key_len * 2 + keylen;
+        key2 = keyblk + mac_key_len * 2;
+
+        mac_enc = keyblk + mac_key_len;
+        mac_dec = keyblk;
+
+        /*
+         * This is not used in TLS v1.1.
+         */
+        iv_copy_len = (transform->fixed_ivlen) ?
+                      transform->fixed_ivlen : transform->ivlen;
+        memcpy(transform->iv_dec, key1 + keylen,  iv_copy_len);
+        memcpy(transform->iv_enc, key1 + keylen + iv_copy_len,
+               iv_copy_len);
+    } else
+#endif /* MBEDTLS_SSL_SRV_C */
+    {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        goto end;
+    }
+
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) {
+        if (mac_key_len > sizeof(transform->mac_enc)) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+            ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+            goto end;
+        }
+
+        memcpy(transform->mac_enc, mac_enc, mac_key_len);
+        memcpy(transform->mac_dec, mac_dec, mac_key_len);
+    } else
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if (minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1) {
+        /* For HMAC-based ciphersuites, initialize the HMAC transforms.
+           For AEAD-based ciphersuites, there is nothing to do here. */
+        if (mac_key_len != 0) {
+            ret = mbedtls_md_hmac_starts(&transform->md_ctx_enc,
+                                         mac_enc, mac_key_len);
+            if (ret != 0) {
+                goto end;
+            }
+            ret = mbedtls_md_hmac_starts(&transform->md_ctx_dec,
+                                         mac_dec, mac_key_len);
+            if (ret != 0) {
+                goto end;
+            }
+        }
+    } else
+#endif
+    {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        goto end;
+    }
+#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+    if (mbedtls_ssl_hw_record_init != NULL) {
+        ret = 0;
+
+        MBEDTLS_SSL_DEBUG_MSG(2, ("going for mbedtls_ssl_hw_record_init()"));
+
+        if ((ret = mbedtls_ssl_hw_record_init(ssl, key1, key2, keylen,
+                                              transform->iv_enc, transform->iv_dec,
+                                              iv_copy_len,
+                                              mac_enc, mac_dec,
+                                              mac_key_len)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_init", ret);
+            ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+            goto end;
+        }
+    }
+#else
+    ((void) mac_dec);
+    ((void) mac_enc);
+#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+    if (ssl->conf->f_export_keys != NULL) {
+        ssl->conf->f_export_keys(ssl->conf->p_export_keys,
+                                 master, keyblk,
+                                 mac_key_len, keylen,
+                                 iv_copy_len);
+    }
+
+    if (ssl->conf->f_export_keys_ext != NULL) {
+        ssl->conf->f_export_keys_ext(ssl->conf->p_export_keys,
+                                     master, keyblk,
+                                     mac_key_len, keylen,
+                                     iv_copy_len,
+                                     randbytes + 32,
+                                     randbytes,
+                                     tls_prf_get_type(tls_prf));
+    }
+#endif
+
+    do_mbedtls_cipher_setup = 1;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+
+    /* Only use PSA-based ciphers for TLS-1.2.
+     * That's relevant at least for TLS-1.0, where
+     * we assume that mbedtls_cipher_crypt() updates
+     * the structure field for the IV, which the PSA-based
+     * implementation currently doesn't. */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) {
+        ret = mbedtls_cipher_setup_psa(&transform->cipher_ctx_enc,
+                                       cipher_info, transform->taglen);
+        if (ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setup_psa", ret);
+            goto end;
+        }
+
+        if (ret == 0) {
+            MBEDTLS_SSL_DEBUG_MSG(3, ("Successfully setup PSA-based encryption cipher context"));
+            psa_fallthrough = 0;
+        } else {
+            MBEDTLS_SSL_DEBUG_MSG(1,
+                                  (
+                                      "Failed to setup PSA-based cipher context for record encryption - fall through to default setup."));
+            psa_fallthrough = 1;
+        }
+    } else {
+        psa_fallthrough = 1;
+    }
+#else
+    psa_fallthrough = 1;
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+    if (psa_fallthrough == 0) {
+        do_mbedtls_cipher_setup = 0;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    if (do_mbedtls_cipher_setup &&
+        (ret = mbedtls_cipher_setup(&transform->cipher_ctx_enc,
+                                    cipher_info)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setup", ret);
+        goto end;
+    }
+
+    do_mbedtls_cipher_setup = 1;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    /* Only use PSA-based ciphers for TLS-1.2.
+     * That's relevant at least for TLS-1.0, where
+     * we assume that mbedtls_cipher_crypt() updates
+     * the structure field for the IV, which the PSA-based
+     * implementation currently doesn't. */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) {
+        ret = mbedtls_cipher_setup_psa(&transform->cipher_ctx_dec,
+                                       cipher_info, transform->taglen);
+        if (ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setup_psa", ret);
+            goto end;
+        }
+
+        if (ret == 0) {
+            MBEDTLS_SSL_DEBUG_MSG(3, ("Successfully setup PSA-based decryption cipher context"));
+            psa_fallthrough = 0;
+        } else {
+            MBEDTLS_SSL_DEBUG_MSG(1,
+                                  (
+                                      "Failed to setup PSA-based cipher context for record decryption - fall through to default setup."));
+            psa_fallthrough = 1;
+        }
+    } else {
+        psa_fallthrough = 1;
+    }
+#else
+    psa_fallthrough = 1;
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+    if (psa_fallthrough == 0) {
+        do_mbedtls_cipher_setup = 0;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    if (do_mbedtls_cipher_setup &&
+        (ret = mbedtls_cipher_setup(&transform->cipher_ctx_dec,
+                                    cipher_info)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setup", ret);
+        goto end;
+    }
+
+    if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_enc, key1,
+                                     cipher_info->key_bitlen,
+                                     MBEDTLS_ENCRYPT)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setkey", ret);
+        goto end;
+    }
+
+    if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_dec, key2,
+                                     cipher_info->key_bitlen,
+                                     MBEDTLS_DECRYPT)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setkey", ret);
+        goto end;
+    }
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    if (cipher_info->mode == MBEDTLS_MODE_CBC) {
+        if ((ret = mbedtls_cipher_set_padding_mode(&transform->cipher_ctx_enc,
+                                                   MBEDTLS_PADDING_NONE)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_set_padding_mode", ret);
+            goto end;
+        }
+
+        if ((ret = mbedtls_cipher_set_padding_mode(&transform->cipher_ctx_dec,
+                                                   MBEDTLS_PADDING_NONE)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_set_padding_mode", ret);
+            goto end;
+        }
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+
+    /* Initialize Zlib contexts */
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    if (compression == MBEDTLS_SSL_COMPRESS_DEFLATE) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("Initializing zlib states"));
+
+        memset(&transform->ctx_deflate, 0, sizeof(transform->ctx_deflate));
+        memset(&transform->ctx_inflate, 0, sizeof(transform->ctx_inflate));
+
+        if (deflateInit(&transform->ctx_deflate,
+                        Z_DEFAULT_COMPRESSION)   != Z_OK ||
+            inflateInit(&transform->ctx_inflate) != Z_OK) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("Failed to initialize compression"));
+            ret = MBEDTLS_ERR_SSL_COMPRESSION_FAILED;
+            goto end;
+        }
+    }
+#endif /* MBEDTLS_ZLIB_SUPPORT */
+
+end:
+    mbedtls_platform_zeroize(keyblk, sizeof(keyblk));
+    return ret;
+}
+
+/*
+ * Set appropriate PRF function and other SSL / TLS 1.0/1.1 / TLS1.2 functions
+ *
+ * Inputs:
+ * - SSL/TLS minor version
+ * - hash associated with the ciphersuite (only used by TLS 1.2)
+ *
+ * Outputs:
+ * - the tls_prf, calc_verify and calc_finished members of handshake structure
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_set_handshake_prfs(mbedtls_ssl_handshake_params *handshake,
+                                  int minor_ver,
+                                  mbedtls_md_type_t hash)
+{
+#if !defined(MBEDTLS_SSL_PROTO_TLS1_2) ||       \
+    !(defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384))
+    (void) hash;
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) {
+        handshake->tls_prf = ssl3_prf;
+        handshake->calc_verify = ssl_calc_verify_ssl;
+        handshake->calc_finished = ssl_calc_finished_ssl;
+    } else
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
+    if (minor_ver < MBEDTLS_SSL_MINOR_VERSION_3) {
+        handshake->tls_prf = tls1_prf;
+        handshake->calc_verify = ssl_calc_verify_tls;
+        handshake->calc_finished = ssl_calc_finished_tls;
+    } else
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+    if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 &&
+        hash == MBEDTLS_MD_SHA384) {
+        handshake->tls_prf = tls_prf_sha384;
+        handshake->calc_verify = ssl_calc_verify_tls_sha384;
+        handshake->calc_finished = ssl_calc_finished_tls_sha384;
+    } else
+#endif
+#if defined(MBEDTLS_SHA256_C)
+    if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) {
+        handshake->tls_prf = tls_prf_sha256;
+        handshake->calc_verify = ssl_calc_verify_tls_sha256;
+        handshake->calc_finished = ssl_calc_finished_tls_sha256;
+    } else
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+    {
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    return 0;
+}
+
+/*
+ * Compute master secret if needed
+ *
+ * Parameters:
+ * [in/out] handshake
+ *          [in] resume, premaster, extended_ms, calc_verify, tls_prf
+ *               (PSA-PSK) ciphersuite_info, psk_opaque
+ *          [out] premaster (cleared)
+ * [out] master
+ * [in] ssl: optionally used for debugging, EMS and PSA-PSK
+ *      debug: conf->f_dbg, conf->p_dbg
+ *      EMS: passed to calc_verify (debug + (SSL3) session_negotiate)
+ *      PSA-PSA: minor_ver, conf
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_compute_master(mbedtls_ssl_handshake_params *handshake,
+                              unsigned char *master,
+                              const mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    /* cf. RFC 5246, Section 8.1:
+     * "The master secret is always exactly 48 bytes in length." */
+    size_t const master_secret_len = 48;
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    unsigned char session_hash[48];
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+
+    /* The label for the KDF used for key expansion.
+     * This is either "master secret" or "extended master secret"
+     * depending on whether the Extended Master Secret extension
+     * is used. */
+    char const *lbl = "master secret";
+
+    /* The salt for the KDF used for key expansion.
+     * - If the Extended Master Secret extension is not used,
+     *   this is ClientHello.Random + ServerHello.Random
+     *   (see Sect. 8.1 in RFC 5246).
+     * - If the Extended Master Secret extension is used,
+     *   this is the transcript of the handshake so far.
+     *   (see Sect. 4 in RFC 7627). */
+    unsigned char const *salt = handshake->randbytes;
+    size_t salt_len = 64;
+
+#if !defined(MBEDTLS_DEBUG_C) &&                    \
+    !defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) && \
+    !(defined(MBEDTLS_USE_PSA_CRYPTO) &&            \
+    defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED))
+    ssl = NULL; /* make sure we don't use it except for those cases */
+    (void) ssl;
+#endif
+
+    if (handshake->resume != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("no premaster (session resumed)"));
+        return 0;
+    }
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    if (handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED) {
+        lbl  = "extended master secret";
+        salt = session_hash;
+        handshake->calc_verify(ssl, session_hash, &salt_len);
+
+        MBEDTLS_SSL_DEBUG_BUF(3, "session hash for extended master secret",
+                              session_hash, salt_len);
+    }
+#endif /* MBEDTLS_SSL_EXTENDED_MS_ENABLED */
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO) &&          \
+    defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+    if (handshake->ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK &&
+        ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 &&
+        ssl_use_opaque_psk(ssl) == 1) {
+        /* Perform PSK-to-MS expansion in a single step. */
+        psa_status_t status;
+        psa_algorithm_t alg;
+        psa_key_id_t psk;
+        psa_key_derivation_operation_t derivation =
+            PSA_KEY_DERIVATION_OPERATION_INIT;
+        mbedtls_md_type_t hash_alg = handshake->ciphersuite_info->mac;
+
+        MBEDTLS_SSL_DEBUG_MSG(2, ("perform PSA-based PSK-to-MS expansion"));
+
+        psk = mbedtls_ssl_get_opaque_psk(ssl);
+
+        if (hash_alg == MBEDTLS_MD_SHA384) {
+            alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384);
+        } else {
+            alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
+        }
+
+        status = setup_psa_key_derivation(&derivation, psk, alg,
+                                          salt, salt_len,
+                                          (unsigned char const *) lbl,
+                                          (size_t) strlen(lbl),
+                                          master_secret_len);
+        if (status != PSA_SUCCESS) {
+            psa_key_derivation_abort(&derivation);
+            return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        }
+
+        status = psa_key_derivation_output_bytes(&derivation,
+                                                 master,
+                                                 master_secret_len);
+        if (status != PSA_SUCCESS) {
+            psa_key_derivation_abort(&derivation);
+            return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        }
+
+        status = psa_key_derivation_abort(&derivation);
+        if (status != PSA_SUCCESS) {
+            return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        }
+    } else
+#endif
+    {
+        ret = handshake->tls_prf(handshake->premaster, handshake->pmslen,
+                                 lbl, salt, salt_len,
+                                 master,
+                                 master_secret_len);
+        if (ret != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "prf", ret);
+            return ret;
+        }
+
+        MBEDTLS_SSL_DEBUG_BUF(3, "premaster secret",
+                              handshake->premaster,
+                              handshake->pmslen);
+
+        mbedtls_platform_zeroize(handshake->premaster,
+                                 sizeof(handshake->premaster));
+    }
+
+    return 0;
+}
+
+int mbedtls_ssl_derive_keys(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const mbedtls_ssl_ciphersuite_t * const ciphersuite_info =
+        ssl->handshake->ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> derive keys"));
+
+    /* Set PRF, calc_verify and calc_finished function pointers */
+    ret = ssl_set_handshake_prfs(ssl->handshake,
+                                 ssl->minor_ver,
+                                 ciphersuite_info->mac);
+    if (ret != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "ssl_set_handshake_prfs", ret);
+        return ret;
+    }
+
+    /* Compute master secret if needed */
+    ret = ssl_compute_master(ssl->handshake,
+                             ssl->session_negotiate->master,
+                             ssl);
+    if (ret != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "ssl_compute_master", ret);
+        return ret;
+    }
+
+    /* Swap the client and server random values:
+     * - MS derivation wanted client+server (RFC 5246 8.1)
+     * - key derivation wants server+client (RFC 5246 6.3) */
+    {
+        unsigned char tmp[64];
+        memcpy(tmp, ssl->handshake->randbytes, 64);
+        memcpy(ssl->handshake->randbytes, tmp + 32, 32);
+        memcpy(ssl->handshake->randbytes + 32, tmp, 32);
+        mbedtls_platform_zeroize(tmp, sizeof(tmp));
+    }
+
+    /* Populate transform structure */
+    ret = ssl_populate_transform(ssl->transform_negotiate,
+                                 ssl->session_negotiate->ciphersuite,
+                                 ssl->session_negotiate->master,
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+                                 ssl->session_negotiate->encrypt_then_mac,
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+                                 ssl->session_negotiate->trunc_hmac,
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+                                 ssl->session_negotiate->compression,
+#endif
+                                 ssl->handshake->tls_prf,
+                                 ssl->handshake->randbytes,
+                                 ssl->minor_ver,
+                                 ssl->conf->endpoint,
+                                 ssl);
+    if (ret != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "ssl_populate_transform", ret);
+        return ret;
+    }
+
+    /* We no longer need Server/ClientHello.random values */
+    mbedtls_platform_zeroize(ssl->handshake->randbytes,
+                             sizeof(ssl->handshake->randbytes));
+
+    /* Allocate compression buffer */
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    if (ssl->session_negotiate->compression == MBEDTLS_SSL_COMPRESS_DEFLATE &&
+        ssl->compress_buf == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("Allocating compression buffer"));
+        ssl->compress_buf = mbedtls_calloc(1, MBEDTLS_SSL_COMPRESS_BUFFER_LEN);
+        if (ssl->compress_buf == NULL) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("alloc(%d bytes) failed",
+                                      MBEDTLS_SSL_COMPRESS_BUFFER_LEN));
+            return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+        }
+    }
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= derive keys"));
+
+    return 0;
+}
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+void ssl_calc_verify_ssl(const mbedtls_ssl_context *ssl,
+                         unsigned char *hash,
+                         size_t *hlen)
+{
+    mbedtls_md5_context md5;
+    mbedtls_sha1_context sha1;
+    unsigned char pad_1[48];
+    unsigned char pad_2[48];
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc verify ssl"));
+
+    mbedtls_md5_init(&md5);
+    mbedtls_sha1_init(&sha1);
+
+    mbedtls_md5_clone(&md5, &ssl->handshake->fin_md5);
+    mbedtls_sha1_clone(&sha1, &ssl->handshake->fin_sha1);
+
+    memset(pad_1, 0x36, 48);
+    memset(pad_2, 0x5C, 48);
+
+    mbedtls_md5_update_ret(&md5, ssl->session_negotiate->master, 48);
+    mbedtls_md5_update_ret(&md5, pad_1, 48);
+    mbedtls_md5_finish_ret(&md5, hash);
+
+    mbedtls_md5_starts_ret(&md5);
+    mbedtls_md5_update_ret(&md5, ssl->session_negotiate->master, 48);
+    mbedtls_md5_update_ret(&md5, pad_2, 48);
+    mbedtls_md5_update_ret(&md5, hash,  16);
+    mbedtls_md5_finish_ret(&md5, hash);
+
+    mbedtls_sha1_update_ret(&sha1, ssl->session_negotiate->master, 48);
+    mbedtls_sha1_update_ret(&sha1, pad_1, 40);
+    mbedtls_sha1_finish_ret(&sha1, hash + 16);
+
+    mbedtls_sha1_starts_ret(&sha1);
+    mbedtls_sha1_update_ret(&sha1, ssl->session_negotiate->master, 48);
+    mbedtls_sha1_update_ret(&sha1, pad_2, 40);
+    mbedtls_sha1_update_ret(&sha1, hash + 16, 20);
+    mbedtls_sha1_finish_ret(&sha1, hash + 16);
+
+    *hlen = 36;
+
+    MBEDTLS_SSL_DEBUG_BUF(3, "calculated verify result", hash, *hlen);
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc verify"));
+
+    mbedtls_md5_free(&md5);
+    mbedtls_sha1_free(&sha1);
+
+    return;
+}
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
+void ssl_calc_verify_tls(const mbedtls_ssl_context *ssl,
+                         unsigned char *hash,
+                         size_t *hlen)
+{
+    mbedtls_md5_context md5;
+    mbedtls_sha1_context sha1;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc verify tls"));
+
+    mbedtls_md5_init(&md5);
+    mbedtls_sha1_init(&sha1);
+
+    mbedtls_md5_clone(&md5, &ssl->handshake->fin_md5);
+    mbedtls_sha1_clone(&sha1, &ssl->handshake->fin_sha1);
+
+    mbedtls_md5_finish_ret(&md5,  hash);
+    mbedtls_sha1_finish_ret(&sha1, hash + 16);
+
+    *hlen = 36;
+
+    MBEDTLS_SSL_DEBUG_BUF(3, "calculated verify result", hash, *hlen);
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc verify"));
+
+    mbedtls_md5_free(&md5);
+    mbedtls_sha1_free(&sha1);
+
+    return;
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA256_C)
+void ssl_calc_verify_tls_sha256(const mbedtls_ssl_context *ssl,
+                                unsigned char *hash,
+                                size_t *hlen)
+{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    size_t hash_size;
+    psa_status_t status;
+    psa_hash_operation_t sha256_psa = psa_hash_operation_init();
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> PSA calc verify sha256"));
+    status = psa_hash_clone(&ssl->handshake->fin_sha256_psa, &sha256_psa);
+    if (status != PSA_SUCCESS) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash clone failed"));
+        return;
+    }
+
+    status = psa_hash_finish(&sha256_psa, hash, 32, &hash_size);
+    if (status != PSA_SUCCESS) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash finish failed"));
+        return;
+    }
+
+    *hlen = 32;
+    MBEDTLS_SSL_DEBUG_BUF(3, "PSA calculated verify result", hash, *hlen);
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= PSA calc verify"));
+#else
+    mbedtls_sha256_context sha256;
+
+    mbedtls_sha256_init(&sha256);
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc verify sha256"));
+
+    mbedtls_sha256_clone(&sha256, &ssl->handshake->fin_sha256);
+    mbedtls_sha256_finish_ret(&sha256, hash);
+
+    *hlen = 32;
+
+    MBEDTLS_SSL_DEBUG_BUF(3, "calculated verify result", hash, *hlen);
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc verify"));
+
+    mbedtls_sha256_free(&sha256);
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    return;
+}
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+void ssl_calc_verify_tls_sha384(const mbedtls_ssl_context *ssl,
+                                unsigned char *hash,
+                                size_t *hlen)
+{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    size_t hash_size;
+    psa_status_t status;
+    psa_hash_operation_t sha384_psa = psa_hash_operation_init();
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> PSA calc verify sha384"));
+    status = psa_hash_clone(&ssl->handshake->fin_sha384_psa, &sha384_psa);
+    if (status != PSA_SUCCESS) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash clone failed"));
+        return;
+    }
+
+    status = psa_hash_finish(&sha384_psa, hash, 48, &hash_size);
+    if (status != PSA_SUCCESS) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash finish failed"));
+        return;
+    }
+
+    *hlen = 48;
+    MBEDTLS_SSL_DEBUG_BUF(3, "PSA calculated verify result", hash, *hlen);
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= PSA calc verify"));
+#else
+    mbedtls_sha512_context sha512;
+
+    mbedtls_sha512_init(&sha512);
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc verify sha384"));
+
+    mbedtls_sha512_clone(&sha512, &ssl->handshake->fin_sha512);
+    mbedtls_sha512_finish_ret(&sha512, hash);
+
+    *hlen = 48;
+
+    MBEDTLS_SSL_DEBUG_BUF(3, "calculated verify result", hash, *hlen);
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc verify"));
+
+    mbedtls_sha512_free(&sha512);
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    return;
+}
+#endif /* MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384 */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+int mbedtls_ssl_psk_derive_premaster(mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex)
+{
+    unsigned char *p = ssl->handshake->premaster;
+    unsigned char *end = p + sizeof(ssl->handshake->premaster);
+    const unsigned char *psk = NULL;
+    size_t psk_len = 0;
+
+    if (mbedtls_ssl_get_psk(ssl, &psk, &psk_len)
+        == MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED) {
+        /*
+         * This should never happen because the existence of a PSK is always
+         * checked before calling this function
+         */
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    /*
+     * PMS = struct {
+     *     opaque other_secret<0..2^16-1>;
+     *     opaque psk<0..2^16-1>;
+     * };
+     * with "other_secret" depending on the particular key exchange
+     */
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+    if (key_ex == MBEDTLS_KEY_EXCHANGE_PSK) {
+        if (end - p < 2) {
+            return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+        }
+
+        MBEDTLS_PUT_UINT16_BE(psk_len, p, 0);
+        p += 2;
+
+        if (end < p || (size_t) (end - p) < psk_len) {
+            return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+        }
+
+        memset(p, 0, psk_len);
+        p += psk_len;
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+    if (key_ex == MBEDTLS_KEY_EXCHANGE_RSA_PSK) {
+        /*
+         * other_secret already set by the ClientKeyExchange message,
+         * and is 48 bytes long
+         */
+        if (end - p < 2) {
+            return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+        }
+
+        *p++ = 0;
+        *p++ = 48;
+        p += 48;
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+    if (key_ex == MBEDTLS_KEY_EXCHANGE_DHE_PSK) {
+        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+        size_t len;
+
+        /* Write length only when we know the actual value */
+        if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx,
+                                           p + 2, end - (p + 2), &len,
+                                           ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_calc_secret", ret);
+            return ret;
+        }
+        MBEDTLS_PUT_UINT16_BE(len, p, 0);
+        p += 2 + len;
+
+        MBEDTLS_SSL_DEBUG_MPI(3, "DHM: K ", &ssl->handshake->dhm_ctx.K);
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+    if (key_ex == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) {
+        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+        size_t zlen;
+
+        if ((ret = mbedtls_ecdh_calc_secret(&ssl->handshake->ecdh_ctx, &zlen,
+                                            p + 2, end - (p + 2),
+                                            ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_calc_secret", ret);
+            return ret;
+        }
+
+        MBEDTLS_PUT_UINT16_BE(zlen, p, 0);
+        p += 2 + zlen;
+
+        MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx,
+                               MBEDTLS_DEBUG_ECDH_Z);
+    } else
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
+    {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    /* opaque psk<0..2^16-1>; */
+    if (end - p < 2) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    MBEDTLS_PUT_UINT16_BE(psk_len, p, 0);
+    p += 2;
+
+    if (end < p || (size_t) (end - p) < psk_len) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    memcpy(p, psk, psk_len);
+    p += psk_len;
+
+    ssl->handshake->pmslen = p - ssl->handshake->premaster;
+
+    return 0;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+
+#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_hello_request(mbedtls_ssl_context *ssl);
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+int mbedtls_ssl_resend_hello_request(mbedtls_ssl_context *ssl)
+{
+    /* If renegotiation is not enforced, retransmit until we would reach max
+     * timeout if we were using the usual handshake doubling scheme */
+    if (ssl->conf->renego_max_records < 0) {
+        uint32_t ratio = ssl->conf->hs_timeout_max / ssl->conf->hs_timeout_min + 1;
+        unsigned char doublings = 1;
+
+        while (ratio != 0) {
+            ++doublings;
+            ratio >>= 1;
+        }
+
+        if (++ssl->renego_records_seen > doublings) {
+            MBEDTLS_SSL_DEBUG_MSG(2, ("no longer retransmitting hello request"));
+            return 0;
+        }
+    }
+
+    return ssl_write_hello_request(ssl);
+}
+#endif
+#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+static void ssl_clear_peer_cert(mbedtls_ssl_session *session)
+{
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    if (session->peer_cert != NULL) {
+        mbedtls_x509_crt_free(session->peer_cert);
+        mbedtls_free(session->peer_cert);
+        session->peer_cert = NULL;
+    }
+#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+    if (session->peer_cert_digest != NULL) {
+        /* Zeroization is not necessary. */
+        mbedtls_free(session->peer_cert_digest);
+        session->peer_cert_digest      = NULL;
+        session->peer_cert_digest_type = MBEDTLS_MD_NONE;
+        session->peer_cert_digest_len  = 0;
+    }
+#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+}
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+/*
+ * Handshake functions
+ */
+#if !defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+/* No certificate support -> dummy functions */
+int mbedtls_ssl_write_certificate(mbedtls_ssl_context *ssl)
+{
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->handshake->ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate"));
+
+    if (!mbedtls_ssl_ciphersuite_uses_srv_cert(ciphersuite_info)) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate"));
+        ssl->state++;
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+    return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+}
+
+int mbedtls_ssl_parse_certificate(mbedtls_ssl_context *ssl)
+{
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->handshake->ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate"));
+
+    if (!mbedtls_ssl_ciphersuite_uses_srv_cert(ciphersuite_info)) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate"));
+        ssl->state++;
+        return 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+    return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+}
+
+#else /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+/* Some certificate support -> implement write and parse */
+
+int mbedtls_ssl_write_certificate(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+    size_t i, n;
+    const mbedtls_x509_crt *crt;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->handshake->ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate"));
+
+    if (!mbedtls_ssl_ciphersuite_uses_srv_cert(ciphersuite_info)) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate"));
+        ssl->state++;
+        return 0;
+    }
+
+#if defined(MBEDTLS_SSL_CLI_C)
+    if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) {
+        if (ssl->client_auth == 0) {
+            MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate"));
+            ssl->state++;
+            return 0;
+        }
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+        /*
+         * If using SSLv3 and got no cert, send an Alert message
+         * (otherwise an empty Certificate message will be sent).
+         */
+        if (mbedtls_ssl_own_cert(ssl)  == NULL &&
+            ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) {
+            ssl->out_msglen  = 2;
+            ssl->out_msgtype = MBEDTLS_SSL_MSG_ALERT;
+            ssl->out_msg[0]  = MBEDTLS_SSL_ALERT_LEVEL_WARNING;
+            ssl->out_msg[1]  = MBEDTLS_SSL_ALERT_MSG_NO_CERT;
+
+            MBEDTLS_SSL_DEBUG_MSG(2, ("got no certificate to send"));
+            goto write_msg;
+        }
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+    }
+#endif /* MBEDTLS_SSL_CLI_C */
+#if defined(MBEDTLS_SSL_SRV_C)
+    if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) {
+        if (mbedtls_ssl_own_cert(ssl) == NULL) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("got no certificate to send"));
+            return MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED;
+        }
+    }
+#endif
+
+    MBEDTLS_SSL_DEBUG_CRT(3, "own certificate", mbedtls_ssl_own_cert(ssl));
+
+    /*
+     *     0  .  0    handshake type
+     *     1  .  3    handshake length
+     *     4  .  6    length of all certs
+     *     7  .  9    length of cert. 1
+     *    10  . n-1   peer certificate
+     *     n  . n+2   length of cert. 2
+     *    n+3 . ...   upper level cert, etc.
+     */
+    i = 7;
+    crt = mbedtls_ssl_own_cert(ssl);
+
+    while (crt != NULL) {
+        n = crt->raw.len;
+        if (n > MBEDTLS_SSL_OUT_CONTENT_LEN - 3 - i) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("certificate too large, %" MBEDTLS_PRINTF_SIZET
+                                      " > %" MBEDTLS_PRINTF_SIZET,
+                                      i + 3 + n, (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN));
+            return MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE;
+        }
+
+        ssl->out_msg[i] = MBEDTLS_BYTE_2(n);
+        ssl->out_msg[i + 1] = MBEDTLS_BYTE_1(n);
+        ssl->out_msg[i + 2] = MBEDTLS_BYTE_0(n);
+
+        i += 3; memcpy(ssl->out_msg + i, crt->raw.p, n);
+        i += n; crt = crt->next;
+    }
+
+    ssl->out_msg[4]  = MBEDTLS_BYTE_2(i - 7);
+    ssl->out_msg[5]  = MBEDTLS_BYTE_1(i - 7);
+    ssl->out_msg[6]  = MBEDTLS_BYTE_0(i - 7);
+
+    ssl->out_msglen  = i;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_CERTIFICATE;
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_CLI_C)
+write_msg:
+#endif
+
+    ssl->state++;
+
+    if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret);
+        return ret;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= write certificate"));
+
+    return ret;
+}
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C)
+
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_check_peer_crt_unchanged(mbedtls_ssl_context *ssl,
+                                        unsigned char *crt_buf,
+                                        size_t crt_buf_len)
+{
+    mbedtls_x509_crt const * const peer_crt = ssl->session->peer_cert;
+
+    if (peer_crt == NULL) {
+        return -1;
+    }
+
+    if (peer_crt->raw.len != crt_buf_len) {
+        return -1;
+    }
+
+    return memcmp(peer_crt->raw.p, crt_buf, peer_crt->raw.len);
+}
+#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_check_peer_crt_unchanged(mbedtls_ssl_context *ssl,
+                                        unsigned char *crt_buf,
+                                        size_t crt_buf_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char const * const peer_cert_digest =
+        ssl->session->peer_cert_digest;
+    mbedtls_md_type_t const peer_cert_digest_type =
+        ssl->session->peer_cert_digest_type;
+    mbedtls_md_info_t const * const digest_info =
+        mbedtls_md_info_from_type(peer_cert_digest_type);
+    unsigned char tmp_digest[MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN];
+    size_t digest_len;
+
+    if (peer_cert_digest == NULL || digest_info == NULL) {
+        return -1;
+    }
+
+    digest_len = mbedtls_md_get_size(digest_info);
+    if (digest_len > MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN) {
+        return -1;
+    }
+
+    ret = mbedtls_md(digest_info, crt_buf, crt_buf_len, tmp_digest);
+    if (ret != 0) {
+        return -1;
+    }
+
+    return memcmp(tmp_digest, peer_cert_digest, digest_len);
+}
+#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+#endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */
+
+/*
+ * Once the certificate message is read, parse it into a cert chain and
+ * perform basic checks, but leave actual verification to the caller
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_certificate_chain(mbedtls_ssl_context *ssl,
+                                       mbedtls_x509_crt *chain)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+#if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C)
+    int crt_cnt = 0;
+#endif
+    size_t i, n;
+    uint8_t alert;
+
+    if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE);
+        return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+    }
+
+    if (ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE ||
+        ssl->in_hslen < mbedtls_ssl_hs_hdr_len(ssl) + 3 + 3) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE;
+    }
+
+    i = mbedtls_ssl_hs_hdr_len(ssl);
+
+    /*
+     * Same message structure as in mbedtls_ssl_write_certificate()
+     */
+    n = (ssl->in_msg[i+1] << 8) | ssl->in_msg[i+2];
+
+    if (ssl->in_msg[i] != 0 ||
+        ssl->in_hslen != n + 3 + mbedtls_ssl_hs_hdr_len(ssl)) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE;
+    }
+
+    /* Make &ssl->in_msg[i] point to the beginning of the CRT chain. */
+    i += 3;
+
+    /* Iterate through and parse the CRTs in the provided chain. */
+    while (i < ssl->in_hslen) {
+        /* Check that there's room for the next CRT's length fields. */
+        if (i + 3 > ssl->in_hslen) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate message"));
+            mbedtls_ssl_send_alert_message(ssl,
+                                           MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                           MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+            return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE;
+        }
+        /* In theory, the CRT can be up to 2**24 Bytes, but we don't support
+         * anything beyond 2**16 ~ 64K. */
+        if (ssl->in_msg[i] != 0) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate message"));
+            mbedtls_ssl_send_alert_message(ssl,
+                                           MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                           MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+            return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE;
+        }
+
+        /* Read length of the next CRT in the chain. */
+        n = ((unsigned int) ssl->in_msg[i + 1] << 8)
+            | (unsigned int) ssl->in_msg[i + 2];
+        i += 3;
+
+        if (n < 128 || i + n > ssl->in_hslen) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate message"));
+            mbedtls_ssl_send_alert_message(ssl,
+                                           MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                           MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+            return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE;
+        }
+
+        /* Check if we're handling the first CRT in the chain. */
+#if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C)
+        if (crt_cnt++ == 0 &&
+            ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT &&
+            ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) {
+            /* During client-side renegotiation, check that the server's
+             * end-CRTs hasn't changed compared to the initial handshake,
+             * mitigating the triple handshake attack. On success, reuse
+             * the original end-CRT instead of parsing it again. */
+            MBEDTLS_SSL_DEBUG_MSG(3, ("Check that peer CRT hasn't changed during renegotiation"));
+            if (ssl_check_peer_crt_unchanged(ssl,
+                                             &ssl->in_msg[i],
+                                             n) != 0) {
+                MBEDTLS_SSL_DEBUG_MSG(1, ("new server cert during renegotiation"));
+                mbedtls_ssl_send_alert_message(ssl,
+                                               MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                               MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED);
+                return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE;
+            }
+
+            /* Now we can safely free the original chain. */
+            ssl_clear_peer_cert(ssl->session);
+        }
+#endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */
+
+        /* Parse the next certificate in the chain. */
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+        ret = mbedtls_x509_crt_parse_der(chain, ssl->in_msg + i, n);
+#else
+        /* If we don't need to store the CRT chain permanently, parse
+         * it in-place from the input buffer instead of making a copy. */
+        ret = mbedtls_x509_crt_parse_der_nocopy(chain, ssl->in_msg + i, n);
+#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+        switch (ret) {
+            case 0: /*ok*/
+            case MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + MBEDTLS_ERR_OID_NOT_FOUND:
+                /* Ignore certificate with an unknown algorithm: maybe a
+                   prior certificate was already trusted. */
+                break;
+
+            case MBEDTLS_ERR_X509_ALLOC_FAILED:
+                alert = MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR;
+                goto crt_parse_der_failed;
+
+            case MBEDTLS_ERR_X509_UNKNOWN_VERSION:
+                alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT;
+                goto crt_parse_der_failed;
+
+            default:
+                alert = MBEDTLS_SSL_ALERT_MSG_BAD_CERT;
+crt_parse_der_failed:
+                mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, alert);
+                MBEDTLS_SSL_DEBUG_RET(1, " mbedtls_x509_crt_parse_der", ret);
+                return ret;
+        }
+
+        i += n;
+    }
+
+    MBEDTLS_SSL_DEBUG_CRT(3, "peer certificate", chain);
+    return 0;
+}
+
+#if defined(MBEDTLS_SSL_SRV_C)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_srv_check_client_no_crt_notification(mbedtls_ssl_context *ssl)
+{
+    if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) {
+        return -1;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    /*
+     * Check if the client sent an empty certificate
+     */
+    if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) {
+        if (ssl->in_msglen  == 2                        &&
+            ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT            &&
+            ssl->in_msg[0]  == MBEDTLS_SSL_ALERT_LEVEL_WARNING  &&
+            ssl->in_msg[1]  == MBEDTLS_SSL_ALERT_MSG_NO_CERT) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("SSLv3 client has no certificate"));
+            return 0;
+        }
+
+        return -1;
+    }
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if (ssl->in_hslen   == 3 + mbedtls_ssl_hs_hdr_len(ssl) &&
+        ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE    &&
+        ssl->in_msg[0]  == MBEDTLS_SSL_HS_CERTIFICATE   &&
+        memcmp(ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl), "\0\0\0", 3) == 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("TLSv1 client has no certificate"));
+        return 0;
+    }
+
+    return -1;
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
+          MBEDTLS_SSL_PROTO_TLS1_2 */
+}
+#endif /* MBEDTLS_SSL_SRV_C */
+
+/* Check if a certificate message is expected.
+ * Return either
+ * - SSL_CERTIFICATE_EXPECTED, or
+ * - SSL_CERTIFICATE_SKIP
+ * indicating whether a Certificate message is expected or not.
+ */
+#define SSL_CERTIFICATE_EXPECTED 0
+#define SSL_CERTIFICATE_SKIP     1
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_certificate_coordinate(mbedtls_ssl_context *ssl,
+                                            int authmode)
+{
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->handshake->ciphersuite_info;
+
+    if (!mbedtls_ssl_ciphersuite_uses_srv_cert(ciphersuite_info)) {
+        return SSL_CERTIFICATE_SKIP;
+    }
+
+#if defined(MBEDTLS_SSL_SRV_C)
+    if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) {
+        if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) {
+            return SSL_CERTIFICATE_SKIP;
+        }
+
+        if (authmode == MBEDTLS_SSL_VERIFY_NONE) {
+            ssl->session_negotiate->verify_result =
+                MBEDTLS_X509_BADCERT_SKIP_VERIFY;
+            return SSL_CERTIFICATE_SKIP;
+        }
+    }
+#else
+    ((void) authmode);
+#endif /* MBEDTLS_SSL_SRV_C */
+
+    return SSL_CERTIFICATE_EXPECTED;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl,
+                                        int authmode,
+                                        mbedtls_x509_crt *chain,
+                                        void *rs_ctx)
+{
+    int ret = 0;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->handshake->ciphersuite_info;
+    int have_ca_chain = 0;
+
+    int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *);
+    void *p_vrfy;
+
+    if (authmode == MBEDTLS_SSL_VERIFY_NONE) {
+        return 0;
+    }
+
+    if (ssl->f_vrfy != NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("Use context-specific verification callback"));
+        f_vrfy = ssl->f_vrfy;
+        p_vrfy = ssl->p_vrfy;
+    } else {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("Use configuration-specific verification callback"));
+        f_vrfy = ssl->conf->f_vrfy;
+        p_vrfy = ssl->conf->p_vrfy;
+    }
+
+    /*
+     * Main check: verify certificate
+     */
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+    if (ssl->conf->f_ca_cb != NULL) {
+        ((void) rs_ctx);
+        have_ca_chain = 1;
+
+        MBEDTLS_SSL_DEBUG_MSG(3, ("use CA callback for X.509 CRT verification"));
+        ret = mbedtls_x509_crt_verify_with_ca_cb(
+            chain,
+            ssl->conf->f_ca_cb,
+            ssl->conf->p_ca_cb,
+            ssl->conf->cert_profile,
+            ssl->hostname,
+            &ssl->session_negotiate->verify_result,
+            f_vrfy, p_vrfy);
+    } else
+#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+    {
+        mbedtls_x509_crt *ca_chain;
+        mbedtls_x509_crl *ca_crl;
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+        if (ssl->handshake->sni_ca_chain != NULL) {
+            ca_chain = ssl->handshake->sni_ca_chain;
+            ca_crl   = ssl->handshake->sni_ca_crl;
+        } else
+#endif
+        {
+            ca_chain = ssl->conf->ca_chain;
+            ca_crl   = ssl->conf->ca_crl;
+        }
+
+        if (ca_chain != NULL) {
+            have_ca_chain = 1;
+        }
+
+        ret = mbedtls_x509_crt_verify_restartable(
+            chain,
+            ca_chain, ca_crl,
+            ssl->conf->cert_profile,
+            ssl->hostname,
+            &ssl->session_negotiate->verify_result,
+            f_vrfy, p_vrfy, rs_ctx);
+    }
+
+    if (ret != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "x509_verify_cert", ret);
+    }
+
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+    if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) {
+        return MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS;
+    }
+#endif
+
+    /*
+     * Secondary checks: always done, but change 'ret' only if it was 0
+     */
+
+#if defined(MBEDTLS_ECP_C)
+    {
+        const mbedtls_pk_context *pk = &chain->pk;
+
+        /* If certificate uses an EC key, make sure the curve is OK.
+         * This is a public key, so it can't be opaque, so can_do() is a good
+         * enough check to ensure pk_ec() is safe to use here. */
+        if (mbedtls_pk_can_do(pk, MBEDTLS_PK_ECKEY) &&
+            mbedtls_ssl_check_curve(ssl, mbedtls_pk_ec(*pk)->grp.id) != 0) {
+            ssl->session_negotiate->verify_result |= MBEDTLS_X509_BADCERT_BAD_KEY;
+
+            MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate (EC key curve)"));
+            if (ret == 0) {
+                ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE;
+            }
+        }
+    }
+#endif /* MBEDTLS_ECP_C */
+
+    if (mbedtls_ssl_check_cert_usage(chain,
+                                     ciphersuite_info,
+                                     !ssl->conf->endpoint,
+                                     &ssl->session_negotiate->verify_result) != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate (usage extensions)"));
+        if (ret == 0) {
+            ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE;
+        }
+    }
+
+    /* mbedtls_x509_crt_verify_with_profile is supposed to report a
+     * verification failure through MBEDTLS_ERR_X509_CERT_VERIFY_FAILED,
+     * with details encoded in the verification flags. All other kinds
+     * of error codes, including those from the user provided f_vrfy
+     * functions, are treated as fatal and lead to a failure of
+     * ssl_parse_certificate even if verification was optional. */
+    if (authmode == MBEDTLS_SSL_VERIFY_OPTIONAL &&
+        (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ||
+         ret == MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE)) {
+        ret = 0;
+    }
+
+    if (have_ca_chain == 0 && authmode == MBEDTLS_SSL_VERIFY_REQUIRED) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("got no CA chain"));
+        ret = MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED;
+    }
+
+    if (ret != 0) {
+        uint8_t alert;
+
+        /* The certificate may have been rejected for several reasons.
+           Pick one and send the corresponding alert. Which alert to send
+           may be a subject of debate in some cases. */
+        if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_OTHER) {
+            alert = MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED;
+        } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_CN_MISMATCH) {
+            alert = MBEDTLS_SSL_ALERT_MSG_BAD_CERT;
+        } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_KEY_USAGE) {
+            alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT;
+        } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXT_KEY_USAGE) {
+            alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT;
+        } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NS_CERT_TYPE) {
+            alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT;
+        } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_PK) {
+            alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT;
+        } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_KEY) {
+            alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT;
+        } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXPIRED) {
+            alert = MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED;
+        } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_REVOKED) {
+            alert = MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED;
+        } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NOT_TRUSTED) {
+            alert = MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA;
+        } else {
+            alert = MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN;
+        }
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       alert);
+    }
+
+#if defined(MBEDTLS_DEBUG_C)
+    if (ssl->session_negotiate->verify_result != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("! Certificate verification flags %08x",
+                                  (unsigned int) ssl->session_negotiate->verify_result));
+    } else {
+        MBEDTLS_SSL_DEBUG_MSG(3, ("Certificate verification flags clear"));
+    }
+#endif /* MBEDTLS_DEBUG_C */
+
+    return ret;
+}
+
+#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_remember_peer_crt_digest(mbedtls_ssl_context *ssl,
+                                        unsigned char *start, size_t len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    /* Remember digest of the peer's end-CRT. */
+    ssl->session_negotiate->peer_cert_digest =
+        mbedtls_calloc(1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN);
+    if (ssl->session_negotiate->peer_cert_digest == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("alloc(%d bytes) failed",
+                                  MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN));
+        mbedtls_ssl_send_alert_message(ssl,
+                                       MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR);
+
+        return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+    }
+
+    ret = mbedtls_md(mbedtls_md_info_from_type(
+                         MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE),
+                     start, len,
+                     ssl->session_negotiate->peer_cert_digest);
+
+    ssl->session_negotiate->peer_cert_digest_type =
+        MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE;
+    ssl->session_negotiate->peer_cert_digest_len =
+        MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN;
+
+    return ret;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_remember_peer_pubkey(mbedtls_ssl_context *ssl,
+                                    unsigned char *start, size_t len)
+{
+    unsigned char *end = start + len;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    /* Make a copy of the peer's raw public key. */
+    mbedtls_pk_init(&ssl->handshake->peer_pubkey);
+    ret = mbedtls_pk_parse_subpubkey(&start, end,
+                                     &ssl->handshake->peer_pubkey);
+    if (ret != 0) {
+        /* We should have parsed the public key before. */
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    return 0;
+}
+#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+int mbedtls_ssl_parse_certificate(mbedtls_ssl_context *ssl)
+{
+    int ret = 0;
+    int crt_expected;
+#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    const int authmode = ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET
+                       ? ssl->handshake->sni_authmode
+                       : ssl->conf->authmode;
+#else
+    const int authmode = ssl->conf->authmode;
+#endif
+    void *rs_ctx = NULL;
+    mbedtls_x509_crt *chain = NULL;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate"));
+
+    crt_expected = ssl_parse_certificate_coordinate(ssl, authmode);
+    if (crt_expected == SSL_CERTIFICATE_SKIP) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate"));
+        goto exit;
+    }
+
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+    if (ssl->handshake->ecrs_enabled &&
+        ssl->handshake->ecrs_state == ssl_ecrs_crt_verify) {
+        chain = ssl->handshake->ecrs_peer_cert;
+        ssl->handshake->ecrs_peer_cert = NULL;
+        goto crt_verify;
+    }
+#endif
+
+    if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) {
+        /* mbedtls_ssl_read_record may have sent an alert already. We
+           let it decide whether to alert. */
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret);
+        goto exit;
+    }
+
+#if defined(MBEDTLS_SSL_SRV_C)
+    if (ssl_srv_check_client_no_crt_notification(ssl) == 0) {
+        ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING;
+
+        if (authmode != MBEDTLS_SSL_VERIFY_OPTIONAL) {
+            ret = MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE;
+        }
+
+        goto exit;
+    }
+#endif /* MBEDTLS_SSL_SRV_C */
+
+    /* Clear existing peer CRT structure in case we tried to
+     * reuse a session but it failed, and allocate a new one. */
+    ssl_clear_peer_cert(ssl->session_negotiate);
+
+    chain = mbedtls_calloc(1, sizeof(mbedtls_x509_crt));
+    if (chain == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("alloc(%" MBEDTLS_PRINTF_SIZET " bytes) failed",
+                                  sizeof(mbedtls_x509_crt)));
+        mbedtls_ssl_send_alert_message(ssl,
+                                       MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR);
+
+        ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
+        goto exit;
+    }
+    mbedtls_x509_crt_init(chain);
+
+    ret = ssl_parse_certificate_chain(ssl, chain);
+    if (ret != 0) {
+        goto exit;
+    }
+
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+    if (ssl->handshake->ecrs_enabled) {
+        ssl->handshake->ecrs_state = ssl_ecrs_crt_verify;
+    }
+
+crt_verify:
+    if (ssl->handshake->ecrs_enabled) {
+        rs_ctx = &ssl->handshake->ecrs_ctx;
+    }
+#endif
+
+    ret = ssl_parse_certificate_verify(ssl, authmode,
+                                       chain, rs_ctx);
+    if (ret != 0) {
+        goto exit;
+    }
+
+#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    {
+        unsigned char *crt_start, *pk_start;
+        size_t crt_len, pk_len;
+
+        /* We parse the CRT chain without copying, so
+         * these pointers point into the input buffer,
+         * and are hence still valid after freeing the
+         * CRT chain. */
+
+        crt_start = chain->raw.p;
+        crt_len   = chain->raw.len;
+
+        pk_start = chain->pk_raw.p;
+        pk_len   = chain->pk_raw.len;
+
+        /* Free the CRT structures before computing
+         * digest and copying the peer's public key. */
+        mbedtls_x509_crt_free(chain);
+        mbedtls_free(chain);
+        chain = NULL;
+
+        ret = ssl_remember_peer_crt_digest(ssl, crt_start, crt_len);
+        if (ret != 0) {
+            goto exit;
+        }
+
+        ret = ssl_remember_peer_pubkey(ssl, pk_start, pk_len);
+        if (ret != 0) {
+            goto exit;
+        }
+    }
+#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+    /* Pass ownership to session structure. */
+    ssl->session_negotiate->peer_cert = chain;
+    chain = NULL;
+#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse certificate"));
+
+exit:
+
+    if (ret == 0) {
+        ssl->state++;
+    }
+
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+    if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) {
+        ssl->handshake->ecrs_peer_cert = chain;
+        chain = NULL;
+    }
+#endif
+
+    if (chain != NULL) {
+        mbedtls_x509_crt_free(chain);
+        mbedtls_free(chain);
+    }
+
+    return ret;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+void mbedtls_ssl_optimize_checksum(mbedtls_ssl_context *ssl,
+                                   const mbedtls_ssl_ciphersuite_t *ciphersuite_info)
+{
+    ((void) ciphersuite_info);
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+    if (ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3) {
+        ssl->handshake->update_checksum = ssl_update_checksum_md5sha1;
+    } else
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+    if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) {
+        ssl->handshake->update_checksum = ssl_update_checksum_sha384;
+    } else
+#endif
+#if defined(MBEDTLS_SHA256_C)
+    if (ciphersuite_info->mac != MBEDTLS_MD_SHA384) {
+        ssl->handshake->update_checksum = ssl_update_checksum_sha256;
+    } else
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+    {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+        return;
+    }
+}
+
+void mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl)
+{
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+    mbedtls_md5_starts_ret(&ssl->handshake->fin_md5);
+    mbedtls_sha1_starts_ret(&ssl->handshake->fin_sha1);
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA256_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_hash_abort(&ssl->handshake->fin_sha256_psa);
+    psa_hash_setup(&ssl->handshake->fin_sha256_psa, PSA_ALG_SHA_256);
+#else
+    mbedtls_sha256_starts_ret(&ssl->handshake->fin_sha256, 0);
+#endif
+#endif
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_hash_abort(&ssl->handshake->fin_sha384_psa);
+    psa_hash_setup(&ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384);
+#else
+    mbedtls_sha512_starts_ret(&ssl->handshake->fin_sha512, 1);
+#endif
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+}
+
+static void ssl_update_checksum_start(mbedtls_ssl_context *ssl,
+                                      const unsigned char *buf, size_t len)
+{
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+    mbedtls_md5_update_ret(&ssl->handshake->fin_md5, buf, len);
+    mbedtls_sha1_update_ret(&ssl->handshake->fin_sha1, buf, len);
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA256_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_hash_update(&ssl->handshake->fin_sha256_psa, buf, len);
+#else
+    mbedtls_sha256_update_ret(&ssl->handshake->fin_sha256, buf, len);
+#endif
+#endif
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_hash_update(&ssl->handshake->fin_sha384_psa, buf, len);
+#else
+    mbedtls_sha512_update_ret(&ssl->handshake->fin_sha512, buf, len);
+#endif
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+}
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+static void ssl_update_checksum_md5sha1(mbedtls_ssl_context *ssl,
+                                        const unsigned char *buf, size_t len)
+{
+    mbedtls_md5_update_ret(&ssl->handshake->fin_md5, buf, len);
+    mbedtls_sha1_update_ret(&ssl->handshake->fin_sha1, buf, len);
+}
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA256_C)
+static void ssl_update_checksum_sha256(mbedtls_ssl_context *ssl,
+                                       const unsigned char *buf, size_t len)
+{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_hash_update(&ssl->handshake->fin_sha256_psa, buf, len);
+#else
+    mbedtls_sha256_update_ret(&ssl->handshake->fin_sha256, buf, len);
+#endif
+}
+#endif
+
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+static void ssl_update_checksum_sha384(mbedtls_ssl_context *ssl,
+                                       const unsigned char *buf, size_t len)
+{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_hash_update(&ssl->handshake->fin_sha384_psa, buf, len);
+#else
+    mbedtls_sha512_update_ret(&ssl->handshake->fin_sha512, buf, len);
+#endif
+}
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+static void ssl_calc_finished_ssl(
+    mbedtls_ssl_context *ssl, unsigned char *buf, int from)
+{
+    const char *sender;
+    mbedtls_md5_context  md5;
+    mbedtls_sha1_context sha1;
+
+    unsigned char padbuf[48];
+    unsigned char md5sum[16];
+    unsigned char sha1sum[20];
+
+    mbedtls_ssl_session *session = ssl->session_negotiate;
+    if (!session) {
+        session = ssl->session;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc  finished ssl"));
+
+    mbedtls_md5_init(&md5);
+    mbedtls_sha1_init(&sha1);
+
+    mbedtls_md5_clone(&md5, &ssl->handshake->fin_md5);
+    mbedtls_sha1_clone(&sha1, &ssl->handshake->fin_sha1);
+
+    /*
+     * SSLv3:
+     *   hash =
+     *      MD5( master + pad2 +
+     *          MD5( handshake + sender + master + pad1 ) )
+     *   + SHA1( master + pad2 +
+     *         SHA1( handshake + sender + master + pad1 ) )
+     */
+
+#if !defined(MBEDTLS_MD5_ALT)
+    MBEDTLS_SSL_DEBUG_BUF(4, "finished  md5 state", (unsigned char *)
+                          md5.state, sizeof(md5.state));
+#endif
+
+#if !defined(MBEDTLS_SHA1_ALT)
+    MBEDTLS_SSL_DEBUG_BUF(4, "finished sha1 state", (unsigned char *)
+                          sha1.state, sizeof(sha1.state));
+#endif
+
+    sender = (from == MBEDTLS_SSL_IS_CLIENT) ? "CLNT"
+                                       : "SRVR";
+
+    memset(padbuf, 0x36, 48);
+
+    mbedtls_md5_update_ret(&md5, (const unsigned char *) sender, 4);
+    mbedtls_md5_update_ret(&md5, session->master, 48);
+    mbedtls_md5_update_ret(&md5, padbuf, 48);
+    mbedtls_md5_finish_ret(&md5, md5sum);
+
+    mbedtls_sha1_update_ret(&sha1, (const unsigned char *) sender, 4);
+    mbedtls_sha1_update_ret(&sha1, session->master, 48);
+    mbedtls_sha1_update_ret(&sha1, padbuf, 40);
+    mbedtls_sha1_finish_ret(&sha1, sha1sum);
+
+    memset(padbuf, 0x5C, 48);
+
+    mbedtls_md5_starts_ret(&md5);
+    mbedtls_md5_update_ret(&md5, session->master, 48);
+    mbedtls_md5_update_ret(&md5, padbuf, 48);
+    mbedtls_md5_update_ret(&md5, md5sum, 16);
+    mbedtls_md5_finish_ret(&md5, buf);
+
+    mbedtls_sha1_starts_ret(&sha1);
+    mbedtls_sha1_update_ret(&sha1, session->master, 48);
+    mbedtls_sha1_update_ret(&sha1, padbuf, 40);
+    mbedtls_sha1_update_ret(&sha1, sha1sum, 20);
+    mbedtls_sha1_finish_ret(&sha1, buf + 16);
+
+    MBEDTLS_SSL_DEBUG_BUF(3, "calc finished result", buf, 36);
+
+    mbedtls_md5_free(&md5);
+    mbedtls_sha1_free(&sha1);
+
+    mbedtls_platform_zeroize(padbuf, sizeof(padbuf));
+    mbedtls_platform_zeroize(md5sum, sizeof(md5sum));
+    mbedtls_platform_zeroize(sha1sum, sizeof(sha1sum));
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc  finished"));
+}
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
+static void ssl_calc_finished_tls(
+    mbedtls_ssl_context *ssl, unsigned char *buf, int from)
+{
+    int len = 12;
+    const char *sender;
+    mbedtls_md5_context  md5;
+    mbedtls_sha1_context sha1;
+    unsigned char padbuf[36];
+
+    mbedtls_ssl_session *session = ssl->session_negotiate;
+    if (!session) {
+        session = ssl->session;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc  finished tls"));
+
+    mbedtls_md5_init(&md5);
+    mbedtls_sha1_init(&sha1);
+
+    mbedtls_md5_clone(&md5, &ssl->handshake->fin_md5);
+    mbedtls_sha1_clone(&sha1, &ssl->handshake->fin_sha1);
+
+    /*
+     * TLSv1:
+     *   hash = PRF( master, finished_label,
+     *               MD5( handshake ) + SHA1( handshake ) )[0..11]
+     */
+
+#if !defined(MBEDTLS_MD5_ALT)
+    MBEDTLS_SSL_DEBUG_BUF(4, "finished  md5 state", (unsigned char *)
+                          md5.state, sizeof(md5.state));
+#endif
+
+#if !defined(MBEDTLS_SHA1_ALT)
+    MBEDTLS_SSL_DEBUG_BUF(4, "finished sha1 state", (unsigned char *)
+                          sha1.state, sizeof(sha1.state));
+#endif
+
+    sender = (from == MBEDTLS_SSL_IS_CLIENT)
+             ? "client finished"
+             : "server finished";
+
+    mbedtls_md5_finish_ret(&md5, padbuf);
+    mbedtls_sha1_finish_ret(&sha1, padbuf + 16);
+
+    ssl->handshake->tls_prf(session->master, 48, sender,
+                            padbuf, 36, buf, len);
+
+    MBEDTLS_SSL_DEBUG_BUF(3, "calc finished result", buf, len);
+
+    mbedtls_md5_free(&md5);
+    mbedtls_sha1_free(&sha1);
+
+    mbedtls_platform_zeroize(padbuf, sizeof(padbuf));
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc  finished"));
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA256_C)
+static void ssl_calc_finished_tls_sha256(
+    mbedtls_ssl_context *ssl, unsigned char *buf, int from)
+{
+    int len = 12;
+    const char *sender;
+    unsigned char padbuf[32];
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    size_t hash_size;
+    psa_hash_operation_t sha256_psa = PSA_HASH_OPERATION_INIT;
+    psa_status_t status;
+#else
+    mbedtls_sha256_context sha256;
+#endif
+
+    mbedtls_ssl_session *session = ssl->session_negotiate;
+    if (!session) {
+        session = ssl->session;
+    }
+
+    sender = (from == MBEDTLS_SSL_IS_CLIENT)
+             ? "client finished"
+             : "server finished";
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    sha256_psa = psa_hash_operation_init();
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc PSA finished tls sha256"));
+
+    status = psa_hash_clone(&ssl->handshake->fin_sha256_psa, &sha256_psa);
+    if (status != PSA_SUCCESS) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash clone failed"));
+        return;
+    }
+
+    status = psa_hash_finish(&sha256_psa, padbuf, sizeof(padbuf), &hash_size);
+    if (status != PSA_SUCCESS) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash finish failed"));
+        return;
+    }
+    MBEDTLS_SSL_DEBUG_BUF(3, "PSA calculated padbuf", padbuf, 32);
+#else
+
+    mbedtls_sha256_init(&sha256);
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc  finished tls sha256"));
+
+    mbedtls_sha256_clone(&sha256, &ssl->handshake->fin_sha256);
+
+    /*
+     * TLSv1.2:
+     *   hash = PRF( master, finished_label,
+     *               Hash( handshake ) )[0.11]
+     */
+
+#if !defined(MBEDTLS_SHA256_ALT)
+    MBEDTLS_SSL_DEBUG_BUF(4, "finished sha2 state", (unsigned char *)
+                          sha256.state, sizeof(sha256.state));
+#endif
+
+    mbedtls_sha256_finish_ret(&sha256, padbuf);
+    mbedtls_sha256_free(&sha256);
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    ssl->handshake->tls_prf(session->master, 48, sender,
+                            padbuf, 32, buf, len);
+
+    MBEDTLS_SSL_DEBUG_BUF(3, "calc finished result", buf, len);
+
+    mbedtls_platform_zeroize(padbuf, sizeof(padbuf));
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc  finished"));
+}
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+
+static void ssl_calc_finished_tls_sha384(
+    mbedtls_ssl_context *ssl, unsigned char *buf, int from)
+{
+    int len = 12;
+    const char *sender;
+    unsigned char padbuf[48];
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    size_t hash_size;
+    psa_hash_operation_t sha384_psa = PSA_HASH_OPERATION_INIT;
+    psa_status_t status;
+#else
+    mbedtls_sha512_context sha512;
+#endif
+
+    mbedtls_ssl_session *session = ssl->session_negotiate;
+    if (!session) {
+        session = ssl->session;
+    }
+
+    sender = (from == MBEDTLS_SSL_IS_CLIENT)
+                ? "client finished"
+                : "server finished";
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    sha384_psa = psa_hash_operation_init();
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc PSA finished tls sha384"));
+
+    status = psa_hash_clone(&ssl->handshake->fin_sha384_psa, &sha384_psa);
+    if (status != PSA_SUCCESS) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash clone failed"));
+        return;
+    }
+
+    status = psa_hash_finish(&sha384_psa, padbuf, sizeof(padbuf), &hash_size);
+    if (status != PSA_SUCCESS) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash finish failed"));
+        return;
+    }
+    MBEDTLS_SSL_DEBUG_BUF(3, "PSA calculated padbuf", padbuf, 48);
+#else
+    mbedtls_sha512_init(&sha512);
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc  finished tls sha384"));
+
+    mbedtls_sha512_clone(&sha512, &ssl->handshake->fin_sha512);
+
+    /*
+     * TLSv1.2:
+     *   hash = PRF( master, finished_label,
+     *               Hash( handshake ) )[0.11]
+     */
+
+#if !defined(MBEDTLS_SHA512_ALT)
+    MBEDTLS_SSL_DEBUG_BUF(4, "finished sha512 state", (unsigned char *)
+                          sha512.state, sizeof(sha512.state));
+#endif
+    /* mbedtls_sha512_finish_ret's output parameter is declared as a
+     * 64-byte buffer, but since we're using SHA-384, we know that the
+     * output fits in 48 bytes. This is correct C, but GCC 11.1 warns
+     * about it.
+     */
+#if defined(__GNUC__) && __GNUC__ >= 11
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wstringop-overflow"
+#endif
+    mbedtls_sha512_finish_ret(&sha512, padbuf);
+#if defined(__GNUC__) && __GNUC__ >= 11
+#pragma GCC diagnostic pop
+#endif
+
+    mbedtls_sha512_free(&sha512);
+#endif
+
+    ssl->handshake->tls_prf(session->master, 48, sender,
+                            padbuf, 48, buf, len);
+
+    MBEDTLS_SSL_DEBUG_BUF(3, "calc finished result", buf, len);
+
+    mbedtls_platform_zeroize(padbuf, sizeof(padbuf));
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc  finished"));
+}
+#endif /* MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384 */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+void mbedtls_ssl_handshake_wrapup_free_hs_transform(mbedtls_ssl_context *ssl)
+{
+    MBEDTLS_SSL_DEBUG_MSG(3, ("=> handshake wrapup: final free"));
+
+    /*
+     * Free our handshake params
+     */
+    mbedtls_ssl_handshake_free(ssl);
+    mbedtls_free(ssl->handshake);
+    ssl->handshake = NULL;
+
+    /*
+     * Free the previous transform and switch in the current one
+     */
+    if (ssl->transform) {
+        mbedtls_ssl_transform_free(ssl->transform);
+        mbedtls_free(ssl->transform);
+    }
+    ssl->transform = ssl->transform_negotiate;
+    ssl->transform_negotiate = NULL;
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("<= handshake wrapup: final free"));
+}
+
+void mbedtls_ssl_handshake_wrapup(mbedtls_ssl_context *ssl)
+{
+    int resume = ssl->handshake->resume;
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("=> handshake wrapup"));
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) {
+        ssl->renego_status =  MBEDTLS_SSL_RENEGOTIATION_DONE;
+        ssl->renego_records_seen = 0;
+    }
+#endif
+
+    /*
+     * Free the previous session and switch in the current one
+     */
+    if (ssl->session) {
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+        /* RFC 7366 3.1: keep the EtM state */
+        ssl->session_negotiate->encrypt_then_mac =
+            ssl->session->encrypt_then_mac;
+#endif
+
+        mbedtls_ssl_session_free(ssl->session);
+        mbedtls_free(ssl->session);
+    }
+    ssl->session = ssl->session_negotiate;
+    ssl->session_negotiate = NULL;
+
+    /*
+     * Add cache entry
+     */
+    if (ssl->conf->f_set_cache != NULL &&
+        ssl->session->id_len != 0 &&
+        resume == 0) {
+        if (ssl->conf->f_set_cache(ssl->conf->p_cache, ssl->session) != 0) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("cache did not store session"));
+        }
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ssl->handshake->flight != NULL) {
+        /* Cancel handshake timer */
+        mbedtls_ssl_set_timer(ssl, 0);
+
+        /* Keep last flight around in case we need to resend it:
+         * we need the handshake and transform structures for that */
+        MBEDTLS_SSL_DEBUG_MSG(3, ("skip freeing handshake and transform"));
+    } else
+#endif
+    mbedtls_ssl_handshake_wrapup_free_hs_transform(ssl);
+
+    ssl->state++;
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("<= handshake wrapup"));
+}
+
+int mbedtls_ssl_write_finished(mbedtls_ssl_context *ssl)
+{
+    int ret, hash_len;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write finished"));
+
+    mbedtls_ssl_update_out_pointers(ssl, ssl->transform_negotiate);
+
+    ssl->handshake->calc_finished(ssl, ssl->out_msg + 4, ssl->conf->endpoint);
+
+    /*
+     * RFC 5246 7.4.9 (Page 63) says 12 is the default length and ciphersuites
+     * may define some other value. Currently (early 2016), no defined
+     * ciphersuite does this (and this is unlikely to change as activity has
+     * moved to TLS 1.3 now) so we can keep the hardcoded 12 here.
+     */
+    hash_len = (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) ? 36 : 12;
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    ssl->verify_data_len = hash_len;
+    memcpy(ssl->own_verify_data, ssl->out_msg + 4, hash_len);
+#endif
+
+    ssl->out_msglen  = 4 + hash_len;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_FINISHED;
+
+    /*
+     * In case of session resuming, invert the client and server
+     * ChangeCipherSpec messages order.
+     */
+    if (ssl->handshake->resume != 0) {
+#if defined(MBEDTLS_SSL_CLI_C)
+        if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) {
+            ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP;
+        }
+#endif
+#if defined(MBEDTLS_SSL_SRV_C)
+        if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) {
+            ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC;
+        }
+#endif
+    } else {
+        ssl->state++;
+    }
+
+    /*
+     * Switch to our negotiated transform and session parameters for outbound
+     * data.
+     */
+    MBEDTLS_SSL_DEBUG_MSG(3, ("switching to new transform spec for outbound data"));
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        unsigned char i;
+
+        /* Remember current epoch settings for resending */
+        ssl->handshake->alt_transform_out = ssl->transform_out;
+        memcpy(ssl->handshake->alt_out_ctr, ssl->cur_out_ctr, 8);
+
+        /* Set sequence_number to zero */
+        memset(ssl->cur_out_ctr + 2, 0, 6);
+
+        /* Increment epoch */
+        for (i = 2; i > 0; i--) {
+            if (++ssl->cur_out_ctr[i - 1] != 0) {
+                break;
+            }
+        }
+
+        /* The loop goes to its end iff the counter is wrapping */
+        if (i == 0) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("DTLS epoch would wrap"));
+            return MBEDTLS_ERR_SSL_COUNTER_WRAPPING;
+        }
+    } else
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+    memset(ssl->cur_out_ctr, 0, 8);
+
+    ssl->transform_out = ssl->transform_negotiate;
+    ssl->session_out = ssl->session_negotiate;
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+    if (mbedtls_ssl_hw_record_activate != NULL) {
+        if ((ret = mbedtls_ssl_hw_record_activate(ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_activate", ret);
+            return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        }
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        mbedtls_ssl_send_flight_completed(ssl);
+    }
+#endif
+
+    if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret);
+        return ret;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        (ret = mbedtls_ssl_flight_transmit(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_flight_transmit", ret);
+        return ret;
+    }
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= write finished"));
+
+    return 0;
+}
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+#define SSL_MAX_HASH_LEN 36
+#else
+#define SSL_MAX_HASH_LEN 12
+#endif
+
+int mbedtls_ssl_parse_finished(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned int hash_len;
+    unsigned char buf[SSL_MAX_HASH_LEN];
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse finished"));
+
+    /* There is currently no ciphersuite using another length with TLS 1.2 */
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) {
+        hash_len = 36;
+    } else
+#endif
+    hash_len = 12;
+
+    ssl->handshake->calc_finished(ssl, buf, ssl->conf->endpoint ^ 1);
+
+    if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret);
+        goto exit;
+    }
+
+    if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad finished message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE);
+        ret = MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+        goto exit;
+    }
+
+    if (ssl->in_msg[0] != MBEDTLS_SSL_HS_FINISHED ||
+        ssl->in_hslen  != mbedtls_ssl_hs_hdr_len(ssl) + hash_len) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad finished message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR);
+        ret = MBEDTLS_ERR_SSL_BAD_HS_FINISHED;
+        goto exit;
+    }
+
+    if (mbedtls_ct_memcmp(ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl),
+                          buf, hash_len) != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("bad finished message"));
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR);
+        ret = MBEDTLS_ERR_SSL_BAD_HS_FINISHED;
+        goto exit;
+    }
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    ssl->verify_data_len = hash_len;
+    memcpy(ssl->peer_verify_data, buf, hash_len);
+#endif
+
+    if (ssl->handshake->resume != 0) {
+#if defined(MBEDTLS_SSL_CLI_C)
+        if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) {
+            ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC;
+        }
+#endif
+#if defined(MBEDTLS_SSL_SRV_C)
+        if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) {
+            ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP;
+        }
+#endif
+    } else {
+        ssl->state++;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        mbedtls_ssl_recv_flight_completed(ssl);
+    }
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse finished"));
+
+exit:
+    mbedtls_platform_zeroize(buf, hash_len);
+    return ret;
+}
+
+static void ssl_handshake_params_init(mbedtls_ssl_handshake_params *handshake)
+{
+    memset(handshake, 0, sizeof(mbedtls_ssl_handshake_params));
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+    mbedtls_md5_init(&handshake->fin_md5);
+    mbedtls_sha1_init(&handshake->fin_sha1);
+    mbedtls_md5_starts_ret(&handshake->fin_md5);
+    mbedtls_sha1_starts_ret(&handshake->fin_sha1);
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA256_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    handshake->fin_sha256_psa = psa_hash_operation_init();
+    psa_hash_setup(&handshake->fin_sha256_psa, PSA_ALG_SHA_256);
+#else
+    mbedtls_sha256_init(&handshake->fin_sha256);
+    mbedtls_sha256_starts_ret(&handshake->fin_sha256, 0);
+#endif
+#endif
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    handshake->fin_sha384_psa = psa_hash_operation_init();
+    psa_hash_setup(&handshake->fin_sha384_psa, PSA_ALG_SHA_384);
+#else
+    mbedtls_sha512_init(&handshake->fin_sha512);
+    mbedtls_sha512_starts_ret(&handshake->fin_sha512, 1);
+#endif
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+    handshake->update_checksum = ssl_update_checksum_start;
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    mbedtls_ssl_sig_hash_set_init(&handshake->hash_algs);
+#endif
+
+#if defined(MBEDTLS_DHM_C)
+    mbedtls_dhm_init(&handshake->dhm_ctx);
+#endif
+#if defined(MBEDTLS_ECDH_C)
+    mbedtls_ecdh_init(&handshake->ecdh_ctx);
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    mbedtls_ecjpake_init(&handshake->ecjpake_ctx);
+#if defined(MBEDTLS_SSL_CLI_C)
+    handshake->ecjpake_cache = NULL;
+    handshake->ecjpake_cache_len = 0;
+#endif
+#endif
+
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+    mbedtls_x509_crt_restart_init(&handshake->ecrs_ctx);
+#endif
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    handshake->sni_authmode = MBEDTLS_SSL_VERIFY_UNSET;
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
+    !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    mbedtls_pk_init(&handshake->peer_pubkey);
+#endif
+}
+
+void mbedtls_ssl_transform_init(mbedtls_ssl_transform *transform)
+{
+    memset(transform, 0, sizeof(mbedtls_ssl_transform));
+
+    mbedtls_cipher_init(&transform->cipher_ctx_enc);
+    mbedtls_cipher_init(&transform->cipher_ctx_dec);
+
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+    mbedtls_md_init(&transform->md_ctx_enc);
+    mbedtls_md_init(&transform->md_ctx_dec);
+#endif
+}
+
+void mbedtls_ssl_session_init(mbedtls_ssl_session *session)
+{
+    memset(session, 0, sizeof(mbedtls_ssl_session));
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_handshake_init(mbedtls_ssl_context *ssl)
+{
+    /* Clear old handshake information if present */
+    if (ssl->transform_negotiate) {
+        mbedtls_ssl_transform_free(ssl->transform_negotiate);
+    }
+    if (ssl->session_negotiate) {
+        mbedtls_ssl_session_free(ssl->session_negotiate);
+    }
+    if (ssl->handshake) {
+        mbedtls_ssl_handshake_free(ssl);
+    }
+
+    /*
+     * Either the pointers are now NULL or cleared properly and can be freed.
+     * Now allocate missing structures.
+     */
+    if (ssl->transform_negotiate == NULL) {
+        ssl->transform_negotiate = mbedtls_calloc(1, sizeof(mbedtls_ssl_transform));
+    }
+
+    if (ssl->session_negotiate == NULL) {
+        ssl->session_negotiate = mbedtls_calloc(1, sizeof(mbedtls_ssl_session));
+    }
+
+    if (ssl->handshake == NULL) {
+        ssl->handshake = mbedtls_calloc(1, sizeof(mbedtls_ssl_handshake_params));
+    }
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+    /* If the buffers are too small - reallocate */
+
+    handle_buffer_resizing(ssl, 0, MBEDTLS_SSL_IN_BUFFER_LEN,
+                           MBEDTLS_SSL_OUT_BUFFER_LEN);
+#endif
+
+    /* All pointers should exist and can be directly freed without issue */
+    if (ssl->handshake == NULL ||
+        ssl->transform_negotiate == NULL ||
+        ssl->session_negotiate == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("alloc() of ssl sub-contexts failed"));
+
+        mbedtls_free(ssl->handshake);
+        mbedtls_free(ssl->transform_negotiate);
+        mbedtls_free(ssl->session_negotiate);
+
+        ssl->handshake = NULL;
+        ssl->transform_negotiate = NULL;
+        ssl->session_negotiate = NULL;
+
+        return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+    }
+
+    /* Initialize structures */
+    mbedtls_ssl_session_init(ssl->session_negotiate);
+    mbedtls_ssl_transform_init(ssl->transform_negotiate);
+    ssl_handshake_params_init(ssl->handshake);
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        ssl->handshake->alt_transform_out = ssl->transform_out;
+
+        if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) {
+            ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING;
+        } else {
+            ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING;
+        }
+
+        mbedtls_ssl_set_timer(ssl, 0);
+    }
+#endif
+
+    return 0;
+}
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
+/* Dummy cookie callbacks for defaults */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_cookie_write_dummy(void *ctx,
+                                  unsigned char **p, unsigned char *end,
+                                  const unsigned char *cli_id, size_t cli_id_len)
+{
+    ((void) ctx);
+    ((void) p);
+    ((void) end);
+    ((void) cli_id);
+    ((void) cli_id_len);
+
+    return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+}
+
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_cookie_check_dummy(void *ctx,
+                                  const unsigned char *cookie, size_t cookie_len,
+                                  const unsigned char *cli_id, size_t cli_id_len)
+{
+    ((void) ctx);
+    ((void) cookie);
+    ((void) cookie_len);
+    ((void) cli_id);
+    ((void) cli_id_len);
+
+    return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+}
+#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */
+
+/*
+ * Initialize an SSL context
+ */
+void mbedtls_ssl_init(mbedtls_ssl_context *ssl)
+{
+    memset(ssl, 0, sizeof(mbedtls_ssl_context));
+}
+
+/*
+ * Setup an SSL context
+ */
+
+int mbedtls_ssl_setup(mbedtls_ssl_context *ssl,
+                      const mbedtls_ssl_config *conf)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN;
+    size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN;
+
+    ssl->conf = conf;
+
+    /*
+     * Prepare base structures
+     */
+
+    /* Set to NULL in case of an error condition */
+    ssl->out_buf = NULL;
+
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+    ssl->in_buf_len = in_buf_len;
+#endif
+    ssl->in_buf = mbedtls_calloc(1, in_buf_len);
+    if (ssl->in_buf == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("alloc(%" MBEDTLS_PRINTF_SIZET " bytes) failed", in_buf_len));
+        ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
+        goto error;
+    }
+
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+    ssl->out_buf_len = out_buf_len;
+#endif
+    ssl->out_buf = mbedtls_calloc(1, out_buf_len);
+    if (ssl->out_buf == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("alloc(%" MBEDTLS_PRINTF_SIZET " bytes) failed", out_buf_len));
+        ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
+        goto error;
+    }
+
+    mbedtls_ssl_reset_in_out_pointers(ssl);
+
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+    memset(&ssl->dtls_srtp_info, 0, sizeof(ssl->dtls_srtp_info));
+#endif
+
+    if ((ret = ssl_handshake_init(ssl)) != 0) {
+        goto error;
+    }
+
+    return 0;
+
+error:
+    mbedtls_free(ssl->in_buf);
+    mbedtls_free(ssl->out_buf);
+
+    ssl->conf = NULL;
+
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+    ssl->in_buf_len = 0;
+    ssl->out_buf_len = 0;
+#endif
+    ssl->in_buf = NULL;
+    ssl->out_buf = NULL;
+
+    ssl->in_hdr = NULL;
+    ssl->in_ctr = NULL;
+    ssl->in_len = NULL;
+    ssl->in_iv = NULL;
+    ssl->in_msg = NULL;
+
+    ssl->out_hdr = NULL;
+    ssl->out_ctr = NULL;
+    ssl->out_len = NULL;
+    ssl->out_iv = NULL;
+    ssl->out_msg = NULL;
+
+    return ret;
+}
+
+/*
+ * Reset an initialized and used SSL context for re-use while retaining
+ * all application-set variables, function pointers and data.
+ *
+ * If partial is non-zero, keep data in the input buffer and client ID.
+ * (Use when a DTLS client reconnects from the same port.)
+ */
+int mbedtls_ssl_session_reset_int(mbedtls_ssl_context *ssl, int partial)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+    size_t in_buf_len = ssl->in_buf_len;
+    size_t out_buf_len = ssl->out_buf_len;
+#else
+    size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN;
+    size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN;
+#endif
+
+#if !defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) ||     \
+    !defined(MBEDTLS_SSL_SRV_C)
+    ((void) partial);
+#endif
+
+    ssl->state = MBEDTLS_SSL_HELLO_REQUEST;
+
+    /* Cancel any possibly running timer */
+    mbedtls_ssl_set_timer(ssl, 0);
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    ssl->renego_status = MBEDTLS_SSL_INITIAL_HANDSHAKE;
+    ssl->renego_records_seen = 0;
+
+    ssl->verify_data_len = 0;
+    memset(ssl->own_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN);
+    memset(ssl->peer_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN);
+#endif
+    ssl->secure_renegotiation = MBEDTLS_SSL_LEGACY_RENEGOTIATION;
+
+    ssl->in_offt = NULL;
+    mbedtls_ssl_reset_in_out_pointers(ssl);
+
+    ssl->in_msgtype = 0;
+    ssl->in_msglen = 0;
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    ssl->next_record_offset = 0;
+    ssl->in_epoch = 0;
+#endif
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+    mbedtls_ssl_dtls_replay_reset(ssl);
+#endif
+
+    ssl->in_hslen = 0;
+    ssl->nb_zero = 0;
+
+    ssl->keep_current_message = 0;
+
+    ssl->out_msgtype = 0;
+    ssl->out_msglen = 0;
+    ssl->out_left = 0;
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+    if (ssl->split_done != MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED) {
+        ssl->split_done = 0;
+    }
+#endif
+
+    memset(ssl->cur_out_ctr, 0, sizeof(ssl->cur_out_ctr));
+
+    ssl->transform_in = NULL;
+    ssl->transform_out = NULL;
+
+    ssl->session_in = NULL;
+    ssl->session_out = NULL;
+
+    memset(ssl->out_buf, 0, out_buf_len);
+
+    int clear_in_buf = 1;
+#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C)
+    if (partial != 0) {
+        clear_in_buf = 0;
+    }
+#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */
+    if (clear_in_buf) {
+        ssl->in_left = 0;
+        memset(ssl->in_buf, 0, in_buf_len);
+    }
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+    if (mbedtls_ssl_hw_record_reset != NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("going for mbedtls_ssl_hw_record_reset()"));
+        if ((ret = mbedtls_ssl_hw_record_reset(ssl)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_reset", ret);
+            return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        }
+    }
+#endif
+
+    if (ssl->transform) {
+        mbedtls_ssl_transform_free(ssl->transform);
+        mbedtls_free(ssl->transform);
+        ssl->transform = NULL;
+    }
+
+    if (ssl->session) {
+        mbedtls_ssl_session_free(ssl->session);
+        mbedtls_free(ssl->session);
+        ssl->session = NULL;
+    }
+
+#if defined(MBEDTLS_SSL_ALPN)
+    ssl->alpn_chosen = NULL;
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
+    int free_cli_id = 1;
+#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE)
+    if (partial != 0) {
+        free_cli_id = 0;
+    }
+#endif
+    if (free_cli_id) {
+        mbedtls_free(ssl->cli_id);
+        ssl->cli_id = NULL;
+        ssl->cli_id_len = 0;
+    }
+#endif
+
+    if ((ret = ssl_handshake_init(ssl)) != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+
+/*
+ * Reset an initialized and used SSL context for re-use while retaining
+ * all application-set variables, function pointers and data.
+ */
+int mbedtls_ssl_session_reset(mbedtls_ssl_context *ssl)
+{
+    return mbedtls_ssl_session_reset_int(ssl, 0);
+}
+
+/*
+ * SSL set accessors
+ */
+void mbedtls_ssl_conf_endpoint(mbedtls_ssl_config *conf, int endpoint)
+{
+    conf->endpoint   = endpoint;
+}
+
+void mbedtls_ssl_conf_transport(mbedtls_ssl_config *conf, int transport)
+{
+    conf->transport = transport;
+}
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+void mbedtls_ssl_conf_dtls_anti_replay(mbedtls_ssl_config *conf, char mode)
+{
+    conf->anti_replay = mode;
+}
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
+void mbedtls_ssl_conf_dtls_badmac_limit(mbedtls_ssl_config *conf, unsigned limit)
+{
+    conf->badmac_limit = limit;
+}
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+
+void mbedtls_ssl_set_datagram_packing(mbedtls_ssl_context *ssl,
+                                      unsigned allow_packing)
+{
+    ssl->disable_datagram_packing = !allow_packing;
+}
+
+void mbedtls_ssl_conf_handshake_timeout(mbedtls_ssl_config *conf,
+                                        uint32_t min, uint32_t max)
+{
+    conf->hs_timeout_min = min;
+    conf->hs_timeout_max = max;
+}
+#endif
+
+void mbedtls_ssl_conf_authmode(mbedtls_ssl_config *conf, int authmode)
+{
+    conf->authmode   = authmode;
+}
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+void mbedtls_ssl_conf_verify(mbedtls_ssl_config *conf,
+                             int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                             void *p_vrfy)
+{
+    conf->f_vrfy      = f_vrfy;
+    conf->p_vrfy      = p_vrfy;
+}
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+void mbedtls_ssl_conf_rng(mbedtls_ssl_config *conf,
+                          int (*f_rng)(void *, unsigned char *, size_t),
+                          void *p_rng)
+{
+    conf->f_rng      = f_rng;
+    conf->p_rng      = p_rng;
+}
+
+void mbedtls_ssl_conf_dbg(mbedtls_ssl_config *conf,
+                          void (*f_dbg)(void *, int, const char *, int, const char *),
+                          void  *p_dbg)
+{
+    conf->f_dbg      = f_dbg;
+    conf->p_dbg      = p_dbg;
+}
+
+void mbedtls_ssl_set_bio(mbedtls_ssl_context *ssl,
+                         void *p_bio,
+                         mbedtls_ssl_send_t *f_send,
+                         mbedtls_ssl_recv_t *f_recv,
+                         mbedtls_ssl_recv_timeout_t *f_recv_timeout)
+{
+    ssl->p_bio          = p_bio;
+    ssl->f_send         = f_send;
+    ssl->f_recv         = f_recv;
+    ssl->f_recv_timeout = f_recv_timeout;
+}
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+void mbedtls_ssl_set_mtu(mbedtls_ssl_context *ssl, uint16_t mtu)
+{
+    ssl->mtu = mtu;
+}
+#endif
+
+void mbedtls_ssl_conf_read_timeout(mbedtls_ssl_config *conf, uint32_t timeout)
+{
+    conf->read_timeout   = timeout;
+}
+
+void mbedtls_ssl_set_timer_cb(mbedtls_ssl_context *ssl,
+                              void *p_timer,
+                              mbedtls_ssl_set_timer_t *f_set_timer,
+                              mbedtls_ssl_get_timer_t *f_get_timer)
+{
+    ssl->p_timer        = p_timer;
+    ssl->f_set_timer    = f_set_timer;
+    ssl->f_get_timer    = f_get_timer;
+
+    /* Make sure we start with no timer running */
+    mbedtls_ssl_set_timer(ssl, 0);
+}
+
+#if defined(MBEDTLS_SSL_SRV_C)
+void mbedtls_ssl_conf_session_cache(mbedtls_ssl_config *conf,
+                                    void *p_cache,
+                                    int (*f_get_cache)(void *, mbedtls_ssl_session *),
+                                    int (*f_set_cache)(void *, const mbedtls_ssl_session *))
+{
+    conf->p_cache = p_cache;
+    conf->f_get_cache = f_get_cache;
+    conf->f_set_cache = f_set_cache;
+}
+#endif /* MBEDTLS_SSL_SRV_C */
+
+#if defined(MBEDTLS_SSL_CLI_C)
+int mbedtls_ssl_set_session(mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if (ssl == NULL ||
+        session == NULL ||
+        ssl->session_negotiate == NULL ||
+        ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    if ((ret = mbedtls_ssl_session_copy(ssl->session_negotiate,
+                                        session)) != 0) {
+        return ret;
+    }
+
+    ssl->handshake->resume = 1;
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_CLI_C */
+
+void mbedtls_ssl_conf_ciphersuites(mbedtls_ssl_config *conf,
+                                   const int *ciphersuites)
+{
+    conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = ciphersuites;
+    conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = ciphersuites;
+    conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = ciphersuites;
+    conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = ciphersuites;
+}
+
+void mbedtls_ssl_conf_ciphersuites_for_version(mbedtls_ssl_config *conf,
+                                               const int *ciphersuites,
+                                               int major, int minor)
+{
+    if (major != MBEDTLS_SSL_MAJOR_VERSION_3) {
+        return;
+    }
+
+    if (minor < MBEDTLS_SSL_MINOR_VERSION_0 || minor > MBEDTLS_SSL_MINOR_VERSION_3) {
+        return;
+    }
+
+    conf->ciphersuite_list[minor] = ciphersuites;
+}
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+void mbedtls_ssl_conf_cert_profile(mbedtls_ssl_config *conf,
+                                   const mbedtls_x509_crt_profile *profile)
+{
+    conf->cert_profile = profile;
+}
+
+/* Append a new keycert entry to a (possibly empty) list */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_append_key_cert(mbedtls_ssl_key_cert **head,
+                               mbedtls_x509_crt *cert,
+                               mbedtls_pk_context *key)
+{
+    mbedtls_ssl_key_cert *new_cert;
+
+    new_cert = mbedtls_calloc(1, sizeof(mbedtls_ssl_key_cert));
+    if (new_cert == NULL) {
+        return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+    }
+
+    new_cert->cert = cert;
+    new_cert->key  = key;
+    new_cert->next = NULL;
+
+    /* Update head is the list was null, else add to the end */
+    if (*head == NULL) {
+        *head = new_cert;
+    } else {
+        mbedtls_ssl_key_cert *cur = *head;
+        while (cur->next != NULL) {
+            cur = cur->next;
+        }
+        cur->next = new_cert;
+    }
+
+    return 0;
+}
+
+int mbedtls_ssl_conf_own_cert(mbedtls_ssl_config *conf,
+                              mbedtls_x509_crt *own_cert,
+                              mbedtls_pk_context *pk_key)
+{
+    return ssl_append_key_cert(&conf->key_cert, own_cert, pk_key);
+}
+
+void mbedtls_ssl_conf_ca_chain(mbedtls_ssl_config *conf,
+                               mbedtls_x509_crt *ca_chain,
+                               mbedtls_x509_crl *ca_crl)
+{
+    conf->ca_chain   = ca_chain;
+    conf->ca_crl     = ca_crl;
+
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+    /* mbedtls_ssl_conf_ca_chain() and mbedtls_ssl_conf_ca_cb()
+     * cannot be used together. */
+    conf->f_ca_cb = NULL;
+    conf->p_ca_cb = NULL;
+#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+}
+
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+void mbedtls_ssl_conf_ca_cb(mbedtls_ssl_config *conf,
+                            mbedtls_x509_crt_ca_cb_t f_ca_cb,
+                            void *p_ca_cb)
+{
+    conf->f_ca_cb = f_ca_cb;
+    conf->p_ca_cb = p_ca_cb;
+
+    /* mbedtls_ssl_conf_ca_chain() and mbedtls_ssl_conf_ca_cb()
+     * cannot be used together. */
+    conf->ca_chain   = NULL;
+    conf->ca_crl     = NULL;
+}
+#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+int mbedtls_ssl_set_hs_own_cert(mbedtls_ssl_context *ssl,
+                                mbedtls_x509_crt *own_cert,
+                                mbedtls_pk_context *pk_key)
+{
+    return ssl_append_key_cert(&ssl->handshake->sni_key_cert,
+                               own_cert, pk_key);
+}
+
+void mbedtls_ssl_set_hs_ca_chain(mbedtls_ssl_context *ssl,
+                                 mbedtls_x509_crt *ca_chain,
+                                 mbedtls_x509_crl *ca_crl)
+{
+    ssl->handshake->sni_ca_chain   = ca_chain;
+    ssl->handshake->sni_ca_crl     = ca_crl;
+}
+
+void mbedtls_ssl_set_hs_authmode(mbedtls_ssl_context *ssl,
+                                 int authmode)
+{
+    ssl->handshake->sni_authmode = authmode;
+}
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+void mbedtls_ssl_set_verify(mbedtls_ssl_context *ssl,
+                            int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                            void *p_vrfy)
+{
+    ssl->f_vrfy = f_vrfy;
+    ssl->p_vrfy = p_vrfy;
+}
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+/*
+ * Set EC J-PAKE password for current handshake
+ */
+int mbedtls_ssl_set_hs_ecjpake_password(mbedtls_ssl_context *ssl,
+                                        const unsigned char *pw,
+                                        size_t pw_len)
+{
+    mbedtls_ecjpake_role role;
+
+    if (ssl->handshake == NULL || ssl->conf == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) {
+        role = MBEDTLS_ECJPAKE_SERVER;
+    } else {
+        role = MBEDTLS_ECJPAKE_CLIENT;
+    }
+
+    return mbedtls_ecjpake_setup(&ssl->handshake->ecjpake_ctx,
+                                 role,
+                                 MBEDTLS_MD_SHA256,
+                                 MBEDTLS_ECP_DP_SECP256R1,
+                                 pw, pw_len);
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+
+static void ssl_conf_remove_psk(mbedtls_ssl_config *conf)
+{
+    /* Remove reference to existing PSK, if any. */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (!mbedtls_svc_key_id_is_null(conf->psk_opaque)) {
+        /* The maintenance of the PSK key slot is the
+         * user's responsibility. */
+        conf->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT;
+    }
+    /* This and the following branch should never
+     * be taken simultaneously as we maintain the
+     * invariant that raw and opaque PSKs are never
+     * configured simultaneously. As a safeguard,
+     * though, `else` is omitted here. */
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    if (conf->psk != NULL) {
+        mbedtls_platform_zeroize(conf->psk, conf->psk_len);
+
+        mbedtls_free(conf->psk);
+        conf->psk = NULL;
+        conf->psk_len = 0;
+    }
+
+    /* Remove reference to PSK identity, if any. */
+    if (conf->psk_identity != NULL) {
+        mbedtls_free(conf->psk_identity);
+        conf->psk_identity = NULL;
+        conf->psk_identity_len = 0;
+    }
+}
+
+/* This function assumes that PSK identity in the SSL config is unset.
+ * It checks that the provided identity is well-formed and attempts
+ * to make a copy of it in the SSL config.
+ * On failure, the PSK identity in the config remains unset. */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_conf_set_psk_identity(mbedtls_ssl_config *conf,
+                                     unsigned char const *psk_identity,
+                                     size_t psk_identity_len)
+{
+    /* Identity len will be encoded on two bytes */
+    if (psk_identity               == NULL ||
+        (psk_identity_len >> 16) != 0    ||
+        psk_identity_len > MBEDTLS_SSL_OUT_CONTENT_LEN) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    conf->psk_identity = mbedtls_calloc(1, psk_identity_len);
+    if (conf->psk_identity == NULL) {
+        return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+    }
+
+    conf->psk_identity_len = psk_identity_len;
+    memcpy(conf->psk_identity, psk_identity, conf->psk_identity_len);
+
+    return 0;
+}
+
+int mbedtls_ssl_conf_psk(mbedtls_ssl_config *conf,
+                         const unsigned char *psk, size_t psk_len,
+                         const unsigned char *psk_identity, size_t psk_identity_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    /* Remove opaque/raw PSK + PSK Identity */
+    ssl_conf_remove_psk(conf);
+
+    /* Check and set raw PSK */
+    if (psk == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+    if (psk_len == 0) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+    if (psk_len > MBEDTLS_PSK_MAX_LEN) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    if ((conf->psk = mbedtls_calloc(1, psk_len)) == NULL) {
+        return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+    }
+    conf->psk_len = psk_len;
+    memcpy(conf->psk, psk, conf->psk_len);
+
+    /* Check and set PSK Identity */
+    ret = ssl_conf_set_psk_identity(conf, psk_identity, psk_identity_len);
+    if (ret != 0) {
+        ssl_conf_remove_psk(conf);
+    }
+
+    return ret;
+}
+
+static void ssl_remove_psk(mbedtls_ssl_context *ssl)
+{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) {
+        ssl->handshake->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT;
+    } else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    if (ssl->handshake->psk != NULL) {
+        mbedtls_platform_zeroize(ssl->handshake->psk,
+                                 ssl->handshake->psk_len);
+        mbedtls_free(ssl->handshake->psk);
+        ssl->handshake->psk_len = 0;
+    }
+}
+
+int mbedtls_ssl_set_hs_psk(mbedtls_ssl_context *ssl,
+                           const unsigned char *psk, size_t psk_len)
+{
+    if (psk == NULL || ssl->handshake == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    if (psk_len > MBEDTLS_PSK_MAX_LEN) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    ssl_remove_psk(ssl);
+
+    if ((ssl->handshake->psk = mbedtls_calloc(1, psk_len)) == NULL) {
+        return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+    }
+
+    ssl->handshake->psk_len = psk_len;
+    memcpy(ssl->handshake->psk, psk, ssl->handshake->psk_len);
+
+    return 0;
+}
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+int mbedtls_ssl_conf_psk_opaque(mbedtls_ssl_config *conf,
+                                psa_key_id_t psk,
+                                const unsigned char *psk_identity,
+                                size_t psk_identity_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    /* Clear opaque/raw PSK + PSK Identity, if present. */
+    ssl_conf_remove_psk(conf);
+
+    /* Check and set opaque PSK */
+    if (mbedtls_svc_key_id_is_null(psk)) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+    conf->psk_opaque = psk;
+
+    /* Check and set PSK Identity */
+    ret = ssl_conf_set_psk_identity(conf, psk_identity,
+                                    psk_identity_len);
+    if (ret != 0) {
+        ssl_conf_remove_psk(conf);
+    }
+
+    return ret;
+}
+
+int mbedtls_ssl_set_hs_psk_opaque(mbedtls_ssl_context *ssl,
+                                  psa_key_id_t psk)
+{
+    if ((mbedtls_svc_key_id_is_null(psk)) ||
+        (ssl->handshake == NULL)) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    ssl_remove_psk(ssl);
+    ssl->handshake->psk_opaque = psk;
+    return 0;
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+void mbedtls_ssl_conf_psk_cb(mbedtls_ssl_config *conf,
+                             int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *,
+                                          size_t),
+                             void *p_psk)
+{
+    conf->f_psk = f_psk;
+    conf->p_psk = p_psk;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+int mbedtls_ssl_conf_dh_param(mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if ((ret = mbedtls_mpi_read_string(&conf->dhm_P, 16, dhm_P)) != 0 ||
+        (ret = mbedtls_mpi_read_string(&conf->dhm_G, 16, dhm_G)) != 0) {
+        mbedtls_mpi_free(&conf->dhm_P);
+        mbedtls_mpi_free(&conf->dhm_G);
+        return ret;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
+
+int mbedtls_ssl_conf_dh_param_bin(mbedtls_ssl_config *conf,
+                                  const unsigned char *dhm_P, size_t P_len,
+                                  const unsigned char *dhm_G, size_t G_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    mbedtls_mpi_free(&conf->dhm_P);
+    mbedtls_mpi_free(&conf->dhm_G);
+
+    if ((ret = mbedtls_mpi_read_binary(&conf->dhm_P, dhm_P, P_len)) != 0 ||
+        (ret = mbedtls_mpi_read_binary(&conf->dhm_G, dhm_G, G_len)) != 0) {
+        mbedtls_mpi_free(&conf->dhm_P);
+        mbedtls_mpi_free(&conf->dhm_G);
+        return ret;
+    }
+
+    return 0;
+}
+
+int mbedtls_ssl_conf_dh_param_ctx(mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    mbedtls_mpi_free(&conf->dhm_P);
+    mbedtls_mpi_free(&conf->dhm_G);
+
+    if ((ret = mbedtls_mpi_copy(&conf->dhm_P, &dhm_ctx->P)) != 0 ||
+        (ret = mbedtls_mpi_copy(&conf->dhm_G, &dhm_ctx->G)) != 0) {
+        mbedtls_mpi_free(&conf->dhm_P);
+        mbedtls_mpi_free(&conf->dhm_G);
+        return ret;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_SRV_C */
+
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
+/*
+ * Set the minimum length for Diffie-Hellman parameters
+ */
+void mbedtls_ssl_conf_dhm_min_bitlen(mbedtls_ssl_config *conf,
+                                     unsigned int bitlen)
+{
+    conf->dhm_min_bitlen = bitlen;
+}
+#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+/*
+ * Set allowed/preferred hashes for handshake signatures
+ */
+void mbedtls_ssl_conf_sig_hashes(mbedtls_ssl_config *conf,
+                                 const int *hashes)
+{
+    conf->sig_hashes = hashes;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+#if defined(MBEDTLS_ECP_C)
+/*
+ * Set the allowed elliptic curves
+ */
+void mbedtls_ssl_conf_curves(mbedtls_ssl_config *conf,
+                             const mbedtls_ecp_group_id *curve_list)
+{
+    conf->curve_list = curve_list;
+}
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+int mbedtls_ssl_set_hostname(mbedtls_ssl_context *ssl, const char *hostname)
+{
+    /* Initialize to suppress unnecessary compiler warning */
+    size_t hostname_len = 0;
+
+    /* Check if new hostname is valid before
+     * making any change to current one */
+    if (hostname != NULL) {
+        hostname_len = strlen(hostname);
+
+        if (hostname_len > MBEDTLS_SSL_MAX_HOST_NAME_LEN) {
+            return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+        }
+    }
+
+    /* Now it's clear that we will overwrite the old hostname,
+     * so we can free it safely */
+
+    if (ssl->hostname != NULL) {
+        mbedtls_platform_zeroize(ssl->hostname, strlen(ssl->hostname));
+        mbedtls_free(ssl->hostname);
+    }
+
+    /* Passing NULL as hostname shall clear the old one */
+
+    if (hostname == NULL) {
+        ssl->hostname = NULL;
+    } else {
+        ssl->hostname = mbedtls_calloc(1, hostname_len + 1);
+        if (ssl->hostname == NULL) {
+            return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+        }
+
+        memcpy(ssl->hostname, hostname, hostname_len);
+
+        ssl->hostname[hostname_len] = '\0';
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+void mbedtls_ssl_conf_sni(mbedtls_ssl_config *conf,
+                          int (*f_sni)(void *, mbedtls_ssl_context *,
+                                       const unsigned char *, size_t),
+                          void *p_sni)
+{
+    conf->f_sni = f_sni;
+    conf->p_sni = p_sni;
+}
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+
+#if defined(MBEDTLS_SSL_ALPN)
+int mbedtls_ssl_conf_alpn_protocols(mbedtls_ssl_config *conf, const char **protos)
+{
+    size_t cur_len, tot_len;
+    const char **p;
+
+    /*
+     * RFC 7301 3.1: "Empty strings MUST NOT be included and byte strings
+     * MUST NOT be truncated."
+     * We check lengths now rather than later.
+     */
+    tot_len = 0;
+    for (p = protos; *p != NULL; p++) {
+        cur_len = strlen(*p);
+        tot_len += cur_len;
+
+        if ((cur_len == 0) ||
+            (cur_len > MBEDTLS_SSL_MAX_ALPN_NAME_LEN) ||
+            (tot_len > MBEDTLS_SSL_MAX_ALPN_LIST_LEN)) {
+            return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+        }
+    }
+
+    conf->alpn_list = protos;
+
+    return 0;
+}
+
+const char *mbedtls_ssl_get_alpn_protocol(const mbedtls_ssl_context *ssl)
+{
+    return ssl->alpn_chosen;
+}
+#endif /* MBEDTLS_SSL_ALPN */
+
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+void mbedtls_ssl_conf_srtp_mki_value_supported(mbedtls_ssl_config *conf,
+                                               int support_mki_value)
+{
+    conf->dtls_srtp_mki_support = support_mki_value;
+}
+
+int mbedtls_ssl_dtls_srtp_set_mki_value(mbedtls_ssl_context *ssl,
+                                        unsigned char *mki_value,
+                                        uint16_t mki_len)
+{
+    if (mki_len > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    if (ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED) {
+        return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+    }
+
+    memcpy(ssl->dtls_srtp_info.mki_value, mki_value, mki_len);
+    ssl->dtls_srtp_info.mki_len = mki_len;
+    return 0;
+}
+
+int mbedtls_ssl_conf_dtls_srtp_protection_profiles(mbedtls_ssl_config *conf,
+                                                   const mbedtls_ssl_srtp_profile *profiles)
+{
+    const mbedtls_ssl_srtp_profile *p;
+    size_t list_size = 0;
+
+    /* check the profiles list: all entry must be valid,
+     * its size cannot be more than the total number of supported profiles, currently 4 */
+    for (p = profiles; *p != MBEDTLS_TLS_SRTP_UNSET &&
+         list_size <= MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH;
+         p++) {
+        if (mbedtls_ssl_check_srtp_profile_value(*p) != MBEDTLS_TLS_SRTP_UNSET) {
+            list_size++;
+        } else {
+            /* unsupported value, stop parsing and set the size to an error value */
+            list_size = MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH + 1;
+        }
+    }
+
+    if (list_size > MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH) {
+        conf->dtls_srtp_profile_list = NULL;
+        conf->dtls_srtp_profile_list_len = 0;
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    conf->dtls_srtp_profile_list = profiles;
+    conf->dtls_srtp_profile_list_len = list_size;
+
+    return 0;
+}
+
+void mbedtls_ssl_get_dtls_srtp_negotiation_result(const mbedtls_ssl_context *ssl,
+                                                  mbedtls_dtls_srtp_info *dtls_srtp_info)
+{
+    dtls_srtp_info->chosen_dtls_srtp_profile = ssl->dtls_srtp_info.chosen_dtls_srtp_profile;
+    /* do not copy the mki value if there is no chosen profile */
+    if (dtls_srtp_info->chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET) {
+        dtls_srtp_info->mki_len = 0;
+    } else {
+        dtls_srtp_info->mki_len = ssl->dtls_srtp_info.mki_len;
+        memcpy(dtls_srtp_info->mki_value, ssl->dtls_srtp_info.mki_value,
+               ssl->dtls_srtp_info.mki_len);
+    }
+}
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
+void mbedtls_ssl_conf_max_version(mbedtls_ssl_config *conf, int major, int minor)
+{
+    conf->max_major_ver = major;
+    conf->max_minor_ver = minor;
+}
+
+void mbedtls_ssl_conf_min_version(mbedtls_ssl_config *conf, int major, int minor)
+{
+    conf->min_major_ver = major;
+    conf->min_minor_ver = minor;
+}
+
+#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
+void mbedtls_ssl_conf_fallback(mbedtls_ssl_config *conf, char fallback)
+{
+    conf->fallback = fallback;
+}
+#endif
+
+#if defined(MBEDTLS_SSL_SRV_C)
+void mbedtls_ssl_conf_cert_req_ca_list(mbedtls_ssl_config *conf,
+                                       char cert_req_ca_list)
+{
+    conf->cert_req_ca_list = cert_req_ca_list;
+}
+#endif
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+void mbedtls_ssl_conf_encrypt_then_mac(mbedtls_ssl_config *conf, char etm)
+{
+    conf->encrypt_then_mac = etm;
+}
+#endif
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+void mbedtls_ssl_conf_extended_master_secret(mbedtls_ssl_config *conf, char ems)
+{
+    conf->extended_ms = ems;
+}
+#endif
+
+#if defined(MBEDTLS_ARC4_C)
+void mbedtls_ssl_conf_arc4_support(mbedtls_ssl_config *conf, char arc4)
+{
+    conf->arc4_disabled = arc4;
+}
+#endif
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+int mbedtls_ssl_conf_max_frag_len(mbedtls_ssl_config *conf, unsigned char mfl_code)
+{
+    if (mfl_code >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID ||
+        ssl_mfl_code_to_length(mfl_code) > MBEDTLS_TLS_EXT_ADV_CONTENT_LEN) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    conf->mfl_code = mfl_code;
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+void mbedtls_ssl_conf_truncated_hmac(mbedtls_ssl_config *conf, int truncate)
+{
+    conf->trunc_hmac = truncate;
+}
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+void mbedtls_ssl_conf_cbc_record_splitting(mbedtls_ssl_config *conf, char split)
+{
+    conf->cbc_record_splitting = split;
+}
+#endif
+
+void mbedtls_ssl_conf_legacy_renegotiation(mbedtls_ssl_config *conf, int allow_legacy)
+{
+    conf->allow_legacy_renegotiation = allow_legacy;
+}
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+void mbedtls_ssl_conf_renegotiation(mbedtls_ssl_config *conf, int renegotiation)
+{
+    conf->disable_renegotiation = renegotiation;
+}
+
+void mbedtls_ssl_conf_renegotiation_enforced(mbedtls_ssl_config *conf, int max_records)
+{
+    conf->renego_max_records = max_records;
+}
+
+void mbedtls_ssl_conf_renegotiation_period(mbedtls_ssl_config *conf,
+                                           const unsigned char period[8])
+{
+    memcpy(conf->renego_period, period, 8);
+}
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+#if defined(MBEDTLS_SSL_CLI_C)
+void mbedtls_ssl_conf_session_tickets(mbedtls_ssl_config *conf, int use_tickets)
+{
+    conf->session_tickets = use_tickets;
+}
+#endif
+
+#if defined(MBEDTLS_SSL_SRV_C)
+void mbedtls_ssl_conf_session_tickets_cb(mbedtls_ssl_config *conf,
+                                         mbedtls_ssl_ticket_write_t *f_ticket_write,
+                                         mbedtls_ssl_ticket_parse_t *f_ticket_parse,
+                                         void *p_ticket)
+{
+    conf->f_ticket_write = f_ticket_write;
+    conf->f_ticket_parse = f_ticket_parse;
+    conf->p_ticket       = p_ticket;
+}
+#endif
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+void mbedtls_ssl_conf_export_keys_cb(mbedtls_ssl_config *conf,
+                                     mbedtls_ssl_export_keys_t *f_export_keys,
+                                     void *p_export_keys)
+{
+    conf->f_export_keys = f_export_keys;
+    conf->p_export_keys = p_export_keys;
+}
+
+void mbedtls_ssl_conf_export_keys_ext_cb(mbedtls_ssl_config *conf,
+                                         mbedtls_ssl_export_keys_ext_t *f_export_keys_ext,
+                                         void *p_export_keys)
+{
+    conf->f_export_keys_ext = f_export_keys_ext;
+    conf->p_export_keys = p_export_keys;
+}
+#endif
+
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+void mbedtls_ssl_conf_async_private_cb(
+    mbedtls_ssl_config *conf,
+    mbedtls_ssl_async_sign_t *f_async_sign,
+    mbedtls_ssl_async_decrypt_t *f_async_decrypt,
+    mbedtls_ssl_async_resume_t *f_async_resume,
+    mbedtls_ssl_async_cancel_t *f_async_cancel,
+    void *async_config_data)
+{
+    conf->f_async_sign_start = f_async_sign;
+    conf->f_async_decrypt_start = f_async_decrypt;
+    conf->f_async_resume = f_async_resume;
+    conf->f_async_cancel = f_async_cancel;
+    conf->p_async_config_data = async_config_data;
+}
+
+void *mbedtls_ssl_conf_get_async_config_data(const mbedtls_ssl_config *conf)
+{
+    return conf->p_async_config_data;
+}
+
+void *mbedtls_ssl_get_async_operation_data(const mbedtls_ssl_context *ssl)
+{
+    if (ssl->handshake == NULL) {
+        return NULL;
+    } else {
+        return ssl->handshake->user_async_ctx;
+    }
+}
+
+void mbedtls_ssl_set_async_operation_data(mbedtls_ssl_context *ssl,
+                                          void *ctx)
+{
+    if (ssl->handshake != NULL) {
+        ssl->handshake->user_async_ctx = ctx;
+    }
+}
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+
+/*
+ * SSL get accessors
+ */
+uint32_t mbedtls_ssl_get_verify_result(const mbedtls_ssl_context *ssl)
+{
+    if (ssl->session != NULL) {
+        return ssl->session->verify_result;
+    }
+
+    if (ssl->session_negotiate != NULL) {
+        return ssl->session_negotiate->verify_result;
+    }
+
+    return 0xFFFFFFFF;
+}
+
+const char *mbedtls_ssl_get_ciphersuite(const mbedtls_ssl_context *ssl)
+{
+    if (ssl == NULL || ssl->session == NULL) {
+        return NULL;
+    }
+
+    return mbedtls_ssl_get_ciphersuite_name(ssl->session->ciphersuite);
+}
+
+const char *mbedtls_ssl_get_version(const mbedtls_ssl_context *ssl)
+{
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        switch (ssl->minor_ver) {
+            case MBEDTLS_SSL_MINOR_VERSION_2:
+                return "DTLSv1.0";
+
+            case MBEDTLS_SSL_MINOR_VERSION_3:
+                return "DTLSv1.2";
+
+            default:
+                return "unknown (DTLS)";
+        }
+    }
+#endif
+
+    switch (ssl->minor_ver) {
+        case MBEDTLS_SSL_MINOR_VERSION_0:
+            return "SSLv3.0";
+
+        case MBEDTLS_SSL_MINOR_VERSION_1:
+            return "TLSv1.0";
+
+        case MBEDTLS_SSL_MINOR_VERSION_2:
+            return "TLSv1.1";
+
+        case MBEDTLS_SSL_MINOR_VERSION_3:
+            return "TLSv1.2";
+
+        default:
+            return "unknown";
+    }
+}
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+size_t mbedtls_ssl_get_input_max_frag_len(const mbedtls_ssl_context *ssl)
+{
+    size_t max_len = MBEDTLS_SSL_MAX_CONTENT_LEN;
+    size_t read_mfl;
+
+    /* Use the configured MFL for the client if we're past SERVER_HELLO_DONE */
+    if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT &&
+        ssl->state >= MBEDTLS_SSL_SERVER_HELLO_DONE) {
+        return ssl_mfl_code_to_length(ssl->conf->mfl_code);
+    }
+
+    /* Check if a smaller max length was negotiated */
+    if (ssl->session_out != NULL) {
+        read_mfl = ssl_mfl_code_to_length(ssl->session_out->mfl_code);
+        if (read_mfl < max_len) {
+            max_len = read_mfl;
+        }
+    }
+
+    // During a handshake, use the value being negotiated
+    if (ssl->session_negotiate != NULL) {
+        read_mfl = ssl_mfl_code_to_length(ssl->session_negotiate->mfl_code);
+        if (read_mfl < max_len) {
+            max_len = read_mfl;
+        }
+    }
+
+    return max_len;
+}
+
+size_t mbedtls_ssl_get_output_max_frag_len(const mbedtls_ssl_context *ssl)
+{
+    size_t max_len;
+
+    /*
+     * Assume mfl_code is correct since it was checked when set
+     */
+    max_len = ssl_mfl_code_to_length(ssl->conf->mfl_code);
+
+    /* Check if a smaller max length was negotiated */
+    if (ssl->session_out != NULL &&
+        ssl_mfl_code_to_length(ssl->session_out->mfl_code) < max_len) {
+        max_len = ssl_mfl_code_to_length(ssl->session_out->mfl_code);
+    }
+
+    /* During a handshake, use the value being negotiated */
+    if (ssl->session_negotiate != NULL &&
+        ssl_mfl_code_to_length(ssl->session_negotiate->mfl_code) < max_len) {
+        max_len = ssl_mfl_code_to_length(ssl->session_negotiate->mfl_code);
+    }
+
+    return max_len;
+}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+size_t mbedtls_ssl_get_max_frag_len(const mbedtls_ssl_context *ssl)
+{
+    return mbedtls_ssl_get_output_max_frag_len(ssl);
+}
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+size_t mbedtls_ssl_get_current_mtu(const mbedtls_ssl_context *ssl)
+{
+    /* Return unlimited mtu for client hello messages to avoid fragmentation. */
+    if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT &&
+        (ssl->state == MBEDTLS_SSL_CLIENT_HELLO ||
+         ssl->state == MBEDTLS_SSL_SERVER_HELLO)) {
+        return 0;
+    }
+
+    if (ssl->handshake == NULL || ssl->handshake->mtu == 0) {
+        return ssl->mtu;
+    }
+
+    if (ssl->mtu == 0) {
+        return ssl->handshake->mtu;
+    }
+
+    return ssl->mtu < ssl->handshake->mtu ?
+           ssl->mtu : ssl->handshake->mtu;
+}
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl)
+{
+    size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN;
+
+#if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && \
+    !defined(MBEDTLS_SSL_PROTO_DTLS)
+    (void) ssl;
+#endif
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    const size_t mfl = mbedtls_ssl_get_output_max_frag_len(ssl);
+
+    if (max_len > mfl) {
+        max_len = mfl;
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (mbedtls_ssl_get_current_mtu(ssl) != 0) {
+        const size_t mtu = mbedtls_ssl_get_current_mtu(ssl);
+        const int ret = mbedtls_ssl_get_record_expansion(ssl);
+        const size_t overhead = (size_t) ret;
+
+        if (ret < 0) {
+            return ret;
+        }
+
+        if (mtu <= overhead) {
+            MBEDTLS_SSL_DEBUG_MSG(1, ("MTU too low for record expansion"));
+            return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+        }
+
+        if (max_len > mtu - overhead) {
+            max_len = mtu - overhead;
+        }
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+#if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) &&        \
+    !defined(MBEDTLS_SSL_PROTO_DTLS)
+    ((void) ssl);
+#endif
+
+    return (int) max_len;
+}
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert(const mbedtls_ssl_context *ssl)
+{
+    if (ssl == NULL || ssl->session == NULL) {
+        return NULL;
+    }
+
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    return ssl->session->peer_cert;
+#else
+    return NULL;
+#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+}
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_SSL_CLI_C)
+int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl,
+                            mbedtls_ssl_session *dst)
+{
+    if (ssl == NULL ||
+        dst == NULL ||
+        ssl->session == NULL ||
+        ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    return mbedtls_ssl_session_copy(dst, ssl->session);
+}
+#endif /* MBEDTLS_SSL_CLI_C */
+
+const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer(const mbedtls_ssl_context *ssl)
+{
+    if (ssl == NULL) {
+        return NULL;
+    }
+
+    return ssl->session;
+}
+
+/*
+ * Define ticket header determining Mbed TLS version
+ * and structure of the ticket.
+ */
+
+/*
+ * Define bitflag determining compile-time settings influencing
+ * structure of serialized SSL sessions.
+ */
+
+#if defined(MBEDTLS_HAVE_TIME)
+#define SSL_SERIALIZED_SESSION_CONFIG_TIME 1
+#else
+#define SSL_SERIALIZED_SESSION_CONFIG_TIME 0
+#endif /* MBEDTLS_HAVE_TIME */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#define SSL_SERIALIZED_SESSION_CONFIG_CRT 1
+#else
+#define SSL_SERIALIZED_SESSION_CONFIG_CRT 0
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_SSL_CLI_C) && defined(MBEDTLS_SSL_SESSION_TICKETS)
+#define SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET 1
+#else
+#define SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET 0
+#endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+#define SSL_SERIALIZED_SESSION_CONFIG_MFL 1
+#else
+#define SSL_SERIALIZED_SESSION_CONFIG_MFL 0
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+#define SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC 1
+#else
+#define SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC 0
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+#define SSL_SERIALIZED_SESSION_CONFIG_ETM 1
+#else
+#define SSL_SERIALIZED_SESSION_CONFIG_ETM 0
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+#define SSL_SERIALIZED_SESSION_CONFIG_TICKET 1
+#else
+#define SSL_SERIALIZED_SESSION_CONFIG_TICKET 0
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#define SSL_SERIALIZED_SESSION_CONFIG_TIME_BIT          0
+#define SSL_SERIALIZED_SESSION_CONFIG_CRT_BIT           1
+#define SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET_BIT 2
+#define SSL_SERIALIZED_SESSION_CONFIG_MFL_BIT           3
+#define SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC_BIT    4
+#define SSL_SERIALIZED_SESSION_CONFIG_ETM_BIT           5
+#define SSL_SERIALIZED_SESSION_CONFIG_TICKET_BIT        6
+
+#define SSL_SERIALIZED_SESSION_CONFIG_BITFLAG                           \
+    ((uint16_t) (                                                      \
+         (SSL_SERIALIZED_SESSION_CONFIG_TIME << SSL_SERIALIZED_SESSION_CONFIG_TIME_BIT) | \
+         (SSL_SERIALIZED_SESSION_CONFIG_CRT << SSL_SERIALIZED_SESSION_CONFIG_CRT_BIT) | \
+         (SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET << \
+             SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET_BIT) | \
+         (SSL_SERIALIZED_SESSION_CONFIG_MFL << SSL_SERIALIZED_SESSION_CONFIG_MFL_BIT) | \
+         (SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC << \
+             SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC_BIT) | \
+         (SSL_SERIALIZED_SESSION_CONFIG_ETM << SSL_SERIALIZED_SESSION_CONFIG_ETM_BIT) | \
+         (SSL_SERIALIZED_SESSION_CONFIG_TICKET << SSL_SERIALIZED_SESSION_CONFIG_TICKET_BIT)))
+
+static unsigned char ssl_serialized_session_header[] = {
+    MBEDTLS_VERSION_MAJOR,
+    MBEDTLS_VERSION_MINOR,
+    MBEDTLS_VERSION_PATCH,
+    MBEDTLS_BYTE_1(SSL_SERIALIZED_SESSION_CONFIG_BITFLAG),
+    MBEDTLS_BYTE_0(SSL_SERIALIZED_SESSION_CONFIG_BITFLAG),
+};
+
+/*
+ * Serialize a session in the following format:
+ * (in the presentation language of TLS, RFC 8446 section 3)
+ *
+ *  opaque mbedtls_version[3];   // major, minor, patch
+ *  opaque session_format[2];    // version-specific 16-bit field determining
+ *                               // the format of the remaining
+ *                               // serialized data.
+ *
+ *  Note: When updating the format, remember to keep
+ *        these version+format bytes.
+ *
+ *                               // In this version, `session_format` determines
+ *                               // the setting of those compile-time
+ *                               // configuration options which influence
+ *                               // the structure of mbedtls_ssl_session.
+ *  uint64 start_time;
+ *  uint8 ciphersuite[2];        // defined by the standard
+ *  uint8 compression;           // 0 or 1
+ *  uint8 session_id_len;        // at most 32
+ *  opaque session_id[32];
+ *  opaque master[48];           // fixed length in the standard
+ *  uint32 verify_result;
+ *  opaque peer_cert<0..2^24-1>; // length 0 means no peer cert
+ *  opaque ticket<0..2^24-1>;    // length 0 means no ticket
+ *  uint32 ticket_lifetime;
+ *  uint8 mfl_code;              // up to 255 according to standard
+ *  uint8 trunc_hmac;            // 0 or 1
+ *  uint8 encrypt_then_mac;      // 0 or 1
+ *
+ * The order is the same as in the definition of the structure, except
+ * verify_result is put before peer_cert so that all mandatory fields come
+ * together in one block.
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_session_save(const mbedtls_ssl_session *session,
+                            unsigned char omit_header,
+                            unsigned char *buf,
+                            size_t buf_len,
+                            size_t *olen)
+{
+    unsigned char *p = buf;
+    size_t used = 0;
+#if defined(MBEDTLS_HAVE_TIME)
+    uint64_t start;
+#endif
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    size_t cert_len;
+#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+
+    if (!omit_header) {
+        /*
+         * Add version identifier
+         */
+
+        used += sizeof(ssl_serialized_session_header);
+
+        if (used <= buf_len) {
+            memcpy(p, ssl_serialized_session_header,
+                   sizeof(ssl_serialized_session_header));
+            p += sizeof(ssl_serialized_session_header);
+        }
+    }
+
+    /*
+     * Time
+     */
+#if defined(MBEDTLS_HAVE_TIME)
+    used += 8;
+
+    if (used <= buf_len) {
+        start = (uint64_t) session->start;
+
+        MBEDTLS_PUT_UINT64_BE(start, p, 0);
+        p += 8;
+    }
+#endif /* MBEDTLS_HAVE_TIME */
+
+    /*
+     * Basic mandatory fields
+     */
+    used += 2   /* ciphersuite */
+            + 1 /* compression */
+            + 1 /* id_len */
+            + sizeof(session->id)
+            + sizeof(session->master)
+            + 4; /* verify_result */
+
+    if (used <= buf_len) {
+        MBEDTLS_PUT_UINT16_BE(session->ciphersuite, p, 0);
+        p += 2;
+
+        *p++ = MBEDTLS_BYTE_0(session->compression);
+
+        *p++ = MBEDTLS_BYTE_0(session->id_len);
+        memcpy(p, session->id, 32);
+        p += 32;
+
+        memcpy(p, session->master, 48);
+        p += 48;
+
+        MBEDTLS_PUT_UINT32_BE(session->verify_result, p, 0);
+        p += 4;
+    }
+
+    /*
+     * Peer's end-entity certificate
+     */
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    if (session->peer_cert == NULL) {
+        cert_len = 0;
+    } else {
+        cert_len = session->peer_cert->raw.len;
+    }
+
+    used += 3 + cert_len;
+
+    if (used <= buf_len) {
+        *p++ = MBEDTLS_BYTE_2(cert_len);
+        *p++ = MBEDTLS_BYTE_1(cert_len);
+        *p++ = MBEDTLS_BYTE_0(cert_len);
+
+        if (session->peer_cert != NULL) {
+            memcpy(p, session->peer_cert->raw.p, cert_len);
+            p += cert_len;
+        }
+    }
+#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+    if (session->peer_cert_digest != NULL) {
+        used += 1 /* type */ + 1 /* length */ + session->peer_cert_digest_len;
+        if (used <= buf_len) {
+            *p++ = (unsigned char) session->peer_cert_digest_type;
+            *p++ = (unsigned char) session->peer_cert_digest_len;
+            memcpy(p, session->peer_cert_digest,
+                   session->peer_cert_digest_len);
+            p += session->peer_cert_digest_len;
+        }
+    } else {
+        used += 2;
+        if (used <= buf_len) {
+            *p++ = (unsigned char) MBEDTLS_MD_NONE;
+            *p++ = 0;
+        }
+    }
+#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+    /*
+     * Session ticket if any, plus associated data
+     */
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
+    used += 3 + session->ticket_len + 4; /* len + ticket + lifetime */
+
+    if (used <= buf_len) {
+        *p++ = MBEDTLS_BYTE_2(session->ticket_len);
+        *p++ = MBEDTLS_BYTE_1(session->ticket_len);
+        *p++ = MBEDTLS_BYTE_0(session->ticket_len);
+
+        if (session->ticket != NULL) {
+            memcpy(p, session->ticket, session->ticket_len);
+            p += session->ticket_len;
+        }
+
+        MBEDTLS_PUT_UINT32_BE(session->ticket_lifetime, p, 0);
+        p += 4;
+    }
+#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
+
+    /*
+     * Misc extension-related info
+     */
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    used += 1;
+
+    if (used <= buf_len) {
+        *p++ = session->mfl_code;
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    used += 1;
+
+    if (used <= buf_len) {
+        *p++ = (unsigned char) ((session->trunc_hmac) & 0xFF);
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    used += 1;
+
+    if (used <= buf_len) {
+        *p++ = MBEDTLS_BYTE_0(session->encrypt_then_mac);
+    }
+#endif
+
+    /* Done */
+    *olen = used;
+
+    if (used > buf_len) {
+        return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
+    }
+
+    return 0;
+}
+
+/*
+ * Public wrapper for ssl_session_save()
+ */
+int mbedtls_ssl_session_save(const mbedtls_ssl_session *session,
+                             unsigned char *buf,
+                             size_t buf_len,
+                             size_t *olen)
+{
+    return ssl_session_save(session, 0, buf, buf_len, olen);
+}
+
+/*
+ * Deserialize session, see mbedtls_ssl_session_save() for format.
+ *
+ * This internal version is wrapped by a public function that cleans up in
+ * case of error, and has an extra option omit_header.
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_session_load(mbedtls_ssl_session *session,
+                            unsigned char omit_header,
+                            const unsigned char *buf,
+                            size_t len)
+{
+    const unsigned char *p = buf;
+    const unsigned char * const end = buf + len;
+#if defined(MBEDTLS_HAVE_TIME)
+    uint64_t start;
+#endif
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    size_t cert_len;
+#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+    if (!omit_header) {
+        /*
+         * Check version identifier
+         */
+
+        if ((size_t) (end - p) < sizeof(ssl_serialized_session_header)) {
+            return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+        }
+
+        if (memcmp(p, ssl_serialized_session_header,
+                   sizeof(ssl_serialized_session_header)) != 0) {
+            return MBEDTLS_ERR_SSL_VERSION_MISMATCH;
+        }
+        p += sizeof(ssl_serialized_session_header);
+    }
+
+    /*
+     * Time
+     */
+#if defined(MBEDTLS_HAVE_TIME)
+    if (8 > (size_t) (end - p)) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    start = ((uint64_t) p[0] << 56) |
+            ((uint64_t) p[1] << 48) |
+            ((uint64_t) p[2] << 40) |
+            ((uint64_t) p[3] << 32) |
+            ((uint64_t) p[4] << 24) |
+            ((uint64_t) p[5] << 16) |
+            ((uint64_t) p[6] <<  8) |
+            ((uint64_t) p[7]);
+    p += 8;
+
+    session->start = (time_t) start;
+#endif /* MBEDTLS_HAVE_TIME */
+
+    /*
+     * Basic mandatory fields
+     */
+    if (2 + 1 + 1 + 32 + 48 + 4 > (size_t) (end - p)) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    session->ciphersuite = (p[0] << 8) | p[1];
+    p += 2;
+
+    session->compression = *p++;
+
+    session->id_len = *p++;
+    memcpy(session->id, p, 32);
+    p += 32;
+
+    memcpy(session->master, p, 48);
+    p += 48;
+
+    session->verify_result = ((uint32_t) p[0] << 24) |
+                             ((uint32_t) p[1] << 16) |
+                             ((uint32_t) p[2] <<  8) |
+                             ((uint32_t) p[3]);
+    p += 4;
+
+    /* Immediately clear invalid pointer values that have been read, in case
+     * we exit early before we replaced them with valid ones. */
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    session->peer_cert = NULL;
+#else
+    session->peer_cert_digest = NULL;
+#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
+    session->ticket = NULL;
+#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
+
+    /*
+     * Peer certificate
+     */
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    /* Deserialize CRT from the end of the ticket. */
+    if (3 > (size_t) (end - p)) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    cert_len = (p[0] << 16) | (p[1] << 8) | p[2];
+    p += 3;
+
+    if (cert_len != 0) {
+        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+        if (cert_len > (size_t) (end - p)) {
+            return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+        }
+
+        session->peer_cert = mbedtls_calloc(1, sizeof(mbedtls_x509_crt));
+
+        if (session->peer_cert == NULL) {
+            return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+        }
+
+        mbedtls_x509_crt_init(session->peer_cert);
+
+        if ((ret = mbedtls_x509_crt_parse_der(session->peer_cert,
+                                              p, cert_len)) != 0) {
+            mbedtls_x509_crt_free(session->peer_cert);
+            mbedtls_free(session->peer_cert);
+            session->peer_cert = NULL;
+            return ret;
+        }
+
+        p += cert_len;
+    }
+#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+    /* Deserialize CRT digest from the end of the ticket. */
+    if (2 > (size_t) (end - p)) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    session->peer_cert_digest_type = (mbedtls_md_type_t) *p++;
+    session->peer_cert_digest_len  = (size_t) *p++;
+
+    if (session->peer_cert_digest_len != 0) {
+        const mbedtls_md_info_t *md_info =
+            mbedtls_md_info_from_type(session->peer_cert_digest_type);
+        if (md_info == NULL) {
+            return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+        }
+        if (session->peer_cert_digest_len != mbedtls_md_get_size(md_info)) {
+            return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+        }
+
+        if (session->peer_cert_digest_len > (size_t) (end - p)) {
+            return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+        }
+
+        session->peer_cert_digest =
+            mbedtls_calloc(1, session->peer_cert_digest_len);
+        if (session->peer_cert_digest == NULL) {
+            return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+        }
+
+        memcpy(session->peer_cert_digest, p,
+               session->peer_cert_digest_len);
+        p += session->peer_cert_digest_len;
+    }
+#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+    /*
+     * Session ticket and associated data
+     */
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
+    if (3 > (size_t) (end - p)) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    session->ticket_len = (p[0] << 16) | (p[1] << 8) | p[2];
+    p += 3;
+
+    if (session->ticket_len != 0) {
+        if (session->ticket_len > (size_t) (end - p)) {
+            return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+        }
+
+        session->ticket = mbedtls_calloc(1, session->ticket_len);
+        if (session->ticket == NULL) {
+            return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+        }
+
+        memcpy(session->ticket, p, session->ticket_len);
+        p += session->ticket_len;
+    }
+
+    if (4 > (size_t) (end - p)) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    session->ticket_lifetime = ((uint32_t) p[0] << 24) |
+                               ((uint32_t) p[1] << 16) |
+                               ((uint32_t) p[2] <<  8) |
+                               ((uint32_t) p[3]);
+    p += 4;
+#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
+
+    /*
+     * Misc extension-related info
+     */
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    if (1 > (size_t) (end - p)) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    session->mfl_code = *p++;
+#endif
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    if (1 > (size_t) (end - p)) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    session->trunc_hmac = *p++;
+#endif
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    if (1 > (size_t) (end - p)) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    session->encrypt_then_mac = *p++;
+#endif
+
+    /* Done, should have consumed entire buffer */
+    if (p != end) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    return 0;
+}
+
+/*
+ * Deserialize session: public wrapper for error cleaning
+ */
+int mbedtls_ssl_session_load(mbedtls_ssl_session *session,
+                             const unsigned char *buf,
+                             size_t len)
+{
+    int ret = ssl_session_load(session, 0, buf, len);
+
+    if (ret != 0) {
+        mbedtls_ssl_session_free(session);
+    }
+
+    return ret;
+}
+
+/*
+ * Perform a single step of the SSL handshake
+ */
+int mbedtls_ssl_handshake_step(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+
+    if (ssl == NULL || ssl->conf == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_SSL_CLI_C)
+    if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) {
+        ret = mbedtls_ssl_handshake_client_step(ssl);
+    }
+#endif
+#if defined(MBEDTLS_SSL_SRV_C)
+    if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) {
+        ret = mbedtls_ssl_handshake_server_step(ssl);
+    }
+#endif
+
+    return ret;
+}
+
+/*
+ * Perform the SSL handshake
+ */
+int mbedtls_ssl_handshake(mbedtls_ssl_context *ssl)
+{
+    int ret = 0;
+
+    /* Sanity checks */
+
+    if (ssl == NULL || ssl->conf == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        (ssl->f_set_timer == NULL || ssl->f_get_timer == NULL)) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("You must use "
+                                  "mbedtls_ssl_set_timer_cb() for DTLS"));
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> handshake"));
+
+    /* Main handshake loop */
+    while (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) {
+        ret = mbedtls_ssl_handshake_step(ssl);
+
+        if (ret != 0) {
+            break;
+        }
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= handshake"));
+
+    return ret;
+}
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+#if defined(MBEDTLS_SSL_SRV_C)
+/*
+ * Write HelloRequest to request renegotiation on server
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_write_hello_request(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write hello request"));
+
+    ssl->out_msglen  = 4;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_HELLO_REQUEST;
+
+    if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret);
+        return ret;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= write hello request"));
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_SRV_C */
+
+/*
+ * Actually renegotiate current connection, triggered by either:
+ * - any side: calling mbedtls_ssl_renegotiate(),
+ * - client: receiving a HelloRequest during mbedtls_ssl_read(),
+ * - server: receiving any handshake message on server during mbedtls_ssl_read() after
+ *   the initial handshake is completed.
+ * If the handshake doesn't complete due to waiting for I/O, it will continue
+ * during the next calls to mbedtls_ssl_renegotiate() or mbedtls_ssl_read() respectively.
+ */
+int mbedtls_ssl_start_renegotiation(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> renegotiate"));
+
+    if ((ret = ssl_handshake_init(ssl)) != 0) {
+        return ret;
+    }
+
+    /* RFC 6347 4.2.2: "[...] the HelloRequest will have message_seq = 0 and
+     * the ServerHello will have message_seq = 1" */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING) {
+        if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) {
+            ssl->handshake->out_msg_seq = 1;
+        } else {
+            ssl->handshake->in_msg_seq = 1;
+        }
+    }
+#endif
+
+    ssl->state = MBEDTLS_SSL_HELLO_REQUEST;
+    ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS;
+
+    if ((ret = mbedtls_ssl_handshake(ssl)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_handshake", ret);
+        return ret;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= renegotiate"));
+
+    return 0;
+}
+
+/*
+ * Renegotiate current connection on client,
+ * or request renegotiation on server
+ */
+int mbedtls_ssl_renegotiate(mbedtls_ssl_context *ssl)
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+
+    if (ssl == NULL || ssl->conf == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_SSL_SRV_C)
+    /* On server, just send the request */
+    if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) {
+        if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) {
+            return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+        }
+
+        ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING;
+
+        /* Did we already try/start sending HelloRequest? */
+        if (ssl->out_left != 0) {
+            return mbedtls_ssl_flush_output(ssl);
+        }
+
+        return ssl_write_hello_request(ssl);
+    }
+#endif /* MBEDTLS_SSL_SRV_C */
+
+#if defined(MBEDTLS_SSL_CLI_C)
+    /*
+     * On client, either start the renegotiation process or,
+     * if already in progress, continue the handshake
+     */
+    if (ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) {
+        if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) {
+            return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+        }
+
+        if ((ret = mbedtls_ssl_start_renegotiation(ssl)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_start_renegotiation", ret);
+            return ret;
+        }
+    } else {
+        if ((ret = mbedtls_ssl_handshake(ssl)) != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_handshake", ret);
+            return ret;
+        }
+    }
+#endif /* MBEDTLS_SSL_CLI_C */
+
+    return ret;
+}
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+static void ssl_key_cert_free(mbedtls_ssl_key_cert *key_cert)
+{
+    mbedtls_ssl_key_cert *cur = key_cert, *next;
+
+    while (cur != NULL) {
+        next = cur->next;
+        mbedtls_free(cur);
+        cur = next;
+    }
+}
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+void mbedtls_ssl_handshake_free(mbedtls_ssl_context *ssl)
+{
+    mbedtls_ssl_handshake_params *handshake = ssl->handshake;
+
+    if (handshake == NULL) {
+        return;
+    }
+
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+    if (ssl->conf->f_async_cancel != NULL && handshake->async_in_progress != 0) {
+        ssl->conf->f_async_cancel(ssl);
+        handshake->async_in_progress = 0;
+    }
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+    mbedtls_md5_free(&handshake->fin_md5);
+    mbedtls_sha1_free(&handshake->fin_sha1);
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA256_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_hash_abort(&handshake->fin_sha256_psa);
+#else
+    mbedtls_sha256_free(&handshake->fin_sha256);
+#endif
+#endif
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_hash_abort(&handshake->fin_sha384_psa);
+#else
+    mbedtls_sha512_free(&handshake->fin_sha512);
+#endif
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+#if defined(MBEDTLS_DHM_C)
+    mbedtls_dhm_free(&handshake->dhm_ctx);
+#endif
+#if defined(MBEDTLS_ECDH_C)
+    mbedtls_ecdh_free(&handshake->ecdh_ctx);
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    mbedtls_ecjpake_free(&handshake->ecjpake_ctx);
+#if defined(MBEDTLS_SSL_CLI_C)
+    mbedtls_free(handshake->ecjpake_cache);
+    handshake->ecjpake_cache = NULL;
+    handshake->ecjpake_cache_len = 0;
+#endif
+#endif
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    /* explicit void pointer cast for buggy MS compiler */
+    mbedtls_free((void *) handshake->curves);
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+    if (handshake->psk != NULL) {
+        mbedtls_platform_zeroize(handshake->psk, handshake->psk_len);
+        mbedtls_free(handshake->psk);
+    }
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
+    defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    /*
+     * Free only the linked list wrapper, not the keys themselves
+     * since the belong to the SNI callback
+     */
+    if (handshake->sni_key_cert != NULL) {
+        mbedtls_ssl_key_cert *cur = handshake->sni_key_cert, *next;
+
+        while (cur != NULL) {
+            next = cur->next;
+            mbedtls_free(cur);
+            cur = next;
+        }
+    }
+#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_SERVER_NAME_INDICATION */
+
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+    mbedtls_x509_crt_restart_free(&handshake->ecrs_ctx);
+    if (handshake->ecrs_peer_cert != NULL) {
+        mbedtls_x509_crt_free(handshake->ecrs_peer_cert);
+        mbedtls_free(handshake->ecrs_peer_cert);
+    }
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) &&        \
+    !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    mbedtls_pk_free(&handshake->peer_pubkey);
+#endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    mbedtls_free(handshake->verify_cookie);
+    mbedtls_ssl_flight_free(handshake->flight);
+    mbedtls_ssl_buffering_free(ssl);
+#endif
+
+#if defined(MBEDTLS_ECDH_C) &&                  \
+    defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_destroy_key(handshake->ecdh_psa_privkey);
+#endif /* MBEDTLS_ECDH_C && MBEDTLS_USE_PSA_CRYPTO */
+
+    mbedtls_platform_zeroize(handshake,
+                             sizeof(mbedtls_ssl_handshake_params));
+
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+    /* If the buffers are too big - reallocate. Because of the way Mbed TLS
+     * processes datagrams and the fact that a datagram is allowed to have
+     * several records in it, it is possible that the I/O buffers are not
+     * empty at this stage */
+    handle_buffer_resizing(ssl, 1, mbedtls_ssl_get_input_buflen(ssl),
+                           mbedtls_ssl_get_output_buflen(ssl));
+#endif
+}
+
+void mbedtls_ssl_session_free(mbedtls_ssl_session *session)
+{
+    if (session == NULL) {
+        return;
+    }
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    ssl_clear_peer_cert(session);
+#endif
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
+    mbedtls_free(session->ticket);
+#endif
+
+    mbedtls_platform_zeroize(session, sizeof(mbedtls_ssl_session));
+}
+
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+#define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_CONNECTION_ID 1u
+#else
+#define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_CONNECTION_ID 0u
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
+#define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_BADMAC_LIMIT 1u
+#else
+#define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_BADMAC_LIMIT 0u
+#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+#define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_ANTI_REPLAY 1u
+#else
+#define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_ANTI_REPLAY 0u
+#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
+
+#if defined(MBEDTLS_SSL_ALPN)
+#define SSL_SERIALIZED_CONTEXT_CONFIG_ALPN 1u
+#else
+#define SSL_SERIALIZED_CONTEXT_CONFIG_ALPN 0u
+#endif /* MBEDTLS_SSL_ALPN */
+
+#define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT    0
+#define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT     1
+#define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT      2
+#define SSL_SERIALIZED_CONTEXT_CONFIG_ALPN_BIT                  3
+
+#define SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG   \
+    ((uint32_t) (                              \
+         (SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_CONNECTION_ID << \
+             SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT) | \
+         (SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_BADMAC_LIMIT << \
+             SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT) | \
+         (SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_ANTI_REPLAY << \
+             SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT) | \
+         (SSL_SERIALIZED_CONTEXT_CONFIG_ALPN << SSL_SERIALIZED_CONTEXT_CONFIG_ALPN_BIT) | \
+         0u))
+
+static unsigned char ssl_serialized_context_header[] = {
+    MBEDTLS_VERSION_MAJOR,
+    MBEDTLS_VERSION_MINOR,
+    MBEDTLS_VERSION_PATCH,
+    MBEDTLS_BYTE_1(SSL_SERIALIZED_SESSION_CONFIG_BITFLAG),
+    MBEDTLS_BYTE_0(SSL_SERIALIZED_SESSION_CONFIG_BITFLAG),
+    MBEDTLS_BYTE_2(SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG),
+    MBEDTLS_BYTE_1(SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG),
+    MBEDTLS_BYTE_0(SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG),
+};
+
+/*
+ * Serialize a full SSL context
+ *
+ * The format of the serialized data is:
+ * (in the presentation language of TLS, RFC 8446 section 3)
+ *
+ *  // header
+ *  opaque mbedtls_version[3];   // major, minor, patch
+ *  opaque context_format[5];    // version-specific field determining
+ *                               // the format of the remaining
+ *                               // serialized data.
+ *  Note: When updating the format, remember to keep these
+ *        version+format bytes. (We may make their size part of the API.)
+ *
+ *  // session sub-structure
+ *  opaque session<1..2^32-1>;  // see mbedtls_ssl_session_save()
+ *  // transform sub-structure
+ *  uint8 random[64];           // ServerHello.random+ClientHello.random
+ *  uint8 in_cid<0..2^8-1>      // Connection ID: expected incoming value
+ *  uint8 out_cid<0..2^8-1>     // Connection ID: outgoing value to use
+ *  // fields from ssl_context
+ *  uint32 badmac_seen;         // DTLS: number of records with failing MAC
+ *  uint64 in_window_top;       // DTLS: last validated record seq_num
+ *  uint64 in_window;           // DTLS: bitmask for replay protection
+ *  uint8 disable_datagram_packing; // DTLS: only one record per datagram
+ *  uint64 cur_out_ctr;         // Record layer: outgoing sequence number
+ *  uint16 mtu;                 // DTLS: path mtu (max outgoing fragment size)
+ *  uint8 alpn_chosen<0..2^8-1> // ALPN: negotiated application protocol
+ *
+ * Note that many fields of the ssl_context or sub-structures are not
+ * serialized, as they fall in one of the following categories:
+ *
+ *  1. forced value (eg in_left must be 0)
+ *  2. pointer to dynamically-allocated memory (eg session, transform)
+ *  3. value can be re-derived from other data (eg session keys from MS)
+ *  4. value was temporary (eg content of input buffer)
+ *  5. value will be provided by the user again (eg I/O callbacks and context)
+ */
+int mbedtls_ssl_context_save(mbedtls_ssl_context *ssl,
+                             unsigned char *buf,
+                             size_t buf_len,
+                             size_t *olen)
+{
+    unsigned char *p = buf;
+    size_t used = 0;
+    size_t session_len;
+    int ret = 0;
+
+    /*
+     * Enforce usage restrictions, see "return BAD_INPUT_DATA" in
+     * this function's documentation.
+     *
+     * These are due to assumptions/limitations in the implementation. Some of
+     * them are likely to stay (no handshake in progress) some might go away
+     * (only DTLS) but are currently used to simplify the implementation.
+     */
+    /* The initial handshake must be over */
+    if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("Initial handshake isn't over"));
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+    if (ssl->handshake != NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("Handshake isn't completed"));
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+    /* Double-check that sub-structures are indeed ready */
+    if (ssl->transform == NULL || ssl->session == NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("Serialised structures aren't ready"));
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+    /* There must be no pending incoming or outgoing data */
+    if (mbedtls_ssl_check_pending(ssl) != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("There is pending incoming data"));
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+    if (ssl->out_left != 0) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("There is pending outgoing data"));
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+    /* Protocol must be DTLS, not TLS */
+    if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("Only DTLS is supported"));
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+    /* Version must be 1.2 */
+    if (ssl->major_ver != MBEDTLS_SSL_MAJOR_VERSION_3) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("Only version 1.2 supported"));
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+    if (ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("Only version 1.2 supported"));
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+    /* We must be using an AEAD ciphersuite */
+    if (mbedtls_ssl_transform_uses_aead(ssl->transform) != 1) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("Only AEAD ciphersuites supported"));
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+    /* Renegotiation must not be enabled */
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if (ssl->conf->disable_renegotiation != MBEDTLS_SSL_RENEGOTIATION_DISABLED) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("Renegotiation must not be enabled"));
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+#endif
+
+    /*
+     * Version and format identifier
+     */
+    used += sizeof(ssl_serialized_context_header);
+
+    if (used <= buf_len) {
+        memcpy(p, ssl_serialized_context_header,
+               sizeof(ssl_serialized_context_header));
+        p += sizeof(ssl_serialized_context_header);
+    }
+
+    /*
+     * Session (length + data)
+     */
+    ret = ssl_session_save(ssl->session, 1, NULL, 0, &session_len);
+    if (ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) {
+        return ret;
+    }
+
+    used += 4 + session_len;
+    if (used <= buf_len) {
+        MBEDTLS_PUT_UINT32_BE(session_len, p, 0);
+        p += 4;
+
+        ret = ssl_session_save(ssl->session, 1,
+                               p, session_len, &session_len);
+        if (ret != 0) {
+            return ret;
+        }
+
+        p += session_len;
+    }
+
+    /*
+     * Transform
+     */
+    used += sizeof(ssl->transform->randbytes);
+    if (used <= buf_len) {
+        memcpy(p, ssl->transform->randbytes,
+               sizeof(ssl->transform->randbytes));
+        p += sizeof(ssl->transform->randbytes);
+    }
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    used += 2 + ssl->transform->in_cid_len + ssl->transform->out_cid_len;
+    if (used <= buf_len) {
+        *p++ = ssl->transform->in_cid_len;
+        memcpy(p, ssl->transform->in_cid, ssl->transform->in_cid_len);
+        p += ssl->transform->in_cid_len;
+
+        *p++ = ssl->transform->out_cid_len;
+        memcpy(p, ssl->transform->out_cid, ssl->transform->out_cid_len);
+        p += ssl->transform->out_cid_len;
+    }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+    /*
+     * Saved fields from top-level ssl_context structure
+     */
+#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
+    used += 4;
+    if (used <= buf_len) {
+        MBEDTLS_PUT_UINT32_BE(ssl->badmac_seen, p, 0);
+        p += 4;
+    }
+#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+    used += 16;
+    if (used <= buf_len) {
+        MBEDTLS_PUT_UINT64_BE(ssl->in_window_top, p, 0);
+        p += 8;
+
+        MBEDTLS_PUT_UINT64_BE(ssl->in_window, p, 0);
+        p += 8;
+    }
+#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    used += 1;
+    if (used <= buf_len) {
+        *p++ = ssl->disable_datagram_packing;
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    used += 8;
+    if (used <= buf_len) {
+        memcpy(p, ssl->cur_out_ctr, 8);
+        p += 8;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    used += 2;
+    if (used <= buf_len) {
+        MBEDTLS_PUT_UINT16_BE(ssl->mtu, p, 0);
+        p += 2;
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+#if defined(MBEDTLS_SSL_ALPN)
+    {
+        const uint8_t alpn_len = ssl->alpn_chosen
+                               ? (uint8_t) strlen(ssl->alpn_chosen)
+                               : 0;
+
+        used += 1 + alpn_len;
+        if (used <= buf_len) {
+            *p++ = alpn_len;
+
+            if (ssl->alpn_chosen != NULL) {
+                memcpy(p, ssl->alpn_chosen, alpn_len);
+                p += alpn_len;
+            }
+        }
+    }
+#endif /* MBEDTLS_SSL_ALPN */
+
+    /*
+     * Done
+     */
+    *olen = used;
+
+    if (used > buf_len) {
+        return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
+    }
+
+    MBEDTLS_SSL_DEBUG_BUF(4, "saved context", buf, used);
+
+    return mbedtls_ssl_session_reset_int(ssl, 0);
+}
+
+/*
+ * Helper to get TLS 1.2 PRF from ciphersuite
+ * (Duplicates bits of logic from ssl_set_handshake_prfs().)
+ */
+#if defined(MBEDTLS_SHA256_C) || \
+    (defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384))
+typedef int (*tls_prf_fn)(const unsigned char *secret, size_t slen,
+                          const char *label,
+                          const unsigned char *random, size_t rlen,
+                          unsigned char *dstbuf, size_t dlen);
+static tls_prf_fn ssl_tls12prf_from_cs(int ciphersuite_id)
+{
+    const mbedtls_ssl_ciphersuite_t * const ciphersuite_info =
+        mbedtls_ssl_ciphersuite_from_id(ciphersuite_id);
+
+    if (ciphersuite_info == NULL) {
+        return NULL;
+    }
+
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+    if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) {
+        return tls_prf_sha384;
+    } else
+#endif
+#if defined(MBEDTLS_SHA256_C)
+    {
+        if (ciphersuite_info->mac == MBEDTLS_MD_SHA256) {
+            return tls_prf_sha256;
+        }
+    }
+#endif
+#if !defined(MBEDTLS_SHA256_C) && \
+    (!defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_SHA512_NO_SHA384))
+    (void) ciphersuite_info;
+#endif
+    return NULL;
+}
+
+#endif /* MBEDTLS_SHA256_C ||
+          (MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384) */
+
+/*
+ * Deserialize context, see mbedtls_ssl_context_save() for format.
+ *
+ * This internal version is wrapped by a public function that cleans up in
+ * case of error.
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+static int ssl_context_load(mbedtls_ssl_context *ssl,
+                            const unsigned char *buf,
+                            size_t len)
+{
+    const unsigned char *p = buf;
+    const unsigned char * const end = buf + len;
+    size_t session_len;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    tls_prf_fn prf_func = NULL;
+
+    /*
+     * The context should have been freshly setup or reset.
+     * Give the user an error in case of obvious misuse.
+     * (Checking session is useful because it won't be NULL if we're
+     * renegotiating, or if the user mistakenly loaded a session first.)
+     */
+    if (ssl->state != MBEDTLS_SSL_HELLO_REQUEST ||
+        ssl->session != NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    /*
+     * We can't check that the config matches the initial one, but we can at
+     * least check it matches the requirements for serializing.
+     */
+    if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ||
+        ssl->conf->max_major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 ||
+        ssl->conf->min_major_ver > MBEDTLS_SSL_MAJOR_VERSION_3 ||
+        ssl->conf->max_minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ||
+        ssl->conf->min_minor_ver > MBEDTLS_SSL_MINOR_VERSION_3 ||
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+        ssl->conf->disable_renegotiation != MBEDTLS_SSL_RENEGOTIATION_DISABLED ||
+#endif
+        0) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    MBEDTLS_SSL_DEBUG_BUF(4, "context to load", buf, len);
+
+    /*
+     * Check version identifier
+     */
+    if ((size_t) (end - p) < sizeof(ssl_serialized_context_header)) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    if (memcmp(p, ssl_serialized_context_header,
+               sizeof(ssl_serialized_context_header)) != 0) {
+        return MBEDTLS_ERR_SSL_VERSION_MISMATCH;
+    }
+    p += sizeof(ssl_serialized_context_header);
+
+    /*
+     * Session
+     */
+    if ((size_t) (end - p) < 4) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    session_len = ((size_t) p[0] << 24) |
+                  ((size_t) p[1] << 16) |
+                  ((size_t) p[2] <<  8) |
+                  ((size_t) p[3]);
+    p += 4;
+
+    /* This has been allocated by ssl_handshake_init(), called by
+     * by either mbedtls_ssl_session_reset_int() or mbedtls_ssl_setup(). */
+    ssl->session = ssl->session_negotiate;
+    ssl->session_in = ssl->session;
+    ssl->session_out = ssl->session;
+    ssl->session_negotiate = NULL;
+
+    if ((size_t) (end - p) < session_len) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    ret = ssl_session_load(ssl->session, 1, p, session_len);
+    if (ret != 0) {
+        mbedtls_ssl_session_free(ssl->session);
+        return ret;
+    }
+
+    p += session_len;
+
+    /*
+     * Transform
+     */
+
+    /* This has been allocated by ssl_handshake_init(), called by
+     * by either mbedtls_ssl_session_reset_int() or mbedtls_ssl_setup(). */
+    ssl->transform = ssl->transform_negotiate;
+    ssl->transform_in = ssl->transform;
+    ssl->transform_out = ssl->transform;
+    ssl->transform_negotiate = NULL;
+
+    prf_func = ssl_tls12prf_from_cs(ssl->session->ciphersuite);
+    if (prf_func == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    /* Read random bytes and populate structure */
+    if ((size_t) (end - p) < sizeof(ssl->transform->randbytes)) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    ret = ssl_populate_transform(ssl->transform,
+                                 ssl->session->ciphersuite,
+                                 ssl->session->master,
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+                                 ssl->session->encrypt_then_mac,
+#endif
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+                                 ssl->session->trunc_hmac,
+#endif
+#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+                                 ssl->session->compression,
+#endif
+                                 prf_func,
+                                 p, /* currently pointing to randbytes */
+                                 MBEDTLS_SSL_MINOR_VERSION_3, /* (D)TLS 1.2 is forced */
+                                 ssl->conf->endpoint,
+                                 ssl);
+    if (ret != 0) {
+        return ret;
+    }
+
+    p += sizeof(ssl->transform->randbytes);
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    /* Read connection IDs and store them */
+    if ((size_t) (end - p) < 1) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    ssl->transform->in_cid_len = *p++;
+
+    if ((size_t) (end - p) < ssl->transform->in_cid_len + 1u) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    memcpy(ssl->transform->in_cid, p, ssl->transform->in_cid_len);
+    p += ssl->transform->in_cid_len;
+
+    ssl->transform->out_cid_len = *p++;
+
+    if ((size_t) (end - p) < ssl->transform->out_cid_len) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    memcpy(ssl->transform->out_cid, p, ssl->transform->out_cid_len);
+    p += ssl->transform->out_cid_len;
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+    /*
+     * Saved fields from top-level ssl_context structure
+     */
+#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
+    if ((size_t) (end - p) < 4) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    ssl->badmac_seen = ((uint32_t) p[0] << 24) |
+                       ((uint32_t) p[1] << 16) |
+                       ((uint32_t) p[2] <<  8) |
+                       ((uint32_t) p[3]);
+    p += 4;
+#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+    if ((size_t) (end - p) < 16) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    ssl->in_window_top = ((uint64_t) p[0] << 56) |
+                         ((uint64_t) p[1] << 48) |
+                         ((uint64_t) p[2] << 40) |
+                         ((uint64_t) p[3] << 32) |
+                         ((uint64_t) p[4] << 24) |
+                         ((uint64_t) p[5] << 16) |
+                         ((uint64_t) p[6] <<  8) |
+                         ((uint64_t) p[7]);
+    p += 8;
+
+    ssl->in_window = ((uint64_t) p[0] << 56) |
+                     ((uint64_t) p[1] << 48) |
+                     ((uint64_t) p[2] << 40) |
+                     ((uint64_t) p[3] << 32) |
+                     ((uint64_t) p[4] << 24) |
+                     ((uint64_t) p[5] << 16) |
+                     ((uint64_t) p[6] <<  8) |
+                     ((uint64_t) p[7]);
+    p += 8;
+#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if ((size_t) (end - p) < 1) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    ssl->disable_datagram_packing = *p++;
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    if ((size_t) (end - p) < 8) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    memcpy(ssl->cur_out_ctr, p, 8);
+    p += 8;
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if ((size_t) (end - p) < 2) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    ssl->mtu = (p[0] << 8) | p[1];
+    p += 2;
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+#if defined(MBEDTLS_SSL_ALPN)
+    {
+        uint8_t alpn_len;
+        const char **cur;
+
+        if ((size_t) (end - p) < 1) {
+            return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+        }
+
+        alpn_len = *p++;
+
+        if (alpn_len != 0 && ssl->conf->alpn_list != NULL) {
+            /* alpn_chosen should point to an item in the configured list */
+            for (cur = ssl->conf->alpn_list; *cur != NULL; cur++) {
+                if (strlen(*cur) == alpn_len &&
+                    memcmp(p, cur, alpn_len) == 0) {
+                    ssl->alpn_chosen = *cur;
+                    break;
+                }
+            }
+        }
+
+        /* can only happen on conf mismatch */
+        if (alpn_len != 0 && ssl->alpn_chosen == NULL) {
+            return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+        }
+
+        p += alpn_len;
+    }
+#endif /* MBEDTLS_SSL_ALPN */
+
+    /*
+     * Forced fields from top-level ssl_context structure
+     *
+     * Most of them already set to the correct value by mbedtls_ssl_init() and
+     * mbedtls_ssl_reset(), so we only need to set the remaining ones.
+     */
+    ssl->state = MBEDTLS_SSL_HANDSHAKE_OVER;
+
+    ssl->major_ver = MBEDTLS_SSL_MAJOR_VERSION_3;
+    ssl->minor_ver = MBEDTLS_SSL_MINOR_VERSION_3;
+
+    /* Adjust pointers for header fields of outgoing records to
+     * the given transform, accounting for explicit IV and CID. */
+    mbedtls_ssl_update_out_pointers(ssl, ssl->transform);
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    ssl->in_epoch = 1;
+#endif
+
+    /* mbedtls_ssl_reset() leaves the handshake sub-structure allocated,
+     * which we don't want - otherwise we'd end up freeing the wrong transform
+     * by calling mbedtls_ssl_handshake_wrapup_free_hs_transform()
+     * inappropriately. */
+    if (ssl->handshake != NULL) {
+        mbedtls_ssl_handshake_free(ssl);
+        mbedtls_free(ssl->handshake);
+        ssl->handshake = NULL;
+    }
+
+    /*
+     * Done - should have consumed entire buffer
+     */
+    if (p != end) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    return 0;
+}
+
+/*
+ * Deserialize context: public wrapper for error cleaning
+ */
+int mbedtls_ssl_context_load(mbedtls_ssl_context *context,
+                             const unsigned char *buf,
+                             size_t len)
+{
+    int ret = ssl_context_load(context, buf, len);
+
+    if (ret != 0) {
+        mbedtls_ssl_free(context);
+    }
+
+    return ret;
+}
+#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
+
+/*
+ * Free an SSL context
+ */
+void mbedtls_ssl_free(mbedtls_ssl_context *ssl)
+{
+    if (ssl == NULL) {
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("=> free"));
+
+    if (ssl->out_buf != NULL) {
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+        size_t out_buf_len = ssl->out_buf_len;
+#else
+        size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN;
+#endif
+
+        mbedtls_platform_zeroize(ssl->out_buf, out_buf_len);
+        mbedtls_free(ssl->out_buf);
+        ssl->out_buf = NULL;
+    }
+
+    if (ssl->in_buf != NULL) {
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+        size_t in_buf_len = ssl->in_buf_len;
+#else
+        size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN;
+#endif
+
+        mbedtls_platform_zeroize(ssl->in_buf, in_buf_len);
+        mbedtls_free(ssl->in_buf);
+        ssl->in_buf = NULL;
+    }
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    if (ssl->compress_buf != NULL) {
+        mbedtls_platform_zeroize(ssl->compress_buf, MBEDTLS_SSL_COMPRESS_BUFFER_LEN);
+        mbedtls_free(ssl->compress_buf);
+    }
+#endif
+
+    if (ssl->transform) {
+        mbedtls_ssl_transform_free(ssl->transform);
+        mbedtls_free(ssl->transform);
+    }
+
+    if (ssl->handshake) {
+        mbedtls_ssl_handshake_free(ssl);
+        mbedtls_ssl_transform_free(ssl->transform_negotiate);
+        mbedtls_ssl_session_free(ssl->session_negotiate);
+
+        mbedtls_free(ssl->handshake);
+        mbedtls_free(ssl->transform_negotiate);
+        mbedtls_free(ssl->session_negotiate);
+    }
+
+    if (ssl->session) {
+        mbedtls_ssl_session_free(ssl->session);
+        mbedtls_free(ssl->session);
+    }
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    if (ssl->hostname != NULL) {
+        mbedtls_platform_zeroize(ssl->hostname, strlen(ssl->hostname));
+        mbedtls_free(ssl->hostname);
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+    if (mbedtls_ssl_hw_record_finish != NULL) {
+        MBEDTLS_SSL_DEBUG_MSG(2, ("going for mbedtls_ssl_hw_record_finish()"));
+        mbedtls_ssl_hw_record_finish(ssl);
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
+    mbedtls_free(ssl->cli_id);
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG(2, ("<= free"));
+
+    /* Actually clear after last debug message */
+    mbedtls_platform_zeroize(ssl, sizeof(mbedtls_ssl_context));
+}
+
+/*
+ * Initialize mbedtls_ssl_config
+ */
+void mbedtls_ssl_config_init(mbedtls_ssl_config *conf)
+{
+    memset(conf, 0, sizeof(mbedtls_ssl_config));
+}
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+static int ssl_preset_default_hashes[] = {
+#if defined(MBEDTLS_SHA512_C)
+    MBEDTLS_MD_SHA512,
+#endif
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+    MBEDTLS_MD_SHA384,
+#endif
+#if defined(MBEDTLS_SHA256_C)
+    MBEDTLS_MD_SHA256,
+    MBEDTLS_MD_SHA224,
+#endif
+#if defined(MBEDTLS_SHA1_C) && defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE)
+    MBEDTLS_MD_SHA1,
+#endif
+    MBEDTLS_MD_NONE
+};
+#endif
+
+static int ssl_preset_suiteb_ciphersuites[] = {
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+    0
+};
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+static int ssl_preset_suiteb_hashes[] = {
+    MBEDTLS_MD_SHA256,
+    MBEDTLS_MD_SHA384,
+    MBEDTLS_MD_NONE
+};
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+static mbedtls_ecp_group_id ssl_preset_suiteb_curves[] = {
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+    MBEDTLS_ECP_DP_SECP256R1,
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+    MBEDTLS_ECP_DP_SECP384R1,
+#endif
+    MBEDTLS_ECP_DP_NONE
+};
+#endif
+
+/*
+ * Load default in mbedtls_ssl_config
+ */
+int mbedtls_ssl_config_defaults(mbedtls_ssl_config *conf,
+                                int endpoint, int transport, int preset)
+{
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+#endif
+
+    /* Use the functions here so that they are covered in tests,
+     * but otherwise access member directly for efficiency */
+    mbedtls_ssl_conf_endpoint(conf, endpoint);
+    mbedtls_ssl_conf_transport(conf, transport);
+
+    /*
+     * Things that are common to all presets
+     */
+#if defined(MBEDTLS_SSL_CLI_C)
+    if (endpoint == MBEDTLS_SSL_IS_CLIENT) {
+        conf->authmode = MBEDTLS_SSL_VERIFY_REQUIRED;
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+        conf->session_tickets = MBEDTLS_SSL_SESSION_TICKETS_ENABLED;
+#endif
+    }
+#endif
+
+#if defined(MBEDTLS_ARC4_C)
+    conf->arc4_disabled = MBEDTLS_SSL_ARC4_DISABLED;
+#endif
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    conf->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED;
+#endif
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    conf->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED;
+#endif
+
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+    conf->cbc_record_splitting = MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED;
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
+    conf->f_cookie_write = ssl_cookie_write_dummy;
+    conf->f_cookie_check = ssl_cookie_check_dummy;
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+    conf->anti_replay = MBEDTLS_SSL_ANTI_REPLAY_ENABLED;
+#endif
+
+#if defined(MBEDTLS_SSL_SRV_C)
+    conf->cert_req_ca_list = MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED;
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    conf->hs_timeout_min = MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MIN;
+    conf->hs_timeout_max = MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MAX;
+#endif
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    conf->renego_max_records = MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT;
+    memset(conf->renego_period,     0x00, 2);
+    memset(conf->renego_period + 2, 0xFF, 6);
+#endif
+
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
+    if (endpoint == MBEDTLS_SSL_IS_SERVER) {
+        const unsigned char dhm_p[] =
+            MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN;
+        const unsigned char dhm_g[] =
+            MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN;
+
+        if ((ret = mbedtls_ssl_conf_dh_param_bin(conf,
+                                                 dhm_p, sizeof(dhm_p),
+                                                 dhm_g, sizeof(dhm_g))) != 0) {
+            return ret;
+        }
+    }
+#endif
+
+    /*
+     * Preset-specific defaults
+     */
+    switch (preset) {
+        /*
+         * NSA Suite B
+         */
+        case MBEDTLS_SSL_PRESET_SUITEB:
+            conf->min_major_ver = MBEDTLS_SSL_MAJOR_VERSION_3;
+            conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_3; /* TLS 1.2 */
+            conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION;
+            conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION;
+
+            conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] =
+                conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] =
+                    conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] =
+                        conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] =
+                            ssl_preset_suiteb_ciphersuites;
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+            conf->cert_profile = &mbedtls_x509_crt_profile_suiteb;
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+            conf->sig_hashes = ssl_preset_suiteb_hashes;
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+            conf->curve_list = ssl_preset_suiteb_curves;
+#endif
+            break;
+
+        /*
+         * Default
+         */
+        default:
+            conf->min_major_ver = (MBEDTLS_SSL_MIN_MAJOR_VERSION >
+                                   MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION) ?
+                                  MBEDTLS_SSL_MIN_MAJOR_VERSION :
+                                  MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION;
+            conf->min_minor_ver = (MBEDTLS_SSL_MIN_MINOR_VERSION >
+                                   MBEDTLS_SSL_MIN_VALID_MINOR_VERSION) ?
+                                  MBEDTLS_SSL_MIN_MINOR_VERSION :
+                                  MBEDTLS_SSL_MIN_VALID_MINOR_VERSION;
+            conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION;
+            conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION;
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+            if (transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+                conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_2;
+            }
+#endif
+
+            conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] =
+                conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] =
+                    conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] =
+                        conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] =
+                            mbedtls_ssl_list_ciphersuites();
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+            conf->cert_profile = &mbedtls_x509_crt_profile_default;
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+            conf->sig_hashes = ssl_preset_default_hashes;
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+            conf->curve_list = mbedtls_ecp_grp_id_list();
+#endif
+
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
+            conf->dhm_min_bitlen = 1024;
+#endif
+    }
+
+    return 0;
+}
+
+/*
+ * Free mbedtls_ssl_config
+ */
+void mbedtls_ssl_config_free(mbedtls_ssl_config *conf)
+{
+#if defined(MBEDTLS_DHM_C)
+    mbedtls_mpi_free(&conf->dhm_P);
+    mbedtls_mpi_free(&conf->dhm_G);
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+    if (conf->psk != NULL) {
+        mbedtls_platform_zeroize(conf->psk, conf->psk_len);
+        mbedtls_free(conf->psk);
+        conf->psk = NULL;
+        conf->psk_len = 0;
+    }
+
+    if (conf->psk_identity != NULL) {
+        mbedtls_platform_zeroize(conf->psk_identity, conf->psk_identity_len);
+        mbedtls_free(conf->psk_identity);
+        conf->psk_identity = NULL;
+        conf->psk_identity_len = 0;
+    }
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    ssl_key_cert_free(conf->key_cert);
+#endif
+
+    mbedtls_platform_zeroize(conf, sizeof(mbedtls_ssl_config));
+}
+
+#if defined(MBEDTLS_PK_C) && \
+    (defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_C))
+/*
+ * Convert between MBEDTLS_PK_XXX and SSL_SIG_XXX
+ */
+unsigned char mbedtls_ssl_sig_from_pk(mbedtls_pk_context *pk)
+{
+#if defined(MBEDTLS_RSA_C)
+    if (mbedtls_pk_can_do(pk, MBEDTLS_PK_RSA)) {
+        return MBEDTLS_SSL_SIG_RSA;
+    }
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+    if (mbedtls_pk_can_do(pk, MBEDTLS_PK_ECDSA)) {
+        return MBEDTLS_SSL_SIG_ECDSA;
+    }
+#endif
+    return MBEDTLS_SSL_SIG_ANON;
+}
+
+unsigned char mbedtls_ssl_sig_from_pk_alg(mbedtls_pk_type_t type)
+{
+    switch (type) {
+        case MBEDTLS_PK_RSA:
+            return MBEDTLS_SSL_SIG_RSA;
+        case MBEDTLS_PK_ECDSA:
+        case MBEDTLS_PK_ECKEY:
+            return MBEDTLS_SSL_SIG_ECDSA;
+        default:
+            return MBEDTLS_SSL_SIG_ANON;
+    }
+}
+
+mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig(unsigned char sig)
+{
+    switch (sig) {
+#if defined(MBEDTLS_RSA_C)
+        case MBEDTLS_SSL_SIG_RSA:
+            return MBEDTLS_PK_RSA;
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+        case MBEDTLS_SSL_SIG_ECDSA:
+            return MBEDTLS_PK_ECDSA;
+#endif
+        default:
+            return MBEDTLS_PK_NONE;
+    }
+}
+#endif /* MBEDTLS_PK_C && ( MBEDTLS_RSA_C || MBEDTLS_ECDSA_C ) */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+
+/* Find an entry in a signature-hash set matching a given hash algorithm. */
+mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find(mbedtls_ssl_sig_hash_set_t *set,
+                                                mbedtls_pk_type_t sig_alg)
+{
+    switch (sig_alg) {
+        case MBEDTLS_PK_RSA:
+            return set->rsa;
+        case MBEDTLS_PK_ECDSA:
+            return set->ecdsa;
+        default:
+            return MBEDTLS_MD_NONE;
+    }
+}
+
+/* Add a signature-hash-pair to a signature-hash set */
+void mbedtls_ssl_sig_hash_set_add(mbedtls_ssl_sig_hash_set_t *set,
+                                  mbedtls_pk_type_t sig_alg,
+                                  mbedtls_md_type_t md_alg)
+{
+    switch (sig_alg) {
+        case MBEDTLS_PK_RSA:
+            if (set->rsa == MBEDTLS_MD_NONE) {
+                set->rsa = md_alg;
+            }
+            break;
+
+        case MBEDTLS_PK_ECDSA:
+            if (set->ecdsa == MBEDTLS_MD_NONE) {
+                set->ecdsa = md_alg;
+            }
+            break;
+
+        default:
+            break;
+    }
+}
+
+/* Allow exactly one hash algorithm for each signature. */
+void mbedtls_ssl_sig_hash_set_const_hash(mbedtls_ssl_sig_hash_set_t *set,
+                                         mbedtls_md_type_t md_alg)
+{
+    set->rsa   = md_alg;
+    set->ecdsa = md_alg;
+}
+
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2) &&
+          MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+/*
+ * Convert from MBEDTLS_SSL_HASH_XXX to MBEDTLS_MD_XXX
+ */
+mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash(unsigned char hash)
+{
+    switch (hash) {
+#if defined(MBEDTLS_MD5_C)
+        case MBEDTLS_SSL_HASH_MD5:
+            return MBEDTLS_MD_MD5;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case MBEDTLS_SSL_HASH_SHA1:
+            return MBEDTLS_MD_SHA1;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case MBEDTLS_SSL_HASH_SHA224:
+            return MBEDTLS_MD_SHA224;
+        case MBEDTLS_SSL_HASH_SHA256:
+            return MBEDTLS_MD_SHA256;
+#endif
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+        case MBEDTLS_SSL_HASH_SHA384:
+            return MBEDTLS_MD_SHA384;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+        case MBEDTLS_SSL_HASH_SHA512:
+            return MBEDTLS_MD_SHA512;
+#endif
+        default:
+            return MBEDTLS_MD_NONE;
+    }
+}
+
+/*
+ * Convert from MBEDTLS_MD_XXX to MBEDTLS_SSL_HASH_XXX
+ */
+unsigned char mbedtls_ssl_hash_from_md_alg(int md)
+{
+    switch (md) {
+#if defined(MBEDTLS_MD5_C)
+        case MBEDTLS_MD_MD5:
+            return MBEDTLS_SSL_HASH_MD5;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case MBEDTLS_MD_SHA1:
+            return MBEDTLS_SSL_HASH_SHA1;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case MBEDTLS_MD_SHA224:
+            return MBEDTLS_SSL_HASH_SHA224;
+        case MBEDTLS_MD_SHA256:
+            return MBEDTLS_SSL_HASH_SHA256;
+#endif
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+        case MBEDTLS_MD_SHA384:
+            return MBEDTLS_SSL_HASH_SHA384;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+        case MBEDTLS_MD_SHA512:
+            return MBEDTLS_SSL_HASH_SHA512;
+#endif
+        default:
+            return MBEDTLS_SSL_HASH_NONE;
+    }
+}
+
+#if defined(MBEDTLS_ECP_C)
+/*
+ * Check if a curve proposed by the peer is in our list.
+ * Return 0 if we're willing to use it, -1 otherwise.
+ */
+int mbedtls_ssl_check_curve(const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id)
+{
+    const mbedtls_ecp_group_id *gid;
+
+    if (ssl->conf->curve_list == NULL) {
+        return -1;
+    }
+
+    for (gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++) {
+        if (*gid == grp_id) {
+            return 0;
+        }
+    }
+
+    return -1;
+}
+
+/*
+ * Same as mbedtls_ssl_check_curve() but takes a TLS ID for the curve.
+ */
+int mbedtls_ssl_check_curve_tls_id(const mbedtls_ssl_context *ssl, uint16_t tls_id)
+{
+    const mbedtls_ecp_curve_info *curve_info =
+        mbedtls_ecp_curve_info_from_tls_id(tls_id);
+    if (curve_info == NULL) {
+        return -1;
+    }
+    return mbedtls_ssl_check_curve(ssl, curve_info->grp_id);
+}
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+/*
+ * Check if a hash proposed by the peer is in our list.
+ * Return 0 if we're willing to use it, -1 otherwise.
+ */
+int mbedtls_ssl_check_sig_hash(const mbedtls_ssl_context *ssl,
+                               mbedtls_md_type_t md)
+{
+    const int *cur;
+
+    if (ssl->conf->sig_hashes == NULL) {
+        return -1;
+    }
+
+    for (cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++) {
+        if (*cur == (int) md) {
+            return 0;
+        }
+    }
+
+    return -1;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+int mbedtls_ssl_check_cert_usage(const mbedtls_x509_crt *cert,
+                                 const mbedtls_ssl_ciphersuite_t *ciphersuite,
+                                 int cert_endpoint,
+                                 uint32_t *flags)
+{
+    int ret = 0;
+#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
+    int usage = 0;
+#endif
+#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
+    const char *ext_oid;
+    size_t ext_len;
+#endif
+
+#if !defined(MBEDTLS_X509_CHECK_KEY_USAGE) &&          \
+    !defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
+    ((void) cert);
+    ((void) cert_endpoint);
+    ((void) flags);
+#endif
+
+#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
+    if (cert_endpoint == MBEDTLS_SSL_IS_SERVER) {
+        /* Server part of the key exchange */
+        switch (ciphersuite->key_exchange) {
+            case MBEDTLS_KEY_EXCHANGE_RSA:
+            case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
+                usage = MBEDTLS_X509_KU_KEY_ENCIPHERMENT;
+                break;
+
+            case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
+            case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
+            case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
+                usage = MBEDTLS_X509_KU_DIGITAL_SIGNATURE;
+                break;
+
+            case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
+            case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
+                usage = MBEDTLS_X509_KU_KEY_AGREEMENT;
+                break;
+
+            /* Don't use default: we want warnings when adding new values */
+            case MBEDTLS_KEY_EXCHANGE_NONE:
+            case MBEDTLS_KEY_EXCHANGE_PSK:
+            case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
+            case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
+            case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
+                usage = 0;
+        }
+    } else {
+        /* Client auth: we only implement rsa_sign and mbedtls_ecdsa_sign for now */
+        usage = MBEDTLS_X509_KU_DIGITAL_SIGNATURE;
+    }
+
+    if (mbedtls_x509_crt_check_key_usage(cert, usage) != 0) {
+        *flags |= MBEDTLS_X509_BADCERT_KEY_USAGE;
+        ret = -1;
+    }
+#else
+    ((void) ciphersuite);
+#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */
+
+#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
+    if (cert_endpoint == MBEDTLS_SSL_IS_SERVER) {
+        ext_oid = MBEDTLS_OID_SERVER_AUTH;
+        ext_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_SERVER_AUTH);
+    } else {
+        ext_oid = MBEDTLS_OID_CLIENT_AUTH;
+        ext_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_CLIENT_AUTH);
+    }
+
+    if (mbedtls_x509_crt_check_extended_key_usage(cert, ext_oid, ext_len) != 0) {
+        *flags |= MBEDTLS_X509_BADCERT_EXT_KEY_USAGE;
+        ret = -1;
+    }
+#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
+
+    return ret;
+}
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+int mbedtls_ssl_set_calc_verify_md(mbedtls_ssl_context *ssl, int md)
+{
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if (ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3) {
+        return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
+    }
+
+    switch (md) {
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
+#if defined(MBEDTLS_MD5_C)
+        case MBEDTLS_SSL_HASH_MD5:
+            return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case MBEDTLS_SSL_HASH_SHA1:
+            ssl->handshake->calc_verify = ssl_calc_verify_tls;
+            break;
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
+        case MBEDTLS_SSL_HASH_SHA384:
+            ssl->handshake->calc_verify = ssl_calc_verify_tls_sha384;
+            break;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case MBEDTLS_SSL_HASH_SHA256:
+            ssl->handshake->calc_verify = ssl_calc_verify_tls_sha256;
+            break;
+#endif
+        default:
+            return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
+    }
+
+    return 0;
+#else /* !MBEDTLS_SSL_PROTO_TLS1_2 */
+    (void) ssl;
+    (void) md;
+
+    return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+}
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+int mbedtls_ssl_get_key_exchange_md_ssl_tls(mbedtls_ssl_context *ssl,
+                                            unsigned char *output,
+                                            unsigned char *data, size_t data_len)
+{
+    int ret = 0;
+    mbedtls_md5_context mbedtls_md5;
+    mbedtls_sha1_context mbedtls_sha1;
+
+    mbedtls_md5_init(&mbedtls_md5);
+    mbedtls_sha1_init(&mbedtls_sha1);
+
+    /*
+     * digitally-signed struct {
+     *     opaque md5_hash[16];
+     *     opaque sha_hash[20];
+     * };
+     *
+     * md5_hash
+     *     MD5(ClientHello.random + ServerHello.random
+     *                            + ServerParams);
+     * sha_hash
+     *     SHA(ClientHello.random + ServerHello.random
+     *                            + ServerParams);
+     */
+    if ((ret = mbedtls_md5_starts_ret(&mbedtls_md5)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md5_starts_ret", ret);
+        goto exit;
+    }
+    if ((ret = mbedtls_md5_update_ret(&mbedtls_md5,
+                                      ssl->handshake->randbytes, 64)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md5_update_ret", ret);
+        goto exit;
+    }
+    if ((ret = mbedtls_md5_update_ret(&mbedtls_md5, data, data_len)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md5_update_ret", ret);
+        goto exit;
+    }
+    if ((ret = mbedtls_md5_finish_ret(&mbedtls_md5, output)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md5_finish_ret", ret);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_sha1_starts_ret(&mbedtls_sha1)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_sha1_starts_ret", ret);
+        goto exit;
+    }
+    if ((ret = mbedtls_sha1_update_ret(&mbedtls_sha1,
+                                       ssl->handshake->randbytes, 64)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_sha1_update_ret", ret);
+        goto exit;
+    }
+    if ((ret = mbedtls_sha1_update_ret(&mbedtls_sha1, data,
+                                       data_len)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_sha1_update_ret", ret);
+        goto exit;
+    }
+    if ((ret = mbedtls_sha1_finish_ret(&mbedtls_sha1,
+                                       output + 16)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_sha1_finish_ret", ret);
+        goto exit;
+    }
+
+exit:
+    mbedtls_md5_free(&mbedtls_md5);
+    mbedtls_sha1_free(&mbedtls_sha1);
+
+    if (ret != 0) {
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR);
+    }
+
+    return ret;
+
+}
+#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
+          MBEDTLS_SSL_PROTO_TLS1_1 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2)
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+int mbedtls_ssl_get_key_exchange_md_tls1_2(mbedtls_ssl_context *ssl,
+                                           unsigned char *hash, size_t *hashlen,
+                                           unsigned char *data, size_t data_len,
+                                           mbedtls_md_type_t md_alg)
+{
+    psa_status_t status;
+    psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT;
+    psa_algorithm_t hash_alg = mbedtls_psa_translate_md(md_alg);
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("Perform PSA-based computation of digest of ServerKeyExchange"));
+
+    if ((status = psa_hash_setup(&hash_operation,
+                                 hash_alg)) != PSA_SUCCESS) {
+        MBEDTLS_SSL_DEBUG_RET(1, "psa_hash_setup", status);
+        goto exit;
+    }
+
+    if ((status = psa_hash_update(&hash_operation, ssl->handshake->randbytes,
+                                  64)) != PSA_SUCCESS) {
+        MBEDTLS_SSL_DEBUG_RET(1, "psa_hash_update", status);
+        goto exit;
+    }
+
+    if ((status = psa_hash_update(&hash_operation,
+                                  data, data_len)) != PSA_SUCCESS) {
+        MBEDTLS_SSL_DEBUG_RET(1, "psa_hash_update", status);
+        goto exit;
+    }
+
+    if ((status = psa_hash_finish(&hash_operation, hash, PSA_HASH_MAX_SIZE,
+                                  hashlen)) != PSA_SUCCESS) {
+        MBEDTLS_SSL_DEBUG_RET(1, "psa_hash_finish", status);
+        goto exit;
+    }
+
+exit:
+    if (status != PSA_SUCCESS) {
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR);
+        switch (status) {
+            case PSA_ERROR_NOT_SUPPORTED:
+                return MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE;
+            case PSA_ERROR_BAD_STATE: /* Intentional fallthrough */
+            case PSA_ERROR_BUFFER_TOO_SMALL:
+                return MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+            case PSA_ERROR_INSUFFICIENT_MEMORY:
+                return MBEDTLS_ERR_MD_ALLOC_FAILED;
+            default:
+                return MBEDTLS_ERR_MD_HW_ACCEL_FAILED;
+        }
+    }
+    return 0;
+}
+
+#else
+
+int mbedtls_ssl_get_key_exchange_md_tls1_2(mbedtls_ssl_context *ssl,
+                                           unsigned char *hash, size_t *hashlen,
+                                           unsigned char *data, size_t data_len,
+                                           mbedtls_md_type_t md_alg)
+{
+    int ret = 0;
+    mbedtls_md_context_t ctx;
+    const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_alg);
+    *hashlen = mbedtls_md_get_size(md_info);
+
+    MBEDTLS_SSL_DEBUG_MSG(3, ("Perform mbedtls-based computation of digest of ServerKeyExchange"));
+
+    mbedtls_md_init(&ctx);
+
+    /*
+     * digitally-signed struct {
+     *     opaque client_random[32];
+     *     opaque server_random[32];
+     *     ServerDHParams params;
+     * };
+     */
+    if ((ret = mbedtls_md_setup(&ctx, md_info, 0)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_setup", ret);
+        goto exit;
+    }
+    if ((ret = mbedtls_md_starts(&ctx)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_starts", ret);
+        goto exit;
+    }
+    if ((ret = mbedtls_md_update(&ctx, ssl->handshake->randbytes, 64)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_update", ret);
+        goto exit;
+    }
+    if ((ret = mbedtls_md_update(&ctx, data, data_len)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_update", ret);
+        goto exit;
+    }
+    if ((ret = mbedtls_md_finish(&ctx, hash)) != 0) {
+        MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_finish", ret);
+        goto exit;
+    }
+
+exit:
+    mbedtls_md_free(&ctx);
+
+    if (ret != 0) {
+        mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                       MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR);
+    }
+
+    return ret;
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
+          MBEDTLS_SSL_PROTO_TLS1_2 */
+
+#endif /* MBEDTLS_SSL_TLS_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/ssl_tls13_keys.c b/3rdparty/mbedtls-2.28.7/library/ssl_tls13_keys.c
new file mode 100644
index 0000000..ae7bf10
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/ssl_tls13_keys.c
@@ -0,0 +1,341 @@
+/*
+ *  TLS 1.3 key schedule
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+
+#include "mbedtls/hkdf.h"
+#include "mbedtls/ssl_internal.h"
+#include "ssl_tls13_keys.h"
+#include "psa/crypto_sizes.h"
+
+#include <stdint.h>
+#include <string.h>
+
+#define MBEDTLS_SSL_TLS1_3_LABEL(name, string)       \
+    .name = string,
+
+#define TLS1_3_EVOLVE_INPUT_SIZE (PSA_HASH_MAX_SIZE > PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE) ? \
+    PSA_HASH_MAX_SIZE : PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE
+
+struct mbedtls_ssl_tls1_3_labels_struct const mbedtls_ssl_tls1_3_labels =
+{
+    /* This seems to work in C, despite the string literal being one
+     * character too long due to the 0-termination. */
+    MBEDTLS_SSL_TLS1_3_LABEL_LIST
+};
+
+#undef MBEDTLS_SSL_TLS1_3_LABEL
+
+/*
+ * This function creates a HkdfLabel structure used in the TLS 1.3 key schedule.
+ *
+ * The HkdfLabel is specified in RFC 8446 as follows:
+ *
+ * struct HkdfLabel {
+ *   uint16 length;            // Length of expanded key material
+ *   opaque label<7..255>;     // Always prefixed by "tls13 "
+ *   opaque context<0..255>;   // Usually a communication transcript hash
+ * };
+ *
+ * Parameters:
+ * - desired_length: Length of expanded key material
+ *                   Even though the standard allows expansion to up to
+ *                   2**16 Bytes, TLS 1.3 never uses expansion to more than
+ *                   255 Bytes, so we require `desired_length` to be at most
+ *                   255. This allows us to save a few Bytes of code by
+ *                   hardcoding the writing of the high bytes.
+ * - (label, llen): label + label length, without "tls13 " prefix
+ *                  The label length MUST be less than or equal to
+ *                  MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN
+ *                  It is the caller's responsibility to ensure this.
+ *                  All (label, label length) pairs used in TLS 1.3
+ *                  can be obtained via MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN().
+ * - (ctx, clen): context + context length
+ *                The context length MUST be less than or equal to
+ *                MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN
+ *                It is the caller's responsibility to ensure this.
+ * - dst: Target buffer for HkdfLabel structure,
+ *        This MUST be a writable buffer of size
+ *        at least SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN Bytes.
+ * - dlen: Pointer at which to store the actual length of
+ *         the HkdfLabel structure on success.
+ */
+
+static const char tls1_3_label_prefix[6] = "tls13 ";
+
+#define SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN(label_len, context_len) \
+    (2                     /* expansion length           */ \
+     + 1                   /* label length               */ \
+     + label_len                                           \
+     + 1                   /* context length             */ \
+     + context_len)
+
+#define SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN                      \
+    SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN(                             \
+        sizeof(tls1_3_label_prefix) +                      \
+        MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN,     \
+        MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN)
+
+static void ssl_tls1_3_hkdf_encode_label(
+    size_t desired_length,
+    const unsigned char *label, size_t llen,
+    const unsigned char *ctx, size_t clen,
+    unsigned char *dst, size_t *dlen)
+{
+    size_t total_label_len =
+        sizeof(tls1_3_label_prefix) + llen;
+    size_t total_hkdf_lbl_len =
+        SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN(total_label_len, clen);
+
+    unsigned char *p = dst;
+
+    /* Add the size of the expanded key material.
+     * We're hardcoding the high byte to 0 here assuming that we never use
+     * TLS 1.3 HKDF key expansion to more than 255 Bytes. */
+#if MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN > 255
+#error "The implementation of ssl_tls1_3_hkdf_encode_label() is not fit for the \
+    value of MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN"
+#endif
+
+    *p++ = 0;
+    *p++ = MBEDTLS_BYTE_0(desired_length);
+
+    /* Add label incl. prefix */
+    *p++ = MBEDTLS_BYTE_0(total_label_len);
+    memcpy(p, tls1_3_label_prefix, sizeof(tls1_3_label_prefix));
+    p += sizeof(tls1_3_label_prefix);
+    memcpy(p, label, llen);
+    p += llen;
+
+    /* Add context value */
+    *p++ = MBEDTLS_BYTE_0(clen);
+    if (clen != 0) {
+        memcpy(p, ctx, clen);
+    }
+
+    /* Return total length to the caller.  */
+    *dlen = total_hkdf_lbl_len;
+}
+
+int mbedtls_ssl_tls1_3_hkdf_expand_label(
+    mbedtls_md_type_t hash_alg,
+    const unsigned char *secret, size_t slen,
+    const unsigned char *label, size_t llen,
+    const unsigned char *ctx, size_t clen,
+    unsigned char *buf, size_t blen)
+{
+    const mbedtls_md_info_t *md;
+    unsigned char hkdf_label[SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN];
+    size_t hkdf_label_len;
+
+    if (llen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN) {
+        /* Should never happen since this is an internal
+         * function, and we know statically which labels
+         * are allowed. */
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    if (clen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN) {
+        /* Should not happen, as above. */
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    if (blen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN) {
+        /* Should not happen, as above. */
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    md = mbedtls_md_info_from_type(hash_alg);
+    if (md == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    ssl_tls1_3_hkdf_encode_label(blen,
+                                 label, llen,
+                                 ctx, clen,
+                                 hkdf_label,
+                                 &hkdf_label_len);
+
+    return mbedtls_hkdf_expand(md,
+                               secret, slen,
+                               hkdf_label, hkdf_label_len,
+                               buf, blen);
+}
+
+/*
+ * The traffic keying material is generated from the following inputs:
+ *
+ *  - One secret value per sender.
+ *  - A purpose value indicating the specific value being generated
+ *  - The desired lengths of key and IV.
+ *
+ * The expansion itself is based on HKDF:
+ *
+ *   [sender]_write_key = HKDF-Expand-Label( Secret, "key", "", key_length )
+ *   [sender]_write_iv  = HKDF-Expand-Label( Secret, "iv" , "", iv_length )
+ *
+ * [sender] denotes the sending side and the Secret value is provided
+ * by the function caller. Note that we generate server and client side
+ * keys in a single function call.
+ */
+int mbedtls_ssl_tls1_3_make_traffic_keys(
+    mbedtls_md_type_t hash_alg,
+    const unsigned char *client_secret,
+    const unsigned char *server_secret,
+    size_t slen, size_t key_len, size_t iv_len,
+    mbedtls_ssl_key_set *keys)
+{
+    int ret = 0;
+
+    ret = mbedtls_ssl_tls1_3_hkdf_expand_label(hash_alg,
+                                               client_secret, slen,
+                                               MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(key),
+                                               NULL, 0,
+                                               keys->client_write_key, key_len);
+    if (ret != 0) {
+        return ret;
+    }
+
+    ret = mbedtls_ssl_tls1_3_hkdf_expand_label(hash_alg,
+                                               server_secret, slen,
+                                               MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(key),
+                                               NULL, 0,
+                                               keys->server_write_key, key_len);
+    if (ret != 0) {
+        return ret;
+    }
+
+    ret = mbedtls_ssl_tls1_3_hkdf_expand_label(hash_alg,
+                                               client_secret, slen,
+                                               MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(iv),
+                                               NULL, 0,
+                                               keys->client_write_iv, iv_len);
+    if (ret != 0) {
+        return ret;
+    }
+
+    ret = mbedtls_ssl_tls1_3_hkdf_expand_label(hash_alg,
+                                               server_secret, slen,
+                                               MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(iv),
+                                               NULL, 0,
+                                               keys->server_write_iv, iv_len);
+    if (ret != 0) {
+        return ret;
+    }
+
+    keys->key_len = key_len;
+    keys->iv_len = iv_len;
+
+    return 0;
+}
+
+int mbedtls_ssl_tls1_3_derive_secret(
+    mbedtls_md_type_t hash_alg,
+    const unsigned char *secret, size_t slen,
+    const unsigned char *label, size_t llen,
+    const unsigned char *ctx, size_t clen,
+    int ctx_hashed,
+    unsigned char *dstbuf, size_t buflen)
+{
+    int ret;
+    unsigned char hashed_context[MBEDTLS_MD_MAX_SIZE];
+
+    const mbedtls_md_info_t *md;
+    md = mbedtls_md_info_from_type(hash_alg);
+    if (md == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    if (ctx_hashed == MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED) {
+        ret = mbedtls_md(md, ctx, clen, hashed_context);
+        if (ret != 0) {
+            return ret;
+        }
+        clen = mbedtls_md_get_size(md);
+    } else {
+        if (clen > sizeof(hashed_context)) {
+            /* This should never happen since this function is internal
+             * and the code sets `ctx_hashed` correctly.
+             * Let's double-check nonetheless to not run at the risk
+             * of getting a stack overflow. */
+            return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        }
+
+        memcpy(hashed_context, ctx, clen);
+    }
+
+    return mbedtls_ssl_tls1_3_hkdf_expand_label(hash_alg,
+                                                secret, slen,
+                                                label, llen,
+                                                hashed_context, clen,
+                                                dstbuf, buflen);
+}
+
+int mbedtls_ssl_tls1_3_evolve_secret(
+    mbedtls_md_type_t hash_alg,
+    const unsigned char *secret_old,
+    const unsigned char *input, size_t input_len,
+    unsigned char *secret_new)
+{
+    int ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    size_t hlen, ilen;
+    unsigned char tmp_secret[PSA_MAC_MAX_SIZE] = { 0 };
+    unsigned char tmp_input[TLS1_3_EVOLVE_INPUT_SIZE] = { 0 };
+
+    const mbedtls_md_info_t *md;
+    md = mbedtls_md_info_from_type(hash_alg);
+    if (md == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    hlen = mbedtls_md_get_size(md);
+
+    /* For non-initial runs, call Derive-Secret( ., "derived", "")
+     * on the old secret. */
+    if (secret_old != NULL) {
+        ret = mbedtls_ssl_tls1_3_derive_secret(
+            hash_alg,
+            secret_old, hlen,
+            MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(derived),
+            NULL, 0,        /* context */
+            MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED,
+            tmp_secret, hlen);
+        if (ret != 0) {
+            goto cleanup;
+        }
+    }
+
+    if (input != NULL) {
+        memcpy(tmp_input, input, input_len);
+        ilen = input_len;
+    } else {
+        ilen = hlen;
+    }
+
+    /* HKDF-Extract takes a salt and input key material.
+     * The salt is the old secret, and the input key material
+     * is the input secret (PSK / ECDHE). */
+    ret = mbedtls_hkdf_extract(md,
+                               tmp_secret, hlen,
+                               tmp_input, ilen,
+                               secret_new);
+    if (ret != 0) {
+        goto cleanup;
+    }
+
+    ret = 0;
+
+cleanup:
+
+    mbedtls_platform_zeroize(tmp_secret, sizeof(tmp_secret));
+    mbedtls_platform_zeroize(tmp_input,  sizeof(tmp_input));
+    return ret;
+}
+
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
diff --git a/3rdparty/mbedtls-2.28.7/library/ssl_tls13_keys.h b/3rdparty/mbedtls-2.28.7/library/ssl_tls13_keys.h
new file mode 100644
index 0000000..ca74132
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/ssl_tls13_keys.h
@@ -0,0 +1,260 @@
+/*
+ *  TLS 1.3 key schedule
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#if !defined(MBEDTLS_SSL_TLS1_3_KEYS_H)
+#define MBEDTLS_SSL_TLS1_3_KEYS_H
+
+/* This requires MBEDTLS_SSL_TLS1_3_LABEL( idx, name, string ) to be defined at
+ * the point of use. See e.g. the definition of mbedtls_ssl_tls1_3_labels_union
+ * below. */
+#define MBEDTLS_SSL_TLS1_3_LABEL_LIST                               \
+    MBEDTLS_SSL_TLS1_3_LABEL(finished, "finished") \
+    MBEDTLS_SSL_TLS1_3_LABEL(resumption, "resumption") \
+    MBEDTLS_SSL_TLS1_3_LABEL(traffic_upd, "traffic upd") \
+    MBEDTLS_SSL_TLS1_3_LABEL(exporter, "exporter") \
+    MBEDTLS_SSL_TLS1_3_LABEL(key, "key") \
+    MBEDTLS_SSL_TLS1_3_LABEL(iv, "iv") \
+    MBEDTLS_SSL_TLS1_3_LABEL(c_hs_traffic, "c hs traffic") \
+    MBEDTLS_SSL_TLS1_3_LABEL(c_ap_traffic, "c ap traffic") \
+    MBEDTLS_SSL_TLS1_3_LABEL(c_e_traffic, "c e traffic") \
+    MBEDTLS_SSL_TLS1_3_LABEL(s_hs_traffic, "s hs traffic") \
+    MBEDTLS_SSL_TLS1_3_LABEL(s_ap_traffic, "s ap traffic") \
+    MBEDTLS_SSL_TLS1_3_LABEL(s_e_traffic, "s e traffic") \
+    MBEDTLS_SSL_TLS1_3_LABEL(e_exp_master, "e exp master") \
+    MBEDTLS_SSL_TLS1_3_LABEL(res_master, "res master") \
+    MBEDTLS_SSL_TLS1_3_LABEL(exp_master, "exp master") \
+    MBEDTLS_SSL_TLS1_3_LABEL(ext_binder, "ext binder") \
+    MBEDTLS_SSL_TLS1_3_LABEL(res_binder, "res binder") \
+    MBEDTLS_SSL_TLS1_3_LABEL(derived, "derived")
+
+#define MBEDTLS_SSL_TLS1_3_LABEL(name, string)       \
+    const unsigned char name    [sizeof(string) - 1];
+
+union mbedtls_ssl_tls1_3_labels_union {
+    MBEDTLS_SSL_TLS1_3_LABEL_LIST
+};
+struct mbedtls_ssl_tls1_3_labels_struct {
+    MBEDTLS_SSL_TLS1_3_LABEL_LIST
+};
+#undef MBEDTLS_SSL_TLS1_3_LABEL
+
+extern const struct mbedtls_ssl_tls1_3_labels_struct mbedtls_ssl_tls1_3_labels;
+
+#define MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(LABEL)  \
+    mbedtls_ssl_tls1_3_labels.LABEL,              \
+    sizeof(mbedtls_ssl_tls1_3_labels.LABEL)
+
+#define MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN  \
+    sizeof(union mbedtls_ssl_tls1_3_labels_union)
+
+/* The maximum length of HKDF contexts used in the TLS 1.3 standard.
+ * Since contexts are always hashes of message transcripts, this can
+ * be approximated from above by the maximum hash size. */
+#define MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN  \
+    MBEDTLS_MD_MAX_SIZE
+
+/* Maximum desired length for expanded key material generated
+ * by HKDF-Expand-Label.
+ *
+ * Warning: If this ever needs to be increased, the implementation
+ * ssl_tls1_3_hkdf_encode_label() in ssl_tls13_keys.c needs to be
+ * adjusted since it currently assumes that HKDF key expansion
+ * is never used with more than 255 Bytes of output. */
+#define MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN 255
+
+/**
+ * \brief           The \c HKDF-Expand-Label function from
+ *                  the TLS 1.3 standard RFC 8446.
+ *
+ * <tt>
+ *                  HKDF-Expand-Label( Secret, Label, Context, Length ) =
+ *                       HKDF-Expand( Secret, HkdfLabel, Length )
+ * </tt>
+ *
+ * \param hash_alg  The identifier for the hash algorithm to use.
+ * \param secret    The \c Secret argument to \c HKDF-Expand-Label.
+ *                  This must be a readable buffer of length \p slen Bytes.
+ * \param slen      The length of \p secret in Bytes.
+ * \param label     The \c Label argument to \c HKDF-Expand-Label.
+ *                  This must be a readable buffer of length \p llen Bytes.
+ * \param llen      The length of \p label in Bytes.
+ * \param ctx       The \c Context argument to \c HKDF-Expand-Label.
+ *                  This must be a readable buffer of length \p clen Bytes.
+ * \param clen      The length of \p context in Bytes.
+ * \param buf       The destination buffer to hold the expanded secret.
+ *                  This must be a writable buffer of length \p blen Bytes.
+ * \param blen      The desired size of the expanded secret in Bytes.
+ *
+ * \returns         \c 0 on success.
+ * \return          A negative error code on failure.
+ */
+
+int mbedtls_ssl_tls1_3_hkdf_expand_label(
+    mbedtls_md_type_t hash_alg,
+    const unsigned char *secret, size_t slen,
+    const unsigned char *label, size_t llen,
+    const unsigned char *ctx, size_t clen,
+    unsigned char *buf, size_t blen);
+
+/**
+ * \brief           This function is part of the TLS 1.3 key schedule.
+ *                  It extracts key and IV for the actual client/server traffic
+ *                  from the client/server traffic secrets.
+ *
+ * From RFC 8446:
+ *
+ * <tt>
+ *   [sender]_write_key = HKDF-Expand-Label(Secret, "key", "", key_length)
+ *   [sender]_write_iv  = HKDF-Expand-Label(Secret, "iv", "", iv_length)*
+ * </tt>
+ *
+ * \param hash_alg      The identifier for the hash algorithm to be used
+ *                      for the HKDF-based expansion of the secret.
+ * \param client_secret The client traffic secret.
+ *                      This must be a readable buffer of size \p slen Bytes
+ * \param server_secret The server traffic secret.
+ *                      This must be a readable buffer of size \p slen Bytes
+ * \param slen          Length of the secrets \p client_secret and
+ *                      \p server_secret in Bytes.
+ * \param key_len       The desired length of the key to be extracted in Bytes.
+ * \param iv_len        The desired length of the IV to be extracted in Bytes.
+ * \param keys          The address of the structure holding the generated
+ *                      keys and IVs.
+ *
+ * \returns             \c 0 on success.
+ * \returns             A negative error code on failure.
+ */
+
+int mbedtls_ssl_tls1_3_make_traffic_keys(
+    mbedtls_md_type_t hash_alg,
+    const unsigned char *client_secret,
+    const unsigned char *server_secret,
+    size_t slen, size_t key_len, size_t iv_len,
+    mbedtls_ssl_key_set *keys);
+
+
+#define MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED 0
+#define MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED   1
+
+/**
+ * \brief The \c Derive-Secret function from the TLS 1.3 standard RFC 8446.
+ *
+ * <tt>
+ *   Derive-Secret( Secret, Label, Messages ) =
+ *      HKDF-Expand-Label( Secret, Label,
+ *                         Hash( Messages ),
+ *                         Hash.Length ) )
+ * </tt>
+ *
+ * \param hash_alg   The identifier for the hash function used for the
+ *                   applications of HKDF.
+ * \param secret     The \c Secret argument to the \c Derive-Secret function.
+ *                   This must be a readable buffer of length \p slen Bytes.
+ * \param slen       The length of \p secret in Bytes.
+ * \param label      The \c Label argument to the \c Derive-Secret function.
+ *                   This must be a readable buffer of length \p llen Bytes.
+ * \param llen       The length of \p label in Bytes.
+ * \param ctx        The hash of the \c Messages argument to the
+ *                   \c Derive-Secret function, or the \c Messages argument
+ *                   itself, depending on \p context_already_hashed.
+ * \param clen       The length of \p hash.
+ * \param ctx_hashed This indicates whether the \p ctx contains the hash of
+ *                   the \c Messages argument in the application of the
+ *                   \c Derive-Secret function
+ *                   (value MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED), or whether
+ *                   it is the content of \c Messages itself, in which case
+ *                   the function takes care of the hashing
+ *                   (value MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED).
+ * \param dstbuf     The target buffer to write the output of
+ *                   \c Derive-Secret to. This must be a writable buffer of
+ *                   size \p buflen Bytes.
+ * \param buflen     The length of \p dstbuf in Bytes.
+ *
+ * \returns        \c 0 on success.
+ * \returns        A negative error code on failure.
+ */
+int mbedtls_ssl_tls1_3_derive_secret(
+    mbedtls_md_type_t hash_alg,
+    const unsigned char *secret, size_t slen,
+    const unsigned char *label, size_t llen,
+    const unsigned char *ctx, size_t clen,
+    int ctx_hashed,
+    unsigned char *dstbuf, size_t buflen);
+
+/**
+ * \brief Compute the next secret in the TLS 1.3 key schedule
+ *
+ * The TLS 1.3 key schedule proceeds as follows to compute
+ * the three main secrets during the handshake: The early
+ * secret for early data, the handshake secret for all
+ * other encrypted handshake messages, and the master
+ * secret for all application traffic.
+ *
+ * <tt>
+ *                    0
+ *                    |
+ *                    v
+ *     PSK ->  HKDF-Extract = Early Secret
+ *                    |
+ *                    v
+ *     Derive-Secret( ., "derived", "" )
+ *                    |
+ *                    v
+ *  (EC)DHE -> HKDF-Extract = Handshake Secret
+ *                    |
+ *                    v
+ *     Derive-Secret( ., "derived", "" )
+ *                    |
+ *                    v
+ *     0 -> HKDF-Extract = Master Secret
+ * </tt>
+ *
+ * Each of the three secrets in turn is the basis for further
+ * key derivations, such as the derivation of traffic keys and IVs;
+ * see e.g. mbedtls_ssl_tls1_3_make_traffic_keys().
+ *
+ * This function implements one step in this evolution of secrets:
+ *
+ * <tt>
+ *                old_secret
+ *                    |
+ *                    v
+ *     Derive-Secret( ., "derived", "" )
+ *                    |
+ *                    v
+ *     input -> HKDF-Extract = new_secret
+ * </tt>
+ *
+ * \param hash_alg    The identifier for the hash function used for the
+ *                    applications of HKDF.
+ * \param secret_old  The address of the buffer holding the old secret
+ *                    on function entry. If not \c NULL, this must be a
+ *                    readable buffer whose size matches the output size
+ *                    of the hash function represented by \p hash_alg.
+ *                    If \c NULL, an all \c 0 array will be used instead.
+ * \param input       The address of the buffer holding the additional
+ *                    input for the key derivation (e.g., the PSK or the
+ *                    ephemeral (EC)DH secret). If not \c NULL, this must be
+ *                    a readable buffer whose size \p input_len Bytes.
+ *                    If \c NULL, an all \c 0 array will be used instead.
+ * \param input_len   The length of \p input in Bytes.
+ * \param secret_new  The address of the buffer holding the new secret
+ *                    on function exit. This must be a writable buffer
+ *                    whose size matches the output size of the hash
+ *                    function represented by \p hash_alg.
+ *                    This may be the same as \p secret_old.
+ *
+ * \returns           \c 0 on success.
+ * \returns           A negative error code on failure.
+ */
+
+int mbedtls_ssl_tls1_3_evolve_secret(
+    mbedtls_md_type_t hash_alg,
+    const unsigned char *secret_old,
+    const unsigned char *input, size_t input_len,
+    unsigned char *secret_new);
+
+#endif /* MBEDTLS_SSL_TLS1_3_KEYS_H */
diff --git a/3rdparty/mbedtls-2.28.7/library/threading.c b/3rdparty/mbedtls-2.28.7/library/threading.c
new file mode 100644
index 0000000..b03f0cc
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/threading.c
@@ -0,0 +1,181 @@
+/*
+ *  Threading abstraction layer
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ * Ensure gmtime_r is available even with -std=c99; must be defined before
+ * config.h, which pulls in glibc's features.h. Harmless on other platforms.
+ */
+#if !defined(_POSIX_C_SOURCE)
+#define _POSIX_C_SOURCE 200112L
+#endif
+
+#include "common.h"
+
+#if defined(MBEDTLS_THREADING_C)
+
+#include "mbedtls/threading.h"
+
+#if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_PLATFORM_GMTIME_R_ALT)
+
+#if !defined(_WIN32) && (defined(unix) || \
+    defined(__unix) || defined(__unix__) || (defined(__APPLE__) && \
+    defined(__MACH__)))
+#include <unistd.h>
+#endif /* !_WIN32 && (unix || __unix || __unix__ ||
+        * (__APPLE__ && __MACH__)) */
+
+#if !((defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L) ||     \
+    (defined(_POSIX_THREAD_SAFE_FUNCTIONS) &&                     \
+    _POSIX_THREAD_SAFE_FUNCTIONS >= 200112L))
+/*
+ * This is a convenience shorthand macro to avoid checking the long
+ * preprocessor conditions above. Ideally, we could expose this macro in
+ * platform_util.h and simply use it in platform_util.c, threading.c and
+ * threading.h. However, this macro is not part of the Mbed TLS public API, so
+ * we keep it private by only defining it in this file
+ */
+
+#if !(defined(_WIN32) && !defined(EFIX64) && !defined(EFI32))
+#define THREADING_USE_GMTIME
+#endif /* ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) ) */
+
+#endif /* !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \
+             ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \
+                _POSIX_THREAD_SAFE_FUNCTIONS >= 200112L ) ) */
+
+#endif /* MBEDTLS_HAVE_TIME_DATE && !MBEDTLS_PLATFORM_GMTIME_R_ALT */
+
+#if defined(MBEDTLS_THREADING_PTHREAD)
+static void threading_mutex_init_pthread(mbedtls_threading_mutex_t *mutex)
+{
+    if (mutex == NULL) {
+        return;
+    }
+
+    /* A nonzero value of is_valid indicates a successfully initialized
+     * mutex. This is a workaround for not being able to return an error
+     * code for this function. The lock/unlock functions return an error
+     * if is_valid is nonzero. The Mbed TLS unit test code uses this field
+     * to distinguish more states of the mutex; see
+     * tests/src/threading_helpers for details. */
+    mutex->is_valid = pthread_mutex_init(&mutex->mutex, NULL) == 0;
+}
+
+static void threading_mutex_free_pthread(mbedtls_threading_mutex_t *mutex)
+{
+    if (mutex == NULL || !mutex->is_valid) {
+        return;
+    }
+
+    (void) pthread_mutex_destroy(&mutex->mutex);
+    mutex->is_valid = 0;
+}
+
+static int threading_mutex_lock_pthread(mbedtls_threading_mutex_t *mutex)
+{
+    if (mutex == NULL || !mutex->is_valid) {
+        return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA;
+    }
+
+    if (pthread_mutex_lock(&mutex->mutex) != 0) {
+        return MBEDTLS_ERR_THREADING_MUTEX_ERROR;
+    }
+
+    return 0;
+}
+
+static int threading_mutex_unlock_pthread(mbedtls_threading_mutex_t *mutex)
+{
+    if (mutex == NULL || !mutex->is_valid) {
+        return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA;
+    }
+
+    if (pthread_mutex_unlock(&mutex->mutex) != 0) {
+        return MBEDTLS_ERR_THREADING_MUTEX_ERROR;
+    }
+
+    return 0;
+}
+
+void (*mbedtls_mutex_init)(mbedtls_threading_mutex_t *) = threading_mutex_init_pthread;
+void (*mbedtls_mutex_free)(mbedtls_threading_mutex_t *) = threading_mutex_free_pthread;
+int (*mbedtls_mutex_lock)(mbedtls_threading_mutex_t *) = threading_mutex_lock_pthread;
+int (*mbedtls_mutex_unlock)(mbedtls_threading_mutex_t *) = threading_mutex_unlock_pthread;
+
+/*
+ * With pthreads we can statically initialize mutexes
+ */
+#define MUTEX_INIT  = { PTHREAD_MUTEX_INITIALIZER, 1 }
+
+#endif /* MBEDTLS_THREADING_PTHREAD */
+
+#if defined(MBEDTLS_THREADING_ALT)
+static int threading_mutex_fail(mbedtls_threading_mutex_t *mutex)
+{
+    ((void) mutex);
+    return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA;
+}
+static void threading_mutex_dummy(mbedtls_threading_mutex_t *mutex)
+{
+    ((void) mutex);
+    return;
+}
+
+void (*mbedtls_mutex_init)(mbedtls_threading_mutex_t *) = threading_mutex_dummy;
+void (*mbedtls_mutex_free)(mbedtls_threading_mutex_t *) = threading_mutex_dummy;
+int (*mbedtls_mutex_lock)(mbedtls_threading_mutex_t *) = threading_mutex_fail;
+int (*mbedtls_mutex_unlock)(mbedtls_threading_mutex_t *) = threading_mutex_fail;
+
+/*
+ * Set functions pointers and initialize global mutexes
+ */
+void mbedtls_threading_set_alt(void (*mutex_init)(mbedtls_threading_mutex_t *),
+                               void (*mutex_free)(mbedtls_threading_mutex_t *),
+                               int (*mutex_lock)(mbedtls_threading_mutex_t *),
+                               int (*mutex_unlock)(mbedtls_threading_mutex_t *))
+{
+    mbedtls_mutex_init = mutex_init;
+    mbedtls_mutex_free = mutex_free;
+    mbedtls_mutex_lock = mutex_lock;
+    mbedtls_mutex_unlock = mutex_unlock;
+
+#if defined(MBEDTLS_FS_IO)
+    mbedtls_mutex_init(&mbedtls_threading_readdir_mutex);
+#endif
+#if defined(THREADING_USE_GMTIME)
+    mbedtls_mutex_init(&mbedtls_threading_gmtime_mutex);
+#endif
+}
+
+/*
+ * Free global mutexes
+ */
+void mbedtls_threading_free_alt(void)
+{
+#if defined(MBEDTLS_FS_IO)
+    mbedtls_mutex_free(&mbedtls_threading_readdir_mutex);
+#endif
+#if defined(THREADING_USE_GMTIME)
+    mbedtls_mutex_free(&mbedtls_threading_gmtime_mutex);
+#endif
+}
+#endif /* MBEDTLS_THREADING_ALT */
+
+/*
+ * Define global mutexes
+ */
+#ifndef MUTEX_INIT
+#define MUTEX_INIT
+#endif
+#if defined(MBEDTLS_FS_IO)
+mbedtls_threading_mutex_t mbedtls_threading_readdir_mutex MUTEX_INIT;
+#endif
+#if defined(THREADING_USE_GMTIME)
+mbedtls_threading_mutex_t mbedtls_threading_gmtime_mutex MUTEX_INIT;
+#endif
+
+#endif /* MBEDTLS_THREADING_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/timing.c b/3rdparty/mbedtls-2.28.7/library/timing.c
new file mode 100644
index 0000000..f2f0a43
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/timing.c
@@ -0,0 +1,524 @@
+/*
+ *  Portable interface to the CPU cycle counter
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <string.h>
+
+#include "common.h"
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_TIMING_C)
+
+#include "mbedtls/timing.h"
+
+#if !defined(MBEDTLS_TIMING_ALT)
+
+#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \
+    !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \
+    !defined(__HAIKU__) && !defined(__midipix__)
+#error "This module only works on Unix and Windows, see MBEDTLS_TIMING_C in config.h"
+#endif
+
+/* *INDENT-OFF* */
+#ifndef asm
+#define asm __asm
+#endif
+/* *INDENT-ON* */
+
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+
+#include <windows.h>
+#include <process.h>
+
+struct _hr_time {
+    LARGE_INTEGER start;
+};
+
+#else
+
+#include <unistd.h>
+#include <sys/types.h>
+#include <signal.h>
+/* time.h should be included independently of MBEDTLS_HAVE_TIME. If the
+ * platform matches the ifdefs above, it will be used. */
+#include <time.h>
+#include <sys/time.h>
+struct _hr_time {
+    struct timeval start;
+};
+#endif /* _WIN32 && !EFIX64 && !EFI32 */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
+    (defined(_MSC_VER) && defined(_M_IX86)) || defined(__WATCOMC__)
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock(void)
+{
+    unsigned long tsc;
+    __asm   rdtsc
+    __asm   mov[tsc], eax
+    return tsc;
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          ( _MSC_VER && _M_IX86 ) || __WATCOMC__ */
+
+/* some versions of mingw-64 have 32-bit longs even on x84_64 */
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
+    defined(__GNUC__) && (defined(__i386__) || (                       \
+    (defined(__amd64__) || defined(__x86_64__)) && __SIZEOF_LONG__ == 4))
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock(void)
+{
+    unsigned long lo, hi;
+    asm volatile ("rdtsc" : "=a" (lo), "=d" (hi));
+    return lo;
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && __i386__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
+    defined(__GNUC__) && (defined(__amd64__) || defined(__x86_64__))
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock(void)
+{
+    unsigned long lo, hi;
+    asm volatile ("rdtsc" : "=a" (lo), "=d" (hi));
+    return lo | (hi << 32);
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && ( __amd64__ || __x86_64__ ) */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
+    defined(__GNUC__) && (defined(__powerpc__) || defined(__ppc__))
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock(void)
+{
+    unsigned long tbl, tbu0, tbu1;
+
+    do {
+        asm volatile ("mftbu %0" : "=r" (tbu0));
+        asm volatile ("mftb  %0" : "=r" (tbl));
+        asm volatile ("mftbu %0" : "=r" (tbu1));
+    } while (tbu0 != tbu1);
+
+    return tbl;
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && ( __powerpc__ || __ppc__ ) */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
+    defined(__GNUC__) && defined(__sparc64__)
+
+#if defined(__OpenBSD__)
+#warning OpenBSD does not allow access to tick register using software version instead
+#else
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock(void)
+{
+    unsigned long tick;
+    asm volatile ("rdpr %%tick, %0;" : "=&r" (tick));
+    return tick;
+}
+#endif /* __OpenBSD__ */
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && __sparc64__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
+    defined(__GNUC__) && defined(__sparc__) && !defined(__sparc64__)
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock(void)
+{
+    unsigned long tick;
+    asm volatile (".byte 0x83, 0x41, 0x00, 0x00");
+    asm volatile ("mov   %%g1, %0" : "=r" (tick));
+    return tick;
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && __sparc__ && !__sparc64__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&      \
+    defined(__GNUC__) && defined(__alpha__)
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock(void)
+{
+    unsigned long cc;
+    asm volatile ("rpcc %0" : "=r" (cc));
+    return cc & 0xFFFFFFFF;
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && __alpha__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&      \
+    defined(__GNUC__) && defined(__ia64__)
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock(void)
+{
+    unsigned long itc;
+    asm volatile ("mov %0 = ar.itc" : "=r" (itc));
+    return itc;
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && __ia64__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(_MSC_VER) && \
+    !defined(EFIX64) && !defined(EFI32)
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock(void)
+{
+    LARGE_INTEGER offset;
+
+    QueryPerformanceCounter(&offset);
+
+    return (unsigned long) (offset.QuadPart);
+}
+#endif /* !HAVE_HARDCLOCK && _MSC_VER && !EFIX64 && !EFI32 */
+
+#if !defined(HAVE_HARDCLOCK)
+
+#define HAVE_HARDCLOCK
+
+static int hardclock_init = 0;
+static struct timeval tv_init;
+
+unsigned long mbedtls_timing_hardclock(void)
+{
+    struct timeval tv_cur;
+
+    if (hardclock_init == 0) {
+        gettimeofday(&tv_init, NULL);
+        hardclock_init = 1;
+    }
+
+    gettimeofday(&tv_cur, NULL);
+    return (tv_cur.tv_sec  - tv_init.tv_sec) * 1000000U
+           + (tv_cur.tv_usec - tv_init.tv_usec);
+}
+#endif /* !HAVE_HARDCLOCK */
+
+volatile int mbedtls_timing_alarmed = 0;
+
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+
+unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset)
+{
+    struct _hr_time t;
+
+    if (reset) {
+        QueryPerformanceCounter(&t.start);
+        memcpy(val, &t, sizeof(struct _hr_time));
+        return 0;
+    } else {
+        unsigned long delta;
+        LARGE_INTEGER now, hfreq;
+        /* We can't safely cast val because it may not be aligned, so use memcpy */
+        memcpy(&t, val, sizeof(struct _hr_time));
+        QueryPerformanceCounter(&now);
+        QueryPerformanceFrequency(&hfreq);
+        delta = (unsigned long) ((now.QuadPart - t.start.QuadPart) * 1000ul
+                                 / hfreq.QuadPart);
+        return delta;
+    }
+}
+
+/* It's OK to use a global because alarm() is supposed to be global anyway */
+static DWORD alarmMs;
+
+static void TimerProc(void *TimerContext)
+{
+    (void) TimerContext;
+    Sleep(alarmMs);
+    mbedtls_timing_alarmed = 1;
+    /* _endthread will be called implicitly on return
+     * That ensures execution of thread function's epilogue */
+}
+
+void mbedtls_set_alarm(int seconds)
+{
+    if (seconds == 0) {
+        /* No need to create a thread for this simple case.
+         * Also, this shorcut is more reliable at least on MinGW32 */
+        mbedtls_timing_alarmed = 1;
+        return;
+    }
+
+    mbedtls_timing_alarmed = 0;
+    alarmMs = seconds * 1000;
+    (void) _beginthread(TimerProc, 0, NULL);
+}
+
+#else /* _WIN32 && !EFIX64 && !EFI32 */
+
+unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset)
+{
+    struct _hr_time t;
+
+    if (reset) {
+        gettimeofday(&t.start, NULL);
+        memcpy(val, &t, sizeof(struct _hr_time));
+        return 0;
+    } else {
+        unsigned long delta;
+        struct timeval now;
+        /* We can't safely cast val because it may not be aligned, so use memcpy */
+        memcpy(&t, val, sizeof(struct _hr_time));
+        gettimeofday(&now, NULL);
+        delta = (now.tv_sec  - t.start.tv_sec) * 1000ul
+                + (now.tv_usec - t.start.tv_usec) / 1000;
+        return delta;
+    }
+}
+
+static void sighandler(int signum)
+{
+    mbedtls_timing_alarmed = 1;
+    signal(signum, sighandler);
+}
+
+void mbedtls_set_alarm(int seconds)
+{
+    mbedtls_timing_alarmed = 0;
+    signal(SIGALRM, sighandler);
+    alarm(seconds);
+    if (seconds == 0) {
+        /* alarm(0) cancelled any previous pending alarm, but the
+           handler won't fire, so raise the flag straight away. */
+        mbedtls_timing_alarmed = 1;
+    }
+}
+
+#endif /* _WIN32 && !EFIX64 && !EFI32 */
+
+/*
+ * Set delays to watch
+ */
+void mbedtls_timing_set_delay(void *data, uint32_t int_ms, uint32_t fin_ms)
+{
+    mbedtls_timing_delay_context *ctx = (mbedtls_timing_delay_context *) data;
+
+    ctx->int_ms = int_ms;
+    ctx->fin_ms = fin_ms;
+
+    if (fin_ms != 0) {
+        (void) mbedtls_timing_get_timer(&ctx->timer, 1);
+    }
+}
+
+/*
+ * Get number of delays expired
+ */
+int mbedtls_timing_get_delay(void *data)
+{
+    mbedtls_timing_delay_context *ctx = (mbedtls_timing_delay_context *) data;
+    unsigned long elapsed_ms;
+
+    if (ctx->fin_ms == 0) {
+        return -1;
+    }
+
+    elapsed_ms = mbedtls_timing_get_timer(&ctx->timer, 0);
+
+    if (elapsed_ms >= ctx->fin_ms) {
+        return 2;
+    }
+
+    if (elapsed_ms >= ctx->int_ms) {
+        return 1;
+    }
+
+    return 0;
+}
+
+#endif /* !MBEDTLS_TIMING_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+/*
+ * Busy-waits for the given number of milliseconds.
+ * Used for testing mbedtls_timing_hardclock.
+ */
+static void busy_msleep(unsigned long msec)
+{
+    struct mbedtls_timing_hr_time hires;
+    unsigned long i = 0; /* for busy-waiting */
+    volatile unsigned long j; /* to prevent optimisation */
+
+    (void) mbedtls_timing_get_timer(&hires, 1);
+
+    while (mbedtls_timing_get_timer(&hires, 0) < msec) {
+        i++;
+    }
+
+    j = i;
+    (void) j;
+}
+
+#define FAIL    do                                                      \
+    {                                                                   \
+        if (verbose != 0)                                              \
+        {                                                               \
+            mbedtls_printf("failed at line %d\n", __LINE__);          \
+            mbedtls_printf(" cycles=%lu ratio=%lu millisecs=%lu secs=%lu hardfail=%d a=%lu b=%lu\n", \
+                           cycles, ratio, millisecs, secs, hardfail,   \
+                           (unsigned long) a, (unsigned long) b);     \
+            mbedtls_printf(" elapsed(hires)=%lu status(ctx)=%d\n", \
+                           mbedtls_timing_get_timer(&hires, 0),      \
+                           mbedtls_timing_get_delay(&ctx));         \
+        }                                                               \
+        return 1;                                                    \
+    } while (0)
+
+/*
+ * Checkup routine
+ *
+ * Warning: this is work in progress, some tests may not be reliable enough
+ * yet! False positives may happen.
+ */
+int mbedtls_timing_self_test(int verbose)
+{
+    unsigned long cycles = 0, ratio = 0;
+    unsigned long millisecs = 0, secs = 0;
+    int hardfail = 0;
+    struct mbedtls_timing_hr_time hires;
+    uint32_t a = 0, b = 0;
+    mbedtls_timing_delay_context ctx;
+
+    if (verbose != 0) {
+        mbedtls_printf("  TIMING tests note: will take some time!\n");
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("  TIMING test #1 (set_alarm / get_timer): ");
+    }
+
+    {
+        secs = 1;
+
+        (void) mbedtls_timing_get_timer(&hires, 1);
+
+        mbedtls_set_alarm((int) secs);
+        while (!mbedtls_timing_alarmed) {
+            ;
+        }
+
+        millisecs = mbedtls_timing_get_timer(&hires, 0);
+
+        /* For some reason on Windows it looks like alarm has an extra delay
+         * (maybe related to creating a new thread). Allow some room here. */
+        if (millisecs < 800 * secs || millisecs > 1200 * secs + 300) {
+            FAIL;
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n");
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("  TIMING test #2 (set/get_delay        ): ");
+    }
+
+    {
+        a = 800;
+        b = 400;
+        mbedtls_timing_set_delay(&ctx, a, a + b);            /* T = 0 */
+
+        busy_msleep(a - a / 4);                        /* T = a - a/4 */
+        if (mbedtls_timing_get_delay(&ctx) != 0) {
+            FAIL;
+        }
+
+        busy_msleep(a / 4 + b / 4);                    /* T = a + b/4 */
+        if (mbedtls_timing_get_delay(&ctx) != 1) {
+            FAIL;
+        }
+
+        busy_msleep(b);                            /* T = a + b + b/4 */
+        if (mbedtls_timing_get_delay(&ctx) != 2) {
+            FAIL;
+        }
+    }
+
+    mbedtls_timing_set_delay(&ctx, 0, 0);
+    busy_msleep(200);
+    if (mbedtls_timing_get_delay(&ctx) != -1) {
+        FAIL;
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n");
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("  TIMING test #3 (hardclock / get_timer): ");
+    }
+
+    /*
+     * Allow one failure for possible counter wrapping.
+     * On a 4Ghz 32-bit machine the cycle counter wraps about once per second;
+     * since the whole test is about 10ms, it shouldn't happen twice in a row.
+     */
+
+hard_test:
+    if (hardfail > 1) {
+        if (verbose != 0) {
+            mbedtls_printf("failed (ignored)\n");
+        }
+
+        goto hard_test_done;
+    }
+
+    /* Get a reference ratio cycles/ms */
+    millisecs = 1;
+    cycles = mbedtls_timing_hardclock();
+    busy_msleep(millisecs);
+    cycles = mbedtls_timing_hardclock() - cycles;
+    ratio = cycles / millisecs;
+
+    /* Check that the ratio is mostly constant */
+    for (millisecs = 2; millisecs <= 4; millisecs++) {
+        cycles = mbedtls_timing_hardclock();
+        busy_msleep(millisecs);
+        cycles = mbedtls_timing_hardclock() - cycles;
+
+        /* Allow variation up to 20% */
+        if (cycles / millisecs < ratio - ratio / 5 ||
+            cycles / millisecs > ratio + ratio / 5) {
+            hardfail++;
+            goto hard_test;
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n");
+    }
+
+hard_test_done:
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+    return 0;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+#endif /* MBEDTLS_TIMING_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/version.c b/3rdparty/mbedtls-2.28.7/library/version.c
new file mode 100644
index 0000000..0439733
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/version.c
@@ -0,0 +1,32 @@
+/*
+ *  Version information
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_VERSION_C)
+
+#include "mbedtls/version.h"
+#include <string.h>
+
+unsigned int mbedtls_version_get_number(void)
+{
+    return MBEDTLS_VERSION_NUMBER;
+}
+
+void mbedtls_version_get_string(char *string)
+{
+    memcpy(string, MBEDTLS_VERSION_STRING,
+           sizeof(MBEDTLS_VERSION_STRING));
+}
+
+void mbedtls_version_get_string_full(char *string)
+{
+    memcpy(string, MBEDTLS_VERSION_STRING_FULL,
+           sizeof(MBEDTLS_VERSION_STRING_FULL));
+}
+
+#endif /* MBEDTLS_VERSION_C */
diff --git a/3rdparty/mbedtls-2.25.0/library/version_features.c b/3rdparty/mbedtls-2.28.7/library/version_features.c
similarity index 95%
rename from 3rdparty/mbedtls-2.25.0/library/version_features.c
rename to 3rdparty/mbedtls-2.28.7/library/version_features.c
index 42ccaf9..7793257 100644
--- a/3rdparty/mbedtls-2.25.0/library/version_features.c
+++ b/3rdparty/mbedtls-2.28.7/library/version_features.c
@@ -2,19 +2,7 @@
  *  Version feature information
  *
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #include "common.h"
@@ -27,7 +15,7 @@
 
 static const char * const features[] = {
 #if defined(MBEDTLS_VERSION_FEATURES)
-#if defined(MBEDTLS_HAVE_ASM)
+    #if defined(MBEDTLS_HAVE_ASM)
     "MBEDTLS_HAVE_ASM",
 #endif /* MBEDTLS_HAVE_ASM */
 #if defined(MBEDTLS_NO_UDBL_DIVISION)
@@ -75,6 +63,12 @@ static const char * const features[] = {
 #if defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT)
     "MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT",
 #endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */
+#if defined(MBEDTLS_PLATFORM_GMTIME_R_ALT)
+    "MBEDTLS_PLATFORM_GMTIME_R_ALT",
+#endif /* MBEDTLS_PLATFORM_GMTIME_R_ALT */
+#if defined(MBEDTLS_PLATFORM_ZEROIZE_ALT)
+    "MBEDTLS_PLATFORM_ZEROIZE_ALT",
+#endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */
 #if defined(MBEDTLS_DEPRECATED_WARNING)
     "MBEDTLS_DEPRECATED_WARNING",
 #endif /* MBEDTLS_DEPRECATED_WARNING */
@@ -225,6 +219,9 @@ static const char * const features[] = {
 #if defined(MBEDTLS_ECP_INTERNAL_ALT)
     "MBEDTLS_ECP_INTERNAL_ALT",
 #endif /* MBEDTLS_ECP_INTERNAL_ALT */
+#if defined(MBEDTLS_ECP_NO_FALLBACK)
+    "MBEDTLS_ECP_NO_FALLBACK",
+#endif /* MBEDTLS_ECP_NO_FALLBACK */
 #if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT)
     "MBEDTLS_ECP_RANDOMIZE_JAC_ALT",
 #endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */
@@ -264,6 +261,9 @@ static const char * const features[] = {
 #if defined(MBEDTLS_CAMELLIA_SMALL_MEMORY)
     "MBEDTLS_CAMELLIA_SMALL_MEMORY",
 #endif /* MBEDTLS_CAMELLIA_SMALL_MEMORY */
+#if defined(MBEDTLS_CHECK_RETURN_WARNING)
+    "MBEDTLS_CHECK_RETURN_WARNING",
+#endif /* MBEDTLS_CHECK_RETURN_WARNING */
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
     "MBEDTLS_CIPHER_MODE_CBC",
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
@@ -306,6 +306,9 @@ static const char * const features[] = {
 #if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES)
     "MBEDTLS_REMOVE_3DES_CIPHERSUITES",
 #endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+    "MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED",
+#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */
 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
     "MBEDTLS_ECP_DP_SECP192R1_ENABLED",
 #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
@@ -435,9 +438,18 @@ static const char * const features[] = {
 #if defined(MBEDTLS_PKCS1_V21)
     "MBEDTLS_PKCS1_V21",
 #endif /* MBEDTLS_PKCS1_V21 */
+#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
+    "MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS",
+#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
+    "MBEDTLS_PSA_CRYPTO_CLIENT",
+#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
 #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
     "MBEDTLS_PSA_CRYPTO_DRIVERS",
 #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+    "MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG",
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
 #if defined(MBEDTLS_PSA_CRYPTO_SPM)
     "MBEDTLS_PSA_CRYPTO_SPM",
 #endif /* MBEDTLS_PSA_CRYPTO_SPM */
@@ -561,6 +573,9 @@ static const char * const features[] = {
 #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
     "MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH",
 #endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */
+#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE)
+    "MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE",
+#endif /* MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE */
 #if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN)
     "MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN",
 #endif /* MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN */
@@ -835,23 +850,25 @@ static const char * const features[] = {
     NULL
 };
 
-int mbedtls_version_check_feature( const char *feature )
+int mbedtls_version_check_feature(const char *feature)
 {
     const char * const *idx = features;
 
-    if( *idx == NULL )
-        return( -2 );
+    if (*idx == NULL) {
+        return -2;
+    }
 
-    if( feature == NULL )
-        return( -1 );
+    if (feature == NULL) {
+        return -1;
+    }
 
-    while( *idx != NULL )
-    {
-        if( !strcmp( *idx, feature ) )
-            return( 0 );
+    while (*idx != NULL) {
+        if (!strcmp(*idx, feature)) {
+            return 0;
+        }
         idx++;
     }
-    return( -1 );
+    return -1;
 }
 
 #endif /* MBEDTLS_VERSION_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/x509.c b/3rdparty/mbedtls-2.28.7/library/x509.c
new file mode 100644
index 0000000..4233e53
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/x509.c
@@ -0,0 +1,1140 @@
+/*
+ *  X.509 common functions for parsing and verification
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  The ITU-T X.509 standard defines a certificate format for PKI.
+ *
+ *  http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs)
+ *  http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs)
+ *  http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10)
+ *
+ *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
+ *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_X509_USE_C)
+
+#include "mbedtls/x509.h"
+#include "mbedtls/asn1.h"
+#include "mbedtls/error.h"
+#include "mbedtls/oid.h"
+
+#include <stdio.h>
+#include <string.h>
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+#include "mbedtls/pem.h"
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_HAVE_TIME)
+#include "mbedtls/platform_time.h"
+#endif
+#if defined(MBEDTLS_HAVE_TIME_DATE)
+#include "mbedtls/platform_util.h"
+#include <time.h>
+#endif
+
+#define CHECK(code)                                     \
+    do {                                                \
+        if ((ret = (code)) != 0) {                      \
+            return ret;                                 \
+        }                                               \
+    } while (0)
+
+#define CHECK_RANGE(min, max, val)                      \
+    do {                                                \
+        if ((val) < (min) || (val) > (max)) {           \
+            return ret;                                 \
+        }                                               \
+    } while (0)
+
+/*
+ *  CertificateSerialNumber  ::=  INTEGER
+ */
+int mbedtls_x509_get_serial(unsigned char **p, const unsigned char *end,
+                            mbedtls_x509_buf *serial)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if ((end - *p) < 1) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SERIAL,
+                                 MBEDTLS_ERR_ASN1_OUT_OF_DATA);
+    }
+
+    if (**p != (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_PRIMITIVE | 2) &&
+        **p !=   MBEDTLS_ASN1_INTEGER) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SERIAL,
+                                 MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
+    }
+
+    serial->tag = *(*p)++;
+
+    if ((ret = mbedtls_asn1_get_len(p, end, &serial->len)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SERIAL, ret);
+    }
+
+    serial->p = *p;
+    *p += serial->len;
+
+    return 0;
+}
+
+/* Get an algorithm identifier without parameters (eg for signatures)
+ *
+ *  AlgorithmIdentifier  ::=  SEQUENCE  {
+ *       algorithm               OBJECT IDENTIFIER,
+ *       parameters              ANY DEFINED BY algorithm OPTIONAL  }
+ */
+int mbedtls_x509_get_alg_null(unsigned char **p, const unsigned char *end,
+                              mbedtls_x509_buf *alg)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if ((ret = mbedtls_asn1_get_alg_null(p, end, alg)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret);
+    }
+
+    return 0;
+}
+
+/*
+ * Parse an algorithm identifier with (optional) parameters
+ */
+int mbedtls_x509_get_alg(unsigned char **p, const unsigned char *end,
+                         mbedtls_x509_buf *alg, mbedtls_x509_buf *params)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if ((ret = mbedtls_asn1_get_alg(p, end, alg, params)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret);
+    }
+
+    return 0;
+}
+
+#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
+/*
+ * HashAlgorithm ::= AlgorithmIdentifier
+ *
+ * AlgorithmIdentifier  ::=  SEQUENCE  {
+ *      algorithm               OBJECT IDENTIFIER,
+ *      parameters              ANY DEFINED BY algorithm OPTIONAL  }
+ *
+ * For HashAlgorithm, parameters MUST be NULL or absent.
+ */
+static int x509_get_hash_alg(const mbedtls_x509_buf *alg, mbedtls_md_type_t *md_alg)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *p;
+    const unsigned char *end;
+    mbedtls_x509_buf md_oid;
+    size_t len;
+
+    /* Make sure we got a SEQUENCE and setup bounds */
+    if (alg->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG,
+                                 MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
+    }
+
+    p = alg->p;
+    end = p + alg->len;
+
+    if (p >= end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG,
+                                 MBEDTLS_ERR_ASN1_OUT_OF_DATA);
+    }
+
+    /* Parse md_oid */
+    md_oid.tag = *p;
+
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &md_oid.len, MBEDTLS_ASN1_OID)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret);
+    }
+
+    md_oid.p = p;
+    p += md_oid.len;
+
+    /* Get md_alg from md_oid */
+    if ((ret = mbedtls_oid_get_md_alg(&md_oid, md_alg)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret);
+    }
+
+    /* Make sure params is absent of NULL */
+    if (p == end) {
+        return 0;
+    }
+
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_NULL)) != 0 || len != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret);
+    }
+
+    if (p != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    return 0;
+}
+
+/*
+ *    RSASSA-PSS-params  ::=  SEQUENCE  {
+ *       hashAlgorithm     [0] HashAlgorithm DEFAULT sha1Identifier,
+ *       maskGenAlgorithm  [1] MaskGenAlgorithm DEFAULT mgf1SHA1Identifier,
+ *       saltLength        [2] INTEGER DEFAULT 20,
+ *       trailerField      [3] INTEGER DEFAULT 1  }
+ *    -- Note that the tags in this Sequence are explicit.
+ *
+ * RFC 4055 (which defines use of RSASSA-PSS in PKIX) states that the value
+ * of trailerField MUST be 1, and PKCS#1 v2.2 doesn't even define any other
+ * option. Enforce this at parsing time.
+ */
+int mbedtls_x509_get_rsassa_pss_params(const mbedtls_x509_buf *params,
+                                       mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md,
+                                       int *salt_len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *p;
+    const unsigned char *end, *end2;
+    size_t len;
+    mbedtls_x509_buf alg_id, alg_params;
+
+    /* First set everything to defaults */
+    *md_alg = MBEDTLS_MD_SHA1;
+    *mgf_md = MBEDTLS_MD_SHA1;
+    *salt_len = 20;
+
+    /* Make sure params is a SEQUENCE and setup bounds */
+    if (params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG,
+                                 MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
+    }
+
+    p = (unsigned char *) params->p;
+    end = p + params->len;
+
+    if (p == end) {
+        return 0;
+    }
+
+    /*
+     * HashAlgorithm
+     */
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED |
+                                    0)) == 0) {
+        end2 = p + len;
+
+        /* HashAlgorithm ::= AlgorithmIdentifier (without parameters) */
+        if ((ret = mbedtls_x509_get_alg_null(&p, end2, &alg_id)) != 0) {
+            return ret;
+        }
+
+        if ((ret = mbedtls_oid_get_md_alg(&alg_id, md_alg)) != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret);
+        }
+
+        if (p != end2) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG,
+                                     MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+        }
+    } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret);
+    }
+
+    if (p == end) {
+        return 0;
+    }
+
+    /*
+     * MaskGenAlgorithm
+     */
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED |
+                                    1)) == 0) {
+        end2 = p + len;
+
+        /* MaskGenAlgorithm ::= AlgorithmIdentifier (params = HashAlgorithm) */
+        if ((ret = mbedtls_x509_get_alg(&p, end2, &alg_id, &alg_params)) != 0) {
+            return ret;
+        }
+
+        /* Only MFG1 is recognised for now */
+        if (MBEDTLS_OID_CMP(MBEDTLS_OID_MGF1, &alg_id) != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE,
+                                     MBEDTLS_ERR_OID_NOT_FOUND);
+        }
+
+        /* Parse HashAlgorithm */
+        if ((ret = x509_get_hash_alg(&alg_params, mgf_md)) != 0) {
+            return ret;
+        }
+
+        if (p != end2) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG,
+                                     MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+        }
+    } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret);
+    }
+
+    if (p == end) {
+        return 0;
+    }
+
+    /*
+     * salt_len
+     */
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED |
+                                    2)) == 0) {
+        end2 = p + len;
+
+        if ((ret = mbedtls_asn1_get_int(&p, end2, salt_len)) != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret);
+        }
+
+        if (p != end2) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG,
+                                     MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+        }
+    } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret);
+    }
+
+    if (p == end) {
+        return 0;
+    }
+
+    /*
+     * trailer_field (if present, must be 1)
+     */
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED |
+                                    3)) == 0) {
+        int trailer_field;
+
+        end2 = p + len;
+
+        if ((ret = mbedtls_asn1_get_int(&p, end2, &trailer_field)) != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret);
+        }
+
+        if (p != end2) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG,
+                                     MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+        }
+
+        if (trailer_field != 1) {
+            return MBEDTLS_ERR_X509_INVALID_ALG;
+        }
+    } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret);
+    }
+
+    if (p != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
+
+/*
+ *  AttributeTypeAndValue ::= SEQUENCE {
+ *    type     AttributeType,
+ *    value    AttributeValue }
+ *
+ *  AttributeType ::= OBJECT IDENTIFIER
+ *
+ *  AttributeValue ::= ANY DEFINED BY AttributeType
+ */
+static int x509_get_attr_type_value(unsigned char **p,
+                                    const unsigned char *end,
+                                    mbedtls_x509_name *cur)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+    mbedtls_x509_buf *oid;
+    mbedtls_x509_buf *val;
+
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, ret);
+    }
+
+    end = *p + len;
+
+    if ((end - *p) < 1) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME,
+                                 MBEDTLS_ERR_ASN1_OUT_OF_DATA);
+    }
+
+    oid = &cur->oid;
+    oid->tag = **p;
+
+    if ((ret = mbedtls_asn1_get_tag(p, end, &oid->len, MBEDTLS_ASN1_OID)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, ret);
+    }
+
+    oid->p = *p;
+    *p += oid->len;
+
+    if ((end - *p) < 1) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME,
+                                 MBEDTLS_ERR_ASN1_OUT_OF_DATA);
+    }
+
+    if (**p != MBEDTLS_ASN1_BMP_STRING && **p != MBEDTLS_ASN1_UTF8_STRING      &&
+        **p != MBEDTLS_ASN1_T61_STRING && **p != MBEDTLS_ASN1_PRINTABLE_STRING &&
+        **p != MBEDTLS_ASN1_IA5_STRING && **p != MBEDTLS_ASN1_UNIVERSAL_STRING &&
+        **p != MBEDTLS_ASN1_BIT_STRING) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME,
+                                 MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
+    }
+
+    val = &cur->val;
+    val->tag = *(*p)++;
+
+    if ((ret = mbedtls_asn1_get_len(p, end, &val->len)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, ret);
+    }
+
+    val->p = *p;
+    *p += val->len;
+
+    if (*p != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    cur->next = NULL;
+
+    return 0;
+}
+
+/*
+ *  Name ::= CHOICE { -- only one possibility for now --
+ *       rdnSequence  RDNSequence }
+ *
+ *  RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
+ *
+ *  RelativeDistinguishedName ::=
+ *    SET OF AttributeTypeAndValue
+ *
+ *  AttributeTypeAndValue ::= SEQUENCE {
+ *    type     AttributeType,
+ *    value    AttributeValue }
+ *
+ *  AttributeType ::= OBJECT IDENTIFIER
+ *
+ *  AttributeValue ::= ANY DEFINED BY AttributeType
+ *
+ * The data structure is optimized for the common case where each RDN has only
+ * one element, which is represented as a list of AttributeTypeAndValue.
+ * For the general case we still use a flat list, but we mark elements of the
+ * same set so that they are "merged" together in the functions that consume
+ * this list, eg mbedtls_x509_dn_gets().
+ *
+ * On success, this function may allocate a linked list starting at cur->next
+ * that must later be free'd by the caller using mbedtls_free(). In error
+ * cases, this function frees all allocated memory internally and the caller
+ * has no freeing responsibilities.
+ */
+int mbedtls_x509_get_name(unsigned char **p, const unsigned char *end,
+                          mbedtls_x509_name *cur)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t set_len;
+    const unsigned char *end_set;
+    mbedtls_x509_name *head = cur;
+    mbedtls_x509_name *prev, *allocated;
+
+    /* don't use recursion, we'd risk stack overflow if not optimized */
+    while (1) {
+        /*
+         * parse SET
+         */
+        if ((ret = mbedtls_asn1_get_tag(p, end, &set_len,
+                                        MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET)) != 0) {
+            ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, ret);
+            goto error;
+        }
+
+        end_set  = *p + set_len;
+
+        while (1) {
+            if ((ret = x509_get_attr_type_value(p, end_set, cur)) != 0) {
+                goto error;
+            }
+
+            if (*p == end_set) {
+                break;
+            }
+
+            /* Mark this item as being no the only one in a set */
+            cur->next_merged = 1;
+
+            cur->next = mbedtls_calloc(1, sizeof(mbedtls_x509_name));
+
+            if (cur->next == NULL) {
+                ret = MBEDTLS_ERR_X509_ALLOC_FAILED;
+                goto error;
+            }
+
+            cur = cur->next;
+        }
+
+        /*
+         * continue until end of SEQUENCE is reached
+         */
+        if (*p == end) {
+            return 0;
+        }
+
+        cur->next = mbedtls_calloc(1, sizeof(mbedtls_x509_name));
+
+        if (cur->next == NULL) {
+            ret = MBEDTLS_ERR_X509_ALLOC_FAILED;
+            goto error;
+        }
+
+        cur = cur->next;
+    }
+
+error:
+    /* Skip the first element as we did not allocate it */
+    allocated = head->next;
+
+    while (allocated != NULL) {
+        prev = allocated;
+        allocated = allocated->next;
+
+        mbedtls_platform_zeroize(prev, sizeof(*prev));
+        mbedtls_free(prev);
+    }
+
+    mbedtls_platform_zeroize(head, sizeof(*head));
+
+    return ret;
+}
+
+static int x509_parse_int(unsigned char **p, size_t n, int *res)
+{
+    *res = 0;
+
+    for (; n > 0; --n) {
+        if ((**p < '0') || (**p > '9')) {
+            return MBEDTLS_ERR_X509_INVALID_DATE;
+        }
+
+        *res *= 10;
+        *res += (*(*p)++ - '0');
+    }
+
+    return 0;
+}
+
+static int x509_date_is_valid(const mbedtls_x509_time *t)
+{
+    int ret = MBEDTLS_ERR_X509_INVALID_DATE;
+    int month_len;
+
+    CHECK_RANGE(0, 9999, t->year);
+    CHECK_RANGE(0, 23,   t->hour);
+    CHECK_RANGE(0, 59,   t->min);
+    CHECK_RANGE(0, 59,   t->sec);
+
+    switch (t->mon) {
+        case 1: case 3: case 5: case 7: case 8: case 10: case 12:
+            month_len = 31;
+            break;
+        case 4: case 6: case 9: case 11:
+            month_len = 30;
+            break;
+        case 2:
+            if ((!(t->year % 4) && t->year % 100) ||
+                !(t->year % 400)) {
+                month_len = 29;
+            } else {
+                month_len = 28;
+            }
+            break;
+        default:
+            return ret;
+    }
+    CHECK_RANGE(1, month_len, t->day);
+
+    return 0;
+}
+
+/*
+ * Parse an ASN1_UTC_TIME (yearlen=2) or ASN1_GENERALIZED_TIME (yearlen=4)
+ * field.
+ */
+static int x509_parse_time(unsigned char **p, size_t len, size_t yearlen,
+                           mbedtls_x509_time *tm)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    /*
+     * Minimum length is 10 or 12 depending on yearlen
+     */
+    if (len < yearlen + 8) {
+        return MBEDTLS_ERR_X509_INVALID_DATE;
+    }
+    len -= yearlen + 8;
+
+    /*
+     * Parse year, month, day, hour, minute
+     */
+    CHECK(x509_parse_int(p, yearlen, &tm->year));
+    if (2 == yearlen) {
+        if (tm->year < 50) {
+            tm->year += 100;
+        }
+
+        tm->year += 1900;
+    }
+
+    CHECK(x509_parse_int(p, 2, &tm->mon));
+    CHECK(x509_parse_int(p, 2, &tm->day));
+    CHECK(x509_parse_int(p, 2, &tm->hour));
+    CHECK(x509_parse_int(p, 2, &tm->min));
+
+    /*
+     * Parse seconds if present
+     */
+    if (len >= 2) {
+        CHECK(x509_parse_int(p, 2, &tm->sec));
+        len -= 2;
+    } else {
+        return MBEDTLS_ERR_X509_INVALID_DATE;
+    }
+
+    /*
+     * Parse trailing 'Z' if present
+     */
+    if (1 == len && 'Z' == **p) {
+        (*p)++;
+        len--;
+    }
+
+    /*
+     * We should have parsed all characters at this point
+     */
+    if (0 != len) {
+        return MBEDTLS_ERR_X509_INVALID_DATE;
+    }
+
+    CHECK(x509_date_is_valid(tm));
+
+    return 0;
+}
+
+/*
+ *  Time ::= CHOICE {
+ *       utcTime        UTCTime,
+ *       generalTime    GeneralizedTime }
+ */
+int mbedtls_x509_get_time(unsigned char **p, const unsigned char *end,
+                          mbedtls_x509_time *tm)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len, year_len;
+    unsigned char tag;
+
+    if ((end - *p) < 1) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE,
+                                 MBEDTLS_ERR_ASN1_OUT_OF_DATA);
+    }
+
+    tag = **p;
+
+    if (tag == MBEDTLS_ASN1_UTC_TIME) {
+        year_len = 2;
+    } else if (tag == MBEDTLS_ASN1_GENERALIZED_TIME) {
+        year_len = 4;
+    } else {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE,
+                                 MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
+    }
+
+    (*p)++;
+    ret = mbedtls_asn1_get_len(p, end, &len);
+
+    if (ret != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, ret);
+    }
+
+    return x509_parse_time(p, len, year_len, tm);
+}
+
+int mbedtls_x509_get_sig(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+    int tag_type;
+
+    if ((end - *p) < 1) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE,
+                                 MBEDTLS_ERR_ASN1_OUT_OF_DATA);
+    }
+
+    tag_type = **p;
+
+    if ((ret = mbedtls_asn1_get_bitstring_null(p, end, &len)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, ret);
+    }
+
+    sig->tag = tag_type;
+    sig->len = len;
+    sig->p = *p;
+
+    *p += len;
+
+    return 0;
+}
+
+/*
+ * Get signature algorithm from alg OID and optional parameters
+ */
+int mbedtls_x509_get_sig_alg(const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
+                             mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg,
+                             void **sig_opts)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if (*sig_opts != NULL) {
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+
+    if ((ret = mbedtls_oid_get_sig_alg(sig_oid, md_alg, pk_alg)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG, ret);
+    }
+
+#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
+    if (*pk_alg == MBEDTLS_PK_RSASSA_PSS) {
+        mbedtls_pk_rsassa_pss_options *pss_opts;
+
+        pss_opts = mbedtls_calloc(1, sizeof(mbedtls_pk_rsassa_pss_options));
+        if (pss_opts == NULL) {
+            return MBEDTLS_ERR_X509_ALLOC_FAILED;
+        }
+
+        ret = mbedtls_x509_get_rsassa_pss_params(sig_params,
+                                                 md_alg,
+                                                 &pss_opts->mgf1_hash_id,
+                                                 &pss_opts->expected_salt_len);
+        if (ret != 0) {
+            mbedtls_free(pss_opts);
+            return ret;
+        }
+
+        *sig_opts = (void *) pss_opts;
+    } else
+#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
+    {
+        /* Make sure parameters are absent or NULL */
+        if ((sig_params->tag != MBEDTLS_ASN1_NULL && sig_params->tag != 0) ||
+            sig_params->len != 0) {
+            return MBEDTLS_ERR_X509_INVALID_ALG;
+        }
+    }
+
+    return 0;
+}
+
+/*
+ * X.509 Extensions (No parsing of extensions, pointer should
+ * be either manually updated or extensions should be parsed!)
+ */
+int mbedtls_x509_get_ext(unsigned char **p, const unsigned char *end,
+                         mbedtls_x509_buf *ext, int tag)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+
+    /* Extension structure use EXPLICIT tagging. That is, the actual
+     * `Extensions` structure is wrapped by a tag-length pair using
+     * the respective context-specific tag. */
+    ret = mbedtls_asn1_get_tag(p, end, &ext->len,
+                               MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag);
+    if (ret != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+    }
+
+    ext->tag = MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag;
+    ext->p   = *p;
+    end      = *p + ext->len;
+
+    /*
+     * Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
+     */
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+    }
+
+    if (end != *p + len) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    return 0;
+}
+
+/*
+ * Store the name in printable form into buf; no more
+ * than size characters will be written
+ */
+int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t i, j, n;
+    unsigned char c, merge = 0;
+    const mbedtls_x509_name *name;
+    const char *short_name = NULL;
+    char s[MBEDTLS_X509_MAX_DN_NAME_SIZE], *p;
+
+    memset(s, 0, sizeof(s));
+
+    name = dn;
+    p = buf;
+    n = size;
+
+    while (name != NULL) {
+        if (!name->oid.p) {
+            name = name->next;
+            continue;
+        }
+
+        if (name != dn) {
+            ret = mbedtls_snprintf(p, n, merge ? " + " : ", ");
+            MBEDTLS_X509_SAFE_SNPRINTF;
+        }
+
+        ret = mbedtls_oid_get_attr_short_name(&name->oid, &short_name);
+
+        if (ret == 0) {
+            ret = mbedtls_snprintf(p, n, "%s=", short_name);
+        } else {
+            ret = mbedtls_snprintf(p, n, "\?\?=");
+        }
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        for (i = 0, j = 0; i < name->val.len; i++, j++) {
+            if (j >= sizeof(s) - 1) {
+                return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
+            }
+
+            c = name->val.p[i];
+            // Special characters requiring escaping, RFC 1779
+            if (c && strchr(",=+<>#;\"\\", c)) {
+                if (j + 1 >= sizeof(s) - 1) {
+                    return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
+                }
+                s[j++] = '\\';
+            }
+            if (c < 32 || c >= 127) {
+                s[j] = '?';
+            } else {
+                s[j] = c;
+            }
+        }
+        s[j] = '\0';
+        ret = mbedtls_snprintf(p, n, "%s", s);
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        merge = name->next_merged;
+        name = name->next;
+    }
+
+    return (int) (size - n);
+}
+
+/*
+ * Store the serial in printable form into buf; no more
+ * than size characters will be written
+ */
+int mbedtls_x509_serial_gets(char *buf, size_t size, const mbedtls_x509_buf *serial)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t i, n, nr;
+    char *p;
+
+    p = buf;
+    n = size;
+
+    nr = (serial->len <= 32)
+        ? serial->len  : 28;
+
+    for (i = 0; i < nr; i++) {
+        if (i == 0 && nr > 1 && serial->p[i] == 0x0) {
+            continue;
+        }
+
+        ret = mbedtls_snprintf(p, n, "%02X%s",
+                               serial->p[i], (i < nr - 1) ? ":" : "");
+        MBEDTLS_X509_SAFE_SNPRINTF;
+    }
+
+    if (nr != serial->len) {
+        ret = mbedtls_snprintf(p, n, "....");
+        MBEDTLS_X509_SAFE_SNPRINTF;
+    }
+
+    return (int) (size - n);
+}
+
+/*
+ * Helper for writing signature algorithms
+ */
+int mbedtls_x509_sig_alg_gets(char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
+                              mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
+                              const void *sig_opts)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    char *p = buf;
+    size_t n = size;
+    const char *desc = NULL;
+
+    ret = mbedtls_oid_get_sig_alg_desc(sig_oid, &desc);
+    if (ret != 0) {
+        ret = mbedtls_snprintf(p, n, "???");
+    } else {
+        ret = mbedtls_snprintf(p, n, "%s", desc);
+    }
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
+    if (pk_alg == MBEDTLS_PK_RSASSA_PSS) {
+        const mbedtls_pk_rsassa_pss_options *pss_opts;
+        const mbedtls_md_info_t *md_info, *mgf_md_info;
+
+        pss_opts = (const mbedtls_pk_rsassa_pss_options *) sig_opts;
+
+        md_info = mbedtls_md_info_from_type(md_alg);
+        mgf_md_info = mbedtls_md_info_from_type(pss_opts->mgf1_hash_id);
+
+        ret = mbedtls_snprintf(p, n, " (%s, MGF1-%s, 0x%02X)",
+                               md_info ? mbedtls_md_get_name(md_info) : "???",
+                               mgf_md_info ? mbedtls_md_get_name(mgf_md_info) : "???",
+                               (unsigned int) pss_opts->expected_salt_len);
+        MBEDTLS_X509_SAFE_SNPRINTF;
+    }
+#else
+    ((void) pk_alg);
+    ((void) md_alg);
+    ((void) sig_opts);
+#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
+
+    return (int) (size - n);
+}
+
+/*
+ * Helper for writing "RSA key size", "EC key size", etc
+ */
+int mbedtls_x509_key_size_helper(char *buf, size_t buf_size, const char *name)
+{
+    char *p = buf;
+    size_t n = buf_size;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    ret = mbedtls_snprintf(p, n, "%s key size", name);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    return 0;
+}
+
+#if defined(MBEDTLS_HAVE_TIME_DATE)
+/*
+ * Set the time structure to the current time.
+ * Return 0 on success, non-zero on failure.
+ */
+static int x509_get_current_time(mbedtls_x509_time *now)
+{
+    struct tm *lt, tm_buf;
+    mbedtls_time_t tt;
+    int ret = 0;
+
+    tt = mbedtls_time(NULL);
+    lt = mbedtls_platform_gmtime_r(&tt, &tm_buf);
+
+    if (lt == NULL) {
+        ret = -1;
+    } else {
+        now->year = lt->tm_year + 1900;
+        now->mon  = lt->tm_mon  + 1;
+        now->day  = lt->tm_mday;
+        now->hour = lt->tm_hour;
+        now->min  = lt->tm_min;
+        now->sec  = lt->tm_sec;
+    }
+
+    return ret;
+}
+
+/*
+ * Return 0 if before <= after, 1 otherwise
+ */
+static int x509_check_time(const mbedtls_x509_time *before, const mbedtls_x509_time *after)
+{
+    if (before->year  > after->year) {
+        return 1;
+    }
+
+    if (before->year == after->year &&
+        before->mon   > after->mon) {
+        return 1;
+    }
+
+    if (before->year == after->year &&
+        before->mon  == after->mon  &&
+        before->day   > after->day) {
+        return 1;
+    }
+
+    if (before->year == after->year &&
+        before->mon  == after->mon  &&
+        before->day  == after->day  &&
+        before->hour  > after->hour) {
+        return 1;
+    }
+
+    if (before->year == after->year &&
+        before->mon  == after->mon  &&
+        before->day  == after->day  &&
+        before->hour == after->hour &&
+        before->min   > after->min) {
+        return 1;
+    }
+
+    if (before->year == after->year &&
+        before->mon  == after->mon  &&
+        before->day  == after->day  &&
+        before->hour == after->hour &&
+        before->min  == after->min  &&
+        before->sec   > after->sec) {
+        return 1;
+    }
+
+    return 0;
+}
+
+int mbedtls_x509_time_is_past(const mbedtls_x509_time *to)
+{
+    mbedtls_x509_time now;
+
+    if (x509_get_current_time(&now) != 0) {
+        return 1;
+    }
+
+    return x509_check_time(&now, to);
+}
+
+int mbedtls_x509_time_is_future(const mbedtls_x509_time *from)
+{
+    mbedtls_x509_time now;
+
+    if (x509_get_current_time(&now) != 0) {
+        return 1;
+    }
+
+    return x509_check_time(from, &now);
+}
+
+#else  /* MBEDTLS_HAVE_TIME_DATE */
+
+int mbedtls_x509_time_is_past(const mbedtls_x509_time *to)
+{
+    ((void) to);
+    return 0;
+}
+
+int mbedtls_x509_time_is_future(const mbedtls_x509_time *from)
+{
+    ((void) from);
+    return 0;
+}
+#endif /* MBEDTLS_HAVE_TIME_DATE */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+#include "mbedtls/x509_crt.h"
+#include "mbedtls/certs.h"
+
+/*
+ * Checkup routine
+ */
+int mbedtls_x509_self_test(int verbose)
+{
+    int ret = 0;
+#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_SHA256_C)
+    uint32_t flags;
+    mbedtls_x509_crt cacert;
+    mbedtls_x509_crt clicert;
+
+    if (verbose != 0) {
+        mbedtls_printf("  X.509 certificate load: ");
+    }
+
+    mbedtls_x509_crt_init(&cacert);
+    mbedtls_x509_crt_init(&clicert);
+
+    ret = mbedtls_x509_crt_parse(&clicert, (const unsigned char *) mbedtls_test_cli_crt,
+                                 mbedtls_test_cli_crt_len);
+    if (ret != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
+
+        goto cleanup;
+    }
+
+    ret = mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_ca_crt,
+                                 mbedtls_test_ca_crt_len);
+    if (ret != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
+
+        goto cleanup;
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n  X.509 signature verify: ");
+    }
+
+    ret = mbedtls_x509_crt_verify(&clicert, &cacert, NULL, NULL, &flags, NULL, NULL);
+    if (ret != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
+
+        goto cleanup;
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("passed\n\n");
+    }
+
+cleanup:
+    mbedtls_x509_crt_free(&cacert);
+    mbedtls_x509_crt_free(&clicert);
+#else
+    ((void) verbose);
+#endif /* MBEDTLS_CERTS_C && MBEDTLS_SHA256_C */
+    return ret;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_X509_USE_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/x509_create.c b/3rdparty/mbedtls-2.28.7/library/x509_create.c
new file mode 100644
index 0000000..4ffd3b6
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/x509_create.c
@@ -0,0 +1,376 @@
+/*
+ *  X.509 base functions for creating certificates / CSRs
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_X509_CREATE_C)
+
+#include "mbedtls/x509.h"
+#include "mbedtls/asn1write.h"
+#include "mbedtls/error.h"
+#include "mbedtls/oid.h"
+
+#include <string.h>
+
+/* Structure linking OIDs for X.509 DN AttributeTypes to their
+ * string representations and default string encodings used by Mbed TLS. */
+typedef struct {
+    const char *name; /* String representation of AttributeType, e.g.
+                       * "CN" or "emailAddress". */
+    size_t name_len; /* Length of 'name', without trailing 0 byte. */
+    const char *oid; /* String representation of OID of AttributeType,
+                      * as per RFC 5280, Appendix A.1. */
+    int default_tag; /* The default character encoding used for the
+                      * given attribute type, e.g.
+                      * MBEDTLS_ASN1_UTF8_STRING for UTF-8. */
+} x509_attr_descriptor_t;
+
+#define ADD_STRLEN(s)     s, sizeof(s) - 1
+
+/* X.509 DN attributes from RFC 5280, Appendix A.1. */
+static const x509_attr_descriptor_t x509_attrs[] =
+{
+    { ADD_STRLEN("CN"),
+      MBEDTLS_OID_AT_CN, MBEDTLS_ASN1_UTF8_STRING },
+    { ADD_STRLEN("commonName"),
+      MBEDTLS_OID_AT_CN, MBEDTLS_ASN1_UTF8_STRING },
+    { ADD_STRLEN("C"),
+      MBEDTLS_OID_AT_COUNTRY, MBEDTLS_ASN1_PRINTABLE_STRING },
+    { ADD_STRLEN("countryName"),
+      MBEDTLS_OID_AT_COUNTRY, MBEDTLS_ASN1_PRINTABLE_STRING },
+    { ADD_STRLEN("O"),
+      MBEDTLS_OID_AT_ORGANIZATION, MBEDTLS_ASN1_UTF8_STRING },
+    { ADD_STRLEN("organizationName"),
+      MBEDTLS_OID_AT_ORGANIZATION, MBEDTLS_ASN1_UTF8_STRING },
+    { ADD_STRLEN("L"),
+      MBEDTLS_OID_AT_LOCALITY, MBEDTLS_ASN1_UTF8_STRING },
+    { ADD_STRLEN("locality"),
+      MBEDTLS_OID_AT_LOCALITY, MBEDTLS_ASN1_UTF8_STRING },
+    { ADD_STRLEN("R"),
+      MBEDTLS_OID_PKCS9_EMAIL, MBEDTLS_ASN1_IA5_STRING },
+    { ADD_STRLEN("OU"),
+      MBEDTLS_OID_AT_ORG_UNIT, MBEDTLS_ASN1_UTF8_STRING },
+    { ADD_STRLEN("organizationalUnitName"),
+      MBEDTLS_OID_AT_ORG_UNIT, MBEDTLS_ASN1_UTF8_STRING },
+    { ADD_STRLEN("ST"),
+      MBEDTLS_OID_AT_STATE, MBEDTLS_ASN1_UTF8_STRING },
+    { ADD_STRLEN("stateOrProvinceName"),
+      MBEDTLS_OID_AT_STATE, MBEDTLS_ASN1_UTF8_STRING },
+    { ADD_STRLEN("emailAddress"),
+      MBEDTLS_OID_PKCS9_EMAIL, MBEDTLS_ASN1_IA5_STRING },
+    { ADD_STRLEN("serialNumber"),
+      MBEDTLS_OID_AT_SERIAL_NUMBER, MBEDTLS_ASN1_PRINTABLE_STRING },
+    { ADD_STRLEN("postalAddress"),
+      MBEDTLS_OID_AT_POSTAL_ADDRESS, MBEDTLS_ASN1_PRINTABLE_STRING },
+    { ADD_STRLEN("postalCode"),
+      MBEDTLS_OID_AT_POSTAL_CODE, MBEDTLS_ASN1_PRINTABLE_STRING },
+    { ADD_STRLEN("dnQualifier"),
+      MBEDTLS_OID_AT_DN_QUALIFIER, MBEDTLS_ASN1_PRINTABLE_STRING },
+    { ADD_STRLEN("title"),
+      MBEDTLS_OID_AT_TITLE, MBEDTLS_ASN1_UTF8_STRING },
+    { ADD_STRLEN("surName"),
+      MBEDTLS_OID_AT_SUR_NAME, MBEDTLS_ASN1_UTF8_STRING },
+    { ADD_STRLEN("SN"),
+      MBEDTLS_OID_AT_SUR_NAME, MBEDTLS_ASN1_UTF8_STRING },
+    { ADD_STRLEN("givenName"),
+      MBEDTLS_OID_AT_GIVEN_NAME, MBEDTLS_ASN1_UTF8_STRING },
+    { ADD_STRLEN("GN"),
+      MBEDTLS_OID_AT_GIVEN_NAME, MBEDTLS_ASN1_UTF8_STRING },
+    { ADD_STRLEN("initials"),
+      MBEDTLS_OID_AT_INITIALS, MBEDTLS_ASN1_UTF8_STRING },
+    { ADD_STRLEN("pseudonym"),
+      MBEDTLS_OID_AT_PSEUDONYM, MBEDTLS_ASN1_UTF8_STRING },
+    { ADD_STRLEN("generationQualifier"),
+      MBEDTLS_OID_AT_GENERATION_QUALIFIER, MBEDTLS_ASN1_UTF8_STRING },
+    { ADD_STRLEN("domainComponent"),
+      MBEDTLS_OID_DOMAIN_COMPONENT, MBEDTLS_ASN1_IA5_STRING },
+    { ADD_STRLEN("DC"),
+      MBEDTLS_OID_DOMAIN_COMPONENT,   MBEDTLS_ASN1_IA5_STRING },
+    { NULL, 0, NULL, MBEDTLS_ASN1_NULL }
+};
+
+static const x509_attr_descriptor_t *x509_attr_descr_from_name(const char *name, size_t name_len)
+{
+    const x509_attr_descriptor_t *cur;
+
+    for (cur = x509_attrs; cur->name != NULL; cur++) {
+        if (cur->name_len == name_len &&
+            strncmp(cur->name, name, name_len) == 0) {
+            break;
+        }
+    }
+
+    if (cur->name == NULL) {
+        return NULL;
+    }
+
+    return cur;
+}
+
+int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name)
+{
+    int ret = MBEDTLS_ERR_X509_INVALID_NAME;
+    const char *s = name, *c = s;
+    const char *end = s + strlen(s);
+    const char *oid = NULL;
+    const x509_attr_descriptor_t *attr_descr = NULL;
+    int in_tag = 1;
+    char data[MBEDTLS_X509_MAX_DN_NAME_SIZE];
+    char *d = data;
+
+    /* Clear existing chain if present */
+    mbedtls_asn1_free_named_data_list(head);
+
+    while (c <= end) {
+        if (in_tag && *c == '=') {
+            if ((attr_descr = x509_attr_descr_from_name(s, c - s)) == NULL) {
+                ret = MBEDTLS_ERR_X509_UNKNOWN_OID;
+                goto exit;
+            }
+
+            oid = attr_descr->oid;
+            s = c + 1;
+            in_tag = 0;
+            d = data;
+        }
+
+        if (!in_tag && *c == '\\' && c != end) {
+            c++;
+
+            /* Check for valid escaped characters */
+            if (c == end || *c != ',') {
+                ret = MBEDTLS_ERR_X509_INVALID_NAME;
+                goto exit;
+            }
+        } else if (!in_tag && (*c == ',' || c == end)) {
+            mbedtls_asn1_named_data *cur =
+                mbedtls_asn1_store_named_data(head, oid, strlen(oid),
+                                              (unsigned char *) data,
+                                              d - data);
+
+            if (cur == NULL) {
+                return MBEDTLS_ERR_X509_ALLOC_FAILED;
+            }
+
+            // set tagType
+            cur->val.tag = attr_descr->default_tag;
+
+            while (c < end && *(c + 1) == ' ') {
+                c++;
+            }
+
+            s = c + 1;
+            in_tag = 1;
+
+            /* Successfully parsed one name, update ret to success */
+            ret = 0;
+        }
+
+        if (!in_tag && s != c + 1) {
+            *(d++) = *c;
+
+            if (d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE) {
+                ret = MBEDTLS_ERR_X509_INVALID_NAME;
+                goto exit;
+            }
+        }
+
+        c++;
+    }
+
+exit:
+
+    return ret;
+}
+
+/* The first byte of the value in the mbedtls_asn1_named_data structure is reserved
+ * to store the critical boolean for us
+ */
+int mbedtls_x509_set_extension(mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,
+                               int critical, const unsigned char *val, size_t val_len)
+{
+    mbedtls_asn1_named_data *cur;
+
+    if (val_len > (SIZE_MAX  - 1)) {
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+
+    if ((cur = mbedtls_asn1_store_named_data(head, oid, oid_len,
+                                             NULL, val_len + 1)) == NULL) {
+        return MBEDTLS_ERR_X509_ALLOC_FAILED;
+    }
+
+    cur->val.p[0] = critical;
+    memcpy(cur->val.p + 1, val, val_len);
+
+    return 0;
+}
+
+/*
+ *  RelativeDistinguishedName ::=
+ *    SET OF AttributeTypeAndValue
+ *
+ *  AttributeTypeAndValue ::= SEQUENCE {
+ *    type     AttributeType,
+ *    value    AttributeValue }
+ *
+ *  AttributeType ::= OBJECT IDENTIFIER
+ *
+ *  AttributeValue ::= ANY DEFINED BY AttributeType
+ */
+static int x509_write_name(unsigned char **p,
+                           unsigned char *start,
+                           mbedtls_asn1_named_data *cur_name)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+    const char *oid             = (const char *) cur_name->oid.p;
+    size_t oid_len              = cur_name->oid.len;
+    const unsigned char *name   = cur_name->val.p;
+    size_t name_len             = cur_name->val.len;
+
+    // Write correct string tag and value
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tagged_string(p, start,
+                                                               cur_name->val.tag,
+                                                               (const char *) name,
+                                                               name_len));
+    // Write OID
+    //
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(p, start, oid,
+                                                     oid_len));
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start,
+                                                     MBEDTLS_ASN1_CONSTRUCTED |
+                                                     MBEDTLS_ASN1_SEQUENCE));
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start,
+                                                     MBEDTLS_ASN1_CONSTRUCTED |
+                                                     MBEDTLS_ASN1_SET));
+
+    return (int) len;
+}
+
+int mbedtls_x509_write_names(unsigned char **p, unsigned char *start,
+                             mbedtls_asn1_named_data *first)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+    mbedtls_asn1_named_data *cur = first;
+
+    while (cur != NULL) {
+        MBEDTLS_ASN1_CHK_ADD(len, x509_write_name(p, start, cur));
+        cur = cur->next;
+    }
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_CONSTRUCTED |
+                                                     MBEDTLS_ASN1_SEQUENCE));
+
+    return (int) len;
+}
+
+int mbedtls_x509_write_sig(unsigned char **p, unsigned char *start,
+                           const char *oid, size_t oid_len,
+                           unsigned char *sig, size_t size,
+                           mbedtls_pk_type_t pk_alg)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    int write_null_par;
+    size_t len = 0;
+
+    if (*p < start || (size_t) (*p - start) < size) {
+        return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+    }
+
+    len = size;
+    (*p) -= len;
+    memcpy(*p, sig, len);
+
+    if (*p - start < 1) {
+        return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+    }
+
+    *--(*p) = 0;
+    len += 1;
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_BIT_STRING));
+
+    // Write OID
+    //
+    if (pk_alg == MBEDTLS_PK_ECDSA) {
+        /*
+         * The AlgorithmIdentifier's parameters field must be absent for DSA/ECDSA signature
+         * algorithms, see https://www.rfc-editor.org/rfc/rfc5480#page-17 and
+         * https://www.rfc-editor.org/rfc/rfc5758#section-3.
+         */
+        write_null_par = 0;
+    } else {
+        write_null_par = 1;
+    }
+    MBEDTLS_ASN1_CHK_ADD(len,
+                         mbedtls_asn1_write_algorithm_identifier_ext(p, start, oid, oid_len,
+                                                                     0, write_null_par));
+
+    return (int) len;
+}
+
+static int x509_write_extension(unsigned char **p, unsigned char *start,
+                                mbedtls_asn1_named_data *ext)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, ext->val.p + 1,
+                                                            ext->val.len - 1));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, ext->val.len - 1));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_OCTET_STRING));
+
+    if (ext->val.p[0] != 0) {
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_bool(p, start, 1));
+    }
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, ext->oid.p,
+                                                            ext->oid.len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, ext->oid.len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_OID));
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_CONSTRUCTED |
+                                                     MBEDTLS_ASN1_SEQUENCE));
+
+    return (int) len;
+}
+
+/*
+ * Extension  ::=  SEQUENCE  {
+ *     extnID      OBJECT IDENTIFIER,
+ *     critical    BOOLEAN DEFAULT FALSE,
+ *     extnValue   OCTET STRING
+ *                 -- contains the DER encoding of an ASN.1 value
+ *                 -- corresponding to the extension type identified
+ *                 -- by extnID
+ *     }
+ */
+int mbedtls_x509_write_extensions(unsigned char **p, unsigned char *start,
+                                  mbedtls_asn1_named_data *first)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+    mbedtls_asn1_named_data *cur_ext = first;
+
+    while (cur_ext != NULL) {
+        MBEDTLS_ASN1_CHK_ADD(len, x509_write_extension(p, start, cur_ext));
+        cur_ext = cur_ext->next;
+    }
+
+    return (int) len;
+}
+
+#endif /* MBEDTLS_X509_CREATE_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/x509_crl.c b/3rdparty/mbedtls-2.28.7/library/x509_crl.c
new file mode 100644
index 0000000..f98c22d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/x509_crl.c
@@ -0,0 +1,730 @@
+/*
+ *  X.509 Certificate Revocation List (CRL) parsing
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  The ITU-T X.509 standard defines a certificate format for PKI.
+ *
+ *  http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs)
+ *  http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs)
+ *  http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10)
+ *
+ *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
+ *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
+
+#include "mbedtls/x509_crl.h"
+#include "mbedtls/error.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/platform_util.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+#include "mbedtls/pem.h"
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_HAVE_TIME)
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+#include <windows.h>
+#else
+#include <time.h>
+#endif
+#endif
+
+#if defined(MBEDTLS_FS_IO) || defined(EFIX64) || defined(EFI32)
+#include <stdio.h>
+#endif
+
+/*
+ *  Version  ::=  INTEGER  {  v1(0), v2(1)  }
+ */
+static int x509_crl_get_version(unsigned char **p,
+                                const unsigned char *end,
+                                int *ver)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if ((ret = mbedtls_asn1_get_int(p, end, ver)) != 0) {
+        if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
+            *ver = 0;
+            return 0;
+        }
+
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_VERSION, ret);
+    }
+
+    return 0;
+}
+
+/*
+ * X.509 CRL v2 extensions
+ *
+ * We currently don't parse any extension's content, but we do check that the
+ * list of extensions is well-formed and abort on critical extensions (that
+ * are unsupported as we don't support any extension so far)
+ */
+static int x509_get_crl_ext(unsigned char **p,
+                            const unsigned char *end,
+                            mbedtls_x509_buf *ext)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if (*p == end) {
+        return 0;
+    }
+
+    /*
+     * crlExtensions           [0]  EXPLICIT Extensions OPTIONAL
+     *                              -- if present, version MUST be v2
+     */
+    if ((ret = mbedtls_x509_get_ext(p, end, ext, 0)) != 0) {
+        return ret;
+    }
+
+    end = ext->p + ext->len;
+
+    while (*p < end) {
+        /*
+         * Extension  ::=  SEQUENCE  {
+         *      extnID      OBJECT IDENTIFIER,
+         *      critical    BOOLEAN DEFAULT FALSE,
+         *      extnValue   OCTET STRING  }
+         */
+        int is_critical = 0;
+        const unsigned char *end_ext_data;
+        size_t len;
+
+        /* Get enclosing sequence tag */
+        if ((ret = mbedtls_asn1_get_tag(p, end, &len,
+                                        MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+        }
+
+        end_ext_data = *p + len;
+
+        /* Get OID (currently ignored) */
+        if ((ret = mbedtls_asn1_get_tag(p, end_ext_data, &len,
+                                        MBEDTLS_ASN1_OID)) != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+        }
+        *p += len;
+
+        /* Get optional critical */
+        if ((ret = mbedtls_asn1_get_bool(p, end_ext_data,
+                                         &is_critical)) != 0 &&
+            (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+        }
+
+        /* Data should be octet string type */
+        if ((ret = mbedtls_asn1_get_tag(p, end_ext_data, &len,
+                                        MBEDTLS_ASN1_OCTET_STRING)) != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+        }
+
+        /* Ignore data so far and just check its length */
+        *p += len;
+        if (*p != end_ext_data) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                     MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+        }
+
+        /* Abort on (unsupported) critical extensions */
+        if (is_critical) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                     MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
+        }
+    }
+
+    if (*p != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    return 0;
+}
+
+/*
+ * X.509 CRL v2 entry extensions (no extensions parsed yet.)
+ */
+static int x509_get_crl_entry_ext(unsigned char **p,
+                                  const unsigned char *end,
+                                  mbedtls_x509_buf *ext)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+
+    /* OPTIONAL */
+    if (end <= *p) {
+        return 0;
+    }
+
+    ext->tag = **p;
+    ext->p = *p;
+
+    /*
+     * Get CRL-entry extension sequence header
+     * crlEntryExtensions      Extensions OPTIONAL  -- if present, MUST be v2
+     */
+    if ((ret = mbedtls_asn1_get_tag(p, end, &ext->len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
+            ext->p = NULL;
+            return 0;
+        }
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+    }
+
+    end = *p + ext->len;
+
+    if (end != *p + ext->len) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    while (*p < end) {
+        if ((ret = mbedtls_asn1_get_tag(p, end, &len,
+                                        MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+        }
+
+        *p += len;
+    }
+
+    if (*p != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    return 0;
+}
+
+/*
+ * X.509 CRL Entries
+ */
+static int x509_get_entries(unsigned char **p,
+                            const unsigned char *end,
+                            mbedtls_x509_crl_entry *entry)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t entry_len;
+    mbedtls_x509_crl_entry *cur_entry = entry;
+
+    if (*p == end) {
+        return 0;
+    }
+
+    if ((ret = mbedtls_asn1_get_tag(p, end, &entry_len,
+                                    MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED)) != 0) {
+        if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
+            return 0;
+        }
+
+        return ret;
+    }
+
+    end = *p + entry_len;
+
+    while (*p < end) {
+        size_t len2;
+        const unsigned char *end2;
+
+        cur_entry->raw.tag = **p;
+        if ((ret = mbedtls_asn1_get_tag(p, end, &len2,
+                                        MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED)) != 0) {
+            return ret;
+        }
+
+        cur_entry->raw.p = *p;
+        cur_entry->raw.len = len2;
+        end2 = *p + len2;
+
+        if ((ret = mbedtls_x509_get_serial(p, end2, &cur_entry->serial)) != 0) {
+            return ret;
+        }
+
+        if ((ret = mbedtls_x509_get_time(p, end2,
+                                         &cur_entry->revocation_date)) != 0) {
+            return ret;
+        }
+
+        if ((ret = x509_get_crl_entry_ext(p, end2,
+                                          &cur_entry->entry_ext)) != 0) {
+            return ret;
+        }
+
+        if (*p < end) {
+            cur_entry->next = mbedtls_calloc(1, sizeof(mbedtls_x509_crl_entry));
+
+            if (cur_entry->next == NULL) {
+                return MBEDTLS_ERR_X509_ALLOC_FAILED;
+            }
+
+            cur_entry = cur_entry->next;
+        }
+    }
+
+    return 0;
+}
+
+/*
+ * Parse one  CRLs in DER format and append it to the chained list
+ */
+int mbedtls_x509_crl_parse_der(mbedtls_x509_crl *chain,
+                               const unsigned char *buf, size_t buflen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+    unsigned char *p = NULL, *end = NULL;
+    mbedtls_x509_buf sig_params1, sig_params2, sig_oid2;
+    mbedtls_x509_crl *crl = chain;
+
+    /*
+     * Check for valid input
+     */
+    if (crl == NULL || buf == NULL) {
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+
+    memset(&sig_params1, 0, sizeof(mbedtls_x509_buf));
+    memset(&sig_params2, 0, sizeof(mbedtls_x509_buf));
+    memset(&sig_oid2, 0, sizeof(mbedtls_x509_buf));
+
+    /*
+     * Add new CRL on the end of the chain if needed.
+     */
+    while (crl->version != 0 && crl->next != NULL) {
+        crl = crl->next;
+    }
+
+    if (crl->version != 0 && crl->next == NULL) {
+        crl->next = mbedtls_calloc(1, sizeof(mbedtls_x509_crl));
+
+        if (crl->next == NULL) {
+            mbedtls_x509_crl_free(crl);
+            return MBEDTLS_ERR_X509_ALLOC_FAILED;
+        }
+
+        mbedtls_x509_crl_init(crl->next);
+        crl = crl->next;
+    }
+
+    /*
+     * Copy raw DER-encoded CRL
+     */
+    if (buflen == 0) {
+        return MBEDTLS_ERR_X509_INVALID_FORMAT;
+    }
+
+    p = mbedtls_calloc(1, buflen);
+    if (p == NULL) {
+        return MBEDTLS_ERR_X509_ALLOC_FAILED;
+    }
+
+    memcpy(p, buf, buflen);
+
+    crl->raw.p = p;
+    crl->raw.len = buflen;
+
+    end = p + buflen;
+
+    /*
+     * CertificateList  ::=  SEQUENCE  {
+     *      tbsCertList          TBSCertList,
+     *      signatureAlgorithm   AlgorithmIdentifier,
+     *      signatureValue       BIT STRING  }
+     */
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        mbedtls_x509_crl_free(crl);
+        return MBEDTLS_ERR_X509_INVALID_FORMAT;
+    }
+
+    if (len != (size_t) (end - p)) {
+        mbedtls_x509_crl_free(crl);
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    /*
+     * TBSCertList  ::=  SEQUENCE  {
+     */
+    crl->tbs.p = p;
+
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        mbedtls_x509_crl_free(crl);
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret);
+    }
+
+    end = p + len;
+    crl->tbs.len = end - crl->tbs.p;
+
+    /*
+     * Version  ::=  INTEGER  OPTIONAL {  v1(0), v2(1)  }
+     *               -- if present, MUST be v2
+     *
+     * signature            AlgorithmIdentifier
+     */
+    if ((ret = x509_crl_get_version(&p, end, &crl->version)) != 0 ||
+        (ret = mbedtls_x509_get_alg(&p, end, &crl->sig_oid, &sig_params1)) != 0) {
+        mbedtls_x509_crl_free(crl);
+        return ret;
+    }
+
+    if (crl->version < 0 || crl->version > 1) {
+        mbedtls_x509_crl_free(crl);
+        return MBEDTLS_ERR_X509_UNKNOWN_VERSION;
+    }
+
+    crl->version++;
+
+    if ((ret = mbedtls_x509_get_sig_alg(&crl->sig_oid, &sig_params1,
+                                        &crl->sig_md, &crl->sig_pk,
+                                        &crl->sig_opts)) != 0) {
+        mbedtls_x509_crl_free(crl);
+        return MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG;
+    }
+
+    /*
+     * issuer               Name
+     */
+    crl->issuer_raw.p = p;
+
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        mbedtls_x509_crl_free(crl);
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret);
+    }
+
+    if ((ret = mbedtls_x509_get_name(&p, p + len, &crl->issuer)) != 0) {
+        mbedtls_x509_crl_free(crl);
+        return ret;
+    }
+
+    crl->issuer_raw.len = p - crl->issuer_raw.p;
+
+    /*
+     * thisUpdate          Time
+     * nextUpdate          Time OPTIONAL
+     */
+    if ((ret = mbedtls_x509_get_time(&p, end, &crl->this_update)) != 0) {
+        mbedtls_x509_crl_free(crl);
+        return ret;
+    }
+
+    if ((ret = mbedtls_x509_get_time(&p, end, &crl->next_update)) != 0) {
+        if (ret != (MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE,
+                                      MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)) &&
+            ret != (MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE,
+                                      MBEDTLS_ERR_ASN1_OUT_OF_DATA))) {
+            mbedtls_x509_crl_free(crl);
+            return ret;
+        }
+    }
+
+    /*
+     * revokedCertificates    SEQUENCE OF SEQUENCE   {
+     *      userCertificate        CertificateSerialNumber,
+     *      revocationDate         Time,
+     *      crlEntryExtensions     Extensions OPTIONAL
+     *                                   -- if present, MUST be v2
+     *                        } OPTIONAL
+     */
+    if ((ret = x509_get_entries(&p, end, &crl->entry)) != 0) {
+        mbedtls_x509_crl_free(crl);
+        return ret;
+    }
+
+    /*
+     * crlExtensions          EXPLICIT Extensions OPTIONAL
+     *                              -- if present, MUST be v2
+     */
+    if (crl->version == 2) {
+        ret = x509_get_crl_ext(&p, end, &crl->crl_ext);
+
+        if (ret != 0) {
+            mbedtls_x509_crl_free(crl);
+            return ret;
+        }
+    }
+
+    if (p != end) {
+        mbedtls_x509_crl_free(crl);
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    end = crl->raw.p + crl->raw.len;
+
+    /*
+     *  signatureAlgorithm   AlgorithmIdentifier,
+     *  signatureValue       BIT STRING
+     */
+    if ((ret = mbedtls_x509_get_alg(&p, end, &sig_oid2, &sig_params2)) != 0) {
+        mbedtls_x509_crl_free(crl);
+        return ret;
+    }
+
+    if (crl->sig_oid.len != sig_oid2.len ||
+        memcmp(crl->sig_oid.p, sig_oid2.p, crl->sig_oid.len) != 0 ||
+        sig_params1.len != sig_params2.len ||
+        (sig_params1.len != 0 &&
+         memcmp(sig_params1.p, sig_params2.p, sig_params1.len) != 0)) {
+        mbedtls_x509_crl_free(crl);
+        return MBEDTLS_ERR_X509_SIG_MISMATCH;
+    }
+
+    if ((ret = mbedtls_x509_get_sig(&p, end, &crl->sig)) != 0) {
+        mbedtls_x509_crl_free(crl);
+        return ret;
+    }
+
+    if (p != end) {
+        mbedtls_x509_crl_free(crl);
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    return 0;
+}
+
+/*
+ * Parse one or more CRLs and add them to the chained list
+ */
+int mbedtls_x509_crl_parse(mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen)
+{
+#if defined(MBEDTLS_PEM_PARSE_C)
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t use_len = 0;
+    mbedtls_pem_context pem;
+    int is_pem = 0;
+
+    if (chain == NULL || buf == NULL) {
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+
+    do {
+        mbedtls_pem_init(&pem);
+
+        // Avoid calling mbedtls_pem_read_buffer() on non-null-terminated
+        // string
+        if (buflen == 0 || buf[buflen - 1] != '\0') {
+            ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
+        } else {
+            ret = mbedtls_pem_read_buffer(&pem,
+                                          "-----BEGIN X509 CRL-----",
+                                          "-----END X509 CRL-----",
+                                          buf, NULL, 0, &use_len);
+        }
+
+        if (ret == 0) {
+            /*
+             * Was PEM encoded
+             */
+            is_pem = 1;
+
+            buflen -= use_len;
+            buf += use_len;
+
+            if ((ret = mbedtls_x509_crl_parse_der(chain,
+                                                  pem.buf, pem.buflen)) != 0) {
+                mbedtls_pem_free(&pem);
+                return ret;
+            }
+        } else if (is_pem) {
+            mbedtls_pem_free(&pem);
+            return ret;
+        }
+
+        mbedtls_pem_free(&pem);
+    }
+    /* In the PEM case, buflen is 1 at the end, for the terminated NULL byte.
+     * And a valid CRL cannot be less than 1 byte anyway. */
+    while (is_pem && buflen > 1);
+
+    if (is_pem) {
+        return 0;
+    } else
+#endif /* MBEDTLS_PEM_PARSE_C */
+    return mbedtls_x509_crl_parse_der(chain, buf, buflen);
+}
+
+#if defined(MBEDTLS_FS_IO)
+/*
+ * Load one or more CRLs and add them to the chained list
+ */
+int mbedtls_x509_crl_parse_file(mbedtls_x509_crl *chain, const char *path)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t n;
+    unsigned char *buf;
+
+    if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) {
+        return ret;
+    }
+
+    ret = mbedtls_x509_crl_parse(chain, buf, n);
+
+    mbedtls_platform_zeroize(buf, n);
+    mbedtls_free(buf);
+
+    return ret;
+}
+#endif /* MBEDTLS_FS_IO */
+
+/*
+ * Return an informational string about the certificate.
+ */
+#define BEFORE_COLON    14
+#define BC              "14"
+/*
+ * Return an informational string about the CRL.
+ */
+int mbedtls_x509_crl_info(char *buf, size_t size, const char *prefix,
+                          const mbedtls_x509_crl *crl)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t n;
+    char *p;
+    const mbedtls_x509_crl_entry *entry;
+
+    p = buf;
+    n = size;
+
+    ret = mbedtls_snprintf(p, n, "%sCRL version   : %d",
+                           prefix, crl->version);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf(p, n, "\n%sissuer name   : ", prefix);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+    ret = mbedtls_x509_dn_gets(p, n, &crl->issuer);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf(p, n, "\n%sthis update   : " \
+                                 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
+                           crl->this_update.year, crl->this_update.mon,
+                           crl->this_update.day,  crl->this_update.hour,
+                           crl->this_update.min,  crl->this_update.sec);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf(p, n, "\n%snext update   : " \
+                                 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
+                           crl->next_update.year, crl->next_update.mon,
+                           crl->next_update.day,  crl->next_update.hour,
+                           crl->next_update.min,  crl->next_update.sec);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    entry = &crl->entry;
+
+    ret = mbedtls_snprintf(p, n, "\n%sRevoked certificates:",
+                           prefix);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    while (entry != NULL && entry->raw.len != 0) {
+        ret = mbedtls_snprintf(p, n, "\n%sserial number: ",
+                               prefix);
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        ret = mbedtls_x509_serial_gets(p, n, &entry->serial);
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        ret = mbedtls_snprintf(p, n, " revocation date: " \
+                                     "%04d-%02d-%02d %02d:%02d:%02d",
+                               entry->revocation_date.year, entry->revocation_date.mon,
+                               entry->revocation_date.day,  entry->revocation_date.hour,
+                               entry->revocation_date.min,  entry->revocation_date.sec);
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        entry = entry->next;
+    }
+
+    ret = mbedtls_snprintf(p, n, "\n%ssigned using  : ", prefix);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_x509_sig_alg_gets(p, n, &crl->sig_oid, crl->sig_pk, crl->sig_md,
+                                    crl->sig_opts);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf(p, n, "\n");
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    return (int) (size - n);
+}
+
+/*
+ * Initialize a CRL chain
+ */
+void mbedtls_x509_crl_init(mbedtls_x509_crl *crl)
+{
+    memset(crl, 0, sizeof(mbedtls_x509_crl));
+}
+
+/*
+ * Unallocate all CRL data
+ */
+void mbedtls_x509_crl_free(mbedtls_x509_crl *crl)
+{
+    mbedtls_x509_crl *crl_cur = crl;
+    mbedtls_x509_crl *crl_prv;
+    mbedtls_x509_name *name_cur;
+    mbedtls_x509_name *name_prv;
+    mbedtls_x509_crl_entry *entry_cur;
+    mbedtls_x509_crl_entry *entry_prv;
+
+    if (crl == NULL) {
+        return;
+    }
+
+    do {
+#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
+        mbedtls_free(crl_cur->sig_opts);
+#endif
+
+        name_cur = crl_cur->issuer.next;
+        while (name_cur != NULL) {
+            name_prv = name_cur;
+            name_cur = name_cur->next;
+            mbedtls_platform_zeroize(name_prv, sizeof(mbedtls_x509_name));
+            mbedtls_free(name_prv);
+        }
+
+        entry_cur = crl_cur->entry.next;
+        while (entry_cur != NULL) {
+            entry_prv = entry_cur;
+            entry_cur = entry_cur->next;
+            mbedtls_platform_zeroize(entry_prv,
+                                     sizeof(mbedtls_x509_crl_entry));
+            mbedtls_free(entry_prv);
+        }
+
+        if (crl_cur->raw.p != NULL) {
+            mbedtls_platform_zeroize(crl_cur->raw.p, crl_cur->raw.len);
+            mbedtls_free(crl_cur->raw.p);
+        }
+
+        crl_cur = crl_cur->next;
+    } while (crl_cur != NULL);
+
+    crl_cur = crl;
+    do {
+        crl_prv = crl_cur;
+        crl_cur = crl_cur->next;
+
+        mbedtls_platform_zeroize(crl_prv, sizeof(mbedtls_x509_crl));
+        if (crl_prv != crl) {
+            mbedtls_free(crl_prv);
+        }
+    } while (crl_cur != NULL);
+}
+
+#endif /* MBEDTLS_X509_CRL_PARSE_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/x509_crt.c b/3rdparty/mbedtls-2.28.7/library/x509_crt.c
new file mode 100644
index 0000000..a3a4525
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/x509_crt.c
@@ -0,0 +1,3405 @@
+/*
+ *  X.509 certificate parsing and verification
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  The ITU-T X.509 standard defines a certificate format for PKI.
+ *
+ *  http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs)
+ *  http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs)
+ *  http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10)
+ *
+ *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
+ *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
+ *
+ *  [SIRO] https://cabforum.org/wp-content/uploads/Chunghwatelecom201503cabforumV4.pdf
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+
+#include "mbedtls/x509_crt.h"
+#include "mbedtls/error.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/platform_util.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+#include "mbedtls/pem.h"
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_THREADING_C)
+#include "mbedtls/threading.h"
+#endif
+
+#if defined(MBEDTLS_HAVE_TIME)
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+#include <windows.h>
+#else
+#include <time.h>
+#endif
+#endif
+
+#if defined(MBEDTLS_FS_IO)
+#include <stdio.h>
+#if !defined(_WIN32) || defined(EFIX64) || defined(EFI32)
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <dirent.h>
+#include <errno.h>
+#endif /* !_WIN32 || EFIX64 || EFI32 */
+#endif
+
+/*
+ * Item in a verification chain: cert and flags for it
+ */
+typedef struct {
+    mbedtls_x509_crt *crt;
+    uint32_t flags;
+} x509_crt_verify_chain_item;
+
+/*
+ * Max size of verification chain: end-entity + intermediates + trusted root
+ */
+#define X509_MAX_VERIFY_CHAIN_SIZE    (MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2)
+
+/* Default profile. Do not remove items unless there are serious security
+ * concerns. */
+const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default =
+{
+    /* Only SHA-2 hashes */
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA224) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA256) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512),
+    0xFFFFFFF, /* Any PK alg    */
+    0xFFFFFFF, /* Any curve     */
+    2048,
+};
+
+/*
+ * Next-default profile
+ */
+const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next =
+{
+    /* Hashes from SHA-256 and above */
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA256) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512),
+    0xFFFFFFF, /* Any PK alg    */
+#if defined(MBEDTLS_ECP_C)
+    /* Curves at or above 128-bit security level */
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP256R1) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP384R1) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP521R1) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_BP256R1) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_BP384R1) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_BP512R1) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP256K1),
+#else
+    0,
+#endif
+    2048,
+};
+
+/*
+ * NSA Suite B Profile
+ */
+const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb =
+{
+    /* Only SHA-256 and 384 */
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA256) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384),
+    /* Only ECDSA */
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_PK_ECDSA) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_PK_ECKEY),
+#if defined(MBEDTLS_ECP_C)
+    /* Only NIST P-256 and P-384 */
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP256R1) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP384R1),
+#else
+    0,
+#endif
+    0,
+};
+
+/*
+ * Check md_alg against profile
+ * Return 0 if md_alg is acceptable for this profile, -1 otherwise
+ */
+static int x509_profile_check_md_alg(const mbedtls_x509_crt_profile *profile,
+                                     mbedtls_md_type_t md_alg)
+{
+    if (md_alg == MBEDTLS_MD_NONE) {
+        return -1;
+    }
+
+    if ((profile->allowed_mds & MBEDTLS_X509_ID_FLAG(md_alg)) != 0) {
+        return 0;
+    }
+
+    return -1;
+}
+
+/*
+ * Check pk_alg against profile
+ * Return 0 if pk_alg is acceptable for this profile, -1 otherwise
+ */
+static int x509_profile_check_pk_alg(const mbedtls_x509_crt_profile *profile,
+                                     mbedtls_pk_type_t pk_alg)
+{
+    if (pk_alg == MBEDTLS_PK_NONE) {
+        return -1;
+    }
+
+    if ((profile->allowed_pks & MBEDTLS_X509_ID_FLAG(pk_alg)) != 0) {
+        return 0;
+    }
+
+    return -1;
+}
+
+/*
+ * Check key against profile
+ * Return 0 if pk is acceptable for this profile, -1 otherwise
+ */
+static int x509_profile_check_key(const mbedtls_x509_crt_profile *profile,
+                                  const mbedtls_pk_context *pk)
+{
+    const mbedtls_pk_type_t pk_alg = mbedtls_pk_get_type(pk);
+
+#if defined(MBEDTLS_RSA_C)
+    if (pk_alg == MBEDTLS_PK_RSA || pk_alg == MBEDTLS_PK_RSASSA_PSS) {
+        if (mbedtls_pk_get_bitlen(pk) >= profile->rsa_min_bitlen) {
+            return 0;
+        }
+
+        return -1;
+    }
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+    if (pk_alg == MBEDTLS_PK_ECDSA ||
+        pk_alg == MBEDTLS_PK_ECKEY ||
+        pk_alg == MBEDTLS_PK_ECKEY_DH) {
+        const mbedtls_ecp_group_id gid = mbedtls_pk_ec(*pk)->grp.id;
+
+        if (gid == MBEDTLS_ECP_DP_NONE) {
+            return -1;
+        }
+
+        if ((profile->allowed_curves & MBEDTLS_X509_ID_FLAG(gid)) != 0) {
+            return 0;
+        }
+
+        return -1;
+    }
+#endif
+
+    return -1;
+}
+
+/*
+ * Like memcmp, but case-insensitive and always returns -1 if different
+ */
+static int x509_memcasecmp(const void *s1, const void *s2, size_t len)
+{
+    size_t i;
+    unsigned char diff;
+    const unsigned char *n1 = s1, *n2 = s2;
+
+    for (i = 0; i < len; i++) {
+        diff = n1[i] ^ n2[i];
+
+        if (diff == 0) {
+            continue;
+        }
+
+        if (diff == 32 &&
+            ((n1[i] >= 'a' && n1[i] <= 'z') ||
+             (n1[i] >= 'A' && n1[i] <= 'Z'))) {
+            continue;
+        }
+
+        return -1;
+    }
+
+    return 0;
+}
+
+/*
+ * Return 0 if name matches wildcard, -1 otherwise
+ */
+static int x509_check_wildcard(const char *cn, const mbedtls_x509_buf *name)
+{
+    size_t i;
+    size_t cn_idx = 0, cn_len = strlen(cn);
+
+    /* We can't have a match if there is no wildcard to match */
+    if (name->len < 3 || name->p[0] != '*' || name->p[1] != '.') {
+        return -1;
+    }
+
+    for (i = 0; i < cn_len; ++i) {
+        if (cn[i] == '.') {
+            cn_idx = i;
+            break;
+        }
+    }
+
+    if (cn_idx == 0) {
+        return -1;
+    }
+
+    if (cn_len - cn_idx == name->len - 1 &&
+        x509_memcasecmp(name->p + 1, cn + cn_idx, name->len - 1) == 0) {
+        return 0;
+    }
+
+    return -1;
+}
+
+/*
+ * Compare two X.509 strings, case-insensitive, and allowing for some encoding
+ * variations (but not all).
+ *
+ * Return 0 if equal, -1 otherwise.
+ */
+static int x509_string_cmp(const mbedtls_x509_buf *a, const mbedtls_x509_buf *b)
+{
+    if (a->tag == b->tag &&
+        a->len == b->len &&
+        memcmp(a->p, b->p, b->len) == 0) {
+        return 0;
+    }
+
+    if ((a->tag == MBEDTLS_ASN1_UTF8_STRING || a->tag == MBEDTLS_ASN1_PRINTABLE_STRING) &&
+        (b->tag == MBEDTLS_ASN1_UTF8_STRING || b->tag == MBEDTLS_ASN1_PRINTABLE_STRING) &&
+        a->len == b->len &&
+        x509_memcasecmp(a->p, b->p, b->len) == 0) {
+        return 0;
+    }
+
+    return -1;
+}
+
+/*
+ * Compare two X.509 Names (aka rdnSequence).
+ *
+ * See RFC 5280 section 7.1, though we don't implement the whole algorithm:
+ * we sometimes return unequal when the full algorithm would return equal,
+ * but never the other way. (In particular, we don't do Unicode normalisation
+ * or space folding.)
+ *
+ * Return 0 if equal, -1 otherwise.
+ */
+static int x509_name_cmp(const mbedtls_x509_name *a, const mbedtls_x509_name *b)
+{
+    /* Avoid recursion, it might not be optimised by the compiler */
+    while (a != NULL || b != NULL) {
+        if (a == NULL || b == NULL) {
+            return -1;
+        }
+
+        /* type */
+        if (a->oid.tag != b->oid.tag ||
+            a->oid.len != b->oid.len ||
+            memcmp(a->oid.p, b->oid.p, b->oid.len) != 0) {
+            return -1;
+        }
+
+        /* value */
+        if (x509_string_cmp(&a->val, &b->val) != 0) {
+            return -1;
+        }
+
+        /* structure of the list of sets */
+        if (a->next_merged != b->next_merged) {
+            return -1;
+        }
+
+        a = a->next;
+        b = b->next;
+    }
+
+    /* a == NULL == b */
+    return 0;
+}
+
+/*
+ * Reset (init or clear) a verify_chain
+ */
+static void x509_crt_verify_chain_reset(
+    mbedtls_x509_crt_verify_chain *ver_chain)
+{
+    size_t i;
+
+    for (i = 0; i < MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE; i++) {
+        ver_chain->items[i].crt = NULL;
+        ver_chain->items[i].flags = (uint32_t) -1;
+    }
+
+    ver_chain->len = 0;
+
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+    ver_chain->trust_ca_cb_result = NULL;
+#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+}
+
+/*
+ *  Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
+ */
+static int x509_get_version(unsigned char **p,
+                            const unsigned char *end,
+                            int *ver)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len,
+                                    MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED |
+                                    0)) != 0) {
+        if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
+            *ver = 0;
+            return 0;
+        }
+
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret);
+    }
+
+    end = *p + len;
+
+    if ((ret = mbedtls_asn1_get_int(p, end, ver)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_VERSION, ret);
+    }
+
+    if (*p != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_VERSION,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    return 0;
+}
+
+/*
+ *  Validity ::= SEQUENCE {
+ *       notBefore      Time,
+ *       notAfter       Time }
+ */
+static int x509_get_dates(unsigned char **p,
+                          const unsigned char *end,
+                          mbedtls_x509_time *from,
+                          mbedtls_x509_time *to)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, ret);
+    }
+
+    end = *p + len;
+
+    if ((ret = mbedtls_x509_get_time(p, end, from)) != 0) {
+        return ret;
+    }
+
+    if ((ret = mbedtls_x509_get_time(p, end, to)) != 0) {
+        return ret;
+    }
+
+    if (*p != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    return 0;
+}
+
+/*
+ * X.509 v2/v3 unique identifier (not parsed)
+ */
+static int x509_get_uid(unsigned char **p,
+                        const unsigned char *end,
+                        mbedtls_x509_buf *uid, int n)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if (*p == end) {
+        return 0;
+    }
+
+    uid->tag = **p;
+
+    if ((ret = mbedtls_asn1_get_tag(p, end, &uid->len,
+                                    MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED |
+                                    n)) != 0) {
+        if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
+            return 0;
+        }
+
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret);
+    }
+
+    uid->p = *p;
+    *p += uid->len;
+
+    return 0;
+}
+
+static int x509_get_basic_constraints(unsigned char **p,
+                                      const unsigned char *end,
+                                      int *ca_istrue,
+                                      int *max_pathlen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+
+    /*
+     * BasicConstraints ::= SEQUENCE {
+     *      cA                      BOOLEAN DEFAULT FALSE,
+     *      pathLenConstraint       INTEGER (0..MAX) OPTIONAL }
+     */
+    *ca_istrue = 0; /* DEFAULT FALSE */
+    *max_pathlen = 0; /* endless */
+
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+    }
+
+    if (*p == end) {
+        return 0;
+    }
+
+    if ((ret = mbedtls_asn1_get_bool(p, end, ca_istrue)) != 0) {
+        if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
+            ret = mbedtls_asn1_get_int(p, end, ca_istrue);
+        }
+
+        if (ret != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+        }
+
+        if (*ca_istrue != 0) {
+            *ca_istrue = 1;
+        }
+    }
+
+    if (*p == end) {
+        return 0;
+    }
+
+    if ((ret = mbedtls_asn1_get_int(p, end, max_pathlen)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+    }
+
+    if (*p != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    /* Do not accept max_pathlen equal to INT_MAX to avoid a signed integer
+     * overflow, which is an undefined behavior. */
+    if (*max_pathlen == INT_MAX) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                 MBEDTLS_ERR_ASN1_INVALID_LENGTH);
+    }
+
+    (*max_pathlen)++;
+
+    return 0;
+}
+
+static int x509_get_ns_cert_type(unsigned char **p,
+                                 const unsigned char *end,
+                                 unsigned char *ns_cert_type)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_x509_bitstring bs = { 0, 0, NULL };
+
+    if ((ret = mbedtls_asn1_get_bitstring(p, end, &bs)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+    }
+
+    if (bs.len != 1) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                 MBEDTLS_ERR_ASN1_INVALID_LENGTH);
+    }
+
+    /* Get actual bitstring */
+    *ns_cert_type = *bs.p;
+    return 0;
+}
+
+static int x509_get_key_usage(unsigned char **p,
+                              const unsigned char *end,
+                              unsigned int *key_usage)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t i;
+    mbedtls_x509_bitstring bs = { 0, 0, NULL };
+
+    if ((ret = mbedtls_asn1_get_bitstring(p, end, &bs)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+    }
+
+    if (bs.len < 1) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                 MBEDTLS_ERR_ASN1_INVALID_LENGTH);
+    }
+
+    /* Get actual bitstring */
+    *key_usage = 0;
+    for (i = 0; i < bs.len && i < sizeof(unsigned int); i++) {
+        *key_usage |= (unsigned int) bs.p[i] << (8*i);
+    }
+
+    return 0;
+}
+
+/*
+ * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
+ *
+ * KeyPurposeId ::= OBJECT IDENTIFIER
+ */
+static int x509_get_ext_key_usage(unsigned char **p,
+                                  const unsigned char *end,
+                                  mbedtls_x509_sequence *ext_key_usage)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if ((ret = mbedtls_asn1_get_sequence_of(p, end, ext_key_usage, MBEDTLS_ASN1_OID)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+    }
+
+    /* Sequence length must be >= 1 */
+    if (ext_key_usage->buf.p == NULL) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                 MBEDTLS_ERR_ASN1_INVALID_LENGTH);
+    }
+
+    return 0;
+}
+
+/*
+ * SubjectAltName ::= GeneralNames
+ *
+ * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
+ *
+ * GeneralName ::= CHOICE {
+ *      otherName                       [0]     OtherName,
+ *      rfc822Name                      [1]     IA5String,
+ *      dNSName                         [2]     IA5String,
+ *      x400Address                     [3]     ORAddress,
+ *      directoryName                   [4]     Name,
+ *      ediPartyName                    [5]     EDIPartyName,
+ *      uniformResourceIdentifier       [6]     IA5String,
+ *      iPAddress                       [7]     OCTET STRING,
+ *      registeredID                    [8]     OBJECT IDENTIFIER }
+ *
+ * OtherName ::= SEQUENCE {
+ *      type-id    OBJECT IDENTIFIER,
+ *      value      [0] EXPLICIT ANY DEFINED BY type-id }
+ *
+ * EDIPartyName ::= SEQUENCE {
+ *      nameAssigner            [0]     DirectoryString OPTIONAL,
+ *      partyName               [1]     DirectoryString }
+ *
+ * NOTE: we list all types, but only use dNSName and otherName
+ * of type HwModuleName, as defined in RFC 4108, at this point.
+ */
+static int x509_get_subject_alt_name(unsigned char **p,
+                                     const unsigned char *end,
+                                     mbedtls_x509_sequence *subject_alt_name)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len, tag_len;
+    mbedtls_asn1_sequence *cur = subject_alt_name;
+
+    /* Get main sequence tag */
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+    }
+
+    if (*p + len != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    while (*p < end) {
+        mbedtls_x509_subject_alternative_name dummy_san_buf;
+        mbedtls_x509_buf tmp_san_buf;
+        memset(&dummy_san_buf, 0, sizeof(dummy_san_buf));
+
+        tmp_san_buf.tag = **p;
+        (*p)++;
+
+        if ((ret = mbedtls_asn1_get_len(p, end, &tag_len)) != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+        }
+
+        tmp_san_buf.p = *p;
+        tmp_san_buf.len = tag_len;
+
+        if ((tmp_san_buf.tag & MBEDTLS_ASN1_TAG_CLASS_MASK) !=
+            MBEDTLS_ASN1_CONTEXT_SPECIFIC) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                     MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
+        }
+
+        /*
+         * Check that the SAN is structured correctly.
+         */
+        ret = mbedtls_x509_parse_subject_alt_name(&tmp_san_buf, &dummy_san_buf);
+        /*
+         * In case the extension is malformed, return an error,
+         * and clear the allocated sequences.
+         */
+        if (ret != 0 && ret != MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE) {
+            mbedtls_x509_sequence *seq_cur = subject_alt_name->next;
+            mbedtls_x509_sequence *seq_prv;
+            while (seq_cur != NULL) {
+                seq_prv = seq_cur;
+                seq_cur = seq_cur->next;
+                mbedtls_platform_zeroize(seq_prv,
+                                         sizeof(mbedtls_x509_sequence));
+                mbedtls_free(seq_prv);
+            }
+            subject_alt_name->next = NULL;
+            return ret;
+        }
+
+        /* Allocate and assign next pointer */
+        if (cur->buf.p != NULL) {
+            if (cur->next != NULL) {
+                return MBEDTLS_ERR_X509_INVALID_EXTENSIONS;
+            }
+
+            cur->next = mbedtls_calloc(1, sizeof(mbedtls_asn1_sequence));
+
+            if (cur->next == NULL) {
+                return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                         MBEDTLS_ERR_ASN1_ALLOC_FAILED);
+            }
+
+            cur = cur->next;
+        }
+
+        cur->buf = tmp_san_buf;
+        *p += tmp_san_buf.len;
+    }
+
+    /* Set final sequence entry's next pointer to NULL */
+    cur->next = NULL;
+
+    if (*p != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    return 0;
+}
+
+/*
+ * id-ce-certificatePolicies OBJECT IDENTIFIER ::=  { id-ce 32 }
+ *
+ * anyPolicy OBJECT IDENTIFIER ::= { id-ce-certificatePolicies 0 }
+ *
+ * certificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
+ *
+ * PolicyInformation ::= SEQUENCE {
+ *     policyIdentifier   CertPolicyId,
+ *     policyQualifiers   SEQUENCE SIZE (1..MAX) OF
+ *                             PolicyQualifierInfo OPTIONAL }
+ *
+ * CertPolicyId ::= OBJECT IDENTIFIER
+ *
+ * PolicyQualifierInfo ::= SEQUENCE {
+ *      policyQualifierId  PolicyQualifierId,
+ *      qualifier          ANY DEFINED BY policyQualifierId }
+ *
+ * -- policyQualifierIds for Internet policy qualifiers
+ *
+ * id-qt          OBJECT IDENTIFIER ::=  { id-pkix 2 }
+ * id-qt-cps      OBJECT IDENTIFIER ::=  { id-qt 1 }
+ * id-qt-unotice  OBJECT IDENTIFIER ::=  { id-qt 2 }
+ *
+ * PolicyQualifierId ::= OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
+ *
+ * Qualifier ::= CHOICE {
+ *      cPSuri           CPSuri,
+ *      userNotice       UserNotice }
+ *
+ * CPSuri ::= IA5String
+ *
+ * UserNotice ::= SEQUENCE {
+ *      noticeRef        NoticeReference OPTIONAL,
+ *      explicitText     DisplayText OPTIONAL }
+ *
+ * NoticeReference ::= SEQUENCE {
+ *      organization     DisplayText,
+ *      noticeNumbers    SEQUENCE OF INTEGER }
+ *
+ * DisplayText ::= CHOICE {
+ *      ia5String        IA5String      (SIZE (1..200)),
+ *      visibleString    VisibleString  (SIZE (1..200)),
+ *      bmpString        BMPString      (SIZE (1..200)),
+ *      utf8String       UTF8String     (SIZE (1..200)) }
+ *
+ * NOTE: we only parse and use anyPolicy without qualifiers at this point
+ * as defined in RFC 5280.
+ */
+static int x509_get_certificate_policies(unsigned char **p,
+                                         const unsigned char *end,
+                                         mbedtls_x509_sequence *certificate_policies)
+{
+    int ret, parse_ret = 0;
+    size_t len;
+    mbedtls_asn1_buf *buf;
+    mbedtls_asn1_sequence *cur = certificate_policies;
+
+    /* Get main sequence tag */
+    ret = mbedtls_asn1_get_tag(p, end, &len,
+                               MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
+    if (ret != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+    }
+
+    if (*p + len != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    /*
+     * Cannot be an empty sequence.
+     */
+    if (len == 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    while (*p < end) {
+        mbedtls_x509_buf policy_oid;
+        const unsigned char *policy_end;
+
+        /*
+         * Get the policy sequence
+         */
+        if ((ret = mbedtls_asn1_get_tag(p, end, &len,
+                                        MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+        }
+
+        policy_end = *p + len;
+
+        if ((ret = mbedtls_asn1_get_tag(p, policy_end, &len,
+                                        MBEDTLS_ASN1_OID)) != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+        }
+
+        policy_oid.tag = MBEDTLS_ASN1_OID;
+        policy_oid.len = len;
+        policy_oid.p = *p;
+
+        /*
+         * Only AnyPolicy is currently supported when enforcing policy.
+         */
+        if (MBEDTLS_OID_CMP(MBEDTLS_OID_ANY_POLICY, &policy_oid) != 0) {
+            /*
+             * Set the parsing return code but continue parsing, in case this
+             * extension is critical and MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
+             * is configured.
+             */
+            parse_ret = MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE;
+        }
+
+        /* Allocate and assign next pointer */
+        if (cur->buf.p != NULL) {
+            if (cur->next != NULL) {
+                return MBEDTLS_ERR_X509_INVALID_EXTENSIONS;
+            }
+
+            cur->next = mbedtls_calloc(1, sizeof(mbedtls_asn1_sequence));
+
+            if (cur->next == NULL) {
+                return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                         MBEDTLS_ERR_ASN1_ALLOC_FAILED);
+            }
+
+            cur = cur->next;
+        }
+
+        buf = &(cur->buf);
+        buf->tag = policy_oid.tag;
+        buf->p = policy_oid.p;
+        buf->len = policy_oid.len;
+
+        *p += len;
+
+        /*
+         * If there is an optional qualifier, then *p < policy_end
+         * Check the Qualifier len to verify it doesn't exceed policy_end.
+         */
+        if (*p < policy_end) {
+            if ((ret = mbedtls_asn1_get_tag(p, policy_end, &len,
+                                            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) !=
+                0) {
+                return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+            }
+            /*
+             * Skip the optional policy qualifiers.
+             */
+            *p += len;
+        }
+
+        if (*p != policy_end) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                     MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+        }
+    }
+
+    /* Set final sequence entry's next pointer to NULL */
+    cur->next = NULL;
+
+    if (*p != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    return parse_ret;
+}
+
+/*
+ * X.509 v3 extensions
+ *
+ */
+static int x509_get_crt_ext(unsigned char **p,
+                            const unsigned char *end,
+                            mbedtls_x509_crt *crt,
+                            mbedtls_x509_crt_ext_cb_t cb,
+                            void *p_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+    unsigned char *end_ext_data, *start_ext_octet, *end_ext_octet;
+
+    if (*p == end) {
+        return 0;
+    }
+
+    if ((ret = mbedtls_x509_get_ext(p, end, &crt->v3_ext, 3)) != 0) {
+        return ret;
+    }
+
+    end = crt->v3_ext.p + crt->v3_ext.len;
+    while (*p < end) {
+        /*
+         * Extension  ::=  SEQUENCE  {
+         *      extnID      OBJECT IDENTIFIER,
+         *      critical    BOOLEAN DEFAULT FALSE,
+         *      extnValue   OCTET STRING  }
+         */
+        mbedtls_x509_buf extn_oid = { 0, 0, NULL };
+        int is_critical = 0; /* DEFAULT FALSE */
+        int ext_type = 0;
+
+        if ((ret = mbedtls_asn1_get_tag(p, end, &len,
+                                        MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+        }
+
+        end_ext_data = *p + len;
+
+        /* Get extension ID */
+        if ((ret = mbedtls_asn1_get_tag(p, end_ext_data, &extn_oid.len,
+                                        MBEDTLS_ASN1_OID)) != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+        }
+
+        extn_oid.tag = MBEDTLS_ASN1_OID;
+        extn_oid.p = *p;
+        *p += extn_oid.len;
+
+        /* Get optional critical */
+        if ((ret = mbedtls_asn1_get_bool(p, end_ext_data, &is_critical)) != 0 &&
+            (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+        }
+
+        /* Data should be octet string type */
+        if ((ret = mbedtls_asn1_get_tag(p, end_ext_data, &len,
+                                        MBEDTLS_ASN1_OCTET_STRING)) != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+        }
+
+        start_ext_octet = *p;
+        end_ext_octet = *p + len;
+
+        if (end_ext_octet != end_ext_data) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                     MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+        }
+
+        /*
+         * Detect supported extensions
+         */
+        ret = mbedtls_oid_get_x509_ext_type(&extn_oid, &ext_type);
+
+        if (ret != 0) {
+            /* Give the callback (if any) a chance to handle the extension */
+            if (cb != NULL) {
+                ret = cb(p_ctx, crt, &extn_oid, is_critical, *p, end_ext_octet);
+                if (ret != 0 && is_critical) {
+                    return ret;
+                }
+                *p = end_ext_octet;
+                continue;
+            }
+
+            /* No parser found, skip extension */
+            *p = end_ext_octet;
+
+#if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
+            if (is_critical) {
+                /* Data is marked as critical: fail */
+                return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                         MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
+            }
+#endif
+            continue;
+        }
+
+        /* Forbid repeated extensions */
+        if ((crt->ext_types & ext_type) != 0) {
+            return MBEDTLS_ERR_X509_INVALID_EXTENSIONS;
+        }
+
+        crt->ext_types |= ext_type;
+
+        switch (ext_type) {
+            case MBEDTLS_X509_EXT_BASIC_CONSTRAINTS:
+                /* Parse basic constraints */
+                if ((ret = x509_get_basic_constraints(p, end_ext_octet,
+                                                      &crt->ca_istrue, &crt->max_pathlen)) != 0) {
+                    return ret;
+                }
+                break;
+
+            case MBEDTLS_X509_EXT_KEY_USAGE:
+                /* Parse key usage */
+                if ((ret = x509_get_key_usage(p, end_ext_octet,
+                                              &crt->key_usage)) != 0) {
+                    return ret;
+                }
+                break;
+
+            case MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE:
+                /* Parse extended key usage */
+                if ((ret = x509_get_ext_key_usage(p, end_ext_octet,
+                                                  &crt->ext_key_usage)) != 0) {
+                    return ret;
+                }
+                break;
+
+            case MBEDTLS_X509_EXT_SUBJECT_ALT_NAME:
+                /* Parse subject alt name */
+                if ((ret = x509_get_subject_alt_name(p, end_ext_octet,
+                                                     &crt->subject_alt_names)) != 0) {
+                    return ret;
+                }
+                break;
+
+            case MBEDTLS_X509_EXT_NS_CERT_TYPE:
+                /* Parse netscape certificate type */
+                if ((ret = x509_get_ns_cert_type(p, end_ext_octet,
+                                                 &crt->ns_cert_type)) != 0) {
+                    return ret;
+                }
+                break;
+
+            case MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES:
+                /* Parse certificate policies type */
+                if ((ret = x509_get_certificate_policies(p, end_ext_octet,
+                                                         &crt->certificate_policies)) != 0) {
+                    /* Give the callback (if any) a chance to handle the extension
+                     * if it contains unsupported policies */
+                    if (ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE && cb != NULL &&
+                        cb(p_ctx, crt, &extn_oid, is_critical,
+                           start_ext_octet, end_ext_octet) == 0) {
+                        break;
+                    }
+
+#if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
+                    if (is_critical) {
+                        return ret;
+                    } else
+#endif
+                    /*
+                     * If MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE is returned, then we
+                     * cannot interpret or enforce the policy. However, it is up to
+                     * the user to choose how to enforce the policies,
+                     * unless the extension is critical.
+                     */
+                    if (ret != MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE) {
+                        return ret;
+                    }
+                }
+                break;
+
+            default:
+                /*
+                 * If this is a non-critical extension, which the oid layer
+                 * supports, but there isn't an x509 parser for it,
+                 * skip the extension.
+                 */
+#if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
+                if (is_critical) {
+                    return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE;
+                } else
+#endif
+                *p = end_ext_octet;
+        }
+    }
+
+    if (*p != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    return 0;
+}
+
+/*
+ * Parse and fill a single X.509 certificate in DER format
+ */
+static int x509_crt_parse_der_core(mbedtls_x509_crt *crt,
+                                   const unsigned char *buf,
+                                   size_t buflen,
+                                   int make_copy,
+                                   mbedtls_x509_crt_ext_cb_t cb,
+                                   void *p_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+    unsigned char *p, *end, *crt_end;
+    mbedtls_x509_buf sig_params1, sig_params2, sig_oid2;
+
+    memset(&sig_params1, 0, sizeof(mbedtls_x509_buf));
+    memset(&sig_params2, 0, sizeof(mbedtls_x509_buf));
+    memset(&sig_oid2, 0, sizeof(mbedtls_x509_buf));
+
+    /*
+     * Check for valid input
+     */
+    if (crt == NULL || buf == NULL) {
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+
+    /* Use the original buffer until we figure out actual length. */
+    p = (unsigned char *) buf;
+    len = buflen;
+    end = p + len;
+
+    /*
+     * Certificate  ::=  SEQUENCE  {
+     *      tbsCertificate       TBSCertificate,
+     *      signatureAlgorithm   AlgorithmIdentifier,
+     *      signatureValue       BIT STRING  }
+     */
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        mbedtls_x509_crt_free(crt);
+        return MBEDTLS_ERR_X509_INVALID_FORMAT;
+    }
+
+    end = crt_end = p + len;
+    crt->raw.len = crt_end - buf;
+    if (make_copy != 0) {
+        /* Create and populate a new buffer for the raw field. */
+        crt->raw.p = p = mbedtls_calloc(1, crt->raw.len);
+        if (crt->raw.p == NULL) {
+            return MBEDTLS_ERR_X509_ALLOC_FAILED;
+        }
+
+        memcpy(crt->raw.p, buf, crt->raw.len);
+        crt->own_buffer = 1;
+
+        p += crt->raw.len - len;
+        end = crt_end = p + len;
+    } else {
+        crt->raw.p = (unsigned char *) buf;
+        crt->own_buffer = 0;
+    }
+
+    /*
+     * TBSCertificate  ::=  SEQUENCE  {
+     */
+    crt->tbs.p = p;
+
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        mbedtls_x509_crt_free(crt);
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret);
+    }
+
+    end = p + len;
+    crt->tbs.len = end - crt->tbs.p;
+
+    /*
+     * Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
+     *
+     * CertificateSerialNumber  ::=  INTEGER
+     *
+     * signature            AlgorithmIdentifier
+     */
+    if ((ret = x509_get_version(&p, end, &crt->version)) != 0 ||
+        (ret = mbedtls_x509_get_serial(&p, end, &crt->serial)) != 0 ||
+        (ret = mbedtls_x509_get_alg(&p, end, &crt->sig_oid,
+                                    &sig_params1)) != 0) {
+        mbedtls_x509_crt_free(crt);
+        return ret;
+    }
+
+    if (crt->version < 0 || crt->version > 2) {
+        mbedtls_x509_crt_free(crt);
+        return MBEDTLS_ERR_X509_UNKNOWN_VERSION;
+    }
+
+    crt->version++;
+
+    if ((ret = mbedtls_x509_get_sig_alg(&crt->sig_oid, &sig_params1,
+                                        &crt->sig_md, &crt->sig_pk,
+                                        &crt->sig_opts)) != 0) {
+        mbedtls_x509_crt_free(crt);
+        return ret;
+    }
+
+    /*
+     * issuer               Name
+     */
+    crt->issuer_raw.p = p;
+
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        mbedtls_x509_crt_free(crt);
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret);
+    }
+
+    if ((ret = mbedtls_x509_get_name(&p, p + len, &crt->issuer)) != 0) {
+        mbedtls_x509_crt_free(crt);
+        return ret;
+    }
+
+    crt->issuer_raw.len = p - crt->issuer_raw.p;
+
+    /*
+     * Validity ::= SEQUENCE {
+     *      notBefore      Time,
+     *      notAfter       Time }
+     *
+     */
+    if ((ret = x509_get_dates(&p, end, &crt->valid_from,
+                              &crt->valid_to)) != 0) {
+        mbedtls_x509_crt_free(crt);
+        return ret;
+    }
+
+    /*
+     * subject              Name
+     */
+    crt->subject_raw.p = p;
+
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        mbedtls_x509_crt_free(crt);
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret);
+    }
+
+    if (len && (ret = mbedtls_x509_get_name(&p, p + len, &crt->subject)) != 0) {
+        mbedtls_x509_crt_free(crt);
+        return ret;
+    }
+
+    crt->subject_raw.len = p - crt->subject_raw.p;
+
+    /*
+     * SubjectPublicKeyInfo
+     */
+    crt->pk_raw.p = p;
+    if ((ret = mbedtls_pk_parse_subpubkey(&p, end, &crt->pk)) != 0) {
+        mbedtls_x509_crt_free(crt);
+        return ret;
+    }
+    crt->pk_raw.len = p - crt->pk_raw.p;
+
+    /*
+     *  issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
+     *                       -- If present, version shall be v2 or v3
+     *  subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
+     *                       -- If present, version shall be v2 or v3
+     *  extensions      [3]  EXPLICIT Extensions OPTIONAL
+     *                       -- If present, version shall be v3
+     */
+    if (crt->version == 2 || crt->version == 3) {
+        ret = x509_get_uid(&p, end, &crt->issuer_id,  1);
+        if (ret != 0) {
+            mbedtls_x509_crt_free(crt);
+            return ret;
+        }
+    }
+
+    if (crt->version == 2 || crt->version == 3) {
+        ret = x509_get_uid(&p, end, &crt->subject_id,  2);
+        if (ret != 0) {
+            mbedtls_x509_crt_free(crt);
+            return ret;
+        }
+    }
+
+    int extensions_allowed = 1;
+#if !defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3)
+    if (crt->version != 3) {
+        extensions_allowed = 0;
+    }
+#endif
+    if (extensions_allowed) {
+        ret = x509_get_crt_ext(&p, end, crt, cb, p_ctx);
+        if (ret != 0) {
+            mbedtls_x509_crt_free(crt);
+            return ret;
+        }
+    }
+
+    if (p != end) {
+        mbedtls_x509_crt_free(crt);
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    end = crt_end;
+
+    /*
+     *  }
+     *  -- end of TBSCertificate
+     *
+     *  signatureAlgorithm   AlgorithmIdentifier,
+     *  signatureValue       BIT STRING
+     */
+    if ((ret = mbedtls_x509_get_alg(&p, end, &sig_oid2, &sig_params2)) != 0) {
+        mbedtls_x509_crt_free(crt);
+        return ret;
+    }
+
+    if (crt->sig_oid.len != sig_oid2.len ||
+        memcmp(crt->sig_oid.p, sig_oid2.p, crt->sig_oid.len) != 0 ||
+        sig_params1.tag != sig_params2.tag ||
+        sig_params1.len != sig_params2.len ||
+        (sig_params1.len != 0 &&
+         memcmp(sig_params1.p, sig_params2.p, sig_params1.len) != 0)) {
+        mbedtls_x509_crt_free(crt);
+        return MBEDTLS_ERR_X509_SIG_MISMATCH;
+    }
+
+    if ((ret = mbedtls_x509_get_sig(&p, end, &crt->sig)) != 0) {
+        mbedtls_x509_crt_free(crt);
+        return ret;
+    }
+
+    if (p != end) {
+        mbedtls_x509_crt_free(crt);
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    return 0;
+}
+
+/*
+ * Parse one X.509 certificate in DER format from a buffer and add them to a
+ * chained list
+ */
+static int mbedtls_x509_crt_parse_der_internal(mbedtls_x509_crt *chain,
+                                               const unsigned char *buf,
+                                               size_t buflen,
+                                               int make_copy,
+                                               mbedtls_x509_crt_ext_cb_t cb,
+                                               void *p_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_x509_crt *crt = chain, *prev = NULL;
+
+    /*
+     * Check for valid input
+     */
+    if (crt == NULL || buf == NULL) {
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+
+    while (crt->version != 0 && crt->next != NULL) {
+        prev = crt;
+        crt = crt->next;
+    }
+
+    /*
+     * Add new certificate on the end of the chain if needed.
+     */
+    if (crt->version != 0 && crt->next == NULL) {
+        crt->next = mbedtls_calloc(1, sizeof(mbedtls_x509_crt));
+
+        if (crt->next == NULL) {
+            return MBEDTLS_ERR_X509_ALLOC_FAILED;
+        }
+
+        prev = crt;
+        mbedtls_x509_crt_init(crt->next);
+        crt = crt->next;
+    }
+
+    ret = x509_crt_parse_der_core(crt, buf, buflen, make_copy, cb, p_ctx);
+    if (ret != 0) {
+        if (prev) {
+            prev->next = NULL;
+        }
+
+        if (crt != chain) {
+            mbedtls_free(crt);
+        }
+
+        return ret;
+    }
+
+    return 0;
+}
+
+int mbedtls_x509_crt_parse_der_nocopy(mbedtls_x509_crt *chain,
+                                      const unsigned char *buf,
+                                      size_t buflen)
+{
+    return mbedtls_x509_crt_parse_der_internal(chain, buf, buflen, 0, NULL, NULL);
+}
+
+int mbedtls_x509_crt_parse_der_with_ext_cb(mbedtls_x509_crt *chain,
+                                           const unsigned char *buf,
+                                           size_t buflen,
+                                           int make_copy,
+                                           mbedtls_x509_crt_ext_cb_t cb,
+                                           void *p_ctx)
+{
+    return mbedtls_x509_crt_parse_der_internal(chain, buf, buflen, make_copy, cb, p_ctx);
+}
+
+int mbedtls_x509_crt_parse_der(mbedtls_x509_crt *chain,
+                               const unsigned char *buf,
+                               size_t buflen)
+{
+    return mbedtls_x509_crt_parse_der_internal(chain, buf, buflen, 1, NULL, NULL);
+}
+
+/*
+ * Parse one or more PEM certificates from a buffer and add them to the chained
+ * list
+ */
+int mbedtls_x509_crt_parse(mbedtls_x509_crt *chain,
+                           const unsigned char *buf,
+                           size_t buflen)
+{
+#if defined(MBEDTLS_PEM_PARSE_C)
+    int success = 0, first_error = 0, total_failed = 0;
+    int buf_format = MBEDTLS_X509_FORMAT_DER;
+#endif
+
+    /*
+     * Check for valid input
+     */
+    if (chain == NULL || buf == NULL) {
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+
+    /*
+     * Determine buffer content. Buffer contains either one DER certificate or
+     * one or more PEM certificates.
+     */
+#if defined(MBEDTLS_PEM_PARSE_C)
+    if (buflen != 0 && buf[buflen - 1] == '\0' &&
+        strstr((const char *) buf, "-----BEGIN CERTIFICATE-----") != NULL) {
+        buf_format = MBEDTLS_X509_FORMAT_PEM;
+    }
+
+    if (buf_format == MBEDTLS_X509_FORMAT_DER) {
+        return mbedtls_x509_crt_parse_der(chain, buf, buflen);
+    }
+#else
+    return mbedtls_x509_crt_parse_der(chain, buf, buflen);
+#endif
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+    if (buf_format == MBEDTLS_X509_FORMAT_PEM) {
+        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+        mbedtls_pem_context pem;
+
+        /* 1 rather than 0 since the terminating NULL byte is counted in */
+        while (buflen > 1) {
+            size_t use_len;
+            mbedtls_pem_init(&pem);
+
+            /* If we get there, we know the string is null-terminated */
+            ret = mbedtls_pem_read_buffer(&pem,
+                                          "-----BEGIN CERTIFICATE-----",
+                                          "-----END CERTIFICATE-----",
+                                          buf, NULL, 0, &use_len);
+
+            if (ret == 0) {
+                /*
+                 * Was PEM encoded
+                 */
+                buflen -= use_len;
+                buf += use_len;
+            } else if (ret == MBEDTLS_ERR_PEM_BAD_INPUT_DATA) {
+                return ret;
+            } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) {
+                mbedtls_pem_free(&pem);
+
+                /*
+                 * PEM header and footer were found
+                 */
+                buflen -= use_len;
+                buf += use_len;
+
+                if (first_error == 0) {
+                    first_error = ret;
+                }
+
+                total_failed++;
+                continue;
+            } else {
+                break;
+            }
+
+            ret = mbedtls_x509_crt_parse_der(chain, pem.buf, pem.buflen);
+
+            mbedtls_pem_free(&pem);
+
+            if (ret != 0) {
+                /*
+                 * Quit parsing on a memory error
+                 */
+                if (ret == MBEDTLS_ERR_X509_ALLOC_FAILED) {
+                    return ret;
+                }
+
+                if (first_error == 0) {
+                    first_error = ret;
+                }
+
+                total_failed++;
+                continue;
+            }
+
+            success = 1;
+        }
+    }
+
+    if (success) {
+        return total_failed;
+    } else if (first_error) {
+        return first_error;
+    } else {
+        return MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT;
+    }
+#endif /* MBEDTLS_PEM_PARSE_C */
+}
+
+#if defined(MBEDTLS_FS_IO)
+/*
+ * Load one or more certificates and add them to the chained list
+ */
+int mbedtls_x509_crt_parse_file(mbedtls_x509_crt *chain, const char *path)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t n;
+    unsigned char *buf;
+
+    if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) {
+        return ret;
+    }
+
+    ret = mbedtls_x509_crt_parse(chain, buf, n);
+
+    mbedtls_platform_zeroize(buf, n);
+    mbedtls_free(buf);
+
+    return ret;
+}
+
+int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path)
+{
+    int ret = 0;
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+    int w_ret;
+    WCHAR szDir[MAX_PATH];
+    char filename[MAX_PATH];
+    char *p;
+    size_t len = strlen(path);
+
+    WIN32_FIND_DATAW file_data;
+    HANDLE hFind;
+
+    if (len > MAX_PATH - 3) {
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+
+    memset(szDir, 0, sizeof(szDir));
+    memset(filename, 0, MAX_PATH);
+    memcpy(filename, path, len);
+    filename[len++] = '\\';
+    p = filename + len;
+    filename[len++] = '*';
+
+    w_ret = MultiByteToWideChar(CP_ACP, 0, filename, (int) len, szDir,
+                                MAX_PATH - 3);
+    if (w_ret == 0) {
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+
+    hFind = FindFirstFileW(szDir, &file_data);
+    if (hFind == INVALID_HANDLE_VALUE) {
+        return MBEDTLS_ERR_X509_FILE_IO_ERROR;
+    }
+
+    len = MAX_PATH - len;
+    do {
+        memset(p, 0, len);
+
+        if (file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
+            continue;
+        }
+
+        w_ret = WideCharToMultiByte(CP_ACP, 0, file_data.cFileName,
+                                    -1,
+                                    p, (int) len,
+                                    NULL, NULL);
+        if (w_ret == 0) {
+            ret = MBEDTLS_ERR_X509_FILE_IO_ERROR;
+            goto cleanup;
+        }
+
+        w_ret = mbedtls_x509_crt_parse_file(chain, filename);
+        if (w_ret < 0) {
+            ret++;
+        } else {
+            ret += w_ret;
+        }
+    } while (FindNextFileW(hFind, &file_data) != 0);
+
+    if (GetLastError() != ERROR_NO_MORE_FILES) {
+        ret = MBEDTLS_ERR_X509_FILE_IO_ERROR;
+    }
+
+cleanup:
+    FindClose(hFind);
+#else /* _WIN32 */
+    int t_ret;
+    int snp_ret;
+    struct stat sb;
+    struct dirent *entry;
+    char entry_name[MBEDTLS_X509_MAX_FILE_PATH_LEN];
+    DIR *dir = opendir(path);
+
+    if (dir == NULL) {
+        return MBEDTLS_ERR_X509_FILE_IO_ERROR;
+    }
+
+#if defined(MBEDTLS_THREADING_C)
+    if ((ret = mbedtls_mutex_lock(&mbedtls_threading_readdir_mutex)) != 0) {
+        closedir(dir);
+        return ret;
+    }
+#endif /* MBEDTLS_THREADING_C */
+
+    memset(&sb, 0, sizeof(sb));
+
+    while ((entry = readdir(dir)) != NULL) {
+        snp_ret = mbedtls_snprintf(entry_name, sizeof(entry_name),
+                                   "%s/%s", path, entry->d_name);
+
+        if (snp_ret < 0 || (size_t) snp_ret >= sizeof(entry_name)) {
+            ret = MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
+            goto cleanup;
+        } else if (stat(entry_name, &sb) == -1) {
+            if (errno == ENOENT) {
+                /* Broken symbolic link - ignore this entry.
+                    stat(2) will return this error for either (a) a dangling
+                    symlink or (b) a missing file.
+                    Given that we have just obtained the filename from readdir,
+                    assume that it does exist and therefore treat this as a
+                    dangling symlink. */
+                continue;
+            } else {
+                /* Some other file error; report the error. */
+                ret = MBEDTLS_ERR_X509_FILE_IO_ERROR;
+                goto cleanup;
+            }
+        }
+
+        if (!S_ISREG(sb.st_mode)) {
+            continue;
+        }
+
+        // Ignore parse errors
+        //
+        t_ret = mbedtls_x509_crt_parse_file(chain, entry_name);
+        if (t_ret < 0) {
+            ret++;
+        } else {
+            ret += t_ret;
+        }
+    }
+
+cleanup:
+    closedir(dir);
+
+#if defined(MBEDTLS_THREADING_C)
+    if (mbedtls_mutex_unlock(&mbedtls_threading_readdir_mutex) != 0) {
+        ret = MBEDTLS_ERR_THREADING_MUTEX_ERROR;
+    }
+#endif /* MBEDTLS_THREADING_C */
+
+#endif /* _WIN32 */
+
+    return ret;
+}
+#endif /* MBEDTLS_FS_IO */
+
+/*
+ * OtherName ::= SEQUENCE {
+ *      type-id    OBJECT IDENTIFIER,
+ *      value      [0] EXPLICIT ANY DEFINED BY type-id }
+ *
+ * HardwareModuleName ::= SEQUENCE {
+ *                           hwType OBJECT IDENTIFIER,
+ *                           hwSerialNum OCTET STRING }
+ *
+ * NOTE: we currently only parse and use otherName of type HwModuleName,
+ * as defined in RFC 4108.
+ */
+static int x509_get_other_name(const mbedtls_x509_buf *subject_alt_name,
+                               mbedtls_x509_san_other_name *other_name)
+{
+    int ret = 0;
+    size_t len;
+    unsigned char *p = subject_alt_name->p;
+    const unsigned char *end = p + subject_alt_name->len;
+    mbedtls_x509_buf cur_oid;
+
+    if ((subject_alt_name->tag &
+         (MBEDTLS_ASN1_TAG_CLASS_MASK | MBEDTLS_ASN1_TAG_VALUE_MASK)) !=
+        (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_OTHER_NAME)) {
+        /*
+         * The given subject alternative name is not of type "othername".
+         */
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_OID)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+    }
+
+    cur_oid.tag = MBEDTLS_ASN1_OID;
+    cur_oid.p = p;
+    cur_oid.len = len;
+
+    /*
+     * Only HwModuleName is currently supported.
+     */
+    if (MBEDTLS_OID_CMP(MBEDTLS_OID_ON_HW_MODULE_NAME, &cur_oid) != 0) {
+        return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE;
+    }
+    other_name->type_id = cur_oid;
+
+    p += len;
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC)) !=
+        0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+    }
+
+    if (end != p + len) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+    }
+
+    if (end != p + len) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OID)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+    }
+
+    other_name->value.hardware_module_name.oid.tag = MBEDTLS_ASN1_OID;
+    other_name->value.hardware_module_name.oid.p = p;
+    other_name->value.hardware_module_name.oid.len = len;
+
+    p += len;
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_OCTET_STRING)) != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+    }
+
+    other_name->value.hardware_module_name.val.tag = MBEDTLS_ASN1_OCTET_STRING;
+    other_name->value.hardware_module_name.val.p = p;
+    other_name->value.hardware_module_name.val.len = len;
+    p += len;
+    if (p != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+    return 0;
+}
+
+static int x509_info_subject_alt_name(char **buf, size_t *size,
+                                      const mbedtls_x509_sequence
+                                      *subject_alt_name,
+                                      const char *prefix)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t i;
+    size_t n = *size;
+    char *p = *buf;
+    const mbedtls_x509_sequence *cur = subject_alt_name;
+    mbedtls_x509_subject_alternative_name san;
+    int parse_ret;
+
+    while (cur != NULL) {
+        memset(&san, 0, sizeof(san));
+        parse_ret = mbedtls_x509_parse_subject_alt_name(&cur->buf, &san);
+        if (parse_ret != 0) {
+            if (parse_ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE) {
+                ret = mbedtls_snprintf(p, n, "\n%s    <unsupported>", prefix);
+                MBEDTLS_X509_SAFE_SNPRINTF;
+            } else {
+                ret = mbedtls_snprintf(p, n, "\n%s    <malformed>", prefix);
+                MBEDTLS_X509_SAFE_SNPRINTF;
+            }
+            cur = cur->next;
+            continue;
+        }
+
+        switch (san.type) {
+            /*
+             * otherName
+             */
+            case MBEDTLS_X509_SAN_OTHER_NAME:
+            {
+                mbedtls_x509_san_other_name *other_name = &san.san.other_name;
+
+                ret = mbedtls_snprintf(p, n, "\n%s    otherName :", prefix);
+                MBEDTLS_X509_SAFE_SNPRINTF;
+
+                if (MBEDTLS_OID_CMP(MBEDTLS_OID_ON_HW_MODULE_NAME,
+                                    &other_name->type_id) == 0) {
+                    ret = mbedtls_snprintf(p, n, "\n%s        hardware module name :", prefix);
+                    MBEDTLS_X509_SAFE_SNPRINTF;
+                    ret =
+                        mbedtls_snprintf(p, n, "\n%s            hardware type          : ", prefix);
+                    MBEDTLS_X509_SAFE_SNPRINTF;
+
+                    ret = mbedtls_oid_get_numeric_string(p,
+                                                         n,
+                                                         &other_name->value.hardware_module_name.oid);
+                    MBEDTLS_X509_SAFE_SNPRINTF;
+
+                    ret =
+                        mbedtls_snprintf(p, n, "\n%s            hardware serial number : ", prefix);
+                    MBEDTLS_X509_SAFE_SNPRINTF;
+
+                    for (i = 0; i < other_name->value.hardware_module_name.val.len; i++) {
+                        ret = mbedtls_snprintf(p,
+                                               n,
+                                               "%02X",
+                                               other_name->value.hardware_module_name.val.p[i]);
+                        MBEDTLS_X509_SAFE_SNPRINTF;
+                    }
+                }/* MBEDTLS_OID_ON_HW_MODULE_NAME */
+            }
+            break;
+
+            /*
+             * dNSName
+             */
+            case MBEDTLS_X509_SAN_DNS_NAME:
+            {
+                ret = mbedtls_snprintf(p, n, "\n%s    dNSName : ", prefix);
+                MBEDTLS_X509_SAFE_SNPRINTF;
+                if (san.san.unstructured_name.len >= n) {
+                    *p = '\0';
+                    return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
+                }
+
+                memcpy(p, san.san.unstructured_name.p, san.san.unstructured_name.len);
+                p += san.san.unstructured_name.len;
+                n -= san.san.unstructured_name.len;
+            }
+            break;
+
+            /*
+             * Type not supported, skip item.
+             */
+            default:
+                ret = mbedtls_snprintf(p, n, "\n%s    <unsupported>", prefix);
+                MBEDTLS_X509_SAFE_SNPRINTF;
+                break;
+        }
+
+        cur = cur->next;
+    }
+
+    *p = '\0';
+
+    *size = n;
+    *buf = p;
+
+    return 0;
+}
+
+int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf,
+                                        mbedtls_x509_subject_alternative_name *san)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    switch (san_buf->tag &
+            (MBEDTLS_ASN1_TAG_CLASS_MASK |
+             MBEDTLS_ASN1_TAG_VALUE_MASK)) {
+        /*
+         * otherName
+         */
+        case (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_OTHER_NAME):
+        {
+            mbedtls_x509_san_other_name other_name;
+
+            ret = x509_get_other_name(san_buf, &other_name);
+            if (ret != 0) {
+                return ret;
+            }
+
+            memset(san, 0, sizeof(mbedtls_x509_subject_alternative_name));
+            san->type = MBEDTLS_X509_SAN_OTHER_NAME;
+            memcpy(&san->san.other_name,
+                   &other_name, sizeof(other_name));
+
+        }
+        break;
+
+        /*
+         * dNSName
+         */
+        case (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_DNS_NAME):
+        {
+            memset(san, 0, sizeof(mbedtls_x509_subject_alternative_name));
+            san->type = MBEDTLS_X509_SAN_DNS_NAME;
+
+            memcpy(&san->san.unstructured_name,
+                   san_buf, sizeof(*san_buf));
+
+        }
+        break;
+
+        /*
+         * Type not supported
+         */
+        default:
+            return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE;
+    }
+    return 0;
+}
+
+#define PRINT_ITEM(i)                              \
+    do {                                           \
+        ret = mbedtls_snprintf(p, n, "%s" i, sep); \
+        MBEDTLS_X509_SAFE_SNPRINTF;                \
+        sep = ", ";                                \
+    } while (0)
+
+#define CERT_TYPE(type, name)                      \
+    do {                                           \
+        if (ns_cert_type & (type)) {               \
+            PRINT_ITEM(name);                      \
+        }                                          \
+    } while (0)
+
+static int x509_info_cert_type(char **buf, size_t *size,
+                               unsigned char ns_cert_type)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t n = *size;
+    char *p = *buf;
+    const char *sep = "";
+
+    CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT,         "SSL Client");
+    CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER,         "SSL Server");
+    CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_EMAIL,              "Email");
+    CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING,     "Object Signing");
+    CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_RESERVED,           "Reserved");
+    CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_SSL_CA,             "SSL CA");
+    CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA,           "Email CA");
+    CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA,  "Object Signing CA");
+
+    *size = n;
+    *buf = p;
+
+    return 0;
+}
+
+#define KEY_USAGE(code, name)                      \
+    do {                                           \
+        if (key_usage & (code)) {                  \
+            PRINT_ITEM(name);                      \
+        }                                          \
+    } while (0)
+
+static int x509_info_key_usage(char **buf, size_t *size,
+                               unsigned int key_usage)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t n = *size;
+    char *p = *buf;
+    const char *sep = "";
+
+    KEY_USAGE(MBEDTLS_X509_KU_DIGITAL_SIGNATURE,    "Digital Signature");
+    KEY_USAGE(MBEDTLS_X509_KU_NON_REPUDIATION,      "Non Repudiation");
+    KEY_USAGE(MBEDTLS_X509_KU_KEY_ENCIPHERMENT,     "Key Encipherment");
+    KEY_USAGE(MBEDTLS_X509_KU_DATA_ENCIPHERMENT,    "Data Encipherment");
+    KEY_USAGE(MBEDTLS_X509_KU_KEY_AGREEMENT,        "Key Agreement");
+    KEY_USAGE(MBEDTLS_X509_KU_KEY_CERT_SIGN,        "Key Cert Sign");
+    KEY_USAGE(MBEDTLS_X509_KU_CRL_SIGN,             "CRL Sign");
+    KEY_USAGE(MBEDTLS_X509_KU_ENCIPHER_ONLY,        "Encipher Only");
+    KEY_USAGE(MBEDTLS_X509_KU_DECIPHER_ONLY,        "Decipher Only");
+
+    *size = n;
+    *buf = p;
+
+    return 0;
+}
+
+static int x509_info_ext_key_usage(char **buf, size_t *size,
+                                   const mbedtls_x509_sequence *extended_key_usage)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const char *desc;
+    size_t n = *size;
+    char *p = *buf;
+    const mbedtls_x509_sequence *cur = extended_key_usage;
+    const char *sep = "";
+
+    while (cur != NULL) {
+        if (mbedtls_oid_get_extended_key_usage(&cur->buf, &desc) != 0) {
+            desc = "???";
+        }
+
+        ret = mbedtls_snprintf(p, n, "%s%s", sep, desc);
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        sep = ", ";
+
+        cur = cur->next;
+    }
+
+    *size = n;
+    *buf = p;
+
+    return 0;
+}
+
+static int x509_info_cert_policies(char **buf, size_t *size,
+                                   const mbedtls_x509_sequence *certificate_policies)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const char *desc;
+    size_t n = *size;
+    char *p = *buf;
+    const mbedtls_x509_sequence *cur = certificate_policies;
+    const char *sep = "";
+
+    while (cur != NULL) {
+        if (mbedtls_oid_get_certificate_policies(&cur->buf, &desc) != 0) {
+            desc = "???";
+        }
+
+        ret = mbedtls_snprintf(p, n, "%s%s", sep, desc);
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        sep = ", ";
+
+        cur = cur->next;
+    }
+
+    *size = n;
+    *buf = p;
+
+    return 0;
+}
+
+/*
+ * Return an informational string about the certificate.
+ */
+#define BEFORE_COLON    18
+#define BC              "18"
+int mbedtls_x509_crt_info(char *buf, size_t size, const char *prefix,
+                          const mbedtls_x509_crt *crt)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t n;
+    char *p;
+    char key_size_str[BEFORE_COLON];
+
+    p = buf;
+    n = size;
+
+    if (NULL == crt) {
+        ret = mbedtls_snprintf(p, n, "\nCertificate is uninitialised!\n");
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        return (int) (size - n);
+    }
+
+    ret = mbedtls_snprintf(p, n, "%scert. version     : %d\n",
+                           prefix, crt->version);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+    ret = mbedtls_snprintf(p, n, "%sserial number     : ",
+                           prefix);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_x509_serial_gets(p, n, &crt->serial);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf(p, n, "\n%sissuer name       : ", prefix);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+    ret = mbedtls_x509_dn_gets(p, n, &crt->issuer);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf(p, n, "\n%ssubject name      : ", prefix);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+    ret = mbedtls_x509_dn_gets(p, n, &crt->subject);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf(p, n, "\n%sissued  on        : " \
+                                 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
+                           crt->valid_from.year, crt->valid_from.mon,
+                           crt->valid_from.day,  crt->valid_from.hour,
+                           crt->valid_from.min,  crt->valid_from.sec);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf(p, n, "\n%sexpires on        : " \
+                                 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
+                           crt->valid_to.year, crt->valid_to.mon,
+                           crt->valid_to.day,  crt->valid_to.hour,
+                           crt->valid_to.min,  crt->valid_to.sec);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf(p, n, "\n%ssigned using      : ", prefix);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_x509_sig_alg_gets(p, n, &crt->sig_oid, crt->sig_pk,
+                                    crt->sig_md, crt->sig_opts);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    /* Key size */
+    if ((ret = mbedtls_x509_key_size_helper(key_size_str, BEFORE_COLON,
+                                            mbedtls_pk_get_name(&crt->pk))) != 0) {
+        return ret;
+    }
+
+    ret = mbedtls_snprintf(p, n, "\n%s%-" BC "s: %d bits", prefix, key_size_str,
+                           (int) mbedtls_pk_get_bitlen(&crt->pk));
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    /*
+     * Optional extensions
+     */
+
+    if (crt->ext_types & MBEDTLS_X509_EXT_BASIC_CONSTRAINTS) {
+        ret = mbedtls_snprintf(p, n, "\n%sbasic constraints : CA=%s", prefix,
+                               crt->ca_istrue ? "true" : "false");
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        if (crt->max_pathlen > 0) {
+            ret = mbedtls_snprintf(p, n, ", max_pathlen=%d", crt->max_pathlen - 1);
+            MBEDTLS_X509_SAFE_SNPRINTF;
+        }
+    }
+
+    if (crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) {
+        ret = mbedtls_snprintf(p, n, "\n%ssubject alt name  :", prefix);
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        if ((ret = x509_info_subject_alt_name(&p, &n,
+                                              &crt->subject_alt_names,
+                                              prefix)) != 0) {
+            return ret;
+        }
+    }
+
+    if (crt->ext_types & MBEDTLS_X509_EXT_NS_CERT_TYPE) {
+        ret = mbedtls_snprintf(p, n, "\n%scert. type        : ", prefix);
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        if ((ret = x509_info_cert_type(&p, &n, crt->ns_cert_type)) != 0) {
+            return ret;
+        }
+    }
+
+    if (crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE) {
+        ret = mbedtls_snprintf(p, n, "\n%skey usage         : ", prefix);
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        if ((ret = x509_info_key_usage(&p, &n, crt->key_usage)) != 0) {
+            return ret;
+        }
+    }
+
+    if (crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE) {
+        ret = mbedtls_snprintf(p, n, "\n%sext key usage     : ", prefix);
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        if ((ret = x509_info_ext_key_usage(&p, &n,
+                                           &crt->ext_key_usage)) != 0) {
+            return ret;
+        }
+    }
+
+    if (crt->ext_types & MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES) {
+        ret = mbedtls_snprintf(p, n, "\n%scertificate policies : ", prefix);
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        if ((ret = x509_info_cert_policies(&p, &n,
+                                           &crt->certificate_policies)) != 0) {
+            return ret;
+        }
+    }
+
+    ret = mbedtls_snprintf(p, n, "\n");
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    return (int) (size - n);
+}
+
+struct x509_crt_verify_string {
+    int code;
+    const char *string;
+};
+
+static const struct x509_crt_verify_string x509_crt_verify_strings[] = {
+    { MBEDTLS_X509_BADCERT_EXPIRED,       "The certificate validity has expired" },
+    { MBEDTLS_X509_BADCERT_REVOKED,       "The certificate has been revoked (is on a CRL)" },
+    { MBEDTLS_X509_BADCERT_CN_MISMATCH,
+      "The certificate Common Name (CN) does not match with the expected CN" },
+    { MBEDTLS_X509_BADCERT_NOT_TRUSTED,
+      "The certificate is not correctly signed by the trusted CA" },
+    { MBEDTLS_X509_BADCRL_NOT_TRUSTED,    "The CRL is not correctly signed by the trusted CA" },
+    { MBEDTLS_X509_BADCRL_EXPIRED,        "The CRL is expired" },
+    { MBEDTLS_X509_BADCERT_MISSING,       "Certificate was missing" },
+    { MBEDTLS_X509_BADCERT_SKIP_VERIFY,   "Certificate verification was skipped" },
+    { MBEDTLS_X509_BADCERT_OTHER,         "Other reason (can be used by verify callback)" },
+    { MBEDTLS_X509_BADCERT_FUTURE,        "The certificate validity starts in the future" },
+    { MBEDTLS_X509_BADCRL_FUTURE,         "The CRL is from the future" },
+    { MBEDTLS_X509_BADCERT_KEY_USAGE,     "Usage does not match the keyUsage extension" },
+    { MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, "Usage does not match the extendedKeyUsage extension" },
+    { MBEDTLS_X509_BADCERT_NS_CERT_TYPE,  "Usage does not match the nsCertType extension" },
+    { MBEDTLS_X509_BADCERT_BAD_MD,        "The certificate is signed with an unacceptable hash." },
+    { MBEDTLS_X509_BADCERT_BAD_PK,
+      "The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA)." },
+    { MBEDTLS_X509_BADCERT_BAD_KEY,
+      "The certificate is signed with an unacceptable key (eg bad curve, RSA too short)." },
+    { MBEDTLS_X509_BADCRL_BAD_MD,         "The CRL is signed with an unacceptable hash." },
+    { MBEDTLS_X509_BADCRL_BAD_PK,
+      "The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA)." },
+    { MBEDTLS_X509_BADCRL_BAD_KEY,
+      "The CRL is signed with an unacceptable key (eg bad curve, RSA too short)." },
+    { 0, NULL }
+};
+
+int mbedtls_x509_crt_verify_info(char *buf, size_t size, const char *prefix,
+                                 uint32_t flags)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const struct x509_crt_verify_string *cur;
+    char *p = buf;
+    size_t n = size;
+
+    for (cur = x509_crt_verify_strings; cur->string != NULL; cur++) {
+        if ((flags & cur->code) == 0) {
+            continue;
+        }
+
+        ret = mbedtls_snprintf(p, n, "%s%s\n", prefix, cur->string);
+        MBEDTLS_X509_SAFE_SNPRINTF;
+        flags ^= cur->code;
+    }
+
+    if (flags != 0) {
+        ret = mbedtls_snprintf(p, n, "%sUnknown reason "
+                                     "(this should not happen)\n", prefix);
+        MBEDTLS_X509_SAFE_SNPRINTF;
+    }
+
+    return (int) (size - n);
+}
+
+#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
+int mbedtls_x509_crt_check_key_usage(const mbedtls_x509_crt *crt,
+                                     unsigned int usage)
+{
+    unsigned int usage_must, usage_may;
+    unsigned int may_mask = MBEDTLS_X509_KU_ENCIPHER_ONLY
+                            | MBEDTLS_X509_KU_DECIPHER_ONLY;
+
+    if ((crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE) == 0) {
+        return 0;
+    }
+
+    usage_must = usage & ~may_mask;
+
+    if (((crt->key_usage & ~may_mask) & usage_must) != usage_must) {
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+
+    usage_may = usage & may_mask;
+
+    if (((crt->key_usage & may_mask) | usage_may) != usage_may) {
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+
+    return 0;
+}
+#endif
+
+#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
+int mbedtls_x509_crt_check_extended_key_usage(const mbedtls_x509_crt *crt,
+                                              const char *usage_oid,
+                                              size_t usage_len)
+{
+    const mbedtls_x509_sequence *cur;
+
+    /* Extension is not mandatory, absent means no restriction */
+    if ((crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE) == 0) {
+        return 0;
+    }
+
+    /*
+     * Look for the requested usage (or wildcard ANY) in our list
+     */
+    for (cur = &crt->ext_key_usage; cur != NULL; cur = cur->next) {
+        const mbedtls_x509_buf *cur_oid = &cur->buf;
+
+        if (cur_oid->len == usage_len &&
+            memcmp(cur_oid->p, usage_oid, usage_len) == 0) {
+            return 0;
+        }
+
+        if (MBEDTLS_OID_CMP(MBEDTLS_OID_ANY_EXTENDED_KEY_USAGE, cur_oid) == 0) {
+            return 0;
+        }
+    }
+
+    return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+}
+#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
+
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
+/*
+ * Return 1 if the certificate is revoked, or 0 otherwise.
+ */
+int mbedtls_x509_crt_is_revoked(const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl)
+{
+    const mbedtls_x509_crl_entry *cur = &crl->entry;
+
+    while (cur != NULL && cur->serial.len != 0) {
+        if (crt->serial.len == cur->serial.len &&
+            memcmp(crt->serial.p, cur->serial.p, crt->serial.len) == 0) {
+            return 1;
+        }
+
+        cur = cur->next;
+    }
+
+    return 0;
+}
+
+/*
+ * Check that the given certificate is not revoked according to the CRL.
+ * Skip validation if no CRL for the given CA is present.
+ */
+static int x509_crt_verifycrl(mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
+                              mbedtls_x509_crl *crl_list,
+                              const mbedtls_x509_crt_profile *profile)
+{
+    int flags = 0;
+    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+    const mbedtls_md_info_t *md_info;
+
+    if (ca == NULL) {
+        return flags;
+    }
+
+    while (crl_list != NULL) {
+        if (crl_list->version == 0 ||
+            x509_name_cmp(&crl_list->issuer, &ca->subject) != 0) {
+            crl_list = crl_list->next;
+            continue;
+        }
+
+        /*
+         * Check if the CA is configured to sign CRLs
+         */
+#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
+        if (mbedtls_x509_crt_check_key_usage(ca,
+                                             MBEDTLS_X509_KU_CRL_SIGN) != 0) {
+            flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED;
+            break;
+        }
+#endif
+
+        /*
+         * Check if CRL is correctly signed by the trusted CA
+         */
+        if (x509_profile_check_md_alg(profile, crl_list->sig_md) != 0) {
+            flags |= MBEDTLS_X509_BADCRL_BAD_MD;
+        }
+
+        if (x509_profile_check_pk_alg(profile, crl_list->sig_pk) != 0) {
+            flags |= MBEDTLS_X509_BADCRL_BAD_PK;
+        }
+
+        md_info = mbedtls_md_info_from_type(crl_list->sig_md);
+        if (mbedtls_md(md_info, crl_list->tbs.p, crl_list->tbs.len, hash) != 0) {
+            /* Note: this can't happen except after an internal error */
+            flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED;
+            break;
+        }
+
+        if (x509_profile_check_key(profile, &ca->pk) != 0) {
+            flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
+        }
+
+        if (mbedtls_pk_verify_ext(crl_list->sig_pk, crl_list->sig_opts, &ca->pk,
+                                  crl_list->sig_md, hash, mbedtls_md_get_size(md_info),
+                                  crl_list->sig.p, crl_list->sig.len) != 0) {
+            flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED;
+            break;
+        }
+
+        /*
+         * Check for validity of CRL (Do not drop out)
+         */
+        if (mbedtls_x509_time_is_past(&crl_list->next_update)) {
+            flags |= MBEDTLS_X509_BADCRL_EXPIRED;
+        }
+
+        if (mbedtls_x509_time_is_future(&crl_list->this_update)) {
+            flags |= MBEDTLS_X509_BADCRL_FUTURE;
+        }
+
+        /*
+         * Check if certificate is revoked
+         */
+        if (mbedtls_x509_crt_is_revoked(crt, crl_list)) {
+            flags |= MBEDTLS_X509_BADCERT_REVOKED;
+            break;
+        }
+
+        crl_list = crl_list->next;
+    }
+
+    return flags;
+}
+#endif /* MBEDTLS_X509_CRL_PARSE_C */
+
+/*
+ * Check the signature of a certificate by its parent
+ */
+static int x509_crt_check_signature(const mbedtls_x509_crt *child,
+                                    mbedtls_x509_crt *parent,
+                                    mbedtls_x509_crt_restart_ctx *rs_ctx)
+{
+    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+    size_t hash_len;
+#if !defined(MBEDTLS_USE_PSA_CRYPTO)
+    const mbedtls_md_info_t *md_info;
+    md_info = mbedtls_md_info_from_type(child->sig_md);
+    hash_len = mbedtls_md_get_size(md_info);
+
+    /* Note: hash errors can happen only after an internal error */
+    if (mbedtls_md(md_info, child->tbs.p, child->tbs.len, hash) != 0) {
+        return -1;
+    }
+#else
+    psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT;
+    psa_algorithm_t hash_alg = mbedtls_psa_translate_md(child->sig_md);
+
+    if (psa_hash_setup(&hash_operation, hash_alg) != PSA_SUCCESS) {
+        return -1;
+    }
+
+    if (psa_hash_update(&hash_operation, child->tbs.p, child->tbs.len)
+        != PSA_SUCCESS) {
+        return -1;
+    }
+
+    if (psa_hash_finish(&hash_operation, hash, sizeof(hash), &hash_len)
+        != PSA_SUCCESS) {
+        return -1;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    /* Skip expensive computation on obvious mismatch */
+    if (!mbedtls_pk_can_do(&parent->pk, child->sig_pk)) {
+        return -1;
+    }
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && child->sig_pk == MBEDTLS_PK_ECDSA) {
+        return mbedtls_pk_verify_restartable(&parent->pk,
+                                             child->sig_md, hash, hash_len,
+                                             child->sig.p, child->sig.len, &rs_ctx->pk);
+    }
+#else
+    (void) rs_ctx;
+#endif
+
+    return mbedtls_pk_verify_ext(child->sig_pk, child->sig_opts, &parent->pk,
+                                 child->sig_md, hash, hash_len,
+                                 child->sig.p, child->sig.len);
+}
+
+/*
+ * Check if 'parent' is a suitable parent (signing CA) for 'child'.
+ * Return 0 if yes, -1 if not.
+ *
+ * top means parent is a locally-trusted certificate
+ */
+static int x509_crt_check_parent(const mbedtls_x509_crt *child,
+                                 const mbedtls_x509_crt *parent,
+                                 int top)
+{
+    int need_ca_bit;
+
+    /* Parent must be the issuer */
+    if (x509_name_cmp(&child->issuer, &parent->subject) != 0) {
+        return -1;
+    }
+
+    /* Parent must have the basicConstraints CA bit set as a general rule */
+    need_ca_bit = 1;
+
+    /* Exception: v1/v2 certificates that are locally trusted. */
+    if (top && parent->version < 3) {
+        need_ca_bit = 0;
+    }
+
+    if (need_ca_bit && !parent->ca_istrue) {
+        return -1;
+    }
+
+#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
+    if (need_ca_bit &&
+        mbedtls_x509_crt_check_key_usage(parent, MBEDTLS_X509_KU_KEY_CERT_SIGN) != 0) {
+        return -1;
+    }
+#endif
+
+    return 0;
+}
+
+/*
+ * Find a suitable parent for child in candidates, or return NULL.
+ *
+ * Here suitable is defined as:
+ *  1. subject name matches child's issuer
+ *  2. if necessary, the CA bit is set and key usage allows signing certs
+ *  3. for trusted roots, the signature is correct
+ *     (for intermediates, the signature is checked and the result reported)
+ *  4. pathlen constraints are satisfied
+ *
+ * If there's a suitable candidate which is also time-valid, return the first
+ * such. Otherwise, return the first suitable candidate (or NULL if there is
+ * none).
+ *
+ * The rationale for this rule is that someone could have a list of trusted
+ * roots with two versions on the same root with different validity periods.
+ * (At least one user reported having such a list and wanted it to just work.)
+ * The reason we don't just require time-validity is that generally there is
+ * only one version, and if it's expired we want the flags to state that
+ * rather than NOT_TRUSTED, as would be the case if we required it here.
+ *
+ * The rationale for rule 3 (signature for trusted roots) is that users might
+ * have two versions of the same CA with different keys in their list, and the
+ * way we select the correct one is by checking the signature (as we don't
+ * rely on key identifier extensions). (This is one way users might choose to
+ * handle key rollover, another relies on self-issued certs, see [SIRO].)
+ *
+ * Arguments:
+ *  - [in] child: certificate for which we're looking for a parent
+ *  - [in] candidates: chained list of potential parents
+ *  - [out] r_parent: parent found (or NULL)
+ *  - [out] r_signature_is_good: 1 if child signature by parent is valid, or 0
+ *  - [in] top: 1 if candidates consists of trusted roots, ie we're at the top
+ *         of the chain, 0 otherwise
+ *  - [in] path_cnt: number of intermediates seen so far
+ *  - [in] self_cnt: number of self-signed intermediates seen so far
+ *         (will never be greater than path_cnt)
+ *  - [in-out] rs_ctx: context for restarting operations
+ *
+ * Return value:
+ *  - 0 on success
+ *  - MBEDTLS_ERR_ECP_IN_PROGRESS otherwise
+ */
+static int x509_crt_find_parent_in(
+    mbedtls_x509_crt *child,
+    mbedtls_x509_crt *candidates,
+    mbedtls_x509_crt **r_parent,
+    int *r_signature_is_good,
+    int top,
+    unsigned path_cnt,
+    unsigned self_cnt,
+    mbedtls_x509_crt_restart_ctx *rs_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_x509_crt *parent, *fallback_parent;
+    int signature_is_good = 0, fallback_signature_is_good;
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    /* did we have something in progress? */
+    if (rs_ctx != NULL && rs_ctx->parent != NULL) {
+        /* restore saved state */
+        parent = rs_ctx->parent;
+        fallback_parent = rs_ctx->fallback_parent;
+        fallback_signature_is_good = rs_ctx->fallback_signature_is_good;
+
+        /* clear saved state */
+        rs_ctx->parent = NULL;
+        rs_ctx->fallback_parent = NULL;
+        rs_ctx->fallback_signature_is_good = 0;
+
+        /* resume where we left */
+        goto check_signature;
+    }
+#endif
+
+    fallback_parent = NULL;
+    fallback_signature_is_good = 0;
+
+    for (parent = candidates; parent != NULL; parent = parent->next) {
+        /* basic parenting skills (name, CA bit, key usage) */
+        if (x509_crt_check_parent(child, parent, top) != 0) {
+            continue;
+        }
+
+        /* +1 because stored max_pathlen is 1 higher that the actual value */
+        if (parent->max_pathlen > 0 &&
+            (size_t) parent->max_pathlen < 1 + path_cnt - self_cnt) {
+            continue;
+        }
+
+        /* Signature */
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+check_signature:
+#endif
+        ret = x509_crt_check_signature(child, parent, rs_ctx);
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+        if (rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS) {
+            /* save state */
+            rs_ctx->parent = parent;
+            rs_ctx->fallback_parent = fallback_parent;
+            rs_ctx->fallback_signature_is_good = fallback_signature_is_good;
+
+            return ret;
+        }
+#else
+        (void) ret;
+#endif
+
+        signature_is_good = ret == 0;
+        if (top && !signature_is_good) {
+            continue;
+        }
+
+        /* optional time check */
+        if (mbedtls_x509_time_is_past(&parent->valid_to) ||
+            mbedtls_x509_time_is_future(&parent->valid_from)) {
+            if (fallback_parent == NULL) {
+                fallback_parent = parent;
+                fallback_signature_is_good = signature_is_good;
+            }
+
+            continue;
+        }
+
+        *r_parent = parent;
+        *r_signature_is_good = signature_is_good;
+
+        break;
+    }
+
+    if (parent == NULL) {
+        *r_parent = fallback_parent;
+        *r_signature_is_good = fallback_signature_is_good;
+    }
+
+    return 0;
+}
+
+/*
+ * Find a parent in trusted CAs or the provided chain, or return NULL.
+ *
+ * Searches in trusted CAs first, and return the first suitable parent found
+ * (see find_parent_in() for definition of suitable).
+ *
+ * Arguments:
+ *  - [in] child: certificate for which we're looking for a parent, followed
+ *         by a chain of possible intermediates
+ *  - [in] trust_ca: list of locally trusted certificates
+ *  - [out] parent: parent found (or NULL)
+ *  - [out] parent_is_trusted: 1 if returned `parent` is trusted, or 0
+ *  - [out] signature_is_good: 1 if child signature by parent is valid, or 0
+ *  - [in] path_cnt: number of links in the chain so far (EE -> ... -> child)
+ *  - [in] self_cnt: number of self-signed certs in the chain so far
+ *         (will always be no greater than path_cnt)
+ *  - [in-out] rs_ctx: context for restarting operations
+ *
+ * Return value:
+ *  - 0 on success
+ *  - MBEDTLS_ERR_ECP_IN_PROGRESS otherwise
+ */
+static int x509_crt_find_parent(
+    mbedtls_x509_crt *child,
+    mbedtls_x509_crt *trust_ca,
+    mbedtls_x509_crt **parent,
+    int *parent_is_trusted,
+    int *signature_is_good,
+    unsigned path_cnt,
+    unsigned self_cnt,
+    mbedtls_x509_crt_restart_ctx *rs_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_x509_crt *search_list;
+
+    *parent_is_trusted = 1;
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    /* restore then clear saved state if we have some stored */
+    if (rs_ctx != NULL && rs_ctx->parent_is_trusted != -1) {
+        *parent_is_trusted = rs_ctx->parent_is_trusted;
+        rs_ctx->parent_is_trusted = -1;
+    }
+#endif
+
+    while (1) {
+        search_list = *parent_is_trusted ? trust_ca : child->next;
+
+        ret = x509_crt_find_parent_in(child, search_list,
+                                      parent, signature_is_good,
+                                      *parent_is_trusted,
+                                      path_cnt, self_cnt, rs_ctx);
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+        if (rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS) {
+            /* save state */
+            rs_ctx->parent_is_trusted = *parent_is_trusted;
+            return ret;
+        }
+#else
+        (void) ret;
+#endif
+
+        /* stop here if found or already in second iteration */
+        if (*parent != NULL || *parent_is_trusted == 0) {
+            break;
+        }
+
+        /* prepare second iteration */
+        *parent_is_trusted = 0;
+    }
+
+    /* extra precaution against mistakes in the caller */
+    if (*parent == NULL) {
+        *parent_is_trusted = 0;
+        *signature_is_good = 0;
+    }
+
+    return 0;
+}
+
+/*
+ * Check if an end-entity certificate is locally trusted
+ *
+ * Currently we require such certificates to be self-signed (actually only
+ * check for self-issued as self-signatures are not checked)
+ */
+static int x509_crt_check_ee_locally_trusted(
+    mbedtls_x509_crt *crt,
+    mbedtls_x509_crt *trust_ca)
+{
+    mbedtls_x509_crt *cur;
+
+    /* must be self-issued */
+    if (x509_name_cmp(&crt->issuer, &crt->subject) != 0) {
+        return -1;
+    }
+
+    /* look for an exact match with trusted cert */
+    for (cur = trust_ca; cur != NULL; cur = cur->next) {
+        if (crt->raw.len == cur->raw.len &&
+            memcmp(crt->raw.p, cur->raw.p, crt->raw.len) == 0) {
+            return 0;
+        }
+    }
+
+    /* too bad */
+    return -1;
+}
+
+/*
+ * Build and verify a certificate chain
+ *
+ * Given a peer-provided list of certificates EE, C1, ..., Cn and
+ * a list of trusted certs R1, ... Rp, try to build and verify a chain
+ *      EE, Ci1, ... Ciq [, Rj]
+ * such that every cert in the chain is a child of the next one,
+ * jumping to a trusted root as early as possible.
+ *
+ * Verify that chain and return it with flags for all issues found.
+ *
+ * Special cases:
+ * - EE == Rj -> return a one-element list containing it
+ * - EE, Ci1, ..., Ciq cannot be continued with a trusted root
+ *   -> return that chain with NOT_TRUSTED set on Ciq
+ *
+ * Tests for (aspects of) this function should include at least:
+ * - trusted EE
+ * - EE -> trusted root
+ * - EE -> intermediate CA -> trusted root
+ * - if relevant: EE untrusted
+ * - if relevant: EE -> intermediate, untrusted
+ * with the aspect under test checked at each relevant level (EE, int, root).
+ * For some aspects longer chains are required, but usually length 2 is
+ * enough (but length 1 is not in general).
+ *
+ * Arguments:
+ *  - [in] crt: the cert list EE, C1, ..., Cn
+ *  - [in] trust_ca: the trusted list R1, ..., Rp
+ *  - [in] ca_crl, profile: as in verify_with_profile()
+ *  - [out] ver_chain: the built and verified chain
+ *      Only valid when return value is 0, may contain garbage otherwise!
+ *      Restart note: need not be the same when calling again to resume.
+ *  - [in-out] rs_ctx: context for restarting operations
+ *
+ * Return value:
+ *  - non-zero if the chain could not be fully built and examined
+ *  - 0 is the chain was successfully built and examined,
+ *      even if it was found to be invalid
+ */
+static int x509_crt_verify_chain(
+    mbedtls_x509_crt *crt,
+    mbedtls_x509_crt *trust_ca,
+    mbedtls_x509_crl *ca_crl,
+    mbedtls_x509_crt_ca_cb_t f_ca_cb,
+    void *p_ca_cb,
+    const mbedtls_x509_crt_profile *profile,
+    mbedtls_x509_crt_verify_chain *ver_chain,
+    mbedtls_x509_crt_restart_ctx *rs_ctx)
+{
+    /* Don't initialize any of those variables here, so that the compiler can
+     * catch potential issues with jumping ahead when restarting */
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    uint32_t *flags;
+    mbedtls_x509_crt_verify_chain_item *cur;
+    mbedtls_x509_crt *child;
+    mbedtls_x509_crt *parent;
+    int parent_is_trusted;
+    int child_is_trusted;
+    int signature_is_good;
+    unsigned self_cnt;
+    mbedtls_x509_crt *cur_trust_ca = NULL;
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    /* resume if we had an operation in progress */
+    if (rs_ctx != NULL && rs_ctx->in_progress == x509_crt_rs_find_parent) {
+        /* restore saved state */
+        *ver_chain = rs_ctx->ver_chain; /* struct copy */
+        self_cnt = rs_ctx->self_cnt;
+
+        /* restore derived state */
+        cur = &ver_chain->items[ver_chain->len - 1];
+        child = cur->crt;
+        flags = &cur->flags;
+
+        goto find_parent;
+    }
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
+    child = crt;
+    self_cnt = 0;
+    parent_is_trusted = 0;
+    child_is_trusted = 0;
+
+    while (1) {
+        /* Add certificate to the verification chain */
+        cur = &ver_chain->items[ver_chain->len];
+        cur->crt = child;
+        cur->flags = 0;
+        ver_chain->len++;
+        flags = &cur->flags;
+
+        /* Check time-validity (all certificates) */
+        if (mbedtls_x509_time_is_past(&child->valid_to)) {
+            *flags |= MBEDTLS_X509_BADCERT_EXPIRED;
+        }
+
+        if (mbedtls_x509_time_is_future(&child->valid_from)) {
+            *flags |= MBEDTLS_X509_BADCERT_FUTURE;
+        }
+
+        /* Stop here for trusted roots (but not for trusted EE certs) */
+        if (child_is_trusted) {
+            return 0;
+        }
+
+        /* Check signature algorithm: MD & PK algs */
+        if (x509_profile_check_md_alg(profile, child->sig_md) != 0) {
+            *flags |= MBEDTLS_X509_BADCERT_BAD_MD;
+        }
+
+        if (x509_profile_check_pk_alg(profile, child->sig_pk) != 0) {
+            *flags |= MBEDTLS_X509_BADCERT_BAD_PK;
+        }
+
+        /* Special case: EE certs that are locally trusted */
+        if (ver_chain->len == 1 &&
+            x509_crt_check_ee_locally_trusted(child, trust_ca) == 0) {
+            return 0;
+        }
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+find_parent:
+#endif
+
+        /* Obtain list of potential trusted signers from CA callback,
+         * or use statically provided list. */
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+        if (f_ca_cb != NULL) {
+            mbedtls_x509_crt_free(ver_chain->trust_ca_cb_result);
+            mbedtls_free(ver_chain->trust_ca_cb_result);
+            ver_chain->trust_ca_cb_result = NULL;
+
+            ret = f_ca_cb(p_ca_cb, child, &ver_chain->trust_ca_cb_result);
+            if (ret != 0) {
+                return MBEDTLS_ERR_X509_FATAL_ERROR;
+            }
+
+            cur_trust_ca = ver_chain->trust_ca_cb_result;
+        } else
+#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+        {
+            ((void) f_ca_cb);
+            ((void) p_ca_cb);
+            cur_trust_ca = trust_ca;
+        }
+
+        /* Look for a parent in trusted CAs or up the chain */
+        ret = x509_crt_find_parent(child, cur_trust_ca, &parent,
+                                   &parent_is_trusted, &signature_is_good,
+                                   ver_chain->len - 1, self_cnt, rs_ctx);
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+        if (rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS) {
+            /* save state */
+            rs_ctx->in_progress = x509_crt_rs_find_parent;
+            rs_ctx->self_cnt = self_cnt;
+            rs_ctx->ver_chain = *ver_chain; /* struct copy */
+
+            return ret;
+        }
+#else
+        (void) ret;
+#endif
+
+        /* No parent? We're done here */
+        if (parent == NULL) {
+            *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED;
+            return 0;
+        }
+
+        /* Count intermediate self-issued (not necessarily self-signed) certs.
+         * These can occur with some strategies for key rollover, see [SIRO],
+         * and should be excluded from max_pathlen checks. */
+        if (ver_chain->len != 1 &&
+            x509_name_cmp(&child->issuer, &child->subject) == 0) {
+            self_cnt++;
+        }
+
+        /* path_cnt is 0 for the first intermediate CA,
+         * and if parent is trusted it's not an intermediate CA */
+        if (!parent_is_trusted &&
+            ver_chain->len > MBEDTLS_X509_MAX_INTERMEDIATE_CA) {
+            /* return immediately to avoid overflow the chain array */
+            return MBEDTLS_ERR_X509_FATAL_ERROR;
+        }
+
+        /* signature was checked while searching parent */
+        if (!signature_is_good) {
+            *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED;
+        }
+
+        /* check size of signing key */
+        if (x509_profile_check_key(profile, &parent->pk) != 0) {
+            *flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
+        }
+
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
+        /* Check trusted CA's CRL for the given crt */
+        *flags |= x509_crt_verifycrl(child, parent, ca_crl, profile);
+#else
+        (void) ca_crl;
+#endif
+
+        /* prepare for next iteration */
+        child = parent;
+        parent = NULL;
+        child_is_trusted = parent_is_trusted;
+        signature_is_good = 0;
+    }
+}
+
+/*
+ * Check for CN match
+ */
+static int x509_crt_check_cn(const mbedtls_x509_buf *name,
+                             const char *cn, size_t cn_len)
+{
+    /* try exact match */
+    if (name->len == cn_len &&
+        x509_memcasecmp(cn, name->p, cn_len) == 0) {
+        return 0;
+    }
+
+    /* try wildcard match */
+    if (x509_check_wildcard(cn, name) == 0) {
+        return 0;
+    }
+
+    return -1;
+}
+
+/*
+ * Check for SAN match, see RFC 5280 Section 4.2.1.6
+ */
+static int x509_crt_check_san(const mbedtls_x509_buf *name,
+                              const char *cn, size_t cn_len)
+{
+    const unsigned char san_type = (unsigned char) name->tag &
+                                   MBEDTLS_ASN1_TAG_VALUE_MASK;
+
+    /* dNSName */
+    if (san_type == MBEDTLS_X509_SAN_DNS_NAME) {
+        return x509_crt_check_cn(name, cn, cn_len);
+    }
+
+    /* (We may handle other types here later.) */
+
+    /* Unrecognized type */
+    return -1;
+}
+
+/*
+ * Verify the requested CN - only call this if cn is not NULL!
+ */
+static void x509_crt_verify_name(const mbedtls_x509_crt *crt,
+                                 const char *cn,
+                                 uint32_t *flags)
+{
+    const mbedtls_x509_name *name;
+    const mbedtls_x509_sequence *cur;
+    size_t cn_len = strlen(cn);
+
+    if (crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) {
+        for (cur = &crt->subject_alt_names; cur != NULL; cur = cur->next) {
+            if (x509_crt_check_san(&cur->buf, cn, cn_len) == 0) {
+                break;
+            }
+        }
+
+        if (cur == NULL) {
+            *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH;
+        }
+    } else {
+        for (name = &crt->subject; name != NULL; name = name->next) {
+            if (MBEDTLS_OID_CMP(MBEDTLS_OID_AT_CN, &name->oid) == 0 &&
+                x509_crt_check_cn(&name->val, cn, cn_len) == 0) {
+                break;
+            }
+        }
+
+        if (name == NULL) {
+            *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH;
+        }
+    }
+}
+
+/*
+ * Merge the flags for all certs in the chain, after calling callback
+ */
+static int x509_crt_merge_flags_with_cb(
+    uint32_t *flags,
+    const mbedtls_x509_crt_verify_chain *ver_chain,
+    int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+    void *p_vrfy)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned i;
+    uint32_t cur_flags;
+    const mbedtls_x509_crt_verify_chain_item *cur;
+
+    for (i = ver_chain->len; i != 0; --i) {
+        cur = &ver_chain->items[i-1];
+        cur_flags = cur->flags;
+
+        if (NULL != f_vrfy) {
+            if ((ret = f_vrfy(p_vrfy, cur->crt, (int) i-1, &cur_flags)) != 0) {
+                return ret;
+            }
+        }
+
+        *flags |= cur_flags;
+    }
+
+    return 0;
+}
+
+/*
+ * Verify the certificate validity, with profile, restartable version
+ *
+ * This function:
+ *  - checks the requested CN (if any)
+ *  - checks the type and size of the EE cert's key,
+ *    as that isn't done as part of chain building/verification currently
+ *  - builds and verifies the chain
+ *  - then calls the callback and merges the flags
+ *
+ * The parameters pairs `trust_ca`, `ca_crl` and `f_ca_cb`, `p_ca_cb`
+ * are mutually exclusive: If `f_ca_cb != NULL`, it will be used by the
+ * verification routine to search for trusted signers, and CRLs will
+ * be disabled. Otherwise, `trust_ca` will be used as the static list
+ * of trusted signers, and `ca_crl` will be use as the static list
+ * of CRLs.
+ */
+static int x509_crt_verify_restartable_ca_cb(mbedtls_x509_crt *crt,
+                                             mbedtls_x509_crt *trust_ca,
+                                             mbedtls_x509_crl *ca_crl,
+                                             mbedtls_x509_crt_ca_cb_t f_ca_cb,
+                                             void *p_ca_cb,
+                                             const mbedtls_x509_crt_profile *profile,
+                                             const char *cn, uint32_t *flags,
+                                             int (*f_vrfy)(void *,
+                                                           mbedtls_x509_crt *,
+                                                           int,
+                                                           uint32_t *),
+                                             void *p_vrfy,
+                                             mbedtls_x509_crt_restart_ctx *rs_ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_pk_type_t pk_type;
+    mbedtls_x509_crt_verify_chain ver_chain;
+    uint32_t ee_flags;
+
+    *flags = 0;
+    ee_flags = 0;
+    x509_crt_verify_chain_reset(&ver_chain);
+
+    if (profile == NULL) {
+        ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+        goto exit;
+    }
+
+    /* check name if requested */
+    if (cn != NULL) {
+        x509_crt_verify_name(crt, cn, &ee_flags);
+    }
+
+    /* Check the type and size of the key */
+    pk_type = mbedtls_pk_get_type(&crt->pk);
+
+    if (x509_profile_check_pk_alg(profile, pk_type) != 0) {
+        ee_flags |= MBEDTLS_X509_BADCERT_BAD_PK;
+    }
+
+    if (x509_profile_check_key(profile, &crt->pk) != 0) {
+        ee_flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
+    }
+
+    /* Check the chain */
+    ret = x509_crt_verify_chain(crt, trust_ca, ca_crl,
+                                f_ca_cb, p_ca_cb, profile,
+                                &ver_chain, rs_ctx);
+
+    if (ret != 0) {
+        goto exit;
+    }
+
+    /* Merge end-entity flags */
+    ver_chain.items[0].flags |= ee_flags;
+
+    /* Build final flags, calling callback on the way if any */
+    ret = x509_crt_merge_flags_with_cb(flags, &ver_chain, f_vrfy, p_vrfy);
+
+exit:
+
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+    mbedtls_x509_crt_free(ver_chain.trust_ca_cb_result);
+    mbedtls_free(ver_chain.trust_ca_cb_result);
+    ver_chain.trust_ca_cb_result = NULL;
+#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    if (rs_ctx != NULL && ret != MBEDTLS_ERR_ECP_IN_PROGRESS) {
+        mbedtls_x509_crt_restart_free(rs_ctx);
+    }
+#endif
+
+    /* prevent misuse of the vrfy callback - VERIFY_FAILED would be ignored by
+     * the SSL module for authmode optional, but non-zero return from the
+     * callback means a fatal error so it shouldn't be ignored */
+    if (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED) {
+        ret = MBEDTLS_ERR_X509_FATAL_ERROR;
+    }
+
+    if (ret != 0) {
+        *flags = (uint32_t) -1;
+        return ret;
+    }
+
+    if (*flags != 0) {
+        return MBEDTLS_ERR_X509_CERT_VERIFY_FAILED;
+    }
+
+    return 0;
+}
+
+
+/*
+ * Verify the certificate validity (default profile, not restartable)
+ */
+int mbedtls_x509_crt_verify(mbedtls_x509_crt *crt,
+                            mbedtls_x509_crt *trust_ca,
+                            mbedtls_x509_crl *ca_crl,
+                            const char *cn, uint32_t *flags,
+                            int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                            void *p_vrfy)
+{
+    return x509_crt_verify_restartable_ca_cb(crt, trust_ca, ca_crl,
+                                             NULL, NULL,
+                                             &mbedtls_x509_crt_profile_default,
+                                             cn, flags,
+                                             f_vrfy, p_vrfy, NULL);
+}
+
+/*
+ * Verify the certificate validity (user-chosen profile, not restartable)
+ */
+int mbedtls_x509_crt_verify_with_profile(mbedtls_x509_crt *crt,
+                                         mbedtls_x509_crt *trust_ca,
+                                         mbedtls_x509_crl *ca_crl,
+                                         const mbedtls_x509_crt_profile *profile,
+                                         const char *cn, uint32_t *flags,
+                                         int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                                         void *p_vrfy)
+{
+    return x509_crt_verify_restartable_ca_cb(crt, trust_ca, ca_crl,
+                                             NULL, NULL,
+                                             profile, cn, flags,
+                                             f_vrfy, p_vrfy, NULL);
+}
+
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+/*
+ * Verify the certificate validity (user-chosen profile, CA callback,
+ *                                  not restartable).
+ */
+int mbedtls_x509_crt_verify_with_ca_cb(mbedtls_x509_crt *crt,
+                                       mbedtls_x509_crt_ca_cb_t f_ca_cb,
+                                       void *p_ca_cb,
+                                       const mbedtls_x509_crt_profile *profile,
+                                       const char *cn, uint32_t *flags,
+                                       int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                                       void *p_vrfy)
+{
+    return x509_crt_verify_restartable_ca_cb(crt, NULL, NULL,
+                                             f_ca_cb, p_ca_cb,
+                                             profile, cn, flags,
+                                             f_vrfy, p_vrfy, NULL);
+}
+#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+
+int mbedtls_x509_crt_verify_restartable(mbedtls_x509_crt *crt,
+                                        mbedtls_x509_crt *trust_ca,
+                                        mbedtls_x509_crl *ca_crl,
+                                        const mbedtls_x509_crt_profile *profile,
+                                        const char *cn, uint32_t *flags,
+                                        int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                                        void *p_vrfy,
+                                        mbedtls_x509_crt_restart_ctx *rs_ctx)
+{
+    return x509_crt_verify_restartable_ca_cb(crt, trust_ca, ca_crl,
+                                             NULL, NULL,
+                                             profile, cn, flags,
+                                             f_vrfy, p_vrfy, rs_ctx);
+}
+
+
+/*
+ * Initialize a certificate chain
+ */
+void mbedtls_x509_crt_init(mbedtls_x509_crt *crt)
+{
+    memset(crt, 0, sizeof(mbedtls_x509_crt));
+}
+
+/*
+ * Unallocate all certificate data
+ */
+void mbedtls_x509_crt_free(mbedtls_x509_crt *crt)
+{
+    mbedtls_x509_crt *cert_cur = crt;
+    mbedtls_x509_crt *cert_prv;
+    mbedtls_x509_name *name_cur;
+    mbedtls_x509_name *name_prv;
+    mbedtls_x509_sequence *seq_cur;
+    mbedtls_x509_sequence *seq_prv;
+
+    if (crt == NULL) {
+        return;
+    }
+
+    do {
+        mbedtls_pk_free(&cert_cur->pk);
+
+#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
+        mbedtls_free(cert_cur->sig_opts);
+#endif
+
+        name_cur = cert_cur->issuer.next;
+        while (name_cur != NULL) {
+            name_prv = name_cur;
+            name_cur = name_cur->next;
+            mbedtls_platform_zeroize(name_prv, sizeof(mbedtls_x509_name));
+            mbedtls_free(name_prv);
+        }
+
+        name_cur = cert_cur->subject.next;
+        while (name_cur != NULL) {
+            name_prv = name_cur;
+            name_cur = name_cur->next;
+            mbedtls_platform_zeroize(name_prv, sizeof(mbedtls_x509_name));
+            mbedtls_free(name_prv);
+        }
+
+        seq_cur = cert_cur->ext_key_usage.next;
+        while (seq_cur != NULL) {
+            seq_prv = seq_cur;
+            seq_cur = seq_cur->next;
+            mbedtls_platform_zeroize(seq_prv,
+                                     sizeof(mbedtls_x509_sequence));
+            mbedtls_free(seq_prv);
+        }
+
+        seq_cur = cert_cur->subject_alt_names.next;
+        while (seq_cur != NULL) {
+            seq_prv = seq_cur;
+            seq_cur = seq_cur->next;
+            mbedtls_platform_zeroize(seq_prv,
+                                     sizeof(mbedtls_x509_sequence));
+            mbedtls_free(seq_prv);
+        }
+
+        seq_cur = cert_cur->certificate_policies.next;
+        while (seq_cur != NULL) {
+            seq_prv = seq_cur;
+            seq_cur = seq_cur->next;
+            mbedtls_platform_zeroize(seq_prv,
+                                     sizeof(mbedtls_x509_sequence));
+            mbedtls_free(seq_prv);
+        }
+
+        if (cert_cur->raw.p != NULL && cert_cur->own_buffer) {
+            mbedtls_platform_zeroize(cert_cur->raw.p, cert_cur->raw.len);
+            mbedtls_free(cert_cur->raw.p);
+        }
+
+        cert_cur = cert_cur->next;
+    } while (cert_cur != NULL);
+
+    cert_cur = crt;
+    do {
+        cert_prv = cert_cur;
+        cert_cur = cert_cur->next;
+
+        mbedtls_platform_zeroize(cert_prv, sizeof(mbedtls_x509_crt));
+        if (cert_prv != crt) {
+            mbedtls_free(cert_prv);
+        }
+    } while (cert_cur != NULL);
+}
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+/*
+ * Initialize a restart context
+ */
+void mbedtls_x509_crt_restart_init(mbedtls_x509_crt_restart_ctx *ctx)
+{
+    mbedtls_pk_restart_init(&ctx->pk);
+
+    ctx->parent = NULL;
+    ctx->fallback_parent = NULL;
+    ctx->fallback_signature_is_good = 0;
+
+    ctx->parent_is_trusted = -1;
+
+    ctx->in_progress = x509_crt_rs_none;
+    ctx->self_cnt = 0;
+    x509_crt_verify_chain_reset(&ctx->ver_chain);
+}
+
+/*
+ * Free the components of a restart context
+ */
+void mbedtls_x509_crt_restart_free(mbedtls_x509_crt_restart_ctx *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_pk_restart_free(&ctx->pk);
+    mbedtls_x509_crt_restart_init(ctx);
+}
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
+
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/x509_csr.c b/3rdparty/mbedtls-2.28.7/library/x509_csr.c
new file mode 100644
index 0000000..095364e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/x509_csr.c
@@ -0,0 +1,380 @@
+/*
+ *  X.509 Certificate Signing Request (CSR) parsing
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ *  The ITU-T X.509 standard defines a certificate format for PKI.
+ *
+ *  http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs)
+ *  http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs)
+ *  http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10)
+ *
+ *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
+ *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_X509_CSR_PARSE_C)
+
+#include "mbedtls/x509_csr.h"
+#include "mbedtls/error.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/platform_util.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+#include "mbedtls/pem.h"
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_FS_IO) || defined(EFIX64) || defined(EFI32)
+#include <stdio.h>
+#endif
+
+/*
+ *  Version  ::=  INTEGER  {  v1(0)  }
+ */
+static int x509_csr_get_version(unsigned char **p,
+                                const unsigned char *end,
+                                int *ver)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if ((ret = mbedtls_asn1_get_int(p, end, ver)) != 0) {
+        if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
+            *ver = 0;
+            return 0;
+        }
+
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_VERSION, ret);
+    }
+
+    return 0;
+}
+
+/*
+ * Parse a CSR in DER format
+ */
+int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr,
+                               const unsigned char *buf, size_t buflen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len;
+    unsigned char *p, *end;
+    mbedtls_x509_buf sig_params;
+
+    memset(&sig_params, 0, sizeof(mbedtls_x509_buf));
+
+    /*
+     * Check for valid input
+     */
+    if (csr == NULL || buf == NULL || buflen == 0) {
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+
+    mbedtls_x509_csr_init(csr);
+
+    /*
+     * first copy the raw DER data
+     */
+    p = mbedtls_calloc(1, len = buflen);
+
+    if (p == NULL) {
+        return MBEDTLS_ERR_X509_ALLOC_FAILED;
+    }
+
+    memcpy(p, buf, buflen);
+
+    csr->raw.p = p;
+    csr->raw.len = len;
+    end = p + len;
+
+    /*
+     *  CertificationRequest ::= SEQUENCE {
+     *       certificationRequestInfo CertificationRequestInfo,
+     *       signatureAlgorithm AlgorithmIdentifier,
+     *       signature          BIT STRING
+     *  }
+     */
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        mbedtls_x509_csr_free(csr);
+        return MBEDTLS_ERR_X509_INVALID_FORMAT;
+    }
+
+    if (len != (size_t) (end - p)) {
+        mbedtls_x509_csr_free(csr);
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    /*
+     *  CertificationRequestInfo ::= SEQUENCE {
+     */
+    csr->cri.p = p;
+
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        mbedtls_x509_csr_free(csr);
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret);
+    }
+
+    end = p + len;
+    csr->cri.len = end - csr->cri.p;
+
+    /*
+     *  Version  ::=  INTEGER {  v1(0) }
+     */
+    if ((ret = x509_csr_get_version(&p, end, &csr->version)) != 0) {
+        mbedtls_x509_csr_free(csr);
+        return ret;
+    }
+
+    if (csr->version != 0) {
+        mbedtls_x509_csr_free(csr);
+        return MBEDTLS_ERR_X509_UNKNOWN_VERSION;
+    }
+
+    csr->version++;
+
+    /*
+     *  subject               Name
+     */
+    csr->subject_raw.p = p;
+
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        mbedtls_x509_csr_free(csr);
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret);
+    }
+
+    if ((ret = mbedtls_x509_get_name(&p, p + len, &csr->subject)) != 0) {
+        mbedtls_x509_csr_free(csr);
+        return ret;
+    }
+
+    csr->subject_raw.len = p - csr->subject_raw.p;
+
+    /*
+     *  subjectPKInfo SubjectPublicKeyInfo
+     */
+    if ((ret = mbedtls_pk_parse_subpubkey(&p, end, &csr->pk)) != 0) {
+        mbedtls_x509_csr_free(csr);
+        return ret;
+    }
+
+    /*
+     *  attributes    [0] Attributes
+     *
+     *  The list of possible attributes is open-ended, though RFC 2985
+     *  (PKCS#9) defines a few in section 5.4. We currently don't support any,
+     *  so we just ignore them. This is a safe thing to do as the worst thing
+     *  that could happen is that we issue a certificate that does not match
+     *  the requester's expectations - this cannot cause a violation of our
+     *  signature policies.
+     */
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC)) !=
+        0) {
+        mbedtls_x509_csr_free(csr);
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret);
+    }
+
+    p += len;
+
+    end = csr->raw.p + csr->raw.len;
+
+    /*
+     *  signatureAlgorithm   AlgorithmIdentifier,
+     *  signature            BIT STRING
+     */
+    if ((ret = mbedtls_x509_get_alg(&p, end, &csr->sig_oid, &sig_params)) != 0) {
+        mbedtls_x509_csr_free(csr);
+        return ret;
+    }
+
+    if ((ret = mbedtls_x509_get_sig_alg(&csr->sig_oid, &sig_params,
+                                        &csr->sig_md, &csr->sig_pk,
+                                        &csr->sig_opts)) != 0) {
+        mbedtls_x509_csr_free(csr);
+        return MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG;
+    }
+
+    if ((ret = mbedtls_x509_get_sig(&p, end, &csr->sig)) != 0) {
+        mbedtls_x509_csr_free(csr);
+        return ret;
+    }
+
+    if (p != end) {
+        mbedtls_x509_csr_free(csr);
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+
+    return 0;
+}
+
+/*
+ * Parse a CSR, allowing for PEM or raw DER encoding
+ */
+int mbedtls_x509_csr_parse(mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen)
+{
+#if defined(MBEDTLS_PEM_PARSE_C)
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t use_len;
+    mbedtls_pem_context pem;
+#endif
+
+    /*
+     * Check for valid input
+     */
+    if (csr == NULL || buf == NULL || buflen == 0) {
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
+    if (buf[buflen - 1] == '\0') {
+        mbedtls_pem_init(&pem);
+        ret = mbedtls_pem_read_buffer(&pem,
+                                      "-----BEGIN CERTIFICATE REQUEST-----",
+                                      "-----END CERTIFICATE REQUEST-----",
+                                      buf, NULL, 0, &use_len);
+        if (ret == MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) {
+            ret = mbedtls_pem_read_buffer(&pem,
+                                          "-----BEGIN NEW CERTIFICATE REQUEST-----",
+                                          "-----END NEW CERTIFICATE REQUEST-----",
+                                          buf, NULL, 0, &use_len);
+        }
+
+        if (ret == 0) {
+            /*
+             * Was PEM encoded, parse the result
+             */
+            ret = mbedtls_x509_csr_parse_der(csr, pem.buf, pem.buflen);
+        }
+
+        mbedtls_pem_free(&pem);
+        if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) {
+            return ret;
+        }
+    }
+#endif /* MBEDTLS_PEM_PARSE_C */
+    return mbedtls_x509_csr_parse_der(csr, buf, buflen);
+}
+
+#if defined(MBEDTLS_FS_IO)
+/*
+ * Load a CSR into the structure
+ */
+int mbedtls_x509_csr_parse_file(mbedtls_x509_csr *csr, const char *path)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t n;
+    unsigned char *buf;
+
+    if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) {
+        return ret;
+    }
+
+    ret = mbedtls_x509_csr_parse(csr, buf, n);
+
+    mbedtls_platform_zeroize(buf, n);
+    mbedtls_free(buf);
+
+    return ret;
+}
+#endif /* MBEDTLS_FS_IO */
+
+#define BEFORE_COLON    14
+#define BC              "14"
+/*
+ * Return an informational string about the CSR.
+ */
+int mbedtls_x509_csr_info(char *buf, size_t size, const char *prefix,
+                          const mbedtls_x509_csr *csr)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t n;
+    char *p;
+    char key_size_str[BEFORE_COLON];
+
+    p = buf;
+    n = size;
+
+    ret = mbedtls_snprintf(p, n, "%sCSR version   : %d",
+                           prefix, csr->version);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf(p, n, "\n%ssubject name  : ", prefix);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+    ret = mbedtls_x509_dn_gets(p, n, &csr->subject);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf(p, n, "\n%ssigned using  : ", prefix);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_x509_sig_alg_gets(p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md,
+                                    csr->sig_opts);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    if ((ret = mbedtls_x509_key_size_helper(key_size_str, BEFORE_COLON,
+                                            mbedtls_pk_get_name(&csr->pk))) != 0) {
+        return ret;
+    }
+
+    ret = mbedtls_snprintf(p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str,
+                           (int) mbedtls_pk_get_bitlen(&csr->pk));
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    return (int) (size - n);
+}
+
+/*
+ * Initialize a CSR
+ */
+void mbedtls_x509_csr_init(mbedtls_x509_csr *csr)
+{
+    memset(csr, 0, sizeof(mbedtls_x509_csr));
+}
+
+/*
+ * Unallocate all CSR data
+ */
+void mbedtls_x509_csr_free(mbedtls_x509_csr *csr)
+{
+    mbedtls_x509_name *name_cur;
+    mbedtls_x509_name *name_prv;
+
+    if (csr == NULL) {
+        return;
+    }
+
+    mbedtls_pk_free(&csr->pk);
+
+#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
+    mbedtls_free(csr->sig_opts);
+#endif
+
+    name_cur = csr->subject.next;
+    while (name_cur != NULL) {
+        name_prv = name_cur;
+        name_cur = name_cur->next;
+        mbedtls_platform_zeroize(name_prv, sizeof(mbedtls_x509_name));
+        mbedtls_free(name_prv);
+    }
+
+    if (csr->raw.p != NULL) {
+        mbedtls_platform_zeroize(csr->raw.p, csr->raw.len);
+        mbedtls_free(csr->raw.p);
+    }
+
+    mbedtls_platform_zeroize(csr, sizeof(mbedtls_x509_csr));
+}
+
+#endif /* MBEDTLS_X509_CSR_PARSE_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/x509write_crt.c b/3rdparty/mbedtls-2.28.7/library/x509write_crt.c
new file mode 100644
index 0000000..1e16b53
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/x509write_crt.c
@@ -0,0 +1,545 @@
+/*
+ *  X.509 certificate writing
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ * References:
+ * - certificates: RFC 5280, updated by RFC 6818
+ * - CSRs: PKCS#10 v1.7 aka RFC 2986
+ * - attributes: PKCS#9 v2.0 aka RFC 2985
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_X509_CRT_WRITE_C)
+
+#include "mbedtls/x509_crt.h"
+#include "mbedtls/asn1write.h"
+#include "mbedtls/error.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/sha1.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+#include "mbedtls/pem.h"
+#endif /* MBEDTLS_PEM_WRITE_C */
+
+void mbedtls_x509write_crt_init(mbedtls_x509write_cert *ctx)
+{
+    memset(ctx, 0, sizeof(mbedtls_x509write_cert));
+
+    mbedtls_mpi_init(&ctx->serial);
+    ctx->version = MBEDTLS_X509_CRT_VERSION_3;
+}
+
+void mbedtls_x509write_crt_free(mbedtls_x509write_cert *ctx)
+{
+    mbedtls_mpi_free(&ctx->serial);
+
+    mbedtls_asn1_free_named_data_list(&ctx->subject);
+    mbedtls_asn1_free_named_data_list(&ctx->issuer);
+    mbedtls_asn1_free_named_data_list(&ctx->extensions);
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_x509write_cert));
+}
+
+void mbedtls_x509write_crt_set_version(mbedtls_x509write_cert *ctx,
+                                       int version)
+{
+    ctx->version = version;
+}
+
+void mbedtls_x509write_crt_set_md_alg(mbedtls_x509write_cert *ctx,
+                                      mbedtls_md_type_t md_alg)
+{
+    ctx->md_alg = md_alg;
+}
+
+void mbedtls_x509write_crt_set_subject_key(mbedtls_x509write_cert *ctx,
+                                           mbedtls_pk_context *key)
+{
+    ctx->subject_key = key;
+}
+
+void mbedtls_x509write_crt_set_issuer_key(mbedtls_x509write_cert *ctx,
+                                          mbedtls_pk_context *key)
+{
+    ctx->issuer_key = key;
+}
+
+int mbedtls_x509write_crt_set_subject_name(mbedtls_x509write_cert *ctx,
+                                           const char *subject_name)
+{
+    return mbedtls_x509_string_to_names(&ctx->subject, subject_name);
+}
+
+int mbedtls_x509write_crt_set_issuer_name(mbedtls_x509write_cert *ctx,
+                                          const char *issuer_name)
+{
+    return mbedtls_x509_string_to_names(&ctx->issuer, issuer_name);
+}
+
+int mbedtls_x509write_crt_set_serial(mbedtls_x509write_cert *ctx,
+                                     const mbedtls_mpi *serial)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if (mbedtls_mpi_size(serial) > MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN) {
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+
+    if ((ret = mbedtls_mpi_copy(&ctx->serial, serial)) != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+
+int mbedtls_x509write_crt_set_validity(mbedtls_x509write_cert *ctx,
+                                       const char *not_before,
+                                       const char *not_after)
+{
+    if (strlen(not_before) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 ||
+        strlen(not_after)  != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1) {
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+    strncpy(ctx->not_before, not_before, MBEDTLS_X509_RFC5280_UTC_TIME_LEN);
+    strncpy(ctx->not_after, not_after, MBEDTLS_X509_RFC5280_UTC_TIME_LEN);
+    ctx->not_before[MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1] = 'Z';
+    ctx->not_after[MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1] = 'Z';
+
+    return 0;
+}
+
+int mbedtls_x509write_crt_set_extension(mbedtls_x509write_cert *ctx,
+                                        const char *oid, size_t oid_len,
+                                        int critical,
+                                        const unsigned char *val, size_t val_len)
+{
+    return mbedtls_x509_set_extension(&ctx->extensions, oid, oid_len,
+                                      critical, val, val_len);
+}
+
+int mbedtls_x509write_crt_set_basic_constraints(mbedtls_x509write_cert *ctx,
+                                                int is_ca, int max_pathlen)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char buf[9];
+    unsigned char *c = buf + sizeof(buf);
+    size_t len = 0;
+
+    memset(buf, 0, sizeof(buf));
+
+    if (is_ca && max_pathlen > 127) {
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+
+    if (is_ca) {
+        if (max_pathlen >= 0) {
+            MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(&c, buf,
+                                                             max_pathlen));
+        }
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_bool(&c, buf, 1));
+    }
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf,
+                                                     MBEDTLS_ASN1_CONSTRUCTED |
+                                                     MBEDTLS_ASN1_SEQUENCE));
+
+    return
+        mbedtls_x509write_crt_set_extension(ctx, MBEDTLS_OID_BASIC_CONSTRAINTS,
+                                            MBEDTLS_OID_SIZE(MBEDTLS_OID_BASIC_CONSTRAINTS),
+                                            is_ca, buf + sizeof(buf) - len, len);
+}
+
+#if defined(MBEDTLS_SHA1_C)
+int mbedtls_x509write_crt_set_subject_key_identifier(mbedtls_x509write_cert *ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */
+    unsigned char *c = buf + sizeof(buf);
+    size_t len = 0;
+
+    memset(buf, 0, sizeof(buf));
+    MBEDTLS_ASN1_CHK_ADD(len,
+                         mbedtls_pk_write_pubkey(&c, buf, ctx->subject_key));
+
+    ret = mbedtls_sha1_ret(buf + sizeof(buf) - len, len,
+                           buf + sizeof(buf) - 20);
+    if (ret != 0) {
+        return ret;
+    }
+    c = buf + sizeof(buf) - 20;
+    len = 20;
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
+    MBEDTLS_ASN1_CHK_ADD(len,
+                         mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_OCTET_STRING));
+
+    return mbedtls_x509write_crt_set_extension(ctx,
+                                               MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER,
+                                               MBEDTLS_OID_SIZE(MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER),
+                                               0, buf + sizeof(buf) - len, len);
+}
+
+int mbedtls_x509write_crt_set_authority_key_identifier(mbedtls_x509write_cert *ctx)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */
+    unsigned char *c = buf + sizeof(buf);
+    size_t len = 0;
+
+    memset(buf, 0, sizeof(buf));
+    MBEDTLS_ASN1_CHK_ADD(len,
+                         mbedtls_pk_write_pubkey(&c, buf, ctx->issuer_key));
+
+    ret = mbedtls_sha1_ret(buf + sizeof(buf) - len, len,
+                           buf + sizeof(buf) - 20);
+    if (ret != 0) {
+        return ret;
+    }
+    c = buf + sizeof(buf) - 20;
+    len = 20;
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
+    MBEDTLS_ASN1_CHK_ADD(len,
+                         mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0));
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
+    MBEDTLS_ASN1_CHK_ADD(len,
+                         mbedtls_asn1_write_tag(&c, buf,
+                                                MBEDTLS_ASN1_CONSTRUCTED |
+                                                MBEDTLS_ASN1_SEQUENCE));
+
+    return mbedtls_x509write_crt_set_extension(
+        ctx, MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER,
+        MBEDTLS_OID_SIZE(MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER),
+        0, buf + sizeof(buf) - len, len);
+}
+#endif /* MBEDTLS_SHA1_C */
+
+int mbedtls_x509write_crt_set_key_usage(mbedtls_x509write_cert *ctx,
+                                        unsigned int key_usage)
+{
+    unsigned char buf[5] = { 0 }, ku[2] = { 0 };
+    unsigned char *c;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const unsigned int allowed_bits = MBEDTLS_X509_KU_DIGITAL_SIGNATURE |
+                                      MBEDTLS_X509_KU_NON_REPUDIATION   |
+                                      MBEDTLS_X509_KU_KEY_ENCIPHERMENT  |
+                                      MBEDTLS_X509_KU_DATA_ENCIPHERMENT |
+                                      MBEDTLS_X509_KU_KEY_AGREEMENT     |
+                                      MBEDTLS_X509_KU_KEY_CERT_SIGN     |
+                                      MBEDTLS_X509_KU_CRL_SIGN          |
+                                      MBEDTLS_X509_KU_ENCIPHER_ONLY     |
+                                      MBEDTLS_X509_KU_DECIPHER_ONLY;
+
+    /* Check that nothing other than the allowed flags is set */
+    if ((key_usage & ~allowed_bits) != 0) {
+        return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE;
+    }
+
+    c = buf + 5;
+    MBEDTLS_PUT_UINT16_LE(key_usage, ku, 0);
+    ret = mbedtls_asn1_write_named_bitstring(&c, buf, ku, 9);
+
+    if (ret < 0) {
+        return ret;
+    } else if (ret < 3 || ret > 5) {
+        return MBEDTLS_ERR_X509_INVALID_FORMAT;
+    }
+
+    ret = mbedtls_x509write_crt_set_extension(ctx, MBEDTLS_OID_KEY_USAGE,
+                                              MBEDTLS_OID_SIZE(MBEDTLS_OID_KEY_USAGE),
+                                              1, c, (size_t) ret);
+    if (ret != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+
+int mbedtls_x509write_crt_set_ns_cert_type(mbedtls_x509write_cert *ctx,
+                                           unsigned char ns_cert_type)
+{
+    unsigned char buf[4] = { 0 };
+    unsigned char *c;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    c = buf + 4;
+
+    ret = mbedtls_asn1_write_named_bitstring(&c, buf, &ns_cert_type, 8);
+    if (ret < 3 || ret > 4) {
+        return ret;
+    }
+
+    ret = mbedtls_x509write_crt_set_extension(ctx, MBEDTLS_OID_NS_CERT_TYPE,
+                                              MBEDTLS_OID_SIZE(MBEDTLS_OID_NS_CERT_TYPE),
+                                              0, c, (size_t) ret);
+    if (ret != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+
+static int x509_write_time(unsigned char **p, unsigned char *start,
+                           const char *t, size_t size)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+
+    /*
+     * write MBEDTLS_ASN1_UTC_TIME if year < 2050 (2 bytes shorter)
+     */
+    if (t[0] < '2' || (t[0] == '2' && t[1] == '0' && t[2] < '5')) {
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start,
+                                                                (const unsigned char *) t + 2,
+                                                                size - 2));
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start,
+                                                         MBEDTLS_ASN1_UTC_TIME));
+    } else {
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start,
+                                                                (const unsigned char *) t,
+                                                                size));
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start,
+                                                         MBEDTLS_ASN1_GENERALIZED_TIME));
+    }
+
+    return (int) len;
+}
+
+int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx,
+                              unsigned char *buf, size_t size,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const char *sig_oid;
+    size_t sig_oid_len = 0;
+    unsigned char *c, *c2;
+    unsigned char hash[64];
+    unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
+    size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len;
+    size_t len = 0;
+    mbedtls_pk_type_t pk_alg;
+    int write_sig_null_par;
+
+    /*
+     * Prepare data to be signed at the end of the target buffer
+     */
+    c = buf + size;
+
+    /* Signature algorithm needed in TBS, and later for actual signature */
+
+    /* There's no direct way of extracting a signature algorithm
+     * (represented as an element of mbedtls_pk_type_t) from a PK instance. */
+    if (mbedtls_pk_can_do(ctx->issuer_key, MBEDTLS_PK_RSA)) {
+        pk_alg = MBEDTLS_PK_RSA;
+    } else if (mbedtls_pk_can_do(ctx->issuer_key, MBEDTLS_PK_ECDSA)) {
+        pk_alg = MBEDTLS_PK_ECDSA;
+    } else {
+        return MBEDTLS_ERR_X509_INVALID_ALG;
+    }
+
+    if ((ret = mbedtls_oid_get_oid_by_sig_alg(pk_alg, ctx->md_alg,
+                                              &sig_oid, &sig_oid_len)) != 0) {
+        return ret;
+    }
+
+    /*
+     *  Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
+     */
+
+    /* Only for v3 */
+    if (ctx->version == MBEDTLS_X509_CRT_VERSION_3) {
+        MBEDTLS_ASN1_CHK_ADD(len,
+                             mbedtls_x509_write_extensions(&c,
+                                                           buf, ctx->extensions));
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
+        MBEDTLS_ASN1_CHK_ADD(len,
+                             mbedtls_asn1_write_tag(&c, buf,
+                                                    MBEDTLS_ASN1_CONSTRUCTED |
+                                                    MBEDTLS_ASN1_SEQUENCE));
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
+        MBEDTLS_ASN1_CHK_ADD(len,
+                             mbedtls_asn1_write_tag(&c, buf,
+                                                    MBEDTLS_ASN1_CONTEXT_SPECIFIC |
+                                                    MBEDTLS_ASN1_CONSTRUCTED | 3));
+    }
+
+    /*
+     *  SubjectPublicKeyInfo
+     */
+    MBEDTLS_ASN1_CHK_ADD(pub_len,
+                         mbedtls_pk_write_pubkey_der(ctx->subject_key,
+                                                     buf, c - buf));
+    c -= pub_len;
+    len += pub_len;
+
+    /*
+     *  Subject  ::=  Name
+     */
+    MBEDTLS_ASN1_CHK_ADD(len,
+                         mbedtls_x509_write_names(&c, buf,
+                                                  ctx->subject));
+
+    /*
+     *  Validity ::= SEQUENCE {
+     *       notBefore      Time,
+     *       notAfter       Time }
+     */
+    sub_len = 0;
+
+    MBEDTLS_ASN1_CHK_ADD(sub_len,
+                         x509_write_time(&c, buf, ctx->not_after,
+                                         MBEDTLS_X509_RFC5280_UTC_TIME_LEN));
+
+    MBEDTLS_ASN1_CHK_ADD(sub_len,
+                         x509_write_time(&c, buf, ctx->not_before,
+                                         MBEDTLS_X509_RFC5280_UTC_TIME_LEN));
+
+    len += sub_len;
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, sub_len));
+    MBEDTLS_ASN1_CHK_ADD(len,
+                         mbedtls_asn1_write_tag(&c, buf,
+                                                MBEDTLS_ASN1_CONSTRUCTED |
+                                                MBEDTLS_ASN1_SEQUENCE));
+
+    /*
+     *  Issuer  ::=  Name
+     */
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_x509_write_names(&c, buf,
+                                                       ctx->issuer));
+
+    /*
+     *  Signature   ::=  AlgorithmIdentifier
+     */
+    if (pk_alg == MBEDTLS_PK_ECDSA) {
+        /*
+         * The AlgorithmIdentifier's parameters field must be absent for DSA/ECDSA signature
+         * algorithms, see https://www.rfc-editor.org/rfc/rfc5480#page-17 and
+         * https://www.rfc-editor.org/rfc/rfc5758#section-3.
+         */
+        write_sig_null_par = 0;
+    } else {
+        write_sig_null_par = 1;
+    }
+    MBEDTLS_ASN1_CHK_ADD(len,
+                         mbedtls_asn1_write_algorithm_identifier_ext(&c, buf,
+                                                                     sig_oid, strlen(sig_oid),
+                                                                     0, write_sig_null_par));
+
+    /*
+     *  Serial   ::=  INTEGER
+     */
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_mpi(&c, buf,
+                                                     &ctx->serial));
+
+    /*
+     *  Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
+     */
+
+    /* Can be omitted for v1 */
+    if (ctx->version != MBEDTLS_X509_CRT_VERSION_1) {
+        sub_len = 0;
+        MBEDTLS_ASN1_CHK_ADD(sub_len,
+                             mbedtls_asn1_write_int(&c, buf, ctx->version));
+        len += sub_len;
+        MBEDTLS_ASN1_CHK_ADD(len,
+                             mbedtls_asn1_write_len(&c, buf, sub_len));
+        MBEDTLS_ASN1_CHK_ADD(len,
+                             mbedtls_asn1_write_tag(&c, buf,
+                                                    MBEDTLS_ASN1_CONTEXT_SPECIFIC |
+                                                    MBEDTLS_ASN1_CONSTRUCTED | 0));
+    }
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
+    MBEDTLS_ASN1_CHK_ADD(len,
+                         mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_CONSTRUCTED |
+                                                MBEDTLS_ASN1_SEQUENCE));
+
+    /*
+     * Make signature
+     */
+
+    /* Compute hash of CRT. */
+    if ((ret = mbedtls_md(mbedtls_md_info_from_type(ctx->md_alg), c,
+                          len, hash)) != 0) {
+        return ret;
+    }
+
+    if ((ret = mbedtls_pk_sign(ctx->issuer_key, ctx->md_alg,
+                               hash, 0, sig, &sig_len,
+                               f_rng, p_rng)) != 0) {
+        return ret;
+    }
+
+    /* Move CRT to the front of the buffer to have space
+     * for the signature. */
+    memmove(buf, c, len);
+    c = buf + len;
+
+    /* Add signature at the end of the buffer,
+     * making sure that it doesn't underflow
+     * into the CRT buffer. */
+    c2 = buf + size;
+    MBEDTLS_ASN1_CHK_ADD(sig_and_oid_len, mbedtls_x509_write_sig(&c2, c,
+                                                                 sig_oid, sig_oid_len,
+                                                                 sig, sig_len, pk_alg));
+
+    /*
+     * Memory layout after this step:
+     *
+     * buf       c=buf+len                c2            buf+size
+     * [CRT0,...,CRTn, UNUSED, ..., UNUSED, SIG0, ..., SIGm]
+     */
+
+    /* Move raw CRT to just before the signature. */
+    c = c2 - len;
+    memmove(c, buf, len);
+
+    len += sig_and_oid_len;
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf,
+                                                     MBEDTLS_ASN1_CONSTRUCTED |
+                                                     MBEDTLS_ASN1_SEQUENCE));
+
+    return (int) len;
+}
+
+#define PEM_BEGIN_CRT           "-----BEGIN CERTIFICATE-----\n"
+#define PEM_END_CRT             "-----END CERTIFICATE-----\n"
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+int mbedtls_x509write_crt_pem(mbedtls_x509write_cert *crt,
+                              unsigned char *buf, size_t size,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t olen;
+
+    if ((ret = mbedtls_x509write_crt_der(crt, buf, size,
+                                         f_rng, p_rng)) < 0) {
+        return ret;
+    }
+
+    if ((ret = mbedtls_pem_write_buffer(PEM_BEGIN_CRT, PEM_END_CRT,
+                                        buf + size - ret, ret,
+                                        buf, size, &olen)) != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_PEM_WRITE_C */
+
+#endif /* MBEDTLS_X509_CRT_WRITE_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/x509write_csr.c b/3rdparty/mbedtls-2.28.7/library/x509write_csr.c
new file mode 100644
index 0000000..3c3ab3a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/x509write_csr.c
@@ -0,0 +1,324 @@
+/*
+ *  X.509 Certificate Signing Request writing
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+/*
+ * References:
+ * - CSRs: PKCS#10 v1.7 aka RFC 2986
+ * - attributes: PKCS#9 v2.0 aka RFC 2985
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_X509_CSR_WRITE_C)
+
+#include "mbedtls/x509_csr.h"
+#include "mbedtls/asn1write.h"
+#include "mbedtls/error.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/platform_util.h"
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#endif
+
+#include <string.h>
+#include <stdlib.h>
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+#include "mbedtls/pem.h"
+#endif
+
+#include "mbedtls/platform.h"
+
+void mbedtls_x509write_csr_init(mbedtls_x509write_csr *ctx)
+{
+    memset(ctx, 0, sizeof(mbedtls_x509write_csr));
+}
+
+void mbedtls_x509write_csr_free(mbedtls_x509write_csr *ctx)
+{
+    mbedtls_asn1_free_named_data_list(&ctx->subject);
+    mbedtls_asn1_free_named_data_list(&ctx->extensions);
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_x509write_csr));
+}
+
+void mbedtls_x509write_csr_set_md_alg(mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg)
+{
+    ctx->md_alg = md_alg;
+}
+
+void mbedtls_x509write_csr_set_key(mbedtls_x509write_csr *ctx, mbedtls_pk_context *key)
+{
+    ctx->key = key;
+}
+
+int mbedtls_x509write_csr_set_subject_name(mbedtls_x509write_csr *ctx,
+                                           const char *subject_name)
+{
+    return mbedtls_x509_string_to_names(&ctx->subject, subject_name);
+}
+
+int mbedtls_x509write_csr_set_extension(mbedtls_x509write_csr *ctx,
+                                        const char *oid, size_t oid_len,
+                                        const unsigned char *val, size_t val_len)
+{
+    return mbedtls_x509_set_extension(&ctx->extensions, oid, oid_len,
+                                      0, val, val_len);
+}
+
+int mbedtls_x509write_csr_set_key_usage(mbedtls_x509write_csr *ctx, unsigned char key_usage)
+{
+    unsigned char buf[4] = { 0 };
+    unsigned char *c;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    c = buf + 4;
+
+    ret = mbedtls_asn1_write_named_bitstring(&c, buf, &key_usage, 8);
+    if (ret < 3 || ret > 4) {
+        return ret;
+    }
+
+    ret = mbedtls_x509write_csr_set_extension(ctx, MBEDTLS_OID_KEY_USAGE,
+                                              MBEDTLS_OID_SIZE(MBEDTLS_OID_KEY_USAGE),
+                                              c, (size_t) ret);
+    if (ret != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+
+int mbedtls_x509write_csr_set_ns_cert_type(mbedtls_x509write_csr *ctx,
+                                           unsigned char ns_cert_type)
+{
+    unsigned char buf[4] = { 0 };
+    unsigned char *c;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    c = buf + 4;
+
+    ret = mbedtls_asn1_write_named_bitstring(&c, buf, &ns_cert_type, 8);
+    if (ret < 3 || ret > 4) {
+        return ret;
+    }
+
+    ret = mbedtls_x509write_csr_set_extension(ctx, MBEDTLS_OID_NS_CERT_TYPE,
+                                              MBEDTLS_OID_SIZE(MBEDTLS_OID_NS_CERT_TYPE),
+                                              c, (size_t) ret);
+    if (ret != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+
+static int x509write_csr_der_internal(mbedtls_x509write_csr *ctx,
+                                      unsigned char *buf,
+                                      size_t size,
+                                      unsigned char *sig,
+                                      int (*f_rng)(void *, unsigned char *, size_t),
+                                      void *p_rng)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    const char *sig_oid;
+    size_t sig_oid_len = 0;
+    unsigned char *c, *c2;
+    unsigned char hash[64];
+    size_t pub_len = 0, sig_and_oid_len = 0, sig_len;
+    size_t len = 0;
+    mbedtls_pk_type_t pk_alg;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT;
+    size_t hash_len;
+    psa_algorithm_t hash_alg = mbedtls_psa_translate_md(ctx->md_alg);
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    /* Write the CSR backwards starting from the end of buf */
+    c = buf + size;
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_x509_write_extensions(&c, buf,
+                                                            ctx->extensions));
+
+    if (len) {
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
+        MBEDTLS_ASN1_CHK_ADD(len,
+                             mbedtls_asn1_write_tag(
+                                 &c, buf,
+                                 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE));
+
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
+        MBEDTLS_ASN1_CHK_ADD(len,
+                             mbedtls_asn1_write_tag(
+                                 &c, buf,
+                                 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET));
+
+        MBEDTLS_ASN1_CHK_ADD(len,
+                             mbedtls_asn1_write_oid(
+                                 &c, buf, MBEDTLS_OID_PKCS9_CSR_EXT_REQ,
+                                 MBEDTLS_OID_SIZE(MBEDTLS_OID_PKCS9_CSR_EXT_REQ)));
+
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
+        MBEDTLS_ASN1_CHK_ADD(len,
+                             mbedtls_asn1_write_tag(
+                                 &c, buf,
+                                 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE));
+    }
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
+    MBEDTLS_ASN1_CHK_ADD(len,
+                         mbedtls_asn1_write_tag(
+                             &c, buf,
+                             MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC));
+
+    MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_pk_write_pubkey_der(ctx->key,
+                                                              buf, c - buf));
+    c -= pub_len;
+    len += pub_len;
+
+    /*
+     *  Subject  ::=  Name
+     */
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_x509_write_names(&c, buf,
+                                                       ctx->subject));
+
+    /*
+     *  Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
+     */
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(&c, buf, 0));
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
+    MBEDTLS_ASN1_CHK_ADD(len,
+                         mbedtls_asn1_write_tag(
+                             &c, buf,
+                             MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE));
+
+    /*
+     * Sign the written CSR data into the sig buffer
+     * Note: hash errors can happen only after an internal error
+     */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (psa_hash_setup(&hash_operation, hash_alg) != PSA_SUCCESS) {
+        return MBEDTLS_ERR_X509_FATAL_ERROR;
+    }
+
+    if (psa_hash_update(&hash_operation, c, len) != PSA_SUCCESS) {
+        return MBEDTLS_ERR_X509_FATAL_ERROR;
+    }
+
+    if (psa_hash_finish(&hash_operation, hash, sizeof(hash), &hash_len)
+        != PSA_SUCCESS) {
+        return MBEDTLS_ERR_X509_FATAL_ERROR;
+    }
+#else /* MBEDTLS_USE_PSA_CRYPTO */
+    ret = mbedtls_md(mbedtls_md_info_from_type(ctx->md_alg), c, len, hash);
+    if (ret != 0) {
+        return ret;
+    }
+#endif
+    if ((ret = mbedtls_pk_sign(ctx->key, ctx->md_alg, hash, 0, sig, &sig_len,
+                               f_rng, p_rng)) != 0) {
+        return ret;
+    }
+
+    if (mbedtls_pk_can_do(ctx->key, MBEDTLS_PK_RSA)) {
+        pk_alg = MBEDTLS_PK_RSA;
+    } else if (mbedtls_pk_can_do(ctx->key, MBEDTLS_PK_ECDSA)) {
+        pk_alg = MBEDTLS_PK_ECDSA;
+    } else {
+        return MBEDTLS_ERR_X509_INVALID_ALG;
+    }
+
+    if ((ret = mbedtls_oid_get_oid_by_sig_alg(pk_alg, ctx->md_alg,
+                                              &sig_oid, &sig_oid_len)) != 0) {
+        return ret;
+    }
+
+    /*
+     * Move the written CSR data to the start of buf to create space for
+     * writing the signature into buf.
+     */
+    memmove(buf, c, len);
+
+    /*
+     * Write sig and its OID into buf backwards from the end of buf.
+     * Note: mbedtls_x509_write_sig will check for c2 - ( buf + len ) < sig_len
+     * and return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL if needed.
+     */
+    c2 = buf + size;
+    MBEDTLS_ASN1_CHK_ADD(sig_and_oid_len,
+                         mbedtls_x509_write_sig(&c2, buf + len, sig_oid, sig_oid_len,
+                                                sig, sig_len, pk_alg));
+
+    /*
+     * Compact the space between the CSR data and signature by moving the
+     * CSR data to the start of the signature.
+     */
+    c2 -= len;
+    memmove(c2, buf, len);
+
+    /* ASN encode the total size and tag the CSR data with it. */
+    len += sig_and_oid_len;
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c2, buf, len));
+    MBEDTLS_ASN1_CHK_ADD(len,
+                         mbedtls_asn1_write_tag(
+                             &c2, buf,
+                             MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE));
+
+    /* Zero the unused bytes at the start of buf */
+    memset(buf, 0, c2 - buf);
+
+    return (int) len;
+}
+
+int mbedtls_x509write_csr_der(mbedtls_x509write_csr *ctx, unsigned char *buf,
+                              size_t size,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng)
+{
+    int ret;
+    unsigned char *sig;
+
+    if ((sig = mbedtls_calloc(1, MBEDTLS_PK_SIGNATURE_MAX_SIZE)) == NULL) {
+        return MBEDTLS_ERR_X509_ALLOC_FAILED;
+    }
+
+    ret = x509write_csr_der_internal(ctx, buf, size, sig, f_rng, p_rng);
+
+    mbedtls_free(sig);
+
+    return ret;
+}
+
+#define PEM_BEGIN_CSR           "-----BEGIN CERTIFICATE REQUEST-----\n"
+#define PEM_END_CSR             "-----END CERTIFICATE REQUEST-----\n"
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+int mbedtls_x509write_csr_pem(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t olen = 0;
+
+    if ((ret = mbedtls_x509write_csr_der(ctx, buf, size,
+                                         f_rng, p_rng)) < 0) {
+        return ret;
+    }
+
+    if ((ret = mbedtls_pem_write_buffer(PEM_BEGIN_CSR, PEM_END_CSR,
+                                        buf + size - ret,
+                                        ret, buf, size, &olen)) != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_PEM_WRITE_C */
+
+#endif /* MBEDTLS_X509_CSR_WRITE_C */
diff --git a/3rdparty/mbedtls-2.28.7/library/xtea.c b/3rdparty/mbedtls-2.28.7/library/xtea.c
new file mode 100644
index 0000000..f4aca56
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/library/xtea.c
@@ -0,0 +1,224 @@
+/*
+ *  A 32-bit implementation of the XTEA algorithm
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_XTEA_C)
+
+#include "mbedtls/xtea.h"
+#include "mbedtls/platform_util.h"
+
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_XTEA_ALT)
+
+void mbedtls_xtea_init(mbedtls_xtea_context *ctx)
+{
+    memset(ctx, 0, sizeof(mbedtls_xtea_context));
+}
+
+void mbedtls_xtea_free(mbedtls_xtea_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_xtea_context));
+}
+
+/*
+ * XTEA key schedule
+ */
+void mbedtls_xtea_setup(mbedtls_xtea_context *ctx, const unsigned char key[16])
+{
+    int i;
+
+    memset(ctx, 0, sizeof(mbedtls_xtea_context));
+
+    for (i = 0; i < 4; i++) {
+        ctx->k[i] = MBEDTLS_GET_UINT32_BE(key, i << 2);
+    }
+}
+
+/*
+ * XTEA encrypt function
+ */
+int mbedtls_xtea_crypt_ecb(mbedtls_xtea_context *ctx, int mode,
+                           const unsigned char input[8], unsigned char output[8])
+{
+    uint32_t *k, v0, v1, i;
+
+    k = ctx->k;
+
+    v0 = MBEDTLS_GET_UINT32_BE(input, 0);
+    v1 = MBEDTLS_GET_UINT32_BE(input, 4);
+
+    if (mode == MBEDTLS_XTEA_ENCRYPT) {
+        uint32_t sum = 0, delta = 0x9E3779B9;
+
+        for (i = 0; i < 32; i++) {
+            v0 += (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
+            sum += delta;
+            v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
+        }
+    } else { /* MBEDTLS_XTEA_DECRYPT */
+        uint32_t delta = 0x9E3779B9, sum = delta * 32;
+
+        for (i = 0; i < 32; i++) {
+            v1 -= (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
+            sum -= delta;
+            v0 -= (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
+        }
+    }
+
+    MBEDTLS_PUT_UINT32_BE(v0, output, 0);
+    MBEDTLS_PUT_UINT32_BE(v1, output, 4);
+
+    return 0;
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/*
+ * XTEA-CBC buffer encryption/decryption
+ */
+int mbedtls_xtea_crypt_cbc(mbedtls_xtea_context *ctx, int mode, size_t length,
+                           unsigned char iv[8], const unsigned char *input,
+                           unsigned char *output)
+{
+    int i;
+    unsigned char temp[8];
+
+    if (length % 8) {
+        return MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH;
+    }
+
+    if (mode == MBEDTLS_XTEA_DECRYPT) {
+        while (length > 0) {
+            memcpy(temp, input, 8);
+            mbedtls_xtea_crypt_ecb(ctx, mode, input, output);
+
+            for (i = 0; i < 8; i++) {
+                output[i] = (unsigned char) (output[i] ^ iv[i]);
+            }
+
+            memcpy(iv, temp, 8);
+
+            input  += 8;
+            output += 8;
+            length -= 8;
+        }
+    } else {
+        while (length > 0) {
+            for (i = 0; i < 8; i++) {
+                output[i] = (unsigned char) (input[i] ^ iv[i]);
+            }
+
+            mbedtls_xtea_crypt_ecb(ctx, mode, output, output);
+            memcpy(iv, output, 8);
+
+            input  += 8;
+            output += 8;
+            length -= 8;
+        }
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* !MBEDTLS_XTEA_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/*
+ * XTEA tests vectors (non-official)
+ */
+
+static const unsigned char xtea_test_key[6][16] =
+{
+    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
+      0x0c, 0x0d, 0x0e, 0x0f },
+    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
+      0x0c, 0x0d, 0x0e, 0x0f },
+    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
+      0x0c, 0x0d, 0x0e, 0x0f },
+    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00 },
+    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00 },
+    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00 }
+};
+
+static const unsigned char xtea_test_pt[6][8] =
+{
+    { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 },
+    { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
+    { 0x5a, 0x5b, 0x6e, 0x27, 0x89, 0x48, 0xd7, 0x7f },
+    { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 },
+    { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
+    { 0x70, 0xe1, 0x22, 0x5d, 0x6e, 0x4e, 0x76, 0x55 }
+};
+
+static const unsigned char xtea_test_ct[6][8] =
+{
+    { 0x49, 0x7d, 0xf3, 0xd0, 0x72, 0x61, 0x2c, 0xb5 },
+    { 0xe7, 0x8f, 0x2d, 0x13, 0x74, 0x43, 0x41, 0xd8 },
+    { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
+    { 0xa0, 0x39, 0x05, 0x89, 0xf8, 0xb8, 0xef, 0xa5 },
+    { 0xed, 0x23, 0x37, 0x5a, 0x82, 0x1a, 0x8c, 0x2d },
+    { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 }
+};
+
+/*
+ * Checkup routine
+ */
+int mbedtls_xtea_self_test(int verbose)
+{
+    int i, ret = 0;
+    unsigned char buf[8];
+    mbedtls_xtea_context ctx;
+
+    mbedtls_xtea_init(&ctx);
+    for (i = 0; i < 6; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  XTEA test #%d: ", i + 1);
+        }
+
+        memcpy(buf, xtea_test_pt[i], 8);
+
+        mbedtls_xtea_setup(&ctx, xtea_test_key[i]);
+        mbedtls_xtea_crypt_ecb(&ctx, MBEDTLS_XTEA_ENCRYPT, buf, buf);
+
+        if (memcmp(buf, xtea_test_ct[i], 8) != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
+
+            ret = 1;
+            goto exit;
+        }
+
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
+    }
+
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
+
+exit:
+    mbedtls_xtea_free(&ctx);
+
+    return ret;
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_XTEA_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/.gitignore b/3rdparty/mbedtls-2.28.7/programs/.gitignore
new file mode 100644
index 0000000..59634b5
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/.gitignore
@@ -0,0 +1,71 @@
+# Ignore makefiles generated by CMake, but not the makefile that's checked in.
+*/Makefile
+!fuzz/Makefile
+
+*.sln
+*.vcxproj
+
+aes/crypt_and_hash
+hash/generic_sum
+hash/hello
+hash/md5sum
+hash/sha1sum
+hash/sha2sum
+pkey/dh_client
+pkey/dh_genprime
+pkey/dh_server
+pkey/ecdh_curve25519
+pkey/ecdsa
+pkey/gen_key
+pkey/key_app
+pkey/key_app_writer
+pkey/mpi_demo
+pkey/pk_decrypt
+pkey/pk_encrypt
+pkey/pk_sign
+pkey/pk_verify
+pkey/rsa_decrypt
+pkey/rsa_encrypt
+pkey/rsa_genkey
+pkey/rsa_sign
+pkey/rsa_sign_pss
+pkey/rsa_verify
+pkey/rsa_verify_pss
+psa/crypto_examples
+psa/key_ladder_demo
+psa/psa_constant_names
+random/gen_entropy
+random/gen_random_ctr_drbg
+random/gen_random_havege
+ssl/dtls_client
+ssl/dtls_server
+ssl/mini_client
+ssl/ssl_client1
+ssl/ssl_client2
+ssl/ssl_context_info
+ssl/ssl_fork_server
+ssl/ssl_mail_client
+ssl/ssl_pthread_server
+ssl/ssl_server
+ssl/ssl_server2
+test/benchmark
+test/cpp_dummy_build
+test/cpp_dummy_build.cpp
+test/dlopen
+test/ecp-bench
+test/query_compile_time_config
+test/selftest
+test/ssl_cert_test
+test/udp_proxy
+test/zeroize
+util/pem2der
+util/strerror
+x509/cert_app
+x509/cert_req
+x509/cert_write
+x509/crl_app
+x509/load_roots
+x509/req_app
+
+# generated files
+pkey/keyfile.key
diff --git a/3rdparty/mbedtls-2.25.0/programs/CMakeLists.txt b/3rdparty/mbedtls-2.28.7/programs/CMakeLists.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/CMakeLists.txt
rename to 3rdparty/mbedtls-2.28.7/programs/CMakeLists.txt
diff --git a/3rdparty/mbedtls-2.28.7/programs/Makefile b/3rdparty/mbedtls-2.28.7/programs/Makefile
new file mode 100644
index 0000000..2d0f705
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/Makefile
@@ -0,0 +1,422 @@
+
+# To compile on SunOS: add "-lsocket -lnsl" to LDFLAGS
+# To compile with PKCS11: add "-lpkcs11-helper" to LDFLAGS
+
+CFLAGS	?= -O2
+WARNING_CFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral
+WARNING_CXXFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral
+LDFLAGS ?=
+
+MBEDTLS_TEST_PATH:=../tests/src
+MBEDTLS_TEST_OBJS:=$(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/*.c ${MBEDTLS_TEST_PATH}/drivers/*.c))
+
+LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../tests/include -I../include -D_FILE_OFFSET_BITS=64
+LOCAL_CXXFLAGS = $(WARNING_CXXFLAGS) -I../include -D_FILE_OFFSET_BITS=64
+LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} 		\
+		-L../library 			\
+		-lmbedtls$(SHARED_SUFFIX)	\
+		-lmbedx509$(SHARED_SUFFIX)	\
+		-lmbedcrypto$(SHARED_SUFFIX)
+
+ifeq ($(shell uname -s),Linux)
+DLOPEN_LDFLAGS ?= -ldl
+else
+DLOPEN_LDFLAGS ?=
+endif
+
+include ../3rdparty/Makefile.inc
+LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES)
+
+ifndef SHARED
+MBEDLIBS=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a
+else
+MBEDLIBS=../library/libmbedcrypto.$(DLEXT) ../library/libmbedx509.$(DLEXT) ../library/libmbedtls.$(DLEXT)
+endif
+DEP=${MBEDLIBS} ${MBEDTLS_TEST_OBJS}
+
+ifdef DEBUG
+LOCAL_CFLAGS += -g3
+endif
+
+# if we're running on Windows, build for Windows
+ifdef WINDOWS
+WINDOWS_BUILD=1
+endif
+
+ifdef WINDOWS_BUILD
+DLEXT=dll
+EXEXT=.exe
+LOCAL_LDFLAGS += -lws2_32
+ifdef SHARED
+SHARED_SUFFIX=.$(DLEXT)
+endif
+else
+DLEXT ?= so
+EXEXT=
+SHARED_SUFFIX=
+endif
+
+# Zlib shared library extensions:
+ifdef ZLIB
+LOCAL_LDFLAGS += -lz
+endif
+
+# Only build the dlopen test in shared library builds, and not when building
+# for Windows.
+ifdef BUILD_DLOPEN
+# Don't override the value
+else ifdef WINDOWS_BUILD
+BUILD_DLOPEN =
+else ifdef SHARED
+BUILD_DLOPEN = y
+else
+BUILD_DLOPEN =
+endif
+
+APPS = \
+	aes/crypt_and_hash$(EXEXT) \
+	hash/generic_sum$(EXEXT) \
+	hash/hello$(EXEXT) \
+	pkey/dh_client$(EXEXT) \
+	pkey/dh_genprime$(EXEXT) \
+	pkey/dh_server$(EXEXT) \
+	pkey/ecdh_curve25519$(EXEXT) \
+	pkey/ecdsa$(EXEXT) \
+	pkey/gen_key$(EXEXT) \
+	pkey/key_app$(EXEXT) \
+	pkey/key_app_writer$(EXEXT) \
+	pkey/mpi_demo$(EXEXT) \
+	pkey/pk_decrypt$(EXEXT) \
+	pkey/pk_encrypt$(EXEXT) \
+	pkey/pk_sign$(EXEXT) \
+	pkey/pk_verify$(EXEXT) \
+	pkey/rsa_decrypt$(EXEXT) \
+	pkey/rsa_encrypt$(EXEXT) \
+	pkey/rsa_genkey$(EXEXT) \
+	pkey/rsa_sign$(EXEXT) \
+	pkey/rsa_sign_pss$(EXEXT) \
+	pkey/rsa_verify$(EXEXT) \
+	pkey/rsa_verify_pss$(EXEXT) \
+	psa/crypto_examples$(EXEXT) \
+	psa/key_ladder_demo$(EXEXT) \
+	psa/psa_constant_names$(EXEXT) \
+	random/gen_entropy$(EXEXT) \
+	random/gen_random_ctr_drbg$(EXEXT) \
+	random/gen_random_havege$(EXEXT) \
+	ssl/dtls_client$(EXEXT) \
+	ssl/dtls_server$(EXEXT) \
+	ssl/mini_client$(EXEXT) \
+	ssl/ssl_client1$(EXEXT) \
+	ssl/ssl_client2$(EXEXT) \
+	ssl/ssl_context_info$(EXEXT) \
+	ssl/ssl_fork_server$(EXEXT) \
+	ssl/ssl_mail_client$(EXEXT) \
+	ssl/ssl_server$(EXEXT) \
+	ssl/ssl_server2$(EXEXT) \
+	test/benchmark$(EXEXT) \
+	test/query_compile_time_config$(EXEXT) \
+	test/selftest$(EXEXT) \
+	test/udp_proxy$(EXEXT) \
+	test/zeroize$(EXEXT) \
+	util/pem2der$(EXEXT) \
+	util/strerror$(EXEXT) \
+	x509/cert_app$(EXEXT) \
+	x509/cert_req$(EXEXT) \
+	x509/cert_write$(EXEXT) \
+	x509/crl_app$(EXEXT) \
+	x509/load_roots$(EXEXT) \
+	x509/req_app$(EXEXT) \
+# End of APPS
+
+ifdef PTHREAD
+APPS +=	ssl/ssl_pthread_server$(EXEXT)
+endif
+
+ifdef BUILD_DLOPEN
+APPS +=	test/dlopen
+endif
+
+ifdef TEST_CPP
+APPS += test/cpp_dummy_build$(EXEXT)
+endif
+
+.SILENT:
+
+.PHONY: all clean list fuzz
+
+all: $(APPS)
+ifndef WINDOWS
+# APPS doesn't include the fuzzing programs, which aren't "normal"
+# sample or test programs, and don't build with MSVC which is
+# warning about fopen
+all: fuzz
+endif
+
+fuzz: ${MBEDTLS_TEST_OBJS}
+	$(MAKE) -C fuzz THIRDPARTY_INCLUDES=$(THIRDPARTY_INCLUDES)
+
+$(MBEDLIBS):
+	$(MAKE) -C ../library
+
+${MBEDTLS_TEST_OBJS}:
+	$(MAKE) -C ../tests mbedtls_test
+
+aes/crypt_and_hash$(EXEXT): aes/crypt_and_hash.c $(DEP)
+	echo "  CC    aes/crypt_and_hash.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) aes/crypt_and_hash.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+hash/hello$(EXEXT): hash/hello.c $(DEP)
+	echo "  CC    hash/hello.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) hash/hello.c       $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+hash/generic_sum$(EXEXT): hash/generic_sum.c $(DEP)
+	echo "  CC    hash/generic_sum.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) hash/generic_sum.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+pkey/dh_client$(EXEXT): pkey/dh_client.c $(DEP)
+	echo "  CC    pkey/dh_client.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_client.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+pkey/dh_genprime$(EXEXT): pkey/dh_genprime.c $(DEP)
+	echo "  CC    pkey/dh_genprime.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_genprime.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+pkey/dh_server$(EXEXT): pkey/dh_server.c $(DEP)
+	echo "  CC    pkey/dh_server.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_server.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+pkey/ecdh_curve25519$(EXEXT): pkey/ecdh_curve25519.c $(DEP)
+	echo "  CC    pkey/ecdh_curve25519.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/ecdh_curve25519.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+pkey/ecdsa$(EXEXT): pkey/ecdsa.c $(DEP)
+	echo "  CC    pkey/ecdsa.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/ecdsa.c       $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+pkey/gen_key$(EXEXT): pkey/gen_key.c $(DEP)
+	echo "  CC    pkey/gen_key.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/gen_key.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+pkey/key_app$(EXEXT): pkey/key_app.c $(DEP)
+	echo "  CC    pkey/key_app.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/key_app.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+pkey/key_app_writer$(EXEXT): pkey/key_app_writer.c $(DEP)
+	echo "  CC    pkey/key_app_writer.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/key_app_writer.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+pkey/mpi_demo$(EXEXT): pkey/mpi_demo.c $(DEP)
+	echo "  CC    pkey/mpi_demo.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/mpi_demo.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+pkey/pk_decrypt$(EXEXT): pkey/pk_decrypt.c $(DEP)
+	echo "  CC    pkey/pk_decrypt.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/pk_decrypt.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+pkey/pk_encrypt$(EXEXT): pkey/pk_encrypt.c $(DEP)
+	echo "  CC    pkey/pk_encrypt.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/pk_encrypt.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+pkey/pk_sign$(EXEXT): pkey/pk_sign.c $(DEP)
+	echo "  CC    pkey/pk_sign.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/pk_sign.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+pkey/pk_verify$(EXEXT): pkey/pk_verify.c $(DEP)
+	echo "  CC    pkey/pk_verify.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/pk_verify.c  $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+pkey/rsa_genkey$(EXEXT): pkey/rsa_genkey.c $(DEP)
+	echo "  CC    pkey/rsa_genkey.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_genkey.c  $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+pkey/rsa_sign$(EXEXT): pkey/rsa_sign.c $(DEP)
+	echo "  CC    pkey/rsa_sign.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_sign.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+pkey/rsa_verify$(EXEXT): pkey/rsa_verify.c $(DEP)
+	echo "  CC    pkey/rsa_verify.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_verify.c  $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+pkey/rsa_sign_pss$(EXEXT): pkey/rsa_sign_pss.c $(DEP)
+	echo "  CC    pkey/rsa_sign_pss.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_sign_pss.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+pkey/rsa_verify_pss$(EXEXT): pkey/rsa_verify_pss.c $(DEP)
+	echo "  CC    pkey/rsa_verify_pss.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_verify_pss.c  $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+pkey/rsa_decrypt$(EXEXT): pkey/rsa_decrypt.c $(DEP)
+	echo "  CC    pkey/rsa_decrypt.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_decrypt.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+pkey/rsa_encrypt$(EXEXT): pkey/rsa_encrypt.c $(DEP)
+	echo "  CC    pkey/rsa_encrypt.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_encrypt.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+psa/key_ladder_demo$(EXEXT): psa/key_ladder_demo.c $(DEP)
+	echo "  CC    psa/key_ladder_demo.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/key_ladder_demo.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+psa/psa_constant_names$(EXEXT): psa/psa_constant_names.c psa/psa_constant_names_generated.c $(DEP)
+	echo "  CC    psa/psa_constant_names.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/psa_constant_names.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+random/gen_entropy$(EXEXT): random/gen_entropy.c $(DEP)
+	echo "  CC    random/gen_entropy.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) random/gen_entropy.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+random/gen_random_havege$(EXEXT): random/gen_random_havege.c $(DEP)
+	echo "  CC    random/gen_random_havege.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) random/gen_random_havege.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+random/gen_random_ctr_drbg$(EXEXT): random/gen_random_ctr_drbg.c $(DEP)
+	echo "  CC    random/gen_random_ctr_drbg.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) random/gen_random_ctr_drbg.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+ssl/dtls_client$(EXEXT): ssl/dtls_client.c $(DEP)
+	echo "  CC    ssl/dtls_client.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/dtls_client.c  $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+ssl/dtls_server$(EXEXT): ssl/dtls_server.c $(DEP)
+	echo "  CC    ssl/dtls_server.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/dtls_server.c  $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+ssl/ssl_client1$(EXEXT): ssl/ssl_client1.c $(DEP)
+	echo "  CC    ssl/ssl_client1.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_client1.c  $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+SSL_TEST_OBJECTS = test/query_config.o ssl/ssl_test_lib.o
+SSL_TEST_DEPS = $(SSL_TEST_OBJECTS) \
+		test/query_config.h \
+		ssl/ssl_test_lib.h \
+		ssl/ssl_test_common_source.c \
+		$(DEP)
+
+ssl/ssl_test_lib.o: ssl/ssl_test_lib.c ssl/ssl_test_lib.h $(DEP)
+	echo "  CC    ssl/ssl_test_lib.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -c ssl/ssl_test_lib.c -o $@
+
+ssl/ssl_client2$(EXEXT): ssl/ssl_client2.c $(SSL_TEST_DEPS)
+	echo "  CC    ssl/ssl_client2.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_client2.c $(SSL_TEST_OBJECTS) $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+ssl/ssl_server$(EXEXT): ssl/ssl_server.c $(DEP)
+	echo "  CC    ssl/ssl_server.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_server.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+ssl/ssl_server2$(EXEXT): ssl/ssl_server2.c $(SSL_TEST_DEPS)
+	echo "  CC    ssl/ssl_server2.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_server2.c $(SSL_TEST_OBJECTS) $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+ssl/ssl_context_info$(EXEXT): ssl/ssl_context_info.c test/query_config.o test/query_config.h $(DEP)
+	echo "  CC    ssl/ssl_context_info.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_context_info.c test/query_config.o $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+ssl/ssl_fork_server$(EXEXT): ssl/ssl_fork_server.c $(DEP)
+	echo "  CC    ssl/ssl_fork_server.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_fork_server.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+ssl/ssl_pthread_server$(EXEXT): ssl/ssl_pthread_server.c $(DEP)
+	echo "  CC    ssl/ssl_pthread_server.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_pthread_server.c   $(LOCAL_LDFLAGS) -lpthread  $(LDFLAGS) -o $@
+
+ssl/ssl_mail_client$(EXEXT): ssl/ssl_mail_client.c $(DEP)
+	echo "  CC    ssl/ssl_mail_client.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_mail_client.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+ssl/mini_client$(EXEXT): ssl/mini_client.c $(DEP)
+	echo "  CC    ssl/mini_client.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/mini_client.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+test/benchmark$(EXEXT): test/benchmark.c $(DEP)
+	echo "  CC    test/benchmark.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/benchmark.c   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+test/cpp_dummy_build.cpp: test/generate_cpp_dummy_build.sh
+	echo "  Gen   test/cpp_dummy_build.cpp"
+	test/generate_cpp_dummy_build.sh
+
+test/cpp_dummy_build$(EXEXT): test/cpp_dummy_build.cpp $(DEP)
+	echo "  CXX   test/cpp_dummy_build.cpp"
+	$(CXX) $(LOCAL_CXXFLAGS) $(CXXFLAGS) test/cpp_dummy_build.cpp   $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+ifdef BUILD_DLOPEN
+test/dlopen$(EXEXT): test/dlopen.c $(DEP)
+	echo "  CC    test/dlopen.c"
+# Do not link any test objects (that would bring in a static dependency on
+# libmbedcrypto at least). Do not link with libmbed* (that would defeat the
+# purpose of testing dynamic loading).
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/dlopen.c $(LDFLAGS) $(DLOPEN_LDFLAGS) -o $@
+endif
+
+test/query_config.o: test/query_config.c test/query_config.h $(DEP)
+	echo "  CC    test/query_config.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -c test/query_config.c -o $@
+
+test/selftest$(EXEXT): test/selftest.c $(DEP)
+	echo "  CC    test/selftest.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/selftest.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+test/udp_proxy$(EXEXT): test/udp_proxy.c $(DEP)
+	echo "  CC    test/udp_proxy.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/udp_proxy.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+test/zeroize$(EXEXT): test/zeroize.c $(DEP)
+	echo "  CC    test/zeroize.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/zeroize.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+test/query_compile_time_config$(EXEXT): test/query_compile_time_config.c test/query_config.o test/query_config.h $(DEP)
+	echo "  CC    test/query_compile_time_config.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/query_compile_time_config.c test/query_config.o $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+util/pem2der$(EXEXT): util/pem2der.c $(DEP)
+	echo "  CC    util/pem2der.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) util/pem2der.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+util/strerror$(EXEXT): util/strerror.c $(DEP)
+	echo "  CC    util/strerror.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) util/strerror.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+x509/cert_app$(EXEXT): x509/cert_app.c $(DEP)
+	echo "  CC    x509/cert_app.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/cert_app.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+x509/cert_write$(EXEXT): x509/cert_write.c $(DEP)
+	echo "  CC    x509/cert_write.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/cert_write.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+x509/crl_app$(EXEXT): x509/crl_app.c $(DEP)
+	echo "  CC    x509/crl_app.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/crl_app.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+x509/cert_req$(EXEXT): x509/cert_req.c $(DEP)
+	echo "  CC    x509/cert_req.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/cert_req.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+x509/load_roots$(EXEXT): x509/load_roots.c $(DEP)
+	echo "  CC    x509/load_roots.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/load_roots.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+x509/req_app$(EXEXT): x509/req_app.c $(DEP)
+	echo "  CC    x509/req_app.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/req_app.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+psa/crypto_examples$(EXEXT): psa/crypto_examples.c $(DEP)
+	echo "  CC    psa/crypto_examples.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/crypto_examples.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+clean:
+ifndef WINDOWS
+	rm -f $(APPS)
+	-rm -f ssl/ssl_pthread_server$(EXEXT)
+	-rm -f test/cpp_dummy_build.cpp test/cpp_dummy_build$(EXEXT)
+	-rm -f test/dlopen$(EXEXT)
+else
+	if exist *.o del /Q /F *.o
+	if exist *.exe del /Q /F *.exe
+	if exist test\cpp_dummy_build.cpp del /Q /F test\cpp_dummy_build.cpp
+endif
+	$(MAKE) -C fuzz clean
+
+list:
+	echo $(APPS)
diff --git a/3rdparty/mbedtls-2.28.7/programs/README.md b/3rdparty/mbedtls-2.28.7/programs/README.md
new file mode 100644
index 0000000..e9e9f57
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/README.md
@@ -0,0 +1,120 @@
+Mbed TLS sample programs
+========================
+
+This subdirectory mostly contains sample programs that illustrate specific features of the library, as well as a few test and support programs.
+
+## Symmetric cryptography (AES) examples
+
+* [`aes/crypt_and_hash.c`](aes/crypt_and_hash.c): file encryption and authentication, demonstrating the generic cipher interface and the generic hash interface.
+
+## Hash (digest) examples
+
+* [`hash/generic_sum.c`](hash/generic_sum.c): file hash calculator and verifier, demonstrating the message digest (`md`) interface.
+
+* [`hash/hello.c`](hash/hello.c): hello-world program for MD5.
+
+## Public-key cryptography examples
+
+### Generic public-key cryptography (`pk`) examples
+
+* [`pkey/gen_key.c`](pkey/gen_key.c): generates a key for any of the supported public-key algorithms (RSA or ECC) and writes it to a file that can be used by the other pk sample programs.
+
+* [`pkey/key_app.c`](pkey/key_app.c): loads a PEM or DER public key or private key file and dumps its content.
+
+* [`pkey/key_app_writer.c`](pkey/key_app_writer.c): loads a PEM or DER public key or private key file and writes it to a new PEM or DER file.
+
+* [`pkey/pk_encrypt.c`](pkey/pk_encrypt.c), [`pkey/pk_decrypt.c`](pkey/pk_decrypt.c): loads a PEM or DER public/private key file and uses the key to encrypt/decrypt a short string through the generic public-key interface.
+
+* [`pkey/pk_sign.c`](pkey/pk_sign.c), [`pkey/pk_verify.c`](pkey/pk_verify.c): loads a PEM or DER private/public key file and uses the key to sign/verify a short string.
+
+### ECDSA and RSA signature examples
+
+* [`pkey/ecdsa.c`](pkey/ecdsa.c): generates an ECDSA key, signs a fixed message and verifies the signature.
+
+* [`pkey/rsa_encrypt.c`](pkey/rsa_encrypt.c), [`pkey/rsa_decrypt.c`](pkey/rsa_decrypt.c): loads an RSA public/private key and uses it to encrypt/decrypt a short string through the low-level RSA interface.
+
+* [`pkey/rsa_genkey.c`](pkey/rsa_genkey.c): generates an RSA key and writes it to a file that can be used with the other RSA sample programs.
+
+* [`pkey/rsa_sign.c`](pkey/rsa_sign.c), [`pkey/rsa_verify.c`](pkey/rsa_verify.c): loads an RSA private/public key and uses it to sign/verify a short string with the RSA PKCS#1 v1.5 algorithm.
+
+* [`pkey/rsa_sign_pss.c`](pkey/rsa_sign_pss.c), [`pkey/rsa_verify_pss.c`](pkey/rsa_verify_pss.c): loads an RSA private/public key and uses it to sign/verify a short string with the RSASSA-PSS algorithm.
+
+### Diffie-Hellman key exchange examples
+
+* [`pkey/dh_client.c`](pkey/dh_client.c), [`pkey/dh_server.c`](pkey/dh_server.c): secure channel demonstrators (client, server). This pair of programs illustrates how to set up a secure channel using RSA for authentication and Diffie-Hellman to generate a shared AES session key.
+
+* [`pkey/ecdh_curve25519.c`](pkey/ecdh_curve25519.c): demonstration of a elliptic curve Diffie-Hellman (ECDH) key agreement.
+
+### Bignum (`mpi`) usage examples
+
+* [`pkey/dh_genprime.c`](pkey/dh_genprime.c): shows how to use the bignum (`mpi`) interface to generate Diffie-Hellman parameters.
+
+* [`pkey/mpi_demo.c`](pkey/mpi_demo.c): demonstrates operations on big integers.
+
+## Random number generator (RNG) examples
+
+* [`random/gen_entropy.c`](random/gen_entropy.c): shows how to use the default entropy sources to generate random data.  
+  Note: most applications should only use the entropy generator to seed a cryptographic pseudorandom generator, as illustrated by `random/gen_random_ctr_drbg.c`.
+
+* [`random/gen_random_ctr_drbg.c`](random/gen_random_ctr_drbg.c): shows how to use the default entropy sources to seed a pseudorandom generator, and how to use the resulting random generator to generate random data.
+
+* [`random/gen_random_havege.c`](random/gen_random_havege.c): demonstrates the HAVEGE entropy collector.
+
+## SSL/TLS examples
+
+### SSL/TLS sample applications
+
+* [`ssl/dtls_client.c`](ssl/dtls_client.c): a simple DTLS client program, which sends one datagram to the server and reads one datagram in response.
+
+* [`ssl/dtls_server.c`](ssl/dtls_server.c): a simple DTLS server program, which expects one datagram from the client and writes one datagram in response. This program supports DTLS cookies for hello verification.
+
+* [`ssl/mini_client.c`](ssl/mini_client.c): a minimalistic SSL client, which sends a short string and disconnects. This is primarily intended as a benchmark; for a better example of a typical TLS client, see `ssl/ssl_client1.c`.
+
+* [`ssl/ssl_client1.c`](ssl/ssl_client1.c): a simple HTTPS client that sends a fixed request and displays the response.
+
+* [`ssl/ssl_fork_server.c`](ssl/ssl_fork_server.c): a simple HTTPS server using one process per client to send a fixed response. This program requires a Unix/POSIX environment implementing the `fork` system call.
+
+* [`ssl/ssl_mail_client.c`](ssl/ssl_mail_client.c): a simple SMTP-over-TLS or SMTP-STARTTLS client. This client sends an email with fixed content.
+
+* [`ssl/ssl_pthread_server.c`](ssl/ssl_pthread_server.c): a simple HTTPS server using one thread per client to send a fixed response. This program requires the pthread library.
+
+* [`ssl/ssl_server.c`](ssl/ssl_server.c): a simple HTTPS server that sends a fixed response. It serves a single client at a time.
+
+### SSL/TLS feature demonstrators
+
+Note: unlike most of the other programs under the `programs/` directory, these two programs are not intended as a basis for writing an application. They combine most of the features supported by the library, and most applications require only a few features. To write a new application, we recommended that you start with `ssl_client1.c` or `ssl_server.c`, and then look inside `ssl/ssl_client2.c` or `ssl/ssl_server2.c` to see how to use the specific features that your application needs.
+
+* [`ssl/ssl_client2.c`](ssl/ssl_client2.c): an HTTPS client that sends a fixed request and displays the response, with options to select TLS protocol features and Mbed TLS library features.
+
+* [`ssl/ssl_server2.c`](ssl/ssl_server2.c): an HTTPS server that sends a fixed response, with options to select TLS protocol features and Mbed TLS library features.
+
+In addition to providing options for testing client-side features, the `ssl_client2` program has options that allow you to trigger certain behaviors in the server. For example, there are options to select ciphersuites, or to force a renegotiation. These options are useful for testing the corresponding features in a TLS server. Likewise, `ssl_server2` has options to activate certain behaviors that are useful for testing a TLS client.
+
+## Test utilities
+
+* [`test/benchmark.c`](test/benchmark.c): benchmark for cryptographic algorithms.
+
+* [`test/selftest.c`](test/selftest.c): runs the self-test function in each library module.
+
+* [`test/udp_proxy.c`](test/udp_proxy.c): a UDP proxy that can inject certain failures (delay, duplicate, drop). Useful for testing DTLS.
+
+* [`test/zeroize.c`](test/zeroize.c): a test program for `mbedtls_platform_zeroize`, used by [`tests/scripts/test_zeroize.gdb`](tests/scripts/test_zeroize.gdb).
+
+## Development utilities
+
+* [`util/pem2der.c`](util/pem2der.c): a PEM to DER converter. Mbed TLS can read PEM files directly, but this utility can be useful for interacting with other tools or with minimal Mbed TLS builds that lack PEM support.
+
+* [`util/strerror.c`](util/strerror.c): prints the error description corresponding to an integer status returned by an Mbed TLS function.
+
+## X.509 certificate examples
+
+* [`x509/cert_app.c`](x509/cert_app.c): connects to a TLS server and verifies its certificate chain.
+
+* [`x509/cert_req.c`](x509/cert_req.c): generates a certificate signing request (CSR) for a private key.
+
+* [`x509/cert_write.c`](x509/cert_write.c): signs a certificate signing request, or self-signs a certificate.
+
+* [`x509/crl_app.c`](x509/crl_app.c): loads and dumps a certificate revocation list (CRL).
+
+* [`x509/req_app.c`](x509/req_app.c): loads and dumps a certificate signing request (CSR).
+
diff --git a/3rdparty/mbedtls-2.28.7/programs/aes/CMakeLists.txt b/3rdparty/mbedtls-2.28.7/programs/aes/CMakeLists.txt
new file mode 100644
index 0000000..62a54c7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/aes/CMakeLists.txt
@@ -0,0 +1,12 @@
+set(executables
+    crypt_and_hash
+)
+
+foreach(exe IN LISTS executables)
+    add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
+    target_link_libraries(${exe} ${mbedcrypto_target})
+endforeach()
+
+install(TARGETS ${executables}
+        DESTINATION "bin"
+        PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/3rdparty/mbedtls-2.28.7/programs/aes/crypt_and_hash.c b/3rdparty/mbedtls-2.28.7/programs/aes/crypt_and_hash.c
new file mode 100644
index 0000000..60bb75f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/aes/crypt_and_hash.c
@@ -0,0 +1,574 @@
+/*
+ *  \brief  Generic file encryption program using generic wrappers for configured
+ *          security.
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/* Enable definition of fileno() even when compiling with -std=c99. Must be
+ * set before config.h, which pulls in glibc's features.h indirectly.
+ * Harmless on other platforms. */
+#define _POSIX_C_SOURCE 200112L
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_CIPHER_C) && defined(MBEDTLS_MD_C) && \
+    defined(MBEDTLS_FS_IO)
+#include "mbedtls/cipher.h"
+#include "mbedtls/md.h"
+#include "mbedtls/platform_util.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#endif
+
+#if defined(_WIN32)
+#include <windows.h>
+#if !defined(_WIN32_WCE)
+#include <io.h>
+#endif
+#else
+#include <sys/types.h>
+#include <unistd.h>
+#endif
+
+#define MODE_ENCRYPT    0
+#define MODE_DECRYPT    1
+
+#define USAGE   \
+    "\n  crypt_and_hash <mode> <input filename> <output filename> <cipher> <mbedtls_md> <key>\n" \
+    "\n   <mode>: 0 = encrypt, 1 = decrypt\n" \
+    "\n  example: crypt_and_hash 0 file file.aes AES-128-CBC SHA1 hex:E76B2413958B00E193\n" \
+    "\n"
+
+#if !defined(MBEDTLS_CIPHER_C) || !defined(MBEDTLS_MD_C) || \
+    !defined(MBEDTLS_FS_IO)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_CIPHER_C and/or MBEDTLS_MD_C and/or MBEDTLS_FS_IO not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+
+int main(int argc, char *argv[])
+{
+    int ret = 1, i;
+    unsigned n;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    int mode;
+    size_t keylen, ilen, olen;
+    FILE *fkey, *fin = NULL, *fout = NULL;
+
+    char *p;
+    unsigned char IV[16];
+    unsigned char key[512];
+    unsigned char digest[MBEDTLS_MD_MAX_SIZE];
+    unsigned char buffer[1024];
+    unsigned char output[1024];
+    unsigned char diff;
+
+    const mbedtls_cipher_info_t *cipher_info;
+    const mbedtls_md_info_t *md_info;
+    mbedtls_cipher_context_t cipher_ctx;
+    mbedtls_md_context_t md_ctx;
+    mbedtls_cipher_mode_t cipher_mode;
+    unsigned int cipher_block_size;
+    unsigned char md_size;
+#if defined(_WIN32_WCE)
+    long filesize, offset;
+#elif defined(_WIN32)
+    LARGE_INTEGER li_size;
+    __int64 filesize, offset;
+#else
+    off_t filesize, offset;
+#endif
+
+    mbedtls_cipher_init(&cipher_ctx);
+    mbedtls_md_init(&md_ctx);
+
+    /*
+     * Parse the command-line arguments.
+     */
+    if (argc != 7) {
+        const int *list;
+
+        mbedtls_printf(USAGE);
+
+        mbedtls_printf("Available ciphers:\n");
+        list = mbedtls_cipher_list();
+        while (*list) {
+            cipher_info = mbedtls_cipher_info_from_type(*list);
+            mbedtls_printf("  %s\n", cipher_info->name);
+            list++;
+        }
+
+        mbedtls_printf("\nAvailable message digests:\n");
+        list = mbedtls_md_list();
+        while (*list) {
+            md_info = mbedtls_md_info_from_type(*list);
+            mbedtls_printf("  %s\n", mbedtls_md_get_name(md_info));
+            list++;
+        }
+
+#if defined(_WIN32)
+        mbedtls_printf("\n  Press Enter to exit this program.\n");
+        fflush(stdout); getchar();
+#endif
+
+        goto exit;
+    }
+
+    mode = atoi(argv[1]);
+
+    if (mode != MODE_ENCRYPT && mode != MODE_DECRYPT) {
+        mbedtls_fprintf(stderr, "invalid operation mode\n");
+        goto exit;
+    }
+
+    if (strcmp(argv[2], argv[3]) == 0) {
+        mbedtls_fprintf(stderr, "input and output filenames must differ\n");
+        goto exit;
+    }
+
+    if ((fin = fopen(argv[2], "rb")) == NULL) {
+        mbedtls_fprintf(stderr, "fopen(%s,rb) failed\n", argv[2]);
+        goto exit;
+    }
+
+    if ((fout = fopen(argv[3], "wb+")) == NULL) {
+        mbedtls_fprintf(stderr, "fopen(%s,wb+) failed\n", argv[3]);
+        goto exit;
+    }
+
+    /*
+     * Read the Cipher and MD from the command line
+     */
+    cipher_info = mbedtls_cipher_info_from_string(argv[4]);
+    if (cipher_info == NULL) {
+        mbedtls_fprintf(stderr, "Cipher '%s' not found\n", argv[4]);
+        goto exit;
+    }
+    if ((ret = mbedtls_cipher_setup(&cipher_ctx, cipher_info)) != 0) {
+        mbedtls_fprintf(stderr, "mbedtls_cipher_setup failed\n");
+        goto exit;
+    }
+
+    md_info = mbedtls_md_info_from_string(argv[5]);
+    if (md_info == NULL) {
+        mbedtls_fprintf(stderr, "Message Digest '%s' not found\n", argv[5]);
+        goto exit;
+    }
+
+    if (mbedtls_md_setup(&md_ctx, md_info, 1) != 0) {
+        mbedtls_fprintf(stderr, "mbedtls_md_setup failed\n");
+        goto exit;
+    }
+
+    /*
+     * Read the secret key from file or command line
+     */
+    if ((fkey = fopen(argv[6], "rb")) != NULL) {
+        keylen = fread(key, 1, sizeof(key), fkey);
+        fclose(fkey);
+    } else {
+        if (memcmp(argv[6], "hex:", 4) == 0) {
+            p = &argv[6][4];
+            keylen = 0;
+
+            while (sscanf(p, "%02X", (unsigned int *) &n) > 0 &&
+                   keylen < (int) sizeof(key)) {
+                key[keylen++] = (unsigned char) n;
+                p += 2;
+            }
+        } else {
+            keylen = strlen(argv[6]);
+
+            if (keylen > (int) sizeof(key)) {
+                keylen = (int) sizeof(key);
+            }
+
+            memcpy(key, argv[6], keylen);
+        }
+    }
+
+#if defined(_WIN32_WCE)
+    filesize = fseek(fin, 0L, SEEK_END);
+#else
+#if defined(_WIN32)
+    /*
+     * Support large files (> 2Gb) on Win32
+     */
+    li_size.QuadPart = 0;
+    li_size.LowPart  =
+        SetFilePointer((HANDLE) _get_osfhandle(_fileno(fin)),
+                       li_size.LowPart, &li_size.HighPart, FILE_END);
+
+    if (li_size.LowPart == 0xFFFFFFFF && GetLastError() != NO_ERROR) {
+        mbedtls_fprintf(stderr, "SetFilePointer(0,FILE_END) failed\n");
+        goto exit;
+    }
+
+    filesize = li_size.QuadPart;
+#else
+    if ((filesize = lseek(fileno(fin), 0, SEEK_END)) < 0) {
+        perror("lseek");
+        goto exit;
+    }
+#endif
+#endif
+
+    if (fseek(fin, 0, SEEK_SET) < 0) {
+        mbedtls_fprintf(stderr, "fseek(0,SEEK_SET) failed\n");
+        goto exit;
+    }
+
+    md_size = mbedtls_md_get_size(md_info);
+    cipher_block_size = mbedtls_cipher_get_block_size(&cipher_ctx);
+
+    if (mode == MODE_ENCRYPT) {
+        /*
+         * Generate the initialization vector as:
+         * IV = MD( filesize || filename )[0..15]
+         */
+        for (i = 0; i < 8; i++) {
+            buffer[i] = (unsigned char) (filesize >> (i << 3));
+        }
+
+        p = argv[2];
+
+        if (mbedtls_md_starts(&md_ctx) != 0) {
+            mbedtls_fprintf(stderr, "mbedtls_md_starts() returned error\n");
+            goto exit;
+        }
+        if (mbedtls_md_update(&md_ctx, buffer, 8) != 0) {
+            mbedtls_fprintf(stderr, "mbedtls_md_update() returned error\n");
+            goto exit;
+        }
+        if (mbedtls_md_update(&md_ctx, (unsigned char *) p, strlen(p))
+            != 0) {
+            mbedtls_fprintf(stderr, "mbedtls_md_update() returned error\n");
+            goto exit;
+        }
+        if (mbedtls_md_finish(&md_ctx, digest) != 0) {
+            mbedtls_fprintf(stderr, "mbedtls_md_finish() returned error\n");
+            goto exit;
+        }
+
+        memcpy(IV, digest, 16);
+
+        /*
+         * Append the IV at the beginning of the output.
+         */
+        if (fwrite(IV, 1, 16, fout) != 16) {
+            mbedtls_fprintf(stderr, "fwrite(%d bytes) failed\n", 16);
+            goto exit;
+        }
+
+        /*
+         * Hash the IV and the secret key together 8192 times
+         * using the result to setup the AES context and HMAC.
+         */
+        memset(digest, 0,  32);
+        memcpy(digest, IV, 16);
+
+        for (i = 0; i < 8192; i++) {
+            if (mbedtls_md_starts(&md_ctx) != 0) {
+                mbedtls_fprintf(stderr,
+                                "mbedtls_md_starts() returned error\n");
+                goto exit;
+            }
+            if (mbedtls_md_update(&md_ctx, digest, 32) != 0) {
+                mbedtls_fprintf(stderr,
+                                "mbedtls_md_update() returned error\n");
+                goto exit;
+            }
+            if (mbedtls_md_update(&md_ctx, key, keylen) != 0) {
+                mbedtls_fprintf(stderr,
+                                "mbedtls_md_update() returned error\n");
+                goto exit;
+            }
+            if (mbedtls_md_finish(&md_ctx, digest) != 0) {
+                mbedtls_fprintf(stderr,
+                                "mbedtls_md_finish() returned error\n");
+                goto exit;
+            }
+
+        }
+
+        if (mbedtls_cipher_setkey(&cipher_ctx, digest, cipher_info->key_bitlen,
+                                  MBEDTLS_ENCRYPT) != 0) {
+            mbedtls_fprintf(stderr, "mbedtls_cipher_setkey() returned error\n");
+            goto exit;
+        }
+        if (mbedtls_cipher_set_iv(&cipher_ctx, IV, 16) != 0) {
+            mbedtls_fprintf(stderr, "mbedtls_cipher_set_iv() returned error\n");
+            goto exit;
+        }
+        if (mbedtls_cipher_reset(&cipher_ctx) != 0) {
+            mbedtls_fprintf(stderr, "mbedtls_cipher_reset() returned error\n");
+            goto exit;
+        }
+
+        if (mbedtls_md_hmac_starts(&md_ctx, digest, 32) != 0) {
+            mbedtls_fprintf(stderr, "mbedtls_md_hmac_starts() returned error\n");
+            goto exit;
+        }
+
+        /*
+         * Encrypt and write the ciphertext.
+         */
+        for (offset = 0; offset < filesize; offset += cipher_block_size) {
+            ilen = ((unsigned int) filesize - offset > cipher_block_size) ?
+                   cipher_block_size : (unsigned int) (filesize - offset);
+
+            if (fread(buffer, 1, ilen, fin) != ilen) {
+                mbedtls_fprintf(stderr, "fread(%ld bytes) failed\n", (long) ilen);
+                goto exit;
+            }
+
+            if (mbedtls_cipher_update(&cipher_ctx, buffer, ilen, output, &olen) != 0) {
+                mbedtls_fprintf(stderr, "mbedtls_cipher_update() returned error\n");
+                goto exit;
+            }
+
+            if (mbedtls_md_hmac_update(&md_ctx, output, olen) != 0) {
+                mbedtls_fprintf(stderr, "mbedtls_md_hmac_update() returned error\n");
+                goto exit;
+            }
+
+            if (fwrite(output, 1, olen, fout) != olen) {
+                mbedtls_fprintf(stderr, "fwrite(%ld bytes) failed\n", (long) olen);
+                goto exit;
+            }
+        }
+
+        if (mbedtls_cipher_finish(&cipher_ctx, output, &olen) != 0) {
+            mbedtls_fprintf(stderr, "mbedtls_cipher_finish() returned error\n");
+            goto exit;
+        }
+        if (mbedtls_md_hmac_update(&md_ctx, output, olen) != 0) {
+            mbedtls_fprintf(stderr, "mbedtls_md_hmac_update() returned error\n");
+            goto exit;
+        }
+
+        if (fwrite(output, 1, olen, fout) != olen) {
+            mbedtls_fprintf(stderr, "fwrite(%ld bytes) failed\n", (long) olen);
+            goto exit;
+        }
+
+        /*
+         * Finally write the HMAC.
+         */
+        if (mbedtls_md_hmac_finish(&md_ctx, digest) != 0) {
+            mbedtls_fprintf(stderr, "mbedtls_md_hmac_finish() returned error\n");
+            goto exit;
+        }
+
+        if (fwrite(digest, 1, md_size, fout) != md_size) {
+            mbedtls_fprintf(stderr, "fwrite(%d bytes) failed\n", md_size);
+            goto exit;
+        }
+    }
+
+    if (mode == MODE_DECRYPT) {
+        /*
+         *  The encrypted file must be structured as follows:
+         *
+         *        00 .. 15              Initialization Vector
+         *        16 .. 31              Encrypted Block #1
+         *           ..
+         *      N*16 .. (N+1)*16 - 1    Encrypted Block #N
+         *  (N+1)*16 .. (N+1)*16 + n    Hash(ciphertext)
+         */
+        if (filesize < 16 + md_size) {
+            mbedtls_fprintf(stderr, "File too short to be encrypted.\n");
+            goto exit;
+        }
+
+        if (cipher_block_size == 0) {
+            mbedtls_fprintf(stderr, "Invalid cipher block size: 0. \n");
+            goto exit;
+        }
+
+        /*
+         * Check the file size.
+         */
+        cipher_mode = cipher_info->mode;
+        if (cipher_mode != MBEDTLS_MODE_GCM &&
+            cipher_mode != MBEDTLS_MODE_CTR &&
+            cipher_mode != MBEDTLS_MODE_CFB &&
+            cipher_mode != MBEDTLS_MODE_OFB &&
+            ((filesize - md_size) % cipher_block_size) != 0) {
+            mbedtls_fprintf(stderr, "File content not a multiple of the block size (%u).\n",
+                            cipher_block_size);
+            goto exit;
+        }
+
+        /*
+         * Subtract the IV + HMAC length.
+         */
+        filesize -= (16 + md_size);
+
+        /*
+         * Read the IV and original filesize modulo 16.
+         */
+        if (fread(buffer, 1, 16, fin) != 16) {
+            mbedtls_fprintf(stderr, "fread(%d bytes) failed\n", 16);
+            goto exit;
+        }
+
+        memcpy(IV, buffer, 16);
+
+        /*
+         * Hash the IV and the secret key together 8192 times
+         * using the result to setup the AES context and HMAC.
+         */
+        memset(digest, 0,  32);
+        memcpy(digest, IV, 16);
+
+        for (i = 0; i < 8192; i++) {
+            if (mbedtls_md_starts(&md_ctx) != 0) {
+                mbedtls_fprintf(stderr, "mbedtls_md_starts() returned error\n");
+                goto exit;
+            }
+            if (mbedtls_md_update(&md_ctx, digest, 32) != 0) {
+                mbedtls_fprintf(stderr, "mbedtls_md_update() returned error\n");
+                goto exit;
+            }
+            if (mbedtls_md_update(&md_ctx, key, keylen) != 0) {
+                mbedtls_fprintf(stderr, "mbedtls_md_update() returned error\n");
+                goto exit;
+            }
+            if (mbedtls_md_finish(&md_ctx, digest) != 0) {
+                mbedtls_fprintf(stderr, "mbedtls_md_finish() returned error\n");
+                goto exit;
+            }
+        }
+
+        if (mbedtls_cipher_setkey(&cipher_ctx, digest, cipher_info->key_bitlen,
+                                  MBEDTLS_DECRYPT) != 0) {
+            mbedtls_fprintf(stderr, "mbedtls_cipher_setkey() returned error\n");
+            goto exit;
+        }
+
+        if (mbedtls_cipher_set_iv(&cipher_ctx, IV, 16) != 0) {
+            mbedtls_fprintf(stderr, "mbedtls_cipher_set_iv() returned error\n");
+            goto exit;
+        }
+
+        if (mbedtls_cipher_reset(&cipher_ctx) != 0) {
+            mbedtls_fprintf(stderr, "mbedtls_cipher_reset() returned error\n");
+            goto exit;
+        }
+
+        if (mbedtls_md_hmac_starts(&md_ctx, digest, 32) != 0) {
+            mbedtls_fprintf(stderr, "mbedtls_md_hmac_starts() returned error\n");
+            goto exit;
+        }
+
+        /*
+         * Decrypt and write the plaintext.
+         */
+        for (offset = 0; offset < filesize; offset += cipher_block_size) {
+            ilen = ((unsigned int) filesize - offset > cipher_block_size) ?
+                   cipher_block_size : (unsigned int) (filesize - offset);
+
+            if (fread(buffer, 1, ilen, fin) != ilen) {
+                mbedtls_fprintf(stderr, "fread(%u bytes) failed\n",
+                                cipher_block_size);
+                goto exit;
+            }
+
+            if (mbedtls_md_hmac_update(&md_ctx, buffer, ilen) != 0) {
+                mbedtls_fprintf(stderr, "mbedtls_md_hmac_update() returned error\n");
+                goto exit;
+            }
+            if (mbedtls_cipher_update(&cipher_ctx, buffer, ilen, output,
+                                      &olen) != 0) {
+                mbedtls_fprintf(stderr, "mbedtls_cipher_update() returned error\n");
+                goto exit;
+            }
+
+            if (fwrite(output, 1, olen, fout) != olen) {
+                mbedtls_fprintf(stderr, "fwrite(%ld bytes) failed\n", (long) olen);
+                goto exit;
+            }
+        }
+
+        /*
+         * Verify the message authentication code.
+         */
+        if (mbedtls_md_hmac_finish(&md_ctx, digest) != 0) {
+            mbedtls_fprintf(stderr, "mbedtls_md_hmac_finish() returned error\n");
+            goto exit;
+        }
+
+        if (fread(buffer, 1, md_size, fin) != md_size) {
+            mbedtls_fprintf(stderr, "fread(%d bytes) failed\n", md_size);
+            goto exit;
+        }
+
+        /* Use constant-time buffer comparison */
+        diff = 0;
+        for (i = 0; i < md_size; i++) {
+            diff |= digest[i] ^ buffer[i];
+        }
+
+        if (diff != 0) {
+            mbedtls_fprintf(stderr, "HMAC check failed: wrong key, "
+                                    "or file corrupted.\n");
+            goto exit;
+        }
+
+        /*
+         * Write the final block of data
+         */
+        if (mbedtls_cipher_finish(&cipher_ctx, output, &olen) != 0) {
+            mbedtls_fprintf(stderr, "mbedtls_cipher_finish() returned error\n");
+            goto exit;
+        }
+
+        if (fwrite(output, 1, olen, fout) != olen) {
+            mbedtls_fprintf(stderr, "fwrite(%ld bytes) failed\n", (long) olen);
+            goto exit;
+        }
+    }
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+    if (fin) {
+        fclose(fin);
+    }
+    if (fout) {
+        fclose(fout);
+    }
+
+    /* Zeroize all command line arguments to also cover
+       the case when the user has missed or reordered some,
+       in which case the key might not be in argv[6]. */
+    for (i = 0; i < argc; i++) {
+        mbedtls_platform_zeroize(argv[i], strlen(argv[i]));
+    }
+
+    mbedtls_platform_zeroize(IV,     sizeof(IV));
+    mbedtls_platform_zeroize(key,    sizeof(key));
+    mbedtls_platform_zeroize(buffer, sizeof(buffer));
+    mbedtls_platform_zeroize(output, sizeof(output));
+    mbedtls_platform_zeroize(digest, sizeof(digest));
+
+    mbedtls_cipher_free(&cipher_ctx);
+    mbedtls_md_free(&md_ctx);
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_CIPHER_C && MBEDTLS_MD_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.28.7/programs/fuzz/.gitignore b/3rdparty/mbedtls-2.28.7/programs/fuzz/.gitignore
new file mode 100644
index 0000000..5dc0960
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/fuzz/.gitignore
@@ -0,0 +1,9 @@
+fuzz_client
+fuzz_dtlsclient
+fuzz_dtlsserver
+fuzz_privkey
+fuzz_pubkey
+fuzz_server
+fuzz_x509crl
+fuzz_x509crt
+fuzz_x509csr
diff --git a/3rdparty/mbedtls-2.28.7/programs/fuzz/CMakeLists.txt b/3rdparty/mbedtls-2.28.7/programs/fuzz/CMakeLists.txt
new file mode 100644
index 0000000..fd55e31
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/fuzz/CMakeLists.txt
@@ -0,0 +1,55 @@
+set(libs
+    ${mbedtls_target}
+)
+
+if(USE_PKCS11_HELPER_LIBRARY)
+    set(libs ${libs} pkcs11-helper)
+endif(USE_PKCS11_HELPER_LIBRARY)
+
+if(ENABLE_ZLIB_SUPPORT)
+    set(libs ${libs} ${ZLIB_LIBRARIES})
+endif(ENABLE_ZLIB_SUPPORT)
+
+find_library(FUZZINGENGINE_LIB FuzzingEngine)
+if(FUZZINGENGINE_LIB)
+    project(fuzz CXX)
+endif()
+
+set(executables_no_common_c
+    fuzz_privkey
+    fuzz_pubkey
+    fuzz_x509crl
+    fuzz_x509crt
+    fuzz_x509csr
+)
+
+set(executables_with_common_c
+    fuzz_client
+    fuzz_dtlsclient
+    fuzz_dtlsserver
+    fuzz_server
+)
+
+foreach(exe IN LISTS executables_no_common_c executables_with_common_c)
+
+    set(exe_sources ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
+    if(NOT FUZZINGENGINE_LIB)
+        list(APPEND exe_sources onefile.c)
+    endif()
+
+    # This emulates "if ( ... IN_LIST ... )" which becomes available in CMake 3.3
+    list(FIND executables_with_common_c ${exe} exe_index)
+    if(${exe_index} GREATER -1)
+        list(APPEND exe_sources common.c)
+    endif()
+
+    add_executable(${exe} ${exe_sources})
+
+    if (NOT FUZZINGENGINE_LIB)
+        target_link_libraries(${exe} ${libs})
+    else()
+        target_link_libraries(${exe} ${libs} FuzzingEngine)
+        SET_TARGET_PROPERTIES(${exe} PROPERTIES LINKER_LANGUAGE CXX)
+    endif()
+
+endforeach()
diff --git a/3rdparty/mbedtls-2.28.7/programs/fuzz/Makefile b/3rdparty/mbedtls-2.28.7/programs/fuzz/Makefile
new file mode 100644
index 0000000..0eb2baf
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/fuzz/Makefile
@@ -0,0 +1,74 @@
+MBEDTLS_TEST_PATH:=../../tests/src
+MBEDTLS_TEST_OBJS:=$(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/*.c ${MBEDTLS_TEST_PATH}/drivers/*.c))
+
+CFLAGS ?= -O2
+WARNING_CFLAGS ?= -Wall -Wextra
+LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../../tests/include -I../../include -D_FILE_OFFSET_BITS=64
+LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS}		\
+		-L../../library			\
+		-lmbedtls$(SHARED_SUFFIX)	\
+		-lmbedx509$(SHARED_SUFFIX)	\
+		-lmbedcrypto$(SHARED_SUFFIX)
+
+LOCAL_CFLAGS += $(patsubst -I../%,-I../../%,$(THIRDPARTY_INCLUDES))
+
+ifndef SHARED
+DEP=../../library/libmbedcrypto.a ../../library/libmbedx509.a ../../library/libmbedtls.a
+else
+DEP=../../library/libmbedcrypto.$(DLEXT) ../../library/libmbedx509.$(DLEXT) ../../library/libmbedtls.$(DLEXT)
+endif
+
+
+DLEXT ?= so
+EXEXT=
+SHARED_SUFFIX=
+
+# Zlib shared library extensions:
+ifdef ZLIB
+LOCAL_LDFLAGS += -lz
+endif
+
+ifdef FUZZINGENGINE
+LOCAL_LDFLAGS += -lFuzzingEngine
+endif
+
+# A test application is built for each suites/test_suite_*.data file.
+# Application name is same as .data file's base name and can be
+# constructed by stripping path 'suites/' and extension .data.
+APPS = $(basename $(wildcard fuzz_*.c))
+
+# Construct executable name by adding OS specific suffix $(EXEXT).
+BINARIES := $(addsuffix $(EXEXT),$(APPS))
+
+.SILENT:
+
+.PHONY: all check test clean
+
+all: $(BINARIES)
+
+$(DEP):
+	$(MAKE) -C ../../library
+
+C_FILES := $(addsuffix .c,$(APPS))
+
+%.o: %.c
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -c $<	-o $@
+
+
+ifdef FUZZINGENGINE
+$(BINARIES): %$(EXEXT): %.o common.o $(DEP)
+	echo " $(CC) common.o $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@"
+	$(CXX) common.o $<	$(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+else
+$(BINARIES): %$(EXEXT): %.o common.o onefile.o $(DEP)
+	echo " $(CC) common.o onefile.o $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@"
+	$(CC) common.o onefile.o $<	$(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+endif
+
+clean:
+ifndef WINDOWS
+	rm -rf $(BINARIES) *.o
+else
+	if exist *.o del /Q /F *.o
+	if exist *.exe del /Q /F *.exe
+endif
diff --git a/3rdparty/mbedtls-2.28.7/programs/fuzz/README.md b/3rdparty/mbedtls-2.28.7/programs/fuzz/README.md
new file mode 100644
index 0000000..aaef030
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/fuzz/README.md
@@ -0,0 +1,68 @@
+What is it?
+------
+
+This directory contains fuzz targets.
+Fuzz targets are simple codes using the library.
+They are used with a so-called fuzz driver, which will generate inputs, try to process them with the fuzz target, and alert in case of an unwanted behavior (such as a buffer overflow for instance).
+
+These targets were meant to be used with oss-fuzz but can be used in other contexts.
+
+This code was contributed by Philippe Antoine ( Catena cyber ).
+
+How to run?
+------
+
+To run the fuzz targets like oss-fuzz:
+```
+git clone https://github.com/google/oss-fuzz
+cd oss-fuzz
+python infra/helper.py build_image mbedtls
+python infra/helper.py build_fuzzers --sanitizer address mbedtls
+python infra/helper.py run_fuzzer mbedtls fuzz_client
+```
+You can use `undefined` sanitizer as well as `address` sanitizer.
+And you can run any of the fuzz targets like `fuzz_client`.
+
+To run the fuzz targets without oss-fuzz, you first need to install one libFuzzingEngine (libFuzzer for instance).
+Then you need to compile the code with the compiler flags of the wished sanitizer.
+```
+perl scripts/config.py set MBEDTLS_PLATFORM_TIME_ALT
+mkdir build
+cd build
+cmake ..
+make
+```
+Finally, you can run the targets like `./test/fuzz/fuzz_client`.
+
+
+Corpus generation for network traffic targets
+------
+
+These targets use network traffic as inputs :
+* client : simulates a client against (fuzzed) server traffic
+* server : simulates a server against (fuzzed) client traffic
+* dtls_client
+* dtls_server
+
+They also use the last bytes as configuration options.
+
+To generate corpus for these targets, you can do the following, not fully automated steps :
+* Build mbedtls programs ssl_server2 and ssl_client2
+* Run them one against the other with `reproducible` option turned on while capturing traffic into test.pcap
+* Extract tcp payloads, for instance with tshark : `tshark -Tfields -e tcp.dstport -e tcp.payload -r test.pcap > test.txt`
+* Run a dummy python script to output either client or server corpus file like `python dummy.py test.txt > test.cor`
+* Finally, you can add the options by appending the last bytes to the file test.cor
+
+Here is an example of dummy.py for extracting payload from client to server (if we used `tcp.dstport` in tshark command)
+```
+import sys
+import binascii
+
+f = open(sys.argv[1])
+for l in f.readlines():
+    portAndPl=l.split()
+    if len(portAndPl) == 2:
+        # determine client or server based on port
+        if portAndPl[0] == "4433":
+            print(binascii.unhexlify(portAndPl[1].replace(":","")))
+```
diff --git a/3rdparty/mbedtls-2.28.7/programs/fuzz/common.c b/3rdparty/mbedtls-2.28.7/programs/fuzz/common.c
new file mode 100644
index 0000000..96a24f7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/fuzz/common.c
@@ -0,0 +1,99 @@
+#include "common.h"
+#include <limits.h>
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "mbedtls/ctr_drbg.h"
+
+#if defined(MBEDTLS_PLATFORM_TIME_ALT)
+mbedtls_time_t dummy_constant_time(mbedtls_time_t *time)
+{
+    (void) time;
+    return 0x5af2a056;
+}
+#endif
+
+void dummy_init(void)
+{
+#if defined(MBEDTLS_PLATFORM_TIME_ALT)
+    mbedtls_platform_set_time(dummy_constant_time);
+#else
+    fprintf(stderr, "Warning: fuzzing without constant time\n");
+#endif
+}
+
+int dummy_send(void *ctx, const unsigned char *buf, size_t len)
+{
+    //silence warning about unused parameter
+    (void) ctx;
+    (void) buf;
+
+    //pretends we wrote everything ok
+    if (len > INT_MAX) {
+        return -1;
+    }
+    return (int) len;
+}
+
+int fuzz_recv(void *ctx, unsigned char *buf, size_t len)
+{
+    //reads from the buffer from fuzzer
+    fuzzBufferOffset_t *biomemfuzz = (fuzzBufferOffset_t *) ctx;
+
+    if (biomemfuzz->Offset == biomemfuzz->Size) {
+        //EOF
+        return 0;
+    }
+    if (len > INT_MAX) {
+        return -1;
+    }
+    if (len + biomemfuzz->Offset > biomemfuzz->Size) {
+        //do not overflow
+        len = biomemfuzz->Size - biomemfuzz->Offset;
+    }
+    memcpy(buf, biomemfuzz->Data + biomemfuzz->Offset, len);
+    biomemfuzz->Offset += len;
+    return (int) len;
+}
+
+int dummy_random(void *p_rng, unsigned char *output, size_t output_len)
+{
+    int ret;
+    size_t i;
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+    //use mbedtls_ctr_drbg_random to find bugs in it
+    ret = mbedtls_ctr_drbg_random(p_rng, output, output_len);
+#else
+    (void) p_rng;
+    ret = 0;
+#endif
+    for (i = 0; i < output_len; i++) {
+        //replace result with pseudo random
+        output[i] = (unsigned char) rand();
+    }
+    return ret;
+}
+
+int dummy_entropy(void *data, unsigned char *output, size_t len)
+{
+    size_t i;
+    (void) data;
+
+    //use mbedtls_entropy_func to find bugs in it
+    //test performance impact of entropy
+    //ret = mbedtls_entropy_func(data, output, len);
+    for (i = 0; i < len; i++) {
+        //replace result with pseudo random
+        output[i] = (unsigned char) rand();
+    }
+    return 0;
+}
+
+int fuzz_recv_timeout(void *ctx, unsigned char *buf, size_t len,
+                      uint32_t timeout)
+{
+    (void) timeout;
+
+    return fuzz_recv(ctx, buf, len);
+}
diff --git a/3rdparty/mbedtls-2.28.7/programs/fuzz/common.h b/3rdparty/mbedtls-2.28.7/programs/fuzz/common.h
new file mode 100644
index 0000000..d5b098f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/fuzz/common.h
@@ -0,0 +1,29 @@
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_HAVE_TIME)
+#include "mbedtls/platform_time.h"
+#endif
+#include <stddef.h>
+#include <stdint.h>
+
+typedef struct fuzzBufferOffset {
+    const uint8_t *Data;
+    size_t Size;
+    size_t Offset;
+} fuzzBufferOffset_t;
+
+#if defined(MBEDTLS_HAVE_TIME)
+mbedtls_time_t dummy_constant_time(mbedtls_time_t *time);
+#endif
+void dummy_init(void);
+
+int dummy_send(void *ctx, const unsigned char *buf, size_t len);
+int fuzz_recv(void *ctx, unsigned char *buf, size_t len);
+int dummy_random(void *p_rng, unsigned char *output, size_t output_len);
+int dummy_entropy(void *data, unsigned char *output, size_t len);
+int fuzz_recv_timeout(void *ctx, unsigned char *buf, size_t len,
+                      uint32_t timeout);
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/corpuses/client b/3rdparty/mbedtls-2.28.7/programs/fuzz/corpuses/client
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/fuzz/corpuses/client
rename to 3rdparty/mbedtls-2.28.7/programs/fuzz/corpuses/client
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/corpuses/dtlsclient b/3rdparty/mbedtls-2.28.7/programs/fuzz/corpuses/dtlsclient
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/fuzz/corpuses/dtlsclient
rename to 3rdparty/mbedtls-2.28.7/programs/fuzz/corpuses/dtlsclient
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/corpuses/dtlsserver b/3rdparty/mbedtls-2.28.7/programs/fuzz/corpuses/dtlsserver
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/fuzz/corpuses/dtlsserver
rename to 3rdparty/mbedtls-2.28.7/programs/fuzz/corpuses/dtlsserver
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/corpuses/server b/3rdparty/mbedtls-2.28.7/programs/fuzz/corpuses/server
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/fuzz/corpuses/server
rename to 3rdparty/mbedtls-2.28.7/programs/fuzz/corpuses/server
diff --git a/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_client.c b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_client.c
new file mode 100644
index 0000000..2de51a6
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_client.c
@@ -0,0 +1,204 @@
+#include "mbedtls/ssl.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/certs.h"
+#include "common.h"
+#include <string.h>
+#include <stdlib.h>
+#include <stdint.h>
+
+
+#if defined(MBEDTLS_SSL_CLI_C) && \
+    defined(MBEDTLS_ENTROPY_C) && \
+    defined(MBEDTLS_CTR_DRBG_C)
+static int initialized = 0;
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
+static mbedtls_x509_crt cacert;
+#endif
+const char *alpn_list[3];
+
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+const unsigned char psk[] = {
+    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
+};
+const char psk_id[] = "Client_identity";
+#endif
+
+const char *pers = "fuzz_client";
+#endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
+
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
+{
+#if defined(MBEDTLS_SSL_CLI_C) && \
+    defined(MBEDTLS_ENTROPY_C) && \
+    defined(MBEDTLS_CTR_DRBG_C)
+    int ret;
+    size_t len;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_entropy_context entropy;
+    unsigned char buf[4096];
+    fuzzBufferOffset_t biomemfuzz;
+    uint16_t options;
+
+    if (initialized == 0) {
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) && \
+        defined(MBEDTLS_CERTS_C)
+        mbedtls_x509_crt_init(&cacert);
+        if (mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem,
+                                   mbedtls_test_cas_pem_len) != 0) {
+            return 1;
+        }
+#endif
+
+        alpn_list[0] = "HTTP";
+        alpn_list[1] = "fuzzalpn";
+        alpn_list[2] = NULL;
+
+        dummy_init();
+
+        initialized = 1;
+    }
+
+    //we take 1 byte as options input
+    if (Size < 2) {
+        return 0;
+    }
+    options = (Data[Size - 2] << 8) | Data[Size - 1];
+    //Avoid warnings if compile options imply no options
+    (void) options;
+
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_config_init(&conf);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    mbedtls_entropy_init(&entropy);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy,
+                              (const unsigned char *) pers, strlen(pers)) != 0) {
+        goto exit;
+    }
+
+    if (mbedtls_ssl_config_defaults(&conf,
+                                    MBEDTLS_SSL_IS_CLIENT,
+                                    MBEDTLS_SSL_TRANSPORT_STREAM,
+                                    MBEDTLS_SSL_PRESET_DEFAULT) != 0) {
+        goto exit;
+    }
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+    if (options & 2) {
+        mbedtls_ssl_conf_psk(&conf, psk, sizeof(psk),
+                             (const unsigned char *) psk_id, sizeof(psk_id) - 1);
+    }
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
+    if (options & 4) {
+        mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL);
+        mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_REQUIRED);
+    } else
+#endif
+    {
+        mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_NONE);
+    }
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    mbedtls_ssl_conf_truncated_hmac(&conf,
+                                    (options &
+                                     8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED);
+#endif
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    mbedtls_ssl_conf_extended_master_secret(&conf,
+                                            (options &
+                                             0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED);
+#endif
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    mbedtls_ssl_conf_encrypt_then_mac(&conf,
+                                      (options &
+                                       0x20) ? MBEDTLS_SSL_ETM_DISABLED : MBEDTLS_SSL_ETM_ENABLED);
+#endif
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+    mbedtls_ssl_conf_cbc_record_splitting(&conf,
+                                          (options &
+                                           0x40) ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED);
+#endif
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    mbedtls_ssl_conf_renegotiation(&conf,
+                                   (options &
+                                    0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED);
+#endif
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    mbedtls_ssl_conf_session_tickets(&conf,
+                                     (options &
+                                      0x100) ? MBEDTLS_SSL_SESSION_TICKETS_DISABLED : MBEDTLS_SSL_SESSION_TICKETS_ENABLED);
+#endif
+#if defined(MBEDTLS_SSL_ALPN)
+    if (options & 0x200) {
+        mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list);
+    }
+#endif
+    //There may be other options to add :
+    // mbedtls_ssl_conf_cert_profile, mbedtls_ssl_conf_sig_hashes
+
+    srand(1);
+    mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg);
+
+    if (mbedtls_ssl_setup(&ssl, &conf) != 0) {
+        goto exit;
+    }
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
+    if ((options & 1) == 0) {
+        if (mbedtls_ssl_set_hostname(&ssl, "localhost") != 0) {
+            goto exit;
+        }
+    }
+#endif
+
+    biomemfuzz.Data = Data;
+    biomemfuzz.Size = Size-2;
+    biomemfuzz.Offset = 0;
+    mbedtls_ssl_set_bio(&ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL);
+
+    ret = mbedtls_ssl_handshake(&ssl);
+    if (ret == 0) {
+        //keep reading data from server until the end
+        do {
+            len = sizeof(buf) - 1;
+            ret = mbedtls_ssl_read(&ssl, buf, len);
+
+            if (ret == MBEDTLS_ERR_SSL_WANT_READ) {
+                continue;
+            } else if (ret <= 0) {
+                //EOF or error
+                break;
+            }
+        } while (1);
+    }
+
+exit:
+    mbedtls_entropy_free(&entropy);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_ssl_config_free(&conf);
+    mbedtls_ssl_free(&ssl);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#else
+    (void) Data;
+    (void) Size;
+#endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
+
+    return 0;
+}
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_client.options b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_client.options
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_client.options
rename to 3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_client.options
diff --git a/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_dtlsclient.c b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_dtlsclient.c
new file mode 100644
index 0000000..d414bb3
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_dtlsclient.c
@@ -0,0 +1,138 @@
+#include <string.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include "common.h"
+#include "mbedtls/ssl.h"
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/certs.h"
+#include "mbedtls/timing.h"
+
+
+#if defined(MBEDTLS_SSL_CLI_C) && \
+    defined(MBEDTLS_ENTROPY_C) && \
+    defined(MBEDTLS_CTR_DRBG_C) && \
+    defined(MBEDTLS_TIMING_C)
+static int initialized = 0;
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
+static mbedtls_x509_crt cacert;
+#endif
+
+const char *pers = "fuzz_dtlsclient";
+#endif
+#endif // MBEDTLS_SSL_PROTO_DTLS
+
+
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
+{
+#if defined(MBEDTLS_SSL_PROTO_DTLS) && \
+    defined(MBEDTLS_SSL_CLI_C) && \
+    defined(MBEDTLS_ENTROPY_C) && \
+    defined(MBEDTLS_CTR_DRBG_C) && \
+    defined(MBEDTLS_TIMING_C)
+    int ret;
+    size_t len;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_entropy_context entropy;
+    mbedtls_timing_delay_context timer;
+    unsigned char buf[4096];
+    fuzzBufferOffset_t biomemfuzz;
+
+    if (initialized == 0) {
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) && \
+        defined(MBEDTLS_CERTS_C)
+        mbedtls_x509_crt_init(&cacert);
+        if (mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem,
+                                   mbedtls_test_cas_pem_len) != 0) {
+            return 1;
+        }
+#endif
+        dummy_init();
+
+        initialized = 1;
+    }
+
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_config_init(&conf);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    mbedtls_entropy_init(&entropy);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    srand(1);
+    if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy,
+                              (const unsigned char *) pers, strlen(pers)) != 0) {
+        goto exit;
+    }
+
+    if (mbedtls_ssl_config_defaults(&conf,
+                                    MBEDTLS_SSL_IS_CLIENT,
+                                    MBEDTLS_SSL_TRANSPORT_DATAGRAM,
+                                    MBEDTLS_SSL_PRESET_DEFAULT) != 0) {
+        goto exit;
+    }
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
+    mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL);
+#endif
+    mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_NONE);
+    mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg);
+
+    if (mbedtls_ssl_setup(&ssl, &conf) != 0) {
+        goto exit;
+    }
+
+    mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay,
+                             mbedtls_timing_get_delay);
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
+    if (mbedtls_ssl_set_hostname(&ssl, "localhost") != 0) {
+        goto exit;
+    }
+#endif
+
+    biomemfuzz.Data = Data;
+    biomemfuzz.Size = Size;
+    biomemfuzz.Offset = 0;
+    mbedtls_ssl_set_bio(&ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout);
+
+    ret = mbedtls_ssl_handshake(&ssl);
+    if (ret == 0) {
+        //keep reading data from server until the end
+        do {
+            len = sizeof(buf) - 1;
+            ret = mbedtls_ssl_read(&ssl, buf, len);
+
+            if (ret == MBEDTLS_ERR_SSL_WANT_READ) {
+                continue;
+            } else if (ret <= 0) {
+                //EOF or error
+                break;
+            }
+        } while (1);
+    }
+
+exit:
+    mbedtls_entropy_free(&entropy);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_ssl_config_free(&conf);
+    mbedtls_ssl_free(&ssl);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#else
+    (void) Data;
+    (void) Size;
+#endif
+    return 0;
+}
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_dtlsclient.options b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_dtlsclient.options
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_dtlsclient.options
rename to 3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_dtlsclient.options
diff --git a/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_dtlsserver.c b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_dtlsserver.c
new file mode 100644
index 0000000..df4087a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_dtlsserver.c
@@ -0,0 +1,178 @@
+#include <string.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include "common.h"
+#include "mbedtls/ssl.h"
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/certs.h"
+#include "mbedtls/timing.h"
+#include "mbedtls/ssl_cookie.h"
+
+#if defined(MBEDTLS_SSL_SRV_C) && \
+    defined(MBEDTLS_ENTROPY_C) && \
+    defined(MBEDTLS_CTR_DRBG_C) && \
+    defined(MBEDTLS_TIMING_C) && \
+    (defined(MBEDTLS_SHA256_C) || \
+    (defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)))
+const char *pers = "fuzz_dtlsserver";
+const unsigned char client_ip[4] = { 0x7F, 0, 0, 1 };
+static int initialized = 0;
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
+static mbedtls_x509_crt srvcert;
+static mbedtls_pk_context pkey;
+#endif
+#endif
+#endif // MBEDTLS_SSL_PROTO_DTLS
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
+{
+#if defined(MBEDTLS_SSL_PROTO_DTLS) && \
+    defined(MBEDTLS_SSL_SRV_C) && \
+    defined(MBEDTLS_ENTROPY_C) && \
+    defined(MBEDTLS_CTR_DRBG_C) && \
+    defined(MBEDTLS_TIMING_C) && \
+    (defined(MBEDTLS_SHA256_C) || \
+    (defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)))
+    int ret;
+    size_t len;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_entropy_context entropy;
+    mbedtls_timing_delay_context timer;
+    mbedtls_ssl_cookie_ctx cookie_ctx;
+    unsigned char buf[4096];
+    fuzzBufferOffset_t biomemfuzz;
+
+    if (initialized == 0) {
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) && \
+        defined(MBEDTLS_CERTS_C)
+        mbedtls_x509_crt_init(&srvcert);
+        mbedtls_pk_init(&pkey);
+        if (mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt,
+                                   mbedtls_test_srv_crt_len) != 0) {
+            return 1;
+        }
+        if (mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_cas_pem,
+                                   mbedtls_test_cas_pem_len) != 0) {
+            return 1;
+        }
+        if (mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key,
+                                 mbedtls_test_srv_key_len, NULL, 0) != 0) {
+            return 1;
+        }
+#endif
+        dummy_init();
+
+        initialized = 1;
+    }
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_config_init(&conf);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    mbedtls_entropy_init(&entropy);
+    mbedtls_ssl_cookie_init(&cookie_ctx);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy,
+                              (const unsigned char *) pers, strlen(pers)) != 0) {
+        goto exit;
+    }
+
+
+    if (mbedtls_ssl_config_defaults(&conf,
+                                    MBEDTLS_SSL_IS_SERVER,
+                                    MBEDTLS_SSL_TRANSPORT_DATAGRAM,
+                                    MBEDTLS_SSL_PRESET_DEFAULT) != 0) {
+        goto exit;
+    }
+
+
+    srand(1);
+    mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg);
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
+    mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL);
+    if (mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey) != 0) {
+        goto exit;
+    }
+#endif
+
+    if (mbedtls_ssl_cookie_setup(&cookie_ctx, dummy_random, &ctr_drbg) != 0) {
+        goto exit;
+    }
+
+    mbedtls_ssl_conf_dtls_cookies(&conf,
+                                  mbedtls_ssl_cookie_write,
+                                  mbedtls_ssl_cookie_check,
+                                  &cookie_ctx);
+
+    if (mbedtls_ssl_setup(&ssl, &conf) != 0) {
+        goto exit;
+    }
+
+    mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay,
+                             mbedtls_timing_get_delay);
+
+    biomemfuzz.Data = Data;
+    biomemfuzz.Size = Size;
+    biomemfuzz.Offset = 0;
+    mbedtls_ssl_set_bio(&ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout);
+    if (mbedtls_ssl_set_client_transport_id(&ssl, client_ip, sizeof(client_ip)) != 0) {
+        goto exit;
+    }
+
+    ret = mbedtls_ssl_handshake(&ssl);
+
+    if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) {
+        biomemfuzz.Offset = ssl.next_record_offset;
+        mbedtls_ssl_session_reset(&ssl);
+        mbedtls_ssl_set_bio(&ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout);
+        if (mbedtls_ssl_set_client_transport_id(&ssl, client_ip, sizeof(client_ip)) != 0) {
+            goto exit;
+        }
+
+        ret = mbedtls_ssl_handshake(&ssl);
+
+        if (ret == 0) {
+            //keep reading data from server until the end
+            do {
+                len = sizeof(buf) - 1;
+                ret = mbedtls_ssl_read(&ssl, buf, len);
+                if (ret == MBEDTLS_ERR_SSL_WANT_READ) {
+                    continue;
+                } else if (ret <= 0) {
+                    //EOF or error
+                    break;
+                }
+            } while (1);
+        }
+    }
+
+exit:
+    mbedtls_ssl_cookie_free(&cookie_ctx);
+    mbedtls_entropy_free(&entropy);
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
+    mbedtls_pk_free(&pkey);
+    mbedtls_x509_crt_free(&srvcert);
+#endif
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_ssl_config_free(&conf);
+    mbedtls_ssl_free(&ssl);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#else
+    (void) Data;
+    (void) Size;
+#endif
+    return 0;
+}
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_dtlsserver.options b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_dtlsserver.options
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_dtlsserver.options
rename to 3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_dtlsserver.options
diff --git a/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_privkey.c b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_privkey.c
new file mode 100644
index 0000000..d1da589
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_privkey.c
@@ -0,0 +1,85 @@
+#include <stdint.h>
+#include <stdlib.h>
+#include "mbedtls/pk.h"
+
+//4 Kb should be enough for every bug ;-)
+#define MAX_LEN 0x1000
+
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
+{
+#ifdef MBEDTLS_PK_PARSE_C
+    int ret;
+    mbedtls_pk_context pk;
+
+    if (Size > MAX_LEN) {
+        //only work on small inputs
+        Size = MAX_LEN;
+    }
+
+    mbedtls_pk_init(&pk);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    ret = mbedtls_pk_parse_key(&pk, Data, Size, NULL, 0);
+    if (ret == 0) {
+#if defined(MBEDTLS_RSA_C)
+        if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_RSA) {
+            mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
+            mbedtls_rsa_context *rsa;
+
+            mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
+            mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP);
+            mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP);
+
+            rsa = mbedtls_pk_rsa(pk);
+            if (mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E) != 0) {
+                abort();
+            }
+            if (mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP) != 0) {
+                abort();
+            }
+
+            mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
+            mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP);
+            mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP);
+        } else
+#endif
+#if defined(MBEDTLS_ECP_C)
+        if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY ||
+            mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY_DH) {
+            mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk);
+            mbedtls_ecp_group_id grp_id = ecp->grp.id;
+            const mbedtls_ecp_curve_info *curve_info =
+                mbedtls_ecp_curve_info_from_grp_id(grp_id);
+
+            /* If the curve is not supported, the key should not have been
+             * accepted. */
+            if (curve_info == NULL) {
+                abort();
+            }
+        } else
+#endif
+        {
+            /* The key is valid but is not of a supported type.
+             * This should not happen. */
+            abort();
+        }
+    }
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+exit:
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    mbedtls_pk_free(&pk);
+#else
+    (void) Data;
+    (void) Size;
+#endif //MBEDTLS_PK_PARSE_C
+
+    return 0;
+}
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_privkey.options b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_privkey.options
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_privkey.options
rename to 3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_privkey.options
diff --git a/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_pubkey.c b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_pubkey.c
new file mode 100644
index 0000000..daca2b3
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_pubkey.c
@@ -0,0 +1,84 @@
+#include <stdint.h>
+#include <stdlib.h>
+#include "mbedtls/pk.h"
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
+{
+#ifdef MBEDTLS_PK_PARSE_C
+    int ret;
+    mbedtls_pk_context pk;
+
+    mbedtls_pk_init(&pk);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    ret = mbedtls_pk_parse_public_key(&pk, Data, Size);
+    if (ret == 0) {
+#if defined(MBEDTLS_RSA_C)
+        if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_RSA) {
+            mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
+            mbedtls_rsa_context *rsa;
+
+            mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
+            mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP);
+            mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP);
+
+            rsa = mbedtls_pk_rsa(pk);
+            if (mbedtls_rsa_export(rsa, &N, NULL, NULL, NULL, &E) != 0) {
+                abort();
+            }
+            if (mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E) != MBEDTLS_ERR_RSA_BAD_INPUT_DATA) {
+                abort();
+            }
+            if (mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP) != MBEDTLS_ERR_RSA_BAD_INPUT_DATA) {
+                abort();
+            }
+
+            mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
+            mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP);
+            mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP);
+
+        } else
+#endif
+#if defined(MBEDTLS_ECP_C)
+        if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY ||
+            mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY_DH) {
+            mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk);
+            mbedtls_ecp_group_id grp_id = ecp->grp.id;
+            const mbedtls_ecp_curve_info *curve_info =
+                mbedtls_ecp_curve_info_from_grp_id(grp_id);
+
+            /* If the curve is not supported, the key should not have been
+             * accepted. */
+            if (curve_info == NULL) {
+                abort();
+            }
+
+            /* It's a public key, so the private value should not have
+             * been changed from its initialization to 0. */
+            if (mbedtls_mpi_cmp_int(&ecp->d, 0) != 0) {
+                abort();
+            }
+        } else
+#endif
+        {
+            /* The key is valid but is not of a supported type.
+             * This should not happen. */
+            abort();
+        }
+    }
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+exit:
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    mbedtls_pk_free(&pk);
+#else
+    (void) Data;
+    (void) Size;
+#endif //MBEDTLS_PK_PARSE_C
+
+    return 0;
+}
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_pubkey.options b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_pubkey.options
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_pubkey.options
rename to 3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_pubkey.options
diff --git a/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_server.c b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_server.c
new file mode 100644
index 0000000..06aeb5e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_server.c
@@ -0,0 +1,219 @@
+#include "mbedtls/ssl.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/certs.h"
+#include "mbedtls/ssl_ticket.h"
+#include "common.h"
+#include <string.h>
+#include <stdlib.h>
+#include <stdint.h>
+
+
+#if defined(MBEDTLS_SSL_SRV_C) && \
+    defined(MBEDTLS_ENTROPY_C) && \
+    defined(MBEDTLS_CTR_DRBG_C)
+const char *pers = "fuzz_server";
+static int initialized = 0;
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
+static mbedtls_x509_crt srvcert;
+static mbedtls_pk_context pkey;
+#endif
+const char *alpn_list[3];
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+const unsigned char psk[] = {
+    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
+};
+const char psk_id[] = "Client_identity";
+#endif
+#endif // MBEDTLS_SSL_SRV_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C
+
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
+{
+#if defined(MBEDTLS_SSL_SRV_C) && \
+    defined(MBEDTLS_ENTROPY_C) && \
+    defined(MBEDTLS_CTR_DRBG_C)
+    int ret;
+    size_t len;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_entropy_context entropy;
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C)
+    mbedtls_ssl_ticket_context ticket_ctx;
+#endif
+    unsigned char buf[4096];
+    fuzzBufferOffset_t biomemfuzz;
+    uint8_t options;
+
+    //we take 1 byte as options input
+    if (Size < 1) {
+        return 0;
+    }
+    options = Data[Size - 1];
+
+    if (initialized == 0) {
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) && \
+        defined(MBEDTLS_CERTS_C)
+        mbedtls_x509_crt_init(&srvcert);
+        mbedtls_pk_init(&pkey);
+        if (mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt,
+                                   mbedtls_test_srv_crt_len) != 0) {
+            return 1;
+        }
+        if (mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_cas_pem,
+                                   mbedtls_test_cas_pem_len) != 0) {
+            return 1;
+        }
+        if (mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key,
+                                 mbedtls_test_srv_key_len, NULL, 0) != 0) {
+            return 1;
+        }
+#endif
+
+        alpn_list[0] = "HTTP";
+        alpn_list[1] = "fuzzalpn";
+        alpn_list[2] = NULL;
+
+        dummy_init();
+
+        initialized = 1;
+    }
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_config_init(&conf);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    mbedtls_entropy_init(&entropy);
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C)
+    mbedtls_ssl_ticket_init(&ticket_ctx);
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy,
+                              (const unsigned char *) pers, strlen(pers)) != 0) {
+        goto exit;
+    }
+
+
+    if (mbedtls_ssl_config_defaults(&conf,
+                                    MBEDTLS_SSL_IS_SERVER,
+                                    MBEDTLS_SSL_TRANSPORT_STREAM,
+                                    MBEDTLS_SSL_PRESET_DEFAULT) != 0) {
+        goto exit;
+    }
+
+    srand(1);
+    mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg);
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
+    mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL);
+    if (mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey) != 0) {
+        goto exit;
+    }
+#endif
+
+    mbedtls_ssl_conf_cert_req_ca_list(&conf,
+                                      (options &
+                                       0x1) ? MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED : MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED);
+#if defined(MBEDTLS_SSL_ALPN)
+    if (options & 0x2) {
+        mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list);
+    }
+#endif
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C)
+    if (options & 0x4) {
+        if (mbedtls_ssl_ticket_setup(&ticket_ctx,
+                                     dummy_random, &ctr_drbg,
+                                     MBEDTLS_CIPHER_AES_256_GCM,
+                                     86400) != 0) {
+            goto exit;
+        }
+
+        mbedtls_ssl_conf_session_tickets_cb(&conf,
+                                            mbedtls_ssl_ticket_write,
+                                            mbedtls_ssl_ticket_parse,
+                                            &ticket_ctx);
+    }
+#endif
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    mbedtls_ssl_conf_truncated_hmac(&conf,
+                                    (options &
+                                     0x8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED);
+#endif
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    mbedtls_ssl_conf_extended_master_secret(&conf,
+                                            (options &
+                                             0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED);
+#endif
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    mbedtls_ssl_conf_encrypt_then_mac(&conf,
+                                      (options &
+                                       0x20) ? MBEDTLS_SSL_ETM_ENABLED : MBEDTLS_SSL_ETM_DISABLED);
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+    if (options & 0x40) {
+        mbedtls_ssl_conf_psk(&conf, psk, sizeof(psk),
+                             (const unsigned char *) psk_id, sizeof(psk_id) - 1);
+    }
+#endif
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    mbedtls_ssl_conf_renegotiation(&conf,
+                                   (options &
+                                    0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED);
+#endif
+
+    if (mbedtls_ssl_setup(&ssl, &conf) != 0) {
+        goto exit;
+    }
+
+    biomemfuzz.Data = Data;
+    biomemfuzz.Size = Size-1;
+    biomemfuzz.Offset = 0;
+    mbedtls_ssl_set_bio(&ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL);
+
+    mbedtls_ssl_session_reset(&ssl);
+    ret = mbedtls_ssl_handshake(&ssl);
+    if (ret == 0) {
+        //keep reading data from server until the end
+        do {
+            len = sizeof(buf) - 1;
+            ret = mbedtls_ssl_read(&ssl, buf, len);
+
+            if (ret == MBEDTLS_ERR_SSL_WANT_READ) {
+                continue;
+            } else if (ret <= 0) {
+                //EOF or error
+                break;
+            }
+        } while (1);
+    }
+
+exit:
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C)
+    mbedtls_ssl_ticket_free(&ticket_ctx);
+#endif
+    mbedtls_entropy_free(&entropy);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_ssl_config_free(&conf);
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
+    mbedtls_x509_crt_free(&srvcert);
+    mbedtls_pk_free(&pkey);
+#endif
+    mbedtls_ssl_free(&ssl);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif
+#else
+    (void) Data;
+    (void) Size;
+#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
+
+    return 0;
+}
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_server.options b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_server.options
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_server.options
rename to 3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_server.options
diff --git a/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_x509crl.c b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_x509crl.c
new file mode 100644
index 0000000..1140c3d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_x509crl.c
@@ -0,0 +1,33 @@
+#include <stdint.h>
+#include "mbedtls/x509_crl.h"
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
+{
+#ifdef MBEDTLS_X509_CRL_PARSE_C
+    int ret;
+    mbedtls_x509_crl crl;
+    unsigned char buf[4096];
+
+    mbedtls_x509_crl_init(&crl);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    ret = mbedtls_x509_crl_parse(&crl, Data, Size);
+    if (ret == 0) {
+        ret = mbedtls_x509_crl_info((char *) buf, sizeof(buf) - 1, " ", &crl);
+    }
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+exit:
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    mbedtls_x509_crl_free(&crl);
+#else
+    (void) Data;
+    (void) Size;
+#endif
+
+    return 0;
+}
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_x509crl.options b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_x509crl.options
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_x509crl.options
rename to 3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_x509crl.options
diff --git a/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_x509crt.c b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_x509crt.c
new file mode 100644
index 0000000..3593236
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_x509crt.c
@@ -0,0 +1,33 @@
+#include <stdint.h>
+#include "mbedtls/x509_crt.h"
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
+{
+#ifdef MBEDTLS_X509_CRT_PARSE_C
+    int ret;
+    mbedtls_x509_crt crt;
+    unsigned char buf[4096];
+
+    mbedtls_x509_crt_init(&crt);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    ret = mbedtls_x509_crt_parse(&crt, Data, Size);
+    if (ret == 0) {
+        ret = mbedtls_x509_crt_info((char *) buf, sizeof(buf) - 1, " ", &crt);
+    }
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+exit:
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    mbedtls_x509_crt_free(&crt);
+#else
+    (void) Data;
+    (void) Size;
+#endif
+
+    return 0;
+}
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_x509crt.options b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_x509crt.options
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_x509crt.options
rename to 3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_x509crt.options
diff --git a/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_x509csr.c b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_x509csr.c
new file mode 100644
index 0000000..0ca9b87
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_x509csr.c
@@ -0,0 +1,33 @@
+#include <stdint.h>
+#include "mbedtls/x509_csr.h"
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
+{
+#ifdef MBEDTLS_X509_CSR_PARSE_C
+    int ret;
+    mbedtls_x509_csr csr;
+    unsigned char buf[4096];
+
+    mbedtls_x509_csr_init(&csr);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    ret = mbedtls_x509_csr_parse(&csr, Data, Size);
+    if (ret == 0) {
+        ret = mbedtls_x509_csr_info((char *) buf, sizeof(buf) - 1, " ", &csr);
+    }
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+exit:
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    mbedtls_x509_csr_free(&csr);
+#else
+    (void) Data;
+    (void) Size;
+#endif
+
+    return 0;
+}
diff --git a/3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_x509csr.options b/3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_x509csr.options
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/fuzz/fuzz_x509csr.options
rename to 3rdparty/mbedtls-2.28.7/programs/fuzz/fuzz_x509csr.options
diff --git a/3rdparty/mbedtls-2.28.7/programs/fuzz/onefile.c b/3rdparty/mbedtls-2.28.7/programs/fuzz/onefile.c
new file mode 100644
index 0000000..0d202b1
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/fuzz/onefile.c
@@ -0,0 +1,73 @@
+#include <stdint.h>
+#include <stdlib.h>
+#include <stdio.h>
+
+/* This file doesn't use any Mbed TLS function, but grab config.h anyway
+ * in case it contains platform-specific #defines related to malloc or
+ * stdio functions. */
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);
+
+int main(int argc, char **argv)
+{
+    FILE *fp;
+    uint8_t *Data;
+    size_t Size;
+    const char *argv0 = argv[0] == NULL ? "PROGRAM_NAME" : argv[0];
+
+    if (argc != 2) {
+        fprintf(stderr, "Usage: %s REPRODUCER_FILE\n", argv0);
+        return 1;
+    }
+    //opens the file, get its size, and reads it into a buffer
+    fp = fopen(argv[1], "rb");
+    if (fp == NULL) {
+        fprintf(stderr, "%s: Error in fopen\n", argv0);
+        perror(argv[1]);
+        return 2;
+    }
+    if (fseek(fp, 0L, SEEK_END) != 0) {
+        fprintf(stderr, "%s: Error in fseek(SEEK_END)\n", argv0);
+        perror(argv[1]);
+        fclose(fp);
+        return 2;
+    }
+    Size = ftell(fp);
+    if (Size == (size_t) -1) {
+        fprintf(stderr, "%s: Error in ftell\n", argv0);
+        perror(argv[1]);
+        fclose(fp);
+        return 2;
+    }
+    if (fseek(fp, 0L, SEEK_SET) != 0) {
+        fprintf(stderr, "%s: Error in fseek(0)\n", argv0);
+        perror(argv[1]);
+        fclose(fp);
+        return 2;
+    }
+    Data = malloc(Size);
+    if (Data == NULL) {
+        fprintf(stderr, "%s: Could not allocate memory\n", argv0);
+        perror(argv[1]);
+        fclose(fp);
+        return 2;
+    }
+    if (fread(Data, Size, 1, fp) != 1) {
+        fprintf(stderr, "%s: Error in fread\n", argv0);
+        perror(argv[1]);
+        free(Data);
+        fclose(fp);
+        return 2;
+    }
+
+    //launch fuzzer
+    LLVMFuzzerTestOneInput(Data, Size);
+    free(Data);
+    fclose(fp);
+    return 0;
+}
diff --git a/3rdparty/mbedtls-2.25.0/programs/hash/CMakeLists.txt b/3rdparty/mbedtls-2.28.7/programs/hash/CMakeLists.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/hash/CMakeLists.txt
rename to 3rdparty/mbedtls-2.28.7/programs/hash/CMakeLists.txt
diff --git a/3rdparty/mbedtls-2.28.7/programs/hash/generic_sum.c b/3rdparty/mbedtls-2.28.7/programs/hash/generic_sum.c
new file mode 100644
index 0000000..033366e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/hash/generic_sum.c
@@ -0,0 +1,218 @@
+/*
+ *  generic message digest layer demonstration program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_MD_C) && defined(MBEDTLS_FS_IO)
+#include "mbedtls/md.h"
+
+#include <stdio.h>
+#include <string.h>
+#endif
+
+#if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_FS_IO)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_FS_IO not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+
+static int generic_wrapper(const mbedtls_md_info_t *md_info, char *filename, unsigned char *sum)
+{
+    int ret = mbedtls_md_file(md_info, filename, sum);
+
+    if (ret == 1) {
+        mbedtls_fprintf(stderr, "failed to open: %s\n", filename);
+    }
+
+    if (ret == 2) {
+        mbedtls_fprintf(stderr, "failed to read: %s\n", filename);
+    }
+
+    return ret;
+}
+
+static int generic_print(const mbedtls_md_info_t *md_info, char *filename)
+{
+    int i;
+    unsigned char sum[MBEDTLS_MD_MAX_SIZE];
+
+    if (generic_wrapper(md_info, filename, sum) != 0) {
+        return 1;
+    }
+
+    for (i = 0; i < mbedtls_md_get_size(md_info); i++) {
+        mbedtls_printf("%02x", sum[i]);
+    }
+
+    mbedtls_printf("  %s\n", filename);
+    return 0;
+}
+
+static int generic_check(const mbedtls_md_info_t *md_info, char *filename)
+{
+    int i;
+    size_t n;
+    FILE *f;
+    int nb_err1, nb_err2;
+    int nb_tot1, nb_tot2;
+    unsigned char sum[MBEDTLS_MD_MAX_SIZE];
+    char line[1024];
+    char diff;
+#if defined(__clang_analyzer__)
+    char buf[MBEDTLS_MD_MAX_SIZE * 2 + 1] = { };
+#else
+    char buf[MBEDTLS_MD_MAX_SIZE * 2 + 1];
+#endif
+
+    if ((f = fopen(filename, "rb")) == NULL) {
+        mbedtls_printf("failed to open: %s\n", filename);
+        return 1;
+    }
+
+    nb_err1 = nb_err2 = 0;
+    nb_tot1 = nb_tot2 = 0;
+
+    memset(line, 0, sizeof(line));
+
+    n = sizeof(line);
+
+    while (fgets(line, (int) n - 1, f) != NULL) {
+        n = strlen(line);
+
+        if (n < (size_t) 2 * mbedtls_md_get_size(md_info) + 4) {
+            mbedtls_printf("No '%s' hash found on line.\n", mbedtls_md_get_name(md_info));
+            continue;
+        }
+
+        if (line[2 * mbedtls_md_get_size(md_info)] != ' ' ||
+            line[2 * mbedtls_md_get_size(md_info) + 1] != ' ') {
+            mbedtls_printf("No '%s' hash found on line.\n", mbedtls_md_get_name(md_info));
+            continue;
+        }
+
+        if (line[n - 1] == '\n') {
+            n--; line[n] = '\0';
+        }
+        if (line[n - 1] == '\r') {
+            n--; line[n] = '\0';
+        }
+
+        nb_tot1++;
+
+        if (generic_wrapper(md_info, line + 2 + 2 * mbedtls_md_get_size(md_info), sum) != 0) {
+            nb_err1++;
+            continue;
+        }
+
+        nb_tot2++;
+
+        for (i = 0; i < mbedtls_md_get_size(md_info); i++) {
+            sprintf(buf + i * 2, "%02x", sum[i]);
+        }
+
+        /* Use constant-time buffer comparison */
+        diff = 0;
+        for (i = 0; i < 2 * mbedtls_md_get_size(md_info); i++) {
+            diff |= line[i] ^ buf[i];
+        }
+
+        if (diff != 0) {
+            nb_err2++;
+            mbedtls_fprintf(stderr, "wrong checksum: %s\n", line + 66);
+        }
+
+        n = sizeof(line);
+    }
+
+    if (nb_err1 != 0) {
+        mbedtls_printf("WARNING: %d (out of %d) input files could "
+                       "not be read\n", nb_err1, nb_tot1);
+    }
+
+    if (nb_err2 != 0) {
+        mbedtls_printf("WARNING: %d (out of %d) computed checksums did "
+                       "not match\n", nb_err2, nb_tot2);
+    }
+
+    fclose(f);
+
+    return nb_err1 != 0 || nb_err2 != 0;
+}
+
+int main(int argc, char *argv[])
+{
+    int ret = 1, i;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    const mbedtls_md_info_t *md_info;
+    mbedtls_md_context_t md_ctx;
+
+    mbedtls_md_init(&md_ctx);
+
+    if (argc < 2) {
+        const int *list;
+
+        mbedtls_printf("print mode:  generic_sum <mbedtls_md> <file> <file> ...\n");
+        mbedtls_printf("check mode:  generic_sum <mbedtls_md> -c <checksum file>\n");
+
+        mbedtls_printf("\nAvailable message digests:\n");
+        list = mbedtls_md_list();
+        while (*list) {
+            md_info = mbedtls_md_info_from_type(*list);
+            mbedtls_printf("  %s\n", mbedtls_md_get_name(md_info));
+            list++;
+        }
+
+#if defined(_WIN32)
+        mbedtls_printf("\n  Press Enter to exit this program.\n");
+        fflush(stdout); getchar();
+#endif
+
+        mbedtls_exit(exit_code);
+    }
+
+    /*
+     * Read the MD from the command line
+     */
+    md_info = mbedtls_md_info_from_string(argv[1]);
+    if (md_info == NULL) {
+        mbedtls_fprintf(stderr, "Message Digest '%s' not found\n", argv[1]);
+        mbedtls_exit(exit_code);
+    }
+    if (mbedtls_md_setup(&md_ctx, md_info, 0)) {
+        mbedtls_fprintf(stderr, "Failed to initialize context.\n");
+        mbedtls_exit(exit_code);
+    }
+
+    ret = 0;
+    if (argc == 4 && strcmp("-c", argv[2]) == 0) {
+        ret |= generic_check(md_info, argv[3]);
+        goto exit;
+    }
+
+    for (i = 2; i < argc; i++) {
+        ret |= generic_print(md_info, argv[i]);
+    }
+
+    if (ret == 0) {
+        exit_code = MBEDTLS_EXIT_SUCCESS;
+    }
+
+exit:
+    mbedtls_md_free(&md_ctx);
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_MD_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.28.7/programs/hash/hello.c b/3rdparty/mbedtls-2.28.7/programs/hash/hello.c
new file mode 100644
index 0000000..1b286ca
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/hash/hello.c
@@ -0,0 +1,54 @@
+/*
+ *  Classic "Hello, world" demonstration program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_MD5_C)
+#include "mbedtls/md5.h"
+#endif
+
+#if !defined(MBEDTLS_MD5_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_MD5_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+
+int main(void)
+{
+    int i, ret;
+    unsigned char digest[16];
+    char str[] = "Hello, world!";
+
+    mbedtls_printf("\n  MD5('%s') = ", str);
+
+    if ((ret = mbedtls_md5_ret((unsigned char *) str, 13, digest)) != 0) {
+        mbedtls_exit(MBEDTLS_EXIT_FAILURE);
+    }
+
+    for (i = 0; i < 16; i++) {
+        mbedtls_printf("%02x", digest[i]);
+    }
+
+    mbedtls_printf("\n\n");
+
+#if defined(_WIN32)
+    mbedtls_printf("  Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(MBEDTLS_EXIT_SUCCESS);
+}
+#endif /* MBEDTLS_MD5_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/CMakeLists.txt b/3rdparty/mbedtls-2.28.7/programs/pkey/CMakeLists.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/pkey/CMakeLists.txt
rename to 3rdparty/mbedtls-2.28.7/programs/pkey/CMakeLists.txt
diff --git a/3rdparty/mbedtls-2.28.7/programs/pkey/dh_client.c b/3rdparty/mbedtls-2.28.7/programs/pkey/dh_client.c
new file mode 100644
index 0000000..1bf3e51
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/pkey/dh_client.c
@@ -0,0 +1,281 @@
+/*
+ *  Diffie-Hellman-Merkle key exchange (client side)
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \
+    defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \
+    defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \
+    defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \
+    defined(MBEDTLS_SHA1_C)
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/aes.h"
+#include "mbedtls/dhm.h"
+#include "mbedtls/rsa.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+
+#include <stdio.h>
+#include <string.h>
+#endif
+
+#define SERVER_NAME "localhost"
+#define SERVER_PORT "11999"
+
+#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) ||     \
+    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) ||  \
+    !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) ||    \
+    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \
+    !defined(MBEDTLS_SHA1_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C "
+                   "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
+                   "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or "
+                   "MBEDTLS_CTR_DRBG_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+
+int main(void)
+{
+    FILE *f;
+
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    size_t n, buflen;
+    mbedtls_net_context server_fd;
+
+    unsigned char *p, *end;
+    unsigned char buf[2048];
+    unsigned char hash[32];
+    const char *pers = "dh_client";
+
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_rsa_context rsa;
+    mbedtls_dhm_context dhm;
+    mbedtls_aes_context aes;
+
+    mbedtls_net_init(&server_fd);
+    mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256);
+    mbedtls_dhm_init(&dhm);
+    mbedtls_aes_init(&aes);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+
+    /*
+     * 1. Setup the RNG
+     */
+    mbedtls_printf("\n  . Seeding the random number generator");
+    fflush(stdout);
+
+    mbedtls_entropy_init(&entropy);
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                     (const unsigned char *) pers,
+                                     strlen(pers))) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret);
+        goto exit;
+    }
+
+    /*
+     * 2. Read the server's public RSA key
+     */
+    mbedtls_printf("\n  . Reading public key from rsa_pub.txt");
+    fflush(stdout);
+
+    if ((f = fopen("rsa_pub.txt", "rb")) == NULL) {
+        mbedtls_printf(" failed\n  ! Could not open rsa_pub.txt\n" \
+                       "  ! Please run rsa_genkey first\n\n");
+        goto exit;
+    }
+
+    mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0);
+
+    if ((ret = mbedtls_mpi_read_file(&rsa.N, 16, f)) != 0 ||
+        (ret = mbedtls_mpi_read_file(&rsa.E, 16, f)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_mpi_read_file returned %d\n\n", ret);
+        fclose(f);
+        goto exit;
+    }
+
+    rsa.len = (mbedtls_mpi_bitlen(&rsa.N) + 7) >> 3;
+
+    fclose(f);
+
+    /*
+     * 3. Initiate the connection
+     */
+    mbedtls_printf("\n  . Connecting to tcp/%s/%s", SERVER_NAME,
+                   SERVER_PORT);
+    fflush(stdout);
+
+    if ((ret = mbedtls_net_connect(&server_fd, SERVER_NAME,
+                                   SERVER_PORT, MBEDTLS_NET_PROTO_TCP)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_connect returned %d\n\n", ret);
+        goto exit;
+    }
+
+    /*
+     * 4a. First get the buffer length
+     */
+    mbedtls_printf("\n  . Receiving the server's DH parameters");
+    fflush(stdout);
+
+    memset(buf, 0, sizeof(buf));
+
+    if ((ret = mbedtls_net_recv(&server_fd, buf, 2)) != 2) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_recv returned %d\n\n", ret);
+        goto exit;
+    }
+
+    n = buflen = (buf[0] << 8) | buf[1];
+    if (buflen < 1 || buflen > sizeof(buf)) {
+        mbedtls_printf(" failed\n  ! Got an invalid buffer length\n\n");
+        goto exit;
+    }
+
+    /*
+     * 4b. Get the DHM parameters: P, G and Ys = G^Xs mod P
+     */
+    memset(buf, 0, sizeof(buf));
+
+    if ((ret = mbedtls_net_recv(&server_fd, buf, n)) != (int) n) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_recv returned %d\n\n", ret);
+        goto exit;
+    }
+
+    p = buf, end = buf + buflen;
+
+    if ((ret = mbedtls_dhm_read_params(&dhm, &p, end)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_dhm_read_params returned %d\n\n", ret);
+        goto exit;
+    }
+
+    if (dhm.len < 64 || dhm.len > 512) {
+        mbedtls_printf(" failed\n  ! Invalid DHM modulus size\n\n");
+        goto exit;
+    }
+
+    /*
+     * 5. Check that the server's RSA signature matches
+     *    the SHA-256 hash of (P,G,Ys)
+     */
+    mbedtls_printf("\n  . Verifying the server's RSA signature");
+    fflush(stdout);
+
+    p += 2;
+
+    if ((n = (size_t) (end - p)) != rsa.len) {
+        mbedtls_printf(" failed\n  ! Invalid RSA signature size\n\n");
+        goto exit;
+    }
+
+    if ((ret = mbedtls_sha1_ret(buf, (int) (p - 2 - buf), hash)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_sha1_ret returned %d\n\n", ret);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_rsa_pkcs1_verify(&rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC,
+                                        MBEDTLS_MD_SHA256, 0, hash, p)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret);
+        goto exit;
+    }
+
+    /*
+     * 6. Send our public value: Yc = G ^ Xc mod P
+     */
+    mbedtls_printf("\n  . Sending own public value to server");
+    fflush(stdout);
+
+    n = dhm.len;
+    if ((ret = mbedtls_dhm_make_public(&dhm, (int) dhm.len, buf, n,
+                                       mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_dhm_make_public returned %d\n\n", ret);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_net_send(&server_fd, buf, n)) != (int) n) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_send returned %d\n\n", ret);
+        goto exit;
+    }
+
+    /*
+     * 7. Derive the shared secret: K = Ys ^ Xc mod P
+     */
+    mbedtls_printf("\n  . Shared secret: ");
+    fflush(stdout);
+
+    if ((ret = mbedtls_dhm_calc_secret(&dhm, buf, sizeof(buf), &n,
+                                       mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_dhm_calc_secret returned %d\n\n", ret);
+        goto exit;
+    }
+
+    for (n = 0; n < 16; n++) {
+        mbedtls_printf("%02x", buf[n]);
+    }
+
+    /*
+     * 8. Setup the AES-256 decryption key
+     *
+     * This is an overly simplified example; best practice is
+     * to hash the shared secret with a random value to derive
+     * the keying material for the encryption/decryption keys,
+     * IVs and MACs.
+     */
+    mbedtls_printf("...\n  . Receiving and decrypting the ciphertext");
+    fflush(stdout);
+
+    ret = mbedtls_aes_setkey_dec(&aes, buf, 256);
+    if (ret != 0) {
+        goto exit;
+    }
+
+    memset(buf, 0, sizeof(buf));
+
+    if ((ret = mbedtls_net_recv(&server_fd, buf, 16)) != 16) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_recv returned %d\n\n", ret);
+        goto exit;
+    }
+
+    ret = mbedtls_aes_crypt_ecb(&aes, MBEDTLS_AES_DECRYPT, buf, buf);
+    if (ret != 0) {
+        goto exit;
+    }
+    buf[16] = '\0';
+    mbedtls_printf("\n  . Plaintext is \"%s\"\n\n", (char *) buf);
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+
+    mbedtls_net_free(&server_fd);
+
+    mbedtls_aes_free(&aes);
+    mbedtls_rsa_free(&rsa);
+    mbedtls_dhm_free(&dhm);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C &&
+          MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
+          MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/pkey/dh_genprime.c b/3rdparty/mbedtls-2.28.7/programs/pkey/dh_genprime.c
new file mode 100644
index 0000000..a4f3f0a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/pkey/dh_genprime.c
@@ -0,0 +1,170 @@
+/*
+ *  Diffie-Hellman-Merkle key exchange (prime generation)
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) ||   \
+    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) ||     \
+    !defined(MBEDTLS_GENPRIME)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
+                   "MBEDTLS_FS_IO and/or MBEDTLS_CTR_DRBG_C and/or "
+                   "MBEDTLS_GENPRIME not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include "mbedtls/bignum.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+
+#include <stdio.h>
+#include <string.h>
+
+#define USAGE \
+    "\n usage: dh_genprime param=<>...\n"                                   \
+    "\n acceptable parameters:\n"                                           \
+    "    bits=%%d           default: 2048\n"
+
+#define DFL_BITS    2048
+
+/*
+ * Note: G = 4 is always a quadratic residue mod P,
+ * so it is a generator of order Q (with P = 2*Q+1).
+ */
+#define GENERATOR "4"
+
+
+int main(int argc, char **argv)
+{
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    mbedtls_mpi G, P, Q;
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    const char *pers = "dh_genprime";
+    FILE *fout;
+    int nbits = DFL_BITS;
+    int i;
+    char *p, *q;
+
+    mbedtls_mpi_init(&G); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    mbedtls_entropy_init(&entropy);
+
+    if (argc < 2) {
+usage:
+        mbedtls_printf(USAGE);
+        goto exit;
+    }
+
+    for (i = 1; i < argc; i++) {
+        p = argv[i];
+        if ((q = strchr(p, '=')) == NULL) {
+            goto usage;
+        }
+        *q++ = '\0';
+
+        if (strcmp(p, "bits") == 0) {
+            nbits = atoi(q);
+            if (nbits < 0 || nbits > MBEDTLS_MPI_MAX_BITS) {
+                goto usage;
+            }
+        } else {
+            goto usage;
+        }
+    }
+
+    if ((ret = mbedtls_mpi_read_string(&G, 10, GENERATOR)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_mpi_read_string returned %d\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf("  ! Generating large primes may take minutes!\n");
+
+    mbedtls_printf("\n  . Seeding the random number generator...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                     (const unsigned char *) pers,
+                                     strlen(pers))) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n  . Generating the modulus, please wait...");
+    fflush(stdout);
+
+    /*
+     * This can take a long time...
+     */
+    if ((ret = mbedtls_mpi_gen_prime(&P, nbits, 1,
+                                     mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_mpi_gen_prime returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n  . Verifying that Q = (P-1)/2 is prime...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_mpi_sub_int(&Q, &P, 1)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_mpi_sub_int returned %d\n\n", ret);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_mpi_div_int(&Q, NULL, &Q, 2)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_mpi_div_int returned %d\n\n", ret);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_mpi_is_prime_ext(&Q, 50, mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_mpi_is_prime returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n  . Exporting the value in dh_prime.txt...");
+    fflush(stdout);
+
+    if ((fout = fopen("dh_prime.txt", "wb+")) == NULL) {
+        mbedtls_printf(" failed\n  ! Could not create dh_prime.txt\n\n");
+        goto exit;
+    }
+
+    if (((ret = mbedtls_mpi_write_file("P = ", &P, 16, fout)) != 0) ||
+        ((ret = mbedtls_mpi_write_file("G = ", &G, 16, fout)) != 0)) {
+        mbedtls_printf(" failed\n  ! mbedtls_mpi_write_file returned %d\n\n", ret);
+        fclose(fout);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n\n");
+    fclose(fout);
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+
+    mbedtls_mpi_free(&G); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+
+#if defined(_WIN32)
+    mbedtls_printf("  Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_FS_IO &&
+          MBEDTLS_CTR_DRBG_C && MBEDTLS_GENPRIME */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/dh_prime.txt b/3rdparty/mbedtls-2.28.7/programs/pkey/dh_prime.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/pkey/dh_prime.txt
rename to 3rdparty/mbedtls-2.28.7/programs/pkey/dh_prime.txt
diff --git a/3rdparty/mbedtls-2.28.7/programs/pkey/dh_server.c b/3rdparty/mbedtls-2.28.7/programs/pkey/dh_server.c
new file mode 100644
index 0000000..6ad015a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/pkey/dh_server.c
@@ -0,0 +1,303 @@
+/*
+ *  Diffie-Hellman-Merkle key exchange (server side)
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \
+    defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \
+    defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \
+    defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \
+    defined(MBEDTLS_SHA1_C)
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/aes.h"
+#include "mbedtls/dhm.h"
+#include "mbedtls/rsa.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+
+#include <stdio.h>
+#include <string.h>
+#endif
+
+#define SERVER_PORT "11999"
+#define PLAINTEXT "==Hello there!=="
+
+#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) ||     \
+    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) ||  \
+    !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) ||    \
+    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \
+    !defined(MBEDTLS_SHA1_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C "
+                   "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
+                   "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or "
+                   "MBEDTLS_CTR_DRBG_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+
+int main(void)
+{
+    FILE *f;
+
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    size_t n, buflen;
+    mbedtls_net_context listen_fd, client_fd;
+
+    unsigned char buf[2048];
+    unsigned char hash[32];
+    unsigned char buf2[2];
+    const char *pers = "dh_server";
+
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_rsa_context rsa;
+    mbedtls_dhm_context dhm;
+    mbedtls_aes_context aes;
+
+    mbedtls_mpi N, P, Q, D, E;
+
+    mbedtls_net_init(&listen_fd);
+    mbedtls_net_init(&client_fd);
+    mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256);
+    mbedtls_dhm_init(&dhm);
+    mbedtls_aes_init(&aes);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
+    mbedtls_mpi_init(&D); mbedtls_mpi_init(&E);
+
+    /*
+     * 1. Setup the RNG
+     */
+    mbedtls_printf("\n  . Seeding the random number generator");
+    fflush(stdout);
+
+    mbedtls_entropy_init(&entropy);
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                     (const unsigned char *) pers,
+                                     strlen(pers))) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret);
+        goto exit;
+    }
+
+    /*
+     * 2a. Read the server's private RSA key
+     */
+    mbedtls_printf("\n  . Reading private key from rsa_priv.txt");
+    fflush(stdout);
+
+    if ((f = fopen("rsa_priv.txt", "rb")) == NULL) {
+        mbedtls_printf(" failed\n  ! Could not open rsa_priv.txt\n" \
+                       "  ! Please run rsa_genkey first\n\n");
+        goto exit;
+    }
+
+    mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0);
+
+    if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 ||
+        (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0 ||
+        (ret = mbedtls_mpi_read_file(&D, 16, f)) != 0 ||
+        (ret = mbedtls_mpi_read_file(&P, 16, f)) != 0 ||
+        (ret = mbedtls_mpi_read_file(&Q, 16, f)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_mpi_read_file returned %d\n\n",
+                       ret);
+        fclose(f);
+        goto exit;
+    }
+    fclose(f);
+
+    if ((ret = mbedtls_rsa_import(&rsa, &N, &P, &Q, &D, &E)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_rsa_import returned %d\n\n",
+                       ret);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_rsa_complete(&rsa)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_rsa_complete returned %d\n\n",
+                       ret);
+        goto exit;
+    }
+
+    /*
+     * 2b. Get the DHM modulus and generator
+     */
+    mbedtls_printf("\n  . Reading DH parameters from dh_prime.txt");
+    fflush(stdout);
+
+    if ((f = fopen("dh_prime.txt", "rb")) == NULL) {
+        mbedtls_printf(" failed\n  ! Could not open dh_prime.txt\n" \
+                       "  ! Please run dh_genprime first\n\n");
+        goto exit;
+    }
+
+    if (mbedtls_mpi_read_file(&dhm.P, 16, f) != 0 ||
+        mbedtls_mpi_read_file(&dhm.G, 16, f) != 0) {
+        mbedtls_printf(" failed\n  ! Invalid DH parameter file\n\n");
+        fclose(f);
+        goto exit;
+    }
+
+    fclose(f);
+
+    /*
+     * 3. Wait for a client to connect
+     */
+    mbedtls_printf("\n  . Waiting for a remote connection");
+    fflush(stdout);
+
+    if ((ret = mbedtls_net_bind(&listen_fd, NULL, SERVER_PORT, MBEDTLS_NET_PROTO_TCP)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_bind returned %d\n\n", ret);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_net_accept(&listen_fd, &client_fd,
+                                  NULL, 0, NULL)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_accept returned %d\n\n", ret);
+        goto exit;
+    }
+
+    /*
+     * 4. Setup the DH parameters (P,G,Ys)
+     */
+    mbedtls_printf("\n  . Sending the server's DH parameters");
+    fflush(stdout);
+
+    memset(buf, 0, sizeof(buf));
+
+    if ((ret = mbedtls_dhm_make_params(&dhm, (int) mbedtls_mpi_size(&dhm.P), buf, &n,
+                                       mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_dhm_make_params returned %d\n\n", ret);
+        goto exit;
+    }
+
+    /*
+     * 5. Sign the parameters and send them
+     */
+    if ((ret = mbedtls_sha1_ret(buf, n, hash)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_sha1_ret returned %d\n\n", ret);
+        goto exit;
+    }
+
+    buf[n] = (unsigned char) (rsa.len >> 8);
+    buf[n + 1] = (unsigned char) (rsa.len);
+
+    if ((ret = mbedtls_rsa_pkcs1_sign(&rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256,
+                                      0, hash, buf + n + 2)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_rsa_pkcs1_sign returned %d\n\n", ret);
+        goto exit;
+    }
+
+    buflen = n + 2 + rsa.len;
+    buf2[0] = (unsigned char) (buflen >> 8);
+    buf2[1] = (unsigned char) (buflen);
+
+    if ((ret = mbedtls_net_send(&client_fd, buf2, 2)) != 2 ||
+        (ret = mbedtls_net_send(&client_fd, buf, buflen)) != (int) buflen) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_send returned %d\n\n", ret);
+        goto exit;
+    }
+
+    /*
+     * 6. Get the client's public value: Yc = G ^ Xc mod P
+     */
+    mbedtls_printf("\n  . Receiving the client's public value");
+    fflush(stdout);
+
+    memset(buf, 0, sizeof(buf));
+
+    n = dhm.len;
+    if ((ret = mbedtls_net_recv(&client_fd, buf, n)) != (int) n) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_recv returned %d\n\n", ret);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_dhm_read_public(&dhm, buf, dhm.len)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_dhm_read_public returned %d\n\n", ret);
+        goto exit;
+    }
+
+    /*
+     * 7. Derive the shared secret: K = Ys ^ Xc mod P
+     */
+    mbedtls_printf("\n  . Shared secret: ");
+    fflush(stdout);
+
+    if ((ret = mbedtls_dhm_calc_secret(&dhm, buf, sizeof(buf), &n,
+                                       mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_dhm_calc_secret returned %d\n\n", ret);
+        goto exit;
+    }
+
+    for (n = 0; n < 16; n++) {
+        mbedtls_printf("%02x", buf[n]);
+    }
+
+    /*
+     * 8. Setup the AES-256 encryption key
+     *
+     * This is an overly simplified example; best practice is
+     * to hash the shared secret with a random value to derive
+     * the keying material for the encryption/decryption keys
+     * and MACs.
+     */
+    mbedtls_printf("...\n  . Encrypting and sending the ciphertext");
+    fflush(stdout);
+
+    ret = mbedtls_aes_setkey_enc(&aes, buf, 256);
+    if (ret != 0) {
+        goto exit;
+    }
+    memcpy(buf, PLAINTEXT, 16);
+    ret = mbedtls_aes_crypt_ecb(&aes, MBEDTLS_AES_ENCRYPT, buf, buf);
+    if (ret != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_net_send(&client_fd, buf, 16)) != 16) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_send returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf("\n\n");
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
+    mbedtls_mpi_free(&D); mbedtls_mpi_free(&E);
+
+    mbedtls_net_free(&client_fd);
+    mbedtls_net_free(&listen_fd);
+
+    mbedtls_aes_free(&aes);
+    mbedtls_rsa_free(&rsa);
+    mbedtls_dhm_free(&dhm);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C &&
+          MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
+          MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/pkey/ecdh_curve25519.c b/3rdparty/mbedtls-2.28.7/programs/pkey/ecdh_curve25519.c
new file mode 100644
index 0000000..f79b165
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/pkey/ecdh_curve25519.c
@@ -0,0 +1,198 @@
+/*
+ *  Example ECDHE with Curve25519 program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_ECDH_C) || \
+    !defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || \
+    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_ECDH_C and/or "
+                   "MBEDTLS_ECP_DP_CURVE25519_ENABLED and/or "
+                   "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C "
+                   "not defined\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/ecdh.h"
+
+#include <string.h>
+
+
+int main(int argc, char *argv[])
+{
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    mbedtls_ecdh_context ctx_cli, ctx_srv;
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    unsigned char cli_to_srv[36], srv_to_cli[33];
+    const char pers[] = "ecdh";
+
+    size_t srv_olen;
+    size_t cli_olen;
+    unsigned char secret_cli[32] = { 0 };
+    unsigned char secret_srv[32] = { 0 };
+    const unsigned char *p_cli_to_srv = cli_to_srv;
+
+    ((void) argc);
+    ((void) argv);
+
+    mbedtls_ecdh_init(&ctx_cli);
+    mbedtls_ecdh_init(&ctx_srv);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+
+    /*
+     * Initialize random number generation
+     */
+    mbedtls_printf("  . Seed the random number generator...");
+    fflush(stdout);
+
+    mbedtls_entropy_init(&entropy);
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func,
+                                     &entropy,
+                                     (const unsigned char *) pers,
+                                     sizeof(pers))) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned %d\n",
+                       ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * Client: initialize context and generate keypair
+     */
+    mbedtls_printf("  . Set up client context, generate EC key pair...");
+    fflush(stdout);
+
+    ret = mbedtls_ecdh_setup(&ctx_cli, MBEDTLS_ECP_DP_CURVE25519);
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ecdh_setup returned %d\n", ret);
+        goto exit;
+    }
+
+    ret = mbedtls_ecdh_make_params(&ctx_cli, &cli_olen, cli_to_srv,
+                                   sizeof(cli_to_srv),
+                                   mbedtls_ctr_drbg_random, &ctr_drbg);
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ecdh_make_params returned %d\n",
+                       ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * Server: initialize context and generate keypair
+     */
+    mbedtls_printf("  . Server: read params, generate public key...");
+    fflush(stdout);
+
+    ret = mbedtls_ecdh_read_params(&ctx_srv, &p_cli_to_srv,
+                                   p_cli_to_srv + sizeof(cli_to_srv));
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ecdh_read_params returned %d\n",
+                       ret);
+        goto exit;
+    }
+
+    ret = mbedtls_ecdh_make_public(&ctx_srv, &srv_olen, srv_to_cli,
+                                   sizeof(srv_to_cli),
+                                   mbedtls_ctr_drbg_random, &ctr_drbg);
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ecdh_make_public returned %d\n",
+                       ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * Client: read public key
+     */
+    mbedtls_printf("  . Client: read public key...");
+    fflush(stdout);
+
+    ret = mbedtls_ecdh_read_public(&ctx_cli, srv_to_cli,
+                                   sizeof(srv_to_cli));
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ecdh_read_public returned %d\n",
+                       ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * Calculate secrets
+     */
+    mbedtls_printf("  . Calculate secrets...");
+    fflush(stdout);
+
+    ret = mbedtls_ecdh_calc_secret(&ctx_cli, &cli_olen, secret_cli,
+                                   sizeof(secret_cli),
+                                   mbedtls_ctr_drbg_random, &ctr_drbg);
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ecdh_calc_secret returned %d\n",
+                       ret);
+        goto exit;
+    }
+
+    ret = mbedtls_ecdh_calc_secret(&ctx_srv, &srv_olen, secret_srv,
+                                   sizeof(secret_srv),
+                                   mbedtls_ctr_drbg_random, &ctr_drbg);
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ecdh_calc_secret returned %d\n",
+                       ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * Verification: are the computed secrets equal?
+     */
+    mbedtls_printf("  . Check if both calculated secrets are equal...");
+    fflush(stdout);
+
+    ret = memcmp(secret_srv, secret_cli, srv_olen);
+    if (ret != 0 || (cli_olen != srv_olen)) {
+        mbedtls_printf(" failed\n  ! Shared secrets not equal.\n");
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_ecdh_free(&ctx_srv);
+    mbedtls_ecdh_free(&ctx_cli);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_ECDH_C && MBEDTLS_ECP_DP_CURVE25519_ENABLED &&
+          MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/pkey/ecdsa.c b/3rdparty/mbedtls-2.28.7/programs/pkey/ecdsa.c
new file mode 100644
index 0000000..24d79fc
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/pkey/ecdsa.c
@@ -0,0 +1,223 @@
+/*
+ *  Example ECDSA program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_ECDSA_C) && \
+    defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C)
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/ecdsa.h"
+#include "mbedtls/sha256.h"
+
+#include <string.h>
+#endif
+
+/*
+ * Uncomment to show key and signature details
+ */
+#define VERBOSE
+
+/*
+ * Uncomment to force use of a specific curve
+ */
+#define ECPARAMS    MBEDTLS_ECP_DP_SECP192R1
+
+#if !defined(ECPARAMS)
+#define ECPARAMS    mbedtls_ecp_curve_list()->grp_id
+#endif
+
+#if !defined(MBEDTLS_ECDSA_C) || !defined(MBEDTLS_SHA256_C) || \
+    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_ECDSA_C and/or MBEDTLS_SHA256_C and/or "
+                   "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C not defined\n");
+    mbedtls_exit(0);
+}
+#else
+#if defined(VERBOSE)
+static void dump_buf(const char *title, unsigned char *buf, size_t len)
+{
+    size_t i;
+
+    mbedtls_printf("%s", title);
+    for (i = 0; i < len; i++) {
+        mbedtls_printf("%c%c", "0123456789ABCDEF" [buf[i] / 16],
+                       "0123456789ABCDEF" [buf[i] % 16]);
+    }
+    mbedtls_printf("\n");
+}
+
+static void dump_pubkey(const char *title, mbedtls_ecdsa_context *key)
+{
+    unsigned char buf[300];
+    size_t len;
+
+    if (mbedtls_ecp_point_write_binary(&key->grp, &key->Q,
+                                       MBEDTLS_ECP_PF_UNCOMPRESSED, &len, buf, sizeof(buf)) != 0) {
+        mbedtls_printf("internal error\n");
+        return;
+    }
+
+    dump_buf(title, buf, len);
+}
+#else
+#define dump_buf(a, b, c)
+#define dump_pubkey(a, b)
+#endif
+
+
+int main(int argc, char *argv[])
+{
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    mbedtls_ecdsa_context ctx_sign, ctx_verify;
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    unsigned char message[100];
+    unsigned char hash[32];
+    unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
+    size_t sig_len;
+    const char *pers = "ecdsa";
+    ((void) argv);
+
+    mbedtls_ecdsa_init(&ctx_sign);
+    mbedtls_ecdsa_init(&ctx_verify);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+
+    memset(sig, 0, sizeof(sig));
+    memset(message, 0x25, sizeof(message));
+
+    if (argc != 1) {
+        mbedtls_printf("usage: ecdsa\n");
+
+#if defined(_WIN32)
+        mbedtls_printf("\n");
+#endif
+
+        goto exit;
+    }
+
+    /*
+     * Generate a key pair for signing
+     */
+    mbedtls_printf("\n  . Seeding the random number generator...");
+    fflush(stdout);
+
+    mbedtls_entropy_init(&entropy);
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                     (const unsigned char *) pers,
+                                     strlen(pers))) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n  . Generating key pair...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ecdsa_genkey(&ctx_sign, ECPARAMS,
+                                    mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ecdsa_genkey returned %d\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok (key size: %d bits)\n", (int) ctx_sign.grp.pbits);
+
+    dump_pubkey("  + Public key: ", &ctx_sign);
+
+    /*
+     * Compute message hash
+     */
+    mbedtls_printf("  . Computing message hash...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_sha256_ret(message, sizeof(message), hash, 0)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_sha256_ret returned %d\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    dump_buf("  + Hash: ", hash, sizeof(hash));
+
+    /*
+     * Sign message hash
+     */
+    mbedtls_printf("  . Signing message hash...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ecdsa_write_signature(&ctx_sign, MBEDTLS_MD_SHA256,
+                                             hash, sizeof(hash),
+                                             sig, &sig_len,
+                                             mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ecdsa_write_signature returned %d\n", ret);
+        goto exit;
+    }
+    mbedtls_printf(" ok (signature length = %u)\n", (unsigned int) sig_len);
+
+    dump_buf("  + Signature: ", sig, sig_len);
+
+    /*
+     * Transfer public information to verifying context
+     *
+     * We could use the same context for verification and signatures, but we
+     * chose to use a new one in order to make it clear that the verifying
+     * context only needs the public key (Q), and not the private key (d).
+     */
+    mbedtls_printf("  . Preparing verification context...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ecp_group_copy(&ctx_verify.grp, &ctx_sign.grp)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ecp_group_copy returned %d\n", ret);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_ecp_copy(&ctx_verify.Q, &ctx_sign.Q)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ecp_copy returned %d\n", ret);
+        goto exit;
+    }
+
+    /*
+     * Verify signature
+     */
+    mbedtls_printf(" ok\n  . Verifying signature...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ecdsa_read_signature(&ctx_verify,
+                                            hash, sizeof(hash),
+                                            sig, sig_len)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ecdsa_read_signature returned %d\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_ecdsa_free(&ctx_verify);
+    mbedtls_ecdsa_free(&ctx_sign);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
+          ECPARAMS */
diff --git a/3rdparty/mbedtls-2.28.7/programs/pkey/gen_key.c b/3rdparty/mbedtls-2.28.7/programs/pkey/gen_key.c
new file mode 100644
index 0000000..8ad2627
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/pkey/gen_key.c
@@ -0,0 +1,423 @@
+/*
+ *  Key generation application
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_FS_IO) && \
+    defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C)
+#include "mbedtls/error.h"
+#include "mbedtls/pk.h"
+#include "mbedtls/ecdsa.h"
+#include "mbedtls/rsa.h"
+#include "mbedtls/error.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#if !defined(_WIN32)
+#include <unistd.h>
+
+#define DEV_RANDOM_THRESHOLD        32
+
+int dev_random_entropy_poll(void *data, unsigned char *output,
+                            size_t len, size_t *olen)
+{
+    FILE *file;
+    size_t ret, left = len;
+    unsigned char *p = output;
+    ((void) data);
+
+    *olen = 0;
+
+    file = fopen("/dev/random", "rb");
+    if (file == NULL) {
+        return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+    }
+
+    while (left > 0) {
+        /* /dev/random can return much less than requested. If so, try again */
+        ret = fread(p, 1, left, file);
+        if (ret == 0 && ferror(file)) {
+            fclose(file);
+            return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+        }
+
+        p += ret;
+        left -= ret;
+        sleep(1);
+    }
+    fclose(file);
+    *olen = len;
+
+    return 0;
+}
+#endif /* !_WIN32 */
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+#define DFL_EC_CURVE            mbedtls_ecp_curve_list()->grp_id
+#else
+#define DFL_EC_CURVE            0
+#endif
+
+#if !defined(_WIN32) && defined(MBEDTLS_FS_IO)
+#define USAGE_DEV_RANDOM \
+    "    use_dev_random=0|1    default: 0\n"
+#else
+#define USAGE_DEV_RANDOM ""
+#endif /* !_WIN32 && MBEDTLS_FS_IO */
+
+#define FORMAT_PEM              0
+#define FORMAT_DER              1
+
+#define DFL_TYPE                MBEDTLS_PK_RSA
+#define DFL_RSA_KEYSIZE         4096
+#define DFL_FILENAME            "keyfile.key"
+#define DFL_FORMAT              FORMAT_PEM
+#define DFL_USE_DEV_RANDOM      0
+
+#define USAGE \
+    "\n usage: gen_key param=<>...\n"                   \
+    "\n acceptable parameters:\n"                       \
+    "    type=rsa|ec           default: rsa\n"          \
+    "    rsa_keysize=%%d        default: 4096\n"        \
+    "    ec_curve=%%s           see below\n"            \
+    "    filename=%%s           default: keyfile.key\n" \
+    "    format=pem|der        default: pem\n"          \
+    USAGE_DEV_RANDOM                                    \
+    "\n"
+
+#if !defined(MBEDTLS_PK_WRITE_C) || !defined(MBEDTLS_PEM_WRITE_C) || \
+    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \
+    !defined(MBEDTLS_CTR_DRBG_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO and/or "
+                   "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
+                   "MBEDTLS_PEM_WRITE_C"
+                   "not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+
+/*
+ * global options
+ */
+struct options {
+    int type;                   /* the type of key to generate          */
+    int rsa_keysize;            /* length of key in bits                */
+    int ec_curve;               /* curve identifier for EC keys         */
+    const char *filename;       /* filename of the key file             */
+    int format;                 /* the output format to use             */
+    int use_dev_random;         /* use /dev/random as entropy source    */
+} opt;
+
+static int write_private_key(mbedtls_pk_context *key, const char *output_file)
+{
+    int ret;
+    FILE *f;
+    unsigned char output_buf[16000];
+    unsigned char *c = output_buf;
+    size_t len = 0;
+
+    memset(output_buf, 0, 16000);
+    if (opt.format == FORMAT_PEM) {
+        if ((ret = mbedtls_pk_write_key_pem(key, output_buf, 16000)) != 0) {
+            return ret;
+        }
+
+        len = strlen((char *) output_buf);
+    } else {
+        if ((ret = mbedtls_pk_write_key_der(key, output_buf, 16000)) < 0) {
+            return ret;
+        }
+
+        len = ret;
+        c = output_buf + sizeof(output_buf) - len;
+    }
+
+    if ((f = fopen(output_file, "wb")) == NULL) {
+        return -1;
+    }
+
+    if (fwrite(c, 1, len, f) != len) {
+        fclose(f);
+        return -1;
+    }
+
+    fclose(f);
+
+    return 0;
+}
+
+int main(int argc, char *argv[])
+{
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    mbedtls_pk_context key;
+    char buf[1024];
+    int i;
+    char *p, *q;
+    mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    const char *pers = "gen_key";
+#if defined(MBEDTLS_ECP_C)
+    const mbedtls_ecp_curve_info *curve_info;
+#endif
+
+    /*
+     * Set to sane values
+     */
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
+    mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP);
+    mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP);
+
+    mbedtls_pk_init(&key);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    memset(buf, 0, sizeof(buf));
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if (argc < 2) {
+usage:
+        mbedtls_printf(USAGE);
+#if defined(MBEDTLS_ECP_C)
+        mbedtls_printf(" available ec_curve values:\n");
+        curve_info = mbedtls_ecp_curve_list();
+        mbedtls_printf("    %s (default)\n", curve_info->name);
+        while ((++curve_info)->name != NULL) {
+            mbedtls_printf("    %s\n", curve_info->name);
+        }
+#endif /* MBEDTLS_ECP_C */
+        goto exit;
+    }
+
+    opt.type                = DFL_TYPE;
+    opt.rsa_keysize         = DFL_RSA_KEYSIZE;
+    opt.ec_curve            = DFL_EC_CURVE;
+    opt.filename            = DFL_FILENAME;
+    opt.format              = DFL_FORMAT;
+    opt.use_dev_random      = DFL_USE_DEV_RANDOM;
+
+    for (i = 1; i < argc; i++) {
+        p = argv[i];
+        if ((q = strchr(p, '=')) == NULL) {
+            goto usage;
+        }
+        *q++ = '\0';
+
+        if (strcmp(p, "type") == 0) {
+            if (strcmp(q, "rsa") == 0) {
+                opt.type = MBEDTLS_PK_RSA;
+            } else if (strcmp(q, "ec") == 0) {
+                opt.type = MBEDTLS_PK_ECKEY;
+            } else {
+                goto usage;
+            }
+        } else if (strcmp(p, "format") == 0) {
+            if (strcmp(q, "pem") == 0) {
+                opt.format = FORMAT_PEM;
+            } else if (strcmp(q, "der") == 0) {
+                opt.format = FORMAT_DER;
+            } else {
+                goto usage;
+            }
+        } else if (strcmp(p, "rsa_keysize") == 0) {
+            opt.rsa_keysize = atoi(q);
+            if (opt.rsa_keysize < 1024 ||
+                opt.rsa_keysize > MBEDTLS_MPI_MAX_BITS) {
+                goto usage;
+            }
+        }
+#if defined(MBEDTLS_ECP_C)
+        else if (strcmp(p, "ec_curve") == 0) {
+            if ((curve_info = mbedtls_ecp_curve_info_from_name(q)) == NULL) {
+                goto usage;
+            }
+            opt.ec_curve = curve_info->grp_id;
+        }
+#endif
+        else if (strcmp(p, "filename") == 0) {
+            opt.filename = q;
+        } else if (strcmp(p, "use_dev_random") == 0) {
+            opt.use_dev_random = atoi(q);
+            if (opt.use_dev_random < 0 || opt.use_dev_random > 1) {
+                goto usage;
+            }
+        } else {
+            goto usage;
+        }
+    }
+
+    mbedtls_printf("\n  . Seeding the random number generator...");
+    fflush(stdout);
+
+    mbedtls_entropy_init(&entropy);
+#if !defined(_WIN32) && defined(MBEDTLS_FS_IO)
+    if (opt.use_dev_random) {
+        if ((ret = mbedtls_entropy_add_source(&entropy, dev_random_entropy_poll,
+                                              NULL, DEV_RANDOM_THRESHOLD,
+                                              MBEDTLS_ENTROPY_SOURCE_STRONG)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_entropy_add_source returned -0x%04x\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+
+        mbedtls_printf("\n    Using /dev/random, so can take a long time! ");
+        fflush(stdout);
+    }
+#endif /* !_WIN32 && MBEDTLS_FS_IO */
+
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                     (const unsigned char *) pers,
+                                     strlen(pers))) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned -0x%04x\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    /*
+     * 1.1. Generate the key
+     */
+    mbedtls_printf("\n  . Generating the private key ...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_pk_setup(&key,
+                                mbedtls_pk_info_from_type((mbedtls_pk_type_t) opt.type))) != 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_pk_setup returned -0x%04x", (unsigned int) -ret);
+        goto exit;
+    }
+
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
+    if (opt.type == MBEDTLS_PK_RSA) {
+        ret = mbedtls_rsa_gen_key(mbedtls_pk_rsa(key), mbedtls_ctr_drbg_random, &ctr_drbg,
+                                  opt.rsa_keysize, 65537);
+        if (ret != 0) {
+            mbedtls_printf(" failed\n  !  mbedtls_rsa_gen_key returned -0x%04x",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+    } else
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECP_C)
+    if (opt.type == MBEDTLS_PK_ECKEY) {
+        ret = mbedtls_ecp_gen_key((mbedtls_ecp_group_id) opt.ec_curve,
+                                  mbedtls_pk_ec(key),
+                                  mbedtls_ctr_drbg_random, &ctr_drbg);
+        if (ret != 0) {
+            mbedtls_printf(" failed\n  !  mbedtls_ecp_gen_key returned -0x%04x",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+    } else
+#endif /* MBEDTLS_ECP_C */
+    {
+        mbedtls_printf(" failed\n  !  key type not supported\n");
+        goto exit;
+    }
+
+    /*
+     * 1.2 Print the key
+     */
+    mbedtls_printf(" ok\n  . Key information:\n");
+
+#if defined(MBEDTLS_RSA_C)
+    if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_RSA) {
+        mbedtls_rsa_context *rsa = mbedtls_pk_rsa(key);
+
+        if ((ret = mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E)) != 0 ||
+            (ret = mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP))      != 0) {
+            mbedtls_printf(" failed\n  ! could not export RSA parameters\n\n");
+            goto exit;
+        }
+
+        mbedtls_mpi_write_file("N:  ",  &N,  16, NULL);
+        mbedtls_mpi_write_file("E:  ",  &E,  16, NULL);
+        mbedtls_mpi_write_file("D:  ",  &D,  16, NULL);
+        mbedtls_mpi_write_file("P:  ",  &P,  16, NULL);
+        mbedtls_mpi_write_file("Q:  ",  &Q,  16, NULL);
+        mbedtls_mpi_write_file("DP: ",  &DP, 16, NULL);
+        mbedtls_mpi_write_file("DQ:  ", &DQ, 16, NULL);
+        mbedtls_mpi_write_file("QP:  ", &QP, 16, NULL);
+    } else
+#endif
+#if defined(MBEDTLS_ECP_C)
+    if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_ECKEY) {
+        mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(key);
+        mbedtls_printf("curve: %s\n",
+                       mbedtls_ecp_curve_info_from_grp_id(ecp->grp.id)->name);
+        mbedtls_mpi_write_file("X_Q:   ", &ecp->Q.X, 16, NULL);
+        mbedtls_mpi_write_file("Y_Q:   ", &ecp->Q.Y, 16, NULL);
+        mbedtls_mpi_write_file("D:     ", &ecp->d, 16, NULL);
+    } else
+#endif
+    mbedtls_printf("  ! key type not supported\n");
+
+    /*
+     * 1.3 Export key
+     */
+    mbedtls_printf("  . Writing key to file...");
+
+    if ((ret = write_private_key(&key, opt.filename)) != 0) {
+        mbedtls_printf(" failed\n");
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+
+    if (exit_code != MBEDTLS_EXIT_SUCCESS) {
+#ifdef MBEDTLS_ERROR_C
+        mbedtls_strerror(ret, buf, sizeof(buf));
+        mbedtls_printf(" - %s\n", buf);
+#else
+        mbedtls_printf("\n");
+#endif
+    }
+
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
+    mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP);
+    mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP);
+
+    mbedtls_pk_free(&key);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_PK_WRITE_C && MBEDTLS_PEM_WRITE_C && MBEDTLS_FS_IO &&
+        * MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/pkey/key_app.c b/3rdparty/mbedtls-2.28.7/programs/pkey/key_app.c
new file mode 100644
index 0000000..ac1b594
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/pkey/key_app.c
@@ -0,0 +1,289 @@
+/*
+ *  Key reading application
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_BIGNUM_C) && \
+    defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_FS_IO)
+#include "mbedtls/error.h"
+#include "mbedtls/rsa.h"
+#include "mbedtls/pk.h"
+
+#include <string.h>
+#endif
+
+#define MODE_NONE               0
+#define MODE_PRIVATE            1
+#define MODE_PUBLIC             2
+
+#define DFL_MODE                MODE_NONE
+#define DFL_FILENAME            "keyfile.key"
+#define DFL_PASSWORD            ""
+#define DFL_PASSWORD_FILE       ""
+#define DFL_DEBUG_LEVEL         0
+
+#define USAGE \
+    "\n usage: key_app param=<>...\n"                   \
+    "\n acceptable parameters:\n"                       \
+    "    mode=private|public default: none\n"           \
+    "    filename=%%s         default: keyfile.key\n"   \
+    "    password=%%s         default: \"\"\n"          \
+    "    password_file=%%s    default: \"\"\n"          \
+    "\n"
+
+#if !defined(MBEDTLS_BIGNUM_C) ||                                  \
+    !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_BIGNUM_C and/or "
+                   "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+
+/*
+ * global options
+ */
+struct options {
+    int mode;                   /* the mode to run the application in   */
+    const char *filename;       /* filename of the key file             */
+    const char *password;       /* password for the private key         */
+    const char *password_file;  /* password_file for the private key    */
+} opt;
+
+int main(int argc, char *argv[])
+{
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    char buf[1024];
+    int i;
+    char *p, *q;
+
+    mbedtls_pk_context pk;
+    mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
+
+    /*
+     * Set to sane values
+     */
+    mbedtls_pk_init(&pk);
+    memset(buf, 0, sizeof(buf));
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        goto cleanup;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
+    mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP);
+    mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP);
+
+    if (argc < 2) {
+usage:
+        mbedtls_printf(USAGE);
+        goto cleanup;
+    }
+
+    opt.mode                = DFL_MODE;
+    opt.filename            = DFL_FILENAME;
+    opt.password            = DFL_PASSWORD;
+    opt.password_file       = DFL_PASSWORD_FILE;
+
+    for (i = 1; i < argc; i++) {
+        p = argv[i];
+        if ((q = strchr(p, '=')) == NULL) {
+            goto usage;
+        }
+        *q++ = '\0';
+
+        if (strcmp(p, "mode") == 0) {
+            if (strcmp(q, "private") == 0) {
+                opt.mode = MODE_PRIVATE;
+            } else if (strcmp(q, "public") == 0) {
+                opt.mode = MODE_PUBLIC;
+            } else {
+                goto usage;
+            }
+        } else if (strcmp(p, "filename") == 0) {
+            opt.filename = q;
+        } else if (strcmp(p, "password") == 0) {
+            opt.password = q;
+        } else if (strcmp(p, "password_file") == 0) {
+            opt.password_file = q;
+        } else {
+            goto usage;
+        }
+    }
+
+    if (opt.mode == MODE_PRIVATE) {
+        if (strlen(opt.password) && strlen(opt.password_file)) {
+            mbedtls_printf("Error: cannot have both password and password_file\n");
+            goto usage;
+        }
+
+        if (strlen(opt.password_file)) {
+            FILE *f;
+
+            mbedtls_printf("\n  . Loading the password file ...");
+            if ((f = fopen(opt.password_file, "rb")) == NULL) {
+                mbedtls_printf(" failed\n  !  fopen returned NULL\n");
+                goto cleanup;
+            }
+            if (fgets(buf, sizeof(buf), f) == NULL) {
+                fclose(f);
+                mbedtls_printf("Error: fgets() failed to retrieve password\n");
+                goto cleanup;
+            }
+            fclose(f);
+
+            i = (int) strlen(buf);
+            if (buf[i - 1] == '\n') {
+                buf[i - 1] = '\0';
+            }
+            if (buf[i - 2] == '\r') {
+                buf[i - 2] = '\0';
+            }
+            opt.password = buf;
+        }
+
+        /*
+         * 1.1. Load the key
+         */
+        mbedtls_printf("\n  . Loading the private key ...");
+        fflush(stdout);
+
+        ret = mbedtls_pk_parse_keyfile(&pk, opt.filename, opt.password);
+
+        if (ret != 0) {
+            mbedtls_printf(" failed\n  !  mbedtls_pk_parse_keyfile returned -0x%04x\n",
+                           (unsigned int) -ret);
+            goto cleanup;
+        }
+
+        mbedtls_printf(" ok\n");
+
+        /*
+         * 1.2 Print the key
+         */
+        mbedtls_printf("  . Key information    ...\n");
+#if defined(MBEDTLS_RSA_C)
+        if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_RSA) {
+            mbedtls_rsa_context *rsa = mbedtls_pk_rsa(pk);
+
+            if ((ret = mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E)) != 0 ||
+                (ret = mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP))      != 0) {
+                mbedtls_printf(" failed\n  ! could not export RSA parameters\n\n");
+                goto cleanup;
+            }
+
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("N:  ", &N, 16, NULL));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("E:  ", &E, 16, NULL));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("D:  ", &D, 16, NULL));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("P:  ", &P, 16, NULL));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q:  ", &Q, 16, NULL));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("DP: ", &DP, 16, NULL));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("DQ:  ", &DQ, 16, NULL));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("QP:  ", &QP, 16, NULL));
+        } else
+#endif
+#if defined(MBEDTLS_ECP_C)
+        if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY) {
+            mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk);
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(X): ", &ecp->Q.X, 16, NULL));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(Y): ", &ecp->Q.Y, 16, NULL));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(Z): ", &ecp->Q.Z, 16, NULL));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("D   : ", &ecp->d, 16, NULL));
+        } else
+#endif
+        {
+            mbedtls_printf("Do not know how to print key information for this type\n");
+            goto cleanup;
+        }
+    } else if (opt.mode == MODE_PUBLIC) {
+        /*
+         * 1.1. Load the key
+         */
+        mbedtls_printf("\n  . Loading the public key ...");
+        fflush(stdout);
+
+        ret = mbedtls_pk_parse_public_keyfile(&pk, opt.filename);
+
+        if (ret != 0) {
+            mbedtls_printf(" failed\n  !  mbedtls_pk_parse_public_keyfile returned -0x%04x\n",
+                           (unsigned int) -ret);
+            goto cleanup;
+        }
+
+        mbedtls_printf(" ok\n");
+
+        mbedtls_printf("  . Key information    ...\n");
+#if defined(MBEDTLS_RSA_C)
+        if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_RSA) {
+            mbedtls_rsa_context *rsa = mbedtls_pk_rsa(pk);
+
+            if ((ret = mbedtls_rsa_export(rsa, &N, NULL, NULL,
+                                          NULL, &E)) != 0) {
+                mbedtls_printf(" failed\n  ! could not export RSA parameters\n\n");
+                goto cleanup;
+            }
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("N:  ", &N, 16, NULL));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("E:  ", &E, 16, NULL));
+        } else
+#endif
+#if defined(MBEDTLS_ECP_C)
+        if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY) {
+            mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk);
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(X): ", &ecp->Q.X, 16, NULL));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(Y): ", &ecp->Q.Y, 16, NULL));
+            MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(Z): ", &ecp->Q.Z, 16, NULL));
+        } else
+#endif
+        {
+            mbedtls_printf("Do not know how to print key information for this type\n");
+            goto cleanup;
+        }
+    } else {
+        goto usage;
+    }
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+cleanup:
+
+#if defined(MBEDTLS_ERROR_C)
+    if (exit_code != MBEDTLS_EXIT_SUCCESS) {
+        mbedtls_strerror(ret, buf, sizeof(buf));
+        mbedtls_printf("  !  Last error was: %s\n", buf);
+    }
+#endif
+
+    mbedtls_pk_free(&pk);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
+    mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP);
+    mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP);
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.28.7/programs/pkey/key_app_writer.c b/3rdparty/mbedtls-2.28.7/programs/pkey/key_app_writer.c
new file mode 100644
index 0000000..2f2b32c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/pkey/key_app_writer.c
@@ -0,0 +1,411 @@
+/*
+ *  Key writing application
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_FS_IO)
+#include "mbedtls/error.h"
+#include "mbedtls/pk.h"
+#include "mbedtls/error.h"
+
+#include <stdio.h>
+#include <string.h>
+#endif
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+#define USAGE_OUT \
+    "    output_file=%%s      default: keyfile.pem\n"   \
+    "    output_format=pem|der default: pem\n"
+#else
+#define USAGE_OUT \
+    "    output_file=%%s      default: keyfile.der\n"   \
+    "    output_format=der     default: der\n"
+#endif
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+#define DFL_OUTPUT_FILENAME     "keyfile.pem"
+#define DFL_OUTPUT_FORMAT       OUTPUT_FORMAT_PEM
+#else
+#define DFL_OUTPUT_FILENAME     "keyfile.der"
+#define DFL_OUTPUT_FORMAT       OUTPUT_FORMAT_DER
+#endif
+
+#define DFL_MODE                MODE_NONE
+#define DFL_FILENAME            "keyfile.key"
+#define DFL_DEBUG_LEVEL         0
+#define DFL_OUTPUT_MODE         OUTPUT_MODE_NONE
+
+#define MODE_NONE               0
+#define MODE_PRIVATE            1
+#define MODE_PUBLIC             2
+
+#define OUTPUT_MODE_NONE               0
+#define OUTPUT_MODE_PRIVATE            1
+#define OUTPUT_MODE_PUBLIC             2
+
+#define OUTPUT_FORMAT_PEM              0
+#define OUTPUT_FORMAT_DER              1
+
+#define USAGE \
+    "\n usage: key_app_writer param=<>...\n"            \
+    "\n acceptable parameters:\n"                       \
+    "    mode=private|public default: none\n"           \
+    "    filename=%%s         default: keyfile.key\n"   \
+    "    output_mode=private|public default: none\n"    \
+    USAGE_OUT                                           \
+    "\n"
+
+#if !defined(MBEDTLS_PK_PARSE_C) || \
+    !defined(MBEDTLS_PK_WRITE_C) || \
+    !defined(MBEDTLS_FS_IO)
+int main(void)
+{
+    mbedtls_printf(
+        "MBEDTLS_PK_PARSE_C and/or MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+
+/*
+ * global options
+ */
+struct options {
+    int mode;                   /* the mode to run the application in   */
+    const char *filename;       /* filename of the key file             */
+    int output_mode;            /* the output mode to use               */
+    const char *output_file;    /* where to store the constructed key file  */
+    int output_format;          /* the output format to use             */
+} opt;
+
+static int write_public_key(mbedtls_pk_context *key, const char *output_file)
+{
+    int ret;
+    FILE *f;
+    unsigned char output_buf[16000];
+    unsigned char *c = output_buf;
+    size_t len = 0;
+
+    memset(output_buf, 0, 16000);
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+    if (opt.output_format == OUTPUT_FORMAT_PEM) {
+        if ((ret = mbedtls_pk_write_pubkey_pem(key, output_buf, 16000)) != 0) {
+            return ret;
+        }
+
+        len = strlen((char *) output_buf);
+    } else
+#endif
+    {
+        if ((ret = mbedtls_pk_write_pubkey_der(key, output_buf, 16000)) < 0) {
+            return ret;
+        }
+
+        len = ret;
+        c = output_buf + sizeof(output_buf) - len;
+    }
+
+    if ((f = fopen(output_file, "w")) == NULL) {
+        return -1;
+    }
+
+    if (fwrite(c, 1, len, f) != len) {
+        fclose(f);
+        return -1;
+    }
+
+    fclose(f);
+
+    return 0;
+}
+
+static int write_private_key(mbedtls_pk_context *key, const char *output_file)
+{
+    int ret;
+    FILE *f;
+    unsigned char output_buf[16000];
+    unsigned char *c = output_buf;
+    size_t len = 0;
+
+    memset(output_buf, 0, 16000);
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+    if (opt.output_format == OUTPUT_FORMAT_PEM) {
+        if ((ret = mbedtls_pk_write_key_pem(key, output_buf, 16000)) != 0) {
+            return ret;
+        }
+
+        len = strlen((char *) output_buf);
+    } else
+#endif
+    {
+        if ((ret = mbedtls_pk_write_key_der(key, output_buf, 16000)) < 0) {
+            return ret;
+        }
+
+        len = ret;
+        c = output_buf + sizeof(output_buf) - len;
+    }
+
+    if ((f = fopen(output_file, "w")) == NULL) {
+        return -1;
+    }
+
+    if (fwrite(c, 1, len, f) != len) {
+        fclose(f);
+        return -1;
+    }
+
+    fclose(f);
+
+    return 0;
+}
+
+int main(int argc, char *argv[])
+{
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+#if defined(MBEDTLS_ERROR_C)
+    char buf[200];
+#endif
+    int i;
+    char *p, *q;
+
+    mbedtls_pk_context key;
+    mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
+
+    /*
+     * Set to sane values
+     */
+    mbedtls_pk_init(&key);
+#if defined(MBEDTLS_ERROR_C)
+    memset(buf, 0, sizeof(buf));
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
+    mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP);
+    mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP);
+
+    if (argc < 2) {
+usage:
+        mbedtls_printf(USAGE);
+        goto exit;
+    }
+
+    opt.mode                = DFL_MODE;
+    opt.filename            = DFL_FILENAME;
+    opt.output_mode         = DFL_OUTPUT_MODE;
+    opt.output_file         = DFL_OUTPUT_FILENAME;
+    opt.output_format       = DFL_OUTPUT_FORMAT;
+
+    for (i = 1; i < argc; i++) {
+        p = argv[i];
+        if ((q = strchr(p, '=')) == NULL) {
+            goto usage;
+        }
+        *q++ = '\0';
+
+        if (strcmp(p, "mode") == 0) {
+            if (strcmp(q, "private") == 0) {
+                opt.mode = MODE_PRIVATE;
+            } else if (strcmp(q, "public") == 0) {
+                opt.mode = MODE_PUBLIC;
+            } else {
+                goto usage;
+            }
+        } else if (strcmp(p, "output_mode") == 0) {
+            if (strcmp(q, "private") == 0) {
+                opt.output_mode = OUTPUT_MODE_PRIVATE;
+            } else if (strcmp(q, "public") == 0) {
+                opt.output_mode = OUTPUT_MODE_PUBLIC;
+            } else {
+                goto usage;
+            }
+        } else if (strcmp(p, "output_format") == 0) {
+#if defined(MBEDTLS_PEM_WRITE_C)
+            if (strcmp(q, "pem") == 0) {
+                opt.output_format = OUTPUT_FORMAT_PEM;
+            } else
+#endif
+            if (strcmp(q, "der") == 0) {
+                opt.output_format = OUTPUT_FORMAT_DER;
+            } else {
+                goto usage;
+            }
+        } else if (strcmp(p, "filename") == 0) {
+            opt.filename = q;
+        } else if (strcmp(p, "output_file") == 0) {
+            opt.output_file = q;
+        } else {
+            goto usage;
+        }
+    }
+
+    if (opt.mode == MODE_NONE && opt.output_mode != OUTPUT_MODE_NONE) {
+        mbedtls_printf("\nCannot output a key without reading one.\n");
+        goto exit;
+    }
+
+    if (opt.mode == MODE_PUBLIC && opt.output_mode == OUTPUT_MODE_PRIVATE) {
+        mbedtls_printf("\nCannot output a private key from a public key.\n");
+        goto exit;
+    }
+
+    if (opt.mode == MODE_PRIVATE) {
+        /*
+         * 1.1. Load the key
+         */
+        mbedtls_printf("\n  . Loading the private key ...");
+        fflush(stdout);
+
+        ret = mbedtls_pk_parse_keyfile(&key, opt.filename, NULL);
+
+        if (ret != 0) {
+            mbedtls_printf(" failed\n  !  mbedtls_pk_parse_keyfile returned -0x%04x",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+
+        mbedtls_printf(" ok\n");
+
+        /*
+         * 1.2 Print the key
+         */
+        mbedtls_printf("  . Key information    ...\n");
+
+#if defined(MBEDTLS_RSA_C)
+        if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_RSA) {
+            mbedtls_rsa_context *rsa = mbedtls_pk_rsa(key);
+
+            if ((ret = mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E)) != 0 ||
+                (ret = mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP))      != 0) {
+                mbedtls_printf(" failed\n  ! could not export RSA parameters\n\n");
+                goto exit;
+            }
+
+            mbedtls_mpi_write_file("N:  ",  &N,  16, NULL);
+            mbedtls_mpi_write_file("E:  ",  &E,  16, NULL);
+            mbedtls_mpi_write_file("D:  ",  &D,  16, NULL);
+            mbedtls_mpi_write_file("P:  ",  &P,  16, NULL);
+            mbedtls_mpi_write_file("Q:  ",  &Q,  16, NULL);
+            mbedtls_mpi_write_file("DP: ",  &DP, 16, NULL);
+            mbedtls_mpi_write_file("DQ:  ", &DQ, 16, NULL);
+            mbedtls_mpi_write_file("QP:  ", &QP, 16, NULL);
+        } else
+#endif
+#if defined(MBEDTLS_ECP_C)
+        if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_ECKEY) {
+            mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(key);
+            mbedtls_mpi_write_file("Q(X): ", &ecp->Q.X, 16, NULL);
+            mbedtls_mpi_write_file("Q(Y): ", &ecp->Q.Y, 16, NULL);
+            mbedtls_mpi_write_file("Q(Z): ", &ecp->Q.Z, 16, NULL);
+            mbedtls_mpi_write_file("D   : ", &ecp->d, 16, NULL);
+        } else
+#endif
+        mbedtls_printf("key type not supported yet\n");
+
+    } else if (opt.mode == MODE_PUBLIC) {
+        /*
+         * 1.1. Load the key
+         */
+        mbedtls_printf("\n  . Loading the public key ...");
+        fflush(stdout);
+
+        ret = mbedtls_pk_parse_public_keyfile(&key, opt.filename);
+
+        if (ret != 0) {
+            mbedtls_printf(" failed\n  !  mbedtls_pk_parse_public_key returned -0x%04x",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+
+        mbedtls_printf(" ok\n");
+
+        /*
+         * 1.2 Print the key
+         */
+        mbedtls_printf("  . Key information    ...\n");
+
+#if defined(MBEDTLS_RSA_C)
+        if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_RSA) {
+            mbedtls_rsa_context *rsa = mbedtls_pk_rsa(key);
+
+            if ((ret = mbedtls_rsa_export(rsa, &N, NULL, NULL,
+                                          NULL, &E)) != 0) {
+                mbedtls_printf(" failed\n  ! could not export RSA parameters\n\n");
+                goto exit;
+            }
+            mbedtls_mpi_write_file("N: ", &N, 16, NULL);
+            mbedtls_mpi_write_file("E: ", &E, 16, NULL);
+        } else
+#endif
+#if defined(MBEDTLS_ECP_C)
+        if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_ECKEY) {
+            mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(key);
+            mbedtls_mpi_write_file("Q(X): ", &ecp->Q.X, 16, NULL);
+            mbedtls_mpi_write_file("Q(Y): ", &ecp->Q.Y, 16, NULL);
+            mbedtls_mpi_write_file("Q(Z): ", &ecp->Q.Z, 16, NULL);
+        } else
+#endif
+        mbedtls_printf("key type not supported yet\n");
+    } else {
+        goto usage;
+    }
+
+    if (opt.output_mode == OUTPUT_MODE_PUBLIC) {
+        write_public_key(&key, opt.output_file);
+    }
+    if (opt.output_mode == OUTPUT_MODE_PRIVATE) {
+        write_private_key(&key, opt.output_file);
+    }
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+
+    if (exit_code != MBEDTLS_EXIT_SUCCESS) {
+#ifdef MBEDTLS_ERROR_C
+        mbedtls_strerror(ret, buf, sizeof(buf));
+        mbedtls_printf(" - %s\n", buf);
+#else
+        mbedtls_printf("\n");
+#endif
+    }
+
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
+    mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP);
+    mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP);
+
+    mbedtls_pk_free(&key);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_PK_PARSE_C && MBEDTLS_PK_WRITE_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.28.7/programs/pkey/mpi_demo.c b/3rdparty/mbedtls-2.28.7/programs/pkey/mpi_demo.c
new file mode 100644
index 0000000..ffc4bca
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/pkey/mpi_demo.c
@@ -0,0 +1,93 @@
+/*
+ *  Simple MPI demonstration program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_FS_IO)
+#include "mbedtls/bignum.h"
+
+#include <stdio.h>
+#endif
+
+#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_FS_IO)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_FS_IO not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+
+int main(void)
+{
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    mbedtls_mpi E, P, Q, N, H, D, X, Y, Z;
+
+    mbedtls_mpi_init(&E); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&N);
+    mbedtls_mpi_init(&H); mbedtls_mpi_init(&D); mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y);
+    mbedtls_mpi_init(&Z);
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&P, 10, "2789"));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&Q, 10, "3203"));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&E, 10,  "257"));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&N, &P, &Q));
+
+    mbedtls_printf("\n  Public key:\n\n");
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("  N = ", &N, 10, NULL));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("  E = ", &E, 10, NULL));
+
+    mbedtls_printf("\n  Private key:\n\n");
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("  P = ", &P, 10, NULL));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("  Q = ", &Q, 10, NULL));
+
+#if defined(MBEDTLS_GENPRIME)
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&P, &P, 1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&Q, &Q, 1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&H, &P, &Q));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&D, &E, &H));
+
+    mbedtls_mpi_write_file("  D = E^-1 mod (P-1)*(Q-1) = ",
+                           &D, 10, NULL);
+#else
+    mbedtls_printf("\nTest skipped (MBEDTLS_GENPRIME not defined).\n\n");
+#endif
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&X, 10, "55555"));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&Y, &X, &E, &N, NULL));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&Z, &Y, &D, &N, NULL));
+
+    mbedtls_printf("\n  RSA operation:\n\n");
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("  X (plaintext)  = ", &X, 10, NULL));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("  Y (ciphertext) = X^E mod N = ", &Y, 10, NULL));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("  Z (decrypted)  = Y^D mod N = ", &Z, 10, NULL));
+    mbedtls_printf("\n");
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+cleanup:
+    mbedtls_mpi_free(&E); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); mbedtls_mpi_free(&N);
+    mbedtls_mpi_free(&H); mbedtls_mpi_free(&D); mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y);
+    mbedtls_mpi_free(&Z);
+
+    if (exit_code != MBEDTLS_EXIT_SUCCESS) {
+        mbedtls_printf("\nAn error occurred.\n");
+    }
+
+#if defined(_WIN32)
+    mbedtls_printf("  Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.28.7/programs/pkey/pk_decrypt.c b/3rdparty/mbedtls-2.28.7/programs/pkey/pk_decrypt.c
new file mode 100644
index 0000000..7c57f39
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/pkey/pk_decrypt.c
@@ -0,0 +1,161 @@
+/*
+ *  Public key-based simple decryption program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_PK_PARSE_C) && \
+    defined(MBEDTLS_FS_IO) && defined(MBEDTLS_ENTROPY_C) && \
+    defined(MBEDTLS_CTR_DRBG_C)
+#include "mbedtls/error.h"
+#include "mbedtls/pk.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+
+#include <stdio.h>
+#include <string.h>
+#endif
+
+#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_PK_PARSE_C) ||  \
+    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \
+    !defined(MBEDTLS_CTR_DRBG_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_PK_PARSE_C and/or "
+                   "MBEDTLS_FS_IO and/or MBEDTLS_ENTROPY_C and/or "
+                   "MBEDTLS_CTR_DRBG_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+
+int main(int argc, char *argv[])
+{
+    FILE *f;
+    int ret = 1;
+    unsigned c;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    size_t i, olen = 0;
+    mbedtls_pk_context pk;
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    unsigned char result[1024];
+    unsigned char buf[512];
+    const char *pers = "mbedtls_pk_decrypt";
+    ((void) argv);
+
+    mbedtls_pk_init(&pk);
+    mbedtls_entropy_init(&entropy);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+
+    memset(result, 0, sizeof(result));
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if (argc != 2) {
+        mbedtls_printf("usage: mbedtls_pk_decrypt <key_file>\n");
+
+#if defined(_WIN32)
+        mbedtls_printf("\n");
+#endif
+
+        goto exit;
+    }
+
+    mbedtls_printf("\n  . Seeding the random number generator...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func,
+                                     &entropy, (const unsigned char *) pers,
+                                     strlen(pers))) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned -0x%04x\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    mbedtls_printf("\n  . Reading private key from '%s'", argv[1]);
+    fflush(stdout);
+
+    if ((ret = mbedtls_pk_parse_keyfile(&pk, argv[1], "")) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_pk_parse_keyfile returned -0x%04x\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    /*
+     * Extract the RSA encrypted value from the text file
+     */
+    if ((f = fopen("result-enc.txt", "rb")) == NULL) {
+        mbedtls_printf("\n  ! Could not open %s\n\n", "result-enc.txt");
+        ret = 1;
+        goto exit;
+    }
+
+    i = 0;
+    while (fscanf(f, "%02X", (unsigned int *) &c) > 0 &&
+           i < (int) sizeof(buf)) {
+        buf[i++] = (unsigned char) c;
+    }
+
+    fclose(f);
+
+    /*
+     * Decrypt the encrypted RSA data and print the result.
+     */
+    mbedtls_printf("\n  . Decrypting the encrypted data");
+    fflush(stdout);
+
+    if ((ret = mbedtls_pk_decrypt(&pk, buf, i, result, &olen, sizeof(result),
+                                  mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_pk_decrypt returned -0x%04x\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    mbedtls_printf("\n  . OK\n\n");
+
+    mbedtls_printf("The decrypted result is: '%s'\n\n", result);
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+
+    mbedtls_pk_free(&pk);
+    mbedtls_entropy_free(&entropy);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_ERROR_C)
+    if (exit_code != MBEDTLS_EXIT_SUCCESS) {
+        mbedtls_strerror(ret, (char *) buf, sizeof(buf));
+        mbedtls_printf("  !  Last error was: %s\n", buf);
+    }
+#endif
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
+          MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/pkey/pk_encrypt.c b/3rdparty/mbedtls-2.28.7/programs/pkey/pk_encrypt.c
new file mode 100644
index 0000000..f99f175
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/pkey/pk_encrypt.c
@@ -0,0 +1,163 @@
+/*
+ *  RSA simple data encryption program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_PK_PARSE_C) && \
+    defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_FS_IO) && \
+    defined(MBEDTLS_CTR_DRBG_C)
+#include "mbedtls/error.h"
+#include "mbedtls/pk.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+
+#include <stdio.h>
+#include <string.h>
+#endif
+
+#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_PK_PARSE_C) ||  \
+    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_FS_IO) || \
+    !defined(MBEDTLS_CTR_DRBG_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_PK_PARSE_C and/or "
+                   "MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO and/or "
+                   "MBEDTLS_CTR_DRBG_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+
+int main(int argc, char *argv[])
+{
+    FILE *f;
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    size_t i, olen = 0;
+    mbedtls_pk_context pk;
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    unsigned char input[1024];
+    unsigned char buf[512];
+    const char *pers = "mbedtls_pk_encrypt";
+
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    mbedtls_entropy_init(&entropy);
+    mbedtls_pk_init(&pk);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if (argc != 3) {
+        mbedtls_printf("usage: mbedtls_pk_encrypt <key_file> <string of max 100 characters>\n");
+
+#if defined(_WIN32)
+        mbedtls_printf("\n");
+#endif
+
+        goto exit;
+    }
+
+    mbedtls_printf("\n  . Seeding the random number generator...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func,
+                                     &entropy, (const unsigned char *) pers,
+                                     strlen(pers))) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned -0x%04x\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    mbedtls_printf("\n  . Reading public key from '%s'", argv[1]);
+    fflush(stdout);
+
+    if ((ret = mbedtls_pk_parse_public_keyfile(&pk, argv[1])) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    if (strlen(argv[2]) > 100) {
+        mbedtls_printf(" Input data larger than 100 characters.\n\n");
+        goto exit;
+    }
+
+    memcpy(input, argv[2], strlen(argv[2]));
+
+    /*
+     * Calculate the RSA encryption of the hash.
+     */
+    mbedtls_printf("\n  . Generating the encrypted value");
+    fflush(stdout);
+
+    if ((ret = mbedtls_pk_encrypt(&pk, input, strlen(argv[2]),
+                                  buf, &olen, sizeof(buf),
+                                  mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_pk_encrypt returned -0x%04x\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    /*
+     * Write the signature into result-enc.txt
+     */
+    if ((f = fopen("result-enc.txt", "wb+")) == NULL) {
+        mbedtls_printf(" failed\n  ! Could not create %s\n\n",
+                       "result-enc.txt");
+        ret = 1;
+        goto exit;
+    }
+
+    for (i = 0; i < olen; i++) {
+        mbedtls_fprintf(f, "%02X%s", buf[i],
+                        (i + 1) % 16 == 0 ? "\r\n" : " ");
+    }
+
+    fclose(f);
+
+    mbedtls_printf("\n  . Done (created \"%s\")\n\n", "result-enc.txt");
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+
+    mbedtls_pk_free(&pk);
+    mbedtls_entropy_free(&entropy);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_ERROR_C)
+    if (exit_code != MBEDTLS_EXIT_SUCCESS) {
+        mbedtls_strerror(ret, (char *) buf, sizeof(buf));
+        mbedtls_printf("  !  Last error was: %s\n", buf);
+    }
+#endif
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_ENTROPY_C &&
+          MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/pkey/pk_sign.c b/3rdparty/mbedtls-2.28.7/programs/pkey/pk_sign.c
new file mode 100644
index 0000000..d26ddfa
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/pkey/pk_sign.c
@@ -0,0 +1,161 @@
+/*
+ *  Public key-based signature creation program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) ||  \
+    !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \
+    !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) ||    \
+    !defined(MBEDTLS_CTR_DRBG_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
+                   "MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or "
+                   "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or "
+                   "MBEDTLS_CTR_DRBG_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include "mbedtls/error.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/md.h"
+#include "mbedtls/pk.h"
+
+#include <stdio.h>
+#include <string.h>
+
+int main(int argc, char *argv[])
+{
+    FILE *f;
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    mbedtls_pk_context pk;
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    unsigned char hash[32];
+    unsigned char buf[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
+    char filename[512];
+    const char *pers = "mbedtls_pk_sign";
+    size_t olen = 0;
+
+    mbedtls_entropy_init(&entropy);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    mbedtls_pk_init(&pk);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if (argc != 3) {
+        mbedtls_printf("usage: mbedtls_pk_sign <key_file> <filename>\n");
+
+#if defined(_WIN32)
+        mbedtls_printf("\n");
+#endif
+
+        goto exit;
+    }
+
+    mbedtls_printf("\n  . Seeding the random number generator...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                     (const unsigned char *) pers,
+                                     strlen(pers))) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned -0x%04x\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    mbedtls_printf("\n  . Reading private key from '%s'", argv[1]);
+    fflush(stdout);
+
+    if ((ret = mbedtls_pk_parse_keyfile(&pk, argv[1], "")) != 0) {
+        mbedtls_printf(" failed\n  ! Could not parse '%s'\n", argv[1]);
+        goto exit;
+    }
+
+    /*
+     * Compute the SHA-256 hash of the input file,
+     * then calculate the signature of the hash.
+     */
+    mbedtls_printf("\n  . Generating the SHA-256 signature");
+    fflush(stdout);
+
+    if ((ret = mbedtls_md_file(
+             mbedtls_md_info_from_type(MBEDTLS_MD_SHA256),
+             argv[2], hash)) != 0) {
+        mbedtls_printf(" failed\n  ! Could not open or read %s\n\n", argv[2]);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_pk_sign(&pk, MBEDTLS_MD_SHA256, hash, 0, buf, &olen,
+                               mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_pk_sign returned -0x%04x\n", (unsigned int) -ret);
+        goto exit;
+    }
+
+    /*
+     * Write the signature into <filename>.sig
+     */
+    mbedtls_snprintf(filename, sizeof(filename), "%s.sig", argv[2]);
+
+    if ((f = fopen(filename, "wb+")) == NULL) {
+        mbedtls_printf(" failed\n  ! Could not create %s\n\n", filename);
+        goto exit;
+    }
+
+    if (fwrite(buf, 1, olen, f) != olen) {
+        mbedtls_printf("failed\n  ! fwrite failed\n\n");
+        fclose(f);
+        goto exit;
+    }
+
+    fclose(f);
+
+    mbedtls_printf("\n  . Done (created \"%s\")\n\n", filename);
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+    mbedtls_pk_free(&pk);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_ERROR_C)
+    if (exit_code != MBEDTLS_EXIT_SUCCESS) {
+        mbedtls_strerror(ret, (char *) buf, sizeof(buf));
+        mbedtls_printf("  !  Last error was: %s\n", buf);
+    }
+#endif
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C &&
+          MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
+          MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/pkey/pk_verify.c b/3rdparty/mbedtls-2.28.7/programs/pkey/pk_verify.c
new file mode 100644
index 0000000..8b60440
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/pkey/pk_verify.c
@@ -0,0 +1,136 @@
+/*
+ *  Public key-based signature verification program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_MD_C) || \
+    !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_PK_PARSE_C) ||   \
+    !defined(MBEDTLS_FS_IO)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_MD_C and/or "
+                   "MBEDTLS_SHA256_C and/or MBEDTLS_PK_PARSE_C and/or "
+                   "MBEDTLS_FS_IO not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include "mbedtls/error.h"
+#include "mbedtls/md.h"
+#include "mbedtls/pk.h"
+
+#include <stdio.h>
+#include <string.h>
+
+
+int main(int argc, char *argv[])
+{
+    FILE *f;
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    size_t i;
+    mbedtls_pk_context pk;
+    unsigned char hash[32];
+    unsigned char buf[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
+    char filename[512];
+
+    mbedtls_pk_init(&pk);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if (argc != 3) {
+        mbedtls_printf("usage: mbedtls_pk_verify <key_file> <filename>\n");
+
+#if defined(_WIN32)
+        mbedtls_printf("\n");
+#endif
+
+        goto exit;
+    }
+
+    mbedtls_printf("\n  . Reading public key from '%s'", argv[1]);
+    fflush(stdout);
+
+    if ((ret = mbedtls_pk_parse_public_keyfile(&pk, argv[1])) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    /*
+     * Extract the signature from the file
+     */
+    mbedtls_snprintf(filename, sizeof(filename), "%s.sig", argv[2]);
+
+    if ((f = fopen(filename, "rb")) == NULL) {
+        mbedtls_printf("\n  ! Could not open %s\n\n", filename);
+        goto exit;
+    }
+
+    i = fread(buf, 1, sizeof(buf), f);
+
+    fclose(f);
+
+    /*
+     * Compute the SHA-256 hash of the input file and
+     * verify the signature
+     */
+    mbedtls_printf("\n  . Verifying the SHA-256 signature");
+    fflush(stdout);
+
+    if ((ret = mbedtls_md_file(
+             mbedtls_md_info_from_type(MBEDTLS_MD_SHA256),
+             argv[2], hash)) != 0) {
+        mbedtls_printf(" failed\n  ! Could not open or read %s\n\n", argv[2]);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256, hash, 0,
+                                 buf, i)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_pk_verify returned -0x%04x\n", (unsigned int) -ret);
+        goto exit;
+    }
+
+    mbedtls_printf("\n  . OK (the signature is valid)\n\n");
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+    mbedtls_pk_free(&pk);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_ERROR_C)
+    if (exit_code != MBEDTLS_EXIT_SUCCESS) {
+        mbedtls_strerror(ret, (char *) buf, sizeof(buf));
+        mbedtls_printf("  !  Last error was: %s\n", buf);
+    }
+#endif
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_SHA256_C &&
+          MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_decrypt.c b/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_decrypt.c
new file mode 100644
index 0000000..f3a40a8
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_decrypt.c
@@ -0,0 +1,181 @@
+/*
+ *  RSA simple decryption program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_RSA_C) && \
+    defined(MBEDTLS_FS_IO) && defined(MBEDTLS_ENTROPY_C) && \
+    defined(MBEDTLS_CTR_DRBG_C)
+#include "mbedtls/rsa.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+
+#include <string.h>
+
+#endif
+
+#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) ||  \
+    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \
+    !defined(MBEDTLS_CTR_DRBG_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
+                   "MBEDTLS_FS_IO and/or MBEDTLS_ENTROPY_C and/or "
+                   "MBEDTLS_CTR_DRBG_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+
+int main(int argc, char *argv[])
+{
+    FILE *f;
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    unsigned c;
+    size_t i;
+    mbedtls_rsa_context rsa;
+    mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    unsigned char result[1024];
+    unsigned char buf[512];
+    const char *pers = "rsa_decrypt";
+    ((void) argv);
+
+    memset(result, 0, sizeof(result));
+
+    if (argc != 1) {
+        mbedtls_printf("usage: rsa_decrypt\n");
+
+#if defined(_WIN32)
+        mbedtls_printf("\n");
+#endif
+
+        mbedtls_exit(exit_code);
+    }
+
+    mbedtls_printf("\n  . Seeding the random number generator...");
+    fflush(stdout);
+
+    mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    mbedtls_entropy_init(&entropy);
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
+    mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP);
+    mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP);
+
+    ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func,
+                                &entropy, (const unsigned char *) pers,
+                                strlen(pers));
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned %d\n",
+                       ret);
+        goto exit;
+    }
+
+    mbedtls_printf("\n  . Reading private key from rsa_priv.txt");
+    fflush(stdout);
+
+    if ((f = fopen("rsa_priv.txt", "rb")) == NULL) {
+        mbedtls_printf(" failed\n  ! Could not open rsa_priv.txt\n" \
+                       "  ! Please run rsa_genkey first\n\n");
+        goto exit;
+    }
+
+    if ((ret = mbedtls_mpi_read_file(&N, 16, f))  != 0 ||
+        (ret = mbedtls_mpi_read_file(&E, 16, f))  != 0 ||
+        (ret = mbedtls_mpi_read_file(&D, 16, f))  != 0 ||
+        (ret = mbedtls_mpi_read_file(&P, 16, f))  != 0 ||
+        (ret = mbedtls_mpi_read_file(&Q, 16, f))  != 0 ||
+        (ret = mbedtls_mpi_read_file(&DP, 16, f)) != 0 ||
+        (ret = mbedtls_mpi_read_file(&DQ, 16, f)) != 0 ||
+        (ret = mbedtls_mpi_read_file(&QP, 16, f)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_mpi_read_file returned %d\n\n",
+                       ret);
+        fclose(f);
+        goto exit;
+    }
+    fclose(f);
+
+    if ((ret = mbedtls_rsa_import(&rsa, &N, &P, &Q, &D, &E)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_rsa_import returned %d\n\n",
+                       ret);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_rsa_complete(&rsa)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_rsa_complete returned %d\n\n",
+                       ret);
+        goto exit;
+    }
+
+    /*
+     * Extract the RSA encrypted value from the text file
+     */
+    if ((f = fopen("result-enc.txt", "rb")) == NULL) {
+        mbedtls_printf("\n  ! Could not open %s\n\n", "result-enc.txt");
+        goto exit;
+    }
+
+    i = 0;
+
+    while (fscanf(f, "%02X", (unsigned int *) &c) > 0 &&
+           i < (int) sizeof(buf)) {
+        buf[i++] = (unsigned char) c;
+    }
+
+    fclose(f);
+
+    if (i != rsa.len) {
+        mbedtls_printf("\n  ! Invalid RSA signature format\n\n");
+        goto exit;
+    }
+
+    /*
+     * Decrypt the encrypted RSA data and print the result.
+     */
+    mbedtls_printf("\n  . Decrypting the encrypted data");
+    fflush(stdout);
+
+    ret = mbedtls_rsa_pkcs1_decrypt(&rsa, mbedtls_ctr_drbg_random,
+                                    &ctr_drbg, MBEDTLS_RSA_PRIVATE, &i,
+                                    buf, result, 1024);
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_rsa_pkcs1_decrypt returned %d\n\n",
+                       ret);
+        goto exit;
+    }
+
+    mbedtls_printf("\n  . OK\n\n");
+
+    mbedtls_printf("The decrypted result is: '%s'\n\n", result);
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+    mbedtls_rsa_free(&rsa);
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
+    mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP);
+    mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP);
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_encrypt.c b/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_encrypt.c
new file mode 100644
index 0000000..94068a1
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_encrypt.c
@@ -0,0 +1,159 @@
+/*
+ *  RSA simple data encryption program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_RSA_C) && \
+    defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_FS_IO) && \
+    defined(MBEDTLS_CTR_DRBG_C)
+#include "mbedtls/rsa.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+
+#include <string.h>
+#endif
+
+#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) ||  \
+    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_FS_IO) || \
+    !defined(MBEDTLS_CTR_DRBG_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
+                   "MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO and/or "
+                   "MBEDTLS_CTR_DRBG_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+
+int main(int argc, char *argv[])
+{
+    FILE *f;
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    size_t i;
+    mbedtls_rsa_context rsa;
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    unsigned char input[1024];
+    unsigned char buf[512];
+    const char *pers = "rsa_encrypt";
+    mbedtls_mpi N, E;
+
+    if (argc != 2) {
+        mbedtls_printf("usage: rsa_encrypt <string of max 100 characters>\n");
+
+#if defined(_WIN32)
+        mbedtls_printf("\n");
+#endif
+
+        mbedtls_exit(exit_code);
+    }
+
+    mbedtls_printf("\n  . Seeding the random number generator...");
+    fflush(stdout);
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
+    mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    mbedtls_entropy_init(&entropy);
+
+    ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func,
+                                &entropy, (const unsigned char *) pers,
+                                strlen(pers));
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned %d\n",
+                       ret);
+        goto exit;
+    }
+
+    mbedtls_printf("\n  . Reading public key from rsa_pub.txt");
+    fflush(stdout);
+
+    if ((f = fopen("rsa_pub.txt", "rb")) == NULL) {
+        mbedtls_printf(" failed\n  ! Could not open rsa_pub.txt\n" \
+                       "  ! Please run rsa_genkey first\n\n");
+        goto exit;
+    }
+
+    if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 ||
+        (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_mpi_read_file returned %d\n\n",
+                       ret);
+        fclose(f);
+        goto exit;
+    }
+    fclose(f);
+
+    if ((ret = mbedtls_rsa_import(&rsa, &N, NULL, NULL, NULL, &E)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_rsa_import returned %d\n\n",
+                       ret);
+        goto exit;
+    }
+
+    if (strlen(argv[1]) > 100) {
+        mbedtls_printf(" Input data larger than 100 characters.\n\n");
+        goto exit;
+    }
+
+    memcpy(input, argv[1], strlen(argv[1]));
+
+    /*
+     * Calculate the RSA encryption of the hash.
+     */
+    mbedtls_printf("\n  . Generating the RSA encrypted value");
+    fflush(stdout);
+
+    ret = mbedtls_rsa_pkcs1_encrypt(&rsa, mbedtls_ctr_drbg_random,
+                                    &ctr_drbg, MBEDTLS_RSA_PUBLIC,
+                                    strlen(argv[1]), input, buf);
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_rsa_pkcs1_encrypt returned %d\n\n",
+                       ret);
+        goto exit;
+    }
+
+    /*
+     * Write the signature into result-enc.txt
+     */
+    if ((f = fopen("result-enc.txt", "wb+")) == NULL) {
+        mbedtls_printf(" failed\n  ! Could not create %s\n\n", "result-enc.txt");
+        goto exit;
+    }
+
+    for (i = 0; i < rsa.len; i++) {
+        mbedtls_fprintf(f, "%02X%s", buf[i],
+                        (i + 1) % 16 == 0 ? "\r\n" : " ");
+    }
+
+    fclose(f);
+
+    mbedtls_printf("\n  . Done (created \"%s\")\n\n", "result-enc.txt");
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&E);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+    mbedtls_rsa_free(&rsa);
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_ENTROPY_C &&
+          MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_genkey.c b/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_genkey.c
new file mode 100644
index 0000000..0f7f68c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_genkey.c
@@ -0,0 +1,150 @@
+/*
+ *  Example RSA key generation program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_ENTROPY_C) && \
+    defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) && \
+    defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C)
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/bignum.h"
+#include "mbedtls/rsa.h"
+
+#include <stdio.h>
+#include <string.h>
+#endif
+
+#define KEY_SIZE 2048
+#define EXPONENT 65537
+
+#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) ||   \
+    !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_GENPRIME) ||      \
+    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
+                   "MBEDTLS_RSA_C and/or MBEDTLS_GENPRIME and/or "
+                   "MBEDTLS_FS_IO and/or MBEDTLS_CTR_DRBG_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+
+int main(void)
+{
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    mbedtls_rsa_context rsa;
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
+    FILE *fpub  = NULL;
+    FILE *fpriv = NULL;
+    const char *pers = "rsa_genkey";
+
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0);
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
+    mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP);
+    mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP);
+
+    mbedtls_printf("\n  . Seeding the random number generator...");
+    fflush(stdout);
+
+    mbedtls_entropy_init(&entropy);
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                     (const unsigned char *) pers,
+                                     strlen(pers))) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n  . Generating the RSA key [ %d-bit ]...", KEY_SIZE);
+    fflush(stdout);
+
+    if ((ret = mbedtls_rsa_gen_key(&rsa, mbedtls_ctr_drbg_random, &ctr_drbg, KEY_SIZE,
+                                   EXPONENT)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_rsa_gen_key returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n  . Exporting the public  key in rsa_pub.txt....");
+    fflush(stdout);
+
+    if ((ret = mbedtls_rsa_export(&rsa, &N, &P, &Q, &D, &E)) != 0 ||
+        (ret = mbedtls_rsa_export_crt(&rsa, &DP, &DQ, &QP))      != 0) {
+        mbedtls_printf(" failed\n  ! could not export RSA parameters\n\n");
+        goto exit;
+    }
+
+    if ((fpub = fopen("rsa_pub.txt", "wb+")) == NULL) {
+        mbedtls_printf(" failed\n  ! could not open rsa_pub.txt for writing\n\n");
+        goto exit;
+    }
+
+    if ((ret = mbedtls_mpi_write_file("N = ", &N, 16, fpub)) != 0 ||
+        (ret = mbedtls_mpi_write_file("E = ", &E, 16, fpub)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_mpi_write_file returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n  . Exporting the private key in rsa_priv.txt...");
+    fflush(stdout);
+
+    if ((fpriv = fopen("rsa_priv.txt", "wb+")) == NULL) {
+        mbedtls_printf(" failed\n  ! could not open rsa_priv.txt for writing\n");
+        goto exit;
+    }
+
+    if ((ret = mbedtls_mpi_write_file("N = ", &N, 16, fpriv)) != 0 ||
+        (ret = mbedtls_mpi_write_file("E = ", &E, 16, fpriv)) != 0 ||
+        (ret = mbedtls_mpi_write_file("D = ", &D, 16, fpriv)) != 0 ||
+        (ret = mbedtls_mpi_write_file("P = ", &P, 16, fpriv)) != 0 ||
+        (ret = mbedtls_mpi_write_file("Q = ", &Q, 16, fpriv)) != 0 ||
+        (ret = mbedtls_mpi_write_file("DP = ", &DP, 16, fpriv)) != 0 ||
+        (ret = mbedtls_mpi_write_file("DQ = ", &DQ, 16, fpriv)) != 0 ||
+        (ret = mbedtls_mpi_write_file("QP = ", &QP, 16, fpriv)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_mpi_write_file returned %d\n\n", ret);
+        goto exit;
+    }
+    mbedtls_printf(" ok\n\n");
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+
+    if (fpub  != NULL) {
+        fclose(fpub);
+    }
+
+    if (fpriv != NULL) {
+        fclose(fpriv);
+    }
+
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
+    mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP);
+    mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP);
+    mbedtls_rsa_free(&rsa);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+
+#if defined(_WIN32)
+    mbedtls_printf("  Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C &&
+          MBEDTLS_GENPRIME && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_priv.txt b/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_priv.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/pkey/rsa_priv.txt
rename to 3rdparty/mbedtls-2.28.7/programs/pkey/rsa_priv.txt
diff --git a/3rdparty/mbedtls-2.25.0/programs/pkey/rsa_pub.txt b/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_pub.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/pkey/rsa_pub.txt
rename to 3rdparty/mbedtls-2.28.7/programs/pkey/rsa_pub.txt
diff --git a/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_sign.c b/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_sign.c
new file mode 100644
index 0000000..1ede030
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_sign.c
@@ -0,0 +1,163 @@
+/*
+ *  RSA/SHA-256 signature creation program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) ||  \
+    !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \
+    !defined(MBEDTLS_FS_IO)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
+                   "MBEDTLS_MD_C and/or "
+                   "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include "mbedtls/rsa.h"
+#include "mbedtls/md.h"
+
+#include <stdio.h>
+#include <string.h>
+
+
+int main(int argc, char *argv[])
+{
+    FILE *f;
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    size_t i;
+    mbedtls_rsa_context rsa;
+    unsigned char hash[32];
+    unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
+    char filename[512];
+    mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
+
+    mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0);
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
+    mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP);
+    mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP);
+
+    if (argc != 2) {
+        mbedtls_printf("usage: rsa_sign <filename>\n");
+
+#if defined(_WIN32)
+        mbedtls_printf("\n");
+#endif
+
+        goto exit;
+    }
+
+    mbedtls_printf("\n  . Reading private key from rsa_priv.txt");
+    fflush(stdout);
+
+    if ((f = fopen("rsa_priv.txt", "rb")) == NULL) {
+        mbedtls_printf(" failed\n  ! Could not open rsa_priv.txt\n" \
+                       "  ! Please run rsa_genkey first\n\n");
+        goto exit;
+    }
+
+    if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 ||
+        (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0 ||
+        (ret = mbedtls_mpi_read_file(&D, 16, f)) != 0 ||
+        (ret = mbedtls_mpi_read_file(&P, 16, f)) != 0 ||
+        (ret = mbedtls_mpi_read_file(&Q, 16, f)) != 0 ||
+        (ret = mbedtls_mpi_read_file(&DP, 16, f)) != 0 ||
+        (ret = mbedtls_mpi_read_file(&DQ, 16, f)) != 0 ||
+        (ret = mbedtls_mpi_read_file(&QP, 16, f)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_mpi_read_file returned %d\n\n", ret);
+        fclose(f);
+        goto exit;
+    }
+    fclose(f);
+
+    if ((ret = mbedtls_rsa_import(&rsa, &N, &P, &Q, &D, &E)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_rsa_import returned %d\n\n",
+                       ret);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_rsa_complete(&rsa)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_rsa_complete returned %d\n\n",
+                       ret);
+        goto exit;
+    }
+
+    mbedtls_printf("\n  . Checking the private key");
+    fflush(stdout);
+    if ((ret = mbedtls_rsa_check_privkey(&rsa)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_rsa_check_privkey failed with -0x%0x\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    /*
+     * Compute the SHA-256 hash of the input file,
+     * then calculate the RSA signature of the hash.
+     */
+    mbedtls_printf("\n  . Generating the RSA/SHA-256 signature");
+    fflush(stdout);
+
+    if ((ret = mbedtls_md_file(
+             mbedtls_md_info_from_type(MBEDTLS_MD_SHA256),
+             argv[1], hash)) != 0) {
+        mbedtls_printf(" failed\n  ! Could not open or read %s\n\n", argv[1]);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_rsa_pkcs1_sign(&rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256,
+                                      20, hash, buf)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_rsa_pkcs1_sign returned -0x%0x\n\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    /*
+     * Write the signature into <filename>.sig
+     */
+    mbedtls_snprintf(filename, sizeof(filename), "%s.sig", argv[1]);
+
+    if ((f = fopen(filename, "wb+")) == NULL) {
+        mbedtls_printf(" failed\n  ! Could not create %s\n\n", argv[1]);
+        goto exit;
+    }
+
+    for (i = 0; i < rsa.len; i++) {
+        mbedtls_fprintf(f, "%02X%s", buf[i],
+                        (i + 1) % 16 == 0 ? "\r\n" : " ");
+    }
+
+    fclose(f);
+
+    mbedtls_printf("\n  . Done (created \"%s\")\n\n", filename);
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+
+    mbedtls_rsa_free(&rsa);
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
+    mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP);
+    mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP);
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
+          MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_sign_pss.c b/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_sign_pss.c
new file mode 100644
index 0000000..236eef6
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_sign_pss.c
@@ -0,0 +1,162 @@
+/*
+ *  RSASSA-PSS/SHA-256 signature creation program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_ENTROPY_C) ||  \
+    !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) ||        \
+    !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) ||    \
+    !defined(MBEDTLS_CTR_DRBG_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_ENTROPY_C and/or "
+                   "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or "
+                   "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or "
+                   "MBEDTLS_CTR_DRBG_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/md.h"
+#include "mbedtls/rsa.h"
+#include "mbedtls/pk.h"
+
+#include <stdio.h>
+#include <string.h>
+
+
+int main(int argc, char *argv[])
+{
+    FILE *f;
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    mbedtls_pk_context pk;
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    unsigned char hash[32];
+    unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
+    char filename[512];
+    const char *pers = "rsa_sign_pss";
+    size_t olen = 0;
+
+    mbedtls_entropy_init(&entropy);
+    mbedtls_pk_init(&pk);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if (argc != 3) {
+        mbedtls_printf("usage: rsa_sign_pss <key_file> <filename>\n");
+
+#if defined(_WIN32)
+        mbedtls_printf("\n");
+#endif
+
+        goto exit;
+    }
+
+    mbedtls_printf("\n  . Seeding the random number generator...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                     (const unsigned char *) pers,
+                                     strlen(pers))) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf("\n  . Reading private key from '%s'", argv[1]);
+    fflush(stdout);
+
+    if ((ret = mbedtls_pk_parse_keyfile(&pk, argv[1], "")) != 0) {
+        mbedtls_printf(" failed\n  ! Could not read key from '%s'\n", argv[1]);
+        mbedtls_printf("  ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret);
+        goto exit;
+    }
+
+    if (!mbedtls_pk_can_do(&pk, MBEDTLS_PK_RSA)) {
+        mbedtls_printf(" failed\n  ! Key is not an RSA key\n");
+        goto exit;
+    }
+
+    mbedtls_rsa_set_padding(mbedtls_pk_rsa(pk), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256);
+
+    /*
+     * Compute the SHA-256 hash of the input file,
+     * then calculate the RSA signature of the hash.
+     */
+    mbedtls_printf("\n  . Generating the RSA/SHA-256 signature");
+    fflush(stdout);
+
+    if ((ret = mbedtls_md_file(
+             mbedtls_md_info_from_type(MBEDTLS_MD_SHA256),
+             argv[2], hash)) != 0) {
+        mbedtls_printf(" failed\n  ! Could not open or read %s\n\n", argv[2]);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_pk_sign(&pk, MBEDTLS_MD_SHA256, hash, 0, buf, &olen,
+                               mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_pk_sign returned %d\n\n", ret);
+        goto exit;
+    }
+
+    /*
+     * Write the signature into <filename>.sig
+     */
+    mbedtls_snprintf(filename, 512, "%s.sig", argv[2]);
+
+    if ((f = fopen(filename, "wb+")) == NULL) {
+        mbedtls_printf(" failed\n  ! Could not create %s\n\n", filename);
+        goto exit;
+    }
+
+    if (fwrite(buf, 1, olen, f) != olen) {
+        mbedtls_printf("failed\n  ! fwrite failed\n\n");
+        fclose(f);
+        goto exit;
+    }
+
+    fclose(f);
+
+    mbedtls_printf("\n  . Done (created \"%s\")\n\n", filename);
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+    mbedtls_pk_free(&pk);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C &&
+          MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
+          MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_verify.c b/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_verify.c
new file mode 100644
index 0000000..d6a68bf
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_verify.c
@@ -0,0 +1,139 @@
+/*
+ *  RSA/SHA-256 signature verification program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) ||  \
+    !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \
+    !defined(MBEDTLS_FS_IO)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
+                   "MBEDTLS_MD_C and/or "
+                   "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include "mbedtls/rsa.h"
+#include "mbedtls/md.h"
+
+#include <stdio.h>
+#include <string.h>
+
+
+int main(int argc, char *argv[])
+{
+    FILE *f;
+    int ret = 1;
+    unsigned c;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    size_t i;
+    mbedtls_rsa_context rsa;
+    unsigned char hash[32];
+    unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
+    char filename[512];
+
+    mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0);
+
+    if (argc != 2) {
+        mbedtls_printf("usage: rsa_verify <filename>\n");
+
+#if defined(_WIN32)
+        mbedtls_printf("\n");
+#endif
+
+        goto exit;
+    }
+
+    mbedtls_printf("\n  . Reading public key from rsa_pub.txt");
+    fflush(stdout);
+
+    if ((f = fopen("rsa_pub.txt", "rb")) == NULL) {
+        mbedtls_printf(" failed\n  ! Could not open rsa_pub.txt\n" \
+                       "  ! Please run rsa_genkey first\n\n");
+        goto exit;
+    }
+
+    if ((ret = mbedtls_mpi_read_file(&rsa.N, 16, f)) != 0 ||
+        (ret = mbedtls_mpi_read_file(&rsa.E, 16, f)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_mpi_read_file returned %d\n\n", ret);
+        fclose(f);
+        goto exit;
+    }
+
+    rsa.len = (mbedtls_mpi_bitlen(&rsa.N) + 7) >> 3;
+
+    fclose(f);
+
+    /*
+     * Extract the RSA signature from the text file
+     */
+    mbedtls_snprintf(filename, sizeof(filename), "%s.sig", argv[1]);
+
+    if ((f = fopen(filename, "rb")) == NULL) {
+        mbedtls_printf("\n  ! Could not open %s\n\n", filename);
+        goto exit;
+    }
+
+    i = 0;
+    while (fscanf(f, "%02X", (unsigned int *) &c) > 0 &&
+           i < (int) sizeof(buf)) {
+        buf[i++] = (unsigned char) c;
+    }
+
+    fclose(f);
+
+    if (i != rsa.len) {
+        mbedtls_printf("\n  ! Invalid RSA signature format\n\n");
+        goto exit;
+    }
+
+    /*
+     * Compute the SHA-256 hash of the input file and
+     * verify the signature
+     */
+    mbedtls_printf("\n  . Verifying the RSA/SHA-256 signature");
+    fflush(stdout);
+
+    if ((ret = mbedtls_md_file(
+             mbedtls_md_info_from_type(MBEDTLS_MD_SHA256),
+             argv[1], hash)) != 0) {
+        mbedtls_printf(" failed\n  ! Could not open or read %s\n\n", argv[1]);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_rsa_pkcs1_verify(&rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC,
+                                        MBEDTLS_MD_SHA256, 20, hash, buf)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_rsa_pkcs1_verify returned -0x%0x\n\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    mbedtls_printf("\n  . OK (the signature is valid)\n\n");
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+
+    mbedtls_rsa_free(&rsa);
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
+          MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_verify_pss.c b/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_verify_pss.c
new file mode 100644
index 0000000..032eb67
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/pkey/rsa_verify_pss.c
@@ -0,0 +1,139 @@
+/*
+ *  RSASSA-PSS/SHA-256 signature verification program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_ENTROPY_C) ||  \
+    !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) ||        \
+    !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) ||    \
+    !defined(MBEDTLS_CTR_DRBG_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_ENTROPY_C and/or "
+                   "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or "
+                   "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or "
+                   "MBEDTLS_CTR_DRBG_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include "mbedtls/md.h"
+#include "mbedtls/pem.h"
+#include "mbedtls/pk.h"
+#include "mbedtls/md.h"
+
+#include <stdio.h>
+#include <string.h>
+
+
+int main(int argc, char *argv[])
+{
+    FILE *f;
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    size_t i;
+    mbedtls_pk_context pk;
+    unsigned char hash[32];
+    unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
+    char filename[512];
+
+    mbedtls_pk_init(&pk);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if (argc != 3) {
+        mbedtls_printf("usage: rsa_verify_pss <key_file> <filename>\n");
+
+#if defined(_WIN32)
+        mbedtls_printf("\n");
+#endif
+
+        goto exit;
+    }
+
+    mbedtls_printf("\n  . Reading public key from '%s'", argv[1]);
+    fflush(stdout);
+
+    if ((ret = mbedtls_pk_parse_public_keyfile(&pk, argv[1])) != 0) {
+        mbedtls_printf(" failed\n  ! Could not read key from '%s'\n", argv[1]);
+        mbedtls_printf("  ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret);
+        goto exit;
+    }
+
+    if (!mbedtls_pk_can_do(&pk, MBEDTLS_PK_RSA)) {
+        mbedtls_printf(" failed\n  ! Key is not an RSA key\n");
+        goto exit;
+    }
+
+    mbedtls_rsa_set_padding(mbedtls_pk_rsa(pk), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256);
+
+    /*
+     * Extract the RSA signature from the file
+     */
+    mbedtls_snprintf(filename, 512, "%s.sig", argv[2]);
+
+    if ((f = fopen(filename, "rb")) == NULL) {
+        mbedtls_printf("\n  ! Could not open %s\n\n", filename);
+        goto exit;
+    }
+
+    i = fread(buf, 1, MBEDTLS_MPI_MAX_SIZE, f);
+
+    fclose(f);
+
+    /*
+     * Compute the SHA-256 hash of the input file and
+     * verify the signature
+     */
+    mbedtls_printf("\n  . Verifying the RSA/SHA-256 signature");
+    fflush(stdout);
+
+    if ((ret = mbedtls_md_file(
+             mbedtls_md_info_from_type(MBEDTLS_MD_SHA256),
+             argv[2], hash)) != 0) {
+        mbedtls_printf(" failed\n  ! Could not open or read %s\n\n", argv[2]);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256, hash, 0,
+                                 buf, i)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_pk_verify returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf("\n  . OK (the signature is valid)\n\n");
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+    mbedtls_pk_free(&pk);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
+          MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.25.0/programs/psa/CMakeLists.txt b/3rdparty/mbedtls-2.28.7/programs/psa/CMakeLists.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/psa/CMakeLists.txt
rename to 3rdparty/mbedtls-2.28.7/programs/psa/CMakeLists.txt
diff --git a/3rdparty/mbedtls-2.28.7/programs/psa/crypto_examples.c b/3rdparty/mbedtls-2.28.7/programs/psa/crypto_examples.c
new file mode 100644
index 0000000..b755f09
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/psa/crypto_examples.c
@@ -0,0 +1,321 @@
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "psa/crypto.h"
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#define ASSERT(predicate)                                                   \
+    do                                                                        \
+    {                                                                         \
+        if (!(predicate))                                                 \
+        {                                                                     \
+            printf("\tassertion failed at %s:%d - '%s'\r\n",         \
+                   __FILE__, __LINE__, #predicate);                  \
+            goto exit;                                                        \
+        }                                                                     \
+    } while (0)
+
+#define ASSERT_STATUS(actual, expected)                                     \
+    do                                                                        \
+    {                                                                         \
+        if ((actual) != (expected))                                      \
+        {                                                                     \
+            printf("\tassertion failed at %s:%d - "                  \
+                   "actual:%d expected:%d\r\n", __FILE__, __LINE__,  \
+                   (psa_status_t) actual, (psa_status_t) expected); \
+            goto exit;                                                        \
+        }                                                                     \
+    } while (0)
+
+#if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_AES_C) || \
+    !defined(MBEDTLS_CIPHER_MODE_CBC) || !defined(MBEDTLS_CIPHER_MODE_CTR) || \
+    !defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) || \
+    defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+int main(void)
+{
+    printf("MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_AES_C and/or "
+           "MBEDTLS_CIPHER_MODE_CBC and/or MBEDTLS_CIPHER_MODE_CTR "
+           "and/or MBEDTLS_CIPHER_MODE_WITH_PADDING "
+           "not defined and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER"
+           " defined.\r\n");
+    return 0;
+}
+#else
+
+static psa_status_t cipher_operation(psa_cipher_operation_t *operation,
+                                     const uint8_t *input,
+                                     size_t input_size,
+                                     size_t part_size,
+                                     uint8_t *output,
+                                     size_t output_size,
+                                     size_t *output_len)
+{
+    psa_status_t status;
+    size_t bytes_to_write = 0, bytes_written = 0, len = 0;
+
+    *output_len = 0;
+    while (bytes_written != input_size) {
+        bytes_to_write = (input_size - bytes_written > part_size ?
+                          part_size :
+                          input_size - bytes_written);
+
+        status = psa_cipher_update(operation, input + bytes_written,
+                                   bytes_to_write, output + *output_len,
+                                   output_size - *output_len, &len);
+        ASSERT_STATUS(status, PSA_SUCCESS);
+
+        bytes_written += bytes_to_write;
+        *output_len += len;
+    }
+
+    status = psa_cipher_finish(operation, output + *output_len,
+                               output_size - *output_len, &len);
+    ASSERT_STATUS(status, PSA_SUCCESS);
+    *output_len += len;
+
+exit:
+    return status;
+}
+
+static psa_status_t cipher_encrypt(psa_key_id_t key,
+                                   psa_algorithm_t alg,
+                                   uint8_t *iv,
+                                   size_t iv_size,
+                                   const uint8_t *input,
+                                   size_t input_size,
+                                   size_t part_size,
+                                   uint8_t *output,
+                                   size_t output_size,
+                                   size_t *output_len)
+{
+    psa_status_t status;
+    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+    size_t iv_len = 0;
+
+    memset(&operation, 0, sizeof(operation));
+    status = psa_cipher_encrypt_setup(&operation, key, alg);
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+    status = psa_cipher_generate_iv(&operation, iv, iv_size, &iv_len);
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+    status = cipher_operation(&operation, input, input_size, part_size,
+                              output, output_size, output_len);
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+exit:
+    psa_cipher_abort(&operation);
+    return status;
+}
+
+static psa_status_t cipher_decrypt(psa_key_id_t key,
+                                   psa_algorithm_t alg,
+                                   const uint8_t *iv,
+                                   size_t iv_size,
+                                   const uint8_t *input,
+                                   size_t input_size,
+                                   size_t part_size,
+                                   uint8_t *output,
+                                   size_t output_size,
+                                   size_t *output_len)
+{
+    psa_status_t status;
+    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+
+    memset(&operation, 0, sizeof(operation));
+    status = psa_cipher_decrypt_setup(&operation, key, alg);
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+    status = psa_cipher_set_iv(&operation, iv, iv_size);
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+    status = cipher_operation(&operation, input, input_size, part_size,
+                              output, output_size, output_len);
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+exit:
+    psa_cipher_abort(&operation);
+    return status;
+}
+
+static psa_status_t
+cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block(void)
+{
+    enum {
+        block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES),
+        key_bits = 256,
+        part_size = block_size,
+    };
+    const psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING;
+
+    psa_status_t status;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_id_t key = 0;
+    size_t output_len = 0;
+    uint8_t iv[block_size];
+    uint8_t input[block_size];
+    uint8_t encrypt[block_size];
+    uint8_t decrypt[block_size];
+
+    status = psa_generate_random(input, sizeof(input));
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+    psa_set_key_usage_flags(&attributes,
+                            PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
+    psa_set_key_bits(&attributes, key_bits);
+
+    status = psa_generate_key(&attributes, &key);
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+    status = cipher_encrypt(key, alg, iv, sizeof(iv),
+                            input, sizeof(input), part_size,
+                            encrypt, sizeof(encrypt), &output_len);
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+    status = cipher_decrypt(key, alg, iv, sizeof(iv),
+                            encrypt, output_len, part_size,
+                            decrypt, sizeof(decrypt), &output_len);
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+    status = memcmp(input, decrypt, sizeof(input));
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+exit:
+    psa_destroy_key(key);
+    return status;
+}
+
+static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi(void)
+{
+    enum {
+        block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES),
+        key_bits = 256,
+        input_size = 100,
+        part_size = 10,
+    };
+
+    const psa_algorithm_t alg = PSA_ALG_CBC_PKCS7;
+
+    psa_status_t status;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_id_t key = 0;
+    size_t output_len = 0;
+    uint8_t iv[block_size], input[input_size],
+            encrypt[input_size + block_size], decrypt[input_size + block_size];
+
+    status = psa_generate_random(input, sizeof(input));
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+    psa_set_key_usage_flags(&attributes,
+                            PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
+    psa_set_key_bits(&attributes, key_bits);
+
+    status = psa_generate_key(&attributes, &key);
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+    status = cipher_encrypt(key, alg, iv, sizeof(iv),
+                            input, sizeof(input), part_size,
+                            encrypt, sizeof(encrypt), &output_len);
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+    status = cipher_decrypt(key, alg, iv, sizeof(iv),
+                            encrypt, output_len, part_size,
+                            decrypt, sizeof(decrypt), &output_len);
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+    status = memcmp(input, decrypt, sizeof(input));
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+exit:
+    psa_destroy_key(key);
+    return status;
+}
+
+static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi(void)
+{
+    enum {
+        block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES),
+        key_bits = 256,
+        input_size = 100,
+        part_size = 10,
+    };
+    const psa_algorithm_t alg = PSA_ALG_CTR;
+
+    psa_status_t status;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_id_t key = 0;
+    size_t output_len = 0;
+    uint8_t iv[block_size], input[input_size], encrypt[input_size],
+            decrypt[input_size];
+
+    status = psa_generate_random(input, sizeof(input));
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+    psa_set_key_usage_flags(&attributes,
+                            PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
+    psa_set_key_bits(&attributes, key_bits);
+
+    status = psa_generate_key(&attributes, &key);
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+    status = cipher_encrypt(key, alg, iv, sizeof(iv),
+                            input, sizeof(input), part_size,
+                            encrypt, sizeof(encrypt), &output_len);
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+    status = cipher_decrypt(key, alg, iv, sizeof(iv),
+                            encrypt, output_len, part_size,
+                            decrypt, sizeof(decrypt), &output_len);
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+    status = memcmp(input, decrypt, sizeof(input));
+    ASSERT_STATUS(status, PSA_SUCCESS);
+
+exit:
+    psa_destroy_key(key);
+    return status;
+}
+
+static void cipher_examples(void)
+{
+    psa_status_t status;
+
+    printf("cipher encrypt/decrypt AES CBC no padding:\r\n");
+    status = cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block();
+    if (status == PSA_SUCCESS) {
+        printf("\tsuccess!\r\n");
+    }
+
+    printf("cipher encrypt/decrypt AES CBC PKCS7 multipart:\r\n");
+    status = cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi();
+    if (status == PSA_SUCCESS) {
+        printf("\tsuccess!\r\n");
+    }
+
+    printf("cipher encrypt/decrypt AES CTR multipart:\r\n");
+    status = cipher_example_encrypt_decrypt_aes_ctr_multi();
+    if (status == PSA_SUCCESS) {
+        printf("\tsuccess!\r\n");
+    }
+}
+
+int main(void)
+{
+    ASSERT(psa_crypto_init() == PSA_SUCCESS);
+    cipher_examples();
+exit:
+    mbedtls_psa_crypto_free();
+    return 0;
+}
+#endif /* MBEDTLS_PSA_CRYPTO_C && MBEDTLS_AES_C && MBEDTLS_CIPHER_MODE_CBC &&
+          MBEDTLS_CIPHER_MODE_CTR && MBEDTLS_CIPHER_MODE_WITH_PADDING */
diff --git a/3rdparty/mbedtls-2.28.7/programs/psa/key_ladder_demo.c b/3rdparty/mbedtls-2.28.7/programs/psa/key_ladder_demo.c
new file mode 100644
index 0000000..4fb671f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/psa/key_ladder_demo.c
@@ -0,0 +1,682 @@
+/**
+ * PSA API key derivation demonstration
+ *
+ * This program calculates a key ladder: a chain of secret material, each
+ * derived from the previous one in a deterministic way based on a label.
+ * Two keys are identical if and only if they are derived from the same key
+ * using the same label.
+ *
+ * The initial key is called the master key. The master key is normally
+ * randomly generated, but it could itself be derived from another key.
+ *
+ * This program derives a series of keys called intermediate keys.
+ * The first intermediate key is derived from the master key using the
+ * first label passed on the command line. Each subsequent intermediate
+ * key is derived from the previous one using the next label passed
+ * on the command line.
+ *
+ * This program has four modes of operation:
+ *
+ * - "generate": generate a random master key.
+ * - "wrap": derive a wrapping key from the last intermediate key,
+ *           and use that key to encrypt-and-authenticate some data.
+ * - "unwrap": derive a wrapping key from the last intermediate key,
+ *             and use that key to decrypt-and-authenticate some
+ *             ciphertext created by wrap mode.
+ * - "save": save the last intermediate key so that it can be reused as
+ *           the master key in another run of the program.
+ *
+ * See the usage() output for the command line usage. See the file
+ * `key_ladder_demo.sh` for an example run.
+ */
+
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/* First include Mbed TLS headers to get the Mbed TLS configuration and
+ * platform definitions that we'll use in this program. Also include
+ * standard C headers for functions we'll use here. */
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "mbedtls/platform_util.h" // for mbedtls_platform_zeroize
+
+#include <psa/crypto.h>
+
+/* If the build options we need are not enabled, compile a placeholder. */
+#if !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) ||      \
+    !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CCM_C) ||        \
+    !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO) || \
+    defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+int main(void)
+{
+    printf("MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or "
+           "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or "
+           "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO "
+           "not defined and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER "
+           "defined.\n");
+    return 0;
+}
+#else
+
+/* The real program starts here. */
+
+/* Run a system function and bail out if it fails. */
+#define SYS_CHECK(expr)                                       \
+    do                                                          \
+    {                                                           \
+        if (!(expr))                                        \
+        {                                                       \
+            perror( #expr);                                    \
+            status = DEMO_ERROR;                                \
+            goto exit;                                          \
+        }                                                       \
+    }                                                           \
+    while (0)
+
+/* Run a PSA function and bail out if it fails. */
+#define PSA_CHECK(expr)                                       \
+    do                                                          \
+    {                                                           \
+        status = (expr);                                      \
+        if (status != PSA_SUCCESS)                             \
+        {                                                       \
+            printf("Error %d at line %d: %s\n",                \
+                   (int) status,                               \
+                   __LINE__,                                   \
+                   #expr);                                    \
+            goto exit;                                          \
+        }                                                       \
+    }                                                           \
+    while (0)
+
+/* To report operational errors in this program, use an error code that is
+ * different from every PSA error code. */
+#define DEMO_ERROR 120
+
+/* The maximum supported key ladder depth. */
+#define MAX_LADDER_DEPTH 10
+
+/* Salt to use when deriving an intermediate key. */
+#define DERIVE_KEY_SALT ((uint8_t *) "key_ladder_demo.derive")
+#define DERIVE_KEY_SALT_LENGTH (strlen((const char *) DERIVE_KEY_SALT))
+
+/* Salt to use when deriving a wrapping key. */
+#define WRAPPING_KEY_SALT ((uint8_t *) "key_ladder_demo.wrap")
+#define WRAPPING_KEY_SALT_LENGTH (strlen((const char *) WRAPPING_KEY_SALT))
+
+/* Size of the key derivation keys (applies both to the master key and
+ * to intermediate keys). */
+#define KEY_SIZE_BYTES 40
+
+/* Algorithm for key derivation. */
+#define KDF_ALG PSA_ALG_HKDF(PSA_ALG_SHA_256)
+
+/* Type and size of the key used to wrap data. */
+#define WRAPPING_KEY_TYPE PSA_KEY_TYPE_AES
+#define WRAPPING_KEY_BITS 128
+
+/* Cipher mode used to wrap data. */
+#define WRAPPING_ALG PSA_ALG_CCM
+
+/* Nonce size used to wrap data. */
+#define WRAPPING_IV_SIZE 13
+
+/* Header used in files containing wrapped data. We'll save this header
+ * directly without worrying about data representation issues such as
+ * integer sizes and endianness, because the data is meant to be read
+ * back by the same program on the same machine. */
+#define WRAPPED_DATA_MAGIC "key_ladder_demo" // including trailing null byte
+#define WRAPPED_DATA_MAGIC_LENGTH (sizeof(WRAPPED_DATA_MAGIC))
+typedef struct {
+    char magic[WRAPPED_DATA_MAGIC_LENGTH];
+    size_t ad_size; /* Size of the additional data, which is this header. */
+    size_t payload_size; /* Size of the encrypted data. */
+    /* Store the IV inside the additional data. It's convenient. */
+    uint8_t iv[WRAPPING_IV_SIZE];
+} wrapped_data_header_t;
+
+/* The modes that this program can operate in (see usage). */
+enum program_mode {
+    MODE_GENERATE,
+    MODE_SAVE,
+    MODE_UNWRAP,
+    MODE_WRAP
+};
+
+/* Save a key to a file. In the real world, you may want to export a derived
+ * key sometimes, to share it with another party. */
+static psa_status_t save_key(psa_key_id_t key,
+                             const char *output_file_name)
+{
+    psa_status_t status = PSA_SUCCESS;
+    uint8_t key_data[KEY_SIZE_BYTES];
+    size_t key_size;
+    FILE *key_file = NULL;
+
+    PSA_CHECK(psa_export_key(key,
+                             key_data, sizeof(key_data),
+                             &key_size));
+    SYS_CHECK((key_file = fopen(output_file_name, "wb")) != NULL);
+    SYS_CHECK(fwrite(key_data, 1, key_size, key_file) == key_size);
+    SYS_CHECK(fclose(key_file) == 0);
+    key_file = NULL;
+
+exit:
+    if (key_file != NULL) {
+        fclose(key_file);
+    }
+    return status;
+}
+
+/* Generate a master key for use in this demo.
+ *
+ * Normally a master key would be non-exportable. For the purpose of this
+ * demo, we want to save it to a file, to avoid relying on the keystore
+ * capability of the PSA crypto library. */
+static psa_status_t generate(const char *key_file_name)
+{
+    psa_status_t status = PSA_SUCCESS;
+    psa_key_id_t key = 0;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    psa_set_key_usage_flags(&attributes,
+                            PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT);
+    psa_set_key_algorithm(&attributes, KDF_ALG);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE);
+    psa_set_key_bits(&attributes, PSA_BYTES_TO_BITS(KEY_SIZE_BYTES));
+
+    PSA_CHECK(psa_generate_key(&attributes, &key));
+
+    PSA_CHECK(save_key(key, key_file_name));
+
+exit:
+    (void) psa_destroy_key(key);
+    return status;
+}
+
+/* Load the master key from a file.
+ *
+ * In the real world, this master key would be stored in an internal memory
+ * and the storage would be managed by the keystore capability of the PSA
+ * crypto library. */
+static psa_status_t import_key_from_file(psa_key_usage_t usage,
+                                         psa_algorithm_t alg,
+                                         const char *key_file_name,
+                                         psa_key_id_t *master_key)
+{
+    psa_status_t status = PSA_SUCCESS;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    uint8_t key_data[KEY_SIZE_BYTES];
+    size_t key_size;
+    FILE *key_file = NULL;
+    unsigned char extra_byte;
+
+    SYS_CHECK((key_file = fopen(key_file_name, "rb")) != NULL);
+    SYS_CHECK((key_size = fread(key_data, 1, sizeof(key_data),
+                                key_file)) != 0);
+    if (fread(&extra_byte, 1, 1, key_file) != 0) {
+        printf("Key file too large (max: %u).\n",
+               (unsigned) sizeof(key_data));
+        status = DEMO_ERROR;
+        goto exit;
+    }
+    SYS_CHECK(fclose(key_file) == 0);
+    key_file = NULL;
+
+    psa_set_key_usage_flags(&attributes, usage);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE);
+    PSA_CHECK(psa_import_key(&attributes, key_data, key_size, master_key));
+exit:
+    if (key_file != NULL) {
+        fclose(key_file);
+    }
+    mbedtls_platform_zeroize(key_data, sizeof(key_data));
+    if (status != PSA_SUCCESS) {
+        /* If the key creation hasn't happened yet or has failed,
+         * *master_key is null. psa_destroy_key( 0 ) is
+         * guaranteed to do nothing and return PSA_SUCCESS. */
+        (void) psa_destroy_key(*master_key);
+        *master_key = 0;
+    }
+    return status;
+}
+
+/* Derive the intermediate keys, using the list of labels provided on
+ * the command line. On input, *key is the master key identifier.
+ * This function destroys the master key. On successful output, *key
+ * is the identifier of the final derived key.
+ */
+static psa_status_t derive_key_ladder(const char *ladder[],
+                                      size_t ladder_depth,
+                                      psa_key_id_t *key)
+{
+    psa_status_t status = PSA_SUCCESS;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+    size_t i;
+
+    psa_set_key_usage_flags(&attributes,
+                            PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT);
+    psa_set_key_algorithm(&attributes, KDF_ALG);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE);
+    psa_set_key_bits(&attributes, PSA_BYTES_TO_BITS(KEY_SIZE_BYTES));
+
+    /* For each label in turn, ... */
+    for (i = 0; i < ladder_depth; i++) {
+        /* Start deriving material from the master key (if i=0) or from
+         * the current intermediate key (if i>0). */
+        PSA_CHECK(psa_key_derivation_setup(&operation, KDF_ALG));
+        PSA_CHECK(psa_key_derivation_input_bytes(
+                      &operation, PSA_KEY_DERIVATION_INPUT_SALT,
+                      DERIVE_KEY_SALT, DERIVE_KEY_SALT_LENGTH));
+        PSA_CHECK(psa_key_derivation_input_key(
+                      &operation, PSA_KEY_DERIVATION_INPUT_SECRET,
+                      *key));
+        PSA_CHECK(psa_key_derivation_input_bytes(
+                      &operation, PSA_KEY_DERIVATION_INPUT_INFO,
+                      (uint8_t *) ladder[i], strlen(ladder[i])));
+        /* When the parent key is not the master key, destroy it,
+         * since it is no longer needed. */
+        PSA_CHECK(psa_destroy_key(*key));
+        *key = 0;
+        /* Derive the next intermediate key from the parent key. */
+        PSA_CHECK(psa_key_derivation_output_key(&attributes, &operation,
+                                                key));
+        PSA_CHECK(psa_key_derivation_abort(&operation));
+    }
+
+exit:
+    psa_key_derivation_abort(&operation);
+    if (status != PSA_SUCCESS) {
+        psa_destroy_key(*key);
+        *key = 0;
+    }
+    return status;
+}
+
+/* Derive a wrapping key from the last intermediate key. */
+static psa_status_t derive_wrapping_key(psa_key_usage_t usage,
+                                        psa_key_id_t derived_key,
+                                        psa_key_id_t *wrapping_key)
+{
+    psa_status_t status = PSA_SUCCESS;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+
+    *wrapping_key = 0;
+
+    /* Set up a key derivation operation from the key derived from
+     * the master key. */
+    PSA_CHECK(psa_key_derivation_setup(&operation, KDF_ALG));
+    PSA_CHECK(psa_key_derivation_input_bytes(
+                  &operation, PSA_KEY_DERIVATION_INPUT_SALT,
+                  WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH));
+    PSA_CHECK(psa_key_derivation_input_key(
+                  &operation, PSA_KEY_DERIVATION_INPUT_SECRET,
+                  derived_key));
+    PSA_CHECK(psa_key_derivation_input_bytes(
+                  &operation, PSA_KEY_DERIVATION_INPUT_INFO,
+                  NULL, 0));
+
+    /* Create the wrapping key. */
+    psa_set_key_usage_flags(&attributes, usage);
+    psa_set_key_algorithm(&attributes, WRAPPING_ALG);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
+    psa_set_key_bits(&attributes, WRAPPING_KEY_BITS);
+    PSA_CHECK(psa_key_derivation_output_key(&attributes, &operation,
+                                            wrapping_key));
+
+exit:
+    psa_key_derivation_abort(&operation);
+    return status;
+}
+
+static psa_status_t wrap_data(const char *input_file_name,
+                              const char *output_file_name,
+                              psa_key_id_t wrapping_key)
+{
+    psa_status_t status;
+    FILE *input_file = NULL;
+    FILE *output_file = NULL;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_type_t key_type;
+    long input_position;
+    size_t input_size;
+    size_t buffer_size = 0;
+    unsigned char *buffer = NULL;
+    size_t ciphertext_size;
+    wrapped_data_header_t header;
+
+    /* Find the size of the data to wrap. */
+    SYS_CHECK((input_file = fopen(input_file_name, "rb")) != NULL);
+    SYS_CHECK(fseek(input_file, 0, SEEK_END) == 0);
+    SYS_CHECK((input_position = ftell(input_file)) != -1);
+#if LONG_MAX > SIZE_MAX
+    if (input_position > SIZE_MAX) {
+        printf("Input file too large.\n");
+        status = DEMO_ERROR;
+        goto exit;
+    }
+#endif
+    input_size = input_position;
+    PSA_CHECK(psa_get_key_attributes(wrapping_key, &attributes));
+    key_type = psa_get_key_type(&attributes);
+    buffer_size =
+        PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, WRAPPING_ALG, input_size);
+    /* Check for integer overflow. */
+    if (buffer_size < input_size) {
+        printf("Input file too large.\n");
+        status = DEMO_ERROR;
+        goto exit;
+    }
+
+    /* Load the data to wrap. */
+    SYS_CHECK(fseek(input_file, 0, SEEK_SET) == 0);
+    SYS_CHECK((buffer = calloc(1, buffer_size)) != NULL);
+    SYS_CHECK(fread(buffer, 1, input_size, input_file) == input_size);
+    SYS_CHECK(fclose(input_file) == 0);
+    input_file = NULL;
+
+    /* Construct a header. */
+    memcpy(&header.magic, WRAPPED_DATA_MAGIC, WRAPPED_DATA_MAGIC_LENGTH);
+    header.ad_size = sizeof(header);
+    header.payload_size = input_size;
+
+    /* Wrap the data. */
+    PSA_CHECK(psa_generate_random(header.iv, WRAPPING_IV_SIZE));
+    PSA_CHECK(psa_aead_encrypt(wrapping_key, WRAPPING_ALG,
+                               header.iv, WRAPPING_IV_SIZE,
+                               (uint8_t *) &header, sizeof(header),
+                               buffer, input_size,
+                               buffer, buffer_size,
+                               &ciphertext_size));
+
+    /* Write the output. */
+    SYS_CHECK((output_file = fopen(output_file_name, "wb")) != NULL);
+    SYS_CHECK(fwrite(&header, 1, sizeof(header),
+                     output_file) == sizeof(header));
+    SYS_CHECK(fwrite(buffer, 1, ciphertext_size,
+                     output_file) == ciphertext_size);
+    SYS_CHECK(fclose(output_file) == 0);
+    output_file = NULL;
+
+exit:
+    if (input_file != NULL) {
+        fclose(input_file);
+    }
+    if (output_file != NULL) {
+        fclose(output_file);
+    }
+    if (buffer != NULL) {
+        mbedtls_platform_zeroize(buffer, buffer_size);
+    }
+    free(buffer);
+    return status;
+}
+
+static psa_status_t unwrap_data(const char *input_file_name,
+                                const char *output_file_name,
+                                psa_key_id_t wrapping_key)
+{
+    psa_status_t status;
+    FILE *input_file = NULL;
+    FILE *output_file = NULL;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_type_t key_type;
+    unsigned char *buffer = NULL;
+    size_t ciphertext_size = 0;
+    size_t plaintext_size;
+    wrapped_data_header_t header;
+    unsigned char extra_byte;
+
+    /* Load and validate the header. */
+    SYS_CHECK((input_file = fopen(input_file_name, "rb")) != NULL);
+    SYS_CHECK(fread(&header, 1, sizeof(header),
+                    input_file) == sizeof(header));
+    if (memcmp(&header.magic, WRAPPED_DATA_MAGIC,
+               WRAPPED_DATA_MAGIC_LENGTH) != 0) {
+        printf("The input does not start with a valid magic header.\n");
+        status = DEMO_ERROR;
+        goto exit;
+    }
+    if (header.ad_size != sizeof(header)) {
+        printf("The header size is not correct.\n");
+        status = DEMO_ERROR;
+        goto exit;
+    }
+    PSA_CHECK(psa_get_key_attributes(wrapping_key, &attributes));
+    key_type = psa_get_key_type(&attributes);
+    ciphertext_size =
+        PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, WRAPPING_ALG, header.payload_size);
+    /* Check for integer overflow. */
+    if (ciphertext_size < header.payload_size) {
+        printf("Input file too large.\n");
+        status = DEMO_ERROR;
+        goto exit;
+    }
+
+    /* Load the payload data. */
+    SYS_CHECK((buffer = calloc(1, ciphertext_size)) != NULL);
+    SYS_CHECK(fread(buffer, 1, ciphertext_size,
+                    input_file) == ciphertext_size);
+    if (fread(&extra_byte, 1, 1, input_file) != 0) {
+        printf("Extra garbage after ciphertext\n");
+        status = DEMO_ERROR;
+        goto exit;
+    }
+    SYS_CHECK(fclose(input_file) == 0);
+    input_file = NULL;
+
+    /* Unwrap the data. */
+    PSA_CHECK(psa_aead_decrypt(wrapping_key, WRAPPING_ALG,
+                               header.iv, WRAPPING_IV_SIZE,
+                               (uint8_t *) &header, sizeof(header),
+                               buffer, ciphertext_size,
+                               buffer, ciphertext_size,
+                               &plaintext_size));
+    if (plaintext_size != header.payload_size) {
+        printf("Incorrect payload size in the header.\n");
+        status = DEMO_ERROR;
+        goto exit;
+    }
+
+    /* Write the output. */
+    SYS_CHECK((output_file = fopen(output_file_name, "wb")) != NULL);
+    SYS_CHECK(fwrite(buffer, 1, plaintext_size,
+                     output_file) == plaintext_size);
+    SYS_CHECK(fclose(output_file) == 0);
+    output_file = NULL;
+
+exit:
+    if (input_file != NULL) {
+        fclose(input_file);
+    }
+    if (output_file != NULL) {
+        fclose(output_file);
+    }
+    if (buffer != NULL) {
+        mbedtls_platform_zeroize(buffer, ciphertext_size);
+    }
+    free(buffer);
+    return status;
+}
+
+static psa_status_t run(enum program_mode mode,
+                        const char *key_file_name,
+                        const char *ladder[], size_t ladder_depth,
+                        const char *input_file_name,
+                        const char *output_file_name)
+{
+    psa_status_t status = PSA_SUCCESS;
+    psa_key_id_t derivation_key = 0;
+    psa_key_id_t wrapping_key = 0;
+
+    /* Initialize the PSA crypto library. */
+    PSA_CHECK(psa_crypto_init());
+
+    /* Generate mode is unlike the others. Generate the master key and exit. */
+    if (mode == MODE_GENERATE) {
+        return generate(key_file_name);
+    }
+
+    /* Read the master key. */
+    PSA_CHECK(import_key_from_file(PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT,
+                                   KDF_ALG,
+                                   key_file_name,
+                                   &derivation_key));
+
+    /* Calculate the derived key for this session. */
+    PSA_CHECK(derive_key_ladder(ladder, ladder_depth,
+                                &derivation_key));
+
+    switch (mode) {
+        case MODE_SAVE:
+            PSA_CHECK(save_key(derivation_key, output_file_name));
+            break;
+        case MODE_UNWRAP:
+            PSA_CHECK(derive_wrapping_key(PSA_KEY_USAGE_DECRYPT,
+                                          derivation_key,
+                                          &wrapping_key));
+            PSA_CHECK(unwrap_data(input_file_name, output_file_name,
+                                  wrapping_key));
+            break;
+        case MODE_WRAP:
+            PSA_CHECK(derive_wrapping_key(PSA_KEY_USAGE_ENCRYPT,
+                                          derivation_key,
+                                          &wrapping_key));
+            PSA_CHECK(wrap_data(input_file_name, output_file_name,
+                                wrapping_key));
+            break;
+        default:
+            /* Unreachable but some compilers don't realize it. */
+            break;
+    }
+
+exit:
+    /* Destroy any remaining key. Deinitializing the crypto library would do
+     * this anyway since they are volatile keys, but explicitly destroying
+     * keys makes the code easier to reuse. */
+    (void) psa_destroy_key(derivation_key);
+    (void) psa_destroy_key(wrapping_key);
+    /* Deinitialize the PSA crypto library. */
+    mbedtls_psa_crypto_free();
+    return status;
+}
+
+static void usage(void)
+{
+    printf("Usage: key_ladder_demo MODE [OPTION=VALUE]...\n");
+    printf("Demonstrate the usage of a key derivation ladder.\n");
+    printf("\n");
+    printf("Modes:\n");
+    printf("  generate  Generate the master key\n");
+    printf("  save      Save the derived key\n");
+    printf("  unwrap    Unwrap (decrypt) input with the derived key\n");
+    printf("  wrap      Wrap (encrypt) input with the derived key\n");
+    printf("\n");
+    printf("Options:\n");
+    printf("  input=FILENAME    Input file (required for wrap/unwrap)\n");
+    printf("  master=FILENAME   File containing the master key (default: master.key)\n");
+    printf("  output=FILENAME   Output file (required for save/wrap/unwrap)\n");
+    printf("  label=TEXT        Label for the key derivation.\n");
+    printf("                    This may be repeated multiple times.\n");
+    printf("                    To get the same key, you must use the same master key\n");
+    printf("                    and the same sequence of labels.\n");
+}
+
+int main(int argc, char *argv[])
+{
+    const char *key_file_name = "master.key";
+    const char *input_file_name = NULL;
+    const char *output_file_name = NULL;
+    const char *ladder[MAX_LADDER_DEPTH];
+    size_t ladder_depth = 0;
+    int i;
+    enum program_mode mode;
+    psa_status_t status;
+
+    if (argc <= 1 ||
+        strcmp(argv[1], "help") == 0 ||
+        strcmp(argv[1], "-help") == 0 ||
+        strcmp(argv[1], "--help") == 0) {
+        usage();
+        return EXIT_SUCCESS;
+    }
+
+    for (i = 2; i < argc; i++) {
+        char *q = strchr(argv[i], '=');
+        if (q == NULL) {
+            printf("Missing argument to option %s\n", argv[i]);
+            goto usage_failure;
+        }
+        *q = 0;
+        ++q;
+        if (strcmp(argv[i], "input") == 0) {
+            input_file_name = q;
+        } else if (strcmp(argv[i], "label") == 0) {
+            if (ladder_depth == MAX_LADDER_DEPTH) {
+                printf("Maximum ladder depth %u exceeded.\n",
+                       (unsigned) MAX_LADDER_DEPTH);
+                return EXIT_FAILURE;
+            }
+            ladder[ladder_depth] = q;
+            ++ladder_depth;
+        } else if (strcmp(argv[i], "master") == 0) {
+            key_file_name = q;
+        } else if (strcmp(argv[i], "output") == 0) {
+            output_file_name = q;
+        } else {
+            printf("Unknown option: %s\n", argv[i]);
+            goto usage_failure;
+        }
+    }
+
+    if (strcmp(argv[1], "generate") == 0) {
+        mode = MODE_GENERATE;
+    } else if (strcmp(argv[1], "save") == 0) {
+        mode = MODE_SAVE;
+    } else if (strcmp(argv[1], "unwrap") == 0) {
+        mode = MODE_UNWRAP;
+    } else if (strcmp(argv[1], "wrap") == 0) {
+        mode = MODE_WRAP;
+    } else {
+        printf("Unknown action: %s\n", argv[1]);
+        goto usage_failure;
+    }
+
+    if (input_file_name == NULL &&
+        (mode == MODE_WRAP || mode == MODE_UNWRAP)) {
+        printf("Required argument missing: input\n");
+        return DEMO_ERROR;
+    }
+    if (output_file_name == NULL &&
+        (mode == MODE_SAVE || mode == MODE_WRAP || mode == MODE_UNWRAP)) {
+        printf("Required argument missing: output\n");
+        return DEMO_ERROR;
+    }
+
+    status = run(mode, key_file_name,
+                 ladder, ladder_depth,
+                 input_file_name, output_file_name);
+    return status == PSA_SUCCESS ?
+           EXIT_SUCCESS :
+           EXIT_FAILURE;
+
+usage_failure:
+    usage();
+    return EXIT_FAILURE;
+}
+#endif /* MBEDTLS_SHA256_C && MBEDTLS_MD_C &&
+          MBEDTLS_AES_C && MBEDTLS_CCM_C &&
+          MBEDTLS_PSA_CRYPTO_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.28.7/programs/psa/key_ladder_demo.sh b/3rdparty/mbedtls-2.28.7/programs/psa/key_ladder_demo.sh
new file mode 100644
index 0000000..9d62228
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/psa/key_ladder_demo.sh
@@ -0,0 +1,71 @@
+#!/bin/sh
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+set -e -u
+
+program_name="key_ladder_demo"
+program="${0%/*}/$program_name"
+files_to_clean=
+
+if [ ! -e "$program" ]; then
+    # Look for programs in the current directory and the directories above it
+    for dir in "." ".." "../.."; do
+        program="$dir/programs/psa/$program_name"
+        if [ -e "$program" ]; then
+            break
+        fi
+    done
+    if [ ! -e "$program" ]; then
+        echo "Could not find $program_name executable"
+
+        echo "If building out-of-tree, this script must be run" \
+             "from the project build directory."
+        exit 1
+    fi
+fi
+
+run () {
+    echo
+    echo "# $1"
+    shift
+    echo "+ $*"
+    "$@"
+}
+
+if [ -e master.key ]; then
+    echo "# Reusing the existing master.key file."
+else
+    files_to_clean="$files_to_clean master.key"
+    run "Generate a master key." \
+        "$program" generate master=master.key
+fi
+
+files_to_clean="$files_to_clean input.txt hello_world.wrap"
+echo "Here is some input. See it wrapped." >input.txt
+run "Derive a key and wrap some data with it." \
+    "$program" wrap master=master.key label=hello label=world \
+               input=input.txt output=hello_world.wrap
+
+files_to_clean="$files_to_clean hello_world.txt"
+run "Derive the same key again and unwrap the data." \
+    "$program" unwrap master=master.key label=hello label=world \
+               input=hello_world.wrap output=hello_world.txt
+run "Compare the unwrapped data with the original input." \
+    cmp input.txt hello_world.txt
+
+files_to_clean="$files_to_clean hellow_orld.txt"
+! run "Derive a different key and attempt to unwrap the data. This must fail." \
+  "$program" unwrap master=master.key input=hello_world.wrap output=hellow_orld.txt label=hellow label=orld
+
+files_to_clean="$files_to_clean hello.key"
+run "Save the first step of the key ladder, then load it as a master key and construct the rest of the ladder." \
+    "$program" save master=master.key label=hello \
+               input=hello_world.wrap output=hello.key
+run "Check that we get the same key by unwrapping data made by the other key." \
+    "$program" unwrap master=hello.key label=world \
+               input=hello_world.wrap output=hello_world.txt
+
+# Cleanup
+rm -f $files_to_clean
diff --git a/3rdparty/mbedtls-2.25.0/programs/psa/psa_constant_names.c b/3rdparty/mbedtls-2.28.7/programs/psa/psa_constant_names.c
similarity index 90%
rename from 3rdparty/mbedtls-2.25.0/programs/psa/psa_constant_names.c
rename to 3rdparty/mbedtls-2.28.7/programs/psa/psa_constant_names.c
index 14d4494..4e030ce 100644
--- a/3rdparty/mbedtls-2.25.0/programs/psa/psa_constant_names.c
+++ b/3rdparty/mbedtls-2.28.7/programs/psa/psa_constant_names.c
@@ -1,18 +1,6 @@
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #include <errno.h>
@@ -26,29 +14,29 @@
 /* This block is present to support Visual Studio builds prior to 2015 */
 #if defined(_MSC_VER) && _MSC_VER < 1900
 #include <stdarg.h>
-int snprintf( char *s, size_t n, const char *fmt, ... )
+int snprintf(char *s, size_t n, const char *fmt, ...)
 {
     int ret;
     va_list argp;
 
     /* Avoid calling the invalid parameter handler by checking ourselves */
-    if( s == NULL || n == 0 || fmt == NULL )
-        return( -1 );
+    if (s == NULL || n == 0 || fmt == NULL) {
+        return -1;
+    }
 
-    va_start( argp, fmt );
+    va_start(argp, fmt);
 #if defined(_TRUNCATE) && !defined(__MINGW32__)
-    ret = _vsnprintf_s( s, n, _TRUNCATE, fmt, argp );
+    ret = _vsnprintf_s(s, n, _TRUNCATE, fmt, argp);
 #else
-    ret = _vsnprintf( s, n, fmt, argp );
-    if( ret < 0 || (size_t) ret == n )
-    {
+    ret = _vsnprintf(s, n, fmt, argp);
+    if (ret < 0 || (size_t) ret == n) {
         s[n-1] = '\0';
         ret = -1;
     }
 #endif
-    va_end( argp );
+    va_end(argp);
 
-    return( ret );
+    return ret;
 }
 #endif
 
@@ -75,7 +63,9 @@ static void append_integer(char **buffer, size_t buffer_size,
                            unsigned long value)
 {
     size_t n = snprintf(*buffer, buffer_size - *required_size, format, value);
-    if (n < buffer_size - *required_size) *buffer += n;
+    if (n < buffer_size - *required_size) {
+        *buffer += n;
+    }
     *required_size += n;
 }
 
@@ -294,8 +284,7 @@ int main(int argc, char *argv[])
 {
     if (argc <= 1 ||
         !strcmp(argv[1], "help") ||
-        !strcmp(argv[1], "--help"))
-    {
+        !strcmp(argv[1], "--help")) {
         usage(argv[0]);
         return EXIT_FAILURE;
     }
diff --git a/3rdparty/mbedtls-2.25.0/programs/psa/psa_constant_names_generated.c b/3rdparty/mbedtls-2.28.7/programs/psa/psa_constant_names_generated.c
similarity index 88%
rename from 3rdparty/mbedtls-2.25.0/programs/psa/psa_constant_names_generated.c
rename to 3rdparty/mbedtls-2.28.7/programs/psa/psa_constant_names_generated.c
index a6eee21..de29716 100644
--- a/3rdparty/mbedtls-2.25.0/programs/psa/psa_constant_names_generated.c
+++ b/3rdparty/mbedtls-2.28.7/programs/psa/psa_constant_names_generated.c
@@ -8,6 +8,8 @@ static const char *psa_strerror(psa_status_t status)
     case PSA_ERROR_BUFFER_TOO_SMALL: return "PSA_ERROR_BUFFER_TOO_SMALL";
     case PSA_ERROR_COMMUNICATION_FAILURE: return "PSA_ERROR_COMMUNICATION_FAILURE";
     case PSA_ERROR_CORRUPTION_DETECTED: return "PSA_ERROR_CORRUPTION_DETECTED";
+    case PSA_ERROR_DATA_CORRUPT: return "PSA_ERROR_DATA_CORRUPT";
+    case PSA_ERROR_DATA_INVALID: return "PSA_ERROR_DATA_INVALID";
     case PSA_ERROR_DOES_NOT_EXIST: return "PSA_ERROR_DOES_NOT_EXIST";
     case PSA_ERROR_GENERIC_ERROR: return "PSA_ERROR_GENERIC_ERROR";
     case PSA_ERROR_HARDWARE_FAILURE: return "PSA_ERROR_HARDWARE_FAILURE";
@@ -38,6 +40,7 @@ static const char *psa_ecc_family_name(psa_ecc_family_t curve)
     case PSA_ECC_FAMILY_SECT_K1: return "PSA_ECC_FAMILY_SECT_K1";
     case PSA_ECC_FAMILY_SECT_R1: return "PSA_ECC_FAMILY_SECT_R1";
     case PSA_ECC_FAMILY_SECT_R2: return "PSA_ECC_FAMILY_SECT_R2";
+    case PSA_ECC_FAMILY_TWISTED_EDWARDS: return "PSA_ECC_FAMILY_TWISTED_EDWARDS";
     default: return NULL;
     }
 }
@@ -64,6 +67,7 @@ static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg)
     case PSA_ALG_SHA3_256: return "PSA_ALG_SHA3_256";
     case PSA_ALG_SHA3_384: return "PSA_ALG_SHA3_384";
     case PSA_ALG_SHA3_512: return "PSA_ALG_SHA3_512";
+    case PSA_ALG_SHAKE256_512: return "PSA_ALG_SHAKE256_512";
     case PSA_ALG_SHA_1: return "PSA_ALG_SHA_1";
     case PSA_ALG_SHA_224: return "PSA_ALG_SHA_224";
     case PSA_ALG_SHA_256: return "PSA_ALG_SHA_256";
@@ -92,6 +96,7 @@ static int psa_snprint_key_type(char *buffer, size_t buffer_size,
     switch (type) {
     case PSA_KEY_TYPE_AES: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_AES", 16); break;
     case PSA_KEY_TYPE_ARC4: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_ARC4", 17); break;
+    case PSA_KEY_TYPE_ARIA: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_ARIA", 17); break;
     case PSA_KEY_TYPE_CAMELLIA: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CAMELLIA", 21); break;
     case PSA_KEY_TYPE_CATEGORY_FLAG_PAIR: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_FLAG_PAIR", 31); break;
     case PSA_KEY_TYPE_CATEGORY_KEY_PAIR: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_KEY_PAIR", 30); break;
@@ -148,20 +153,28 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size,
     unsigned long length_modifier = NO_LENGTH_MODIFIER;
     if (PSA_ALG_IS_MAC(alg)) {
         core_alg = PSA_ALG_TRUNCATED_MAC(alg, 0);
-        if (core_alg != alg) {
+        if (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) {
+            append(&buffer, buffer_size, &required_size,
+                   "PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(", 33);
+            length_modifier = PSA_MAC_TRUNCATED_LENGTH(alg);
+        } else if (core_alg != alg) {
             append(&buffer, buffer_size, &required_size,
                    "PSA_ALG_TRUNCATED_MAC(", 22);
             length_modifier = PSA_MAC_TRUNCATED_LENGTH(alg);
         }
     } else if (PSA_ALG_IS_AEAD(alg)) {
-        core_alg = PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg);
+        core_alg = PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg);
         if (core_alg == 0) {
             /* For unknown AEAD algorithms, there is no "default tag length". */
             core_alg = alg;
+        } else if (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) {
+            append(&buffer, buffer_size, &required_size,
+                   "PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(", 43);
+            length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg);
         } else if (core_alg != alg) {
             append(&buffer, buffer_size, &required_size,
-                   "PSA_ALG_AEAD_WITH_TAG_LENGTH(", 29);
-            length_modifier = PSA_AEAD_TAG_LENGTH(alg);
+                   "PSA_ALG_AEAD_WITH_SHORTENED_TAG(", 32);
+            length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg);
         }
     } else if (PSA_ALG_IS_KEY_AGREEMENT(alg) &&
                !PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) {
@@ -198,23 +211,30 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size,
     case PSA_ALG_ECB_NO_PADDING: append(&buffer, buffer_size, &required_size, "PSA_ALG_ECB_NO_PADDING", 22); break;
     case PSA_ALG_ECDH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ECDH", 12); break;
     case PSA_ALG_ECDSA_ANY: append(&buffer, buffer_size, &required_size, "PSA_ALG_ECDSA_ANY", 17); break;
+    case PSA_ALG_ED25519PH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ED25519PH", 17); break;
+    case PSA_ALG_ED448PH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ED448PH", 15); break;
     case PSA_ALG_FFDH: append(&buffer, buffer_size, &required_size, "PSA_ALG_FFDH", 12); break;
     case PSA_ALG_GCM: append(&buffer, buffer_size, &required_size, "PSA_ALG_GCM", 11); break;
+    case PSA_ALG_HASH_EDDSA_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_HASH_EDDSA_BASE", 23); break;
     case PSA_ALG_HKDF_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_HKDF_BASE", 17); break;
     case PSA_ALG_HMAC_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_HMAC_BASE", 17); break;
     case PSA_ALG_MD2: append(&buffer, buffer_size, &required_size, "PSA_ALG_MD2", 11); break;
     case PSA_ALG_MD4: append(&buffer, buffer_size, &required_size, "PSA_ALG_MD4", 11); break;
     case PSA_ALG_MD5: append(&buffer, buffer_size, &required_size, "PSA_ALG_MD5", 11); break;
+    case PSA_ALG_NONE: append(&buffer, buffer_size, &required_size, "PSA_ALG_NONE", 12); break;
     case PSA_ALG_OFB: append(&buffer, buffer_size, &required_size, "PSA_ALG_OFB", 11); break;
+    case PSA_ALG_PURE_EDDSA: append(&buffer, buffer_size, &required_size, "PSA_ALG_PURE_EDDSA", 18); break;
     case PSA_ALG_RIPEMD160: append(&buffer, buffer_size, &required_size, "PSA_ALG_RIPEMD160", 17); break;
     case PSA_ALG_RSA_OAEP_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_OAEP_BASE", 21); break;
     case PSA_ALG_RSA_PKCS1V15_CRYPT: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_PKCS1V15_CRYPT", 26); break;
     case PSA_ALG_RSA_PKCS1V15_SIGN_RAW: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_PKCS1V15_SIGN_RAW", 29); break;
+    case PSA_ALG_RSA_PSS_ANY_SALT_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_PSS_ANY_SALT_BASE", 29); break;
     case PSA_ALG_RSA_PSS_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_PSS_BASE", 20); break;
     case PSA_ALG_SHA3_224: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_224", 16); break;
     case PSA_ALG_SHA3_256: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_256", 16); break;
     case PSA_ALG_SHA3_384: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_384", 16); break;
     case PSA_ALG_SHA3_512: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_512", 16); break;
+    case PSA_ALG_SHAKE256_512: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHAKE256_512", 20); break;
     case PSA_ALG_SHA_1: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_1", 13); break;
     case PSA_ALG_SHA_224: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_224", 15); break;
     case PSA_ALG_SHA_256: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_256", 15); break;
@@ -283,13 +303,20 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size,
                             psa_hash_algorithm_name,
                             PSA_ALG_GET_HASH(core_alg));
             append(&buffer, buffer_size, &required_size, ")", 1);
-        } else if (PSA_ALG_IS_RSA_PSS(core_alg)) {
+        } else if (PSA_ALG_IS_RSA_PSS_STANDARD_SALT(core_alg)) {
             append(&buffer, buffer_size, &required_size,
                    "PSA_ALG_RSA_PSS(", 15 + 1);
             append_with_alg(&buffer, buffer_size, &required_size,
                             psa_hash_algorithm_name,
                             PSA_ALG_GET_HASH(core_alg));
             append(&buffer, buffer_size, &required_size, ")", 1);
+        } else if (PSA_ALG_IS_RSA_PSS_ANY_SALT(core_alg)) {
+            append(&buffer, buffer_size, &required_size,
+                   "PSA_ALG_RSA_PSS_ANY_SALT(", 24 + 1);
+            append_with_alg(&buffer, buffer_size, &required_size,
+                            psa_hash_algorithm_name,
+                            PSA_ALG_GET_HASH(core_alg));
+            append(&buffer, buffer_size, &required_size, ")", 1);
         } else if (PSA_ALG_IS_TLS12_PRF(core_alg)) {
             append(&buffer, buffer_size, &required_size,
                    "PSA_ALG_TLS12_PRF(", 17 + 1);
@@ -377,6 +404,13 @@ static int psa_snprint_key_usage(char *buffer, size_t buffer_size,
         append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_SIGN_HASH", 23);
         usage ^= PSA_KEY_USAGE_SIGN_HASH;
     }
+    if (usage & PSA_KEY_USAGE_SIGN_MESSAGE) {
+        if (required_size != 0) {
+            append(&buffer, buffer_size, &required_size, " | ", 3);
+        }
+        append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_SIGN_MESSAGE", 26);
+        usage ^= PSA_KEY_USAGE_SIGN_MESSAGE;
+    }
     if (usage & PSA_KEY_USAGE_VERIFY_HASH) {
         if (required_size != 0) {
             append(&buffer, buffer_size, &required_size, " | ", 3);
@@ -384,6 +418,13 @@ static int psa_snprint_key_usage(char *buffer, size_t buffer_size,
         append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_VERIFY_HASH", 25);
         usage ^= PSA_KEY_USAGE_VERIFY_HASH;
     }
+    if (usage & PSA_KEY_USAGE_VERIFY_MESSAGE) {
+        if (required_size != 0) {
+            append(&buffer, buffer_size, &required_size, " | ", 3);
+        }
+        append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_VERIFY_MESSAGE", 28);
+        usage ^= PSA_KEY_USAGE_VERIFY_MESSAGE;
+    }
     if (usage != 0) {
         if (required_size != 0) {
             append(&buffer, buffer_size, &required_size, " | ", 3);
diff --git a/3rdparty/mbedtls-2.25.0/programs/random/CMakeLists.txt b/3rdparty/mbedtls-2.28.7/programs/random/CMakeLists.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/random/CMakeLists.txt
rename to 3rdparty/mbedtls-2.28.7/programs/random/CMakeLists.txt
diff --git a/3rdparty/mbedtls-2.28.7/programs/random/gen_entropy.c b/3rdparty/mbedtls-2.28.7/programs/random/gen_entropy.c
new file mode 100644
index 0000000..4df60e9
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/random/gen_entropy.c
@@ -0,0 +1,79 @@
+/**
+ *  \brief Use and generate multiple entropies calls into a file
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_FS_IO)
+#include "mbedtls/entropy.h"
+
+#include <stdio.h>
+#endif
+
+#if !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_FS_IO)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+
+int main(int argc, char *argv[])
+{
+    FILE *f;
+    int i, k, ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    mbedtls_entropy_context entropy;
+    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
+
+    if (argc < 2) {
+        mbedtls_fprintf(stderr, "usage: %s <output filename>\n", argv[0]);
+        mbedtls_exit(exit_code);
+    }
+
+    if ((f = fopen(argv[1], "wb+")) == NULL) {
+        mbedtls_printf("failed to open '%s' for writing.\n", argv[1]);
+        mbedtls_exit(exit_code);
+    }
+
+    mbedtls_entropy_init(&entropy);
+
+    for (i = 0, k = 768; i < k; i++) {
+        ret = mbedtls_entropy_func(&entropy, buf, sizeof(buf));
+        if (ret != 0) {
+            mbedtls_printf("  failed\n  !  mbedtls_entropy_func returned -%04X\n",
+                           (unsigned int) ret);
+            goto cleanup;
+        }
+
+        fwrite(buf, 1, sizeof(buf), f);
+
+        mbedtls_printf("Generating %ldkb of data in file '%s'... %04.1f" \
+                       "%% done\r",
+                       (long) (sizeof(buf) * k / 1024),
+                       argv[1],
+                       (100 * (float) (i + 1)) / k);
+        fflush(stdout);
+    }
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+cleanup:
+    mbedtls_printf("\n");
+
+    fclose(f);
+    mbedtls_entropy_free(&entropy);
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_ENTROPY_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/random/gen_random_ctr_drbg.c b/3rdparty/mbedtls-2.28.7/programs/random/gen_random_ctr_drbg.c
new file mode 100644
index 0000000..00f8691
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/random/gen_random_ctr_drbg.c
@@ -0,0 +1,111 @@
+/**
+ *  \brief Use and generate random data into a file via the CTR_DBRG based on AES
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_CTR_DRBG_C) && defined(MBEDTLS_ENTROPY_C) && \
+    defined(MBEDTLS_FS_IO)
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+
+#include <stdio.h>
+#endif
+
+#if !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_ENTROPY_C) || \
+    !defined(MBEDTLS_FS_IO)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+
+int main(int argc, char *argv[])
+{
+    FILE *f;
+    int i, k, ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_entropy_context entropy;
+    unsigned char buf[1024];
+
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+
+    if (argc < 2) {
+        mbedtls_fprintf(stderr, "usage: %s <output filename>\n", argv[0]);
+        mbedtls_exit(exit_code);
+    }
+
+    if ((f = fopen(argv[1], "wb+")) == NULL) {
+        mbedtls_printf("failed to open '%s' for writing.\n", argv[1]);
+        mbedtls_exit(exit_code);
+    }
+
+    mbedtls_entropy_init(&entropy);
+    ret = mbedtls_ctr_drbg_seed(&ctr_drbg,
+                                mbedtls_entropy_func,
+                                &entropy,
+                                (const unsigned char *) "RANDOM_GEN",
+                                10);
+    if (ret != 0) {
+        mbedtls_printf("failed in mbedtls_ctr_drbg_seed: %d\n", ret);
+        goto cleanup;
+    }
+    mbedtls_ctr_drbg_set_prediction_resistance(&ctr_drbg, MBEDTLS_CTR_DRBG_PR_OFF);
+
+#if defined(MBEDTLS_FS_IO)
+    ret = mbedtls_ctr_drbg_update_seed_file(&ctr_drbg, "seedfile");
+
+    if (ret == MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR) {
+        mbedtls_printf("Failed to open seedfile. Generating one.\n");
+        ret = mbedtls_ctr_drbg_write_seed_file(&ctr_drbg, "seedfile");
+        if (ret != 0) {
+            mbedtls_printf("failed in mbedtls_ctr_drbg_write_seed_file: %d\n", ret);
+            goto cleanup;
+        }
+    } else if (ret != 0) {
+        mbedtls_printf("failed in mbedtls_ctr_drbg_update_seed_file: %d\n", ret);
+        goto cleanup;
+    }
+#endif
+
+    for (i = 0, k = 768; i < k; i++) {
+        ret = mbedtls_ctr_drbg_random(&ctr_drbg, buf, sizeof(buf));
+        if (ret != 0) {
+            mbedtls_printf("failed!\n");
+            goto cleanup;
+        }
+
+        fwrite(buf, 1, sizeof(buf), f);
+
+        mbedtls_printf("Generating %ldkb of data in file '%s'... %04.1f" \
+                       "%% done\r",
+                       (long) (sizeof(buf) * k / 1024),
+                       argv[1],
+                       (100 * (float) (i + 1)) / k);
+        fflush(stdout);
+    }
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+cleanup:
+    mbedtls_printf("\n");
+
+    fclose(f);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_CTR_DRBG_C && MBEDTLS_ENTROPY_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/random/gen_random_havege.c b/3rdparty/mbedtls-2.28.7/programs/random/gen_random_havege.c
new file mode 100644
index 0000000..5d93a49
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/random/gen_random_havege.c
@@ -0,0 +1,85 @@
+/**
+ *  \brief Generate random data into a file
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_HAVEGE_C) && defined(MBEDTLS_FS_IO)
+#include "mbedtls/havege.h"
+
+#include <stdio.h>
+#include <time.h>
+#endif
+
+#if !defined(MBEDTLS_HAVEGE_C) || !defined(MBEDTLS_FS_IO)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_HAVEGE_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+
+int main(int argc, char *argv[])
+{
+    FILE *f;
+    time_t t;
+    int i, k, ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    mbedtls_havege_state hs;
+    unsigned char buf[1024];
+
+    if (argc < 2) {
+        mbedtls_fprintf(stderr, "usage: %s <output filename>\n", argv[0]);
+        mbedtls_exit(exit_code);
+    }
+
+    if ((f = fopen(argv[1], "wb+")) == NULL) {
+        mbedtls_printf("failed to open '%s' for writing.\n", argv[1]);
+        mbedtls_exit(exit_code);
+    }
+
+    mbedtls_havege_init(&hs);
+
+    t = time(NULL);
+
+    for (i = 0, k = 768; i < k; i++) {
+        if ((ret = mbedtls_havege_random(&hs, buf, sizeof(buf))) != 0) {
+            mbedtls_printf(" failed\n  !  mbedtls_havege_random returned -0x%04X",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+
+        fwrite(buf, sizeof(buf), 1, f);
+
+        mbedtls_printf("Generating %ldkb of data in file '%s'... %04.1f" \
+                       "%% done\r",
+                       (long) (sizeof(buf) * k / 1024),
+                       argv[1],
+                       (100 * (float) (i + 1)) / k);
+        fflush(stdout);
+    }
+
+    if (t == time(NULL)) {
+        t--;
+    }
+
+    mbedtls_printf(" \n ");
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+    mbedtls_havege_free(&hs);
+    fclose(f);
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_HAVEGE_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/ssl/CMakeLists.txt b/3rdparty/mbedtls-2.28.7/programs/ssl/CMakeLists.txt
new file mode 100644
index 0000000..dfc16a5
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/ssl/CMakeLists.txt
@@ -0,0 +1,54 @@
+set(THREADS_USE_PTHREADS_WIN32 true)
+find_package(Threads)
+
+set(libs
+    ${mbedtls_target}
+)
+
+if(USE_PKCS11_HELPER_LIBRARY)
+    set(libs ${libs} pkcs11-helper)
+endif(USE_PKCS11_HELPER_LIBRARY)
+
+if(ENABLE_ZLIB_SUPPORT)
+    set(libs ${libs} ${ZLIB_LIBRARIES})
+endif(ENABLE_ZLIB_SUPPORT)
+
+set(executables
+    dtls_client
+    dtls_server
+    mini_client
+    ssl_client1
+    ssl_client2
+    ssl_context_info
+    ssl_fork_server
+    ssl_mail_client
+    ssl_server
+    ssl_server2
+)
+
+foreach(exe IN LISTS executables)
+    set(extra_sources "")
+    if(exe STREQUAL "ssl_client2" OR exe STREQUAL "ssl_server2")
+        list(APPEND extra_sources
+            ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
+    endif()
+    add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>
+        ${extra_sources})
+    target_link_libraries(${exe} ${libs})
+    target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
+endforeach()
+
+set_property(TARGET ssl_client2 APPEND PROPERTY SOURCES
+    ssl_test_lib.c ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
+set_property(TARGET ssl_server2 APPEND PROPERTY SOURCES
+    ssl_test_lib.c ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
+
+if(THREADS_FOUND)
+    add_executable(ssl_pthread_server ssl_pthread_server.c $<TARGET_OBJECTS:mbedtls_test>)
+    target_link_libraries(ssl_pthread_server ${libs} ${CMAKE_THREAD_LIBS_INIT})
+    list(APPEND executables ssl_pthread_server)
+endif(THREADS_FOUND)
+
+install(TARGETS ${executables}
+        DESTINATION "bin"
+        PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/3rdparty/mbedtls-2.28.7/programs/ssl/dtls_client.c b/3rdparty/mbedtls-2.28.7/programs/ssl/dtls_client.c
new file mode 100644
index 0000000..05430f0
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/ssl/dtls_client.c
@@ -0,0 +1,348 @@
+/*
+ *  Simple DTLS client demonstration program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_SSL_CLI_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) ||    \
+    !defined(MBEDTLS_NET_C)  || !defined(MBEDTLS_TIMING_C) ||             \
+    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) ||        \
+    !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) ||      \
+    !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_SSL_CLI_C and/or MBEDTLS_SSL_PROTO_DTLS and/or "
+                   "MBEDTLS_NET_C and/or MBEDTLS_TIMING_C and/or "
+                   "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
+                   "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or "
+                   "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include <string.h>
+
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/debug.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/error.h"
+#include "mbedtls/certs.h"
+#include "mbedtls/timing.h"
+
+/* Uncomment out the following line to default to IPv4 and disable IPv6 */
+//#define FORCE_IPV4
+
+#define SERVER_PORT "4433"
+#define SERVER_NAME "localhost"
+
+#ifdef FORCE_IPV4
+#define SERVER_ADDR "127.0.0.1"     /* Forces IPv4 */
+#else
+#define SERVER_ADDR "::1"
+#endif
+
+#define MESSAGE     "Echo this"
+
+#define READ_TIMEOUT_MS 1000
+#define MAX_RETRY       5
+
+#define DEBUG_LEVEL 0
+
+
+static void my_debug(void *ctx, int level,
+                     const char *file, int line,
+                     const char *str)
+{
+    ((void) level);
+
+    mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str);
+    fflush((FILE *) ctx);
+}
+
+int main(int argc, char *argv[])
+{
+    int ret, len;
+    mbedtls_net_context server_fd;
+    uint32_t flags;
+    unsigned char buf[1024];
+    const char *pers = "dtls_client";
+    int retry_left = MAX_RETRY;
+
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    mbedtls_x509_crt cacert;
+    mbedtls_timing_delay_context timer;
+
+    ((void) argc);
+    ((void) argv);
+
+#if defined(MBEDTLS_DEBUG_C)
+    mbedtls_debug_set_threshold(DEBUG_LEVEL);
+#endif
+
+    /*
+     * 0. Initialize the RNG and the session data
+     */
+    mbedtls_net_init(&server_fd);
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_config_init(&conf);
+    mbedtls_x509_crt_init(&cacert);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    mbedtls_entropy_init(&entropy);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    mbedtls_printf("\n  . Seeding the random number generator...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                     (const unsigned char *) pers,
+                                     strlen(pers))) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 0. Load certificates
+     */
+    mbedtls_printf("  . Loading the CA root certificate ...");
+    fflush(stdout);
+
+    ret = mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem,
+                                 mbedtls_test_cas_pem_len);
+    if (ret < 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_x509_crt_parse returned -0x%x\n\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok (%d skipped)\n", ret);
+
+    /*
+     * 1. Start the connection
+     */
+    mbedtls_printf("  . Connecting to udp/%s/%s...", SERVER_NAME, SERVER_PORT);
+    fflush(stdout);
+
+    if ((ret = mbedtls_net_connect(&server_fd, SERVER_ADDR,
+                                   SERVER_PORT, MBEDTLS_NET_PROTO_UDP)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_connect returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 2. Setup stuff
+     */
+    mbedtls_printf("  . Setting up the DTLS structure...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ssl_config_defaults(&conf,
+                                           MBEDTLS_SSL_IS_CLIENT,
+                                           MBEDTLS_SSL_TRANSPORT_DATAGRAM,
+                                           MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret);
+        goto exit;
+    }
+
+    /* OPTIONAL is usually a bad choice for security, but makes interop easier
+     * in this simplified example, in which the ca chain is hardcoded.
+     * Production code should set a proper ca chain and use REQUIRED. */
+    mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
+    mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL);
+    mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
+    mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
+    mbedtls_ssl_conf_read_timeout(&conf, READ_TIMEOUT_MS);
+
+    if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_setup returned %d\n\n", ret);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_ssl_set_hostname(&ssl, SERVER_NAME)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_set_hostname returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_ssl_set_bio(&ssl, &server_fd,
+                        mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout);
+
+    mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay,
+                             mbedtls_timing_get_delay);
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 4. Handshake
+     */
+    mbedtls_printf("  . Performing the DTLS handshake...");
+    fflush(stdout);
+
+    do {
+        ret = mbedtls_ssl_handshake(&ssl);
+    } while (ret == MBEDTLS_ERR_SSL_WANT_READ ||
+             ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_handshake returned -0x%x\n\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 5. Verify the server certificate
+     */
+    mbedtls_printf("  . Verifying peer X.509 certificate...");
+
+    /* In real life, we would have used MBEDTLS_SSL_VERIFY_REQUIRED so that the
+     * handshake would not succeed if the peer's cert is bad.  Even if we used
+     * MBEDTLS_SSL_VERIFY_OPTIONAL, we would bail out here if ret != 0 */
+    if ((flags = mbedtls_ssl_get_verify_result(&ssl)) != 0) {
+        char vrfy_buf[512];
+
+        mbedtls_printf(" failed\n");
+
+        mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), "  ! ", flags);
+
+        mbedtls_printf("%s\n", vrfy_buf);
+    } else {
+        mbedtls_printf(" ok\n");
+    }
+
+    /*
+     * 6. Write the echo request
+     */
+send_request:
+    mbedtls_printf("  > Write to server:");
+    fflush(stdout);
+
+    len = sizeof(MESSAGE) - 1;
+
+    do {
+        ret = mbedtls_ssl_write(&ssl, (unsigned char *) MESSAGE, len);
+    } while (ret == MBEDTLS_ERR_SSL_WANT_READ ||
+             ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+
+    if (ret < 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_write returned %d\n\n", ret);
+        goto exit;
+    }
+
+    len = ret;
+    mbedtls_printf(" %d bytes written\n\n%s\n\n", len, MESSAGE);
+
+    /*
+     * 7. Read the echo response
+     */
+    mbedtls_printf("  < Read from server:");
+    fflush(stdout);
+
+    len = sizeof(buf) - 1;
+    memset(buf, 0, sizeof(buf));
+
+    do {
+        ret = mbedtls_ssl_read(&ssl, buf, len);
+    } while (ret == MBEDTLS_ERR_SSL_WANT_READ ||
+             ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+
+    if (ret <= 0) {
+        switch (ret) {
+            case MBEDTLS_ERR_SSL_TIMEOUT:
+                mbedtls_printf(" timeout\n\n");
+                if (retry_left-- > 0) {
+                    goto send_request;
+                }
+                goto exit;
+
+            case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
+                mbedtls_printf(" connection was closed gracefully\n");
+                goto close_notify;
+
+            default:
+                mbedtls_printf(" mbedtls_ssl_read returned -0x%x\n\n", (unsigned int) -ret);
+                goto exit;
+        }
+    }
+
+    len = ret;
+    mbedtls_printf(" %d bytes read\n\n%s\n\n", len, buf);
+
+    /*
+     * 8. Done, cleanly close the connection
+     */
+close_notify:
+    mbedtls_printf("  . Closing the connection...");
+
+    /* No error checking, the connection might be closed already */
+    do {
+        ret = mbedtls_ssl_close_notify(&ssl);
+    } while (ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+    ret = 0;
+
+    mbedtls_printf(" done\n");
+
+    /*
+     * 9. Final clean-ups and exit
+     */
+exit:
+
+#ifdef MBEDTLS_ERROR_C
+    if (ret != 0) {
+        char error_buf[100];
+        mbedtls_strerror(ret, error_buf, 100);
+        mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf);
+    }
+#endif
+
+    mbedtls_net_free(&server_fd);
+    mbedtls_x509_crt_free(&cacert);
+    mbedtls_ssl_free(&ssl);
+    mbedtls_ssl_config_free(&conf);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    /* Shell can not handle large exit numbers -> 1 for errors */
+    if (ret < 0) {
+        ret = 1;
+    }
+
+    mbedtls_exit(ret);
+}
+#endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_NET_C &&
+          MBEDTLS_TIMING_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
+          MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_RSA_C && MBEDTLS_CERTS_C &&
+          MBEDTLS_PEM_PARSE_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/ssl/dtls_server.c b/3rdparty/mbedtls-2.28.7/programs/ssl/dtls_server.c
new file mode 100644
index 0000000..e3b90b1
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/ssl/dtls_server.c
@@ -0,0 +1,413 @@
+/*
+ *  Simple DTLS server demonstration program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+/* Uncomment out the following line to default to IPv4 and disable IPv6 */
+//#define FORCE_IPV4
+
+#ifdef FORCE_IPV4
+#define BIND_IP     "0.0.0.0"     /* Forces IPv4 */
+#else
+#define BIND_IP     "::"
+#endif
+
+#if !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) ||    \
+    !defined(MBEDTLS_SSL_COOKIE_C) || !defined(MBEDTLS_NET_C) ||          \
+    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) ||        \
+    !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) ||      \
+    !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) ||         \
+    !defined(MBEDTLS_TIMING_C)
+
+int main(void)
+{
+    printf("MBEDTLS_SSL_SRV_C and/or MBEDTLS_SSL_PROTO_DTLS and/or "
+           "MBEDTLS_SSL_COOKIE_C and/or MBEDTLS_NET_C and/or "
+           "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
+           "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or "
+           "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C and/or "
+           "MBEDTLS_TIMING_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#if defined(_WIN32)
+#include <windows.h>
+#endif
+
+#include <string.h>
+#include <stdlib.h>
+#include <stdio.h>
+
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/certs.h"
+#include "mbedtls/x509.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/ssl_cookie.h"
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/error.h"
+#include "mbedtls/debug.h"
+#include "mbedtls/timing.h"
+
+#if defined(MBEDTLS_SSL_CACHE_C)
+#include "mbedtls/ssl_cache.h"
+#endif
+
+#define READ_TIMEOUT_MS 10000   /* 10 seconds */
+#define DEBUG_LEVEL 0
+
+
+static void my_debug(void *ctx, int level,
+                     const char *file, int line,
+                     const char *str)
+{
+    ((void) level);
+
+    mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str);
+    fflush((FILE *) ctx);
+}
+
+int main(void)
+{
+    int ret, len;
+    mbedtls_net_context listen_fd, client_fd;
+    unsigned char buf[1024];
+    const char *pers = "dtls_server";
+    unsigned char client_ip[16] = { 0 };
+    size_t cliip_len;
+    mbedtls_ssl_cookie_ctx cookie_ctx;
+
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    mbedtls_x509_crt srvcert;
+    mbedtls_pk_context pkey;
+    mbedtls_timing_delay_context timer;
+#if defined(MBEDTLS_SSL_CACHE_C)
+    mbedtls_ssl_cache_context cache;
+#endif
+
+    mbedtls_net_init(&listen_fd);
+    mbedtls_net_init(&client_fd);
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_config_init(&conf);
+    mbedtls_ssl_cookie_init(&cookie_ctx);
+#if defined(MBEDTLS_SSL_CACHE_C)
+    mbedtls_ssl_cache_init(&cache);
+#endif
+    mbedtls_x509_crt_init(&srvcert);
+    mbedtls_pk_init(&pkey);
+    mbedtls_entropy_init(&entropy);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_DEBUG_C)
+    mbedtls_debug_set_threshold(DEBUG_LEVEL);
+#endif
+
+    /*
+     * 1. Load the certificates and private RSA key
+     */
+    printf("\n  . Loading the server cert. and key...");
+    fflush(stdout);
+
+    /*
+     * This demonstration program uses embedded test certificates.
+     * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the
+     * server and CA certificates, as well as mbedtls_pk_parse_keyfile().
+     */
+    ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt,
+                                 mbedtls_test_srv_crt_len);
+    if (ret != 0) {
+        printf(" failed\n  !  mbedtls_x509_crt_parse returned %d\n\n", ret);
+        goto exit;
+    }
+
+    ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_cas_pem,
+                                 mbedtls_test_cas_pem_len);
+    if (ret != 0) {
+        printf(" failed\n  !  mbedtls_x509_crt_parse returned %d\n\n", ret);
+        goto exit;
+    }
+
+    ret =  mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key,
+                                mbedtls_test_srv_key_len, NULL, 0);
+    if (ret != 0) {
+        printf(" failed\n  !  mbedtls_pk_parse_key returned %d\n\n", ret);
+        goto exit;
+    }
+
+    printf(" ok\n");
+
+    /*
+     * 2. Setup the "listening" UDP socket
+     */
+    printf("  . Bind on udp/*/4433 ...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_net_bind(&listen_fd, BIND_IP, "4433", MBEDTLS_NET_PROTO_UDP)) != 0) {
+        printf(" failed\n  ! mbedtls_net_bind returned %d\n\n", ret);
+        goto exit;
+    }
+
+    printf(" ok\n");
+
+    /*
+     * 3. Seed the RNG
+     */
+    printf("  . Seeding the random number generator...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                     (const unsigned char *) pers,
+                                     strlen(pers))) != 0) {
+        printf(" failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret);
+        goto exit;
+    }
+
+    printf(" ok\n");
+
+    /*
+     * 4. Setup stuff
+     */
+    printf("  . Setting up the DTLS data...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ssl_config_defaults(&conf,
+                                           MBEDTLS_SSL_IS_SERVER,
+                                           MBEDTLS_SSL_TRANSPORT_DATAGRAM,
+                                           MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
+    mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
+    mbedtls_ssl_conf_read_timeout(&conf, READ_TIMEOUT_MS);
+
+#if defined(MBEDTLS_SSL_CACHE_C)
+    mbedtls_ssl_conf_session_cache(&conf, &cache,
+                                   mbedtls_ssl_cache_get,
+                                   mbedtls_ssl_cache_set);
+#endif
+
+    mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL);
+    if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey)) != 0) {
+        printf(" failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_ssl_cookie_setup(&cookie_ctx,
+                                        mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+        printf(" failed\n  ! mbedtls_ssl_cookie_setup returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_ssl_conf_dtls_cookies(&conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
+                                  &cookie_ctx);
+
+    if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {
+        printf(" failed\n  ! mbedtls_ssl_setup returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay,
+                             mbedtls_timing_get_delay);
+
+    printf(" ok\n");
+
+reset:
+#ifdef MBEDTLS_ERROR_C
+    if (ret != 0) {
+        char error_buf[100];
+        mbedtls_strerror(ret, error_buf, 100);
+        printf("Last error was: %d - %s\n\n", ret, error_buf);
+    }
+#endif
+
+    mbedtls_net_free(&client_fd);
+
+    mbedtls_ssl_session_reset(&ssl);
+
+    /*
+     * 3. Wait until a client connects
+     */
+    printf("  . Waiting for a remote connection ...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_net_accept(&listen_fd, &client_fd,
+                                  client_ip, sizeof(client_ip), &cliip_len)) != 0) {
+        printf(" failed\n  ! mbedtls_net_accept returned %d\n\n", ret);
+        goto exit;
+    }
+
+    /* For HelloVerifyRequest cookies */
+    if ((ret = mbedtls_ssl_set_client_transport_id(&ssl,
+                                                   client_ip, cliip_len)) != 0) {
+        printf(" failed\n  ! "
+               "mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", (unsigned int) -ret);
+        goto exit;
+    }
+
+    mbedtls_ssl_set_bio(&ssl, &client_fd,
+                        mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout);
+
+    printf(" ok\n");
+
+    /*
+     * 5. Handshake
+     */
+    printf("  . Performing the DTLS handshake...");
+    fflush(stdout);
+
+    do {
+        ret = mbedtls_ssl_handshake(&ssl);
+    } while (ret == MBEDTLS_ERR_SSL_WANT_READ ||
+             ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+
+    if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) {
+        printf(" hello verification requested\n");
+        ret = 0;
+        goto reset;
+    } else if (ret != 0) {
+        printf(" failed\n  ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret);
+        goto reset;
+    }
+
+    printf(" ok\n");
+
+    /*
+     * 6. Read the echo Request
+     */
+    printf("  < Read from client:");
+    fflush(stdout);
+
+    len = sizeof(buf) - 1;
+    memset(buf, 0, sizeof(buf));
+
+    do {
+        ret = mbedtls_ssl_read(&ssl, buf, len);
+    } while (ret == MBEDTLS_ERR_SSL_WANT_READ ||
+             ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+
+    if (ret <= 0) {
+        switch (ret) {
+            case MBEDTLS_ERR_SSL_TIMEOUT:
+                printf(" timeout\n\n");
+                goto reset;
+
+            case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
+                printf(" connection was closed gracefully\n");
+                goto close_notify;
+
+            default:
+                printf(" mbedtls_ssl_read returned -0x%x\n\n", (unsigned int) -ret);
+                goto reset;
+        }
+    }
+
+    len = ret;
+    printf(" %d bytes read\n\n%s\n\n", len, buf);
+
+    /*
+     * 7. Write the 200 Response
+     */
+    printf("  > Write to client:");
+    fflush(stdout);
+
+    do {
+        ret = mbedtls_ssl_write(&ssl, buf, len);
+    } while (ret == MBEDTLS_ERR_SSL_WANT_READ ||
+             ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+
+    if (ret < 0) {
+        printf(" failed\n  ! mbedtls_ssl_write returned %d\n\n", ret);
+        goto exit;
+    }
+
+    len = ret;
+    printf(" %d bytes written\n\n%s\n\n", len, buf);
+
+    /*
+     * 8. Done, cleanly close the connection
+     */
+close_notify:
+    printf("  . Closing the connection...");
+
+    /* No error checking, the connection might be closed already */
+    do {
+        ret = mbedtls_ssl_close_notify(&ssl);
+    } while (ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+    ret = 0;
+
+    printf(" done\n");
+
+    goto reset;
+
+    /*
+     * Final clean-ups and exit
+     */
+exit:
+
+#ifdef MBEDTLS_ERROR_C
+    if (ret != 0) {
+        char error_buf[100];
+        mbedtls_strerror(ret, error_buf, 100);
+        printf("Last error was: %d - %s\n\n", ret, error_buf);
+    }
+#endif
+
+    mbedtls_net_free(&client_fd);
+    mbedtls_net_free(&listen_fd);
+
+    mbedtls_x509_crt_free(&srvcert);
+    mbedtls_pk_free(&pkey);
+    mbedtls_ssl_free(&ssl);
+    mbedtls_ssl_config_free(&conf);
+    mbedtls_ssl_cookie_free(&cookie_ctx);
+#if defined(MBEDTLS_SSL_CACHE_C)
+    mbedtls_ssl_cache_free(&cache);
+#endif
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(_WIN32)
+    printf("  Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    /* Shell can not handle large exit numbers -> 1 for errors */
+    if (ret < 0) {
+        ret = 1;
+    }
+
+    mbedtls_exit(ret);
+}
+#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_PROTO_DTLS &&
+          MBEDTLS_SSL_COOKIE_C && MBEDTLS_NET_C && MBEDTLS_ENTROPY_C &&
+          MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_RSA_C
+          && MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C && MBEDTLS_TIMING_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/ssl/mini_client.c b/3rdparty/mbedtls-2.28.7/programs/ssl/mini_client.c
new file mode 100644
index 0000000..8c7dcfa
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/ssl/mini_client.c
@@ -0,0 +1,278 @@
+/*
+ *  Minimal SSL client, used for memory measurements.
+ *  (meant to be used with config-suite-b.h or config-ccm-psk-tls1_2.h)
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+/*
+ * We're creating and connecting the socket "manually" rather than using the
+ * NET module, in order to avoid the overhead of getaddrinfo() which tends to
+ * dominate memory usage in small configurations. For the sake of simplicity,
+ * only a Unix version is implemented.
+ *
+ * Warning: we are breaking some of the abstractions from the NET layer here.
+ * This is not a good example for general use. This programs has the specific
+ * goal of minimizing use of the libc functions on full-blown OSes.
+ */
+#if defined(unix) || defined(__unix__) || defined(__unix) || defined(__APPLE__)
+#define UNIX
+#endif
+
+#if !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_ENTROPY_C) || \
+    !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_SSL_CLI_C) || \
+    !defined(UNIX)
+
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or "
+                   "MBEDTLS_NET_C and/or MBEDTLS_SSL_CLI_C and/or UNIX "
+                   "not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include <string.h>
+
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+/*
+ * Hardcoded values for server host and port
+ */
+#define PORT_BE 0x1151      /* 4433 */
+#define PORT_LE 0x5111
+#define ADDR_BE 0x7f000001  /* 127.0.0.1 */
+#define ADDR_LE 0x0100007f
+#define HOSTNAME "localhost" /* for cert verification if enabled */
+
+#define GET_REQUEST "GET / HTTP/1.0\r\n\r\n"
+
+const char *pers = "mini_client";
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+const unsigned char psk[] = {
+    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
+};
+const char psk_id[] = "Client_identity";
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+/* This is tests/data_files/test-ca2.crt, a CA using EC secp384r1 */
+const unsigned char ca_cert[] = {
+    0x30, 0x82, 0x02, 0x52, 0x30, 0x82, 0x01, 0xd7, 0xa0, 0x03, 0x02, 0x01,
+    0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8,
+    0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02,
+    0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
+    0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a,
+    0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c,
+    0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c,
+    0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45,
+    0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x33, 0x30, 0x39,
+    0x32, 0x34, 0x31, 0x35, 0x34, 0x39, 0x34, 0x38, 0x5a, 0x17, 0x0d, 0x32,
+    0x33, 0x30, 0x39, 0x32, 0x32, 0x31, 0x35, 0x34, 0x39, 0x34, 0x38, 0x5a,
+    0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
+    0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a,
+    0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c,
+    0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c,
+    0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45,
+    0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86,
+    0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22,
+    0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37, 0x58, 0x2f,
+    0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e, 0xe0, 0x6e,
+    0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4, 0x91, 0x95,
+    0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc, 0x1a, 0x95,
+    0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf, 0xd6, 0x6a,
+    0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca, 0xe8, 0xb2,
+    0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75, 0xa7, 0x47,
+    0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20, 0xb4, 0x66,
+    0x16, 0x60, 0x33, 0x1e, 0xa3, 0x81, 0xa0, 0x30, 0x81, 0x9d, 0x30, 0x1d,
+    0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x9d, 0x6d, 0x20,
+    0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24,
+    0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23,
+    0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01,
+    0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb,
+    0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09,
+    0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30,
+    0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61,
+    0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04,
+    0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20,
+    0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09,
+    0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0c, 0x06,
+    0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30,
+    0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03,
+    0x69, 0x00, 0x30, 0x66, 0x02, 0x31, 0x00, 0xc3, 0xb4, 0x62, 0x73, 0x56,
+    0x28, 0x95, 0x00, 0x7d, 0x78, 0x12, 0x26, 0xd2, 0x71, 0x7b, 0x19, 0xf8,
+    0x8a, 0x98, 0x3e, 0x92, 0xfe, 0x33, 0x9e, 0xe4, 0x79, 0xd2, 0xfe, 0x7a,
+    0xb7, 0x87, 0x74, 0x3c, 0x2b, 0xb8, 0xd7, 0x69, 0x94, 0x0b, 0xa3, 0x67,
+    0x77, 0xb8, 0xb3, 0xbe, 0xd1, 0x36, 0x32, 0x02, 0x31, 0x00, 0xfd, 0x67,
+    0x9c, 0x94, 0x23, 0x67, 0xc0, 0x56, 0xba, 0x4b, 0x33, 0x15, 0x00, 0xc6,
+    0xe3, 0xcc, 0x31, 0x08, 0x2c, 0x9c, 0x8b, 0xda, 0xa9, 0x75, 0x23, 0x2f,
+    0xb8, 0x28, 0xe7, 0xf2, 0x9c, 0x14, 0x3a, 0x40, 0x01, 0x5c, 0xaf, 0x0c,
+    0xb2, 0xcf, 0x74, 0x7f, 0x30, 0x9f, 0x08, 0x43, 0xad, 0x20,
+};
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+enum exit_codes {
+    exit_ok = 0,
+    ctr_drbg_seed_failed,
+    ssl_config_defaults_failed,
+    ssl_setup_failed,
+    hostname_failed,
+    socket_failed,
+    connect_failed,
+    x509_crt_parse_failed,
+    ssl_handshake_failed,
+    ssl_write_failed,
+};
+
+
+int main(void)
+{
+    int ret = exit_ok;
+    mbedtls_net_context server_fd;
+    struct sockaddr_in addr;
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    mbedtls_x509_crt ca;
+#endif
+
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+
+    /*
+     * 0. Initialize and setup stuff
+     */
+    mbedtls_net_init(&server_fd);
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_config_init(&conf);
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    mbedtls_x509_crt_init(&ca);
+#endif
+    mbedtls_entropy_init(&entropy);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if (mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                              (const unsigned char *) pers, strlen(pers)) != 0) {
+        ret = ctr_drbg_seed_failed;
+        goto exit;
+    }
+
+    if (mbedtls_ssl_config_defaults(&conf,
+                                    MBEDTLS_SSL_IS_CLIENT,
+                                    MBEDTLS_SSL_TRANSPORT_STREAM,
+                                    MBEDTLS_SSL_PRESET_DEFAULT) != 0) {
+        ret = ssl_config_defaults_failed;
+        goto exit;
+    }
+
+    mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+    mbedtls_ssl_conf_psk(&conf, psk, sizeof(psk),
+                         (const unsigned char *) psk_id, sizeof(psk_id) - 1);
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    if (mbedtls_x509_crt_parse_der(&ca, ca_cert, sizeof(ca_cert)) != 0) {
+        ret = x509_crt_parse_failed;
+        goto exit;
+    }
+
+    mbedtls_ssl_conf_ca_chain(&conf, &ca, NULL);
+    mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_REQUIRED);
+#endif
+
+    if (mbedtls_ssl_setup(&ssl, &conf) != 0) {
+        ret = ssl_setup_failed;
+        goto exit;
+    }
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    if (mbedtls_ssl_set_hostname(&ssl, HOSTNAME) != 0) {
+        ret = hostname_failed;
+        goto exit;
+    }
+#endif
+
+    /*
+     * 1. Start the connection
+     */
+    memset(&addr, 0, sizeof(addr));
+    addr.sin_family = AF_INET;
+
+    ret = 1; /* for endianness detection */
+    addr.sin_port = *((char *) &ret) == ret ? PORT_LE : PORT_BE;
+    addr.sin_addr.s_addr = *((char *) &ret) == ret ? ADDR_LE : ADDR_BE;
+    ret = 0;
+
+    if ((server_fd.fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
+        ret = socket_failed;
+        goto exit;
+    }
+
+    if (connect(server_fd.fd,
+                (const struct sockaddr *) &addr, sizeof(addr)) < 0) {
+        ret = connect_failed;
+        goto exit;
+    }
+
+    mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL);
+
+    if (mbedtls_ssl_handshake(&ssl) != 0) {
+        ret = ssl_handshake_failed;
+        goto exit;
+    }
+
+    /*
+     * 2. Write the GET request and close the connection
+     */
+    if (mbedtls_ssl_write(&ssl, (const unsigned char *) GET_REQUEST,
+                          sizeof(GET_REQUEST) - 1) <= 0) {
+        ret = ssl_write_failed;
+        goto exit;
+    }
+
+    mbedtls_ssl_close_notify(&ssl);
+
+exit:
+    mbedtls_net_free(&server_fd);
+    mbedtls_ssl_free(&ssl);
+    mbedtls_ssl_config_free(&conf);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    mbedtls_x509_crt_free(&ca);
+#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    mbedtls_exit(ret);
+}
+#endif
diff --git a/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_client1.c b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_client1.c
new file mode 100644
index 0000000..401b259
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_client1.c
@@ -0,0 +1,294 @@
+/*
+ *  SSL client demonstration program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) ||  \
+    !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
+    !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) ||         \
+    !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) || \
+    !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
+                   "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
+                   "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
+                   "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
+                   "not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/debug.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/error.h"
+#include "mbedtls/certs.h"
+
+#include <string.h>
+
+#define SERVER_PORT "4433"
+#define SERVER_NAME "localhost"
+#define GET_REQUEST "GET / HTTP/1.0\r\n\r\n"
+
+#define DEBUG_LEVEL 1
+
+
+static void my_debug(void *ctx, int level,
+                     const char *file, int line,
+                     const char *str)
+{
+    ((void) level);
+
+    mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str);
+    fflush((FILE *) ctx);
+}
+
+int main(void)
+{
+    int ret = 1, len;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    mbedtls_net_context server_fd;
+    uint32_t flags;
+    unsigned char buf[1024];
+    const char *pers = "ssl_client1";
+
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    mbedtls_x509_crt cacert;
+
+#if defined(MBEDTLS_DEBUG_C)
+    mbedtls_debug_set_threshold(DEBUG_LEVEL);
+#endif
+
+    /*
+     * 0. Initialize the RNG and the session data
+     */
+    mbedtls_net_init(&server_fd);
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_config_init(&conf);
+    mbedtls_x509_crt_init(&cacert);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    mbedtls_entropy_init(&entropy);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    mbedtls_printf("\n  . Seeding the random number generator...");
+    fflush(stdout);
+
+
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                     (const unsigned char *) pers,
+                                     strlen(pers))) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 0. Initialize certificates
+     */
+    mbedtls_printf("  . Loading the CA root certificate ...");
+    fflush(stdout);
+
+    ret = mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem,
+                                 mbedtls_test_cas_pem_len);
+    if (ret < 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_x509_crt_parse returned -0x%x\n\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok (%d skipped)\n", ret);
+
+    /*
+     * 1. Start the connection
+     */
+    mbedtls_printf("  . Connecting to tcp/%s/%s...", SERVER_NAME, SERVER_PORT);
+    fflush(stdout);
+
+    if ((ret = mbedtls_net_connect(&server_fd, SERVER_NAME,
+                                   SERVER_PORT, MBEDTLS_NET_PROTO_TCP)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_connect returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 2. Setup stuff
+     */
+    mbedtls_printf("  . Setting up the SSL/TLS structure...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ssl_config_defaults(&conf,
+                                           MBEDTLS_SSL_IS_CLIENT,
+                                           MBEDTLS_SSL_TRANSPORT_STREAM,
+                                           MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /* OPTIONAL is not optimal for security,
+     * but makes interop easier in this simplified example */
+    mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
+    mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL);
+    mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
+    mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
+
+    if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_setup returned %d\n\n", ret);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_ssl_set_hostname(&ssl, SERVER_NAME)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_set_hostname returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL);
+
+    /*
+     * 4. Handshake
+     */
+    mbedtls_printf("  . Performing the SSL/TLS handshake...");
+    fflush(stdout);
+
+    while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) {
+        if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_handshake returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 5. Verify the server certificate
+     */
+    mbedtls_printf("  . Verifying peer X.509 certificate...");
+
+    /* In real life, we probably want to bail out when ret != 0 */
+    if ((flags = mbedtls_ssl_get_verify_result(&ssl)) != 0) {
+        char vrfy_buf[512];
+
+        mbedtls_printf(" failed\n");
+
+        mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), "  ! ", flags);
+
+        mbedtls_printf("%s\n", vrfy_buf);
+    } else {
+        mbedtls_printf(" ok\n");
+    }
+
+    /*
+     * 3. Write the GET request
+     */
+    mbedtls_printf("  > Write to server:");
+    fflush(stdout);
+
+    len = sprintf((char *) buf, GET_REQUEST);
+
+    while ((ret = mbedtls_ssl_write(&ssl, buf, len)) <= 0) {
+        if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_write returned %d\n\n", ret);
+            goto exit;
+        }
+    }
+
+    len = ret;
+    mbedtls_printf(" %d bytes written\n\n%s", len, (char *) buf);
+
+    /*
+     * 7. Read the HTTP response
+     */
+    mbedtls_printf("  < Read from server:");
+    fflush(stdout);
+
+    do {
+        len = sizeof(buf) - 1;
+        memset(buf, 0, sizeof(buf));
+        ret = mbedtls_ssl_read(&ssl, buf, len);
+
+        if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
+            continue;
+        }
+
+        if (ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) {
+            break;
+        }
+
+        if (ret < 0) {
+            mbedtls_printf("failed\n  ! mbedtls_ssl_read returned %d\n\n", ret);
+            break;
+        }
+
+        if (ret == 0) {
+            mbedtls_printf("\n\nEOF\n\n");
+            break;
+        }
+
+        len = ret;
+        mbedtls_printf(" %d bytes read\n\n%s", len, (char *) buf);
+    } while (1);
+
+    mbedtls_ssl_close_notify(&ssl);
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+
+#ifdef MBEDTLS_ERROR_C
+    if (exit_code != MBEDTLS_EXIT_SUCCESS) {
+        char error_buf[100];
+        mbedtls_strerror(ret, error_buf, 100);
+        mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf);
+    }
+#endif
+
+    mbedtls_net_free(&server_fd);
+    mbedtls_x509_crt_free(&cacert);
+    mbedtls_ssl_free(&ssl);
+    mbedtls_ssl_config_free(&conf);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
+          MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
+          MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C && MBEDTLS_CTR_DRBG_C &&
+          MBEDTLS_X509_CRT_PARSE_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_client2.c b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_client2.c
new file mode 100644
index 0000000..4b4a652
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_client2.c
@@ -0,0 +1,2890 @@
+/*
+ *  SSL client with certificate authentication
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "ssl_test_lib.h"
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "test/psa_crypto_helpers.h"
+#endif
+
+#if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE)
+int main(void)
+{
+    mbedtls_printf(MBEDTLS_SSL_TEST_IMPOSSIBLE);
+    mbedtls_exit(0);
+}
+#elif !defined(MBEDTLS_SSL_CLI_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_SSL_CLI_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_CLI_C */
+
+/* Size of memory to be allocated for the heap, when using the library's memory
+ * management and MBEDTLS_MEMORY_BUFFER_ALLOC_C is enabled. */
+#define MEMORY_HEAP_SIZE      120000
+
+#define MAX_REQUEST_SIZE      20000
+#define MAX_REQUEST_SIZE_STR "20000"
+
+#define DFL_SERVER_NAME         "localhost"
+#define DFL_SERVER_ADDR         NULL
+#define DFL_SERVER_PORT         "4433"
+#define DFL_REQUEST_PAGE        "/"
+#define DFL_REQUEST_SIZE        -1
+#define DFL_DEBUG_LEVEL         0
+#define DFL_CONTEXT_CRT_CB      0
+#define DFL_NBIO                0
+#define DFL_EVENT               0
+#define DFL_READ_TIMEOUT        0
+#define DFL_MAX_RESEND          0
+#define DFL_CA_FILE             ""
+#define DFL_CA_PATH             ""
+#define DFL_CRT_FILE            ""
+#define DFL_KEY_FILE            ""
+#define DFL_KEY_OPAQUE          0
+#define DFL_KEY_PWD             ""
+#define DFL_PSK                 ""
+#define DFL_PSK_OPAQUE          0
+#define DFL_PSK_IDENTITY        "Client_identity"
+#define DFL_ECJPAKE_PW          NULL
+#define DFL_EC_MAX_OPS          -1
+#define DFL_FORCE_CIPHER        0
+#define DFL_RENEGOTIATION       MBEDTLS_SSL_RENEGOTIATION_DISABLED
+#define DFL_ALLOW_LEGACY        -2
+#define DFL_RENEGOTIATE         0
+#define DFL_EXCHANGES           1
+#define DFL_MIN_VERSION         -1
+#define DFL_MAX_VERSION         -1
+#define DFL_ARC4                -1
+#define DFL_SHA1                -1
+#define DFL_AUTH_MODE           -1
+#define DFL_MFL_CODE            MBEDTLS_SSL_MAX_FRAG_LEN_NONE
+#define DFL_TRUNC_HMAC          -1
+#define DFL_RECSPLIT            -1
+#define DFL_DHMLEN              -1
+#define DFL_RECONNECT           0
+#define DFL_RECO_DELAY          0
+#define DFL_RECO_MODE           1
+#define DFL_CID_ENABLED         0
+#define DFL_CID_VALUE           ""
+#define DFL_CID_ENABLED_RENEGO  -1
+#define DFL_CID_VALUE_RENEGO    NULL
+#define DFL_RECONNECT_HARD      0
+#define DFL_TICKETS             MBEDTLS_SSL_SESSION_TICKETS_ENABLED
+#define DFL_ALPN_STRING         NULL
+#define DFL_CURVES              NULL
+#define DFL_TRANSPORT           MBEDTLS_SSL_TRANSPORT_STREAM
+#define DFL_HS_TO_MIN           0
+#define DFL_HS_TO_MAX           0
+#define DFL_DTLS_MTU            -1
+#define DFL_DGRAM_PACKING        1
+#define DFL_FALLBACK            -1
+#define DFL_EXTENDED_MS         -1
+#define DFL_ETM                 -1
+#define DFL_SERIALIZE           0
+#define DFL_CONTEXT_FILE        ""
+#define DFL_EXTENDED_MS_ENFORCE -1
+#define DFL_CA_CALLBACK         0
+#define DFL_EAP_TLS             0
+#define DFL_REPRODUCIBLE        0
+#define DFL_NSS_KEYLOG          0
+#define DFL_NSS_KEYLOG_FILE     NULL
+#define DFL_SKIP_CLOSE_NOTIFY   0
+#define DFL_QUERY_CONFIG_MODE   0
+#define DFL_USE_SRTP            0
+#define DFL_SRTP_FORCE_PROFILE  0
+#define DFL_SRTP_MKI            ""
+
+#define GET_REQUEST "GET %s HTTP/1.0\r\nExtra-header: "
+#define GET_REQUEST_END "\r\n\r\n"
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+#define USAGE_CONTEXT_CRT_CB \
+    "    context_crt_cb=%%d   This determines whether the CRT verification callback is bound\n" \
+    "                        to the SSL configuration of the SSL context.\n" \
+    "                        Possible values:\n" \
+    "                        - 0 (default): Use CRT callback bound to configuration\n" \
+    "                        - 1: Use CRT callback bound to SSL context\n"
+#else
+#define USAGE_CONTEXT_CRT_CB ""
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+#if defined(MBEDTLS_FS_IO)
+#define USAGE_IO \
+    "    ca_file=%%s          The single file containing the top-level CA(s) you fully trust\n" \
+    "                        default: \"\" (pre-loaded)\n" \
+    "                        use \"none\" to skip loading any top-level CAs.\n" \
+    "    ca_path=%%s          The path containing the top-level CA(s) you fully trust\n" \
+    "                        default: \"\" (pre-loaded) (overrides ca_file)\n" \
+    "                        use \"none\" to skip loading any top-level CAs.\n" \
+    "    crt_file=%%s         Your own cert and chain (in bottom to top order, top may be omitted)\n" \
+    "                        default: \"\" (pre-loaded)\n" \
+    "    key_file=%%s         default: \"\" (pre-loaded)\n" \
+    "    key_pwd=%%s          Password for key specified by key_file argument\n" \
+    "                        default: none\n"
+#else
+#define USAGE_IO \
+    "    No file operations available (MBEDTLS_FS_IO not defined)\n"
+#endif /* MBEDTLS_FS_IO */
+#else /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+#define USAGE_IO ""
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+#define USAGE_KEY_OPAQUE \
+    "    key_opaque=%%d       Handle your private key as if it were opaque\n" \
+    "                        default: 0 (disabled)\n"
+#else
+#define USAGE_KEY_OPAQUE ""
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+#define USAGE_CID \
+    "    cid=%%d             Disable (0) or enable (1) the use of the DTLS Connection ID extension.\n" \
+    "                       default: 0 (disabled)\n"     \
+    "    cid_renego=%%d      Disable (0) or enable (1) the use of the DTLS Connection ID extension during renegotiation.\n" \
+    "                       default: same as 'cid' parameter\n"     \
+    "    cid_val=%%s          The CID to use for incoming messages (in hex, without 0x).\n"  \
+    "                        default: \"\"\n" \
+    "    cid_val_renego=%%s   The CID to use for incoming messages (in hex, without 0x) after renegotiation.\n"  \
+    "                        default: same as 'cid_val' parameter\n"
+#else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+#define USAGE_CID ""
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+#define USAGE_PSK_RAW                                               \
+    "    psk=%%s              default: \"\" (disabled)\n"     \
+    "                          The PSK values are in hex, without 0x.\n" \
+    "    psk_identity=%%s     default: \"Client_identity\"\n"
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#define USAGE_PSK_SLOT                          \
+    "    psk_opaque=%%d       default: 0 (don't use opaque static PSK)\n"     \
+    "                          Enable this to store the PSK configured through command line\n" \
+    "                          parameter `psk` in a PSA-based key slot.\n" \
+    "                          Note: Currently only supported in conjunction with\n"                  \
+    "                          the use of min_version to force TLS 1.2 and force_ciphersuite \n"      \
+    "                          to force a particular PSK-only ciphersuite.\n"                         \
+    "                          Note: This is to test integration of PSA-based opaque PSKs with\n"     \
+    "                          Mbed TLS only. Production systems are likely to configure Mbed TLS\n"  \
+    "                          with prepopulated key slots instead of importing raw key material.\n"
+#else
+#define USAGE_PSK_SLOT ""
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#define USAGE_PSK USAGE_PSK_RAW USAGE_PSK_SLOT
+#else
+#define USAGE_PSK ""
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+#define USAGE_CA_CALLBACK                       \
+    "   ca_callback=%%d       default: 0 (disabled)\n"      \
+    "                         Enable this to use the trusted certificate callback function\n"
+#else
+#define USAGE_CA_CALLBACK ""
+#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+#define USAGE_TICKETS                                       \
+    "    tickets=%%d          default: 1 (enabled)\n"
+#else
+#define USAGE_TICKETS ""
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+#define USAGE_EAP_TLS                                       \
+    "    eap_tls=%%d          default: 0 (disabled)\n"
+#define USAGE_NSS_KEYLOG                                    \
+    "    nss_keylog=%%d          default: 0 (disabled)\n"               \
+    "                             This cannot be used with eap_tls=1\n"
+#define USAGE_NSS_KEYLOG_FILE                               \
+    "    nss_keylog_file=%%s\n"
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+#define USAGE_SRTP \
+    "    use_srtp=%%d         default: 0 (disabled)\n" \
+    "                          This cannot be used with eap_tls=1 or " \
+    "                          nss_keylog=1\n"             \
+    "    srtp_force_profile=%%d  default: 0 (all enabled)\n"   \
+    "                        available profiles:\n"       \
+    "                        1 - SRTP_AES128_CM_HMAC_SHA1_80\n"  \
+    "                        2 - SRTP_AES128_CM_HMAC_SHA1_32\n"  \
+    "                        3 - SRTP_NULL_HMAC_SHA1_80\n"       \
+    "                        4 - SRTP_NULL_HMAC_SHA1_32\n"       \
+    "    mki=%%s              default: \"\" (in hex, without 0x)\n"
+#else /* MBEDTLS_SSL_DTLS_SRTP */
+#define USAGE_SRTP ""
+#endif
+#else /* MBEDTLS_SSL_EXPORT_KEYS */
+#define USAGE_EAP_TLS ""
+#define USAGE_NSS_KEYLOG ""
+#define USAGE_NSS_KEYLOG_FILE ""
+#define USAGE_SRTP ""
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+#define USAGE_TRUNC_HMAC                                    \
+    "    trunc_hmac=%%d       default: library default\n"
+#else
+#define USAGE_TRUNC_HMAC ""
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+#define USAGE_MAX_FRAG_LEN                                      \
+    "    max_frag_len=%%d     default: 16384 (tls default)\n"   \
+    "                        options: 512, 1024, 2048, 4096\n"
+#else
+#define USAGE_MAX_FRAG_LEN ""
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+#define USAGE_RECSPLIT \
+    "    recsplit=0/1        default: (library default: on)\n"
+#else
+#define USAGE_RECSPLIT
+#endif
+
+#if defined(MBEDTLS_DHM_C)
+#define USAGE_DHMLEN \
+    "    dhmlen=%%d           default: (library default: 1024 bits)\n"
+#else
+#define USAGE_DHMLEN
+#endif
+
+#if defined(MBEDTLS_SSL_ALPN)
+#define USAGE_ALPN \
+    "    alpn=%%s             default: \"\" (disabled)\n"   \
+    "                        example: spdy/1,http/1.1\n"
+#else
+#define USAGE_ALPN ""
+#endif /* MBEDTLS_SSL_ALPN */
+
+#if defined(MBEDTLS_ECP_C)
+#define USAGE_CURVES \
+    "    curves=a,b,c,d      default: \"default\" (library default)\n"  \
+    "                        example: \"secp521r1,brainpoolP512r1\"\n"  \
+    "                        - use \"none\" for empty list\n"           \
+    "                        - see mbedtls_ecp_curve_list()\n"          \
+    "                          for acceptable curve names\n"
+#else
+#define USAGE_CURVES ""
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+#define USAGE_DTLS \
+    "    dtls=%%d             default: 0 (TLS)\n"                           \
+    "    hs_timeout=%%d-%%d    default: (library default: 1000-60000)\n"    \
+    "                        range of DTLS handshake timeouts in millisecs\n" \
+    "    mtu=%%d              default: (library default: unlimited)\n"  \
+    "    dgram_packing=%%d    default: 1 (allowed)\n"                   \
+    "                        allow or forbid packing of multiple\n" \
+    "                        records within a single datgram.\n"
+#else
+#define USAGE_DTLS ""
+#endif
+
+#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
+#define USAGE_FALLBACK \
+    "    fallback=0/1        default: (library default: off)\n"
+#else
+#define USAGE_FALLBACK ""
+#endif
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+#define USAGE_EMS \
+    "    extended_ms=0/1     default: (library default: on)\n"
+#else
+#define USAGE_EMS ""
+#endif
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+#define USAGE_ETM \
+    "    etm=0/1             default: (library default: on)\n"
+#else
+#define USAGE_ETM ""
+#endif
+
+#define USAGE_REPRODUCIBLE \
+    "    reproducible=0/1     default: 0 (disabled)\n"
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+#define USAGE_RENEGO \
+    "    renegotiation=%%d    default: 0 (disabled)\n"      \
+    "    renegotiate=%%d      default: 0 (disabled)\n"
+#else
+#define USAGE_RENEGO ""
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+#define USAGE_ECJPAKE \
+    "    ecjpake_pw=%%s       default: none (disabled)\n"
+#else
+#define USAGE_ECJPAKE ""
+#endif
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+#define USAGE_ECRESTART \
+    "    ec_max_ops=%%s       default: library default (restart disabled)\n"
+#else
+#define USAGE_ECRESTART ""
+#endif
+
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+#define USAGE_SERIALIZATION \
+    "    serialize=%%d        default: 0 (do not serialize/deserialize)\n"     \
+    "                        options: 1 (serialize)\n"                         \
+    "                                 2 (serialize with re-initialization)\n"  \
+    "    context_file=%%s     The file path to write a serialized connection\n" \
+    "                        in the form of base64 code (serialize option\n"   \
+    "                        must be set)\n"                                   \
+    "                         default: \"\" (do nothing)\n"                    \
+    "                         option: a file path\n"
+#else
+#define USAGE_SERIALIZATION ""
+#endif
+
+/* USAGE is arbitrarily split to stay under the portable string literal
+ * length limit: 4095 bytes in C99. */
+#define USAGE1 \
+    "\n usage: ssl_client2 param=<>...\n"                   \
+    "\n acceptable parameters:\n"                           \
+    "    server_name=%%s      default: localhost\n"         \
+    "    server_addr=%%s      default: given by name\n"     \
+    "    server_port=%%d      default: 4433\n"              \
+    "    request_page=%%s     default: \".\"\n"             \
+    "    request_size=%%d     default: about 34 (basic request)\n"           \
+    "                        (minimum: 0, max: " MAX_REQUEST_SIZE_STR ")\n"  \
+                                                                      "                        If 0, in the first exchange only an empty\n"    \
+                                                                      "                        application data message is sent followed by\n" \
+                                                                      "                        a second non-empty message before attempting\n" \
+                                                                      "                        to read a response from the server\n"           \
+                                                                      "    debug_level=%%d      default: 0 (disabled)\n"             \
+                                                                      "    build_version=%%d    default: none (disabled)\n"                     \
+                                                                      "                        option: 1 (print build version only and stop)\n" \
+                                                                      "    nbio=%%d             default: 0 (blocking I/O)\n"         \
+                                                                      "                        options: 1 (non-blocking), 2 (added delays)\n"   \
+                                                                      "    event=%%d            default: 0 (loop)\n"                            \
+                                                                      "                        options: 1 (level-triggered, implies nbio=1),\n" \
+                                                                      "    read_timeout=%%d     default: 0 ms (no timeout)\n"        \
+                                                                      "    max_resend=%%d       default: 0 (no resend on timeout)\n" \
+                                                                      "    skip_close_notify=%%d default: 0 (send close_notify)\n" \
+                                                                      "\n"                                                    \
+    USAGE_DTLS                                              \
+    USAGE_CID                                               \
+    USAGE_SRTP                                              \
+    "\n"
+#define USAGE2 \
+    "    auth_mode=%%s        default: (library default: none)\n" \
+    "                        options: none, optional, required\n" \
+    USAGE_IO                                                \
+    USAGE_KEY_OPAQUE                                        \
+    USAGE_CA_CALLBACK                                       \
+    "\n"                                                    \
+    USAGE_PSK                                               \
+    USAGE_ECJPAKE                                           \
+    USAGE_ECRESTART                                         \
+    "\n"
+#define USAGE3 \
+    "    allow_legacy=%%d     default: (library default: no)\n"   \
+    USAGE_RENEGO                                            \
+    "    exchanges=%%d        default: 1\n"                 \
+    "    reconnect=%%d        number of reconnections using session resumption\n" \
+    "                        default: 0 (disabled)\n"      \
+    "    reco_delay=%%d       default: 0 seconds\n"         \
+    "    reco_mode=%%d        0: copy session, 1: serialize session\n" \
+    "                        default: 1\n"      \
+    "    reconnect_hard=%%d   default: 0 (disabled)\n"      \
+    USAGE_TICKETS                                           \
+    USAGE_EAP_TLS                                           \
+    USAGE_MAX_FRAG_LEN                                      \
+    USAGE_TRUNC_HMAC                                        \
+    USAGE_CONTEXT_CRT_CB                                    \
+    USAGE_ALPN                                              \
+    USAGE_FALLBACK                                          \
+    USAGE_EMS                                               \
+    USAGE_ETM                                               \
+    USAGE_REPRODUCIBLE                                      \
+    USAGE_CURVES                                            \
+    USAGE_RECSPLIT                                          \
+    USAGE_DHMLEN                                            \
+    "\n"
+#define USAGE4 \
+    "    arc4=%%d             default: (library default: 0)\n" \
+    "    allow_sha1=%%d       default: 0\n"                             \
+    "    min_version=%%s      default: (library default: tls1)\n"       \
+    "    max_version=%%s      default: (library default: tls12)\n"      \
+    "    force_version=%%s    default: \"\" (none)\n"       \
+    "                        options: ssl3, tls1, tls1_1, tls12, dtls1, dtls12\n" \
+    "\n"                                                    \
+    "    force_ciphersuite=<name>    default: all enabled\n" \
+    "    query_config=<name>         return 0 if the specified\n"       \
+    "                                configuration macro is defined and 1\n"  \
+    "                                otherwise. The expansion of the macro\n" \
+    "                                is printed if it is defined\n"     \
+    USAGE_SERIALIZATION                                     \
+    " acceptable ciphersuite names:\n"
+
+#define ALPN_LIST_SIZE  10
+#define CURVE_LIST_SIZE 20
+
+
+/*
+ * global options
+ */
+struct options {
+    const char *server_name;    /* hostname of the server (client only)     */
+    const char *server_addr;    /* address of the server (client only)      */
+    const char *server_port;    /* port on which the ssl service runs       */
+    int debug_level;            /* level of debugging                       */
+    int nbio;                   /* should I/O be blocking?                  */
+    int event;                  /* loop or event-driven IO? level or edge triggered? */
+    uint32_t read_timeout;      /* timeout on mbedtls_ssl_read() in milliseconds     */
+    int max_resend;             /* DTLS times to resend on read timeout     */
+    const char *request_page;   /* page on server to request                */
+    int request_size;           /* pad request with header to requested size */
+    const char *ca_file;        /* the file with the CA certificate(s)      */
+    const char *ca_path;        /* the path with the CA certificate(s) reside */
+    const char *crt_file;       /* the file with the client certificate     */
+    const char *key_file;       /* the file with the client key             */
+    int key_opaque;             /* handle private key as if it were opaque  */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    int psk_opaque;
+#endif
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+    int ca_callback;            /* Use callback for trusted certificate list */
+#endif
+    const char *key_pwd;        /* the password for the client key          */
+    const char *psk;            /* the pre-shared key                       */
+    const char *psk_identity;   /* the pre-shared key identity              */
+    const char *ecjpake_pw;     /* the EC J-PAKE password                   */
+    int ec_max_ops;             /* EC consecutive operations limit          */
+    int force_ciphersuite[2];   /* protocol/ciphersuite to use, or all      */
+    int renegotiation;          /* enable / disable renegotiation           */
+    int allow_legacy;           /* allow legacy renegotiation               */
+    int renegotiate;            /* attempt renegotiation?                   */
+    int renego_delay;           /* delay before enforcing renegotiation     */
+    int exchanges;              /* number of data exchanges                 */
+    int min_version;            /* minimum protocol version accepted        */
+    int max_version;            /* maximum protocol version accepted        */
+    int arc4;                   /* flag for arc4 suites support             */
+    int allow_sha1;             /* flag for SHA-1 support                   */
+    int auth_mode;              /* verify mode for connection               */
+    unsigned char mfl_code;     /* code for maximum fragment length         */
+    int trunc_hmac;             /* negotiate truncated hmac or not          */
+    int recsplit;               /* enable record splitting?                 */
+    int dhmlen;                 /* minimum DHM params len in bits           */
+    int reconnect;              /* attempt to resume session                */
+    int reco_delay;             /* delay in seconds before resuming session */
+    int reco_mode;              /* how to keep the session around           */
+    int reconnect_hard;         /* unexpectedly reconnect from the same port */
+    int tickets;                /* enable / disable session tickets         */
+    const char *curves;         /* list of supported elliptic curves        */
+    const char *alpn_string;    /* ALPN supported protocols                 */
+    int transport;              /* TLS or DTLS?                             */
+    uint32_t hs_to_min;         /* Initial value of DTLS handshake timer    */
+    uint32_t hs_to_max;         /* Max value of DTLS handshake timer        */
+    int dtls_mtu;               /* UDP Maximum transport unit for DTLS       */
+    int fallback;               /* is this a fallback connection?           */
+    int dgram_packing;          /* allow/forbid datagram packing            */
+    int extended_ms;            /* negotiate extended master secret?        */
+    int etm;                    /* negotiate encrypt then mac?              */
+    int context_crt_cb;         /* use context-specific CRT verify callback */
+    int eap_tls;                /* derive EAP-TLS keying material?          */
+    int nss_keylog;             /* export NSS key log material              */
+    const char *nss_keylog_file; /* NSS key log file                        */
+    int cid_enabled;            /* whether to use the CID extension or not  */
+    int cid_enabled_renego;     /* whether to use the CID extension or not
+                                 * during renegotiation                     */
+    const char *cid_val;        /* the CID to use for incoming messages     */
+    int serialize;              /* serialize/deserialize connection         */
+    const char *context_file;   /* the file to write a serialized connection
+                                 * in the form of base64 code (serialize
+                                 * option must be set)                      */
+    const char *cid_val_renego; /* the CID to use for incoming messages
+                                 * after renegotiation                      */
+    int reproducible;           /* make communication reproducible          */
+    int skip_close_notify;      /* skip sending the close_notify alert      */
+    int query_config_mode;      /* whether to read config                   */
+    int use_srtp;               /* Support SRTP                             */
+    int force_srtp_profile;     /* SRTP protection profile to use or all    */
+    const char *mki;            /* The dtls mki value to use                */
+} opt;
+
+#include "ssl_test_common_source.c"
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+static unsigned char peer_crt_info[1024];
+
+/*
+ * Enabled if debug_level > 1 in code below
+ */
+static int my_verify(void *data, mbedtls_x509_crt *crt,
+                     int depth, uint32_t *flags)
+{
+    char buf[1024];
+    ((void) data);
+
+    mbedtls_x509_crt_info(buf, sizeof(buf) - 1, "", crt);
+    if (depth == 0) {
+        memcpy(peer_crt_info, buf, sizeof(buf));
+    }
+
+    if (opt.debug_level == 0) {
+        return 0;
+    }
+
+    mbedtls_printf("\nVerify requested for (Depth %d):\n", depth);
+    mbedtls_printf("%s", buf);
+
+    if ((*flags) == 0) {
+        mbedtls_printf("  This certificate has no flags\n");
+    } else {
+        mbedtls_x509_crt_verify_info(buf, sizeof(buf), "  ! ", *flags);
+        mbedtls_printf("%s\n", buf);
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+int report_cid_usage(mbedtls_ssl_context *ssl,
+                     const char *additional_description)
+{
+    int ret;
+    unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX];
+    size_t peer_cid_len;
+    int cid_negotiated;
+
+    if (opt.transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        return 0;
+    }
+
+    /* Check if the use of a CID has been negotiated,
+     * but don't ask for the CID value and length.
+     *
+     * Note: Here and below, we're demonstrating the various ways
+     *       in which mbedtls_ssl_get_peer_cid() can be called,
+     *       depending on whether or not the length/value of the
+     *       peer's CID is needed.
+     *
+     *       An actual application, however, should use
+     *       just one call to mbedtls_ssl_get_peer_cid(). */
+    ret = mbedtls_ssl_get_peer_cid(ssl, &cid_negotiated,
+                                   NULL, NULL);
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n",
+                       (unsigned int) -ret);
+        return ret;
+    }
+
+    if (cid_negotiated == MBEDTLS_SSL_CID_DISABLED) {
+        if (opt.cid_enabled == MBEDTLS_SSL_CID_ENABLED) {
+            mbedtls_printf("(%s) Use of Connection ID was rejected by the server.\n",
+                           additional_description);
+        }
+    } else {
+        size_t idx = 0;
+        mbedtls_printf("(%s) Use of Connection ID has been negotiated.\n",
+                       additional_description);
+
+        /* Ask for just the length of the peer's CID. */
+        ret = mbedtls_ssl_get_peer_cid(ssl, &cid_negotiated,
+                                       NULL, &peer_cid_len);
+        if (ret != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            return ret;
+        }
+
+        /* Ask for just length + value of the peer's CID. */
+        ret = mbedtls_ssl_get_peer_cid(ssl, &cid_negotiated,
+                                       peer_cid, &peer_cid_len);
+        if (ret != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            return ret;
+        }
+        mbedtls_printf("(%s) Peer CID (length %u Bytes): ",
+                       additional_description,
+                       (unsigned) peer_cid_len);
+        while (idx < peer_cid_len) {
+            mbedtls_printf("%02x ", peer_cid[idx]);
+            idx++;
+        }
+        mbedtls_printf("\n");
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+int main(int argc, char *argv[])
+{
+    int ret = 0, len, tail_len, i, written, frags, retry_left;
+    int query_config_ret = 0;
+    mbedtls_net_context server_fd;
+    io_ctx_t io_ctx;
+
+    unsigned char buf[MAX_REQUEST_SIZE + 1];
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+    unsigned char psk[MBEDTLS_PSK_MAX_LEN];
+    size_t psk_len = 0;
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    unsigned char cid[MBEDTLS_SSL_CID_IN_LEN_MAX];
+    unsigned char cid_renego[MBEDTLS_SSL_CID_IN_LEN_MAX];
+    size_t cid_len = 0;
+    size_t cid_renego_len = 0;
+#endif
+
+#if defined(MBEDTLS_SSL_ALPN)
+    const char *alpn_list[ALPN_LIST_SIZE];
+#endif
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+    unsigned char alloc_buf[MEMORY_HEAP_SIZE];
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+    mbedtls_ecp_group_id curve_list[CURVE_LIST_SIZE];
+    const mbedtls_ecp_curve_info *curve_cur;
+#endif
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+    unsigned char mki[MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH];
+    size_t mki_len = 0;
+#endif
+
+    const char *pers = "ssl_client2";
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+    psa_key_id_t slot = 0;
+    psa_algorithm_t alg = 0;
+    psa_key_attributes_t key_attributes;
+#endif
+    psa_status_t status;
+#endif
+
+    rng_context_t rng;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    mbedtls_ssl_session saved_session;
+    unsigned char *session_data = NULL;
+    size_t session_data_len = 0;
+#if defined(MBEDTLS_TIMING_C)
+    mbedtls_timing_delay_context timer;
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    uint32_t flags;
+    mbedtls_x509_crt cacert;
+    mbedtls_x509_crt clicert;
+    mbedtls_pk_context pkey;
+    mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_key_id_t key_slot = 0; /* invalid key slot */
+#endif
+#endif  /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+    char *p, *q;
+    const int *list;
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+    unsigned char *context_buf = NULL;
+    size_t context_buf_len;
+#endif
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+    unsigned char eap_tls_keymaterial[16];
+    unsigned char eap_tls_iv[8];
+    const char *eap_tls_label = "client EAP encryption";
+    eap_tls_keys eap_tls_keying;
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+    /*! master keys and master salt for SRTP generated during handshake */
+    unsigned char dtls_srtp_key_material[MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH];
+    const char *dtls_srtp_label = "EXTRACTOR-dtls_srtp";
+    dtls_srtp_keys dtls_srtp_keying;
+    const mbedtls_ssl_srtp_profile default_profiles[] = {
+        MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80,
+        MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32,
+        MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80,
+        MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32,
+        MBEDTLS_TLS_SRTP_UNSET
+    };
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+    mbedtls_memory_buffer_alloc_init(alloc_buf, sizeof(alloc_buf));
+#endif
+
+#if defined(MBEDTLS_TEST_HOOKS)
+    test_hooks_init();
+#endif /* MBEDTLS_TEST_HOOKS */
+
+    /*
+     * Make sure memory references are valid.
+     */
+    mbedtls_net_init(&server_fd);
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_config_init(&conf);
+    memset(&saved_session, 0, sizeof(mbedtls_ssl_session));
+    rng_init(&rng);
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    mbedtls_x509_crt_init(&cacert);
+    mbedtls_x509_crt_init(&clicert);
+    mbedtls_pk_init(&pkey);
+#endif
+#if defined(MBEDTLS_SSL_ALPN)
+    memset((void *) alpn_list, 0, sizeof(alpn_list));
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        goto exit;
+    }
+#endif  /* MBEDTLS_USE_PSA_CRYPTO */
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+    mbedtls_test_enable_insecure_external_rng();
+#endif  /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+    if (argc < 2) {
+usage:
+        if (ret == 0) {
+            ret = 1;
+        }
+
+        mbedtls_printf(USAGE1);
+        mbedtls_printf(USAGE2);
+        mbedtls_printf(USAGE3);
+        mbedtls_printf(USAGE4);
+
+        list = mbedtls_ssl_list_ciphersuites();
+        while (*list) {
+            mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name(*list));
+            list++;
+            if (!*list) {
+                break;
+            }
+            mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list));
+            list++;
+        }
+        mbedtls_printf("\n");
+        goto exit;
+    }
+
+    opt.server_name         = DFL_SERVER_NAME;
+    opt.server_addr         = DFL_SERVER_ADDR;
+    opt.server_port         = DFL_SERVER_PORT;
+    opt.debug_level         = DFL_DEBUG_LEVEL;
+    opt.cid_enabled         = DFL_CID_ENABLED;
+    opt.cid_val             = DFL_CID_VALUE;
+    opt.cid_enabled_renego  = DFL_CID_ENABLED_RENEGO;
+    opt.cid_val_renego      = DFL_CID_VALUE_RENEGO;
+    opt.nbio                = DFL_NBIO;
+    opt.event               = DFL_EVENT;
+    opt.context_crt_cb      = DFL_CONTEXT_CRT_CB;
+    opt.read_timeout        = DFL_READ_TIMEOUT;
+    opt.max_resend          = DFL_MAX_RESEND;
+    opt.request_page        = DFL_REQUEST_PAGE;
+    opt.request_size        = DFL_REQUEST_SIZE;
+    opt.ca_file             = DFL_CA_FILE;
+    opt.ca_path             = DFL_CA_PATH;
+    opt.crt_file            = DFL_CRT_FILE;
+    opt.key_file            = DFL_KEY_FILE;
+    opt.key_opaque          = DFL_KEY_OPAQUE;
+    opt.key_pwd             = DFL_KEY_PWD;
+    opt.psk                 = DFL_PSK;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    opt.psk_opaque          = DFL_PSK_OPAQUE;
+#endif
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+    opt.ca_callback         = DFL_CA_CALLBACK;
+#endif
+    opt.psk_identity        = DFL_PSK_IDENTITY;
+    opt.ecjpake_pw          = DFL_ECJPAKE_PW;
+    opt.ec_max_ops          = DFL_EC_MAX_OPS;
+    opt.force_ciphersuite[0] = DFL_FORCE_CIPHER;
+    opt.renegotiation       = DFL_RENEGOTIATION;
+    opt.allow_legacy        = DFL_ALLOW_LEGACY;
+    opt.renegotiate         = DFL_RENEGOTIATE;
+    opt.exchanges           = DFL_EXCHANGES;
+    opt.min_version         = DFL_MIN_VERSION;
+    opt.max_version         = DFL_MAX_VERSION;
+    opt.arc4                = DFL_ARC4;
+    opt.allow_sha1          = DFL_SHA1;
+    opt.auth_mode           = DFL_AUTH_MODE;
+    opt.mfl_code            = DFL_MFL_CODE;
+    opt.trunc_hmac          = DFL_TRUNC_HMAC;
+    opt.recsplit            = DFL_RECSPLIT;
+    opt.dhmlen              = DFL_DHMLEN;
+    opt.reconnect           = DFL_RECONNECT;
+    opt.reco_delay          = DFL_RECO_DELAY;
+    opt.reco_mode           = DFL_RECO_MODE;
+    opt.reconnect_hard      = DFL_RECONNECT_HARD;
+    opt.tickets             = DFL_TICKETS;
+    opt.alpn_string         = DFL_ALPN_STRING;
+    opt.curves              = DFL_CURVES;
+    opt.transport           = DFL_TRANSPORT;
+    opt.hs_to_min           = DFL_HS_TO_MIN;
+    opt.hs_to_max           = DFL_HS_TO_MAX;
+    opt.dtls_mtu            = DFL_DTLS_MTU;
+    opt.fallback            = DFL_FALLBACK;
+    opt.extended_ms         = DFL_EXTENDED_MS;
+    opt.etm                 = DFL_ETM;
+    opt.dgram_packing       = DFL_DGRAM_PACKING;
+    opt.serialize           = DFL_SERIALIZE;
+    opt.context_file        = DFL_CONTEXT_FILE;
+    opt.eap_tls             = DFL_EAP_TLS;
+    opt.reproducible        = DFL_REPRODUCIBLE;
+    opt.nss_keylog          = DFL_NSS_KEYLOG;
+    opt.nss_keylog_file     = DFL_NSS_KEYLOG_FILE;
+    opt.skip_close_notify   = DFL_SKIP_CLOSE_NOTIFY;
+    opt.query_config_mode   = DFL_QUERY_CONFIG_MODE;
+    opt.use_srtp            = DFL_USE_SRTP;
+    opt.force_srtp_profile  = DFL_SRTP_FORCE_PROFILE;
+    opt.mki                 = DFL_SRTP_MKI;
+
+    for (i = 1; i < argc; i++) {
+        p = argv[i];
+        if ((q = strchr(p, '=')) == NULL) {
+            goto usage;
+        }
+        *q++ = '\0';
+
+        if (strcmp(p, "server_name") == 0) {
+            opt.server_name = q;
+        } else if (strcmp(p, "server_addr") == 0) {
+            opt.server_addr = q;
+        } else if (strcmp(p, "server_port") == 0) {
+            opt.server_port = q;
+        } else if (strcmp(p, "dtls") == 0) {
+            int t = atoi(q);
+            if (t == 0) {
+                opt.transport = MBEDTLS_SSL_TRANSPORT_STREAM;
+            } else if (t == 1) {
+                opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
+            } else {
+                goto usage;
+            }
+        } else if (strcmp(p, "debug_level") == 0) {
+            opt.debug_level = atoi(q);
+            if (opt.debug_level < 0 || opt.debug_level > 65535) {
+                goto usage;
+            }
+        } else if (strcmp(p, "build_version") == 0) {
+            if (strcmp(q, "1") == 0) {
+                mbedtls_printf("build version: %s (build %d)\n",
+                               MBEDTLS_VERSION_STRING_FULL,
+                               MBEDTLS_VERSION_NUMBER);
+                goto exit;
+            }
+        } else if (strcmp(p, "context_crt_cb") == 0) {
+            opt.context_crt_cb = atoi(q);
+            if (opt.context_crt_cb != 0 && opt.context_crt_cb != 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "nbio") == 0) {
+            opt.nbio = atoi(q);
+            if (opt.nbio < 0 || opt.nbio > 2) {
+                goto usage;
+            }
+        } else if (strcmp(p, "event") == 0) {
+            opt.event = atoi(q);
+            if (opt.event < 0 || opt.event > 2) {
+                goto usage;
+            }
+        } else if (strcmp(p, "read_timeout") == 0) {
+            opt.read_timeout = atoi(q);
+        } else if (strcmp(p, "max_resend") == 0) {
+            opt.max_resend = atoi(q);
+            if (opt.max_resend < 0) {
+                goto usage;
+            }
+        } else if (strcmp(p, "request_page") == 0) {
+            opt.request_page = q;
+        } else if (strcmp(p, "request_size") == 0) {
+            opt.request_size = atoi(q);
+            if (opt.request_size < 0 ||
+                opt.request_size > MAX_REQUEST_SIZE) {
+                goto usage;
+            }
+        } else if (strcmp(p, "ca_file") == 0) {
+            opt.ca_file = q;
+        } else if (strcmp(p, "ca_path") == 0) {
+            opt.ca_path = q;
+        } else if (strcmp(p, "crt_file") == 0) {
+            opt.crt_file = q;
+        } else if (strcmp(p, "key_file") == 0) {
+            opt.key_file = q;
+        } else if (strcmp(p, "key_pwd") == 0) {
+            opt.key_pwd = q;
+        }
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+        else if (strcmp(p, "key_opaque") == 0) {
+            opt.key_opaque = atoi(q);
+        }
+#endif
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+        else if (strcmp(p, "cid") == 0) {
+            opt.cid_enabled = atoi(q);
+            if (opt.cid_enabled != 0 && opt.cid_enabled != 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "cid_renego") == 0) {
+            opt.cid_enabled_renego = atoi(q);
+            if (opt.cid_enabled_renego != 0 && opt.cid_enabled_renego != 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "cid_val") == 0) {
+            opt.cid_val = q;
+        } else if (strcmp(p, "cid_val_renego") == 0) {
+            opt.cid_val_renego = q;
+        }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+        else if (strcmp(p, "psk") == 0) {
+            opt.psk = q;
+        }
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        else if (strcmp(p, "psk_opaque") == 0) {
+            opt.psk_opaque = atoi(q);
+        }
+#endif
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+        else if (strcmp(p, "ca_callback") == 0) {
+            opt.ca_callback = atoi(q);
+        }
+#endif
+        else if (strcmp(p, "psk_identity") == 0) {
+            opt.psk_identity = q;
+        } else if (strcmp(p, "ecjpake_pw") == 0) {
+            opt.ecjpake_pw = q;
+        } else if (strcmp(p, "ec_max_ops") == 0) {
+            opt.ec_max_ops = atoi(q);
+        } else if (strcmp(p, "force_ciphersuite") == 0) {
+            opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(q);
+
+            if (opt.force_ciphersuite[0] == 0) {
+                ret = 2;
+                goto usage;
+            }
+            opt.force_ciphersuite[1] = 0;
+        } else if (strcmp(p, "renegotiation") == 0) {
+            opt.renegotiation = (atoi(q)) ?
+                                MBEDTLS_SSL_RENEGOTIATION_ENABLED :
+                                MBEDTLS_SSL_RENEGOTIATION_DISABLED;
+        } else if (strcmp(p, "allow_legacy") == 0) {
+            switch (atoi(q)) {
+                case -1:
+                    opt.allow_legacy = MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE;
+                    break;
+                case 0:
+                    opt.allow_legacy = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION;
+                    break;
+                case 1:
+                    opt.allow_legacy = MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION;
+                    break;
+                default: goto usage;
+            }
+        } else if (strcmp(p, "renegotiate") == 0) {
+            opt.renegotiate = atoi(q);
+            if (opt.renegotiate < 0 || opt.renegotiate > 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "exchanges") == 0) {
+            opt.exchanges = atoi(q);
+            if (opt.exchanges < 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "reconnect") == 0) {
+            opt.reconnect = atoi(q);
+            if (opt.reconnect < 0 || opt.reconnect > 2) {
+                goto usage;
+            }
+        } else if (strcmp(p, "reco_delay") == 0) {
+            opt.reco_delay = atoi(q);
+            if (opt.reco_delay < 0) {
+                goto usage;
+            }
+        } else if (strcmp(p, "reco_mode") == 0) {
+            opt.reco_mode = atoi(q);
+            if (opt.reco_mode < 0) {
+                goto usage;
+            }
+        } else if (strcmp(p, "reconnect_hard") == 0) {
+            opt.reconnect_hard = atoi(q);
+            if (opt.reconnect_hard < 0 || opt.reconnect_hard > 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "tickets") == 0) {
+            opt.tickets = atoi(q);
+            if (opt.tickets < 0 || opt.tickets > 2) {
+                goto usage;
+            }
+        } else if (strcmp(p, "alpn") == 0) {
+            opt.alpn_string = q;
+        } else if (strcmp(p, "fallback") == 0) {
+            switch (atoi(q)) {
+                case 0: opt.fallback = MBEDTLS_SSL_IS_NOT_FALLBACK; break;
+                case 1: opt.fallback = MBEDTLS_SSL_IS_FALLBACK; break;
+                default: goto usage;
+            }
+        } else if (strcmp(p, "extended_ms") == 0) {
+            switch (atoi(q)) {
+                case 0:
+                    opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_DISABLED;
+                    break;
+                case 1:
+                    opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED;
+                    break;
+                default: goto usage;
+            }
+        } else if (strcmp(p, "curves") == 0) {
+            opt.curves = q;
+        } else if (strcmp(p, "etm") == 0) {
+            switch (atoi(q)) {
+                case 0: opt.etm = MBEDTLS_SSL_ETM_DISABLED; break;
+                case 1: opt.etm = MBEDTLS_SSL_ETM_ENABLED; break;
+                default: goto usage;
+            }
+        } else if (strcmp(p, "min_version") == 0) {
+            if (strcmp(q, "ssl3") == 0) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0;
+            } else if (strcmp(q, "tls1") == 0) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1;
+            } else if (strcmp(q, "tls1_1") == 0 ||
+                       strcmp(q, "dtls1") == 0) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
+            } else if (strcmp(q, "tls12") == 0 ||
+                       strcmp(q, "dtls12") == 0) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
+            } else {
+                goto usage;
+            }
+        } else if (strcmp(p, "max_version") == 0) {
+            if (strcmp(q, "ssl3") == 0) {
+                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0;
+            } else if (strcmp(q, "tls1") == 0) {
+                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1;
+            } else if (strcmp(q, "tls1_1") == 0 ||
+                       strcmp(q, "dtls1") == 0) {
+                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2;
+            } else if (strcmp(q, "tls12") == 0 ||
+                       strcmp(q, "dtls12") == 0) {
+                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
+            } else {
+                goto usage;
+            }
+        } else if (strcmp(p, "arc4") == 0) {
+            switch (atoi(q)) {
+                case 0:     opt.arc4 = MBEDTLS_SSL_ARC4_DISABLED;   break;
+                case 1:     opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED;    break;
+                default:    goto usage;
+            }
+        } else if (strcmp(p, "allow_sha1") == 0) {
+            switch (atoi(q)) {
+                case 0:     opt.allow_sha1 = 0;   break;
+                case 1:     opt.allow_sha1 = 1;    break;
+                default:    goto usage;
+            }
+        } else if (strcmp(p, "force_version") == 0) {
+            if (strcmp(q, "ssl3") == 0) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0;
+                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0;
+            } else if (strcmp(q, "tls1") == 0) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1;
+                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1;
+            } else if (strcmp(q, "tls1_1") == 0) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
+                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2;
+            } else if (strcmp(q, "tls12") == 0) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
+                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
+            } else if (strcmp(q, "dtls1") == 0) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
+                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2;
+                opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
+            } else if (strcmp(q, "dtls12") == 0) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
+                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
+                opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
+            } else {
+                goto usage;
+            }
+        } else if (strcmp(p, "auth_mode") == 0) {
+            if (strcmp(q, "none") == 0) {
+                opt.auth_mode = MBEDTLS_SSL_VERIFY_NONE;
+            } else if (strcmp(q, "optional") == 0) {
+                opt.auth_mode = MBEDTLS_SSL_VERIFY_OPTIONAL;
+            } else if (strcmp(q, "required") == 0) {
+                opt.auth_mode = MBEDTLS_SSL_VERIFY_REQUIRED;
+            } else {
+                goto usage;
+            }
+        } else if (strcmp(p, "max_frag_len") == 0) {
+            if (strcmp(q, "512") == 0) {
+                opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_512;
+            } else if (strcmp(q, "1024") == 0) {
+                opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_1024;
+            } else if (strcmp(q, "2048") == 0) {
+                opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_2048;
+            } else if (strcmp(q, "4096") == 0) {
+                opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_4096;
+            } else {
+                goto usage;
+            }
+        } else if (strcmp(p, "trunc_hmac") == 0) {
+            switch (atoi(q)) {
+                case 0: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_DISABLED; break;
+                case 1: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; break;
+                default: goto usage;
+            }
+        } else if (strcmp(p, "hs_timeout") == 0) {
+            if ((p = strchr(q, '-')) == NULL) {
+                goto usage;
+            }
+            *p++ = '\0';
+            opt.hs_to_min = atoi(q);
+            opt.hs_to_max = atoi(p);
+            if (opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min) {
+                goto usage;
+            }
+        } else if (strcmp(p, "mtu") == 0) {
+            opt.dtls_mtu = atoi(q);
+            if (opt.dtls_mtu < 0) {
+                goto usage;
+            }
+        } else if (strcmp(p, "dgram_packing") == 0) {
+            opt.dgram_packing = atoi(q);
+            if (opt.dgram_packing != 0 &&
+                opt.dgram_packing != 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "recsplit") == 0) {
+            opt.recsplit = atoi(q);
+            if (opt.recsplit < 0 || opt.recsplit > 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "dhmlen") == 0) {
+            opt.dhmlen = atoi(q);
+            if (opt.dhmlen < 0) {
+                goto usage;
+            }
+        } else if (strcmp(p, "query_config") == 0) {
+            opt.query_config_mode = 1;
+            query_config_ret = query_config(q);
+            goto exit;
+        } else if (strcmp(p, "serialize") == 0) {
+            opt.serialize = atoi(q);
+            if (opt.serialize < 0 || opt.serialize > 2) {
+                goto usage;
+            }
+        } else if (strcmp(p, "context_file") == 0) {
+            opt.context_file = q;
+        } else if (strcmp(p, "eap_tls") == 0) {
+            opt.eap_tls = atoi(q);
+            if (opt.eap_tls < 0 || opt.eap_tls > 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "reproducible") == 0) {
+            opt.reproducible = 1;
+        } else if (strcmp(p, "nss_keylog") == 0) {
+            opt.nss_keylog = atoi(q);
+            if (opt.nss_keylog < 0 || opt.nss_keylog > 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "nss_keylog_file") == 0) {
+            opt.nss_keylog_file = q;
+        } else if (strcmp(p, "skip_close_notify") == 0) {
+            opt.skip_close_notify = atoi(q);
+            if (opt.skip_close_notify < 0 || opt.skip_close_notify > 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "use_srtp") == 0) {
+            opt.use_srtp = atoi(q);
+        } else if (strcmp(p, "srtp_force_profile") == 0) {
+            opt.force_srtp_profile = atoi(q);
+        } else if (strcmp(p, "mki") == 0) {
+            opt.mki = q;
+        } else {
+            goto usage;
+        }
+    }
+
+    if (opt.nss_keylog != 0 && opt.eap_tls != 0) {
+        mbedtls_printf("Error: eap_tls and nss_keylog options cannot be used together.\n");
+        goto usage;
+    }
+
+    /* Event-driven IO is incompatible with the above custom
+     * receive and send functions, as the polling builds on
+     * refers to the underlying net_context. */
+    if (opt.event == 1 && opt.nbio != 1) {
+        mbedtls_printf("Warning: event-driven IO mandates nbio=1 - overwrite\n");
+        opt.nbio = 1;
+    }
+
+#if defined(MBEDTLS_DEBUG_C)
+    mbedtls_debug_set_threshold(opt.debug_level);
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+    /*
+     * Unhexify the pre-shared key if any is given
+     */
+    if (strlen(opt.psk)) {
+        if (mbedtls_test_unhexify(psk, sizeof(psk),
+                                  opt.psk, &psk_len) != 0) {
+            mbedtls_printf("pre-shared key not valid\n");
+            goto exit;
+        }
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (opt.psk_opaque != 0) {
+        if (opt.psk == NULL) {
+            mbedtls_printf("psk_opaque set but no psk to be imported specified.\n");
+            ret = 2;
+            goto usage;
+        }
+
+        if (opt.force_ciphersuite[0] <= 0) {
+            mbedtls_printf(
+                "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n");
+            ret = 2;
+            goto usage;
+        }
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if (opt.force_ciphersuite[0] > 0) {
+        const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
+        ciphersuite_info =
+            mbedtls_ssl_ciphersuite_from_id(opt.force_ciphersuite[0]);
+
+        if (opt.max_version != -1 &&
+            ciphersuite_info->min_minor_ver > opt.max_version) {
+            mbedtls_printf("forced ciphersuite not allowed with this protocol version\n");
+            ret = 2;
+            goto usage;
+        }
+        if (opt.min_version != -1 &&
+            ciphersuite_info->max_minor_ver < opt.min_version) {
+            mbedtls_printf("forced ciphersuite not allowed with this protocol version\n");
+            ret = 2;
+            goto usage;
+        }
+
+        /* If the server selects a version that's not supported by
+         * this suite, then there will be no common ciphersuite... */
+        if (opt.max_version == -1 ||
+            opt.max_version > ciphersuite_info->max_minor_ver) {
+            opt.max_version = ciphersuite_info->max_minor_ver;
+        }
+        if (opt.min_version < ciphersuite_info->min_minor_ver) {
+            opt.min_version = ciphersuite_info->min_minor_ver;
+            /* DTLS starts with TLS 1.1 */
+            if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+                opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
+            }
+        }
+
+        /* Enable RC4 if needed and not explicitly disabled */
+        if (ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128) {
+            if (opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED) {
+                mbedtls_printf("forced RC4 ciphersuite with RC4 disabled\n");
+                ret = 2;
+                goto usage;
+            }
+
+            opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED;
+        }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+        if (opt.psk_opaque != 0) {
+            /* Determine KDF algorithm the opaque PSK will be used in. */
+#if defined(MBEDTLS_SHA512_C)
+            if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) {
+                alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384);
+            } else
+#endif /* MBEDTLS_SHA512_C */
+            alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
+        }
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    }
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    if (mbedtls_test_unhexify(cid, sizeof(cid),
+                              opt.cid_val, &cid_len) != 0) {
+        mbedtls_printf("CID not valid\n");
+        goto exit;
+    }
+
+    /* Keep CID settings for renegotiation unless
+     * specified otherwise. */
+    if (opt.cid_enabled_renego == DFL_CID_ENABLED_RENEGO) {
+        opt.cid_enabled_renego = opt.cid_enabled;
+    }
+    if (opt.cid_val_renego == DFL_CID_VALUE_RENEGO) {
+        opt.cid_val_renego = opt.cid_val;
+    }
+
+    if (mbedtls_test_unhexify(cid_renego, sizeof(cid_renego),
+                              opt.cid_val_renego, &cid_renego_len) != 0) {
+        mbedtls_printf("CID not valid\n");
+        goto exit;
+    }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_ECP_C)
+    if (opt.curves != NULL) {
+        p = (char *) opt.curves;
+        i = 0;
+
+        if (strcmp(p, "none") == 0) {
+            curve_list[0] = MBEDTLS_ECP_DP_NONE;
+        } else if (strcmp(p, "default") != 0) {
+            /* Leave room for a final NULL in curve list */
+            while (i < CURVE_LIST_SIZE - 1 && *p != '\0') {
+                q = p;
+
+                /* Terminate the current string */
+                while (*p != ',' && *p != '\0') {
+                    p++;
+                }
+                if (*p == ',') {
+                    *p++ = '\0';
+                }
+
+                if ((curve_cur = mbedtls_ecp_curve_info_from_name(q)) != NULL) {
+                    curve_list[i++] = curve_cur->grp_id;
+                } else {
+                    mbedtls_printf("unknown curve %s\n", q);
+                    mbedtls_printf("supported curves: ");
+                    for (curve_cur = mbedtls_ecp_curve_list();
+                         curve_cur->grp_id != MBEDTLS_ECP_DP_NONE;
+                         curve_cur++) {
+                        mbedtls_printf("%s ", curve_cur->name);
+                    }
+                    mbedtls_printf("\n");
+                    goto exit;
+                }
+            }
+
+            mbedtls_printf("Number of curves: %d\n", i);
+
+            if (i == CURVE_LIST_SIZE - 1 && *p != '\0') {
+                mbedtls_printf("curves list too long, maximum %d",
+                               CURVE_LIST_SIZE - 1);
+                goto exit;
+            }
+
+            curve_list[i] = MBEDTLS_ECP_DP_NONE;
+        }
+    }
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_SSL_ALPN)
+    if (opt.alpn_string != NULL) {
+        p = (char *) opt.alpn_string;
+        i = 0;
+
+        /* Leave room for a final NULL in alpn_list */
+        while (i < ALPN_LIST_SIZE - 1 && *p != '\0') {
+            alpn_list[i++] = p;
+
+            /* Terminate the current string and move on to next one */
+            while (*p != ',' && *p != '\0') {
+                p++;
+            }
+            if (*p == ',') {
+                *p++ = '\0';
+            }
+        }
+    }
+#endif /* MBEDTLS_SSL_ALPN */
+
+    mbedtls_printf("build version: %s (build %d)\n",
+                   MBEDTLS_VERSION_STRING_FULL, MBEDTLS_VERSION_NUMBER);
+
+    /*
+     * 0. Initialize the RNG and the session data
+     */
+    mbedtls_printf("\n  . Seeding the random number generator...");
+    fflush(stdout);
+
+    ret = rng_seed(&rng, opt.reproducible, pers);
+    if (ret != 0) {
+        goto exit;
+    }
+    mbedtls_printf(" ok\n");
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    /*
+     * 1.1. Load the trusted CA
+     */
+    mbedtls_printf("  . Loading the CA root certificate ...");
+    fflush(stdout);
+
+    if (strcmp(opt.ca_path, "none") == 0 ||
+        strcmp(opt.ca_file, "none") == 0) {
+        ret = 0;
+    } else
+#if defined(MBEDTLS_FS_IO)
+    if (strlen(opt.ca_path)) {
+        ret = mbedtls_x509_crt_parse_path(&cacert, opt.ca_path);
+    } else if (strlen(opt.ca_file)) {
+        ret = mbedtls_x509_crt_parse_file(&cacert, opt.ca_file);
+    } else
+#endif
+#if defined(MBEDTLS_CERTS_C)
+    {
+#if defined(MBEDTLS_PEM_PARSE_C)
+        for (i = 0; mbedtls_test_cas[i] != NULL; i++) {
+            ret = mbedtls_x509_crt_parse(&cacert,
+                                         (const unsigned char *) mbedtls_test_cas[i],
+                                         mbedtls_test_cas_len[i]);
+            if (ret != 0) {
+                break;
+            }
+        }
+#endif /* MBEDTLS_PEM_PARSE_C */
+        if (ret == 0) {
+            for (i = 0; mbedtls_test_cas_der[i] != NULL; i++) {
+                ret = mbedtls_x509_crt_parse_der(&cacert,
+                                                 (const unsigned char *) mbedtls_test_cas_der[i],
+                                                 mbedtls_test_cas_der_len[i]);
+                if (ret != 0) {
+                    break;
+                }
+            }
+        }
+    }
+#else
+    {
+        ret = 1;
+        mbedtls_printf("MBEDTLS_CERTS_C not defined.");
+    }
+#endif /* MBEDTLS_CERTS_C */
+    if (ret < 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_x509_crt_parse returned -0x%x\n\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok (%d skipped)\n", ret);
+
+    /*
+     * 1.2. Load own certificate and private key
+     *
+     * (can be skipped if client authentication is not required)
+     */
+    mbedtls_printf("  . Loading the client cert. and key...");
+    fflush(stdout);
+
+    if (strcmp(opt.crt_file, "none") == 0) {
+        ret = 0;
+    } else
+#if defined(MBEDTLS_FS_IO)
+    if (strlen(opt.crt_file)) {
+        ret = mbedtls_x509_crt_parse_file(&clicert, opt.crt_file);
+    } else
+#endif
+#if defined(MBEDTLS_CERTS_C)
+    { ret = mbedtls_x509_crt_parse(&clicert,
+                                   (const unsigned char *) mbedtls_test_cli_crt,
+                                   mbedtls_test_cli_crt_len); }
+#else
+    {
+        ret = 1;
+        mbedtls_printf("MBEDTLS_CERTS_C not defined.");
+    }
+#endif
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_x509_crt_parse returned -0x%x\n\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    if (strcmp(opt.key_file, "none") == 0) {
+        ret = 0;
+    } else
+#if defined(MBEDTLS_FS_IO)
+    if (strlen(opt.key_file)) {
+        ret = mbedtls_pk_parse_keyfile(&pkey, opt.key_file, opt.key_pwd);
+    } else
+#endif
+#if defined(MBEDTLS_CERTS_C)
+    { ret = mbedtls_pk_parse_key(&pkey,
+                                 (const unsigned char *) mbedtls_test_cli_key,
+                                 mbedtls_test_cli_key_len, NULL, 0); }
+#else
+    {
+        ret = 1;
+        mbedtls_printf("MBEDTLS_CERTS_C not defined.");
+    }
+#endif
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_pk_parse_key returned -0x%x\n\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (opt.key_opaque != 0) {
+        if ((ret = mbedtls_pk_wrap_as_opaque(&pkey, &key_slot,
+                                             PSA_ALG_ANY_HASH)) != 0) {
+            mbedtls_printf(" failed\n  !  "
+                           "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", (unsigned int)  -ret);
+            goto exit;
+        }
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    mbedtls_printf(" ok (key type: %s)\n", mbedtls_pk_get_name(&pkey));
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+    /*
+     * 2. Start the connection
+     */
+    if (opt.server_addr == NULL) {
+        opt.server_addr = opt.server_name;
+    }
+
+    mbedtls_printf("  . Connecting to %s/%s/%s...",
+                   opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp",
+                   opt.server_addr, opt.server_port);
+    fflush(stdout);
+
+    if ((ret = mbedtls_net_connect(&server_fd,
+                                   opt.server_addr, opt.server_port,
+                                   opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ?
+                                   MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_connect returned -0x%x\n\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    if (opt.nbio > 0) {
+        ret = mbedtls_net_set_nonblock(&server_fd);
+    } else {
+        ret = mbedtls_net_set_block(&server_fd);
+    }
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  ! net_set_(non)block() returned -0x%x\n\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 3. Setup stuff
+     */
+    mbedtls_printf("  . Setting up the SSL/TLS structure...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ssl_config_defaults(&conf,
+                                           MBEDTLS_SSL_IS_CLIENT,
+                                           opt.transport,
+                                           MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_config_defaults returned -0x%x\n\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    /* The default algorithms profile disables SHA-1, but our tests still
+       rely on it heavily. */
+    if (opt.allow_sha1 > 0) {
+        crt_profile_for_test.allowed_mds |= MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA1);
+        mbedtls_ssl_conf_cert_profile(&conf, &crt_profile_for_test);
+        mbedtls_ssl_conf_sig_hashes(&conf, ssl_sig_hashes_for_test);
+    }
+
+    if (opt.context_crt_cb == 0) {
+        mbedtls_ssl_conf_verify(&conf, my_verify, NULL);
+    }
+
+    memset(peer_crt_info, 0, sizeof(peer_crt_info));
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    if (opt.cid_enabled == 1 || opt.cid_enabled_renego == 1) {
+        if (opt.cid_enabled == 1        &&
+            opt.cid_enabled_renego == 1 &&
+            cid_len != cid_renego_len) {
+            mbedtls_printf("CID length must not change during renegotiation\n");
+            goto usage;
+        }
+
+        if (opt.cid_enabled == 1) {
+            ret = mbedtls_ssl_conf_cid(&conf, cid_len,
+                                       MBEDTLS_SSL_UNEXPECTED_CID_IGNORE);
+        } else {
+            ret = mbedtls_ssl_conf_cid(&conf, cid_renego_len,
+                                       MBEDTLS_SSL_UNEXPECTED_CID_IGNORE);
+        }
+
+        if (ret != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_conf_cid_len returned -%#04x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+    }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+    if (opt.auth_mode != DFL_AUTH_MODE) {
+        mbedtls_ssl_conf_authmode(&conf, opt.auth_mode);
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX) {
+        mbedtls_ssl_conf_handshake_timeout(&conf, opt.hs_to_min,
+                                           opt.hs_to_max);
+    }
+
+    if (opt.dgram_packing != DFL_DGRAM_PACKING) {
+        mbedtls_ssl_set_datagram_packing(&ssl, opt.dgram_packing);
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    if ((ret = mbedtls_ssl_conf_max_frag_len(&conf, opt.mfl_code)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_conf_max_frag_len returned %d\n\n",
+                       ret);
+        goto exit;
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+    const mbedtls_ssl_srtp_profile forced_profile[] =
+    { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET };
+    if (opt.use_srtp == 1) {
+        if (opt.force_srtp_profile != 0) {
+            ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles(&conf, forced_profile);
+        } else {
+            ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles(&conf, default_profiles);
+        }
+
+        if (ret != 0) {
+            mbedtls_printf(" failed\n  ! "
+                           "mbedtls_ssl_conf_dtls_srtp_protection_profiles returned %d\n\n",
+                           ret);
+            goto exit;
+        }
+
+    } else if (opt.force_srtp_profile != 0) {
+        mbedtls_printf(" failed\n  ! must enable use_srtp to force srtp profile\n\n");
+        goto exit;
+    }
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    if (opt.trunc_hmac != DFL_TRUNC_HMAC) {
+        mbedtls_ssl_conf_truncated_hmac(&conf, opt.trunc_hmac);
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    if (opt.extended_ms != DFL_EXTENDED_MS) {
+        mbedtls_ssl_conf_extended_master_secret(&conf, opt.extended_ms);
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    if (opt.etm != DFL_ETM) {
+        mbedtls_ssl_conf_encrypt_then_mac(&conf, opt.etm);
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+    if (opt.eap_tls != 0) {
+        mbedtls_ssl_conf_export_keys_ext_cb(&conf, eap_tls_key_derivation,
+                                            &eap_tls_keying);
+    } else if (opt.nss_keylog != 0) {
+        mbedtls_ssl_conf_export_keys_ext_cb(&conf,
+                                            nss_keylog_export,
+                                            NULL);
+    }
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+    else if (opt.use_srtp != 0) {
+        mbedtls_ssl_conf_export_keys_ext_cb(&conf, dtls_srtp_key_derivation,
+                                            &dtls_srtp_keying);
+    }
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+    if (opt.recsplit != DFL_RECSPLIT) {
+        mbedtls_ssl_conf_cbc_record_splitting(&conf, opt.recsplit
+                                  ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED
+                                  : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED);
+    }
+#endif
+
+#if defined(MBEDTLS_DHM_C)
+    if (opt.dhmlen != DFL_DHMLEN) {
+        mbedtls_ssl_conf_dhm_min_bitlen(&conf, opt.dhmlen);
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_ALPN)
+    if (opt.alpn_string != NULL) {
+        if ((ret = mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n",
+                           ret);
+            goto exit;
+        }
+    }
+#endif
+
+    if (opt.reproducible) {
+#if defined(MBEDTLS_HAVE_TIME)
+#if defined(MBEDTLS_PLATFORM_TIME_ALT)
+        mbedtls_platform_set_time(dummy_constant_time);
+#else
+        fprintf(stderr, "Warning: reproducible option used without constant time\n");
+#endif
+#endif  /* MBEDTLS_HAVE_TIME */
+    }
+    mbedtls_ssl_conf_rng(&conf, rng_get, &rng);
+    mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
+
+    mbedtls_ssl_conf_read_timeout(&conf, opt.read_timeout);
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    mbedtls_ssl_conf_session_tickets(&conf, opt.tickets);
+#endif
+
+    if (opt.force_ciphersuite[0] != DFL_FORCE_CIPHER) {
+        mbedtls_ssl_conf_ciphersuites(&conf, opt.force_ciphersuite);
+    }
+
+#if defined(MBEDTLS_ARC4_C)
+    if (opt.arc4 != DFL_ARC4) {
+        mbedtls_ssl_conf_arc4_support(&conf, opt.arc4);
+    }
+#endif
+
+    if (opt.allow_legacy != DFL_ALLOW_LEGACY) {
+        mbedtls_ssl_conf_legacy_renegotiation(&conf, opt.allow_legacy);
+    }
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    mbedtls_ssl_conf_renegotiation(&conf, opt.renegotiation);
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    if (strcmp(opt.ca_path, "none") != 0 &&
+        strcmp(opt.ca_file, "none") != 0) {
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+        if (opt.ca_callback != 0) {
+            mbedtls_ssl_conf_ca_cb(&conf, ca_callback, &cacert);
+        } else
+#endif
+        mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL);
+    }
+    if (strcmp(opt.crt_file, "none") != 0 &&
+        strcmp(opt.key_file, "none") != 0) {
+        if ((ret = mbedtls_ssl_conf_own_cert(&conf, &clicert, &pkey)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n",
+                           ret);
+            goto exit;
+        }
+    }
+#endif  /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+#if defined(MBEDTLS_ECP_C)
+    if (opt.curves != NULL &&
+        strcmp(opt.curves, "default") != 0) {
+        mbedtls_ssl_conf_curves(&conf, curve_list);
+    }
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (opt.psk_opaque != 0) {
+        key_attributes = psa_key_attributes_init();
+        psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE);
+        psa_set_key_algorithm(&key_attributes, alg);
+        psa_set_key_type(&key_attributes, PSA_KEY_TYPE_DERIVE);
+
+        status = psa_import_key(&key_attributes, psk, psk_len, &slot);
+        if (status != PSA_SUCCESS) {
+            ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+            goto exit;
+        }
+
+        if ((ret = mbedtls_ssl_conf_psk_opaque(&conf, slot,
+                                               (const unsigned char *) opt.psk_identity,
+                                               strlen(opt.psk_identity))) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_conf_psk_opaque returned %d\n\n",
+                           ret);
+            goto exit;
+        }
+    } else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    if (psk_len > 0) {
+        ret = mbedtls_ssl_conf_psk(&conf, psk, psk_len,
+                                   (const unsigned char *) opt.psk_identity,
+                                   strlen(opt.psk_identity));
+        if (ret != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_conf_psk returned %d\n\n", ret);
+            goto exit;
+        }
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+
+    if (opt.min_version != DFL_MIN_VERSION) {
+        mbedtls_ssl_conf_min_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3,
+                                     opt.min_version);
+    }
+
+    if (opt.max_version != DFL_MAX_VERSION) {
+        mbedtls_ssl_conf_max_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3,
+                                     opt.max_version);
+    }
+
+#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
+    if (opt.fallback != DFL_FALLBACK) {
+        mbedtls_ssl_conf_fallback(&conf, opt.fallback);
+    }
+#endif
+
+    if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_setup returned -0x%x\n\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    if ((ret = mbedtls_ssl_set_hostname(&ssl, opt.server_name)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_set_hostname returned %d\n\n",
+                       ret);
+        goto exit;
+    }
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    if (opt.ecjpake_pw != DFL_ECJPAKE_PW) {
+        if ((ret = mbedtls_ssl_set_hs_ecjpake_password(&ssl,
+                                                       (const unsigned char *) opt.ecjpake_pw,
+                                                       strlen(opt.ecjpake_pw))) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n",
+                           ret);
+            goto exit;
+        }
+    }
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    if (opt.context_crt_cb == 1) {
+        mbedtls_ssl_set_verify(&ssl, my_verify, NULL);
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+    io_ctx.ssl = &ssl;
+    io_ctx.net = &server_fd;
+    mbedtls_ssl_set_bio(&ssl, &io_ctx, send_cb, recv_cb,
+                        opt.nbio == 0 ? recv_timeout_cb : NULL);
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        if ((ret = mbedtls_ssl_set_cid(&ssl, opt.cid_enabled,
+                                       cid, cid_len)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_set_cid returned %d\n\n",
+                           ret);
+            goto exit;
+        }
+    }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (opt.dtls_mtu != DFL_DTLS_MTU) {
+        mbedtls_ssl_set_mtu(&ssl, opt.dtls_mtu);
+    }
+#endif
+
+#if defined(MBEDTLS_TIMING_C)
+    mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay,
+                             mbedtls_timing_get_delay);
+#endif
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if (opt.ec_max_ops != DFL_EC_MAX_OPS) {
+        mbedtls_ecp_set_max_ops(opt.ec_max_ops);
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+    if (opt.use_srtp != 0 && strlen(opt.mki) != 0) {
+        if (mbedtls_test_unhexify(mki, sizeof(mki),
+                                  opt.mki, &mki_len) != 0) {
+            mbedtls_printf("mki value not valid hex\n");
+            goto exit;
+        }
+
+        mbedtls_ssl_conf_srtp_mki_value_supported(&conf, MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED);
+        if ((ret = mbedtls_ssl_dtls_srtp_set_mki_value(&ssl, mki,
+                                                       (uint16_t) strlen(opt.mki) / 2)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_dtls_srtp_set_mki_value returned %d\n\n", ret);
+            goto exit;
+        }
+    }
+#endif
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 4. Handshake
+     */
+    mbedtls_printf("  . Performing the SSL/TLS handshake...");
+    fflush(stdout);
+
+    while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) {
+        if (ret != MBEDTLS_ERR_SSL_WANT_READ &&
+            ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
+            ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_handshake returned -0x%x\n",
+                           (unsigned int) -ret);
+            if (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED) {
+                mbedtls_printf(
+                    "    Unable to verify the server's certificate. "
+                    "Either it is invalid,\n"
+                    "    or you didn't set ca_file or ca_path "
+                    "to an appropriate value.\n"
+                    "    Alternatively, you may want to use "
+                    "auth_mode=optional for testing purposes.\n");
+            }
+            mbedtls_printf("\n");
+            goto exit;
+        }
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+        if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) {
+            continue;
+        }
+#endif
+
+        /* For event-driven IO, wait for socket to become available */
+        if (opt.event == 1 /* level triggered IO */) {
+#if defined(MBEDTLS_TIMING_C)
+            ret = idle(&server_fd, &timer, ret);
+#else
+            ret = idle(&server_fd, ret);
+#endif
+            if (ret != 0) {
+                goto exit;
+            }
+        }
+    }
+
+    mbedtls_printf(" ok\n    [ Protocol is %s ]\n    [ Ciphersuite is %s ]\n",
+                   mbedtls_ssl_get_version(&ssl),
+                   mbedtls_ssl_get_ciphersuite(&ssl));
+
+    if ((ret = mbedtls_ssl_get_record_expansion(&ssl)) >= 0) {
+        mbedtls_printf("    [ Record expansion is %d ]\n", ret);
+    } else {
+        mbedtls_printf("    [ Record expansion is unknown (compression) ]\n");
+    }
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    mbedtls_printf("    [ Maximum input fragment length is %u ]\n",
+                   (unsigned int) mbedtls_ssl_get_input_max_frag_len(&ssl));
+    mbedtls_printf("    [ Maximum output fragment length is %u ]\n",
+                   (unsigned int) mbedtls_ssl_get_output_max_frag_len(&ssl));
+#endif
+
+#if defined(MBEDTLS_SSL_ALPN)
+    if (opt.alpn_string != NULL) {
+        const char *alp = mbedtls_ssl_get_alpn_protocol(&ssl);
+        mbedtls_printf("    [ Application Layer Protocol is %s ]\n",
+                       alp ? alp : "(none)");
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+    if (opt.eap_tls != 0) {
+        size_t j = 0;
+
+        if ((ret = mbedtls_ssl_tls_prf(eap_tls_keying.tls_prf_type,
+                                       eap_tls_keying.master_secret,
+                                       sizeof(eap_tls_keying.master_secret),
+                                       eap_tls_label,
+                                       eap_tls_keying.randbytes,
+                                       sizeof(eap_tls_keying.randbytes),
+                                       eap_tls_keymaterial,
+                                       sizeof(eap_tls_keymaterial)))
+            != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+
+        mbedtls_printf("    EAP-TLS key material is:");
+        for (j = 0; j < sizeof(eap_tls_keymaterial); j++) {
+            if (j % 8 == 0) {
+                mbedtls_printf("\n    ");
+            }
+            mbedtls_printf("%02x ", eap_tls_keymaterial[j]);
+        }
+        mbedtls_printf("\n");
+
+        if ((ret = mbedtls_ssl_tls_prf(eap_tls_keying.tls_prf_type, NULL, 0,
+                                       eap_tls_label,
+                                       eap_tls_keying.randbytes,
+                                       sizeof(eap_tls_keying.randbytes),
+                                       eap_tls_iv,
+                                       sizeof(eap_tls_iv))) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+
+        mbedtls_printf("    EAP-TLS IV is:");
+        for (j = 0; j < sizeof(eap_tls_iv); j++) {
+            if (j % 8 == 0) {
+                mbedtls_printf("\n    ");
+            }
+            mbedtls_printf("%02x ", eap_tls_iv[j]);
+        }
+        mbedtls_printf("\n");
+    }
+
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+    else if (opt.use_srtp != 0) {
+        size_t j = 0;
+        mbedtls_dtls_srtp_info dtls_srtp_negotiation_result;
+        mbedtls_ssl_get_dtls_srtp_negotiation_result(&ssl, &dtls_srtp_negotiation_result);
+
+        if (dtls_srtp_negotiation_result.chosen_dtls_srtp_profile
+            == MBEDTLS_TLS_SRTP_UNSET) {
+            mbedtls_printf("    Unable to negotiate "
+                           "the use of DTLS-SRTP\n");
+        } else {
+            if ((ret = mbedtls_ssl_tls_prf(dtls_srtp_keying.tls_prf_type,
+                                           dtls_srtp_keying.master_secret,
+                                           sizeof(dtls_srtp_keying.master_secret),
+                                           dtls_srtp_label,
+                                           dtls_srtp_keying.randbytes,
+                                           sizeof(dtls_srtp_keying.randbytes),
+                                           dtls_srtp_key_material,
+                                           sizeof(dtls_srtp_key_material)))
+                != 0) {
+                mbedtls_printf(" failed\n  ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
+                               (unsigned int) -ret);
+                goto exit;
+            }
+
+            mbedtls_printf("    DTLS-SRTP key material is:");
+            for (j = 0; j < sizeof(dtls_srtp_key_material); j++) {
+                if (j % 8 == 0) {
+                    mbedtls_printf("\n    ");
+                }
+                mbedtls_printf("%02x ", dtls_srtp_key_material[j]);
+            }
+            mbedtls_printf("\n");
+
+            /* produce a less readable output used to perform automatic checks
+             * - compare client and server output
+             * - interop test with openssl which client produces this kind of output
+             */
+            mbedtls_printf("    Keying material: ");
+            for (j = 0; j < sizeof(dtls_srtp_key_material); j++) {
+                mbedtls_printf("%02X", dtls_srtp_key_material[j]);
+            }
+            mbedtls_printf("\n");
+
+            if (dtls_srtp_negotiation_result.mki_len > 0) {
+                mbedtls_printf("    DTLS-SRTP mki value: ");
+                for (j = 0; j < dtls_srtp_negotiation_result.mki_len; j++) {
+                    mbedtls_printf("%02X", dtls_srtp_negotiation_result.mki_value[j]);
+                }
+            } else {
+                mbedtls_printf("    DTLS-SRTP no mki value negotiated");
+            }
+            mbedtls_printf("\n");
+        }
+    }
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+    if (opt.reconnect != 0) {
+        mbedtls_printf("  . Saving session for reuse...");
+        fflush(stdout);
+
+        if (opt.reco_mode == 1) {
+            /* free any previously saved data */
+            if (session_data != NULL) {
+                mbedtls_platform_zeroize(session_data, session_data_len);
+                mbedtls_free(session_data);
+                session_data = NULL;
+            }
+
+            /* get size of the buffer needed */
+            mbedtls_ssl_session_save(mbedtls_ssl_get_session_pointer(&ssl),
+                                     NULL, 0, &session_data_len);
+            session_data = mbedtls_calloc(1, session_data_len);
+            if (session_data == NULL) {
+                mbedtls_printf(" failed\n  ! alloc %u bytes for session data\n",
+                               (unsigned) session_data_len);
+                ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
+                goto exit;
+            }
+
+            /* actually save session data */
+            if ((ret = mbedtls_ssl_session_save(mbedtls_ssl_get_session_pointer(&ssl),
+                                                session_data, session_data_len,
+                                                &session_data_len)) != 0) {
+                mbedtls_printf(" failed\n  ! mbedtls_ssl_session_saved returned -0x%04x\n\n",
+                               (unsigned int) -ret);
+                goto exit;
+            }
+        } else {
+            if ((ret = mbedtls_ssl_get_session(&ssl, &saved_session)) != 0) {
+                mbedtls_printf(" failed\n  ! mbedtls_ssl_get_session returned -0x%x\n\n",
+                               (unsigned int) -ret);
+                goto exit;
+            }
+        }
+
+        mbedtls_printf(" ok\n");
+
+        if (opt.reco_mode == 1) {
+            mbedtls_printf("    [ Saved %u bytes of session data]\n",
+                           (unsigned) session_data_len);
+        }
+    }
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    /*
+     * 5. Verify the server certificate
+     */
+    mbedtls_printf("  . Verifying peer X.509 certificate...");
+
+    if ((flags = mbedtls_ssl_get_verify_result(&ssl)) != 0) {
+        char vrfy_buf[512];
+
+        mbedtls_printf(" failed\n");
+
+        mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf),
+                                     "  ! ", flags);
+
+        mbedtls_printf("%s\n", vrfy_buf);
+    } else {
+        mbedtls_printf(" ok\n");
+    }
+
+    mbedtls_printf("  . Peer certificate information    ...\n");
+    mbedtls_printf("%s\n", peer_crt_info);
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    ret = report_cid_usage(&ssl, "initial handshake");
+    if (ret != 0) {
+        goto exit;
+    }
+
+    if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        if ((ret = mbedtls_ssl_set_cid(&ssl, opt.cid_enabled_renego,
+                                       cid_renego,
+                                       cid_renego_len)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_set_cid returned %d\n\n",
+                           ret);
+            goto exit;
+        }
+    }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if (opt.renegotiate) {
+        /*
+         * Perform renegotiation (this must be done when the server is waiting
+         * for input from our side).
+         */
+        mbedtls_printf("  . Performing renegotiation...");
+        fflush(stdout);
+        while ((ret = mbedtls_ssl_renegotiate(&ssl)) != 0) {
+            if (ret != MBEDTLS_ERR_SSL_WANT_READ &&
+                ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
+                ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) {
+                mbedtls_printf(" failed\n  ! mbedtls_ssl_renegotiate returned %d\n\n",
+                               ret);
+                goto exit;
+            }
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+            if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) {
+                continue;
+            }
+#endif
+
+            /* For event-driven IO, wait for socket to become available */
+            if (opt.event == 1 /* level triggered IO */) {
+#if defined(MBEDTLS_TIMING_C)
+                idle(&server_fd, &timer, ret);
+#else
+                idle(&server_fd, ret);
+#endif
+            }
+
+        }
+        mbedtls_printf(" ok\n");
+    }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    ret = report_cid_usage(&ssl, "after renegotiation");
+    if (ret != 0) {
+        goto exit;
+    }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+    /*
+     * 6. Write the GET request
+     */
+    retry_left = opt.max_resend;
+send_request:
+    mbedtls_printf("  > Write to server:");
+    fflush(stdout);
+
+    len = mbedtls_snprintf((char *) buf, sizeof(buf) - 1, GET_REQUEST,
+                           opt.request_page);
+    tail_len = (int) strlen(GET_REQUEST_END);
+
+    /* Add padding to GET request to reach opt.request_size in length */
+    if (opt.request_size != DFL_REQUEST_SIZE &&
+        len + tail_len < opt.request_size) {
+        memset(buf + len, 'A', opt.request_size - len - tail_len);
+        len += opt.request_size - len - tail_len;
+    }
+
+    strncpy((char *) buf + len, GET_REQUEST_END, sizeof(buf) - len - 1);
+    len += tail_len;
+
+    /* Truncate if request size is smaller than the "natural" size */
+    if (opt.request_size != DFL_REQUEST_SIZE &&
+        len > opt.request_size) {
+        len = opt.request_size;
+
+        /* Still end with \r\n unless that's really not possible */
+        if (len >= 2) {
+            buf[len - 2] = '\r';
+        }
+        if (len >= 1) {
+            buf[len - 1] = '\n';
+        }
+    }
+
+    if (opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM) {
+        written = 0;
+        frags = 0;
+
+        do {
+            while ((ret = mbedtls_ssl_write(&ssl, buf + written,
+                                            len - written)) < 0) {
+                if (ret != MBEDTLS_ERR_SSL_WANT_READ &&
+                    ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
+                    ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) {
+                    mbedtls_printf(" failed\n  ! mbedtls_ssl_write returned -0x%x\n\n",
+                                   (unsigned int) -ret);
+                    goto exit;
+                }
+
+                /* For event-driven IO, wait for socket to become available */
+                if (opt.event == 1 /* level triggered IO */) {
+#if defined(MBEDTLS_TIMING_C)
+                    idle(&server_fd, &timer, ret);
+#else
+                    idle(&server_fd, ret);
+#endif
+                }
+            }
+
+            frags++;
+            written += ret;
+        } while (written < len);
+    } else { /* Not stream, so datagram */
+        while (1) {
+            ret = mbedtls_ssl_write(&ssl, buf, len);
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+            if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) {
+                continue;
+            }
+#endif
+
+            if (ret != MBEDTLS_ERR_SSL_WANT_READ &&
+                ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+                break;
+            }
+
+            /* For event-driven IO, wait for socket to become available */
+            if (opt.event == 1 /* level triggered IO */) {
+#if defined(MBEDTLS_TIMING_C)
+                idle(&server_fd, &timer, ret);
+#else
+                idle(&server_fd, ret);
+#endif
+            }
+        }
+
+        if (ret < 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_write returned %d\n\n",
+                           ret);
+            goto exit;
+        }
+
+        frags = 1;
+        written = ret;
+
+        if (written < len) {
+            mbedtls_printf(" warning\n  ! request didn't fit into single datagram and "
+                           "was truncated to size %u", (unsigned) written);
+        }
+    }
+
+    buf[written] = '\0';
+    mbedtls_printf(" %d bytes written in %d fragments\n\n%s\n",
+                   written, frags, (char *) buf);
+
+    /* Send a non-empty request if request_size == 0 */
+    if (len == 0) {
+        opt.request_size = DFL_REQUEST_SIZE;
+        goto send_request;
+    }
+
+    /*
+     * 7. Read the HTTP response
+     */
+    mbedtls_printf("  < Read from server:");
+    fflush(stdout);
+
+    /*
+     * TLS and DTLS need different reading styles (stream vs datagram)
+     */
+    if (opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM) {
+        do {
+            len = sizeof(buf) - 1;
+            memset(buf, 0, sizeof(buf));
+            ret = mbedtls_ssl_read(&ssl, buf, len);
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+            if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) {
+                continue;
+            }
+#endif
+
+            if (ret == MBEDTLS_ERR_SSL_WANT_READ ||
+                ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
+                /* For event-driven IO, wait for socket to become available */
+                if (opt.event == 1 /* level triggered IO */) {
+#if defined(MBEDTLS_TIMING_C)
+                    idle(&server_fd, &timer, ret);
+#else
+                    idle(&server_fd, ret);
+#endif
+                }
+                continue;
+            }
+
+            if (ret <= 0) {
+                switch (ret) {
+                    case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
+                        mbedtls_printf(" connection was closed gracefully\n");
+                        ret = 0;
+                        goto close_notify;
+
+                    case 0:
+                    case MBEDTLS_ERR_NET_CONN_RESET:
+                        mbedtls_printf(" connection was reset by peer\n");
+                        ret = 0;
+                        goto reconnect;
+
+                    default:
+                        mbedtls_printf(" mbedtls_ssl_read returned -0x%x\n",
+                                       (unsigned int) -ret);
+                        goto exit;
+                }
+            }
+
+            len = ret;
+            buf[len] = '\0';
+            mbedtls_printf(" %d bytes read\n\n%s", len, (char *) buf);
+
+            /* End of message should be detected according to the syntax of the
+             * application protocol (eg HTTP), just use a dummy test here. */
+            if (ret > 0 && buf[len-1] == '\n') {
+                ret = 0;
+                break;
+            }
+        } while (1);
+    } else { /* Not stream, so datagram */
+        len = sizeof(buf) - 1;
+        memset(buf, 0, sizeof(buf));
+
+        while (1) {
+            ret = mbedtls_ssl_read(&ssl, buf, len);
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+            if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) {
+                continue;
+            }
+#endif
+
+            if (ret != MBEDTLS_ERR_SSL_WANT_READ &&
+                ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+                break;
+            }
+
+            /* For event-driven IO, wait for socket to become available */
+            if (opt.event == 1 /* level triggered IO */) {
+#if defined(MBEDTLS_TIMING_C)
+                idle(&server_fd, &timer, ret);
+#else
+                idle(&server_fd, ret);
+#endif
+            }
+        }
+
+        if (ret <= 0) {
+            switch (ret) {
+                case MBEDTLS_ERR_SSL_TIMEOUT:
+                    mbedtls_printf(" timeout\n");
+                    if (retry_left-- > 0) {
+                        goto send_request;
+                    }
+                    goto exit;
+
+                case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
+                    mbedtls_printf(" connection was closed gracefully\n");
+                    ret = 0;
+                    goto close_notify;
+
+                default:
+                    mbedtls_printf(" mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret);
+                    goto exit;
+            }
+        }
+
+        len = ret;
+        buf[len] = '\0';
+        mbedtls_printf(" %d bytes read\n\n%s", len, (char *) buf);
+        ret = 0;
+    }
+
+    /*
+     * 7b. Simulate hard reset and reconnect from same port?
+     */
+    if (opt.reconnect_hard != 0) {
+        opt.reconnect_hard = 0;
+
+        mbedtls_printf("  . Restarting connection from same port...");
+        fflush(stdout);
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+        memset(peer_crt_info, 0, sizeof(peer_crt_info));
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+        if ((ret = mbedtls_ssl_session_reset(&ssl)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_session_reset returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+
+        while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) {
+            if (ret != MBEDTLS_ERR_SSL_WANT_READ &&
+                ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
+                ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) {
+                mbedtls_printf(" failed\n  ! mbedtls_ssl_handshake returned -0x%x\n\n",
+                               (unsigned int) -ret);
+                goto exit;
+            }
+
+            /* For event-driven IO, wait for socket to become available */
+            if (opt.event == 1 /* level triggered IO */) {
+#if defined(MBEDTLS_TIMING_C)
+                idle(&server_fd, &timer, ret);
+#else
+                idle(&server_fd, ret);
+#endif
+            }
+        }
+
+        mbedtls_printf(" ok\n");
+
+        goto send_request;
+    }
+
+    /*
+     * 7c. Simulate serialize/deserialize and go back to data exchange
+     */
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+    if (opt.serialize != 0) {
+        size_t buf_len;
+
+        mbedtls_printf("  . Serializing live connection...");
+
+        ret = mbedtls_ssl_context_save(&ssl, NULL, 0, &buf_len);
+        if (ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_context_save returned "
+                           "-0x%x\n\n", (unsigned int) -ret);
+
+            goto exit;
+        }
+
+        if ((context_buf = mbedtls_calloc(1, buf_len)) == NULL) {
+            mbedtls_printf(" failed\n  ! Couldn't allocate buffer for "
+                           "serialized context");
+
+            goto exit;
+        }
+        context_buf_len = buf_len;
+
+        if ((ret = mbedtls_ssl_context_save(&ssl, context_buf,
+                                            buf_len, &buf_len)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_context_save returned "
+                           "-0x%x\n\n", (unsigned int) -ret);
+
+            goto exit;
+        }
+
+        mbedtls_printf(" ok\n");
+
+        /* Save serialized context to the 'opt.context_file' as a base64 code */
+        if (0 < strlen(opt.context_file)) {
+            FILE *b64_file;
+            uint8_t *b64_buf;
+            size_t b64_len;
+
+            mbedtls_printf("  . Save serialized context to a file... ");
+
+            mbedtls_base64_encode(NULL, 0, &b64_len, context_buf, buf_len);
+
+            if ((b64_buf = mbedtls_calloc(1, b64_len)) == NULL) {
+                mbedtls_printf("failed\n  ! Couldn't allocate buffer for "
+                               "the base64 code\n");
+                goto exit;
+            }
+
+            if ((ret = mbedtls_base64_encode(b64_buf, b64_len, &b64_len,
+                                             context_buf, buf_len)) != 0) {
+                mbedtls_printf("failed\n  ! mbedtls_base64_encode returned "
+                               "-0x%x\n", (unsigned int) -ret);
+                mbedtls_free(b64_buf);
+                goto exit;
+            }
+
+            if ((b64_file = fopen(opt.context_file, "w")) == NULL) {
+                mbedtls_printf("failed\n  ! Cannot open '%s' for writing.\n",
+                               opt.context_file);
+                mbedtls_free(b64_buf);
+                goto exit;
+            }
+
+            if (b64_len != fwrite(b64_buf, 1, b64_len, b64_file)) {
+                mbedtls_printf("failed\n  ! fwrite(%ld bytes) failed\n",
+                               (long) b64_len);
+                mbedtls_free(b64_buf);
+                fclose(b64_file);
+                goto exit;
+            }
+
+            mbedtls_free(b64_buf);
+            fclose(b64_file);
+
+            mbedtls_printf("ok\n");
+        }
+
+        if (opt.serialize == 1) {
+            /* nothing to do here, done by context_save() already */
+            mbedtls_printf("  . Context has been reset... ok\n");
+        }
+
+        if (opt.serialize == 2) {
+            mbedtls_printf("  . Freeing and reinitializing context...");
+
+            mbedtls_ssl_free(&ssl);
+
+            mbedtls_ssl_init(&ssl);
+
+            if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {
+                mbedtls_printf(" failed\n  ! mbedtls_ssl_setup returned "
+                               "-0x%x\n\n", (unsigned int) -ret);
+                goto exit;
+            }
+
+            if (opt.nbio == 2) {
+                mbedtls_ssl_set_bio(&ssl, &server_fd, delayed_send,
+                                    delayed_recv, NULL);
+            } else {
+                mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send,
+                                    mbedtls_net_recv,
+                                    opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL);
+            }
+
+#if defined(MBEDTLS_TIMING_C)
+            mbedtls_ssl_set_timer_cb(&ssl, &timer,
+                                     mbedtls_timing_set_delay,
+                                     mbedtls_timing_get_delay);
+#endif /* MBEDTLS_TIMING_C */
+
+            mbedtls_printf(" ok\n");
+        }
+
+        mbedtls_printf("  . Deserializing connection...");
+
+        if ((ret = mbedtls_ssl_context_load(&ssl, context_buf,
+                                            buf_len)) != 0) {
+            mbedtls_printf("failed\n  ! mbedtls_ssl_context_load returned "
+                           "-0x%x\n\n", (unsigned int) -ret);
+
+            goto exit;
+        }
+
+        mbedtls_free(context_buf);
+        context_buf = NULL;
+        context_buf_len = 0;
+
+        mbedtls_printf(" ok\n");
+    }
+#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
+
+    /*
+     * 7d. Continue doing data exchanges?
+     */
+    if (--opt.exchanges > 0) {
+        goto send_request;
+    }
+
+    /*
+     * 8. Done, cleanly close the connection
+     */
+close_notify:
+    mbedtls_printf("  . Closing the connection...");
+    fflush(stdout);
+
+    /*
+     * Most of the time sending a close_notify before closing is the right
+     * thing to do. However, when the server already knows how many messages
+     * are expected and closes the connection by itself, this alert becomes
+     * redundant. Sometimes with DTLS this redundancy becomes a problem by
+     * leading to a race condition where the server might close the connection
+     * before seeing the alert, and since UDP is connection-less when the
+     * alert arrives it will be seen as a new connection, which will fail as
+     * the alert is clearly not a valid ClientHello. This may cause spurious
+     * failures in tests that use DTLS and resumption with ssl_server2 in
+     * ssl-opt.sh, avoided by enabling skip_close_notify client-side.
+     */
+    if (opt.skip_close_notify == 0) {
+        /* No error checking, the connection might be closed already */
+        do {
+            ret = mbedtls_ssl_close_notify(&ssl);
+        } while (ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+        ret = 0;
+    }
+
+    mbedtls_printf(" done\n");
+
+    /*
+     * 9. Reconnect?
+     */
+reconnect:
+    if (opt.reconnect != 0) {
+        --opt.reconnect;
+
+        mbedtls_net_free(&server_fd);
+
+#if defined(MBEDTLS_TIMING_C)
+        if (opt.reco_delay > 0) {
+            mbedtls_net_usleep(1000000 * opt.reco_delay);
+        }
+#endif
+
+        mbedtls_printf("  . Reconnecting with saved session...");
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+        memset(peer_crt_info, 0, sizeof(peer_crt_info));
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+        if ((ret = mbedtls_ssl_session_reset(&ssl)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_session_reset returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+
+        if (opt.reco_mode == 1) {
+            if ((ret = mbedtls_ssl_session_load(&saved_session,
+                                                session_data,
+                                                session_data_len)) != 0) {
+                mbedtls_printf(" failed\n  ! mbedtls_ssl_session_load returned -0x%x\n\n",
+                               (unsigned int) -ret);
+                goto exit;
+            }
+        }
+
+        if ((ret = mbedtls_ssl_set_session(&ssl, &saved_session)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_set_session returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+
+        if ((ret = mbedtls_net_connect(&server_fd,
+                                       opt.server_addr, opt.server_port,
+                                       opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ?
+                                       MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_net_connect returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+
+        if (opt.nbio > 0) {
+            ret = mbedtls_net_set_nonblock(&server_fd);
+        } else {
+            ret = mbedtls_net_set_block(&server_fd);
+        }
+        if (ret != 0) {
+            mbedtls_printf(" failed\n  ! net_set_(non)block() returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+
+        while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) {
+            if (ret != MBEDTLS_ERR_SSL_WANT_READ &&
+                ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
+                ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) {
+                mbedtls_printf(" failed\n  ! mbedtls_ssl_handshake returned -0x%x\n\n",
+                               (unsigned int) -ret);
+                goto exit;
+            }
+        }
+
+        mbedtls_printf(" ok\n");
+
+        goto send_request;
+    }
+
+    /*
+     * Cleanup and exit
+     */
+exit:
+#ifdef MBEDTLS_ERROR_C
+    if (ret != 0) {
+        char error_buf[100];
+        mbedtls_strerror(ret, error_buf, 100);
+        mbedtls_printf("Last error was: -0x%X - %s\n\n", (unsigned int) -ret, error_buf);
+    }
+#endif
+
+    mbedtls_net_free(&server_fd);
+
+    mbedtls_ssl_free(&ssl);
+    mbedtls_ssl_config_free(&conf);
+    mbedtls_ssl_session_free(&saved_session);
+
+    if (session_data != NULL) {
+        mbedtls_platform_zeroize(session_data, session_data_len);
+    }
+    mbedtls_free(session_data);
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+    if (context_buf != NULL) {
+        mbedtls_platform_zeroize(context_buf, context_buf_len);
+    }
+    mbedtls_free(context_buf);
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    mbedtls_x509_crt_free(&clicert);
+    mbedtls_x509_crt_free(&cacert);
+    mbedtls_pk_free(&pkey);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_destroy_key(key_slot);
+#endif
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) && \
+    defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (opt.psk_opaque != 0) {
+        /* This is ok even if the slot hasn't been
+         * initialized (we might have jumed here
+         * immediately because of bad cmd line params,
+         * for example). */
+        status = psa_destroy_key(slot);
+        if ((status != PSA_SUCCESS) &&
+            (opt.query_config_mode == DFL_QUERY_CONFIG_MODE)) {
+            mbedtls_printf("Failed to destroy key slot %u - error was %d",
+                           (unsigned) slot, (int) status);
+            if (ret == 0) {
+                ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+            }
+        }
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED &&
+          MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    const char *message = mbedtls_test_helper_is_psa_leaking();
+    if (message) {
+        if (ret == 0) {
+            ret = 1;
+        }
+        mbedtls_printf("PSA memory leak detected: %s\n",  message);
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    /* For builds with MBEDTLS_TEST_USE_PSA_CRYPTO_RNG psa crypto
+     * resources are freed by rng_free(). */
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
+    !defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
+    mbedtls_psa_crypto_free();
+#endif
+
+    rng_free(&rng);
+
+#if defined(MBEDTLS_TEST_HOOKS)
+    if (test_hooks_failure_detected()) {
+        if (ret == 0) {
+            ret = 1;
+        }
+        mbedtls_printf("Test hooks detected errors.\n");
+    }
+    test_hooks_free();
+#endif /* MBEDTLS_TEST_HOOKS */
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    mbedtls_memory_buffer_alloc_status();
+#endif
+    mbedtls_memory_buffer_alloc_free();
+#endif  /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */
+
+#if defined(_WIN32)
+    if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) {
+        mbedtls_printf("  + Press Enter to exit this program.\n");
+        fflush(stdout); getchar();
+    }
+#endif
+
+    // Shell can not handle large exit numbers -> 1 for errors
+    if (ret < 0) {
+        ret = 1;
+    }
+
+    if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) {
+        mbedtls_exit(ret);
+    } else {
+        mbedtls_exit(query_config_ret);
+    }
+}
+#endif /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_CLI_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_context_info.c b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_context_info.c
new file mode 100644
index 0000000..2a1fa41
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_context_info.c
@@ -0,0 +1,1015 @@
+/*
+ *  MbedTLS SSL context deserializer from base64 code
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+#include "mbedtls/debug.h"
+#include "mbedtls/platform.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#if !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_ERROR_C) || \
+    !defined(MBEDTLS_SSL_TLS_C)
+int main(void)
+{
+    printf("MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_ERROR_C and/or "
+           "MBEDTLS_SSL_TLS_C not defined.\n");
+    return 0;
+}
+#else
+
+#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
+#define _CRT_SECURE_NO_DEPRECATE 1
+#endif
+
+#include <stdint.h>
+#include <stdarg.h>
+#include <string.h>
+#if defined(MBEDTLS_HAVE_TIME)
+#include <time.h>
+#endif
+#include "mbedtls/ssl.h"
+#include "mbedtls/error.h"
+#include "mbedtls/base64.h"
+#include "mbedtls/md.h"
+#include "mbedtls/md_internal.h"
+#include "mbedtls/x509_crt.h"
+#include "mbedtls/ssl_ciphersuites.h"
+
+/*
+ * This program version
+ */
+#define PROG_NAME "ssl_context_info"
+#define VER_MAJOR 0
+#define VER_MINOR 1
+
+/*
+ * Flags copied from the Mbed TLS library.
+ */
+#define SESSION_CONFIG_TIME_BIT          (1 << 0)
+#define SESSION_CONFIG_CRT_BIT           (1 << 1)
+#define SESSION_CONFIG_CLIENT_TICKET_BIT (1 << 2)
+#define SESSION_CONFIG_MFL_BIT           (1 << 3)
+#define SESSION_CONFIG_TRUNC_HMAC_BIT    (1 << 4)
+#define SESSION_CONFIG_ETM_BIT           (1 << 5)
+#define SESSION_CONFIG_TICKET_BIT        (1 << 6)
+
+#define CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT    (1 << 0)
+#define CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT     (1 << 1)
+#define CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT      (1 << 2)
+#define CONTEXT_CONFIG_ALPN_BIT                  (1 << 3)
+
+#define TRANSFORM_RANDBYTE_LEN  64
+
+/*
+ * Minimum and maximum number of bytes for specific data: context, sessions,
+ * certificates, tickets and buffers in the program. The context and session
+ * size values have been calculated based on the 'print_deserialized_ssl_context()'
+ * and 'print_deserialized_ssl_session()' content.
+ */
+#define MIN_CONTEXT_LEN     84
+#define MIN_SESSION_LEN     88
+
+#define MAX_CONTEXT_LEN     875     /* without session data */
+#define MAX_SESSION_LEN     109     /* without certificate and ticket data */
+#define MAX_CERTIFICATE_LEN ((1 << 24) - 1)
+#define MAX_TICKET_LEN      ((1 << 24) - 1)
+
+#define MIN_SERIALIZED_DATA (MIN_CONTEXT_LEN + MIN_SESSION_LEN)
+#define MAX_SERIALIZED_DATA (MAX_CONTEXT_LEN + MAX_SESSION_LEN + \
+                             MAX_CERTIFICATE_LEN + MAX_TICKET_LEN)
+
+#define MIN_BASE64_LEN      (MIN_SERIALIZED_DATA * 4 / 3)
+#define MAX_BASE64_LEN      (MAX_SERIALIZED_DATA * 4 / 3 + 3)
+
+/*
+ * A macro that prevents from reading out of the ssl buffer range.
+ */
+#define CHECK_SSL_END(LEN)            \
+    do                                      \
+    {                                       \
+        if (end - ssl < (int) (LEN))      \
+        {                                   \
+            printf_err("%s", buf_ln_err); \
+            return;                         \
+        }                                   \
+    } while (0)
+
+/*
+ * Global values
+ */
+FILE *b64_file = NULL;                  /* file with base64 codes to deserialize */
+char conf_keep_peer_certificate = 1;    /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE from mbedTLS configuration */
+char conf_dtls_proto = 1;               /* MBEDTLS_SSL_PROTO_DTLS from mbedTLS configuration */
+char debug = 0;                         /* flag for debug messages */
+const char alloc_err[] = "Cannot allocate memory\n";
+const char buf_ln_err[] = "Buffer does not have enough data to complete the parsing\n";
+
+/*
+ * Basic printing functions
+ */
+void print_version(void)
+{
+    printf("%s v%d.%d\n", PROG_NAME, VER_MAJOR, VER_MINOR);
+}
+
+void print_usage(void)
+{
+    print_version();
+    printf("\nThis program is used to deserialize an Mbed TLS SSL session from the base64 code provided\n"
+           "in the text file. The program can deserialize many codes from one file, but they must be\n"
+           "separated, e.g. by a newline.\n\n");
+    printf(
+        "Usage:\n"
+        "\t-f path            - Path to the file with base64 code\n"
+        "\t-v                 - Show version\n"
+        "\t-h                 - Show this usage\n"
+        "\t-d                 - Print more information\n"
+        "\t--keep-peer-cert=0 - Use this option if you know that the Mbed TLS library\n"
+        "\t                     has been compiled with the MBEDTLS_SSL_KEEP_PEER_CERTIFICATE\n"
+        "\t                     flag. You can also use it if there are some problems with reading\n"
+        "\t                     the information about certificate\n"
+        "\t--dtls-protocol=0  - Use this option if you know that the Mbed TLS library\n"
+        "\t                     has been compiled without the MBEDTLS_SSL_PROTO_DTLS flag\n"
+        "\n"
+        );
+}
+
+void printf_dbg(const char *str, ...)
+{
+    if (debug) {
+        va_list args;
+        va_start(args, str);
+        printf("debug: ");
+        vprintf(str, args);
+        fflush(stdout);
+        va_end(args);
+    }
+}
+
+MBEDTLS_PRINTF_ATTRIBUTE(1, 2)
+void printf_err(const char *str, ...)
+{
+    va_list args;
+    va_start(args, str);
+    fflush(stdout);
+    fprintf(stderr, "ERROR: ");
+    vfprintf(stderr, str, args);
+    fflush(stderr);
+    va_end(args);
+}
+
+/*
+ * Exit from the program in case of error
+ */
+void error_exit(void)
+{
+    if (NULL != b64_file) {
+        fclose(b64_file);
+    }
+    exit(-1);
+}
+
+/*
+ * This function takes the input arguments of this program
+ */
+void parse_arguments(int argc, char *argv[])
+{
+    int i = 1;
+
+    if (argc < 2) {
+        print_usage();
+        error_exit();
+    }
+
+    while (i < argc) {
+        if (strcmp(argv[i], "-d") == 0) {
+            debug = 1;
+        } else if (strcmp(argv[i], "-h") == 0) {
+            print_usage();
+        } else if (strcmp(argv[i], "-v") == 0) {
+            print_version();
+        } else if (strcmp(argv[i], "-f") == 0) {
+            if (++i >= argc) {
+                printf_err("File path is empty\n");
+                error_exit();
+            }
+
+            if (NULL != b64_file) {
+                printf_err("Cannot specify more than one file with -f\n");
+                error_exit();
+            }
+
+            if ((b64_file = fopen(argv[i], "r")) == NULL) {
+                printf_err("Cannot find file \"%s\"\n", argv[i]);
+                error_exit();
+            }
+        } else if (strcmp(argv[i], "--keep-peer-cert=0") == 0) {
+            conf_keep_peer_certificate = 0;
+        } else if (strcmp(argv[i], "--dtls-protocol=0") == 0) {
+            conf_dtls_proto = 0;
+        } else {
+            print_usage();
+            error_exit();
+        }
+
+        i++;
+    }
+}
+
+/*
+ * This function prints base64 code to the stdout
+ */
+void print_b64(const uint8_t *b, size_t len)
+{
+    size_t i = 0;
+    const uint8_t *end = b + len;
+    printf("\t");
+    while (b < end) {
+        if (++i > 75) {
+            printf("\n\t");
+            i = 0;
+        }
+        printf("%c", *b++);
+    }
+    printf("\n");
+    fflush(stdout);
+}
+
+/*
+ * This function prints hex code from the buffer to the stdout.
+ *
+ * /p b         buffer with data to print
+ * /p len       number of bytes to print
+ * /p in_line   number of bytes in one line
+ * /p prefix    prefix for the new lines
+ */
+void print_hex(const uint8_t *b, size_t len,
+               const size_t in_line, const char *prefix)
+{
+    size_t i = 0;
+    const uint8_t *end = b + len;
+
+    if (prefix == NULL) {
+        prefix = "";
+    }
+
+    while (b < end) {
+        if (++i > in_line) {
+            printf("\n%s", prefix);
+            i = 1;
+        }
+        printf("%02X ", (uint8_t) *b++);
+    }
+    printf("\n");
+    fflush(stdout);
+}
+
+/*
+ *  Print the value of time_t in format e.g. 2020-01-23 13:05:59
+ */
+void print_time(const uint64_t *time)
+{
+#if defined(MBEDTLS_HAVE_TIME)
+    char buf[20];
+    struct tm *t = gmtime((time_t *) time);
+    static const char format[] = "%Y-%m-%d %H:%M:%S";
+    if (NULL != t) {
+        strftime(buf, sizeof(buf), format, t);
+        printf("%s\n", buf);
+    } else {
+        printf("unknown\n");
+    }
+#else
+    (void) time;
+    printf("not supported\n");
+#endif
+}
+
+/*
+ * Print the input string if the bit is set in the value
+ */
+void print_if_bit(const char *str, int bit, int val)
+{
+    if (bit & val) {
+        printf("\t%s\n", str);
+    }
+}
+
+/*
+ * Return pointer to hardcoded "enabled" or "disabled" depending on the input value
+ */
+const char *get_enabled_str(int is_en)
+{
+    return (is_en) ? "enabled" : "disabled";
+}
+
+/*
+ * Return pointer to hardcoded MFL string value depending on the MFL code at the input
+ */
+const char *get_mfl_str(int mfl_code)
+{
+    switch (mfl_code) {
+        case MBEDTLS_SSL_MAX_FRAG_LEN_NONE:
+            return "none";
+        case MBEDTLS_SSL_MAX_FRAG_LEN_512:
+            return "512";
+        case MBEDTLS_SSL_MAX_FRAG_LEN_1024:
+            return "1024";
+        case MBEDTLS_SSL_MAX_FRAG_LEN_2048:
+            return "2048";
+        case MBEDTLS_SSL_MAX_FRAG_LEN_4096:
+            return "4096";
+        default:
+            return "error";
+    }
+}
+
+/*
+ * Read next base64 code from the 'b64_file'. The 'b64_file' must be opened
+ * previously. After each call to this function, the internal file position
+ * indicator of the global b64_file is advanced.
+ *
+ * Note - This function checks the size of the input buffer and if necessary,
+ *        increases it to the maximum MAX_BASE64_LEN
+ *
+ * /p b64       pointer to the pointer of the buffer for input data
+ * /p max_len   pointer to the current buffer capacity. It can be changed if
+ *              the buffer needs to be increased
+ *
+ * \retval      number of bytes written in to the b64 buffer or 0 in case no more
+ *              data was found
+ */
+size_t read_next_b64_code(uint8_t **b64, size_t *max_len)
+{
+    int valid_balance = 0;  /* balance between valid and invalid characters */
+    size_t len = 0;
+    char pad = 0;
+    int c = 0;
+
+    while (EOF != c) {
+        char c_valid = 0;
+
+        c = fgetc(b64_file);
+
+        if (pad > 0) {
+            if (c == '=' && pad == 1) {
+                c_valid = 1;
+                pad = 2;
+            }
+        } else if ((c >= 'A' && c <= 'Z') ||
+                   (c >= 'a' && c <= 'z') ||
+                   (c >= '0' && c <= '9') ||
+                   c == '+' || c == '/') {
+            c_valid = 1;
+        } else if (c == '=') {
+            c_valid = 1;
+            pad = 1;
+        } else if (c == '-') {
+            c = '+';
+            c_valid = 1;
+        } else if (c == '_') {
+            c = '/';
+            c_valid = 1;
+        }
+
+        if (c_valid) {
+            /* A string of characters that could be a base64 code. */
+            valid_balance++;
+
+            if (len < *max_len) {
+                (*b64)[len++] = c;
+            } else if (*max_len < MAX_BASE64_LEN) {
+                /* Current buffer is too small, but can be resized. */
+                void *ptr;
+                size_t new_size = (MAX_BASE64_LEN - 4096 > *max_len) ?
+                                  *max_len + 4096 : MAX_BASE64_LEN;
+
+                ptr = realloc(*b64, new_size);
+                if (NULL == ptr) {
+                    printf_err(alloc_err);
+                    return 0;
+                }
+                *b64 = ptr;
+                *max_len = new_size;
+                (*b64)[len++] = c;
+            } else {
+                /* Too much data so it will be treated as invalid */
+                len++;
+            }
+        } else if (len > 0) {
+            /* End of a string that could be a base64 code, but need to check
+             * that the length of the characters is correct. */
+
+            valid_balance--;
+
+            if (len < MIN_CONTEXT_LEN) {
+                printf_dbg("The code found is too small to be a SSL context.\n");
+                len = pad = 0;
+            } else if (len > *max_len) {
+                printf_err("The code found is too large by %" MBEDTLS_PRINTF_SIZET " bytes.\n",
+                           len - *max_len);
+                len = pad = 0;
+            } else if (len % 4 != 0) {
+                printf_err("The length of the base64 code found should be a multiple of 4.\n");
+                len = pad = 0;
+            } else {
+                /* Base64 code with valid character length. */
+                return len;
+            }
+        } else {
+            valid_balance--;
+        }
+
+        /* Detection of potentially wrong file format like: binary, zip, ISO, etc. */
+        if (valid_balance < -100) {
+            printf_err("Too many bad symbols detected. File check aborted.\n");
+            return 0;
+        }
+    }
+
+    printf_dbg("End of file\n");
+    return 0;
+}
+
+/*
+ * This function deserializes and prints to the stdout all obtained information
+ * about the certificates from provided data.
+ *
+ * /p ssl   pointer to serialized certificate
+ * /p len   number of bytes in the buffer
+ */
+void print_deserialized_ssl_cert(const uint8_t *ssl, uint32_t len)
+{
+    enum { STRLEN = 4096 };
+    mbedtls_x509_crt crt;
+    int ret;
+    char str[STRLEN];
+
+    printf("\nCertificate:\n");
+
+    mbedtls_x509_crt_init(&crt);
+    ret = mbedtls_x509_crt_parse_der(&crt, ssl, len);
+    if (0 != ret) {
+        mbedtls_strerror(ret, str, STRLEN);
+        printf_err("Invalid format of X.509 - %s\n", str);
+        printf("Cannot deserialize:\n\t");
+        print_hex(ssl, len, 25, "\t");
+    } else {
+        mbedtls_x509_crt *current = &crt;
+
+        while (current != NULL) {
+            ret = mbedtls_x509_crt_info(str, STRLEN, "\t", current);
+            if (0 > ret) {
+                mbedtls_strerror(ret, str, STRLEN);
+                printf_err("Cannot write to the output - %s\n", str);
+            } else {
+                printf("%s", str);
+            }
+
+            current = current->next;
+
+            if (current) {
+                printf("\n");
+            }
+
+        }
+    }
+
+    mbedtls_x509_crt_free(&crt);
+}
+
+/*
+ * This function deserializes and prints to the stdout all obtained information
+ * about the session from provided data. This function was built based on
+ * mbedtls_ssl_session_load(). mbedtls_ssl_session_load() could not be used
+ * due to dependencies on the mbedTLS configuration.
+ *
+ * The data structure in the buffer:
+ *  uint64 start_time;
+ *  uint8 ciphersuite[2];        // defined by the standard
+ *  uint8 compression;           // 0 or 1
+ *  uint8 session_id_len;        // at most 32
+ *  opaque session_id[32];
+ *  opaque master[48];           // fixed length in the standard
+ *  uint32 verify_result;
+ *  opaque peer_cert<0..2^24-1>; // length 0 means no peer cert
+ *  opaque ticket<0..2^24-1>;    // length 0 means no ticket
+ *  uint32 ticket_lifetime;
+ *  uint8 mfl_code;              // up to 255 according to standard
+ *  uint8 trunc_hmac;            // 0 or 1
+ *  uint8 encrypt_then_mac;      // 0 or 1
+ *
+ * /p ssl               pointer to serialized session
+ * /p len               number of bytes in the buffer
+ * /p session_cfg_flag  session configuration flags
+ */
+void print_deserialized_ssl_session(const uint8_t *ssl, uint32_t len,
+                                    int session_cfg_flag)
+{
+    const struct mbedtls_ssl_ciphersuite_t *ciphersuite_info;
+    int ciphersuite_id;
+    uint32_t cert_len, ticket_len;
+    uint32_t verify_result, ticket_lifetime;
+    const uint8_t *end = ssl + len;
+
+    printf("\nSession info:\n");
+
+    if (session_cfg_flag & SESSION_CONFIG_TIME_BIT) {
+        uint64_t start;
+        CHECK_SSL_END(8);
+        start = ((uint64_t) ssl[0] << 56) |
+                ((uint64_t) ssl[1] << 48) |
+                ((uint64_t) ssl[2] << 40) |
+                ((uint64_t) ssl[3] << 32) |
+                ((uint64_t) ssl[4] << 24) |
+                ((uint64_t) ssl[5] << 16) |
+                ((uint64_t) ssl[6] <<  8) |
+                ((uint64_t) ssl[7]);
+        ssl += 8;
+        printf("\tstart time     : ");
+        print_time(&start);
+    }
+
+    CHECK_SSL_END(2);
+    ciphersuite_id = ((int) ssl[0] << 8) | (int) ssl[1];
+    printf_dbg("Ciphersuite ID: %d\n", ciphersuite_id);
+    ssl += 2;
+
+    ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(ciphersuite_id);
+    if (ciphersuite_info == NULL) {
+        printf_err("Cannot find ciphersuite info\n");
+    } else {
+        const mbedtls_cipher_info_t *cipher_info;
+        const mbedtls_md_info_t *md_info;
+
+        printf("\tciphersuite    : %s\n", ciphersuite_info->name);
+        printf("\tcipher flags   : 0x%02X\n", ciphersuite_info->flags);
+
+        cipher_info = mbedtls_cipher_info_from_type(ciphersuite_info->cipher);
+        if (cipher_info == NULL) {
+            printf_err("Cannot find cipher info\n");
+        } else {
+            printf("\tcipher         : %s\n", cipher_info->name);
+        }
+
+        md_info = mbedtls_md_info_from_type(ciphersuite_info->mac);
+        if (md_info == NULL) {
+            printf_err("Cannot find Message-Digest info\n");
+        } else {
+            printf("\tMessage-Digest : %s\n", md_info->name);
+        }
+    }
+
+    CHECK_SSL_END(1);
+    printf("\tcompression    : %s\n", get_enabled_str(*ssl++));
+
+    /* Note - Here we can get session ID length from serialized data, but we
+     * use hardcoded 32-bytes length. This approach was taken from
+     * 'mbedtls_ssl_session_load()'. */
+    CHECK_SSL_END(1 + 32);
+    printf_dbg("Session id length: %u\n", (uint32_t) *ssl++);
+    printf("\tsession ID     : ");
+    print_hex(ssl, 32, 16, "\t                 ");
+    ssl += 32;
+
+    printf("\tmaster secret  : ");
+    CHECK_SSL_END(48);
+    print_hex(ssl, 48, 16, "\t                 ");
+    ssl += 48;
+
+    CHECK_SSL_END(4);
+    verify_result = ((uint32_t) ssl[0] << 24) |
+                    ((uint32_t) ssl[1] << 16) |
+                    ((uint32_t) ssl[2] <<  8) |
+                    ((uint32_t) ssl[3]);
+    ssl += 4;
+    printf("\tverify result  : 0x%08X\n", verify_result);
+
+    if (SESSION_CONFIG_CRT_BIT & session_cfg_flag) {
+        if (conf_keep_peer_certificate) {
+            CHECK_SSL_END(3);
+            cert_len = ((uint32_t) ssl[0] << 16) |
+                       ((uint32_t) ssl[1] <<  8) |
+                       ((uint32_t) ssl[2]);
+            ssl += 3;
+            printf_dbg("Certificate length: %u\n", cert_len);
+
+            if (cert_len > 0) {
+                CHECK_SSL_END(cert_len);
+                print_deserialized_ssl_cert(ssl, cert_len);
+                ssl += cert_len;
+            }
+        } else {
+            printf("\tPeer digest    : ");
+
+            CHECK_SSL_END(1);
+            switch ((mbedtls_md_type_t) *ssl++) {
+                case MBEDTLS_MD_NONE:
+                    printf("none\n");
+                    break;
+                case MBEDTLS_MD_MD2:
+                    printf("MD2\n");
+                    break;
+                case MBEDTLS_MD_MD4:
+                    printf("MD4\n");
+                    break;
+                case MBEDTLS_MD_MD5:
+                    printf("MD5\n");
+                    break;
+                case MBEDTLS_MD_SHA1:
+                    printf("SHA1\n");
+                    break;
+                case MBEDTLS_MD_SHA224:
+                    printf("SHA224\n");
+                    break;
+                case MBEDTLS_MD_SHA256:
+                    printf("SHA256\n");
+                    break;
+                case MBEDTLS_MD_SHA384:
+                    printf("SHA384\n");
+                    break;
+                case MBEDTLS_MD_SHA512:
+                    printf("SHA512\n");
+                    break;
+                case MBEDTLS_MD_RIPEMD160:
+                    printf("RIPEMD160\n");
+                    break;
+                default:
+                    printf("undefined or erroneous\n");
+                    break;
+            }
+
+            CHECK_SSL_END(1);
+            cert_len  = (uint32_t) *ssl++;
+            printf_dbg("Message-Digest length: %u\n", cert_len);
+
+            if (cert_len > 0) {
+                printf("\tPeer digest cert : ");
+                CHECK_SSL_END(cert_len);
+                print_hex(ssl, cert_len, 16, "\t                   ");
+                ssl += cert_len;
+            }
+        }
+    }
+
+    if (SESSION_CONFIG_CLIENT_TICKET_BIT & session_cfg_flag) {
+        printf("\nTicket:\n");
+
+        CHECK_SSL_END(3);
+        ticket_len = ((uint32_t) ssl[0] << 16) |
+                     ((uint32_t) ssl[1] <<  8) |
+                     ((uint32_t) ssl[2]);
+        ssl += 3;
+        printf_dbg("Ticket length: %u\n", ticket_len);
+
+        if (ticket_len > 0) {
+            printf("\t");
+            CHECK_SSL_END(ticket_len);
+            print_hex(ssl, ticket_len, 22, "\t");
+            ssl += ticket_len;
+            printf("\n");
+        }
+
+        CHECK_SSL_END(4);
+        ticket_lifetime = ((uint32_t) ssl[0] << 24) |
+                          ((uint32_t) ssl[1] << 16) |
+                          ((uint32_t) ssl[2] <<  8) |
+                          ((uint32_t) ssl[3]);
+        ssl += 4;
+        printf("\tlifetime : %u sec.\n", ticket_lifetime);
+    }
+
+    if (ssl < end) {
+        printf("\nSession others:\n");
+    }
+
+    if (SESSION_CONFIG_MFL_BIT & session_cfg_flag) {
+        CHECK_SSL_END(1);
+        printf("\tMFL                      : %s\n", get_mfl_str(*ssl++));
+    }
+
+    if (SESSION_CONFIG_TRUNC_HMAC_BIT & session_cfg_flag) {
+        CHECK_SSL_END(1);
+        printf("\tnegotiate truncated HMAC : %s\n", get_enabled_str(*ssl++));
+    }
+
+    if (SESSION_CONFIG_ETM_BIT & session_cfg_flag) {
+        CHECK_SSL_END(1);
+        printf("\tEncrypt-then-MAC         : %s\n", get_enabled_str(*ssl++));
+    }
+
+    if (0 != (end - ssl)) {
+        printf_err("%i bytes left to analyze from session\n", (int32_t) (end - ssl));
+    }
+}
+
+/*
+ * This function deserializes and prints to the stdout all obtained information
+ * about the context from provided data. This function was built based on
+ * mbedtls_ssl_context_load(). mbedtls_ssl_context_load() could not be used
+ * due to dependencies on the mbedTLS configuration and the configuration of
+ * the context when serialization was created.
+ *
+ * The data structure in the buffer:
+ *  // header
+ *  uint8 version[3];
+ *  uint8 configuration[5];
+ *  // session sub-structure
+ *  uint32_t session_len;
+ *  opaque session<1..2^32-1>;  // see mbedtls_ssl_session_save()
+ *  // transform sub-structure
+ *  uint8 random[64];           // ServerHello.random+ClientHello.random
+ *  uint8 in_cid_len;
+ *  uint8 in_cid<0..2^8-1>      // Connection ID: expected incoming value
+ *  uint8 out_cid_len;
+ *  uint8 out_cid<0..2^8-1>     // Connection ID: outgoing value to use
+ *  // fields from ssl_context
+ *  uint32 badmac_seen;         // DTLS: number of records with failing MAC
+ *  uint64 in_window_top;       // DTLS: last validated record seq_num
+ *  uint64 in_window;           // DTLS: bitmask for replay protection
+ *  uint8 disable_datagram_packing; // DTLS: only one record per datagram
+ *  uint64 cur_out_ctr;         // Record layer: outgoing sequence number
+ *  uint16 mtu;                 // DTLS: path mtu (max outgoing fragment size)
+ *  uint8 alpn_chosen_len;
+ *  uint8 alpn_chosen<0..2^8-1> // ALPN: negotiated application protocol
+ *
+ * /p ssl   pointer to serialized session
+ * /p len   number of bytes in the buffer
+ */
+void print_deserialized_ssl_context(const uint8_t *ssl, size_t len)
+{
+    const uint8_t *end = ssl + len;
+    uint32_t session_len;
+    int session_cfg_flag;
+    int context_cfg_flag;
+
+    printf("\nMbed TLS version:\n");
+
+    CHECK_SSL_END(3 + 2 + 3);
+
+    printf("\tmajor    %u\n", (uint32_t) *ssl++);
+    printf("\tminor    %u\n", (uint32_t) *ssl++);
+    printf("\tpath     %u\n", (uint32_t) *ssl++);
+
+    printf("\nEnabled session and context configuration:\n");
+
+    session_cfg_flag = ((int) ssl[0] << 8) | ((int) ssl[1]);
+    ssl += 2;
+
+    context_cfg_flag = ((int) ssl[0] << 16) |
+                       ((int) ssl[1] <<  8) |
+                       ((int) ssl[2]);
+    ssl += 3;
+
+    printf_dbg("Session config flags 0x%04X\n", session_cfg_flag);
+    printf_dbg("Context config flags 0x%06X\n", context_cfg_flag);
+
+    print_if_bit("MBEDTLS_HAVE_TIME", SESSION_CONFIG_TIME_BIT, session_cfg_flag);
+    print_if_bit("MBEDTLS_X509_CRT_PARSE_C", SESSION_CONFIG_CRT_BIT, session_cfg_flag);
+    print_if_bit("MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", SESSION_CONFIG_MFL_BIT, session_cfg_flag);
+    print_if_bit("MBEDTLS_SSL_TRUNCATED_HMAC", SESSION_CONFIG_TRUNC_HMAC_BIT, session_cfg_flag);
+    print_if_bit("MBEDTLS_SSL_ENCRYPT_THEN_MAC", SESSION_CONFIG_ETM_BIT, session_cfg_flag);
+    print_if_bit("MBEDTLS_SSL_SESSION_TICKETS", SESSION_CONFIG_TICKET_BIT, session_cfg_flag);
+    print_if_bit("MBEDTLS_SSL_SESSION_TICKETS and client",
+                 SESSION_CONFIG_CLIENT_TICKET_BIT,
+                 session_cfg_flag);
+
+    print_if_bit("MBEDTLS_SSL_DTLS_CONNECTION_ID",
+                 CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT,
+                 context_cfg_flag);
+    print_if_bit("MBEDTLS_SSL_DTLS_BADMAC_LIMIT",
+                 CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT,
+                 context_cfg_flag);
+    print_if_bit("MBEDTLS_SSL_DTLS_ANTI_REPLAY",
+                 CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT,
+                 context_cfg_flag);
+    print_if_bit("MBEDTLS_SSL_ALPN", CONTEXT_CONFIG_ALPN_BIT, context_cfg_flag);
+
+    CHECK_SSL_END(4);
+    session_len = ((uint32_t) ssl[0] << 24) |
+                  ((uint32_t) ssl[1] << 16) |
+                  ((uint32_t) ssl[2] <<  8) |
+                  ((uint32_t) ssl[3]);
+    ssl += 4;
+    printf_dbg("Session length %u\n", session_len);
+
+    CHECK_SSL_END(session_len);
+    print_deserialized_ssl_session(ssl, session_len, session_cfg_flag);
+    ssl += session_len;
+
+    printf("\nRandom bytes:\n\t");
+
+    CHECK_SSL_END(TRANSFORM_RANDBYTE_LEN);
+    print_hex(ssl, TRANSFORM_RANDBYTE_LEN, 22, "\t");
+    ssl += TRANSFORM_RANDBYTE_LEN;
+
+    printf("\nContext others:\n");
+
+    if (CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT & context_cfg_flag) {
+        uint8_t cid_len;
+
+        CHECK_SSL_END(1);
+        cid_len = *ssl++;
+        printf_dbg("In CID length %u\n", (uint32_t) cid_len);
+
+        printf("\tin CID                             : ");
+        if (cid_len > 0) {
+            CHECK_SSL_END(cid_len);
+            print_hex(ssl, cid_len, 20, "\t");
+            ssl += cid_len;
+        } else {
+            printf("none\n");
+        }
+
+        CHECK_SSL_END(1);
+        cid_len = *ssl++;
+        printf_dbg("Out CID length %u\n", (uint32_t) cid_len);
+
+        printf("\tout CID                            : ");
+        if (cid_len > 0) {
+            CHECK_SSL_END(cid_len);
+            print_hex(ssl, cid_len, 20, "\t");
+            ssl += cid_len;
+        } else {
+            printf("none\n");
+        }
+    }
+
+    if (CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT & context_cfg_flag) {
+        uint32_t badmac_seen;
+
+        CHECK_SSL_END(4);
+        badmac_seen = ((uint32_t) ssl[0] << 24) |
+                      ((uint32_t) ssl[1] << 16) |
+                      ((uint32_t) ssl[2] <<  8) |
+                      ((uint32_t) ssl[3]);
+        ssl += 4;
+        printf("\tbad MAC seen number                : %u\n", badmac_seen);
+
+        /* value 'in_window_top' from mbedtls_ssl_context */
+        printf("\tlast validated record sequence no. : ");
+        CHECK_SSL_END(8);
+        print_hex(ssl, 8, 20, "");
+        ssl += 8;
+
+        /* value 'in_window' from mbedtls_ssl_context */
+        printf("\tbitmask for replay detection       : ");
+        CHECK_SSL_END(8);
+        print_hex(ssl, 8, 20, "");
+        ssl += 8;
+    }
+
+    if (conf_dtls_proto) {
+        CHECK_SSL_END(1);
+        printf("\tDTLS datagram packing              : %s\n",
+               get_enabled_str(!(*ssl++)));
+    }
+
+    /* value 'cur_out_ctr' from mbedtls_ssl_context */
+    printf("\toutgoing record sequence no.       : ");
+    CHECK_SSL_END(8);
+    print_hex(ssl, 8, 20, "");
+    ssl += 8;
+
+    if (conf_dtls_proto) {
+        uint16_t mtu;
+        CHECK_SSL_END(2);
+        mtu = (ssl[0] << 8) | ssl[1];
+        ssl += 2;
+        printf("\tMTU                                : %u\n", mtu);
+    }
+
+
+    if (CONTEXT_CONFIG_ALPN_BIT & context_cfg_flag) {
+        uint8_t alpn_len;
+
+        CHECK_SSL_END(1);
+        alpn_len = *ssl++;
+        printf_dbg("ALPN length %u\n", (uint32_t) alpn_len);
+
+        printf("\tALPN negotiation                   : ");
+        CHECK_SSL_END(alpn_len);
+        if (alpn_len > 0) {
+            if (strlen((const char *) ssl) == alpn_len) {
+                printf("%s\n", ssl);
+            } else {
+                printf("\n");
+                printf_err("\tALPN negotiation is incorrect\n");
+            }
+            ssl += alpn_len;
+        } else {
+            printf("not selected\n");
+        }
+    }
+
+    if (0 != (end - ssl)) {
+        printf_err("%i bytes left to analyze from context\n", (int32_t) (end - ssl));
+    }
+    printf("\n");
+}
+
+int main(int argc, char *argv[])
+{
+    enum { SSL_INIT_LEN = 4096 };
+
+    uint32_t b64_counter = 0;
+    uint8_t *b64_buf = NULL;
+    uint8_t *ssl_buf = NULL;
+    size_t b64_max_len = SSL_INIT_LEN;
+    size_t ssl_max_len = SSL_INIT_LEN;
+    size_t ssl_len = 0;
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    /* The 'b64_file' is opened when parsing arguments to check that the
+     * file name is correct */
+    parse_arguments(argc, argv);
+
+    if (NULL != b64_file) {
+        b64_buf = malloc(SSL_INIT_LEN);
+        ssl_buf = malloc(SSL_INIT_LEN);
+
+        if (NULL == b64_buf || NULL == ssl_buf) {
+            printf_err(alloc_err);
+            fclose(b64_file);
+            b64_file = NULL;
+        }
+    }
+
+    while (NULL != b64_file) {
+        size_t b64_len = read_next_b64_code(&b64_buf, &b64_max_len);
+        if (b64_len > 0) {
+            int ret;
+            size_t ssl_required_len = b64_len * 3 / 4 + 1;
+
+            /* Allocate more memory if necessary. */
+            if (ssl_required_len > ssl_max_len) {
+                void *ptr = realloc(ssl_buf, ssl_required_len);
+                if (NULL == ptr) {
+                    printf_err(alloc_err);
+                    fclose(b64_file);
+                    b64_file = NULL;
+                    break;
+                }
+                ssl_buf = ptr;
+                ssl_max_len = ssl_required_len;
+            }
+
+            printf("\nDeserializing number %u:\n",  ++b64_counter);
+
+            printf("\nBase64 code:\n");
+            print_b64(b64_buf, b64_len);
+
+            ret = mbedtls_base64_decode(ssl_buf, ssl_max_len, &ssl_len, b64_buf, b64_len);
+            if (ret != 0) {
+                mbedtls_strerror(ret, (char *) b64_buf, b64_max_len);
+                printf_err("base64 code cannot be decoded - %s\n", b64_buf);
+                continue;
+            }
+
+            if (debug) {
+                printf("\nDecoded data in hex:\n\t");
+                print_hex(ssl_buf, ssl_len, 25, "\t");
+            }
+
+            print_deserialized_ssl_context(ssl_buf, ssl_len);
+
+        } else {
+            fclose(b64_file);
+            b64_file = NULL;
+        }
+    }
+
+    free(b64_buf);
+    free(ssl_buf);
+
+    if (b64_counter > 0) {
+        printf_dbg("Finished. Found %u base64 codes\n", b64_counter);
+    } else {
+        printf("Finished. No valid base64 code found\n");
+    }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    return 0;
+}
+
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_fork_server.c b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_fork_server.c
new file mode 100644
index 0000000..b0a550f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_fork_server.c
@@ -0,0 +1,389 @@
+/*
+ *  SSL server demonstration program using fork() for handling multiple clients
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) ||    \
+    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \
+    !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) ||     \
+    !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) ||    \
+    !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_TIMING_C) || \
+    !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_PEM_PARSE_C)
+int main(int argc, char *argv[])
+{
+    ((void) argc);
+    ((void) argv);
+
+    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C "
+                   "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
+                   "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
+                   "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or "
+                   "MBEDTLS_TIMING_C and/or MBEDTLS_PEM_PARSE_C not defined.\n");
+    mbedtls_exit(0);
+}
+#elif defined(_WIN32)
+int main(void)
+{
+    mbedtls_printf("_WIN32 defined. This application requires fork() and signals "
+                   "to work correctly.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/certs.h"
+#include "mbedtls/x509.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/timing.h"
+
+#include <string.h>
+#include <signal.h>
+
+#if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32)
+#include <unistd.h>
+#endif
+
+#define HTTP_RESPONSE \
+    "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
+    "<h2>Mbed TLS Test Server</h2>\r\n" \
+    "<p>Successful connection using: %s</p>\r\n"
+
+#define DEBUG_LEVEL 0
+
+
+static void my_debug(void *ctx, int level,
+                     const char *file, int line,
+                     const char *str)
+{
+    ((void) level);
+
+    mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str);
+    fflush((FILE *) ctx);
+}
+
+int main(void)
+{
+    int ret = 1, len, cnt = 0, pid;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    mbedtls_net_context listen_fd, client_fd;
+    unsigned char buf[1024];
+    const char *pers = "ssl_fork_server";
+
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    mbedtls_x509_crt srvcert;
+    mbedtls_pk_context pkey;
+
+    mbedtls_net_init(&listen_fd);
+    mbedtls_net_init(&client_fd);
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_config_init(&conf);
+    mbedtls_entropy_init(&entropy);
+    mbedtls_pk_init(&pkey);
+    mbedtls_x509_crt_init(&srvcert);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    signal(SIGCHLD, SIG_IGN);
+
+    /*
+     * 0. Initial seeding of the RNG
+     */
+    mbedtls_printf("\n  . Initial seeding of the random generator...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                     (const unsigned char *) pers,
+                                     strlen(pers))) != 0) {
+        mbedtls_printf(" failed!  mbedtls_ctr_drbg_seed returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 1. Load the certificates and private RSA key
+     */
+    mbedtls_printf("  . Loading the server cert. and key...");
+    fflush(stdout);
+
+    /*
+     * This demonstration program uses embedded test certificates.
+     * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the
+     * server and CA certificates, as well as mbedtls_pk_parse_keyfile().
+     */
+    ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt,
+                                 mbedtls_test_srv_crt_len);
+    if (ret != 0) {
+        mbedtls_printf(" failed!  mbedtls_x509_crt_parse returned %d\n\n", ret);
+        goto exit;
+    }
+
+    ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_cas_pem,
+                                 mbedtls_test_cas_pem_len);
+    if (ret != 0) {
+        mbedtls_printf(" failed!  mbedtls_x509_crt_parse returned %d\n\n", ret);
+        goto exit;
+    }
+
+    ret =  mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key,
+                                mbedtls_test_srv_key_len, NULL, 0);
+    if (ret != 0) {
+        mbedtls_printf(" failed!  mbedtls_pk_parse_key returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 1b. Prepare SSL configuration
+     */
+    mbedtls_printf("  . Configuring SSL...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ssl_config_defaults(&conf,
+                                           MBEDTLS_SSL_IS_SERVER,
+                                           MBEDTLS_SSL_TRANSPORT_STREAM,
+                                           MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
+        mbedtls_printf(" failed!  mbedtls_ssl_config_defaults returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
+    mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
+
+    mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL);
+    if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey)) != 0) {
+        mbedtls_printf(" failed!  mbedtls_ssl_conf_own_cert returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 2. Setup the listening TCP socket
+     */
+    mbedtls_printf("  . Bind on https://localhost:4433/ ...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_net_bind(&listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP)) != 0) {
+        mbedtls_printf(" failed!  mbedtls_net_bind returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    while (1) {
+        /*
+         * 3. Wait until a client connects
+         */
+        mbedtls_net_init(&client_fd);
+        mbedtls_ssl_init(&ssl);
+
+        mbedtls_printf("  . Waiting for a remote connection ...\n");
+        fflush(stdout);
+
+        if ((ret = mbedtls_net_accept(&listen_fd, &client_fd,
+                                      NULL, 0, NULL)) != 0) {
+            mbedtls_printf(" failed!  mbedtls_net_accept returned %d\n\n", ret);
+            goto exit;
+        }
+
+        /*
+         * 3.5. Forking server thread
+         */
+
+        mbedtls_printf("  . Forking to handle connection ...");
+        fflush(stdout);
+
+        pid = fork();
+
+        if (pid < 0) {
+            mbedtls_printf(" failed!  fork returned %d\n\n", pid);
+            goto exit;
+        }
+
+        if (pid != 0) {
+            mbedtls_printf(" ok\n");
+            mbedtls_net_close(&client_fd);
+
+            if ((ret = mbedtls_ctr_drbg_reseed(&ctr_drbg,
+                                               (const unsigned char *) "parent",
+                                               6)) != 0) {
+                mbedtls_printf(" failed!  mbedtls_ctr_drbg_reseed returned %d\n\n", ret);
+                goto exit;
+            }
+
+            continue;
+        }
+
+        mbedtls_net_close(&listen_fd);
+
+        pid = getpid();
+
+        /*
+         * 4. Setup stuff
+         */
+        mbedtls_printf("pid %d: Setting up the SSL data.\n", pid);
+        fflush(stdout);
+
+        if ((ret = mbedtls_ctr_drbg_reseed(&ctr_drbg,
+                                           (const unsigned char *) "child",
+                                           5)) != 0) {
+            mbedtls_printf(
+                "pid %d: SSL setup failed!  mbedtls_ctr_drbg_reseed returned %d\n\n",
+                pid, ret);
+            goto exit;
+        }
+
+        if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {
+            mbedtls_printf(
+                "pid %d: SSL setup failed!  mbedtls_ssl_setup returned %d\n\n",
+                pid, ret);
+            goto exit;
+        }
+
+        mbedtls_ssl_set_bio(&ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL);
+
+        mbedtls_printf("pid %d: SSL setup ok\n", pid);
+
+        /*
+         * 5. Handshake
+         */
+        mbedtls_printf("pid %d: Performing the SSL/TLS handshake.\n", pid);
+        fflush(stdout);
+
+        while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) {
+            if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+                mbedtls_printf(
+                    "pid %d: SSL handshake failed!  mbedtls_ssl_handshake returned %d\n\n",
+                    pid, ret);
+                goto exit;
+            }
+        }
+
+        mbedtls_printf("pid %d: SSL handshake ok\n", pid);
+
+        /*
+         * 6. Read the HTTP Request
+         */
+        mbedtls_printf("pid %d: Start reading from client.\n", pid);
+        fflush(stdout);
+
+        do {
+            len = sizeof(buf) - 1;
+            memset(buf, 0, sizeof(buf));
+            ret = mbedtls_ssl_read(&ssl, buf, len);
+
+            if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
+                continue;
+            }
+
+            if (ret <= 0) {
+                switch (ret) {
+                    case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
+                        mbedtls_printf("pid %d: connection was closed gracefully\n", pid);
+                        break;
+
+                    case MBEDTLS_ERR_NET_CONN_RESET:
+                        mbedtls_printf("pid %d: connection was reset by peer\n", pid);
+                        break;
+
+                    default:
+                        mbedtls_printf("pid %d: mbedtls_ssl_read returned %d\n", pid, ret);
+                        break;
+                }
+
+                break;
+            }
+
+            len = ret;
+            mbedtls_printf("pid %d: %d bytes read\n\n%s", pid, len, (char *) buf);
+
+            if (ret > 0) {
+                break;
+            }
+        } while (1);
+
+        /*
+         * 7. Write the 200 Response
+         */
+        mbedtls_printf("pid %d: Start writing to client.\n", pid);
+        fflush(stdout);
+
+        len = sprintf((char *) buf, HTTP_RESPONSE,
+                      mbedtls_ssl_get_ciphersuite(&ssl));
+
+        while (cnt++ < 100) {
+            while ((ret = mbedtls_ssl_write(&ssl, buf, len)) <= 0) {
+                if (ret == MBEDTLS_ERR_NET_CONN_RESET) {
+                    mbedtls_printf(
+                        "pid %d: Write failed!  peer closed the connection\n\n", pid);
+                    goto exit;
+                }
+
+                if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+                    mbedtls_printf(
+                        "pid %d: Write failed!  mbedtls_ssl_write returned %d\n\n",
+                        pid, ret);
+                    goto exit;
+                }
+            }
+            len = ret;
+            mbedtls_printf("pid %d: %d bytes written\n\n%s\n", pid, len, (char *) buf);
+
+            mbedtls_net_usleep(1000000);
+        }
+
+        mbedtls_ssl_close_notify(&ssl);
+        goto exit;
+    }
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+    mbedtls_net_free(&client_fd);
+    mbedtls_net_free(&listen_fd);
+    mbedtls_x509_crt_free(&srvcert);
+    mbedtls_pk_free(&pkey);
+    mbedtls_ssl_free(&ssl);
+    mbedtls_ssl_config_free(&conf);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(_WIN32)
+    mbedtls_printf("  Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C &&
+          MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C &&
+          MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_PEM_PARSE_C &&
+          ! _WIN32 */
diff --git a/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_mail_client.c b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_mail_client.c
new file mode 100644
index 0000000..31da2ed
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_mail_client.c
@@ -0,0 +1,805 @@
+/*
+ *  SSL client for SMTP servers
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/* Enable definition of gethostname() even when compiling with -std=c99. Must
+ * be set before config.h, which pulls in glibc's features.h indirectly.
+ * Harmless on other platforms. */
+#define _POSIX_C_SOURCE 200112L
+#define _XOPEN_SOURCE 600
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) ||  \
+    !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
+    !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) ||         \
+    !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
+    !defined(MBEDTLS_FS_IO)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
+                   "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
+                   "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
+                   "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
+                   "not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include "mbedtls/base64.h"
+#include "mbedtls/error.h"
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/certs.h"
+#include "mbedtls/x509.h"
+
+#include <stdlib.h>
+#include <string.h>
+
+#if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32)
+#include <unistd.h>
+#else
+#include <io.h>
+#endif
+
+#if defined(_WIN32) || defined(_WIN32_WCE)
+#include <winsock2.h>
+#include <windows.h>
+
+#if defined(_MSC_VER)
+#if defined(_WIN32_WCE)
+#pragma comment( lib, "ws2.lib" )
+#else
+#pragma comment( lib, "ws2_32.lib" )
+#endif
+#endif /* _MSC_VER */
+#endif
+
+#define DFL_SERVER_NAME         "localhost"
+#define DFL_SERVER_PORT         "465"
+#define DFL_USER_NAME           "user"
+#define DFL_USER_PWD            "password"
+#define DFL_MAIL_FROM           ""
+#define DFL_MAIL_TO             ""
+#define DFL_DEBUG_LEVEL         0
+#define DFL_CA_FILE             ""
+#define DFL_CRT_FILE            ""
+#define DFL_KEY_FILE            ""
+#define DFL_FORCE_CIPHER        0
+#define DFL_MODE                0
+#define DFL_AUTHENTICATION      0
+
+#define MODE_SSL_TLS            0
+#define MODE_STARTTLS           0
+
+#if defined(MBEDTLS_BASE64_C)
+#define USAGE_AUTH \
+    "    authentication=%%d   default: 0 (disabled)\n"          \
+    "    user_name=%%s        default: \"" DFL_USER_NAME "\"\n" \
+                                                         "    user_pwd=%%s         default: \"" \
+    DFL_USER_PWD "\"\n"
+#else
+#define USAGE_AUTH \
+    "    authentication options disabled. (Require MBEDTLS_BASE64_C)\n"
+#endif /* MBEDTLS_BASE64_C */
+
+#if defined(MBEDTLS_FS_IO)
+#define USAGE_IO \
+    "    ca_file=%%s          default: \"\" (pre-loaded)\n" \
+    "    crt_file=%%s         default: \"\" (pre-loaded)\n" \
+    "    key_file=%%s         default: \"\" (pre-loaded)\n"
+#else
+#define USAGE_IO \
+    "    No file operations available (MBEDTLS_FS_IO not defined)\n"
+#endif /* MBEDTLS_FS_IO */
+
+#define USAGE \
+    "\n usage: ssl_mail_client param=<>...\n"                 \
+    "\n acceptable parameters:\n"                             \
+    "    server_name=%%s      default: " DFL_SERVER_NAME "\n" \
+                                                         "    server_port=%%d      default: " \
+    DFL_SERVER_PORT "\n" \
+                    "    debug_level=%%d      default: 0 (disabled)\n"        \
+                    "    mode=%%d             default: 0 (SSL/TLS) (1 for STARTTLS)\n"  \
+    USAGE_AUTH                                                \
+    "    mail_from=%%s        default: \"\"\n"                \
+    "    mail_to=%%s          default: \"\"\n"                \
+    USAGE_IO                                                  \
+    "    force_ciphersuite=<name>    default: all enabled\n"  \
+    " acceptable ciphersuite names:\n"
+
+
+/*
+ * global options
+ */
+struct options {
+    const char *server_name;    /* hostname of the server (client only)     */
+    const char *server_port;    /* port on which the ssl service runs       */
+    int debug_level;            /* level of debugging                       */
+    int authentication;         /* if authentication is required            */
+    int mode;                   /* SSL/TLS (0) or STARTTLS (1)              */
+    const char *user_name;      /* username to use for authentication       */
+    const char *user_pwd;       /* password to use for authentication       */
+    const char *mail_from;      /* E-Mail address to use as sender          */
+    const char *mail_to;        /* E-Mail address to use as recipient       */
+    const char *ca_file;        /* the file with the CA certificate(s)      */
+    const char *crt_file;       /* the file with the client certificate     */
+    const char *key_file;       /* the file with the client key             */
+    int force_ciphersuite[2];   /* protocol/ciphersuite to use, or all      */
+} opt;
+
+static void my_debug(void *ctx, int level,
+                     const char *file, int line,
+                     const char *str)
+{
+    ((void) level);
+
+    mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str);
+    fflush((FILE *) ctx);
+}
+
+static int do_handshake(mbedtls_ssl_context *ssl)
+{
+    int ret;
+    uint32_t flags;
+    unsigned char buf[1024];
+    memset(buf, 0, 1024);
+
+    /*
+     * 4. Handshake
+     */
+    mbedtls_printf("  . Performing the SSL/TLS handshake...");
+    fflush(stdout);
+
+    while ((ret = mbedtls_ssl_handshake(ssl)) != 0) {
+        if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+#if defined(MBEDTLS_ERROR_C)
+            mbedtls_strerror(ret, (char *) buf, 1024);
+#endif
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_handshake returned %d: %s\n\n", ret, buf);
+            return -1;
+        }
+    }
+
+    mbedtls_printf(" ok\n    [ Ciphersuite is %s ]\n",
+                   mbedtls_ssl_get_ciphersuite(ssl));
+
+    /*
+     * 5. Verify the server certificate
+     */
+    mbedtls_printf("  . Verifying peer X.509 certificate...");
+
+    /* In real life, we probably want to bail out when ret != 0 */
+    if ((flags = mbedtls_ssl_get_verify_result(ssl)) != 0) {
+        char vrfy_buf[512];
+
+        mbedtls_printf(" failed\n");
+
+        mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), "  ! ", flags);
+
+        mbedtls_printf("%s\n", vrfy_buf);
+    } else {
+        mbedtls_printf(" ok\n");
+    }
+
+    mbedtls_printf("  . Peer certificate information    ...\n");
+    mbedtls_x509_crt_info((char *) buf, sizeof(buf) - 1, "      ",
+                          mbedtls_ssl_get_peer_cert(ssl));
+    mbedtls_printf("%s\n", buf);
+
+    return 0;
+}
+
+static int write_ssl_data(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len)
+{
+    int ret;
+
+    mbedtls_printf("\n%s", buf);
+    while (len && (ret = mbedtls_ssl_write(ssl, buf, len)) <= 0) {
+        if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_write returned %d\n\n", ret);
+            return -1;
+        }
+    }
+
+    return 0;
+}
+
+static int write_ssl_and_get_response(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len)
+{
+    int ret;
+    unsigned char data[128];
+    char code[4];
+    size_t i, idx = 0;
+
+    mbedtls_printf("\n%s", buf);
+    while (len && (ret = mbedtls_ssl_write(ssl, buf, len)) <= 0) {
+        if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_write returned %d\n\n", ret);
+            return -1;
+        }
+    }
+
+    do {
+        len = sizeof(data) - 1;
+        memset(data, 0, sizeof(data));
+        ret = mbedtls_ssl_read(ssl, data, len);
+
+        if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
+            continue;
+        }
+
+        if (ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) {
+            return -1;
+        }
+
+        if (ret <= 0) {
+            mbedtls_printf("failed\n  ! mbedtls_ssl_read returned %d\n\n", ret);
+            return -1;
+        }
+
+        mbedtls_printf("\n%s", data);
+        len = ret;
+        for (i = 0; i < len; i++) {
+            if (data[i] != '\n') {
+                if (idx < 4) {
+                    code[idx++] = data[i];
+                }
+                continue;
+            }
+
+            if (idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ') {
+                code[3] = '\0';
+                return atoi(code);
+            }
+
+            idx = 0;
+        }
+    } while (1);
+}
+
+static int write_and_get_response(mbedtls_net_context *sock_fd, unsigned char *buf, size_t len)
+{
+    int ret;
+    unsigned char data[128];
+    char code[4];
+    size_t i, idx = 0;
+
+    mbedtls_printf("\n%s", buf);
+    if (len && (ret = mbedtls_net_send(sock_fd, buf, len)) <= 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_send returned %d\n\n", ret);
+        return -1;
+    }
+
+    do {
+        len = sizeof(data) - 1;
+        memset(data, 0, sizeof(data));
+        ret = mbedtls_net_recv(sock_fd, data, len);
+
+        if (ret <= 0) {
+            mbedtls_printf("failed\n  ! mbedtls_net_recv returned %d\n\n", ret);
+            return -1;
+        }
+
+        data[len] = '\0';
+        mbedtls_printf("\n%s", data);
+        len = ret;
+        for (i = 0; i < len; i++) {
+            if (data[i] != '\n') {
+                if (idx < 4) {
+                    code[idx++] = data[i];
+                }
+                continue;
+            }
+
+            if (idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ') {
+                code[3] = '\0';
+                return atoi(code);
+            }
+
+            idx = 0;
+        }
+    } while (1);
+}
+
+int main(int argc, char *argv[])
+{
+    int ret = 1, len;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    mbedtls_net_context server_fd;
+#if defined(MBEDTLS_BASE64_C)
+    unsigned char base[1024];
+    /* buf is used as the destination buffer for printing base with the format:
+     * "%s\r\n". Hence, the size of buf should be at least the size of base
+     * plus 2 bytes for the \r and \n characters.
+     */
+    unsigned char buf[sizeof(base) + 2];
+#else
+    unsigned char buf[1024];
+#endif
+    char hostname[32];
+    const char *pers = "ssl_mail_client";
+
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    mbedtls_x509_crt cacert;
+    mbedtls_x509_crt clicert;
+    mbedtls_pk_context pkey;
+    int i;
+    size_t n;
+    char *p, *q;
+    const int *list;
+
+    /*
+     * Make sure memory references are valid in case we exit early.
+     */
+    mbedtls_net_init(&server_fd);
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_config_init(&conf);
+    memset(&buf, 0, sizeof(buf));
+    mbedtls_x509_crt_init(&cacert);
+    mbedtls_x509_crt_init(&clicert);
+    mbedtls_pk_init(&pkey);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    mbedtls_entropy_init(&entropy);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if (argc < 2) {
+usage:
+        mbedtls_printf(USAGE);
+
+        list = mbedtls_ssl_list_ciphersuites();
+        while (*list) {
+            mbedtls_printf("    %s\n", mbedtls_ssl_get_ciphersuite_name(*list));
+            list++;
+        }
+        mbedtls_printf("\n");
+        goto exit;
+    }
+
+    opt.server_name         = DFL_SERVER_NAME;
+    opt.server_port         = DFL_SERVER_PORT;
+    opt.debug_level         = DFL_DEBUG_LEVEL;
+    opt.authentication      = DFL_AUTHENTICATION;
+    opt.mode                = DFL_MODE;
+    opt.user_name           = DFL_USER_NAME;
+    opt.user_pwd            = DFL_USER_PWD;
+    opt.mail_from           = DFL_MAIL_FROM;
+    opt.mail_to             = DFL_MAIL_TO;
+    opt.ca_file             = DFL_CA_FILE;
+    opt.crt_file            = DFL_CRT_FILE;
+    opt.key_file            = DFL_KEY_FILE;
+    opt.force_ciphersuite[0] = DFL_FORCE_CIPHER;
+
+    for (i = 1; i < argc; i++) {
+        p = argv[i];
+        if ((q = strchr(p, '=')) == NULL) {
+            goto usage;
+        }
+        *q++ = '\0';
+
+        if (strcmp(p, "server_name") == 0) {
+            opt.server_name = q;
+        } else if (strcmp(p, "server_port") == 0) {
+            opt.server_port = q;
+        } else if (strcmp(p, "debug_level") == 0) {
+            opt.debug_level = atoi(q);
+            if (opt.debug_level < 0 || opt.debug_level > 65535) {
+                goto usage;
+            }
+        } else if (strcmp(p, "authentication") == 0) {
+            opt.authentication = atoi(q);
+            if (opt.authentication < 0 || opt.authentication > 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "mode") == 0) {
+            opt.mode = atoi(q);
+            if (opt.mode < 0 || opt.mode > 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "user_name") == 0) {
+            opt.user_name = q;
+        } else if (strcmp(p, "user_pwd") == 0) {
+            opt.user_pwd = q;
+        } else if (strcmp(p, "mail_from") == 0) {
+            opt.mail_from = q;
+        } else if (strcmp(p, "mail_to") == 0) {
+            opt.mail_to = q;
+        } else if (strcmp(p, "ca_file") == 0) {
+            opt.ca_file = q;
+        } else if (strcmp(p, "crt_file") == 0) {
+            opt.crt_file = q;
+        } else if (strcmp(p, "key_file") == 0) {
+            opt.key_file = q;
+        } else if (strcmp(p, "force_ciphersuite") == 0) {
+            opt.force_ciphersuite[0] = -1;
+
+            opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(q);
+
+            if (opt.force_ciphersuite[0] <= 0) {
+                goto usage;
+            }
+
+            opt.force_ciphersuite[1] = 0;
+        } else {
+            goto usage;
+        }
+    }
+
+    /*
+     * 0. Initialize the RNG and the session data
+     */
+    mbedtls_printf("\n  . Seeding the random number generator...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                     (const unsigned char *) pers,
+                                     strlen(pers))) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 1.1. Load the trusted CA
+     */
+    mbedtls_printf("  . Loading the CA root certificate ...");
+    fflush(stdout);
+
+#if defined(MBEDTLS_FS_IO)
+    if (strlen(opt.ca_file)) {
+        ret = mbedtls_x509_crt_parse_file(&cacert, opt.ca_file);
+    } else
+#endif
+#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C)
+    ret = mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem,
+                                 mbedtls_test_cas_pem_len);
+#else
+    {
+        mbedtls_printf("MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined.");
+        goto exit;
+    }
+#endif
+    if (ret < 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_x509_crt_parse returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok (%d skipped)\n", ret);
+
+    /*
+     * 1.2. Load own certificate and private key
+     *
+     * (can be skipped if client authentication is not required)
+     */
+    mbedtls_printf("  . Loading the client cert. and key...");
+    fflush(stdout);
+
+#if defined(MBEDTLS_FS_IO)
+    if (strlen(opt.crt_file)) {
+        ret = mbedtls_x509_crt_parse_file(&clicert, opt.crt_file);
+    } else
+#endif
+#if defined(MBEDTLS_CERTS_C)
+    ret = mbedtls_x509_crt_parse(&clicert, (const unsigned char *) mbedtls_test_cli_crt,
+                                 mbedtls_test_cli_crt_len);
+#else
+    {
+        mbedtls_printf("MBEDTLS_CERTS_C not defined.");
+        goto exit;
+    }
+#endif
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_x509_crt_parse returned %d\n\n", ret);
+        goto exit;
+    }
+
+#if defined(MBEDTLS_FS_IO)
+    if (strlen(opt.key_file)) {
+        ret = mbedtls_pk_parse_keyfile(&pkey, opt.key_file, "");
+    } else
+#endif
+#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C)
+    ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_cli_key,
+                               mbedtls_test_cli_key_len, NULL, 0);
+#else
+    {
+        mbedtls_printf("MBEDTLS_CERTS_C or MBEDTLS_PEM_PARSE_C not defined.");
+        goto exit;
+    }
+#endif
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_pk_parse_key returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 2. Start the connection
+     */
+    mbedtls_printf("  . Connecting to tcp/%s/%s...", opt.server_name,
+                   opt.server_port);
+    fflush(stdout);
+
+    if ((ret = mbedtls_net_connect(&server_fd, opt.server_name,
+                                   opt.server_port, MBEDTLS_NET_PROTO_TCP)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_connect returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 3. Setup stuff
+     */
+    mbedtls_printf("  . Setting up the SSL/TLS structure...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ssl_config_defaults(&conf,
+                                           MBEDTLS_SSL_IS_CLIENT,
+                                           MBEDTLS_SSL_TRANSPORT_STREAM,
+                                           MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret);
+        goto exit;
+    }
+
+    /* OPTIONAL is not optimal for security,
+     * but makes interop easier in this simplified example */
+    mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
+
+    mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
+    mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
+
+    if (opt.force_ciphersuite[0] != DFL_FORCE_CIPHER) {
+        mbedtls_ssl_conf_ciphersuites(&conf, opt.force_ciphersuite);
+    }
+
+    mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL);
+    if ((ret = mbedtls_ssl_conf_own_cert(&conf, &clicert, &pkey)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_setup returned %d\n\n", ret);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_ssl_set_hostname(&ssl, opt.server_name)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_set_hostname returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL);
+
+    mbedtls_printf(" ok\n");
+
+    if (opt.mode == MODE_SSL_TLS) {
+        if (do_handshake(&ssl) != 0) {
+            goto exit;
+        }
+
+        mbedtls_printf("  > Get header from server:");
+        fflush(stdout);
+
+        ret = write_ssl_and_get_response(&ssl, buf, 0);
+        if (ret < 200 || ret > 299) {
+            mbedtls_printf(" failed\n  ! server responded with %d\n\n", ret);
+            goto exit;
+        }
+
+        mbedtls_printf(" ok\n");
+
+        mbedtls_printf("  > Write EHLO to server:");
+        fflush(stdout);
+
+        gethostname(hostname, 32);
+        len = sprintf((char *) buf, "EHLO %s\r\n", hostname);
+        ret = write_ssl_and_get_response(&ssl, buf, len);
+        if (ret < 200 || ret > 299) {
+            mbedtls_printf(" failed\n  ! server responded with %d\n\n", ret);
+            goto exit;
+        }
+    } else {
+        mbedtls_printf("  > Get header from server:");
+        fflush(stdout);
+
+        ret = write_and_get_response(&server_fd, buf, 0);
+        if (ret < 200 || ret > 299) {
+            mbedtls_printf(" failed\n  ! server responded with %d\n\n", ret);
+            goto exit;
+        }
+
+        mbedtls_printf(" ok\n");
+
+        mbedtls_printf("  > Write EHLO to server:");
+        fflush(stdout);
+
+        gethostname(hostname, 32);
+        len = sprintf((char *) buf, "EHLO %s\r\n", hostname);
+        ret = write_and_get_response(&server_fd, buf, len);
+        if (ret < 200 || ret > 299) {
+            mbedtls_printf(" failed\n  ! server responded with %d\n\n", ret);
+            goto exit;
+        }
+
+        mbedtls_printf(" ok\n");
+
+        mbedtls_printf("  > Write STARTTLS to server:");
+        fflush(stdout);
+
+        gethostname(hostname, 32);
+        len = sprintf((char *) buf, "STARTTLS\r\n");
+        ret = write_and_get_response(&server_fd, buf, len);
+        if (ret < 200 || ret > 299) {
+            mbedtls_printf(" failed\n  ! server responded with %d\n\n", ret);
+            goto exit;
+        }
+
+        mbedtls_printf(" ok\n");
+
+        if (do_handshake(&ssl) != 0) {
+            goto exit;
+        }
+    }
+
+#if defined(MBEDTLS_BASE64_C)
+    if (opt.authentication) {
+        mbedtls_printf("  > Write AUTH LOGIN to server:");
+        fflush(stdout);
+
+        len = sprintf((char *) buf, "AUTH LOGIN\r\n");
+        ret = write_ssl_and_get_response(&ssl, buf, len);
+        if (ret < 200 || ret > 399) {
+            mbedtls_printf(" failed\n  ! server responded with %d\n\n", ret);
+            goto exit;
+        }
+
+        mbedtls_printf(" ok\n");
+
+        mbedtls_printf("  > Write username to server: %s", opt.user_name);
+        fflush(stdout);
+
+        ret = mbedtls_base64_encode(base, sizeof(base), &n, (const unsigned char *) opt.user_name,
+                                    strlen(opt.user_name));
+
+        if (ret != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_base64_encode returned %d\n\n", ret);
+            goto exit;
+        }
+        len = sprintf((char *) buf, "%s\r\n", base);
+        ret = write_ssl_and_get_response(&ssl, buf, len);
+        if (ret < 300 || ret > 399) {
+            mbedtls_printf(" failed\n  ! server responded with %d\n\n", ret);
+            goto exit;
+        }
+
+        mbedtls_printf(" ok\n");
+
+        mbedtls_printf("  > Write password to server: %s", opt.user_pwd);
+        fflush(stdout);
+
+        ret = mbedtls_base64_encode(base, sizeof(base), &n, (const unsigned char *) opt.user_pwd,
+                                    strlen(opt.user_pwd));
+
+        if (ret != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_base64_encode returned %d\n\n", ret);
+            goto exit;
+        }
+        len = sprintf((char *) buf, "%s\r\n", base);
+        ret = write_ssl_and_get_response(&ssl, buf, len);
+        if (ret < 200 || ret > 399) {
+            mbedtls_printf(" failed\n  ! server responded with %d\n\n", ret);
+            goto exit;
+        }
+
+        mbedtls_printf(" ok\n");
+    }
+#endif
+
+    mbedtls_printf("  > Write MAIL FROM to server:");
+    fflush(stdout);
+
+    len = sprintf((char *) buf, "MAIL FROM:<%s>\r\n", opt.mail_from);
+    ret = write_ssl_and_get_response(&ssl, buf, len);
+    if (ret < 200 || ret > 299) {
+        mbedtls_printf(" failed\n  ! server responded with %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    mbedtls_printf("  > Write RCPT TO to server:");
+    fflush(stdout);
+
+    len = sprintf((char *) buf, "RCPT TO:<%s>\r\n", opt.mail_to);
+    ret = write_ssl_and_get_response(&ssl, buf, len);
+    if (ret < 200 || ret > 299) {
+        mbedtls_printf(" failed\n  ! server responded with %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    mbedtls_printf("  > Write DATA to server:");
+    fflush(stdout);
+
+    len = sprintf((char *) buf, "DATA\r\n");
+    ret = write_ssl_and_get_response(&ssl, buf, len);
+    if (ret < 300 || ret > 399) {
+        mbedtls_printf(" failed\n  ! server responded with %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    mbedtls_printf("  > Write content to server:");
+    fflush(stdout);
+
+    len = sprintf((char *) buf, "From: %s\r\nSubject: Mbed TLS Test mail\r\n\r\n"
+                                "This is a simple test mail from the "
+                                "Mbed TLS mail client example.\r\n"
+                                "\r\n"
+                                "Enjoy!", opt.mail_from);
+    ret = write_ssl_data(&ssl, buf, len);
+
+    len = sprintf((char *) buf, "\r\n.\r\n");
+    ret = write_ssl_and_get_response(&ssl, buf, len);
+    if (ret < 200 || ret > 299) {
+        mbedtls_printf(" failed\n  ! server responded with %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    mbedtls_ssl_close_notify(&ssl);
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+
+    mbedtls_net_free(&server_fd);
+    mbedtls_x509_crt_free(&clicert);
+    mbedtls_x509_crt_free(&cacert);
+    mbedtls_pk_free(&pkey);
+    mbedtls_ssl_free(&ssl);
+    mbedtls_ssl_config_free(&conf);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
+          MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C **
+          MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_pthread_server.c b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_pthread_server.c
new file mode 100644
index 0000000..f0a3658
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_pthread_server.c
@@ -0,0 +1,498 @@
+/*
+ *  SSL server demonstration program using pthread for handling multiple
+ *  clients.
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) ||            \
+    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) ||         \
+    !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) ||             \
+    !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) ||            \
+    !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) ||      \
+    !defined(MBEDTLS_THREADING_C) || !defined(MBEDTLS_THREADING_PTHREAD) || \
+    !defined(MBEDTLS_PEM_PARSE_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C "
+                   "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
+                   "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
+                   "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or "
+                   "MBEDTLS_THREADING_C and/or MBEDTLS_THREADING_PTHREAD "
+                   "and/or MBEDTLS_PEM_PARSE_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include <stdlib.h>
+#include <string.h>
+
+#if defined(_WIN32)
+#include <windows.h>
+#endif
+
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/certs.h"
+#include "mbedtls/x509.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/error.h"
+
+#if defined(MBEDTLS_SSL_CACHE_C)
+#include "mbedtls/ssl_cache.h"
+#endif
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+#include "mbedtls/memory_buffer_alloc.h"
+#endif
+
+
+#define HTTP_RESPONSE \
+    "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
+    "<h2>Mbed TLS Test Server</h2>\r\n" \
+    "<p>Successful connection using: %s</p>\r\n"
+
+#define DEBUG_LEVEL 0
+
+#define MAX_NUM_THREADS 5
+
+mbedtls_threading_mutex_t debug_mutex;
+
+static void my_mutexed_debug(void *ctx, int level,
+                             const char *file, int line,
+                             const char *str)
+{
+    long int thread_id = (long int) pthread_self();
+
+    mbedtls_mutex_lock(&debug_mutex);
+
+    ((void) level);
+    mbedtls_fprintf((FILE *) ctx, "%s:%04d: [ #%ld ] %s",
+                    file, line, thread_id, str);
+    fflush((FILE *) ctx);
+
+    mbedtls_mutex_unlock(&debug_mutex);
+}
+
+typedef struct {
+    mbedtls_net_context client_fd;
+    int thread_complete;
+    const mbedtls_ssl_config *config;
+} thread_info_t;
+
+typedef struct {
+    int active;
+    thread_info_t   data;
+    pthread_t       thread;
+} pthread_info_t;
+
+static thread_info_t    base_info;
+static pthread_info_t   threads[MAX_NUM_THREADS];
+
+static void *handle_ssl_connection(void *data)
+{
+    int ret, len;
+    thread_info_t *thread_info = (thread_info_t *) data;
+    mbedtls_net_context *client_fd = &thread_info->client_fd;
+    long int thread_id = (long int) pthread_self();
+    unsigned char buf[1024];
+    mbedtls_ssl_context ssl;
+
+    /* Make sure memory references are valid */
+    mbedtls_ssl_init(&ssl);
+
+    mbedtls_printf("  [ #%ld ]  Setting up SSL/TLS data\n", thread_id);
+
+    /*
+     * 4. Get the SSL context ready
+     */
+    if ((ret = mbedtls_ssl_setup(&ssl, thread_info->config)) != 0) {
+        mbedtls_printf("  [ #%ld ]  failed: mbedtls_ssl_setup returned -0x%04x\n",
+                       thread_id, (unsigned int) -ret);
+        goto thread_exit;
+    }
+
+    mbedtls_ssl_set_bio(&ssl, client_fd, mbedtls_net_send, mbedtls_net_recv, NULL);
+
+    /*
+     * 5. Handshake
+     */
+    mbedtls_printf("  [ #%ld ]  Performing the SSL/TLS handshake\n", thread_id);
+
+    while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) {
+        if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+            mbedtls_printf("  [ #%ld ]  failed: mbedtls_ssl_handshake returned -0x%04x\n",
+                           thread_id, (unsigned int) -ret);
+            goto thread_exit;
+        }
+    }
+
+    mbedtls_printf("  [ #%ld ]  ok\n", thread_id);
+
+    /*
+     * 6. Read the HTTP Request
+     */
+    mbedtls_printf("  [ #%ld ]  < Read from client\n", thread_id);
+
+    do {
+        len = sizeof(buf) - 1;
+        memset(buf, 0, sizeof(buf));
+        ret = mbedtls_ssl_read(&ssl, buf, len);
+
+        if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
+            continue;
+        }
+
+        if (ret <= 0) {
+            switch (ret) {
+                case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
+                    mbedtls_printf("  [ #%ld ]  connection was closed gracefully\n",
+                                   thread_id);
+                    goto thread_exit;
+
+                case MBEDTLS_ERR_NET_CONN_RESET:
+                    mbedtls_printf("  [ #%ld ]  connection was reset by peer\n",
+                                   thread_id);
+                    goto thread_exit;
+
+                default:
+                    mbedtls_printf("  [ #%ld ]  mbedtls_ssl_read returned -0x%04x\n",
+                                   thread_id, (unsigned int) -ret);
+                    goto thread_exit;
+            }
+        }
+
+        len = ret;
+        mbedtls_printf("  [ #%ld ]  %d bytes read\n=====\n%s\n=====\n",
+                       thread_id, len, (char *) buf);
+
+        if (ret > 0) {
+            break;
+        }
+    } while (1);
+
+    /*
+     * 7. Write the 200 Response
+     */
+    mbedtls_printf("  [ #%ld ]  > Write to client:\n", thread_id);
+
+    len = sprintf((char *) buf, HTTP_RESPONSE,
+                  mbedtls_ssl_get_ciphersuite(&ssl));
+
+    while ((ret = mbedtls_ssl_write(&ssl, buf, len)) <= 0) {
+        if (ret == MBEDTLS_ERR_NET_CONN_RESET) {
+            mbedtls_printf("  [ #%ld ]  failed: peer closed the connection\n",
+                           thread_id);
+            goto thread_exit;
+        }
+
+        if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+            mbedtls_printf("  [ #%ld ]  failed: mbedtls_ssl_write returned -0x%04x\n",
+                           thread_id, (unsigned int) ret);
+            goto thread_exit;
+        }
+    }
+
+    len = ret;
+    mbedtls_printf("  [ #%ld ]  %d bytes written\n=====\n%s\n=====\n",
+                   thread_id, len, (char *) buf);
+
+    mbedtls_printf("  [ #%ld ]  . Closing the connection...", thread_id);
+
+    while ((ret = mbedtls_ssl_close_notify(&ssl)) < 0) {
+        if (ret != MBEDTLS_ERR_SSL_WANT_READ &&
+            ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+            mbedtls_printf("  [ #%ld ]  failed: mbedtls_ssl_close_notify returned -0x%04x\n",
+                           thread_id, (unsigned int) ret);
+            goto thread_exit;
+        }
+    }
+
+    mbedtls_printf(" ok\n");
+
+    ret = 0;
+
+thread_exit:
+
+#ifdef MBEDTLS_ERROR_C
+    if (ret != 0) {
+        char error_buf[100];
+        mbedtls_strerror(ret, error_buf, 100);
+        mbedtls_printf("  [ #%ld ]  Last error was: -0x%04x - %s\n\n",
+                       thread_id, (unsigned int) -ret, error_buf);
+    }
+#endif
+
+    mbedtls_net_free(client_fd);
+    mbedtls_ssl_free(&ssl);
+
+    thread_info->thread_complete = 1;
+
+    return NULL;
+}
+
+static int thread_create(mbedtls_net_context *client_fd)
+{
+    int ret, i;
+
+    /*
+     * Find in-active or finished thread slot
+     */
+    for (i = 0; i < MAX_NUM_THREADS; i++) {
+        if (threads[i].active == 0) {
+            break;
+        }
+
+        if (threads[i].data.thread_complete == 1) {
+            mbedtls_printf("  [ main ]  Cleaning up thread %d\n", i);
+            pthread_join(threads[i].thread, NULL);
+            memset(&threads[i], 0, sizeof(pthread_info_t));
+            break;
+        }
+    }
+
+    if (i == MAX_NUM_THREADS) {
+        return -1;
+    }
+
+    /*
+     * Fill thread-info for thread
+     */
+    memcpy(&threads[i].data, &base_info, sizeof(base_info));
+    threads[i].active = 1;
+    memcpy(&threads[i].data.client_fd, client_fd, sizeof(mbedtls_net_context));
+
+    if ((ret = pthread_create(&threads[i].thread, NULL, handle_ssl_connection,
+                              &threads[i].data)) != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+
+int main(void)
+{
+    int ret;
+    mbedtls_net_context listen_fd, client_fd;
+    const char pers[] = "ssl_pthread_server";
+
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_ssl_config conf;
+    mbedtls_x509_crt srvcert;
+    mbedtls_x509_crt cachain;
+    mbedtls_pk_context pkey;
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+    unsigned char alloc_buf[100000];
+#endif
+#if defined(MBEDTLS_SSL_CACHE_C)
+    mbedtls_ssl_cache_context cache;
+#endif
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+    mbedtls_memory_buffer_alloc_init(alloc_buf, sizeof(alloc_buf));
+#endif
+
+#if defined(MBEDTLS_SSL_CACHE_C)
+    mbedtls_ssl_cache_init(&cache);
+#endif
+
+    mbedtls_x509_crt_init(&srvcert);
+    mbedtls_x509_crt_init(&cachain);
+
+    mbedtls_ssl_config_init(&conf);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    memset(threads, 0, sizeof(threads));
+    mbedtls_net_init(&listen_fd);
+    mbedtls_net_init(&client_fd);
+
+    mbedtls_mutex_init(&debug_mutex);
+
+    base_info.config = &conf;
+
+    /*
+     * We use only a single entropy source that is used in all the threads.
+     */
+    mbedtls_entropy_init(&entropy);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    /*
+     * 1. Load the certificates and private RSA key
+     */
+    mbedtls_printf("\n  . Loading the server cert. and key...");
+    fflush(stdout);
+
+    /*
+     * This demonstration program uses embedded test certificates.
+     * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the
+     * server and CA certificates, as well as mbedtls_pk_parse_keyfile().
+     */
+    ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt,
+                                 mbedtls_test_srv_crt_len);
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_x509_crt_parse returned %d\n\n", ret);
+        goto exit;
+    }
+
+    ret = mbedtls_x509_crt_parse(&cachain, (const unsigned char *) mbedtls_test_cas_pem,
+                                 mbedtls_test_cas_pem_len);
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_x509_crt_parse returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_pk_init(&pkey);
+    ret =  mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key,
+                                mbedtls_test_srv_key_len, NULL, 0);
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_pk_parse_key returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 1b. Seed the random number generator
+     */
+    mbedtls_printf("  . Seeding the random number generator...");
+
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                     (const unsigned char *) pers,
+                                     strlen(pers))) != 0) {
+        mbedtls_printf(" failed: mbedtls_ctr_drbg_seed returned -0x%04x\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 1c. Prepare SSL configuration
+     */
+    mbedtls_printf("  . Setting up the SSL data....");
+
+    if ((ret = mbedtls_ssl_config_defaults(&conf,
+                                           MBEDTLS_SSL_IS_SERVER,
+                                           MBEDTLS_SSL_TRANSPORT_STREAM,
+                                           MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
+        mbedtls_printf(" failed: mbedtls_ssl_config_defaults returned -0x%04x\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
+    mbedtls_ssl_conf_dbg(&conf, my_mutexed_debug, stdout);
+
+    /* mbedtls_ssl_cache_get() and mbedtls_ssl_cache_set() are thread-safe if
+     * MBEDTLS_THREADING_C is set.
+     */
+#if defined(MBEDTLS_SSL_CACHE_C)
+    mbedtls_ssl_conf_session_cache(&conf, &cache,
+                                   mbedtls_ssl_cache_get,
+                                   mbedtls_ssl_cache_set);
+#endif
+
+    mbedtls_ssl_conf_ca_chain(&conf, &cachain, NULL);
+    if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 2. Setup the listening TCP socket
+     */
+    mbedtls_printf("  . Bind on https://localhost:4433/ ...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_net_bind(&listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_bind returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+reset:
+#ifdef MBEDTLS_ERROR_C
+    if (ret != 0) {
+        char error_buf[100];
+        mbedtls_strerror(ret, error_buf, 100);
+        mbedtls_printf("  [ main ]  Last error was: -0x%04x - %s\n", (unsigned int) -ret,
+                       error_buf);
+    }
+#endif
+
+    /*
+     * 3. Wait until a client connects
+     */
+    mbedtls_printf("  [ main ]  Waiting for a remote connection\n");
+
+    if ((ret = mbedtls_net_accept(&listen_fd, &client_fd,
+                                  NULL, 0, NULL)) != 0) {
+        mbedtls_printf("  [ main ] failed: mbedtls_net_accept returned -0x%04x\n",
+                       (unsigned int) ret);
+        goto exit;
+    }
+
+    mbedtls_printf("  [ main ]  ok\n");
+    mbedtls_printf("  [ main ]  Creating a new thread\n");
+
+    if ((ret = thread_create(&client_fd)) != 0) {
+        mbedtls_printf("  [ main ]  failed: thread_create returned %d\n", ret);
+        mbedtls_net_free(&client_fd);
+        goto reset;
+    }
+
+    ret = 0;
+    goto reset;
+
+exit:
+    mbedtls_x509_crt_free(&srvcert);
+    mbedtls_pk_free(&pkey);
+#if defined(MBEDTLS_SSL_CACHE_C)
+    mbedtls_ssl_cache_free(&cache);
+#endif
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+    mbedtls_ssl_config_free(&conf);
+    mbedtls_net_free(&listen_fd);
+    mbedtls_mutex_free(&debug_mutex);
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+    mbedtls_memory_buffer_alloc_free();
+#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(_WIN32)
+    mbedtls_printf("  Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(ret);
+}
+
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C &&
+          MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C &&
+          MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_THREADING_C &&
+          MBEDTLS_THREADING_PTHREAD && MBEDTLS_PEM_PARSE_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_server.c b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_server.c
new file mode 100644
index 0000000..70074fa
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_server.c
@@ -0,0 +1,371 @@
+/*
+ *  SSL server demonstration program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) ||    \
+    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \
+    !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) ||     \
+    !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) ||    \
+    !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
+    !defined(MBEDTLS_PEM_PARSE_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C "
+                   "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
+                   "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
+                   "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
+                   "and/or MBEDTLS_PEM_PARSE_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include <stdlib.h>
+#include <string.h>
+
+#if defined(_WIN32)
+#include <windows.h>
+#endif
+
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/certs.h"
+#include "mbedtls/x509.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/error.h"
+#include "mbedtls/debug.h"
+
+#if defined(MBEDTLS_SSL_CACHE_C)
+#include "mbedtls/ssl_cache.h"
+#endif
+
+#define HTTP_RESPONSE \
+    "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
+    "<h2>Mbed TLS Test Server</h2>\r\n" \
+    "<p>Successful connection using: %s</p>\r\n"
+
+#define DEBUG_LEVEL 0
+
+
+static void my_debug(void *ctx, int level,
+                     const char *file, int line,
+                     const char *str)
+{
+    ((void) level);
+
+    mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str);
+    fflush((FILE *) ctx);
+}
+
+int main(void)
+{
+    int ret, len;
+    mbedtls_net_context listen_fd, client_fd;
+    unsigned char buf[1024];
+    const char *pers = "ssl_server";
+
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    mbedtls_x509_crt srvcert;
+    mbedtls_pk_context pkey;
+#if defined(MBEDTLS_SSL_CACHE_C)
+    mbedtls_ssl_cache_context cache;
+#endif
+
+    mbedtls_net_init(&listen_fd);
+    mbedtls_net_init(&client_fd);
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_config_init(&conf);
+#if defined(MBEDTLS_SSL_CACHE_C)
+    mbedtls_ssl_cache_init(&cache);
+#endif
+    mbedtls_x509_crt_init(&srvcert);
+    mbedtls_pk_init(&pkey);
+    mbedtls_entropy_init(&entropy);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_DEBUG_C)
+    mbedtls_debug_set_threshold(DEBUG_LEVEL);
+#endif
+
+    /*
+     * 1. Load the certificates and private RSA key
+     */
+    mbedtls_printf("\n  . Loading the server cert. and key...");
+    fflush(stdout);
+
+    /*
+     * This demonstration program uses embedded test certificates.
+     * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the
+     * server and CA certificates, as well as mbedtls_pk_parse_keyfile().
+     */
+    ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt,
+                                 mbedtls_test_srv_crt_len);
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_x509_crt_parse returned %d\n\n", ret);
+        goto exit;
+    }
+
+    ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_cas_pem,
+                                 mbedtls_test_cas_pem_len);
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_x509_crt_parse returned %d\n\n", ret);
+        goto exit;
+    }
+
+    ret =  mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key,
+                                mbedtls_test_srv_key_len, NULL, 0);
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_pk_parse_key returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 2. Setup the listening TCP socket
+     */
+    mbedtls_printf("  . Bind on https://localhost:4433/ ...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_net_bind(&listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_bind returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 3. Seed the RNG
+     */
+    mbedtls_printf("  . Seeding the random number generator...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                     (const unsigned char *) pers,
+                                     strlen(pers))) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 4. Setup stuff
+     */
+    mbedtls_printf("  . Setting up the SSL data....");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ssl_config_defaults(&conf,
+                                           MBEDTLS_SSL_IS_SERVER,
+                                           MBEDTLS_SSL_TRANSPORT_STREAM,
+                                           MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
+    mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
+
+#if defined(MBEDTLS_SSL_CACHE_C)
+    mbedtls_ssl_conf_session_cache(&conf, &cache,
+                                   mbedtls_ssl_cache_get,
+                                   mbedtls_ssl_cache_set);
+#endif
+
+    mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL);
+    if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_setup returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+reset:
+#ifdef MBEDTLS_ERROR_C
+    if (ret != 0) {
+        char error_buf[100];
+        mbedtls_strerror(ret, error_buf, 100);
+        mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf);
+    }
+#endif
+
+    mbedtls_net_free(&client_fd);
+
+    mbedtls_ssl_session_reset(&ssl);
+
+    /*
+     * 3. Wait until a client connects
+     */
+    mbedtls_printf("  . Waiting for a remote connection ...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_net_accept(&listen_fd, &client_fd,
+                                  NULL, 0, NULL)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_accept returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_ssl_set_bio(&ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL);
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 5. Handshake
+     */
+    mbedtls_printf("  . Performing the SSL/TLS handshake...");
+    fflush(stdout);
+
+    while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) {
+        if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_handshake returned %d\n\n", ret);
+            goto reset;
+        }
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 6. Read the HTTP Request
+     */
+    mbedtls_printf("  < Read from client:");
+    fflush(stdout);
+
+    do {
+        len = sizeof(buf) - 1;
+        memset(buf, 0, sizeof(buf));
+        ret = mbedtls_ssl_read(&ssl, buf, len);
+
+        if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
+            continue;
+        }
+
+        if (ret <= 0) {
+            switch (ret) {
+                case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
+                    mbedtls_printf(" connection was closed gracefully\n");
+                    break;
+
+                case MBEDTLS_ERR_NET_CONN_RESET:
+                    mbedtls_printf(" connection was reset by peer\n");
+                    break;
+
+                default:
+                    mbedtls_printf(" mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret);
+                    break;
+            }
+
+            break;
+        }
+
+        len = ret;
+        mbedtls_printf(" %d bytes read\n\n%s", len, (char *) buf);
+
+        if (ret > 0) {
+            break;
+        }
+    } while (1);
+
+    /*
+     * 7. Write the 200 Response
+     */
+    mbedtls_printf("  > Write to client:");
+    fflush(stdout);
+
+    len = sprintf((char *) buf, HTTP_RESPONSE,
+                  mbedtls_ssl_get_ciphersuite(&ssl));
+
+    while ((ret = mbedtls_ssl_write(&ssl, buf, len)) <= 0) {
+        if (ret == MBEDTLS_ERR_NET_CONN_RESET) {
+            mbedtls_printf(" failed\n  ! peer closed the connection\n\n");
+            goto reset;
+        }
+
+        if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_write returned %d\n\n", ret);
+            goto exit;
+        }
+    }
+
+    len = ret;
+    mbedtls_printf(" %d bytes written\n\n%s\n", len, (char *) buf);
+
+    mbedtls_printf("  . Closing the connection...");
+
+    while ((ret = mbedtls_ssl_close_notify(&ssl)) < 0) {
+        if (ret != MBEDTLS_ERR_SSL_WANT_READ &&
+            ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_close_notify returned %d\n\n", ret);
+            goto reset;
+        }
+    }
+
+    mbedtls_printf(" ok\n");
+
+    ret = 0;
+    goto reset;
+
+exit:
+
+#ifdef MBEDTLS_ERROR_C
+    if (ret != 0) {
+        char error_buf[100];
+        mbedtls_strerror(ret, error_buf, 100);
+        mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf);
+    }
+#endif
+
+    mbedtls_net_free(&client_fd);
+    mbedtls_net_free(&listen_fd);
+    mbedtls_x509_crt_free(&srvcert);
+    mbedtls_pk_free(&pkey);
+    mbedtls_ssl_free(&ssl);
+    mbedtls_ssl_config_free(&conf);
+#if defined(MBEDTLS_SSL_CACHE_C)
+    mbedtls_ssl_cache_free(&cache);
+#endif
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(_WIN32)
+    mbedtls_printf("  Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(ret);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C &&
+          MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C &&
+          MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C
+          && MBEDTLS_FS_IO && MBEDTLS_PEM_PARSE_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_server2.c b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_server2.c
new file mode 100644
index 0000000..5925ffc
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_server2.c
@@ -0,0 +1,3900 @@
+/*
+ *  SSL client with options
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "ssl_test_lib.h"
+
+#if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE)
+int main(void)
+{
+    mbedtls_printf(MBEDTLS_SSL_TEST_IMPOSSIBLE);
+    mbedtls_exit(0);
+}
+#elif !defined(MBEDTLS_SSL_SRV_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_SSL_SRV_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_SRV_C */
+
+#include <stdint.h>
+
+#if !defined(_MSC_VER)
+#include <inttypes.h>
+#endif
+
+#if !defined(_WIN32)
+#include <signal.h>
+#endif
+
+#if defined(MBEDTLS_SSL_CACHE_C)
+#include "mbedtls/ssl_cache.h"
+#endif
+
+#if defined(MBEDTLS_SSL_TICKET_C)
+#include "mbedtls/ssl_ticket.h"
+#endif
+
+#if defined(MBEDTLS_SSL_COOKIE_C)
+#include "mbedtls/ssl_cookie.h"
+#endif
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && defined(MBEDTLS_FS_IO)
+#define SNI_OPTION
+#endif
+
+#if defined(_WIN32)
+#include <windows.h>
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "test/psa_crypto_helpers.h"
+#endif
+
+/* Size of memory to be allocated for the heap, when using the library's memory
+ * management and MBEDTLS_MEMORY_BUFFER_ALLOC_C is enabled. */
+#define MEMORY_HEAP_SIZE        120000
+
+#define DFL_SERVER_ADDR         NULL
+#define DFL_SERVER_PORT         "4433"
+#define DFL_RESPONSE_SIZE       -1
+#define DFL_DEBUG_LEVEL         0
+#define DFL_NBIO                0
+#define DFL_EVENT               0
+#define DFL_READ_TIMEOUT        0
+#define DFL_CA_FILE             ""
+#define DFL_CA_PATH             ""
+#define DFL_CRT_FILE            ""
+#define DFL_KEY_FILE            ""
+#define DFL_KEY_OPAQUE          0
+#define DFL_KEY_PWD             ""
+#define DFL_CRT_FILE2           ""
+#define DFL_KEY_FILE2           ""
+#define DFL_KEY_PWD2            ""
+#define DFL_ASYNC_OPERATIONS    "-"
+#define DFL_ASYNC_PRIVATE_DELAY1 (-1)
+#define DFL_ASYNC_PRIVATE_DELAY2 (-1)
+#define DFL_ASYNC_PRIVATE_ERROR  (0)
+#define DFL_PSK                 ""
+#define DFL_PSK_OPAQUE          0
+#define DFL_PSK_LIST_OPAQUE     0
+#define DFL_PSK_IDENTITY        "Client_identity"
+#define DFL_ECJPAKE_PW          NULL
+#define DFL_PSK_LIST            NULL
+#define DFL_FORCE_CIPHER        0
+#define DFL_VERSION_SUITES      NULL
+#define DFL_RENEGOTIATION       MBEDTLS_SSL_RENEGOTIATION_DISABLED
+#define DFL_ALLOW_LEGACY        -2
+#define DFL_RENEGOTIATE         0
+#define DFL_RENEGO_DELAY        -2
+#define DFL_RENEGO_PERIOD       ((uint64_t) -1)
+#define DFL_EXCHANGES           1
+#define DFL_MIN_VERSION         -1
+#define DFL_MAX_VERSION         -1
+#define DFL_ARC4                -1
+#define DFL_SHA1                -1
+#define DFL_CID_ENABLED         0
+#define DFL_CID_VALUE           ""
+#define DFL_CID_ENABLED_RENEGO  -1
+#define DFL_CID_VALUE_RENEGO    NULL
+#define DFL_AUTH_MODE           -1
+#define DFL_CERT_REQ_CA_LIST    MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED
+#define DFL_MFL_CODE            MBEDTLS_SSL_MAX_FRAG_LEN_NONE
+#define DFL_TRUNC_HMAC          -1
+#define DFL_TICKETS             MBEDTLS_SSL_SESSION_TICKETS_ENABLED
+#define DFL_TICKET_TIMEOUT      86400
+#define DFL_CACHE_MAX           -1
+#define DFL_CACHE_TIMEOUT       -1
+#define DFL_SNI                 NULL
+#define DFL_ALPN_STRING         NULL
+#define DFL_CURVES              NULL
+#define DFL_DHM_FILE            NULL
+#define DFL_TRANSPORT           MBEDTLS_SSL_TRANSPORT_STREAM
+#define DFL_COOKIES             1
+#define DFL_ANTI_REPLAY         -1
+#define DFL_HS_TO_MIN           0
+#define DFL_HS_TO_MAX           0
+#define DFL_DTLS_MTU            -1
+#define DFL_BADMAC_LIMIT        -1
+#define DFL_DGRAM_PACKING        1
+#define DFL_EXTENDED_MS         -1
+#define DFL_ETM                 -1
+#define DFL_SERIALIZE           0
+#define DFL_CONTEXT_FILE        ""
+#define DFL_EXTENDED_MS_ENFORCE -1
+#define DFL_CA_CALLBACK         0
+#define DFL_EAP_TLS             0
+#define DFL_REPRODUCIBLE        0
+#define DFL_NSS_KEYLOG          0
+#define DFL_NSS_KEYLOG_FILE     NULL
+#define DFL_QUERY_CONFIG_MODE   0
+#define DFL_USE_SRTP            0
+#define DFL_SRTP_FORCE_PROFILE  0
+#define DFL_SRTP_SUPPORT_MKI    0
+
+#define LONG_RESPONSE "<p>01-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
+                      "02-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n"  \
+                      "03-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n"  \
+                      "04-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n"  \
+                      "05-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n"  \
+                      "06-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n"  \
+                      "07-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah</p>\r\n"
+
+/* Uncomment LONG_RESPONSE at the end of HTTP_RESPONSE to test sending longer
+ * packets (for fragmentation purposes) */
+#define HTTP_RESPONSE \
+    "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
+    "<h2>Mbed TLS Test Server</h2>\r\n" \
+    "<p>Successful connection using: %s</p>\r\n" // LONG_RESPONSE
+
+/*
+ * Size of the basic I/O buffer. Able to hold our default response.
+ */
+#define DFL_IO_BUF_LEN      200
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+#if defined(MBEDTLS_FS_IO)
+#define USAGE_IO \
+    "    ca_file=%%s          The single file containing the top-level CA(s) you fully trust\n" \
+    "                        default: \"\" (pre-loaded)\n" \
+    "                        use \"none\" to skip loading any top-level CAs.\n" \
+    "    ca_path=%%s          The path containing the top-level CA(s) you fully trust\n" \
+    "                        default: \"\" (pre-loaded) (overrides ca_file)\n" \
+    "                        use \"none\" to skip loading any top-level CAs.\n" \
+    "    crt_file=%%s         Your own cert and chain (in bottom to top order, top may be omitted)\n" \
+    "                        default: see note after key_file2\n" \
+    "    key_file=%%s         default: see note after key_file2\n" \
+    "    key_pwd=%%s          Password for key specified by key_file argument\n" \
+    "                        default: none\n" \
+    "    crt_file2=%%s        Your second cert and chain (in bottom to top order, top may be omitted)\n" \
+    "                        default: see note after key_file2\n" \
+    "    key_file2=%%s        default: see note below\n" \
+    "                        note: if neither crt_file/key_file nor crt_file2/key_file2 are used,\n" \
+    "                              preloaded certificate(s) and key(s) are used if available\n" \
+    "    key_pwd2=%%s         Password for key specified by key_file2 argument\n" \
+    "                        default: none\n" \
+    "    dhm_file=%%s        File containing Diffie-Hellman parameters\n" \
+    "                       default: preloaded parameters\n"
+#else
+#define USAGE_IO \
+    "\n"                                                    \
+    "    No file operations available (MBEDTLS_FS_IO not defined)\n" \
+    "\n"
+#endif /* MBEDTLS_FS_IO */
+#else
+#define USAGE_IO ""
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+#define USAGE_KEY_OPAQUE \
+    "    key_opaque=%%d       Handle your private keys as if they were opaque\n" \
+    "                        default: 0 (disabled)\n"
+#else
+#define USAGE_KEY_OPAQUE ""
+#endif
+
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+#define USAGE_SSL_ASYNC \
+    "    async_operations=%%c...   d=decrypt, s=sign (default: -=off)\n" \
+    "    async_private_delay1=%%d  Asynchronous delay for key_file or preloaded key\n" \
+    "    async_private_delay2=%%d  Asynchronous delay for key_file2 and sni\n" \
+    "                              default: -1 (not asynchronous)\n" \
+    "    async_private_error=%%d   Async callback error injection (default=0=none,\n" \
+    "                              1=start, 2=cancel, 3=resume, negative=first time only)"
+#else
+#define USAGE_SSL_ASYNC ""
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+#define USAGE_CID \
+    "    cid=%%d             Disable (0) or enable (1) the use of the DTLS Connection ID extension.\n" \
+    "                       default: 0 (disabled)\n"     \
+    "    cid_renego=%%d      Disable (0) or enable (1) the use of the DTLS Connection ID extension during renegotiation.\n" \
+    "                       default: same as 'cid' parameter\n"     \
+    "    cid_val=%%s          The CID to use for incoming messages (in hex, without 0x).\n"  \
+    "                        default: \"\"\n" \
+    "    cid_val_renego=%%s   The CID to use for incoming messages (in hex, without 0x) after renegotiation.\n"  \
+    "                        default: same as 'cid_val' parameter\n"
+#else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+#define USAGE_CID ""
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+#define USAGE_PSK_RAW                                               \
+    "    psk=%%s              default: \"\" (disabled)\n"     \
+    "                          The PSK values are in hex, without 0x.\n" \
+    "    psk_list=%%s         default: \"\"\n"                          \
+    "                          A list of (PSK identity, PSK value) pairs.\n" \
+    "                          The PSK values are in hex, without 0x.\n" \
+    "                          id1,psk1[,id2,psk2[,...]]\n"             \
+    "    psk_identity=%%s     default: \"Client_identity\"\n"
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#define USAGE_PSK_SLOT                          \
+    "    psk_opaque=%%d       default: 0 (don't use opaque static PSK)\n"     \
+    "                          Enable this to store the PSK configured through command line\n" \
+    "                          parameter `psk` in a PSA-based key slot.\n" \
+    "                          Note: Currently only supported in conjunction with\n"                  \
+    "                          the use of min_version to force TLS 1.2 and force_ciphersuite \n"      \
+    "                          to force a particular PSK-only ciphersuite.\n"                         \
+    "                          Note: This is to test integration of PSA-based opaque PSKs with\n"     \
+    "                          Mbed TLS only. Production systems are likely to configure Mbed TLS\n"  \
+    "                          with prepopulated key slots instead of importing raw key material.\n" \
+    "    psk_list_opaque=%%d  default: 0 (don't use opaque dynamic PSKs)\n"     \
+    "                          Enable this to store the list of dynamically chosen PSKs configured\n" \
+    "                          through the command line parameter `psk_list` in PSA-based key slots.\n" \
+    "                          Note: Currently only supported in conjunction with\n" \
+    "                          the use of min_version to force TLS 1.2 and force_ciphersuite \n" \
+    "                          to force a particular PSK-only ciphersuite.\n" \
+    "                          Note: This is to test integration of PSA-based opaque PSKs with\n" \
+    "                          Mbed TLS only. Production systems are likely to configure Mbed TLS\n" \
+    "                          with prepopulated key slots instead of importing raw key material.\n"
+#else
+#define USAGE_PSK_SLOT ""
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#define USAGE_PSK USAGE_PSK_RAW USAGE_PSK_SLOT
+#else
+#define USAGE_PSK ""
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+#define USAGE_CA_CALLBACK                       \
+    "   ca_callback=%%d       default: 0 (disabled)\n"      \
+    "                         Enable this to use the trusted certificate callback function\n"
+#else
+#define USAGE_CA_CALLBACK ""
+#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C)
+#define USAGE_TICKETS                                       \
+    "    tickets=%%d          default: 1 (enabled)\n"       \
+    "    ticket_timeout=%%d   default: 86400 (one day)\n"
+#else
+#define USAGE_TICKETS ""
+#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_TICKET_C */
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+#define USAGE_EAP_TLS                                       \
+    "    eap_tls=%%d          default: 0 (disabled)\n"
+#define USAGE_NSS_KEYLOG                                    \
+    "    nss_keylog=%%d          default: 0 (disabled)\n"   \
+    "                             This cannot be used with eap_tls=1\n"
+#define USAGE_NSS_KEYLOG_FILE                               \
+    "    nss_keylog_file=%%s\n"
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+#define USAGE_SRTP \
+    "    use_srtp=%%d         default: 0 (disabled)\n" \
+    "    srtp_force_profile=%%d  default: 0 (all enabled)\n"   \
+    "                        available profiles:\n"       \
+    "                        1 - SRTP_AES128_CM_HMAC_SHA1_80\n"  \
+    "                        2 - SRTP_AES128_CM_HMAC_SHA1_32\n"  \
+    "                        3 - SRTP_NULL_HMAC_SHA1_80\n"       \
+    "                        4 - SRTP_NULL_HMAC_SHA1_32\n"       \
+    "    support_mki=%%d     default: 0 (not supported)\n"
+#else /* MBEDTLS_SSL_DTLS_SRTP */
+#define USAGE_SRTP ""
+#endif
+#else /* MBEDTLS_SSL_EXPORT_KEYS */
+#define USAGE_EAP_TLS ""
+#define USAGE_NSS_KEYLOG ""
+#define USAGE_NSS_KEYLOG_FILE ""
+#define USAGE_SRTP ""
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
+#if defined(MBEDTLS_SSL_CACHE_C)
+#define USAGE_CACHE                                             \
+    "    cache_max=%%d        default: cache default (50)\n"
+#if defined(MBEDTLS_HAVE_TIME)
+#define USAGE_CACHE_TIME \
+    "    cache_timeout=%%d    default: cache default (1d)\n"
+#else
+#define USAGE_CACHE_TIME ""
+#endif
+#else
+#define USAGE_CACHE ""
+#define USAGE_CACHE_TIME ""
+#endif /* MBEDTLS_SSL_CACHE_C */
+
+#if defined(SNI_OPTION)
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
+#define SNI_CRL              ",crl"
+#else
+#define SNI_CRL              ""
+#endif
+
+#define USAGE_SNI                                                           \
+    "    sni=%%s              name1,cert1,key1,ca1"SNI_CRL ",auth1[,...]\n"  \
+                                                           "                        default: disabled\n"
+#else
+#define USAGE_SNI ""
+#endif /* SNI_OPTION */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+#define USAGE_MAX_FRAG_LEN                                      \
+    "    max_frag_len=%%d     default: 16384 (tls default)\n"   \
+    "                        options: 512, 1024, 2048, 4096\n"
+#else
+#define USAGE_MAX_FRAG_LEN ""
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+#define USAGE_TRUNC_HMAC \
+    "    trunc_hmac=%%d       default: library default\n"
+#else
+#define USAGE_TRUNC_HMAC ""
+#endif
+
+#if defined(MBEDTLS_SSL_ALPN)
+#define USAGE_ALPN \
+    "    alpn=%%s             default: \"\" (disabled)\n"   \
+    "                        example: spdy/1,http/1.1\n"
+#else
+#define USAGE_ALPN ""
+#endif /* MBEDTLS_SSL_ALPN */
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
+#define USAGE_COOKIES \
+    "    cookies=0/1/-1      default: 1 (enabled)\n"        \
+    "                        0: disabled, -1: library default (broken)\n"
+#else
+#define USAGE_COOKIES ""
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+#define USAGE_ANTI_REPLAY \
+    "    anti_replay=0/1     default: (library default: enabled)\n"
+#else
+#define USAGE_ANTI_REPLAY ""
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
+#define USAGE_BADMAC_LIMIT \
+    "    badmac_limit=%%d     default: (library default: disabled)\n"
+#else
+#define USAGE_BADMAC_LIMIT ""
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+#define USAGE_DTLS \
+    "    dtls=%%d             default: 0 (TLS)\n"                           \
+    "    hs_timeout=%%d-%%d    default: (library default: 1000-60000)\n"    \
+    "                        range of DTLS handshake timeouts in millisecs\n" \
+    "    mtu=%%d              default: (library default: unlimited)\n"  \
+    "    dgram_packing=%%d    default: 1 (allowed)\n"                   \
+    "                        allow or forbid packing of multiple\n" \
+    "                        records within a single datgram.\n"
+#else
+#define USAGE_DTLS ""
+#endif
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+#define USAGE_EMS \
+    "    extended_ms=0/1     default: (library default: on)\n"
+#else
+#define USAGE_EMS ""
+#endif
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+#define USAGE_ETM \
+    "    etm=0/1             default: (library default: on)\n"
+#else
+#define USAGE_ETM ""
+#endif
+
+#define USAGE_REPRODUCIBLE \
+    "    reproducible=0/1     default: 0 (disabled)\n"
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+#define USAGE_RENEGO \
+    "    renegotiation=%%d    default: 0 (disabled)\n"      \
+    "    renegotiate=%%d      default: 0 (disabled)\n"      \
+    "    renego_delay=%%d     default: -2 (library default)\n" \
+    "    renego_period=%%d    default: (2^64 - 1 for TLS, 2^48 - 1 for DTLS)\n"
+#else
+#define USAGE_RENEGO ""
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+#define USAGE_ECJPAKE \
+    "    ecjpake_pw=%%s       default: none (disabled)\n"
+#else
+#define USAGE_ECJPAKE ""
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+#define USAGE_CURVES \
+    "    curves=a,b,c,d      default: \"default\" (library default)\n"  \
+    "                        example: \"secp521r1,brainpoolP512r1\"\n"  \
+    "                        - use \"none\" for empty list\n"           \
+    "                        - see mbedtls_ecp_curve_list()\n"          \
+    "                          for acceptable curve names\n"
+#else
+#define USAGE_CURVES ""
+#endif
+
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+#define USAGE_SERIALIZATION \
+    "    serialize=%%d        default: 0 (do not serialize/deserialize)\n"     \
+    "                        options: 1 (serialize)\n"                         \
+    "                                 2 (serialize with re-initialization)\n"  \
+    "    context_file=%%s     The file path to write a serialized connection\n" \
+    "                        in the form of base64 code (serialize option\n"   \
+    "                        must be set)\n"                                   \
+    "                         default: \"\" (do nothing)\n"                    \
+    "                         option: a file path\n"
+#else
+#define USAGE_SERIALIZATION ""
+#endif
+
+/* USAGE is arbitrarily split to stay under the portable string literal
+ * length limit: 4095 bytes in C99. */
+#define USAGE1 \
+    "\n usage: ssl_server2 param=<>...\n"                   \
+    "\n acceptable parameters:\n"                           \
+    "    server_addr=%%s      default: (all interfaces)\n"  \
+    "    server_port=%%d      default: 4433\n"              \
+    "    debug_level=%%d      default: 0 (disabled)\n"      \
+    "    build_version=%%d    default: none (disabled)\n"                     \
+    "                        option: 1 (print build version only and stop)\n" \
+    "    buffer_size=%%d      default: 200 \n" \
+    "                         (minimum: 1, max: 16385)\n" \
+    "    response_size=%%d    default: about 152 (basic response)\n" \
+    "                          (minimum: 0, max: 16384)\n" \
+    "                          increases buffer_size if bigger\n" \
+    "    nbio=%%d             default: 0 (blocking I/O)\n"  \
+    "                        options: 1 (non-blocking), 2 (added delays)\n" \
+    "    event=%%d            default: 0 (loop)\n"                            \
+    "                        options: 1 (level-triggered, implies nbio=1),\n" \
+    "    read_timeout=%%d     default: 0 ms (no timeout)\n"    \
+    "\n"                                                    \
+    USAGE_DTLS                                              \
+    USAGE_SRTP                                              \
+    USAGE_COOKIES                                           \
+    USAGE_ANTI_REPLAY                                       \
+    USAGE_BADMAC_LIMIT                                      \
+    "\n"
+#define USAGE2 \
+    "    auth_mode=%%s        default: (library default: none)\n"      \
+    "                        options: none, optional, required\n" \
+    "    cert_req_ca_list=%%d default: 1 (send ca list)\n"  \
+    "                        options: 1 (send ca list), 0 (don't send)\n" \
+    USAGE_IO                                                \
+    USAGE_KEY_OPAQUE                                        \
+    "\n"                                                    \
+    USAGE_PSK                                               \
+    USAGE_CA_CALLBACK                                       \
+    USAGE_ECJPAKE                                           \
+    "\n"
+#define USAGE3 \
+    "    allow_legacy=%%d     default: (library default: no)\n"      \
+    USAGE_RENEGO                                            \
+    "    exchanges=%%d        default: 1\n"                 \
+    "\n"                                                    \
+    USAGE_TICKETS                                           \
+    USAGE_EAP_TLS                                           \
+    USAGE_REPRODUCIBLE                                      \
+    USAGE_NSS_KEYLOG                                        \
+    USAGE_NSS_KEYLOG_FILE                                   \
+    USAGE_CACHE                                             \
+    USAGE_CACHE_TIME                                        \
+    USAGE_MAX_FRAG_LEN                                      \
+    USAGE_TRUNC_HMAC                                        \
+    USAGE_ALPN                                              \
+    USAGE_EMS                                               \
+    USAGE_ETM                                               \
+    USAGE_CURVES                                            \
+    "\n"
+#define USAGE4 \
+    USAGE_SSL_ASYNC                                         \
+    USAGE_SNI                                               \
+    "    arc4=%%d             default: (library default: 0)\n" \
+    "    allow_sha1=%%d       default: 0\n"                             \
+    "    min_version=%%s      default: (library default: tls1)\n"       \
+    "    max_version=%%s      default: (library default: tls12)\n"      \
+    "    force_version=%%s    default: \"\" (none)\n"       \
+    "                        options: ssl3, tls1, tls1_1, tls12, dtls1, dtls12\n" \
+    "\n"                                                                \
+    "    version_suites=a,b,c,d      per-version ciphersuites\n"        \
+    "                                in order from ssl3 to tls12\n"     \
+    "                                default: all enabled\n"            \
+    "    force_ciphersuite=<name>    default: all enabled\n"            \
+    "    query_config=<name>         return 0 if the specified\n"       \
+    "                                configuration macro is defined and 1\n"  \
+    "                                otherwise. The expansion of the macro\n" \
+    "                                is printed if it is defined\n"     \
+    USAGE_SERIALIZATION                                     \
+    " acceptable ciphersuite names:\n"
+
+#define ALPN_LIST_SIZE  10
+#define CURVE_LIST_SIZE 20
+
+#define PUT_UINT64_BE(out_be, in_le, i)                                   \
+    {                                                                       \
+        (out_be)[(i) + 0] = (unsigned char) (((in_le) >> 56) & 0xFF);    \
+        (out_be)[(i) + 1] = (unsigned char) (((in_le) >> 48) & 0xFF);    \
+        (out_be)[(i) + 2] = (unsigned char) (((in_le) >> 40) & 0xFF);    \
+        (out_be)[(i) + 3] = (unsigned char) (((in_le) >> 32) & 0xFF);    \
+        (out_be)[(i) + 4] = (unsigned char) (((in_le) >> 24) & 0xFF);    \
+        (out_be)[(i) + 5] = (unsigned char) (((in_le) >> 16) & 0xFF);    \
+        (out_be)[(i) + 6] = (unsigned char) (((in_le) >> 8) & 0xFF);    \
+        (out_be)[(i) + 7] = (unsigned char) (((in_le) >> 0) & 0xFF);    \
+    }
+
+
+/*
+ * global options
+ */
+struct options {
+    const char *server_addr;    /* address on which the ssl service runs    */
+    const char *server_port;    /* port on which the ssl service runs       */
+    int debug_level;            /* level of debugging                       */
+    int nbio;                   /* should I/O be blocking?                  */
+    int event;                  /* loop or event-driven IO? level or edge triggered? */
+    uint32_t read_timeout;      /* timeout on mbedtls_ssl_read() in milliseconds    */
+    int response_size;          /* pad response with header to requested size */
+    uint16_t buffer_size;       /* IO buffer size */
+    const char *ca_file;        /* the file with the CA certificate(s)      */
+    const char *ca_path;        /* the path with the CA certificate(s) reside */
+    const char *crt_file;       /* the file with the server certificate     */
+    const char *key_file;       /* the file with the server key             */
+    int key_opaque;             /* handle private key as if it were opaque  */
+    const char *key_pwd;        /* the password for the server key          */
+    const char *crt_file2;      /* the file with the 2nd server certificate */
+    const char *key_file2;      /* the file with the 2nd server key         */
+    const char *key_pwd2;       /* the password for the 2nd server key      */
+    const char *async_operations; /* supported SSL asynchronous operations  */
+    int async_private_delay1;   /* number of times f_async_resume needs to be called for key 1, or -1 for no async */
+    int async_private_delay2;   /* number of times f_async_resume needs to be called for key 2, or -1 for no async */
+    int async_private_error;    /* inject error in async private callback */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    int psk_opaque;
+    int psk_list_opaque;
+#endif
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+    int ca_callback;            /* Use callback for trusted certificate list */
+#endif
+    const char *psk;            /* the pre-shared key                       */
+    const char *psk_identity;   /* the pre-shared key identity              */
+    char *psk_list;             /* list of PSK id/key pairs for callback    */
+    const char *ecjpake_pw;     /* the EC J-PAKE password                   */
+    int force_ciphersuite[2];   /* protocol/ciphersuite to use, or all      */
+    const char *version_suites; /* per-version ciphersuites                 */
+    int renegotiation;          /* enable / disable renegotiation           */
+    int allow_legacy;           /* allow legacy renegotiation               */
+    int renegotiate;            /* attempt renegotiation?                   */
+    int renego_delay;           /* delay before enforcing renegotiation     */
+    uint64_t renego_period;     /* period for automatic renegotiation       */
+    int exchanges;              /* number of data exchanges                 */
+    int min_version;            /* minimum protocol version accepted        */
+    int max_version;            /* maximum protocol version accepted        */
+    int arc4;                   /* flag for arc4 suites support             */
+    int allow_sha1;             /* flag for SHA-1 support                   */
+    int auth_mode;              /* verify mode for connection               */
+    int cert_req_ca_list;       /* should we send the CA list?              */
+    unsigned char mfl_code;     /* code for maximum fragment length         */
+    int trunc_hmac;             /* accept truncated hmac?                   */
+    int tickets;                /* enable / disable session tickets         */
+    int ticket_timeout;         /* session ticket lifetime                  */
+    int cache_max;              /* max number of session cache entries      */
+#if defined(MBEDTLS_HAVE_TIME)
+    int cache_timeout;          /* expiration delay of session cache entries*/
+#endif
+    char *sni;                  /* string describing sni information        */
+    const char *curves;         /* list of supported elliptic curves        */
+    const char *alpn_string;    /* ALPN supported protocols                 */
+    const char *dhm_file;       /* the file with the DH parameters          */
+    int extended_ms;            /* allow negotiation of extended MS?        */
+    int etm;                    /* allow negotiation of encrypt-then-MAC?   */
+    int transport;              /* TLS or DTLS?                             */
+    int cookies;                /* Use cookies for DTLS? -1 to break them   */
+    int anti_replay;            /* Use anti-replay for DTLS? -1 for default */
+    uint32_t hs_to_min;         /* Initial value of DTLS handshake timer    */
+    uint32_t hs_to_max;         /* Max value of DTLS handshake timer        */
+    int dtls_mtu;               /* UDP Maximum transport unit for DTLS       */
+    int dgram_packing;          /* allow/forbid datagram packing            */
+    int badmac_limit;           /* Limit of records with bad MAC            */
+    int eap_tls;                /* derive EAP-TLS keying material?          */
+    int nss_keylog;             /* export NSS key log material              */
+    const char *nss_keylog_file; /* NSS key log file                        */
+    int cid_enabled;            /* whether to use the CID extension or not  */
+    int cid_enabled_renego;     /* whether to use the CID extension or not
+                                 * during renegotiation                     */
+    const char *cid_val;        /* the CID to use for incoming messages     */
+    int serialize;              /* serialize/deserialize connection         */
+    const char *context_file;   /* the file to write a serialized connection
+                                 * in the form of base64 code (serialize
+                                 * option must be set)                      */
+    const char *cid_val_renego; /* the CID to use for incoming messages
+                                 * after renegotiation                      */
+    int reproducible;           /* make communication reproducible          */
+    int query_config_mode;      /* whether to read config                   */
+    int use_srtp;               /* Support SRTP                             */
+    int force_srtp_profile;     /* SRTP protection profile to use or all    */
+    int support_mki;            /* The dtls mki mki support                 */
+} opt;
+
+#include "ssl_test_common_source.c"
+
+/*
+ * Return authmode from string, or -1 on error
+ */
+static int get_auth_mode(const char *s)
+{
+    if (strcmp(s, "none") == 0) {
+        return MBEDTLS_SSL_VERIFY_NONE;
+    }
+    if (strcmp(s, "optional") == 0) {
+        return MBEDTLS_SSL_VERIFY_OPTIONAL;
+    }
+    if (strcmp(s, "required") == 0) {
+        return MBEDTLS_SSL_VERIFY_REQUIRED;
+    }
+
+    return -1;
+}
+
+/*
+ * Used by sni_parse and psk_parse to handle coma-separated lists
+ */
+#define GET_ITEM(dst)         \
+    do                          \
+    {                           \
+        (dst) = p;              \
+        while (*p != ',')      \
+        if (++p > end)     \
+        goto error;     \
+        *p++ = '\0';            \
+    } while (0)
+
+#if defined(SNI_OPTION)
+typedef struct _sni_entry sni_entry;
+
+struct _sni_entry {
+    const char *name;
+    mbedtls_x509_crt *cert;
+    mbedtls_pk_context *key;
+    mbedtls_x509_crt *ca;
+    mbedtls_x509_crl *crl;
+    int authmode;
+    sni_entry *next;
+};
+
+void sni_free(sni_entry *head)
+{
+    sni_entry *cur = head, *next;
+
+    while (cur != NULL) {
+        mbedtls_x509_crt_free(cur->cert);
+        mbedtls_free(cur->cert);
+
+        mbedtls_pk_free(cur->key);
+        mbedtls_free(cur->key);
+
+        mbedtls_x509_crt_free(cur->ca);
+        mbedtls_free(cur->ca);
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
+        mbedtls_x509_crl_free(cur->crl);
+        mbedtls_free(cur->crl);
+#endif
+        next = cur->next;
+        mbedtls_free(cur);
+        cur = next;
+    }
+}
+
+/*
+ * Parse a string of sextuples name1,crt1,key1,ca1,crl1,auth1[,...]
+ * into a usable sni_entry list. For ca1, crl1, auth1, the special value
+ * '-' means unset. If ca1 is unset, then crl1 is ignored too.
+ *
+ * Modifies the input string! This is not production quality!
+ */
+sni_entry *sni_parse(char *sni_string)
+{
+    sni_entry *cur = NULL, *new = NULL;
+    char *p = sni_string;
+    char *end = p;
+    char *crt_file, *key_file, *ca_file, *auth_str;
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
+    char *crl_file;
+#endif
+
+    while (*end != '\0') {
+        ++end;
+    }
+    *end = ',';
+
+    while (p <= end) {
+        if ((new = mbedtls_calloc(1, sizeof(sni_entry))) == NULL) {
+            sni_free(cur);
+            return NULL;
+        }
+
+        GET_ITEM(new->name);
+        GET_ITEM(crt_file);
+        GET_ITEM(key_file);
+        GET_ITEM(ca_file);
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
+        GET_ITEM(crl_file);
+#endif
+        GET_ITEM(auth_str);
+
+        if ((new->cert = mbedtls_calloc(1, sizeof(mbedtls_x509_crt))) == NULL ||
+            (new->key = mbedtls_calloc(1, sizeof(mbedtls_pk_context))) == NULL) {
+            goto error;
+        }
+
+        mbedtls_x509_crt_init(new->cert);
+        mbedtls_pk_init(new->key);
+
+        if (mbedtls_x509_crt_parse_file(new->cert, crt_file) != 0 ||
+            mbedtls_pk_parse_keyfile(new->key, key_file, "") != 0) {
+            goto error;
+        }
+
+        if (strcmp(ca_file, "-") != 0) {
+            if ((new->ca = mbedtls_calloc(1, sizeof(mbedtls_x509_crt))) == NULL) {
+                goto error;
+            }
+
+            mbedtls_x509_crt_init(new->ca);
+
+            if (mbedtls_x509_crt_parse_file(new->ca, ca_file) != 0) {
+                goto error;
+            }
+        }
+
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
+        if (strcmp(crl_file, "-") != 0) {
+            if ((new->crl = mbedtls_calloc(1, sizeof(mbedtls_x509_crl))) == NULL) {
+                goto error;
+            }
+
+            mbedtls_x509_crl_init(new->crl);
+
+            if (mbedtls_x509_crl_parse_file(new->crl, crl_file) != 0) {
+                goto error;
+            }
+        }
+#endif
+
+        if (strcmp(auth_str, "-") != 0) {
+            if ((new->authmode = get_auth_mode(auth_str)) < 0) {
+                goto error;
+            }
+        } else {
+            new->authmode = DFL_AUTH_MODE;
+        }
+
+        new->next = cur;
+        cur = new;
+    }
+
+    return cur;
+
+error:
+    sni_free(new);
+    sni_free(cur);
+    return NULL;
+}
+
+/*
+ * SNI callback.
+ */
+int sni_callback(void *p_info, mbedtls_ssl_context *ssl,
+                 const unsigned char *name, size_t name_len)
+{
+    const sni_entry *cur = (const sni_entry *) p_info;
+
+    while (cur != NULL) {
+        if (name_len == strlen(cur->name) &&
+            memcmp(name, cur->name, name_len) == 0) {
+            if (cur->ca != NULL) {
+                mbedtls_ssl_set_hs_ca_chain(ssl, cur->ca, cur->crl);
+            }
+
+            if (cur->authmode != DFL_AUTH_MODE) {
+                mbedtls_ssl_set_hs_authmode(ssl, cur->authmode);
+            }
+
+            return mbedtls_ssl_set_hs_own_cert(ssl, cur->cert, cur->key);
+        }
+
+        cur = cur->next;
+    }
+
+    return -1;
+}
+
+#endif /* SNI_OPTION */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+
+typedef struct _psk_entry psk_entry;
+
+struct _psk_entry {
+    const char *name;
+    size_t key_len;
+    unsigned char key[MBEDTLS_PSK_MAX_LEN];
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_key_id_t slot;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    psk_entry *next;
+};
+
+/*
+ * Free a list of psk_entry's
+ */
+int psk_free(psk_entry *head)
+{
+    psk_entry *next;
+
+    while (head != NULL) {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        psa_status_t status;
+        psa_key_id_t const slot = head->slot;
+
+        if (slot != 0) {
+            status = psa_destroy_key(slot);
+            if (status != PSA_SUCCESS) {
+                return status;
+            }
+        }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+        next = head->next;
+        mbedtls_free(head);
+        head = next;
+    }
+
+    return 0;
+}
+
+/*
+ * Parse a string of pairs name1,key1[,name2,key2[,...]]
+ * into a usable psk_entry list.
+ *
+ * Modifies the input string! This is not production quality!
+ */
+psk_entry *psk_parse(char *psk_string)
+{
+    psk_entry *cur = NULL, *new = NULL;
+    char *p = psk_string;
+    char *end = p;
+    char *key_hex;
+
+    while (*end != '\0') {
+        ++end;
+    }
+    *end = ',';
+
+    while (p <= end) {
+        if ((new = mbedtls_calloc(1, sizeof(psk_entry))) == NULL) {
+            goto error;
+        }
+
+        memset(new, 0, sizeof(psk_entry));
+
+        GET_ITEM(new->name);
+        GET_ITEM(key_hex);
+
+        if (mbedtls_test_unhexify(new->key, MBEDTLS_PSK_MAX_LEN,
+                                  key_hex, &new->key_len) != 0) {
+            goto error;
+        }
+
+        new->next = cur;
+        cur = new;
+    }
+
+    return cur;
+
+error:
+    psk_free(new);
+    psk_free(cur);
+    return 0;
+}
+
+/*
+ * PSK callback
+ */
+int psk_callback(void *p_info, mbedtls_ssl_context *ssl,
+                 const unsigned char *name, size_t name_len)
+{
+    psk_entry *cur = (psk_entry *) p_info;
+
+    while (cur != NULL) {
+        if (name_len == strlen(cur->name) &&
+            memcmp(name, cur->name, name_len) == 0) {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+            if (cur->slot != 0) {
+                return mbedtls_ssl_set_hs_psk_opaque(ssl, cur->slot);
+            } else
+#endif
+            return mbedtls_ssl_set_hs_psk(ssl, cur->key, cur->key_len);
+        }
+
+        cur = cur->next;
+    }
+
+    return -1;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+
+static mbedtls_net_context listen_fd, client_fd;
+
+/* Interruption handler to ensure clean exit (for valgrind testing) */
+#if !defined(_WIN32)
+static int received_sigterm = 0;
+void term_handler(int sig)
+{
+    ((void) sig);
+    received_sigterm = 1;
+    mbedtls_net_free(&listen_fd);   /* causes mbedtls_net_accept() to abort */
+    mbedtls_net_free(&client_fd);   /* causes net_read() to abort */
+}
+#endif
+
+/** Return true if \p ret is a status code indicating that there is an
+ * operation in progress on an SSL connection, and false if it indicates
+ * success or a fatal error.
+ *
+ * The possible operations in progress are:
+ *
+ * - A read, when the SSL input buffer does not contain a full message.
+ * - A write, when the SSL output buffer contains some data that has not
+ *   been sent over the network yet.
+ * - An asynchronous callback that has not completed yet. */
+static int mbedtls_status_is_ssl_in_progress(int ret)
+{
+    return ret == MBEDTLS_ERR_SSL_WANT_READ ||
+           ret == MBEDTLS_ERR_SSL_WANT_WRITE ||
+           ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS;
+}
+
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+typedef struct {
+    mbedtls_x509_crt *cert; /*!< Certificate corresponding to the key */
+    mbedtls_pk_context *pk; /*!< Private key */
+    unsigned delay; /*!< Number of resume steps to go through */
+    unsigned pk_owned : 1; /*!< Whether to free the pk object on exit */
+} ssl_async_key_slot_t;
+
+typedef enum {
+    SSL_ASYNC_INJECT_ERROR_NONE = 0, /*!< Let the callbacks succeed */
+    SSL_ASYNC_INJECT_ERROR_START, /*!< Inject error during start */
+    SSL_ASYNC_INJECT_ERROR_CANCEL, /*!< Close the connection after async start */
+    SSL_ASYNC_INJECT_ERROR_RESUME, /*!< Inject error during resume */
+#define SSL_ASYNC_INJECT_ERROR_MAX SSL_ASYNC_INJECT_ERROR_RESUME
+} ssl_async_inject_error_t;
+
+typedef struct {
+    ssl_async_key_slot_t slots[4]; /* key, key2, sni1, sni2 */
+    size_t slots_used;
+    ssl_async_inject_error_t inject_error;
+    int (*f_rng)(void *, unsigned char *, size_t);
+    void *p_rng;
+} ssl_async_key_context_t;
+
+int ssl_async_set_key(ssl_async_key_context_t *ctx,
+                      mbedtls_x509_crt *cert,
+                      mbedtls_pk_context *pk,
+                      int pk_take_ownership,
+                      unsigned delay)
+{
+    if (ctx->slots_used >= sizeof(ctx->slots) / sizeof(*ctx->slots)) {
+        return -1;
+    }
+    ctx->slots[ctx->slots_used].cert = cert;
+    ctx->slots[ctx->slots_used].pk = pk;
+    ctx->slots[ctx->slots_used].delay = delay;
+    ctx->slots[ctx->slots_used].pk_owned = pk_take_ownership;
+    ++ctx->slots_used;
+    return 0;
+}
+
+#define SSL_ASYNC_INPUT_MAX_SIZE 512
+
+typedef enum {
+    ASYNC_OP_SIGN,
+    ASYNC_OP_DECRYPT,
+} ssl_async_operation_type_t;
+
+typedef struct {
+    unsigned slot;
+    ssl_async_operation_type_t operation_type;
+    mbedtls_md_type_t md_alg;
+    unsigned char input[SSL_ASYNC_INPUT_MAX_SIZE];
+    size_t input_len;
+    unsigned remaining_delay;
+} ssl_async_operation_context_t;
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+
+/* Note that ssl_async_operation_type_t and the array below need to be kept in sync!
+ * `ssl_async_operation_names[op]` is the name of op for each value `op`
+ * of type `ssl_async_operation_type_t`. */
+static const char *const ssl_async_operation_names[] =
+{
+    "sign",
+    "decrypt",
+};
+
+static int ssl_async_start(mbedtls_ssl_context *ssl,
+                           mbedtls_x509_crt *cert,
+                           ssl_async_operation_type_t op_type,
+                           mbedtls_md_type_t md_alg,
+                           const unsigned char *input,
+                           size_t input_len)
+{
+    ssl_async_key_context_t *config_data =
+        mbedtls_ssl_conf_get_async_config_data(ssl->conf);
+    unsigned slot;
+    ssl_async_operation_context_t *ctx = NULL;
+    const char *op_name = ssl_async_operation_names[op_type];
+
+    {
+        char dn[100];
+        if (mbedtls_x509_dn_gets(dn, sizeof(dn), &cert->subject) > 0) {
+            mbedtls_printf("Async %s callback: looking for DN=%s\n",
+                           op_name, dn);
+        }
+    }
+
+    /* Look for a private key that matches the public key in cert.
+     * Since this test code has the private key inside Mbed TLS,
+     * we call mbedtls_pk_check_pair to match a private key with the
+     * public key. */
+    for (slot = 0; slot < config_data->slots_used; slot++) {
+        if (mbedtls_pk_check_pair(&cert->pk,
+                                  config_data->slots[slot].pk) == 0) {
+            break;
+        }
+    }
+    if (slot == config_data->slots_used) {
+        mbedtls_printf("Async %s callback: no key matches this certificate.\n",
+                       op_name);
+        return MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH;
+    }
+    mbedtls_printf("Async %s callback: using key slot %u, delay=%u.\n",
+                   op_name, slot, config_data->slots[slot].delay);
+
+    if (config_data->inject_error == SSL_ASYNC_INJECT_ERROR_START) {
+        mbedtls_printf("Async %s callback: injected error\n", op_name);
+        return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+    }
+
+    if (input_len > SSL_ASYNC_INPUT_MAX_SIZE) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    ctx = mbedtls_calloc(1, sizeof(*ctx));
+    if (ctx == NULL) {
+        return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+    }
+    ctx->slot = slot;
+    ctx->operation_type = op_type;
+    ctx->md_alg = md_alg;
+    memcpy(ctx->input, input, input_len);
+    ctx->input_len = input_len;
+    ctx->remaining_delay = config_data->slots[slot].delay;
+    mbedtls_ssl_set_async_operation_data(ssl, ctx);
+
+    if (ctx->remaining_delay == 0) {
+        return 0;
+    } else {
+        return MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS;
+    }
+}
+
+static int ssl_async_sign(mbedtls_ssl_context *ssl,
+                          mbedtls_x509_crt *cert,
+                          mbedtls_md_type_t md_alg,
+                          const unsigned char *hash,
+                          size_t hash_len)
+{
+    return ssl_async_start(ssl, cert,
+                           ASYNC_OP_SIGN, md_alg,
+                           hash, hash_len);
+}
+
+static int ssl_async_decrypt(mbedtls_ssl_context *ssl,
+                             mbedtls_x509_crt *cert,
+                             const unsigned char *input,
+                             size_t input_len)
+{
+    return ssl_async_start(ssl, cert,
+                           ASYNC_OP_DECRYPT, MBEDTLS_MD_NONE,
+                           input, input_len);
+}
+
+static int ssl_async_resume(mbedtls_ssl_context *ssl,
+                            unsigned char *output,
+                            size_t *output_len,
+                            size_t output_size)
+{
+    ssl_async_operation_context_t *ctx = mbedtls_ssl_get_async_operation_data(ssl);
+    ssl_async_key_context_t *config_data =
+        mbedtls_ssl_conf_get_async_config_data(ssl->conf);
+    ssl_async_key_slot_t *key_slot = &config_data->slots[ctx->slot];
+    int ret;
+    const char *op_name;
+
+    if (ctx->remaining_delay > 0) {
+        --ctx->remaining_delay;
+        mbedtls_printf("Async resume (slot %u): call %u more times.\n",
+                       ctx->slot, ctx->remaining_delay);
+        return MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS;
+    }
+
+    switch (ctx->operation_type) {
+        case ASYNC_OP_DECRYPT:
+            ret = mbedtls_pk_decrypt(key_slot->pk,
+                                     ctx->input, ctx->input_len,
+                                     output, output_len, output_size,
+                                     config_data->f_rng, config_data->p_rng);
+            break;
+        case ASYNC_OP_SIGN:
+            ret = mbedtls_pk_sign(key_slot->pk,
+                                  ctx->md_alg,
+                                  ctx->input, ctx->input_len,
+                                  output, output_len,
+                                  config_data->f_rng, config_data->p_rng);
+            break;
+        default:
+            mbedtls_printf(
+                "Async resume (slot %u): unknown operation type %ld. This shouldn't happen.\n",
+                ctx->slot,
+                (long) ctx->operation_type);
+            mbedtls_free(ctx);
+            return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+            break;
+    }
+
+    op_name = ssl_async_operation_names[ctx->operation_type];
+
+    if (config_data->inject_error == SSL_ASYNC_INJECT_ERROR_RESUME) {
+        mbedtls_printf("Async resume callback: %s done but injected error\n",
+                       op_name);
+        mbedtls_free(ctx);
+        return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+    }
+
+    mbedtls_printf("Async resume (slot %u): %s done, status=%d.\n",
+                   ctx->slot, op_name, ret);
+    mbedtls_free(ctx);
+    return ret;
+}
+
+static void ssl_async_cancel(mbedtls_ssl_context *ssl)
+{
+    ssl_async_operation_context_t *ctx = mbedtls_ssl_get_async_operation_data(ssl);
+    mbedtls_printf("Async cancel callback.\n");
+    mbedtls_free(ctx);
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+static psa_status_t psa_setup_psk_key_slot(psa_key_id_t *slot,
+                                           psa_algorithm_t alg,
+                                           unsigned char *psk,
+                                           size_t psk_len)
+{
+    psa_status_t status;
+    psa_key_attributes_t key_attributes;
+
+    key_attributes = psa_key_attributes_init();
+    psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE);
+    psa_set_key_algorithm(&key_attributes, alg);
+    psa_set_key_type(&key_attributes, PSA_KEY_TYPE_DERIVE);
+
+    status = psa_import_key(&key_attributes, psk, psk_len, slot);
+    if (status != PSA_SUCCESS) {
+        fprintf(stderr, "IMPORT\n");
+        return status;
+    }
+
+    return PSA_SUCCESS;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+int report_cid_usage(mbedtls_ssl_context *ssl,
+                     const char *additional_description)
+{
+    int ret;
+    unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX];
+    size_t peer_cid_len;
+    int cid_negotiated;
+
+    if (opt.transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        return 0;
+    }
+
+    /* Check if the use of a CID has been negotiated */
+    ret = mbedtls_ssl_get_peer_cid(ssl, &cid_negotiated,
+                                   peer_cid, &peer_cid_len);
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n",
+                       (unsigned int) -ret);
+        return ret;
+    }
+
+    if (cid_negotiated == MBEDTLS_SSL_CID_DISABLED) {
+        if (opt.cid_enabled == MBEDTLS_SSL_CID_ENABLED) {
+            mbedtls_printf("(%s) Use of Connection ID was not offered by client.\n",
+                           additional_description);
+        }
+    } else {
+        size_t idx = 0;
+        mbedtls_printf("(%s) Use of Connection ID has been negotiated.\n",
+                       additional_description);
+        mbedtls_printf("(%s) Peer CID (length %u Bytes): ",
+                       additional_description,
+                       (unsigned) peer_cid_len);
+        while (idx < peer_cid_len) {
+            mbedtls_printf("%02x ", peer_cid[idx]);
+            idx++;
+        }
+        mbedtls_printf("\n");
+    }
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+int main(int argc, char *argv[])
+{
+    int ret = 0, len, written, frags, exchanges_left;
+    int query_config_ret = 0;
+    int version_suites[4][2];
+    io_ctx_t io_ctx;
+    unsigned char *buf = 0;
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_algorithm_t alg = 0;
+    psa_key_id_t psk_slot = 0;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    unsigned char psk[MBEDTLS_PSK_MAX_LEN];
+    size_t psk_len = 0;
+    psk_entry *psk_info = NULL;
+#endif
+    const char *pers = "ssl_server2";
+    unsigned char client_ip[16] = { 0 };
+    size_t cliip_len;
+#if defined(MBEDTLS_SSL_COOKIE_C)
+    mbedtls_ssl_cookie_ctx cookie_ctx;
+#endif
+    rng_context_t rng;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+#if defined(MBEDTLS_TIMING_C)
+    mbedtls_timing_delay_context timer;
+#endif
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    unsigned char renego_period[8] = { 0 };
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    uint32_t flags;
+    mbedtls_x509_crt cacert;
+    mbedtls_x509_crt srvcert;
+    mbedtls_pk_context pkey;
+    mbedtls_x509_crt srvcert2;
+    mbedtls_pk_context pkey2;
+    mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_key_id_t key_slot = 0; /* invalid key slot */
+    psa_key_id_t key_slot2 = 0; /* invalid key slot */
+#endif
+    int key_cert_init = 0, key_cert_init2 = 0;
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+    ssl_async_key_context_t ssl_async_keys;
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
+    mbedtls_dhm_context dhm;
+#endif
+#if defined(MBEDTLS_SSL_CACHE_C)
+    mbedtls_ssl_cache_context cache;
+#endif
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C)
+    mbedtls_ssl_ticket_context ticket_ctx;
+#endif
+#if defined(SNI_OPTION)
+    sni_entry *sni_info = NULL;
+#endif
+#if defined(MBEDTLS_ECP_C)
+    mbedtls_ecp_group_id curve_list[CURVE_LIST_SIZE];
+    const mbedtls_ecp_curve_info *curve_cur;
+#endif
+#if defined(MBEDTLS_SSL_ALPN)
+    const char *alpn_list[ALPN_LIST_SIZE];
+#endif
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+    unsigned char alloc_buf[MEMORY_HEAP_SIZE];
+#endif
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    unsigned char cid[MBEDTLS_SSL_CID_IN_LEN_MAX];
+    unsigned char cid_renego[MBEDTLS_SSL_CID_IN_LEN_MAX];
+    size_t cid_len = 0;
+    size_t cid_renego_len = 0;
+#endif
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+    unsigned char *context_buf = NULL;
+    size_t context_buf_len = 0;
+#endif
+
+    int i;
+    char *p, *q;
+    const int *list;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status;
+#endif
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+    unsigned char eap_tls_keymaterial[16];
+    unsigned char eap_tls_iv[8];
+    const char *eap_tls_label = "client EAP encryption";
+    eap_tls_keys eap_tls_keying;
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+    /*! master keys and master salt for SRTP generated during handshake */
+    unsigned char dtls_srtp_key_material[MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH];
+    const char *dtls_srtp_label = "EXTRACTOR-dtls_srtp";
+    dtls_srtp_keys dtls_srtp_keying;
+    const mbedtls_ssl_srtp_profile default_profiles[] = {
+        MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80,
+        MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32,
+        MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80,
+        MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32,
+        MBEDTLS_TLS_SRTP_UNSET
+    };
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+    mbedtls_memory_buffer_alloc_init(alloc_buf, sizeof(alloc_buf));
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    size_t current_heap_memory, peak_heap_memory, heap_blocks;
+#endif  /* MBEDTLS_MEMORY_DEBUG */
+#endif  /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */
+
+#if defined(MBEDTLS_TEST_HOOKS)
+    test_hooks_init();
+#endif /* MBEDTLS_TEST_HOOKS */
+
+    /*
+     * Make sure memory references are valid in case we exit early.
+     */
+    mbedtls_net_init(&client_fd);
+    mbedtls_net_init(&listen_fd);
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_config_init(&conf);
+    rng_init(&rng);
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    mbedtls_x509_crt_init(&cacert);
+    mbedtls_x509_crt_init(&srvcert);
+    mbedtls_pk_init(&pkey);
+    mbedtls_x509_crt_init(&srvcert2);
+    mbedtls_pk_init(&pkey2);
+#endif
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+    memset(&ssl_async_keys, 0, sizeof(ssl_async_keys));
+#endif
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
+    mbedtls_dhm_init(&dhm);
+#endif
+#if defined(MBEDTLS_SSL_CACHE_C)
+    mbedtls_ssl_cache_init(&cache);
+#endif
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C)
+    mbedtls_ssl_ticket_init(&ticket_ctx);
+#endif
+#if defined(MBEDTLS_SSL_ALPN)
+    memset((void *) alpn_list, 0, sizeof(alpn_list));
+#endif
+#if defined(MBEDTLS_SSL_COOKIE_C)
+    mbedtls_ssl_cookie_init(&cookie_ctx);
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        goto exit;
+    }
+#endif  /* MBEDTLS_USE_PSA_CRYPTO */
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+    mbedtls_test_enable_insecure_external_rng();
+#endif  /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+#if !defined(_WIN32)
+    /* Abort cleanly on SIGTERM and SIGINT */
+    signal(SIGTERM, term_handler);
+    signal(SIGINT, term_handler);
+#endif
+
+    if (argc < 2) {
+usage:
+        if (ret == 0) {
+            ret = 1;
+        }
+
+        mbedtls_printf(USAGE1);
+        mbedtls_printf(USAGE2);
+        mbedtls_printf(USAGE3);
+        mbedtls_printf(USAGE4);
+
+        list = mbedtls_ssl_list_ciphersuites();
+        while (*list) {
+            mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name(*list));
+            list++;
+            if (!*list) {
+                break;
+            }
+            mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list));
+            list++;
+        }
+        mbedtls_printf("\n");
+        goto exit;
+    }
+
+    opt.buffer_size         = DFL_IO_BUF_LEN;
+    opt.server_addr         = DFL_SERVER_ADDR;
+    opt.server_port         = DFL_SERVER_PORT;
+    opt.debug_level         = DFL_DEBUG_LEVEL;
+    opt.event               = DFL_EVENT;
+    opt.response_size       = DFL_RESPONSE_SIZE;
+    opt.nbio                = DFL_NBIO;
+    opt.cid_enabled         = DFL_CID_ENABLED;
+    opt.cid_enabled_renego  = DFL_CID_ENABLED_RENEGO;
+    opt.cid_val             = DFL_CID_VALUE;
+    opt.cid_val_renego      = DFL_CID_VALUE_RENEGO;
+    opt.read_timeout        = DFL_READ_TIMEOUT;
+    opt.ca_file             = DFL_CA_FILE;
+    opt.ca_path             = DFL_CA_PATH;
+    opt.crt_file            = DFL_CRT_FILE;
+    opt.key_file            = DFL_KEY_FILE;
+    opt.key_opaque          = DFL_KEY_OPAQUE;
+    opt.key_pwd             = DFL_KEY_PWD;
+    opt.crt_file2           = DFL_CRT_FILE2;
+    opt.key_file2           = DFL_KEY_FILE2;
+    opt.key_pwd2            = DFL_KEY_PWD2;
+    opt.async_operations    = DFL_ASYNC_OPERATIONS;
+    opt.async_private_delay1 = DFL_ASYNC_PRIVATE_DELAY1;
+    opt.async_private_delay2 = DFL_ASYNC_PRIVATE_DELAY2;
+    opt.async_private_error = DFL_ASYNC_PRIVATE_ERROR;
+    opt.psk                 = DFL_PSK;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    opt.psk_opaque          = DFL_PSK_OPAQUE;
+    opt.psk_list_opaque     = DFL_PSK_LIST_OPAQUE;
+#endif
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+    opt.ca_callback         = DFL_CA_CALLBACK;
+#endif
+    opt.psk_identity        = DFL_PSK_IDENTITY;
+    opt.psk_list            = DFL_PSK_LIST;
+    opt.ecjpake_pw          = DFL_ECJPAKE_PW;
+    opt.force_ciphersuite[0] = DFL_FORCE_CIPHER;
+    opt.version_suites      = DFL_VERSION_SUITES;
+    opt.renegotiation       = DFL_RENEGOTIATION;
+    opt.allow_legacy        = DFL_ALLOW_LEGACY;
+    opt.renegotiate         = DFL_RENEGOTIATE;
+    opt.renego_delay        = DFL_RENEGO_DELAY;
+    opt.renego_period       = DFL_RENEGO_PERIOD;
+    opt.exchanges           = DFL_EXCHANGES;
+    opt.min_version         = DFL_MIN_VERSION;
+    opt.max_version         = DFL_MAX_VERSION;
+    opt.arc4                = DFL_ARC4;
+    opt.allow_sha1          = DFL_SHA1;
+    opt.auth_mode           = DFL_AUTH_MODE;
+    opt.cert_req_ca_list    = DFL_CERT_REQ_CA_LIST;
+    opt.mfl_code            = DFL_MFL_CODE;
+    opt.trunc_hmac          = DFL_TRUNC_HMAC;
+    opt.tickets             = DFL_TICKETS;
+    opt.ticket_timeout      = DFL_TICKET_TIMEOUT;
+    opt.cache_max           = DFL_CACHE_MAX;
+#if defined(MBEDTLS_HAVE_TIME)
+    opt.cache_timeout       = DFL_CACHE_TIMEOUT;
+#endif
+    opt.sni                 = DFL_SNI;
+    opt.alpn_string         = DFL_ALPN_STRING;
+    opt.curves              = DFL_CURVES;
+    opt.dhm_file            = DFL_DHM_FILE;
+    opt.transport           = DFL_TRANSPORT;
+    opt.cookies             = DFL_COOKIES;
+    opt.anti_replay         = DFL_ANTI_REPLAY;
+    opt.hs_to_min           = DFL_HS_TO_MIN;
+    opt.hs_to_max           = DFL_HS_TO_MAX;
+    opt.dtls_mtu            = DFL_DTLS_MTU;
+    opt.dgram_packing       = DFL_DGRAM_PACKING;
+    opt.badmac_limit        = DFL_BADMAC_LIMIT;
+    opt.extended_ms         = DFL_EXTENDED_MS;
+    opt.etm                 = DFL_ETM;
+    opt.serialize           = DFL_SERIALIZE;
+    opt.context_file        = DFL_CONTEXT_FILE;
+    opt.eap_tls             = DFL_EAP_TLS;
+    opt.reproducible        = DFL_REPRODUCIBLE;
+    opt.nss_keylog          = DFL_NSS_KEYLOG;
+    opt.nss_keylog_file     = DFL_NSS_KEYLOG_FILE;
+    opt.query_config_mode   = DFL_QUERY_CONFIG_MODE;
+    opt.use_srtp            = DFL_USE_SRTP;
+    opt.force_srtp_profile  = DFL_SRTP_FORCE_PROFILE;
+    opt.support_mki         = DFL_SRTP_SUPPORT_MKI;
+
+    for (i = 1; i < argc; i++) {
+        p = argv[i];
+        if ((q = strchr(p, '=')) == NULL) {
+            goto usage;
+        }
+        *q++ = '\0';
+
+        if (strcmp(p, "server_port") == 0) {
+            opt.server_port = q;
+        } else if (strcmp(p, "server_addr") == 0) {
+            opt.server_addr = q;
+        } else if (strcmp(p, "dtls") == 0) {
+            int t = atoi(q);
+            if (t == 0) {
+                opt.transport = MBEDTLS_SSL_TRANSPORT_STREAM;
+            } else if (t == 1) {
+                opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
+            } else {
+                goto usage;
+            }
+        } else if (strcmp(p, "debug_level") == 0) {
+            opt.debug_level = atoi(q);
+            if (opt.debug_level < 0 || opt.debug_level > 65535) {
+                goto usage;
+            }
+        } else if (strcmp(p, "build_version") == 0) {
+            if (strcmp(q, "1") == 0) {
+                mbedtls_printf("build version: %s (build %d)\n",
+                               MBEDTLS_VERSION_STRING_FULL,
+                               MBEDTLS_VERSION_NUMBER);
+                goto exit;
+            }
+        } else if (strcmp(p, "nbio") == 0) {
+            opt.nbio = atoi(q);
+            if (opt.nbio < 0 || opt.nbio > 2) {
+                goto usage;
+            }
+        } else if (strcmp(p, "event") == 0) {
+            opt.event = atoi(q);
+            if (opt.event < 0 || opt.event > 2) {
+                goto usage;
+            }
+        } else if (strcmp(p, "read_timeout") == 0) {
+            opt.read_timeout = atoi(q);
+        } else if (strcmp(p, "buffer_size") == 0) {
+            opt.buffer_size = atoi(q);
+            if (opt.buffer_size < 1 || opt.buffer_size > MBEDTLS_SSL_MAX_CONTENT_LEN + 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "response_size") == 0) {
+            opt.response_size = atoi(q);
+            if (opt.response_size < 0 || opt.response_size > MBEDTLS_SSL_MAX_CONTENT_LEN) {
+                goto usage;
+            }
+            if (opt.buffer_size < opt.response_size) {
+                opt.buffer_size = opt.response_size;
+            }
+        } else if (strcmp(p, "ca_file") == 0) {
+            opt.ca_file = q;
+        } else if (strcmp(p, "ca_path") == 0) {
+            opt.ca_path = q;
+        } else if (strcmp(p, "crt_file") == 0) {
+            opt.crt_file = q;
+        } else if (strcmp(p, "key_file") == 0) {
+            opt.key_file = q;
+        } else if (strcmp(p, "key_pwd") == 0) {
+            opt.key_pwd = q;
+        }
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+        else if (strcmp(p, "key_opaque") == 0) {
+            opt.key_opaque = atoi(q);
+        }
+#endif
+        else if (strcmp(p, "crt_file2") == 0) {
+            opt.crt_file2 = q;
+        } else if (strcmp(p, "key_file2") == 0) {
+            opt.key_file2 = q;
+        } else if (strcmp(p, "key_pwd2") == 0) {
+            opt.key_pwd2 = q;
+        } else if (strcmp(p, "dhm_file") == 0) {
+            opt.dhm_file = q;
+        }
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+        else if (strcmp(p, "async_operations") == 0) {
+            opt.async_operations = q;
+        } else if (strcmp(p, "async_private_delay1") == 0) {
+            opt.async_private_delay1 = atoi(q);
+        } else if (strcmp(p, "async_private_delay2") == 0) {
+            opt.async_private_delay2 = atoi(q);
+        } else if (strcmp(p, "async_private_error") == 0) {
+            int n = atoi(q);
+            if (n < -SSL_ASYNC_INJECT_ERROR_MAX ||
+                n > SSL_ASYNC_INJECT_ERROR_MAX) {
+                ret = 2;
+                goto usage;
+            }
+            opt.async_private_error = n;
+        }
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+        else if (strcmp(p, "cid") == 0) {
+            opt.cid_enabled = atoi(q);
+            if (opt.cid_enabled != 0 && opt.cid_enabled != 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "cid_renego") == 0) {
+            opt.cid_enabled_renego = atoi(q);
+            if (opt.cid_enabled_renego != 0 && opt.cid_enabled_renego != 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "cid_val") == 0) {
+            opt.cid_val = q;
+        } else if (strcmp(p, "cid_val_renego") == 0) {
+            opt.cid_val_renego = q;
+        }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+        else if (strcmp(p, "psk") == 0) {
+            opt.psk = q;
+        }
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        else if (strcmp(p, "psk_opaque") == 0) {
+            opt.psk_opaque = atoi(q);
+        } else if (strcmp(p, "psk_list_opaque") == 0) {
+            opt.psk_list_opaque = atoi(q);
+        }
+#endif
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+        else if (strcmp(p, "ca_callback") == 0) {
+            opt.ca_callback = atoi(q);
+        }
+#endif
+        else if (strcmp(p, "psk_identity") == 0) {
+            opt.psk_identity = q;
+        } else if (strcmp(p, "psk_list") == 0) {
+            opt.psk_list = q;
+        } else if (strcmp(p, "ecjpake_pw") == 0) {
+            opt.ecjpake_pw = q;
+        } else if (strcmp(p, "force_ciphersuite") == 0) {
+            opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(q);
+
+            if (opt.force_ciphersuite[0] == 0) {
+                ret = 2;
+                goto usage;
+            }
+            opt.force_ciphersuite[1] = 0;
+        } else if (strcmp(p, "curves") == 0) {
+            opt.curves = q;
+        } else if (strcmp(p, "version_suites") == 0) {
+            opt.version_suites = q;
+        } else if (strcmp(p, "renegotiation") == 0) {
+            opt.renegotiation = (atoi(q)) ?
+                                MBEDTLS_SSL_RENEGOTIATION_ENABLED :
+                                MBEDTLS_SSL_RENEGOTIATION_DISABLED;
+        } else if (strcmp(p, "allow_legacy") == 0) {
+            switch (atoi(q)) {
+                case -1:
+                    opt.allow_legacy = MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE;
+                    break;
+                case 0:
+                    opt.allow_legacy = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION;
+                    break;
+                case 1:
+                    opt.allow_legacy = MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION;
+                    break;
+                default: goto usage;
+            }
+        } else if (strcmp(p, "renegotiate") == 0) {
+            opt.renegotiate = atoi(q);
+            if (opt.renegotiate < 0 || opt.renegotiate > 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "renego_delay") == 0) {
+            opt.renego_delay = atoi(q);
+        } else if (strcmp(p, "renego_period") == 0) {
+#if defined(_MSC_VER)
+            opt.renego_period = _strtoui64(q, NULL, 10);
+#else
+            if (sscanf(q, "%" SCNu64, &opt.renego_period) != 1) {
+                goto usage;
+            }
+#endif /* _MSC_VER */
+            if (opt.renego_period < 2) {
+                goto usage;
+            }
+        } else if (strcmp(p, "exchanges") == 0) {
+            opt.exchanges = atoi(q);
+            if (opt.exchanges < 0) {
+                goto usage;
+            }
+        } else if (strcmp(p, "min_version") == 0) {
+            if (strcmp(q, "ssl3") == 0) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0;
+            } else if (strcmp(q, "tls1") == 0) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1;
+            } else if (strcmp(q, "tls1_1") == 0 ||
+                       strcmp(q, "dtls1") == 0) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
+            } else if (strcmp(q, "tls12") == 0 ||
+                       strcmp(q, "dtls12") == 0) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
+            } else {
+                goto usage;
+            }
+        } else if (strcmp(p, "max_version") == 0) {
+            if (strcmp(q, "ssl3") == 0) {
+                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0;
+            } else if (strcmp(q, "tls1") == 0) {
+                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1;
+            } else if (strcmp(q, "tls1_1") == 0 ||
+                       strcmp(q, "dtls1") == 0) {
+                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2;
+            } else if (strcmp(q, "tls12") == 0 ||
+                       strcmp(q, "dtls12") == 0) {
+                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
+            } else {
+                goto usage;
+            }
+        } else if (strcmp(p, "arc4") == 0) {
+            switch (atoi(q)) {
+                case 0:     opt.arc4 = MBEDTLS_SSL_ARC4_DISABLED;   break;
+                case 1:     opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED;    break;
+                default:    goto usage;
+            }
+        } else if (strcmp(p, "allow_sha1") == 0) {
+            switch (atoi(q)) {
+                case 0:     opt.allow_sha1 = 0;   break;
+                case 1:     opt.allow_sha1 = 1;    break;
+                default:    goto usage;
+            }
+        } else if (strcmp(p, "force_version") == 0) {
+            if (strcmp(q, "ssl3") == 0) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0;
+                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0;
+            } else if (strcmp(q, "tls1") == 0) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1;
+                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1;
+            } else if (strcmp(q, "tls1_1") == 0) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
+                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2;
+            } else if (strcmp(q, "tls12") == 0) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
+                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
+            } else if (strcmp(q, "dtls1") == 0) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
+                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2;
+                opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
+            } else if (strcmp(q, "dtls12") == 0) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
+                opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
+                opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
+            } else {
+                goto usage;
+            }
+        } else if (strcmp(p, "auth_mode") == 0) {
+            if ((opt.auth_mode = get_auth_mode(q)) < 0) {
+                goto usage;
+            }
+        } else if (strcmp(p, "cert_req_ca_list") == 0) {
+            opt.cert_req_ca_list = atoi(q);
+            if (opt.cert_req_ca_list < 0 || opt.cert_req_ca_list > 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "max_frag_len") == 0) {
+            if (strcmp(q, "512") == 0) {
+                opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_512;
+            } else if (strcmp(q, "1024") == 0) {
+                opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_1024;
+            } else if (strcmp(q, "2048") == 0) {
+                opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_2048;
+            } else if (strcmp(q, "4096") == 0) {
+                opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_4096;
+            } else {
+                goto usage;
+            }
+        } else if (strcmp(p, "alpn") == 0) {
+            opt.alpn_string = q;
+        } else if (strcmp(p, "trunc_hmac") == 0) {
+            switch (atoi(q)) {
+                case 0: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_DISABLED; break;
+                case 1: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; break;
+                default: goto usage;
+            }
+        } else if (strcmp(p, "extended_ms") == 0) {
+            switch (atoi(q)) {
+                case 0:
+                    opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_DISABLED;
+                    break;
+                case 1:
+                    opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED;
+                    break;
+                default: goto usage;
+            }
+        } else if (strcmp(p, "etm") == 0) {
+            switch (atoi(q)) {
+                case 0: opt.etm = MBEDTLS_SSL_ETM_DISABLED; break;
+                case 1: opt.etm = MBEDTLS_SSL_ETM_ENABLED; break;
+                default: goto usage;
+            }
+        } else if (strcmp(p, "tickets") == 0) {
+            opt.tickets = atoi(q);
+            if (opt.tickets < 0 || opt.tickets > 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "ticket_timeout") == 0) {
+            opt.ticket_timeout = atoi(q);
+            if (opt.ticket_timeout < 0) {
+                goto usage;
+            }
+        } else if (strcmp(p, "cache_max") == 0) {
+            opt.cache_max = atoi(q);
+            if (opt.cache_max < 0) {
+                goto usage;
+            }
+        }
+#if defined(MBEDTLS_HAVE_TIME)
+        else if (strcmp(p, "cache_timeout") == 0) {
+            opt.cache_timeout = atoi(q);
+            if (opt.cache_timeout < 0) {
+                goto usage;
+            }
+        }
+#endif
+        else if (strcmp(p, "cookies") == 0) {
+            opt.cookies = atoi(q);
+            if (opt.cookies < -1 || opt.cookies > 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "anti_replay") == 0) {
+            opt.anti_replay = atoi(q);
+            if (opt.anti_replay < 0 || opt.anti_replay > 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "badmac_limit") == 0) {
+            opt.badmac_limit = atoi(q);
+            if (opt.badmac_limit < 0) {
+                goto usage;
+            }
+        } else if (strcmp(p, "hs_timeout") == 0) {
+            if ((p = strchr(q, '-')) == NULL) {
+                goto usage;
+            }
+            *p++ = '\0';
+            opt.hs_to_min = atoi(q);
+            opt.hs_to_max = atoi(p);
+            if (opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min) {
+                goto usage;
+            }
+        } else if (strcmp(p, "mtu") == 0) {
+            opt.dtls_mtu = atoi(q);
+            if (opt.dtls_mtu < 0) {
+                goto usage;
+            }
+        } else if (strcmp(p, "dgram_packing") == 0) {
+            opt.dgram_packing = atoi(q);
+            if (opt.dgram_packing != 0 &&
+                opt.dgram_packing != 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "sni") == 0) {
+            opt.sni = q;
+        } else if (strcmp(p, "query_config") == 0) {
+            opt.query_config_mode = 1;
+            query_config_ret = query_config(q);
+            goto exit;
+        } else if (strcmp(p, "serialize") == 0) {
+            opt.serialize = atoi(q);
+            if (opt.serialize < 0 || opt.serialize > 2) {
+                goto usage;
+            }
+        } else if (strcmp(p, "context_file") == 0) {
+            opt.context_file = q;
+        } else if (strcmp(p, "eap_tls") == 0) {
+            opt.eap_tls = atoi(q);
+            if (opt.eap_tls < 0 || opt.eap_tls > 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "reproducible") == 0) {
+            opt.reproducible = 1;
+        } else if (strcmp(p, "nss_keylog") == 0) {
+            opt.nss_keylog = atoi(q);
+            if (opt.nss_keylog < 0 || opt.nss_keylog > 1) {
+                goto usage;
+            }
+        } else if (strcmp(p, "nss_keylog_file") == 0) {
+            opt.nss_keylog_file = q;
+        } else if (strcmp(p, "use_srtp") == 0) {
+            opt.use_srtp = atoi(q);
+        } else if (strcmp(p, "srtp_force_profile") == 0) {
+            opt.force_srtp_profile = atoi(q);
+        } else if (strcmp(p, "support_mki") == 0) {
+            opt.support_mki = atoi(q);
+        } else {
+            goto usage;
+        }
+    }
+
+    if (opt.nss_keylog != 0 && opt.eap_tls != 0) {
+        mbedtls_printf("Error: eap_tls and nss_keylog options cannot be used together.\n");
+        goto usage;
+    }
+
+    /* Event-driven IO is incompatible with the above custom
+     * receive and send functions, as the polling builds on
+     * refers to the underlying net_context. */
+    if (opt.event == 1 && opt.nbio != 1) {
+        mbedtls_printf("Warning: event-driven IO mandates nbio=1 - overwrite\n");
+        opt.nbio = 1;
+    }
+
+#if defined(MBEDTLS_DEBUG_C)
+    mbedtls_debug_set_threshold(opt.debug_level);
+#endif
+
+    /* buf will alternatively contain the input read from the client and the
+     * response that's about to be sent, plus a null byte in each case. */
+    size_t buf_content_size = opt.buffer_size;
+    /* The default response contains the ciphersuite name. Leave enough
+     * room for that plus some margin. */
+    if (buf_content_size < strlen(HTTP_RESPONSE) + 80) {
+        buf_content_size = strlen(HTTP_RESPONSE) + 80;
+    }
+    if (opt.response_size != DFL_RESPONSE_SIZE &&
+        buf_content_size < (size_t) opt.response_size) {
+        buf_content_size = opt.response_size;
+    }
+    buf = mbedtls_calloc(1, buf_content_size + 1);
+    if (buf == NULL) {
+        mbedtls_printf("Could not allocate %lu bytes\n",
+                       (unsigned long) buf_content_size + 1);
+        ret = 3;
+        goto exit;
+    }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (opt.psk_opaque != 0) {
+        if (strlen(opt.psk) == 0) {
+            mbedtls_printf("psk_opaque set but no psk to be imported specified.\n");
+            ret = 2;
+            goto usage;
+        }
+
+        if (opt.force_ciphersuite[0] <= 0) {
+            mbedtls_printf(
+                "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n");
+            ret = 2;
+            goto usage;
+        }
+    }
+
+    if (opt.psk_list_opaque != 0) {
+        if (opt.psk_list == NULL) {
+            mbedtls_printf("psk_slot set but no psk to be imported specified.\n");
+            ret = 2;
+            goto usage;
+        }
+
+        if (opt.force_ciphersuite[0] <= 0) {
+            mbedtls_printf(
+                "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n");
+            ret = 2;
+            goto usage;
+        }
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if (opt.force_ciphersuite[0] > 0) {
+        const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
+        ciphersuite_info =
+            mbedtls_ssl_ciphersuite_from_id(opt.force_ciphersuite[0]);
+
+        if (opt.max_version != -1 &&
+            ciphersuite_info->min_minor_ver > opt.max_version) {
+            mbedtls_printf("forced ciphersuite not allowed with this protocol version\n");
+            ret = 2;
+            goto usage;
+        }
+        if (opt.min_version != -1 &&
+            ciphersuite_info->max_minor_ver < opt.min_version) {
+            mbedtls_printf("forced ciphersuite not allowed with this protocol version\n");
+            ret = 2;
+            goto usage;
+        }
+
+        /* If we select a version that's not supported by
+         * this suite, then there will be no common ciphersuite... */
+        if (opt.max_version == -1 ||
+            opt.max_version > ciphersuite_info->max_minor_ver) {
+            opt.max_version = ciphersuite_info->max_minor_ver;
+        }
+        if (opt.min_version < ciphersuite_info->min_minor_ver) {
+            opt.min_version = ciphersuite_info->min_minor_ver;
+            /* DTLS starts with TLS 1.1 */
+            if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+                opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2) {
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
+            }
+        }
+
+        /* Enable RC4 if needed and not explicitly disabled */
+        if (ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128) {
+            if (opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED) {
+                mbedtls_printf("forced RC4 ciphersuite with RC4 disabled\n");
+                ret = 2;
+                goto usage;
+            }
+
+            opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED;
+        }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+        if (opt.psk_opaque != 0 || opt.psk_list_opaque != 0) {
+            /* Determine KDF algorithm the opaque PSK will be used in. */
+#if defined(MBEDTLS_SHA512_C)
+            if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) {
+                alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384);
+            } else
+#endif /* MBEDTLS_SHA512_C */
+            alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
+        }
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    }
+
+    if (opt.version_suites != NULL) {
+        const char *name[4] = { 0 };
+
+        /* Parse 4-element coma-separated list */
+        for (i = 0, p = (char *) opt.version_suites;
+             i < 4 && *p != '\0';
+             i++) {
+            name[i] = p;
+
+            /* Terminate the current string and move on to next one */
+            while (*p != ',' && *p != '\0') {
+                p++;
+            }
+            if (*p == ',') {
+                *p++ = '\0';
+            }
+        }
+
+        if (i != 4) {
+            mbedtls_printf("too few values for version_suites\n");
+            ret = 1;
+            goto exit;
+        }
+
+        memset(version_suites, 0, sizeof(version_suites));
+
+        /* Get the suites identifiers from their name */
+        for (i = 0; i < 4; i++) {
+            version_suites[i][0] = mbedtls_ssl_get_ciphersuite_id(name[i]);
+
+            if (version_suites[i][0] == 0) {
+                mbedtls_printf("unknown ciphersuite: '%s'\n", name[i]);
+                ret = 2;
+                goto usage;
+            }
+        }
+    }
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    if (mbedtls_test_unhexify(cid, sizeof(cid),
+                              opt.cid_val, &cid_len) != 0) {
+        mbedtls_printf("CID not valid hex\n");
+        goto exit;
+    }
+
+    /* Keep CID settings for renegotiation unless
+     * specified otherwise. */
+    if (opt.cid_enabled_renego == DFL_CID_ENABLED_RENEGO) {
+        opt.cid_enabled_renego = opt.cid_enabled;
+    }
+    if (opt.cid_val_renego == DFL_CID_VALUE_RENEGO) {
+        opt.cid_val_renego = opt.cid_val;
+    }
+
+    if (mbedtls_test_unhexify(cid_renego, sizeof(cid_renego),
+                              opt.cid_val_renego, &cid_renego_len) != 0) {
+        mbedtls_printf("CID not valid hex\n");
+        goto exit;
+    }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+    /*
+     * Unhexify the pre-shared key and parse the list if any given
+     */
+    if (mbedtls_test_unhexify(psk, sizeof(psk),
+                              opt.psk, &psk_len) != 0) {
+        mbedtls_printf("pre-shared key not valid hex\n");
+        goto exit;
+    }
+
+    if (opt.psk_list != NULL) {
+        if ((psk_info = psk_parse(opt.psk_list)) == NULL) {
+            mbedtls_printf("psk_list invalid");
+            goto exit;
+        }
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+
+#if defined(MBEDTLS_ECP_C)
+    if (opt.curves != NULL) {
+        p = (char *) opt.curves;
+        i = 0;
+
+        if (strcmp(p, "none") == 0) {
+            curve_list[0] = MBEDTLS_ECP_DP_NONE;
+        } else if (strcmp(p, "default") != 0) {
+            /* Leave room for a final NULL in curve list */
+            while (i < CURVE_LIST_SIZE - 1 && *p != '\0') {
+                q = p;
+
+                /* Terminate the current string */
+                while (*p != ',' && *p != '\0') {
+                    p++;
+                }
+                if (*p == ',') {
+                    *p++ = '\0';
+                }
+
+                if ((curve_cur = mbedtls_ecp_curve_info_from_name(q)) != NULL) {
+                    curve_list[i++] = curve_cur->grp_id;
+                } else {
+                    mbedtls_printf("unknown curve %s\n", q);
+                    mbedtls_printf("supported curves: ");
+                    for (curve_cur = mbedtls_ecp_curve_list();
+                         curve_cur->grp_id != MBEDTLS_ECP_DP_NONE;
+                         curve_cur++) {
+                        mbedtls_printf("%s ", curve_cur->name);
+                    }
+                    mbedtls_printf("\n");
+                    goto exit;
+                }
+            }
+
+            mbedtls_printf("Number of curves: %d\n", i);
+
+            if (i == CURVE_LIST_SIZE - 1 && *p != '\0') {
+                mbedtls_printf("curves list too long, maximum %d",
+                               CURVE_LIST_SIZE - 1);
+                goto exit;
+            }
+
+            curve_list[i] = MBEDTLS_ECP_DP_NONE;
+        }
+    }
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_SSL_ALPN)
+    if (opt.alpn_string != NULL) {
+        p = (char *) opt.alpn_string;
+        i = 0;
+
+        /* Leave room for a final NULL in alpn_list */
+        while (i < ALPN_LIST_SIZE - 1 && *p != '\0') {
+            alpn_list[i++] = p;
+
+            /* Terminate the current string and move on to next one */
+            while (*p != ',' && *p != '\0') {
+                p++;
+            }
+            if (*p == ',') {
+                *p++ = '\0';
+            }
+        }
+    }
+#endif /* MBEDTLS_SSL_ALPN */
+
+    mbedtls_printf("build version: %s (build %d)\n",
+                   MBEDTLS_VERSION_STRING_FULL, MBEDTLS_VERSION_NUMBER);
+
+    /*
+     * 0. Initialize the RNG and the session data
+     */
+    mbedtls_printf("\n  . Seeding the random number generator...");
+    fflush(stdout);
+
+    ret = rng_seed(&rng, opt.reproducible, pers);
+    if (ret != 0) {
+        goto exit;
+    }
+    mbedtls_printf(" ok\n");
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    /*
+     * 1.1. Load the trusted CA
+     */
+    mbedtls_printf("  . Loading the CA root certificate ...");
+    fflush(stdout);
+
+    if (strcmp(opt.ca_path, "none") == 0 ||
+        strcmp(opt.ca_file, "none") == 0) {
+        ret = 0;
+    } else
+#if defined(MBEDTLS_FS_IO)
+    if (strlen(opt.ca_path)) {
+        ret = mbedtls_x509_crt_parse_path(&cacert, opt.ca_path);
+    } else if (strlen(opt.ca_file)) {
+        ret = mbedtls_x509_crt_parse_file(&cacert, opt.ca_file);
+    } else
+#endif
+#if defined(MBEDTLS_CERTS_C)
+    {
+#if defined(MBEDTLS_PEM_PARSE_C)
+        for (i = 0; mbedtls_test_cas[i] != NULL; i++) {
+            ret = mbedtls_x509_crt_parse(&cacert,
+                                         (const unsigned char *) mbedtls_test_cas[i],
+                                         mbedtls_test_cas_len[i]);
+            if (ret != 0) {
+                break;
+            }
+        }
+#endif /* MBEDTLS_PEM_PARSE_C */
+        if (ret == 0) {
+            for (i = 0; mbedtls_test_cas_der[i] != NULL; i++) {
+                ret = mbedtls_x509_crt_parse_der(&cacert,
+                                                 (const unsigned char *) mbedtls_test_cas_der[i],
+                                                 mbedtls_test_cas_der_len[i]);
+                if (ret != 0) {
+                    break;
+                }
+            }
+        }
+    }
+#else
+    {
+        ret = 1;
+        mbedtls_printf("MBEDTLS_CERTS_C not defined.");
+    }
+#endif /* MBEDTLS_CERTS_C */
+    if (ret < 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_x509_crt_parse returned -0x%x\n\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok (%d skipped)\n", ret);
+
+    /*
+     * 1.2. Load own certificate and private key
+     */
+    mbedtls_printf("  . Loading the server cert. and key...");
+    fflush(stdout);
+
+#if defined(MBEDTLS_FS_IO)
+    if (strlen(opt.crt_file) && strcmp(opt.crt_file, "none") != 0) {
+        key_cert_init++;
+        if ((ret = mbedtls_x509_crt_parse_file(&srvcert, opt.crt_file)) != 0) {
+            mbedtls_printf(" failed\n  !  mbedtls_x509_crt_parse_file returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+    }
+    if (strlen(opt.key_file) && strcmp(opt.key_file, "none") != 0) {
+        key_cert_init++;
+        if ((ret = mbedtls_pk_parse_keyfile(&pkey, opt.key_file,
+                                            opt.key_pwd)) != 0) {
+            mbedtls_printf(" failed\n  !  mbedtls_pk_parse_keyfile returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+    }
+    if (key_cert_init == 1) {
+        mbedtls_printf(" failed\n  !  crt_file without key_file or vice-versa\n\n");
+        goto exit;
+    }
+
+    if (strlen(opt.crt_file2) && strcmp(opt.crt_file2, "none") != 0) {
+        key_cert_init2++;
+        if ((ret = mbedtls_x509_crt_parse_file(&srvcert2, opt.crt_file2)) != 0) {
+            mbedtls_printf(" failed\n  !  mbedtls_x509_crt_parse_file(2) returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+    }
+    if (strlen(opt.key_file2) && strcmp(opt.key_file2, "none") != 0) {
+        key_cert_init2++;
+        if ((ret = mbedtls_pk_parse_keyfile(&pkey2, opt.key_file2,
+                                            opt.key_pwd2)) != 0) {
+            mbedtls_printf(" failed\n  !  mbedtls_pk_parse_keyfile(2) returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+    }
+    if (key_cert_init2 == 1) {
+        mbedtls_printf(" failed\n  !  crt_file2 without key_file2 or vice-versa\n\n");
+        goto exit;
+    }
+#endif
+    if (key_cert_init == 0 &&
+        strcmp(opt.crt_file, "none") != 0 &&
+        strcmp(opt.key_file, "none") != 0 &&
+        key_cert_init2 == 0 &&
+        strcmp(opt.crt_file2, "none") != 0 &&
+        strcmp(opt.key_file2, "none") != 0) {
+#if !defined(MBEDTLS_CERTS_C)
+        mbedtls_printf("Not certificated or key provided, and \nMBEDTLS_CERTS_C not defined!\n");
+        goto exit;
+#else /* MBEDTLS_CERTS_C */
+#if defined(MBEDTLS_RSA_C)
+        if ((ret = mbedtls_x509_crt_parse(&srvcert,
+                                          (const unsigned char *) mbedtls_test_srv_crt_rsa,
+                                          mbedtls_test_srv_crt_rsa_len)) != 0) {
+            mbedtls_printf(" failed\n  !  mbedtls_x509_crt_parse returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+        if ((ret = mbedtls_pk_parse_key(&pkey,
+                                        (const unsigned char *) mbedtls_test_srv_key_rsa,
+                                        mbedtls_test_srv_key_rsa_len, NULL, 0)) != 0) {
+            mbedtls_printf(" failed\n  !  mbedtls_pk_parse_key returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+        key_cert_init = 2;
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECDSA_C)
+        if ((ret = mbedtls_x509_crt_parse(&srvcert2,
+                                          (const unsigned char *) mbedtls_test_srv_crt_ec,
+                                          mbedtls_test_srv_crt_ec_len)) != 0) {
+            mbedtls_printf(" failed\n  !  x509_crt_parse2 returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+        if ((ret = mbedtls_pk_parse_key(&pkey2,
+                                        (const unsigned char *) mbedtls_test_srv_key_ec,
+                                        mbedtls_test_srv_key_ec_len, NULL, 0)) != 0) {
+            mbedtls_printf(" failed\n  !  pk_parse_key2 returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+        key_cert_init2 = 2;
+#endif /* MBEDTLS_ECDSA_C */
+#endif /* MBEDTLS_CERTS_C */
+    }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (opt.key_opaque != 0) {
+        if (mbedtls_pk_get_type(&pkey) == MBEDTLS_PK_ECKEY) {
+            if ((ret = mbedtls_pk_wrap_as_opaque(&pkey, &key_slot,
+                                                 PSA_ALG_ANY_HASH)) != 0) {
+                mbedtls_printf(" failed\n  !  "
+                               "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n",
+                               (unsigned int)  -ret);
+                goto exit;
+            }
+        }
+
+        if (mbedtls_pk_get_type(&pkey2) == MBEDTLS_PK_ECKEY) {
+            if ((ret = mbedtls_pk_wrap_as_opaque(&pkey2, &key_slot2,
+                                                 PSA_ALG_ANY_HASH)) != 0) {
+                mbedtls_printf(" failed\n  !  "
+                               "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n",
+                               (unsigned int)  -ret);
+                goto exit;
+            }
+        }
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    mbedtls_printf(" ok (key types: %s - %s)\n",
+                   mbedtls_pk_get_name(&pkey),
+                   mbedtls_pk_get_name(&pkey2));
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
+    if (opt.dhm_file != NULL) {
+        mbedtls_printf("  . Loading DHM parameters...");
+        fflush(stdout);
+
+        if ((ret = mbedtls_dhm_parse_dhmfile(&dhm, opt.dhm_file)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_dhm_parse_dhmfile returned -0x%04X\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+
+        mbedtls_printf(" ok\n");
+    }
+#endif
+
+#if defined(SNI_OPTION)
+    if (opt.sni != NULL) {
+        mbedtls_printf("  . Setting up SNI information...");
+        fflush(stdout);
+
+        if ((sni_info = sni_parse(opt.sni)) == NULL) {
+            mbedtls_printf(" failed\n");
+            goto exit;
+        }
+
+        mbedtls_printf(" ok\n");
+    }
+#endif /* SNI_OPTION */
+
+    /*
+     * 2. Setup the listening TCP socket
+     */
+    mbedtls_printf("  . Bind on %s://%s:%s/ ...",
+                   opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp",
+                   opt.server_addr ? opt.server_addr : "*",
+                   opt.server_port);
+    fflush(stdout);
+
+    if ((ret = mbedtls_net_bind(&listen_fd, opt.server_addr, opt.server_port,
+                                opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ?
+                                MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_bind returned -0x%x\n\n", (unsigned int) -ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 3. Setup stuff
+     */
+    mbedtls_printf("  . Setting up the SSL/TLS structure...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ssl_config_defaults(&conf,
+                                           MBEDTLS_SSL_IS_SERVER,
+                                           opt.transport,
+                                           MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_config_defaults returned -0x%x\n\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    /* The default algorithms profile disables SHA-1, but our tests still
+       rely on it heavily. Hence we allow it here. A real-world server
+       should use the default profile unless there is a good reason not to. */
+    if (opt.allow_sha1 > 0) {
+        crt_profile_for_test.allowed_mds |= MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA1);
+        mbedtls_ssl_conf_cert_profile(&conf, &crt_profile_for_test);
+        mbedtls_ssl_conf_sig_hashes(&conf, ssl_sig_hashes_for_test);
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+    if (opt.auth_mode != DFL_AUTH_MODE) {
+        mbedtls_ssl_conf_authmode(&conf, opt.auth_mode);
+    }
+
+    if (opt.cert_req_ca_list != DFL_CERT_REQ_CA_LIST) {
+        mbedtls_ssl_conf_cert_req_ca_list(&conf, opt.cert_req_ca_list);
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX) {
+        mbedtls_ssl_conf_handshake_timeout(&conf, opt.hs_to_min, opt.hs_to_max);
+    }
+
+    if (opt.dgram_packing != DFL_DGRAM_PACKING) {
+        mbedtls_ssl_set_datagram_packing(&ssl, opt.dgram_packing);
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    if ((ret = mbedtls_ssl_conf_max_frag_len(&conf, opt.mfl_code)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", ret);
+        goto exit;
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    if (opt.cid_enabled == 1 || opt.cid_enabled_renego == 1) {
+        if (opt.cid_enabled == 1        &&
+            opt.cid_enabled_renego == 1 &&
+            cid_len != cid_renego_len) {
+            mbedtls_printf("CID length must not change during renegotiation\n");
+            goto usage;
+        }
+
+        if (opt.cid_enabled == 1) {
+            ret = mbedtls_ssl_conf_cid(&conf, cid_len,
+                                       MBEDTLS_SSL_UNEXPECTED_CID_IGNORE);
+        } else {
+            ret = mbedtls_ssl_conf_cid(&conf, cid_renego_len,
+                                       MBEDTLS_SSL_UNEXPECTED_CID_IGNORE);
+        }
+
+        if (ret != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_conf_cid_len returned -%#04x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+    }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+    const mbedtls_ssl_srtp_profile forced_profile[] =
+    { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET };
+    if (opt.use_srtp == 1) {
+        if (opt.force_srtp_profile != 0) {
+            ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles(&conf, forced_profile);
+        } else {
+            ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles(&conf, default_profiles);
+        }
+
+        if (ret != 0) {
+            mbedtls_printf(
+                " failed\n  ! mbedtls_ssl_conf_dtls_srtp_protection_profiles returned %d\n\n",
+                ret);
+            goto exit;
+        }
+
+        mbedtls_ssl_conf_srtp_mki_value_supported(&conf,
+                                                  opt.support_mki ?
+                                                  MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED :
+                                                  MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED);
+
+    } else if (opt.force_srtp_profile != 0) {
+        mbedtls_printf(" failed\n  ! must enable use_srtp to force srtp profile\n\n");
+        goto exit;
+    }
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    if (opt.trunc_hmac != DFL_TRUNC_HMAC) {
+        mbedtls_ssl_conf_truncated_hmac(&conf, opt.trunc_hmac);
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    if (opt.extended_ms != DFL_EXTENDED_MS) {
+        mbedtls_ssl_conf_extended_master_secret(&conf, opt.extended_ms);
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    if (opt.etm != DFL_ETM) {
+        mbedtls_ssl_conf_encrypt_then_mac(&conf, opt.etm);
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+    if (opt.eap_tls != 0) {
+        mbedtls_ssl_conf_export_keys_ext_cb(&conf, eap_tls_key_derivation,
+                                            &eap_tls_keying);
+    } else if (opt.nss_keylog != 0) {
+        mbedtls_ssl_conf_export_keys_ext_cb(&conf,
+                                            nss_keylog_export,
+                                            NULL);
+    }
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+    else if (opt.use_srtp != 0) {
+        mbedtls_ssl_conf_export_keys_ext_cb(&conf, dtls_srtp_key_derivation,
+                                            &dtls_srtp_keying);
+    }
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
+#if defined(MBEDTLS_SSL_ALPN)
+    if (opt.alpn_string != NULL) {
+        if ((ret = mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", ret);
+            goto exit;
+        }
+    }
+#endif
+
+    if (opt.reproducible) {
+#if defined(MBEDTLS_HAVE_TIME)
+#if defined(MBEDTLS_PLATFORM_TIME_ALT)
+        mbedtls_platform_set_time(dummy_constant_time);
+#else
+        fprintf(stderr, "Warning: reproducible option used without constant time\n");
+#endif
+#endif  /* MBEDTLS_HAVE_TIME */
+    }
+    mbedtls_ssl_conf_rng(&conf, rng_get, &rng);
+    mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
+
+#if defined(MBEDTLS_SSL_CACHE_C)
+    if (opt.cache_max != -1) {
+        mbedtls_ssl_cache_set_max_entries(&cache, opt.cache_max);
+    }
+
+#if defined(MBEDTLS_HAVE_TIME)
+    if (opt.cache_timeout != -1) {
+        mbedtls_ssl_cache_set_timeout(&cache, opt.cache_timeout);
+    }
+#endif
+
+    mbedtls_ssl_conf_session_cache(&conf, &cache,
+                                   mbedtls_ssl_cache_get,
+                                   mbedtls_ssl_cache_set);
+#endif
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C)
+    if (opt.tickets == MBEDTLS_SSL_SESSION_TICKETS_ENABLED) {
+        if ((ret = mbedtls_ssl_ticket_setup(&ticket_ctx,
+                                            rng_get, &rng,
+                                            MBEDTLS_CIPHER_AES_256_GCM,
+                                            opt.ticket_timeout)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_ticket_setup returned %d\n\n", ret);
+            goto exit;
+        }
+
+        mbedtls_ssl_conf_session_tickets_cb(&conf,
+                                            mbedtls_ssl_ticket_write,
+                                            mbedtls_ssl_ticket_parse,
+                                            &ticket_ctx);
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+#if defined(MBEDTLS_SSL_COOKIE_C)
+        if (opt.cookies > 0) {
+            if ((ret = mbedtls_ssl_cookie_setup(&cookie_ctx,
+                                                rng_get, &rng)) != 0) {
+                mbedtls_printf(" failed\n  ! mbedtls_ssl_cookie_setup returned %d\n\n", ret);
+                goto exit;
+            }
+
+            mbedtls_ssl_conf_dtls_cookies(&conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
+                                          &cookie_ctx);
+        } else
+#endif /* MBEDTLS_SSL_COOKIE_C */
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
+        if (opt.cookies == 0) {
+            mbedtls_ssl_conf_dtls_cookies(&conf, NULL, NULL, NULL);
+        } else
+#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
+        {
+            ; /* Nothing to do */
+        }
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+        if (opt.anti_replay != DFL_ANTI_REPLAY) {
+            mbedtls_ssl_conf_dtls_anti_replay(&conf, opt.anti_replay);
+        }
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
+        if (opt.badmac_limit != DFL_BADMAC_LIMIT) {
+            mbedtls_ssl_conf_dtls_badmac_limit(&conf, opt.badmac_limit);
+        }
+#endif
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    if (opt.force_ciphersuite[0] != DFL_FORCE_CIPHER) {
+        mbedtls_ssl_conf_ciphersuites(&conf, opt.force_ciphersuite);
+    }
+
+#if defined(MBEDTLS_ARC4_C)
+    if (opt.arc4 != DFL_ARC4) {
+        mbedtls_ssl_conf_arc4_support(&conf, opt.arc4);
+    }
+#endif
+
+    if (opt.version_suites != NULL) {
+        mbedtls_ssl_conf_ciphersuites_for_version(&conf, version_suites[0],
+                                                  MBEDTLS_SSL_MAJOR_VERSION_3,
+                                                  MBEDTLS_SSL_MINOR_VERSION_0);
+        mbedtls_ssl_conf_ciphersuites_for_version(&conf, version_suites[1],
+                                                  MBEDTLS_SSL_MAJOR_VERSION_3,
+                                                  MBEDTLS_SSL_MINOR_VERSION_1);
+        mbedtls_ssl_conf_ciphersuites_for_version(&conf, version_suites[2],
+                                                  MBEDTLS_SSL_MAJOR_VERSION_3,
+                                                  MBEDTLS_SSL_MINOR_VERSION_2);
+        mbedtls_ssl_conf_ciphersuites_for_version(&conf, version_suites[3],
+                                                  MBEDTLS_SSL_MAJOR_VERSION_3,
+                                                  MBEDTLS_SSL_MINOR_VERSION_3);
+    }
+
+    if (opt.allow_legacy != DFL_ALLOW_LEGACY) {
+        mbedtls_ssl_conf_legacy_renegotiation(&conf, opt.allow_legacy);
+    }
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    mbedtls_ssl_conf_renegotiation(&conf, opt.renegotiation);
+
+    if (opt.renego_delay != DFL_RENEGO_DELAY) {
+        mbedtls_ssl_conf_renegotiation_enforced(&conf, opt.renego_delay);
+    }
+
+    if (opt.renego_period != DFL_RENEGO_PERIOD) {
+        PUT_UINT64_BE(renego_period, opt.renego_period, 0);
+        mbedtls_ssl_conf_renegotiation_period(&conf, renego_period);
+    }
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    if (strcmp(opt.ca_path, "none") != 0 &&
+        strcmp(opt.ca_file, "none") != 0) {
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+        if (opt.ca_callback != 0) {
+            mbedtls_ssl_conf_ca_cb(&conf, ca_callback, &cacert);
+        } else
+#endif
+        mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL);
+    }
+    if (key_cert_init) {
+        mbedtls_pk_context *pk = &pkey;
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+        if (opt.async_private_delay1 >= 0) {
+            ret = ssl_async_set_key(&ssl_async_keys, &srvcert, pk, 0,
+                                    opt.async_private_delay1);
+            if (ret < 0) {
+                mbedtls_printf("  Test error: ssl_async_set_key failed (%d)\n",
+                               ret);
+                goto exit;
+            }
+            pk = NULL;
+        }
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+        if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, pk)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret);
+            goto exit;
+        }
+    }
+    if (key_cert_init2) {
+        mbedtls_pk_context *pk = &pkey2;
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+        if (opt.async_private_delay2 >= 0) {
+            ret = ssl_async_set_key(&ssl_async_keys, &srvcert2, pk, 0,
+                                    opt.async_private_delay2);
+            if (ret < 0) {
+                mbedtls_printf("  Test error: ssl_async_set_key failed (%d)\n",
+                               ret);
+                goto exit;
+            }
+            pk = NULL;
+        }
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+        if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert2, pk)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret);
+            goto exit;
+        }
+    }
+
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+    if (opt.async_operations[0] != '-') {
+        mbedtls_ssl_async_sign_t *sign = NULL;
+        mbedtls_ssl_async_decrypt_t *decrypt = NULL;
+        const char *r;
+        for (r = opt.async_operations; *r; r++) {
+            switch (*r) {
+                case 'd':
+                    decrypt = ssl_async_decrypt;
+                    break;
+                case 's':
+                    sign = ssl_async_sign;
+                    break;
+            }
+        }
+        ssl_async_keys.inject_error = (opt.async_private_error < 0 ?
+                                       -opt.async_private_error :
+                                       opt.async_private_error);
+        ssl_async_keys.f_rng = rng_get;
+        ssl_async_keys.p_rng = &rng;
+        mbedtls_ssl_conf_async_private_cb(&conf,
+                                          sign,
+                                          decrypt,
+                                          ssl_async_resume,
+                                          ssl_async_cancel,
+                                          &ssl_async_keys);
+    }
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+#if defined(SNI_OPTION)
+    if (opt.sni != NULL) {
+        mbedtls_ssl_conf_sni(&conf, sni_callback, sni_info);
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+        if (opt.async_private_delay2 >= 0) {
+            sni_entry *cur;
+            for (cur = sni_info; cur != NULL; cur = cur->next) {
+                ret = ssl_async_set_key(&ssl_async_keys,
+                                        cur->cert, cur->key, 1,
+                                        opt.async_private_delay2);
+                if (ret < 0) {
+                    mbedtls_printf("  Test error: ssl_async_set_key failed (%d)\n",
+                                   ret);
+                    goto exit;
+                }
+                cur->key = NULL;
+            }
+        }
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+    }
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+    if (opt.curves != NULL &&
+        strcmp(opt.curves, "default") != 0) {
+        mbedtls_ssl_conf_curves(&conf, curve_list);
+    }
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+
+    if (strlen(opt.psk) != 0 && strlen(opt.psk_identity) != 0) {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        if (opt.psk_opaque != 0) {
+            /* The algorithm has already been determined earlier. */
+            status = psa_setup_psk_key_slot(&psk_slot, alg, psk, psk_len);
+            if (status != PSA_SUCCESS) {
+                fprintf(stderr, "SETUP FAIL\n");
+                ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+                goto exit;
+            }
+            if ((ret = mbedtls_ssl_conf_psk_opaque(&conf, psk_slot,
+                                                   (const unsigned char *) opt.psk_identity,
+                                                   strlen(opt.psk_identity))) != 0) {
+                mbedtls_printf(" failed\n  ! mbedtls_ssl_conf_psk_opaque returned %d\n\n",
+                               ret);
+                goto exit;
+            }
+        } else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+        if (psk_len > 0) {
+            ret = mbedtls_ssl_conf_psk(&conf, psk, psk_len,
+                                       (const unsigned char *) opt.psk_identity,
+                                       strlen(opt.psk_identity));
+            if (ret != 0) {
+                mbedtls_printf("  failed\n  mbedtls_ssl_conf_psk returned -0x%04X\n\n",
+                               (unsigned int) -ret);
+                goto exit;
+            }
+        }
+    }
+
+    if (opt.psk_list != NULL) {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        if (opt.psk_list_opaque != 0) {
+            psk_entry *cur_psk;
+            for (cur_psk = psk_info; cur_psk != NULL; cur_psk = cur_psk->next) {
+
+                status = psa_setup_psk_key_slot(&cur_psk->slot, alg,
+                                                cur_psk->key,
+                                                cur_psk->key_len);
+                if (status != PSA_SUCCESS) {
+                    ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+                    goto exit;
+                }
+            }
+        }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+        mbedtls_ssl_conf_psk_cb(&conf, psk_callback, psk_info);
+    }
+#endif
+
+#if defined(MBEDTLS_DHM_C)
+    /*
+     * Use different group than default DHM group
+     */
+#if defined(MBEDTLS_FS_IO)
+    if (opt.dhm_file != NULL) {
+        ret = mbedtls_ssl_conf_dh_param_ctx(&conf, &dhm);
+    }
+#endif
+    if (ret != 0) {
+        mbedtls_printf("  failed\n  mbedtls_ssl_conf_dh_param returned -0x%04X\n\n",
+                       (unsigned int) -ret);
+        goto exit;
+    }
+#endif
+
+    if (opt.min_version != DFL_MIN_VERSION) {
+        mbedtls_ssl_conf_min_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version);
+    }
+
+    if (opt.max_version != DFL_MIN_VERSION) {
+        mbedtls_ssl_conf_max_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version);
+    }
+
+    if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_setup returned -0x%x\n\n", (unsigned int) -ret);
+        goto exit;
+    }
+
+    io_ctx.ssl = &ssl;
+    io_ctx.net = &client_fd;
+    mbedtls_ssl_set_bio(&ssl, &io_ctx, send_cb, recv_cb,
+                        opt.nbio == 0 ? recv_timeout_cb : NULL);
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        if ((ret = mbedtls_ssl_set_cid(&ssl, opt.cid_enabled,
+                                       cid, cid_len)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_set_cid returned %d\n\n",
+                           ret);
+            goto exit;
+        }
+    }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if (opt.dtls_mtu != DFL_DTLS_MTU) {
+        mbedtls_ssl_set_mtu(&ssl, opt.dtls_mtu);
+    }
+#endif
+
+#if defined(MBEDTLS_TIMING_C)
+    mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay,
+                             mbedtls_timing_get_delay);
+#endif
+
+    mbedtls_printf(" ok\n");
+
+reset:
+#if !defined(_WIN32)
+    if (received_sigterm) {
+        mbedtls_printf(" interrupted by SIGTERM (not in net_accept())\n");
+        if (ret == MBEDTLS_ERR_NET_INVALID_CONTEXT) {
+            ret = 0;
+        }
+
+        goto exit;
+    }
+#endif
+
+    if (ret == MBEDTLS_ERR_SSL_CLIENT_RECONNECT) {
+        mbedtls_printf("  ! Client initiated reconnection from same port\n");
+        goto handshake;
+    }
+
+#ifdef MBEDTLS_ERROR_C
+    if (ret != 0) {
+        char error_buf[100];
+        mbedtls_strerror(ret, error_buf, 100);
+        mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf);
+    }
+#endif
+
+    mbedtls_net_free(&client_fd);
+
+    mbedtls_ssl_session_reset(&ssl);
+
+    /*
+     * 3. Wait until a client connects
+     */
+    mbedtls_printf("  . Waiting for a remote connection ...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_net_accept(&listen_fd, &client_fd,
+                                  client_ip, sizeof(client_ip), &cliip_len)) != 0) {
+#if !defined(_WIN32)
+        if (received_sigterm) {
+            mbedtls_printf(" interrupted by SIGTERM (in net_accept())\n");
+            if (ret == MBEDTLS_ERR_NET_ACCEPT_FAILED) {
+                ret = 0;
+            }
+
+            goto exit;
+        }
+#endif
+
+        mbedtls_printf(" failed\n  ! mbedtls_net_accept returned -0x%x\n\n", (unsigned int) -ret);
+        goto exit;
+    }
+
+    if (opt.nbio > 0) {
+        ret = mbedtls_net_set_nonblock(&client_fd);
+    } else {
+        ret = mbedtls_net_set_block(&client_fd);
+    }
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  ! net_set_(non)block() returned -0x%x\n\n", (unsigned int) -ret);
+        goto exit;
+    }
+
+    mbedtls_ssl_conf_read_timeout(&conf, opt.read_timeout);
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
+    if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        if ((ret = mbedtls_ssl_set_client_transport_id(&ssl,
+                                                       client_ip, cliip_len)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+    }
+#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    if (opt.ecjpake_pw != DFL_ECJPAKE_PW) {
+        if ((ret = mbedtls_ssl_set_hs_ecjpake_password(&ssl,
+                                                       (const unsigned char *) opt.ecjpake_pw,
+                                                       strlen(opt.ecjpake_pw))) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n", ret);
+            goto exit;
+        }
+    }
+#endif
+
+    /*
+     * 4. Handshake
+     */
+handshake:
+    mbedtls_printf("  . Performing the SSL/TLS handshake...");
+    fflush(stdout);
+
+    while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) {
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+        if (ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS &&
+            ssl_async_keys.inject_error == SSL_ASYNC_INJECT_ERROR_CANCEL) {
+            mbedtls_printf(" cancelling on injected error\n");
+            break;
+        }
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+
+        if (!mbedtls_status_is_ssl_in_progress(ret)) {
+            break;
+        }
+
+        /* For event-driven IO, wait for socket to become available */
+        if (opt.event == 1 /* level triggered IO */) {
+#if defined(MBEDTLS_TIMING_C)
+            ret = idle(&client_fd, &timer, ret);
+#else
+            ret = idle(&client_fd, ret);
+#endif
+            if (ret != 0) {
+                goto reset;
+            }
+        }
+    }
+
+    if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) {
+        mbedtls_printf(" hello verification requested\n");
+        ret = 0;
+        goto reset;
+    } else if (ret != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ssl_handshake returned -0x%x\n\n",
+                       (unsigned int) -ret);
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+        if (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED) {
+            char vrfy_buf[512];
+            flags = mbedtls_ssl_get_verify_result(&ssl);
+
+            mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), "  ! ", flags);
+
+            mbedtls_printf("%s\n", vrfy_buf);
+        }
+#endif
+
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+        if (opt.async_private_error < 0) {
+            /* Injected error only the first time round, to test reset */
+            ssl_async_keys.inject_error = SSL_ASYNC_INJECT_ERROR_NONE;
+        }
+#endif
+        goto reset;
+    } else { /* ret == 0 */
+        mbedtls_printf(" ok\n    [ Protocol is %s ]\n    [ Ciphersuite is %s ]\n",
+                       mbedtls_ssl_get_version(&ssl), mbedtls_ssl_get_ciphersuite(&ssl));
+    }
+
+    if ((ret = mbedtls_ssl_get_record_expansion(&ssl)) >= 0) {
+        mbedtls_printf("    [ Record expansion is %d ]\n", ret);
+    } else {
+        mbedtls_printf("    [ Record expansion is unknown (compression) ]\n");
+    }
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    mbedtls_printf("    [ Maximum input fragment length is %u ]\n",
+                   (unsigned int) mbedtls_ssl_get_input_max_frag_len(&ssl));
+    mbedtls_printf("    [ Maximum output fragment length is %u ]\n",
+                   (unsigned int) mbedtls_ssl_get_output_max_frag_len(&ssl));
+#endif
+
+#if defined(MBEDTLS_SSL_ALPN)
+    if (opt.alpn_string != NULL) {
+        const char *alp = mbedtls_ssl_get_alpn_protocol(&ssl);
+        mbedtls_printf("    [ Application Layer Protocol is %s ]\n",
+                       alp ? alp : "(none)");
+    }
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    /*
+     * 5. Verify the client certificate
+     */
+    mbedtls_printf("  . Verifying peer X.509 certificate...");
+
+    if ((flags = mbedtls_ssl_get_verify_result(&ssl)) != 0) {
+        char vrfy_buf[512];
+
+        mbedtls_printf(" failed\n");
+
+        mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), "  ! ", flags);
+
+        mbedtls_printf("%s\n", vrfy_buf);
+    } else {
+        mbedtls_printf(" ok\n");
+    }
+
+    if (mbedtls_ssl_get_peer_cert(&ssl) != NULL) {
+        char crt_buf[512];
+
+        mbedtls_printf("  . Peer certificate information    ...\n");
+        mbedtls_x509_crt_info(crt_buf, sizeof(crt_buf), "      ",
+                              mbedtls_ssl_get_peer_cert(&ssl));
+        mbedtls_printf("%s\n", crt_buf);
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+    if (opt.eap_tls != 0) {
+        size_t j = 0;
+
+        if ((ret = mbedtls_ssl_tls_prf(eap_tls_keying.tls_prf_type,
+                                       eap_tls_keying.master_secret,
+                                       sizeof(eap_tls_keying.master_secret),
+                                       eap_tls_label,
+                                       eap_tls_keying.randbytes,
+                                       sizeof(eap_tls_keying.randbytes),
+                                       eap_tls_keymaterial,
+                                       sizeof(eap_tls_keymaterial)))
+            != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto reset;
+        }
+
+        mbedtls_printf("    EAP-TLS key material is:");
+        for (j = 0; j < sizeof(eap_tls_keymaterial); j++) {
+            if (j % 8 == 0) {
+                mbedtls_printf("\n    ");
+            }
+            mbedtls_printf("%02x ", eap_tls_keymaterial[j]);
+        }
+        mbedtls_printf("\n");
+
+        if ((ret = mbedtls_ssl_tls_prf(eap_tls_keying.tls_prf_type, NULL, 0,
+                                       eap_tls_label,
+                                       eap_tls_keying.randbytes,
+                                       sizeof(eap_tls_keying.randbytes),
+                                       eap_tls_iv,
+                                       sizeof(eap_tls_iv))) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto reset;
+        }
+
+        mbedtls_printf("    EAP-TLS IV is:");
+        for (j = 0; j < sizeof(eap_tls_iv); j++) {
+            if (j % 8 == 0) {
+                mbedtls_printf("\n    ");
+            }
+            mbedtls_printf("%02x ", eap_tls_iv[j]);
+        }
+        mbedtls_printf("\n");
+    }
+
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+    else if (opt.use_srtp != 0) {
+        size_t j = 0;
+        mbedtls_dtls_srtp_info dtls_srtp_negotiation_result;
+        mbedtls_ssl_get_dtls_srtp_negotiation_result(&ssl, &dtls_srtp_negotiation_result);
+
+        if (dtls_srtp_negotiation_result.chosen_dtls_srtp_profile
+            == MBEDTLS_TLS_SRTP_UNSET) {
+            mbedtls_printf("    Unable to negotiate "
+                           "the use of DTLS-SRTP\n");
+        } else {
+            if ((ret = mbedtls_ssl_tls_prf(dtls_srtp_keying.tls_prf_type,
+                                           dtls_srtp_keying.master_secret,
+                                           sizeof(dtls_srtp_keying.master_secret),
+                                           dtls_srtp_label,
+                                           dtls_srtp_keying.randbytes,
+                                           sizeof(dtls_srtp_keying.randbytes),
+                                           dtls_srtp_key_material,
+                                           sizeof(dtls_srtp_key_material)))
+                != 0) {
+                mbedtls_printf(" failed\n  ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
+                               (unsigned int) -ret);
+                goto exit;
+            }
+
+            mbedtls_printf("    DTLS-SRTP key material is:");
+            for (j = 0; j < sizeof(dtls_srtp_key_material); j++) {
+                if (j % 8 == 0) {
+                    mbedtls_printf("\n    ");
+                }
+                mbedtls_printf("%02x ", dtls_srtp_key_material[j]);
+            }
+            mbedtls_printf("\n");
+
+            /* produce a less readable output used to perform automatic checks
+             * - compare client and server output
+             * - interop test with openssl which client produces this kind of output
+             */
+            mbedtls_printf("    Keying material: ");
+            for (j = 0; j < sizeof(dtls_srtp_key_material); j++) {
+                mbedtls_printf("%02X", dtls_srtp_key_material[j]);
+            }
+            mbedtls_printf("\n");
+
+            if (dtls_srtp_negotiation_result.mki_len > 0) {
+                mbedtls_printf("    DTLS-SRTP mki value: ");
+                for (j = 0; j < dtls_srtp_negotiation_result.mki_len; j++) {
+                    mbedtls_printf("%02X", dtls_srtp_negotiation_result.mki_value[j]);
+                }
+            } else {
+                mbedtls_printf("    DTLS-SRTP no mki value negotiated");
+            }
+            mbedtls_printf("\n");
+
+        }
+    }
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    ret = report_cid_usage(&ssl, "initial handshake");
+    if (ret != 0) {
+        goto exit;
+    }
+
+    if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        if ((ret = mbedtls_ssl_set_cid(&ssl, opt.cid_enabled_renego,
+                                       cid_renego, cid_renego_len)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_set_cid returned %d\n\n",
+                           ret);
+            goto exit;
+        }
+    }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    mbedtls_memory_buffer_alloc_cur_get(&current_heap_memory, &heap_blocks);
+    mbedtls_memory_buffer_alloc_max_get(&peak_heap_memory, &heap_blocks);
+    mbedtls_printf("Heap memory usage after handshake: %lu bytes. Peak memory usage was %lu\n",
+                   (unsigned long) current_heap_memory, (unsigned long) peak_heap_memory);
+#endif  /* MBEDTLS_MEMORY_DEBUG */
+
+    if (opt.exchanges == 0) {
+        goto close_notify;
+    }
+
+    exchanges_left = opt.exchanges;
+data_exchange:
+    /*
+     * 6. Read the HTTP Request
+     */
+    mbedtls_printf("  < Read from client:");
+    fflush(stdout);
+
+    /*
+     * TLS and DTLS need different reading styles (stream vs datagram)
+     */
+    if (opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM) {
+        do {
+            int terminated = 0;
+            len = opt.buffer_size;
+            memset(buf, 0, opt.buffer_size);
+            ret = mbedtls_ssl_read(&ssl, buf, len);
+
+            if (mbedtls_status_is_ssl_in_progress(ret)) {
+                if (opt.event == 1 /* level triggered IO */) {
+#if defined(MBEDTLS_TIMING_C)
+                    idle(&client_fd, &timer, ret);
+#else
+                    idle(&client_fd, ret);
+#endif
+                }
+
+                continue;
+            }
+
+            if (ret <= 0) {
+                switch (ret) {
+                    case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
+                        mbedtls_printf(" connection was closed gracefully\n");
+                        goto close_notify;
+
+                    case 0:
+                    case MBEDTLS_ERR_NET_CONN_RESET:
+                        mbedtls_printf(" connection was reset by peer\n");
+                        ret = MBEDTLS_ERR_NET_CONN_RESET;
+                        goto reset;
+
+                    default:
+                        mbedtls_printf(" mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret);
+                        goto reset;
+                }
+            }
+
+            if (mbedtls_ssl_get_bytes_avail(&ssl) == 0) {
+                len = ret;
+                buf[len] = '\0';
+                mbedtls_printf(" %d bytes read\n\n%s\n", len, (char *) buf);
+
+                /* End of message should be detected according to the syntax of the
+                 * application protocol (eg HTTP), just use a dummy test here. */
+                if (buf[len - 1] == '\n') {
+                    terminated = 1;
+                }
+            } else {
+                int extra_len, ori_len;
+                unsigned char *larger_buf;
+
+                ori_len = ret;
+                extra_len = (int) mbedtls_ssl_get_bytes_avail(&ssl);
+
+                larger_buf = mbedtls_calloc(1, ori_len + extra_len + 1);
+                if (larger_buf == NULL) {
+                    mbedtls_printf("  ! memory allocation failed\n");
+                    ret = 1;
+                    goto reset;
+                }
+
+                memset(larger_buf, 0, ori_len + extra_len);
+                memcpy(larger_buf, buf, ori_len);
+
+                /* This read should never fail and get the whole cached data */
+                ret = mbedtls_ssl_read(&ssl, larger_buf + ori_len, extra_len);
+                if (ret != extra_len ||
+                    mbedtls_ssl_get_bytes_avail(&ssl) != 0) {
+                    mbedtls_printf("  ! mbedtls_ssl_read failed on cached data\n");
+                    ret = 1;
+                    goto reset;
+                }
+
+                larger_buf[ori_len + extra_len] = '\0';
+                mbedtls_printf(" %d bytes read (%d + %d)\n\n%s\n",
+                               ori_len + extra_len, ori_len, extra_len,
+                               (char *) larger_buf);
+
+                /* End of message should be detected according to the syntax of the
+                 * application protocol (eg HTTP), just use a dummy test here. */
+                if (larger_buf[ori_len + extra_len - 1] == '\n') {
+                    terminated = 1;
+                }
+
+                mbedtls_free(larger_buf);
+            }
+
+            if (terminated) {
+                ret = 0;
+                break;
+            }
+        } while (1);
+    } else { /* Not stream, so datagram */
+        len = opt.buffer_size;
+        memset(buf, 0, opt.buffer_size);
+
+        do {
+            /* Without the call to `mbedtls_ssl_check_pending`, it might
+             * happen that the client sends application data in the same
+             * datagram as the Finished message concluding the handshake.
+             * In this case, the application data would be ready to be
+             * processed while the underlying transport wouldn't signal
+             * any further incoming data.
+             *
+             * See the test 'Event-driven I/O: session-id resume, UDP packing'
+             * in tests/ssl-opt.sh.
+             */
+
+            /* For event-driven IO, wait for socket to become available */
+            if (mbedtls_ssl_check_pending(&ssl) == 0 &&
+                opt.event == 1 /* level triggered IO */) {
+#if defined(MBEDTLS_TIMING_C)
+                idle(&client_fd, &timer, MBEDTLS_ERR_SSL_WANT_READ);
+#else
+                idle(&client_fd, MBEDTLS_ERR_SSL_WANT_READ);
+#endif
+            }
+
+            ret = mbedtls_ssl_read(&ssl, buf, len);
+
+            /* Note that even if `mbedtls_ssl_check_pending` returns true,
+             * it can happen that the subsequent call to `mbedtls_ssl_read`
+             * returns `MBEDTLS_ERR_SSL_WANT_READ`, because the pending messages
+             * might be discarded (e.g. because they are retransmissions). */
+        } while (mbedtls_status_is_ssl_in_progress(ret));
+
+        if (ret <= 0) {
+            switch (ret) {
+                case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
+                    mbedtls_printf(" connection was closed gracefully\n");
+                    goto close_notify;
+
+                default:
+                    mbedtls_printf(" mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret);
+                    goto reset;
+            }
+        }
+
+        len = ret;
+        buf[len] = '\0';
+        mbedtls_printf(" %d bytes read\n\n%s", len, (char *) buf);
+        ret = 0;
+    }
+
+    /*
+     * 7a. Request renegotiation while client is waiting for input from us.
+     * (only on the first exchange, to be able to test retransmission)
+     */
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if (opt.renegotiate && exchanges_left == opt.exchanges) {
+        mbedtls_printf("  . Requestion renegotiation...");
+        fflush(stdout);
+
+        while ((ret = mbedtls_ssl_renegotiate(&ssl)) != 0) {
+            if (!mbedtls_status_is_ssl_in_progress(ret)) {
+                mbedtls_printf(" failed\n  ! mbedtls_ssl_renegotiate returned %d\n\n", ret);
+                goto reset;
+            }
+
+            /* For event-driven IO, wait for socket to become available */
+            if (opt.event == 1 /* level triggered IO */) {
+#if defined(MBEDTLS_TIMING_C)
+                idle(&client_fd, &timer, ret);
+#else
+                idle(&client_fd, ret);
+#endif
+            }
+        }
+
+        mbedtls_printf(" ok\n");
+    }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    ret = report_cid_usage(&ssl, "after renegotiation");
+    if (ret != 0) {
+        goto exit;
+    }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+    /*
+     * 7. Write the 200 Response
+     */
+    mbedtls_printf("  > Write to client:");
+    fflush(stdout);
+
+    /* If the format of the response changes, make sure there is enough
+     * room in buf (buf_content_size calculation above). */
+    len = sprintf((char *) buf, HTTP_RESPONSE,
+                  mbedtls_ssl_get_ciphersuite(&ssl));
+
+    /* Add padding to the response to reach opt.response_size in length */
+    if (opt.response_size != DFL_RESPONSE_SIZE &&
+        len < opt.response_size) {
+        memset(buf + len, 'B', opt.response_size - len);
+        len += opt.response_size - len;
+    }
+
+    /* Truncate if response size is smaller than the "natural" size */
+    if (opt.response_size != DFL_RESPONSE_SIZE &&
+        len > opt.response_size) {
+        len = opt.response_size;
+
+        /* Still end with \r\n unless that's really not possible */
+        if (len >= 2) {
+            buf[len - 2] = '\r';
+        }
+        if (len >= 1) {
+            buf[len - 1] = '\n';
+        }
+    }
+
+    if (opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM) {
+        for (written = 0, frags = 0; written < len; written += ret, frags++) {
+            while ((ret = mbedtls_ssl_write(&ssl, buf + written, len - written))
+                   <= 0) {
+                if (ret == MBEDTLS_ERR_NET_CONN_RESET) {
+                    mbedtls_printf(" failed\n  ! peer closed the connection\n\n");
+                    goto reset;
+                }
+
+                if (!mbedtls_status_is_ssl_in_progress(ret)) {
+                    mbedtls_printf(" failed\n  ! mbedtls_ssl_write returned %d\n\n", ret);
+                    goto reset;
+                }
+
+                /* For event-driven IO, wait for socket to become available */
+                if (opt.event == 1 /* level triggered IO */) {
+#if defined(MBEDTLS_TIMING_C)
+                    idle(&client_fd, &timer, ret);
+#else
+                    idle(&client_fd, ret);
+#endif
+                }
+            }
+        }
+    } else { /* Not stream, so datagram */
+        while (1) {
+            ret = mbedtls_ssl_write(&ssl, buf, len);
+
+            if (!mbedtls_status_is_ssl_in_progress(ret)) {
+                break;
+            }
+
+            /* For event-driven IO, wait for socket to become available */
+            if (opt.event == 1 /* level triggered IO */) {
+#if defined(MBEDTLS_TIMING_C)
+                idle(&client_fd, &timer, ret);
+#else
+                idle(&client_fd, ret);
+#endif
+            }
+        }
+
+        if (ret < 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_write returned %d\n\n", ret);
+            goto reset;
+        }
+
+        frags = 1;
+        written = ret;
+    }
+
+    buf[written] = '\0';
+    mbedtls_printf(" %d bytes written in %d fragments\n\n%s\n", written, frags, (char *) buf);
+    ret = 0;
+
+    /*
+     * 7b. Simulate serialize/deserialize and go back to data exchange
+     */
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+    if (opt.serialize != 0) {
+        size_t buf_len;
+
+        mbedtls_printf("  . Serializing live connection...");
+
+        ret = mbedtls_ssl_context_save(&ssl, NULL, 0, &buf_len);
+        if (ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_context_save returned "
+                           "-0x%x\n\n", (unsigned int) -ret);
+
+            goto exit;
+        }
+
+        if ((context_buf = mbedtls_calloc(1, buf_len)) == NULL) {
+            mbedtls_printf(" failed\n  ! Couldn't allocate buffer for "
+                           "serialized context");
+
+            goto exit;
+        }
+        context_buf_len = buf_len;
+
+        if ((ret = mbedtls_ssl_context_save(&ssl, context_buf,
+                                            buf_len, &buf_len)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_context_save returned "
+                           "-0x%x\n\n", (unsigned int) -ret);
+
+            goto exit;
+        }
+
+        mbedtls_printf(" ok\n");
+
+        /* Save serialized context to the 'opt.context_file' as a base64 code */
+        if (0 < strlen(opt.context_file)) {
+            FILE *b64_file;
+            uint8_t *b64_buf;
+            size_t b64_len;
+
+            mbedtls_printf("  . Save serialized context to a file... ");
+
+            mbedtls_base64_encode(NULL, 0, &b64_len, context_buf, buf_len);
+
+            if ((b64_buf = mbedtls_calloc(1, b64_len)) == NULL) {
+                mbedtls_printf("failed\n  ! Couldn't allocate buffer for "
+                               "the base64 code\n");
+                goto exit;
+            }
+
+            if ((ret = mbedtls_base64_encode(b64_buf, b64_len, &b64_len,
+                                             context_buf, buf_len)) != 0) {
+                mbedtls_printf("failed\n  ! mbedtls_base64_encode returned "
+                               "-0x%x\n", (unsigned int) -ret);
+                mbedtls_free(b64_buf);
+                goto exit;
+            }
+
+            if ((b64_file = fopen(opt.context_file, "w")) == NULL) {
+                mbedtls_printf("failed\n  ! Cannot open '%s' for writing.\n",
+                               opt.context_file);
+                mbedtls_free(b64_buf);
+                goto exit;
+            }
+
+            if (b64_len != fwrite(b64_buf, 1, b64_len, b64_file)) {
+                mbedtls_printf("failed\n  ! fwrite(%ld bytes) failed\n",
+                               (long) b64_len);
+                mbedtls_free(b64_buf);
+                fclose(b64_file);
+                goto exit;
+            }
+
+            mbedtls_free(b64_buf);
+            fclose(b64_file);
+
+            mbedtls_printf("ok\n");
+        }
+
+        /*
+         * This simulates a workflow where you have a long-lived server
+         * instance, potentially with a pool of ssl_context objects, and you
+         * just want to re-use one while the connection is inactive: in that
+         * case you can just reset() it, and then it's ready to receive
+         * serialized data from another connection (or the same here).
+         */
+        if (opt.serialize == 1) {
+            /* nothing to do here, done by context_save() already */
+            mbedtls_printf("  . Context has been reset... ok\n");
+        }
+
+        /*
+         * This simulates a workflow where you have one server instance per
+         * connection, and want to release it entire when the connection is
+         * inactive, and spawn it again when needed again - this would happen
+         * between ssl_free() and ssl_init() below, together with any other
+         * teardown/startup code needed - for example, preparing the
+         * ssl_config again (see section 3 "setup stuff" in this file).
+         */
+        if (opt.serialize == 2) {
+            mbedtls_printf("  . Freeing and reinitializing context...");
+
+            mbedtls_ssl_free(&ssl);
+
+            mbedtls_ssl_init(&ssl);
+
+            if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {
+                mbedtls_printf(" failed\n  ! mbedtls_ssl_setup returned "
+                               "-0x%x\n\n", (unsigned int) -ret);
+                goto exit;
+            }
+
+            /*
+             * This illustrates the minimum amount of things you need to set
+             * up, however you could set up much more if desired, for example
+             * if you want to share your set up code between the case of
+             * establishing a new connection and this case.
+             */
+            if (opt.nbio == 2) {
+                mbedtls_ssl_set_bio(&ssl, &client_fd, delayed_send,
+                                    delayed_recv, NULL);
+            } else {
+                mbedtls_ssl_set_bio(&ssl, &client_fd, mbedtls_net_send,
+                                    mbedtls_net_recv,
+                                    opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL);
+            }
+
+#if defined(MBEDTLS_TIMING_C)
+            mbedtls_ssl_set_timer_cb(&ssl, &timer,
+                                     mbedtls_timing_set_delay,
+                                     mbedtls_timing_get_delay);
+#endif /* MBEDTLS_TIMING_C */
+
+            mbedtls_printf(" ok\n");
+        }
+
+        mbedtls_printf("  . Deserializing connection...");
+
+        if ((ret = mbedtls_ssl_context_load(&ssl, context_buf,
+                                            buf_len)) != 0) {
+            mbedtls_printf("failed\n  ! mbedtls_ssl_context_load returned "
+                           "-0x%x\n\n", (unsigned int) -ret);
+
+            goto exit;
+        }
+
+        mbedtls_free(context_buf);
+        context_buf = NULL;
+        context_buf_len = 0;
+
+        mbedtls_printf(" ok\n");
+    }
+#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
+
+    /*
+     * 7c. Continue doing data exchanges?
+     */
+    if (--exchanges_left > 0) {
+        goto data_exchange;
+    }
+
+    /*
+     * 8. Done, cleanly close the connection
+     */
+close_notify:
+    mbedtls_printf("  . Closing the connection...");
+
+    /* No error checking, the connection might be closed already */
+    do {
+        ret = mbedtls_ssl_close_notify(&ssl);
+    } while (ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+    ret = 0;
+
+    mbedtls_printf(" done\n");
+
+    goto reset;
+
+    /*
+     * Cleanup and exit
+     */
+exit:
+#ifdef MBEDTLS_ERROR_C
+    if (ret != 0) {
+        char error_buf[100];
+        mbedtls_strerror(ret, error_buf, 100);
+        mbedtls_printf("Last error was: -0x%X - %s\n\n", (unsigned int) -ret, error_buf);
+    }
+#endif
+
+    if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) {
+        mbedtls_printf("  . Cleaning up...");
+        fflush(stdout);
+    }
+
+    mbedtls_net_free(&client_fd);
+    mbedtls_net_free(&listen_fd);
+
+    mbedtls_ssl_free(&ssl);
+    mbedtls_ssl_config_free(&conf);
+
+#if defined(MBEDTLS_SSL_CACHE_C)
+    mbedtls_ssl_cache_free(&cache);
+#endif
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C)
+    mbedtls_ssl_ticket_free(&ticket_ctx);
+#endif
+#if defined(MBEDTLS_SSL_COOKIE_C)
+    mbedtls_ssl_cookie_free(&cookie_ctx);
+#endif
+
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+    if (context_buf != NULL) {
+        mbedtls_platform_zeroize(context_buf, context_buf_len);
+    }
+    mbedtls_free(context_buf);
+#endif
+
+#if defined(SNI_OPTION)
+    sni_free(sni_info);
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+    ret = psk_free(psk_info);
+    if ((ret != 0) && (opt.query_config_mode == DFL_QUERY_CONFIG_MODE)) {
+        mbedtls_printf("Failed to list of opaque PSKs - error was %d\n", ret);
+    }
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    mbedtls_x509_crt_free(&cacert);
+    mbedtls_x509_crt_free(&srvcert);
+    mbedtls_pk_free(&pkey);
+    mbedtls_x509_crt_free(&srvcert2);
+    mbedtls_pk_free(&pkey2);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_destroy_key(key_slot);
+    psa_destroy_key(key_slot2);
+#endif
+#endif
+
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
+    mbedtls_dhm_free(&dhm);
+#endif
+
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+    for (i = 0; (size_t) i < ssl_async_keys.slots_used; i++) {
+        if (ssl_async_keys.slots[i].pk_owned) {
+            mbedtls_pk_free(ssl_async_keys.slots[i].pk);
+            mbedtls_free(ssl_async_keys.slots[i].pk);
+            ssl_async_keys.slots[i].pk = NULL;
+        }
+    }
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) && \
+    defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (opt.psk_opaque != 0) {
+        /* This is ok even if the slot hasn't been
+         * initialized (we might have jumed here
+         * immediately because of bad cmd line params,
+         * for example). */
+        status = psa_destroy_key(psk_slot);
+        if ((status != PSA_SUCCESS) &&
+            (opt.query_config_mode == DFL_QUERY_CONFIG_MODE)) {
+            mbedtls_printf("Failed to destroy key slot %u - error was %d",
+                           (unsigned) psk_slot, (int) status);
+        }
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED &&
+          MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    const char *message = mbedtls_test_helper_is_psa_leaking();
+    if (message) {
+        if (ret == 0) {
+            ret = 1;
+        }
+        mbedtls_printf("PSA memory leak detected: %s\n",  message);
+    }
+#endif
+
+    /* For builds with MBEDTLS_TEST_USE_PSA_CRYPTO_RNG psa crypto
+     * resources are freed by rng_free(). */
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
+    !defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
+    mbedtls_psa_crypto_free();
+#endif
+
+    rng_free(&rng);
+
+    mbedtls_free(buf);
+
+#if defined(MBEDTLS_TEST_HOOKS)
+    /* Let test hooks detect errors such as resource leaks.
+     * Don't do it in query_config mode, because some test code prints
+     * information to stdout and this gets mixed with the regular output. */
+    if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) {
+        if (test_hooks_failure_detected()) {
+            if (ret == 0) {
+                ret = 1;
+            }
+            mbedtls_printf("Test hooks detected errors.\n");
+        }
+    }
+    test_hooks_free();
+#endif /* MBEDTLS_TEST_HOOKS */
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    mbedtls_memory_buffer_alloc_status();
+#endif
+    mbedtls_memory_buffer_alloc_free();
+#endif  /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */
+
+    if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) {
+        mbedtls_printf(" done.\n");
+
+#if defined(_WIN32)
+        mbedtls_printf("  + Press Enter to exit this program.\n");
+        fflush(stdout); getchar();
+#endif
+    }
+
+    // Shell can not handle large exit numbers -> 1 for errors
+    if (ret < 0) {
+        ret = 1;
+    }
+
+    if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) {
+        mbedtls_exit(ret);
+    } else {
+        mbedtls_exit(query_config_ret);
+    }
+}
+#endif /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_SRV_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_test_common_source.c b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_test_common_source.c
new file mode 100644
index 0000000..8784cf2
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_test_common_source.c
@@ -0,0 +1,293 @@
+/*
+ *  Common source code for SSL test programs. This file is included by
+ *  both ssl_client2.c and ssl_server2.c and is intended for source
+ *  code that is textually identical in both programs, but that cannot be
+ *  compiled separately because it refers to types or macros that are
+ *  different in the two programs, or because it would have an incomplete
+ *  type.
+ *
+ *  This file is meant to be #include'd and cannot be compiled separately.
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+int eap_tls_key_derivation(void *p_expkey,
+                           const unsigned char *ms,
+                           const unsigned char *kb,
+                           size_t maclen,
+                           size_t keylen,
+                           size_t ivlen,
+                           const unsigned char client_random[32],
+                           const unsigned char server_random[32],
+                           mbedtls_tls_prf_types tls_prf_type)
+{
+    eap_tls_keys *keys = (eap_tls_keys *) p_expkey;
+
+    ((void) kb);
+    memcpy(keys->master_secret, ms, sizeof(keys->master_secret));
+    memcpy(keys->randbytes, client_random, 32);
+    memcpy(keys->randbytes + 32, server_random, 32);
+    keys->tls_prf_type = tls_prf_type;
+
+    if (opt.debug_level > 2) {
+        mbedtls_printf("exported maclen is %u\n", (unsigned) maclen);
+        mbedtls_printf("exported keylen is %u\n", (unsigned) keylen);
+        mbedtls_printf("exported ivlen is %u\n", (unsigned) ivlen);
+    }
+    return 0;
+}
+
+int nss_keylog_export(void *p_expkey,
+                      const unsigned char *ms,
+                      const unsigned char *kb,
+                      size_t maclen,
+                      size_t keylen,
+                      size_t ivlen,
+                      const unsigned char client_random[32],
+                      const unsigned char server_random[32],
+                      mbedtls_tls_prf_types tls_prf_type)
+{
+    char nss_keylog_line[200];
+    size_t const client_random_len = 32;
+    size_t const master_secret_len = 48;
+    size_t len = 0;
+    size_t j;
+    int ret = 0;
+
+    ((void) p_expkey);
+    ((void) kb);
+    ((void) maclen);
+    ((void) keylen);
+    ((void) ivlen);
+    ((void) server_random);
+    ((void) tls_prf_type);
+
+    len += sprintf(nss_keylog_line + len,
+                   "%s", "CLIENT_RANDOM ");
+
+    for (j = 0; j < client_random_len; j++) {
+        len += sprintf(nss_keylog_line + len,
+                       "%02x", client_random[j]);
+    }
+
+    len += sprintf(nss_keylog_line + len, " ");
+
+    for (j = 0; j < master_secret_len; j++) {
+        len += sprintf(nss_keylog_line + len,
+                       "%02x", ms[j]);
+    }
+
+    len += sprintf(nss_keylog_line + len, "\n");
+    nss_keylog_line[len] = '\0';
+
+    mbedtls_printf("\n");
+    mbedtls_printf("---------------- NSS KEYLOG -----------------\n");
+    mbedtls_printf("%s", nss_keylog_line);
+    mbedtls_printf("---------------------------------------------\n");
+
+    if (opt.nss_keylog_file != NULL) {
+        FILE *f;
+
+        if ((f = fopen(opt.nss_keylog_file, "a")) == NULL) {
+            ret = -1;
+            goto exit;
+        }
+
+        if (fwrite(nss_keylog_line, 1, len, f) != len) {
+            ret = -1;
+            fclose(f);
+            goto exit;
+        }
+
+        fclose(f);
+    }
+
+exit:
+    mbedtls_platform_zeroize(nss_keylog_line,
+                             sizeof(nss_keylog_line));
+    return ret;
+}
+
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+int dtls_srtp_key_derivation(void *p_expkey,
+                             const unsigned char *ms,
+                             const unsigned char *kb,
+                             size_t maclen,
+                             size_t keylen,
+                             size_t ivlen,
+                             const unsigned char client_random[32],
+                             const unsigned char server_random[32],
+                             mbedtls_tls_prf_types tls_prf_type)
+{
+    dtls_srtp_keys *keys = (dtls_srtp_keys *) p_expkey;
+
+    ((void) kb);
+    memcpy(keys->master_secret, ms, sizeof(keys->master_secret));
+    memcpy(keys->randbytes, client_random, 32);
+    memcpy(keys->randbytes + 32, server_random, 32);
+    keys->tls_prf_type = tls_prf_type;
+
+    if (opt.debug_level > 2) {
+        mbedtls_printf("exported maclen is %u\n", (unsigned) maclen);
+        mbedtls_printf("exported keylen is %u\n", (unsigned) keylen);
+        mbedtls_printf("exported ivlen is %u\n", (unsigned) ivlen);
+    }
+    return 0;
+}
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
+#if defined(MBEDTLS_SSL_RECORD_CHECKING)
+int ssl_check_record(mbedtls_ssl_context const *ssl,
+                     unsigned char const *buf, size_t len)
+{
+    int my_ret = 0, ret_cr1, ret_cr2;
+    unsigned char *tmp_buf;
+
+    /* Record checking may modify the input buffer,
+     * so make a copy. */
+    tmp_buf = mbedtls_calloc(1, len);
+    if (tmp_buf == NULL) {
+        return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+    }
+    memcpy(tmp_buf, buf, len);
+
+    ret_cr1 = mbedtls_ssl_check_record(ssl, tmp_buf, len);
+    if (ret_cr1 != MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE) {
+        /* Test-only: Make sure that mbedtls_ssl_check_record()
+         *            doesn't alter state. */
+        memcpy(tmp_buf, buf, len);   /* Restore buffer */
+        ret_cr2 = mbedtls_ssl_check_record(ssl, tmp_buf, len);
+        if (ret_cr2 != ret_cr1) {
+            mbedtls_printf("mbedtls_ssl_check_record() returned inconsistent results.\n");
+            my_ret = -1;
+            goto cleanup;
+        }
+
+        switch (ret_cr1) {
+            case 0:
+                break;
+
+            case MBEDTLS_ERR_SSL_INVALID_RECORD:
+                if (opt.debug_level > 1) {
+                    mbedtls_printf("mbedtls_ssl_check_record() detected invalid record.\n");
+                }
+                break;
+
+            case MBEDTLS_ERR_SSL_INVALID_MAC:
+                if (opt.debug_level > 1) {
+                    mbedtls_printf("mbedtls_ssl_check_record() detected unauthentic record.\n");
+                }
+                break;
+
+            case MBEDTLS_ERR_SSL_UNEXPECTED_RECORD:
+                if (opt.debug_level > 1) {
+                    mbedtls_printf("mbedtls_ssl_check_record() detected unexpected record.\n");
+                }
+                break;
+
+            default:
+                mbedtls_printf("mbedtls_ssl_check_record() failed fatally with -%#04x.\n",
+                               (unsigned int) -ret_cr1);
+                my_ret = -1;
+                goto cleanup;
+        }
+
+        /* Regardless of the outcome, forward the record to the stack. */
+    }
+
+cleanup:
+    mbedtls_free(tmp_buf);
+
+    return my_ret;
+}
+#endif /* MBEDTLS_SSL_RECORD_CHECKING */
+
+int recv_cb(void *ctx, unsigned char *buf, size_t len)
+{
+    io_ctx_t *io_ctx = (io_ctx_t *) ctx;
+    size_t recv_len;
+    int ret;
+
+    if (opt.nbio == 2) {
+        ret = delayed_recv(io_ctx->net, buf, len);
+    } else {
+        ret = mbedtls_net_recv(io_ctx->net, buf, len);
+    }
+    if (ret < 0) {
+        return ret;
+    }
+    recv_len = (size_t) ret;
+
+    if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        /* Here's the place to do any datagram/record checking
+         * in between receiving the packet from the underlying
+         * transport and passing it on to the TLS stack. */
+#if defined(MBEDTLS_SSL_RECORD_CHECKING)
+        if (ssl_check_record(io_ctx->ssl, buf, recv_len) != 0) {
+            return -1;
+        }
+#endif /* MBEDTLS_SSL_RECORD_CHECKING */
+    }
+
+    return (int) recv_len;
+}
+
+int recv_timeout_cb(void *ctx, unsigned char *buf, size_t len,
+                    uint32_t timeout)
+{
+    io_ctx_t *io_ctx = (io_ctx_t *) ctx;
+    int ret;
+    size_t recv_len;
+
+    ret = mbedtls_net_recv_timeout(io_ctx->net, buf, len, timeout);
+    if (ret < 0) {
+        return ret;
+    }
+    recv_len = (size_t) ret;
+
+    if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        /* Here's the place to do any datagram/record checking
+         * in between receiving the packet from the underlying
+         * transport and passing it on to the TLS stack. */
+#if defined(MBEDTLS_SSL_RECORD_CHECKING)
+        if (ssl_check_record(io_ctx->ssl, buf, recv_len) != 0) {
+            return -1;
+        }
+#endif /* MBEDTLS_SSL_RECORD_CHECKING */
+    }
+
+    return (int) recv_len;
+}
+
+int send_cb(void *ctx, unsigned char const *buf, size_t len)
+{
+    io_ctx_t *io_ctx = (io_ctx_t *) ctx;
+
+    if (opt.nbio == 2) {
+        return delayed_send(io_ctx->net, buf, len);
+    }
+
+    return mbedtls_net_send(io_ctx->net, buf, len);
+}
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+int ssl_sig_hashes_for_test[] = {
+#if defined(MBEDTLS_SHA512_C)
+    MBEDTLS_MD_SHA512,
+    MBEDTLS_MD_SHA384,
+#endif
+#if defined(MBEDTLS_SHA256_C)
+    MBEDTLS_MD_SHA256,
+    MBEDTLS_MD_SHA224,
+#endif
+#if defined(MBEDTLS_SHA1_C)
+    /* Allow SHA-1 as we use it extensively in tests. */
+    MBEDTLS_MD_SHA1,
+#endif
+    MBEDTLS_MD_NONE
+};
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_test_lib.c b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_test_lib.c
new file mode 100644
index 0000000..839b445
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_test_lib.c
@@ -0,0 +1,343 @@
+/*
+ *  Common code library for SSL test programs.
+ *
+ *  In addition to the functions in this file, there is shared source code
+ *  that cannot be compiled separately in "ssl_test_common_source.c".
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "ssl_test_lib.h"
+
+#if defined(MBEDTLS_TEST_HOOKS)
+#include "test/helpers.h"
+#endif
+
+#if !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE)
+
+void my_debug(void *ctx, int level,
+              const char *file, int line,
+              const char *str)
+{
+    const char *p, *basename;
+
+    /* Extract basename from file */
+    for (p = basename = file; *p != '\0'; p++) {
+        if (*p == '/' || *p == '\\') {
+            basename = p + 1;
+        }
+    }
+
+    mbedtls_fprintf((FILE *) ctx, "%s:%04d: |%d| %s",
+                    basename, line, level, str);
+    fflush((FILE *) ctx);
+}
+
+#if defined(MBEDTLS_HAVE_TIME)
+mbedtls_time_t dummy_constant_time(mbedtls_time_t *time)
+{
+    (void) time;
+    return 0x5af2a056;
+}
+#endif
+
+#if !defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
+static int dummy_entropy(void *data, unsigned char *output, size_t len)
+{
+    size_t i;
+    int ret;
+    (void) data;
+
+    ret = mbedtls_entropy_func(data, output, len);
+    for (i = 0; i < len; i++) {
+        //replace result with pseudo random
+        output[i] = (unsigned char) rand();
+    }
+    return ret;
+}
+#endif
+
+void rng_init(rng_context_t *rng)
+{
+#if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
+    (void) rng;
+    psa_crypto_init();
+#else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+    mbedtls_ctr_drbg_init(&rng->drbg);
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+    mbedtls_hmac_drbg_init(&rng->drbg);
+#else
+#error "No DRBG available"
+#endif
+
+    mbedtls_entropy_init(&rng->entropy);
+#endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
+}
+
+int rng_seed(rng_context_t *rng, int reproducible, const char *pers)
+{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (reproducible) {
+        mbedtls_fprintf(stderr,
+                        "MBEDTLS_USE_PSA_CRYPTO does not support reproducible mode.\n");
+        return -1;
+    }
+#endif
+#if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
+    /* The PSA crypto RNG does its own seeding. */
+    (void) rng;
+    (void) pers;
+    if (reproducible) {
+        mbedtls_fprintf(stderr,
+                        "The PSA RNG does not support reproducible mode.\n");
+        return -1;
+    }
+    return 0;
+#else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
+    int (*f_entropy)(void *, unsigned char *, size_t) =
+        (reproducible ? dummy_entropy : mbedtls_entropy_func);
+
+    if (reproducible) {
+        srand(1);
+    }
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+    int ret = mbedtls_ctr_drbg_seed(&rng->drbg,
+                                    f_entropy, &rng->entropy,
+                                    (const unsigned char *) pers,
+                                    strlen(pers));
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+#if defined(MBEDTLS_SHA256_C)
+    const mbedtls_md_type_t md_type = MBEDTLS_MD_SHA256;
+#elif defined(MBEDTLS_SHA512_C)
+    const mbedtls_md_type_t md_type = MBEDTLS_MD_SHA512;
+#else
+#error "No message digest available for HMAC_DRBG"
+#endif
+    int ret = mbedtls_hmac_drbg_seed(&rng->drbg,
+                                     mbedtls_md_info_from_type(md_type),
+                                     f_entropy, &rng->entropy,
+                                     (const unsigned char *) pers,
+                                     strlen(pers));
+#else /* !defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_HMAC_DRBG_C) */
+#error "No DRBG available"
+#endif /* !defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_HMAC_DRBG_C) */
+
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned -0x%x\n",
+                       (unsigned int) -ret);
+        return ret;
+    }
+#endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
+
+    return 0;
+}
+
+void rng_free(rng_context_t *rng)
+{
+#if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
+    (void) rng;
+    /* Deinitialize the PSA crypto subsystem. This deactivates all PSA APIs.
+     * This is ok because none of our applications try to do any crypto after
+     * deinitializing the RNG. */
+    mbedtls_psa_crypto_free();
+#else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+    mbedtls_ctr_drbg_free(&rng->drbg);
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+    mbedtls_hmac_drbg_free(&rng->drbg);
+#else
+#error "No DRBG available"
+#endif
+
+    mbedtls_entropy_free(&rng->entropy);
+#endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
+}
+
+int rng_get(void *p_rng, unsigned char *output, size_t output_len)
+{
+#if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
+    (void) p_rng;
+    return mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE,
+                                  output, output_len);
+#else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
+    rng_context_t *rng = p_rng;
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+    return mbedtls_ctr_drbg_random(&rng->drbg, output, output_len);
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+    return mbedtls_hmac_drbg_random(&rng->drbg, output, output_len);
+#else
+#error "No DRBG available"
+#endif
+
+#endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
+}
+
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+int ca_callback(void *data, mbedtls_x509_crt const *child,
+                mbedtls_x509_crt **candidates)
+{
+    int ret = 0;
+    mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data;
+    mbedtls_x509_crt *first;
+
+    /* This is a test-only implementation of the CA callback
+     * which always returns the entire list of trusted certificates.
+     * Production implementations managing a large number of CAs
+     * should use an efficient presentation and lookup for the
+     * set of trusted certificates (such as a hashtable) and only
+     * return those trusted certificates which satisfy basic
+     * parental checks, such as the matching of child `Issuer`
+     * and parent `Subject` field or matching key identifiers. */
+    ((void) child);
+
+    first = mbedtls_calloc(1, sizeof(mbedtls_x509_crt));
+    if (first == NULL) {
+        ret = -1;
+        goto exit;
+    }
+    mbedtls_x509_crt_init(first);
+
+    if (mbedtls_x509_crt_parse_der(first, ca->raw.p, ca->raw.len) != 0) {
+        ret = -1;
+        goto exit;
+    }
+
+    while (ca->next != NULL) {
+        ca = ca->next;
+        if (mbedtls_x509_crt_parse_der(first, ca->raw.p, ca->raw.len) != 0) {
+            ret = -1;
+            goto exit;
+        }
+    }
+
+exit:
+
+    if (ret != 0) {
+        mbedtls_x509_crt_free(first);
+        mbedtls_free(first);
+        first = NULL;
+    }
+
+    *candidates = first;
+    return ret;
+}
+#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+
+int delayed_recv(void *ctx, unsigned char *buf, size_t len)
+{
+    static int first_try = 1;
+    int ret;
+
+    if (first_try) {
+        first_try = 0;
+        return MBEDTLS_ERR_SSL_WANT_READ;
+    }
+
+    ret = mbedtls_net_recv(ctx, buf, len);
+    if (ret != MBEDTLS_ERR_SSL_WANT_READ) {
+        first_try = 1; /* Next call will be a new operation */
+    }
+    return ret;
+}
+
+int delayed_send(void *ctx, const unsigned char *buf, size_t len)
+{
+    static int first_try = 1;
+    int ret;
+
+    if (first_try) {
+        first_try = 0;
+        return MBEDTLS_ERR_SSL_WANT_WRITE;
+    }
+
+    ret = mbedtls_net_send(ctx, buf, len);
+    if (ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+        first_try = 1; /* Next call will be a new operation */
+    }
+    return ret;
+}
+
+#if !defined(MBEDTLS_TIMING_C)
+int idle(mbedtls_net_context *fd,
+         int idle_reason)
+#else
+int idle(mbedtls_net_context *fd,
+         mbedtls_timing_delay_context *timer,
+         int idle_reason)
+#endif
+{
+    int ret;
+    int poll_type = 0;
+
+    if (idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE) {
+        poll_type = MBEDTLS_NET_POLL_WRITE;
+    } else if (idle_reason == MBEDTLS_ERR_SSL_WANT_READ) {
+        poll_type = MBEDTLS_NET_POLL_READ;
+    }
+#if !defined(MBEDTLS_TIMING_C)
+    else {
+        return 0;
+    }
+#endif
+
+    while (1) {
+        /* Check if timer has expired */
+#if defined(MBEDTLS_TIMING_C)
+        if (timer != NULL &&
+            mbedtls_timing_get_delay(timer) == 2) {
+            break;
+        }
+#endif /* MBEDTLS_TIMING_C */
+
+        /* Check if underlying transport became available */
+        if (poll_type != 0) {
+            ret = mbedtls_net_poll(fd, poll_type, 0);
+            if (ret < 0) {
+                return ret;
+            }
+            if (ret == poll_type) {
+                break;
+            }
+        }
+    }
+
+    return 0;
+}
+
+#if defined(MBEDTLS_TEST_HOOKS)
+
+void test_hooks_init(void)
+{
+    mbedtls_test_info_reset();
+
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+    mbedtls_test_mutex_usage_init();
+#endif
+}
+
+int test_hooks_failure_detected(void)
+{
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+    /* Errors are reported via mbedtls_test_info. */
+    mbedtls_test_mutex_usage_check();
+#endif
+
+    if (mbedtls_test_info.result != MBEDTLS_TEST_RESULT_SUCCESS) {
+        return 1;
+    }
+    return 0;
+}
+
+void test_hooks_free(void)
+{
+}
+
+#endif /* MBEDTLS_TEST_HOOKS */
+
+#endif /* !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) */
diff --git a/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_test_lib.h b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_test_lib.h
new file mode 100644
index 0000000..abce760
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/ssl/ssl_test_lib.h
@@ -0,0 +1,267 @@
+/*
+ *  Common code for SSL test programs
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H
+#define MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H
+
+#include "mbedtls/version.h"
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#undef HAVE_RNG
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) &&         \
+    (defined(MBEDTLS_USE_PSA_CRYPTO) ||                \
+    defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG))
+#define HAVE_RNG
+#elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C)
+#define HAVE_RNG
+#elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_HMAC_DRBG_C) &&     \
+    (defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA512_C))
+#define HAVE_RNG
+#endif
+
+#if !defined(MBEDTLS_NET_C) ||                              \
+    !defined(MBEDTLS_SSL_TLS_C) ||                          \
+    defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+#define MBEDTLS_SSL_TEST_IMPOSSIBLE                             \
+    "MBEDTLS_NET_C and/or "                                     \
+    "MBEDTLS_SSL_TLS_C not defined, "                           \
+    "and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined.\n"
+#elif !defined(HAVE_RNG)
+#define MBEDTLS_SSL_TEST_IMPOSSIBLE             \
+    "No random generator is available.\n"
+#else
+#undef MBEDTLS_SSL_TEST_IMPOSSIBLE
+
+#undef HAVE_RNG
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/hmac_drbg.h"
+#include "mbedtls/certs.h"
+#include "mbedtls/x509.h"
+#include "mbedtls/error.h"
+#include "mbedtls/debug.h"
+#include "mbedtls/timing.h"
+#include "mbedtls/base64.h"
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#endif
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+#include "mbedtls/memory_buffer_alloc.h"
+#endif
+
+#include <test/helpers.h>
+
+#include "../test/query_config.h"
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+
+typedef struct eap_tls_keys {
+    unsigned char master_secret[48];
+    unsigned char randbytes[64];
+    mbedtls_tls_prf_types tls_prf_type;
+} eap_tls_keys;
+
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+
+/* Supported SRTP mode needs a maximum of :
+ * - 16 bytes for key (AES-128)
+ * - 14 bytes SALT
+ * One for sender, one for receiver context
+ */
+#define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH    60
+
+typedef struct dtls_srtp_keys {
+    unsigned char master_secret[48];
+    unsigned char randbytes[64];
+    mbedtls_tls_prf_types tls_prf_type;
+} dtls_srtp_keys;
+
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
+typedef struct {
+    mbedtls_ssl_context *ssl;
+    mbedtls_net_context *net;
+} io_ctx_t;
+
+void my_debug(void *ctx, int level,
+              const char *file, int line,
+              const char *str);
+
+#if defined(MBEDTLS_HAVE_TIME)
+mbedtls_time_t dummy_constant_time(mbedtls_time_t *time);
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/* If MBEDTLS_TEST_USE_PSA_CRYPTO_RNG is defined, the SSL test programs will use
+ * mbedtls_psa_get_random() rather than entropy+DRBG as a random generator.
+ *
+ * The constraints are:
+ * - Without the entropy module, the PSA RNG is the only option.
+ * - Without at least one of the DRBG modules, the PSA RNG is the only option.
+ * - The PSA RNG does not support explicit seeding, so it is incompatible with
+ *   the reproducible mode used by test programs.
+ * - For good overall test coverage, there should be at least one configuration
+ *   where the test programs use the PSA RNG while the PSA RNG is itself based
+ *   on entropy+DRBG, and at least one configuration where the test programs
+ *   do not use the PSA RNG even though it's there.
+ *
+ * A simple choice that meets the constraints is to use the PSA RNG whenever
+ * MBEDTLS_USE_PSA_CRYPTO is enabled. There's no real technical reason the
+ * choice to use the PSA RNG in the test programs and the choice to use
+ * PSA crypto when TLS code needs crypto have to be tied together, but it
+ * happens to be a good match. It's also a good match from an application
+ * perspective: either PSA is preferred for TLS (both for crypto and for
+ * random generation) or it isn't.
+ */
+#define MBEDTLS_TEST_USE_PSA_CRYPTO_RNG
+#endif
+
+/** A context for random number generation (RNG).
+ */
+typedef struct {
+#if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
+    unsigned char dummy;
+#else /* MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
+    mbedtls_entropy_context entropy;
+#if defined(MBEDTLS_CTR_DRBG_C)
+    mbedtls_ctr_drbg_context drbg;
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+    mbedtls_hmac_drbg_context drbg;
+#else
+#error "No DRBG available"
+#endif
+#endif /* MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
+} rng_context_t;
+
+/** Initialize the RNG.
+ *
+ * This function only initializes the memory used by the RNG context.
+ * Before using the RNG, it must be seeded with rng_seed().
+ */
+void rng_init(rng_context_t *rng);
+
+/* Seed the random number generator.
+ *
+ * \param rng           The RNG context to use. It must have been initialized
+ *                      with rng_init().
+ * \param reproducible  If zero, seed the RNG from entropy.
+ *                      If nonzero, use a fixed seed, so that the program
+ *                      will produce the same sequence of random numbers
+ *                      each time it is invoked.
+ * \param pers          A null-terminated string. Different values for this
+ *                      string cause the RNG to emit different output for
+ *                      the same seed.
+ *
+ * return 0 on success, a negative value on error.
+ */
+int rng_seed(rng_context_t *rng, int reproducible, const char *pers);
+
+/** Deinitialize the RNG. Free any embedded resource.
+ *
+ * \param rng           The RNG context to deinitialize. It must have been
+ *                      initialized with rng_init().
+ */
+void rng_free(rng_context_t *rng);
+
+/** Generate random data.
+ *
+ * This function is suitable for use as the \c f_rng argument to Mbed TLS
+ * library functions.
+ *
+ * \param p_rng         The random generator context. This must be a pointer to
+ *                      a #rng_context_t structure.
+ * \param output        The buffer to fill.
+ * \param output_len    The length of the buffer in bytes.
+ *
+ * \return              \c 0 on success.
+ * \return              An Mbed TLS error code on error.
+ */
+int rng_get(void *p_rng, unsigned char *output, size_t output_len);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+/* The test implementation of the PSA external RNG is insecure. When
+ * MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled, before using any PSA crypto
+ * function that makes use of an RNG, you must call
+ * mbedtls_test_enable_insecure_external_rng(). */
+#include <test/fake_external_rng_for_test.h>
+#endif
+
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+int ca_callback(void *data, mbedtls_x509_crt const *child,
+                mbedtls_x509_crt **candidates);
+#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+
+/*
+ * Test recv/send functions that make sure each try returns
+ * WANT_READ/WANT_WRITE at least once before succeeding
+ */
+int delayed_recv(void *ctx, unsigned char *buf, size_t len);
+int delayed_send(void *ctx, const unsigned char *buf, size_t len);
+
+/*
+ * Wait for an event from the underlying transport or the timer
+ * (Used in event-driven IO mode).
+ */
+int idle(mbedtls_net_context *fd,
+#if defined(MBEDTLS_TIMING_C)
+         mbedtls_timing_delay_context *timer,
+#endif
+         int idle_reason);
+
+#if defined(MBEDTLS_TEST_HOOKS)
+/** Initialize whatever test hooks are enabled by the compile-time
+ * configuration and make sense for the TLS test programs. */
+void test_hooks_init(void);
+
+/** Check if any test hooks detected a problem.
+ *
+ * If a problem was detected, it's ok for the calling program to keep going,
+ * but it should ultimately exit with an error status.
+ *
+ * \note When implementing a test hook that detects errors on its own
+ *       (as opposed to e.g. leaving the error for a memory sanitizer to
+ *       report), make sure to print a message to standard error either at
+ *       the time the problem is detected or during the execution of this
+ *       function. This function does not indicate what problem was detected,
+ *       so printing a message is the only way to provide feedback in the
+ *       logs of the calling program.
+ *
+ * \return Nonzero if a problem was detected.
+ *         \c 0 if no problem was detected.
+ */
+int test_hooks_failure_detected(void);
+
+/** Free any resources allocated for the sake of test hooks.
+ *
+ * Call this at the end of the program so that resource leak analyzers
+ * don't complain.
+ */
+void test_hooks_free(void);
+
+#endif /* !MBEDTLS_TEST_HOOKS */
+
+#endif /* MBEDTLS_SSL_TEST_IMPOSSIBLE conditions: else */
+#endif /* MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H */
diff --git a/3rdparty/mbedtls-2.28.7/programs/test/CMakeLists.txt b/3rdparty/mbedtls-2.28.7/programs/test/CMakeLists.txt
new file mode 100644
index 0000000..403797c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/test/CMakeLists.txt
@@ -0,0 +1,65 @@
+set(libs
+    ${mbedtls_target}
+)
+
+if(USE_PKCS11_HELPER_LIBRARY)
+    set(libs ${libs} pkcs11-helper)
+endif(USE_PKCS11_HELPER_LIBRARY)
+
+if(ENABLE_ZLIB_SUPPORT)
+    set(libs ${libs} ${ZLIB_LIBRARIES})
+endif(ENABLE_ZLIB_SUPPORT)
+
+set(executables_libs
+    selftest
+    udp_proxy
+)
+
+set(executables_mbedcrypto
+    benchmark
+    query_compile_time_config
+    zeroize
+)
+
+if(TEST_CPP)
+    set(cpp_dummy_build_cpp "${CMAKE_CURRENT_BINARY_DIR}/cpp_dummy_build.cpp")
+    set(generate_cpp_dummy_build "${CMAKE_CURRENT_SOURCE_DIR}/generate_cpp_dummy_build.sh")
+    add_custom_command(
+        OUTPUT "${cpp_dummy_build_cpp}"
+        COMMAND "${generate_cpp_dummy_build}" "${cpp_dummy_build_cpp}"
+        DEPENDS "${generate_cpp_dummy_build}"
+        WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}"
+    )
+    add_executable(cpp_dummy_build "${cpp_dummy_build_cpp}")
+    target_include_directories(cpp_dummy_build PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../include)
+    target_link_libraries(cpp_dummy_build ${mbedcrypto_target})
+endif()
+
+if(USE_SHARED_MBEDTLS_LIBRARY AND
+   NOT ${CMAKE_SYSTEM_NAME} MATCHES "[Ww][Ii][Nn]")
+    add_executable(dlopen "dlopen.c")
+    target_include_directories(dlopen PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../include)
+    target_link_libraries(dlopen ${CMAKE_DL_LIBS})
+endif()
+
+foreach(exe IN LISTS executables_libs executables_mbedcrypto)
+    set(extra_sources "")
+    if(exe STREQUAL "query_compile_time_config")
+        list(APPEND extra_sources
+            ${CMAKE_CURRENT_SOURCE_DIR}/query_config.c)
+    endif()
+    add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>
+        ${extra_sources})
+
+    # This emulates "if ( ... IN_LIST ... )" which becomes available in CMake 3.3
+    list(FIND executables_libs ${exe} exe_index)
+    if (${exe_index} GREATER -1)
+        target_link_libraries(${exe} ${libs})
+    else()
+        target_link_libraries(${exe} ${mbedcrypto_target})
+    endif()
+endforeach()
+
+install(TARGETS ${executables_libs} ${executables_mbedcrypto}
+        DESTINATION "bin"
+        PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/3rdparty/mbedtls-2.28.7/programs/test/benchmark.c b/3rdparty/mbedtls-2.28.7/programs/test/benchmark.c
new file mode 100644
index 0000000..a15aa21
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/test/benchmark.c
@@ -0,0 +1,1089 @@
+/*
+ *  Benchmark demonstration program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_TIMING_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_TIMING_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include <string.h>
+#include <stdlib.h>
+
+#include "mbedtls/timing.h"
+
+#include "mbedtls/md4.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/ripemd160.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+
+#include "mbedtls/arc4.h"
+#include "mbedtls/des.h"
+#include "mbedtls/aes.h"
+#include "mbedtls/aria.h"
+#include "mbedtls/blowfish.h"
+#include "mbedtls/camellia.h"
+#include "mbedtls/chacha20.h"
+#include "mbedtls/gcm.h"
+#include "mbedtls/ccm.h"
+#include "mbedtls/chachapoly.h"
+#include "mbedtls/cmac.h"
+#include "mbedtls/poly1305.h"
+
+#include "mbedtls/havege.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/hmac_drbg.h"
+
+#include "mbedtls/rsa.h"
+#include "mbedtls/dhm.h"
+#include "mbedtls/ecdsa.h"
+#include "mbedtls/ecdh.h"
+
+#include "mbedtls/error.h"
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+#include "mbedtls/memory_buffer_alloc.h"
+#endif
+
+/*
+ * For heap usage estimates, we need an estimate of the overhead per allocated
+ * block. ptmalloc2/3 (used in gnu libc for instance) uses 2 size_t per block,
+ * so use that as our baseline.
+ */
+#define MEM_BLOCK_OVERHEAD  (2 * sizeof(size_t))
+
+/*
+ * Size to use for the alloc buffer if MEMORY_BUFFER_ALLOC_C is defined.
+ */
+#define HEAP_SIZE       (1u << 16)  /* 64k */
+
+#define BUFSIZE         1024
+#define HEADER_FORMAT   "  %-24s :  "
+#define TITLE_LEN       25
+
+#define OPTIONS                                                         \
+    "md4, md5, ripemd160, sha1, sha256, sha512,\n"                      \
+    "arc4, des3, des, camellia, blowfish, chacha20,\n"                  \
+    "aes_cbc, aes_gcm, aes_ccm, aes_xts, chachapoly,\n"                 \
+    "aes_cmac, des3_cmac, poly1305\n"                                   \
+    "havege, ctr_drbg, hmac_drbg\n"                                     \
+    "rsa, dhm, ecdsa, ecdh.\n"
+
+#if defined(MBEDTLS_ERROR_C)
+#define PRINT_ERROR                                                     \
+    mbedtls_strerror(ret, (char *) tmp, sizeof(tmp));          \
+    mbedtls_printf("FAILED: %s\n", tmp);
+#else
+#define PRINT_ERROR                                                     \
+    mbedtls_printf("FAILED: -0x%04x\n", (unsigned int) -ret);
+#endif
+
+#define TIME_AND_TSC(TITLE, CODE)                                     \
+    do {                                                                    \
+        unsigned long ii, jj, tsc;                                          \
+        int ret = 0;                                                        \
+                                                                        \
+        mbedtls_printf(HEADER_FORMAT, TITLE);                             \
+        fflush(stdout);                                                   \
+                                                                        \
+        mbedtls_set_alarm(1);                                             \
+        for (ii = 1; ret == 0 && !mbedtls_timing_alarmed; ii++)           \
+        {                                                                   \
+            ret = CODE;                                                     \
+        }                                                                   \
+                                                                        \
+        tsc = mbedtls_timing_hardclock();                                   \
+        for (jj = 0; ret == 0 && jj < 1024; jj++)                          \
+        {                                                                   \
+            ret = CODE;                                                     \
+        }                                                                   \
+                                                                        \
+        if (ret != 0)                                                      \
+        {                                                                   \
+            PRINT_ERROR;                                                    \
+        }                                                                   \
+        else                                                                \
+        {                                                                   \
+            mbedtls_printf("%9lu KiB/s,  %9lu cycles/byte\n",              \
+                           ii * BUFSIZE / 1024,                           \
+                           (mbedtls_timing_hardclock() - tsc)           \
+                           / (jj * BUFSIZE));                          \
+        }                                                                   \
+    } while (0)
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && defined(MBEDTLS_MEMORY_DEBUG)
+
+/* How much space to reserve for the title when printing heap usage results.
+ * Updated manually as the output of the following command:
+ *
+ *  sed -n 's/.*[T]IME_PUBLIC.*"\(.*\)",/\1/p' programs/test/benchmark.c |
+ *      awk '{print length+3}' | sort -rn | head -n1
+ *
+ * This computes the maximum length of a title +3, because we appends "/s" and
+ * want at least one space. (If the value is too small, the only consequence
+ * is poor alignment.) */
+#define TITLE_SPACE 17
+
+#define MEMORY_MEASURE_INIT                                             \
+    size_t max_used, max_blocks, max_bytes;                             \
+    size_t prv_used, prv_blocks;                                        \
+    mbedtls_memory_buffer_alloc_cur_get(&prv_used, &prv_blocks);      \
+    mbedtls_memory_buffer_alloc_max_reset();
+
+#define MEMORY_MEASURE_PRINT(title_len)                               \
+    mbedtls_memory_buffer_alloc_max_get(&max_used, &max_blocks);      \
+    ii = TITLE_SPACE > (title_len) ? TITLE_SPACE - (title_len) : 1;     \
+    while (ii--) mbedtls_printf(" ");                                \
+    max_used -= prv_used;                                               \
+    max_blocks -= prv_blocks;                                           \
+    max_bytes = max_used + MEM_BLOCK_OVERHEAD * max_blocks;             \
+    mbedtls_printf("%6u heap bytes", (unsigned) max_bytes);
+
+#else
+#define MEMORY_MEASURE_INIT
+#define MEMORY_MEASURE_PRINT(title_len)
+#endif
+
+#define TIME_PUBLIC(TITLE, TYPE, CODE)                                \
+    do {                                                                    \
+        unsigned long ii;                                                   \
+        int ret;                                                            \
+        MEMORY_MEASURE_INIT;                                                \
+                                                                        \
+        mbedtls_printf(HEADER_FORMAT, TITLE);                             \
+        fflush(stdout);                                                   \
+        mbedtls_set_alarm(3);                                             \
+                                                                        \
+        ret = 0;                                                            \
+        for (ii = 1; !mbedtls_timing_alarmed && !ret; ii++)             \
+        {                                                                   \
+            CODE;                                                           \
+        }                                                                   \
+                                                                        \
+        if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED)               \
+        {                                                                   \
+            mbedtls_printf("Feature Not Supported. Skipping.\n");         \
+            ret = 0;                                                        \
+        }                                                                   \
+        else if (ret != 0)                                                 \
+        {                                                                   \
+            PRINT_ERROR;                                                    \
+        }                                                                   \
+        else                                                                \
+        {                                                                   \
+            mbedtls_printf("%6lu " TYPE "/s", ii / 3);                    \
+            MEMORY_MEASURE_PRINT(sizeof(TYPE) + 1);                     \
+            mbedtls_printf("\n");                                         \
+        }                                                                   \
+    } while (0)
+
+static int myrand(void *rng_state, unsigned char *output, size_t len)
+{
+    size_t use_len;
+    int rnd;
+
+    if (rng_state != NULL) {
+        rng_state  = NULL;
+    }
+
+    while (len > 0) {
+        use_len = len;
+        if (use_len > sizeof(int)) {
+            use_len = sizeof(int);
+        }
+
+        rnd = rand();
+        memcpy(output, &rnd, use_len);
+        output += use_len;
+        len -= use_len;
+    }
+
+    return 0;
+}
+
+#define CHECK_AND_CONTINUE(R)                                         \
+    {                                                                   \
+        int CHECK_AND_CONTINUE_ret = (R);                             \
+        if (CHECK_AND_CONTINUE_ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED) { \
+            mbedtls_printf("Feature not supported. Skipping.\n");     \
+            continue;                                                   \
+        }                                                               \
+        else if (CHECK_AND_CONTINUE_ret != 0) {                        \
+            mbedtls_exit(1);                                          \
+        }                                                               \
+    }
+
+/*
+ * Clear some memory that was used to prepare the context
+ */
+#if defined(MBEDTLS_ECP_C)
+void ecp_clear_precomputed(mbedtls_ecp_group *grp)
+{
+    if (grp->T != NULL) {
+        size_t i;
+        for (i = 0; i < grp->T_size; i++) {
+            mbedtls_ecp_point_free(&grp->T[i]);
+        }
+        mbedtls_free(grp->T);
+    }
+    grp->T = NULL;
+    grp->T_size = 0;
+}
+#else
+#define ecp_clear_precomputed(g)
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+static int set_ecp_curve(const char *string, mbedtls_ecp_curve_info *curve)
+{
+    const mbedtls_ecp_curve_info *found =
+        mbedtls_ecp_curve_info_from_name(string);
+    if (found != NULL) {
+        *curve = *found;
+        return 1;
+    } else {
+        return 0;
+    }
+}
+#endif
+
+unsigned char buf[BUFSIZE];
+
+typedef struct {
+    char md4, md5, ripemd160, sha1, sha256, sha512,
+         arc4, des3, des,
+         aes_cbc, aes_gcm, aes_ccm, aes_xts, chachapoly,
+         aes_cmac, des3_cmac,
+         aria, camellia, blowfish, chacha20,
+         poly1305,
+         havege, ctr_drbg, hmac_drbg,
+         rsa, dhm, ecdsa, ecdh;
+} todo_list;
+
+
+int main(int argc, char *argv[])
+{
+    int i;
+    unsigned char tmp[200];
+    char title[TITLE_LEN];
+    todo_list todo;
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+    unsigned char alloc_buf[HEAP_SIZE] = { 0 };
+#endif
+#if defined(MBEDTLS_ECP_C)
+    mbedtls_ecp_curve_info single_curve[2] = {
+        { MBEDTLS_ECP_DP_NONE, 0, 0, NULL },
+        { MBEDTLS_ECP_DP_NONE, 0, 0, NULL },
+    };
+    const mbedtls_ecp_curve_info *curve_list = mbedtls_ecp_curve_list();
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+    (void) curve_list; /* Unused in some configurations where no benchmark uses ECC */
+#endif
+
+    if (argc <= 1) {
+        memset(&todo, 1, sizeof(todo));
+    } else {
+        memset(&todo, 0, sizeof(todo));
+
+        for (i = 1; i < argc; i++) {
+            if (strcmp(argv[i], "md4") == 0) {
+                todo.md4 = 1;
+            } else if (strcmp(argv[i], "md5") == 0) {
+                todo.md5 = 1;
+            } else if (strcmp(argv[i], "ripemd160") == 0) {
+                todo.ripemd160 = 1;
+            } else if (strcmp(argv[i], "sha1") == 0) {
+                todo.sha1 = 1;
+            } else if (strcmp(argv[i], "sha256") == 0) {
+                todo.sha256 = 1;
+            } else if (strcmp(argv[i], "sha512") == 0) {
+                todo.sha512 = 1;
+            } else if (strcmp(argv[i], "arc4") == 0) {
+                todo.arc4 = 1;
+            } else if (strcmp(argv[i], "des3") == 0) {
+                todo.des3 = 1;
+            } else if (strcmp(argv[i], "des") == 0) {
+                todo.des = 1;
+            } else if (strcmp(argv[i], "aes_cbc") == 0) {
+                todo.aes_cbc = 1;
+            } else if (strcmp(argv[i], "aes_xts") == 0) {
+                todo.aes_xts = 1;
+            } else if (strcmp(argv[i], "aes_gcm") == 0) {
+                todo.aes_gcm = 1;
+            } else if (strcmp(argv[i], "aes_ccm") == 0) {
+                todo.aes_ccm = 1;
+            } else if (strcmp(argv[i], "chachapoly") == 0) {
+                todo.chachapoly = 1;
+            } else if (strcmp(argv[i], "aes_cmac") == 0) {
+                todo.aes_cmac = 1;
+            } else if (strcmp(argv[i], "des3_cmac") == 0) {
+                todo.des3_cmac = 1;
+            } else if (strcmp(argv[i], "aria") == 0) {
+                todo.aria = 1;
+            } else if (strcmp(argv[i], "camellia") == 0) {
+                todo.camellia = 1;
+            } else if (strcmp(argv[i], "blowfish") == 0) {
+                todo.blowfish = 1;
+            } else if (strcmp(argv[i], "chacha20") == 0) {
+                todo.chacha20 = 1;
+            } else if (strcmp(argv[i], "poly1305") == 0) {
+                todo.poly1305 = 1;
+            } else if (strcmp(argv[i], "havege") == 0) {
+                todo.havege = 1;
+            } else if (strcmp(argv[i], "ctr_drbg") == 0) {
+                todo.ctr_drbg = 1;
+            } else if (strcmp(argv[i], "hmac_drbg") == 0) {
+                todo.hmac_drbg = 1;
+            } else if (strcmp(argv[i], "rsa") == 0) {
+                todo.rsa = 1;
+            } else if (strcmp(argv[i], "dhm") == 0) {
+                todo.dhm = 1;
+            } else if (strcmp(argv[i], "ecdsa") == 0) {
+                todo.ecdsa = 1;
+            } else if (strcmp(argv[i], "ecdh") == 0) {
+                todo.ecdh = 1;
+            }
+#if defined(MBEDTLS_ECP_C)
+            else if (set_ecp_curve(argv[i], single_curve)) {
+                curve_list = single_curve;
+            }
+#endif
+            else {
+                mbedtls_printf("Unrecognized option: %s\n", argv[i]);
+                mbedtls_printf("Available options: " OPTIONS);
+            }
+        }
+    }
+
+    mbedtls_printf("\n");
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+    mbedtls_memory_buffer_alloc_init(alloc_buf, sizeof(alloc_buf));
+#endif
+    memset(buf, 0xAA, sizeof(buf));
+    memset(tmp, 0xBB, sizeof(tmp));
+
+#if defined(MBEDTLS_MD4_C)
+    if (todo.md4) {
+        TIME_AND_TSC("MD4", mbedtls_md4_ret(buf, BUFSIZE, tmp));
+    }
+#endif
+
+#if defined(MBEDTLS_MD5_C)
+    if (todo.md5) {
+        TIME_AND_TSC("MD5", mbedtls_md5_ret(buf, BUFSIZE, tmp));
+    }
+#endif
+
+#if defined(MBEDTLS_RIPEMD160_C)
+    if (todo.ripemd160) {
+        TIME_AND_TSC("RIPEMD160", mbedtls_ripemd160_ret(buf, BUFSIZE, tmp));
+    }
+#endif
+
+#if defined(MBEDTLS_SHA1_C)
+    if (todo.sha1) {
+        TIME_AND_TSC("SHA-1", mbedtls_sha1_ret(buf, BUFSIZE, tmp));
+    }
+#endif
+
+#if defined(MBEDTLS_SHA256_C)
+    if (todo.sha256) {
+        TIME_AND_TSC("SHA-256", mbedtls_sha256_ret(buf, BUFSIZE, tmp, 0));
+    }
+#endif
+
+#if defined(MBEDTLS_SHA512_C)
+    if (todo.sha512) {
+        TIME_AND_TSC("SHA-512", mbedtls_sha512_ret(buf, BUFSIZE, tmp, 0));
+    }
+#endif
+
+#if defined(MBEDTLS_ARC4_C)
+    if (todo.arc4) {
+        mbedtls_arc4_context arc4;
+        mbedtls_arc4_init(&arc4);
+        mbedtls_arc4_setup(&arc4, tmp, 32);
+        TIME_AND_TSC("ARC4", mbedtls_arc4_crypt(&arc4, BUFSIZE, buf, buf));
+        mbedtls_arc4_free(&arc4);
+    }
+#endif
+
+#if defined(MBEDTLS_DES_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    if (todo.des3) {
+        mbedtls_des3_context des3;
+        mbedtls_des3_init(&des3);
+        if (mbedtls_des3_set3key_enc(&des3, tmp) != 0) {
+            mbedtls_exit(1);
+        }
+        TIME_AND_TSC("3DES",
+                     mbedtls_des3_crypt_cbc(&des3, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf));
+        mbedtls_des3_free(&des3);
+    }
+
+    if (todo.des) {
+        mbedtls_des_context des;
+        mbedtls_des_init(&des);
+        if (mbedtls_des_setkey_enc(&des, tmp) != 0) {
+            mbedtls_exit(1);
+        }
+        TIME_AND_TSC("DES",
+                     mbedtls_des_crypt_cbc(&des, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf));
+        mbedtls_des_free(&des);
+    }
+
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#if defined(MBEDTLS_CMAC_C)
+    if (todo.des3_cmac) {
+        unsigned char output[8];
+        const mbedtls_cipher_info_t *cipher_info;
+
+        memset(buf, 0, sizeof(buf));
+        memset(tmp, 0, sizeof(tmp));
+
+        cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_DES_EDE3_ECB);
+
+        TIME_AND_TSC("3DES-CMAC",
+                     mbedtls_cipher_cmac(cipher_info, tmp, 192, buf,
+                                         BUFSIZE, output));
+    }
+#endif /* MBEDTLS_CMAC_C */
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    if (todo.aes_cbc) {
+        int keysize;
+        mbedtls_aes_context aes;
+        mbedtls_aes_init(&aes);
+        for (keysize = 128; keysize <= 256; keysize += 64) {
+            mbedtls_snprintf(title, sizeof(title), "AES-CBC-%d", keysize);
+
+            memset(buf, 0, sizeof(buf));
+            memset(tmp, 0, sizeof(tmp));
+            CHECK_AND_CONTINUE(mbedtls_aes_setkey_enc(&aes, tmp, keysize));
+
+            TIME_AND_TSC(title,
+                         mbedtls_aes_crypt_cbc(&aes, MBEDTLS_AES_ENCRYPT, BUFSIZE, tmp, buf, buf));
+        }
+        mbedtls_aes_free(&aes);
+    }
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    if (todo.aes_xts) {
+        int keysize;
+        mbedtls_aes_xts_context ctx;
+
+        mbedtls_aes_xts_init(&ctx);
+        for (keysize = 128; keysize <= 256; keysize += 128) {
+            mbedtls_snprintf(title, sizeof(title), "AES-XTS-%d", keysize);
+
+            memset(buf, 0, sizeof(buf));
+            memset(tmp, 0, sizeof(tmp));
+            CHECK_AND_CONTINUE(mbedtls_aes_xts_setkey_enc(&ctx, tmp, keysize * 2));
+
+            TIME_AND_TSC(title,
+                         mbedtls_aes_crypt_xts(&ctx, MBEDTLS_AES_ENCRYPT, BUFSIZE,
+                                               tmp, buf, buf));
+
+            mbedtls_aes_xts_free(&ctx);
+        }
+    }
+#endif
+#if defined(MBEDTLS_GCM_C)
+    if (todo.aes_gcm) {
+        int keysize;
+        mbedtls_gcm_context gcm;
+
+        mbedtls_gcm_init(&gcm);
+        for (keysize = 128; keysize <= 256; keysize += 64) {
+            mbedtls_snprintf(title, sizeof(title), "AES-GCM-%d", keysize);
+
+            memset(buf, 0, sizeof(buf));
+            memset(tmp, 0, sizeof(tmp));
+            mbedtls_gcm_setkey(&gcm, MBEDTLS_CIPHER_ID_AES, tmp, keysize);
+
+            TIME_AND_TSC(title,
+                         mbedtls_gcm_crypt_and_tag(&gcm, MBEDTLS_GCM_ENCRYPT, BUFSIZE, tmp,
+                                                   12, NULL, 0, buf, buf, 16, tmp));
+
+            mbedtls_gcm_free(&gcm);
+        }
+    }
+#endif
+#if defined(MBEDTLS_CCM_C)
+    if (todo.aes_ccm) {
+        int keysize;
+        mbedtls_ccm_context ccm;
+
+        mbedtls_ccm_init(&ccm);
+        for (keysize = 128; keysize <= 256; keysize += 64) {
+            mbedtls_snprintf(title, sizeof(title), "AES-CCM-%d", keysize);
+
+            memset(buf, 0, sizeof(buf));
+            memset(tmp, 0, sizeof(tmp));
+            mbedtls_ccm_setkey(&ccm, MBEDTLS_CIPHER_ID_AES, tmp, keysize);
+
+            TIME_AND_TSC(title,
+                         mbedtls_ccm_encrypt_and_tag(&ccm, BUFSIZE, tmp,
+                                                     12, NULL, 0, buf, buf, tmp, 16));
+
+            mbedtls_ccm_free(&ccm);
+        }
+    }
+#endif
+#if defined(MBEDTLS_CHACHAPOLY_C)
+    if (todo.chachapoly) {
+        mbedtls_chachapoly_context chachapoly;
+
+        mbedtls_chachapoly_init(&chachapoly);
+        memset(buf, 0, sizeof(buf));
+        memset(tmp, 0, sizeof(tmp));
+
+        mbedtls_snprintf(title, sizeof(title), "ChaCha20-Poly1305");
+
+        mbedtls_chachapoly_setkey(&chachapoly, tmp);
+
+        TIME_AND_TSC(title,
+                     mbedtls_chachapoly_encrypt_and_tag(&chachapoly,
+                                                        BUFSIZE, tmp, NULL, 0, buf, buf, tmp));
+
+        mbedtls_chachapoly_free(&chachapoly);
+    }
+#endif
+#if defined(MBEDTLS_CMAC_C)
+    if (todo.aes_cmac) {
+        unsigned char output[16];
+        const mbedtls_cipher_info_t *cipher_info;
+        mbedtls_cipher_type_t cipher_type;
+        int keysize;
+
+        for (keysize = 128, cipher_type = MBEDTLS_CIPHER_AES_128_ECB;
+             keysize <= 256;
+             keysize += 64, cipher_type++) {
+            mbedtls_snprintf(title, sizeof(title), "AES-CMAC-%d", keysize);
+
+            memset(buf, 0, sizeof(buf));
+            memset(tmp, 0, sizeof(tmp));
+
+            cipher_info = mbedtls_cipher_info_from_type(cipher_type);
+
+            TIME_AND_TSC(title,
+                         mbedtls_cipher_cmac(cipher_info, tmp, keysize,
+                                             buf, BUFSIZE, output));
+        }
+
+        memset(buf, 0, sizeof(buf));
+        memset(tmp, 0, sizeof(tmp));
+        TIME_AND_TSC("AES-CMAC-PRF-128",
+                     mbedtls_aes_cmac_prf_128(tmp, 16, buf, BUFSIZE,
+                                              output));
+    }
+#endif /* MBEDTLS_CMAC_C */
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_ARIA_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
+    if (todo.aria) {
+        int keysize;
+        mbedtls_aria_context aria;
+        mbedtls_aria_init(&aria);
+        for (keysize = 128; keysize <= 256; keysize += 64) {
+            mbedtls_snprintf(title, sizeof(title), "ARIA-CBC-%d", keysize);
+
+            memset(buf, 0, sizeof(buf));
+            memset(tmp, 0, sizeof(tmp));
+            mbedtls_aria_setkey_enc(&aria, tmp, keysize);
+
+            TIME_AND_TSC(title,
+                         mbedtls_aria_crypt_cbc(&aria, MBEDTLS_ARIA_ENCRYPT,
+                                                BUFSIZE, tmp, buf, buf));
+        }
+        mbedtls_aria_free(&aria);
+    }
+#endif
+
+#if defined(MBEDTLS_CAMELLIA_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
+    if (todo.camellia) {
+        int keysize;
+        mbedtls_camellia_context camellia;
+        mbedtls_camellia_init(&camellia);
+        for (keysize = 128; keysize <= 256; keysize += 64) {
+            mbedtls_snprintf(title, sizeof(title), "CAMELLIA-CBC-%d", keysize);
+
+            memset(buf, 0, sizeof(buf));
+            memset(tmp, 0, sizeof(tmp));
+            mbedtls_camellia_setkey_enc(&camellia, tmp, keysize);
+
+            TIME_AND_TSC(title,
+                         mbedtls_camellia_crypt_cbc(&camellia, MBEDTLS_CAMELLIA_ENCRYPT,
+                                                    BUFSIZE, tmp, buf, buf));
+        }
+        mbedtls_camellia_free(&camellia);
+    }
+#endif
+
+#if defined(MBEDTLS_CHACHA20_C)
+    if (todo.chacha20) {
+        TIME_AND_TSC("ChaCha20", mbedtls_chacha20_crypt(buf, buf, 0U, BUFSIZE, buf, buf));
+    }
+#endif
+
+#if defined(MBEDTLS_POLY1305_C)
+    if (todo.poly1305) {
+        TIME_AND_TSC("Poly1305", mbedtls_poly1305_mac(buf, buf, BUFSIZE, buf));
+    }
+#endif
+
+#if defined(MBEDTLS_BLOWFISH_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
+    if (todo.blowfish) {
+        int keysize;
+        mbedtls_blowfish_context blowfish;
+        mbedtls_blowfish_init(&blowfish);
+
+        for (keysize = 128; keysize <= 256; keysize += 64) {
+            mbedtls_snprintf(title, sizeof(title), "BLOWFISH-CBC-%d", keysize);
+
+            memset(buf, 0, sizeof(buf));
+            memset(tmp, 0, sizeof(tmp));
+            mbedtls_blowfish_setkey(&blowfish, tmp, keysize);
+
+            TIME_AND_TSC(title,
+                         mbedtls_blowfish_crypt_cbc(&blowfish, MBEDTLS_BLOWFISH_ENCRYPT, BUFSIZE,
+                                                    tmp, buf, buf));
+        }
+
+        mbedtls_blowfish_free(&blowfish);
+    }
+#endif
+
+#if defined(MBEDTLS_HAVEGE_C)
+    if (todo.havege) {
+        mbedtls_havege_state hs;
+        mbedtls_havege_init(&hs);
+        TIME_AND_TSC("HAVEGE", mbedtls_havege_random(&hs, buf, BUFSIZE));
+        mbedtls_havege_free(&hs);
+    }
+#endif
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+    if (todo.ctr_drbg) {
+        mbedtls_ctr_drbg_context ctr_drbg;
+
+        mbedtls_ctr_drbg_init(&ctr_drbg);
+        if (mbedtls_ctr_drbg_seed(&ctr_drbg, myrand, NULL, NULL, 0) != 0) {
+            mbedtls_exit(1);
+        }
+        TIME_AND_TSC("CTR_DRBG (NOPR)",
+                     mbedtls_ctr_drbg_random(&ctr_drbg, buf, BUFSIZE));
+        mbedtls_ctr_drbg_free(&ctr_drbg);
+
+        mbedtls_ctr_drbg_init(&ctr_drbg);
+        if (mbedtls_ctr_drbg_seed(&ctr_drbg, myrand, NULL, NULL, 0) != 0) {
+            mbedtls_exit(1);
+        }
+        mbedtls_ctr_drbg_set_prediction_resistance(&ctr_drbg, MBEDTLS_CTR_DRBG_PR_ON);
+        TIME_AND_TSC("CTR_DRBG (PR)",
+                     mbedtls_ctr_drbg_random(&ctr_drbg, buf, BUFSIZE));
+        mbedtls_ctr_drbg_free(&ctr_drbg);
+    }
+#endif
+
+#if defined(MBEDTLS_HMAC_DRBG_C) && \
+    (defined(MBEDTLS_SHA1_C) || defined(MBEDTLS_SHA256_C))
+    if (todo.hmac_drbg) {
+        mbedtls_hmac_drbg_context hmac_drbg;
+        const mbedtls_md_info_t *md_info;
+
+        mbedtls_hmac_drbg_init(&hmac_drbg);
+
+#if defined(MBEDTLS_SHA1_C)
+        if ((md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1)) == NULL) {
+            mbedtls_exit(1);
+        }
+
+        if (mbedtls_hmac_drbg_seed(&hmac_drbg, md_info, myrand, NULL, NULL, 0) != 0) {
+            mbedtls_exit(1);
+        }
+        TIME_AND_TSC("HMAC_DRBG SHA-1 (NOPR)",
+                     mbedtls_hmac_drbg_random(&hmac_drbg, buf, BUFSIZE));
+
+        if (mbedtls_hmac_drbg_seed(&hmac_drbg, md_info, myrand, NULL, NULL, 0) != 0) {
+            mbedtls_exit(1);
+        }
+        mbedtls_hmac_drbg_set_prediction_resistance(&hmac_drbg,
+                                                    MBEDTLS_HMAC_DRBG_PR_ON);
+        TIME_AND_TSC("HMAC_DRBG SHA-1 (PR)",
+                     mbedtls_hmac_drbg_random(&hmac_drbg, buf, BUFSIZE));
+#endif
+
+#if defined(MBEDTLS_SHA256_C)
+        if ((md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256)) == NULL) {
+            mbedtls_exit(1);
+        }
+
+        if (mbedtls_hmac_drbg_seed(&hmac_drbg, md_info, myrand, NULL, NULL, 0) != 0) {
+            mbedtls_exit(1);
+        }
+        TIME_AND_TSC("HMAC_DRBG SHA-256 (NOPR)",
+                     mbedtls_hmac_drbg_random(&hmac_drbg, buf, BUFSIZE));
+
+        if (mbedtls_hmac_drbg_seed(&hmac_drbg, md_info, myrand, NULL, NULL, 0) != 0) {
+            mbedtls_exit(1);
+        }
+        mbedtls_hmac_drbg_set_prediction_resistance(&hmac_drbg,
+                                                    MBEDTLS_HMAC_DRBG_PR_ON);
+        TIME_AND_TSC("HMAC_DRBG SHA-256 (PR)",
+                     mbedtls_hmac_drbg_random(&hmac_drbg, buf, BUFSIZE));
+#endif
+        mbedtls_hmac_drbg_free(&hmac_drbg);
+    }
+#endif /* MBEDTLS_HMAC_DRBG_C && ( MBEDTLS_SHA1_C || MBEDTLS_SHA256_C ) */
+
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
+    if (todo.rsa) {
+        int keysize;
+        mbedtls_rsa_context rsa;
+        for (keysize = 2048; keysize <= 4096; keysize *= 2) {
+            mbedtls_snprintf(title, sizeof(title), "RSA-%d", keysize);
+
+            mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0);
+            mbedtls_rsa_gen_key(&rsa, myrand, NULL, keysize, 65537);
+
+            TIME_PUBLIC(title, " public",
+                        buf[0] = 0;
+                        ret = mbedtls_rsa_public(&rsa, buf, buf));
+
+            TIME_PUBLIC(title, "private",
+                        buf[0] = 0;
+                        ret = mbedtls_rsa_private(&rsa, myrand, NULL, buf, buf));
+
+            mbedtls_rsa_free(&rsa);
+        }
+    }
+#endif
+
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_BIGNUM_C)
+    if (todo.dhm) {
+        int dhm_sizes[] = { 2048, 3072 };
+        static const unsigned char dhm_P_2048[] =
+            MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN;
+        static const unsigned char dhm_P_3072[] =
+            MBEDTLS_DHM_RFC3526_MODP_3072_P_BIN;
+        static const unsigned char dhm_G_2048[] =
+            MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN;
+        static const unsigned char dhm_G_3072[] =
+            MBEDTLS_DHM_RFC3526_MODP_3072_G_BIN;
+
+        const unsigned char *dhm_P[] = { dhm_P_2048, dhm_P_3072 };
+        const size_t dhm_P_size[] = { sizeof(dhm_P_2048),
+                                      sizeof(dhm_P_3072) };
+
+        const unsigned char *dhm_G[] = { dhm_G_2048, dhm_G_3072 };
+        const size_t dhm_G_size[] = { sizeof(dhm_G_2048),
+                                      sizeof(dhm_G_3072) };
+
+        mbedtls_dhm_context dhm;
+        size_t olen;
+        for (i = 0; (size_t) i < sizeof(dhm_sizes) / sizeof(dhm_sizes[0]); i++) {
+            mbedtls_dhm_init(&dhm);
+
+            if (mbedtls_mpi_read_binary(&dhm.P, dhm_P[i],
+                                        dhm_P_size[i]) != 0 ||
+                mbedtls_mpi_read_binary(&dhm.G, dhm_G[i],
+                                        dhm_G_size[i]) != 0) {
+                mbedtls_exit(1);
+            }
+
+            dhm.len = mbedtls_mpi_size(&dhm.P);
+            mbedtls_dhm_make_public(&dhm, (int) dhm.len, buf, dhm.len, myrand, NULL);
+            if (mbedtls_mpi_copy(&dhm.GY, &dhm.GX) != 0) {
+                mbedtls_exit(1);
+            }
+
+            mbedtls_snprintf(title, sizeof(title), "DHE-%d", dhm_sizes[i]);
+            TIME_PUBLIC(title, "handshake",
+                        ret |= mbedtls_dhm_make_public(&dhm, (int) dhm.len, buf, dhm.len,
+                                                       myrand, NULL);
+                        ret |=
+                            mbedtls_dhm_calc_secret(&dhm, buf, sizeof(buf), &olen, myrand, NULL));
+
+            mbedtls_snprintf(title, sizeof(title), "DH-%d", dhm_sizes[i]);
+            TIME_PUBLIC(title, "handshake",
+                        ret |=
+                            mbedtls_dhm_calc_secret(&dhm, buf, sizeof(buf), &olen, myrand, NULL));
+
+            mbedtls_dhm_free(&dhm);
+        }
+    }
+#endif
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_SHA256_C)
+    if (todo.ecdsa) {
+        mbedtls_ecdsa_context ecdsa;
+        const mbedtls_ecp_curve_info *curve_info;
+        size_t sig_len;
+
+        memset(buf, 0x2A, sizeof(buf));
+
+        for (curve_info = curve_list;
+             curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
+             curve_info++) {
+            if (!mbedtls_ecdsa_can_do(curve_info->grp_id)) {
+                continue;
+            }
+
+            mbedtls_ecdsa_init(&ecdsa);
+
+            if (mbedtls_ecdsa_genkey(&ecdsa, curve_info->grp_id, myrand, NULL) != 0) {
+                mbedtls_exit(1);
+            }
+            ecp_clear_precomputed(&ecdsa.grp);
+
+            mbedtls_snprintf(title, sizeof(title), "ECDSA-%s",
+                             curve_info->name);
+            TIME_PUBLIC(title, "sign",
+                        ret =
+                            mbedtls_ecdsa_write_signature(&ecdsa, MBEDTLS_MD_SHA256, buf,
+                                                          curve_info->bit_size,
+                                                          tmp, &sig_len, myrand, NULL));
+
+            mbedtls_ecdsa_free(&ecdsa);
+        }
+
+        for (curve_info = curve_list;
+             curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
+             curve_info++) {
+            if (!mbedtls_ecdsa_can_do(curve_info->grp_id)) {
+                continue;
+            }
+
+            mbedtls_ecdsa_init(&ecdsa);
+
+            if (mbedtls_ecdsa_genkey(&ecdsa, curve_info->grp_id, myrand, NULL) != 0 ||
+                mbedtls_ecdsa_write_signature(&ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->bit_size,
+                                              tmp, &sig_len, myrand, NULL) != 0) {
+                mbedtls_exit(1);
+            }
+            ecp_clear_precomputed(&ecdsa.grp);
+
+            mbedtls_snprintf(title, sizeof(title), "ECDSA-%s",
+                             curve_info->name);
+            TIME_PUBLIC(title, "verify",
+                        ret = mbedtls_ecdsa_read_signature(&ecdsa, buf, curve_info->bit_size,
+                                                           tmp, sig_len));
+
+            mbedtls_ecdsa_free(&ecdsa);
+        }
+    }
+#endif
+
+#if defined(MBEDTLS_ECDH_C) && defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
+    if (todo.ecdh) {
+        mbedtls_ecdh_context ecdh;
+        mbedtls_mpi z;
+        const mbedtls_ecp_curve_info montgomery_curve_list[] = {
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+            { MBEDTLS_ECP_DP_CURVE25519, 0, 0, "Curve25519" },
+#endif
+#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+            { MBEDTLS_ECP_DP_CURVE448, 0, 0, "Curve448" },
+#endif
+            { MBEDTLS_ECP_DP_NONE, 0, 0, 0 }
+        };
+        const mbedtls_ecp_curve_info *curve_info;
+        size_t olen;
+        const mbedtls_ecp_curve_info *selected_montgomery_curve_list =
+            montgomery_curve_list;
+
+        if (curve_list == (const mbedtls_ecp_curve_info *) &single_curve) {
+            mbedtls_ecp_group grp;
+            mbedtls_ecp_group_init(&grp);
+            if (mbedtls_ecp_group_load(&grp, curve_list->grp_id) != 0) {
+                mbedtls_exit(1);
+            }
+            if (mbedtls_ecp_get_type(&grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) {
+                selected_montgomery_curve_list = single_curve;
+            } else { /* empty list */
+                selected_montgomery_curve_list = single_curve + 1;
+            }
+            mbedtls_ecp_group_free(&grp);
+        }
+
+        for (curve_info = curve_list;
+             curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
+             curve_info++) {
+            if (!mbedtls_ecdh_can_do(curve_info->grp_id)) {
+                continue;
+            }
+
+            mbedtls_ecdh_init(&ecdh);
+
+            CHECK_AND_CONTINUE(mbedtls_ecp_group_load(&ecdh.grp, curve_info->grp_id));
+            CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh, &olen, buf, sizeof(buf),
+                                                        myrand, NULL));
+            CHECK_AND_CONTINUE(mbedtls_ecp_copy(&ecdh.Qp, &ecdh.Q));
+            ecp_clear_precomputed(&ecdh.grp);
+
+            mbedtls_snprintf(title, sizeof(title), "ECDHE-%s",
+                             curve_info->name);
+            TIME_PUBLIC(title, "handshake",
+                        CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh, &olen, buf, sizeof(buf),
+                                                                    myrand, NULL));
+                        CHECK_AND_CONTINUE(mbedtls_ecdh_calc_secret(&ecdh, &olen, buf, sizeof(buf),
+                                                                    myrand, NULL)));
+            mbedtls_ecdh_free(&ecdh);
+        }
+
+        /* Montgomery curves need to be handled separately */
+        for (curve_info = selected_montgomery_curve_list;
+             curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
+             curve_info++) {
+            mbedtls_ecdh_init(&ecdh);
+            mbedtls_mpi_init(&z);
+
+            CHECK_AND_CONTINUE(mbedtls_ecp_group_load(&ecdh.grp, curve_info->grp_id));
+            CHECK_AND_CONTINUE(mbedtls_ecdh_gen_public(&ecdh.grp, &ecdh.d, &ecdh.Qp, myrand, NULL));
+
+            mbedtls_snprintf(title, sizeof(title), "ECDHE-%s",
+                             curve_info->name);
+            TIME_PUBLIC(title, "handshake",
+                        CHECK_AND_CONTINUE(mbedtls_ecdh_gen_public(&ecdh.grp, &ecdh.d, &ecdh.Q,
+                                                                   myrand, NULL));
+                        CHECK_AND_CONTINUE(mbedtls_ecdh_compute_shared(&ecdh.grp, &z, &ecdh.Qp,
+                                                                       &ecdh.d,
+                                                                       myrand, NULL)));
+
+            mbedtls_ecdh_free(&ecdh);
+            mbedtls_mpi_free(&z);
+        }
+
+        for (curve_info = curve_list;
+             curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
+             curve_info++) {
+            if (!mbedtls_ecdh_can_do(curve_info->grp_id)) {
+                continue;
+            }
+
+            mbedtls_ecdh_init(&ecdh);
+
+            CHECK_AND_CONTINUE(mbedtls_ecp_group_load(&ecdh.grp, curve_info->grp_id));
+            CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh, &olen, buf, sizeof(buf),
+                                                        myrand, NULL));
+            CHECK_AND_CONTINUE(mbedtls_ecp_copy(&ecdh.Qp, &ecdh.Q));
+            CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh, &olen, buf, sizeof(buf),
+                                                        myrand, NULL));
+            ecp_clear_precomputed(&ecdh.grp);
+
+            mbedtls_snprintf(title, sizeof(title), "ECDH-%s",
+                             curve_info->name);
+            TIME_PUBLIC(title, "handshake",
+                        CHECK_AND_CONTINUE(mbedtls_ecdh_calc_secret(&ecdh, &olen, buf, sizeof(buf),
+                                                                    myrand, NULL)));
+            mbedtls_ecdh_free(&ecdh);
+        }
+
+        /* Montgomery curves need to be handled separately */
+        for (curve_info = selected_montgomery_curve_list;
+             curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
+             curve_info++) {
+            mbedtls_ecdh_init(&ecdh);
+            mbedtls_mpi_init(&z);
+
+            CHECK_AND_CONTINUE(mbedtls_ecp_group_load(&ecdh.grp, curve_info->grp_id));
+            CHECK_AND_CONTINUE(mbedtls_ecdh_gen_public(&ecdh.grp, &ecdh.d, &ecdh.Qp,
+                                                       myrand, NULL));
+            CHECK_AND_CONTINUE(mbedtls_ecdh_gen_public(&ecdh.grp, &ecdh.d, &ecdh.Q, myrand, NULL));
+
+            mbedtls_snprintf(title, sizeof(title), "ECDH-%s",
+                             curve_info->name);
+            TIME_PUBLIC(title, "handshake",
+                        CHECK_AND_CONTINUE(mbedtls_ecdh_compute_shared(&ecdh.grp, &z, &ecdh.Qp,
+                                                                       &ecdh.d,
+                                                                       myrand, NULL)));
+
+            mbedtls_ecdh_free(&ecdh);
+            mbedtls_mpi_free(&z);
+        }
+    }
+#endif
+
+#if defined(MBEDTLS_ECDH_C)
+    if (todo.ecdh) {
+        mbedtls_ecdh_context ecdh_srv, ecdh_cli;
+        unsigned char buf_srv[BUFSIZE], buf_cli[BUFSIZE];
+        const mbedtls_ecp_curve_info *curve_info;
+        size_t olen;
+
+        for (curve_info = curve_list;
+             curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
+             curve_info++) {
+            if (!mbedtls_ecdh_can_do(curve_info->grp_id)) {
+                continue;
+            }
+
+            mbedtls_ecdh_init(&ecdh_srv);
+            mbedtls_ecdh_init(&ecdh_cli);
+
+            mbedtls_snprintf(title, sizeof(title), "ECDHE-%s", curve_info->name);
+            TIME_PUBLIC(title,
+                        "full handshake",
+                        const unsigned char *p_srv = buf_srv;
+
+                        CHECK_AND_CONTINUE(mbedtls_ecdh_setup(&ecdh_srv, curve_info->grp_id));
+                        CHECK_AND_CONTINUE(mbedtls_ecdh_make_params(&ecdh_srv, &olen, buf_srv,
+                                                                    sizeof(buf_srv), myrand, NULL));
+
+                        CHECK_AND_CONTINUE(mbedtls_ecdh_read_params(&ecdh_cli, &p_srv,
+                                                                    p_srv + olen));
+                        CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh_cli, &olen, buf_cli,
+                                                                    sizeof(buf_cli), myrand, NULL));
+
+                        CHECK_AND_CONTINUE(mbedtls_ecdh_read_public(&ecdh_srv, buf_cli, olen));
+                        CHECK_AND_CONTINUE(mbedtls_ecdh_calc_secret(&ecdh_srv, &olen, buf_srv,
+                                                                    sizeof(buf_srv), myrand, NULL));
+
+                        CHECK_AND_CONTINUE(mbedtls_ecdh_calc_secret(&ecdh_cli, &olen, buf_cli,
+                                                                    sizeof(buf_cli), myrand, NULL));
+                        mbedtls_ecdh_free(&ecdh_cli);
+
+                        mbedtls_ecdh_free(&ecdh_srv);
+                        );
+
+        }
+    }
+#endif
+
+    mbedtls_printf("\n");
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+    mbedtls_memory_buffer_alloc_free();
+#endif
+
+#if defined(_WIN32)
+    mbedtls_printf("  Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(0);
+}
+
+#endif /* MBEDTLS_TIMING_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/test/cmake_subproject/.gitignore b/3rdparty/mbedtls-2.28.7/programs/test/cmake_subproject/.gitignore
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/test/cmake_subproject/.gitignore
rename to 3rdparty/mbedtls-2.28.7/programs/test/cmake_subproject/.gitignore
diff --git a/3rdparty/mbedtls-2.25.0/programs/test/cmake_subproject/CMakeLists.txt b/3rdparty/mbedtls-2.28.7/programs/test/cmake_subproject/CMakeLists.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/test/cmake_subproject/CMakeLists.txt
rename to 3rdparty/mbedtls-2.28.7/programs/test/cmake_subproject/CMakeLists.txt
diff --git a/3rdparty/mbedtls-2.28.7/programs/test/cmake_subproject/cmake_subproject.c b/3rdparty/mbedtls-2.28.7/programs/test/cmake_subproject/cmake_subproject.c
new file mode 100644
index 0000000..cf8085b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/test/cmake_subproject/cmake_subproject.c
@@ -0,0 +1,32 @@
+/*
+ *  Simple program to test that CMake builds with Mbed TLS as a subdirectory
+ *  work correctly.
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#include "mbedtls/version.h"
+
+/* The main reason to build this is for testing the CMake build, so the program
+ * doesn't need to do very much. It calls a single library function to ensure
+ * linkage works, but that is all. */
+int main()
+{
+    /* This version string is 18 bytes long, as advised by version.h. */
+    char version[18];
+
+    mbedtls_version_get_string_full(version);
+
+    mbedtls_printf("Built against %s\n", version);
+
+    return 0;
+}
diff --git a/3rdparty/mbedtls-2.28.7/programs/test/dlopen.c b/3rdparty/mbedtls-2.28.7/programs/test/dlopen.c
new file mode 100644
index 0000000..42a0e92
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/test/dlopen.c
@@ -0,0 +1,96 @@
+/*
+ *  Test dynamic loading of libmbed*
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#include "mbedtls/x509_crt.h"
+#endif
+
+#if defined(__APPLE__)
+#define SO_SUFFIX ".dylib"
+#else
+#define SO_SUFFIX ".so"
+#endif
+
+#define CRYPTO_SO_FILENAME "libmbedcrypto" SO_SUFFIX
+#define X509_SO_FILENAME "libmbedx509" SO_SUFFIX
+#define TLS_SO_FILENAME "libmbedtls" SO_SUFFIX
+
+#include <dlfcn.h>
+
+#define CHECK_DLERROR(function, argument)                             \
+    do                                                                  \
+    {                                                                   \
+        char *CHECK_DLERROR_error = dlerror();                        \
+        if (CHECK_DLERROR_error != NULL)                               \
+        {                                                               \
+            fprintf(stderr, "Dynamic loading error for %s(%s): %s\n",  \
+                    function, argument, CHECK_DLERROR_error);         \
+            mbedtls_exit(MBEDTLS_EXIT_FAILURE);                       \
+        }                                                               \
+    }                                                                   \
+    while (0)
+
+int main(void)
+{
+#if defined(MBEDTLS_MD_C) || defined(MBEDTLS_SSL_TLS_C)
+    unsigned n;
+#endif
+
+#if defined(MBEDTLS_SSL_TLS_C)
+    void *tls_so = dlopen(TLS_SO_FILENAME, RTLD_NOW);
+    CHECK_DLERROR("dlopen", TLS_SO_FILENAME);
+    const int *(*ssl_list_ciphersuites)(void) =
+        dlsym(tls_so, "mbedtls_ssl_list_ciphersuites");
+    CHECK_DLERROR("dlsym", "mbedtls_ssl_list_ciphersuites");
+    const int *ciphersuites = ssl_list_ciphersuites();
+    for (n = 0; ciphersuites[n] != 0; n++) {/* nothing to do, we're just counting */
+        ;
+    }
+    mbedtls_printf("dlopen(%s): %u ciphersuites\n",
+                   TLS_SO_FILENAME, n);
+    dlclose(tls_so);
+    CHECK_DLERROR("dlclose", TLS_SO_FILENAME);
+#endif  /* MBEDTLS_SSL_TLS_C */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    void *x509_so = dlopen(X509_SO_FILENAME, RTLD_NOW);
+    CHECK_DLERROR("dlopen", X509_SO_FILENAME);
+    const mbedtls_x509_crt_profile *profile =
+        dlsym(x509_so, "mbedtls_x509_crt_profile_default");
+    CHECK_DLERROR("dlsym", "mbedtls_x509_crt_profile_default");
+    mbedtls_printf("dlopen(%s): Allowed md mask: %08x\n",
+                   X509_SO_FILENAME, (unsigned) profile->allowed_mds);
+    dlclose(x509_so);
+    CHECK_DLERROR("dlclose", X509_SO_FILENAME);
+#endif  /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_MD_C)
+    void *crypto_so = dlopen(CRYPTO_SO_FILENAME, RTLD_NOW);
+    CHECK_DLERROR("dlopen", CRYPTO_SO_FILENAME);
+    const int *(*md_list)(void) =
+        dlsym(crypto_so, "mbedtls_md_list");
+    CHECK_DLERROR("dlsym", "mbedtls_md_list");
+    const int *mds = md_list();
+    for (n = 0; mds[n] != 0; n++) {/* nothing to do, we're just counting */
+        ;
+    }
+    mbedtls_printf("dlopen(%s): %u hashes\n",
+                   CRYPTO_SO_FILENAME, n);
+    dlclose(crypto_so);
+    CHECK_DLERROR("dlclose", CRYPTO_SO_FILENAME);
+#endif  /* MBEDTLS_MD_C */
+
+    return 0;
+}
diff --git a/3rdparty/mbedtls-2.28.7/programs/test/dlopen_demo.sh b/3rdparty/mbedtls-2.28.7/programs/test/dlopen_demo.sh
new file mode 100644
index 0000000..7b88688
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/test/dlopen_demo.sh
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+# Run the shared library dynamic loading demo program.
+# This is only expected to work when Mbed TLS is built as a shared library.
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+set -e -u
+
+program_name="dlopen"
+program_dir="${0%/*}"
+program="$program_dir/$program_name"
+
+if [ ! -e "$program" ]; then
+    # Look for programs in the current directory and the directories above it
+    for dir in "." ".." "../.."; do
+        program_dir="$dir/programs/test"
+        program="$program_dir/$program_name"
+        if [ -e "$program" ]; then
+            break
+        fi
+    done
+    if [ ! -e "$program" ]; then
+        echo "Could not find $program_name program"
+
+        echo "Make sure that Mbed TLS is built as a shared library." \
+             "If building out-of-tree, this script must be run" \
+             "from the project build directory."
+        exit 1
+    fi
+fi
+
+top_dir="$program_dir/../.."
+library_dir="$top_dir/library"
+
+# ELF-based Unix-like (Linux, *BSD, Solaris, ...)
+if [ -n "${LD_LIBRARY_PATH-}" ]; then
+    LD_LIBRARY_PATH="$library_dir:$LD_LIBRARY_PATH"
+else
+    LD_LIBRARY_PATH="$library_dir"
+fi
+export LD_LIBRARY_PATH
+
+# OSX/macOS
+if [ -n "${DYLD_LIBRARY_PATH-}" ]; then
+    DYLD_LIBRARY_PATH="$library_dir:$DYLD_LIBRARY_PATH"
+else
+    DYLD_LIBRARY_PATH="$library_dir"
+fi
+export DYLD_LIBRARY_PATH
+
+echo "Running dynamic loading test program: $program"
+echo "Loading libraries from: $library_dir"
+"$program"
diff --git a/3rdparty/mbedtls-2.28.7/programs/test/generate_cpp_dummy_build.sh b/3rdparty/mbedtls-2.28.7/programs/test/generate_cpp_dummy_build.sh
new file mode 100644
index 0000000..2255986
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/test/generate_cpp_dummy_build.sh
@@ -0,0 +1,74 @@
+#!/bin/sh
+
+DEFAULT_OUTPUT_FILE=programs/test/cpp_dummy_build.cpp
+
+if [ "$1" = "--help" ]; then
+    cat <<EOF
+Usage: $0 [OUTPUT]
+Generate a C++ dummy build program that includes all the headers.
+OUTPUT defaults to "programs/test/cpp_dummy_build.cpp".
+Run this program from the root of an Mbed TLS directory tree or from
+its "programs" or "programs/test" subdirectory.
+EOF
+    exit
+fi
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+set -e
+
+# Ensure a reproducible order for *.h
+export LC_ALL=C
+
+print_cpp () {
+    cat <<'EOF'
+/* Automatically generated file. Do not edit.
+ *
+ *  This program is a dummy C++ program to ensure Mbed TLS library header files
+ *  can be included and built with a C++ compiler.
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ *
+ */
+
+#include "mbedtls/config.h"
+
+EOF
+
+  for header in include/mbedtls/*.h include/psa/*.h; do
+    case ${header#include/} in
+      psa/crypto_config.h) :;; # not meant for direct inclusion
+      # Some of the psa/crypto_*.h headers are not meant to be included directly.
+      # They do have include guards that make them no-ops if psa/crypto.h
+      # has been included before. Since psa/crypto.h comes before psa/crypto_*.h
+      # in the wildcard enumeration, we don't need to skip those headers.
+      *) echo "#include \"${header#include/}\"";;
+    esac
+  done
+
+    cat <<'EOF'
+
+int main()
+{
+    mbedtls_platform_context *ctx = NULL;
+    mbedtls_platform_setup(ctx);
+    mbedtls_printf("CPP Build test passed\n");
+    mbedtls_platform_teardown(ctx);
+}
+EOF
+}
+
+if [ -d include/mbedtls ]; then
+    :
+elif [ -d ../include/mbedtls ]; then
+    cd ..
+elif [ -d ../../include/mbedtls ]; then
+    cd ../..
+else
+    echo >&2 "This script must be run from an Mbed TLS source tree."
+    exit 3
+fi
+
+print_cpp >"${1:-$DEFAULT_OUTPUT_FILE}"
diff --git a/3rdparty/mbedtls-2.28.7/programs/test/query_compile_time_config.c b/3rdparty/mbedtls-2.28.7/programs/test/query_compile_time_config.c
new file mode 100644
index 0000000..cb37146
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/test/query_compile_time_config.c
@@ -0,0 +1,40 @@
+/*
+ *  Query the Mbed TLS compile time configuration
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#define USAGE                                                                \
+    "usage: %s [ <MBEDTLS_CONFIG> | -l ]\n\n"                                \
+    "This program takes one command line argument which corresponds to\n"    \
+    "the string representation of a Mbed TLS compile time configuration.\n"  \
+    "The value 0 will be returned if this configuration is defined in the\n" \
+    "Mbed TLS build and the macro expansion of that configuration will be\n" \
+    "printed (if any). Otherwise, 1 will be returned.\n"                     \
+    "-l\tPrint all available configuration.\n"
+#include <string.h>
+#include "query_config.h"
+
+int main(int argc, char *argv[])
+{
+    if (argc < 2 || strcmp(argv[1], "-h") == 0) {
+        mbedtls_printf(USAGE, argv[0]);
+        return MBEDTLS_EXIT_FAILURE;
+    }
+
+    if (strcmp(argv[1], "-l") == 0) {
+        list_config();
+        return 0;
+    }
+
+    return query_config(argv[1]);
+}
diff --git a/3rdparty/mbedtls-2.28.7/programs/test/query_config.c b/3rdparty/mbedtls-2.28.7/programs/test/query_config.c
new file mode 100644
index 0000000..859d824
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/test/query_config.c
@@ -0,0 +1,4249 @@
+/*
+ *  Query Mbed TLS compile time configurations from config.h
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "query_config.h"
+
+#include "mbedtls/platform.h"
+
+/*
+ * Include all the headers with public APIs in case they define a macro to its
+ * default value when that configuration is not set in the config.h.
+ */
+#include "mbedtls/aes.h"
+#include "mbedtls/aesni.h"
+#include "mbedtls/arc4.h"
+#include "mbedtls/aria.h"
+#include "mbedtls/asn1.h"
+#include "mbedtls/asn1write.h"
+#include "mbedtls/base64.h"
+#include "mbedtls/bignum.h"
+#include "mbedtls/blowfish.h"
+#include "mbedtls/camellia.h"
+#include "mbedtls/ccm.h"
+#include "mbedtls/certs.h"
+#include "mbedtls/chacha20.h"
+#include "mbedtls/chachapoly.h"
+#include "mbedtls/cipher.h"
+#include "mbedtls/cmac.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/debug.h"
+#include "mbedtls/des.h"
+#include "mbedtls/dhm.h"
+#include "mbedtls/ecdh.h"
+#include "mbedtls/ecdsa.h"
+#include "mbedtls/ecjpake.h"
+#include "mbedtls/ecp.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
+#include "mbedtls/error.h"
+#include "mbedtls/gcm.h"
+#include "mbedtls/havege.h"
+#include "mbedtls/hkdf.h"
+#include "mbedtls/hmac_drbg.h"
+#include "mbedtls/md.h"
+#include "mbedtls/md2.h"
+#include "mbedtls/md4.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/memory_buffer_alloc.h"
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/nist_kw.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/padlock.h"
+#include "mbedtls/pem.h"
+#include "mbedtls/pk.h"
+#include "mbedtls/pkcs11.h"
+#include "mbedtls/pkcs12.h"
+#include "mbedtls/pkcs5.h"
+#if defined(MBEDTLS_HAVE_TIME)
+#include "mbedtls/platform_time.h"
+#endif
+#include "mbedtls/platform_util.h"
+#include "mbedtls/poly1305.h"
+#include "mbedtls/ripemd160.h"
+#include "mbedtls/rsa.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/ssl_cache.h"
+#include "mbedtls/ssl_ciphersuites.h"
+#include "mbedtls/ssl_cookie.h"
+#include "mbedtls/ssl_internal.h"
+#include "mbedtls/ssl_ticket.h"
+#include "mbedtls/threading.h"
+#include "mbedtls/timing.h"
+#include "mbedtls/version.h"
+#include "mbedtls/x509.h"
+#include "mbedtls/x509_crl.h"
+#include "mbedtls/x509_crt.h"
+#include "mbedtls/x509_csr.h"
+#include "mbedtls/xtea.h"
+
+#include <string.h>
+
+/*
+ * Helper macros to convert a macro or its expansion into a string
+ * WARNING: This does not work for expanding function-like macros. However,
+ * Mbed TLS does not currently have configuration options used in this fashion.
+ */
+#define MACRO_EXPANSION_TO_STR(macro)   MACRO_NAME_TO_STR(macro)
+#define MACRO_NAME_TO_STR(macro)                                        \
+    mbedtls_printf("%s", strlen( #macro "") > 0 ? #macro "\n" : "")
+
+#define STRINGIFY(macro)  #macro
+#define OUTPUT_MACRO_NAME_VALUE(macro) mbedtls_printf( #macro "%s\n",   \
+                                                       (STRINGIFY(macro) "")[0] != 0 ? "=" STRINGIFY( \
+                                                           macro) : "")
+
+#if defined(_MSC_VER)
+/*
+ * Visual Studio throws the warning 4003 because many Mbed TLS feature macros
+ * are defined empty. This means that from the preprocessor's point of view
+ * the macro MBEDTLS_EXPANSION_TO_STR is being invoked without arguments as
+ * some macros expand to nothing. We suppress that specific warning to get a
+ * clean build and to ensure that tests treating warnings as errors do not
+ * fail.
+ */
+#pragma warning(push)
+#pragma warning(disable:4003)
+#endif /* _MSC_VER */
+
+int query_config(const char *config)
+{
+    #if defined(MBEDTLS_HAVE_ASM)
+    if( strcmp( "MBEDTLS_HAVE_ASM", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_ASM );
+        return( 0 );
+    }
+#endif /* MBEDTLS_HAVE_ASM */
+
+#if defined(MBEDTLS_NO_UDBL_DIVISION)
+    if( strcmp( "MBEDTLS_NO_UDBL_DIVISION", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_NO_UDBL_DIVISION );
+        return( 0 );
+    }
+#endif /* MBEDTLS_NO_UDBL_DIVISION */
+
+#if defined(MBEDTLS_NO_64BIT_MULTIPLICATION)
+    if( strcmp( "MBEDTLS_NO_64BIT_MULTIPLICATION", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_NO_64BIT_MULTIPLICATION );
+        return( 0 );
+    }
+#endif /* MBEDTLS_NO_64BIT_MULTIPLICATION */
+
+#if defined(MBEDTLS_HAVE_SSE2)
+    if( strcmp( "MBEDTLS_HAVE_SSE2", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_SSE2 );
+        return( 0 );
+    }
+#endif /* MBEDTLS_HAVE_SSE2 */
+
+#if defined(MBEDTLS_HAVE_TIME)
+    if( strcmp( "MBEDTLS_HAVE_TIME", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_TIME );
+        return( 0 );
+    }
+#endif /* MBEDTLS_HAVE_TIME */
+
+#if defined(MBEDTLS_HAVE_TIME_DATE)
+    if( strcmp( "MBEDTLS_HAVE_TIME_DATE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_TIME_DATE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_HAVE_TIME_DATE */
+
+#if defined(MBEDTLS_PLATFORM_MEMORY)
+    if( strcmp( "MBEDTLS_PLATFORM_MEMORY", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_MEMORY );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_MEMORY */
+
+#if defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS)
+    if( strcmp( "MBEDTLS_PLATFORM_NO_STD_FUNCTIONS", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NO_STD_FUNCTIONS );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */
+
+#if defined(MBEDTLS_PLATFORM_EXIT_ALT)
+    if( strcmp( "MBEDTLS_PLATFORM_EXIT_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_EXIT_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_EXIT_ALT */
+
+#if defined(MBEDTLS_PLATFORM_TIME_ALT)
+    if( strcmp( "MBEDTLS_PLATFORM_TIME_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_TIME_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_TIME_ALT */
+
+#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
+    if( strcmp( "MBEDTLS_PLATFORM_FPRINTF_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_FPRINTF_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */
+
+#if defined(MBEDTLS_PLATFORM_PRINTF_ALT)
+    if( strcmp( "MBEDTLS_PLATFORM_PRINTF_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_PRINTF_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */
+
+#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
+    if( strcmp( "MBEDTLS_PLATFORM_SNPRINTF_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_SNPRINTF_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
+
+#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT)
+    if( strcmp( "MBEDTLS_PLATFORM_VSNPRINTF_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_VSNPRINTF_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
+
+#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
+    if( strcmp( "MBEDTLS_PLATFORM_NV_SEED_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NV_SEED_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */
+
+#if defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT)
+    if( strcmp( "MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */
+
+#if defined(MBEDTLS_PLATFORM_GMTIME_R_ALT)
+    if( strcmp( "MBEDTLS_PLATFORM_GMTIME_R_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_GMTIME_R_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_GMTIME_R_ALT */
+
+#if defined(MBEDTLS_PLATFORM_ZEROIZE_ALT)
+    if( strcmp( "MBEDTLS_PLATFORM_ZEROIZE_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_ZEROIZE_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */
+
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+    if( strcmp( "MBEDTLS_DEPRECATED_WARNING", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_DEPRECATED_WARNING );
+        return( 0 );
+    }
+#endif /* MBEDTLS_DEPRECATED_WARNING */
+
+#if defined(MBEDTLS_DEPRECATED_REMOVED)
+    if( strcmp( "MBEDTLS_DEPRECATED_REMOVED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_DEPRECATED_REMOVED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
+
+#if defined(MBEDTLS_CHECK_PARAMS)
+    if( strcmp( "MBEDTLS_CHECK_PARAMS", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CHECK_PARAMS );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CHECK_PARAMS */
+
+#if defined(MBEDTLS_CHECK_PARAMS_ASSERT)
+    if( strcmp( "MBEDTLS_CHECK_PARAMS_ASSERT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CHECK_PARAMS_ASSERT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CHECK_PARAMS_ASSERT */
+
+#if defined(MBEDTLS_TIMING_ALT)
+    if( strcmp( "MBEDTLS_TIMING_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_TIMING_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_TIMING_ALT */
+
+#if defined(MBEDTLS_AES_ALT)
+    if( strcmp( "MBEDTLS_AES_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_AES_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_AES_ALT */
+
+#if defined(MBEDTLS_ARC4_ALT)
+    if( strcmp( "MBEDTLS_ARC4_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ARC4_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ARC4_ALT */
+
+#if defined(MBEDTLS_ARIA_ALT)
+    if( strcmp( "MBEDTLS_ARIA_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ARIA_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ARIA_ALT */
+
+#if defined(MBEDTLS_BLOWFISH_ALT)
+    if( strcmp( "MBEDTLS_BLOWFISH_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_BLOWFISH_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_BLOWFISH_ALT */
+
+#if defined(MBEDTLS_CAMELLIA_ALT)
+    if( strcmp( "MBEDTLS_CAMELLIA_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CAMELLIA_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CAMELLIA_ALT */
+
+#if defined(MBEDTLS_CCM_ALT)
+    if( strcmp( "MBEDTLS_CCM_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CCM_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CCM_ALT */
+
+#if defined(MBEDTLS_CHACHA20_ALT)
+    if( strcmp( "MBEDTLS_CHACHA20_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHA20_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CHACHA20_ALT */
+
+#if defined(MBEDTLS_CHACHAPOLY_ALT)
+    if( strcmp( "MBEDTLS_CHACHAPOLY_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHAPOLY_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CHACHAPOLY_ALT */
+
+#if defined(MBEDTLS_CMAC_ALT)
+    if( strcmp( "MBEDTLS_CMAC_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CMAC_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CMAC_ALT */
+
+#if defined(MBEDTLS_DES_ALT)
+    if( strcmp( "MBEDTLS_DES_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_DES_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_DES_ALT */
+
+#if defined(MBEDTLS_DHM_ALT)
+    if( strcmp( "MBEDTLS_DHM_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_DHM_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_DHM_ALT */
+
+#if defined(MBEDTLS_ECJPAKE_ALT)
+    if( strcmp( "MBEDTLS_ECJPAKE_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECJPAKE_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECJPAKE_ALT */
+
+#if defined(MBEDTLS_GCM_ALT)
+    if( strcmp( "MBEDTLS_GCM_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_GCM_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_GCM_ALT */
+
+#if defined(MBEDTLS_NIST_KW_ALT)
+    if( strcmp( "MBEDTLS_NIST_KW_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_NIST_KW_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_NIST_KW_ALT */
+
+#if defined(MBEDTLS_MD2_ALT)
+    if( strcmp( "MBEDTLS_MD2_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_MD2_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_MD2_ALT */
+
+#if defined(MBEDTLS_MD4_ALT)
+    if( strcmp( "MBEDTLS_MD4_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_MD4_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_MD4_ALT */
+
+#if defined(MBEDTLS_MD5_ALT)
+    if( strcmp( "MBEDTLS_MD5_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_MD5_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_MD5_ALT */
+
+#if defined(MBEDTLS_POLY1305_ALT)
+    if( strcmp( "MBEDTLS_POLY1305_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_POLY1305_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_POLY1305_ALT */
+
+#if defined(MBEDTLS_RIPEMD160_ALT)
+    if( strcmp( "MBEDTLS_RIPEMD160_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_RIPEMD160_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_RIPEMD160_ALT */
+
+#if defined(MBEDTLS_RSA_ALT)
+    if( strcmp( "MBEDTLS_RSA_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_RSA_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_RSA_ALT */
+
+#if defined(MBEDTLS_SHA1_ALT)
+    if( strcmp( "MBEDTLS_SHA1_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA1_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SHA1_ALT */
+
+#if defined(MBEDTLS_SHA256_ALT)
+    if( strcmp( "MBEDTLS_SHA256_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SHA256_ALT */
+
+#if defined(MBEDTLS_SHA512_ALT)
+    if( strcmp( "MBEDTLS_SHA512_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SHA512_ALT */
+
+#if defined(MBEDTLS_XTEA_ALT)
+    if( strcmp( "MBEDTLS_XTEA_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_XTEA_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_XTEA_ALT */
+
+#if defined(MBEDTLS_ECP_ALT)
+    if( strcmp( "MBEDTLS_ECP_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_ALT */
+
+#if defined(MBEDTLS_MD2_PROCESS_ALT)
+    if( strcmp( "MBEDTLS_MD2_PROCESS_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_MD2_PROCESS_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_MD2_PROCESS_ALT */
+
+#if defined(MBEDTLS_MD4_PROCESS_ALT)
+    if( strcmp( "MBEDTLS_MD4_PROCESS_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_MD4_PROCESS_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_MD4_PROCESS_ALT */
+
+#if defined(MBEDTLS_MD5_PROCESS_ALT)
+    if( strcmp( "MBEDTLS_MD5_PROCESS_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_MD5_PROCESS_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_MD5_PROCESS_ALT */
+
+#if defined(MBEDTLS_RIPEMD160_PROCESS_ALT)
+    if( strcmp( "MBEDTLS_RIPEMD160_PROCESS_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_RIPEMD160_PROCESS_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_RIPEMD160_PROCESS_ALT */
+
+#if defined(MBEDTLS_SHA1_PROCESS_ALT)
+    if( strcmp( "MBEDTLS_SHA1_PROCESS_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA1_PROCESS_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SHA1_PROCESS_ALT */
+
+#if defined(MBEDTLS_SHA256_PROCESS_ALT)
+    if( strcmp( "MBEDTLS_SHA256_PROCESS_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_PROCESS_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SHA256_PROCESS_ALT */
+
+#if defined(MBEDTLS_SHA512_PROCESS_ALT)
+    if( strcmp( "MBEDTLS_SHA512_PROCESS_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_PROCESS_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SHA512_PROCESS_ALT */
+
+#if defined(MBEDTLS_DES_SETKEY_ALT)
+    if( strcmp( "MBEDTLS_DES_SETKEY_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_DES_SETKEY_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_DES_SETKEY_ALT */
+
+#if defined(MBEDTLS_DES_CRYPT_ECB_ALT)
+    if( strcmp( "MBEDTLS_DES_CRYPT_ECB_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_DES_CRYPT_ECB_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_DES_CRYPT_ECB_ALT */
+
+#if defined(MBEDTLS_DES3_CRYPT_ECB_ALT)
+    if( strcmp( "MBEDTLS_DES3_CRYPT_ECB_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_DES3_CRYPT_ECB_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_DES3_CRYPT_ECB_ALT */
+
+#if defined(MBEDTLS_AES_SETKEY_ENC_ALT)
+    if( strcmp( "MBEDTLS_AES_SETKEY_ENC_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_AES_SETKEY_ENC_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_AES_SETKEY_ENC_ALT */
+
+#if defined(MBEDTLS_AES_SETKEY_DEC_ALT)
+    if( strcmp( "MBEDTLS_AES_SETKEY_DEC_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_AES_SETKEY_DEC_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_AES_SETKEY_DEC_ALT */
+
+#if defined(MBEDTLS_AES_ENCRYPT_ALT)
+    if( strcmp( "MBEDTLS_AES_ENCRYPT_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_AES_ENCRYPT_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_AES_ENCRYPT_ALT */
+
+#if defined(MBEDTLS_AES_DECRYPT_ALT)
+    if( strcmp( "MBEDTLS_AES_DECRYPT_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_AES_DECRYPT_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_AES_DECRYPT_ALT */
+
+#if defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT)
+    if( strcmp( "MBEDTLS_ECDH_GEN_PUBLIC_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_GEN_PUBLIC_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */
+
+#if defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT)
+    if( strcmp( "MBEDTLS_ECDH_COMPUTE_SHARED_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_COMPUTE_SHARED_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */
+
+#if defined(MBEDTLS_ECDSA_VERIFY_ALT)
+    if( strcmp( "MBEDTLS_ECDSA_VERIFY_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_VERIFY_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECDSA_VERIFY_ALT */
+
+#if defined(MBEDTLS_ECDSA_SIGN_ALT)
+    if( strcmp( "MBEDTLS_ECDSA_SIGN_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_SIGN_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECDSA_SIGN_ALT */
+
+#if defined(MBEDTLS_ECDSA_GENKEY_ALT)
+    if( strcmp( "MBEDTLS_ECDSA_GENKEY_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_GENKEY_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECDSA_GENKEY_ALT */
+
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+    if( strcmp( "MBEDTLS_ECP_INTERNAL_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_INTERNAL_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_INTERNAL_ALT */
+
+#if defined(MBEDTLS_ECP_NO_FALLBACK)
+    if( strcmp( "MBEDTLS_ECP_NO_FALLBACK", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NO_FALLBACK );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_NO_FALLBACK */
+
+#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT)
+    if( strcmp( "MBEDTLS_ECP_RANDOMIZE_JAC_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_RANDOMIZE_JAC_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */
+
+#if defined(MBEDTLS_ECP_ADD_MIXED_ALT)
+    if( strcmp( "MBEDTLS_ECP_ADD_MIXED_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_ADD_MIXED_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_ADD_MIXED_ALT */
+
+#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT)
+    if( strcmp( "MBEDTLS_ECP_DOUBLE_JAC_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DOUBLE_JAC_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */
+
+#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT)
+    if( strcmp( "MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT */
+
+#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT)
+    if( strcmp( "MBEDTLS_ECP_NORMALIZE_JAC_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NORMALIZE_JAC_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */
+
+#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)
+    if( strcmp( "MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */
+
+#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT)
+    if( strcmp( "MBEDTLS_ECP_RANDOMIZE_MXZ_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_RANDOMIZE_MXZ_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */
+
+#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
+    if( strcmp( "MBEDTLS_ECP_NORMALIZE_MXZ_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NORMALIZE_MXZ_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */
+
+#if defined(MBEDTLS_TEST_NULL_ENTROPY)
+    if( strcmp( "MBEDTLS_TEST_NULL_ENTROPY", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_NULL_ENTROPY );
+        return( 0 );
+    }
+#endif /* MBEDTLS_TEST_NULL_ENTROPY */
+
+#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+    if( strcmp( "MBEDTLS_ENTROPY_HARDWARE_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_HARDWARE_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */
+
+#if defined(MBEDTLS_AES_ROM_TABLES)
+    if( strcmp( "MBEDTLS_AES_ROM_TABLES", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_AES_ROM_TABLES );
+        return( 0 );
+    }
+#endif /* MBEDTLS_AES_ROM_TABLES */
+
+#if defined(MBEDTLS_AES_FEWER_TABLES)
+    if( strcmp( "MBEDTLS_AES_FEWER_TABLES", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_AES_FEWER_TABLES );
+        return( 0 );
+    }
+#endif /* MBEDTLS_AES_FEWER_TABLES */
+
+#if defined(MBEDTLS_CAMELLIA_SMALL_MEMORY)
+    if( strcmp( "MBEDTLS_CAMELLIA_SMALL_MEMORY", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CAMELLIA_SMALL_MEMORY );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CAMELLIA_SMALL_MEMORY */
+
+#if defined(MBEDTLS_CHECK_RETURN_WARNING)
+    if( strcmp( "MBEDTLS_CHECK_RETURN_WARNING", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CHECK_RETURN_WARNING );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CHECK_RETURN_WARNING */
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    if( strcmp( "MBEDTLS_CIPHER_MODE_CBC", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_CBC );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    if( strcmp( "MBEDTLS_CIPHER_MODE_CFB", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_CFB );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    if( strcmp( "MBEDTLS_CIPHER_MODE_CTR", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_CTR );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    if( strcmp( "MBEDTLS_CIPHER_MODE_OFB", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_OFB );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CIPHER_MODE_OFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    if( strcmp( "MBEDTLS_CIPHER_MODE_XTS", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_XTS );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CIPHER_MODE_XTS */
+
+#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
+    if( strcmp( "MBEDTLS_CIPHER_NULL_CIPHER", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_NULL_CIPHER );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
+
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+    if( strcmp( "MBEDTLS_CIPHER_PADDING_PKCS7", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_PKCS7 );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */
+
+#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS)
+    if( strcmp( "MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */
+
+#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN)
+    if( strcmp( "MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */
+
+#if defined(MBEDTLS_CIPHER_PADDING_ZEROS)
+    if( strcmp( "MBEDTLS_CIPHER_PADDING_ZEROS", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_ZEROS );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CIPHER_PADDING_ZEROS */
+
+#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
+    if( strcmp( "MBEDTLS_CTR_DRBG_USE_128_BIT_KEY", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_USE_128_BIT_KEY );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */
+
+#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES)
+    if( strcmp( "MBEDTLS_ENABLE_WEAK_CIPHERSUITES", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ENABLE_WEAK_CIPHERSUITES );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */
+
+#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
+    if( strcmp( "MBEDTLS_REMOVE_ARC4_CIPHERSUITES", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_REMOVE_ARC4_CIPHERSUITES );
+        return( 0 );
+    }
+#endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */
+
+#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES)
+    if( strcmp( "MBEDTLS_REMOVE_3DES_CIPHERSUITES", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_REMOVE_3DES_CIPHERSUITES );
+        return( 0 );
+    }
+#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */
+
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+    if( strcmp( "MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+    if( strcmp( "MBEDTLS_ECP_DP_SECP192R1_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP192R1_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+    if( strcmp( "MBEDTLS_ECP_DP_SECP224R1_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP224R1_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+    if( strcmp( "MBEDTLS_ECP_DP_SECP256R1_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP256R1_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+    if( strcmp( "MBEDTLS_ECP_DP_SECP384R1_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP384R1_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+    if( strcmp( "MBEDTLS_ECP_DP_SECP521R1_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP521R1_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+    if( strcmp( "MBEDTLS_ECP_DP_SECP192K1_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP192K1_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+    if( strcmp( "MBEDTLS_ECP_DP_SECP224K1_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP224K1_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+    if( strcmp( "MBEDTLS_ECP_DP_SECP256K1_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP256K1_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+    if( strcmp( "MBEDTLS_ECP_DP_BP256R1_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_BP256R1_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+    if( strcmp( "MBEDTLS_ECP_DP_BP384R1_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_BP384R1_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+    if( strcmp( "MBEDTLS_ECP_DP_BP512R1_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_BP512R1_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+    if( strcmp( "MBEDTLS_ECP_DP_CURVE25519_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_CURVE25519_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+    if( strcmp( "MBEDTLS_ECP_DP_CURVE448_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_CURVE448_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */
+
+#if defined(MBEDTLS_ECP_NIST_OPTIM)
+    if( strcmp( "MBEDTLS_ECP_NIST_OPTIM", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NIST_OPTIM );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_NIST_OPTIM */
+
+#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
+    if( strcmp( "MBEDTLS_ECP_NO_INTERNAL_RNG", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NO_INTERNAL_RNG );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    if( strcmp( "MBEDTLS_ECP_RESTARTABLE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_RESTARTABLE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
+    if( strcmp( "MBEDTLS_ECDH_LEGACY_CONTEXT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_LEGACY_CONTEXT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */
+
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+    if( strcmp( "MBEDTLS_ECDSA_DETERMINISTIC", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_DETERMINISTIC );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+    if( strcmp( "MBEDTLS_KEY_EXCHANGE_PSK_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_PSK_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+    if( strcmp( "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+    if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+    if( strcmp( "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
+    if( strcmp( "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_RSA_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
+    if( strcmp( "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
+    if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
+    if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+    if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
+    if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED)
+    if( strcmp( "MBEDTLS_PK_PARSE_EC_EXTENDED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PK_PARSE_EC_EXTENDED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */
+
+#if defined(MBEDTLS_ERROR_STRERROR_DUMMY)
+    if( strcmp( "MBEDTLS_ERROR_STRERROR_DUMMY", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ERROR_STRERROR_DUMMY );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ERROR_STRERROR_DUMMY */
+
+#if defined(MBEDTLS_GENPRIME)
+    if( strcmp( "MBEDTLS_GENPRIME", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_GENPRIME );
+        return( 0 );
+    }
+#endif /* MBEDTLS_GENPRIME */
+
+#if defined(MBEDTLS_FS_IO)
+    if( strcmp( "MBEDTLS_FS_IO", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_FS_IO );
+        return( 0 );
+    }
+#endif /* MBEDTLS_FS_IO */
+
+#if defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
+    if( strcmp( "MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES );
+        return( 0 );
+    }
+#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */
+
+#if defined(MBEDTLS_NO_PLATFORM_ENTROPY)
+    if( strcmp( "MBEDTLS_NO_PLATFORM_ENTROPY", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_NO_PLATFORM_ENTROPY );
+        return( 0 );
+    }
+#endif /* MBEDTLS_NO_PLATFORM_ENTROPY */
+
+#if defined(MBEDTLS_ENTROPY_FORCE_SHA256)
+    if( strcmp( "MBEDTLS_ENTROPY_FORCE_SHA256", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_FORCE_SHA256 );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ENTROPY_FORCE_SHA256 */
+
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+    if( strcmp( "MBEDTLS_ENTROPY_NV_SEED", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_NV_SEED );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ENTROPY_NV_SEED */
+
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+    if( strcmp( "MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    if( strcmp( "MBEDTLS_MEMORY_DEBUG", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_DEBUG );
+        return( 0 );
+    }
+#endif /* MBEDTLS_MEMORY_DEBUG */
+
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+    if( strcmp( "MBEDTLS_MEMORY_BACKTRACE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_BACKTRACE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_MEMORY_BACKTRACE */
+
+#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+    if( strcmp( "MBEDTLS_PK_RSA_ALT_SUPPORT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PK_RSA_ALT_SUPPORT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
+
+#if defined(MBEDTLS_PKCS1_V15)
+    if( strcmp( "MBEDTLS_PKCS1_V15", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS1_V15 );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PKCS1_V15 */
+
+#if defined(MBEDTLS_PKCS1_V21)
+    if( strcmp( "MBEDTLS_PKCS1_V21", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS1_V21 );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PKCS1_V21 */
+
+#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
+    if( strcmp( "MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+
+#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
+    if( strcmp( "MBEDTLS_PSA_CRYPTO_CLIENT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_CLIENT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
+    if( strcmp( "MBEDTLS_PSA_CRYPTO_DRIVERS", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_DRIVERS );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */
+
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+    if( strcmp( "MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+    if( strcmp( "MBEDTLS_PSA_CRYPTO_SPM", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_SPM );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_SPM */
+
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
+    if( strcmp( "MBEDTLS_PSA_INJECT_ENTROPY", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_INJECT_ENTROPY );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
+
+#if defined(MBEDTLS_RSA_NO_CRT)
+    if( strcmp( "MBEDTLS_RSA_NO_CRT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_RSA_NO_CRT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_RSA_NO_CRT */
+
+#if defined(MBEDTLS_SELF_TEST)
+    if( strcmp( "MBEDTLS_SELF_TEST", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SELF_TEST );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SELF_TEST */
+
+#if defined(MBEDTLS_SHA256_SMALLER)
+    if( strcmp( "MBEDTLS_SHA256_SMALLER", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_SMALLER );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SHA256_SMALLER */
+
+#if defined(MBEDTLS_SHA512_SMALLER)
+    if( strcmp( "MBEDTLS_SHA512_SMALLER", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_SMALLER );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SHA512_SMALLER */
+
+#if defined(MBEDTLS_SHA512_NO_SHA384)
+    if( strcmp( "MBEDTLS_SHA512_NO_SHA384", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_NO_SHA384 );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SHA512_NO_SHA384 */
+
+#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES)
+    if( strcmp( "MBEDTLS_SSL_ALL_ALERT_MESSAGES", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ALL_ALERT_MESSAGES );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */
+
+#if defined(MBEDTLS_SSL_RECORD_CHECKING)
+    if( strcmp( "MBEDTLS_SSL_RECORD_CHECKING", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_RECORD_CHECKING );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_RECORD_CHECKING */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    if( strcmp( "MBEDTLS_SSL_DTLS_CONNECTION_ID", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_CONNECTION_ID );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+    if( strcmp( "MBEDTLS_SSL_ASYNC_PRIVATE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ASYNC_PRIVATE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+    if( strcmp( "MBEDTLS_SSL_CONTEXT_SERIALIZATION", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CONTEXT_SERIALIZATION );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
+
+#if defined(MBEDTLS_SSL_DEBUG_ALL)
+    if( strcmp( "MBEDTLS_SSL_DEBUG_ALL", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DEBUG_ALL );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_DEBUG_ALL */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    if( strcmp( "MBEDTLS_SSL_ENCRYPT_THEN_MAC", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ENCRYPT_THEN_MAC );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    if( strcmp( "MBEDTLS_SSL_EXTENDED_MASTER_SECRET", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_EXTENDED_MASTER_SECRET );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+
+#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
+    if( strcmp( "MBEDTLS_SSL_FALLBACK_SCSV", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_FALLBACK_SCSV );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_FALLBACK_SCSV */
+
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    if( strcmp( "MBEDTLS_SSL_KEEP_PEER_CERTIFICATE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_KEEP_PEER_CERTIFICATE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+    if( strcmp( "MBEDTLS_SSL_HW_RECORD_ACCEL", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_HW_RECORD_ACCEL );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
+
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+    if( strcmp( "MBEDTLS_SSL_CBC_RECORD_SPLITTING", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CBC_RECORD_SPLITTING );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if( strcmp( "MBEDTLS_SSL_RENEGOTIATION", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_RENEGOTIATION );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO)
+    if( strcmp( "MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */
+
+#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE)
+    if( strcmp( "MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    if( strcmp( "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    if( strcmp( "MBEDTLS_SSL_PROTO_SSL3", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_SSL3 );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1)
+    if( strcmp( "MBEDTLS_SSL_PROTO_TLS1", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1 );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_PROTO_TLS1 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_1)
+    if( strcmp( "MBEDTLS_SSL_PROTO_TLS1_1", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1_1 );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if( strcmp( "MBEDTLS_SSL_PROTO_TLS1_2", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1_2 );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+    if( strcmp( "MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( strcmp( "MBEDTLS_SSL_PROTO_DTLS", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_DTLS );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+#if defined(MBEDTLS_SSL_ALPN)
+    if( strcmp( "MBEDTLS_SSL_ALPN", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ALPN );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_ALPN */
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+    if( strcmp( "MBEDTLS_SSL_DTLS_ANTI_REPLAY", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_ANTI_REPLAY );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
+    if( strcmp( "MBEDTLS_SSL_DTLS_HELLO_VERIFY", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_HELLO_VERIFY );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
+
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+    if( strcmp( "MBEDTLS_SSL_DTLS_SRTP", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_SRTP );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
+#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE)
+    if( strcmp( "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */
+
+#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
+    if( strcmp( "MBEDTLS_SSL_DTLS_BADMAC_LIMIT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_BADMAC_LIMIT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    if( strcmp( "MBEDTLS_SSL_SESSION_TICKETS", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SESSION_TICKETS );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+    if( strcmp( "MBEDTLS_SSL_EXPORT_KEYS", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_EXPORT_KEYS );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    if( strcmp( "MBEDTLS_SSL_SERVER_NAME_INDICATION", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SERVER_NAME_INDICATION );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    if( strcmp( "MBEDTLS_SSL_TRUNCATED_HMAC", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TRUNCATED_HMAC );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT)
+    if( strcmp( "MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT */
+
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+    if( strcmp( "MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */
+
+#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE)
+    if( strcmp( "MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE */
+
+#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN)
+    if( strcmp( "MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN );
+        return( 0 );
+    }
+#endif /* MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN */
+
+#if defined(MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND)
+    if( strcmp( "MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND );
+        return( 0 );
+    }
+#endif /* MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND */
+
+#if defined(MBEDTLS_TEST_HOOKS)
+    if( strcmp( "MBEDTLS_TEST_HOOKS", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_HOOKS );
+        return( 0 );
+    }
+#endif /* MBEDTLS_TEST_HOOKS */
+
+#if defined(MBEDTLS_THREADING_ALT)
+    if( strcmp( "MBEDTLS_THREADING_ALT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_THREADING_ALT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_THREADING_ALT */
+
+#if defined(MBEDTLS_THREADING_PTHREAD)
+    if( strcmp( "MBEDTLS_THREADING_PTHREAD", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_THREADING_PTHREAD );
+        return( 0 );
+    }
+#endif /* MBEDTLS_THREADING_PTHREAD */
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( strcmp( "MBEDTLS_USE_PSA_CRYPTO", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_USE_PSA_CRYPTO );
+        return( 0 );
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
+    if( strcmp( "MBEDTLS_PSA_CRYPTO_CONFIG", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_CONFIG );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */
+
+#if defined(MBEDTLS_VERSION_FEATURES)
+    if( strcmp( "MBEDTLS_VERSION_FEATURES", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_VERSION_FEATURES );
+        return( 0 );
+    }
+#endif /* MBEDTLS_VERSION_FEATURES */
+
+#if defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3)
+    if( strcmp( "MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 );
+        return( 0 );
+    }
+#endif /* MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 */
+
+#if defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
+    if( strcmp( "MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION );
+        return( 0 );
+    }
+#endif /* MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION */
+
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+    if( strcmp( "MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK );
+        return( 0 );
+    }
+#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+
+#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
+    if( strcmp( "MBEDTLS_X509_CHECK_KEY_USAGE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CHECK_KEY_USAGE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */
+
+#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
+    if( strcmp( "MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
+
+#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
+    if( strcmp( "MBEDTLS_X509_RSASSA_PSS_SUPPORT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_RSASSA_PSS_SUPPORT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    if( strcmp( "MBEDTLS_ZLIB_SUPPORT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ZLIB_SUPPORT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ZLIB_SUPPORT */
+
+#if defined(MBEDTLS_AESNI_C)
+    if( strcmp( "MBEDTLS_AESNI_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_AESNI_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_AESNI_C */
+
+#if defined(MBEDTLS_AES_C)
+    if( strcmp( "MBEDTLS_AES_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_AES_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_ARC4_C)
+    if( strcmp( "MBEDTLS_ARC4_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ARC4_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ARC4_C */
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+    if( strcmp( "MBEDTLS_ASN1_PARSE_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ASN1_PARSE_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ASN1_PARSE_C */
+
+#if defined(MBEDTLS_ASN1_WRITE_C)
+    if( strcmp( "MBEDTLS_ASN1_WRITE_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ASN1_WRITE_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ASN1_WRITE_C */
+
+#if defined(MBEDTLS_BASE64_C)
+    if( strcmp( "MBEDTLS_BASE64_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_BASE64_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_BASE64_C */
+
+#if defined(MBEDTLS_BIGNUM_C)
+    if( strcmp( "MBEDTLS_BIGNUM_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_BIGNUM_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_BIGNUM_C */
+
+#if defined(MBEDTLS_BLOWFISH_C)
+    if( strcmp( "MBEDTLS_BLOWFISH_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_BLOWFISH_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_BLOWFISH_C */
+
+#if defined(MBEDTLS_CAMELLIA_C)
+    if( strcmp( "MBEDTLS_CAMELLIA_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CAMELLIA_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CAMELLIA_C */
+
+#if defined(MBEDTLS_ARIA_C)
+    if( strcmp( "MBEDTLS_ARIA_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ARIA_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ARIA_C */
+
+#if defined(MBEDTLS_CCM_C)
+    if( strcmp( "MBEDTLS_CCM_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CCM_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CCM_C */
+
+#if defined(MBEDTLS_CERTS_C)
+    if( strcmp( "MBEDTLS_CERTS_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CERTS_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CERTS_C */
+
+#if defined(MBEDTLS_CHACHA20_C)
+    if( strcmp( "MBEDTLS_CHACHA20_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHA20_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CHACHA20_C */
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+    if( strcmp( "MBEDTLS_CHACHAPOLY_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHAPOLY_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CHACHAPOLY_C */
+
+#if defined(MBEDTLS_CIPHER_C)
+    if( strcmp( "MBEDTLS_CIPHER_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CIPHER_C */
+
+#if defined(MBEDTLS_CMAC_C)
+    if( strcmp( "MBEDTLS_CMAC_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CMAC_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CMAC_C */
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+    if( strcmp( "MBEDTLS_CTR_DRBG_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CTR_DRBG_C */
+
+#if defined(MBEDTLS_DEBUG_C)
+    if( strcmp( "MBEDTLS_DEBUG_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_DEBUG_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_DEBUG_C */
+
+#if defined(MBEDTLS_DES_C)
+    if( strcmp( "MBEDTLS_DES_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_DES_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_DHM_C)
+    if( strcmp( "MBEDTLS_DHM_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_DHM_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_DHM_C */
+
+#if defined(MBEDTLS_ECDH_C)
+    if( strcmp( "MBEDTLS_ECDH_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECDH_C */
+
+#if defined(MBEDTLS_ECDSA_C)
+    if( strcmp( "MBEDTLS_ECDSA_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECDSA_C */
+
+#if defined(MBEDTLS_ECJPAKE_C)
+    if( strcmp( "MBEDTLS_ECJPAKE_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECJPAKE_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECJPAKE_C */
+
+#if defined(MBEDTLS_ECP_C)
+    if( strcmp( "MBEDTLS_ECP_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_ENTROPY_C)
+    if( strcmp( "MBEDTLS_ENTROPY_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ENTROPY_C */
+
+#if defined(MBEDTLS_ERROR_C)
+    if( strcmp( "MBEDTLS_ERROR_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ERROR_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ERROR_C */
+
+#if defined(MBEDTLS_GCM_C)
+    if( strcmp( "MBEDTLS_GCM_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_GCM_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_HAVEGE_C)
+    if( strcmp( "MBEDTLS_HAVEGE_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_HAVEGE_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_HAVEGE_C */
+
+#if defined(MBEDTLS_HKDF_C)
+    if( strcmp( "MBEDTLS_HKDF_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_HKDF_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_HKDF_C */
+
+#if defined(MBEDTLS_HMAC_DRBG_C)
+    if( strcmp( "MBEDTLS_HMAC_DRBG_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_HMAC_DRBG_C */
+
+#if defined(MBEDTLS_NIST_KW_C)
+    if( strcmp( "MBEDTLS_NIST_KW_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_NIST_KW_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_NIST_KW_C */
+
+#if defined(MBEDTLS_MD_C)
+    if( strcmp( "MBEDTLS_MD_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_MD_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_MD_C */
+
+#if defined(MBEDTLS_MD2_C)
+    if( strcmp( "MBEDTLS_MD2_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_MD2_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_MD2_C */
+
+#if defined(MBEDTLS_MD4_C)
+    if( strcmp( "MBEDTLS_MD4_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_MD4_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_MD4_C */
+
+#if defined(MBEDTLS_MD5_C)
+    if( strcmp( "MBEDTLS_MD5_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_MD5_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_MD5_C */
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+    if( strcmp( "MBEDTLS_MEMORY_BUFFER_ALLOC_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_BUFFER_ALLOC_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */
+
+#if defined(MBEDTLS_NET_C)
+    if( strcmp( "MBEDTLS_NET_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_NET_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_NET_C */
+
+#if defined(MBEDTLS_OID_C)
+    if( strcmp( "MBEDTLS_OID_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_OID_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_OID_C */
+
+#if defined(MBEDTLS_PADLOCK_C)
+    if( strcmp( "MBEDTLS_PADLOCK_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PADLOCK_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PADLOCK_C */
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+    if( strcmp( "MBEDTLS_PEM_PARSE_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PEM_PARSE_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PEM_PARSE_C */
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+    if( strcmp( "MBEDTLS_PEM_WRITE_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PEM_WRITE_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PEM_WRITE_C */
+
+#if defined(MBEDTLS_PK_C)
+    if( strcmp( "MBEDTLS_PK_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PK_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PK_C */
+
+#if defined(MBEDTLS_PK_PARSE_C)
+    if( strcmp( "MBEDTLS_PK_PARSE_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PK_PARSE_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PK_PARSE_C */
+
+#if defined(MBEDTLS_PK_WRITE_C)
+    if( strcmp( "MBEDTLS_PK_WRITE_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PK_WRITE_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PK_WRITE_C */
+
+#if defined(MBEDTLS_PKCS5_C)
+    if( strcmp( "MBEDTLS_PKCS5_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS5_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PKCS5_C */
+
+#if defined(MBEDTLS_PKCS11_C)
+    if( strcmp( "MBEDTLS_PKCS11_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS11_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PKCS11_C */
+
+#if defined(MBEDTLS_PKCS12_C)
+    if( strcmp( "MBEDTLS_PKCS12_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS12_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PKCS12_C */
+
+#if defined(MBEDTLS_PLATFORM_C)
+    if( strcmp( "MBEDTLS_PLATFORM_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_C */
+
+#if defined(MBEDTLS_POLY1305_C)
+    if( strcmp( "MBEDTLS_POLY1305_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_POLY1305_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_POLY1305_C */
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+    if( strcmp( "MBEDTLS_PSA_CRYPTO_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_C */
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    if( strcmp( "MBEDTLS_PSA_CRYPTO_SE_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_SE_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+    if( strcmp( "MBEDTLS_PSA_CRYPTO_STORAGE_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_STORAGE_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+
+#if defined(MBEDTLS_PSA_ITS_FILE_C)
+    if( strcmp( "MBEDTLS_PSA_ITS_FILE_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_ITS_FILE_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PSA_ITS_FILE_C */
+
+#if defined(MBEDTLS_RIPEMD160_C)
+    if( strcmp( "MBEDTLS_RIPEMD160_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_RIPEMD160_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_RIPEMD160_C */
+
+#if defined(MBEDTLS_RSA_C)
+    if( strcmp( "MBEDTLS_RSA_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_RSA_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_SHA1_C)
+    if( strcmp( "MBEDTLS_SHA1_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA1_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SHA1_C */
+
+#if defined(MBEDTLS_SHA256_C)
+    if( strcmp( "MBEDTLS_SHA256_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+    if( strcmp( "MBEDTLS_SHA512_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SHA512_C */
+
+#if defined(MBEDTLS_SSL_CACHE_C)
+    if( strcmp( "MBEDTLS_SSL_CACHE_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_CACHE_C */
+
+#if defined(MBEDTLS_SSL_COOKIE_C)
+    if( strcmp( "MBEDTLS_SSL_COOKIE_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_COOKIE_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_COOKIE_C */
+
+#if defined(MBEDTLS_SSL_TICKET_C)
+    if( strcmp( "MBEDTLS_SSL_TICKET_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TICKET_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_TICKET_C */
+
+#if defined(MBEDTLS_SSL_CLI_C)
+    if( strcmp( "MBEDTLS_SSL_CLI_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CLI_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_CLI_C */
+
+#if defined(MBEDTLS_SSL_SRV_C)
+    if( strcmp( "MBEDTLS_SSL_SRV_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SRV_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_SRV_C */
+
+#if defined(MBEDTLS_SSL_TLS_C)
+    if( strcmp( "MBEDTLS_SSL_TLS_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TLS_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_TLS_C */
+
+#if defined(MBEDTLS_THREADING_C)
+    if( strcmp( "MBEDTLS_THREADING_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_THREADING_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_THREADING_C */
+
+#if defined(MBEDTLS_TIMING_C)
+    if( strcmp( "MBEDTLS_TIMING_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_TIMING_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_TIMING_C */
+
+#if defined(MBEDTLS_VERSION_C)
+    if( strcmp( "MBEDTLS_VERSION_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_VERSION_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_VERSION_C */
+
+#if defined(MBEDTLS_X509_USE_C)
+    if( strcmp( "MBEDTLS_X509_USE_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_USE_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_X509_USE_C */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    if( strcmp( "MBEDTLS_X509_CRT_PARSE_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRT_PARSE_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
+    if( strcmp( "MBEDTLS_X509_CRL_PARSE_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRL_PARSE_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_X509_CRL_PARSE_C */
+
+#if defined(MBEDTLS_X509_CSR_PARSE_C)
+    if( strcmp( "MBEDTLS_X509_CSR_PARSE_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CSR_PARSE_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_X509_CSR_PARSE_C */
+
+#if defined(MBEDTLS_X509_CREATE_C)
+    if( strcmp( "MBEDTLS_X509_CREATE_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CREATE_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_X509_CREATE_C */
+
+#if defined(MBEDTLS_X509_CRT_WRITE_C)
+    if( strcmp( "MBEDTLS_X509_CRT_WRITE_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRT_WRITE_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_X509_CRT_WRITE_C */
+
+#if defined(MBEDTLS_X509_CSR_WRITE_C)
+    if( strcmp( "MBEDTLS_X509_CSR_WRITE_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CSR_WRITE_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_X509_CSR_WRITE_C */
+
+#if defined(MBEDTLS_XTEA_C)
+    if( strcmp( "MBEDTLS_XTEA_C", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_XTEA_C );
+        return( 0 );
+    }
+#endif /* MBEDTLS_XTEA_C */
+
+#if defined(MBEDTLS_CONFIG_FILE)
+    if( strcmp( "MBEDTLS_CONFIG_FILE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CONFIG_FILE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CONFIG_FILE */
+
+#if defined(MBEDTLS_USER_CONFIG_FILE)
+    if( strcmp( "MBEDTLS_USER_CONFIG_FILE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_USER_CONFIG_FILE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_USER_CONFIG_FILE */
+
+#if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE)
+    if( strcmp( "MBEDTLS_PSA_CRYPTO_CONFIG_FILE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_CONFIG_FILE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_CONFIG_FILE */
+
+#if defined(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE)
+    if( strcmp( "MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE */
+
+#if defined(MBEDTLS_MPI_WINDOW_SIZE)
+    if( strcmp( "MBEDTLS_MPI_WINDOW_SIZE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_MPI_WINDOW_SIZE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_MPI_WINDOW_SIZE */
+
+#if defined(MBEDTLS_MPI_MAX_SIZE)
+    if( strcmp( "MBEDTLS_MPI_MAX_SIZE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_MPI_MAX_SIZE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_MPI_MAX_SIZE */
+
+#if defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN)
+    if( strcmp( "MBEDTLS_CTR_DRBG_ENTROPY_LEN", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_ENTROPY_LEN );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CTR_DRBG_ENTROPY_LEN */
+
+#if defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL)
+    if( strcmp( "MBEDTLS_CTR_DRBG_RESEED_INTERVAL", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_RESEED_INTERVAL );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CTR_DRBG_RESEED_INTERVAL */
+
+#if defined(MBEDTLS_CTR_DRBG_MAX_INPUT)
+    if( strcmp( "MBEDTLS_CTR_DRBG_MAX_INPUT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_MAX_INPUT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CTR_DRBG_MAX_INPUT */
+
+#if defined(MBEDTLS_CTR_DRBG_MAX_REQUEST)
+    if( strcmp( "MBEDTLS_CTR_DRBG_MAX_REQUEST", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_MAX_REQUEST );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CTR_DRBG_MAX_REQUEST */
+
+#if defined(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT)
+    if( strcmp( "MBEDTLS_CTR_DRBG_MAX_SEED_INPUT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_MAX_SEED_INPUT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CTR_DRBG_MAX_SEED_INPUT */
+
+#if defined(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL)
+    if( strcmp( "MBEDTLS_HMAC_DRBG_RESEED_INTERVAL", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_RESEED_INTERVAL );
+        return( 0 );
+    }
+#endif /* MBEDTLS_HMAC_DRBG_RESEED_INTERVAL */
+
+#if defined(MBEDTLS_HMAC_DRBG_MAX_INPUT)
+    if( strcmp( "MBEDTLS_HMAC_DRBG_MAX_INPUT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_MAX_INPUT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_HMAC_DRBG_MAX_INPUT */
+
+#if defined(MBEDTLS_HMAC_DRBG_MAX_REQUEST)
+    if( strcmp( "MBEDTLS_HMAC_DRBG_MAX_REQUEST", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_MAX_REQUEST );
+        return( 0 );
+    }
+#endif /* MBEDTLS_HMAC_DRBG_MAX_REQUEST */
+
+#if defined(MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT)
+    if( strcmp( "MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT */
+
+#if defined(MBEDTLS_ECP_MAX_BITS)
+    if( strcmp( "MBEDTLS_ECP_MAX_BITS", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_MAX_BITS );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_MAX_BITS */
+
+#if defined(MBEDTLS_ECP_WINDOW_SIZE)
+    if( strcmp( "MBEDTLS_ECP_WINDOW_SIZE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_WINDOW_SIZE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_WINDOW_SIZE */
+
+#if defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)
+    if( strcmp( "MBEDTLS_ECP_FIXED_POINT_OPTIM", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_FIXED_POINT_OPTIM );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */
+
+#if defined(MBEDTLS_ENTROPY_MAX_SOURCES)
+    if( strcmp( "MBEDTLS_ENTROPY_MAX_SOURCES", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_MAX_SOURCES );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ENTROPY_MAX_SOURCES */
+
+#if defined(MBEDTLS_ENTROPY_MAX_GATHER)
+    if( strcmp( "MBEDTLS_ENTROPY_MAX_GATHER", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_MAX_GATHER );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ENTROPY_MAX_GATHER */
+
+#if defined(MBEDTLS_ENTROPY_MIN_HARDWARE)
+    if( strcmp( "MBEDTLS_ENTROPY_MIN_HARDWARE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_MIN_HARDWARE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_ENTROPY_MIN_HARDWARE */
+
+#if defined(MBEDTLS_MEMORY_ALIGN_MULTIPLE)
+    if( strcmp( "MBEDTLS_MEMORY_ALIGN_MULTIPLE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_ALIGN_MULTIPLE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_MEMORY_ALIGN_MULTIPLE */
+
+#if defined(MBEDTLS_PLATFORM_STD_MEM_HDR)
+    if( strcmp( "MBEDTLS_PLATFORM_STD_MEM_HDR", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_MEM_HDR );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_STD_MEM_HDR */
+
+#if defined(MBEDTLS_PLATFORM_STD_CALLOC)
+    if( strcmp( "MBEDTLS_PLATFORM_STD_CALLOC", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_CALLOC );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_STD_CALLOC */
+
+#if defined(MBEDTLS_PLATFORM_STD_FREE)
+    if( strcmp( "MBEDTLS_PLATFORM_STD_FREE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_FREE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_STD_FREE */
+
+#if defined(MBEDTLS_PLATFORM_STD_EXIT)
+    if( strcmp( "MBEDTLS_PLATFORM_STD_EXIT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_EXIT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_STD_EXIT */
+
+#if defined(MBEDTLS_PLATFORM_STD_TIME)
+    if( strcmp( "MBEDTLS_PLATFORM_STD_TIME", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_TIME );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_STD_TIME */
+
+#if defined(MBEDTLS_PLATFORM_STD_FPRINTF)
+    if( strcmp( "MBEDTLS_PLATFORM_STD_FPRINTF", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_FPRINTF );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_STD_FPRINTF */
+
+#if defined(MBEDTLS_PLATFORM_STD_PRINTF)
+    if( strcmp( "MBEDTLS_PLATFORM_STD_PRINTF", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_PRINTF );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_STD_PRINTF */
+
+#if defined(MBEDTLS_PLATFORM_STD_SNPRINTF)
+    if( strcmp( "MBEDTLS_PLATFORM_STD_SNPRINTF", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_SNPRINTF );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_STD_SNPRINTF */
+
+#if defined(MBEDTLS_PLATFORM_STD_EXIT_SUCCESS)
+    if( strcmp( "MBEDTLS_PLATFORM_STD_EXIT_SUCCESS", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_EXIT_SUCCESS );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_STD_EXIT_SUCCESS */
+
+#if defined(MBEDTLS_PLATFORM_STD_EXIT_FAILURE)
+    if( strcmp( "MBEDTLS_PLATFORM_STD_EXIT_FAILURE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_EXIT_FAILURE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_STD_EXIT_FAILURE */
+
+#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ)
+    if( strcmp( "MBEDTLS_PLATFORM_STD_NV_SEED_READ", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_NV_SEED_READ );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_READ */
+
+#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE)
+    if( strcmp( "MBEDTLS_PLATFORM_STD_NV_SEED_WRITE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_NV_SEED_WRITE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_WRITE */
+
+#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_FILE)
+    if( strcmp( "MBEDTLS_PLATFORM_STD_NV_SEED_FILE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_NV_SEED_FILE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_FILE */
+
+#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO)
+    if( strcmp( "MBEDTLS_PLATFORM_CALLOC_MACRO", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_CALLOC_MACRO );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_CALLOC_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_FREE_MACRO)
+    if( strcmp( "MBEDTLS_PLATFORM_FREE_MACRO", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_FREE_MACRO );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_FREE_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_EXIT_MACRO)
+    if( strcmp( "MBEDTLS_PLATFORM_EXIT_MACRO", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_EXIT_MACRO );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_EXIT_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_TIME_MACRO)
+    if( strcmp( "MBEDTLS_PLATFORM_TIME_MACRO", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_TIME_MACRO );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_TIME_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO)
+    if( strcmp( "MBEDTLS_PLATFORM_TIME_TYPE_MACRO", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_TIME_TYPE_MACRO );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_TIME_TYPE_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO)
+    if( strcmp( "MBEDTLS_PLATFORM_FPRINTF_MACRO", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_FPRINTF_MACRO );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_FPRINTF_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO)
+    if( strcmp( "MBEDTLS_PLATFORM_PRINTF_MACRO", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_PRINTF_MACRO );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_PRINTF_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
+    if( strcmp( "MBEDTLS_PLATFORM_SNPRINTF_MACRO", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_SNPRINTF_MACRO );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_SNPRINTF_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO)
+    if( strcmp( "MBEDTLS_PLATFORM_VSNPRINTF_MACRO", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_VSNPRINTF_MACRO );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_VSNPRINTF_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO)
+    if( strcmp( "MBEDTLS_PLATFORM_NV_SEED_READ_MACRO", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NV_SEED_READ_MACRO );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_NV_SEED_READ_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO)
+    if( strcmp( "MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO */
+
+#if defined(MBEDTLS_CHECK_RETURN)
+    if( strcmp( "MBEDTLS_CHECK_RETURN", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_CHECK_RETURN );
+        return( 0 );
+    }
+#endif /* MBEDTLS_CHECK_RETURN */
+
+#if defined(MBEDTLS_IGNORE_RETURN)
+    if( strcmp( "MBEDTLS_IGNORE_RETURN", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_IGNORE_RETURN );
+        return( 0 );
+    }
+#endif /* MBEDTLS_IGNORE_RETURN */
+
+#if defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE)
+    if( strcmp( "MBEDTLS_PSA_HMAC_DRBG_MD_TYPE", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_HMAC_DRBG_MD_TYPE );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PSA_HMAC_DRBG_MD_TYPE */
+
+#if defined(MBEDTLS_PSA_KEY_SLOT_COUNT)
+    if( strcmp( "MBEDTLS_PSA_KEY_SLOT_COUNT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_KEY_SLOT_COUNT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PSA_KEY_SLOT_COUNT */
+
+#if defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT)
+    if( strcmp( "MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT */
+
+#if defined(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES)
+    if( strcmp( "MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES */
+
+#if defined(MBEDTLS_SSL_MAX_CONTENT_LEN)
+    if( strcmp( "MBEDTLS_SSL_MAX_CONTENT_LEN", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_MAX_CONTENT_LEN );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_MAX_CONTENT_LEN */
+
+#if defined(MBEDTLS_SSL_IN_CONTENT_LEN)
+    if( strcmp( "MBEDTLS_SSL_IN_CONTENT_LEN", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_IN_CONTENT_LEN );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_IN_CONTENT_LEN */
+
+#if defined(MBEDTLS_SSL_CID_IN_LEN_MAX)
+    if( strcmp( "MBEDTLS_SSL_CID_IN_LEN_MAX", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID_IN_LEN_MAX );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_CID_IN_LEN_MAX */
+
+#if defined(MBEDTLS_SSL_CID_OUT_LEN_MAX)
+    if( strcmp( "MBEDTLS_SSL_CID_OUT_LEN_MAX", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID_OUT_LEN_MAX );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_CID_OUT_LEN_MAX */
+
+#if defined(MBEDTLS_SSL_CID_PADDING_GRANULARITY)
+    if( strcmp( "MBEDTLS_SSL_CID_PADDING_GRANULARITY", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID_PADDING_GRANULARITY );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_CID_PADDING_GRANULARITY */
+
+#if defined(MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY)
+    if( strcmp( "MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY */
+
+#if defined(MBEDTLS_SSL_OUT_CONTENT_LEN)
+    if( strcmp( "MBEDTLS_SSL_OUT_CONTENT_LEN", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_OUT_CONTENT_LEN );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_OUT_CONTENT_LEN */
+
+#if defined(MBEDTLS_SSL_DTLS_MAX_BUFFERING)
+    if( strcmp( "MBEDTLS_SSL_DTLS_MAX_BUFFERING", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_MAX_BUFFERING );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_DTLS_MAX_BUFFERING */
+
+#if defined(MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME)
+    if( strcmp( "MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME */
+
+#if defined(MBEDTLS_PSK_MAX_LEN)
+    if( strcmp( "MBEDTLS_PSK_MAX_LEN", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_PSK_MAX_LEN );
+        return( 0 );
+    }
+#endif /* MBEDTLS_PSK_MAX_LEN */
+
+#if defined(MBEDTLS_SSL_COOKIE_TIMEOUT)
+    if( strcmp( "MBEDTLS_SSL_COOKIE_TIMEOUT", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_COOKIE_TIMEOUT );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_COOKIE_TIMEOUT */
+
+#if defined(MBEDTLS_TLS_EXT_CID)
+    if( strcmp( "MBEDTLS_TLS_EXT_CID", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_TLS_EXT_CID );
+        return( 0 );
+    }
+#endif /* MBEDTLS_TLS_EXT_CID */
+
+#if defined(MBEDTLS_X509_MAX_INTERMEDIATE_CA)
+    if( strcmp( "MBEDTLS_X509_MAX_INTERMEDIATE_CA", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_MAX_INTERMEDIATE_CA );
+        return( 0 );
+    }
+#endif /* MBEDTLS_X509_MAX_INTERMEDIATE_CA */
+
+#if defined(MBEDTLS_X509_MAX_FILE_PATH_LEN)
+    if( strcmp( "MBEDTLS_X509_MAX_FILE_PATH_LEN", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_X509_MAX_FILE_PATH_LEN );
+        return( 0 );
+    }
+#endif /* MBEDTLS_X509_MAX_FILE_PATH_LEN */
+
+ /* If the symbol is not found, return an error */
+    return 1;
+}
+
+void list_config(void)
+{
+    #if defined(MBEDTLS_HAVE_ASM)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HAVE_ASM);
+#endif /* MBEDTLS_HAVE_ASM */
+
+#if defined(MBEDTLS_NO_UDBL_DIVISION)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_NO_UDBL_DIVISION);
+#endif /* MBEDTLS_NO_UDBL_DIVISION */
+
+#if defined(MBEDTLS_NO_64BIT_MULTIPLICATION)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_NO_64BIT_MULTIPLICATION);
+#endif /* MBEDTLS_NO_64BIT_MULTIPLICATION */
+
+#if defined(MBEDTLS_HAVE_SSE2)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HAVE_SSE2);
+#endif /* MBEDTLS_HAVE_SSE2 */
+
+#if defined(MBEDTLS_HAVE_TIME)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HAVE_TIME);
+#endif /* MBEDTLS_HAVE_TIME */
+
+#if defined(MBEDTLS_HAVE_TIME_DATE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HAVE_TIME_DATE);
+#endif /* MBEDTLS_HAVE_TIME_DATE */
+
+#if defined(MBEDTLS_PLATFORM_MEMORY)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_MEMORY);
+#endif /* MBEDTLS_PLATFORM_MEMORY */
+
+#if defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS);
+#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */
+
+#if defined(MBEDTLS_PLATFORM_EXIT_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_EXIT_ALT);
+#endif /* MBEDTLS_PLATFORM_EXIT_ALT */
+
+#if defined(MBEDTLS_PLATFORM_TIME_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_TIME_ALT);
+#endif /* MBEDTLS_PLATFORM_TIME_ALT */
+
+#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_FPRINTF_ALT);
+#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */
+
+#if defined(MBEDTLS_PLATFORM_PRINTF_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_PRINTF_ALT);
+#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */
+
+#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_SNPRINTF_ALT);
+#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
+
+#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_VSNPRINTF_ALT);
+#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
+
+#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_NV_SEED_ALT);
+#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */
+
+#if defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT);
+#endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */
+
+#if defined(MBEDTLS_PLATFORM_GMTIME_R_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_GMTIME_R_ALT);
+#endif /* MBEDTLS_PLATFORM_GMTIME_R_ALT */
+
+#if defined(MBEDTLS_PLATFORM_ZEROIZE_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_ZEROIZE_ALT);
+#endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */
+
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_DEPRECATED_WARNING);
+#endif /* MBEDTLS_DEPRECATED_WARNING */
+
+#if defined(MBEDTLS_DEPRECATED_REMOVED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_DEPRECATED_REMOVED);
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
+
+#if defined(MBEDTLS_CHECK_PARAMS)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CHECK_PARAMS);
+#endif /* MBEDTLS_CHECK_PARAMS */
+
+#if defined(MBEDTLS_CHECK_PARAMS_ASSERT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CHECK_PARAMS_ASSERT);
+#endif /* MBEDTLS_CHECK_PARAMS_ASSERT */
+
+#if defined(MBEDTLS_TIMING_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_TIMING_ALT);
+#endif /* MBEDTLS_TIMING_ALT */
+
+#if defined(MBEDTLS_AES_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_AES_ALT);
+#endif /* MBEDTLS_AES_ALT */
+
+#if defined(MBEDTLS_ARC4_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ARC4_ALT);
+#endif /* MBEDTLS_ARC4_ALT */
+
+#if defined(MBEDTLS_ARIA_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ARIA_ALT);
+#endif /* MBEDTLS_ARIA_ALT */
+
+#if defined(MBEDTLS_BLOWFISH_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_BLOWFISH_ALT);
+#endif /* MBEDTLS_BLOWFISH_ALT */
+
+#if defined(MBEDTLS_CAMELLIA_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CAMELLIA_ALT);
+#endif /* MBEDTLS_CAMELLIA_ALT */
+
+#if defined(MBEDTLS_CCM_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CCM_ALT);
+#endif /* MBEDTLS_CCM_ALT */
+
+#if defined(MBEDTLS_CHACHA20_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CHACHA20_ALT);
+#endif /* MBEDTLS_CHACHA20_ALT */
+
+#if defined(MBEDTLS_CHACHAPOLY_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CHACHAPOLY_ALT);
+#endif /* MBEDTLS_CHACHAPOLY_ALT */
+
+#if defined(MBEDTLS_CMAC_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CMAC_ALT);
+#endif /* MBEDTLS_CMAC_ALT */
+
+#if defined(MBEDTLS_DES_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_DES_ALT);
+#endif /* MBEDTLS_DES_ALT */
+
+#if defined(MBEDTLS_DHM_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_DHM_ALT);
+#endif /* MBEDTLS_DHM_ALT */
+
+#if defined(MBEDTLS_ECJPAKE_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECJPAKE_ALT);
+#endif /* MBEDTLS_ECJPAKE_ALT */
+
+#if defined(MBEDTLS_GCM_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_GCM_ALT);
+#endif /* MBEDTLS_GCM_ALT */
+
+#if defined(MBEDTLS_NIST_KW_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_NIST_KW_ALT);
+#endif /* MBEDTLS_NIST_KW_ALT */
+
+#if defined(MBEDTLS_MD2_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MD2_ALT);
+#endif /* MBEDTLS_MD2_ALT */
+
+#if defined(MBEDTLS_MD4_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MD4_ALT);
+#endif /* MBEDTLS_MD4_ALT */
+
+#if defined(MBEDTLS_MD5_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MD5_ALT);
+#endif /* MBEDTLS_MD5_ALT */
+
+#if defined(MBEDTLS_POLY1305_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_POLY1305_ALT);
+#endif /* MBEDTLS_POLY1305_ALT */
+
+#if defined(MBEDTLS_RIPEMD160_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_RIPEMD160_ALT);
+#endif /* MBEDTLS_RIPEMD160_ALT */
+
+#if defined(MBEDTLS_RSA_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_RSA_ALT);
+#endif /* MBEDTLS_RSA_ALT */
+
+#if defined(MBEDTLS_SHA1_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA1_ALT);
+#endif /* MBEDTLS_SHA1_ALT */
+
+#if defined(MBEDTLS_SHA256_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA256_ALT);
+#endif /* MBEDTLS_SHA256_ALT */
+
+#if defined(MBEDTLS_SHA512_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA512_ALT);
+#endif /* MBEDTLS_SHA512_ALT */
+
+#if defined(MBEDTLS_XTEA_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_XTEA_ALT);
+#endif /* MBEDTLS_XTEA_ALT */
+
+#if defined(MBEDTLS_ECP_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_ALT);
+#endif /* MBEDTLS_ECP_ALT */
+
+#if defined(MBEDTLS_MD2_PROCESS_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MD2_PROCESS_ALT);
+#endif /* MBEDTLS_MD2_PROCESS_ALT */
+
+#if defined(MBEDTLS_MD4_PROCESS_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MD4_PROCESS_ALT);
+#endif /* MBEDTLS_MD4_PROCESS_ALT */
+
+#if defined(MBEDTLS_MD5_PROCESS_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MD5_PROCESS_ALT);
+#endif /* MBEDTLS_MD5_PROCESS_ALT */
+
+#if defined(MBEDTLS_RIPEMD160_PROCESS_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_RIPEMD160_PROCESS_ALT);
+#endif /* MBEDTLS_RIPEMD160_PROCESS_ALT */
+
+#if defined(MBEDTLS_SHA1_PROCESS_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA1_PROCESS_ALT);
+#endif /* MBEDTLS_SHA1_PROCESS_ALT */
+
+#if defined(MBEDTLS_SHA256_PROCESS_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA256_PROCESS_ALT);
+#endif /* MBEDTLS_SHA256_PROCESS_ALT */
+
+#if defined(MBEDTLS_SHA512_PROCESS_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA512_PROCESS_ALT);
+#endif /* MBEDTLS_SHA512_PROCESS_ALT */
+
+#if defined(MBEDTLS_DES_SETKEY_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_DES_SETKEY_ALT);
+#endif /* MBEDTLS_DES_SETKEY_ALT */
+
+#if defined(MBEDTLS_DES_CRYPT_ECB_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_DES_CRYPT_ECB_ALT);
+#endif /* MBEDTLS_DES_CRYPT_ECB_ALT */
+
+#if defined(MBEDTLS_DES3_CRYPT_ECB_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_DES3_CRYPT_ECB_ALT);
+#endif /* MBEDTLS_DES3_CRYPT_ECB_ALT */
+
+#if defined(MBEDTLS_AES_SETKEY_ENC_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_AES_SETKEY_ENC_ALT);
+#endif /* MBEDTLS_AES_SETKEY_ENC_ALT */
+
+#if defined(MBEDTLS_AES_SETKEY_DEC_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_AES_SETKEY_DEC_ALT);
+#endif /* MBEDTLS_AES_SETKEY_DEC_ALT */
+
+#if defined(MBEDTLS_AES_ENCRYPT_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_AES_ENCRYPT_ALT);
+#endif /* MBEDTLS_AES_ENCRYPT_ALT */
+
+#if defined(MBEDTLS_AES_DECRYPT_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_AES_DECRYPT_ALT);
+#endif /* MBEDTLS_AES_DECRYPT_ALT */
+
+#if defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECDH_GEN_PUBLIC_ALT);
+#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */
+
+#if defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECDH_COMPUTE_SHARED_ALT);
+#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */
+
+#if defined(MBEDTLS_ECDSA_VERIFY_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECDSA_VERIFY_ALT);
+#endif /* MBEDTLS_ECDSA_VERIFY_ALT */
+
+#if defined(MBEDTLS_ECDSA_SIGN_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECDSA_SIGN_ALT);
+#endif /* MBEDTLS_ECDSA_SIGN_ALT */
+
+#if defined(MBEDTLS_ECDSA_GENKEY_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECDSA_GENKEY_ALT);
+#endif /* MBEDTLS_ECDSA_GENKEY_ALT */
+
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_INTERNAL_ALT);
+#endif /* MBEDTLS_ECP_INTERNAL_ALT */
+
+#if defined(MBEDTLS_ECP_NO_FALLBACK)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_NO_FALLBACK);
+#endif /* MBEDTLS_ECP_NO_FALLBACK */
+
+#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_RANDOMIZE_JAC_ALT);
+#endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */
+
+#if defined(MBEDTLS_ECP_ADD_MIXED_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_ADD_MIXED_ALT);
+#endif /* MBEDTLS_ECP_ADD_MIXED_ALT */
+
+#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DOUBLE_JAC_ALT);
+#endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */
+
+#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT);
+#endif /* MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT */
+
+#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_NORMALIZE_JAC_ALT);
+#endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */
+
+#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT);
+#endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */
+
+#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT);
+#endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */
+
+#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_NORMALIZE_MXZ_ALT);
+#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */
+
+#if defined(MBEDTLS_TEST_NULL_ENTROPY)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_TEST_NULL_ENTROPY);
+#endif /* MBEDTLS_TEST_NULL_ENTROPY */
+
+#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ENTROPY_HARDWARE_ALT);
+#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */
+
+#if defined(MBEDTLS_AES_ROM_TABLES)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_AES_ROM_TABLES);
+#endif /* MBEDTLS_AES_ROM_TABLES */
+
+#if defined(MBEDTLS_AES_FEWER_TABLES)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_AES_FEWER_TABLES);
+#endif /* MBEDTLS_AES_FEWER_TABLES */
+
+#if defined(MBEDTLS_CAMELLIA_SMALL_MEMORY)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CAMELLIA_SMALL_MEMORY);
+#endif /* MBEDTLS_CAMELLIA_SMALL_MEMORY */
+
+#if defined(MBEDTLS_CHECK_RETURN_WARNING)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CHECK_RETURN_WARNING);
+#endif /* MBEDTLS_CHECK_RETURN_WARNING */
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_MODE_CBC);
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_MODE_CFB);
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_MODE_CTR);
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_MODE_OFB);
+#endif /* MBEDTLS_CIPHER_MODE_OFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_MODE_XTS);
+#endif /* MBEDTLS_CIPHER_MODE_XTS */
+
+#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_NULL_CIPHER);
+#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
+
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_PADDING_PKCS7);
+#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */
+
+#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS);
+#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */
+
+#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN);
+#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */
+
+#if defined(MBEDTLS_CIPHER_PADDING_ZEROS)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_PADDING_ZEROS);
+#endif /* MBEDTLS_CIPHER_PADDING_ZEROS */
+
+#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY);
+#endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */
+
+#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ENABLE_WEAK_CIPHERSUITES);
+#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */
+
+#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_REMOVE_ARC4_CIPHERSUITES);
+#endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */
+
+#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_REMOVE_3DES_CIPHERSUITES);
+#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */
+
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED);
+#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_SECP192R1_ENABLED);
+#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_SECP224R1_ENABLED);
+#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_SECP256R1_ENABLED);
+#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_SECP384R1_ENABLED);
+#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_SECP521R1_ENABLED);
+#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_SECP192K1_ENABLED);
+#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_SECP224K1_ENABLED);
+#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_SECP256K1_ENABLED);
+#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_BP256R1_ENABLED);
+#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_BP384R1_ENABLED);
+#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_BP512R1_ENABLED);
+#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_CURVE25519_ENABLED);
+#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_CURVE448_ENABLED);
+#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */
+
+#if defined(MBEDTLS_ECP_NIST_OPTIM)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_NIST_OPTIM);
+#endif /* MBEDTLS_ECP_NIST_OPTIM */
+
+#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_NO_INTERNAL_RNG);
+#endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_RESTARTABLE);
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECDH_LEGACY_CONTEXT);
+#endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */
+
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECDSA_DETERMINISTIC);
+#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED);
+#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED);
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED);
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED);
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED);
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED);
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED);
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED);
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED);
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED);
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED);
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PK_PARSE_EC_EXTENDED);
+#endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */
+
+#if defined(MBEDTLS_ERROR_STRERROR_DUMMY)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ERROR_STRERROR_DUMMY);
+#endif /* MBEDTLS_ERROR_STRERROR_DUMMY */
+
+#if defined(MBEDTLS_GENPRIME)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_GENPRIME);
+#endif /* MBEDTLS_GENPRIME */
+
+#if defined(MBEDTLS_FS_IO)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_FS_IO);
+#endif /* MBEDTLS_FS_IO */
+
+#if defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES);
+#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */
+
+#if defined(MBEDTLS_NO_PLATFORM_ENTROPY)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_NO_PLATFORM_ENTROPY);
+#endif /* MBEDTLS_NO_PLATFORM_ENTROPY */
+
+#if defined(MBEDTLS_ENTROPY_FORCE_SHA256)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ENTROPY_FORCE_SHA256);
+#endif /* MBEDTLS_ENTROPY_FORCE_SHA256 */
+
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ENTROPY_NV_SEED);
+#endif /* MBEDTLS_ENTROPY_NV_SEED */
+
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER);
+#endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MEMORY_DEBUG);
+#endif /* MBEDTLS_MEMORY_DEBUG */
+
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MEMORY_BACKTRACE);
+#endif /* MBEDTLS_MEMORY_BACKTRACE */
+
+#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PK_RSA_ALT_SUPPORT);
+#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
+
+#if defined(MBEDTLS_PKCS1_V15)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PKCS1_V15);
+#endif /* MBEDTLS_PKCS1_V15 */
+
+#if defined(MBEDTLS_PKCS1_V21)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PKCS1_V21);
+#endif /* MBEDTLS_PKCS1_V21 */
+
+#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS);
+#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+
+#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_CLIENT);
+#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_DRIVERS);
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */
+
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG);
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_SPM);
+#endif /* MBEDTLS_PSA_CRYPTO_SPM */
+
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_INJECT_ENTROPY);
+#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
+
+#if defined(MBEDTLS_RSA_NO_CRT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_RSA_NO_CRT);
+#endif /* MBEDTLS_RSA_NO_CRT */
+
+#if defined(MBEDTLS_SELF_TEST)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SELF_TEST);
+#endif /* MBEDTLS_SELF_TEST */
+
+#if defined(MBEDTLS_SHA256_SMALLER)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA256_SMALLER);
+#endif /* MBEDTLS_SHA256_SMALLER */
+
+#if defined(MBEDTLS_SHA512_SMALLER)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA512_SMALLER);
+#endif /* MBEDTLS_SHA512_SMALLER */
+
+#if defined(MBEDTLS_SHA512_NO_SHA384)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA512_NO_SHA384);
+#endif /* MBEDTLS_SHA512_NO_SHA384 */
+
+#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_ALL_ALERT_MESSAGES);
+#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */
+
+#if defined(MBEDTLS_SSL_RECORD_CHECKING)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_RECORD_CHECKING);
+#endif /* MBEDTLS_SSL_RECORD_CHECKING */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_DTLS_CONNECTION_ID);
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_ASYNC_PRIVATE);
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_CONTEXT_SERIALIZATION);
+#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
+
+#if defined(MBEDTLS_SSL_DEBUG_ALL)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_DEBUG_ALL);
+#endif /* MBEDTLS_SSL_DEBUG_ALL */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_ENCRYPT_THEN_MAC);
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_EXTENDED_MASTER_SECRET);
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+
+#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_FALLBACK_SCSV);
+#endif /* MBEDTLS_SSL_FALLBACK_SCSV */
+
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE);
+#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_HW_RECORD_ACCEL);
+#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
+
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_CBC_RECORD_SPLITTING);
+#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_RENEGOTIATION);
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO);
+#endif /* MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */
+
+#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE);
+#endif /* MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH);
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_PROTO_SSL3);
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_PROTO_TLS1);
+#endif /* MBEDTLS_SSL_PROTO_TLS1 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_1)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_PROTO_TLS1_1);
+#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_PROTO_TLS1_2);
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL);
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_PROTO_DTLS);
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+#if defined(MBEDTLS_SSL_ALPN)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_ALPN);
+#endif /* MBEDTLS_SSL_ALPN */
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_DTLS_ANTI_REPLAY);
+#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_DTLS_HELLO_VERIFY);
+#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
+
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_DTLS_SRTP);
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
+#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE);
+#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */
+
+#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_DTLS_BADMAC_LIMIT);
+#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_SESSION_TICKETS);
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_EXPORT_KEYS);
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_SERVER_NAME_INDICATION);
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_TRUNCATED_HMAC);
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT);
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT */
+
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH);
+#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */
+
+#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE);
+#endif /* MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE */
+
+#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN);
+#endif /* MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN */
+
+#if defined(MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND);
+#endif /* MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND */
+
+#if defined(MBEDTLS_TEST_HOOKS)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_TEST_HOOKS);
+#endif /* MBEDTLS_TEST_HOOKS */
+
+#if defined(MBEDTLS_THREADING_ALT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_THREADING_ALT);
+#endif /* MBEDTLS_THREADING_ALT */
+
+#if defined(MBEDTLS_THREADING_PTHREAD)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_THREADING_PTHREAD);
+#endif /* MBEDTLS_THREADING_PTHREAD */
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_USE_PSA_CRYPTO);
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_CONFIG);
+#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */
+
+#if defined(MBEDTLS_VERSION_FEATURES)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_VERSION_FEATURES);
+#endif /* MBEDTLS_VERSION_FEATURES */
+
+#if defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3);
+#endif /* MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 */
+
+#if defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION);
+#endif /* MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION */
+
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK);
+#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+
+#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_CHECK_KEY_USAGE);
+#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */
+
+#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE);
+#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
+
+#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_RSASSA_PSS_SUPPORT);
+#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ZLIB_SUPPORT);
+#endif /* MBEDTLS_ZLIB_SUPPORT */
+
+#if defined(MBEDTLS_AESNI_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_AESNI_C);
+#endif /* MBEDTLS_AESNI_C */
+
+#if defined(MBEDTLS_AES_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_AES_C);
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_ARC4_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ARC4_C);
+#endif /* MBEDTLS_ARC4_C */
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ASN1_PARSE_C);
+#endif /* MBEDTLS_ASN1_PARSE_C */
+
+#if defined(MBEDTLS_ASN1_WRITE_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ASN1_WRITE_C);
+#endif /* MBEDTLS_ASN1_WRITE_C */
+
+#if defined(MBEDTLS_BASE64_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_BASE64_C);
+#endif /* MBEDTLS_BASE64_C */
+
+#if defined(MBEDTLS_BIGNUM_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_BIGNUM_C);
+#endif /* MBEDTLS_BIGNUM_C */
+
+#if defined(MBEDTLS_BLOWFISH_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_BLOWFISH_C);
+#endif /* MBEDTLS_BLOWFISH_C */
+
+#if defined(MBEDTLS_CAMELLIA_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CAMELLIA_C);
+#endif /* MBEDTLS_CAMELLIA_C */
+
+#if defined(MBEDTLS_ARIA_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ARIA_C);
+#endif /* MBEDTLS_ARIA_C */
+
+#if defined(MBEDTLS_CCM_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CCM_C);
+#endif /* MBEDTLS_CCM_C */
+
+#if defined(MBEDTLS_CERTS_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CERTS_C);
+#endif /* MBEDTLS_CERTS_C */
+
+#if defined(MBEDTLS_CHACHA20_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CHACHA20_C);
+#endif /* MBEDTLS_CHACHA20_C */
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CHACHAPOLY_C);
+#endif /* MBEDTLS_CHACHAPOLY_C */
+
+#if defined(MBEDTLS_CIPHER_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_C);
+#endif /* MBEDTLS_CIPHER_C */
+
+#if defined(MBEDTLS_CMAC_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CMAC_C);
+#endif /* MBEDTLS_CMAC_C */
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CTR_DRBG_C);
+#endif /* MBEDTLS_CTR_DRBG_C */
+
+#if defined(MBEDTLS_DEBUG_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_DEBUG_C);
+#endif /* MBEDTLS_DEBUG_C */
+
+#if defined(MBEDTLS_DES_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_DES_C);
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_DHM_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_DHM_C);
+#endif /* MBEDTLS_DHM_C */
+
+#if defined(MBEDTLS_ECDH_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECDH_C);
+#endif /* MBEDTLS_ECDH_C */
+
+#if defined(MBEDTLS_ECDSA_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECDSA_C);
+#endif /* MBEDTLS_ECDSA_C */
+
+#if defined(MBEDTLS_ECJPAKE_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECJPAKE_C);
+#endif /* MBEDTLS_ECJPAKE_C */
+
+#if defined(MBEDTLS_ECP_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_C);
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_ENTROPY_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ENTROPY_C);
+#endif /* MBEDTLS_ENTROPY_C */
+
+#if defined(MBEDTLS_ERROR_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ERROR_C);
+#endif /* MBEDTLS_ERROR_C */
+
+#if defined(MBEDTLS_GCM_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_GCM_C);
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_HAVEGE_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HAVEGE_C);
+#endif /* MBEDTLS_HAVEGE_C */
+
+#if defined(MBEDTLS_HKDF_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HKDF_C);
+#endif /* MBEDTLS_HKDF_C */
+
+#if defined(MBEDTLS_HMAC_DRBG_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HMAC_DRBG_C);
+#endif /* MBEDTLS_HMAC_DRBG_C */
+
+#if defined(MBEDTLS_NIST_KW_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_NIST_KW_C);
+#endif /* MBEDTLS_NIST_KW_C */
+
+#if defined(MBEDTLS_MD_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MD_C);
+#endif /* MBEDTLS_MD_C */
+
+#if defined(MBEDTLS_MD2_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MD2_C);
+#endif /* MBEDTLS_MD2_C */
+
+#if defined(MBEDTLS_MD4_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MD4_C);
+#endif /* MBEDTLS_MD4_C */
+
+#if defined(MBEDTLS_MD5_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MD5_C);
+#endif /* MBEDTLS_MD5_C */
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MEMORY_BUFFER_ALLOC_C);
+#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */
+
+#if defined(MBEDTLS_NET_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_NET_C);
+#endif /* MBEDTLS_NET_C */
+
+#if defined(MBEDTLS_OID_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_OID_C);
+#endif /* MBEDTLS_OID_C */
+
+#if defined(MBEDTLS_PADLOCK_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PADLOCK_C);
+#endif /* MBEDTLS_PADLOCK_C */
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PEM_PARSE_C);
+#endif /* MBEDTLS_PEM_PARSE_C */
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PEM_WRITE_C);
+#endif /* MBEDTLS_PEM_WRITE_C */
+
+#if defined(MBEDTLS_PK_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PK_C);
+#endif /* MBEDTLS_PK_C */
+
+#if defined(MBEDTLS_PK_PARSE_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PK_PARSE_C);
+#endif /* MBEDTLS_PK_PARSE_C */
+
+#if defined(MBEDTLS_PK_WRITE_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PK_WRITE_C);
+#endif /* MBEDTLS_PK_WRITE_C */
+
+#if defined(MBEDTLS_PKCS5_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PKCS5_C);
+#endif /* MBEDTLS_PKCS5_C */
+
+#if defined(MBEDTLS_PKCS11_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PKCS11_C);
+#endif /* MBEDTLS_PKCS11_C */
+
+#if defined(MBEDTLS_PKCS12_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PKCS12_C);
+#endif /* MBEDTLS_PKCS12_C */
+
+#if defined(MBEDTLS_PLATFORM_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_C);
+#endif /* MBEDTLS_PLATFORM_C */
+
+#if defined(MBEDTLS_POLY1305_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_POLY1305_C);
+#endif /* MBEDTLS_POLY1305_C */
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_C);
+#endif /* MBEDTLS_PSA_CRYPTO_C */
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_SE_C);
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_STORAGE_C);
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+
+#if defined(MBEDTLS_PSA_ITS_FILE_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_ITS_FILE_C);
+#endif /* MBEDTLS_PSA_ITS_FILE_C */
+
+#if defined(MBEDTLS_RIPEMD160_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_RIPEMD160_C);
+#endif /* MBEDTLS_RIPEMD160_C */
+
+#if defined(MBEDTLS_RSA_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_RSA_C);
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_SHA1_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA1_C);
+#endif /* MBEDTLS_SHA1_C */
+
+#if defined(MBEDTLS_SHA256_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA256_C);
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA512_C);
+#endif /* MBEDTLS_SHA512_C */
+
+#if defined(MBEDTLS_SSL_CACHE_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_CACHE_C);
+#endif /* MBEDTLS_SSL_CACHE_C */
+
+#if defined(MBEDTLS_SSL_COOKIE_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_COOKIE_C);
+#endif /* MBEDTLS_SSL_COOKIE_C */
+
+#if defined(MBEDTLS_SSL_TICKET_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_TICKET_C);
+#endif /* MBEDTLS_SSL_TICKET_C */
+
+#if defined(MBEDTLS_SSL_CLI_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_CLI_C);
+#endif /* MBEDTLS_SSL_CLI_C */
+
+#if defined(MBEDTLS_SSL_SRV_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_SRV_C);
+#endif /* MBEDTLS_SSL_SRV_C */
+
+#if defined(MBEDTLS_SSL_TLS_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_TLS_C);
+#endif /* MBEDTLS_SSL_TLS_C */
+
+#if defined(MBEDTLS_THREADING_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_THREADING_C);
+#endif /* MBEDTLS_THREADING_C */
+
+#if defined(MBEDTLS_TIMING_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_TIMING_C);
+#endif /* MBEDTLS_TIMING_C */
+
+#if defined(MBEDTLS_VERSION_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_VERSION_C);
+#endif /* MBEDTLS_VERSION_C */
+
+#if defined(MBEDTLS_X509_USE_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_USE_C);
+#endif /* MBEDTLS_X509_USE_C */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_CRT_PARSE_C);
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_CRL_PARSE_C);
+#endif /* MBEDTLS_X509_CRL_PARSE_C */
+
+#if defined(MBEDTLS_X509_CSR_PARSE_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_CSR_PARSE_C);
+#endif /* MBEDTLS_X509_CSR_PARSE_C */
+
+#if defined(MBEDTLS_X509_CREATE_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_CREATE_C);
+#endif /* MBEDTLS_X509_CREATE_C */
+
+#if defined(MBEDTLS_X509_CRT_WRITE_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_CRT_WRITE_C);
+#endif /* MBEDTLS_X509_CRT_WRITE_C */
+
+#if defined(MBEDTLS_X509_CSR_WRITE_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_CSR_WRITE_C);
+#endif /* MBEDTLS_X509_CSR_WRITE_C */
+
+#if defined(MBEDTLS_XTEA_C)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_XTEA_C);
+#endif /* MBEDTLS_XTEA_C */
+
+#if defined(MBEDTLS_CONFIG_FILE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CONFIG_FILE);
+#endif /* MBEDTLS_CONFIG_FILE */
+
+#if defined(MBEDTLS_USER_CONFIG_FILE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_USER_CONFIG_FILE);
+#endif /* MBEDTLS_USER_CONFIG_FILE */
+
+#if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_CONFIG_FILE);
+#endif /* MBEDTLS_PSA_CRYPTO_CONFIG_FILE */
+
+#if defined(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE);
+#endif /* MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE */
+
+#if defined(MBEDTLS_MPI_WINDOW_SIZE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MPI_WINDOW_SIZE);
+#endif /* MBEDTLS_MPI_WINDOW_SIZE */
+
+#if defined(MBEDTLS_MPI_MAX_SIZE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MPI_MAX_SIZE);
+#endif /* MBEDTLS_MPI_MAX_SIZE */
+
+#if defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CTR_DRBG_ENTROPY_LEN);
+#endif /* MBEDTLS_CTR_DRBG_ENTROPY_LEN */
+
+#if defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CTR_DRBG_RESEED_INTERVAL);
+#endif /* MBEDTLS_CTR_DRBG_RESEED_INTERVAL */
+
+#if defined(MBEDTLS_CTR_DRBG_MAX_INPUT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CTR_DRBG_MAX_INPUT);
+#endif /* MBEDTLS_CTR_DRBG_MAX_INPUT */
+
+#if defined(MBEDTLS_CTR_DRBG_MAX_REQUEST)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CTR_DRBG_MAX_REQUEST);
+#endif /* MBEDTLS_CTR_DRBG_MAX_REQUEST */
+
+#if defined(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT);
+#endif /* MBEDTLS_CTR_DRBG_MAX_SEED_INPUT */
+
+#if defined(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL);
+#endif /* MBEDTLS_HMAC_DRBG_RESEED_INTERVAL */
+
+#if defined(MBEDTLS_HMAC_DRBG_MAX_INPUT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HMAC_DRBG_MAX_INPUT);
+#endif /* MBEDTLS_HMAC_DRBG_MAX_INPUT */
+
+#if defined(MBEDTLS_HMAC_DRBG_MAX_REQUEST)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HMAC_DRBG_MAX_REQUEST);
+#endif /* MBEDTLS_HMAC_DRBG_MAX_REQUEST */
+
+#if defined(MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT);
+#endif /* MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT */
+
+#if defined(MBEDTLS_ECP_MAX_BITS)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_MAX_BITS);
+#endif /* MBEDTLS_ECP_MAX_BITS */
+
+#if defined(MBEDTLS_ECP_WINDOW_SIZE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_WINDOW_SIZE);
+#endif /* MBEDTLS_ECP_WINDOW_SIZE */
+
+#if defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_FIXED_POINT_OPTIM);
+#endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */
+
+#if defined(MBEDTLS_ENTROPY_MAX_SOURCES)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ENTROPY_MAX_SOURCES);
+#endif /* MBEDTLS_ENTROPY_MAX_SOURCES */
+
+#if defined(MBEDTLS_ENTROPY_MAX_GATHER)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ENTROPY_MAX_GATHER);
+#endif /* MBEDTLS_ENTROPY_MAX_GATHER */
+
+#if defined(MBEDTLS_ENTROPY_MIN_HARDWARE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ENTROPY_MIN_HARDWARE);
+#endif /* MBEDTLS_ENTROPY_MIN_HARDWARE */
+
+#if defined(MBEDTLS_MEMORY_ALIGN_MULTIPLE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MEMORY_ALIGN_MULTIPLE);
+#endif /* MBEDTLS_MEMORY_ALIGN_MULTIPLE */
+
+#if defined(MBEDTLS_PLATFORM_STD_MEM_HDR)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_MEM_HDR);
+#endif /* MBEDTLS_PLATFORM_STD_MEM_HDR */
+
+#if defined(MBEDTLS_PLATFORM_STD_CALLOC)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_CALLOC);
+#endif /* MBEDTLS_PLATFORM_STD_CALLOC */
+
+#if defined(MBEDTLS_PLATFORM_STD_FREE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_FREE);
+#endif /* MBEDTLS_PLATFORM_STD_FREE */
+
+#if defined(MBEDTLS_PLATFORM_STD_EXIT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_EXIT);
+#endif /* MBEDTLS_PLATFORM_STD_EXIT */
+
+#if defined(MBEDTLS_PLATFORM_STD_TIME)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_TIME);
+#endif /* MBEDTLS_PLATFORM_STD_TIME */
+
+#if defined(MBEDTLS_PLATFORM_STD_FPRINTF)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_FPRINTF);
+#endif /* MBEDTLS_PLATFORM_STD_FPRINTF */
+
+#if defined(MBEDTLS_PLATFORM_STD_PRINTF)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_PRINTF);
+#endif /* MBEDTLS_PLATFORM_STD_PRINTF */
+
+#if defined(MBEDTLS_PLATFORM_STD_SNPRINTF)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_SNPRINTF);
+#endif /* MBEDTLS_PLATFORM_STD_SNPRINTF */
+
+#if defined(MBEDTLS_PLATFORM_STD_EXIT_SUCCESS)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_EXIT_SUCCESS);
+#endif /* MBEDTLS_PLATFORM_STD_EXIT_SUCCESS */
+
+#if defined(MBEDTLS_PLATFORM_STD_EXIT_FAILURE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_EXIT_FAILURE);
+#endif /* MBEDTLS_PLATFORM_STD_EXIT_FAILURE */
+
+#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_NV_SEED_READ);
+#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_READ */
+
+#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE);
+#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_WRITE */
+
+#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_FILE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_NV_SEED_FILE);
+#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_FILE */
+
+#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_CALLOC_MACRO);
+#endif /* MBEDTLS_PLATFORM_CALLOC_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_FREE_MACRO)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_FREE_MACRO);
+#endif /* MBEDTLS_PLATFORM_FREE_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_EXIT_MACRO)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_EXIT_MACRO);
+#endif /* MBEDTLS_PLATFORM_EXIT_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_TIME_MACRO)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_TIME_MACRO);
+#endif /* MBEDTLS_PLATFORM_TIME_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_TIME_TYPE_MACRO);
+#endif /* MBEDTLS_PLATFORM_TIME_TYPE_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_FPRINTF_MACRO);
+#endif /* MBEDTLS_PLATFORM_FPRINTF_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_PRINTF_MACRO);
+#endif /* MBEDTLS_PLATFORM_PRINTF_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_SNPRINTF_MACRO);
+#endif /* MBEDTLS_PLATFORM_SNPRINTF_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_VSNPRINTF_MACRO);
+#endif /* MBEDTLS_PLATFORM_VSNPRINTF_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO);
+#endif /* MBEDTLS_PLATFORM_NV_SEED_READ_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO);
+#endif /* MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO */
+
+#if defined(MBEDTLS_CHECK_RETURN)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CHECK_RETURN);
+#endif /* MBEDTLS_CHECK_RETURN */
+
+#if defined(MBEDTLS_IGNORE_RETURN)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_IGNORE_RETURN);
+#endif /* MBEDTLS_IGNORE_RETURN */
+
+#if defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE);
+#endif /* MBEDTLS_PSA_HMAC_DRBG_MD_TYPE */
+
+#if defined(MBEDTLS_PSA_KEY_SLOT_COUNT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_KEY_SLOT_COUNT);
+#endif /* MBEDTLS_PSA_KEY_SLOT_COUNT */
+
+#if defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT);
+#endif /* MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT */
+
+#if defined(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES);
+#endif /* MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES */
+
+#if defined(MBEDTLS_SSL_MAX_CONTENT_LEN)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_MAX_CONTENT_LEN);
+#endif /* MBEDTLS_SSL_MAX_CONTENT_LEN */
+
+#if defined(MBEDTLS_SSL_IN_CONTENT_LEN)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_IN_CONTENT_LEN);
+#endif /* MBEDTLS_SSL_IN_CONTENT_LEN */
+
+#if defined(MBEDTLS_SSL_CID_IN_LEN_MAX)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_CID_IN_LEN_MAX);
+#endif /* MBEDTLS_SSL_CID_IN_LEN_MAX */
+
+#if defined(MBEDTLS_SSL_CID_OUT_LEN_MAX)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_CID_OUT_LEN_MAX);
+#endif /* MBEDTLS_SSL_CID_OUT_LEN_MAX */
+
+#if defined(MBEDTLS_SSL_CID_PADDING_GRANULARITY)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_CID_PADDING_GRANULARITY);
+#endif /* MBEDTLS_SSL_CID_PADDING_GRANULARITY */
+
+#if defined(MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY);
+#endif /* MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY */
+
+#if defined(MBEDTLS_SSL_OUT_CONTENT_LEN)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_OUT_CONTENT_LEN);
+#endif /* MBEDTLS_SSL_OUT_CONTENT_LEN */
+
+#if defined(MBEDTLS_SSL_DTLS_MAX_BUFFERING)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_DTLS_MAX_BUFFERING);
+#endif /* MBEDTLS_SSL_DTLS_MAX_BUFFERING */
+
+#if defined(MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME);
+#endif /* MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME */
+
+#if defined(MBEDTLS_PSK_MAX_LEN)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSK_MAX_LEN);
+#endif /* MBEDTLS_PSK_MAX_LEN */
+
+#if defined(MBEDTLS_SSL_COOKIE_TIMEOUT)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_COOKIE_TIMEOUT);
+#endif /* MBEDTLS_SSL_COOKIE_TIMEOUT */
+
+#if defined(MBEDTLS_TLS_EXT_CID)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_TLS_EXT_CID);
+#endif /* MBEDTLS_TLS_EXT_CID */
+
+#if defined(MBEDTLS_X509_MAX_INTERMEDIATE_CA)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_MAX_INTERMEDIATE_CA);
+#endif /* MBEDTLS_X509_MAX_INTERMEDIATE_CA */
+
+#if defined(MBEDTLS_X509_MAX_FILE_PATH_LEN)
+    OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_MAX_FILE_PATH_LEN);
+#endif /* MBEDTLS_X509_MAX_FILE_PATH_LEN */
+
+
+}
+#if defined(_MSC_VER)
+#pragma warning(pop)
+#endif /* _MSC_VER */
diff --git a/3rdparty/mbedtls-2.28.7/programs/test/query_config.h b/3rdparty/mbedtls-2.28.7/programs/test/query_config.h
new file mode 100644
index 0000000..f7b192c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/test/query_config.h
@@ -0,0 +1,38 @@
+/*
+ *  Query Mbed TLS compile time configurations from config.h
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MBEDTLS_PROGRAMS_TEST_QUERY_CONFIG_H
+#define MBEDTLS_PROGRAMS_TEST_QUERY_CONFIG_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+/** Check whether a given configuration symbol is enabled.
+ *
+ * \param config    The symbol to query (e.g. "MBEDTLS_RSA_C").
+ * \return          \c 0 if the symbol was defined at compile time
+ *                  (in MBEDTLS_CONFIG_FILE or config.h),
+ *                  \c 1 otherwise.
+ *
+ * \note            This function is defined in `programs/test/query_config.c`
+ *                  which is automatically generated by
+ *                  `scripts/generate_query_config.pl`.
+ */
+int query_config(const char *config);
+
+/** List all enabled configuration symbols
+ *
+ * \note            This function is defined in `programs/test/query_config.c`
+ *                  which is automatically generated by
+ *                  `scripts/generate_query_config.pl`.
+ */
+void list_config(void);
+
+#endif /* MBEDTLS_PROGRAMS_TEST_QUERY_CONFIG_H */
diff --git a/3rdparty/mbedtls-2.28.7/programs/test/selftest.c b/3rdparty/mbedtls-2.28.7/programs/test/selftest.c
new file mode 100644
index 0000000..2b78a8c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/test/selftest.c
@@ -0,0 +1,512 @@
+/*
+ *  Self-test demonstration program
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
+#include "mbedtls/hmac_drbg.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/dhm.h"
+#include "mbedtls/gcm.h"
+#include "mbedtls/ccm.h"
+#include "mbedtls/cmac.h"
+#include "mbedtls/md2.h"
+#include "mbedtls/md4.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/ripemd160.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+#include "mbedtls/arc4.h"
+#include "mbedtls/des.h"
+#include "mbedtls/aes.h"
+#include "mbedtls/camellia.h"
+#include "mbedtls/aria.h"
+#include "mbedtls/chacha20.h"
+#include "mbedtls/poly1305.h"
+#include "mbedtls/chachapoly.h"
+#include "mbedtls/base64.h"
+#include "mbedtls/bignum.h"
+#include "mbedtls/rsa.h"
+#include "mbedtls/x509.h"
+#include "mbedtls/xtea.h"
+#include "mbedtls/pkcs5.h"
+#include "mbedtls/ecp.h"
+#include "mbedtls/ecjpake.h"
+#include "mbedtls/timing.h"
+#include "mbedtls/nist_kw.h"
+
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+#include "mbedtls/memory_buffer_alloc.h"
+#endif
+
+
+#if defined MBEDTLS_SELF_TEST
+/* Sanity check for malloc. This is not expected to fail, and is rather
+ * intended to display potentially useful information about the platform,
+ * in particular the behavior of malloc(0). */
+static int calloc_self_test(int verbose)
+{
+    int failures = 0;
+    void *empty1 = mbedtls_calloc(0, 1);
+    void *empty2 = mbedtls_calloc(0, 1);
+    void *buffer1 = mbedtls_calloc(1, 1);
+    void *buffer2 = mbedtls_calloc(1, 1);
+    unsigned int buffer_3_size = 256;
+    unsigned int buffer_4_size = 4097; /* Allocate more than the usual page size */
+    unsigned char *buffer3 = mbedtls_calloc(buffer_3_size, 1);
+    unsigned char *buffer4 = mbedtls_calloc(buffer_4_size, 1);
+
+    if (empty1 == NULL && empty2 == NULL) {
+        if (verbose) {
+            mbedtls_printf("  CALLOC(0,1): passed (NULL)\n");
+        }
+    } else if (empty1 == NULL || empty2 == NULL) {
+        if (verbose) {
+            mbedtls_printf("  CALLOC(0,1): failed (mix of NULL and non-NULL)\n");
+        }
+        ++failures;
+    } else if (empty1 == empty2) {
+        if (verbose) {
+            mbedtls_printf("  CALLOC(0,1): passed (same non-null)\n");
+        }
+    } else {
+        if (verbose) {
+            mbedtls_printf("  CALLOC(0,1): passed (distinct non-null)\n");
+        }
+    }
+
+    mbedtls_free(empty1);
+    mbedtls_free(empty2);
+
+    empty1 = mbedtls_calloc(1, 0);
+    empty2 = mbedtls_calloc(1, 0);
+    if (empty1 == NULL && empty2 == NULL) {
+        if (verbose) {
+            mbedtls_printf("  CALLOC(1,0): passed (NULL)\n");
+        }
+    } else if (empty1 == NULL || empty2 == NULL) {
+        if (verbose) {
+            mbedtls_printf("  CALLOC(1,0): failed (mix of NULL and non-NULL)\n");
+        }
+        ++failures;
+    } else if (empty1 == empty2) {
+        if (verbose) {
+            mbedtls_printf("  CALLOC(1,0): passed (same non-null)\n");
+        }
+    } else {
+        if (verbose) {
+            mbedtls_printf("  CALLOC(1,0): passed (distinct non-null)\n");
+        }
+    }
+
+    if (buffer1 == NULL || buffer2 == NULL) {
+        if (verbose) {
+            mbedtls_printf("  CALLOC(1): failed (NULL)\n");
+        }
+        ++failures;
+    } else if (buffer1 == buffer2) {
+        if (verbose) {
+            mbedtls_printf("  CALLOC(1): failed (same buffer twice)\n");
+        }
+        ++failures;
+    } else {
+        if (verbose) {
+            mbedtls_printf("  CALLOC(1): passed\n");
+        }
+    }
+
+    mbedtls_free(buffer1);
+    buffer1 = mbedtls_calloc(1, 1);
+    if (buffer1 == NULL) {
+        if (verbose) {
+            mbedtls_printf("  CALLOC(1 again): failed (NULL)\n");
+        }
+        ++failures;
+    } else {
+        if (verbose) {
+            mbedtls_printf("  CALLOC(1 again): passed\n");
+        }
+    }
+
+    for (unsigned int i = 0; i < buffer_3_size; i++) {
+        if (buffer3[i] != 0) {
+            ++failures;
+            if (verbose) {
+                mbedtls_printf("  CALLOC(%u): failed (memory not initialized to 0)\n",
+                               buffer_3_size);
+            }
+            break;
+        }
+    }
+
+    for (unsigned int i = 0; i < buffer_4_size; i++) {
+        if (buffer4[i] != 0) {
+            ++failures;
+            if (verbose) {
+                mbedtls_printf("  CALLOC(%u): failed (memory not initialized to 0)\n",
+                               buffer_4_size);
+            }
+            break;
+        }
+    }
+
+    if (verbose) {
+        mbedtls_printf("\n");
+    }
+    mbedtls_free(empty1);
+    mbedtls_free(empty2);
+    mbedtls_free(buffer1);
+    mbedtls_free(buffer2);
+    mbedtls_free(buffer3);
+    mbedtls_free(buffer4);
+    return failures;
+}
+#endif /* MBEDTLS_SELF_TEST */
+
+static int test_snprintf(size_t n, const char *ref_buf, int ref_ret)
+{
+    int ret;
+    char buf[10] = "xxxxxxxxx";
+    const char ref[10] = "xxxxxxxxx";
+
+    ret = mbedtls_snprintf(buf, n, "%s", "123");
+    if (ret < 0 || (size_t) ret >= n) {
+        ret = -1;
+    }
+
+    if (strncmp(ref_buf, buf, sizeof(buf)) != 0 ||
+        ref_ret != ret ||
+        memcmp(buf + n, ref + n, sizeof(buf) - n) != 0) {
+        return 1;
+    }
+
+    return 0;
+}
+
+static int run_test_snprintf(void)
+{
+    return test_snprintf(0, "xxxxxxxxx",  -1) != 0 ||
+           test_snprintf(1, "",           -1) != 0 ||
+           test_snprintf(2, "1",          -1) != 0 ||
+           test_snprintf(3, "12",         -1) != 0 ||
+           test_snprintf(4, "123",         3) != 0 ||
+           test_snprintf(5, "123",         3) != 0;
+}
+
+/*
+ * Check if a seed file is present, and if not create one for the entropy
+ * self-test. If this fails, we attempt the test anyway, so no error is passed
+ * back.
+ */
+#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_ENTROPY_C)
+#if defined(MBEDTLS_ENTROPY_NV_SEED) && !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
+static void create_entropy_seed_file(void)
+{
+    int result;
+    size_t output_len = 0;
+    unsigned char seed_value[MBEDTLS_ENTROPY_BLOCK_SIZE];
+
+    /* Attempt to read the entropy seed file. If this fails - attempt to write
+     * to the file to ensure one is present. */
+    result = mbedtls_platform_std_nv_seed_read(seed_value,
+                                               MBEDTLS_ENTROPY_BLOCK_SIZE);
+    if (0 == result) {
+        return;
+    }
+
+    result = mbedtls_platform_entropy_poll(NULL,
+                                           seed_value,
+                                           MBEDTLS_ENTROPY_BLOCK_SIZE,
+                                           &output_len);
+    if (0 != result) {
+        return;
+    }
+
+    if (MBEDTLS_ENTROPY_BLOCK_SIZE != output_len) {
+        return;
+    }
+
+    mbedtls_platform_std_nv_seed_write(seed_value, MBEDTLS_ENTROPY_BLOCK_SIZE);
+}
+#endif
+
+int mbedtls_entropy_self_test_wrapper(int verbose)
+{
+#if defined(MBEDTLS_ENTROPY_NV_SEED) && !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
+    create_entropy_seed_file();
+#endif
+    return mbedtls_entropy_self_test(verbose);
+}
+#endif
+
+#if defined(MBEDTLS_SELF_TEST)
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+int mbedtls_memory_buffer_alloc_free_and_self_test(int verbose)
+{
+    if (verbose != 0) {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_memory_buffer_alloc_status();
+#endif
+    }
+    mbedtls_memory_buffer_alloc_free();
+    return mbedtls_memory_buffer_alloc_self_test(verbose);
+}
+#endif
+
+typedef struct {
+    const char *name;
+    int (*function)(int);
+} selftest_t;
+
+const selftest_t selftests[] =
+{
+    { "calloc", calloc_self_test },
+#if defined(MBEDTLS_MD2_C)
+    { "md2", mbedtls_md2_self_test },
+#endif
+#if defined(MBEDTLS_MD4_C)
+    { "md4", mbedtls_md4_self_test },
+#endif
+#if defined(MBEDTLS_MD5_C)
+    { "md5", mbedtls_md5_self_test },
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+    { "ripemd160", mbedtls_ripemd160_self_test },
+#endif
+#if defined(MBEDTLS_SHA1_C)
+    { "sha1", mbedtls_sha1_self_test },
+#endif
+#if defined(MBEDTLS_SHA256_C)
+    { "sha256", mbedtls_sha256_self_test },
+#endif
+#if defined(MBEDTLS_SHA512_C)
+    { "sha512", mbedtls_sha512_self_test },
+#endif
+#if defined(MBEDTLS_ARC4_C)
+    { "arc4", mbedtls_arc4_self_test },
+#endif
+#if defined(MBEDTLS_DES_C)
+    { "des", mbedtls_des_self_test },
+#endif
+#if defined(MBEDTLS_AES_C)
+    { "aes", mbedtls_aes_self_test },
+#endif
+#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)
+    { "gcm", mbedtls_gcm_self_test },
+#endif
+#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)
+    { "ccm", mbedtls_ccm_self_test },
+#endif
+#if defined(MBEDTLS_NIST_KW_C) && defined(MBEDTLS_AES_C)
+    { "nist_kw", mbedtls_nist_kw_self_test },
+#endif
+#if defined(MBEDTLS_CMAC_C)
+    { "cmac", mbedtls_cmac_self_test },
+#endif
+#if defined(MBEDTLS_CHACHA20_C)
+    { "chacha20", mbedtls_chacha20_self_test },
+#endif
+#if defined(MBEDTLS_POLY1305_C)
+    { "poly1305", mbedtls_poly1305_self_test },
+#endif
+#if defined(MBEDTLS_CHACHAPOLY_C)
+    { "chacha20-poly1305", mbedtls_chachapoly_self_test },
+#endif
+#if defined(MBEDTLS_BASE64_C)
+    { "base64", mbedtls_base64_self_test },
+#endif
+#if defined(MBEDTLS_BIGNUM_C)
+    { "mpi", mbedtls_mpi_self_test },
+#endif
+#if defined(MBEDTLS_RSA_C)
+    { "rsa", mbedtls_rsa_self_test },
+#endif
+#if defined(MBEDTLS_X509_USE_C)
+    { "x509", mbedtls_x509_self_test },
+#endif
+#if defined(MBEDTLS_XTEA_C)
+    { "xtea", mbedtls_xtea_self_test },
+#endif
+#if defined(MBEDTLS_CAMELLIA_C)
+    { "camellia", mbedtls_camellia_self_test },
+#endif
+#if defined(MBEDTLS_ARIA_C)
+    { "aria", mbedtls_aria_self_test },
+#endif
+#if defined(MBEDTLS_CTR_DRBG_C)
+    { "ctr_drbg", mbedtls_ctr_drbg_self_test },
+#endif
+#if defined(MBEDTLS_HMAC_DRBG_C)
+    { "hmac_drbg", mbedtls_hmac_drbg_self_test },
+#endif
+#if defined(MBEDTLS_ECP_C)
+    { "ecp", mbedtls_ecp_self_test },
+#endif
+#if defined(MBEDTLS_ECJPAKE_C)
+    { "ecjpake", mbedtls_ecjpake_self_test },
+#endif
+#if defined(MBEDTLS_DHM_C)
+    { "dhm", mbedtls_dhm_self_test },
+#endif
+#if defined(MBEDTLS_ENTROPY_C)
+    { "entropy", mbedtls_entropy_self_test_wrapper },
+#endif
+#if defined(MBEDTLS_PKCS5_C)
+    { "pkcs5", mbedtls_pkcs5_self_test },
+#endif
+/* Slower test after the faster ones */
+#if defined(MBEDTLS_TIMING_C)
+    { "timing", mbedtls_timing_self_test },
+#endif
+/* Heap test comes last */
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+    { "memory_buffer_alloc", mbedtls_memory_buffer_alloc_free_and_self_test },
+#endif
+    { NULL, NULL }
+};
+#endif /* MBEDTLS_SELF_TEST */
+
+int main(int argc, char *argv[])
+{
+#if defined(MBEDTLS_SELF_TEST)
+    const selftest_t *test;
+#endif /* MBEDTLS_SELF_TEST */
+    char **argp;
+    int v = 1; /* v=1 for verbose mode */
+    int exclude_mode = 0;
+    int suites_tested = 0, suites_failed = 0;
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && defined(MBEDTLS_SELF_TEST)
+    unsigned char buf[1000000];
+#endif
+    void *pointer;
+#if defined(_WIN32)
+    int ci = 0; /* ci = 1 => running in CI, so don't wait for a key press */
+#endif
+
+    /*
+     * The C standard doesn't guarantee that all-bits-0 is the representation
+     * of a NULL pointer. We do however use that in our code for initializing
+     * structures, which should work on every modern platform. Let's be sure.
+     */
+    memset(&pointer, 0, sizeof(void *));
+    if (pointer != NULL) {
+        mbedtls_printf("all-bits-zero is not a NULL pointer\n");
+        mbedtls_exit(MBEDTLS_EXIT_FAILURE);
+    }
+
+    /*
+     * Make sure we have a snprintf that correctly zero-terminates
+     */
+    if (run_test_snprintf() != 0) {
+        mbedtls_printf("the snprintf implementation is broken\n");
+        mbedtls_exit(MBEDTLS_EXIT_FAILURE);
+    }
+
+    for (argp = argv + (argc >= 1 ? 1 : argc); *argp != NULL; ++argp) {
+        if (strcmp(*argp, "--quiet") == 0 ||
+            strcmp(*argp, "-q") == 0) {
+            v = 0;
+        } else if (strcmp(*argp, "--exclude") == 0 ||
+                   strcmp(*argp, "-x") == 0) {
+            exclude_mode = 1;
+#if defined(_WIN32)
+        } else if (strcmp(*argp, "--ci") == 0) {
+            ci = 1;
+#endif
+        } else {
+            break;
+        }
+    }
+
+    if (v != 0) {
+        mbedtls_printf("\n");
+    }
+
+#if defined(MBEDTLS_SELF_TEST)
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+    mbedtls_memory_buffer_alloc_init(buf, sizeof(buf));
+#endif
+
+    if (*argp != NULL && exclude_mode == 0) {
+        /* Run the specified tests */
+        for (; *argp != NULL; argp++) {
+            for (test = selftests; test->name != NULL; test++) {
+                if (!strcmp(*argp, test->name)) {
+                    if (test->function(v)  != 0) {
+                        suites_failed++;
+                    }
+                    suites_tested++;
+                    break;
+                }
+            }
+            if (test->name == NULL) {
+                mbedtls_printf("  Test suite %s not available -> failed\n\n", *argp);
+                suites_failed++;
+            }
+        }
+    } else {
+        /* Run all the tests except excluded ones */
+        for (test = selftests; test->name != NULL; test++) {
+            if (exclude_mode) {
+                char **excluded;
+                for (excluded = argp; *excluded != NULL; ++excluded) {
+                    if (!strcmp(*excluded, test->name)) {
+                        break;
+                    }
+                }
+                if (*excluded) {
+                    if (v) {
+                        mbedtls_printf("  Skip: %s\n", test->name);
+                    }
+                    continue;
+                }
+            }
+            if (test->function(v)  != 0) {
+                suites_failed++;
+            }
+            suites_tested++;
+        }
+    }
+
+#else
+    (void) exclude_mode;
+    mbedtls_printf(" MBEDTLS_SELF_TEST not defined.\n");
+#endif
+
+    if (v != 0) {
+        mbedtls_printf("  Executed %d test suites\n\n", suites_tested);
+
+        if (suites_failed > 0) {
+            mbedtls_printf("  [ %d tests FAIL ]\n\n", suites_failed);
+        } else {
+            mbedtls_printf("  [ All tests PASS ]\n\n");
+        }
+#if defined(_WIN32)
+        if (!ci) {
+            mbedtls_printf("  Press Enter to exit this program.\n");
+            fflush(stdout); getchar();
+        }
+#endif
+    }
+
+    if (suites_failed > 0) {
+        mbedtls_exit(MBEDTLS_EXIT_FAILURE);
+    }
+
+    mbedtls_exit(MBEDTLS_EXIT_SUCCESS);
+}
diff --git a/3rdparty/mbedtls-2.28.7/programs/test/udp_proxy.c b/3rdparty/mbedtls-2.28.7/programs/test/udp_proxy.c
new file mode 100644
index 0000000..e5b8217
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/test/udp_proxy.c
@@ -0,0 +1,973 @@
+/*
+ *  UDP proxy: emulate an unreliable UDP connection for DTLS testing
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ * Warning: this is an internal utility program we use for tests.
+ * It does break some abstractions from the NET layer, and is thus NOT an
+ * example of good general usage.
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#include <stdlib.h>
+#if defined(MBEDTLS_HAVE_TIME)
+#include <time.h>
+#define mbedtls_time            time
+#define mbedtls_time_t          time_t
+#endif
+#define mbedtls_printf          printf
+#define mbedtls_calloc          calloc
+#define mbedtls_free            free
+#define mbedtls_exit            exit
+#define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
+#endif /* MBEDTLS_PLATFORM_C */
+
+#if !defined(MBEDTLS_NET_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_NET_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/error.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/timing.h"
+
+#include <string.h>
+
+/* For select() */
+#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
+    !defined(EFI32)
+#include <winsock2.h>
+#include <windows.h>
+#if defined(_MSC_VER)
+#if defined(_WIN32_WCE)
+#pragma comment( lib, "ws2.lib" )
+#else
+#pragma comment( lib, "ws2_32.lib" )
+#endif
+#endif /* _MSC_VER */
+#else /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
+#if defined(MBEDTLS_HAVE_TIME)
+#include <sys/time.h>
+#endif
+#include <sys/types.h>
+#include <unistd.h>
+#endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
+
+#define MAX_MSG_SIZE            16384 + 2048 /* max record/datagram size */
+
+#define DFL_SERVER_ADDR         "localhost"
+#define DFL_SERVER_PORT         "4433"
+#define DFL_LISTEN_ADDR         "localhost"
+#define DFL_LISTEN_PORT         "5556"
+#define DFL_PACK                0
+
+#if defined(MBEDTLS_TIMING_C)
+#define USAGE_PACK                                                          \
+    "    pack=%%d             default: 0     (don't pack)\n"                \
+    "                         options: t > 0 (pack for t milliseconds)\n"
+#else
+#define USAGE_PACK
+#endif
+
+#define USAGE                                                               \
+    "\n usage: udp_proxy param=<>...\n"                                     \
+    "\n acceptable parameters:\n"                                           \
+    "    server_addr=%%s      default: localhost\n"                         \
+    "    server_port=%%d      default: 4433\n"                              \
+    "    listen_addr=%%s      default: localhost\n"                         \
+    "    listen_port=%%d      default: 4433\n"                              \
+    "\n"                                                                    \
+    "    duplicate=%%d        default: 0 (no duplication)\n"                \
+    "                        duplicate about 1:N packets randomly\n"        \
+    "    delay=%%d            default: 0 (no delayed packets)\n"            \
+    "                        delay about 1:N packets randomly\n"            \
+    "    delay_ccs=0/1       default: 0 (don't delay ChangeCipherSpec)\n"   \
+    "    delay_cli=%%s        Handshake message from client that should be\n" \
+    "                        delayed. Possible values are 'ClientHello',\n" \
+    "                        'Certificate', 'CertificateVerify', and\n"     \
+    "                        'ClientKeyExchange'.\n"                        \
+    "                        May be used multiple times, even for the same\n" \
+    "                        message, in which case the respective message\n" \
+    "                        gets delayed multiple times.\n"                 \
+    "    delay_srv=%%s        Handshake message from server that should be\n" \
+    "                        delayed. Possible values are 'HelloRequest',\n" \
+    "                        'ServerHello', 'ServerHelloDone', 'Certificate'\n" \
+    "                        'ServerKeyExchange', 'NewSessionTicket',\n" \
+    "                        'HelloVerifyRequest' and ''CertificateRequest'.\n" \
+    "                        May be used multiple times, even for the same\n" \
+    "                        message, in which case the respective message\n" \
+    "                        gets delayed multiple times.\n"                 \
+    "    drop=%%d             default: 0 (no dropped packets)\n"            \
+    "                        drop about 1:N packets randomly\n"             \
+    "    mtu=%%d              default: 0 (unlimited)\n"                     \
+    "                        drop packets larger than N bytes\n"            \
+    "    bad_ad=0/1          default: 0 (don't add bad ApplicationData)\n"  \
+    "    bad_cid=%%d          default: 0 (don't corrupt Connection IDs)\n"   \
+    "                        duplicate 1:N packets containing a CID,\n" \
+    "                        modifying CID in first instance of the packet.\n" \
+    "    protect_hvr=0/1     default: 0 (don't protect HelloVerifyRequest)\n" \
+    "    protect_len=%%d      default: (don't protect packets of this size)\n" \
+    "    inject_clihlo=0/1   default: 0 (don't inject fake ClientHello)\n"  \
+    "\n"                                                                    \
+    "    seed=%%d             default: (use current time)\n"                \
+    USAGE_PACK                                                              \
+    "\n"
+
+/*
+ * global options
+ */
+
+#define MAX_DELAYED_HS 10
+
+static struct options {
+    const char *server_addr;    /* address to forward packets to            */
+    const char *server_port;    /* port to forward packets to               */
+    const char *listen_addr;    /* address for accepting client connections */
+    const char *listen_port;    /* port for accepting client connections    */
+
+    int duplicate;              /* duplicate 1 in N packets (none if 0)     */
+    int delay;                  /* delay 1 packet in N (none if 0)          */
+    int delay_ccs;              /* delay ChangeCipherSpec                   */
+    char *delay_cli[MAX_DELAYED_HS];  /* handshake types of messages from
+                                       * client that should be delayed.     */
+    uint8_t delay_cli_cnt;      /* Number of entries in delay_cli.          */
+    char *delay_srv[MAX_DELAYED_HS];  /* handshake types of messages from
+                                       * server that should be delayed.     */
+    uint8_t delay_srv_cnt;      /* Number of entries in delay_srv.          */
+    int drop;                   /* drop 1 packet in N (none if 0)           */
+    int mtu;                    /* drop packets larger than this            */
+    int bad_ad;                 /* inject corrupted ApplicationData record  */
+    unsigned bad_cid;           /* inject corrupted CID record              */
+    int protect_hvr;            /* never drop or delay HelloVerifyRequest   */
+    int protect_len;            /* never drop/delay packet of the given size*/
+    int inject_clihlo;          /* inject fake ClientHello after handshake  */
+    unsigned pack;              /* merge packets into single datagram for
+                                 * at most \c merge milliseconds if > 0     */
+    unsigned int seed;          /* seed for "random" events                 */
+} opt;
+
+static void exit_usage(const char *name, const char *value)
+{
+    if (value == NULL) {
+        mbedtls_printf(" unknown option or missing value: %s\n", name);
+    } else {
+        mbedtls_printf(" option %s: illegal value: %s\n", name, value);
+    }
+
+    mbedtls_printf(USAGE);
+    mbedtls_exit(1);
+}
+
+static void get_options(int argc, char *argv[])
+{
+    int i;
+    char *p, *q;
+
+    opt.server_addr    = DFL_SERVER_ADDR;
+    opt.server_port    = DFL_SERVER_PORT;
+    opt.listen_addr    = DFL_LISTEN_ADDR;
+    opt.listen_port    = DFL_LISTEN_PORT;
+    opt.pack           = DFL_PACK;
+    /* Other members default to 0 */
+
+    opt.delay_cli_cnt = 0;
+    opt.delay_srv_cnt = 0;
+    memset(opt.delay_cli, 0, sizeof(opt.delay_cli));
+    memset(opt.delay_srv, 0, sizeof(opt.delay_srv));
+
+    for (i = 1; i < argc; i++) {
+        p = argv[i];
+        if ((q = strchr(p, '=')) == NULL) {
+            exit_usage(p, NULL);
+        }
+        *q++ = '\0';
+
+        if (strcmp(p, "server_addr") == 0) {
+            opt.server_addr = q;
+        } else if (strcmp(p, "server_port") == 0) {
+            opt.server_port = q;
+        } else if (strcmp(p, "listen_addr") == 0) {
+            opt.listen_addr = q;
+        } else if (strcmp(p, "listen_port") == 0) {
+            opt.listen_port = q;
+        } else if (strcmp(p, "duplicate") == 0) {
+            opt.duplicate = atoi(q);
+            if (opt.duplicate < 0 || opt.duplicate > 20) {
+                exit_usage(p, q);
+            }
+        } else if (strcmp(p, "delay") == 0) {
+            opt.delay = atoi(q);
+            if (opt.delay < 0 || opt.delay > 20 || opt.delay == 1) {
+                exit_usage(p, q);
+            }
+        } else if (strcmp(p, "delay_ccs") == 0) {
+            opt.delay_ccs = atoi(q);
+            if (opt.delay_ccs < 0 || opt.delay_ccs > 1) {
+                exit_usage(p, q);
+            }
+        } else if (strcmp(p, "delay_cli") == 0 ||
+                   strcmp(p, "delay_srv") == 0) {
+            uint8_t *delay_cnt;
+            char **delay_list;
+            size_t len;
+            char *buf;
+
+            if (strcmp(p, "delay_cli") == 0) {
+                delay_cnt  = &opt.delay_cli_cnt;
+                delay_list = opt.delay_cli;
+            } else {
+                delay_cnt  = &opt.delay_srv_cnt;
+                delay_list = opt.delay_srv;
+            }
+
+            if (*delay_cnt == MAX_DELAYED_HS) {
+                mbedtls_printf(" too many uses of %s: only %d allowed\n",
+                               p, MAX_DELAYED_HS);
+                exit_usage(p, NULL);
+            }
+
+            len = strlen(q);
+            buf = mbedtls_calloc(1, len + 1);
+            if (buf == NULL) {
+                mbedtls_printf(" Allocation failure\n");
+                exit(1);
+            }
+            memcpy(buf, q, len + 1);
+
+            delay_list[(*delay_cnt)++] = buf;
+        } else if (strcmp(p, "drop") == 0) {
+            opt.drop = atoi(q);
+            if (opt.drop < 0 || opt.drop > 20 || opt.drop == 1) {
+                exit_usage(p, q);
+            }
+        } else if (strcmp(p, "pack") == 0) {
+#if defined(MBEDTLS_TIMING_C)
+            opt.pack = (unsigned) atoi(q);
+#else
+            mbedtls_printf(" option pack only defined if MBEDTLS_TIMING_C is enabled\n");
+            exit(1);
+#endif
+        } else if (strcmp(p, "mtu") == 0) {
+            opt.mtu = atoi(q);
+            if (opt.mtu < 0 || opt.mtu > MAX_MSG_SIZE) {
+                exit_usage(p, q);
+            }
+        } else if (strcmp(p, "bad_ad") == 0) {
+            opt.bad_ad = atoi(q);
+            if (opt.bad_ad < 0 || opt.bad_ad > 1) {
+                exit_usage(p, q);
+            }
+        }
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+        else if (strcmp(p, "bad_cid") == 0) {
+            opt.bad_cid = (unsigned) atoi(q);
+        }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+        else if (strcmp(p, "protect_hvr") == 0) {
+            opt.protect_hvr = atoi(q);
+            if (opt.protect_hvr < 0 || opt.protect_hvr > 1) {
+                exit_usage(p, q);
+            }
+        } else if (strcmp(p, "protect_len") == 0) {
+            opt.protect_len = atoi(q);
+            if (opt.protect_len < 0) {
+                exit_usage(p, q);
+            }
+        } else if (strcmp(p, "inject_clihlo") == 0) {
+            opt.inject_clihlo = atoi(q);
+            if (opt.inject_clihlo < 0 || opt.inject_clihlo > 1) {
+                exit_usage(p, q);
+            }
+        } else if (strcmp(p, "seed") == 0) {
+            opt.seed = atoi(q);
+            if (opt.seed == 0) {
+                exit_usage(p, q);
+            }
+        } else {
+            exit_usage(p, NULL);
+        }
+    }
+}
+
+static const char *msg_type(unsigned char *msg, size_t len)
+{
+    if (len < 1) {
+        return "Invalid";
+    }
+    switch (msg[0]) {
+        case MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC:    return "ChangeCipherSpec";
+        case MBEDTLS_SSL_MSG_ALERT:                 return "Alert";
+        case MBEDTLS_SSL_MSG_APPLICATION_DATA:      return "ApplicationData";
+        case MBEDTLS_SSL_MSG_CID:                   return "CID";
+        case MBEDTLS_SSL_MSG_HANDSHAKE:             break; /* See below */
+        default:                            return "Unknown";
+    }
+
+    if (len < 13 + 12) {
+        return "Invalid handshake";
+    }
+
+    /*
+     * Our handshake message are less than 2^16 bytes long, so they should
+     * have 0 as the first byte of length, frag_offset and frag_length.
+     * Otherwise, assume they are encrypted.
+     */
+    if (msg[14] || msg[19] || msg[22]) {
+        return "Encrypted handshake";
+    }
+
+    switch (msg[13]) {
+        case MBEDTLS_SSL_HS_HELLO_REQUEST:          return "HelloRequest";
+        case MBEDTLS_SSL_HS_CLIENT_HELLO:           return "ClientHello";
+        case MBEDTLS_SSL_HS_SERVER_HELLO:           return "ServerHello";
+        case MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST:   return "HelloVerifyRequest";
+        case MBEDTLS_SSL_HS_NEW_SESSION_TICKET:     return "NewSessionTicket";
+        case MBEDTLS_SSL_HS_CERTIFICATE:            return "Certificate";
+        case MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE:    return "ServerKeyExchange";
+        case MBEDTLS_SSL_HS_CERTIFICATE_REQUEST:    return "CertificateRequest";
+        case MBEDTLS_SSL_HS_SERVER_HELLO_DONE:      return "ServerHelloDone";
+        case MBEDTLS_SSL_HS_CERTIFICATE_VERIFY:     return "CertificateVerify";
+        case MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE:    return "ClientKeyExchange";
+        case MBEDTLS_SSL_HS_FINISHED:               return "Finished";
+        default:                            return "Unknown handshake";
+    }
+}
+
+#if defined(MBEDTLS_TIMING_C)
+/* Return elapsed time in milliseconds since the first call */
+static unsigned elapsed_time(void)
+{
+    static int initialized = 0;
+    static struct mbedtls_timing_hr_time hires;
+
+    if (initialized == 0) {
+        (void) mbedtls_timing_get_timer(&hires, 1);
+        initialized = 1;
+        return 0;
+    }
+
+    return mbedtls_timing_get_timer(&hires, 0);
+}
+
+typedef struct {
+    mbedtls_net_context *ctx;
+
+    const char *description;
+
+    unsigned packet_lifetime;
+    unsigned num_datagrams;
+
+    unsigned char data[MAX_MSG_SIZE];
+    size_t len;
+
+} ctx_buffer;
+
+static ctx_buffer outbuf[2];
+
+static int ctx_buffer_flush(ctx_buffer *buf)
+{
+    int ret;
+
+    mbedtls_printf("  %05u flush    %s: %u bytes, %u datagrams, last %u ms\n",
+                   elapsed_time(), buf->description,
+                   (unsigned) buf->len, buf->num_datagrams,
+                   elapsed_time() - buf->packet_lifetime);
+
+    ret = mbedtls_net_send(buf->ctx, buf->data, buf->len);
+
+    buf->len           = 0;
+    buf->num_datagrams = 0;
+
+    return ret;
+}
+
+static unsigned ctx_buffer_time_remaining(ctx_buffer *buf)
+{
+    unsigned const cur_time = elapsed_time();
+
+    if (buf->num_datagrams == 0) {
+        return (unsigned) -1;
+    }
+
+    if (cur_time - buf->packet_lifetime >= opt.pack) {
+        return 0;
+    }
+
+    return opt.pack - (cur_time - buf->packet_lifetime);
+}
+
+static int ctx_buffer_append(ctx_buffer *buf,
+                             const unsigned char *data,
+                             size_t len)
+{
+    int ret;
+
+    if (len > (size_t) INT_MAX) {
+        return -1;
+    }
+
+    if (len > sizeof(buf->data)) {
+        mbedtls_printf("  ! buffer size %u too large (max %u)\n",
+                       (unsigned) len, (unsigned) sizeof(buf->data));
+        return -1;
+    }
+
+    if (sizeof(buf->data) - buf->len < len) {
+        if ((ret = ctx_buffer_flush(buf)) <= 0) {
+            mbedtls_printf("ctx_buffer_flush failed with -%#04x", (unsigned int) -ret);
+            return ret;
+        }
+    }
+
+    memcpy(buf->data + buf->len, data, len);
+
+    buf->len += len;
+    if (++buf->num_datagrams == 1) {
+        buf->packet_lifetime = elapsed_time();
+    }
+
+    return (int) len;
+}
+#endif /* MBEDTLS_TIMING_C */
+
+static int dispatch_data(mbedtls_net_context *ctx,
+                         const unsigned char *data,
+                         size_t len)
+{
+    int ret;
+#if defined(MBEDTLS_TIMING_C)
+    ctx_buffer *buf = NULL;
+    if (opt.pack > 0) {
+        if (outbuf[0].ctx == ctx) {
+            buf = &outbuf[0];
+        } else if (outbuf[1].ctx == ctx) {
+            buf = &outbuf[1];
+        }
+
+        if (buf == NULL) {
+            return -1;
+        }
+
+        return ctx_buffer_append(buf, data, len);
+    }
+#endif /* MBEDTLS_TIMING_C */
+
+    ret = mbedtls_net_send(ctx, data, len);
+    if (ret < 0) {
+        mbedtls_printf("net_send returned -%#04x\n", (unsigned int) -ret);
+    }
+    return ret;
+}
+
+typedef struct {
+    mbedtls_net_context *dst;
+    const char *way;
+    const char *type;
+    unsigned len;
+    unsigned char buf[MAX_MSG_SIZE];
+} packet;
+
+/* Print packet. Outgoing packets come with a reason (forward, dupl, etc.) */
+void print_packet(const packet *p, const char *why)
+{
+#if defined(MBEDTLS_TIMING_C)
+    if (why == NULL) {
+        mbedtls_printf("  %05u dispatch %s %s (%u bytes)\n",
+                       elapsed_time(), p->way, p->type, p->len);
+    } else {
+        mbedtls_printf("  %05u dispatch %s %s (%u bytes): %s\n",
+                       elapsed_time(), p->way, p->type, p->len, why);
+    }
+#else
+    if (why == NULL) {
+        mbedtls_printf("        dispatch %s %s (%u bytes)\n",
+                       p->way, p->type, p->len);
+    } else {
+        mbedtls_printf("        dispatch %s %s (%u bytes): %s\n",
+                       p->way, p->type, p->len, why);
+    }
+#endif
+
+    fflush(stdout);
+}
+
+/*
+ * In order to test the server's behaviour when receiving a ClientHello after
+ * the connection is established (this could be a hard reset from the client,
+ * but the server must not drop the existing connection before establishing
+ * client reachability, see RFC 6347 Section 4.2.8), we memorize the first
+ * ClientHello we see (which can't have a cookie), then replay it after the
+ * first ApplicationData record - then we're done.
+ *
+ * This is controlled by the inject_clihlo option.
+ *
+ * We want an explicit state and a place to store the packet.
+ */
+typedef enum {
+    ICH_INIT,       /* haven't seen the first ClientHello yet */
+    ICH_CACHED,     /* cached the initial ClientHello */
+    ICH_INJECTED,   /* ClientHello already injected, done */
+} inject_clihlo_state_t;
+
+static inject_clihlo_state_t inject_clihlo_state;
+static packet initial_clihlo;
+
+int send_packet(const packet *p, const char *why)
+{
+    int ret;
+    mbedtls_net_context *dst = p->dst;
+
+    /* save initial ClientHello? */
+    if (opt.inject_clihlo != 0 &&
+        inject_clihlo_state == ICH_INIT &&
+        strcmp(p->type, "ClientHello") == 0) {
+        memcpy(&initial_clihlo, p, sizeof(packet));
+        inject_clihlo_state = ICH_CACHED;
+    }
+
+    /* insert corrupted CID record? */
+    if (opt.bad_cid != 0 &&
+        strcmp(p->type, "CID") == 0 &&
+        (rand() % opt.bad_cid) == 0) {
+        unsigned char buf[MAX_MSG_SIZE];
+        memcpy(buf, p->buf, p->len);
+
+        /* The CID resides at offset 11 in the DTLS record header. */
+        buf[11] ^= 1;
+        print_packet(p, "modified CID");
+
+        if ((ret = dispatch_data(dst, buf, p->len)) <= 0) {
+            mbedtls_printf("  ! dispatch returned %d\n", ret);
+            return ret;
+        }
+    }
+
+    /* insert corrupted ApplicationData record? */
+    if (opt.bad_ad &&
+        strcmp(p->type, "ApplicationData") == 0) {
+        unsigned char buf[MAX_MSG_SIZE];
+        memcpy(buf, p->buf, p->len);
+
+        if (p->len <= 13) {
+            mbedtls_printf("  ! can't corrupt empty AD record");
+        } else {
+            ++buf[13];
+            print_packet(p, "corrupted");
+        }
+
+        if ((ret = dispatch_data(dst, buf, p->len)) <= 0) {
+            mbedtls_printf("  ! dispatch returned %d\n", ret);
+            return ret;
+        }
+    }
+
+    print_packet(p, why);
+    if ((ret = dispatch_data(dst, p->buf, p->len)) <= 0) {
+        mbedtls_printf("  ! dispatch returned %d\n", ret);
+        return ret;
+    }
+
+    /* Don't duplicate Application Data, only handshake covered */
+    if (opt.duplicate != 0 &&
+        strcmp(p->type, "ApplicationData") != 0 &&
+        rand() % opt.duplicate == 0) {
+        print_packet(p, "duplicated");
+
+        if ((ret = dispatch_data(dst, p->buf, p->len)) <= 0) {
+            mbedtls_printf("  ! dispatch returned %d\n", ret);
+            return ret;
+        }
+    }
+
+    /* Inject ClientHello after first ApplicationData */
+    if (opt.inject_clihlo != 0 &&
+        inject_clihlo_state == ICH_CACHED &&
+        strcmp(p->type, "ApplicationData") == 0) {
+        print_packet(&initial_clihlo, "injected");
+
+        if ((ret = dispatch_data(dst, initial_clihlo.buf,
+                                 initial_clihlo.len)) <= 0) {
+            mbedtls_printf("  ! dispatch returned %d\n", ret);
+            return ret;
+        }
+
+        inject_clihlo_state = ICH_INJECTED;
+    }
+
+    return 0;
+}
+
+#define MAX_DELAYED_MSG 5
+static size_t prev_len;
+static packet prev[MAX_DELAYED_MSG];
+
+void clear_pending(void)
+{
+    memset(&prev, 0, sizeof(prev));
+    prev_len = 0;
+}
+
+void delay_packet(packet *delay)
+{
+    if (prev_len == MAX_DELAYED_MSG) {
+        return;
+    }
+
+    memcpy(&prev[prev_len++], delay, sizeof(packet));
+}
+
+int send_delayed(void)
+{
+    uint8_t offset;
+    int ret;
+    for (offset = 0; offset < prev_len; offset++) {
+        ret = send_packet(&prev[offset], "delayed");
+        if (ret != 0) {
+            return ret;
+        }
+    }
+
+    clear_pending();
+    return 0;
+}
+
+/*
+ * Avoid dropping or delaying a packet that was already dropped or delayed
+ * ("held") twice: this only results in uninteresting timeouts. We can't rely
+ * on type to identify packets, since during renegotiation they're all
+ * encrypted. So, rely on size mod 2048 (which is usually just size).
+ *
+ * We only hold packets at the level of entire datagrams, not at the level
+ * of records. In particular, if the peer changes the way it packs multiple
+ * records into a single datagram, we don't necessarily count the number of
+ * times a record has been held correctly. However, the only known reason
+ * why a peer would change datagram packing is disabling the latter on
+ * retransmission, in which case we'd hold involved records at most
+ * HOLD_MAX + 1 times.
+ */
+static unsigned char held[2048] = { 0 };
+#define HOLD_MAX 2
+
+int handle_message(const char *way,
+                   mbedtls_net_context *dst,
+                   mbedtls_net_context *src)
+{
+    int ret;
+    packet cur;
+    size_t id;
+
+    uint8_t delay_idx;
+    char **delay_list;
+    uint8_t delay_list_len;
+
+    /* receive packet */
+    if ((ret = mbedtls_net_recv(src, cur.buf, sizeof(cur.buf))) <= 0) {
+        mbedtls_printf("  ! mbedtls_net_recv returned %d\n", ret);
+        return ret;
+    }
+
+    cur.len  = ret;
+    cur.type = msg_type(cur.buf, cur.len);
+    cur.way  = way;
+    cur.dst  = dst;
+    print_packet(&cur, NULL);
+
+    id = cur.len % sizeof(held);
+
+    if (strcmp(way, "S <- C") == 0) {
+        delay_list     = opt.delay_cli;
+        delay_list_len = opt.delay_cli_cnt;
+    } else {
+        delay_list     = opt.delay_srv;
+        delay_list_len = opt.delay_srv_cnt;
+    }
+
+    /* Check if message type is in the list of messages
+     * that should be delayed */
+    for (delay_idx = 0; delay_idx < delay_list_len; delay_idx++) {
+        if (delay_list[delay_idx] == NULL) {
+            continue;
+        }
+
+        if (strcmp(delay_list[delay_idx], cur.type) == 0) {
+            /* Delay message */
+            delay_packet(&cur);
+
+            /* Remove entry from list */
+            mbedtls_free(delay_list[delay_idx]);
+            delay_list[delay_idx] = NULL;
+
+            return 0;
+        }
+    }
+
+    /* do we want to drop, delay, or forward it? */
+    if ((opt.mtu != 0 &&
+         cur.len > (unsigned) opt.mtu) ||
+        (opt.drop != 0 &&
+         strcmp(cur.type, "CID") != 0             &&
+         strcmp(cur.type, "ApplicationData") != 0 &&
+         !(opt.protect_hvr &&
+           strcmp(cur.type, "HelloVerifyRequest") == 0) &&
+         cur.len != (size_t) opt.protect_len &&
+         held[id] < HOLD_MAX &&
+         rand() % opt.drop == 0)) {
+        ++held[id];
+    } else if ((opt.delay_ccs == 1 &&
+                strcmp(cur.type, "ChangeCipherSpec") == 0) ||
+               (opt.delay != 0 &&
+                strcmp(cur.type, "CID") != 0             &&
+                strcmp(cur.type, "ApplicationData") != 0 &&
+                !(opt.protect_hvr &&
+                  strcmp(cur.type, "HelloVerifyRequest") == 0) &&
+                cur.len != (size_t) opt.protect_len &&
+                held[id] < HOLD_MAX &&
+                rand() % opt.delay == 0)) {
+        ++held[id];
+        delay_packet(&cur);
+    } else {
+        /* forward and possibly duplicate */
+        if ((ret = send_packet(&cur, "forwarded")) != 0) {
+            return ret;
+        }
+
+        /* send previously delayed messages if any */
+        ret = send_delayed();
+        if (ret != 0) {
+            return ret;
+        }
+    }
+
+    return 0;
+}
+
+int main(int argc, char *argv[])
+{
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    uint8_t delay_idx;
+
+    mbedtls_net_context listen_fd, client_fd, server_fd;
+
+#if defined(MBEDTLS_TIMING_C)
+    struct timeval tm;
+#endif
+
+    struct timeval *tm_ptr = NULL;
+
+    int nb_fds;
+    fd_set read_fds;
+
+    mbedtls_net_init(&listen_fd);
+    mbedtls_net_init(&client_fd);
+    mbedtls_net_init(&server_fd);
+
+    get_options(argc, argv);
+
+    /*
+     * Decisions to drop/delay/duplicate packets are pseudo-random: dropping
+     * exactly 1 in N packets would lead to problems when a flight has exactly
+     * N packets: the same packet would be dropped on every resend.
+     *
+     * In order to be able to reproduce problems reliably, the seed may be
+     * specified explicitly.
+     */
+    if (opt.seed == 0) {
+#if defined(MBEDTLS_HAVE_TIME)
+        opt.seed = (unsigned int) mbedtls_time(NULL);
+#else
+        opt.seed = 1;
+#endif /* MBEDTLS_HAVE_TIME */
+        mbedtls_printf("  . Pseudo-random seed: %u\n", opt.seed);
+    }
+
+    srand(opt.seed);
+
+    /*
+     * 0. "Connect" to the server
+     */
+    mbedtls_printf("  . Connect to server on UDP/%s/%s ...",
+                   opt.server_addr, opt.server_port);
+    fflush(stdout);
+
+    if ((ret = mbedtls_net_connect(&server_fd, opt.server_addr, opt.server_port,
+                                   MBEDTLS_NET_PROTO_UDP)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_connect returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 1. Setup the "listening" UDP socket
+     */
+    mbedtls_printf("  . Bind on UDP/%s/%s ...",
+                   opt.listen_addr, opt.listen_port);
+    fflush(stdout);
+
+    if ((ret = mbedtls_net_bind(&listen_fd, opt.listen_addr, opt.listen_port,
+                                MBEDTLS_NET_PROTO_UDP)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_bind returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 2. Wait until a client connects
+     */
+accept:
+    mbedtls_net_free(&client_fd);
+
+    mbedtls_printf("  . Waiting for a remote connection ...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_net_accept(&listen_fd, &client_fd,
+                                  NULL, 0, NULL)) != 0) {
+        mbedtls_printf(" failed\n  ! mbedtls_net_accept returned %d\n\n", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 3. Forward packets forever (kill the process to terminate it)
+     */
+    clear_pending();
+    memset(held, 0, sizeof(held));
+
+    nb_fds = client_fd.fd;
+    if (nb_fds < server_fd.fd) {
+        nb_fds = server_fd.fd;
+    }
+    if (nb_fds < listen_fd.fd) {
+        nb_fds = listen_fd.fd;
+    }
+    ++nb_fds;
+
+#if defined(MBEDTLS_TIMING_C)
+    if (opt.pack > 0) {
+        outbuf[0].ctx = &server_fd;
+        outbuf[0].description = "S <- C";
+        outbuf[0].num_datagrams = 0;
+        outbuf[0].len = 0;
+
+        outbuf[1].ctx = &client_fd;
+        outbuf[1].description = "S -> C";
+        outbuf[1].num_datagrams = 0;
+        outbuf[1].len = 0;
+    }
+#endif /* MBEDTLS_TIMING_C */
+
+    while (1) {
+#if defined(MBEDTLS_TIMING_C)
+        if (opt.pack > 0) {
+            unsigned max_wait_server, max_wait_client, max_wait;
+            max_wait_server = ctx_buffer_time_remaining(&outbuf[0]);
+            max_wait_client = ctx_buffer_time_remaining(&outbuf[1]);
+
+            max_wait = (unsigned) -1;
+
+            if (max_wait_server == 0) {
+                ctx_buffer_flush(&outbuf[0]);
+            } else {
+                max_wait = max_wait_server;
+            }
+
+            if (max_wait_client == 0) {
+                ctx_buffer_flush(&outbuf[1]);
+            } else {
+                if (max_wait_client < max_wait) {
+                    max_wait = max_wait_client;
+                }
+            }
+
+            if (max_wait != (unsigned) -1) {
+                tm.tv_sec  = max_wait / 1000;
+                tm.tv_usec = (max_wait % 1000) * 1000;
+
+                tm_ptr = &tm;
+            } else {
+                tm_ptr = NULL;
+            }
+        }
+#endif /* MBEDTLS_TIMING_C */
+
+        FD_ZERO(&read_fds);
+        FD_SET(server_fd.fd, &read_fds);
+        FD_SET(client_fd.fd, &read_fds);
+        FD_SET(listen_fd.fd, &read_fds);
+
+        if ((ret = select(nb_fds, &read_fds, NULL, NULL, tm_ptr)) < 0) {
+            perror("select");
+            goto exit;
+        }
+
+        if (FD_ISSET(listen_fd.fd, &read_fds)) {
+            goto accept;
+        }
+
+        if (FD_ISSET(client_fd.fd, &read_fds)) {
+            if ((ret = handle_message("S <- C",
+                                      &server_fd, &client_fd)) != 0) {
+                goto accept;
+            }
+        }
+
+        if (FD_ISSET(server_fd.fd, &read_fds)) {
+            if ((ret = handle_message("S -> C",
+                                      &client_fd, &server_fd)) != 0) {
+                goto accept;
+            }
+        }
+
+    }
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+
+#ifdef MBEDTLS_ERROR_C
+    if (exit_code != MBEDTLS_EXIT_SUCCESS) {
+        char error_buf[100];
+        mbedtls_strerror(ret, error_buf, 100);
+        mbedtls_printf("Last error was: -0x%04X - %s\n\n", (unsigned int) -ret, error_buf);
+        fflush(stdout);
+    }
+#endif
+
+    for (delay_idx = 0; delay_idx < MAX_DELAYED_HS; delay_idx++) {
+        mbedtls_free(opt.delay_cli[delay_idx]);
+        mbedtls_free(opt.delay_srv[delay_idx]);
+    }
+
+    mbedtls_net_free(&client_fd);
+    mbedtls_net_free(&server_fd);
+    mbedtls_net_free(&listen_fd);
+
+#if defined(_WIN32)
+    mbedtls_printf("  Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+
+#endif /* MBEDTLS_NET_C */
diff --git a/3rdparty/mbedtls-2.25.0/programs/test/udp_proxy_wrapper.sh b/3rdparty/mbedtls-2.28.7/programs/test/udp_proxy_wrapper.sh
similarity index 83%
rename from 3rdparty/mbedtls-2.25.0/programs/test/udp_proxy_wrapper.sh
rename to 3rdparty/mbedtls-2.28.7/programs/test/udp_proxy_wrapper.sh
index 27de013..aa6a6d1 100644
--- a/3rdparty/mbedtls-2.25.0/programs/test/udp_proxy_wrapper.sh
+++ b/3rdparty/mbedtls-2.28.7/programs/test/udp_proxy_wrapper.sh
@@ -3,19 +3,7 @@
 # Usage: udp_proxy_wrapper.sh [PROXY_PARAM...] -- [SERVER_PARAM...]
 #
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 
 set -u
 
diff --git a/3rdparty/mbedtls-2.28.7/programs/test/zeroize.c b/3rdparty/mbedtls-2.28.7/programs/test/zeroize.c
new file mode 100644
index 0000000..cefc656
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/test/zeroize.c
@@ -0,0 +1,76 @@
+/*
+ * Zeroize application for debugger-driven testing
+ *
+ * This is a simple test application used for debugger-driven testing to check
+ * whether calls to mbedtls_platform_zeroize() are being eliminated by compiler
+ * optimizations. This application is used by the GDB script at
+ * tests/scripts/test_zeroize.gdb: the script sets a breakpoint at the last
+ * return statement in the main() function of this program. The debugger
+ * facilities are then used to manually inspect the memory and verify that the
+ * call to mbedtls_platform_zeroize() was not eliminated.
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stdio.h>
+
+#include "mbedtls/platform.h"
+
+#include "mbedtls/platform_util.h"
+
+#define BUFFER_LEN 1024
+
+void usage(void)
+{
+    mbedtls_printf("Zeroize is a simple program to assist with testing\n");
+    mbedtls_printf("the mbedtls_platform_zeroize() function by using the\n");
+    mbedtls_printf("debugger. This program takes a file as input and\n");
+    mbedtls_printf("prints the first %d characters. Usage:\n\n", BUFFER_LEN);
+    mbedtls_printf("       zeroize <FILE>\n");
+}
+
+int main(int argc, char **argv)
+{
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    FILE *fp;
+    char buf[BUFFER_LEN];
+    char *p = buf;
+    char *end = p + BUFFER_LEN;
+    int c;
+
+    if (argc != 2) {
+        mbedtls_printf("This program takes exactly 1 argument\n");
+        usage();
+        mbedtls_exit(exit_code);
+    }
+
+    fp = fopen(argv[1], "r");
+    if (fp == NULL) {
+        mbedtls_printf("Could not open file '%s'\n", argv[1]);
+        mbedtls_exit(exit_code);
+    }
+
+    while ((c = fgetc(fp)) != EOF && p < end - 1) {
+        *p++ = (char) c;
+    }
+    *p = '\0';
+
+    if (p - buf != 0) {
+        mbedtls_printf("%s\n", buf);
+        exit_code = MBEDTLS_EXIT_SUCCESS;
+    } else {
+        mbedtls_printf("The file is empty!\n");
+    }
+
+    fclose(fp);
+    mbedtls_platform_zeroize(buf, sizeof(buf));
+
+    mbedtls_exit(exit_code);   // GDB_BREAK_HERE -- don't remove this comment!
+}
diff --git a/3rdparty/mbedtls-2.25.0/programs/util/CMakeLists.txt b/3rdparty/mbedtls-2.28.7/programs/util/CMakeLists.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/programs/util/CMakeLists.txt
rename to 3rdparty/mbedtls-2.28.7/programs/util/CMakeLists.txt
diff --git a/3rdparty/mbedtls-2.28.7/programs/util/pem2der.c b/3rdparty/mbedtls-2.28.7/programs/util/pem2der.c
new file mode 100644
index 0000000..8b70883
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/util/pem2der.c
@@ -0,0 +1,274 @@
+/*
+ *  Convert PEM to DER
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_BASE64_C) && defined(MBEDTLS_FS_IO)
+#include "mbedtls/error.h"
+#include "mbedtls/base64.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#endif
+
+#define DFL_FILENAME            "file.pem"
+#define DFL_OUTPUT_FILENAME     "file.der"
+
+#define USAGE \
+    "\n usage: pem2der param=<>...\n"                   \
+    "\n acceptable parameters:\n"                       \
+    "    filename=%%s         default: file.pem\n"      \
+    "    output_file=%%s      default: file.der\n"      \
+    "\n"
+
+#if !defined(MBEDTLS_BASE64_C) || !defined(MBEDTLS_FS_IO)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_BASE64_C and/or MBEDTLS_FS_IO not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+
+/*
+ * global options
+ */
+struct options {
+    const char *filename;       /* filename of the input file             */
+    const char *output_file;    /* where to store the output              */
+} opt;
+
+int convert_pem_to_der(const unsigned char *input, size_t ilen,
+                       unsigned char *output, size_t *olen)
+{
+    int ret;
+    const unsigned char *s1, *s2, *end = input + ilen;
+    size_t len = 0;
+
+    s1 = (unsigned char *) strstr((const char *) input, "-----BEGIN");
+    if (s1 == NULL) {
+        return -1;
+    }
+
+    s2 = (unsigned char *) strstr((const char *) input, "-----END");
+    if (s2 == NULL) {
+        return -1;
+    }
+
+    s1 += 10;
+    while (s1 < end && *s1 != '-') {
+        s1++;
+    }
+    while (s1 < end && *s1 == '-') {
+        s1++;
+    }
+    if (*s1 == '\r') {
+        s1++;
+    }
+    if (*s1 == '\n') {
+        s1++;
+    }
+
+    if (s2 <= s1 || s2 > end) {
+        return -1;
+    }
+
+    ret = mbedtls_base64_decode(NULL, 0, &len, (const unsigned char *) s1, s2 - s1);
+    if (ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER) {
+        return ret;
+    }
+
+    if (len > *olen) {
+        return -1;
+    }
+
+    if ((ret = mbedtls_base64_decode(output, len, &len, (const unsigned char *) s1,
+                                     s2 - s1)) != 0) {
+        return ret;
+    }
+
+    *olen = len;
+
+    return 0;
+}
+
+/*
+ * Load all data from a file into a given buffer.
+ */
+static int load_file(const char *path, unsigned char **buf, size_t *n)
+{
+    FILE *f;
+    long size;
+
+    if ((f = fopen(path, "rb")) == NULL) {
+        return -1;
+    }
+
+    fseek(f, 0, SEEK_END);
+    if ((size = ftell(f)) == -1) {
+        fclose(f);
+        return -1;
+    }
+    fseek(f, 0, SEEK_SET);
+
+    *n = (size_t) size;
+
+    if (*n + 1 == 0 ||
+        (*buf = mbedtls_calloc(1, *n + 1)) == NULL) {
+        fclose(f);
+        return -1;
+    }
+
+    if (fread(*buf, 1, *n, f) != *n) {
+        fclose(f);
+        free(*buf);
+        *buf = NULL;
+        return -1;
+    }
+
+    fclose(f);
+
+    (*buf)[*n] = '\0';
+
+    return 0;
+}
+
+/*
+ * Write buffer to a file
+ */
+static int write_file(const char *path, unsigned char *buf, size_t n)
+{
+    FILE *f;
+
+    if ((f = fopen(path, "wb")) == NULL) {
+        return -1;
+    }
+
+    if (fwrite(buf, 1, n, f) != n) {
+        fclose(f);
+        return -1;
+    }
+
+    fclose(f);
+    return 0;
+}
+
+int main(int argc, char *argv[])
+{
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    unsigned char *pem_buffer = NULL;
+    unsigned char der_buffer[4096];
+    char buf[1024];
+    size_t pem_size, der_size = sizeof(der_buffer);
+    int i;
+    char *p, *q;
+
+    /*
+     * Set to sane values
+     */
+    memset(buf, 0, sizeof(buf));
+    memset(der_buffer, 0, sizeof(der_buffer));
+
+    if (argc < 2) {
+usage:
+        mbedtls_printf(USAGE);
+        goto exit;
+    }
+
+    opt.filename            = DFL_FILENAME;
+    opt.output_file         = DFL_OUTPUT_FILENAME;
+
+    for (i = 1; i < argc; i++) {
+
+        p = argv[i];
+        if ((q = strchr(p, '=')) == NULL) {
+            goto usage;
+        }
+        *q++ = '\0';
+
+        if (strcmp(p, "filename") == 0) {
+            opt.filename = q;
+        } else if (strcmp(p, "output_file") == 0) {
+            opt.output_file = q;
+        } else {
+            goto usage;
+        }
+    }
+
+    /*
+     * 1.1. Load the PEM file
+     */
+    mbedtls_printf("\n  . Loading the PEM file ...");
+    fflush(stdout);
+
+    ret = load_file(opt.filename, &pem_buffer, &pem_size);
+
+    if (ret != 0) {
+#ifdef MBEDTLS_ERROR_C
+        mbedtls_strerror(ret, buf, 1024);
+#endif
+        mbedtls_printf(" failed\n  !  load_file returned %d - %s\n\n", ret, buf);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 1.2. Convert from PEM to DER
+     */
+    mbedtls_printf("  . Converting from PEM to DER ...");
+    fflush(stdout);
+
+    if ((ret = convert_pem_to_der(pem_buffer, pem_size, der_buffer, &der_size)) != 0) {
+#ifdef MBEDTLS_ERROR_C
+        mbedtls_strerror(ret, buf, 1024);
+#endif
+        mbedtls_printf(" failed\n  !  convert_pem_to_der %d - %s\n\n", ret, buf);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 1.3. Write the DER file
+     */
+    mbedtls_printf("  . Writing the DER file ...");
+    fflush(stdout);
+
+    ret = write_file(opt.output_file, der_buffer, der_size);
+
+    if (ret != 0) {
+#ifdef MBEDTLS_ERROR_C
+        mbedtls_strerror(ret, buf, 1024);
+#endif
+        mbedtls_printf(" failed\n  !  write_file returned %d - %s\n\n", ret, buf);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+    free(pem_buffer);
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BASE64_C && MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.28.7/programs/util/strerror.c b/3rdparty/mbedtls-2.28.7/programs/util/strerror.c
new file mode 100644
index 0000000..84967de
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/util/strerror.c
@@ -0,0 +1,70 @@
+/*
+ *  Translate error code to error string
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_ERROR_C) || defined(MBEDTLS_ERROR_STRERROR_DUMMY)
+#include "mbedtls/error.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#endif
+
+#define USAGE \
+    "\n usage: strerror <errorcode>\n" \
+    "\n where <errorcode> can be a decimal or hexadecimal (starts with 0x or -0x)\n"
+
+#if !defined(MBEDTLS_ERROR_C) && !defined(MBEDTLS_ERROR_STRERROR_DUMMY)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_ERROR_C and/or MBEDTLS_ERROR_STRERROR_DUMMY not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+int main(int argc, char *argv[])
+{
+    long int val;
+    char *end = argv[1];
+
+    if (argc != 2) {
+        mbedtls_printf(USAGE);
+        mbedtls_exit(0);
+    }
+
+    val = strtol(argv[1], &end, 10);
+    if (*end != '\0') {
+        val = strtol(argv[1], &end, 16);
+        if (*end != '\0') {
+            mbedtls_printf(USAGE);
+            return 0;
+        }
+    }
+    if (val > 0) {
+        val = -val;
+    }
+
+    if (val != 0) {
+        char error_buf[200];
+        mbedtls_strerror(val, error_buf, 200);
+        mbedtls_printf("Last error was: -0x%04x - %s\n\n", (unsigned int) -val, error_buf);
+    }
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(val);
+}
+#endif /* MBEDTLS_ERROR_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/wince_main.c b/3rdparty/mbedtls-2.28.7/programs/wince_main.c
new file mode 100644
index 0000000..e817b9f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/wince_main.c
@@ -0,0 +1,31 @@
+/*
+ *  Windows CE console application entry point
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if defined(_WIN32_WCE)
+
+#include <windows.h>
+
+extern int main(int, const char **);
+
+int _tmain(int argc, _TCHAR *targv[])
+{
+    char **argv;
+    int i;
+
+    argv = (char **) calloc(argc, sizeof(char *));
+
+    for (i = 0; i < argc; i++) {
+        size_t len;
+        len = _tcslen(targv[i]) + 1;
+        argv[i] = (char *) calloc(len, sizeof(char));
+        wcstombs(argv[i], targv[i], len);
+    }
+
+    return main(argc, argv);
+}
+
+#endif  /* defined(_WIN32_WCE) */
diff --git a/3rdparty/mbedtls-2.28.7/programs/x509/CMakeLists.txt b/3rdparty/mbedtls-2.28.7/programs/x509/CMakeLists.txt
new file mode 100644
index 0000000..5b1c319
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/x509/CMakeLists.txt
@@ -0,0 +1,31 @@
+set(libs
+    ${mbedx509_target}
+)
+
+if(USE_PKCS11_HELPER_LIBRARY)
+    set(libs ${libs} pkcs11-helper)
+endif(USE_PKCS11_HELPER_LIBRARY)
+
+if(ENABLE_ZLIB_SUPPORT)
+    set(libs ${libs} ${ZLIB_LIBRARIES})
+endif(ENABLE_ZLIB_SUPPORT)
+
+set(executables
+    cert_app
+    cert_req
+    cert_write
+    crl_app
+    load_roots
+    req_app
+)
+
+foreach(exe IN LISTS executables)
+    add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
+    target_link_libraries(${exe} ${libs})
+endforeach()
+
+target_link_libraries(cert_app ${mbedtls_target})
+
+install(TARGETS ${executables}
+        DESTINATION "bin"
+        PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/3rdparty/mbedtls-2.28.7/programs/x509/cert_app.c b/3rdparty/mbedtls-2.28.7/programs/x509/cert_app.c
new file mode 100644
index 0000000..9f11acd
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/x509/cert_app.c
@@ -0,0 +1,465 @@
+/*
+ *  Certificate reading application
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) ||  \
+    !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
+    !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) ||         \
+    !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) ||  \
+    !defined(MBEDTLS_CTR_DRBG_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
+                   "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
+                   "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
+                   "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or "
+                   "MBEDTLS_CTR_DRBG_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/x509.h"
+#include "mbedtls/debug.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define MODE_NONE               0
+#define MODE_FILE               1
+#define MODE_SSL                2
+
+#define DFL_MODE                MODE_NONE
+#define DFL_FILENAME            "cert.crt"
+#define DFL_CA_FILE             ""
+#define DFL_CRL_FILE            ""
+#define DFL_CA_PATH             ""
+#define DFL_SERVER_NAME         "localhost"
+#define DFL_SERVER_PORT         "4433"
+#define DFL_DEBUG_LEVEL         0
+#define DFL_PERMISSIVE          0
+
+#define USAGE_IO \
+    "    ca_file=%%s          The single file containing the top-level CA(s) you fully trust\n" \
+    "                        default: \"\" (none)\n" \
+    "    crl_file=%%s         The single CRL file you want to use\n" \
+    "                        default: \"\" (none)\n" \
+    "    ca_path=%%s          The path containing the top-level CA(s) you fully trust\n" \
+    "                        default: \"\" (none) (overrides ca_file)\n"
+
+#define USAGE \
+    "\n usage: cert_app param=<>...\n"                  \
+    "\n acceptable parameters:\n"                       \
+    "    mode=file|ssl       default: none\n"           \
+    "    filename=%%s         default: cert.crt\n"      \
+    USAGE_IO                                            \
+    "    server_name=%%s      default: localhost\n"     \
+    "    server_port=%%d      default: 4433\n"          \
+    "    debug_level=%%d      default: 0 (disabled)\n"  \
+    "    permissive=%%d       default: 0 (disabled)\n"  \
+    "\n"
+
+
+/*
+ * global options
+ */
+struct options {
+    int mode;                   /* the mode to run the application in   */
+    const char *filename;       /* filename of the certificate file     */
+    const char *ca_file;        /* the file with the CA certificate(s)  */
+    const char *crl_file;       /* the file with the CRL to use         */
+    const char *ca_path;        /* the path with the CA certificate(s) reside */
+    const char *server_name;    /* hostname of the server (client only) */
+    const char *server_port;    /* port on which the ssl service runs   */
+    int debug_level;            /* level of debugging                   */
+    int permissive;             /* permissive parsing                   */
+} opt;
+
+static void my_debug(void *ctx, int level,
+                     const char *file, int line,
+                     const char *str)
+{
+    ((void) level);
+
+    mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str);
+    fflush((FILE *) ctx);
+}
+
+static int my_verify(void *data, mbedtls_x509_crt *crt, int depth, uint32_t *flags)
+{
+    char buf[1024];
+    ((void) data);
+
+    mbedtls_printf("\nVerify requested for (Depth %d):\n", depth);
+    mbedtls_x509_crt_info(buf, sizeof(buf) - 1, "", crt);
+    mbedtls_printf("%s", buf);
+
+    if ((*flags) == 0) {
+        mbedtls_printf("  This certificate has no flags\n");
+    } else {
+        mbedtls_x509_crt_verify_info(buf, sizeof(buf), "  ! ", *flags);
+        mbedtls_printf("%s\n", buf);
+    }
+
+    return 0;
+}
+
+int main(int argc, char *argv[])
+{
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    mbedtls_net_context server_fd;
+    unsigned char buf[1024];
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    mbedtls_x509_crt cacert;
+    mbedtls_x509_crl cacrl;
+    int i, j;
+    uint32_t flags;
+    int verify = 0;
+    char *p, *q;
+    const char *pers = "cert_app";
+
+    /*
+     * Set to sane values
+     */
+    mbedtls_net_init(&server_fd);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_config_init(&conf);
+    mbedtls_x509_crt_init(&cacert);
+    mbedtls_entropy_init(&entropy);
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
+    mbedtls_x509_crl_init(&cacrl);
+#else
+    /* Zeroize structure as CRL parsing is not supported and we have to pass
+       it to the verify function */
+    memset(&cacrl, 0, sizeof(mbedtls_x509_crl));
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if (argc < 2) {
+usage:
+        mbedtls_printf(USAGE);
+        goto exit;
+    }
+
+    opt.mode                = DFL_MODE;
+    opt.filename            = DFL_FILENAME;
+    opt.ca_file             = DFL_CA_FILE;
+    opt.crl_file            = DFL_CRL_FILE;
+    opt.ca_path             = DFL_CA_PATH;
+    opt.server_name         = DFL_SERVER_NAME;
+    opt.server_port         = DFL_SERVER_PORT;
+    opt.debug_level         = DFL_DEBUG_LEVEL;
+    opt.permissive          = DFL_PERMISSIVE;
+
+    for (i = 1; i < argc; i++) {
+        p = argv[i];
+        if ((q = strchr(p, '=')) == NULL) {
+            goto usage;
+        }
+        *q++ = '\0';
+
+        for (j = 0; p + j < q; j++) {
+            if (argv[i][j] >= 'A' && argv[i][j] <= 'Z') {
+                argv[i][j] |= 0x20;
+            }
+        }
+
+        if (strcmp(p, "mode") == 0) {
+            if (strcmp(q, "file") == 0) {
+                opt.mode = MODE_FILE;
+            } else if (strcmp(q, "ssl") == 0) {
+                opt.mode = MODE_SSL;
+            } else {
+                goto usage;
+            }
+        } else if (strcmp(p, "filename") == 0) {
+            opt.filename = q;
+        } else if (strcmp(p, "ca_file") == 0) {
+            opt.ca_file = q;
+        } else if (strcmp(p, "crl_file") == 0) {
+            opt.crl_file = q;
+        } else if (strcmp(p, "ca_path") == 0) {
+            opt.ca_path = q;
+        } else if (strcmp(p, "server_name") == 0) {
+            opt.server_name = q;
+        } else if (strcmp(p, "server_port") == 0) {
+            opt.server_port = q;
+        } else if (strcmp(p, "debug_level") == 0) {
+            opt.debug_level = atoi(q);
+            if (opt.debug_level < 0 || opt.debug_level > 65535) {
+                goto usage;
+            }
+        } else if (strcmp(p, "permissive") == 0) {
+            opt.permissive = atoi(q);
+            if (opt.permissive < 0 || opt.permissive > 1) {
+                goto usage;
+            }
+        } else {
+            goto usage;
+        }
+    }
+
+    /*
+     * 1.1. Load the trusted CA
+     */
+    mbedtls_printf("  . Loading the CA root certificate ...");
+    fflush(stdout);
+
+    if (strlen(opt.ca_path)) {
+        if ((ret = mbedtls_x509_crt_parse_path(&cacert, opt.ca_path)) < 0) {
+            mbedtls_printf(" failed\n  !  mbedtls_x509_crt_parse_path returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+
+        verify = 1;
+    } else if (strlen(opt.ca_file)) {
+        if ((ret = mbedtls_x509_crt_parse_file(&cacert, opt.ca_file)) < 0) {
+            mbedtls_printf(" failed\n  !  mbedtls_x509_crt_parse_file returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+
+        verify = 1;
+    }
+
+    mbedtls_printf(" ok (%d skipped)\n", ret);
+
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
+    if (strlen(opt.crl_file)) {
+        if ((ret = mbedtls_x509_crl_parse_file(&cacrl, opt.crl_file)) != 0) {
+            mbedtls_printf(" failed\n  !  mbedtls_x509_crl_parse returned -0x%x\n\n",
+                           (unsigned int) -ret);
+            goto exit;
+        }
+
+        verify = 1;
+    }
+#endif
+
+    if (opt.mode == MODE_FILE) {
+        mbedtls_x509_crt crt;
+        mbedtls_x509_crt *cur = &crt;
+        mbedtls_x509_crt_init(&crt);
+
+        /*
+         * 1.1. Load the certificate(s)
+         */
+        mbedtls_printf("\n  . Loading the certificate(s) ...");
+        fflush(stdout);
+
+        ret = mbedtls_x509_crt_parse_file(&crt, opt.filename);
+
+        if (ret < 0) {
+            mbedtls_printf(" failed\n  !  mbedtls_x509_crt_parse_file returned %d\n\n", ret);
+            mbedtls_x509_crt_free(&crt);
+            goto exit;
+        }
+
+        if (opt.permissive == 0 && ret > 0) {
+            mbedtls_printf(
+                " failed\n  !  mbedtls_x509_crt_parse failed to parse %d certificates\n\n",
+                ret);
+            mbedtls_x509_crt_free(&crt);
+            goto exit;
+        }
+
+        mbedtls_printf(" ok\n");
+
+        /*
+         * 1.2 Print the certificate(s)
+         */
+        while (cur != NULL) {
+            mbedtls_printf("  . Peer certificate information    ...\n");
+            ret = mbedtls_x509_crt_info((char *) buf, sizeof(buf) - 1, "      ",
+                                        cur);
+            if (ret == -1) {
+                mbedtls_printf(" failed\n  !  mbedtls_x509_crt_info returned %d\n\n", ret);
+                mbedtls_x509_crt_free(&crt);
+                goto exit;
+            }
+
+            mbedtls_printf("%s\n", buf);
+
+            cur = cur->next;
+        }
+
+        /*
+         * 1.3 Verify the certificate
+         */
+        if (verify) {
+            mbedtls_printf("  . Verifying X.509 certificate...");
+
+            if ((ret = mbedtls_x509_crt_verify(&crt, &cacert, &cacrl, NULL, &flags,
+                                               my_verify, NULL)) != 0) {
+                char vrfy_buf[512];
+
+                mbedtls_printf(" failed\n");
+
+                mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), "  ! ", flags);
+
+                mbedtls_printf("%s\n", vrfy_buf);
+            } else {
+                mbedtls_printf(" ok\n");
+            }
+        }
+
+        mbedtls_x509_crt_free(&crt);
+    } else if (opt.mode == MODE_SSL) {
+        /*
+         * 1. Initialize the RNG and the session data
+         */
+        mbedtls_printf("\n  . Seeding the random number generator...");
+        fflush(stdout);
+
+        if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                         (const unsigned char *) pers,
+                                         strlen(pers))) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret);
+            goto ssl_exit;
+        }
+
+        mbedtls_printf(" ok\n");
+
+#if defined(MBEDTLS_DEBUG_C)
+        mbedtls_debug_set_threshold(opt.debug_level);
+#endif
+
+        /*
+         * 2. Start the connection
+         */
+        mbedtls_printf("  . SSL connection to tcp/%s/%s...", opt.server_name,
+                       opt.server_port);
+        fflush(stdout);
+
+        if ((ret = mbedtls_net_connect(&server_fd, opt.server_name,
+                                       opt.server_port, MBEDTLS_NET_PROTO_TCP)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_net_connect returned %d\n\n", ret);
+            goto ssl_exit;
+        }
+
+        /*
+         * 3. Setup stuff
+         */
+        if ((ret = mbedtls_ssl_config_defaults(&conf,
+                                               MBEDTLS_SSL_IS_CLIENT,
+                                               MBEDTLS_SSL_TRANSPORT_STREAM,
+                                               MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret);
+            goto exit;
+        }
+
+        if (verify) {
+            mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_REQUIRED);
+            mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL);
+            mbedtls_ssl_conf_verify(&conf, my_verify, NULL);
+        } else {
+            mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_NONE);
+        }
+
+        mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
+        mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
+
+        if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_setup returned %d\n\n", ret);
+            goto ssl_exit;
+        }
+
+        if ((ret = mbedtls_ssl_set_hostname(&ssl, opt.server_name)) != 0) {
+            mbedtls_printf(" failed\n  ! mbedtls_ssl_set_hostname returned %d\n\n", ret);
+            goto ssl_exit;
+        }
+
+        mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL);
+
+        /*
+         * 4. Handshake
+         */
+        while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) {
+            if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+                mbedtls_printf(" failed\n  ! mbedtls_ssl_handshake returned %d\n\n", ret);
+                goto ssl_exit;
+            }
+        }
+
+        mbedtls_printf(" ok\n");
+
+        /*
+         * 5. Print the certificate
+         */
+#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+        mbedtls_printf("  . Peer certificate information    ... skipped\n");
+#else
+        mbedtls_printf("  . Peer certificate information    ...\n");
+        ret = mbedtls_x509_crt_info((char *) buf, sizeof(buf) - 1, "      ",
+                                    mbedtls_ssl_get_peer_cert(&ssl));
+        if (ret == -1) {
+            mbedtls_printf(" failed\n  !  mbedtls_x509_crt_info returned %d\n\n", ret);
+            goto ssl_exit;
+        }
+
+        mbedtls_printf("%s\n", buf);
+#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+        mbedtls_ssl_close_notify(&ssl);
+
+ssl_exit:
+        mbedtls_ssl_free(&ssl);
+        mbedtls_ssl_config_free(&conf);
+    } else {
+        goto usage;
+    }
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+
+    mbedtls_net_free(&server_fd);
+    mbedtls_x509_crt_free(&cacert);
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
+    mbedtls_x509_crl_free(&cacrl);
+#endif
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
+          MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
+          MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/x509/cert_req.c b/3rdparty/mbedtls-2.28.7/programs/x509/cert_req.c
new file mode 100644
index 0000000..942711f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/x509/cert_req.c
@@ -0,0 +1,377 @@
+/*
+ *  Certificate request generation
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_X509_CSR_WRITE_C) || !defined(MBEDTLS_FS_IO) ||  \
+    !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_SHA256_C) || \
+    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
+    !defined(MBEDTLS_PEM_WRITE_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_X509_CSR_WRITE_C and/or MBEDTLS_FS_IO and/or "
+                   "MBEDTLS_PK_PARSE_C and/or MBEDTLS_SHA256_C and/or "
+                   "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C "
+                   "not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include "mbedtls/x509_csr.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/error.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define DFL_FILENAME            "keyfile.key"
+#define DFL_PASSWORD            NULL
+#define DFL_DEBUG_LEVEL         0
+#define DFL_OUTPUT_FILENAME     "cert.req"
+#define DFL_SUBJECT_NAME        "CN=Cert,O=mbed TLS,C=UK"
+#define DFL_KEY_USAGE           0
+#define DFL_FORCE_KEY_USAGE     0
+#define DFL_NS_CERT_TYPE        0
+#define DFL_FORCE_NS_CERT_TYPE  0
+#define DFL_MD_ALG              MBEDTLS_MD_SHA256
+
+#define USAGE \
+    "\n usage: cert_req param=<>...\n"                  \
+    "\n acceptable parameters:\n"                       \
+    "    filename=%%s         default: keyfile.key\n"   \
+    "    password=%%s         default: NULL\n"          \
+    "    debug_level=%%d      default: 0 (disabled)\n"  \
+    "    output_file=%%s      default: cert.req\n"      \
+    "    subject_name=%%s     default: CN=Cert,O=mbed TLS,C=UK\n"   \
+    "    key_usage=%%s        default: (empty)\n"       \
+    "                        Comma-separated-list of values:\n"     \
+    "                          digital_signature\n"     \
+    "                          non_repudiation\n"       \
+    "                          key_encipherment\n"      \
+    "                          data_encipherment\n"     \
+    "                          key_agreement\n"         \
+    "                          key_cert_sign\n"  \
+    "                          crl_sign\n"              \
+    "    force_key_usage=0/1  default: off\n"           \
+    "                          Add KeyUsage even if it is empty\n"  \
+    "    ns_cert_type=%%s     default: (empty)\n"       \
+    "                        Comma-separated-list of values:\n"     \
+    "                          ssl_client\n"            \
+    "                          ssl_server\n"            \
+    "                          email\n"                 \
+    "                          object_signing\n"        \
+    "                          ssl_ca\n"                \
+    "                          email_ca\n"              \
+    "                          object_signing_ca\n"     \
+    "    force_ns_cert_type=0/1 default: off\n"         \
+    "                          Add NsCertType even if it is empty\n"    \
+    "    md=%%s               default: SHA256\n"       \
+    "                          possible values:\n"     \
+    "                          MD2, MD4, MD5, RIPEMD160, SHA1,\n" \
+    "                          SHA224, SHA256, SHA384, SHA512\n" \
+    "\n"
+
+
+/*
+ * global options
+ */
+struct options {
+    const char *filename;       /* filename of the key file             */
+    const char *password;       /* password for the key file            */
+    int debug_level;            /* level of debugging                   */
+    const char *output_file;    /* where to store the constructed key file  */
+    const char *subject_name;   /* subject name for certificate request */
+    unsigned char key_usage;    /* key usage flags                      */
+    int force_key_usage;        /* Force adding the KeyUsage extension  */
+    unsigned char ns_cert_type; /* NS cert type                         */
+    int force_ns_cert_type;     /* Force adding NsCertType extension    */
+    mbedtls_md_type_t md_alg;   /* Hash algorithm used for signature.   */
+} opt;
+
+int write_certificate_request(mbedtls_x509write_csr *req, const char *output_file,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng)
+{
+    int ret;
+    FILE *f;
+    unsigned char output_buf[4096];
+    size_t len = 0;
+
+    memset(output_buf, 0, 4096);
+    if ((ret = mbedtls_x509write_csr_pem(req, output_buf, 4096, f_rng, p_rng)) < 0) {
+        return ret;
+    }
+
+    len = strlen((char *) output_buf);
+
+    if ((f = fopen(output_file, "w")) == NULL) {
+        return -1;
+    }
+
+    if (fwrite(output_buf, 1, len, f) != len) {
+        fclose(f);
+        return -1;
+    }
+
+    fclose(f);
+
+    return 0;
+}
+
+int main(int argc, char *argv[])
+{
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    mbedtls_pk_context key;
+    char buf[1024];
+    int i;
+    char *p, *q, *r;
+    mbedtls_x509write_csr req;
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    const char *pers = "csr example app";
+
+    /*
+     * Set to sane values
+     */
+    mbedtls_x509write_csr_init(&req);
+    mbedtls_pk_init(&key);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    memset(buf, 0, sizeof(buf));
+    mbedtls_entropy_init(&entropy);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if (argc < 2) {
+usage:
+        mbedtls_printf(USAGE);
+        goto exit;
+    }
+
+    opt.filename            = DFL_FILENAME;
+    opt.password            = DFL_PASSWORD;
+    opt.debug_level         = DFL_DEBUG_LEVEL;
+    opt.output_file         = DFL_OUTPUT_FILENAME;
+    opt.subject_name        = DFL_SUBJECT_NAME;
+    opt.key_usage           = DFL_KEY_USAGE;
+    opt.force_key_usage     = DFL_FORCE_KEY_USAGE;
+    opt.ns_cert_type        = DFL_NS_CERT_TYPE;
+    opt.force_ns_cert_type  = DFL_FORCE_NS_CERT_TYPE;
+    opt.md_alg              = DFL_MD_ALG;
+
+    for (i = 1; i < argc; i++) {
+
+        p = argv[i];
+        if ((q = strchr(p, '=')) == NULL) {
+            goto usage;
+        }
+        *q++ = '\0';
+
+        if (strcmp(p, "filename") == 0) {
+            opt.filename = q;
+        } else if (strcmp(p, "password") == 0) {
+            opt.password = q;
+        } else if (strcmp(p, "output_file") == 0) {
+            opt.output_file = q;
+        } else if (strcmp(p, "debug_level") == 0) {
+            opt.debug_level = atoi(q);
+            if (opt.debug_level < 0 || opt.debug_level > 65535) {
+                goto usage;
+            }
+        } else if (strcmp(p, "subject_name") == 0) {
+            opt.subject_name = q;
+        } else if (strcmp(p, "md") == 0) {
+            const mbedtls_md_info_t *md_info =
+                mbedtls_md_info_from_string(q);
+            if (md_info == NULL) {
+                mbedtls_printf("Invalid argument for option %s\n", p);
+                goto usage;
+            }
+            opt.md_alg = mbedtls_md_get_type(md_info);
+        } else if (strcmp(p, "key_usage") == 0) {
+            while (q != NULL) {
+                if ((r = strchr(q, ',')) != NULL) {
+                    *r++ = '\0';
+                }
+
+                if (strcmp(q, "digital_signature") == 0) {
+                    opt.key_usage |= MBEDTLS_X509_KU_DIGITAL_SIGNATURE;
+                } else if (strcmp(q, "non_repudiation") == 0) {
+                    opt.key_usage |= MBEDTLS_X509_KU_NON_REPUDIATION;
+                } else if (strcmp(q, "key_encipherment") == 0) {
+                    opt.key_usage |= MBEDTLS_X509_KU_KEY_ENCIPHERMENT;
+                } else if (strcmp(q, "data_encipherment") == 0) {
+                    opt.key_usage |= MBEDTLS_X509_KU_DATA_ENCIPHERMENT;
+                } else if (strcmp(q, "key_agreement") == 0) {
+                    opt.key_usage |= MBEDTLS_X509_KU_KEY_AGREEMENT;
+                } else if (strcmp(q, "key_cert_sign") == 0) {
+                    opt.key_usage |= MBEDTLS_X509_KU_KEY_CERT_SIGN;
+                } else if (strcmp(q, "crl_sign") == 0) {
+                    opt.key_usage |= MBEDTLS_X509_KU_CRL_SIGN;
+                } else {
+                    goto usage;
+                }
+
+                q = r;
+            }
+        } else if (strcmp(p, "force_key_usage") == 0) {
+            switch (atoi(q)) {
+                case 0: opt.force_key_usage = 0; break;
+                case 1: opt.force_key_usage = 1; break;
+                default: goto usage;
+            }
+        } else if (strcmp(p, "ns_cert_type") == 0) {
+            while (q != NULL) {
+                if ((r = strchr(q, ',')) != NULL) {
+                    *r++ = '\0';
+                }
+
+                if (strcmp(q, "ssl_client") == 0) {
+                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT;
+                } else if (strcmp(q, "ssl_server") == 0) {
+                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER;
+                } else if (strcmp(q, "email") == 0) {
+                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL;
+                } else if (strcmp(q, "object_signing") == 0) {
+                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING;
+                } else if (strcmp(q, "ssl_ca") == 0) {
+                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CA;
+                } else if (strcmp(q, "email_ca") == 0) {
+                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA;
+                } else if (strcmp(q, "object_signing_ca") == 0) {
+                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA;
+                } else {
+                    goto usage;
+                }
+
+                q = r;
+            }
+        } else if (strcmp(p, "force_ns_cert_type") == 0) {
+            switch (atoi(q)) {
+                case 0: opt.force_ns_cert_type = 0; break;
+                case 1: opt.force_ns_cert_type = 1; break;
+                default: goto usage;
+            }
+        } else {
+            goto usage;
+        }
+    }
+
+    mbedtls_x509write_csr_set_md_alg(&req, opt.md_alg);
+
+    if (opt.key_usage || opt.force_key_usage == 1) {
+        mbedtls_x509write_csr_set_key_usage(&req, opt.key_usage);
+    }
+
+    if (opt.ns_cert_type || opt.force_ns_cert_type == 1) {
+        mbedtls_x509write_csr_set_ns_cert_type(&req, opt.ns_cert_type);
+    }
+
+    /*
+     * 0. Seed the PRNG
+     */
+    mbedtls_printf("  . Seeding the random number generator...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                     (const unsigned char *) pers,
+                                     strlen(pers))) != 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_ctr_drbg_seed returned %d", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 1.0. Check the subject name for validity
+     */
+    mbedtls_printf("  . Checking subject name...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_x509write_csr_set_subject_name(&req, opt.subject_name)) != 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_x509write_csr_set_subject_name returned %d", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 1.1. Load the key
+     */
+    mbedtls_printf("  . Loading the private key ...");
+    fflush(stdout);
+
+    ret = mbedtls_pk_parse_keyfile(&key, opt.filename, opt.password);
+
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_pk_parse_keyfile returned %d", ret);
+        goto exit;
+    }
+
+    mbedtls_x509write_csr_set_key(&req, &key);
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 1.2. Writing the request
+     */
+    mbedtls_printf("  . Writing the certificate request ...");
+    fflush(stdout);
+
+    if ((ret = write_certificate_request(&req, opt.output_file,
+                                         mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+        mbedtls_printf(" failed\n  !  write_certificate_request %d", ret);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+
+    if (exit_code != MBEDTLS_EXIT_SUCCESS) {
+#ifdef MBEDTLS_ERROR_C
+        mbedtls_strerror(ret, buf, sizeof(buf));
+        mbedtls_printf(" - %s\n", buf);
+#else
+        mbedtls_printf("\n");
+#endif
+    }
+
+    mbedtls_x509write_csr_free(&req);
+    mbedtls_pk_free(&key);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_X509_CSR_WRITE_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
+          MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_PEM_WRITE_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/x509/cert_write.c b/3rdparty/mbedtls-2.28.7/programs/x509/cert_write.c
new file mode 100644
index 0000000..3f04c6d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/x509/cert_write.c
@@ -0,0 +1,730 @@
+/*
+ *  Certificate generation and signing
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_X509_CRT_WRITE_C) || \
+    !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
+    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
+    !defined(MBEDTLS_ERROR_C) || !defined(MBEDTLS_SHA256_C) || \
+    !defined(MBEDTLS_PEM_WRITE_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_X509_CRT_WRITE_C and/or MBEDTLS_X509_CRT_PARSE_C and/or "
+                   "MBEDTLS_FS_IO and/or MBEDTLS_SHA256_C and/or "
+                   "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
+                   "MBEDTLS_ERROR_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include "mbedtls/x509_crt.h"
+#include "mbedtls/x509_csr.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/md.h"
+#include "mbedtls/error.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#if defined(MBEDTLS_X509_CSR_PARSE_C)
+#define USAGE_CSR                                                           \
+    "    request_file=%%s         default: (empty)\n"                           \
+    "                            If request_file is specified, subject_key,\n"  \
+    "                            subject_pwd and subject_name are ignored!\n"
+#else
+#define USAGE_CSR ""
+#endif /* MBEDTLS_X509_CSR_PARSE_C */
+
+#define DFL_ISSUER_CRT          ""
+#define DFL_REQUEST_FILE        ""
+#define DFL_SUBJECT_KEY         "subject.key"
+#define DFL_ISSUER_KEY          "ca.key"
+#define DFL_SUBJECT_PWD         ""
+#define DFL_ISSUER_PWD          ""
+#define DFL_OUTPUT_FILENAME     "cert.crt"
+#define DFL_SUBJECT_NAME        "CN=Cert,O=mbed TLS,C=UK"
+#define DFL_ISSUER_NAME         "CN=CA,O=mbed TLS,C=UK"
+#define DFL_NOT_BEFORE          "20010101000000"
+#define DFL_NOT_AFTER           "20301231235959"
+#define DFL_SERIAL              "1"
+#define DFL_SELFSIGN            0
+#define DFL_IS_CA               0
+#define DFL_MAX_PATHLEN         -1
+#define DFL_KEY_USAGE           0
+#define DFL_NS_CERT_TYPE        0
+#define DFL_VERSION             3
+#define DFL_AUTH_IDENT          1
+#define DFL_SUBJ_IDENT          1
+#define DFL_CONSTRAINTS         1
+#define DFL_DIGEST              MBEDTLS_MD_SHA256
+
+#define USAGE \
+    "\n usage: cert_write param=<>...\n"                \
+    "\n acceptable parameters:\n"                       \
+    USAGE_CSR                                           \
+    "    subject_key=%%s          default: subject.key\n"   \
+    "    subject_pwd=%%s          default: (empty)\n"       \
+    "    subject_name=%%s         default: CN=Cert,O=mbed TLS,C=UK\n"   \
+    "\n"                                                \
+    "    issuer_crt=%%s           default: (empty)\n"       \
+    "                            If issuer_crt is specified, issuer_name is\n"  \
+    "                            ignored!\n"                \
+    "    issuer_name=%%s          default: CN=CA,O=mbed TLS,C=UK\n"     \
+    "\n"                                                \
+    "    selfsign=%%d             default: 0 (false)\n"     \
+    "                            If selfsign is enabled, issuer_name and\n" \
+    "                            issuer_key are required (issuer_crt and\n" \
+    "                            subject_* are ignored\n"   \
+    "    issuer_key=%%s           default: ca.key\n"        \
+    "    issuer_pwd=%%s           default: (empty)\n"       \
+    "    output_file=%%s          default: cert.crt\n"      \
+    "    serial=%%s               default: 1\n"             \
+    "    not_before=%%s           default: 20010101000000\n" \
+    "    not_after=%%s            default: 20301231235959\n" \
+    "    is_ca=%%d                default: 0 (disabled)\n"  \
+    "    max_pathlen=%%d          default: -1 (none)\n"     \
+    "    md=%%s                   default: SHA256\n"        \
+    "                            Supported values (if enabled):\n"      \
+    "                            MD2, MD4, MD5, RIPEMD160, SHA1,\n" \
+    "                            SHA224, SHA256, SHA384, SHA512\n" \
+    "    version=%%d              default: 3\n"            \
+    "                            Possible values: 1, 2, 3\n" \
+    "    subject_identifier=%%s   default: 1\n"             \
+    "                            Possible values: 0, 1\n"   \
+    "                            (Considered for v3 only)\n" \
+    "    authority_identifier=%%s default: 1\n"             \
+    "                            Possible values: 0, 1\n"   \
+    "                            (Considered for v3 only)\n" \
+    "    basic_constraints=%%d    default: 1\n"             \
+    "                            Possible values: 0, 1\n"   \
+    "                            (Considered for v3 only)\n" \
+    "    key_usage=%%s            default: (empty)\n"       \
+    "                            Comma-separated-list of values:\n"     \
+    "                            digital_signature\n"     \
+    "                            non_repudiation\n"       \
+    "                            key_encipherment\n"      \
+    "                            data_encipherment\n"     \
+    "                            key_agreement\n"         \
+    "                            key_cert_sign\n"  \
+    "                            crl_sign\n"              \
+    "                            (Considered for v3 only)\n" \
+    "    ns_cert_type=%%s         default: (empty)\n"       \
+    "                            Comma-separated-list of values:\n"     \
+    "                            ssl_client\n"            \
+    "                            ssl_server\n"            \
+    "                            email\n"                 \
+    "                            object_signing\n"        \
+    "                            ssl_ca\n"                \
+    "                            email_ca\n"              \
+    "                            object_signing_ca\n"     \
+    "\n"
+
+
+/*
+ * global options
+ */
+struct options {
+    const char *issuer_crt;     /* filename of the issuer certificate   */
+    const char *request_file;   /* filename of the certificate request  */
+    const char *subject_key;    /* filename of the subject key file     */
+    const char *issuer_key;     /* filename of the issuer key file      */
+    const char *subject_pwd;    /* password for the subject key file    */
+    const char *issuer_pwd;     /* password for the issuer key file     */
+    const char *output_file;    /* where to store the constructed CRT   */
+    const char *subject_name;   /* subject name for certificate         */
+    const char *issuer_name;    /* issuer name for certificate          */
+    const char *not_before;     /* validity period not before           */
+    const char *not_after;      /* validity period not after            */
+    const char *serial;         /* serial number string                 */
+    int selfsign;               /* selfsign the certificate             */
+    int is_ca;                  /* is a CA certificate                  */
+    int max_pathlen;            /* maximum CA path length               */
+    int authority_identifier;   /* add authority identifier to CRT      */
+    int subject_identifier;     /* add subject identifier to CRT        */
+    int basic_constraints;      /* add basic constraints ext to CRT     */
+    int version;                /* CRT version                          */
+    mbedtls_md_type_t md;       /* Hash used for signing                */
+    unsigned char key_usage;    /* key usage flags                      */
+    unsigned char ns_cert_type; /* NS cert type                         */
+} opt;
+
+int write_certificate(mbedtls_x509write_cert *crt, const char *output_file,
+                      int (*f_rng)(void *, unsigned char *, size_t),
+                      void *p_rng)
+{
+    int ret;
+    FILE *f;
+    unsigned char output_buf[4096];
+    size_t len = 0;
+
+    memset(output_buf, 0, 4096);
+    if ((ret = mbedtls_x509write_crt_pem(crt, output_buf, 4096,
+                                         f_rng, p_rng)) < 0) {
+        return ret;
+    }
+
+    len = strlen((char *) output_buf);
+
+    if ((f = fopen(output_file, "w")) == NULL) {
+        return -1;
+    }
+
+    if (fwrite(output_buf, 1, len, f) != len) {
+        fclose(f);
+        return -1;
+    }
+
+    fclose(f);
+
+    return 0;
+}
+
+int main(int argc, char *argv[])
+{
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    mbedtls_x509_crt issuer_crt;
+    mbedtls_pk_context loaded_issuer_key, loaded_subject_key;
+    mbedtls_pk_context *issuer_key = &loaded_issuer_key,
+                       *subject_key = &loaded_subject_key;
+    char buf[1024];
+    char issuer_name[256];
+    int i;
+    char *p, *q, *r;
+#if defined(MBEDTLS_X509_CSR_PARSE_C)
+    char subject_name[256];
+    mbedtls_x509_csr csr;
+#endif
+    mbedtls_x509write_cert crt;
+    mbedtls_mpi serial;
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    const char *pers = "crt example app";
+
+    /*
+     * Set to sane values
+     */
+    mbedtls_x509write_crt_init(&crt);
+    mbedtls_pk_init(&loaded_issuer_key);
+    mbedtls_pk_init(&loaded_subject_key);
+    mbedtls_mpi_init(&serial);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    mbedtls_entropy_init(&entropy);
+#if defined(MBEDTLS_X509_CSR_PARSE_C)
+    mbedtls_x509_csr_init(&csr);
+#endif
+    mbedtls_x509_crt_init(&issuer_crt);
+    memset(buf, 0, 1024);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if (argc < 2) {
+usage:
+        mbedtls_printf(USAGE);
+        goto exit;
+    }
+
+    opt.issuer_crt          = DFL_ISSUER_CRT;
+    opt.request_file        = DFL_REQUEST_FILE;
+    opt.subject_key         = DFL_SUBJECT_KEY;
+    opt.issuer_key          = DFL_ISSUER_KEY;
+    opt.subject_pwd         = DFL_SUBJECT_PWD;
+    opt.issuer_pwd          = DFL_ISSUER_PWD;
+    opt.output_file         = DFL_OUTPUT_FILENAME;
+    opt.subject_name        = DFL_SUBJECT_NAME;
+    opt.issuer_name         = DFL_ISSUER_NAME;
+    opt.not_before          = DFL_NOT_BEFORE;
+    opt.not_after           = DFL_NOT_AFTER;
+    opt.serial              = DFL_SERIAL;
+    opt.selfsign            = DFL_SELFSIGN;
+    opt.is_ca               = DFL_IS_CA;
+    opt.max_pathlen         = DFL_MAX_PATHLEN;
+    opt.key_usage           = DFL_KEY_USAGE;
+    opt.ns_cert_type        = DFL_NS_CERT_TYPE;
+    opt.version             = DFL_VERSION - 1;
+    opt.md                  = DFL_DIGEST;
+    opt.subject_identifier   = DFL_SUBJ_IDENT;
+    opt.authority_identifier = DFL_AUTH_IDENT;
+    opt.basic_constraints    = DFL_CONSTRAINTS;
+
+    for (i = 1; i < argc; i++) {
+
+        p = argv[i];
+        if ((q = strchr(p, '=')) == NULL) {
+            goto usage;
+        }
+        *q++ = '\0';
+
+        if (strcmp(p, "request_file") == 0) {
+            opt.request_file = q;
+        } else if (strcmp(p, "subject_key") == 0) {
+            opt.subject_key = q;
+        } else if (strcmp(p, "issuer_key") == 0) {
+            opt.issuer_key = q;
+        } else if (strcmp(p, "subject_pwd") == 0) {
+            opt.subject_pwd = q;
+        } else if (strcmp(p, "issuer_pwd") == 0) {
+            opt.issuer_pwd = q;
+        } else if (strcmp(p, "issuer_crt") == 0) {
+            opt.issuer_crt = q;
+        } else if (strcmp(p, "output_file") == 0) {
+            opt.output_file = q;
+        } else if (strcmp(p, "subject_name") == 0) {
+            opt.subject_name = q;
+        } else if (strcmp(p, "issuer_name") == 0) {
+            opt.issuer_name = q;
+        } else if (strcmp(p, "not_before") == 0) {
+            opt.not_before = q;
+        } else if (strcmp(p, "not_after") == 0) {
+            opt.not_after = q;
+        } else if (strcmp(p, "serial") == 0) {
+            opt.serial = q;
+        } else if (strcmp(p, "authority_identifier") == 0) {
+            opt.authority_identifier = atoi(q);
+            if (opt.authority_identifier != 0 &&
+                opt.authority_identifier != 1) {
+                mbedtls_printf("Invalid argument for option %s\n", p);
+                goto usage;
+            }
+        } else if (strcmp(p, "subject_identifier") == 0) {
+            opt.subject_identifier = atoi(q);
+            if (opt.subject_identifier != 0 &&
+                opt.subject_identifier != 1) {
+                mbedtls_printf("Invalid argument for option %s\n", p);
+                goto usage;
+            }
+        } else if (strcmp(p, "basic_constraints") == 0) {
+            opt.basic_constraints = atoi(q);
+            if (opt.basic_constraints != 0 &&
+                opt.basic_constraints != 1) {
+                mbedtls_printf("Invalid argument for option %s\n", p);
+                goto usage;
+            }
+        } else if (strcmp(p, "md") == 0) {
+            const mbedtls_md_info_t *md_info =
+                mbedtls_md_info_from_string(q);
+            if (md_info == NULL) {
+                mbedtls_printf("Invalid argument for option %s\n", p);
+                goto usage;
+            }
+            opt.md = mbedtls_md_get_type(md_info);
+        } else if (strcmp(p, "version") == 0) {
+            opt.version = atoi(q);
+            if (opt.version < 1 || opt.version > 3) {
+                mbedtls_printf("Invalid argument for option %s\n", p);
+                goto usage;
+            }
+            opt.version--;
+        } else if (strcmp(p, "selfsign") == 0) {
+            opt.selfsign = atoi(q);
+            if (opt.selfsign < 0 || opt.selfsign > 1) {
+                mbedtls_printf("Invalid argument for option %s\n", p);
+                goto usage;
+            }
+        } else if (strcmp(p, "is_ca") == 0) {
+            opt.is_ca = atoi(q);
+            if (opt.is_ca < 0 || opt.is_ca > 1) {
+                mbedtls_printf("Invalid argument for option %s\n", p);
+                goto usage;
+            }
+        } else if (strcmp(p, "max_pathlen") == 0) {
+            opt.max_pathlen = atoi(q);
+            if (opt.max_pathlen < -1 || opt.max_pathlen > 127) {
+                mbedtls_printf("Invalid argument for option %s\n", p);
+                goto usage;
+            }
+        } else if (strcmp(p, "key_usage") == 0) {
+            while (q != NULL) {
+                if ((r = strchr(q, ',')) != NULL) {
+                    *r++ = '\0';
+                }
+
+                if (strcmp(q, "digital_signature") == 0) {
+                    opt.key_usage |= MBEDTLS_X509_KU_DIGITAL_SIGNATURE;
+                } else if (strcmp(q, "non_repudiation") == 0) {
+                    opt.key_usage |= MBEDTLS_X509_KU_NON_REPUDIATION;
+                } else if (strcmp(q, "key_encipherment") == 0) {
+                    opt.key_usage |= MBEDTLS_X509_KU_KEY_ENCIPHERMENT;
+                } else if (strcmp(q, "data_encipherment") == 0) {
+                    opt.key_usage |= MBEDTLS_X509_KU_DATA_ENCIPHERMENT;
+                } else if (strcmp(q, "key_agreement") == 0) {
+                    opt.key_usage |= MBEDTLS_X509_KU_KEY_AGREEMENT;
+                } else if (strcmp(q, "key_cert_sign") == 0) {
+                    opt.key_usage |= MBEDTLS_X509_KU_KEY_CERT_SIGN;
+                } else if (strcmp(q, "crl_sign") == 0) {
+                    opt.key_usage |= MBEDTLS_X509_KU_CRL_SIGN;
+                } else {
+                    mbedtls_printf("Invalid argument for option %s\n", p);
+                    goto usage;
+                }
+
+                q = r;
+            }
+        } else if (strcmp(p, "ns_cert_type") == 0) {
+            while (q != NULL) {
+                if ((r = strchr(q, ',')) != NULL) {
+                    *r++ = '\0';
+                }
+
+                if (strcmp(q, "ssl_client") == 0) {
+                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT;
+                } else if (strcmp(q, "ssl_server") == 0) {
+                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER;
+                } else if (strcmp(q, "email") == 0) {
+                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL;
+                } else if (strcmp(q, "object_signing") == 0) {
+                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING;
+                } else if (strcmp(q, "ssl_ca") == 0) {
+                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CA;
+                } else if (strcmp(q, "email_ca") == 0) {
+                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA;
+                } else if (strcmp(q, "object_signing_ca") == 0) {
+                    opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA;
+                } else {
+                    mbedtls_printf("Invalid argument for option %s\n", p);
+                    goto usage;
+                }
+
+                q = r;
+            }
+        } else {
+            goto usage;
+        }
+    }
+
+    mbedtls_printf("\n");
+
+    /*
+     * 0. Seed the PRNG
+     */
+    mbedtls_printf("  . Seeding the random number generator...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                     (const unsigned char *) pers,
+                                     strlen(pers))) != 0) {
+        mbedtls_strerror(ret, buf, 1024);
+        mbedtls_printf(" failed\n  !  mbedtls_ctr_drbg_seed returned %d - %s\n",
+                       ret, buf);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    // Parse serial to MPI
+    //
+    mbedtls_printf("  . Reading serial number...");
+    fflush(stdout);
+
+    if ((ret = mbedtls_mpi_read_string(&serial, 10, opt.serial)) != 0) {
+        mbedtls_strerror(ret, buf, 1024);
+        mbedtls_printf(" failed\n  !  mbedtls_mpi_read_string "
+                       "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    // Parse issuer certificate if present
+    //
+    if (!opt.selfsign && strlen(opt.issuer_crt)) {
+        /*
+         * 1.0.a. Load the certificates
+         */
+        mbedtls_printf("  . Loading the issuer certificate ...");
+        fflush(stdout);
+
+        if ((ret = mbedtls_x509_crt_parse_file(&issuer_crt, opt.issuer_crt)) != 0) {
+            mbedtls_strerror(ret, buf, 1024);
+            mbedtls_printf(" failed\n  !  mbedtls_x509_crt_parse_file "
+                           "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf);
+            goto exit;
+        }
+
+        ret = mbedtls_x509_dn_gets(issuer_name, sizeof(issuer_name),
+                                   &issuer_crt.subject);
+        if (ret < 0) {
+            mbedtls_strerror(ret, buf, 1024);
+            mbedtls_printf(" failed\n  !  mbedtls_x509_dn_gets "
+                           "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf);
+            goto exit;
+        }
+
+        opt.issuer_name = issuer_name;
+
+        mbedtls_printf(" ok\n");
+    }
+
+#if defined(MBEDTLS_X509_CSR_PARSE_C)
+    // Parse certificate request if present
+    //
+    if (!opt.selfsign && strlen(opt.request_file)) {
+        /*
+         * 1.0.b. Load the CSR
+         */
+        mbedtls_printf("  . Loading the certificate request ...");
+        fflush(stdout);
+
+        if ((ret = mbedtls_x509_csr_parse_file(&csr, opt.request_file)) != 0) {
+            mbedtls_strerror(ret, buf, 1024);
+            mbedtls_printf(" failed\n  !  mbedtls_x509_csr_parse_file "
+                           "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf);
+            goto exit;
+        }
+
+        ret = mbedtls_x509_dn_gets(subject_name, sizeof(subject_name),
+                                   &csr.subject);
+        if (ret < 0) {
+            mbedtls_strerror(ret, buf, 1024);
+            mbedtls_printf(" failed\n  !  mbedtls_x509_dn_gets "
+                           "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf);
+            goto exit;
+        }
+
+        opt.subject_name = subject_name;
+        subject_key = &csr.pk;
+
+        mbedtls_printf(" ok\n");
+    }
+#endif /* MBEDTLS_X509_CSR_PARSE_C */
+
+    /*
+     * 1.1. Load the keys
+     */
+    if (!opt.selfsign && !strlen(opt.request_file)) {
+        mbedtls_printf("  . Loading the subject key ...");
+        fflush(stdout);
+
+        ret = mbedtls_pk_parse_keyfile(&loaded_subject_key, opt.subject_key,
+                                       opt.subject_pwd);
+        if (ret != 0) {
+            mbedtls_strerror(ret, buf, 1024);
+            mbedtls_printf(" failed\n  !  mbedtls_pk_parse_keyfile "
+                           "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf);
+            goto exit;
+        }
+
+        mbedtls_printf(" ok\n");
+    }
+
+    mbedtls_printf("  . Loading the issuer key ...");
+    fflush(stdout);
+
+    ret = mbedtls_pk_parse_keyfile(&loaded_issuer_key, opt.issuer_key,
+                                   opt.issuer_pwd);
+    if (ret != 0) {
+        mbedtls_strerror(ret, buf, 1024);
+        mbedtls_printf(" failed\n  !  mbedtls_pk_parse_keyfile "
+                       "returned -x%02x - %s\n\n", (unsigned int) -ret, buf);
+        goto exit;
+    }
+
+    // Check if key and issuer certificate match
+    //
+    if (strlen(opt.issuer_crt)) {
+        if (mbedtls_pk_check_pair(&issuer_crt.pk, issuer_key) != 0) {
+            mbedtls_printf(" failed\n  !  issuer_key does not match "
+                           "issuer certificate\n\n");
+            goto exit;
+        }
+    }
+
+    mbedtls_printf(" ok\n");
+
+    if (opt.selfsign) {
+        opt.subject_name = opt.issuer_name;
+        subject_key = issuer_key;
+    }
+
+    mbedtls_x509write_crt_set_subject_key(&crt, subject_key);
+    mbedtls_x509write_crt_set_issuer_key(&crt, issuer_key);
+
+    /*
+     * 1.0. Check the names for validity
+     */
+    if ((ret = mbedtls_x509write_crt_set_subject_name(&crt, opt.subject_name)) != 0) {
+        mbedtls_strerror(ret, buf, 1024);
+        mbedtls_printf(" failed\n  !  mbedtls_x509write_crt_set_subject_name "
+                       "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf);
+        goto exit;
+    }
+
+    if ((ret = mbedtls_x509write_crt_set_issuer_name(&crt, opt.issuer_name)) != 0) {
+        mbedtls_strerror(ret, buf, 1024);
+        mbedtls_printf(" failed\n  !  mbedtls_x509write_crt_set_issuer_name "
+                       "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf);
+        goto exit;
+    }
+
+    mbedtls_printf("  . Setting certificate values ...");
+    fflush(stdout);
+
+    mbedtls_x509write_crt_set_version(&crt, opt.version);
+    mbedtls_x509write_crt_set_md_alg(&crt, opt.md);
+
+    ret = mbedtls_x509write_crt_set_serial(&crt, &serial);
+    if (ret != 0) {
+        mbedtls_strerror(ret, buf, 1024);
+        mbedtls_printf(" failed\n  !  mbedtls_x509write_crt_set_serial "
+                       "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf);
+        goto exit;
+    }
+
+    ret = mbedtls_x509write_crt_set_validity(&crt, opt.not_before, opt.not_after);
+    if (ret != 0) {
+        mbedtls_strerror(ret, buf, 1024);
+        mbedtls_printf(" failed\n  !  mbedtls_x509write_crt_set_validity "
+                       "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    if (opt.version == MBEDTLS_X509_CRT_VERSION_3 &&
+        opt.basic_constraints != 0) {
+        mbedtls_printf("  . Adding the Basic Constraints extension ...");
+        fflush(stdout);
+
+        ret = mbedtls_x509write_crt_set_basic_constraints(&crt, opt.is_ca,
+                                                          opt.max_pathlen);
+        if (ret != 0) {
+            mbedtls_strerror(ret, buf, 1024);
+            mbedtls_printf(" failed\n  !  x509write_crt_set_basic_constraints "
+                           "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf);
+            goto exit;
+        }
+
+        mbedtls_printf(" ok\n");
+    }
+
+#if defined(MBEDTLS_SHA1_C)
+    if (opt.version == MBEDTLS_X509_CRT_VERSION_3 &&
+        opt.subject_identifier != 0) {
+        mbedtls_printf("  . Adding the Subject Key Identifier ...");
+        fflush(stdout);
+
+        ret = mbedtls_x509write_crt_set_subject_key_identifier(&crt);
+        if (ret != 0) {
+            mbedtls_strerror(ret, buf, 1024);
+            mbedtls_printf(" failed\n  !  mbedtls_x509write_crt_set_subject"
+                           "_key_identifier returned -0x%04x - %s\n\n",
+                           (unsigned int) -ret, buf);
+            goto exit;
+        }
+
+        mbedtls_printf(" ok\n");
+    }
+
+    if (opt.version == MBEDTLS_X509_CRT_VERSION_3 &&
+        opt.authority_identifier != 0) {
+        mbedtls_printf("  . Adding the Authority Key Identifier ...");
+        fflush(stdout);
+
+        ret = mbedtls_x509write_crt_set_authority_key_identifier(&crt);
+        if (ret != 0) {
+            mbedtls_strerror(ret, buf, 1024);
+            mbedtls_printf(" failed\n  !  mbedtls_x509write_crt_set_authority_"
+                           "key_identifier returned -0x%04x - %s\n\n",
+                           (unsigned int) -ret, buf);
+            goto exit;
+        }
+
+        mbedtls_printf(" ok\n");
+    }
+#endif /* MBEDTLS_SHA1_C */
+
+    if (opt.version == MBEDTLS_X509_CRT_VERSION_3 &&
+        opt.key_usage != 0) {
+        mbedtls_printf("  . Adding the Key Usage extension ...");
+        fflush(stdout);
+
+        ret = mbedtls_x509write_crt_set_key_usage(&crt, opt.key_usage);
+        if (ret != 0) {
+            mbedtls_strerror(ret, buf, 1024);
+            mbedtls_printf(" failed\n  !  mbedtls_x509write_crt_set_key_usage "
+                           "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf);
+            goto exit;
+        }
+
+        mbedtls_printf(" ok\n");
+    }
+
+    if (opt.version == MBEDTLS_X509_CRT_VERSION_3 &&
+        opt.ns_cert_type != 0) {
+        mbedtls_printf("  . Adding the NS Cert Type extension ...");
+        fflush(stdout);
+
+        ret = mbedtls_x509write_crt_set_ns_cert_type(&crt, opt.ns_cert_type);
+        if (ret != 0) {
+            mbedtls_strerror(ret, buf, 1024);
+            mbedtls_printf(" failed\n  !  mbedtls_x509write_crt_set_ns_cert_type "
+                           "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf);
+            goto exit;
+        }
+
+        mbedtls_printf(" ok\n");
+    }
+
+    /*
+     * 1.2. Writing the certificate
+     */
+    mbedtls_printf("  . Writing the certificate...");
+    fflush(stdout);
+
+    if ((ret = write_certificate(&crt, opt.output_file,
+                                 mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+        mbedtls_strerror(ret, buf, 1024);
+        mbedtls_printf(" failed\n  !  write_certificate -0x%04x - %s\n\n",
+                       (unsigned int) -ret, buf);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+#if defined(MBEDTLS_X509_CSR_PARSE_C)
+    mbedtls_x509_csr_free(&csr);
+#endif /* MBEDTLS_X509_CSR_PARSE_C */
+    mbedtls_x509_crt_free(&issuer_crt);
+    mbedtls_x509write_crt_free(&crt);
+    mbedtls_pk_free(&loaded_subject_key);
+    mbedtls_pk_free(&loaded_issuer_key);
+    mbedtls_mpi_free(&serial);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_X509_CRT_WRITE_C && MBEDTLS_X509_CRT_PARSE_C &&
+          MBEDTLS_FS_IO && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
+          MBEDTLS_ERROR_C && MBEDTLS_PEM_WRITE_C */
diff --git a/3rdparty/mbedtls-2.28.7/programs/x509/crl_app.c b/3rdparty/mbedtls-2.28.7/programs/x509/crl_app.c
new file mode 100644
index 0000000..d92f2a5
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/x509/crl_app.c
@@ -0,0 +1,139 @@
+/*
+ *  CRL reading application
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) ||  \
+    !defined(MBEDTLS_X509_CRL_PARSE_C) || !defined(MBEDTLS_FS_IO)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
+                   "MBEDTLS_X509_CRL_PARSE_C and/or MBEDTLS_FS_IO not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include "mbedtls/x509_crl.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define DFL_FILENAME            "crl.pem"
+#define DFL_DEBUG_LEVEL         0
+
+#define USAGE \
+    "\n usage: crl_app param=<>...\n"                   \
+    "\n acceptable parameters:\n"                       \
+    "    filename=%%s         default: crl.pem\n"      \
+    "\n"
+
+
+/*
+ * global options
+ */
+struct options {
+    const char *filename;       /* filename of the certificate file     */
+} opt;
+
+int main(int argc, char *argv[])
+{
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    unsigned char buf[100000];
+    mbedtls_x509_crl crl;
+    int i;
+    char *p, *q;
+
+    /*
+     * Set to sane values
+     */
+    mbedtls_x509_crl_init(&crl);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if (argc < 2) {
+usage:
+        mbedtls_printf(USAGE);
+        goto exit;
+    }
+
+    opt.filename            = DFL_FILENAME;
+
+    for (i = 1; i < argc; i++) {
+        p = argv[i];
+        if ((q = strchr(p, '=')) == NULL) {
+            goto usage;
+        }
+        *q++ = '\0';
+
+        if (strcmp(p, "filename") == 0) {
+            opt.filename = q;
+        } else {
+            goto usage;
+        }
+    }
+
+    /*
+     * 1.1. Load the CRL
+     */
+    mbedtls_printf("\n  . Loading the CRL ...");
+    fflush(stdout);
+
+    ret = mbedtls_x509_crl_parse_file(&crl, opt.filename);
+
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_x509_crl_parse_file returned %d\n\n", ret);
+        mbedtls_x509_crl_free(&crl);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 1.2 Print the CRL
+     */
+    mbedtls_printf("  . CRL information    ...\n");
+    ret = mbedtls_x509_crl_info((char *) buf, sizeof(buf) - 1, "      ", &crl);
+    if (ret == -1) {
+        mbedtls_printf(" failed\n  !  mbedtls_x509_crl_info returned %d\n\n", ret);
+        mbedtls_x509_crl_free(&crl);
+        goto exit;
+    }
+
+    mbedtls_printf("%s\n", buf);
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+    mbedtls_x509_crl_free(&crl);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CRL_PARSE_C &&
+          MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.28.7/programs/x509/load_roots.c b/3rdparty/mbedtls-2.28.7/programs/x509/load_roots.c
new file mode 100644
index 0000000..2588b1b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/x509/load_roots.c
@@ -0,0 +1,169 @@
+/*
+ *  Root CA reading application
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) ||  \
+    !defined(MBEDTLS_TIMING_C)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or "
+                   "MBEDTLS_TIMING_C not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include "mbedtls/error.h"
+#include "mbedtls/timing.h"
+#include "mbedtls/x509_crt.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define DFL_ITERATIONS          1
+#define DFL_PRIME_CACHE         1
+
+#define USAGE \
+    "\n usage: load_roots param=<>... [--] FILE...\n"   \
+    "\n acceptable parameters:\n"                       \
+    "    iterations=%%d        Iteration count (not including cache priming); default: 1\n"  \
+    "    prime=%%d             Prime the disk read cache? Default: 1 (yes)\n"  \
+    "\n"
+
+
+/*
+ * global options
+ */
+struct options {
+    const char **filenames;     /* NULL-terminated list of file names */
+    unsigned iterations;        /* Number of iterations to time */
+    int prime_cache;            /* Prime the disk read cache? */
+} opt;
+
+
+int read_certificates(const char *const *filenames)
+{
+    mbedtls_x509_crt cas;
+    int ret = 0;
+    const char *const *cur;
+
+    mbedtls_x509_crt_init(&cas);
+
+    for (cur = filenames; *cur != NULL; cur++) {
+        ret = mbedtls_x509_crt_parse_file(&cas, *cur);
+        if (ret != 0) {
+#if defined(MBEDTLS_ERROR_C) || defined(MBEDTLS_ERROR_STRERROR_DUMMY)
+            char error_message[200];
+            mbedtls_strerror(ret, error_message, sizeof(error_message));
+            printf("\n%s: -0x%04x (%s)\n",
+                   *cur, (unsigned) -ret, error_message);
+#else
+            printf("\n%s: -0x%04x\n",
+                   *cur, (unsigned) -ret);
+#endif
+            goto exit;
+        }
+    }
+
+exit:
+    mbedtls_x509_crt_free(&cas);
+    return ret == 0;
+}
+
+int main(int argc, char *argv[])
+{
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    unsigned i, j;
+    struct mbedtls_timing_hr_time timer;
+    unsigned long ms;
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if (argc <= 1) {
+        mbedtls_printf(USAGE);
+        goto exit;
+    }
+
+    opt.filenames = NULL;
+    opt.iterations = DFL_ITERATIONS;
+    opt.prime_cache = DFL_PRIME_CACHE;
+
+    for (i = 1; i < (unsigned) argc; i++) {
+        char *p = argv[i];
+        char *q = NULL;
+
+        if (strcmp(p, "--") == 0) {
+            break;
+        }
+        if ((q = strchr(p, '=')) == NULL) {
+            break;
+        }
+        *q++ = '\0';
+
+        for (j = 0; p + j < q; j++) {
+            if (argv[i][j] >= 'A' && argv[i][j] <= 'Z') {
+                argv[i][j] |= 0x20;
+            }
+        }
+
+        if (strcmp(p, "iterations") == 0) {
+            opt.iterations = atoi(q);
+        } else if (strcmp(p, "prime") == 0) {
+            opt.iterations = atoi(q) != 0;
+        } else {
+            mbedtls_printf("Unknown option: %s\n", p);
+            mbedtls_printf(USAGE);
+            goto exit;
+        }
+    }
+
+    opt.filenames = (const char **) argv + i;
+    if (*opt.filenames == 0) {
+        mbedtls_printf("Missing list of certificate files to parse\n");
+        goto exit;
+    }
+
+    mbedtls_printf("Parsing %u certificates", argc - i);
+    if (opt.prime_cache) {
+        if (!read_certificates(opt.filenames)) {
+            goto exit;
+        }
+        mbedtls_printf(" ");
+    }
+
+    (void) mbedtls_timing_get_timer(&timer, 1);
+    for (i = 1; i <= opt.iterations; i++) {
+        if (!read_certificates(opt.filenames)) {
+            goto exit;
+        }
+        mbedtls_printf(".");
+    }
+    ms = mbedtls_timing_get_timer(&timer, 0);
+    mbedtls_printf("\n%u iterations -> %lu ms\n", opt.iterations, ms);
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    mbedtls_exit(exit_code);
+}
+#endif /* necessary configuration */
diff --git a/3rdparty/mbedtls-2.28.7/programs/x509/req_app.c b/3rdparty/mbedtls-2.28.7/programs/x509/req_app.c
new file mode 100644
index 0000000..c17ef75
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/programs/x509/req_app.c
@@ -0,0 +1,139 @@
+/*
+ *  Certificate request reading application
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+
+#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) ||  \
+    !defined(MBEDTLS_X509_CSR_PARSE_C) || !defined(MBEDTLS_FS_IO)
+int main(void)
+{
+    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
+                   "MBEDTLS_X509_CSR_PARSE_C and/or MBEDTLS_FS_IO not defined.\n");
+    mbedtls_exit(0);
+}
+#else
+
+#include "mbedtls/x509_csr.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define DFL_FILENAME            "cert.req"
+#define DFL_DEBUG_LEVEL         0
+
+#define USAGE \
+    "\n usage: req_app param=<>...\n"                   \
+    "\n acceptable parameters:\n"                       \
+    "    filename=%%s         default: cert.req\n"      \
+    "\n"
+
+
+/*
+ * global options
+ */
+struct options {
+    const char *filename;       /* filename of the certificate request  */
+} opt;
+
+int main(int argc, char *argv[])
+{
+    int ret = 1;
+    int exit_code = MBEDTLS_EXIT_FAILURE;
+    unsigned char buf[100000];
+    mbedtls_x509_csr csr;
+    int i;
+    char *p, *q;
+
+    /*
+     * Set to sane values
+     */
+    mbedtls_x509_csr_init(&csr);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                        (int) status);
+        goto exit;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if (argc < 2) {
+usage:
+        mbedtls_printf(USAGE);
+        goto exit;
+    }
+
+    opt.filename            = DFL_FILENAME;
+
+    for (i = 1; i < argc; i++) {
+        p = argv[i];
+        if ((q = strchr(p, '=')) == NULL) {
+            goto usage;
+        }
+        *q++ = '\0';
+
+        if (strcmp(p, "filename") == 0) {
+            opt.filename = q;
+        } else {
+            goto usage;
+        }
+    }
+
+    /*
+     * 1.1. Load the CSR
+     */
+    mbedtls_printf("\n  . Loading the CSR ...");
+    fflush(stdout);
+
+    ret = mbedtls_x509_csr_parse_file(&csr, opt.filename);
+
+    if (ret != 0) {
+        mbedtls_printf(" failed\n  !  mbedtls_x509_csr_parse_file returned %d\n\n", ret);
+        mbedtls_x509_csr_free(&csr);
+        goto exit;
+    }
+
+    mbedtls_printf(" ok\n");
+
+    /*
+     * 1.2 Print the CSR
+     */
+    mbedtls_printf("  . CSR information    ...\n");
+    ret = mbedtls_x509_csr_info((char *) buf, sizeof(buf) - 1, "      ", &csr);
+    if (ret == -1) {
+        mbedtls_printf(" failed\n  !  mbedtls_x509_csr_info returned %d\n\n", ret);
+        mbedtls_x509_csr_free(&csr);
+        goto exit;
+    }
+
+    mbedtls_printf("%s\n", buf);
+
+    exit_code = MBEDTLS_EXIT_SUCCESS;
+
+exit:
+    mbedtls_x509_csr_free(&csr);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_psa_crypto_free();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(_WIN32)
+    mbedtls_printf("  + Press Enter to exit this program.\n");
+    fflush(stdout); getchar();
+#endif
+
+    mbedtls_exit(exit_code);
+}
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CSR_PARSE_C &&
+          MBEDTLS_FS_IO */
diff --git a/3rdparty/mbedtls-2.28.7/scripts/abi_check.py b/3rdparty/mbedtls-2.28.7/scripts/abi_check.py
new file mode 100644
index 0000000..8a604c4
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/abi_check.py
@@ -0,0 +1,658 @@
+#!/usr/bin/env python3
+"""This script compares the interfaces of two versions of Mbed TLS, looking
+for backward incompatibilities between two different Git revisions within
+an Mbed TLS repository. It must be run from the root of a Git working tree.
+
+### How the script works ###
+
+For the source (API) and runtime (ABI) interface compatibility, this script
+is a small wrapper around the abi-compliance-checker and abi-dumper tools,
+applying them to compare the header and library files.
+
+For the storage format, this script compares the automatically generated
+storage tests and the manual read tests, and complains if there is a
+reduction in coverage. A change in test data will be signaled as a
+coverage reduction since the old test data is no longer present. A change in
+how test data is presented will be signaled as well; this would be a false
+positive.
+
+The results of the API/ABI comparison are either formatted as HTML and stored
+at a configurable location, or are given as a brief list of problems.
+Returns 0 on success, 1 on non-compliance, and 2 if there is an error
+while running the script.
+
+### How to interpret non-compliance ###
+
+This script has relatively common false positives. In many scenarios, it only
+reports a pass if there is a strict textual match between the old version and
+the new version, and it reports problems where there is a sufficient semantic
+match but not a textual match. This section lists some common false positives.
+This is not an exhaustive list: in the end what matters is whether we are
+breaking a backward compatibility goal.
+
+**API**: the goal is that if an application works with the old version of the
+library, it can be recompiled against the new version and will still work.
+This is normally validated by comparing the declarations in `include/*/*.h`.
+A failure is a declaration that has disappeared or that now has a different
+type.
+
+  * It's ok to change or remove macros and functions that are documented as
+    for internal use only or as experimental.
+  * It's ok to rename function or macro parameters as long as the semantics
+    has not changed.
+  * It's ok to change or remove structure fields that are documented as
+    private.
+  * It's ok to add fields to a structure that already had private fields
+    or was documented as extensible.
+
+**ABI**: the goal is that if an application was built against the old version
+of the library, the same binary will work when linked against the new version.
+This is normally validated by comparing the symbols exported by `libmbed*.so`.
+A failure is a symbol that is no longer exported by the same library or that
+now has a different type.
+
+  * All ABI changes are acceptable if the library version is bumped
+    (see `scripts/bump_version.sh`).
+  * ABI changes that concern functions which are declared only inside the
+    library directory, and not in `include/*/*.h`, are acceptable only if
+    the function was only ever used inside the same library (libmbedcrypto,
+    libmbedx509, libmbedtls). As a counter example, if the old version
+    of libmbedtls calls mbedtls_foo() from libmbedcrypto, and the new version
+    of libmbedcrypto no longer has a compatible mbedtls_foo(), this does
+    require a version bump for libmbedcrypto.
+
+**Storage format**: the goal is to check that persistent keys stored by the
+old version can be read by the new version. This is normally validated by
+comparing the `*read*` test cases in `test_suite*storage_format*.data`.
+A failure is a storage read test case that is no longer present with the same
+function name and parameter list.
+
+  * It's ok if the same test data is present, but its presentation has changed,
+    for example if a test function is renamed or has different parameters.
+  * It's ok if redundant tests are removed.
+
+**Generated test coverage**: the goal is to check that automatically
+generated tests have as much coverage as before. This is normally validated
+by comparing the test cases that are automatically generated by a script.
+A failure is a generated test case that is no longer present with the same
+function name and parameter list.
+
+  * It's ok if the same test data is present, but its presentation has changed,
+    for example if a test function is renamed or has different parameters.
+  * It's ok if redundant tests are removed.
+
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+import glob
+import os
+import re
+import sys
+import traceback
+import shutil
+import subprocess
+import argparse
+import logging
+import tempfile
+import fnmatch
+from types import SimpleNamespace
+
+import xml.etree.ElementTree as ET
+
+from mbedtls_dev import build_tree
+
+
+class AbiChecker:
+    """API and ABI checker."""
+
+    def __init__(self, old_version, new_version, configuration):
+        """Instantiate the API/ABI checker.
+
+        old_version: RepoVersion containing details to compare against
+        new_version: RepoVersion containing details to check
+        configuration.report_dir: directory for output files
+        configuration.keep_all_reports: if false, delete old reports
+        configuration.brief: if true, output shorter report to stdout
+        configuration.check_abi: if true, compare ABIs
+        configuration.check_api: if true, compare APIs
+        configuration.check_storage: if true, compare storage format tests
+        configuration.skip_file: path to file containing symbols and types to skip
+        """
+        self.repo_path = "."
+        self.log = None
+        self.verbose = configuration.verbose
+        self._setup_logger()
+        self.report_dir = os.path.abspath(configuration.report_dir)
+        self.keep_all_reports = configuration.keep_all_reports
+        self.can_remove_report_dir = not (os.path.exists(self.report_dir) or
+                                          self.keep_all_reports)
+        self.old_version = old_version
+        self.new_version = new_version
+        self.skip_file = configuration.skip_file
+        self.check_abi = configuration.check_abi
+        self.check_api = configuration.check_api
+        if self.check_abi != self.check_api:
+            raise Exception('Checking API without ABI or vice versa is not supported')
+        self.check_storage_tests = configuration.check_storage
+        self.brief = configuration.brief
+        self.git_command = "git"
+        self.make_command = "make"
+
+    def _setup_logger(self):
+        self.log = logging.getLogger()
+        if self.verbose:
+            self.log.setLevel(logging.DEBUG)
+        else:
+            self.log.setLevel(logging.INFO)
+        self.log.addHandler(logging.StreamHandler())
+
+    @staticmethod
+    def check_abi_tools_are_installed():
+        for command in ["abi-dumper", "abi-compliance-checker"]:
+            if not shutil.which(command):
+                raise Exception("{} not installed, aborting".format(command))
+
+    def _get_clean_worktree_for_git_revision(self, version):
+        """Make a separate worktree with version.revision checked out.
+        Do not modify the current worktree."""
+        git_worktree_path = tempfile.mkdtemp()
+        if version.repository:
+            self.log.debug(
+                "Checking out git worktree for revision {} from {}".format(
+                    version.revision, version.repository
+                )
+            )
+            fetch_output = subprocess.check_output(
+                [self.git_command, "fetch",
+                 version.repository, version.revision],
+                cwd=self.repo_path,
+                stderr=subprocess.STDOUT
+            )
+            self.log.debug(fetch_output.decode("utf-8"))
+            worktree_rev = "FETCH_HEAD"
+        else:
+            self.log.debug("Checking out git worktree for revision {}".format(
+                version.revision
+            ))
+            worktree_rev = version.revision
+        worktree_output = subprocess.check_output(
+            [self.git_command, "worktree", "add", "--detach",
+             git_worktree_path, worktree_rev],
+            cwd=self.repo_path,
+            stderr=subprocess.STDOUT
+        )
+        self.log.debug(worktree_output.decode("utf-8"))
+        version.commit = subprocess.check_output(
+            [self.git_command, "rev-parse", "HEAD"],
+            cwd=git_worktree_path,
+            stderr=subprocess.STDOUT
+        ).decode("ascii").rstrip()
+        self.log.debug("Commit is {}".format(version.commit))
+        return git_worktree_path
+
+    def _update_git_submodules(self, git_worktree_path, version):
+        """If the crypto submodule is present, initialize it.
+        if version.crypto_revision exists, update it to that revision,
+        otherwise update it to the default revision"""
+        update_output = subprocess.check_output(
+            [self.git_command, "submodule", "update", "--init", '--recursive'],
+            cwd=git_worktree_path,
+            stderr=subprocess.STDOUT
+        )
+        self.log.debug(update_output.decode("utf-8"))
+        if not (os.path.exists(os.path.join(git_worktree_path, "crypto"))
+                and version.crypto_revision):
+            return
+
+        if version.crypto_repository:
+            fetch_output = subprocess.check_output(
+                [self.git_command, "fetch", version.crypto_repository,
+                 version.crypto_revision],
+                cwd=os.path.join(git_worktree_path, "crypto"),
+                stderr=subprocess.STDOUT
+            )
+            self.log.debug(fetch_output.decode("utf-8"))
+            crypto_rev = "FETCH_HEAD"
+        else:
+            crypto_rev = version.crypto_revision
+
+        checkout_output = subprocess.check_output(
+            [self.git_command, "checkout", crypto_rev],
+            cwd=os.path.join(git_worktree_path, "crypto"),
+            stderr=subprocess.STDOUT
+        )
+        self.log.debug(checkout_output.decode("utf-8"))
+
+    def _build_shared_libraries(self, git_worktree_path, version):
+        """Build the shared libraries in the specified worktree."""
+        my_environment = os.environ.copy()
+        my_environment["CFLAGS"] = "-g -Og"
+        my_environment["SHARED"] = "1"
+        if os.path.exists(os.path.join(git_worktree_path, "crypto")):
+            my_environment["USE_CRYPTO_SUBMODULE"] = "1"
+        make_output = subprocess.check_output(
+            [self.make_command, "lib"],
+            env=my_environment,
+            cwd=git_worktree_path,
+            stderr=subprocess.STDOUT
+        )
+        self.log.debug(make_output.decode("utf-8"))
+        for root, _dirs, files in os.walk(git_worktree_path):
+            for file in fnmatch.filter(files, "*.so"):
+                version.modules[os.path.splitext(file)[0]] = (
+                    os.path.join(root, file)
+                )
+
+    @staticmethod
+    def _pretty_revision(version):
+        if version.revision == version.commit:
+            return version.revision
+        else:
+            return "{} ({})".format(version.revision, version.commit)
+
+    def _get_abi_dumps_from_shared_libraries(self, version):
+        """Generate the ABI dumps for the specified git revision.
+        The shared libraries must have been built and the module paths
+        present in version.modules."""
+        for mbed_module, module_path in version.modules.items():
+            output_path = os.path.join(
+                self.report_dir, "{}-{}-{}.dump".format(
+                    mbed_module, version.revision, version.version
+                )
+            )
+            abi_dump_command = [
+                "abi-dumper",
+                module_path,
+                "-o", output_path,
+                "-lver", self._pretty_revision(version),
+            ]
+            abi_dump_output = subprocess.check_output(
+                abi_dump_command,
+                stderr=subprocess.STDOUT
+            )
+            self.log.debug(abi_dump_output.decode("utf-8"))
+            version.abi_dumps[mbed_module] = output_path
+
+    @staticmethod
+    def _normalize_storage_test_case_data(line):
+        """Eliminate cosmetic or irrelevant details in storage format test cases."""
+        line = re.sub(r'\s+', r'', line)
+        return line
+
+    def _read_storage_tests(self,
+                            directory,
+                            filename,
+                            is_generated,
+                            storage_tests):
+        """Record storage tests from the given file.
+
+        Populate the storage_tests dictionary with test cases read from
+        filename under directory.
+        """
+        at_paragraph_start = True
+        description = None
+        full_path = os.path.join(directory, filename)
+        with open(full_path) as fd:
+            for line_number, line in enumerate(fd, 1):
+                line = line.strip()
+                if not line:
+                    at_paragraph_start = True
+                    continue
+                if line.startswith('#'):
+                    continue
+                if at_paragraph_start:
+                    description = line.strip()
+                    at_paragraph_start = False
+                    continue
+                if line.startswith('depends_on:'):
+                    continue
+                # We've reached a test case data line
+                test_case_data = self._normalize_storage_test_case_data(line)
+                if not is_generated:
+                    # In manual test data, only look at read tests.
+                    function_name = test_case_data.split(':', 1)[0]
+                    if 'read' not in function_name.split('_'):
+                        continue
+                metadata = SimpleNamespace(
+                    filename=filename,
+                    line_number=line_number,
+                    description=description
+                )
+                storage_tests[test_case_data] = metadata
+
+    @staticmethod
+    def _list_generated_test_data_files(git_worktree_path):
+        """List the generated test data files."""
+        output = subprocess.check_output(
+            ['tests/scripts/generate_psa_tests.py', '--list'],
+            cwd=git_worktree_path,
+        ).decode('ascii')
+        return [line for line in output.split('\n') if line]
+
+    def _get_storage_format_tests(self, version, git_worktree_path):
+        """Record the storage format tests for the specified git version.
+
+        The storage format tests are the test suite data files whose name
+        contains "storage_format".
+
+        The version must be checked out at git_worktree_path.
+
+        This function creates or updates the generated data files.
+        """
+        # Existing test data files. This may be missing some automatically
+        # generated files if they haven't been generated yet.
+        storage_data_files = set(glob.glob(
+            'tests/suites/test_suite_*storage_format*.data'
+        ))
+        # Discover and (re)generate automatically generated data files.
+        to_be_generated = set()
+        for filename in self._list_generated_test_data_files(git_worktree_path):
+            if 'storage_format' in filename:
+                storage_data_files.add(filename)
+                to_be_generated.add(filename)
+        subprocess.check_call(
+            ['tests/scripts/generate_psa_tests.py'] + sorted(to_be_generated),
+            cwd=git_worktree_path,
+        )
+        for test_file in sorted(storage_data_files):
+            self._read_storage_tests(git_worktree_path,
+                                     test_file,
+                                     test_file in to_be_generated,
+                                     version.storage_tests)
+
+    def _cleanup_worktree(self, git_worktree_path):
+        """Remove the specified git worktree."""
+        shutil.rmtree(git_worktree_path)
+        worktree_output = subprocess.check_output(
+            [self.git_command, "worktree", "prune"],
+            cwd=self.repo_path,
+            stderr=subprocess.STDOUT
+        )
+        self.log.debug(worktree_output.decode("utf-8"))
+
+    def _get_abi_dump_for_ref(self, version):
+        """Generate the interface information for the specified git revision."""
+        git_worktree_path = self._get_clean_worktree_for_git_revision(version)
+        self._update_git_submodules(git_worktree_path, version)
+        if self.check_abi:
+            self._build_shared_libraries(git_worktree_path, version)
+            self._get_abi_dumps_from_shared_libraries(version)
+        if self.check_storage_tests:
+            self._get_storage_format_tests(version, git_worktree_path)
+        self._cleanup_worktree(git_worktree_path)
+
+    def _remove_children_with_tag(self, parent, tag):
+        children = parent.getchildren()
+        for child in children:
+            if child.tag == tag:
+                parent.remove(child)
+            else:
+                self._remove_children_with_tag(child, tag)
+
+    def _remove_extra_detail_from_report(self, report_root):
+        for tag in ['test_info', 'test_results', 'problem_summary',
+                    'added_symbols', 'affected']:
+            self._remove_children_with_tag(report_root, tag)
+
+        for report in report_root:
+            for problems in report.getchildren()[:]:
+                if not problems.getchildren():
+                    report.remove(problems)
+
+    def _abi_compliance_command(self, mbed_module, output_path):
+        """Build the command to run to analyze the library mbed_module.
+        The report will be placed in output_path."""
+        abi_compliance_command = [
+            "abi-compliance-checker",
+            "-l", mbed_module,
+            "-old", self.old_version.abi_dumps[mbed_module],
+            "-new", self.new_version.abi_dumps[mbed_module],
+            "-strict",
+            "-report-path", output_path,
+        ]
+        if self.skip_file:
+            abi_compliance_command += ["-skip-symbols", self.skip_file,
+                                       "-skip-types", self.skip_file]
+        if self.brief:
+            abi_compliance_command += ["-report-format", "xml",
+                                       "-stdout"]
+        return abi_compliance_command
+
+    def _is_library_compatible(self, mbed_module, compatibility_report):
+        """Test if the library mbed_module has remained compatible.
+        Append a message regarding compatibility to compatibility_report."""
+        output_path = os.path.join(
+            self.report_dir, "{}-{}-{}.html".format(
+                mbed_module, self.old_version.revision,
+                self.new_version.revision
+            )
+        )
+        try:
+            subprocess.check_output(
+                self._abi_compliance_command(mbed_module, output_path),
+                stderr=subprocess.STDOUT
+            )
+        except subprocess.CalledProcessError as err:
+            if err.returncode != 1:
+                raise err
+            if self.brief:
+                self.log.info(
+                    "Compatibility issues found for {}".format(mbed_module)
+                )
+                report_root = ET.fromstring(err.output.decode("utf-8"))
+                self._remove_extra_detail_from_report(report_root)
+                self.log.info(ET.tostring(report_root).decode("utf-8"))
+            else:
+                self.can_remove_report_dir = False
+                compatibility_report.append(
+                    "Compatibility issues found for {}, "
+                    "for details see {}".format(mbed_module, output_path)
+                )
+            return False
+        compatibility_report.append(
+            "No compatibility issues for {}".format(mbed_module)
+        )
+        if not (self.keep_all_reports or self.brief):
+            os.remove(output_path)
+        return True
+
+    @staticmethod
+    def _is_storage_format_compatible(old_tests, new_tests,
+                                      compatibility_report):
+        """Check whether all tests present in old_tests are also in new_tests.
+
+        Append a message regarding compatibility to compatibility_report.
+        """
+        missing = frozenset(old_tests.keys()).difference(new_tests.keys())
+        for test_data in sorted(missing):
+            metadata = old_tests[test_data]
+            compatibility_report.append(
+                'Test case from {} line {} "{}" has disappeared: {}'.format(
+                    metadata.filename, metadata.line_number,
+                    metadata.description, test_data
+                )
+            )
+        compatibility_report.append(
+            'FAIL: {}/{} storage format test cases have changed or disappeared.'.format(
+                len(missing), len(old_tests)
+            ) if missing else
+            'PASS: All {} storage format test cases are preserved.'.format(
+                len(old_tests)
+            )
+        )
+        compatibility_report.append(
+            'Info: number of storage format tests cases: {} -> {}.'.format(
+                len(old_tests), len(new_tests)
+            )
+        )
+        return not missing
+
+    def get_abi_compatibility_report(self):
+        """Generate a report of the differences between the reference ABI
+        and the new ABI. ABI dumps from self.old_version and self.new_version
+        must be available."""
+        compatibility_report = ["Checking evolution from {} to {}".format(
+            self._pretty_revision(self.old_version),
+            self._pretty_revision(self.new_version)
+        )]
+        compliance_return_code = 0
+
+        if self.check_abi:
+            shared_modules = list(set(self.old_version.modules.keys()) &
+                                  set(self.new_version.modules.keys()))
+            for mbed_module in shared_modules:
+                if not self._is_library_compatible(mbed_module,
+                                                   compatibility_report):
+                    compliance_return_code = 1
+
+        if self.check_storage_tests:
+            if not self._is_storage_format_compatible(
+                    self.old_version.storage_tests,
+                    self.new_version.storage_tests,
+                    compatibility_report):
+                compliance_return_code = 1
+
+        for version in [self.old_version, self.new_version]:
+            for mbed_module, mbed_module_dump in version.abi_dumps.items():
+                os.remove(mbed_module_dump)
+        if self.can_remove_report_dir:
+            os.rmdir(self.report_dir)
+        self.log.info("\n".join(compatibility_report))
+        return compliance_return_code
+
+    def check_for_abi_changes(self):
+        """Generate a report of ABI differences
+        between self.old_rev and self.new_rev."""
+        build_tree.check_repo_path()
+        if self.check_api or self.check_abi:
+            self.check_abi_tools_are_installed()
+        self._get_abi_dump_for_ref(self.old_version)
+        self._get_abi_dump_for_ref(self.new_version)
+        return self.get_abi_compatibility_report()
+
+
+def run_main():
+    try:
+        parser = argparse.ArgumentParser(
+            description=__doc__
+        )
+        parser.add_argument(
+            "-v", "--verbose", action="store_true",
+            help="set verbosity level",
+        )
+        parser.add_argument(
+            "-r", "--report-dir", type=str, default="reports",
+            help="directory where reports are stored, default is reports",
+        )
+        parser.add_argument(
+            "-k", "--keep-all-reports", action="store_true",
+            help="keep all reports, even if there are no compatibility issues",
+        )
+        parser.add_argument(
+            "-o", "--old-rev", type=str, help="revision for old version.",
+            required=True,
+        )
+        parser.add_argument(
+            "-or", "--old-repo", type=str, help="repository for old version."
+        )
+        parser.add_argument(
+            "-oc", "--old-crypto-rev", type=str,
+            help="revision for old crypto submodule."
+        )
+        parser.add_argument(
+            "-ocr", "--old-crypto-repo", type=str,
+            help="repository for old crypto submodule."
+        )
+        parser.add_argument(
+            "-n", "--new-rev", type=str, help="revision for new version",
+            required=True,
+        )
+        parser.add_argument(
+            "-nr", "--new-repo", type=str, help="repository for new version."
+        )
+        parser.add_argument(
+            "-nc", "--new-crypto-rev", type=str,
+            help="revision for new crypto version"
+        )
+        parser.add_argument(
+            "-ncr", "--new-crypto-repo", type=str,
+            help="repository for new crypto submodule."
+        )
+        parser.add_argument(
+            "-s", "--skip-file", type=str,
+            help=("path to file containing symbols and types to skip "
+                  "(typically \"-s identifiers\" after running "
+                  "\"tests/scripts/list-identifiers.sh --internal\")")
+        )
+        parser.add_argument(
+            "--check-abi",
+            action='store_true', default=True,
+            help="Perform ABI comparison (default: yes)"
+        )
+        parser.add_argument("--no-check-abi", action='store_false', dest='check_abi')
+        parser.add_argument(
+            "--check-api",
+            action='store_true', default=True,
+            help="Perform API comparison (default: yes)"
+        )
+        parser.add_argument("--no-check-api", action='store_false', dest='check_api')
+        parser.add_argument(
+            "--check-storage",
+            action='store_true', default=True,
+            help="Perform storage tests comparison (default: yes)"
+        )
+        parser.add_argument("--no-check-storage", action='store_false', dest='check_storage')
+        parser.add_argument(
+            "-b", "--brief", action="store_true",
+            help="output only the list of issues to stdout, instead of a full report",
+        )
+        abi_args = parser.parse_args()
+        if os.path.isfile(abi_args.report_dir):
+            print("Error: {} is not a directory".format(abi_args.report_dir))
+            parser.exit()
+        old_version = SimpleNamespace(
+            version="old",
+            repository=abi_args.old_repo,
+            revision=abi_args.old_rev,
+            commit=None,
+            crypto_repository=abi_args.old_crypto_repo,
+            crypto_revision=abi_args.old_crypto_rev,
+            abi_dumps={},
+            storage_tests={},
+            modules={}
+        )
+        new_version = SimpleNamespace(
+            version="new",
+            repository=abi_args.new_repo,
+            revision=abi_args.new_rev,
+            commit=None,
+            crypto_repository=abi_args.new_crypto_repo,
+            crypto_revision=abi_args.new_crypto_rev,
+            abi_dumps={},
+            storage_tests={},
+            modules={}
+        )
+        configuration = SimpleNamespace(
+            verbose=abi_args.verbose,
+            report_dir=abi_args.report_dir,
+            keep_all_reports=abi_args.keep_all_reports,
+            brief=abi_args.brief,
+            check_abi=abi_args.check_abi,
+            check_api=abi_args.check_api,
+            check_storage=abi_args.check_storage,
+            skip_file=abi_args.skip_file
+        )
+        abi_check = AbiChecker(old_version, new_version, configuration)
+        return_code = abi_check.check_for_abi_changes()
+        sys.exit(return_code)
+    except Exception: # pylint: disable=broad-except
+        # Print the backtrace and exit explicitly so as to exit with
+        # status 2, not 1.
+        traceback.print_exc()
+        sys.exit(2)
+
+
+if __name__ == "__main__":
+    run_main()
diff --git a/3rdparty/mbedtls-2.28.7/scripts/apidoc_full.sh b/3rdparty/mbedtls-2.28.7/scripts/apidoc_full.sh
new file mode 100644
index 0000000..8180b0e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/apidoc_full.sh
@@ -0,0 +1,28 @@
+#!/bin/sh
+
+# Generate doxygen documentation with a full config.h (this ensures that every
+# available flag is documented, and avoids warnings about documentation
+# without a corresponding #define).
+#
+# /!\ This must not be a Makefile target, as it would create a race condition
+# when multiple targets are invoked in the same parallel build.
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+set -eu
+
+CONFIG_H='include/mbedtls/config.h'
+
+if [ -r $CONFIG_H ]; then :; else
+    echo "$CONFIG_H not found" >&2
+    exit 1
+fi
+
+CONFIG_BAK=${CONFIG_H}.bak
+cp -p $CONFIG_H $CONFIG_BAK
+
+scripts/config.py realfull
+make apidoc
+
+mv $CONFIG_BAK $CONFIG_H
diff --git a/3rdparty/mbedtls-2.25.0/scripts/assemble_changelog.py b/3rdparty/mbedtls-2.28.7/scripts/assemble_changelog.py
similarity index 84%
rename from 3rdparty/mbedtls-2.25.0/scripts/assemble_changelog.py
rename to 3rdparty/mbedtls-2.28.7/scripts/assemble_changelog.py
index 8f7d1fd..25f9ea8 100644
--- a/3rdparty/mbedtls-2.25.0/scripts/assemble_changelog.py
+++ b/3rdparty/mbedtls-2.28.7/scripts/assemble_changelog.py
@@ -19,19 +19,7 @@
 """
 
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 
 import argparse
 from collections import OrderedDict, namedtuple
@@ -63,17 +51,20 @@ def __init__(self, filename, line):
 # The category names we use in the changelog.
 # If you edit this, update ChangeLog.d/README.md.
 STANDARD_CATEGORIES = (
-    b'API changes',
-    b'Default behavior changes',
-    b'Requirement changes',
-    b'New deprecations',
-    b'Removals',
-    b'Features',
-    b'Security',
-    b'Bugfix',
-    b'Changes',
+    'API changes',
+    'Default behavior changes',
+    'Requirement changes',
+    'New deprecations',
+    'Removals',
+    'Features',
+    'Security',
+    'Bugfix',
+    'Changes',
 )
 
+# The maximum line length for an entry
+MAX_LINE_LENGTH = 80
+
 CategoryContent = namedtuple('CategoryContent', [
     'name', 'title_line', # Title text and line number of the title
     'body', 'body_line', # Body text and starting line number of the body
@@ -119,13 +110,13 @@ def format_category(cls, title, body):
 class TextChangelogFormat(ChangelogFormat):
     """The traditional Mbed TLS changelog format."""
 
-    _unreleased_version_text = b'= mbed TLS x.x.x branch released xxxx-xx-xx'
+    _unreleased_version_text = '= Mbed TLS x.x.x branch released xxxx-xx-xx'
     @classmethod
     def is_released_version(cls, title):
         # Look for an incomplete release date
-        return not re.search(br'[0-9x]{4}-[0-9x]{2}-[0-9x]?x', title)
+        return not re.search(r'[0-9x]{4}-[0-9x]{2}-[0-9x]?x', title)
 
-    _top_version_re = re.compile(br'(?:\A|\n)(=[^\n]*\n+)(.*?\n)(?:=|$)',
+    _top_version_re = re.compile(r'(?:\A|\n)(=[^\n]*\n+)(.*?\n)(?:=|$)',
                                  re.DOTALL)
     @classmethod
     def extract_top_version(cls, changelog_file_content):
@@ -137,17 +128,17 @@ def extract_top_version(cls, changelog_file_content):
         top_version_body = m.group(2)
         if cls.is_released_version(top_version_title):
             top_version_end = top_version_start
-            top_version_title = cls._unreleased_version_text + b'\n\n'
-            top_version_body = b''
+            top_version_title = cls._unreleased_version_text + '\n\n'
+            top_version_body = ''
         return (changelog_file_content[:top_version_start],
                 top_version_title, top_version_body,
                 changelog_file_content[top_version_end:])
 
     @classmethod
     def version_title_text(cls, version_title):
-        return re.sub(br'\n.*', version_title, re.DOTALL)
+        return re.sub(r'\n.*', version_title, re.DOTALL)
 
-    _category_title_re = re.compile(br'(^\w.*)\n+', re.MULTILINE)
+    _category_title_re = re.compile(r'(^\w.*)\n+', re.MULTILINE)
     @classmethod
     def split_categories(cls, version_body):
         """A category title is a line with the title in column 0."""
@@ -160,10 +151,10 @@ def split_categories(cls, version_body):
         title_starts = [m.start(1) for m in title_matches]
         body_starts = [m.end(0) for m in title_matches]
         body_ends = title_starts[1:] + [len(version_body)]
-        bodies = [version_body[body_start:body_end].rstrip(b'\n') + b'\n'
+        bodies = [version_body[body_start:body_end].rstrip('\n') + '\n'
                   for (body_start, body_end) in zip(body_starts, body_ends)]
-        title_lines = [version_body[:pos].count(b'\n') for pos in title_starts]
-        body_lines = [version_body[:pos].count(b'\n') for pos in body_starts]
+        title_lines = [version_body[:pos].count('\n') for pos in title_starts]
+        body_lines = [version_body[:pos].count('\n') for pos in body_starts]
         return [CategoryContent(title_match.group(1), title_line,
                                 body, body_line)
                 for title_match, title_line, body, body_line
@@ -173,9 +164,9 @@ def split_categories(cls, version_body):
     def format_category(cls, title, body):
         # `split_categories` ensures that each body ends with a newline.
         # Make sure that there is additionally a blank line between categories.
-        if not body.endswith(b'\n\n'):
-            body += b'\n'
-        return title + b'\n' + body
+        if not body.endswith('\n\n'):
+            body += '\n'
+        return title + '\n' + body
 
 class ChangeLog:
     """An Mbed TLS changelog.
@@ -196,8 +187,10 @@ class ChangeLog:
     # Only accept dotted version numbers (e.g. "3.1", not "3").
     # Refuse ".x" in a version number where x is a letter: this indicates
     # a version that is not yet released. Something like "3.1a" is accepted.
-    _version_number_re = re.compile(br'[0-9]+\.[0-9A-Za-z.]+')
-    _incomplete_version_number_re = re.compile(br'.*\.[A-Za-z]')
+    _version_number_re = re.compile(r'[0-9]+\.[0-9A-Za-z.]+')
+    _incomplete_version_number_re = re.compile(r'.*\.[A-Za-z]')
+    _only_url_re = re.compile(r'^\s*\w+://\S+\s*$')
+    _has_url_re = re.compile(r'.*://.*')
 
     def add_categories_from_text(self, filename, line_offset,
                                  text, allow_unknown_category):
@@ -213,7 +206,22 @@ def add_categories_from_text(self, filename, line_offset,
                 raise InputFormatError(filename,
                                        line_offset + category.title_line,
                                        'Unknown category: "{}"',
-                                       category.name.decode('utf8'))
+                                       category.name)
+
+            body_split = category.body.splitlines()
+
+            for line_number, line in enumerate(body_split, 1):
+                if not self._only_url_re.match(line) and \
+                   len(line) > MAX_LINE_LENGTH:
+                    long_url_msg = '. URL exceeding length limit must be alone in its line.' \
+                        if self._has_url_re.match(line) else ""
+                    raise InputFormatError(filename,
+                                           category.body_line + line_number,
+                                           'Line is longer than allowed: '
+                                           'Length {} (Max {}){}',
+                                           len(line), MAX_LINE_LENGTH,
+                                           long_url_msg)
+
             self.categories[category.name] += category.body
 
     def __init__(self, input_stream, changelog_format):
@@ -230,8 +238,8 @@ def __init__(self, input_stream, changelog_format):
         # Split the top version section into categories.
         self.categories = OrderedDict()
         for category in STANDARD_CATEGORIES:
-            self.categories[category] = b''
-        offset = (self.header + self.top_version_title).count(b'\n') + 1
+            self.categories[category] = ''
+        offset = (self.header + self.top_version_title).count('\n') + 1
         self.add_categories_from_text(input_stream.name, offset,
                                       top_version_body, True)
 
@@ -244,7 +252,7 @@ def add_file(self, input_stream):
     def write(self, filename):
         """Write the changelog to the specified file.
         """
-        with open(filename, 'wb') as out:
+        with open(filename, 'w', encoding='utf-8') as out:
             out.write(self.header)
             out.write(self.top_version_title)
             for title, body in self.categories.items():
@@ -283,7 +291,7 @@ def creation_hash(filename):
         hashes = subprocess.check_output(['git', 'log', '--format=%H',
                                           '--follow',
                                           '--', filename])
-        m = re.search(b'(.+)$', hashes)
+        m = re.search('(.+)$', hashes.decode('ascii'))
         if not m:
             # The git output is empty. This means that the file was
             # never checked in.
@@ -300,8 +308,8 @@ def list_merges(some_hash, target, *options):
         """
         text = subprocess.check_output(['git', 'rev-list',
                                         '--merges', *options,
-                                        b'..'.join([some_hash, target])])
-        return text.rstrip(b'\n').split(b'\n')
+                                        '..'.join([some_hash, target])])
+        return text.decode('ascii').rstrip('\n').split('\n')
 
     @classmethod
     def merge_hash(cls, some_hash):
@@ -309,7 +317,7 @@ def merge_hash(cls, some_hash):
 
         Return None if the given commit was never merged.
         """
-        target = b'HEAD'
+        target = 'HEAD'
         # List the merges from some_hash to the target in two ways.
         # The ancestry list is the ones that are both descendants of
         # some_hash and ancestors of the target.
@@ -387,14 +395,17 @@ def check_output(generated_output_file, main_input_file, merged_files):
     is also present in an output file. This is not perfect but good enough
     for now.
     """
-    generated_output = set(open(generated_output_file, 'rb'))
-    for line in open(main_input_file, 'rb'):
-        if line not in generated_output:
-            raise LostContent('original file', line)
-    for merged_file in merged_files:
-        for line in open(merged_file, 'rb'):
-            if line not in generated_output:
-                raise LostContent(merged_file, line)
+    with open(generated_output_file, 'r', encoding='utf-8') as out_fd:
+        generated_output = set(out_fd)
+        with open(main_input_file, 'r', encoding='utf-8') as in_fd:
+            for line in in_fd:
+                if line not in generated_output:
+                    raise LostContent('original file', line)
+        for merged_file in merged_files:
+            with open(merged_file, 'r', encoding='utf-8') as in_fd:
+                for line in in_fd:
+                    if line not in generated_output:
+                        raise LostContent(merged_file, line)
 
 def finish_output(changelog, output_file, input_file, merged_files):
     """Write the changelog to the output file.
@@ -435,14 +446,14 @@ def merge_entries(options):
     Write the new changelog to options.output.
     Remove the merged entries if options.keep_entries is false.
     """
-    with open(options.input, 'rb') as input_file:
+    with open(options.input, 'r', encoding='utf-8') as input_file:
         changelog = ChangeLog(input_file, TextChangelogFormat)
     files_to_merge = list_files_to_merge(options)
     if not files_to_merge:
         sys.stderr.write('There are no pending changelog entries.\n')
         return
     for filename in files_to_merge:
-        with open(filename, 'rb') as input_file:
+        with open(filename, 'r', encoding='utf-8') as input_file:
             changelog.add_file(input_file)
     finish_output(changelog, options.output, options.input, files_to_merge)
     if not options.keep_entries:
diff --git a/3rdparty/mbedtls-2.25.0/scripts/bump_version.sh b/3rdparty/mbedtls-2.28.7/scripts/bump_version.sh
similarity index 86%
rename from 3rdparty/mbedtls-2.25.0/scripts/bump_version.sh
rename to 3rdparty/mbedtls-2.28.7/scripts/bump_version.sh
index df629e9..926e497 100644
--- a/3rdparty/mbedtls-2.25.0/scripts/bump_version.sh
+++ b/3rdparty/mbedtls-2.28.7/scripts/bump_version.sh
@@ -1,19 +1,7 @@
 #!/bin/bash
 #
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 #
 # Purpose
 #
@@ -125,7 +113,7 @@ cat include/mbedtls/version.h |                                    \
     sed -e "s/_VERSION_PATCH .\{1,\}/_VERSION_PATCH  $PATCH/" |    \
     sed -e "s/_VERSION_NUMBER .\{1,\}/_VERSION_NUMBER         $VERSION_NR/" |    \
     sed -e "s/_VERSION_STRING .\{1,\}/_VERSION_STRING         \"$VERSION\"/" |    \
-    sed -e "s/_VERSION_STRING_FULL .\{1,\}/_VERSION_STRING_FULL    \"mbed TLS $VERSION\"/" \
+    sed -e "s/_VERSION_STRING_FULL .\{1,\}/_VERSION_STRING_FULL    \"Mbed TLS $VERSION\"/" \
     > tmp
 mv tmp include/mbedtls/version.h
 
@@ -136,7 +124,7 @@ mv tmp tests/suites/test_suite_version.data
 [ $VERBOSE ] && echo "Bumping PROJECT_NAME in doxygen/mbedtls.doxyfile and doxygen/input/doc_mainpage.h"
 for i in doxygen/mbedtls.doxyfile doxygen/input/doc_mainpage.h;
 do
-  sed -e "s/mbed TLS v[0-9\.]\{1,\}/mbed TLS v$VERSION/g" < $i > tmp
+  sed -e "s/\\([Mm]bed TLS v\\)[0-9][0-9.]*/\\1$VERSION/g" < $i > tmp
   mv tmp $i
 done
 
diff --git a/3rdparty/mbedtls-2.28.7/scripts/ci.requirements.txt b/3rdparty/mbedtls-2.28.7/scripts/ci.requirements.txt
new file mode 100644
index 0000000..9b96a8d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/ci.requirements.txt
@@ -0,0 +1,14 @@
+# Python package requirements for Mbed TLS testing.
+
+# Any package used by a script in this repository must be listed here
+# or in one of the included files. Normally there should be a minimum
+# version constraint; the CI will test with the minimum version.
+
+# Use a known version of Pylint, because new versions tend to add warnings
+# that could start rejecting our code.
+# 2.4.4 is the version in Ubuntu 20.04. It supports Python >=3.5.
+pylint == 2.4.4
+
+# Use the earliest version of mypy that works with our code base.
+# See https://github.com/Mbed-TLS/mbedtls/pull/3953 .
+mypy >= 0.780
diff --git a/3rdparty/mbedtls-2.28.7/scripts/code_style.py b/3rdparty/mbedtls-2.28.7/scripts/code_style.py
new file mode 100644
index 0000000..9d36e29
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/code_style.py
@@ -0,0 +1,222 @@
+#!/usr/bin/env python3
+"""Check or fix the code style by running Uncrustify.
+
+This script must be run from the root of a Git work tree containing Mbed TLS.
+"""
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+import argparse
+import os
+import re
+import subprocess
+import sys
+from typing import FrozenSet, List, Optional
+
+UNCRUSTIFY_SUPPORTED_VERSION = "0.75.1"
+CONFIG_FILE = ".uncrustify.cfg"
+UNCRUSTIFY_EXE = "uncrustify"
+UNCRUSTIFY_ARGS = ["-c", CONFIG_FILE]
+CHECK_GENERATED_FILES = "tests/scripts/check-generated-files.sh"
+
+def print_err(*args):
+    print("Error: ", *args, file=sys.stderr)
+
+# Print the file names that will be skipped and the help message
+def print_skip(files_to_skip):
+    print()
+    print(*files_to_skip, sep=", SKIP\n", end=", SKIP\n")
+    print("Warning: The listed files will be skipped because\n"
+          "they are not known to git.")
+    print()
+
+# Match FILENAME(s) in "check SCRIPT (FILENAME...)"
+CHECK_CALL_RE = re.compile(r"\n\s*check\s+[^\s#$&*?;|]+([^\n#$&*?;|]+)",
+                           re.ASCII)
+def list_generated_files() -> FrozenSet[str]:
+    """Return the names of generated files.
+
+    We don't reformat generated files, since the result might be different
+    from the output of the generator. Ideally the result of the generator
+    would conform to the code style, but this would be difficult, especially
+    with respect to the placement of line breaks in long logical lines.
+    """
+    # Parse check-generated-files.sh to get an up-to-date list of
+    # generated files. Read the file rather than calling it so that
+    # this script only depends on Git, Python and uncrustify, and not other
+    # tools such as sh or grep which might not be available on Windows.
+    # This introduces a limitation: check-generated-files.sh must have
+    # the expected format and must list the files explicitly, not through
+    # wildcards or command substitution.
+    content = open(CHECK_GENERATED_FILES, encoding="utf-8").read()
+    checks = re.findall(CHECK_CALL_RE, content)
+    return frozenset(word for s in checks for word in s.split())
+
+def get_src_files(since: Optional[str]) -> List[str]:
+    """
+    Use git to get a list of the source files.
+
+    The optional argument since is a commit, indicating to only list files
+    that have changed since that commit. Without this argument, list all
+    files known to git.
+
+    Only C files are included, and certain files (generated, or 3rdparty)
+    are excluded.
+    """
+    file_patterns = ["*.[hc]",
+                     "tests/suites/*.function",
+                     "scripts/data_files/*.fmt"]
+    output = subprocess.check_output(["git", "ls-files"] + file_patterns,
+                                     universal_newlines=True)
+    src_files = output.split()
+    if since:
+        # get all files changed in commits since the starting point
+        cmd = ["git", "log", since + "..HEAD", "--name-only", "--pretty=", "--"] + src_files
+        output = subprocess.check_output(cmd, universal_newlines=True)
+        committed_changed_files = output.split()
+        # and also get all files with uncommitted changes
+        cmd = ["git", "diff", "--name-only", "--"] + src_files
+        output = subprocess.check_output(cmd, universal_newlines=True)
+        uncommitted_changed_files = output.split()
+        src_files = list(set(committed_changed_files + uncommitted_changed_files))
+
+    generated_files = list_generated_files()
+    # Don't correct style for third-party files (and, for simplicity,
+    # companion files in the same subtree), or for automatically
+    # generated files (we're correcting the templates instead).
+    src_files = [filename for filename in src_files
+                 if not (filename.startswith("3rdparty/") or
+                         filename in generated_files)]
+    return src_files
+
+def get_uncrustify_version() -> str:
+    """
+    Get the version string from Uncrustify
+    """
+    result = subprocess.run([UNCRUSTIFY_EXE, "--version"],
+                            stdout=subprocess.PIPE, stderr=subprocess.PIPE,
+                            check=False)
+    if result.returncode != 0:
+        print_err("Could not get Uncrustify version:", str(result.stderr, "utf-8"))
+        return ""
+    else:
+        return str(result.stdout, "utf-8")
+
+def check_style_is_correct(src_file_list: List[str]) -> bool:
+    """
+    Check the code style and output a diff for each file whose style is
+    incorrect.
+    """
+    style_correct = True
+    for src_file in src_file_list:
+        uncrustify_cmd = [UNCRUSTIFY_EXE] + UNCRUSTIFY_ARGS + [src_file]
+        result = subprocess.run(uncrustify_cmd, stdout=subprocess.PIPE,
+                                stderr=subprocess.PIPE, check=False)
+        if result.returncode != 0:
+            print_err("Uncrustify returned " + str(result.returncode) +
+                      " correcting file " + src_file)
+            return False
+
+        # Uncrustify makes changes to the code and places the result in a new
+        # file with the extension ".uncrustify". To get the changes (if any)
+        # simply diff the 2 files.
+        diff_cmd = ["diff", "-u", src_file, src_file + ".uncrustify"]
+        cp = subprocess.run(diff_cmd, check=False)
+
+        if cp.returncode == 1:
+            print(src_file + " changed - code style is incorrect.")
+            style_correct = False
+        elif cp.returncode != 0:
+            raise subprocess.CalledProcessError(cp.returncode, cp.args,
+                                                cp.stdout, cp.stderr)
+
+        # Tidy up artifact
+        os.remove(src_file + ".uncrustify")
+
+    return style_correct
+
+def fix_style_single_pass(src_file_list: List[str]) -> bool:
+    """
+    Run Uncrustify once over the source files.
+    """
+    code_change_args = UNCRUSTIFY_ARGS + ["--no-backup"]
+    for src_file in src_file_list:
+        uncrustify_cmd = [UNCRUSTIFY_EXE] + code_change_args + [src_file]
+        result = subprocess.run(uncrustify_cmd, check=False)
+        if result.returncode != 0:
+            print_err("Uncrustify with file returned: " +
+                      str(result.returncode) + " correcting file " +
+                      src_file)
+            return False
+    return True
+
+def fix_style(src_file_list: List[str]) -> int:
+    """
+    Fix the code style. This takes 2 passes of Uncrustify.
+    """
+    if not fix_style_single_pass(src_file_list):
+        return 1
+    if not fix_style_single_pass(src_file_list):
+        return 1
+
+    # Guard against future changes that cause the codebase to require
+    # more passes.
+    if not check_style_is_correct(src_file_list):
+        print_err("Code style still incorrect after second run of Uncrustify.")
+        return 1
+    else:
+        return 0
+
+def main() -> int:
+    """
+    Main with command line arguments.
+    """
+    uncrustify_version = get_uncrustify_version().strip()
+    if UNCRUSTIFY_SUPPORTED_VERSION not in uncrustify_version:
+        print("Warning: Using unsupported Uncrustify version '" +
+              uncrustify_version + "'")
+        print("Note: The only supported version is " +
+              UNCRUSTIFY_SUPPORTED_VERSION)
+
+    parser = argparse.ArgumentParser()
+    parser.add_argument('-f', '--fix', action='store_true',
+                        help=('modify source files to fix the code style '
+                              '(default: print diff, do not modify files)'))
+    parser.add_argument('-s', '--since', metavar='COMMIT', const='mbedtls-2.28', nargs='?',
+                        help=('only check files modified since the specified commit'
+                              ' (e.g. --since=HEAD~3 or --since=mbedtls-2.28). If no'
+                              ' commit is specified, default to mbedtls-2.28.'))
+    # --subset is almost useless: it only matters if there are no files
+    # ('code_style.py' without arguments checks all files known to Git,
+    # 'code_style.py --subset' does nothing). In particular,
+    # 'code_style.py --fix --subset ...' is intended as a stable ("porcelain")
+    # way to restyle a possibly empty set of files.
+    parser.add_argument('--subset', action='store_true',
+                        help='only check the specified files (default with non-option arguments)')
+    parser.add_argument('operands', nargs='*', metavar='FILE',
+                        help='files to check (files MUST be known to git, if none: check all)')
+
+    args = parser.parse_args()
+
+    covered = frozenset(get_src_files(args.since))
+    # We only check files that are known to git
+    if args.subset or args.operands:
+        src_files = [f for f in args.operands if f in covered]
+        skip_src_files = [f for f in args.operands if f not in covered]
+        if skip_src_files:
+            print_skip(skip_src_files)
+    else:
+        src_files = list(covered)
+
+    if args.fix:
+        # Fix mode
+        return fix_style(src_files)
+    else:
+        # Check mode
+        if check_style_is_correct(src_files):
+            print("Checked {} files, style ok.".format(len(src_files)))
+            return 0
+        else:
+            return 1
+
+if __name__ == '__main__':
+    sys.exit(main())
diff --git a/3rdparty/mbedtls-2.28.7/scripts/config.pl b/3rdparty/mbedtls-2.28.7/scripts/config.pl
new file mode 100644
index 0000000..ca02b90
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/config.pl
@@ -0,0 +1,14 @@
+#!/usr/bin/env perl
+# Backward compatibility redirection
+
+## Copyright The Mbed TLS Contributors
+## SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+##
+
+my $py = $0;
+$py =~ s/\.pl$/.py/ or die "Unable to determine the name of the Python script";
+exec 'python3', $py, @ARGV;
+print STDERR "$0: python3: $!. Trying python instead.\n";
+exec 'python', $py, @ARGV;
+print STDERR "$0: python: $!\n";
+exit 127;
diff --git a/3rdparty/mbedtls-2.25.0/scripts/config.py b/3rdparty/mbedtls-2.28.7/scripts/config.py
similarity index 90%
rename from 3rdparty/mbedtls-2.25.0/scripts/config.py
rename to 3rdparty/mbedtls-2.28.7/scripts/config.py
index ae0614a..4658931 100644
--- a/3rdparty/mbedtls-2.25.0/scripts/config.py
+++ b/3rdparty/mbedtls-2.28.7/scripts/config.py
@@ -2,25 +2,17 @@
 
 """Mbed TLS configuration file manipulation library and tool
 
-Basic usage, to read the Mbed TLS or Mbed Crypto configuration:
+Basic usage, to read the Mbed TLS configuration:
     config = ConfigFile()
     if 'MBEDTLS_RSA_C' in config: print('RSA is enabled')
 """
 
+# Note that the version of this script in the mbedtls-2.28 branch must remain
+# compatible with Python 3.4.
+
 ## Copyright The Mbed TLS Contributors
-## SPDX-License-Identifier: Apache-2.0
-##
-## Licensed under the Apache License, Version 2.0 (the "License"); you may
-## not use this file except in compliance with the License.
-## You may obtain a copy of the License at
-##
-## http://www.apache.org/licenses/LICENSE-2.0
+## SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 ##
-## Unless required by applicable law or agreed to in writing, software
-## distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-## WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-## See the License for the specific language governing permissions and
-## limitations under the License.
 
 import os
 import re
@@ -152,8 +144,16 @@ def is_full_section(section):
     return section.endswith('support') or section.endswith('modules')
 
 def realfull_adapter(_name, active, section):
-    """Activate all symbols found in the system and feature sections."""
-    if not is_full_section(section):
+    """Activate all symbols found in the global and boolean feature sections.
+
+    This is intended for building the documentation, including the
+    documentation of settings that are activated by defining an optional
+    preprocessor macro.
+
+    Do not activate definitions in the section containing symbols that are
+    supposed to be defined and documented in their own module.
+    """
+    if section == 'Module configuration options':
         return active
     return True
 
@@ -171,6 +171,7 @@ def realfull_adapter(_name, active, section):
     'MBEDTLS_DEPRECATED_REMOVED', # conflicts with deprecated options
     'MBEDTLS_DEPRECATED_WARNING', # conflicts with deprecated options
     'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED', # influences the use of ECDH in TLS
+    'MBEDTLS_ECP_NO_FALLBACK', # removes internal ECP implementation
     'MBEDTLS_ECP_NO_INTERNAL_RNG', # removes a feature
     'MBEDTLS_ECP_RESTARTABLE', # incompatible with USE_PSA_CRYPTO
     'MBEDTLS_ENTROPY_FORCE_SHA256', # interacts with CTR_DRBG_128_BIT_KEY
@@ -185,9 +186,10 @@ def realfull_adapter(_name, active, section):
     'MBEDTLS_PKCS11_C', # build dependency (libpkcs11-helper)
     'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', # removes a feature
     'MBEDTLS_PSA_CRYPTO_CONFIG', # toggles old/new style PSA config
+    'MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG', # behavior change + build dependency
     'MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER', # incompatible with USE_PSA_CRYPTO
     'MBEDTLS_PSA_CRYPTO_SPM', # platform dependency (PSA SPM)
-    'MBEDTLS_PSA_INJECT_ENTROPY', # build dependency (hook functions)
+    'MBEDTLS_PSA_INJECT_ENTROPY', # conflicts with platform entropy sources
     'MBEDTLS_REMOVE_3DES_CIPHERSUITES', # removes a feature
     'MBEDTLS_REMOVE_ARC4_CIPHERSUITES', # removes a feature
     'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS
@@ -212,7 +214,11 @@ def is_seamless_alt(name):
     Exclude alternative implementations of library functions since they require
     an implementation of the relevant functions and an xxx_alt.h header.
     """
-    if name == 'MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT':
+    if name in (
+            'MBEDTLS_PLATFORM_GMTIME_R_ALT',
+            'MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT',
+            'MBEDTLS_PLATFORM_ZEROIZE_ALT',
+    ):
         # Similar to non-platform xxx_ALT, requires platform_alt.h
         return False
     return name.startswith('MBEDTLS_PLATFORM_')
@@ -270,6 +276,24 @@ def baremetal_adapter(name, active, section):
         return True
     return include_in_full(name) and keep_in_baremetal(name)
 
+# This set contains options that are mostly for debugging or test purposes,
+# and therefore should be excluded when doing code size measurements.
+# Options that are their own module (such as MBEDTLS_CERTS_C and
+# MBEDTLS_ERROR_C) are not listed and therefore will be included when doing
+# code size measurements.
+EXCLUDE_FOR_SIZE = frozenset([
+    'MBEDTLS_CHECK_PARAMS', # increases the size of many modules
+    'MBEDTLS_CHECK_PARAMS_ASSERT', # no effect without MBEDTLS_CHECK_PARAMS
+    'MBEDTLS_DEBUG_C', # large code size increase in TLS
+    'MBEDTLS_SELF_TEST', # increases the size of many modules
+    'MBEDTLS_TEST_HOOKS', # only useful with the hosted test framework, increases code size
+])
+
+def baremetal_size_adapter(name, active, section):
+    if name in EXCLUDE_FOR_SIZE:
+        return False
+    return baremetal_adapter(name, active, section)
+
 def include_in_crypto(name):
     """Rules for symbols in a crypto configuration."""
     if name.startswith('MBEDTLS_X509_') or \
@@ -400,7 +424,7 @@ def _format_template(self, name, indent, middle):
         value = setting.value
         if value is None:
             value = ''
-        # Normally the whitespace to separte the symbol name from the
+        # Normally the whitespace to separate the symbol name from the
         # value is part of middle, and there's no whitespace for a symbol
         # with no value. But if a symbol has been changed from having a
         # value to not having one, the whitespace is wrong, so fix it.
@@ -437,7 +461,7 @@ def write(self, filename=None):
     def main():
         """Command line config.h manipulation tool."""
         parser = argparse.ArgumentParser(description="""
-        Mbed TLS and Mbed Crypto configuration file manipulation tool.
+        Mbed TLS configuration file manipulation tool.
         """)
         parser.add_argument('--file', '-f',
                             help="""File to read (and modify if requested).
@@ -481,6 +505,9 @@ def add_adapter(name, function, description):
         add_adapter('baremetal', baremetal_adapter,
                     """Like full, but exclude features that require platform
                     features such as file input-output.""")
+        add_adapter('baremetal_size', baremetal_size_adapter,
+                    """Like baremetal, but exclude debugging features.
+                    Useful for code size measurements.""")
         add_adapter('full', full_adapter,
                     """Uncomment most features.
                     Exclude alternative implementations and platform support
diff --git a/3rdparty/mbedtls-2.28.7/scripts/data_files/error.fmt b/3rdparty/mbedtls-2.28.7/scripts/data_files/error.fmt
new file mode 100644
index 0000000..781e72a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/data_files/error.fmt
@@ -0,0 +1,159 @@
+/*
+ *  Error message information
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#include "mbedtls/error.h"
+
+#if defined(MBEDTLS_ERROR_C) || defined(MBEDTLS_ERROR_STRERROR_DUMMY)
+
+#if defined(MBEDTLS_ERROR_C)
+
+#include "mbedtls/platform.h"
+
+#include <stdio.h>
+#include <string.h>
+
+HEADER_INCLUDED
+
+const char *mbedtls_high_level_strerr(int error_code)
+{
+    int high_level_error_code;
+
+    if (error_code < 0) {
+        error_code = -error_code;
+    }
+
+    /* Extract the high-level part from the error code. */
+    high_level_error_code = error_code & 0xFF80;
+
+    switch (high_level_error_code) {
+    /* Begin Auto-Generated Code. */
+    HIGH_LEVEL_CODE_CHECKS
+        /* End Auto-Generated Code. */
+
+        default:
+            break;
+    }
+
+    return NULL;
+}
+
+const char *mbedtls_low_level_strerr(int error_code)
+{
+    int low_level_error_code;
+
+    if (error_code < 0) {
+        error_code = -error_code;
+    }
+
+    /* Extract the low-level part from the error code. */
+    low_level_error_code = error_code & ~0xFF80;
+
+    switch (low_level_error_code) {
+    /* Begin Auto-Generated Code. */
+    LOW_LEVEL_CODE_CHECKS
+        /* End Auto-Generated Code. */
+
+        default:
+            break;
+    }
+
+    return NULL;
+}
+
+void mbedtls_strerror(int ret, char *buf, size_t buflen)
+{
+    size_t len;
+    int use_ret;
+    const char *high_level_error_description = NULL;
+    const char *low_level_error_description = NULL;
+
+    if (buflen == 0) {
+        return;
+    }
+
+    memset(buf, 0x00, buflen);
+
+    if (ret < 0) {
+        ret = -ret;
+    }
+
+    if (ret & 0xFF80) {
+        use_ret = ret & 0xFF80;
+
+        // Translate high level error code.
+        high_level_error_description = mbedtls_high_level_strerr(ret);
+
+        if (high_level_error_description == NULL) {
+            mbedtls_snprintf(buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret);
+        } else {
+            mbedtls_snprintf(buf, buflen, "%s", high_level_error_description);
+        }
+
+#if defined(MBEDTLS_SSL_TLS_C)
+        // Early return in case of a fatal error - do not try to translate low
+        // level code.
+        if (use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE)) {
+            return;
+        }
+#endif /* MBEDTLS_SSL_TLS_C */
+    }
+
+    use_ret = ret & ~0xFF80;
+
+    if (use_ret == 0) {
+        return;
+    }
+
+    // If high level code is present, make a concatenation between both
+    // error strings.
+    //
+    len = strlen(buf);
+
+    if (len > 0) {
+        if (buflen - len < 5) {
+            return;
+        }
+
+        mbedtls_snprintf(buf + len, buflen - len, " : ");
+
+        buf += len + 3;
+        buflen -= len + 3;
+    }
+
+    // Translate low level error code.
+    low_level_error_description = mbedtls_low_level_strerr(ret);
+
+    if (low_level_error_description == NULL) {
+        mbedtls_snprintf(buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret);
+    } else {
+        mbedtls_snprintf(buf, buflen, "%s", low_level_error_description);
+    }
+}
+
+#else /* MBEDTLS_ERROR_C */
+
+/*
+ * Provide a dummy implementation when MBEDTLS_ERROR_C is not defined
+ */
+void mbedtls_strerror(int ret, char *buf, size_t buflen)
+{
+    ((void) ret);
+
+    if (buflen > 0) {
+        buf[0] = '\0';
+    }
+}
+
+#endif /* MBEDTLS_ERROR_C */
+
+#if defined(MBEDTLS_TEST_HOOKS)
+void (*mbedtls_test_hook_error_add)(int, int, const char *, int);
+#endif
+
+#endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */
diff --git a/3rdparty/mbedtls-2.25.0/scripts/data_files/query_config.fmt b/3rdparty/mbedtls-2.28.7/scripts/data_files/query_config.fmt
similarity index 78%
rename from 3rdparty/mbedtls-2.25.0/scripts/data_files/query_config.fmt
rename to 3rdparty/mbedtls-2.28.7/scripts/data_files/query_config.fmt
index be1faef..82db635 100644
--- a/3rdparty/mbedtls-2.25.0/scripts/data_files/query_config.fmt
+++ b/3rdparty/mbedtls-2.28.7/scripts/data_files/query_config.fmt
@@ -2,19 +2,7 @@
  *  Query Mbed TLS compile time configurations from config.h
  *
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #if !defined(MBEDTLS_CONFIG_FILE)
@@ -23,12 +11,9 @@
 #include MBEDTLS_CONFIG_FILE
 #endif
 
-#if defined(MBEDTLS_PLATFORM_C)
+#include "query_config.h"
+
 #include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
 
 /*
  * Include all the headers with public APIs in case they define a macro to its
@@ -79,7 +64,9 @@
 #include "mbedtls/pkcs11.h"
 #include "mbedtls/pkcs12.h"
 #include "mbedtls/pkcs5.h"
+#if defined(MBEDTLS_HAVE_TIME)
 #include "mbedtls/platform_time.h"
+#endif
 #include "mbedtls/platform_util.h"
 #include "mbedtls/poly1305.h"
 #include "mbedtls/ripemd160.h"
@@ -111,7 +98,12 @@
  */
 #define MACRO_EXPANSION_TO_STR(macro)   MACRO_NAME_TO_STR(macro)
 #define MACRO_NAME_TO_STR(macro)                                        \
-    mbedtls_printf( "%s", strlen( #macro "" ) > 0 ? #macro "\n" : "" )
+    mbedtls_printf("%s", strlen( #macro "") > 0 ? #macro "\n" : "")
+
+#define STRINGIFY(macro)  #macro
+#define OUTPUT_MACRO_NAME_VALUE(macro) mbedtls_printf( #macro "%s\n",   \
+                                                       (STRINGIFY(macro) "")[0] != 0 ? "=" STRINGIFY( \
+                                                           macro) : "")
 
 #if defined(_MSC_VER)
 /*
@@ -126,12 +118,16 @@
 #pragma warning(disable:4003)
 #endif /* _MSC_VER */
 
-int query_config( const char *config )
+int query_config(const char *config)
 {
-CHECK_CONFIG    /* If the symbol is not found, return an error */
-    return( 1 );
+    CHECK_CONFIG /* If the symbol is not found, return an error */
+    return 1;
 }
 
+void list_config(void)
+{
+    LIST_CONFIG
+}
 #if defined(_MSC_VER)
 #pragma warning(pop)
 #endif /* _MSC_VER */
diff --git a/3rdparty/mbedtls-2.25.0/scripts/data_files/rename-1.3-2.0.txt b/3rdparty/mbedtls-2.28.7/scripts/data_files/rename-1.3-2.0.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/scripts/data_files/rename-1.3-2.0.txt
rename to 3rdparty/mbedtls-2.28.7/scripts/data_files/rename-1.3-2.0.txt
diff --git a/3rdparty/mbedtls-2.28.7/scripts/data_files/version_features.fmt b/3rdparty/mbedtls-2.28.7/scripts/data_files/version_features.fmt
new file mode 100644
index 0000000..517e816
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/data_files/version_features.fmt
@@ -0,0 +1,44 @@
+/*
+ *  Version feature information
+ *
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_VERSION_C)
+
+#include "mbedtls/version.h"
+
+#include <string.h>
+
+static const char * const features[] = {
+#if defined(MBEDTLS_VERSION_FEATURES)
+    FEATURE_DEFINES
+#endif /* MBEDTLS_VERSION_FEATURES */
+    NULL
+};
+
+int mbedtls_version_check_feature(const char *feature)
+{
+    const char * const *idx = features;
+
+    if (*idx == NULL) {
+        return -2;
+    }
+
+    if (feature == NULL) {
+        return -1;
+    }
+
+    while (*idx != NULL) {
+        if (!strcmp(*idx, feature)) {
+            return 0;
+        }
+        idx++;
+    }
+    return -1;
+}
+
+#endif /* MBEDTLS_VERSION_C */
diff --git a/3rdparty/mbedtls-2.25.0/scripts/data_files/vs2010-app-template.vcxproj b/3rdparty/mbedtls-2.28.7/scripts/data_files/vs2010-app-template.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/scripts/data_files/vs2010-app-template.vcxproj
rename to 3rdparty/mbedtls-2.28.7/scripts/data_files/vs2010-app-template.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/scripts/data_files/vs2010-main-template.vcxproj b/3rdparty/mbedtls-2.28.7/scripts/data_files/vs2010-main-template.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/scripts/data_files/vs2010-main-template.vcxproj
rename to 3rdparty/mbedtls-2.28.7/scripts/data_files/vs2010-main-template.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/scripts/data_files/vs2010-sln-template.sln b/3rdparty/mbedtls-2.28.7/scripts/data_files/vs2010-sln-template.sln
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/scripts/data_files/vs2010-sln-template.sln
rename to 3rdparty/mbedtls-2.28.7/scripts/data_files/vs2010-sln-template.sln
diff --git a/3rdparty/mbedtls-2.25.0/scripts/data_files/vs6-app-template.dsp b/3rdparty/mbedtls-2.28.7/scripts/data_files/vs6-app-template.dsp
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/scripts/data_files/vs6-app-template.dsp
rename to 3rdparty/mbedtls-2.28.7/scripts/data_files/vs6-app-template.dsp
diff --git a/3rdparty/mbedtls-2.25.0/scripts/data_files/vs6-main-template.dsp b/3rdparty/mbedtls-2.28.7/scripts/data_files/vs6-main-template.dsp
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/scripts/data_files/vs6-main-template.dsp
rename to 3rdparty/mbedtls-2.28.7/scripts/data_files/vs6-main-template.dsp
diff --git a/3rdparty/mbedtls-2.25.0/scripts/data_files/vs6-workspace-template.dsw b/3rdparty/mbedtls-2.28.7/scripts/data_files/vs6-workspace-template.dsw
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/scripts/data_files/vs6-workspace-template.dsw
rename to 3rdparty/mbedtls-2.28.7/scripts/data_files/vs6-workspace-template.dsw
diff --git a/3rdparty/mbedtls-2.28.7/scripts/ecc-heap.sh b/3rdparty/mbedtls-2.28.7/scripts/ecc-heap.sh
new file mode 100644
index 0000000..6caaea6
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/ecc-heap.sh
@@ -0,0 +1,90 @@
+#!/bin/sh
+
+# Measure heap usage (and performance) of ECC operations with various values of
+# the relevant tunable compile-time parameters.
+#
+# Usage (preferably on a 32-bit platform):
+# cmake -D CMAKE_BUILD_TYPE=Release .
+# scripts/ecc-heap.sh | tee ecc-heap.log
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+set -eu
+
+CONFIG_H='include/mbedtls/config.h'
+
+if [ -r $CONFIG_H ]; then :; else
+    echo "$CONFIG_H not found" >&2
+    exit 1
+fi
+
+if grep -i cmake Makefile >/dev/null; then :; else
+    echo "Needs Cmake" >&2
+    exit 1
+fi
+
+if git status | grep -F $CONFIG_H >/dev/null 2>&1; then
+    echo "config.h not clean" >&2
+    exit 1
+fi
+
+CONFIG_BAK=${CONFIG_H}.bak
+cp $CONFIG_H $CONFIG_BAK
+
+cat << EOF >$CONFIG_H
+#define MBEDTLS_PLATFORM_C
+#define MBEDTLS_PLATFORM_MEMORY
+#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
+#define MBEDTLS_MEMORY_DEBUG
+
+#define MBEDTLS_TIMING_C
+
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_ECP_C
+#define MBEDTLS_ECP_NO_INTERNAL_RNG
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+#define MBEDTLS_ECDSA_C
+#define MBEDTLS_SHA256_C // ECDSA benchmark needs it
+#define MBEDTLS_SHA224_C // SHA256 requires this for now
+#define MBEDTLS_ECDH_C
+
+// NIST curves >= 256 bits
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
+// SECP "koblitz-like" curve >= 256 bits
+#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
+// Brainpool curves (no specialised "mod p" routine)
+#define MBEDTLS_ECP_DP_BP256R1_ENABLED
+#define MBEDTLS_ECP_DP_BP384R1_ENABLED
+#define MBEDTLS_ECP_DP_BP512R1_ENABLED
+// Montgomery curves
+#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
+#define MBEDTLS_ECP_DP_CURVE448_ENABLED
+
+#include "check_config.h"
+
+#define MBEDTLS_HAVE_ASM // just make things a bit faster
+#define MBEDTLS_ECP_NIST_OPTIM // faster and less allocations
+
+//#define MBEDTLS_ECP_WINDOW_SIZE            4
+//#define MBEDTLS_ECP_FIXED_POINT_OPTIM      1
+EOF
+
+for F in 0 1; do
+    for W in 2 3 4; do
+        scripts/config.py set MBEDTLS_ECP_WINDOW_SIZE $W
+        scripts/config.py set MBEDTLS_ECP_FIXED_POINT_OPTIM $F
+        make benchmark >/dev/null 2>&1
+        echo "fixed point optim = $F, max window size = $W"
+        echo "--------------------------------------------"
+        programs/test/benchmark ecdh ecdsa
+    done
+done
+
+# cleanup
+
+mv $CONFIG_BAK $CONFIG_H
+make clean
diff --git a/3rdparty/mbedtls-2.25.0/scripts/find-mem-leak.cocci b/3rdparty/mbedtls-2.28.7/scripts/find-mem-leak.cocci
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/scripts/find-mem-leak.cocci
rename to 3rdparty/mbedtls-2.28.7/scripts/find-mem-leak.cocci
diff --git a/3rdparty/mbedtls-2.25.0/scripts/footprint.sh b/3rdparty/mbedtls-2.28.7/scripts/footprint.sh
similarity index 80%
rename from 3rdparty/mbedtls-2.25.0/scripts/footprint.sh
rename to 3rdparty/mbedtls-2.28.7/scripts/footprint.sh
index 4d7be7a..323c456 100644
--- a/3rdparty/mbedtls-2.25.0/scripts/footprint.sh
+++ b/3rdparty/mbedtls-2.28.7/scripts/footprint.sh
@@ -1,23 +1,11 @@
 #!/bin/sh
 #
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 #
 # Purpose
 #
-# This script determines ROM size (or code size) for the standard mbed TLS
+# This script determines ROM size (or code size) for the standard Mbed TLS
 # configurations, when built for a Cortex M3/M4 target.
 #
 # Configurations included:
@@ -108,7 +96,7 @@ else
 fi
 
 log ""
-log "mbed TLS $MBEDTLS_VERSION$GIT_VERSION"
+log "Mbed TLS $MBEDTLS_VERSION$GIT_VERSION"
 log "$( arm-none-eabi-gcc --version | head -n1 )"
 log "CFLAGS=$ARMGCC_FLAGS"
 
diff --git a/3rdparty/mbedtls-2.28.7/scripts/generate_errors.pl b/3rdparty/mbedtls-2.28.7/scripts/generate_errors.pl
new file mode 100644
index 0000000..bb5cb9f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/generate_errors.pl
@@ -0,0 +1,239 @@
+#!/usr/bin/env perl
+
+# Generate error.c
+#
+# Usage: ./generate_errors.pl or scripts/generate_errors.pl without arguments,
+# or generate_errors.pl include_dir data_dir error_file
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+use strict;
+use warnings;
+
+my ($include_dir, $data_dir, $error_file);
+
+if( @ARGV ) {
+    die "Invalid number of arguments" if scalar @ARGV != 3;
+    ($include_dir, $data_dir, $error_file) = @ARGV;
+
+    -d $include_dir or die "No such directory: $include_dir\n";
+    -d $data_dir or die "No such directory: $data_dir\n";
+} else {
+    $include_dir = 'include/mbedtls';
+    $data_dir = 'scripts/data_files';
+    $error_file = 'library/error.c';
+
+    unless( -d $include_dir && -d $data_dir ) {
+        chdir '..' or die;
+        -d $include_dir && -d $data_dir
+            or die "Without arguments, must be run from root or scripts\n"
+    }
+}
+
+my $error_format_file = $data_dir.'/error.fmt';
+
+my @low_level_modules = qw( AES ARC4 ARIA ASN1 BASE64 BIGNUM BLOWFISH
+                            CAMELLIA CCM CHACHA20 CHACHAPOLY CMAC CTR_DRBG DES
+                            ENTROPY ERROR GCM HKDF HMAC_DRBG MD2 MD4 MD5
+                            NET OID PADLOCK PBKDF2 PLATFORM POLY1305 RIPEMD160
+                            SHA1 SHA256 SHA512 THREADING XTEA );
+my @high_level_modules = qw( CIPHER DHM ECP MD
+                             PEM PK PKCS12 PKCS5
+                             RSA SSL X509 );
+
+undef $/;
+
+open(FORMAT_FILE, "$error_format_file") or die "Opening error format file '$error_format_file': $!";
+my $error_format = <FORMAT_FILE>;
+close(FORMAT_FILE);
+
+my @files = glob qq("$include_dir/*.h");
+my @necessary_include_files;
+my @matches;
+foreach my $file (@files) {
+    open(FILE, '<:crlf', $file) or die("$0: $file: $!");
+    my $content = <FILE>;
+    close FILE;
+    my $found = 0;
+    while ($content =~ m[
+            # Both the before-comment and the after-comment are optional.
+            # Only the comment content is a regex capture group. The comment
+            # start and end parts are outside the capture group.
+            (?:/\*[*!](?!<)             # Doxygen before-comment start
+                ((?:[^*]|\*+[^*/])*)    # $1: Comment content (no */ inside)
+                \*/)?                   # Comment end
+            \s*\#\s*define\s+(MBEDTLS_ERR_\w+)  # $2: name
+            \s+\-(0[Xx][0-9A-Fa-f]+)\s*         # $3: value (without the sign)
+            (?:/\*[*!]<                 # Doxygen after-comment start
+                ((?:[^*]|\*+[^*/])*)    # $4: Comment content (no */ inside)
+                \*/)?                   # Comment end
+    ]gsx) {
+        my ($before, $name, $value, $after) = ($1, $2, $3, $4);
+        # Discard Doxygen comments that are coincidentally present before
+        # an error definition but not attached to it. This is ad hoc, based
+        # on what actually matters (or mattered at some point).
+        undef $before if defined($before) && $before =~ /\s*\\name\s/s;
+        die "Description neither before nor after $name in $file\n"
+          if !defined($before) && !defined($after);
+        die "Description both before and after $name in $file\n"
+          if defined($before) && defined($after);
+        my $description = (defined($before) ? $before : $after);
+        $description =~ s/^\s+//;
+        $description =~ s/\n( *\*)? */ /g;
+        $description =~ s/\.?\s+$//;
+        push @matches, [$name, $value, $description];
+        ++$found;
+    }
+    if ($found) {
+        my $include_name = $file;
+        $include_name =~ s!.*/!!;
+        push @necessary_include_files, $include_name;
+    }
+}
+
+my $ll_old_define = "";
+my $hl_old_define = "";
+
+my $ll_code_check = "";
+my $hl_code_check = "";
+
+my $headers = "";
+my %included_headers;
+
+my %error_codes_seen;
+
+foreach my $match (@matches)
+{
+    my ($error_name, $error_code, $description) = @$match;
+
+    die "Duplicated error code: $error_code ($error_name)\n"
+        if( $error_codes_seen{$error_code}++ );
+
+    $description =~ s/\\/\\\\/g;
+
+    my ($module_name) = $error_name =~ /^MBEDTLS_ERR_([^_]+)/;
+
+    # Fix faulty ones
+    $module_name = "BIGNUM" if ($module_name eq "MPI");
+    $module_name = "CTR_DRBG" if ($module_name eq "CTR");
+    $module_name = "HMAC_DRBG" if ($module_name eq "HMAC");
+
+    my $define_name = $module_name;
+    $define_name = "X509_USE,X509_CREATE" if ($define_name eq "X509");
+    $define_name = "ASN1_PARSE" if ($define_name eq "ASN1");
+    $define_name = "SSL_TLS" if ($define_name eq "SSL");
+    $define_name = "PEM_PARSE,PEM_WRITE" if ($define_name eq "PEM");
+
+    my $include_name = $module_name;
+    $include_name =~ tr/A-Z/a-z/;
+
+    # Fix faulty ones
+    $include_name = "net_sockets" if ($module_name eq "NET");
+
+    $included_headers{"${include_name}.h"} = $module_name;
+
+    my $found_ll = grep $_ eq $module_name, @low_level_modules;
+    my $found_hl = grep $_ eq $module_name, @high_level_modules;
+    if (!$found_ll && !$found_hl)
+    {
+        printf("Error: Do not know how to handle: $module_name\n");
+        exit 1;
+    }
+
+    my $code_check;
+    my $old_define;
+    my $white_space;
+    my $first;
+
+    if ($found_ll)
+    {
+        $code_check = \$ll_code_check;
+        $old_define = \$ll_old_define;
+        $white_space = '        ';
+    }
+    else
+    {
+        $code_check = \$hl_code_check;
+        $old_define = \$hl_old_define;
+        $white_space = '        ';
+    }
+
+    if ($define_name ne ${$old_define})
+    {
+        if (${$old_define} ne "")
+        {
+            ${$code_check} .= "#endif /* ";
+            $first = 0;
+            foreach my $dep (split(/,/, ${$old_define}))
+            {
+                ${$code_check} .= " || " if ($first++);
+                ${$code_check} .= "MBEDTLS_${dep}_C";
+            }
+            ${$code_check} .= " */\n\n";
+        }
+
+        ${$code_check} .= "#if ";
+        $headers .= "#if " if ($include_name ne "");
+        $first = 0;
+        foreach my $dep (split(/,/, ${define_name}))
+        {
+            ${$code_check} .= " || " if ($first);
+            $headers       .= " || " if ($first++);
+
+            ${$code_check} .= "defined(MBEDTLS_${dep}_C)";
+            $headers       .= "defined(MBEDTLS_${dep}_C)" if
+                                                    ($include_name ne "");
+        }
+        ${$code_check} .= "\n";
+        $headers .= "\n#include \"mbedtls/${include_name}.h\"\n".
+                    "#endif\n\n" if ($include_name ne "");
+        ${$old_define} = $define_name;
+    }
+
+    ${$code_check} .= "${white_space}case -($error_name):\n".
+                      "${white_space}    return( \"$module_name - $description\" );\n"
+};
+
+if ($ll_old_define ne "")
+{
+    $ll_code_check .= "#endif /* ";
+    my $first = 0;
+    foreach my $dep (split(/,/, $ll_old_define))
+    {
+        $ll_code_check .= " || " if ($first++);
+        $ll_code_check .= "MBEDTLS_${dep}_C";
+    }
+    $ll_code_check .= " */\n";
+}
+if ($hl_old_define ne "")
+{
+    $hl_code_check .= "#endif /* ";
+    my $first = 0;
+    foreach my $dep (split(/,/, $hl_old_define))
+    {
+        $hl_code_check .= " || " if ($first++);
+        $hl_code_check .= "MBEDTLS_${dep}_C";
+    }
+    $hl_code_check .= " */\n";
+}
+
+$error_format =~ s/HEADER_INCLUDED\n/$headers/g;
+$error_format =~ s/LOW_LEVEL_CODE_CHECKS\n/$ll_code_check/g;
+$error_format =~ s/HIGH_LEVEL_CODE_CHECKS\n/$hl_code_check/g;
+
+open(ERROR_FILE, ">$error_file") or die "Opening destination file '$error_file': $!";
+print ERROR_FILE $error_format;
+close(ERROR_FILE);
+
+my $errors = 0;
+for my $include_name (@necessary_include_files)
+{
+    if (not $included_headers{$include_name})
+    {
+        print STDERR "The header file \"$include_name\" defines error codes but has not been included!\n";
+        ++$errors;
+    }
+}
+
+exit !!$errors;
diff --git a/3rdparty/mbedtls-2.28.7/scripts/generate_features.pl b/3rdparty/mbedtls-2.28.7/scripts/generate_features.pl
new file mode 100644
index 0000000..78bf3ac
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/generate_features.pl
@@ -0,0 +1,76 @@
+#!/usr/bin/env perl
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+use strict;
+
+my ($include_dir, $data_dir, $feature_file);
+
+if( @ARGV ) {
+    die "Invalid number of arguments" if scalar @ARGV != 3;
+    ($include_dir, $data_dir, $feature_file) = @ARGV;
+
+    -d $include_dir or die "No such directory: $include_dir\n";
+    -d $data_dir or die "No such directory: $data_dir\n";
+} else {
+    $include_dir = 'include/mbedtls';
+    $data_dir = 'scripts/data_files';
+    $feature_file = 'library/version_features.c';
+
+    unless( -d $include_dir && -d $data_dir ) {
+        chdir '..' or die;
+        -d $include_dir && -d $data_dir
+            or die "Without arguments, must be run from root or scripts\n"
+    }
+}
+
+my $feature_format_file = $data_dir.'/version_features.fmt';
+
+my @sections = ( "System support", "Mbed TLS modules",
+                 "Mbed TLS feature support" );
+
+my $line_separator = $/;
+undef $/;
+
+open(FORMAT_FILE, "$feature_format_file") or die "Opening feature format file '$feature_format_file': $!";
+my $feature_format = <FORMAT_FILE>;
+close(FORMAT_FILE);
+
+$/ = $line_separator;
+
+open(CONFIG_H, "$include_dir/config.h") || die("Failure when opening config.h: $!");
+
+my $feature_defines = "";
+my $in_section = 0;
+
+while (my $line = <CONFIG_H>)
+{
+    next if ($in_section && $line !~ /#define/ && $line !~ /SECTION/);
+    next if (!$in_section && $line !~ /SECTION/);
+
+    if ($in_section) {
+        if ($line =~ /SECTION/) {
+            $in_section = 0;
+            next;
+        }
+
+        my ($define) = $line =~ /#define (\w+)/;
+        $feature_defines .= "#if defined(${define})\n";
+        $feature_defines .= "    \"${define}\",\n";
+        $feature_defines .= "#endif /* ${define} */\n";
+    }
+
+    if (!$in_section) {
+        my ($section_name) = $line =~ /SECTION: ([\w ]+)/;
+        my $found_section = grep $_ eq $section_name, @sections;
+
+        $in_section = 1 if ($found_section);
+    }
+};
+
+$feature_format =~ s/FEATURE_DEFINES\n/$feature_defines/g;
+
+open(ERROR_FILE, ">$feature_file") or die "Opening destination file '$feature_file': $!";
+print ERROR_FILE $feature_format;
+close(ERROR_FILE);
diff --git a/3rdparty/mbedtls-2.28.7/scripts/generate_psa_constants.py b/3rdparty/mbedtls-2.28.7/scripts/generate_psa_constants.py
new file mode 100644
index 0000000..515a04d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/generate_psa_constants.py
@@ -0,0 +1,332 @@
+#!/usr/bin/env python3
+
+"""Generate psa_constant_names_generated.c
+which is included by programs/psa/psa_constant_names.c.
+The code generated by this module is only meant to be used in the context
+of that program.
+
+An argument passed to this script will modify the output directory where the
+file is written:
+* by default (no arguments passed): writes to programs/psa/
+* OUTPUT_FILE_DIR passed: writes to OUTPUT_FILE_DIR/
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+import os
+import sys
+
+from mbedtls_dev import macro_collector
+
+OUTPUT_TEMPLATE = '''\
+/* Automatically generated by generate_psa_constant.py. DO NOT EDIT. */
+
+static const char *psa_strerror(psa_status_t status)
+{
+    switch (status) {
+    %(status_cases)s
+    default: return NULL;
+    }
+}
+
+static const char *psa_ecc_family_name(psa_ecc_family_t curve)
+{
+    switch (curve) {
+    %(ecc_curve_cases)s
+    default: return NULL;
+    }
+}
+
+static const char *psa_dh_family_name(psa_dh_family_t group)
+{
+    switch (group) {
+    %(dh_group_cases)s
+    default: return NULL;
+    }
+}
+
+static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg)
+{
+    switch (hash_alg) {
+    %(hash_algorithm_cases)s
+    default: return NULL;
+    }
+}
+
+static const char *psa_ka_algorithm_name(psa_algorithm_t ka_alg)
+{
+    switch (ka_alg) {
+    %(ka_algorithm_cases)s
+    default: return NULL;
+    }
+}
+
+static int psa_snprint_key_type(char *buffer, size_t buffer_size,
+                                psa_key_type_t type)
+{
+    size_t required_size = 0;
+    switch (type) {
+    %(key_type_cases)s
+    default:
+        %(key_type_code)s{
+            return snprintf(buffer, buffer_size,
+                            "0x%%04x", (unsigned) type);
+        }
+        break;
+    }
+    buffer[0] = 0;
+    return (int) required_size;
+}
+
+#define NO_LENGTH_MODIFIER 0xfffffffflu
+static int psa_snprint_algorithm(char *buffer, size_t buffer_size,
+                                 psa_algorithm_t alg)
+{
+    size_t required_size = 0;
+    psa_algorithm_t core_alg = alg;
+    unsigned long length_modifier = NO_LENGTH_MODIFIER;
+    if (PSA_ALG_IS_MAC(alg)) {
+        core_alg = PSA_ALG_TRUNCATED_MAC(alg, 0);
+        if (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) {
+            append(&buffer, buffer_size, &required_size,
+                   "PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(", 33);
+            length_modifier = PSA_MAC_TRUNCATED_LENGTH(alg);
+        } else if (core_alg != alg) {
+            append(&buffer, buffer_size, &required_size,
+                   "PSA_ALG_TRUNCATED_MAC(", 22);
+            length_modifier = PSA_MAC_TRUNCATED_LENGTH(alg);
+        }
+    } else if (PSA_ALG_IS_AEAD(alg)) {
+        core_alg = PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg);
+        if (core_alg == 0) {
+            /* For unknown AEAD algorithms, there is no "default tag length". */
+            core_alg = alg;
+        } else if (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) {
+            append(&buffer, buffer_size, &required_size,
+                   "PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(", 43);
+            length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg);
+        } else if (core_alg != alg) {
+            append(&buffer, buffer_size, &required_size,
+                   "PSA_ALG_AEAD_WITH_SHORTENED_TAG(", 32);
+            length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg);
+        }
+    } else if (PSA_ALG_IS_KEY_AGREEMENT(alg) &&
+               !PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) {
+        core_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF(alg);
+        append(&buffer, buffer_size, &required_size,
+               "PSA_ALG_KEY_AGREEMENT(", 22);
+        append_with_alg(&buffer, buffer_size, &required_size,
+                        psa_ka_algorithm_name,
+                        PSA_ALG_KEY_AGREEMENT_GET_BASE(alg));
+        append(&buffer, buffer_size, &required_size, ", ", 2);
+    }
+    switch (core_alg) {
+    %(algorithm_cases)s
+    default:
+        %(algorithm_code)s{
+            append_integer(&buffer, buffer_size, &required_size,
+                           "0x%%08lx", (unsigned long) core_alg);
+        }
+        break;
+    }
+    if (core_alg != alg) {
+        if (length_modifier != NO_LENGTH_MODIFIER) {
+            append(&buffer, buffer_size, &required_size, ", ", 2);
+            append_integer(&buffer, buffer_size, &required_size,
+                           "%%lu", length_modifier);
+        }
+        append(&buffer, buffer_size, &required_size, ")", 1);
+    }
+    buffer[0] = 0;
+    return (int) required_size;
+}
+
+static int psa_snprint_key_usage(char *buffer, size_t buffer_size,
+                                 psa_key_usage_t usage)
+{
+    size_t required_size = 0;
+    if (usage == 0) {
+        if (buffer_size > 1) {
+            buffer[0] = '0';
+            buffer[1] = 0;
+        } else if (buffer_size == 1) {
+            buffer[0] = 0;
+        }
+        return 1;
+    }
+%(key_usage_code)s
+    if (usage != 0) {
+        if (required_size != 0) {
+            append(&buffer, buffer_size, &required_size, " | ", 3);
+        }
+        append_integer(&buffer, buffer_size, &required_size,
+                       "0x%%08lx", (unsigned long) usage);
+    } else {
+        buffer[0] = 0;
+    }
+    return (int) required_size;
+}
+
+/* End of automatically generated file. */
+'''
+
+KEY_TYPE_FROM_CURVE_TEMPLATE = '''if (%(tester)s(type)) {
+            append_with_curve(&buffer, buffer_size, &required_size,
+                              "%(builder)s", %(builder_length)s,
+                              PSA_KEY_TYPE_ECC_GET_FAMILY(type));
+        } else '''
+
+KEY_TYPE_FROM_GROUP_TEMPLATE = '''if (%(tester)s(type)) {
+            append_with_group(&buffer, buffer_size, &required_size,
+                              "%(builder)s", %(builder_length)s,
+                              PSA_KEY_TYPE_DH_GET_FAMILY(type));
+        } else '''
+
+ALGORITHM_FROM_HASH_TEMPLATE = '''if (%(tester)s(core_alg)) {
+            append(&buffer, buffer_size, &required_size,
+                   "%(builder)s(", %(builder_length)s + 1);
+            append_with_alg(&buffer, buffer_size, &required_size,
+                            psa_hash_algorithm_name,
+                            PSA_ALG_GET_HASH(core_alg));
+            append(&buffer, buffer_size, &required_size, ")", 1);
+        } else '''
+
+BIT_TEST_TEMPLATE = '''\
+    if (%(var)s & %(flag)s) {
+        if (required_size != 0) {
+            append(&buffer, buffer_size, &required_size, " | ", 3);
+        }
+        append(&buffer, buffer_size, &required_size, "%(flag)s", %(length)d);
+        %(var)s ^= %(flag)s;
+    }\
+'''
+
+class CaseBuilder(macro_collector.PSAMacroCollector):
+    """Collect PSA crypto macro definitions and write value recognition functions.
+
+    1. Call `read_file` on the input header file(s).
+    2. Call `write_file` to write ``psa_constant_names_generated.c``.
+    """
+
+    def __init__(self):
+        super().__init__(include_intermediate=True)
+
+    @staticmethod
+    def _make_return_case(name):
+        return 'case %(name)s: return "%(name)s";' % {'name': name}
+
+    @staticmethod
+    def _make_append_case(name):
+        template = ('case %(name)s: '
+                    'append(&buffer, buffer_size, &required_size, "%(name)s", %(length)d); '
+                    'break;')
+        return template % {'name': name, 'length': len(name)}
+
+    @staticmethod
+    def _make_bit_test(var, flag):
+        return BIT_TEST_TEMPLATE % {'var': var,
+                                    'flag': flag,
+                                    'length': len(flag)}
+
+    def _make_status_cases(self):
+        return '\n    '.join(map(self._make_return_case,
+                                 sorted(self.statuses)))
+
+    def _make_ecc_curve_cases(self):
+        return '\n    '.join(map(self._make_return_case,
+                                 sorted(self.ecc_curves)))
+
+    def _make_dh_group_cases(self):
+        return '\n    '.join(map(self._make_return_case,
+                                 sorted(self.dh_groups)))
+
+    def _make_key_type_cases(self):
+        return '\n    '.join(map(self._make_append_case,
+                                 sorted(self.key_types)))
+
+    @staticmethod
+    def _make_key_type_from_curve_code(builder, tester):
+        return KEY_TYPE_FROM_CURVE_TEMPLATE % {'builder': builder,
+                                               'builder_length': len(builder),
+                                               'tester': tester}
+
+    @staticmethod
+    def _make_key_type_from_group_code(builder, tester):
+        return KEY_TYPE_FROM_GROUP_TEMPLATE % {'builder': builder,
+                                               'builder_length': len(builder),
+                                               'tester': tester}
+
+    def _make_ecc_key_type_code(self):
+        d = self.key_types_from_curve
+        make = self._make_key_type_from_curve_code
+        return ''.join([make(k, d[k]) for k in sorted(d.keys())])
+
+    def _make_dh_key_type_code(self):
+        d = self.key_types_from_group
+        make = self._make_key_type_from_group_code
+        return ''.join([make(k, d[k]) for k in sorted(d.keys())])
+
+    def _make_hash_algorithm_cases(self):
+        return '\n    '.join(map(self._make_return_case,
+                                 sorted(self.hash_algorithms)))
+
+    def _make_ka_algorithm_cases(self):
+        return '\n    '.join(map(self._make_return_case,
+                                 sorted(self.ka_algorithms)))
+
+    def _make_algorithm_cases(self):
+        return '\n    '.join(map(self._make_append_case,
+                                 sorted(self.algorithms)))
+
+    @staticmethod
+    def _make_algorithm_from_hash_code(builder, tester):
+        return ALGORITHM_FROM_HASH_TEMPLATE % {'builder': builder,
+                                               'builder_length': len(builder),
+                                               'tester': tester}
+
+    def _make_algorithm_code(self):
+        d = self.algorithms_from_hash
+        make = self._make_algorithm_from_hash_code
+        return ''.join([make(k, d[k]) for k in sorted(d.keys())])
+
+    def _make_key_usage_code(self):
+        return '\n'.join([self._make_bit_test('usage', bit)
+                          for bit in sorted(self.key_usage_flags)])
+
+    def write_file(self, output_file):
+        """Generate the pretty-printer function code from the gathered
+        constant definitions.
+        """
+        data = {}
+        data['status_cases'] = self._make_status_cases()
+        data['ecc_curve_cases'] = self._make_ecc_curve_cases()
+        data['dh_group_cases'] = self._make_dh_group_cases()
+        data['key_type_cases'] = self._make_key_type_cases()
+        data['key_type_code'] = (self._make_ecc_key_type_code() +
+                                 self._make_dh_key_type_code())
+        data['hash_algorithm_cases'] = self._make_hash_algorithm_cases()
+        data['ka_algorithm_cases'] = self._make_ka_algorithm_cases()
+        data['algorithm_cases'] = self._make_algorithm_cases()
+        data['algorithm_code'] = self._make_algorithm_code()
+        data['key_usage_code'] = self._make_key_usage_code()
+        output_file.write(OUTPUT_TEMPLATE % data)
+
+def generate_psa_constants(header_file_names, output_file_name):
+    collector = CaseBuilder()
+    for header_file_name in header_file_names:
+        with open(header_file_name, 'rb') as header_file:
+            collector.read_file(header_file)
+    temp_file_name = output_file_name + '.tmp'
+    with open(temp_file_name, 'w') as output_file:
+        collector.write_file(output_file)
+    os.replace(temp_file_name, output_file_name)
+
+if __name__ == '__main__':
+    if not os.path.isdir('programs') and os.path.isdir('../programs'):
+        os.chdir('..')
+    # Allow to change the directory where psa_constant_names_generated.c is written to.
+    OUTPUT_FILE_DIR = sys.argv[1] if len(sys.argv) == 2 else "programs/psa"
+    generate_psa_constants(['include/psa/crypto_values.h',
+                            'include/psa/crypto_extra.h'],
+                           OUTPUT_FILE_DIR + '/psa_constant_names_generated.c')
diff --git a/3rdparty/mbedtls-2.25.0/scripts/generate_query_config.pl b/3rdparty/mbedtls-2.28.7/scripts/generate_query_config.pl
similarity index 83%
rename from 3rdparty/mbedtls-2.25.0/scripts/generate_query_config.pl
rename to 3rdparty/mbedtls-2.28.7/scripts/generate_query_config.pl
index 3cef101..76049b9 100644
--- a/3rdparty/mbedtls-2.25.0/scripts/generate_query_config.pl
+++ b/3rdparty/mbedtls-2.28.7/scripts/generate_query_config.pl
@@ -17,19 +17,7 @@
 # Usage: ./scripts/generate_query_config.pl without arguments
 #
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 
 use strict;
 
@@ -53,6 +41,7 @@
 # This variable will contain the string to replace in the CHECK_CONFIG of the
 # format file
 my $config_check = "";
+my $list_config = "";
 
 while (my $line = <CONFIG_FILE>) {
     if ($line =~ /^(\/\/)?\s*#\s*define\s+(MBEDTLS_\w+).*/) {
@@ -72,6 +61,11 @@
         $config_check .= "    }\n";
         $config_check .= "#endif /* $name */\n";
         $config_check .= "\n";
+
+        $list_config .= "#if defined($name)\n";
+        $list_config .= "    OUTPUT_MACRO_NAME_VALUE($name);\n";
+        $list_config .= "#endif /* $name */\n";
+        $list_config .= "\n";
     }
 }
 
@@ -83,6 +77,7 @@
 
 # Replace the body of the query_config() function with the code we just wrote
 $query_config_format =~ s/CHECK_CONFIG/$config_check/g;
+$query_config_format =~ s/LIST_CONFIG/$list_config/g;
 
 # Rewrite the query_config.c file
 open(QUERY_CONFIG_FILE, ">$query_config_file") or die "Opening destination file '$query_config_file': $!";
diff --git a/3rdparty/mbedtls-2.25.0/scripts/generate_visualc_files.pl b/3rdparty/mbedtls-2.28.7/scripts/generate_visualc_files.pl
similarity index 93%
rename from 3rdparty/mbedtls-2.25.0/scripts/generate_visualc_files.pl
rename to 3rdparty/mbedtls-2.28.7/scripts/generate_visualc_files.pl
index 6c2b5e4..ab2c93d 100644
--- a/3rdparty/mbedtls-2.25.0/scripts/generate_visualc_files.pl
+++ b/3rdparty/mbedtls-2.28.7/scripts/generate_visualc_files.pl
@@ -7,19 +7,7 @@
 # Takes no argument.
 #
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 
 use warnings;
 use strict;
@@ -40,6 +28,7 @@
 my $test_source_dir = 'tests/src';
 my $test_header_dir = 'tests/include/test';
 my $test_drivers_header_dir = 'tests/include/test/drivers';
+my $test_drivers_source_dir = 'tests/src/drivers';
 
 my @thirdparty_header_dirs = qw(
     3rdparty/everest/include/everest
@@ -116,6 +105,7 @@ sub check_dirs {
         && -d $psa_header_dir
         && -d $source_dir
         && -d $test_source_dir
+        && -d $test_drivers_source_dir
         && -d $test_header_dir
         && -d $test_drivers_header_dir
         && -d $programs_dir;
@@ -161,6 +151,9 @@ sub gen_app {
         $appname eq "query_compile_time_config" ) {
         $srcs .= "\r\n    <ClCompile Include=\"..\\..\\programs\\test\\query_config.c\" \/>";
     }
+    if( $appname eq "ssl_client2" or $appname eq "ssl_server2" ) {
+        $srcs .= "\r\n    <ClCompile Include=\"..\\..\\programs\\ssl\\ssl_test_lib.c\" \/>";
+    }
 
     my $content = $template;
     $content =~ s/<SOURCES>/$srcs/g;
@@ -272,6 +265,7 @@ sub main {
     my @source_dirs = (
                        $source_dir,
                        $test_source_dir,
+                       $test_drivers_source_dir,
                        @thirdparty_source_dirs,
                       );
     my @sources = (map { <$_/*.c> } @source_dirs);
diff --git a/3rdparty/mbedtls-2.28.7/scripts/lcov.sh b/3rdparty/mbedtls-2.28.7/scripts/lcov.sh
new file mode 100644
index 0000000..7d23636
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/lcov.sh
@@ -0,0 +1,69 @@
+#!/bin/sh
+
+help () {
+    cat <<EOF
+Usage: $0 [-r]
+Collect coverage statistics of library code into an HTML report.
+
+General instructions:
+1. Build the library with CFLAGS="--coverage -O0 -g3" and link the test
+   programs with LDFLAGS="--coverage".
+   This can be an out-of-tree build.
+   For example (in-tree):
+        make CFLAGS="--coverage -O0 -g3" LDFLAGS="--coverage"
+   Or (out-of-tree):
+        mkdir build-coverage && cd build-coverage &&
+        cmake -D CMAKE_BUILD_TYPE=Coverage .. && make
+2. Run whatever tests you want.
+3. Run this script from the parent of the directory containing the library
+   object files and coverage statistics files.
+4. Browse the coverage report in Coverage/index.html.
+5. After rework, run "$0 -r", then re-test and run "$0" to get a fresh report.
+
+Options
+  -r    Reset traces. Run this before re-testing to get fresh measurements.
+EOF
+}
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+set -eu
+
+# Collect stats and build a HTML report.
+lcov_library_report () {
+    rm -rf Coverage
+    mkdir Coverage Coverage/tmp
+    lcov --capture --initial --directory library -o Coverage/tmp/files.info
+    lcov --rc lcov_branch_coverage=1 --capture --directory library -o Coverage/tmp/tests.info
+    lcov --rc lcov_branch_coverage=1 --add-tracefile Coverage/tmp/files.info --add-tracefile Coverage/tmp/tests.info -o Coverage/tmp/all.info
+    lcov --rc lcov_branch_coverage=1 --remove Coverage/tmp/all.info -o Coverage/tmp/final.info '*.h'
+    gendesc tests/Descriptions.txt -o Coverage/tmp/descriptions
+    genhtml --title "Mbed TLS" --description-file Coverage/tmp/descriptions --keep-descriptions --legend --branch-coverage -o Coverage Coverage/tmp/final.info
+    rm -f Coverage/tmp/*.info Coverage/tmp/descriptions
+    echo "Coverage report in: Coverage/index.html"
+}
+
+# Reset the traces to 0.
+lcov_reset_traces () {
+    # Location with plain make
+    rm -f library/*.gcda
+    # Location with CMake
+    rm -f library/CMakeFiles/*.dir/*.gcda
+}
+
+if [ $# -gt 0 ] && [ "$1" = "--help" ]; then
+    help
+    exit
+fi
+
+main=lcov_library_report
+while getopts r OPTLET; do
+    case $OPTLET in
+        r) main=lcov_reset_traces;;
+        *) help 2>&1; exit 120;;
+    esac
+done
+shift $((OPTIND - 1))
+
+"$main" "$@"
diff --git a/3rdparty/mbedtls-2.28.7/scripts/maintainer.requirements.txt b/3rdparty/mbedtls-2.28.7/scripts/maintainer.requirements.txt
new file mode 100644
index 0000000..8734140
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/maintainer.requirements.txt
@@ -0,0 +1,11 @@
+# Python packages that are not used by any script in this repository,
+# but are likely to be useful to Mbed TLS maintainers.
+
+-r ci.requirements.txt
+
+# For source code analyses
+clang
+
+# For building some test vectors
+pycryptodomex
+pycryptodome-test-vectors
diff --git a/3rdparty/mbedtls-2.28.7/scripts/massif_max.pl b/3rdparty/mbedtls-2.28.7/scripts/massif_max.pl
new file mode 100644
index 0000000..52ca606
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/massif_max.pl
@@ -0,0 +1,36 @@
+#!/usr/bin/env perl
+
+# Parse a massif.out.xxx file and output peak total memory usage
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+use warnings;
+use strict;
+
+use utf8;
+use open qw(:std utf8);
+
+die unless @ARGV == 1;
+
+my @snaps;
+open my $fh, '<', $ARGV[0] or die;
+{ local $/ = 'snapshot='; @snaps = <$fh>; }
+close $fh or die;
+
+my ($max, $max_heap, $max_he, $max_stack) = (0, 0, 0, 0);
+for (@snaps)
+{
+    my ($heap, $heap_extra, $stack) = m{
+        mem_heap_B=(\d+)\n
+        mem_heap_extra_B=(\d+)\n
+        mem_stacks_B=(\d+)
+    }xm;
+    next unless defined $heap;
+    my $total = $heap + $heap_extra + $stack;
+    if( $total > $max ) {
+        ($max, $max_heap, $max_he, $max_stack) = ($total, $heap, $heap_extra, $stack);
+    }
+}
+
+printf "$max (heap $max_heap+$max_he, stack $max_stack)\n";
diff --git a/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/__init__.py b/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/__init__.py
new file mode 100644
index 0000000..15b0d60
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/__init__.py
@@ -0,0 +1,3 @@
+# This file needs to exist to make mbedtls_dev a package.
+# Among other things, this allows modules in this directory to make
+# relative imports.
diff --git a/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/asymmetric_key_data.py b/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/asymmetric_key_data.py
new file mode 100644
index 0000000..ef3e3a0
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/asymmetric_key_data.py
@@ -0,0 +1,155 @@
+"""Sample key material for asymmetric key types.
+
+Meant for use in crypto_knowledge.py.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+#
+
+import binascii
+import re
+from typing import Dict
+
+STR_TRANS_REMOVE_BLANKS = str.maketrans('', '', ' \t\n\r')
+
+def unhexlify(text: str) -> bytes:
+    return binascii.unhexlify(text.translate(STR_TRANS_REMOVE_BLANKS))
+
+def construct_asymmetric_key_data(src) -> Dict[str, Dict[int, bytes]]:
+    """Split key pairs into separate table entries and convert hex to bytes.
+
+    Input format: src[abbreviated_type][size] = (private_key_hex, public_key_hex)
+    Output format: dst['PSA_KEY_TYPE_xxx'][size] = key_bytes
+    """
+    dst = {} #type: Dict[str, Dict[int, bytes]]
+    for typ in src:
+        private = 'PSA_KEY_TYPE_' + re.sub(r'(\(|\Z)', r'_KEY_PAIR\1', typ, 1)
+        public = 'PSA_KEY_TYPE_' + re.sub(r'(\(|\Z)', r'_PUBLIC_KEY\1', typ, 1)
+        dst[private] = {}
+        dst[public] = {}
+        for size in src[typ]:
+            dst[private][size] = unhexlify(src[typ][size][0])
+            dst[public][size] = unhexlify(src[typ][size][1])
+    return dst
+
+## These are valid keys that don't try to exercise any edge cases. They're
+## either test vectors from some specification, or randomly generated. All
+## pairs consist of a private key and its public key.
+#pylint: disable=line-too-long
+ASYMMETRIC_KEY_DATA = construct_asymmetric_key_data({
+    'ECC(PSA_ECC_FAMILY_SECP_K1)': {
+        192: ("297ac1722ccac7589ecb240dc719842538ca974beb79f228",
+              "0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"),
+        224: ("0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8",
+              "042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"),
+        256: ("7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9",
+              "045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"),
+    },
+    'ECC(PSA_ECC_FAMILY_SECP_R1)': {
+        225: ("872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995",
+              "046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"),
+        256: ("49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee",
+              "047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"),
+        384: ("3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a",
+              "04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"),
+        521: ("01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae",
+              "04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"),
+    },
+    'ECC(PSA_ECC_FAMILY_SECP_R2)': {
+        160: ("00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e",
+              "049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"),
+    },
+    'ECC(PSA_ECC_FAMILY_SECT_K1)': {
+        163: ("03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71",
+              "0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"),
+        233: ("41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8",
+              "0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"),
+        239: ("1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61",
+              "04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"),
+        283: ("006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0",
+              "0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"),
+        409: ("3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8",
+              "04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"),
+        571: ("005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51",
+              "04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"),
+    },
+    'ECC(PSA_ECC_FAMILY_SECT_R1)': {
+        163: ("009b05dc82d46d64a04a22e6e5ca70ca1231e68c50",
+              "0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"),
+        233: ("00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f",
+              "0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"),
+        283: ("004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad",
+              "04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"),
+        409: ("00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64",
+              "0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"),
+        571: ("026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1",
+              "040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"),
+    },
+    'ECC(PSA_ECC_FAMILY_SECT_R2)': {
+        163: ("0210b482a458b4822d0cb21daa96819a67c8062d34",
+              "0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"),
+    },
+    'ECC(PSA_ECC_FAMILY_BRAINPOOL_P_R1)': {
+        160: ("69502c4fdaf48d4fa617bdd24498b0406d0eeaac",
+              "04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"),
+        192: ("1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f",
+              "043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"),
+        224: ("a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c",
+              "045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"),
+        256: ("2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff",
+              "04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"),
+        320: ("61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead",
+              "049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"),
+        384: ("3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb",
+              "04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"),
+        512: ("372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2",
+              "0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"),
+    },
+    'ECC(PSA_ECC_FAMILY_MONTGOMERY)': {
+        255: ("70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a",
+              "8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a"),
+        448: ("e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1",
+              "c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e"),
+    },
+    'ECC(PSA_ECC_FAMILY_TWISTED_EDWARDS)': {
+        255: ("9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60",
+              "d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a"),
+        448: ("6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b",
+              "5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180"),
+    },
+    'RSA': {
+        1024: ("""
+3082025e
+ 020100
+ 02818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3
+ 0203010001
+ 02818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1
+ 024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113
+ 024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091
+ 024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d
+ 024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1
+ 024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24
+""", """
+ 308189
+  02818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3
+ 0203010001
+"""),
+        1536: ("""
+3082037b
+ 020100
+ 0281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc35
+ 0203010001
+ 0281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1
+ 026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9
+ 026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd
+ 026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b1
+ 0260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751
+ 026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf
+""", """
+3081c9
+ 0281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc35
+ 0203010001
+"""),
+    },
+})
diff --git a/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/build_tree.py b/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/build_tree.py
new file mode 100644
index 0000000..97551dd
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/build_tree.py
@@ -0,0 +1,56 @@
+"""Mbed TLS build tree information and manipulation.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+#
+
+import os
+import inspect
+
+
+def looks_like_mbedtls_root(path: str) -> bool:
+    """Whether the given directory looks like the root of the Mbed TLS source tree."""
+    return all(os.path.isdir(os.path.join(path, subdir))
+               for subdir in ['include', 'library', 'programs', 'tests'])
+
+def check_repo_path():
+    """
+    Check that the current working directory is the project root, and throw
+    an exception if not.
+    """
+    if not all(os.path.isdir(d) for d in ["include", "library", "tests"]):
+        raise Exception("This script must be run from Mbed TLS root")
+
+def chdir_to_root() -> None:
+    """Detect the root of the Mbed TLS source tree and change to it.
+
+    The current directory must be up to two levels deep inside an Mbed TLS
+    source tree.
+    """
+    for d in [os.path.curdir,
+              os.path.pardir,
+              os.path.join(os.path.pardir, os.path.pardir)]:
+        if looks_like_mbedtls_root(d):
+            os.chdir(d)
+            return
+    raise Exception('Mbed TLS source tree not found')
+
+
+def guess_mbedtls_root():
+    """Guess mbedTLS source code directory.
+
+    Return the first possible mbedTLS root directory
+    """
+    dirs = set({})
+    for frame in inspect.stack():
+        path = os.path.dirname(frame.filename)
+        for d in ['.', os.path.pardir] \
+                 + [os.path.join(*([os.path.pardir]*i)) for i in range(2, 10)]:
+            d = os.path.abspath(os.path.join(path, d))
+            if d in dirs:
+                continue
+            dirs.add(d)
+            if looks_like_mbedtls_root(d):
+                return d
+    raise Exception('Mbed TLS source tree not found')
diff --git a/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/c_build_helper.py b/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/c_build_helper.py
new file mode 100644
index 0000000..154a94b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/c_build_helper.py
@@ -0,0 +1,156 @@
+"""Generate and run C code.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+#
+
+import os
+import platform
+import subprocess
+import sys
+import tempfile
+
+def remove_file_if_exists(filename):
+    """Remove the specified file, ignoring errors."""
+    if not filename:
+        return
+    try:
+        os.remove(filename)
+    except OSError:
+        pass
+
+def create_c_file(file_label):
+    """Create a temporary C file.
+
+    * ``file_label``: a string that will be included in the file name.
+
+    Return ```(c_file, c_name, exe_name)``` where ``c_file`` is a Python
+    stream open for writing to the file, ``c_name`` is the name of the file
+    and ``exe_name`` is the name of the executable that will be produced
+    by compiling the file.
+    """
+    c_fd, c_name = tempfile.mkstemp(prefix='tmp-{}-'.format(file_label),
+                                    suffix='.c')
+    exe_suffix = '.exe' if platform.system() == 'Windows' else ''
+    exe_name = c_name[:-2] + exe_suffix
+    remove_file_if_exists(exe_name)
+    c_file = os.fdopen(c_fd, 'w', encoding='ascii')
+    return c_file, c_name, exe_name
+
+def generate_c_printf_expressions(c_file, cast_to, printf_format, expressions):
+    """Generate C instructions to print the value of ``expressions``.
+
+    Write the code with ``c_file``'s ``write`` method.
+
+    Each expression is cast to the type ``cast_to`` and printed with the
+    printf format ``printf_format``.
+    """
+    for expr in expressions:
+        c_file.write('    printf("{}\\n", ({}) {});\n'
+                     .format(printf_format, cast_to, expr))
+
+def generate_c_file(c_file,
+                    caller, header,
+                    main_generator):
+    """Generate a temporary C source file.
+
+    * ``c_file`` is an open stream on the C source file.
+    * ``caller``: an informational string written in a comment at the top
+      of the file.
+    * ``header``: extra code to insert before any function in the generated
+      C file.
+    * ``main_generator``: a function called with ``c_file`` as its sole argument
+      to generate the body of the ``main()`` function.
+    """
+    c_file.write('/* Generated by {} */'
+                 .format(caller))
+    c_file.write('''
+#include <stdio.h>
+''')
+    c_file.write(header)
+    c_file.write('''
+int main(void)
+{
+''')
+    main_generator(c_file)
+    c_file.write('''    return 0;
+}
+''')
+
+def compile_c_file(c_filename, exe_filename, include_dirs):
+    """Compile a C source file with the host compiler.
+
+    * ``c_filename``: the name of the source file to compile.
+    * ``exe_filename``: the name for the executable to be created.
+    * ``include_dirs``: a list of paths to include directories to be passed
+      with the -I switch.
+    """
+    # Respect $HOSTCC if it is set
+    cc = os.getenv('HOSTCC', None)
+    if cc is None:
+        cc = os.getenv('CC', 'cc')
+    cmd = [cc]
+
+    proc = subprocess.Popen(cmd,
+                            stdout=subprocess.DEVNULL,
+                            stderr=subprocess.PIPE,
+                            universal_newlines=True)
+    cc_is_msvc = 'Microsoft (R) C/C++' in proc.communicate()[1]
+
+    cmd += ['-I' + dir for dir in include_dirs]
+    if cc_is_msvc:
+        # MSVC has deprecated using -o to specify the output file,
+        # and produces an object file in the working directory by default.
+        obj_filename = exe_filename[:-4] + '.obj'
+        cmd += ['-Fe' + exe_filename, '-Fo' + obj_filename]
+    else:
+        cmd += ['-o' + exe_filename]
+
+    subprocess.check_call(cmd + [c_filename])
+
+def get_c_expression_values(
+        cast_to, printf_format,
+        expressions,
+        caller=__name__, file_label='',
+        header='', include_path=None,
+        keep_c=False,
+): # pylint: disable=too-many-arguments
+    """Generate and run a program to print out numerical values for expressions.
+
+    * ``cast_to``: a C type.
+    * ``printf_format``: a printf format suitable for the type ``cast_to``.
+    * ``header``: extra code to insert before any function in the generated
+      C file.
+    * ``expressions``: a list of C language expressions that have the type
+      ``cast_to``.
+    * ``include_path``: a list of directories containing header files.
+    * ``keep_c``: if true, keep the temporary C file (presumably for debugging
+      purposes).
+
+    Return the list of values of the ``expressions``.
+    """
+    if include_path is None:
+        include_path = []
+    c_name = None
+    exe_name = None
+    try:
+        c_file, c_name, exe_name = create_c_file(file_label)
+        generate_c_file(
+            c_file, caller, header,
+            lambda c_file: generate_c_printf_expressions(c_file,
+                                                         cast_to, printf_format,
+                                                         expressions)
+        )
+        c_file.close()
+
+        compile_c_file(c_name, exe_name, include_path)
+        if keep_c:
+            sys.stderr.write('List of {} tests kept at {}\n'
+                             .format(caller, c_name))
+        else:
+            os.remove(c_name)
+        output = subprocess.check_output([exe_name])
+        return output.decode('ascii').strip().split('\n')
+    finally:
+        remove_file_if_exists(exe_name)
diff --git a/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/crypto_knowledge.py b/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/crypto_knowledge.py
new file mode 100644
index 0000000..82cce19
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/crypto_knowledge.py
@@ -0,0 +1,534 @@
+"""Knowledge about cryptographic mechanisms implemented in Mbed TLS.
+
+This module is entirely based on the PSA API.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+#
+
+import enum
+import re
+from typing import FrozenSet, Iterable, List, Optional, Tuple, Dict
+
+from .asymmetric_key_data import ASYMMETRIC_KEY_DATA
+
+
+def short_expression(original: str, level: int = 0) -> str:
+    """Abbreviate the expression, keeping it human-readable.
+
+    If `level` is 0, just remove parts that are implicit from context,
+    such as a leading ``PSA_KEY_TYPE_``.
+    For larger values of `level`, also abbreviate some names in an
+    unambiguous, but ad hoc way.
+    """
+    short = original
+    short = re.sub(r'\bPSA_(?:ALG|ECC_FAMILY|KEY_[A-Z]+)_', r'', short)
+    short = re.sub(r' +', r'', short)
+    if level >= 1:
+        short = re.sub(r'PUBLIC_KEY\b', r'PUB', short)
+        short = re.sub(r'KEY_PAIR\b', r'PAIR', short)
+        short = re.sub(r'\bBRAINPOOL_P', r'BP', short)
+        short = re.sub(r'\bMONTGOMERY\b', r'MGM', short)
+        short = re.sub(r'AEAD_WITH_SHORTENED_TAG\b', r'AEAD_SHORT', short)
+        short = re.sub(r'\bDETERMINISTIC_', r'DET_', short)
+        short = re.sub(r'\bKEY_AGREEMENT\b', r'KA', short)
+        short = re.sub(r'_PSK_TO_MS\b', r'_PSK2MS', short)
+    return short
+
+
+BLOCK_CIPHERS = frozenset(['AES', 'ARIA', 'CAMELLIA', 'DES'])
+BLOCK_MAC_MODES = frozenset(['CBC_MAC', 'CMAC'])
+BLOCK_CIPHER_MODES = frozenset([
+    'CTR', 'CFB', 'OFB', 'XTS', 'CCM_STAR_NO_TAG',
+    'ECB_NO_PADDING', 'CBC_NO_PADDING', 'CBC_PKCS7',
+])
+BLOCK_AEAD_MODES = frozenset(['CCM', 'GCM'])
+
+class EllipticCurveCategory(enum.Enum):
+    """Categorization of elliptic curve families.
+
+    The category of a curve determines what algorithms are defined over it.
+    """
+
+    SHORT_WEIERSTRASS = 0
+    MONTGOMERY = 1
+    TWISTED_EDWARDS = 2
+
+    @staticmethod
+    def from_family(family: str) -> 'EllipticCurveCategory':
+        if family == 'PSA_ECC_FAMILY_MONTGOMERY':
+            return EllipticCurveCategory.MONTGOMERY
+        if family == 'PSA_ECC_FAMILY_TWISTED_EDWARDS':
+            return EllipticCurveCategory.TWISTED_EDWARDS
+        # Default to SW, which most curves belong to.
+        return EllipticCurveCategory.SHORT_WEIERSTRASS
+
+
+class KeyType:
+    """Knowledge about a PSA key type."""
+
+    def __init__(self, name: str, params: Optional[Iterable[str]] = None) -> None:
+        """Analyze a key type.
+
+        The key type must be specified in PSA syntax. In its simplest form,
+        `name` is a string 'PSA_KEY_TYPE_xxx' which is the name of a PSA key
+        type macro. For key types that take arguments, the arguments can
+        be passed either through the optional argument `params` or by
+        passing an expression of the form 'PSA_KEY_TYPE_xxx(param1, ...)'
+        in `name` as a string.
+        """
+
+        self.name = name.strip()
+        """The key type macro name (``PSA_KEY_TYPE_xxx``).
+
+        For key types constructed from a macro with arguments, this is the
+        name of the macro, and the arguments are in `self.params`.
+        """
+        if params is None:
+            if '(' in self.name:
+                m = re.match(r'(\w+)\s*\((.*)\)\Z', self.name)
+                assert m is not None
+                self.name = m.group(1)
+                params = m.group(2).split(',')
+        self.params = (None if params is None else
+                       [param.strip() for param in params])
+        """The parameters of the key type, if there are any.
+
+        None if the key type is a macro without arguments.
+        """
+        assert re.match(r'PSA_KEY_TYPE_\w+\Z', self.name)
+
+        self.expression = self.name
+        """A C expression whose value is the key type encoding."""
+        if self.params is not None:
+            self.expression += '(' + ', '.join(self.params) + ')'
+
+        m = re.match(r'PSA_KEY_TYPE_(\w+)', self.name)
+        assert m
+        self.head = re.sub(r'_(?:PUBLIC_KEY|KEY_PAIR)\Z', r'', m.group(1))
+        """The key type macro name, with common prefixes and suffixes stripped."""
+
+        self.private_type = re.sub(r'_PUBLIC_KEY\Z', r'_KEY_PAIR', self.name)
+        """The key type macro name for the corresponding key pair type.
+
+        For everything other than a public key type, this is the same as
+        `self.name`.
+        """
+
+    def short_expression(self, level: int = 0) -> str:
+        """Abbreviate the expression, keeping it human-readable.
+
+        See `crypto_knowledge.short_expression`.
+        """
+        return short_expression(self.expression, level=level)
+
+    def is_public(self) -> bool:
+        """Whether the key type is for public keys."""
+        return self.name.endswith('_PUBLIC_KEY')
+
+    ECC_KEY_SIZES = {
+        'PSA_ECC_FAMILY_SECP_K1': (192, 224, 256),
+        'PSA_ECC_FAMILY_SECP_R1': (225, 256, 384, 521),
+        'PSA_ECC_FAMILY_SECP_R2': (160,),
+        'PSA_ECC_FAMILY_SECT_K1': (163, 233, 239, 283, 409, 571),
+        'PSA_ECC_FAMILY_SECT_R1': (163, 233, 283, 409, 571),
+        'PSA_ECC_FAMILY_SECT_R2': (163,),
+        'PSA_ECC_FAMILY_BRAINPOOL_P_R1': (160, 192, 224, 256, 320, 384, 512),
+        'PSA_ECC_FAMILY_MONTGOMERY': (255, 448),
+        'PSA_ECC_FAMILY_TWISTED_EDWARDS': (255, 448),
+    } # type: Dict[str, Tuple[int, ...]]
+    KEY_TYPE_SIZES = {
+        'PSA_KEY_TYPE_AES': (128, 192, 256), # exhaustive
+        'PSA_KEY_TYPE_ARC4': (8, 128, 2048), # extremes + sensible
+        'PSA_KEY_TYPE_ARIA': (128, 192, 256), # exhaustive
+        'PSA_KEY_TYPE_CAMELLIA': (128, 192, 256), # exhaustive
+        'PSA_KEY_TYPE_CHACHA20': (256,), # exhaustive
+        'PSA_KEY_TYPE_DERIVE': (120, 128), # sample
+        'PSA_KEY_TYPE_DES': (64, 128, 192), # exhaustive
+        'PSA_KEY_TYPE_HMAC': (128, 160, 224, 256, 384, 512), # standard size for each supported hash
+        'PSA_KEY_TYPE_RAW_DATA': (8, 40, 128), # sample
+        'PSA_KEY_TYPE_RSA_KEY_PAIR': (1024, 1536), # small sample
+    } # type: Dict[str, Tuple[int, ...]]
+    def sizes_to_test(self) -> Tuple[int, ...]:
+        """Return a tuple of key sizes to test.
+
+        For key types that only allow a single size, or only a small set of
+        sizes, these are all the possible sizes. For key types that allow a
+        wide range of sizes, these are a representative sample of sizes,
+        excluding large sizes for which a typical resource-constrained platform
+        may run out of memory.
+        """
+        if self.private_type == 'PSA_KEY_TYPE_ECC_KEY_PAIR':
+            assert self.params is not None
+            return self.ECC_KEY_SIZES[self.params[0]]
+        return self.KEY_TYPE_SIZES[self.private_type]
+
+    # "48657265006973206b6579a064617461"
+    DATA_BLOCK = b'Here\000is key\240data'
+    def key_material(self, bits: int) -> bytes:
+        """Return a byte string containing suitable key material with the given bit length.
+
+        Use the PSA export representation. The resulting byte string is one that
+        can be obtained with the following code:
+        ```
+        psa_set_key_type(&attributes, `self.expression`);
+        psa_set_key_bits(&attributes, `bits`);
+        psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT);
+        psa_generate_key(&attributes, &id);
+        psa_export_key(id, `material`, ...);
+        ```
+        """
+        if self.expression in ASYMMETRIC_KEY_DATA:
+            if bits not in ASYMMETRIC_KEY_DATA[self.expression]:
+                raise ValueError('No key data for {}-bit {}'
+                                 .format(bits, self.expression))
+            return ASYMMETRIC_KEY_DATA[self.expression][bits]
+        if bits % 8 != 0:
+            raise ValueError('Non-integer number of bytes: {} bits for {}'
+                             .format(bits, self.expression))
+        length = bits // 8
+        if self.name == 'PSA_KEY_TYPE_DES':
+            # "644573206b457901644573206b457902644573206b457904"
+            des3 = b'dEs kEy\001dEs kEy\002dEs kEy\004'
+            return des3[:length]
+        return b''.join([self.DATA_BLOCK] * (length // len(self.DATA_BLOCK)) +
+                        [self.DATA_BLOCK[:length % len(self.DATA_BLOCK)]])
+
+    def can_do(self, alg: 'Algorithm') -> bool:
+        """Whether this key type can be used for operations with the given algorithm.
+
+        This function does not currently handle key derivation or PAKE.
+        """
+        #pylint: disable=too-many-branches,too-many-return-statements
+        if not alg.is_valid_for_operation():
+            return False
+        if self.head == 'HMAC' and alg.head == 'HMAC':
+            return True
+        if self.head == 'DES':
+            # 64-bit block ciphers only allow a reduced set of modes.
+            return alg.head in [
+                'CBC_NO_PADDING', 'CBC_PKCS7',
+                'ECB_NO_PADDING',
+            ]
+        if self.head in BLOCK_CIPHERS and \
+           alg.head in frozenset.union(BLOCK_MAC_MODES,
+                                       BLOCK_CIPHER_MODES,
+                                       BLOCK_AEAD_MODES):
+            if alg.head in ['CMAC', 'OFB'] and \
+               self.head in ['ARIA', 'CAMELLIA']:
+                return False # not implemented in Mbed TLS
+            return True
+        if self.head == 'CHACHA20' and alg.head == 'CHACHA20_POLY1305':
+            return True
+        if self.head in {'ARC4', 'CHACHA20'} and \
+           alg.head == 'STREAM_CIPHER':
+            return True
+        if self.head == 'RSA' and alg.head.startswith('RSA_'):
+            return True
+        if alg.category == AlgorithmCategory.KEY_AGREEMENT and \
+           self.is_public():
+            # The PSA API does not use public key objects in key agreement
+            # operations: it imports the public key as a formatted byte string.
+            # So a public key object with a key agreement algorithm is not
+            # a valid combination.
+            return False
+        if self.head == 'ECC':
+            assert self.params is not None
+            eccc = EllipticCurveCategory.from_family(self.params[0])
+            if alg.head == 'ECDH' and \
+               eccc in {EllipticCurveCategory.SHORT_WEIERSTRASS,
+                        EllipticCurveCategory.MONTGOMERY}:
+                return True
+            if alg.head == 'ECDSA' and \
+               eccc == EllipticCurveCategory.SHORT_WEIERSTRASS:
+                return True
+            if alg.head in {'PURE_EDDSA', 'EDDSA_PREHASH'} and \
+               eccc == EllipticCurveCategory.TWISTED_EDWARDS:
+                return True
+        return False
+
+
+class AlgorithmCategory(enum.Enum):
+    """PSA algorithm categories."""
+    # The numbers are aligned with the category bits in numerical values of
+    # algorithms.
+    HASH = 2
+    MAC = 3
+    CIPHER = 4
+    AEAD = 5
+    SIGN = 6
+    ASYMMETRIC_ENCRYPTION = 7
+    KEY_DERIVATION = 8
+    KEY_AGREEMENT = 9
+    PAKE = 10
+
+    def requires_key(self) -> bool:
+        """Whether operations in this category are set up with a key."""
+        return self not in {self.HASH, self.KEY_DERIVATION}
+
+    def is_asymmetric(self) -> bool:
+        """Whether operations in this category involve asymmetric keys."""
+        return self in {
+            self.SIGN,
+            self.ASYMMETRIC_ENCRYPTION,
+            self.KEY_AGREEMENT
+        }
+
+
+class AlgorithmNotRecognized(Exception):
+    def __init__(self, expr: str) -> None:
+        super().__init__('Algorithm not recognized: ' + expr)
+        self.expr = expr
+
+
+class Algorithm:
+    """Knowledge about a PSA algorithm."""
+
+    @staticmethod
+    def determine_base(expr: str) -> str:
+        """Return an expression for the "base" of the algorithm.
+
+        This strips off variants of algorithms such as MAC truncation.
+
+        This function does not attempt to detect invalid inputs.
+        """
+        m = re.match(r'PSA_ALG_(?:'
+                     r'(?:TRUNCATED|AT_LEAST_THIS_LENGTH)_MAC|'
+                     r'AEAD_WITH_(?:SHORTENED|AT_LEAST_THIS_LENGTH)_TAG'
+                     r')\((.*),[^,]+\)\Z', expr)
+        if m:
+            expr = m.group(1)
+        return expr
+
+    @staticmethod
+    def determine_head(expr: str) -> str:
+        """Return the head of an algorithm expression.
+
+        The head is the first (outermost) constructor, without its PSA_ALG_
+        prefix, and with some normalization of similar algorithms.
+        """
+        m = re.match(r'PSA_ALG_(?:DETERMINISTIC_)?(\w+)', expr)
+        if not m:
+            raise AlgorithmNotRecognized(expr)
+        head = m.group(1)
+        if head == 'KEY_AGREEMENT':
+            m = re.match(r'PSA_ALG_KEY_AGREEMENT\s*\(\s*PSA_ALG_(\w+)', expr)
+            if not m:
+                raise AlgorithmNotRecognized(expr)
+            head = m.group(1)
+        head = re.sub(r'_ANY\Z', r'', head)
+        if re.match(r'ED[0-9]+PH\Z', head):
+            head = 'EDDSA_PREHASH'
+        return head
+
+    CATEGORY_FROM_HEAD = {
+        'SHA': AlgorithmCategory.HASH,
+        'SHAKE256_512': AlgorithmCategory.HASH,
+        'MD': AlgorithmCategory.HASH,
+        'RIPEMD': AlgorithmCategory.HASH,
+        'ANY_HASH': AlgorithmCategory.HASH,
+        'HMAC': AlgorithmCategory.MAC,
+        'STREAM_CIPHER': AlgorithmCategory.CIPHER,
+        'CHACHA20_POLY1305': AlgorithmCategory.AEAD,
+        'DSA': AlgorithmCategory.SIGN,
+        'ECDSA': AlgorithmCategory.SIGN,
+        'EDDSA': AlgorithmCategory.SIGN,
+        'PURE_EDDSA': AlgorithmCategory.SIGN,
+        'RSA_PSS': AlgorithmCategory.SIGN,
+        'RSA_PKCS1V15_SIGN': AlgorithmCategory.SIGN,
+        'RSA_PKCS1V15_CRYPT': AlgorithmCategory.ASYMMETRIC_ENCRYPTION,
+        'RSA_OAEP': AlgorithmCategory.ASYMMETRIC_ENCRYPTION,
+        'HKDF': AlgorithmCategory.KEY_DERIVATION,
+        'TLS12_PRF': AlgorithmCategory.KEY_DERIVATION,
+        'TLS12_PSK_TO_MS': AlgorithmCategory.KEY_DERIVATION,
+        'PBKDF': AlgorithmCategory.KEY_DERIVATION,
+        'ECDH': AlgorithmCategory.KEY_AGREEMENT,
+        'FFDH': AlgorithmCategory.KEY_AGREEMENT,
+        # KEY_AGREEMENT(...) is a key derivation with a key agreement component
+        'KEY_AGREEMENT': AlgorithmCategory.KEY_DERIVATION,
+        'JPAKE': AlgorithmCategory.PAKE,
+    }
+    for x in BLOCK_MAC_MODES:
+        CATEGORY_FROM_HEAD[x] = AlgorithmCategory.MAC
+    for x in BLOCK_CIPHER_MODES:
+        CATEGORY_FROM_HEAD[x] = AlgorithmCategory.CIPHER
+    for x in BLOCK_AEAD_MODES:
+        CATEGORY_FROM_HEAD[x] = AlgorithmCategory.AEAD
+
+    def determine_category(self, expr: str, head: str) -> AlgorithmCategory:
+        """Return the category of the given algorithm expression.
+
+        This function does not attempt to detect invalid inputs.
+        """
+        prefix = head
+        while prefix:
+            if prefix in self.CATEGORY_FROM_HEAD:
+                return self.CATEGORY_FROM_HEAD[prefix]
+            if re.match(r'.*[0-9]\Z', prefix):
+                prefix = re.sub(r'_*[0-9]+\Z', r'', prefix)
+            else:
+                prefix = re.sub(r'_*[^_]*\Z', r'', prefix)
+        raise AlgorithmNotRecognized(expr)
+
+    @staticmethod
+    def determine_wildcard(expr) -> bool:
+        """Whether the given algorithm expression is a wildcard.
+
+        This function does not attempt to detect invalid inputs.
+        """
+        if re.search(r'\bPSA_ALG_ANY_HASH\b', expr):
+            return True
+        if re.search(r'_AT_LEAST_', expr):
+            return True
+        return False
+
+    def __init__(self, expr: str) -> None:
+        """Analyze an algorithm value.
+
+        The algorithm must be expressed as a C expression containing only
+        calls to PSA algorithm constructor macros and numeric literals.
+
+        This class is only programmed to handle valid expressions. Invalid
+        expressions may result in exceptions or in nonsensical results.
+        """
+        self.expression = re.sub(r'\s+', r'', expr)
+        self.base_expression = self.determine_base(self.expression)
+        self.head = self.determine_head(self.base_expression)
+        self.category = self.determine_category(self.base_expression, self.head)
+        self.is_wildcard = self.determine_wildcard(self.expression)
+
+    def is_key_agreement_with_derivation(self) -> bool:
+        """Whether this is a combined key agreement and key derivation algorithm."""
+        if self.category != AlgorithmCategory.KEY_AGREEMENT:
+            return False
+        m = re.match(r'PSA_ALG_KEY_AGREEMENT\(\w+,\s*(.*)\)\Z', self.expression)
+        if not m:
+            return False
+        kdf_alg = m.group(1)
+        # Assume kdf_alg is either a valid KDF or 0.
+        return not re.match(r'(?:0[Xx])?0+\s*\Z', kdf_alg)
+
+
+    def short_expression(self, level: int = 0) -> str:
+        """Abbreviate the expression, keeping it human-readable.
+
+        See `crypto_knowledge.short_expression`.
+        """
+        return short_expression(self.expression, level=level)
+
+    HASH_LENGTH = {
+        'PSA_ALG_MD5': 16,
+        'PSA_ALG_SHA_1': 20,
+    }
+    HASH_LENGTH_BITS_RE = re.compile(r'([0-9]+)\Z')
+    @classmethod
+    def hash_length(cls, alg: str) -> int:
+        """The length of the given hash algorithm, in bytes."""
+        if alg in cls.HASH_LENGTH:
+            return cls.HASH_LENGTH[alg]
+        m = cls.HASH_LENGTH_BITS_RE.search(alg)
+        if m:
+            return int(m.group(1)) // 8
+        raise ValueError('Unknown hash length for ' + alg)
+
+    PERMITTED_TAG_LENGTHS = {
+        'PSA_ALG_CCM': frozenset([4, 6, 8, 10, 12, 14, 16]),
+        'PSA_ALG_CHACHA20_POLY1305': frozenset([16]),
+        'PSA_ALG_GCM': frozenset([4, 8, 12, 13, 14, 15, 16]),
+    }
+    MAC_LENGTH = {
+        'PSA_ALG_CBC_MAC': 16, # actually the block cipher length
+        'PSA_ALG_CMAC': 16, # actually the block cipher length
+    }
+    HMAC_RE = re.compile(r'PSA_ALG_HMAC\((.*)\)\Z')
+    @classmethod
+    def permitted_truncations(cls, base: str) -> FrozenSet[int]:
+        """Permitted output lengths for the given MAC or AEAD base algorithm.
+
+        For a MAC algorithm, this is the set of truncation lengths that
+        Mbed TLS supports.
+        For an AEAD algorithm, this is the set of truncation lengths that
+        are permitted by the algorithm specification.
+        """
+        if base in cls.PERMITTED_TAG_LENGTHS:
+            return cls.PERMITTED_TAG_LENGTHS[base]
+        max_length = cls.MAC_LENGTH.get(base, None)
+        if max_length is None:
+            m = cls.HMAC_RE.match(base)
+            if m:
+                max_length = cls.hash_length(m.group(1))
+        if max_length is None:
+            raise ValueError('Unknown permitted lengths for ' + base)
+        return frozenset(range(4, max_length + 1))
+
+    TRUNCATED_ALG_RE = re.compile(
+        r'(?P<face>PSA_ALG_(?:AEAD_WITH_SHORTENED_TAG|TRUNCATED_MAC))'
+        r'\((?P<base>.*),'
+        r'(?P<length>0[Xx][0-9A-Fa-f]+|[1-9][0-9]*|0[0-7]*)[LUlu]*\)\Z')
+    def is_invalid_truncation(self) -> bool:
+        """False for a MAC or AEAD algorithm truncated to an invalid length.
+
+        True for a MAC or AEAD algorithm truncated to a valid length or to
+        a length that cannot be determined. True for anything other than
+        a truncated MAC or AEAD.
+        """
+        m = self.TRUNCATED_ALG_RE.match(self.expression)
+        if m:
+            base = m.group('base')
+            to_length = int(m.group('length'), 0)
+            permitted_lengths = self.permitted_truncations(base)
+            if to_length not in permitted_lengths:
+                return True
+        return False
+
+    def is_valid_for_operation(self) -> bool:
+        """Whether this algorithm construction is valid for an operation.
+
+        This function assumes that the algorithm is constructed in a
+        "grammatically" correct way, and only rejects semantically invalid
+        combinations.
+        """
+        if self.is_wildcard:
+            return False
+        if self.is_invalid_truncation():
+            return False
+        return True
+
+    def can_do(self, category: AlgorithmCategory) -> bool:
+        """Whether this algorithm can perform operations in the given category.
+        """
+        if category == self.category:
+            return True
+        if category == AlgorithmCategory.KEY_DERIVATION and \
+           self.is_key_agreement_with_derivation():
+            return True
+        return False
+
+    def usage_flags(self, public: bool = False) -> List[str]:
+        """The list of usage flags describing operations that can perform this algorithm.
+
+        If public is true, only return public-key operations, not private-key operations.
+        """
+        if self.category == AlgorithmCategory.HASH:
+            flags = []
+        elif self.category == AlgorithmCategory.MAC:
+            flags = ['SIGN_HASH', 'SIGN_MESSAGE',
+                     'VERIFY_HASH', 'VERIFY_MESSAGE']
+        elif self.category == AlgorithmCategory.CIPHER or \
+             self.category == AlgorithmCategory.AEAD:
+            flags = ['DECRYPT', 'ENCRYPT']
+        elif self.category == AlgorithmCategory.SIGN:
+            flags = ['VERIFY_HASH', 'VERIFY_MESSAGE']
+            if not public:
+                flags += ['SIGN_HASH', 'SIGN_MESSAGE']
+        elif self.category == AlgorithmCategory.ASYMMETRIC_ENCRYPTION:
+            flags = ['ENCRYPT']
+            if not public:
+                flags += ['DECRYPT']
+        elif self.category == AlgorithmCategory.KEY_DERIVATION or \
+             self.category == AlgorithmCategory.KEY_AGREEMENT:
+            flags = ['DERIVE']
+        else:
+            raise AlgorithmNotRecognized(self.expression)
+        return ['PSA_KEY_USAGE_' + flag for flag in flags]
diff --git a/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/macro_collector.py b/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/macro_collector.py
new file mode 100644
index 0000000..fbec007
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/macro_collector.py
@@ -0,0 +1,536 @@
+"""Collect macro definitions from header files.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+#
+
+import itertools
+import re
+from typing import Dict, IO, Iterable, Iterator, List, Optional, Pattern, Set, Tuple, Union
+
+
+class ReadFileLineException(Exception):
+    def __init__(self, filename: str, line_number: Union[int, str]) -> None:
+        message = 'in {} at {}'.format(filename, line_number)
+        super(ReadFileLineException, self).__init__(message)
+        self.filename = filename
+        self.line_number = line_number
+
+
+class read_file_lines:
+    # Dear Pylint, conventionally, a context manager class name is lowercase.
+    # pylint: disable=invalid-name,too-few-public-methods
+    """Context manager to read a text file line by line.
+
+    ```
+    with read_file_lines(filename) as lines:
+        for line in lines:
+            process(line)
+    ```
+    is equivalent to
+    ```
+    with open(filename, 'r') as input_file:
+        for line in input_file:
+            process(line)
+    ```
+    except that if process(line) raises an exception, then the read_file_lines
+    snippet annotates the exception with the file name and line number.
+    """
+    def __init__(self, filename: str, binary: bool = False) -> None:
+        self.filename = filename
+        self.file = None #type: Optional[IO[str]]
+        self.line_number = 'entry' #type: Union[int, str]
+        self.generator = None #type: Optional[Iterable[Tuple[int, str]]]
+        self.binary = binary
+    def __enter__(self) -> 'read_file_lines':
+        self.file = open(self.filename, 'rb' if self.binary else 'r')
+        self.generator = enumerate(self.file)
+        return self
+    def __iter__(self) -> Iterator[str]:
+        assert self.generator is not None
+        for line_number, content in self.generator:
+            self.line_number = line_number
+            yield content
+        self.line_number = 'exit'
+    def __exit__(self, exc_type, exc_value, exc_traceback) -> None:
+        if self.file is not None:
+            self.file.close()
+        if exc_type is not None:
+            raise ReadFileLineException(self.filename, self.line_number) \
+                from exc_value
+
+
+class PSAMacroEnumerator:
+    """Information about constructors of various PSA Crypto types.
+
+    This includes macro names as well as information about their arguments
+    when applicable.
+
+    This class only provides ways to enumerate expressions that evaluate to
+    values of the covered types. Derived classes are expected to populate
+    the set of known constructors of each kind, as well as populate
+    `self.arguments_for` for arguments that are not of a kind that is
+    enumerated here.
+    """
+    #pylint: disable=too-many-instance-attributes
+
+    def __init__(self) -> None:
+        """Set up an empty set of known constructor macros.
+        """
+        self.statuses = set() #type: Set[str]
+        self.lifetimes = set() #type: Set[str]
+        self.locations = set() #type: Set[str]
+        self.persistence_levels = set() #type: Set[str]
+        self.algorithms = set() #type: Set[str]
+        self.ecc_curves = set() #type: Set[str]
+        self.dh_groups = set() #type: Set[str]
+        self.key_types = set() #type: Set[str]
+        self.key_usage_flags = set() #type: Set[str]
+        self.hash_algorithms = set() #type: Set[str]
+        self.mac_algorithms = set() #type: Set[str]
+        self.ka_algorithms = set() #type: Set[str]
+        self.kdf_algorithms = set() #type: Set[str]
+        self.aead_algorithms = set() #type: Set[str]
+        self.sign_algorithms = set() #type: Set[str]
+        # macro name -> list of argument names
+        self.argspecs = {} #type: Dict[str, List[str]]
+        # argument name -> list of values
+        self.arguments_for = {
+            'mac_length': [],
+            'min_mac_length': [],
+            'tag_length': [],
+            'min_tag_length': [],
+        } #type: Dict[str, List[str]]
+        # Whether to include intermediate macros in enumerations. Intermediate
+        # macros serve as category headers and are not valid values of their
+        # type. See `is_internal_name`.
+        # Always false in this class, may be set to true in derived classes.
+        self.include_intermediate = False
+
+    def is_internal_name(self, name: str) -> bool:
+        """Whether this is an internal macro. Internal macros will be skipped."""
+        if not self.include_intermediate:
+            if name.endswith('_BASE') or name.endswith('_NONE'):
+                return True
+            if '_CATEGORY_' in name:
+                return True
+        return name.endswith('_FLAG') or name.endswith('_MASK')
+
+    def gather_arguments(self) -> None:
+        """Populate the list of values for macro arguments.
+
+        Call this after parsing all the inputs.
+        """
+        self.arguments_for['hash_alg'] = sorted(self.hash_algorithms)
+        self.arguments_for['mac_alg'] = sorted(self.mac_algorithms)
+        self.arguments_for['ka_alg'] = sorted(self.ka_algorithms)
+        self.arguments_for['kdf_alg'] = sorted(self.kdf_algorithms)
+        self.arguments_for['aead_alg'] = sorted(self.aead_algorithms)
+        self.arguments_for['sign_alg'] = sorted(self.sign_algorithms)
+        self.arguments_for['curve'] = sorted(self.ecc_curves)
+        self.arguments_for['group'] = sorted(self.dh_groups)
+        self.arguments_for['persistence'] = sorted(self.persistence_levels)
+        self.arguments_for['location'] = sorted(self.locations)
+        self.arguments_for['lifetime'] = sorted(self.lifetimes)
+
+    @staticmethod
+    def _format_arguments(name: str, arguments: Iterable[str]) -> str:
+        """Format a macro call with arguments.
+
+        The resulting format is consistent with
+        `InputsForTest.normalize_argument`.
+        """
+        return name + '(' + ', '.join(arguments) + ')'
+
+    _argument_split_re = re.compile(r' *, *')
+    @classmethod
+    def _argument_split(cls, arguments: str) -> List[str]:
+        return re.split(cls._argument_split_re, arguments)
+
+    def distribute_arguments(self, name: str) -> Iterator[str]:
+        """Generate macro calls with each tested argument set.
+
+        If name is a macro without arguments, just yield "name".
+        If name is a macro with arguments, yield a series of
+        "name(arg1,...,argN)" where each argument takes each possible
+        value at least once.
+        """
+        try:
+            if name not in self.argspecs:
+                yield name
+                return
+            argspec = self.argspecs[name]
+            if argspec == []:
+                yield name + '()'
+                return
+            argument_lists = [self.arguments_for[arg] for arg in argspec]
+            arguments = [values[0] for values in argument_lists]
+            yield self._format_arguments(name, arguments)
+            # Dear Pylint, enumerate won't work here since we're modifying
+            # the array.
+            # pylint: disable=consider-using-enumerate
+            for i in range(len(arguments)):
+                for value in argument_lists[i][1:]:
+                    arguments[i] = value
+                    yield self._format_arguments(name, arguments)
+                arguments[i] = argument_lists[i][0]
+        except BaseException as e:
+            raise Exception('distribute_arguments({})'.format(name)) from e
+
+    def distribute_arguments_without_duplicates(
+            self, seen: Set[str], name: str
+    ) -> Iterator[str]:
+        """Same as `distribute_arguments`, but don't repeat seen results."""
+        for result in self.distribute_arguments(name):
+            if result not in seen:
+                seen.add(result)
+                yield result
+
+    def generate_expressions(self, names: Iterable[str]) -> Iterator[str]:
+        """Generate expressions covering values constructed from the given names.
+
+        `names` can be any iterable collection of macro names.
+
+        For example:
+        * ``generate_expressions(['PSA_ALG_CMAC', 'PSA_ALG_HMAC'])``
+          generates ``'PSA_ALG_CMAC'`` as well as ``'PSA_ALG_HMAC(h)'`` for
+          every known hash algorithm ``h``.
+        * ``macros.generate_expressions(macros.key_types)`` generates all
+          key types.
+        """
+        seen = set() #type: Set[str]
+        return itertools.chain(*(
+            self.distribute_arguments_without_duplicates(seen, name)
+            for name in names
+        ))
+
+
+class PSAMacroCollector(PSAMacroEnumerator):
+    """Collect PSA crypto macro definitions from C header files.
+    """
+
+    def __init__(self, include_intermediate: bool = False) -> None:
+        """Set up an object to collect PSA macro definitions.
+
+        Call the read_file method of the constructed object on each header file.
+
+        * include_intermediate: if true, include intermediate macros such as
+          PSA_XXX_BASE that do not designate semantic values.
+        """
+        super().__init__()
+        self.include_intermediate = include_intermediate
+        self.key_types_from_curve = {} #type: Dict[str, str]
+        self.key_types_from_group = {} #type: Dict[str, str]
+        self.algorithms_from_hash = {} #type: Dict[str, str]
+
+    @staticmethod
+    def algorithm_tester(name: str) -> str:
+        """The predicate for whether an algorithm is built from the given constructor.
+
+        The given name must be the name of an algorithm constructor of the
+        form ``PSA_ALG_xxx`` which is used as ``PSA_ALG_xxx(yyy)`` to build
+        an algorithm value. Return the corresponding predicate macro which
+        is used as ``predicate(alg)`` to test whether ``alg`` can be built
+        as ``PSA_ALG_xxx(yyy)``. The predicate is usually called
+        ``PSA_ALG_IS_xxx``.
+        """
+        prefix = 'PSA_ALG_'
+        assert name.startswith(prefix)
+        midfix = 'IS_'
+        suffix = name[len(prefix):]
+        if suffix in ['DSA', 'ECDSA']:
+            midfix += 'RANDOMIZED_'
+        elif suffix == 'RSA_PSS':
+            suffix += '_STANDARD_SALT'
+        return prefix + midfix + suffix
+
+    def record_algorithm_subtype(self, name: str, expansion: str) -> None:
+        """Record the subtype of an algorithm constructor.
+
+        Given a ``PSA_ALG_xxx`` macro name and its expansion, if the algorithm
+        is of a subtype that is tracked in its own set, add it to the relevant
+        set.
+        """
+        # This code is very ad hoc and fragile. It should be replaced by
+        # something more robust.
+        if re.match(r'MAC(?:_|\Z)', name):
+            self.mac_algorithms.add(name)
+        elif re.match(r'KDF(?:_|\Z)', name):
+            self.kdf_algorithms.add(name)
+        elif re.search(r'0x020000[0-9A-Fa-f]{2}', expansion):
+            self.hash_algorithms.add(name)
+        elif re.search(r'0x03[0-9A-Fa-f]{6}', expansion):
+            self.mac_algorithms.add(name)
+        elif re.search(r'0x05[0-9A-Fa-f]{6}', expansion):
+            self.aead_algorithms.add(name)
+        elif re.search(r'0x09[0-9A-Fa-f]{2}0000', expansion):
+            self.ka_algorithms.add(name)
+        elif re.search(r'0x08[0-9A-Fa-f]{6}', expansion):
+            self.kdf_algorithms.add(name)
+
+    # "#define" followed by a macro name with either no parameters
+    # or a single parameter and a non-empty expansion.
+    # Grab the macro name in group 1, the parameter name if any in group 2
+    # and the expansion in group 3.
+    _define_directive_re = re.compile(r'\s*#\s*define\s+(\w+)' +
+                                      r'(?:\s+|\((\w+)\)\s*)' +
+                                      r'(.+)')
+    _deprecated_definition_re = re.compile(r'\s*MBEDTLS_DEPRECATED')
+
+    def read_line(self, line):
+        """Parse a C header line and record the PSA identifier it defines if any.
+        This function analyzes lines that start with "#define PSA_"
+        (up to non-significant whitespace) and skips all non-matching lines.
+        """
+        # pylint: disable=too-many-branches
+        m = re.match(self._define_directive_re, line)
+        if not m:
+            return
+        name, parameter, expansion = m.groups()
+        expansion = re.sub(r'/\*.*?\*/|//.*', r' ', expansion)
+        if parameter:
+            self.argspecs[name] = [parameter]
+        if re.match(self._deprecated_definition_re, expansion):
+            # Skip deprecated values, which are assumed to be
+            # backward compatibility aliases that share
+            # numerical values with non-deprecated values.
+            return
+        if self.is_internal_name(name):
+            # Macro only to build actual values
+            return
+        elif (name.startswith('PSA_ERROR_') or name == 'PSA_SUCCESS') \
+           and not parameter:
+            self.statuses.add(name)
+        elif name.startswith('PSA_KEY_TYPE_') and not parameter:
+            self.key_types.add(name)
+        elif name.startswith('PSA_KEY_TYPE_') and parameter == 'curve':
+            self.key_types_from_curve[name] = name[:13] + 'IS_' + name[13:]
+        elif name.startswith('PSA_KEY_TYPE_') and parameter == 'group':
+            self.key_types_from_group[name] = name[:13] + 'IS_' + name[13:]
+        elif name.startswith('PSA_ECC_FAMILY_') and not parameter:
+            self.ecc_curves.add(name)
+        elif name.startswith('PSA_DH_FAMILY_') and not parameter:
+            self.dh_groups.add(name)
+        elif name.startswith('PSA_ALG_') and not parameter:
+            if name in ['PSA_ALG_ECDSA_BASE',
+                        'PSA_ALG_RSA_PKCS1V15_SIGN_BASE']:
+                # Ad hoc skipping of duplicate names for some numerical values
+                return
+            self.algorithms.add(name)
+            self.record_algorithm_subtype(name, expansion)
+        elif name.startswith('PSA_ALG_') and parameter == 'hash_alg':
+            self.algorithms_from_hash[name] = self.algorithm_tester(name)
+        elif name.startswith('PSA_KEY_USAGE_') and not parameter:
+            self.key_usage_flags.add(name)
+        else:
+            # Other macro without parameter
+            return
+
+    _nonascii_re = re.compile(rb'[^\x00-\x7f]+')
+    _continued_line_re = re.compile(rb'\\\r?\n\Z')
+    def read_file(self, header_file):
+        for line in header_file:
+            m = re.search(self._continued_line_re, line)
+            while m:
+                cont = next(header_file)
+                line = line[:m.start(0)] + cont
+                m = re.search(self._continued_line_re, line)
+            line = re.sub(self._nonascii_re, rb'', line).decode('ascii')
+            self.read_line(line)
+
+
+class InputsForTest(PSAMacroEnumerator):
+    # pylint: disable=too-many-instance-attributes
+    """Accumulate information about macros to test.
+enumerate
+    This includes macro names as well as information about their arguments
+    when applicable.
+    """
+
+    def __init__(self) -> None:
+        super().__init__()
+        self.all_declared = set() #type: Set[str]
+        # Identifier prefixes
+        self.table_by_prefix = {
+            'ERROR': self.statuses,
+            'ALG': self.algorithms,
+            'ECC_CURVE': self.ecc_curves,
+            'DH_GROUP': self.dh_groups,
+            'KEY_LIFETIME': self.lifetimes,
+            'KEY_LOCATION': self.locations,
+            'KEY_PERSISTENCE': self.persistence_levels,
+            'KEY_TYPE': self.key_types,
+            'KEY_USAGE': self.key_usage_flags,
+        } #type: Dict[str, Set[str]]
+        # Test functions
+        self.table_by_test_function = {
+            # Any function ending in _algorithm also gets added to
+            # self.algorithms.
+            'key_type': [self.key_types],
+            'block_cipher_key_type': [self.key_types],
+            'stream_cipher_key_type': [self.key_types],
+            'ecc_key_family': [self.ecc_curves],
+            'ecc_key_types': [self.ecc_curves],
+            'dh_key_family': [self.dh_groups],
+            'dh_key_types': [self.dh_groups],
+            'hash_algorithm': [self.hash_algorithms],
+            'mac_algorithm': [self.mac_algorithms],
+            'cipher_algorithm': [],
+            'hmac_algorithm': [self.mac_algorithms, self.sign_algorithms],
+            'aead_algorithm': [self.aead_algorithms],
+            'key_derivation_algorithm': [self.kdf_algorithms],
+            'key_agreement_algorithm': [self.ka_algorithms],
+            'asymmetric_signature_algorithm': [self.sign_algorithms],
+            'asymmetric_signature_wildcard': [self.algorithms],
+            'asymmetric_encryption_algorithm': [],
+            'other_algorithm': [],
+            'lifetime': [self.lifetimes],
+        } #type: Dict[str, List[Set[str]]]
+        mac_lengths = [str(n) for n in [
+            1,  # minimum expressible
+            4,  # minimum allowed by policy
+            13, # an odd size in a plausible range
+            14, # an even non-power-of-two size in a plausible range
+            16, # same as full size for at least one algorithm
+            63, # maximum expressible
+        ]]
+        self.arguments_for['mac_length'] += mac_lengths
+        self.arguments_for['min_mac_length'] += mac_lengths
+        aead_lengths = [str(n) for n in [
+            1,  # minimum expressible
+            4,  # minimum allowed by policy
+            13, # an odd size in a plausible range
+            14, # an even non-power-of-two size in a plausible range
+            16, # same as full size for at least one algorithm
+            63, # maximum expressible
+        ]]
+        self.arguments_for['tag_length'] += aead_lengths
+        self.arguments_for['min_tag_length'] += aead_lengths
+
+    def add_numerical_values(self) -> None:
+        """Add numerical values that are not supported to the known identifiers."""
+        # Sets of names per type
+        self.algorithms.add('0xffffffff')
+        self.ecc_curves.add('0xff')
+        self.dh_groups.add('0xff')
+        self.key_types.add('0xffff')
+        self.key_usage_flags.add('0x80000000')
+
+        # Hard-coded values for unknown algorithms
+        #
+        # These have to have values that are correct for their respective
+        # PSA_ALG_IS_xxx macros, but are also not currently assigned and are
+        # not likely to be assigned in the near future.
+        self.hash_algorithms.add('0x020000fe') # 0x020000ff is PSA_ALG_ANY_HASH
+        self.mac_algorithms.add('0x03007fff')
+        self.ka_algorithms.add('0x09fc0000')
+        self.kdf_algorithms.add('0x080000ff')
+        # For AEAD algorithms, the only variability is over the tag length,
+        # and this only applies to known algorithms, so don't test an
+        # unknown algorithm.
+
+    def get_names(self, type_word: str) -> Set[str]:
+        """Return the set of known names of values of the given type."""
+        return {
+            'status': self.statuses,
+            'algorithm': self.algorithms,
+            'ecc_curve': self.ecc_curves,
+            'dh_group': self.dh_groups,
+            'key_type': self.key_types,
+            'key_usage': self.key_usage_flags,
+        }[type_word]
+
+    # Regex for interesting header lines.
+    # Groups: 1=macro name, 2=type, 3=argument list (optional).
+    _header_line_re = \
+        re.compile(r'#define +' +
+                   r'(PSA_((?:(?:DH|ECC|KEY)_)?[A-Z]+)_\w+)' +
+                   r'(?:\(([^\n()]*)\))?')
+    # Regex of macro names to exclude.
+    _excluded_name_re = re.compile(r'_(?:GET|IS|OF)_|_(?:BASE|FLAG|MASK)\Z')
+    # Additional excluded macros.
+    _excluded_names = set([
+        # Macros that provide an alternative way to build the same
+        # algorithm as another macro.
+        'PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG',
+        'PSA_ALG_FULL_LENGTH_MAC',
+        # Auxiliary macro whose name doesn't fit the usual patterns for
+        # auxiliary macros.
+        'PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE',
+    ])
+    def parse_header_line(self, line: str) -> None:
+        """Parse a C header line, looking for "#define PSA_xxx"."""
+        m = re.match(self._header_line_re, line)
+        if not m:
+            return
+        name = m.group(1)
+        self.all_declared.add(name)
+        if re.search(self._excluded_name_re, name) or \
+           name in self._excluded_names or \
+           self.is_internal_name(name):
+            return
+        dest = self.table_by_prefix.get(m.group(2))
+        if dest is None:
+            return
+        dest.add(name)
+        if m.group(3):
+            self.argspecs[name] = self._argument_split(m.group(3))
+
+    _nonascii_re = re.compile(rb'[^\x00-\x7f]+') #type: Pattern
+    def parse_header(self, filename: str) -> None:
+        """Parse a C header file, looking for "#define PSA_xxx"."""
+        with read_file_lines(filename, binary=True) as lines:
+            for line in lines:
+                line = re.sub(self._nonascii_re, rb'', line).decode('ascii')
+                self.parse_header_line(line)
+
+    _macro_identifier_re = re.compile(r'[A-Z]\w+')
+    def generate_undeclared_names(self, expr: str) -> Iterable[str]:
+        for name in re.findall(self._macro_identifier_re, expr):
+            if name not in self.all_declared:
+                yield name
+
+    def accept_test_case_line(self, function: str, argument: str) -> bool:
+        #pylint: disable=unused-argument
+        undeclared = list(self.generate_undeclared_names(argument))
+        if undeclared:
+            raise Exception('Undeclared names in test case', undeclared)
+        return True
+
+    @staticmethod
+    def normalize_argument(argument: str) -> str:
+        """Normalize whitespace in the given C expression.
+
+        The result uses the same whitespace as
+        ` PSAMacroEnumerator.distribute_arguments`.
+        """
+        return re.sub(r',', r', ', re.sub(r' +', r'', argument))
+
+    def add_test_case_line(self, function: str, argument: str) -> None:
+        """Parse a test case data line, looking for algorithm metadata tests."""
+        sets = []
+        if function.endswith('_algorithm'):
+            sets.append(self.algorithms)
+            if function == 'key_agreement_algorithm' and \
+               argument.startswith('PSA_ALG_KEY_AGREEMENT('):
+                # We only want *raw* key agreement algorithms as such, so
+                # exclude ones that are already chained with a KDF.
+                # Keep the expression as one to test as an algorithm.
+                function = 'other_algorithm'
+        sets += self.table_by_test_function[function]
+        if self.accept_test_case_line(function, argument):
+            for s in sets:
+                s.add(self.normalize_argument(argument))
+
+    # Regex matching a *.data line containing a test function call and
+    # its arguments. The actual definition is partly positional, but this
+    # regex is good enough in practice.
+    _test_case_line_re = re.compile(r'(?!depends_on:)(\w+):([^\n :][^:\n]*)')
+    def parse_test_cases(self, filename: str) -> None:
+        """Parse a test case file (*.data), looking for algorithm metadata tests."""
+        with read_file_lines(filename) as lines:
+            for line in lines:
+                m = re.match(self._test_case_line_re, line)
+                if m:
+                    self.add_test_case_line(m.group(1), m.group(2))
diff --git a/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/psa_storage.py b/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/psa_storage.py
new file mode 100644
index 0000000..4adbb07
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/psa_storage.py
@@ -0,0 +1,202 @@
+"""Knowledge about the PSA key store as implemented in Mbed TLS.
+
+Note that if you need to make a change that affects how keys are
+stored, this may indicate that the key store is changing in a
+backward-incompatible way! Think carefully about backward compatibility
+before changing how test data is constructed or validated.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+#
+
+import re
+import struct
+from typing import Dict, List, Optional, Set, Union
+import unittest
+
+from . import c_build_helper
+
+
+class Expr:
+    """Representation of a C expression with a known or knowable numerical value."""
+
+    def __init__(self, content: Union[int, str]):
+        if isinstance(content, int):
+            digits = 8 if content > 0xffff else 4
+            self.string = '{0:#0{1}x}'.format(content, digits + 2)
+            self.value_if_known = content #type: Optional[int]
+        else:
+            self.string = content
+            self.unknown_values.add(self.normalize(content))
+            self.value_if_known = None
+
+    value_cache = {} #type: Dict[str, int]
+    """Cache of known values of expressions."""
+
+    unknown_values = set() #type: Set[str]
+    """Expressions whose values are not present in `value_cache` yet."""
+
+    def update_cache(self) -> None:
+        """Update `value_cache` for expressions registered in `unknown_values`."""
+        expressions = sorted(self.unknown_values)
+        values = c_build_helper.get_c_expression_values(
+            'unsigned long', '%lu',
+            expressions,
+            header="""
+            #include <psa/crypto.h>
+            """,
+            include_path=['include']) #type: List[str]
+        for e, v in zip(expressions, values):
+            self.value_cache[e] = int(v, 0)
+        self.unknown_values.clear()
+
+    @staticmethod
+    def normalize(string: str) -> str:
+        """Put the given C expression in a canonical form.
+
+        This function is only intended to give correct results for the
+        relatively simple kind of C expression typically used with this
+        module.
+        """
+        return re.sub(r'\s+', r'', string)
+
+    def value(self) -> int:
+        """Return the numerical value of the expression."""
+        if self.value_if_known is None:
+            if re.match(r'([0-9]+|0x[0-9a-f]+)\Z', self.string, re.I):
+                return int(self.string, 0)
+            normalized = self.normalize(self.string)
+            if normalized not in self.value_cache:
+                self.update_cache()
+            self.value_if_known = self.value_cache[normalized]
+        return self.value_if_known
+
+Exprable = Union[str, int, Expr]
+"""Something that can be converted to a C expression with a known numerical value."""
+
+def as_expr(thing: Exprable) -> Expr:
+    """Return an `Expr` object for `thing`.
+
+    If `thing` is already an `Expr` object, return it. Otherwise build a new
+    `Expr` object from `thing`. `thing` can be an integer or a string that
+    contains a C expression.
+    """
+    if isinstance(thing, Expr):
+        return thing
+    else:
+        return Expr(thing)
+
+
+class Key:
+    """Representation of a PSA crypto key object and its storage encoding.
+    """
+
+    LATEST_VERSION = 0
+    """The latest version of the storage format."""
+
+    def __init__(self, *,
+                 version: Optional[int] = None,
+                 id: Optional[int] = None, #pylint: disable=redefined-builtin
+                 lifetime: Exprable = 'PSA_KEY_LIFETIME_PERSISTENT',
+                 type: Exprable, #pylint: disable=redefined-builtin
+                 bits: int,
+                 usage: Exprable, alg: Exprable, alg2: Exprable,
+                 material: bytes #pylint: disable=used-before-assignment
+                ) -> None:
+        self.version = self.LATEST_VERSION if version is None else version
+        self.id = id #pylint: disable=invalid-name #type: Optional[int]
+        self.lifetime = as_expr(lifetime) #type: Expr
+        self.type = as_expr(type) #type: Expr
+        self.bits = bits #type: int
+        self.usage = as_expr(usage) #type: Expr
+        self.alg = as_expr(alg) #type: Expr
+        self.alg2 = as_expr(alg2) #type: Expr
+        self.material = material #type: bytes
+
+    MAGIC = b'PSA\000KEY\000'
+
+    @staticmethod
+    def pack(
+            fmt: str,
+            *args: Union[int, Expr]
+    ) -> bytes: #pylint: disable=used-before-assignment
+        """Pack the given arguments into a byte string according to the given format.
+
+        This function is similar to `struct.pack`, but with the following differences:
+        * All integer values are encoded with standard sizes and in
+          little-endian representation. `fmt` must not include an endianness
+          prefix.
+        * Arguments can be `Expr` objects instead of integers.
+        * Only integer-valued elements are supported.
+        """
+        return struct.pack('<' + fmt, # little-endian, standard sizes
+                           *[arg.value() if isinstance(arg, Expr) else arg
+                             for arg in args])
+
+    def bytes(self) -> bytes:
+        """Return the representation of the key in storage as a byte array.
+
+        This is the content of the PSA storage file. When PSA storage is
+        implemented over stdio files, this does not include any wrapping made
+        by the PSA-storage-over-stdio-file implementation.
+
+        Note that if you need to make a change in this function,
+        this may indicate that the key store is changing in a
+        backward-incompatible way! Think carefully about backward
+        compatibility before making any change here.
+        """
+        header = self.MAGIC + self.pack('L', self.version)
+        if self.version == 0:
+            attributes = self.pack('LHHLLL',
+                                   self.lifetime, self.type, self.bits,
+                                   self.usage, self.alg, self.alg2)
+            material = self.pack('L', len(self.material)) + self.material
+        else:
+            raise NotImplementedError
+        return header + attributes + material
+
+    def hex(self) -> str:
+        """Return the representation of the key as a hexadecimal string.
+
+        This is the hexadecimal representation of `self.bytes`.
+        """
+        return self.bytes().hex()
+
+    def location_value(self) -> int:
+        """The numerical value of the location encoded in the key's lifetime."""
+        return self.lifetime.value() >> 8
+
+
+class TestKey(unittest.TestCase):
+    # pylint: disable=line-too-long
+    """A few smoke tests for the functionality of the `Key` class."""
+
+    def test_numerical(self):
+        key = Key(version=0,
+                  id=1, lifetime=0x00000001,
+                  type=0x2400, bits=128,
+                  usage=0x00000300, alg=0x05500200, alg2=0x04c01000,
+                  material=b'@ABCDEFGHIJKLMNO')
+        expected_hex = '505341004b45590000000000010000000024800000030000000250050010c00410000000404142434445464748494a4b4c4d4e4f'
+        self.assertEqual(key.bytes(), bytes.fromhex(expected_hex))
+        self.assertEqual(key.hex(), expected_hex)
+
+    def test_names(self):
+        length = 0xfff8 // 8 # PSA_MAX_KEY_BITS in bytes
+        key = Key(version=0,
+                  id=1, lifetime='PSA_KEY_LIFETIME_PERSISTENT',
+                  type='PSA_KEY_TYPE_RAW_DATA', bits=length*8,
+                  usage=0, alg=0, alg2=0,
+                  material=b'\x00' * length)
+        expected_hex = '505341004b45590000000000010000000110f8ff000000000000000000000000ff1f0000' + '00' * length
+        self.assertEqual(key.bytes(), bytes.fromhex(expected_hex))
+        self.assertEqual(key.hex(), expected_hex)
+
+    def test_defaults(self):
+        key = Key(type=0x1001, bits=8,
+                  usage=0, alg=0, alg2=0,
+                  material=b'\x2a')
+        expected_hex = '505341004b455900000000000100000001100800000000000000000000000000010000002a'
+        self.assertEqual(key.bytes(), bytes.fromhex(expected_hex))
+        self.assertEqual(key.hex(), expected_hex)
diff --git a/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/test_case.py b/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/test_case.py
new file mode 100644
index 0000000..6ed5e84
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/test_case.py
@@ -0,0 +1,91 @@
+"""Library for constructing an Mbed TLS test case.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+#
+
+import binascii
+import os
+import sys
+from typing import Iterable, List, Optional
+
+from . import typing_util
+
+def hex_string(data: bytes) -> str:
+    return '"' + binascii.hexlify(data).decode('ascii') + '"'
+
+
+class MissingDescription(Exception):
+    pass
+
+class MissingFunction(Exception):
+    pass
+
+class TestCase:
+    """An Mbed TLS test case."""
+
+    def __init__(self, description: Optional[str] = None):
+        self.comments = [] #type: List[str]
+        self.description = description #type: Optional[str]
+        self.dependencies = [] #type: List[str]
+        self.function = None #type: Optional[str]
+        self.arguments = [] #type: List[str]
+
+    def add_comment(self, *lines: str) -> None:
+        self.comments += lines
+
+    def set_description(self, description: str) -> None:
+        self.description = description
+
+    def set_dependencies(self, dependencies: List[str]) -> None:
+        self.dependencies = dependencies
+
+    def set_function(self, function: str) -> None:
+        self.function = function
+
+    def set_arguments(self, arguments: List[str]) -> None:
+        self.arguments = arguments
+
+    def check_completeness(self) -> None:
+        if self.description is None:
+            raise MissingDescription
+        if self.function is None:
+            raise MissingFunction
+
+    def write(self, out: typing_util.Writable) -> None:
+        """Write the .data file paragraph for this test case.
+
+        The output starts and ends with a single newline character. If the
+        surrounding code writes lines (consisting of non-newline characters
+        and a final newline), you will end up with a blank line before, but
+        not after the test case.
+        """
+        self.check_completeness()
+        assert self.description is not None # guide mypy
+        assert self.function is not None # guide mypy
+        out.write('\n')
+        for line in self.comments:
+            out.write('# ' + line + '\n')
+        out.write(self.description + '\n')
+        if self.dependencies:
+            out.write('depends_on:' + ':'.join(self.dependencies) + '\n')
+        out.write(self.function + ':' + ':'.join(self.arguments) + '\n')
+
+def write_data_file(filename: str,
+                    test_cases: Iterable[TestCase],
+                    caller: Optional[str] = None) -> None:
+    """Write the test cases to the specified file.
+
+    If the file already exists, it is overwritten.
+    """
+    if caller is None:
+        caller = os.path.basename(sys.argv[0])
+    tempfile = filename + '.new'
+    with open(tempfile, 'w') as out:
+        out.write('# Automatically generated by {}. Do not edit!\n'
+                  .format(caller))
+        for tc in test_cases:
+            tc.write(out)
+        out.write('\n# End of automatically generated file.\n')
+    os.replace(tempfile, filename)
diff --git a/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/test_data_generation.py b/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/test_data_generation.py
new file mode 100644
index 0000000..32361ee
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/test_data_generation.py
@@ -0,0 +1,197 @@
+"""Common code for test data generation.
+
+This module defines classes that are of general use to automatically
+generate .data files for unit tests, as well as a main function.
+
+These are used both by generate_psa_tests.py and generate_bignum_tests.py.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+#
+
+import argparse
+import os
+import posixpath
+import re
+
+from abc import ABCMeta, abstractmethod
+from typing import Callable, Dict, Iterable, Iterator, List, Type, TypeVar
+
+from . import build_tree
+from . import test_case
+
+T = TypeVar('T') #pylint: disable=invalid-name
+
+
+class BaseTarget(metaclass=ABCMeta):
+    """Base target for test case generation.
+
+    Child classes of this class represent an output file, and can be referred
+    to as file targets. These indicate where test cases will be written to for
+    all subclasses of the file target, which is set by `target_basename`.
+
+    Attributes:
+        count: Counter for test cases from this class.
+        case_description: Short description of the test case. This may be
+            automatically generated using the class, or manually set.
+        dependencies: A list of dependencies required for the test case.
+        show_test_count: Toggle for inclusion of `count` in the test description.
+        target_basename: Basename of file to write generated tests to. This
+            should be specified in a child class of BaseTarget.
+        test_function: Test function which the class generates cases for.
+        test_name: A common name or description of the test function. This can
+            be `test_function`, a clearer equivalent, or a short summary of the
+            test function's purpose.
+    """
+    count = 0
+    case_description = ""
+    dependencies = [] # type: List[str]
+    show_test_count = True
+    target_basename = ""
+    test_function = ""
+    test_name = ""
+
+    def __new__(cls, *args, **kwargs):
+        # pylint: disable=unused-argument
+        cls.count += 1
+        return super().__new__(cls)
+
+    @abstractmethod
+    def arguments(self) -> List[str]:
+        """Get the list of arguments for the test case.
+
+        Override this method to provide the list of arguments required for
+        the `test_function`.
+
+        Returns:
+            List of arguments required for the test function.
+        """
+        raise NotImplementedError
+
+    def description(self) -> str:
+        """Create a test case description.
+
+        Creates a description of the test case, including a name for the test
+        function, an optional case count, and a description of the specific
+        test case. This should inform a reader what is being tested, and
+        provide context for the test case.
+
+        Returns:
+            Description for the test case.
+        """
+        if self.show_test_count:
+            return "{} #{} {}".format(
+                self.test_name, self.count, self.case_description
+                ).strip()
+        else:
+            return "{} {}".format(self.test_name, self.case_description).strip()
+
+
+    def create_test_case(self) -> test_case.TestCase:
+        """Generate TestCase from the instance."""
+        tc = test_case.TestCase()
+        tc.set_description(self.description())
+        tc.set_function(self.test_function)
+        tc.set_arguments(self.arguments())
+        tc.set_dependencies(self.dependencies)
+
+        return tc
+
+    @classmethod
+    @abstractmethod
+    def generate_function_tests(cls) -> Iterator[test_case.TestCase]:
+        """Generate test cases for the class test function.
+
+        This will be called in classes where `test_function` is set.
+        Implementations should yield TestCase objects, by creating instances
+        of the class with appropriate input data, and then calling
+        `create_test_case()` on each.
+        """
+        raise NotImplementedError
+
+    @classmethod
+    def generate_tests(cls) -> Iterator[test_case.TestCase]:
+        """Generate test cases for the class and its subclasses.
+
+        In classes with `test_function` set, `generate_function_tests()` is
+        called to generate test cases first.
+
+        In all classes, this method will iterate over its subclasses, and
+        yield from `generate_tests()` in each. Calling this method on a class X
+        will yield test cases from all classes derived from X.
+        """
+        if cls.test_function:
+            yield from cls.generate_function_tests()
+        for subclass in sorted(cls.__subclasses__(), key=lambda c: c.__name__):
+            yield from subclass.generate_tests()
+
+
+class TestGenerator:
+    """Generate test cases and write to data files."""
+    def __init__(self, _options) -> None:
+        self.test_suite_directory = 'tests/suites'
+        # Update `targets` with an entry for each child class of BaseTarget.
+        # Each entry represents a file generated by the BaseTarget framework,
+        # and enables generating the .data files using the CLI.
+        self.targets.update({
+            subclass.target_basename: subclass.generate_tests
+            for subclass in BaseTarget.__subclasses__()
+        })
+
+    def filename_for(self, basename: str) -> str:
+        """The location of the data file with the specified base name."""
+        return posixpath.join(self.test_suite_directory, basename + '.data')
+
+    def write_test_data_file(self, basename: str,
+                             test_cases: Iterable[test_case.TestCase]) -> None:
+        """Write the test cases to a .data file.
+
+        The output file is ``basename + '.data'`` in the test suite directory.
+        """
+        filename = self.filename_for(basename)
+        test_case.write_data_file(filename, test_cases)
+
+    # Note that targets whose names contain 'test_format' have their content
+    # validated by `abi_check.py`.
+    targets = {} # type: Dict[str, Callable[..., Iterable[test_case.TestCase]]]
+
+    def generate_target(self, name: str, *target_args) -> None:
+        """Generate cases and write to data file for a target.
+
+        For target callables which require arguments, override this function
+        and pass these arguments using super() (see PSATestGenerator).
+        """
+        test_cases = self.targets[name](*target_args)
+        self.write_test_data_file(name, test_cases)
+
+def main(args, description: str, generator_class: Type[TestGenerator] = TestGenerator):
+    """Command line entry point."""
+    parser = argparse.ArgumentParser(description=description)
+    parser.add_argument('--list', action='store_true',
+                        help='List available targets and exit')
+    parser.add_argument('targets', nargs='*', metavar='TARGET',
+                        help='Target file to generate (default: all; "-": none)')
+
+    # Change to the mbedtls root, to keep things simple.
+    # Note that if any command line options refer to paths, they need to
+    # be adjusted first.
+    build_tree.chdir_to_root()
+
+    options = parser.parse_args(args)
+    generator = generator_class(options)
+    if options.list:
+        for name in sorted(generator.targets):
+            print(generator.filename_for(name))
+        return
+    if options.targets:
+        # Allow "-" as a special case so you can run
+        # ``generate_xxx_tests.py - $targets`` and it works uniformly whether
+        # ``$targets`` is empty or not.
+        options.targets = [os.path.basename(re.sub(r'\.data\Z', r'', target))
+                           for target in options.targets
+                           if target != '-']
+    else:
+        options.targets = sorted(generator.targets)
+    for target in options.targets:
+        generator.generate_target(target)
diff --git a/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/typing_util.py b/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/typing_util.py
new file mode 100644
index 0000000..2ec448d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/mbedtls_dev/typing_util.py
@@ -0,0 +1,28 @@
+"""Auxiliary definitions used in type annotations.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+#
+
+from typing import Any
+
+# The typing_extensions module is necessary for type annotations that are
+# checked with mypy. It is only used for type annotations or to define
+# things that are themselves only used for type annotations. It is not
+# available on a default Python installation. Therefore, try loading
+# what we need from it for the sake of mypy (which depends on, or comes
+# with, typing_extensions), and if not define substitutes that lack the
+# static type information but are good enough at runtime.
+try:
+    from typing_extensions import Protocol #pylint: disable=import-error
+except ImportError:
+    class Protocol: #type: ignore
+        #pylint: disable=too-few-public-methods
+        pass
+
+class Writable(Protocol):
+    """Abstract class for typing hints."""
+    # pylint: disable=no-self-use,too-few-public-methods,unused-argument
+    def write(self, text: str) -> Any:
+        ...
diff --git a/3rdparty/mbedtls-2.25.0/scripts/memory.sh b/3rdparty/mbedtls-2.28.7/scripts/memory.sh
similarity index 82%
rename from 3rdparty/mbedtls-2.25.0/scripts/memory.sh
rename to 3rdparty/mbedtls-2.28.7/scripts/memory.sh
index 9c3882d..e8543e9 100644
--- a/3rdparty/mbedtls-2.25.0/scripts/memory.sh
+++ b/3rdparty/mbedtls-2.28.7/scripts/memory.sh
@@ -7,19 +7,7 @@
 # since for memory we want debug information.
 #
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 
 set -eu
 
diff --git a/3rdparty/mbedtls-2.28.7/scripts/min_requirements.py b/3rdparty/mbedtls-2.28.7/scripts/min_requirements.py
new file mode 100644
index 0000000..dda3a59
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/min_requirements.py
@@ -0,0 +1,127 @@
+#!/usr/bin/env python3
+"""Install all the required Python packages, with the minimum Python version.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+import argparse
+import os
+import re
+import subprocess
+import sys
+import tempfile
+import typing
+
+from typing import List, Optional
+from mbedtls_dev import typing_util
+
+def pylint_doesn_t_notice_that_certain_types_are_used_in_annotations(
+        _list: List[typing.Any],
+) -> None:
+    pass
+
+
+class Requirements:
+    """Collect and massage Python requirements."""
+
+    def __init__(self) -> None:
+        self.requirements = [] #type: List[str]
+
+    def adjust_requirement(self, req: str) -> str:
+        """Adjust a requirement to the minimum specified version."""
+        # allow inheritance #pylint: disable=no-self-use
+        # If a requirement specifies a minimum version, impose that version.
+        req = re.sub(r'>=|~=', r'==', req)
+        return req
+
+    def add_file(self, filename: str) -> None:
+        """Add requirements from the specified file.
+
+        This method supports a subset of pip's requirement file syntax:
+        * One requirement specifier per line, which is passed to
+          `adjust_requirement`.
+        * Comments (``#`` at the beginning of the line or after whitespace).
+        * ``-r FILENAME`` to include another file.
+        """
+        with open(filename) as fd:
+            for line in fd:
+                line = line.strip()
+                line = re.sub(r'(\A|\s+)#.*', r'', line)
+                if not line:
+                    continue
+                m = re.match(r'-r\s+', line)
+                if m:
+                    nested_file = os.path.join(os.path.dirname(filename),
+                                               line[m.end(0):])
+                    self.add_file(nested_file)
+                    continue
+                self.requirements.append(self.adjust_requirement(line))
+
+    def write(self, out: typing_util.Writable) -> None:
+        """List the gathered requirements."""
+        for req in self.requirements:
+            out.write(req + '\n')
+
+    def install(
+            self,
+            pip_general_options: Optional[List[str]] = None,
+            pip_install_options: Optional[List[str]] = None,
+    ) -> None:
+        """Call pip to install the requirements."""
+        if pip_general_options is None:
+            pip_general_options = []
+        if pip_install_options is None:
+            pip_install_options = []
+        with tempfile.TemporaryDirectory() as temp_dir:
+            # This is more complicated than it needs to be for the sake
+            # of Windows. Use a temporary file rather than the command line
+            # to avoid quoting issues. Use a temporary directory rather
+            # than NamedTemporaryFile because with a NamedTemporaryFile on
+            # Windows, the subprocess can't open the file because this process
+            # has an exclusive lock on it.
+            req_file_name = os.path.join(temp_dir, 'requirements.txt')
+            with open(req_file_name, 'w') as req_file:
+                self.write(req_file)
+            subprocess.check_call([sys.executable, '-m', 'pip'] +
+                                  pip_general_options +
+                                  ['install'] + pip_install_options +
+                                  ['-r', req_file_name])
+
+DEFAULT_REQUIREMENTS_FILE = 'ci.requirements.txt'
+
+def main() -> None:
+    """Command line entry point."""
+    parser = argparse.ArgumentParser(description=__doc__)
+    parser.add_argument('--no-act', '-n',
+                        action='store_true',
+                        help="Don't act, just print what will be done")
+    parser.add_argument('--pip-install-option',
+                        action='append', dest='pip_install_options',
+                        help="Pass this option to pip install")
+    parser.add_argument('--pip-option',
+                        action='append', dest='pip_general_options',
+                        help="Pass this general option to pip")
+    parser.add_argument('--user',
+                        action='append_const', dest='pip_install_options',
+                        const='--user',
+                        help="Install to the Python user install directory"
+                             " (short for --pip-install-option --user)")
+    parser.add_argument('files', nargs='*', metavar='FILE',
+                        help="Requirement files"
+                             " (default: {} in the script's directory)" \
+                             .format(DEFAULT_REQUIREMENTS_FILE))
+    options = parser.parse_args()
+    if not options.files:
+        options.files = [os.path.join(os.path.dirname(__file__),
+                                      DEFAULT_REQUIREMENTS_FILE)]
+    reqs = Requirements()
+    for filename in options.files:
+        reqs.add_file(filename)
+    reqs.write(sys.stdout)
+    if not options.no_act:
+        reqs.install(pip_general_options=options.pip_general_options,
+                     pip_install_options=options.pip_install_options)
+
+if __name__ == '__main__':
+    main()
diff --git a/3rdparty/mbedtls-2.25.0/scripts/output_env.sh b/3rdparty/mbedtls-2.28.7/scripts/output_env.sh
similarity index 85%
rename from 3rdparty/mbedtls-2.25.0/scripts/output_env.sh
rename to 3rdparty/mbedtls-2.28.7/scripts/output_env.sh
index 1d9e0fa..d3eac22 100644
--- a/3rdparty/mbedtls-2.25.0/scripts/output_env.sh
+++ b/3rdparty/mbedtls-2.28.7/scripts/output_env.sh
@@ -3,19 +3,7 @@
 # output_env.sh
 #
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 #
 # Purpose
 #
@@ -105,9 +93,37 @@ echo
 print_version "gcc" "--version" "" "head -n 1"
 echo
 
+if [ -n "${GCC_EARLIEST+set}" ]; then
+    print_version "${GCC_EARLIEST}" "--version" "" "head -n 1"
+else
+    echo " GCC_EARLIEST : Not configured."
+fi
+echo
+
+if [ -n "${GCC_LATEST+set}" ]; then
+    print_version "${GCC_LATEST}" "--version" "" "head -n 1"
+else
+    echo " GCC_LATEST : Not configured."
+fi
+echo
+
 print_version "clang" "--version" "" "head -n 2"
 echo
 
+if [ -n "${CLANG_EARLIEST+set}" ]; then
+    print_version "${CLANG_EARLIEST}" "--version" "" "head -n 2"
+else
+    echo " CLANG_EARLIEST : Not configured."
+fi
+echo
+
+if [ -n "${CLANG_LATEST+set}" ]; then
+    print_version "${CLANG_LATEST}" "--version" "" "head -n 2"
+else
+    echo " CLANG_LATEST : Not configured."
+fi
+echo
+
 print_version "ldd" "--version" "" "head -n 1"
 echo
 
diff --git a/3rdparty/mbedtls-2.25.0/scripts/rename.pl b/3rdparty/mbedtls-2.28.7/scripts/rename.pl
similarity index 80%
rename from 3rdparty/mbedtls-2.25.0/scripts/rename.pl
rename to 3rdparty/mbedtls-2.28.7/scripts/rename.pl
index 9ea5f09..c92cb91 100644
--- a/3rdparty/mbedtls-2.25.0/scripts/rename.pl
+++ b/3rdparty/mbedtls-2.28.7/scripts/rename.pl
@@ -1,24 +1,12 @@
 #!/usr/bin/env perl
 #
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 #
 # Purpose
 #
-# This script migrates application source code from the mbed TLS 1.3 API to the
-# mbed TLS 2.0 API.
+# This script migrates application source code from the Mbed TLS 1.3 API to the
+# Mbed TLS 2.0 API.
 #
 # The script processes the given source code and renames identifiers - functions
 # types, enums etc, as
@@ -88,7 +76,7 @@
     if( dir($filename)->parent eq $lib_include_dir ||
          dir($filename)->parent eq $lib_source_dir )
     {
-        die "Script cannot be executed on the mbed TLS library itself.";
+        die "Script cannot be executed on the Mbed TLS library itself.";
     }
 
     if( -d $filename ) { print STDERR "skip (directory)\n"; next }
diff --git a/3rdparty/mbedtls-2.25.0/scripts/rm-calloc-cast.cocci b/3rdparty/mbedtls-2.28.7/scripts/rm-calloc-cast.cocci
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/scripts/rm-calloc-cast.cocci
rename to 3rdparty/mbedtls-2.28.7/scripts/rm-calloc-cast.cocci
diff --git a/3rdparty/mbedtls-2.28.7/scripts/tmp_ignore_makefiles.sh b/3rdparty/mbedtls-2.28.7/scripts/tmp_ignore_makefiles.sh
new file mode 100644
index 0000000..455f892
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/scripts/tmp_ignore_makefiles.sh
@@ -0,0 +1,47 @@
+#!/bin/bash
+
+# Temporarily (de)ignore Makefiles generated by CMake to allow easier
+# git development
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+IGNORE=""
+
+# Parse arguments
+#
+until [ -z "$1" ]
+do
+  case "$1" in
+    -u|--undo)
+      IGNORE="0"
+      ;;
+    -v|--verbose)
+      # Be verbose
+      VERBOSE="1"
+      ;;
+    -h|--help)
+      # print help
+      echo "Usage: $0"
+      echo -e "  -h|--help\t\tPrint this help."
+      echo -e "  -u|--undo\t\tRemove ignores and continue tracking."
+      echo -e "  -v|--verbose\t\tVerbose."
+      exit 1
+      ;;
+    *)
+      # print error
+      echo "Unknown argument: '$1'"
+      exit 1
+      ;;
+  esac
+  shift
+done
+
+if [ "X" = "X$IGNORE" ];
+then
+  [ $VERBOSE ] && echo "Ignoring Makefiles"
+  git update-index --assume-unchanged Makefile library/Makefile programs/Makefile tests/Makefile
+else
+  [ $VERBOSE ] && echo "Tracking Makefiles"
+  git update-index --no-assume-unchanged Makefile library/Makefile programs/Makefile tests/Makefile
+fi
diff --git a/3rdparty/mbedtls-2.25.0/scripts/windows_msbuild.bat b/3rdparty/mbedtls-2.28.7/scripts/windows_msbuild.bat
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/scripts/windows_msbuild.bat
rename to 3rdparty/mbedtls-2.28.7/scripts/windows_msbuild.bat
diff --git a/3rdparty/mbedtls-2.28.7/tests/.gitignore b/3rdparty/mbedtls-2.28.7/tests/.gitignore
new file mode 100644
index 0000000..4678d8d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/.gitignore
@@ -0,0 +1,15 @@
+*.sln
+*.vcxproj
+
+*.log
+/test_suite*
+data_files/mpi_write
+data_files/hmac_drbg_seed
+data_files/ctr_drbg_seed
+data_files/entropy_seed
+
+include/test/instrument_record_status.h
+
+src/libmbed*
+
+libtestdriver1/*
diff --git a/3rdparty/mbedtls-2.25.0/tests/.jenkins/Jenkinsfile b/3rdparty/mbedtls-2.28.7/tests/.jenkins/Jenkinsfile
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/.jenkins/Jenkinsfile
rename to 3rdparty/mbedtls-2.28.7/tests/.jenkins/Jenkinsfile
diff --git a/3rdparty/mbedtls-2.28.7/tests/CMakeLists.txt b/3rdparty/mbedtls-2.28.7/tests/CMakeLists.txt
new file mode 100644
index 0000000..10de8c7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/CMakeLists.txt
@@ -0,0 +1,109 @@
+set(libs
+    ${mbedtls_target}
+)
+
+# Set the project root directory if it's not already defined, as may happen if
+# the tests folder is included directly by a parent project, without including
+# the top level CMakeLists.txt.
+if(NOT DEFINED MBEDTLS_DIR)
+    set(MBEDTLS_DIR ${CMAKE_SOURCE_DIR})
+endif()
+
+if(USE_PKCS11_HELPER_LIBRARY)
+    set(libs ${libs} pkcs11-helper)
+endif(USE_PKCS11_HELPER_LIBRARY)
+
+if(ENABLE_ZLIB_SUPPORT)
+    set(libs ${libs} ${ZLIB_LIBRARIES})
+endif(ENABLE_ZLIB_SUPPORT)
+
+if(NOT MBEDTLS_PYTHON_EXECUTABLE)
+    message(FATAL_ERROR "Cannot build test suites without Python 3")
+endif()
+
+# Enable definition of various functions used throughout the testsuite
+# (gethostname, strdup, fileno...) even when compiling with -std=c99. Harmless
+# on non-POSIX platforms.
+add_definitions("-D_POSIX_C_SOURCE=200809L")
+
+# If SKIP_TEST_SUITES is not defined with -D, get it from the environment.
+if((NOT DEFINED SKIP_TEST_SUITES) AND (DEFINED ENV{SKIP_TEST_SUITES}))
+    set(SKIP_TEST_SUITES $ENV{SKIP_TEST_SUITES})
+endif()
+# Test suites caught by SKIP_TEST_SUITES are built but not executed.
+# "foo" as a skip pattern skips "test_suite_foo" and "test_suite_foo.bar"
+# but not "test_suite_foobar".
+string(REGEX REPLACE "[ ,;]" "|" SKIP_TEST_SUITES_REGEX "${SKIP_TEST_SUITES}")
+string(REPLACE "." "\\." SKIP_TEST_SUITES_REGEX "${SKIP_TEST_SUITES_REGEX}")
+set(SKIP_TEST_SUITES_REGEX "^(${SKIP_TEST_SUITES_REGEX})(\$|\\.)")
+
+function(add_test_suite suite_name)
+    if(ARGV1)
+        set(data_name ${ARGV1})
+    else()
+        set(data_name ${suite_name})
+    endif()
+
+    add_custom_command(
+        OUTPUT test_suite_${data_name}.c
+        COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py -f ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function -d ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data -t ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function -p ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function -s ${CMAKE_CURRENT_SOURCE_DIR}/suites --helpers-file ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function -o .
+        DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py ${mbedtls_target} ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data
+    )
+
+    add_executable(test_suite_${data_name} test_suite_${data_name}.c
+                   $<TARGET_OBJECTS:mbedtls_test>
+                   $<TARGET_OBJECTS:mbedtls_test_helpers>)
+    target_link_libraries(test_suite_${data_name} ${libs})
+    # Include test-specific header files from ./include and private header
+    # files (used by some invasive tests) from ../library. Public header
+    # files are automatically included because the library targets declare
+    # them as PUBLIC.
+    target_include_directories(test_suite_${data_name}
+        PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+        PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../library)
+
+    if(${data_name} MATCHES ${SKIP_TEST_SUITES_REGEX})
+        message(STATUS "The test suite ${data_name} will not be executed.")
+    else()
+        add_test(${data_name}-suite test_suite_${data_name} --verbose)
+    endif()
+endfunction(add_test_suite)
+
+if(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_CLANG)
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-unused-function")
+endif(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_CLANG)
+
+if(CMAKE_COMPILER_IS_CLANG)
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code")
+endif(CMAKE_COMPILER_IS_CLANG)
+
+if(MSVC)
+    # If a warning level has been defined, suppress all warnings for test code
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W0")
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX-")
+endif(MSVC)
+
+file(GLOB test_suites RELATIVE "${CMAKE_CURRENT_SOURCE_DIR}" suites/*.data)
+list(SORT test_suites)
+foreach(test_suite ${test_suites})
+    get_filename_component(data_name ${test_suite} NAME)
+    string(REGEX REPLACE "\\.data\$" "" data_name "${data_name}")
+    string(REPLACE "test_suite_" "" data_name "${data_name}")
+    string(REGEX MATCH "[^.]*" function_name "${data_name}")
+    add_test_suite(${function_name} ${data_name})
+endforeach(test_suite)
+
+# Make scripts and data files needed for testing available in an
+# out-of-source build.
+if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR})
+    if(EXISTS "${CMAKE_CURRENT_SOURCE_DIR}/seedfile")
+        link_to_source(seedfile)
+    endif()
+    link_to_source(Descriptions.txt)
+    link_to_source(compat.sh)
+    link_to_source(context-info.sh)
+    link_to_source(data_files)
+    link_to_source(scripts)
+    link_to_source(ssl-opt.sh)
+    link_to_source(suites)
+endif()
diff --git a/3rdparty/mbedtls-2.25.0/tests/Descriptions.txt b/3rdparty/mbedtls-2.28.7/tests/Descriptions.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/Descriptions.txt
rename to 3rdparty/mbedtls-2.28.7/tests/Descriptions.txt
diff --git a/3rdparty/mbedtls-2.28.7/tests/Makefile b/3rdparty/mbedtls-2.28.7/tests/Makefile
new file mode 100644
index 0000000..27dcacb
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/Makefile
@@ -0,0 +1,218 @@
+
+# To compile on SunOS: add "-lsocket -lnsl" to LDFLAGS
+# To compile with PKCS11: add "-lpkcs11-helper" to LDFLAGS
+
+CFLAGS	?= -O2
+WARNING_CFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral
+LDFLAGS ?=
+
+# Set this to -v to see the details of failing test cases
+TEST_FLAGS ?= $(if $(filter-out 0 OFF Off off NO No no FALSE False false N n,$(CTEST_OUTPUT_ON_FAILURE)),-v,)
+
+# Include public header files from ../include, test-specific header files
+# from ./include, and private header files (used by some invasive tests)
+# from ../library.
+LOCAL_CFLAGS = $(WARNING_CFLAGS) -I./include -I../include -I../library -D_FILE_OFFSET_BITS=64
+LOCAL_LDFLAGS = -L../library			\
+		-lmbedtls$(SHARED_SUFFIX)	\
+		-lmbedx509$(SHARED_SUFFIX)	\
+		-lmbedcrypto$(SHARED_SUFFIX)
+
+include ../3rdparty/Makefile.inc
+LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES)
+
+# Enable definition of various functions used throughout the testsuite
+# (gethostname, strdup, fileno...) even when compiling with -std=c99. Harmless
+# on non-POSIX platforms.
+LOCAL_CFLAGS += -D_POSIX_C_SOURCE=200809L
+
+ifndef SHARED
+MBEDLIBS=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a
+else
+MBEDLIBS=../library/libmbedcrypto.$(DLEXT) ../library/libmbedx509.$(DLEXT) ../library/libmbedtls.$(DLEXT)
+endif
+
+ifdef DEBUG
+LOCAL_CFLAGS += -g3
+endif
+
+ifdef RECORD_PSA_STATUS_COVERAGE_LOG
+LOCAL_CFLAGS += -Werror -DRECORD_PSA_STATUS_COVERAGE_LOG
+endif
+
+# if we're running on Windows, build for Windows
+ifdef WINDOWS
+WINDOWS_BUILD=1
+endif
+
+ifdef WINDOWS_BUILD
+DLEXT=dll
+EXEXT=.exe
+LOCAL_LDFLAGS += -lws2_32
+ifdef SHARED
+SHARED_SUFFIX=.$(DLEXT)
+endif
+else
+DLEXT ?= so
+EXEXT=
+SHARED_SUFFIX=
+endif
+
+ifdef WINDOWS
+PYTHON ?= python
+else
+PYTHON ?= $(shell if type python3 >/dev/null 2>/dev/null; then echo python3; else echo python; fi)
+endif
+
+# Zlib shared library extensions:
+ifdef ZLIB
+LOCAL_LDFLAGS += -lz
+endif
+
+# A test application is built for each suites/test_suite_*.data file.
+# Application name is same as .data file's base name and can be
+# constructed by stripping path 'suites/' and extension .data.
+APPS = $(basename $(subst suites/,,$(wildcard suites/test_suite_*.data)))
+
+# Construct executable name by adding OS specific suffix $(EXEXT).
+BINARIES := $(addsuffix $(EXEXT),$(APPS))
+
+.SILENT:
+
+.PHONY: all check test clean
+
+all: $(BINARIES)
+
+$(MBEDLIBS):
+	$(MAKE) -C ../library
+
+MBEDTLS_TEST_OBJS=$(patsubst %.c,%.o,$(wildcard src/*.c src/drivers/*.c src/test_helpers/*.c))
+
+mbedtls_test: $(MBEDTLS_TEST_OBJS)
+
+TEST_OBJS_DEPS = $(wildcard include/test/*.h include/test/*/*.h)
+ifdef RECORD_PSA_STATUS_COVERAGE_LOG
+# Explicitly depend on this header because on a clean copy of the source tree,
+# it doesn't exist yet and must be generated as part of the build, and
+# therefore the wildcard enumeration above doesn't include it.
+TEST_OBJS_DEPS += include/test/instrument_record_status.h
+endif
+
+# Rule to compile common test C files in src folder
+src/%.o : src/%.c $(TEST_OBJS_DEPS)
+	echo "  CC    $<"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $<
+
+src/drivers/%.o : src/drivers/%.c
+	echo "  CC    $<"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $<
+
+src/test_helpers/%.o : src/test_helpers/%.c
+	echo "  CC    $<"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $<
+
+C_FILES := $(addsuffix .c,$(APPS))
+c: $(C_FILES)
+
+# Wildcard target for test code generation:
+# A .c file is generated for each .data file in the suites/ directory. Each .c
+# file depends on a .data and .function file from suites/ directory. Following
+# nameing convention is followed:
+#
+#     C file        |        Depends on
+#-----------------------------------------------------------------------------
+#  foo.c            | suites/foo.function suites/foo.data
+#  foo.bar.c        | suites/foo.function suites/foo.bar.data
+#
+# Note above that .c and .data files have same base name.
+# However, corresponding .function file's base name is the word before first
+# dot in .c file's base name.
+#
+.SECONDEXPANSION:
+%.c: suites/$$(firstword $$(subst ., ,$$*)).function suites/%.data scripts/generate_test_code.py suites/helpers.function suites/main_test.function suites/host_test.function
+	echo "  Gen   $@"
+	$(PYTHON) scripts/generate_test_code.py -f suites/$(firstword $(subst ., ,$*)).function \
+		-d suites/$*.data \
+		-t suites/main_test.function \
+		-p suites/host_test.function \
+		-s suites  \
+		--helpers-file suites/helpers.function \
+		-o .
+
+
+$(BINARIES): %$(EXEXT): %.c $(MBEDLIBS) $(TEST_OBJS_DEPS) $(MBEDTLS_TEST_OBJS)
+	echo "  CC    $<"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(MBEDTLS_TEST_OBJS) $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+clean:
+ifndef WINDOWS
+	rm -rf $(BINARIES) *.c *.datax
+	rm -f src/*.o src/drivers/*.o src/test_helpers/*.o src/libmbed*
+	rm -f include/test/instrument_record_status.h
+	rm -rf libtestdriver1
+else
+	if exist *.c del /Q /F *.c
+	if exist *.exe del /Q /F *.exe
+	if exist *.datax del /Q /F *.datax
+	if exist src/*.o del /Q /F src/*.o
+	if exist src/drivers/*.o del /Q /F src/drivers/*.o
+	if exist src/test_helpers/*.o del /Q /F src/test_helpers/*.o
+	if exist src/libmbed* del /Q /F src/libmed*
+	if exist include/test/instrument_record_status.h del /Q /F include/test/instrument_record_status.h
+endif
+
+# Test suites caught by SKIP_TEST_SUITES are built but not executed.
+check: $(BINARIES)
+	perl scripts/run-test-suites.pl $(TEST_FLAGS) --skip=$(SKIP_TEST_SUITES)
+
+test: check
+
+# Generate test library
+
+# Perl code that is executed to transform each original line from a library
+# source file into the corresponding line in the test driver copy of the
+# library. Add a LIBTESTDRIVER1_/libtestdriver1_ to mbedtls_xxx and psa_xxx
+# symbols.
+define libtestdriver1_rewrite :=
+	s!^(\s*#\s*include\s*[\"<])(mbedtls|psa)/!$${1}libtestdriver1/include/$${2}/!; \
+	next if /^\s*#\s*include/; \
+	s/\b(?=MBEDTLS_|PSA_)/LIBTESTDRIVER1_/g; \
+	s/\b(?=mbedtls_|psa_)/libtestdriver1_/g;
+endef
+
+libtestdriver1.a:
+	# Copy the library and fake a 3rdparty Makefile include.
+	rm -Rf ./libtestdriver1
+	mkdir ./libtestdriver1
+	cp -Rf ../library ./libtestdriver1
+	cp -Rf ../include ./libtestdriver1
+	mkdir ./libtestdriver1/3rdparty
+	touch ./libtestdriver1/3rdparty/Makefile.inc
+
+	# Set the test driver base (minimal) configuration.
+	cp ./include/test/drivers/config_test_driver.h ./libtestdriver1/include/mbedtls/config.h
+
+	# Set the PSA cryptography configuration for the test library.
+	# It is set from the copied include/psa/crypto_config.h of the Mbed TLS
+        # library the test library is intended to be linked with extended by
+        # ./include/test/drivers/crypto_config_test_driver_extension.h to
+        # mirror the PSA_ACCEL_* macros.
+	mv ./libtestdriver1/include/psa/crypto_config.h ./libtestdriver1/include/psa/crypto_config.h.bak
+	head -n -1 ./libtestdriver1/include/psa/crypto_config.h.bak > ./libtestdriver1/include/psa/crypto_config.h
+	cat ./include/test/drivers/crypto_config_test_driver_extension.h >> ./libtestdriver1/include/psa/crypto_config.h
+	echo "#endif /* PSA_CRYPTO_CONFIG_H */" >> ./libtestdriver1/include/psa/crypto_config.h
+
+	# Prefix MBEDTLS_* PSA_* symbols with LIBTESTDRIVER1_ as well as
+	# mbedtls_* psa_* symbols with libtestdriver1_ to avoid symbol clash
+	# when this test driver library is linked with the Mbed TLS library.
+	perl -pi -e '$(libtestdriver1_rewrite)' ./libtestdriver1/library/*.[ch]
+	perl -pi -e '$(libtestdriver1_rewrite)' ./libtestdriver1/include/*/*.h
+
+	$(MAKE) -C ./libtestdriver1/library CFLAGS="-I../../ $(CFLAGS)" LDFLAGS="$(LDFLAGS)" libmbedcrypto.a
+	cp ./libtestdriver1/library/libmbedcrypto.a ../library/libtestdriver1.a
+
+ifdef RECORD_PSA_STATUS_COVERAGE_LOG
+include/test/instrument_record_status.h: ../include/psa/crypto.h Makefile
+	echo "  Gen  $@"
+	sed <../include/psa/crypto.h >$@ -n 's/^psa_status_t \([A-Za-z0-9_]*\)(.*/#define \1(...) RECORD_STATUS("\1", \1(__VA_ARGS__))/p'
+endif
diff --git a/3rdparty/mbedtls-2.28.7/tests/compat-in-docker.sh b/3rdparty/mbedtls-2.28.7/tests/compat-in-docker.sh
new file mode 100644
index 0000000..7d48513
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/compat-in-docker.sh
@@ -0,0 +1,55 @@
+#!/bin/bash -eu
+
+# compat-in-docker.sh
+#
+# Purpose
+# -------
+# This runs compat.sh in a Docker container.
+#
+# WARNING: the Dockerfile used by this script is no longer maintained! See
+# https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start
+# for the set of Docker images we use on the CI.
+#
+# Notes for users
+# ---------------
+# If OPENSSL, GNUTLS_CLI, or GNUTLS_SERV are specified the path must
+# correspond to an executable inside the Docker container. The special
+# values "next" (OpenSSL only) and "legacy" are also allowed as shorthand
+# for the installations inside the container.
+#
+# See also:
+# - scripts/docker_env.sh for general Docker prerequisites and other information.
+# - compat.sh for notes about invocation of that script.
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+source tests/scripts/docker_env.sh
+
+case "${OPENSSL:-default}" in
+    "legacy")  export OPENSSL="/usr/local/openssl-1.0.1j/bin/openssl";;
+    "next")    export OPENSSL="/usr/local/openssl-1.1.1a/bin/openssl";;
+    *) ;;
+esac
+
+case "${GNUTLS_CLI:-default}" in
+    "legacy")  export GNUTLS_CLI="/usr/local/gnutls-3.3.8/bin/gnutls-cli";;
+    "next")  export GNUTLS_CLI="/usr/local/gnutls-3.6.5/bin/gnutls-cli";;
+    *) ;;
+esac
+
+case "${GNUTLS_SERV:-default}" in
+    "legacy")  export GNUTLS_SERV="/usr/local/gnutls-3.3.8/bin/gnutls-serv";;
+    "next")  export GNUTLS_SERV="/usr/local/gnutls-3.6.5/bin/gnutls-serv";;
+    *) ;;
+esac
+
+run_in_docker \
+    -e M_CLI \
+    -e M_SRV \
+    -e GNUTLS_CLI \
+    -e GNUTLS_SERV \
+    -e OPENSSL \
+    -e OSSL_NO_DTLS \
+    tests/compat.sh \
+    $@
diff --git a/3rdparty/mbedtls-2.25.0/tests/compat.sh b/3rdparty/mbedtls-2.28.7/tests/compat.sh
similarity index 85%
rename from 3rdparty/mbedtls-2.25.0/tests/compat.sh
rename to 3rdparty/mbedtls-2.28.7/tests/compat.sh
index 6e0a8f9..a07ed58 100644
--- a/3rdparty/mbedtls-2.25.0/tests/compat.sh
+++ b/3rdparty/mbedtls-2.28.7/tests/compat.sh
@@ -3,19 +3,7 @@
 # compat.sh
 #
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 #
 # Purpose
 #
@@ -30,6 +18,11 @@ set -u
 # where it may output seemingly unlimited length error logs.
 ulimit -f 20971520
 
+ORIGINAL_PWD=$PWD
+if ! cd "$(dirname "$0")"; then
+    exit 125
+fi
+
 # initialise counters
 TESTS=0
 FAILED=0
@@ -39,10 +32,21 @@ SRVMEM=0
 # default commands, can be overridden by the environment
 : ${M_SRV:=../programs/ssl/ssl_server2}
 : ${M_CLI:=../programs/ssl/ssl_client2}
-: ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system
+: ${OPENSSL:=openssl}
 : ${GNUTLS_CLI:=gnutls-cli}
 : ${GNUTLS_SERV:=gnutls-serv}
 
+# The OPENSSL variable used to be OPENSSL_CMD for historical reasons.
+# To help the migration, error out if the old variable is set,
+# but only if it has a different value than the new one.
+if [ "${OPENSSL_CMD+set}" = set ]; then
+    # the variable is set, we can now check its value
+    if [ "$OPENSSL_CMD" != "$OPENSSL" ]; then
+        echo "Please use OPENSSL instead of OPENSSL_CMD." >&2
+        exit 125
+    fi
+fi
+
 # do we have a recent enough GnuTLS?
 if ( which $GNUTLS_CLI && which $GNUTLS_SERV ) >/dev/null 2>&1; then
     G_VER="$( $GNUTLS_CLI --version | head -n1 )"
@@ -66,18 +70,31 @@ else
     PEER_GNUTLS=""
 fi
 
+guess_config_name() {
+    if git diff --quiet ../include/mbedtls/config.h 2>/dev/null; then
+        echo "default"
+    else
+        echo "unknown"
+    fi
+}
+: ${MBEDTLS_TEST_OUTCOME_FILE=}
+: ${MBEDTLS_TEST_CONFIGURATION:="$(guess_config_name)"}
+: ${MBEDTLS_TEST_PLATFORM:="$(uname -s | tr -c \\n0-9A-Za-z _)-$(uname -m | tr -c \\n0-9A-Za-z _)"}
+
 # default values for options
-MODES="tls1 tls1_1 tls1_2 dtls1 dtls1_2"
+# /!\ keep this synchronised with:
+# - basic-build-test.sh
+# - all.sh (multiple components)
+MODES="tls1 tls1_1 tls12 dtls1 dtls12" # ssl3 not in default config
 VERIFIES="NO YES"
 TYPES="ECDSA RSA PSK"
 FILTER=""
 # exclude:
-# - NULL: excluded from our default config
+# - NULL: excluded from our default config + requires OpenSSL legacy
 # - RC4, single-DES: requires legacy OpenSSL/GnuTLS versions
-#   avoid plain DES but keep 3DES-EDE-CBC (mbedTLS), DES-CBC3 (OpenSSL)
+# - 3DES: not in default config
 # - ARIA: not in default config.h + requires OpenSSL >= 1.1.1
 # - ChachaPoly: requires OpenSSL >= 1.1.0
-# - 3DES: not in default config
 EXCLUDE='NULL\|DES\|RC4\|ARCFOUR\|ARIA\|CHACHA20-POLY1305'
 VERBOSE=""
 MEMCHECK=0
@@ -99,6 +116,38 @@ print_usage() {
     printf "            \tAlso available: GnuTLS (needs v3.2.15 or higher)\n"
     printf "  -M|--memcheck\tCheck memory leaks and errors.\n"
     printf "  -v|--verbose\tSet verbose output.\n"
+    printf "     --list-test-case\tList all potential test cases (No Execution)\n"
+    printf "     --outcome-file\tFile where test outcomes are written\n"
+    printf "                   \t(default: \$MBEDTLS_TEST_OUTCOME_FILE, none if empty)\n"
+}
+
+# print_test_case <CLIENT> <SERVER> <STANDARD_CIPHER_SUITE>
+print_test_case() {
+    for i in $3; do
+        uniform_title $1 $2 $i
+        echo $TITLE
+    done
+}
+
+# list_test_case lists all potential test cases in compat.sh without execution
+list_test_case() {
+    for MODE in $MODES; do
+        for TYPE in $TYPES; do
+            for VERIFY in $VERIFIES; do
+                VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]')
+                reset_ciphersuites
+                add_common_ciphersuites
+                add_openssl_ciphersuites
+                add_gnutls_ciphersuites
+                add_mbedtls_ciphersuites
+                print_test_case m O "$O_CIPHERS"
+                print_test_case O m "$O_CIPHERS"
+                print_test_case m G "$G_CIPHERS"
+                print_test_case G m "$G_CIPHERS"
+                print_test_case m m "$M_CIPHERS"
+            done
+        done
+    done
 }
 
 get_options() {
@@ -128,6 +177,15 @@ get_options() {
             -M|--memcheck)
                 MEMCHECK=1
                 ;;
+            # Please check scripts/check_test_cases.py correspondingly
+            # if you have to modify option, --list-test-case
+            --list-test-case)
+                list_test_case
+                exit $?
+                ;;
+            --outcome-file)
+                shift; MBEDTLS_TEST_OUTCOME_FILE=$1
+                ;;
             -h|--help)
                 print_usage
                 exit 0
@@ -156,7 +214,7 @@ log() {
 # is_dtls <mode>
 is_dtls()
 {
-    test "$1" = "dtls1" -o "$1" = "dtls1_2"
+    test "$1" = "dtls1" -o "$1" = "dtls12"
 }
 
 # minor_ver <mode>
@@ -172,7 +230,7 @@ minor_ver()
         tls1_1|dtls1)
             echo 2
             ;;
-        tls1_2|dtls1_2)
+        tls12|dtls12)
             echo 3
             ;;
         *)
@@ -202,22 +260,11 @@ filter()
   echo "$NEW_LIST" | sed -e 's/[[:space:]][[:space:]]*/ /g' -e 's/^ //' -e 's/ $//'
 }
 
-# OpenSSL 1.0.1h with -Verify wants a ClientCertificate message even for
-# PSK ciphersuites with DTLS, which is incorrect, so disable them for now
-check_openssl_server_bug()
-{
-    if test "X$VERIFY" = "XYES" && is_dtls "$MODE" && \
-        echo "$1" | grep "^TLS-PSK" >/dev/null;
-    then
-        SKIP_NEXT="YES"
-    fi
-}
-
 filter_ciphersuites()
 {
     if [ "X" != "X$FILTER" -o "X" != "X$EXCLUDE" ];
     then
-        # Ciphersuite for mbed TLS
+        # Ciphersuite for Mbed TLS
         M_CIPHERS=$( filter "$M_CIPHERS" )
 
         # Ciphersuite for OpenSSL
@@ -227,18 +274,9 @@ filter_ciphersuites()
         G_CIPHERS=$( filter "$G_CIPHERS" )
     fi
 
-    # OpenSSL <1.0.2 doesn't support DTLS 1.2. Check what OpenSSL
-    # supports from the s_server help. (The s_client help isn't
-    # accurate as of 1.0.2g: it supports DTLS 1.2 but doesn't list it.
-    # But the s_server help seems to be accurate.)
-    if ! $OPENSSL_CMD s_server -help 2>&1 | grep -q "^ *-$MODE "; then
-        M_CIPHERS=""
-        O_CIPHERS=""
-    fi
-
-    # For GnuTLS client -> mbed TLS server,
+    # For GnuTLS client -> Mbed TLS server,
     # we need to force IPv4 by connecting to 127.0.0.1 but then auth fails
-    if [ "X$VERIFY" = "XYES" ] && is_dtls "$MODE"; then
+    if is_dtls "$MODE" && [ "X$VERIFY" = "XYES" ]; then
         G_CIPHERS=""
     fi
 }
@@ -455,7 +493,7 @@ add_common_ciphersuites()
 #
 # NOTE: for some reason RSA-PSK doesn't work with OpenSSL,
 # so RSA-PSK ciphersuites need to go in other sections, see
-# https://github.com/ARMmbed/mbedtls/issues/1419
+# https://github.com/Mbed-TLS/mbedtls/issues/1419
 #
 # ChachaPoly suites are here rather than in "common", as they were added in
 # GnuTLS in 3.5.0 and the CI only has 3.4.x so far.
@@ -868,27 +906,44 @@ add_mbedtls_ciphersuites()
     esac
 }
 
+# o_check_ciphersuite CIPHER_SUITE_NAME
+o_check_ciphersuite()
+{
+    if [ "${O_SUPPORT_ECDH}" = "NO" ]; then
+        case "$1" in
+            *ECDH-*) SKIP_NEXT="YES"
+        esac
+    fi
+}
+
 setup_arguments()
 {
+    O_MODE=""
     G_MODE=""
     case "$MODE" in
         "ssl3")
+            O_MODE="ssl3"
             G_PRIO_MODE="+VERS-SSL3.0"
             ;;
         "tls1")
+            O_MODE="tls1"
             G_PRIO_MODE="+VERS-TLS1.0"
             ;;
         "tls1_1")
+            O_MODE="tls1_1"
             G_PRIO_MODE="+VERS-TLS1.1"
             ;;
-        "tls1_2")
+        "tls12")
+            O_MODE="tls1_2"
             G_PRIO_MODE="+VERS-TLS1.2"
             ;;
         "dtls1")
+            O_MODE="dtls1"
             G_PRIO_MODE="+VERS-DTLS1.0"
             G_MODE="-u"
             ;;
-        "dtls1_2")
+        "dtls12")
+            O_MODE="dtls1_2"
             G_PRIO_MODE="+VERS-DTLS1.2"
             G_MODE="-u"
             ;;
@@ -905,10 +960,23 @@ setup_arguments()
     fi
 
     M_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE arc4=1"
-    O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$MODE -dhparam data_files/dhparams.pem"
+    O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$O_MODE"
     G_SERVER_ARGS="-p $PORT --http $G_MODE"
     G_SERVER_PRIO="NORMAL:${G_PRIO_CCM}+ARCFOUR-128:+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+SHA256:+SHA384:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE"
 
+    # The default prime for `openssl s_server` depends on the version:
+    # * OpenSSL <= 1.0.2a: 512-bit
+    # * OpenSSL 1.0.2b to 1.1.1b: 1024-bit
+    # * OpenSSL >= 1.1.1c: 2048-bit
+    # Mbed TLS wants >=1024, so force that for older versions. Don't force
+    # it for newer versions, which reject a 1024-bit prime. Indifferently
+    # force it or not for intermediate versions.
+    case $($OPENSSL version) in
+        "OpenSSL 1.0"*)
+            O_SERVER_ARGS="$O_SERVER_ARGS -dhparam data_files/dhparams.pem"
+            ;;
+    esac
+
     # with OpenSSL 1.0.1h, -www, -WWW and -HTTP break DTLS handshakes
     if is_dtls "$MODE"; then
         O_SERVER_ARGS="$O_SERVER_ARGS"
@@ -917,9 +985,27 @@ setup_arguments()
     fi
 
     M_CLIENT_ARGS="server_port=$PORT server_addr=127.0.0.1 force_version=$MODE"
-    O_CLIENT_ARGS="-connect localhost:$PORT -$MODE"
+    O_CLIENT_ARGS="-connect localhost:$PORT -$O_MODE"
     G_CLIENT_ARGS="-p $PORT --debug 3 $G_MODE"
-    G_CLIENT_PRIO="NONE:$G_PRIO_MODE:+COMP-NULL:+CURVE-ALL:+SIGN-ALL"
+
+    # Newer versions of OpenSSL have a syntax to enable all "ciphers", even
+    # low-security ones. This covers not just cipher suites but also protocol
+    # versions. It is necessary, for example, to use (D)TLS 1.0/1.1 on
+    # OpenSSL 1.1.1f from Ubuntu 20.04. The syntax was only introduced in
+    # OpenSSL 1.1.0 (21e0c1d23afff48601eb93135defddae51f7e2e3) and I can't find
+    # a way to discover it from -help, so check the openssl version.
+    case $($OPENSSL version) in
+        "OpenSSL 0"*|"OpenSSL 1.0"*) :;;
+        *)
+            O_CLIENT_ARGS="$O_CLIENT_ARGS -cipher ALL@SECLEVEL=0"
+            O_SERVER_ARGS="$O_SERVER_ARGS -cipher ALL@SECLEVEL=0"
+            ;;
+    esac
+
+    case $($OPENSSL ciphers ALL) in
+        *ECDH-ECDSA*|*ECDH-RSA*) O_SUPPORT_ECDH="YES";;
+        *) O_SUPPORT_ECDH="NO";;
+    esac
 
     if [ "X$VERIFY" = "XYES" ];
     then
@@ -1032,7 +1118,7 @@ fi
 start_server() {
     case $1 in
         [Oo]pen*)
-            SERVER_CMD="$OPENSSL_CMD s_server $O_SERVER_ARGS"
+            SERVER_CMD="$OPENSSL s_server $O_SERVER_ARGS"
             ;;
         [Gg]nu*)
             SERVER_CMD="$GNUTLS_SERV $G_SERVER_ARGS --priority $G_SERVER_PRIO"
@@ -1054,15 +1140,17 @@ start_server() {
     echo "$SERVER_CMD" > $SRV_OUT
     # for servers without -www or equivalent
     while :; do echo bla; sleep 1; done | $SERVER_CMD >> $SRV_OUT 2>&1 &
-    PROCESS_ID=$!
+    SRV_PID=$!
 
-    wait_server_start "$PORT" "$PROCESS_ID"
+    wait_server_start "$PORT" "$SRV_PID"
 }
 
 # terminate the running server
 stop_server() {
-    kill $PROCESS_ID 2>/dev/null
-    wait $PROCESS_ID 2>/dev/null
+    # For Ubuntu 22.04, `Terminated` message is outputed by wait command.
+    # To remove it from stdout, redirect stdout/stderr to SRV_OUT
+    kill $SRV_PID >/dev/null 2>&1
+    wait $SRV_PID >> $SRV_OUT 2>&1
 
     if [ "$MEMCHECK" -gt 0 ]; then
         if is_mbedtls "$SERVER_CMD" && has_mem_err $SRV_OUT; then
@@ -1078,7 +1166,7 @@ stop_server() {
 # kill the running server (used when killed by signal)
 cleanup() {
     rm -f $SRV_OUT $CLI_OUT
-    kill $PROCESS_ID >/dev/null 2>&1
+    kill $SRV_PID >/dev/null 2>&1
     kill $WATCHDOG_PID >/dev/null 2>&1
     exit 1
 }
@@ -1091,30 +1179,70 @@ wait_client_done() {
     ( sleep "$DOG_DELAY"; echo "TIMEOUT" >> $CLI_OUT; kill $CLI_PID ) &
     WATCHDOG_PID=$!
 
-    wait $CLI_PID
+    # For Ubuntu 22.04, `Terminated` message is outputed by wait command.
+    # To remove it from stdout, redirect stdout/stderr to CLI_OUT
+    wait $CLI_PID >> $CLI_OUT 2>&1
     EXIT=$?
 
-    kill $WATCHDOG_PID
-    wait $WATCHDOG_PID
+    kill $WATCHDOG_PID >/dev/null 2>&1
+    wait $WATCHDOG_PID >> $CLI_OUT 2>&1
 
     echo "EXIT: $EXIT" >> $CLI_OUT
 }
 
+# record_outcome <outcome> [<failure-reason>]
+record_outcome() {
+    echo "$1"
+    if [ -n "$MBEDTLS_TEST_OUTCOME_FILE" ]; then
+        # The test outcome file has the format (in single line):
+        # platform;configuration;
+        # test suite name;test case description;
+        # PASS/FAIL/SKIP;[failure cause]
+        printf '%s;%s;%s;%s;%s;%s\n'                                    \
+            "$MBEDTLS_TEST_PLATFORM" "$MBEDTLS_TEST_CONFIGURATION"      \
+            "compat" "$TITLE"                                           \
+            "$1" "${2-}"                                                \
+            >> "$MBEDTLS_TEST_OUTCOME_FILE"
+    fi
+}
+
+# display additional information if test case fails
+report_fail() {
+    FAIL_PROMPT="outputs saved to c-srv-${TESTS}.log, c-cli-${TESTS}.log"
+    record_outcome "FAIL" "$FAIL_PROMPT"
+    cp $SRV_OUT c-srv-${TESTS}.log
+    cp $CLI_OUT c-cli-${TESTS}.log
+    echo "  ! $FAIL_PROMPT"
+
+    if [ "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then
+        echo "  ! server output:"
+        cat c-srv-${TESTS}.log
+        echo "  ! ==================================================="
+        echo "  ! client output:"
+        cat c-cli-${TESTS}.log
+    fi
+}
+
+# uniform_title <CLIENT> <SERVER> <STANDARD_CIPHER_SUITE>
+# $TITLE is considered as test case description for both --list-test-case and
+# MBEDTLS_TEST_OUTCOME_FILE. This function aims to control the format of
+# each test case description.
+uniform_title() {
+    TITLE="$1->$2 $MODE,$VERIF $3"
+}
+
 # run_client <name> <cipher>
 run_client() {
     # announce what we're going to do
     TESTS=$(( $TESTS + 1 ))
-    VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]')
-    TITLE="`echo $1 | head -c1`->`echo $SERVER_NAME | head -c1`"
-    TITLE="$TITLE $MODE,$VERIF $2"
-    printf "%s " "$TITLE"
-    LEN=$(( 72 - `echo "$TITLE" | wc -c` ))
-    for i in `seq 1 $LEN`; do printf '.'; done; printf ' '
+    uniform_title "${1%"${1#?}"}" "${SERVER_NAME%"${SERVER_NAME#?}"}" $2
+    DOTS72="........................................................................"
+    printf "%s %.*s " "$TITLE" "$((71 - ${#TITLE}))" "$DOTS72"
 
     # should we skip?
     if [ "X$SKIP_NEXT" = "XYES" ]; then
         SKIP_NEXT="NO"
-        echo "SKIP"
+        record_outcome "SKIP"
         SKIPPED=$(( $SKIPPED + 1 ))
         return
     fi
@@ -1122,7 +1250,7 @@ run_client() {
     # run the command and interpret result
     case $1 in
         [Oo]pen*)
-            CLIENT_CMD="$OPENSSL_CMD s_client $O_CLIENT_ARGS -cipher $2"
+            CLIENT_CMD="$OPENSSL s_client $O_CLIENT_ARGS -cipher $2"
             log "$CLIENT_CMD"
             echo "$CLIENT_CMD" > $CLI_OUT
             printf 'GET HTTP/1.0\r\n\r\n' | $CLIENT_CMD >> $CLI_OUT 2>&1 &
@@ -1131,7 +1259,7 @@ run_client() {
             if [ $EXIT -eq 0 ]; then
                 RESULT=0
             else
-                # If the cipher isn't supported...
+                # If it is NULL cipher ...
                 if grep 'Cipher is (NONE)' $CLI_OUT >/dev/null; then
                     RESULT=1
                 else
@@ -1208,26 +1336,14 @@ run_client() {
     # report and count result
     case $RESULT in
         "0")
-            echo PASS
+            record_outcome "PASS"
             ;;
         "1")
-            echo SKIP
+            record_outcome "SKIP"
             SKIPPED=$(( $SKIPPED + 1 ))
             ;;
         "2")
-            echo FAIL
-            cp $SRV_OUT c-srv-${TESTS}.log
-            cp $CLI_OUT c-cli-${TESTS}.log
-            echo "  ! outputs saved to c-srv-${TESTS}.log, c-cli-${TESTS}.log"
-
-            if [ "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then
-                echo "  ! server output:"
-                cat c-srv-${TESTS}.log
-                echo "  ! ==================================================="
-                echo "  ! client output:"
-                cat c-cli-${TESTS}.log
-            fi
-
+            report_fail
             FAILED=$(( $FAILED + 1 ))
             ;;
     esac
@@ -1239,13 +1355,16 @@ run_client() {
 # MAIN
 #
 
-if cd $( dirname $0 ); then :; else
-    echo "cd $( dirname $0 ) failed" >&2
-    exit 1
-fi
-
 get_options "$@"
 
+# Make the outcome file path relative to the original directory, not
+# to .../tests
+case "$MBEDTLS_TEST_OUTCOME_FILE" in
+    [!/]*)
+        MBEDTLS_TEST_OUTCOME_FILE="$ORIGINAL_PWD/$MBEDTLS_TEST_OUTCOME_FILE"
+        ;;
+esac
+
 # sanity checks, avoid an avalanche of errors
 if [ ! -x "$M_SRV" ]; then
     echo "Command '$M_SRV' is not an executable file" >&2
@@ -1257,8 +1376,8 @@ if [ ! -x "$M_CLI" ]; then
 fi
 
 if echo "$PEERS" | grep -i openssl > /dev/null; then
-    if which "$OPENSSL_CMD" >/dev/null 2>&1; then :; else
-        echo "Command '$OPENSSL_CMD' not found" >&2
+    if which "$OPENSSL" >/dev/null 2>&1; then :; else
+        echo "Command '$OPENSSL' not found" >&2
         exit 1
     fi
 fi
@@ -1301,9 +1420,20 @@ SKIP_NEXT="NO"
 
 trap cleanup INT TERM HUP
 
-for VERIFY in $VERIFIES; do
-    for MODE in $MODES; do
-        for TYPE in $TYPES; do
+for MODE in $MODES; do
+    for TYPE in $TYPES; do
+
+        # PSK cipher suites do not allow client certificate verification.
+        # This means PSK test cases with VERIFY=YES should be replaced by
+        # VERIFY=NO or be ignored. SUB_VERIFIES variable is used to constrain
+        # verification option for PSK test cases.
+        SUB_VERIFIES=$VERIFIES
+        if [ "$TYPE" = "PSK" ]; then
+            SUB_VERIFIES="NO"
+        fi
+
+        for VERIFY in $SUB_VERIFIES; do
+            VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]')
             for PEER in $PEERS; do
 
             setup_arguments
@@ -1316,6 +1446,15 @@ for VERIFY in $VERIFIES; do
                         continue;
                     fi
 
+                    # OpenSSL <1.0.2 doesn't support DTLS 1.2. Check if OpenSSL
+                    # supports $O_MODE from the s_server help. (The s_client
+                    # help isn't accurate as of 1.0.2g: it supports DTLS 1.2
+                    # but doesn't list it. But the s_server help seems to be
+                    # accurate.)
+                    if ! $OPENSSL s_server -help 2>&1 | grep -q "^ *-$O_MODE "; then
+                        continue;
+                    fi
+
                     reset_ciphersuites
                     add_common_ciphersuites
                     add_openssl_ciphersuites
@@ -1324,7 +1463,7 @@ for VERIFY in $VERIFIES; do
                     if [ "X" != "X$M_CIPHERS" ]; then
                         start_server "OpenSSL"
                         for i in $M_CIPHERS; do
-                            check_openssl_server_bug $i
+                            o_check_ciphersuite "$i"
                             run_client mbedTLS $i
                         done
                         stop_server
@@ -1333,6 +1472,7 @@ for VERIFY in $VERIFIES; do
                     if [ "X" != "X$O_CIPHERS" ]; then
                         start_server "mbedTLS"
                         for i in $O_CIPHERS; do
+                            o_check_ciphersuite "$i"
                             run_client OpenSSL $i
                         done
                         stop_server
@@ -1398,8 +1538,7 @@ done
 
 echo "------------------------------------------------------------------------"
 
-if [ $FAILED -ne 0 -o $SRVMEM -ne 0 ];
-then
+if [ $FAILED -ne 0 -o $SRVMEM -ne 0 ]; then
     printf "FAILED"
 else
     printf "PASSED"
@@ -1415,4 +1554,9 @@ PASSED=$(( $TESTS - $FAILED ))
 echo " ($PASSED / $TESTS tests ($SKIPPED skipped$MEMREPORT))"
 
 FAILED=$(( $FAILED + $SRVMEM ))
+if [ $FAILED -gt 255 ]; then
+    # Clamp at 255 as caller gets exit code & 0xFF
+    # (so 256 would be 0, or success, etc)
+    FAILED=255
+fi
 exit $FAILED
diff --git a/3rdparty/mbedtls-2.28.7/tests/configs/user-config-for-test.h b/3rdparty/mbedtls-2.28.7/tests/configs/user-config-for-test.h
new file mode 100644
index 0000000..b0c2988
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/configs/user-config-for-test.h
@@ -0,0 +1,87 @@
+/* MBEDTLS_USER_CONFIG_FILE for testing.
+ * Only used for a few test configurations.
+ *
+ * Typical usage (note multiple levels of quoting):
+ *     make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'"
+ */
+
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if defined(PSA_CRYPTO_DRIVER_TEST_ALL)
+/* PSA_CRYPTO_DRIVER_TEST_ALL activates test drivers while keeping the
+ * built-in implementations active. Normally setting MBEDTLS_PSA_ACCEL_xxx
+ * would disable MBEDTLS_PSA_BUILTIN_xxx unless fallback is activated, but
+ * here we arrange to have both active so that psa_crypto_*.c includes
+ * the built-in implementations and the driver code can call the built-in
+ * implementations.
+ *
+ * The point of this test mode is to verify that the
+ * driver entry points are called when they should be in a lightweight
+ * way, without requiring an actual driver. This is different from builds
+ * with libtestdriver1, where we make a copy of the library source code
+ * and use that as an external driver.
+ */
+
+/* Enable the use of the test driver in the library, and build the generic
+ * part of the test driver. */
+#define PSA_CRYPTO_DRIVER_TEST
+
+/* With MBEDTLS_PSA_CRYPTO_CONFIG, if we set up the acceleration, the
+ * built-in implementations won't be enabled. */
+#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
+#error \
+    "PSA_CRYPTO_DRIVER_TEST_ALL sets up a nonstandard configuration that is incompatible with MBEDTLS_PSA_CRYPTO_CONFIG"
+#endif
+
+/* Use the accelerator driver for all cryptographic mechanisms for which
+ * the test driver implemented. */
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_AES
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR
+#define MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING
+#define MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7
+#define MBEDTLS_PSA_ACCEL_ALG_CTR
+#define MBEDTLS_PSA_ACCEL_ALG_CFB
+#define MBEDTLS_PSA_ACCEL_ALG_ECDSA
+#define MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA
+#define MBEDTLS_PSA_ACCEL_ALG_MD2
+#define MBEDTLS_PSA_ACCEL_ALG_MD4
+#define MBEDTLS_PSA_ACCEL_ALG_MD5
+#define MBEDTLS_PSA_ACCEL_ALG_OFB
+#define MBEDTLS_PSA_ACCEL_ALG_RIPEMD160
+#define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN
+#define MBEDTLS_PSA_ACCEL_ALG_RSA_PSS
+#define MBEDTLS_PSA_ACCEL_ALG_SHA_1
+#define MBEDTLS_PSA_ACCEL_ALG_SHA_224
+#define MBEDTLS_PSA_ACCEL_ALG_SHA_256
+#define MBEDTLS_PSA_ACCEL_ALG_SHA_384
+#define MBEDTLS_PSA_ACCEL_ALG_SHA_512
+#define MBEDTLS_PSA_ACCEL_ALG_XTS
+#define MBEDTLS_PSA_ACCEL_ALG_CMAC
+#define MBEDTLS_PSA_ACCEL_ALG_HMAC
+
+#endif  /* PSA_CRYPTO_DRIVER_TEST_ALL */
+
+
+
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
+/* The #MBEDTLS_PSA_INJECT_ENTROPY feature requires two extra platform
+ * functions, which must be configured as #MBEDTLS_PLATFORM_NV_SEED_READ_MACRO
+ * and #MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO. The job of these functions
+ * is to read and write from the entropy seed file, which is located
+ * in the PSA ITS file whose uid is #PSA_CRYPTO_ITS_RANDOM_SEED_UID.
+ * (These could have been provided as library functions, but for historical
+ * reasons, they weren't, and so each integrator has to provide a copy
+ * of these functions.)
+ *
+ * Provide implementations of these functions for testing. */
+#include <stddef.h>
+int mbedtls_test_inject_entropy_seed_read(unsigned char *buf, size_t len);
+int mbedtls_test_inject_entropy_seed_write(unsigned char *buf, size_t len);
+#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_test_inject_entropy_seed_read
+#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_test_inject_entropy_seed_write
+#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
diff --git a/3rdparty/mbedtls-2.28.7/tests/configs/user-config-malloc-0-null.h b/3rdparty/mbedtls-2.28.7/tests/configs/user-config-malloc-0-null.h
new file mode 100644
index 0000000..d74a851
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/configs/user-config-malloc-0-null.h
@@ -0,0 +1,22 @@
+/* config.h modifier that forces calloc(0) to return NULL.
+ * Used for testing.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <stdlib.h>
+
+#ifndef MBEDTLS_PLATFORM_STD_CALLOC
+static inline void *custom_calloc(size_t nmemb, size_t size)
+{
+    if (nmemb == 0 || size == 0) {
+        return NULL;
+    }
+    return calloc(nmemb, size);
+}
+
+#define MBEDTLS_PLATFORM_MEMORY
+#define MBEDTLS_PLATFORM_STD_CALLOC custom_calloc
+#endif
diff --git a/3rdparty/mbedtls-2.28.7/tests/configs/user-config-zeroize-memset.h b/3rdparty/mbedtls-2.28.7/tests/configs/user-config-zeroize-memset.h
new file mode 100644
index 0000000..52d4b08
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/configs/user-config-zeroize-memset.h
@@ -0,0 +1,17 @@
+/* mbedtls_config.h modifier that defines mbedtls_platform_zeroize() to be
+ * memset(), so that the compile can check arguments for us.
+ * Used for testing.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <string.h>
+
+/* Define _ALT so we don't get the built-in implementation. The test code will
+ * also need to define MBEDTLS_TEST_DEFINES_ZEROIZE so we don't get the
+ * declaration. */
+#define MBEDTLS_PLATFORM_ZEROIZE_ALT
+
+#define mbedtls_platform_zeroize(buf, len) memset(buf, 0, len)
diff --git a/3rdparty/mbedtls-2.25.0/tests/context-info.sh b/3rdparty/mbedtls-2.28.7/tests/context-info.sh
similarity index 95%
rename from 3rdparty/mbedtls-2.25.0/tests/context-info.sh
rename to 3rdparty/mbedtls-2.28.7/tests/context-info.sh
index 3465298..b870692 100644
--- a/3rdparty/mbedtls-2.25.0/tests/context-info.sh
+++ b/3rdparty/mbedtls-2.28.7/tests/context-info.sh
@@ -3,19 +3,7 @@
 # context-info.sh
 #
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 #
 # This program is intended for testing the ssl_context_info program
 #
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/.gitignore b/3rdparty/mbedtls-2.28.7/tests/data_files/.gitignore
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/.gitignore
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/.gitignore
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/Makefile b/3rdparty/mbedtls-2.28.7/tests/data_files/Makefile
new file mode 100644
index 0000000..f67db07
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/Makefile
@@ -0,0 +1,1672 @@
+## This file contains a record of how some of the test data was
+## generated. The final build products are committed to the repository
+## as well to make sure that the test data is identical. You do not
+## need to use this makefile unless you're extending Mbed TLS's tests.
+
+## Many data files were generated prior to the existence of this
+## makefile, so the method of their generation was not recorded.
+
+## Note that in addition to depending on the version of the data
+## generation tool, many of the build outputs are randomized, so
+## running this makefile twice would not produce the same results.
+
+## Tools
+OPENSSL ?= openssl
+FAKETIME ?= faketime
+
+TOP_DIR = ../..
+MBEDTLS_CERT_WRITE ?= $(TOP_DIR)/programs/x509/cert_write
+MBEDTLS_CERT_REQ ?= $(TOP_DIR)/programs/x509/cert_req
+
+
+## Build the generated test data. Note that since the final outputs
+## are committed to the repository, this target should do nothing on a
+## fresh checkout. Furthermore, since the generation is randomized,
+## re-running the same targets may result in differing files. The goal
+## of this makefile is primarily to serve as a record of how the
+## targets were generated in the first place.
+default: all_final
+
+all_intermediate := # temporary files
+all_final := # files used by tests
+
+
+
+################################################################
+#### Generate certificates from existing keys
+################################################################
+
+test_ca_crt = test-ca.crt
+test_ca_key_file_rsa = test-ca.key
+test_ca_pwd_rsa = PolarSSLTest
+test_ca_config_file = test-ca.opensslconf
+
+$(test_ca_key_file_rsa):
+	$(OPENSSL) genrsa -aes-128-cbc -passout pass:$(test_ca_pwd_rsa) -out $@ 2048
+all_final += $(test_ca_key_file_rsa)
+
+test-ca.req.sha256: $(test_ca_key_file_rsa)
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_rsa) password=$(test_ca_pwd_rsa) subject_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" md=SHA256
+all_intermediate += test-ca.req.sha256
+
+test-ca.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
+	$(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@
+all_final += test-ca.crt
+
+test-ca.crt.der: test-ca.crt
+	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
+all_final += test-ca.crt.der
+
+test-ca.key.der: $(test_ca_key_file_rsa)
+	$(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER -passin "pass:$(test_ca_pwd_rsa)"
+all_final += test-ca.key.der
+
+# This is only used for generating cert_example_multi_nocn.crt
+test-ca_nocn.crt: $(test_ca_key_file_rsa)
+	$(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 selfsign=1 \
+		subject_key=$(test_ca_key_file_rsa) subject_pwd=$(test_ca_pwd_rsa)  subject_name="C=NL" \
+		issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) issuer_name="C=NL" \
+		not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@
+all_intermediate += test-ca_nocn.crt
+
+test-ca-sha1.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
+	$(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@
+all_final += test-ca-sha1.crt
+
+test-ca-sha1.crt.der: test-ca-sha1.crt
+	$(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
+all_final += test-ca-sha1.crt.der
+
+test-ca-sha256.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
+	$(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA256 version=3 output_file=$@
+all_final += test-ca-sha256.crt
+
+test-ca-sha256.crt.der: test-ca-sha256.crt
+	$(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
+all_final += test-ca-sha256.crt.der
+
+test-ca_utf8.crt: $(test_ca_key_file_rsa)
+	$(OPENSSL) req -x509 -new -nodes -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 3 -config $(test_ca_config_file) -sha1 -days 3653 -utf8 -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test CA" -out $@
+all_final += test-ca_utf8.crt
+
+test-ca_printable.crt: $(test_ca_key_file_rsa)
+	$(OPENSSL) req -x509 -new -nodes -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 3 -config $(test_ca_config_file) -sha1 -days 3653 -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test CA" -out $@
+all_final += test-ca_printable.crt
+
+test-ca_uppercase.crt: $(test_ca_key_file_rsa)
+	$(OPENSSL) req -x509 -new -nodes -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 3 -config $(test_ca_config_file) -sha1 -days 3653 -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test CA" -out $@
+all_final += test-ca_uppercase.crt
+
+test_ca_key_file_rsa_alt = test-ca-alt.key
+
+cert_example_multi.csr: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=www.example.com" -set_serial 17 -config $(test_ca_config_file) -extensions dns_alt_names -days 3650 -key rsa_pkcs1_1024_clear.pem -out $@
+
+cert_example_multi.crt: cert_example_multi.csr
+	$(OPENSSL) x509 -req -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) -extfile $(test_ca_config_file) -extensions dns_alt_names -passin "pass:$(test_ca_pwd_rsa)" -set_serial 17 -days 3653 -sha256 -in $< > $@
+
+cert_example_multi_nocn.csr: rsa_pkcs1_1024_clear.pem
+	$(MBEDTLS_CERT_REQ) filename=$< output_file=$@ subject_name='C=NL'
+all_intermediate += cert_example_multi_nocn.csr
+
+cert_example_multi_nocn.crt: cert_example_multi_nocn.csr test-ca_nocn.crt
+	$(OPENSSL) x509 -req -CA test-ca_nocn.crt -CAkey $(test_ca_key_file_rsa) \
+		-extfile $(test_ca_config_file) -extensions ext_multi_nocn -passin "pass:$(test_ca_pwd_rsa)" \
+		-set_serial  0xf7c67ff8e9a963f9 -days 3653 -sha1 -in $< > $@
+all_final += cert_example_multi_nocn.crt
+
+$(test_ca_key_file_rsa_alt):test-ca.opensslconf
+	$(OPENSSL) genrsa -out $@ 2048
+test-ca-alt.csr: $(test_ca_key_file_rsa_alt) $(test_ca_config_file)
+	$(OPENSSL) req -new -config $(test_ca_config_file) -key $(test_ca_key_file_rsa_alt) -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test CA" -out $@
+all_intermediate += test-ca-alt.csr
+test-ca-alt.crt: $(test_ca_key_file_rsa_alt) $(test_ca_config_file) test-ca-alt.csr
+	$(OPENSSL) req -x509 -config $(test_ca_config_file) -key $(test_ca_key_file_rsa_alt) -set_serial 0 -days 3653 -sha256 -in test-ca-alt.csr -out $@
+all_final += test-ca-alt.crt
+test-ca-alt-good.crt: test-ca-alt.crt test-ca-sha256.crt
+	cat test-ca-alt.crt test-ca-sha256.crt > $@
+all_final += test-ca-alt-good.crt
+test-ca-good-alt.crt: test-ca-alt.crt test-ca-sha256.crt
+	cat test-ca-sha256.crt test-ca-alt.crt > $@
+all_final += test-ca-good-alt.crt
+
+test_ca_crt_file_ec = test-ca2.crt
+test_ca_key_file_ec = test-ca2.key
+
+test-ca2.req.sha256: $(test_ca_key_file_ec)
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_ec) \
+	subject_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" md=SHA256
+all_intermediate += test-ca2.req.sha256
+
+test-ca2.crt: $(test_ca_key_file_ec) test-ca2.req.sha256
+	$(MBEDTLS_CERT_WRITE) is_ca=1 serial=13926223505202072808 selfsign=1 \
+		request_file=test-ca2.req.sha256 \
+		issuer_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" \
+		issuer_key=$(test_ca_key_file_ec) \
+		not_before=20190210144400 not_after=20290210144400 \
+		md=SHA256 version=3 output_file=$@
+all_final += test-ca2.crt
+
+test-ca2.ku-%.crt: test-ca2.ku-%.crt.openssl.v3_ext $(test_ca_key_file_ec) test-ca2.req.sha256
+	$(OPENSSL) x509 -req -in test-ca2.req.sha256 -extfile $< \
+		-signkey $(test_ca_key_file_ec) -days 3653 -out $@
+
+all_final += test-ca2.ku-crl.crt \
+			 test-ca2.ku-crt.crt \
+			 test-ca2.ku-crt_crl.crt \
+			 test-ca2.ku-ds.crt
+
+test-ca2-future.crt: $(test_ca_key_file_ec) test-ca2.req.sha256
+	$(MBEDTLS_CERT_WRITE) is_ca=1 serial=13926223505202072808 request_file=test-ca2.req.sha256 selfsign=1 \
+		issuer_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" issuer_key=$(test_ca_key_file_ec) \
+		not_before=20290210144400 not_after=20390210144400 md=SHA256 version=3 output_file=$@
+all_intermediate += test-ca2-future.crt
+
+test_ca_ec_cat := # files that concatenate different crt
+test-ca2_cat-future-invalid.crt: test-ca2-future.crt server6.crt
+test_ca_ec_cat += test-ca2_cat-future-invalid.crt
+test-ca2_cat-future-present.crt: test-ca2-future.crt test-ca2.crt
+test_ca_ec_cat += test-ca2_cat-future-present.crt
+test-ca2_cat-present-future.crt: test-ca2.crt test-ca2-future.crt
+test_ca_ec_cat += test-ca2_cat-present-future.crt
+test-ca2_cat-present-past.crt: test-ca2.crt test-ca2-expired.crt
+test_ca_ec_cat += test-ca2_cat-present-past.crt
+test-ca2_cat-past-invalid.crt: test-ca2-expired.crt server6.crt
+test_ca_ec_cat += test-ca2_cat-past-invalid.crt
+test-ca2_cat-past-present.crt: test-ca2-expired.crt test-ca2.crt
+test_ca_ec_cat += test-ca2_cat-past-present.crt
+$(test_ca_ec_cat):
+	cat $^ > $@
+all_final += $(test_ca_ec_cat)
+
+test-ca-any_policy.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
+	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_ca \
+		-key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" \
+		-set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@
+all_final += test-ca-any_policy.crt
+
+test-ca-any_policy_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256
+	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_ca \
+		-key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 \
+		-in test-ca.req_ec.sha256 -out $@
+all_final += test-ca-any_policy_ec.crt
+
+test-ca-any_policy_with_qualifier.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
+	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_qualifier_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@
+all_final += test-ca-any_policy_with_qualifier.crt
+
+test-ca-any_policy_with_qualifier_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256
+	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_qualifier_ca -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 -in test-ca.req_ec.sha256 -out $@
+all_final += test-ca-any_policy_with_qualifier_ec.crt
+
+test-ca-multi_policy.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
+	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_multi_policy_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@
+all_final += test-ca-multi_policy.crt
+
+test-ca-multi_policy_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256
+	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_multi_policy_ca -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 -in test-ca.req_ec.sha256 -out $@
+all_final += test-ca-multi_policy_ec.crt
+
+test-ca-unsupported_policy.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
+	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_unsupported_policy_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@
+all_final += test-ca-unsupported_policy.crt
+
+test-ca-unsupported_policy_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256
+	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_unsupported_policy_ca -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 -in test-ca.req_ec.sha256 -out $@
+all_final += test-ca-unsupported_policy_ec.crt
+
+test-ca.req_ec.sha256: $(test_ca_key_file_ec)
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_ec) subject_name="C=NL, O=PolarSSL, CN=Polarssl Test EC CA" md=SHA256
+all_intermediate += test-ca.req_ec.sha256
+
+test-ca2.crt.der: $(test_ca_crt_file_ec)
+	$(OPENSSL) x509 -in $(test_ca_crt_file_ec) -out $@ -inform PEM -outform DER
+all_final += test-ca2.crt.der
+
+test-ca2.key.der: $(test_ca_key_file_ec)
+	$(OPENSSL) pkey -in $(test_ca_key_file_ec) -out $@ -inform PEM -outform DER
+all_final += test-ca2.key.der
+
+test_ca_crt_cat12 = test-ca_cat12.crt
+$(test_ca_crt_cat12): $(test_ca_crt) $(test_ca_crt_file_ec)
+	cat $(test_ca_crt) $(test_ca_crt_file_ec) > $@
+all_final += $(test_ca_crt_cat12)
+
+test_ca_crt_cat21 = test-ca_cat21.crt
+$(test_ca_crt_cat21): $(test_ca_crt) $(test_ca_crt_file_ec)
+	cat $(test_ca_crt_file_ec) $(test_ca_crt) > $@
+all_final += $(test_ca_crt_cat21)
+
+test-int-ca.csr: test-int-ca.key $(test_ca_config_file)
+	$(OPENSSL) req -new -config $(test_ca_config_file) -key test-int-ca.key -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test Intermediate CA" -out $@
+
+test-int-ca2.csr: test-int-ca2.key $(test_ca_config_file)
+	$(OPENSSL) req -new -config $(test_ca_config_file) -key test-int-ca2.key \
+		-subj "/C=NL/O=PolarSSL/CN=PolarSSL Test Intermediate EC CA" -out $@
+
+test-int-ca3.csr: test-int-ca3.key $(test_ca_config_file)
+	$(OPENSSL) req -new -config $(test_ca_config_file) -key test-int-ca3.key \
+		-subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" -out $@
+
+all_intermediate += test-int-ca.csr test-int-ca2.csr test-int-ca3.csr
+
+test-int-ca.crt: $(test_ca_crt_file_ec) $(test_ca_key_file_ec) $(test_ca_config_file) test-int-ca.csr
+	$(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions v3_ca \
+		-CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \
+		-set_serial 14 -days 3653 -sha256 -in test-int-ca.csr -out $@
+
+test-int-ca2.crt: $(test_ca_key_file_rsa) $(test_ca_crt) $(test_ca_config_file) test-int-ca2.csr
+	$(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions v3_ca -CA $(test_ca_crt) \
+		-CAkey $(test_ca_key_file_rsa) -set_serial 15 -days 3653 -sha256 -in test-int-ca2.csr \
+		-passin "pass:$(test_ca_pwd_rsa)" -out $@
+
+# Note: This requests openssl version >= 3.x.xx
+test-int-ca3.crt: test-int-ca2.crt test-int-ca2.key $(test_ca_config_file) test-int-ca3.csr
+	$(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions no_subj_auth_id \
+		-CA test-int-ca2.crt -CAkey test-int-ca2.key -set_serial 77 -days 3653 \
+			-sha256 -in test-int-ca3.csr -out $@
+
+test-int-ca-exp.crt: $(test_ca_crt_file_ec) $(test_ca_key_file_ec) $(test_ca_config_file) test-int-ca.csr
+	$(FAKETIME) -f -3653d $(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions v3_ca -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) -set_serial 14 -days 3653 -sha256 -in test-int-ca.csr -out $@
+
+all_final += test-int-ca-exp.crt test-int-ca.crt test-int-ca2.crt test-int-ca3.crt
+
+enco-cert-utf8str.pem: rsa_pkcs1_1024_clear.pem
+	$(MBEDTLS_CERT_WRITE) subject_key=rsa_pkcs1_1024_clear.pem subject_name="CN=dw.yonan.net" issuer_crt=enco-ca-prstr.pem issuer_key=rsa_pkcs1_1024_clear.pem not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
+
+crl-idp.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file)
+	$(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_config_file) -name test_ca -md sha256 -crldays 3653 -crlexts crl_ext_idp -out $@
+all_final += crl-idp.pem
+crl-idpnc.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file)
+	$(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_config_file) -name test_ca -md sha256 -crldays 3653 -crlexts crl_ext_idp_nc -out $@
+all_final += crl-idpnc.pem
+
+cli_crt_key_file_rsa = cli-rsa.key
+cli_crt_extensions_file = cli.opensslconf
+
+cli-rsa.csr: $(cli_crt_key_file_rsa)
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Client 2" md=SHA1
+all_intermediate += cli-rsa.csr
+
+cli-rsa-sha1.crt: cli-rsa.csr
+	$(MBEDTLS_CERT_WRITE) request_file=$< serial=4 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
+
+cli-rsa-sha256.crt: cli-rsa.csr
+	$(MBEDTLS_CERT_WRITE) request_file=$< serial=4 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@
+all_final += cli-rsa-sha256.crt
+
+cli-rsa-sha256.crt.der: cli-rsa-sha256.crt
+	$(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
+all_final += cli-rsa-sha256.crt.der
+
+cli-rsa-sha256-badalg.crt.der: cli-rsa-sha256.crt.der
+	hexdump -ve '1/1 "%.2X"' $< | sed "s/06092A864886F70D01010B0500/06092A864886F70D01010B0900/2" | xxd -r -p > $@
+all_final += cli-rsa-sha256-badalg.crt.der
+
+cli-rsa.key.der: $(cli_crt_key_file_rsa)
+	$(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER
+all_final += cli-rsa.key.der
+
+test_ca_int_rsa1 = test-int-ca.crt
+test_ca_int_ec = test-int-ca2.crt
+test_ca_int_key_file_ec = test-int-ca2.key
+
+# server7*
+
+server7.csr: server7.key
+	$(OPENSSL) req -new -key server7.key -subj "/C=NL/O=PolarSSL/CN=localhost" -out $@
+all_intermediate += server7.csr
+
+server7.crt: server7.csr $(test_ca_int_rsa1)
+	$(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \
+		-CA $(test_ca_int_rsa1) -CAkey test-int-ca.key \
+		-set_serial 16 -days 3653 -sha256 -in server7.csr > $@
+all_final += server7.crt
+
+server7-expired.crt: server7.csr $(test_ca_int_rsa1)
+	$(FAKETIME) -f -3653d $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key -set_serial 16 -days 3653 -sha256 -in server7.csr | cat - $(test_ca_int_rsa1) > $@
+all_final += server7-expired.crt
+
+server7-future.crt: server7.csr $(test_ca_int_rsa1)
+	$(FAKETIME) -f +3653d $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key -set_serial 16 -days 3653 -sha256 -in server7.csr | cat - $(test_ca_int_rsa1) > $@
+all_final += server7-future.crt
+
+server7-badsign.crt: server7.crt $(test_ca_int_rsa1)
+	{ head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; cat $(test_ca_int_rsa1); } > $@
+all_final += server7-badsign.crt
+
+server7_int-ca.crt: server7.crt $(test_ca_int_rsa1)
+	cat server7.crt $(test_ca_int_rsa1) > $@
+all_final += server7_int-ca.crt
+
+server7_pem_space.crt: server7.crt $(test_ca_int_rsa1)
+	cat server7.crt $(test_ca_int_rsa1) | sed '4s/\(.\)$$/ \1/' > $@
+all_final += server7_pem_space.crt
+
+server7_all_space.crt: server7.crt $(test_ca_int_rsa1)
+	{ cat server7.crt | sed '4s/\(.\)$$/ \1/'; cat test-int-ca.crt | sed '4s/\(.\)$$/ \1/'; } > $@
+all_final += server7_all_space.crt
+
+server7_trailing_space.crt: server7.crt $(test_ca_int_rsa1)
+	cat server7.crt $(test_ca_int_rsa1) | sed 's/\(.\)$$/\1 /' > $@
+all_final += server7_trailing_space.crt
+
+server7_int-ca_ca2.crt: server7.crt $(test_ca_int_rsa1) $(test_ca_crt_file_ec)
+	cat server7.crt $(test_ca_int_rsa1) $(test_ca_crt_file_ec) > $@
+all_final += server7_int-ca_ca2.crt
+
+server7_int-ca-exp.crt: server7.crt test-int-ca-exp.crt
+	cat server7.crt test-int-ca-exp.crt > $@
+all_final += server7_int-ca-exp.crt
+
+server7_spurious_int-ca.crt: server7.crt $(test_ca_int_ec) $(test_ca_int_rsa1)
+	cat server7.crt $(test_ca_int_ec) $(test_ca_int_rsa1) > $@
+all_final += server7_spurious_int-ca.crt
+
+# server8*
+
+server8.crt: server8.key
+	$(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="C=NL, O=PolarSSL, CN=localhost" serial=17 \
+		issuer_crt=$(test_ca_int_ec) issuer_key=$(test_ca_int_key_file_ec) \
+		not_before=20190210144406 not_after=20290210144406 \
+		md=SHA256 version=3 output_file=$@
+all_final += server8.crt
+
+server8_int-ca2.crt: server8.crt $(test_ca_int_ec)
+	cat $^ > $@
+all_final += server8_int-ca2.crt
+
+cli2.req.sha256: cli2.key
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Test Client 2" md=SHA256
+
+all_final += server1.req.sha1
+cli2.crt: cli2.req.sha256
+	$(MBEDTLS_CERT_WRITE) request_file=cli2.req.sha256 serial=13 selfsign=0 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test EC CA" issuer_key=$(test_ca_key_file_ec) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA256 version=3 output_file=$@
+all_final += cli2.crt
+
+cli2.crt.der: cli2.crt
+	$(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
+all_final += cli2.crt.der
+
+cli2.key.der: cli2.key
+	$(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER
+all_final += cli2.key.der
+
+server5_pwd_ec = PolarSSLTest
+
+server5.crt.der: server5.crt
+	$(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
+all_final += server5.crt.der
+
+server5.key.der: server5.key
+	$(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER
+all_final += server5.key.der
+
+server5.key.enc: server5.key
+	$(OPENSSL) ec -aes256 -in $< -out $@ -passout "pass:$(server5_pwd_ec)"
+all_final += server5.key.enc
+
+server5-ss-expired.crt: server5.key
+	$(FAKETIME) -f -3653d $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/OU=testsuite/CN=localhost" -days 3653 -sha256 -key $< -out $@
+all_final += server5-ss-expired.crt
+
+# try to forge a copy of test-int-ca3 with different key
+server5-ss-forgeca.crt: server5.key
+	$(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" \
+		-set_serial 77 -config $(test_ca_config_file) -extensions noext_ca \
+		-days 3650 -sha256 -key $< -out $@
+all_final += server5-ss-forgeca.crt
+
+server5-selfsigned.crt: server5.key
+	openssl req -x509 -key server5.key \
+        -sha256 -days 3650 -nodes \
+        -addext basicConstraints=critical,CA:FALSE \
+        -addext keyUsage=critical,digitalSignature \
+        -addext subjectKeyIdentifier=hash   \
+        -addext authorityKeyIdentifier=none \
+        -set_serial 0x53a2cb4b124ead837da894b2 \
+        -subj "/CN=selfsigned/OU=testing/O=PolarSSL/C=NL" \
+        -out $@
+all_final += server5-selfsigned.crt
+
+server5-othername.crt: server5.key
+	$(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions othername_san -days 3650 -sha256 -key $< -out $@
+
+server5-nonprintable_othername.crt: server5.key
+	$(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS non-printable othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions nonprintable_othername_san -days 3650 -sha256 -key $< -out $@
+
+server5-unsupported_othername.crt: server5.key
+	$(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS unsupported othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions unsupported_othername_san -days 3650 -sha256 -key $< -out $@
+
+server5-fan.crt: server5.key
+	$(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS FAN" -set_serial 77 -config $(test_ca_config_file) -extensions fan_cert -days 3650 -sha256 -key server5.key -out $@
+
+server5-tricky-ip-san.crt: server5.key
+	$(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS Tricky IP SAN" -set_serial 77 -config $(test_ca_config_file) -extensions tricky_ip_san -days 3650 -sha256 -key server5.key -out $@
+all_final += server5-tricky-ip-san.crt
+
+server5-der0.crt: server5.crt.der
+	cp $< $@
+server5-der1a.crt: server5.crt.der
+	cp $< $@
+	echo '00' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc
+server5-der1b.crt: server5.crt.der
+	cp $< $@
+	echo 'c1' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc
+server5-der2.crt: server5.crt.der
+	cp $< $@
+	echo 'b90a' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc
+server5-der4.crt: server5.crt.der
+	cp $< $@
+	echo 'a710945f' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc
+server5-der8.crt: server5.crt.der
+	cp $< $@
+	echo 'a4a7ff27267aaa0f' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc
+server5-der9.crt: server5.crt.der
+	cp $< $@
+	echo 'cff8303376ffa47a29' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc
+all_final += server5-der0.crt server5-der1b.crt server5-der4.crt \
+			 server5-der9.crt server5-der1a.crt server5-der2.crt \
+			 server5-der8.crt
+
+test-int-ca3-badsign.crt: test-int-ca3.crt
+	{ head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@
+all_final += test-int-ca3-badsign.crt
+
+# server9*
+
+server9.csr: server9.key
+	$(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \
+					-key $< -out $@
+server9.crt: server9-sha1.crt
+	cp $< $@
+all_final += server9.crt
+all_intermediate += server9.csr server9-sha1.crt
+
+server9-%.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa)
+	$(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \
+		-passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \
+		-set_serial $(SERVER9_CRT_SERIAL) -days 3653 \
+		-sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max \
+		-sigopt rsa_mgf1_md:$(@:server9-%.crt=%) -$(@:server9-%.crt=%) \
+		-in $< -out $@
+server9-sha1.crt: SERVER9_CRT_SERIAL=22
+server9-sha224.crt: SERVER9_CRT_SERIAL=23
+server9-sha256.crt: SERVER9_CRT_SERIAL=24
+server9-sha384.crt: SERVER9_CRT_SERIAL=25
+server9-sha512.crt: SERVER9_CRT_SERIAL=26
+all_final += server9-sha224.crt server9-sha256.crt server9-sha384.crt server9-sha512.crt
+
+server9-defaults.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa)
+	$(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \
+		-passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \
+		-set_serial 72 -days 3653 \
+		-sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max -sha1 \
+		-in $< -out $@
+all_final += server9-defaults.crt
+
+server9-badsign.crt: server9.crt
+	{ head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@
+all_final += server9-badsign.crt
+
+server9-with-ca.crt: server9.crt $(test_ca_crt)
+	cat $^ > $@
+all_final += server9-with-ca.crt
+
+# FIXME: This file needs special sequence. It should be update manually
+server9-bad-saltlen.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa)
+	false
+
+server9-bad-mgfhash.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa)
+	$(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \
+		-passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \
+		-set_serial 24 -days 3653 \
+		-sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max \
+		-sigopt rsa_mgf1_md:sha224 -sha256 \
+		-in $< -out $@
+all_final += server9-bad-mgfhash.crt
+
+# server10*
+
+server10.crt: server10.key test-int-ca3.crt test-int-ca3.key
+	$(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="CN=localhost" serial=75 \
+		issuer_crt=test-int-ca3.crt issuer_key=test-int-ca3.key \
+		subject_identifier=0 authority_identifier=0 \
+		not_before=20190210144406 not_after=20290210144406 \
+		md=SHA256 version=3 output_file=$@
+all_final += server10.crt
+server10-badsign.crt: server10.crt
+	{ head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@
+all_final += server10-badsign.crt
+server10-bs_int3.pem: server10-badsign.crt test-int-ca3.crt
+	cat server10-badsign.crt test-int-ca3.crt > $@
+all_final += server10-bs_int3.pem
+server10_int3-bs.pem: server10.crt test-int-ca3-badsign.crt
+	cat server10.crt test-int-ca3-badsign.crt > $@
+all_final += server10_int3-bs.pem
+server10_int3_int-ca2.crt: server10.crt test-int-ca3.crt $(test_ca_int_ec)
+	cat $^ > $@
+all_final += server10_int3_int-ca2.crt
+server10_int3_int-ca2_ca.crt: server10.crt test-int-ca3.crt $(test_ca_int_ec) $(test_ca_crt)
+	cat $^ > $@
+all_final += server10_int3_int-ca2_ca.crt
+server10_int3_spurious_int-ca2.crt: server10.crt test-int-ca3.crt $(test_ca_int_rsa1) $(test_ca_int_ec)
+	cat $^ > $@
+all_final += server10_int3_spurious_int-ca2.crt
+
+rsa_pkcs1_2048_public.pem: server8.key
+	$(OPENSSL)  rsa -in $< -outform PEM -RSAPublicKey_out -out $@
+all_final += rsa_pkcs1_2048_public.pem
+
+rsa_pkcs1_2048_public.der: rsa_pkcs1_2048_public.pem
+	$(OPENSSL) rsa -RSAPublicKey_in -in $< -outform DER -RSAPublicKey_out -out $@
+all_final += rsa_pkcs1_2048_public.der
+
+rsa_pkcs8_2048_public.pem: server8.key
+	$(OPENSSL)  rsa -in $< -outform PEM -pubout -out $@
+all_final += rsa_pkcs8_2048_public.pem
+
+rsa_pkcs8_2048_public.der: rsa_pkcs8_2048_public.pem
+	$(OPENSSL) rsa -pubin -in $< -outform DER -pubout -out $@
+all_final += rsa_pkcs8_2048_public.der
+
+# Generate crl_cat_*.pem
+# - crt_cat_*.pem: (1+2) concatenations in various orders:
+#     ec = crl-ec-sha256.pem, ecfut = crl-future.pem
+#     rsa = crl.pem, rsabadpem = same with pem error, rsaexp = crl_expired.pem
+
+crl_cat_ec-rsa.pem:crl-ec-sha256.pem crl.pem
+	cat $^ > $@
+
+crl_cat_rsa-ec.pem:crl.pem crl-ec-sha256.pem
+	cat $^ > $@
+
+all_final += crl_cat_ec-rsa.pem crl_cat_rsa-ec.pem
+
+################################################################
+#### Generate various RSA keys
+################################################################
+
+### Password used for PKCS1-encoded encrypted RSA keys
+keys_rsa_basic_pwd = testkey
+
+### Password used for PKCS8-encoded encrypted RSA keys
+keys_rsa_pkcs8_pwd = PolarSSLTest
+
+### Basic 1024-, 2048- and 4096-bit unencrypted RSA keys from which
+### all other encrypted RSA keys are derived.
+rsa_pkcs1_1024_clear.pem:
+	$(OPENSSL) genrsa -out $@ 1024
+all_final += rsa_pkcs1_1024_clear.pem
+rsa_pkcs1_2048_clear.pem:
+	$(OPENSSL) genrsa -out $@ 2048
+all_final += rsa_pkcs1_2048_clear.pem
+rsa_pkcs1_4096_clear.pem:
+	$(OPENSSL) genrsa -out $@ 4096
+all_final += rsa_pkcs1_4096_clear.pem
+
+###
+### PKCS1-encoded, encrypted RSA keys
+###
+
+### 1024-bit
+rsa_pkcs1_1024_des.pem: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
+all_final += rsa_pkcs1_1024_des.pem
+rsa_pkcs1_1024_3des.pem: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
+all_final += rsa_pkcs1_1024_3des.pem
+rsa_pkcs1_1024_aes128.pem: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
+all_final += rsa_pkcs1_1024_aes128.pem
+rsa_pkcs1_1024_aes192.pem: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
+all_final += rsa_pkcs1_1024_aes192.pem
+rsa_pkcs1_1024_aes256.pem: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
+all_final += rsa_pkcs1_1024_aes256.pem
+keys_rsa_enc_basic_1024: rsa_pkcs1_1024_des.pem rsa_pkcs1_1024_3des.pem rsa_pkcs1_1024_aes128.pem rsa_pkcs1_1024_aes192.pem rsa_pkcs1_1024_aes256.pem
+
+# 2048-bit
+rsa_pkcs1_2048_des.pem: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
+all_final += rsa_pkcs1_2048_des.pem
+rsa_pkcs1_2048_3des.pem: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
+all_final += rsa_pkcs1_2048_3des.pem
+rsa_pkcs1_2048_aes128.pem: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
+all_final += rsa_pkcs1_2048_aes128.pem
+rsa_pkcs1_2048_aes192.pem: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
+all_final += rsa_pkcs1_2048_aes192.pem
+rsa_pkcs1_2048_aes256.pem: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
+all_final += rsa_pkcs1_2048_aes256.pem
+keys_rsa_enc_basic_2048: rsa_pkcs1_2048_des.pem rsa_pkcs1_2048_3des.pem rsa_pkcs1_2048_aes128.pem rsa_pkcs1_2048_aes192.pem rsa_pkcs1_2048_aes256.pem
+
+# 4096-bit
+rsa_pkcs1_4096_des.pem: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
+all_final += rsa_pkcs1_4096_des.pem
+rsa_pkcs1_4096_3des.pem: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
+all_final += rsa_pkcs1_4096_3des.pem
+rsa_pkcs1_4096_aes128.pem: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
+all_final += rsa_pkcs1_4096_aes128.pem
+rsa_pkcs1_4096_aes192.pem: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
+all_final += rsa_pkcs1_4096_aes192.pem
+rsa_pkcs1_4096_aes256.pem: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
+all_final += rsa_pkcs1_4096_aes256.pem
+keys_rsa_enc_basic_4096: rsa_pkcs1_4096_des.pem rsa_pkcs1_4096_3des.pem rsa_pkcs1_4096_aes128.pem rsa_pkcs1_4096_aes192.pem rsa_pkcs1_4096_aes256.pem
+
+###
+### PKCS8-v1 encoded, encrypted RSA keys
+###
+
+### 1024-bit
+rsa_pkcs8_pbe_sha1_1024_3des.der: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
+all_final += rsa_pkcs8_pbe_sha1_1024_3des.der
+rsa_pkcs8_pbe_sha1_1024_3des.pem: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
+all_final += rsa_pkcs8_pbe_sha1_1024_3des.pem
+keys_rsa_enc_pkcs8_v1_1024_3des: rsa_pkcs8_pbe_sha1_1024_3des.pem rsa_pkcs8_pbe_sha1_1024_3des.der
+
+rsa_pkcs8_pbe_sha1_1024_2des.der: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
+all_final += rsa_pkcs8_pbe_sha1_1024_2des.der
+rsa_pkcs8_pbe_sha1_1024_2des.pem: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
+all_final += rsa_pkcs8_pbe_sha1_1024_2des.pem
+keys_rsa_enc_pkcs8_v1_1024_2des: rsa_pkcs8_pbe_sha1_1024_2des.pem rsa_pkcs8_pbe_sha1_1024_2des.der
+
+rsa_pkcs8_pbe_sha1_1024_rc4_128.der: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
+all_final += rsa_pkcs8_pbe_sha1_1024_rc4_128.der
+rsa_pkcs8_pbe_sha1_1024_rc4_128.pem: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
+all_final += rsa_pkcs8_pbe_sha1_1024_rc4_128.pem
+keys_rsa_enc_pkcs8_v1_1024_rc4_128: rsa_pkcs8_pbe_sha1_1024_rc4_128.pem rsa_pkcs8_pbe_sha1_1024_rc4_128.der
+
+keys_rsa_enc_pkcs8_v1_1024: keys_rsa_enc_pkcs8_v1_1024_3des keys_rsa_enc_pkcs8_v1_1024_2des keys_rsa_enc_pkcs8_v1_1024_rc4_128
+
+### 2048-bit
+rsa_pkcs8_pbe_sha1_2048_3des.der: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
+all_final += rsa_pkcs8_pbe_sha1_2048_3des.der
+rsa_pkcs8_pbe_sha1_2048_3des.pem: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
+all_final += rsa_pkcs8_pbe_sha1_2048_3des.pem
+keys_rsa_enc_pkcs8_v1_2048_3des: rsa_pkcs8_pbe_sha1_2048_3des.pem rsa_pkcs8_pbe_sha1_2048_3des.der
+
+rsa_pkcs8_pbe_sha1_2048_2des.der: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
+all_final += rsa_pkcs8_pbe_sha1_2048_2des.der
+rsa_pkcs8_pbe_sha1_2048_2des.pem: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
+all_final += rsa_pkcs8_pbe_sha1_2048_2des.pem
+keys_rsa_enc_pkcs8_v1_2048_2des: rsa_pkcs8_pbe_sha1_2048_2des.pem rsa_pkcs8_pbe_sha1_2048_2des.der
+
+rsa_pkcs8_pbe_sha1_2048_rc4_128.der: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
+all_final += rsa_pkcs8_pbe_sha1_2048_rc4_128.der
+rsa_pkcs8_pbe_sha1_2048_rc4_128.pem: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
+all_final += rsa_pkcs8_pbe_sha1_2048_rc4_128.pem
+keys_rsa_enc_pkcs8_v1_2048_rc4_128: rsa_pkcs8_pbe_sha1_2048_rc4_128.pem rsa_pkcs8_pbe_sha1_2048_rc4_128.der
+
+keys_rsa_enc_pkcs8_v1_2048: keys_rsa_enc_pkcs8_v1_2048_3des keys_rsa_enc_pkcs8_v1_2048_2des keys_rsa_enc_pkcs8_v1_2048_rc4_128
+
+### 4096-bit
+rsa_pkcs8_pbe_sha1_4096_3des.der: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
+all_final += rsa_pkcs8_pbe_sha1_4096_3des.der
+rsa_pkcs8_pbe_sha1_4096_3des.pem: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
+all_final += rsa_pkcs8_pbe_sha1_4096_3des.pem
+keys_rsa_enc_pkcs8_v1_4096_3des: rsa_pkcs8_pbe_sha1_4096_3des.pem rsa_pkcs8_pbe_sha1_4096_3des.der
+
+rsa_pkcs8_pbe_sha1_4096_2des.der: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
+all_final += rsa_pkcs8_pbe_sha1_4096_2des.der
+rsa_pkcs8_pbe_sha1_4096_2des.pem: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
+all_final += rsa_pkcs8_pbe_sha1_4096_2des.pem
+keys_rsa_enc_pkcs8_v1_4096_2des: rsa_pkcs8_pbe_sha1_4096_2des.pem rsa_pkcs8_pbe_sha1_4096_2des.der
+
+rsa_pkcs8_pbe_sha1_4096_rc4_128.der: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
+all_final += rsa_pkcs8_pbe_sha1_4096_rc4_128.der
+rsa_pkcs8_pbe_sha1_4096_rc4_128.pem: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
+all_final += rsa_pkcs8_pbe_sha1_4096_rc4_128.pem
+keys_rsa_enc_pkcs8_v1_4096_rc4_128: rsa_pkcs8_pbe_sha1_4096_rc4_128.pem rsa_pkcs8_pbe_sha1_4096_rc4_128.der
+
+keys_rsa_enc_pkcs8_v1_4096: keys_rsa_enc_pkcs8_v1_4096_3des keys_rsa_enc_pkcs8_v1_4096_2des keys_rsa_enc_pkcs8_v1_4096_rc4_128
+
+###
+### PKCS8-v2 encoded, encrypted RSA keys, no PRF specified (default for OpenSSL1.0: hmacWithSHA1)
+###
+
+### 1024-bit
+rsa_pkcs8_pbes2_pbkdf2_1024_3des.der: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des.der
+rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem
+keys_rsa_enc_pkcs8_v2_1024_3des: rsa_pkcs8_pbes2_pbkdf2_1024_3des.der rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem
+
+rsa_pkcs8_pbes2_pbkdf2_1024_des.der: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des.der
+rsa_pkcs8_pbes2_pbkdf2_1024_des.pem: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des.pem
+keys_rsa_enc_pkcs8_v2_1024_des: rsa_pkcs8_pbes2_pbkdf2_1024_des.der rsa_pkcs8_pbes2_pbkdf2_1024_des.pem
+
+keys_rsa_enc_pkcs8_v2_1024: keys_rsa_enc_pkcs8_v2_1024_3des keys_rsa_enc_pkcs8_v2_1024_des
+
+### 2048-bit
+rsa_pkcs8_pbes2_pbkdf2_2048_3des.der: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des.der
+rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem
+keys_rsa_enc_pkcs8_v2_2048_3des: rsa_pkcs8_pbes2_pbkdf2_2048_3des.der rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem
+
+rsa_pkcs8_pbes2_pbkdf2_2048_des.der: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des.der
+rsa_pkcs8_pbes2_pbkdf2_2048_des.pem: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des.pem
+keys_rsa_enc_pkcs8_v2_2048_des: rsa_pkcs8_pbes2_pbkdf2_2048_des.der rsa_pkcs8_pbes2_pbkdf2_2048_des.pem
+
+keys_rsa_enc_pkcs8_v2_2048: keys_rsa_enc_pkcs8_v2_2048_3des keys_rsa_enc_pkcs8_v2_2048_des
+
+### 4096-bit
+rsa_pkcs8_pbes2_pbkdf2_4096_3des.der: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des.der
+rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem
+keys_rsa_enc_pkcs8_v2_4096_3des: rsa_pkcs8_pbes2_pbkdf2_4096_3des.der rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem
+
+rsa_pkcs8_pbes2_pbkdf2_4096_des.der: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des.der
+rsa_pkcs8_pbes2_pbkdf2_4096_des.pem: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des.pem
+keys_rsa_enc_pkcs8_v2_4096_des: rsa_pkcs8_pbes2_pbkdf2_4096_des.der rsa_pkcs8_pbes2_pbkdf2_4096_des.pem
+
+keys_rsa_enc_pkcs8_v2_4096: keys_rsa_enc_pkcs8_v2_4096_3des keys_rsa_enc_pkcs8_v2_4096_des
+
+###
+### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA224
+###
+
+### 1024-bit
+rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der
+rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem
+keys_rsa_enc_pkcs8_v2_1024_3des_sha224: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem
+
+rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der
+rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem
+keys_rsa_enc_pkcs8_v2_1024_des_sha224: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem
+
+keys_rsa_enc_pkcs8_v2_1024_sha224: keys_rsa_enc_pkcs8_v2_1024_3des_sha224 keys_rsa_enc_pkcs8_v2_1024_des_sha224
+
+### 2048-bit
+rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der
+rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem
+keys_rsa_enc_pkcs8_v2_2048_3des_sha224: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem
+
+rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der
+rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem
+keys_rsa_enc_pkcs8_v2_2048_des_sha224: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem
+
+keys_rsa_enc_pkcs8_v2_2048_sha224: keys_rsa_enc_pkcs8_v2_2048_3des_sha224 keys_rsa_enc_pkcs8_v2_2048_des_sha224
+
+### 4096-bit
+rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der
+rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem
+keys_rsa_enc_pkcs8_v2_4096_3des_sha224: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem
+
+rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der
+rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem
+keys_rsa_enc_pkcs8_v2_4096_des_sha224: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem
+
+keys_rsa_enc_pkcs8_v2_4096_sha224: keys_rsa_enc_pkcs8_v2_4096_3des_sha224 keys_rsa_enc_pkcs8_v2_4096_des_sha224
+
+###
+### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA256
+###
+
+### 1024-bit
+rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der
+rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem
+keys_rsa_enc_pkcs8_v2_1024_3des_sha256: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem
+
+rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der
+rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem
+keys_rsa_enc_pkcs8_v2_1024_des_sha256: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem
+
+keys_rsa_enc_pkcs8_v2_1024_sha256: keys_rsa_enc_pkcs8_v2_1024_3des_sha256 keys_rsa_enc_pkcs8_v2_1024_des_sha256
+
+### 2048-bit
+rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der
+rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem
+keys_rsa_enc_pkcs8_v2_2048_3des_sha256: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem
+
+rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der
+rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem
+keys_rsa_enc_pkcs8_v2_2048_des_sha256: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem
+
+keys_rsa_enc_pkcs8_v2_2048_sha256: keys_rsa_enc_pkcs8_v2_2048_3des_sha256 keys_rsa_enc_pkcs8_v2_2048_des_sha256
+
+### 4096-bit
+rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der
+rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem
+keys_rsa_enc_pkcs8_v2_4096_3des_sha256: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem
+
+rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der
+rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem
+keys_rsa_enc_pkcs8_v2_4096_des_sha256: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem
+
+keys_rsa_enc_pkcs8_v2_4096_sha256: keys_rsa_enc_pkcs8_v2_4096_3des_sha256 keys_rsa_enc_pkcs8_v2_4096_des_sha256
+
+###
+### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA384
+###
+
+### 1024-bit
+rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der
+rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem
+keys_rsa_enc_pkcs8_v2_1024_3des_sha384: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem
+
+rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der
+rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem
+keys_rsa_enc_pkcs8_v2_1024_des_sha384: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem
+
+keys_rsa_enc_pkcs8_v2_1024_sha384: keys_rsa_enc_pkcs8_v2_1024_3des_sha384 keys_rsa_enc_pkcs8_v2_1024_des_sha384
+
+### 2048-bit
+rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der
+rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem
+keys_rsa_enc_pkcs8_v2_2048_3des_sha384: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem
+
+rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der
+rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem
+keys_rsa_enc_pkcs8_v2_2048_des_sha384: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem
+
+keys_rsa_enc_pkcs8_v2_2048_sha384: keys_rsa_enc_pkcs8_v2_2048_3des_sha384 keys_rsa_enc_pkcs8_v2_2048_des_sha384
+
+### 4096-bit
+rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der
+rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem
+keys_rsa_enc_pkcs8_v2_4096_3des_sha384: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem
+
+rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der
+rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem
+keys_rsa_enc_pkcs8_v2_4096_des_sha384: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem
+
+keys_rsa_enc_pkcs8_v2_4096_sha384: keys_rsa_enc_pkcs8_v2_4096_3des_sha384 keys_rsa_enc_pkcs8_v2_4096_des_sha384
+
+###
+### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA512
+###
+
+### 1024-bit
+rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der
+rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem
+keys_rsa_enc_pkcs8_v2_1024_3des_sha512: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem
+
+rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der
+rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem: rsa_pkcs1_1024_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem
+keys_rsa_enc_pkcs8_v2_1024_des_sha512: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem
+
+keys_rsa_enc_pkcs8_v2_1024_sha512: keys_rsa_enc_pkcs8_v2_1024_3des_sha512 keys_rsa_enc_pkcs8_v2_1024_des_sha512
+
+### 2048-bit
+rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der
+rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem
+keys_rsa_enc_pkcs8_v2_2048_3des_sha512: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem
+
+rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der
+rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem: rsa_pkcs1_2048_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem
+keys_rsa_enc_pkcs8_v2_2048_des_sha512: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem
+
+keys_rsa_enc_pkcs8_v2_2048_sha512: keys_rsa_enc_pkcs8_v2_2048_3des_sha512 keys_rsa_enc_pkcs8_v2_2048_des_sha512
+
+### 4096-bit
+rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der
+rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem
+keys_rsa_enc_pkcs8_v2_4096_3des_sha512: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem
+
+rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der
+rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem: rsa_pkcs1_4096_clear.pem
+	$(OPENSSL) pkcs8  -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
+all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem
+keys_rsa_enc_pkcs8_v2_4096_des_sha512: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem
+
+keys_rsa_enc_pkcs8_v2_4096_sha512: keys_rsa_enc_pkcs8_v2_4096_3des_sha512 keys_rsa_enc_pkcs8_v2_4096_des_sha512
+
+###
+### Rules to generate all RSA keys from a particular class
+###
+
+### Generate basic unencrypted RSA keys
+keys_rsa_unenc: rsa_pkcs1_1024_clear.pem rsa_pkcs1_2048_clear.pem rsa_pkcs1_4096_clear.pem
+
+### Generate PKCS1-encoded encrypted RSA keys
+keys_rsa_enc_basic: keys_rsa_enc_basic_1024 keys_rsa_enc_basic_2048 keys_rsa_enc_basic_4096
+
+### Generate PKCS8-v1 encrypted RSA keys
+keys_rsa_enc_pkcs8_v1: keys_rsa_enc_pkcs8_v1_1024 keys_rsa_enc_pkcs8_v1_2048 keys_rsa_enc_pkcs8_v1_4096
+
+### Generate PKCS8-v2 encrypted RSA keys
+keys_rsa_enc_pkcs8_v2: keys_rsa_enc_pkcs8_v2_1024 keys_rsa_enc_pkcs8_v2_2048 keys_rsa_enc_pkcs8_v2_4096 keys_rsa_enc_pkcs8_v2_1024_sha224 keys_rsa_enc_pkcs8_v2_2048_sha224 keys_rsa_enc_pkcs8_v2_4096_sha224 keys_rsa_enc_pkcs8_v2_1024_sha256 keys_rsa_enc_pkcs8_v2_2048_sha256 keys_rsa_enc_pkcs8_v2_4096_sha256 keys_rsa_enc_pkcs8_v2_1024_sha384 keys_rsa_enc_pkcs8_v2_2048_sha384 keys_rsa_enc_pkcs8_v2_4096_sha384 keys_rsa_enc_pkcs8_v2_1024_sha512 keys_rsa_enc_pkcs8_v2_2048_sha512 keys_rsa_enc_pkcs8_v2_4096_sha512
+
+### Generate all RSA keys
+keys_rsa_all: keys_rsa_unenc keys_rsa_enc_basic keys_rsa_enc_pkcs8_v1 keys_rsa_enc_pkcs8_v2
+
+################################################################
+#### Generate various EC keys
+################################################################
+
+###
+### PKCS8 encoded
+###
+
+ec_prv.pk8.der:
+	$(OPENSSL) genpkey -algorithm EC -pkeyopt ec_paramgen_curve:prime192v1 -pkeyopt ec_param_enc:named_curve -out $@ -outform DER
+all_final += ec_prv.pk8.der
+
+# ### Instructions for creating `ec_prv.pk8nopub.der`,
+# ### `ec_prv.pk8nopubparam.der`, and `ec_prv.pk8param.der` by hand from
+# ### `ec_prv.pk8.der`.
+#
+# These instructions assume you are familiar with ASN.1 DER encoding and can
+# use a hex editor to manipulate DER.
+#
+# The relevant ASN.1 definitions for a PKCS#8 encoded Elliptic Curve key are:
+#
+# PrivateKeyInfo ::= SEQUENCE {
+#   version                   Version,
+#   privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
+#   privateKey                PrivateKey,
+#   attributes           [0]  IMPLICIT Attributes OPTIONAL
+# }
+#
+# AlgorithmIdentifier  ::=  SEQUENCE  {
+#   algorithm   OBJECT IDENTIFIER,
+#   parameters  ANY DEFINED BY algorithm OPTIONAL
+# }
+#
+# ECParameters ::= CHOICE {
+#   namedCurve         OBJECT IDENTIFIER
+#   -- implicitCurve   NULL
+#   -- specifiedCurve  SpecifiedECDomain
+# }
+#
+# ECPrivateKey ::= SEQUENCE {
+#   version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
+#   privateKey     OCTET STRING,
+#   parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
+#   publicKey  [1] BIT STRING OPTIONAL
+# }
+#
+# `ec_prv.pk8.der` as generatde above by OpenSSL should have the following
+# fields:
+#
+# * privateKeyAlgorithm       namedCurve
+# * privateKey.parameters     NOT PRESENT
+# * privateKey.publicKey      PRESENT
+# * attributes                NOT PRESENT
+#
+# # ec_prv.pk8nopub.der
+#
+# Take `ec_prv.pk8.der` and remove `privateKey.publicKey`.
+#
+# # ec_prv.pk8nopubparam.der
+#
+# Take `ec_prv.pk8nopub.der` and add `privateKey.parameters`, the same value as
+# `privateKeyAlgorithm.namedCurve`. Don't forget to add the explicit tag.
+#
+# # ec_prv.pk8param.der
+#
+# Take `ec_prv.pk8.der` and add `privateKey.parameters`, the same value as
+# `privateKeyAlgorithm.namedCurve`. Don't forget to add the explicit tag.
+
+ec_prv.pk8.pem: ec_prv.pk8.der
+	$(OPENSSL) pkey -in $< -inform DER -out $@
+all_final += ec_prv.pk8.pem
+ec_prv.pk8nopub.pem: ec_prv.pk8nopub.der
+	$(OPENSSL) pkey -in $< -inform DER -out $@
+all_final += ec_prv.pk8nopub.pem
+ec_prv.pk8nopubparam.pem: ec_prv.pk8nopubparam.der
+	$(OPENSSL) pkey -in $< -inform DER -out $@
+all_final += ec_prv.pk8nopubparam.pem
+ec_prv.pk8param.pem: ec_prv.pk8param.der
+	$(OPENSSL) pkey -in $< -inform DER -out $@
+all_final += ec_prv.pk8param.pem
+
+ec_pub.pem: ec_prv.sec1.der
+	$(OPENSSL) pkey -in $< -inform DER -outform PEM -pubout -out $@
+all_final += ec_pub.pem
+
+################################################################
+#### Convert PEM keys to DER format
+################################################################
+server1.pubkey.der: server1.pubkey
+	$(OPENSSL) pkey -pubin -in $< -out $@ -outform DER
+all_final += server1.pubkey.der
+
+rsa4096_pub.der: rsa4096_pub.pem
+	$(OPENSSL) pkey -pubin -in $< -out $@ -outform DER
+all_final += rsa4096_pub.der
+
+ec_pub.der: ec_pub.pem
+	$(OPENSSL) pkey -pubin -in $< -out $@ -outform DER
+all_final += ec_pub.der
+
+ec_521_pub.der: ec_521_pub.pem
+	$(OPENSSL) pkey -pubin -in $< -out $@ -outform DER
+all_final += ec_521_pub.der
+
+ec_bp512_pub.der: ec_bp512_pub.pem
+	$(OPENSSL) pkey -pubin -in $< -out $@ -outform DER
+all_final += ec_bp512_pub.der
+
+server1.key.der: server1.key
+	$(OPENSSL) pkey -in $< -out $@ -outform DER
+all_final += server1.key.der
+
+rsa4096_prv.der: rsa4096_prv.pem
+	$(OPENSSL) pkey -in $< -out $@ -outform DER
+all_final += rsa4096_prv.der
+
+ec_prv.sec1.der: ec_prv.sec1.pem
+	$(OPENSSL) pkey -in $< -out $@ -outform DER
+all_final += ec_prv.sec1.der
+
+ec_256_long_prv.der: ec_256_long_prv.pem
+	$(OPENSSL) pkey -in $< -out $@ -outform DER
+all_final += ec_256_long_prv.der
+
+ec_521_prv.der: ec_521_prv.pem
+	$(OPENSSL) pkey -in $< -out $@ -outform DER
+all_final += ec_521_prv.der
+
+ec_521_short_prv.der: ec_521_short_prv.pem
+	$(OPENSSL) pkey -in $< -out $@ -outform DER
+all_final += ec_521_short_prv.der
+
+ec_bp512_prv.der: ec_bp512_prv.pem
+	$(OPENSSL) pkey -in $< -out $@ -outform DER
+all_final += ec_bp512_prv.der
+
+################################################################
+### Generate CSRs for X.509 write test suite
+################################################################
+
+server1.req.sha1: server1.key
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
+all_final += server1.req.sha1
+
+server1.req.md4: server1.key
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=MD4
+all_final += server1.req.md4
+
+server1.req.md5: server1.key
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=MD5
+all_final += server1.req.md5
+
+server1.req.sha224: server1.key
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA224
+all_final += server1.req.sha224
+
+server1.req.sha256: server1.key
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA256
+all_final += server1.req.sha256
+
+server1.req.sha256.ext: server1.key
+	# Generating this with OpenSSL as a comparison point to test we're getting the same result
+	openssl req -new -out $@ -key $< -subj '/C=NL/O=PolarSSL/CN=PolarSSL Server 1' -sha256 -addext "extendedKeyUsage=serverAuth"
+all_final += server1.req.sha256.ext
+
+server1.req.sha384: server1.key
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA384
+all_final += server1.req.sha384
+
+server1.req.sha512: server1.key
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA512
+all_final += server1.req.sha512
+
+server1.req.cert_type: server1.key
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< ns_cert_type=ssl_server subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
+all_final += server1.req.cert_type
+
+server1.req.key_usage: server1.key
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation,key_encipherment subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
+all_final += server1.req.key_usage
+
+server1.req.ku-ct: server1.key
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation,key_encipherment ns_cert_type=ssl_server subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
+all_final += server1.req.ku-ct
+
+server1.req.key_usage_empty: server1.key
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 force_key_usage=1
+all_final += server1.req.key_usage_empty
+
+server1.req.cert_type_empty: server1.key
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 force_ns_cert_type=1
+all_final += server1.req.cert_type_empty
+
+server1.req.commas.sha256: server1.key
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL\, Commas,CN=PolarSSL Server 1" md=SHA256
+all_final += server1.req.commas.sha256
+
+# server2*
+
+server2_pwd_ec = PolarSSLTest
+
+server2.req.sha256: server2.key
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=localhost" md=SHA256
+all_intermediate += server2.req.sha256
+
+server2.crt.der: server2.crt
+	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
+all_final += server2.crt.der
+
+server2-sha256.crt.der: server2-sha256.crt
+	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
+all_final += server2-sha256.crt.der
+
+server2.key.der: server2.key
+	$(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER
+all_final += server2.key.der
+
+server2.key.enc: server2.key
+	$(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(server2_pwd_ec)"
+all_final += server2.key.enc
+
+# server5*
+
+server5.csr: server5.key
+	$(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \
+					-key $< -out $@
+all_intermediate += server5.csr
+server5.crt: server5-sha256.crt
+	cp $< $@
+all_intermediate += server5-sha256.crt
+server5-sha%.crt: server5.csr $(test_ca_crt_file_ec) $(test_ca_key_file_ec) server5.crt.openssl.v3_ext
+	$(OPENSSL) x509 -req -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \
+				-extfile server5.crt.openssl.v3_ext -set_serial 9 -days 3650 \
+				-sha$(@:server5-sha%.crt=%) -in $< -out $@
+all_final += server5.crt server5-sha1.crt server5-sha224.crt server5-sha384.crt server5-sha512.crt
+
+server5-badsign.crt: server5.crt
+	{ head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@
+all_final += server5-badsign.crt
+
+# The use of 'Server 1' in the DN is intentional here, as the DN is hardcoded in the x509_write test suite.'
+server5.req.ku.sha1: server5.key
+	$(OPENSSL) req -key $< -out $@ -new -nodes -subj "/C=NL/O=PolarSSL/CN=PolarSSL Server 1" -sha1 -addext keyUsage=digitalSignature,nonRepudiation
+all_final += server5.req.ku.sha1
+
+server5.ku-ds.crt: SERVER5_CRT_SERIAL=45
+server5.ku-ds.crt: SERVER5_KEY_USAGE=digital_signature
+server5.ku-ka.crt: SERVER5_CRT_SERIAL=46
+server5.ku-ka.crt: SERVER5_KEY_USAGE=key_agreement
+server5.ku-ke.crt: SERVER5_CRT_SERIAL=47
+server5.ku-ke.crt: SERVER5_KEY_USAGE=key_encipherment
+server5.eku-cs.crt: SERVER5_CRT_SERIAL=58
+server5.eku-cs.crt: SERVER5_EXT_KEY_USAGE=codeSigning
+server5.eku-cs_any.crt: SERVER5_CRT_SERIAL=59
+server5.eku-cs_any.crt: SERVER5_EXT_KEY_USAGE=codeSigning,any
+server5.eku-cli.crt: SERVER5_CRT_SERIAL=60
+server5.eku-cli.crt: SERVER5_EXT_KEY_USAGE=clientAuth
+server5.eku-srv_cli.crt: SERVER5_CRT_SERIAL=61
+server5.eku-srv_cli.crt: SERVER5_EXT_KEY_USAGE=serverAuth,clientAuth
+server5.eku-srv.crt: SERVER5_CRT_SERIAL=62
+server5.eku-srv.crt: SERVER5_EXT_KEY_USAGE=serverAuth
+server5.ku-%.crt: SERVER5_EXT_OPTS=key_usage=$(SERVER5_KEY_USAGE)
+# The commands for server5.eku-*.crt is invalid because `ext_key_usage` was not supported by
+# `cert_write` in 2.28. This would be fixed by #8083.
+server5.eku-%.crt: SERVER5_EXT_OPTS=ext_key_usage=$(SERVER5_EXT_KEY_USAGE)
+server5.%.crt: server5.key
+	$(MBEDTLS_CERT_WRITE) \
+		subject_key=$< subject_name="C=NL,O=PolarSSL,CN=localhost" serial=$(SERVER5_CRT_SERIAL) \
+		issuer_crt=$(test_ca_crt_file_ec) issuer_key=$(test_ca_key_file_ec) $(SERVER5_EXT_OPTS) \
+		not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@
+all_final += server5.ku-ka.crt server5.ku-ke.crt server5.ku-ds.crt
+all_final += server5.eku-cs.crt server5.eku-cs_any.crt server5.eku-cli.crt server5.eku-srv_cli.crt server5.eku-srv.crt
+
+# server6*
+
+server6.csr: server6.key
+	$(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \
+					-key $< -out $@
+all_intermediate += server6.csr
+server6.crt: server6.csr $(test_ca_crt_file_ec) $(test_ca_key_file_ec)
+	$(OPENSSL) x509 -req -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \
+				-extfile server5.crt.openssl.v3_ext -set_serial 10 -days 3650 -sha256 -in $< -out $@
+all_final += server6.crt
+
+server6-ss-child.csr : server6.key
+	$(OPENSSL) req -new -subj "/CN=selfsigned-child/OU=testing/O=PolarSSL/C=NL" \
+		-key $< -out $@
+all_intermediate += server6-ss-child.csr
+server6-ss-child.crt: server6-ss-child.csr server5-selfsigned.crt server5.key server6-ss-child.crt.openssl.v3_ext
+	$(OPENSSL) x509 -req -CA server5-selfsigned.crt -CAkey server5.key \
+				-extfile server6-ss-child.crt.openssl.v3_ext \
+				-set_serial 0x53a2cb5822399474a7ec79ec \
+				-days 3650 -sha256 -in $< -out $@
+all_final += server6-ss-child.crt
+
+
+################################################################
+### Generate certificates for CRT write check tests
+################################################################
+
+### The test files use the Mbed TLS generated certificates server1*.crt,
+### but for comparison with OpenSSL also rules for OpenSSL-generated
+### certificates server1*.crt.openssl are offered.
+###
+### Known differences:
+### * OpenSSL encodes trailing zero-bits in bit-strings occurring in X.509 extension
+###   as unused bits, while Mbed TLS doesn't.
+
+test_ca_server1_db = test-ca.server1.db
+test_ca_server1_serial = test-ca.server1.serial
+test_ca_server1_config_file = test-ca.server1.opensslconf
+
+# server1*
+
+server1.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
+	$(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 \
+		issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) \
+		issuer_pwd=$(test_ca_pwd_rsa) version=1 \
+		not_before=20190210144406 not_after=20290210144406 \
+		md=SHA1 version=3 output_file=$@
+server1.noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
+	$(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 authority_identifier=0 version=3 output_file=$@
+server1.crt.der: server1.crt
+	$(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 authority_identifier=0 version=3 output_file=$@
+server1.der: server1.crt
+	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
+server1.commas.crt: server1.key server1.req.commas.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
+	$(MBEDTLS_CERT_WRITE) request_file=server1.req.commas.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
+all_final += server1.crt server1.noauthid.crt server1.crt.der server1.commas.crt
+
+server1.key_usage.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
+	$(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 key_usage=digital_signature,non_repudiation,key_encipherment version=3 output_file=$@
+server1.key_usage_noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
+	$(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 key_usage=digital_signature,non_repudiation,key_encipherment authority_identifier=0 version=3 output_file=$@
+server1.key_usage.der: server1.key_usage.crt
+	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
+all_final += server1.key_usage.crt server1.key_usage_noauthid.crt server1.key_usage.der
+
+server1.cert_type.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
+	$(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 ns_cert_type=ssl_server version=3 output_file=$@
+server1.cert_type_noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
+	$(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 ns_cert_type=ssl_server authority_identifier=0 version=3 output_file=$@
+server1.cert_type.der: server1.cert_type.crt
+	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
+all_final += server1.cert_type.crt server1.cert_type_noauthid.crt server1.cert_type.der
+
+server1.v1.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
+	$(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=1 output_file=$@
+server1.v1.der: server1.v1.crt
+	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
+all_final += server1.v1.crt server1.v1.der
+
+server1.ca.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
+	$(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 is_ca=1 version=3 output_file=$@
+server1.ca_noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
+	$(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 authority_identifier=0 is_ca=1 version=3 output_file=$@
+server1.ca.der: server1.ca.crt
+	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
+all_final += server1.ca.crt server1.ca_noauthid.crt server1.ca.der
+
+server1-nospace.crt: server1.key test-ca.crt
+	$(MBEDTLS_CERT_WRITE) subject_key=$< serial=31\
+		subject_name="C=NL,O=PolarSSL,CN=polarssl.example"  \
+		issuer_crt=test-ca.crt issuer_key=$(test_ca_key_file_rsa) \
+		issuer_pwd=$(test_ca_pwd_rsa) \
+		not_before=20190210144406 not_after=20290210144406 \
+		md=SHA256 version=3 authority_identifier=1 \
+		output_file=$@
+all_final += server1-nospace.crt
+
+server1_ca.crt: server1.crt $(test_ca_crt)
+	cat server1.crt $(test_ca_crt) > $@
+all_final += server1_ca.crt
+
+cert_sha1.crt: server1.key
+	$(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1" serial=7 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
+all_final += cert_sha1.crt
+
+cert_sha224.crt: server1.key
+	$(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224" serial=8 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA224 version=3 output_file=$@
+all_final += cert_sha224.crt
+
+cert_sha256.crt: server1.key
+	$(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256" serial=9 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@
+all_final += cert_sha256.crt
+
+cert_sha384.crt: server1.key
+	$(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384" serial=10 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA384 version=3 output_file=$@
+all_final += cert_sha384.crt
+
+cert_sha512.crt: server1.key
+	$(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512" serial=11 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA512 version=3 output_file=$@
+all_final += cert_sha512.crt
+
+cert_example_wildcard.crt: server1.key
+	$(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=*.example.com" serial=12 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
+all_final += cert_example_wildcard.crt
+
+# OpenSSL-generated certificates for comparison
+# Also provide certificates in DER format to allow
+# direct binary comparison using e.g. dumpasn1
+server1.crt.openssl server1.key_usage.crt.openssl server1.cert_type.crt.openssl: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_server1_config_file)
+	echo "01" > $(test_ca_server1_serial)
+	rm -f $(test_ca_server1_db)
+	touch $(test_ca_server1_db)
+	$(OPENSSL) ca -batch -passin "pass:$(test_ca_pwd_rsa)" -config $(test_ca_server1_config_file) -in server1.req.sha256 -extensions v3_ext -extfile $@.v3_ext -out $@
+server1.der.openssl: server1.crt.openssl
+	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
+server1.key_usage.der.openssl: server1.key_usage.crt.openssl
+	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
+server1.cert_type.der.openssl: server1.cert_type.crt.openssl
+	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
+
+server1.v1.crt.openssl: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_server1_config_file)
+	echo "01" > $(test_ca_server1_serial)
+	rm -f $(test_ca_server1_db)
+	touch $(test_ca_server1_db)
+	$(OPENSSL) ca -batch -passin "pass:$(test_ca_pwd_rsa)" -config $(test_ca_server1_config_file) -in server1.req.sha256 -out $@
+server1.v1.der.openssl: server1.v1.crt.openssl
+	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
+
+# To revoke certificate in the openssl database:
+#
+# $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_server1_config_file) -md sha256 -crldays 365 -revoke server1.crt
+
+crl.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file)
+	$(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_server1_config_file) -md sha1 -crldays 3653 -out $@
+
+crl-futureRevocationDate.pem: $(test_ca_crt) $(test_ca_key_file_rsa) \
+							  $(test_ca_config_file) 				\
+							  test-ca.server1.future-crl.db  \
+							  test-ca.server1.future-crl.opensslconf
+	$(FAKETIME) -f '+10y' $(OPENSSL) ca -gencrl \
+		-config test-ca.server1.future-crl.opensslconf -crldays 365 \
+		-passin "pass:$(test_ca_pwd_rsa)" -out $@
+
+server1_all: crl.pem crl-futureRevocationDate.pem server1.crt server1.noauthid.crt server1.crt.openssl server1.v1.crt server1.v1.crt.openssl server1.key_usage.crt server1.key_usage_noauthid.crt server1.key_usage.crt.openssl server1.cert_type.crt server1.cert_type_noauthid.crt server1.cert_type.crt.openssl server1.der server1.der.openssl server1.v1.der server1.v1.der.openssl server1.key_usage.der server1.key_usage.der.openssl server1.cert_type.der server1.cert_type.der.openssl
+
+# server2*
+
+server2.crt: server2.req.sha256
+	$(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
+all_final += server2.crt
+
+server2.der: server2.crt
+	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
+all_final += server2.crt server2.der
+
+server2-sha256.crt: server2.req.sha256
+	$(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@
+all_final += server2-sha256.crt
+
+server2.ku-ka.crt: SERVER2_CRT_SERIAL=42
+server2.ku-ka.crt: SERVER2_KEY_USAGE=key_agreement
+server2.ku-ke.crt: SERVER2_CRT_SERIAL=43
+server2.ku-ke.crt: SERVER2_KEY_USAGE=key_encipherment
+server2.ku-ds.crt: SERVER2_CRT_SERIAL=44
+server2.ku-ds.crt: SERVER2_KEY_USAGE=digital_signature
+server2.ku-ds_ke.crt: SERVER2_CRT_SERIAL=48
+server2.ku-ds_ke.crt: SERVER2_KEY_USAGE=digital_signature,key_encipherment
+server2.ku-%.crt: server2.req.sha256
+	$(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=$(SERVER2_CRT_SERIAL) \
+		issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) \
+		key_usage="$(SERVER2_KEY_USAGE)" \
+		not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
+all_final += server2.ku-ka.crt server2.ku-ke.crt server2.ku-ds.crt server2.ku-ds_ke.crt
+
+server2-badsign.crt: server2.crt
+	{ head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@
+all_final += server2-badsign.crt
+
+# server3*
+
+server3.crt: server3.key
+	$(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="C=NL,O=PolarSSL,CN=localhost" serial=13 \
+		issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) \
+		not_before=20190210144406 not_after=20290210144406 \
+		md=SHA1 version=3 output_file=$@
+all_final += server3.crt
+
+# server4*
+
+server4.crt: server4.key
+	$(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="C=NL,O=PolarSSL,CN=localhost" serial=8 \
+		issuer_crt=$(test_ca_crt_file_ec) issuer_key=$(test_ca_key_file_ec) \
+		not_before=20190210144400 not_after=20290210144400 \
+		md=SHA256 version=3 output_file=$@
+all_final += server4.crt
+
+# MD2, MD4, MD5 test certificates
+
+cert_md_test_key = $(cli_crt_key_file_rsa)
+
+cert_md2.csr: $(cert_md_test_key)
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Cert MD2" md=MD2
+all_intermediate += cert_md2.csr
+
+cert_md2.crt: cert_md2.csr
+	$(MBEDTLS_CERT_WRITE) request_file=$< serial=9 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20000101121212 not_after=20300101121212 md=MD2 version=3 output_file=$@
+all_final += cert_md2.crt
+
+cert_md4.csr: $(cert_md_test_key)
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Cert MD4" md=MD4
+all_intermediate += cert_md4.csr
+
+cert_md4.crt: cert_md4.csr
+	$(MBEDTLS_CERT_WRITE) request_file=$< serial=5 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20000101121212 not_after=20300101121212 md=MD4 version=3 output_file=$@
+all_final += cert_md4.crt
+
+cert_md5.csr: $(cert_md_test_key)
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Cert MD5" md=MD5
+all_intermediate += cert_md5.csr
+
+cert_md5.crt: cert_md5.csr
+	$(MBEDTLS_CERT_WRITE) request_file=$< serial=6 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20000101121212 not_after=20300101121212 md=MD5 version=3 output_file=$@
+all_final += cert_md5.crt
+
+# - test-ca-v1.crt: v1 "CA", signs
+#     server1-v1.crt: v1 "intermediate CA", signs
+#         server2-v1*.crt: EE cert (without of with chain in same file)
+
+test-ca-v1.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
+	$(MBEDTLS_CERT_WRITE) is_ca=1 serial=25883963888465069501131757029 \
+		request_file=test-ca.req.sha256 \
+		selfsign=1 issuer_name="CN=PolarSSL Test CA v1,OU=testing,O=PolarSSL,C=NL" \
+		issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) \
+		not_before=20190210144400 not_after=20290210144400 md=SHA256 version=1 \
+		output_file=$@
+all_final += test-ca-v1.crt
+
+server1-v1.crt: server1.key test-ca-v1.crt
+	$(MBEDTLS_CERT_WRITE) subject_key=$< serial=25883964939897181595909491649 \
+		subject_name="CN=server1/int-ca-v1,OU=testing,O=PolarSSL,C=NL"  \
+		issuer_crt=test-ca-v1.crt issuer_key=$(test_ca_key_file_rsa) \
+		issuer_pwd=$(test_ca_pwd_rsa) \
+		not_before=20190210144406 not_after=20290210144406 \
+		md=SHA256 version=1 \
+		output_file=$@
+all_final += server1-v1.crt
+
+server2-v1.crt: server2.key server1-v1.crt
+	$(MBEDTLS_CERT_WRITE) subject_key=$< serial=25883965274140956871506900844 \
+		subject_name="CN=server2,OU=testing,O=PolarSSL,C=NL"  \
+		issuer_crt=server1-v1.crt issuer_key=server1.key \
+		not_before=20190210144406 not_after=20290210144406 \
+		md=SHA256 version=1 \
+		output_file=$@
+all_final += server2-v1.crt
+
+server2-v1-chain.crt: server2-v1.crt server1-v1.crt
+	cat $^ > $@
+
+################################################################
+#### Diffie-Hellman parameters
+################################################################
+
+dh.998.pem:
+	$(OPENSSL) dhparam -out $@ -text 998
+
+dh.999.pem:
+	$(OPENSSL) dhparam -out $@ -text 999
+
+################################################################
+#### Meta targets
+################################################################
+
+all_final: $(all_final)
+all: $(all_intermediate) $(all_final)
+
+.PHONY: default all_final all
+.PHONY: keys_rsa_all
+.PHONY: keys_rsa_unenc keys_rsa_enc_basic
+.PHONY: keys_rsa_enc_pkcs8_v1 keys_rsa_enc_pkcs8_v2
+.PHONY: keys_rsa_enc_basic_1024 keys_rsa_enc_basic_2048 keys_rsa_enc_basic_4096
+.PHONY: keys_rsa_enc_pkcs8_v1_1024 keys_rsa_enc_pkcs8_v2_1024
+.PHONY: keys_rsa_enc_pkcs8_v1_2048 keys_rsa_enc_pkcs8_v2_2048
+.PHONY: keys_rsa_enc_pkcs8_v1_4096 keys_rsa_enc_pkcs8_v2_4096
+.PHONY: server1_all
+
+# These files should not be committed to the repository.
+list_intermediate:
+	@printf '%s\n' $(all_intermediate) | sort
+# These files should be committed to the repository so that the test data is
+# available upon checkout without running a randomized process depending on
+# third-party tools.
+list_final:
+	@printf '%s\n' $(all_final) | sort
+.PHONY: list_intermediate list_final
+
+## Remove intermediate files
+clean:
+	rm -f $(all_intermediate)
+## Remove all build products, even the ones that are committed
+neat: clean
+	rm -f $(all_final)
+.PHONY: clean neat
+
+.SECONDARY: $(all_intermediate)
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/Readme-x509.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/Readme-x509.txt
similarity index 93%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/Readme-x509.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/Readme-x509.txt
index d07241a..82f93d2 100644
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/Readme-x509.txt
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/Readme-x509.txt
@@ -76,6 +76,10 @@ List of certificates:
     -badsign.crt: S5 with corrupted signature
     -expired.crt: S5 with "not after" date in the past
     -future.crt: S5 with "not before" date in the future
+    -non-compliant.crt: S5, RFC non-compliant
+      (with forbidden EC algorithm identifier NULL parameter)
+      generated by (before fix):
+        cert_write subject_key=server5.key subject_name="CN=Test EC RFC non-compliant" issuer_crt=test-ca2.crt issuer_key=test-ca2.key
     -selfsigned.crt: Self-signed cert with S5 key
     -ss-expired.crt: Self-signed cert with S5 key, expired
     -ss-forgeca.crt: Copy of test-int-ca3 self-signed with S5 key
@@ -89,8 +93,8 @@ List of certificates:
     _int-ca.crt: S7 + I1
     _int-ca_ca2.crt: S7 + I1 + 2
     _all_space.crt: S7 + I1 both with misplaced spaces (invalid PEM)
-    _pem_space.crt: S7 with misplace space (invalid PEM) + I1
-    _trailing_space.crt: S7 + I1 both with trainling space (valid PEM)
+    _pem_space.crt: S7 with misplaced space (invalid PEM) + I1
+    _trailing_space.crt: S7 + I1 both with trailing space (valid PEM)
     _spurious_int-ca.crt: S7 + I2(spurious) + I1
 - server8*.crt: I2 R L: RSA signed by EC signed by RSA (P1 for _int-ca2)
 - server9*.crt: 1 R C* L P1*: signed using RSASSA-PSS
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/cli_cid.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/cli_cid.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/cli_cid.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/cli_cid.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/cli_ciphersuite.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/cli_ciphersuite.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/cli_ciphersuite.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/cli_ciphersuite.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/cli_def.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/cli_def.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/cli_def.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/cli_def.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/cli_min_cfg.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/cli_min_cfg.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/cli_min_cfg.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/cli_min_cfg.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/cli_no_alpn.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/cli_no_alpn.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/cli_no_alpn.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/cli_no_alpn.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/cli_no_keep_cert.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/cli_no_keep_cert.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/cli_no_keep_cert.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/cli_no_keep_cert.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/cli_no_mfl.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/cli_no_mfl.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/cli_no_mfl.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/cli_no_mfl.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/cli_no_packing.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/cli_no_packing.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/cli_no_packing.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/cli_no_packing.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/def_b64_ff.bin b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/def_b64_ff.bin
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/def_b64_ff.bin
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/def_b64_ff.bin
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/def_b64_too_big_1.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/def_b64_too_big_1.txt
similarity index 94%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/def_b64_too_big_1.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/def_b64_too_big_1.txt
index 0fe8a18..47be05c 100644
--- a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/def_b64_too_big_1.txt
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/def_b64_too_big_1.txt
@@ -1,2 +1,2 @@
-// Context with added '1234' at the begining to simulate too much data in the base64 code
+// Context with added '1234' at the beginning to simulate too much data in the base64 code
 1234AhUAAH8AAA4AAAQ8AAAAAF6HQx3MqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACG2QbHbUj8eGpdx5KVIebiwk0jvRj9/3m6BOSzpA7qBXeEunhqr3D11NE7ciGjeHMAAAAAAAM7MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcNMTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTNowCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKzNtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kMtQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8PhYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjyaHT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgwFoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQELBQADggEBAC465FJhPqel7zJngHIHJrqj/wVAxGAFOTF396XKATGAp+HRCqJ81Ry60CNK1jDzk8dv6M6UHoS7RIFiM/9rXQCbJfiPD5xMTejZp5n5UYHAmxsxDaazfA5FuBhkfokKK6jD4Eq91C94xGKb6X4/VkaPF7cqoBBw/bHxawXc0UEPjqayiBpCYU/rJoVZgLqFVP7Px3sva1nOrNx8rPPI1hJ+ZOg8maiPTxHZnBVLakSSLQy/sWeWyazO1RnrbxjrbgQtYKz0e3nwGpu1w13vfckFmUSBhHXH7AAS/HpKC4IH7G2GAk3+n8iSSN71sZzpxonQwVbopMZqLmbBm/7WPLcAAJTfQC2Ek91INP5ihHNzImPOAHJCk+YTO/pQuEnNWwXbdmKAi+IRp671iAwtpkjSxCBXVzKX925F1A66caCOQptlw+9zFukDQgblM2JyAJLG0j6B4RtBTDWJ8ZTMUPHUoLJoEpm8APZgRi//DMRyCKP9pbBLGlDzgUvl0w11LzBAlJHkWau5NoqQBlG7w4HFrKweovskAAFRgAAAAF6HQx248L77RH0Z973tSYNQ8zBsz861CZG5/T09TJz3XodDHe/iJ+cgXb5An3zTdnTBtw3EWAb68T+gCE33GN8AAAAAAAAAAAAAAAEAAAAAAAAAAwAAAQAAAAAAAgAAAA==
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/def_b64_too_big_2.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/def_b64_too_big_2.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/def_b64_too_big_2.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/def_b64_too_big_2.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/def_b64_too_big_3.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/def_b64_too_big_3.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/def_b64_too_big_3.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/def_b64_too_big_3.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/def_bad_b64.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/def_bad_b64.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/def_bad_b64.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/def_bad_b64.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/empty.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/empty.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/empty.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/empty.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/mfl_1024.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/mfl_1024.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/mfl_1024.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/mfl_1024.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/mtu_10000.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/mtu_10000.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/mtu_10000.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/mtu_10000.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/srv_cid.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/srv_cid.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/srv_cid.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/srv_cid.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/srv_ciphersuite.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/srv_ciphersuite.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/srv_ciphersuite.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/srv_ciphersuite.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/srv_def.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/srv_def.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/srv_def.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/srv_def.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/srv_min_cfg.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/srv_min_cfg.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/srv_min_cfg.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/srv_min_cfg.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/srv_no_alpn.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/srv_no_alpn.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/srv_no_alpn.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/srv_no_alpn.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/srv_no_keep_cert.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/srv_no_keep_cert.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/srv_no_keep_cert.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/srv_no_keep_cert.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/srv_no_mfl.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/srv_no_mfl.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/srv_no_mfl.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/srv_no_mfl.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/srv_no_packing.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/srv_no_packing.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/srv_no_packing.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/srv_no_packing.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/base64/v2.19.1.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/base64/v2.19.1.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/base64/v2.19.1.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/base64/v2.19.1.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cert_example_multi.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/cert_example_multi.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cert_example_multi.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cert_example_multi.crt
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/cert_example_multi_nocn.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/cert_example_multi_nocn.crt
new file mode 100644
index 0000000..08bf63c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/cert_example_multi_nocn.crt
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICfjCCAWagAwIBAgIJAPfGf/jpqWP5MA0GCSqGSIb3DQEBBQUAMA0xCzAJBgNV
+BAYTAk5MMB4XDTIzMDUxODAyMDUwMVoXDTMzMDUxODAyMDUwMVowDTELMAkGA1UE
+BhMCTkwwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMc4ksXD9HAQCGv4EzXs
+8wEciiUPlYI2HqoelhJVGqz4e3UzC3BXM5zZlfFNTEQ3yL7EoD/kZDzT88kCQz3D
+fFuOeaoJhK6CEzcKv4VpvSo1Ymyx/uSs4EKyQXx75J0nFJssB2uOQz0/bHY6Rpoc
+cA0lnbwIx0D82AI3Yv996/wtAgMBAAGjZTBjMAkGA1UdEwQCMAAwCwYDVR0PBAQD
+AgXgMEkGA1UdEQRCMECCHHd3dy5zaG90b2thbi1icmF1bnNjaHdlaWcuZGWCFHd3
+dy5tYXNzaW1vLWFiYXRlLmV1hwTAqAEBhwTAqEWQMA0GCSqGSIb3DQEBBQUAA4IB
+AQAuomKlMLwSkP3zvGuA9awDdITM/uCzfd77yi60zMNtFHDMu2YZ2npQSl0czab6
+/8fX9goaU8V3cx4KXSLMx7i9AsP1r559Uo3c/4oTZd3xBsElMAn/TXiuujZ2RwdL
+RcMOJerlThOE0dtNdniJj7lPaan70CELP/CUn8KgeWgztQJj4ghfUwnLn6RnpLfl
+YyM/Xq2YbwnQWHXSe3CPTy5RCWalt3SgZf6IDcD6CNq1Q2l14iR78OWnlxGTFmjP
+ez3OzxNT2BZz0AiP0WvTbUtvfuxw9G3fHHe5ClsAopIA3tD246jHOAlqAnOEBC/x
+IABbWjY/briP9U4R6x+mg2ck
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cert_example_wildcard.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/cert_example_wildcard.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cert_example_wildcard.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cert_example_wildcard.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cert_md2.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/cert_md2.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cert_md2.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cert_md2.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cert_md2.csr b/3rdparty/mbedtls-2.28.7/tests/data_files/cert_md2.csr
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cert_md2.csr
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cert_md2.csr
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cert_md4.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/cert_md4.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cert_md4.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cert_md4.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cert_md4.csr b/3rdparty/mbedtls-2.28.7/tests/data_files/cert_md4.csr
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cert_md4.csr
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cert_md4.csr
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cert_md5.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/cert_md5.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cert_md5.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cert_md5.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cert_md5.csr b/3rdparty/mbedtls-2.28.7/tests/data_files/cert_md5.csr
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cert_md5.csr
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cert_md5.csr
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cert_sha1.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/cert_sha1.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cert_sha1.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cert_sha1.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cert_sha224.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/cert_sha224.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cert_sha224.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cert_sha224.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cert_sha256.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/cert_sha256.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cert_sha256.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cert_sha256.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cert_sha384.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/cert_sha384.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cert_sha384.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cert_sha384.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cert_sha512.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/cert_sha512.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cert_sha512.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cert_sha512.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cli-rsa-sha1.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/cli-rsa-sha1.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cli-rsa-sha1.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cli-rsa-sha1.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cli-rsa-sha256.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/cli-rsa-sha256.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cli-rsa-sha256.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cli-rsa-sha256.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cli-rsa-sha256.crt.der b/3rdparty/mbedtls-2.28.7/tests/data_files/cli-rsa-sha256.crt.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cli-rsa-sha256.crt.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cli-rsa-sha256.crt.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cli-rsa-sha256.key.der b/3rdparty/mbedtls-2.28.7/tests/data_files/cli-rsa-sha256.key.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cli-rsa-sha256.key.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cli-rsa-sha256.key.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cli-rsa.key b/3rdparty/mbedtls-2.28.7/tests/data_files/cli-rsa.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cli-rsa.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cli-rsa.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cli-rsa.key.der b/3rdparty/mbedtls-2.28.7/tests/data_files/cli-rsa.key.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cli-rsa.key.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cli-rsa.key.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cli.opensslconf b/3rdparty/mbedtls-2.28.7/tests/data_files/cli.opensslconf
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cli.opensslconf
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cli.opensslconf
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cli2.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/cli2.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cli2.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cli2.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cli2.crt.der b/3rdparty/mbedtls-2.28.7/tests/data_files/cli2.crt.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cli2.crt.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cli2.crt.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cli2.key b/3rdparty/mbedtls-2.28.7/tests/data_files/cli2.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cli2.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cli2.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cli2.key.der b/3rdparty/mbedtls-2.28.7/tests/data_files/cli2.key.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cli2.key.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/cli2.key.der
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/crl-ec-sha1.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/crl-ec-sha1.pem
new file mode 100644
index 0000000..f82d946
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/crl-ec-sha1.pem
@@ -0,0 +1,10 @@
+-----BEGIN X509 CRL-----
+MIIBbjCB9gIBATAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQ
+b2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQRcNMjMwNTE3MDcx
+NDM5WhcNMzMwNTE3MDcxNDM5WjAUMBICAQoXDTIzMDUxNzA3MTQzOVqgcjBwMG4G
+A1UdIwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8oUKkQDA+MQswCQYDVQQGEwJO
+TDERMA8GA1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMg
+Q0GCCQDBQ+J+YkPM6DAJBgcqhkjOPQQBA2gAMGUCMQCRAtXd7kXgijlMXHXr6m0B
+IzDbpAAwDwCJtgOzarF5hZKGDZeDp6vptGZK0y40NsoCMACxRrXIV+6KUBipFarI
+36yXDoBNol2xzst6p9fOg+prl6p7vO1sRYrIGg1WJGA5wQ==
+-----END X509 CRL-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/crl-ec-sha256.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/crl-ec-sha256.pem
new file mode 100644
index 0000000..b9fad50
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/crl-ec-sha256.pem
@@ -0,0 +1,10 @@
+-----BEGIN X509 CRL-----
+MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UECgwI
+UG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTIzMDUxNzA3
+MTQ0MFoXDTMzMDUxNzA3MTQ0MFowFDASAgEKFw0yMzA1MTcwNzE0NDBaoHIwcDBu
+BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC
+TkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVD
+IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAOFCq4tS7s27+KShmh4n
+zavpLBQUbqyjkH9dJk0jg862YXjirOu9oCOoWtZQz6/LhQIxAJbtOSwJNq0F/FTq
+NYhP7ibE1jad9Tbs6igtZ7Z9NN7V5upnnL4SVETU9pvy9zh+tw==
+-----END X509 CRL-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl-future.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/crl-future.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl-future.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/crl-future.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl-futureRevocationDate.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/crl-futureRevocationDate.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl-futureRevocationDate.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/crl-futureRevocationDate.pem
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/crl-rsa-pss-sha1-badsign.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/crl-rsa-pss-sha1-badsign.pem
new file mode 100644
index 0000000..d236910
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/crl-rsa-pss-sha1-badsign.pem
@@ -0,0 +1,14 @@
+-----BEGIN X509 CRL-----
+MIICJDCCAQYCAQEwEwYJKoZIhvcNAQEKMAaiBAICAOowOzELMAkGA1UEBhMCTkwx
+ETAPBgNVBAoMCFBvbGFyU1NMMRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENBFw0y
+MzA1MTcwODA3NDlaFw0zMzA1MTcwODA3NDlaMCgwEgIBChcNMjMwNTE3MDgwNzQ5
+WjASAgEWFw0yMzA1MTcwODA3NDlaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5
+1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NM
+MRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMBMGCSqGSIb3DQEBCjAGogQC
+AgDqA4IBAQCMUepEfAXs1G3hDE7rcIPT/AFv/oLQSVwRE8O2G5r4j0CgzN6CSGNi
+8qfFVX6f7ds+QM4pxAXk5FH4QJJkev0ZBQxmA/ZDLEFmmCEfPMsA69nG//Xeq+Xz
+ZOqJpAewmXoP2UUxV5rRpAIr9g9NvDkTT012eQEpoGkJlpxOln1VW+Dk24PCZFWf
+Nf8GMUzUsXfXm7ZdCeuc8ZDYNma0nWAMR9Jw6qaEhyH4Fd/scFvXiF/i4cpVp8Rk
+M71wSrCC0pkFzw4/bYMnf0aHle/lNg5e78SAT+/6PA8pXL7Urc0IufOfxCGwqY27
+IXSTrZJj4WeQMk289pIccMHj5DUSo4u0
+-----END X509 CRL-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/crl-rsa-pss-sha1.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/crl-rsa-pss-sha1.pem
new file mode 100644
index 0000000..c129c0c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/crl-rsa-pss-sha1.pem
@@ -0,0 +1,14 @@
+-----BEGIN X509 CRL-----
+MIICJDCCAQYCAQEwEwYJKoZIhvcNAQEKMAaiBAICAOowOzELMAkGA1UEBhMCTkwx
+ETAPBgNVBAoMCFBvbGFyU1NMMRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENBFw0y
+MzA1MTcwODA3NDlaFw0zMzA1MTcwODA3NDlaMCgwEgIBChcNMjMwNTE3MDgwNzQ5
+WjASAgEWFw0yMzA1MTcwODA3NDlaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5
+1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NM
+MRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMBMGCSqGSIb3DQEBCjAGogQC
+AgDqA4IBAQCMUepEfAXs1G3hDE7rcIPT/AFv/oLQSVwRE8O2G5r4j0CgzN6CSGNi
+8qfFVX6f7ds+QM4pxAXk5FH4QJJkev0ZBQxmA/ZDLEFmmCEfPMsA69nG//Xeq+Xz
+ZOqJpAewmXoP2UUxV5rRpAIr9g9NvDkTT012eQEpoGkJlpxOln1VW+Dk24PCZFWf
+Nf8GMUzUsXfXm7ZdCeuc8ZDYNma0nWAMR9Jw6qaEhyH4Fd/scFvXiF/i4cpVp8Rk
+M71wSrCC0pkFzw4/bYMnf0aHle/lNg5e78SAT+/6PA8pXL7Urc0IufOfxCGwqY27
+IXSTrZJj4WeQMk289pIccMHj5DUSo4uO
+-----END X509 CRL-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/crl-rsa-pss-sha224.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/crl-rsa-pss-sha224.pem
new file mode 100644
index 0000000..1108b3d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/crl-rsa-pss-sha224.pem
@@ -0,0 +1,16 @@
+-----BEGIN X509 CRL-----
+MIICgjCCATUCAQEwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgQFAKEcMBoG
+CSqGSIb3DQEBCDANBglghkgBZQMEAgQFAKIEAgIA4jA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIz
+MDUxNzA4MDc0OVoXDTMzMDUxNzA4MDc0OVowKDASAgEKFw0yMzA1MTcwODA3NDla
+MBICARYXDTIzMDUxNzA4MDc0OVqgZzBlMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnV
+ppUP6z68x/3/oT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wx
+GTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzAN
+BglghkgBZQMEAgQFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgQFAKIEAgIA
+4gOCAQEANsElK5qMavcgBXsqgysCIIwEPj+dXdBOwXW17HWh2jcSwAssFNRxhiIc
+PoUjj2fNlbOWXLPoxXBitgkJ31UAYCteGSv3j5P3WEuriVwCG889JEoMWn9U4+f9
+f5jSVNfynyiAOiwpA0TrOhZOAs9SEj742S1pzhsb9yaOXeQXNnDv8HYe3uX9/D9w
+ynot+/EwCYEuvK8XQ6qnV6588NHEAd9x+OcV9pxWrmUE8Muz1KffBwD5+SOW+Taj
+4fKQPcKJoRXOKyLXpOz7yMl/6fCf6h3Qj/H4YI/2gsWI0iduKoXDsuQkMEdPTZvk
+7P88YK3/4MReaZS3sDyhhUrojELPXw==
+-----END X509 CRL-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/crl-rsa-pss-sha256.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/crl-rsa-pss-sha256.pem
new file mode 100644
index 0000000..26f7935
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/crl-rsa-pss-sha256.pem
@@ -0,0 +1,16 @@
+-----BEGIN X509 CRL-----
+MIICgjCCATUCAQEwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgEFAKEcMBoG
+CSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIEAgIA3jA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIz
+MDUxNzA4MDc0OVoXDTMzMDUxNzA4MDc0OVowKDASAgEKFw0yMzA1MTcwODA3NDla
+MBICARYXDTIzMDUxNzA4MDc0OVqgZzBlMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnV
+ppUP6z68x/3/oT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wx
+GTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzAN
+BglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIEAgIA
+3gOCAQEAHLzvRF0RVQL48ZGVFnTk1nsOHXVHS0UVMItsILurXJ4XrOgN1I7iTzu2
+wYNtgr+T15jwsPdgU+Gg3127vb2Djm0IUX0dCfYpSFRUv8BjaK962ZPjM0rkWhC6
+JUTWSLMAMy4ScqcoC7e4vuN2h4kPOzlvDBIhzWKA03+taAtuIOWjXZu2/Cyeggxs
+oXARKI8BEv4b94xwiFJMoMuzcYAkuDIH4MRYANVgOS/zncCRS9D5ZerfoBt70LKX
+nzJtT4a0XoxbUJeU8MZ0fR5aAHUQulAPA9CMmBsHkSx7pzAAhCwx/vXbnWPyhA6G
+XG6gCKcDR5PZQvQNgi29SLlhRTT5TA==
+-----END X509 CRL-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/crl-rsa-pss-sha384.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/crl-rsa-pss-sha384.pem
new file mode 100644
index 0000000..45431f0
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/crl-rsa-pss-sha384.pem
@@ -0,0 +1,16 @@
+-----BEGIN X509 CRL-----
+MIICgjCCATUCAQEwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgIFAKEcMBoG
+CSqGSIb3DQEBCDANBglghkgBZQMEAgIFAKIEAgIAzjA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIz
+MDUxNzA4MDc1MFoXDTMzMDUxNzA4MDc1MFowKDASAgEKFw0yMzA1MTcwODA3NTBa
+MBICARYXDTIzMDUxNzA4MDc1MFqgZzBlMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnV
+ppUP6z68x/3/oT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wx
+GTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzAN
+BglghkgBZQMEAgIFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgIFAKIEAgIA
+zgOCAQEAnZvMo3nmKXPV+q4m1CdMA7jUtdanJBHDAv2+LZLq4T1QpyN+nmLEB1yX
+ARN8/5Px47zm7XyZw6HI1Il34MjblAKIPBVXoswj4YLRceijwiG1bxkh1Kz3lcV0
+GCNPNo7tMPii9iATWlVzWBCzx2rLmt/ys0DtNRCMISOYGW1HkyuO28dwA6nUJwSS
+Ddjr3iilavnBdpzddH9AiN5Fm0sfrFBANx79Qyp0/r8hqrv7rT33maeRKj3S4e9G
+zpO6uHPAh9Obo93DxpKpXoMwxDiHv+bwHPO4J1YOiryy/KZmHhzUMPfvP09pGg9f
+zGO/bOyiHGH0Lf4F9JVMxpfitdbtwg==
+-----END X509 CRL-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/crl-rsa-pss-sha512.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/crl-rsa-pss-sha512.pem
new file mode 100644
index 0000000..71f2b7c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/crl-rsa-pss-sha512.pem
@@ -0,0 +1,16 @@
+-----BEGIN X509 CRL-----
+MIICgjCCATUCAQEwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgMFAKEcMBoG
+CSqGSIb3DQEBCDANBglghkgBZQMEAgMFAKIEAgIAvjA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIz
+MDUxNzA4MDc1MFoXDTMzMDUxNzA4MDc1MFowKDASAgEKFw0yMzA1MTcwODA3NTBa
+MBICARYXDTIzMDUxNzA4MDc1MFqgZzBlMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnV
+ppUP6z68x/3/oT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wx
+GTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzAN
+BglghkgBZQMEAgMFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgMFAKIEAgIA
+vgOCAQEAtMPpQMet9BfMRLg0AW9QfL3QkktV7xk++BqYFOYynBiqxjQH4AKu3wU8
+eiGd3+2xNpQd2/sG7UUNo1Vnl9gCHRiT4bje6+CdvvqaZKSgpmsiztbgBAYORriF
+flKOKOOQTxaikqJ4t7vp727JmstADuyizTgOBE0k3V1glas8B0G122YheeHF02S4
++33Nss4hbfbTilR0RccOaqiXzF9bkFsTlD5KgyUFZbFtdy+1zHZLnRUAJA1HmDeP
+r5p2mJxKwXmZzLnw/FPa8fUH665TKYk08AuIpN+VHdPwiBoYHJ2YZJWgM+1qHq1y
+tlyoAOC6beqsh9OfxcQZaEiWbUI9yQ==
+-----END X509 CRL-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/crl.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/crl.pem
new file mode 100644
index 0000000..5a1bdd3
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/crl.pem
@@ -0,0 +1,11 @@
+-----BEGIN X509 CRL-----
+MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwI
+UG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIzMDUxNzA3MTQz
+OFoXDTMzMDUxNzA3MTQzOFowKDASAgEBFw0yMzA1MTcwNzE0MzhaMBICAQMXDTIz
+MDUxNzA3MTQzOFowDQYJKoZIhvcNAQEFBQADggEBAEKGf/KYnv3EpFiEsPii5f3S
+CEgD0NL44rYIU7n9oBIqgqxP93tDeqwqvv/oDYBA41fugxU63nO5qKn4xszKN/w0
+e3GDg6ihFFz2wO6NE37Wfn3lVIvMbboNyMGqH1CTqTbNcsam8DhvILCMkG60kV66
+pSVGVIJftDzE+33mUundQMYz4wN4QJFGRSfHW745iowF9ejiPsfAn4gO9eLDrRmA
+C0oedNyRLj6jfGRtaQddlCjCAGwNlIJBe/IhixafW9g8deGPHJu8RSlJ/Q77pgjx
+7WccwCz+dWP+uqi8fwgerHYdTjiAvFVu1Yd4KA5WTndzI3wzJwbdZZ08OfDLmyU=
+-----END X509 CRL-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/crl_cat_ec-rsa.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/crl_cat_ec-rsa.pem
new file mode 100644
index 0000000..cafa1d4
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/crl_cat_ec-rsa.pem
@@ -0,0 +1,21 @@
+-----BEGIN X509 CRL-----
+MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UECgwI
+UG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTIzMDUxNzA3
+MTQ0MFoXDTMzMDUxNzA3MTQ0MFowFDASAgEKFw0yMzA1MTcwNzE0NDBaoHIwcDBu
+BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC
+TkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVD
+IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAOFCq4tS7s27+KShmh4n
+zavpLBQUbqyjkH9dJk0jg862YXjirOu9oCOoWtZQz6/LhQIxAJbtOSwJNq0F/FTq
+NYhP7ibE1jad9Tbs6igtZ7Z9NN7V5upnnL4SVETU9pvy9zh+tw==
+-----END X509 CRL-----
+-----BEGIN X509 CRL-----
+MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwI
+UG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIzMDUxNzA3MTQz
+OFoXDTMzMDUxNzA3MTQzOFowKDASAgEBFw0yMzA1MTcwNzE0MzhaMBICAQMXDTIz
+MDUxNzA3MTQzOFowDQYJKoZIhvcNAQEFBQADggEBAEKGf/KYnv3EpFiEsPii5f3S
+CEgD0NL44rYIU7n9oBIqgqxP93tDeqwqvv/oDYBA41fugxU63nO5qKn4xszKN/w0
+e3GDg6ihFFz2wO6NE37Wfn3lVIvMbboNyMGqH1CTqTbNcsam8DhvILCMkG60kV66
+pSVGVIJftDzE+33mUundQMYz4wN4QJFGRSfHW745iowF9ejiPsfAn4gO9eLDrRmA
+C0oedNyRLj6jfGRtaQddlCjCAGwNlIJBe/IhixafW9g8deGPHJu8RSlJ/Q77pgjx
+7WccwCz+dWP+uqi8fwgerHYdTjiAvFVu1Yd4KA5WTndzI3wzJwbdZZ08OfDLmyU=
+-----END X509 CRL-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl_cat_ecfut-rsa.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/crl_cat_ecfut-rsa.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl_cat_ecfut-rsa.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/crl_cat_ecfut-rsa.pem
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/crl_cat_rsa-ec.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/crl_cat_rsa-ec.pem
new file mode 100644
index 0000000..92ecccc
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/crl_cat_rsa-ec.pem
@@ -0,0 +1,21 @@
+-----BEGIN X509 CRL-----
+MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwI
+UG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIzMDUxNzA3MTQz
+OFoXDTMzMDUxNzA3MTQzOFowKDASAgEBFw0yMzA1MTcwNzE0MzhaMBICAQMXDTIz
+MDUxNzA3MTQzOFowDQYJKoZIhvcNAQEFBQADggEBAEKGf/KYnv3EpFiEsPii5f3S
+CEgD0NL44rYIU7n9oBIqgqxP93tDeqwqvv/oDYBA41fugxU63nO5qKn4xszKN/w0
+e3GDg6ihFFz2wO6NE37Wfn3lVIvMbboNyMGqH1CTqTbNcsam8DhvILCMkG60kV66
+pSVGVIJftDzE+33mUundQMYz4wN4QJFGRSfHW745iowF9ejiPsfAn4gO9eLDrRmA
+C0oedNyRLj6jfGRtaQddlCjCAGwNlIJBe/IhixafW9g8deGPHJu8RSlJ/Q77pgjx
+7WccwCz+dWP+uqi8fwgerHYdTjiAvFVu1Yd4KA5WTndzI3wzJwbdZZ08OfDLmyU=
+-----END X509 CRL-----
+-----BEGIN X509 CRL-----
+MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UECgwI
+UG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTIzMDUxNzA3
+MTQ0MFoXDTMzMDUxNzA3MTQ0MFowFDASAgEKFw0yMzA1MTcwNzE0NDBaoHIwcDBu
+BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC
+TkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVD
+IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAOFCq4tS7s27+KShmh4n
+zavpLBQUbqyjkH9dJk0jg862YXjirOu9oCOoWtZQz6/LhQIxAJbtOSwJNq0F/FTq
+NYhP7ibE1jad9Tbs6igtZ7Z9NN7V5upnnL4SVETU9pvy9zh+tw==
+-----END X509 CRL-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl_cat_rsabadpem-ec.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/crl_cat_rsabadpem-ec.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl_cat_rsabadpem-ec.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/crl_cat_rsabadpem-ec.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl_expired.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/crl_expired.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl_expired.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/crl_expired.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl_sha256.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/crl_sha256.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl_sha256.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/crl_sha256.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crt_cat_rsaexp-ec.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/crt_cat_rsaexp-ec.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crt_cat_rsaexp-ec.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/crt_cat_rsaexp-ec.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dh.1000.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dh.1000.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dh.1000.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dh.1000.pem
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/dh.998.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dh.998.pem
new file mode 100644
index 0000000..96d6cf2
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/dh.998.pem
@@ -0,0 +1,17 @@
+    DH Parameters: (998 bit)
+        prime:
+            39:5f:30:c0:7b:06:b7:6a:49:c6:c0:81:1f:39:77:
+            b3:35:e2:8d:66:fc:6a:6e:94:f3:df:97:f2:89:31:
+            6c:75:39:08:16:d1:a4:b8:0c:68:c5:63:21:61:eb:
+            48:2d:77:99:08:1d:67:38:37:0a:cd:cf:39:b6:3c:
+            9d:8a:e5:85:3c:71:e3:4b:3e:1e:b9:80:e3:cc:7a:
+            fd:84:05:b0:df:36:15:29:4e:3e:23:3b:c3:ae:6b:
+            c7:11:b9:64:43:40:75:c7:4a:ef:a7:2d:00:e2:62:
+            8f:93:78:96:8f:2c:25:8d:7d:1f:eb:5c:3c:bf:51:
+            de:f8:08:25:db
+        generator: 2 (0x2)
+-----BEGIN DH PARAMETERS-----
+MIGCAn05XzDAewa3aknGwIEfOXezNeKNZvxqbpTz35fyiTFsdTkIFtGkuAxoxWMh
+YetILXeZCB1nODcKzc85tjydiuWFPHHjSz4euYDjzHr9hAWw3zYVKU4+IzvDrmvH
+EblkQ0B1x0rvpy0A4mKPk3iWjywljX0f61w8v1He+Agl2wIBAg==
+-----END DH PARAMETERS-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/dh.999.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dh.999.pem
new file mode 100644
index 0000000..6e3ceb3
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/dh.999.pem
@@ -0,0 +1,17 @@
+    DH Parameters: (999 bit)
+        prime:
+            4f:b8:d2:d8:3c:b3:02:c9:64:f5:99:fe:61:cc:b3:
+            69:1c:ba:bb:a2:33:db:38:2f:85:87:b7:12:fb:69:
+            6e:a5:32:3e:ff:24:df:c4:61:07:0c:e1:88:72:fa:
+            14:d4:22:65:18:66:09:7e:43:35:c4:5a:62:f7:0a:
+            69:be:45:71:6e:ac:c5:56:d8:22:9e:c4:9c:23:2b:
+            bd:6d:3b:b6:02:4f:5d:12:a7:ac:90:b8:9e:be:93:
+            82:bc:09:7c:cd:e1:09:21:1e:3d:69:2a:76:41:00:
+            68:6d:b7:e8:e8:df:d6:1b:82:93:d9:21:4a:ea:71:
+            f2:e6:c4:94:03
+        generator: 2 (0x2)
+-----BEGIN DH PARAMETERS-----
+MIGCAn1PuNLYPLMCyWT1mf5hzLNpHLq7ojPbOC+Fh7cS+2lupTI+/yTfxGEHDOGI
+cvoU1CJlGGYJfkM1xFpi9wppvkVxbqzFVtginsScIyu9bTu2Ak9dEqeskLievpOC
+vAl8zeEJIR49aSp2QQBobbfo6N/WG4KT2SFK6nHy5sSUAwIBAg==
+-----END DH PARAMETERS-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/dh.optlen.der b/3rdparty/mbedtls-2.28.7/tests/data_files/dh.optlen.der
new file mode 100644
index 0000000..3c3bf17
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/dh.optlen.der differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dh.optlen.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dh.optlen.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dh.optlen.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dh.optlen.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dhparams.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dhparams.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dhparams.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dhparams.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/00.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/00.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/00.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/00.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/00.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/00.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/00.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/00.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/01.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/01.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/01.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/01.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/01.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/01.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/01.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/01.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/02.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/02.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/02.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/02.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/02.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/02.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/02.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/02.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/03.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/03.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/03.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/03.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/03.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/03.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/03.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/03.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/04.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/04.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/04.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/04.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/04.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/04.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/04.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/04.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/05.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/05.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/05.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/05.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/05.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/05.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/05.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/05.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/06.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/06.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/06.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/06.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/06.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/06.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/06.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/06.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/07.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/07.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/07.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/07.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/07.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/07.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/07.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/07.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/08.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/08.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/08.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/08.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/08.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/08.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/08.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/08.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/09.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/09.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/09.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/09.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/09.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/09.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/09.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/09.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/10.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/10.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/10.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/10.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/10.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/10.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/10.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/10.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/11.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/11.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/11.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/11.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/11.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/11.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/11.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/11.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/12.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/12.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/12.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/12.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/12.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/12.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/12.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/12.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/13.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/13.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/13.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/13.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/13.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/13.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/13.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/13.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/14.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/14.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/14.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/14.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/14.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/14.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/14.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/14.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/15.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/15.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/15.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/15.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/15.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/15.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/15.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/15.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/16.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/16.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/16.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/16.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/16.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/16.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/16.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/16.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/17.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/17.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/17.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/17.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/17.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/17.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/17.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/17.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/18.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/18.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/18.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/18.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/18.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/18.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/18.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/18.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/19.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/19.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/19.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/19.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/19.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/19.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/19.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/19.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/20.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/20.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/20.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/20.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/20.key b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/20.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/20.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/20.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/Readme.txt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/Readme.txt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/Readme.txt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/Readme.txt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c00.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c00.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c00.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c00.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c01.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c01.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c01.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c01.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c02.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c02.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c02.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c02.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c03.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c03.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c03.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c03.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c04.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c04.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c04.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c04.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c05.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c05.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c05.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c05.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c06.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c06.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c06.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c06.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c07.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c07.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c07.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c07.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c08.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c08.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c08.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c08.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c09.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c09.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c09.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c09.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c10.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c10.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c10.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c10.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c11.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c11.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c11.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c11.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c12.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c12.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c12.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c12.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c13.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c13.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c13.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c13.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c14.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c14.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c14.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c14.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c15.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c15.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c15.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c15.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c16.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c16.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c16.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c16.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c17.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c17.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c17.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c17.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c18.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c18.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c18.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c18.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c19.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c19.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c19.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c19.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c20.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c20.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/c20.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/c20.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/int.opensslconf b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/int.opensslconf
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir-maxpath/int.opensslconf
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/int.opensslconf
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/long.sh b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/long.sh
new file mode 100644
index 0000000..4e1fd48
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/dir-maxpath/long.sh
@@ -0,0 +1,38 @@
+#!/bin/sh
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+set -eu
+
+: ${OPENSSL:=openssl}
+NB=20
+
+OPT="-days 3653 -sha256"
+
+# generate self-signed root
+$OPENSSL ecparam -name prime256v1 -genkey -out 00.key
+$OPENSSL req -new -x509 -subj "/C=UK/O=mbed TLS/CN=CA00" $OPT \
+             -key 00.key -out 00.crt
+
+# cXX.pem is the chain starting at XX
+cp 00.crt c00.pem
+
+# generate long chain
+i=1
+while [ $i -le $NB ]; do
+    UP=$( printf "%02d" $((i-1)) )
+    ME=$( printf "%02d" $i )
+
+    $OPENSSL ecparam -name prime256v1 -genkey -out ${ME}.key
+    $OPENSSL req -new -subj "/C=UK/O=mbed TLS/CN=CA${ME}" \
+                 -key ${ME}.key -out ${ME}.csr
+    $OPENSSL x509 -req -CA ${UP}.crt -CAkey ${UP}.key -set_serial 1 $OPT \
+                  -extfile int.opensslconf -extensions int \
+                  -in ${ME}.csr -out ${ME}.crt
+
+    cat ${ME}.crt c${UP}.pem > c${ME}.pem
+
+    rm ${ME}.csr
+    i=$((i+1))
+done
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir1/test-ca.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir1/test-ca.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir1/test-ca.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir1/test-ca.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir2/test-ca.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir2/test-ca.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir2/test-ca.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir2/test-ca.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir2/test-ca2.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir2/test-ca2.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir2/test-ca2.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir2/test-ca2.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir3/Readme b/3rdparty/mbedtls-2.28.7/tests/data_files/dir3/Readme
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir3/Readme
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir3/Readme
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir3/test-ca.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir3/test-ca.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir3/test-ca.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir3/test-ca.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir3/test-ca2.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir3/test-ca2.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir3/test-ca2.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir3/test-ca2.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/Readme b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/Readme
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/Readme
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/Readme
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert11.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert11.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert11.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert11.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert12.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert12.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert12.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert12.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert13.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert13.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert13.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert13.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert14.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert14.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert14.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert14.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert21.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert21.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert21.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert21.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert22.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert22.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert22.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert22.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert23.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert23.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert23.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert23.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert31.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert31.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert31.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert31.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert32.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert32.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert32.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert32.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert33.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert33.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert33.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert33.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert34.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert34.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert34.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert34.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert41.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert41.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert41.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert41.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert42.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert42.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert42.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert42.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert43.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert43.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert43.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert43.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert44.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert44.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert44.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert44.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert45.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert45.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert45.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert45.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert51.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert51.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert51.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert51.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert52.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert52.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert52.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert52.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert53.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert53.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert53.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert53.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert54.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert54.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert54.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert54.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert61.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert61.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert61.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert61.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert62.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert62.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert62.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert62.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert63.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert63.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert63.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert63.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert71.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert71.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert71.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert71.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert72.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert72.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert72.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert72.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert73.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert73.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert73.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert73.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert74.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert74.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert74.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert74.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert81.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert81.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert81.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert81.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert82.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert82.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert82.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert82.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert83.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert83.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert83.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert83.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert91.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert91.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert91.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert91.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert92.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert92.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/dir4/cert92.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/dir4/cert92.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_224_prv.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_224_prv.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_224_prv.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_224_prv.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_224_pub.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_224_pub.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_224_pub.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_224_pub.pem
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/ec_256_long_prv.der b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_256_long_prv.der
new file mode 100644
index 0000000..96e329e
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_256_long_prv.der differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_256_long_prv.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_256_long_prv.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_256_long_prv.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_256_long_prv.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_256_prv.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_256_prv.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_256_prv.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_256_prv.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_256_pub.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_256_pub.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_256_pub.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_256_pub.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_384_prv.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_384_prv.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_384_prv.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_384_prv.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_384_pub.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_384_pub.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_384_pub.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_384_pub.pem
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/ec_521_prv.der b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_521_prv.der
new file mode 100644
index 0000000..734714a
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_521_prv.der differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_521_prv.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_521_prv.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_521_prv.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_521_prv.pem
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/ec_521_pub.der b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_521_pub.der
new file mode 100644
index 0000000..5b685de
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_521_pub.der differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_521_pub.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_521_pub.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_521_pub.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_521_pub.pem
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/ec_521_short_prv.der b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_521_short_prv.der
new file mode 100644
index 0000000..0a1f18c
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_521_short_prv.der differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_521_short_prv.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_521_short_prv.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_521_short_prv.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_521_short_prv.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_bp256_prv.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_bp256_prv.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_bp256_prv.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_bp256_prv.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_bp256_pub.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_bp256_pub.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_bp256_pub.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_bp256_pub.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_bp384_prv.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_bp384_prv.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_bp384_prv.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_bp384_prv.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_bp384_pub.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_bp384_pub.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_bp384_pub.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_bp384_pub.pem
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/ec_bp512_prv.der b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_bp512_prv.der
new file mode 100644
index 0000000..2d9a3de
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_bp512_prv.der differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_bp512_prv.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_bp512_prv.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_bp512_prv.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_bp512_prv.pem
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/ec_bp512_pub.der b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_bp512_pub.der
new file mode 100644
index 0000000..6a8c4c7
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_bp512_pub.der differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_bp512_pub.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_bp512_pub.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_bp512_pub.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_bp512_pub.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.pk8.der b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.pk8.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.pk8.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.pk8.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.pk8.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.pk8.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.pk8.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.pk8.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.pk8.pw.der b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.pk8.pw.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.pk8.pw.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.pk8.pw.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.pk8.pw.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.pk8.pw.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.pk8.pw.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.pk8.pw.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.pk8nopub.der b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.pk8nopub.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.pk8nopub.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.pk8nopub.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.pk8nopub.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.pk8nopub.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.pk8nopub.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.pk8nopub.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.pk8nopubparam.der b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.pk8nopubparam.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.pk8nopubparam.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.pk8nopubparam.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.pk8nopubparam.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.pk8nopubparam.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.pk8nopubparam.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.pk8nopubparam.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.pk8param.der b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.pk8param.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.pk8param.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.pk8param.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.pk8param.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.pk8param.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.pk8param.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.pk8param.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.sec1.der b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.sec1.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.sec1.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.sec1.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.sec1.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.sec1.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.sec1.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.sec1.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.sec1.pw.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.sec1.pw.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.sec1.pw.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.sec1.pw.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.specdom.der b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.specdom.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_prv.specdom.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_prv.specdom.der
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/ec_pub.der b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_pub.der
new file mode 100644
index 0000000..e4e5915
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_pub.der differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/ec_pub.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/ec_pub.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/ec_pub.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/ec_pub.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/enco-ca-prstr.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/enco-ca-prstr.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/enco-ca-prstr.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/enco-ca-prstr.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/enco-cert-utf8str.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/enco-cert-utf8str.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/enco-cert-utf8str.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/enco-cert-utf8str.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/format_gen.key b/3rdparty/mbedtls-2.28.7/tests/data_files/format_gen.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/format_gen.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/format_gen.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/format_gen.pub b/3rdparty/mbedtls-2.28.7/tests/data_files/format_gen.pub
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/format_gen.pub
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/format_gen.pub
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/format_pkcs12.fmt b/3rdparty/mbedtls-2.28.7/tests/data_files/format_pkcs12.fmt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/format_pkcs12.fmt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/format_pkcs12.fmt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/format_rsa.key b/3rdparty/mbedtls-2.28.7/tests/data_files/format_rsa.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/format_rsa.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/format_rsa.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/hash_file_1 b/3rdparty/mbedtls-2.28.7/tests/data_files/hash_file_1
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/hash_file_1
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/hash_file_1
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/hash_file_2 b/3rdparty/mbedtls-2.28.7/tests/data_files/hash_file_2
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/hash_file_2
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/hash_file_2
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/hash_file_3 b/3rdparty/mbedtls-2.28.7/tests/data_files/hash_file_3
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/hash_file_3
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/hash_file_3
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/hash_file_4 b/3rdparty/mbedtls-2.28.7/tests/data_files/hash_file_4
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/hash_file_4
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/hash_file_4
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/hash_file_5 b/3rdparty/mbedtls-2.28.7/tests/data_files/hash_file_5
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/hash_file_5
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/hash_file_5
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/keyUsage.decipherOnly.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/keyUsage.decipherOnly.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/keyUsage.decipherOnly.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/keyUsage.decipherOnly.crt
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/mpi_16 b/3rdparty/mbedtls-2.28.7/tests/data_files/mpi_16
new file mode 100644
index 0000000..04335d9
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/mpi_16
@@ -0,0 +1 @@
+label_1234567890=1f55332c3a48b910f9942f6c914e58bef37a47ee45cb164a5b6b8d1006bf59a059c21449939ebebfdf517d2e1dbac88010d7b1f141e997bd6801ddaec9d05910f4f2de2b2c4d714e2c14a72fc7f17aa428d59c531627f09
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/mpi_too_big b/3rdparty/mbedtls-2.28.7/tests/data_files/mpi_too_big
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/mpi_too_big
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/mpi_too_big
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/bitstring-in-dn.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/bitstring-in-dn.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/bitstring-in-dn.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/bitstring-in-dn.pem
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_example_multi.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_example_multi.crt
new file mode 100644
index 0000000..0e3295d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_example_multi.crt
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICojCCAYqgAwIBAgIBETANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwNzEwMTEyNzUyWhcNMjkwNzEwMTEyNzUyWjA6MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGDAWBgNVBAMMD3d3dy5leGFtcGxlLmNvbTCBnzANBgkq
+hkiG9w0BAQEFAAOBjQAwgYkCgYEAxziSxcP0cBAIa/gTNezzARyKJQ+VgjYeqh6W
+ElUarPh7dTMLcFcznNmV8U1MRDfIvsSgP+RkPNPzyQJDPcN8W455qgmEroITNwq/
+hWm9KjVibLH+5KzgQrJBfHvknScUmywHa45DPT9sdjpGmhxwDSWdvAjHQPzYAjdi
+/33r/C0CAwEAAaM2MDQwMgYDVR0RBCswKYILZXhhbXBsZS5jb22CC2V4YW1wbGUu
+bmV0gg0qLmV4YW1wbGUub3JnMA0GCSqGSIb3DQEBCwUAA4IBAQCJbFizurHz804x
+6NbsvsPPgLcESq0OcGOEXOCOe8seZqomhSYTXtHBzrFtRp2/gmtORq2oapoDDiq+
+I+xRLJYsUBut2NdkZmEIRSW4n4sXJwqb0fXTTkd7EAXBvGNWbERab5Sbf84oqd4t
+yjjz2u+Hvx8hZCHJG2V9qg3zaw5zJT1AfAsMbjXqi8CfU7U+Fcor+O3GeuUVgpJC
+QCXb2Qjj3ZmrCvGZA9x59XtnEN6m2O4pWkmqR/Z7MlQrZzQ80vcQMk9+qoKIr2EJ
+RcJhAtE+dLV19IlccwsDlGx5kT5N5zSYLK9nARV1/AjK48bUxGH353A1Y2MCfy0E
+dXDReJa1
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cert_example_multi_nocn.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_example_multi_nocn.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cert_example_multi_nocn.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_example_multi_nocn.crt
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_md2.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_md2.crt
new file mode 100644
index 0000000..94b89af
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_md2.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDPzCCAiegAwIBAgIBCTANBgkqhkiG9w0BAQIFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MDAwMTAxMTIxMjEyWhcNMzAwMTAxMTIxMjEyWjA8MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENlcnQgTUQyMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f
+M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu
+1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw
+MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v
+4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/
+/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB
+o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf
+BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQIFAAOC
+AQEAXLWqy34iaZ2YV+5eE1QMV/9m9nQI2X/yumRH1MT1R3oYde/YDV7+HSOM6qLs
+qSgH1DSyXv1YnJww2OyTtAVhPalICLjVjUQCyeUCiFpAIO6Xz1VE6v4GMFLqhlV1
+Nox9dDtR5Go2zwPaH64Ze9GxuDZfW+VnPRNgYOrqqCBnuhnp2uPRfOewus2AAo50
+dx1XTooCEqElQlB9EIPWbvPdJZjRjruCUtDbz+oxG4J4Ml4KCYm+/MyXNPqxV9+H
+5A9oQltuHMWasMWSfXeimQI5PPpdjndmJOhfT4RGmvTw/uNC/Xuy1kPxXQKoocz6
+93U8RQvyJxdIPtQuARNMRZ7G+Q==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_md4.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_md4.crt
new file mode 100644
index 0000000..7d0f7cb
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_md4.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDPzCCAiegAwIBAgIBBTANBgkqhkiG9w0BAQMFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MDAwMTAxMTIxMjEyWhcNMzAwMTAxMTIxMjEyWjA8MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENlcnQgTUQ0MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f
+M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu
+1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw
+MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v
+4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/
+/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB
+o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf
+BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQMFAAOC
+AQEArXIW7Dy1hBXMKY8/TAfACqkFZzbGDJdD5ohQknENk6FzUHVw9SVibhi5J+nh
+/mhUhoczFg78T8ZopDcsPHKQTuy0LNcLWhZDD4S4CJCibmsf+8BWmPcSp1tsS9Zj
+etO5qNuUarL74W+rRa3qQcCXcglYTubv/PcCV+LGVqZ4XDlO5EBFJJREAREzG+iK
+Epm2y0mi1WTwjy7m7rxYHs5i5ybDHDDwU55H5wh50Vs4/vDx2kZab2K9gx6V2ggY
+CCYmRWKQHdI4XZBkpYFbbREZxMY4Y5c2PUMlr8GUq6s6eu9/GvmnIx/+EySSfxgv
+9GpN+gnyx03hjYNGO7iX8nPnXA==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_md5.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_md5.crt
new file mode 100644
index 0000000..e514fd6
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_md5.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDPzCCAiegAwIBAgIBBjANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MDAwMTAxMTIxMjEyWhcNMzAwMTAxMTIxMjEyWjA8MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENlcnQgTUQ1MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f
+M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu
+1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw
+MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v
+4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/
+/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB
+o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf
+BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQQFAAOC
+AQEAF4QcMshVtVbYgvvU7f2lWakubbAISM/k+FW/f7u63m0MSSoSFeYflBOC1Wf4
+imgDEnWcWTH5V7sxsLNogxfpfTuFUaKfHeQmRhAK4UgqbDEs4dZvgo3wZ/w92G0/
+QNntJefnqaFiITXZTn6J8hxeoEq4QbucbWgeY6fTAwXtIv40BvMOSakkuIFAyIvV
+90VY1j4vnx0/xv5lIBAxah1HdtXhqtDu/sUfdCtWX5SCcVUwwM3gZ4Q1ZdWQmlvF
+737ZG7XaINxsDaI04sJxc7qvuRYhLdCwUPnZL5TGEQJ8jNa/39eEbnkvs7hbTU98
+6qG8UAYsSI7aMe1j7DZpkoPL9w==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_sha1.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_sha1.crt
new file mode 100644
index 0000000..1e23585
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_sha1.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDQDCCAiigAwIBAgIBBzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA9MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGzAZBgNVBAMMElBvbGFyU1NMIENlcnQgU0hBMTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6J
+v7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVB
+Q3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYEl
+XwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk
+65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZP
+cG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEA
+AaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQUH3TWPynBdHRFOwUSLD2ovUNZAqYw
+HwYDVR0jBBgwFoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQAD
+ggEBAFAHuWfjOp+GaM5dP3NBaUayXmjbrsY5fo/ysfOVV9xipzbPWvE2Bu679iU1
+Eg+5hME9VlMmQejGzG09ReXE+30gyhtO3vWA8U21YrsL3ybvS6EREHGKk238bIBh
+yDP/b0VuoNsS3xRn9WyH3TRu5re0vK68OSkLIWPd01fgvcfl6YyUY+WuuSrpYcDv
+nrgKvFZws/EE4RNldtRC1Blwy497AtmWBQWs65zj5JkNdNnm4JJqXZAArNh2GSZo
+83C/1ZSFrNo9GONsCJ0GVGEt7IK7FPqXYW7rXi30BRse33ziU7RPWGDT13bh9Rdz
+RqsoZ5h5VjtHOnMUUD99gIWinBE=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_sha224.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_sha224.crt
new file mode 100644
index 0000000..c8a209d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_sha224.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDQjCCAiqgAwIBAgIBCDANBgkqhkiG9w0BAQ4FADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA/MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHTAbBgNVBAMMFFBvbGFyU1NMIENlcnQgU0hBMjI0MIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVh
+Xom/uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq
+1UFDd185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPht
+gSVfCrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1l
+LGTrlZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsu
+pk9wbp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQID
+AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kC
+pjAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQ4F
+AAOCAQEATdo7p7dok8gcxS0dYGluXMOsAEALyHAgvAJSZUt0x8RxemJfpquv4XG/
+rppQmtA5aPf59Fo0z5GcS0zzYFLTQIcLHKnuuG0W6yjhx3e+5J1hjLbv///vvKGN
+jq55z+CANkragMk6XQ/t+iXkh/Fq00FS+zbf1JLaMXOLst5dfv3uPQaJHwzX/EaE
+VdognXxWudNQgIvemindk9TTQon27zBS/z6nwcBCIXMDfesAjcHuBCfxl6pofK6E
+28qs4up/JayptG2CX98LGsEyAgegwTMSYGLJoWcHhrUcbF0fNOcXPgQKGTcZO4Tg
+yPYGbkG9FjgaASc2gTrYVPRZ6mY19g==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_sha256.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_sha256.crt
new file mode 100644
index 0000000..e56d428
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_sha256.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDQjCCAiqgAwIBAgIBCTANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA/MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHTAbBgNVBAMMFFBvbGFyU1NMIENlcnQgU0hBMjU2MIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVh
+Xom/uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq
+1UFDd185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPht
+gSVfCrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1l
+LGTrlZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsu
+pk9wbp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQID
+AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kC
+pjAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQsF
+AAOCAQEAuo8kRDdQj3+rgqbz7bS3ZfBVCqgbQfruRZncP0s3IQJ6g7k6BNfCTO+N
+tIgnCDhnhjK9DS4l1LTkQJKfcd6sfuwBxjHKWGZUqTqHWFm/O5MJwfMpxI305xXE
+evDzh8LK1W3moX5OcT4bx3QsY9I4nqXQkOzjGidxhOXYA2v+X5OhRt3IJ2dzmQQu
+BVXnDbzuchUfP5aeCwW6l7VX+RJOE2zlqO5yt0ejT02E44qtC5sBf24V9ko5LORw
+1J7Zk34QwsKrSPSGxOuoWNwH3fJpgZQImKgJIQCsksJ+A45CK6iz0km8oTiI3Hoo
+2LpE6UNx2M8jiZWVzH1L4tkg4fcCoQ==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_sha384.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_sha384.crt
new file mode 100644
index 0000000..f8ec10b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_sha384.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDQjCCAiqgAwIBAgIBCjANBgkqhkiG9w0BAQwFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA/MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHTAbBgNVBAMMFFBvbGFyU1NMIENlcnQgU0hBMzg0MIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVh
+Xom/uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq
+1UFDd185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPht
+gSVfCrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1l
+LGTrlZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsu
+pk9wbp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQID
+AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kC
+pjAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQwF
+AAOCAQEAeyHm+emo4/QHqEVKj/MYPOsPrrcr5MupNE7WmoUA7SilVUlceIy8ApWR
+MUdwnh7UPkCa6K1yvayknEbHzD2Lv9BLEf5A1/a+F/LmFXiV0kXIFue13u+z7laV
+N/s/jphPVgjPwZiC1ZtOoD7WvSkIInB53j4Q3VCH6EpZxZuDO/u8CGBQ0g+9Eqhn
+W3+4GFnxUPYeN17u/opt16mEPx6WFbRl9hs5wUvND/FCDEJ/9uVNiVYlPYyHKzzq
+e3WXCHLYUKGESQX+85IrnmlwbAb33bM+sAM6naFafXTZEimeEpX3iYrHzhoU7aR7
+piojwAE+Yb3Ac+Hu1fY4CRO4ZHL6Zg==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_sha512.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_sha512.crt
new file mode 100644
index 0000000..b2254fa
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_sha512.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDQjCCAiqgAwIBAgIBCzANBgkqhkiG9w0BAQ0FADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA/MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHTAbBgNVBAMMFFBvbGFyU1NMIENlcnQgU0hBNTEyMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVh
+Xom/uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq
+1UFDd185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPht
+gSVfCrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1l
+LGTrlZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsu
+pk9wbp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQID
+AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kC
+pjAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQ0F
+AAOCAQEABnuq7gMU6EWqcmEcj2/wiqOFUBeH9ro0tni9JZzaDAKkBMwoeJ3RP/59
+wY92UZC/SoWPm0yLK25KTwxJhd645a5ZeRk+yi1SG+oXNgZFS03F1Orat0bM5u94
+RtzLRInGzTxhlVS8HPRya2+nEaPT9YNO25vORczPDjtrI82UnysaWiKx1OCPhdP3
+ZySAkX/zE1U8Te0+948C0vmg2aTWCSk5zutryFgHH5UojmmWAkBHpX3tIm8JMRG9
+tvp6fbIDan0LmSsVK8rq5OPSwAKMso6GF4Iuxou/jP2gI+NutenX26wrffSjlPiW
+KksLNj8oL6vIUap28Oh+Gwph02biSQ==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cert_v1_with_ext.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_v1_with_ext.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cert_v1_with_ext.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cert_v1_with_ext.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/cli-rsa-sha256-badalg.crt.der b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cli-rsa-sha256-badalg.crt.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/cli-rsa-sha256-badalg.crt.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/cli-rsa-sha256-badalg.crt.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl-ec-sha1.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-ec-sha1.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl-ec-sha1.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-ec-sha1.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl-ec-sha224.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-ec-sha224.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl-ec-sha224.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-ec-sha224.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl-ec-sha256.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-ec-sha256.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl-ec-sha256.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-ec-sha256.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl-ec-sha384.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-ec-sha384.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl-ec-sha384.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-ec-sha384.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl-ec-sha512.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-ec-sha512.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl-ec-sha512.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-ec-sha512.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl-idp.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-idp.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl-idp.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-idp.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl-idpnc.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-idpnc.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl-idpnc.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-idpnc.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl-malformed-trailing-spaces.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-malformed-trailing-spaces.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl-malformed-trailing-spaces.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-malformed-trailing-spaces.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl-rsa-pss-sha1.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-rsa-pss-sha1.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl-rsa-pss-sha1.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-rsa-pss-sha1.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl-rsa-pss-sha224.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-rsa-pss-sha224.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl-rsa-pss-sha224.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-rsa-pss-sha224.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl-rsa-pss-sha256.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-rsa-pss-sha256.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl-rsa-pss-sha256.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-rsa-pss-sha256.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl-rsa-pss-sha384.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-rsa-pss-sha384.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl-rsa-pss-sha384.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-rsa-pss-sha384.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl-rsa-pss-sha512.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-rsa-pss-sha512.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl-rsa-pss-sha512.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl-rsa-pss-sha512.pem
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl_expired.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl_expired.pem
new file mode 100644
index 0000000..cf60ae4
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl_expired.pem
@@ -0,0 +1,11 @@
+-----BEGIN X509 CRL-----
+MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI
+UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjQx
+OVoXDTExMDIyMDExMjQxOVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx
+MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAKgP1XmCIPbfY1/UO+SVFQir
+jArZ94QnQdoan4tJ29d8DmTxJ+z9/KyWNoGeOwc9P/2GQQaZahQOBr0f6lYd67Ct
+wFVh/Q2zF8FgRcrQV7u/vJM33Q2yEsQkMGlM7rE5lC972vUKWu/NKq8bN9W/tWxZ
+SFbvTXpv024aI0IRudpOCALnIy8SFhVb2/52IN2uR6qrFizDexMEdSckgpHuJzGS
+IiANhIMn5LdQYJFjPgBzQU12tDdgzcpxtGhT10y4uQre+UbSjw+iVyml3issw59k
+OSmkWFb06LamRC215JAMok3YQO5RnxCR8EjqPcJr+7+O9a1O1++yiaitg4bUjEA=
+-----END X509 CRL-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl_md2.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl_md2.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl_md2.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl_md2.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl_md4.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl_md4.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl_md4.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl_md4.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl_md5.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl_md5.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl_md5.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl_md5.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl_sha1.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl_sha1.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl_sha1.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl_sha1.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl_sha224.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl_sha224.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl_sha224.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl_sha224.pem
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl_sha256.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl_sha256.pem
new file mode 100644
index 0000000..c3ca256
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl_sha256.pem
@@ -0,0 +1,11 @@
+-----BEGIN X509 CRL-----
+MIIBqzCBlDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI
+UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIxMjE0NDQw
+N1oXDTExMDQxMzE0NDQwN1owKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx
+MDIxMjE0NDQwN1owDQYJKoZIhvcNAQELBQADggEBAG4mBBgwfNynCYYL2CEnqore
+mgKpC32tB6WiUBu9figcvdN3nSX/1wrB8rpiE8R04C8oSFglwhotJCnlWsy42tjb
+0pk0Wuizln0PFMc/OypqRNNhwx31SHH42W4KzONiqvq3n/WkH3M1YniR1ZnMlyvi
+lJioQn6ZAoc6O6mMP1J9duKYYhiMAOV992PD1/iqXw+jYN31RwdIS8/mGzIs4ake
+EdviwhM3E4/sVbNOWCOnZFYV4m+yNAEe29HL1VKw6UXixBczct+brqXNVD3U6T0F
+5ovR6BTefZO17eT52Duke5RZGDUyQOGywxOYKI5W+FcOYdp+U5Idk399tAz2Mdw=
+-----END X509 CRL-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl_sha384.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl_sha384.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl_sha384.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl_sha384.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/crl_sha512.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl_sha512.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/crl_sha512.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/crl_sha512.pem
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/keyUsage.decipherOnly.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/keyUsage.decipherOnly.crt
new file mode 100644
index 0000000..7c37978
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/keyUsage.decipherOnly.crt
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICFzCCAYCgAwIBAgIJAJsTzkylb95SMA0GCSqGSIb3DQEBBQUAMD8xCzAJBgNV
+BAYTAkdCMRIwEAYDVQQHDAlDYW1icmlkZ2UxHDAaBgNVBAoME0RlZmF1bHQgQ29t
+cGFueSBMdGQwHhcNMTUwNTEyMTAzNjU1WhcNMTgwNTExMTAzNjU1WjA/MQswCQYD
+VQQGEwJHQjESMBAGA1UEBwwJQ2FtYnJpZGdlMRwwGgYDVQQKDBNEZWZhdWx0IENv
+bXBhbnkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9nxYOSbha/Ap4
+6rACrOMH7zfDD+0ZEHhbO0bgGRjc5ElvOaNuD321y9TnyAx+JrqPp/lFrAgNiVo1
+HPurPHfcJ+tNBUgBHboWGNENNaf9ovwFPawsBzEZraGnDaqVPEFcIsUQPVqO1lrQ
+CHLUjtqo1hMZDqe/Web0Mw9cZrqOaQIDAQABoxswGTAJBgNVHRMEAjAAMAwGA1Ud
+DwQFAwMH4IAwDQYJKoZIhvcNAQEFBQADgYEAJ0NS2wUbgRelK0qKxrR2Ts6jVYEH
+bmykx3GHjFyKpscDIn2vNyyB7ygfFglZPcw+2mn3xuVIwOV/mWxFvKHk+j2WrTQL
+tDqSC5BhFoR01veFu07JdEYvz+I+NCL5z0IGWXkUrk235Wl4w4WMZDnXTqncMNEk
+fLtpo9y79XD00QY=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/multiple_san.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/multiple_san.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/multiple_san.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/multiple_san.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/non-ascii-string-in-issuer.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/non-ascii-string-in-issuer.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/non-ascii-string-in-issuer.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/non-ascii-string-in-issuer.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1-ms.req.sha256 b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1-ms.req.sha256
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1-ms.req.sha256
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1-ms.req.sha256
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.cert_type.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.cert_type.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.cert_type.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.cert_type.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.crt.der b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.crt.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.crt.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.crt.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.ext_ku.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.ext_ku.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.ext_ku.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.ext_ku.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.key_usage.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.key_usage.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.key_usage.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.key_usage.crt
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.req.commas.sha256 b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.req.commas.sha256
new file mode 100644
index 0000000..0287a31
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.req.commas.sha256
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICiTCCAXECAQAwRDELMAkGA1UEBhMCTkwxGTAXBgNVBAoMEFBvbGFyU1NMLCBD
+b21tYXMxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/uOhFkNvuiBZS
+0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFDd185fAkER4Kw
+Vzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVfCrFTxjB+FTms
++Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTrlZvc/kFeF6ba
+bFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9wbp7OvViJ4lNZ
+nm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQABoAAwDQYJKoZI
+hvcNAQELBQADggEBAI7ZtRJYX6cMuwVhwXOizPV+WD17wby+273V4R8e9/6QA4nY
+RrSciAse+nWZz9Y6toBzLWr0K/9SCzwBX4OzMvLqu4A1G/wApODCDnbGaUPNUxRt
+6qbg8y7faBWvDGjk4+OpQ0suR/pdbM/L7pImqWRNwYdSPbJumNqIdB/Ewtso0TlA
+QVZ992RPe1LovXpDCfPP2p123L7/UHezNCtu5QmzLsDfQmN/rLhCJ2NZzTsnIdnP
+jp6XYU4kRV2BPDL65k38k8CSVWb6fw9XwPNUiyO3q1Zs6jpGJRYMLj9qTEoRN1np
+RME09CN2siMcgkv8UqDeDJ4Oa9qyXS6VXsDmSNI=
+-----END CERTIFICATE REQUEST-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.md4 b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.req.md4
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.md4
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.req.md4
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.md5 b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.req.md5
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.md5
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.req.md5
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.sha1 b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.req.sha1
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.sha1
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.req.sha1
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.sha224 b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.req.sha224
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.sha224
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.req.sha224
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.sha256 b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.req.sha256
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.sha256
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.req.sha256
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.sha384 b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.req.sha384
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.sha384
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.req.sha384
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.sha512 b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.req.sha512
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.sha512
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1.req.sha512
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1_pathlen_int_max-1.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1_pathlen_int_max-1.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1_pathlen_int_max-1.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1_pathlen_int_max-1.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1_pathlen_int_max.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1_pathlen_int_max.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1_pathlen_int_max.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server1_pathlen_int_max.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server2.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server2.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server2.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server2.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server2.crt.der b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server2.crt.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server2.crt.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server2.crt.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server3.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server3.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server3.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server3.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server4.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server4.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server4.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server4.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-fan.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5-fan.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server5-fan.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5-fan.crt
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5-non-compliant.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5-non-compliant.crt
new file mode 100644
index 0000000..abea17d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5-non-compliant.crt
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBwjCCAUagAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMCQxIjAgBgNVBAMMGVRlc3Qg
+RUMgUkZDIG5vbi1jb21wbGlhbnQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ3
+zFbZdgkeWnI+x1kt/yBu7nz5BpF00K0UtfdoIllikk7lANgjEf/qL9I0XV0WvYqI
+wmt3DVXNiioO+gHItO3/o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRQYaWP1AfZ
+14IBDOVlf4xjRqcTvjAfBgNVHSMEGDAWgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAM
+BggqhkjOPQQDAgUAA2gAMGUCMAJ3J/DooFSaBG2OhzyWai32q6INDZfoS2bToSKf
+gy6hbJiIX/G9eFts5+BJQ3QpjgIxALRmIgdR91BDdqpeF5JCmhgjbfbgMQ7mrMeS
+ZGfNyFyjS75QnIA6nKryQmgPXo+sCQ==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5-nonprintable_othername.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5-nonprintable_othername.crt
new file mode 100644
index 0000000..9470bbe
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5-nonprintable_othername.crt
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBwTCCAWagAwIBAgIBTTAKBggqhkjOPQQDAjBPMQswCQYDVQQGEwJVSzERMA8G
+A1UECgwITWJlZCBUTFMxLTArBgNVBAMMJE1iZWQgVExTIG5vbi1wcmludGFibGUg
+b3RoZXJuYW1lIFNBTjAeFw0yMjA5MDYxNTU2NDdaFw0zMjA5MDMxNTU2NDdaME8x
+CzAJBgNVBAYTAlVLMREwDwYDVQQKDAhNYmVkIFRMUzEtMCsGA1UEAwwkTWJlZCBU
+TFMgbm9uLXByaW50YWJsZSBvdGhlcm5hbWUgU0FOMFkwEwYHKoZIzj0CAQYIKoZI
+zj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/
+6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6MzMDEwLwYDVR0RBCgwJqAkBggrBgEF
+BQcIBKAYMBYGBysGAQQBEQMECzEyM4CBAIGAMzIxMAoGCCqGSM49BAMCA0kAMEYC
+IQDATir07PTj5gtf+HAyI+nd27AH9+bdaWdOI2t2bAwUWgIhAO7kvdcsa++yfJdT
+3vnWdvcHRIAdXA0kh+mcBMaXk9B0
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-othername.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5-othername.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server5-othername.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5-othername.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-sha1.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5-sha1.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server5-sha1.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5-sha1.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-sha224.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5-sha224.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server5-sha224.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5-sha224.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-sha384.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5-sha384.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server5-sha384.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5-sha384.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-sha512.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5-sha512.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server5-sha512.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5-sha512.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-unsupported_othername.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5-unsupported_othername.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server5-unsupported_othername.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5-unsupported_othername.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server5.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.req.sha1 b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5.req.sha1
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server5.req.sha1
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5.req.sha1
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.req.sha224 b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5.req.sha224
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server5.req.sha224
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5.req.sha224
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.req.sha256 b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5.req.sha256
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server5.req.sha256
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5.req.sha256
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.req.sha384 b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5.req.sha384
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server5.req.sha384
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5.req.sha384
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.req.sha512 b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5.req.sha512
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server5.req.sha512
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server5.req.sha512
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server7_all_space.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server7_all_space.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server7_all_space.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server7_all_space.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server7_int-ca.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server7_int-ca.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server7_int-ca.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server7_int-ca.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server7_pem_space.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server7_pem_space.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server7_pem_space.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server7_pem_space.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server7_trailing_space.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server7_trailing_space.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server7_trailing_space.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server7_trailing_space.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server9-sha224.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server9-sha224.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server9-sha224.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server9-sha224.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server9-sha256.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server9-sha256.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server9-sha256.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server9-sha256.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server9-sha384.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server9-sha384.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server9-sha384.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server9-sha384.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server9-sha512.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server9-sha512.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server9-sha512.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server9-sha512.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server9.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server9.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server9.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server9.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server9.req.sha1 b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server9.req.sha1
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server9.req.sha1
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server9.req.sha1
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server9.req.sha224 b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server9.req.sha224
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server9.req.sha224
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server9.req.sha224
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server9.req.sha256 b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server9.req.sha256
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server9.req.sha256
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server9.req.sha256
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server9.req.sha384 b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server9.req.sha384
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server9.req.sha384
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server9.req.sha384
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server9.req.sha512 b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server9.req.sha512
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server9.req.sha512
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/server9.req.sha512
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-any_policy.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/test-ca-any_policy.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-any_policy.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/test-ca-any_policy.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-any_policy_ec.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/test-ca-any_policy_ec.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-any_policy_ec.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/test-ca-any_policy_ec.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-any_policy_with_qualifier.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/test-ca-any_policy_with_qualifier.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-any_policy_with_qualifier.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/test-ca-any_policy_with_qualifier.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-any_policy_with_qualifier_ec.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/test-ca-any_policy_with_qualifier_ec.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-any_policy_with_qualifier_ec.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/test-ca-any_policy_with_qualifier_ec.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-multi_policy.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/test-ca-multi_policy.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-multi_policy.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/test-ca-multi_policy.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-multi_policy_ec.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/test-ca-multi_policy_ec.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-multi_policy_ec.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/test-ca-multi_policy_ec.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-unsupported_policy.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/test-ca-unsupported_policy.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-unsupported_policy.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/test-ca-unsupported_policy.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-unsupported_policy_ec.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/test-ca-unsupported_policy_ec.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-unsupported_policy_ec.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/test-ca-unsupported_policy_ec.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/test-ca.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/test-ca.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.crt.der b/3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/test-ca.crt.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.crt.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/parse_input/test-ca.crt.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/passwd.psk b/3rdparty/mbedtls-2.28.7/tests/data_files/passwd.psk
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/passwd.psk
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/passwd.psk
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/print_c.pl b/3rdparty/mbedtls-2.28.7/tests/data_files/print_c.pl
new file mode 100644
index 0000000..5f4b3d0
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/print_c.pl
@@ -0,0 +1,38 @@
+#!/usr/bin/env perl
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+use strict;
+use warnings;
+
+if (!@ARGV || $ARGV[0] == '--help') {
+    print <<EOF;
+Usage: $0 mbedtls_test_foo <file.pem
+       $0 TEST_FOO mbedtls_test_foo <file.pem
+Print out a PEM file as C code defining a string constant.
+
+Used to include some of the test data in /library/certs.c for
+self-tests and sample programs.
+EOF
+    exit;
+}
+
+my $pp_name = @ARGV > 1 ? shift @ARGV : undef;
+my $name = shift @ARGV;
+
+my @lines = map {chomp; s/([\\"])/\\$1/g; "\"$_\\r\\n\""} <STDIN>;
+
+if (defined $pp_name) {
+    foreach ("#define $pp_name", @lines[0..@lines-2]) {
+        printf "%-72s\\\n", $_;
+    }
+    print "$lines[@lines-1]\n";
+    print "const char $name\[\] = $pp_name;\n";
+} else {
+    print "const char $name\[\] =";
+    foreach (@lines) {
+        print "\n$_";
+    }
+    print ";\n";
+}
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/rsa4096_prv.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa4096_prv.der
new file mode 100644
index 0000000..86ea818
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa4096_prv.der differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa4096_prv.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa4096_prv.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa4096_prv.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa4096_prv.pem
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/rsa4096_pub.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa4096_pub.der
new file mode 100644
index 0000000..270bf3a
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa4096_pub.der differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa4096_pub.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa4096_pub.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa4096_pub.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa4096_pub.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa512.key b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa512.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa512.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa512.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa521.key b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa521.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa521.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa521.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa522.key b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa522.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa522.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa522.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa528.key b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa528.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa528.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa528.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_1024_3des.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_1024_3des.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_1024_3des.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_1024_3des.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_1024_aes128.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_1024_aes128.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_1024_aes128.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_1024_aes128.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_1024_aes192.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_1024_aes192.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_1024_aes192.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_1024_aes192.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_1024_aes256.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_1024_aes256.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_1024_aes256.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_1024_aes256.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_1024_clear.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_1024_clear.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_1024_clear.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_1024_clear.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_1024_des.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_1024_des.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_1024_des.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_1024_des.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_2048_3des.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_2048_3des.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_2048_3des.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_2048_3des.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_2048_aes128.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_2048_aes128.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_2048_aes128.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_2048_aes128.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_2048_aes192.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_2048_aes192.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_2048_aes192.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_2048_aes192.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_2048_aes256.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_2048_aes256.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_2048_aes256.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_2048_aes256.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_2048_clear.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_2048_clear.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_2048_clear.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_2048_clear.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_2048_des.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_2048_des.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_2048_des.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_2048_des.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_2048_public.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_2048_public.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_2048_public.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_2048_public.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_2048_public.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_2048_public.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_2048_public.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_2048_public.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_4096_3des.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_4096_3des.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_4096_3des.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_4096_3des.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_4096_aes128.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_4096_aes128.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_4096_aes128.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_4096_aes128.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_4096_aes192.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_4096_aes192.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_4096_aes192.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_4096_aes192.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_4096_aes256.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_4096_aes256.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_4096_aes256.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_4096_aes256.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_4096_clear.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_4096_clear.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_4096_clear.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_4096_clear.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_4096_des.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_4096_des.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs1_4096_des.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs1_4096_des.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_1024_public.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_1024_public.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_1024_public.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_1024_public.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_2048_public.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_2048_public.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_2048_public.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_2048_public.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_2048_public.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_2048_public.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_2048_public.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_2048_public.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_1024_2des.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_1024_2des.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_1024_2des.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_1024_2des.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_1024_2des.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_1024_2des.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_1024_2des.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_1024_2des.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_1024_3des.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_1024_3des.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_1024_3des.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_1024_3des.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_1024_3des.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_1024_3des.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_1024_3des.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_1024_3des.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_2048_2des.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_2048_2des.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_2048_2des.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_2048_2des.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_2048_2des.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_2048_2des.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_2048_2des.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_2048_2des.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_2048_3des.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_2048_3des.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_2048_3des.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_2048_3des.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_2048_3des.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_2048_3des.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_2048_3des.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_2048_3des.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_4096_2des.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_4096_2des.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_4096_2des.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_4096_2des.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_4096_2des.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_4096_2des.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_4096_2des.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_4096_2des.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_4096_3des.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_4096_3des.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_4096_3des.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_4096_3des.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_4096_3des.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_4096_3des.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_4096_3des.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_4096_3des.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server1-nospace.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server1-nospace.crt
new file mode 100644
index 0000000..4c3cb90
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server1-nospace.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDPjCCAiagAwIBAgIBHzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA7MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEHBvbGFyc3NsLmV4YW1wbGUwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpAh89QGrVVVOL/TbugmUuFWFeib+4
+6EWQ2+6IFlLT8UNQR5YSWWSHa/0r4Eb5c77dz5LhkVvtZqBviSl5RYDQg2rVQUN3
+Xzl8CQRHgrBXOXDto+wVGR6oMwhHwQVCqf1Mw7Tf3QYfTRBRQGdzEw9A+G2BJV8K
+sVPGMH4VOaz5Wu5/kp6mBVvnE5eFtSOS2dQkBtUJJYl1B92mGo8/CRm+rWUsZOuV
+m9z+QV4XptpsW2nMAroULBYknErczdD3Umdz8S2gI/1+9DHKLXDKiQsE2y6mT3Bu
+ns69WIniU1meblqSZeKIPwyUGaPd5eidlRPtKdurcBLcWsprF6tSglSxAgMBAAGj
+TTBLMAkGA1UdEwQCMAAwHQYDVR0OBBYEFB901j8pwXR0RTsFEiw9qL1DWQKmMB8G
+A1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBCwUAA4IB
+AQC8fX3ZiHu6GoYBB5Vo1l6CXXDhHB6r43Pp+BHoOCouiiy4useiPLu5S84gmNoC
+v8ZR+b9lAaysCMHAbth9vgtW+aXckBY6xKo8CsmGXcqZqujD6qrDif5q6UpXa4Oe
+fr6ITkecY4Z9oN/aN5el5zzUd5zkoyQDI5Bn1gMdvV7AwM7Haq+5gTFwM7HJnphz
+GZ8GLxWU1dWeAfsGm58ey6J28OjIkmfP3yL/kBKMhiQZydbH9Y8Yal7YwhayXxES
+i7YwhNmPcGAgDBm5Sno7BvHiIqsNX1sssC3aZUaZvldJGY+4Y9fFZHenBwTREj/S
+CnEgazC2RJ3kYg3mP/QhE0US
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server1-v1.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server1-v1.crt
new file mode 100644
index 0000000..8ca9007
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server1-v1.crt
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDHTCCAgUCDFOitscEzU2OvIALwTANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD
+DBNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLDAd0ZXN0aW5nMREwDwYDVQQK
+DAhQb2xhclNTTDELMAkGA1UEBhMCTkwwHhcNMTkwMjEwMTQ0NDA2WhcNMjkwMjEw
+MTQ0NDA2WjBOMRowGAYDVQQDDBFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECwwH
+dGVzdGluZzERMA8GA1UECgwIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/uOhF
+kNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFDd185
+fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVfCrFT
+xjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTrlZvc
+/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9wbp7O
+vViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQABMA0G
+CSqGSIb3DQEBCwUAA4IBAQBrdYAEzdH6ryyYaolYvp8Fvq0wZxp6Bdcxvi0LUGmb
+TdWcNrPU9IYASc5QSrSWPj0c9vhLVbDZAONfn92thi7C2zQXok2Q3jW038ycNSXN
+lVxFkdY4GYa3E6Og1LVIySyzfyyNuHKKWbB5wZCWbzOgu2Q1MHSNvPhKjbDhyGtT
+Mq3Qy6TyzUFbXMRBixcJC/Cy4zsqvWBanVtBmwlvgE4Q50CUgybzSEIL5j+aPLuW
+aj8j2NRB2+7vPeoWd8ry5YxEKB3DRuXHHyyFnT5O8MpWuCl764qFMc8S/i7yVcmZ
+egZQw0dCmE5J4EGX0BEQEM24ll2e8SxL351hbCQ+EfvF
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server1.ca.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.ca.crt
new file mode 100644
index 0000000..84691d6
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.ca.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDRTCCAi2gAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/
+uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD
+d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf
+CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr
+lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w
+bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
+o1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9
+Q1kCpjAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0B
+AQUFAAOCAQEAgt0Fk6cLMjsZUkVpkpTw6EJuKA48H8ieUSTDzYoaDWJQsFY34OIc
+0UpfMwl1jl0qEcVboOdcJHug0EXsfm6XUlSJkPnmcdt/N4gU3/TVkdQwqbvrwjae
+S+Jb1E7fTAiauMi6++svV/sfKqE3OCTJWF+6D0LdgnxEVZM6DvnFU9Jvw+CPTIx6
++SYZLm5sOTL0sWMIxwAEjwGJ3T1m0sjPjnnl4Jn/XtD8UuRRYB/RS6e2TlKovwWP
+G3eUdEs2QJ5lnnD+d7AUYq9nAYnb42M1ZdAxRQxxu2wweiTpUubvT4W6wkG8veix
+UM45EKsxPinnK0rK9bzrPDwpntIHhEUcSQ==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server1.ca.der b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.ca.der
new file mode 100644
index 0000000..a5ff059
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.ca.der differ
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server1.ca_noauthid.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.ca_noauthid.crt
new file mode 100644
index 0000000..e66956d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.ca_noauthid.crt
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDJDCCAgygAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/
+uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD
+d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf
+CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr
+lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w
+bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
+ozIwMDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9
+Q1kCpjANBgkqhkiG9w0BAQUFAAOCAQEAMblPCsjj6RJ8sOm54sdlSJOTGWEo/1LF
+q1bJnKE3FXDeU8pbhEhpfsd2zcKdJxzp7Bg8Ms/xKBuOZhn/4C/n2FwZpEeAsS7J
+tZifKp+GXVs0xbcji9aB8niWXSl/CoICpvHpMAz8k2HT4LDvbC2ElXkqLT7n7k1B
+/ODI3BME34NquyBTDezQb4Gz7bx42OKLrxZkKrO3UF3TQTYBZvlH7IO7SvZhQPGk
+b8a2jKYfeQCCIvcywWQ7qzlgzTgnXJ0RrLyCqOqLFs6ztHPgclHa+XYF5yftSKIS
+zTJLT0IWBtwgB2opv7YSx7tKYhj+uHHY7C3iSXzAgPy5TYkissGXbw==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server1.cert_type.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.cert_type.crt
new file mode 100644
index 0000000..34fe4f6
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.cert_type.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDUjCCAjqgAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/
+uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD
+d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf
+CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr
+lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w
+bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
+o2AwXjAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAf
+BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zARBglghkgBhvhCAQEEBAMC
+BkAwDQYJKoZIhvcNAQEFBQADggEBAElJPaCG6aFHoymoCrzckPfjENxgXW2czh5t
+TsMPshkzX5p2AU89GBGdy0gQwoPuMtcznsDe4adM6Na8f30YDffATsgDECMIWtV1
+XVYKQIwFmZzEt4B+5sUmyMOLtTuuZBThOLPwOw8e4RnILKOYPHnQNRf6Eap4lFDx
+lp2pAaiXMDWH88gmWoU5XrGTppllYV0IorzJ4xV9Sg3ittNwNO40ehVQDAseFwZH
+iyh9iHz4BqtWjElmQ3hL8N/Cbqp3iN15h2pUgIj8JIt9rCsIZrsG3K42iSlPzEn2
+DCzWQSj9cQNCRVJnwgJAWnC1Hx0YYFQMgQquVxnK15THTGQAeB8=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.cert_type.crt.openssl.v3_ext b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.cert_type.crt.openssl.v3_ext
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.cert_type.crt.openssl.v3_ext
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server1.cert_type.crt.openssl.v3_ext
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.cert_type_noauthid.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.cert_type_noauthid.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.cert_type_noauthid.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server1.cert_type_noauthid.crt
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server1.commas.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.commas.crt
new file mode 100644
index 0000000..5acd255
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.commas.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDRzCCAi+gAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjBEMQswCQYDVQQGEwJOTDEZMBcG
+A1UECgwQUG9sYXJTU0wsIENvbW1hczEaMBgGA1UEAwwRUG9sYXJTU0wgU2VydmVy
+IDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpAh89QGrVVVOL/Tbu
+gmUuFWFeib+46EWQ2+6IFlLT8UNQR5YSWWSHa/0r4Eb5c77dz5LhkVvtZqBviSl5
+RYDQg2rVQUN3Xzl8CQRHgrBXOXDto+wVGR6oMwhHwQVCqf1Mw7Tf3QYfTRBRQGdz
+Ew9A+G2BJV8KsVPGMH4VOaz5Wu5/kp6mBVvnE5eFtSOS2dQkBtUJJYl1B92mGo8/
+CRm+rWUsZOuVm9z+QV4XptpsW2nMAroULBYknErczdD3Umdz8S2gI/1+9DHKLXDK
+iQsE2y6mT3Buns69WIniU1meblqSZeKIPwyUGaPd5eidlRPtKdurcBLcWsprF6tS
+glSxAgMBAAGjTTBLMAkGA1UdEwQCMAAwHQYDVR0OBBYEFB901j8pwXR0RTsFEiw9
+qL1DWQKmMB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3
+DQEBBQUAA4IBAQA1Ecg+VVJRmgFF9cnlztnXj4y9QKj8MCf2uZA3nTNe1Deh9l17
+ZNNWdPkXzVzf0IeR3LQRKT+daTzxuOOCSV9OxOcN0dIODBwa97BtNQfuWw2eWC9I
+3UOVXbx8Ga+bXnD8ouatpyEG0FfhLO5YgEP0K9TyyN/nFa9kkB2Kvpy8yWm3w9WG
+WgsOr2fpIExfC2ZFaiu3NVGTpT9fLv8RTatSC1XLA5Sr8NNHia3zCvEJEAlTuFHs
+wm8apIAHlb44bbgW+7UwBIH9r2A21gQFy3v4cTLtlbnaUBbHUJvarK4ru70J+gew
+OO3NZ1ocvnV+qGIcc7LgyNA8pZW5Jbewb/gN
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server1.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.crt
new file mode 100644
index 0000000..258da5e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDPzCCAiegAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/
+uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD
+d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf
+CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr
+lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w
+bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
+o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAf
+BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQUFAAOC
+AQEAf2k5OiORp60gBNqioC2mIqSXA0CU/qzllt8IvlcMv1V0PAP9f4IEm5mdkERr
+UXjnB1Tr3edrsvXLgZ9vEosbFpNMsKfsmBkpjgWG2ui8pdn8cJiws4k4h5fuueSw
+Ps1FLK5Tfpi+GJyPqk4ha9Ojp2p9opuA0aIfLuxI+0UzXH4wgrEW/Yydowv959gf
+gGSl766CRdUvJbXOeVryFjFTRfLFFNfTvrftZk1dl8tas1nim8xfWet+BZVvq2zY
+C7LeCI9nrfuAxfMJTrWFp17y72+hCDk7NEaB2ZLVuAM/ri7LWrr2V2hLFdIAhfC2
+nUaulRRpGt/ZTISw6uSIumNoNA==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.crt.openssl.v3_ext b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.crt.openssl.v3_ext
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.crt.openssl.v3_ext
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server1.crt.openssl.v3_ext
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.csr b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.csr
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.csr
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server1.csr
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.der b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server1.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.key b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server1.key
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server1.key.der b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.key.der
new file mode 100644
index 0000000..88288d1
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.key.der differ
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server1.key_usage.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.key_usage.crt
new file mode 100644
index 0000000..9d70b00
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.key_usage.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDTzCCAjegAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/
+uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD
+d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf
+CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr
+lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w
+bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
+o10wWzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAf
+BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zAOBgNVHQ8BAf8EBAMCBeAw
+DQYJKoZIhvcNAQEFBQADggEBAHM8eESmE8CQvuCw2/w1JSWKaU9cJIvrtpJXavRC
+yMEv6SQL0hxrNZBhFPM8vAiq6zBdic2HwuiZ9N/iEXuCf92SOcK4b/2/Flos0JI5
+quu4eGkwoNrOvfZUcO7SB8JHUvmJtTP+avF3QeRfHo9bHRtnyOs9GXqq+CMZiNgO
+Bw+/tAOml3tV1Uf+yjp6XroWLRNMbvY1Sor4UW6FFMpOii/vlJ4450OlpcJdRU70
+LpHfxjmPNvc9YOPWve75/+CNF9lMi29UoEUYslxMPylZ/L0vYxi+xuvQBTaLiZeP
+CJ59Mc63LEmJNSAwnnV8s2KXL/Okm32lf6sy0fjsrvAdoCc=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.key_usage.crt.openssl.v3_ext b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.key_usage.crt.openssl.v3_ext
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.key_usage.crt.openssl.v3_ext
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server1.key_usage.crt.openssl.v3_ext
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.key_usage_noauthid.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.key_usage_noauthid.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.key_usage_noauthid.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server1.key_usage_noauthid.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.noauthid.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.noauthid.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.noauthid.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server1.noauthid.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.pubkey b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.pubkey
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.pubkey
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server1.pubkey
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server1.pubkey.der b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.pubkey.der
new file mode 100644
index 0000000..1a432a4
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.pubkey.der differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.cert_type b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.cert_type
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.cert_type
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.cert_type
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.cert_type_empty b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.cert_type_empty
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.cert_type_empty
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.cert_type_empty
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.key_usage b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.key_usage
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.key_usage
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.key_usage
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.key_usage_empty b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.key_usage_empty
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.key_usage_empty
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.key_usage_empty
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.ku-ct b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.ku-ct
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.req.ku-ct
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.ku-ct
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.md4 b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.md4
new file mode 100644
index 0000000..1558549
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.md4
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
+GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ
+ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ
+HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
+W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
+FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
+DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBAwUA
+A4IBAQAu8SbWDi5udXrs/lljV+jdHky2BFuVFNxZgj5QvLslffdx2/Tj4MVCsqkY
+tAcy5g/urW1WwHcnJ20PRgt60m3BSUJffdKF/kgRyTN1oBFpApHGAJEHPahR/3Mz
+hMBk4D/r6lga60iUhIfky8o8KU+ovHXROHzGfYaVySatpyJW6tkJOz/1ZKLI4s4K
+HGLFxKBd6bvyuMSCpV31J7ZHPQfSH38VEEaTLJ2QOltWDX5k4DlL/F3I5K4VFWOm
+DMndMXkb7LhL9jcaJJRzEmbX3aMdt2aXhQt2LDFMnMCeSHI014URnQd6IzRQYZPp
+qGZf2UmuJdLeIMzSNX2rZ+SVDX9o
+-----END CERTIFICATE REQUEST-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.md5 b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.md5
new file mode 100644
index 0000000..57714ed
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.md5
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
+GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ
+ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ
+HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
+W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
+FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
+DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBBAUA
+A4IBAQCEiv3QM4xyKhYTsoOjyzQdXMhsXK3Kpw+Rh874Hf6pXHxUaYy7xLUZUx6K
+x5Bvem1HMHAdmOqYTzsE9ZblAMZNRwv/CKGS3pvMkx/VZwXQhFGlHLFG//fPrgl3
+j4dt20QsWP8LnL4LweYSYI1wt1rjgYRHeF6bG/VIck6BIYQhKOGlzIwWUmfAGym6
+q4SYrd+ObZullSarGGSfNKjIUEpYtfQBz31f5tRsyzSps7oG4uc7Xba4qnl2o9FN
+lWOMEER79QGwr7+T41FTHFztFddfJ06CCjoRCfEn0Tcsg11tSMS0851oLkMm8RyY
+aozIzO82R3Em7aPhZBiBDy3wZC2l
+-----END CERTIFICATE REQUEST-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.sha1 b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.sha1
new file mode 100644
index 0000000..578ec7f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.sha1
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
+GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ
+ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ
+HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
+W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
+FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
+DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBBQUA
+A4IBAQCiYQMOv2ALPUeg8wHKn9L5SdDbNxOzuMwhYsCYTw2TJMQO7NLUq6icEzxY
+pUIIFt60JUQjZHxQSY3y9cSivwKXQA7pPfaPaFC/aMA2GxG23t2eaIWNQX8MfcWf
+XAa8bl/vmC1MTov+mP2DGoXRiKYORrEInyDS2RaTathvHckcAv25nCIx7wYO9tC9
+LUwyoE9bhiQ7fo3KFlz4dK1HukyCM/FoPbJuL7NgdzmKVPyYCLh5Ah+TTD6+sltz
+dFc4fj28w1v3jsBXz+tLrgFQidzuUI2poxt5UwU9TKY0dAJaTCtfIRcXW3h6DGG7
+EDR6rim6sbIQkGzYvGqs4TNoJOR+
+-----END CERTIFICATE REQUEST-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.sha224 b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.sha224
new file mode 100644
index 0000000..a4f2af4
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.sha224
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
+GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ
+ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ
+HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
+W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
+FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
+DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBDgUA
+A4IBAQArYR2mLKU5lsHyAyGHr4PlmC/cfePmCRyC/mj1riGTjDlNC2X3J1VZDqKb
+U/uUxLudP7sbuttRksIAREATT74Pa40bMWiPUlBfA/M2mFTmKb/91uXeIISW8DL3
+xM/5BCDrhnZ/cjP23gKDgJRk+IGBNhYZDGz50TIBbDJ2e4GDkFjzANngUW64UcCQ
+7hZOYtnYLBnoRvPwtal5jZqHwsgaPPePXu+SQ8mfuAJwJ78MOCAaKw0IP1h1OnPG
+iubdl34lSIaYWwbHTdjaqUSQG3SSs4oxEvluYymrpZ6XGKXtphJXEPdTRiLu9d9l
+A5NYVgvqHFQPmuXS92zrGzB788pV
+-----END CERTIFICATE REQUEST-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.sha256 b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.sha256
new file mode 100644
index 0000000..6d21dc5
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.sha256
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
+GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ
+ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ
+HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
+W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
+FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
+DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBCwUA
+A4IBAQCVlSU7qeKri7E3u8JCZbCyjsGJTH9iHYyeDZ/nDLig7iKGYvyNmyzJ76Qu
++EntSmL2OtL95Yqooc6h1AQHzoCs+SO2wPoTUs3Ypi9r7vNNVO3ZnnxVtGgqCRVA
+W+z9W4p2mHXQhgW1HkuLa5JD1SvJViyZbx9z3ie1BQ9NVKfv++ArPIv70zBtA7O3
+PZNG1JYN30Esz7RsCDRHbz6Npvu9ggUQL/U3mvQQ+Yo+xhwu1yFV+dRH7PebBeQv
+vjcD2fXDabeofK3zztIpUIyUULX0GGClM9jslgJ/ZHUlArWKpLZph0AgF1Dzts//
+M6c/sRw7gtjXmV0zq2tf2fL4+e2b
+-----END CERTIFICATE REQUEST-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.sha256.ext b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.sha256.ext
new file mode 100644
index 0000000..3f26f09
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.sha256.ext
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICpzCCAY8CAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
+GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ
+ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ
+HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
+W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
+FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
+DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAmMCQGCSqGSIb3DQEJDjEX
+MBUwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADggEBAHi0yEGu
+Fh5tuLiLuT95UrRnly55+lTY9xchFiKtlcoEdSheybYxqk3JHuSSqojOFKZBlRdk
+oG6Azg56/aMHPWyvtCMSRQX4b+FgjeQsm9IfhYNMquQOxyPxm62vjuU3MfZIofXH
+hKdI6Ci2CDF4Fyvw50KBWniV38eE9+kjsvDLdXD3ESZJGhjjuFl8ReUiA2wdBTcP
+XEZaXUIc6B4tUnlPeqn/2zp4GBqqWzNZx6TXBpApASGG3BEJnM52FVPC7E9p+8YZ
+qIGuiF5Cz/rYZkpwffBWIfS2zZakHLm5TB8FgZkWlyReJU9Ihk2Tl/sZ1kllFdYa
+xLPnLCL82KFL1Co=
+-----END CERTIFICATE REQUEST-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.sha384 b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.sha384
new file mode 100644
index 0000000..b857af7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.sha384
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
+GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ
+ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ
+HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
+W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
+FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
+DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBDAUA
+A4IBAQBy35zHYLiYaScq1niQkzQ/BScUbdiWd2V90isBsB5Q3NjVoJl/yCaMrla3
+2XfrutpFpdqwenl5jM0o6+enKCmfur+z2/ije69Dju2aBd6A62cx1AEvFiMq7lyF
+4DYJ32+2ty6KA8EhzE3NFs7zKXxmD5ybp+oXNEvXoeU3W8a+Ld5c1K/n+Ipa0TUy
+cFBs6dCsbYO9wI6npwWqC5Hc9r/0zziMFO+4N5VORdYUFqObq4vCYOMXETpl8ryu
+lGZorNUoJ7vV55T31CDqEtb0EE+nO+nT4agfDobncYjvc3WpQuLtUB4UwR5gpZl6
+ZI+j4uwikOgGO9gcx4IjaRP3q63F
+-----END CERTIFICATE REQUEST-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.sha512 b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.sha512
new file mode 100644
index 0000000..85d5246
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.req.sha512
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
+GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ
+ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ
+HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
+W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
+FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
+DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBDQUA
+A4IBAQBb8jNpt0nkNVWstVoOCepQSF5R1R9hF0yEr7mk3HB9oO/nK07R1Oamgjw+
+CHQReTSjIKUX53o7ZwNZB5E+jBDsGz/2Yyj/vxNHJFk2exELtW30he8K2omVHE1F
+XESbftCssWLNpTSDq6ME12+llkEDtgCtkv69oRUkuuF5ESUSZRGIZN4Vledm8SM1
+uGFtaG/PXbBbtUaNwNISDeIWDKRtbuca5web+QEi1djiUH21ZWIGEpOy7mtkYmRs
+Qt1D32FoaqFNhafiaxNIXO11yd4lgpaDDlmrOSBsELcTIF9916o3DwMeVXy0GONW
+BrwaO8q8rg+C+xvMY7858Kk8kwjb
+-----END CERTIFICATE REQUEST-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1.v1.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server1.v1.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1.v1.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server1.v1.crt
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server10-badsign.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server10-badsign.crt
new file mode 100644
index 0000000..d4ac4b1
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server10-badsign.crt
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw
+DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l
+ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ
+BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na
+peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE
+h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw
+JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6
+3mQUjQNFzHPFpWqjHCp0vS0=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server10-bs_int3.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/server10-bs_int3.pem
new file mode 100644
index 0000000..d824c43
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server10-bs_int3.pem
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw
+DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l
+ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ
+BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na
+peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE
+h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw
+JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6
+3mQUjQNFzHPFpWqjHCp0vS0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG
+A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU
+ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9
+2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn
+ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF
++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv
+1GRe86dg1A==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server10.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server10.crt
new file mode 100644
index 0000000..52b5ea0
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server10.crt
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw
+DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l
+ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ
+BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na
+peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE
+h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw
+JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6
+3mQUjQNFzHPFpWqjHCp0vS4=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server10.key b/3rdparty/mbedtls-2.28.7/tests/data_files/server10.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server10.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server10.key
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server10_int3-bs.pem b/3rdparty/mbedtls-2.28.7/tests/data_files/server10_int3-bs.pem
new file mode 100644
index 0000000..9a82b17
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server10_int3-bs.pem
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw
+DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l
+ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ
+BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na
+peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE
+h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw
+JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6
+3mQUjQNFzHPFpWqjHCp0vS4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG
+A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU
+ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9
+2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn
+ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF
++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv
+1GRe86dg10==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server10_int3_int-ca2.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server10_int3_int-ca2.crt
new file mode 100644
index 0000000..b585292
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server10_int3_int-ca2.crt
@@ -0,0 +1,40 @@
+-----BEGIN CERTIFICATE-----
+MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw
+DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l
+ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ
+BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na
+peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE
+h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw
+JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6
+3mQUjQNFzHPFpWqjHCp0vS4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG
+A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU
+ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9
+2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn
+ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF
++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv
+1GRe86dg1A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MjMwNTE3MDkyNzAyWhcNMzMwNTE3MDkyNzAyWjBLMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl
+WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8
+ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW
+BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV
+D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw
+FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMAwGA1UdEwQFMAMBAf8wDQYJKoZI
+hvcNAQELBQADggEBAHTN0URrP2MpwD8vODymjjq7iaB7WFZ4CWUjx9LWu3PPZbX2
+12MxzkyFaVR7rnPKZSFHJJEmNaPDJWwYhGQRXLCoD6NiJy6De4fa5gSYoXthRGFf
+GnFXZu3e37GDKoKP87TZ+VXcyx6PHvPxJB3/9N94Vj2Yh3hCs7F72GmwfDww6ooj
+whIqhxBYOhPleANs70FZ7Y7tjZV1RtQ1/9sRcbyv9OvdPuWvukBVq1KM6nqVHBZ3
+/4kHBWaFaWMq/AAxMxaTGFAOA8S2yU56jkB65viQrpQQWffBJWK+WfrcgxRWqR33
+hqG3yT1IWbJ5E11XL9TCKD+DReqeXHyYawx8fBU=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server10_int3_int-ca2_ca.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server10_int3_int-ca2_ca.crt
new file mode 100644
index 0000000..3601a20
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server10_int3_int-ca2_ca.crt
@@ -0,0 +1,60 @@
+-----BEGIN CERTIFICATE-----
+MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw
+DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l
+ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ
+BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na
+peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE
+h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw
+JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6
+3mQUjQNFzHPFpWqjHCp0vS4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG
+A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU
+ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9
+2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn
+ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF
++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv
+1GRe86dg1A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MjMwNTE3MDkyNzAyWhcNMzMwNTE3MDkyNzAyWjBLMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl
+WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8
+ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW
+BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV
+D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw
+FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMAwGA1UdEwQFMAMBAf8wDQYJKoZI
+hvcNAQELBQADggEBAHTN0URrP2MpwD8vODymjjq7iaB7WFZ4CWUjx9LWu3PPZbX2
+12MxzkyFaVR7rnPKZSFHJJEmNaPDJWwYhGQRXLCoD6NiJy6De4fa5gSYoXthRGFf
+GnFXZu3e37GDKoKP87TZ+VXcyx6PHvPxJB3/9N94Vj2Yh3hCs7F72GmwfDww6ooj
+whIqhxBYOhPleANs70FZ7Y7tjZV1RtQ1/9sRcbyv9OvdPuWvukBVq1KM6nqVHBZ3
+/4kHBWaFaWMq/AAxMxaTGFAOA8S2yU56jkB65viQrpQQWffBJWK+WfrcgxRWqR33
+hqG3yT1IWbJ5E11XL9TCKD+DReqeXHyYawx8fBU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDRDCCAiygAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx
+mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny
+50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n
+YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL
+R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu
+KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj
+UzBRMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68
+x/3/MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEB
+BQUAA4IBAQCz557ZZmWv5UTTHebzTyVzku5ldpcicJPqKHP3xZ4tPPY52JQyJg/T
+hsRB44yTyNo3/jo9or2KgVnc+/nCmnlvTq22a/j26DtKZ7wD9MWxunpkqRwExtA/
+G816msrl6X6m50WwdLXTvaVJGXCYp8TPVLx5YY3WPIVoX0CPN7Hs9iNJNiEWo4Qf
+7dAqjWBB/QpusmWhjaDSc4+cFhT24Yo9HuS1yrkUTrBtJaj0AykTsiyFm6SBVDNH
+9XIxCgYy9QrYbDKNtJXhuevpN0yUMV/aUnIkU2wTTouhOzZisjNk0sS1guqmSHzf
+hlf8qotOhNvFXpEsCGwZUywayo7c4DtO
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server10_int3_spurious_int-ca2.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server10_int3_spurious_int-ca2.crt
new file mode 100644
index 0000000..87cc476
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server10_int3_spurious_int-ca2.crt
@@ -0,0 +1,64 @@
+-----BEGIN CERTIFICATE-----
+MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw
+DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l
+ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ
+BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na
+peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE
+h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw
+JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6
+3mQUjQNFzHPFpWqjHCp0vS4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG
+A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU
+ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9
+2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn
+ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF
++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv
+1GRe86dg1A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
+MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq
+vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR
+wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF
+CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g
+Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q
+AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2
+qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM
+uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA
+kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P
+d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br
+Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg
+updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY
+a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
+NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE
+AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
+CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l
+fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN
+JAuV9fLJJdB5nZUG3l85Dt27VNkT
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MjMwNTE3MDkyNzAyWhcNMzMwNTE3MDkyNzAyWjBLMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl
+WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8
+ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW
+BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV
+D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw
+FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMAwGA1UdEwQFMAMBAf8wDQYJKoZI
+hvcNAQELBQADggEBAHTN0URrP2MpwD8vODymjjq7iaB7WFZ4CWUjx9LWu3PPZbX2
+12MxzkyFaVR7rnPKZSFHJJEmNaPDJWwYhGQRXLCoD6NiJy6De4fa5gSYoXthRGFf
+GnFXZu3e37GDKoKP87TZ+VXcyx6PHvPxJB3/9N94Vj2Yh3hCs7F72GmwfDww6ooj
+whIqhxBYOhPleANs70FZ7Y7tjZV1RtQ1/9sRcbyv9OvdPuWvukBVq1KM6nqVHBZ3
+/4kHBWaFaWMq/AAxMxaTGFAOA8S2yU56jkB65viQrpQQWffBJWK+WfrcgxRWqR33
+hqG3yT1IWbJ5E11XL9TCKD+DReqeXHyYawx8fBU=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1_ca.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server1_ca.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1_ca.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server1_ca.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server1_csr.opensslconf b/3rdparty/mbedtls-2.28.7/tests/data_files/server1_csr.opensslconf
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server1_csr.opensslconf
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server1_csr.opensslconf
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server2-badsign.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server2-badsign.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server2-badsign.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server2-badsign.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server2-sha256.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server2-sha256.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server2-sha256.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server2-sha256.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server2-sha256.crt.der b/3rdparty/mbedtls-2.28.7/tests/data_files/server2-sha256.crt.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server2-sha256.crt.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server2-sha256.crt.der
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server2-v1-chain.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server2-v1-chain.crt
new file mode 100644
index 0000000..8ac003b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server2-v1-chain.crt
@@ -0,0 +1,38 @@
+-----BEGIN CERTIFICATE-----
+MIIDETCCAfkCDFOittkjXbxFc/m3bDANBgkqhkiG9w0BAQsFADBOMRowGAYDVQQD
+DBFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECwwHdGVzdGluZzERMA8GA1UECgwI
+UG9sYXJTU0wxCzAJBgNVBAYTAk5MMB4XDTE5MDIxMDE0NDQwNloXDTI5MDIxMDE0
+NDQwNlowRDEQMA4GA1UEAwwHc2VydmVyMjEQMA4GA1UECwwHdGVzdGluZzERMA8G
+A1UECgwIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r
+lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2
+2JDBYbRmUjaiJlOqq3ReB30Zgtsq2B+g2Q0cLUlm91slc0boC4pPaQy1AJDh2oIQ
+Zn2uVCuLZXmRoeJhw81ASQjuaAzxi4bSRr/QuKoRAx5/VqgaHkQYDw+Fi9qLRF7i
+GMZiL8dmjfpd2H3zJ4kpAcWQDj8n8TDISg7v1t7HxydrxwU9esQCPJodPg/oNJhb
+y3NLUpbYEaIsgIhpOVrTD7DeWS8Rx/fqEgEwlwIDAQABMA0GCSqGSIb3DQEBCwUA
+A4IBAQBmzdRQV8c0AbT8+IlPf7EpzfdhBwBtDj7N8GPEHL+NqS1hHt7TH3L7jBN3
+CqLUgrAP1LFmQrjW5IPZYNZEA+LxMMjAehvOH71pBsFGvQOpx2CwmqM86s9FIgIa
+zob7L34+xVEZfmR09PsLiT7gF13ht0HkvVZ2haBU0k3vV97aEVvPtbqrlR6RfLrZ
+8nXBFt5CkzGxepS4wBCW4TrGXxpMJ0WnnhcLJVnExUd6YbzGP+ewXCKegD1wDX6z
+UsEVGDQV97u3tszF43kx0nu/Q5DYMCqJV0kpIsMB467xPnNqyMdGtTbZq2Is8oj6
+VA+fctBdN0CW4jo+qkOif0l/F8Az
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDHTCCAgUCDFOitscEzU2OvIALwTANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD
+DBNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLDAd0ZXN0aW5nMREwDwYDVQQK
+DAhQb2xhclNTTDELMAkGA1UEBhMCTkwwHhcNMTkwMjEwMTQ0NDA2WhcNMjkwMjEw
+MTQ0NDA2WjBOMRowGAYDVQQDDBFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECwwH
+dGVzdGluZzERMA8GA1UECgwIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/uOhF
+kNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFDd185
+fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVfCrFT
+xjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTrlZvc
+/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9wbp7O
+vViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQABMA0G
+CSqGSIb3DQEBCwUAA4IBAQBrdYAEzdH6ryyYaolYvp8Fvq0wZxp6Bdcxvi0LUGmb
+TdWcNrPU9IYASc5QSrSWPj0c9vhLVbDZAONfn92thi7C2zQXok2Q3jW038ycNSXN
+lVxFkdY4GYa3E6Og1LVIySyzfyyNuHKKWbB5wZCWbzOgu2Q1MHSNvPhKjbDhyGtT
+Mq3Qy6TyzUFbXMRBixcJC/Cy4zsqvWBanVtBmwlvgE4Q50CUgybzSEIL5j+aPLuW
+aj8j2NRB2+7vPeoWd8ry5YxEKB3DRuXHHyyFnT5O8MpWuCl764qFMc8S/i7yVcmZ
+egZQw0dCmE5J4EGX0BEQEM24ll2e8SxL351hbCQ+EfvF
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server2-v1.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server2-v1.crt
new file mode 100644
index 0000000..990cd4b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server2-v1.crt
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDETCCAfkCDFOittkjXbxFc/m3bDANBgkqhkiG9w0BAQsFADBOMRowGAYDVQQD
+DBFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECwwHdGVzdGluZzERMA8GA1UECgwI
+UG9sYXJTU0wxCzAJBgNVBAYTAk5MMB4XDTE5MDIxMDE0NDQwNloXDTI5MDIxMDE0
+NDQwNlowRDEQMA4GA1UEAwwHc2VydmVyMjEQMA4GA1UECwwHdGVzdGluZzERMA8G
+A1UECgwIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r
+lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2
+2JDBYbRmUjaiJlOqq3ReB30Zgtsq2B+g2Q0cLUlm91slc0boC4pPaQy1AJDh2oIQ
+Zn2uVCuLZXmRoeJhw81ASQjuaAzxi4bSRr/QuKoRAx5/VqgaHkQYDw+Fi9qLRF7i
+GMZiL8dmjfpd2H3zJ4kpAcWQDj8n8TDISg7v1t7HxydrxwU9esQCPJodPg/oNJhb
+y3NLUpbYEaIsgIhpOVrTD7DeWS8Rx/fqEgEwlwIDAQABMA0GCSqGSIb3DQEBCwUA
+A4IBAQBmzdRQV8c0AbT8+IlPf7EpzfdhBwBtDj7N8GPEHL+NqS1hHt7TH3L7jBN3
+CqLUgrAP1LFmQrjW5IPZYNZEA+LxMMjAehvOH71pBsFGvQOpx2CwmqM86s9FIgIa
+zob7L34+xVEZfmR09PsLiT7gF13ht0HkvVZ2haBU0k3vV97aEVvPtbqrlR6RfLrZ
+8nXBFt5CkzGxepS4wBCW4TrGXxpMJ0WnnhcLJVnExUd6YbzGP+ewXCKegD1wDX6z
+UsEVGDQV97u3tszF43kx0nu/Q5DYMCqJV0kpIsMB467xPnNqyMdGtTbZq2Is8oj6
+VA+fctBdN0CW4jo+qkOif0l/F8Az
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server2.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server2.crt
new file mode 100644
index 0000000..0745196
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server2.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN
+owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz
+NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM
+tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P
+hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya
+HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD
+VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw
+FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJklg3Q4
+cB7v7BzsxM/vLyKccO6op0/gZzM4ghuLq2Y32kl0sM6kSNUUmduuq3u/+GmUZN2A
+O/7c+Hw7hDFEIvZk98aBGjCLqn3DmgHIv8ToQ67nellQxx2Uj309PdgjNi/r9HOc
+KNAYPbBcg6MJGWWj2TI6vNaceios/DhOYx5V0j5nfqSJ/pnU0g9Ign2LAhgYpGJE
+iEM9wW7hEMkwmk0h/sqZsrJsGH5YsF/VThSq/JVO1e2mZH2vruyZKJVBq+8tDNYp
+HkK6tSyVYQhzIt3StMJWKMl/o5k2AYz6tSC164+1oG+ML3LWg8XrGKa91H4UOKap
+Awgk0+4m0T25cNs=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server2.der b/3rdparty/mbedtls-2.28.7/tests/data_files/server2.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server2.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server2.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server2.key b/3rdparty/mbedtls-2.28.7/tests/data_files/server2.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server2.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server2.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server2.key.der b/3rdparty/mbedtls-2.28.7/tests/data_files/server2.key.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server2.key.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server2.key.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server2.key.enc b/3rdparty/mbedtls-2.28.7/tests/data_files/server2.key.enc
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server2.key.enc
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server2.key.enc
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server2.ku-ds.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server2.ku-ds.crt
new file mode 100644
index 0000000..d1e1251
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server2.ku-ds.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDRzCCAi+gAwIBAgIBLDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN
+owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz
+NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM
+tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P
+hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya
+HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNdMFswCQYD
+VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw
+FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3
+DQEBBQUAA4IBAQCcDy5VWW133eL1TesUkejziAz9QNBHvWkKNs0jF6+fRgWgFP5Y
+EE87rQX0Z1XiyTDB4LdKfivRi3TMD7EX8o6q9C3H/ilu5anrgha8WziMrtv/s9IF
+QjpyHdnXGoXmA9uDqQLtucR5yep3ux4mlwS8GG3IUkpkdysNOrVvSARm0ZagQ9tn
+YZyEjGd8wP3jKYNJAB2OdnvX9OqBmEyvSmMucSidkMkdLrUcjmOtz+AkqoRGewwc
+eClstlp8NEuP37q2KLYtbQMpio1Kzsr3PCey1UImKNjauypS2Dpzl1RnmBw+c5En
+SdLMa+ns3odRhF0IvENDhz/mKZJvwtoz/NBz
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server2.ku-ds_ke.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server2.ku-ds_ke.crt
new file mode 100644
index 0000000..eb23245
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server2.ku-ds_ke.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDRzCCAi+gAwIBAgIBMDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN
+owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz
+NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM
+tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P
+hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya
+HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNdMFswCQYD
+VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw
+FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDgYDVR0PAQH/BAQDAgWgMA0GCSqGSIb3
+DQEBBQUAA4IBAQB6u7D3tAsB75aZEcUfv2XyeLX4P99mzx2yOBSsPaIDTRyv0XoT
+vbgUA7viX/F7I8b2kc6ihRXSu/98c7Vr/uSm0LfV3VMgoAXBCWNg/5c/N3c0YnZ2
+imuv0yeXw5cJI3iYQJmllawdrGgOslfPuO7kqrFt3uGaylITpVLQ7w7iDpPbAFM8
+kPpO6CMyCFi6miQYoZchTTP9X3dpbpNdB2FlSVT55J6TIvH5x4t7XCFJuvYYJxrf
+8I3UFR3OnBR625zUHXJ6uV8yHG5ze+4K2n9CHcyX7zuZ+bB0e8wIS6Xf99M+1ApF
+ESvXwHI0Fu8s/PJ+leD28CRJQMuAOJIYBMnS
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server2.ku-ka.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server2.ku-ka.crt
new file mode 100644
index 0000000..ce97e82
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server2.ku-ka.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDRzCCAi+gAwIBAgIBKjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN
+owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz
+NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM
+tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P
+hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya
+HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNdMFswCQYD
+VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw
+FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDgYDVR0PAQH/BAQDAgMIMA0GCSqGSIb3
+DQEBBQUAA4IBAQAxJDMtlqpFHKw5ymqzgfnm0aY51PZOXpsPfoed7Vz2PzSB2eJ0
+JQc+QuLhippy8hnPmPZg/HQ/gedbxFKPiIiYEh86GvnBFozQ+c8sE0h6tJgVOJJi
+ADUNeVJoq03WIroTMqAB0uW0rHB+OFm7uRwIDFr2gWVrKZKg/KsDrxtng2wPOgbU
+xvPRtNyaOZjV0GjuBhWxpPTxXw27e5Mq3MS5B9piZgPXmam5lZdOe0LNrbQShfmP
+4mk4drjdQaUrL3JLpLt8S4oihZU+dOHkYdZVHSAuuGikZK7qPfEdP/yrZTCgtY54
+vXxv47xT9L+pWtiTosBmsy/ewvWprVJIxLh3
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server2.ku-ke.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server2.ku-ke.crt
new file mode 100644
index 0000000..21e6cf0
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server2.ku-ke.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDRzCCAi+gAwIBAgIBKzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN
+owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz
+NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM
+tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P
+hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya
+HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNdMFswCQYD
+VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw
+FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDgYDVR0PAQH/BAQDAgUgMA0GCSqGSIb3
+DQEBBQUAA4IBAQCeNpH2eSUXpq0CPlE6P1/bJW2f0vKFWMnZ6B3eFCdMCcKJ6LYV
+BA1Dn5G5HEW4mBMJfyMwD5sklyEzQDCgIDjws+BRUflMr71AerfesHIGdW4jAw10
+aWwFMeszzZ54ZahX2GHPcwWfTccSf9tpSaRMlNBEIz8lfb2iEZ2HR9eAmAqYgtR1
+RbYcsNfC0oBYOCTRmvXi+wpGcUWn+VbIv6rHrQYnWXiPAuPJUqIpM0x9q0kT6NCi
+LfdhaVV2DPnvBYGRcXX78JK5/MQt/sv4JSefRpvxpVQCmbo0amz7hUMHGCflAbro
+FpyBlfcpj0lSRoaU9x0mCYzqwDYd+4NJZUGT
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server3.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server3.crt
new file mode 100644
index 0000000..46987c3
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server3.crt
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICXDCCAUSgAwIBAgIBDTANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBJMBMGByqGSM49AgEG
+CCqGSM49AwEBAzIABH0AoQyUhPABS38y67uEVs4O3RXmKKrBdUR7/L2QPB8EC2p5
+fQcsej6EFasvlTdJ/6NNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQU5BdrNrIGiTrZ
+XkO24GR9h6t93jcwHwYDVR0jBBgwFoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJ
+KoZIhvcNAQEFBQADggEBAKSCuGCXcpDrVwRVgHVlUsxACRDUH2QirsLFAUk1CGsR
+SniBgWi+5KGK8fd3Tf+GkVeIZocaf7tnKm0YJg8W5QPDnwrMD2L1SjYFgc7r1G4f
+579FOo0qRKdJabTV0e022XFyN77JJHAm8RkjZEnzUuW7k8/RohY8NBzh+KACyHOi
+96DhGsBp9LG6QIKB1rxiNx4wq3WUygaMgImoaDRqgAFxJjwRBEhcsWtU2AmoOKdO
+hzQp+EzEjn04+ScJpMzMF4FY+kLaz9PlvEO61aQuZsC2fUmk+M6q8xcBNEdoFNvv
+0cOl5Liuewb32srAZWCMpbHFxaT9Nd3TxJwFxFCJpvc=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server3.key b/3rdparty/mbedtls-2.28.7/tests/data_files/server3.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server3.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server3.key
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server4.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server4.crt
new file mode 100644
index 0000000..2b4134d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server4.crt
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICnTCCAiGgAwIBAgIBCDAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0xOTAyMTAxNDQ0MDBaFw0yOTAyMTAxNDQ0MDBaMDQxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9eMvlV9hzsP+2u6oSlhxly+VSGe4I0Mly1g
+Mku+BhiPm7EPEscFe+cQcuA7kr6Wmzjan6v913igTri21Gh5llS+v7t4GdbfmfQS
+k8AiT0bC76+DsZ/GaJ+AhHyFmc5CS3Y6O++kKE8LG9RqKW0HjnQjOH6YQr+FgWv7
+smU2fFHVdCVtvIMzsRy3UfBhy5LcwGUGqrTjwn7QoSRBcgJKMp4cWBr14MKr4nJ+
+p7lu3QrfSGXU3TXrgHtqiHTwSiaZ75pK4CzP4ywnebsA7YNRh2sPGWuTLVCu9FZZ
+9fR3x2NMz64dOjUO+JEzqj34/0N+gV3nf9nQqbTexUtBa9SuEQIDAQABo00wSzAJ
+BgNVHRMEAjAAMB0GA1UdDgQWBBTAlAm1+0L41mhqYWjFiejsRVrGeTAfBgNVHSME
+GDAWgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDB
+ek00E3uHPwnUDBVAPRJThsj2mQr/MSCTwRMNXnNlki9Lux0qGd6uvhp5v31I7V0C
+MDiCHwEm55sU4gWrAxYVKVVV9qMTG2Moy4YnJDDlxwpyXPta5Ac2FV+0AbInBXSM
+Bg==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server4.key b/3rdparty/mbedtls-2.28.7/tests/data_files/server4.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server4.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server4.key
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5-badsign.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-badsign.crt
new file mode 100644
index 0000000..b641f70
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-badsign.crt
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICIDCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
+MjMwNTE3MDcxMDM2WhcNMzMwNTE0MDcxMDM2WjA0MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
+CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
+2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB
+PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh
+clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG
+CCqGSM49BAMCA2kAMGYCMQDg6p7PPfr2+n7nGvya3pU4ust3k7Obk4/tZX+uHHRQ
+qaccsyULeFNzkyRvWHFeT5sCMQCzDJX79Ii7hILYza/iXWJe/BjJEE8MteCRGXDN
+06jC+BLgOH1KQV9ArqEh3AhOhE0=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der0.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der0.crt
new file mode 100644
index 0000000..1e0a008
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der0.crt differ
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der1a.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der1a.crt
new file mode 100644
index 0000000..c143298
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der1a.crt differ
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der1b.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der1b.crt
new file mode 100644
index 0000000..6989679
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der1b.crt differ
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der2.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der2.crt
new file mode 100644
index 0000000..56ad14c
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der2.crt differ
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der4.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der4.crt
new file mode 100644
index 0000000..4ceed41
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der4.crt differ
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der8.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der8.crt
new file mode 100644
index 0000000..07ffd2f
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der8.crt differ
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der9.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der9.crt
new file mode 100644
index 0000000..aa8f9a1
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-der9.crt differ
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-expired.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-expired.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server5-expired.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server5-expired.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-future.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-future.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server5-future.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server5-future.crt
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5-selfsigned.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-selfsigned.crt
new file mode 100644
index 0000000..0eafe70
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-selfsigned.crt
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBxzCCAW2gAwIBAgIMU6LLSxJOrYN9qJSyMAoGCCqGSM49BAMCMEcxEzARBgNV
+BAMMCnNlbGZzaWduZWQxEDAOBgNVBAsMB3Rlc3RpbmcxETAPBgNVBAoMCFBvbGFy
+U1NMMQswCQYDVQQGEwJOTDAeFw0yMzA1MDkwMjQ5NTdaFw0zMzA1MDYwMjQ5NTda
+MEcxEzARBgNVBAMMCnNlbGZzaWduZWQxEDAOBgNVBAsMB3Rlc3RpbmcxETAPBgNV
+BAoMCFBvbGFyU1NMMQswCQYDVQQGEwJOTDBZMBMGByqGSM49AgEGCCqGSM49AwEH
+A0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRd
+XRa9iojCa3cNVc2KKg76Aci07f+jPzA9MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/
+BAQDAgeAMB0GA1UdDgQWBBRQYaWP1AfZ14IBDOVlf4xjRqcTvjAKBggqhkjOPQQD
+AgNIADBFAiAXiJxDrd5aLzGB/Uc3kYBIBuSUIMGvol2c8EvwmF3zmQIhAPFrKMgA
+s2awzo/PBB5gFTkDub88wRYwS1R9JPYCXUO0
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5-sha1.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-sha1.crt
new file mode 100644
index 0000000..6c14183
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-sha1.crt
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICHjCCAaSgAwIBAgIBCTAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYD
+VQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAeFw0y
+MzA1MTcwNzEwMzdaFw0zMzA1MTQwNzEwMzdaMDQxCzAJBgNVBAYTAk5MMREwDwYD
+VQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0CAQYI
+KoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDY
+IxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6OBnTCBmjAJBgNVHRMEAjAAMB0G
+A1UdDgQWBBRQYaWP1AfZ14IBDOVlf4xjRqcTvjBuBgNVHSMEZzBlgBSdbSAkSQE/
+K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFy
+U1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggkAwUPifmJDzOgwCQYH
+KoZIzj0EAQNpADBmAjEAnbhJ4O/x6bcBgB0FnX44q9j9pjBYHN9ZK59bHxqerhyJ
+12DlVbNoOonlkFYVUsgCAjEAmnUolKu+XUtS2is3d0M2V6cPwZxq5qI0+wBR79/p
+NRjFOlyP69OWs9CI2cyYLbGc
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5-sha224.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-sha224.crt
new file mode 100644
index 0000000..ad01b10
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-sha224.crt
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDATA+MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
+MjMwNTE3MDcxMDM3WhcNMzMwNTE0MDcxMDM3WjA0MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
+CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
+2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB
+PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh
+clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG
+CCqGSM49BAMBA2gAMGUCMQDlCvtvCAgJDiGQnqOYwzmeafyyNbpSRZwcpV84FSkm
+pwKw2jTv3WaXujSNu7B62GoCME97oLBGSgiOMD5QUEdOjABkCV4E2slyvk4Gk71c
+9e92VgA3rKPRXlvwACPsbFIQJQ==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5-sha384.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-sha384.crt
new file mode 100644
index 0000000..7de6f8c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-sha384.crt
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAzA+MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
+MjMwNTE3MDcxMDM3WhcNMzMwNTE0MDcxMDM3WjA0MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
+CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
+2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB
+PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh
+clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG
+CCqGSM49BAMDA2gAMGUCMQDPV3rbJX6rigR5SJQGNzqfreq8Y3O+mlAQkuo9sicU
+llVXjN3g41dOJmaEO2yHjMQCMCecXLQsYjQn2wPh/XyE+PL48Yp0+Y6+HEHCjLk3
+JOTQqo73a9xN+yhrud2ssT830w==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5-sha512.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-sha512.crt
new file mode 100644
index 0000000..8bea8c2
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-sha512.crt
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICHjCCAaWgAwIBAgIBCTAKBggqhkjOPQQDBDA+MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
+MjMwNTE3MDcxMDM3WhcNMzMwNTE0MDcxMDM3WjA0MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
+CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
+2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB
+PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh
+clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG
+CCqGSM49BAMEA2cAMGQCMEekbPD8GQQmK1uJ3wXgC/VdRdfmEBM/urkmXYINcHrz
+E6xLpFE/jxZ0wb5SXteLtQIwZ8ZJIDLnxGciX/mtfx0dOII3bna72yRkGfT+0b/C
+sj9KvVuQ0y1oaP9Rbg35dbcH
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-ss-expired.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-ss-expired.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server5-ss-expired.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server5-ss-expired.crt
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5-ss-forgeca.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-ss-forgeca.crt
new file mode 100644
index 0000000..cf5bd6d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-ss-forgeca.crt
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBkzCCATmgAwIBAgIBTTAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G
+A1UECgwIbWJlZCBUTFMxKDAmBgNVBAMMH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp
+YXRlIENBIDMwHhcNMjMwNTE3MDkxNDIxWhcNMzMwNTE0MDkxNDIxWjBKMQswCQYD
+VQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMxKDAmBgNVBAMMH21iZWQgVExTIFRl
+c3QgaW50ZXJtZWRpYXRlIENBIDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ3
+zFbZdgkeWnI+x1kt/yBu7nz5BpF00K0UtfdoIllikk7lANgjEf/qL9I0XV0WvYqI
+wmt3DVXNiioO+gHItO3/oxAwDjAMBgNVHRMEBTADAQH/MAoGCCqGSM49BAMCA0gA
+MEUCIQD0f3GH9cEJ7cJWPIfwAL/1cGREqO//O/1XggWZv/clnQIgQmlMzGzuUDHq
+/mTgGQ9ceSAB9B9im9rcgY6DRFZULnY=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5-tricky-ip-san.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5-tricky-ip-san.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server5-tricky-ip-san.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server5-tricky-ip-san.crt
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.crt
new file mode 100644
index 0000000..a95bbf4
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.crt
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
+MjMwNjE1MDMzNDE4WhcNMzMwNjEyMDMzNDE4WjA0MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
+CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
+2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB
+PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh
+clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG
+CCqGSM49BAMCA2gAMGUCMAHFbGEzx8dZaUlIltT5s1QO9FvKmvFer4uRY3ntEy9S
+k7DCCozM86WWLjfzbJ78bwIxAJYRPF1CzNEiXPHb9O46ZPHKo2S5x//g/54RowAK
+uZz+hKPuMi6YY6cIm81jfeaSZQ==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5.crt.der b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.crt.der
new file mode 100644
index 0000000..2cb2ae5
Binary files /dev/null and b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.crt.der differ
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5.crt.openssl.v3_ext b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.crt.openssl.v3_ext
new file mode 100644
index 0000000..594e90a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.crt.openssl.v3_ext
@@ -0,0 +1,3 @@
+basicConstraints = CA:false
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5.eku-cli.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.eku-cli.crt
new file mode 100644
index 0000000..8d04559
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.eku-cli.crt
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB6zCCAW6gAwIBAgIBPDAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C
+AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO
+5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NlMGMwCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB
+PyvLeLUZvH4kydv7NnwwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwIwDAYIKoZIzj0E
+AwIFAANpADBmAjEAoC1Xxg8Xt3tvM2ZER4jCRv7iSYPWGgNtcYNJj3G0lb0PYi1l
+Nd0cqdGxydhm7RJLAjEApAE8koD1ccIPnSFTagT7shOSz1/lOU4wwAWswcwolzt3
+xrvFlMoTeJx3sS3Zqdr8
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5.eku-cs.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.eku-cs.crt
new file mode 100644
index 0000000..c00bc3b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.eku-cs.crt
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB6jCCAW6gAwIBAgIBOjAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C
+AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO
+5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NlMGMwCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB
+PyvLeLUZvH4kydv7NnwwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwMwDAYIKoZIzj0E
+AwIFAANoADBlAjBlMU7Fh18cel20P3rY7esvtPLDHQQKWSCO91XHHkZi1zRPq2px
+nwVHayXnOS3CPRsCMQCQDYTyVMS8oEIrm0XPI6HrbCMUq2bhPwaYpelU/asOzYI3
+gOjGCDFHtyedJHVK0rs=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5.eku-cs_any.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.eku-cs_any.crt
new file mode 100644
index 0000000..912d929
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.eku-cs_any.crt
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB8DCCAXSgAwIBAgIBOzAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C
+AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO
+5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NrMGkwCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB
+PyvLeLUZvH4kydv7NnwwHAYDVR0lAQH/BBIwEAYIKwYBBQUHAwMGBFUdJQAwDAYI
+KoZIzj0EAwIFAANoADBlAjEA89+l8gNC0H75Tzdz/75W6EjGSzZ3m50S4cK5jD6+
+ZZLpRcbIqPqMT2MNkCm7ImNpAjAlTkFLVCGnTNX/q7QWOrx8aPXXAeZtY5NFxd66
+EJJb+YHTQ80hZhLWX8/QaAJjniU=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5.eku-srv.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.eku-srv.crt
new file mode 100644
index 0000000..b173afc
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.eku-srv.crt
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB6jCCAW6gAwIBAgIBPjAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C
+AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO
+5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NlMGMwCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB
+PyvLeLUZvH4kydv7NnwwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDAYIKoZIzj0E
+AwIFAANoADBlAjEAh+l47FmXR/nUxD8bfnS3sT+QTgc8pXUEqh/gXUs2xINVSoL+
+ZewgcNb2UanzCNheAjAnUY4b0M9YHp/eJjls5RzGX6JXtcWwn9JvO1HqMQnHthcy
+hPEQ3lW7XG0DIQS1drk=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5.eku-srv_cli.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.eku-srv_cli.crt
new file mode 100644
index 0000000..be2531e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.eku-srv_cli.crt
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB8zCCAXigAwIBAgIBPTAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C
+AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO
+5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NvMG0wCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB
+PyvLeLUZvH4kydv7NnwwIAYDVR0lAQH/BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
+MAwGCCqGSM49BAMCBQADZwAwZAIwHu/xjSqHK91yEM+KgEFGU8Xc3o9rEVrCBFeW
+ChIa3slZZdG4OuIm06Tsabf0pBLHAjBYKjoUwWEuDOOQKbbJZG8gKDzMAgEpe/RW
+wAjY7i6CzZ1NKfFQ9fQdwA+yjq2fnlg=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.key b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server5.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server5.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.key.der b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.key.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server5.key.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server5.key.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server5.key.enc b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.key.enc
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server5.key.enc
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server5.key.enc
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5.ku-ds.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.ku-ds.crt
new file mode 100644
index 0000000..dafff9b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.ku-ds.crt
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB4zCCAWagAwIBAgIBLTAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C
+AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO
+5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NdMFswCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB
+PyvLeLUZvH4kydv7NnwwDgYDVR0PAQH/BAQDAgeAMAwGCCqGSM49BAMCBQADaQAw
+ZgIxALHO0QR+4vz+fj4WwBQMa55oJDlp1J0PpqoJYKTf6DRx5rNuZxSbNu2wJQWz
+MJ9ekQIxAMPo/Rhu4e9KRkEf9rYU9Ynd7t9/PCsXw4JZuxZfToURDsrAI/Pnqc0H
+4+FA/EuPJA==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5.ku-ka.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.ku-ka.crt
new file mode 100644
index 0000000..74a4235
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.ku-ka.crt
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB4jCCAWagAwIBAgIBLjAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C
+AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO
+5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NdMFswCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB
+PyvLeLUZvH4kydv7NnwwDgYDVR0PAQH/BAQDAgMIMAwGCCqGSM49BAMCBQADaAAw
+ZQIwCVbbPiS8MJUOz8JBmgLHojKDaJOd4lSfSak0GSl02UjT8OiNyRzA+FlFWO94
+YMjyAjEA14/ubZ1ZW3/0hkiFHzhTD2SXbTfYbhDZSq2PR+9sBlUrrx1GhzWw/cOD
+3jZd4DQO
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5.ku-ke.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.ku-ke.crt
new file mode 100644
index 0000000..6b4e74e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.ku-ke.crt
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB4TCCAWagAwIBAgIBLzAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C
+AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO
+5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NdMFswCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB
+PyvLeLUZvH4kydv7NnwwDgYDVR0PAQH/BAQDAgUgMAwGCCqGSM49BAMCBQADZwAw
+ZAIwezTY0tigIg6u1dFl90LHYcZ+lJK4BO5Y6U9pn952NFo24NsL8qnG4nxwsL3M
+VvV7AjBQ+oZyKSyNp8XRAHYC6lERH7/Gh7HrVWyTRo9iPPL6tE4x/jE7jL9ifgl+
+F6982sk=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server5.req.ku.sha1 b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.req.ku.sha1
new file mode 100644
index 0000000..c73a0e2
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server5.req.ku.sha1
@@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBFDCBvAIBADA8MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGjAY
+BgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
+QgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/6i/SNF1d
+Fr2KiMJrdw1VzYoqDvoByLTt/6AeMBwGCSqGSIb3DQEJDjEPMA0wCwYDVR0PBAQD
+AgbAMAkGByqGSM49BAEDSAAwRQIhAJyChfsSpNIhLjeDB3eBWVjb685y0IJHoNp/
+Ho463k83AiAB9+M9k8nLjKVkEYaVfmE/fPKQVkeuywIO0RMmZ40gAQ==
+-----END CERTIFICATE REQUEST-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server6-ss-child.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server6-ss-child.crt
new file mode 100644
index 0000000..fc28f34
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server6-ss-child.crt
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB7jCCAZSgAwIBAgIMU6LLWCI5lHSn7HnsMAoGCCqGSM49BAMCMEcxEzARBgNV
+BAMMCnNlbGZzaWduZWQxEDAOBgNVBAsMB3Rlc3RpbmcxETAPBgNVBAoMCFBvbGFy
+U1NMMQswCQYDVQQGEwJOTDAeFw0yMzA1MDkwNjA2NDJaFw0zMzA1MDYwNjA2NDJa
+ME0xGTAXBgNVBAMMEHNlbGZzaWduZWQtY2hpbGQxEDAOBgNVBAsMB3Rlc3Rpbmcx
+ETAPBgNVBAoMCFBvbGFyU1NMMQswCQYDVQQGEwJOTDBZMBMGByqGSM49AgEGCCqG
+SM49AwEHA0IABIFZMXZJJPoVraugMW4O7TMR+pElVcGwwZwDcj6Yui2kcjeJH0M3
+jR+OOtjwV+gvT8kApPfbcw+yxgSU0UA7OOOjYDBeMAwGA1UdEwEB/wQCMAAwDgYD
+VR0PAQH/BAQDAgeAMB0GA1UdDgQWBBR+ZY8+MwMU5eG+YLLghX+M52ArezAfBgNV
+HSMEGDAWgBRQYaWP1AfZ14IBDOVlf4xjRqcTvjAKBggqhkjOPQQDAgNIADBFAiAl
+Y2yXg5sZunmo+McUBzvSao1wRxw+9XBSM+Dph5gfhgIhAPlI+lSvD4mzlBzn01Mg
+0tMpKHbY34iadcMWBUgibMiA
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server6-ss-child.crt.openssl.v3_ext b/3rdparty/mbedtls-2.28.7/tests/data_files/server6-ss-child.crt.openssl.v3_ext
new file mode 100644
index 0000000..dd9cdaa
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server6-ss-child.crt.openssl.v3_ext
@@ -0,0 +1,4 @@
+basicConstraints = critical,CA:false
+keyUsage=critical,digitalSignature
+subjectKeyIdentifier=hash
+
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server6.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server6.crt
new file mode 100644
index 0000000..51e4393
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server6.crt
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICIDCCAaWgAwIBAgIBCjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
+MjMwNTE3MDcxMDM3WhcNMzMwNTE0MDcxMDM3WjA0MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
+CCqGSM49AwEHA0IABIFZMXZJJPoVraugMW4O7TMR+pElVcGwwZwDcj6Yui2kcjeJ
+H0M3jR+OOtjwV+gvT8kApPfbcw+yxgSU0UA7OOOjgZ0wgZowCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUfmWPPjMDFOXhvmCy4IV/jOdgK3swbgYDVR0jBGcwZYAUnW0gJEkB
+PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh
+clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG
+CCqGSM49BAMCA2kAMGYCMQC7mlP+bq/c4hKB3zfJgPdwSnzzQOkXwdA2O6QumC2o
+ZuHyjUYV5/ZyU8QQ7cNnKnYCMQD9ByA7ddpVE2Gk+OVuBPGfwV4O2COgFrasfrTn
+KgfuCEF96BhSjLDXWKB4IFWaXUQ=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server6.key b/3rdparty/mbedtls-2.28.7/tests/data_files/server6.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server6.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server6.key
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server7-badsign.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server7-badsign.crt
new file mode 100644
index 0000000..e0d18b0
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server7-badsign.crt
@@ -0,0 +1,47 @@
+-----BEGIN CERTIFICATE-----
+MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt
+ZWRpYXRlIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owNDELMAkG
+A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw
+WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m
+47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS
+MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr
+d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv
+bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC
+MAAwDQYJKoZIhvcNAQELBQADggIBADU9ZyZWfX1T1Pi0PRBeqpm52pehUX2wMsyi
+KudSpLeN++eS9p/R0hpNuB8WvZcsFy/qul0djPARKGpYgYTZQvOQ10VcY40jxttm
+ETScnnqKH2lMr0asOpM31kKt/ghJS0njUhI9NY6yAI2XhcDzItSpqOhn6YLC3mrW
+DIyBCksLKEu8x/KpRbvj3QK1ez3cHItoxCCe9gy8tMEwb8FE15dtDuL7G7iRb4Dh
+VyL6qzBRvJP9AcQKT4PTaOMwu8O+hClDvLllJzCkJX4qZmQr3jwO8Emi9dvQ87ZF
+cDpLbxqIgtRF8lkxn00UuhuugMgM8ldTd/aRxZrddIgFVNmEdWIWBu5ZTWmBM/FH
+aguuZr3mty7Jh4XZJ0RZ4H7XaYzoVnCK9cA5koRv/gtSQdDh8BiYlJwWx8adqygo
+fibinQnIOhZ4HcnlTDshsb5eY+GtkSLmc8735V5rtEt7zrtahFT5I7r2X6dDiPdD
+Blvb9/5gIMC3fy0NZigDueBOYF78kpxqMRknt6x86irVdbRXw1fpVux24cfTDc/u
+5Eat4YFfM1eKZnuOETumPOoa27jvcYTPMOsUN8+Q8Os6SDkJC8e2obedQoffQC06
+1Xzri3HOHzZrPHLGkwAFNYBynl1/wxGu0vPlmpzJDzc7y0e1FgKqD6YadAQM+APA
+ZKasihO0
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
+MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq
+vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR
+wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF
+CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g
+Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q
+AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2
+qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM
+uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA
+kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P
+d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br
+Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg
+updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY
+a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
+NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE
+AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
+CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l
+fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN
+JAuV9fLJJdB5nZUG3l85Dt27VNkT
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server7-expired.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server7-expired.crt
new file mode 100644
index 0000000..9c423c9
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server7-expired.crt
@@ -0,0 +1,47 @@
+-----BEGIN CERTIFICATE-----
+MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt
+ZWRpYXRlIENBMB4XDTEzMDUxNjA3MTAzN1oXDTIzMDUxNzA3MTAzN1owNDELMAkG
+A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw
+WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m
+47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS
+MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr
+d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv
+bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC
+MAAwDQYJKoZIhvcNAQELBQADggIBAHX0pu54c8rk2F76lxnMKuS+C3Kiwab0KxII
+ZkpAgpk5sj2KxiGrNLDhK0ZGjVlVuUjauySVuBUfrr8GfjQ1xE7RUrxwBrEU5fVs
+FHKscBF58AaIXIPf5xIuCdc2C487Leuu+LIbGsg9EvKq/pg7avIB9hSjvwn5W3m3
+3o8eL/ahD4t5rh8r7hKptY+7dqeraBrmCnitxsRQToMV+jy2RCGD3vYUDxyJc3x+
+m3o7nWGreyLCqPCRgeEh9RKbbhygcoBtdjojZABZmlGa9BO72hK5lhy2a1QiIOiL
+OoBgDFf8gVo81MX02RtSQISZLq/hJ8smtil8oaKgJ+VyGjfCR1uZY7RpaEfP4U+R
+tX8gqt/4TJ4mIJOv4xL12XsV65rZuB7+yhZ6rqWRlZx9Aa4/GqxIbALrQPs17uRX
+41TPIdz3Pjq3w3x3bdGxbyF0TvJRaeobB60KHlrm6DWltY7k2Ucju9oTko6bJLgp
+rCRC1JkTXzWS3jZDqULTVPxDsZjVRqwEl46PPe0gSloB+h/ulq8rNIG1snWTGdNQ
+Bovbko9lFHA8md8f7ZULQ6pB8SV/LH2qufSsWb5LY9ZfHUprwH2oBQ+A9eYkk5ZR
+LJC879ZC8w8LMQfBGT22fLnOJ2qS6GyguB+y17beF8RMgFpiFTzoD1nPQAd9cyGY
+b2ta+9o9
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
+MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq
+vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR
+wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF
+CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g
+Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q
+AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2
+qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM
+uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA
+kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P
+d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br
+Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg
+updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY
+a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
+NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE
+AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
+CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l
+fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN
+JAuV9fLJJdB5nZUG3l85Dt27VNkT
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server7-future.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server7-future.crt
new file mode 100644
index 0000000..b725eb7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server7-future.crt
@@ -0,0 +1,47 @@
+-----BEGIN CERTIFICATE-----
+MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt
+ZWRpYXRlIENBMB4XDTMzMDUxNzA3MTAzN1oXDTQzMDUxODA3MTAzN1owNDELMAkG
+A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw
+WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m
+47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS
+MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr
+d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv
+bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC
+MAAwDQYJKoZIhvcNAQELBQADggIBAFgzS8NNGRayelUleAee5udbk9+fkkxvYA/p
+QEaD+UvuSmgJ7iEU0gx6cJ2RcEbg/NqgrMBni8ayiGptOZRTq4j8bPcrZZCrcsvO
+jFk/yXwWIv1hRofQ8wBynPOgbtPJ5J7zYkE0sqXbAPOWeNdya+R0CuSex5DW9kj/
++tiXGXdGiLKu/FOC9tedfsu67a+ZEK0Q3rbFqsWpHdQcKIEN4A18xPBXNtx/DJuq
+0+fcjtIsigpRvLbLSFuvSI5vWP1MFyuMDTLYVKN1PceRg2yxpKecKbsDpeSRX3R9
+Fs444mDSJs75i8fkdXS4GLXfJjJOft3HbRtEEznF5sITppjr40PszMvOj2njWPPn
+o3ECca7HbhuhtqIGfM5+2mCwPgmm7fEmYILVYgTihFfPKUhGUKN+4Qp75gOzMKds
+7t8NRFTKPEpFmicc1wKfEsp22UWC6azyTu6iVByWlt+fojFbdHjvxDY8iIqBFU6/
+44uLMTxu9r9gMSZK9sX7vGIgeER3RnArP0ZSxAvoxG3lu+QQXwItxnTKQnA3CDra
+MkmwSM5kMewO/Ub1bgkdQ3j/DD0uSwreEdg0fvxaAJIH2N/lOFUWPrzbg8TJR1Sb
+ohctT+uAKoPQrxsZuSdrz9QHOdgkPR6gp9bdnXkZSa9jGX7Pd5Ur5LDEXljol1ZL
+T97oaKB7
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
+MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq
+vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR
+wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF
+CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g
+Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q
+AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2
+qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM
+uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA
+kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P
+d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br
+Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg
+updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY
+a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
+NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE
+AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
+CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l
+fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN
+JAuV9fLJJdB5nZUG3l85Dt27VNkT
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server7.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server7.crt
new file mode 100644
index 0000000..c5c2cb8
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server7.crt
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt
+ZWRpYXRlIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owNDELMAkG
+A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw
+WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m
+47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS
+MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr
+d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv
+bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC
+MAAwDQYJKoZIhvcNAQELBQADggIBADU9ZyZWfX1T1Pi0PRBeqpm52pehUX2wMsyi
+KudSpLeN++eS9p/R0hpNuB8WvZcsFy/qul0djPARKGpYgYTZQvOQ10VcY40jxttm
+ETScnnqKH2lMr0asOpM31kKt/ghJS0njUhI9NY6yAI2XhcDzItSpqOhn6YLC3mrW
+DIyBCksLKEu8x/KpRbvj3QK1ez3cHItoxCCe9gy8tMEwb8FE15dtDuL7G7iRb4Dh
+VyL6qzBRvJP9AcQKT4PTaOMwu8O+hClDvLllJzCkJX4qZmQr3jwO8Emi9dvQ87ZF
+cDpLbxqIgtRF8lkxn00UuhuugMgM8ldTd/aRxZrddIgFVNmEdWIWBu5ZTWmBM/FH
+aguuZr3mty7Jh4XZJ0RZ4H7XaYzoVnCK9cA5koRv/gtSQdDh8BiYlJwWx8adqygo
+fibinQnIOhZ4HcnlTDshsb5eY+GtkSLmc8735V5rtEt7zrtahFT5I7r2X6dDiPdD
+Blvb9/5gIMC3fy0NZigDueBOYF78kpxqMRknt6x86irVdbRXw1fpVux24cfTDc/u
+5Eat4YFfM1eKZnuOETumPOoa27jvcYTPMOsUN8+Q8Os6SDkJC8e2obedQoffQC06
+1Xzri3HOHzZrPHLGkwAFNYBynl1/wxGu0vPlmpzJDzc7y0e1FgKqD6YadAQM+APA
+ZKasihO3
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server7.key b/3rdparty/mbedtls-2.28.7/tests/data_files/server7.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server7.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server7.key
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server7_int-ca-exp.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server7_int-ca-exp.crt
new file mode 100644
index 0000000..a3a8f69
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server7_int-ca-exp.crt
@@ -0,0 +1,47 @@
+-----BEGIN CERTIFICATE-----
+MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt
+ZWRpYXRlIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owNDELMAkG
+A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw
+WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m
+47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS
+MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr
+d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv
+bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC
+MAAwDQYJKoZIhvcNAQELBQADggIBADU9ZyZWfX1T1Pi0PRBeqpm52pehUX2wMsyi
+KudSpLeN++eS9p/R0hpNuB8WvZcsFy/qul0djPARKGpYgYTZQvOQ10VcY40jxttm
+ETScnnqKH2lMr0asOpM31kKt/ghJS0njUhI9NY6yAI2XhcDzItSpqOhn6YLC3mrW
+DIyBCksLKEu8x/KpRbvj3QK1ez3cHItoxCCe9gy8tMEwb8FE15dtDuL7G7iRb4Dh
+VyL6qzBRvJP9AcQKT4PTaOMwu8O+hClDvLllJzCkJX4qZmQr3jwO8Emi9dvQ87ZF
+cDpLbxqIgtRF8lkxn00UuhuugMgM8ldTd/aRxZrddIgFVNmEdWIWBu5ZTWmBM/FH
+aguuZr3mty7Jh4XZJ0RZ4H7XaYzoVnCK9cA5koRv/gtSQdDh8BiYlJwWx8adqygo
+fibinQnIOhZ4HcnlTDshsb5eY+GtkSLmc8735V5rtEt7zrtahFT5I7r2X6dDiPdD
+Blvb9/5gIMC3fy0NZigDueBOYF78kpxqMRknt6x86irVdbRXw1fpVux24cfTDc/u
+5Eat4YFfM1eKZnuOETumPOoa27jvcYTPMOsUN8+Q8Os6SDkJC8e2obedQoffQC06
+1Xzri3HOHzZrPHLGkwAFNYBynl1/wxGu0vPlmpzJDzc7y0e1FgKqD6YadAQM+APA
+ZKasihO3
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
+MTMwNTE2MDcxMDM3WhcNMjMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq
+vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR
+wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF
+CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g
+Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q
+AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2
+qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM
+uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA
+kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P
+d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br
+Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg
+updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY
+a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
+NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE
+AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
+CgYIKoZIzj0EAwIDaAAwZQIxAJH0e4fySJI2nJt1Knd+yU7zn1jTFDAABJMbndhR
+07OSM6vwUaGSMVatSzr8ah+UDgIwaI/MBcorSxT92jAQb1W5dJkEudoYSg49fjAf
+z0BtLCVhFwQlrzCqgXC98SGfT6sZ
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server7_int-ca.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server7_int-ca.crt
new file mode 100644
index 0000000..cb108a4
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server7_int-ca.crt
@@ -0,0 +1,47 @@
+-----BEGIN CERTIFICATE-----
+MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt
+ZWRpYXRlIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owNDELMAkG
+A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw
+WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m
+47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS
+MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr
+d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv
+bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC
+MAAwDQYJKoZIhvcNAQELBQADggIBADU9ZyZWfX1T1Pi0PRBeqpm52pehUX2wMsyi
+KudSpLeN++eS9p/R0hpNuB8WvZcsFy/qul0djPARKGpYgYTZQvOQ10VcY40jxttm
+ETScnnqKH2lMr0asOpM31kKt/ghJS0njUhI9NY6yAI2XhcDzItSpqOhn6YLC3mrW
+DIyBCksLKEu8x/KpRbvj3QK1ez3cHItoxCCe9gy8tMEwb8FE15dtDuL7G7iRb4Dh
+VyL6qzBRvJP9AcQKT4PTaOMwu8O+hClDvLllJzCkJX4qZmQr3jwO8Emi9dvQ87ZF
+cDpLbxqIgtRF8lkxn00UuhuugMgM8ldTd/aRxZrddIgFVNmEdWIWBu5ZTWmBM/FH
+aguuZr3mty7Jh4XZJ0RZ4H7XaYzoVnCK9cA5koRv/gtSQdDh8BiYlJwWx8adqygo
+fibinQnIOhZ4HcnlTDshsb5eY+GtkSLmc8735V5rtEt7zrtahFT5I7r2X6dDiPdD
+Blvb9/5gIMC3fy0NZigDueBOYF78kpxqMRknt6x86irVdbRXw1fpVux24cfTDc/u
+5Eat4YFfM1eKZnuOETumPOoa27jvcYTPMOsUN8+Q8Os6SDkJC8e2obedQoffQC06
+1Xzri3HOHzZrPHLGkwAFNYBynl1/wxGu0vPlmpzJDzc7y0e1FgKqD6YadAQM+APA
+ZKasihO3
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
+MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq
+vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR
+wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF
+CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g
+Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q
+AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2
+qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM
+uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA
+kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P
+d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br
+Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg
+updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY
+a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
+NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE
+AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
+CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l
+fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN
+JAuV9fLJJdB5nZUG3l85Dt27VNkT
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server7_int-ca_ca2.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server7_int-ca_ca2.crt
new file mode 100644
index 0000000..097447f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server7_int-ca_ca2.crt
@@ -0,0 +1,60 @@
+-----BEGIN CERTIFICATE-----
+MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt
+ZWRpYXRlIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owNDELMAkG
+A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw
+WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m
+47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS
+MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr
+d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv
+bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC
+MAAwDQYJKoZIhvcNAQELBQADggIBADU9ZyZWfX1T1Pi0PRBeqpm52pehUX2wMsyi
+KudSpLeN++eS9p/R0hpNuB8WvZcsFy/qul0djPARKGpYgYTZQvOQ10VcY40jxttm
+ETScnnqKH2lMr0asOpM31kKt/ghJS0njUhI9NY6yAI2XhcDzItSpqOhn6YLC3mrW
+DIyBCksLKEu8x/KpRbvj3QK1ez3cHItoxCCe9gy8tMEwb8FE15dtDuL7G7iRb4Dh
+VyL6qzBRvJP9AcQKT4PTaOMwu8O+hClDvLllJzCkJX4qZmQr3jwO8Emi9dvQ87ZF
+cDpLbxqIgtRF8lkxn00UuhuugMgM8ldTd/aRxZrddIgFVNmEdWIWBu5ZTWmBM/FH
+aguuZr3mty7Jh4XZJ0RZ4H7XaYzoVnCK9cA5koRv/gtSQdDh8BiYlJwWx8adqygo
+fibinQnIOhZ4HcnlTDshsb5eY+GtkSLmc8735V5rtEt7zrtahFT5I7r2X6dDiPdD
+Blvb9/5gIMC3fy0NZigDueBOYF78kpxqMRknt6x86irVdbRXw1fpVux24cfTDc/u
+5Eat4YFfM1eKZnuOETumPOoa27jvcYTPMOsUN8+Q8Os6SDkJC8e2obedQoffQC06
+1Xzri3HOHzZrPHLGkwAFNYBynl1/wxGu0vPlmpzJDzc7y0e1FgKqD6YadAQM+APA
+ZKasihO3
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
+MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq
+vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR
+wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF
+CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g
+Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q
+AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2
+qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM
+uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA
+kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P
+d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br
+Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg
+updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY
+a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
+NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE
+AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
+CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l
+fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN
+JAuV9fLJJdB5nZUG3l85Dt27VNkT
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE
+BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0
+IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE
+BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0
+IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO
+4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK
+6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD
+AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd
+bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq
+6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29
+N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server7_spurious_int-ca.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server7_spurious_int-ca.crt
new file mode 100644
index 0000000..fdc1146
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server7_spurious_int-ca.crt
@@ -0,0 +1,65 @@
+-----BEGIN CERTIFICATE-----
+MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt
+ZWRpYXRlIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owNDELMAkG
+A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw
+WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m
+47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS
+MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr
+d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv
+bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC
+MAAwDQYJKoZIhvcNAQELBQADggIBADU9ZyZWfX1T1Pi0PRBeqpm52pehUX2wMsyi
+KudSpLeN++eS9p/R0hpNuB8WvZcsFy/qul0djPARKGpYgYTZQvOQ10VcY40jxttm
+ETScnnqKH2lMr0asOpM31kKt/ghJS0njUhI9NY6yAI2XhcDzItSpqOhn6YLC3mrW
+DIyBCksLKEu8x/KpRbvj3QK1ez3cHItoxCCe9gy8tMEwb8FE15dtDuL7G7iRb4Dh
+VyL6qzBRvJP9AcQKT4PTaOMwu8O+hClDvLllJzCkJX4qZmQr3jwO8Emi9dvQ87ZF
+cDpLbxqIgtRF8lkxn00UuhuugMgM8ldTd/aRxZrddIgFVNmEdWIWBu5ZTWmBM/FH
+aguuZr3mty7Jh4XZJ0RZ4H7XaYzoVnCK9cA5koRv/gtSQdDh8BiYlJwWx8adqygo
+fibinQnIOhZ4HcnlTDshsb5eY+GtkSLmc8735V5rtEt7zrtahFT5I7r2X6dDiPdD
+Blvb9/5gIMC3fy0NZigDueBOYF78kpxqMRknt6x86irVdbRXw1fpVux24cfTDc/u
+5Eat4YFfM1eKZnuOETumPOoa27jvcYTPMOsUN8+Q8Os6SDkJC8e2obedQoffQC06
+1Xzri3HOHzZrPHLGkwAFNYBynl1/wxGu0vPlmpzJDzc7y0e1FgKqD6YadAQM+APA
+ZKasihO3
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBLMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl
+WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8
+ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW
+BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV
+D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw
+FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMAwGA1UdEwQFMAMBAf8wDQYJKoZI
+hvcNAQELBQADggEBABN3b1ltNlBQ9PhwJhxBWENlMNdy1vyKBGH3EdZ7w4uHJJOm
+w8JS5p/B5+9fDIIOThDr80hLq4QOQVJhxAT1/Zsb2OzsTxc1BaCNbBv2Y+FyFcpL
+I8EjMF+gnSgbs46kGKce1EJNrZrkvpCngtNj7qqg9qnPXd1en0z349xHJPmYuWEb
+9sHdVlwnebPm1n9u1NzpktAChb28UFnBYTWraZCtMBMozuMhz6mo66XOEyH06Ypa
+QPOlBmbgW/e+fuXow41QUqP2tvVL6MsmSZFWk8hr45rNRzeTok1M5bW91sZ78We5
+95m3T6IE+qpj2/RILncwy7vWBlFzbuiIA3eSJa8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
+MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq
+vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR
+wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF
+CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g
+Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q
+AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2
+qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM
+uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA
+kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P
+d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br
+Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg
+updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY
+a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
+NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE
+AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
+CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l
+fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN
+JAuV9fLJJdB5nZUG3l85Dt27VNkT
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server8.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server8.crt
new file mode 100644
index 0000000..515b17b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server8.crt
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICqTCCAi6gAwIBAgIBETAMBggqhkjOPQQDAgUAMEsxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEpMCcGA1UEAwwgUG9sYXJTU0wgVGVzdCBJbnRlcm1l
+ZGlhdGUgRUMgQ0EwHhcNMTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQsw
+CQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9z
+dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANscfy4Lzb/O0XUQoKK4
+zn2q4gXgethEY4+1vcCwGbk3uBlKDvFddIBnRocG3lt/BgO9wY1eBxXUW/Tc5c89
++cERLK5quYq9HWdmF+pOvdsVmoKH5PB4w6OFh7D9n6mZX+Mz7MzqC7VhXvFJfj+j
+LeoBDMxCmnabxNA307EXAWEBFll+HBfDU/3RcstMYBXafeLqrVDvjuKL1Gp3VdZw
+2Wu78e45BDijveLR4GZr4pxHmeko5rb8LspnQ4To1YPWnZhrAT6B3Dx6yvnznPfW
+KBsneHzD0NVjp4E0ia0lar3y6u36V/zlNMbBD3Et0ggQG61EQeD+eaBjk4qxXemw
+7m8CAwEAAaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQU4j/mLfTnuKaM3G0XpxhA
+J2F2Dx0wHwYDVR0jBBgwFoAUD4m9Y0Hry14XKP9oMD3BiNCcWDkwDAYIKoZIzj0E
+AwIFAANnADBkAjA3KJ1/SvOZnpmtqturkt+0DhQIXGMRDPnPksCuy/wqGHR8DsWS
+dEa7PQEgrbA60HoCMCpH2fYtcAfhg5gGg+QxmVsUIt/9Gd9syQlnX7wNCfweUeSS
+MxG1isOdUiQTajM1TQ==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server8.key b/3rdparty/mbedtls-2.28.7/tests/data_files/server8.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server8.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server8.key
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server8_int-ca2.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server8_int-ca2.crt
new file mode 100644
index 0000000..e99727d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server8_int-ca2.crt
@@ -0,0 +1,35 @@
+-----BEGIN CERTIFICATE-----
+MIICqTCCAi6gAwIBAgIBETAMBggqhkjOPQQDAgUAMEsxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEpMCcGA1UEAwwgUG9sYXJTU0wgVGVzdCBJbnRlcm1l
+ZGlhdGUgRUMgQ0EwHhcNMTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQsw
+CQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9z
+dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANscfy4Lzb/O0XUQoKK4
+zn2q4gXgethEY4+1vcCwGbk3uBlKDvFddIBnRocG3lt/BgO9wY1eBxXUW/Tc5c89
++cERLK5quYq9HWdmF+pOvdsVmoKH5PB4w6OFh7D9n6mZX+Mz7MzqC7VhXvFJfj+j
+LeoBDMxCmnabxNA307EXAWEBFll+HBfDU/3RcstMYBXafeLqrVDvjuKL1Gp3VdZw
+2Wu78e45BDijveLR4GZr4pxHmeko5rb8LspnQ4To1YPWnZhrAT6B3Dx6yvnznPfW
+KBsneHzD0NVjp4E0ia0lar3y6u36V/zlNMbBD3Et0ggQG61EQeD+eaBjk4qxXemw
+7m8CAwEAAaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQU4j/mLfTnuKaM3G0XpxhA
+J2F2Dx0wHwYDVR0jBBgwFoAUD4m9Y0Hry14XKP9oMD3BiNCcWDkwDAYIKoZIzj0E
+AwIFAANnADBkAjA3KJ1/SvOZnpmtqturkt+0DhQIXGMRDPnPksCuy/wqGHR8DsWS
+dEa7PQEgrbA60HoCMCpH2fYtcAfhg5gGg+QxmVsUIt/9Gd9syQlnX7wNCfweUeSS
+MxG1isOdUiQTajM1TQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MjMwNTE3MDkyNzAyWhcNMzMwNTE3MDkyNzAyWjBLMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl
+WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8
+ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW
+BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV
+D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw
+FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMAwGA1UdEwQFMAMBAf8wDQYJKoZI
+hvcNAQELBQADggEBAHTN0URrP2MpwD8vODymjjq7iaB7WFZ4CWUjx9LWu3PPZbX2
+12MxzkyFaVR7rnPKZSFHJJEmNaPDJWwYhGQRXLCoD6NiJy6De4fa5gSYoXthRGFf
+GnFXZu3e37GDKoKP87TZ+VXcyx6PHvPxJB3/9N94Vj2Yh3hCs7F72GmwfDww6ooj
+whIqhxBYOhPleANs70FZ7Y7tjZV1RtQ1/9sRcbyv9OvdPuWvukBVq1KM6nqVHBZ3
+/4kHBWaFaWMq/AAxMxaTGFAOA8S2yU56jkB65viQrpQQWffBJWK+WfrcgxRWqR33
+hqG3yT1IWbJ5E11XL9TCKD+DReqeXHyYawx8fBU=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server9-bad-mgfhash.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server9-bad-mgfhash.crt
new file mode 100644
index 0000000..ad29942
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server9-bad-mgfhash.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDYzCCAhagAwIBAgIBGDBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAQUA
+oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCBAUAogQCAgDeMDsxCzAJBgNVBAYT
+Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD
+QTAeFw0yMzA1MTcwODM5NDhaFw0zMzA1MTcwODM5NDhaMDQxCzAJBgNVBAYTAk5M
+MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe
+qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv
+5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp
+C9pAlQIDAQABo4GSMIGPMB0GA1UdDgQWBBTu88f1HxWlTUeJwdMiY7Lfp869UTBj
+BgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMC
+TkwxETAPBgNVBAoMCFBvbGFyU1NMMRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENB
+ggEDMAkGA1UdEwQCMAAwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgEFAKEc
+MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgQFAKIEAgIA3gOCAQEAaQlf1GPhvPHp
+hFgTdIB5x5zACVb4a4ONuySVckfMpWk2nlkRSu3Kgv4j8l/jfNpfr+we4lG72xEn
+FV3em8dEzxvXd5jXCfR/hWJKYVoWh0055qWw7FpG20vRFKttU8UFclL7KvMs4InZ
+vDpbPs5EwBQXTg/manL9TD9t/zqWAUJj1yHWiIISYzfWmsaoTi8jNxSR1+lkmPPP
+ZWQwyUJrh82Mw3VwNGxXOfpGIwmjXPia8MafjjH/RtHNx7ukCk+6q1ZlH57NolZJ
+dlQTJv21+vxyYr6GZdHXzdJwWMnFSof6VGwayNzetSnVhJb0SQqTBt8Vu5xQtXGa
+QcCjGyCAIg==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server9-bad-saltlen.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server9-bad-saltlen.crt
new file mode 100644
index 0000000..45bf20e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server9-bad-saltlen.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDYzCCAhagAwIBAgIBGDBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAQUA
+oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogQCAgDeMDsxCzAJBgNVBAYT
+Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD
+QTAeFw0yMzA1MjIwNzMwMDZaFw0zMzA1MTkwNzMwMDZaMDQxCzAJBgNVBAYTAk5M
+MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe
+qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv
+5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp
+C9pAlQIDAQABo4GSMIGPMAkGA1UdEwQCMAAwHQYDVR0OBBYEFO7zx/UfFaVNR4nB
+0yJjst+nzr1RMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7
+MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFy
+U1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgEFAKEc
+MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIEAgIA3gOCAQEAlQo9OnchZbLQ
+PTXs9NgXDoQb4JvUG/Fsq09/e8ivWaHkE7mKeNRrP8qMdAw914Bs1NQf9F75CWJe
+5YtmLcE5gSbVj3qa6zVuQWEcrseKz6wpAFLsHKbF6kKfUgcI56xmD2DhhIHny+5B
+9ObM0RQpCmAYXjU2CvknXeBzpX2cGOLD/Nexk1oBF6PI0rDUBqg3cexsJ5XfJwYg
+tkjkZ321s9N09BsioauH6d9x9/Ysz7Qp7Bqpb1E7dV4bDuT5vwPWwPIUAav897Vt
+s0uMZHoVasj57UwqDv8tm0db6f2VOL7r5GBMjbp6newW8Me47uXSBXKy8tFJMolj
+yKuEQkKKyA==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server9-badsign.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server9-badsign.crt
new file mode 100644
index 0000000..8656b1a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server9-badsign.crt
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG
+EwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3Qg
+Q0EwHhcNMjMwNTE3MDgwNDAwWhcNMzMwNTE3MDgwNDAwWjA0MQswCQYDVQQGEwJO
+TDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkq
+hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g
+HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo
+r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0
+qQvaQJUCAwEAAaOBkjCBjzAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy36fOvVEw
+YwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYT
+Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD
+QYIBAzAJBgNVHRMEAjAAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQC2DLHQ05x6
+imJNztE/Tnk/lPQ01Pw6Girdbk4bgxcGwGj+1u5wAIHNpJ50TOggg3HxTyb7p344
+/tVMxz7nrHZQ5ASdn2kDCyCmEqhmj48isWAIml+7J9cBeImJoEfYqjtqtoVkGxFy
+SuoZAQWkkqDpyFhKhIjLQ8JuSE6wWMX/kc6TFSSxepnZU1SFOXfCiaVr5tFQzBP7
+loppIANLjKeMjpOdU86PmRQ2LyzaCH1OMnjVndeqNmZt0NyzZ18cFPvm6+DVVVuP
+Q+6nReShCdAlU+dJqsqj8JsQneNMTxjv4OBoXVmE/kZTj/DBTtwmxkVi7K4aYMFi
+UYUZ4RiwG1/0
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server9-defaults.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server9-defaults.crt
new file mode 100644
index 0000000..8613f52
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server9-defaults.crt
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC+TCCAeGgAwIBAgIBSDANBgkqhkiG9w0BAQowADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjA0MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2gHqroDsK7
+E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOor+c4mwiL
+Y5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0qQvaQJUC
+AwEAAaOBkjCBjzAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy36fOvVEwYwYDVR0j
+BFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBDQYIBAzAJ
+BgNVHRMEAjAAMA0GCSqGSIb3DQEBCjAAA4IBAQASsc5y7sDP4prOLGAl2EB5d+Gg
+w/Vk9+g3KXpeIUCL6gmECNLENmmBe6zZR8/Ax6R1hUe/Cbflepxsx627Eg29NCZK
+Bo/AQoz658kwEzr4jhF8M6y9sdsf5/OauoRxDLcMEywIkgmuFvZIpyEwXix6arsK
+mNWnW0FwSr2NaXozD7OquGwTEAvAbtei+5JAeVvvGi1u32D2JPVHk3zv05LXtx8b
+8bEmzZLthFk3GbSkGHC3K5rjNgTMwY0BhNBW6qFyY5mL0bHVDbZQxD9RRwDifGty
+fTo7odJDAHU1xucWF6dOU5nAqiFKlc3eITdBKt+d10yBSr7qXciHkHpAzCvh
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server9-sha224.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server9-sha224.crt
new file mode 100644
index 0000000..ed648c8
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server9-sha224.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDYzCCAhagAwIBAgIBFzBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCBAUA
+oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCBAUAogQCAgDiMDsxCzAJBgNVBAYT
+Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD
+QTAeFw0yMzA1MTcwNzEwMzdaFw0zMzA1MTQwNzEwMzdaMDQxCzAJBgNVBAYTAk5M
+MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe
+qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv
+5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp
+C9pAlQIDAQABo4GSMIGPMAkGA1UdEwQCMAAwHQYDVR0OBBYEFO7zx/UfFaVNR4nB
+0yJjst+nzr1RMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7
+MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFy
+U1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgQFAKEc
+MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgQFAKIEAgIA4gOCAQEAjG73ZOe2pQn6
+jqiTHALGM0IG8BBCamo3gzbCjZPz3ZnTpZii1pQSFPGEBaKCgrtKrjvoP21ZDUnq
+3HjTUzGtGbHk3h+UJcVYgFuONidguUDaALGtXIPWUlqBBeJL+Y+01zJRnMpC2hV7
+JUOM3es02te8RM6srCdW1fP9x+Lx4G2Kjj7kEzKafEbwFesS4LbBXsWkID8xDPHO
+DLKvg66tPeksDBT4n7f7H51eNlyIwwMDKTc+N9Ri5OeW1HOqtbyo/yJlHvQqnCld
+E8gW+AVoeZmN6n/4yemnCEkFRqgbRSIGVoPmOY9d/FfGLmClcaZFPcH+w1JDhF71
+3egYnUY/9g==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server9-sha256.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server9-sha256.crt
new file mode 100644
index 0000000..ef37b3f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server9-sha256.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDYzCCAhagAwIBAgIBFzBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAQUA
+oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogQCAgDeMDsxCzAJBgNVBAYT
+Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD
+QTAeFw0yMzA1MTcwNzEwMzdaFw0zMzA1MTQwNzEwMzdaMDQxCzAJBgNVBAYTAk5M
+MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe
+qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv
+5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp
+C9pAlQIDAQABo4GSMIGPMAkGA1UdEwQCMAAwHQYDVR0OBBYEFO7zx/UfFaVNR4nB
+0yJjst+nzr1RMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7
+MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFy
+U1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgEFAKEc
+MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIEAgIA3gOCAQEAXcWlfbIjRJX3
+eCkj03eKLvhawFndN6mWMOTVvr20Vdhhn57wngSKYgtsbOZhpT+pIXTTpxhku7uS
+Pg6NDU0W13xbrcIsYxkZRcN6AYcnV0NxnhdfkmxwDjLyohgm8IdgvHb04r73OP0j
+KmnZfJJpnxkVGD8NFGj2hBCR7ynbVBAfJegl0Lruxc4AlrniG6MW9xfkmE3EfOQg
+dwZv3UuhxzEhLmR933BCijwfhBVfyzarGjDtZjQYNwWKhRl+OXM+L14Ofq7htSxz
+kSM5KJfCAzLFNd6N2YU84IhqwTS4CZ/bE1HchEYPtXm97bj8Vldrfv2up/4Rc0kF
+a8P+xLLmug==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server9-sha384.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server9-sha384.crt
new file mode 100644
index 0000000..2ea0108
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server9-sha384.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDYzCCAhagAwIBAgIBFzBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAgUA
+oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAgUAogQCAgDOMDsxCzAJBgNVBAYT
+Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD
+QTAeFw0yMzA1MTcwNzEwMzdaFw0zMzA1MTQwNzEwMzdaMDQxCzAJBgNVBAYTAk5M
+MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe
+qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv
+5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp
+C9pAlQIDAQABo4GSMIGPMAkGA1UdEwQCMAAwHQYDVR0OBBYEFO7zx/UfFaVNR4nB
+0yJjst+nzr1RMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7
+MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFy
+U1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgIFAKEc
+MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgIFAKIEAgIAzgOCAQEAmTU2HqAA7gbB
+tJlDAve8nGbdCim4YjRXWceHGCpoFIWrs6onlHCvnZ2Wr8iPk+wnd7ShIpp8vGb/
+476y8pfaA2n8vYWhQKDCTTUXJN4tUc7i8Uz4RGdK48vHVvZCtCT/8MmPPouOIZcU
+/Kkenw2jv5R/CpiirVUsjNx6BYcdu1zzEU+uoBLom6sZ6LGRlIB0prFWcxrVjfzx
+2C8ZxMW8NWj6EQipQJ2U+CCycA2HkbCmt3FnEXmN5OWThvnKdshoPkMn2HwhAOzn
+cjZQhQT3WSufvZ9bYe7HZ5e1e7k6aMXBvW89ECxc12mZfSjlYmlvfHZuO8D2sP2i
+RidkcXFMxQ==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server9-sha512.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server9-sha512.crt
new file mode 100644
index 0000000..4abdf68
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server9-sha512.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDYzCCAhagAwIBAgIBFzBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAwUA
+oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAwUAogQCAgC+MDsxCzAJBgNVBAYT
+Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD
+QTAeFw0yMzA1MTcwNzEwMzdaFw0zMzA1MTQwNzEwMzdaMDQxCzAJBgNVBAYTAk5M
+MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe
+qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv
+5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp
+C9pAlQIDAQABo4GSMIGPMAkGA1UdEwQCMAAwHQYDVR0OBBYEFO7zx/UfFaVNR4nB
+0yJjst+nzr1RMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7
+MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFy
+U1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgMFAKEc
+MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgMFAKIEAgIAvgOCAQEAVut9oL/0V/vo
+f9VKxAZfyy0zFy+LOHzV1H5qQaPKJnXIAUp/sDtvOjugqHKjamg6dCIVy292Yxcx
+rW8WcMR1Bj9MQ5Qrv++TZ0a1e0qet1GYxj4MQkU30XlJq/Jh7ede9Vh/yBxKTQq7
+oaJ6fOTFWcz1JZDrZrKffBOqIp5jQWPARilUDN6FiRNYV3/14aWVGnNbqGfoY8CC
+WvpC0iAvrQxjdQQf6nIYrzcGNzvrpRbhpzBPUyUIrM1o+nyiNAJPlyncjFwmfw9g
+80FP1XnRIIKmlTTG7ivkjHKzE6WXZSQPjArg0jxQAX1uLKJGFhu+ueKyoPOHQXS0
+O1z3OQn3+w==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server9-with-ca.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server9-with-ca.crt
new file mode 100644
index 0000000..51c0ada
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server9-with-ca.crt
@@ -0,0 +1,39 @@
+-----BEGIN CERTIFICATE-----
+MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG
+EwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3Qg
+Q0EwHhcNMjMwNTE3MDgwNDAwWhcNMzMwNTE3MDgwNDAwWjA0MQswCQYDVQQGEwJO
+TDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkq
+hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g
+HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo
+r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0
+qQvaQJUCAwEAAaOBkjCBjzAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy36fOvVEw
+YwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYT
+Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD
+QYIBAzAJBgNVHRMEAjAAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQC2DLHQ05x6
+imJNztE/Tnk/lPQ01Pw6Girdbk4bgxcGwGj+1u5wAIHNpJ50TOggg3HxTyb7p344
+/tVMxz7nrHZQ5ASdn2kDCyCmEqhmj48isWAIml+7J9cBeImJoEfYqjtqtoVkGxFy
+SuoZAQWkkqDpyFhKhIjLQ8JuSE6wWMX/kc6TFSSxepnZU1SFOXfCiaVr5tFQzBP7
+loppIANLjKeMjpOdU86PmRQ2LyzaCH1OMnjVndeqNmZt0NyzZ18cFPvm6+DVVVuP
+Q+6nReShCdAlU+dJqsqj8JsQneNMTxjv4OBoXVmE/kZTj/DBTtwmxkVi7K4aYMFi
+UYUZ4RiwG1/7
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDRDCCAiygAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx
+mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny
+50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n
+YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL
+R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu
+KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj
+UzBRMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68
+x/3/MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEB
+BQUAA4IBAQCz557ZZmWv5UTTHebzTyVzku5ldpcicJPqKHP3xZ4tPPY52JQyJg/T
+hsRB44yTyNo3/jo9or2KgVnc+/nCmnlvTq22a/j26DtKZ7wD9MWxunpkqRwExtA/
+G816msrl6X6m50WwdLXTvaVJGXCYp8TPVLx5YY3WPIVoX0CPN7Hs9iNJNiEWo4Qf
+7dAqjWBB/QpusmWhjaDSc4+cFhT24Yo9HuS1yrkUTrBtJaj0AykTsiyFm6SBVDNH
+9XIxCgYy9QrYbDKNtJXhuevpN0yUMV/aUnIkU2wTTouhOzZisjNk0sS1guqmSHzf
+hlf8qotOhNvFXpEsCGwZUywayo7c4DtO
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/server9.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/server9.crt
new file mode 100644
index 0000000..26567ae
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/server9.crt
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG
+EwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3Qg
+Q0EwHhcNMjMwNTE3MDgwNDAwWhcNMzMwNTE3MDgwNDAwWjA0MQswCQYDVQQGEwJO
+TDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkq
+hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g
+HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo
+r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0
+qQvaQJUCAwEAAaOBkjCBjzAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy36fOvVEw
+YwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYT
+Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD
+QYIBAzAJBgNVHRMEAjAAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQC2DLHQ05x6
+imJNztE/Tnk/lPQ01Pw6Girdbk4bgxcGwGj+1u5wAIHNpJ50TOggg3HxTyb7p344
+/tVMxz7nrHZQ5ASdn2kDCyCmEqhmj48isWAIml+7J9cBeImJoEfYqjtqtoVkGxFy
+SuoZAQWkkqDpyFhKhIjLQ8JuSE6wWMX/kc6TFSSxepnZU1SFOXfCiaVr5tFQzBP7
+loppIANLjKeMjpOdU86PmRQ2LyzaCH1OMnjVndeqNmZt0NyzZ18cFPvm6+DVVVuP
+Q+6nReShCdAlU+dJqsqj8JsQneNMTxjv4OBoXVmE/kZTj/DBTtwmxkVi7K4aYMFi
+UYUZ4RiwG1/7
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/server9.key b/3rdparty/mbedtls-2.28.7/tests/data_files/server9.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/server9.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/server9.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-alt-good.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-alt-good.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-alt-good.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-alt-good.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-alt.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-alt.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-alt.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-alt.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-alt.csr b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-alt.csr
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-alt.csr
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-alt.csr
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-alt.key b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-alt.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-alt.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-alt.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-good-alt.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-good-alt.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-good-alt.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-good-alt.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-sha1.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-sha1.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-sha1.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-sha1.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-sha1.crt.der b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-sha1.crt.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-sha1.crt.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-sha1.crt.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-sha256.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-sha256.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-sha256.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-sha256.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-sha256.crt.der b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-sha256.crt.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca-sha256.crt.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-sha256.crt.der
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-v1.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-v1.crt
new file mode 100644
index 0000000..2f10f6d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca-v1.crt
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDHzCCAgcCDFOito4FQA5VXJOV5TANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD
+DBNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLDAd0ZXN0aW5nMREwDwYDVQQK
+DAhQb2xhclNTTDELMAkGA1UEBhMCTkwwHhcNMTkwMjEwMTQ0NDAwWhcNMjkwMjEw
+MTQ0NDAwWjBQMRwwGgYDVQQDDBNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQL
+DAd0ZXN0aW5nMREwDwYDVQQKDAhQb2xhclNTTDELMAkGA1UEBhMCTkwwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx
+mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny
+50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n
+YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL
+R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu
+KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAEw
+DQYJKoZIhvcNAQELBQADggEBAAtVAWmbymwKDj9v8m7SVLHF0mw4i3gBFVPJqYRQ
+y9CnUD68kUr4qK7wyQIv/gDRYuqZVNnBq4Jwzm+tPEBHpYAF5H/7Mynpb4h+uZ3a
+6kaWURXKzx53ZuFHLu1FuRov+SZU3ZtXClTYFKeyDb+fcth/8thR9V59v7ZE7zlb
+8zbyL+dqfyxvmxZCUzHbNKVrliiUUFXfW53T+B7Ysxner5mnqM1aPxckhXVHEJ47
+TBoIhpBoJ/HmHCiWz8BeoowSpG7u+QOezIKk8l5Pd2f8MeqwyaqIeAy0lh2nP7pB
+UtWET/0bsdiPn8SR9B3hWpKUDRvnHDDZuZiKtrdDEqsD04M=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.crt
new file mode 100644
index 0000000..ef7e4c7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDRDCCAiygAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx
+mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny
+50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n
+YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL
+R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu
+KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj
+UzBRMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68
+x/3/MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEB
+BQUAA4IBAQCz557ZZmWv5UTTHebzTyVzku5ldpcicJPqKHP3xZ4tPPY52JQyJg/T
+hsRB44yTyNo3/jo9or2KgVnc+/nCmnlvTq22a/j26DtKZ7wD9MWxunpkqRwExtA/
+G816msrl6X6m50WwdLXTvaVJGXCYp8TPVLx5YY3WPIVoX0CPN7Hs9iNJNiEWo4Qf
+7dAqjWBB/QpusmWhjaDSc4+cFhT24Yo9HuS1yrkUTrBtJaj0AykTsiyFm6SBVDNH
+9XIxCgYy9QrYbDKNtJXhuevpN0yUMV/aUnIkU2wTTouhOzZisjNk0sS1guqmSHzf
+hlf8qotOhNvFXpEsCGwZUywayo7c4DtO
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.der b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.der
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.key b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.key
new file mode 100644
index 0000000..de8be1d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.key
@@ -0,0 +1,30 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: AES-128-CBC,781840E6B804AE83D2AF71127C4CE314
+
+etQ3xgGLbuYF9vR1km03TH5fwfly1hOlix0PtfQ+t9HG065vTtSEHYc/OyHwdy79
+NCLX5RUrPh06E/XlKzMNVHAXqkwFnIwNzRLsOozeP1L7iZEZb9QMeiN5Org+btCO
+bylXPB4YirfuE7GSJalWY/pq3FQtD33zTIKmNhXfVj3sbwGI/8D9XjaKUb8PODOB
+skOalmx6RvYRvg0lmRxB3+T3wejIsrrDPweYqte9B6dVHIVG1ZmvoA6/wnKZZZeV
+sjj8OpL3OwUBrjuGSknE9Rs6kCuSCbHOYVK8VzcZmCYpie0TFnb3Sk8M6vjfW+45
+U7WUMlSAPxKH6lJDzWdwHqLvsVJwuNnaAaBXg9/8U/rzQEWuq8Ar3s8fw2Jg3F1G
+L6N5ZAEfCz3Sa0N9WKafR/RSQj+rq8Z3w4POAafhbzk249uo5K8B1Z3cQwLxeXIl
+UbRQz1TZy4oNTfQzCahYruPNyvwgTkfwAFFvbLAdaiJd2ZtLBoqYE64TYakYnvcC
+itim1bmySIKoxlMfBGFmMuF03epT0pSx701jlGzGi0l0m16NEjoVxDwo5j93SmiM
+sQdjC1lOGk2iCLkphIQqHFjFJYWjvh1UUIqWZf+ZWOOxlf4x9a1pUVj6FvtECxNB
+/mA/m4Iq4LAuVXHE1MpHeq067lJ6wWlrsb2WVmiNGfQ2AC7fMtpcPuunBVT9NV1m
+1rbDzIgLIWAzqz/cy3N8Q8vfxnrFtmNUyM191Zyq+YF14hIKWX9J1qR4LXwWAzVV
+UrC8IL4pA2mtRkW4qFsB0EmHAxO/cedDTPjVFty5WSzhNuvYZxX45HAkGIfK6d21
+7WHPhHG+zaaUTWMUVixB0IcKp6RecjYPFzBHS0YeX88Ue2cyT/90jMiQ9ssOgRrG
+ZJRJvZAc3TSCnY9sNPYoGrJPiZuCnlUj3ENNurYVy12ai0WFxwnNUZjRUhDS6hjm
+cDHD5TlI9MZ6M+Mb/Bw4Ig8HuTHOtQBYD9vhtXsG+B7H/j6cS+1umaKjrnG/kK4W
+R6YXwM2faAi+DwgjjoMXSzRqSTF8PdTIWbAXo3bc2qsXPTMBA8PEp4nb5scHZ4Ts
+EcBNp2jv0j4gBkRmGIab17cWMrlagjFy89DhqZUFwKdeZs+yJ92A5xstWxOUfpEP
+90T/bsp1G5d7WW5fl2TRJvYJNDM+djkKIh0zCkduiZ36oVM6nDdbjmXqjQXopeSD
+gtOourBRF8g99W0fW8QT+yPhP0Pkyz6EG8eQO6Zwh439xdoVwu9jUzQAPmZ0uNeR
+xTXXihYyv72z27rInjLiIPXL25K9eDVLlcSR3RyG7YYgjdQAL2VJDLcBz5jox1uQ
+0guoD5wmfu2FWLqYE7HeTYntdY53lCflwq0GHRMjrrsVpx+5VDQ6Yi47Ny9SWLcp
+fPI3iBkXuGRWupzs6N4pQdSO0dU28KfpMM5QvFoLIn67brCHEQij4dgFrCTYEyBX
+9+jiNImUFYUhAFuxvUbfZt4O/ABLIElvHLfJs1oYCmI/nWpvLFqXB5rnzPNfEi0H
+PGGe1Hj/t+CJIp/6ios3yNy2QtXO754TZH2UVu51Ykyig5PFjZVoUkbRvHQYcWfU
+-----END RSA PRIVATE KEY-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.key.der b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.key.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.key.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.key.der
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.opensslconf b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.opensslconf
new file mode 100644
index 0000000..f03f5fd
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.opensslconf
@@ -0,0 +1,94 @@
+[req]
+x509_extensions = v3_ca
+distinguished_name = req_dn
+
+[req_dn]
+countryName = NL
+organizationalUnitName = PolarSSL
+commonName = PolarSSL Test CA
+
+[v3_ca]
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+basicConstraints = CA:true
+
+[no_subj_auth_id]
+subjectKeyIdentifier=none
+authorityKeyIdentifier=none
+basicConstraints = CA:true
+
+[othername_san]
+subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:hw_module_name
+
+[nonprintable_othername_san]
+subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:nonprintable_hw_module_name
+
+[unsupported_othername_san]
+subjectAltName=otherName:1.2.3.4;UTF8:some other identifier
+
+[dns_alt_names]
+subjectAltName=DNS:example.com, DNS:example.net, DNS:*.example.org
+
+[alt_names]
+DNS.1=example.com
+otherName.1=1.3.6.1.5.5.7.8.4;SEQ:hw_module_name
+DNS.2=example.net
+DNS.3=*.example.org
+
+[multiple_san]
+subjectAltName=@alt_names
+
+[ext_multi_nocn]
+basicConstraints = CA:false
+keyUsage = digitalSignature, nonRepudiation, keyEncipherment
+subjectAltName = DNS:www.shotokan-braunschweig.de,DNS:www.massimo-abate.eu,IP:192.168.1.1,IP:192.168.69.144
+
+[hw_module_name]
+hwtype = OID:1.3.6.1.4.1.17.3
+hwserial = OCT:123456
+
+[nonprintable_hw_module_name]
+hwtype = OID:1.3.6.1.4.1.17.3
+hwserial = FORMAT:HEX, OCT:3132338081008180333231
+
+[v3_any_policy_ca]
+basicConstraints = CA:true
+certificatePolicies = 2.5.29.32.0
+
+[v3_any_policy_qualifier_ca]
+basicConstraints = CA:true
+certificatePolicies = @policy_info
+
+[v3_multi_policy_ca]
+basicConstraints = CA:true
+certificatePolicies = 1.2.3.4,2.5.29.32.0
+
+[v3_unsupported_policy_ca]
+basicConstraints = CA:true
+certificatePolicies = 1.2.3.4
+
+[policy_info]
+policyIdentifier = 2.5.29.32.0
+CPS.1 ="CPS uri string"
+
+[fan_cert]
+extendedKeyUsage = 1.3.6.1.4.1.45605.1
+
+[noext_ca]
+basicConstraints = CA:true
+
+[test_ca]
+database = /dev/null
+
+[crl_ext_idp]
+issuingDistributionPoint=critical, @idpdata
+
+[crl_ext_idp_nc]
+issuingDistributionPoint=@idpdata
+
+[idpdata]
+fullname=URI:http://pki.example.com/
+
+# these IPs are the ascii values for 'abcd' and 'abcd.example.com'
+[tricky_ip_san]
+subjectAltName=IP:97.98.99.100,IP:6162:6364:2e65:7861:6d70:6c65:2e63:6f6d
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.req.sha256 b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.req.sha256
new file mode 100644
index 0000000..1114338
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.req.sha256
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICgDCCAWgCAQAwOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw
+FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAwN83/Be74JadP4beljJ9RKUWoM0h8ZnU7OrLfBhYCJSl7JvFi98a
+Hpk4mYcee8CNOd84XXB4B9Oe2ZPouXJRxc6jMFKp8udAcBTLRKJyC8LlQPk+5aYO
+s/nsSmPAuCkAdJxXO6ilBJBx8b2D2T/WpeI8Ko/vJ2DDxp/LuuxgfbfmhDK+T/tY
+JiIDW9S01fv145YucMDkLr38Lu7iQVXANC59JHJpy0exFECDfWf0hvYxq/F5pLK1
+LhL5hBfwYm8nPhNYsVQNIZpzN6Ewz2+S3Pbp/KzbLijRfgJLI6AV8jhlZAnqDG6O
+Gxegccizm8mr6cPyz4eWj4ACMp6ZWG+i1QIDAQABoAAwDQYJKoZIhvcNAQELBQAD
+ggEBAKI+q840+CyPj6DJDJr9mP/aE8U+VyxbarQuZHxbiyS2HDuNQNFvP2TmCDRx
+juERTU8yDOj3F2p7JhFF4QkCP2TP4JFYjLlOE7ISxYegGdJNNO6W00btMHG1s0aW
+uPcPIIy9HxGiOFFmjYz7Jo8mcFl+bl4ET7zPoj21R4dOl7E3oYLtEZqTuiWnfW2H
++whurU13PYyog3jvJex99VIL8ZRliUSKgdmQ7A4GMvE6kf6Uk+441ynZ7RQr4jF9
+xsVIrR7cyt/SsVEYF+2SfJi0dO9pf6yV3PdwtpU2URTyZoitlneqEINXKi7Qx6E+
++f5fAI8FbCJtgKEKf2TfqiH6sCI=
+-----END CERTIFICATE REQUEST-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.req_ec.sha256 b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.req_ec.sha256
new file mode 100644
index 0000000..6d46b2a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.req_ec.sha256
@@ -0,0 +1,9 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBOTCBvQIBADA+MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxHDAa
+BgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwdjAQBgcqhkjOPQIBBgUrgQQAIgNi
+AATD2is0QTdYL4dW/vyJuilDS07gbsMOV1MzOVjUUrSRlTkLI99fFyRiSPwalSnO
+LC2HwohSgK/Waqsh3bjTHG5YuMrosmmO80GtKcO0X3WnR2/VGSlVaZpTOyC0ZhZg
+Mx6gADAMBggqhkjOPQQDAgUAA2kAMGYCMQDElef9+KfRbZOA29ZyU750fB3ob82E
+8R711+hk9HOsk0G9Uccp3tT+1nhCcMNhnWsCMQD6Y8e9jcEaKSPiWWfgCZ5NaQ5l
+pvPDUdcPV8sZt2cgNS8fcRIIHblQKvr6miHXl9Y=
+-----END CERTIFICATE REQUEST-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.server1.db b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.server1.db
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.server1.db
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.server1.db
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.server1.future-crl.db b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.server1.future-crl.db
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.server1.future-crl.db
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.server1.future-crl.db
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.server1.future-crl.opensslconf b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.server1.future-crl.opensslconf
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.server1.future-crl.opensslconf
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.server1.future-crl.opensslconf
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.server1.opensslconf b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.server1.opensslconf
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca.server1.opensslconf
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca.server1.opensslconf
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2-expired.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2-expired.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2-expired.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2-expired.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.crt.der b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.crt.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.crt.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.crt.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.key b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.key.der b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.key.der
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.key.der
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.key.der
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.key.enc b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.key.enc
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca2.key.enc
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.key.enc
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-crl.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-crl.crt
new file mode 100644
index 0000000..303a2c0
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-crl.crt
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIB2DCCAV6gAwIBAgIUN3DAVq0Kn9k3FPUPZGW2d3rZn28wCgYIKoZIzj0EAwIw
+PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh
+cnNzbCBUZXN0IEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1ow
+PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh
+cnNzbCBUZXN0IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+H
+Vv78ibopQ0tO4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqr
+Id240xxuWLjK6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeox0wGzAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBAjAKBggqhkjOPQQDAgNoADBlAjAxoq/Q4PEA
+8SDd3cQaVIwx8oJVEzfJo1BB2w1LnjvUXZrQydjNXMU4Jgorm/2/uLgCMQCyI6cZ
+EAIgKPYlT6/zJHBj45qejs527OfI4Xn+kQ7OvHQtHaCAzQw4h7Jfx+gXaUo=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-crl.crt.openssl.v3_ext b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-crl.crt.openssl.v3_ext
new file mode 100644
index 0000000..4bc5d3c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-crl.crt.openssl.v3_ext
@@ -0,0 +1,4 @@
+basicConstraints = CA:true
+subjectKeyIdentifier=none
+keyUsage = cRLSign
+
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-crt.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-crt.crt
new file mode 100644
index 0000000..5cad7b2
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-crt.crt
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIB2DCCAV6gAwIBAgIUYDcYIJ6EBbKafKeXLgPLE+RsJZowCgYIKoZIzj0EAwIw
+PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh
+cnNzbCBUZXN0IEVDIENBMB4XDTIzMDUxMjEwMzEwNVoXDTMzMDUxMjEwMzEwNVow
+PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh
+cnNzbCBUZXN0IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+H
+Vv78ibopQ0tO4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqr
+Id240xxuWLjK6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeox0wGzAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwICBDAKBggqhkjOPQQDAgNoADBlAjBwsfyYiZB6
+PpDgIbYRbZ4VT9GGFNE3L4C1IH8RNwzvywLvQfVp3ocRAkzEoRpmKAsCMQDOGm48
+d7zKl7IzmBuOWXYlukWDDWwpNI67z7g0JawfypKIxcPTZFiQXVtDdTdkrGY=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-crt.crt.openssl.v3_ext b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-crt.crt.openssl.v3_ext
new file mode 100644
index 0000000..997c893
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-crt.crt.openssl.v3_ext
@@ -0,0 +1,4 @@
+basicConstraints = CA:true
+subjectKeyIdentifier=none
+keyUsage = keyCertSign
+
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-crt_crl.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-crt_crl.crt
new file mode 100644
index 0000000..4c69582
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-crt_crl.crt
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIB2TCCAV6gAwIBAgIUd5f42F4ahjkx9AIN035pcF4WFikwCgYIKoZIzj0EAwIw
+PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh
+cnNzbCBUZXN0IEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1ow
+PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh
+cnNzbCBUZXN0IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+H
+Vv78ibopQ0tO4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqr
+Id240xxuWLjK6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeox0wGzAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNpADBmAjEA6IUvQwSw
+vEkHjU9YNsPcUsJf0UTHUW1T8mNbgk+zCl6fzeU73oCXH6zoi5q6vLgjAjEAv63C
+xknmJJ4H3Zlc+O5GlcX9VQNZDn1xV7hf2yW1Gf7wLTnSWTf5bXATaIQ6QLO1
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-crt_crl.crt.openssl.v3_ext b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-crt_crl.crt.openssl.v3_ext
new file mode 100644
index 0000000..0fd73a2
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-crt_crl.crt.openssl.v3_ext
@@ -0,0 +1,4 @@
+basicConstraints = CA:true
+subjectKeyIdentifier=none
+keyUsage = keyCertSign, cRLSign
+
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-ds.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-ds.crt
new file mode 100644
index 0000000..2907aa7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-ds.crt
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIB2TCCAV6gAwIBAgIUb5xsO6FEmAz+XpGFHpW7ODFvup0wCgYIKoZIzj0EAwIw
+PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh
+cnNzbCBUZXN0IEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1ow
+PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh
+cnNzbCBUZXN0IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+H
+Vv78ibopQ0tO4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqr
+Id240xxuWLjK6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeox0wGzAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNpADBmAjEA44HVvGYv
+meA3SpaNJmubLKjsQlGNnEUUo1IO0NBP5yWG0dRFkX8NQ0bzH/1n6FJcAjEAm9wj
+xdmEPUr6PY54c0IQJNeeF76L1/+EszXrSDQ7TLv1YC4d4uMNmqwR9EGuUX+/
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-ds.crt.openssl.v3_ext b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-ds.crt.openssl.v3_ext
new file mode 100644
index 0000000..08e49d4
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.ku-ds.crt.openssl.v3_ext
@@ -0,0 +1,4 @@
+basicConstraints = CA:true
+subjectKeyIdentifier=none
+keyUsage = digitalSignature
+
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.req.sha256 b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.req.sha256
new file mode 100644
index 0000000..6d46b2a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2.req.sha256
@@ -0,0 +1,9 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBOTCBvQIBADA+MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxHDAa
+BgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwdjAQBgcqhkjOPQIBBgUrgQQAIgNi
+AATD2is0QTdYL4dW/vyJuilDS07gbsMOV1MzOVjUUrSRlTkLI99fFyRiSPwalSnO
+LC2HwohSgK/Waqsh3bjTHG5YuMrosmmO80GtKcO0X3WnR2/VGSlVaZpTOyC0ZhZg
+Mx6gADAMBggqhkjOPQQDAgUAA2kAMGYCMQDElef9+KfRbZOA29ZyU750fB3ob82E
+8R711+hk9HOsk0G9Uccp3tT+1nhCcMNhnWsCMQD6Y8e9jcEaKSPiWWfgCZ5NaQ5l
+pvPDUdcPV8sZt2cgNS8fcRIIHblQKvr6miHXl9Y=
+-----END CERTIFICATE REQUEST-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2_cat-future-invalid.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2_cat-future-invalid.crt
new file mode 100644
index 0000000..833e497
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2_cat-future-invalid.crt
@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE-----
+MIICBjCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE
+BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0
+IEVDIENBMB4XDTI5MDIxMDE0NDQwMFoXDTM5MDIxMDE0NDQwMFowPjELMAkGA1UE
+BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0
+IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO
+4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK
+6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD
+AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd
+bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2cAMGQCMCDwxpvV0mzZ
+5nyr3tpLILyaERGyVuSGHAJqd88fsWEiV6/xmiOTeIGlN8WLVL03FQIwJYnSIeCj
+vwuQaWzeIypEnGIT2A2eJ2IIrJrFr9xpafqN1vRDSK5VZuM1B4RtW2OU
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICIDCCAaWgAwIBAgIBCjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
+MjMwNTE3MDcxMDM3WhcNMzMwNTE0MDcxMDM3WjA0MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
+CCqGSM49AwEHA0IABIFZMXZJJPoVraugMW4O7TMR+pElVcGwwZwDcj6Yui2kcjeJ
+H0M3jR+OOtjwV+gvT8kApPfbcw+yxgSU0UA7OOOjgZ0wgZowCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUfmWPPjMDFOXhvmCy4IV/jOdgK3swbgYDVR0jBGcwZYAUnW0gJEkB
+PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh
+clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG
+CCqGSM49BAMCA2kAMGYCMQC7mlP+bq/c4hKB3zfJgPdwSnzzQOkXwdA2O6QumC2o
+ZuHyjUYV5/ZyU8QQ7cNnKnYCMQD9ByA7ddpVE2Gk+OVuBPGfwV4O2COgFrasfrTn
+KgfuCEF96BhSjLDXWKB4IFWaXUQ=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2_cat-future-present.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2_cat-future-present.crt
new file mode 100644
index 0000000..649cca0
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2_cat-future-present.crt
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIICBjCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE
+BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0
+IEVDIENBMB4XDTI5MDIxMDE0NDQwMFoXDTM5MDIxMDE0NDQwMFowPjELMAkGA1UE
+BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0
+IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO
+4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK
+6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD
+AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd
+bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2cAMGQCMCDwxpvV0mzZ
+5nyr3tpLILyaERGyVuSGHAJqd88fsWEiV6/xmiOTeIGlN8WLVL03FQIwJYnSIeCj
+vwuQaWzeIypEnGIT2A2eJ2IIrJrFr9xpafqN1vRDSK5VZuM1B4RtW2OU
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE
+BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0
+IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE
+BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0
+IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO
+4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK
+6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD
+AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd
+bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq
+6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29
+N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2_cat-past-invalid.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2_cat-past-invalid.crt
new file mode 100644
index 0000000..a0b0a2f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2_cat-past-invalid.crt
@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE-----
+MIIB/TCCAYCgAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0wMzA5MjQxNTQ5NDhaFw0xMzA5MjQxNTQ5NDhaMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTB2
+MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBuww5XUzM5
+WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiyaY7zQa0p
+w7RfdadHb9UZKVVpmlM7ILRmFmAzHqNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4E
+FgQUnW0gJEkBPyvLeLUZvH4kydv7NnwwHwYDVR0jBBgwFoAUnW0gJEkBPyvLeLUZ
+vH4kydv7NnwwDAYIKoZIzj0EAwIFAANpADBmAjEAvQ/49lXXrLYdOIGtTaYWjpZP
+tRBXQiGPMzUvmKBk7gM7bF4iFPsdJikyXHmuwv3RAjEA8vtUX8fAAB3fbh5dEXRm
+l7tz0Sw/RW6AHFtaIauGkhHqeKIaKIi6WSgHu6x97uyg
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICIDCCAaWgAwIBAgIBCjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
+MjMwNTE3MDcxMDM3WhcNMzMwNTE0MDcxMDM3WjA0MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
+CCqGSM49AwEHA0IABIFZMXZJJPoVraugMW4O7TMR+pElVcGwwZwDcj6Yui2kcjeJ
+H0M3jR+OOtjwV+gvT8kApPfbcw+yxgSU0UA7OOOjgZ0wgZowCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUfmWPPjMDFOXhvmCy4IV/jOdgK3swbgYDVR0jBGcwZYAUnW0gJEkB
+PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh
+clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG
+CCqGSM49BAMCA2kAMGYCMQC7mlP+bq/c4hKB3zfJgPdwSnzzQOkXwdA2O6QumC2o
+ZuHyjUYV5/ZyU8QQ7cNnKnYCMQD9ByA7ddpVE2Gk+OVuBPGfwV4O2COgFrasfrTn
+KgfuCEF96BhSjLDXWKB4IFWaXUQ=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2_cat-past-present.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2_cat-past-present.crt
new file mode 100644
index 0000000..24e05c6
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2_cat-past-present.crt
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIB/TCCAYCgAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0wMzA5MjQxNTQ5NDhaFw0xMzA5MjQxNTQ5NDhaMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTB2
+MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBuww5XUzM5
+WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiyaY7zQa0p
+w7RfdadHb9UZKVVpmlM7ILRmFmAzHqNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4E
+FgQUnW0gJEkBPyvLeLUZvH4kydv7NnwwHwYDVR0jBBgwFoAUnW0gJEkBPyvLeLUZ
+vH4kydv7NnwwDAYIKoZIzj0EAwIFAANpADBmAjEAvQ/49lXXrLYdOIGtTaYWjpZP
+tRBXQiGPMzUvmKBk7gM7bF4iFPsdJikyXHmuwv3RAjEA8vtUX8fAAB3fbh5dEXRm
+l7tz0Sw/RW6AHFtaIauGkhHqeKIaKIi6WSgHu6x97uyg
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE
+BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0
+IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE
+BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0
+IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO
+4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK
+6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD
+AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd
+bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq
+6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29
+N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2_cat-present-future.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2_cat-present-future.crt
new file mode 100644
index 0000000..6539479
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2_cat-present-future.crt
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE
+BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0
+IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE
+BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0
+IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO
+4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK
+6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD
+AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd
+bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq
+6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29
+N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICBjCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE
+BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0
+IEVDIENBMB4XDTI5MDIxMDE0NDQwMFoXDTM5MDIxMDE0NDQwMFowPjELMAkGA1UE
+BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0
+IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO
+4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK
+6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD
+AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd
+bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2cAMGQCMCDwxpvV0mzZ
+5nyr3tpLILyaERGyVuSGHAJqd88fsWEiV6/xmiOTeIGlN8WLVL03FQIwJYnSIeCj
+vwuQaWzeIypEnGIT2A2eJ2IIrJrFr9xpafqN1vRDSK5VZuM1B4RtW2OU
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2_cat-present-past.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2_cat-present-past.crt
new file mode 100644
index 0000000..08aeeea
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca2_cat-present-past.crt
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE
+BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0
+IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE
+BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0
+IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO
+4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK
+6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD
+AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd
+bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq
+6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29
+N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIB/TCCAYCgAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0wMzA5MjQxNTQ5NDhaFw0xMzA5MjQxNTQ5NDhaMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTB2
+MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBuww5XUzM5
+WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiyaY7zQa0p
+w7RfdadHb9UZKVVpmlM7ILRmFmAzHqNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4E
+FgQUnW0gJEkBPyvLeLUZvH4kydv7NnwwHwYDVR0jBBgwFoAUnW0gJEkBPyvLeLUZ
+vH4kydv7NnwwDAYIKoZIzj0EAwIFAANpADBmAjEAvQ/49lXXrLYdOIGtTaYWjpZP
+tRBXQiGPMzUvmKBk7gM7bF4iFPsdJikyXHmuwv3RAjEA8vtUX8fAAB3fbh5dEXRm
+l7tz0Sw/RW6AHFtaIauGkhHqeKIaKIi6WSgHu6x97uyg
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca_cat12.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca_cat12.crt
new file mode 100644
index 0000000..c54bcc1
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca_cat12.crt
@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIDRDCCAiygAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx
+mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny
+50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n
+YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL
+R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu
+KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj
+UzBRMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68
+x/3/MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEB
+BQUAA4IBAQCz557ZZmWv5UTTHebzTyVzku5ldpcicJPqKHP3xZ4tPPY52JQyJg/T
+hsRB44yTyNo3/jo9or2KgVnc+/nCmnlvTq22a/j26DtKZ7wD9MWxunpkqRwExtA/
+G816msrl6X6m50WwdLXTvaVJGXCYp8TPVLx5YY3WPIVoX0CPN7Hs9iNJNiEWo4Qf
+7dAqjWBB/QpusmWhjaDSc4+cFhT24Yo9HuS1yrkUTrBtJaj0AykTsiyFm6SBVDNH
+9XIxCgYy9QrYbDKNtJXhuevpN0yUMV/aUnIkU2wTTouhOzZisjNk0sS1guqmSHzf
+hlf8qotOhNvFXpEsCGwZUywayo7c4DtO
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE
+BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0
+IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE
+BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0
+IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO
+4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK
+6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD
+AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd
+bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq
+6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29
+N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca_cat21.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca_cat21.crt
new file mode 100644
index 0000000..b090dc6
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca_cat21.crt
@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE
+BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0
+IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE
+BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0
+IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO
+4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK
+6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD
+AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd
+bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq
+6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29
+N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDRDCCAiygAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx
+mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny
+50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n
+YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL
+R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu
+KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj
+UzBRMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68
+x/3/MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEB
+BQUAA4IBAQCz557ZZmWv5UTTHebzTyVzku5ldpcicJPqKHP3xZ4tPPY52JQyJg/T
+hsRB44yTyNo3/jo9or2KgVnc+/nCmnlvTq22a/j26DtKZ7wD9MWxunpkqRwExtA/
+G816msrl6X6m50WwdLXTvaVJGXCYp8TPVLx5YY3WPIVoX0CPN7Hs9iNJNiEWo4Qf
+7dAqjWBB/QpusmWhjaDSc4+cFhT24Yo9HuS1yrkUTrBtJaj0AykTsiyFm6SBVDNH
+9XIxCgYy9QrYbDKNtJXhuevpN0yUMV/aUnIkU2wTTouhOzZisjNk0sS1guqmSHzf
+hlf8qotOhNvFXpEsCGwZUywayo7c4DtO
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca_printable.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca_printable.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca_printable.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca_printable.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca_uppercase.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca_uppercase.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca_uppercase.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca_uppercase.crt
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-ca_utf8.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-ca_utf8.crt
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-ca_utf8.crt
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-ca_utf8.crt
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca-exp.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca-exp.crt
new file mode 100644
index 0000000..835c7db
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca-exp.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
+MTMwNTE2MDcxMDM3WhcNMjMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq
+vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR
+wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF
+CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g
+Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q
+AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2
+qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM
+uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA
+kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P
+d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br
+Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg
+updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY
+a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
+NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE
+AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
+CgYIKoZIzj0EAwIDaAAwZQIxAJH0e4fySJI2nJt1Knd+yU7zn1jTFDAABJMbndhR
+07OSM6vwUaGSMVatSzr8ah+UDgIwaI/MBcorSxT92jAQb1W5dJkEudoYSg49fjAf
+z0BtLCVhFwQlrzCqgXC98SGfT6sZ
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca.crt
new file mode 100644
index 0000000..8b2846d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
+MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq
+vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR
+wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF
+CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g
+Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q
+AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2
+qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM
+uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA
+kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P
+d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br
+Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg
+updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY
+a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
+NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE
+AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
+CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l
+fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN
+JAuV9fLJJdB5nZUG3l85Dt27VNkT
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca.key b/3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca.key
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca2.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca2.crt
new file mode 100644
index 0000000..80f39b9
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca2.crt
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MjMwNTE3MDkyNzAyWhcNMzMwNTE3MDkyNzAyWjBLMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl
+WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8
+ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW
+BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV
+D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw
+FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMAwGA1UdEwQFMAMBAf8wDQYJKoZI
+hvcNAQELBQADggEBAHTN0URrP2MpwD8vODymjjq7iaB7WFZ4CWUjx9LWu3PPZbX2
+12MxzkyFaVR7rnPKZSFHJJEmNaPDJWwYhGQRXLCoD6NiJy6De4fa5gSYoXthRGFf
+GnFXZu3e37GDKoKP87TZ+VXcyx6PHvPxJB3/9N94Vj2Yh3hCs7F72GmwfDww6ooj
+whIqhxBYOhPleANs70FZ7Y7tjZV1RtQ1/9sRcbyv9OvdPuWvukBVq1KM6nqVHBZ3
+/4kHBWaFaWMq/AAxMxaTGFAOA8S2yU56jkB65viQrpQQWffBJWK+WfrcgxRWqR33
+hqG3yT1IWbJ5E11XL9TCKD+DReqeXHyYawx8fBU=
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca2.key b/3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca2.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca2.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca2.key
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca3-badsign.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca3-badsign.crt
new file mode 100644
index 0000000..8c36315
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca3-badsign.crt
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG
+A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU
+ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9
+2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn
+ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF
++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv
+1GRe86dg10==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca3.crt b/3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca3.crt
new file mode 100644
index 0000000..3aa64b1
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca3.crt
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp
+YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG
+A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU
+ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9
+2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn
+ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF
++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv
+1GRe86dg1A==
+-----END CERTIFICATE-----
diff --git a/3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca3.key b/3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca3.key
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/data_files/test-int-ca3.key
rename to 3rdparty/mbedtls-2.28.7/tests/data_files/test-int-ca3.key
diff --git a/3rdparty/mbedtls-2.25.0/tests/docker/bionic/Dockerfile b/3rdparty/mbedtls-2.28.7/tests/docker/bionic/Dockerfile
similarity index 88%
rename from 3rdparty/mbedtls-2.25.0/tests/docker/bionic/Dockerfile
rename to 3rdparty/mbedtls-2.28.7/tests/docker/bionic/Dockerfile
index 1d24aa3..869c955 100644
--- a/3rdparty/mbedtls-2.25.0/tests/docker/bionic/Dockerfile
+++ b/3rdparty/mbedtls-2.28.7/tests/docker/bionic/Dockerfile
@@ -4,21 +4,13 @@
 # -------
 # Defines a Docker container suitable to build and run all tests (all.sh),
 # except for those that use a proprietary toolchain.
+#
+# WARNING: this Dockerfile is no longer maintained! See
+# https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start
+# for the set of Docker images we use on the CI.
 
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#  http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 ARG MAKEFLAGS_PARALLEL=""
 ARG MY_REGISTRY=
 
@@ -160,7 +152,3 @@ RUN cd /tmp \
 
 ENV GNUTLS_NEXT_CLI=/usr/local/gnutls-3.6.5/bin/gnutls-cli
 ENV GNUTLS_NEXT_SERV=/usr/local/gnutls-3.6.5/bin/gnutls-serv
-
-RUN pip3 install --no-cache-dir \
-    mbed-host-tests \
-    mock
diff --git a/3rdparty/mbedtls-2.28.7/tests/git-scripts/README.md b/3rdparty/mbedtls-2.28.7/tests/git-scripts/README.md
new file mode 100644
index 0000000..23db168
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/git-scripts/README.md
@@ -0,0 +1,16 @@
+README for git hooks script
+===========================
+git has a way to run scripts, which are invoked by specific git commands.
+The git hooks are located in `<Mbed TLS root>/.git/hooks`, and as such are not under version control
+for more information, see the [git documentation](https://git-scm.com/docs/githooks).
+
+The Mbed TLS git hooks are located in `<Mbed TLS root>/tests/git-scripts` directory, and one must create a soft link from `<Mbed TLS root>/.git/hooks` to `<Mbed TLS root>/tests/git-scripts`, in order to make the hook scripts successfully work.
+
+Example:
+
+Execute the following command to create a link on Linux from the Mbed TLS `.git/hooks` directory:  
+`ln -s ../../tests/git-scripts/pre-push.sh pre-push`
+
+**Note: Currently the Mbed TLS git hooks work only on a GNU platform. If using a non-GNU platform, don't enable these hooks!**
+
+These scripts can also be used independently.
diff --git a/3rdparty/mbedtls-2.28.7/tests/git-scripts/pre-commit.sh b/3rdparty/mbedtls-2.28.7/tests/git-scripts/pre-commit.sh
new file mode 100644
index 0000000..04f4fa7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/git-scripts/pre-commit.sh
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+# pre-commit.sh
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+# Purpose
+#
+# This script does quick sanity checks before commiting:
+#   - check that generated files are up-to-date.
+#
+# It is meant to be called as a git pre-commit hook, see README.md.
+#
+# From the git sample pre-commit hook:
+#   Called by "git commit" with no arguments.  The hook should
+#   exit with non-zero status after issuing an appropriate message if
+#   it wants to stop the commit.
+
+set -eu
+
+tests/scripts/check-generated-files.sh
diff --git a/3rdparty/mbedtls-2.28.7/tests/git-scripts/pre-push.sh b/3rdparty/mbedtls-2.28.7/tests/git-scripts/pre-push.sh
new file mode 100644
index 0000000..9192678
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/git-scripts/pre-push.sh
@@ -0,0 +1,34 @@
+#!/bin/sh
+# pre-push.sh
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+#
+# Purpose
+#
+# Called by "git push" after it has checked the remote status, but before anything has been
+# pushed.  If this script exits with a non-zero status nothing will be pushed.
+# This script can also be used independently, not using git.
+#
+# This hook is called with the following parameters:
+#
+# $1 -- Name of the remote to which the push is being done
+# $2 -- URL to which the push is being done
+#
+# If pushing without using a named remote those arguments will be equal.
+#
+# Information about the commits which are being pushed is supplied as lines to
+# the standard input in the form:
+#
+#   <local ref> <local sha1> <remote ref> <remote sha1>
+#
+
+REMOTE="$1"
+URL="$2"
+
+echo "REMOTE is $REMOTE"
+echo "URL is $URL"
+
+set -eu
+
+tests/scripts/all.sh -q -k 'check_*'
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/baremetal-override/time.h b/3rdparty/mbedtls-2.28.7/tests/include/baremetal-override/time.h
new file mode 100644
index 0000000..0a44275
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/baremetal-override/time.h
@@ -0,0 +1,6 @@
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#error "time.h included in a configuration without MBEDTLS_HAVE_TIME"
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/spe/crypto_spe.h b/3rdparty/mbedtls-2.28.7/tests/include/spe/crypto_spe.h
new file mode 100644
index 0000000..fdf3a2d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/spe/crypto_spe.h
@@ -0,0 +1,131 @@
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ *
+ */
+
+/**
+ * \file crypto_spe.h
+ *
+ * \brief When Mbed TLS is built with the MBEDTLS_PSA_CRYPTO_SPM option
+ *        enabled, this header is included by all .c files in Mbed TLS that
+ *        use PSA Crypto function names. This avoids duplication of symbols
+ *        between TF-M and Mbed TLS.
+ *
+ * \note  This file should be included before including any PSA Crypto headers
+ *        from Mbed TLS.
+ */
+
+#ifndef CRYPTO_SPE_H
+#define CRYPTO_SPE_H
+
+#define PSA_FUNCTION_NAME(x) mbedcrypto__ ## x
+
+#define psa_crypto_init \
+    PSA_FUNCTION_NAME(psa_crypto_init)
+#define psa_key_derivation_get_capacity \
+    PSA_FUNCTION_NAME(psa_key_derivation_get_capacity)
+#define psa_key_derivation_set_capacity \
+    PSA_FUNCTION_NAME(psa_key_derivation_set_capacity)
+#define psa_key_derivation_input_bytes \
+    PSA_FUNCTION_NAME(psa_key_derivation_input_bytes)
+#define psa_key_derivation_output_bytes \
+    PSA_FUNCTION_NAME(psa_key_derivation_output_bytes)
+#define psa_key_derivation_input_key \
+    PSA_FUNCTION_NAME(psa_key_derivation_input_key)
+#define psa_key_derivation_output_key \
+    PSA_FUNCTION_NAME(psa_key_derivation_output_key)
+#define psa_key_derivation_setup \
+    PSA_FUNCTION_NAME(psa_key_derivation_setup)
+#define psa_key_derivation_abort \
+    PSA_FUNCTION_NAME(psa_key_derivation_abort)
+#define psa_key_derivation_key_agreement \
+    PSA_FUNCTION_NAME(psa_key_derivation_key_agreement)
+#define psa_raw_key_agreement \
+    PSA_FUNCTION_NAME(psa_raw_key_agreement)
+#define psa_generate_random \
+    PSA_FUNCTION_NAME(psa_generate_random)
+#define psa_aead_encrypt \
+    PSA_FUNCTION_NAME(psa_aead_encrypt)
+#define psa_aead_decrypt \
+    PSA_FUNCTION_NAME(psa_aead_decrypt)
+#define psa_open_key \
+    PSA_FUNCTION_NAME(psa_open_key)
+#define psa_close_key \
+    PSA_FUNCTION_NAME(psa_close_key)
+#define psa_import_key \
+    PSA_FUNCTION_NAME(psa_import_key)
+#define psa_destroy_key \
+    PSA_FUNCTION_NAME(psa_destroy_key)
+#define psa_get_key_attributes \
+    PSA_FUNCTION_NAME(psa_get_key_attributes)
+#define psa_reset_key_attributes \
+    PSA_FUNCTION_NAME(psa_reset_key_attributes)
+#define psa_export_key \
+    PSA_FUNCTION_NAME(psa_export_key)
+#define psa_export_public_key \
+    PSA_FUNCTION_NAME(psa_export_public_key)
+#define psa_purge_key \
+    PSA_FUNCTION_NAME(psa_purge_key)
+#define psa_copy_key \
+    PSA_FUNCTION_NAME(psa_copy_key)
+#define psa_cipher_operation_init \
+    PSA_FUNCTION_NAME(psa_cipher_operation_init)
+#define psa_cipher_generate_iv \
+    PSA_FUNCTION_NAME(psa_cipher_generate_iv)
+#define psa_cipher_set_iv \
+    PSA_FUNCTION_NAME(psa_cipher_set_iv)
+#define psa_cipher_encrypt_setup \
+    PSA_FUNCTION_NAME(psa_cipher_encrypt_setup)
+#define psa_cipher_decrypt_setup \
+    PSA_FUNCTION_NAME(psa_cipher_decrypt_setup)
+#define psa_cipher_update \
+    PSA_FUNCTION_NAME(psa_cipher_update)
+#define psa_cipher_finish \
+    PSA_FUNCTION_NAME(psa_cipher_finish)
+#define psa_cipher_abort \
+    PSA_FUNCTION_NAME(psa_cipher_abort)
+#define psa_hash_operation_init \
+    PSA_FUNCTION_NAME(psa_hash_operation_init)
+#define psa_hash_setup \
+    PSA_FUNCTION_NAME(psa_hash_setup)
+#define psa_hash_update \
+    PSA_FUNCTION_NAME(psa_hash_update)
+#define psa_hash_finish \
+    PSA_FUNCTION_NAME(psa_hash_finish)
+#define psa_hash_verify \
+    PSA_FUNCTION_NAME(psa_hash_verify)
+#define psa_hash_abort \
+    PSA_FUNCTION_NAME(psa_hash_abort)
+#define psa_hash_clone \
+    PSA_FUNCTION_NAME(psa_hash_clone)
+#define psa_hash_compute \
+    PSA_FUNCTION_NAME(psa_hash_compute)
+#define psa_hash_compare \
+    PSA_FUNCTION_NAME(psa_hash_compare)
+#define psa_mac_operation_init \
+    PSA_FUNCTION_NAME(psa_mac_operation_init)
+#define psa_mac_sign_setup \
+    PSA_FUNCTION_NAME(psa_mac_sign_setup)
+#define psa_mac_verify_setup \
+    PSA_FUNCTION_NAME(psa_mac_verify_setup)
+#define psa_mac_update \
+    PSA_FUNCTION_NAME(psa_mac_update)
+#define psa_mac_sign_finish \
+    PSA_FUNCTION_NAME(psa_mac_sign_finish)
+#define psa_mac_verify_finish \
+    PSA_FUNCTION_NAME(psa_mac_verify_finish)
+#define psa_mac_abort \
+    PSA_FUNCTION_NAME(psa_mac_abort)
+#define psa_sign_hash \
+    PSA_FUNCTION_NAME(psa_sign_hash)
+#define psa_verify_hash \
+    PSA_FUNCTION_NAME(psa_verify_hash)
+#define psa_asymmetric_encrypt \
+    PSA_FUNCTION_NAME(psa_asymmetric_encrypt)
+#define psa_asymmetric_decrypt \
+    PSA_FUNCTION_NAME(psa_asymmetric_decrypt)
+#define psa_generate_key \
+    PSA_FUNCTION_NAME(psa_generate_key)
+
+#endif /* CRYPTO_SPE_H */
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/test/arguments.h b/3rdparty/mbedtls-2.28.7/tests/include/test/arguments.h
new file mode 100644
index 0000000..c672104
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/arguments.h
@@ -0,0 +1,31 @@
+/**
+ * \file arguments.h
+ *
+ * \brief Manipulation of test arguments.
+ *
+ * Much of the code is in host_test.function, to be migrated here later.
+ */
+
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef TEST_ARGUMENTS_H
+#define TEST_ARGUMENTS_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stdint.h>
+#include <stdlib.h>
+
+typedef union {
+    size_t len;
+    intmax_t sint;
+} mbedtls_test_argument_t;
+
+#endif /* TEST_ARGUMENTS_H */
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/test/asn1_helpers.h b/3rdparty/mbedtls-2.28.7/tests/include/test/asn1_helpers.h
new file mode 100644
index 0000000..2eb9171
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/asn1_helpers.h
@@ -0,0 +1,38 @@
+/** Helper functions for tests that manipulate ASN.1 data.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef ASN1_HELPERS_H
+#define ASN1_HELPERS_H
+
+#include "test/helpers.h"
+
+/** Skip past an INTEGER in an ASN.1 buffer.
+ *
+ * Mark the current test case as failed in any of the following conditions:
+ * - The buffer does not start with an ASN.1 INTEGER.
+ * - The integer's size or parity does not match the constraints expressed
+ *   through \p min_bits, \p max_bits and \p must_be_odd.
+ *
+ * \param p             Upon entry, `*p` points to the first byte of the
+ *                      buffer to parse.
+ *                      On successful return, `*p` points to the first byte
+ *                      after the parsed INTEGER.
+ *                      On failure, `*p` is unspecified.
+ * \param end           The end of the ASN.1 buffer.
+ * \param min_bits      Fail the test case if the integer does not have at
+ *                      least this many significant bits.
+ * \param max_bits      Fail the test case if the integer has more than
+ *                      this many significant bits.
+ * \param must_be_odd   Fail the test case if the integer is even.
+ *
+ * \return              \c 0 if the test failed, otherwise 1.
+ */
+int mbedtls_test_asn1_skip_integer(unsigned char **p, const unsigned char *end,
+                                   size_t min_bits, size_t max_bits,
+                                   int must_be_odd);
+
+#endif /* ASN1_HELPERS_H */
diff --git a/3rdparty/mbedtls-2.25.0/tests/include/test/constant_flow.h b/3rdparty/mbedtls-2.28.7/tests/include/test/constant_flow.h
similarity index 77%
rename from 3rdparty/mbedtls-2.25.0/tests/include/test/constant_flow.h
rename to 3rdparty/mbedtls-2.28.7/tests/include/test/constant_flow.h
index af64011..85fd1a5 100644
--- a/3rdparty/mbedtls-2.25.0/tests/include/test/constant_flow.h
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/constant_flow.h
@@ -6,19 +6,7 @@
 
 /*
  *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #ifndef TEST_CONSTANT_FLOW_H
@@ -50,6 +38,12 @@
  * This file contains two implementations: one based on MemorySanitizer, the
  * other on valgrind's memcheck. If none of them is enabled, dummy macros that
  * do nothing are defined for convenience.
+ *
+ * \note #TEST_CF_SECRET must be called directly from within a .function file,
+ *       not indirectly via a macro defined under tests/include or a function
+ *       under tests/src. This is because we only run Valgrind for constant
+ *       flow on test suites that have greppable annotations inside them (see
+ *       `skip_suites_without_constant_flow` in `tests/scripts/all.sh`).
  */
 
 #if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN)
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/aead.h b/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/aead.h
new file mode 100644
index 0000000..4c01214
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/aead.h
@@ -0,0 +1,59 @@
+/*
+ * Test driver for AEAD driver entry points.
+ */
+/*  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVERS_AEAD_H
+#define PSA_CRYPTO_TEST_DRIVERS_AEAD_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <psa/crypto_driver_common.h>
+
+typedef struct {
+    /* If not PSA_SUCCESS, return this error code instead of processing the
+     * function call. */
+    psa_status_t forced_status;
+    /* Count the amount of times AEAD driver functions are called. */
+    unsigned long hits;
+    /* Status returned by the last AEAD driver function call. */
+    psa_status_t driver_status;
+} mbedtls_test_driver_aead_hooks_t;
+
+#define MBEDTLS_TEST_DRIVER_AEAD_INIT { 0, 0, 0 }
+static inline mbedtls_test_driver_aead_hooks_t
+mbedtls_test_driver_aead_hooks_init(void)
+{
+    const mbedtls_test_driver_aead_hooks_t v = MBEDTLS_TEST_DRIVER_AEAD_INIT;
+    return v;
+}
+
+extern mbedtls_test_driver_aead_hooks_t mbedtls_test_driver_aead_hooks;
+
+psa_status_t mbedtls_test_transparent_aead_encrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *nonce, size_t nonce_length,
+    const uint8_t *additional_data, size_t additional_data_length,
+    const uint8_t *plaintext, size_t plaintext_length,
+    uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length);
+
+psa_status_t mbedtls_test_transparent_aead_decrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *nonce, size_t nonce_length,
+    const uint8_t *additional_data, size_t additional_data_length,
+    const uint8_t *ciphertext, size_t ciphertext_length,
+    uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length);
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_TEST_DRIVERS_AEAD_H */
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/cipher.h b/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/cipher.h
new file mode 100644
index 0000000..3a2a01b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/cipher.h
@@ -0,0 +1,134 @@
+/*
+ * Test driver for cipher functions
+ */
+/*  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVERS_CIPHER_H
+#define PSA_CRYPTO_TEST_DRIVERS_CIPHER_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <psa/crypto_driver_common.h>
+#include <psa/crypto.h>
+
+#include "mbedtls/cipher.h"
+
+typedef struct {
+    /* If non-null, on success, copy this to the output. */
+    void *forced_output;
+    size_t forced_output_length;
+    /* If not PSA_SUCCESS, return this error code instead of processing the
+     * function call. */
+    psa_status_t forced_status;
+    /* Count the amount of times one of the cipher driver functions is called. */
+    unsigned long hits;
+} mbedtls_test_driver_cipher_hooks_t;
+
+#define MBEDTLS_TEST_DRIVER_CIPHER_INIT { NULL, 0, PSA_SUCCESS, 0 }
+static inline mbedtls_test_driver_cipher_hooks_t
+mbedtls_test_driver_cipher_hooks_init(void)
+{
+    const mbedtls_test_driver_cipher_hooks_t v = MBEDTLS_TEST_DRIVER_CIPHER_INIT;
+    return v;
+}
+
+extern mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks;
+
+psa_status_t mbedtls_test_transparent_cipher_encrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    psa_algorithm_t alg,
+    const uint8_t *iv, size_t iv_length,
+    const uint8_t *input, size_t input_length,
+    uint8_t *output, size_t output_size, size_t *output_length);
+
+psa_status_t mbedtls_test_transparent_cipher_decrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    psa_algorithm_t alg,
+    const uint8_t *input, size_t input_length,
+    uint8_t *output, size_t output_size, size_t *output_length);
+
+psa_status_t mbedtls_test_transparent_cipher_encrypt_setup(
+    mbedtls_transparent_test_driver_cipher_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    psa_algorithm_t alg);
+
+psa_status_t mbedtls_test_transparent_cipher_decrypt_setup(
+    mbedtls_transparent_test_driver_cipher_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    psa_algorithm_t alg);
+
+psa_status_t mbedtls_test_transparent_cipher_abort(
+    mbedtls_transparent_test_driver_cipher_operation_t *operation);
+
+psa_status_t mbedtls_test_transparent_cipher_set_iv(
+    mbedtls_transparent_test_driver_cipher_operation_t *operation,
+    const uint8_t *iv, size_t iv_length);
+
+psa_status_t mbedtls_test_transparent_cipher_update(
+    mbedtls_transparent_test_driver_cipher_operation_t *operation,
+    const uint8_t *input, size_t input_length,
+    uint8_t *output, size_t output_size, size_t *output_length);
+
+psa_status_t mbedtls_test_transparent_cipher_finish(
+    mbedtls_transparent_test_driver_cipher_operation_t *operation,
+    uint8_t *output, size_t output_size, size_t *output_length);
+
+/*
+ * opaque versions
+ */
+psa_status_t mbedtls_test_opaque_cipher_encrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    psa_algorithm_t alg,
+    const uint8_t *iv, size_t iv_length,
+    const uint8_t *input, size_t input_length,
+    uint8_t *output, size_t output_size, size_t *output_length);
+
+psa_status_t mbedtls_test_opaque_cipher_decrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    psa_algorithm_t alg,
+    const uint8_t *input, size_t input_length,
+    uint8_t *output, size_t output_size, size_t *output_length);
+
+psa_status_t mbedtls_test_opaque_cipher_encrypt_setup(
+    mbedtls_opaque_test_driver_cipher_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    psa_algorithm_t alg);
+
+psa_status_t mbedtls_test_opaque_cipher_decrypt_setup(
+    mbedtls_opaque_test_driver_cipher_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    psa_algorithm_t alg);
+
+psa_status_t mbedtls_test_opaque_cipher_abort(
+    mbedtls_opaque_test_driver_cipher_operation_t *operation);
+
+psa_status_t mbedtls_test_opaque_cipher_set_iv(
+    mbedtls_opaque_test_driver_cipher_operation_t *operation,
+    const uint8_t *iv, size_t iv_length);
+
+psa_status_t mbedtls_test_opaque_cipher_update(
+    mbedtls_opaque_test_driver_cipher_operation_t *operation,
+    const uint8_t *input, size_t input_length,
+    uint8_t *output, size_t output_size, size_t *output_length);
+
+psa_status_t mbedtls_test_opaque_cipher_finish(
+    mbedtls_opaque_test_driver_cipher_operation_t *operation,
+    uint8_t *output, size_t output_size, size_t *output_length);
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_TEST_DRIVERS_CIPHER_H */
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/config_test_driver.h b/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/config_test_driver.h
new file mode 100644
index 0000000..13c1754
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/config_test_driver.h
@@ -0,0 +1,44 @@
+/*
+ * Mbed TLS configuration for PSA test driver libraries. It includes:
+ * . the minimum set of modules needed by the PSA core.
+ * . the Mbed TLS configuration options that may need to be additionally
+ *   enabled for the purpose of a specific test.
+ * . the PSA configuration file for the Mbed TLS library and its test drivers.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef MBEDTLS_CONFIG_H
+#define MBEDTLS_CONFIG_H
+
+#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
+#define _CRT_SECURE_NO_DEPRECATE 1
+#endif
+
+#define MBEDTLS_PSA_CRYPTO_C
+#define MBEDTLS_PSA_CRYPTO_CONFIG
+
+/* PSA core mandatory configuration options */
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_AES_C
+#define MBEDTLS_SHA256_C
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
+#define MBEDTLS_CTR_DRBG_C
+#define MBEDTLS_ENTROPY_C
+#define MBEDTLS_POLY1305_C
+
+/*
+ * Configuration options that may need to be additionally enabled for the
+ * purpose of a specific set of tests.
+ */
+//#define MBEDTLS_SHA1_C
+//#define MBEDTLS_SHA512_C
+//#define MBEDTLS_PEM_PARSE_C
+//#define MBEDTLS_BASE64_C
+
+#include "mbedtls/config_psa.h"
+#include "mbedtls/check_config.h"
+
+#endif /* MBEDTLS_CONFIG_H */
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/crypto_config_test_driver_extension.h b/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/crypto_config_test_driver_extension.h
new file mode 100644
index 0000000..a285bc7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/crypto_config_test_driver_extension.h
@@ -0,0 +1,267 @@
+/**
+ * This file is intended to be used to build PSA test driver libraries. It is
+ * intended to be appended by the test build system to the crypto_config.h file
+ * of the Mbed TLS library the test library will be linked to. It mirrors the
+ * PSA_ACCEL_* macros defining the cryptographic operations the test library
+ * supports.
+ */
+
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)
+#undef MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_CBC_PKCS7)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)
+#undef MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_CFB)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_CFB)
+#undef MBEDTLS_PSA_ACCEL_ALG_CFB
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_CFB 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_CTR)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_CTR)
+#undef MBEDTLS_PSA_ACCEL_ALG_CTR
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_CTR 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
+#undef MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_ECDSA)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)
+#undef MBEDTLS_PSA_ACCEL_ALG_ECDSA
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_ECDSA 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_MD2)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_MD2)
+#undef MBEDTLS_PSA_ACCEL_ALG_MD2
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_MD2 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_MD4)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_MD4)
+#undef MBEDTLS_PSA_ACCEL_ALG_MD4
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_MD4 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_MD5)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
+#undef MBEDTLS_PSA_ACCEL_ALG_MD5
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_MD5 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_OFB)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_OFB)
+#undef MBEDTLS_PSA_ACCEL_ALG_OFB
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_OFB 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_RIPEMD160)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
+#undef MBEDTLS_PSA_ACCEL_ALG_RIPEMD160
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_RIPEMD160 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN)
+#undef MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_RSA_PSS)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
+#undef MBEDTLS_PSA_ACCEL_ALG_RSA_PSS
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_RSA_PSS 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_SHA_1)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
+#undef MBEDTLS_PSA_ACCEL_ALG_SHA_1
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_SHA_1 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_SHA_224)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
+#undef MBEDTLS_PSA_ACCEL_ALG_SHA_224
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_SHA_224 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_SHA_256)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
+#undef MBEDTLS_PSA_ACCEL_ALG_SHA_256
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_SHA_256 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_SHA_384)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
+#undef MBEDTLS_PSA_ACCEL_ALG_SHA_384
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_SHA_384 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_SHA_512)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
+#undef MBEDTLS_PSA_ACCEL_ALG_SHA_512
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_SHA_512 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_XTS)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_XTS)
+#undef MBEDTLS_PSA_ACCEL_ALG_XTS
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_XTS 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305)
+#undef MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_AES)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_AES
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_AES 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_ARIA)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_CAMELLIA)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 1
+#endif
+#endif
+
+#define MBEDTLS_PSA_ACCEL_ALG_CBC_MAC 1
+#define MBEDTLS_PSA_ACCEL_ALG_CCM 1
+#define MBEDTLS_PSA_ACCEL_ALG_CMAC 1
+#define MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING 1
+#define MBEDTLS_PSA_ACCEL_ALG_ECDH 1
+#define MBEDTLS_PSA_ACCEL_ALG_GCM 1
+#define MBEDTLS_PSA_ACCEL_ALG_HKDF 1
+#define MBEDTLS_PSA_ACCEL_ALG_HMAC 1
+#define MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP 1
+#define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT 1
+#define MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER 1
+#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF 1
+#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS 1
+
+#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)
+#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 1
+#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 1
+#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 1
+#define MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255 1
+#define MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448 1
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192 1
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224 1
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256 1
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192 1
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224 1
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 1
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 1
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 1
+#endif
+
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE 1
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC 1
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4 1
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DES 1
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RAW_DATA 1
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/hash.h b/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/hash.h
new file mode 100644
index 0000000..36e889b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/hash.h
@@ -0,0 +1,68 @@
+/*
+ * Test driver for hash driver entry points.
+ */
+/*  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVERS_HASH_H
+#define PSA_CRYPTO_TEST_DRIVERS_HASH_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <psa/crypto_driver_common.h>
+
+typedef struct {
+    /* If not PSA_SUCCESS, return this error code instead of processing the
+     * function call. */
+    psa_status_t forced_status;
+    /* Count the amount of times hash driver entry points are called. */
+    unsigned long hits;
+    /* Status returned by the last hash driver entry point call. */
+    psa_status_t driver_status;
+} mbedtls_test_driver_hash_hooks_t;
+
+#define MBEDTLS_TEST_DRIVER_HASH_INIT { 0, 0, 0 }
+static inline mbedtls_test_driver_hash_hooks_t
+mbedtls_test_driver_hash_hooks_init(void)
+{
+    const mbedtls_test_driver_hash_hooks_t v = MBEDTLS_TEST_DRIVER_HASH_INIT;
+    return v;
+}
+
+extern mbedtls_test_driver_hash_hooks_t mbedtls_test_driver_hash_hooks;
+
+psa_status_t mbedtls_test_transparent_hash_compute(
+    psa_algorithm_t alg,
+    const uint8_t *input, size_t input_length,
+    uint8_t *hash, size_t hash_size, size_t *hash_length);
+
+psa_status_t mbedtls_test_transparent_hash_setup(
+    mbedtls_transparent_test_driver_hash_operation_t *operation,
+    psa_algorithm_t alg);
+
+psa_status_t mbedtls_test_transparent_hash_clone(
+    const mbedtls_transparent_test_driver_hash_operation_t *source_operation,
+    mbedtls_transparent_test_driver_hash_operation_t *target_operation);
+
+psa_status_t mbedtls_test_transparent_hash_update(
+    mbedtls_transparent_test_driver_hash_operation_t *operation,
+    const uint8_t *input,
+    size_t input_length);
+
+psa_status_t mbedtls_test_transparent_hash_finish(
+    mbedtls_transparent_test_driver_hash_operation_t *operation,
+    uint8_t *hash,
+    size_t hash_size,
+    size_t *hash_length);
+
+psa_status_t mbedtls_test_transparent_hash_abort(
+    mbedtls_transparent_test_driver_hash_operation_t *operation);
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_TEST_DRIVERS_HASH_H */
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/key_management.h b/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/key_management.h
new file mode 100644
index 0000000..003a35d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/key_management.h
@@ -0,0 +1,96 @@
+/*
+ * Test driver for generating and verifying keys.
+ */
+/*  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H
+#define PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <psa/crypto_driver_common.h>
+
+#define PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT     0
+#define PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT   1
+
+typedef struct {
+    /* If non-null, on success, copy this to the output. */
+    void *forced_output;
+    size_t forced_output_length;
+    /* If not PSA_SUCCESS, return this error code instead of processing the
+     * function call. */
+    psa_status_t forced_status;
+    /* Count the amount of times one of the key management driver functions
+     * is called. */
+    unsigned long hits;
+    /* Location of the last key management driver called to import a key. */
+    psa_key_location_t location;
+} mbedtls_test_driver_key_management_hooks_t;
+
+/* The location is initialized to the invalid value 0x800000. Invalid in the
+ * sense that no PSA specification will assign a meaning to this location
+ * (stated first in version 1.0.1 of the specification) and that it is not
+ * used as a location of an opaque test drivers. */
+#define MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT { NULL, 0, PSA_SUCCESS, 0, 0x800000 }
+static inline mbedtls_test_driver_key_management_hooks_t
+mbedtls_test_driver_key_management_hooks_init(void)
+{
+    const mbedtls_test_driver_key_management_hooks_t
+        v = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT;
+    return v;
+}
+
+extern mbedtls_test_driver_key_management_hooks_t
+    mbedtls_test_driver_key_management_hooks;
+
+psa_status_t mbedtls_test_transparent_init(void);
+void mbedtls_test_transparent_free(void);
+psa_status_t mbedtls_test_opaque_init(void);
+void mbedtls_test_opaque_free(void);
+
+psa_status_t mbedtls_test_transparent_generate_key(
+    const psa_key_attributes_t *attributes,
+    uint8_t *key, size_t key_size, size_t *key_length);
+
+psa_status_t mbedtls_test_opaque_generate_key(
+    const psa_key_attributes_t *attributes,
+    uint8_t *key, size_t key_size, size_t *key_length);
+
+psa_status_t mbedtls_test_opaque_export_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    uint8_t *data, size_t data_size, size_t *data_length);
+
+psa_status_t mbedtls_test_transparent_export_public_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    uint8_t *data, size_t data_size, size_t *data_length);
+
+psa_status_t mbedtls_test_opaque_export_public_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    uint8_t *data, size_t data_size, size_t *data_length);
+
+psa_status_t mbedtls_test_transparent_import_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *data,
+    size_t data_length,
+    uint8_t *key_buffer,
+    size_t key_buffer_size,
+    size_t *key_buffer_length,
+    size_t *bits);
+
+psa_status_t mbedtls_test_opaque_get_builtin_key(
+    psa_drv_slot_number_t slot_number,
+    psa_key_attributes_t *attributes,
+    uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length);
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H */
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/mac.h b/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/mac.h
new file mode 100644
index 0000000..71008a0
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/mac.h
@@ -0,0 +1,129 @@
+/*
+ * Test driver for MAC driver entry points.
+ */
+/*  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVERS_MAC_H
+#define PSA_CRYPTO_TEST_DRIVERS_MAC_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <psa/crypto_driver_common.h>
+
+typedef struct {
+    /* If not PSA_SUCCESS, return this error code instead of processing the
+     * function call. */
+    psa_status_t forced_status;
+    /* Count the amount of times MAC driver functions are called. */
+    unsigned long hits;
+    /* Status returned by the last MAC driver function call. */
+    psa_status_t driver_status;
+} mbedtls_test_driver_mac_hooks_t;
+
+#define MBEDTLS_TEST_DRIVER_MAC_INIT { 0, 0, 0 }
+static inline mbedtls_test_driver_mac_hooks_t
+mbedtls_test_driver_mac_hooks_init(void)
+{
+    const mbedtls_test_driver_mac_hooks_t v = MBEDTLS_TEST_DRIVER_MAC_INIT;
+    return v;
+}
+
+extern mbedtls_test_driver_mac_hooks_t mbedtls_test_driver_mac_hooks;
+
+psa_status_t mbedtls_test_transparent_mac_compute(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *mac,
+    size_t mac_size,
+    size_t *mac_length);
+
+psa_status_t mbedtls_test_transparent_mac_sign_setup(
+    mbedtls_transparent_test_driver_mac_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg);
+
+psa_status_t mbedtls_test_transparent_mac_verify_setup(
+    mbedtls_transparent_test_driver_mac_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg);
+
+psa_status_t mbedtls_test_transparent_mac_update(
+    mbedtls_transparent_test_driver_mac_operation_t *operation,
+    const uint8_t *input,
+    size_t input_length);
+
+psa_status_t mbedtls_test_transparent_mac_sign_finish(
+    mbedtls_transparent_test_driver_mac_operation_t *operation,
+    uint8_t *mac,
+    size_t mac_size,
+    size_t *mac_length);
+
+psa_status_t mbedtls_test_transparent_mac_verify_finish(
+    mbedtls_transparent_test_driver_mac_operation_t *operation,
+    const uint8_t *mac,
+    size_t mac_length);
+
+psa_status_t mbedtls_test_transparent_mac_abort(
+    mbedtls_transparent_test_driver_mac_operation_t *operation);
+
+psa_status_t mbedtls_test_opaque_mac_compute(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *mac,
+    size_t mac_size,
+    size_t *mac_length);
+
+psa_status_t mbedtls_test_opaque_mac_sign_setup(
+    mbedtls_opaque_test_driver_mac_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg);
+
+psa_status_t mbedtls_test_opaque_mac_verify_setup(
+    mbedtls_opaque_test_driver_mac_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg);
+
+psa_status_t mbedtls_test_opaque_mac_update(
+    mbedtls_opaque_test_driver_mac_operation_t *operation,
+    const uint8_t *input,
+    size_t input_length);
+
+psa_status_t mbedtls_test_opaque_mac_sign_finish(
+    mbedtls_opaque_test_driver_mac_operation_t *operation,
+    uint8_t *mac,
+    size_t mac_size,
+    size_t *mac_length);
+
+psa_status_t mbedtls_test_opaque_mac_verify_finish(
+    mbedtls_opaque_test_driver_mac_operation_t *operation,
+    const uint8_t *mac,
+    size_t mac_length);
+
+psa_status_t mbedtls_test_opaque_mac_abort(
+    mbedtls_opaque_test_driver_mac_operation_t *operation);
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_TEST_DRIVERS_MAC_H */
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/signature.h b/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/signature.h
new file mode 100644
index 0000000..788761f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/signature.h
@@ -0,0 +1,116 @@
+/*
+ * Test driver for signature functions.
+ */
+/*  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H
+#define PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <psa/crypto_driver_common.h>
+
+typedef struct {
+    /* If non-null, on success, copy this to the output. */
+    void *forced_output;
+    size_t forced_output_length;
+    /* If not PSA_SUCCESS, return this error code instead of processing the
+     * function call. */
+    psa_status_t forced_status;
+    /* Count the amount of times one of the signature driver functions is called. */
+    unsigned long hits;
+} mbedtls_test_driver_signature_hooks_t;
+
+#define MBEDTLS_TEST_DRIVER_SIGNATURE_INIT { NULL, 0, PSA_SUCCESS, 0 }
+static inline mbedtls_test_driver_signature_hooks_t
+mbedtls_test_driver_signature_hooks_init(void)
+{
+    const mbedtls_test_driver_signature_hooks_t
+        v = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
+    return v;
+}
+
+extern mbedtls_test_driver_signature_hooks_t
+    mbedtls_test_driver_signature_sign_hooks;
+extern mbedtls_test_driver_signature_hooks_t
+    mbedtls_test_driver_signature_verify_hooks;
+
+psa_status_t mbedtls_test_transparent_signature_sign_message(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key,
+    size_t key_length,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *signature,
+    size_t signature_size,
+    size_t *signature_length);
+
+psa_status_t mbedtls_test_opaque_signature_sign_message(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key,
+    size_t key_length,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *signature,
+    size_t signature_size,
+    size_t *signature_length);
+
+psa_status_t mbedtls_test_transparent_signature_verify_message(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key,
+    size_t key_length,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    const uint8_t *signature,
+    size_t signature_length);
+
+psa_status_t mbedtls_test_opaque_signature_verify_message(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key,
+    size_t key_length,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    const uint8_t *signature,
+    size_t signature_length);
+
+psa_status_t mbedtls_test_transparent_signature_sign_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    psa_algorithm_t alg,
+    const uint8_t *hash, size_t hash_length,
+    uint8_t *signature, size_t signature_size, size_t *signature_length);
+
+psa_status_t mbedtls_test_opaque_signature_sign_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    psa_algorithm_t alg,
+    const uint8_t *hash, size_t hash_length,
+    uint8_t *signature, size_t signature_size, size_t *signature_length);
+
+psa_status_t mbedtls_test_transparent_signature_verify_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    psa_algorithm_t alg,
+    const uint8_t *hash, size_t hash_length,
+    const uint8_t *signature, size_t signature_length);
+
+psa_status_t mbedtls_test_opaque_signature_verify_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    psa_algorithm_t alg,
+    const uint8_t *hash, size_t hash_length,
+    const uint8_t *signature, size_t signature_length);
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H */
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/size.h b/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/size.h
new file mode 100644
index 0000000..d572e63
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/size.h
@@ -0,0 +1,25 @@
+/*
+ * Test driver for context size functions
+ */
+/*  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVERS_SIZE_H
+#define PSA_CRYPTO_TEST_DRIVERS_SIZE_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <psa/crypto_driver_common.h>
+
+size_t mbedtls_test_size_function(
+    const psa_key_type_t key_type,
+    const size_t key_bits);
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_TEST_DRIVERS_SIZE_H */
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/test_driver.h b/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/test_driver.h
new file mode 100644
index 0000000..64d1f94
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/drivers/test_driver.h
@@ -0,0 +1,21 @@
+/*
+ * Umbrella include for all of the test driver functionality
+ */
+/*  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_TEST_DRIVER_H
+#define PSA_CRYPTO_TEST_DRIVER_H
+
+#define PSA_CRYPTO_TEST_DRIVER_LOCATION 0x7fffff
+
+#include "test/drivers/aead.h"
+#include "test/drivers/cipher.h"
+#include "test/drivers/hash.h"
+#include "test/drivers/mac.h"
+#include "test/drivers/key_management.h"
+#include "test/drivers/signature.h"
+#include "test/drivers/size.h"
+
+#endif /* PSA_CRYPTO_TEST_DRIVER_H */
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/test/fake_external_rng_for_test.h b/3rdparty/mbedtls-2.28.7/tests/include/test/fake_external_rng_for_test.h
new file mode 100644
index 0000000..859b60b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/fake_external_rng_for_test.h
@@ -0,0 +1,44 @@
+/*
+ * Insecure but standalone implementation of mbedtls_psa_external_get_random().
+ * Only for use in tests!
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef FAKE_EXTERNAL_RNG_FOR_TEST_H
+#define FAKE_EXTERNAL_RNG_FOR_TEST_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+/** Enable the insecure implementation of mbedtls_psa_external_get_random().
+ *
+ * The insecure implementation of mbedtls_psa_external_get_random() is
+ * disabled by default.
+ *
+ * When MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled and the test
+ * helpers are linked into a program, you must enable this before running any
+ * code that uses the PSA subsystem to generate random data (including internal
+ * random generation for purposes such as blinding when the random generation
+ * is routed through PSA).
+ *
+ * You can enable and disable it at any time, regardless of the state
+ * of the PSA subsystem. You may disable it temporarily to simulate a
+ * depleted entropy source.
+ */
+void mbedtls_test_enable_insecure_external_rng(void);
+
+/** Disable the insecure implementation of mbedtls_psa_external_get_random().
+ *
+ * See mbedtls_test_enable_insecure_external_rng().
+ */
+void mbedtls_test_disable_insecure_external_rng(void);
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+#endif /* FAKE_EXTERNAL_RNG_FOR_TEST_H */
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/test/helpers.h b/3rdparty/mbedtls-2.28.7/tests/include/test/helpers.h
new file mode 100644
index 0000000..fde8cc5
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/helpers.h
@@ -0,0 +1,377 @@
+/**
+ * \file helpers.h
+ *
+ * \brief   This file contains the prototypes of helper functions for the
+ *          purpose of testing.
+ */
+
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef TEST_HELPERS_H
+#define TEST_HELPERS_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_THREADING_C) && defined(MBEDTLS_THREADING_PTHREAD) && \
+    defined(MBEDTLS_TEST_HOOKS)
+#define MBEDTLS_TEST_MUTEX_USAGE
+#endif
+
+#include "mbedtls/platform.h"
+
+#include <stddef.h>
+#include <stdint.h>
+
+#if defined(MBEDTLS_BIGNUM_C)
+#include "mbedtls/bignum.h"
+#endif
+
+/** The type of test case arguments that contain binary data. */
+typedef struct data_tag {
+    uint8_t *x;
+    uint32_t    len;
+} data_t;
+
+typedef enum {
+    MBEDTLS_TEST_RESULT_SUCCESS = 0,
+    MBEDTLS_TEST_RESULT_FAILED,
+    MBEDTLS_TEST_RESULT_SKIPPED
+} mbedtls_test_result_t;
+
+typedef struct {
+    mbedtls_test_result_t result;
+    const char *test;
+    const char *filename;
+    int line_no;
+    unsigned long step;
+    char line1[76];
+    char line2[76];
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+    const char *mutex_usage_error;
+#endif
+}
+mbedtls_test_info_t;
+extern mbedtls_test_info_t mbedtls_test_info;
+
+int mbedtls_test_platform_setup(void);
+void mbedtls_test_platform_teardown(void);
+
+/**
+ * \brief           Record the current test case as a failure.
+ *
+ *                  This function can be called directly however it is usually
+ *                  called via macros such as TEST_ASSERT, TEST_EQUAL,
+ *                  PSA_ASSERT, etc...
+ *
+ * \note            If the test case was already marked as failed, calling
+ *                  `mbedtls_test_fail( )` again will not overwrite any
+ *                  previous information about the failure.
+ *
+ * \param test      Description of the failure or assertion that failed. This
+ *                  MUST be a string literal.
+ * \param line_no   Line number where the failure originated.
+ * \param filename  Filename where the failure originated.
+ */
+void mbedtls_test_fail(const char *test, int line_no, const char *filename);
+
+/**
+ * \brief           Record the current test case as skipped.
+ *
+ *                  This function can be called directly however it is usually
+ *                  called via the TEST_ASSUME macro.
+ *
+ * \param test      Description of the assumption that caused the test case to
+ *                  be skipped. This MUST be a string literal.
+ * \param line_no   Line number where the test case was skipped.
+ * \param filename  Filename where the test case was skipped.
+ */
+void mbedtls_test_skip(const char *test, int line_no, const char *filename);
+
+/**
+ * \brief       Set the test step number for failure reports.
+ *
+ *              Call this function to display "step NNN" in addition to the
+ *              line number and file name if a test fails. Typically the "step
+ *              number" is the index of a for loop but it can be whatever you
+ *              want.
+ *
+ * \param step  The step number to report.
+ */
+void mbedtls_test_set_step(unsigned long step);
+
+/**
+ * \brief       Reset mbedtls_test_info to a ready/starting state.
+ */
+void mbedtls_test_info_reset(void);
+
+/**
+ * \brief           Record the current test case as a failure if two integers
+ *                  have a different value.
+ *
+ *                  This function is usually called via the macro
+ *                  #TEST_EQUAL.
+ *
+ * \param test      Description of the failure or assertion that failed. This
+ *                  MUST be a string literal. This normally has the form
+ *                  "EXPR1 == EXPR2" where EXPR1 has the value \p value1
+ *                  and EXPR2 has the value \p value2.
+ * \param line_no   Line number where the failure originated.
+ * \param filename  Filename where the failure originated.
+ * \param value1    The first value to compare.
+ * \param value2    The second value to compare.
+ *
+ * \return          \c 1 if the values are equal, otherwise \c 0.
+ */
+int mbedtls_test_equal(const char *test, int line_no, const char *filename,
+                       unsigned long long value1, unsigned long long value2);
+
+/**
+ * \brief           Record the current test case as a failure based
+ *                  on comparing two unsigned integers.
+ *
+ *                  This function is usually called via the macro
+ *                  #TEST_LE_U.
+ *
+ * \param test      Description of the failure or assertion that failed. This
+ *                  MUST be a string literal. This normally has the form
+ *                  "EXPR1 <= EXPR2" where EXPR1 has the value \p value1
+ *                  and EXPR2 has the value \p value2.
+ * \param line_no   Line number where the failure originated.
+ * \param filename  Filename where the failure originated.
+ * \param value1    The first value to compare.
+ * \param value2    The second value to compare.
+ *
+ * \return          \c 1 if \p value1 <= \p value2, otherwise \c 0.
+ */
+int mbedtls_test_le_u(const char *test, int line_no, const char *filename,
+                      unsigned long long value1, unsigned long long value2);
+
+/**
+ * \brief           Record the current test case as a failure based
+ *                  on comparing two signed integers.
+ *
+ *                  This function is usually called via the macro
+ *                  #TEST_LE_S.
+ *
+ * \param test      Description of the failure or assertion that failed. This
+ *                  MUST be a string literal. This normally has the form
+ *                  "EXPR1 <= EXPR2" where EXPR1 has the value \p value1
+ *                  and EXPR2 has the value \p value2.
+ * \param line_no   Line number where the failure originated.
+ * \param filename  Filename where the failure originated.
+ * \param value1    The first value to compare.
+ * \param value2    The second value to compare.
+ *
+ * \return          \c 1 if \p value1 <= \p value2, otherwise \c 0.
+ */
+int mbedtls_test_le_s(const char *test, int line_no, const char *filename,
+                      long long value1, long long value2);
+
+/**
+ * \brief          This function decodes the hexadecimal representation of
+ *                 data.
+ *
+ * \note           The output buffer can be the same as the input buffer. For
+ *                 any other overlapping of the input and output buffers, the
+ *                 behavior is undefined.
+ *
+ * \param obuf     Output buffer.
+ * \param obufmax  Size in number of bytes of \p obuf.
+ * \param ibuf     Input buffer.
+ * \param len      The number of unsigned char written in \p obuf. This must
+ *                 not be \c NULL.
+ *
+ * \return         \c 0 on success.
+ * \return         \c -1 if the output buffer is too small or the input string
+ *                 is not a valid hexadecimal representation.
+ */
+int mbedtls_test_unhexify(unsigned char *obuf, size_t obufmax,
+                          const char *ibuf, size_t *len);
+
+void mbedtls_test_hexify(unsigned char *obuf,
+                         const unsigned char *ibuf,
+                         int len);
+
+/**
+ * Allocate and zeroize a buffer.
+ *
+ * If the size if zero, a pointer to a zeroized 1-byte buffer is returned.
+ *
+ * For convenience, dies if allocation fails.
+ */
+unsigned char *mbedtls_test_zero_alloc(size_t len);
+
+/**
+ * Allocate and fill a buffer from hex data.
+ *
+ * The buffer is sized exactly as needed. This allows to detect buffer
+ * overruns (including overreads) when running the test suite under valgrind.
+ *
+ * If the size if zero, a pointer to a zeroized 1-byte buffer is returned.
+ *
+ * For convenience, dies if allocation fails.
+ */
+unsigned char *mbedtls_test_unhexify_alloc(const char *ibuf, size_t *olen);
+
+int mbedtls_test_hexcmp(uint8_t *a, uint8_t *b,
+                        uint32_t a_len, uint32_t b_len);
+
+#if defined(MBEDTLS_CHECK_PARAMS)
+
+typedef struct {
+    const char *failure_condition;
+    const char *file;
+    int line;
+}
+mbedtls_test_param_failed_location_record_t;
+
+/**
+ * \brief   Get the location record of the last call to
+ *          mbedtls_test_param_failed().
+ *
+ * \note    The call expectation is set up and active until the next call to
+ *          mbedtls_test_param_failed_check_expected_call() or
+ *          mbedtls_param_failed() that cancels it.
+ */
+void mbedtls_test_param_failed_get_location_record(
+    mbedtls_test_param_failed_location_record_t *location_record);
+
+/**
+ * \brief   State that a call to mbedtls_param_failed() is expected.
+ *
+ * \note    The call expectation is set up and active until the next call to
+ *          mbedtls_test_param_failed_check_expected_call() or
+ *          mbedtls_param_failed that cancel it.
+ */
+void mbedtls_test_param_failed_expect_call(void);
+
+/**
+ * \brief   Check whether mbedtls_param_failed() has been called as expected.
+ *
+ * \note    Check whether mbedtls_param_failed() has been called between the
+ *          last call to mbedtls_test_param_failed_expect_call() and the call
+ *          to this function.
+ *
+ * \return  \c 0 Since the last call to mbedtls_param_failed_expect_call(),
+ *               mbedtls_param_failed() has been called.
+ *          \c -1 Otherwise.
+ */
+int mbedtls_test_param_failed_check_expected_call(void);
+
+/**
+ * \brief   Get the address of the object of type jmp_buf holding the execution
+ *          state information used by mbedtls_param_failed() to do a long jump.
+ *
+ * \note    If a call to mbedtls_param_failed() is not expected in the sense
+ *          that there is no call to mbedtls_test_param_failed_expect_call()
+ *          preceding it, then mbedtls_param_failed() will try to restore the
+ *          execution to the state stored in the jmp_buf object whose address
+ *          is returned by the present function.
+ *
+ * \note    This function is intended to provide the parameter of the
+ *          setjmp() function to set-up where mbedtls_param_failed() should
+ *          long-jump if it has to. It is foreseen to be used as:
+ *
+ *          setjmp( mbedtls_test_param_failed_get_state_buf() ).
+ *
+ * \note    The type of the returned value is not jmp_buf as jmp_buf is an
+ *          an array type (C specification) and a function cannot return an
+ *          array type.
+ *
+ * \note    The type of the returned value is not jmp_buf* as then the return
+ *          value couldn't be used by setjmp(), as its parameter's type is
+ *          jmp_buf.
+ *
+ * \return  Address of the object of type jmp_buf holding the execution state
+ *          information used by mbedtls_param_failed() to do a long jump.
+ */
+void *mbedtls_test_param_failed_get_state_buf(void);
+
+/**
+ * \brief   Reset the execution state used by mbedtls_param_failed() to do a
+ *          long jump.
+ *
+ * \note    If a call to mbedtls_param_failed() is not expected in the sense
+ *          that there is no call to mbedtls_test_param_failed_expect_call()
+ *          preceding it, then mbedtls_param_failed() will try to restore the
+ *          execution state that this function reset.
+ *
+ * \note    It is recommended to reset the execution state when the state
+ *          is not relevant anymore. That way an unexpected call to
+ *          mbedtls_param_failed() will not trigger a long jump with
+ *          undefined behavior but rather a long jump that will rather fault.
+ */
+void mbedtls_test_param_failed_reset_state(void);
+#endif /* MBEDTLS_CHECK_PARAMS */
+
+#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+#include "test/fake_external_rng_for_test.h"
+#endif
+
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+/** Permanently activate the mutex usage verification framework. See
+ * threading_helpers.c for information. */
+void mbedtls_test_mutex_usage_init(void);
+
+/** Call this function after executing a test case to check for mutex usage
+ * errors. */
+void mbedtls_test_mutex_usage_check(void);
+#endif /* MBEDTLS_TEST_MUTEX_USAGE */
+
+#if defined(MBEDTLS_TEST_HOOKS)
+/**
+ * \brief   Check that only a pure high-level error code is being combined with
+ *          a pure low-level error code as otherwise the resultant error code
+ *          would be corrupted.
+ *
+ * \note    Both high-level and low-level error codes cannot be greater than
+ *          zero however can be zero. If one error code is zero then the
+ *          other error code is returned even if both codes are zero.
+ *
+ * \note    If the check fails, fail the test currently being run.
+ */
+void mbedtls_test_err_add_check(int high, int low,
+                                const char *file, int line);
+#endif
+
+#if defined(MBEDTLS_BIGNUM_C)
+/** Read an MPI from a hexadecimal string.
+ *
+ * Like mbedtls_mpi_read_string(), but with tighter guarantees around
+ * edge cases.
+ *
+ * - This function guarantees that if \p s begins with '-' then the sign
+ *   bit of the result will be negative, even if the value is 0.
+ *   When this function encounters such a "negative 0", it
+ *   increments #mbedtls_test_case_uses_negative_0.
+ * - The size of the result is exactly the minimum number of limbs needed
+ *   to fit the digits in the input. In particular, this function constructs
+ *   a bignum with 0 limbs for an empty string, and a bignum with leading 0
+ *   limbs if the string has sufficiently many leading 0 digits.
+ *   This is important so that the "0 (null)" and "0 (1 limb)" and
+ *   "leading zeros" test cases do what they claim.
+ *
+ * \param[out] X        The MPI object to populate. It must be initialized.
+ * \param[in] s         The null-terminated hexadecimal string to read from.
+ *
+ * \return \c 0 on success, an \c MBEDTLS_ERR_MPI_xxx error code otherwise.
+ */
+int mbedtls_test_read_mpi(mbedtls_mpi *X, const char *s);
+
+/** Nonzero if the current test case had an input parsed with
+ * mbedtls_test_read_mpi() that is a negative 0 (`"-"`, `"-0"`, `"-00"`, etc.,
+ * constructing a result with the sign bit set to -1 and the value being
+ * all-limbs-0, which is not a valid representation in #mbedtls_mpi but is
+ * tested for robustness).
+ */
+extern unsigned mbedtls_test_case_uses_negative_0;
+#endif /* MBEDTLS_BIGNUM_C */
+
+#endif /* TEST_HELPERS_H */
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/test/macros.h b/3rdparty/mbedtls-2.28.7/tests/include/test/macros.h
new file mode 100644
index 0000000..c50459d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/macros.h
@@ -0,0 +1,391 @@
+/**
+ * \file macros.h
+ *
+ * \brief   This file contains generic macros for the purpose of testing.
+ */
+
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef TEST_MACROS_H
+#define TEST_MACROS_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stdlib.h>
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+#include "mbedtls/memory_buffer_alloc.h"
+#endif
+
+/**
+ * \brief   This macro tests the expression passed to it as a test step or
+ *          individual test in a test case.
+ *
+ *          It allows a library function to return a value and return an error
+ *          code that can be tested.
+ *
+ *          When MBEDTLS_CHECK_PARAMS is enabled, calls to the parameter failure
+ *          callback, MBEDTLS_PARAM_FAILED(), will be assumed to be a test
+ *          failure.
+ *
+ *          This macro is not suitable for negative parameter validation tests,
+ *          as it assumes the test step will not create an error.
+ *
+ *          Failing the test means:
+ *          - Mark this test case as failed.
+ *          - Print a message identifying the failure.
+ *          - Jump to the \c exit label.
+ *
+ *          This macro expands to an instruction, not an expression.
+ *          It may jump to the \c exit label.
+ *
+ * \param   TEST    The test expression to be tested.
+ */
+#define TEST_ASSERT(TEST)                                 \
+    do {                                                    \
+        if (!(TEST))                                       \
+        {                                                    \
+            mbedtls_test_fail( #TEST, __LINE__, __FILE__);   \
+            goto exit;                                        \
+        }                                                    \
+    } while (0)
+
+/** This macro asserts fails the test with given output message.
+ *
+ * \param   MESSAGE The message to be outputed on assertion
+ */
+#define TEST_FAIL(MESSAGE)                           \
+    do {                                                  \
+        mbedtls_test_fail(MESSAGE, __LINE__, __FILE__);   \
+        goto exit;                                        \
+    } while (0)
+
+/** Evaluate two integer expressions and fail the test case if they have
+ * different values.
+ *
+ * The two expressions should have the same signedness, otherwise the
+ * comparison is not meaningful if the signed value is negative.
+ *
+ * \param expr1     An integral-typed expression to evaluate.
+ * \param expr2     Another integral-typed expression to evaluate.
+ */
+#define TEST_EQUAL(expr1, expr2)                                      \
+    do {                                                                \
+        if (!mbedtls_test_equal( #expr1 " == " #expr2, __LINE__, __FILE__, \
+                                 expr1, expr2))                      \
+        goto exit;                                                  \
+    } while (0)
+
+/** Evaluate two unsigned integer expressions and fail the test case
+ * if they are not in increasing order (left <= right).
+ *
+ * \param expr1     An integral-typed expression to evaluate.
+ * \param expr2     Another integral-typed expression to evaluate.
+ */
+#define TEST_LE_U(expr1, expr2)                                       \
+    do {                                                                \
+        if (!mbedtls_test_le_u( #expr1 " <= " #expr2, __LINE__, __FILE__, \
+                                expr1, expr2))                      \
+        goto exit;                                                  \
+    } while (0)
+
+/** Evaluate two signed integer expressions and fail the test case
+ * if they are not in increasing order (left <= right).
+ *
+ * \param expr1     An integral-typed expression to evaluate.
+ * \param expr2     Another integral-typed expression to evaluate.
+ */
+#define TEST_LE_S(expr1, expr2)                                       \
+    do {                                                                \
+        if (!mbedtls_test_le_s( #expr1 " <= " #expr2, __LINE__, __FILE__, \
+                                expr1, expr2))                      \
+        goto exit;                                                  \
+    } while (0)
+
+/** Allocate memory dynamically and fail the test case if this fails.
+ * The allocated memory will be filled with zeros.
+ *
+ * You must set \p pointer to \c NULL before calling this macro and
+ * put `mbedtls_free(pointer)` in the test's cleanup code.
+ *
+ * If \p item_count is zero, the resulting \p pointer will be \c NULL.
+ * This is usually what we want in tests since API functions are
+ * supposed to accept null pointers when a buffer size is zero.
+ *
+ * This macro expands to an instruction, not an expression.
+ * It may jump to the \c exit label.
+ *
+ * \param pointer    An lvalue where the address of the allocated buffer
+ *                   will be stored.
+ *                   This expression may be evaluated multiple times.
+ * \param item_count Number of elements to allocate.
+ *                   This expression may be evaluated multiple times.
+ *
+ */
+#define TEST_CALLOC(pointer, item_count)                    \
+    do {                                                    \
+        TEST_ASSERT((pointer) == NULL);                     \
+        if ((item_count) != 0) {                            \
+            (pointer) = mbedtls_calloc(sizeof(*(pointer)),  \
+                                       (item_count));       \
+            TEST_ASSERT((pointer) != NULL);                 \
+        }                                                   \
+    } while (0)
+
+/* For backwards compatibility */
+#define ASSERT_ALLOC(pointer, item_count) TEST_CALLOC(pointer, item_count)
+
+/** Allocate memory dynamically. If the allocation fails, skip the test case.
+ *
+ * This macro behaves like #TEST_CALLOC, except that if the allocation
+ * fails, it marks the test as skipped rather than failed.
+ */
+#define TEST_CALLOC_OR_SKIP(pointer, item_count)            \
+    do {                                                    \
+        TEST_ASSERT((pointer) == NULL);                     \
+        if ((item_count) != 0) {                            \
+            (pointer) = mbedtls_calloc(sizeof(*(pointer)),  \
+                                       (item_count));       \
+            TEST_ASSUME((pointer) != NULL);                 \
+        }                                                   \
+    } while (0)
+
+/* For backwards compatibility */
+#define ASSERT_ALLOC_WEAK(pointer, item_count) TEST_CALLOC_OR_SKIP(pointer, item_count)
+
+/** Compare two buffers and fail the test case if they differ.
+ *
+ * This macro expands to an instruction, not an expression.
+ * It may jump to the \c exit label.
+ *
+ * \param p1        Pointer to the start of the first buffer.
+ * \param size1     Size of the first buffer in bytes.
+ *                  This expression may be evaluated multiple times.
+ * \param p2        Pointer to the start of the second buffer.
+ * \param size2     Size of the second buffer in bytes.
+ *                  This expression may be evaluated multiple times.
+ */
+#define TEST_MEMORY_COMPARE(p1, size1, p2, size2)              \
+    do {                                                       \
+        TEST_EQUAL((size1), (size2));                          \
+        if ((size1) != 0) {                                    \
+            TEST_ASSERT(memcmp((p1), (p2), (size1)) == 0);     \
+        }                                                      \
+    } while (0)
+
+/* For backwards compatibility */
+#define ASSERT_COMPARE(p1, size1, p2, size2) TEST_MEMORY_COMPARE(p1, size1, p2, size2)
+
+/**
+ * \brief   This macro tests the expression passed to it and skips the
+ *          running test if it doesn't evaluate to 'true'.
+ *
+ * \param   TEST    The test expression to be tested.
+ */
+#define TEST_ASSUME(TEST)                                 \
+    do {                                                    \
+        if (!(TEST))                                      \
+        {                                                   \
+            mbedtls_test_skip( #TEST, __LINE__, __FILE__); \
+            goto exit;                                      \
+        }                                                   \
+    } while (0)
+
+#if defined(MBEDTLS_CHECK_PARAMS) && !defined(MBEDTLS_PARAM_FAILED_ALT)
+/**
+ * \brief   This macro tests the statement passed to it as a test step or
+ *          individual test in a test case. The macro assumes the test will fail
+ *          and will generate an error.
+ *
+ *          It allows a library function to return a value and tests the return
+ *          code on return to confirm the given error code was returned.
+ *
+ *          When MBEDTLS_CHECK_PARAMS is enabled, calls to the parameter failure
+ *          callback, MBEDTLS_PARAM_FAILED(), are assumed to indicate the
+ *          expected failure, and the test will pass.
+ *
+ *          This macro is intended for negative parameter validation tests,
+ *          where the failing function may return an error value or call
+ *          MBEDTLS_PARAM_FAILED() to indicate the error.
+ *
+ * \param   PARAM_ERROR_VALUE   The expected error code.
+ *
+ * \param   TEST                The test expression to be tested.
+ */
+#define TEST_INVALID_PARAM_RET(PARAM_ERR_VALUE, TEST)                 \
+    do {                                                                \
+        mbedtls_test_param_failed_expect_call();                       \
+        if (((TEST) != (PARAM_ERR_VALUE)) ||                      \
+            (mbedtls_test_param_failed_check_expected_call() != 0)) \
+        {                                                               \
+            mbedtls_test_fail( #TEST, __LINE__, __FILE__);             \
+            goto exit;                                                  \
+        }                                                               \
+        mbedtls_test_param_failed_check_expected_call();               \
+    } while (0)
+
+/**
+ * \brief   This macro tests the statement passed to it as a test step or
+ *          individual test in a test case. The macro assumes the test will fail
+ *          and will generate an error.
+ *
+ *          It assumes the library function under test cannot return a value and
+ *          assumes errors can only be indicated byt calls to
+ *          MBEDTLS_PARAM_FAILED().
+ *
+ *          When MBEDTLS_CHECK_PARAMS is enabled, calls to the parameter failure
+ *          callback, MBEDTLS_PARAM_FAILED(), are assumed to indicate the
+ *          expected failure. If MBEDTLS_CHECK_PARAMS is not enabled, no test
+ *          can be made.
+ *
+ *          This macro is intended for negative parameter validation tests,
+ *          where the failing function can only return an error by calling
+ *          MBEDTLS_PARAM_FAILED() to indicate the error.
+ *
+ * \param   TEST                The test expression to be tested.
+ */
+#define TEST_INVALID_PARAM(TEST)                                       \
+    do {                                                                 \
+        memcpy(jmp_tmp, mbedtls_test_param_failed_get_state_buf(),     \
+               sizeof(jmp_tmp));                                     \
+        if (setjmp(mbedtls_test_param_failed_get_state_buf()) == 0) \
+        {                                                                \
+            TEST;                                                        \
+            mbedtls_test_fail( #TEST, __LINE__, __FILE__);              \
+            goto exit;                                                   \
+        }                                                                \
+        mbedtls_test_param_failed_reset_state();                        \
+    } while (0)
+#endif /* MBEDTLS_CHECK_PARAMS && !MBEDTLS_PARAM_FAILED_ALT */
+
+/**
+ * \brief   This macro tests the statement passed to it as a test step or
+ *          individual test in a test case. The macro assumes the test will not fail.
+ *
+ *          It assumes the library function under test cannot return a value and
+ *          assumes errors can only be indicated by calls to
+ *          MBEDTLS_PARAM_FAILED().
+ *
+ *          When MBEDTLS_CHECK_PARAMS is enabled, calls to the parameter failure
+ *          callback, MBEDTLS_PARAM_FAILED(), are assumed to indicate the
+ *          expected failure. If MBEDTLS_CHECK_PARAMS is not enabled, no test
+ *          can be made.
+ *
+ *          This macro is intended to test that functions returning void
+ *          accept all of the parameter values they're supposed to accept - eg
+ *          that they don't call MBEDTLS_PARAM_FAILED() when a parameter
+ *          that's allowed to be NULL happens to be NULL.
+ *
+ *          Note: for functions that return something other that void,
+ *          checking that they accept all the parameters they're supposed to
+ *          accept is best done by using TEST_ASSERT() and checking the return
+ *          value as well.
+ *
+ *          Note: this macro is available even when #MBEDTLS_CHECK_PARAMS is
+ *          disabled, as it makes sense to check that the functions accept all
+ *          legal values even if this option is disabled - only in that case,
+ *          the test is more about whether the function segfaults than about
+ *          whether it invokes MBEDTLS_PARAM_FAILED().
+ *
+ * \param   TEST                The test expression to be tested.
+ */
+#define TEST_VALID_PARAM(TEST)                                    \
+    TEST_ASSERT((TEST, 1));
+
+#define TEST_HELPER_ASSERT(a) if (!(a))                          \
+    {                                                                   \
+        mbedtls_fprintf(stderr, "Assertion Failed at %s:%d - %s\n",    \
+                        __FILE__, __LINE__, #a);              \
+        mbedtls_exit(1);                                              \
+    }
+
+/** \def ARRAY_LENGTH
+ * Return the number of elements of a static or stack array.
+ *
+ * \param array         A value of array (not pointer) type.
+ *
+ * \return The number of elements of the array.
+ */
+/* A correct implementation of ARRAY_LENGTH, but which silently gives
+ * a nonsensical result if called with a pointer rather than an array. */
+#define ARRAY_LENGTH_UNSAFE(array)            \
+    (sizeof(array) / sizeof(*(array)))
+
+#if defined(__GNUC__)
+/* Test if arg and &(arg)[0] have the same type. This is true if arg is
+ * an array but not if it's a pointer. */
+#define IS_ARRAY_NOT_POINTER(arg)                                     \
+    (!__builtin_types_compatible_p(__typeof__(arg),                \
+                                   __typeof__(&(arg)[0])))
+/* A compile-time constant with the value 0. If `const_expr` is not a
+ * compile-time constant with a nonzero value, cause a compile-time error. */
+#define STATIC_ASSERT_EXPR(const_expr)                                \
+    (0 && sizeof(struct { unsigned int STATIC_ASSERT : 1 - 2 * !(const_expr); }))
+
+/* Return the scalar value `value` (possibly promoted). This is a compile-time
+ * constant if `value` is. `condition` must be a compile-time constant.
+ * If `condition` is false, arrange to cause a compile-time error. */
+#define STATIC_ASSERT_THEN_RETURN(condition, value)   \
+    (STATIC_ASSERT_EXPR(condition) ? 0 : (value))
+
+#define ARRAY_LENGTH(array)                                           \
+    (STATIC_ASSERT_THEN_RETURN(IS_ARRAY_NOT_POINTER(array),         \
+                               ARRAY_LENGTH_UNSAFE(array)))
+
+#else
+/* If we aren't sure the compiler supports our non-standard tricks,
+ * fall back to the unsafe implementation. */
+#define ARRAY_LENGTH(array) ARRAY_LENGTH_UNSAFE(array)
+#endif
+
+/** Return the smaller of two values.
+ *
+ * \param x         An integer-valued expression without side effects.
+ * \param y         An integer-valued expression without side effects.
+ *
+ * \return The smaller of \p x and \p y.
+ */
+#define MIN(x, y) ((x) < (y) ? (x) : (y))
+
+/** Return the larger of two values.
+ *
+ * \param x         An integer-valued expression without side effects.
+ * \param y         An integer-valued expression without side effects.
+ *
+ * \return The larger of \p x and \p y.
+ */
+#define MAX(x, y) ((x) > (y) ? (x) : (y))
+
+/*
+ * 32-bit integer manipulation macros (big endian)
+ */
+#ifndef GET_UINT32_BE
+#define GET_UINT32_BE(n, b, i)                            \
+    {                                                       \
+        (n) = ((uint32_t) (b)[(i)] << 24)             \
+              | ((uint32_t) (b)[(i) + 1] << 16)             \
+              | ((uint32_t) (b)[(i) + 2] <<  8)             \
+              | ((uint32_t) (b)[(i) + 3]);            \
+    }
+#endif
+
+#ifndef PUT_UINT32_BE
+#define PUT_UINT32_BE(n, b, i)                            \
+    {                                                       \
+        (b)[(i)] = (unsigned char) ((n) >> 24);       \
+        (b)[(i) + 1] = (unsigned char) ((n) >> 16);       \
+        (b)[(i) + 2] = (unsigned char) ((n) >>  8);       \
+        (b)[(i) + 3] = (unsigned char) ((n));       \
+    }
+#endif
+
+#endif /* TEST_MACROS_H */
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/test/psa_crypto_helpers.h b/3rdparty/mbedtls-2.28.7/tests/include/test/psa_crypto_helpers.h
new file mode 100644
index 0000000..8d0f7e6
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/psa_crypto_helpers.h
@@ -0,0 +1,336 @@
+/*
+ * Helper functions for tests that use the PSA Crypto API.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_HELPERS_H
+#define PSA_CRYPTO_HELPERS_H
+
+#include "test/helpers.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include "test/psa_helpers.h"
+
+#include <psa/crypto.h>
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "mbedtls/psa_util.h"
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+
+/* Internal function for #TEST_USES_KEY_ID. Return 1 on success, 0 on failure. */
+int mbedtls_test_uses_key_id(mbedtls_svc_key_id_t key_id);
+
+/** Destroy persistent keys recorded with #TEST_USES_KEY_ID.
+ */
+void mbedtls_test_psa_purge_key_storage(void);
+
+/** Purge the in-memory cache of persistent keys recorded with
+ * #TEST_USES_KEY_ID.
+ *
+ * Call this function before calling PSA_DONE() if it's ok for
+ * persistent keys to still exist at this point.
+ */
+void mbedtls_test_psa_purge_key_cache(void);
+
+/** \def TEST_USES_KEY_ID
+ *
+ * Call this macro in a test function before potentially creating a
+ * persistent key. Test functions that use this mechanism must call
+ * mbedtls_test_psa_purge_key_storage() in their cleanup code.
+ *
+ * This macro records a persistent key identifier as potentially used in the
+ * current test case. Recorded key identifiers will be cleaned up at the end
+ * of the test case, even on failure.
+ *
+ * This macro has no effect on volatile keys. Therefore, it is safe to call
+ * this macro in a test function that creates either volatile or persistent
+ * keys depending on the test data.
+ *
+ * This macro currently has no effect on special identifiers
+ * used to store implementation-specific files.
+ *
+ * Calling this macro multiple times on the same key identifier in the same
+ * test case has no effect.
+ *
+ * This macro can fail the test case if there isn't enough memory to
+ * record the key id.
+ *
+ * \param key_id    The PSA key identifier to record.
+ */
+#define TEST_USES_KEY_ID(key_id)                      \
+    TEST_ASSERT(mbedtls_test_uses_key_id(key_id))
+
+#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+
+#define TEST_USES_KEY_ID(key_id) ((void) (key_id))
+#define mbedtls_test_psa_purge_key_storage() ((void) 0)
+#define mbedtls_test_psa_purge_key_cache() ((void) 0)
+
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+
+#define PSA_INIT() PSA_ASSERT(psa_crypto_init())
+
+/** Check for things that have not been cleaned up properly in the
+ * PSA subsystem.
+ *
+ * \return NULL if nothing has leaked.
+ * \return A string literal explaining what has not been cleaned up
+ *         if applicable.
+ */
+const char *mbedtls_test_helper_is_psa_leaking(void);
+
+/** Check that no PSA Crypto key slots are in use.
+ *
+ * If any slots are in use, mark the current test as failed and jump to
+ * the exit label. This is equivalent to
+ * `TEST_ASSERT( ! mbedtls_test_helper_is_psa_leaking( ) )`
+ * but with a more informative message.
+ */
+#define ASSERT_PSA_PRISTINE()                                           \
+    do                                                                  \
+    {                                                                   \
+        if (mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__))       \
+        goto exit;                                                      \
+    }                                                                   \
+    while (0)
+
+/** Shut down the PSA Crypto subsystem and destroy persistent keys.
+ * Expect a clean shutdown, with no slots in use.
+ *
+ * If some key slots are still in use, record the test case as failed,
+ * but continue executing. This macro is suitable (and primarily intended)
+ * for use in the cleanup section of test functions.
+ *
+ * \note Persistent keys must be recorded with #TEST_USES_KEY_ID before
+ *       creating them.
+ */
+#define PSA_DONE()                                                      \
+    do                                                                  \
+    {                                                                   \
+        mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__);           \
+        mbedtls_test_psa_purge_key_storage();                           \
+        mbedtls_psa_crypto_free();                                      \
+    }                                                                   \
+    while (0)
+
+/** Shut down the PSA Crypto subsystem, allowing persistent keys to survive.
+ * Expect a clean shutdown, with no slots in use.
+ *
+ * If some key slots are still in use, record the test case as failed and
+ * jump to the `exit` label.
+ */
+#define PSA_SESSION_DONE()                                             \
+    do                                                                  \
+    {                                                                   \
+        mbedtls_test_psa_purge_key_cache();                            \
+        ASSERT_PSA_PRISTINE();                                         \
+        mbedtls_psa_crypto_free();                                     \
+    }                                                                   \
+    while (0)
+
+
+
+#if defined(RECORD_PSA_STATUS_COVERAGE_LOG)
+psa_status_t mbedtls_test_record_status(psa_status_t status,
+                                        const char *func,
+                                        const char *file, int line,
+                                        const char *expr);
+
+/** Return value logging wrapper macro.
+ *
+ * Evaluate \p expr. Write a line recording its value to the log file
+ * #STATUS_LOG_FILE_NAME and return the value. The line is a colon-separated
+ * list of fields:
+ * ```
+ * value of expr:string:__FILE__:__LINE__:expr
+ * ```
+ *
+ * The test code does not call this macro explicitly because that would
+ * be very invasive. Instead, we instrument the source code by defining
+ * a bunch of wrapper macros like
+ * ```
+ * #define psa_crypto_init() RECORD_STATUS("psa_crypto_init", psa_crypto_init())
+ * ```
+ * These macro definitions must be present in `instrument_record_status.h`
+ * when building the test suites.
+ *
+ * \param string    A string, normally a function name.
+ * \param expr      An expression to evaluate, normally a call of the function
+ *                  whose name is in \p string. This expression must return
+ *                  a value of type #psa_status_t.
+ * \return          The value of \p expr.
+ */
+#define RECORD_STATUS(string, expr)                                   \
+    mbedtls_test_record_status((expr), string, __FILE__, __LINE__, #expr)
+
+#include "instrument_record_status.h"
+
+#endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */
+
+/** Return extended key usage policies.
+ *
+ * Do a key policy permission extension on key usage policies always involves
+ * permissions of other usage policies
+ * (like PSA_KEY_USAGE_SIGN_HASH involves PSA_KEY_USAGE_SIGN_MESSAGE).
+ */
+psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags);
+
+/** Check that no PSA Crypto key slots are in use.
+ *
+ * If any slots are in use, mark the current test as failed.
+ *
+ * \return 0 if the key store is empty, 1 otherwise.
+ */
+int mbedtls_test_fail_if_psa_leaking(int line_no, const char *filename);
+
+
+
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
+/* The #MBEDTLS_PSA_INJECT_ENTROPY feature requires two extra platform
+ * functions, which must be configured as #MBEDTLS_PLATFORM_NV_SEED_READ_MACRO
+ * and #MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO. The job of these functions
+ * is to read and write from the entropy seed file, which is located
+ * in the PSA ITS file whose uid is #PSA_CRYPTO_ITS_RANDOM_SEED_UID.
+ * (These could have been provided as library functions, but for historical
+ * reasons, they weren't, and so each integrator has to provide a copy
+ * of these functions.)
+ *
+ * Provide implementations of these functions for testing. */
+int mbedtls_test_inject_entropy_seed_read(unsigned char *buf, size_t len);
+int mbedtls_test_inject_entropy_seed_write(unsigned char *buf, size_t len);
+
+
+/** Make sure that the injected entropy is present.
+ *
+ * When MBEDTLS_PSA_INJECT_ENTROPY is enabled, psa_crypto_init()
+ * will fail if the PSA entropy seed is not present.
+ * This function must be called at least once in a test suite or other
+ * program before any call to psa_crypto_init().
+ * It does not need to be called in each test case.
+ *
+ * The test framework calls this function before running any test case.
+ *
+ * The few tests that might remove the entropy file must call this function
+ * in their cleanup.
+ */
+int mbedtls_test_inject_entropy_restore(void);
+#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
+
+
+
+/** Skip a test case if the given key is a 192 bits AES key and the AES
+ *  implementation is at least partially provided by an accelerator or
+ *  alternative implementation.
+ *
+ *  Call this macro in a test case when a cryptographic operation that may
+ *  involve an AES operation returns a #PSA_ERROR_NOT_SUPPORTED error code.
+ *  The macro call will skip and not fail the test case in case the operation
+ *  involves a 192 bits AES key and the AES implementation is at least
+ *  partially provided by an accelerator or alternative implementation.
+ *
+ *  Hardware AES implementations not supporting 192 bits keys commonly exist.
+ *  Consequently, PSA test cases aim at not failing when an AES operation with
+ *  a 192 bits key performed by an alternative AES implementation returns
+ *  with the #PSA_ERROR_NOT_SUPPORTED error code. The purpose of this macro
+ *  is to facilitate this and make the test case code more readable.
+ *
+ *  \param key_type  Key type
+ *  \param key_bits  Key length in number of bits.
+ */
+#if defined(MBEDTLS_AES_ALT) || \
+    defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \
+    defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
+#define MBEDTLS_TEST_HAVE_ALT_AES 1
+#else
+#define MBEDTLS_TEST_HAVE_ALT_AES 0
+#endif
+
+#define MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192(key_type, key_bits)        \
+    do                                                                    \
+    {                                                                     \
+        if ((MBEDTLS_TEST_HAVE_ALT_AES) &&                              \
+            ((key_type) == PSA_KEY_TYPE_AES) &&                       \
+            (key_bits == 192))                                         \
+        {                                                                 \
+            mbedtls_test_skip("AES-192 not supported", __LINE__, __FILE__);     \
+            goto exit;                                                    \
+        }                                                                 \
+    }                                                                     \
+    while (0)
+
+/** Skip a test case if a GCM operation with a nonce length different from
+ *  12 bytes fails and was performed by an accelerator or alternative
+ *  implementation.
+ *
+ *  Call this macro in a test case when an AEAD cryptography operation that
+ *  may involve the GCM mode returns with a #PSA_ERROR_NOT_SUPPORTED error
+ *  code. The macro call will skip and not fail the test case in case the
+ *  operation involves the GCM mode, a nonce with a length different from
+ *  12 bytes and the GCM mode implementation is an alternative one.
+ *
+ *  Hardware GCM implementations not supporting nonce lengths different from
+ *  12 bytes commonly exist, as supporting a non-12-byte nonce requires
+ *  additional computations involving the GHASH function.
+ *  Consequently, PSA test cases aim at not failing when an AEAD operation in
+ *  GCM mode with a nonce length different from 12 bytes is performed by an
+ *  alternative GCM implementation and returns with a #PSA_ERROR_NOT_SUPPORTED
+ *  error code. The purpose of this macro is to facilitate this check and make
+ *  the test case code more readable.
+ *
+ *  \param  alg             The AEAD algorithm.
+ *  \param  nonce_length    The nonce length in number of bytes.
+ */
+#if defined(MBEDTLS_GCM_ALT) || \
+    defined(MBEDTLS_PSA_ACCEL_ALG_GCM)
+#define MBEDTLS_TEST_HAVE_ALT_GCM  1
+#else
+#define MBEDTLS_TEST_HAVE_ALT_GCM  0
+#endif
+
+#define MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE(alg,           \
+                                                           nonce_length) \
+    do                                                                     \
+    {                                                                      \
+        if ((MBEDTLS_TEST_HAVE_ALT_GCM) &&                               \
+            (PSA_ALG_AEAD_WITH_SHORTENED_TAG((alg), 0) ==            \
+             PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0)) &&       \
+            ((nonce_length) != 12))                                   \
+        {                                                                  \
+            mbedtls_test_skip("GCM with non-12-byte IV is not supported", __LINE__, __FILE__); \
+            goto exit;                                                     \
+        }                                                                  \
+    }                                                                      \
+    while (0)
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
+
+/** \def USE_PSA_INIT
+ *
+ * Call this macro to initialize the PSA subsystem if #MBEDTLS_USE_PSA_CRYPTO
+ * is enabled and do nothing otherwise. If the initialization fails, mark
+ * the test case as failed and jump to the \p exit label.
+ */
+/** \def USE_PSA_DONE
+ *
+ * Call this macro at the end of a test case if you called #USE_PSA_INIT.
+ * This is like #PSA_DONE, except that it does nothing if
+ * #MBEDTLS_USE_PSA_CRYPTO is disabled.
+ */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#define USE_PSA_INIT() PSA_INIT()
+#define USE_PSA_DONE() PSA_DONE()
+#else /* MBEDTLS_USE_PSA_CRYPTO */
+/* Define empty macros so that we can use them in the preamble and teardown
+ * of every test function that uses PSA conditionally based on
+ * MBEDTLS_USE_PSA_CRYPTO. */
+#define USE_PSA_INIT() ((void) 0)
+#define USE_PSA_DONE() ((void) 0)
+#endif /* !MBEDTLS_USE_PSA_CRYPTO */
+
+#endif /* PSA_CRYPTO_HELPERS_H */
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/test/psa_exercise_key.h b/3rdparty/mbedtls-2.28.7/tests/include/test/psa_exercise_key.h
new file mode 100644
index 0000000..cad2be9
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/psa_exercise_key.h
@@ -0,0 +1,257 @@
+/** Code to exercise a PSA key object, i.e. validate that it seems well-formed
+ * and can do what it is supposed to do.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_EXERCISE_KEY_H
+#define PSA_EXERCISE_KEY_H
+
+#include "test/helpers.h"
+#include "test/psa_crypto_helpers.h"
+
+#include <psa/crypto.h>
+
+/** \def KNOWN_SUPPORTED_HASH_ALG
+ *
+ * A hash algorithm that is known to be supported.
+ *
+ * This is used in some smoke tests.
+ */
+#if defined(PSA_WANT_ALG_MD2)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD2
+#elif defined(PSA_WANT_ALG_MD4)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD4
+#elif defined(PSA_WANT_ALG_MD5)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD5
+/* MBEDTLS_RIPEMD160_C omitted. This is necessary for the sake of
+ * exercise_signature_key() because Mbed TLS doesn't support RIPEMD160
+ * in RSA PKCS#1v1.5 signatures. A RIPEMD160-only configuration would be
+ * implausible anyway. */
+#elif defined(PSA_WANT_ALG_SHA_1)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_1
+#elif defined(PSA_WANT_ALG_SHA_256)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_256
+#elif defined(PSA_WANT_ALG_SHA_384)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_384
+#elif defined(PSA_WANT_ALG_SHA_512)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_512
+#elif defined(PSA_WANT_ALG_SHA3_256)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA3_256
+#else
+#undef KNOWN_SUPPORTED_HASH_ALG
+#endif
+
+/** \def KNOWN_MBEDTLS_SUPPORTED_HASH_ALG
+ *
+ * A hash algorithm that is known to be supported by Mbed TLS APIs.
+ *
+ * This is used in some smoke tests where the hash algorithm is used as
+ * part of another algorithm like a signature algorithm and the hashing is
+ * completed through an Mbed TLS hash API, not the PSA one.
+ */
+#if defined(MBEDTLS_MD2_C)
+#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_MD2
+#elif defined(MBEDTLS_MD4_C)
+#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_MD4
+#elif defined(MBEDTLS_MD5_C)
+#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_MD5
+/* MBEDTLS_RIPEMD160_C omitted. This is necessary for the sake of
+ * exercise_signature_key() because Mbed TLS doesn't support RIPEMD160
+ * in RSA PKCS#1v1.5 signatures. A RIPEMD160-only configuration would be
+ * implausible anyway. */
+#elif defined(MBEDTLS_SHA1_C)
+#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_SHA_1
+#elif defined(MBEDTLS_SHA256_C)
+#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_SHA_256
+#elif defined(MBEDTLS_SHA512_C)
+#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_SHA_512
+#else
+#undef KNOWN_MBEDTLS_SUPPORTED_HASH_ALG
+#endif
+
+/** \def KNOWN_SUPPORTED_BLOCK_CIPHER
+ *
+ * A block cipher that is known to be supported.
+ *
+ * For simplicity's sake, stick to block ciphers with 16-byte blocks.
+ */
+#if defined(MBEDTLS_AES_C)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_AES
+#elif defined(MBEDTLS_ARIA_C)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_ARIA
+#elif defined(MBEDTLS_CAMELLIA_C)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_CAMELLIA
+#undef KNOWN_SUPPORTED_BLOCK_CIPHER
+#endif
+
+/** \def KNOWN_SUPPORTED_MAC_ALG
+ *
+ * A MAC mode that is known to be supported.
+ *
+ * It must either be HMAC with #KNOWN_SUPPORTED_HASH_ALG or
+ * a block cipher-based MAC with #KNOWN_SUPPORTED_BLOCK_CIPHER.
+ *
+ * This is used in some smoke tests.
+ */
+#if defined(KNOWN_SUPPORTED_HASH_ALG) && defined(PSA_WANT_ALG_HMAC)
+#define KNOWN_SUPPORTED_MAC_ALG (PSA_ALG_HMAC(KNOWN_SUPPORTED_HASH_ALG))
+#define KNOWN_SUPPORTED_MAC_KEY_TYPE PSA_KEY_TYPE_HMAC
+#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CMAC_C)
+#define KNOWN_SUPPORTED_MAC_ALG PSA_ALG_CMAC
+#define KNOWN_SUPPORTED_MAC_KEY_TYPE KNOWN_SUPPORTED_BLOCK_CIPHER
+#else
+#undef KNOWN_SUPPORTED_MAC_ALG
+#undef KNOWN_SUPPORTED_MAC_KEY_TYPE
+#endif
+
+/** \def KNOWN_SUPPORTED_BLOCK_CIPHER_ALG
+ *
+ * A cipher algorithm and key type that are known to be supported.
+ *
+ * This is used in some smoke tests.
+ */
+#if defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CTR)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CTR
+#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CBC)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CBC_NO_PADDING
+#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CFB)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CFB
+#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_OFB)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_OFB
+#else
+#undef KNOWN_SUPPORTED_BLOCK_CIPHER_ALG
+#endif
+#if defined(KNOWN_SUPPORTED_BLOCK_CIPHER_ALG)
+#define KNOWN_SUPPORTED_CIPHER_ALG KNOWN_SUPPORTED_BLOCK_CIPHER_ALG
+#define KNOWN_SUPPORTED_CIPHER_KEY_TYPE KNOWN_SUPPORTED_BLOCK_CIPHER
+#elif defined(MBEDTLS_RC4_C)
+#define KNOWN_SUPPORTED_CIPHER_ALG PSA_ALG_RC4
+#define KNOWN_SUPPORTED_CIPHER_KEY_TYPE PSA_KEY_TYPE_RC4
+#else
+#undef KNOWN_SUPPORTED_CIPHER_ALG
+#undef KNOWN_SUPPORTED_CIPHER_KEY_TYPE
+#endif
+
+/** Convenience function to set up a key derivation.
+ *
+ * In case of failure, mark the current test case as failed.
+ *
+ * The inputs \p input1 and \p input2 are, in order:
+ * - HKDF: salt, info.
+ * - TKS 1.2 PRF, TLS 1.2 PSK-to-MS: seed, label.
+ *
+ * \param operation         The operation object to use.
+ *                          It must be in the initialized state.
+ * \param key               The key to use.
+ * \param alg               The algorithm to use.
+ * \param input1            The first input to pass.
+ * \param input1_length     The length of \p input1 in bytes.
+ * \param input2            The first input to pass.
+ * \param input2_length     The length of \p input2 in bytes.
+ * \param capacity          The capacity to set.
+ *
+ * \return                  \c 1 on success, \c 0 on failure.
+ */
+int mbedtls_test_psa_setup_key_derivation_wrap(
+    psa_key_derivation_operation_t *operation,
+    mbedtls_svc_key_id_t key,
+    psa_algorithm_t alg,
+    const unsigned char *input1, size_t input1_length,
+    const unsigned char *input2, size_t input2_length,
+    size_t capacity);
+
+/** Perform a key agreement using the given key pair against its public key
+ * using psa_raw_key_agreement().
+ *
+ * The result is discarded. The purpose of this function is to smoke-test a key.
+ *
+ * In case of failure, mark the current test case as failed.
+ *
+ * \param alg               A key agreement algorithm compatible with \p key.
+ * \param key               A key that allows key agreement with \p alg.
+ *
+ * \return                  \c 1 on success, \c 0 on failure.
+ */
+psa_status_t mbedtls_test_psa_raw_key_agreement_with_self(
+    psa_algorithm_t alg,
+    mbedtls_svc_key_id_t key);
+
+/** Perform a key agreement using the given key pair against its public key
+ * using psa_key_derivation_raw_key().
+ *
+ * The result is discarded. The purpose of this function is to smoke-test a key.
+ *
+ * In case of failure, mark the current test case as failed.
+ *
+ * \param operation         An operation that has been set up for a key
+ *                          agreement algorithm that is compatible with
+ *                          \p key.
+ * \param key               A key pair object that is suitable for a key
+ *                          agreement with \p operation.
+ *
+ * \return                  \c 1 on success, \c 0 on failure.
+ */
+psa_status_t mbedtls_test_psa_key_agreement_with_self(
+    psa_key_derivation_operation_t *operation,
+    mbedtls_svc_key_id_t key);
+
+/** Perform sanity checks on the given key representation.
+ *
+ * If any of the checks fail, mark the current test case as failed.
+ *
+ * The checks depend on the key type.
+ * - All types: check the export size against maximum-size macros.
+ * - DES: parity bits.
+ * - RSA: check the ASN.1 structure and the size and parity of the integers.
+ * - ECC private or public key: exact representation length.
+ * - Montgomery public key: first byte.
+ *
+ * \param type              The key type.
+ * \param bits              The key size in bits.
+ * \param exported          A buffer containing the key representation.
+ * \param exported_length   The length of \p exported in bytes.
+ *
+ * \return                  \c 1 if all checks passed, \c 0 on failure.
+ */
+int mbedtls_test_psa_exported_key_sanity_check(
+    psa_key_type_t type, size_t bits,
+    const uint8_t *exported, size_t exported_length);
+
+/** Do smoke tests on a key.
+ *
+ * Perform one of each operation indicated by \p alg (decrypt/encrypt,
+ * sign/verify, or derivation) that is permitted according to \p usage.
+ * \p usage and \p alg should correspond to the expected policy on the
+ * key.
+ *
+ * Export the key if permitted by \p usage, and check that the output
+ * looks sensible. If \p usage forbids export, check that
+ * \p psa_export_key correctly rejects the attempt. If the key is
+ * asymmetric, also check \p psa_export_public_key.
+ *
+ * If the key fails the tests, this function calls the test framework's
+ * `mbedtls_test_fail` function and returns false. Otherwise this function
+ * returns true. Therefore it should be used as follows:
+ * ```
+ * if( ! exercise_key( ... ) ) goto exit;
+ * ```
+ *
+ * \param key       The key to exercise. It should be capable of performing
+ *                  \p alg.
+ * \param usage     The usage flags to assume.
+ * \param alg       The algorithm to exercise.
+ *
+ * \retval 0 The key failed the smoke tests.
+ * \retval 1 The key passed the smoke tests.
+ */
+int mbedtls_test_psa_exercise_key(mbedtls_svc_key_id_t key,
+                                  psa_key_usage_t usage,
+                                  psa_algorithm_t alg);
+
+psa_key_usage_t mbedtls_test_psa_usage_to_exercise(psa_key_type_t type,
+                                                   psa_algorithm_t alg);
+
+#endif /* PSA_EXERCISE_KEY_H */
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/test/psa_helpers.h b/3rdparty/mbedtls-2.28.7/tests/include/test/psa_helpers.h
new file mode 100644
index 0000000..b617189
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/psa_helpers.h
@@ -0,0 +1,24 @@
+/*
+ * Helper functions for tests that use any PSA API.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_HELPERS_H
+#define PSA_HELPERS_H
+
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+#include "spm/psa_defs.h"
+#endif
+
+/** Evaluate an expression and fail the test case if it returns an error.
+ *
+ * \param expr      The expression to evaluate. This is typically a call
+ *                  to a \c psa_xxx function that returns a value of type
+ *                  #psa_status_t.
+ */
+#define PSA_ASSERT(expr) TEST_EQUAL((expr), PSA_SUCCESS)
+
+#endif /* PSA_HELPERS_H */
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/test/random.h b/3rdparty/mbedtls-2.28.7/tests/include/test/random.h
new file mode 100644
index 0000000..1fd3ac8
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/random.h
@@ -0,0 +1,95 @@
+/**
+ * \file random.h
+ *
+ * \brief   This file contains the prototypes of helper functions to generate
+ *          random numbers for the purpose of testing.
+ */
+
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef TEST_RANDOM_H
+#define TEST_RANDOM_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+#include <stdint.h>
+
+typedef struct {
+    unsigned char *buf; /* Pointer to a buffer of length bytes. */
+    size_t length;
+    /* If fallback_f_rng is NULL, fail after delivering length bytes. */
+    int (*fallback_f_rng)(void *, unsigned char *, size_t);
+    void *fallback_p_rng;
+} mbedtls_test_rnd_buf_info;
+
+/**
+ * Info structure for the pseudo random function
+ *
+ * Key should be set at the start to a test-unique value.
+ * Do not forget endianness!
+ * State( v0, v1 ) should be set to zero.
+ */
+typedef struct {
+    uint32_t key[16];
+    uint32_t v0, v1;
+} mbedtls_test_rnd_pseudo_info;
+
+/**
+ * This function just returns data from rand().
+ * Although predictable and often similar on multiple
+ * runs, this does not result in identical random on
+ * each run. So do not use this if the results of a
+ * test depend on the random data that is generated.
+ *
+ * rng_state shall be NULL.
+ */
+int mbedtls_test_rnd_std_rand(void *rng_state,
+                              unsigned char *output,
+                              size_t len);
+
+/**
+ * This function only returns zeros.
+ *
+ * \p rng_state shall be \c NULL.
+ */
+int mbedtls_test_rnd_zero_rand(void *rng_state,
+                               unsigned char *output,
+                               size_t len);
+
+/**
+ * This function returns random data based on a buffer it receives.
+ *
+ * \p rng_state shall be a pointer to a #mbedtls_test_rnd_buf_info structure.
+ *
+ * The number of bytes released from the buffer on each call to
+ * the random function is specified by \p len.
+ *
+ * After the buffer is empty, this function will call the fallback RNG in the
+ * #mbedtls_test_rnd_buf_info structure if there is one, and
+ * will return #MBEDTLS_ERR_ENTROPY_SOURCE_FAILED otherwise.
+ */
+int mbedtls_test_rnd_buffer_rand(void *rng_state,
+                                 unsigned char *output,
+                                 size_t len);
+
+/**
+ * This function returns random based on a pseudo random function.
+ * This means the results should be identical on all systems.
+ * Pseudo random is based on the XTEA encryption algorithm to
+ * generate pseudorandom.
+ *
+ * \p rng_state shall be a pointer to a #mbedtls_test_rnd_pseudo_info structure.
+ */
+int mbedtls_test_rnd_pseudo_rand(void *rng_state,
+                                 unsigned char *output,
+                                 size_t len);
+
+#endif /* TEST_RANDOM_H */
diff --git a/3rdparty/mbedtls-2.28.7/tests/include/test/ssl_helpers.h b/3rdparty/mbedtls-2.28.7/tests/include/test/ssl_helpers.h
new file mode 100644
index 0000000..8328a7b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/include/test/ssl_helpers.h
@@ -0,0 +1,526 @@
+/** \file ssl_helpers.h
+ *
+ * \brief This file contains helper functions to set up a TLS connection.
+ */
+
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef SSL_HELPERS_H
+#define SSL_HELPERS_H
+
+#include <string.h>
+
+#include <test/helpers.h>
+#include <test/macros.h>
+#include <test/random.h>
+#include <test/psa_crypto_helpers.h>
+
+#if defined(MBEDTLS_SSL_TLS_C)
+#include <mbedtls/ssl_internal.h>
+#include <mbedtls/ctr_drbg.h>
+#include <mbedtls/entropy.h>
+#include <mbedtls/certs.h>
+#include <mbedtls/timing.h>
+#include <mbedtls/debug.h>
+#include <ssl_tls13_keys.h>
+
+#if defined(MBEDTLS_SSL_CACHE_C)
+#include "mbedtls/ssl_cache.h"
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
+    defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
+#define MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
+#endif
+
+enum {
+#define MBEDTLS_SSL_TLS1_3_LABEL(name, string)   \
+    tls1_3_label_ ## name,
+    MBEDTLS_SSL_TLS1_3_LABEL_LIST
+#undef MBEDTLS_SSL_TLS1_3_LABEL
+};
+
+typedef struct mbedtls_test_ssl_log_pattern {
+    const char *pattern;
+    size_t counter;
+} mbedtls_test_ssl_log_pattern;
+
+/* Invalid minor version used when not specifying a min/max version or expecting a test to fail */
+#define TEST_SSL_MINOR_VERSION_NONE -1
+
+typedef struct mbedtls_test_handshake_test_options {
+    const char *cipher;
+    int client_min_version;
+    int client_max_version;
+    int server_min_version;
+    int server_max_version;
+    int expected_negotiated_version;
+    int pk_alg;
+    data_t *psk_str;
+    int dtls;
+    int srv_auth_mode;
+    int serialize;
+    int mfl;
+    int cli_msg_len;
+    int srv_msg_len;
+    int expected_cli_fragments;
+    int expected_srv_fragments;
+    int renegotiate;
+    int legacy_renegotiation;
+    void *srv_log_obj;
+    void *cli_log_obj;
+    void (*srv_log_fun)(void *, int, const char *, int, const char *);
+    void (*cli_log_fun)(void *, int, const char *, int, const char *);
+    int resize_buffers;
+} mbedtls_test_handshake_test_options;
+
+/*
+ * Buffer structure for custom I/O callbacks.
+ */
+typedef struct mbedtls_test_ssl_buffer {
+    size_t start;
+    size_t content_length;
+    size_t capacity;
+    unsigned char *buffer;
+} mbedtls_test_ssl_buffer;
+
+/*
+ * Context for a message metadata queue (fifo) that is on top of the ring buffer.
+ */
+typedef struct mbedtls_test_ssl_message_queue {
+    size_t *messages;
+    int pos;
+    int num;
+    int capacity;
+} mbedtls_test_ssl_message_queue;
+
+/*
+ * Context for the I/O callbacks simulating network connection.
+ */
+
+#define MBEDTLS_MOCK_SOCKET_CONNECTED 1
+
+typedef struct mbedtls_test_mock_socket {
+    int status;
+    mbedtls_test_ssl_buffer *input;
+    mbedtls_test_ssl_buffer *output;
+    struct mbedtls_test_mock_socket *peer;
+} mbedtls_test_mock_socket;
+
+/* Errors used in the message socket mocks */
+
+#define MBEDTLS_TEST_ERROR_CONTEXT_ERROR -55
+#define MBEDTLS_TEST_ERROR_SEND_FAILED -66
+#define MBEDTLS_TEST_ERROR_RECV_FAILED -77
+
+/*
+ * Structure used as an addon, or a wrapper, around the mocked sockets.
+ * Contains an input queue, to which the other socket pushes metadata,
+ * and an output queue, to which this one pushes metadata. This context is
+ * considered as an owner of the input queue only, which is initialized and
+ * freed in the respective setup and free calls.
+ */
+typedef struct mbedtls_test_message_socket_context {
+    mbedtls_test_ssl_message_queue *queue_input;
+    mbedtls_test_ssl_message_queue *queue_output;
+    mbedtls_test_mock_socket *socket;
+} mbedtls_test_message_socket_context;
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \
+    defined(MBEDTLS_CERTS_C) && \
+    defined(MBEDTLS_ENTROPY_C) && \
+    defined(MBEDTLS_CTR_DRBG_C)
+
+/*
+ * Structure with endpoint's certificates for SSL communication tests.
+ */
+typedef struct mbedtls_test_ssl_endpoint_certificate {
+    mbedtls_x509_crt *ca_cert;
+    mbedtls_x509_crt *cert;
+    mbedtls_pk_context *pkey;
+} mbedtls_test_ssl_endpoint_certificate;
+
+/*
+ * Endpoint structure for SSL communication tests.
+ */
+typedef struct mbedtls_test_ssl_endpoint {
+    const char *name;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    mbedtls_entropy_context entropy;
+    mbedtls_test_mock_socket socket;
+    mbedtls_test_ssl_endpoint_certificate cert;
+} mbedtls_test_ssl_endpoint;
+
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C &&
+          MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
+
+/*
+ * This function can be passed to mbedtls to receive output logs from it. In
+ * this case, it will count the instances of a mbedtls_test_ssl_log_pattern
+ * in the received logged messages.
+ */
+void mbedtls_test_ssl_log_analyzer(void *ctx, int level,
+                                   const char *file, int line,
+                                   const char *str);
+
+void mbedtls_test_init_handshake_options(
+    mbedtls_test_handshake_test_options *opts);
+
+/*
+ * Initialises \p buf. After calling this function it is safe to call
+ * `mbedtls_test_ssl_buffer_free()` on \p buf.
+ */
+void mbedtls_test_ssl_buffer_init(mbedtls_test_ssl_buffer *buf);
+
+/*
+ * Sets up \p buf. After calling this function it is safe to call
+ * `mbedtls_test_ssl_buffer_put()` and `mbedtls_test_ssl_buffer_get()`
+ * on \p buf.
+ */
+int mbedtls_test_ssl_buffer_setup(mbedtls_test_ssl_buffer *buf,
+                                  size_t capacity);
+
+void mbedtls_test_ssl_buffer_free(mbedtls_test_ssl_buffer *buf);
+
+/*
+ * Puts \p input_len bytes from the \p input buffer into the ring buffer \p buf.
+ *
+ * \p buf must have been initialized and set up by calling
+ * `mbedtls_test_ssl_buffer_init()` and `mbedtls_test_ssl_buffer_setup()`.
+ *
+ * \retval  \p input_len, if the data fits.
+ * \retval  0 <= value < \p input_len, if the data does not fit.
+ * \retval  -1, if \p buf is NULL, it hasn't been set up or \p input_len is not
+ *          zero and \p input is NULL.
+ */
+int mbedtls_test_ssl_buffer_put(mbedtls_test_ssl_buffer *buf,
+                                const unsigned char *input, size_t input_len);
+
+/*
+ * Gets \p output_len bytes from the ring buffer \p buf into the
+ * \p output buffer. The output buffer can be NULL, in this case a part of the
+ * ring buffer will be dropped, if the requested length is available.
+ *
+ * \p buf must have been initialized and set up by calling
+ * `mbedtls_test_ssl_buffer_init()` and `mbedtls_test_ssl_buffer_setup()`.
+ *
+ * \retval  \p output_len, if the data is available.
+ * \retval  0 <= value < \p output_len, if the data is not available.
+ * \retval  -1, if \buf is NULL or it hasn't been set up.
+ */
+int mbedtls_test_ssl_buffer_get(mbedtls_test_ssl_buffer *buf,
+                                unsigned char *output, size_t output_len);
+
+/*
+ * Errors used in the message transport mock tests
+ */
+ #define MBEDTLS_TEST_ERROR_ARG_NULL -11
+ #define MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED -44
+
+/*
+ * Setup and free functions for the message metadata queue.
+ *
+ * \p capacity describes the number of message metadata chunks that can be held
+ *    within the queue.
+ *
+ * \retval  0, if a metadata queue of a given length can be allocated.
+ * \retval  MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation failed.
+ */
+int mbedtls_test_ssl_message_queue_setup(
+    mbedtls_test_ssl_message_queue *queue, size_t capacity);
+
+void mbedtls_test_ssl_message_queue_free(
+    mbedtls_test_ssl_message_queue *queue);
+
+/*
+ * Push message length information onto the message metadata queue.
+ * This will become the last element to leave it (fifo).
+ *
+ * \retval  MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null.
+ * \retval  MBEDTLS_ERR_SSL_WANT_WRITE, if the queue is full.
+ * \retval  \p len, if the push was successful.
+ */
+int mbedtls_test_ssl_message_queue_push_info(
+    mbedtls_test_ssl_message_queue *queue, size_t len);
+
+/*
+ * Pop information about the next message length from the queue. This will be
+ * the oldest inserted message length(fifo). \p msg_len can be null, in which
+ * case the data will be popped from the queue but not copied anywhere.
+ *
+ * \retval  MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null.
+ * \retval  MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty.
+ * \retval  message length, if the pop was successful, up to the given
+            \p buf_len.
+ */
+int mbedtls_test_ssl_message_queue_pop_info(
+    mbedtls_test_ssl_message_queue *queue, size_t buf_len);
+
+/*
+ * Setup and teardown functions for mock sockets.
+ */
+void mbedtls_test_mock_socket_init(mbedtls_test_mock_socket *socket);
+
+/*
+ * Closes the socket \p socket.
+ *
+ * \p socket must have been previously initialized by calling
+ * mbedtls_test_mock_socket_init().
+ *
+ * This function frees all allocated resources and both sockets are aware of the
+ * new connection state.
+ *
+ * That is, this function does not simulate half-open TCP connections and the
+ * phenomenon that when closing a UDP connection the peer is not aware of the
+ * connection having been closed.
+ */
+void mbedtls_test_mock_socket_close(mbedtls_test_mock_socket *socket);
+
+/*
+ * Establishes a connection between \p peer1 and \p peer2.
+ *
+ * \p peer1 and \p peer2 must have been previously initialized by calling
+ * mbedtls_test_mock_socket_init().
+ *
+ * The capacities of the internal buffers are set to \p bufsize. Setting this to
+ * the correct value allows for simulation of MTU, sanity testing the mock
+ * implementation and mocking TCP connections with lower memory cost.
+ */
+int mbedtls_test_mock_socket_connect(mbedtls_test_mock_socket *peer1,
+                                     mbedtls_test_mock_socket *peer2,
+                                     size_t bufsize);
+
+/*
+ * Callbacks for simulating blocking I/O over connection-oriented transport.
+ */
+int mbedtls_test_mock_tcp_send_b(void *ctx,
+                                 const unsigned char *buf, size_t len);
+
+int mbedtls_test_mock_tcp_recv_b(void *ctx, unsigned char *buf, size_t len);
+
+/*
+ * Callbacks for simulating non-blocking I/O over connection-oriented transport.
+ */
+int mbedtls_test_mock_tcp_send_nb(void *ctx,
+                                  const unsigned char *buf, size_t len);
+
+int mbedtls_test_mock_tcp_recv_nb(void *ctx, unsigned char *buf, size_t len);
+
+void mbedtls_test_message_socket_init(
+    mbedtls_test_message_socket_context *ctx);
+
+/*
+ * Setup a given message socket context including initialization of
+ * input/output queues to a chosen capacity of messages. Also set the
+ * corresponding mock socket.
+ *
+ * \retval  0, if everything succeeds.
+ * \retval  MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation of a message
+ *          queue failed.
+ */
+int mbedtls_test_message_socket_setup(
+    mbedtls_test_ssl_message_queue *queue_input,
+    mbedtls_test_ssl_message_queue *queue_output,
+    size_t queue_capacity,
+    mbedtls_test_mock_socket *socket,
+    mbedtls_test_message_socket_context *ctx);
+
+/*
+ * Close a given message socket context, along with the socket itself. Free the
+ * memory allocated by the input queue.
+ */
+void mbedtls_test_message_socket_close(
+    mbedtls_test_message_socket_context *ctx);
+
+/*
+ * Send one message through a given message socket context.
+ *
+ * \retval  \p len, if everything succeeds.
+ * \retval  MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context
+ *          elements or the context itself is null.
+ * \retval  MBEDTLS_TEST_ERROR_SEND_FAILED if
+ *          mbedtls_test_mock_tcp_send_b failed.
+ * \retval  MBEDTLS_ERR_SSL_WANT_WRITE, if the output queue is full.
+ *
+ * This function will also return any error from
+ * mbedtls_test_ssl_message_queue_push_info.
+ */
+int mbedtls_test_mock_tcp_send_msg(void *ctx,
+                                   const unsigned char *buf, size_t len);
+
+/*
+ * Receive one message from a given message socket context and return message
+ * length or an error.
+ *
+ * \retval  message length, if everything succeeds.
+ * \retval  MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context
+ *          elements or the context itself is null.
+ * \retval  MBEDTLS_TEST_ERROR_RECV_FAILED if
+ *          mbedtls_test_mock_tcp_recv_b failed.
+ *
+ * This function will also return any error other than
+ * MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED from test_ssl_message_queue_peek_info.
+ */
+int mbedtls_test_mock_tcp_recv_msg(void *ctx,
+                                   unsigned char *buf, size_t buf_len);
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \
+    defined(MBEDTLS_CERTS_C) && \
+    defined(MBEDTLS_ENTROPY_C) && \
+    defined(MBEDTLS_CTR_DRBG_C)
+
+/*
+ * Initializes \p ep_cert structure and assigns it to endpoint
+ * represented by \p ep.
+ *
+ * \retval  0 on success, otherwise error code.
+ */
+int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep,
+                                               int pk_alg);
+
+/*
+ * Initializes \p ep structure. It is important to call
+ * `mbedtls_test_ssl_endpoint_free()` after calling this function
+ * even if it fails.
+ *
+ * \p endpoint_type must be set as MBEDTLS_SSL_IS_SERVER or
+ * MBEDTLS_SSL_IS_CLIENT.
+ * \p pk_alg the algorithm to use, currently only MBEDTLS_PK_RSA and
+ * MBEDTLS_PK_ECDSA are supported.
+ * \p dtls_context - in case of DTLS - this is the context handling metadata.
+ * \p input_queue - used only in case of DTLS.
+ * \p output_queue - used only in case of DTLS.
+ *
+ * \retval  0 on success, otherwise error code.
+ */
+int mbedtls_test_ssl_endpoint_init(
+    mbedtls_test_ssl_endpoint *ep, int endpoint_type, int pk_alg,
+    mbedtls_test_message_socket_context *dtls_context,
+    mbedtls_test_ssl_message_queue *input_queue,
+    mbedtls_test_ssl_message_queue *output_queue,
+    const mbedtls_ecp_group_id *curves);
+
+/*
+ * Deinitializes endpoint represented by \p ep.
+ */
+void mbedtls_test_ssl_endpoint_free(
+    mbedtls_test_ssl_endpoint *ep,
+    mbedtls_test_message_socket_context *context);
+
+/*
+ * This function moves ssl handshake from \p ssl to prescribed \p state.
+ * /p second_ssl is used as second endpoint and their sockets have to be
+ * connected before calling this function.
+ *
+ * \retval  0 on success, otherwise error code.
+ */
+int mbedtls_test_move_handshake_to_state(mbedtls_ssl_context *ssl,
+                                         mbedtls_ssl_context *second_ssl,
+                                         int state);
+
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C &&
+          MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
+
+/*
+ * Helper function setting up inverse record transformations
+ * using given cipher, hash, EtM mode, authentication tag length,
+ * and version.
+ */
+
+#define CHK(x)                                  \
+    do                                          \
+    {                                           \
+        if (!(x))                               \
+        {                                       \
+            ret = -1;                           \
+            goto cleanup;                       \
+        }                                       \
+    } while (0)
+
+#if MBEDTLS_SSL_CID_OUT_LEN_MAX > MBEDTLS_SSL_CID_IN_LEN_MAX
+#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_IN_LEN_MAX
+#else
+#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_OUT_LEN_MAX
+#endif
+
+int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in,
+                                      mbedtls_ssl_transform *t_out,
+                                      int cipher_type, int hash_id,
+                                      int etm, int tag_mode, int ver,
+                                      size_t cid0_len,
+                                      size_t cid1_len);
+
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+/**
+ * \param[in,out] record        The record to prepare.
+ *                              It must contain the data to MAC at offset
+ *                              `record->data_offset`, of length
+ *                              `record->data_length`.
+ *                              On success, write the MAC immediately
+ *                              after the data and increment
+ *                              `record->data_length` accordingly.
+ * \param[in,out] transform_out The out transform, typically prepared by
+ *                              mbedtls_test_ssl_build_transforms().
+ *                              Its HMAC context may be used. Other than that
+ *                              it is treated as an input parameter.
+ *
+ * \return                      0 on success, an `MBEDTLS_ERR_xxx` error code
+ *                              or -1 on error.
+ */
+int mbedtls_test_ssl_prepare_record_mac(mbedtls_record *record,
+                                        mbedtls_ssl_transform *transform_out);
+#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
+
+/*
+ * Populate a session structure for serialization tests.
+ * Choose dummy values, mostly non-0 to distinguish from the init default.
+ */
+int mbedtls_test_ssl_populate_session(mbedtls_ssl_session *session,
+                                      int ticket_len,
+                                      const char *crt_file);
+
+/*
+ * Perform data exchanging between \p ssl_1 and \p ssl_2 and check if the
+ * message was sent in the correct number of fragments.
+ *
+ * /p ssl_1 and /p ssl_2    Endpoints represented by mbedtls_ssl_context. Both
+ *                          of them must be initialized and connected
+ *                          beforehand.
+ * /p msg_len_1 and /p msg_len_2 specify the size of the message to send.
+ * /p expected_fragments_1 and /p expected_fragments_2 determine in how many
+ *                          fragments the message should be sent.
+ *      expected_fragments is 0: can be used for DTLS testing while the message
+ *                          size is larger than MFL. In that case the message
+ *                          cannot be fragmented and sent to the second
+ *                          endpoint.
+ *                          This value can be used for negative tests.
+ *      expected_fragments is 1: can be used for TLS/DTLS testing while the
+ *                          message size is below MFL
+ *      expected_fragments > 1: can be used for TLS testing while the message
+ *                          size is larger than MFL
+ *
+ * \retval  0 on success, otherwise error code.
+ */
+int mbedtls_test_ssl_exchange_data(
+    mbedtls_ssl_context *ssl_1,
+    int msg_len_1, const int expected_fragments_1,
+    mbedtls_ssl_context *ssl_2,
+    int msg_len_2, const int expected_fragments_2);
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \
+    defined(MBEDTLS_CERTS_C) && \
+    defined(MBEDTLS_ENTROPY_C) && \
+    defined(MBEDTLS_CTR_DRBG_C)
+void mbedtls_test_ssl_perform_handshake(
+    mbedtls_test_handshake_test_options *options);
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C &&
+          MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
+#endif /* MBEDTLS_SSL_TLS_C */
+
+#endif /* SSL_HELPERS_H */
diff --git a/3rdparty/mbedtls-2.28.7/tests/make-in-docker.sh b/3rdparty/mbedtls-2.28.7/tests/make-in-docker.sh
new file mode 100644
index 0000000..e57d09d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/make-in-docker.sh
@@ -0,0 +1,21 @@
+#!/bin/bash -eu
+
+# make-in-docker.sh
+#
+# Purpose
+# -------
+# This runs make in a Docker container.
+#
+# See also:
+# - scripts/docker_env.sh for general Docker prerequisites and other information.
+#
+# WARNING: the Dockerfile used by this script is no longer maintained! See
+# https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start
+# for the set of Docker images we use on the CI.
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+source tests/scripts/docker_env.sh
+
+run_in_docker make $@
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/all-in-docker.sh b/3rdparty/mbedtls-2.28.7/tests/scripts/all-in-docker.sh
new file mode 100644
index 0000000..b2a31c2
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/all-in-docker.sh
@@ -0,0 +1,27 @@
+#!/bin/bash -eu
+
+# all-in-docker.sh
+#
+# Purpose
+# -------
+# This runs all.sh (except for armcc) in a Docker container.
+#
+# WARNING: the Dockerfile used by this script is no longer maintained! See
+# https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start
+# for the set of Docker images we use on the CI.
+#
+# Notes for users
+# ---------------
+# See docker_env.sh for prerequisites and other information.
+#
+# See also all.sh for notes about invocation of that script.
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+source tests/scripts/docker_env.sh
+
+# Run tests that are possible with openly available compilers
+run_in_docker tests/scripts/all.sh \
+    --no-armcc \
+    $@
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/all.sh b/3rdparty/mbedtls-2.28.7/tests/scripts/all.sh
new file mode 100644
index 0000000..a2e518e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/all.sh
@@ -0,0 +1,3714 @@
+#! /usr/bin/env bash
+
+# all.sh
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+
+
+################################################################
+#### Documentation
+################################################################
+
+# Purpose
+# -------
+#
+# To run all tests possible or available on the platform.
+#
+# Notes for users
+# ---------------
+#
+# Warning: the test is destructive. It includes various build modes and
+# configurations, and can and will arbitrarily change the current CMake
+# configuration. The following files must be committed into git:
+#    * include/mbedtls/config.h
+#    * Makefile, library/Makefile, programs/Makefile, tests/Makefile,
+#      programs/fuzz/Makefile
+# After running this script, the CMake cache will be lost and CMake
+# will no longer be initialised.
+#
+# The script assumes the presence of a number of tools:
+#   * Basic Unix tools (Windows users note: a Unix-style find must be before
+#     the Windows find in the PATH)
+#   * Perl
+#   * GNU Make
+#   * CMake
+#   * GCC and Clang (recent enough for using ASan with gcc and MemSan with clang, or valgrind)
+#   * G++
+#   * arm-gcc and mingw-gcc
+#   * ArmCC 5 and ArmCC 6, unless invoked with --no-armcc
+#   * OpenSSL and GnuTLS command line tools, recent enough for the
+#     interoperability tests. If they don't support SSLv3 then a legacy
+#     version of these tools must be present as well (search for LEGACY
+#     below).
+# See the invocation of check_tools below for details.
+#
+# This script must be invoked from the toplevel directory of a git
+# working copy of Mbed TLS.
+#
+# The behavior on an error depends on whether --keep-going (alias -k)
+# is in effect.
+#  * Without --keep-going: the script stops on the first error without
+#    cleaning up. This lets you work in the configuration of the failing
+#    component.
+#  * With --keep-going: the script runs all requested components and
+#    reports failures at the end. In particular the script always cleans
+#    up on exit.
+#
+# Note that the output is not saved. You may want to run
+#   script -c tests/scripts/all.sh
+# or
+#   tests/scripts/all.sh >all.log 2>&1
+#
+# Notes for maintainers
+# ---------------------
+#
+# The bulk of the code is organized into functions that follow one of the
+# following naming conventions:
+#  * pre_XXX: things to do before running the tests, in order.
+#  * component_XXX: independent components. They can be run in any order.
+#      * component_check_XXX: quick tests that aren't worth parallelizing.
+#      * component_build_XXX: build things but don't run them.
+#      * component_test_XXX: build and test.
+#  * support_XXX: if support_XXX exists and returns false then
+#    component_XXX is not run by default.
+#  * post_XXX: things to do after running the tests.
+#  * other: miscellaneous support functions.
+#
+# Each component must start by invoking `msg` with a short informative message.
+#
+# Warning: due to the way bash detects errors, the failure of a command
+# inside 'if' or '!' is not detected. Use the 'not' function instead of '!'.
+#
+# Each component is executed in a separate shell process. The component
+# fails if any command in it returns a non-zero status.
+#
+# The framework performs some cleanup tasks after each component. This
+# means that components can assume that the working directory is in a
+# cleaned-up state, and don't need to perform the cleanup themselves.
+# * Run `make clean`.
+# * Restore `include/mbedtks/config.h` from a backup made before running
+#   the component.
+# * Check out `Makefile`, `library/Makefile`, `programs/Makefile`,
+#   `tests/Makefile` and `programs/fuzz/Makefile` from git.
+#   This cleans up after an in-tree use of CMake.
+#
+# The tests are roughly in order from fastest to slowest. This doesn't
+# have to be exact, but in general you should add slower tests towards
+# the end and fast checks near the beginning.
+
+
+
+################################################################
+#### Initialization and command line parsing
+################################################################
+
+# Abort on errors (even on the left-hand side of a pipe).
+# Treat uninitialised variables as errors.
+set -e -o pipefail -u
+
+# Enable ksh/bash extended file matching patterns
+shopt -s extglob
+
+pre_check_environment () {
+    if [ -d library -a -d include -a -d tests ]; then :; else
+        echo "Must be run from Mbed TLS root" >&2
+        exit 1
+    fi
+}
+
+pre_initialize_variables () {
+    CONFIG_H='include/mbedtls/config.h'
+    CRYPTO_CONFIG_H='include/psa/crypto_config.h'
+
+    # Files that are clobbered by some jobs will be backed up. Use a different
+    # suffix from auxiliary scripts so that all.sh and auxiliary scripts can
+    # independently decide when to remove the backup file.
+    backup_suffix='.all.bak'
+    # Files clobbered by config.py
+    files_to_back_up="$CONFIG_H $CRYPTO_CONFIG_H"
+    # Files clobbered by in-tree cmake
+    files_to_back_up="$files_to_back_up Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile"
+
+    append_outcome=0
+    MEMORY=0
+    FORCE=0
+    QUIET=0
+    KEEP_GOING=0
+
+    # Seed value used with the --release-test option.
+    #
+    # See also RELEASE_SEED in basic-build-test.sh. Debugging is easier if
+    # both values are kept in sync. If you change the value here because it
+    # breaks some tests, you'll definitely want to change it in
+    # basic-build-test.sh as well.
+    RELEASE_SEED=1
+
+    : ${MBEDTLS_TEST_OUTCOME_FILE=}
+    : ${MBEDTLS_TEST_PLATFORM="$(uname -s | tr -c \\n0-9A-Za-z _)-$(uname -m | tr -c \\n0-9A-Za-z _)"}
+    export MBEDTLS_TEST_OUTCOME_FILE
+    export MBEDTLS_TEST_PLATFORM
+
+    # Default commands, can be overridden by the environment
+    : ${OPENSSL:="openssl"}
+    : ${OPENSSL_LEGACY:="$OPENSSL"}
+    : ${OPENSSL_NEXT:="$OPENSSL"}
+    : ${GNUTLS_CLI:="gnutls-cli"}
+    : ${GNUTLS_SERV:="gnutls-serv"}
+    : ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"}
+    : ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"}
+    : ${OUT_OF_SOURCE_DIR:=./mbedtls_out_of_source_build}
+    : ${ARMC5_BIN_DIR:=/usr/bin}
+    : ${ARMC6_BIN_DIR:=/usr/bin}
+    : ${ARM_NONE_EABI_GCC_PREFIX:=arm-none-eabi-}
+    : ${ARM_LINUX_GNUEABI_GCC_PREFIX:=arm-linux-gnueabi-}
+    : ${CLANG_LATEST:="clang-latest"}
+    : ${CLANG_EARLIEST:="clang-earliest"}
+    : ${GCC_LATEST:="gcc-latest"}
+    : ${GCC_EARLIEST:="gcc-earliest"}
+
+    # if MAKEFLAGS is not set add the -j option to speed up invocations of make
+    if [ -z "${MAKEFLAGS+set}" ]; then
+        export MAKEFLAGS="-j$(all_sh_nproc)"
+    fi
+
+    # Include more verbose output for failing tests run by CMake or make
+    export CTEST_OUTPUT_ON_FAILURE=1
+
+    # CFLAGS and LDFLAGS for Asan builds that don't use CMake
+    # default to -O2, use -Ox _after_ this if you want another level
+    ASAN_CFLAGS='-O2 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all'
+
+    # Platform tests have an allocation that returns null
+    export ASAN_OPTIONS="allocator_may_return_null=1"
+    export MSAN_OPTIONS="allocator_may_return_null=1"
+
+    # Gather the list of available components. These are the functions
+    # defined in this script whose name starts with "component_".
+    ALL_COMPONENTS=$(compgen -A function component_ | sed 's/component_//')
+
+    # Exclude components that are not supported on this platform.
+    SUPPORTED_COMPONENTS=
+    for component in $ALL_COMPONENTS; do
+        case $(type "support_$component" 2>&1) in
+            *' function'*)
+                if ! support_$component; then continue; fi;;
+        esac
+        SUPPORTED_COMPONENTS="$SUPPORTED_COMPONENTS $component"
+    done
+}
+
+# Test whether the component $1 is included in the command line patterns.
+is_component_included()
+{
+    # Temporarily disable wildcard expansion so that $COMMAND_LINE_COMPONENTS
+    # only does word splitting.
+    set -f
+    for pattern in $COMMAND_LINE_COMPONENTS; do
+        set +f
+        case ${1#component_} in $pattern) return 0;; esac
+    done
+    set +f
+    return 1
+}
+
+usage()
+{
+    cat <<EOF
+Usage: $0 [OPTION]... [COMPONENT]...
+Run mbedtls release validation tests.
+By default, run all tests. With one or more COMPONENT, run only those.
+COMPONENT can be the name of a component or a shell wildcard pattern.
+
+Examples:
+  $0 "check_*"
+    Run all sanity checks.
+  $0 --no-armcc --except test_memsan
+    Run everything except builds that require armcc and MemSan.
+
+Special options:
+  -h|--help             Print this help and exit.
+  --list-all-components List all available test components and exit.
+  --list-components     List components supported on this platform and exit.
+
+General options:
+  -q|--quiet            Only output component names, and errors if any.
+  -f|--force            Force the tests to overwrite any modified files.
+  -k|--keep-going       Run all tests and report errors at the end.
+  -m|--memory           Additional optional memory tests.
+     --append-outcome   Append to the outcome file (if used).
+     --arm-none-eabi-gcc-prefix=<string>
+                        Prefix for a cross-compiler for arm-none-eabi
+                        (default: "${ARM_NONE_EABI_GCC_PREFIX}")
+     --arm-linux-gnueabi-gcc-prefix=<string>
+                        Prefix for a cross-compiler for arm-linux-gnueabi
+                        (default: "${ARM_LINUX_GNUEABI_GCC_PREFIX}")
+     --armcc            Run ARM Compiler builds (on by default).
+     --restore          First clean up the build tree, restoring backed up
+                        files. Do not run any components unless they are
+                        explicitly specified.
+     --error-test       Error test mode: run a failing function in addition
+                        to any specified component. May be repeated.
+     --except           Exclude the COMPONENTs listed on the command line,
+                        instead of running only those.
+     --no-append-outcome    Write a new outcome file and analyze it (default).
+     --no-armcc         Skip ARM Compiler builds.
+     --no-force         Refuse to overwrite modified files (default).
+     --no-keep-going    Stop at the first error (default).
+     --no-memory        No additional memory tests (default).
+     --no-quiet         Print full output from components.
+     --out-of-source-dir=<path>  Directory used for CMake out-of-source build tests.
+     --outcome-file=<path>  File where test outcomes are written (not done if
+                            empty; default: \$MBEDTLS_TEST_OUTCOME_FILE).
+     --random-seed      Use a random seed value for randomized tests (default).
+  -r|--release-test     Run this script in release mode. This fixes the seed value to ${RELEASE_SEED}.
+  -s|--seed             Integer seed value to use for this test run.
+
+Tool path options:
+     --armc5-bin-dir=<ARMC5_bin_dir_path>       ARM Compiler 5 bin directory.
+     --armc6-bin-dir=<ARMC6_bin_dir_path>       ARM Compiler 6 bin directory.
+     --clang-earliest=<Clang_earliest_path>     Earliest version of clang available
+     --clang-latest=<Clang_latest_path>         Latest version of clang available
+     --gcc-earliest=<GCC_earliest_path>         Earliest version of GCC available
+     --gcc-latest=<GCC_latest_path>             Latest version of GCC available
+     --gnutls-cli=<GnuTLS_cli_path>             GnuTLS client executable to use for most tests.
+     --gnutls-serv=<GnuTLS_serv_path>           GnuTLS server executable to use for most tests.
+     --gnutls-legacy-cli=<GnuTLS_cli_path>      GnuTLS client executable to use for legacy tests.
+     --gnutls-legacy-serv=<GnuTLS_serv_path>    GnuTLS server executable to use for legacy tests.
+     --openssl=<OpenSSL_path>                   OpenSSL executable to use for most tests.
+     --openssl-legacy=<OpenSSL_path>            OpenSSL executable to use for legacy tests e.g. SSLv3.
+     --openssl-next=<OpenSSL_path>              OpenSSL executable to use for recent things like ARIA
+EOF
+}
+
+# Cleanup before/after running a component.
+# Remove built files as well as the cmake cache/config.
+# Does not remove generated source files.
+cleanup()
+{
+    command make clean
+
+    # Remove CMake artefacts
+    find . -name .git -prune -o \
+           -iname CMakeFiles -exec rm -rf {} \+ -o \
+           \( -iname cmake_install.cmake -o \
+              -iname CTestTestfile.cmake -o \
+              -iname CMakeCache.txt \) -exec rm {} \+
+    # Recover files overwritten by in-tree CMake builds
+    rm -f include/Makefile include/mbedtls/Makefile programs/!(fuzz)/Makefile
+
+    # Remove any artifacts from the component_test_cmake_as_subdirectory test.
+    rm -rf programs/test/cmake_subproject/build
+    rm -f programs/test/cmake_subproject/Makefile
+    rm -f programs/test/cmake_subproject/cmake_subproject
+
+    # Restore files that may have been clobbered by the job
+    for x in $files_to_back_up; do
+        if [[ -e "$x$backup_suffix" ]]; then
+            cp -p "$x$backup_suffix" "$x"
+        fi
+    done
+}
+
+# Final cleanup when this script exits (except when exiting on a failure
+# in non-keep-going mode).
+final_cleanup () {
+    cleanup
+
+    for x in $files_to_back_up; do
+        rm -f "$x$backup_suffix"
+    done
+}
+
+# Executed on exit. May be redefined depending on command line options.
+final_report () {
+    :
+}
+
+fatal_signal () {
+    final_cleanup
+    final_report $1
+    trap - $1
+    kill -$1 $$
+}
+
+trap 'fatal_signal HUP' HUP
+trap 'fatal_signal INT' INT
+trap 'fatal_signal TERM' TERM
+
+# Number of processors on this machine. Used as the default setting
+# for parallel make.
+all_sh_nproc ()
+{
+    {
+        nproc || # Linux
+        sysctl -n hw.ncpuonline || # NetBSD, OpenBSD
+        sysctl -n hw.ncpu || # FreeBSD
+        echo 1
+    } 2>/dev/null
+}
+
+msg()
+{
+    if [ -n "${current_component:-}" ]; then
+        current_section="${current_component#component_}: $1"
+    else
+        current_section="$1"
+    fi
+
+    if [ $QUIET -eq 1 ]; then
+        return
+    fi
+
+    echo ""
+    echo "******************************************************************"
+    echo "* $current_section "
+    printf "* "; date
+    echo "******************************************************************"
+}
+
+armc6_build_test()
+{
+    FLAGS="$1"
+
+    msg "build: ARM Compiler 6 ($FLAGS)"
+    ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" CFLAGS="$FLAGS" \
+                    WARNING_CFLAGS='-Werror -xc -std=c99' make lib
+
+    msg "size: ARM Compiler 6 ($FLAGS)"
+    "$ARMC6_FROMELF" -z library/*.o
+
+    make clean
+}
+
+err_msg()
+{
+    echo "$1" >&2
+}
+
+check_tools()
+{
+    for TOOL in "$@"; do
+        if ! `type "$TOOL" >/dev/null 2>&1`; then
+            err_msg "$TOOL not found!"
+            exit 1
+        fi
+    done
+}
+
+pre_parse_command_line () {
+    COMMAND_LINE_COMPONENTS=
+    all_except=0
+    error_test=0
+    restore_first=0
+    no_armcc=
+
+    # Note that legacy options are ignored instead of being omitted from this
+    # list of options, so invocations that worked with previous version of
+    # all.sh will still run and work properly.
+    while [ $# -gt 0 ]; do
+        case "$1" in
+            --append-outcome) append_outcome=1;;
+            --arm-none-eabi-gcc-prefix) shift; ARM_NONE_EABI_GCC_PREFIX="$1";;
+            --arm-linux-gnueabi-gcc-prefix) shift; ARM_LINUX_GNUEABI_GCC_PREFIX="$1";;
+            --armcc) no_armcc=;;
+            --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";;
+            --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";;
+            --clang-earliest) shift; CLANG_EARLIEST="$1";;
+            --clang-latest) shift; CLANG_LATEST="$1";;
+            --error-test) error_test=$((error_test + 1));;
+            --except) all_except=1;;
+            --force|-f) FORCE=1;;
+            --gcc-earliest) shift; GCC_EARLIEST="$1";;
+            --gcc-latest) shift; GCC_LATEST="$1";;
+            --gnutls-cli) shift; GNUTLS_CLI="$1";;
+            --gnutls-legacy-cli) shift; GNUTLS_LEGACY_CLI="$1";;
+            --gnutls-legacy-serv) shift; GNUTLS_LEGACY_SERV="$1";;
+            --gnutls-serv) shift; GNUTLS_SERV="$1";;
+            --help|-h) usage; exit;;
+            --keep-going|-k) KEEP_GOING=1;;
+            --list-all-components) printf '%s\n' $ALL_COMPONENTS; exit;;
+            --list-components) printf '%s\n' $SUPPORTED_COMPONENTS; exit;;
+            --memory|-m) MEMORY=1;;
+            --no-append-outcome) append_outcome=0;;
+            --no-armcc) no_armcc=1;;
+            --no-force) FORCE=0;;
+            --no-keep-going) KEEP_GOING=0;;
+            --no-memory) MEMORY=0;;
+            --no-quiet) QUIET=0;;
+            --openssl) shift; OPENSSL="$1";;
+            --openssl-legacy) shift; OPENSSL_LEGACY="$1";;
+            --openssl-next) shift; OPENSSL_NEXT="$1";;
+            --outcome-file) shift; MBEDTLS_TEST_OUTCOME_FILE="$1";;
+            --out-of-source-dir) shift; OUT_OF_SOURCE_DIR="$1";;
+            --quiet|-q) QUIET=1;;
+            --random-seed) unset SEED;;
+            --release-test|-r) SEED=$RELEASE_SEED;;
+            --restore) restore_first=1;;
+            --seed|-s) shift; SEED="$1";;
+            -*)
+                echo >&2 "Unknown option: $1"
+                echo >&2 "Run $0 --help for usage."
+                exit 120
+                ;;
+            *) COMMAND_LINE_COMPONENTS="$COMMAND_LINE_COMPONENTS $1";;
+        esac
+        shift
+    done
+
+    # With no list of components, run everything.
+    if [ -z "$COMMAND_LINE_COMPONENTS" ] && [ $restore_first -eq 0 ]; then
+        all_except=1
+    fi
+
+    # --no-armcc is a legacy option. The modern way is --except '*_armcc*'.
+    # Ignore it if components are listed explicitly on the command line.
+    if [ -n "$no_armcc" ] && [ $all_except -eq 1 ]; then
+        COMMAND_LINE_COMPONENTS="$COMMAND_LINE_COMPONENTS *_armcc*"
+    fi
+
+    # Error out if an explicitly requested component doesn't exist.
+    if [ $all_except -eq 0 ]; then
+        unsupported=0
+        # Temporarily disable wildcard expansion so that $COMMAND_LINE_COMPONENTS
+        # only does word splitting.
+        set -f
+        for component in $COMMAND_LINE_COMPONENTS; do
+            set +f
+            # If the requested name includes a wildcard character, don't
+            # check it. Accept wildcard patterns that don't match anything.
+            case $component in
+                *[*?\[]*) continue;;
+            esac
+            case " $SUPPORTED_COMPONENTS " in
+                *" $component "*) :;;
+                *)
+                    echo >&2 "Component $component was explicitly requested, but is not known or not supported."
+                    unsupported=$((unsupported + 1));;
+            esac
+        done
+        set +f
+        if [ $unsupported -ne 0 ]; then
+            exit 2
+        fi
+    fi
+
+    # Build the list of components to run.
+    RUN_COMPONENTS=
+    for component in $SUPPORTED_COMPONENTS; do
+        if is_component_included "$component"; [ $? -eq $all_except ]; then
+            RUN_COMPONENTS="$RUN_COMPONENTS $component"
+        fi
+    done
+
+    unset all_except
+    unset no_armcc
+}
+
+pre_check_git () {
+    if [ $FORCE -eq 1 ]; then
+        rm -rf "$OUT_OF_SOURCE_DIR"
+        git checkout-index -f -q $CONFIG_H
+        cleanup
+    else
+
+        if [ -d "$OUT_OF_SOURCE_DIR" ]; then
+            echo "Warning - there is an existing directory at '$OUT_OF_SOURCE_DIR'" >&2
+            echo "You can either delete this directory manually, or force the test by rerunning"
+            echo "the script as: $0 --force --out-of-source-dir $OUT_OF_SOURCE_DIR"
+            exit 1
+        fi
+
+        if ! git diff --quiet include/mbedtls/config.h; then
+            err_msg "Warning - the configuration file 'include/mbedtls/config.h' has been edited. "
+            echo "You can either delete or preserve your work, or force the test by rerunning the"
+            echo "script as: $0 --force"
+            exit 1
+        fi
+    fi
+}
+
+pre_restore_files () {
+    # If the makefiles have been generated by a framework such as cmake,
+    # restore them from git. If the makefiles look like modifications from
+    # the ones checked into git, take care not to modify them. Whatever
+    # this function leaves behind is what the script will restore before
+    # each component.
+    case "$(head -n1 Makefile)" in
+        *[Gg]enerated*)
+            git update-index --no-skip-worktree Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile
+            git checkout -- Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile
+            ;;
+    esac
+}
+
+pre_back_up () {
+    for x in $files_to_back_up; do
+        cp -p "$x" "$x$backup_suffix"
+    done
+}
+
+pre_setup_keep_going () {
+    failure_count=0 # Number of failed components
+    last_failure_status=0 # Last failure status in this component
+
+    # See err_trap
+    previous_failure_status=0
+    previous_failed_command=
+    previous_failure_funcall_depth=0
+    unset report_failed_command
+
+    start_red=
+    end_color=
+    if [ -t 1 ]; then
+        case "${TERM:-}" in
+            *color*|cygwin|linux|rxvt*|screen|[Eex]term*)
+                start_red=$(printf '\033[31m')
+                end_color=$(printf '\033[0m')
+                ;;
+        esac
+    fi
+
+    # Keep a summary of failures in a file. We'll print it out at the end.
+    failure_summary_file=$PWD/all-sh-failures-$$.log
+    : >"$failure_summary_file"
+
+    # Whether it makes sense to keep a component going after the specified
+    # command fails (test command) or not (configure or build).
+    # This function normally receives the failing simple command
+    # ($BASH_COMMAND) as an argument, but if $report_failed_command is set,
+    # this is passed instead.
+    # This doesn't have to be 100% accurate: all failures are recorded anyway.
+    # False positives result in running things that can't be expected to
+    # work. False negatives result in things not running after something else
+    # failed even though they might have given useful feedback.
+    can_keep_going_after_failure () {
+        case "$1" in
+            "msg "*) false;;
+            "cd "*) false;;
+            *make*[\ /]tests*) false;; # make tests, make CFLAGS=-I../tests, ...
+            *test*) true;; # make test, tests/stuff, env V=v tests/stuff, ...
+            *make*check*) true;;
+            "grep "*) true;;
+            "[ "*) true;;
+            "! "*) true;;
+            *) false;;
+        esac
+    }
+
+    # This function runs if there is any error in a component.
+    # It must either exit with a nonzero status, or set
+    # last_failure_status to a nonzero value.
+    err_trap () {
+        # Save $? (status of the failing command). This must be the very
+        # first thing, before $? is overridden.
+        last_failure_status=$?
+        failed_command=${report_failed_command-$BASH_COMMAND}
+
+        if [[ $last_failure_status -eq $previous_failure_status &&
+              "$failed_command" == "$previous_failed_command" &&
+              ${#FUNCNAME[@]} == $((previous_failure_funcall_depth - 1)) ]]
+        then
+            # The same command failed twice in a row, but this time one level
+            # less deep in the function call stack. This happens when the last
+            # command of a function returns a nonzero status, and the function
+            # returns that same status. Ignore the second failure.
+            previous_failure_funcall_depth=${#FUNCNAME[@]}
+            return
+        fi
+        previous_failure_status=$last_failure_status
+        previous_failed_command=$failed_command
+        previous_failure_funcall_depth=${#FUNCNAME[@]}
+
+        text="$current_section: $failed_command -> $last_failure_status"
+        echo "${start_red}^^^^$text^^^^${end_color}" >&2
+        echo "$text" >>"$failure_summary_file"
+
+        # If the command is fatal (configure or build command), stop this
+        # component. Otherwise (test command) keep the component running
+        # (run more tests from the same build).
+        if ! can_keep_going_after_failure "$failed_command"; then
+            exit $last_failure_status
+        fi
+    }
+
+    final_report () {
+        if [ $failure_count -gt 0 ]; then
+            echo
+            echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+            echo "${start_red}FAILED: $failure_count components${end_color}"
+            cat "$failure_summary_file"
+            echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+        elif [ -z "${1-}" ]; then
+            echo "SUCCESS :)"
+        fi
+        if [ -n "${1-}" ]; then
+            echo "Killed by SIG$1."
+        fi
+        rm -f "$failure_summary_file"
+        if [ $failure_count -gt 0 ]; then
+            exit 1
+        fi
+    }
+}
+
+# record_status() and if_build_succeeded() are kept temporarily for backward
+# compatibility. Don't use them in new components.
+record_status () {
+    "$@"
+}
+if_build_succeeded () {
+    "$@"
+}
+
+# '! true' does not trigger the ERR trap. Arrange to trigger it, with
+# a reasonably informative error message (not just "$@").
+not () {
+    if "$@"; then
+        report_failed_command="! $*"
+        false
+        unset report_failed_command
+    fi
+}
+
+pre_prepare_outcome_file () {
+    case "$MBEDTLS_TEST_OUTCOME_FILE" in
+      [!/]*) MBEDTLS_TEST_OUTCOME_FILE="$PWD/$MBEDTLS_TEST_OUTCOME_FILE";;
+    esac
+    if [ -n "$MBEDTLS_TEST_OUTCOME_FILE" ] && [ "$append_outcome" -eq 0 ]; then
+        rm -f "$MBEDTLS_TEST_OUTCOME_FILE"
+    fi
+}
+
+pre_print_configuration () {
+    if [ $QUIET -eq 1 ]; then
+        return
+    fi
+
+    msg "info: $0 configuration"
+    echo "MEMORY: $MEMORY"
+    echo "FORCE: $FORCE"
+    echo "MBEDTLS_TEST_OUTCOME_FILE: ${MBEDTLS_TEST_OUTCOME_FILE:-(none)}"
+    echo "SEED: ${SEED-"UNSET"}"
+    echo
+    echo "OPENSSL: $OPENSSL"
+    echo "OPENSSL_LEGACY: $OPENSSL_LEGACY"
+    echo "OPENSSL_NEXT: $OPENSSL_NEXT"
+    echo "GNUTLS_CLI: $GNUTLS_CLI"
+    echo "GNUTLS_SERV: $GNUTLS_SERV"
+    echo "GNUTLS_LEGACY_CLI: $GNUTLS_LEGACY_CLI"
+    echo "GNUTLS_LEGACY_SERV: $GNUTLS_LEGACY_SERV"
+    echo "ARMC5_BIN_DIR: $ARMC5_BIN_DIR"
+    echo "ARMC6_BIN_DIR: $ARMC6_BIN_DIR"
+}
+
+# Make sure the tools we need are available.
+pre_check_tools () {
+    # Build the list of variables to pass to output_env.sh.
+    set env
+
+    case " $RUN_COMPONENTS " in
+        # Require OpenSSL and GnuTLS if running any tests (as opposed to
+        # only doing builds). Not all tests run OpenSSL and GnuTLS, but this
+        # is a good enough approximation in practice.
+        *" test_"*)
+            # To avoid setting OpenSSL and GnuTLS for each call to compat.sh
+            # and ssl-opt.sh, we just export the variables they require.
+            export OPENSSL="$OPENSSL"
+            export GNUTLS_CLI="$GNUTLS_CLI"
+            export GNUTLS_SERV="$GNUTLS_SERV"
+            # Avoid passing --seed flag in every call to ssl-opt.sh
+            if [ -n "${SEED-}" ]; then
+                export SEED
+            fi
+            set "$@" OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY"
+            set "$@" GNUTLS_CLI="$GNUTLS_CLI" GNUTLS_SERV="$GNUTLS_SERV"
+            set "$@" GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI"
+            set "$@" GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV"
+            check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$OPENSSL_NEXT" \
+                        "$GNUTLS_CLI" "$GNUTLS_SERV" \
+                        "$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV"
+            ;;
+    esac
+
+    case " $RUN_COMPONENTS " in
+        *_doxygen[_\ ]*) check_tools "doxygen" "dot";;
+    esac
+
+    case " $RUN_COMPONENTS " in
+        *_arm_none_eabi_gcc[_\ ]*) check_tools "${ARM_NONE_EABI_GCC_PREFIX}gcc";;
+    esac
+
+    case " $RUN_COMPONENTS " in
+        *_mingw[_\ ]*) check_tools "i686-w64-mingw32-gcc";;
+    esac
+
+    case " $RUN_COMPONENTS " in
+        *" test_zeroize "*) check_tools "gdb";;
+    esac
+
+    case " $RUN_COMPONENTS " in
+        *_armcc*)
+            ARMC5_CC="$ARMC5_BIN_DIR/armcc"
+            ARMC5_AR="$ARMC5_BIN_DIR/armar"
+            ARMC5_FROMELF="$ARMC5_BIN_DIR/fromelf"
+            ARMC6_CC="$ARMC6_BIN_DIR/armclang"
+            ARMC6_AR="$ARMC6_BIN_DIR/armar"
+            ARMC6_FROMELF="$ARMC6_BIN_DIR/fromelf"
+            check_tools "$ARMC5_CC" "$ARMC5_AR" "$ARMC5_FROMELF" \
+                        "$ARMC6_CC" "$ARMC6_AR" "$ARMC6_FROMELF";;
+    esac
+
+    # past this point, no call to check_tool, only printing output
+    if [ $QUIET -eq 1 ]; then
+        return
+    fi
+
+    msg "info: output_env.sh"
+    case $RUN_COMPONENTS in
+        *_armcc*)
+            set "$@" ARMC5_CC="$ARMC5_CC" ARMC6_CC="$ARMC6_CC" RUN_ARMCC=1;;
+        *) set "$@" RUN_ARMCC=0;;
+    esac
+    "$@" scripts/output_env.sh
+}
+
+
+
+################################################################
+#### Basic checks
+################################################################
+
+#
+# Test Suites to be executed
+#
+# The test ordering tries to optimize for the following criteria:
+# 1. Catch possible problems early, by running first tests that run quickly
+#    and/or are more likely to fail than others (eg I use Clang most of the
+#    time, so start with a GCC build).
+# 2. Minimize total running time, by avoiding useless rebuilds
+#
+# Indicative running times are given for reference.
+
+component_check_recursion () {
+    msg "Check: recursion.pl" # < 1s
+    tests/scripts/recursion.pl library/*.c
+}
+
+component_check_generated_files () {
+    msg "Check: freshness of generated source files" # < 1s
+    tests/scripts/check-generated-files.sh
+}
+
+component_check_doxy_blocks () {
+    msg "Check: doxygen markup outside doxygen blocks" # < 1s
+    tests/scripts/check-doxy-blocks.pl
+}
+
+component_check_files () {
+    msg "Check: file sanity checks (permissions, encodings)" # < 1s
+    tests/scripts/check_files.py
+}
+
+component_check_changelog () {
+    msg "Check: changelog entries" # < 1s
+    rm -f ChangeLog.new
+    scripts/assemble_changelog.py -o ChangeLog.new
+    if [ -e ChangeLog.new ]; then
+        # Show the diff for information. It isn't an error if the diff is
+        # non-empty.
+        diff -u ChangeLog ChangeLog.new || true
+        rm ChangeLog.new
+    fi
+}
+
+component_check_names () {
+    msg "Check: declared and exported names (builds the library)" # < 3s
+    tests/scripts/check_names.py -v
+}
+
+component_check_test_cases () {
+    msg "Check: test case descriptions" # < 1s
+    if [ $QUIET -eq 1 ]; then
+        opt='--quiet'
+    else
+        opt=''
+    fi
+    tests/scripts/check_test_cases.py -q $opt
+    unset opt
+}
+
+component_check_doxygen_warnings () {
+    msg "Check: doxygen warnings (builds the documentation)" # ~ 3s
+    tests/scripts/doxygen.sh
+}
+
+
+
+################################################################
+#### Build and test many configurations and targets
+################################################################
+
+component_test_default_out_of_box () {
+    msg "build: make, default config (out-of-box)" # ~1min
+    make
+    # Disable fancy stuff
+    unset MBEDTLS_TEST_OUTCOME_FILE
+
+    msg "test: main suites make, default config (out-of-box)" # ~10s
+    make test
+
+    msg "selftest: make, default config (out-of-box)" # ~10s
+    programs/test/selftest
+}
+
+component_test_default_cmake_gcc_asan () {
+    msg "build: cmake, gcc, ASan" # ~ 1 min 50s
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s
+    make test
+
+    msg "test: selftest (ASan build)" # ~ 10s
+    programs/test/selftest
+
+    msg "test: ssl-opt.sh (ASan build)" # ~ 1 min
+    tests/ssl-opt.sh
+
+    msg "test: compat.sh (ASan build)" # ~ 6 min
+    tests/compat.sh
+
+    msg "test: context-info.sh (ASan build)" # ~ 15 sec
+    tests/context-info.sh
+}
+
+component_test_full_cmake_gcc_asan () {
+    msg "build: full config, cmake, gcc, ASan"
+    scripts/config.py full
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: main suites (inc. selftests) (full config, ASan build)"
+    make test
+
+    msg "test: selftest (ASan build)" # ~ 10s
+    programs/test/selftest
+
+    msg "test: ssl-opt.sh (full config, ASan build)"
+    tests/ssl-opt.sh
+
+    msg "test: compat.sh (full config, ASan build)"
+    tests/compat.sh
+
+    msg "test: context-info.sh (full config, ASan build)" # ~ 15 sec
+    tests/context-info.sh
+}
+
+component_test_psa_crypto_key_id_encodes_owner () {
+    msg "build: full config - USE_PSA_CRYPTO + PSA_CRYPTO_KEY_ID_ENCODES_OWNER, cmake, gcc, ASan"
+    scripts/config.py full
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: full config - USE_PSA_CRYPTO + PSA_CRYPTO_KEY_ID_ENCODES_OWNER, cmake, gcc, ASan"
+    make test
+}
+
+# check_renamed_symbols HEADER LIB
+# Check that if HEADER contains '#define MACRO ...' then MACRO is not a symbol
+# name is LIB.
+check_renamed_symbols () {
+    ! nm "$2" | sed 's/.* //' |
+      grep -x -F "$(sed -n 's/^ *# *define  *\([A-Z_a-z][0-9A-Z_a-z]*\)..*/\1/p' "$1")"
+}
+
+component_build_psa_crypto_spm () {
+    msg "build: full config - USE_PSA_CRYPTO + PSA_CRYPTO_KEY_ID_ENCODES_OWNER + PSA_CRYPTO_SPM, make, gcc"
+    scripts/config.py full
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py unset MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_SPM
+    # We can only compile, not link, since our test and sample programs
+    # aren't equipped for the modified names used when MBEDTLS_PSA_CRYPTO_SPM
+    # is active.
+    make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/spe' lib
+
+    # Check that if a symbol is renamed by crypto_spe.h, the non-renamed
+    # version is not present.
+    echo "Checking for renamed symbols in the library"
+    check_renamed_symbols tests/include/spe/crypto_spe.h library/libmbedcrypto.a
+}
+
+component_test_psa_crypto_client () {
+    msg "build: default config - PSA_CRYPTO_C + PSA_CRYPTO_CLIENT, make"
+    scripts/config.py unset MBEDTLS_PSA_CRYPTO_C
+    scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CLIENT
+    make
+
+    msg "test: default config - PSA_CRYPTO_C + PSA_CRYPTO_CLIENT, make"
+    make test
+}
+
+component_test_zlib_make() {
+    msg "build: zlib enabled, make"
+    scripts/config.py set MBEDTLS_ZLIB_SUPPORT
+    make ZLIB=1 CFLAGS='-Werror -O2'
+
+    msg "test: main suites (zlib, make)"
+    make test
+
+    msg "test: ssl-opt.sh (zlib, make)"
+    tests/ssl-opt.sh
+}
+support_test_zlib_make () {
+    base=support_test_zlib_$$
+    cat <<'EOF' > ${base}.c
+#include "zlib.h"
+int main(void) { return 0; }
+EOF
+    gcc -o ${base}.exe ${base}.c -lz 2>/dev/null
+    ret=$?
+    rm -f ${base}.*
+    return $ret
+}
+
+component_test_zlib_cmake() {
+    msg "build: zlib enabled, cmake"
+    scripts/config.py set MBEDTLS_ZLIB_SUPPORT
+    cmake -D ENABLE_ZLIB_SUPPORT=On -D CMAKE_BUILD_TYPE:String=Release .
+    make
+
+    msg "test: main suites (zlib, cmake)"
+    make test
+
+    msg "test: ssl-opt.sh (zlib, cmake)"
+    tests/ssl-opt.sh
+}
+support_test_zlib_cmake () {
+    support_test_zlib_make "$@"
+}
+
+component_test_psa_crypto_rsa_no_genprime() {
+    msg "build: default config minus MBEDTLS_GENPRIME"
+    scripts/config.py unset MBEDTLS_GENPRIME
+    make
+
+    msg "test: default config minus MBEDTLS_GENPRIME"
+    make test
+}
+
+component_test_ref_configs () {
+    msg "test/build: ref-configs (ASan build)" # ~ 6 min 20s
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    tests/scripts/test-ref-configs.pl
+}
+
+component_test_sslv3 () {
+    msg "build: Default + SSLv3 (ASan build)" # ~ 6 min
+    scripts/config.py set MBEDTLS_SSL_PROTO_SSL3
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: SSLv3 - main suites (inc. selftests) (ASan build)" # ~ 50s
+    make test
+
+    msg "build: SSLv3 - compat.sh (ASan build)" # ~ 6 min
+    tests/compat.sh -m 'tls1 tls1_1 tls12 dtls1 dtls12'
+    env OPENSSL="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3'
+
+    msg "build: SSLv3 - ssl-opt.sh (ASan build)" # ~ 6 min
+    tests/ssl-opt.sh
+
+    msg "build: SSLv3 - context-info.sh (ASan build)" # ~ 15 sec
+    tests/context-info.sh
+}
+
+component_test_no_renegotiation () {
+    msg "build: Default + !MBEDTLS_SSL_RENEGOTIATION (ASan build)" # ~ 6 min
+    scripts/config.py unset MBEDTLS_SSL_RENEGOTIATION
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: !MBEDTLS_SSL_RENEGOTIATION - main suites (inc. selftests) (ASan build)" # ~ 50s
+    make test
+
+    msg "test: !MBEDTLS_SSL_RENEGOTIATION - ssl-opt.sh (ASan build)" # ~ 6 min
+    tests/ssl-opt.sh
+}
+
+component_test_no_certs () {
+    msg "build: full minus MBEDTLS_CERTS_C"
+    scripts/config.py full
+    scripts/config.py unset MBEDTLS_CERTS_C
+    # Quick build+test (we're checking for stray uses of the test certs,
+    # not expecting their absence to lead to subtle problems).
+    make
+
+    msg "test: full minus MBEDTLS_CERTS_C - main suites"
+    make test
+}
+
+component_test_no_pem_no_fs () {
+    msg "build: Default + !MBEDTLS_PEM_PARSE_C + !MBEDTLS_FS_IO (ASan build)"
+    scripts/config.py unset MBEDTLS_PEM_PARSE_C
+    scripts/config.py unset MBEDTLS_FS_IO
+    scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C # requires a filesystem
+    scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA ITS
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: !MBEDTLS_PEM_PARSE_C !MBEDTLS_FS_IO - main suites (inc. selftests) (ASan build)" # ~ 50s
+    make test
+
+    msg "test: !MBEDTLS_PEM_PARSE_C !MBEDTLS_FS_IO - ssl-opt.sh (ASan build)" # ~ 6 min
+    tests/ssl-opt.sh
+}
+
+component_test_rsa_no_crt () {
+    msg "build: Default + RSA_NO_CRT (ASan build)" # ~ 6 min
+    scripts/config.py set MBEDTLS_RSA_NO_CRT
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: RSA_NO_CRT - main suites (inc. selftests) (ASan build)" # ~ 50s
+    make test
+
+    msg "test: RSA_NO_CRT - RSA-related part of ssl-opt.sh (ASan build)" # ~ 5s
+    tests/ssl-opt.sh -f RSA
+
+    msg "test: RSA_NO_CRT - RSA-related part of compat.sh (ASan build)" # ~ 3 min
+    tests/compat.sh -t RSA
+
+    msg "test: RSA_NO_CRT - RSA-related part of context-info.sh (ASan build)" # ~ 15 sec
+    tests/context-info.sh
+}
+
+component_test_no_ctr_drbg_classic () {
+    msg "build: Full minus CTR_DRBG, classic crypto in TLS"
+    scripts/config.py full
+    scripts/config.py unset MBEDTLS_CTR_DRBG_C
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: Full minus CTR_DRBG, classic crypto - main suites"
+    make test
+
+    # In this configuration, the TLS test programs use HMAC_DRBG.
+    # The SSL tests are slow, so run a small subset, just enough to get
+    # confidence that the SSL code copes with HMAC_DRBG.
+    msg "test: Full minus CTR_DRBG, classic crypto - ssl-opt.sh (subset)"
+    tests/ssl-opt.sh -f 'Default\|SSL async private.*delay=\|tickets enabled on server'
+
+    msg "test: Full minus CTR_DRBG, classic crypto - compat.sh (subset)"
+    tests/compat.sh -m tls12 -t 'ECDSA PSK' -V NO -p OpenSSL
+}
+
+component_test_no_ctr_drbg_use_psa () {
+    msg "build: Full minus CTR_DRBG, PSA crypto in TLS"
+    scripts/config.py full
+    scripts/config.py unset MBEDTLS_CTR_DRBG_C
+    scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
+
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: Full minus CTR_DRBG, USE_PSA_CRYPTO - main suites"
+    make test
+
+    # In this configuration, the TLS test programs use HMAC_DRBG.
+    # The SSL tests are slow, so run a small subset, just enough to get
+    # confidence that the SSL code copes with HMAC_DRBG.
+    msg "test: Full minus CTR_DRBG, USE_PSA_CRYPTO - ssl-opt.sh (subset)"
+    tests/ssl-opt.sh -f 'Default\|SSL async private.*delay=\|tickets enabled on server'
+
+    msg "test: Full minus CTR_DRBG, USE_PSA_CRYPTO - compat.sh (subset)"
+    tests/compat.sh -m tls12 -t 'ECDSA PSK' -V NO -p OpenSSL
+}
+
+component_test_no_hmac_drbg_classic () {
+    msg "build: Full minus HMAC_DRBG, classic crypto in TLS"
+    scripts/config.py full
+    scripts/config.py unset MBEDTLS_HMAC_DRBG_C
+    scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: Full minus HMAC_DRBG, classic crypto - main suites"
+    make test
+
+    # Normally our ECDSA implementation uses deterministic ECDSA. But since
+    # HMAC_DRBG is disabled in this configuration, randomized ECDSA is used
+    # instead.
+    # Test SSL with non-deterministic ECDSA. Only test features that
+    # might be affected by how ECDSA signature is performed.
+    msg "test: Full minus HMAC_DRBG, classic crypto - ssl-opt.sh (subset)"
+    tests/ssl-opt.sh -f 'Default\|SSL async private: sign'
+
+    # To save time, only test one protocol version, since this part of
+    # the protocol is identical in (D)TLS up to 1.2.
+    msg "test: Full minus HMAC_DRBG, classic crypto - compat.sh (ECDSA)"
+    tests/compat.sh -m tls12 -t 'ECDSA'
+}
+
+component_test_no_hmac_drbg_use_psa () {
+    msg "build: Full minus HMAC_DRBG, PSA crypto in TLS"
+    scripts/config.py full
+    scripts/config.py unset MBEDTLS_HMAC_DRBG_C
+    scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
+    scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
+
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: Full minus HMAC_DRBG, USE_PSA_CRYPTO - main suites"
+    make test
+
+    # Normally our ECDSA implementation uses deterministic ECDSA. But since
+    # HMAC_DRBG is disabled in this configuration, randomized ECDSA is used
+    # instead.
+    # Test SSL with non-deterministic ECDSA. Only test features that
+    # might be affected by how ECDSA signature is performed.
+    msg "test: Full minus HMAC_DRBG, USE_PSA_CRYPTO - ssl-opt.sh (subset)"
+    tests/ssl-opt.sh -f 'Default\|SSL async private: sign'
+
+    # To save time, only test one protocol version, since this part of
+    # the protocol is identical in (D)TLS up to 1.2.
+    msg "test: Full minus HMAC_DRBG, USE_PSA_CRYPTO - compat.sh (ECDSA)"
+    tests/compat.sh -m tls12 -t 'ECDSA'
+}
+
+component_test_psa_external_rng_no_drbg_classic () {
+    msg "build: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, classic crypto in TLS"
+    scripts/config.py full
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
+    scripts/config.py unset MBEDTLS_ENTROPY_C
+    scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
+    scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
+    scripts/config.py unset MBEDTLS_CTR_DRBG_C
+    scripts/config.py unset MBEDTLS_HMAC_DRBG_C
+    scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
+    scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG
+    # When MBEDTLS_USE_PSA_CRYPTO is disabled and there is no DRBG,
+    # the SSL test programs don't have an RNG and can't work. Explicitly
+    # make them use the PSA RNG with -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG.
+    make CFLAGS="$ASAN_CFLAGS -O2 -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG" LDFLAGS="$ASAN_CFLAGS"
+
+    msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, classic crypto - main suites"
+    make test
+
+    msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, classic crypto - ssl-opt.sh (subset)"
+    tests/ssl-opt.sh -f 'Default'
+}
+
+component_test_psa_external_rng_no_drbg_use_psa () {
+    msg "build: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, PSA crypto in TLS"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
+    scripts/config.py unset MBEDTLS_ENTROPY_C
+    scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
+    scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
+    scripts/config.py unset MBEDTLS_CTR_DRBG_C
+    scripts/config.py unset MBEDTLS_HMAC_DRBG_C
+    scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
+    scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG
+    make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
+
+    msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, PSA crypto - main suites"
+    make test
+
+    msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, PSA crypto - ssl-opt.sh (subset)"
+    tests/ssl-opt.sh -f 'Default\|opaque'
+}
+
+component_test_psa_external_rng_use_psa_crypto () {
+    msg "build: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
+    scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py unset MBEDTLS_CTR_DRBG_C
+    make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
+
+    msg "test: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG"
+    make test
+
+    msg "test: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG"
+    tests/ssl-opt.sh -f 'Default\|opaque'
+}
+
+component_test_psa_inject_entropy () {
+    msg "build: full + MBEDTLS_PSA_INJECT_ENTROPY"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_INJECT_ENTROPY
+    scripts/config.py set MBEDTLS_ENTROPY_NV_SEED
+    scripts/config.py set MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+    scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
+    scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_READ
+    scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_WRITE
+    make CFLAGS="$ASAN_CFLAGS '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS"
+
+    msg "test: full + MBEDTLS_PSA_INJECT_ENTROPY"
+    make test
+}
+
+component_test_ecp_no_internal_rng () {
+    msg "build: Default plus ECP_NO_INTERNAL_RNG minus DRBG modules"
+    scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG
+    scripts/config.py unset MBEDTLS_CTR_DRBG_C
+    scripts/config.py unset MBEDTLS_HMAC_DRBG_C
+    scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
+    scripts/config.py unset MBEDTLS_PSA_CRYPTO_C # requires a DRBG
+    scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA Crypto
+
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: ECP_NO_INTERNAL_RNG, no DRBG module"
+    make test
+
+    # no SSL tests as they all depend on having a DRBG
+}
+
+component_test_ecp_restartable_no_internal_rng () {
+    msg "build: Default plus ECP_RESTARTABLE and ECP_NO_INTERNAL_RNG, no DRBG"
+    scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG
+    scripts/config.py set MBEDTLS_ECP_RESTARTABLE
+    scripts/config.py unset MBEDTLS_CTR_DRBG_C
+    scripts/config.py unset MBEDTLS_HMAC_DRBG_C
+    scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
+    scripts/config.py unset MBEDTLS_PSA_CRYPTO_C # requires CTR_DRBG
+    scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA Crypto
+
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: ECP_RESTARTABLE and ECP_NO_INTERNAL_RNG, no DRBG module"
+    make test
+
+    # no SSL tests as they all depend on having a DRBG
+}
+
+component_test_tls1_2_default_stream_cipher_only () {
+    msg "build: default with only stream cipher"
+
+    # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C
+    scripts/config.py unset MBEDTLS_GCM_C
+    scripts/config.py unset MBEDTLS_CCM_C
+    scripts/config.py unset MBEDTLS_CHACHAPOLY_C
+    # Disable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
+    scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC
+    # Disable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    scripts/config.py unset MBEDTLS_SSL_ENCRYPT_THEN_MAC
+    # Enable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER))
+    scripts/config.py set MBEDTLS_CIPHER_NULL_CIPHER
+    # Modules that depend on AEAD
+    scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION
+    scripts/config.py unset MBEDTLS_SSL_TICKET_C
+
+    make
+
+    msg "test: default with only stream cipher"
+    make test
+
+    # Not running ssl-opt.sh because most tests require a non-NULL ciphersuite.
+}
+
+component_test_tls1_2_default_stream_cipher_only_use_psa () {
+    msg "build: default with only stream cipher use psa"
+
+    scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
+    # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C)
+    scripts/config.py unset MBEDTLS_GCM_C
+    scripts/config.py unset MBEDTLS_CCM_C
+    scripts/config.py unset MBEDTLS_CHACHAPOLY_C
+    # Disable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
+    scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC
+    # Disable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    scripts/config.py unset MBEDTLS_SSL_ENCRYPT_THEN_MAC
+    # Enable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER))
+    scripts/config.py set MBEDTLS_CIPHER_NULL_CIPHER
+    # Modules that depend on AEAD
+    scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION
+    scripts/config.py unset MBEDTLS_SSL_TICKET_C
+
+    make
+
+    msg "test: default with only stream cipher use psa"
+    make test
+
+    # Not running ssl-opt.sh because most tests require a non-NULL ciphersuite.
+}
+
+component_test_tls1_2_default_cbc_legacy_cipher_only () {
+    msg "build: default with only CBC-legacy cipher"
+
+    # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C)
+    scripts/config.py unset MBEDTLS_GCM_C
+    scripts/config.py unset MBEDTLS_CCM_C
+    scripts/config.py unset MBEDTLS_CHACHAPOLY_C
+    # Enable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
+    scripts/config.py set MBEDTLS_CIPHER_MODE_CBC
+    # Disable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    scripts/config.py unset MBEDTLS_SSL_ENCRYPT_THEN_MAC
+    # Disable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER))
+    scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER
+    # Modules that depend on AEAD
+    scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION
+    scripts/config.py unset MBEDTLS_SSL_TICKET_C
+
+    make
+
+    msg "test: default with only CBC-legacy cipher"
+    make test
+
+    msg "test: default with only CBC-legacy cipher - ssl-opt.sh (subset)"
+    tests/ssl-opt.sh -f "TLS 1.2"
+}
+
+component_test_tls1_2_deafult_cbc_legacy_cipher_only_use_psa () {
+    msg "build: default with only CBC-legacy cipher use psa"
+
+    scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
+    # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C)
+    scripts/config.py unset MBEDTLS_GCM_C
+    scripts/config.py unset MBEDTLS_CCM_C
+    scripts/config.py unset MBEDTLS_CHACHAPOLY_C
+    # Enable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
+    scripts/config.py set MBEDTLS_CIPHER_MODE_CBC
+    # Disable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    scripts/config.py unset MBEDTLS_SSL_ENCRYPT_THEN_MAC
+    # Disable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER))
+    scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER
+    # Modules that depend on AEAD
+    scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION
+    scripts/config.py unset MBEDTLS_SSL_TICKET_C
+
+    make
+
+    msg "test: default with only CBC-legacy cipher use psa"
+    make test
+
+    msg "test: default with only CBC-legacy cipher use psa - ssl-opt.sh (subset)"
+    tests/ssl-opt.sh -f "TLS 1.2"
+}
+
+component_test_tls1_2_default_cbc_legacy_cbc_etm_cipher_only () {
+    msg "build: default with only CBC-legacy and CBC-EtM ciphers"
+
+    # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C)
+    scripts/config.py unset MBEDTLS_GCM_C
+    scripts/config.py unset MBEDTLS_CCM_C
+    scripts/config.py unset MBEDTLS_CHACHAPOLY_C
+    # Enable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
+    scripts/config.py set MBEDTLS_CIPHER_MODE_CBC
+    # Enable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    scripts/config.py set MBEDTLS_SSL_ENCRYPT_THEN_MAC
+    # Disable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER))
+    scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER
+    # Modules that depend on AEAD
+    scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION
+    scripts/config.py unset MBEDTLS_SSL_TICKET_C
+
+    make
+
+    msg "test: default with only CBC-legacy and CBC-EtM ciphers"
+    make test
+
+    msg "test: default with only CBC-legacy and CBC-EtM ciphers - ssl-opt.sh (subset)"
+    tests/ssl-opt.sh -f "TLS 1.2"
+}
+
+component_test_tls1_2_default_cbc_legacy_cbc_etm_cipher_only_use_psa () {
+    msg "build: default with only CBC-legacy and CBC-EtM ciphers use psa"
+
+    scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
+    # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C)
+    scripts/config.py unset MBEDTLS_GCM_C
+    scripts/config.py unset MBEDTLS_CCM_C
+    scripts/config.py unset MBEDTLS_CHACHAPOLY_C
+    # Enable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
+    scripts/config.py set MBEDTLS_CIPHER_MODE_CBC
+    # Enable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    scripts/config.py set MBEDTLS_SSL_ENCRYPT_THEN_MAC
+    # Disable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER))
+    scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER
+    # Modules that depend on AEAD
+    scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION
+    scripts/config.py unset MBEDTLS_SSL_TICKET_C
+
+    make
+
+    msg "test: default with only CBC-legacy and CBC-EtM ciphers use psa"
+    make test
+
+    msg "test: default with only CBC-legacy and CBC-EtM ciphers use psa - ssl-opt.sh (subset)"
+    tests/ssl-opt.sh -f "TLS 1.2"
+}
+
+component_test_new_ecdh_context () {
+    msg "build: new ECDH context (ASan build)" # ~ 6 min
+    scripts/config.py unset MBEDTLS_ECDH_LEGACY_CONTEXT
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: new ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s
+    make test
+
+    msg "test: new ECDH context - ECDH-related part of ssl-opt.sh (ASan build)" # ~ 5s
+    tests/ssl-opt.sh -f ECDH
+
+    msg "test: new ECDH context - compat.sh with some ECDH ciphersuites (ASan build)" # ~ 3 min
+    # Exclude some symmetric ciphers that are redundant here to gain time.
+    tests/compat.sh -f ECDH -V NO -e 'ARCFOUR\|ARIA\|CAMELLIA\|CHACHA\|DES\|RC4'
+}
+
+component_test_everest () {
+    msg "build: Everest ECDH context (ASan build)" # ~ 6 min
+    scripts/config.py unset MBEDTLS_ECDH_LEGACY_CONTEXT
+    scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
+    CC=clang cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s
+    make test
+
+    msg "test: Everest ECDH context - ECDH-related part of ssl-opt.sh (ASan build)" # ~ 5s
+    tests/ssl-opt.sh -f ECDH
+
+    msg "test: Everest ECDH context - compat.sh with some ECDH ciphersuites (ASan build)" # ~ 3 min
+    # Exclude some symmetric ciphers that are redundant here to gain time.
+    tests/compat.sh -f ECDH -V NO -e 'ARCFOUR\|ARIA\|CAMELLIA\|CHACHA\|DES\|RC4'
+}
+
+component_test_everest_curve25519_only () {
+    msg "build: Everest ECDH context, only Curve25519" # ~ 6 min
+    scripts/config.py unset MBEDTLS_ECDH_LEGACY_CONTEXT
+    scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
+    scripts/config.py unset MBEDTLS_ECDSA_C
+    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+    # Disable all curves
+    for c in $(sed -n 's/#define \(MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED\).*/\1/p' <"$CONFIG_H"); do
+        scripts/config.py unset "$c"
+    done
+    scripts/config.py set MBEDTLS_ECP_DP_CURVE25519_ENABLED
+
+    make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
+
+    msg "test: Everest ECDH context, only Curve25519" # ~ 50s
+    make test
+}
+
+component_test_small_ssl_out_content_len () {
+    msg "build: small SSL_OUT_CONTENT_LEN (ASan build)"
+    scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 16384
+    scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 4096
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: small SSL_OUT_CONTENT_LEN - ssl-opt.sh MFL and large packet tests"
+    tests/ssl-opt.sh -f "Max fragment\|Large packet"
+}
+
+component_test_small_ssl_in_content_len () {
+    msg "build: small SSL_IN_CONTENT_LEN (ASan build)"
+    scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 4096
+    scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 16384
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: small SSL_IN_CONTENT_LEN - ssl-opt.sh MFL tests"
+    tests/ssl-opt.sh -f "Max fragment"
+}
+
+component_test_small_ssl_dtls_max_buffering () {
+    msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0"
+    scripts/config.py set MBEDTLS_SSL_DTLS_MAX_BUFFERING 1000
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0 - ssl-opt.sh specific reordering test"
+    tests/ssl-opt.sh -f "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg"
+}
+
+component_test_small_mbedtls_ssl_dtls_max_buffering () {
+    msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1"
+    scripts/config.py set MBEDTLS_SSL_DTLS_MAX_BUFFERING 190
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1 - ssl-opt.sh specific reordering test"
+    tests/ssl-opt.sh -f "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket"
+}
+
+component_test_psa_collect_statuses () {
+  msg "build+test: psa_collect_statuses" # ~30s
+  scripts/config.py full
+  tests/scripts/psa_collect_statuses.py
+  # Check that psa_crypto_init() succeeded at least once
+  grep -q '^0:psa_crypto_init:' tests/statuses.log
+  rm -f tests/statuses.log
+}
+
+component_test_full_cmake_clang () {
+    msg "build: cmake, full config, clang" # ~ 50s
+    scripts/config.py full
+    CC=clang CXX=clang cmake -D CMAKE_BUILD_TYPE:String=Release -D ENABLE_TESTING=On -D TEST_CPP=1 .
+    make
+
+    msg "test: main suites (full config, clang)" # ~ 5s
+    make test
+
+    msg "test: cpp_dummy_build (full config, clang)" # ~ 1s
+    programs/test/cpp_dummy_build
+
+    msg "test: psa_constant_names (full config, clang)" # ~ 1s
+    tests/scripts/test_psa_constant_names.py
+
+    msg "test: ssl-opt.sh default, ECJPAKE, SSL async (full config)" # ~ 1s
+    tests/ssl-opt.sh -f 'Default\|ECJPAKE\|SSL async private'
+
+    msg "test: compat.sh RC4, DES, 3DES & NULL (full config)" # ~ 2 min
+    env OPENSSL="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '^$' -f 'NULL\|DES\|RC4\|ARCFOUR'
+
+    msg "test: compat.sh ARIA + ChachaPoly"
+    env OPENSSL="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
+}
+
+skip_suites_without_constant_flow () {
+    # Skip the test suites that don't have any constant-flow annotations.
+    # This will need to be adjusted if we ever start declaring things as
+    # secret from macros or functions inside tests/include or tests/src.
+    SKIP_TEST_SUITES=$(
+        git -C tests/suites grep -L TEST_CF_ 'test_suite_*.function' |
+            sed 's/test_suite_//; s/\.function$//' |
+            tr '\n' ,)
+    export SKIP_TEST_SUITES
+}
+
+component_test_memsan_constant_flow () {
+    # This tests both (1) accesses to undefined memory, and (2) branches or
+    # memory access depending on secret values. To distinguish between those:
+    # - unset MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN - does the failure persist?
+    # - or alternatively, change the build type to MemSanDbg, which enables
+    # origin tracking and nicer stack traces (which are useful for debugging
+    # anyway), and check if the origin was TEST_CF_SECRET() or something else.
+    msg "build: cmake MSan (clang), full config with constant flow testing"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
+    scripts/config.py unset MBEDTLS_AESNI_C # memsan doesn't grok asm
+    CC=clang cmake -D CMAKE_BUILD_TYPE:String=MemSan .
+    make
+
+    msg "test: main suites (Msan + constant flow)"
+    make test
+}
+
+component_test_valgrind_constant_flow () {
+    # This tests both (1) everything that valgrind's memcheck usually checks
+    # (heap buffer overflows, use of uninitialized memory, use-after-free,
+    # etc.) and (2) branches or memory access depending on secret values,
+    # which will be reported as uninitialized memory. To distinguish between
+    # secret and actually uninitialized:
+    # - unset MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND - does the failure persist?
+    # - or alternatively, build with debug info and manually run the offending
+    # test suite with valgrind --track-origins=yes, then check if the origin
+    # was TEST_CF_SECRET() or something else.
+    msg "build: cmake release GCC, full config with constant flow testing"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND
+    skip_suites_without_constant_flow
+    cmake -D CMAKE_BUILD_TYPE:String=Release .
+    make
+
+    # this only shows a summary of the results (how many of each type)
+    # details are left in Testing/<date>/DynamicAnalysis.xml
+    msg "test: some suites (valgrind + constant flow)"
+    make memcheck
+}
+
+component_test_default_no_deprecated () {
+    # Test that removing the deprecated features from the default
+    # configuration leaves something consistent.
+    msg "build: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 30s
+    scripts/config.py set MBEDTLS_DEPRECATED_REMOVED
+    make CC=gcc CFLAGS='-O -Werror -Wall -Wextra'
+
+    msg "test: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 5s
+    make test
+}
+
+component_test_full_no_deprecated () {
+    msg "build: make, full_no_deprecated config" # ~ 30s
+    scripts/config.py full_no_deprecated
+    make CC=gcc CFLAGS='-O -Werror -Wall -Wextra'
+
+    msg "test: make, full_no_deprecated config" # ~ 5s
+    make test
+}
+
+component_test_full_no_deprecated_deprecated_warning () {
+    # Test that there is nothing deprecated in "full_no_deprecated".
+    # A deprecated feature would trigger a warning (made fatal) from
+    # MBEDTLS_DEPRECATED_WARNING.
+    msg "build: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 30s
+    scripts/config.py full_no_deprecated
+    scripts/config.py unset MBEDTLS_DEPRECATED_REMOVED
+    scripts/config.py set MBEDTLS_DEPRECATED_WARNING
+    make CC=gcc CFLAGS='-O -Werror -Wall -Wextra'
+
+    msg "test: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 5s
+    make test
+}
+
+component_test_full_deprecated_warning () {
+    # Test that when MBEDTLS_DEPRECATED_WARNING is enabled, the build passes
+    # with only certain whitelisted types of warnings.
+    msg "build: make, full config + MBEDTLS_DEPRECATED_WARNING, expect warnings" # ~ 30s
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_DEPRECATED_WARNING
+    # Expect warnings from '#warning' directives in check_config.h.
+    make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=cpp' lib programs
+
+    msg "build: make tests, full config + MBEDTLS_DEPRECATED_WARNING, expect warnings" # ~ 30s
+    # Set MBEDTLS_TEST_DEPRECATED to enable tests for deprecated features.
+    # By default those are disabled when MBEDTLS_DEPRECATED_WARNING is set.
+    # Expect warnings from '#warning' directives in check_config.h and
+    # from the use of deprecated functions in test suites.
+    make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -Wno-error=cpp -DMBEDTLS_TEST_DEPRECATED' tests
+
+    msg "test: full config + MBEDTLS_TEST_DEPRECATED" # ~ 30s
+    make test
+}
+
+# Check that the specified libraries exist and are empty.
+are_empty_libraries () {
+  nm "$@" >/dev/null 2>/dev/null
+  ! nm "$@" 2>/dev/null | grep -v ':$' | grep .
+}
+
+component_build_crypto_default () {
+  msg "build: make, crypto only"
+  scripts/config.py crypto
+  make CFLAGS='-O1 -Werror'
+  are_empty_libraries library/libmbedx509.* library/libmbedtls.*
+}
+
+component_build_crypto_full () {
+  msg "build: make, crypto only, full config"
+  scripts/config.py crypto_full
+  make CFLAGS='-O1 -Werror'
+  are_empty_libraries library/libmbedx509.* library/libmbedtls.*
+}
+
+component_test_crypto_for_psa_service () {
+  msg "build: make, config for PSA crypto service"
+  scripts/config.py crypto
+  scripts/config.py set MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
+  # Disable things that are not needed for just cryptography, to
+  # reach a configuration that would be typical for a PSA cryptography
+  # service providing all implemented PSA algorithms.
+  # System stuff
+  scripts/config.py unset MBEDTLS_ERROR_C
+  scripts/config.py unset MBEDTLS_TIMING_C
+  scripts/config.py unset MBEDTLS_VERSION_FEATURES
+  # Crypto stuff with no PSA interface
+  scripts/config.py unset MBEDTLS_BASE64_C
+  scripts/config.py unset MBEDTLS_BLOWFISH_C
+  # Keep MBEDTLS_CIPHER_C because psa_crypto_cipher, CCM and GCM need it.
+  # Keep MBEDTLS_MD_C because RSA and ECDSA need it, also HMAC_DRBG which
+  # is needed for deterministic ECDSA.
+  scripts/config.py unset MBEDTLS_ECJPAKE_C
+  scripts/config.py unset MBEDTLS_HKDF_C # PSA's HKDF is independent
+  scripts/config.py unset MBEDTLS_NIST_KW_C
+  scripts/config.py unset MBEDTLS_PEM_PARSE_C
+  scripts/config.py unset MBEDTLS_PEM_WRITE_C
+  scripts/config.py unset MBEDTLS_PKCS12_C
+  scripts/config.py unset MBEDTLS_PKCS5_C
+  # We keep MBEDTLS_PK_{,PARSE,WRITE}_C because PSA with RSA needs it.
+  scripts/config.py unset MBEDTLS_XTEA_C
+  make CFLAGS='-O1 -Werror' all test
+  are_empty_libraries library/libmbedx509.* library/libmbedtls.*
+}
+
+component_build_crypto_baremetal () {
+  msg "build: make, crypto only, baremetal config"
+  scripts/config.py crypto_baremetal
+  make CFLAGS="-O1 -Werror -I$PWD/tests/include/baremetal-override/"
+  are_empty_libraries library/libmbedx509.* library/libmbedtls.*
+}
+support_build_crypto_baremetal () {
+    support_build_baremetal "$@"
+}
+
+component_build_baremetal () {
+  msg "build: make, baremetal config"
+  scripts/config.py baremetal
+  make CFLAGS="-O1 -Werror -I$PWD/tests/include/baremetal-override/"
+}
+support_build_baremetal () {
+    # Older Glibc versions include time.h from other headers such as stdlib.h,
+    # which makes the no-time.h-in-baremetal check fail. Ubuntu 16.04 has this
+    # problem, Ubuntu 18.04 is ok.
+    ! grep -q -F time.h /usr/include/x86_64-linux-gnu/sys/types.h
+}
+
+# depends.py family of tests
+component_test_depends_py_cipher_id () {
+    msg "test/build: depends.py cipher_id (gcc)"
+    tests/scripts/depends.py cipher_id --unset-use-psa
+}
+
+component_test_depends_py_cipher_chaining () {
+    msg "test/build: depends.py cipher_chaining (gcc)"
+    tests/scripts/depends.py cipher_chaining --unset-use-psa
+}
+
+component_test_depends_py_cipher_padding () {
+    msg "test/build: depends.py cipher_padding (gcc)"
+    tests/scripts/depends.py cipher_padding --unset-use-psa
+}
+
+component_test_depends_py_curves () {
+    msg "test/build: depends.py curves (gcc)"
+    tests/scripts/depends.py curves --unset-use-psa
+}
+
+component_test_depends_py_hashes () {
+    msg "test/build: depends.py hashes (gcc)"
+    tests/scripts/depends.py hashes --unset-use-psa
+}
+
+component_test_depends_py_kex () {
+    msg "test/build: depends.py kex (gcc)"
+    tests/scripts/depends.py kex --unset-use-psa
+}
+
+component_test_depends_py_pkalgs () {
+    msg "test/build: depends.py pkalgs (gcc)"
+    tests/scripts/depends.py pkalgs --unset-use-psa
+}
+
+# PSA equivalents of the depends.py tests
+component_test_depends_py_cipher_id_psa () {
+    msg "test/build: depends.py cipher_id (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
+    tests/scripts/depends.py cipher_id
+}
+
+component_test_depends_py_cipher_chaining_psa () {
+    msg "test/build: depends.py cipher_chaining (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
+    tests/scripts/depends.py cipher_chaining
+}
+
+component_test_depends_py_cipher_padding_psa () {
+    msg "test/build: depends.py cipher_padding (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
+    tests/scripts/depends.py cipher_padding
+}
+
+component_test_depends_py_curves_psa () {
+    msg "test/build: depends.py curves (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
+    tests/scripts/depends.py curves
+}
+
+component_test_depends_py_hashes_psa () {
+    msg "test/build: depends.py hashes (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
+    tests/scripts/depends.py hashes
+}
+
+component_test_depends_py_kex_psa () {
+    msg "test/build: depends.py kex (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
+    tests/scripts/depends.py kex
+}
+
+component_test_depends_py_pkalgs_psa () {
+    msg "test/build: depends.py pkalgs (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
+    tests/scripts/depends.py pkalgs
+}
+
+component_build_no_pk_rsa_alt_support () {
+    msg "build: !MBEDTLS_PK_RSA_ALT_SUPPORT" # ~30s
+
+    scripts/config.py full
+    scripts/config.py unset MBEDTLS_PK_RSA_ALT_SUPPORT
+    scripts/config.py set MBEDTLS_RSA_C
+    scripts/config.py set MBEDTLS_X509_CRT_WRITE_C
+
+    # Only compile - this is primarily to test for compile issues
+    make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy'
+}
+
+component_test_no_use_psa_crypto_full_cmake_asan() {
+    # full minus MBEDTLS_USE_PSA_CRYPTO: run the same set of tests as basic-build-test.sh
+    msg "build: cmake, full config minus MBEDTLS_USE_PSA_CRYPTO, ASan"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_ECP_RESTARTABLE  # not using PSA, so enable restartable ECC
+    scripts/config.py unset MBEDTLS_PSA_CRYPTO_C
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C
+    scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C
+    scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: main suites (full minus MBEDTLS_USE_PSA_CRYPTO)"
+    make test
+
+    msg "test: ssl-opt.sh (full minus MBEDTLS_USE_PSA_CRYPTO)"
+    tests/ssl-opt.sh
+
+    msg "test: compat.sh default (full minus MBEDTLS_USE_PSA_CRYPTO)"
+    tests/compat.sh
+
+    msg "test: compat.sh RC4, DES & NULL (full minus MBEDTLS_USE_PSA_CRYPTO)"
+    env OPENSSL="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR'
+
+    msg "test: compat.sh ARIA + ChachaPoly (full minus MBEDTLS_USE_PSA_CRYPTO)"
+    env OPENSSL="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
+}
+
+component_test_psa_crypto_config_accel_ecdsa () {
+    msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA"
+
+    # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having
+    # partial support for cipher operations in the driver test library.
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
+    # Disable obsolete hashes (alternatively we could enable support for them
+    # in the driver test library).
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
+
+    # SHA384 needed for some ECDSA signature tests.
+    scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA512_C
+
+    loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY"
+    loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
+    make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
+
+    # Restore test driver base configuration
+    scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA512_C
+
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py unset MBEDTLS_ECDSA_C
+    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+
+    loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
+    make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
+
+    not grep mbedtls_ecdsa_ library/ecdsa.o
+
+    msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA"
+    make test
+}
+
+component_test_psa_crypto_config_accel_rsa_signature () {
+    msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature"
+
+    # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having
+    # partial support for cipher operations in the driver test library.
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
+
+    # It seems it is not possible to remove only the support for RSA signature
+    # in the library. Thus we have to remove all RSA support (signature and
+    # encryption/decryption). AS there is no driver support for asymmetric
+    # encryption/decryption so far remove RSA encryption/decryption from the
+    # application algorithm list.
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_OAEP
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT
+
+    # Make sure both the library and the test library support the SHA hash
+    # algorithms and only those ones (SHA256 is included by default). That way:
+    # - the test library can compute the RSA signatures even in the case of a
+    #   composite RSA signature algorithm based on a SHA hash (no other hash
+    #   used in the unit tests).
+    # - the dependency of RSA signature tests on PSA_WANT_ALG_SHA_xyz is
+    #   fulfilled as the hash SHA algorithm is supported by the library, and
+    #   thus the tests are run, not skipped.
+    # - when testing a signature key with an algorithm wildcard built from
+    #   PSA_ALG_ANY_HASH as algorithm to test with the key, the chosen hash
+    #   algorithm based on the hashes supported by the library is also
+    #   supported by the test library.
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160_C
+
+    scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA1_C
+    scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA512_C
+    # We need PEM parsing in the test library as well to support the import
+    # of PEM encoded RSA keys.
+    scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_PEM_PARSE_C
+    scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_BASE64_C
+
+    loc_accel_list="ALG_RSA_PKCS1V15_SIGN ALG_RSA_PSS KEY_TYPE_RSA_KEY_PAIR KEY_TYPE_RSA_PUBLIC_KEY"
+    loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
+    make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
+
+    # Restore test driver base configuration
+    scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA1_C
+    scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA512_C
+    scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_PEM_PARSE_C
+    scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_BASE64_C
+
+
+    # Mbed TLS library build
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+
+    # Remove RSA support and its dependencies
+    scripts/config.py unset MBEDTLS_PKCS1_V15
+    scripts/config.py unset MBEDTLS_PKCS1_V21
+    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
+    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
+    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+    scripts/config.py unset MBEDTLS_RSA_C
+    scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT
+
+    scripts/config.py unset MBEDTLS_MD2_C
+    scripts/config.py unset MBEDTLS_MD4_C
+    scripts/config.py unset MBEDTLS_MD5_C
+    scripts/config.py unset MBEDTLS_RIPEMD160_C
+    scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1
+    scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_1
+    scripts/config.py unset MBEDTLS_SSL_CBC_RECORD_SPLITTING
+
+    loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
+    make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
+
+    not grep mbedtls_rsa_rsassa_pkcs1_v15_sign library/rsa.o
+    not grep mbedtls_rsa_rsassa_pss_sign_ext library/rsa.o
+
+    msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature"
+    make test
+}
+
+component_test_psa_crypto_config_accel_hash () {
+    msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash"
+
+    # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having
+    # partial support for cipher operations in the driver test library.
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
+
+    loc_accel_list="ALG_MD4 ALG_MD5 ALG_RIPEMD160 ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512"
+    loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
+    make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
+
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py unset MBEDTLS_MD2_C
+    scripts/config.py unset MBEDTLS_MD4_C
+    scripts/config.py unset MBEDTLS_MD5_C
+    scripts/config.py unset MBEDTLS_RIPEMD160_C
+    scripts/config.py unset MBEDTLS_SHA1_C
+    # Don't unset MBEDTLS_SHA256_C as it is needed by PSA crypto core.
+    scripts/config.py unset MBEDTLS_SHA512_C
+    # Unset MBEDTLS_SSL_PROTO_SSL3, MBEDTLS_SSL_PROTO_TLS1 and MBEDTLS_SSL_PROTO_TLS1_1 as they depend on MBEDTLS_SHA1_C
+    scripts/config.py unset MBEDTLS_SSL_PROTO_SSL3
+    scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1
+    scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_1
+    # Unset MBEDTLS_SSL_CBC_RECORD_SPLITTING as it depends on MBEDTLS_SSL_PROTO_TLS1 in the default configuration.
+    scripts/config.py unset MBEDTLS_SSL_CBC_RECORD_SPLITTING
+    loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
+    make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
+
+    not grep mbedtls_sha512_init library/sha512.o
+    not grep mbedtls_sha1_init library/sha1.o
+
+    msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash"
+    make test
+}
+
+component_test_psa_crypto_config_accel_cipher () {
+    msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated cipher"
+
+    # This test case focuses on cipher+AEAD. We don't yet support all
+    # combinations of configurations, so deactivate block-cipher-based MACs.
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_CMAC
+
+    loc_accel_list="ALG_CBC_NO_PADDING ALG_CBC_PKCS7 ALG_CTR ALG_CFB ALG_OFB ALG_XTS KEY_TYPE_DES"
+    loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
+    make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
+
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+
+    # There is no intended accelerator support for ALG STREAM_CIPHER and
+    # ALG_ECB_NO_PADDING. Therefore, asking for them in the build implies the
+    # inclusion of the Mbed TLS cipher operations. As we want to test here with
+    # cipher operations solely supported by accelerators, disabled those
+    # PSA configuration options.
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
+
+    scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC
+    scripts/config.py unset MBEDTLS_CIPHER_PADDING_PKCS7
+    scripts/config.py unset MBEDTLS_CIPHER_MODE_CTR
+    scripts/config.py unset MBEDTLS_CIPHER_MODE_CFB
+    scripts/config.py unset MBEDTLS_CIPHER_MODE_OFB
+    scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS
+    scripts/config.py unset MBEDTLS_DES_C
+
+    loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
+    make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
+
+    not grep mbedtls_des* library/des.o
+
+    msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash"
+    make test
+}
+
+component_test_psa_crypto_config_accel_aead () {
+    msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated AEAD"
+
+    # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having
+    # partial support for cipher operations in the driver test library.
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
+
+    loc_accel_list="ALG_GCM ALG_CCM ALG_CHACHA20_POLY1305 KEY_TYPE_AES KEY_TYPE_CHACHA20 KEY_TYPE_ARIA KEY_TYPE_CAMELLIA"
+    loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
+    make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
+
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+
+    scripts/config.py unset MBEDTLS_GCM_C
+    scripts/config.py unset MBEDTLS_CCM_C
+    scripts/config.py unset MBEDTLS_CHACHAPOLY_C
+    # Features that depend on AEAD
+    scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION
+    scripts/config.py unset MBEDTLS_SSL_TICKET_C
+
+    loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
+    make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
+
+    # There's a risk of something getting re-enabled via config_psa.h
+    # make sure it did not happen.
+    not grep mbedtls_ccm library/ccm.o
+    not grep mbedtls_gcm library/gcm.o
+    not grep mbedtls_chachapoly library/chachapoly.o
+
+    msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated AEAD"
+    make test
+}
+
+component_test_psa_crypto_config_no_driver() {
+    msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py unset MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
+
+    msg "test: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS"
+    make test
+}
+
+component_test_aead_chachapoly_disabled() {
+    msg "build: full minus CHACHAPOLY"
+    scripts/config.py full
+    scripts/config.py unset MBEDTLS_CHACHAPOLY_C
+    scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
+
+    msg "test: full minus CHACHAPOLY"
+    make test
+}
+
+component_test_aead_only_ccm() {
+    msg "build: full minus CHACHAPOLY and GCM"
+    scripts/config.py full
+    scripts/config.py unset MBEDTLS_CHACHAPOLY_C
+    scripts/config.py unset MBEDTLS_GCM_C
+    scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305
+    scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_GCM
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
+
+    msg "test: full minus CHACHAPOLY and GCM"
+    make test
+}
+
+# This should be renamed to test and updated once the accelerator ECDH code is in place and ready to test.
+component_build_psa_accel_alg_ecdh() {
+    msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_ECDH without MBEDTLS_ECDH_C"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py unset MBEDTLS_ECDH_C
+    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+    scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDH -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
+# This should be renamed to test and updated once the accelerator ECC key pair code is in place and ready to test.
+component_build_psa_accel_key_type_ecc_key_pair() {
+    msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_KEY_TYPE_ECC_KEY_PAIR"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1
+    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
+    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
+# This should be renamed to test and updated once the accelerator ECC public key code is in place and ready to test.
+component_build_psa_accel_key_type_ecc_public_key() {
+    msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
+# This should be renamed to test and updated once the accelerator HMAC code is in place and ready to test.
+component_build_psa_accel_alg_hmac() {
+    msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_HMAC"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HMAC -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
+# This should be renamed to test and updated once the accelerator HKDF code is in place and ready to test.
+component_build_psa_accel_alg_hkdf() {
+    msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_HKDF without MBEDTLS_HKDF_C"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py unset MBEDTLS_HKDF_C
+    # Make sure to unset TLS1_3_EXPERIMENTAL since it requires HKDF_C and will not build properly without it.
+    scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
+# This should be renamed to test and updated once the accelerator MD2 code is in place and ready to test.
+component_build_psa_accel_alg_md2() {
+    msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_MD2 - other hashes"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512
+    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD2 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
+# This should be renamed to test and updated once the accelerator MD4 code is in place and ready to test.
+component_build_psa_accel_alg_md4() {
+    msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_MD4 - other hashes"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512
+    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD4 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
+# This should be renamed to test and updated once the accelerator MD5 code is in place and ready to test.
+component_build_psa_accel_alg_md5() {
+    msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_MD5 - other hashes"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512
+    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD5 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
+# This should be renamed to test and updated once the accelerator RIPEMD160 code is in place and ready to test.
+component_build_psa_accel_alg_ripemd160() {
+    msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_RIPEMD160 - other hashes"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512
+    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
+# This should be renamed to test and updated once the accelerator SHA1 code is in place and ready to test.
+component_build_psa_accel_alg_sha1() {
+    msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_SHA_1 - other hashes"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512
+    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_1 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
+# This should be renamed to test and updated once the accelerator SHA224 code is in place and ready to test.
+component_build_psa_accel_alg_sha224() {
+    msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_SHA_224 - other hashes"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512
+    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_224 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
+# This should be renamed to test and updated once the accelerator SHA256 code is in place and ready to test.
+component_build_psa_accel_alg_sha256() {
+    msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_SHA_256 - other hashes"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512
+    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_256 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
+# This should be renamed to test and updated once the accelerator SHA384 code is in place and ready to test.
+component_build_psa_accel_alg_sha384() {
+    msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_SHA_384 - other hashes"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256
+    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_384 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
+# This should be renamed to test and updated once the accelerator SHA512 code is in place and ready to test.
+component_build_psa_accel_alg_sha512() {
+    msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_SHA_512 - other hashes"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384
+    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_512 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
+# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
+component_build_psa_accel_alg_rsa_pkcs1v15_crypt() {
+    msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_RSA_PKCS1V15_CRYPT + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_OAEP
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PSS
+    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
+# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
+component_build_psa_accel_alg_rsa_pkcs1v15_sign() {
+    msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_RSA_PKCS1V15_SIGN + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_OAEP
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PSS
+    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
+# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
+component_build_psa_accel_alg_rsa_oaep() {
+    msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_RSA_OAEP + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_OAEP 1
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PSS
+    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_OAEP -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
+# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
+component_build_psa_accel_alg_rsa_pss() {
+    msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_RSA_PSS + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_PSS 1
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN
+    scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_OAEP
+    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
+# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
+component_build_psa_accel_key_type_rsa_key_pair() {
+    msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_KEY_TYPE_RSA_KEY_PAIR + PSA_WANT_ALG_RSA_PSS"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_PSS 1
+    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1
+    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
+# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
+component_build_psa_accel_key_type_rsa_public_key() {
+    msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY + PSA_WANT_ALG_RSA_PSS"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_PSS 1
+    scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
+    # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
+component_test_check_params_functionality () {
+    msg "build+test: MBEDTLS_CHECK_PARAMS functionality"
+    scripts/config.py full # includes CHECK_PARAMS
+    # Make MBEDTLS_PARAM_FAILED call mbedtls_param_failed().
+    scripts/config.py unset MBEDTLS_CHECK_PARAMS_ASSERT
+    make CC=gcc CFLAGS='-Werror -O1' all test
+}
+
+component_test_check_params_without_platform () {
+    msg "build+test: MBEDTLS_CHECK_PARAMS without MBEDTLS_PLATFORM_C"
+    scripts/config.py full # includes CHECK_PARAMS
+    # Keep MBEDTLS_PARAM_FAILED as assert.
+    scripts/config.py unset MBEDTLS_PLATFORM_EXIT_ALT
+    scripts/config.py unset MBEDTLS_PLATFORM_TIME_ALT
+    scripts/config.py unset MBEDTLS_PLATFORM_FPRINTF_ALT
+    scripts/config.py unset MBEDTLS_PLATFORM_MEMORY
+    scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
+    scripts/config.py unset MBEDTLS_PLATFORM_PRINTF_ALT
+    scripts/config.py unset MBEDTLS_PLATFORM_SNPRINTF_ALT
+    scripts/config.py unset MBEDTLS_PLATFORM_VSNPRINTF_ALT
+    scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
+    scripts/config.py unset MBEDTLS_PLATFORM_C
+    make CC=gcc CFLAGS='-Werror -O1' all test
+}
+
+component_test_check_params_silent () {
+    msg "build+test: MBEDTLS_CHECK_PARAMS with alternative MBEDTLS_PARAM_FAILED()"
+    scripts/config.py full # includes CHECK_PARAMS
+    # Set MBEDTLS_PARAM_FAILED to nothing.
+    sed -i 's/.*\(#define MBEDTLS_PARAM_FAILED( cond )\).*/\1/' "$CONFIG_H"
+    make CC=gcc CFLAGS='-Werror -O1' all test
+}
+
+component_build_aes_variations() { # ~45s
+    msg "build: aes.o for all combinations of relevant config options"
+
+    for a in set unset; do
+    for b in set unset; do
+    for c in set unset; do
+    for d in set unset; do
+    for e in set unset; do
+    for f in set unset; do
+    for g in set unset; do
+        echo ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT
+        echo ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT
+        echo ./scripts/config.py $c MBEDTLS_AES_ROM_TABLES
+        echo ./scripts/config.py $d MBEDTLS_AES_ENCRYPT_ALT
+        echo ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT
+        echo ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES
+        echo ./scripts/config.py $g MBEDTLS_PADLOCK_C
+
+        ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT
+        ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT
+        ./scripts/config.py $c MBEDTLS_AES_ROM_TABLES
+        ./scripts/config.py $d MBEDTLS_AES_ENCRYPT_ALT
+        ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT
+        ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES
+        ./scripts/config.py $g MBEDTLS_PADLOCK_C
+
+        rm -f library/aes.o
+        make -C library aes.o CC="clang" CFLAGS="-O0 -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused"
+    done
+    done
+    done
+    done
+    done
+    done
+    done
+}
+
+component_test_no_platform () {
+    # Full configuration build, without platform support, file IO and net sockets.
+    # This should catch missing mbedtls_printf definitions, and by disabling file
+    # IO, it should catch missing '#include <stdio.h>'
+    msg "build: full config except platform/fsio/net, make, gcc, C99" # ~ 30s
+    scripts/config.py full
+    scripts/config.py unset MBEDTLS_PLATFORM_C
+    scripts/config.py unset MBEDTLS_NET_C
+    scripts/config.py unset MBEDTLS_PLATFORM_MEMORY
+    scripts/config.py unset MBEDTLS_PLATFORM_PRINTF_ALT
+    scripts/config.py unset MBEDTLS_PLATFORM_FPRINTF_ALT
+    scripts/config.py unset MBEDTLS_PLATFORM_SNPRINTF_ALT
+    scripts/config.py unset MBEDTLS_PLATFORM_VSNPRINTF_ALT
+    scripts/config.py unset MBEDTLS_PLATFORM_TIME_ALT
+    scripts/config.py unset MBEDTLS_PLATFORM_EXIT_ALT
+    scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
+    scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
+    scripts/config.py unset MBEDTLS_FS_IO
+    scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C
+    scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C
+    scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C
+    # Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19,
+    # to re-enable platform integration features otherwise disabled in C99 builds
+    make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -Os -D_DEFAULT_SOURCE' lib programs
+    make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' test
+}
+
+component_build_no_std_function () {
+    # catch compile bugs in _uninit functions
+    msg "build: full config with NO_STD_FUNCTION, make, gcc" # ~ 30s
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+    scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
+    scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Check .
+    make
+}
+
+component_build_no_ssl_srv () {
+    msg "build: full config except ssl_srv.c, make, gcc" # ~ 30s
+    scripts/config.py full
+    scripts/config.py unset MBEDTLS_SSL_SRV_C
+    make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1'
+}
+
+component_build_no_ssl_cli () {
+    msg "build: full config except ssl_cli.c, make, gcc" # ~ 30s
+    scripts/config.py full
+    scripts/config.py unset MBEDTLS_SSL_CLI_C
+    make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1'
+}
+
+component_build_no_sockets () {
+    # Note, C99 compliance can also be tested with the sockets support disabled,
+    # as that requires a POSIX platform (which isn't the same as C99).
+    msg "build: full config except net_sockets.c, make, gcc -std=c99 -pedantic" # ~ 30s
+    scripts/config.py full
+    scripts/config.py unset MBEDTLS_NET_C # getaddrinfo() undeclared, etc.
+    scripts/config.py set MBEDTLS_NO_PLATFORM_ENTROPY # uses syscall() on GNU/Linux
+    make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1 -std=c99 -pedantic' lib
+}
+
+component_test_memory_buffer_allocator_backtrace () {
+    msg "build: default config with memory buffer allocator and backtrace enabled"
+    scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C
+    scripts/config.py set MBEDTLS_PLATFORM_MEMORY
+    scripts/config.py set MBEDTLS_MEMORY_BACKTRACE
+    scripts/config.py set MBEDTLS_MEMORY_DEBUG
+    CC=gcc cmake -DCMAKE_BUILD_TYPE:String=Release .
+    make
+
+    msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C and MBEDTLS_MEMORY_BACKTRACE"
+    make test
+}
+
+component_test_memory_buffer_allocator () {
+    msg "build: default config with memory buffer allocator"
+    scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C
+    scripts/config.py set MBEDTLS_PLATFORM_MEMORY
+    CC=gcc cmake -DCMAKE_BUILD_TYPE:String=Release .
+    make
+
+    msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C"
+    make test
+
+    msg "test: ssl-opt.sh, MBEDTLS_MEMORY_BUFFER_ALLOC_C"
+    # MBEDTLS_MEMORY_BUFFER_ALLOC is slow. Skip tests that tend to time out.
+    tests/ssl-opt.sh -e '^DTLS proxy'
+}
+
+component_test_no_max_fragment_length () {
+    # Run max fragment length tests with MFL disabled
+    msg "build: default config except MFL extension (ASan build)" # ~ 30s
+    scripts/config.py unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: ssl-opt.sh, MFL-related tests"
+    tests/ssl-opt.sh -f "Max fragment length"
+}
+
+component_test_asan_remove_peer_certificate () {
+    msg "build: default config with MBEDTLS_SSL_KEEP_PEER_CERTIFICATE disabled (ASan build)"
+    scripts/config.py unset MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE"
+    make test
+
+    msg "test: ssl-opt.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE"
+    tests/ssl-opt.sh
+
+    msg "test: compat.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE"
+    tests/compat.sh
+
+    msg "test: context-info.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE"
+    tests/context-info.sh
+}
+
+component_test_no_max_fragment_length_small_ssl_out_content_len () {
+    msg "build: no MFL extension, small SSL_OUT_CONTENT_LEN (ASan build)"
+    scripts/config.py unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+    scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 16384
+    scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 4096
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: MFL tests (disabled MFL extension case) & large packet tests"
+    tests/ssl-opt.sh -f "Max fragment length\|Large buffer"
+
+    msg "test: context-info.sh (disabled MFL extension case)"
+    tests/context-info.sh
+}
+
+component_test_variable_ssl_in_out_buffer_len () {
+    msg "build: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled (ASan build)"
+    scripts/config.py set MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled"
+    make test
+
+    msg "test: ssl-opt.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled"
+    tests/ssl-opt.sh
+
+    msg "test: compat.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled"
+    tests/compat.sh
+}
+
+component_test_variable_ssl_in_out_buffer_len_CID () {
+    msg "build: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_DTLS_CONNECTION_ID enabled (ASan build)"
+    scripts/config.py set MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
+    scripts/config.py set MBEDTLS_SSL_DTLS_CONNECTION_ID
+
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_DTLS_CONNECTION_ID"
+    make test
+
+    msg "test: ssl-opt.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_DTLS_CONNECTION_ID enabled"
+    tests/ssl-opt.sh
+
+    msg "test: compat.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_DTLS_CONNECTION_ID enabled"
+    tests/compat.sh
+}
+
+component_test_variable_ssl_in_out_buffer_len_record_splitting () {
+    msg "build: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_CBC_RECORD_SPLITTING enabled (ASan build)"
+    scripts/config.py set MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
+    scripts/config.py set MBEDTLS_SSL_CBC_RECORD_SPLITTING
+
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_CBC_RECORD_SPLITTING"
+    make test
+
+    msg "test: ssl-opt.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_CBC_RECORD_SPLITTING enabled"
+    tests/ssl-opt.sh
+
+    msg "test: compat.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_CBC_RECORD_SPLITTING enabled"
+    tests/compat.sh
+}
+
+component_test_ssl_alloc_buffer_and_mfl () {
+    msg "build: default config with memory buffer allocator and MFL extension"
+    scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C
+    scripts/config.py set MBEDTLS_PLATFORM_MEMORY
+    scripts/config.py set MBEDTLS_MEMORY_DEBUG
+    scripts/config.py set MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+    scripts/config.py set MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
+    CC=gcc cmake -DCMAKE_BUILD_TYPE:String=Release .
+    make
+
+    msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH, MBEDTLS_MEMORY_BUFFER_ALLOC_C, MBEDTLS_MEMORY_DEBUG and MBEDTLS_SSL_MAX_FRAGMENT_LENGTH"
+    make test
+
+    msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH, MBEDTLS_MEMORY_BUFFER_ALLOC_C, MBEDTLS_MEMORY_DEBUG and MBEDTLS_SSL_MAX_FRAGMENT_LENGTH"
+    tests/ssl-opt.sh -f "Handshake memory usage"
+}
+
+component_test_when_no_ciphersuites_have_mac () {
+    msg "build: when no ciphersuites have MAC"
+    scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER
+    scripts/config.py unset MBEDTLS_ARC4_C
+    scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC
+    make
+
+    msg "test: !MBEDTLS_SSL_SOME_MODES_USE_MAC"
+    make test
+
+    msg "test ssl-opt.sh: !MBEDTLS_SSL_SOME_MODES_USE_MAC"
+    tests/ssl-opt.sh -f 'Default\|EtM' -e 'without EtM'
+}
+
+component_test_null_entropy () {
+    msg "build: default config with  MBEDTLS_TEST_NULL_ENTROPY (ASan build)"
+    scripts/config.py set MBEDTLS_TEST_NULL_ENTROPY
+    scripts/config.py set MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+    scripts/config.py set MBEDTLS_ENTROPY_C
+    scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
+    scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
+    scripts/config.py unset MBEDTLS_ENTROPY_HARDWARE_ALT
+    scripts/config.py unset MBEDTLS_HAVEGE_C
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan -D UNSAFE_BUILD=ON .
+    make
+
+    msg "test: MBEDTLS_TEST_NULL_ENTROPY - main suites (inc. selftests) (ASan build)"
+    make test
+}
+
+component_test_no_date_time () {
+    msg "build: default config without MBEDTLS_HAVE_TIME_DATE"
+    scripts/config.py unset MBEDTLS_HAVE_TIME_DATE
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Check .
+    make
+
+    msg "test: !MBEDTLS_HAVE_TIME_DATE - main suites"
+    make test
+}
+
+component_test_alt_timing() {
+    msg "build: alternate timing implementation"
+    scripts/config.py set MBEDTLS_TIMING_ALT
+    make lib TEST_TIMING_ALT_IMPL=1 CFLAGS="-I../tests/src/external_timing"
+
+    msg "test: MBEDTLS_TIMING_ALT - test suites"
+    make test TEST_TIMING_ALT_IMPL=1 CFLAGS="-I../tests/src/external_timing"
+
+    msg "selftest - MBEDTLS-TIMING_ALT"
+    make programs TEST_TIMING_ALT_IMPL=1 CFLAGS="-I../../tests/src/external_timing -I../tests/src/external_timing"
+    programs/test/selftest
+}
+
+component_test_platform_calloc_macro () {
+    msg "build: MBEDTLS_PLATFORM_{CALLOC/FREE}_MACRO enabled (ASan build)"
+    scripts/config.py set MBEDTLS_PLATFORM_MEMORY
+    scripts/config.py set MBEDTLS_PLATFORM_CALLOC_MACRO calloc
+    scripts/config.py set MBEDTLS_PLATFORM_FREE_MACRO   free
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: MBEDTLS_PLATFORM_{CALLOC/FREE}_MACRO enabled (ASan build)"
+    make test
+}
+
+component_test_malloc_0_null () {
+    msg "build: malloc(0) returns NULL (ASan+UBSan build)"
+    scripts/config.py full
+    make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"$PWD/tests/configs/user-config-malloc-0-null.h\"' $ASAN_CFLAGS -O" LDFLAGS="$ASAN_CFLAGS"
+
+    msg "test: malloc(0) returns NULL (ASan+UBSan build)"
+    make test
+
+    msg "selftest: malloc(0) returns NULL (ASan+UBSan build)"
+    # Just the calloc selftest. "make test" ran the others as part of the
+    # test suites.
+    programs/test/selftest calloc
+
+    msg "test ssl-opt.sh: malloc(0) returns NULL (ASan+UBSan build)"
+    # Run a subset of the tests. The choice is a balance between coverage
+    # and time (including time indirectly wasted due to flaky tests).
+    # The current choice is to skip tests whose description includes
+    # "proxy", which is an approximation of skipping tests that use the
+    # UDP proxy, which tend to be slower and flakier.
+    tests/ssl-opt.sh -e 'proxy'
+}
+
+component_test_aes_fewer_tables () {
+    msg "build: default config with AES_FEWER_TABLES enabled"
+    scripts/config.py set MBEDTLS_AES_FEWER_TABLES
+    make CC=gcc CFLAGS='-Werror -Wall -Wextra'
+
+    msg "test: AES_FEWER_TABLES"
+    make test
+}
+
+component_test_aes_rom_tables () {
+    msg "build: default config with AES_ROM_TABLES enabled"
+    scripts/config.py set MBEDTLS_AES_ROM_TABLES
+    make CC=gcc CFLAGS='-Werror -Wall -Wextra'
+
+    msg "test: AES_ROM_TABLES"
+    make test
+}
+
+component_test_aes_fewer_tables_and_rom_tables () {
+    msg "build: default config with AES_ROM_TABLES and AES_FEWER_TABLES enabled"
+    scripts/config.py set MBEDTLS_AES_FEWER_TABLES
+    scripts/config.py set MBEDTLS_AES_ROM_TABLES
+    make CC=gcc CFLAGS='-Werror -Wall -Wextra'
+
+    msg "test: AES_FEWER_TABLES + AES_ROM_TABLES"
+    make test
+}
+
+component_test_ctr_drbg_aes_256_sha_256 () {
+    msg "build: full + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)"
+    scripts/config.py full
+    scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
+    scripts/config.py set MBEDTLS_ENTROPY_FORCE_SHA256
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: full + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)"
+    make test
+}
+
+component_test_ctr_drbg_aes_128_sha_512 () {
+    msg "build: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY (ASan build)"
+    scripts/config.py full
+    scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
+    scripts/config.py set MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY (ASan build)"
+    make test
+}
+
+component_test_ctr_drbg_aes_128_sha_256 () {
+    msg "build: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)"
+    scripts/config.py full
+    scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
+    scripts/config.py set MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
+    scripts/config.py set MBEDTLS_ENTROPY_FORCE_SHA256
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)"
+    make test
+}
+
+component_test_se_default () {
+    msg "build: default config + MBEDTLS_PSA_CRYPTO_SE_C"
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_SE_C
+    make CC=clang CFLAGS="$ASAN_CFLAGS -Os" LDFLAGS="$ASAN_CFLAGS"
+
+    msg "test: default config + MBEDTLS_PSA_CRYPTO_SE_C"
+    make test
+}
+
+component_test_psa_crypto_drivers () {
+    msg "build: full + test drivers dispatching to builtins"
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+    loc_cflags="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST_ALL"
+    loc_cflags="${loc_cflags} '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'"
+    loc_cflags="${loc_cflags} -I../tests/include -O2"
+
+    make CC=gcc CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS"
+
+    msg "test: full + test drivers dispatching to builtins"
+    make test
+}
+
+component_test_make_shared () {
+    msg "build/test: make shared" # ~ 40s
+    make SHARED=1 all check
+    ldd programs/util/strerror | grep libmbedcrypto
+    programs/test/dlopen_demo.sh
+}
+
+component_test_cmake_shared () {
+    msg "build/test: cmake shared" # ~ 2min
+    cmake -DUSE_SHARED_MBEDTLS_LIBRARY=On .
+    make
+    ldd programs/util/strerror | grep libmbedcrypto
+    make test
+    programs/test/dlopen_demo.sh
+}
+
+test_build_opt () {
+    info=$1 cc=$2; shift 2
+    $cc --version
+    for opt in "$@"; do
+          msg "build/test: $cc $opt, $info" # ~ 30s
+          make CC="$cc" CFLAGS="$opt -std=c99 -pedantic -Wall -Wextra -Werror"
+          # We're confident enough in compilers to not run _all_ the tests,
+          # but at least run the unit tests. In particular, runs with
+          # optimizations use inline assembly whereas runs with -O0
+          # skip inline assembly.
+          make test # ~30s
+          make clean
+    done
+}
+
+# For FreeBSD we invoke the function by name so this condition is added
+# to disable the existing test_clang_opt function for linux.
+if [[ $(uname) != "Linux" ]]; then
+    component_test_clang_opt () {
+        scripts/config.py full
+        test_build_opt 'full config' clang -O0 -Os -O2
+    }
+fi
+
+component_test_clang_latest_opt () {
+    scripts/config.py full
+    test_build_opt 'full config' "$CLANG_LATEST" -O0 -Os -O2
+}
+support_test_clang_latest_opt () {
+    type "$CLANG_LATEST" >/dev/null 2>/dev/null
+}
+
+component_test_clang_earliest_opt () {
+    scripts/config.py full
+    test_build_opt 'full config' "$CLANG_EARLIEST" -O0
+}
+support_test_clang_earliest_opt () {
+    type "$CLANG_EARLIEST" >/dev/null 2>/dev/null
+}
+
+component_test_gcc_latest_opt () {
+    scripts/config.py full
+    test_build_opt 'full config' "$GCC_LATEST" -O0 -Os -O2
+}
+support_test_gcc_latest_opt () {
+    type "$GCC_LATEST" >/dev/null 2>/dev/null
+}
+
+component_test_gcc_earliest_opt () {
+    scripts/config.py full
+    test_build_opt 'full config' "$GCC_EARLIEST" -O0
+}
+support_test_gcc_earliest_opt () {
+    type "$GCC_EARLIEST" >/dev/null 2>/dev/null
+}
+
+component_build_mbedtls_config_file () {
+    msg "build: make with MBEDTLS_CONFIG_FILE" # ~40s
+    scripts/config.py -w full_config.h full
+    echo '#error "MBEDTLS_CONFIG_FILE is not working"' >"$CONFIG_H"
+    make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"'"
+    # Make sure this feature is enabled. We'll disable it in the next phase.
+    programs/test/query_compile_time_config MBEDTLS_NIST_KW_C
+    make clean
+
+    msg "build: make with MBEDTLS_CONFIG_FILE + MBEDTLS_USER_CONFIG_FILE"
+    # In the user config, disable one feature (for simplicity, pick a feature
+    # that nothing else depends on).
+    echo '#undef MBEDTLS_NIST_KW_C' >user_config.h
+    make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"' -DMBEDTLS_USER_CONFIG_FILE='\"user_config.h\"'"
+    not programs/test/query_compile_time_config MBEDTLS_NIST_KW_C
+
+    rm -f user_config.h full_config.h
+}
+
+component_build_psa_config_file () {
+    msg "build: make with MBEDTLS_PSA_CRYPTO_CONFIG_FILE" # ~40s
+    scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+    cp "$CRYPTO_CONFIG_H" psa_test_config.h
+    echo '#error "MBEDTLS_PSA_CRYPTO_CONFIG_FILE is not working"' >"$CRYPTO_CONFIG_H"
+    make CFLAGS="-I '$PWD' -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE='\"psa_test_config.h\"'"
+    # Make sure this feature is enabled. We'll disable it in the next phase.
+    programs/test/query_compile_time_config MBEDTLS_CMAC_C
+    make clean
+
+    msg "build: make with MBEDTLS_PSA_CRYPTO_CONFIG_FILE + MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE" # ~40s
+    # In the user config, disable one feature, which will reflect on the
+    # mbedtls configuration so we can query it with query_compile_time_config.
+    echo '#undef PSA_WANT_ALG_CMAC' >psa_user_config.h
+    scripts/config.py unset MBEDTLS_CMAC_C
+    make CFLAGS="-I '$PWD' -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE='\"psa_test_config.h\"' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_user_config.h\"'"
+    not programs/test/query_compile_time_config MBEDTLS_CMAC_C
+
+    rm -f psa_test_config.h psa_user_config.h
+}
+
+component_test_m32_o0 () {
+    # Build without optimization, so as to use portable C code (in a 32-bit
+    # build) and not the i386-specific inline assembly.
+    msg "build: i386, make, gcc -O0 (ASan build)" # ~ 30s
+    scripts/config.py full
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O0" LDFLAGS="-m32 $ASAN_CFLAGS"
+
+    msg "test: i386, make, gcc -O0 (ASan build)"
+    make test
+}
+support_test_m32_o0 () {
+    case $(uname -m) in
+        amd64|x86_64) true;;
+        *) false;;
+    esac
+}
+
+component_test_m32_o2 () {
+    # Build with optimization, to use the i386 specific inline assembly
+    # and go faster for tests.
+    msg "build: i386, make, gcc -O2 (ASan build)" # ~ 30s
+    scripts/config.py full
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
+
+    msg "test: i386, make, gcc -O2 (ASan build)"
+    make test
+
+    msg "test ssl-opt.sh, i386, make, gcc-O2"
+    tests/ssl-opt.sh
+}
+support_test_m32_o2 () {
+    support_test_m32_o0 "$@"
+}
+
+component_test_m32_everest () {
+    msg "build: i386, Everest ECDH context (ASan build)" # ~ 6 min
+    scripts/config.py unset MBEDTLS_ECDH_LEGACY_CONTEXT
+    scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
+
+    msg "test: i386, Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s
+    make test
+
+    msg "test: i386, Everest ECDH context - ECDH-related part of ssl-opt.sh (ASan build)" # ~ 5s
+    tests/ssl-opt.sh -f ECDH
+
+    msg "test: i386, Everest ECDH context - compat.sh with some ECDH ciphersuites (ASan build)" # ~ 3 min
+    # Exclude some symmetric ciphers that are redundant here to gain time.
+    tests/compat.sh -f ECDH -V NO -e 'ARCFOUR\|ARIA\|CAMELLIA\|CHACHA\|DES\|RC4'
+}
+support_test_m32_everest () {
+    support_test_m32_o0 "$@"
+}
+
+component_test_mx32 () {
+    msg "build: 64-bit ILP32, make, gcc" # ~ 30s
+    scripts/config.py full
+    make CC=gcc CFLAGS='-Werror -Wall -Wextra -mx32' LDFLAGS='-mx32'
+
+    msg "test: 64-bit ILP32, make, gcc"
+    make test
+}
+support_test_mx32 () {
+    case $(uname -m) in
+        amd64|x86_64) true;;
+        *) false;;
+    esac
+}
+
+component_test_min_mpi_window_size () {
+    msg "build: Default + MBEDTLS_MPI_WINDOW_SIZE=1 (ASan build)" # ~ 10s
+    scripts/config.py set MBEDTLS_MPI_WINDOW_SIZE 1
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+
+    msg "test: MBEDTLS_MPI_WINDOW_SIZE=1 - main suites (inc. selftests) (ASan build)" # ~ 10s
+    make test
+}
+
+component_test_have_int32 () {
+    msg "build: gcc, force 32-bit bignum limbs"
+    scripts/config.py unset MBEDTLS_HAVE_ASM
+    scripts/config.py unset MBEDTLS_AESNI_C
+    scripts/config.py unset MBEDTLS_PADLOCK_C
+    make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT32'
+
+    msg "test: gcc, force 32-bit bignum limbs"
+    make test
+}
+
+component_test_have_int64 () {
+    msg "build: gcc, force 64-bit bignum limbs"
+    scripts/config.py unset MBEDTLS_HAVE_ASM
+    scripts/config.py unset MBEDTLS_AESNI_C
+    scripts/config.py unset MBEDTLS_PADLOCK_C
+    make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT64'
+
+    msg "test: gcc, force 64-bit bignum limbs"
+    make test
+}
+
+component_test_no_udbl_division () {
+    msg "build: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_NO_UDBL_DIVISION
+    make CFLAGS='-Werror -O1'
+
+    msg "test: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s
+    make test
+}
+
+component_test_no_64bit_multiplication () {
+    msg "build: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s
+    scripts/config.py full
+    scripts/config.py set MBEDTLS_NO_64BIT_MULTIPLICATION
+    make CFLAGS='-Werror -O1'
+
+    msg "test: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s
+    make test
+}
+
+component_test_no_strings () {
+    msg "build: no strings" # ~10s
+    scripts/config.py full
+    # Disable options that activate a large amount of string constants.
+    scripts/config.py unset MBEDTLS_DEBUG_C
+    scripts/config.py unset MBEDTLS_ERROR_C
+    scripts/config.py set MBEDTLS_ERROR_STRERROR_DUMMY
+    scripts/config.py unset MBEDTLS_VERSION_FEATURES
+    make CFLAGS='-Werror -Os'
+
+    msg "test: no strings" # ~ 10s
+    make test
+}
+
+component_build_arm_none_eabi_gcc () {
+    msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -O1, baremetal+debug" # ~ 10s
+    scripts/config.py baremetal
+    make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-std=c99 -Werror -Wall -Wextra -O1' lib
+
+    msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -O1, baremetal+debug"
+    ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o
+}
+
+component_build_arm_linux_gnueabi_gcc_arm5vte () {
+    msg "build: ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc -march=arm5vte, baremetal+debug" # ~ 10s
+    scripts/config.py baremetal
+    # Build for a target platform that's close to what Debian uses
+    # for its "armel" distribution (https://wiki.debian.org/ArmEabiPort).
+    # See https://github.com/Mbed-TLS/mbedtls/pull/2169 and comments.
+    # Build everything including programs, see for example
+    # https://github.com/Mbed-TLS/mbedtls/pull/3449#issuecomment-675313720
+    make CC="${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc" AR="${ARM_LINUX_GNUEABI_GCC_PREFIX}ar" CFLAGS='-Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te'
+
+    msg "size: ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc -march=armv5te -O1, baremetal+debug"
+    ${ARM_LINUX_GNUEABI_GCC_PREFIX}size library/*.o
+}
+support_build_arm_linux_gnueabi_gcc_arm5vte () {
+    type ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc >/dev/null 2>&1
+}
+
+component_build_arm_none_eabi_gcc_arm5vte () {
+    msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=arm5vte, baremetal+debug" # ~ 10s
+    scripts/config.py baremetal
+    # This is an imperfect substitute for
+    # component_build_arm_linux_gnueabi_gcc_arm5vte
+    # in case the gcc-arm-linux-gnueabi toolchain is not available
+    make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" CFLAGS='-std=c99 -Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' SHELL='sh -x' lib
+
+    msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=armv5te -O1, baremetal+debug"
+    ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o
+}
+
+component_build_arm_none_eabi_gcc_m0plus () {
+    msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -mthumb -mcpu=cortex-m0plus, baremetal_size" # ~ 10s
+    scripts/config.py baremetal_size
+    make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-std=c99 -Werror -Wall -Wextra -mthumb -mcpu=cortex-m0plus -Os' lib
+
+    msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -mthumb -mcpu=cortex-m0plus -Os, baremetal_size"
+    ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o
+}
+
+component_build_arm_none_eabi_gcc_no_udbl_division () {
+    msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -DMBEDTLS_NO_UDBL_DIVISION, make" # ~ 10s
+    scripts/config.py baremetal
+    scripts/config.py set MBEDTLS_NO_UDBL_DIVISION
+    make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-std=c99 -Werror -Wall -Wextra' lib
+    echo "Checking that software 64-bit division is not required"
+    not grep __aeabi_uldiv library/*.o
+}
+
+component_build_arm_none_eabi_gcc_no_64bit_multiplication () {
+    msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc MBEDTLS_NO_64BIT_MULTIPLICATION, make" # ~ 10s
+    scripts/config.py baremetal
+    scripts/config.py set MBEDTLS_NO_64BIT_MULTIPLICATION
+    make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-std=c99 -Werror -O1 -march=armv6-m -mthumb' lib
+    echo "Checking that software 64-bit multiplication is not required"
+    not grep __aeabi_lmul library/*.o
+}
+
+component_build_arm_clang_thumb () {
+    # ~ 30s
+
+    scripts/config.py baremetal
+
+    msg "build: clang thumb 2, make"
+    make clean
+    make CC="clang" CFLAGS='-std=c99 -Werror -Os --target=arm-linux-gnueabihf -march=armv7-m -mthumb' lib
+
+    # Some Thumb 1 asm is sensitive to optimisation level, so test both -O0 and -Os
+    msg "build: clang thumb 1 -O0, make"
+    make clean
+    make CC="clang" CFLAGS='-std=c99 -Werror -O0 --target=arm-linux-gnueabihf -mcpu=arm1136j-s -mthumb' lib
+
+    msg "build: clang thumb 1 -Os, make"
+    make clean
+    make CC="clang" CFLAGS='-std=c99 -Werror -Os --target=arm-linux-gnueabihf -mcpu=arm1136j-s -mthumb' lib
+}
+
+component_build_armcc () {
+    msg "build: ARM Compiler 5"
+    scripts/config.py baremetal
+    make CC="$ARMC5_CC" AR="$ARMC5_AR" WARNING_CFLAGS='--strict --c99' lib
+
+    msg "size: ARM Compiler 5"
+    "$ARMC5_FROMELF" -z library/*.o
+
+    make clean
+
+    # Compile mostly with -O1 since some Arm inline assembly is disabled for -O0.
+
+    # ARM Compiler 6 - Target ARMv7-A
+    armc6_build_test "--target=arm-arm-none-eabi -march=armv7-a"
+
+    # ARM Compiler 6 - Target ARMv7-M
+    armc6_build_test "--target=arm-arm-none-eabi -march=armv7-m"
+
+    # ARM Compiler 6 - Target ARMv8-A - AArch32
+    armc6_build_test "--target=arm-arm-none-eabi -march=armv8.2-a"
+
+    # ARM Compiler 6 - Target ARMv8-M
+    armc6_build_test "--target=arm-arm-none-eabi -march=armv8-m.main"
+
+    # ARM Compiler 6 - Target ARMv8-A - AArch64
+    armc6_build_test "--target=aarch64-arm-none-eabi -march=armv8.2-a"
+
+    # ARM Compiler 6 - Target Cortex-M0 - no optimisation
+    armc6_build_test "-O0 --target=arm-arm-none-eabi -mcpu=cortex-m0"
+
+    # ARM Compiler 6 - Target Cortex-M0
+    armc6_build_test "-Os --target=arm-arm-none-eabi -mcpu=cortex-m0"
+}
+
+support_build_armcc () {
+    armc5_cc="$ARMC5_BIN_DIR/armcc"
+    armc6_cc="$ARMC6_BIN_DIR/armclang"
+    (check_tools "$armc5_cc" "$armc6_cc" > /dev/null 2>&1)
+}
+
+component_build_ssl_hw_record_accel() {
+    msg "build: default config with MBEDTLS_SSL_HW_RECORD_ACCEL enabled"
+    scripts/config.pl set MBEDTLS_SSL_HW_RECORD_ACCEL
+    make CFLAGS='-Werror -O1'
+}
+
+component_test_tls13_experimental () {
+    msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled"
+    scripts/config.pl set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+    CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+    make
+    msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled"
+    make test
+}
+
+component_build_mingw () {
+    msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s
+    make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib programs
+
+    # note Make tests only builds the tests, but doesn't run them
+    make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror' WINDOWS_BUILD=1 tests
+    make WINDOWS_BUILD=1 clean
+
+    msg "build: Windows cross build - mingw64, make (DLL)" # ~ 30s
+    make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 lib programs
+    make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 tests
+    make WINDOWS_BUILD=1 clean
+}
+support_build_mingw() {
+    case $(i686-w64-mingw32-gcc -dumpversion 2>/dev/null) in
+        [0-5]*|"") false;;
+        *) true;;
+    esac
+}
+
+component_test_memsan () {
+    msg "build: MSan (clang)" # ~ 1 min 20s
+    scripts/config.py unset MBEDTLS_AESNI_C # memsan doesn't grok asm
+    CC=clang cmake -D CMAKE_BUILD_TYPE:String=MemSan .
+    make
+
+    msg "test: main suites (MSan)" # ~ 10s
+    make test
+
+    msg "test: ssl-opt.sh (MSan)" # ~ 1 min
+    tests/ssl-opt.sh
+
+    # Optional part(s)
+
+    if [ "$MEMORY" -gt 0 ]; then
+        msg "test: compat.sh (MSan)" # ~ 6 min 20s
+        tests/compat.sh
+    fi
+}
+
+component_test_valgrind () {
+    msg "build: Release (clang)"
+    # default config, in particular without MBEDTLS_USE_PSA_CRYPTO
+    CC=clang cmake -D CMAKE_BUILD_TYPE:String=Release .
+    make
+
+    msg "test: main suites, Valgrind (default config)"
+    make memcheck
+
+    # Optional parts (slow; currently broken on OS X because programs don't
+    # seem to receive signals under valgrind on OS X).
+    # These optional parts don't run on the CI.
+    if [ "$MEMORY" -gt 0 ]; then
+        msg "test: ssl-opt.sh --memcheck (default config)"
+        tests/ssl-opt.sh --memcheck
+    fi
+
+    if [ "$MEMORY" -gt 1 ]; then
+        msg "test: compat.sh --memcheck (default config)"
+        tests/compat.sh --memcheck
+    fi
+
+    if [ "$MEMORY" -gt 0 ]; then
+        msg "test: context-info.sh --memcheck (default config)"
+        tests/context-info.sh --memcheck
+    fi
+}
+
+component_test_valgrind_psa () {
+    msg "build: Release, full (clang)"
+    # full config, in particular with MBEDTLS_USE_PSA_CRYPTO
+    scripts/config.py full
+    CC=clang cmake -D CMAKE_BUILD_TYPE:String=Release .
+    make
+
+    msg "test: main suites, Valgrind (full config)"
+    make memcheck
+}
+
+support_test_cmake_out_of_source () {
+    distrib_id=""
+    distrib_ver=""
+    distrib_ver_minor=""
+    distrib_ver_major=""
+
+    # Attempt to parse lsb-release to find out distribution and version. If not
+    # found this should fail safe (test is supported).
+    if [[ -f /etc/lsb-release ]]; then
+
+        while read -r lsb_line; do
+            case "$lsb_line" in
+                "DISTRIB_ID"*) distrib_id=${lsb_line/#DISTRIB_ID=};;
+                "DISTRIB_RELEASE"*) distrib_ver=${lsb_line/#DISTRIB_RELEASE=};;
+            esac
+        done < /etc/lsb-release
+
+        distrib_ver_major="${distrib_ver%%.*}"
+        distrib_ver="${distrib_ver#*.}"
+        distrib_ver_minor="${distrib_ver%%.*}"
+    fi
+
+    # Running the out of source CMake test on Ubuntu 16.04 using more than one
+    # processor (as the CI does) can create a race condition whereby the build
+    # fails to see a generated file, despite that file actually having been
+    # generated. This problem appears to go away with 18.04 or newer, so make
+    # the out of source tests unsupported on Ubuntu 16.04.
+    [ "$distrib_id" != "Ubuntu" ] || [ "$distrib_ver_major" -gt 16 ]
+}
+
+component_test_cmake_out_of_source () {
+    msg "build: cmake 'out-of-source' build"
+    MBEDTLS_ROOT_DIR="$PWD"
+    mkdir "$OUT_OF_SOURCE_DIR"
+    cd "$OUT_OF_SOURCE_DIR"
+    cmake -D CMAKE_BUILD_TYPE:String=Check "$MBEDTLS_ROOT_DIR"
+    make
+
+    msg "test: cmake 'out-of-source' build"
+    make test
+    # Test an SSL option that requires an auxiliary script in test/scripts/.
+    # Also ensure that there are no error messages such as
+    # "No such file or directory", which would indicate that some required
+    # file is missing (ssl-opt.sh tolerates the absence of some files so
+    # may exit with status 0 but emit errors).
+    ./tests/ssl-opt.sh -f 'Fallback SCSV: beginning of list' >ssl-opt.out 2>ssl-opt.err
+    grep PASS ssl-opt.out
+    cat ssl-opt.err >&2
+    # If ssl-opt.err is non-empty, record an error and keep going.
+    [ ! -s ssl-opt.err ]
+    rm ssl-opt.out ssl-opt.err
+    cd "$MBEDTLS_ROOT_DIR"
+    rm -rf "$OUT_OF_SOURCE_DIR"
+}
+
+component_test_cmake_as_subdirectory () {
+    msg "build: cmake 'as-subdirectory' build"
+    cd programs/test/cmake_subproject
+    cmake .
+    make
+    ./cmake_subproject
+}
+support_test_cmake_as_subdirectory () {
+    support_test_cmake_out_of_source
+}
+
+component_build_cmake_custom_config_file () {
+    # Make a copy of config file to use for the in-tree test
+    cp "$CONFIG_H" include/mbedtls_config_in_tree_copy.h
+
+    MBEDTLS_ROOT_DIR="$PWD"
+    mkdir "$OUT_OF_SOURCE_DIR"
+    cd "$OUT_OF_SOURCE_DIR"
+
+    # Build once to get the generated files (which need an intact config file)
+    cmake "$MBEDTLS_ROOT_DIR"
+    make
+
+    msg "build: cmake with -DMBEDTLS_CONFIG_FILE"
+    scripts/config.py -w full_config.h full
+    echo '#error "cmake -DMBEDTLS_CONFIG_FILE is not working."' > "$MBEDTLS_ROOT_DIR/$CONFIG_H"
+    cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h "$MBEDTLS_ROOT_DIR"
+    make
+
+    msg "build: cmake with -DMBEDTLS_CONFIG_FILE + -DMBEDTLS_USER_CONFIG_FILE"
+    # In the user config, disable one feature (for simplicity, pick a feature
+    # that nothing else depends on).
+    echo '#undef MBEDTLS_NIST_KW_C' >user_config.h
+
+    cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h -DMBEDTLS_USER_CONFIG_FILE=user_config.h "$MBEDTLS_ROOT_DIR"
+    make
+    not programs/test/query_compile_time_config MBEDTLS_NIST_KW_C
+
+    rm -f user_config.h full_config.h
+
+    cd "$MBEDTLS_ROOT_DIR"
+    rm -rf "$OUT_OF_SOURCE_DIR"
+
+    # Now repeat the test for an in-tree build:
+
+    # Restore config for the in-tree test
+    mv include/mbedtls_config_in_tree_copy.h "$CONFIG_H"
+
+    # Build once to get the generated files (which need an intact config)
+    cmake .
+    make
+
+    msg "build: cmake (in-tree) with -DMBEDTLS_CONFIG_FILE"
+    scripts/config.py -w full_config.h full
+    echo '#error "cmake -DMBEDTLS_CONFIG_FILE is not working."' > "$MBEDTLS_ROOT_DIR/$CONFIG_H"
+    cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h .
+    make
+
+    msg "build: cmake (in-tree) with -DMBEDTLS_CONFIG_FILE + -DMBEDTLS_USER_CONFIG_FILE"
+    # In the user config, disable one feature (for simplicity, pick a feature
+    # that nothing else depends on).
+    echo '#undef MBEDTLS_NIST_KW_C' >user_config.h
+
+    cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h -DMBEDTLS_USER_CONFIG_FILE=user_config.h .
+    make
+    not programs/test/query_compile_time_config MBEDTLS_NIST_KW_C
+
+    rm -f user_config.h full_config.h
+}
+support_build_cmake_custom_config_file () {
+    support_test_cmake_out_of_source
+}
+
+
+component_build_zeroize_checks () {
+    msg "build: check for obviously wrong calls to mbedtls_platform_zeroize()"
+
+    scripts/config.py full
+
+    # Only compile - we're looking for sizeof-pointer-memaccess warnings
+    make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-zeroize-memset.h\"' -DMBEDTLS_TEST_DEFINES_ZEROIZE -Werror -Wsizeof-pointer-memaccess"
+}
+
+
+component_test_zeroize () {
+    # Test that the function mbedtls_platform_zeroize() is not optimized away by
+    # different combinations of compilers and optimization flags by using an
+    # auxiliary GDB script. Unfortunately, GDB does not return error values to the
+    # system in all cases that the script fails, so we must manually search the
+    # output to check whether the pass string is present and no failure strings
+    # were printed.
+
+    # Don't try to disable ASLR. We don't care about ASLR here. We do care
+    # about a spurious message if Gdb tries and fails, so suppress that.
+    gdb_disable_aslr=
+    if [ -z "$(gdb -batch -nw -ex 'set disable-randomization off' 2>&1)" ]; then
+        gdb_disable_aslr='set disable-randomization off'
+    fi
+
+    for optimization_flag in -O2 -O3 -Ofast -Os; do
+        for compiler in clang gcc; do
+            msg "test: $compiler $optimization_flag, mbedtls_platform_zeroize()"
+            make programs CC="$compiler" DEBUG=1 CFLAGS="$optimization_flag"
+            gdb -ex "$gdb_disable_aslr" -x tests/scripts/test_zeroize.gdb -nw -batch -nx 2>&1 | tee test_zeroize.log
+            grep "The buffer was correctly zeroized" test_zeroize.log
+            not grep -i "error" test_zeroize.log
+            rm -f test_zeroize.log
+            make clean
+        done
+    done
+}
+
+component_test_psa_compliance () {
+    msg "build: make, default config + CMAC, libmbedcrypto.a only"
+    scripts/config.py set MBEDTLS_CMAC_C
+    make -C library libmbedcrypto.a
+
+    msg "unit test: test_psa_compliance.py"
+    ./tests/scripts/test_psa_compliance.py
+}
+
+support_test_psa_compliance () {
+    # psa-compliance-tests only supports CMake >= 3.10.0
+    ver="$(cmake --version)"
+    ver="${ver#cmake version }"
+    ver_major="${ver%%.*}"
+
+    ver="${ver#*.}"
+    ver_minor="${ver%%.*}"
+
+    [ "$ver_major" -eq 3 ] && [ "$ver_minor" -ge 10 ]
+}
+
+component_check_code_style () {
+    msg "Check C code style"
+    ./scripts/code_style.py
+}
+
+support_check_code_style() {
+    case $(uncrustify --version) in
+        *0.75.1*) true;;
+        *) false;;
+    esac
+}
+
+component_check_python_files () {
+    msg "Lint: Python scripts"
+    tests/scripts/check-python-files.sh
+}
+
+component_check_generate_test_code () {
+    msg "uint test: generate_test_code.py"
+    # unittest writes out mundane stuff like number or tests run on stderr.
+    # Our convention is to reserve stderr for actual errors, and write
+    # harmless info on stdout so it can be suppress with --quiet.
+    ./tests/scripts/test_generate_test_code.py 2>&1
+}
+
+################################################################
+#### Termination
+################################################################
+
+post_report () {
+    msg "Done, cleaning up"
+    final_cleanup
+
+    final_report
+}
+
+
+
+################################################################
+#### Run all the things
+################################################################
+
+# Function invoked by --error-test to test error reporting.
+pseudo_component_error_test () {
+    msg "Testing error reporting $error_test_i"
+    if [ $KEEP_GOING -ne 0 ]; then
+        echo "Expect three failing commands."
+    fi
+    # If the component doesn't run in a subshell, changing error_test_i to an
+    # invalid integer will cause an error in the loop that runs this function.
+    error_test_i=this_should_not_be_used_since_the_component_runs_in_a_subshell
+    # Expected error: 'grep non_existent /dev/null -> 1'
+    grep non_existent /dev/null
+    # Expected error: '! grep -q . tests/scripts/all.sh -> 1'
+    not grep -q . "$0"
+    # Expected error: 'make unknown_target -> 2'
+    make unknown_target
+    false "this should not be executed"
+}
+
+# Run one component and clean up afterwards.
+run_component () {
+    current_component="$1"
+    export MBEDTLS_TEST_CONFIGURATION="$current_component"
+
+    # Unconditionally create a seedfile that's sufficiently long.
+    # Do this before each component, because a previous component may
+    # have messed it up or shortened it.
+    local dd_cmd
+    dd_cmd=(dd if=/dev/urandom of=./tests/seedfile bs=64 count=1)
+    case $OSTYPE in
+        linux*|freebsd*|openbsd*|darwin*) dd_cmd+=(status=none)
+    esac
+    "${dd_cmd[@]}"
+
+    # Run the component in a subshell, with error trapping and output
+    # redirection set up based on the relevant options.
+    if [ $KEEP_GOING -eq 1 ]; then
+        # We want to keep running if the subshell fails, so 'set -e' must
+        # be off when the subshell runs.
+        set +e
+    fi
+    (
+        if [ $QUIET -eq 1 ]; then
+            # msg() will be silenced, so just print the component name here.
+            echo "${current_component#component_}"
+            exec >/dev/null
+        fi
+        if [ $KEEP_GOING -eq 1 ]; then
+            # Keep "set -e" off, and run an ERR trap instead to record failures.
+            set -E
+            trap err_trap ERR
+        fi
+        # The next line is what runs the component
+        "$@"
+        if [ $KEEP_GOING -eq 1 ]; then
+            trap - ERR
+            exit $last_failure_status
+        fi
+    )
+    component_status=$?
+    if [ $KEEP_GOING -eq 1 ]; then
+        set -e
+        if [ $component_status -ne 0 ]; then
+            failure_count=$((failure_count + 1))
+        fi
+    fi
+
+    # Restore the build tree to a clean state.
+    cleanup
+    unset current_component
+}
+
+# Preliminary setup
+pre_check_environment
+pre_initialize_variables
+pre_parse_command_line "$@"
+
+pre_check_git
+pre_restore_files
+pre_back_up
+
+build_status=0
+if [ $KEEP_GOING -eq 1 ]; then
+    pre_setup_keep_going
+fi
+pre_prepare_outcome_file
+pre_print_configuration
+pre_check_tools
+cleanup
+
+# Run the requested tests.
+for ((error_test_i=1; error_test_i <= error_test; error_test_i++)); do
+    run_component pseudo_component_error_test
+done
+unset error_test_i
+for component in $RUN_COMPONENTS; do
+    run_component "component_$component"
+done
+
+# We're done.
+post_report
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/analyze_outcomes.py b/3rdparty/mbedtls-2.28.7/tests/scripts/analyze_outcomes.py
new file mode 100644
index 0000000..d50a04e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/analyze_outcomes.py
@@ -0,0 +1,175 @@
+#!/usr/bin/env python3
+
+"""Analyze the test outcomes from a full CI run.
+
+This script can also run on outcomes from a partial run, but the results are
+less likely to be useful.
+"""
+
+import argparse
+import sys
+import traceback
+import re
+
+import check_test_cases
+
+class Results:
+    """Process analysis results."""
+
+    def __init__(self):
+        self.error_count = 0
+        self.warning_count = 0
+
+    @staticmethod
+    def log(fmt, *args, **kwargs):
+        sys.stderr.write((fmt + '\n').format(*args, **kwargs))
+
+    def error(self, fmt, *args, **kwargs):
+        self.log('Error: ' + fmt, *args, **kwargs)
+        self.error_count += 1
+
+    def warning(self, fmt, *args, **kwargs):
+        self.log('Warning: ' + fmt, *args, **kwargs)
+        self.warning_count += 1
+
+class TestCaseOutcomes:
+    """The outcomes of one test case across many configurations."""
+    # pylint: disable=too-few-public-methods
+
+    def __init__(self):
+        # Collect a list of witnesses of the test case succeeding or failing.
+        # Currently we don't do anything with witnesses except count them.
+        # The format of a witness is determined by the read_outcome_file
+        # function; it's the platform and configuration joined by ';'.
+        self.successes = []
+        self.failures = []
+
+    def hits(self):
+        """Return the number of times a test case has been run.
+
+        This includes passes and failures, but not skips.
+        """
+        return len(self.successes) + len(self.failures)
+
+def analyze_coverage(results, outcomes, allow_list, full_coverage):
+    """Check that all available test cases are executed at least once."""
+    available = check_test_cases.collect_available_test_cases()
+    for key in available:
+        hits = outcomes[key].hits() if key in outcomes else 0
+        if hits == 0 and key not in allow_list:
+            if full_coverage:
+                results.error('Test case not executed: {}', key)
+            else:
+                results.warning('Test case not executed: {}', key)
+        elif hits != 0 and key in allow_list:
+            # Test Case should be removed from the allow list.
+            if full_coverage:
+                results.error('Allow listed test case was executed: {}', key)
+            else:
+                results.warning('Allow listed test case was executed: {}', key)
+
+def analyze_outcomes(outcomes, args):
+    """Run all analyses on the given outcome collection."""
+    results = Results()
+    analyze_coverage(results, outcomes, args['allow_list'],
+                     args['full_coverage'])
+    return results
+
+def read_outcome_file(outcome_file):
+    """Parse an outcome file and return an outcome collection.
+
+An outcome collection is a dictionary mapping keys to TestCaseOutcomes objects.
+The keys are the test suite name and the test case description, separated
+by a semicolon.
+"""
+    outcomes = {}
+    with open(outcome_file, 'r', encoding='utf-8') as input_file:
+        for line in input_file:
+            (platform, config, suite, case, result, _cause) = line.split(';')
+            key = ';'.join([suite, case])
+            setup = ';'.join([platform, config])
+            if key not in outcomes:
+                outcomes[key] = TestCaseOutcomes()
+            if result == 'PASS':
+                outcomes[key].successes.append(setup)
+            elif result == 'FAIL':
+                outcomes[key].failures.append(setup)
+    return outcomes
+
+def do_analyze_coverage(outcome_file, args):
+    """Perform coverage analysis."""
+    outcomes = read_outcome_file(outcome_file)
+    Results.log("\n*** Analyze coverage ***\n")
+    results = analyze_outcomes(outcomes, args)
+    return results.error_count == 0
+
+# List of tasks with a function that can handle this task and additional arguments if required
+TASKS = {
+    'analyze_coverage':                 {
+        'test_function': do_analyze_coverage,
+        'args': {
+            'allow_list': [
+                # Algorithm not supported yet
+                'test_suite_psa_crypto_metadata;Asymmetric signature: pure EdDSA',
+                # Algorithm not supported yet
+                'test_suite_psa_crypto_metadata;Cipher: XTS',
+            ],
+            'full_coverage': False,
+        }
+    },
+}
+
+def main():
+    try:
+        parser = argparse.ArgumentParser(description=__doc__)
+        parser.add_argument('outcomes', metavar='OUTCOMES.CSV',
+                            help='Outcome file to analyze')
+        parser.add_argument('task', default='all', nargs='?',
+                            help='Analysis to be done. By default, run all tasks. '
+                                 'With one or more TASK, run only those. '
+                                 'TASK can be the name of a single task or '
+                                 'comma/space-separated list of tasks. ')
+        parser.add_argument('--list', action='store_true',
+                            help='List all available tasks and exit.')
+        parser.add_argument('--require-full-coverage', action='store_true',
+                            dest='full_coverage', help="Require all available "
+                            "test cases to be executed and issue an error "
+                            "otherwise. This flag is ignored if 'task' is "
+                            "neither 'all' nor 'analyze_coverage'")
+        options = parser.parse_args()
+
+        if options.list:
+            for task in TASKS:
+                Results.log(task)
+            sys.exit(0)
+
+        result = True
+
+        if options.task == 'all':
+            tasks = TASKS.keys()
+        else:
+            tasks = re.split(r'[, ]+', options.task)
+
+            for task in tasks:
+                if task not in TASKS:
+                    Results.log('Error: invalid task: {}'.format(task))
+                    sys.exit(1)
+
+        TASKS['analyze_coverage']['args']['full_coverage'] = \
+            options.full_coverage
+
+        for task in TASKS:
+            if task in tasks:
+                if not TASKS[task]['test_function'](options.outcomes, TASKS[task]['args']):
+                    result = False
+
+        if result is False:
+            sys.exit(1)
+        Results.log("SUCCESS :-)")
+    except Exception: # pylint: disable=broad-except
+        # Print the backtrace and exit explicitly with our chosen status.
+        traceback.print_exc()
+        sys.exit(120)
+
+if __name__ == '__main__':
+    main()
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/basic-build-test.sh b/3rdparty/mbedtls-2.28.7/tests/scripts/basic-build-test.sh
new file mode 100644
index 0000000..e4fe164
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/basic-build-test.sh
@@ -0,0 +1,262 @@
+#!/bin/sh
+
+# basic-build-test.sh
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+#
+# Purpose
+#
+# Executes the basic test suites, captures the results, and generates a simple
+# test report and code coverage report.
+#
+# The tests include:
+#   * Unit tests                - executed using tests/scripts/run-test-suite.pl
+#   * Self-tests                - executed using the test suites above
+#   * System tests              - executed using tests/ssl-opt.sh
+#   * Interoperability tests    - executed using tests/compat.sh
+#
+# The tests focus on functionality and do not consider performance.
+#
+# Note the tests self-adapt due to configurations in include/mbedtls/config.h
+# which can lead to some tests being skipped, and can cause the number of
+# available tests to fluctuate.
+#
+# This script has been written to be generic and should work on any shell.
+#
+# Usage: basic-build-test.sh
+#
+
+# Abort on errors (and uninitiliased variables)
+set -eu
+
+if [ -d library -a -d include -a -d tests ]; then :; else
+    echo "Must be run from Mbed TLS root" >&2
+    exit 1
+fi
+
+: ${OPENSSL:="openssl"}
+: ${OPENSSL_LEGACY:="$OPENSSL"}
+: ${GNUTLS_CLI:="gnutls-cli"}
+: ${GNUTLS_SERV:="gnutls-serv"}
+: ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"}
+: ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"}
+
+# Used to make ssl-opt.sh deterministic.
+#
+# See also RELEASE_SEED in all.sh. Debugging is easier if both values are kept
+# in sync. If you change the value here because it breaks some tests, you'll
+# definitely want to change it in all.sh as well.
+: ${SEED:=1}
+export SEED
+
+# if MAKEFLAGS is not set add the -j option to speed up invocations of make
+if [ -z "${MAKEFLAGS+set}" ]; then
+    export MAKEFLAGS="-j"
+fi
+
+# To avoid setting OpenSSL and GnuTLS for each call to compat.sh and ssl-opt.sh
+# we just export the variables they require
+export OPENSSL="$OPENSSL"
+export GNUTLS_CLI="$GNUTLS_CLI"
+export GNUTLS_SERV="$GNUTLS_SERV"
+
+CONFIG_H='include/mbedtls/config.h'
+CONFIG_BAK="$CONFIG_H.bak"
+
+# Step 0 - print build environment info
+OPENSSL="$OPENSSL"                           \
+    OPENSSL_LEGACY="$OPENSSL_LEGACY"         \
+    GNUTLS_CLI="$GNUTLS_CLI"                 \
+    GNUTLS_SERV="$GNUTLS_SERV"               \
+    GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI"   \
+    GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" \
+    scripts/output_env.sh
+echo
+
+# Step 1 - Make and instrumented build for code coverage
+export CFLAGS=' --coverage -g3 -O0 '
+export LDFLAGS=' --coverage'
+make clean
+cp "$CONFIG_H" "$CONFIG_BAK"
+scripts/config.py full
+make
+
+
+# Step 2 - Execute the tests
+TEST_OUTPUT=out_${PPID}
+cd tests
+if [ ! -f "seedfile" ]; then
+    dd if=/dev/urandom of="seedfile" bs=64 count=1
+fi
+echo
+
+# Step 2a - Unit Tests (keep going even if some tests fail)
+echo '################ Unit tests ################'
+perl scripts/run-test-suites.pl -v 2 |tee unit-test-$TEST_OUTPUT
+echo '^^^^^^^^^^^^^^^^ Unit tests ^^^^^^^^^^^^^^^^'
+echo
+
+# Step 2b - System Tests (keep going even if some tests fail)
+echo
+echo '################ ssl-opt.sh ################'
+echo "ssl-opt.sh will use SEED=$SEED for udp_proxy"
+sh ssl-opt.sh |tee sys-test-$TEST_OUTPUT
+echo '^^^^^^^^^^^^^^^^ ssl-opt.sh ^^^^^^^^^^^^^^^^'
+echo
+
+# Step 2c - Compatibility tests (keep going even if some tests fail)
+echo '################ compat.sh ################'
+{
+    echo '#### compat.sh: Default versions'
+    sh compat.sh -m 'tls1 tls1_1 tls12 dtls1 dtls12'
+    echo
+
+    echo '#### compat.sh: legacy (SSLv3)'
+    OPENSSL="$OPENSSL_LEGACY" sh compat.sh -m 'ssl3'
+    echo
+
+    echo '#### compat.sh: legacy (null, DES, RC4)'
+    OPENSSL="$OPENSSL_LEGACY" \
+    GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" \
+    sh compat.sh -e '^$' -f 'NULL\|DES\|RC4\|ARCFOUR'
+    echo
+
+    echo '#### compat.sh: next (ARIA, ChaCha)'
+    OPENSSL="$OPENSSL_NEXT" sh compat.sh -e '^$' -f 'ARIA\|CHACHA'
+    echo
+} | tee compat-test-$TEST_OUTPUT
+echo '^^^^^^^^^^^^^^^^ compat.sh ^^^^^^^^^^^^^^^^'
+echo
+
+# Step 3 - Process the coverage report
+cd ..
+{
+    make lcov
+    echo SUCCESS
+} | tee tests/cov-$TEST_OUTPUT
+
+if [ "$(tail -n1 tests/cov-$TEST_OUTPUT)" != "SUCCESS" ]; then
+    echo >&2 "Fatal: 'make lcov' failed"
+    exit 2
+fi
+
+
+# Step 4 - Summarise the test report
+echo
+echo "========================================================================="
+echo "Test Report Summary"
+echo
+
+# A failure of the left-hand side of a pipe is ignored (this is a limitation
+# of sh). We'll use the presence of this file as a marker that the generation
+# of the report succeeded.
+rm -f "tests/basic-build-test-$$.ok"
+
+{
+
+    cd tests
+
+    # Step 4a - Unit tests
+    echo "Unit tests - tests/scripts/run-test-suites.pl"
+
+    PASSED_TESTS=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/test cases passed :[\t]*\([0-9]*\)/\1/p'| tr -d ' ')
+    SKIPPED_TESTS=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/skipped :[ \t]*\([0-9]*\)/\1/p'| tr -d ' ')
+    TOTAL_SUITES=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/.* (\([0-9]*\) .*, [0-9]* tests run)/\1/p'| tr -d ' ')
+    FAILED_TESTS=$(tail -n6 unit-test-$TEST_OUTPUT|sed -n -e 's/failed :[\t]*\([0-9]*\)/\1/p' |tr -d ' ')
+
+    echo "No test suites     : $TOTAL_SUITES"
+    echo "Passed             : $PASSED_TESTS"
+    echo "Failed             : $FAILED_TESTS"
+    echo "Skipped            : $SKIPPED_TESTS"
+    echo "Total exec'd tests : $(($PASSED_TESTS + $FAILED_TESTS))"
+    echo "Total avail tests  : $(($PASSED_TESTS + $FAILED_TESTS + $SKIPPED_TESTS))"
+    echo
+
+    TOTAL_PASS=$PASSED_TESTS
+    TOTAL_FAIL=$FAILED_TESTS
+    TOTAL_SKIP=$SKIPPED_TESTS
+    TOTAL_AVAIL=$(($PASSED_TESTS + $FAILED_TESTS + $SKIPPED_TESTS))
+    TOTAL_EXED=$(($PASSED_TESTS + $FAILED_TESTS))
+
+    # Step 4b - TLS Options tests
+    echo "TLS Options tests - tests/ssl-opt.sh"
+
+    PASSED_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* (\([0-9]*\) \/ [0-9]* tests ([0-9]* skipped))$/\1/p')
+    SKIPPED_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* ([0-9]* \/ [0-9]* tests (\([0-9]*\) skipped))$/\1/p')
+    TOTAL_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* ([0-9]* \/ \([0-9]*\) tests ([0-9]* skipped))$/\1/p')
+    FAILED_TESTS=$(($TOTAL_TESTS - $PASSED_TESTS))
+
+    echo "Passed             : $PASSED_TESTS"
+    echo "Failed             : $FAILED_TESTS"
+    echo "Skipped            : $SKIPPED_TESTS"
+    echo "Total exec'd tests : $TOTAL_TESTS"
+    echo "Total avail tests  : $(($TOTAL_TESTS + $SKIPPED_TESTS))"
+    echo
+
+    TOTAL_PASS=$(($TOTAL_PASS+$PASSED_TESTS))
+    TOTAL_FAIL=$(($TOTAL_FAIL+$FAILED_TESTS))
+    TOTAL_SKIP=$(($TOTAL_SKIP+$SKIPPED_TESTS))
+    TOTAL_AVAIL=$(($TOTAL_AVAIL + $TOTAL_TESTS + $SKIPPED_TESTS))
+    TOTAL_EXED=$(($TOTAL_EXED + $TOTAL_TESTS))
+
+
+    # Step 4c - System Compatibility tests
+    echo "System/Compatibility tests - tests/compat.sh"
+
+    PASSED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* (\([0-9]*\) \/ [0-9]* tests ([0-9]* skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }')
+    SKIPPED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* ([0-9]* \/ [0-9]* tests (\([0-9]*\) skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }')
+    EXED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* ([0-9]* \/ \([0-9]*\) tests ([0-9]* skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }')
+    FAILED_TESTS=$(($EXED_TESTS - $PASSED_TESTS))
+
+    echo "Passed             : $PASSED_TESTS"
+    echo "Failed             : $FAILED_TESTS"
+    echo "Skipped            : $SKIPPED_TESTS"
+    echo "Total exec'd tests : $EXED_TESTS"
+    echo "Total avail tests  : $(($EXED_TESTS + $SKIPPED_TESTS))"
+    echo
+
+    TOTAL_PASS=$(($TOTAL_PASS+$PASSED_TESTS))
+    TOTAL_FAIL=$(($TOTAL_FAIL+$FAILED_TESTS))
+    TOTAL_SKIP=$(($TOTAL_SKIP+$SKIPPED_TESTS))
+    TOTAL_AVAIL=$(($TOTAL_AVAIL + $EXED_TESTS + $SKIPPED_TESTS))
+    TOTAL_EXED=$(($TOTAL_EXED + $EXED_TESTS))
+
+
+    # Step 4d - Grand totals
+    echo "-------------------------------------------------------------------------"
+    echo "Total tests"
+
+    echo "Total Passed       : $TOTAL_PASS"
+    echo "Total Failed       : $TOTAL_FAIL"
+    echo "Total Skipped      : $TOTAL_SKIP"
+    echo "Total exec'd tests : $TOTAL_EXED"
+    echo "Total avail tests  : $TOTAL_AVAIL"
+    echo
+
+
+    # Step 4e - Coverage report
+    echo "Coverage statistics:"
+    sed -n '1,/^Overall coverage/d; /%/p' cov-$TEST_OUTPUT
+    echo
+
+    rm unit-test-$TEST_OUTPUT
+    rm sys-test-$TEST_OUTPUT
+    rm compat-test-$TEST_OUTPUT
+    rm cov-$TEST_OUTPUT
+
+    # Mark the report generation as having succeeded. This must be the
+    # last thing in the report generation.
+    touch "basic-build-test-$$.ok"
+} | tee coverage-summary.txt
+
+make clean
+
+if [ -f "$CONFIG_BAK" ]; then
+    mv "$CONFIG_BAK" "$CONFIG_H"
+fi
+
+# The file must exist, otherwise it means something went wrong while generating
+# the coverage report. If something did go wrong, rm will complain so this
+# script will exit with a failure status.
+rm "tests/basic-build-test-$$.ok"
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/basic-in-docker.sh b/3rdparty/mbedtls-2.28.7/tests/scripts/basic-in-docker.sh
new file mode 100644
index 0000000..3aca3a1
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/basic-in-docker.sh
@@ -0,0 +1,37 @@
+#!/bin/bash -eu
+
+# basic-in-docker.sh
+#
+# Purpose
+# -------
+# This runs sanity checks and library tests in a Docker container. The tests
+# are run for both clang and gcc. The testing includes a full test run
+# in the default configuration, partial test runs in the reference
+# configurations, and some dependency tests.
+#
+# WARNING: the Dockerfile used by this script is no longer maintained! See
+# https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start
+# for the set of Docker images we use on the CI.
+#
+# Notes for users
+# ---------------
+# See docker_env.sh for prerequisites and other information.
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+source tests/scripts/docker_env.sh
+
+run_in_docker tests/scripts/all.sh 'check_*'
+
+for compiler in clang gcc; do
+    run_in_docker -e CC=${compiler} cmake -D CMAKE_BUILD_TYPE:String="Check" .
+    run_in_docker -e CC=${compiler} make
+    run_in_docker -e CC=${compiler} make test
+    run_in_docker programs/test/selftest
+    run_in_docker -e OSSL_NO_DTLS=1 tests/compat.sh
+    run_in_docker tests/ssl-opt.sh -e '\(DTLS\|SCSV\).*openssl'
+    run_in_docker tests/scripts/test-ref-configs.pl
+    run_in_docker tests/scripts/depends.py curves
+    run_in_docker tests/scripts/depends.py kex
+done
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/check-doxy-blocks.pl b/3rdparty/mbedtls-2.28.7/tests/scripts/check-doxy-blocks.pl
new file mode 100644
index 0000000..3199c2a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/check-doxy-blocks.pl
@@ -0,0 +1,67 @@
+#!/usr/bin/env perl
+
+# Detect comment blocks that are likely meant to be doxygen blocks but aren't.
+#
+# More precisely, look for normal comment block containing '\'.
+# Of course one could use doxygen warnings, eg with:
+#   sed -e '/EXTRACT/s/YES/NO/' doxygen/mbedtls.doxyfile | doxygen -
+# but that would warn about any undocumented item, while our goal is to find
+# items that are documented, but not marked as such by mistake.
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+use warnings;
+use strict;
+use File::Basename;
+
+# C/header files in the following directories will be checked
+my @directories = qw(include/mbedtls library doxygen/input);
+
+# very naive pattern to find directives:
+# everything with a backslach except '\0' and backslash at EOL
+my $doxy_re = qr/\\(?!0|\n)/;
+
+# Return an error code to the environment if a potential error in the
+# source code is found.
+my $exit_code = 0;
+
+sub check_file {
+    my ($fname) = @_;
+    open my $fh, '<', $fname or die "Failed to open '$fname': $!\n";
+
+    # first line of the last normal comment block,
+    # or 0 if not in a normal comment block
+    my $block_start = 0;
+    while (my $line = <$fh>) {
+        $block_start = $.   if $line =~ m/\/\*(?![*!])/;
+        $block_start = 0    if $line =~ m/\*\//;
+        if ($block_start and $line =~ m/$doxy_re/) {
+            print "$fname:$block_start: directive on line $.\n";
+            $block_start = 0; # report only one directive per block
+            $exit_code = 1;
+        }
+    }
+
+    close $fh;
+}
+
+sub check_dir {
+    my ($dirname) = @_;
+    for my $file (<$dirname/*.[ch]>) {
+        check_file($file);
+    }
+}
+
+# Check that the script is being run from the project's root directory.
+for my $dir (@directories) {
+    if (! -d $dir) {
+        die "This script must be run from the Mbed TLS root directory";
+    } else {
+        check_dir($dir)
+    }
+}
+
+exit $exit_code;
+
+__END__
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/check-generated-files.sh b/3rdparty/mbedtls-2.28.7/tests/scripts/check-generated-files.sh
new file mode 100644
index 0000000..28719bd
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/check-generated-files.sh
@@ -0,0 +1,104 @@
+#! /usr/bin/env sh
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+#
+# Purpose
+#
+# Check if generated files are up-to-date.
+
+set -eu
+
+if [ $# -ne 0 ] && [ "$1" = "--help" ]; then
+    cat <<EOF
+$0 [-u]
+This script checks that all generated file are up-to-date. If some aren't, by
+default the scripts reports it and exits in error; with the -u option, it just
+updates them instead.
+
+  -u    Update the files rather than return an error for out-of-date files.
+EOF
+    exit
+fi
+
+if [ -d library -a -d include -a -d tests ]; then :; else
+    echo "Must be run from Mbed TLS root" >&2
+    exit 1
+fi
+
+UPDATE=
+if [ $# -ne 0 ] && [ "$1" = "-u" ]; then
+    shift
+    UPDATE='y'
+fi
+
+# check SCRIPT FILENAME[...]
+# check SCRIPT DIRECTORY
+# Run SCRIPT and check that it does not modify any of the specified files.
+# In the first form, there can be any number of FILENAMEs, which must be
+# regular files.
+# In the second form, there must be a single DIRECTORY, standing for the
+# list of files in the directory. Running SCRIPT must not modify any file
+# in the directory and must not add or remove files either.
+# If $UPDATE is empty, abort with an error status if a file is modified.
+check()
+{
+    SCRIPT=$1
+    shift
+
+    directory=
+    if [ -d "$1" ]; then
+        directory="$1"
+        set -- "$1"/*
+    fi
+
+    for FILE in "$@"; do
+        cp -p "$FILE" "$FILE.bak"
+    done
+
+    "$SCRIPT"
+
+    # Compare the script output to the old files and remove backups
+    for FILE in "$@"; do
+        if diff "$FILE" "$FILE.bak" >/dev/null 2>&1; then
+            # Move the original file back so that $FILE's timestamp doesn't
+            # change (avoids spurious rebuilds with make).
+            mv "$FILE.bak" "$FILE"
+        else
+            echo "'$FILE' was either modified or deleted by '$SCRIPT'"
+            if [ -z "$UPDATE" ]; then
+                exit 1
+            else
+                rm "$FILE.bak"
+            fi
+        fi
+    done
+
+    if [ -n "$directory" ]; then
+        old_list="$*"
+        set -- "$directory"/*
+        new_list="$*"
+        # Check if there are any new files
+        if [ "$old_list" != "$new_list" ]; then
+            echo "Files were deleted or created by '$SCRIPT'"
+            echo "Before: $old_list"
+            echo "After: $new_list"
+            if [ -z "$UPDATE" ]; then
+                exit 1
+            fi
+        fi
+    fi
+}
+
+# Note: if the format of calls to the "check" function changes, update
+# scripts/code_style.py accordingly. For generated C source files (*.h or *.c),
+# the format must be "check SCRIPT FILENAME...". For other source files,
+# any shell syntax is permitted (including e.g. command substitution).
+
+check scripts/generate_errors.pl library/error.c
+check scripts/generate_query_config.pl programs/test/query_config.c
+check scripts/generate_features.pl library/version_features.c
+check scripts/generate_visualc_files.pl visualc/VS2010
+check scripts/generate_psa_constants.py programs/psa/psa_constant_names_generated.c
+check tests/scripts/generate_bignum_tests.py $(tests/scripts/generate_bignum_tests.py --list)
+check tests/scripts/generate_psa_tests.py $(tests/scripts/generate_psa_tests.py --list)
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/check-python-files.sh b/3rdparty/mbedtls-2.28.7/tests/scripts/check-python-files.sh
new file mode 100644
index 0000000..51e8079
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/check-python-files.sh
@@ -0,0 +1,68 @@
+#! /usr/bin/env sh
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+# Purpose: check Python files for potential programming errors or maintenance
+# hurdles. Run pylint to detect some potential mistakes and enforce PEP8
+# coding standards. Run mypy to perform static type checking.
+
+# We'll keep going on errors and report the status at the end.
+ret=0
+
+if type python3 >/dev/null 2>/dev/null; then
+    PYTHON=python3
+else
+    PYTHON=python
+fi
+
+check_version () {
+    $PYTHON - "$2" <<EOF
+import packaging.version
+import sys
+import $1 as package
+actual = package.__version__
+wanted = sys.argv[1]
+if packaging.version.parse(actual) < packaging.version.parse(wanted):
+    sys.stderr.write("$1: version %s is too old (want %s)\n" % (actual, wanted))
+    exit(1)
+EOF
+}
+
+can_pylint () {
+    # Pylint 1.5.2 from Ubuntu 16.04 is too old:
+    #     E: 34, 0: Unable to import 'mbedtls_dev' (import-error)
+    # Pylint 1.8.3 from Ubuntu 18.04 passed on the first commit containing this line.
+    check_version pylint 1.8.3
+}
+
+can_mypy () {
+    # mypy 0.770 is too old:
+    #     tests/scripts/test_psa_constant_names.py:34: error: Cannot find implementation or library stub for module named 'mbedtls_dev'
+    # mypy 0.780 from pip passed on the first commit containing this line.
+    check_version mypy.version 0.780
+}
+
+# With just a --can-xxx option, check whether the tool for xxx is available
+# with an acceptable version, and exit without running any checks. The exit
+# status is true if the tool is available and acceptable and false otherwise.
+if [ "$1" = "--can-pylint" ]; then
+    can_pylint
+    exit
+elif [ "$1" = "--can-mypy" ]; then
+    can_mypy
+    exit
+fi
+
+echo 'Running pylint ...'
+$PYTHON -m pylint scripts/mbedtls_dev/*.py scripts/*.py tests/scripts/*.py || {
+    echo >&2 "pylint reported errors"
+    ret=1
+}
+
+echo
+echo 'Running mypy ...'
+$PYTHON -m mypy scripts/*.py tests/scripts/*.py ||
+  ret=1
+
+exit $ret
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/check_files.py b/3rdparty/mbedtls-2.28.7/tests/scripts/check_files.py
new file mode 100644
index 0000000..e359366
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/check_files.py
@@ -0,0 +1,438 @@
+#!/usr/bin/env python3
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+"""
+This script checks the current state of the source code for minor issues,
+including incorrect file permissions, presence of tabs, non-Unix line endings,
+trailing whitespace, and presence of UTF-8 BOM.
+Note: requires python 3, must be run from Mbed TLS root.
+"""
+
+import os
+import argparse
+import logging
+import codecs
+import re
+import subprocess
+import sys
+try:
+    from typing import FrozenSet, Optional, Pattern # pylint: disable=unused-import
+except ImportError:
+    pass
+
+import scripts_path # pylint: disable=unused-import
+from mbedtls_dev import build_tree
+
+
+class FileIssueTracker:
+    """Base class for file-wide issue tracking.
+
+    To implement a checker that processes a file as a whole, inherit from
+    this class and implement `check_file_for_issue` and define ``heading``.
+
+    ``suffix_exemptions``: files whose name ends with a string in this set
+     will not be checked.
+
+    ``path_exemptions``: files whose path (relative to the root of the source
+    tree) matches this regular expression will not be checked. This can be
+    ``None`` to match no path. Paths are normalized and converted to ``/``
+    separators before matching.
+
+    ``heading``: human-readable description of the issue
+    """
+
+    suffix_exemptions = frozenset() #type: FrozenSet[str]
+    path_exemptions = None #type: Optional[Pattern[str]]
+    # heading must be defined in derived classes.
+    # pylint: disable=no-member
+
+    def __init__(self):
+        self.files_with_issues = {}
+
+    @staticmethod
+    def normalize_path(filepath):
+        """Normalize ``filepath`` with / as the directory separator."""
+        filepath = os.path.normpath(filepath)
+        # On Windows, we may have backslashes to separate directories.
+        # We need slashes to match exemption lists.
+        seps = os.path.sep
+        if os.path.altsep is not None:
+            seps += os.path.altsep
+        return '/'.join(filepath.split(seps))
+
+    def should_check_file(self, filepath):
+        """Whether the given file name should be checked.
+
+        Files whose name ends with a string listed in ``self.suffix_exemptions``
+        or whose path matches ``self.path_exemptions`` will not be checked.
+        """
+        for files_exemption in self.suffix_exemptions:
+            if filepath.endswith(files_exemption):
+                return False
+        if self.path_exemptions and \
+           re.match(self.path_exemptions, self.normalize_path(filepath)):
+            return False
+        return True
+
+    def check_file_for_issue(self, filepath):
+        """Check the specified file for the issue that this class is for.
+
+        Subclasses must implement this method.
+        """
+        raise NotImplementedError
+
+    def record_issue(self, filepath, line_number):
+        """Record that an issue was found at the specified location."""
+        if filepath not in self.files_with_issues.keys():
+            self.files_with_issues[filepath] = []
+        self.files_with_issues[filepath].append(line_number)
+
+    def output_file_issues(self, logger):
+        """Log all the locations where the issue was found."""
+        if self.files_with_issues.values():
+            logger.info(self.heading)
+            for filename, lines in sorted(self.files_with_issues.items()):
+                if lines:
+                    logger.info("{}: {}".format(
+                        filename, ", ".join(str(x) for x in lines)
+                    ))
+                else:
+                    logger.info(filename)
+            logger.info("")
+
+BINARY_FILE_PATH_RE_LIST = [
+    r'docs/.*\.pdf\Z',
+    r'programs/fuzz/corpuses/[^.]+\Z',
+    r'tests/data_files/[^.]+\Z',
+    r'tests/data_files/.*\.(crt|csr|db|der|key|pubkey)\Z',
+    r'tests/data_files/.*\.req\.[^/]+\Z',
+    r'tests/data_files/.*malformed[^/]+\Z',
+    r'tests/data_files/format_pkcs12\.fmt\Z',
+    r'tests/data_files/.*\.bin\Z',
+]
+BINARY_FILE_PATH_RE = re.compile('|'.join(BINARY_FILE_PATH_RE_LIST))
+
+class LineIssueTracker(FileIssueTracker):
+    """Base class for line-by-line issue tracking.
+
+    To implement a checker that processes files line by line, inherit from
+    this class and implement `line_with_issue`.
+    """
+
+    # Exclude binary files.
+    path_exemptions = BINARY_FILE_PATH_RE
+
+    def issue_with_line(self, line, filepath, line_number):
+        """Check the specified line for the issue that this class is for.
+
+        Subclasses must implement this method.
+        """
+        raise NotImplementedError
+
+    def check_file_line(self, filepath, line, line_number):
+        if self.issue_with_line(line, filepath, line_number):
+            self.record_issue(filepath, line_number)
+
+    def check_file_for_issue(self, filepath):
+        """Check the lines of the specified file.
+
+        Subclasses must implement the ``issue_with_line`` method.
+        """
+        with open(filepath, "rb") as f:
+            for i, line in enumerate(iter(f.readline, b"")):
+                self.check_file_line(filepath, line, i + 1)
+
+
+def is_windows_file(filepath):
+    _root, ext = os.path.splitext(filepath)
+    return ext in ('.bat', '.dsp', '.dsw', '.sln', '.vcxproj')
+
+
+class PermissionIssueTracker(FileIssueTracker):
+    """Track files with bad permissions.
+
+    Files that are not executable scripts must not be executable."""
+
+    heading = "Incorrect permissions:"
+
+    # .py files can be either full scripts or modules, so they may or may
+    # not be executable.
+    suffix_exemptions = frozenset({".py"})
+
+    def check_file_for_issue(self, filepath):
+        is_executable = os.access(filepath, os.X_OK)
+        should_be_executable = filepath.endswith((".sh", ".pl"))
+        if is_executable != should_be_executable:
+            self.files_with_issues[filepath] = None
+
+
+class ShebangIssueTracker(FileIssueTracker):
+    """Track files with a bad, missing or extraneous shebang line.
+
+    Executable scripts must start with a valid shebang (#!) line.
+    """
+
+    heading = "Invalid shebang line:"
+
+    # Allow either /bin/sh, /bin/bash, or /usr/bin/env.
+    # Allow at most one argument (this is a Linux limitation).
+    # For sh and bash, the argument if present must be options.
+    # For env, the argument must be the base name of the interpreter.
+    _shebang_re = re.compile(rb'^#! ?(?:/bin/(bash|sh)(?: -[^\n ]*)?'
+                             rb'|/usr/bin/env ([^\n /]+))$')
+    _extensions = {
+        b'bash': 'sh',
+        b'perl': 'pl',
+        b'python3': 'py',
+        b'sh': 'sh',
+    }
+
+    def is_valid_shebang(self, first_line, filepath):
+        m = re.match(self._shebang_re, first_line)
+        if not m:
+            return False
+        interpreter = m.group(1) or m.group(2)
+        if interpreter not in self._extensions:
+            return False
+        if not filepath.endswith('.' + self._extensions[interpreter]):
+            return False
+        return True
+
+    def check_file_for_issue(self, filepath):
+        is_executable = os.access(filepath, os.X_OK)
+        with open(filepath, "rb") as f:
+            first_line = f.readline()
+        if first_line.startswith(b'#!'):
+            if not is_executable:
+                # Shebang on a non-executable file
+                self.files_with_issues[filepath] = None
+            elif not self.is_valid_shebang(first_line, filepath):
+                self.files_with_issues[filepath] = [1]
+        elif is_executable:
+            # Executable without a shebang
+            self.files_with_issues[filepath] = None
+
+
+class EndOfFileNewlineIssueTracker(FileIssueTracker):
+    """Track files that end with an incomplete line
+    (no newline character at the end of the last line)."""
+
+    heading = "Missing newline at end of file:"
+
+    path_exemptions = BINARY_FILE_PATH_RE
+
+    def check_file_for_issue(self, filepath):
+        with open(filepath, "rb") as f:
+            try:
+                f.seek(-1, 2)
+            except OSError:
+                # This script only works on regular files. If we can't seek
+                # 1 before the end, it means that this position is before
+                # the beginning of the file, i.e. that the file is empty.
+                return
+            if f.read(1) != b"\n":
+                self.files_with_issues[filepath] = None
+
+
+class Utf8BomIssueTracker(FileIssueTracker):
+    """Track files that start with a UTF-8 BOM.
+    Files should be ASCII or UTF-8. Valid UTF-8 does not start with a BOM."""
+
+    heading = "UTF-8 BOM present:"
+
+    suffix_exemptions = frozenset([".vcxproj", ".sln"])
+    path_exemptions = BINARY_FILE_PATH_RE
+
+    def check_file_for_issue(self, filepath):
+        with open(filepath, "rb") as f:
+            if f.read().startswith(codecs.BOM_UTF8):
+                self.files_with_issues[filepath] = None
+
+
+class UnicodeIssueTracker(LineIssueTracker):
+    """Track lines with invalid characters or invalid text encoding."""
+
+    heading = "Invalid UTF-8 or forbidden character:"
+
+    # Only allow valid UTF-8, and only other explicitly allowed characters.
+    # We deliberately exclude all characters that aren't a simple non-blank,
+    # non-zero-width glyph, apart from a very small set (tab, ordinary space,
+    # line breaks, "basic" no-break space and soft hyphen). In particular,
+    # non-ASCII control characters, combinig characters, and Unicode state
+    # changes (e.g. right-to-left text) are forbidden.
+    # Note that we do allow some characters with a risk of visual confusion,
+    # for example '-' (U+002D HYPHEN-MINUS) vs '­' (U+00AD SOFT HYPHEN) vs
+    # '‐' (U+2010 HYPHEN), or 'A' (U+0041 LATIN CAPITAL LETTER A) vs
+    # 'Α' (U+0391 GREEK CAPITAL LETTER ALPHA).
+    GOOD_CHARACTERS = ''.join([
+        '\t\n\r -~', # ASCII (tabs and line endings are checked separately)
+        '\u00A0-\u00FF', # Latin-1 Supplement (for NO-BREAK SPACE and punctuation)
+        '\u2010-\u2027\u2030-\u205E', # General Punctuation (printable)
+        '\u2070\u2071\u2074-\u208E\u2090-\u209C', # Superscripts and Subscripts
+        '\u2190-\u21FF', # Arrows
+        '\u2200-\u22FF', # Mathematical Symbols
+        '\u2500-\u257F' # Box Drawings characters used in markdown trees
+    ])
+    # Allow any of the characters and ranges above, and anything classified
+    # as a word constituent.
+    GOOD_CHARACTERS_RE = re.compile(r'[\w{}]+\Z'.format(GOOD_CHARACTERS))
+
+    def issue_with_line(self, line, _filepath, line_number):
+        try:
+            text = line.decode('utf-8')
+        except UnicodeDecodeError:
+            return True
+        if line_number == 1 and text.startswith('\uFEFF'):
+            # Strip BOM (U+FEFF ZERO WIDTH NO-BREAK SPACE) at the beginning.
+            # Which files are allowed to have a BOM is handled in
+            # Utf8BomIssueTracker.
+            text = text[1:]
+        return not self.GOOD_CHARACTERS_RE.match(text)
+
+class UnixLineEndingIssueTracker(LineIssueTracker):
+    """Track files with non-Unix line endings (i.e. files with CR)."""
+
+    heading = "Non-Unix line endings:"
+
+    def should_check_file(self, filepath):
+        if not super().should_check_file(filepath):
+            return False
+        return not is_windows_file(filepath)
+
+    def issue_with_line(self, line, _filepath, _line_number):
+        return b"\r" in line
+
+
+class WindowsLineEndingIssueTracker(LineIssueTracker):
+    """Track files with non-Windows line endings (i.e. CR or LF not in CRLF)."""
+
+    heading = "Non-Windows line endings:"
+
+    def should_check_file(self, filepath):
+        if not super().should_check_file(filepath):
+            return False
+        return is_windows_file(filepath)
+
+    def issue_with_line(self, line, _filepath, _line_number):
+        return not line.endswith(b"\r\n") or b"\r" in line[:-2]
+
+
+class TrailingWhitespaceIssueTracker(LineIssueTracker):
+    """Track lines with trailing whitespace."""
+
+    heading = "Trailing whitespace:"
+    suffix_exemptions = frozenset([".dsp", ".md"])
+
+    def issue_with_line(self, line, _filepath, _line_number):
+        return line.rstrip(b"\r\n") != line.rstrip()
+
+
+class TabIssueTracker(LineIssueTracker):
+    """Track lines with tabs."""
+
+    heading = "Tabs present:"
+    suffix_exemptions = frozenset([
+        ".pem", # some openssl dumps have tabs
+        ".sln",
+        "/Makefile",
+        "/Makefile.inc",
+        "/generate_visualc_files.pl",
+    ])
+
+    def issue_with_line(self, line, _filepath, _line_number):
+        return b"\t" in line
+
+
+class MergeArtifactIssueTracker(LineIssueTracker):
+    """Track lines with merge artifacts.
+    These are leftovers from a ``git merge`` that wasn't fully edited."""
+
+    heading = "Merge artifact:"
+
+    def issue_with_line(self, line, _filepath, _line_number):
+        # Detect leftover git conflict markers.
+        if line.startswith(b'<<<<<<< ') or line.startswith(b'>>>>>>> '):
+            return True
+        if line.startswith(b'||||||| '): # from merge.conflictStyle=diff3
+            return True
+        if line.rstrip(b'\r\n') == b'=======' and \
+           not _filepath.endswith('.md'):
+            return True
+        return False
+
+
+class IntegrityChecker:
+    """Sanity-check files under the current directory."""
+
+    def __init__(self, log_file):
+        """Instantiate the sanity checker.
+        Check files under the current directory.
+        Write a report of issues to log_file."""
+        build_tree.check_repo_path()
+        self.logger = None
+        self.setup_logger(log_file)
+        self.issues_to_check = [
+            PermissionIssueTracker(),
+            ShebangIssueTracker(),
+            EndOfFileNewlineIssueTracker(),
+            Utf8BomIssueTracker(),
+            UnicodeIssueTracker(),
+            UnixLineEndingIssueTracker(),
+            WindowsLineEndingIssueTracker(),
+            TrailingWhitespaceIssueTracker(),
+            TabIssueTracker(),
+            MergeArtifactIssueTracker(),
+        ]
+
+    def setup_logger(self, log_file, level=logging.INFO):
+        self.logger = logging.getLogger()
+        self.logger.setLevel(level)
+        if log_file:
+            handler = logging.FileHandler(log_file)
+            self.logger.addHandler(handler)
+        else:
+            console = logging.StreamHandler()
+            self.logger.addHandler(console)
+
+    @staticmethod
+    def collect_files():
+        bytes_output = subprocess.check_output(['git', 'ls-files', '-z'])
+        bytes_filepaths = bytes_output.split(b'\0')[:-1]
+        ascii_filepaths = map(lambda fp: fp.decode('ascii'), bytes_filepaths)
+        # Prepend './' to files in the top-level directory so that
+        # something like `'/Makefile' in fp` matches in the top-level
+        # directory as well as in subdirectories.
+        return [fp if os.path.dirname(fp) else os.path.join(os.curdir, fp)
+                for fp in ascii_filepaths]
+
+    def check_files(self):
+        for issue_to_check in self.issues_to_check:
+            for filepath in self.collect_files():
+                if issue_to_check.should_check_file(filepath):
+                    issue_to_check.check_file_for_issue(filepath)
+
+    def output_issues(self):
+        integrity_return_code = 0
+        for issue_to_check in self.issues_to_check:
+            if issue_to_check.files_with_issues:
+                integrity_return_code = 1
+            issue_to_check.output_file_issues(self.logger)
+        return integrity_return_code
+
+
+def run_main():
+    parser = argparse.ArgumentParser(description=__doc__)
+    parser.add_argument(
+        "-l", "--log_file", type=str, help="path to optional output log",
+    )
+    check_args = parser.parse_args()
+    integrity_check = IntegrityChecker(check_args.log_file)
+    integrity_check.check_files()
+    return_code = integrity_check.output_issues()
+    sys.exit(return_code)
+
+
+if __name__ == "__main__":
+    run_main()
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/check_names.py b/3rdparty/mbedtls-2.28.7/tests/scripts/check_names.py
new file mode 100644
index 0000000..c2f2d0e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/check_names.py
@@ -0,0 +1,954 @@
+#!/usr/bin/env python3
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+"""
+This script confirms that the naming of all symbols and identifiers in Mbed TLS
+are consistent with the house style and are also self-consistent. It only runs
+on Linux and macOS since it depends on nm.
+
+It contains two major Python classes, CodeParser and NameChecker. They both have
+a comprehensive "run-all" function (comprehensive_parse() and perform_checks())
+but the individual functions can also be used for specific needs.
+
+CodeParser makes heavy use of regular expressions to parse the code, and is
+dependent on the current code formatting. Many Python C parser libraries require
+preprocessed C code, which means no macro parsing. Compiler tools are also not
+very helpful when we want the exact location in the original source (which
+becomes impossible when e.g. comments are stripped).
+
+NameChecker performs the following checks:
+
+- All exported and available symbols in the library object files, are explicitly
+  declared in the header files. This uses the nm command.
+- All macros, constants, and identifiers (function names, struct names, etc)
+  follow the required regex pattern.
+- Typo checking: All words that begin with MBED|PSA exist as macros or constants.
+
+The script returns 0 on success, 1 on test failure, and 2 if there is a script
+error. It must be run from Mbed TLS root.
+"""
+
+import abc
+import argparse
+import fnmatch
+import glob
+import textwrap
+import os
+import sys
+import traceback
+import re
+import enum
+import shutil
+import subprocess
+import logging
+
+import scripts_path # pylint: disable=unused-import
+from mbedtls_dev import build_tree
+
+
+# Naming patterns to check against. These are defined outside the NameCheck
+# class for ease of modification.
+MACRO_PATTERN = r"^(MBEDTLS|PSA)_[0-9A-Z_]*[0-9A-Z]$"
+CONSTANTS_PATTERN = MACRO_PATTERN
+IDENTIFIER_PATTERN = r"^(mbedtls|psa)_[0-9a-z_]*[0-9a-z]$"
+
+class Match(): # pylint: disable=too-few-public-methods
+    """
+    A class representing a match, together with its found position.
+
+    Fields:
+    * filename: the file that the match was in.
+    * line: the full line containing the match.
+    * line_no: the line number.
+    * pos: a tuple of (start, end) positions on the line where the match is.
+    * name: the match itself.
+    """
+    def __init__(self, filename, line, line_no, pos, name):
+        # pylint: disable=too-many-arguments
+        self.filename = filename
+        self.line = line
+        self.line_no = line_no
+        self.pos = pos
+        self.name = name
+
+    def __str__(self):
+        """
+        Return a formatted code listing representation of the erroneous line.
+        """
+        gutter = format(self.line_no, "4d")
+        underline = self.pos[0] * " " + (self.pos[1] - self.pos[0]) * "^"
+
+        return (
+            " {0} |\n".format(" " * len(gutter)) +
+            " {0} | {1}".format(gutter, self.line) +
+            " {0} | {1}\n".format(" " * len(gutter), underline)
+        )
+
+class Problem(abc.ABC): # pylint: disable=too-few-public-methods
+    """
+    An abstract parent class representing a form of static analysis error.
+    It extends an Abstract Base Class, which means it is not instantiable, and
+    it also mandates certain abstract methods to be implemented in subclasses.
+    """
+    # Class variable to control the quietness of all problems
+    quiet = False
+    def __init__(self):
+        self.textwrapper = textwrap.TextWrapper()
+        self.textwrapper.width = 80
+        self.textwrapper.initial_indent = "    > "
+        self.textwrapper.subsequent_indent = "      "
+
+    def __str__(self):
+        """
+        Unified string representation method for all Problems.
+        """
+        if self.__class__.quiet:
+            return self.quiet_output()
+        return self.verbose_output()
+
+    @abc.abstractmethod
+    def quiet_output(self):
+        """
+        The output when --quiet is enabled.
+        """
+        pass
+
+    @abc.abstractmethod
+    def verbose_output(self):
+        """
+        The default output with explanation and code snippet if appropriate.
+        """
+        pass
+
+class SymbolNotInHeader(Problem): # pylint: disable=too-few-public-methods
+    """
+    A problem that occurs when an exported/available symbol in the object file
+    is not explicitly declared in header files. Created with
+    NameCheck.check_symbols_declared_in_header()
+
+    Fields:
+    * symbol_name: the name of the symbol.
+    """
+    def __init__(self, symbol_name):
+        self.symbol_name = symbol_name
+        Problem.__init__(self)
+
+    def quiet_output(self):
+        return "{0}".format(self.symbol_name)
+
+    def verbose_output(self):
+        return self.textwrapper.fill(
+            "'{0}' was found as an available symbol in the output of nm, "
+            "however it was not declared in any header files."
+            .format(self.symbol_name))
+
+class PatternMismatch(Problem): # pylint: disable=too-few-public-methods
+    """
+    A problem that occurs when something doesn't match the expected pattern.
+    Created with NameCheck.check_match_pattern()
+
+    Fields:
+    * pattern: the expected regex pattern
+    * match: the Match object in question
+    """
+    def __init__(self, pattern, match):
+        self.pattern = pattern
+        self.match = match
+        Problem.__init__(self)
+
+
+    def quiet_output(self):
+        return (
+            "{0}:{1}:{2}"
+            .format(self.match.filename, self.match.line_no, self.match.name)
+        )
+
+    def verbose_output(self):
+        return self.textwrapper.fill(
+            "{0}:{1}: '{2}' does not match the required pattern '{3}'."
+            .format(
+                self.match.filename,
+                self.match.line_no,
+                self.match.name,
+                self.pattern
+            )
+        ) + "\n" + str(self.match)
+
+class Typo(Problem): # pylint: disable=too-few-public-methods
+    """
+    A problem that occurs when a word using MBED or PSA doesn't
+    appear to be defined as constants nor enum values. Created with
+    NameCheck.check_for_typos()
+
+    Fields:
+    * match: the Match object of the MBED|PSA name in question.
+    """
+    def __init__(self, match):
+        self.match = match
+        Problem.__init__(self)
+
+    def quiet_output(self):
+        return (
+            "{0}:{1}:{2}"
+            .format(self.match.filename, self.match.line_no, self.match.name)
+        )
+
+    def verbose_output(self):
+        return self.textwrapper.fill(
+            "{0}:{1}: '{2}' looks like a typo. It was not found in any "
+            "macros or any enums. If this is not a typo, put "
+            "//no-check-names after it."
+            .format(self.match.filename, self.match.line_no, self.match.name)
+        ) + "\n" + str(self.match)
+
+class CodeParser():
+    """
+    Class for retrieving files and parsing the code. This can be used
+    independently of the checks that NameChecker performs, for example for
+    list_internal_identifiers.py.
+    """
+    def __init__(self, log):
+        self.log = log
+        build_tree.check_repo_path()
+
+        # Memo for storing "glob expression": set(filepaths)
+        self.files = {}
+
+        # Globally excluded filenames.
+        # Note that "*" can match directory separators in exclude lists.
+        self.excluded_files = ["*/bn_mul", "*/compat-1.3.h"]
+
+    def comprehensive_parse(self):
+        """
+        Comprehensive ("default") function to call each parsing function and
+        retrieve various elements of the code, together with the source location.
+
+        Returns a dict of parsed item key to the corresponding List of Matches.
+        """
+        self.log.info("Parsing source code...")
+        self.log.debug(
+            "The following files are excluded from the search: {}"
+            .format(str(self.excluded_files))
+        )
+
+        all_macros = self.parse_macros([
+            "include/mbedtls/*.h",
+            "include/psa/*.h",
+            "library/*.h",
+            "tests/include/test/drivers/*.h",
+            "3rdparty/everest/include/everest/everest.h",
+            "3rdparty/everest/include/everest/x25519.h"
+        ])
+        private_macros = self.parse_macros([
+            "library/*.c",
+        ])
+        enum_consts = self.parse_enum_consts([
+            "include/mbedtls/*.h",
+            "include/psa/*.h",
+            "library/*.h",
+            "library/*.c",
+            "3rdparty/everest/include/everest/everest.h",
+            "3rdparty/everest/include/everest/x25519.h"
+        ])
+        identifiers, excluded_identifiers = self.parse_identifiers([
+            "include/mbedtls/*.h",
+            "include/psa/*.h",
+            "library/*.h",
+            "3rdparty/everest/include/everest/everest.h",
+            "3rdparty/everest/include/everest/x25519.h"
+        ])
+        mbed_psa_words = self.parse_mbed_psa_words([
+            "include/mbedtls/*.h",
+            "include/psa/*.h",
+            "library/*.h",
+            "3rdparty/everest/include/everest/everest.h",
+            "3rdparty/everest/include/everest/x25519.h",
+            "library/*.c",
+            "3rdparty/everest/library/everest.c",
+            "3rdparty/everest/library/x25519.c"
+        ])
+        symbols = self.parse_symbols()
+
+        # Remove identifier macros like mbedtls_printf or mbedtls_calloc
+        identifiers_justname = [x.name for x in identifiers]
+        actual_macros = []
+        for macro in all_macros:
+            if macro.name not in identifiers_justname:
+                actual_macros.append(macro)
+
+        self.log.debug("Found:")
+        # Aligns the counts on the assumption that none exceeds 4 digits
+        self.log.debug("  {:4} Total Macros".format(len(all_macros)))
+        self.log.debug("  {:4} Non-identifier Macros".format(len(actual_macros)))
+        self.log.debug("  {:4} Enum Constants".format(len(enum_consts)))
+        self.log.debug("  {:4} Identifiers".format(len(identifiers)))
+        self.log.debug("  {:4} Exported Symbols".format(len(symbols)))
+        return {
+            "macros": actual_macros,
+            "private_macros": private_macros,
+            "enum_consts": enum_consts,
+            "identifiers": identifiers,
+            "excluded_identifiers": excluded_identifiers,
+            "symbols": symbols,
+            "mbed_psa_words": mbed_psa_words
+        }
+
+    def is_file_excluded(self, path, exclude_wildcards):
+        """Whether the given file path is excluded."""
+        # exclude_wildcards may be None. Also, consider the global exclusions.
+        exclude_wildcards = (exclude_wildcards or []) + self.excluded_files
+        for pattern in exclude_wildcards:
+            if fnmatch.fnmatch(path, pattern):
+                return True
+        return False
+
+    def get_all_files(self, include_wildcards, exclude_wildcards):
+        """
+        Get all files that match any of the included UNIX-style wildcards
+        and filter them into included and excluded lists.
+        While the check_names script is designed only for use on UNIX/macOS
+        (due to nm), this function alone will work fine on Windows even with
+        forward slashes in the wildcard.
+
+        Args:
+        * include_wildcards: a List of shell-style wildcards to match filepaths.
+        * exclude_wildcards: a List of shell-style wildcards to exclude.
+
+        Returns:
+        * inc_files: A List of relative filepaths for included files.
+        * exc_files: A List of relative filepaths for excluded files.
+        """
+        accumulator = set()
+        all_wildcards = include_wildcards + (exclude_wildcards or [])
+        for wildcard in all_wildcards:
+            accumulator = accumulator.union(glob.iglob(wildcard))
+
+        inc_files = []
+        exc_files = []
+        for path in accumulator:
+            if self.is_file_excluded(path, exclude_wildcards):
+                exc_files.append(path)
+            else:
+                inc_files.append(path)
+        return (inc_files, exc_files)
+
+    def get_included_files(self, include_wildcards, exclude_wildcards):
+        """
+        Get all files that match any of the included UNIX-style wildcards.
+        While the check_names script is designed only for use on UNIX/macOS
+        (due to nm), this function alone will work fine on Windows even with
+        forward slashes in the wildcard.
+
+        Args:
+        * include_wildcards: a List of shell-style wildcards to match filepaths.
+        * exclude_wildcards: a List of shell-style wildcards to exclude.
+
+        Returns a List of relative filepaths.
+        """
+        accumulator = set()
+
+        for include_wildcard in include_wildcards:
+            accumulator = accumulator.union(glob.iglob(include_wildcard))
+
+        return list(path for path in accumulator
+                    if not self.is_file_excluded(path, exclude_wildcards))
+
+    def parse_macros(self, include, exclude=None):
+        """
+        Parse all macros defined by #define preprocessor directives.
+
+        Args:
+        * include: A List of glob expressions to look for files through.
+        * exclude: A List of glob expressions for excluding files.
+
+        Returns a List of Match objects for the found macros.
+        """
+        macro_regex = re.compile(r"# *define +(?P<macro>\w+)")
+        exclusions = (
+            "asm", "inline", "EMIT", "_CRT_SECURE_NO_DEPRECATE", "MULADDC_"
+        )
+
+        files = self.get_included_files(include, exclude)
+        self.log.debug("Looking for macros in {} files".format(len(files)))
+
+        macros = []
+        for header_file in files:
+            with open(header_file, "r", encoding="utf-8") as header:
+                for line_no, line in enumerate(header):
+                    for macro in macro_regex.finditer(line):
+                        if macro.group("macro").startswith(exclusions):
+                            continue
+
+                        macros.append(Match(
+                            header_file,
+                            line,
+                            line_no,
+                            macro.span("macro"),
+                            macro.group("macro")))
+
+        return macros
+
+    def parse_mbed_psa_words(self, include, exclude=None):
+        """
+        Parse all words in the file that begin with MBED|PSA, in and out of
+        macros, comments, anything.
+
+        Args:
+        * include: A List of glob expressions to look for files through.
+        * exclude: A List of glob expressions for excluding files.
+
+        Returns a List of Match objects for words beginning with MBED|PSA.
+        """
+        # Typos of TLS are common, hence the broader check below than MBEDTLS.
+        mbed_regex = re.compile(r"\b(MBED.+?|PSA)_[A-Z0-9_]*")
+        exclusions = re.compile(r"// *no-check-names|#error")
+
+        files = self.get_included_files(include, exclude)
+        self.log.debug(
+            "Looking for MBED|PSA words in {} files"
+            .format(len(files))
+        )
+
+        mbed_psa_words = []
+        for filename in files:
+            with open(filename, "r", encoding="utf-8") as fp:
+                for line_no, line in enumerate(fp):
+                    if exclusions.search(line):
+                        continue
+
+                    for name in mbed_regex.finditer(line):
+                        mbed_psa_words.append(Match(
+                            filename,
+                            line,
+                            line_no,
+                            name.span(0),
+                            name.group(0)))
+
+        return mbed_psa_words
+
+    def parse_enum_consts(self, include, exclude=None):
+        """
+        Parse all enum value constants that are declared.
+
+        Args:
+        * include: A List of glob expressions to look for files through.
+        * exclude: A List of glob expressions for excluding files.
+
+        Returns a List of Match objects for the findings.
+        """
+        files = self.get_included_files(include, exclude)
+        self.log.debug("Looking for enum consts in {} files".format(len(files)))
+
+        # Emulate a finite state machine to parse enum declarations.
+        # OUTSIDE_KEYWORD = outside the enum keyword
+        # IN_BRACES = inside enum opening braces
+        # IN_BETWEEN = between enum keyword and opening braces
+        states = enum.Enum("FSM", ["OUTSIDE_KEYWORD", "IN_BRACES", "IN_BETWEEN"])
+        enum_consts = []
+        for header_file in files:
+            state = states.OUTSIDE_KEYWORD
+            with open(header_file, "r", encoding="utf-8") as header:
+                for line_no, line in enumerate(header):
+                    # Match typedefs and brackets only when they are at the
+                    # beginning of the line -- if they are indented, they might
+                    # be sub-structures within structs, etc.
+                    optional_c_identifier = r"([_a-zA-Z][_a-zA-Z0-9]*)?"
+                    if (state == states.OUTSIDE_KEYWORD and
+                            re.search(r"^(typedef +)?enum " + \
+                                    optional_c_identifier + \
+                                    r" *{", line)):
+                        state = states.IN_BRACES
+                    elif (state == states.OUTSIDE_KEYWORD and
+                          re.search(r"^(typedef +)?enum", line)):
+                        state = states.IN_BETWEEN
+                    elif (state == states.IN_BETWEEN and
+                          re.search(r"^{", line)):
+                        state = states.IN_BRACES
+                    elif (state == states.IN_BRACES and
+                          re.search(r"^}", line)):
+                        state = states.OUTSIDE_KEYWORD
+                    elif (state == states.IN_BRACES and
+                          not re.search(r"^ *#", line)):
+                        enum_const = re.search(r"^ *(?P<enum_const>\w+)", line)
+                        if not enum_const:
+                            continue
+
+                        enum_consts.append(Match(
+                            header_file,
+                            line,
+                            line_no,
+                            enum_const.span("enum_const"),
+                            enum_const.group("enum_const")))
+
+        return enum_consts
+
+    IGNORED_CHUNK_REGEX = re.compile('|'.join([
+        r'/\*.*?\*/', # block comment entirely on one line
+        r'//.*', # line comment
+        r'(?P<string>")(?:[^\\\"]|\\.)*"', # string literal
+    ]))
+
+    def strip_comments_and_literals(self, line, in_block_comment):
+        """Strip comments and string literals from line.
+
+        Continuation lines are not supported.
+
+        If in_block_comment is true, assume that the line starts inside a
+        block comment.
+
+        Return updated values of (line, in_block_comment) where:
+        * Comments in line have been replaced by a space (or nothing at the
+          start or end of the line).
+        * String contents have been removed.
+        * in_block_comment indicates whether the line ends inside a block
+          comment that continues on the next line.
+        """
+
+        # Terminate current multiline comment?
+        if in_block_comment:
+            m = re.search(r"\*/", line)
+            if m:
+                in_block_comment = False
+                line = line[m.end(0):]
+            else:
+                return '', True
+
+        # Remove full comments and string literals.
+        # Do it all together to handle cases like "/*" correctly.
+        # Note that continuation lines are not supported.
+        line = re.sub(self.IGNORED_CHUNK_REGEX,
+                      lambda s: '""' if s.group('string') else ' ',
+                      line)
+
+        # Start an unfinished comment?
+        # (If `/*` was part of a complete comment, it's already been removed.)
+        m = re.search(r"/\*", line)
+        if m:
+            in_block_comment = True
+            line = line[:m.start(0)]
+
+        return line, in_block_comment
+
+    IDENTIFIER_REGEX = re.compile('|'.join([
+        # Match " something(a" or " *something(a". Functions.
+        # Assumptions:
+        # - function definition from return type to one of its arguments is
+        #   all on one line
+        # - function definition line only contains alphanumeric, asterisk,
+        #   underscore, and open bracket
+        r".* \**(\w+) *\( *\w",
+        # Match "(*something)(".
+        r".*\( *\* *(\w+) *\) *\(",
+        # Match names of named data structures.
+        r"(?:typedef +)?(?:struct|union|enum) +(\w+)(?: *{)?$",
+        # Match names of typedef instances, after closing bracket.
+        r"}? *(\w+)[;[].*",
+    ]))
+    # The regex below is indented for clarity.
+    EXCLUSION_LINES = re.compile("|".join([
+        r"extern +\"C\"",
+        r"(typedef +)?(struct|union|enum)( *{)?$",
+        r"} *;?$",
+        r"$",
+        r"//",
+        r"#",
+    ]))
+
+    def parse_identifiers_in_file(self, header_file, identifiers):
+        """
+        Parse all lines of a header where a function/enum/struct/union/typedef
+        identifier is declared, based on some regex and heuristics. Highly
+        dependent on formatting style.
+
+        Append found matches to the list ``identifiers``.
+        """
+
+        with open(header_file, "r", encoding="utf-8") as header:
+            in_block_comment = False
+            # The previous line variable is used for concatenating lines
+            # when identifiers are formatted and spread across multiple
+            # lines.
+            previous_line = ""
+
+            for line_no, line in enumerate(header):
+                line, in_block_comment = \
+                    self.strip_comments_and_literals(line, in_block_comment)
+
+                if self.EXCLUSION_LINES.match(line):
+                    previous_line = ""
+                    continue
+
+                # If the line contains only space-separated alphanumeric
+                # characters (or underscore, asterisk, or open parenthesis),
+                # and nothing else, high chance it's a declaration that
+                # continues on the next line
+                if re.search(r"^([\w\*\(]+\s+)+$", line):
+                    previous_line += line
+                    continue
+
+                # If previous line seemed to start an unfinished declaration
+                # (as above), concat and treat them as one.
+                if previous_line:
+                    line = previous_line.strip() + " " + line.strip() + "\n"
+                    previous_line = ""
+
+                # Skip parsing if line has a space in front = heuristic to
+                # skip function argument lines (highly subject to formatting
+                # changes)
+                if line[0] == " ":
+                    continue
+
+                identifier = self.IDENTIFIER_REGEX.search(line)
+
+                if not identifier:
+                    continue
+
+                # Find the group that matched, and append it
+                for group in identifier.groups():
+                    if not group:
+                        continue
+
+                    identifiers.append(Match(
+                        header_file,
+                        line,
+                        line_no,
+                        identifier.span(),
+                        group))
+
+    def parse_identifiers(self, include, exclude=None):
+        """
+        Parse all lines of a header where a function/enum/struct/union/typedef
+        identifier is declared, based on some regex and heuristics. Highly
+        dependent on formatting style. Identifiers in excluded files are still
+        parsed
+
+        Args:
+        * include: A List of glob expressions to look for files through.
+        * exclude: A List of glob expressions for excluding files.
+
+        Returns: a Tuple of two Lists of Match objects with identifiers.
+        * included_identifiers: A List of Match objects with identifiers from
+          included files.
+        * excluded_identifiers: A List of Match objects with identifiers from
+          excluded files.
+        """
+
+        included_files, excluded_files = \
+            self.get_all_files(include, exclude)
+
+        self.log.debug("Looking for included identifiers in {} files".format \
+            (len(included_files)))
+
+        included_identifiers = []
+        excluded_identifiers = []
+        for header_file in included_files:
+            self.parse_identifiers_in_file(header_file, included_identifiers)
+        for header_file in excluded_files:
+            self.parse_identifiers_in_file(header_file, excluded_identifiers)
+
+        return (included_identifiers, excluded_identifiers)
+
+    def parse_symbols(self):
+        """
+        Compile the Mbed TLS libraries, and parse the TLS, Crypto, and x509
+        object files using nm to retrieve the list of referenced symbols.
+        Exceptions thrown here are rethrown because they would be critical
+        errors that void several tests, and thus needs to halt the program. This
+        is explicitly done for clarity.
+
+        Returns a List of unique symbols defined and used in the libraries.
+        """
+        self.log.info("Compiling...")
+        symbols = []
+
+        # Back up the config and atomically compile with the full configuration.
+        shutil.copy(
+            "include/mbedtls/config.h",
+            "include/mbedtls/config.h.bak"
+        )
+        try:
+            # Use check=True in all subprocess calls so that failures are raised
+            # as exceptions and logged.
+            subprocess.run(
+                ["python3", "scripts/config.py", "full"],
+                universal_newlines=True,
+                check=True
+            )
+            my_environment = os.environ.copy()
+            my_environment["CFLAGS"] = "-fno-asynchronous-unwind-tables"
+            # Run make clean separately to lib to prevent unwanted behavior when
+            # make is invoked with parallelism.
+            subprocess.run(
+                ["make", "clean"],
+                universal_newlines=True,
+                check=True
+            )
+            subprocess.run(
+                ["make", "lib"],
+                env=my_environment,
+                universal_newlines=True,
+                stdout=subprocess.PIPE,
+                stderr=subprocess.STDOUT,
+                check=True
+            )
+
+            # Perform object file analysis using nm
+            symbols = self.parse_symbols_from_nm([
+                "library/libmbedcrypto.a",
+                "library/libmbedtls.a",
+                "library/libmbedx509.a"
+            ])
+
+            subprocess.run(
+                ["make", "clean"],
+                universal_newlines=True,
+                check=True
+            )
+        except subprocess.CalledProcessError as error:
+            self.log.debug(error.output)
+            raise error
+        finally:
+            # Put back the original config regardless of there being errors.
+            # Works also for keyboard interrupts.
+            shutil.move(
+                "include/mbedtls/config.h.bak",
+                "include/mbedtls/config.h"
+            )
+
+        return symbols
+
+    def parse_symbols_from_nm(self, object_files):
+        """
+        Run nm to retrieve the list of referenced symbols in each object file.
+        Does not return the position data since it is of no use.
+
+        Args:
+        * object_files: a List of compiled object filepaths to search through.
+
+        Returns a List of unique symbols defined and used in any of the object
+        files.
+        """
+        nm_undefined_regex = re.compile(r"^\S+: +U |^$|^\S+:$")
+        nm_valid_regex = re.compile(r"^\S+( [0-9A-Fa-f]+)* . _*(?P<symbol>\w+)")
+        exclusions = ("FStar", "Hacl")
+
+        symbols = []
+
+        # Gather all outputs of nm
+        nm_output = ""
+        for lib in object_files:
+            nm_output += subprocess.run(
+                ["nm", "-og", lib],
+                universal_newlines=True,
+                stdout=subprocess.PIPE,
+                stderr=subprocess.STDOUT,
+                check=True
+            ).stdout
+
+        for line in nm_output.splitlines():
+            if not nm_undefined_regex.search(line):
+                symbol = nm_valid_regex.search(line)
+                if (symbol and not symbol.group("symbol").startswith(exclusions)):
+                    symbols.append(symbol.group("symbol"))
+                else:
+                    self.log.error(line)
+
+        return symbols
+
+class NameChecker():
+    """
+    Representation of the core name checking operation performed by this script.
+    """
+    def __init__(self, parse_result, log):
+        self.parse_result = parse_result
+        self.log = log
+
+    def perform_checks(self, quiet=False):
+        """
+        A comprehensive checker that performs each check in order, and outputs
+        a final verdict.
+
+        Args:
+        * quiet: whether to hide detailed problem explanation.
+        """
+        self.log.info("=============")
+        Problem.quiet = quiet
+        problems = 0
+        problems += self.check_symbols_declared_in_header()
+
+        pattern_checks = [
+            ("macros", MACRO_PATTERN),
+            ("enum_consts", CONSTANTS_PATTERN),
+            ("identifiers", IDENTIFIER_PATTERN)
+        ]
+        for group, check_pattern in pattern_checks:
+            problems += self.check_match_pattern(group, check_pattern)
+
+        problems += self.check_for_typos()
+
+        self.log.info("=============")
+        if problems > 0:
+            self.log.info("FAIL: {0} problem(s) to fix".format(str(problems)))
+            if quiet:
+                self.log.info("Remove --quiet to see explanations.")
+            else:
+                self.log.info("Use --quiet for minimal output.")
+            return 1
+        else:
+            self.log.info("PASS")
+            return 0
+
+    def check_symbols_declared_in_header(self):
+        """
+        Perform a check that all detected symbols in the library object files
+        are properly declared in headers.
+        Assumes parse_names_in_source() was called before this.
+
+        Returns the number of problems that need fixing.
+        """
+        problems = []
+        all_identifiers = self.parse_result["identifiers"] +  \
+            self.parse_result["excluded_identifiers"]
+
+        for symbol in self.parse_result["symbols"]:
+            found_symbol_declared = False
+            for identifier_match in all_identifiers:
+                if symbol == identifier_match.name:
+                    found_symbol_declared = True
+                    break
+
+            if not found_symbol_declared:
+                problems.append(SymbolNotInHeader(symbol))
+
+        self.output_check_result("All symbols in header", problems)
+        return len(problems)
+
+    def check_match_pattern(self, group_to_check, check_pattern):
+        """
+        Perform a check that all items of a group conform to a regex pattern.
+        Assumes parse_names_in_source() was called before this.
+
+        Args:
+        * group_to_check: string key to index into self.parse_result.
+        * check_pattern: the regex to check against.
+
+        Returns the number of problems that need fixing.
+        """
+        problems = []
+
+        for item_match in self.parse_result[group_to_check]:
+            if not re.search(check_pattern, item_match.name):
+                problems.append(PatternMismatch(check_pattern, item_match))
+            # Double underscore should not be used for names
+            if re.search(r".*__.*", item_match.name):
+                problems.append(
+                    PatternMismatch("no double underscore allowed", item_match))
+
+        self.output_check_result(
+            "Naming patterns of {}".format(group_to_check),
+            problems)
+        return len(problems)
+
+    def check_for_typos(self):
+        """
+        Perform a check that all words in the source code beginning with MBED are
+        either defined as macros, or as enum constants.
+        Assumes parse_names_in_source() was called before this.
+
+        Returns the number of problems that need fixing.
+        """
+        problems = []
+
+        # Set comprehension, equivalent to a list comprehension wrapped by set()
+        all_caps_names = {
+            match.name
+            for match
+            in self.parse_result["macros"] +
+            self.parse_result["private_macros"] +
+            self.parse_result["enum_consts"]
+        }
+        typo_exclusion = re.compile(r"XXX|__|_$|^MBEDTLS_.*CONFIG_FILE$|"
+                                    r"MBEDTLS_TEST_LIBTESTDRIVER*|"
+                                    r"PSA_CRYPTO_DRIVER_TEST")
+
+        for name_match in self.parse_result["mbed_psa_words"]:
+            found = name_match.name in all_caps_names
+
+            # Since MBEDTLS_PSA_ACCEL_XXX defines are defined by the
+            # PSA driver, they will not exist as macros. However, they
+            # should still be checked for typos using the equivalent
+            # BUILTINs that exist.
+            if "MBEDTLS_PSA_ACCEL_" in name_match.name:
+                found = name_match.name.replace(
+                    "MBEDTLS_PSA_ACCEL_",
+                    "MBEDTLS_PSA_BUILTIN_") in all_caps_names
+
+            if not found and not typo_exclusion.search(name_match.name):
+                problems.append(Typo(name_match))
+
+        self.output_check_result("Likely typos", problems)
+        return len(problems)
+
+    def output_check_result(self, name, problems):
+        """
+        Write out the PASS/FAIL status of a performed check depending on whether
+        there were problems.
+
+        Args:
+        * name: the name of the test
+        * problems: a List of encountered Problems
+        """
+        if problems:
+            self.log.info("{}: FAIL\n".format(name))
+            for problem in problems:
+                self.log.warning(str(problem))
+        else:
+            self.log.info("{}: PASS".format(name))
+
+def main():
+    """
+    Perform argument parsing, and create an instance of CodeParser and
+    NameChecker to begin the core operation.
+    """
+    parser = argparse.ArgumentParser(
+        formatter_class=argparse.RawDescriptionHelpFormatter,
+        description=(
+            "This script confirms that the naming of all symbols and identifiers "
+            "in Mbed TLS are consistent with the house style and are also "
+            "self-consistent.\n\n"
+            "Expected to be run from the MbedTLS root directory.")
+    )
+    parser.add_argument(
+        "-v", "--verbose",
+        action="store_true",
+        help="show parse results"
+    )
+    parser.add_argument(
+        "-q", "--quiet",
+        action="store_true",
+        help="hide unnecessary text, explanations, and highlights"
+    )
+
+    args = parser.parse_args()
+
+    # Configure the global logger, which is then passed to the classes below
+    log = logging.getLogger()
+    log.setLevel(logging.DEBUG if args.verbose else logging.INFO)
+    log.addHandler(logging.StreamHandler())
+
+    try:
+        code_parser = CodeParser(log)
+        parse_result = code_parser.comprehensive_parse()
+    except Exception: # pylint: disable=broad-except
+        traceback.print_exc()
+        sys.exit(2)
+
+    name_checker = NameChecker(parse_result, log)
+    return_code = name_checker.perform_checks(quiet=args.quiet)
+
+    sys.exit(return_code)
+
+if __name__ == "__main__":
+    main()
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/check_test_cases.py b/3rdparty/mbedtls-2.28.7/tests/scripts/check_test_cases.py
similarity index 77%
rename from 3rdparty/mbedtls-2.25.0/tests/scripts/check_test_cases.py
rename to 3rdparty/mbedtls-2.28.7/tests/scripts/check_test_cases.py
index fe11f20..995976f 100644
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/check_test_cases.py
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/check_test_cases.py
@@ -7,24 +7,13 @@
 """
 
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 
 import argparse
 import glob
 import os
 import re
+import subprocess
 import sys
 
 class Results:
@@ -111,6 +100,19 @@ def walk_ssl_opt_sh(self, file_name):
                 self.process_test_case(descriptions,
                                        file_name, line_number, description)
 
+    def walk_compat_sh(self, file_name):
+        """Iterate over the test cases compat.sh with a similar format."""
+        descriptions = self.new_per_file_state() # pylint: disable=assignment-from-none
+        compat_cmd = ['sh', file_name, '--list-test-case']
+        compat_output = subprocess.check_output(compat_cmd)
+        # Assume compat.sh is responsible for printing identical format of
+        # test case description between --list-test-case and its OUTCOME.CSV
+        description = compat_output.strip().split(b'\n')
+        # idx indicates the number of test case since there is no line number
+        # in `compat.sh` for each test case.
+        for idx, descrip in enumerate(description):
+            self.process_test_case(descriptions, file_name, idx, descrip)
+
     @staticmethod
     def collect_test_directories():
         """Get the relative path for the TLS and Crypto test directories."""
@@ -133,6 +135,29 @@ def walk_all(self):
             ssl_opt_sh = os.path.join(directory, 'ssl-opt.sh')
             if os.path.exists(ssl_opt_sh):
                 self.walk_ssl_opt_sh(ssl_opt_sh)
+            compat_sh = os.path.join(directory, 'compat.sh')
+            if os.path.exists(compat_sh):
+                self.walk_compat_sh(compat_sh)
+
+class TestDescriptions(TestDescriptionExplorer):
+    """Collect the available test cases."""
+
+    def __init__(self):
+        super().__init__()
+        self.descriptions = set()
+
+    def process_test_case(self, _per_file_state,
+                          file_name, _line_number, description):
+        """Record an available test case."""
+        base_name = re.sub(r'\.[^.]*$', '', re.sub(r'.*/', '', file_name))
+        key = ';'.join([base_name, description.decode('utf-8')])
+        self.descriptions.add(key)
+
+def collect_available_test_cases():
+    """Collect the available test cases."""
+    explorer = TestDescriptions()
+    explorer.walk_all()
+    return sorted(explorer.descriptions)
 
 class DescriptionChecker(TestDescriptionExplorer):
     """Check all test case descriptions.
@@ -173,6 +198,9 @@ def process_test_case(self, per_file_state,
 
 def main():
     parser = argparse.ArgumentParser(description=__doc__)
+    parser.add_argument('--list-all',
+                        action='store_true',
+                        help='List all test cases, without doing checks')
     parser.add_argument('--quiet', '-q',
                         action='store_true',
                         help='Hide warnings')
@@ -180,6 +208,10 @@ def main():
                         action='store_false', dest='quiet',
                         help='Show warnings (default: on; undoes --quiet)')
     options = parser.parse_args()
+    if options.list_all:
+        descriptions = collect_available_test_cases()
+        sys.stdout.write('\n'.join(descriptions + ['']))
+        return
     results = Results(options)
     checker = DescriptionChecker(results)
     checker.walk_all()
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/depends.py b/3rdparty/mbedtls-2.28.7/tests/scripts/depends.py
new file mode 100644
index 0000000..6c2e6d6
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/depends.py
@@ -0,0 +1,560 @@
+#!/usr/bin/env python3
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+"""
+Test Mbed TLS with a subset of algorithms.
+
+This script can be divided into several steps:
+
+First, include/mbedtls/config.h or a different config file passed
+in the arguments is parsed to extract any configuration options (using config.py).
+
+Then, test domains (groups of jobs, tests) are built based on predefined data
+collected in the DomainData class. Here, each domain has five major traits:
+- domain name, can be used to run only specific tests via command-line;
+- configuration building method, described in detail below;
+- list of symbols passed to the configuration building method;
+- commands to be run on each job (only build, build and test, or any other custom);
+- optional list of symbols to be excluded from testing.
+
+The configuration building method can be one of the three following:
+
+- ComplementaryDomain - build a job for each passed symbol by disabling a single
+  symbol and its reverse dependencies (defined in REVERSE_DEPENDENCIES);
+
+- ExclusiveDomain - build a job where, for each passed symbol, only this particular
+  one is defined and other symbols from the list are unset. For each job look for
+  any non-standard symbols to set/unset in EXCLUSIVE_GROUPS. These are usually not
+  direct dependencies, but rather non-trivial results of other configs missing. Then
+  look for any unset symbols and handle their reverse dependencies.
+
+- DualDomain - combination of the two above - both complementary and exclusive domain
+  job generation code will be run. Currently only used for hashes.
+
+Lastly, the collected jobs are executed and (optionally) tested, with
+error reporting and coloring as configured in options. Each test starts with
+a full config without a couple of slowing down or unnecessary options
+(see set_reference_config), then the specific job config is derived.
+"""
+import argparse
+import os
+import re
+import shutil
+import subprocess
+import sys
+import traceback
+from typing import Union
+
+# Add the Mbed TLS Python library directory to the module search path
+import scripts_path # pylint: disable=unused-import
+import config
+
+class Colors: # pylint: disable=too-few-public-methods
+    """Minimalistic support for colored output.
+Each field of an object of this class is either None if colored output
+is not possible or not desired, or a pair of strings (start, stop) such
+that outputting start switches the text color to the desired color and
+stop switches the text color back to the default."""
+    red = None
+    green = None
+    cyan = None
+    bold_red = None
+    bold_green = None
+    def __init__(self, options=None):
+        """Initialize color profile according to passed options."""
+        if not options or options.color in ['no', 'never']:
+            want_color = False
+        elif options.color in ['yes', 'always']:
+            want_color = True
+        else:
+            want_color = sys.stderr.isatty()
+        if want_color:
+            # Assume ANSI compatible terminal
+            normal = '\033[0m'
+            self.red = ('\033[31m', normal)
+            self.green = ('\033[32m', normal)
+            self.cyan = ('\033[36m', normal)
+            self.bold_red = ('\033[1;31m', normal)
+            self.bold_green = ('\033[1;32m', normal)
+NO_COLORS = Colors(None)
+
+def log_line(text, prefix='depends.py:', suffix='', color=None):
+    """Print a status message."""
+    if color is not None:
+        prefix = color[0] + prefix
+        suffix = suffix + color[1]
+    sys.stderr.write(prefix + ' ' + text + suffix + '\n')
+    sys.stderr.flush()
+
+def log_command(cmd):
+    """Print a trace of the specified command.
+cmd is a list of strings: a command name and its arguments."""
+    log_line(' '.join(cmd), prefix='+')
+
+def backup_config(options):
+    """Back up the library configuration file (config.h).
+If the backup file already exists, it is presumed to be the desired backup,
+so don't make another backup."""
+    if os.path.exists(options.config_backup):
+        options.own_backup = False
+    else:
+        options.own_backup = True
+        shutil.copy(options.config, options.config_backup)
+
+def restore_config(options):
+    """Restore the library configuration file (config.h).
+Remove the backup file if it was saved earlier."""
+    if options.own_backup:
+        shutil.move(options.config_backup, options.config)
+    else:
+        shutil.copy(options.config_backup, options.config)
+
+def option_exists(conf, option):
+    return option in conf.settings
+
+def set_config_option_value(conf, option, colors, value: Union[bool, str]):
+    """Set/unset a configuration option, optionally specifying a value.
+value can be either True/False (set/unset config option), or a string,
+which will make a symbol defined with a certain value."""
+    if not option_exists(conf, option):
+        log_line('Symbol {} was not found in {}'.format(option, conf.filename), color=colors.red)
+        return False
+
+    if value is False:
+        log_command(['config.py', 'unset', option])
+        conf.unset(option)
+    elif value is True:
+        log_command(['config.py', 'set', option])
+        conf.set(option)
+    else:
+        log_command(['config.py', 'set', option, value])
+        conf.set(option, value)
+    return True
+
+def set_reference_config(conf, options, colors):
+    """Change the library configuration file (config.h) to the reference state.
+The reference state is the one from which the tested configurations are
+derived."""
+    # Turn off options that are not relevant to the tests and slow them down.
+    log_command(['config.py', 'full'])
+    conf.adapt(config.full_adapter)
+    set_config_option_value(conf, 'MBEDTLS_TEST_HOOKS', colors, False)
+    if options.unset_use_psa:
+        set_config_option_value(conf, 'MBEDTLS_USE_PSA_CRYPTO', colors, False)
+
+class Job:
+    """A job builds the library in a specific configuration and runs some tests."""
+    def __init__(self, name, config_settings, commands):
+        """Build a job object.
+The job uses the configuration described by config_settings. This is a
+dictionary where the keys are preprocessor symbols and the values are
+booleans or strings. A boolean indicates whether or not to #define the
+symbol. With a string, the symbol is #define'd to that value.
+After setting the configuration, the job runs the programs specified by
+commands. This is a list of lists of strings; each list of string is a
+command name and its arguments and is passed to subprocess.call with
+shell=False."""
+        self.name = name
+        self.config_settings = config_settings
+        self.commands = commands
+
+    def announce(self, colors, what):
+        '''Announce the start or completion of a job.
+If what is None, announce the start of the job.
+If what is True, announce that the job has passed.
+If what is False, announce that the job has failed.'''
+        if what is True:
+            log_line(self.name + ' PASSED', color=colors.green)
+        elif what is False:
+            log_line(self.name + ' FAILED', color=colors.red)
+        else:
+            log_line('starting ' + self.name, color=colors.cyan)
+
+    def configure(self, conf, options, colors):
+        '''Set library configuration options as required for the job.'''
+        set_reference_config(conf, options, colors)
+        for key, value in sorted(self.config_settings.items()):
+            ret = set_config_option_value(conf, key, colors, value)
+            if ret is False:
+                return False
+        return True
+
+    def test(self, options):
+        '''Run the job's build and test commands.
+Return True if all the commands succeed and False otherwise.
+If options.keep_going is false, stop as soon as one command fails. Otherwise
+run all the commands, except that if the first command fails, none of the
+other commands are run (typically, the first command is a build command
+and subsequent commands are tests that cannot run if the build failed).'''
+        built = False
+        success = True
+        for command in self.commands:
+            log_command(command)
+            ret = subprocess.call(command)
+            if ret != 0:
+                if command[0] not in ['make', options.make_command]:
+                    log_line('*** [{}] Error {}'.format(' '.join(command), ret))
+                if not options.keep_going or not built:
+                    return False
+                success = False
+            built = True
+        return success
+
+# SSL/TLS versions up to 1.1 and corresponding options. These require
+# both MD5 and SHA-1.
+SSL_PRE_1_2_DEPENDENCIES = ['MBEDTLS_SSL_CBC_RECORD_SPLITTING',
+                            'MBEDTLS_SSL_PROTO_SSL3',
+                            'MBEDTLS_SSL_PROTO_TLS1',
+                            'MBEDTLS_SSL_PROTO_TLS1_1']
+
+# If the configuration option A requires B, make sure that
+# B in REVERSE_DEPENDENCIES[A].
+# All the information here should be contained in check_config.h. This
+# file includes a copy because it changes rarely and it would be a pain
+# to extract automatically.
+REVERSE_DEPENDENCIES = {
+    'MBEDTLS_AES_C': ['MBEDTLS_CTR_DRBG_C',
+                      'MBEDTLS_NIST_KW_C'],
+    'MBEDTLS_CHACHA20_C': ['MBEDTLS_CHACHAPOLY_C'],
+    'MBEDTLS_ECDSA_C': ['MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED',
+                        'MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED'],
+    'MBEDTLS_ECP_C': ['MBEDTLS_ECDSA_C',
+                      'MBEDTLS_ECDH_C',
+                      'MBEDTLS_ECJPAKE_C',
+                      'MBEDTLS_ECP_RESTARTABLE',
+                      'MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED',
+                      'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED',
+                      'MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED',
+                      'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
+                      'MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED',
+                      'MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED'],
+    'MBEDTLS_ECP_DP_SECP256R1_ENABLED': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED'],
+    'MBEDTLS_MD5_C': SSL_PRE_1_2_DEPENDENCIES,
+    'MBEDTLS_PKCS1_V21': ['MBEDTLS_X509_RSASSA_PSS_SUPPORT'],
+    'MBEDTLS_PKCS1_V15': ['MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED',
+                          'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
+                          'MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED',
+                          'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED'],
+    'MBEDTLS_RSA_C': ['MBEDTLS_X509_RSASSA_PSS_SUPPORT',
+                      'MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED',
+                      'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
+                      'MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED',
+                      'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED',
+                      'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED'],
+    'MBEDTLS_SHA1_C': SSL_PRE_1_2_DEPENDENCIES,
+    'MBEDTLS_SHA256_C': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED',
+                         'MBEDTLS_ENTROPY_FORCE_SHA256'],
+    'MBEDTLS_X509_RSASSA_PSS_SUPPORT': []
+}
+
+# If an option is tested in an exclusive test, alter the following defines.
+# These are not necessarily dependencies, but just minimal required changes
+# if a given define is the only one enabled from an exclusive group.
+EXCLUSIVE_GROUPS = {
+    'MBEDTLS_SHA512_C': ['-MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL'],
+    'MBEDTLS_SHA512_NO_SHA384': ['+MBEDTLS_SHA512_C',
+                                 '-MBEDTLS_SSL_PROTO_TLS1_2',
+                                 '-MBEDTLS_SSL_PROTO_DTLS',
+                                 '-MBEDTLS_SSL_TLS_C',
+                                 '-MBEDTLS_SSL_CLI_C',
+                                 '-MBEDTLS_SSL_SRV_C',
+                                 '-MBEDTLS_SSL_DTLS_HELLO_VERIFY',
+                                 '-MBEDTLS_SSL_DTLS_ANTI_REPLAY',
+                                 '-MBEDTLS_SSL_DTLS_CONNECTION_ID',
+                                 '-MBEDTLS_SSL_DTLS_BADMAC_LIMIT',
+                                 '-MBEDTLS_SSL_ENCRYPT_THEN_MAC',
+                                 '-MBEDTLS_SSL_EXTENDED_MASTER_SECRET',
+                                 '-MBEDTLS_SSL_DTLS_SRTP',
+                                 '-MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE'],
+    'MBEDTLS_ECP_DP_CURVE448_ENABLED': ['-MBEDTLS_ECDSA_C',
+                                        '-MBEDTLS_ECDSA_DETERMINISTIC',
+                                        '-MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED',
+                                        '-MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED',
+                                        '-MBEDTLS_ECJPAKE_C',
+                                        '-MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED'],
+    'MBEDTLS_ECP_DP_CURVE25519_ENABLED': ['-MBEDTLS_ECDSA_C',
+                                          '-MBEDTLS_ECDSA_DETERMINISTIC',
+                                          '-MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED',
+                                          '-MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED',
+                                          '-MBEDTLS_ECJPAKE_C',
+                                          '-MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED'],
+    'MBEDTLS_ARIA_C': ['-MBEDTLS_CMAC_C'],
+    'MBEDTLS_ARC4_C': ['-MBEDTLS_CMAC_C',
+                       '-MBEDTLS_CCM_C',
+                       '-MBEDTLS_SSL_TICKET_C',
+                       '-MBEDTLS_SSL_CONTEXT_SERIALIZATION',
+                       '-MBEDTLS_GCM_C'],
+    'MBEDTLS_BLOWFISH_C': ['-MBEDTLS_CMAC_C',
+                           '-MBEDTLS_CCM_C',
+                           '-MBEDTLS_SSL_TICKET_C',
+                           '-MBEDTLS_SSL_CONTEXT_SERIALIZATION',
+                           '-MBEDTLS_GCM_C'],
+    'MBEDTLS_CAMELLIA_C': ['-MBEDTLS_CMAC_C'],
+    'MBEDTLS_CHACHA20_C': ['-MBEDTLS_CMAC_C', '-MBEDTLS_CCM_C', '-MBEDTLS_GCM_C'],
+    'MBEDTLS_DES_C': ['-MBEDTLS_CCM_C',
+                      '-MBEDTLS_GCM_C',
+                      '-MBEDTLS_SSL_TICKET_C',
+                      '-MBEDTLS_SSL_CONTEXT_SERIALIZATION'],
+}
+def handle_exclusive_groups(config_settings, symbol):
+    """For every symbol tested in an exclusive group check if there are other
+defines to be altered. """
+    for dep in EXCLUSIVE_GROUPS.get(symbol, []):
+        unset = dep.startswith('-')
+        dep = dep[1:]
+        config_settings[dep] = not unset
+
+def turn_off_dependencies(config_settings):
+    """For every option turned off config_settings, also turn off what depends on it.
+An option O is turned off if config_settings[O] is False."""
+    for key, value in sorted(config_settings.items()):
+        if value is not False:
+            continue
+        for dep in REVERSE_DEPENDENCIES.get(key, []):
+            config_settings[dep] = False
+
+class BaseDomain: # pylint: disable=too-few-public-methods, unused-argument
+    """A base class for all domains."""
+    def __init__(self, symbols, commands, exclude):
+        """Initialize the jobs container"""
+        self.jobs = []
+
+class ExclusiveDomain(BaseDomain): # pylint: disable=too-few-public-methods
+    """A domain consisting of a set of conceptually-equivalent settings.
+Establish a list of configuration symbols. For each symbol, run a test job
+with this symbol set and the others unset."""
+    def __init__(self, symbols, commands, exclude=None):
+        """Build a domain for the specified list of configuration symbols.
+The domain contains a set of jobs that enable one of the elements
+of symbols and disable the others.
+Each job runs the specified commands.
+If exclude is a regular expression, skip generated jobs whose description
+would match this regular expression."""
+        super().__init__(symbols, commands, exclude)
+        base_config_settings = {}
+        for symbol in symbols:
+            base_config_settings[symbol] = False
+        for symbol in symbols:
+            description = symbol
+            if exclude and re.match(exclude, description):
+                continue
+            config_settings = base_config_settings.copy()
+            config_settings[symbol] = True
+            handle_exclusive_groups(config_settings, symbol)
+            turn_off_dependencies(config_settings)
+            job = Job(description, config_settings, commands)
+            self.jobs.append(job)
+
+class ComplementaryDomain(BaseDomain): # pylint: disable=too-few-public-methods
+    """A domain consisting of a set of loosely-related settings.
+Establish a list of configuration symbols. For each symbol, run a test job
+with this symbol unset.
+If exclude is a regular expression, skip generated jobs whose description
+would match this regular expression."""
+    def __init__(self, symbols, commands, exclude=None):
+        """Build a domain for the specified list of configuration symbols.
+Each job in the domain disables one of the specified symbols.
+Each job runs the specified commands."""
+        super().__init__(symbols, commands, exclude)
+        for symbol in symbols:
+            description = '!' + symbol
+            if exclude and re.match(exclude, description):
+                continue
+            config_settings = {symbol: False}
+            turn_off_dependencies(config_settings)
+            job = Job(description, config_settings, commands)
+            self.jobs.append(job)
+
+class DualDomain(ExclusiveDomain, ComplementaryDomain): # pylint: disable=too-few-public-methods
+    """A domain that contains both the ExclusiveDomain and BaseDomain tests.
+Both parent class __init__ calls are performed in any order and
+each call adds respective jobs. The job array initialization is done once in
+BaseDomain, before the parent __init__ calls."""
+
+class CipherInfo: # pylint: disable=too-few-public-methods
+    """Collect data about cipher.h."""
+    def __init__(self):
+        self.base_symbols = set()
+        with open('include/mbedtls/cipher.h', encoding="utf-8") as fh:
+            for line in fh:
+                m = re.match(r' *MBEDTLS_CIPHER_ID_(\w+),', line)
+                if m and m.group(1) not in ['NONE', 'NULL', '3DES']:
+                    self.base_symbols.add('MBEDTLS_' + m.group(1) + '_C')
+
+class DomainData:
+    """A container for domains and jobs, used to structurize testing."""
+    def config_symbols_matching(self, regexp):
+        """List the config.h settings matching regexp."""
+        return [symbol for symbol in self.all_config_symbols
+                if re.match(regexp, symbol)]
+
+    def __init__(self, options, conf):
+        """Gather data about the library and establish a list of domains to test."""
+        build_command = [options.make_command, 'CFLAGS=-Werror']
+        build_and_test = [build_command, [options.make_command, 'test']]
+        self.all_config_symbols = set(conf.settings.keys())
+        # Find hash modules by name.
+        hash_symbols = self.config_symbols_matching(r'MBEDTLS_(MD|RIPEMD|SHA)[0-9]+_C\Z')
+        hash_symbols.append("MBEDTLS_SHA512_NO_SHA384")
+        # Find elliptic curve enabling macros by name.
+        curve_symbols = self.config_symbols_matching(r'MBEDTLS_ECP_DP_\w+_ENABLED\Z')
+        # Find key exchange enabling macros by name.
+        key_exchange_symbols = self.config_symbols_matching(r'MBEDTLS_KEY_EXCHANGE_\w+_ENABLED\Z')
+        # Find cipher IDs (block permutations and stream ciphers --- chaining
+        # and padding modes are exercised separately) information by parsing
+        # cipher.h, as the information is not readily available in config.h.
+        cipher_info = CipherInfo()
+        # Find block cipher chaining and padding mode enabling macros by name.
+        cipher_chaining_symbols = self.config_symbols_matching(r'MBEDTLS_CIPHER_MODE_\w+\Z')
+        cipher_padding_symbols = self.config_symbols_matching(r'MBEDTLS_CIPHER_PADDING_\w+\Z')
+        self.domains = {
+            # Cipher IDs, chaining modes and padding modes. Run the test suites.
+            'cipher_id': ExclusiveDomain(cipher_info.base_symbols,
+                                         build_and_test),
+            'cipher_chaining': ExclusiveDomain(cipher_chaining_symbols,
+                                               build_and_test),
+            'cipher_padding': ExclusiveDomain(cipher_padding_symbols,
+                                              build_and_test),
+            # Elliptic curves. Run the test suites.
+            'curves': ExclusiveDomain(curve_symbols, build_and_test),
+            # Hash algorithms. Exclude exclusive domain of MD, RIPEMD, SHA1 (obsolete)
+            'hashes': DualDomain(hash_symbols, build_and_test,
+                                 exclude=r'MBEDTLS_(MD|RIPEMD|SHA1_)'\
+                                          '|!MBEDTLS_*_NO_SHA'),
+            # Key exchange types.
+            'kex': ExclusiveDomain(key_exchange_symbols, build_and_test),
+            'pkalgs': ComplementaryDomain(['MBEDTLS_ECDSA_C',
+                                           'MBEDTLS_ECP_C',
+                                           'MBEDTLS_PKCS1_V21',
+                                           'MBEDTLS_PKCS1_V15',
+                                           'MBEDTLS_RSA_C',
+                                           'MBEDTLS_X509_RSASSA_PSS_SUPPORT'],
+                                          build_and_test),
+        }
+        self.jobs = {}
+        for domain in self.domains.values():
+            for job in domain.jobs:
+                self.jobs[job.name] = job
+
+    def get_jobs(self, name):
+        """Return the list of jobs identified by the given name.
+A name can either be the name of a domain or the name of one specific job."""
+        if name in self.domains:
+            return sorted(self.domains[name].jobs, key=lambda job: job.name)
+        else:
+            return [self.jobs[name]]
+
+def run(options, job, conf, colors=NO_COLORS):
+    """Run the specified job (a Job instance)."""
+    subprocess.check_call([options.make_command, 'clean'])
+    job.announce(colors, None)
+    if not job.configure(conf, options, colors):
+        job.announce(colors, False)
+        return False
+    conf.write()
+    success = job.test(options)
+    job.announce(colors, success)
+    return success
+
+def run_tests(options, domain_data, conf):
+    """Run the desired jobs.
+domain_data should be a DomainData instance that describes the available
+domains and jobs.
+Run the jobs listed in options.tasks."""
+    if not hasattr(options, 'config_backup'):
+        options.config_backup = options.config + '.bak'
+    colors = Colors(options)
+    jobs = []
+    failures = []
+    successes = []
+    for name in options.tasks:
+        jobs += domain_data.get_jobs(name)
+    backup_config(options)
+    try:
+        for job in jobs:
+            success = run(options, job, conf, colors=colors)
+            if not success:
+                if options.keep_going:
+                    failures.append(job.name)
+                else:
+                    return False
+            else:
+                successes.append(job.name)
+        restore_config(options)
+    except:
+        # Restore the configuration, except in stop-on-error mode if there
+        # was an error, where we leave the failing configuration up for
+        # developer convenience.
+        if options.keep_going:
+            restore_config(options)
+        raise
+    if successes:
+        log_line('{} passed'.format(' '.join(successes)), color=colors.bold_green)
+    if failures:
+        log_line('{} FAILED'.format(' '.join(failures)), color=colors.bold_red)
+        return False
+    else:
+        return True
+
+def main():
+    try:
+        parser = argparse.ArgumentParser(
+            formatter_class=argparse.RawDescriptionHelpFormatter,
+            description=
+            "Test Mbed TLS with a subset of algorithms.\n\n"
+            "Example usage:\n"
+            r"./tests/scripts/depends.py \!MBEDTLS_SHA1_C MBEDTLS_SHA256_C""\n"
+            "./tests/scripts/depends.py MBEDTLS_AES_C hashes\n"
+            "./tests/scripts/depends.py cipher_id cipher_chaining\n")
+        parser.add_argument('--color', metavar='WHEN',
+                            help='Colorize the output (always/auto/never)',
+                            choices=['always', 'auto', 'never'], default='auto')
+        parser.add_argument('-c', '--config', metavar='FILE',
+                            help='Configuration file to modify',
+                            default='include/mbedtls/config.h')
+        parser.add_argument('-C', '--directory', metavar='DIR',
+                            help='Change to this directory before anything else',
+                            default='.')
+        parser.add_argument('-k', '--keep-going',
+                            help='Try all configurations even if some fail (default)',
+                            action='store_true', dest='keep_going', default=True)
+        parser.add_argument('-e', '--no-keep-going',
+                            help='Stop as soon as a configuration fails',
+                            action='store_false', dest='keep_going')
+        parser.add_argument('--list-jobs',
+                            help='List supported jobs and exit',
+                            action='append_const', dest='list', const='jobs')
+        parser.add_argument('--list-domains',
+                            help='List supported domains and exit',
+                            action='append_const', dest='list', const='domains')
+        parser.add_argument('--make-command', metavar='CMD',
+                            help='Command to run instead of make (e.g. gmake)',
+                            action='store', default='make')
+        parser.add_argument('--unset-use-psa',
+                            help='Unset MBEDTLS_USE_PSA_CRYPTO before any test',
+                            action='store_true', dest='unset_use_psa')
+        parser.add_argument('tasks', metavar='TASKS', nargs='*',
+                            help='The domain(s) or job(s) to test (default: all).',
+                            default=True)
+        options = parser.parse_args()
+        os.chdir(options.directory)
+        conf = config.ConfigFile(options.config)
+        domain_data = DomainData(options, conf)
+
+        if options.tasks is True:
+            options.tasks = sorted(domain_data.domains.keys())
+        if options.list:
+            for arg in options.list:
+                for domain_name in sorted(getattr(domain_data, arg).keys()):
+                    print(domain_name)
+            sys.exit(0)
+        else:
+            sys.exit(0 if run_tests(options, domain_data, conf) else 1)
+    except Exception: # pylint: disable=broad-except
+        traceback.print_exc()
+        sys.exit(3)
+
+if __name__ == '__main__':
+    main()
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/docker_env.sh b/3rdparty/mbedtls-2.28.7/tests/scripts/docker_env.sh
similarity index 81%
rename from 3rdparty/mbedtls-2.25.0/tests/scripts/docker_env.sh
rename to 3rdparty/mbedtls-2.28.7/tests/scripts/docker_env.sh
index be96c72..cfc98df 100644
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/docker_env.sh
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/docker_env.sh
@@ -9,6 +9,10 @@
 # thus making it easier to get set up as well as isolating test dependencies
 # (which include legacy/insecure configurations of openssl and gnutls).
 #
+# WARNING: the Dockerfile used by this script is no longer maintained! See
+# https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start
+# for the set of Docker images we use on the CI.
+#
 # Notes for users
 # ---------------
 # This script expects a Linux x86_64 system with a recent version of Docker
@@ -23,19 +27,7 @@
 # the Docker image.
 
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#  http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 
 
 # default values, can be overridden by the environment
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/doxygen.sh b/3rdparty/mbedtls-2.28.7/tests/scripts/doxygen.sh
new file mode 100644
index 0000000..b6a1d45
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/doxygen.sh
@@ -0,0 +1,32 @@
+#!/bin/sh
+
+# Make sure the doxygen documentation builds without warnings
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+# Abort on errors (and uninitialised variables)
+set -eu
+
+if [ -d library -a -d include -a -d tests ]; then :; else
+    echo "Must be run from Mbed TLS root" >&2
+    exit 1
+fi
+
+if scripts/apidoc_full.sh > doc.out 2>doc.err; then :; else
+    cat doc.err
+    echo "FAIL" >&2
+    exit 1;
+fi
+
+cat doc.out doc.err | \
+    grep -v "warning: ignoring unsupported tag" \
+    > doc.filtered
+
+if grep -E "(warning|error):" doc.filtered; then
+    echo "FAIL" >&2
+    exit 1;
+fi
+
+make apidoc_clean
+rm -f doc.out doc.err doc.filtered
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/gen_ctr_drbg.pl b/3rdparty/mbedtls-2.28.7/tests/scripts/gen_ctr_drbg.pl
similarity index 84%
rename from 3rdparty/mbedtls-2.25.0/tests/scripts/gen_ctr_drbg.pl
rename to 3rdparty/mbedtls-2.28.7/tests/scripts/gen_ctr_drbg.pl
index 2345b9e..ec5e5d8 100644
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/gen_ctr_drbg.pl
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/gen_ctr_drbg.pl
@@ -5,19 +5,7 @@
 # and concats nonce and personalization for initialization.
 #
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 
 use strict;
 
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/gen_gcm_decrypt.pl b/3rdparty/mbedtls-2.28.7/tests/scripts/gen_gcm_decrypt.pl
similarity index 77%
rename from 3rdparty/mbedtls-2.25.0/tests/scripts/gen_gcm_decrypt.pl
rename to 3rdparty/mbedtls-2.28.7/tests/scripts/gen_gcm_decrypt.pl
index 354e351..30d45c3 100644
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/gen_gcm_decrypt.pl
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/gen_gcm_decrypt.pl
@@ -4,19 +4,7 @@
 # Only first 3 of every set used for compile time saving
 #
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 
 use strict;
 
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/gen_gcm_encrypt.pl b/3rdparty/mbedtls-2.28.7/tests/scripts/gen_gcm_encrypt.pl
similarity index 75%
rename from 3rdparty/mbedtls-2.25.0/tests/scripts/gen_gcm_encrypt.pl
rename to 3rdparty/mbedtls-2.28.7/tests/scripts/gen_gcm_encrypt.pl
index 101456f..b4f0849 100644
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/gen_gcm_encrypt.pl
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/gen_gcm_encrypt.pl
@@ -4,19 +4,7 @@
 # Only first 3 of every set used for compile time saving
 #
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 
 use strict;
 
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/gen_pkcs1_v21_sign_verify.pl b/3rdparty/mbedtls-2.28.7/tests/scripts/gen_pkcs1_v21_sign_verify.pl
new file mode 100644
index 0000000..fe2d3f5
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/gen_pkcs1_v21_sign_verify.pl
@@ -0,0 +1,74 @@
+#!/usr/bin/env perl
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+use strict;
+
+my $file = shift;
+
+open(TEST_DATA, "$file") or die "Opening test cases '$file': $!";
+
+sub get_val($$)
+{
+    my $str = shift;
+    my $name = shift;
+    my $val = "";
+
+    while(my $line = <TEST_DATA>)
+    {
+        next if($line !~ /^# $str/);
+        last;
+    }
+
+    while(my $line = <TEST_DATA>)
+    {
+        last if($line eq "\r\n");
+        $val .= $line;
+    }
+
+    $val =~ s/[ \r\n]//g;
+
+    return $val;
+}
+
+my $state = 0;
+my $val_n = "";
+my $val_e = "";
+my $val_p = "";
+my $val_q = "";
+my $mod = 0;
+my $cnt = 1;
+while (my $line = <TEST_DATA>)
+{
+    next if ($line !~ /^# Example/);
+
+    ( $mod ) = ($line =~ /A (\d+)/);
+    $val_n = get_val("RSA modulus n", "N");
+    $val_e = get_val("RSA public exponent e", "E");
+    $val_p = get_val("Prime p", "P");
+    $val_q = get_val("Prime q", "Q");
+
+    for(my $i = 1; $i <= 6; $i++)
+    {
+        my $val_m = get_val("Message to be", "M");
+        my $val_salt = get_val("Salt", "Salt");
+        my $val_sig = get_val("Signature", "Sig");
+
+        print("RSASSA-PSS Signature Example ${cnt}_${i}\n");
+        print("pkcs1_rsassa_pss_sign:$mod:16:\"$val_p\":16:\"$val_q\":16:\"$val_n\":16:\"$val_e\":SIG_RSA_SHA1:MBEDTLS_MD_SHA1");
+        print(":\"$val_m\"");
+        print(":\"$val_salt\"");
+        print(":\"$val_sig\":0");
+        print("\n\n");
+
+        print("RSASSA-PSS Signature Example ${cnt}_${i} (verify)\n");
+        print("pkcs1_rsassa_pss_verify:$mod:16:\"$val_n\":16:\"$val_e\":SIG_RSA_SHA1:MBEDTLS_MD_SHA1");
+        print(":\"$val_m\"");
+        print(":\"$val_salt\"");
+        print(":\"$val_sig\":0");
+        print("\n\n");
+    }
+    $cnt++;
+}
+close(TEST_DATA);
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/generate-afl-tests.sh b/3rdparty/mbedtls-2.28.7/tests/scripts/generate-afl-tests.sh
new file mode 100644
index 0000000..d4ef0f3
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/generate-afl-tests.sh
@@ -0,0 +1,71 @@
+#!/bin/sh
+
+# This script splits the data test files containing the test cases into
+# individual files (one test case per file) suitable for use with afl
+# (American Fuzzy Lop). http://lcamtuf.coredump.cx/afl/
+#
+# Usage: generate-afl-tests.sh <test data file path>
+#  <test data file path> - should be the path to one of the test suite files
+#                          such as 'test_suite_rsa.data'
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+# Abort on errors
+set -e
+
+if [ -z $1 ]
+then
+    echo " [!] No test file specified" >&2
+    echo "Usage: $0 <test data file>" >&2
+    exit 1
+fi
+
+SRC_FILEPATH=$(dirname $1)/$(basename $1)
+TESTSUITE=$(basename $1 .data)
+
+THIS_DIR=$(basename $PWD)
+
+if [ -d ../library -a -d ../include -a -d ../tests -a $THIS_DIR == "tests" ];
+then :;
+else
+    echo " [!] Must be run from Mbed TLS tests directory" >&2
+    exit 1
+fi
+
+DEST_TESTCASE_DIR=$TESTSUITE-afl-tests
+DEST_OUTPUT_DIR=$TESTSUITE-afl-out
+
+echo " [+] Creating output directories" >&2
+
+if [ -e $DEST_OUTPUT_DIR/* ];
+then :
+    echo " [!] Test output files already exist." >&2
+    exit 1
+else
+    mkdir -p $DEST_OUTPUT_DIR
+fi
+
+if [ -e $DEST_TESTCASE_DIR/* ];
+then :
+    echo " [!] Test output files already exist." >&2
+else
+    mkdir -p $DEST_TESTCASE_DIR
+fi
+
+echo " [+] Creating test cases" >&2
+cd $DEST_TESTCASE_DIR
+
+split -p '^\s*$' ../$SRC_FILEPATH
+
+for f in *;
+do
+    # Strip out any blank lines (no trim on OS X)
+    sed '/^\s*$/d' $f >testcase_$f
+    rm $f
+done
+
+cd ..
+
+echo " [+] Test cases in $DEST_TESTCASE_DIR" >&2
+
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/generate_bignum_tests.py b/3rdparty/mbedtls-2.28.7/tests/scripts/generate_bignum_tests.py
new file mode 100644
index 0000000..6dfb46b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/generate_bignum_tests.py
@@ -0,0 +1,246 @@
+#!/usr/bin/env python3
+"""Generate test data for bignum functions.
+
+With no arguments, generate all test data. With non-option arguments,
+generate only the specified files.
+
+Class structure:
+
+Child classes of test_data_generation.BaseTarget (file targets) represent an output
+file. These indicate where test cases will be written to, for all subclasses of
+this target. Multiple file targets should not reuse a `target_basename`.
+
+Each subclass derived from a file target can either be:
+  - A concrete class, representing a test function, which generates test cases.
+  - An abstract class containing shared methods and attributes, not associated
+        with a test function. An example is BignumOperation, which provides
+        common features used for bignum binary operations.
+
+Both concrete and abstract subclasses can be derived from, to implement
+additional test cases (see BignumCmp and BignumCmpAbs for examples of deriving
+from abstract and concrete classes).
+
+
+Adding test case generation for a function:
+
+A subclass representing the test function should be added, deriving from a
+file target such as BignumTarget. This test class must set/implement the
+following:
+  - test_function: the function name from the associated .function file.
+  - test_name: a descriptive name or brief summary to refer to the test
+        function.
+  - arguments(): a method to generate the list of arguments required for the
+        test_function.
+  - generate_function_test(): a method to generate TestCases for the function.
+        This should create instances of the class with required input data, and
+        call `.create_test_case()` to yield the TestCase.
+
+Additional details and other attributes/methods are given in the documentation
+of BaseTarget in test_data_generation.py.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+import sys
+
+from abc import ABCMeta, abstractmethod
+from typing import Iterator, List, Tuple, TypeVar
+
+import scripts_path # pylint: disable=unused-import
+from mbedtls_dev import test_case
+from mbedtls_dev import test_data_generation
+
+T = TypeVar('T') #pylint: disable=invalid-name
+
+def hex_to_int(val: str) -> int:
+    """Implement the syntax accepted by mbedtls_test_read_mpi().
+
+    This is a superset of what is accepted by mbedtls_test_read_mpi_core().
+    """
+    if val in ['', '-']:
+        return 0
+    return int(val, 16)
+
+def quote_str(val) -> str:
+    return "\"{}\"".format(val)
+
+def combination_pairs(values: List[T]) -> List[Tuple[T, T]]:
+    """Return all pair combinations from input values."""
+    return [(x, y) for x in values for y in values]
+
+class BignumTarget(test_data_generation.BaseTarget, metaclass=ABCMeta):
+    #pylint: disable=abstract-method
+    """Target for bignum (legacy) test case generation."""
+    target_basename = 'test_suite_bignum.generated'
+
+
+class BignumOperation(BignumTarget, metaclass=ABCMeta):
+    """Common features for bignum binary operations.
+
+    This adds functionality common in binary operation tests. This includes
+    generation of case descriptions, using descriptions of values and symbols
+    to represent the operation or result.
+
+    Attributes:
+        symbol: Symbol used for the operation in case description.
+        input_values: List of values to use as test case inputs. These are
+            combined to produce pairs of values.
+        input_cases: List of tuples containing pairs of test case inputs. This
+            can be used to implement specific pairs of inputs.
+    """
+    symbol = ""
+    input_values = [
+        "", "0", "-", "-0",
+        "7b", "-7b",
+        "0000000000000000123", "-0000000000000000123",
+        "1230000000000000000", "-1230000000000000000"
+    ] # type: List[str]
+    input_cases = [] # type: List[Tuple[str, str]]
+
+    def __init__(self, val_a: str, val_b: str) -> None:
+        self.arg_a = val_a
+        self.arg_b = val_b
+        self.int_a = hex_to_int(val_a)
+        self.int_b = hex_to_int(val_b)
+
+    def arguments(self) -> List[str]:
+        return [quote_str(self.arg_a), quote_str(self.arg_b), self.result()]
+
+    def description_suffix(self) -> str:
+        #pylint: disable=no-self-use # derived classes need self
+        """Text to add at the end of the test case description."""
+        return ""
+
+    def description(self) -> str:
+        """Generate a description for the test case.
+
+        If not set, case_description uses the form A `symbol` B, where symbol
+        is used to represent the operation. Descriptions of each value are
+        generated to provide some context to the test case.
+        """
+        if not self.case_description:
+            self.case_description = "{} {} {}".format(
+                self.value_description(self.arg_a),
+                self.symbol,
+                self.value_description(self.arg_b)
+            )
+            description_suffix = self.description_suffix()
+            if description_suffix:
+                self.case_description += " " + description_suffix
+        return super().description()
+
+    @abstractmethod
+    def result(self) -> str:
+        """Get the result of the operation.
+
+        This could be calculated during initialization and stored as `_result`
+        and then returned, or calculated when the method is called.
+        """
+        raise NotImplementedError
+
+    @staticmethod
+    def value_description(val) -> str:
+        """Generate a description of the argument val.
+
+        This produces a simple description of the value, which is used in test
+        case naming to add context.
+        """
+        if val == "":
+            return "0 (null)"
+        if val == "-":
+            return "negative 0 (null)"
+        if val == "0":
+            return "0 (1 limb)"
+
+        if val[0] == "-":
+            tmp = "negative"
+            val = val[1:]
+        else:
+            tmp = "positive"
+        if val[0] == "0":
+            tmp += " with leading zero limb"
+        elif len(val) > 10:
+            tmp = "large " + tmp
+        return tmp
+
+    @classmethod
+    def get_value_pairs(cls) -> Iterator[Tuple[str, str]]:
+        """Generator to yield pairs of inputs.
+
+        Combinations are first generated from all input values, and then
+        specific cases provided.
+        """
+        yield from combination_pairs(cls.input_values)
+        yield from cls.input_cases
+
+    @classmethod
+    def generate_function_tests(cls) -> Iterator[test_case.TestCase]:
+        for a_value, b_value in cls.get_value_pairs():
+            cur_op = cls(a_value, b_value)
+            yield cur_op.create_test_case()
+
+
+class BignumCmp(BignumOperation):
+    """Test cases for bignum value comparison."""
+    count = 0
+    test_function = "mpi_cmp_mpi"
+    test_name = "MPI compare"
+    input_cases = [
+        ("-2", "-3"),
+        ("-2", "-2"),
+        ("2b4", "2b5"),
+        ("2b5", "2b6")
+        ]
+
+    def __init__(self, val_a, val_b) -> None:
+        super().__init__(val_a, val_b)
+        self._result = int(self.int_a > self.int_b) - int(self.int_a < self.int_b)
+        self.symbol = ["<", "==", ">"][self._result + 1]
+
+    def result(self) -> str:
+        return str(self._result)
+
+
+class BignumCmpAbs(BignumCmp):
+    """Test cases for absolute bignum value comparison."""
+    count = 0
+    test_function = "mpi_cmp_abs"
+    test_name = "MPI compare (abs)"
+
+    def __init__(self, val_a, val_b) -> None:
+        super().__init__(val_a.strip("-"), val_b.strip("-"))
+
+
+class BignumAdd(BignumOperation):
+    """Test cases for bignum value addition."""
+    count = 0
+    symbol = "+"
+    test_function = "mpi_add_mpi"
+    test_name = "MPI add"
+    input_cases = combination_pairs(
+        [
+            "1c67967269c6", "9cde3",
+            "-1c67967269c6", "-9cde3",
+        ]
+    )
+
+    def __init__(self, val_a: str, val_b: str) -> None:
+        super().__init__(val_a, val_b)
+        self._result = self.int_a + self.int_b
+
+    def description_suffix(self) -> str:
+        if (self.int_a >= 0 and self.int_b >= 0):
+            return "" # obviously positive result or 0
+        if (self.int_a <= 0 and self.int_b <= 0):
+            return "" # obviously negative result or 0
+        # The sign of the result is not obvious, so indicate it
+        return ", result{}0".format('>' if self._result > 0 else
+                                    '<' if self._result < 0 else '=')
+
+    def result(self) -> str:
+        return quote_str("{:x}".format(self._result))
+
+if __name__ == '__main__':
+    # Use the section of the docstring relevant to the CLI as description
+    test_data_generation.main(sys.argv[1:], "\n".join(__doc__.splitlines()[:4]))
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/generate_psa_tests.py b/3rdparty/mbedtls-2.28.7/tests/scripts/generate_psa_tests.py
new file mode 100644
index 0000000..955a5f3
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/generate_psa_tests.py
@@ -0,0 +1,910 @@
+#!/usr/bin/env python3
+"""Generate test data for PSA cryptographic mechanisms.
+
+With no arguments, generate all test data. With non-option arguments,
+generate only the specified files.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+import enum
+import re
+import sys
+from typing import Callable, Dict, FrozenSet, Iterable, Iterator, List, Optional
+
+import scripts_path # pylint: disable=unused-import
+from mbedtls_dev import crypto_knowledge
+from mbedtls_dev import macro_collector
+from mbedtls_dev import psa_storage
+from mbedtls_dev import test_case
+from mbedtls_dev import test_data_generation
+
+
+def psa_want_symbol(name: str) -> str:
+    """Return the PSA_WANT_xxx symbol associated with a PSA crypto feature."""
+    if name.startswith('PSA_'):
+        return name[:4] + 'WANT_' + name[4:]
+    else:
+        raise ValueError('Unable to determine the PSA_WANT_ symbol for ' + name)
+
+def finish_family_dependency(dep: str, bits: int) -> str:
+    """Finish dep if it's a family dependency symbol prefix.
+
+    A family dependency symbol prefix is a PSA_WANT_ symbol that needs to be
+    qualified by the key size. If dep is such a symbol, finish it by adjusting
+    the prefix and appending the key size. Other symbols are left unchanged.
+    """
+    return re.sub(r'_FAMILY_(.*)', r'_\1_' + str(bits), dep)
+
+def finish_family_dependencies(dependencies: List[str], bits: int) -> List[str]:
+    """Finish any family dependency symbol prefixes.
+
+    Apply `finish_family_dependency` to each element of `dependencies`.
+    """
+    return [finish_family_dependency(dep, bits) for dep in dependencies]
+
+SYMBOLS_WITHOUT_DEPENDENCY = frozenset([
+    'PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG', # modifier, only in policies
+    'PSA_ALG_AEAD_WITH_SHORTENED_TAG', # modifier
+    'PSA_ALG_ANY_HASH', # only in policies
+    'PSA_ALG_AT_LEAST_THIS_LENGTH_MAC', # modifier, only in policies
+    'PSA_ALG_KEY_AGREEMENT', # chaining
+    'PSA_ALG_TRUNCATED_MAC', # modifier
+])
+def automatic_dependencies(*expressions: str) -> List[str]:
+    """Infer dependencies of a test case by looking for PSA_xxx symbols.
+
+    The arguments are strings which should be C expressions. Do not use
+    string literals or comments as this function is not smart enough to
+    skip them.
+    """
+    used = set()
+    for expr in expressions:
+        used.update(re.findall(r'PSA_(?:ALG|ECC_FAMILY|KEY_TYPE)_\w+', expr))
+    used.difference_update(SYMBOLS_WITHOUT_DEPENDENCY)
+    return sorted(psa_want_symbol(name) for name in used)
+
+# A temporary hack: at the time of writing, not all dependency symbols
+# are implemented yet. Skip test cases for which the dependency symbols are
+# not available. Once all dependency symbols are available, this hack must
+# be removed so that a bug in the dependency symbols properly leads to a test
+# failure.
+def read_implemented_dependencies(filename: str) -> FrozenSet[str]:
+    return frozenset(symbol
+                     for line in open(filename)
+                     for symbol in re.findall(r'\bPSA_WANT_\w+\b', line))
+_implemented_dependencies = None #type: Optional[FrozenSet[str]] #pylint: disable=invalid-name
+def hack_dependencies_not_implemented(dependencies: List[str]) -> None:
+    global _implemented_dependencies #pylint: disable=global-statement,invalid-name
+    if _implemented_dependencies is None:
+        _implemented_dependencies = \
+            read_implemented_dependencies('include/psa/crypto_config.h')
+    if not all((dep.lstrip('!') in _implemented_dependencies or 'PSA_WANT' not in dep)
+               for dep in dependencies):
+        dependencies.append('DEPENDENCY_NOT_IMPLEMENTED_YET')
+
+
+class Information:
+    """Gather information about PSA constructors."""
+
+    def __init__(self) -> None:
+        self.constructors = self.read_psa_interface()
+
+    @staticmethod
+    def remove_unwanted_macros(
+            constructors: macro_collector.PSAMacroEnumerator
+    ) -> None:
+        # Mbed TLS doesn't support finite-field DH yet and will not support
+        # finite-field DSA. Don't attempt to generate any related test case.
+        constructors.key_types.discard('PSA_KEY_TYPE_DH_KEY_PAIR')
+        constructors.key_types.discard('PSA_KEY_TYPE_DH_PUBLIC_KEY')
+        constructors.key_types.discard('PSA_KEY_TYPE_DSA_KEY_PAIR')
+        constructors.key_types.discard('PSA_KEY_TYPE_DSA_PUBLIC_KEY')
+
+    def read_psa_interface(self) -> macro_collector.PSAMacroEnumerator:
+        """Return the list of known key types, algorithms, etc."""
+        constructors = macro_collector.InputsForTest()
+        header_file_names = ['include/psa/crypto_values.h',
+                             'include/psa/crypto_extra.h']
+        test_suites = ['tests/suites/test_suite_psa_crypto_metadata.data']
+        for header_file_name in header_file_names:
+            constructors.parse_header(header_file_name)
+        for test_cases in test_suites:
+            constructors.parse_test_cases(test_cases)
+        self.remove_unwanted_macros(constructors)
+        constructors.gather_arguments()
+        return constructors
+
+
+def test_case_for_key_type_not_supported(
+        verb: str, key_type: str, bits: int,
+        dependencies: List[str],
+        *args: str,
+        param_descr: str = ''
+) -> test_case.TestCase:
+    """Return one test case exercising a key creation method
+    for an unsupported key type or size.
+    """
+    hack_dependencies_not_implemented(dependencies)
+    tc = test_case.TestCase()
+    short_key_type = crypto_knowledge.short_expression(key_type)
+    adverb = 'not' if dependencies else 'never'
+    if param_descr:
+        adverb = param_descr + ' ' + adverb
+    tc.set_description('PSA {} {} {}-bit {} supported'
+                       .format(verb, short_key_type, bits, adverb))
+    tc.set_dependencies(dependencies)
+    tc.set_function(verb + '_not_supported')
+    tc.set_arguments([key_type] + list(args))
+    return tc
+
+class KeyTypeNotSupported:
+    """Generate test cases for when a key type is not supported."""
+
+    def __init__(self, info: Information) -> None:
+        self.constructors = info.constructors
+
+    ALWAYS_SUPPORTED = frozenset([
+        'PSA_KEY_TYPE_DERIVE',
+        'PSA_KEY_TYPE_RAW_DATA',
+    ])
+    def test_cases_for_key_type_not_supported(
+            self,
+            kt: crypto_knowledge.KeyType,
+            param: Optional[int] = None,
+            param_descr: str = '',
+    ) -> Iterator[test_case.TestCase]:
+        """Return test cases exercising key creation when the given type is unsupported.
+
+        If param is present and not None, emit test cases conditioned on this
+        parameter not being supported. If it is absent or None, emit test cases
+        conditioned on the base type not being supported.
+        """
+        if kt.name in self.ALWAYS_SUPPORTED:
+            # Don't generate test cases for key types that are always supported.
+            # They would be skipped in all configurations, which is noise.
+            return
+        import_dependencies = [('!' if param is None else '') +
+                               psa_want_symbol(kt.name)]
+        if kt.params is not None:
+            import_dependencies += [('!' if param == i else '') +
+                                    psa_want_symbol(sym)
+                                    for i, sym in enumerate(kt.params)]
+        if kt.name.endswith('_PUBLIC_KEY'):
+            generate_dependencies = []
+        else:
+            generate_dependencies = import_dependencies
+        for bits in kt.sizes_to_test():
+            yield test_case_for_key_type_not_supported(
+                'import', kt.expression, bits,
+                finish_family_dependencies(import_dependencies, bits),
+                test_case.hex_string(kt.key_material(bits)),
+                param_descr=param_descr,
+            )
+            if not generate_dependencies and param is not None:
+                # If generation is impossible for this key type, rather than
+                # supported or not depending on implementation capabilities,
+                # only generate the test case once.
+                continue
+                # For public key we expect that key generation fails with
+                # INVALID_ARGUMENT. It is handled by KeyGenerate class.
+            if not kt.is_public():
+                yield test_case_for_key_type_not_supported(
+                    'generate', kt.expression, bits,
+                    finish_family_dependencies(generate_dependencies, bits),
+                    str(bits),
+                    param_descr=param_descr,
+                )
+            # To be added: derive
+
+    ECC_KEY_TYPES = ('PSA_KEY_TYPE_ECC_KEY_PAIR',
+                     'PSA_KEY_TYPE_ECC_PUBLIC_KEY')
+
+    def test_cases_for_not_supported(self) -> Iterator[test_case.TestCase]:
+        """Generate test cases that exercise the creation of keys of unsupported types."""
+        for key_type in sorted(self.constructors.key_types):
+            if key_type in self.ECC_KEY_TYPES:
+                continue
+            kt = crypto_knowledge.KeyType(key_type)
+            yield from self.test_cases_for_key_type_not_supported(kt)
+        for curve_family in sorted(self.constructors.ecc_curves):
+            for constr in self.ECC_KEY_TYPES:
+                kt = crypto_knowledge.KeyType(constr, [curve_family])
+                yield from self.test_cases_for_key_type_not_supported(
+                    kt, param_descr='type')
+                yield from self.test_cases_for_key_type_not_supported(
+                    kt, 0, param_descr='curve')
+
+def test_case_for_key_generation(
+        key_type: str, bits: int,
+        dependencies: List[str],
+        *args: str,
+        result: str = ''
+) -> test_case.TestCase:
+    """Return one test case exercising a key generation.
+    """
+    hack_dependencies_not_implemented(dependencies)
+    tc = test_case.TestCase()
+    short_key_type = crypto_knowledge.short_expression(key_type)
+    tc.set_description('PSA {} {}-bit'
+                       .format(short_key_type, bits))
+    tc.set_dependencies(dependencies)
+    tc.set_function('generate_key')
+    tc.set_arguments([key_type] + list(args) + [result])
+
+    return tc
+
+class KeyGenerate:
+    """Generate positive and negative (invalid argument) test cases for key generation."""
+
+    def __init__(self, info: Information) -> None:
+        self.constructors = info.constructors
+
+    ECC_KEY_TYPES = ('PSA_KEY_TYPE_ECC_KEY_PAIR',
+                     'PSA_KEY_TYPE_ECC_PUBLIC_KEY')
+
+    @staticmethod
+    def test_cases_for_key_type_key_generation(
+            kt: crypto_knowledge.KeyType
+    ) -> Iterator[test_case.TestCase]:
+        """Return test cases exercising key generation.
+
+        All key types can be generated except for public keys. For public key
+        PSA_ERROR_INVALID_ARGUMENT status is expected.
+        """
+        result = 'PSA_SUCCESS'
+
+        import_dependencies = [psa_want_symbol(kt.name)]
+        if kt.params is not None:
+            import_dependencies += [psa_want_symbol(sym)
+                                    for i, sym in enumerate(kt.params)]
+        if kt.name.endswith('_PUBLIC_KEY'):
+            # The library checks whether the key type is a public key generically,
+            # before it reaches a point where it needs support for the specific key
+            # type, so it returns INVALID_ARGUMENT for unsupported public key types.
+            generate_dependencies = []
+            result = 'PSA_ERROR_INVALID_ARGUMENT'
+        else:
+            generate_dependencies = import_dependencies
+            if kt.name == 'PSA_KEY_TYPE_RSA_KEY_PAIR':
+                generate_dependencies.append("MBEDTLS_GENPRIME")
+        for bits in kt.sizes_to_test():
+            yield test_case_for_key_generation(
+                kt.expression, bits,
+                finish_family_dependencies(generate_dependencies, bits),
+                str(bits),
+                result
+            )
+
+    def test_cases_for_key_generation(self) -> Iterator[test_case.TestCase]:
+        """Generate test cases that exercise the generation of keys."""
+        for key_type in sorted(self.constructors.key_types):
+            if key_type in self.ECC_KEY_TYPES:
+                continue
+            kt = crypto_knowledge.KeyType(key_type)
+            yield from self.test_cases_for_key_type_key_generation(kt)
+        for curve_family in sorted(self.constructors.ecc_curves):
+            for constr in self.ECC_KEY_TYPES:
+                kt = crypto_knowledge.KeyType(constr, [curve_family])
+                yield from self.test_cases_for_key_type_key_generation(kt)
+
+class OpFail:
+    """Generate test cases for operations that must fail."""
+    #pylint: disable=too-few-public-methods
+
+    class Reason(enum.Enum):
+        NOT_SUPPORTED = 0
+        INVALID = 1
+        INCOMPATIBLE = 2
+        PUBLIC = 3
+
+    def __init__(self, info: Information) -> None:
+        self.constructors = info.constructors
+        key_type_expressions = self.constructors.generate_expressions(
+            sorted(self.constructors.key_types)
+        )
+        self.key_types = [crypto_knowledge.KeyType(kt_expr)
+                          for kt_expr in key_type_expressions]
+
+    def make_test_case(
+            self,
+            alg: crypto_knowledge.Algorithm,
+            category: crypto_knowledge.AlgorithmCategory,
+            reason: 'Reason',
+            kt: Optional[crypto_knowledge.KeyType] = None,
+            not_deps: FrozenSet[str] = frozenset(),
+    ) -> test_case.TestCase:
+        """Construct a failure test case for a one-key or keyless operation."""
+        #pylint: disable=too-many-arguments,too-many-locals
+        tc = test_case.TestCase()
+        pretty_alg = alg.short_expression()
+        if reason == self.Reason.NOT_SUPPORTED:
+            short_deps = [re.sub(r'PSA_WANT_ALG_', r'', dep)
+                          for dep in not_deps]
+            pretty_reason = '!' + '&'.join(sorted(short_deps))
+        else:
+            pretty_reason = reason.name.lower()
+        if kt:
+            key_type = kt.expression
+            pretty_type = kt.short_expression()
+        else:
+            key_type = ''
+            pretty_type = ''
+        tc.set_description('PSA {} {}: {}{}'
+                           .format(category.name.lower(),
+                                   pretty_alg,
+                                   pretty_reason,
+                                   ' with ' + pretty_type if pretty_type else ''))
+        dependencies = automatic_dependencies(alg.base_expression, key_type)
+        for i, dep in enumerate(dependencies):
+            if dep in not_deps:
+                dependencies[i] = '!' + dep
+        tc.set_dependencies(dependencies)
+        tc.set_function(category.name.lower() + '_fail')
+        arguments = [] # type: List[str]
+        if kt:
+            key_material = kt.key_material(kt.sizes_to_test()[0])
+            arguments += [key_type, test_case.hex_string(key_material)]
+        arguments.append(alg.expression)
+        if category.is_asymmetric():
+            arguments.append('1' if reason == self.Reason.PUBLIC else '0')
+        error = ('NOT_SUPPORTED' if reason == self.Reason.NOT_SUPPORTED else
+                 'INVALID_ARGUMENT')
+        arguments.append('PSA_ERROR_' + error)
+        tc.set_arguments(arguments)
+        return tc
+
+    def no_key_test_cases(
+            self,
+            alg: crypto_knowledge.Algorithm,
+            category: crypto_knowledge.AlgorithmCategory,
+    ) -> Iterator[test_case.TestCase]:
+        """Generate failure test cases for keyless operations with the specified algorithm."""
+        if alg.can_do(category):
+            # Compatible operation, unsupported algorithm
+            for dep in automatic_dependencies(alg.base_expression):
+                yield self.make_test_case(alg, category,
+                                          self.Reason.NOT_SUPPORTED,
+                                          not_deps=frozenset([dep]))
+        else:
+            # Incompatible operation, supported algorithm
+            yield self.make_test_case(alg, category, self.Reason.INVALID)
+
+    def one_key_test_cases(
+            self,
+            alg: crypto_knowledge.Algorithm,
+            category: crypto_knowledge.AlgorithmCategory,
+    ) -> Iterator[test_case.TestCase]:
+        """Generate failure test cases for one-key operations with the specified algorithm."""
+        for kt in self.key_types:
+            key_is_compatible = kt.can_do(alg)
+            if key_is_compatible and alg.can_do(category):
+                # Compatible key and operation, unsupported algorithm
+                for dep in automatic_dependencies(alg.base_expression):
+                    yield self.make_test_case(alg, category,
+                                              self.Reason.NOT_SUPPORTED,
+                                              kt=kt, not_deps=frozenset([dep]))
+                # Public key for a private-key operation
+                if category.is_asymmetric() and kt.is_public():
+                    yield self.make_test_case(alg, category,
+                                              self.Reason.PUBLIC,
+                                              kt=kt)
+            elif key_is_compatible:
+                # Compatible key, incompatible operation, supported algorithm
+                yield self.make_test_case(alg, category,
+                                          self.Reason.INVALID,
+                                          kt=kt)
+            elif alg.can_do(category):
+                # Incompatible key, compatible operation, supported algorithm
+                yield self.make_test_case(alg, category,
+                                          self.Reason.INCOMPATIBLE,
+                                          kt=kt)
+            else:
+                # Incompatible key and operation. Don't test cases where
+                # multiple things are wrong, to keep the number of test
+                # cases reasonable.
+                pass
+
+    def test_cases_for_algorithm(
+            self,
+            alg: crypto_knowledge.Algorithm,
+    ) -> Iterator[test_case.TestCase]:
+        """Generate operation failure test cases for the specified algorithm."""
+        for category in crypto_knowledge.AlgorithmCategory:
+            if category == crypto_knowledge.AlgorithmCategory.PAKE:
+                # PAKE operations are not implemented yet
+                pass
+            elif category.requires_key():
+                yield from self.one_key_test_cases(alg, category)
+            else:
+                yield from self.no_key_test_cases(alg, category)
+
+    def all_test_cases(self) -> Iterator[test_case.TestCase]:
+        """Generate all test cases for operations that must fail."""
+        algorithms = sorted(self.constructors.algorithms)
+        for expr in self.constructors.generate_expressions(algorithms):
+            alg = crypto_knowledge.Algorithm(expr)
+            yield from self.test_cases_for_algorithm(alg)
+
+
+class StorageKey(psa_storage.Key):
+    """Representation of a key for storage format testing."""
+
+    IMPLICIT_USAGE_FLAGS = {
+        'PSA_KEY_USAGE_SIGN_HASH': 'PSA_KEY_USAGE_SIGN_MESSAGE',
+        'PSA_KEY_USAGE_VERIFY_HASH': 'PSA_KEY_USAGE_VERIFY_MESSAGE'
+    } #type: Dict[str, str]
+    """Mapping of usage flags to the flags that they imply."""
+
+    def __init__(
+            self,
+            usage: Iterable[str],
+            without_implicit_usage: Optional[bool] = False,
+            **kwargs
+    ) -> None:
+        """Prepare to generate a key.
+
+        * `usage`                 : The usage flags used for the key.
+        * `without_implicit_usage`: Flag to define to apply the usage extension
+        """
+        usage_flags = set(usage)
+        if not without_implicit_usage:
+            for flag in sorted(usage_flags):
+                if flag in self.IMPLICIT_USAGE_FLAGS:
+                    usage_flags.add(self.IMPLICIT_USAGE_FLAGS[flag])
+        if usage_flags:
+            usage_expression = ' | '.join(sorted(usage_flags))
+        else:
+            usage_expression = '0'
+        super().__init__(usage=usage_expression, **kwargs)
+
+class StorageTestData(StorageKey):
+    """Representation of test case data for storage format testing."""
+
+    def __init__(
+            self,
+            description: str,
+            expected_usage: Optional[List[str]] = None,
+            **kwargs
+    ) -> None:
+        """Prepare to generate test data
+
+        * `description`   : used for the the test case names
+        * `expected_usage`: the usage flags generated as the expected usage flags
+                            in the test cases. CAn differ from the usage flags
+                            stored in the keys because of the usage flags extension.
+        """
+        super().__init__(**kwargs)
+        self.description = description #type: str
+        if expected_usage is None:
+            self.expected_usage = self.usage #type: psa_storage.Expr
+        elif expected_usage:
+            self.expected_usage = psa_storage.Expr(' | '.join(expected_usage))
+        else:
+            self.expected_usage = psa_storage.Expr(0)
+
+class StorageFormat:
+    """Storage format stability test cases."""
+
+    def __init__(self, info: Information, version: int, forward: bool) -> None:
+        """Prepare to generate test cases for storage format stability.
+
+        * `info`: information about the API. See the `Information` class.
+        * `version`: the storage format version to generate test cases for.
+        * `forward`: if true, generate forward compatibility test cases which
+          save a key and check that its representation is as intended. Otherwise
+          generate backward compatibility test cases which inject a key
+          representation and check that it can be read and used.
+        """
+        self.constructors = info.constructors #type: macro_collector.PSAMacroEnumerator
+        self.version = version #type: int
+        self.forward = forward #type: bool
+
+    RSA_OAEP_RE = re.compile(r'PSA_ALG_RSA_OAEP\((.*)\)\Z')
+    BRAINPOOL_RE = re.compile(r'PSA_KEY_TYPE_\w+\(PSA_ECC_FAMILY_BRAINPOOL_\w+\)\Z')
+    @classmethod
+    def exercise_key_with_algorithm(
+            cls,
+            key_type: psa_storage.Expr, bits: int,
+            alg: psa_storage.Expr
+    ) -> bool:
+        """Whether to exercise the given key with the given algorithm.
+
+        Normally only the type and algorithm matter for compatibility, and
+        this is handled in crypto_knowledge.KeyType.can_do(). This function
+        exists to detect exceptional cases. Exceptional cases detected here
+        are not tested in OpFail and should therefore have manually written
+        test cases.
+        """
+        # Some test keys have the RAW_DATA type and attributes that don't
+        # necessarily make sense. We do this to validate numerical
+        # encodings of the attributes.
+        # Raw data keys have no useful exercise anyway so there is no
+        # loss of test coverage.
+        if key_type.string == 'PSA_KEY_TYPE_RAW_DATA':
+            return False
+        # Mbed TLS only supports 128-bit keys for RC4.
+        if key_type.string == 'PSA_KEY_TYPE_ARC4' and bits != 128:
+            return False
+        # OAEP requires room for two hashes plus wrapping
+        m = cls.RSA_OAEP_RE.match(alg.string)
+        if m:
+            hash_alg = m.group(1)
+            hash_length = crypto_knowledge.Algorithm.hash_length(hash_alg)
+            key_length = (bits + 7) // 8
+            # Leave enough room for at least one byte of plaintext
+            return key_length > 2 * hash_length + 2
+        # There's nothing wrong with ECC keys on Brainpool curves,
+        # but operations with them are very slow. So we only exercise them
+        # with a single algorithm, not with all possible hashes. We do
+        # exercise other curves with all algorithms so test coverage is
+        # perfectly adequate like this.
+        m = cls.BRAINPOOL_RE.match(key_type.string)
+        if m and alg.string != 'PSA_ALG_ECDSA_ANY':
+            return False
+        return True
+
+    def make_test_case(self, key: StorageTestData) -> test_case.TestCase:
+        """Construct a storage format test case for the given key.
+
+        If ``forward`` is true, generate a forward compatibility test case:
+        create a key and validate that it has the expected representation.
+        Otherwise generate a backward compatibility test case: inject the
+        key representation into storage and validate that it can be read
+        correctly.
+        """
+        verb = 'save' if self.forward else 'read'
+        tc = test_case.TestCase()
+        tc.set_description(verb + ' ' + key.description)
+        dependencies = automatic_dependencies(
+            key.lifetime.string, key.type.string,
+            key.alg.string, key.alg2.string,
+        )
+        dependencies = finish_family_dependencies(dependencies, key.bits)
+        tc.set_dependencies(dependencies)
+        tc.set_function('key_storage_' + verb)
+        if self.forward:
+            extra_arguments = []
+        else:
+            flags = []
+            if self.exercise_key_with_algorithm(key.type, key.bits, key.alg):
+                flags.append('TEST_FLAG_EXERCISE')
+            if 'READ_ONLY' in key.lifetime.string:
+                flags.append('TEST_FLAG_READ_ONLY')
+            extra_arguments = [' | '.join(flags) if flags else '0']
+        tc.set_arguments([key.lifetime.string,
+                          key.type.string, str(key.bits),
+                          key.expected_usage.string,
+                          key.alg.string, key.alg2.string,
+                          '"' + key.material.hex() + '"',
+                          '"' + key.hex() + '"',
+                          *extra_arguments])
+        return tc
+
+    def key_for_lifetime(
+            self,
+            lifetime: str,
+    ) -> StorageTestData:
+        """Construct a test key for the given lifetime."""
+        short = lifetime
+        short = re.sub(r'PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION',
+                       r'', short)
+        short = crypto_knowledge.short_expression(short)
+        description = 'lifetime: ' + short
+        key = StorageTestData(version=self.version,
+                              id=1, lifetime=lifetime,
+                              type='PSA_KEY_TYPE_RAW_DATA', bits=8,
+                              usage=['PSA_KEY_USAGE_EXPORT'], alg=0, alg2=0,
+                              material=b'L',
+                              description=description)
+        return key
+
+    def all_keys_for_lifetimes(self) -> Iterator[StorageTestData]:
+        """Generate test keys covering lifetimes."""
+        lifetimes = sorted(self.constructors.lifetimes)
+        expressions = self.constructors.generate_expressions(lifetimes)
+        for lifetime in expressions:
+            # Don't attempt to create or load a volatile key in storage
+            if 'VOLATILE' in lifetime:
+                continue
+            # Don't attempt to create a read-only key in storage,
+            # but do attempt to load one.
+            if 'READ_ONLY' in lifetime and self.forward:
+                continue
+            yield self.key_for_lifetime(lifetime)
+
+    def key_for_usage_flags(
+            self,
+            usage_flags: List[str],
+            short: Optional[str] = None,
+            test_implicit_usage: Optional[bool] = True
+    ) -> StorageTestData:
+        """Construct a test key for the given key usage."""
+        extra_desc = ' without implication' if test_implicit_usage else ''
+        description = 'usage' + extra_desc + ': '
+        key1 = StorageTestData(version=self.version,
+                               id=1, lifetime=0x00000001,
+                               type='PSA_KEY_TYPE_RAW_DATA', bits=8,
+                               expected_usage=usage_flags,
+                               without_implicit_usage=not test_implicit_usage,
+                               usage=usage_flags, alg=0, alg2=0,
+                               material=b'K',
+                               description=description)
+        if short is None:
+            usage_expr = key1.expected_usage.string
+            key1.description += crypto_knowledge.short_expression(usage_expr)
+        else:
+            key1.description += short
+        return key1
+
+    def generate_keys_for_usage_flags(self, **kwargs) -> Iterator[StorageTestData]:
+        """Generate test keys covering usage flags."""
+        known_flags = sorted(self.constructors.key_usage_flags)
+        yield self.key_for_usage_flags(['0'], **kwargs)
+        for usage_flag in known_flags:
+            yield self.key_for_usage_flags([usage_flag], **kwargs)
+        for flag1, flag2 in zip(known_flags,
+                                known_flags[1:] + [known_flags[0]]):
+            yield self.key_for_usage_flags([flag1, flag2], **kwargs)
+
+    def generate_key_for_all_usage_flags(self) -> Iterator[StorageTestData]:
+        known_flags = sorted(self.constructors.key_usage_flags)
+        yield self.key_for_usage_flags(known_flags, short='all known')
+
+    def all_keys_for_usage_flags(self) -> Iterator[StorageTestData]:
+        yield from self.generate_keys_for_usage_flags()
+        yield from self.generate_key_for_all_usage_flags()
+
+    def key_for_type_and_alg(
+            self,
+            kt: crypto_knowledge.KeyType,
+            bits: int,
+            alg: Optional[crypto_knowledge.Algorithm] = None,
+    ) -> StorageTestData:
+        """Construct a test key of the given type.
+
+        If alg is not None, this key allows it.
+        """
+        usage_flags = ['PSA_KEY_USAGE_EXPORT']
+        alg1 = 0 #type: psa_storage.Exprable
+        alg2 = 0
+        if alg is not None:
+            alg1 = alg.expression
+            usage_flags += alg.usage_flags(public=kt.is_public())
+        key_material = kt.key_material(bits)
+        description = 'type: {} {}-bit'.format(kt.short_expression(1), bits)
+        if alg is not None:
+            description += ', ' + alg.short_expression(1)
+        key = StorageTestData(version=self.version,
+                              id=1, lifetime=0x00000001,
+                              type=kt.expression, bits=bits,
+                              usage=usage_flags, alg=alg1, alg2=alg2,
+                              material=key_material,
+                              description=description)
+        return key
+
+    def keys_for_type(
+            self,
+            key_type: str,
+            all_algorithms: List[crypto_knowledge.Algorithm],
+    ) -> Iterator[StorageTestData]:
+        """Generate test keys for the given key type."""
+        kt = crypto_knowledge.KeyType(key_type)
+        for bits in kt.sizes_to_test():
+            # Test a non-exercisable key, as well as exercisable keys for
+            # each compatible algorithm.
+            # To do: test reading a key from storage with an incompatible
+            # or unsupported algorithm.
+            yield self.key_for_type_and_alg(kt, bits)
+            compatible_algorithms = [alg for alg in all_algorithms
+                                     if kt.can_do(alg)]
+            for alg in compatible_algorithms:
+                yield self.key_for_type_and_alg(kt, bits, alg)
+
+    def all_keys_for_types(self) -> Iterator[StorageTestData]:
+        """Generate test keys covering key types and their representations."""
+        key_types = sorted(self.constructors.key_types)
+        all_algorithms = [crypto_knowledge.Algorithm(alg)
+                          for alg in self.constructors.generate_expressions(
+                              sorted(self.constructors.algorithms)
+                          )]
+        for key_type in self.constructors.generate_expressions(key_types):
+            yield from self.keys_for_type(key_type, all_algorithms)
+
+    def keys_for_algorithm(self, alg: str) -> Iterator[StorageTestData]:
+        """Generate test keys for the encoding of the specified algorithm."""
+        # These test cases only validate the encoding of algorithms, not
+        # whether the key read from storage is suitable for an operation.
+        # `keys_for_types` generate read tests with an algorithm and a
+        # compatible key.
+        descr = crypto_knowledge.short_expression(alg, 1)
+        usage = ['PSA_KEY_USAGE_EXPORT']
+        key1 = StorageTestData(version=self.version,
+                               id=1, lifetime=0x00000001,
+                               type='PSA_KEY_TYPE_RAW_DATA', bits=8,
+                               usage=usage, alg=alg, alg2=0,
+                               material=b'K',
+                               description='alg: ' + descr)
+        yield key1
+        key2 = StorageTestData(version=self.version,
+                               id=1, lifetime=0x00000001,
+                               type='PSA_KEY_TYPE_RAW_DATA', bits=8,
+                               usage=usage, alg=0, alg2=alg,
+                               material=b'L',
+                               description='alg2: ' + descr)
+        yield key2
+
+    def all_keys_for_algorithms(self) -> Iterator[StorageTestData]:
+        """Generate test keys covering algorithm encodings."""
+        algorithms = sorted(self.constructors.algorithms)
+        for alg in self.constructors.generate_expressions(algorithms):
+            yield from self.keys_for_algorithm(alg)
+
+    def generate_all_keys(self) -> Iterator[StorageTestData]:
+        """Generate all keys for the test cases."""
+        yield from self.all_keys_for_lifetimes()
+        yield from self.all_keys_for_usage_flags()
+        yield from self.all_keys_for_types()
+        yield from self.all_keys_for_algorithms()
+
+    def all_test_cases(self) -> Iterator[test_case.TestCase]:
+        """Generate all storage format test cases."""
+        # First build a list of all keys, then construct all the corresponding
+        # test cases. This allows all required information to be obtained in
+        # one go, which is a significant performance gain as the information
+        # includes numerical values obtained by compiling a C program.
+        all_keys = list(self.generate_all_keys())
+        for key in all_keys:
+            if key.location_value() != 0:
+                # Skip keys with a non-default location, because they
+                # require a driver and we currently have no mechanism to
+                # determine whether a driver is available.
+                continue
+            yield self.make_test_case(key)
+
+class StorageFormatForward(StorageFormat):
+    """Storage format stability test cases for forward compatibility."""
+
+    def __init__(self, info: Information, version: int) -> None:
+        super().__init__(info, version, True)
+
+class StorageFormatV0(StorageFormat):
+    """Storage format stability test cases for version 0 compatibility."""
+
+    def __init__(self, info: Information) -> None:
+        super().__init__(info, 0, False)
+
+    def all_keys_for_usage_flags(self) -> Iterator[StorageTestData]:
+        """Generate test keys covering usage flags."""
+        yield from super().all_keys_for_usage_flags()
+        yield from self.generate_keys_for_usage_flags(test_implicit_usage=False)
+
+    def keys_for_implicit_usage(
+            self,
+            implyer_usage: str,
+            alg: str,
+            key_type: crypto_knowledge.KeyType
+    ) -> StorageTestData:
+        # pylint: disable=too-many-locals
+        """Generate test keys for the specified implicit usage flag,
+           algorithm and key type combination.
+        """
+        bits = key_type.sizes_to_test()[0]
+        implicit_usage = StorageKey.IMPLICIT_USAGE_FLAGS[implyer_usage]
+        usage_flags = ['PSA_KEY_USAGE_EXPORT']
+        material_usage_flags = usage_flags + [implyer_usage]
+        expected_usage_flags = material_usage_flags + [implicit_usage]
+        alg2 = 0
+        key_material = key_type.key_material(bits)
+        usage_expression = crypto_knowledge.short_expression(implyer_usage, 1)
+        alg_expression = crypto_knowledge.short_expression(alg, 1)
+        key_type_expression = key_type.short_expression(1)
+        description = 'implied by {}: {} {} {}-bit'.format(
+            usage_expression, alg_expression, key_type_expression, bits)
+        key = StorageTestData(version=self.version,
+                              id=1, lifetime=0x00000001,
+                              type=key_type.expression, bits=bits,
+                              usage=material_usage_flags,
+                              expected_usage=expected_usage_flags,
+                              without_implicit_usage=True,
+                              alg=alg, alg2=alg2,
+                              material=key_material,
+                              description=description)
+        return key
+
+    def gather_key_types_for_sign_alg(self) -> Dict[str, List[str]]:
+        # pylint: disable=too-many-locals
+        """Match possible key types for sign algorithms."""
+        # To create a valid combination both the algorithms and key types
+        # must be filtered. Pair them with keywords created from its names.
+        incompatible_alg_keyword = frozenset(['RAW', 'ANY', 'PURE'])
+        incompatible_key_type_keywords = frozenset(['MONTGOMERY'])
+        keyword_translation = {
+            'ECDSA': 'ECC',
+            'ED[0-9]*.*' : 'EDWARDS'
+        }
+        exclusive_keywords = {
+            'EDWARDS': 'ECC'
+        }
+        key_types = set(self.constructors.generate_expressions(self.constructors.key_types))
+        algorithms = set(self.constructors.generate_expressions(self.constructors.sign_algorithms))
+        alg_with_keys = {} #type: Dict[str, List[str]]
+        translation_table = str.maketrans('(', '_', ')')
+        for alg in algorithms:
+            # Generate keywords from the name of the algorithm
+            alg_keywords = set(alg.partition('(')[0].split(sep='_')[2:])
+            # Translate keywords for better matching with the key types
+            for keyword in alg_keywords.copy():
+                for pattern, replace in keyword_translation.items():
+                    if re.match(pattern, keyword):
+                        alg_keywords.remove(keyword)
+                        alg_keywords.add(replace)
+            # Filter out incompatible algorithms
+            if not alg_keywords.isdisjoint(incompatible_alg_keyword):
+                continue
+
+            for key_type in key_types:
+                # Generate keywords from the of the key type
+                key_type_keywords = set(key_type.translate(translation_table).split(sep='_')[3:])
+
+                # Remove ambiguous keywords
+                for keyword1, keyword2 in exclusive_keywords.items():
+                    if keyword1 in key_type_keywords:
+                        key_type_keywords.remove(keyword2)
+
+                if key_type_keywords.isdisjoint(incompatible_key_type_keywords) and\
+                   not key_type_keywords.isdisjoint(alg_keywords):
+                    if alg in alg_with_keys:
+                        alg_with_keys[alg].append(key_type)
+                    else:
+                        alg_with_keys[alg] = [key_type]
+        return alg_with_keys
+
+    def all_keys_for_implicit_usage(self) -> Iterator[StorageTestData]:
+        """Generate test keys for usage flag extensions."""
+        # Generate a key type and algorithm pair for each extendable usage
+        # flag to generate a valid key for exercising. The key is generated
+        # without usage extension to check the extension compatibility.
+        alg_with_keys = self.gather_key_types_for_sign_alg()
+
+        for usage in sorted(StorageKey.IMPLICIT_USAGE_FLAGS, key=str):
+            for alg in sorted(alg_with_keys):
+                for key_type in sorted(alg_with_keys[alg]):
+                    # The key types must be filtered to fit the specific usage flag.
+                    kt = crypto_knowledge.KeyType(key_type)
+                    if kt.is_public() and '_SIGN_' in usage:
+                        # Can't sign with a public key
+                        continue
+                    yield self.keys_for_implicit_usage(usage, alg, kt)
+
+    def generate_all_keys(self) -> Iterator[StorageTestData]:
+        yield from super().generate_all_keys()
+        yield from self.all_keys_for_implicit_usage()
+
+class PSATestGenerator(test_data_generation.TestGenerator):
+    """Test generator subclass including PSA targets and info."""
+    # Note that targets whose names contain 'test_format' have their content
+    # validated by `abi_check.py`.
+    targets = {
+        'test_suite_psa_crypto_generate_key.generated':
+        lambda info: KeyGenerate(info).test_cases_for_key_generation(),
+        'test_suite_psa_crypto_not_supported.generated':
+        lambda info: KeyTypeNotSupported(info).test_cases_for_not_supported(),
+        'test_suite_psa_crypto_op_fail.generated':
+        lambda info: OpFail(info).all_test_cases(),
+        'test_suite_psa_crypto_storage_format.current':
+        lambda info: StorageFormatForward(info, 0).all_test_cases(),
+        'test_suite_psa_crypto_storage_format.v0':
+        lambda info: StorageFormatV0(info).all_test_cases(),
+    } #type: Dict[str, Callable[[Information], Iterable[test_case.TestCase]]]
+
+    def __init__(self, options):
+        super().__init__(options)
+        self.info = Information()
+
+    def generate_target(self, name: str, *target_args) -> None:
+        super().generate_target(name, self.info)
+
+if __name__ == '__main__':
+    test_data_generation.main(sys.argv[1:], __doc__, PSATestGenerator)
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/generate_test_code.py b/3rdparty/mbedtls-2.28.7/tests/scripts/generate_test_code.py
similarity index 79%
rename from 3rdparty/mbedtls-2.25.0/tests/scripts/generate_test_code.py
rename to 3rdparty/mbedtls-2.28.7/tests/scripts/generate_test_code.py
index 7382fb6..6db121c 100644
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/generate_test_code.py
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/generate_test_code.py
@@ -2,19 +2,7 @@
 # Test suites code generator.
 #
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 
 """
 This script is a key part of Mbed TLS test suites framework. For
@@ -106,10 +94,6 @@
 Platform file contains platform specific setup code and test case
 dispatch code. For example, host_test.function reads test data
 file from host's file system and dispatches tests.
-In case of on-target target_test.function tests are not dispatched
-on target. Target code is kept minimum and only test functions are
-dispatched. Test case dispatch is done on the host using tools like
-Greentea.
 
 Template file:
 ---------
@@ -130,33 +114,39 @@
 This script replaces following fields in the template and generates
 the test source file:
 
-$test_common_helpers        <-- All common code from helpers.function
-                                is substituted here.
-$functions_code             <-- Test functions are substituted here
-                                from the input test_suit_xyz.function
-                                file. C preprocessor checks are generated
-                                for the build dependencies specified
-                                in the input file. This script also
-                                generates wrappers for the test
-                                functions with code to expand the
-                                string parameters read from the data
-                                file.
-$expression_code            <-- This script enumerates the
-                                expressions in the .data file and
-                                generates code to handle enumerated
-                                expression Ids and return the values.
-$dep_check_code             <-- This script enumerates all
-                                build dependencies and generate
-                                code to handle enumerated build
-                                dependency Id and return status: if
-                                the dependency is defined or not.
-$dispatch_code              <-- This script enumerates the functions
-                                specified in the input test data file
-                                and generates the initializer for the
-                                function table in the template
-                                file.
-$platform_code              <-- Platform specific setup and test
-                                dispatch code.
+__MBEDTLS_TEST_TEMPLATE__TEST_COMMON_HELPERS
+            All common code from helpers.function
+            is substituted here.
+__MBEDTLS_TEST_TEMPLATE__FUNCTIONS_CODE
+            Test functions are substituted here
+            from the input test_suit_xyz.function
+            file. C preprocessor checks are generated
+            for the build dependencies specified
+            in the input file. This script also
+            generates wrappers for the test
+            functions with code to expand the
+            string parameters read from the data
+            file.
+__MBEDTLS_TEST_TEMPLATE__EXPRESSION_CODE
+            This script enumerates the
+            expressions in the .data file and
+            generates code to handle enumerated
+            expression Ids and return the values.
+__MBEDTLS_TEST_TEMPLATE__DEP_CHECK_CODE
+            This script enumerates all
+            build dependencies and generate
+            code to handle enumerated build
+            dependency Id and return status: if
+            the dependency is defined or not.
+__MBEDTLS_TEST_TEMPLATE__DISPATCH_CODE
+            This script enumerates the functions
+            specified in the input test data file
+            and generates the initializer for the
+            function table in the template
+            file.
+__MBEDTLS_TEST_TEMPLATE__PLATFORM_CODE
+            Platform specific setup and test
+            dispatch code.
 
 """
 
@@ -169,6 +159,28 @@
 import argparse
 
 
+# Types recognized as signed integer arguments in test functions.
+SIGNED_INTEGER_TYPES = frozenset([
+    'char',
+    'short',
+    'short int',
+    'int',
+    'int8_t',
+    'int16_t',
+    'int32_t',
+    'int64_t',
+    'intmax_t',
+    'long',
+    'long int',
+    'long long int',
+    'mbedtls_mpi_sint',
+    'psa_status_t',
+])
+# Types recognized as string arguments in test functions.
+STRING_TYPES = frozenset(['char*', 'const char*', 'char const*'])
+# Types recognized as hex data arguments in test functions.
+DATA_TYPES = frozenset(['data_t*', 'const data_t*', 'data_t const*'])
+
 BEGIN_HEADER_REGEX = r'/\*\s*BEGIN_HEADER\s*\*/'
 END_HEADER_REGEX = r'/\*\s*END_HEADER\s*\*/'
 
@@ -190,9 +202,6 @@
                                                      CONDITION_OPERATOR_REGEX,
                                                      CONDITION_VALUE_REGEX)
 TEST_FUNCTION_VALIDATION_REGEX = r'\s*void\s+(?P<func_name>\w+)\s*\('
-INT_CHECK_REGEX = r'int\s+.*'
-CHAR_CHECK_REGEX = r'char\s*\*\s*.*'
-DATA_T_CHECK_REGEX = r'data_t\s*\*\s*.*'
 FUNCTION_ARG_LIST_END_REGEX = r'.*\)'
 EXIT_LABEL_REGEX = r'^exit:'
 
@@ -218,25 +227,17 @@ def __init__(self, file_name):
 
         :param file_name: File path to open.
         """
-        super(FileWrapper, self).__init__(file_name, 'r')
+        super().__init__(file_name, 'r')
         self._line_no = 0
 
-    def next(self):
+    def __next__(self):
         """
-        Python 2 iterator method. This method overrides base class's
-        next method and extends the next method to count the line
-        numbers as each line is read.
-
-        It works for both Python 2 and Python 3 by checking iterator
-        method name in the base iterator object.
+        This method overrides base class's __next__ method and extends it
+        method to count the line numbers as each line is read.
 
         :return: Line read from file.
         """
-        parent = super(FileWrapper, self)
-        if hasattr(parent, '__next__'):
-            line = parent.__next__()  # Python 3
-        else:
-            line = parent.next()  # Python 2 # pylint: disable=no-member
+        line = super().__next__()
         if line is not None:
             self._line_no += 1
             # Convert byte array to string with correct encoding and
@@ -244,9 +245,6 @@ def next(self):
             return line.decode(sys.getdefaultencoding()).rstrip() + '\n'
         return None
 
-    # Python 3 iterator method
-    __next__ = next
-
     def get_line_no(self):
         """
         Gives current line number.
@@ -312,7 +310,7 @@ def gen_function_wrapper(name, local_vars, args_dispatch):
     :param name: Test function name
     :param local_vars: Local variables declaration code
     :param args_dispatch: List of dispatch arguments.
-           Ex: ['(char *)params[0]', '*((int *)params[1])']
+           Ex: ['(char *) params[0]', '*((int *) params[1])']
     :return: Test function wrapper.
     """
     # Then create the wrapper
@@ -453,6 +451,49 @@ def parse_function_dependencies(line):
     return dependencies
 
 
+ARGUMENT_DECLARATION_REGEX = re.compile(r'(.+?) ?(?:\bconst\b)? ?(\w+)\Z', re.S)
+def parse_function_argument(arg, arg_idx, args, local_vars, args_dispatch):
+    """
+    Parses one test function's argument declaration.
+
+    :param arg: argument declaration.
+    :param arg_idx: current wrapper argument index.
+    :param args: accumulator of arguments' internal types.
+    :param local_vars: accumulator of internal variable declarations.
+    :param args_dispatch: accumulator of argument usage expressions.
+    :return: the number of new wrapper arguments,
+             or None if the argument declaration is invalid.
+    """
+    # Normalize whitespace
+    arg = arg.strip()
+    arg = re.sub(r'\s*\*\s*', r'*', arg)
+    arg = re.sub(r'\s+', r' ', arg)
+    # Extract name and type
+    m = ARGUMENT_DECLARATION_REGEX.search(arg)
+    if not m:
+        # E.g. "int x[42]"
+        return None
+    typ, _ = m.groups()
+    if typ in SIGNED_INTEGER_TYPES:
+        args.append('int')
+        args_dispatch.append('((mbedtls_test_argument_t *) params[%d])->sint' % arg_idx)
+        return 1
+    if typ in STRING_TYPES:
+        args.append('char*')
+        args_dispatch.append('(char *) params[%d]' % arg_idx)
+        return 1
+    if typ in DATA_TYPES:
+        args.append('hex')
+        # create a structure
+        pointer_initializer = '(uint8_t *) params[%d]' % arg_idx
+        len_initializer = '((mbedtls_test_argument_t *) params[%d])->len' % (arg_idx+1)
+        local_vars.append('    data_t data%d = {%s, %s};\n' %
+                          (arg_idx, pointer_initializer, len_initializer))
+        args_dispatch.append('&data%d' % arg_idx)
+        return 2
+    return None
+
+ARGUMENT_LIST_REGEX = re.compile(r'\((.*?)\)', re.S)
 def parse_function_arguments(line):
     """
     Parses test function signature for validation and generates
@@ -464,42 +505,27 @@ def parse_function_arguments(line):
     :return: argument list, local variables for
              wrapper function and argument dispatch code.
     """
-    args = []
-    local_vars = ''
-    args_dispatch = []
-    arg_idx = 0
-    # Remove characters before arguments
-    line = line[line.find('(') + 1:]
     # Process arguments, ex: <type> arg1, <type> arg2 )
     # This script assumes that the argument list is terminated by ')'
     # i.e. the test functions will not have a function pointer
     # argument.
-    for arg in line[:line.find(')')].split(','):
-        arg = arg.strip()
-        if arg == '':
-            continue
-        if re.search(INT_CHECK_REGEX, arg.strip()):
-            args.append('int')
-            args_dispatch.append('*( (int *) params[%d] )' % arg_idx)
-        elif re.search(CHAR_CHECK_REGEX, arg.strip()):
-            args.append('char*')
-            args_dispatch.append('(char *) params[%d]' % arg_idx)
-        elif re.search(DATA_T_CHECK_REGEX, arg.strip()):
-            args.append('hex')
-            # create a structure
-            pointer_initializer = '(uint8_t *) params[%d]' % arg_idx
-            len_initializer = '*( (uint32_t *) params[%d] )' % (arg_idx+1)
-            local_vars += """    data_t data%d = {%s, %s};
-""" % (arg_idx, pointer_initializer, len_initializer)
-
-            args_dispatch.append('&data%d' % arg_idx)
-            arg_idx += 1
-        else:
+    m = ARGUMENT_LIST_REGEX.search(line)
+    arg_list = m.group(1).strip()
+    if arg_list in ['', 'void']:
+        return [], '', []
+    args = []
+    local_vars = []
+    args_dispatch = []
+    arg_idx = 0
+    for arg in arg_list.split(','):
+        indexes = parse_function_argument(arg, arg_idx,
+                                          args, local_vars, args_dispatch)
+        if indexes is None:
             raise ValueError("Test function arguments can only be 'int', "
                              "'char *' or 'data_t'\n%s" % line)
-        arg_idx += 1
+        arg_idx += indexes
 
-    return args, local_vars, args_dispatch
+    return args, ''.join(local_vars), args_dispatch
 
 
 def generate_function_code(name, code, local_vars, args_dispatch,
@@ -528,6 +554,50 @@ def generate_function_code(name, code, local_vars, args_dispatch,
         gen_dependencies(dependencies)
     return preprocessor_check_start + code + preprocessor_check_end
 
+COMMENT_START_REGEX = re.compile(r'/[*/]')
+
+def skip_comments(line, stream):
+    """Remove comments in line.
+
+    If the line contains an unfinished comment, read more lines from stream
+    until the line that contains the comment.
+
+    :return: The original line with inner comments replaced by spaces.
+             Trailing comments and whitespace may be removed completely.
+    """
+    pos = 0
+    while True:
+        opening = COMMENT_START_REGEX.search(line, pos)
+        if not opening:
+            break
+        if line[opening.start(0) + 1] == '/': # //...
+            continuation = line
+            # Count the number of line breaks, to keep line numbers aligned
+            # in the output.
+            line_count = 1
+            while continuation.endswith('\\\n'):
+                # This errors out if the file ends with an unfinished line
+                # comment. That's acceptable to not complicate the code further.
+                continuation = next(stream)
+                line_count += 1
+            return line[:opening.start(0)].rstrip() + '\n' * line_count
+        # Parsing /*...*/, looking for the end
+        closing = line.find('*/', opening.end(0))
+        while closing == -1:
+            # This errors out if the file ends with an unfinished block
+            # comment. That's acceptable to not complicate the code further.
+            line += next(stream)
+            closing = line.find('*/', opening.end(0))
+        pos = closing + 2
+        # Replace inner comment by spaces. There needs to be at least one space
+        # for things like 'int/*ihatespaces*/foo'. Go further and preserve the
+        # width of the comment and line breaks, this way positions in error
+        # messages remain correct.
+        line = (line[:opening.start(0)] +
+                re.sub(r'.', r' ', line[opening.start(0):pos]) +
+                line[pos:])
+    # Strip whitespace at the end of lines (it's irrelevant to error messages).
+    return re.sub(r' +(\n|\Z)', r'\1', line)
 
 def parse_function_code(funcs_f, dependencies, suite_dependencies):
     """
@@ -547,6 +617,7 @@ def parse_function_code(funcs_f, dependencies, suite_dependencies):
         # across multiple lines. Here we try to find the start of
         # arguments list, then remove '\n's and apply the regex to
         # detect function start.
+        line = skip_comments(line, funcs_f)
         up_to_arg_list_start = code + line[:line.find('(') + 1]
         match = re.match(TEST_FUNCTION_VALIDATION_REGEX,
                          up_to_arg_list_start.replace('\n', ' '), re.I)
@@ -555,7 +626,7 @@ def parse_function_code(funcs_f, dependencies, suite_dependencies):
             name = match.group('func_name')
             if not re.match(FUNCTION_ARG_LIST_END_REGEX, line):
                 for lin in funcs_f:
-                    line += lin
+                    line += skip_comments(lin, funcs_f)
                     if re.search(FUNCTION_ARG_LIST_END_REGEX, line):
                         break
             args, local_vars, args_dispatch = parse_function_arguments(
@@ -571,6 +642,11 @@ def parse_function_code(funcs_f, dependencies, suite_dependencies):
     code = code.replace(name, 'test_' + name, 1)
     name = 'test_' + name
 
+    # If a test function has no arguments then add 'void' argument to
+    # avoid "-Wstrict-prototypes" warnings from clang
+    if len(args) == 0:
+        code = code.replace('()', '(void)', 1)
+
     for line in funcs_f:
         if re.search(END_CASE_REGEX, line):
             break
@@ -669,7 +745,7 @@ def parse_test_data(data_f):
     execution.
 
     :param data_f: file object of the data file.
-    :return: Generator that yields test name, function name,
+    :return: Generator that yields line number, test name, function name,
              dependency list and function argument list.
     """
     __state_read_name = 0
@@ -712,7 +788,7 @@ def parse_test_data(data_f):
                 parts = escaped_split(line, ':')
                 test_function = parts[0]
                 args = parts[1:]
-                yield name, test_function, dependencies, args
+                yield data_f.line_no, name, test_function, dependencies, args
                 dependencies = []
                 state = __state_read_name
     if state == __state_read_args:
@@ -810,6 +886,14 @@ def write_dependencies(out_data_f, test_dependencies, unique_dependencies):
     return dep_check_code
 
 
+INT_VAL_REGEX = re.compile(r'-?(\d+|0x[0-9a-f]+)$', re.I)
+def val_is_int(val: str) -> bool:
+    """Whether val is suitable as an 'int' parameter in the .datax file."""
+    if not INT_VAL_REGEX.match(val):
+        return False
+    # Limit the range to what is guaranteed to get through strtol()
+    return abs(int(val, 0)) <= 0x7fffffff
+
 def write_parameters(out_data_f, test_args, func_args, unique_expressions):
     """
     Writes test parameters to the intermediate data file, replacing
@@ -828,9 +912,9 @@ def write_parameters(out_data_f, test_args, func_args, unique_expressions):
         typ = func_args[i]
         val = test_args[i]
 
-        # check if val is a non literal int val (i.e. an expression)
-        if typ == 'int' and not re.match(r'(\d+|0x[0-9a-f]+)$',
-                                         val, re.I):
+        # Pass small integer constants literally. This reduces the size of
+        # the C code. Register anything else as an expression.
+        if typ == 'int' and not val_is_int(val):
             typ = 'exp'
             if val not in unique_expressions:
                 unique_expressions.append(val)
@@ -873,6 +957,24 @@ def gen_suite_dep_checks(suite_dependencies, dep_check_code, expression_code):
     return dep_check_code, expression_code
 
 
+def get_function_info(func_info, function_name, line_no):
+    """Look up information about a test function by name.
+
+    Raise an informative expression if function_name is not found.
+
+    :param func_info: dictionary mapping function names to their information.
+    :param function_name: the function name as written in the .function and
+                          .data files.
+    :param line_no: line number for error messages.
+    :return Function information (id, args).
+    """
+    test_function_name = 'test_' + function_name
+    if test_function_name not in func_info:
+        raise GeneratorInputError("%d: Function %s not found!" %
+                                  (line_no, test_function_name))
+    return func_info[test_function_name]
+
+
 def gen_from_test_data(data_f, out_data_f, func_info, suite_dependencies):
     """
     This function reads test case name, dependencies and test vectors
@@ -895,7 +997,7 @@ def gen_from_test_data(data_f, out_data_f, func_info, suite_dependencies):
     unique_expressions = []
     dep_check_code = ''
     expression_code = ''
-    for test_name, function_name, test_dependencies, test_args in \
+    for line_no, test_name, function_name, test_dependencies, test_args in \
             parse_test_data(data_f):
         out_data_f.write(test_name + '\n')
 
@@ -904,18 +1006,15 @@ def gen_from_test_data(data_f, out_data_f, func_info, suite_dependencies):
                                              unique_dependencies)
 
         # Write test function name
-        test_function_name = 'test_' + function_name
-        if test_function_name not in func_info:
-            raise GeneratorInputError("Function %s not found!" %
-                                      test_function_name)
-        func_id, func_args = func_info[test_function_name]
+        func_id, func_args = \
+            get_function_info(func_info, function_name, line_no)
         out_data_f.write(str(func_id))
 
         # Write parameters
         if len(test_args) != len(func_args):
-            raise GeneratorInputError("Invalid number of arguments in test "
+            raise GeneratorInputError("%d: Invalid number of arguments in test "
                                       "%s. See function %s signature." %
-                                      (test_name, function_name))
+                                      (line_no, test_name, function_name))
         expression_code += write_parameters(out_data_f, test_args, func_args,
                                             unique_expressions)
 
@@ -978,11 +1077,27 @@ def write_test_source_file(template_file, c_file, snippets):
     :param snippets: Generated and code snippets
     :return:
     """
+
+    # Create a placeholder pattern with the correct named capture groups
+    # to override the default provided with Template.
+    # Match nothing (no way of escaping placeholders).
+    escaped = "(?P<escaped>(?!))"
+    # Match the "__MBEDTLS_TEST_TEMPLATE__PLACEHOLDER_NAME" pattern.
+    named = "__MBEDTLS_TEST_TEMPLATE__(?P<named>[A-Z][_A-Z0-9]*)"
+    # Match nothing (no braced placeholder syntax).
+    braced = "(?P<braced>(?!))"
+    # If not already matched, a "__MBEDTLS_TEST_TEMPLATE__" prefix is invalid.
+    invalid = "(?P<invalid>__MBEDTLS_TEST_TEMPLATE__)"
+    placeholder_pattern = re.compile("|".join([escaped, named, braced, invalid]))
+
     with open(template_file, 'r') as template_f, open(c_file, 'w') as c_f:
         for line_no, line in enumerate(template_f.readlines(), 1):
             # Update line number. +1 as #line directive sets next line number
             snippets['line_no'] = line_no + 1
-            code = string.Template(line).substitute(**snippets)
+            template = string.Template(line)
+            template.pattern = placeholder_pattern
+            snippets = {k.upper():v for (k, v) in snippets.items()}
+            code = template.substitute(**snippets)
             c_f.write(code)
 
 
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/list-identifiers.sh b/3rdparty/mbedtls-2.28.7/tests/scripts/list-identifiers.sh
new file mode 100644
index 0000000..4ccac23
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/list-identifiers.sh
@@ -0,0 +1,54 @@
+#!/bin/bash
+#
+# Create a file named identifiers containing identifiers from internal header
+# files, based on the --internal flag.
+# Outputs the line count of the file to stdout.
+# A very thin wrapper around list_internal_identifiers.py for backwards
+# compatibility.
+# Must be run from Mbed TLS root.
+#
+# Usage: list-identifiers.sh [ -i | --internal ]
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+set -eu
+
+if [ -d include/mbedtls ]; then :; else
+    echo "$0: Must be run from Mbed TLS root" >&2
+    exit 1
+fi
+
+INTERNAL=""
+
+until [ -z "${1-}" ]
+do
+  case "$1" in
+    -i|--internal)
+      INTERNAL="1"
+      ;;
+    *)
+      # print error
+      echo "Unknown argument: '$1'"
+      exit 1
+      ;;
+  esac
+  shift
+done
+
+if [ $INTERNAL ]
+then
+    tests/scripts/list_internal_identifiers.py
+    wc -l identifiers
+else
+    cat <<EOF
+Sorry, this script has to be called with --internal.
+
+This script exists solely for backwards compatibility with the previous
+iteration of list-identifiers.sh, of which only the --internal option remains in
+use. It is a thin wrapper around list_internal_identifiers.py.
+
+check-names.sh, which used to depend on this script, has been replaced with
+check_names.py and is now self-complete.
+EOF
+fi
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/list_internal_identifiers.py b/3rdparty/mbedtls-2.28.7/tests/scripts/list_internal_identifiers.py
new file mode 100644
index 0000000..b648ce2
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/list_internal_identifiers.py
@@ -0,0 +1,45 @@
+#!/usr/bin/env python3
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+"""
+This script generates a file called identifiers that contains all Mbed TLS
+identifiers found on internal headers. This is the equivalent of what was
+previously `list-identifiers.sh --internal`, and is useful for generating an
+exclusion file list for ABI/API checking, since we do not promise compatibility
+for them.
+
+It uses the CodeParser class from check_names.py to perform the parsing.
+
+The script returns 0 on success, 1 if there is a script error.
+Must be run from Mbed TLS root.
+"""
+
+import argparse
+import logging
+from check_names import CodeParser
+
+def main():
+    parser = argparse.ArgumentParser(
+        formatter_class=argparse.RawDescriptionHelpFormatter,
+        description=(
+            "This script writes a list of parsed identifiers in internal "
+            "headers to \"identifiers\". This is useful for generating a list "
+            "of names to exclude from API/ABI compatibility checking. "))
+
+    parser.parse_args()
+
+    name_check = CodeParser(logging.getLogger())
+    result = name_check.parse_identifiers([
+        "include/mbedtls/*_internal.h",
+        "library/*.h"
+    ])[0]
+    result.sort(key=lambda x: x.name)
+
+    identifiers = ["{}\n".format(match.name) for match in result]
+    with open("identifiers", "w", encoding="utf-8") as f:
+        f.writelines(identifiers)
+
+if __name__ == "__main__":
+    main()
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/psa_collect_statuses.py b/3rdparty/mbedtls-2.28.7/tests/scripts/psa_collect_statuses.py
similarity index 85%
rename from 3rdparty/mbedtls-2.25.0/tests/scripts/psa_collect_statuses.py
rename to 3rdparty/mbedtls-2.28.7/tests/scripts/psa_collect_statuses.py
index b086793..11bbebc 100644
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/psa_collect_statuses.py
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/psa_collect_statuses.py
@@ -1,31 +1,19 @@
 #!/usr/bin/env python3
 """Describe the test coverage of PSA functions in terms of return statuses.
 
-1. Build Mbed Crypto with -DRECORD_PSA_STATUS_COVERAGE_LOG
+1. Build Mbed TLS with -DRECORD_PSA_STATUS_COVERAGE_LOG
 2. Run psa_collect_statuses.py
 
 The output is a series of line of the form "psa_foo PSA_ERROR_XXX". Each
 function/status combination appears only once.
 
-This script must be run from the top of an Mbed Crypto source tree.
+This script must be run from the top of an Mbed TLS source tree.
 The build command is "make -DRECORD_PSA_STATUS_COVERAGE_LOG", which is
 only supported with make (as opposed to CMake or other build methods).
 """
 
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 
 import argparse
 import os
@@ -46,7 +34,7 @@ def __init__(self):
     def collect_log(self, log_file_name):
         """Read logs from RECORD_PSA_STATUS_COVERAGE_LOG.
 
-        Read logs produced by running Mbed Crypto test suites built with
+        Read logs produced by running Mbed TLS test suites built with
         -DRECORD_PSA_STATUS_COVERAGE_LOG.
         """
         with open(log_file_name) as log:
@@ -82,7 +70,7 @@ def report(self):
 def collect_status_logs(options):
     """Build and run unit tests and report observed function return statuses.
 
-    Build Mbed Crypto with -DRECORD_PSA_STATUS_COVERAGE_LOG, run the
+    Build Mbed TLS with -DRECORD_PSA_STATUS_COVERAGE_LOG, run the
     test suites and display information about observed return statuses.
     """
     rebuilt = False
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/recursion.pl b/3rdparty/mbedtls-2.28.7/tests/scripts/recursion.pl
new file mode 100644
index 0000000..3cdeff7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/recursion.pl
@@ -0,0 +1,47 @@
+#!/usr/bin/env perl
+
+# Find functions making recursive calls to themselves.
+# (Multiple recursion where a() calls b() which calls a() not covered.)
+#
+# When the recursion depth might depend on data controlled by the attacker in
+# an unbounded way, those functions should use iteration instead.
+#
+# Typical usage: scripts/recursion.pl library/*.c
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+use warnings;
+use strict;
+
+use utf8;
+use open qw(:std utf8);
+
+# exclude functions that are ok:
+# - mpi_write_hlp: bounded by size of mbedtls_mpi, a compile-time constant
+# - x509_crt_verify_child: bounded by MBEDTLS_X509_MAX_INTERMEDIATE_CA
+my $known_ok = qr/mpi_write_hlp|x509_crt_verify_child/;
+
+my $cur_name;
+my $inside;
+my @funcs;
+
+die "Usage: $0 file.c [...]\n" unless @ARGV;
+
+while (<>)
+{
+    if( /^[^\/#{}\s]/ && ! /\[.*]/ ) {
+        chomp( $cur_name = $_ ) unless $inside;
+    } elsif( /^{/ && $cur_name ) {
+        $inside = 1;
+        $cur_name =~ s/.* ([^ ]*)\(.*/$1/;
+    } elsif( /^}/ && $inside ) {
+        undef $inside;
+        undef $cur_name;
+    } elsif( $inside && /\b\Q$cur_name\E\([^)]/ ) {
+        push @funcs, $cur_name unless /$known_ok/;
+    }
+}
+
+print "$_\n" for @funcs;
+exit @funcs;
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/run-test-suites.pl b/3rdparty/mbedtls-2.28.7/tests/scripts/run-test-suites.pl
similarity index 79%
rename from 3rdparty/mbedtls-2.25.0/tests/scripts/run-test-suites.pl
rename to 3rdparty/mbedtls-2.28.7/tests/scripts/run-test-suites.pl
index 15fa8bc..e0ee3f5 100644
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/run-test-suites.pl
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/run-test-suites.pl
@@ -3,19 +3,7 @@
 # run-test-suites.pl
 #
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 
 =head1 SYNOPSIS
 
@@ -50,11 +38,13 @@ =head1 SYNOPSIS
            'verbose|v:1' => \$verbose,
           ) or die;
 
-# All test suites = executable files, excluding source files, debug
-# and profiling information, etc. We can't just grep {! /\./} because
-# some of our test cases' base names contain a dot.
-my @suites = grep { -x $_ || /\.exe$/ } glob 'test_suite_*';
-@suites = grep { !/\.c$/ && !/\.data$/ && -f } @suites;
+# All test suites = executable files with a .datax file.
+my @suites = ();
+for my $data_file (glob 'test_suite_*.datax') {
+    (my $base = $data_file) =~ s/\.datax$//;
+    push @suites, $base if -x $base;
+    push @suites, "$base.exe" if -e "$base.exe";
+}
 die "$0: no test suite found\n" unless @suites;
 
 # "foo" as a skip pattern skips "test_suite_foo" and "test_suite_foo.bar"
@@ -74,7 +64,7 @@ =head1 SYNOPSIS
 
 my $prefix = $^O eq "MSWin32" ? '' : './';
 
-my ($failed_suites, $total_tests_run, $failed, $suite_cases_passed,
+my (@failed_suites, $total_tests_run, $failed, $suite_cases_passed,
     $suite_cases_failed, $suite_cases_skipped, $total_cases_passed,
     $total_cases_failed, $total_cases_skipped );
 my $suites_skipped = 0;
@@ -112,7 +102,7 @@ sub pad_print_center {
             pad_print_center( 72, '-', "End $suite" );
         }
     } else {
-        $failed_suites++;
+        push @failed_suites, $suite;
         print "FAIL\n";
         if( $verbose ) {
             pad_print_center( 72, '-', "Begin $suite" );
@@ -139,12 +129,17 @@ sub pad_print_center {
 }
 
 print "-" x 72, "\n";
-print $failed_suites ? "FAILED" : "PASSED";
+print @failed_suites ? "FAILED" : "PASSED";
 printf( " (%d suites, %d tests run%s)\n",
         scalar(@suites) - $suites_skipped,
         $total_tests_run,
         $suites_skipped ? ", $suites_skipped suites skipped" : "" );
 
+if( $verbose && @failed_suites ) {
+    # the output can be very long, so provide a summary of which suites failed
+    print "      failed suites : @failed_suites\n";
+}
+
 if( $verbose > 1 ) {
     print "  test cases passed :", $total_cases_passed, "\n";
     print "             failed :", $total_cases_failed, "\n";
@@ -159,5 +154,5 @@ sub pad_print_center {
     }
 }
 
-exit( $failed_suites ? 1 : 0 );
+exit( @failed_suites ? 1 : 0 );
 
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/scripts_path.py b/3rdparty/mbedtls-2.28.7/tests/scripts/scripts_path.py
new file mode 100644
index 0000000..5d83f29
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/scripts_path.py
@@ -0,0 +1,17 @@
+"""Add our Python library directory to the module search path.
+
+Usage:
+
+    import scripts_path # pylint: disable=unused-import
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+#
+
+import os
+import sys
+
+sys.path.append(os.path.join(os.path.dirname(__file__),
+                             os.path.pardir, os.path.pardir,
+                             'scripts'))
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/set_psa_test_dependencies.py b/3rdparty/mbedtls-2.28.7/tests/scripts/set_psa_test_dependencies.py
new file mode 100644
index 0000000..df7cea8
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/set_psa_test_dependencies.py
@@ -0,0 +1,290 @@
+#!/usr/bin/env python3
+
+"""Edit test cases to use PSA dependencies instead of classic dependencies.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+import os
+import re
+import sys
+
+CLASSIC_DEPENDENCIES = frozenset([
+    # This list is manually filtered from config.h.
+
+    # Mbed TLS feature support.
+    # Only features that affect what can be done are listed here.
+    # Options that control optimizations or alternative implementations
+    # are omitted.
+    'MBEDTLS_CIPHER_MODE_CBC',
+    'MBEDTLS_CIPHER_MODE_CFB',
+    'MBEDTLS_CIPHER_MODE_CTR',
+    'MBEDTLS_CIPHER_MODE_OFB',
+    'MBEDTLS_CIPHER_MODE_XTS',
+    'MBEDTLS_CIPHER_NULL_CIPHER',
+    'MBEDTLS_CIPHER_PADDING_PKCS7',
+    'MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS',
+    'MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN',
+    'MBEDTLS_CIPHER_PADDING_ZEROS',
+    #curve#'MBEDTLS_ECP_DP_SECP192R1_ENABLED',
+    #curve#'MBEDTLS_ECP_DP_SECP224R1_ENABLED',
+    #curve#'MBEDTLS_ECP_DP_SECP256R1_ENABLED',
+    #curve#'MBEDTLS_ECP_DP_SECP384R1_ENABLED',
+    #curve#'MBEDTLS_ECP_DP_SECP521R1_ENABLED',
+    #curve#'MBEDTLS_ECP_DP_SECP192K1_ENABLED',
+    #curve#'MBEDTLS_ECP_DP_SECP224K1_ENABLED',
+    #curve#'MBEDTLS_ECP_DP_SECP256K1_ENABLED',
+    #curve#'MBEDTLS_ECP_DP_BP256R1_ENABLED',
+    #curve#'MBEDTLS_ECP_DP_BP384R1_ENABLED',
+    #curve#'MBEDTLS_ECP_DP_BP512R1_ENABLED',
+    #curve#'MBEDTLS_ECP_DP_CURVE25519_ENABLED',
+    #curve#'MBEDTLS_ECP_DP_CURVE448_ENABLED',
+    'MBEDTLS_ECDSA_DETERMINISTIC',
+    #'MBEDTLS_GENPRIME', #needed for RSA key generation
+    'MBEDTLS_PKCS1_V15',
+    'MBEDTLS_PKCS1_V21',
+    'MBEDTLS_SHA512_NO_SHA384',
+
+    # Mbed TLS modules.
+    # Only modules that provide cryptographic mechanisms are listed here.
+    # Platform, data formatting, X.509 or TLS modules are omitted.
+    'MBEDTLS_AES_C',
+    'MBEDTLS_ARC4_C',
+    'MBEDTLS_BIGNUM_C',
+    #cipher#'MBEDTLS_BLOWFISH_C',
+    'MBEDTLS_CAMELLIA_C',
+    'MBEDTLS_ARIA_C',
+    'MBEDTLS_CCM_C',
+    'MBEDTLS_CHACHA20_C',
+    'MBEDTLS_CHACHAPOLY_C',
+    'MBEDTLS_CMAC_C',
+    'MBEDTLS_CTR_DRBG_C',
+    'MBEDTLS_DES_C',
+    'MBEDTLS_DHM_C',
+    'MBEDTLS_ECDH_C',
+    'MBEDTLS_ECDSA_C',
+    'MBEDTLS_ECJPAKE_C',
+    'MBEDTLS_ECP_C',
+    'MBEDTLS_ENTROPY_C',
+    'MBEDTLS_GCM_C',
+    'MBEDTLS_HKDF_C',
+    'MBEDTLS_HMAC_DRBG_C',
+    'MBEDTLS_NIST_KW_C',
+    'MBEDTLS_MD2_C',
+    'MBEDTLS_MD4_C',
+    'MBEDTLS_MD5_C',
+    'MBEDTLS_PKCS5_C',
+    'MBEDTLS_PKCS12_C',
+    'MBEDTLS_POLY1305_C',
+    'MBEDTLS_RIPEMD160_C',
+    'MBEDTLS_RSA_C',
+    'MBEDTLS_SHA1_C',
+    'MBEDTLS_SHA256_C',
+    'MBEDTLS_SHA512_C',
+    'MBEDTLS_XTEA_C',
+])
+
+def is_classic_dependency(dep):
+    """Whether dep is a classic dependency that PSA test cases should not use."""
+    if dep.startswith('!'):
+        dep = dep[1:]
+    return dep in CLASSIC_DEPENDENCIES
+
+def is_systematic_dependency(dep):
+    """Whether dep is a PSA dependency which is determined systematically."""
+    if dep.startswith('PSA_WANT_ECC_'):
+        return False
+    return dep.startswith('PSA_WANT_')
+
+WITHOUT_SYSTEMATIC_DEPENDENCIES = frozenset([
+    'PSA_ALG_AEAD_WITH_SHORTENED_TAG', # only a modifier
+    'PSA_ALG_ANY_HASH', # only meaningful in policies
+    'PSA_ALG_KEY_AGREEMENT', # only a way to combine algorithms
+    'PSA_ALG_TRUNCATED_MAC', # only a modifier
+    'PSA_KEY_TYPE_NONE', # not a real key type
+    'PSA_KEY_TYPE_DERIVE', # always supported, don't list it to reduce noise
+    'PSA_KEY_TYPE_RAW_DATA', # always supported, don't list it to reduce noise
+    'PSA_ALG_AT_LEAST_THIS_LENGTH_MAC', #only a modifier
+    'PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG', #only a modifier
+])
+
+SPECIAL_SYSTEMATIC_DEPENDENCIES = {
+    'PSA_ALG_ECDSA_ANY': frozenset(['PSA_WANT_ALG_ECDSA']),
+    'PSA_ALG_RSA_PKCS1V15_SIGN_RAW': frozenset(['PSA_WANT_ALG_RSA_PKCS1V15_SIGN']),
+}
+
+def dependencies_of_symbol(symbol):
+    """Return the dependencies for a symbol that designates a cryptographic mechanism."""
+    if symbol in WITHOUT_SYSTEMATIC_DEPENDENCIES:
+        return frozenset()
+    if symbol in SPECIAL_SYSTEMATIC_DEPENDENCIES:
+        return SPECIAL_SYSTEMATIC_DEPENDENCIES[symbol]
+    if symbol.startswith('PSA_ALG_CATEGORY_') or \
+       symbol.startswith('PSA_KEY_TYPE_CATEGORY_'):
+        # Categories are used in test data when an unsupported but plausible
+        # mechanism number needed. They have no associated dependency.
+        return frozenset()
+    return {symbol.replace('_', '_WANT_', 1)}
+
+def systematic_dependencies(file_name, function_name, arguments):
+    """List the systematically determined dependency for a test case."""
+    deps = set()
+
+    # Run key policy negative tests even if the algorithm to attempt performing
+    # is not supported but in the case where the test is to check an
+    # incompatibility between a requested algorithm for a cryptographic
+    # operation and a key policy. In the latter, we want to filter out the
+    # cases # where PSA_ERROR_NOT_SUPPORTED is returned instead of
+    # PSA_ERROR_NOT_PERMITTED.
+    if function_name.endswith('_key_policy') and \
+       arguments[-1].startswith('PSA_ERROR_') and \
+       arguments[-1] != ('PSA_ERROR_NOT_PERMITTED'):
+        arguments[-2] = ''
+    if function_name == 'copy_fail' and \
+       arguments[-1].startswith('PSA_ERROR_'):
+        arguments[-2] = ''
+        arguments[-3] = ''
+
+    # Storage format tests that only look at how the file is structured and
+    # don't care about the format of the key material don't depend on any
+    # cryptographic mechanisms.
+    if os.path.basename(file_name) == 'test_suite_psa_crypto_persistent_key.data' and \
+       function_name in {'format_storage_data_check',
+                         'parse_storage_data_check'}:
+        return []
+
+    for arg in arguments:
+        for symbol in re.findall(r'PSA_(?:ALG|KEY_TYPE)_\w+', arg):
+            deps.update(dependencies_of_symbol(symbol))
+    return sorted(deps)
+
+def updated_dependencies(file_name, function_name, arguments, dependencies):
+    """Rework the list of dependencies into PSA_WANT_xxx.
+
+    Remove classic crypto dependencies such as MBEDTLS_RSA_C,
+    MBEDTLS_PKCS1_V15, etc.
+
+    Add systematic PSA_WANT_xxx dependencies based on the called function and
+    its arguments, replacing existing PSA_WANT_xxx dependencies.
+    """
+    automatic = systematic_dependencies(file_name, function_name, arguments)
+    manual = [dep for dep in dependencies
+              if not (is_systematic_dependency(dep) or
+                      is_classic_dependency(dep))]
+    return automatic + manual
+
+def keep_manual_dependencies(file_name, function_name, arguments):
+    #pylint: disable=unused-argument
+    """Declare test functions with unusual dependencies here."""
+    # If there are no arguments, we can't do any useful work. Assume that if
+    # there are dependencies, they are warranted.
+    if not arguments:
+        return True
+    # When PSA_ERROR_NOT_SUPPORTED is expected, usually, at least one of the
+    # constants mentioned in the test should not be supported. It isn't
+    # possible to determine which one in a systematic way. So let the programmer
+    # decide.
+    if arguments[-1] == 'PSA_ERROR_NOT_SUPPORTED':
+        return True
+    return False
+
+def process_data_stanza(stanza, file_name, test_case_number):
+    """Update PSA crypto dependencies in one Mbed TLS test case.
+
+    stanza is the test case text (including the description, the dependencies,
+    the line with the function and arguments, and optionally comments). Return
+    a new stanza with an updated dependency line, preserving everything else
+    (description, comments, arguments, etc.).
+    """
+    if not stanza.lstrip('\n'):
+        # Just blank lines
+        return stanza
+    # Expect 2 or 3 non-comment lines: description, optional dependencies,
+    # function-and-arguments.
+    content_matches = list(re.finditer(r'^[\t ]*([^\t #].*)$', stanza, re.M))
+    if len(content_matches) < 2:
+        raise Exception('Not enough content lines in paragraph {} in {}'
+                        .format(test_case_number, file_name))
+    if len(content_matches) > 3:
+        raise Exception('Too many content lines in paragraph {} in {}'
+                        .format(test_case_number, file_name))
+    arguments = content_matches[-1].group(0).split(':')
+    function_name = arguments.pop(0)
+    if keep_manual_dependencies(file_name, function_name, arguments):
+        return stanza
+    if len(content_matches) == 2:
+        # Insert a line for the dependencies. If it turns out that there are
+        # no dependencies, we'll remove that empty line below.
+        dependencies_location = content_matches[-1].start()
+        text_before = stanza[:dependencies_location]
+        text_after = '\n' + stanza[dependencies_location:]
+        old_dependencies = []
+        dependencies_leader = 'depends_on:'
+    else:
+        dependencies_match = content_matches[-2]
+        text_before = stanza[:dependencies_match.start()]
+        text_after = stanza[dependencies_match.end():]
+        old_dependencies = dependencies_match.group(0).split(':')
+        dependencies_leader = old_dependencies.pop(0) + ':'
+        if dependencies_leader != 'depends_on:':
+            raise Exception('Next-to-last line does not start with "depends_on:"'
+                            ' in paragraph {} in {}'
+                            .format(test_case_number, file_name))
+    new_dependencies = updated_dependencies(file_name, function_name, arguments,
+                                            old_dependencies)
+    if new_dependencies:
+        stanza = (text_before +
+                  dependencies_leader + ':'.join(new_dependencies) +
+                  text_after)
+    else:
+        # The dependencies have become empty. Remove the depends_on: line.
+        assert text_after[0] == '\n'
+        stanza = text_before + text_after[1:]
+    return stanza
+
+def process_data_file(file_name, old_content):
+    """Update PSA crypto dependencies in an Mbed TLS test suite data file.
+
+    Process old_content (the old content of the file) and return the new content.
+    """
+    old_stanzas = old_content.split('\n\n')
+    new_stanzas = [process_data_stanza(stanza, file_name, n)
+                   for n, stanza in enumerate(old_stanzas, start=1)]
+    return '\n\n'.join(new_stanzas)
+
+def update_file(file_name, old_content, new_content):
+    """Update the given file with the given new content.
+
+    Replace the existing file. The previous version is renamed to *.bak.
+    Don't modify the file if the content was unchanged.
+    """
+    if new_content == old_content:
+        return
+    backup = file_name + '.bak'
+    tmp = file_name + '.tmp'
+    with open(tmp, 'w', encoding='utf-8') as new_file:
+        new_file.write(new_content)
+    os.replace(file_name, backup)
+    os.replace(tmp, file_name)
+
+def process_file(file_name):
+    """Update PSA crypto dependencies in an Mbed TLS test suite data file.
+
+    Replace the existing file. The previous version is renamed to *.bak.
+    Don't modify the file if the content was unchanged.
+    """
+    old_content = open(file_name, encoding='utf-8').read()
+    if file_name.endswith('.data'):
+        new_content = process_data_file(file_name, old_content)
+    else:
+        raise Exception('File type not recognized: {}'
+                        .format(file_name))
+    update_file(file_name, old_content, new_content)
+
+def main(args):
+    for file_name in args:
+        process_file(file_name)
+
+if __name__ == '__main__':
+    main(sys.argv[1:])
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/tcp_client.pl b/3rdparty/mbedtls-2.28.7/tests/scripts/tcp_client.pl
similarity index 82%
rename from 3rdparty/mbedtls-2.25.0/tests/scripts/tcp_client.pl
rename to 3rdparty/mbedtls-2.28.7/tests/scripts/tcp_client.pl
index 17f824e..9aff22d 100644
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/tcp_client.pl
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/tcp_client.pl
@@ -6,19 +6,7 @@
 #   RESPONSE: regexp that must match the server's response
 #
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 
 use warnings;
 use strict;
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/test-ref-configs.pl b/3rdparty/mbedtls-2.28.7/tests/scripts/test-ref-configs.pl
new file mode 100644
index 0000000..efe716e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/test-ref-configs.pl
@@ -0,0 +1,166 @@
+#!/usr/bin/env perl
+
+# test-ref-configs.pl
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+#
+# Purpose
+#
+# For each reference configuration file in the configs directory, build the
+# configuration, run the test suites and compat.sh
+#
+# Usage: tests/scripts/test-ref-configs.pl [config-name [...]]
+
+use warnings;
+use strict;
+
+my %configs = (
+    'config-ccm-psk-tls1_2.h' => {
+        'compat' => '-m tls12 -f \'^TLS-PSK-WITH-AES-...-CCM-8\'',
+        'test_again_with_use_psa' => 1
+    },
+    'config-ccm-psk-dtls1_2.h' => {
+        'compat' => '-m dtls12 -f \'^TLS-PSK-WITH-AES-...-CCM-8\'',
+        'opt' => ' ',
+        'opt_needs_debug' => 1,
+        'test_again_with_use_psa' => 1
+    },
+    'config-mini-tls1_1.h' => {
+        'compat' => '-m tls1_1 -f \'^DES-CBC3-SHA$\|^TLS-RSA-WITH-3DES-EDE-CBC-SHA$\'', #',
+        ## Skip ssl-opt testing for now because ssl-opt.sh is missing a lot
+        ## of requires_xxx so it would try to run tests that don't apply.
+        # 'opt' => ' ',
+        # 'opt_needs_debug' => 1,
+        'test_again_with_use_psa' => 1
+    },
+    'config-no-entropy.h' => {
+    },
+    'config-suite-b.h' => {
+        'compat' => "-m tls12 -f 'ECDHE-ECDSA.*AES.*GCM' -p mbedTLS",
+        'test_again_with_use_psa' => 1,
+        'opt' => ' ',
+        'opt_needs_debug' => 1,
+    },
+    'config-symmetric-only.h' => {
+        'test_again_with_use_psa' => 0, # Uses PSA by default, no need to test it twice
+    },
+    'config-thread.h' => {
+        'opt' => '-f ECJPAKE.*nolog',
+        'test_again_with_use_psa' => 1,
+    },
+);
+
+# If no config-name is provided, use all known configs.
+# Otherwise, use the provided names only.
+my @configs_to_test = sort keys %configs;
+if ($#ARGV >= 0) {
+    foreach my $conf_name ( @ARGV ) {
+        if( ! exists $configs{$conf_name} ) {
+            die "Unknown configuration: $conf_name\n";
+        }
+    }
+    @configs_to_test = @ARGV;
+}
+
+-d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n";
+
+my $config_h = 'include/mbedtls/config.h';
+
+system( "cp $config_h $config_h.bak" ) and die;
+sub abort {
+    system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
+    # use an exit code between 1 and 124 for git bisect (die returns 255)
+    warn $_[0];
+    exit 1;
+}
+
+# Create a seedfile for configurations that enable MBEDTLS_ENTROPY_NV_SEED.
+# For test purposes, this doesn't have to be cryptographically random.
+if (!-e "tests/seedfile" || -s "tests/seedfile" < 64) {
+    local *SEEDFILE;
+    open SEEDFILE, ">tests/seedfile" or die;
+    print SEEDFILE "*" x 64 or die;
+    close SEEDFILE or die;
+}
+
+sub perform_test {
+    my $conf_file = $_[0];
+    my $data = $_[1];
+    my $test_with_psa = $_[2];
+
+    my $conf_name = $conf_file;
+    if ( $test_with_psa )
+    {
+        $conf_name .= "+PSA";
+    }
+
+    system( "cp $config_h.bak $config_h" ) and die;
+    system( "make clean" ) and die;
+
+    print "\n******************************************\n";
+    print "* Testing configuration: $conf_name\n";
+    print "******************************************\n";
+
+    $ENV{MBEDTLS_TEST_CONFIGURATION} = $conf_name;
+
+    system( "cp configs/$conf_file $config_h" )
+        and abort "Failed to activate $conf_file\n";
+
+    if ( $test_with_psa )
+    {
+        system( "scripts/config.py set MBEDTLS_PSA_CRYPTO_C" );
+        system( "scripts/config.py set MBEDTLS_USE_PSA_CRYPTO" );
+    }
+
+    system( "CFLAGS='-Os -Werror -Wall -Wextra' make" ) and abort "Failed to build: $conf_name\n";
+    system( "make test" ) and abort "Failed test suite: $conf_name\n";
+
+    my $compat = $data->{'compat'};
+    if( $compat )
+    {
+        print "\nrunning compat.sh $compat ($conf_name)\n";
+        system( "tests/compat.sh $compat" )
+            and abort "Failed compat.sh: $conf_name\n";
+    }
+    else
+    {
+        print "\nskipping compat.sh ($conf_name)\n";
+    }
+
+    my $opt = $data->{'opt'};
+    if( $opt )
+    {
+        if( $data->{'opt_needs_debug'} )
+        {
+            print "\nrebuilding with debug traces for ssl-opt ($conf_name)\n";
+            $conf_name .= '+DEBUG';
+            $ENV{MBEDTLS_TEST_CONFIGURATION} = $conf_name;
+            system( "make clean" );
+            system( "scripts/config.py set MBEDTLS_DEBUG_C" );
+            system( "scripts/config.py set MBEDTLS_ERROR_C" );
+            system( "CFLAGS='-Os -Werror -Wall -Wextra' make" ) and abort "Failed to build: $conf_name\n";
+        }
+
+        print "\nrunning ssl-opt.sh $opt ($conf_name)\n";
+        system( "tests/ssl-opt.sh $opt" )
+            and abort "Failed ssl-opt.sh: $conf_name\n";
+    }
+    else
+    {
+        print "\nskipping ssl-opt.sh ($conf_name)\n";
+    }
+}
+
+foreach my $conf ( @configs_to_test ) {
+    my $test_with_psa = $configs{$conf}{'test_again_with_use_psa'};
+    if ( $test_with_psa )
+    {
+        perform_test( $conf, $configs{$conf}, $test_with_psa );
+    }
+    perform_test( $conf, $configs{$conf}, 0 );
+}
+
+system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
+system( "make clean" );
+exit 0;
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/test_config_script.py b/3rdparty/mbedtls-2.28.7/tests/scripts/test_config_script.py
similarity index 92%
rename from 3rdparty/mbedtls-2.25.0/tests/scripts/test_config_script.py
rename to 3rdparty/mbedtls-2.28.7/tests/scripts/test_config_script.py
index 8ca4103..c835b1c 100644
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/test_config_script.py
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/test_config_script.py
@@ -14,19 +14,8 @@
 """
 
 ## Copyright The Mbed TLS Contributors
-## SPDX-License-Identifier: Apache-2.0
+## SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 ##
-## Licensed under the Apache License, Version 2.0 (the "License"); you may
-## not use this file except in compliance with the License.
-## You may obtain a copy of the License at
-##
-## http://www.apache.org/licenses/LICENSE-2.0
-##
-## Unless required by applicable law or agreed to in writing, software
-## distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-## WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-## See the License for the specific language governing permissions and
-## limitations under the License.
 
 import argparse
 import glob
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/test_generate_test_code.py b/3rdparty/mbedtls-2.28.7/tests/scripts/test_generate_test_code.py
similarity index 83%
rename from 3rdparty/mbedtls-2.25.0/tests/scripts/test_generate_test_code.py
rename to 3rdparty/mbedtls-2.28.7/tests/scripts/test_generate_test_code.py
index 000c2a7..abc46a7 100644
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/test_generate_test_code.py
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/test_generate_test_code.py
@@ -2,39 +2,16 @@
 # Unit test for generate_test_code.py
 #
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 
 """
 Unit tests for generate_test_code.py
 """
 
-# pylint: disable=wrong-import-order
-try:
-    # Python 2
-    from StringIO import StringIO
-except ImportError:
-    # Python 3
-    from io import StringIO
+from io import StringIO
 from unittest import TestCase, main as unittest_main
-try:
-    # Python 2
-    from mock import patch
-except ImportError:
-    # Python 3
-    from unittest.mock import patch
-# pylint: enable=wrong-import-order
+from unittest.mock import patch
+
 from generate_test_code import gen_dependencies, gen_dependencies_one_line
 from generate_test_code import gen_function_wrapper, gen_dispatch
 from generate_test_code import parse_until_pattern, GeneratorInputError
@@ -317,25 +294,16 @@ def next(self):
         :return: Line read from file.
         """
         parent = super(StringIOWrapper, self)
-        if getattr(parent, 'next', None):
-            # Python 2
-            line = parent.next()
-        else:
-            # Python 3
-            line = parent.__next__()
+        line = parent.__next__()
         return line
 
-    # Python 3
-    __next__ = next
-
-    def readline(self, length=0):
+    def readline(self, _length=0):
         """
         Wrap the base class readline.
 
         :param length:
         :return:
         """
-        # pylint: disable=unused-argument
         line = super(StringIOWrapper, self).readline()
         if line is not None:
             self.line_no += 1
@@ -505,9 +473,10 @@ def test_int_and_char_params(self):
         args, local, arg_dispatch = parse_function_arguments(line)
         self.assertEqual(args, ['char*', 'int', 'int'])
         self.assertEqual(local, '')
-        self.assertEqual(arg_dispatch, ['(char *) params[0]',
-                                        '*( (int *) params[1] )',
-                                        '*( (int *) params[2] )'])
+        self.assertEqual(arg_dispatch,
+                         ['(char *) params[0]',
+                          '((mbedtls_test_argument_t *) params[1])->sint',
+                          '((mbedtls_test_argument_t *) params[2])->sint'])
 
     def test_hex_params(self):
         """
@@ -519,22 +488,22 @@ def test_hex_params(self):
         self.assertEqual(args, ['char*', 'hex', 'int'])
         self.assertEqual(local,
                          '    data_t data1 = {(uint8_t *) params[1], '
-                         '*( (uint32_t *) params[2] )};\n')
+                         '((mbedtls_test_argument_t *) params[2])->len};\n')
         self.assertEqual(arg_dispatch, ['(char *) params[0]',
                                         '&data1',
-                                        '*( (int *) params[3] )'])
+                                        '((mbedtls_test_argument_t *) params[3])->sint'])
 
     def test_unsupported_arg(self):
         """
-        Test unsupported arguments (not among int, char * and data_t)
+        Test unsupported argument type
         :return:
         """
-        line = 'void entropy_threshold( char * a, data_t * h, char result )'
+        line = 'void entropy_threshold( char * a, data_t * h, unknown_t result )'
         self.assertRaises(ValueError, parse_function_arguments, line)
 
-    def test_no_params(self):
+    def test_empty_params(self):
         """
-        Test no parameters.
+        Test no parameters (nothing between parentheses).
         :return:
         """
         line = 'void entropy_threshold()'
@@ -543,44 +512,45 @@ def test_no_params(self):
         self.assertEqual(local, '')
         self.assertEqual(arg_dispatch, [])
 
+    def test_blank_params(self):
+        """
+        Test no parameters (space between parentheses).
+        :return:
+        """
+        line = 'void entropy_threshold( )'
+        args, local, arg_dispatch = parse_function_arguments(line)
+        self.assertEqual(args, [])
+        self.assertEqual(local, '')
+        self.assertEqual(arg_dispatch, [])
+
+    def test_void_params(self):
+        """
+        Test no parameters (void keyword).
+        :return:
+        """
+        line = 'void entropy_threshold(void)'
+        args, local, arg_dispatch = parse_function_arguments(line)
+        self.assertEqual(args, [])
+        self.assertEqual(local, '')
+        self.assertEqual(arg_dispatch, [])
+
+    def test_void_space_params(self):
+        """
+        Test no parameters (void with spaces).
+        :return:
+        """
+        line = 'void entropy_threshold( void )'
+        args, local, arg_dispatch = parse_function_arguments(line)
+        self.assertEqual(args, [])
+        self.assertEqual(local, '')
+        self.assertEqual(arg_dispatch, [])
+
 
 class ParseFunctionCode(TestCase):
     """
     Test suite for testing parse_function_code()
     """
 
-    def assert_raises_regex(self, exp, regex, func, *args):
-        """
-        Python 2 & 3 portable wrapper of assertRaisesRegex(p)? function.
-
-        :param exp: Exception type expected to be raised by cb.
-        :param regex: Expected exception message
-        :param func: callable object under test
-        :param args: variable positional arguments
-        """
-        parent = super(ParseFunctionCode, self)
-
-        # Pylint does not appreciate that the super method called
-        # conditionally can be available in other Python version
-        # then that of Pylint.
-        # Workaround is to call the method via getattr.
-        # Pylint ignores that the method got via getattr is
-        # conditionally executed. Method has to be a callable.
-        # Hence, using a dummy callable for getattr default.
-        dummy = lambda *x: None
-        # First Python 3 assertRaisesRegex is checked, since Python 2
-        # assertRaisesRegexp is also available in Python 3 but is
-        # marked deprecated.
-        for name in ('assertRaisesRegex', 'assertRaisesRegexp'):
-            method = getattr(parent, name, dummy)
-            if method is not dummy:
-                method(exp, regex, func, *args)
-                break
-        else:
-            raise AttributeError(" 'ParseFunctionCode' object has no attribute"
-                                 " 'assertRaisesRegex' or 'assertRaisesRegexp'"
-                                )
-
     def test_no_function(self):
         """
         Test no test function found.
@@ -593,8 +563,8 @@ def test_no_function(self):
 '''
         stream = StringIOWrapper('test_suite_ut.function', data)
         err_msg = 'file: test_suite_ut.function - Test functions not found!'
-        self.assert_raises_regex(GeneratorInputError, err_msg,
-                                 parse_function_code, stream, [], [])
+        self.assertRaisesRegex(GeneratorInputError, err_msg,
+                               parse_function_code, stream, [], [])
 
     def test_no_end_case_comment(self):
         """
@@ -609,8 +579,8 @@ def test_no_end_case_comment(self):
         stream = StringIOWrapper('test_suite_ut.function', data)
         err_msg = r'file: test_suite_ut.function - '\
                   'end case pattern .*? not found!'
-        self.assert_raises_regex(GeneratorInputError, err_msg,
-                                 parse_function_code, stream, [], [])
+        self.assertRaisesRegex(GeneratorInputError, err_msg,
+                               parse_function_code, stream, [], [])
 
     @patch("generate_test_code.parse_function_arguments")
     def test_function_called(self,
@@ -665,7 +635,7 @@ def test_return(self, parse_function_arguments_mock,
         self.assertEqual(arg, [])
         expected = '''#line 1 "test_suite_ut.function"
 
-void test_func()
+void test_func(void)
 {
     ba ba black sheep
     have you any wool
@@ -708,7 +678,7 @@ def test_with_exit_label(self, parse_function_arguments_mock,
 
         expected = '''#line 1 "test_suite_ut.function"
 
-void test_func()
+void test_func(void)
 {
     ba ba black sheep
     have you any wool
@@ -727,19 +697,19 @@ def test_non_void_function(self):
         data = 'int entropy_threshold( char * a, data_t * h, int result )'
         err_msg = 'file: test_suite_ut.function - Test functions not found!'
         stream = StringIOWrapper('test_suite_ut.function', data)
-        self.assert_raises_regex(GeneratorInputError, err_msg,
-                                 parse_function_code, stream, [], [])
+        self.assertRaisesRegex(GeneratorInputError, err_msg,
+                               parse_function_code, stream, [], [])
 
     @patch("generate_test_code.gen_dispatch")
     @patch("generate_test_code.gen_dependencies")
     @patch("generate_test_code.gen_function_wrapper")
     @patch("generate_test_code.parse_function_arguments")
-    def test_functio_name_on_newline(self, parse_function_arguments_mock,
-                                     gen_function_wrapper_mock,
-                                     gen_dependencies_mock,
-                                     gen_dispatch_mock):
+    def test_function_name_on_newline(self, parse_function_arguments_mock,
+                                      gen_function_wrapper_mock,
+                                      gen_dependencies_mock,
+                                      gen_dispatch_mock):
         """
-        Test when exit label is present.
+        Test with line break before the function name.
         :return:
         """
         parse_function_arguments_mock.return_value = ([], '', [])
@@ -768,7 +738,195 @@ def test_functio_name_on_newline(self, parse_function_arguments_mock,
 void
 
 
-test_func()
+test_func(void)
+{
+    ba ba black sheep
+    have you any wool
+exit:
+    yes sir yes sir
+    3 bags full
+}
+'''
+        self.assertEqual(code, expected)
+
+    @patch("generate_test_code.gen_dispatch")
+    @patch("generate_test_code.gen_dependencies")
+    @patch("generate_test_code.gen_function_wrapper")
+    @patch("generate_test_code.parse_function_arguments")
+    def test_case_starting_with_comment(self, parse_function_arguments_mock,
+                                        gen_function_wrapper_mock,
+                                        gen_dependencies_mock,
+                                        gen_dispatch_mock):
+        """
+        Test with comments before the function signature
+        :return:
+        """
+        parse_function_arguments_mock.return_value = ([], '', [])
+        gen_function_wrapper_mock.return_value = ''
+        gen_dependencies_mock.side_effect = gen_dependencies
+        gen_dispatch_mock.side_effect = gen_dispatch
+        data = '''/* comment */
+/* more
+ * comment */
+// this is\\
+still \\
+a comment
+void func()
+{
+    ba ba black sheep
+    have you any wool
+exit:
+    yes sir yes sir
+    3 bags full
+}
+/* END_CASE */
+'''
+        stream = StringIOWrapper('test_suite_ut.function', data)
+        _, _, code, _ = parse_function_code(stream, [], [])
+
+        expected = '''#line 1 "test_suite_ut.function"
+
+
+
+
+
+
+void test_func(void)
+{
+    ba ba black sheep
+    have you any wool
+exit:
+    yes sir yes sir
+    3 bags full
+}
+'''
+        self.assertEqual(code, expected)
+
+    @patch("generate_test_code.gen_dispatch")
+    @patch("generate_test_code.gen_dependencies")
+    @patch("generate_test_code.gen_function_wrapper")
+    @patch("generate_test_code.parse_function_arguments")
+    def test_comment_in_prototype(self, parse_function_arguments_mock,
+                                  gen_function_wrapper_mock,
+                                  gen_dependencies_mock,
+                                  gen_dispatch_mock):
+        """
+        Test with comments in the function prototype
+        :return:
+        """
+        parse_function_arguments_mock.return_value = ([], '', [])
+        gen_function_wrapper_mock.return_value = ''
+        gen_dependencies_mock.side_effect = gen_dependencies
+        gen_dispatch_mock.side_effect = gen_dispatch
+        data = '''
+void func( int x, // (line \\
+                     comment)
+           int y /* lone closing parenthesis) */ )
+{
+    ba ba black sheep
+    have you any wool
+exit:
+    yes sir yes sir
+    3 bags full
+}
+/* END_CASE */
+'''
+        stream = StringIOWrapper('test_suite_ut.function', data)
+        _, _, code, _ = parse_function_code(stream, [], [])
+
+        expected = '''#line 1 "test_suite_ut.function"
+
+void test_func( int x,
+
+           int y                                 )
+{
+    ba ba black sheep
+    have you any wool
+exit:
+    yes sir yes sir
+    3 bags full
+}
+'''
+        self.assertEqual(code, expected)
+
+    @patch("generate_test_code.gen_dispatch")
+    @patch("generate_test_code.gen_dependencies")
+    @patch("generate_test_code.gen_function_wrapper")
+    @patch("generate_test_code.parse_function_arguments")
+    def test_line_comment_in_block_comment(self, parse_function_arguments_mock,
+                                           gen_function_wrapper_mock,
+                                           gen_dependencies_mock,
+                                           gen_dispatch_mock):
+        """
+        Test with line comment in block comment.
+        :return:
+        """
+        parse_function_arguments_mock.return_value = ([], '', [])
+        gen_function_wrapper_mock.return_value = ''
+        gen_dependencies_mock.side_effect = gen_dependencies
+        gen_dispatch_mock.side_effect = gen_dispatch
+        data = '''
+void func( int x /* // */ )
+{
+    ba ba black sheep
+    have you any wool
+exit:
+    yes sir yes sir
+    3 bags full
+}
+/* END_CASE */
+'''
+        stream = StringIOWrapper('test_suite_ut.function', data)
+        _, _, code, _ = parse_function_code(stream, [], [])
+
+        expected = '''#line 1 "test_suite_ut.function"
+
+void test_func( int x          )
+{
+    ba ba black sheep
+    have you any wool
+exit:
+    yes sir yes sir
+    3 bags full
+}
+'''
+        self.assertEqual(code, expected)
+
+    @patch("generate_test_code.gen_dispatch")
+    @patch("generate_test_code.gen_dependencies")
+    @patch("generate_test_code.gen_function_wrapper")
+    @patch("generate_test_code.parse_function_arguments")
+    def test_block_comment_in_line_comment(self, parse_function_arguments_mock,
+                                           gen_function_wrapper_mock,
+                                           gen_dependencies_mock,
+                                           gen_dispatch_mock):
+        """
+        Test with block comment in line comment.
+        :return:
+        """
+        parse_function_arguments_mock.return_value = ([], '', [])
+        gen_function_wrapper_mock.return_value = ''
+        gen_dependencies_mock.side_effect = gen_dependencies
+        gen_dispatch_mock.side_effect = gen_dispatch
+        data = '''
+// /*
+void func( int x )
+{
+    ba ba black sheep
+    have you any wool
+exit:
+    yes sir yes sir
+    3 bags full
+}
+/* END_CASE */
+'''
+        stream = StringIOWrapper('test_suite_ut.function', data)
+        _, _, code, _ = parse_function_code(stream, [], [])
+
+        expected = '''#line 1 "test_suite_ut.function"
+
+
+void test_func( int x )
 {
     ba ba black sheep
     have you any wool
@@ -969,7 +1127,7 @@ def test_parsing(self):
 #if defined(MBEDTLS_ENTROPY_NV_SEED)
 #if defined(MBEDTLS_FS_IO)
 #line 13 "test_suite_ut.function"
-void test_func1()
+void test_func1(void)
 {
 exit:
     ;
@@ -986,7 +1144,7 @@ def test_parsing(self):
 #if defined(MBEDTLS_ENTROPY_NV_SEED)
 #if defined(MBEDTLS_FS_IO)
 #line 19 "test_suite_ut.function"
-void test_func2()
+void test_func2(void)
 {
 exit:
     ;
@@ -1128,29 +1286,33 @@ def test_parser(self):
         # List of (name, function_name, dependencies, args)
         tests = list(parse_test_data(stream))
         test1, test2, test3, test4 = tests
-        self.assertEqual(test1[0], 'Diffie-Hellman full exchange #1')
-        self.assertEqual(test1[1], 'dhm_do_dhm')
-        self.assertEqual(test1[2], [])
-        self.assertEqual(test1[3], ['10', '"23"', '10', '"5"'])
-
-        self.assertEqual(test2[0], 'Diffie-Hellman full exchange #2')
-        self.assertEqual(test2[1], 'dhm_do_dhm')
-        self.assertEqual(test2[2], [])
-        self.assertEqual(test2[3], ['10', '"93450983094850938450983409623"',
+        self.assertEqual(test1[0], 3)
+        self.assertEqual(test1[1], 'Diffie-Hellman full exchange #1')
+        self.assertEqual(test1[2], 'dhm_do_dhm')
+        self.assertEqual(test1[3], [])
+        self.assertEqual(test1[4], ['10', '"23"', '10', '"5"'])
+
+        self.assertEqual(test2[0], 6)
+        self.assertEqual(test2[1], 'Diffie-Hellman full exchange #2')
+        self.assertEqual(test2[2], 'dhm_do_dhm')
+        self.assertEqual(test2[3], [])
+        self.assertEqual(test2[4], ['10', '"93450983094850938450983409623"',
                                     '10', '"9345098304850938450983409622"'])
 
-        self.assertEqual(test3[0], 'Diffie-Hellman full exchange #3')
-        self.assertEqual(test3[1], 'dhm_do_dhm')
-        self.assertEqual(test3[2], [])
-        self.assertEqual(test3[3], ['10',
+        self.assertEqual(test3[0], 9)
+        self.assertEqual(test3[1], 'Diffie-Hellman full exchange #3')
+        self.assertEqual(test3[2], 'dhm_do_dhm')
+        self.assertEqual(test3[3], [])
+        self.assertEqual(test3[4], ['10',
                                     '"9345098382739712938719287391879381271"',
                                     '10',
                                     '"9345098792137312973297123912791271"'])
 
-        self.assertEqual(test4[0], 'Diffie-Hellman selftest')
-        self.assertEqual(test4[1], 'dhm_selftest')
-        self.assertEqual(test4[2], [])
+        self.assertEqual(test4[0], 12)
+        self.assertEqual(test4[1], 'Diffie-Hellman selftest')
+        self.assertEqual(test4[2], 'dhm_selftest')
         self.assertEqual(test4[3], [])
+        self.assertEqual(test4[4], [])
 
     def test_with_dependencies(self):
         """
@@ -1170,15 +1332,17 @@ def test_with_dependencies(self):
         # List of (name, function_name, dependencies, args)
         tests = list(parse_test_data(stream))
         test1, test2 = tests
-        self.assertEqual(test1[0], 'Diffie-Hellman full exchange #1')
-        self.assertEqual(test1[1], 'dhm_do_dhm')
-        self.assertEqual(test1[2], ['YAHOO'])
-        self.assertEqual(test1[3], ['10', '"23"', '10', '"5"'])
-
-        self.assertEqual(test2[0], 'Diffie-Hellman full exchange #2')
-        self.assertEqual(test2[1], 'dhm_do_dhm')
-        self.assertEqual(test2[2], [])
-        self.assertEqual(test2[3], ['10', '"93450983094850938450983409623"',
+        self.assertEqual(test1[0], 4)
+        self.assertEqual(test1[1], 'Diffie-Hellman full exchange #1')
+        self.assertEqual(test1[2], 'dhm_do_dhm')
+        self.assertEqual(test1[3], ['YAHOO'])
+        self.assertEqual(test1[4], ['10', '"23"', '10', '"5"'])
+
+        self.assertEqual(test2[0], 7)
+        self.assertEqual(test2[1], 'Diffie-Hellman full exchange #2')
+        self.assertEqual(test2[2], 'dhm_do_dhm')
+        self.assertEqual(test2[3], [])
+        self.assertEqual(test2[4], ['10', '"93450983094850938450983409623"',
                                     '10', '"9345098304850938450983409622"'])
 
     def test_no_args(self):
@@ -1199,7 +1363,7 @@ def test_no_args(self):
         stream = StringIOWrapper('test_suite_ut.function', data)
         err = None
         try:
-            for _, _, _, _ in parse_test_data(stream):
+            for _, _, _, _, _ in parse_test_data(stream):
                 pass
         except GeneratorInputError as err:
             self.assertEqual(type(err), GeneratorInputError)
@@ -1217,7 +1381,7 @@ def test_incomplete_data(self):
         stream = StringIOWrapper('test_suite_ut.function', data)
         err = None
         try:
-            for _, _, _, _ in parse_test_data(stream):
+            for _, _, _, _, _ in parse_test_data(stream):
                 pass
         except GeneratorInputError as err:
             self.assertEqual(type(err), GeneratorInputError)
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/test_psa_compliance.py b/3rdparty/mbedtls-2.28.7/tests/scripts/test_psa_compliance.py
new file mode 100644
index 0000000..032d6ce
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/test_psa_compliance.py
@@ -0,0 +1,134 @@
+#!/usr/bin/env python3
+"""Run the PSA Crypto API compliance test suite.
+Clone the repo and check out the commit specified by PSA_ARCH_TEST_REPO and PSA_ARCH_TEST_REF,
+then compile and run the test suite. The clone is stored at <Mbed TLS root>/psa-arch-tests.
+Known defects in either the test suite or mbedtls - identified by their test number - are ignored,
+while unexpected failures AND successes are reported as errors,
+to help keep the list of known defects as up to date as possible.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+import os
+import re
+import shutil
+import subprocess
+import sys
+
+# PSA Compliance tests we expect to fail due to known defects in Mbed TLS (or the test suite)
+# The test numbers correspond to the numbers used by the console output of the test suite.
+# Test number 2xx corresponds to the files in the folder
+# psa-arch-tests/api-tests/dev_apis/crypto/test_c0xx
+EXPECTED_FAILURES = {
+    # Multipart AEAD is not supported in Mbed TLS 2.x.
+    252, 253, 254, 255, 256, 257, 258, 259, 260, 261,
+
+    # psa_hash_suspend() and psa_hash_resume() are not supported.
+    # - Tracked in issue #3274
+    262, 263
+}
+
+# We currently use a fork of ARM-software/psa-arch-tests, with a couple of downstream patches
+# that allow it to build with Mbed TLS 2, and fixes a couple of issues in the compliance test suite.
+# These fixes allow the tests numbered 216, 248 and 249 to complete successfully.
+#
+# Once all the fixes are upstreamed, this fork should be replaced with an upstream commit/tag.
+# - Tracked in issue #5145
+#
+# Web URL: https://github.com/bensze01/psa-arch-tests/tree/fixes-for-mbedtls-2
+PSA_ARCH_TESTS_REPO = 'https://github.com/bensze01/psa-arch-tests.git'
+PSA_ARCH_TESTS_REF = 'fix-5735-2.28'
+
+#pylint: disable=too-many-branches,too-many-statements
+def main():
+    mbedtls_dir = os.getcwd()
+
+    if not os.path.exists('library/libmbedcrypto.a'):
+        subprocess.check_call(['make', '-C', 'library', 'libmbedcrypto.a'])
+
+    psa_arch_tests_dir = 'psa-arch-tests'
+    os.makedirs(psa_arch_tests_dir, exist_ok=True)
+    try:
+        os.chdir(psa_arch_tests_dir)
+
+        # Reuse existing local clone
+        subprocess.check_call(['git', 'init'])
+        subprocess.check_call(['git', 'fetch', PSA_ARCH_TESTS_REPO, PSA_ARCH_TESTS_REF])
+        subprocess.check_call(['git', 'checkout', 'FETCH_HEAD'])
+
+        build_dir = 'api-tests/build'
+        try:
+            shutil.rmtree(build_dir)
+        except FileNotFoundError:
+            pass
+        os.mkdir(build_dir)
+        os.chdir(build_dir)
+
+        #pylint: disable=bad-continuation
+        subprocess.check_call([
+            'cmake', '..',
+                     '-GUnix Makefiles',
+                     '-DTARGET=tgt_dev_apis_stdc',
+                     '-DTOOLCHAIN=HOST_GCC',
+                     '-DSUITE=CRYPTO',
+                     '-DMISSING_CRYPTO_1_0=1',
+                     '-DPSA_CRYPTO_LIB_FILENAME={}/library/libmbedcrypto.a'.format(mbedtls_dir),
+                     '-DPSA_INCLUDE_PATHS={}/include'.format(mbedtls_dir)
+        ])
+        subprocess.check_call(['cmake', '--build', '.'])
+
+        proc = subprocess.Popen(['./psa-arch-tests-crypto'],
+                                bufsize=1, stdout=subprocess.PIPE, universal_newlines=True)
+
+        test_re = re.compile(
+            '^TEST: (?P<test_num>[0-9]*)|'
+            '^TEST RESULT: (?P<test_result>FAILED|PASSED)'
+        )
+        test = -1
+        unexpected_successes = set(EXPECTED_FAILURES)
+        expected_failures = []
+        unexpected_failures = []
+        for line in proc.stdout:
+            print(line, end='')
+            match = test_re.match(line)
+            if match is not None:
+                groupdict = match.groupdict()
+                test_num = groupdict['test_num']
+                if test_num is not None:
+                    test = int(test_num)
+                elif groupdict['test_result'] == 'FAILED':
+                    try:
+                        unexpected_successes.remove(test)
+                        expected_failures.append(test)
+                        print('Expected failure, ignoring')
+                    except KeyError:
+                        unexpected_failures.append(test)
+                        print('ERROR: Unexpected failure')
+                elif test in unexpected_successes:
+                    print('ERROR: Unexpected success')
+        proc.wait()
+
+        print()
+        print('***** test_psa_compliance.py report ******')
+        print()
+        print('Expected failures:', ', '.join(str(i) for i in expected_failures))
+        print('Unexpected failures:', ', '.join(str(i) for i in unexpected_failures))
+        print('Unexpected successes:', ', '.join(str(i) for i in sorted(unexpected_successes)))
+        print()
+        if unexpected_successes or unexpected_failures:
+            if unexpected_successes:
+                print('Unexpected successes encountered.')
+                print('Please remove the corresponding tests from '
+                      'EXPECTED_FAILURES in tests/scripts/compliance_test.py')
+                print()
+            print('FAILED')
+            return 1
+        else:
+            print('SUCCESS')
+            return 0
+    finally:
+        os.chdir(mbedtls_dir)
+
+if __name__ == '__main__':
+    sys.exit(main())
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/test_psa_constant_names.py b/3rdparty/mbedtls-2.28.7/tests/scripts/test_psa_constant_names.py
new file mode 100644
index 0000000..6883e27
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/test_psa_constant_names.py
@@ -0,0 +1,191 @@
+#!/usr/bin/env python3
+"""Test the program psa_constant_names.
+Gather constant names from header files and test cases. Compile a C program
+to print out their numerical values, feed these numerical values to
+psa_constant_names, and check that the output is the original name.
+Return 0 if all test cases pass, 1 if the output was not always as expected,
+or 1 (with a Python backtrace) if there was an operational error.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+import argparse
+from collections import namedtuple
+import os
+import re
+import subprocess
+import sys
+from typing import Iterable, List, Optional, Tuple
+
+import scripts_path # pylint: disable=unused-import
+from mbedtls_dev import c_build_helper
+from mbedtls_dev.macro_collector import InputsForTest, PSAMacroEnumerator
+from mbedtls_dev import typing_util
+
+def gather_inputs(headers: Iterable[str],
+                  test_suites: Iterable[str],
+                  inputs_class=InputsForTest) -> PSAMacroEnumerator:
+    """Read the list of inputs to test psa_constant_names with."""
+    inputs = inputs_class()
+    for header in headers:
+        inputs.parse_header(header)
+    for test_cases in test_suites:
+        inputs.parse_test_cases(test_cases)
+    inputs.add_numerical_values()
+    inputs.gather_arguments()
+    return inputs
+
+def run_c(type_word: str,
+          expressions: Iterable[str],
+          include_path: Optional[str] = None,
+          keep_c: bool = False) -> List[str]:
+    """Generate and run a program to print out numerical values of C expressions."""
+    if type_word == 'status':
+        cast_to = 'long'
+        printf_format = '%ld'
+    else:
+        cast_to = 'unsigned long'
+        printf_format = '0x%08lx'
+    return c_build_helper.get_c_expression_values(
+        cast_to, printf_format,
+        expressions,
+        caller='test_psa_constant_names.py for {} values'.format(type_word),
+        file_label=type_word,
+        header='#include <psa/crypto.h>',
+        include_path=include_path,
+        keep_c=keep_c
+    )
+
+NORMALIZE_STRIP_RE = re.compile(r'\s+')
+def normalize(expr: str) -> str:
+    """Normalize the C expression so as not to care about trivial differences.
+
+    Currently "trivial differences" means whitespace.
+    """
+    return re.sub(NORMALIZE_STRIP_RE, '', expr)
+
+ALG_TRUNCATED_TO_SELF_RE = \
+    re.compile(r'PSA_ALG_AEAD_WITH_SHORTENED_TAG\('
+               r'PSA_ALG_(?:CCM|CHACHA20_POLY1305|GCM)'
+               r', *16\)\Z')
+
+def is_simplifiable(expr: str) -> bool:
+    """Determine whether an expression is simplifiable.
+
+    Simplifiable expressions can't be output in their input form, since
+    the output will be the simple form. Therefore they must be excluded
+    from testing.
+    """
+    if ALG_TRUNCATED_TO_SELF_RE.match(expr):
+        return True
+    return False
+
+def collect_values(inputs: InputsForTest,
+                   type_word: str,
+                   include_path: Optional[str] = None,
+                   keep_c: bool = False) -> Tuple[List[str], List[str]]:
+    """Generate expressions using known macro names and calculate their values.
+
+    Return a list of pairs of (expr, value) where expr is an expression and
+    value is a string representation of its integer value.
+    """
+    names = inputs.get_names(type_word)
+    expressions = sorted(expr
+                         for expr in inputs.generate_expressions(names)
+                         if not is_simplifiable(expr))
+    values = run_c(type_word, expressions,
+                   include_path=include_path, keep_c=keep_c)
+    return expressions, values
+
+class Tests:
+    """An object representing tests and their results."""
+
+    Error = namedtuple('Error',
+                       ['type', 'expression', 'value', 'output'])
+
+    def __init__(self, options) -> None:
+        self.options = options
+        self.count = 0
+        self.errors = [] #type: List[Tests.Error]
+
+    def run_one(self, inputs: InputsForTest, type_word: str) -> None:
+        """Test psa_constant_names for the specified type.
+
+        Run the program on the names for this type.
+        Use the inputs to figure out what arguments to pass to macros that
+        take arguments.
+        """
+        expressions, values = collect_values(inputs, type_word,
+                                             include_path=self.options.include,
+                                             keep_c=self.options.keep_c)
+        output_bytes = subprocess.check_output([self.options.program,
+                                                type_word] + values)
+        output = output_bytes.decode('ascii')
+        outputs = output.strip().split('\n')
+        self.count += len(expressions)
+        for expr, value, output in zip(expressions, values, outputs):
+            if self.options.show:
+                sys.stdout.write('{} {}\t{}\n'.format(type_word, value, output))
+            if normalize(expr) != normalize(output):
+                self.errors.append(self.Error(type=type_word,
+                                              expression=expr,
+                                              value=value,
+                                              output=output))
+
+    def run_all(self, inputs: InputsForTest) -> None:
+        """Run psa_constant_names on all the gathered inputs."""
+        for type_word in ['status', 'algorithm', 'ecc_curve', 'dh_group',
+                          'key_type', 'key_usage']:
+            self.run_one(inputs, type_word)
+
+    def report(self, out: typing_util.Writable) -> None:
+        """Describe each case where the output is not as expected.
+
+        Write the errors to ``out``.
+        Also write a total.
+        """
+        for error in self.errors:
+            out.write('For {} "{}", got "{}" (value: {})\n'
+                      .format(error.type, error.expression,
+                              error.output, error.value))
+        out.write('{} test cases'.format(self.count))
+        if self.errors:
+            out.write(', {} FAIL\n'.format(len(self.errors)))
+        else:
+            out.write(' PASS\n')
+
+HEADERS = ['psa/crypto.h', 'psa/crypto_extra.h', 'psa/crypto_values.h']
+TEST_SUITES = ['tests/suites/test_suite_psa_crypto_metadata.data']
+
+def main():
+    parser = argparse.ArgumentParser(description=globals()['__doc__'])
+    parser.add_argument('--include', '-I',
+                        action='append', default=['include'],
+                        help='Directory for header files')
+    parser.add_argument('--keep-c',
+                        action='store_true', dest='keep_c', default=False,
+                        help='Keep the intermediate C file')
+    parser.add_argument('--no-keep-c',
+                        action='store_false', dest='keep_c',
+                        help='Don\'t keep the intermediate C file (default)')
+    parser.add_argument('--program',
+                        default='programs/psa/psa_constant_names',
+                        help='Program to test')
+    parser.add_argument('--show',
+                        action='store_true',
+                        help='Show tested values on stdout')
+    parser.add_argument('--no-show',
+                        action='store_false', dest='show',
+                        help='Don\'t show tested values (default)')
+    options = parser.parse_args()
+    headers = [os.path.join(options.include[0], h) for h in HEADERS]
+    inputs = gather_inputs(headers, TEST_SUITES)
+    tests = Tests(options)
+    tests.run_all(inputs)
+    tests.report(sys.stdout)
+    if tests.errors:
+        sys.exit(1)
+
+if __name__ == '__main__':
+    main()
diff --git a/3rdparty/mbedtls-2.25.0/tests/scripts/test_zeroize.gdb b/3rdparty/mbedtls-2.28.7/tests/scripts/test_zeroize.gdb
similarity index 79%
rename from 3rdparty/mbedtls-2.25.0/tests/scripts/test_zeroize.gdb
rename to 3rdparty/mbedtls-2.28.7/tests/scripts/test_zeroize.gdb
index 66c6304..57f771f 100644
--- a/3rdparty/mbedtls-2.25.0/tests/scripts/test_zeroize.gdb
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/test_zeroize.gdb
@@ -1,19 +1,7 @@
 # test_zeroize.gdb
 #
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 #
 # Purpose
 #
diff --git a/3rdparty/mbedtls-2.28.7/tests/scripts/travis-log-failure.sh b/3rdparty/mbedtls-2.28.7/tests/scripts/travis-log-failure.sh
new file mode 100644
index 0000000..3daecf3
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/scripts/travis-log-failure.sh
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+# travis-log-failure.sh
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+#
+# Purpose
+#
+# List the server and client logs on failed ssl-opt.sh and compat.sh tests.
+# This script is used to make the logs show up in the Travis test results.
+#
+# Some of the logs can be very long: this means usually a couple of megabytes
+# but it can be much more. For example, the client log of test 273 in ssl-opt.sh
+# is more than 630 Megabytes long.
+
+if [ -d include/mbedtls ]; then :; else
+    echo "$0: must be run from root" >&2
+    exit 1
+fi
+
+FILES="o-srv-*.log o-cli-*.log c-srv-*.log c-cli-*.log o-pxy-*.log"
+MAX_LOG_SIZE=1048576
+
+for PATTERN in $FILES; do
+    for LOG in $( ls tests/$PATTERN 2>/dev/null ); do
+        echo
+        echo "****** BEGIN file: $LOG ******"
+        echo
+        tail -c $MAX_LOG_SIZE $LOG
+        echo "****** END file: $LOG ******"
+        echo
+        rm $LOG
+    done
+done
diff --git a/3rdparty/mbedtls-2.28.7/tests/src/asn1_helpers.c b/3rdparty/mbedtls-2.28.7/tests/src/asn1_helpers.c
new file mode 100644
index 0000000..c8df199
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/src/asn1_helpers.c
@@ -0,0 +1,62 @@
+/** \file asn1_helpers.c
+ *
+ * \brief Helper functions for tests that manipulate ASN.1 data.
+ */
+
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/helpers.h>
+#include <test/macros.h>
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+
+#include <mbedtls/asn1.h>
+
+int mbedtls_test_asn1_skip_integer(unsigned char **p, const unsigned char *end,
+                                   size_t min_bits, size_t max_bits,
+                                   int must_be_odd)
+{
+    size_t len;
+    size_t actual_bits;
+    unsigned char msb;
+    TEST_EQUAL(mbedtls_asn1_get_tag(p, end, &len,
+                                    MBEDTLS_ASN1_INTEGER),
+               0);
+
+    /* Check if the retrieved length doesn't extend the actual buffer's size.
+     * It is assumed here, that end >= p, which validates casting to size_t. */
+    TEST_ASSERT(len <= (size_t) (end - *p));
+
+    /* Tolerate a slight departure from DER encoding:
+     * - 0 may be represented by an empty string or a 1-byte string.
+     * - The sign bit may be used as a value bit. */
+    if ((len == 1 && (*p)[0] == 0) ||
+        (len > 1 && (*p)[0] == 0 && ((*p)[1] & 0x80) != 0)) {
+        ++(*p);
+        --len;
+    }
+    if (min_bits == 0 && len == 0) {
+        return 1;
+    }
+    msb = (*p)[0];
+    TEST_ASSERT(msb != 0);
+    actual_bits = 8 * (len - 1);
+    while (msb != 0) {
+        msb >>= 1;
+        ++actual_bits;
+    }
+    TEST_ASSERT(actual_bits >= min_bits);
+    TEST_ASSERT(actual_bits <= max_bits);
+    if (must_be_odd) {
+        TEST_ASSERT(((*p)[len-1] & 1) != 0);
+    }
+    *p += len;
+    return 1;
+exit:
+    return 0;
+}
+
+#endif /* MBEDTLS_ASN1_PARSE_C */
diff --git a/3rdparty/mbedtls-2.28.7/tests/src/drivers/hash.c b/3rdparty/mbedtls-2.28.7/tests/src/drivers/hash.c
new file mode 100644
index 0000000..e03e7f0
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/src/drivers/hash.c
@@ -0,0 +1,203 @@
+/*
+ * Test driver for hash entry points.
+ */
+/*  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa_crypto_hash.h"
+
+#include "test/drivers/hash.h"
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/library/psa_crypto_hash.h"
+#endif
+
+mbedtls_test_driver_hash_hooks_t
+    mbedtls_test_driver_hash_hooks = MBEDTLS_TEST_DRIVER_HASH_INIT;
+
+psa_status_t mbedtls_test_transparent_hash_compute(
+    psa_algorithm_t alg,
+    const uint8_t *input, size_t input_length,
+    uint8_t *hash, size_t hash_size, size_t *hash_length)
+{
+    mbedtls_test_driver_hash_hooks.hits++;
+
+    if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_hash_hooks.driver_status =
+            mbedtls_test_driver_hash_hooks.forced_status;
+    } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
+        mbedtls_test_driver_hash_hooks.driver_status =
+            libtestdriver1_mbedtls_psa_hash_compute(
+                alg, input, input_length,
+                hash, hash_size, hash_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+        mbedtls_test_driver_hash_hooks.driver_status =
+            mbedtls_psa_hash_compute(
+                alg, input, input_length,
+                hash, hash_size, hash_length);
+#else
+        (void) alg;
+        (void) input;
+        (void) input_length;
+        (void) hash;
+        (void) hash_size;
+        (void) hash_length;
+        mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+    }
+
+    return mbedtls_test_driver_hash_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_hash_setup(
+    mbedtls_transparent_test_driver_hash_operation_t *operation,
+    psa_algorithm_t alg)
+{
+    mbedtls_test_driver_hash_hooks.hits++;
+
+    if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_hash_hooks.driver_status =
+            mbedtls_test_driver_hash_hooks.forced_status;
+    } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
+        mbedtls_test_driver_hash_hooks.driver_status =
+            libtestdriver1_mbedtls_psa_hash_setup(operation, alg);
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+        mbedtls_test_driver_hash_hooks.driver_status =
+            mbedtls_psa_hash_setup(operation, alg);
+#else
+        (void) operation;
+        (void) alg;
+        mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+    }
+
+    return mbedtls_test_driver_hash_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_hash_clone(
+    const mbedtls_transparent_test_driver_hash_operation_t *source_operation,
+    mbedtls_transparent_test_driver_hash_operation_t *target_operation)
+{
+    mbedtls_test_driver_hash_hooks.hits++;
+
+    if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_hash_hooks.driver_status =
+            mbedtls_test_driver_hash_hooks.forced_status;
+    } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
+        mbedtls_test_driver_hash_hooks.driver_status =
+            libtestdriver1_mbedtls_psa_hash_clone(source_operation,
+                                                  target_operation);
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+        mbedtls_test_driver_hash_hooks.driver_status =
+            mbedtls_psa_hash_clone(source_operation, target_operation);
+#else
+        (void) source_operation;
+        (void) target_operation;
+        mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+    }
+
+    return mbedtls_test_driver_hash_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_hash_update(
+    mbedtls_transparent_test_driver_hash_operation_t *operation,
+    const uint8_t *input,
+    size_t input_length)
+{
+    mbedtls_test_driver_hash_hooks.hits++;
+
+    if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_hash_hooks.driver_status =
+            mbedtls_test_driver_hash_hooks.forced_status;
+    } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
+        mbedtls_test_driver_hash_hooks.driver_status =
+            libtestdriver1_mbedtls_psa_hash_update(
+                operation, input, input_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+        mbedtls_test_driver_hash_hooks.driver_status =
+            mbedtls_psa_hash_update(operation, input, input_length);
+#else
+        (void) operation;
+        (void) input;
+        (void) input_length;
+        mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+    }
+
+    return mbedtls_test_driver_hash_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_hash_finish(
+    mbedtls_transparent_test_driver_hash_operation_t *operation,
+    uint8_t *hash,
+    size_t hash_size,
+    size_t *hash_length)
+{
+    mbedtls_test_driver_hash_hooks.hits++;
+
+    if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_hash_hooks.driver_status =
+            mbedtls_test_driver_hash_hooks.forced_status;
+    } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
+        mbedtls_test_driver_hash_hooks.driver_status =
+            libtestdriver1_mbedtls_psa_hash_finish(
+                operation, hash, hash_size, hash_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+        mbedtls_test_driver_hash_hooks.driver_status =
+            mbedtls_psa_hash_finish(operation, hash, hash_size, hash_length);
+#else
+        (void) operation;
+        (void) hash;
+        (void) hash_size;
+        (void) hash_length;
+        mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+    }
+
+    return mbedtls_test_driver_hash_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_hash_abort(
+    mbedtls_transparent_test_driver_hash_operation_t *operation)
+{
+    mbedtls_test_driver_hash_hooks.hits++;
+
+    if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_hash_hooks.driver_status =
+            mbedtls_test_driver_hash_hooks.forced_status;
+    } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
+        mbedtls_test_driver_hash_hooks.driver_status =
+            libtestdriver1_mbedtls_psa_hash_abort(operation);
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+        mbedtls_test_driver_hash_hooks.driver_status =
+            mbedtls_psa_hash_abort(operation);
+#else
+        (void) operation;
+        mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+    }
+
+    return mbedtls_test_driver_hash_hooks.driver_status;
+}
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/3rdparty/mbedtls-2.28.7/tests/src/drivers/platform_builtin_keys.c b/3rdparty/mbedtls-2.28.7/tests/src/drivers/platform_builtin_keys.c
new file mode 100644
index 0000000..bf399be
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/src/drivers/platform_builtin_keys.c
@@ -0,0 +1,76 @@
+/** \file platform_builtin_keys.c
+ *
+ * \brief Test driver implementation of the builtin key support
+ */
+
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <psa/crypto.h>
+#include <psa/crypto_extra.h>
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include <test/drivers/test_driver.h>
+#endif
+
+typedef struct {
+    psa_key_id_t builtin_key_id;
+    psa_key_lifetime_t lifetime;
+    psa_drv_slot_number_t slot_number;
+} mbedtls_psa_builtin_key_description_t;
+
+static const mbedtls_psa_builtin_key_description_t builtin_keys[] = {
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+    /* For testing, assign the AES builtin key slot to the boundary values.
+     * ECDSA can be exercised on key ID MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1. */
+    { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN - 1,
+      PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+          PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION),
+      PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT },
+    { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN,
+      PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+          PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION),
+      PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT },
+    { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1,
+      PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+          PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION),
+      PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT },
+    { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX - 1,
+      PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+          PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION),
+      PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT },
+    { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX,
+      PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+          PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION),
+      PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT },
+    { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1,
+      PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+          PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION),
+      PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT },
+#else
+    { 0, 0, 0 }
+#endif
+};
+
+psa_status_t mbedtls_psa_platform_get_builtin_key(
+    mbedtls_svc_key_id_t key_id,
+    psa_key_lifetime_t *lifetime,
+    psa_drv_slot_number_t *slot_number)
+{
+    psa_key_id_t app_key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key_id);
+    const mbedtls_psa_builtin_key_description_t *builtin_key;
+
+    for (size_t i = 0;
+         i < (sizeof(builtin_keys) / sizeof(builtin_keys[0])); i++) {
+        builtin_key = &builtin_keys[i];
+        if (builtin_key->builtin_key_id == app_key_id) {
+            *lifetime = builtin_key->lifetime;
+            *slot_number = builtin_key->slot_number;
+            return PSA_SUCCESS;
+        }
+    }
+
+    return PSA_ERROR_DOES_NOT_EXIST;
+}
diff --git a/3rdparty/mbedtls-2.28.7/tests/src/drivers/test_driver_aead.c b/3rdparty/mbedtls-2.28.7/tests/src/drivers/test_driver_aead.c
new file mode 100644
index 0000000..7135fb6
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/src/drivers/test_driver_aead.c
@@ -0,0 +1,136 @@
+/*
+ * Test driver for AEAD entry points.
+ */
+/*  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa_crypto_aead.h"
+
+#include "test/drivers/aead.h"
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/library/psa_crypto_aead.h"
+#endif
+
+mbedtls_test_driver_aead_hooks_t
+    mbedtls_test_driver_aead_hooks = MBEDTLS_TEST_DRIVER_AEAD_INIT;
+
+psa_status_t mbedtls_test_transparent_aead_encrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *nonce, size_t nonce_length,
+    const uint8_t *additional_data, size_t additional_data_length,
+    const uint8_t *plaintext, size_t plaintext_length,
+    uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length)
+{
+    mbedtls_test_driver_aead_hooks.hits++;
+
+    if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_aead_hooks.driver_status =
+            mbedtls_test_driver_aead_hooks.forced_status;
+    } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+        mbedtls_test_driver_aead_hooks.driver_status =
+            libtestdriver1_mbedtls_psa_aead_encrypt(
+                (const libtestdriver1_psa_key_attributes_t *) attributes,
+                key_buffer, key_buffer_size,
+                alg,
+                nonce, nonce_length,
+                additional_data, additional_data_length,
+                plaintext, plaintext_length,
+                ciphertext, ciphertext_size, ciphertext_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
+        mbedtls_test_driver_aead_hooks.driver_status =
+            mbedtls_psa_aead_encrypt(
+                attributes, key_buffer, key_buffer_size,
+                alg,
+                nonce, nonce_length,
+                additional_data, additional_data_length,
+                plaintext, plaintext_length,
+                ciphertext, ciphertext_size, ciphertext_length);
+#else
+        (void) attributes;
+        (void) key_buffer;
+        (void) key_buffer_size;
+        (void) alg;
+        (void) nonce;
+        (void) nonce_length;
+        (void) additional_data;
+        (void) additional_data_length;
+        (void) plaintext;
+        (void) plaintext_length;
+        (void) ciphertext;
+        (void) ciphertext_size;
+        (void) ciphertext_length;
+        mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+    }
+    return mbedtls_test_driver_aead_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_aead_decrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *nonce, size_t nonce_length,
+    const uint8_t *additional_data, size_t additional_data_length,
+    const uint8_t *ciphertext, size_t ciphertext_length,
+    uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length)
+{
+    mbedtls_test_driver_aead_hooks.hits++;
+
+    if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_aead_hooks.driver_status =
+            mbedtls_test_driver_aead_hooks.forced_status;
+    } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+        mbedtls_test_driver_aead_hooks.driver_status =
+            libtestdriver1_mbedtls_psa_aead_decrypt(
+                (const libtestdriver1_psa_key_attributes_t *) attributes,
+                key_buffer, key_buffer_size,
+                alg,
+                nonce, nonce_length,
+                additional_data, additional_data_length,
+                ciphertext, ciphertext_length,
+                plaintext, plaintext_size, plaintext_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
+        mbedtls_test_driver_aead_hooks.driver_status =
+            mbedtls_psa_aead_decrypt(
+                attributes, key_buffer, key_buffer_size,
+                alg,
+                nonce, nonce_length,
+                additional_data, additional_data_length,
+                ciphertext, ciphertext_length,
+                plaintext, plaintext_size, plaintext_length);
+#else
+        (void) attributes;
+        (void) key_buffer;
+        (void) key_buffer_size;
+        (void) alg;
+        (void) nonce;
+        (void) nonce_length;
+        (void) additional_data;
+        (void) additional_data_length;
+        (void) ciphertext;
+        (void) ciphertext_length;
+        (void) plaintext;
+        (void) plaintext_size;
+        (void) plaintext_length;
+        mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+    }
+    return mbedtls_test_driver_aead_hooks.driver_status;
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/3rdparty/mbedtls-2.28.7/tests/src/drivers/test_driver_cipher.c b/3rdparty/mbedtls-2.28.7/tests/src/drivers/test_driver_cipher.c
new file mode 100644
index 0000000..ead5490
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/src/drivers/test_driver_cipher.c
@@ -0,0 +1,432 @@
+/*
+ * Test driver for cipher functions.
+ * Currently only supports multi-part operations using AES-CTR.
+ */
+/*  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa/crypto.h"
+#include "psa_crypto_cipher.h"
+#include "psa_crypto_core.h"
+#include "mbedtls/cipher.h"
+
+#include "test/drivers/cipher.h"
+
+#include "test/random.h"
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/library/psa_crypto_cipher.h"
+#endif
+
+#include <string.h>
+
+mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks =
+    MBEDTLS_TEST_DRIVER_CIPHER_INIT;
+
+psa_status_t mbedtls_test_transparent_cipher_encrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *iv,
+    size_t iv_length,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *output,
+    size_t output_size,
+    size_t *output_length)
+{
+    mbedtls_test_driver_cipher_hooks.hits++;
+
+    if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) {
+        if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) {
+            return PSA_ERROR_BUFFER_TOO_SMALL;
+        }
+
+        memcpy(output,
+               mbedtls_test_driver_cipher_hooks.forced_output,
+               mbedtls_test_driver_cipher_hooks.forced_output_length);
+        *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length;
+
+        return mbedtls_test_driver_cipher_hooks.forced_status;
+    }
+
+    if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) {
+        return mbedtls_test_driver_cipher_hooks.forced_status;
+    }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+    defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+    return libtestdriver1_mbedtls_psa_cipher_encrypt(
+        (const libtestdriver1_psa_key_attributes_t *) attributes,
+        key_buffer, key_buffer_size,
+        alg, iv, iv_length, input, input_length,
+        output, output_size, output_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+    return mbedtls_psa_cipher_encrypt(
+        attributes, key_buffer, key_buffer_size,
+        alg, iv, iv_length, input, input_length,
+        output, output_size, output_length);
+#endif
+
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_cipher_decrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *output,
+    size_t output_size,
+    size_t *output_length)
+{
+    mbedtls_test_driver_cipher_hooks.hits++;
+
+    if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) {
+        if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) {
+            return PSA_ERROR_BUFFER_TOO_SMALL;
+        }
+
+        memcpy(output,
+               mbedtls_test_driver_cipher_hooks.forced_output,
+               mbedtls_test_driver_cipher_hooks.forced_output_length);
+        *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length;
+
+        return mbedtls_test_driver_cipher_hooks.forced_status;
+    }
+
+    if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) {
+        return mbedtls_test_driver_cipher_hooks.forced_status;
+    }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+    defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+    return libtestdriver1_mbedtls_psa_cipher_decrypt(
+        (const libtestdriver1_psa_key_attributes_t *) attributes,
+        key_buffer, key_buffer_size,
+        alg, input, input_length,
+        output, output_size, output_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+    return mbedtls_psa_cipher_decrypt(
+        attributes, key_buffer, key_buffer_size,
+        alg, input, input_length,
+        output, output_size, output_length);
+#endif
+
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_cipher_encrypt_setup(
+    mbedtls_transparent_test_driver_cipher_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    psa_algorithm_t alg)
+{
+    mbedtls_test_driver_cipher_hooks.hits++;
+
+    /* Wiping the entire struct here, instead of member-by-member. This is
+     * useful for the test suite, since it gives a chance of catching memory
+     * corruption errors should the core not have allocated (enough) memory for
+     * our context struct. */
+    memset(operation, 0, sizeof(*operation));
+
+    if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) {
+        return mbedtls_test_driver_cipher_hooks.forced_status;
+    }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+    defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+    return libtestdriver1_mbedtls_psa_cipher_encrypt_setup(
+        operation,
+        (const libtestdriver1_psa_key_attributes_t *) attributes,
+        key, key_length, alg);
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+    return mbedtls_psa_cipher_encrypt_setup(
+        operation, attributes, key, key_length, alg);
+#endif
+
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_cipher_decrypt_setup(
+    mbedtls_transparent_test_driver_cipher_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    psa_algorithm_t alg)
+{
+    mbedtls_test_driver_cipher_hooks.hits++;
+
+    if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) {
+        return mbedtls_test_driver_cipher_hooks.forced_status;
+    }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+    defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+    return libtestdriver1_mbedtls_psa_cipher_decrypt_setup(
+        operation,
+        (const libtestdriver1_psa_key_attributes_t *) attributes,
+        key, key_length, alg);
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+    return mbedtls_psa_cipher_decrypt_setup(
+        operation, attributes, key, key_length, alg);
+#endif
+
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_cipher_abort(
+    mbedtls_transparent_test_driver_cipher_operation_t *operation)
+{
+    mbedtls_test_driver_cipher_hooks.hits++;
+
+    if (operation->alg == 0) {
+        return PSA_SUCCESS;
+    }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+    defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+    libtestdriver1_mbedtls_psa_cipher_abort(operation);
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+    mbedtls_psa_cipher_abort(operation);
+#endif
+
+    /* Wiping the entire struct here, instead of member-by-member. This is
+     * useful for the test suite, since it gives a chance of catching memory
+     * corruption errors should the core not have allocated (enough) memory for
+     * our context struct. */
+    memset(operation, 0, sizeof(*operation));
+
+    return mbedtls_test_driver_cipher_hooks.forced_status;
+}
+
+psa_status_t mbedtls_test_transparent_cipher_set_iv(
+    mbedtls_transparent_test_driver_cipher_operation_t *operation,
+    const uint8_t *iv,
+    size_t iv_length)
+{
+    mbedtls_test_driver_cipher_hooks.hits++;
+
+    if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) {
+        return mbedtls_test_driver_cipher_hooks.forced_status;
+    }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+    defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+    return libtestdriver1_mbedtls_psa_cipher_set_iv(
+        operation, iv, iv_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+    return mbedtls_psa_cipher_set_iv(operation, iv, iv_length);
+#endif
+
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_cipher_update(
+    mbedtls_transparent_test_driver_cipher_operation_t *operation,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *output,
+    size_t output_size,
+    size_t *output_length)
+{
+    mbedtls_test_driver_cipher_hooks.hits++;
+
+    if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) {
+        if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) {
+            return PSA_ERROR_BUFFER_TOO_SMALL;
+        }
+
+        memcpy(output,
+               mbedtls_test_driver_cipher_hooks.forced_output,
+               mbedtls_test_driver_cipher_hooks.forced_output_length);
+        *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length;
+
+        return mbedtls_test_driver_cipher_hooks.forced_status;
+    }
+
+    if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) {
+        return mbedtls_test_driver_cipher_hooks.forced_status;
+    }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+    defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+    return libtestdriver1_mbedtls_psa_cipher_update(
+        operation, input, input_length,
+        output, output_size, output_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+    return mbedtls_psa_cipher_update(
+        operation, input, input_length,
+        output, output_size, output_length);
+#endif
+
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_cipher_finish(
+    mbedtls_transparent_test_driver_cipher_operation_t *operation,
+    uint8_t *output,
+    size_t output_size,
+    size_t *output_length)
+{
+    mbedtls_test_driver_cipher_hooks.hits++;
+
+    if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) {
+        if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) {
+            return PSA_ERROR_BUFFER_TOO_SMALL;
+        }
+
+        memcpy(output,
+               mbedtls_test_driver_cipher_hooks.forced_output,
+               mbedtls_test_driver_cipher_hooks.forced_output_length);
+        *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length;
+
+        return mbedtls_test_driver_cipher_hooks.forced_status;
+    }
+
+    if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) {
+        return mbedtls_test_driver_cipher_hooks.forced_status;
+    }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+    defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+    return libtestdriver1_mbedtls_psa_cipher_finish(
+        operation, output, output_size, output_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+    return mbedtls_psa_cipher_finish(
+        operation, output, output_size, output_length);
+#endif
+
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+/*
+ * opaque versions, to do
+ */
+psa_status_t mbedtls_test_opaque_cipher_encrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    psa_algorithm_t alg,
+    const uint8_t *iv, size_t iv_length,
+    const uint8_t *input, size_t input_length,
+    uint8_t *output, size_t output_size, size_t *output_length)
+{
+    (void) attributes;
+    (void) key;
+    (void) key_length;
+    (void) alg;
+    (void) iv;
+    (void) iv_length;
+    (void) input;
+    (void) input_length;
+    (void) output;
+    (void) output_size;
+    (void) output_length;
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_opaque_cipher_decrypt(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    psa_algorithm_t alg,
+    const uint8_t *input, size_t input_length,
+    uint8_t *output, size_t output_size, size_t *output_length)
+{
+    (void) attributes;
+    (void) key;
+    (void) key_length;
+    (void) alg;
+    (void) input;
+    (void) input_length;
+    (void) output;
+    (void) output_size;
+    (void) output_length;
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_opaque_cipher_encrypt_setup(
+    mbedtls_opaque_test_driver_cipher_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    psa_algorithm_t alg)
+{
+    (void) operation;
+    (void) attributes;
+    (void) key;
+    (void) key_length;
+    (void) alg;
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_opaque_cipher_decrypt_setup(
+    mbedtls_opaque_test_driver_cipher_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    psa_algorithm_t alg)
+{
+    (void) operation;
+    (void) attributes;
+    (void) key;
+    (void) key_length;
+    (void) alg;
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_opaque_cipher_abort(
+    mbedtls_opaque_test_driver_cipher_operation_t *operation)
+{
+    (void) operation;
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_opaque_cipher_set_iv(
+    mbedtls_opaque_test_driver_cipher_operation_t *operation,
+    const uint8_t *iv,
+    size_t iv_length)
+{
+    (void) operation;
+    (void) iv;
+    (void) iv_length;
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_opaque_cipher_update(
+    mbedtls_opaque_test_driver_cipher_operation_t *operation,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *output,
+    size_t output_size,
+    size_t *output_length)
+{
+    (void) operation;
+    (void) input;
+    (void) input_length;
+    (void) output;
+    (void) output_size;
+    (void) output_length;
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_opaque_cipher_finish(
+    mbedtls_opaque_test_driver_cipher_operation_t *operation,
+    uint8_t *output,
+    size_t output_size,
+    size_t *output_length)
+{
+    (void) operation;
+    (void) output;
+    (void) output_size;
+    (void) output_length;
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/3rdparty/mbedtls-2.28.7/tests/src/drivers/test_driver_key_management.c b/3rdparty/mbedtls-2.28.7/tests/src/drivers/test_driver_key_management.c
new file mode 100644
index 0000000..4d06d23
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/src/drivers/test_driver_key_management.c
@@ -0,0 +1,453 @@
+/*
+ * Test driver for generating and verifying keys.
+ * Currently only supports generating and verifying ECC keys.
+ */
+/*  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa/crypto.h"
+#include "psa_crypto_core.h"
+#include "psa_crypto_ecp.h"
+#include "psa_crypto_rsa.h"
+#include "mbedtls/ecp.h"
+#include "mbedtls/error.h"
+
+#include "test/drivers/key_management.h"
+#include "test/drivers/test_driver.h"
+
+#include "test/random.h"
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/library/psa_crypto_ecp.h"
+#include "libtestdriver1/library/psa_crypto_rsa.h"
+#endif
+
+#include <string.h>
+
+mbedtls_test_driver_key_management_hooks_t
+    mbedtls_test_driver_key_management_hooks = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT;
+
+const uint8_t mbedtls_test_driver_aes_key[16] =
+{ 0x36, 0x77, 0x39, 0x7A, 0x24, 0x43, 0x26, 0x46,
+  0x29, 0x4A, 0x40, 0x4E, 0x63, 0x52, 0x66, 0x55 };
+const uint8_t mbedtls_test_driver_ecdsa_key[32] =
+{ 0xdc, 0x7d, 0x9d, 0x26, 0xd6, 0x7a, 0x4f, 0x63,
+  0x2c, 0x34, 0xc2, 0xdc, 0x0b, 0x69, 0x86, 0x18,
+  0x38, 0x82, 0xc2, 0x06, 0xdf, 0x04, 0xcd, 0xb7,
+  0xd6, 0x9a, 0xab, 0xe2, 0x8b, 0xe4, 0xf8, 0x1a };
+const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] =
+{ 0x04,
+  0x85, 0xf6, 0x4d, 0x89, 0xf0, 0x0b, 0xe6, 0x6c,
+  0x88, 0xdd, 0x93, 0x7e, 0xfd, 0x6d, 0x7c, 0x44,
+  0x56, 0x48, 0xdc, 0xb7, 0x01, 0x15, 0x0b, 0x8a,
+  0x95, 0x09, 0x29, 0x58, 0x50, 0xf4, 0x1c, 0x19,
+  0x31, 0xe5, 0x71, 0xfb, 0x8f, 0x8c, 0x78, 0x31,
+  0x7a, 0x20, 0xb3, 0x80, 0xe8, 0x66, 0x58, 0x4b,
+  0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79,
+  0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c };
+
+psa_status_t mbedtls_test_transparent_init(void)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+    status = libtestdriver1_psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+#endif
+
+    (void) status;
+    return PSA_SUCCESS;
+}
+
+void mbedtls_test_transparent_free(void)
+{
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+    libtestdriver1_mbedtls_psa_crypto_free();
+#endif
+
+    return;
+}
+
+psa_status_t mbedtls_test_opaque_init(void)
+{
+    return PSA_SUCCESS;
+}
+
+void mbedtls_test_opaque_free(void)
+{
+    return;
+}
+
+psa_status_t mbedtls_test_transparent_generate_key(
+    const psa_key_attributes_t *attributes,
+    uint8_t *key, size_t key_size, size_t *key_length)
+{
+    ++mbedtls_test_driver_key_management_hooks.hits;
+
+    if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) {
+        return mbedtls_test_driver_key_management_hooks.forced_status;
+    }
+
+    if (mbedtls_test_driver_key_management_hooks.forced_output != NULL) {
+        if (mbedtls_test_driver_key_management_hooks.forced_output_length >
+            key_size) {
+            return PSA_ERROR_BUFFER_TOO_SMALL;
+        }
+        memcpy(key, mbedtls_test_driver_key_management_hooks.forced_output,
+               mbedtls_test_driver_key_management_hooks.forced_output_length);
+        *key_length = mbedtls_test_driver_key_management_hooks.forced_output_length;
+        return PSA_SUCCESS;
+    }
+
+    if (PSA_KEY_TYPE_IS_ECC(psa_get_key_type(attributes))
+        && PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
+        return libtestdriver1_mbedtls_psa_ecp_generate_key(
+            (const libtestdriver1_psa_key_attributes_t *) attributes,
+            key, key_size, key_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
+        return mbedtls_psa_ecp_generate_key(
+            attributes, key, key_size, key_length);
+#endif
+    } else if (psa_get_key_type(attributes) == PSA_KEY_TYPE_RSA_KEY_PAIR) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
+        return libtestdriver1_mbedtls_psa_rsa_generate_key(
+            (const libtestdriver1_psa_key_attributes_t *) attributes,
+            key, key_size, key_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
+        return mbedtls_psa_rsa_generate_key(
+            attributes, key, key_size, key_length);
+#endif
+    }
+
+    (void) attributes;
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_opaque_generate_key(
+    const psa_key_attributes_t *attributes,
+    uint8_t *key, size_t key_size, size_t *key_length)
+{
+    (void) attributes;
+    (void) key;
+    (void) key_size;
+    (void) key_length;
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_import_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *data,
+    size_t data_length,
+    uint8_t *key_buffer,
+    size_t key_buffer_size,
+    size_t *key_buffer_length,
+    size_t *bits)
+{
+    psa_key_type_t type = psa_get_key_type(attributes);
+
+    ++mbedtls_test_driver_key_management_hooks.hits;
+    mbedtls_test_driver_key_management_hooks.location = PSA_KEY_LOCATION_LOCAL_STORAGE;
+
+    if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) {
+        return mbedtls_test_driver_key_management_hooks.forced_status;
+    }
+
+    if (PSA_KEY_TYPE_IS_ECC(type)) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY))
+        return libtestdriver1_mbedtls_psa_ecp_import_key(
+            (const libtestdriver1_psa_key_attributes_t *) attributes,
+            data, data_length,
+            key_buffer, key_buffer_size,
+            key_buffer_length, bits);
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+        defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
+        return mbedtls_psa_ecp_import_key(
+            attributes,
+            data, data_length,
+            key_buffer, key_buffer_size,
+            key_buffer_length, bits);
+#endif
+    } else if (PSA_KEY_TYPE_IS_RSA(type)) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY))
+        return libtestdriver1_mbedtls_psa_rsa_import_key(
+            (const libtestdriver1_psa_key_attributes_t *) attributes,
+            data, data_length,
+            key_buffer, key_buffer_size,
+            key_buffer_length, bits);
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+        defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+        return mbedtls_psa_rsa_import_key(
+            attributes,
+            data, data_length,
+            key_buffer, key_buffer_size,
+            key_buffer_length, bits);
+#endif
+    }
+
+    (void) data;
+    (void) data_length;
+    (void) key_buffer;
+    (void) key_buffer_size;
+    (void) key_buffer_length;
+    (void) bits;
+    (void) type;
+
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_opaque_export_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    uint8_t *data, size_t data_size, size_t *data_length)
+{
+    /* Assume this is a builtin key based on the key material length. */
+    psa_drv_slot_number_t slot_number = *((psa_drv_slot_number_t *) key);
+
+    if (key_length != sizeof(psa_drv_slot_number_t)) {
+        /* Test driver does not support generic opaque key handling yet. */
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    switch (slot_number) {
+        case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
+            /* This is the ECDSA slot. Verify the key's attributes before
+             * returning the private key. */
+            if (psa_get_key_type(attributes) !=
+                PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) {
+                return PSA_ERROR_CORRUPTION_DETECTED;
+            }
+            if (psa_get_key_bits(attributes) != 256) {
+                return PSA_ERROR_CORRUPTION_DETECTED;
+            }
+            if (psa_get_key_algorithm(attributes) !=
+                PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)) {
+                return PSA_ERROR_CORRUPTION_DETECTED;
+            }
+            if ((psa_get_key_usage_flags(attributes) &
+                 PSA_KEY_USAGE_EXPORT) == 0) {
+                return PSA_ERROR_CORRUPTION_DETECTED;
+            }
+
+            if (data_size < sizeof(mbedtls_test_driver_ecdsa_key)) {
+                return PSA_ERROR_BUFFER_TOO_SMALL;
+            }
+
+            memcpy(data, mbedtls_test_driver_ecdsa_key,
+                   sizeof(mbedtls_test_driver_ecdsa_key));
+            *data_length = sizeof(mbedtls_test_driver_ecdsa_key);
+            return PSA_SUCCESS;
+
+        case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT:
+            /* This is the AES slot. Verify the key's attributes before
+             * returning the key. */
+            if (psa_get_key_type(attributes) != PSA_KEY_TYPE_AES) {
+                return PSA_ERROR_CORRUPTION_DETECTED;
+            }
+            if (psa_get_key_bits(attributes) != 128) {
+                return PSA_ERROR_CORRUPTION_DETECTED;
+            }
+            if (psa_get_key_algorithm(attributes) != PSA_ALG_CTR) {
+                return PSA_ERROR_CORRUPTION_DETECTED;
+            }
+            if ((psa_get_key_usage_flags(attributes) &
+                 PSA_KEY_USAGE_EXPORT) == 0) {
+                return PSA_ERROR_CORRUPTION_DETECTED;
+            }
+
+            if (data_size < sizeof(mbedtls_test_driver_aes_key)) {
+                return PSA_ERROR_BUFFER_TOO_SMALL;
+            }
+
+            memcpy(data, mbedtls_test_driver_aes_key,
+                   sizeof(mbedtls_test_driver_aes_key));
+            *data_length = sizeof(mbedtls_test_driver_aes_key);
+            return PSA_SUCCESS;
+
+        default:
+            return PSA_ERROR_DOES_NOT_EXIST;
+    }
+}
+
+psa_status_t mbedtls_test_transparent_export_public_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    uint8_t *data, size_t data_size, size_t *data_length)
+{
+    ++mbedtls_test_driver_key_management_hooks.hits;
+
+    if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) {
+        return mbedtls_test_driver_key_management_hooks.forced_status;
+    }
+
+    if (mbedtls_test_driver_key_management_hooks.forced_output != NULL) {
+        if (mbedtls_test_driver_key_management_hooks.forced_output_length >
+            data_size) {
+            return PSA_ERROR_BUFFER_TOO_SMALL;
+        }
+        memcpy(data, mbedtls_test_driver_key_management_hooks.forced_output,
+               mbedtls_test_driver_key_management_hooks.forced_output_length);
+        *data_length = mbedtls_test_driver_key_management_hooks.forced_output_length;
+        return PSA_SUCCESS;
+    }
+
+    psa_key_type_t key_type = psa_get_key_type(attributes);
+
+    if (PSA_KEY_TYPE_IS_ECC(key_type)) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY))
+        return libtestdriver1_mbedtls_psa_ecp_export_public_key(
+            (const libtestdriver1_psa_key_attributes_t *) attributes,
+            key_buffer, key_buffer_size,
+            data, data_size, data_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+        defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
+        return mbedtls_psa_ecp_export_public_key(
+            attributes,
+            key_buffer, key_buffer_size,
+            data, data_size, data_length);
+#endif
+    } else if (PSA_KEY_TYPE_IS_RSA(key_type)) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY))
+        return libtestdriver1_mbedtls_psa_rsa_export_public_key(
+            (const libtestdriver1_psa_key_attributes_t *) attributes,
+            key_buffer, key_buffer_size,
+            data, data_size, data_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+        defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+        return mbedtls_psa_rsa_export_public_key(
+            attributes,
+            key_buffer, key_buffer_size,
+            data, data_size, data_length);
+#endif
+    }
+
+    (void) key_buffer;
+    (void) key_buffer_size;
+    (void) key_type;
+
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_opaque_export_public_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    uint8_t *data, size_t data_size, size_t *data_length)
+{
+    if (key_length != sizeof(psa_drv_slot_number_t)) {
+        /* Test driver does not support generic opaque key handling yet. */
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    /* Assume this is a builtin key based on the key material length. */
+    psa_drv_slot_number_t slot_number = *((psa_drv_slot_number_t *) key);
+    switch (slot_number) {
+        case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
+            /* This is the ECDSA slot. Verify the key's attributes before
+             * returning the public key. */
+            if (psa_get_key_type(attributes) !=
+                PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) {
+                return PSA_ERROR_CORRUPTION_DETECTED;
+            }
+            if (psa_get_key_bits(attributes) != 256) {
+                return PSA_ERROR_CORRUPTION_DETECTED;
+            }
+            if (psa_get_key_algorithm(attributes) !=
+                PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)) {
+                return PSA_ERROR_CORRUPTION_DETECTED;
+            }
+
+            if (data_size < sizeof(mbedtls_test_driver_ecdsa_pubkey)) {
+                return PSA_ERROR_BUFFER_TOO_SMALL;
+            }
+
+            memcpy(data, mbedtls_test_driver_ecdsa_pubkey,
+                   sizeof(mbedtls_test_driver_ecdsa_pubkey));
+            *data_length = sizeof(mbedtls_test_driver_ecdsa_pubkey);
+            return PSA_SUCCESS;
+
+        default:
+            return PSA_ERROR_DOES_NOT_EXIST;
+    }
+}
+
+/* The opaque test driver exposes two built-in keys when builtin key support is
+ * compiled in.
+ * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT is an AES-128
+ * key which allows CTR mode.
+ * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT is a secp256r1
+ * private key which allows ECDSA sign & verify.
+ * The key buffer format for these is the raw format of psa_drv_slot_number_t
+ * (i.e. for an actual driver this would mean 'builtin_key_size' =
+ * sizeof(psa_drv_slot_number_t)).
+ */
+psa_status_t mbedtls_test_opaque_get_builtin_key(
+    psa_drv_slot_number_t slot_number,
+    psa_key_attributes_t *attributes,
+    uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
+{
+    switch (slot_number) {
+        case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT:
+            psa_set_key_type(attributes, PSA_KEY_TYPE_AES);
+            psa_set_key_bits(attributes, 128);
+            psa_set_key_usage_flags(
+                attributes,
+                PSA_KEY_USAGE_ENCRYPT |
+                PSA_KEY_USAGE_DECRYPT |
+                PSA_KEY_USAGE_EXPORT);
+            psa_set_key_algorithm(attributes, PSA_ALG_CTR);
+
+            if (key_buffer_size < sizeof(psa_drv_slot_number_t)) {
+                return PSA_ERROR_BUFFER_TOO_SMALL;
+            }
+
+            *((psa_drv_slot_number_t *) key_buffer) =
+                PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT;
+            *key_buffer_length = sizeof(psa_drv_slot_number_t);
+            return PSA_SUCCESS;
+        case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
+            psa_set_key_type(
+                attributes,
+                PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1));
+            psa_set_key_bits(attributes, 256);
+            psa_set_key_usage_flags(
+                attributes,
+                PSA_KEY_USAGE_SIGN_HASH |
+                PSA_KEY_USAGE_VERIFY_HASH |
+                PSA_KEY_USAGE_EXPORT);
+            psa_set_key_algorithm(
+                attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH));
+
+            if (key_buffer_size < sizeof(psa_drv_slot_number_t)) {
+                return PSA_ERROR_BUFFER_TOO_SMALL;
+            }
+
+            *((psa_drv_slot_number_t *) key_buffer) =
+                PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT;
+            *key_buffer_length = sizeof(psa_drv_slot_number_t);
+            return PSA_SUCCESS;
+        default:
+            return PSA_ERROR_DOES_NOT_EXIST;
+    }
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/3rdparty/mbedtls-2.28.7/tests/src/drivers/test_driver_mac.c b/3rdparty/mbedtls-2.28.7/tests/src/drivers/test_driver_mac.c
new file mode 100644
index 0000000..8e3185d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/src/drivers/test_driver_mac.c
@@ -0,0 +1,426 @@
+/*
+ * Test driver for MAC entry points.
+ */
+/*  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa_crypto_mac.h"
+
+#include "test/drivers/mac.h"
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/library/psa_crypto_mac.h"
+#endif
+
+mbedtls_test_driver_mac_hooks_t mbedtls_test_driver_mac_hooks =
+    MBEDTLS_TEST_DRIVER_MAC_INIT;
+
+psa_status_t mbedtls_test_transparent_mac_compute(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *mac,
+    size_t mac_size,
+    size_t *mac_length)
+{
+    mbedtls_test_driver_mac_hooks.hits++;
+
+    if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_test_driver_mac_hooks.forced_status;
+    } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
+        mbedtls_test_driver_mac_hooks.driver_status =
+            libtestdriver1_mbedtls_psa_mac_compute(
+                (const libtestdriver1_psa_key_attributes_t *) attributes,
+                key_buffer, key_buffer_size, alg,
+                input, input_length,
+                mac, mac_size, mac_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_psa_mac_compute(
+                attributes, key_buffer, key_buffer_size, alg,
+                input, input_length,
+                mac, mac_size, mac_length);
+#else
+        (void) attributes;
+        (void) key_buffer;
+        (void) key_buffer_size;
+        (void) alg;
+        (void) input;
+        (void) input_length;
+        (void) mac;
+        (void) mac_size;
+        (void) mac_length;
+        mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+    }
+
+    return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_mac_sign_setup(
+    mbedtls_transparent_test_driver_mac_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg)
+{
+    mbedtls_test_driver_mac_hooks.hits++;
+
+    if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_test_driver_mac_hooks.forced_status;
+    } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
+        mbedtls_test_driver_mac_hooks.driver_status =
+            libtestdriver1_mbedtls_psa_mac_sign_setup(
+                operation,
+                (const libtestdriver1_psa_key_attributes_t *) attributes,
+                key_buffer, key_buffer_size, alg);
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_psa_mac_sign_setup(
+                operation, attributes, key_buffer, key_buffer_size, alg);
+#else
+        (void) operation;
+        (void) attributes;
+        (void) key_buffer;
+        (void) key_buffer_size;
+        (void) alg;
+        mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+    }
+
+    return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_mac_verify_setup(
+    mbedtls_transparent_test_driver_mac_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg)
+{
+    mbedtls_test_driver_mac_hooks.hits++;
+
+    if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_test_driver_mac_hooks.forced_status;
+    } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
+        mbedtls_test_driver_mac_hooks.driver_status =
+            libtestdriver1_mbedtls_psa_mac_verify_setup(
+                operation,
+                (const libtestdriver1_psa_key_attributes_t *) attributes,
+                key_buffer, key_buffer_size, alg);
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_psa_mac_verify_setup(
+                operation, attributes, key_buffer, key_buffer_size, alg);
+#else
+        (void) operation;
+        (void) attributes;
+        (void) key_buffer;
+        (void) key_buffer_size;
+        (void) alg;
+        mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+    }
+
+    return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_mac_update(
+    mbedtls_transparent_test_driver_mac_operation_t *operation,
+    const uint8_t *input,
+    size_t input_length)
+{
+    mbedtls_test_driver_mac_hooks.hits++;
+
+    if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_test_driver_mac_hooks.forced_status;
+    } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
+        mbedtls_test_driver_mac_hooks.driver_status =
+            libtestdriver1_mbedtls_psa_mac_update(
+                operation, input, input_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_psa_mac_update(
+                operation, input, input_length);
+#else
+        (void) operation;
+        (void) input;
+        (void) input_length;
+        mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+    }
+
+    return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_mac_sign_finish(
+    mbedtls_transparent_test_driver_mac_operation_t *operation,
+    uint8_t *mac,
+    size_t mac_size,
+    size_t *mac_length)
+{
+    mbedtls_test_driver_mac_hooks.hits++;
+
+    if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_test_driver_mac_hooks.forced_status;
+    } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
+        mbedtls_test_driver_mac_hooks.driver_status =
+            libtestdriver1_mbedtls_psa_mac_sign_finish(
+                operation, mac, mac_size, mac_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_psa_mac_sign_finish(
+                operation, mac, mac_size, mac_length);
+#else
+        (void) operation;
+        (void) mac;
+        (void) mac_size;
+        (void) mac_length;
+        mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+    }
+
+    return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_mac_verify_finish(
+    mbedtls_transparent_test_driver_mac_operation_t *operation,
+    const uint8_t *mac,
+    size_t mac_length)
+{
+    mbedtls_test_driver_mac_hooks.hits++;
+
+    if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_test_driver_mac_hooks.forced_status;
+    } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
+        mbedtls_test_driver_mac_hooks.driver_status =
+            libtestdriver1_mbedtls_psa_mac_verify_finish(
+                operation, mac, mac_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_psa_mac_verify_finish(
+                operation, mac, mac_length);
+#else
+        (void) operation;
+        (void) mac;
+        (void) mac_length;
+        mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+    }
+
+    return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_transparent_mac_abort(
+    mbedtls_transparent_test_driver_mac_operation_t *operation)
+{
+    mbedtls_test_driver_mac_hooks.hits++;
+
+    if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_test_driver_mac_hooks.forced_status;
+    } else {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+        defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
+        mbedtls_test_driver_mac_hooks.driver_status =
+            libtestdriver1_mbedtls_psa_mac_abort(operation);
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_psa_mac_abort(operation);
+#else
+        (void) operation;
+        mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+    }
+
+    return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_opaque_mac_compute(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *mac,
+    size_t mac_size,
+    size_t *mac_length)
+{
+    mbedtls_test_driver_mac_hooks.hits++;
+
+    if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_test_driver_mac_hooks.forced_status;
+    } else {
+        (void) attributes;
+        (void) key_buffer;
+        (void) key_buffer_size;
+        (void) alg;
+        (void) input;
+        (void) input_length;
+        (void) mac;
+        (void) mac_size;
+        (void) mac_length;
+        mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_opaque_mac_sign_setup(
+    mbedtls_opaque_test_driver_mac_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg)
+{
+    mbedtls_test_driver_mac_hooks.hits++;
+
+    if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_test_driver_mac_hooks.forced_status;
+    } else {
+        (void) operation;
+        (void) attributes;
+        (void) key_buffer;
+        (void) key_buffer_size;
+        (void) alg;
+        mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_opaque_mac_verify_setup(
+    mbedtls_opaque_test_driver_mac_operation_t *operation,
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg)
+{
+    mbedtls_test_driver_mac_hooks.hits++;
+
+    if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_test_driver_mac_hooks.forced_status;
+    } else {
+        (void) operation;
+        (void) attributes;
+        (void) key_buffer;
+        (void) key_buffer_size;
+        (void) alg;
+        mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_opaque_mac_update(
+    mbedtls_opaque_test_driver_mac_operation_t *operation,
+    const uint8_t *input,
+    size_t input_length)
+{
+    mbedtls_test_driver_mac_hooks.hits++;
+
+    if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_test_driver_mac_hooks.forced_status;
+    } else {
+        (void) operation;
+        (void) input;
+        (void) input_length;
+        mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_opaque_mac_sign_finish(
+    mbedtls_opaque_test_driver_mac_operation_t *operation,
+    uint8_t *mac,
+    size_t mac_size,
+    size_t *mac_length)
+{
+    mbedtls_test_driver_mac_hooks.hits++;
+
+    if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_test_driver_mac_hooks.forced_status;
+    } else {
+        (void) operation;
+        (void) mac;
+        (void) mac_size;
+        (void) mac_length;
+        mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_opaque_mac_verify_finish(
+    mbedtls_opaque_test_driver_mac_operation_t *operation,
+    const uint8_t *mac,
+    size_t mac_length)
+{
+    mbedtls_test_driver_mac_hooks.hits++;
+
+    if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_test_driver_mac_hooks.forced_status;
+    } else {
+        (void) operation;
+        (void) mac;
+        (void) mac_length;
+        mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+psa_status_t mbedtls_test_opaque_mac_abort(
+    mbedtls_opaque_test_driver_mac_operation_t *operation)
+{
+    mbedtls_test_driver_mac_hooks.hits++;
+
+    if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) {
+        mbedtls_test_driver_mac_hooks.driver_status =
+            mbedtls_test_driver_mac_hooks.forced_status;
+    } else {
+        (void) operation;
+        mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    return mbedtls_test_driver_mac_hooks.driver_status;
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/3rdparty/mbedtls-2.28.7/tests/src/drivers/test_driver_signature.c b/3rdparty/mbedtls-2.28.7/tests/src/drivers/test_driver_signature.c
new file mode 100644
index 0000000..f563564
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/src/drivers/test_driver_signature.c
@@ -0,0 +1,409 @@
+/*
+ * Test driver for signature functions.
+ * Currently supports signing and verifying precalculated hashes, using
+ * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1.
+ */
+/*  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa/crypto.h"
+#include "psa_crypto_core.h"
+#include "psa_crypto_ecp.h"
+#include "psa_crypto_hash.h"
+#include "psa_crypto_rsa.h"
+#include "mbedtls/ecp.h"
+
+#include "test/drivers/hash.h"
+#include "test/drivers/signature.h"
+#include "test/drivers/hash.h"
+
+#include "mbedtls/md.h"
+#include "mbedtls/ecdsa.h"
+
+#include "test/random.h"
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/library/psa_crypto_ecp.h"
+#include "libtestdriver1/library/psa_crypto_hash.h"
+#include "libtestdriver1/library/psa_crypto_rsa.h"
+#endif
+
+#include <string.h>
+
+mbedtls_test_driver_signature_hooks_t
+    mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
+mbedtls_test_driver_signature_hooks_t
+    mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT;
+
+psa_status_t sign_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *hash,
+    size_t hash_length,
+    uint8_t *signature,
+    size_t signature_size,
+    size_t *signature_length)
+{
+    if (attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR) {
+        if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) ||
+            PSA_ALG_IS_RSA_PSS(alg)) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+            (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+            defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS))
+            return libtestdriver1_mbedtls_psa_rsa_sign_hash(
+                (const libtestdriver1_psa_key_attributes_t *) attributes,
+                key_buffer, key_buffer_size,
+                alg, hash, hash_length,
+                signature, signature_size, signature_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+            defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
+            return mbedtls_psa_rsa_sign_hash(
+                attributes,
+                key_buffer, key_buffer_size,
+                alg, hash, hash_length,
+                signature, signature_size, signature_length);
+#endif
+        } else {
+            return PSA_ERROR_INVALID_ARGUMENT;
+        }
+    } else if (PSA_KEY_TYPE_IS_ECC(attributes->core.type)) {
+        if (PSA_ALG_IS_ECDSA(alg)) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+            (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+            defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA))
+            return libtestdriver1_mbedtls_psa_ecdsa_sign_hash(
+                (const libtestdriver1_psa_key_attributes_t *) attributes,
+                key_buffer, key_buffer_size,
+                alg, hash, hash_length,
+                signature, signature_size, signature_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+            defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
+            return mbedtls_psa_ecdsa_sign_hash(
+                attributes,
+                key_buffer, key_buffer_size,
+                alg, hash, hash_length,
+                signature, signature_size, signature_length);
+#endif
+        } else {
+            return PSA_ERROR_INVALID_ARGUMENT;
+        }
+    }
+
+    (void) attributes;
+    (void) key_buffer;
+    (void) key_buffer_size;
+    (void) alg;
+    (void) hash;
+    (void) hash_length;
+    (void) signature;
+    (void) signature_size;
+    (void) signature_length;
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t verify_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *hash,
+    size_t hash_length,
+    const uint8_t *signature,
+    size_t signature_length)
+{
+    if (PSA_KEY_TYPE_IS_RSA(attributes->core.type)) {
+        if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) ||
+            PSA_ALG_IS_RSA_PSS(alg)) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+            (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+            defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS))
+            return libtestdriver1_mbedtls_psa_rsa_verify_hash(
+                (const libtestdriver1_psa_key_attributes_t *) attributes,
+                key_buffer, key_buffer_size,
+                alg, hash, hash_length,
+                signature, signature_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+            defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
+            return mbedtls_psa_rsa_verify_hash(
+                attributes,
+                key_buffer, key_buffer_size,
+                alg, hash, hash_length,
+                signature, signature_length);
+#endif
+        } else {
+            return PSA_ERROR_INVALID_ARGUMENT;
+        }
+    } else if (PSA_KEY_TYPE_IS_ECC(attributes->core.type)) {
+        if (PSA_ALG_IS_ECDSA(alg)) {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+            (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+            defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA))
+            return libtestdriver1_mbedtls_psa_ecdsa_verify_hash(
+                (const libtestdriver1_psa_key_attributes_t *) attributes,
+                key_buffer, key_buffer_size,
+                alg, hash, hash_length,
+                signature, signature_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+            defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
+            return mbedtls_psa_ecdsa_verify_hash(
+                attributes,
+                key_buffer, key_buffer_size,
+                alg, hash, hash_length,
+                signature, signature_length);
+#endif
+        } else {
+            return PSA_ERROR_INVALID_ARGUMENT;
+        }
+    }
+
+    (void) attributes;
+    (void) key_buffer;
+    (void) key_buffer_size;
+    (void) alg;
+    (void) hash;
+    (void) hash_length;
+    (void) signature;
+    (void) signature_length;
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_signature_sign_message(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *signature,
+    size_t signature_size,
+    size_t *signature_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    size_t hash_length;
+    uint8_t hash[PSA_HASH_MAX_SIZE];
+
+    ++mbedtls_test_driver_signature_sign_hooks.hits;
+
+    if (mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS) {
+        return mbedtls_test_driver_signature_sign_hooks.forced_status;
+    }
+
+    if (mbedtls_test_driver_signature_sign_hooks.forced_output != NULL) {
+        if (mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size) {
+            return PSA_ERROR_BUFFER_TOO_SMALL;
+        }
+
+        memcpy(signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
+               mbedtls_test_driver_signature_sign_hooks.forced_output_length);
+        *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
+
+        return PSA_SUCCESS;
+    }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+    defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
+    status = libtestdriver1_mbedtls_psa_hash_compute(
+        PSA_ALG_SIGN_GET_HASH(alg), input, input_length,
+        hash, sizeof(hash), &hash_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+    status = mbedtls_psa_hash_compute(
+        PSA_ALG_SIGN_GET_HASH(alg), input, input_length,
+        hash, sizeof(hash), &hash_length);
+#else
+    (void) input;
+    (void) input_length;
+    status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    return sign_hash(attributes, key_buffer, key_buffer_size,
+                     alg, hash, hash_length,
+                     signature, signature_size, signature_length);
+}
+
+psa_status_t mbedtls_test_opaque_signature_sign_message(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key,
+    size_t key_length,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *signature,
+    size_t signature_size,
+    size_t *signature_length)
+{
+    (void) attributes;
+    (void) key;
+    (void) key_length;
+    (void) alg;
+    (void) input;
+    (void) input_length;
+    (void) signature;
+    (void) signature_size;
+    (void) signature_length;
+
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_signature_verify_message(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer,
+    size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    const uint8_t *signature,
+    size_t signature_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    size_t hash_length;
+    uint8_t hash[PSA_HASH_MAX_SIZE];
+
+    ++mbedtls_test_driver_signature_verify_hooks.hits;
+
+    if (mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS) {
+        return mbedtls_test_driver_signature_verify_hooks.forced_status;
+    }
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+    defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
+    status = libtestdriver1_mbedtls_psa_hash_compute(
+        PSA_ALG_SIGN_GET_HASH(alg), input, input_length,
+        hash, sizeof(hash), &hash_length);
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+    status = mbedtls_psa_hash_compute(
+        PSA_ALG_SIGN_GET_HASH(alg), input, input_length,
+        hash, sizeof(hash), &hash_length);
+#else
+    (void) input;
+    (void) input_length;
+    status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    return verify_hash(attributes, key_buffer, key_buffer_size,
+                       alg, hash, hash_length,
+                       signature, signature_length);
+}
+
+psa_status_t mbedtls_test_opaque_signature_verify_message(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key,
+    size_t key_length,
+    psa_algorithm_t alg,
+    const uint8_t *input,
+    size_t input_length,
+    const uint8_t *signature,
+    size_t signature_length)
+{
+    (void) attributes;
+    (void) key;
+    (void) key_length;
+    (void) alg;
+    (void) input;
+    (void) input_length;
+    (void) signature;
+    (void) signature_length;
+
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_signature_sign_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *hash, size_t hash_length,
+    uint8_t *signature, size_t signature_size, size_t *signature_length)
+{
+    ++mbedtls_test_driver_signature_sign_hooks.hits;
+
+    if (mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS) {
+        return mbedtls_test_driver_signature_sign_hooks.forced_status;
+    }
+
+    if (mbedtls_test_driver_signature_sign_hooks.forced_output != NULL) {
+        if (mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size) {
+            return PSA_ERROR_BUFFER_TOO_SMALL;
+        }
+        memcpy(signature, mbedtls_test_driver_signature_sign_hooks.forced_output,
+               mbedtls_test_driver_signature_sign_hooks.forced_output_length);
+        *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length;
+        return PSA_SUCCESS;
+    }
+
+    return sign_hash(attributes, key_buffer, key_buffer_size,
+                     alg, hash, hash_length,
+                     signature, signature_size, signature_length);
+}
+
+psa_status_t mbedtls_test_opaque_signature_sign_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    psa_algorithm_t alg,
+    const uint8_t *hash, size_t hash_length,
+    uint8_t *signature, size_t signature_size, size_t *signature_length)
+{
+    (void) attributes;
+    (void) key;
+    (void) key_length;
+    (void) alg;
+    (void) hash;
+    (void) hash_length;
+    (void) signature;
+    (void) signature_size;
+    (void) signature_length;
+
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t mbedtls_test_transparent_signature_verify_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key_buffer, size_t key_buffer_size,
+    psa_algorithm_t alg,
+    const uint8_t *hash, size_t hash_length,
+    const uint8_t *signature, size_t signature_length)
+{
+    ++mbedtls_test_driver_signature_verify_hooks.hits;
+
+    if (mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS) {
+        return mbedtls_test_driver_signature_verify_hooks.forced_status;
+    }
+
+    return verify_hash(attributes, key_buffer, key_buffer_size,
+                       alg, hash, hash_length,
+                       signature, signature_length);
+}
+
+psa_status_t mbedtls_test_opaque_signature_verify_hash(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *key, size_t key_length,
+    psa_algorithm_t alg,
+    const uint8_t *hash, size_t hash_length,
+    const uint8_t *signature, size_t signature_length)
+{
+    (void) attributes;
+    (void) key;
+    (void) key_length;
+    (void) alg;
+    (void) hash;
+    (void) hash_length;
+    (void) signature;
+    (void) signature_length;
+    return PSA_ERROR_NOT_SUPPORTED;
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/3rdparty/mbedtls-2.28.7/tests/src/drivers/test_driver_size.c b/3rdparty/mbedtls-2.28.7/tests/src/drivers/test_driver_size.c
new file mode 100644
index 0000000..1cdc9d7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/src/drivers/test_driver_size.c
@@ -0,0 +1,84 @@
+/*
+ * Test driver for retrieving key context size.
+ * Only used by opaque drivers.
+ */
+/*  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+
+#include "test/drivers/size.h"
+#include "psa/crypto.h"
+
+typedef struct {
+    unsigned int context;
+} test_driver_key_context_t;
+
+/*
+ * This macro returns the base size for the key context. It is the size of the
+ * driver specific information stored in each key context.
+ */
+#define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE sizeof(test_driver_key_context_t)
+
+/*
+ * Number of bytes included in every key context for a key pair.
+ *
+ * This pair size is for an ECC 256-bit private/public key pair.
+ * Based on this value, the size of the private key can be derived by
+ * subtracting the public key size below from this one.
+ */
+#define TEST_DRIVER_KEY_CONTEXT_KEY_PAIR_SIZE      65
+
+/*
+ * Number of bytes included in every key context for a public key.
+ *
+ * For ECC public keys, it needs 257 bits so 33 bytes.
+ */
+#define TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE    33
+
+/*
+ * Every key context for a symmetric key includes this many times the key size.
+ */
+#define TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR   0
+
+/*
+ * If this is true for a key pair, the key context includes space for the public key.
+ * If this is false, no additional space is added for the public key.
+ *
+ * For this instance, store the public key with the private one.
+ */
+#define TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY   1
+
+size_t mbedtls_test_size_function(
+    const psa_key_type_t key_type,
+    const size_t key_bits)
+{
+    size_t key_buffer_size = 0;
+
+    if (PSA_KEY_TYPE_IS_KEY_PAIR(key_type)) {
+        int public_key_overhead =
+            ((TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY == 1)
+              ? PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits) : 0);
+        key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE +
+                          TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE +
+                          public_key_overhead;
+    } else if (PSA_KEY_TYPE_IS_PUBLIC_KEY(key_type)) {
+        key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE +
+                          TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE;
+    } else if (!PSA_KEY_TYPE_IS_KEY_PAIR(key_type) &&
+               !PSA_KEY_TYPE_IS_PUBLIC_KEY(key_type)) {
+        key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE +
+                          (TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR *
+                           ((key_bits + 7) / 8));
+    }
+
+    return key_buffer_size;
+}
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/3rdparty/mbedtls-2.28.7/tests/src/external_timing/external_timing_for_test.c b/3rdparty/mbedtls-2.28.7/tests/src/external_timing/external_timing_for_test.c
new file mode 100644
index 0000000..4293dc8
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/src/external_timing/external_timing_for_test.c
@@ -0,0 +1,339 @@
+/** \file external_timing_for_test.c
+ *
+ * \brief Helper functions to test an alternate timing implementation.
+ */
+
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <timing_alt.h>
+#if defined(MBEDTLS_TIMING_ALT)
+
+#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \
+    !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \
+    !defined(__HAIKU__) && !defined(__midipix__)
+#error "This module only works on Unix and Windows, see MBEDTLS_TIMING_C in config.h"
+#endif
+
+/* *INDENT-OFF* */
+#ifndef asm
+#define asm __asm
+#endif
+/* *INDENT-ON* */
+
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+
+#include <windows.h>
+#include <process.h>
+
+struct _hr_time {
+    LARGE_INTEGER start;
+};
+
+#else
+
+#include <unistd.h>
+#include <sys/types.h>
+#include <signal.h>
+/* time.h should be included independently of MBEDTLS_HAVE_TIME. If the
+ * platform matches the ifdefs above, it will be used. */
+#include <time.h>
+#include <sys/time.h>
+struct _hr_time {
+    struct timeval start;
+};
+#endif /* _WIN32 && !EFIX64 && !EFI32 */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
+    (defined(_MSC_VER) && defined(_M_IX86)) || defined(__WATCOMC__)
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock(void)
+{
+    unsigned long tsc;
+    __asm   rdtsc
+    __asm   mov[tsc], eax
+    return tsc;
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          ( _MSC_VER && _M_IX86 ) || __WATCOMC__ */
+
+/* some versions of mingw-64 have 32-bit longs even on x84_64 */
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
+    defined(__GNUC__) && (defined(__i386__) || (                       \
+    (defined(__amd64__) || defined(__x86_64__)) && __SIZEOF_LONG__ == 4))
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock(void)
+{
+    unsigned long lo, hi;
+    asm volatile ("rdtsc" : "=a" (lo), "=d" (hi));
+    return lo;
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && __i386__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
+    defined(__GNUC__) && (defined(__amd64__) || defined(__x86_64__))
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock(void)
+{
+    unsigned long lo, hi;
+    asm volatile ("rdtsc" : "=a" (lo), "=d" (hi));
+    return lo | (hi << 32);
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && ( __amd64__ || __x86_64__ ) */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
+    defined(__GNUC__) && (defined(__powerpc__) || defined(__ppc__))
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock(void)
+{
+    unsigned long tbl, tbu0, tbu1;
+
+    do {
+        asm volatile ("mftbu %0" : "=r" (tbu0));
+        asm volatile ("mftb  %0" : "=r" (tbl));
+        asm volatile ("mftbu %0" : "=r" (tbu1));
+    } while (tbu0 != tbu1);
+
+    return tbl;
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && ( __powerpc__ || __ppc__ ) */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
+    defined(__GNUC__) && defined(__sparc64__)
+
+#if defined(__OpenBSD__)
+#warning OpenBSD does not allow access to tick register using software version instead
+#else
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock(void)
+{
+    unsigned long tick;
+    asm volatile ("rdpr %%tick, %0;" : "=&r" (tick));
+    return tick;
+}
+#endif /* __OpenBSD__ */
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && __sparc64__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
+    defined(__GNUC__) && defined(__sparc__) && !defined(__sparc64__)
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock(void)
+{
+    unsigned long tick;
+    asm volatile (".byte 0x83, 0x41, 0x00, 0x00");
+    asm volatile ("mov   %%g1, %0" : "=r" (tick));
+    return tick;
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && __sparc__ && !__sparc64__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&      \
+    defined(__GNUC__) && defined(__alpha__)
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock(void)
+{
+    unsigned long cc;
+    asm volatile ("rpcc %0" : "=r" (cc));
+    return cc & 0xFFFFFFFF;
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && __alpha__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&      \
+    defined(__GNUC__) && defined(__ia64__)
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock(void)
+{
+    unsigned long itc;
+    asm volatile ("mov %0 = ar.itc" : "=r" (itc));
+    return itc;
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && __ia64__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(_MSC_VER) && \
+    !defined(EFIX64) && !defined(EFI32)
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock(void)
+{
+    LARGE_INTEGER offset;
+
+    QueryPerformanceCounter(&offset);
+
+    return (unsigned long) (offset.QuadPart);
+}
+#endif /* !HAVE_HARDCLOCK && _MSC_VER && !EFIX64 && !EFI32 */
+
+#if !defined(HAVE_HARDCLOCK)
+
+#define HAVE_HARDCLOCK
+
+static int hardclock_init = 0;
+static struct timeval tv_init;
+
+unsigned long mbedtls_timing_hardclock(void)
+{
+    struct timeval tv_cur;
+
+    if (hardclock_init == 0) {
+        gettimeofday(&tv_init, NULL);
+        hardclock_init = 1;
+    }
+
+    gettimeofday(&tv_cur, NULL);
+    return (tv_cur.tv_sec  - tv_init.tv_sec) * 1000000U
+           + (tv_cur.tv_usec - tv_init.tv_usec);
+}
+#endif /* !HAVE_HARDCLOCK */
+
+volatile int mbedtls_timing_alarmed = 0;
+
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+
+unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset)
+{
+    struct _hr_time *t = (struct _hr_time *) val;
+
+    if (reset) {
+        QueryPerformanceCounter(&t->start);
+        return 0;
+    } else {
+        unsigned long delta;
+        LARGE_INTEGER now, hfreq;
+        QueryPerformanceCounter(&now);
+        QueryPerformanceFrequency(&hfreq);
+        delta = (unsigned long) ((now.QuadPart - t->start.QuadPart) * 1000ul
+                                 / hfreq.QuadPart);
+        return delta;
+    }
+}
+
+/* It's OK to use a global because alarm() is supposed to be global anyway */
+static DWORD alarmMs;
+
+static void TimerProc(void *TimerContext)
+{
+    (void) TimerContext;
+    Sleep(alarmMs);
+    mbedtls_timing_alarmed = 1;
+    /* _endthread will be called implicitly on return
+     * That ensures execution of thread function's epilogue */
+}
+
+void mbedtls_set_alarm(int seconds)
+{
+    if (seconds == 0) {
+        /* No need to create a thread for this simple case.
+         * Also, this shorcut is more reliable at least on MinGW32 */
+        mbedtls_timing_alarmed = 1;
+        return;
+    }
+
+    mbedtls_timing_alarmed = 0;
+    alarmMs = seconds * 1000;
+    (void) _beginthread(TimerProc, 0, NULL);
+}
+
+#else /* _WIN32 && !EFIX64 && !EFI32 */
+
+unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset)
+{
+    struct _hr_time *t = (struct _hr_time *) val;
+
+    if (reset) {
+        gettimeofday(&t->start, NULL);
+        return 0;
+    } else {
+        unsigned long delta;
+        struct timeval now;
+        gettimeofday(&now, NULL);
+        delta = (now.tv_sec  - t->start.tv_sec) * 1000ul
+                + (now.tv_usec - t->start.tv_usec) / 1000;
+        return delta;
+    }
+}
+
+static void sighandler(int signum)
+{
+    mbedtls_timing_alarmed = 1;
+    signal(signum, sighandler);
+}
+
+void mbedtls_set_alarm(int seconds)
+{
+    mbedtls_timing_alarmed = 0;
+    signal(SIGALRM, sighandler);
+    alarm(seconds);
+    if (seconds == 0) {
+        /* alarm(0) cancelled any previous pending alarm, but the
+           handler won't fire, so raise the flag straight away. */
+        mbedtls_timing_alarmed = 1;
+    }
+}
+
+#endif /* _WIN32 && !EFIX64 && !EFI32 */
+
+/*
+ * Set delays to watch
+ */
+void mbedtls_timing_set_delay(void *data, uint32_t int_ms, uint32_t fin_ms)
+{
+    mbedtls_timing_delay_context *ctx = (mbedtls_timing_delay_context *) data;
+
+    ctx->int_ms = int_ms;
+    ctx->fin_ms = fin_ms;
+
+    if (fin_ms != 0) {
+        (void) mbedtls_timing_get_timer(&ctx->timer, 1);
+    }
+}
+
+/*
+ * Get number of delays expired
+ */
+int mbedtls_timing_get_delay(void *data)
+{
+    mbedtls_timing_delay_context *ctx = (mbedtls_timing_delay_context *) data;
+    unsigned long elapsed_ms;
+
+    if (ctx->fin_ms == 0) {
+        return -1;
+    }
+
+    elapsed_ms = mbedtls_timing_get_timer(&ctx->timer, 0);
+
+    if (elapsed_ms >= ctx->fin_ms) {
+        return 2;
+    }
+
+    if (elapsed_ms >= ctx->int_ms) {
+        return 1;
+    }
+
+    return 0;
+}
+
+#endif /* MBEDTLS_TIMING_ALT */
diff --git a/3rdparty/mbedtls-2.28.7/tests/src/external_timing/timing_alt.h b/3rdparty/mbedtls-2.28.7/tests/src/external_timing/timing_alt.h
new file mode 100644
index 0000000..09e4966
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/src/external_timing/timing_alt.h
@@ -0,0 +1,118 @@
+/*
+ * Copy of the internal MbedTLS timing implementation, to be used in tests.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef EXTERNAL_TIMING_FOR_TEST_H
+#define EXTERNAL_TIMING_FOR_TEST_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stdint.h>
+
+/**
+ * \brief          timer structure
+ */
+struct mbedtls_timing_hr_time {
+    unsigned char opaque[32];
+};
+
+/**
+ * \brief          Context for mbedtls_timing_set/get_delay()
+ */
+typedef struct mbedtls_timing_delay_context {
+    struct mbedtls_timing_hr_time   timer;
+    uint32_t                        int_ms;
+    uint32_t                        fin_ms;
+} mbedtls_timing_delay_context;
+
+#else  /* MBEDTLS_TIMING_ALT */
+#include "timing_alt.h"
+#endif /* MBEDTLS_TIMING_ALT */
+
+extern volatile int mbedtls_timing_alarmed;
+
+/**
+ * \brief          Return the CPU cycle counter value
+ *
+ * \warning        This is only a best effort! Do not rely on this!
+ *                 In particular, it is known to be unreliable on virtual
+ *                 machines.
+ *
+ * \note           This value starts at an unspecified origin and
+ *                 may wrap around.
+ */
+unsigned long mbedtls_timing_hardclock(void);
+
+/**
+ * \brief          Return the elapsed time in milliseconds
+ *
+ * \param val      points to a timer structure
+ * \param reset    If 0, query the elapsed time. Otherwise (re)start the timer.
+ *
+ * \return         Elapsed time since the previous reset in ms. When
+ *                 restarting, this is always 0.
+ *
+ * \note           To initialize a timer, call this function with reset=1.
+ *
+ *                 Determining the elapsed time and resetting the timer is not
+ *                 atomic on all platforms, so after the sequence
+ *                 `{ get_timer(1); ...; time1 = get_timer(1); ...; time2 =
+ *                 get_timer(0) }` the value time1+time2 is only approximately
+ *                 the delay since the first reset.
+ */
+unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset);
+
+/**
+ * \brief          Setup an alarm clock
+ *
+ * \param seconds  delay before the "mbedtls_timing_alarmed" flag is set
+ *                 (must be >=0)
+ *
+ * \warning        Only one alarm at a time  is supported. In a threaded
+ *                 context, this means one for the whole process, not one per
+ *                 thread.
+ */
+void mbedtls_set_alarm(int seconds);
+
+/**
+ * \brief          Set a pair of delays to watch
+ *                 (See \c mbedtls_timing_get_delay().)
+ *
+ * \param data     Pointer to timing data.
+ *                 Must point to a valid \c mbedtls_timing_delay_context struct.
+ * \param int_ms   First (intermediate) delay in milliseconds.
+ *                 The effect if int_ms > fin_ms is unspecified.
+ * \param fin_ms   Second (final) delay in milliseconds.
+ *                 Pass 0 to cancel the current delay.
+ *
+ * \note           To set a single delay, either use \c mbedtls_timing_set_timer
+ *                 directly or use this function with int_ms == fin_ms.
+ */
+void mbedtls_timing_set_delay(void *data, uint32_t int_ms, uint32_t fin_ms);
+
+/**
+ * \brief          Get the status of delays
+ *                 (Memory helper: number of delays passed.)
+ *
+ * \param data     Pointer to timing data
+ *                 Must point to a valid \c mbedtls_timing_delay_context struct.
+ *
+ * \return         -1 if cancelled (fin_ms = 0),
+ *                  0 if none of the delays are passed,
+ *                  1 if only the intermediate delay is passed,
+ *                  2 if the final delay is passed.
+ */
+int mbedtls_timing_get_delay(void *data);
+
+#ifdef __cplusplus
+}
+
+#endif /* EXTERNAL_TIMING_FOR_TEST_H */
diff --git a/3rdparty/mbedtls-2.28.7/tests/src/fake_external_rng_for_test.c b/3rdparty/mbedtls-2.28.7/tests/src/fake_external_rng_for_test.c
new file mode 100644
index 0000000..c0bfde5
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/src/fake_external_rng_for_test.c
@@ -0,0 +1,45 @@
+/** \file fake_external_rng_for_test.c
+ *
+ * \brief Helper functions to test PSA crypto functionality.
+ */
+
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/fake_external_rng_for_test.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+#include <test/random.h>
+#include <psa/crypto.h>
+
+static int test_insecure_external_rng_enabled = 0;
+
+void mbedtls_test_enable_insecure_external_rng(void)
+{
+    test_insecure_external_rng_enabled = 1;
+}
+
+void mbedtls_test_disable_insecure_external_rng(void)
+{
+    test_insecure_external_rng_enabled = 0;
+}
+
+psa_status_t mbedtls_psa_external_get_random(
+    mbedtls_psa_external_random_context_t *context,
+    uint8_t *output, size_t output_size, size_t *output_length)
+{
+    (void) context;
+
+    if (!test_insecure_external_rng_enabled) {
+        return PSA_ERROR_INSUFFICIENT_ENTROPY;
+    }
+
+    /* This implementation is for test purposes only!
+     * Use the libc non-cryptographic random generator. */
+    mbedtls_test_rnd_std_rand(NULL, output, output_size);
+    *output_length = output_size;
+    return PSA_SUCCESS;
+}
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
diff --git a/3rdparty/mbedtls-2.28.7/tests/src/helpers.c b/3rdparty/mbedtls-2.28.7/tests/src/helpers.c
new file mode 100644
index 0000000..2df3ce5
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/src/helpers.c
@@ -0,0 +1,460 @@
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/constant_flow.h>
+#include <test/helpers.h>
+#include <test/macros.h>
+#include <string.h>
+
+#if defined(MBEDTLS_CHECK_PARAMS)
+#include <setjmp.h>
+#endif
+
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
+#include <psa/crypto.h>
+#include <test/psa_crypto_helpers.h>
+#endif
+
+/*----------------------------------------------------------------------------*/
+/* Static global variables */
+
+#if defined(MBEDTLS_CHECK_PARAMS)
+typedef struct {
+    uint8_t expected_call;
+    uint8_t expected_call_happened;
+
+    jmp_buf state;
+
+    mbedtls_test_param_failed_location_record_t location_record;
+}
+param_failed_ctx_t;
+static param_failed_ctx_t param_failed_ctx;
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+static mbedtls_platform_context platform_ctx;
+#endif
+
+mbedtls_test_info_t mbedtls_test_info;
+
+/*----------------------------------------------------------------------------*/
+/* Helper Functions */
+
+int mbedtls_test_platform_setup(void)
+{
+    int ret = 0;
+
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
+    /* Make sure that injected entropy is present. Otherwise
+     * psa_crypto_init() will fail. This is not necessary for test suites
+     * that don't use PSA, but it's harmless (except for leaving a file
+     * behind). */
+    ret = mbedtls_test_inject_entropy_restore();
+    if (ret != 0) {
+        return ret;
+    }
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+    ret = mbedtls_platform_setup(&platform_ctx);
+#endif /* MBEDTLS_PLATFORM_C */
+
+    return ret;
+}
+
+void mbedtls_test_platform_teardown(void)
+{
+#if defined(MBEDTLS_PLATFORM_C)
+    mbedtls_platform_teardown(&platform_ctx);
+#endif /* MBEDTLS_PLATFORM_C */
+}
+
+static int ascii2uc(const char c, unsigned char *uc)
+{
+    if ((c >= '0') && (c <= '9')) {
+        *uc = c - '0';
+    } else if ((c >= 'a') && (c <= 'f')) {
+        *uc = c - 'a' + 10;
+    } else if ((c >= 'A') && (c <= 'F')) {
+        *uc = c - 'A' + 10;
+    } else {
+        return -1;
+    }
+
+    return 0;
+}
+
+void mbedtls_test_fail(const char *test, int line_no, const char *filename)
+{
+    if (mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED) {
+        /* We've already recorded the test as having failed. Don't
+         * overwrite any previous information about the failure. */
+        return;
+    }
+    mbedtls_test_info.result = MBEDTLS_TEST_RESULT_FAILED;
+    mbedtls_test_info.test = test;
+    mbedtls_test_info.line_no = line_no;
+    mbedtls_test_info.filename = filename;
+}
+
+void mbedtls_test_skip(const char *test, int line_no, const char *filename)
+{
+    mbedtls_test_info.result = MBEDTLS_TEST_RESULT_SKIPPED;
+    mbedtls_test_info.test = test;
+    mbedtls_test_info.line_no = line_no;
+    mbedtls_test_info.filename = filename;
+}
+
+void mbedtls_test_set_step(unsigned long step)
+{
+    mbedtls_test_info.step = step;
+}
+
+#if defined(MBEDTLS_BIGNUM_C)
+unsigned mbedtls_test_case_uses_negative_0 = 0;
+#endif
+
+void mbedtls_test_info_reset(void)
+{
+    mbedtls_test_info.result = MBEDTLS_TEST_RESULT_SUCCESS;
+    mbedtls_test_info.step = (unsigned long) (-1);
+    mbedtls_test_info.test = 0;
+    mbedtls_test_info.line_no = 0;
+    mbedtls_test_info.filename = 0;
+    memset(mbedtls_test_info.line1, 0, sizeof(mbedtls_test_info.line1));
+    memset(mbedtls_test_info.line2, 0, sizeof(mbedtls_test_info.line2));
+#if defined(MBEDTLS_BIGNUM_C)
+    mbedtls_test_case_uses_negative_0 = 0;
+#endif
+}
+
+int mbedtls_test_equal(const char *test, int line_no, const char *filename,
+                       unsigned long long value1, unsigned long long value2)
+{
+    TEST_CF_PUBLIC(&value1, sizeof(value1));
+    TEST_CF_PUBLIC(&value2, sizeof(value2));
+
+    if (value1 == value2) {
+        return 1;
+    }
+
+    if (mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED) {
+        /* We've already recorded the test as having failed. Don't
+         * overwrite any previous information about the failure. */
+        return 0;
+    }
+    mbedtls_test_fail(test, line_no, filename);
+    (void) mbedtls_snprintf(mbedtls_test_info.line1,
+                            sizeof(mbedtls_test_info.line1),
+                            "lhs = 0x%016llx = %lld",
+                            value1, (long long) value1);
+    (void) mbedtls_snprintf(mbedtls_test_info.line2,
+                            sizeof(mbedtls_test_info.line2),
+                            "rhs = 0x%016llx = %lld",
+                            value2, (long long) value2);
+    return 0;
+}
+
+int mbedtls_test_le_u(const char *test, int line_no, const char *filename,
+                      unsigned long long value1, unsigned long long value2)
+{
+    TEST_CF_PUBLIC(&value1, sizeof(value1));
+    TEST_CF_PUBLIC(&value2, sizeof(value2));
+
+    if (value1 <= value2) {
+        return 1;
+    }
+
+    if (mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED) {
+        /* We've already recorded the test as having failed. Don't
+         * overwrite any previous information about the failure. */
+        return 0;
+    }
+    mbedtls_test_fail(test, line_no, filename);
+    (void) mbedtls_snprintf(mbedtls_test_info.line1,
+                            sizeof(mbedtls_test_info.line1),
+                            "lhs = 0x%016llx = %llu",
+                            value1, value1);
+    (void) mbedtls_snprintf(mbedtls_test_info.line2,
+                            sizeof(mbedtls_test_info.line2),
+                            "rhs = 0x%016llx = %llu",
+                            value2, value2);
+    return 0;
+}
+
+int mbedtls_test_le_s(const char *test, int line_no, const char *filename,
+                      long long value1, long long value2)
+{
+    TEST_CF_PUBLIC(&value1, sizeof(value1));
+    TEST_CF_PUBLIC(&value2, sizeof(value2));
+
+    if (value1 <= value2) {
+        return 1;
+    }
+
+    if (mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED) {
+        /* We've already recorded the test as having failed. Don't
+         * overwrite any previous information about the failure. */
+        return 0;
+    }
+    mbedtls_test_fail(test, line_no, filename);
+    (void) mbedtls_snprintf(mbedtls_test_info.line1,
+                            sizeof(mbedtls_test_info.line1),
+                            "lhs = 0x%016llx = %lld",
+                            (unsigned long long) value1, value1);
+    (void) mbedtls_snprintf(mbedtls_test_info.line2,
+                            sizeof(mbedtls_test_info.line2),
+                            "rhs = 0x%016llx = %lld",
+                            (unsigned long long) value2, value2);
+    return 0;
+}
+
+int mbedtls_test_unhexify(unsigned char *obuf,
+                          size_t obufmax,
+                          const char *ibuf,
+                          size_t *len)
+{
+    unsigned char uc, uc2;
+
+    *len = strlen(ibuf);
+
+    /* Must be even number of bytes. */
+    if ((*len) & 1) {
+        return -1;
+    }
+    *len /= 2;
+
+    if ((*len) > obufmax) {
+        return -1;
+    }
+
+    while (*ibuf != 0) {
+        if (ascii2uc(*(ibuf++), &uc) != 0) {
+            return -1;
+        }
+
+        if (ascii2uc(*(ibuf++), &uc2) != 0) {
+            return -1;
+        }
+
+        *(obuf++) = (uc << 4) | uc2;
+    }
+
+    return 0;
+}
+
+void mbedtls_test_hexify(unsigned char *obuf,
+                         const unsigned char *ibuf,
+                         int len)
+{
+    unsigned char l, h;
+
+    while (len != 0) {
+        h = *ibuf / 16;
+        l = *ibuf % 16;
+
+        if (h < 10) {
+            *obuf++ = '0' + h;
+        } else {
+            *obuf++ = 'a' + h - 10;
+        }
+
+        if (l < 10) {
+            *obuf++ = '0' + l;
+        } else {
+            *obuf++ = 'a' + l - 10;
+        }
+
+        ++ibuf;
+        len--;
+    }
+}
+
+unsigned char *mbedtls_test_zero_alloc(size_t len)
+{
+    void *p;
+    size_t actual_len = (len != 0) ? len : 1;
+
+    p = mbedtls_calloc(1, actual_len);
+    TEST_HELPER_ASSERT(p != NULL);
+
+    memset(p, 0x00, actual_len);
+
+    return p;
+}
+
+unsigned char *mbedtls_test_unhexify_alloc(const char *ibuf, size_t *olen)
+{
+    unsigned char *obuf;
+    size_t len;
+
+    *olen = strlen(ibuf) / 2;
+
+    if (*olen == 0) {
+        return mbedtls_test_zero_alloc(*olen);
+    }
+
+    obuf = mbedtls_calloc(1, *olen);
+    TEST_HELPER_ASSERT(obuf != NULL);
+    TEST_HELPER_ASSERT(mbedtls_test_unhexify(obuf, *olen, ibuf, &len) == 0);
+
+    return obuf;
+}
+
+int mbedtls_test_hexcmp(uint8_t *a, uint8_t *b,
+                        uint32_t a_len, uint32_t b_len)
+{
+    int ret = 0;
+    uint32_t i = 0;
+
+    if (a_len != b_len) {
+        return -1;
+    }
+
+    for (i = 0; i < a_len; i++) {
+        if (a[i] != b[i]) {
+            ret = -1;
+            break;
+        }
+    }
+    return ret;
+}
+
+#if defined(MBEDTLS_CHECK_PARAMS)
+void mbedtls_test_param_failed_get_location_record(
+    mbedtls_test_param_failed_location_record_t *location_record)
+{
+    *location_record = param_failed_ctx.location_record;
+}
+
+void mbedtls_test_param_failed_expect_call(void)
+{
+    param_failed_ctx.expected_call_happened = 0;
+    param_failed_ctx.expected_call = 1;
+}
+
+int mbedtls_test_param_failed_check_expected_call(void)
+{
+    param_failed_ctx.expected_call = 0;
+
+    if (param_failed_ctx.expected_call_happened != 0) {
+        return 0;
+    }
+
+    return -1;
+}
+
+void *mbedtls_test_param_failed_get_state_buf(void)
+{
+    return &param_failed_ctx.state;
+}
+
+void mbedtls_test_param_failed_reset_state(void)
+{
+    memset(param_failed_ctx.state, 0, sizeof(param_failed_ctx.state));
+}
+
+void mbedtls_param_failed(const char *failure_condition,
+                          const char *file,
+                          int line)
+{
+    /* Record the location of the failure */
+    param_failed_ctx.location_record.failure_condition = failure_condition;
+    param_failed_ctx.location_record.file = file;
+    param_failed_ctx.location_record.line = line;
+
+    /* If we are testing the callback function...  */
+    if (param_failed_ctx.expected_call != 0) {
+        param_failed_ctx.expected_call = 0;
+        param_failed_ctx.expected_call_happened = 1;
+    } else {
+        /* ...else try a long jump. If the execution state has not been set-up
+         * or reset then the long jump buffer is all zero's and the call will
+         * with high probability fault, emphasizing there is something to look
+         * at.
+         */
+
+        longjmp(param_failed_ctx.state, 1);
+    }
+}
+#endif /* MBEDTLS_CHECK_PARAMS */
+
+#if defined(MBEDTLS_TEST_HOOKS)
+void mbedtls_test_err_add_check(int high, int low,
+                                const char *file, int line)
+{
+    /* Error codes are always negative (a value of zero is a success) however
+     * their positive opposites can be easier to understand. The following
+     * examples given in comments have been made positive for ease of
+     * understanding. The structure of an error code is such:
+     *
+     *                                                shhhhhhhhlllllll
+     *
+     * s = sign bit.
+     * h = high level error code (includes high level module ID (bits 12..14)
+     *     and module-dependent error code (bits 7..11)).
+     * l = low level error code.
+     */
+    if (high > -0x1000 && high != 0) {
+        /* high < 0001000000000000
+         * No high level module ID bits are set.
+         */
+        mbedtls_test_fail("'high' is not a high-level error code",
+                          line, file);
+    } else if (high < -0x7F80) {
+        /* high > 0111111110000000
+         * Error code is greater than the largest allowed high level module ID.
+         */
+        mbedtls_test_fail("'high' error code is greater than 15 bits",
+                          line, file);
+    } else if ((high & 0x7F) != 0) {
+        /* high & 0000000001111111
+         * Error code contains low level error code bits.
+         */
+        mbedtls_test_fail("'high' contains a low-level error code",
+                          line, file);
+    } else if (low < -0x007F) {
+        /* low >  0000000001111111
+         * Error code contains high or module level error code bits.
+         */
+        mbedtls_test_fail("'low' error code is greater than 7 bits",
+                          line, file);
+    } else if (low > 0) {
+        mbedtls_test_fail("'low' error code is greater than zero",
+                          line, file);
+    }
+}
+#endif /* MBEDTLS_TEST_HOOKS */
+
+#if defined(MBEDTLS_BIGNUM_C)
+int mbedtls_test_read_mpi(mbedtls_mpi *X, const char *s)
+{
+    int negative = 0;
+    /* Always set the sign bit to -1 if the input has a minus sign, even for 0.
+     * This creates an invalid representation, which mbedtls_mpi_read_string()
+     * avoids but we want to be able to create that in test data. */
+    if (s[0] == '-') {
+        ++s;
+        negative = 1;
+    }
+    /* mbedtls_mpi_read_string() currently retains leading zeros.
+     * It always allocates at least one limb for the value 0. */
+    if (s[0] == 0) {
+        mbedtls_mpi_free(X);
+        return 0;
+    }
+    int ret = mbedtls_mpi_read_string(X, 16, s);
+    if (ret != 0) {
+        return ret;
+    }
+    if (negative) {
+        if (mbedtls_mpi_cmp_int(X, 0) == 0) {
+            ++mbedtls_test_case_uses_negative_0;
+        }
+        X->s = -1;
+    }
+    return 0;
+}
+#endif
diff --git a/3rdparty/mbedtls-2.28.7/tests/src/psa_crypto_helpers.c b/3rdparty/mbedtls-2.28.7/tests/src/psa_crypto_helpers.c
new file mode 100644
index 0000000..4bbbb3a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/src/psa_crypto_helpers.c
@@ -0,0 +1,185 @@
+/** \file psa_crypto_helpers.c
+ *
+ * \brief Helper functions to test PSA crypto functionality.
+ */
+
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/helpers.h>
+#include <test/macros.h>
+#include <psa_crypto_slot_management.h>
+#include <test/psa_crypto_helpers.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include <psa/crypto.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+
+#include <psa_crypto_storage.h>
+
+static mbedtls_svc_key_id_t key_ids_used_in_test[9];
+static size_t num_key_ids_used;
+
+int mbedtls_test_uses_key_id(mbedtls_svc_key_id_t key_id)
+{
+    size_t i;
+    if (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key_id) >
+        PSA_MAX_PERSISTENT_KEY_IDENTIFIER) {
+        /* Don't touch key id values that designate non-key files. */
+        return 1;
+    }
+    for (i = 0; i < num_key_ids_used; i++) {
+        if (mbedtls_svc_key_id_equal(key_id, key_ids_used_in_test[i])) {
+            return 1;
+        }
+    }
+    if (num_key_ids_used == ARRAY_LENGTH(key_ids_used_in_test)) {
+        return 0;
+    }
+    key_ids_used_in_test[num_key_ids_used] = key_id;
+    ++num_key_ids_used;
+    return 1;
+}
+
+void mbedtls_test_psa_purge_key_storage(void)
+{
+    size_t i;
+    for (i = 0; i < num_key_ids_used; i++) {
+        psa_destroy_persistent_key(key_ids_used_in_test[i]);
+    }
+    num_key_ids_used = 0;
+}
+
+void mbedtls_test_psa_purge_key_cache(void)
+{
+    size_t i;
+    for (i = 0; i < num_key_ids_used; i++) {
+        psa_purge_key(key_ids_used_in_test[i]);
+    }
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+
+const char *mbedtls_test_helper_is_psa_leaking(void)
+{
+    mbedtls_psa_stats_t stats;
+
+    mbedtls_psa_get_stats(&stats);
+
+    if (stats.volatile_slots != 0) {
+        return "A volatile slot has not been closed properly.";
+    }
+    if (stats.persistent_slots != 0) {
+        return "A persistent slot has not been closed properly.";
+    }
+    if (stats.external_slots != 0) {
+        return "An external slot has not been closed properly.";
+    }
+    if (stats.half_filled_slots != 0) {
+        return "A half-filled slot has not been cleared properly.";
+    }
+    if (stats.locked_slots != 0) {
+        return "Some slots are still marked as locked.";
+    }
+
+    return NULL;
+}
+
+#if defined(RECORD_PSA_STATUS_COVERAGE_LOG)
+/** Name of the file where return statuses are logged by #RECORD_STATUS. */
+#define STATUS_LOG_FILE_NAME "statuses.log"
+
+psa_status_t mbedtls_test_record_status(psa_status_t status,
+                                        const char *func,
+                                        const char *file, int line,
+                                        const char *expr)
+{
+    /* We open the log file on first use.
+     * We never close the log file, so the record_status feature is not
+     * compatible with resource leak detectors such as Asan.
+     */
+    static FILE *log;
+    if (log == NULL) {
+        log = fopen(STATUS_LOG_FILE_NAME, "a");
+    }
+    fprintf(log, "%d:%s:%s:%d:%s\n", (int) status, func, file, line, expr);
+    return status;
+}
+#endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */
+
+psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags)
+{
+    psa_key_usage_t updated_usage = usage_flags;
+
+    if (usage_flags & PSA_KEY_USAGE_SIGN_HASH) {
+        updated_usage |= PSA_KEY_USAGE_SIGN_MESSAGE;
+    }
+
+    if (usage_flags & PSA_KEY_USAGE_VERIFY_HASH) {
+        updated_usage |= PSA_KEY_USAGE_VERIFY_MESSAGE;
+    }
+
+    return updated_usage;
+}
+
+int mbedtls_test_fail_if_psa_leaking(int line_no, const char *filename)
+{
+    const char *msg = mbedtls_test_helper_is_psa_leaking();
+    if (msg == NULL) {
+        return 0;
+    } else {
+        mbedtls_test_fail(msg, line_no, filename);
+        return 1;
+    }
+}
+
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
+
+#include <mbedtls/entropy.h>
+#include <psa_crypto_its.h>
+
+int mbedtls_test_inject_entropy_seed_read(unsigned char *buf, size_t len)
+{
+    size_t actual_len = 0;
+    psa_status_t status = psa_its_get(PSA_CRYPTO_ITS_RANDOM_SEED_UID,
+                                      0, len, buf, &actual_len);
+    if (status != 0) {
+        return MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
+    }
+    if (actual_len != len) {
+        return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+    }
+    return 0;
+}
+
+int mbedtls_test_inject_entropy_seed_write(unsigned char *buf, size_t len)
+{
+    psa_status_t status = psa_its_set(PSA_CRYPTO_ITS_RANDOM_SEED_UID,
+                                      len, buf, 0);
+    if (status != 0) {
+        return MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
+    }
+    return 0;
+}
+
+int mbedtls_test_inject_entropy_restore(void)
+{
+    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
+    for (size_t i = 0; i < sizeof(buf); i++) {
+        buf[i] = (unsigned char) i;
+    }
+    psa_status_t status = mbedtls_psa_inject_entropy(buf, sizeof(buf));
+    /* It's ok if the file was just created, or if it already exists. */
+    if (status != PSA_SUCCESS && status != PSA_ERROR_NOT_PERMITTED) {
+        return status;
+    }
+    return PSA_SUCCESS;
+}
+
+#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/3rdparty/mbedtls-2.28.7/tests/src/psa_exercise_key.c b/3rdparty/mbedtls-2.28.7/tests/src/psa_exercise_key.c
new file mode 100644
index 0000000..7105324
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/src/psa_exercise_key.c
@@ -0,0 +1,947 @@
+/** Code to exercise a PSA key object, i.e. validate that it seems well-formed
+ * and can do what it is supposed to do.
+ */
+
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/helpers.h>
+#include <test/macros.h>
+#include <test/psa_exercise_key.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include <mbedtls/asn1.h>
+#include <psa/crypto.h>
+
+#include <test/asn1_helpers.h>
+#include <psa_crypto_slot_management.h>
+#include <test/psa_crypto_helpers.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+static int lifetime_is_dynamic_secure_element(psa_key_lifetime_t lifetime)
+{
+    return PSA_KEY_LIFETIME_GET_LOCATION(lifetime) !=
+           PSA_KEY_LOCATION_LOCAL_STORAGE;
+}
+#endif
+
+static int check_key_attributes_sanity(mbedtls_svc_key_id_t key)
+{
+    int ok = 0;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_lifetime_t lifetime;
+    mbedtls_svc_key_id_t id;
+    psa_key_type_t type;
+    size_t bits;
+
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    lifetime = psa_get_key_lifetime(&attributes);
+    id = psa_get_key_id(&attributes);
+    type = psa_get_key_type(&attributes);
+    bits = psa_get_key_bits(&attributes);
+
+    /* Persistence */
+    if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
+        TEST_ASSERT(
+            (PSA_KEY_ID_VOLATILE_MIN <=
+             MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id)) &&
+            (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) <=
+             PSA_KEY_ID_VOLATILE_MAX));
+    } else {
+        TEST_ASSERT(
+            (PSA_KEY_ID_USER_MIN <= MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id)) &&
+            (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) <= PSA_KEY_ID_USER_MAX));
+    }
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    /* randomly-generated 64-bit constant, should never appear in test data */
+    psa_key_slot_number_t slot_number = 0xec94d4a5058a1a21;
+    psa_status_t status = psa_get_key_slot_number(&attributes, &slot_number);
+    if (lifetime_is_dynamic_secure_element(lifetime)) {
+        /* Mbed TLS currently always exposes the slot number to
+         * applications. This is not mandated by the PSA specification
+         * and may change in future versions. */
+        TEST_EQUAL(status, 0);
+        TEST_ASSERT(slot_number != 0xec94d4a5058a1a21);
+    } else {
+        TEST_EQUAL(status, PSA_ERROR_INVALID_ARGUMENT);
+    }
+#endif
+
+    /* Type and size */
+    TEST_ASSERT(type != 0);
+    TEST_ASSERT(bits != 0);
+    TEST_ASSERT(bits <= PSA_MAX_KEY_BITS);
+    if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type)) {
+        TEST_ASSERT(bits % 8 == 0);
+    }
+
+    /* MAX macros concerning specific key types */
+    if (PSA_KEY_TYPE_IS_ECC(type)) {
+        TEST_ASSERT(bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS);
+    } else if (PSA_KEY_TYPE_IS_RSA(type)) {
+        TEST_ASSERT(bits <= PSA_VENDOR_RSA_MAX_KEY_BITS);
+    }
+    TEST_ASSERT(PSA_BLOCK_CIPHER_BLOCK_LENGTH(type) <= PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE);
+
+    ok = 1;
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    return ok;
+}
+
+static int exercise_mac_key(mbedtls_svc_key_id_t key,
+                            psa_key_usage_t usage,
+                            psa_algorithm_t alg)
+{
+    psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+    const unsigned char input[] = "foo";
+    unsigned char mac[PSA_MAC_MAX_SIZE] = { 0 };
+    size_t mac_length = sizeof(mac);
+
+    /* Convert wildcard algorithm to exercisable algorithm */
+    if (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) {
+        alg = PSA_ALG_TRUNCATED_MAC(alg, PSA_MAC_TRUNCATED_LENGTH(alg));
+    }
+
+    if (usage & PSA_KEY_USAGE_SIGN_HASH) {
+        PSA_ASSERT(psa_mac_sign_setup(&operation, key, alg));
+        PSA_ASSERT(psa_mac_update(&operation,
+                                  input, sizeof(input)));
+        PSA_ASSERT(psa_mac_sign_finish(&operation,
+                                       mac, sizeof(mac),
+                                       &mac_length));
+    }
+
+    if (usage & PSA_KEY_USAGE_VERIFY_HASH) {
+        psa_status_t verify_status =
+            (usage & PSA_KEY_USAGE_SIGN_HASH ?
+             PSA_SUCCESS :
+             PSA_ERROR_INVALID_SIGNATURE);
+        PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg));
+        PSA_ASSERT(psa_mac_update(&operation,
+                                  input, sizeof(input)));
+        TEST_EQUAL(psa_mac_verify_finish(&operation, mac, mac_length),
+                   verify_status);
+    }
+
+    return 1;
+
+exit:
+    psa_mac_abort(&operation);
+    return 0;
+}
+
+static int exercise_cipher_key(mbedtls_svc_key_id_t key,
+                               psa_key_usage_t usage,
+                               psa_algorithm_t alg)
+{
+    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+    unsigned char iv[PSA_CIPHER_IV_MAX_SIZE] = { 0 };
+    size_t iv_length;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_type_t key_type;
+    const unsigned char plaintext[16] = "Hello, world...";
+    unsigned char ciphertext[32] = "(wabblewebblewibblewobblewubble)";
+    size_t ciphertext_length = sizeof(ciphertext);
+    unsigned char decrypted[sizeof(ciphertext)];
+    size_t part_length;
+
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    key_type = psa_get_key_type(&attributes);
+    iv_length = PSA_CIPHER_IV_LENGTH(key_type, alg);
+
+    if (usage & PSA_KEY_USAGE_ENCRYPT) {
+        PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg));
+        if (iv_length != 0) {
+            PSA_ASSERT(psa_cipher_generate_iv(&operation,
+                                              iv, sizeof(iv),
+                                              &iv_length));
+        }
+        PSA_ASSERT(psa_cipher_update(&operation,
+                                     plaintext, sizeof(plaintext),
+                                     ciphertext, sizeof(ciphertext),
+                                     &ciphertext_length));
+        PSA_ASSERT(psa_cipher_finish(&operation,
+                                     ciphertext + ciphertext_length,
+                                     sizeof(ciphertext) - ciphertext_length,
+                                     &part_length));
+        ciphertext_length += part_length;
+    }
+
+    if (usage & PSA_KEY_USAGE_DECRYPT) {
+        psa_status_t status;
+        int maybe_invalid_padding = 0;
+        if (!(usage & PSA_KEY_USAGE_ENCRYPT)) {
+            maybe_invalid_padding = !PSA_ALG_IS_STREAM_CIPHER(alg);
+        }
+        PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg));
+        if (iv_length != 0) {
+            PSA_ASSERT(psa_cipher_set_iv(&operation,
+                                         iv, iv_length));
+        }
+        PSA_ASSERT(psa_cipher_update(&operation,
+                                     ciphertext, ciphertext_length,
+                                     decrypted, sizeof(decrypted),
+                                     &part_length));
+        status = psa_cipher_finish(&operation,
+                                   decrypted + part_length,
+                                   sizeof(decrypted) - part_length,
+                                   &part_length);
+        /* For a stream cipher, all inputs are valid. For a block cipher,
+         * if the input is some arbitrary data rather than an actual
+           ciphertext, a padding error is likely.  */
+        if (maybe_invalid_padding) {
+            TEST_ASSERT(status == PSA_SUCCESS ||
+                        status == PSA_ERROR_INVALID_PADDING);
+        } else {
+            PSA_ASSERT(status);
+        }
+    }
+
+    return 1;
+
+exit:
+    psa_cipher_abort(&operation);
+    psa_reset_key_attributes(&attributes);
+    return 0;
+}
+
+static int exercise_aead_key(mbedtls_svc_key_id_t key,
+                             psa_key_usage_t usage,
+                             psa_algorithm_t alg)
+{
+    unsigned char nonce[PSA_AEAD_NONCE_MAX_SIZE] = { 0 };
+    size_t nonce_length;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_type_t key_type;
+    unsigned char plaintext[16] = "Hello, world...";
+    unsigned char ciphertext[48] = "(wabblewebblewibblewobblewubble)";
+    size_t ciphertext_length = sizeof(ciphertext);
+    size_t plaintext_length = sizeof(ciphertext);
+
+    /* Convert wildcard algorithm to exercisable algorithm */
+    if (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) {
+        alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, PSA_ALG_AEAD_GET_TAG_LENGTH(alg));
+    }
+
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    key_type = psa_get_key_type(&attributes);
+    nonce_length = PSA_AEAD_NONCE_LENGTH(key_type, alg);
+
+    if (usage & PSA_KEY_USAGE_ENCRYPT) {
+        PSA_ASSERT(psa_aead_encrypt(key, alg,
+                                    nonce, nonce_length,
+                                    NULL, 0,
+                                    plaintext, sizeof(plaintext),
+                                    ciphertext, sizeof(ciphertext),
+                                    &ciphertext_length));
+    }
+
+    if (usage & PSA_KEY_USAGE_DECRYPT) {
+        psa_status_t verify_status =
+            (usage & PSA_KEY_USAGE_ENCRYPT ?
+             PSA_SUCCESS :
+             PSA_ERROR_INVALID_SIGNATURE);
+        TEST_EQUAL(psa_aead_decrypt(key, alg,
+                                    nonce, nonce_length,
+                                    NULL, 0,
+                                    ciphertext, ciphertext_length,
+                                    plaintext, sizeof(plaintext),
+                                    &plaintext_length),
+                   verify_status);
+    }
+
+    return 1;
+
+exit:
+    psa_reset_key_attributes(&attributes);
+    return 0;
+}
+
+static int can_sign_or_verify_message(psa_key_usage_t usage,
+                                      psa_algorithm_t alg)
+{
+    /* Sign-the-unspecified-hash algorithms can only be used with
+     * {sign,verify}_hash, not with {sign,verify}_message. */
+    if (alg == PSA_ALG_ECDSA_ANY || alg == PSA_ALG_RSA_PKCS1V15_SIGN_RAW) {
+        return 0;
+    }
+    return usage & (PSA_KEY_USAGE_SIGN_MESSAGE |
+                    PSA_KEY_USAGE_VERIFY_MESSAGE);
+}
+
+static int exercise_signature_key(mbedtls_svc_key_id_t key,
+                                  psa_key_usage_t usage,
+                                  psa_algorithm_t alg)
+{
+    if (usage & (PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH)) {
+        unsigned char payload[PSA_HASH_MAX_SIZE] = { 1 };
+        size_t payload_length = 16;
+        unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = { 0 };
+        size_t signature_length = sizeof(signature);
+        psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH(alg);
+
+        /* If the policy allows signing with any hash, just pick one. */
+        if (PSA_ALG_IS_SIGN_HASH(alg) && hash_alg == PSA_ALG_ANY_HASH) {
+    #if defined(KNOWN_MBEDTLS_SUPPORTED_HASH_ALG)
+            hash_alg = KNOWN_MBEDTLS_SUPPORTED_HASH_ALG;
+            alg ^= PSA_ALG_ANY_HASH ^ hash_alg;
+    #else
+            TEST_FAIL("No hash algorithm for hash-and-sign testing");
+    #endif
+        }
+
+        /* Some algorithms require the payload to have the size of
+         * the hash encoded in the algorithm. Use this input size
+         * even for algorithms that allow other input sizes. */
+        if (hash_alg != 0) {
+            payload_length = PSA_HASH_LENGTH(hash_alg);
+        }
+
+        if (usage & PSA_KEY_USAGE_SIGN_HASH) {
+            PSA_ASSERT(psa_sign_hash(key, alg,
+                                     payload, payload_length,
+                                     signature, sizeof(signature),
+                                     &signature_length));
+        }
+
+        if (usage & PSA_KEY_USAGE_VERIFY_HASH) {
+            psa_status_t verify_status =
+                (usage & PSA_KEY_USAGE_SIGN_HASH ?
+                 PSA_SUCCESS :
+                 PSA_ERROR_INVALID_SIGNATURE);
+            TEST_EQUAL(psa_verify_hash(key, alg,
+                                       payload, payload_length,
+                                       signature, signature_length),
+                       verify_status);
+        }
+    }
+
+    if (can_sign_or_verify_message(usage, alg)) {
+        unsigned char message[256] = "Hello, world...";
+        unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = { 0 };
+        size_t message_length = 16;
+        size_t signature_length = sizeof(signature);
+
+        if (usage & PSA_KEY_USAGE_SIGN_MESSAGE) {
+            PSA_ASSERT(psa_sign_message(key, alg,
+                                        message, message_length,
+                                        signature, sizeof(signature),
+                                        &signature_length));
+        }
+
+        if (usage & PSA_KEY_USAGE_VERIFY_MESSAGE) {
+            psa_status_t verify_status =
+                (usage & PSA_KEY_USAGE_SIGN_MESSAGE ?
+                 PSA_SUCCESS :
+                 PSA_ERROR_INVALID_SIGNATURE);
+            TEST_EQUAL(psa_verify_message(key, alg,
+                                          message, message_length,
+                                          signature, signature_length),
+                       verify_status);
+        }
+    }
+
+    return 1;
+
+exit:
+    return 0;
+}
+
+static int exercise_asymmetric_encryption_key(mbedtls_svc_key_id_t key,
+                                              psa_key_usage_t usage,
+                                              psa_algorithm_t alg)
+{
+    unsigned char plaintext[256] = "Hello, world...";
+    unsigned char ciphertext[256] = "(wabblewebblewibblewobblewubble)";
+    size_t ciphertext_length = sizeof(ciphertext);
+    size_t plaintext_length = 16;
+
+    if (usage & PSA_KEY_USAGE_ENCRYPT) {
+        PSA_ASSERT(psa_asymmetric_encrypt(key, alg,
+                                          plaintext, plaintext_length,
+                                          NULL, 0,
+                                          ciphertext, sizeof(ciphertext),
+                                          &ciphertext_length));
+    }
+
+    if (usage & PSA_KEY_USAGE_DECRYPT) {
+        psa_status_t status =
+            psa_asymmetric_decrypt(key, alg,
+                                   ciphertext, ciphertext_length,
+                                   NULL, 0,
+                                   plaintext, sizeof(plaintext),
+                                   &plaintext_length);
+        TEST_ASSERT(status == PSA_SUCCESS ||
+                    ((usage & PSA_KEY_USAGE_ENCRYPT) == 0 &&
+                     (status == PSA_ERROR_INVALID_ARGUMENT ||
+                      status == PSA_ERROR_INVALID_PADDING)));
+    }
+
+    return 1;
+
+exit:
+    return 0;
+}
+
+int mbedtls_test_psa_setup_key_derivation_wrap(
+    psa_key_derivation_operation_t *operation,
+    mbedtls_svc_key_id_t key,
+    psa_algorithm_t alg,
+    const unsigned char *input1, size_t input1_length,
+    const unsigned char *input2, size_t input2_length,
+    size_t capacity)
+{
+    PSA_ASSERT(psa_key_derivation_setup(operation, alg));
+    if (PSA_ALG_IS_HKDF(alg)) {
+        PSA_ASSERT(psa_key_derivation_input_bytes(operation,
+                                                  PSA_KEY_DERIVATION_INPUT_SALT,
+                                                  input1, input1_length));
+        PSA_ASSERT(psa_key_derivation_input_key(operation,
+                                                PSA_KEY_DERIVATION_INPUT_SECRET,
+                                                key));
+        PSA_ASSERT(psa_key_derivation_input_bytes(operation,
+                                                  PSA_KEY_DERIVATION_INPUT_INFO,
+                                                  input2,
+                                                  input2_length));
+    } else if (PSA_ALG_IS_TLS12_PRF(alg) ||
+               PSA_ALG_IS_TLS12_PSK_TO_MS(alg)) {
+        PSA_ASSERT(psa_key_derivation_input_bytes(operation,
+                                                  PSA_KEY_DERIVATION_INPUT_SEED,
+                                                  input1, input1_length));
+        PSA_ASSERT(psa_key_derivation_input_key(operation,
+                                                PSA_KEY_DERIVATION_INPUT_SECRET,
+                                                key));
+        PSA_ASSERT(psa_key_derivation_input_bytes(operation,
+                                                  PSA_KEY_DERIVATION_INPUT_LABEL,
+                                                  input2, input2_length));
+    } else {
+        TEST_FAIL("Key derivation algorithm not supported");
+    }
+
+    if (capacity != SIZE_MAX) {
+        PSA_ASSERT(psa_key_derivation_set_capacity(operation, capacity));
+    }
+
+    return 1;
+
+exit:
+    return 0;
+}
+
+
+static int exercise_key_derivation_key(mbedtls_svc_key_id_t key,
+                                       psa_key_usage_t usage,
+                                       psa_algorithm_t alg)
+{
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+    unsigned char input1[] = "Input 1";
+    size_t input1_length = sizeof(input1);
+    unsigned char input2[] = "Input 2";
+    size_t input2_length = sizeof(input2);
+    unsigned char output[1];
+    size_t capacity = sizeof(output);
+
+    if (usage & PSA_KEY_USAGE_DERIVE) {
+        if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, key, alg,
+                                                        input1, input1_length,
+                                                        input2, input2_length,
+                                                        capacity)) {
+            goto exit;
+        }
+
+        PSA_ASSERT(psa_key_derivation_output_bytes(&operation,
+                                                   output,
+                                                   capacity));
+        PSA_ASSERT(psa_key_derivation_abort(&operation));
+    }
+
+    return 1;
+
+exit:
+    return 0;
+}
+
+/* We need two keys to exercise key agreement. Exercise the
+ * private key against its own public key. */
+psa_status_t mbedtls_test_psa_key_agreement_with_self(
+    psa_key_derivation_operation_t *operation,
+    mbedtls_svc_key_id_t key)
+{
+    psa_key_type_t private_key_type;
+    psa_key_type_t public_key_type;
+    size_t key_bits;
+    uint8_t *public_key = NULL;
+    size_t public_key_length;
+    /* Return GENERIC_ERROR if something other than the final call to
+     * psa_key_derivation_key_agreement fails. This isn't fully satisfactory,
+     * but it's good enough: callers will report it as a failed test anyway. */
+    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    private_key_type = psa_get_key_type(&attributes);
+    key_bits = psa_get_key_bits(&attributes);
+    public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(private_key_type);
+    public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_key_type, key_bits);
+    TEST_CALLOC(public_key, public_key_length);
+    PSA_ASSERT(psa_export_public_key(key, public_key, public_key_length,
+                                     &public_key_length));
+
+    status = psa_key_derivation_key_agreement(
+        operation, PSA_KEY_DERIVATION_INPUT_SECRET, key,
+        public_key, public_key_length);
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    mbedtls_free(public_key);
+    return status;
+}
+
+/* We need two keys to exercise key agreement. Exercise the
+ * private key against its own public key. */
+psa_status_t mbedtls_test_psa_raw_key_agreement_with_self(
+    psa_algorithm_t alg,
+    mbedtls_svc_key_id_t key)
+{
+    psa_key_type_t private_key_type;
+    psa_key_type_t public_key_type;
+    size_t key_bits;
+    uint8_t *public_key = NULL;
+    size_t public_key_length;
+    uint8_t output[1024];
+    size_t output_length;
+    /* Return GENERIC_ERROR if something other than the final call to
+     * psa_key_derivation_key_agreement fails. This isn't fully satisfactory,
+     * but it's good enough: callers will report it as a failed test anyway. */
+    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    private_key_type = psa_get_key_type(&attributes);
+    key_bits = psa_get_key_bits(&attributes);
+    public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(private_key_type);
+    public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_key_type, key_bits);
+    TEST_CALLOC(public_key, public_key_length);
+    PSA_ASSERT(psa_export_public_key(key,
+                                     public_key, public_key_length,
+                                     &public_key_length));
+
+    status = psa_raw_key_agreement(alg, key,
+                                   public_key, public_key_length,
+                                   output, sizeof(output), &output_length);
+    if (status == PSA_SUCCESS) {
+        TEST_ASSERT(output_length <=
+                    PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(private_key_type,
+                                                      key_bits));
+        TEST_ASSERT(output_length <=
+                    PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE);
+    }
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    mbedtls_free(public_key);
+    return status;
+}
+
+static int exercise_raw_key_agreement_key(mbedtls_svc_key_id_t key,
+                                          psa_key_usage_t usage,
+                                          psa_algorithm_t alg)
+{
+    int ok = 0;
+
+    if (usage & PSA_KEY_USAGE_DERIVE) {
+        /* We need two keys to exercise key agreement. Exercise the
+         * private key against its own public key. */
+        PSA_ASSERT(mbedtls_test_psa_raw_key_agreement_with_self(alg, key));
+    }
+    ok = 1;
+
+exit:
+    return ok;
+}
+
+static int exercise_key_agreement_key(mbedtls_svc_key_id_t key,
+                                      psa_key_usage_t usage,
+                                      psa_algorithm_t alg)
+{
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+    unsigned char input[1];
+    unsigned char output[1];
+    int ok = 0;
+    psa_algorithm_t kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF(alg);
+
+    if (usage & PSA_KEY_USAGE_DERIVE) {
+        /* We need two keys to exercise key agreement. Exercise the
+         * private key against its own public key. */
+        PSA_ASSERT(psa_key_derivation_setup(&operation, alg));
+        if (PSA_ALG_IS_TLS12_PRF(kdf_alg) ||
+            PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) {
+            PSA_ASSERT(psa_key_derivation_input_bytes(
+                           &operation, PSA_KEY_DERIVATION_INPUT_SEED,
+                           input, sizeof(input)));
+        }
+
+        PSA_ASSERT(mbedtls_test_psa_key_agreement_with_self(&operation, key));
+
+        if (PSA_ALG_IS_TLS12_PRF(kdf_alg) ||
+            PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) {
+            PSA_ASSERT(psa_key_derivation_input_bytes(
+                           &operation, PSA_KEY_DERIVATION_INPUT_LABEL,
+                           input, sizeof(input)));
+        } else if (PSA_ALG_IS_HKDF(kdf_alg)) {
+            PSA_ASSERT(psa_key_derivation_input_bytes(
+                           &operation, PSA_KEY_DERIVATION_INPUT_INFO,
+                           input, sizeof(input)));
+        }
+        PSA_ASSERT(psa_key_derivation_output_bytes(&operation,
+                                                   output,
+                                                   sizeof(output)));
+        PSA_ASSERT(psa_key_derivation_abort(&operation));
+    }
+    ok = 1;
+
+exit:
+    return ok;
+}
+
+int mbedtls_test_psa_exported_key_sanity_check(
+    psa_key_type_t type, size_t bits,
+    const uint8_t *exported, size_t exported_length)
+{
+    TEST_ASSERT(exported_length <= PSA_EXPORT_KEY_OUTPUT_SIZE(type, bits));
+
+    if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type)) {
+        TEST_EQUAL(exported_length, PSA_BITS_TO_BYTES(bits));
+    } else
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+    if (type == PSA_KEY_TYPE_RSA_KEY_PAIR) {
+        uint8_t *p = (uint8_t *) exported;
+        const uint8_t *end = exported + exported_length;
+        size_t len;
+        /*   RSAPrivateKey ::= SEQUENCE {
+         *       version             INTEGER,  -- must be 0
+         *       modulus             INTEGER,  -- n
+         *       publicExponent      INTEGER,  -- e
+         *       privateExponent     INTEGER,  -- d
+         *       prime1              INTEGER,  -- p
+         *       prime2              INTEGER,  -- q
+         *       exponent1           INTEGER,  -- d mod (p-1)
+         *       exponent2           INTEGER,  -- d mod (q-1)
+         *       coefficient         INTEGER,  -- (inverse of q) mod p
+         *   }
+         */
+        TEST_EQUAL(mbedtls_asn1_get_tag(&p, end, &len,
+                                        MBEDTLS_ASN1_SEQUENCE |
+                                        MBEDTLS_ASN1_CONSTRUCTED), 0);
+        TEST_EQUAL(len, end - p);
+        if (!mbedtls_test_asn1_skip_integer(&p, end, 0, 0, 0)) {
+            goto exit;
+        }
+        if (!mbedtls_test_asn1_skip_integer(&p, end, bits, bits, 1)) {
+            goto exit;
+        }
+        if (!mbedtls_test_asn1_skip_integer(&p, end, 2, bits, 1)) {
+            goto exit;
+        }
+        /* Require d to be at least half the size of n. */
+        if (!mbedtls_test_asn1_skip_integer(&p, end, bits / 2, bits, 1)) {
+            goto exit;
+        }
+        /* Require p and q to be at most half the size of n, rounded up. */
+        if (!mbedtls_test_asn1_skip_integer(&p, end, bits / 2, bits / 2 + 1, 1)) {
+            goto exit;
+        }
+        if (!mbedtls_test_asn1_skip_integer(&p, end, bits / 2, bits / 2 + 1, 1)) {
+            goto exit;
+        }
+        if (!mbedtls_test_asn1_skip_integer(&p, end, 1, bits / 2 + 1, 0)) {
+            goto exit;
+        }
+        if (!mbedtls_test_asn1_skip_integer(&p, end, 1, bits / 2 + 1, 0)) {
+            goto exit;
+        }
+        if (!mbedtls_test_asn1_skip_integer(&p, end, 1, bits / 2 + 1, 0)) {
+            goto exit;
+        }
+        TEST_EQUAL(p - end, 0);
+
+        TEST_ASSERT(exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE);
+    } else
+#endif /* MBEDTLS_ASN1_PARSE_C */
+
+#if defined(MBEDTLS_ECP_C)
+    if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) {
+        /* Just the secret value */
+        TEST_EQUAL(exported_length, PSA_BITS_TO_BYTES(bits));
+
+        TEST_ASSERT(exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE);
+    } else
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+    if (type == PSA_KEY_TYPE_RSA_PUBLIC_KEY) {
+        uint8_t *p = (uint8_t *) exported;
+        const uint8_t *end = exported + exported_length;
+        size_t len;
+        /*   RSAPublicKey ::= SEQUENCE {
+         *      modulus            INTEGER,    -- n
+         *      publicExponent     INTEGER  }  -- e
+         */
+        TEST_EQUAL(mbedtls_asn1_get_tag(&p, end, &len,
+                                        MBEDTLS_ASN1_SEQUENCE |
+                                        MBEDTLS_ASN1_CONSTRUCTED),
+                   0);
+        TEST_EQUAL(len, end - p);
+        if (!mbedtls_test_asn1_skip_integer(&p, end, bits, bits, 1)) {
+            goto exit;
+        }
+        if (!mbedtls_test_asn1_skip_integer(&p, end, 2, bits, 1)) {
+            goto exit;
+        }
+        TEST_EQUAL(p - end, 0);
+
+
+        TEST_ASSERT(exported_length <=
+                    PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(type, bits));
+        TEST_ASSERT(exported_length <=
+                    PSA_EXPORT_PUBLIC_KEY_MAX_SIZE);
+    } else
+#endif /* MBEDTLS_ASN1_PARSE_C */
+
+#if defined(MBEDTLS_ECP_C)
+    if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type)) {
+
+        TEST_ASSERT(exported_length <=
+                    PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(type, bits));
+        TEST_ASSERT(exported_length <=
+                    PSA_EXPORT_PUBLIC_KEY_MAX_SIZE);
+
+        if (PSA_KEY_TYPE_ECC_GET_FAMILY(type) == PSA_ECC_FAMILY_MONTGOMERY) {
+            /* The representation of an ECC Montgomery public key is
+             * the raw compressed point */
+            TEST_EQUAL(PSA_BITS_TO_BYTES(bits), exported_length);
+        } else {
+            /* The representation of an ECC Weierstrass public key is:
+             *      - The byte 0x04;
+             *      - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
+             *      - `y_P` as a `ceiling(m/8)`-byte string, big-endian;
+             *      - where m is the bit size associated with the curve.
+             */
+            TEST_EQUAL(1 + 2 * PSA_BITS_TO_BYTES(bits), exported_length);
+            TEST_EQUAL(exported[0], 4);
+        }
+    } else
+#endif /* MBEDTLS_ECP_C */
+
+    {
+        (void) exported;
+        TEST_FAIL("Sanity check not implemented for this key type");
+    }
+
+#if defined(MBEDTLS_DES_C)
+    if (type == PSA_KEY_TYPE_DES) {
+        /* Check the parity bits. */
+        unsigned i;
+        for (i = 0; i < bits / 8; i++) {
+            unsigned bit_count = 0;
+            unsigned m;
+            for (m = 1; m <= 0x100; m <<= 1) {
+                if (exported[i] & m) {
+                    ++bit_count;
+                }
+            }
+            TEST_ASSERT(bit_count % 2 != 0);
+        }
+    }
+#endif
+
+    return 1;
+
+exit:
+    return 0;
+}
+
+static int exercise_export_key(mbedtls_svc_key_id_t key,
+                               psa_key_usage_t usage)
+{
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    uint8_t *exported = NULL;
+    size_t exported_size = 0;
+    size_t exported_length = 0;
+    int ok = 0;
+
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+
+    exported_size = PSA_EXPORT_KEY_OUTPUT_SIZE(
+        psa_get_key_type(&attributes),
+        psa_get_key_bits(&attributes));
+    TEST_CALLOC(exported, exported_size);
+
+    if ((usage & PSA_KEY_USAGE_EXPORT) == 0 &&
+        !PSA_KEY_TYPE_IS_PUBLIC_KEY(psa_get_key_type(&attributes))) {
+        TEST_EQUAL(psa_export_key(key, exported,
+                                  exported_size, &exported_length),
+                   PSA_ERROR_NOT_PERMITTED);
+        ok = 1;
+        goto exit;
+    }
+
+    PSA_ASSERT(psa_export_key(key,
+                              exported, exported_size,
+                              &exported_length));
+    ok = mbedtls_test_psa_exported_key_sanity_check(
+        psa_get_key_type(&attributes), psa_get_key_bits(&attributes),
+        exported, exported_length);
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    mbedtls_free(exported);
+    return ok;
+}
+
+static int exercise_export_public_key(mbedtls_svc_key_id_t key)
+{
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_type_t public_type;
+    uint8_t *exported = NULL;
+    size_t exported_size = 0;
+    size_t exported_length = 0;
+    int ok = 0;
+
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    if (!PSA_KEY_TYPE_IS_ASYMMETRIC(psa_get_key_type(&attributes))) {
+        exported_size = PSA_EXPORT_KEY_OUTPUT_SIZE(
+            psa_get_key_type(&attributes),
+            psa_get_key_bits(&attributes));
+        TEST_CALLOC(exported, exported_size);
+
+        TEST_EQUAL(psa_export_public_key(key, exported,
+                                         exported_size, &exported_length),
+                   PSA_ERROR_INVALID_ARGUMENT);
+        ok = 1;
+        goto exit;
+    }
+
+    public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(
+        psa_get_key_type(&attributes));
+    exported_size = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_type,
+                                                      psa_get_key_bits(&attributes));
+    TEST_CALLOC(exported, exported_size);
+
+    PSA_ASSERT(psa_export_public_key(key,
+                                     exported, exported_size,
+                                     &exported_length));
+    ok = mbedtls_test_psa_exported_key_sanity_check(
+        public_type, psa_get_key_bits(&attributes),
+        exported, exported_length);
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    mbedtls_free(exported);
+    return ok;
+}
+
+int mbedtls_test_psa_exercise_key(mbedtls_svc_key_id_t key,
+                                  psa_key_usage_t usage,
+                                  psa_algorithm_t alg)
+{
+    int ok = 0;
+
+    if (!check_key_attributes_sanity(key)) {
+        return 0;
+    }
+
+    if (alg == 0) {
+        ok = 1; /* If no algorithm, do nothing (used for raw data "keys"). */
+    } else if (PSA_ALG_IS_MAC(alg)) {
+        ok = exercise_mac_key(key, usage, alg);
+    } else if (PSA_ALG_IS_CIPHER(alg)) {
+        ok = exercise_cipher_key(key, usage, alg);
+    } else if (PSA_ALG_IS_AEAD(alg)) {
+        ok = exercise_aead_key(key, usage, alg);
+    } else if (PSA_ALG_IS_SIGN(alg)) {
+        ok = exercise_signature_key(key, usage, alg);
+    } else if (PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)) {
+        ok = exercise_asymmetric_encryption_key(key, usage, alg);
+    } else if (PSA_ALG_IS_KEY_DERIVATION(alg)) {
+        ok = exercise_key_derivation_key(key, usage, alg);
+    } else if (PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) {
+        ok = exercise_raw_key_agreement_key(key, usage, alg);
+    } else if (PSA_ALG_IS_KEY_AGREEMENT(alg)) {
+        ok = exercise_key_agreement_key(key, usage, alg);
+    } else {
+        TEST_FAIL("No code to exercise this category of algorithm");
+    }
+
+    ok = ok && exercise_export_key(key, usage);
+    ok = ok && exercise_export_public_key(key);
+
+exit:
+    return ok;
+}
+
+psa_key_usage_t mbedtls_test_psa_usage_to_exercise(psa_key_type_t type,
+                                                   psa_algorithm_t alg)
+{
+    if (PSA_ALG_IS_MAC(alg) || PSA_ALG_IS_SIGN(alg)) {
+        if (PSA_ALG_IS_SIGN_HASH(alg)) {
+            if (PSA_ALG_SIGN_GET_HASH(alg)) {
+                return PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ?
+                       PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE :
+                       PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH |
+                       PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE;
+            }
+        } else if (PSA_ALG_IS_SIGN_MESSAGE(alg)) {
+            return PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ?
+                   PSA_KEY_USAGE_VERIFY_MESSAGE :
+                   PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE;
+        }
+
+        return PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ?
+               PSA_KEY_USAGE_VERIFY_HASH :
+               PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH;
+    } else if (PSA_ALG_IS_CIPHER(alg) || PSA_ALG_IS_AEAD(alg) ||
+               PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)) {
+        return PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ?
+               PSA_KEY_USAGE_ENCRYPT :
+               PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT;
+    } else if (PSA_ALG_IS_KEY_DERIVATION(alg) ||
+               PSA_ALG_IS_KEY_AGREEMENT(alg)) {
+        return PSA_KEY_USAGE_DERIVE;
+    } else {
+        return 0;
+    }
+
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/3rdparty/mbedtls-2.28.7/tests/src/random.c b/3rdparty/mbedtls-2.28.7/tests/src/random.c
new file mode 100644
index 0000000..fc59e71
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/src/random.c
@@ -0,0 +1,135 @@
+/**
+ * \file random.c
+ *
+ * \brief   This file contains the helper functions to generate random numbers
+ *          for the purpose of testing.
+ */
+
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/*
+ * for arc4random_buf() from <stdlib.h>
+ */
+#if defined(__NetBSD__)
+#define _NETBSD_SOURCE 1
+#elif defined(__OpenBSD__)
+#define _BSD_SOURCE 1
+#endif
+
+#include <test/macros.h>
+#include <test/random.h>
+#include <string.h>
+
+#include <mbedtls/entropy.h>
+
+int mbedtls_test_rnd_std_rand(void *rng_state,
+                              unsigned char *output,
+                              size_t len)
+{
+#if !defined(__OpenBSD__) && !defined(__NetBSD__)
+    size_t i;
+
+    if (rng_state != NULL) {
+        rng_state  = NULL;
+    }
+
+    for (i = 0; i < len; ++i) {
+        output[i] = rand();
+    }
+#else
+    if (rng_state != NULL) {
+        rng_state = NULL;
+    }
+
+    arc4random_buf(output, len);
+#endif /* !OpenBSD && !NetBSD */
+
+    return 0;
+}
+
+int mbedtls_test_rnd_zero_rand(void *rng_state,
+                               unsigned char *output,
+                               size_t len)
+{
+    if (rng_state != NULL) {
+        rng_state  = NULL;
+    }
+
+    memset(output, 0, len);
+
+    return 0;
+}
+
+int mbedtls_test_rnd_buffer_rand(void *rng_state,
+                                 unsigned char *output,
+                                 size_t len)
+{
+    mbedtls_test_rnd_buf_info *info = (mbedtls_test_rnd_buf_info *) rng_state;
+    size_t use_len;
+
+    if (rng_state == NULL) {
+        return mbedtls_test_rnd_std_rand(NULL, output, len);
+    }
+
+    use_len = len;
+    if (len > info->length) {
+        use_len = info->length;
+    }
+
+    if (use_len) {
+        memcpy(output, info->buf, use_len);
+        info->buf += use_len;
+        info->length -= use_len;
+    }
+
+    if (len - use_len > 0) {
+        if (info->fallback_f_rng != NULL) {
+            return info->fallback_f_rng(info->fallback_p_rng,
+                                        output + use_len,
+                                        len - use_len);
+        } else {
+            return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+        }
+    }
+
+    return 0;
+}
+
+int mbedtls_test_rnd_pseudo_rand(void *rng_state,
+                                 unsigned char *output,
+                                 size_t len)
+{
+    mbedtls_test_rnd_pseudo_info *info =
+        (mbedtls_test_rnd_pseudo_info *) rng_state;
+    uint32_t i, *k, sum, delta = 0x9E3779B9;
+    unsigned char result[4], *out = output;
+
+    if (rng_state == NULL) {
+        return mbedtls_test_rnd_std_rand(NULL, output, len);
+    }
+
+    k = info->key;
+
+    while (len > 0) {
+        size_t use_len = (len > 4) ? 4 : len;
+        sum = 0;
+
+        for (i = 0; i < 32; i++) {
+            info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5))
+                         + info->v1) ^ (sum + k[sum & 3]);
+            sum += delta;
+            info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5))
+                         + info->v0) ^ (sum + k[(sum>>11) & 3]);
+        }
+
+        PUT_UINT32_BE(info->v0, result, 0);
+        memcpy(out, result, use_len);
+        len -= use_len;
+        out += 4;
+    }
+
+    return 0;
+}
diff --git a/3rdparty/mbedtls-2.28.7/tests/src/test_helpers/ssl_helpers.c b/3rdparty/mbedtls-2.28.7/tests/src/test_helpers/ssl_helpers.c
new file mode 100644
index 0000000..2359615
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/src/test_helpers/ssl_helpers.c
@@ -0,0 +1,1804 @@
+/** \file ssl_helpers.c
+ *
+ * \brief Helper functions to set up a TLS connection.
+ */
+
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/ssl_helpers.h>
+
+#if defined(MBEDTLS_SSL_TLS_C)
+
+void mbedtls_test_ssl_log_analyzer(void *ctx, int level,
+                                   const char *file, int line,
+                                   const char *str)
+{
+    mbedtls_test_ssl_log_pattern *p = (mbedtls_test_ssl_log_pattern *) ctx;
+
+    (void) level;
+    (void) line;
+    (void) file;
+
+    if (NULL != p &&
+        NULL != p->pattern &&
+        NULL != strstr(str, p->pattern)) {
+        p->counter++;
+    }
+}
+
+void mbedtls_test_init_handshake_options(
+    mbedtls_test_handshake_test_options *opts)
+{
+    opts->cipher = "";
+    opts->client_min_version = TEST_SSL_MINOR_VERSION_NONE;
+    opts->client_max_version = TEST_SSL_MINOR_VERSION_NONE;
+    opts->server_min_version = TEST_SSL_MINOR_VERSION_NONE;
+    opts->server_max_version = TEST_SSL_MINOR_VERSION_NONE;
+    opts->expected_negotiated_version = MBEDTLS_SSL_MINOR_VERSION_3;
+    opts->pk_alg = MBEDTLS_PK_RSA;
+    opts->psk_str = NULL;
+    opts->dtls = 0;
+    opts->srv_auth_mode = MBEDTLS_SSL_VERIFY_NONE;
+    opts->serialize = 0;
+    opts->mfl = MBEDTLS_SSL_MAX_FRAG_LEN_NONE;
+    opts->cli_msg_len = 100;
+    opts->srv_msg_len = 100;
+    opts->expected_cli_fragments = 1;
+    opts->expected_srv_fragments = 1;
+    opts->renegotiate = 0;
+    opts->legacy_renegotiation = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION;
+    opts->srv_log_obj = NULL;
+    opts->srv_log_obj = NULL;
+    opts->srv_log_fun = NULL;
+    opts->cli_log_fun = NULL;
+    opts->resize_buffers = 1;
+}
+
+void mbedtls_test_ssl_buffer_init(mbedtls_test_ssl_buffer *buf)
+{
+    memset(buf, 0, sizeof(*buf));
+}
+
+int mbedtls_test_ssl_buffer_setup(mbedtls_test_ssl_buffer *buf,
+                                  size_t capacity)
+{
+    buf->buffer = (unsigned char *) mbedtls_calloc(capacity,
+                                                   sizeof(unsigned char));
+    if (NULL == buf->buffer) {
+        return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+    }
+    buf->capacity = capacity;
+
+    return 0;
+}
+
+void mbedtls_test_ssl_buffer_free(mbedtls_test_ssl_buffer *buf)
+{
+    if (buf->buffer != NULL) {
+        mbedtls_free(buf->buffer);
+    }
+
+    memset(buf, 0, sizeof(*buf));
+}
+
+int mbedtls_test_ssl_buffer_put(mbedtls_test_ssl_buffer *buf,
+                                const unsigned char *input, size_t input_len)
+{
+    size_t overflow = 0;
+
+    if ((buf == NULL) || (buf->buffer == NULL)) {
+        return -1;
+    }
+
+    /* Reduce input_len to a number that fits in the buffer. */
+    if ((buf->content_length + input_len) > buf->capacity) {
+        input_len = buf->capacity - buf->content_length;
+    }
+
+    if (input == NULL) {
+        return (input_len == 0) ? 0 : -1;
+    }
+
+    /* Check if the buffer has not come full circle and free space is not in
+     * the middle */
+    if (buf->start + buf->content_length < buf->capacity) {
+
+        /* Calculate the number of bytes that need to be placed at lower memory
+         * address */
+        if (buf->start + buf->content_length + input_len
+            > buf->capacity) {
+            overflow = (buf->start + buf->content_length + input_len)
+                       % buf->capacity;
+        }
+
+        memcpy(buf->buffer + buf->start + buf->content_length, input,
+               input_len - overflow);
+        memcpy(buf->buffer, input + input_len - overflow, overflow);
+
+    } else {
+        /* The buffer has come full circle and free space is in the middle */
+        memcpy(buf->buffer + buf->start + buf->content_length - buf->capacity,
+               input, input_len);
+    }
+
+    buf->content_length += input_len;
+    return (input_len > INT_MAX) ? INT_MAX : (int) input_len;
+}
+
+int mbedtls_test_ssl_buffer_get(mbedtls_test_ssl_buffer *buf,
+                                unsigned char *output, size_t output_len)
+{
+    size_t overflow = 0;
+
+    if ((buf == NULL) || (buf->buffer == NULL)) {
+        return -1;
+    }
+
+    if (output == NULL && output_len == 0) {
+        return 0;
+    }
+
+    if (buf->content_length < output_len) {
+        output_len = buf->content_length;
+    }
+
+    /* Calculate the number of bytes that need to be drawn from lower memory
+     * address */
+    if (buf->start + output_len > buf->capacity) {
+        overflow = (buf->start + output_len) % buf->capacity;
+    }
+
+    if (output != NULL) {
+        memcpy(output, buf->buffer + buf->start, output_len - overflow);
+        memcpy(output + output_len - overflow, buf->buffer, overflow);
+    }
+
+    buf->content_length -= output_len;
+    buf->start = (buf->start + output_len) % buf->capacity;
+
+    return (output_len > INT_MAX) ? INT_MAX : (int) output_len;
+}
+
+int mbedtls_test_ssl_message_queue_setup(
+    mbedtls_test_ssl_message_queue *queue, size_t capacity)
+{
+    queue->messages = (size_t *) mbedtls_calloc(capacity, sizeof(size_t));
+    if (NULL == queue->messages) {
+        return MBEDTLS_ERR_SSL_ALLOC_FAILED;
+    }
+
+    queue->capacity = (capacity > INT_MAX) ? INT_MAX : (int) capacity;
+    queue->pos = 0;
+    queue->num = 0;
+
+    return 0;
+}
+
+void mbedtls_test_ssl_message_queue_free(
+    mbedtls_test_ssl_message_queue *queue)
+{
+    if (queue == NULL) {
+        return;
+    }
+
+    if (queue->messages != NULL) {
+        mbedtls_free(queue->messages);
+    }
+
+    memset(queue, 0, sizeof(*queue));
+}
+
+int mbedtls_test_ssl_message_queue_push_info(
+    mbedtls_test_ssl_message_queue *queue, size_t len)
+{
+    int place;
+    if (queue == NULL) {
+        return MBEDTLS_TEST_ERROR_ARG_NULL;
+    }
+
+    if (queue->num >= queue->capacity) {
+        return MBEDTLS_ERR_SSL_WANT_WRITE;
+    }
+
+    place = (queue->pos + queue->num) % queue->capacity;
+    queue->messages[place] = len;
+    queue->num++;
+    return (len > INT_MAX) ? INT_MAX : (int) len;
+}
+
+int mbedtls_test_ssl_message_queue_pop_info(
+    mbedtls_test_ssl_message_queue *queue, size_t buf_len)
+{
+    size_t message_length;
+    if (queue == NULL) {
+        return MBEDTLS_TEST_ERROR_ARG_NULL;
+    }
+    if (queue->num == 0) {
+        return MBEDTLS_ERR_SSL_WANT_READ;
+    }
+
+    message_length = queue->messages[queue->pos];
+    queue->messages[queue->pos] = 0;
+    queue->num--;
+    queue->pos++;
+    queue->pos %= queue->capacity;
+    if (queue->pos < 0) {
+        queue->pos += queue->capacity;
+    }
+
+    return (message_length > INT_MAX && buf_len > INT_MAX) ? INT_MAX :
+           (message_length > buf_len) ? (int) buf_len : (int) message_length;
+}
+
+/*
+ * Take a peek on the info about the next message length from the queue.
+ * This will be the oldest inserted message length(fifo).
+ *
+ * \retval  MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null.
+ * \retval  MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty.
+ * \retval  0, if the peek was successful.
+ * \retval  MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED, if the given buffer length is
+ *          too small to fit the message. In this case the \p msg_len will be
+ *          set to the full message length so that the
+ *          caller knows what portion of the message can be dropped.
+ */
+static int test_ssl_message_queue_peek_info(
+    mbedtls_test_ssl_message_queue *queue,
+    size_t buf_len, size_t *msg_len)
+{
+    if (queue == NULL || msg_len == NULL) {
+        return MBEDTLS_TEST_ERROR_ARG_NULL;
+    }
+    if (queue->num == 0) {
+        return MBEDTLS_ERR_SSL_WANT_READ;
+    }
+
+    *msg_len = queue->messages[queue->pos];
+    return (*msg_len > buf_len) ? MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED : 0;
+}
+
+void mbedtls_test_mock_socket_init(mbedtls_test_mock_socket *socket)
+{
+    memset(socket, 0, sizeof(*socket));
+}
+
+void mbedtls_test_mock_socket_close(mbedtls_test_mock_socket *socket)
+{
+    if (socket == NULL) {
+        return;
+    }
+
+    if (socket->input != NULL) {
+        mbedtls_test_ssl_buffer_free(socket->input);
+        mbedtls_free(socket->input);
+    }
+
+    if (socket->output != NULL) {
+        mbedtls_test_ssl_buffer_free(socket->output);
+        mbedtls_free(socket->output);
+    }
+
+    if (socket->peer != NULL) {
+        memset(socket->peer, 0, sizeof(*socket->peer));
+    }
+
+    memset(socket, 0, sizeof(*socket));
+}
+
+int mbedtls_test_mock_socket_connect(mbedtls_test_mock_socket *peer1,
+                                     mbedtls_test_mock_socket *peer2,
+                                     size_t bufsize)
+{
+    int ret = -1;
+
+    peer1->output =
+        (mbedtls_test_ssl_buffer *) mbedtls_calloc(
+            1, sizeof(mbedtls_test_ssl_buffer));
+    if (peer1->output == NULL) {
+        ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
+        goto exit;
+    }
+    mbedtls_test_ssl_buffer_init(peer1->output);
+    if (0 != (ret = mbedtls_test_ssl_buffer_setup(peer1->output, bufsize))) {
+        goto exit;
+    }
+
+    peer2->output =
+        (mbedtls_test_ssl_buffer *) mbedtls_calloc(
+            1, sizeof(mbedtls_test_ssl_buffer));
+    if (peer2->output == NULL) {
+        ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
+        goto exit;
+    }
+    mbedtls_test_ssl_buffer_init(peer2->output);
+    if (0 != (ret = mbedtls_test_ssl_buffer_setup(peer2->output, bufsize))) {
+        goto exit;
+    }
+
+    peer1->peer = peer2;
+    peer2->peer = peer1;
+    peer1->input = peer2->output;
+    peer2->input = peer1->output;
+
+    peer1->status = peer2->status = MBEDTLS_MOCK_SOCKET_CONNECTED;
+    ret = 0;
+
+exit:
+
+    if (ret != 0) {
+        mbedtls_test_mock_socket_close(peer1);
+        mbedtls_test_mock_socket_close(peer2);
+    }
+
+    return ret;
+}
+
+int mbedtls_test_mock_tcp_send_b(void *ctx,
+                                 const unsigned char *buf, size_t len)
+{
+    mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx;
+
+    if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) {
+        return -1;
+    }
+
+    return mbedtls_test_ssl_buffer_put(socket->output, buf, len);
+}
+
+int mbedtls_test_mock_tcp_recv_b(void *ctx, unsigned char *buf, size_t len)
+{
+    mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx;
+
+    if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) {
+        return -1;
+    }
+
+    return mbedtls_test_ssl_buffer_get(socket->input, buf, len);
+}
+
+int mbedtls_test_mock_tcp_send_nb(void *ctx,
+                                  const unsigned char *buf, size_t len)
+{
+    mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx;
+
+    if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) {
+        return -1;
+    }
+
+    if (socket->output->capacity == socket->output->content_length) {
+        return MBEDTLS_ERR_SSL_WANT_WRITE;
+    }
+
+    return mbedtls_test_ssl_buffer_put(socket->output, buf, len);
+}
+
+int mbedtls_test_mock_tcp_recv_nb(void *ctx, unsigned char *buf, size_t len)
+{
+    mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx;
+
+    if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) {
+        return -1;
+    }
+
+    if (socket->input->content_length == 0) {
+        return MBEDTLS_ERR_SSL_WANT_READ;
+    }
+
+    return mbedtls_test_ssl_buffer_get(socket->input, buf, len);
+}
+
+void mbedtls_test_message_socket_init(
+    mbedtls_test_message_socket_context *ctx)
+{
+    ctx->queue_input = NULL;
+    ctx->queue_output = NULL;
+    ctx->socket = NULL;
+}
+
+int mbedtls_test_message_socket_setup(
+    mbedtls_test_ssl_message_queue *queue_input,
+    mbedtls_test_ssl_message_queue *queue_output,
+    size_t queue_capacity,
+    mbedtls_test_mock_socket *socket,
+    mbedtls_test_message_socket_context *ctx)
+{
+    int ret = mbedtls_test_ssl_message_queue_setup(queue_input, queue_capacity);
+    if (ret != 0) {
+        return ret;
+    }
+    ctx->queue_input = queue_input;
+    ctx->queue_output = queue_output;
+    ctx->socket = socket;
+    mbedtls_test_mock_socket_init(socket);
+
+    return 0;
+}
+
+void mbedtls_test_message_socket_close(
+    mbedtls_test_message_socket_context *ctx)
+{
+    if (ctx == NULL) {
+        return;
+    }
+
+    mbedtls_test_ssl_message_queue_free(ctx->queue_input);
+    mbedtls_test_mock_socket_close(ctx->socket);
+    memset(ctx, 0, sizeof(*ctx));
+}
+
+int mbedtls_test_mock_tcp_send_msg(void *ctx,
+                                   const unsigned char *buf, size_t len)
+{
+    mbedtls_test_ssl_message_queue *queue;
+    mbedtls_test_mock_socket *socket;
+    mbedtls_test_message_socket_context *context =
+        (mbedtls_test_message_socket_context *) ctx;
+
+    if (context == NULL || context->socket == NULL
+        || context->queue_output == NULL) {
+        return MBEDTLS_TEST_ERROR_CONTEXT_ERROR;
+    }
+
+    queue = context->queue_output;
+    socket = context->socket;
+
+    if (queue->num >= queue->capacity) {
+        return MBEDTLS_ERR_SSL_WANT_WRITE;
+    }
+
+    if (mbedtls_test_mock_tcp_send_b(socket, buf, len) != (int) len) {
+        return MBEDTLS_TEST_ERROR_SEND_FAILED;
+    }
+
+    return mbedtls_test_ssl_message_queue_push_info(queue, len);
+}
+
+int mbedtls_test_mock_tcp_recv_msg(void *ctx,
+                                   unsigned char *buf, size_t buf_len)
+{
+    mbedtls_test_ssl_message_queue *queue;
+    mbedtls_test_mock_socket *socket;
+    mbedtls_test_message_socket_context *context =
+        (mbedtls_test_message_socket_context *) ctx;
+    size_t drop_len = 0;
+    size_t msg_len;
+    int ret;
+
+    if (context == NULL || context->socket == NULL
+        || context->queue_input == NULL) {
+        return MBEDTLS_TEST_ERROR_CONTEXT_ERROR;
+    }
+
+    queue = context->queue_input;
+    socket = context->socket;
+
+    /* Peek first, so that in case of a socket error the data remains in
+     * the queue. */
+    ret = test_ssl_message_queue_peek_info(queue, buf_len, &msg_len);
+    if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) {
+        /* Calculate how much to drop */
+        drop_len = msg_len - buf_len;
+
+        /* Set the requested message len to be buffer length */
+        msg_len = buf_len;
+    } else if (ret != 0) {
+        return ret;
+    }
+
+    if (mbedtls_test_mock_tcp_recv_b(socket, buf, msg_len) != (int) msg_len) {
+        return MBEDTLS_TEST_ERROR_RECV_FAILED;
+    }
+
+    if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) {
+        /* Drop the remaining part of the message */
+        if (mbedtls_test_mock_tcp_recv_b(socket, NULL, drop_len) !=
+            (int) drop_len) {
+            /* Inconsistent state - part of the message was read,
+             * and a part couldn't. Not much we can do here, but it should not
+             * happen in test environment, unless forced manually. */
+        }
+    }
+    mbedtls_test_ssl_message_queue_pop_info(queue, buf_len);
+
+    return (msg_len > INT_MAX) ? INT_MAX : (int) msg_len;
+}
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \
+    defined(MBEDTLS_CERTS_C) && \
+    defined(MBEDTLS_ENTROPY_C) && \
+    defined(MBEDTLS_CTR_DRBG_C)
+
+/*
+ * Deinitializes certificates from endpoint represented by \p ep.
+ */
+static void test_ssl_endpoint_certificate_free(mbedtls_test_ssl_endpoint *ep)
+{
+    mbedtls_test_ssl_endpoint_certificate *cert = &(ep->cert);
+    if (cert != NULL) {
+        if (cert->ca_cert != NULL) {
+            mbedtls_x509_crt_free(cert->ca_cert);
+            mbedtls_free(cert->ca_cert);
+            cert->ca_cert = NULL;
+        }
+        if (cert->cert != NULL) {
+            mbedtls_x509_crt_free(cert->cert);
+            mbedtls_free(cert->cert);
+            cert->cert = NULL;
+        }
+        if (cert->pkey != NULL) {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+            if (mbedtls_pk_get_type(cert->pkey) == MBEDTLS_PK_OPAQUE) {
+                mbedtls_svc_key_id_t *key_slot = cert->pkey->pk_ctx;
+                psa_destroy_key(*key_slot);
+            }
+#endif
+            mbedtls_pk_free(cert->pkey);
+            mbedtls_free(cert->pkey);
+            cert->pkey = NULL;
+        }
+    }
+}
+
+int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep,
+                                               int pk_alg)
+{
+    int i = 0;
+    int ret = -1;
+    mbedtls_test_ssl_endpoint_certificate *cert = NULL;
+
+    if (ep == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    cert = &(ep->cert);
+    TEST_CALLOC(cert->ca_cert, 1);
+    TEST_CALLOC(cert->cert, 1);
+    TEST_CALLOC(cert->pkey, 1);
+
+    mbedtls_x509_crt_init(cert->ca_cert);
+    mbedtls_x509_crt_init(cert->cert);
+    mbedtls_pk_init(cert->pkey);
+
+    /* Load the trusted CA */
+
+    for (i = 0; mbedtls_test_cas_der[i] != NULL; i++) {
+        ret = mbedtls_x509_crt_parse_der(
+            cert->ca_cert,
+            (const unsigned char *) mbedtls_test_cas_der[i],
+            mbedtls_test_cas_der_len[i]);
+        TEST_ASSERT(ret == 0);
+    }
+
+    /* Load own certificate and private key */
+
+    if (ep->conf.endpoint == MBEDTLS_SSL_IS_SERVER) {
+        if (pk_alg == MBEDTLS_PK_RSA) {
+            ret = mbedtls_x509_crt_parse(
+                cert->cert,
+                (const unsigned char *) mbedtls_test_srv_crt_rsa_sha256_der,
+                mbedtls_test_srv_crt_rsa_sha256_der_len);
+            TEST_ASSERT(ret == 0);
+
+            ret = mbedtls_pk_parse_key(
+                cert->pkey,
+                (const unsigned char *) mbedtls_test_srv_key_rsa_der,
+                mbedtls_test_srv_key_rsa_der_len, NULL, 0);
+            TEST_ASSERT(ret == 0);
+        } else {
+            ret = mbedtls_x509_crt_parse(
+                cert->cert,
+                (const unsigned char *) mbedtls_test_srv_crt_ec_der,
+                mbedtls_test_srv_crt_ec_der_len);
+            TEST_ASSERT(ret == 0);
+
+            ret = mbedtls_pk_parse_key(
+                cert->pkey,
+                (const unsigned char *) mbedtls_test_srv_key_ec_der,
+                mbedtls_test_srv_key_ec_der_len, NULL, 0);
+            TEST_ASSERT(ret == 0);
+        }
+    } else {
+        if (pk_alg == MBEDTLS_PK_RSA) {
+            ret = mbedtls_x509_crt_parse(
+                cert->cert,
+                (const unsigned char *) mbedtls_test_cli_crt_rsa_der,
+                mbedtls_test_cli_crt_rsa_der_len);
+            TEST_ASSERT(ret == 0);
+
+            ret = mbedtls_pk_parse_key(
+                cert->pkey,
+                (const unsigned char *) mbedtls_test_cli_key_rsa_der,
+                mbedtls_test_cli_key_rsa_der_len, NULL, 0);
+            TEST_ASSERT(ret == 0);
+        } else {
+            ret = mbedtls_x509_crt_parse(
+                cert->cert,
+                (const unsigned char *) mbedtls_test_cli_crt_ec_der,
+                mbedtls_test_cli_crt_ec_len);
+            TEST_ASSERT(ret == 0);
+
+            ret = mbedtls_pk_parse_key(
+                cert->pkey,
+                (const unsigned char *) mbedtls_test_cli_key_ec_der,
+                mbedtls_test_cli_key_ec_der_len, NULL, 0);
+            TEST_ASSERT(ret == 0);
+        }
+    }
+
+    mbedtls_ssl_conf_ca_chain(&(ep->conf), cert->ca_cert, NULL);
+
+    ret = mbedtls_ssl_conf_own_cert(&(ep->conf), cert->cert,
+                                    cert->pkey);
+    TEST_ASSERT(ret == 0);
+
+exit:
+    if (ret != 0) {
+        test_ssl_endpoint_certificate_free(ep);
+    }
+
+    return ret;
+}
+
+int mbedtls_test_ssl_endpoint_init(
+    mbedtls_test_ssl_endpoint *ep, int endpoint_type, int pk_alg,
+    mbedtls_test_message_socket_context *dtls_context,
+    mbedtls_test_ssl_message_queue *input_queue,
+    mbedtls_test_ssl_message_queue *output_queue,
+    const mbedtls_ecp_group_id *curves)
+{
+    int ret = -1;
+
+    if (dtls_context != NULL &&
+        (input_queue == NULL || output_queue == NULL)) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    if (ep == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    memset(ep, 0, sizeof(*ep));
+
+    ep->name = (endpoint_type == MBEDTLS_SSL_IS_SERVER) ? "Server" : "Client";
+
+    mbedtls_ssl_init(&(ep->ssl));
+    mbedtls_ssl_config_init(&(ep->conf));
+    mbedtls_ctr_drbg_init(&(ep->ctr_drbg));
+    mbedtls_ssl_conf_rng(&(ep->conf),
+                         mbedtls_ctr_drbg_random,
+                         &(ep->ctr_drbg));
+    mbedtls_entropy_init(&(ep->entropy));
+    if (dtls_context != NULL) {
+        TEST_ASSERT(mbedtls_test_message_socket_setup(input_queue, output_queue,
+                                                      100, &(ep->socket),
+                                                      dtls_context) == 0);
+    } else {
+        mbedtls_test_mock_socket_init(&(ep->socket));
+    }
+
+    ret = mbedtls_ctr_drbg_seed(&(ep->ctr_drbg), mbedtls_entropy_func,
+                                &(ep->entropy),
+                                (const unsigned char *) (ep->name),
+                                strlen(ep->name));
+    TEST_ASSERT(ret == 0);
+
+    /* Non-blocking callbacks without timeout */
+    if (dtls_context != NULL) {
+        mbedtls_ssl_set_bio(&(ep->ssl), dtls_context,
+                            mbedtls_test_mock_tcp_send_msg,
+                            mbedtls_test_mock_tcp_recv_msg,
+                            NULL);
+    } else {
+        mbedtls_ssl_set_bio(&(ep->ssl), &(ep->socket),
+                            mbedtls_test_mock_tcp_send_nb,
+                            mbedtls_test_mock_tcp_recv_nb,
+                            NULL);
+    }
+
+    ret = mbedtls_ssl_config_defaults(&(ep->conf), endpoint_type,
+                                      (dtls_context != NULL) ?
+                                      MBEDTLS_SSL_TRANSPORT_DATAGRAM :
+                                      MBEDTLS_SSL_TRANSPORT_STREAM,
+                                      MBEDTLS_SSL_PRESET_DEFAULT);
+    TEST_ASSERT(ret == 0);
+
+#if defined(MBEDTLS_ECP_C)
+    if (curves != NULL) {
+        mbedtls_ssl_conf_curves(&(ep->conf), curves);
+    }
+#else
+    (void) curves;
+#endif
+
+    ret = mbedtls_ssl_setup(&(ep->ssl), &(ep->conf));
+    TEST_ASSERT(ret == 0);
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_SSL_SRV_C)
+    if (endpoint_type == MBEDTLS_SSL_IS_SERVER && dtls_context != NULL) {
+        mbedtls_ssl_conf_dtls_cookies(&(ep->conf), NULL, NULL, NULL);
+    }
+#endif
+
+    ret = mbedtls_test_ssl_endpoint_certificate_init(ep, pk_alg);
+    TEST_ASSERT(ret == 0);
+
+exit:
+    return ret;
+}
+
+void mbedtls_test_ssl_endpoint_free(
+    mbedtls_test_ssl_endpoint *ep,
+    mbedtls_test_message_socket_context *context)
+{
+    test_ssl_endpoint_certificate_free(ep);
+
+    mbedtls_ssl_free(&(ep->ssl));
+    mbedtls_ssl_config_free(&(ep->conf));
+    mbedtls_ctr_drbg_free(&(ep->ctr_drbg));
+    mbedtls_entropy_free(&(ep->entropy));
+
+    if (context != NULL) {
+        mbedtls_test_message_socket_close(context);
+    } else {
+        mbedtls_test_mock_socket_close(&(ep->socket));
+    }
+}
+
+int mbedtls_test_move_handshake_to_state(mbedtls_ssl_context *ssl,
+                                         mbedtls_ssl_context *second_ssl,
+                                         int state)
+{
+    enum { BUFFSIZE = 1024 };
+    int max_steps = 1000;
+    int ret = 0;
+
+    if (ssl == NULL || second_ssl == NULL) {
+        return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+    }
+
+    /* Perform communication via connected sockets */
+    while ((ssl->state != state) && (--max_steps >= 0)) {
+        /* If /p second_ssl ends the handshake procedure before /p ssl then
+         * there is no need to call the next step */
+        if (second_ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) {
+            ret = mbedtls_ssl_handshake_step(second_ssl);
+            if (ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ &&
+                ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+                return ret;
+            }
+        }
+
+        /* We only care about the \p ssl state and returns, so we call it last,
+         * to leave the iteration as soon as the state is as expected. */
+        ret = mbedtls_ssl_handshake_step(ssl);
+        if (ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ &&
+            ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+            return ret;
+        }
+    }
+
+    return (max_steps >= 0) ? ret : -1;
+}
+
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C &&
+          MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
+
+/*
+ * Write application data. Increase write counter if necessary.
+ */
+int mbedtls_ssl_write_fragment(mbedtls_ssl_context *ssl,
+                               unsigned char *buf, int buf_len,
+                               int *written,
+                               const int expected_fragments)
+{
+    int ret;
+
+    /* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is
+     * a valid no-op for TLS connections. */
+    if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        TEST_ASSERT(mbedtls_ssl_write(ssl, NULL, 0) == 0);
+    }
+
+    ret = mbedtls_ssl_write(ssl, buf + *written, buf_len - *written);
+    if (ret > 0) {
+        *written += ret;
+    }
+
+    if (expected_fragments == 0) {
+        /* Used for DTLS and the message size larger than MFL. In that case
+         * the message can not be fragmented and the library should return
+         * MBEDTLS_ERR_SSL_BAD_INPUT_DATA error. This error must be returned
+         * to prevent a dead loop inside mbedtls_test_ssl_exchange_data(). */
+        return ret;
+    } else if (expected_fragments == 1) {
+        /* Used for TLS/DTLS and the message size lower than MFL */
+        TEST_ASSERT(ret == buf_len ||
+                    ret == MBEDTLS_ERR_SSL_WANT_READ ||
+                    ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+    } else {
+        /* Used for TLS and the message size larger than MFL */
+        TEST_ASSERT(expected_fragments > 1);
+        TEST_ASSERT((ret >= 0 && ret <= buf_len) ||
+                    ret == MBEDTLS_ERR_SSL_WANT_READ ||
+                    ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+    }
+
+    return 0;
+
+exit:
+    /* Some of the tests failed */
+    return -1;
+}
+
+/*
+ * Read application data and increase read counter and fragments counter
+ * if necessary.
+ */
+int mbedtls_ssl_read_fragment(mbedtls_ssl_context *ssl,
+                              unsigned char *buf, int buf_len,
+                              int *read, int *fragments,
+                              const int expected_fragments)
+{
+    int ret;
+
+    /* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is
+     * a valid no-op for TLS connections. */
+    if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        TEST_ASSERT(mbedtls_ssl_read(ssl, NULL, 0) == 0);
+    }
+
+    ret = mbedtls_ssl_read(ssl, buf + *read, buf_len - *read);
+    if (ret > 0) {
+        (*fragments)++;
+        *read += ret;
+    }
+
+    if (expected_fragments == 0) {
+        TEST_ASSERT(ret == 0);
+    } else if (expected_fragments == 1) {
+        TEST_ASSERT(ret == buf_len ||
+                    ret == MBEDTLS_ERR_SSL_WANT_READ ||
+                    ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+    } else {
+        TEST_ASSERT(expected_fragments > 1);
+        TEST_ASSERT((ret >= 0 && ret <= buf_len) ||
+                    ret == MBEDTLS_ERR_SSL_WANT_READ ||
+                    ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+    }
+
+    return 0;
+
+exit:
+    /* Some of the tests failed */
+    return -1;
+}
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \
+    defined(MBEDTLS_CERTS_C)                        && \
+    defined(MBEDTLS_ENTROPY_C)                      && \
+    defined(MBEDTLS_CTR_DRBG_C)
+static void set_ciphersuite(mbedtls_ssl_config *conf, const char *cipher,
+                            int *forced_ciphersuite)
+{
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
+    forced_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(cipher);
+    forced_ciphersuite[1] = 0;
+
+    ciphersuite_info =
+        mbedtls_ssl_ciphersuite_from_id(forced_ciphersuite[0]);
+
+    TEST_ASSERT(ciphersuite_info != NULL);
+    TEST_ASSERT(ciphersuite_info->min_minor_ver <= conf->max_minor_ver);
+    TEST_ASSERT(ciphersuite_info->max_minor_ver >= conf->min_minor_ver);
+
+    if (conf->max_minor_ver > ciphersuite_info->max_minor_ver) {
+        conf->max_minor_ver = ciphersuite_info->max_minor_ver;
+    }
+    if (conf->min_minor_ver < ciphersuite_info->min_minor_ver) {
+        conf->min_minor_ver = ciphersuite_info->min_minor_ver;
+    }
+
+    mbedtls_ssl_conf_ciphersuites(conf, forced_ciphersuite);
+
+exit:
+    return;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C &&
+          MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \
+    defined(MBEDTLS_CERTS_C)                        && \
+    defined(MBEDTLS_ENTROPY_C)                      && \
+    defined(MBEDTLS_CTR_DRBG_C)                     && \
+    defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+static int psk_dummy_callback(void *p_info, mbedtls_ssl_context *ssl,
+                              const unsigned char *name, size_t name_len)
+{
+    (void) p_info;
+    (void) ssl;
+    (void) name;
+    (void) name_len;
+
+    return 0;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C &&
+          MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
+          MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+
+int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in,
+                                      mbedtls_ssl_transform *t_out,
+                                      int cipher_type, int hash_id,
+                                      int etm, int tag_mode, int ver,
+                                      size_t cid0_len,
+                                      size_t cid1_len)
+{
+    mbedtls_cipher_info_t const *cipher_info;
+    int ret = 0;
+
+    size_t keylen, maclen, ivlen;
+    unsigned char *key0 = NULL, *key1 = NULL;
+    unsigned char *md0 = NULL, *md1 = NULL;
+    unsigned char iv_enc[16], iv_dec[16];
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    unsigned char cid0[SSL_CID_LEN_MIN];
+    unsigned char cid1[SSL_CID_LEN_MIN];
+
+    mbedtls_test_rnd_std_rand(NULL, cid0, sizeof(cid0));
+    mbedtls_test_rnd_std_rand(NULL, cid1, sizeof(cid1));
+#else
+    ((void) cid0_len);
+    ((void) cid1_len);
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+    maclen = 0;
+
+    /* Pick cipher */
+    cipher_info = mbedtls_cipher_info_from_type(cipher_type);
+    CHK(cipher_info != NULL);
+    CHK(cipher_info->iv_size <= 16);
+    CHK(cipher_info->key_bitlen % 8 == 0);
+
+    /* Pick keys */
+    keylen = cipher_info->key_bitlen / 8;
+    /* Allocate `keylen + 1` bytes to ensure that we get
+     * a non-NULL pointers from `mbedtls_calloc` even if
+     * `keylen == 0` in the case of the NULL cipher. */
+    CHK((key0 = mbedtls_calloc(1, keylen + 1)) != NULL);
+    CHK((key1 = mbedtls_calloc(1, keylen + 1)) != NULL);
+    memset(key0, 0x1, keylen);
+    memset(key1, 0x2, keylen);
+
+    /* Setup cipher contexts */
+    CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_enc,  cipher_info) == 0);
+    CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_dec,  cipher_info) == 0);
+    CHK(mbedtls_cipher_setup(&t_out->cipher_ctx_enc, cipher_info) == 0);
+    CHK(mbedtls_cipher_setup(&t_out->cipher_ctx_dec, cipher_info) == 0);
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    if (cipher_info->mode == MBEDTLS_MODE_CBC) {
+        CHK(mbedtls_cipher_set_padding_mode(&t_in->cipher_ctx_enc,
+                                            MBEDTLS_PADDING_NONE) == 0);
+        CHK(mbedtls_cipher_set_padding_mode(&t_in->cipher_ctx_dec,
+                                            MBEDTLS_PADDING_NONE) == 0);
+        CHK(mbedtls_cipher_set_padding_mode(&t_out->cipher_ctx_enc,
+                                            MBEDTLS_PADDING_NONE) == 0);
+        CHK(mbedtls_cipher_set_padding_mode(&t_out->cipher_ctx_dec,
+                                            MBEDTLS_PADDING_NONE) == 0);
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+    CHK(mbedtls_cipher_setkey(&t_in->cipher_ctx_enc, key0,
+                              (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3,
+                              MBEDTLS_ENCRYPT)
+        == 0);
+    CHK(mbedtls_cipher_setkey(&t_in->cipher_ctx_dec, key1,
+                              (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3,
+                              MBEDTLS_DECRYPT)
+        == 0);
+    CHK(mbedtls_cipher_setkey(&t_out->cipher_ctx_enc, key1,
+                              (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3,
+                              MBEDTLS_ENCRYPT)
+        == 0);
+    CHK(mbedtls_cipher_setkey(&t_out->cipher_ctx_dec, key0,
+                              (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3,
+                              MBEDTLS_DECRYPT)
+        == 0);
+
+    /* Setup MAC contexts */
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+    if (cipher_info->mode == MBEDTLS_MODE_CBC ||
+        cipher_info->mode == MBEDTLS_MODE_STREAM) {
+        mbedtls_md_info_t const *md_info;
+
+        /* Pick hash */
+        md_info = mbedtls_md_info_from_type(hash_id);
+        CHK(md_info != NULL);
+
+        /* Pick hash keys */
+        maclen = mbedtls_md_get_size(md_info);
+        CHK((md0 = mbedtls_calloc(1, maclen)) != NULL);
+        CHK((md1 = mbedtls_calloc(1, maclen)) != NULL);
+        memset(md0, 0x5, maclen);
+        memset(md1, 0x6, maclen);
+
+        CHK(mbedtls_md_setup(&t_out->md_ctx_enc, md_info, 1) == 0);
+        CHK(mbedtls_md_setup(&t_out->md_ctx_dec, md_info, 1) == 0);
+        CHK(mbedtls_md_setup(&t_in->md_ctx_enc,  md_info, 1) == 0);
+        CHK(mbedtls_md_setup(&t_in->md_ctx_dec,  md_info, 1) == 0);
+
+        if (ver > MBEDTLS_SSL_MINOR_VERSION_0) {
+            CHK(mbedtls_md_hmac_starts(&t_in->md_ctx_enc,
+                                       md0, maclen) == 0);
+            CHK(mbedtls_md_hmac_starts(&t_in->md_ctx_dec,
+                                       md1, maclen) == 0);
+            CHK(mbedtls_md_hmac_starts(&t_out->md_ctx_enc,
+                                       md1, maclen) == 0);
+            CHK(mbedtls_md_hmac_starts(&t_out->md_ctx_dec,
+                                       md0, maclen) == 0);
+        }
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+        else {
+            memcpy(&t_in->mac_enc, md0, maclen);
+            memcpy(&t_in->mac_dec, md1, maclen);
+            memcpy(&t_out->mac_enc, md1, maclen);
+            memcpy(&t_out->mac_dec, md0, maclen);
+        }
+#endif
+    }
+#else
+    ((void) hash_id);
+#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
+
+
+    /* Pick IV's (regardless of whether they
+     * are being used by the transform). */
+    ivlen = cipher_info->iv_size;
+    memset(iv_enc, 0x3, sizeof(iv_enc));
+    memset(iv_dec, 0x4, sizeof(iv_dec));
+
+    /*
+     * Setup transforms
+     */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \
+    defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+    t_out->encrypt_then_mac = etm;
+    t_in->encrypt_then_mac = etm;
+#else
+    ((void) etm);
+#endif
+
+    t_out->minor_ver = ver;
+    t_in->minor_ver = ver;
+    t_out->ivlen = ivlen;
+    t_in->ivlen = ivlen;
+
+    switch (cipher_info->mode) {
+        case MBEDTLS_MODE_GCM:
+        case MBEDTLS_MODE_CCM:
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+            if (ver == MBEDTLS_SSL_MINOR_VERSION_4) {
+                t_out->fixed_ivlen = 12;
+                t_in->fixed_ivlen  = 12;
+            } else
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+            {
+                t_out->fixed_ivlen = 4;
+                t_in->fixed_ivlen = 4;
+            }
+            t_out->maclen = 0;
+            t_in->maclen = 0;
+            switch (tag_mode) {
+                case 0: /* Full tag */
+                    t_out->taglen = 16;
+                    t_in->taglen = 16;
+                    break;
+                case 1: /* Partial tag */
+                    t_out->taglen = 8;
+                    t_in->taglen = 8;
+                    break;
+                default:
+                    ret = 1;
+                    goto cleanup;
+            }
+            break;
+
+        case MBEDTLS_MODE_CHACHAPOLY:
+            t_out->fixed_ivlen = 12;
+            t_in->fixed_ivlen = 12;
+            t_out->maclen = 0;
+            t_in->maclen = 0;
+            switch (tag_mode) {
+                case 0: /* Full tag */
+                    t_out->taglen = 16;
+                    t_in->taglen = 16;
+                    break;
+                case 1: /* Partial tag */
+                    t_out->taglen = 8;
+                    t_in->taglen = 8;
+                    break;
+                default:
+                    ret = 1;
+                    goto cleanup;
+            }
+            break;
+
+        case MBEDTLS_MODE_STREAM:
+        case MBEDTLS_MODE_CBC:
+            t_out->fixed_ivlen = 0; /* redundant, must be 0 */
+            t_in->fixed_ivlen = 0;  /* redundant, must be 0 */
+            t_out->taglen = 0;
+            t_in->taglen = 0;
+            switch (tag_mode) {
+                case 0: /* Full tag */
+                    t_out->maclen = maclen;
+                    t_in->maclen = maclen;
+                    break;
+                case 1: /* Partial tag */
+                    t_out->maclen = 10;
+                    t_in->maclen = 10;
+                    break;
+                default:
+                    ret = 1;
+                    goto cleanup;
+            }
+            break;
+        default:
+            ret = 1;
+            goto cleanup;
+            break;
+    }
+
+    /* Setup IV's */
+
+    memcpy(&t_in->iv_dec, iv_dec, sizeof(iv_dec));
+    memcpy(&t_in->iv_enc, iv_enc, sizeof(iv_enc));
+    memcpy(&t_out->iv_dec, iv_enc, sizeof(iv_enc));
+    memcpy(&t_out->iv_enc, iv_dec, sizeof(iv_dec));
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    /* Add CID */
+    memcpy(&t_in->in_cid,  cid0, cid0_len);
+    memcpy(&t_in->out_cid, cid1, cid1_len);
+    t_in->in_cid_len = (uint8_t) cid0_len;
+    t_in->out_cid_len = (uint8_t) cid1_len;
+    memcpy(&t_out->in_cid,  cid1, cid1_len);
+    memcpy(&t_out->out_cid, cid0, cid0_len);
+    t_out->in_cid_len = (uint8_t) cid1_len;
+    t_out->out_cid_len = (uint8_t) cid0_len;
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+cleanup:
+
+    mbedtls_free(key0);
+    mbedtls_free(key1);
+
+    mbedtls_free(md0);
+    mbedtls_free(md1);
+
+    return ret;
+}
+
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
+int mbedtls_test_ssl_prepare_record_mac(mbedtls_record *record,
+                                        mbedtls_ssl_transform *transform_out)
+{
+    /* Serialized version of record header for MAC purposes */
+    unsigned char add_data[13];
+    memcpy(add_data, record->ctr, 8);
+    add_data[8] = record->type;
+    add_data[9] = record->ver[0];
+    add_data[10] = record->ver[1];
+    add_data[11] = (record->data_len >> 8) & 0xff;
+    add_data[12] = (record->data_len >> 0) & 0xff;
+
+    /* MAC with additional data */
+    TEST_EQUAL(0, mbedtls_md_hmac_update(&transform_out->md_ctx_enc, add_data, 13));
+    TEST_EQUAL(0, mbedtls_md_hmac_update(&transform_out->md_ctx_enc,
+                                         record->buf + record->data_offset,
+                                         record->data_len));
+    /* Use a temporary buffer for the MAC, because with the truncated HMAC
+     * extension, there might not be enough room in the record for the
+     * full-length MAC. */
+    unsigned char mac[MBEDTLS_MD_MAX_SIZE];
+    TEST_EQUAL(0, mbedtls_md_hmac_finish(&transform_out->md_ctx_enc, mac));
+    memcpy(record->buf + record->data_offset + record->data_len, mac, transform_out->maclen);
+    record->data_len += transform_out->maclen;
+
+    return 0;
+
+exit:
+    return -1;
+}
+#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
+
+int mbedtls_test_ssl_populate_session(mbedtls_ssl_session *session,
+                                      int ticket_len,
+                                      const char *crt_file)
+{
+#if defined(MBEDTLS_HAVE_TIME)
+    session->start = mbedtls_time(NULL) - 42;
+#endif
+    session->ciphersuite = 0xabcd;
+    session->compression = 1;
+    session->id_len = sizeof(session->id);
+    memset(session->id, 66, session->id_len);
+    memset(session->master, 17, sizeof(session->master));
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \
+    defined(MBEDTLS_CERTS_C) &&                        \
+    defined(MBEDTLS_FS_IO)
+    if (strlen(crt_file) != 0) {
+        mbedtls_x509_crt tmp_crt;
+        int ret;
+
+        mbedtls_x509_crt_init(&tmp_crt);
+        ret = mbedtls_x509_crt_parse_file(&tmp_crt, crt_file);
+        if (ret != 0) {
+            return ret;
+        }
+
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+        /* Move temporary CRT. */
+        session->peer_cert = mbedtls_calloc(1, sizeof(*session->peer_cert));
+        if (session->peer_cert == NULL) {
+            return -1;
+        }
+        *session->peer_cert = tmp_crt;
+        memset(&tmp_crt, 0, sizeof(tmp_crt));
+#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+        /* Calculate digest of temporary CRT. */
+        session->peer_cert_digest =
+            mbedtls_calloc(1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN);
+        if (session->peer_cert_digest == NULL) {
+            return -1;
+        }
+        ret = mbedtls_md(mbedtls_md_info_from_type(
+                             MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE),
+                         tmp_crt.raw.p, tmp_crt.raw.len,
+                         session->peer_cert_digest);
+        if (ret != 0) {
+            return ret;
+        }
+        session->peer_cert_digest_type =
+            MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE;
+        session->peer_cert_digest_len =
+            MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN;
+#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+
+        mbedtls_x509_crt_free(&tmp_crt);
+    }
+#else /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C && MBEDTLS_FS_IO */
+    (void) crt_file;
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C && MBEDTLS_FS_IO */
+    session->verify_result = 0xdeadbeef;
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
+    if (ticket_len != 0) {
+        session->ticket = mbedtls_calloc(1, ticket_len);
+        if (session->ticket == NULL) {
+            return -1;
+        }
+        memset(session->ticket, 33, ticket_len);
+    }
+    session->ticket_len = ticket_len;
+    session->ticket_lifetime = 86401;
+#else
+    (void) ticket_len;
+#endif
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    session->mfl_code = 1;
+#endif
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    session->trunc_hmac = 1;
+#endif
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    session->encrypt_then_mac = 1;
+#endif
+
+    return 0;
+}
+
+int mbedtls_test_ssl_exchange_data(
+    mbedtls_ssl_context *ssl_1,
+    int msg_len_1, const int expected_fragments_1,
+    mbedtls_ssl_context *ssl_2,
+    int msg_len_2, const int expected_fragments_2)
+{
+    unsigned char *msg_buf_1 = malloc(msg_len_1);
+    unsigned char *msg_buf_2 = malloc(msg_len_2);
+    unsigned char *in_buf_1  = malloc(msg_len_2);
+    unsigned char *in_buf_2  = malloc(msg_len_1);
+    int msg_type, ret = -1;
+
+    /* Perform this test with two message types. At first use a message
+     * consisting of only 0x00 for the client and only 0xFF for the server.
+     * At the second time use message with generated data */
+    for (msg_type = 0; msg_type < 2; msg_type++) {
+        int written_1 = 0;
+        int written_2 = 0;
+        int read_1 = 0;
+        int read_2 = 0;
+        int fragments_1 = 0;
+        int fragments_2 = 0;
+
+        if (msg_type == 0) {
+            memset(msg_buf_1, 0x00, msg_len_1);
+            memset(msg_buf_2, 0xff, msg_len_2);
+        } else {
+            int i, j = 0;
+            for (i = 0; i < msg_len_1; i++) {
+                msg_buf_1[i] = j++ & 0xFF;
+            }
+            for (i = 0; i < msg_len_2; i++) {
+                msg_buf_2[i] = (j -= 5) & 0xFF;
+            }
+        }
+
+        while (read_1 < msg_len_2 || read_2 < msg_len_1) {
+            /* ssl_1 sending */
+            if (msg_len_1 > written_1) {
+                ret = mbedtls_ssl_write_fragment(ssl_1, msg_buf_1,
+                                                 msg_len_1, &written_1,
+                                                 expected_fragments_1);
+                if (expected_fragments_1 == 0) {
+                    /* This error is expected when the message is too large and
+                     * cannot be fragmented */
+                    TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
+                    msg_len_1 = 0;
+                } else {
+                    TEST_ASSERT(ret == 0);
+                }
+            }
+
+            /* ssl_2 sending */
+            if (msg_len_2 > written_2) {
+                ret = mbedtls_ssl_write_fragment(ssl_2, msg_buf_2,
+                                                 msg_len_2, &written_2,
+                                                 expected_fragments_2);
+                if (expected_fragments_2 == 0) {
+                    /* This error is expected when the message is too large and
+                     * cannot be fragmented */
+                    TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
+                    msg_len_2 = 0;
+                } else {
+                    TEST_ASSERT(ret == 0);
+                }
+            }
+
+            /* ssl_1 reading */
+            if (read_1 < msg_len_2) {
+                ret = mbedtls_ssl_read_fragment(ssl_1, in_buf_1,
+                                                msg_len_2, &read_1,
+                                                &fragments_2,
+                                                expected_fragments_2);
+                TEST_ASSERT(ret == 0);
+            }
+
+            /* ssl_2 reading */
+            if (read_2 < msg_len_1) {
+                ret = mbedtls_ssl_read_fragment(ssl_2, in_buf_2,
+                                                msg_len_1, &read_2,
+                                                &fragments_1,
+                                                expected_fragments_1);
+                TEST_ASSERT(ret == 0);
+            }
+        }
+
+        ret = -1;
+        TEST_ASSERT(0 == memcmp(msg_buf_1, in_buf_2, msg_len_1));
+        TEST_ASSERT(0 == memcmp(msg_buf_2, in_buf_1, msg_len_2));
+        TEST_ASSERT(fragments_1 == expected_fragments_1);
+        TEST_ASSERT(fragments_2 == expected_fragments_2);
+    }
+
+    ret = 0;
+
+exit:
+    free(msg_buf_1);
+    free(in_buf_1);
+    free(msg_buf_2);
+    free(in_buf_2);
+
+    return ret;
+}
+
+/*
+ * Perform data exchanging between \p ssl_1 and \p ssl_2. Both of endpoints
+ * must be initialized and connected beforehand.
+ *
+ * \retval  0 on success, otherwise error code.
+ */
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \
+    defined(MBEDTLS_CERTS_C)                        && \
+    defined(MBEDTLS_ENTROPY_C)                      && \
+    defined(MBEDTLS_CTR_DRBG_C)                     && \
+    (defined(MBEDTLS_SSL_RENEGOTIATION)             || \
+    defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH))
+static int exchange_data(mbedtls_ssl_context *ssl_1,
+                         mbedtls_ssl_context *ssl_2)
+{
+    return mbedtls_test_ssl_exchange_data(ssl_1, 256, 1,
+                                          ssl_2, 256, 1);
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C &&
+          MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
+          (MBEDTLS_SSL_RENEGOTIATION              ||
+          MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \
+    defined(MBEDTLS_CERTS_C)                        && \
+    defined(MBEDTLS_ENTROPY_C)                      && \
+    defined(MBEDTLS_CTR_DRBG_C)
+void mbedtls_test_ssl_perform_handshake(
+    mbedtls_test_handshake_test_options *options)
+{
+    /* forced_ciphersuite needs to last until the end of the handshake */
+    int forced_ciphersuite[2];
+    enum { BUFFSIZE = 17000 };
+    mbedtls_test_ssl_endpoint client, server;
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+    const char *psk_identity = "foo";
+#endif
+#if defined(MBEDTLS_TIMING_C)
+    mbedtls_timing_delay_context timer_client, timer_server;
+#endif
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+    unsigned char *context_buf = NULL;
+    size_t context_buf_len;
+#endif
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    int ret = -1;
+#endif
+    int expected_handshake_result = 0;
+
+    USE_PSA_INIT();
+    mbedtls_platform_zeroize(&client, sizeof(client));
+    mbedtls_platform_zeroize(&server, sizeof(server));
+
+    mbedtls_test_ssl_message_queue server_queue, client_queue;
+    mbedtls_test_message_socket_context server_context, client_context;
+    mbedtls_test_message_socket_init(&server_context);
+    mbedtls_test_message_socket_init(&client_context);
+
+    /* Client side */
+    if (options->dtls != 0) {
+        TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client,
+                                                   MBEDTLS_SSL_IS_CLIENT,
+                                                   options->pk_alg,
+                                                   &client_context,
+                                                   &client_queue,
+                                                   &server_queue, NULL) == 0);
+#if defined(MBEDTLS_TIMING_C)
+        mbedtls_ssl_set_timer_cb(&client.ssl, &timer_client,
+                                 mbedtls_timing_set_delay,
+                                 mbedtls_timing_get_delay);
+#endif
+    } else {
+        TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client,
+                                                   MBEDTLS_SSL_IS_CLIENT,
+                                                   options->pk_alg, NULL, NULL,
+                                                   NULL, NULL) == 0);
+    }
+
+    if (options->client_min_version != TEST_SSL_MINOR_VERSION_NONE) {
+        mbedtls_ssl_conf_min_version(&client.conf, MBEDTLS_SSL_MAJOR_VERSION_3,
+                                     options->client_min_version);
+    }
+
+    if (options->client_max_version != TEST_SSL_MINOR_VERSION_NONE) {
+        mbedtls_ssl_conf_max_version(&client.conf, MBEDTLS_SSL_MAJOR_VERSION_3,
+                                     options->client_max_version);
+    }
+
+    if (strlen(options->cipher) > 0) {
+        set_ciphersuite(&client.conf, options->cipher, forced_ciphersuite);
+    }
+
+#if defined(MBEDTLS_DEBUG_C)
+    if (options->cli_log_fun) {
+        mbedtls_debug_set_threshold(4);
+        mbedtls_ssl_conf_dbg(&client.conf, options->cli_log_fun,
+                             options->cli_log_obj);
+    }
+#endif
+
+    /* Server side */
+    if (options->dtls != 0) {
+        TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server,
+                                                   MBEDTLS_SSL_IS_SERVER,
+                                                   options->pk_alg,
+                                                   &server_context,
+                                                   &server_queue,
+                                                   &client_queue, NULL) == 0);
+#if defined(MBEDTLS_TIMING_C)
+        mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server,
+                                 mbedtls_timing_set_delay,
+                                 mbedtls_timing_get_delay);
+#endif
+    } else {
+        TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server,
+                                                   MBEDTLS_SSL_IS_SERVER,
+                                                   options->pk_alg, NULL, NULL,
+                                                   NULL, NULL) == 0);
+    }
+
+    mbedtls_ssl_conf_authmode(&server.conf, options->srv_auth_mode);
+
+    if (options->server_min_version != TEST_SSL_MINOR_VERSION_NONE) {
+        mbedtls_ssl_conf_min_version(&server.conf, MBEDTLS_SSL_MAJOR_VERSION_3,
+                                     options->server_min_version);
+    }
+
+    if (options->server_max_version != TEST_SSL_MINOR_VERSION_NONE) {
+        mbedtls_ssl_conf_max_version(&server.conf, MBEDTLS_SSL_MAJOR_VERSION_3,
+                                     options->server_max_version);
+    }
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    TEST_ASSERT(mbedtls_ssl_conf_max_frag_len(&(server.conf),
+                                              (unsigned char) options->mfl)
+                == 0);
+    TEST_ASSERT(mbedtls_ssl_conf_max_frag_len(&(client.conf),
+                                              (unsigned char) options->mfl)
+                == 0);
+#else
+    TEST_ASSERT(MBEDTLS_SSL_MAX_FRAG_LEN_NONE == options->mfl);
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+    if (options->psk_str != NULL && options->psk_str->len > 0) {
+        TEST_ASSERT(mbedtls_ssl_conf_psk(
+                        &client.conf, options->psk_str->x,
+                        options->psk_str->len,
+                        (const unsigned char *) psk_identity,
+                        strlen(psk_identity)) == 0);
+
+        TEST_ASSERT(mbedtls_ssl_conf_psk(
+                        &server.conf, options->psk_str->x,
+                        options->psk_str->len,
+                        (const unsigned char *) psk_identity,
+                        strlen(psk_identity)) == 0);
+
+        mbedtls_ssl_conf_psk_cb(&server.conf, psk_dummy_callback, NULL);
+    }
+#endif
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if (options->renegotiate) {
+        mbedtls_ssl_conf_renegotiation(&(server.conf),
+                                       MBEDTLS_SSL_RENEGOTIATION_ENABLED);
+        mbedtls_ssl_conf_renegotiation(&(client.conf),
+                                       MBEDTLS_SSL_RENEGOTIATION_ENABLED);
+
+        mbedtls_ssl_conf_legacy_renegotiation(&(server.conf),
+                                              options->legacy_renegotiation);
+        mbedtls_ssl_conf_legacy_renegotiation(&(client.conf),
+                                              options->legacy_renegotiation);
+    }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+#if defined(MBEDTLS_DEBUG_C)
+    if (options->srv_log_fun) {
+        mbedtls_debug_set_threshold(4);
+        mbedtls_ssl_conf_dbg(&server.conf, options->srv_log_fun,
+                             options->srv_log_obj);
+    }
+#endif
+
+    TEST_ASSERT(mbedtls_test_mock_socket_connect(&(client.socket),
+                                                 &(server.socket),
+                                                 BUFFSIZE) == 0);
+
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+    if (options->resize_buffers != 0) {
+        /* Ensure that the buffer sizes are appropriate before resizes */
+        TEST_ASSERT(client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN);
+        TEST_ASSERT(client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN);
+        TEST_ASSERT(server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN);
+        TEST_ASSERT(server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN);
+    }
+#endif
+
+    if (options->expected_negotiated_version == TEST_SSL_MINOR_VERSION_NONE) {
+        expected_handshake_result = MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION;
+    }
+
+    TEST_ASSERT(mbedtls_test_move_handshake_to_state(
+                    &(client.ssl), &(server.ssl), MBEDTLS_SSL_HANDSHAKE_OVER)
+                ==  expected_handshake_result);
+
+    if (expected_handshake_result != 0) {
+        /* Connection will have failed by this point, skip to cleanup */
+        goto exit;
+    }
+
+    TEST_ASSERT(client.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER);
+    TEST_ASSERT(server.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER);
+
+    /* Check that we agree on the version... */
+    TEST_ASSERT(client.ssl.minor_ver == server.ssl.minor_ver);
+
+    /* And check that the version negotiated is the expected one. */
+    TEST_EQUAL(client.ssl.minor_ver, options->expected_negotiated_version);
+
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+    if (options->resize_buffers != 0) {
+        if (options->expected_negotiated_version != MBEDTLS_SSL_MINOR_VERSION_0 &&
+            options->expected_negotiated_version != MBEDTLS_SSL_MINOR_VERSION_1) {
+            /* A server, when using DTLS, might delay a buffer resize to happen
+             * after it receives a message, so we force it. */
+            TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0);
+
+            TEST_ASSERT(client.ssl.out_buf_len ==
+                        mbedtls_ssl_get_output_buflen(&client.ssl));
+            TEST_ASSERT(client.ssl.in_buf_len ==
+                        mbedtls_ssl_get_input_buflen(&client.ssl));
+            TEST_ASSERT(server.ssl.out_buf_len ==
+                        mbedtls_ssl_get_output_buflen(&server.ssl));
+            TEST_ASSERT(server.ssl.in_buf_len ==
+                        mbedtls_ssl_get_input_buflen(&server.ssl));
+        }
+    }
+#endif
+
+    if (options->cli_msg_len != 0 || options->srv_msg_len != 0) {
+        /* Start data exchanging test */
+        TEST_ASSERT(mbedtls_test_ssl_exchange_data(
+                        &(client.ssl), options->cli_msg_len,
+                        options->expected_cli_fragments,
+                        &(server.ssl), options->srv_msg_len,
+                        options->expected_srv_fragments)
+                    == 0);
+    }
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+    if (options->serialize == 1) {
+        TEST_ASSERT(options->dtls == 1);
+
+        TEST_ASSERT(mbedtls_ssl_context_save(&(server.ssl), NULL,
+                                             0, &context_buf_len)
+                    == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
+
+        context_buf = mbedtls_calloc(1, context_buf_len);
+        TEST_ASSERT(context_buf != NULL);
+
+        TEST_ASSERT(mbedtls_ssl_context_save(&(server.ssl), context_buf,
+                                             context_buf_len,
+                                             &context_buf_len)
+                    == 0);
+
+        mbedtls_ssl_free(&(server.ssl));
+        mbedtls_ssl_init(&(server.ssl));
+
+        TEST_ASSERT(mbedtls_ssl_setup(&(server.ssl), &(server.conf)) == 0);
+
+        mbedtls_ssl_set_bio(&(server.ssl), &server_context,
+                            mbedtls_test_mock_tcp_send_msg,
+                            mbedtls_test_mock_tcp_recv_msg,
+                            NULL);
+
+#if defined(MBEDTLS_TIMING_C)
+        mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server,
+                                 mbedtls_timing_set_delay,
+                                 mbedtls_timing_get_delay);
+#endif
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+        if (options->resize_buffers != 0) {
+            /* Ensure that the buffer sizes are appropriate before resizes */
+            TEST_ASSERT(server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN);
+            TEST_ASSERT(server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN);
+        }
+#endif
+        TEST_ASSERT(mbedtls_ssl_context_load(&(server.ssl), context_buf,
+                                             context_buf_len) == 0);
+
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+        /* Validate buffer sizes after context deserialization */
+        if (options->resize_buffers != 0) {
+            TEST_ASSERT(server.ssl.out_buf_len ==
+                        mbedtls_ssl_get_output_buflen(&server.ssl));
+            TEST_ASSERT(server.ssl.in_buf_len ==
+                        mbedtls_ssl_get_input_buflen(&server.ssl));
+        }
+#endif
+        /* Retest writing/reading */
+        if (options->cli_msg_len != 0 || options->srv_msg_len != 0) {
+            TEST_ASSERT(mbedtls_test_ssl_exchange_data(
+                            &(client.ssl), options->cli_msg_len,
+                            options->expected_cli_fragments,
+                            &(server.ssl), options->srv_msg_len,
+                            options->expected_srv_fragments)
+                        == 0);
+        }
+    }
+#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if (options->renegotiate) {
+        /* Start test with renegotiation */
+        TEST_ASSERT(server.ssl.renego_status ==
+                    MBEDTLS_SSL_INITIAL_HANDSHAKE);
+        TEST_ASSERT(client.ssl.renego_status ==
+                    MBEDTLS_SSL_INITIAL_HANDSHAKE);
+
+        /* After calling this function for the server, it only sends a handshake
+         * request. All renegotiation should happen during data exchanging */
+        TEST_ASSERT(mbedtls_ssl_renegotiate(&(server.ssl)) == 0);
+        TEST_ASSERT(server.ssl.renego_status ==
+                    MBEDTLS_SSL_RENEGOTIATION_PENDING);
+        TEST_ASSERT(client.ssl.renego_status ==
+                    MBEDTLS_SSL_INITIAL_HANDSHAKE);
+
+        TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0);
+        TEST_ASSERT(server.ssl.renego_status ==
+                    MBEDTLS_SSL_RENEGOTIATION_DONE);
+        TEST_ASSERT(client.ssl.renego_status ==
+                    MBEDTLS_SSL_RENEGOTIATION_DONE);
+
+        /* After calling mbedtls_ssl_renegotiate for the client,
+         * all renegotiation should happen inside this function.
+         * However in this test, we cannot perform simultaneous communication
+         * between client and server so this function will return waiting error
+         * on the socket. All rest of renegotiation should happen
+         * during data exchanging */
+        ret = mbedtls_ssl_renegotiate(&(client.ssl));
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+        if (options->resize_buffers != 0) {
+            /* Ensure that the buffer sizes are appropriate before resizes */
+            TEST_ASSERT(client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN);
+            TEST_ASSERT(client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN);
+        }
+#endif
+        TEST_ASSERT(ret == 0 ||
+                    ret == MBEDTLS_ERR_SSL_WANT_READ ||
+                    ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+        TEST_ASSERT(server.ssl.renego_status ==
+                    MBEDTLS_SSL_RENEGOTIATION_DONE);
+        TEST_ASSERT(client.ssl.renego_status ==
+                    MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS);
+
+        TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0);
+        TEST_ASSERT(server.ssl.renego_status ==
+                    MBEDTLS_SSL_RENEGOTIATION_DONE);
+        TEST_ASSERT(client.ssl.renego_status ==
+                    MBEDTLS_SSL_RENEGOTIATION_DONE);
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
+        /* Validate buffer sizes after renegotiation */
+        if (options->resize_buffers != 0) {
+            TEST_ASSERT(client.ssl.out_buf_len ==
+                        mbedtls_ssl_get_output_buflen(&client.ssl));
+            TEST_ASSERT(client.ssl.in_buf_len ==
+                        mbedtls_ssl_get_input_buflen(&client.ssl));
+            TEST_ASSERT(server.ssl.out_buf_len ==
+                        mbedtls_ssl_get_output_buflen(&server.ssl));
+            TEST_ASSERT(server.ssl.in_buf_len ==
+                        mbedtls_ssl_get_input_buflen(&server.ssl));
+        }
+#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */
+    }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+exit:
+    mbedtls_test_ssl_endpoint_free(&client,
+                                   options->dtls != 0 ? &client_context : NULL);
+    mbedtls_test_ssl_endpoint_free(&server,
+                                   options->dtls != 0 ? &server_context : NULL);
+#if defined(MBEDTLS_DEBUG_C)
+    if (options->cli_log_fun || options->srv_log_fun) {
+        mbedtls_debug_set_threshold(0);
+    }
+#endif
+#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
+    if (context_buf != NULL) {
+        mbedtls_free(context_buf);
+    }
+#endif
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C &&
+          MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
+
+#endif /* MBEDTLS_SSL_TLS_C */
diff --git a/3rdparty/mbedtls-2.28.7/tests/src/threading_helpers.c b/3rdparty/mbedtls-2.28.7/tests/src/threading_helpers.c
new file mode 100644
index 0000000..6f405b0
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/src/threading_helpers.c
@@ -0,0 +1,210 @@
+/** Mutex usage verification framework. */
+
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include <test/helpers.h>
+#include <test/macros.h>
+
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+
+#include "mbedtls/threading.h"
+
+/** Mutex usage verification framework.
+ *
+ * The mutex usage verification code below aims to detect bad usage of
+ * Mbed TLS's mutex abstraction layer at runtime. Note that this is solely
+ * about the use of the mutex itself, not about checking whether the mutex
+ * correctly protects whatever it is supposed to protect.
+ *
+ * The normal usage of a mutex is:
+ * ```
+ * digraph mutex_states {
+ *   "UNINITIALIZED"; // the initial state
+ *   "IDLE";
+ *   "FREED";
+ *   "LOCKED";
+ *   "UNINITIALIZED" -> "IDLE" [label="init"];
+ *   "FREED" -> "IDLE" [label="init"];
+ *   "IDLE" -> "LOCKED" [label="lock"];
+ *   "LOCKED" -> "IDLE" [label="unlock"];
+ *   "IDLE" -> "FREED" [label="free"];
+ * }
+ * ```
+ *
+ * All bad transitions that can be unambiguously detected are reported.
+ * An attempt to use an uninitialized mutex cannot be detected in general
+ * since the memory content may happen to denote a valid state. For the same
+ * reason, a double init cannot be detected.
+ * All-bits-zero is the state of a freed mutex, which is distinct from an
+ * initialized mutex, so attempting to use zero-initialized memory as a mutex
+ * without calling the init function is detected.
+ *
+ * The framework attempts to detect missing calls to init and free by counting
+ * calls to init and free. If there are more calls to init than free, this
+ * means that a mutex is not being freed somewhere, which is a memory leak
+ * on platforms where a mutex consumes resources other than the
+ * mbedtls_threading_mutex_t object itself. If there are more calls to free
+ * than init, this indicates a missing init, which is likely to be detected
+ * by an attempt to lock the mutex as well. A limitation of this framework is
+ * that it cannot detect scenarios where there is exactly the same number of
+ * calls to init and free but the calls don't match. A bug like this is
+ * unlikely to happen uniformly throughout the whole test suite though.
+ *
+ * If an error is detected, this framework will report what happened and the
+ * test case will be marked as failed. Unfortunately, the error report cannot
+ * indicate the exact location of the problematic call. To locate the error,
+ * use a debugger and set a breakpoint on mbedtls_test_mutex_usage_error().
+ */
+enum value_of_mutex_is_valid_field {
+    /* Potential values for the is_valid field of mbedtls_threading_mutex_t.
+     * Note that MUTEX_FREED must be 0 and MUTEX_IDLE must be 1 for
+     * compatibility with threading_mutex_init_pthread() and
+     * threading_mutex_free_pthread(). MUTEX_LOCKED could be any nonzero
+     * value. */
+    MUTEX_FREED = 0, //!< Set by threading_mutex_free_pthread
+    MUTEX_IDLE = 1, //!< Set by threading_mutex_init_pthread and by our unlock
+    MUTEX_LOCKED = 2, //!< Set by our lock
+};
+
+typedef struct {
+    void (*init)(mbedtls_threading_mutex_t *);
+    void (*free)(mbedtls_threading_mutex_t *);
+    int (*lock)(mbedtls_threading_mutex_t *);
+    int (*unlock)(mbedtls_threading_mutex_t *);
+} mutex_functions_t;
+static mutex_functions_t mutex_functions;
+
+/** The total number of calls to mbedtls_mutex_init(), minus the total number
+ * of calls to mbedtls_mutex_free().
+ *
+ * Reset to 0 after each test case.
+ */
+static int live_mutexes;
+
+static void mbedtls_test_mutex_usage_error(mbedtls_threading_mutex_t *mutex,
+                                           const char *msg)
+{
+    (void) mutex;
+    if (mbedtls_test_info.mutex_usage_error == NULL) {
+        mbedtls_test_info.mutex_usage_error = msg;
+    }
+    mbedtls_fprintf(stdout, "[mutex: %s] ", msg);
+    /* Don't mark the test as failed yet. This way, if the test fails later
+     * for a functional reason, the test framework will report the message
+     * and location for this functional reason. If the test passes,
+     * mbedtls_test_mutex_usage_check() will mark it as failed. */
+}
+
+static void mbedtls_test_wrap_mutex_init(mbedtls_threading_mutex_t *mutex)
+{
+    mutex_functions.init(mutex);
+    if (mutex->is_valid) {
+        ++live_mutexes;
+    }
+}
+
+static void mbedtls_test_wrap_mutex_free(mbedtls_threading_mutex_t *mutex)
+{
+    switch (mutex->is_valid) {
+        case MUTEX_FREED:
+            mbedtls_test_mutex_usage_error(mutex, "free without init or double free");
+            break;
+        case MUTEX_IDLE:
+            /* Do nothing. The underlying free function will reset is_valid
+             * to 0. */
+            break;
+        case MUTEX_LOCKED:
+            mbedtls_test_mutex_usage_error(mutex, "free without unlock");
+            break;
+        default:
+            mbedtls_test_mutex_usage_error(mutex, "corrupted state");
+            break;
+    }
+    if (mutex->is_valid) {
+        --live_mutexes;
+    }
+    mutex_functions.free(mutex);
+}
+
+static int mbedtls_test_wrap_mutex_lock(mbedtls_threading_mutex_t *mutex)
+{
+    int ret = mutex_functions.lock(mutex);
+    switch (mutex->is_valid) {
+        case MUTEX_FREED:
+            mbedtls_test_mutex_usage_error(mutex, "lock without init");
+            break;
+        case MUTEX_IDLE:
+            if (ret == 0) {
+                mutex->is_valid = 2;
+            }
+            break;
+        case MUTEX_LOCKED:
+            mbedtls_test_mutex_usage_error(mutex, "double lock");
+            break;
+        default:
+            mbedtls_test_mutex_usage_error(mutex, "corrupted state");
+            break;
+    }
+    return ret;
+}
+
+static int mbedtls_test_wrap_mutex_unlock(mbedtls_threading_mutex_t *mutex)
+{
+    int ret = mutex_functions.unlock(mutex);
+    switch (mutex->is_valid) {
+        case MUTEX_FREED:
+            mbedtls_test_mutex_usage_error(mutex, "unlock without init");
+            break;
+        case MUTEX_IDLE:
+            mbedtls_test_mutex_usage_error(mutex, "unlock without lock");
+            break;
+        case MUTEX_LOCKED:
+            if (ret == 0) {
+                mutex->is_valid = MUTEX_IDLE;
+            }
+            break;
+        default:
+            mbedtls_test_mutex_usage_error(mutex, "corrupted state");
+            break;
+    }
+    return ret;
+}
+
+void mbedtls_test_mutex_usage_init(void)
+{
+    mutex_functions.init = mbedtls_mutex_init;
+    mutex_functions.free = mbedtls_mutex_free;
+    mutex_functions.lock = mbedtls_mutex_lock;
+    mutex_functions.unlock = mbedtls_mutex_unlock;
+    mbedtls_mutex_init = &mbedtls_test_wrap_mutex_init;
+    mbedtls_mutex_free = &mbedtls_test_wrap_mutex_free;
+    mbedtls_mutex_lock = &mbedtls_test_wrap_mutex_lock;
+    mbedtls_mutex_unlock = &mbedtls_test_wrap_mutex_unlock;
+}
+
+void mbedtls_test_mutex_usage_check(void)
+{
+    if (live_mutexes != 0) {
+        /* A positive number (more init than free) means that a mutex resource
+         * is leaking (on platforms where a mutex consumes more than the
+         * mbedtls_threading_mutex_t object itself). The rare case of a
+         * negative number means a missing init somewhere. */
+        mbedtls_fprintf(stdout, "[mutex: %d leaked] ", live_mutexes);
+        live_mutexes = 0;
+        if (mbedtls_test_info.mutex_usage_error == NULL) {
+            mbedtls_test_info.mutex_usage_error = "missing free";
+        }
+    }
+    if (mbedtls_test_info.mutex_usage_error != NULL &&
+        mbedtls_test_info.result != MBEDTLS_TEST_RESULT_FAILED) {
+        /* Functionally, the test passed. But there was a mutex usage error,
+         * so mark the test as failed after all. */
+        mbedtls_test_fail("Mutex usage error", __LINE__, __FILE__);
+    }
+    mbedtls_test_info.mutex_usage_error = NULL;
+}
+
+#endif /* MBEDTLS_TEST_MUTEX_USAGE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/ssl-opt-in-docker.sh b/3rdparty/mbedtls-2.28.7/tests/ssl-opt-in-docker.sh
new file mode 100644
index 0000000..44e00e8
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/ssl-opt-in-docker.sh
@@ -0,0 +1,55 @@
+#!/bin/bash -eu
+
+# ssl-opt-in-docker.sh
+#
+# Purpose
+# -------
+# This runs ssl-opt.sh in a Docker container.
+#
+# WARNING: the Dockerfile used by this script is no longer maintained! See
+# https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start
+# for the set of Docker images we use on the CI.
+#
+# Notes for users
+# ---------------
+# If OPENSSL, GNUTLS_CLI, or GNUTLS_SERV are specified, the path must
+# correspond to an executable inside the Docker container. The special
+# values "next" and "legacy" are also allowed as shorthand for the
+# installations inside the container.
+#
+# See also:
+# - scripts/docker_env.sh for general Docker prerequisites and other information.
+# - ssl-opt.sh for notes about invocation of that script.
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+source tests/scripts/docker_env.sh
+
+case "${OPENSSL:-default}" in
+    "legacy")  export OPENSSL="/usr/local/openssl-1.0.1j/bin/openssl";;
+    "next")    export OPENSSL="/usr/local/openssl-1.1.1a/bin/openssl";;
+    *) ;;
+esac
+
+case "${GNUTLS_CLI:-default}" in
+    "legacy")  export GNUTLS_CLI="/usr/local/gnutls-3.3.8/bin/gnutls-cli";;
+    "next")  export GNUTLS_CLI="/usr/local/gnutls-3.6.5/bin/gnutls-cli";;
+    *) ;;
+esac
+
+case "${GNUTLS_SERV:-default}" in
+    "legacy")  export GNUTLS_SERV="/usr/local/gnutls-3.3.8/bin/gnutls-serv";;
+    "next")  export GNUTLS_SERV="/usr/local/gnutls-3.6.5/bin/gnutls-serv";;
+    *) ;;
+esac
+
+run_in_docker \
+    -e P_SRV \
+    -e P_CLI \
+    -e P_PXY \
+    -e GNUTLS_CLI \
+    -e GNUTLS_SERV \
+    -e OPENSSL \
+    tests/ssl-opt.sh \
+    $@
diff --git a/3rdparty/mbedtls-2.25.0/tests/ssl-opt.sh b/3rdparty/mbedtls-2.28.7/tests/ssl-opt.sh
similarity index 90%
rename from 3rdparty/mbedtls-2.25.0/tests/ssl-opt.sh
rename to 3rdparty/mbedtls-2.28.7/tests/ssl-opt.sh
index fcd73f2..6e11b3c 100644
--- a/3rdparty/mbedtls-2.25.0/tests/ssl-opt.sh
+++ b/3rdparty/mbedtls-2.28.7/tests/ssl-opt.sh
@@ -3,19 +3,7 @@
 # ssl-opt.sh
 #
 # Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 #
 # Purpose
 #
@@ -45,11 +33,23 @@ fi
 : ${P_SRV:=../programs/ssl/ssl_server2}
 : ${P_CLI:=../programs/ssl/ssl_client2}
 : ${P_PXY:=../programs/test/udp_proxy}
-: ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system
+: ${P_QUERY:=../programs/test/query_compile_time_config}
+: ${OPENSSL:=openssl}
 : ${GNUTLS_CLI:=gnutls-cli}
 : ${GNUTLS_SERV:=gnutls-serv}
 : ${PERL:=perl}
 
+# The OPENSSL variable used to be OPENSSL_CMD for historical reasons.
+# To help the migration, error out if the old variable is set,
+# but only if it has a different value than the new one.
+if [ "${OPENSSL_CMD+set}" = set ]; then
+    # the variable is set, we can now check its value
+    if [ "$OPENSSL_CMD" != "$OPENSSL" ]; then
+        echo "Please use OPENSSL instead of OPENSSL_CMD." >&2
+        exit 125
+    fi
+fi
+
 guess_config_name() {
     if git diff --quiet ../include/mbedtls/config.h 2>/dev/null; then
         echo "default"
@@ -61,8 +61,8 @@ guess_config_name() {
 : ${MBEDTLS_TEST_CONFIGURATION:="$(guess_config_name)"}
 : ${MBEDTLS_TEST_PLATFORM:="$(uname -s | tr -c \\n0-9A-Za-z _)-$(uname -m | tr -c \\n0-9A-Za-z _)"}
 
-O_SRV="$OPENSSL_CMD s_server -www -cert data_files/server5.crt -key data_files/server5.key"
-O_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_CMD s_client"
+O_SRV="$OPENSSL s_server -www -cert data_files/server5.crt -key data_files/server5.key"
+O_CLI="echo 'GET / HTTP/1.0' | $OPENSSL s_client"
 G_SRV="$GNUTLS_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key"
 G_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_CLI --x509cafile data_files/test-ca_cat12.crt"
 TCP_CLIENT="$PERL scripts/tcp_client.pl"
@@ -77,6 +77,14 @@ else
     O_LEGACY_CLI=false
 fi
 
+if [ -n "${OPENSSL_NEXT:-}" ]; then
+    O_NEXT_SRV="$OPENSSL_NEXT s_server -www -cert data_files/server5.crt -key data_files/server5.key"
+    O_NEXT_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_NEXT s_client"
+else
+    O_NEXT_SRV=false
+    O_NEXT_CLI=false
+fi
+
 if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
     G_NEXT_SRV="$GNUTLS_NEXT_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key"
 else
@@ -114,8 +122,8 @@ print_usage() {
     echo "Usage: $0 [options]"
     printf "  -h|--help\tPrint this help.\n"
     printf "  -m|--memcheck\tCheck memory leaks and errors.\n"
-    printf "  -f|--filter\tOnly matching tests are executed (BRE)\n"
-    printf "  -e|--exclude\tMatching tests are excluded (BRE)\n"
+    printf "  -f|--filter\tOnly matching tests are executed (substring or BRE)\n"
+    printf "  -e|--exclude\tMatching tests are excluded (substring or BRE)\n"
     printf "  -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n"
     printf "  -s|--show-numbers\tShow test numbers in front of test names\n"
     printf "  -p|--preserve-logs\tPreserve logs of successful tests as well\n"
@@ -147,6 +155,9 @@ get_options() {
             -p|--preserve-logs)
                 PRESERVE_LOGS=1
                 ;;
+            --outcome-file)
+                shift; MBEDTLS_TEST_OUTCOME_FILE=$1
+                ;;
             --port)
                 shift; SRV_PORT=$1
                 ;;
@@ -170,14 +181,11 @@ get_options() {
     done
 }
 
-# Make the outcome file path relative to the original directory, not
-# to .../tests
-case "$MBEDTLS_TEST_OUTCOME_FILE" in
-    [!/]*)
-        MBEDTLS_TEST_OUTCOME_FILE="$ORIGINAL_PWD/$MBEDTLS_TEST_OUTCOME_FILE"
-        ;;
-esac
-
+# Read boolean configuration options from config.h for easy and quick
+# testing. Skip non-boolean options (with something other than spaces
+# and a comment after "#define SYMBOL"). The variable contains a
+# space-separated list of symbols.
+CONFIGS_ENABLED=" $(echo `$P_QUERY -l` )"
 # Skip next test; use this macro to skip tests which are legitimate
 # in theory and expected to be re-introduced at some point, but
 # aren't expected to succeed at the moment due to problems outside
@@ -188,16 +196,17 @@ skip_next_test() {
 
 # skip next test if the flag is not enabled in config.h
 requires_config_enabled() {
-    if grep "^#define $1" $CONFIG_H > /dev/null; then :; else
-        SKIP_NEXT="YES"
-    fi
+    case $CONFIGS_ENABLED in
+        *" $1"[\ =]*) :;;
+        *) SKIP_NEXT="YES";;
+    esac
 }
 
 # skip next test if the flag is enabled in config.h
 requires_config_disabled() {
-    if grep "^#define $1" $CONFIG_H > /dev/null; then
-        SKIP_NEXT="YES"
-    fi
+    case $CONFIGS_ENABLED in
+        *" $1"[\ =]*) SKIP_NEXT="YES";;
+    esac
 }
 
 get_config_value_or_default() {
@@ -233,43 +242,163 @@ requires_config_value_at_most() {
     fi
 }
 
-requires_ciphersuite_enabled() {
-    if [ -z "$($P_CLI --help 2>/dev/null | grep $1)" ]; then
-        SKIP_NEXT="YES"
+requires_config_value_equals() {
+    VAL=$( get_config_value_or_default "$1" )
+    if [ -z "$VAL" ]; then
+        # Should never happen
+        echo "Mbed TLS configuration $1 is not defined"
+        exit 1
+    elif [ "$VAL" -ne "$2" ]; then
+       SKIP_NEXT="YES"
     fi
 }
 
-# maybe_requires_ciphersuite_enabled CMD [RUN_TEST_OPTION...]
-# If CMD (call to a TLS client or server program) requires a specific
-# ciphersuite, arrange to only run the test case if this ciphersuite is
-# enabled. As an exception, do run the test case if it expects a ciphersuite
-# mismatch.
-maybe_requires_ciphersuite_enabled() {
+# Require Mbed TLS to support the given protocol version.
+#
+# Inputs:
+# * $1: protocol version in mbedtls syntax (argument to force_version=)
+requires_protocol_version() {
+    # Support for DTLS is detected separately in detect_dtls().
     case "$1" in
-        *\ force_ciphersuite=*) :;;
-        *) return;; # No specific required ciphersuite
+        ssl3) requires_config_enabled MBEDTLS_SSL_PROTO_SSL3;;
+        tls1) requires_config_enabled MBEDTLS_SSL_PROTO_TLS1;;
+        tls1_1|dtls1) requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1;;
+        tls12|dtls12) requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2;;
+        *) echo "Unknown required protocol version: $1"; exit 1;;
     esac
-    ciphersuite="${1##*\ force_ciphersuite=}"
-    ciphersuite="${ciphersuite%%[!-0-9A-Z_a-z]*}"
-    shift
-
-    case "$*" in
-        *"-s SSL - The server has no ciphersuites in common"*)
-            # This test case expects a ciphersuite mismatch, so it doesn't
-            # require the ciphersuite to be enabled.
-            ;;
-        *)
-            requires_ciphersuite_enabled "$ciphersuite"
-            ;;
+}
+
+# Space-separated list of ciphersuites supported by this build of
+# Mbed TLS.
+P_CIPHERSUITES=" $($P_CLI --help 2>/dev/null |
+                   grep TLS- |
+                   tr -s ' \n' ' ')"
+requires_ciphersuite_enabled() {
+    case $P_CIPHERSUITES in
+        *" $1 "*) :;;
+        *) SKIP_NEXT="YES";;
+    esac
+}
+
+# detect_required_features CMD [RUN_TEST_OPTION...]
+# If CMD (call to a TLS client or server program) requires certain features,
+# arrange to only run the following test case if those features are enabled.
+detect_required_features() {
+    case "$1" in
+        *\ force_version=*)
+            tmp="${1##*\ force_version=}"
+            tmp="${tmp%%[!-0-9A-Z_a-z]*}"
+            requires_protocol_version "$tmp";;
+    esac
+
+    case "$1" in
+        *\ force_ciphersuite=*)
+            tmp="${1##*\ force_ciphersuite=}"
+            tmp="${tmp%%[!-0-9A-Z_a-z]*}"
+            case "$*" in
+                *"-s SSL - The server has no ciphersuites in common"*)
+                    # This test case expects a ciphersuite mismatch, so it
+                    # doesn't actually require the ciphersuite to be enabled.
+                    :;;
+                *) requires_ciphersuite_enabled "$tmp";;
+            esac;;
+    esac
+
+    case " $1 " in
+        *[-_\ =]tickets=[^0]*)
+            requires_config_enabled MBEDTLS_SSL_TICKET_C;;
+    esac
+    case " $1 " in
+        *[-_\ =]alpn=*)
+            requires_config_enabled MBEDTLS_SSL_ALPN;;
+    esac
+
+    case " $1 " in
+        *\ badmac_limit=*)
+            requires_config_enabled MBEDTLS_SSL_DTLS_BADMAC_LIMIT;;
+    esac
+
+    case " $1 " in
+        *\ fallback=1\ *|*\ -fallback_scsv\ *)
+            requires_config_enabled MBEDTLS_SSL_FALLBACK_SCSV;;
+    esac
+
+    unset tmp
+}
+
+requires_certificate_authentication () {
+    if [ "$PSK_ONLY" = "YES" ]; then
+        SKIP_NEXT="YES"
+    fi
+}
+
+adapt_cmd_for_psk () {
+    case "$2" in
+        *openssl*) s='-psk abc123 -nocert';;
+        *gnutls-*) s='--pskkey=abc123';;
+        *) s='psk=abc123';;
     esac
+    eval $1='"$2 $s"'
+    unset s
+}
 
-    unset ciphersuite
+# maybe_adapt_for_psk [RUN_TEST_OPTION...]
+# If running in a PSK-only build, maybe adapt the test to use a pre-shared key.
+#
+# If not running in a PSK-only build, do nothing.
+# If the test looks like it doesn't use a pre-shared key but can run with a
+# pre-shared key, pass a pre-shared key. If the test looks like it can't run
+# with a pre-shared key, skip it. If the test looks like it's already using
+# a pre-shared key, do nothing.
+#
+# This code does not consider builds with ECDHE-PSK or RSA-PSK.
+#
+# Inputs:
+# * $CLI_CMD, $SRV_CMD, $PXY_CMD: client/server/proxy commands.
+# * $PSK_ONLY: YES if running in a PSK-only build (no asymmetric key exchanges).
+# * "$@": options passed to run_test.
+#
+# Outputs:
+# * $CLI_CMD, $SRV_CMD: may be modified to add PSK-relevant arguments.
+# * $SKIP_NEXT: set to YES if the test can't run with PSK.
+maybe_adapt_for_psk() {
+    if [ "$PSK_ONLY" != "YES" ]; then
+        return
+    fi
+    if [ "$SKIP_NEXT" = "YES" ]; then
+        return
+    fi
+    case "$CLI_CMD $SRV_CMD" in
+        *[-_\ =]psk*|*[-_\ =]PSK*)
+            return;;
+        *force_ciphersuite*)
+            # The test case forces a non-PSK cipher suite. In some cases, a
+            # PSK cipher suite could be substituted, but we're not ready for
+            # that yet.
+            SKIP_NEXT="YES"
+            return;;
+        *\ auth_mode=*|*[-_\ =]crt[_=]*)
+            # The test case involves certificates. PSK won't do.
+            SKIP_NEXT="YES"
+            return;;
+    esac
+    adapt_cmd_for_psk CLI_CMD "$CLI_CMD"
+    adapt_cmd_for_psk SRV_CMD "$SRV_CMD"
 }
 
+case " $CONFIGS_ENABLED " in
+    *\ MBEDTLS_KEY_EXCHANGE_[^P]*) PSK_ONLY="NO";;
+    *\ MBEDTLS_KEY_EXCHANGE_P[^S]*) PSK_ONLY="NO";;
+    *\ MBEDTLS_KEY_EXCHANGE_PS[^K]*) PSK_ONLY="NO";;
+    *\ MBEDTLS_KEY_EXCHANGE_PSK[^_]*) PSK_ONLY="NO";;
+    *\ MBEDTLS_KEY_EXCHANGE_PSK_ENABLED\ *) PSK_ONLY="YES";;
+    *) PSK_ONLY="NO";;
+esac
+
 # skip next test if OpenSSL doesn't support FALLBACK_SCSV
 requires_openssl_with_fallback_scsv() {
     if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then
-        if $OPENSSL_CMD s_client -help 2>&1 | grep fallback_scsv >/dev/null
+        if $OPENSSL s_client -help 2>&1 | grep fallback_scsv >/dev/null
         then
             OPENSSL_HAS_FBSCSV="YES"
         else
@@ -281,6 +410,12 @@ requires_openssl_with_fallback_scsv() {
     fi
 }
 
+# skip next test if either IN_CONTENT_LEN or MAX_CONTENT_LEN are below a value
+requires_max_content_len() {
+    requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" $1
+    requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" $1
+}
+
 # skip next test if GnuTLS isn't available
 requires_gnutls() {
     if [ -z "${GNUTLS_AVAILABLE:-}" ]; then
@@ -323,6 +458,19 @@ requires_openssl_legacy() {
     fi
 }
 
+requires_openssl_next() {
+    if [ -z "${OPENSSL_NEXT_AVAILABLE:-}" ]; then
+        if which "${OPENSSL_NEXT:-}" >/dev/null 2>&1; then
+            OPENSSL_NEXT_AVAILABLE="YES"
+        else
+            OPENSSL_NEXT_AVAILABLE="NO"
+        fi
+    fi
+    if [ "$OPENSSL_NEXT_AVAILABLE" = "NO" ]; then
+        SKIP_NEXT="YES"
+    fi
+}
+
 # skip next test if IPv6 isn't available on this host
 requires_ipv6() {
     if [ -z "${HAS_IPV6:-}" ]; then
@@ -359,10 +507,11 @@ requires_not_i686() {
 }
 
 # Calculate the input & output maximum content lengths set in the config
-MAX_CONTENT_LEN=$( ../scripts/config.py get MBEDTLS_SSL_MAX_CONTENT_LEN || echo "16384")
-MAX_IN_LEN=$( ../scripts/config.py get MBEDTLS_SSL_IN_CONTENT_LEN || echo "$MAX_CONTENT_LEN")
-MAX_OUT_LEN=$( ../scripts/config.py get MBEDTLS_SSL_OUT_CONTENT_LEN || echo "$MAX_CONTENT_LEN")
+MAX_CONTENT_LEN=$( get_config_value_or_default "MBEDTLS_SSL_MAX_CONTENT_LEN" )
+MAX_IN_LEN=$( get_config_value_or_default "MBEDTLS_SSL_IN_CONTENT_LEN" )
+MAX_OUT_LEN=$( get_config_value_or_default "MBEDTLS_SSL_OUT_CONTENT_LEN" )
 
+# Calculate the maximum content length that fits both
 if [ "$MAX_IN_LEN" -lt "$MAX_CONTENT_LEN" ]; then
     MAX_CONTENT_LEN="$MAX_IN_LEN"
 fi
@@ -431,6 +580,32 @@ record_outcome() {
     fi
 }
 
+# True if the presence of the given pattern in a log definitely indicates
+# that the test has failed. False if the presence is inconclusive.
+#
+# Inputs:
+# * $1: pattern found in the logs
+# * $TIMES_LEFT: >0 if retrying is an option
+#
+# Outputs:
+# * $outcome: set to a retry reason if the pattern is inconclusive,
+#             unchanged otherwise.
+# * Return value: 1 if the pattern is inconclusive,
+#                 0 if the failure is definitive.
+log_pattern_presence_is_conclusive() {
+    # If we've run out of attempts, then don't retry no matter what.
+    if [ $TIMES_LEFT -eq 0 ]; then
+        return 0
+    fi
+    case $1 in
+        "resend")
+            # An undesired resend may have been caused by the OS dropping or
+            # delaying a packet at an inopportune time.
+            outcome="RETRY(resend)"
+            return 1;;
+    esac
+}
+
 # fail <message>
 fail() {
     record_outcome "FAIL" "$1"
@@ -462,17 +637,21 @@ fail() {
 
 # is_polar <cmd_line>
 is_polar() {
-    echo "$1" | grep 'ssl_server2\|ssl_client2' > /dev/null
+    case "$1" in
+        *ssl_client2*) true;;
+        *ssl_server2*) true;;
+        *) false;;
+    esac
 }
 
 # openssl s_server doesn't have -www with DTLS
 check_osrv_dtls() {
-    if echo "$SRV_CMD" | grep 's_server.*-dtls' >/dev/null; then
-        NEEDS_INPUT=1
-        SRV_CMD="$( echo $SRV_CMD | sed s/-www// )"
-    else
-        NEEDS_INPUT=0
-    fi
+    case "$SRV_CMD" in
+        *s_server*-dtls*)
+            NEEDS_INPUT=1
+            SRV_CMD="$( echo $SRV_CMD | sed s/-www// )";;
+        *) NEEDS_INPUT=0;;
+    esac
 }
 
 # provide input to commands that need it
@@ -501,6 +680,8 @@ has_mem_err() {
 # Wait for process $2 named $3 to be listening on port $1. Print error to $4.
 if type lsof >/dev/null 2>/dev/null; then
     wait_app_start() {
+        newline='
+'
         START_TIME=$(date +%s)
         if [ "$DTLS" -eq 1 ]; then
             proto=UDP
@@ -508,7 +689,13 @@ if type lsof >/dev/null 2>/dev/null; then
             proto=TCP
         fi
         # Make a tight loop, server normally takes less than 1s to start.
-        while ! lsof -a -n -b -i "$proto:$1" -p "$2" >/dev/null 2>/dev/null; do
+        while true; do
+              SERVER_PIDS=$(lsof -a -n -b -i "$proto:$1" -t)
+              # When we use a proxy, it will be listening on the same port we
+              # are checking for as well as the server and lsof will list both.
+             case ${newline}${SERVER_PIDS}${newline} in
+                  *${newline}${2}${newline}*) break;;
+              esac
               if [ $(( $(date +%s) - $START_TIME )) -gt $DOG_DELAY ]; then
                   echo "$3 START TIMEOUT"
                   echo "$3 START TIMEOUT" >> $4
@@ -627,11 +814,58 @@ wait_client_done() {
 
 # check if the given command uses dtls and sets global variable DTLS
 detect_dtls() {
-    if echo "$1" | grep 'dtls=1\|-dtls1\|-u' >/dev/null; then
-        DTLS=1
-    else
-        DTLS=0
-    fi
+    case "$1" in
+        *dtls=1*|*-dtls*|*-u*) DTLS=1;;
+        *) DTLS=0;;
+    esac
+}
+
+# check if the given command uses gnutls and sets global variable CMD_IS_GNUTLS
+is_gnutls() {
+    case "$1" in
+    *gnutls-cli*)
+        CMD_IS_GNUTLS=1
+        ;;
+    *gnutls-serv*)
+        CMD_IS_GNUTLS=1
+        ;;
+    *)
+        CMD_IS_GNUTLS=0
+        ;;
+    esac
+}
+
+# Determine what calc_verify trace is to be expected, if any.
+#
+# calc_verify is only called for two things: to calculate the
+# extended master secret, and to process client authentication.
+#
+# Warning: the current implementation assumes that extended_ms is not
+#          disabled on the client or on the server.
+#
+# Inputs:
+# * $1: the value of the server auth_mode parameter.
+#       'required' if client authentication is expected,
+#       'none' or absent if not.
+# * $CONFIGS_ENABLED
+#
+# Outputs:
+# * $maybe_calc_verify: set to a trace expected in the debug logs
+set_maybe_calc_verify() {
+    maybe_calc_verify=
+    case $CONFIGS_ENABLED in
+        *\ MBEDTLS_SSL_EXTENDED_MASTER_SECRET\ *) :;;
+        *)
+            case ${1-} in
+                ''|none) return;;
+                required) :;;
+                *) echo "Bad parameter 1 to set_maybe_calc_verify: $1"; exit 1;;
+            esac
+    esac
+    case $CONFIGS_ENABLED in
+        *\ MBEDTLS_USE_PSA_CRYPTO\ *) maybe_calc_verify="PSA calc verify";;
+        *) maybe_calc_verify="<= calc verify";;
+    esac
 }
 
 # Compare file content
@@ -651,71 +885,19 @@ find_in_both() {
         fi
 }
 
-# Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]]
-# Options:  -s pattern  pattern that must be present in server output
-#           -c pattern  pattern that must be present in client output
-#           -u pattern  lines after pattern must be unique in client output
-#           -f call shell function on client output
-#           -S pattern  pattern that must be absent in server output
-#           -C pattern  pattern that must be absent in client output
-#           -U pattern  lines after pattern must be unique in server output
-#           -F call shell function on server output
-#           -g call shell function on server and client output
-run_test() {
-    NAME="$1"
-    shift 1
-
-    if echo "$NAME" | grep "$FILTER" | grep -v "$EXCLUDE" >/dev/null; then :
-    else
-        SKIP_NEXT="NO"
-        # There was no request to run the test, so don't record its outcome.
-        return
-    fi
-
-    print_name "$NAME"
-
-    # Do we only run numbered tests?
-    if [ "X$RUN_TEST_NUMBER" = "X" ]; then :
-    elif echo ",$RUN_TEST_NUMBER," | grep ",$TESTS," >/dev/null; then :
-    else
-        SKIP_NEXT="YES"
-    fi
-
-    # does this test use a proxy?
-    if [ "X$1" = "X-p" ]; then
-        PXY_CMD="$2"
-        shift 2
-    else
-        PXY_CMD=""
-    fi
-
-    # get commands and client output
-    SRV_CMD="$1"
-    CLI_CMD="$2"
-    CLI_EXPECT="$3"
-    shift 3
-
-    # Check if test uses files
-    TEST_USES_FILES=$(echo "$SRV_CMD $CLI_CMD" | grep "\.\(key\|crt\|pem\)" )
-    if [ ! -z "$TEST_USES_FILES" ]; then
-       requires_config_enabled MBEDTLS_FS_IO
-    fi
-
-    # If the client or serve requires a ciphersuite, check that it's enabled.
-    maybe_requires_ciphersuite_enabled "$SRV_CMD" "$@"
-    maybe_requires_ciphersuite_enabled "$CLI_CMD" "$@"
-
-    # should we skip?
-    if [ "X$SKIP_NEXT" = "XYES" ]; then
-        SKIP_NEXT="NO"
-        record_outcome "SKIP"
-        SKIPS=$(( $SKIPS + 1 ))
-        return
-    fi
-
-    # update DTLS variable
-    detect_dtls "$SRV_CMD"
-
+# Analyze the commands that will be used in a test.
+#
+# Analyze and possibly instrument $PXY_CMD, $CLI_CMD, $SRV_CMD to pass
+# extra arguments or go through wrappers.
+#
+# Inputs:
+# * $@: supplemental options to run_test() (after the mandatory arguments).
+# * $CLI_CMD, $PXY_CMD, $SRV_CMD: the client, proxy and server commands.
+# * $DTLS: 1 if DTLS, otherwise 0.
+#
+# Outputs:
+# * $CLI_CMD, $PXY_CMD, $SRV_CMD: may be tweaked.
+analyze_test_commands() {
     # if the test uses DTLS but no custom proxy, add a simple proxy
     # as it provides timing info that's useful to debug failures
     if [ -z "$PXY_CMD" ] && [ "$DTLS" -eq 1 ]; then
@@ -726,6 +908,30 @@ run_test() {
         esac
     fi
 
+    # update CMD_IS_GNUTLS variable
+    is_gnutls "$SRV_CMD"
+
+    # if the server uses gnutls but doesn't set priority, explicitly
+    # set the default priority
+    if [ "$CMD_IS_GNUTLS" -eq 1 ]; then
+        case "$SRV_CMD" in
+              *--priority*) :;;
+              *) SRV_CMD="$SRV_CMD --priority=NORMAL";;
+        esac
+    fi
+
+    # update CMD_IS_GNUTLS variable
+    is_gnutls "$CLI_CMD"
+
+    # if the client uses gnutls but doesn't set priority, explicitly
+    # set the default priority
+    if [ "$CMD_IS_GNUTLS" -eq 1 ]; then
+        case "$CLI_CMD" in
+              *--priority*) :;;
+              *) CLI_CMD="$CLI_CMD --priority=NORMAL";;
+        esac
+    fi
+
     # fix client port
     if [ -n "$PXY_CMD" ]; then
         CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$PXY_PORT/g )
@@ -742,47 +948,29 @@ run_test() {
             CLI_CMD="valgrind --leak-check=full $CLI_CMD"
         fi
     fi
+}
 
-    TIMES_LEFT=2
-    while [ $TIMES_LEFT -gt 0 ]; do
-        TIMES_LEFT=$(( $TIMES_LEFT - 1 ))
-
-        # run the commands
-        if [ -n "$PXY_CMD" ]; then
-            printf "# %s\n%s\n" "$NAME" "$PXY_CMD" > $PXY_OUT
-            $PXY_CMD >> $PXY_OUT 2>&1 &
-            PXY_PID=$!
-            wait_proxy_start "$PXY_PORT" "$PXY_PID"
-        fi
-
-        check_osrv_dtls
-        printf '# %s\n%s\n' "$NAME" "$SRV_CMD" > $SRV_OUT
-        provide_input | $SRV_CMD >> $SRV_OUT 2>&1 &
-        SRV_PID=$!
-        wait_server_start "$SRV_PORT" "$SRV_PID"
-
-        printf '# %s\n%s\n' "$NAME" "$CLI_CMD" > $CLI_OUT
-        eval "$CLI_CMD" >> $CLI_OUT 2>&1 &
-        wait_client_done
-
-        sleep 0.05
-
-        # terminate the server (and the proxy)
-        kill $SRV_PID
-        wait $SRV_PID
-
-        if [ -n "$PXY_CMD" ]; then
-            kill $PXY_PID >/dev/null 2>&1
-            wait $PXY_PID
-        fi
+# Check for failure conditions after a test case.
+#
+# Inputs from run_test:
+# * positional parameters: test options (see run_test documentation)
+# * $CLI_EXIT: client return code
+# * $CLI_EXPECT: expected client return code
+# * $SRV_RET: server return code
+# * $CLI_OUT, $SRV_OUT, $PXY_OUT: files containing client/server/proxy logs
+# * $TIMES_LEFT: if nonzero, a RETRY outcome is allowed
+#
+# Outputs:
+# * $outcome: one of PASS/RETRY*/FAIL
+check_test_failure() {
+    outcome=FAIL
 
-        # retry only on timeouts
-        if grep '===CLIENT_TIMEOUT===' $CLI_OUT >/dev/null; then
-            printf "RETRY "
-        else
-            TIMES_LEFT=0
-        fi
-    done
+    if [ $TIMES_LEFT -gt 0 ] &&
+       grep '===CLIENT_TIMEOUT===' $CLI_OUT >/dev/null
+    then
+        outcome="RETRY(client-timeout)"
+        return
+    fi
 
     # check if the client and server went at least to the handshake stage
     # (useful to avoid tests with only negative assertions and non-zero
@@ -803,9 +991,11 @@ run_test() {
         fi
     fi
 
-    # check server exit code
-    if [ $? != 0 ]; then
-        fail "server fail"
+    # Check server exit code (only for Mbed TLS: GnuTLS and OpenSSL don't
+    # exit with status 0 when interrupted by a signal, and we don't really
+    # care anyway), in case e.g. the server reports a memory leak.
+    if [ $SRV_RET != 0 ] && is_polar "$SRV_CMD"; then
+        fail "Server exited with status $SRV_RET"
         return
     fi
 
@@ -839,14 +1029,18 @@ run_test() {
 
             "-S")
                 if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then
-                    fail "pattern '$2' MUST NOT be present in the Server output"
+                    if log_pattern_presence_is_conclusive "$2"; then
+                        fail "pattern '$2' MUST NOT be present in the Server output"
+                    fi
                     return
                 fi
                 ;;
 
             "-C")
                 if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then
-                    fail "pattern '$2' MUST NOT be present in the Client output"
+                    if log_pattern_presence_is_conclusive "$2"; then
+                        fail "pattern '$2' MUST NOT be present in the Client output"
+                    fi
                     return
                 fi
                 ;;
@@ -909,7 +1103,147 @@ run_test() {
         fi
     fi
 
-    # if we're here, everything is ok
+    # if we're here, everything is ok
+    outcome=PASS
+}
+
+# Run the current test case: start the server and if applicable the proxy, run
+# the client, wait for all processes to finish or time out.
+#
+# Inputs:
+# * $NAME: test case name
+# * $CLI_CMD, $SRV_CMD, $PXY_CMD: commands to run
+# * $CLI_OUT, $SRV_OUT, $PXY_OUT: files to contain client/server/proxy logs
+#
+# Outputs:
+# * $CLI_EXIT: client return code
+# * $SRV_RET: server return code
+do_run_test_once() {
+    # run the commands
+    if [ -n "$PXY_CMD" ]; then
+        printf "# %s\n%s\n" "$NAME" "$PXY_CMD" > $PXY_OUT
+        $PXY_CMD >> $PXY_OUT 2>&1 &
+        PXY_PID=$!
+        wait_proxy_start "$PXY_PORT" "$PXY_PID"
+    fi
+
+    check_osrv_dtls
+    printf '# %s\n%s\n' "$NAME" "$SRV_CMD" > $SRV_OUT
+    provide_input | $SRV_CMD >> $SRV_OUT 2>&1 &
+    SRV_PID=$!
+    wait_server_start "$SRV_PORT" "$SRV_PID"
+
+    printf '# %s\n%s\n' "$NAME" "$CLI_CMD" > $CLI_OUT
+    # The client must be a subprocess of the script in order for killing it to
+    # work properly, that's why the ampersand is placed inside the eval command,
+    # not at the end of the line: the latter approach will spawn eval as a
+    # subprocess, and the $CLI_CMD as a grandchild.
+    eval "$CLI_CMD &" >> $CLI_OUT 2>&1
+    wait_client_done
+
+    sleep 0.05
+
+    # terminate the server (and the proxy)
+    kill $SRV_PID
+    wait $SRV_PID
+    SRV_RET=$?
+
+    if [ -n "$PXY_CMD" ]; then
+        kill $PXY_PID >/dev/null 2>&1
+        wait $PXY_PID
+    fi
+}
+
+# Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]]
+# Options:  -s pattern  pattern that must be present in server output
+#           -c pattern  pattern that must be present in client output
+#           -u pattern  lines after pattern must be unique in client output
+#           -f call shell function on client output
+#           -S pattern  pattern that must be absent in server output
+#           -C pattern  pattern that must be absent in client output
+#           -U pattern  lines after pattern must be unique in server output
+#           -F call shell function on server output
+#           -g call shell function on server and client output
+run_test() {
+    NAME="$1"
+    shift 1
+
+    if is_excluded "$NAME"; then
+        SKIP_NEXT="NO"
+        # There was no request to run the test, so don't record its outcome.
+        return
+    fi
+
+    print_name "$NAME"
+
+    # Do we only run numbered tests?
+    if [ -n "$RUN_TEST_NUMBER" ]; then
+        case ",$RUN_TEST_NUMBER," in
+            *",$TESTS,"*) :;;
+            *) SKIP_NEXT="YES";;
+        esac
+    fi
+
+    # does this test use a proxy?
+    if [ "X$1" = "X-p" ]; then
+        PXY_CMD="$2"
+        shift 2
+    else
+        PXY_CMD=""
+    fi
+
+    # get commands and client output
+    SRV_CMD="$1"
+    CLI_CMD="$2"
+    CLI_EXPECT="$3"
+    shift 3
+
+    # Check if test uses files
+    case "$SRV_CMD $CLI_CMD" in
+        *data_files/*)
+            requires_config_enabled MBEDTLS_FS_IO;;
+    esac
+
+    # Check if the test uses DTLS.
+    detect_dtls "$SRV_CMD"
+    if [ "$DTLS" -eq 1 ]; then
+        requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+    fi
+
+    # If the client or server requires certain features that can be detected
+    # from their command-line arguments, check that they're enabled.
+    detect_required_features "$SRV_CMD" "$@"
+    detect_required_features "$CLI_CMD" "$@"
+
+    # If we're in a PSK-only build and the test can be adapted to PSK, do that.
+    maybe_adapt_for_psk "$@"
+
+    # should we skip?
+    if [ "X$SKIP_NEXT" = "XYES" ]; then
+        SKIP_NEXT="NO"
+        record_outcome "SKIP"
+        SKIPS=$(( $SKIPS + 1 ))
+        return
+    fi
+
+    analyze_test_commands "$@"
+
+    # One regular run and two retries
+    TIMES_LEFT=3
+    while [ $TIMES_LEFT -gt 0 ]; do
+        TIMES_LEFT=$(( $TIMES_LEFT - 1 ))
+
+        do_run_test_once
+
+        check_test_failure "$@"
+        case $outcome in
+            PASS) break;;
+            RETRY*) printf "$outcome ";;
+            FAIL) return;;
+        esac
+    done
+
+    # If we get this far, the test case passed.
     record_outcome "PASS"
     if [ "$PRESERVE_LOGS" -gt 0 ]; then
         mv $SRV_OUT o-srv-${TESTS}.log
@@ -924,17 +1258,18 @@ run_test() {
 
 run_test_psa() {
     requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+    set_maybe_calc_verify none
     run_test    "PSA-supported ciphersuite: $1" \
-                "$P_SRV debug_level=3 force_version=tls1_2" \
-                "$P_CLI debug_level=3 force_version=tls1_2 force_ciphersuite=$1" \
+                "$P_SRV debug_level=3 force_version=tls12" \
+                "$P_CLI debug_level=3 force_version=tls12 force_ciphersuite=$1" \
                 0 \
                 -c "Successfully setup PSA-based decryption cipher context" \
                 -c "Successfully setup PSA-based encryption cipher context" \
-                -c "PSA calc verify" \
+                -c "$maybe_calc_verify" \
                 -c "calc PSA finished" \
                 -s "Successfully setup PSA-based decryption cipher context" \
                 -s "Successfully setup PSA-based encryption cipher context" \
-                -s "PSA calc verify" \
+                -s "$maybe_calc_verify" \
                 -s "calc PSA finished" \
                 -C "Failed to setup PSA-based cipher context"\
                 -S "Failed to setup PSA-based cipher context"\
@@ -943,21 +1278,23 @@ run_test_psa() {
                 -c "Perform PSA-based computation of digest of ServerKeyExchange" \
                 -S "error" \
                 -C "error"
+    unset maybe_calc_verify
 }
 
 run_test_psa_force_curve() {
     requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+    set_maybe_calc_verify none
     run_test    "PSA - ECDH with $1" \
-                "$P_SRV debug_level=4 force_version=tls1_2" \
-                "$P_CLI debug_level=4 force_version=tls1_2 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 curves=$1" \
+                "$P_SRV debug_level=4 force_version=tls12" \
+                "$P_CLI debug_level=4 force_version=tls12 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 curves=$1" \
                 0 \
                 -c "Successfully setup PSA-based decryption cipher context" \
                 -c "Successfully setup PSA-based encryption cipher context" \
-                -c "PSA calc verify" \
+                -c "$maybe_calc_verify" \
                 -c "calc PSA finished" \
                 -s "Successfully setup PSA-based decryption cipher context" \
                 -s "Successfully setup PSA-based encryption cipher context" \
-                -s "PSA calc verify" \
+                -s "$maybe_calc_verify" \
                 -s "calc PSA finished" \
                 -C "Failed to setup PSA-based cipher context"\
                 -S "Failed to setup PSA-based cipher context"\
@@ -966,6 +1303,7 @@ run_test_psa_force_curve() {
                 -c "Perform PSA-based computation of digest of ServerKeyExchange" \
                 -S "error" \
                 -C "error"
+    unset maybe_calc_verify
 }
 
 # Test that the server's memory usage after a handshake is reduced when a client specifies
@@ -975,14 +1313,14 @@ run_test_psa_force_curve() {
 run_test_memory_after_hanshake_with_mfl()
 {
     # The test passes if the difference is around 2*(16k-MFL)
-    local MEMORY_USAGE_LIMIT="$(( $2 - ( 2 * ( 16384 - $1 )) ))"
+    MEMORY_USAGE_LIMIT="$(( $2 - ( 2 * ( 16384 - $1 )) ))"
 
     # Leave some margin for robustness
     MEMORY_USAGE_LIMIT="$(( ( MEMORY_USAGE_LIMIT * 110 ) / 100 ))"
 
     run_test    "Handshake memory usage (MFL $1)" \
-                "$P_SRV debug_level=3 auth_mode=required force_version=tls1_2" \
-                "$P_CLI debug_level=3 force_version=tls1_2 \
+                "$P_SRV debug_level=3 auth_mode=required force_version=tls12" \
+                "$P_CLI debug_level=3 force_version=tls12 \
                     crt_file=data_files/server5.crt key_file=data_files/server5.key \
                     force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM max_frag_len=$1" \
                 0 \
@@ -1000,8 +1338,8 @@ run_tests_memory_after_hanshake()
     # first test with default MFU is to get reference memory usage
     MEMORY_USAGE_MFL_16K=0
     run_test    "Handshake memory usage initial (MFL 16384 - default)" \
-                "$P_SRV debug_level=3 auth_mode=required force_version=tls1_2" \
-                "$P_CLI debug_level=3 force_version=tls1_2 \
+                "$P_SRV debug_level=3 auth_mode=required force_version=tls12" \
+                "$P_CLI debug_level=3 force_version=tls12 \
                     crt_file=data_files/server5.crt key_file=data_files/server5.key \
                     force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM" \
                 0 \
@@ -1037,6 +1375,54 @@ cleanup() {
 
 get_options "$@"
 
+# Make the outcome file path relative to the original directory, not
+# to .../tests
+case "$MBEDTLS_TEST_OUTCOME_FILE" in
+    [!/]*)
+        MBEDTLS_TEST_OUTCOME_FILE="$ORIGINAL_PWD/$MBEDTLS_TEST_OUTCOME_FILE"
+        ;;
+esac
+
+# Optimize filters: if $FILTER and $EXCLUDE can be expressed as shell
+# patterns rather than regular expressions, use a case statement instead
+# of calling grep. To keep the optimizer simple, it is incomplete and only
+# detects simple cases: plain substring, everything, nothing.
+#
+# As an exception, the character '.' is treated as an ordinary character
+# if it is the only special character in the string. This is because it's
+# rare to need "any one character", but needing a literal '.' is common
+# (e.g. '-f "DTLS 1.2"').
+need_grep=
+case "$FILTER" in
+    '^$') simple_filter=;;
+    '.*') simple_filter='*';;
+    *[][$+*?\\^{\|}]*) # Regexp special characters (other than .), we need grep
+        need_grep=1;;
+    *) # No regexp or shell-pattern special character
+        simple_filter="*$FILTER*";;
+esac
+case "$EXCLUDE" in
+    '^$') simple_exclude=;;
+    '.*') simple_exclude='*';;
+    *[][$+*?\\^{\|}]*) # Regexp special characters (other than .), we need grep
+        need_grep=1;;
+    *) # No regexp or shell-pattern special character
+        simple_exclude="*$EXCLUDE*";;
+esac
+if [ -n "$need_grep" ]; then
+    is_excluded () {
+        ! echo "$1" | grep "$FILTER" | grep -q -v "$EXCLUDE"
+    }
+else
+    is_excluded () {
+        case "$1" in
+            $simple_exclude) true;;
+            $simple_filter) false;;
+            *) true;;
+        esac
+    }
+fi
+
 # sanity checks, avoid an avalanche of errors
 P_SRV_BIN="${P_SRV%%[  ]*}"
 P_CLI_BIN="${P_CLI%%[  ]*}"
@@ -1059,8 +1445,8 @@ if [ "$MEMCHECK" -gt 0 ]; then
         exit 1
     fi
 fi
-if which $OPENSSL_CMD >/dev/null 2>&1; then :; else
-    echo "Command '$OPENSSL_CMD' not found"
+if which $OPENSSL >/dev/null 2>&1; then :; else
+    echo "Command '$OPENSSL' not found"
     exit 1
 fi
 
@@ -1094,17 +1480,38 @@ SRV_DELAY_SECONDS=0
 
 # fix commands to use this port, force IPv4 while at it
 # +SRV_PORT will be replaced by either $SRV_PORT or $PXY_PORT later
+# Note: Using 'localhost' rather than 127.0.0.1 here is unwise, as on many
+# machines that will resolve to ::1, and we don't want ipv6 here.
 P_SRV="$P_SRV server_addr=127.0.0.1 server_port=$SRV_PORT"
 P_CLI="$P_CLI server_addr=127.0.0.1 server_port=+SRV_PORT"
 P_PXY="$P_PXY server_addr=127.0.0.1 server_port=$SRV_PORT listen_addr=127.0.0.1 listen_port=$PXY_PORT ${SEED:+"seed=$SEED"}"
-O_SRV="$O_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem"
-O_CLI="$O_CLI -connect localhost:+SRV_PORT"
+O_SRV="$O_SRV -accept $SRV_PORT"
+O_CLI="$O_CLI -connect 127.0.0.1:+SRV_PORT"
 G_SRV="$G_SRV -p $SRV_PORT"
 G_CLI="$G_CLI -p +SRV_PORT"
 
 if [ -n "${OPENSSL_LEGACY:-}" ]; then
     O_LEGACY_SRV="$O_LEGACY_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem"
-    O_LEGACY_CLI="$O_LEGACY_CLI -connect localhost:+SRV_PORT"
+    O_LEGACY_CLI="$O_LEGACY_CLI -connect 127.0.0.1:+SRV_PORT"
+fi
+
+# Newer versions of OpenSSL have a syntax to enable all "ciphers", even
+# low-security ones. This covers not just cipher suites but also protocol
+# versions. It is necessary, for example, to use (D)TLS 1.0/1.1 on
+# OpenSSL 1.1.1f from Ubuntu 20.04. The syntax was only introduced in
+# OpenSSL 1.1.0 (21e0c1d23afff48601eb93135defddae51f7e2e3) and I can't find
+# a way to discover it from -help, so check the openssl version.
+case $($OPENSSL version) in
+    "OpenSSL 0"*|"OpenSSL 1.0"*) :;;
+    *)
+        O_CLI="$O_CLI -cipher ALL@SECLEVEL=0"
+        O_SRV="$O_SRV -cipher ALL@SECLEVEL=0"
+        ;;
+esac
+
+if [ -n "${OPENSSL_NEXT:-}" ]; then
+    O_NEXT_SRV="$O_NEXT_SRV -accept $SRV_PORT"
+    O_NEXT_CLI="$O_NEXT_CLI -connect 127.0.0.1:+SRV_PORT"
 fi
 
 if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
@@ -1133,8 +1540,11 @@ trap cleanup INT TERM HUP
 
 # Checks that:
 # - things work with all ciphersuites active (used with config-full in all.sh)
-# - the expected (highest security) parameters are selected
-#   ("signature_algorithm ext: 6" means SHA-512 (highest common hash))
+# - the expected parameters are selected
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_ciphersuite_enabled TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
+requires_config_enabled MBEDTLS_SHA512_C # "signature_algorithm ext: 6"
+requires_config_enabled MBEDTLS_ECP_DP_SECP521R1_ENABLED
 run_test    "Default" \
             "$P_SRV debug_level=3" \
             "$P_CLI" \
@@ -1146,6 +1556,8 @@ run_test    "Default" \
             -S "error" \
             -C "error"
 
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_ciphersuite_enabled TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
 run_test    "Default, DTLS" \
             "$P_SRV dtls=1" \
             "$P_CLI dtls=1" \
@@ -1227,15 +1639,150 @@ requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
 requires_config_enabled MBEDTLS_ECDSA_C
 requires_config_enabled MBEDTLS_SHA256_C
 run_test    "Opaque key for client authentication" \
-            "$P_SRV auth_mode=required" \
+            "$P_SRV auth_mode=required crt_file=data_files/server5.crt \
+             key_file=data_files/server5.key" \
+            "$P_CLI key_opaque=1 crt_file=data_files/server5.crt \
+             key_file=data_files/server5.key" \
+            0 \
+            -c "key type: Opaque" \
+            -c "Ciphersuite is TLS-ECDHE-ECDSA" \
+            -s "Verifying peer X.509 certificate... ok" \
+            -s "Ciphersuite is TLS-ECDHE-ECDSA" \
+            -S "error" \
+            -C "error"
+
+# Test using an opaque private key for server authentication
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SHA256_C
+run_test    "Opaque key for server authentication" \
+            "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \
+             key_file=data_files/server5.key" \
+            "$P_CLI crt_file=data_files/server5.crt \
+             key_file=data_files/server5.key" \
+            0 \
+            -c "Verifying peer X.509 certificate... ok" \
+            -c "Ciphersuite is TLS-ECDHE-ECDSA" \
+            -s "key types: Opaque - invalid PK" \
+            -s "Ciphersuite is TLS-ECDHE-ECDSA" \
+            -S "error" \
+            -C "error"
+
+# Test using an opaque private key for client/server authentication
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SHA256_C
+run_test    "Opaque key for client/server authentication" \
+            "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \
+             key_file=data_files/server5.key" \
             "$P_CLI key_opaque=1 crt_file=data_files/server5.crt \
              key_file=data_files/server5.key" \
             0 \
             -c "key type: Opaque" \
+            -c "Verifying peer X.509 certificate... ok" \
+            -c "Ciphersuite is TLS-ECDHE-ECDSA" \
+            -s "key types: Opaque - invalid PK" \
             -s "Verifying peer X.509 certificate... ok" \
+            -s "Ciphersuite is TLS-ECDHE-ECDSA" \
             -S "error" \
             -C "error"
 
+# Opaque keys not supported for static ECDH
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
+run_test    "Opaque key: server: ECDH-ECDSA not supported" \
+            "$P_SRV debug_level=1 key_opaque=1
+             crt_file=data_files/server5.crt key_file=data_files/server5.key" \
+            "$P_CLI force_ciphersuite=TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256" \
+            1 \
+            -s "server key not ECDH capable" \
+            -s "ssl_get_ecdh_params_from_cert() returned" \
+            -s "error" \
+            -c "error"
+
+# Opaque keys not supported for static ECDH
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
+run_test    "Opaque key: server: ECDH-RSA not supported" \
+            "$P_SRV debug_level=1 key_opaque=1
+             crt_file=data_files/server5.crt key_file=data_files/server5.key" \
+            "$P_CLI force_ciphersuite=TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256" \
+            1 \
+            -s "server key not ECDH capable" \
+            -s "ssl_get_ecdh_params_from_cert() returned" \
+            -s "error" \
+            -c "error"
+
+# Opaque PSKs not supported for mixed PSK
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "Opaque psk: client: ECDHE-PSK not supported" \
+            "$P_SRV debug_level=1 psk=abc123 psk_identity=foo" \
+            "$P_CLI debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 \
+            force_version=tls12 \
+            force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \
+            1 \
+            -c "opaque PSK not supported with ECDHE-PSK" \
+            -s "error" \
+            -c "error"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "Opaque psk: client: DHE-PSK not supported" \
+            "$P_SRV debug_level=1 psk=abc123 psk_identity=foo" \
+            "$P_CLI debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 \
+            force_version=tls12 \
+            force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \
+            1 \
+            -c "opaque PSK not supported with DHE-PSK" \
+            -s "error" \
+            -c "error"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "Opaque psk: client: RSA-PSK not supported" \
+            "$P_SRV debug_level=1 psk=abc123 psk_identity=foo" \
+            "$P_CLI debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 \
+            force_version=tls12 \
+            force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \
+            1 \
+            -c "opaque PSK not supported with RSA-PSK" \
+            -s "error" \
+            -c "error"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "Opaque psk: server: ECDHE-PSK not supported" \
+            "$P_SRV debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 \
+            force_version=tls12 \
+            force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_CLI debug_level=1 psk=abc123 psk_identity=foo" \
+            1 \
+            -s "opaque PSK not supported with ECDHE-PSK" \
+            -s "error" \
+            -c "error"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "Opaque psk: server: DHE-PSK not supported" \
+            "$P_SRV debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 \
+            force_version=tls12 \
+            force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_CLI debug_level=1 psk=abc123 psk_identity=foo" \
+            1 \
+            -s "opaque PSK not supported with DHE-PSK" \
+            -s "error" \
+            -c "error"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "Opaque psk: server: RSA-PSK not supported" \
+            "$P_SRV debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 \
+            force_version=tls12 \
+            force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_CLI debug_level=1 psk=abc123 psk_identity=foo" \
+            1 \
+            -s "opaque PSK not supported with RSA-PSK" \
+            -s "error" \
+            -c "error"
+
 # Test ciphersuites which we expect to be fully supported by PSA Crypto
 # and check that we don't fall back to Mbed TLS' internal crypto primitives.
 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM
@@ -1264,8 +1811,13 @@ requires_config_enabled MBEDTLS_ECP_DP_BP256R1_ENABLED
 run_test_psa_force_curve "brainpoolP256r1"
 requires_config_enabled MBEDTLS_ECP_DP_SECP224R1_ENABLED
 run_test_psa_force_curve "secp224r1"
-requires_config_enabled MBEDTLS_ECP_DP_SECP224K1_ENABLED
-run_test_psa_force_curve "secp224k1"
+## SECP224K1 is buggy via the PSA API
+## (https://github.com/Mbed-TLS/mbedtls/issues/3541),
+## so it is disabled in PSA even when it's enabled in Mbed TLS.
+## The proper dependency would be on PSA_WANT_ECC_SECP_K1_224 but
+## dependencies on PSA symbols in ssl-opt.sh are not implemented yet.
+#requires_config_enabled MBEDTLS_ECP_DP_SECP224K1_ENABLED
+#run_test_psa_force_curve "secp224k1"
 requires_config_enabled MBEDTLS_ECP_DP_SECP192R1_ENABLED
 run_test_psa_force_curve "secp192r1"
 requires_config_enabled MBEDTLS_ECP_DP_SECP192K1_ENABLED
@@ -1311,6 +1863,13 @@ run_test    "Context-specific CRT verification callback" \
 
 # Tests for rc4 option
 
+# Manual dependencies on the ciphersuite support are necessary
+# because the automatic requirements from force_ciphersuite=... detection
+# make an exception for these test cases since they expect a handshake
+# failure.
+requires_config_enabled MBEDTLS_ARC4_C
+requires_config_enabled MBEDTLS_SHA1_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
 requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES
 run_test    "RC4: server disabled, client enabled" \
             "$P_SRV" \
@@ -1318,6 +1877,9 @@ run_test    "RC4: server disabled, client enabled" \
             1 \
             -s "SSL - The server has no ciphersuites in common"
 
+requires_config_enabled MBEDTLS_ARC4_C
+requires_config_enabled MBEDTLS_SHA1_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
 requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES
 run_test    "RC4: server half, client enabled" \
             "$P_SRV arc4=1" \
@@ -1325,15 +1887,30 @@ run_test    "RC4: server half, client enabled" \
             1 \
             -s "SSL - The server has no ciphersuites in common"
 
+requires_config_enabled MBEDTLS_ARC4_C
+requires_config_enabled MBEDTLS_SHA1_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES
 run_test    "RC4: server enabled, client disabled" \
             "$P_SRV force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
             "$P_CLI" \
             1 \
             -s "SSL - The server has no ciphersuites in common"
 
+# Run even if the ciphersuite is disabled by default, but only if the
+# requisite cryptographic mechanisms are present.
+# Having "force_ciphersuite=..." in the client or server arguments would
+# prevent that due to the automatic detection, so hide behind some
+# shell expansion to fool the automatic detection.
+with_rc4_ciphersuite() {
+    exec "$@" force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA
+}
+requires_config_enabled MBEDTLS_ARC4_C
+requires_config_enabled MBEDTLS_SHA1_C
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
 run_test    "RC4: both enabled" \
-            "$P_SRV force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
-            "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+            "with_rc4_ciphersuite $P_SRV" \
+            "with_rc4_ciphersuite $P_CLI" \
             0 \
             -S "SSL - None of the common ciphersuites is usable" \
             -S "SSL - The server has no ciphersuites in common"
@@ -1341,14 +1918,12 @@ run_test    "RC4: both enabled" \
 # Test empty CA list in CertificateRequest in TLS 1.1 and earlier
 
 requires_gnutls
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
 run_test    "CertificateRequest with empty CA list, TLS 1.1 (GnuTLS server)" \
             "$G_SRV"\
             "$P_CLI force_version=tls1_1" \
             0
 
 requires_gnutls
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1
 run_test    "CertificateRequest with empty CA list, TLS 1.0 (GnuTLS server)" \
             "$G_SRV"\
             "$P_CLI force_version=tls1" \
@@ -1356,19 +1931,12 @@ run_test    "CertificateRequest with empty CA list, TLS 1.0 (GnuTLS server)" \
 
 # Tests for SHA-1 support
 
-requires_config_disabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
 run_test    "SHA-1 forbidden by default in server certificate" \
             "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \
             "$P_CLI debug_level=2 allow_sha1=0" \
             1 \
             -c "The certificate is signed with an unacceptable hash"
 
-requires_config_enabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
-run_test    "SHA-1 allowed by default in server certificate" \
-            "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \
-            "$P_CLI debug_level=2 allow_sha1=0" \
-            0
-
 run_test    "SHA-1 explicitly allowed in server certificate" \
             "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \
             "$P_CLI allow_sha1=1" \
@@ -1379,19 +1947,12 @@ run_test    "SHA-256 allowed by default in server certificate" \
             "$P_CLI allow_sha1=0" \
             0
 
-requires_config_disabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
 run_test    "SHA-1 forbidden by default in client certificate" \
             "$P_SRV auth_mode=required allow_sha1=0" \
             "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
             1 \
             -s "The certificate is signed with an unacceptable hash"
 
-requires_config_enabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
-run_test    "SHA-1 allowed by default in client certificate" \
-            "$P_SRV auth_mode=required allow_sha1=0" \
-            "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
-            0
-
 run_test    "SHA-1 explicitly allowed in client certificate" \
             "$P_SRV auth_mode=required allow_sha1=1" \
             "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
@@ -2298,8 +2859,12 @@ run_test    "Connection ID, 3D: Cli+Srv enabled, Srv disables on renegotiation"
             -c "ignoring unexpected CID" \
             -s "ignoring unexpected CID"
 
+# This and the test below it require MAX_CONTENT_LEN to be at least MFL+1, because the
+# tests check that the buffer contents are reallocated when the message is
+# larger than the buffer.
 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
 requires_config_enabled MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
+requires_max_content_len 513
 run_test    "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=512" \
             "$P_SRV dtls=1 cid=1 cid_val=dead debug_level=2" \
             "$P_CLI force_ciphersuite="TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" max_frag_len=512 dtls=1 cid=1 cid_val=beef" \
@@ -2313,6 +2878,7 @@ run_test    "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=512" \
 
 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
 requires_config_enabled MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
+requires_max_content_len 1025
 run_test    "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=1024" \
             "$P_SRV dtls=1 cid=1 cid_val=dead debug_level=2" \
             "$P_CLI force_ciphersuite="TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" max_frag_len=1024 dtls=1 cid=1 cid_val=beef" \
@@ -2386,7 +2952,6 @@ run_test    "Encrypt then MAC: client disabled, server enabled" \
             -C "using encrypt then mac" \
             -S "using encrypt then mac"
 
-requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
 run_test    "Encrypt then MAC: client SSLv3, server enabled" \
             "$P_SRV debug_level=3 min_version=ssl3 \
              force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
@@ -2399,7 +2964,6 @@ run_test    "Encrypt then MAC: client SSLv3, server enabled" \
             -C "using encrypt then mac" \
             -S "using encrypt then mac"
 
-requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
 run_test    "Encrypt then MAC: client enabled, server SSLv3" \
             "$P_SRV debug_level=3 force_version=ssl3 \
              force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
@@ -2414,6 +2978,7 @@ run_test    "Encrypt then MAC: client enabled, server SSLv3" \
 
 # Tests for Extended Master Secret extension
 
+requires_config_enabled MBEDTLS_SSL_EXTENDED_MASTER_SECRET
 run_test    "Extended Master Secret: default" \
             "$P_SRV debug_level=3" \
             "$P_CLI debug_level=3" \
@@ -2425,6 +2990,7 @@ run_test    "Extended Master Secret: default" \
             -c "session hash for extended master secret" \
             -s "session hash for extended master secret"
 
+requires_config_enabled MBEDTLS_SSL_EXTENDED_MASTER_SECRET
 run_test    "Extended Master Secret: client enabled, server disabled" \
             "$P_SRV debug_level=3 extended_ms=0" \
             "$P_CLI debug_level=3 extended_ms=1" \
@@ -2436,6 +3002,7 @@ run_test    "Extended Master Secret: client enabled, server disabled" \
             -C "session hash for extended master secret" \
             -S "session hash for extended master secret"
 
+requires_config_enabled MBEDTLS_SSL_EXTENDED_MASTER_SECRET
 run_test    "Extended Master Secret: client disabled, server enabled" \
             "$P_SRV debug_level=3 extended_ms=1" \
             "$P_CLI debug_level=3 extended_ms=0" \
@@ -2447,7 +3014,6 @@ run_test    "Extended Master Secret: client disabled, server enabled" \
             -C "session hash for extended master secret" \
             -S "session hash for extended master secret"
 
-requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
 run_test    "Extended Master Secret: client SSLv3, server enabled" \
             "$P_SRV debug_level=3 min_version=ssl3" \
             "$P_CLI debug_level=3 force_version=ssl3" \
@@ -2459,7 +3025,6 @@ run_test    "Extended Master Secret: client SSLv3, server enabled" \
             -C "session hash for extended master secret" \
             -S "session hash for extended master secret"
 
-requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
 run_test    "Extended Master Secret: client enabled, server SSLv3" \
             "$P_SRV debug_level=3 force_version=ssl3" \
             "$P_CLI debug_level=3 min_version=ssl3" \
@@ -2525,6 +3090,7 @@ run_test    "Fallback SCSV: enabled, openssl server" \
             -c "adding FALLBACK_SCSV" \
             -c "is a fatal alert message (msg 86)"
 
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
 requires_openssl_with_fallback_scsv
 run_test    "Fallback SCSV: disabled, openssl client" \
             "$P_SRV debug_level=2" \
@@ -2533,6 +3099,7 @@ run_test    "Fallback SCSV: disabled, openssl client" \
             -S "received FALLBACK_SCSV" \
             -S "inapropriate fallback"
 
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
 requires_openssl_with_fallback_scsv
 run_test    "Fallback SCSV: enabled, openssl client" \
             "$P_SRV debug_level=2" \
@@ -2587,7 +3154,7 @@ run_test    "Encrypt then MAC, DTLS: disabled, empty application data record" \
 ## The ClientHello content is spelled out below as a hex string as
 ## "prefix ciphersuite1 ciphersuite2 ciphersuite3 ciphersuite4 suffix".
 ## The expected response is an inappropriate_fallback alert.
-requires_openssl_with_fallback_scsv
+requires_config_enabled MBEDTLS_SSL_FALLBACK_SCSV
 run_test    "Fallback SCSV: beginning of list" \
             "$P_SRV debug_level=2" \
             "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 5600 0031 0032 0033 0100000900230000000f000101' '15030200020256'" \
@@ -2595,7 +3162,7 @@ run_test    "Fallback SCSV: beginning of list" \
             -s "received FALLBACK_SCSV" \
             -s "inapropriate fallback"
 
-requires_openssl_with_fallback_scsv
+requires_config_enabled MBEDTLS_SSL_FALLBACK_SCSV
 run_test    "Fallback SCSV: end of list" \
             "$P_SRV debug_level=2" \
             "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 0031 0032 0033 5600 0100000900230000000f000101' '15030200020256'" \
@@ -2604,7 +3171,7 @@ run_test    "Fallback SCSV: end of list" \
             -s "inapropriate fallback"
 
 ## Here the expected response is a valid ServerHello prefix, up to the random.
-requires_openssl_with_fallback_scsv
+requires_config_enabled MBEDTLS_SSL_FALLBACK_SCSV
 run_test    "Fallback SCSV: not in list" \
             "$P_SRV debug_level=2" \
             "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 0056 0031 0032 0033 0100000900230000000f000101' '16030200300200002c0302'" \
@@ -2617,7 +3184,7 @@ run_test    "Fallback SCSV: not in list" \
 run_test    "CBC Record splitting: TLS 1.2, no splitting" \
             "$P_SRV" \
             "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
-             request_size=123 force_version=tls1_2" \
+             request_size=123 force_version=tls12" \
             0 \
             -s "Read from client: 123 bytes read" \
             -S "Read from client: 1 bytes read" \
@@ -2641,7 +3208,6 @@ run_test    "CBC Record splitting: TLS 1.0, splitting" \
             -s "Read from client: 1 bytes read" \
             -s "122 bytes read"
 
-requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
 run_test    "CBC Record splitting: SSLv3, splitting" \
             "$P_SRV min_version=ssl3" \
             "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
@@ -2824,10 +3390,13 @@ run_test    "Session resume using tickets, DTLS: openssl server" \
             -c "parse new session ticket" \
             -c "a session has been resumed"
 
+# For reasons that aren't fully understood, this test randomly fails with high
+# probability with OpenSSL 1.0.2g on the CI, see #5012.
+requires_openssl_next
 run_test    "Session resume using tickets, DTLS: openssl client" \
             "$P_SRV dtls=1 debug_level=3 tickets=1" \
-            "( $O_CLI -dtls1 -sess_out $SESSION; \
-               $O_CLI -dtls1 -sess_in $SESSION; \
+            "( $O_NEXT_CLI -dtls1 -sess_out $SESSION; \
+               $O_NEXT_CLI -dtls1 -sess_in $SESSION; \
                rm -f $SESSION )" \
             0 \
             -s "found session ticket extension" \
@@ -2875,6 +3444,7 @@ run_test    "Session resume using cache: cache_max=0" \
             -S "a session has been resumed" \
             -C "a session has been resumed"
 
+requires_config_enabled MBEDTLS_SSL_CACHE_C
 run_test    "Session resume using cache: cache_max=1" \
             "$P_SRV debug_level=3 tickets=0 cache_max=1" \
             "$P_CLI debug_level=3 tickets=0 reconnect=1" \
@@ -2884,6 +3454,7 @@ run_test    "Session resume using cache: cache_max=1" \
             -s "a session has been resumed" \
             -c "a session has been resumed"
 
+requires_config_enabled MBEDTLS_SSL_CACHE_C
 run_test    "Session resume using cache: timeout > delay" \
             "$P_SRV debug_level=3 tickets=0" \
             "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=0" \
@@ -2893,6 +3464,7 @@ run_test    "Session resume using cache: timeout > delay" \
             -s "a session has been resumed" \
             -c "a session has been resumed"
 
+requires_config_enabled MBEDTLS_SSL_CACHE_C
 run_test    "Session resume using cache: timeout < delay" \
             "$P_SRV debug_level=3 tickets=0 cache_timeout=1" \
             "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \
@@ -2902,6 +3474,7 @@ run_test    "Session resume using cache: timeout < delay" \
             -S "a session has been resumed" \
             -C "a session has been resumed"
 
+requires_config_enabled MBEDTLS_SSL_CACHE_C
 run_test    "Session resume using cache: no timeout" \
             "$P_SRV debug_level=3 tickets=0 cache_timeout=0" \
             "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \
@@ -2911,6 +3484,7 @@ run_test    "Session resume using cache: no timeout" \
             -s "a session has been resumed" \
             -c "a session has been resumed"
 
+requires_config_enabled MBEDTLS_SSL_CACHE_C
 run_test    "Session resume using cache: session copy" \
             "$P_SRV debug_level=3 tickets=0" \
             "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_mode=0" \
@@ -2920,6 +3494,7 @@ run_test    "Session resume using cache: session copy" \
             -s "a session has been resumed" \
             -c "a session has been resumed"
 
+requires_config_enabled MBEDTLS_SSL_CACHE_C
 run_test    "Session resume using cache: openssl client" \
             "$P_SRV debug_level=3 tickets=0" \
             "( $O_CLI -sess_out $SESSION; \
@@ -2932,6 +3507,7 @@ run_test    "Session resume using cache: openssl client" \
             -S "session successfully restored from ticket" \
             -s "a session has been resumed"
 
+requires_config_enabled MBEDTLS_SSL_CACHE_C
 run_test    "Session resume using cache: openssl server" \
             "$O_SRV" \
             "$P_CLI debug_level=3 tickets=0 reconnect=1" \
@@ -2940,8 +3516,32 @@ run_test    "Session resume using cache: openssl server" \
             -C "parse new session ticket" \
             -c "a session has been resumed"
 
+# Tests for Session resume and extensions
+
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
+run_test    "Session resume and connection ID" \
+            "$P_SRV debug_level=3 cid=1 cid_val=dead dtls=1 tickets=0" \
+            "$P_CLI debug_level=3 cid=1 cid_val=beef dtls=1 tickets=0 reconnect=1" \
+            0 \
+            -c "Enable use of CID extension." \
+            -s "Enable use of CID extension." \
+            -c "client hello, adding CID extension" \
+            -s "found CID extension"           \
+            -s "Use of CID extension negotiated" \
+            -s "server hello, adding CID extension" \
+            -c "found CID extension" \
+            -c "Use of CID extension negotiated" \
+            -s "Copy CIDs into SSL transform" \
+            -c "Copy CIDs into SSL transform" \
+            -c "Peer CID (length 2 Bytes): de ad" \
+            -s "Peer CID (length 2 Bytes): be ef" \
+            -s "Use of Connection ID has been negotiated" \
+            -c "Use of Connection ID has been negotiated"
+
 # Tests for Session Resume based on session-ID and cache, DTLS
 
+requires_config_enabled MBEDTLS_SSL_CACHE_C
 run_test    "Session resume using cache, DTLS: tickets enabled on client" \
             "$P_SRV dtls=1 debug_level=3 tickets=0" \
             "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1 skip_close_notify=1" \
@@ -2956,6 +3556,7 @@ run_test    "Session resume using cache, DTLS: tickets enabled on client" \
             -s "a session has been resumed" \
             -c "a session has been resumed"
 
+requires_config_enabled MBEDTLS_SSL_CACHE_C
 run_test    "Session resume using cache, DTLS: tickets enabled on server" \
             "$P_SRV dtls=1 debug_level=3 tickets=1" \
             "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \
@@ -2970,6 +3571,7 @@ run_test    "Session resume using cache, DTLS: tickets enabled on server" \
             -s "a session has been resumed" \
             -c "a session has been resumed"
 
+requires_config_enabled MBEDTLS_SSL_CACHE_C
 run_test    "Session resume using cache, DTLS: cache_max=0" \
             "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=0" \
             "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \
@@ -2979,6 +3581,7 @@ run_test    "Session resume using cache, DTLS: cache_max=0" \
             -S "a session has been resumed" \
             -C "a session has been resumed"
 
+requires_config_enabled MBEDTLS_SSL_CACHE_C
 run_test    "Session resume using cache, DTLS: cache_max=1" \
             "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=1" \
             "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \
@@ -2988,6 +3591,7 @@ run_test    "Session resume using cache, DTLS: cache_max=1" \
             -s "a session has been resumed" \
             -c "a session has been resumed"
 
+requires_config_enabled MBEDTLS_SSL_CACHE_C
 run_test    "Session resume using cache, DTLS: timeout > delay" \
             "$P_SRV dtls=1 debug_level=3 tickets=0" \
             "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=0" \
@@ -2997,6 +3601,7 @@ run_test    "Session resume using cache, DTLS: timeout > delay" \
             -s "a session has been resumed" \
             -c "a session has been resumed"
 
+requires_config_enabled MBEDTLS_SSL_CACHE_C
 run_test    "Session resume using cache, DTLS: timeout < delay" \
             "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=1" \
             "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=2" \
@@ -3006,6 +3611,7 @@ run_test    "Session resume using cache, DTLS: timeout < delay" \
             -S "a session has been resumed" \
             -C "a session has been resumed"
 
+requires_config_enabled MBEDTLS_SSL_CACHE_C
 run_test    "Session resume using cache, DTLS: no timeout" \
             "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=0" \
             "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=2" \
@@ -3015,6 +3621,7 @@ run_test    "Session resume using cache, DTLS: no timeout" \
             -s "a session has been resumed" \
             -c "a session has been resumed"
 
+requires_config_enabled MBEDTLS_SSL_CACHE_C
 run_test    "Session resume using cache, DTLS: session copy" \
             "$P_SRV dtls=1 debug_level=3 tickets=0" \
             "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_mode=0" \
@@ -3024,10 +3631,14 @@ run_test    "Session resume using cache, DTLS: session copy" \
             -s "a session has been resumed" \
             -c "a session has been resumed"
 
+# For reasons that aren't fully understood, this test randomly fails with high
+# probability with OpenSSL 1.0.2g on the CI, see #5012.
+requires_openssl_next
+requires_config_enabled MBEDTLS_SSL_CACHE_C
 run_test    "Session resume using cache, DTLS: openssl client" \
             "$P_SRV dtls=1 debug_level=3 tickets=0" \
-            "( $O_CLI -dtls1 -sess_out $SESSION; \
-               $O_CLI -dtls1 -sess_in $SESSION; \
+            "( $O_NEXT_CLI -dtls1 -sess_out $SESSION; \
+               $O_NEXT_CLI -dtls1 -sess_in $SESSION; \
                rm -f $SESSION )" \
             0 \
             -s "found session ticket extension" \
@@ -3036,6 +3647,7 @@ run_test    "Session resume using cache, DTLS: openssl client" \
             -S "session successfully restored from ticket" \
             -s "a session has been resumed"
 
+requires_config_enabled MBEDTLS_SSL_CACHE_C
 run_test    "Session resume using cache, DTLS: openssl server" \
             "$O_SRV -dtls1" \
             "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \
@@ -3046,15 +3658,6 @@ run_test    "Session resume using cache, DTLS: openssl server" \
 
 # Tests for Max Fragment Length extension
 
-if [ "$MAX_CONTENT_LEN" -lt "4096" ]; then
-    printf '%s defines MBEDTLS_SSL_MAX_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n' "${CONFIG_H}"
-    exit 1
-fi
-
-if [ $MAX_CONTENT_LEN -ne 16384 ]; then
-    echo "Using non-default maximum content length $MAX_CONTENT_LEN"
-fi
-
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
 run_test    "Max fragment length: enabled, default" \
             "$P_SRV debug_level=3" \
@@ -3119,7 +3722,7 @@ run_test    "Max fragment length: disabled, larger message" \
             -s "1 bytes read"
 
 requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
-run_test    "Max fragment length DTLS: disabled, larger message" \
+run_test    "Max fragment length, DTLS: disabled, larger message" \
             "$P_SRV debug_level=3 dtls=1" \
             "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \
             1 \
@@ -3129,6 +3732,7 @@ run_test    "Max fragment length DTLS: disabled, larger message" \
             -S "Maximum output fragment length is 16384" \
             -c "fragment larger than.*maximum "
 
+requires_max_content_len 4096
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
 run_test    "Max fragment length: used by client" \
             "$P_SRV debug_level=3" \
@@ -3143,6 +3747,7 @@ run_test    "Max fragment length: used by client" \
             -s "server hello, max_fragment_length extension" \
             -c "found max_fragment_length extension"
 
+requires_max_content_len 1024
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
 run_test    "Max fragment length: client 512, server 1024" \
             "$P_SRV debug_level=3 max_frag_len=1024" \
@@ -3157,6 +3762,7 @@ run_test    "Max fragment length: client 512, server 1024" \
             -s "server hello, max_fragment_length extension" \
             -c "found max_fragment_length extension"
 
+requires_max_content_len 2048
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
 run_test    "Max fragment length: client 512, server 2048" \
             "$P_SRV debug_level=3 max_frag_len=2048" \
@@ -3171,6 +3777,7 @@ run_test    "Max fragment length: client 512, server 2048" \
             -s "server hello, max_fragment_length extension" \
             -c "found max_fragment_length extension"
 
+requires_max_content_len 4096
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
 run_test    "Max fragment length: client 512, server 4096" \
             "$P_SRV debug_level=3 max_frag_len=4096" \
@@ -3185,6 +3792,7 @@ run_test    "Max fragment length: client 512, server 4096" \
             -s "server hello, max_fragment_length extension" \
             -c "found max_fragment_length extension"
 
+requires_max_content_len 1024
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
 run_test    "Max fragment length: client 1024, server 512" \
             "$P_SRV debug_level=3 max_frag_len=512" \
@@ -3199,6 +3807,7 @@ run_test    "Max fragment length: client 1024, server 512" \
             -s "server hello, max_fragment_length extension" \
             -c "found max_fragment_length extension"
 
+requires_max_content_len 2048
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
 run_test    "Max fragment length: client 1024, server 2048" \
             "$P_SRV debug_level=3 max_frag_len=2048" \
@@ -3213,6 +3822,7 @@ run_test    "Max fragment length: client 1024, server 2048" \
             -s "server hello, max_fragment_length extension" \
             -c "found max_fragment_length extension"
 
+requires_max_content_len 4096
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
 run_test    "Max fragment length: client 1024, server 4096" \
             "$P_SRV debug_level=3 max_frag_len=4096" \
@@ -3227,6 +3837,7 @@ run_test    "Max fragment length: client 1024, server 4096" \
             -s "server hello, max_fragment_length extension" \
             -c "found max_fragment_length extension"
 
+requires_max_content_len 2048
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
 run_test    "Max fragment length: client 2048, server 512" \
             "$P_SRV debug_level=3 max_frag_len=512" \
@@ -3241,6 +3852,7 @@ run_test    "Max fragment length: client 2048, server 512" \
             -s "server hello, max_fragment_length extension" \
             -c "found max_fragment_length extension"
 
+requires_max_content_len 2048
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
 run_test    "Max fragment length: client 2048, server 1024" \
             "$P_SRV debug_level=3 max_frag_len=1024" \
@@ -3255,6 +3867,7 @@ run_test    "Max fragment length: client 2048, server 1024" \
             -s "server hello, max_fragment_length extension" \
             -c "found max_fragment_length extension"
 
+requires_max_content_len 4096
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
 run_test    "Max fragment length: client 2048, server 4096" \
             "$P_SRV debug_level=3 max_frag_len=4096" \
@@ -3269,6 +3882,7 @@ run_test    "Max fragment length: client 2048, server 4096" \
             -s "server hello, max_fragment_length extension" \
             -c "found max_fragment_length extension"
 
+requires_max_content_len 4096
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
 run_test    "Max fragment length: client 4096, server 512" \
             "$P_SRV debug_level=3 max_frag_len=512" \
@@ -3283,6 +3897,7 @@ run_test    "Max fragment length: client 4096, server 512" \
             -s "server hello, max_fragment_length extension" \
             -c "found max_fragment_length extension"
 
+requires_max_content_len 4096
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
 run_test    "Max fragment length: client 4096, server 1024" \
             "$P_SRV debug_level=3 max_frag_len=1024" \
@@ -3297,6 +3912,7 @@ run_test    "Max fragment length: client 4096, server 1024" \
             -s "server hello, max_fragment_length extension" \
             -c "found max_fragment_length extension"
 
+requires_max_content_len 4096
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
 run_test    "Max fragment length: client 4096, server 2048" \
             "$P_SRV debug_level=3 max_frag_len=2048" \
@@ -3311,6 +3927,7 @@ run_test    "Max fragment length: client 4096, server 2048" \
             -s "server hello, max_fragment_length extension" \
             -c "found max_fragment_length extension"
 
+requires_max_content_len 4096
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
 run_test    "Max fragment length: used by server" \
             "$P_SRV debug_level=3 max_frag_len=4096" \
@@ -3325,6 +3942,7 @@ run_test    "Max fragment length: used by server" \
             -S "server hello, max_fragment_length extension" \
             -C "found max_fragment_length extension"
 
+requires_max_content_len 4096
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
 requires_gnutls
 run_test    "Max fragment length: gnutls server" \
@@ -3336,6 +3954,7 @@ run_test    "Max fragment length: gnutls server" \
             -c "client hello, adding max_fragment_length extension" \
             -c "found max_fragment_length extension"
 
+requires_max_content_len 2048
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
 run_test    "Max fragment length: client, message just fits" \
             "$P_SRV debug_level=3" \
@@ -3352,6 +3971,7 @@ run_test    "Max fragment length: client, message just fits" \
             -c "2048 bytes written in 1 fragments" \
             -s "2048 bytes read"
 
+requires_max_content_len 2048
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
 run_test    "Max fragment length: client, larger message" \
             "$P_SRV debug_level=3" \
@@ -3369,6 +3989,7 @@ run_test    "Max fragment length: client, larger message" \
             -s "2048 bytes read" \
             -s "297 bytes read"
 
+requires_max_content_len 2048
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
 run_test    "Max fragment length: DTLS client, larger message" \
             "$P_SRV debug_level=3 dtls=1" \
@@ -3480,6 +4101,7 @@ run_test    "Renegotiation: double" \
 
 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 2048
 run_test    "Renegotiation with max fragment length: client 2048, server 512" \
             "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1 max_frag_len=512" \
             "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 max_frag_len=2048 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
@@ -3820,7 +4442,7 @@ run_test    "Renegotiation: DTLS, gnutls server, client-initiated" \
             -C "error" \
             -s "Extra-header:"
 
-# Test for the "secure renegotation" extension only (no actual renegotiation)
+# Test for the "secure renegotiation" extension only (no actual renegotiation)
 
 requires_gnutls
 run_test    "Renego ext: gnutls server strict, client default" \
@@ -4030,7 +4652,6 @@ run_test    "Authentication: client SHA384, server required" \
             -c "Supported Signature Algorithm found: 4," \
             -c "Supported Signature Algorithm found: 5,"
 
-requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
 run_test    "Authentication: client has no cert, server required (SSLv3)" \
             "$P_SRV debug_level=3 min_version=ssl3 auth_mode=required" \
             "$P_CLI debug_level=3 force_version=ssl3 crt_file=none \
@@ -4083,6 +4704,21 @@ run_test    "Authentication: client badcert, server required" \
 # detect that its write end of the connection is closed and abort
 # before reading the alert message.
 
+run_test    "Authentication: client cert self-signed and trusted, server required" \
+            "$P_SRV debug_level=3 auth_mode=required ca_file=data_files/server5-selfsigned.crt" \
+            "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
+             key_file=data_files/server5.key" \
+            0 \
+            -S "skip write certificate request" \
+            -C "skip parse certificate request" \
+            -c "got a certificate request" \
+            -C "skip write certificate" \
+            -C "skip write certificate verify" \
+            -S "skip parse certificate verify" \
+            -S "x509_verify_cert() returned" \
+            -S "! The certificate is not correctly signed" \
+            -S "X509 - Certificate verification failed"
+
 run_test    "Authentication: client cert not trusted, server required" \
             "$P_SRV debug_level=3 auth_mode=required" \
             "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
@@ -4181,7 +4817,6 @@ run_test    "Authentication: client no cert, openssl server required" \
             -c "skip write certificate verify" \
             -c "! mbedtls_ssl_handshake returned"
 
-requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
 run_test    "Authentication: client no cert, ssl3" \
             "$P_SRV debug_level=3 auth_mode=optional force_version=ssl3" \
             "$P_CLI debug_level=3 crt_file=none key_file=none min_version=ssl3" \
@@ -4199,24 +4834,17 @@ run_test    "Authentication: client no cert, ssl3" \
             -C "! mbedtls_ssl_handshake returned" \
             -S "X509 - Certificate verification failed"
 
-# The "max_int chain" tests assume that MAX_INTERMEDIATE_CA is set to its
-# default value (8)
+# This script assumes that MBEDTLS_X509_MAX_INTERMEDIATE_CA has its default
+# value, defined here as MAX_IM_CA. Some test cases will be skipped if the
+# library is configured with a different value.
 
 MAX_IM_CA='8'
-MAX_IM_CA_CONFIG=$( ../scripts/config.py get MBEDTLS_X509_MAX_INTERMEDIATE_CA)
-
-if [ -n "$MAX_IM_CA_CONFIG" ] && [ "$MAX_IM_CA_CONFIG" -ne "$MAX_IM_CA" ]; then
-    cat <<EOF
-${CONFIG_H} contains a value for the configuration of
-MBEDTLS_X509_MAX_INTERMEDIATE_CA that is different from the script's
-test value of ${MAX_IM_CA}.
-
-The tests assume this value and if it changes, the tests in this
-script should also be adjusted.
-EOF
-    exit 1
-fi
 
+# The tests for the max_int tests can pass with any number higher than MAX_IM_CA
+# because only a chain of MAX_IM_CA length is tested. Equally, the max_int+1
+# tests can pass with any number less than MAX_IM_CA. However, stricter preconditions
+# are in place so that the semantics are consistent with the test description.
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
 requires_full_size_output_buffer
 run_test    "Authentication: server max_int chain, client default" \
             "$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
@@ -4225,6 +4853,7 @@ run_test    "Authentication: server max_int chain, client default" \
             0 \
             -C "X509 - A fatal error occurred"
 
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
 requires_full_size_output_buffer
 run_test    "Authentication: server max_int+1 chain, client default" \
             "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
@@ -4233,6 +4862,7 @@ run_test    "Authentication: server max_int+1 chain, client default" \
             1 \
             -c "X509 - A fatal error occurred"
 
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
 requires_full_size_output_buffer
 run_test    "Authentication: server max_int+1 chain, client optional" \
             "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
@@ -4242,6 +4872,7 @@ run_test    "Authentication: server max_int+1 chain, client optional" \
             1 \
             -c "X509 - A fatal error occurred"
 
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
 requires_full_size_output_buffer
 run_test    "Authentication: server max_int+1 chain, client none" \
             "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
@@ -4251,6 +4882,7 @@ run_test    "Authentication: server max_int+1 chain, client none" \
             0 \
             -C "X509 - A fatal error occurred"
 
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
 requires_full_size_output_buffer
 run_test    "Authentication: client max_int+1 chain, server default" \
             "$P_SRV ca_file=data_files/dir-maxpath/00.crt" \
@@ -4259,6 +4891,7 @@ run_test    "Authentication: client max_int+1 chain, server default" \
             0 \
             -S "X509 - A fatal error occurred"
 
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
 requires_full_size_output_buffer
 run_test    "Authentication: client max_int+1 chain, server optional" \
             "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \
@@ -4267,6 +4900,7 @@ run_test    "Authentication: client max_int+1 chain, server optional" \
             1 \
             -s "X509 - A fatal error occurred"
 
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
 requires_full_size_output_buffer
 run_test    "Authentication: client max_int+1 chain, server required" \
             "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
@@ -4275,6 +4909,7 @@ run_test    "Authentication: client max_int+1 chain, server required" \
             1 \
             -s "X509 - A fatal error occurred"
 
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
 requires_full_size_output_buffer
 run_test    "Authentication: client max_int chain, server required" \
             "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
@@ -4452,6 +5087,7 @@ run_test    "Authentication, CA callback: client badcert, server optional" \
             -C "! mbedtls_ssl_handshake returned" \
             -S "X509 - Certificate verification failed"
 
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
 requires_full_size_output_buffer
 requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
 run_test    "Authentication, CA callback: server max_int chain, client default" \
@@ -4462,6 +5098,7 @@ run_test    "Authentication, CA callback: server max_int chain, client default"
             -c "use CA callback for X.509 CRT verification" \
             -C "X509 - A fatal error occurred"
 
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
 requires_full_size_output_buffer
 requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
 run_test    "Authentication, CA callback: server max_int+1 chain, client default" \
@@ -4472,6 +5109,7 @@ run_test    "Authentication, CA callback: server max_int+1 chain, client default
             -c "use CA callback for X.509 CRT verification" \
             -c "X509 - A fatal error occurred"
 
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
 requires_full_size_output_buffer
 requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
 run_test    "Authentication, CA callback: server max_int+1 chain, client optional" \
@@ -4483,6 +5121,7 @@ run_test    "Authentication, CA callback: server max_int+1 chain, client optiona
             -c "use CA callback for X.509 CRT verification" \
             -c "X509 - A fatal error occurred"
 
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
 requires_full_size_output_buffer
 requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
 run_test    "Authentication, CA callback: client max_int+1 chain, server optional" \
@@ -4493,6 +5132,7 @@ run_test    "Authentication, CA callback: client max_int+1 chain, server optiona
             -s "use CA callback for X.509 CRT verification" \
             -s "X509 - A fatal error occurred"
 
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
 requires_full_size_output_buffer
 requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
 run_test    "Authentication, CA callback: client max_int+1 chain, server required" \
@@ -4503,6 +5143,7 @@ run_test    "Authentication, CA callback: client max_int+1 chain, server require
             -s "use CA callback for X.509 CRT verification" \
             -s "X509 - A fatal error occurred"
 
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
 requires_full_size_output_buffer
 requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
 run_test    "Authentication, CA callback: client max_int chain, server required" \
@@ -4513,14 +5154,14 @@ run_test    "Authentication, CA callback: client max_int chain, server required"
             -s "use CA callback for X.509 CRT verification" \
             -S "X509 - A fatal error occurred"
 
-# Tests for certificate selection based on SHA verson
+# Tests for certificate selection based on SHA version
 
 run_test    "Certificate hash: client TLS 1.2 -> SHA-2" \
             "$P_SRV crt_file=data_files/server5.crt \
                     key_file=data_files/server5.key \
                     crt_file2=data_files/server5-sha1.crt \
                     key_file2=data_files/server5.key" \
-            "$P_CLI force_version=tls1_2" \
+            "$P_CLI force_version=tls12" \
             0 \
             -c "signed using.*ECDSA with SHA256" \
             -C "signed using.*ECDSA with SHA1"
@@ -5011,6 +5652,7 @@ run_test    "Event-driven I/O, DTLS: session-id resume, UDP packing" \
 
 # Tests for version negotiation
 
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
 run_test    "Version check: all -> 1.2" \
             "$P_SRV" \
             "$P_CLI" \
@@ -5020,6 +5662,7 @@ run_test    "Version check: all -> 1.2" \
             -s "Protocol is TLSv1.2" \
             -c "Protocol is TLSv1.2"
 
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
 run_test    "Version check: cli max 1.1 -> 1.1" \
             "$P_SRV" \
             "$P_CLI max_version=tls1_1" \
@@ -5029,6 +5672,7 @@ run_test    "Version check: cli max 1.1 -> 1.1" \
             -s "Protocol is TLSv1.1" \
             -c "Protocol is TLSv1.1"
 
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
 run_test    "Version check: srv max 1.1 -> 1.1" \
             "$P_SRV max_version=tls1_1" \
             "$P_CLI" \
@@ -5038,6 +5682,7 @@ run_test    "Version check: srv max 1.1 -> 1.1" \
             -s "Protocol is TLSv1.1" \
             -c "Protocol is TLSv1.1"
 
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
 run_test    "Version check: cli+srv max 1.1 -> 1.1" \
             "$P_SRV max_version=tls1_1" \
             "$P_CLI max_version=tls1_1" \
@@ -5047,6 +5692,7 @@ run_test    "Version check: cli+srv max 1.1 -> 1.1" \
             -s "Protocol is TLSv1.1" \
             -c "Protocol is TLSv1.1"
 
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
 run_test    "Version check: cli max 1.1, srv min 1.1 -> 1.1" \
             "$P_SRV min_version=tls1_1" \
             "$P_CLI max_version=tls1_1" \
@@ -5056,6 +5702,7 @@ run_test    "Version check: cli max 1.1, srv min 1.1 -> 1.1" \
             -s "Protocol is TLSv1.1" \
             -c "Protocol is TLSv1.1"
 
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
 run_test    "Version check: cli min 1.1, srv max 1.1 -> 1.1" \
             "$P_SRV max_version=tls1_1" \
             "$P_CLI min_version=tls1_1" \
@@ -5065,16 +5712,20 @@ run_test    "Version check: cli min 1.1, srv max 1.1 -> 1.1" \
             -s "Protocol is TLSv1.1" \
             -c "Protocol is TLSv1.1"
 
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
 run_test    "Version check: cli min 1.2, srv max 1.1 -> fail" \
             "$P_SRV max_version=tls1_1" \
-            "$P_CLI min_version=tls1_2" \
+            "$P_CLI min_version=tls12" \
             1 \
             -s "mbedtls_ssl_handshake returned" \
             -c "mbedtls_ssl_handshake returned" \
             -c "SSL - Handshake protocol not within min/max boundaries"
 
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
 run_test    "Version check: srv min 1.2, cli max 1.1 -> fail" \
-            "$P_SRV min_version=tls1_2" \
+            "$P_SRV min_version=tls12" \
             "$P_CLI max_version=tls1_1" \
             1 \
             -s "mbedtls_ssl_handshake returned" \
@@ -5490,6 +6141,20 @@ run_test    "DHM size: server 1024, client default, OK" \
             0 \
             -C "DHM prime too short:"
 
+run_test    "DHM size: server 999, client 999, OK" \
+            "$P_SRV dhm_file=data_files/dh.999.pem" \
+            "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
+                    debug_level=1 dhmlen=999" \
+            0 \
+            -C "DHM prime too short:"
+
+run_test    "DHM size: server 1000, client 1000, OK" \
+            "$P_SRV dhm_file=data_files/dh.1000.pem" \
+            "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
+                    debug_level=1 dhmlen=1000" \
+            0 \
+            -C "DHM prime too short:"
+
 run_test    "DHM size: server 1000, client default, rejected" \
             "$P_SRV dhm_file=data_files/dh.1000.pem" \
             "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
@@ -5497,6 +6162,27 @@ run_test    "DHM size: server 1000, client default, rejected" \
             1 \
             -c "DHM prime too short:"
 
+run_test    "DHM size: server 1000, client 1001, rejected" \
+            "$P_SRV dhm_file=data_files/dh.1000.pem" \
+            "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
+                    debug_level=1 dhmlen=1001" \
+            1 \
+            -c "DHM prime too short:"
+
+run_test    "DHM size: server 999, client 1000, rejected" \
+            "$P_SRV dhm_file=data_files/dh.999.pem" \
+            "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
+                    debug_level=1 dhmlen=1000" \
+            1 \
+            -c "DHM prime too short:"
+
+run_test    "DHM size: server 998, client 999, rejected" \
+            "$P_SRV dhm_file=data_files/dh.998.pem" \
+            "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
+                    debug_level=1 dhmlen=999" \
+            1 \
+            -c "DHM prime too short:"
+
 run_test    "DHM size: server default, client 2049, rejected" \
             "$P_SRV" \
             "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
@@ -5518,7 +6204,7 @@ run_test    "PSK callback: psk, no callback" \
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: opaque psk on client, no callback" \
             "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
-            "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
             psk_identity=foo psk=abc123 psk_opaque=1" \
             0 \
             -c "skip PMS generation for opaque PSK"\
@@ -5532,7 +6218,7 @@ run_test    "PSK callback: opaque psk on client, no callback" \
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: opaque psk on client, no callback, SHA-384" \
             "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
-            "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+            "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
             psk_identity=foo psk=abc123 psk_opaque=1" \
             0 \
             -c "skip PMS generation for opaque PSK"\
@@ -5546,7 +6232,7 @@ run_test    "PSK callback: opaque psk on client, no callback, SHA-384" \
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: opaque psk on client, no callback, EMS" \
             "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
-            "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
             psk_identity=foo psk=abc123 psk_opaque=1" \
             0 \
             -c "skip PMS generation for opaque PSK"\
@@ -5560,7 +6246,7 @@ run_test    "PSK callback: opaque psk on client, no callback, EMS" \
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \
             "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
-            "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+            "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
             psk_identity=foo psk=abc123 psk_opaque=1" \
             0 \
             -c "skip PMS generation for opaque PSK"\
@@ -5573,8 +6259,8 @@ run_test    "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, static opaque on server, no callback" \
-            "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
-            "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
             psk_identity=foo psk=abc123" \
             0 \
             -C "skip PMS generation for opaque PSK"\
@@ -5587,8 +6273,8 @@ run_test    "PSK callback: raw psk on client, static opaque on server, no callba
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, static opaque on server, no callback, SHA-384" \
-            "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
-            "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+            "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
+            "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
             psk_identity=foo psk=abc123" \
             0 \
             -C "skip PMS generation for opaque PSK"\
@@ -5601,9 +6287,9 @@ run_test    "PSK callback: raw psk on client, static opaque on server, no callba
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, static opaque on server, no callback, EMS" \
-            "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 \
+            "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \
             force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
-            "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
             psk_identity=foo psk=abc123 extended_ms=1" \
             0 \
             -c "session hash for extended master secret"\
@@ -5616,9 +6302,9 @@ run_test    "PSK callback: raw psk on client, static opaque on server, no callba
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, static opaque on server, no callback, EMS, SHA384" \
-            "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 \
+            "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \
             force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
-            "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+            "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
             psk_identity=foo psk=abc123 extended_ms=1" \
             0 \
             -c "session hash for extended master secret"\
@@ -5631,8 +6317,8 @@ run_test    "PSK callback: raw psk on client, static opaque on server, no callba
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback" \
-            "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
-            "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
             psk_identity=def psk=beef" \
             0 \
             -C "skip PMS generation for opaque PSK"\
@@ -5645,8 +6331,8 @@ run_test    "PSK callback: raw psk on client, no static PSK on server, opaque PS
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, SHA-384" \
-            "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
-            "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+            "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
+            "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
             psk_identity=def psk=beef" \
             0 \
             -C "skip PMS generation for opaque PSK"\
@@ -5659,9 +6345,9 @@ run_test    "PSK callback: raw psk on client, no static PSK on server, opaque PS
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS" \
-            "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 \
+            "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
             force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
-            "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
             psk_identity=abc psk=dead extended_ms=1" \
             0 \
             -c "session hash for extended master secret"\
@@ -5674,9 +6360,9 @@ run_test    "PSK callback: raw psk on client, no static PSK on server, opaque PS
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS, SHA384" \
-            "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 \
+            "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
             force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
-            "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+            "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
             psk_identity=abc psk=dead extended_ms=1" \
             0 \
             -c "session hash for extended master secret"\
@@ -5689,8 +6375,8 @@ run_test    "PSK callback: raw psk on client, no static PSK on server, opaque PS
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, mismatching static raw PSK on server, opaque PSK from callback" \
-            "$P_SRV extended_ms=0 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
-            "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            "$P_SRV extended_ms=0 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
             psk_identity=def psk=beef" \
             0 \
             -C "skip PMS generation for opaque PSK"\
@@ -5703,8 +6389,8 @@ run_test    "PSK callback: raw psk on client, mismatching static raw PSK on serv
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, mismatching static opaque PSK on server, opaque PSK from callback" \
-            "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
-            "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
             psk_identity=def psk=beef" \
             0 \
             -C "skip PMS generation for opaque PSK"\
@@ -5717,8 +6403,8 @@ run_test    "PSK callback: raw psk on client, mismatching static opaque PSK on s
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, mismatching static opaque PSK on server, raw PSK from callback" \
-            "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
-            "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
             psk_identity=def psk=beef" \
             0 \
             -C "skip PMS generation for opaque PSK"\
@@ -5730,8 +6416,8 @@ run_test    "PSK callback: raw psk on client, mismatching static opaque PSK on s
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, id-matching but wrong raw PSK on server, opaque PSK from callback" \
-            "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
-            "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
             psk_identity=def psk=beef" \
             0 \
             -C "skip PMS generation for opaque PSK"\
@@ -5743,8 +6429,8 @@ run_test    "PSK callback: raw psk on client, id-matching but wrong raw PSK on s
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, matching opaque PSK on server, wrong opaque PSK from callback" \
-            "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,abc123 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
-            "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,abc123 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
             psk_identity=def psk=beef" \
             1 \
             -s "SSL - Verification of the message MAC failed"
@@ -5852,7 +6538,7 @@ run_test    "ECJPAKE: working, TLS" \
             -S "SSL - Verification of the message MAC failed"
 
 server_needs_more_time 1
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
 run_test    "ECJPAKE: password mismatch, TLS" \
             "$P_SRV debug_level=3 ecjpake_pw=bla" \
             "$P_CLI debug_level=3 ecjpake_pw=bad \
@@ -5861,7 +6547,7 @@ run_test    "ECJPAKE: password mismatch, TLS" \
             -C "re-using cached ecjpake parameters" \
             -s "SSL - Verification of the message MAC failed"
 
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
 run_test    "ECJPAKE: working, DTLS" \
             "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \
             "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \
@@ -5870,7 +6556,7 @@ run_test    "ECJPAKE: working, DTLS" \
             -c "re-using cached ecjpake parameters" \
             -S "SSL - Verification of the message MAC failed"
 
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
 run_test    "ECJPAKE: working, DTLS, no cookie" \
             "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla cookies=0" \
             "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \
@@ -5880,7 +6566,7 @@ run_test    "ECJPAKE: working, DTLS, no cookie" \
             -S "SSL - Verification of the message MAC failed"
 
 server_needs_more_time 1
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
 run_test    "ECJPAKE: password mismatch, DTLS" \
             "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \
             "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bad \
@@ -5890,7 +6576,7 @@ run_test    "ECJPAKE: password mismatch, DTLS" \
             -s "SSL - Verification of the message MAC failed"
 
 # for tests with configs/config-thread.h
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
 run_test    "ECJPAKE: working, DTLS, nolog" \
             "$P_SRV dtls=1 ecjpake_pw=bla" \
             "$P_CLI dtls=1 ecjpake_pw=bla \
@@ -5899,7 +6585,6 @@ run_test    "ECJPAKE: working, DTLS, nolog" \
 
 # Tests for ciphersuites per version
 
-requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
 requires_config_enabled MBEDTLS_CAMELLIA_C
 requires_config_enabled MBEDTLS_AES_C
 run_test    "Per-version suites: SSL3" \
@@ -5908,7 +6593,6 @@ run_test    "Per-version suites: SSL3" \
             0 \
             -c "Ciphersuite is TLS-RSA-WITH-CAMELLIA-128-CBC-SHA"
 
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1
 requires_config_enabled MBEDTLS_CAMELLIA_C
 requires_config_enabled MBEDTLS_AES_C
 run_test    "Per-version suites: TLS 1.0" \
@@ -5917,7 +6601,6 @@ run_test    "Per-version suites: TLS 1.0" \
             0 \
             -c "Ciphersuite is TLS-RSA-WITH-AES-256-CBC-SHA"
 
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
 requires_config_enabled MBEDTLS_CAMELLIA_C
 requires_config_enabled MBEDTLS_AES_C
 run_test    "Per-version suites: TLS 1.1" \
@@ -5926,12 +6609,12 @@ run_test    "Per-version suites: TLS 1.1" \
             0 \
             -c "Ciphersuite is TLS-RSA-WITH-AES-128-CBC-SHA"
 
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
 requires_config_enabled MBEDTLS_CAMELLIA_C
 requires_config_enabled MBEDTLS_AES_C
+requires_config_enabled MBEDTLS_GCM_C
 run_test    "Per-version suites: TLS 1.2" \
             "$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
-            "$P_CLI force_version=tls1_2" \
+            "$P_CLI force_version=tls12" \
             0 \
             -c "Ciphersuite is TLS-RSA-WITH-AES-128-GCM-SHA256"
 
@@ -5946,21 +6629,34 @@ run_test    "ClientHello without extensions" \
 
 # Tests for mbedtls_ssl_get_bytes_avail()
 
+# The server first reads buffer_size-1 bytes, then reads the remainder.
 run_test    "mbedtls_ssl_get_bytes_avail: no extra data" \
-            "$P_SRV" \
+            "$P_SRV buffer_size=100" \
             "$P_CLI request_size=100" \
             0 \
             -s "Read from client: 100 bytes read$"
 
-run_test    "mbedtls_ssl_get_bytes_avail: extra data" \
-            "$P_SRV" \
-            "$P_CLI request_size=500" \
+run_test    "mbedtls_ssl_get_bytes_avail: extra data (+1)" \
+            "$P_SRV buffer_size=100" \
+            "$P_CLI request_size=101" \
+            0 \
+            -s "Read from client: 101 bytes read (100 + 1)"
+
+requires_max_content_len 200
+run_test    "mbedtls_ssl_get_bytes_avail: extra data (*2)" \
+            "$P_SRV buffer_size=100" \
+            "$P_CLI request_size=200" \
+            0 \
+            -s "Read from client: 200 bytes read (100 + 100)"
+
+run_test    "mbedtls_ssl_get_bytes_avail: extra data (max)" \
+            "$P_SRV buffer_size=100" \
+            "$P_CLI request_size=$MAX_CONTENT_LEN" \
             0 \
-            -s "Read from client: 500 bytes read (.*+.*)"
+            -s "Read from client: $MAX_CONTENT_LEN bytes read (100 + $((MAX_CONTENT_LEN - 100)))"
 
 # Tests for small client packets
 
-requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
 run_test    "Small client packet SSLv3 BlockCipher" \
             "$P_SRV min_version=ssl3" \
             "$P_CLI request_size=1 force_version=ssl3 \
@@ -5968,7 +6664,6 @@ run_test    "Small client packet SSLv3 BlockCipher" \
             0 \
             -s "Read from client: 1 bytes read"
 
-requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
 run_test    "Small client packet SSLv3 StreamCipher" \
             "$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
             "$P_CLI request_size=1 force_version=ssl3 \
@@ -6098,21 +6793,21 @@ run_test    "Small client packet TLS 1.1 StreamCipher, without EtM, truncated MA
 
 run_test    "Small client packet TLS 1.2 BlockCipher" \
             "$P_SRV" \
-            "$P_CLI request_size=1 force_version=tls1_2 \
+            "$P_CLI request_size=1 force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
             0 \
             -s "Read from client: 1 bytes read"
 
 run_test    "Small client packet TLS 1.2 BlockCipher, without EtM" \
             "$P_SRV" \
-            "$P_CLI request_size=1 force_version=tls1_2 \
+            "$P_CLI request_size=1 force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
             0 \
             -s "Read from client: 1 bytes read"
 
 run_test    "Small client packet TLS 1.2 BlockCipher larger MAC" \
             "$P_SRV" \
-            "$P_CLI request_size=1 force_version=tls1_2 \
+            "$P_CLI request_size=1 force_version=tls12 \
              force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
             0 \
             -s "Read from client: 1 bytes read"
@@ -6120,7 +6815,7 @@ run_test    "Small client packet TLS 1.2 BlockCipher larger MAC" \
 requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
 run_test    "Small client packet TLS 1.2 BlockCipher, truncated MAC" \
             "$P_SRV trunc_hmac=1" \
-            "$P_CLI request_size=1 force_version=tls1_2 \
+            "$P_CLI request_size=1 force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
             0 \
             -s "Read from client: 1 bytes read"
@@ -6128,21 +6823,21 @@ run_test    "Small client packet TLS 1.2 BlockCipher, truncated MAC" \
 requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
 run_test    "Small client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
             "$P_SRV trunc_hmac=1" \
-            "$P_CLI request_size=1 force_version=tls1_2 \
+            "$P_CLI request_size=1 force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
             0 \
             -s "Read from client: 1 bytes read"
 
 run_test    "Small client packet TLS 1.2 StreamCipher" \
             "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
-            "$P_CLI request_size=1 force_version=tls1_2 \
+            "$P_CLI request_size=1 force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
             0 \
             -s "Read from client: 1 bytes read"
 
 run_test    "Small client packet TLS 1.2 StreamCipher, without EtM" \
             "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
-            "$P_CLI request_size=1 force_version=tls1_2 \
+            "$P_CLI request_size=1 force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
             0 \
             -s "Read from client: 1 bytes read"
@@ -6150,7 +6845,7 @@ run_test    "Small client packet TLS 1.2 StreamCipher, without EtM" \
 requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
 run_test    "Small client packet TLS 1.2 StreamCipher, truncated MAC" \
             "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
-            "$P_CLI request_size=1 force_version=tls1_2 \
+            "$P_CLI request_size=1 force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
             0 \
             -s "Read from client: 1 bytes read"
@@ -6158,21 +6853,21 @@ run_test    "Small client packet TLS 1.2 StreamCipher, truncated MAC" \
 requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
 run_test    "Small client packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
             "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
-            "$P_CLI request_size=1 force_version=tls1_2 \
+            "$P_CLI request_size=1 force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
             0 \
             -s "Read from client: 1 bytes read"
 
 run_test    "Small client packet TLS 1.2 AEAD" \
             "$P_SRV" \
-            "$P_CLI request_size=1 force_version=tls1_2 \
+            "$P_CLI request_size=1 force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
             0 \
             -s "Read from client: 1 bytes read"
 
 run_test    "Small client packet TLS 1.2 AEAD shorter tag" \
             "$P_SRV" \
-            "$P_CLI request_size=1 force_version=tls1_2 \
+            "$P_CLI request_size=1 force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
             0 \
             -s "Read from client: 1 bytes read"
@@ -6215,7 +6910,7 @@ run_test    "Small client packet DTLS 1.0, without EtM, truncated MAC" \
 
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 run_test    "Small client packet DTLS 1.2" \
-            "$P_SRV dtls=1 force_version=dtls1_2" \
+            "$P_SRV dtls=1 force_version=dtls12" \
             "$P_CLI dtls=1 request_size=1 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
             0 \
@@ -6223,7 +6918,7 @@ run_test    "Small client packet DTLS 1.2" \
 
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 run_test    "Small client packet DTLS 1.2, without EtM" \
-            "$P_SRV dtls=1 force_version=dtls1_2 etm=0" \
+            "$P_SRV dtls=1 force_version=dtls12 etm=0" \
             "$P_CLI dtls=1 request_size=1 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
             0 \
@@ -6232,7 +6927,7 @@ run_test    "Small client packet DTLS 1.2, without EtM" \
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
 run_test    "Small client packet DTLS 1.2, truncated hmac" \
-            "$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1" \
+            "$P_SRV dtls=1 force_version=dtls12 trunc_hmac=1" \
             "$P_CLI dtls=1 request_size=1 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
             0 \
@@ -6241,7 +6936,7 @@ run_test    "Small client packet DTLS 1.2, truncated hmac" \
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
 run_test    "Small client packet DTLS 1.2, without EtM, truncated MAC" \
-            "$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \
+            "$P_SRV dtls=1 force_version=dtls12 trunc_hmac=1 etm=0" \
             "$P_CLI dtls=1 request_size=1 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
             0 \
@@ -6249,7 +6944,6 @@ run_test    "Small client packet DTLS 1.2, without EtM, truncated MAC" \
 
 # Tests for small server packets
 
-requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
 run_test    "Small server packet SSLv3 BlockCipher" \
             "$P_SRV response_size=1 min_version=ssl3" \
             "$P_CLI force_version=ssl3 \
@@ -6257,7 +6951,6 @@ run_test    "Small server packet SSLv3 BlockCipher" \
             0 \
             -c "Read from server: 1 bytes read"
 
-requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
 run_test    "Small server packet SSLv3 StreamCipher" \
             "$P_SRV response_size=1 min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
             "$P_CLI force_version=ssl3 \
@@ -6387,21 +7080,21 @@ run_test    "Small server packet TLS 1.1 StreamCipher, without EtM, truncated MA
 
 run_test    "Small server packet TLS 1.2 BlockCipher" \
             "$P_SRV response_size=1" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
             0 \
             -c "Read from server: 1 bytes read"
 
 run_test    "Small server packet TLS 1.2 BlockCipher, without EtM" \
             "$P_SRV response_size=1" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
             0 \
             -c "Read from server: 1 bytes read"
 
 run_test    "Small server packet TLS 1.2 BlockCipher larger MAC" \
             "$P_SRV response_size=1" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
             0 \
             -c "Read from server: 1 bytes read"
@@ -6409,7 +7102,7 @@ run_test    "Small server packet TLS 1.2 BlockCipher larger MAC" \
 requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
 run_test    "Small server packet TLS 1.2 BlockCipher, truncated MAC" \
             "$P_SRV response_size=1 trunc_hmac=1" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
             0 \
             -c "Read from server: 1 bytes read"
@@ -6417,21 +7110,21 @@ run_test    "Small server packet TLS 1.2 BlockCipher, truncated MAC" \
 requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
 run_test    "Small server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
             "$P_SRV response_size=1 trunc_hmac=1" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
             0 \
             -c "Read from server: 1 bytes read"
 
 run_test    "Small server packet TLS 1.2 StreamCipher" \
             "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
             0 \
             -c "Read from server: 1 bytes read"
 
 run_test    "Small server packet TLS 1.2 StreamCipher, without EtM" \
             "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
             0 \
             -c "Read from server: 1 bytes read"
@@ -6439,7 +7132,7 @@ run_test    "Small server packet TLS 1.2 StreamCipher, without EtM" \
 requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
 run_test    "Small server packet TLS 1.2 StreamCipher, truncated MAC" \
             "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
             0 \
             -c "Read from server: 1 bytes read"
@@ -6447,21 +7140,21 @@ run_test    "Small server packet TLS 1.2 StreamCipher, truncated MAC" \
 requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
 run_test    "Small server packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
             "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
             0 \
             -c "Read from server: 1 bytes read"
 
 run_test    "Small server packet TLS 1.2 AEAD" \
             "$P_SRV response_size=1" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
             0 \
             -c "Read from server: 1 bytes read"
 
 run_test    "Small server packet TLS 1.2 AEAD shorter tag" \
             "$P_SRV response_size=1" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
             0 \
             -c "Read from server: 1 bytes read"
@@ -6504,7 +7197,7 @@ run_test    "Small server packet DTLS 1.0, without EtM, truncated MAC" \
 
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 run_test    "Small server packet DTLS 1.2" \
-            "$P_SRV dtls=1 response_size=1 force_version=dtls1_2" \
+            "$P_SRV dtls=1 response_size=1 force_version=dtls12" \
             "$P_CLI dtls=1 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
             0 \
@@ -6512,7 +7205,7 @@ run_test    "Small server packet DTLS 1.2" \
 
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 run_test    "Small server packet DTLS 1.2, without EtM" \
-            "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 etm=0" \
+            "$P_SRV dtls=1 response_size=1 force_version=dtls12 etm=0" \
             "$P_CLI dtls=1 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
             0 \
@@ -6521,7 +7214,7 @@ run_test    "Small server packet DTLS 1.2, without EtM" \
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
 run_test    "Small server packet DTLS 1.2, truncated hmac" \
-            "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1" \
+            "$P_SRV dtls=1 response_size=1 force_version=dtls12 trunc_hmac=1" \
             "$P_CLI dtls=1 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
             0 \
@@ -6530,15 +7223,14 @@ run_test    "Small server packet DTLS 1.2, truncated hmac" \
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
 run_test    "Small server packet DTLS 1.2, without EtM, truncated MAC" \
-            "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \
+            "$P_SRV dtls=1 response_size=1 force_version=dtls12 trunc_hmac=1 etm=0" \
             "$P_CLI dtls=1 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
             0 \
             -c "Read from server: 1 bytes read"
 
 # A test for extensions in SSLv3
-
-requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
+requires_max_content_len 4096
 run_test    "SSLv3 with extensions, server side" \
             "$P_SRV min_version=ssl3 debug_level=3" \
             "$P_CLI force_version=ssl3 tickets=1 max_frag_len=4096 alpn=abc,1234" \
@@ -6553,7 +7245,6 @@ fragments_for_write() {
     echo "$(( ( $1 + $MAX_OUT_LEN - 1 ) / $MAX_OUT_LEN ))"
 }
 
-requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
 run_test    "Large client packet SSLv3 BlockCipher" \
             "$P_SRV min_version=ssl3" \
             "$P_CLI request_size=16384 force_version=ssl3 recsplit=0 \
@@ -6562,7 +7253,6 @@ run_test    "Large client packet SSLv3 BlockCipher" \
             -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
             -s "Read from client: $MAX_CONTENT_LEN bytes read"
 
-requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
 run_test    "Large client packet SSLv3 StreamCipher" \
             "$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
             "$P_CLI request_size=16384 force_version=ssl3 \
@@ -6700,7 +7390,7 @@ run_test    "Large client packet TLS 1.1 StreamCipher, without EtM, truncated MA
 
 run_test    "Large client packet TLS 1.2 BlockCipher" \
             "$P_SRV" \
-            "$P_CLI request_size=16384 force_version=tls1_2 \
+            "$P_CLI request_size=16384 force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
             0 \
             -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
@@ -6708,14 +7398,14 @@ run_test    "Large client packet TLS 1.2 BlockCipher" \
 
 run_test    "Large client packet TLS 1.2 BlockCipher, without EtM" \
             "$P_SRV" \
-            "$P_CLI request_size=16384 force_version=tls1_2 etm=0 \
+            "$P_CLI request_size=16384 force_version=tls12 etm=0 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
             0 \
             -s "Read from client: $MAX_CONTENT_LEN bytes read"
 
 run_test    "Large client packet TLS 1.2 BlockCipher larger MAC" \
             "$P_SRV" \
-            "$P_CLI request_size=16384 force_version=tls1_2 \
+            "$P_CLI request_size=16384 force_version=tls12 \
              force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
             0 \
             -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
@@ -6724,7 +7414,7 @@ run_test    "Large client packet TLS 1.2 BlockCipher larger MAC" \
 requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
 run_test    "Large client packet TLS 1.2 BlockCipher, truncated MAC" \
             "$P_SRV trunc_hmac=1" \
-            "$P_CLI request_size=16384 force_version=tls1_2 \
+            "$P_CLI request_size=16384 force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
             0 \
             -s "Read from client: $MAX_CONTENT_LEN bytes read"
@@ -6732,7 +7422,7 @@ run_test    "Large client packet TLS 1.2 BlockCipher, truncated MAC" \
 requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
 run_test    "Large client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
             "$P_SRV trunc_hmac=1" \
-            "$P_CLI request_size=16384 force_version=tls1_2 \
+            "$P_CLI request_size=16384 force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
             0 \
             -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
@@ -6740,7 +7430,7 @@ run_test    "Large client packet TLS 1.2 BlockCipher, without EtM, truncated MAC
 
 run_test    "Large client packet TLS 1.2 StreamCipher" \
             "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
-            "$P_CLI request_size=16384 force_version=tls1_2 \
+            "$P_CLI request_size=16384 force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
             0 \
             -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
@@ -6748,7 +7438,7 @@ run_test    "Large client packet TLS 1.2 StreamCipher" \
 
 run_test    "Large client packet TLS 1.2 StreamCipher, without EtM" \
             "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
-            "$P_CLI request_size=16384 force_version=tls1_2 \
+            "$P_CLI request_size=16384 force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
             0 \
             -s "Read from client: $MAX_CONTENT_LEN bytes read"
@@ -6756,7 +7446,7 @@ run_test    "Large client packet TLS 1.2 StreamCipher, without EtM" \
 requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
 run_test    "Large client packet TLS 1.2 StreamCipher, truncated MAC" \
             "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
-            "$P_CLI request_size=16384 force_version=tls1_2 \
+            "$P_CLI request_size=16384 force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
             0 \
             -s "Read from client: $MAX_CONTENT_LEN bytes read"
@@ -6764,7 +7454,7 @@ run_test    "Large client packet TLS 1.2 StreamCipher, truncated MAC" \
 requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
 run_test    "Large client packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
             "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
-            "$P_CLI request_size=16384 force_version=tls1_2 \
+            "$P_CLI request_size=16384 force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
             0 \
             -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
@@ -6772,7 +7462,7 @@ run_test    "Large client packet TLS 1.2 StreamCipher, without EtM, truncated MA
 
 run_test    "Large client packet TLS 1.2 AEAD" \
             "$P_SRV" \
-            "$P_CLI request_size=16384 force_version=tls1_2 \
+            "$P_CLI request_size=16384 force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
             0 \
             -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
@@ -6780,14 +7470,14 @@ run_test    "Large client packet TLS 1.2 AEAD" \
 
 run_test    "Large client packet TLS 1.2 AEAD shorter tag" \
             "$P_SRV" \
-            "$P_CLI request_size=16384 force_version=tls1_2 \
+            "$P_CLI request_size=16384 force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
             0 \
             -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
             -s "Read from client: $MAX_CONTENT_LEN bytes read"
 
 # Test for large server packets
-requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
+# The tests below fail when the server's OUT_CONTENT_LEN is less than 16384.
 run_test    "Large server packet SSLv3 StreamCipher" \
             "$P_SRV response_size=16384 min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
             "$P_CLI force_version=ssl3 \
@@ -6796,7 +7486,6 @@ run_test    "Large server packet SSLv3 StreamCipher" \
             -c "Read from server: 16384 bytes read"
 
 # Checking next 4 tests logs for 1n-1 split against BEAST too
-requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
 run_test    "Large server packet SSLv3 BlockCipher" \
             "$P_SRV response_size=16384 min_version=ssl3" \
             "$P_CLI force_version=ssl3 recsplit=0 \
@@ -6946,14 +7635,14 @@ run_test    "Large server packet TLS 1.1 StreamCipher, without EtM, truncated MA
 
 run_test    "Large server packet TLS 1.2 BlockCipher" \
             "$P_SRV response_size=16384" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
             0 \
             -c "Read from server: 16384 bytes read"
 
 run_test    "Large server packet TLS 1.2 BlockCipher, without EtM" \
             "$P_SRV response_size=16384" \
-            "$P_CLI force_version=tls1_2 etm=0 \
+            "$P_CLI force_version=tls12 etm=0 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
             0 \
             -s "16384 bytes written in 1 fragments" \
@@ -6961,7 +7650,7 @@ run_test    "Large server packet TLS 1.2 BlockCipher, without EtM" \
 
 run_test    "Large server packet TLS 1.2 BlockCipher larger MAC" \
             "$P_SRV response_size=16384" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
             0 \
             -c "Read from server: 16384 bytes read"
@@ -6969,7 +7658,7 @@ run_test    "Large server packet TLS 1.2 BlockCipher larger MAC" \
 requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
 run_test    "Large server packet TLS 1.2 BlockCipher truncated MAC" \
             "$P_SRV response_size=16384" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
              trunc_hmac=1" \
             0 \
@@ -6977,7 +7666,7 @@ run_test    "Large server packet TLS 1.2 BlockCipher truncated MAC" \
 
 run_test    "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
             "$P_SRV response_size=16384 trunc_hmac=1" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
             0 \
             -s "16384 bytes written in 1 fragments" \
@@ -6985,7 +7674,7 @@ run_test    "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC
 
 run_test    "Large server packet TLS 1.2 StreamCipher" \
             "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
             0 \
             -s "16384 bytes written in 1 fragments" \
@@ -6993,7 +7682,7 @@ run_test    "Large server packet TLS 1.2 StreamCipher" \
 
 run_test    "Large server packet TLS 1.2 StreamCipher, without EtM" \
             "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
             0 \
             -s "16384 bytes written in 1 fragments" \
@@ -7002,7 +7691,7 @@ run_test    "Large server packet TLS 1.2 StreamCipher, without EtM" \
 requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
 run_test    "Large server packet TLS 1.2 StreamCipher truncated MAC" \
             "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
              trunc_hmac=1" \
             0 \
@@ -7011,7 +7700,7 @@ run_test    "Large server packet TLS 1.2 StreamCipher truncated MAC" \
 requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
 run_test    "Large server packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
             "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
             0 \
             -s "16384 bytes written in 1 fragments" \
@@ -7019,20 +7708,22 @@ run_test    "Large server packet TLS 1.2 StreamCipher, without EtM, truncated MA
 
 run_test    "Large server packet TLS 1.2 AEAD" \
             "$P_SRV response_size=16384" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
             0 \
             -c "Read from server: 16384 bytes read"
 
 run_test    "Large server packet TLS 1.2 AEAD shorter tag" \
             "$P_SRV response_size=16384" \
-            "$P_CLI force_version=tls1_2 \
+            "$P_CLI force_version=tls12 \
              force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
             0 \
             -c "Read from server: 16384 bytes read"
 
 # Tests for restartable ECC
 
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
 requires_config_enabled MBEDTLS_ECP_RESTARTABLE
 run_test    "EC restart: TLS, default" \
             "$P_SRV auth_mode=required" \
@@ -7045,6 +7736,8 @@ run_test    "EC restart: TLS, default" \
             -C "mbedtls_ecdh_make_public.*4b00" \
             -C "mbedtls_pk_sign.*4b00"
 
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
 requires_config_enabled MBEDTLS_ECP_RESTARTABLE
 run_test    "EC restart: TLS, max_ops=0" \
             "$P_SRV auth_mode=required" \
@@ -7057,6 +7750,8 @@ run_test    "EC restart: TLS, max_ops=0" \
             -C "mbedtls_ecdh_make_public.*4b00" \
             -C "mbedtls_pk_sign.*4b00"
 
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
 requires_config_enabled MBEDTLS_ECP_RESTARTABLE
 run_test    "EC restart: TLS, max_ops=65535" \
             "$P_SRV auth_mode=required" \
@@ -7069,6 +7764,8 @@ run_test    "EC restart: TLS, max_ops=65535" \
             -C "mbedtls_ecdh_make_public.*4b00" \
             -C "mbedtls_pk_sign.*4b00"
 
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
 requires_config_enabled MBEDTLS_ECP_RESTARTABLE
 run_test    "EC restart: TLS, max_ops=1000" \
             "$P_SRV auth_mode=required" \
@@ -7081,6 +7778,8 @@ run_test    "EC restart: TLS, max_ops=1000" \
             -c "mbedtls_ecdh_make_public.*4b00" \
             -c "mbedtls_pk_sign.*4b00"
 
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
 requires_config_enabled MBEDTLS_ECP_RESTARTABLE
 run_test    "EC restart: TLS, max_ops=1000, badsign" \
             "$P_SRV auth_mode=required \
@@ -7098,6 +7797,8 @@ run_test    "EC restart: TLS, max_ops=1000, badsign" \
             -c "! mbedtls_ssl_handshake returned" \
             -c "X509 - Certificate verification failed"
 
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
 requires_config_enabled MBEDTLS_ECP_RESTARTABLE
 run_test    "EC restart: TLS, max_ops=1000, auth_mode=optional badsign" \
             "$P_SRV auth_mode=required \
@@ -7115,6 +7816,8 @@ run_test    "EC restart: TLS, max_ops=1000, auth_mode=optional badsign" \
             -C "! mbedtls_ssl_handshake returned" \
             -C "X509 - Certificate verification failed"
 
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
 requires_config_enabled MBEDTLS_ECP_RESTARTABLE
 run_test    "EC restart: TLS, max_ops=1000, auth_mode=none badsign" \
             "$P_SRV auth_mode=required \
@@ -7132,6 +7835,8 @@ run_test    "EC restart: TLS, max_ops=1000, auth_mode=none badsign" \
             -C "! mbedtls_ssl_handshake returned" \
             -C "X509 - Certificate verification failed"
 
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
 requires_config_enabled MBEDTLS_ECP_RESTARTABLE
 run_test    "EC restart: DTLS, max_ops=1000" \
             "$P_SRV auth_mode=required dtls=1" \
@@ -7144,6 +7849,8 @@ run_test    "EC restart: DTLS, max_ops=1000" \
             -c "mbedtls_ecdh_make_public.*4b00" \
             -c "mbedtls_pk_sign.*4b00"
 
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
 requires_config_enabled MBEDTLS_ECP_RESTARTABLE
 run_test    "EC restart: TLS, max_ops=1000 no client auth" \
             "$P_SRV" \
@@ -7155,11 +7862,19 @@ run_test    "EC restart: TLS, max_ops=1000 no client auth" \
             -c "mbedtls_ecdh_make_public.*4b00" \
             -C "mbedtls_pk_sign.*4b00"
 
+
+# Restartable is only for ECDHE-ECDSA, with another ciphersuite we expect no
+# restartable behaviour at all (not even client auth).
+# This is the same as "EC restart: TLS, max_ops=1000" except with ECDHE-RSA,
+# and all 4 assertions negated.
 requires_config_enabled MBEDTLS_ECP_RESTARTABLE
-run_test    "EC restart: TLS, max_ops=1000, ECDHE-PSK" \
-            "$P_SRV psk=abc123" \
-            "$P_CLI force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
-             psk=abc123 debug_level=1 ec_max_ops=1000" \
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test    "EC restart: TLS, max_ops=1000, ECDHE-RSA" \
+            "$P_SRV curves=secp256r1 auth_mode=required" \
+            "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \
+             key_file=data_files/server5.key crt_file=data_files/server5.crt  \
+             debug_level=1 ec_max_ops=1000" \
             0 \
             -C "x509_verify_cert.*4b00" \
             -C "mbedtls_pk_verify.*4b00" \
@@ -7202,7 +7917,6 @@ run_test    "SSL async private: sign, delay=2" \
 # Test that the async callback correctly signs the 36-byte hash of TLS 1.0/1.1
 # with RSA PKCS#1v1.5 as used in TLS 1.0/1.1.
 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
 run_test    "SSL async private: sign, RSA, TLS 1.1" \
             "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt \
              async_operations=s async_private_delay1=0 async_private_delay2=0" \
@@ -7808,6 +8522,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 4096
 run_test    "DTLS fragmenting: none (for reference)" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
              crt_file=data_files/server7_int-ca.crt \
@@ -7828,6 +8543,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: server only (max_frag_len)" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
              crt_file=data_files/server7_int-ca.crt \
@@ -7852,6 +8568,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 4096
 run_test    "DTLS fragmenting: server only (more) (max_frag_len)" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
              crt_file=data_files/server7_int-ca.crt \
@@ -7872,6 +8589,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: client-initiated, server only (max_frag_len)" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=none \
              crt_file=data_files/server7_int-ca.crt \
@@ -7899,6 +8617,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: client-initiated, server only (max_frag_len), proxy MTU" \
             -p "$P_PXY mtu=1110" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=none \
@@ -7920,6 +8639,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: client-initiated, both (max_frag_len)" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
              crt_file=data_files/server7_int-ca.crt \
@@ -7947,6 +8667,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: client-initiated, both (max_frag_len), proxy MTU" \
             -p "$P_PXY mtu=1110" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -7967,6 +8688,7 @@ run_test    "DTLS fragmenting: client-initiated, both (max_frag_len), proxy MTU"
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
+requires_max_content_len 4096
 run_test    "DTLS fragmenting: none (for reference) (MTU)" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
              crt_file=data_files/server7_int-ca.crt \
@@ -7986,6 +8708,7 @@ run_test    "DTLS fragmenting: none (for reference) (MTU)" \
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
+requires_max_content_len 4096
 run_test    "DTLS fragmenting: client (MTU)" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
              crt_file=data_files/server7_int-ca.crt \
@@ -8005,6 +8728,7 @@ run_test    "DTLS fragmenting: client (MTU)" \
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: server (MTU)" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
              crt_file=data_files/server7_int-ca.crt \
@@ -8024,6 +8748,7 @@ run_test    "DTLS fragmenting: server (MTU)" \
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: both (MTU=1024)" \
             -p "$P_PXY mtu=1024" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8046,9 +8771,10 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
 requires_config_enabled MBEDTLS_SHA256_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 requires_config_enabled MBEDTLS_AES_C
 requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: both (MTU=512)" \
             -p "$P_PXY mtu=512" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8077,9 +8803,10 @@ not_with_valgrind
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 requires_config_enabled MBEDTLS_AES_C
 requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: proxy MTU: auto-reduction (not valgrind)" \
             -p "$P_PXY mtu=508" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8101,9 +8828,10 @@ only_with_valgrind
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 requires_config_enabled MBEDTLS_AES_C
 requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: proxy MTU: auto-reduction (with valgrind)" \
             -p "$P_PXY mtu=508" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8127,6 +8855,7 @@ not_with_valgrind # spurious autoreduction due to timeout
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: proxy MTU, simple handshake (MTU=1024)" \
             -p "$P_PXY mtu=1024" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8153,9 +8882,10 @@ not_with_valgrind # spurious autoreduction due to timeout
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 requires_config_enabled MBEDTLS_AES_C
 requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: proxy MTU, simple handshake (MTU=512)" \
             -p "$P_PXY mtu=512" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8179,6 +8909,7 @@ not_with_valgrind # spurious autoreduction due to timeout
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=1024)" \
             -p "$P_PXY mtu=1024" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8202,9 +8933,10 @@ not_with_valgrind # spurious autoreduction due to timeout
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 requires_config_enabled MBEDTLS_AES_C
 requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \
             -p "$P_PXY mtu=512" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8238,9 +8970,10 @@ not_with_valgrind # spurious autoreduction due to timeout
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 requires_config_enabled MBEDTLS_AES_C
 requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: proxy MTU, resumed handshake" \
             -p "$P_PXY mtu=1450" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8267,9 +9000,10 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
 requires_config_enabled MBEDTLS_SHA256_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
 requires_config_enabled MBEDTLS_CHACHAPOLY_C
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: proxy MTU, ChachaPoly renego" \
             -p "$P_PXY mtu=512" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8298,10 +9032,11 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
 requires_config_enabled MBEDTLS_SHA256_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
 requires_config_enabled MBEDTLS_AES_C
 requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: proxy MTU, AES-GCM renego" \
             -p "$P_PXY mtu=512" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8330,10 +9065,11 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
 requires_config_enabled MBEDTLS_SHA256_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
 requires_config_enabled MBEDTLS_AES_C
 requires_config_enabled MBEDTLS_CCM_C
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: proxy MTU, AES-CCM renego" \
             -p "$P_PXY mtu=1024" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8362,11 +9098,12 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
 requires_config_enabled MBEDTLS_SHA256_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
 requires_config_enabled MBEDTLS_AES_C
 requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
 requires_config_enabled MBEDTLS_SSL_ENCRYPT_THEN_MAC
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \
             -p "$P_PXY mtu=1024" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8395,10 +9132,11 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
 requires_config_enabled MBEDTLS_SHA256_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
 requires_config_enabled MBEDTLS_AES_C
 requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \
             -p "$P_PXY mtu=1024" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8424,10 +9162,11 @@ run_test    "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 requires_config_enabled MBEDTLS_AES_C
 requires_config_enabled MBEDTLS_GCM_C
 client_needs_more_time 2
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: proxy MTU + 3d" \
             -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \
             "$P_SRV dgram_packing=0 dtls=1 debug_level=2 auth_mode=required \
@@ -8448,10 +9187,11 @@ run_test    "DTLS fragmenting: proxy MTU + 3d" \
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 requires_config_enabled MBEDTLS_AES_C
 requires_config_enabled MBEDTLS_GCM_C
 client_needs_more_time 2
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: proxy MTU + 3d, nbio" \
             -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \
             "$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -8475,14 +9215,14 @@ run_test    "DTLS fragmenting: proxy MTU + 3d, nbio" \
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
 requires_gnutls
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: gnutls server, DTLS 1.2" \
             "$G_SRV -u" \
             "$P_CLI dtls=1 debug_level=2 \
              crt_file=data_files/server8_int-ca2.crt \
              key_file=data_files/server8.key \
-             mtu=512 force_version=dtls1_2" \
+             mtu=512 force_version=dtls12" \
             0 \
             -c "fragmenting handshake message" \
             -C "error"
@@ -8490,8 +9230,8 @@ run_test    "DTLS fragmenting: gnutls server, DTLS 1.2" \
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
 requires_gnutls
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: gnutls server, DTLS 1.0" \
             "$G_SRV -u" \
             "$P_CLI dtls=1 debug_level=2 \
@@ -8507,19 +9247,19 @@ run_test    "DTLS fragmenting: gnutls server, DTLS 1.0" \
 # certificate obtained from the server. Here, however, it
 # connects to 127.0.0.1 while our test certificates use 'localhost'
 # as the server name in the certificate. This will make the
-# certifiate validation fail, but passing --insecure makes
+# certificate validation fail, but passing --insecure makes
 # GnuTLS continue the connection nonetheless.
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
 requires_gnutls
 requires_not_i686
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: gnutls client, DTLS 1.2" \
             "$P_SRV dtls=1 debug_level=2 \
              crt_file=data_files/server7_int-ca.crt \
              key_file=data_files/server7.key \
-             mtu=512 force_version=dtls1_2" \
+             mtu=512 force_version=dtls12" \
             "$G_CLI -u --insecure 127.0.0.1" \
             0 \
             -s "fragmenting handshake message"
@@ -8528,9 +9268,9 @@ run_test    "DTLS fragmenting: gnutls client, DTLS 1.2" \
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
 requires_gnutls
 requires_not_i686
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: gnutls client, DTLS 1.0" \
             "$P_SRV dtls=1 debug_level=2 \
              crt_file=data_files/server7_int-ca.crt \
@@ -8543,13 +9283,13 @@ run_test    "DTLS fragmenting: gnutls client, DTLS 1.0" \
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: openssl server, DTLS 1.2" \
             "$O_SRV -dtls1_2 -verify 10" \
             "$P_CLI dtls=1 debug_level=2 \
              crt_file=data_files/server8_int-ca2.crt \
              key_file=data_files/server8.key \
-             mtu=512 force_version=dtls1_2" \
+             mtu=512 force_version=dtls12" \
             0 \
             -c "fragmenting handshake message" \
             -C "error"
@@ -8557,7 +9297,7 @@ run_test    "DTLS fragmenting: openssl server, DTLS 1.2" \
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: openssl server, DTLS 1.0" \
             "$O_SRV -dtls1 -verify 10" \
             "$P_CLI dtls=1 debug_level=2 \
@@ -8571,12 +9311,12 @@ run_test    "DTLS fragmenting: openssl server, DTLS 1.0" \
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: openssl client, DTLS 1.2" \
             "$P_SRV dtls=1 debug_level=2 \
              crt_file=data_files/server7_int-ca.crt \
              key_file=data_files/server7.key \
-             mtu=512 force_version=dtls1_2" \
+             mtu=512 force_version=dtls12" \
             "$O_CLI -dtls1_2" \
             0 \
             -s "fragmenting handshake message"
@@ -8584,7 +9324,7 @@ run_test    "DTLS fragmenting: openssl client, DTLS 1.2" \
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: openssl client, DTLS 1.0" \
             "$P_SRV dtls=1 debug_level=2 \
              crt_file=data_files/server7_int-ca.crt \
@@ -8602,15 +9342,15 @@ requires_gnutls_next
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
 client_needs_more_time 4
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \
             -p "$P_PXY drop=8 delay=8 duplicate=8" \
             "$G_NEXT_SRV -u" \
             "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
              crt_file=data_files/server8_int-ca2.crt \
              key_file=data_files/server8.key \
-             hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
+             hs_timeout=250-60000 mtu=512 force_version=dtls12" \
             0 \
             -c "fragmenting handshake message" \
             -C "error"
@@ -8619,8 +9359,8 @@ requires_gnutls_next
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
 client_needs_more_time 4
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: 3d, gnutls server, DTLS 1.0" \
             -p "$P_PXY drop=8 delay=8 duplicate=8" \
             "$G_NEXT_SRV -u" \
@@ -8636,14 +9376,14 @@ requires_gnutls_next
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
 client_needs_more_time 4
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \
             -p "$P_PXY drop=8 delay=8 duplicate=8" \
             "$P_SRV dtls=1 debug_level=2 \
              crt_file=data_files/server7_int-ca.crt \
              key_file=data_files/server7.key \
-             hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
+             hs_timeout=250-60000 mtu=512 force_version=dtls12" \
            "$G_NEXT_CLI -u --insecure 127.0.0.1" \
             0 \
             -s "fragmenting handshake message"
@@ -8652,8 +9392,8 @@ requires_gnutls_next
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
 client_needs_more_time 4
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: 3d, gnutls client, DTLS 1.0" \
             -p "$P_PXY drop=8 delay=8 duplicate=8" \
             "$P_SRV dtls=1 debug_level=2 \
@@ -8664,37 +9404,34 @@ run_test    "DTLS fragmenting: 3d, gnutls client, DTLS 1.0" \
             0 \
             -s "fragmenting handshake message"
 
-## Interop test with OpenSSL might trigger a bug in recent versions (including
-## all versions installed on the CI machines), reported here:
-## Bug report: https://github.com/openssl/openssl/issues/6902
-## They should be re-enabled once a fixed version of OpenSSL is available
-## (this should happen in some 1.1.1_ release according to the ticket).
-skip_next_test
+## The two tests below require 1.1.1a or higher version of openssl, otherwise
+## it might trigger a bug due to openssl (https://github.com/openssl/openssl/issues/6902)
+requires_openssl_next
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
 client_needs_more_time 4
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \
             -p "$P_PXY drop=8 delay=8 duplicate=8" \
-            "$O_SRV -dtls1_2 -verify 10" \
+            "$O_NEXT_SRV -dtls1_2 -verify 10" \
             "$P_CLI dtls=1 debug_level=2 \
              crt_file=data_files/server8_int-ca2.crt \
              key_file=data_files/server8.key \
-             hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
+             hs_timeout=250-60000 mtu=512 force_version=dtls12" \
             0 \
             -c "fragmenting handshake message" \
             -C "error"
 
-skip_next_test
+requires_openssl_next
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
 client_needs_more_time 4
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: 3d, openssl server, DTLS 1.0" \
             -p "$P_PXY drop=8 delay=8 duplicate=8" \
-            "$O_SRV -dtls1 -verify 10" \
+            "$O_NEXT_SRV -dtls1 -verify 10" \
             "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
              crt_file=data_files/server8_int-ca2.crt \
              key_file=data_files/server8.key \
@@ -8703,18 +9440,20 @@ run_test    "DTLS fragmenting: 3d, openssl server, DTLS 1.0" \
             -c "fragmenting handshake message" \
             -C "error"
 
+## the two tests below will time out with certain seed.
+## The cause is an openssl bug (https://github.com/openssl/openssl/issues/18887)
 skip_next_test
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
 client_needs_more_time 4
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \
             -p "$P_PXY drop=8 delay=8 duplicate=8" \
             "$P_SRV dtls=1 debug_level=2 \
              crt_file=data_files/server7_int-ca.crt \
              key_file=data_files/server7.key \
-             hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
+             hs_timeout=250-60000 mtu=512 force_version=dtls12" \
             "$O_CLI -dtls1_2" \
             0 \
             -s "fragmenting handshake message"
@@ -8725,8 +9464,8 @@ skip_next_test
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
 client_needs_more_time 4
+requires_max_content_len 2048
 run_test    "DTLS fragmenting: 3d, openssl client, DTLS 1.0" \
             -p "$P_PXY drop=8 delay=8 duplicate=8" \
             "$P_SRV dgram_packing=0 dtls=1 debug_level=2 \
@@ -9394,6 +10133,7 @@ run_test    "DTLS proxy: delay ChangeCipherSpec" \
 
 # Tests for reordering support with DTLS
 
+requires_certificate_authentication
 run_test    "DTLS reordering: Buffer out-of-order handshake message on client" \
             -p "$P_PXY delay_srv=ServerHello" \
             "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
@@ -9410,6 +10150,7 @@ run_test    "DTLS reordering: Buffer out-of-order handshake message on client" \
             -S "Injecting buffered CCS message" \
             -S "Remember CCS message"
 
+requires_certificate_authentication
 run_test    "DTLS reordering: Buffer out-of-order handshake message fragment on client" \
             -p "$P_PXY delay_srv=ServerHello" \
             "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
@@ -9432,6 +10173,7 @@ run_test    "DTLS reordering: Buffer out-of-order handshake message fragment on
 # Certificate message; at the time of writing, together these are aroudn 1200b
 # in size, so that the bound below ensures that the certificate can be reassembled
 # while keeping the ServerKeyExchange.
+requires_certificate_authentication
 requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1300
 run_test    "DTLS reordering: Buffer out-of-order hs msg before reassembling next" \
             -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \
@@ -9453,6 +10195,7 @@ run_test    "DTLS reordering: Buffer out-of-order hs msg before reassembling nex
 # The size constraints ensure that the delayed certificate message can't
 # be reassembled while keeping the ServerKeyExchange message, but it can
 # when dropping it first.
+requires_certificate_authentication
 requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 900
 requires_config_value_at_most "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1299
 run_test    "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg" \
@@ -9472,6 +10215,7 @@ run_test    "DTLS reordering: Buffer out-of-order hs msg before reassembling nex
             -S "Injecting buffered CCS message" \
             -S "Remember CCS message"
 
+requires_certificate_authentication
 run_test    "DTLS reordering: Buffer out-of-order handshake message on server" \
             -p "$P_PXY delay_cli=Certificate" \
             "$P_SRV dgram_packing=0 auth_mode=required cookies=0 dtls=1 debug_level=2 \
@@ -9488,6 +10232,7 @@ run_test    "DTLS reordering: Buffer out-of-order handshake message on server" \
             -S "Injecting buffered CCS message" \
             -S "Remember CCS message"
 
+requires_certificate_authentication
 run_test    "DTLS reordering: Buffer out-of-order CCS message on client"\
             -p "$P_PXY delay_srv=NewSessionTicket" \
             "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
@@ -9504,6 +10249,7 @@ run_test    "DTLS reordering: Buffer out-of-order CCS message on client"\
             -S "Injecting buffered CCS message" \
             -S "Remember CCS message"
 
+requires_certificate_authentication
 run_test    "DTLS reordering: Buffer out-of-order CCS message on server"\
             -p "$P_PXY delay_cli=ClientKeyExchange" \
             "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
@@ -9630,6 +10376,7 @@ run_test    "DTLS proxy: 3d, max handshake, nbio" \
             -c "HTTP/1.0 200 OK"
 
 client_needs_more_time 4
+requires_config_enabled MBEDTLS_SSL_CACHE_C
 run_test    "DTLS proxy: 3d, min handshake, resumption" \
             -p "$P_PXY drop=5 delay=5 duplicate=5" \
             "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
@@ -9644,6 +10391,7 @@ run_test    "DTLS proxy: 3d, min handshake, resumption" \
             -c "HTTP/1.0 200 OK"
 
 client_needs_more_time 4
+requires_config_enabled MBEDTLS_SSL_CACHE_C
 run_test    "DTLS proxy: 3d, min handshake, resumption, nbio" \
             -p "$P_PXY drop=5 delay=5 duplicate=5" \
             "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
@@ -9719,37 +10467,34 @@ run_test    "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \
             -s "Extra-header:" \
             -c "HTTP/1.0 200 OK"
 
-## Interop tests with OpenSSL might trigger a bug in recent versions (including
-## all versions installed on the CI machines), reported here:
-## Bug report: https://github.com/openssl/openssl/issues/6902
-## They should be re-enabled once a fixed version of OpenSSL is available
-## (this should happen in some 1.1.1_ release according to the ticket).
-skip_next_test
+## The three tests below require 1.1.1a or higher version of openssl, otherwise
+## it might trigger a bug due to openssl (https://github.com/openssl/openssl/issues/6902)
+requires_openssl_next
 client_needs_more_time 6
 not_with_valgrind # risk of non-mbedtls peer timing out
 run_test    "DTLS proxy: 3d, openssl server" \
             -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
-            "$O_SRV -dtls1 -mtu 2048" \
+            "$O_NEXT_SRV -dtls1 -mtu 2048" \
             "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \
             0 \
             -c "HTTP/1.0 200 OK"
 
-skip_next_test # see above
+requires_openssl_next
 client_needs_more_time 8
 not_with_valgrind # risk of non-mbedtls peer timing out
 run_test    "DTLS proxy: 3d, openssl server, fragmentation" \
             -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
-            "$O_SRV -dtls1 -mtu 768" \
+            "$O_NEXT_SRV -dtls1 -mtu 768" \
             "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \
             0 \
             -c "HTTP/1.0 200 OK"
 
-skip_next_test # see above
+requires_openssl_next
 client_needs_more_time 8
 not_with_valgrind # risk of non-mbedtls peer timing out
 run_test    "DTLS proxy: 3d, openssl server, fragmentation, nbio" \
             -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
-            "$O_SRV -dtls1 -mtu 768" \
+            "$O_NEXT_SRV -dtls1 -mtu 768" \
             "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2 tickets=0" \
             0 \
             -c "HTTP/1.0 200 OK"
@@ -9807,6 +10552,7 @@ run_test    "export keys functionality" \
 requires_config_enabled MBEDTLS_MEMORY_DEBUG
 requires_config_enabled MBEDTLS_MEMORY_BUFFER_ALLOC_C
 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 16384
 run_tests_memory_after_hanshake
 
 # Final report
@@ -9821,4 +10567,9 @@ fi
 PASSES=$(( $TESTS - $FAILS ))
 echo " ($PASSES / $TESTS tests ($SKIPS skipped))"
 
+if [ $FAILS -gt 255 ]; then
+    # Clamp at 255 as caller gets exit code & 0xFF
+    # (so 256 would be 0, or success, etc)
+    FAILS=255
+fi
 exit $FAILS
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/helpers.function b/3rdparty/mbedtls-2.28.7/tests/suites/helpers.function
new file mode 100644
index 0000000..12828f5
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/helpers.function
@@ -0,0 +1,118 @@
+#line 2 "suites/helpers.function"
+/*----------------------------------------------------------------------------*/
+/* Headers */
+
+#include <test/arguments.h>
+#include <test/helpers.h>
+#include <test/macros.h>
+#include <test/random.h>
+#include <test/psa_crypto_helpers.h>
+
+#include <errno.h>
+#include <limits.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+#include "mbedtls/memory_buffer_alloc.h"
+#endif
+
+#if defined(MBEDTLS_CHECK_PARAMS)
+#include "mbedtls/platform_util.h"
+#include <setjmp.h>
+#endif
+
+#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
+#include <unistd.h>
+#endif
+
+/*----------------------------------------------------------------------------*/
+/* Status and error constants */
+
+#define DEPENDENCY_SUPPORTED            0   /* Dependency supported by build */
+#define KEY_VALUE_MAPPING_FOUND         0   /* Integer expression found */
+#define DISPATCH_TEST_SUCCESS           0   /* Test dispatch successful */
+
+#define KEY_VALUE_MAPPING_NOT_FOUND     -1  /* Integer expression not found */
+#define DEPENDENCY_NOT_SUPPORTED        -2  /* Dependency not supported */
+#define DISPATCH_TEST_FN_NOT_FOUND      -3  /* Test function not found */
+#define DISPATCH_INVALID_TEST_DATA      -4  /* Invalid test parameter type.
+                                               Only int, string, binary data
+                                               and integer expressions are
+                                               allowed */
+#define DISPATCH_UNSUPPORTED_SUITE      -5  /* Test suite not supported by the
+                                               build */
+
+/*----------------------------------------------------------------------------*/
+/* Global variables */
+
+#if defined(MBEDTLS_CHECK_PARAMS)
+jmp_buf jmp_tmp;
+#endif
+
+/*----------------------------------------------------------------------------*/
+/* Helper flags for complex dependencies */
+
+/* Indicates whether we expect mbedtls_entropy_init
+ * to initialize some strong entropy source. */
+#if defined(MBEDTLS_TEST_NULL_ENTROPY) ||             \
+    (!defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) && \
+    (!defined(MBEDTLS_NO_PLATFORM_ENTROPY)  ||     \
+    defined(MBEDTLS_HAVEGE_C)             ||     \
+    defined(MBEDTLS_ENTROPY_HARDWARE_ALT) ||     \
+    defined(ENTROPY_NV_SEED)))
+#define ENTROPY_HAVE_STRONG
+#endif
+
+
+/*----------------------------------------------------------------------------*/
+/* Helper Functions */
+
+#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
+static int redirect_output(FILE *out_stream, const char *path)
+{
+    int out_fd, dup_fd;
+    FILE *path_stream;
+
+    out_fd = fileno(out_stream);
+    dup_fd = dup(out_fd);
+
+    if (dup_fd == -1) {
+        return -1;
+    }
+
+    path_stream = fopen(path, "w");
+    if (path_stream == NULL) {
+        close(dup_fd);
+        return -1;
+    }
+
+    fflush(out_stream);
+    if (dup2(fileno(path_stream), out_fd) == -1) {
+        close(dup_fd);
+        fclose(path_stream);
+        return -1;
+    }
+
+    fclose(path_stream);
+    return dup_fd;
+}
+
+static int restore_output(FILE *out_stream, int dup_fd)
+{
+    int out_fd = fileno(out_stream);
+
+    fflush(out_stream);
+    if (dup2(dup_fd, out_fd) == -1) {
+        close(out_fd);
+        close(dup_fd);
+        return -1;
+    }
+
+    close(dup_fd);
+    return 0;
+}
+#endif /* __unix__ || __APPLE__ __MACH__ */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/host_test.function b/3rdparty/mbedtls-2.28.7/tests/suites/host_test.function
new file mode 100644
index 0000000..06f391f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/host_test.function
@@ -0,0 +1,740 @@
+#line 2 "suites/host_test.function"
+
+/**
+ * \brief       Verifies that string is in string parameter format i.e. "<str>"
+ *              It also strips enclosing '"' from the input string.
+ *
+ * \param str   String parameter.
+ *
+ * \return      0 if success else 1
+ */
+int verify_string(char **str)
+{
+    if ((*str)[0] != '"' ||
+        (*str)[strlen(*str) - 1] != '"') {
+        mbedtls_fprintf(stderr,
+                        "Expected string (with \"\") for parameter and got: %s\n", *str);
+        return -1;
+    }
+
+    (*str)++;
+    (*str)[strlen(*str) - 1] = '\0';
+
+    return 0;
+}
+
+/**
+ * \brief       Verifies that string is an integer. Also gives the converted
+ *              integer value.
+ *
+ * \param str   Input string.
+ * \param p_value Pointer to output value.
+ *
+ * \return      0 if success else 1
+ */
+int verify_int(char *str, intmax_t *p_value)
+{
+    char *end = NULL;
+    errno = 0;
+    /* Limit the range to long: for large integers, the test framework will
+     * use expressions anyway. */
+    long value = strtol(str, &end, 0);
+    if (errno == EINVAL || *end != '\0') {
+        mbedtls_fprintf(stderr,
+                        "Expected integer for parameter and got: %s\n", str);
+        return KEY_VALUE_MAPPING_NOT_FOUND;
+    }
+    if (errno == ERANGE) {
+        mbedtls_fprintf(stderr, "Integer out of range: %s\n", str);
+        return KEY_VALUE_MAPPING_NOT_FOUND;
+    }
+    *p_value = value;
+    return 0;
+}
+
+
+/**
+ * \brief       Usage string.
+ *
+ */
+#define USAGE \
+    "Usage: %s [OPTIONS] files...\n\n" \
+    "   Command line arguments:\n" \
+    "     files...          One or more test data files. If no file is\n" \
+    "                       specified the following default test case\n" \
+    "                       file is used:\n" \
+    "                           %s\n\n" \
+    "   Options:\n" \
+    "     -v | --verbose    Display full information about each test\n" \
+    "     -h | --help       Display this information\n\n", \
+    argv[0], \
+    "TESTCASE_FILENAME"
+
+
+/**
+ * \brief       Read a line from the passed file pointer.
+ *
+ * \param f     FILE pointer
+ * \param buf   Pointer to memory to hold read line.
+ * \param len   Length of the buf.
+ *
+ * \return      0 if success else -1
+ */
+int get_line(FILE *f, char *buf, size_t len)
+{
+    char *ret;
+    int i = 0, str_len = 0, has_string = 0;
+
+    /* Read until we get a valid line */
+    do {
+        ret = fgets(buf, len, f);
+        if (ret == NULL) {
+            return -1;
+        }
+
+        str_len = strlen(buf);
+
+        /* Skip empty line and comment */
+        if (str_len == 0 || buf[0] == '#') {
+            continue;
+        }
+        has_string = 0;
+        for (i = 0; i < str_len; i++) {
+            char c = buf[i];
+            if (c != ' ' && c != '\t' && c != '\n' &&
+                c != '\v' && c != '\f' && c != '\r') {
+                has_string = 1;
+                break;
+            }
+        }
+    } while (!has_string);
+
+    /* Strip new line and carriage return */
+    ret = buf + strlen(buf);
+    if (ret-- > buf && *ret == '\n') {
+        *ret = '\0';
+    }
+    if (ret-- > buf && *ret == '\r') {
+        *ret = '\0';
+    }
+
+    return 0;
+}
+
+/**
+ * \brief       Splits string delimited by ':'. Ignores '\:'.
+ *
+ * \param buf           Input string
+ * \param len           Input string length
+ * \param params        Out params found
+ * \param params_len    Out params array len
+ *
+ * \return      Count of strings found.
+ */
+static int parse_arguments(char *buf, size_t len, char **params,
+                           size_t params_len)
+{
+    size_t cnt = 0, i;
+    char *cur = buf;
+    char *p = buf, *q;
+
+    params[cnt++] = cur;
+
+    while (*p != '\0' && p < (buf + len)) {
+        if (*p == '\\') {
+            p++;
+            p++;
+            continue;
+        }
+        if (*p == ':') {
+            if (p + 1 < buf + len) {
+                cur = p + 1;
+                TEST_HELPER_ASSERT(cnt < params_len);
+                params[cnt++] = cur;
+            }
+            *p = '\0';
+        }
+
+        p++;
+    }
+
+    /* Replace backslash escapes in strings */
+    for (i = 0; i < cnt; i++) {
+        p = params[i];
+        q = params[i];
+
+        while (*p != '\0') {
+            if (*p == '\\') {
+                ++p;
+                switch (*p) {
+                    case 'n':
+                        *p = '\n';
+                        break;
+                    default:
+                        // Fall through to copying *p
+                        break;
+                }
+            }
+            *(q++) = *(p++);
+        }
+        *q = '\0';
+    }
+
+    return cnt;
+}
+
+/**
+ * \brief       Converts parameters into test function consumable parameters.
+ *              Example: Input:  {"int", "0", "char*", "Hello",
+ *                                "hex", "abef", "exp", "1"}
+ *                      Output:  {
+ *                                0,                // Verified int
+ *                                "Hello",          // Verified string
+ *                                2, { 0xab, 0xef },// Converted len,hex pair
+ *                                9600              // Evaluated expression
+ *                               }
+ *
+ *
+ * \param cnt               Parameter array count.
+ * \param params            Out array of found parameters.
+ * \param int_params_store  Memory for storing processed integer parameters.
+ *
+ * \return      0 for success else 1
+ */
+static int convert_params(size_t cnt, char **params,
+                          mbedtls_test_argument_t *int_params_store)
+{
+    char **cur = params;
+    char **out = params;
+    int ret = DISPATCH_TEST_SUCCESS;
+
+    while (cur < params + cnt) {
+        char *type = *cur++;
+        char *val = *cur++;
+
+        if (strcmp(type, "char*") == 0) {
+            if (verify_string(&val) == 0) {
+                *out++ = val;
+            } else {
+                ret = (DISPATCH_INVALID_TEST_DATA);
+                break;
+            }
+        } else if (strcmp(type, "int") == 0) {
+            if (verify_int(val, &int_params_store->sint) == 0) {
+                *out++ = (char *) int_params_store++;
+            } else {
+                ret = (DISPATCH_INVALID_TEST_DATA);
+                break;
+            }
+        } else if (strcmp(type, "hex") == 0) {
+            if (verify_string(&val) == 0) {
+                size_t len;
+
+                TEST_HELPER_ASSERT(
+                    mbedtls_test_unhexify((unsigned char *) val, strlen(val),
+                                          val, &len) == 0);
+
+                int_params_store->len = len;
+                *out++ = val;
+                *out++ = (char *) (int_params_store++);
+            } else {
+                ret = (DISPATCH_INVALID_TEST_DATA);
+                break;
+            }
+        } else if (strcmp(type, "exp") == 0) {
+            int exp_id = strtol(val, NULL, 10);
+            if (get_expression(exp_id, &int_params_store->sint) == 0) {
+                *out++ = (char *) int_params_store++;
+            } else {
+                ret = (DISPATCH_INVALID_TEST_DATA);
+                break;
+            }
+        } else {
+            ret = (DISPATCH_INVALID_TEST_DATA);
+            break;
+        }
+    }
+    return ret;
+}
+
+/**
+ * \brief       Tests snprintf implementation with test input.
+ *
+ * \note
+ * At high optimization levels (e.g. gcc -O3), this function may be
+ * inlined in run_test_snprintf. This can trigger a spurious warning about
+ * potential misuse of snprintf from gcc -Wformat-truncation (observed with
+ * gcc 7.2). This warning makes tests in run_test_snprintf redundant on gcc
+ * only. They are still valid for other compilers. Avoid this warning by
+ * forbidding inlining of this function by gcc.
+ *
+ * \param n         Buffer test length.
+ * \param ref_buf   Expected buffer.
+ * \param ref_ret   Expected snprintf return value.
+ *
+ * \return      0 for success else 1
+ */
+#if defined(__GNUC__)
+__attribute__((__noinline__))
+#endif
+static int test_snprintf(size_t n, const char *ref_buf, int ref_ret)
+{
+    int ret;
+    char buf[10] = "xxxxxxxxx";
+    const char ref[10] = "xxxxxxxxx";
+
+    if (n >= sizeof(buf)) {
+        return -1;
+    }
+    ret = mbedtls_snprintf(buf, n, "%s", "123");
+    if (ret < 0 || (size_t) ret >= n) {
+        ret = -1;
+    }
+
+    if (strncmp(ref_buf, buf, sizeof(buf)) != 0 ||
+        ref_ret != ret ||
+        memcmp(buf + n, ref + n, sizeof(buf) - n) != 0) {
+        return 1;
+    }
+
+    return 0;
+}
+
+/**
+ * \brief       Tests snprintf implementation.
+ *
+ * \return      0 for success else 1
+ */
+static int run_test_snprintf(void)
+{
+    return test_snprintf(0, "xxxxxxxxx",  -1) != 0 ||
+           test_snprintf(1, "",           -1) != 0 ||
+           test_snprintf(2, "1",          -1) != 0 ||
+           test_snprintf(3, "12",         -1) != 0 ||
+           test_snprintf(4, "123",         3) != 0 ||
+           test_snprintf(5, "123",         3) != 0;
+}
+
+/** \brief Write the description of the test case to the outcome CSV file.
+ *
+ * \param outcome_file  The file to write to.
+ *                      If this is \c NULL, this function does nothing.
+ * \param argv0         The test suite name.
+ * \param test_case     The test case description.
+ */
+static void write_outcome_entry(FILE *outcome_file,
+                                const char *argv0,
+                                const char *test_case)
+{
+    /* The non-varying fields are initialized on first use. */
+    static const char *platform = NULL;
+    static const char *configuration = NULL;
+    static const char *test_suite = NULL;
+
+    if (outcome_file == NULL) {
+        return;
+    }
+
+    if (platform == NULL) {
+        platform = getenv("MBEDTLS_TEST_PLATFORM");
+        if (platform == NULL) {
+            platform = "unknown";
+        }
+    }
+    if (configuration == NULL) {
+        configuration = getenv("MBEDTLS_TEST_CONFIGURATION");
+        if (configuration == NULL) {
+            configuration = "unknown";
+        }
+    }
+    if (test_suite == NULL) {
+        test_suite = strrchr(argv0, '/');
+        if (test_suite != NULL) {
+            test_suite += 1; // skip the '/'
+        } else {
+            test_suite = argv0;
+        }
+    }
+
+    /* Write the beginning of the outcome line.
+     * Ignore errors: writing the outcome file is on a best-effort basis. */
+    mbedtls_fprintf(outcome_file, "%s;%s;%s;%s;",
+                    platform, configuration, test_suite, test_case);
+}
+
+/** \brief Write the result of the test case to the outcome CSV file.
+ *
+ * \param outcome_file  The file to write to.
+ *                      If this is \c NULL, this function does nothing.
+ * \param unmet_dep_count            The number of unmet dependencies.
+ * \param unmet_dependencies         The array of unmet dependencies.
+ * \param missing_unmet_dependencies Non-zero if there was a problem tracking
+ *                                   all unmet dependencies, 0 otherwise.
+ * \param ret                        The test dispatch status (DISPATCH_xxx).
+ * \param info                       A pointer to the test info structure.
+ */
+static void write_outcome_result(FILE *outcome_file,
+                                 size_t unmet_dep_count,
+                                 int unmet_dependencies[],
+                                 int missing_unmet_dependencies,
+                                 int ret,
+                                 const mbedtls_test_info_t *info)
+{
+    if (outcome_file == NULL) {
+        return;
+    }
+
+    /* Write the end of the outcome line.
+     * Ignore errors: writing the outcome file is on a best-effort basis. */
+    switch (ret) {
+        case DISPATCH_TEST_SUCCESS:
+            if (unmet_dep_count > 0) {
+                size_t i;
+                mbedtls_fprintf(outcome_file, "SKIP");
+                for (i = 0; i < unmet_dep_count; i++) {
+                    mbedtls_fprintf(outcome_file, "%c%d",
+                                    i == 0 ? ';' : ':',
+                                    unmet_dependencies[i]);
+                }
+                if (missing_unmet_dependencies) {
+                    mbedtls_fprintf(outcome_file, ":...");
+                }
+                break;
+            }
+            switch (info->result) {
+                case MBEDTLS_TEST_RESULT_SUCCESS:
+                    mbedtls_fprintf(outcome_file, "PASS;");
+                    break;
+                case MBEDTLS_TEST_RESULT_SKIPPED:
+                    mbedtls_fprintf(outcome_file, "SKIP;Runtime skip");
+                    break;
+                default:
+                    mbedtls_fprintf(outcome_file, "FAIL;%s:%d:%s",
+                                    info->filename, info->line_no,
+                                    info->test);
+                    break;
+            }
+            break;
+        case DISPATCH_TEST_FN_NOT_FOUND:
+            mbedtls_fprintf(outcome_file, "FAIL;Test function not found");
+            break;
+        case DISPATCH_INVALID_TEST_DATA:
+            mbedtls_fprintf(outcome_file, "FAIL;Invalid test data");
+            break;
+        case DISPATCH_UNSUPPORTED_SUITE:
+            mbedtls_fprintf(outcome_file, "SKIP;Unsupported suite");
+            break;
+        default:
+            mbedtls_fprintf(outcome_file, "FAIL;Unknown cause");
+            break;
+    }
+    mbedtls_fprintf(outcome_file, "\n");
+    fflush(outcome_file);
+}
+
+/**
+ * \brief       Desktop implementation of execute_tests().
+ *              Parses command line and executes tests from
+ *              supplied or default data file.
+ *
+ * \param argc  Command line argument count.
+ * \param argv  Argument array.
+ *
+ * \return      Program exit status.
+ */
+int execute_tests(int argc, const char **argv)
+{
+    /* Local Configurations and options */
+    const char *default_filename = "DATA_FILE";
+    const char *test_filename = NULL;
+    const char **test_files = NULL;
+    size_t testfile_count = 0;
+    int option_verbose = 0;
+    size_t function_id = 0;
+
+    /* Other Local variables */
+    int arg_index = 1;
+    const char *next_arg;
+    size_t testfile_index, i, cnt;
+    int ret;
+    unsigned total_errors = 0, total_tests = 0, total_skipped = 0;
+    FILE *file;
+    char buf[5000];
+    char *params[50];
+    /* Store for processed integer params. */
+    mbedtls_test_argument_t int_params[50];
+    void *pointer;
+#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
+    int stdout_fd = -1;
+#endif /* __unix__ || __APPLE__ __MACH__ */
+    const char *outcome_file_name = getenv("MBEDTLS_TEST_OUTCOME_FILE");
+    FILE *outcome_file = NULL;
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \
+    !defined(TEST_SUITE_MEMORY_BUFFER_ALLOC)
+    unsigned char alloc_buf[1000000];
+    mbedtls_memory_buffer_alloc_init(alloc_buf, sizeof(alloc_buf));
+#endif
+
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+    mbedtls_test_mutex_usage_init();
+#endif
+
+    /*
+     * The C standard doesn't guarantee that all-bits-0 is the representation
+     * of a NULL pointer. We do however use that in our code for initializing
+     * structures, which should work on every modern platform. Let's be sure.
+     */
+    memset(&pointer, 0, sizeof(void *));
+    if (pointer != NULL) {
+        mbedtls_fprintf(stderr, "all-bits-zero is not a NULL pointer\n");
+        return 1;
+    }
+
+    /*
+     * Make sure we have a snprintf that correctly zero-terminates
+     */
+    if (run_test_snprintf() != 0) {
+        mbedtls_fprintf(stderr, "the snprintf implementation is broken\n");
+        return 1;
+    }
+
+    if (outcome_file_name != NULL && *outcome_file_name != '\0') {
+        outcome_file = fopen(outcome_file_name, "a");
+        if (outcome_file == NULL) {
+            mbedtls_fprintf(stderr, "Unable to open outcome file. Continuing anyway.\n");
+        }
+    }
+
+    while (arg_index < argc) {
+        next_arg = argv[arg_index];
+
+        if (strcmp(next_arg, "--verbose") == 0 ||
+            strcmp(next_arg, "-v") == 0) {
+            option_verbose = 1;
+        } else if (strcmp(next_arg, "--help") == 0 ||
+                   strcmp(next_arg, "-h") == 0) {
+            mbedtls_fprintf(stdout, USAGE);
+            mbedtls_exit(EXIT_SUCCESS);
+        } else {
+            /* Not an option, therefore treat all further arguments as the file
+             * list.
+             */
+            test_files = &argv[arg_index];
+            testfile_count = argc - arg_index;
+            break;
+        }
+
+        arg_index++;
+    }
+
+    /* If no files were specified, assume a default */
+    if (test_files == NULL || testfile_count == 0) {
+        test_files = &default_filename;
+        testfile_count = 1;
+    }
+
+    /* Initialize the struct that holds information about the last test */
+    mbedtls_test_info_reset();
+
+    /* Now begin to execute the tests in the testfiles */
+    for (testfile_index = 0;
+         testfile_index < testfile_count;
+         testfile_index++) {
+        size_t unmet_dep_count = 0;
+        int unmet_dependencies[20];
+        int missing_unmet_dependencies = 0;
+
+        test_filename = test_files[testfile_index];
+
+        file = fopen(test_filename, "r");
+        if (file == NULL) {
+            mbedtls_fprintf(stderr, "Failed to open test file: %s\n",
+                            test_filename);
+            if (outcome_file != NULL) {
+                fclose(outcome_file);
+            }
+            return 1;
+        }
+
+        while (!feof(file)) {
+            if (unmet_dep_count > 0) {
+                mbedtls_fprintf(stderr,
+                                "FATAL: Dep count larger than zero at start of loop\n");
+                mbedtls_exit(MBEDTLS_EXIT_FAILURE);
+            }
+            unmet_dep_count = 0;
+            missing_unmet_dependencies = 0;
+
+            if ((ret = get_line(file, buf, sizeof(buf))) != 0) {
+                break;
+            }
+            mbedtls_fprintf(stdout, "%s%.66s",
+                            mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED ?
+                            "\n" : "", buf);
+            mbedtls_fprintf(stdout, " ");
+            for (i = strlen(buf) + 1; i < 67; i++) {
+                mbedtls_fprintf(stdout, ".");
+            }
+            mbedtls_fprintf(stdout, " ");
+            fflush(stdout);
+            write_outcome_entry(outcome_file, argv[0], buf);
+
+            total_tests++;
+
+            if ((ret = get_line(file, buf, sizeof(buf))) != 0) {
+                break;
+            }
+            cnt = parse_arguments(buf, strlen(buf), params,
+                                  sizeof(params) / sizeof(params[0]));
+
+            if (strcmp(params[0], "depends_on") == 0) {
+                for (i = 1; i < cnt; i++) {
+                    int dep_id = strtol(params[i], NULL, 10);
+                    if (dep_check(dep_id) != DEPENDENCY_SUPPORTED) {
+                        if (unmet_dep_count <
+                            ARRAY_LENGTH(unmet_dependencies)) {
+                            unmet_dependencies[unmet_dep_count] = dep_id;
+                            unmet_dep_count++;
+                        } else {
+                            missing_unmet_dependencies = 1;
+                        }
+                    }
+                }
+
+                if ((ret = get_line(file, buf, sizeof(buf))) != 0) {
+                    break;
+                }
+                cnt = parse_arguments(buf, strlen(buf), params,
+                                      sizeof(params) / sizeof(params[0]));
+            }
+
+            // If there are no unmet dependencies execute the test
+            if (unmet_dep_count == 0) {
+                mbedtls_test_info_reset();
+
+#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
+                /* Suppress all output from the library unless we're verbose
+                 * mode
+                 */
+                if (!option_verbose) {
+                    stdout_fd = redirect_output(stdout, "/dev/null");
+                    if (stdout_fd == -1) {
+                        /* Redirection has failed with no stdout so exit */
+                        exit(1);
+                    }
+                }
+#endif /* __unix__ || __APPLE__ __MACH__ */
+
+                function_id = strtoul(params[0], NULL, 10);
+                if ((ret = check_test(function_id)) == DISPATCH_TEST_SUCCESS) {
+                    ret = convert_params(cnt - 1, params + 1, int_params);
+                    if (DISPATCH_TEST_SUCCESS == ret) {
+                        ret = dispatch_test(function_id, (void **) (params + 1));
+                    }
+                }
+
+#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
+                if (!option_verbose && restore_output(stdout, stdout_fd)) {
+                    /* Redirection has failed with no stdout so exit */
+                    exit(1);
+                }
+#endif /* __unix__ || __APPLE__ __MACH__ */
+
+            }
+
+            write_outcome_result(outcome_file,
+                                 unmet_dep_count, unmet_dependencies,
+                                 missing_unmet_dependencies,
+                                 ret, &mbedtls_test_info);
+            if (unmet_dep_count > 0 || ret == DISPATCH_UNSUPPORTED_SUITE) {
+                total_skipped++;
+                mbedtls_fprintf(stdout, "----");
+
+                if (1 == option_verbose && ret == DISPATCH_UNSUPPORTED_SUITE) {
+                    mbedtls_fprintf(stdout, "\n   Test Suite not enabled");
+                }
+
+                if (1 == option_verbose && unmet_dep_count > 0) {
+                    mbedtls_fprintf(stdout, "\n   Unmet dependencies: ");
+                    for (i = 0; i < unmet_dep_count; i++) {
+                        mbedtls_fprintf(stdout, "%d ",
+                                        unmet_dependencies[i]);
+                    }
+                    if (missing_unmet_dependencies) {
+                        mbedtls_fprintf(stdout, "...");
+                    }
+                }
+                mbedtls_fprintf(stdout, "\n");
+                fflush(stdout);
+
+                unmet_dep_count = 0;
+                missing_unmet_dependencies = 0;
+            } else if (ret == DISPATCH_TEST_SUCCESS) {
+                if (mbedtls_test_info.result == MBEDTLS_TEST_RESULT_SUCCESS) {
+                    mbedtls_fprintf(stdout, "PASS\n");
+                } else if (mbedtls_test_info.result == MBEDTLS_TEST_RESULT_SKIPPED) {
+                    mbedtls_fprintf(stdout, "----\n");
+                    total_skipped++;
+                } else {
+                    total_errors++;
+                    mbedtls_fprintf(stdout, "FAILED\n");
+                    mbedtls_fprintf(stdout, "  %s\n  at ",
+                                    mbedtls_test_info.test);
+                    if (mbedtls_test_info.step != (unsigned long) (-1)) {
+                        mbedtls_fprintf(stdout, "step %lu, ",
+                                        mbedtls_test_info.step);
+                    }
+                    mbedtls_fprintf(stdout, "line %d, %s",
+                                    mbedtls_test_info.line_no,
+                                    mbedtls_test_info.filename);
+                    if (mbedtls_test_info.line1[0] != 0) {
+                        mbedtls_fprintf(stdout, "\n  %s",
+                                        mbedtls_test_info.line1);
+                    }
+                    if (mbedtls_test_info.line2[0] != 0) {
+                        mbedtls_fprintf(stdout, "\n  %s",
+                                        mbedtls_test_info.line2);
+                    }
+                }
+                fflush(stdout);
+            } else if (ret == DISPATCH_INVALID_TEST_DATA) {
+                mbedtls_fprintf(stderr, "FAILED: FATAL PARSE ERROR\n");
+                fclose(file);
+                mbedtls_exit(2);
+            } else if (ret == DISPATCH_TEST_FN_NOT_FOUND) {
+                mbedtls_fprintf(stderr, "FAILED: FATAL TEST FUNCTION NOT FOUND\n");
+                fclose(file);
+                mbedtls_exit(2);
+            } else {
+                total_errors++;
+            }
+        }
+        fclose(file);
+    }
+
+    if (outcome_file != NULL) {
+        fclose(outcome_file);
+    }
+
+    mbedtls_fprintf(stdout,
+                    "\n----------------------------------------------------------------------------\n\n");
+    if (total_errors == 0) {
+        mbedtls_fprintf(stdout, "PASSED");
+    } else {
+        mbedtls_fprintf(stdout, "FAILED");
+    }
+
+    mbedtls_fprintf(stdout, " (%u / %u tests (%u skipped))\n",
+                    total_tests - total_errors, total_tests, total_skipped);
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \
+    !defined(TEST_SUITE_MEMORY_BUFFER_ALLOC)
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    mbedtls_memory_buffer_alloc_status();
+#endif
+    mbedtls_memory_buffer_alloc_free();
+#endif
+
+    return total_errors != 0;
+}
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/main_test.function b/3rdparty/mbedtls-2.28.7/tests/suites/main_test.function
new file mode 100644
index 0000000..335ce84
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/main_test.function
@@ -0,0 +1,292 @@
+#line 2 "suites/main_test.function"
+/*
+ * *** THIS FILE HAS BEEN MACHINE GENERATED ***
+ *
+ * This file has been machine generated using the script:
+ * __MBEDTLS_TEST_TEMPLATE__GENERATOR_SCRIPT
+ *
+ * Test file      : __MBEDTLS_TEST_TEMPLATE__TEST_FILE
+ *
+ * The following files were used to create this file.
+ *
+ *      Main code file      : __MBEDTLS_TEST_TEMPLATE__TEST_MAIN_FILE
+ *      Platform code file  : __MBEDTLS_TEST_TEMPLATE__TEST_PLATFORM_FILE
+ *      Helper file         : __MBEDTLS_TEST_TEMPLATE__TEST_COMMON_HELPER_FILE
+ *      Test suite file     : __MBEDTLS_TEST_TEMPLATE__TEST_CASE_FILE
+ *      Test suite data     : __MBEDTLS_TEST_TEMPLATE__TEST_CASE_DATA_FILE
+ *
+ */
+
+#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
+#if !defined(_POSIX_C_SOURCE)
+#define _POSIX_C_SOURCE 200112L // for fileno() from <stdio.h>
+#endif
+#endif
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include <mbedtls/config.h>
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_TEST_HOOKS)
+#include "mbedtls/error.h"
+#endif
+
+/* Test code may use deprecated identifiers only if the preprocessor symbol
+ * MBEDTLS_TEST_DEPRECATED is defined. When building tests, set
+ * MBEDTLS_TEST_DEPRECATED explicitly if MBEDTLS_DEPRECATED_WARNING is
+ * enabled but the corresponding warnings are not treated as errors.
+ */
+#if !defined(MBEDTLS_DEPRECATED_REMOVED) && !defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_TEST_DEPRECATED
+#endif
+
+/*----------------------------------------------------------------------------*/
+/* Common helper code */
+
+__MBEDTLS_TEST_TEMPLATE__TEST_COMMON_HELPERS
+
+#line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function"
+
+
+/*----------------------------------------------------------------------------*/
+/* Test Suite Code */
+
+
+#define TEST_SUITE_ACTIVE
+
+__MBEDTLS_TEST_TEMPLATE__FUNCTIONS_CODE
+
+#line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function"
+
+
+/*----------------------------------------------------------------------------*/
+/* Test dispatch code */
+
+
+/**
+ * \brief       Evaluates an expression/macro into its literal integer value.
+ *              For optimizing space for embedded targets each expression/macro
+ *              is identified by a unique identifier instead of string literals.
+ *              Identifiers and evaluation code is generated by script:
+ *              __MBEDTLS_TEST_TEMPLATE__GENERATOR_SCRIPT
+ *
+ * \param exp_id    Expression identifier.
+ * \param out_value Pointer to int to hold the integer.
+ *
+ * \return       0 if exp_id is found. 1 otherwise.
+ */
+int get_expression(int32_t exp_id, intmax_t *out_value)
+{
+    int ret = KEY_VALUE_MAPPING_FOUND;
+
+    (void) exp_id;
+    (void) out_value;
+
+    switch (exp_id) {
+    __MBEDTLS_TEST_TEMPLATE__EXPRESSION_CODE
+#line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function"
+        default:
+        {
+            ret = KEY_VALUE_MAPPING_NOT_FOUND;
+        }
+        break;
+    }
+    return ret;
+}
+
+
+/**
+ * \brief       Checks if the dependency i.e. the compile flag is set.
+ *              For optimizing space for embedded targets each dependency
+ *              is identified by a unique identifier instead of string literals.
+ *              Identifiers and check code is generated by script:
+ *              __MBEDTLS_TEST_TEMPLATE__GENERATOR_SCRIPT
+ *
+ * \param dep_id    Dependency identifier.
+ *
+ * \return       DEPENDENCY_SUPPORTED if set else DEPENDENCY_NOT_SUPPORTED
+ */
+int dep_check(int dep_id)
+{
+    int ret = DEPENDENCY_NOT_SUPPORTED;
+
+    (void) dep_id;
+
+    switch (dep_id) {
+    __MBEDTLS_TEST_TEMPLATE__DEP_CHECK_CODE
+#line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function"
+        default:
+            break;
+    }
+    return ret;
+}
+
+
+/**
+ * \brief       Function pointer type for test function wrappers.
+ *
+ * A test function wrapper decodes the parameters and passes them to the
+ * underlying test function. Both the wrapper and the underlying function
+ * return void. Test wrappers assume that they are passed a suitable
+ * parameter array and do not perform any error detection.
+ *
+ * \param param_array   The array of parameters. Each element is a `void *`
+ *                      which the wrapper casts to the correct type and
+ *                      dereferences. Each wrapper function hard-codes the
+ *                      number and types of the parameters.
+ */
+typedef void (*TestWrapper_t)(void **param_array);
+
+
+/**
+ * \brief       Table of test function wrappers. Used by dispatch_test().
+ *              This table is populated by script:
+ *              __MBEDTLS_TEST_TEMPLATE__GENERATOR_SCRIPT
+ *
+ */
+TestWrapper_t test_funcs[] =
+{
+    __MBEDTLS_TEST_TEMPLATE__DISPATCH_CODE
+#line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function"
+};
+
+/**
+ * \brief        Execute the test function.
+ *
+ *               This is a wrapper function around the test function execution
+ *               to allow the setjmp() call used to catch any calls to the
+ *               parameter failure callback, to be used. Calls to setjmp()
+ *               can invalidate the state of any local auto variables.
+ *
+ * \param fp     Function pointer to the test function.
+ * \param params Parameters to pass to the #TestWrapper_t wrapper function.
+ *
+ */
+void execute_function_ptr(TestWrapper_t fp, void **params)
+{
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+    mbedtls_test_enable_insecure_external_rng();
+#endif
+
+#if defined(MBEDTLS_CHECK_PARAMS)
+    mbedtls_test_param_failed_location_record_t location_record;
+
+    if (setjmp(mbedtls_test_param_failed_get_state_buf()) == 0) {
+        fp(params);
+    } else {
+        /* Unexpected parameter validation error */
+        mbedtls_test_param_failed_get_location_record(&location_record);
+        mbedtls_test_fail(location_record.failure_condition,
+                          location_record.line,
+                          location_record.file);
+    }
+
+    mbedtls_test_param_failed_reset_state();
+#else
+    fp(params);
+#endif
+
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+    mbedtls_test_mutex_usage_check();
+#endif /* MBEDTLS_TEST_MUTEX_USAGE */
+}
+
+/**
+ * \brief        Dispatches test functions based on function index.
+ *
+ * \param func_idx    Test function index.
+ * \param params      The array of parameters to pass to the test function.
+ *                    It will be decoded by the #TestWrapper_t wrapper function.
+ *
+ * \return       DISPATCH_TEST_SUCCESS if found
+ *               DISPATCH_TEST_FN_NOT_FOUND if not found
+ *               DISPATCH_UNSUPPORTED_SUITE if not compile time enabled.
+ */
+int dispatch_test(size_t func_idx, void **params)
+{
+    int ret = DISPATCH_TEST_SUCCESS;
+    TestWrapper_t fp = NULL;
+
+    if (func_idx < (int) (sizeof(test_funcs) / sizeof(TestWrapper_t))) {
+        fp = test_funcs[func_idx];
+        if (fp) {
+            execute_function_ptr(fp, params);
+        } else {
+            ret = DISPATCH_UNSUPPORTED_SUITE;
+        }
+    } else {
+        ret = DISPATCH_TEST_FN_NOT_FOUND;
+    }
+
+    return ret;
+}
+
+
+/**
+ * \brief       Checks if test function is supported in this build-time
+ *              configuration.
+ *
+ * \param func_idx    Test function index.
+ *
+ * \return       DISPATCH_TEST_SUCCESS if found
+ *               DISPATCH_TEST_FN_NOT_FOUND if not found
+ *               DISPATCH_UNSUPPORTED_SUITE if not compile time enabled.
+ */
+int check_test(size_t func_idx)
+{
+    int ret = DISPATCH_TEST_SUCCESS;
+    TestWrapper_t fp = NULL;
+
+    if (func_idx < (int) (sizeof(test_funcs)/sizeof(TestWrapper_t))) {
+        fp = test_funcs[func_idx];
+        if (fp == NULL) {
+            ret = DISPATCH_UNSUPPORTED_SUITE;
+        }
+    } else {
+        ret = DISPATCH_TEST_FN_NOT_FOUND;
+    }
+
+    return ret;
+}
+
+
+__MBEDTLS_TEST_TEMPLATE__PLATFORM_CODE
+
+#line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function"
+
+/*----------------------------------------------------------------------------*/
+/* Main Test code */
+
+
+/**
+ * \brief       Program main. Invokes platform specific execute_tests().
+ *
+ * \param argc      Command line arguments count.
+ * \param argv      Array of command line arguments.
+ *
+ * \return       Exit code.
+ */
+int main(int argc, const char *argv[])
+{
+#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_ERROR_C)
+    mbedtls_test_hook_error_add = &mbedtls_test_err_add_check;
+#endif
+
+    int ret = mbedtls_test_platform_setup();
+    if (ret != 0) {
+        mbedtls_fprintf(stderr,
+                        "FATAL: Failed to initialize platform - error %d\n",
+                        ret);
+        return -1;
+    }
+
+    ret = execute_tests(argc, argv);
+    mbedtls_test_platform_teardown();
+    return ret;
+}
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aes.cbc.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aes.cbc.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aes.cbc.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aes.cbc.data
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aes.cfb.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aes.cfb.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aes.cfb.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aes.cfb.data
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aes.ecb.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aes.ecb.data
similarity index 97%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aes.ecb.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aes.ecb.data
index 6349034..faf69c0 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aes.ecb.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aes.ecb.data
@@ -228,3 +228,12 @@ aes_decrypt_ecb:"000000000000000000000000000000000000000000000000000000000000000
 
 AES-256-ECB Decrypt NIST KAT #12
 aes_decrypt_ecb:"0000000000000000000000000000000000000000000000000000000000000000":"9b80eefb7ebe2d2b16247aa0efc72f5d":"e0000000000000000000000000000000":0
+
+AES-128-ECB context alignment
+aes_ecb_context_alignment:"000102030405060708090a0b0c0d0e0f"
+
+AES-192-ECB context alignment
+aes_ecb_context_alignment:"000102030405060708090a0b0c0d0e0f1011121314151617"
+
+AES-256-ECB context alignment
+aes_ecb_context_alignment:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aes.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aes.function
new file mode 100644
index 0000000..b159e1a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aes.function
@@ -0,0 +1,747 @@
+/* BEGIN_HEADER */
+#include "mbedtls/aes.h"
+
+/* Test AES with a copied context.
+ *
+ * enc and dec must be AES context objects. They don't need to
+ * be initialized, and are left freed.
+ */
+static int test_ctx_alignment(const data_t *key,
+                              mbedtls_aes_context *enc,
+                              mbedtls_aes_context *dec)
+{
+    unsigned char plaintext[16] = {
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+        0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+    };
+    unsigned char ciphertext[16];
+    unsigned char output[16];
+
+    // Set key and encrypt with original context
+    mbedtls_aes_init(enc);
+    TEST_ASSERT(mbedtls_aes_setkey_enc(enc, key->x, key->len * 8) == 0);
+    TEST_ASSERT(mbedtls_aes_crypt_ecb(enc, MBEDTLS_AES_ENCRYPT,
+                                      plaintext, ciphertext) == 0);
+
+    // Set key for decryption with original context
+    mbedtls_aes_init(dec);
+    TEST_ASSERT(mbedtls_aes_setkey_dec(dec, key->x, key->len * 8) == 0);
+
+    // Wipe the original context to make sure nothing from it is used
+    memset(enc, 0, sizeof(*enc));
+    mbedtls_aes_free(enc);
+
+    // Decrypt
+    TEST_ASSERT(mbedtls_aes_crypt_ecb(dec, MBEDTLS_AES_DECRYPT,
+                                      ciphertext, output) == 0);
+    TEST_MEMORY_COMPARE(plaintext, 16, output, 16);
+
+    mbedtls_aes_free(dec);
+
+    return 1;
+
+exit:
+    /* Bug: we may be leaving something unfreed. This is harmless
+     * in our built-in implementations, but might cause a memory leak
+     * with alternative implementations. */
+    return 0;
+}
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_AES_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void aes_encrypt_ecb(data_t *key_str, data_t *src_str,
+                     data_t *dst, int setkey_result)
+{
+    unsigned char output[100];
+    mbedtls_aes_context ctx;
+
+    memset(output, 0x00, 100);
+
+    mbedtls_aes_init(&ctx);
+
+    TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == setkey_result);
+    if (setkey_result == 0) {
+        TEST_ASSERT(mbedtls_aes_crypt_ecb(&ctx, MBEDTLS_AES_ENCRYPT, src_str->x, output) == 0);
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0);
+    }
+
+exit:
+    mbedtls_aes_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aes_decrypt_ecb(data_t *key_str, data_t *src_str,
+                     data_t *dst, int setkey_result)
+{
+    unsigned char output[100];
+    mbedtls_aes_context ctx;
+
+    memset(output, 0x00, 100);
+
+    mbedtls_aes_init(&ctx);
+
+    TEST_ASSERT(mbedtls_aes_setkey_dec(&ctx, key_str->x, key_str->len * 8) == setkey_result);
+    if (setkey_result == 0) {
+        TEST_ASSERT(mbedtls_aes_crypt_ecb(&ctx, MBEDTLS_AES_DECRYPT, src_str->x, output) == 0);
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0);
+    }
+
+exit:
+    mbedtls_aes_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
+void aes_encrypt_cbc(data_t *key_str, data_t *iv_str,
+                     data_t *src_str, data_t *dst,
+                     int cbc_result)
+{
+    unsigned char output[100];
+    mbedtls_aes_context ctx;
+
+    memset(output, 0x00, 100);
+
+    mbedtls_aes_init(&ctx);
+
+    TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == 0);
+    TEST_ASSERT(mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_ENCRYPT, src_str->len, iv_str->x,
+                                      src_str->x, output) == cbc_result);
+    if (cbc_result == 0) {
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x,
+                                        src_str->len, dst->len) == 0);
+    }
+
+exit:
+    mbedtls_aes_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
+void aes_decrypt_cbc(data_t *key_str, data_t *iv_str,
+                     data_t *src_str, data_t *dst,
+                     int cbc_result)
+{
+    unsigned char output[100];
+    mbedtls_aes_context ctx;
+
+    memset(output, 0x00, 100);
+    mbedtls_aes_init(&ctx);
+
+    TEST_ASSERT(mbedtls_aes_setkey_dec(&ctx, key_str->x, key_str->len * 8) == 0);
+    TEST_ASSERT(mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_DECRYPT, src_str->len, iv_str->x,
+                                      src_str->x, output) == cbc_result);
+    if (cbc_result == 0) {
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x,
+                                        src_str->len, dst->len) == 0);
+    }
+
+exit:
+    mbedtls_aes_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
+void aes_encrypt_xts(char *hex_key_string, char *hex_data_unit_string,
+                     char *hex_src_string, char *hex_dst_string)
+{
+    enum { AES_BLOCK_SIZE = 16 };
+    unsigned char *data_unit = NULL;
+    unsigned char *key = NULL;
+    unsigned char *src = NULL;
+    unsigned char *dst = NULL;
+    unsigned char *output = NULL;
+    mbedtls_aes_xts_context ctx;
+    size_t key_len, src_len, dst_len, data_unit_len;
+
+    mbedtls_aes_xts_init(&ctx);
+
+    data_unit = mbedtls_test_unhexify_alloc(hex_data_unit_string,
+                                            &data_unit_len);
+    TEST_ASSERT(data_unit_len == AES_BLOCK_SIZE);
+
+    key = mbedtls_test_unhexify_alloc(hex_key_string, &key_len);
+    TEST_ASSERT(key_len % 2 == 0);
+
+    src = mbedtls_test_unhexify_alloc(hex_src_string, &src_len);
+    dst = mbedtls_test_unhexify_alloc(hex_dst_string, &dst_len);
+    TEST_ASSERT(src_len == dst_len);
+
+    output = mbedtls_test_zero_alloc(dst_len);
+
+    TEST_ASSERT(mbedtls_aes_xts_setkey_enc(&ctx, key, key_len * 8) == 0);
+    TEST_ASSERT(mbedtls_aes_crypt_xts(&ctx, MBEDTLS_AES_ENCRYPT, src_len,
+                                      data_unit, src, output) == 0);
+
+    TEST_ASSERT(memcmp(output, dst, dst_len) == 0);
+
+exit:
+    mbedtls_aes_xts_free(&ctx);
+    mbedtls_free(data_unit);
+    mbedtls_free(key);
+    mbedtls_free(src);
+    mbedtls_free(dst);
+    mbedtls_free(output);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
+void aes_decrypt_xts(char *hex_key_string, char *hex_data_unit_string,
+                     char *hex_dst_string, char *hex_src_string)
+{
+    enum { AES_BLOCK_SIZE = 16 };
+    unsigned char *data_unit = NULL;
+    unsigned char *key = NULL;
+    unsigned char *src = NULL;
+    unsigned char *dst = NULL;
+    unsigned char *output = NULL;
+    mbedtls_aes_xts_context ctx;
+    size_t key_len, src_len, dst_len, data_unit_len;
+
+    mbedtls_aes_xts_init(&ctx);
+
+    data_unit = mbedtls_test_unhexify_alloc(hex_data_unit_string,
+                                            &data_unit_len);
+    TEST_ASSERT(data_unit_len == AES_BLOCK_SIZE);
+
+    key = mbedtls_test_unhexify_alloc(hex_key_string, &key_len);
+    TEST_ASSERT(key_len % 2 == 0);
+
+    src = mbedtls_test_unhexify_alloc(hex_src_string, &src_len);
+    dst = mbedtls_test_unhexify_alloc(hex_dst_string, &dst_len);
+    TEST_ASSERT(src_len == dst_len);
+
+    output = mbedtls_test_zero_alloc(dst_len);
+
+    TEST_ASSERT(mbedtls_aes_xts_setkey_dec(&ctx, key, key_len * 8) == 0);
+    TEST_ASSERT(mbedtls_aes_crypt_xts(&ctx, MBEDTLS_AES_DECRYPT, src_len,
+                                      data_unit, src, output) == 0);
+
+    TEST_ASSERT(memcmp(output, dst, dst_len) == 0);
+
+exit:
+    mbedtls_aes_xts_free(&ctx);
+    mbedtls_free(data_unit);
+    mbedtls_free(key);
+    mbedtls_free(src);
+    mbedtls_free(dst);
+    mbedtls_free(output);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
+void aes_crypt_xts_size(int size, int retval)
+{
+    mbedtls_aes_xts_context ctx;
+    const unsigned char src[16] = { 0 };
+    unsigned char output[16];
+    unsigned char data_unit[16];
+    size_t length = size;
+
+    mbedtls_aes_xts_init(&ctx);
+    memset(data_unit, 0x00, sizeof(data_unit));
+
+
+    /* Valid pointers are passed for builds with MBEDTLS_CHECK_PARAMS, as
+     * otherwise we wouldn't get to the size check we're interested in. */
+    TEST_ASSERT(mbedtls_aes_crypt_xts(&ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src,
+                                      output) == retval);
+exit:
+    mbedtls_aes_xts_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
+void aes_crypt_xts_keysize(int size, int retval)
+{
+    mbedtls_aes_xts_context ctx;
+    const unsigned char key[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 };
+    size_t key_len = size;
+
+    mbedtls_aes_xts_init(&ctx);
+
+    TEST_ASSERT(mbedtls_aes_xts_setkey_enc(&ctx, key, key_len * 8) == retval);
+    TEST_ASSERT(mbedtls_aes_xts_setkey_dec(&ctx, key, key_len * 8) == retval);
+exit:
+    mbedtls_aes_xts_free(&ctx);
+}
+/* END_CASE */
+
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
+void aes_encrypt_cfb128(data_t *key_str, data_t *iv_str,
+                        data_t *src_str, data_t *dst)
+{
+    unsigned char output[100];
+    mbedtls_aes_context ctx;
+    size_t iv_offset = 0;
+
+    memset(output, 0x00, 100);
+    mbedtls_aes_init(&ctx);
+
+
+    TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == 0);
+    TEST_ASSERT(mbedtls_aes_crypt_cfb128(&ctx, MBEDTLS_AES_ENCRYPT, 16, &iv_offset, iv_str->x,
+                                         src_str->x, output) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0);
+
+exit:
+    mbedtls_aes_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
+void aes_decrypt_cfb128(data_t *key_str, data_t *iv_str,
+                        data_t *src_str, data_t *dst)
+{
+    unsigned char output[100];
+    mbedtls_aes_context ctx;
+    size_t iv_offset = 0;
+
+    memset(output, 0x00, 100);
+    mbedtls_aes_init(&ctx);
+
+
+    TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == 0);
+    TEST_ASSERT(mbedtls_aes_crypt_cfb128(&ctx, MBEDTLS_AES_DECRYPT, 16, &iv_offset, iv_str->x,
+                                         src_str->x, output) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0);
+
+exit:
+    mbedtls_aes_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
+void aes_encrypt_cfb8(data_t *key_str, data_t *iv_str,
+                      data_t *src_str, data_t *dst)
+{
+    unsigned char output[100];
+    mbedtls_aes_context ctx;
+
+    memset(output, 0x00, 100);
+    mbedtls_aes_init(&ctx);
+
+
+    TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == 0);
+    TEST_ASSERT(mbedtls_aes_crypt_cfb8(&ctx, MBEDTLS_AES_ENCRYPT, src_str->len, iv_str->x,
+                                       src_str->x, output) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x,
+                                    src_str->len, dst->len) == 0);
+
+exit:
+    mbedtls_aes_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
+void aes_decrypt_cfb8(data_t *key_str, data_t *iv_str,
+                      data_t *src_str, data_t *dst)
+{
+    unsigned char output[100];
+    mbedtls_aes_context ctx;
+
+    memset(output, 0x00, 100);
+    mbedtls_aes_init(&ctx);
+
+
+    TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == 0);
+    TEST_ASSERT(mbedtls_aes_crypt_cfb8(&ctx, MBEDTLS_AES_DECRYPT, src_str->len, iv_str->x,
+                                       src_str->x, output) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x,
+                                    src_str->len, dst->len) == 0);
+
+exit:
+    mbedtls_aes_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_OFB */
+void aes_encrypt_ofb(int fragment_size, data_t *key_str,
+                     data_t *iv_str, data_t *src_str,
+                     data_t *expected_output)
+{
+    unsigned char output[32];
+    mbedtls_aes_context ctx;
+    size_t iv_offset = 0;
+    int in_buffer_len;
+    unsigned char *src_str_next;
+
+    memset(output, 0x00, sizeof(output));
+    mbedtls_aes_init(&ctx);
+
+    TEST_ASSERT((size_t) fragment_size < sizeof(output));
+
+    TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x,
+                                       key_str->len * 8) == 0);
+    in_buffer_len = src_str->len;
+    src_str_next = src_str->x;
+
+    while (in_buffer_len > 0) {
+        TEST_ASSERT(mbedtls_aes_crypt_ofb(&ctx, fragment_size, &iv_offset,
+                                          iv_str->x, src_str_next, output) == 0);
+
+        TEST_ASSERT(memcmp(output, expected_output->x, fragment_size) == 0);
+
+        in_buffer_len -= fragment_size;
+        expected_output->x += fragment_size;
+        src_str_next += fragment_size;
+
+        if (in_buffer_len < fragment_size) {
+            fragment_size = in_buffer_len;
+        }
+    }
+
+exit:
+    mbedtls_aes_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void aes_check_params()
+{
+    mbedtls_aes_context aes_ctx;
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    mbedtls_aes_xts_context xts_ctx;
+#endif
+    const unsigned char key[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 };
+    const unsigned char in[16] = { 0 };
+    unsigned char out[16];
+    size_t size;
+    const int valid_mode = MBEDTLS_AES_ENCRYPT;
+    const int invalid_mode = 42;
+
+    TEST_INVALID_PARAM(mbedtls_aes_init(NULL));
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    TEST_INVALID_PARAM(mbedtls_aes_xts_init(NULL));
+#endif
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_setkey_enc(NULL, key, 128));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_setkey_enc(&aes_ctx, NULL, 128));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_setkey_dec(NULL, key, 128));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_setkey_dec(&aes_ctx, NULL, 128));
+
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_xts_setkey_enc(NULL, key, 128));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_xts_setkey_enc(&xts_ctx, NULL, 128));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_xts_setkey_dec(NULL, key, 128));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_xts_setkey_dec(&xts_ctx, NULL, 128));
+#endif
+
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_ecb(NULL,
+                                                 valid_mode, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_ecb(&aes_ctx,
+                                                 invalid_mode, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_ecb(&aes_ctx,
+                                                 valid_mode, NULL, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_ecb(&aes_ctx,
+                                                 valid_mode, in, NULL));
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_cbc(NULL,
+                                                 valid_mode, 16,
+                                                 out, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_cbc(&aes_ctx,
+                                                 invalid_mode, 16,
+                                                 out, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_cbc(&aes_ctx,
+                                                 valid_mode, 16,
+                                                 NULL, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_cbc(&aes_ctx,
+                                                 valid_mode, 16,
+                                                 out, NULL, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_cbc(&aes_ctx,
+                                                 valid_mode, 16,
+                                                 out, in, NULL));
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_xts(NULL,
+                                                 valid_mode, 16,
+                                                 in, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_xts(&xts_ctx,
+                                                 invalid_mode, 16,
+                                                 in, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_xts(&xts_ctx,
+                                                 valid_mode, 16,
+                                                 NULL, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_xts(&xts_ctx,
+                                                 valid_mode, 16,
+                                                 in, NULL, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_xts(&xts_ctx,
+                                                 valid_mode, 16,
+                                                 in, in, NULL));
+#endif /* MBEDTLS_CIPHER_MODE_XTS */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_cfb128(NULL,
+                                                    valid_mode, 16,
+                                                    &size, out, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_cfb128(&aes_ctx,
+                                                    invalid_mode, 16,
+                                                    &size, out, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_cfb128(&aes_ctx,
+                                                    valid_mode, 16,
+                                                    NULL, out, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_cfb128(&aes_ctx,
+                                                    valid_mode, 16,
+                                                    &size, NULL, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_cfb128(&aes_ctx,
+                                                    valid_mode, 16,
+                                                    &size, out, NULL, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_cfb128(&aes_ctx,
+                                                    valid_mode, 16,
+                                                    &size, out, in, NULL));
+
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_cfb8(NULL,
+                                                  valid_mode, 16,
+                                                  out, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_cfb8(&aes_ctx,
+                                                  invalid_mode, 16,
+                                                  out, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_cfb8(&aes_ctx,
+                                                  valid_mode, 16,
+                                                  NULL, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_cfb8(&aes_ctx,
+                                                  valid_mode, 16,
+                                                  out, NULL, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_cfb8(&aes_ctx,
+                                                  valid_mode, 16,
+                                                  out, in, NULL));
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_ofb(NULL, 16,
+                                                 &size, out, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_ofb(&aes_ctx, 16,
+                                                 NULL, out, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_ofb(&aes_ctx, 16,
+                                                 &size, NULL, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_ofb(&aes_ctx, 16,
+                                                 &size, out, NULL, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_ofb(&aes_ctx, 16,
+                                                 &size, out, in, NULL));
+#endif /* MBEDTLS_CIPHER_MODE_OFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_ctr(NULL, 16, &size, out,
+                                                 out, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_ctr(&aes_ctx, 16, NULL, out,
+                                                 out, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_ctr(&aes_ctx, 16, &size, NULL,
+                                                 out, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_ctr(&aes_ctx, 16, &size, out,
+                                                 NULL, in, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_ctr(&aes_ctx, 16, &size, out,
+                                                 out, NULL, out));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
+                           mbedtls_aes_crypt_ctr(&aes_ctx, 16, &size, out,
+                                                 out, in, NULL));
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aes_misc_params()
+{
+#if defined(MBEDTLS_CIPHER_MODE_CBC) || \
+    defined(MBEDTLS_CIPHER_MODE_XTS) || \
+    defined(MBEDTLS_CIPHER_MODE_CFB) || \
+    defined(MBEDTLS_CIPHER_MODE_OFB)
+    const unsigned char in[16] = { 0 };
+    unsigned char out[16];
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CBC) || \
+    defined(MBEDTLS_CIPHER_MODE_CFB) || \
+    defined(MBEDTLS_CIPHER_MODE_OFB)
+    mbedtls_aes_context aes_ctx;
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    mbedtls_aes_xts_context xts_ctx;
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB) || \
+    defined(MBEDTLS_CIPHER_MODE_OFB)
+    size_t size;
+#endif
+
+    /* These calls accept NULL */
+    TEST_VALID_PARAM(mbedtls_aes_free(NULL));
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    TEST_VALID_PARAM(mbedtls_aes_xts_free(NULL));
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    TEST_ASSERT(mbedtls_aes_crypt_cbc(&aes_ctx, MBEDTLS_AES_ENCRYPT,
+                                      15,
+                                      out, in, out)
+                == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH);
+    TEST_ASSERT(mbedtls_aes_crypt_cbc(&aes_ctx, MBEDTLS_AES_ENCRYPT,
+                                      17,
+                                      out, in, out)
+                == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH);
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+    TEST_ASSERT(mbedtls_aes_crypt_xts(&xts_ctx, MBEDTLS_AES_ENCRYPT,
+                                      15,
+                                      in, in, out)
+                == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH);
+    TEST_ASSERT(mbedtls_aes_crypt_xts(&xts_ctx, MBEDTLS_AES_ENCRYPT,
+                                      (1 << 24) + 1,
+                                      in, in, out)
+                == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH);
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    size = 16;
+    TEST_ASSERT(mbedtls_aes_crypt_cfb128(&aes_ctx, MBEDTLS_AES_ENCRYPT, 16,
+                                         &size, out, in, out)
+                == MBEDTLS_ERR_AES_BAD_INPUT_DATA);
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+    size = 16;
+    TEST_ASSERT(mbedtls_aes_crypt_ofb(&aes_ctx, 16, &size, out, in, out)
+                == MBEDTLS_ERR_AES_BAD_INPUT_DATA);
+#endif
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aes_ecb_context_alignment(data_t *key)
+{
+    /* We test alignment multiple times, with different alignments
+     * of the context and of the plaintext/ciphertext. */
+
+    struct align0 {
+        mbedtls_aes_context ctx;
+    };
+    struct align0 *enc0 = NULL;
+    struct align0 *dec0 = NULL;
+
+    struct align1 {
+        char bump;
+        mbedtls_aes_context ctx;
+    };
+    struct align1 *enc1 = NULL;
+    struct align1 *dec1 = NULL;
+
+    /* All peak alignment */
+    TEST_CALLOC(enc0, 1);
+    TEST_CALLOC(dec0, 1);
+    if (!test_ctx_alignment(key, &enc0->ctx, &dec0->ctx)) {
+        goto exit;
+    }
+    mbedtls_free(enc0);
+    enc0 = NULL;
+    mbedtls_free(dec0);
+    dec0 = NULL;
+
+    /* Enc aligned, dec not */
+    TEST_CALLOC(enc0, 1);
+    TEST_CALLOC(dec1, 1);
+    if (!test_ctx_alignment(key, &enc0->ctx, &dec1->ctx)) {
+        goto exit;
+    }
+    mbedtls_free(enc0);
+    enc0 = NULL;
+    mbedtls_free(dec1);
+    dec1 = NULL;
+
+    /* Dec aligned, enc not */
+    TEST_CALLOC(enc1, 1);
+    TEST_CALLOC(dec0, 1);
+    if (!test_ctx_alignment(key, &enc1->ctx, &dec0->ctx)) {
+        goto exit;
+    }
+    mbedtls_free(enc1);
+    enc1 = NULL;
+    mbedtls_free(dec0);
+    dec0 = NULL;
+
+    /* Both shifted */
+    TEST_CALLOC(enc1, 1);
+    TEST_CALLOC(dec1, 1);
+    if (!test_ctx_alignment(key, &enc1->ctx, &dec1->ctx)) {
+        goto exit;
+    }
+    mbedtls_free(enc1);
+    enc1 = NULL;
+    mbedtls_free(dec1);
+    dec1 = NULL;
+
+exit:
+    mbedtls_free(enc0);
+    mbedtls_free(dec0);
+    mbedtls_free(enc1);
+    mbedtls_free(dec1);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void aes_selftest()
+{
+    TEST_ASSERT(mbedtls_aes_self_test(1) == 0);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aes.ofb.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aes.ofb.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aes.ofb.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aes.ofb.data
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aes.rest.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aes.rest.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aes.rest.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aes.rest.data
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aes.xts.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aes.xts.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aes.xts.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aes.xts.data
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_arc4.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_arc4.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_arc4.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_arc4.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_arc4.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_arc4.function
new file mode 100644
index 0000000..c1b19d5
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_arc4.function
@@ -0,0 +1,37 @@
+/* BEGIN_HEADER */
+#include "mbedtls/arc4.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_ARC4_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void mbedtls_arc4_crypt(data_t *src_str, data_t *key_str, data_t *dst)
+{
+    unsigned char dst_str[1000];
+    mbedtls_arc4_context ctx;
+
+    memset(dst_str, 0x00, 1000);
+    mbedtls_arc4_init(&ctx);
+
+
+    mbedtls_arc4_setup(&ctx, key_str->x, key_str->len);
+    TEST_ASSERT(mbedtls_arc4_crypt(&ctx, src_str->len,
+                                   src_str->x, dst_str) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(dst_str, dst->x,
+                                    src_str->len, dst->len) == 0);
+
+exit:
+    mbedtls_arc4_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void arc4_selftest()
+{
+    TEST_ASSERT(mbedtls_arc4_self_test(1) == 0);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aria.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aria.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_aria.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aria.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aria.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aria.function
new file mode 100644
index 0000000..10c51a3
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_aria.function
@@ -0,0 +1,423 @@
+/* BEGIN_HEADER */
+#include "mbedtls/aria.h"
+
+/* Maximum size of data used by test vectors
+ * WARNING: to be adapted if and when adding larger test cases */
+#define ARIA_MAX_DATASIZE  160
+
+/* Maximum sizes of hexified things */
+#define ARIA_MAX_KEY_STR    (2 * MBEDTLS_ARIA_MAX_KEYSIZE + 1)
+#define ARIA_BLOCK_STR      (2 * MBEDTLS_ARIA_BLOCKSIZE + 1)
+#define ARIA_MAX_DATA_STR   (2 * ARIA_MAX_DATASIZE + 1)
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_ARIA_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void aria_valid_param()
+{
+    TEST_VALID_PARAM(mbedtls_aria_free(NULL));
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void aria_invalid_param()
+{
+    mbedtls_aria_context ctx;
+    unsigned char key[128 / 8] = { 0 };
+    unsigned char input[MBEDTLS_ARIA_BLOCKSIZE] = { 0 };
+    unsigned char output[MBEDTLS_ARIA_BLOCKSIZE] = { 0 };
+    unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE] = { 0 };
+    size_t iv_off = 0;
+
+    ((void) iv_off);
+    ((void) iv);
+
+    TEST_INVALID_PARAM(mbedtls_aria_init(NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_setkey_enc(NULL, key,
+                                                   sizeof(key)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_setkey_enc(&ctx, NULL,
+                                                   sizeof(key)));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_setkey_dec(NULL, key,
+                                                   sizeof(key)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_setkey_dec(&ctx, NULL,
+                                                   sizeof(key)));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_crypt_ecb(NULL, input, output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_crypt_ecb(&ctx, NULL, output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_crypt_ecb(&ctx, input, NULL));
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_crypt_cbc(NULL,
+                                                  MBEDTLS_ARIA_ENCRYPT,
+                                                  sizeof(input),
+                                                  iv,
+                                                  input,
+                                                  output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_crypt_cbc(&ctx,
+                                                  42 /* invalid mode */,
+                                                  sizeof(input),
+                                                  iv,
+                                                  input,
+                                                  output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_crypt_cbc(&ctx,
+                                                  MBEDTLS_ARIA_ENCRYPT,
+                                                  sizeof(input),
+                                                  NULL,
+                                                  input,
+                                                  output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_crypt_cbc(&ctx,
+                                                  MBEDTLS_ARIA_ENCRYPT,
+                                                  sizeof(input),
+                                                  iv,
+                                                  NULL,
+                                                  output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_crypt_cbc(&ctx,
+                                                  MBEDTLS_ARIA_ENCRYPT,
+                                                  sizeof(input),
+                                                  iv,
+                                                  input,
+                                                  NULL));
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_crypt_cfb128(NULL,
+                                                     MBEDTLS_ARIA_ENCRYPT,
+                                                     sizeof(input),
+                                                     &iv_off,
+                                                     iv,
+                                                     input,
+                                                     output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_crypt_cfb128(&ctx,
+                                                     42, /* invalid mode */
+                                                     sizeof(input),
+                                                     &iv_off,
+                                                     iv,
+                                                     input,
+                                                     output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_crypt_cfb128(&ctx,
+                                                     MBEDTLS_ARIA_ENCRYPT,
+                                                     sizeof(input),
+                                                     NULL,
+                                                     iv,
+                                                     input,
+                                                     output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_crypt_cfb128(&ctx,
+                                                     MBEDTLS_ARIA_ENCRYPT,
+                                                     sizeof(input),
+                                                     &iv_off,
+                                                     NULL,
+                                                     input,
+                                                     output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_crypt_cfb128(&ctx,
+                                                     MBEDTLS_ARIA_ENCRYPT,
+                                                     sizeof(input),
+                                                     &iv_off,
+                                                     iv,
+                                                     NULL,
+                                                     output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_crypt_cfb128(&ctx,
+                                                     MBEDTLS_ARIA_ENCRYPT,
+                                                     sizeof(input),
+                                                     &iv_off,
+                                                     iv,
+                                                     input,
+                                                     NULL));
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_crypt_ctr(NULL,
+                                                  sizeof(input),
+                                                  &iv_off,
+                                                  iv,
+                                                  iv,
+                                                  input,
+                                                  output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_crypt_ctr(&ctx,
+                                                  sizeof(input),
+                                                  NULL,
+                                                  iv,
+                                                  iv,
+                                                  input,
+                                                  output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_crypt_ctr(&ctx,
+                                                  sizeof(input),
+                                                  &iv_off,
+                                                  NULL,
+                                                  iv,
+                                                  input,
+                                                  output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_crypt_ctr(&ctx,
+                                                  sizeof(input),
+                                                  &iv_off,
+                                                  iv,
+                                                  NULL,
+                                                  input,
+                                                  output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_crypt_ctr(&ctx,
+                                                  sizeof(input),
+                                                  &iv_off,
+                                                  iv,
+                                                  iv,
+                                                  NULL,
+                                                  output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+                           mbedtls_aria_crypt_ctr(&ctx,
+                                                  sizeof(input),
+                                                  &iv_off,
+                                                  iv,
+                                                  iv,
+                                                  input,
+                                                  NULL));
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+exit:
+    return;
+
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aria_encrypt_ecb(data_t *key_str, data_t *src_str,
+                      data_t *expected_output, int setkey_result)
+{
+    unsigned char output[ARIA_MAX_DATASIZE];
+    mbedtls_aria_context ctx;
+    size_t i;
+
+    memset(output, 0x00, sizeof(output));
+    mbedtls_aria_init(&ctx);
+
+    TEST_ASSERT(mbedtls_aria_setkey_enc(&ctx, key_str->x, key_str->len * 8)
+                == setkey_result);
+    if (setkey_result == 0) {
+        for (i = 0; i < src_str->len; i += MBEDTLS_ARIA_BLOCKSIZE) {
+            TEST_ASSERT(mbedtls_aria_crypt_ecb(&ctx, src_str->x + i,
+                                               output + i) == 0);
+        }
+
+        TEST_MEMORY_COMPARE(output, expected_output->len,
+                            expected_output->x, expected_output->len);
+    }
+
+exit:
+    mbedtls_aria_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aria_decrypt_ecb(data_t *key_str, data_t *src_str,
+                      data_t *expected_output, int setkey_result)
+{
+    unsigned char output[ARIA_MAX_DATASIZE];
+    mbedtls_aria_context ctx;
+    size_t i;
+
+    memset(output, 0x00, sizeof(output));
+    mbedtls_aria_init(&ctx);
+
+    TEST_ASSERT(mbedtls_aria_setkey_dec(&ctx, key_str->x, key_str->len * 8)
+                == setkey_result);
+    if (setkey_result == 0) {
+        for (i = 0; i < src_str->len; i += MBEDTLS_ARIA_BLOCKSIZE) {
+            TEST_ASSERT(mbedtls_aria_crypt_ecb(&ctx, src_str->x + i,
+                                               output + i) == 0);
+        }
+
+        TEST_MEMORY_COMPARE(output, expected_output->len,
+                            expected_output->x, expected_output->len);
+    }
+
+exit:
+    mbedtls_aria_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
+void aria_encrypt_cbc(data_t *key_str, data_t *iv_str,
+                      data_t *src_str, data_t *expected_output,
+                      int cbc_result)
+{
+    unsigned char output[ARIA_MAX_DATASIZE];
+    mbedtls_aria_context ctx;
+
+    memset(output, 0x00, sizeof(output));
+    mbedtls_aria_init(&ctx);
+
+    mbedtls_aria_setkey_enc(&ctx, key_str->x, key_str->len * 8);
+    TEST_ASSERT(mbedtls_aria_crypt_cbc(&ctx, MBEDTLS_ARIA_ENCRYPT,
+                                       src_str->len, iv_str->x, src_str->x,
+                                       output) == cbc_result);
+    if (cbc_result == 0) {
+        TEST_MEMORY_COMPARE(output, expected_output->len,
+                            expected_output->x, expected_output->len);
+    }
+
+exit:
+    mbedtls_aria_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
+void aria_decrypt_cbc(data_t *key_str, data_t *iv_str,
+                      data_t *src_str, data_t *expected_output,
+                      int cbc_result)
+{
+    unsigned char output[ARIA_MAX_DATASIZE];
+    mbedtls_aria_context ctx;
+
+    memset(output, 0x00, sizeof(output));
+    mbedtls_aria_init(&ctx);
+
+    mbedtls_aria_setkey_dec(&ctx, key_str->x, key_str->len * 8);
+    TEST_ASSERT(mbedtls_aria_crypt_cbc(&ctx, MBEDTLS_ARIA_DECRYPT,
+                                       src_str->len, iv_str->x, src_str->x,
+                                       output) == cbc_result);
+    if (cbc_result == 0) {
+        TEST_MEMORY_COMPARE(output, expected_output->len,
+                            expected_output->x, expected_output->len);
+    }
+
+exit:
+    mbedtls_aria_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
+void aria_encrypt_cfb128(data_t *key_str, data_t *iv_str,
+                         data_t *src_str, data_t *expected_output,
+                         int result)
+{
+    unsigned char output[ARIA_MAX_DATASIZE];
+    mbedtls_aria_context ctx;
+    size_t iv_offset = 0;
+
+    memset(output, 0x00, sizeof(output));
+    mbedtls_aria_init(&ctx);
+
+    mbedtls_aria_setkey_enc(&ctx, key_str->x, key_str->len * 8);
+    TEST_ASSERT(mbedtls_aria_crypt_cfb128(&ctx, MBEDTLS_ARIA_ENCRYPT,
+                                          src_str->len, &iv_offset,
+                                          iv_str->x, src_str->x, output)
+                == result);
+
+    TEST_MEMORY_COMPARE(output, expected_output->len,
+                        expected_output->x, expected_output->len);
+
+exit:
+    mbedtls_aria_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
+void aria_decrypt_cfb128(data_t *key_str, data_t *iv_str,
+                         data_t *src_str, data_t *expected_output,
+                         int result)
+{
+    unsigned char output[ARIA_MAX_DATASIZE];
+    mbedtls_aria_context ctx;
+    size_t iv_offset = 0;
+
+    memset(output, 0x00, sizeof(output));
+    mbedtls_aria_init(&ctx);
+
+    mbedtls_aria_setkey_enc(&ctx, key_str->x, key_str->len * 8);
+    TEST_ASSERT(mbedtls_aria_crypt_cfb128(&ctx, MBEDTLS_ARIA_DECRYPT,
+                                          src_str->len, &iv_offset,
+                                          iv_str->x, src_str->x, output)
+                == result);
+
+    TEST_MEMORY_COMPARE(output, expected_output->len,
+                        expected_output->x, expected_output->len);
+
+exit:
+    mbedtls_aria_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */
+void aria_encrypt_ctr(data_t *key_str, data_t *iv_str,
+                      data_t *src_str, data_t *expected_output,
+                      int result)
+{
+    unsigned char output[ARIA_MAX_DATASIZE];
+    unsigned char blk[MBEDTLS_ARIA_BLOCKSIZE];
+    mbedtls_aria_context ctx;
+    size_t iv_offset = 0;
+
+    memset(output, 0x00, sizeof(output));
+    mbedtls_aria_init(&ctx);
+
+    mbedtls_aria_setkey_enc(&ctx, key_str->x, key_str->len * 8);
+    TEST_ASSERT(mbedtls_aria_crypt_ctr(&ctx, src_str->len, &iv_offset,
+                                       iv_str->x, blk, src_str->x, output)
+                == result);
+
+    TEST_MEMORY_COMPARE(output, expected_output->len,
+                        expected_output->x, expected_output->len);
+
+exit:
+    mbedtls_aria_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */
+void aria_decrypt_ctr(data_t *key_str, data_t *iv_str,
+                      data_t *src_str, data_t *expected_output,
+                      int result)
+{
+    unsigned char output[ARIA_MAX_DATASIZE];
+    unsigned char blk[MBEDTLS_ARIA_BLOCKSIZE];
+    mbedtls_aria_context ctx;
+    size_t iv_offset = 0;
+
+    memset(output, 0x00, sizeof(output));
+    mbedtls_aria_init(&ctx);
+
+    mbedtls_aria_setkey_enc(&ctx, key_str->x, key_str->len * 8);
+    TEST_ASSERT(mbedtls_aria_crypt_ctr(&ctx, src_str->len, &iv_offset,
+                                       iv_str->x, blk, src_str->x, output)
+                == result);
+
+    TEST_MEMORY_COMPARE(output, expected_output->len,
+                        expected_output->x, expected_output->len);
+
+exit:
+    mbedtls_aria_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void aria_selftest()
+{
+    TEST_ASSERT(mbedtls_aria_self_test(1) == 0);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_asn1parse.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_asn1parse.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_asn1parse.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_asn1parse.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_asn1parse.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_asn1parse.function
new file mode 100644
index 0000000..77f268c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_asn1parse.function
@@ -0,0 +1,774 @@
+/* BEGIN_HEADER */
+#include <errno.h>
+#include <stdlib.h>
+#include <limits.h>
+
+#include "mbedtls/bignum.h"
+#include "mbedtls/asn1.h"
+#if defined(MBEDTLS_ASN1_WRITE_C)
+#include "mbedtls/asn1write.h"
+#endif
+
+/* Used internally to report an error that indicates a bug in a parsing function. */
+#define ERR_PARSE_INCONSISTENCY INT_MAX
+
+/* Use this magic value in some tests to indicate that the expected result
+ * should not be checked. */
+#define UNPREDICTABLE_RESULT 0x5552
+
+static int nested_parse(unsigned char **const p,
+                        const unsigned char *const end)
+{
+    int ret;
+    size_t len = 0;
+    size_t len2 = 0;
+    unsigned char *const start = *p;
+    unsigned char *content_start;
+    unsigned char tag;
+
+    /* First get the length, skipping over the tag. */
+    content_start = start + 1;
+    ret = mbedtls_asn1_get_len(&content_start, end, &len);
+    TEST_ASSERT(content_start <= end);
+    if (ret != 0) {
+        return ret;
+    }
+
+    /* Since we have a valid element start (tag and length), retrieve and
+     * check the tag. */
+    tag = start[0];
+    TEST_EQUAL(mbedtls_asn1_get_tag(p, end, &len2, tag ^ 1),
+               MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
+    *p = start;
+    TEST_EQUAL(mbedtls_asn1_get_tag(p, end, &len2, tag), 0);
+    TEST_EQUAL(len, len2);
+    TEST_ASSERT(*p == content_start);
+    *p = content_start;
+
+    switch (tag & 0x1f) {
+        case MBEDTLS_ASN1_BOOLEAN:
+        {
+            int val = -257;
+            *p = start;
+            ret = mbedtls_asn1_get_bool(p, end, &val);
+            if (ret == 0) {
+                TEST_ASSERT(val == 0 || val == 1);
+            }
+            break;
+        }
+
+        case MBEDTLS_ASN1_INTEGER:
+        {
+#if defined(MBEDTLS_BIGNUM_C)
+            mbedtls_mpi mpi;
+            mbedtls_mpi_init(&mpi);
+            *p = start;
+            ret = mbedtls_asn1_get_mpi(p, end, &mpi);
+            mbedtls_mpi_free(&mpi);
+#else
+            *p = start + 1;
+            ret = mbedtls_asn1_get_len(p, end, &len);
+            *p += len;
+#endif
+            /* If we're sure that the number fits in an int, also
+             * call mbedtls_asn1_get_int(). */
+            if (ret == 0 && len < sizeof(int)) {
+                int val = -257;
+                unsigned char *q = start;
+                ret = mbedtls_asn1_get_int(&q, end, &val);
+                TEST_ASSERT(*p == q);
+            }
+            break;
+        }
+
+        case MBEDTLS_ASN1_BIT_STRING:
+        {
+            mbedtls_asn1_bitstring bs;
+            *p = start;
+            ret = mbedtls_asn1_get_bitstring(p, end, &bs);
+            break;
+        }
+
+        case MBEDTLS_ASN1_SEQUENCE:
+        {
+            while (*p <= end && *p < content_start + len && ret == 0) {
+                ret = nested_parse(p, content_start + len);
+            }
+            break;
+        }
+
+        case MBEDTLS_ASN1_OCTET_STRING:
+        case MBEDTLS_ASN1_NULL:
+        case MBEDTLS_ASN1_OID:
+        case MBEDTLS_ASN1_UTF8_STRING:
+        case MBEDTLS_ASN1_SET:
+        case MBEDTLS_ASN1_PRINTABLE_STRING:
+        case MBEDTLS_ASN1_T61_STRING:
+        case MBEDTLS_ASN1_IA5_STRING:
+        case MBEDTLS_ASN1_UTC_TIME:
+        case MBEDTLS_ASN1_GENERALIZED_TIME:
+        case MBEDTLS_ASN1_UNIVERSAL_STRING:
+        case MBEDTLS_ASN1_BMP_STRING:
+        default:
+            /* No further testing implemented for this tag. */
+            *p += len;
+            return 0;
+    }
+
+    TEST_ASSERT(*p <= end);
+    return ret;
+
+exit:
+    return ERR_PARSE_INCONSISTENCY;
+}
+
+int get_len_step(const data_t *input, size_t buffer_size,
+                 size_t actual_length)
+{
+    unsigned char *buf = NULL;
+    unsigned char *p = NULL;
+    unsigned char *end;
+    size_t parsed_length;
+    int ret;
+
+    mbedtls_test_set_step(buffer_size);
+    /* Allocate a new buffer of exactly the length to parse each time.
+     * This gives memory sanitizers a chance to catch buffer overreads. */
+    if (buffer_size == 0) {
+        TEST_CALLOC(buf, 1);
+        end = buf + 1;
+        p = end;
+    } else {
+        TEST_CALLOC_OR_SKIP(buf, buffer_size);
+        if (buffer_size > input->len) {
+            memcpy(buf, input->x, input->len);
+            memset(buf + input->len, 'A', buffer_size - input->len);
+        } else {
+            memcpy(buf, input->x, buffer_size);
+        }
+        p = buf;
+        end = buf + buffer_size;
+    }
+
+    ret = mbedtls_asn1_get_len(&p, end, &parsed_length);
+
+    if (buffer_size >= input->len + actual_length) {
+        TEST_EQUAL(ret, 0);
+        TEST_ASSERT(p == buf + input->len);
+        TEST_EQUAL(parsed_length, actual_length);
+    } else {
+        TEST_EQUAL(ret, MBEDTLS_ERR_ASN1_OUT_OF_DATA);
+    }
+    mbedtls_free(buf);
+    return 1;
+
+exit:
+    mbedtls_free(buf);
+    return 0;
+}
+
+typedef struct {
+    const unsigned char *input_start;
+    const char *description;
+} traverse_state_t;
+
+/* Value returned by traverse_callback if description runs out. */
+#define RET_TRAVERSE_STOP 1
+/* Value returned by traverse_callback if description has an invalid format
+ * (see traverse_sequence_of). */
+#define RET_TRAVERSE_ERROR 2
+
+
+static int traverse_callback(void *ctx, int tag,
+                             unsigned char *content, size_t len)
+{
+    traverse_state_t *state = ctx;
+    size_t offset;
+    const char *rest = state->description;
+    unsigned long n;
+
+    TEST_ASSERT(content > state->input_start);
+    offset = content - state->input_start;
+    mbedtls_test_set_step(offset);
+
+    if (*rest == 0) {
+        return RET_TRAVERSE_STOP;
+    }
+    n = strtoul(rest, (char **) &rest, 0);
+    TEST_EQUAL(n, offset);
+    TEST_EQUAL(*rest, ',');
+    ++rest;
+    n = strtoul(rest, (char **) &rest, 0);
+    TEST_EQUAL(n, (unsigned) tag);
+    TEST_EQUAL(*rest, ',');
+    ++rest;
+    n = strtoul(rest, (char **) &rest, 0);
+    TEST_EQUAL(n, len);
+    if (*rest == ',') {
+        ++rest;
+    }
+
+    state->description = rest;
+    return 0;
+
+exit:
+    return RET_TRAVERSE_ERROR;
+}
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_ASN1_PARSE_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void parse_prefixes(const data_t *input,
+                    int full_result,
+                    int overfull_result)
+{
+    /* full_result: expected result from parsing the given string. */
+    /* overfull_result: expected_result from parsing the given string plus
+     * some trailing garbage. This may be UNPREDICTABLE_RESULT to accept
+     * any result: use this for invalid inputs that may or may not become
+     * valid depending on what the trailing garbage is. */
+
+    unsigned char *buf = NULL;
+    unsigned char *p = NULL;
+    size_t buffer_size;
+    int ret;
+
+    /* Test every prefix of the input, except the empty string.
+     * The first byte of the string is the tag. Without a tag byte,
+     * we wouldn't know what to parse the input as.
+     * Also test the input followed by an extra byte.
+     */
+    for (buffer_size = 1; buffer_size <= input->len + 1; buffer_size++) {
+        mbedtls_test_set_step(buffer_size);
+        /* Allocate a new buffer of exactly the length to parse each time.
+         * This gives memory sanitizers a chance to catch buffer overreads. */
+        TEST_CALLOC(buf, buffer_size);
+        memcpy(buf, input->x, buffer_size);
+        p = buf;
+        ret = nested_parse(&p, buf + buffer_size);
+
+        if (ret == ERR_PARSE_INCONSISTENCY) {
+            goto exit;
+        }
+        if (buffer_size < input->len) {
+            TEST_EQUAL(ret, MBEDTLS_ERR_ASN1_OUT_OF_DATA);
+        } else if (buffer_size == input->len) {
+            TEST_EQUAL(ret, full_result);
+        } else { /* ( buffer_size > input->len ) */
+            if (overfull_result != UNPREDICTABLE_RESULT) {
+                TEST_EQUAL(ret, overfull_result);
+            }
+        }
+        if (ret == 0) {
+            TEST_ASSERT(p == buf + input->len);
+        }
+
+        mbedtls_free(buf);
+        buf = NULL;
+    }
+
+exit:
+    mbedtls_free(buf);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void get_len(const data_t *input, int actual_length_arg)
+{
+    size_t actual_length = actual_length_arg;
+    size_t buffer_size;
+
+    /* Test prefixes of a buffer containing the given length string
+     * followed by `actual_length` bytes of payload. To save a bit of
+     * time, we skip some "boring" prefixes: we don't test prefixes where
+     * the payload is truncated more than one byte away from either end,
+     * and we only test the empty string on a 1-byte input.
+     */
+    for (buffer_size = 1; buffer_size <= input->len + 1; buffer_size++) {
+        if (!get_len_step(input, buffer_size, actual_length)) {
+            goto exit;
+        }
+    }
+    if (!get_len_step(input, input->len + actual_length - 1, actual_length)) {
+        goto exit;
+    }
+    if (!get_len_step(input, input->len + actual_length, actual_length)) {
+        goto exit;
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void get_boolean(const data_t *input,
+                 int expected_value, int expected_result)
+{
+    unsigned char *p = input->x;
+    int val;
+    int ret;
+    ret = mbedtls_asn1_get_bool(&p, input->x + input->len, &val);
+    TEST_EQUAL(ret, expected_result);
+    if (expected_result == 0) {
+        TEST_EQUAL(val, expected_value);
+        TEST_ASSERT(p == input->x + input->len);
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void empty_integer(const data_t *input)
+{
+    unsigned char *p;
+#if defined(MBEDTLS_BIGNUM_C)
+    mbedtls_mpi actual_mpi;
+#endif
+    int val;
+
+#if defined(MBEDTLS_BIGNUM_C)
+    mbedtls_mpi_init(&actual_mpi);
+#endif
+
+    /* An INTEGER with no content is not valid. */
+    p = input->x;
+    TEST_EQUAL(mbedtls_asn1_get_int(&p, input->x + input->len, &val),
+               MBEDTLS_ERR_ASN1_INVALID_LENGTH);
+
+#if defined(MBEDTLS_BIGNUM_C)
+    /* INTEGERs are sometimes abused as bitstrings, so the library accepts
+     * an INTEGER with empty content and gives it the value 0. */
+    p = input->x;
+    TEST_EQUAL(mbedtls_asn1_get_mpi(&p, input->x + input->len, &actual_mpi),
+               0);
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&actual_mpi, 0), 0);
+#endif
+
+exit:
+#if defined(MBEDTLS_BIGNUM_C)
+    mbedtls_mpi_free(&actual_mpi);
+#endif
+    /*empty cleanup in some configurations*/;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void get_integer(const data_t *input,
+                 const char *expected_hex, int expected_result)
+{
+    unsigned char *p;
+#if defined(MBEDTLS_BIGNUM_C)
+    mbedtls_mpi expected_mpi;
+    mbedtls_mpi actual_mpi;
+    mbedtls_mpi complement;
+    int expected_result_for_mpi = expected_result;
+#endif
+    long expected_value;
+    int expected_result_for_int = expected_result;
+    int val;
+    int ret;
+
+#if defined(MBEDTLS_BIGNUM_C)
+    mbedtls_mpi_init(&expected_mpi);
+    mbedtls_mpi_init(&actual_mpi);
+    mbedtls_mpi_init(&complement);
+#endif
+
+    errno = 0;
+    expected_value = strtol(expected_hex, NULL, 16);
+    if (expected_result == 0 &&
+        (errno == ERANGE
+#if LONG_MAX > INT_MAX
+         || expected_value > INT_MAX || expected_value < INT_MIN
+#endif
+        )) {
+        /* The library returns the dubious error code INVALID_LENGTH
+         * for integers that are out of range. */
+        expected_result_for_int = MBEDTLS_ERR_ASN1_INVALID_LENGTH;
+    }
+    if (expected_result == 0 && expected_value < 0) {
+        /* The library does not support negative INTEGERs and
+         * returns the dubious error code INVALID_LENGTH.
+         * Test that we preserve the historical behavior. If we
+         * decide to change the behavior, we'll also change this test. */
+        expected_result_for_int = MBEDTLS_ERR_ASN1_INVALID_LENGTH;
+    }
+
+    p = input->x;
+    ret = mbedtls_asn1_get_int(&p, input->x + input->len, &val);
+    TEST_EQUAL(ret, expected_result_for_int);
+    if (ret == 0) {
+        TEST_EQUAL(val, expected_value);
+        TEST_ASSERT(p == input->x + input->len);
+    }
+
+#if defined(MBEDTLS_BIGNUM_C)
+    ret = mbedtls_test_read_mpi(&expected_mpi, expected_hex);
+    TEST_ASSERT(ret == 0 || ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA);
+    if (ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA) {
+        /* The data overflows the maximum MPI size. */
+        expected_result_for_mpi = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+    p = input->x;
+    ret = mbedtls_asn1_get_mpi(&p, input->x + input->len, &actual_mpi);
+    TEST_EQUAL(ret, expected_result_for_mpi);
+    if (ret == 0) {
+        if (expected_value >= 0) {
+            TEST_ASSERT(mbedtls_mpi_cmp_mpi(&actual_mpi,
+                                            &expected_mpi) == 0);
+        } else {
+            /* The library ignores the sign bit in ASN.1 INTEGERs
+             * (which makes sense insofar as INTEGERs are sometimes
+             * abused as bit strings), so the result of parsing them
+             * is a positive integer such that expected_mpi +
+             * actual_mpi = 2^n where n is the length of the content
+             * of the INTEGER. (Leading ff octets don't matter for the
+             * expected value, but they matter for the actual value.)
+             * Test that we don't change from this behavior. If we
+             * decide to fix the library to change the behavior on
+             * negative INTEGERs, we'll fix this test code. */
+            unsigned char *q = input->x + 1;
+            size_t len;
+            TEST_ASSERT(mbedtls_asn1_get_len(&q, input->x + input->len,
+                                             &len) == 0);
+            TEST_ASSERT(mbedtls_mpi_lset(&complement, 1) == 0);
+            TEST_ASSERT(mbedtls_mpi_shift_l(&complement, len * 8) == 0);
+            TEST_ASSERT(mbedtls_mpi_add_mpi(&complement, &complement,
+                                            &expected_mpi) == 0);
+            TEST_ASSERT(mbedtls_mpi_cmp_mpi(&complement,
+                                            &actual_mpi) == 0);
+        }
+        TEST_ASSERT(p == input->x + input->len);
+    }
+#endif
+
+exit:
+#if defined(MBEDTLS_BIGNUM_C)
+    mbedtls_mpi_free(&expected_mpi);
+    mbedtls_mpi_free(&actual_mpi);
+    mbedtls_mpi_free(&complement);
+#endif
+    /*empty cleanup in some configurations*/;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void get_enum(const data_t *input,
+              const char *expected_hex, int expected_result)
+{
+    unsigned char *p;
+    long expected_value;
+    int expected_result_for_enum = expected_result;
+    int val;
+    int ret;
+
+    errno = 0;
+    expected_value = strtol(expected_hex, NULL, 16);
+    if (expected_result == 0 &&
+        (errno == ERANGE
+#if LONG_MAX > INT_MAX
+         || expected_value > INT_MAX || expected_value < INT_MIN
+#endif
+        )) {
+        /* The library returns the dubious error code INVALID_LENGTH
+         * for integers that are out of range. */
+        expected_result_for_enum = MBEDTLS_ERR_ASN1_INVALID_LENGTH;
+    }
+    if (expected_result == 0 && expected_value < 0) {
+        /* The library does not support negative INTEGERs and
+         * returns the dubious error code INVALID_LENGTH.
+         * Test that we preserve the historical behavior. If we
+         * decide to change the behavior, we'll also change this test. */
+        expected_result_for_enum = MBEDTLS_ERR_ASN1_INVALID_LENGTH;
+    }
+
+    p = input->x;
+    ret = mbedtls_asn1_get_enum(&p, input->x + input->len, &val);
+    TEST_EQUAL(ret, expected_result_for_enum);
+    if (ret == 0) {
+        TEST_EQUAL(val, expected_value);
+        TEST_ASSERT(p == input->x + input->len);
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */
+void get_mpi_too_large()
+{
+    unsigned char *buf = NULL;
+    unsigned char *p;
+    mbedtls_mpi actual_mpi;
+    size_t too_many_octets =
+        MBEDTLS_MPI_MAX_LIMBS * sizeof(mbedtls_mpi_uint) + 1;
+    size_t size = too_many_octets + 6;
+
+    mbedtls_mpi_init(&actual_mpi);
+
+    TEST_CALLOC(buf, size);
+    buf[0] = 0x02; /* tag: INTEGER */
+    buf[1] = 0x84; /* 4-octet length */
+    buf[2] = (too_many_octets >> 24) & 0xff;
+    buf[3] = (too_many_octets >> 16) & 0xff;
+    buf[4] = (too_many_octets >> 8) & 0xff;
+    buf[5] = too_many_octets & 0xff;
+    buf[6] = 0x01; /* most significant octet */
+
+    p = buf;
+    TEST_EQUAL(mbedtls_asn1_get_mpi(&p, buf + size, &actual_mpi),
+               MBEDTLS_ERR_MPI_ALLOC_FAILED);
+
+exit:
+    mbedtls_mpi_free(&actual_mpi);
+    mbedtls_free(buf);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void get_bitstring(const data_t *input,
+                   int expected_length, int expected_unused_bits,
+                   int expected_result, int expected_result_null)
+{
+    mbedtls_asn1_bitstring bs = { 0xdead, 0x21, NULL };
+    unsigned char *p = input->x;
+
+    TEST_EQUAL(mbedtls_asn1_get_bitstring(&p, input->x + input->len, &bs),
+               expected_result);
+    if (expected_result == 0) {
+        TEST_EQUAL(bs.len, (size_t) expected_length);
+        TEST_EQUAL(bs.unused_bits, expected_unused_bits);
+        TEST_ASSERT(bs.p != NULL);
+        TEST_EQUAL(bs.p - input->x + bs.len, input->len);
+        TEST_ASSERT(p == input->x + input->len);
+    }
+
+    p = input->x;
+    TEST_EQUAL(mbedtls_asn1_get_bitstring_null(&p, input->x + input->len,
+                                               &bs.len),
+               expected_result_null);
+    if (expected_result_null == 0) {
+        TEST_EQUAL(bs.len, (size_t) expected_length);
+        if (expected_result == 0) {
+            TEST_ASSERT(p == input->x + input->len - bs.len);
+        }
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void get_sequence_of(const data_t *input, int tag,
+                     const char *description,
+                     int expected_result)
+{
+    /* The description string is a comma-separated list of integers.
+     * For each element in the SEQUENCE in input, description contains
+     * two integers: the offset of the element (offset from the start
+     * of input to the tag of the element) and the length of the
+     * element's contents.
+     * "offset1,length1,..." */
+
+    mbedtls_asn1_sequence head = { { 0, 0, NULL }, NULL };
+    mbedtls_asn1_sequence *cur;
+    unsigned char *p = input->x;
+    const char *rest = description;
+    unsigned long n;
+    unsigned int step = 0;
+
+    TEST_EQUAL(mbedtls_asn1_get_sequence_of(&p, input->x + input->len,
+                                            &head, tag),
+               expected_result);
+    if (expected_result == 0) {
+        TEST_ASSERT(p == input->x + input->len);
+
+        if (!*rest) {
+            TEST_EQUAL(head.buf.tag, 0);
+            TEST_ASSERT(head.buf.p == NULL);
+            TEST_EQUAL(head.buf.len, 0);
+            TEST_ASSERT(head.next == NULL);
+        } else {
+            cur = &head;
+            while (*rest) {
+                mbedtls_test_set_step(step);
+                TEST_ASSERT(cur != NULL);
+                TEST_EQUAL(cur->buf.tag, tag);
+                n = strtoul(rest, (char **) &rest, 0);
+                TEST_EQUAL(n, (size_t) (cur->buf.p - input->x));
+                ++rest;
+                n = strtoul(rest, (char **) &rest, 0);
+                TEST_EQUAL(n, cur->buf.len);
+                if (*rest) {
+                    ++rest;
+                }
+                cur = cur->next;
+                ++step;
+            }
+            TEST_ASSERT(cur == NULL);
+        }
+    }
+
+exit:
+    mbedtls_asn1_sequence_free(head.next);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void traverse_sequence_of(const data_t *input,
+                          int tag_must_mask, int tag_must_val,
+                          int tag_may_mask, int tag_may_val,
+                          const char *description,
+                          int expected_result)
+{
+    /* The description string is a comma-separated list of integers.
+     * For each element in the SEQUENCE in input, description contains
+     * three integers: the offset of the element's content (offset from
+     * the start of input to the content of the element), the element's tag,
+     * and the length of the element's contents.
+     * "offset1,tag1,length1,..." */
+
+    unsigned char *p = input->x;
+    traverse_state_t traverse_state = { input->x, description };
+    int ret;
+
+    ret = mbedtls_asn1_traverse_sequence_of(&p, input->x + input->len,
+                                            (uint8_t) tag_must_mask, (uint8_t) tag_must_val,
+                                            (uint8_t) tag_may_mask, (uint8_t) tag_may_val,
+                                            traverse_callback, &traverse_state);
+    if (ret == RET_TRAVERSE_ERROR) {
+        goto exit;
+    }
+    TEST_EQUAL(ret, expected_result);
+    TEST_EQUAL(*traverse_state.description, 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void get_alg(const data_t *input,
+             int oid_offset, int oid_length,
+             int params_tag, int params_offset, int params_length,
+             int total_length,
+             int expected_result)
+{
+    mbedtls_asn1_buf oid = { -1, 0, NULL };
+    mbedtls_asn1_buf params = { -1, 0, NULL };
+    unsigned char *p = input->x;
+    int ret;
+
+    TEST_EQUAL(mbedtls_asn1_get_alg(&p, input->x + input->len,
+                                    &oid, &params),
+               expected_result);
+    if (expected_result == 0) {
+        TEST_EQUAL(oid.tag, MBEDTLS_ASN1_OID);
+        TEST_EQUAL(oid.p - input->x, oid_offset);
+        TEST_EQUAL(oid.len, (size_t) oid_length);
+        TEST_EQUAL(params.tag, params_tag);
+        if (params_offset != 0) {
+            TEST_EQUAL(params.p - input->x, params_offset);
+        } else {
+            TEST_ASSERT(params.p == NULL);
+        }
+        TEST_EQUAL(params.len, (size_t) params_length);
+        TEST_EQUAL(p - input->x, total_length);
+    }
+
+    ret = mbedtls_asn1_get_alg_null(&p, input->x + input->len, &oid);
+    if (expected_result == 0 && params_offset == 0) {
+        TEST_EQUAL(oid.tag, MBEDTLS_ASN1_OID);
+        TEST_EQUAL(oid.p - input->x, oid_offset);
+        TEST_EQUAL(oid.len, (size_t) oid_length);
+        TEST_EQUAL(p - input->x, total_length);
+    } else {
+        TEST_ASSERT(ret != 0);
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void find_named_data(data_t *oid0, data_t *oid1, data_t *oid2, data_t *oid3,
+                     data_t *needle, int from, int position)
+{
+    mbedtls_asn1_named_data nd[] = {
+        { { 0x06, oid0->len, oid0->x }, { 0, 0, NULL }, NULL, 0 },
+        { { 0x06, oid1->len, oid1->x }, { 0, 0, NULL }, NULL, 0 },
+        { { 0x06, oid2->len, oid2->x }, { 0, 0, NULL }, NULL, 0 },
+        { { 0x06, oid3->len, oid3->x }, { 0, 0, NULL }, NULL, 0 },
+    };
+    mbedtls_asn1_named_data *pointers[ARRAY_LENGTH(nd) + 1];
+    size_t i;
+    mbedtls_asn1_named_data *found;
+
+    for (i = 0; i < ARRAY_LENGTH(nd); i++) {
+        pointers[i] = &nd[i];
+    }
+    pointers[ARRAY_LENGTH(nd)] = NULL;
+    for (i = 0; i < ARRAY_LENGTH(nd); i++) {
+        nd[i].next = pointers[i+1];
+    }
+
+    found = mbedtls_asn1_find_named_data(pointers[from],
+                                         (const char *) needle->x,
+                                         needle->len);
+    TEST_ASSERT(found == pointers[position]);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void free_named_data_null()
+{
+    mbedtls_asn1_free_named_data(NULL);
+    goto exit; /* Silence unused label warning */
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void free_named_data(int with_oid, int with_val, int with_next)
+{
+    mbedtls_asn1_named_data next =
+    { { 0x06, 0, NULL }, { 0, 0xcafe, NULL }, NULL, 0 };
+    mbedtls_asn1_named_data head =
+    { { 0x06, 0, NULL }, { 0, 0, NULL }, NULL, 0 };
+
+    if (with_oid) {
+        TEST_CALLOC(head.oid.p, 1);
+    }
+    if (with_val) {
+        TEST_CALLOC(head.val.p, 1);
+    }
+    if (with_next) {
+        head.next = &next;
+    }
+
+    mbedtls_asn1_free_named_data(&head);
+    TEST_ASSERT(head.oid.p == NULL);
+    TEST_ASSERT(head.val.p == NULL);
+    TEST_ASSERT(head.next == NULL);
+    TEST_ASSERT(next.val.len == 0xcafe);
+
+exit:
+    mbedtls_free(head.oid.p);
+    mbedtls_free(head.val.p);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void free_named_data_list(int length)
+{
+    mbedtls_asn1_named_data *head = NULL;
+    int i;
+
+    for (i = 0; i < length; i++) {
+        mbedtls_asn1_named_data *new = NULL;
+        TEST_CALLOC(new, 1);
+        new->next = head;
+        head = new;
+    }
+
+    mbedtls_asn1_free_named_data_list(&head);
+    TEST_ASSERT(head == NULL);
+    /* Most of the point of the test is that it doesn't leak memory.
+     * So this test is only really useful under a memory leak detection
+     * framework. */
+exit:
+    mbedtls_asn1_free_named_data_list(&head);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_asn1write.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_asn1write.data
similarity index 88%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_asn1write.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_asn1write.data
index 7f5f536..725cbc2 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_asn1write.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_asn1write.data
@@ -91,8 +91,11 @@ mbedtls_asn1_write_enum:0x12345678:"0A0412345678"
 ASN.1 Write enum 2147483647
 mbedtls_asn1_write_enum:0x7fffffff:"0A047fffffff"
 
-#ASN.1 Write mpi 0
-#mbedtls_asn1_write_mpi:"00":"020100"
+ASN.1 Write mpi 0 (null)
+mbedtls_asn1_write_mpi:"":"020100"
+
+ASN.1 Write mpi 0 (1 limb)
+mbedtls_asn1_write_mpi:"00":"020100"
 
 ASN.1 Write mpi 1
 mbedtls_asn1_write_mpi:"01":"020101"
@@ -100,11 +103,17 @@ mbedtls_asn1_write_mpi:"01":"020101"
 ASN.1 Write mpi 0x7f
 mbedtls_asn1_write_mpi:"7f":"02017f"
 
-#ASN.1 Write mpi 0x80
-#mbedtls_asn1_write_mpi:"7f":"02020080"
+ASN.1 Write mpi 0x7f with leading 0 limb
+mbedtls_asn1_write_mpi:"00000000000000007f":"02017f"
+
+ASN.1 Write mpi 0x80
+mbedtls_asn1_write_mpi:"80":"02020080"
+
+ASN.1 Write mpi 0x80 with leading 0 limb
+mbedtls_asn1_write_mpi:"000000000000000080":"02020080"
 
-#ASN.1 Write mpi 0xff
-#mbedtls_asn1_write_mpi:"7f":"020200ff"
+ASN.1 Write mpi 0xff
+mbedtls_asn1_write_mpi:"ff":"020200ff"
 
 ASN.1 Write mpi 0x100
 mbedtls_asn1_write_mpi:"0100":"02020100"
@@ -112,17 +121,17 @@ mbedtls_asn1_write_mpi:"0100":"02020100"
 ASN.1 Write mpi, 127*8-1 bits
 mbedtls_asn1_write_mpi:"7f7b16e05c1537de7c41cef1a0985d6a3ced98aec28e091874cbad6b5e40a5c956258f18861c28bed8ba808259339ee34b2e509c4080149474d5d5b86093f90c475a6443fc87e1a293d4151be625d652f1c32a00a018bba10c8a2ae5b2b0ee4be64e053dce9d07ec7919526c9dfcf2ec9fc3db485caa8e5a68a2cd0a427de8":"027f7f7b16e05c1537de7c41cef1a0985d6a3ced98aec28e091874cbad6b5e40a5c956258f18861c28bed8ba808259339ee34b2e509c4080149474d5d5b86093f90c475a6443fc87e1a293d4151be625d652f1c32a00a018bba10c8a2ae5b2b0ee4be64e053dce9d07ec7919526c9dfcf2ec9fc3db485caa8e5a68a2cd0a427de8"
 
-#ASN.1 Write mpi, 127*8 bits
-#mbedtls_asn1_write_mpi:"e77b16e05c1537de7c41cef1a0985d6a3ced98aec28e091874cbad6b5e40a5c956258f18861c28bed8ba808259339ee34b2e509c4080149474d5d5b86093f90c475a6443fc87e1a293d4151be625d652f1c32a00a018bba10c8a2ae5b2b0ee4be64e053dce9d07ec7919526c9dfcf2ec9fc3db485caa8e5a68a2cd0a427de8":"028180e77b16e05c1537de7c41cef1a0985d6a3ced98aec28e091874cbad6b5e40a5c956258f18861c28bed8ba808259339ee34b2e509c4080149474d5d5b86093f90c475a6443fc87e1a293d4151be625d652f1c32a00a018bba10c8a2ae5b2b0ee4be64e053dce9d07ec7919526c9dfcf2ec9fc3db485caa8e5a68a2cd0a427de8"
+ASN.1 Write mpi, 127*8 bits
+mbedtls_asn1_write_mpi:"e77b16e05c1537de7c41cef1a0985d6a3ced98aec28e091874cbad6b5e40a5c956258f18861c28bed8ba808259339ee34b2e509c4080149474d5d5b86093f90c475a6443fc87e1a293d4151be625d652f1c32a00a018bba10c8a2ae5b2b0ee4be64e053dce9d07ec7919526c9dfcf2ec9fc3db485caa8e5a68a2cd0a427de8":"02818000e77b16e05c1537de7c41cef1a0985d6a3ced98aec28e091874cbad6b5e40a5c956258f18861c28bed8ba808259339ee34b2e509c4080149474d5d5b86093f90c475a6443fc87e1a293d4151be625d652f1c32a00a018bba10c8a2ae5b2b0ee4be64e053dce9d07ec7919526c9dfcf2ec9fc3db485caa8e5a68a2cd0a427de8"
 
 ASN.1 Write mpi, 127*8+1 bits
-mbedtls_asn1_write_mpi:"108446d68934cc1af23c4cd909884d4bd737a1890e12f5ef8bf3d807d72feffa63c0bf2633345f8b8418d144617c871a7a0277ac0150eed4b3db7f9dff21114cd0d7f282400f03c931cb00c367550e374a1ed3762a1801ca714cfc8d5aac69707ca81e0661400ed0014d97cba48f94d835dd681fc3053c51958afbf7583cf49c":"028180108446d68934cc1af23c4cd909884d4bd737a1890e12f5ef8bf3d807d72feffa63c0bf2633345f8b8418d144617c871a7a0277ac0150eed4b3db7f9dff21114cd0d7f282400f03c931cb00c367550e374a1ed3762a1801ca714cfc8d5aac69707ca81e0661400ed0014d97cba48f94d835dd681fc3053c51958afbf7583cf49c"
+mbedtls_asn1_write_mpi:"018446d68934cc1af23c4cd909884d4bd737a1890e12f5ef8bf3d807d72feffa63c0bf2633345f8b8418d144617c871a7a0277ac0150eed4b3db7f9dff21114cd0d7f282400f03c931cb00c367550e374a1ed3762a1801ca714cfc8d5aac69707ca81e0661400ed0014d97cba48f94d835dd681fc3053c51958afbf7583cf49c":"028180018446d68934cc1af23c4cd909884d4bd737a1890e12f5ef8bf3d807d72feffa63c0bf2633345f8b8418d144617c871a7a0277ac0150eed4b3db7f9dff21114cd0d7f282400f03c931cb00c367550e374a1ed3762a1801ca714cfc8d5aac69707ca81e0661400ed0014d97cba48f94d835dd681fc3053c51958afbf7583cf49c"
 
 ASN.1 Write mpi, 255*8-1 bits
 mbedtls_asn1_write_mpi:"7bd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c":"0281ff7bd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c"
 
-#ASN.1 Write mpi, 255*8 bits
-#mbedtls_asn1_write_mpi:"fbd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c":"0282010000fbd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c"
+ASN.1 Write mpi, 255*8 bits
+mbedtls_asn1_write_mpi:"fbd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c":"0282010000fbd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c"
 
 ASN.1 Write mpi, 256*8-1 bits
 mbedtls_asn1_write_mpi:"7bd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c89":"028201007bd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c89"
@@ -191,7 +200,7 @@ ASN.1 Write OID: length=1
 mbedtls_asn1_write_string:MBEDTLS_ASN1_OID:"41":"060141"
 
 ASN.1 Write AlgorithmIdentifier, null parameters
-mbedtls_asn1_write_algorithm_identifier:"4f4944":8:"300d06034f4944"
+mbedtls_asn1_write_algorithm_identifier:"4f4944":0:"300706034f49440500"
 
 ASN.1 Write AlgorithmIdentifier, parameters (8 bytes)
 mbedtls_asn1_write_algorithm_identifier:"4f4944":8:"300d06034f4944"
@@ -374,10 +383,13 @@ Store named data: found, larger data
 store_named_data_val_found:4:9
 
 Store named data: new, val_len=0
-store_named_data_val_new:0
+store_named_data_val_new:0:1
+
+Stored named data: new, val_len=0, val=NULL
+store_named_data_val_new:0:0
 
 Store named data: new, val_len=4
-store_named_data_val_new:4
+store_named_data_val_new:4:1
 
 Store named data: new, val_len=4, val=NULL
-store_named_data_val_new:-4
+store_named_data_val_new:4:0
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_asn1write.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_asn1write.function
new file mode 100644
index 0000000..77bf4ef
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_asn1write.function
@@ -0,0 +1,601 @@
+/* BEGIN_HEADER */
+#include "mbedtls/asn1write.h"
+
+#define GUARD_LEN 4
+#define GUARD_VAL 0x2a
+
+typedef struct {
+    unsigned char *output;
+    unsigned char *start;
+    unsigned char *end;
+    unsigned char *p;
+    size_t size;
+} generic_write_data_t;
+
+int generic_write_start_step(generic_write_data_t *data)
+{
+    mbedtls_test_set_step(data->size);
+    mbedtls_free(data->output);
+    data->output = NULL;
+    TEST_CALLOC(data->output, data->size == 0 ? 1 : data->size);
+    data->end = data->output + data->size;
+    data->p = data->end;
+    data->start = data->end - data->size;
+    return 1;
+exit:
+    return 0;
+}
+
+int generic_write_finish_step(generic_write_data_t *data,
+                              const data_t *expected, int ret)
+{
+    int ok = 0;
+
+    if (data->size < expected->len) {
+        TEST_EQUAL(ret, MBEDTLS_ERR_ASN1_BUF_TOO_SMALL);
+    } else {
+        TEST_EQUAL(ret, data->end - data->p);
+        TEST_ASSERT(data->p >= data->start);
+        TEST_ASSERT(data->p <= data->end);
+        TEST_MEMORY_COMPARE(data->p, (size_t) (data->end - data->p),
+                            expected->x, expected->len);
+    }
+    ok = 1;
+
+exit:
+    return ok;
+}
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_ASN1_WRITE_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void mbedtls_asn1_write_null(data_t *expected)
+{
+    generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 };
+    int ret;
+
+    for (data.size = 0; data.size <= expected->len + 1; data.size++) {
+        if (!generic_write_start_step(&data)) {
+            goto exit;
+        }
+        ret = mbedtls_asn1_write_null(&data.p, data.start);
+        if (!generic_write_finish_step(&data, expected, ret)) {
+            goto exit;
+        }
+        /* There's no parsing function for NULL. */
+    }
+
+exit:
+    mbedtls_free(data.output);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_asn1_write_bool(int val, data_t *expected)
+{
+    generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 };
+    int ret;
+
+    for (data.size = 0; data.size <= expected->len + 1; data.size++) {
+        if (!generic_write_start_step(&data)) {
+            goto exit;
+        }
+        ret = mbedtls_asn1_write_bool(&data.p, data.start, val);
+        if (!generic_write_finish_step(&data, expected, ret)) {
+            goto exit;
+        }
+#if defined(MBEDTLS_ASN1_PARSE_C)
+        if (ret >= 0) {
+            int read = 0xdeadbeef;
+            TEST_EQUAL(mbedtls_asn1_get_bool(&data.p, data.end, &read), 0);
+            TEST_EQUAL(val, read);
+        }
+#endif /* MBEDTLS_ASN1_PARSE_C */
+    }
+
+exit:
+    mbedtls_free(data.output);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_asn1_write_int(int val, data_t *expected)
+{
+    generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 };
+    int ret;
+
+    for (data.size = 0; data.size <= expected->len + 1; data.size++) {
+        if (!generic_write_start_step(&data)) {
+            goto exit;
+        }
+        ret = mbedtls_asn1_write_int(&data.p, data.start, val);
+        if (!generic_write_finish_step(&data, expected, ret)) {
+            goto exit;
+        }
+#if defined(MBEDTLS_ASN1_PARSE_C)
+        if (ret >= 0) {
+            int read = 0xdeadbeef;
+            TEST_EQUAL(mbedtls_asn1_get_int(&data.p, data.end, &read), 0);
+            TEST_EQUAL(val, read);
+        }
+#endif /* MBEDTLS_ASN1_PARSE_C */
+    }
+
+exit:
+    mbedtls_free(data.output);
+}
+/* END_CASE */
+
+
+/* BEGIN_CASE */
+void mbedtls_asn1_write_enum(int val, data_t *expected)
+{
+    generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 };
+    int ret;
+
+    for (data.size = 0; data.size <= expected->len + 1; data.size++) {
+        if (!generic_write_start_step(&data)) {
+            goto exit;
+        }
+        ret = mbedtls_asn1_write_enum(&data.p, data.start, val);
+        if (!generic_write_finish_step(&data, expected, ret)) {
+            goto exit;
+        }
+#if defined(MBEDTLS_ASN1_PARSE_C)
+        if (ret >= 0) {
+            int read = 0xdeadbeef;
+            TEST_EQUAL(mbedtls_asn1_get_enum(&data.p, data.end, &read), 0);
+            TEST_EQUAL(val, read);
+        }
+#endif /* MBEDTLS_ASN1_PARSE_C */
+    }
+
+exit:
+    mbedtls_free(data.output);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */
+void mbedtls_asn1_write_mpi(data_t *val, data_t *expected)
+{
+    generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 };
+    mbedtls_mpi mpi, read;
+    int ret;
+
+    mbedtls_mpi_init(&mpi);
+    mbedtls_mpi_init(&read);
+    TEST_ASSERT(mbedtls_mpi_read_binary(&mpi, val->x, val->len) == 0);
+
+    for (data.size = 0; data.size <= expected->len + 1; data.size++) {
+        if (!generic_write_start_step(&data)) {
+            goto exit;
+        }
+        ret = mbedtls_asn1_write_mpi(&data.p, data.start, &mpi);
+        if (!generic_write_finish_step(&data, expected, ret)) {
+            goto exit;
+        }
+#if defined(MBEDTLS_ASN1_PARSE_C)
+        if (ret >= 0) {
+            TEST_EQUAL(mbedtls_asn1_get_mpi(&data.p, data.end, &read), 0);
+            TEST_EQUAL(0, mbedtls_mpi_cmp_mpi(&mpi, &read));
+        }
+#endif /* MBEDTLS_ASN1_PARSE_C */
+        /* Skip some intermediate lengths, they're boring. */
+        if (expected->len > 10 && data.size == 8) {
+            data.size = expected->len - 2;
+        }
+    }
+
+exit:
+    mbedtls_mpi_free(&mpi);
+    mbedtls_mpi_free(&read);
+    mbedtls_free(data.output);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_asn1_write_string(int tag, data_t *content, data_t *expected)
+{
+    generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 };
+    int ret;
+
+    for (data.size = 0; data.size <= expected->len + 1; data.size++) {
+        if (!generic_write_start_step(&data)) {
+            goto exit;
+        }
+        switch (tag) {
+            case MBEDTLS_ASN1_OCTET_STRING:
+                ret = mbedtls_asn1_write_octet_string(
+                    &data.p, data.start, content->x, content->len);
+                break;
+            case MBEDTLS_ASN1_OID:
+                ret = mbedtls_asn1_write_oid(
+                    &data.p, data.start,
+                    (const char *) content->x, content->len);
+                break;
+            case MBEDTLS_ASN1_UTF8_STRING:
+                ret = mbedtls_asn1_write_utf8_string(
+                    &data.p, data.start,
+                    (const char *) content->x, content->len);
+                break;
+            case MBEDTLS_ASN1_PRINTABLE_STRING:
+                ret = mbedtls_asn1_write_printable_string(
+                    &data.p, data.start,
+                    (const char *) content->x, content->len);
+                break;
+            case MBEDTLS_ASN1_IA5_STRING:
+                ret = mbedtls_asn1_write_ia5_string(
+                    &data.p, data.start,
+                    (const char *) content->x, content->len);
+                break;
+            default:
+                ret = mbedtls_asn1_write_tagged_string(
+                    &data.p, data.start, tag,
+                    (const char *) content->x, content->len);
+        }
+        if (!generic_write_finish_step(&data, expected, ret)) {
+            goto exit;
+        }
+        /* There's no parsing function for octet or character strings. */
+        /* Skip some intermediate lengths, they're boring. */
+        if (expected->len > 10 && data.size == 8) {
+            data.size = expected->len - 2;
+        }
+    }
+
+exit:
+    mbedtls_free(data.output);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_asn1_write_algorithm_identifier(data_t *oid,
+                                             int par_len,
+                                             data_t *expected)
+{
+    generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 };
+    int ret;
+#if defined(MBEDTLS_ASN1_PARSE_C)
+    unsigned char *buf_complete = NULL;
+#endif /* MBEDTLS_ASN1_PARSE_C */
+
+    for (data.size = 0; data.size <= expected->len + 1; data.size++) {
+        if (!generic_write_start_step(&data)) {
+            goto exit;
+        }
+        ret = mbedtls_asn1_write_algorithm_identifier(
+            &data.p, data.start,
+            (const char *) oid->x, oid->len, par_len);
+        /* If params_len != 0, mbedtls_asn1_write_algorithm_identifier()
+         * assumes that the parameters are already present in the buffer
+         * and returns a length that accounts for this, but our test
+         * data omits the parameters. */
+        if (ret >= 0) {
+            ret -= par_len;
+        }
+        if (!generic_write_finish_step(&data, expected, ret)) {
+            goto exit;
+        }
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+        /* Only do a parse-back test if the parameters aren't too large for
+         * a small-heap environment. The boundary is somewhat arbitrary. */
+        if (ret >= 0 && par_len <= 1234) {
+            mbedtls_asn1_buf alg = { 0, 0, NULL };
+            mbedtls_asn1_buf params = { 0, 0, NULL };
+            /* The writing function doesn't write the parameters unless
+             * they're null: it only takes their length as input. But the
+             * parsing function requires the parameters to be present.
+             * Thus make up parameters. */
+            size_t data_len = data.end - data.p;
+            size_t len_complete = data_len + par_len;
+            unsigned char expected_params_tag;
+            size_t expected_params_len;
+            TEST_CALLOC(buf_complete, len_complete);
+            unsigned char *end_complete = buf_complete + len_complete;
+            memcpy(buf_complete, data.p, data_len);
+            if (par_len == 0) {
+                /* mbedtls_asn1_write_algorithm_identifier() wrote a NULL */
+                expected_params_tag = 0x05;
+                expected_params_len = 0;
+            } else if (par_len >= 2 && par_len < 2 + 128) {
+                /* Write an OCTET STRING with a short length encoding */
+                expected_params_tag = buf_complete[data_len] = 0x04;
+                expected_params_len = par_len - 2;
+                buf_complete[data_len + 1] = (unsigned char) expected_params_len;
+            } else if (par_len >= 4 + 128 && par_len < 3 + 256 * 256) {
+                /* Write an OCTET STRING with a two-byte length encoding */
+                expected_params_tag = buf_complete[data_len] = 0x04;
+                expected_params_len = par_len - 4;
+                buf_complete[data_len + 1] = 0x82;
+                buf_complete[data_len + 2] = (unsigned char) (expected_params_len >> 8);
+                buf_complete[data_len + 3] = (unsigned char) (expected_params_len);
+            } else {
+                TEST_FAIL("Bad test data: invalid length of ASN.1 element");
+            }
+            unsigned char *p = buf_complete;
+            TEST_EQUAL(mbedtls_asn1_get_alg(&p, end_complete,
+                                            &alg, &params), 0);
+            TEST_EQUAL(alg.tag, MBEDTLS_ASN1_OID);
+            TEST_MEMORY_COMPARE(alg.p, alg.len, oid->x, oid->len);
+            TEST_EQUAL(params.tag, expected_params_tag);
+            TEST_EQUAL(params.len, expected_params_len);
+            mbedtls_free(buf_complete);
+            buf_complete = NULL;
+        }
+#endif /* MBEDTLS_ASN1_PARSE_C */
+    }
+
+exit:
+    mbedtls_free(data.output);
+#if defined(MBEDTLS_ASN1_PARSE_C)
+    mbedtls_free(buf_complete);
+#endif /* MBEDTLS_ASN1_PARSE_C */
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */
+void mbedtls_asn1_write_len(int len, data_t *asn1, int buf_len,
+                            int result)
+{
+    int ret;
+    unsigned char buf[150];
+    unsigned char *p;
+    size_t i;
+    size_t read_len;
+
+    memset(buf, GUARD_VAL, sizeof(buf));
+
+    p = buf + GUARD_LEN + buf_len;
+
+    ret = mbedtls_asn1_write_len(&p, buf + GUARD_LEN, (size_t) len);
+
+    TEST_ASSERT(ret == result);
+
+    /* Check for buffer overwrite on both sides */
+    for (i = 0; i < GUARD_LEN; i++) {
+        TEST_ASSERT(buf[i] == GUARD_VAL);
+        TEST_ASSERT(buf[GUARD_LEN + buf_len + i] == GUARD_VAL);
+    }
+
+    if (result >= 0) {
+        TEST_ASSERT(p + asn1->len == buf + GUARD_LEN + buf_len);
+
+        TEST_ASSERT(memcmp(p, asn1->x, asn1->len) == 0);
+
+        /* Read back with mbedtls_asn1_get_len() to check */
+        ret = mbedtls_asn1_get_len(&p, buf + GUARD_LEN + buf_len, &read_len);
+
+        if (len == 0) {
+            TEST_ASSERT(ret == 0);
+        } else {
+            /* Return will be MBEDTLS_ERR_ASN1_OUT_OF_DATA because the rest of
+             * the buffer is missing
+             */
+            TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_OUT_OF_DATA);
+        }
+        TEST_ASSERT(read_len == (size_t) len);
+        TEST_ASSERT(p == buf + GUARD_LEN + buf_len);
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void test_asn1_write_bitstrings(data_t *bitstring, int bits,
+                                data_t *expected, int is_named)
+{
+    generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 };
+    int ret;
+    int (*func)(unsigned char **p, unsigned char *start,
+                const unsigned char *buf, size_t bits) =
+        (is_named ? mbedtls_asn1_write_named_bitstring :
+         mbedtls_asn1_write_bitstring);
+#if defined(MBEDTLS_ASN1_PARSE_C)
+    unsigned char *masked_bitstring = NULL;
+#endif /* MBEDTLS_ASN1_PARSE_C */
+
+    /* The API expects `bitstring->x` to contain `bits` bits. */
+    size_t byte_length = (bits + 7) / 8;
+    TEST_ASSERT(bitstring->len >= byte_length);
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+    TEST_CALLOC(masked_bitstring, byte_length);
+    if (byte_length != 0) {
+        memcpy(masked_bitstring, bitstring->x, byte_length);
+        if (bits % 8 != 0) {
+            masked_bitstring[byte_length - 1] &= ~(0xff >> (bits % 8));
+        }
+    }
+    size_t value_bits = bits;
+    if (is_named) {
+        /* In a named bit string, all trailing 0 bits are removed. */
+        while (byte_length > 0 && masked_bitstring[byte_length - 1] == 0) {
+            --byte_length;
+        }
+        value_bits = 8 * byte_length;
+        if (byte_length > 0) {
+            unsigned char last_byte = masked_bitstring[byte_length - 1];
+            for (unsigned b = 1; b < 0xff && (last_byte & b) == 0; b <<= 1) {
+                --value_bits;
+            }
+        }
+    }
+#endif /* MBEDTLS_ASN1_PARSE_C */
+
+    for (data.size = 0; data.size <= expected->len + 1; data.size++) {
+        if (!generic_write_start_step(&data)) {
+            goto exit;
+        }
+        ret = (*func)(&data.p, data.start, bitstring->x, bits);
+        if (!generic_write_finish_step(&data, expected, ret)) {
+            goto exit;
+        }
+#if defined(MBEDTLS_ASN1_PARSE_C)
+        if (ret >= 0) {
+            mbedtls_asn1_bitstring read = { 0, 0, NULL };
+            TEST_EQUAL(mbedtls_asn1_get_bitstring(&data.p, data.end,
+                                                  &read), 0);
+            TEST_MEMORY_COMPARE(read.p, read.len,
+                                masked_bitstring, byte_length);
+            TEST_EQUAL(read.unused_bits, 8 * byte_length - value_bits);
+        }
+#endif /* MBEDTLS_ASN1_PARSE_C */
+    }
+
+exit:
+    mbedtls_free(data.output);
+#if defined(MBEDTLS_ASN1_PARSE_C)
+    mbedtls_free(masked_bitstring);
+#endif /* MBEDTLS_ASN1_PARSE_C */
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void store_named_data_find(data_t *oid0, data_t *oid1,
+                           data_t *oid2, data_t *oid3,
+                           data_t *needle, int from, int position)
+{
+    data_t *oid[4] = { oid0, oid1, oid2, oid3 };
+    mbedtls_asn1_named_data nd[] = {
+        { { 0x06, 0, NULL }, { 0, 0, NULL }, NULL, 0 },
+        { { 0x06, 0, NULL }, { 0, 0, NULL }, NULL, 0 },
+        { { 0x06, 0, NULL }, { 0, 0, NULL }, NULL, 0 },
+        { { 0x06, 0, NULL }, { 0, 0, NULL }, NULL, 0 },
+    };
+    mbedtls_asn1_named_data *pointers[ARRAY_LENGTH(nd) + 1];
+    size_t i;
+    mbedtls_asn1_named_data *head = NULL;
+    mbedtls_asn1_named_data *found = NULL;
+
+    for (i = 0; i < ARRAY_LENGTH(nd); i++) {
+        pointers[i] = &nd[i];
+    }
+    pointers[ARRAY_LENGTH(nd)] = NULL;
+    for (i = 0; i < ARRAY_LENGTH(nd); i++) {
+        TEST_CALLOC(nd[i].oid.p, oid[i]->len);
+        memcpy(nd[i].oid.p, oid[i]->x, oid[i]->len);
+        nd[i].oid.len = oid[i]->len;
+        nd[i].next = pointers[i+1];
+    }
+
+    head = pointers[from];
+    found = mbedtls_asn1_store_named_data(&head,
+                                          (const char *) needle->x,
+                                          needle->len,
+                                          NULL, 0);
+
+    /* In any case, the existing list structure must be unchanged. */
+    for (i = 0; i < ARRAY_LENGTH(nd); i++) {
+        TEST_ASSERT(nd[i].next == pointers[i+1]);
+    }
+
+    if (position >= 0) {
+        /* position should have been found and modified. */
+        TEST_ASSERT(head == pointers[from]);
+        TEST_ASSERT(found == pointers[position]);
+    } else {
+        /* A new entry should have been created. */
+        TEST_ASSERT(found == head);
+        TEST_ASSERT(head->next == pointers[from]);
+        for (i = 0; i < ARRAY_LENGTH(nd); i++) {
+            TEST_ASSERT(found != &nd[i]);
+        }
+    }
+
+exit:
+    if (found != NULL && found == head && found != pointers[from]) {
+        mbedtls_free(found->oid.p);
+        mbedtls_free(found);
+    }
+    for (i = 0; i < ARRAY_LENGTH(nd); i++) {
+        mbedtls_free(nd[i].oid.p);
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void store_named_data_val_found(int old_len, int new_len)
+{
+    mbedtls_asn1_named_data nd =
+    { { 0x06, 3, (unsigned char *) "OID" }, { 0, 0, NULL }, NULL, 0 };
+    mbedtls_asn1_named_data *head = &nd;
+    mbedtls_asn1_named_data *found = NULL;
+    unsigned char *old_val = NULL;
+    unsigned char *new_val = (unsigned char *) "new value";
+
+    if (old_len != 0) {
+        TEST_CALLOC(nd.val.p, (size_t) old_len);
+        old_val = nd.val.p;
+        nd.val.len = old_len;
+        memset(old_val, 'x', old_len);
+    }
+    if (new_len <= 0) {
+        new_len = -new_len;
+        new_val = NULL;
+    }
+
+    found = mbedtls_asn1_store_named_data(&head, "OID", 3,
+                                          new_val, new_len);
+    TEST_ASSERT(head == &nd);
+    TEST_ASSERT(found == head);
+
+    if (new_val != NULL) {
+        TEST_MEMORY_COMPARE(found->val.p, found->val.len,
+                            new_val, (size_t) new_len);
+    }
+    if (new_len == 0) {
+        TEST_ASSERT(found->val.p == NULL);
+    } else if (new_len == old_len) {
+        TEST_ASSERT(found->val.p == old_val);
+    } else {
+        TEST_ASSERT(found->val.p != old_val);
+    }
+
+exit:
+    mbedtls_free(nd.val.p);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void store_named_data_val_new(int new_len, int set_new_val)
+{
+    mbedtls_asn1_named_data *head = NULL;
+    mbedtls_asn1_named_data *found = NULL;
+    const unsigned char *oid = (unsigned char *) "OID";
+    size_t oid_len = strlen((const char *) oid);
+    const unsigned char *new_val = (unsigned char *) "new value";
+
+    if (set_new_val == 0) {
+        new_val = NULL;
+    }
+
+    found = mbedtls_asn1_store_named_data(&head,
+                                          (const char *) oid, oid_len,
+                                          new_val, (size_t) new_len);
+    TEST_ASSERT(found != NULL);
+    TEST_ASSERT(found == head);
+    TEST_ASSERT(found->oid.p != oid);
+    TEST_MEMORY_COMPARE(found->oid.p, found->oid.len, oid, oid_len);
+    if (new_len == 0) {
+        TEST_ASSERT(found->val.p == NULL);
+    } else if (new_val == NULL) {
+        TEST_ASSERT(found->val.p != NULL);
+    } else {
+        TEST_ASSERT(found->val.p != new_val);
+        TEST_MEMORY_COMPARE(found->val.p, found->val.len,
+                            new_val, (size_t) new_len);
+    }
+
+exit:
+    if (found != NULL) {
+        mbedtls_free(found->oid.p);
+        mbedtls_free(found->val.p);
+    }
+    mbedtls_free(found);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_base64.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_base64.data
new file mode 100644
index 0000000..5556668
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_base64.data
@@ -0,0 +1,219 @@
+mask_of_range empty (1..0)
+mask_of_range:1:0
+
+mask_of_range empty (255..0)
+mask_of_range:255:0
+
+mask_of_range empty (42..7)
+mask_of_range:42:7
+
+mask_of_range 0..0
+mask_of_range:0:0
+
+mask_of_range 42..42
+mask_of_range:42:42
+
+mask_of_range 255..255
+mask_of_range:255:255
+
+mask_of_range 0..255
+mask_of_range:0:255
+
+mask_of_range 'A'..'Z'
+mask_of_range:65:90
+
+enc_char (all digits)
+enc_chars:
+
+dec_value (all characters)
+dec_chars:
+
+Test case mbedtls_base64_encode #1 buffer just right
+mbedtls_base64_encode:"":"":0:0
+
+Test case mbedtls_base64_encode #2 buffer just right
+mbedtls_base64_encode:"f":"Zg==":5:0
+
+Test case mbedtls_base64_encode #2 buffer too small
+mbedtls_base64_encode:"f":"Zg==":4:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
+
+Test case mbedtls_base64_encode #3 buffer just right
+mbedtls_base64_encode:"fo":"Zm8=":5:0
+
+Test case mbedtls_base64_encode #3 buffer too small
+mbedtls_base64_encode:"fo":"Zm8=":4:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
+
+Test case mbedtls_base64_encode #4 buffer just right
+mbedtls_base64_encode:"foo":"Zm9v":5:0
+
+Test case mbedtls_base64_encode #4 buffer too small
+mbedtls_base64_encode:"foo":"Zm9v":4:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
+
+Test case mbedtls_base64_encode #5 buffer just right
+mbedtls_base64_encode:"foob":"Zm9vYg==":9:0
+
+Test case mbedtls_base64_encode #5 buffer too small
+mbedtls_base64_encode:"foob":"Zm9vYg==":8:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
+
+Test case mbedtls_base64_encode #6 buffer just right
+mbedtls_base64_encode:"fooba":"Zm9vYmE=":9:0
+
+Test case mbedtls_base64_encode #6 buffer too small
+mbedtls_base64_encode:"fooba":"Zm9vYmE=":8:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
+
+Test case mbedtls_base64_encode #7 buffer just right
+mbedtls_base64_encode:"foobar":"Zm9vYmFy":9:0
+
+Test case mbedtls_base64_encode #7 buffer too small
+mbedtls_base64_encode:"foobar":"Zm9vYmFy":8:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
+
+Test case mbedtls_base64_decode #1
+mbedtls_base64_decode:"":"":0
+
+Test case mbedtls_base64_decode #2
+mbedtls_base64_decode:"Zg==":"f":0
+
+Test case mbedtls_base64_decode #3
+mbedtls_base64_decode:"Zm8=":"fo":0
+
+Test case mbedtls_base64_decode #4
+mbedtls_base64_decode:"Zm9v":"foo":0
+
+Test case mbedtls_base64_decode #5
+mbedtls_base64_decode:"Zm9vYg==":"foob":0
+
+Test case mbedtls_base64_decode #6
+mbedtls_base64_decode:"Zm9vYmE=":"fooba":0
+
+Test case mbedtls_base64_decode #7
+mbedtls_base64_decode:"Zm9vYmFy":"foobar":0
+
+Base64 decode (Illegal character)
+mbedtls_base64_decode:"zm#=":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
+
+Base64 decode (Too much equal signs)
+mbedtls_base64_decode:"zm===":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
+
+Base64 decode (Invalid char after equal signs)
+mbedtls_base64_decode:"zm=masd":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
+
+Base64 decode (Space inside string)
+mbedtls_base64_decode:"zm masd":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
+
+Base64 decode "Zm9vYmFy" (no newline nor '\0' at end)
+base64_decode_hex_src:"5a6d3976596d4679":"foobar":0
+
+Base64 decode "Zm9vYmFy\n" (LF at end)
+base64_decode_hex_src:"5a6d3976596d46790a":"foobar":0
+
+Base64 decode "Zm9vYmFy\r\n" (CRLF at end)
+base64_decode_hex_src:"5a6d3976596d46790d0a":"foobar":0
+
+Base64 decode "Zm9vYmFy\r" (CR at end)
+base64_decode_hex_src:"5a6d3976596d46790d":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
+
+Base64 decode "Zm9vYmFy " (SP at end)
+base64_decode_hex_src:"5a6d3976596d467920":"foobar":0
+
+Base64 decode "Zm9vYmFy \n" (SP+LF at end)
+base64_decode_hex_src:"5a6d3976596d4679200a":"foobar":0
+
+Base64 decode "Zm9vYmFy \r\n" (SP+CRLF at end)
+base64_decode_hex_src:"5a6d3976596d4679200d0a":"foobar":0
+
+Base64 decode "Zm9vYmFy \r" (SP+CR at end)
+base64_decode_hex_src:"5a6d3976596d4679200d":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
+
+Base64 decode "Zm9vYmFy  " (2SP at end)
+base64_decode_hex_src:"5a6d3976596d46792020":"foobar":0
+
+Base64 decode "Zm9vYmFy  \n" (2SP+LF at end)
+base64_decode_hex_src:"5a6d3976596d467920200a":"foobar":0
+
+Base64 decode "Zm9vYmFy  \r\n" (2SP+CRLF at end)
+base64_decode_hex_src:"5a6d3976596d467920200d0a":"foobar":0
+
+Base64 decode "Zm9vYmFy  \r" (2SP+CR at end)
+base64_decode_hex_src:"5a6d3976596d467920200d":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
+
+Base64 decode "Zm9vYmF\ny" (LF inside)
+base64_decode_hex_src:"5a6d3976596d460a79":"foobar":0
+
+Base64 decode "Zm9vYmF\ry" (CRLF inside)
+base64_decode_hex_src:"5a6d3976596d460d0a79":"foobar":0
+
+Base64 decode "Zm9vYmF\ry" (CR inside)
+base64_decode_hex_src:"5a6d3976596d460d79":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
+
+Base64 decode "Zm9vYmF y" (SP inside)
+base64_decode_hex_src:"5a6d3976596d462079":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
+
+Base64 decode "Zm9vYmF \ny" (SP+LF inside)
+base64_decode_hex_src:"5a6d3976596d46200a79":"foobar":0
+
+Base64 decode "Zm9vYmF \ry" (SP+CRLF inside)
+base64_decode_hex_src:"5a6d3976596d46200d0a79":"foobar":0
+
+Base64 decode "Zm9vYmF \ry" (SP+CR inside)
+base64_decode_hex_src:"5a6d3976596d46200d79":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
+
+Base64 decode "Zm9vYmF  y" (2SP inside)
+base64_decode_hex_src:"5a6d3976596d46202079":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
+
+Base64 decode "Zm9vYmF  \ny" (2SP+LF inside)
+base64_decode_hex_src:"5a6d3976596d4620200a79":"foobar":0
+
+Base64 decode "Zm9vYmF  \ry" (2SP+CRLF inside)
+base64_decode_hex_src:"5a6d3976596d4620200d0a79":"foobar":0
+
+Base64 decode "Zm9vYmF  \ry" (2SP+CR inside)
+base64_decode_hex_src:"5a6d3976596d4620200d79":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
+
+Base64 encode hex #1
+base64_encode_hex:"010203040506070809":"AQIDBAUGBwgJ":13:0
+
+Base64 encode hex #2 (buffer too small)
+base64_encode_hex:"010203040506070809":"AQIDBAUGBwgJ":12:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
+
+Base64 encode hex #3
+base64_encode_hex:"0102030405060708":"AQIDBAUGBwg=":13:0
+
+Base64 encode hex #4
+base64_encode_hex:"01020304050607":"AQIDBAUGBw==":13:0
+
+# Rotate the bytes around so that they end up at each offset modulo 3 in
+# successive test cases.
+Base64 encode hex all valid input bytes #0
+base64_encode_hex:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMjY6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uvs7e7v8PHy8/T19vf4+fr7/P3+/w==":345:0
+
+Base64 encode hex all valid input bytes #1
+base64_encode_hex:"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff00":"AQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHyAhIiMkJSYnKCkqKywtLi8wMTIzNDU2Nzg5Ojs8PT4/QEFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaW1xdXl9gYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXp7fH1+f4CBgoOEhYaHiImKi4yNjo+QkZKTlJWWl5iZmpucnZ6foKGio6SlpqeoqaqrrK2ur7CxsrO0tba3uLm6u7y9vr/AwcLDxMXGx8jJysvMzc7P0NHS09TV1tfY2drb3N3e3+Dh4uPk5ebn6Onq6+zt7u/w8fLz9PX29/j5+vv8/f7/AA==":345:0
+
+Base64 encode hex all valid input bytes #2
+base64_encode_hex:"02030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff0001":"AgMEBQYHCAkKCwwNDg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVpbXF1eX2BhYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ent8fX5/gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKjpKWmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DBwsPExcbHyMnKy8zNzs/Q0dLT1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx8vP09fb3+Pn6+/z9/v8AAQ==":345:0
+
+Base64 encode all valid output characters at all offsets
+base64_encode_hex:"00108310518720928b30d38f41149351559761969b71d79f8218a39259a7a29aabb2dbafc31cb3d35db7e39ebbf3dfbff800420c41461c824a2cc34e3d04524d45565d865a6dc75e7e08628e49669e8a6aaecb6ebf0c72cf4d76df8e7aefcf7effe00108310518720928b30d38f41149351559761969b71d79f8218a39259a7a29aabb2dbafc31cb3d35db7e39ebbf3dfbff800420c41461c824a2cc34e3d04524d45565d865a6dc75e7e08628e49669e8a6aaecb6ebf0c72cf4d76df8e7aefcf7efd0":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/Q":261:0
+
+Base64 decode hex #1
+base64_decode_hex:"AQIDBAUGBwgJ":"010203040506070809":9:0
+
+Base64 decode hex #2 (buffer too small)
+base64_decode_hex:"AQIDBAUGBwgJ":"010203040506070809":8:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
+
+Base64 decode hex #3
+base64_decode_hex:"AQIDBAUGBwg=":"0102030405060708":8:0
+
+Base64 decode hex #4
+base64_decode_hex:"AQIDBAUGBw==":"01020304050607":7:0
+
+Base64 decode hex #5 (buffer too small)
+base64_decode_hex:"AQIDBAUGBw==":"01020304050607":6:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
+
+Base64 decode all valid input characters at all offsets
+base64_decode_hex:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/Q":"00108310518720928b30d38f41149351559761969b71d79f8218a39259a7a29aabb2dbafc31cb3d35db7e39ebbf3dfbff800420c41461c824a2cc34e3d04524d45565d865a6dc75e7e08628e49669e8a6aaecb6ebf0c72cf4d76df8e7aefcf7effe00108310518720928b30d38f41149351559761969b71d79f8218a39259a7a29aabb2dbafc31cb3d35db7e39ebbf3dfbff800420c41461c824a2cc34e3d04524d45565d865a6dc75e7e08628e49669e8a6aaecb6ebf0c72cf4d76df8e7aefcf7efd0":195:0
+
+Base64 Selftest
+depends_on:MBEDTLS_SELF_TEST
+base64_selftest:
+
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_base64.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_base64.function
new file mode 100644
index 0000000..ce6bd42
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_base64.function
@@ -0,0 +1,195 @@
+/* BEGIN_HEADER */
+#include "mbedtls/base64.h"
+#include "constant_time_internal.h"
+#include "constant_time_invasive.h"
+#include <test/constant_flow.h>
+
+#if defined(MBEDTLS_TEST_HOOKS)
+static const char base64_digits[] =
+    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+#endif /* MBEDTLS_TEST_HOOKS */
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_BASE64_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */
+void mask_of_range(int low_arg, int high_arg)
+{
+    unsigned char low = low_arg, high = high_arg;
+    unsigned c;
+    for (c = 0; c <= 0xff; c++) {
+        mbedtls_test_set_step(c);
+        TEST_CF_SECRET(&c, sizeof(c));
+        unsigned char m = mbedtls_ct_uchar_mask_of_range(low, high, c);
+        TEST_CF_PUBLIC(&c, sizeof(c));
+        TEST_CF_PUBLIC(&m, sizeof(m));
+        if (low <= c && c <= high) {
+            TEST_EQUAL(m, 0xff);
+        } else {
+            TEST_EQUAL(m, 0);
+        }
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */
+void enc_chars()
+{
+    for (unsigned value = 0; value < 64; value++) {
+        mbedtls_test_set_step(value);
+        TEST_CF_SECRET(&value, sizeof(value));
+        unsigned char digit = mbedtls_ct_base64_enc_char(value);
+        TEST_CF_PUBLIC(&value, sizeof(value));
+        TEST_CF_PUBLIC(&digit, sizeof(digit));
+        TEST_EQUAL(digit, base64_digits[value]);
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */
+void dec_chars()
+{
+    char *p;
+    signed char expected;
+
+    for (unsigned c = 0; c <= 0xff; c++) {
+        mbedtls_test_set_step(c);
+        /* base64_digits is 0-terminated. sizeof()-1 excludes the trailing 0. */
+        p = memchr(base64_digits, c, sizeof(base64_digits) - 1);
+        if (p == NULL) {
+            expected = -1;
+        } else {
+            expected = p - base64_digits;
+        }
+        TEST_CF_SECRET(&c, sizeof(c));
+        signed char actual = mbedtls_ct_base64_dec_value(c);
+        TEST_CF_PUBLIC(&c, sizeof(c));
+        TEST_CF_PUBLIC(&actual, sizeof(actual));
+        TEST_EQUAL(actual, expected);
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_base64_encode(char *src_string, char *dst_string,
+                           int dst_buf_size, int result)
+{
+    unsigned char src_str[1000];
+    unsigned char dst_str[1000];
+    size_t len, src_len;
+
+    memset(src_str, 0x00, 1000);
+    memset(dst_str, 0x00, 1000);
+
+    strncpy((char *) src_str, src_string, sizeof(src_str) - 1);
+    src_len = strlen((char *) src_str);
+
+    TEST_CF_SECRET(src_str, sizeof(src_str));
+    TEST_ASSERT(mbedtls_base64_encode(dst_str, dst_buf_size, &len, src_str, src_len) == result);
+    TEST_CF_PUBLIC(src_str, sizeof(src_str));
+
+    /* dest_str will have had tainted data copied to it, prevent the TEST_ASSERT below from triggering
+       CF failures by unmarking it. */
+    TEST_CF_PUBLIC(dst_str, len);
+
+    if (result == 0) {
+        TEST_ASSERT(strcmp((char *) dst_str, dst_string) == 0);
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_base64_decode(char *src_string, char *dst_string, int result)
+{
+    unsigned char src_str[1000];
+    unsigned char dst_str[1000];
+    size_t len;
+    int res;
+
+    memset(src_str, 0x00, 1000);
+    memset(dst_str, 0x00, 1000);
+
+    strncpy((char *) src_str, src_string, sizeof(src_str) - 1);
+    res = mbedtls_base64_decode(dst_str, sizeof(dst_str), &len, src_str, strlen((char *) src_str));
+    TEST_ASSERT(res == result);
+    if (result == 0) {
+        TEST_ASSERT(strcmp((char *) dst_str, dst_string) == 0);
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void base64_encode_hex(data_t *src, char *dst, int dst_buf_size,
+                       int result)
+{
+    unsigned char *res = NULL;
+    size_t len;
+
+    res = mbedtls_test_zero_alloc(dst_buf_size);
+
+    TEST_CF_SECRET(src->x, src->len);
+    TEST_ASSERT(mbedtls_base64_encode(res, dst_buf_size, &len, src->x, src->len) == result);
+    TEST_CF_PUBLIC(src->x, src->len);
+
+    /* res will have had tainted data copied to it, prevent the TEST_ASSERT below from triggering
+       CF failures by unmarking it. */
+    TEST_CF_PUBLIC(res, len);
+
+    if (result == 0) {
+        TEST_ASSERT(len == strlen(dst));
+        TEST_ASSERT(memcmp(dst, res, len) == 0);
+    }
+
+exit:
+    mbedtls_free(res);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void base64_decode_hex(char *src, data_t *dst, int dst_buf_size,
+                       int result)
+{
+    unsigned char *res = NULL;
+    size_t len;
+
+    res = mbedtls_test_zero_alloc(dst_buf_size);
+
+    TEST_ASSERT(mbedtls_base64_decode(res, dst_buf_size, &len, (unsigned char *) src,
+                                      strlen(src)) == result);
+    if (result == 0) {
+        TEST_ASSERT(len == dst->len);
+        TEST_ASSERT(memcmp(dst->x, res, len) == 0);
+    }
+
+exit:
+    mbedtls_free(res);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void base64_decode_hex_src(data_t *src, char *dst_ref, int result)
+{
+    unsigned char dst[1000] = { 0 };
+    size_t len;
+
+    TEST_ASSERT(mbedtls_base64_decode(dst, sizeof(dst), &len, src->x, src->len) == result);
+    if (result == 0) {
+        TEST_ASSERT(len == strlen(dst_ref));
+        TEST_ASSERT(memcmp(dst, dst_ref, len) == 0);
+    }
+
+exit:
+    ;;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void base64_selftest()
+{
+    TEST_ASSERT(mbedtls_base64_self_test(1) == 0);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_bignum.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_bignum.function
new file mode 100644
index 0000000..a65a489
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_bignum.function
@@ -0,0 +1,1772 @@
+/* BEGIN_HEADER */
+#include "mbedtls/bignum.h"
+#include "mbedtls/entropy.h"
+
+#if MBEDTLS_MPI_MAX_BITS > 792
+#define MPI_MAX_BITS_LARGER_THAN_792
+#endif
+
+/* Check the validity of the sign bit in an MPI object. Reject representations
+ * that are not supported by the rest of the library and indicate a bug when
+ * constructing the value. */
+static int sign_is_valid(const mbedtls_mpi *X)
+{
+    /* Only +1 and -1 are valid sign bits, not e.g. 0 */
+    if (X->s != 1 && X->s != -1) {
+        return 0;
+    }
+
+    /* The value 0 must be represented with the sign +1. A "negative zero"
+     * with s=-1 is an invalid representation. Forbid that. As an exception,
+     * we sometimes test the robustness of library functions when given
+     * a negative zero input. If a test case has a negative zero as input,
+     * we don't mind if the function has a negative zero output. */
+    if (!mbedtls_test_case_uses_negative_0 &&
+        mbedtls_mpi_bitlen(X) == 0 && X->s != 1) {
+        return 0;
+    }
+
+    return 1;
+}
+
+typedef struct mbedtls_test_mpi_random {
+    data_t *data;
+    size_t  pos;
+    size_t  chunk_len;
+} mbedtls_test_mpi_random;
+
+/*
+ * This function is called by the Miller-Rabin primality test each time it
+ * chooses a random witness. The witnesses (or non-witnesses as provided by the
+ * test) are stored in the data member of the state structure. Each number is in
+ * the format that mbedtls_mpi_read_string understands and is chunk_len long.
+ */
+int mbedtls_test_mpi_miller_rabin_determinizer(void *state,
+                                               unsigned char *buf,
+                                               size_t len)
+{
+    mbedtls_test_mpi_random *random = (mbedtls_test_mpi_random *) state;
+
+    if (random == NULL || random->data->x == NULL || buf == NULL) {
+        return -1;
+    }
+
+    if (random->pos + random->chunk_len > random->data->len
+        || random->chunk_len > len) {
+        return -1;
+    }
+
+    memset(buf, 0, len);
+
+    /* The witness is written to the end of the buffer, since the buffer is
+     * used as big endian, unsigned binary data in mbedtls_mpi_read_binary.
+     * Writing the witness to the start of the buffer would result in the
+     * buffer being 'witness 000...000', which would be treated as
+     * witness * 2^n for some n. */
+    memcpy(buf + len - random->chunk_len, &random->data->x[random->pos],
+           random->chunk_len);
+
+    random->pos += random->chunk_len;
+
+    return 0;
+}
+
+/* Random generator that is told how many bytes to return. */
+static int f_rng_bytes_left(void *state, unsigned char *buf, size_t len)
+{
+    size_t *bytes_left = state;
+    size_t i;
+    for (i = 0; i < len; i++) {
+        if (*bytes_left == 0) {
+            return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+        }
+        buf[i] = *bytes_left & 0xff;
+        --(*bytes_left);
+    }
+    return 0;
+}
+
+/* Test whether bytes represents (in big-endian base 256) a number b that
+ * is significantly above a power of 2. That is, b must not have a long run
+ * of unset bits after the most significant bit.
+ *
+ * Let n be the bit-size of b, i.e. the integer such that 2^n <= b < 2^{n+1}.
+ * This function returns 1 if, when drawing a number between 0 and b,
+ * the probability that this number is at least 2^n is not negligible.
+ * This probability is (b - 2^n) / b and this function checks that this
+ * number is above some threshold A. The threshold value is heuristic and
+ * based on the needs of mpi_random_many().
+ */
+static int is_significantly_above_a_power_of_2(data_t *bytes)
+{
+    const uint8_t *p = bytes->x;
+    size_t len = bytes->len;
+    unsigned x;
+
+    /* Skip leading null bytes */
+    while (len > 0 && p[0] == 0) {
+        ++p;
+        --len;
+    }
+    /* 0 is not significantly above a power of 2 */
+    if (len == 0) {
+        return 0;
+    }
+    /* Extract the (up to) 2 most significant bytes */
+    if (len == 1) {
+        x = p[0];
+    } else {
+        x = (p[0] << 8) | p[1];
+    }
+
+    /* Shift the most significant bit of x to position 8 and mask it out */
+    while ((x & 0xfe00) != 0) {
+        x >>= 1;
+    }
+    x &= 0x00ff;
+
+    /* At this point, x = floor((b - 2^n) / 2^(n-8)). b is significantly above
+     * a power of 2 iff x is significantly above 0 compared to 2^8.
+     * Testing x >= 2^4 amounts to picking A = 1/16 in the function
+     * description above. */
+    return x >= 0x10;
+}
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_BIGNUM_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void mpi_valid_param()
+{
+    TEST_VALID_PARAM(mbedtls_mpi_free(NULL));
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void mpi_invalid_param()
+{
+    mbedtls_mpi X;
+    const char *s_in = "00101000101010";
+    char s_out[16] = { 0 };
+    unsigned char u_out[16] = { 0 };
+    unsigned char u_in[16] = { 0 };
+    size_t olen;
+    mbedtls_mpi_uint mpi_uint;
+
+    TEST_INVALID_PARAM(mbedtls_mpi_init(NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_grow(NULL, 42));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_copy(NULL, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_copy(&X, NULL));
+
+    TEST_INVALID_PARAM(mbedtls_mpi_swap(NULL, &X));
+    TEST_INVALID_PARAM(mbedtls_mpi_swap(&X, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_safe_cond_assign(NULL, &X, 0));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_safe_cond_assign(&X, NULL, 0));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_safe_cond_swap(NULL, &X, 0));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_safe_cond_swap(&X, NULL, 0));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_lset(NULL, 42));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_get_bit(NULL, 42));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_set_bit(NULL, 42, 0));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_read_string(NULL, 2, s_in));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_read_string(&X, 2, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_write_string(NULL, 2,
+                                                    s_out, sizeof(s_out),
+                                                    &olen));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_write_string(&X, 2,
+                                                    NULL, sizeof(s_out),
+                                                    &olen));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_write_string(&X, 2,
+                                                    s_out, sizeof(s_out),
+                                                    NULL));
+
+#if defined(MBEDTLS_FS_IO)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_read_file(NULL, 2, stdin));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_read_file(&X, 2, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_write_file("", NULL, 2, NULL));
+#endif /* MBEDTLS_FS_IO */
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_read_binary(NULL, u_in,
+                                                   sizeof(u_in)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_read_binary(&X, NULL,
+                                                   sizeof(u_in)));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_write_binary(NULL, u_out,
+                                                    sizeof(u_out)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_write_binary(&X, NULL,
+                                                    sizeof(u_out)));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_shift_l(NULL, 42));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_shift_r(NULL, 42));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_cmp_abs(NULL, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_cmp_abs(&X, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_cmp_mpi(NULL, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_cmp_mpi(&X, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_cmp_int(NULL, 42));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_add_abs(NULL, &X, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_add_abs(&X, NULL, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_add_abs(&X, &X, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_sub_abs(NULL, &X, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_sub_abs(&X, NULL, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_sub_abs(&X, &X, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_add_mpi(NULL, &X, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_add_mpi(&X, NULL, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_add_mpi(&X, &X, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_sub_mpi(NULL, &X, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_sub_mpi(&X, NULL, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_sub_mpi(&X, &X, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_add_int(NULL, &X, 42));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_add_int(&X, NULL, 42));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_sub_int(NULL, &X, 42));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_sub_int(&X, NULL, 42));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_mul_mpi(NULL, &X, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_mul_mpi(&X, NULL, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_mul_mpi(&X, &X, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_mul_int(NULL, &X, 42));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_mul_int(&X, NULL, 42));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_div_mpi(&X, &X, NULL, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_div_mpi(&X, &X, &X, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_div_int(&X, &X, NULL, 42));
+
+    TEST_INVALID_PARAM_RET(0, mbedtls_mpi_lsb(NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_mod_mpi(NULL, &X, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_mod_mpi(&X, NULL, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_mod_mpi(&X, &X, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_mod_int(NULL, &X, 42));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_mod_int(&mpi_uint, NULL, 42));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_exp_mod(NULL, &X, &X, &X, NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_exp_mod(&X, NULL, &X, &X, NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_exp_mod(&X, &X, NULL, &X, NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_exp_mod(&X, &X, &X, NULL, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_fill_random(NULL, 42,
+                                                   mbedtls_test_rnd_std_rand,
+                                                   NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_fill_random(&X, 42, NULL, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_gcd(NULL, &X, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_gcd(&X, NULL, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_gcd(&X, &X, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_inv_mod(NULL, &X, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_inv_mod(&X, NULL, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA,
+                           mbedtls_mpi_inv_mod(&X, &X, NULL));
+
+exit:
+    return;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_null()
+{
+    mbedtls_mpi X, Y, Z;
+
+    mbedtls_mpi_init(&X);
+    mbedtls_mpi_init(&Y);
+    mbedtls_mpi_init(&Z);
+
+    TEST_ASSERT(mbedtls_mpi_get_bit(&X, 42) == 0);
+    TEST_ASSERT(mbedtls_mpi_lsb(&X) == 0);
+    TEST_ASSERT(mbedtls_mpi_bitlen(&X) == 0);
+    TEST_ASSERT(mbedtls_mpi_size(&X) == 0);
+
+exit:
+    mbedtls_mpi_free(&X);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_read_write_string(int radix_X, char *input_X, int radix_A,
+                           char *input_A, int output_size, int result_read,
+                           int result_write)
+{
+    mbedtls_mpi X;
+    char str[1000];
+    size_t len;
+
+    mbedtls_mpi_init(&X);
+
+    memset(str, '!', sizeof(str));
+
+    TEST_ASSERT(mbedtls_mpi_read_string(&X, radix_X, input_X) == result_read);
+    if (result_read == 0) {
+        TEST_ASSERT(sign_is_valid(&X));
+        TEST_ASSERT(mbedtls_mpi_write_string(&X, radix_A, str, output_size, &len) == result_write);
+        if (result_write == 0) {
+            TEST_ASSERT(strcmp(str, input_A) == 0);
+            TEST_ASSERT(str[len] == '!');
+        }
+    }
+
+exit:
+    mbedtls_mpi_free(&X);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_read_binary(data_t *buf, char *input_A)
+{
+    mbedtls_mpi X;
+    char str[1000];
+    size_t len;
+
+    mbedtls_mpi_init(&X);
+
+
+    TEST_ASSERT(mbedtls_mpi_read_binary(&X, buf->x, buf->len) == 0);
+    TEST_ASSERT(sign_is_valid(&X));
+    TEST_ASSERT(mbedtls_mpi_write_string(&X, 16, str, sizeof(str), &len) == 0);
+    TEST_ASSERT(strcmp((char *) str, input_A) == 0);
+
+exit:
+    mbedtls_mpi_free(&X);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_read_binary_le(data_t *buf, char *input_A)
+{
+    mbedtls_mpi X;
+    char str[1000];
+    size_t len;
+
+    mbedtls_mpi_init(&X);
+
+
+    TEST_ASSERT(mbedtls_mpi_read_binary_le(&X, buf->x, buf->len) == 0);
+    TEST_ASSERT(sign_is_valid(&X));
+    TEST_ASSERT(mbedtls_mpi_write_string(&X, 16, str, sizeof(str), &len) == 0);
+    TEST_ASSERT(strcmp((char *) str, input_A) == 0);
+
+exit:
+    mbedtls_mpi_free(&X);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_write_binary(char *input_X, data_t *input_A,
+                      int output_size, int result)
+{
+    mbedtls_mpi X;
+    unsigned char buf[1000];
+    size_t buflen;
+
+    memset(buf, 0x00, 1000);
+
+    mbedtls_mpi_init(&X);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+
+    buflen = mbedtls_mpi_size(&X);
+    if (buflen > (size_t) output_size) {
+        buflen = (size_t) output_size;
+    }
+
+    TEST_ASSERT(mbedtls_mpi_write_binary(&X, buf, buflen) == result);
+    if (result == 0) {
+
+        TEST_ASSERT(mbedtls_test_hexcmp(buf, input_A->x,
+                                        buflen, input_A->len) == 0);
+    }
+
+exit:
+    mbedtls_mpi_free(&X);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_write_binary_le(char *input_X, data_t *input_A,
+                         int output_size, int result)
+{
+    mbedtls_mpi X;
+    unsigned char buf[1000];
+    size_t buflen;
+
+    memset(buf, 0x00, 1000);
+
+    mbedtls_mpi_init(&X);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+
+    buflen = mbedtls_mpi_size(&X);
+    if (buflen > (size_t) output_size) {
+        buflen = (size_t) output_size;
+    }
+
+    TEST_ASSERT(mbedtls_mpi_write_binary_le(&X, buf, buflen) == result);
+    if (result == 0) {
+
+        TEST_ASSERT(mbedtls_test_hexcmp(buf, input_A->x,
+                                        buflen, input_A->len) == 0);
+    }
+
+exit:
+    mbedtls_mpi_free(&X);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
+void mpi_read_file(char *input_file, data_t *input_A, int result)
+{
+    mbedtls_mpi X;
+    unsigned char buf[1000];
+    size_t buflen;
+    FILE *file;
+    int ret;
+
+    memset(buf, 0x00, 1000);
+
+    mbedtls_mpi_init(&X);
+
+    file = fopen(input_file, "r");
+    TEST_ASSERT(file != NULL);
+    ret = mbedtls_mpi_read_file(&X, 16, file);
+    fclose(file);
+    TEST_ASSERT(ret == result);
+
+    if (result == 0) {
+        TEST_ASSERT(sign_is_valid(&X));
+        buflen = mbedtls_mpi_size(&X);
+        TEST_ASSERT(mbedtls_mpi_write_binary(&X, buf, buflen) == 0);
+
+
+        TEST_ASSERT(mbedtls_test_hexcmp(buf, input_A->x,
+                                        buflen, input_A->len) == 0);
+    }
+
+exit:
+    mbedtls_mpi_free(&X);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
+void mpi_write_file(char *input_X, char *output_file)
+{
+    mbedtls_mpi X, Y;
+    FILE *file_out, *file_in;
+    int ret;
+
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+
+    file_out = fopen(output_file, "w");
+    TEST_ASSERT(file_out != NULL);
+    ret = mbedtls_mpi_write_file(NULL, &X, 16, file_out);
+    fclose(file_out);
+    TEST_ASSERT(ret == 0);
+
+    file_in = fopen(output_file, "r");
+    TEST_ASSERT(file_in != NULL);
+    ret = mbedtls_mpi_read_file(&Y, 16, file_in);
+    fclose(file_in);
+    TEST_ASSERT(ret == 0);
+
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &Y) == 0);
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_get_bit(char *input_X, int pos, int val)
+{
+    mbedtls_mpi X;
+    mbedtls_mpi_init(&X);
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_mpi_get_bit(&X, pos) == val);
+
+exit:
+    mbedtls_mpi_free(&X);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_set_bit(char *input_X, int pos, int val,
+                 char *output_Y, int result)
+{
+    mbedtls_mpi X, Y;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Y, output_Y) == 0);
+    TEST_ASSERT(mbedtls_mpi_set_bit(&X, pos, val) == result);
+
+    if (result == 0) {
+        TEST_ASSERT(sign_is_valid(&X));
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &Y) == 0);
+    }
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_lsb(char *input_X, int nr_bits)
+{
+    mbedtls_mpi X;
+    mbedtls_mpi_init(&X);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_mpi_lsb(&X) == (size_t) nr_bits);
+
+exit:
+    mbedtls_mpi_free(&X);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_bitlen(char *input_X, int nr_bits)
+{
+    mbedtls_mpi X;
+    mbedtls_mpi_init(&X);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_mpi_bitlen(&X) == (size_t) nr_bits);
+
+exit:
+    mbedtls_mpi_free(&X);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_gcd(char *input_X, char *input_Y,
+             char *input_A)
+{
+    mbedtls_mpi A, X, Y, Z;
+    mbedtls_mpi_init(&A); mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0);
+    TEST_ASSERT(mbedtls_mpi_gcd(&Z, &X, &Y) == 0);
+    TEST_ASSERT(sign_is_valid(&Z));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0);
+
+exit:
+    mbedtls_mpi_free(&A); mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_cmp_int(int input_X, int input_A, int result_CMP)
+{
+    mbedtls_mpi X;
+    mbedtls_mpi_init(&X);
+
+    TEST_ASSERT(mbedtls_mpi_lset(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_int(&X, input_A) == result_CMP);
+
+exit:
+    mbedtls_mpi_free(&X);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_cmp_mpi(char *input_X, char *input_Y,
+                 int input_A)
+{
+    mbedtls_mpi X, Y;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &Y) == input_A);
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_lt_mpi_ct(int size_X, char *input_X,
+                   int size_Y, char *input_Y,
+                   int input_ret, int input_err)
+{
+    unsigned ret = -1;
+    unsigned input_uret = input_ret;
+    mbedtls_mpi X, Y;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0);
+
+    TEST_ASSERT(mbedtls_mpi_grow(&X, size_X) == 0);
+    TEST_ASSERT(mbedtls_mpi_grow(&Y, size_Y) == 0);
+
+    TEST_ASSERT(mbedtls_mpi_lt_mpi_ct(&X, &Y, &ret) == input_err);
+    if (input_err == 0) {
+        TEST_ASSERT(ret == input_uret);
+    }
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_cmp_abs(char *input_X, char *input_Y,
+                 int input_A)
+{
+    mbedtls_mpi X, Y;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_abs(&X, &Y) == input_A);
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_copy(char *src_hex, char *dst_hex)
+{
+    mbedtls_mpi src, dst, ref;
+    mbedtls_mpi_init(&src);
+    mbedtls_mpi_init(&dst);
+    mbedtls_mpi_init(&ref);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&src, src_hex) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&ref, dst_hex) == 0);
+
+    /* mbedtls_mpi_copy() */
+    TEST_ASSERT(mbedtls_test_read_mpi(&dst, dst_hex) == 0);
+    TEST_ASSERT(mbedtls_mpi_copy(&dst, &src) == 0);
+    TEST_ASSERT(sign_is_valid(&dst));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&dst, &src) == 0);
+
+    /* mbedtls_mpi_safe_cond_assign(), assignment done */
+    mbedtls_mpi_free(&dst);
+    TEST_ASSERT(mbedtls_test_read_mpi(&dst, dst_hex) == 0);
+    TEST_ASSERT(mbedtls_mpi_safe_cond_assign(&dst, &src, 1) == 0);
+    TEST_ASSERT(sign_is_valid(&dst));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&dst, &src) == 0);
+
+    /* mbedtls_mpi_safe_cond_assign(), assignment not done */
+    mbedtls_mpi_free(&dst);
+    TEST_ASSERT(mbedtls_test_read_mpi(&dst, dst_hex) == 0);
+    TEST_ASSERT(mbedtls_mpi_safe_cond_assign(&dst, &src, 0) == 0);
+    TEST_ASSERT(sign_is_valid(&dst));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&dst, &ref) == 0);
+
+exit:
+    mbedtls_mpi_free(&src);
+    mbedtls_mpi_free(&dst);
+    mbedtls_mpi_free(&ref);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_copy_self(char *input_X)
+{
+    mbedtls_mpi X, A;
+    mbedtls_mpi_init(&A);
+    mbedtls_mpi_init(&X);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_mpi_copy(&X, &X) == 0);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&A, input_X) == 0);
+    TEST_ASSERT(sign_is_valid(&X));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0);
+
+exit:
+    mbedtls_mpi_free(&A);
+    mbedtls_mpi_free(&X);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_swap(char *X_hex, char *Y_hex)
+{
+    mbedtls_mpi X, Y, X0, Y0;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y);
+    mbedtls_mpi_init(&X0); mbedtls_mpi_init(&Y0);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X0, X_hex) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Y0, Y_hex) == 0);
+
+    /* mbedtls_mpi_swap() */
+    TEST_ASSERT(mbedtls_test_read_mpi(&X,  X_hex) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Y,  Y_hex) == 0);
+    mbedtls_mpi_swap(&X, &Y);
+    TEST_ASSERT(sign_is_valid(&X));
+    TEST_ASSERT(sign_is_valid(&Y));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &Y0) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &X0) == 0);
+
+    /* mbedtls_mpi_safe_cond_swap(), swap done */
+    mbedtls_mpi_free(&X);
+    mbedtls_mpi_free(&Y);
+    TEST_ASSERT(mbedtls_test_read_mpi(&X,  X_hex) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Y,  Y_hex) == 0);
+    TEST_ASSERT(mbedtls_mpi_safe_cond_swap(&X, &Y, 1) == 0);
+    TEST_ASSERT(sign_is_valid(&X));
+    TEST_ASSERT(sign_is_valid(&Y));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &Y0) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &X0) == 0);
+
+    /* mbedtls_mpi_safe_cond_swap(), swap not done */
+    mbedtls_mpi_free(&X);
+    mbedtls_mpi_free(&Y);
+    TEST_ASSERT(mbedtls_test_read_mpi(&X,  X_hex) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Y,  Y_hex) == 0);
+    TEST_ASSERT(mbedtls_mpi_safe_cond_swap(&X, &Y, 0) == 0);
+    TEST_ASSERT(sign_is_valid(&X));
+    TEST_ASSERT(sign_is_valid(&Y));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &X0) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &Y0) == 0);
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y);
+    mbedtls_mpi_free(&X0); mbedtls_mpi_free(&Y0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_swap_self(char *X_hex)
+{
+    mbedtls_mpi X, X0;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&X0);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X,  X_hex) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&X0, X_hex) == 0);
+
+    mbedtls_mpi_swap(&X, &X);
+    TEST_ASSERT(sign_is_valid(&X));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &X0) == 0);
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&X0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_shrink(int before, int used, int min, int after)
+{
+    mbedtls_mpi X;
+    mbedtls_mpi_init(&X);
+
+    TEST_ASSERT(mbedtls_mpi_grow(&X, before) == 0);
+    if (used > 0) {
+        size_t used_bit_count = used * 8 * sizeof(mbedtls_mpi_uint);
+        TEST_ASSERT(mbedtls_mpi_set_bit(&X, used_bit_count - 1, 1) == 0);
+    }
+    TEST_EQUAL(X.n, (size_t) before);
+    TEST_ASSERT(mbedtls_mpi_shrink(&X, min) == 0);
+    TEST_EQUAL(X.n, (size_t) after);
+
+exit:
+    mbedtls_mpi_free(&X);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_add_mpi(char *input_X, char *input_Y,
+                 char *input_A)
+{
+    mbedtls_mpi X, Y, Z, A;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0);
+    TEST_ASSERT(mbedtls_mpi_add_mpi(&Z, &X, &Y) == 0);
+    TEST_ASSERT(sign_is_valid(&Z));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0);
+
+    /* result == first operand */
+    TEST_ASSERT(mbedtls_mpi_add_mpi(&X, &X, &Y) == 0);
+    TEST_ASSERT(sign_is_valid(&X));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+
+    /* result == second operand */
+    TEST_ASSERT(mbedtls_mpi_add_mpi(&Y, &X, &Y) == 0);
+    TEST_ASSERT(sign_is_valid(&Y));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &A) == 0);
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_add_mpi_inplace(char *input_X, char *input_A)
+{
+    mbedtls_mpi X, A;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&A);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_mpi_sub_abs(&X, &X, &X) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_int(&X, 0) == 0);
+    TEST_ASSERT(sign_is_valid(&X));
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_mpi_add_abs(&X, &X, &X) == 0);
+    TEST_ASSERT(sign_is_valid(&X));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_mpi_add_mpi(&X, &X, &X) == 0);
+    TEST_ASSERT(sign_is_valid(&X));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0);
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&A);
+}
+/* END_CASE */
+
+
+/* BEGIN_CASE */
+void mpi_add_abs(char *input_X, char *input_Y,
+                 char *input_A)
+{
+    mbedtls_mpi X, Y, Z, A;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0);
+    TEST_ASSERT(mbedtls_mpi_add_abs(&Z, &X, &Y) == 0);
+    TEST_ASSERT(sign_is_valid(&Z));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0);
+
+    /* result == first operand */
+    TEST_ASSERT(mbedtls_mpi_add_abs(&X, &X, &Y) == 0);
+    TEST_ASSERT(sign_is_valid(&X));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+
+    /* result == second operand */
+    TEST_ASSERT(mbedtls_mpi_add_abs(&Y, &X, &Y) == 0);
+    TEST_ASSERT(sign_is_valid(&Y));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &A) == 0);
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_add_int(char *input_X, int input_Y,
+                 char *input_A)
+{
+    mbedtls_mpi X, Z, A;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0);
+    TEST_ASSERT(mbedtls_mpi_add_int(&Z, &X, input_Y) == 0);
+    TEST_ASSERT(sign_is_valid(&Z));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0);
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_sub_mpi(char *input_X, char *input_Y,
+                 char *input_A)
+{
+    mbedtls_mpi X, Y, Z, A;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0);
+    TEST_ASSERT(mbedtls_mpi_sub_mpi(&Z, &X, &Y) == 0);
+    TEST_ASSERT(sign_is_valid(&Z));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0);
+
+    /* result == first operand */
+    TEST_ASSERT(mbedtls_mpi_sub_mpi(&X, &X, &Y) == 0);
+    TEST_ASSERT(sign_is_valid(&X));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+
+    /* result == second operand */
+    TEST_ASSERT(mbedtls_mpi_sub_mpi(&Y, &X, &Y) == 0);
+    TEST_ASSERT(sign_is_valid(&Y));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &A) == 0);
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_sub_abs(char *input_X, char *input_Y,
+                 char *input_A, int sub_result)
+{
+    mbedtls_mpi X, Y, Z, A;
+    int res;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0);
+
+    res = mbedtls_mpi_sub_abs(&Z, &X, &Y);
+    TEST_ASSERT(res == sub_result);
+    TEST_ASSERT(sign_is_valid(&Z));
+    if (res == 0) {
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0);
+    }
+
+    /* result == first operand */
+    TEST_ASSERT(mbedtls_mpi_sub_abs(&X, &X, &Y) == sub_result);
+    TEST_ASSERT(sign_is_valid(&X));
+    if (sub_result == 0) {
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0);
+    }
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+
+    /* result == second operand */
+    TEST_ASSERT(mbedtls_mpi_sub_abs(&Y, &X, &Y) == sub_result);
+    TEST_ASSERT(sign_is_valid(&Y));
+    if (sub_result == 0) {
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &A) == 0);
+    }
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_sub_int(char *input_X, int input_Y,
+                 char *input_A)
+{
+    mbedtls_mpi X, Z, A;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0);
+    TEST_ASSERT(mbedtls_mpi_sub_int(&Z, &X, input_Y) == 0);
+    TEST_ASSERT(sign_is_valid(&Z));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0);
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_mul_mpi(char *input_X, char *input_Y,
+                 char *input_A)
+{
+    mbedtls_mpi X, Y, Z, A;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0);
+    TEST_ASSERT(mbedtls_mpi_mul_mpi(&Z, &X, &Y) == 0);
+    TEST_ASSERT(sign_is_valid(&Z));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0);
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_mul_int(char *input_X, int input_Y,
+                 char *input_A, char *result_comparison)
+{
+    mbedtls_mpi X, Z, A;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0);
+    TEST_ASSERT(mbedtls_mpi_mul_int(&Z, &X, input_Y) == 0);
+    TEST_ASSERT(sign_is_valid(&Z));
+    if (strcmp(result_comparison, "==") == 0) {
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0);
+    } else if (strcmp(result_comparison, "!=") == 0) {
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) != 0);
+    } else {
+        TEST_ASSERT("unknown operator" == 0);
+    }
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_div_mpi(char *input_X, char *input_Y,
+                 char *input_A, char *input_B,
+                 int div_result)
+{
+    mbedtls_mpi X, Y, Q, R, A, B;
+    int res;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&R);
+    mbedtls_mpi_init(&A); mbedtls_mpi_init(&B);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&B, input_B) == 0);
+    res = mbedtls_mpi_div_mpi(&Q, &R, &X, &Y);
+    TEST_ASSERT(res == div_result);
+    if (res == 0) {
+        TEST_ASSERT(sign_is_valid(&Q));
+        TEST_ASSERT(sign_is_valid(&R));
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Q, &A) == 0);
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R, &B) == 0);
+    }
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Q); mbedtls_mpi_free(&R);
+    mbedtls_mpi_free(&A); mbedtls_mpi_free(&B);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_div_int(char *input_X, int input_Y,
+                 char *input_A, char *input_B,
+                 int div_result)
+{
+    mbedtls_mpi X, Q, R, A, B;
+    int res;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&R); mbedtls_mpi_init(&A);
+    mbedtls_mpi_init(&B);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&B, input_B) == 0);
+    res = mbedtls_mpi_div_int(&Q, &R, &X, input_Y);
+    TEST_ASSERT(res == div_result);
+    if (res == 0) {
+        TEST_ASSERT(sign_is_valid(&Q));
+        TEST_ASSERT(sign_is_valid(&R));
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Q, &A) == 0);
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R, &B) == 0);
+    }
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Q); mbedtls_mpi_free(&R); mbedtls_mpi_free(&A);
+    mbedtls_mpi_free(&B);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_mod_mpi(char *input_X, char *input_Y,
+                 char *input_A, int div_result)
+{
+    mbedtls_mpi X, Y, A;
+    int res;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&A);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0);
+    res = mbedtls_mpi_mod_mpi(&X, &X, &Y);
+    TEST_ASSERT(res == div_result);
+    if (res == 0) {
+        TEST_ASSERT(sign_is_valid(&X));
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0);
+    }
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&A);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_mod_int(char *input_X, mbedtls_mpi_sint y,
+                 mbedtls_mpi_sint a, int mod_result)
+{
+    mbedtls_mpi X;
+    int res;
+    mbedtls_mpi_uint r;
+
+    mbedtls_mpi_init(&X);
+
+    TEST_EQUAL(mbedtls_test_read_mpi(&X, input_X), 0);
+
+    res = mbedtls_mpi_mod_int(&r, &X, y);
+    TEST_EQUAL(res, mod_result);
+    if (res == 0) {
+        TEST_EQUAL(r, a);
+    }
+
+exit:
+    mbedtls_mpi_free(&X);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_exp_mod(char *input_A, char *input_E,
+                 char *input_N, char *input_X,
+                 int exp_result)
+{
+    mbedtls_mpi A, E, N, RR, Z, X;
+    int res;
+    mbedtls_mpi_init(&A); mbedtls_mpi_init(&E); mbedtls_mpi_init(&N);
+    mbedtls_mpi_init(&RR); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&X);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+
+    res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, NULL);
+    TEST_ASSERT(res == exp_result);
+    if (res == 0) {
+        TEST_ASSERT(sign_is_valid(&Z));
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &X) == 0);
+    }
+
+    /* Now test again with the speed-up parameter supplied as an output. */
+    res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR);
+    TEST_ASSERT(res == exp_result);
+    if (res == 0) {
+        TEST_ASSERT(sign_is_valid(&Z));
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &X) == 0);
+    }
+
+    /* Now test again with the speed-up parameter supplied in calculated form. */
+    res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR);
+    TEST_ASSERT(res == exp_result);
+    if (res == 0) {
+        TEST_ASSERT(sign_is_valid(&Z));
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &X) == 0);
+    }
+
+exit:
+    mbedtls_mpi_free(&A); mbedtls_mpi_free(&E); mbedtls_mpi_free(&N);
+    mbedtls_mpi_free(&RR); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&X);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_exp_mod_size(int A_bytes, int E_bytes, int N_bytes,
+                      char *input_RR, int exp_result)
+{
+    mbedtls_mpi A, E, N, RR, Z;
+    mbedtls_mpi_init(&A); mbedtls_mpi_init(&E); mbedtls_mpi_init(&N);
+    mbedtls_mpi_init(&RR); mbedtls_mpi_init(&Z);
+
+    /* Set A to 2^(A_bytes - 1) + 1 */
+    TEST_ASSERT(mbedtls_mpi_lset(&A, 1) == 0);
+    TEST_ASSERT(mbedtls_mpi_shift_l(&A, (A_bytes * 8) - 1) == 0);
+    TEST_ASSERT(mbedtls_mpi_set_bit(&A, 0, 1) == 0);
+
+    /* Set E to 2^(E_bytes - 1) + 1 */
+    TEST_ASSERT(mbedtls_mpi_lset(&E, 1) == 0);
+    TEST_ASSERT(mbedtls_mpi_shift_l(&E, (E_bytes * 8) - 1) == 0);
+    TEST_ASSERT(mbedtls_mpi_set_bit(&E, 0, 1) == 0);
+
+    /* Set N to 2^(N_bytes - 1) + 1 */
+    TEST_ASSERT(mbedtls_mpi_lset(&N, 1) == 0);
+    TEST_ASSERT(mbedtls_mpi_shift_l(&N, (N_bytes * 8) - 1) == 0);
+    TEST_ASSERT(mbedtls_mpi_set_bit(&N, 0, 1) == 0);
+
+    if (strlen(input_RR)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&RR, input_RR) == 0);
+    }
+
+    TEST_ASSERT(mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR) == exp_result);
+
+exit:
+    mbedtls_mpi_free(&A); mbedtls_mpi_free(&E); mbedtls_mpi_free(&N);
+    mbedtls_mpi_free(&RR); mbedtls_mpi_free(&Z);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_inv_mod(char *input_X, char *input_Y,
+                 char *input_A, int div_result)
+{
+    mbedtls_mpi X, Y, Z, A;
+    int res;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0);
+    res = mbedtls_mpi_inv_mod(&Z, &X, &Y);
+    TEST_ASSERT(res == div_result);
+    if (res == 0) {
+        TEST_ASSERT(sign_is_valid(&Z));
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0);
+    }
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */
+void mpi_is_prime(char *input_X, int div_result)
+{
+    mbedtls_mpi X;
+    int res;
+    mbedtls_mpi_init(&X);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    res = mbedtls_mpi_is_prime_ext(&X, 40, mbedtls_test_rnd_std_rand, NULL);
+    TEST_ASSERT(res == div_result);
+
+exit:
+    mbedtls_mpi_free(&X);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */
+void mpi_is_prime_det(data_t *input_X, data_t *witnesses,
+                      int chunk_len, int rounds)
+{
+    mbedtls_mpi X;
+    int res;
+    mbedtls_test_mpi_random rand;
+
+    mbedtls_mpi_init(&X);
+    rand.data = witnesses;
+    rand.pos = 0;
+    rand.chunk_len = chunk_len;
+
+    TEST_ASSERT(mbedtls_mpi_read_binary(&X, input_X->x, input_X->len) == 0);
+    res = mbedtls_mpi_is_prime_ext(&X, rounds - 1,
+                                   mbedtls_test_mpi_miller_rabin_determinizer,
+                                   &rand);
+    TEST_ASSERT(res == 0);
+
+    rand.data = witnesses;
+    rand.pos = 0;
+    rand.chunk_len = chunk_len;
+
+    res = mbedtls_mpi_is_prime_ext(&X, rounds,
+                                   mbedtls_test_mpi_miller_rabin_determinizer,
+                                   &rand);
+    TEST_ASSERT(res == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE);
+
+exit:
+    mbedtls_mpi_free(&X);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */
+void mpi_gen_prime(int bits, int flags, int ref_ret)
+{
+    mbedtls_mpi X;
+    int my_ret;
+
+    mbedtls_mpi_init(&X);
+
+    my_ret = mbedtls_mpi_gen_prime(&X, bits, flags,
+                                   mbedtls_test_rnd_std_rand, NULL);
+    TEST_ASSERT(my_ret == ref_ret);
+
+    if (ref_ret == 0) {
+        size_t actual_bits = mbedtls_mpi_bitlen(&X);
+
+        TEST_ASSERT(actual_bits >= (size_t) bits);
+        TEST_ASSERT(actual_bits <= (size_t) bits + 1);
+        TEST_ASSERT(sign_is_valid(&X));
+
+        TEST_ASSERT(mbedtls_mpi_is_prime_ext(&X, 40,
+                                             mbedtls_test_rnd_std_rand,
+                                             NULL) == 0);
+        if (flags & MBEDTLS_MPI_GEN_PRIME_FLAG_DH) {
+            /* X = ( X - 1 ) / 2 */
+            TEST_ASSERT(mbedtls_mpi_shift_r(&X, 1) == 0);
+            TEST_ASSERT(mbedtls_mpi_is_prime_ext(&X, 40,
+                                                 mbedtls_test_rnd_std_rand,
+                                                 NULL) == 0);
+        }
+    }
+
+exit:
+    mbedtls_mpi_free(&X);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_shift_l(char *input_X, int shift_X,
+                 char *input_A)
+{
+    mbedtls_mpi X, A;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&A);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0);
+    TEST_ASSERT(mbedtls_mpi_shift_l(&X, shift_X) == 0);
+    TEST_ASSERT(sign_is_valid(&X));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0);
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&A);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_shift_r(char *input_X, int shift_X,
+                 char *input_A)
+{
+    mbedtls_mpi X, A;
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&A);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0);
+    TEST_ASSERT(mbedtls_mpi_shift_r(&X, shift_X) == 0);
+    TEST_ASSERT(sign_is_valid(&X));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0);
+
+exit:
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&A);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_fill_random(int wanted_bytes, int rng_bytes,
+                     int before, int expected_ret)
+{
+    mbedtls_mpi X;
+    int ret;
+    size_t bytes_left = rng_bytes;
+    mbedtls_mpi_init(&X);
+
+    if (before != 0) {
+        /* Set X to sign(before) * 2^(|before|-1) */
+        TEST_ASSERT(mbedtls_mpi_lset(&X, before > 0 ? 1 : -1) == 0);
+        if (before < 0) {
+            before = -before;
+        }
+        TEST_ASSERT(mbedtls_mpi_shift_l(&X, before - 1) == 0);
+    }
+
+    ret = mbedtls_mpi_fill_random(&X, wanted_bytes,
+                                  f_rng_bytes_left, &bytes_left);
+    TEST_ASSERT(ret == expected_ret);
+
+    if (expected_ret == 0) {
+        /* mbedtls_mpi_fill_random is documented to use bytes from the RNG
+         * as a big-endian representation of the number. We know when
+         * our RNG function returns null bytes, so we know how many
+         * leading zero bytes the number has. */
+        size_t leading_zeros = 0;
+        if (wanted_bytes > 0 && rng_bytes % 256 == 0) {
+            leading_zeros = 1;
+        }
+        TEST_ASSERT(mbedtls_mpi_size(&X) + leading_zeros ==
+                    (size_t) wanted_bytes);
+        TEST_ASSERT((int) bytes_left == rng_bytes - wanted_bytes);
+        TEST_ASSERT(sign_is_valid(&X));
+    }
+
+exit:
+    mbedtls_mpi_free(&X);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_random_many(int min, data_t *bound_bytes, int iterations)
+{
+    /* Generate numbers in the range 1..bound-1. Do it iterations times.
+     * This function assumes that the value of bound is at least 2 and
+     * that iterations is large enough that a one-in-2^iterations chance
+     * effectively never occurs.
+     */
+
+    mbedtls_mpi upper_bound;
+    size_t n_bits;
+    mbedtls_mpi result;
+    size_t b;
+    /* If upper_bound is small, stats[b] is the number of times the value b
+     * has been generated. Otherwise stats[b] is the number of times a
+     * value with bit b set has been generated. */
+    size_t *stats = NULL;
+    size_t stats_len;
+    int full_stats;
+    size_t i;
+
+    mbedtls_mpi_init(&upper_bound);
+    mbedtls_mpi_init(&result);
+
+    TEST_EQUAL(0, mbedtls_mpi_read_binary(&upper_bound,
+                                          bound_bytes->x, bound_bytes->len));
+    n_bits = mbedtls_mpi_bitlen(&upper_bound);
+    /* Consider a bound "small" if it's less than 2^5. This value is chosen
+     * to be small enough that the probability of missing one value is
+     * negligible given the number of iterations. It must be less than
+     * 256 because some of the code below assumes that "small" values
+     * fit in a byte. */
+    if (n_bits <= 5) {
+        full_stats = 1;
+        stats_len = bound_bytes->x[bound_bytes->len - 1];
+    } else {
+        full_stats = 0;
+        stats_len = n_bits;
+    }
+    TEST_CALLOC(stats, stats_len);
+
+    for (i = 0; i < (size_t) iterations; i++) {
+        mbedtls_test_set_step(i);
+        TEST_EQUAL(0, mbedtls_mpi_random(&result, min, &upper_bound,
+                                         mbedtls_test_rnd_std_rand, NULL));
+
+        TEST_ASSERT(sign_is_valid(&result));
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&result, &upper_bound) < 0);
+        TEST_ASSERT(mbedtls_mpi_cmp_int(&result, min) >= 0);
+        if (full_stats) {
+            uint8_t value;
+            TEST_EQUAL(0, mbedtls_mpi_write_binary(&result, &value, 1));
+            TEST_ASSERT(value < stats_len);
+            ++stats[value];
+        } else {
+            for (b = 0; b < n_bits; b++) {
+                stats[b] += mbedtls_mpi_get_bit(&result, b);
+            }
+        }
+    }
+
+    if (full_stats) {
+        for (b = min; b < stats_len; b++) {
+            mbedtls_test_set_step(1000000 + b);
+            /* Assert that each value has been reached at least once.
+             * This is almost guaranteed if the iteration count is large
+             * enough. This is a very crude way of checking the distribution.
+             */
+            TEST_ASSERT(stats[b] > 0);
+        }
+    } else {
+        int statistically_safe_all_the_way =
+            is_significantly_above_a_power_of_2(bound_bytes);
+        for (b = 0; b < n_bits; b++) {
+            mbedtls_test_set_step(1000000 + b);
+            /* Assert that each bit has been set in at least one result and
+             * clear in at least one result. Provided that iterations is not
+             * too small, it would be extremely unlikely for this not to be
+             * the case if the results are uniformly distributed.
+             *
+             * As an exception, the top bit may legitimately never be set
+             * if bound is a power of 2 or only slightly above.
+             */
+            if (statistically_safe_all_the_way || b != n_bits - 1) {
+                TEST_ASSERT(stats[b] > 0);
+            }
+            TEST_ASSERT(stats[b] < (size_t) iterations);
+        }
+    }
+
+exit:
+    mbedtls_mpi_free(&upper_bound);
+    mbedtls_mpi_free(&result);
+    mbedtls_free(stats);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_random_sizes(int min, data_t *bound_bytes, int nlimbs, int before)
+{
+    mbedtls_mpi upper_bound;
+    mbedtls_mpi result;
+
+    mbedtls_mpi_init(&upper_bound);
+    mbedtls_mpi_init(&result);
+
+    if (before != 0) {
+        /* Set result to sign(before) * 2^(|before|-1) */
+        TEST_ASSERT(mbedtls_mpi_lset(&result, before > 0 ? 1 : -1) == 0);
+        if (before < 0) {
+            before = -before;
+        }
+        TEST_ASSERT(mbedtls_mpi_shift_l(&result, before - 1) == 0);
+    }
+
+    TEST_EQUAL(0, mbedtls_mpi_grow(&result, nlimbs));
+    TEST_EQUAL(0, mbedtls_mpi_read_binary(&upper_bound,
+                                          bound_bytes->x, bound_bytes->len));
+    TEST_EQUAL(0, mbedtls_mpi_random(&result, min, &upper_bound,
+                                     mbedtls_test_rnd_std_rand, NULL));
+    TEST_ASSERT(sign_is_valid(&result));
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&result, &upper_bound) < 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_int(&result, min) >= 0);
+
+exit:
+    mbedtls_mpi_free(&upper_bound);
+    mbedtls_mpi_free(&result);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_random_fail(int min, data_t *bound_bytes, int expected_ret)
+{
+    mbedtls_mpi upper_bound;
+    mbedtls_mpi result;
+    int actual_ret;
+
+    mbedtls_mpi_init(&upper_bound);
+    mbedtls_mpi_init(&result);
+
+    TEST_EQUAL(0, mbedtls_mpi_read_binary(&upper_bound,
+                                          bound_bytes->x, bound_bytes->len));
+    actual_ret = mbedtls_mpi_random(&result, min, &upper_bound,
+                                    mbedtls_test_rnd_std_rand, NULL);
+    TEST_EQUAL(expected_ret, actual_ret);
+
+exit:
+    mbedtls_mpi_free(&upper_bound);
+    mbedtls_mpi_free(&result);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void most_negative_mpi_sint()
+{
+    /* Ad hoc tests for n = -p = -2^(biL-1) as a mbedtls_mpi_sint. We
+     * guarantee that mbedtls_mpi_sint is a two's complement type, so this
+     * is a valid value. However, negating it (`-n`) has undefined behavior
+     * (although in practice `-n` evaluates to the value n).
+     *
+     * This function has ad hoc tests for this value. It's separated from other
+     * functions because the test framework makes it hard to pass this value
+     * into test cases.
+     *
+     * In the comments here:
+     * - biL = number of bits in limbs
+     * - p = 2^(biL-1) (smallest positive value not in mbedtls_mpi_sint range)
+     * - n = -2^(biL-1) (largest negative value in mbedtls_mpi_sint range)
+     */
+
+    mbedtls_mpi A, R, X;
+    mbedtls_mpi_init(&A);
+    mbedtls_mpi_init(&R);
+    mbedtls_mpi_init(&X);
+
+    const size_t biL = 8 * sizeof(mbedtls_mpi_sint);
+    mbedtls_mpi_uint most_positive_plus_1 = (mbedtls_mpi_uint) 1 << (biL - 1);
+    const mbedtls_mpi_sint most_positive = most_positive_plus_1 - 1;
+    const mbedtls_mpi_sint most_negative = -most_positive - 1;
+    TEST_EQUAL((mbedtls_mpi_uint) most_negative,
+               (mbedtls_mpi_uint) 1 << (biL - 1));
+    TEST_EQUAL((mbedtls_mpi_uint) most_negative << 1, 0);
+
+    /* Test mbedtls_mpi_lset() */
+    TEST_EQUAL(mbedtls_mpi_lset(&A, most_negative), 0);
+    TEST_EQUAL(A.s, -1);
+    TEST_EQUAL(A.n, 1);
+    TEST_EQUAL(A.p[0], most_positive_plus_1);
+
+    /* Test mbedtls_mpi_cmp_int(): -p == -p */
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&A, most_negative), 0);
+
+    /* Test mbedtls_mpi_cmp_int(): -(p+1) < -p */
+    A.p[0] = most_positive_plus_1 + 1;
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&A, most_negative), -1);
+
+    /* Test mbedtls_mpi_cmp_int(): -(p-1) > -p */
+    A.p[0] = most_positive_plus_1 - 1;
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&A, most_negative), 1);
+
+    /* Test mbedtls_mpi_add_int(): (p-1) + (-p) */
+    TEST_EQUAL(mbedtls_mpi_lset(&A, most_positive), 0);
+    TEST_EQUAL(mbedtls_mpi_add_int(&X, &A, most_negative), 0);
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&X, -1), 0);
+
+    /* Test mbedtls_mpi_add_int(): (0) + (-p) */
+    TEST_EQUAL(mbedtls_mpi_lset(&A, 0), 0);
+    TEST_EQUAL(mbedtls_mpi_add_int(&X, &A, most_negative), 0);
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&X, most_negative), 0);
+
+    /* Test mbedtls_mpi_add_int(): (-p) + (-p) */
+    TEST_EQUAL(mbedtls_mpi_lset(&A, most_negative), 0);
+    TEST_EQUAL(mbedtls_mpi_add_int(&X, &A, most_negative), 0);
+    TEST_EQUAL(X.s, -1);
+    TEST_EQUAL(X.n, 2);
+    TEST_EQUAL(X.p[0], 0);
+    TEST_EQUAL(X.p[1], 1);
+
+    /* Test mbedtls_mpi_sub_int(): (p) - (-p) */
+    mbedtls_mpi_free(&X);
+    TEST_EQUAL(mbedtls_mpi_lset(&A, most_positive), 0);
+    TEST_EQUAL(mbedtls_mpi_sub_int(&X, &A, most_negative), 0);
+    TEST_EQUAL(X.s, 1);
+    TEST_EQUAL(X.n, 1);
+    TEST_EQUAL(X.p[0], ~(mbedtls_mpi_uint) 0);
+
+    /* Test mbedtls_mpi_sub_int(): (0) - (-p) */
+    TEST_EQUAL(mbedtls_mpi_lset(&A, 0), 0);
+    TEST_EQUAL(mbedtls_mpi_sub_int(&X, &A, most_negative), 0);
+    TEST_EQUAL(X.s, 1);
+    TEST_EQUAL(X.n, 1);
+    TEST_EQUAL(X.p[0], most_positive_plus_1);
+
+    /* Test mbedtls_mpi_sub_int(): (-p) - (-p) */
+    TEST_EQUAL(mbedtls_mpi_lset(&A, most_negative), 0);
+    TEST_EQUAL(mbedtls_mpi_sub_int(&X, &A, most_negative), 0);
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 0), 0);
+
+    /* Test mbedtls_mpi_div_int(): (-p+1) / (-p) */
+    TEST_EQUAL(mbedtls_mpi_lset(&A, -most_positive), 0);
+    TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0);
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 0), 0);
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&R, -most_positive), 0);
+
+    /* Test mbedtls_mpi_div_int(): (-p) / (-p) */
+    TEST_EQUAL(mbedtls_mpi_lset(&A, most_negative), 0);
+    TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0);
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 1), 0);
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&R, 0), 0);
+
+    /* Test mbedtls_mpi_div_int(): (-2*p) / (-p) */
+    TEST_EQUAL(mbedtls_mpi_shift_l(&A, 1), 0);
+    TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0);
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 2), 0);
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&R, 0), 0);
+
+    /* Test mbedtls_mpi_div_int(): (-2*p+1) / (-p) */
+    TEST_EQUAL(mbedtls_mpi_add_int(&A, &A, 1), 0);
+    TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0);
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 1), 0);
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&R, -most_positive), 0);
+
+    /* Test mbedtls_mpi_div_int(): (p-1) / (-p) */
+    TEST_EQUAL(mbedtls_mpi_lset(&A, most_positive), 0);
+    TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0);
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 0), 0);
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&R, most_positive), 0);
+
+    /* Test mbedtls_mpi_div_int(): (p) / (-p) */
+    TEST_EQUAL(mbedtls_mpi_add_int(&A, &A, 1), 0);
+    TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0);
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&X, -1), 0);
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&R, 0), 0);
+
+    /* Test mbedtls_mpi_div_int(): (2*p) / (-p) */
+    TEST_EQUAL(mbedtls_mpi_shift_l(&A, 1), 0);
+    TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0);
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&X, -2), 0);
+    TEST_EQUAL(mbedtls_mpi_cmp_int(&R, 0), 0);
+
+    /* Test mbedtls_mpi_mod_int(): never valid */
+    TEST_EQUAL(mbedtls_mpi_mod_int(X.p, &A, most_negative),
+               MBEDTLS_ERR_MPI_NEGATIVE_VALUE);
+
+    /* Test mbedtls_mpi_random(): never valid */
+    TEST_EQUAL(mbedtls_mpi_random(&X, most_negative, &A,
+                                  mbedtls_test_rnd_std_rand, NULL),
+               MBEDTLS_ERR_MPI_BAD_INPUT_DATA);
+
+exit:
+    mbedtls_mpi_free(&A);
+    mbedtls_mpi_free(&R);
+    mbedtls_mpi_free(&X);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void mpi_selftest()
+{
+    TEST_ASSERT(mbedtls_mpi_self_test(1) == 0);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_bignum.generated.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_bignum.generated.data
new file mode 100644
index 0000000..6badd0b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_bignum.generated.data
@@ -0,0 +1,975 @@
+# Automatically generated by generate_bignum_tests.py. Do not edit!
+
+MPI add #1 0 (null) + 0 (null)
+mpi_add_mpi:"":"":"0"
+
+MPI add #2 0 (null) + 0 (1 limb)
+mpi_add_mpi:"":"0":"0"
+
+MPI add #3 0 (null) + negative 0 (null)
+mpi_add_mpi:"":"-":"0"
+
+MPI add #4 0 (null) + negative with leading zero limb
+mpi_add_mpi:"":"-0":"0"
+
+MPI add #5 0 (null) + positive
+mpi_add_mpi:"":"7b":"7b"
+
+MPI add #6 0 (null) + negative
+mpi_add_mpi:"":"-7b":"-7b"
+
+MPI add #7 0 (null) + positive with leading zero limb
+mpi_add_mpi:"":"0000000000000000123":"123"
+
+MPI add #8 0 (null) + negative with leading zero limb
+mpi_add_mpi:"":"-0000000000000000123":"-123"
+
+MPI add #9 0 (null) + large positive
+mpi_add_mpi:"":"1230000000000000000":"1230000000000000000"
+
+MPI add #10 0 (null) + large negative
+mpi_add_mpi:"":"-1230000000000000000":"-1230000000000000000"
+
+MPI add #11 0 (1 limb) + 0 (null)
+mpi_add_mpi:"0":"":"0"
+
+MPI add #12 0 (1 limb) + 0 (1 limb)
+mpi_add_mpi:"0":"0":"0"
+
+MPI add #13 0 (1 limb) + negative 0 (null)
+mpi_add_mpi:"0":"-":"0"
+
+MPI add #14 0 (1 limb) + negative with leading zero limb
+mpi_add_mpi:"0":"-0":"0"
+
+MPI add #15 0 (1 limb) + positive
+mpi_add_mpi:"0":"7b":"7b"
+
+MPI add #16 0 (1 limb) + negative
+mpi_add_mpi:"0":"-7b":"-7b"
+
+MPI add #17 0 (1 limb) + positive with leading zero limb
+mpi_add_mpi:"0":"0000000000000000123":"123"
+
+MPI add #18 0 (1 limb) + negative with leading zero limb
+mpi_add_mpi:"0":"-0000000000000000123":"-123"
+
+MPI add #19 0 (1 limb) + large positive
+mpi_add_mpi:"0":"1230000000000000000":"1230000000000000000"
+
+MPI add #20 0 (1 limb) + large negative
+mpi_add_mpi:"0":"-1230000000000000000":"-1230000000000000000"
+
+MPI add #21 negative 0 (null) + 0 (null)
+mpi_add_mpi:"-":"":"0"
+
+MPI add #22 negative 0 (null) + 0 (1 limb)
+mpi_add_mpi:"-":"0":"0"
+
+MPI add #23 negative 0 (null) + negative 0 (null)
+mpi_add_mpi:"-":"-":"0"
+
+MPI add #24 negative 0 (null) + negative with leading zero limb
+mpi_add_mpi:"-":"-0":"0"
+
+MPI add #25 negative 0 (null) + positive
+mpi_add_mpi:"-":"7b":"7b"
+
+MPI add #26 negative 0 (null) + negative
+mpi_add_mpi:"-":"-7b":"-7b"
+
+MPI add #27 negative 0 (null) + positive with leading zero limb
+mpi_add_mpi:"-":"0000000000000000123":"123"
+
+MPI add #28 negative 0 (null) + negative with leading zero limb
+mpi_add_mpi:"-":"-0000000000000000123":"-123"
+
+MPI add #29 negative 0 (null) + large positive
+mpi_add_mpi:"-":"1230000000000000000":"1230000000000000000"
+
+MPI add #30 negative 0 (null) + large negative
+mpi_add_mpi:"-":"-1230000000000000000":"-1230000000000000000"
+
+MPI add #31 negative with leading zero limb + 0 (null)
+mpi_add_mpi:"-0":"":"0"
+
+MPI add #32 negative with leading zero limb + 0 (1 limb)
+mpi_add_mpi:"-0":"0":"0"
+
+MPI add #33 negative with leading zero limb + negative 0 (null)
+mpi_add_mpi:"-0":"-":"0"
+
+MPI add #34 negative with leading zero limb + negative with leading zero limb
+mpi_add_mpi:"-0":"-0":"0"
+
+MPI add #35 negative with leading zero limb + positive
+mpi_add_mpi:"-0":"7b":"7b"
+
+MPI add #36 negative with leading zero limb + negative
+mpi_add_mpi:"-0":"-7b":"-7b"
+
+MPI add #37 negative with leading zero limb + positive with leading zero limb
+mpi_add_mpi:"-0":"0000000000000000123":"123"
+
+MPI add #38 negative with leading zero limb + negative with leading zero limb
+mpi_add_mpi:"-0":"-0000000000000000123":"-123"
+
+MPI add #39 negative with leading zero limb + large positive
+mpi_add_mpi:"-0":"1230000000000000000":"1230000000000000000"
+
+MPI add #40 negative with leading zero limb + large negative
+mpi_add_mpi:"-0":"-1230000000000000000":"-1230000000000000000"
+
+MPI add #41 positive + 0 (null)
+mpi_add_mpi:"7b":"":"7b"
+
+MPI add #42 positive + 0 (1 limb)
+mpi_add_mpi:"7b":"0":"7b"
+
+MPI add #43 positive + negative 0 (null)
+mpi_add_mpi:"7b":"-":"7b"
+
+MPI add #44 positive + negative with leading zero limb
+mpi_add_mpi:"7b":"-0":"7b"
+
+MPI add #45 positive + positive
+mpi_add_mpi:"7b":"7b":"f6"
+
+MPI add #46 positive + negative , result=0
+mpi_add_mpi:"7b":"-7b":"0"
+
+MPI add #47 positive + positive with leading zero limb
+mpi_add_mpi:"7b":"0000000000000000123":"19e"
+
+MPI add #48 positive + negative with leading zero limb , result<0
+mpi_add_mpi:"7b":"-0000000000000000123":"-a8"
+
+MPI add #49 positive + large positive
+mpi_add_mpi:"7b":"1230000000000000000":"123000000000000007b"
+
+MPI add #50 positive + large negative , result<0
+mpi_add_mpi:"7b":"-1230000000000000000":"-122ffffffffffffff85"
+
+MPI add #51 negative + 0 (null)
+mpi_add_mpi:"-7b":"":"-7b"
+
+MPI add #52 negative + 0 (1 limb)
+mpi_add_mpi:"-7b":"0":"-7b"
+
+MPI add #53 negative + negative 0 (null)
+mpi_add_mpi:"-7b":"-":"-7b"
+
+MPI add #54 negative + negative with leading zero limb
+mpi_add_mpi:"-7b":"-0":"-7b"
+
+MPI add #55 negative + positive , result=0
+mpi_add_mpi:"-7b":"7b":"0"
+
+MPI add #56 negative + negative
+mpi_add_mpi:"-7b":"-7b":"-f6"
+
+MPI add #57 negative + positive with leading zero limb , result>0
+mpi_add_mpi:"-7b":"0000000000000000123":"a8"
+
+MPI add #58 negative + negative with leading zero limb
+mpi_add_mpi:"-7b":"-0000000000000000123":"-19e"
+
+MPI add #59 negative + large positive , result>0
+mpi_add_mpi:"-7b":"1230000000000000000":"122ffffffffffffff85"
+
+MPI add #60 negative + large negative
+mpi_add_mpi:"-7b":"-1230000000000000000":"-123000000000000007b"
+
+MPI add #61 positive with leading zero limb + 0 (null)
+mpi_add_mpi:"0000000000000000123":"":"123"
+
+MPI add #62 positive with leading zero limb + 0 (1 limb)
+mpi_add_mpi:"0000000000000000123":"0":"123"
+
+MPI add #63 positive with leading zero limb + negative 0 (null)
+mpi_add_mpi:"0000000000000000123":"-":"123"
+
+MPI add #64 positive with leading zero limb + negative with leading zero limb
+mpi_add_mpi:"0000000000000000123":"-0":"123"
+
+MPI add #65 positive with leading zero limb + positive
+mpi_add_mpi:"0000000000000000123":"7b":"19e"
+
+MPI add #66 positive with leading zero limb + negative , result>0
+mpi_add_mpi:"0000000000000000123":"-7b":"a8"
+
+MPI add #67 positive with leading zero limb + positive with leading zero limb
+mpi_add_mpi:"0000000000000000123":"0000000000000000123":"246"
+
+MPI add #68 positive with leading zero limb + negative with leading zero limb , result=0
+mpi_add_mpi:"0000000000000000123":"-0000000000000000123":"0"
+
+MPI add #69 positive with leading zero limb + large positive
+mpi_add_mpi:"0000000000000000123":"1230000000000000000":"1230000000000000123"
+
+MPI add #70 positive with leading zero limb + large negative , result<0
+mpi_add_mpi:"0000000000000000123":"-1230000000000000000":"-122fffffffffffffedd"
+
+MPI add #71 negative with leading zero limb + 0 (null)
+mpi_add_mpi:"-0000000000000000123":"":"-123"
+
+MPI add #72 negative with leading zero limb + 0 (1 limb)
+mpi_add_mpi:"-0000000000000000123":"0":"-123"
+
+MPI add #73 negative with leading zero limb + negative 0 (null)
+mpi_add_mpi:"-0000000000000000123":"-":"-123"
+
+MPI add #74 negative with leading zero limb + negative with leading zero limb
+mpi_add_mpi:"-0000000000000000123":"-0":"-123"
+
+MPI add #75 negative with leading zero limb + positive , result<0
+mpi_add_mpi:"-0000000000000000123":"7b":"-a8"
+
+MPI add #76 negative with leading zero limb + negative
+mpi_add_mpi:"-0000000000000000123":"-7b":"-19e"
+
+MPI add #77 negative with leading zero limb + positive with leading zero limb , result=0
+mpi_add_mpi:"-0000000000000000123":"0000000000000000123":"0"
+
+MPI add #78 negative with leading zero limb + negative with leading zero limb
+mpi_add_mpi:"-0000000000000000123":"-0000000000000000123":"-246"
+
+MPI add #79 negative with leading zero limb + large positive , result>0
+mpi_add_mpi:"-0000000000000000123":"1230000000000000000":"122fffffffffffffedd"
+
+MPI add #80 negative with leading zero limb + large negative
+mpi_add_mpi:"-0000000000000000123":"-1230000000000000000":"-1230000000000000123"
+
+MPI add #81 large positive + 0 (null)
+mpi_add_mpi:"1230000000000000000":"":"1230000000000000000"
+
+MPI add #82 large positive + 0 (1 limb)
+mpi_add_mpi:"1230000000000000000":"0":"1230000000000000000"
+
+MPI add #83 large positive + negative 0 (null)
+mpi_add_mpi:"1230000000000000000":"-":"1230000000000000000"
+
+MPI add #84 large positive + negative with leading zero limb
+mpi_add_mpi:"1230000000000000000":"-0":"1230000000000000000"
+
+MPI add #85 large positive + positive
+mpi_add_mpi:"1230000000000000000":"7b":"123000000000000007b"
+
+MPI add #86 large positive + negative , result>0
+mpi_add_mpi:"1230000000000000000":"-7b":"122ffffffffffffff85"
+
+MPI add #87 large positive + positive with leading zero limb
+mpi_add_mpi:"1230000000000000000":"0000000000000000123":"1230000000000000123"
+
+MPI add #88 large positive + negative with leading zero limb , result>0
+mpi_add_mpi:"1230000000000000000":"-0000000000000000123":"122fffffffffffffedd"
+
+MPI add #89 large positive + large positive
+mpi_add_mpi:"1230000000000000000":"1230000000000000000":"2460000000000000000"
+
+MPI add #90 large positive + large negative , result=0
+mpi_add_mpi:"1230000000000000000":"-1230000000000000000":"0"
+
+MPI add #91 large negative + 0 (null)
+mpi_add_mpi:"-1230000000000000000":"":"-1230000000000000000"
+
+MPI add #92 large negative + 0 (1 limb)
+mpi_add_mpi:"-1230000000000000000":"0":"-1230000000000000000"
+
+MPI add #93 large negative + negative 0 (null)
+mpi_add_mpi:"-1230000000000000000":"-":"-1230000000000000000"
+
+MPI add #94 large negative + negative with leading zero limb
+mpi_add_mpi:"-1230000000000000000":"-0":"-1230000000000000000"
+
+MPI add #95 large negative + positive , result<0
+mpi_add_mpi:"-1230000000000000000":"7b":"-122ffffffffffffff85"
+
+MPI add #96 large negative + negative
+mpi_add_mpi:"-1230000000000000000":"-7b":"-123000000000000007b"
+
+MPI add #97 large negative + positive with leading zero limb , result<0
+mpi_add_mpi:"-1230000000000000000":"0000000000000000123":"-122fffffffffffffedd"
+
+MPI add #98 large negative + negative with leading zero limb
+mpi_add_mpi:"-1230000000000000000":"-0000000000000000123":"-1230000000000000123"
+
+MPI add #99 large negative + large positive , result=0
+mpi_add_mpi:"-1230000000000000000":"1230000000000000000":"0"
+
+MPI add #100 large negative + large negative
+mpi_add_mpi:"-1230000000000000000":"-1230000000000000000":"-2460000000000000000"
+
+MPI add #101 large positive + large positive
+mpi_add_mpi:"1c67967269c6":"1c67967269c6":"38cf2ce4d38c"
+
+MPI add #102 large positive + positive
+mpi_add_mpi:"1c67967269c6":"9cde3":"1c67967c37a9"
+
+MPI add #103 large positive + large negative , result=0
+mpi_add_mpi:"1c67967269c6":"-1c67967269c6":"0"
+
+MPI add #104 large positive + negative , result>0
+mpi_add_mpi:"1c67967269c6":"-9cde3":"1c6796689be3"
+
+MPI add #105 positive + large positive
+mpi_add_mpi:"9cde3":"1c67967269c6":"1c67967c37a9"
+
+MPI add #106 positive + positive
+mpi_add_mpi:"9cde3":"9cde3":"139bc6"
+
+MPI add #107 positive + large negative , result<0
+mpi_add_mpi:"9cde3":"-1c67967269c6":"-1c6796689be3"
+
+MPI add #108 positive + negative , result=0
+mpi_add_mpi:"9cde3":"-9cde3":"0"
+
+MPI add #109 large negative + large positive , result=0
+mpi_add_mpi:"-1c67967269c6":"1c67967269c6":"0"
+
+MPI add #110 large negative + positive , result<0
+mpi_add_mpi:"-1c67967269c6":"9cde3":"-1c6796689be3"
+
+MPI add #111 large negative + large negative
+mpi_add_mpi:"-1c67967269c6":"-1c67967269c6":"-38cf2ce4d38c"
+
+MPI add #112 large negative + negative
+mpi_add_mpi:"-1c67967269c6":"-9cde3":"-1c67967c37a9"
+
+MPI add #113 negative + large positive , result>0
+mpi_add_mpi:"-9cde3":"1c67967269c6":"1c6796689be3"
+
+MPI add #114 negative + positive , result=0
+mpi_add_mpi:"-9cde3":"9cde3":"0"
+
+MPI add #115 negative + large negative
+mpi_add_mpi:"-9cde3":"-1c67967269c6":"-1c67967c37a9"
+
+MPI add #116 negative + negative
+mpi_add_mpi:"-9cde3":"-9cde3":"-139bc6"
+
+MPI compare #1 0 (null) == 0 (null)
+mpi_cmp_mpi:"":"":0
+
+MPI compare #2 0 (null) == 0 (1 limb)
+mpi_cmp_mpi:"":"0":0
+
+MPI compare #3 0 (null) == negative 0 (null)
+mpi_cmp_mpi:"":"-":0
+
+MPI compare #4 0 (null) == negative with leading zero limb
+mpi_cmp_mpi:"":"-0":0
+
+MPI compare #5 0 (null) < positive
+mpi_cmp_mpi:"":"7b":-1
+
+MPI compare #6 0 (null) > negative
+mpi_cmp_mpi:"":"-7b":1
+
+MPI compare #7 0 (null) < positive with leading zero limb
+mpi_cmp_mpi:"":"0000000000000000123":-1
+
+MPI compare #8 0 (null) > negative with leading zero limb
+mpi_cmp_mpi:"":"-0000000000000000123":1
+
+MPI compare #9 0 (null) < large positive
+mpi_cmp_mpi:"":"1230000000000000000":-1
+
+MPI compare #10 0 (null) > large negative
+mpi_cmp_mpi:"":"-1230000000000000000":1
+
+MPI compare #11 0 (1 limb) == 0 (null)
+mpi_cmp_mpi:"0":"":0
+
+MPI compare #12 0 (1 limb) == 0 (1 limb)
+mpi_cmp_mpi:"0":"0":0
+
+MPI compare #13 0 (1 limb) == negative 0 (null)
+mpi_cmp_mpi:"0":"-":0
+
+MPI compare #14 0 (1 limb) == negative with leading zero limb
+mpi_cmp_mpi:"0":"-0":0
+
+MPI compare #15 0 (1 limb) < positive
+mpi_cmp_mpi:"0":"7b":-1
+
+MPI compare #16 0 (1 limb) > negative
+mpi_cmp_mpi:"0":"-7b":1
+
+MPI compare #17 0 (1 limb) < positive with leading zero limb
+mpi_cmp_mpi:"0":"0000000000000000123":-1
+
+MPI compare #18 0 (1 limb) > negative with leading zero limb
+mpi_cmp_mpi:"0":"-0000000000000000123":1
+
+MPI compare #19 0 (1 limb) < large positive
+mpi_cmp_mpi:"0":"1230000000000000000":-1
+
+MPI compare #20 0 (1 limb) > large negative
+mpi_cmp_mpi:"0":"-1230000000000000000":1
+
+MPI compare #21 negative 0 (null) == 0 (null)
+mpi_cmp_mpi:"-":"":0
+
+MPI compare #22 negative 0 (null) == 0 (1 limb)
+mpi_cmp_mpi:"-":"0":0
+
+MPI compare #23 negative 0 (null) == negative 0 (null)
+mpi_cmp_mpi:"-":"-":0
+
+MPI compare #24 negative 0 (null) == negative with leading zero limb
+mpi_cmp_mpi:"-":"-0":0
+
+MPI compare #25 negative 0 (null) < positive
+mpi_cmp_mpi:"-":"7b":-1
+
+MPI compare #26 negative 0 (null) > negative
+mpi_cmp_mpi:"-":"-7b":1
+
+MPI compare #27 negative 0 (null) < positive with leading zero limb
+mpi_cmp_mpi:"-":"0000000000000000123":-1
+
+MPI compare #28 negative 0 (null) > negative with leading zero limb
+mpi_cmp_mpi:"-":"-0000000000000000123":1
+
+MPI compare #29 negative 0 (null) < large positive
+mpi_cmp_mpi:"-":"1230000000000000000":-1
+
+MPI compare #30 negative 0 (null) > large negative
+mpi_cmp_mpi:"-":"-1230000000000000000":1
+
+MPI compare #31 negative with leading zero limb == 0 (null)
+mpi_cmp_mpi:"-0":"":0
+
+MPI compare #32 negative with leading zero limb == 0 (1 limb)
+mpi_cmp_mpi:"-0":"0":0
+
+MPI compare #33 negative with leading zero limb == negative 0 (null)
+mpi_cmp_mpi:"-0":"-":0
+
+MPI compare #34 negative with leading zero limb == negative with leading zero limb
+mpi_cmp_mpi:"-0":"-0":0
+
+MPI compare #35 negative with leading zero limb < positive
+mpi_cmp_mpi:"-0":"7b":-1
+
+MPI compare #36 negative with leading zero limb > negative
+mpi_cmp_mpi:"-0":"-7b":1
+
+MPI compare #37 negative with leading zero limb < positive with leading zero limb
+mpi_cmp_mpi:"-0":"0000000000000000123":-1
+
+MPI compare #38 negative with leading zero limb > negative with leading zero limb
+mpi_cmp_mpi:"-0":"-0000000000000000123":1
+
+MPI compare #39 negative with leading zero limb < large positive
+mpi_cmp_mpi:"-0":"1230000000000000000":-1
+
+MPI compare #40 negative with leading zero limb > large negative
+mpi_cmp_mpi:"-0":"-1230000000000000000":1
+
+MPI compare #41 positive > 0 (null)
+mpi_cmp_mpi:"7b":"":1
+
+MPI compare #42 positive > 0 (1 limb)
+mpi_cmp_mpi:"7b":"0":1
+
+MPI compare #43 positive > negative 0 (null)
+mpi_cmp_mpi:"7b":"-":1
+
+MPI compare #44 positive > negative with leading zero limb
+mpi_cmp_mpi:"7b":"-0":1
+
+MPI compare #45 positive == positive
+mpi_cmp_mpi:"7b":"7b":0
+
+MPI compare #46 positive > negative
+mpi_cmp_mpi:"7b":"-7b":1
+
+MPI compare #47 positive < positive with leading zero limb
+mpi_cmp_mpi:"7b":"0000000000000000123":-1
+
+MPI compare #48 positive > negative with leading zero limb
+mpi_cmp_mpi:"7b":"-0000000000000000123":1
+
+MPI compare #49 positive < large positive
+mpi_cmp_mpi:"7b":"1230000000000000000":-1
+
+MPI compare #50 positive > large negative
+mpi_cmp_mpi:"7b":"-1230000000000000000":1
+
+MPI compare #51 negative < 0 (null)
+mpi_cmp_mpi:"-7b":"":-1
+
+MPI compare #52 negative < 0 (1 limb)
+mpi_cmp_mpi:"-7b":"0":-1
+
+MPI compare #53 negative < negative 0 (null)
+mpi_cmp_mpi:"-7b":"-":-1
+
+MPI compare #54 negative < negative with leading zero limb
+mpi_cmp_mpi:"-7b":"-0":-1
+
+MPI compare #55 negative < positive
+mpi_cmp_mpi:"-7b":"7b":-1
+
+MPI compare #56 negative == negative
+mpi_cmp_mpi:"-7b":"-7b":0
+
+MPI compare #57 negative < positive with leading zero limb
+mpi_cmp_mpi:"-7b":"0000000000000000123":-1
+
+MPI compare #58 negative > negative with leading zero limb
+mpi_cmp_mpi:"-7b":"-0000000000000000123":1
+
+MPI compare #59 negative < large positive
+mpi_cmp_mpi:"-7b":"1230000000000000000":-1
+
+MPI compare #60 negative > large negative
+mpi_cmp_mpi:"-7b":"-1230000000000000000":1
+
+MPI compare #61 positive with leading zero limb > 0 (null)
+mpi_cmp_mpi:"0000000000000000123":"":1
+
+MPI compare #62 positive with leading zero limb > 0 (1 limb)
+mpi_cmp_mpi:"0000000000000000123":"0":1
+
+MPI compare #63 positive with leading zero limb > negative 0 (null)
+mpi_cmp_mpi:"0000000000000000123":"-":1
+
+MPI compare #64 positive with leading zero limb > negative with leading zero limb
+mpi_cmp_mpi:"0000000000000000123":"-0":1
+
+MPI compare #65 positive with leading zero limb > positive
+mpi_cmp_mpi:"0000000000000000123":"7b":1
+
+MPI compare #66 positive with leading zero limb > negative
+mpi_cmp_mpi:"0000000000000000123":"-7b":1
+
+MPI compare #67 positive with leading zero limb == positive with leading zero limb
+mpi_cmp_mpi:"0000000000000000123":"0000000000000000123":0
+
+MPI compare #68 positive with leading zero limb > negative with leading zero limb
+mpi_cmp_mpi:"0000000000000000123":"-0000000000000000123":1
+
+MPI compare #69 positive with leading zero limb < large positive
+mpi_cmp_mpi:"0000000000000000123":"1230000000000000000":-1
+
+MPI compare #70 positive with leading zero limb > large negative
+mpi_cmp_mpi:"0000000000000000123":"-1230000000000000000":1
+
+MPI compare #71 negative with leading zero limb < 0 (null)
+mpi_cmp_mpi:"-0000000000000000123":"":-1
+
+MPI compare #72 negative with leading zero limb < 0 (1 limb)
+mpi_cmp_mpi:"-0000000000000000123":"0":-1
+
+MPI compare #73 negative with leading zero limb < negative 0 (null)
+mpi_cmp_mpi:"-0000000000000000123":"-":-1
+
+MPI compare #74 negative with leading zero limb < negative with leading zero limb
+mpi_cmp_mpi:"-0000000000000000123":"-0":-1
+
+MPI compare #75 negative with leading zero limb < positive
+mpi_cmp_mpi:"-0000000000000000123":"7b":-1
+
+MPI compare #76 negative with leading zero limb < negative
+mpi_cmp_mpi:"-0000000000000000123":"-7b":-1
+
+MPI compare #77 negative with leading zero limb < positive with leading zero limb
+mpi_cmp_mpi:"-0000000000000000123":"0000000000000000123":-1
+
+MPI compare #78 negative with leading zero limb == negative with leading zero limb
+mpi_cmp_mpi:"-0000000000000000123":"-0000000000000000123":0
+
+MPI compare #79 negative with leading zero limb < large positive
+mpi_cmp_mpi:"-0000000000000000123":"1230000000000000000":-1
+
+MPI compare #80 negative with leading zero limb > large negative
+mpi_cmp_mpi:"-0000000000000000123":"-1230000000000000000":1
+
+MPI compare #81 large positive > 0 (null)
+mpi_cmp_mpi:"1230000000000000000":"":1
+
+MPI compare #82 large positive > 0 (1 limb)
+mpi_cmp_mpi:"1230000000000000000":"0":1
+
+MPI compare #83 large positive > negative 0 (null)
+mpi_cmp_mpi:"1230000000000000000":"-":1
+
+MPI compare #84 large positive > negative with leading zero limb
+mpi_cmp_mpi:"1230000000000000000":"-0":1
+
+MPI compare #85 large positive > positive
+mpi_cmp_mpi:"1230000000000000000":"7b":1
+
+MPI compare #86 large positive > negative
+mpi_cmp_mpi:"1230000000000000000":"-7b":1
+
+MPI compare #87 large positive > positive with leading zero limb
+mpi_cmp_mpi:"1230000000000000000":"0000000000000000123":1
+
+MPI compare #88 large positive > negative with leading zero limb
+mpi_cmp_mpi:"1230000000000000000":"-0000000000000000123":1
+
+MPI compare #89 large positive == large positive
+mpi_cmp_mpi:"1230000000000000000":"1230000000000000000":0
+
+MPI compare #90 large positive > large negative
+mpi_cmp_mpi:"1230000000000000000":"-1230000000000000000":1
+
+MPI compare #91 large negative < 0 (null)
+mpi_cmp_mpi:"-1230000000000000000":"":-1
+
+MPI compare #92 large negative < 0 (1 limb)
+mpi_cmp_mpi:"-1230000000000000000":"0":-1
+
+MPI compare #93 large negative < negative 0 (null)
+mpi_cmp_mpi:"-1230000000000000000":"-":-1
+
+MPI compare #94 large negative < negative with leading zero limb
+mpi_cmp_mpi:"-1230000000000000000":"-0":-1
+
+MPI compare #95 large negative < positive
+mpi_cmp_mpi:"-1230000000000000000":"7b":-1
+
+MPI compare #96 large negative < negative
+mpi_cmp_mpi:"-1230000000000000000":"-7b":-1
+
+MPI compare #97 large negative < positive with leading zero limb
+mpi_cmp_mpi:"-1230000000000000000":"0000000000000000123":-1
+
+MPI compare #98 large negative < negative with leading zero limb
+mpi_cmp_mpi:"-1230000000000000000":"-0000000000000000123":-1
+
+MPI compare #99 large negative < large positive
+mpi_cmp_mpi:"-1230000000000000000":"1230000000000000000":-1
+
+MPI compare #100 large negative == large negative
+mpi_cmp_mpi:"-1230000000000000000":"-1230000000000000000":0
+
+MPI compare #101 negative > negative
+mpi_cmp_mpi:"-2":"-3":1
+
+MPI compare #102 negative == negative
+mpi_cmp_mpi:"-2":"-2":0
+
+MPI compare #103 positive < positive
+mpi_cmp_mpi:"2b4":"2b5":-1
+
+MPI compare #104 positive < positive
+mpi_cmp_mpi:"2b5":"2b6":-1
+
+MPI compare (abs) #1 0 (null) == 0 (null)
+mpi_cmp_abs:"":"":0
+
+MPI compare (abs) #2 0 (null) == 0 (1 limb)
+mpi_cmp_abs:"":"0":0
+
+MPI compare (abs) #3 0 (null) == 0 (null)
+mpi_cmp_abs:"":"":0
+
+MPI compare (abs) #4 0 (null) == 0 (1 limb)
+mpi_cmp_abs:"":"0":0
+
+MPI compare (abs) #5 0 (null) < positive
+mpi_cmp_abs:"":"7b":-1
+
+MPI compare (abs) #6 0 (null) < positive
+mpi_cmp_abs:"":"7b":-1
+
+MPI compare (abs) #7 0 (null) < positive with leading zero limb
+mpi_cmp_abs:"":"0000000000000000123":-1
+
+MPI compare (abs) #8 0 (null) < positive with leading zero limb
+mpi_cmp_abs:"":"0000000000000000123":-1
+
+MPI compare (abs) #9 0 (null) < large positive
+mpi_cmp_abs:"":"1230000000000000000":-1
+
+MPI compare (abs) #10 0 (null) < large positive
+mpi_cmp_abs:"":"1230000000000000000":-1
+
+MPI compare (abs) #11 0 (1 limb) == 0 (null)
+mpi_cmp_abs:"0":"":0
+
+MPI compare (abs) #12 0 (1 limb) == 0 (1 limb)
+mpi_cmp_abs:"0":"0":0
+
+MPI compare (abs) #13 0 (1 limb) == 0 (null)
+mpi_cmp_abs:"0":"":0
+
+MPI compare (abs) #14 0 (1 limb) == 0 (1 limb)
+mpi_cmp_abs:"0":"0":0
+
+MPI compare (abs) #15 0 (1 limb) < positive
+mpi_cmp_abs:"0":"7b":-1
+
+MPI compare (abs) #16 0 (1 limb) < positive
+mpi_cmp_abs:"0":"7b":-1
+
+MPI compare (abs) #17 0 (1 limb) < positive with leading zero limb
+mpi_cmp_abs:"0":"0000000000000000123":-1
+
+MPI compare (abs) #18 0 (1 limb) < positive with leading zero limb
+mpi_cmp_abs:"0":"0000000000000000123":-1
+
+MPI compare (abs) #19 0 (1 limb) < large positive
+mpi_cmp_abs:"0":"1230000000000000000":-1
+
+MPI compare (abs) #20 0 (1 limb) < large positive
+mpi_cmp_abs:"0":"1230000000000000000":-1
+
+MPI compare (abs) #21 0 (null) == 0 (null)
+mpi_cmp_abs:"":"":0
+
+MPI compare (abs) #22 0 (null) == 0 (1 limb)
+mpi_cmp_abs:"":"0":0
+
+MPI compare (abs) #23 0 (null) == 0 (null)
+mpi_cmp_abs:"":"":0
+
+MPI compare (abs) #24 0 (null) == 0 (1 limb)
+mpi_cmp_abs:"":"0":0
+
+MPI compare (abs) #25 0 (null) < positive
+mpi_cmp_abs:"":"7b":-1
+
+MPI compare (abs) #26 0 (null) < positive
+mpi_cmp_abs:"":"7b":-1
+
+MPI compare (abs) #27 0 (null) < positive with leading zero limb
+mpi_cmp_abs:"":"0000000000000000123":-1
+
+MPI compare (abs) #28 0 (null) < positive with leading zero limb
+mpi_cmp_abs:"":"0000000000000000123":-1
+
+MPI compare (abs) #29 0 (null) < large positive
+mpi_cmp_abs:"":"1230000000000000000":-1
+
+MPI compare (abs) #30 0 (null) < large positive
+mpi_cmp_abs:"":"1230000000000000000":-1
+
+MPI compare (abs) #31 0 (1 limb) == 0 (null)
+mpi_cmp_abs:"0":"":0
+
+MPI compare (abs) #32 0 (1 limb) == 0 (1 limb)
+mpi_cmp_abs:"0":"0":0
+
+MPI compare (abs) #33 0 (1 limb) == 0 (null)
+mpi_cmp_abs:"0":"":0
+
+MPI compare (abs) #34 0 (1 limb) == 0 (1 limb)
+mpi_cmp_abs:"0":"0":0
+
+MPI compare (abs) #35 0 (1 limb) < positive
+mpi_cmp_abs:"0":"7b":-1
+
+MPI compare (abs) #36 0 (1 limb) < positive
+mpi_cmp_abs:"0":"7b":-1
+
+MPI compare (abs) #37 0 (1 limb) < positive with leading zero limb
+mpi_cmp_abs:"0":"0000000000000000123":-1
+
+MPI compare (abs) #38 0 (1 limb) < positive with leading zero limb
+mpi_cmp_abs:"0":"0000000000000000123":-1
+
+MPI compare (abs) #39 0 (1 limb) < large positive
+mpi_cmp_abs:"0":"1230000000000000000":-1
+
+MPI compare (abs) #40 0 (1 limb) < large positive
+mpi_cmp_abs:"0":"1230000000000000000":-1
+
+MPI compare (abs) #41 positive > 0 (null)
+mpi_cmp_abs:"7b":"":1
+
+MPI compare (abs) #42 positive > 0 (1 limb)
+mpi_cmp_abs:"7b":"0":1
+
+MPI compare (abs) #43 positive > 0 (null)
+mpi_cmp_abs:"7b":"":1
+
+MPI compare (abs) #44 positive > 0 (1 limb)
+mpi_cmp_abs:"7b":"0":1
+
+MPI compare (abs) #45 positive == positive
+mpi_cmp_abs:"7b":"7b":0
+
+MPI compare (abs) #46 positive == positive
+mpi_cmp_abs:"7b":"7b":0
+
+MPI compare (abs) #47 positive < positive with leading zero limb
+mpi_cmp_abs:"7b":"0000000000000000123":-1
+
+MPI compare (abs) #48 positive < positive with leading zero limb
+mpi_cmp_abs:"7b":"0000000000000000123":-1
+
+MPI compare (abs) #49 positive < large positive
+mpi_cmp_abs:"7b":"1230000000000000000":-1
+
+MPI compare (abs) #50 positive < large positive
+mpi_cmp_abs:"7b":"1230000000000000000":-1
+
+MPI compare (abs) #51 positive > 0 (null)
+mpi_cmp_abs:"7b":"":1
+
+MPI compare (abs) #52 positive > 0 (1 limb)
+mpi_cmp_abs:"7b":"0":1
+
+MPI compare (abs) #53 positive > 0 (null)
+mpi_cmp_abs:"7b":"":1
+
+MPI compare (abs) #54 positive > 0 (1 limb)
+mpi_cmp_abs:"7b":"0":1
+
+MPI compare (abs) #55 positive == positive
+mpi_cmp_abs:"7b":"7b":0
+
+MPI compare (abs) #56 positive == positive
+mpi_cmp_abs:"7b":"7b":0
+
+MPI compare (abs) #57 positive < positive with leading zero limb
+mpi_cmp_abs:"7b":"0000000000000000123":-1
+
+MPI compare (abs) #58 positive < positive with leading zero limb
+mpi_cmp_abs:"7b":"0000000000000000123":-1
+
+MPI compare (abs) #59 positive < large positive
+mpi_cmp_abs:"7b":"1230000000000000000":-1
+
+MPI compare (abs) #60 positive < large positive
+mpi_cmp_abs:"7b":"1230000000000000000":-1
+
+MPI compare (abs) #61 positive with leading zero limb > 0 (null)
+mpi_cmp_abs:"0000000000000000123":"":1
+
+MPI compare (abs) #62 positive with leading zero limb > 0 (1 limb)
+mpi_cmp_abs:"0000000000000000123":"0":1
+
+MPI compare (abs) #63 positive with leading zero limb > 0 (null)
+mpi_cmp_abs:"0000000000000000123":"":1
+
+MPI compare (abs) #64 positive with leading zero limb > 0 (1 limb)
+mpi_cmp_abs:"0000000000000000123":"0":1
+
+MPI compare (abs) #65 positive with leading zero limb > positive
+mpi_cmp_abs:"0000000000000000123":"7b":1
+
+MPI compare (abs) #66 positive with leading zero limb > positive
+mpi_cmp_abs:"0000000000000000123":"7b":1
+
+MPI compare (abs) #67 positive with leading zero limb == positive with leading zero limb
+mpi_cmp_abs:"0000000000000000123":"0000000000000000123":0
+
+MPI compare (abs) #68 positive with leading zero limb == positive with leading zero limb
+mpi_cmp_abs:"0000000000000000123":"0000000000000000123":0
+
+MPI compare (abs) #69 positive with leading zero limb < large positive
+mpi_cmp_abs:"0000000000000000123":"1230000000000000000":-1
+
+MPI compare (abs) #70 positive with leading zero limb < large positive
+mpi_cmp_abs:"0000000000000000123":"1230000000000000000":-1
+
+MPI compare (abs) #71 positive with leading zero limb > 0 (null)
+mpi_cmp_abs:"0000000000000000123":"":1
+
+MPI compare (abs) #72 positive with leading zero limb > 0 (1 limb)
+mpi_cmp_abs:"0000000000000000123":"0":1
+
+MPI compare (abs) #73 positive with leading zero limb > 0 (null)
+mpi_cmp_abs:"0000000000000000123":"":1
+
+MPI compare (abs) #74 positive with leading zero limb > 0 (1 limb)
+mpi_cmp_abs:"0000000000000000123":"0":1
+
+MPI compare (abs) #75 positive with leading zero limb > positive
+mpi_cmp_abs:"0000000000000000123":"7b":1
+
+MPI compare (abs) #76 positive with leading zero limb > positive
+mpi_cmp_abs:"0000000000000000123":"7b":1
+
+MPI compare (abs) #77 positive with leading zero limb == positive with leading zero limb
+mpi_cmp_abs:"0000000000000000123":"0000000000000000123":0
+
+MPI compare (abs) #78 positive with leading zero limb == positive with leading zero limb
+mpi_cmp_abs:"0000000000000000123":"0000000000000000123":0
+
+MPI compare (abs) #79 positive with leading zero limb < large positive
+mpi_cmp_abs:"0000000000000000123":"1230000000000000000":-1
+
+MPI compare (abs) #80 positive with leading zero limb < large positive
+mpi_cmp_abs:"0000000000000000123":"1230000000000000000":-1
+
+MPI compare (abs) #81 large positive > 0 (null)
+mpi_cmp_abs:"1230000000000000000":"":1
+
+MPI compare (abs) #82 large positive > 0 (1 limb)
+mpi_cmp_abs:"1230000000000000000":"0":1
+
+MPI compare (abs) #83 large positive > 0 (null)
+mpi_cmp_abs:"1230000000000000000":"":1
+
+MPI compare (abs) #84 large positive > 0 (1 limb)
+mpi_cmp_abs:"1230000000000000000":"0":1
+
+MPI compare (abs) #85 large positive > positive
+mpi_cmp_abs:"1230000000000000000":"7b":1
+
+MPI compare (abs) #86 large positive > positive
+mpi_cmp_abs:"1230000000000000000":"7b":1
+
+MPI compare (abs) #87 large positive > positive with leading zero limb
+mpi_cmp_abs:"1230000000000000000":"0000000000000000123":1
+
+MPI compare (abs) #88 large positive > positive with leading zero limb
+mpi_cmp_abs:"1230000000000000000":"0000000000000000123":1
+
+MPI compare (abs) #89 large positive == large positive
+mpi_cmp_abs:"1230000000000000000":"1230000000000000000":0
+
+MPI compare (abs) #90 large positive == large positive
+mpi_cmp_abs:"1230000000000000000":"1230000000000000000":0
+
+MPI compare (abs) #91 large positive > 0 (null)
+mpi_cmp_abs:"1230000000000000000":"":1
+
+MPI compare (abs) #92 large positive > 0 (1 limb)
+mpi_cmp_abs:"1230000000000000000":"0":1
+
+MPI compare (abs) #93 large positive > 0 (null)
+mpi_cmp_abs:"1230000000000000000":"":1
+
+MPI compare (abs) #94 large positive > 0 (1 limb)
+mpi_cmp_abs:"1230000000000000000":"0":1
+
+MPI compare (abs) #95 large positive > positive
+mpi_cmp_abs:"1230000000000000000":"7b":1
+
+MPI compare (abs) #96 large positive > positive
+mpi_cmp_abs:"1230000000000000000":"7b":1
+
+MPI compare (abs) #97 large positive > positive with leading zero limb
+mpi_cmp_abs:"1230000000000000000":"0000000000000000123":1
+
+MPI compare (abs) #98 large positive > positive with leading zero limb
+mpi_cmp_abs:"1230000000000000000":"0000000000000000123":1
+
+MPI compare (abs) #99 large positive == large positive
+mpi_cmp_abs:"1230000000000000000":"1230000000000000000":0
+
+MPI compare (abs) #100 large positive == large positive
+mpi_cmp_abs:"1230000000000000000":"1230000000000000000":0
+
+MPI compare (abs) #101 positive < positive
+mpi_cmp_abs:"2":"3":-1
+
+MPI compare (abs) #102 positive == positive
+mpi_cmp_abs:"2":"2":0
+
+MPI compare (abs) #103 positive < positive
+mpi_cmp_abs:"2b4":"2b5":-1
+
+MPI compare (abs) #104 positive < positive
+mpi_cmp_abs:"2b5":"2b6":-1
+
+# End of automatically generated file.
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_bignum.misc.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_bignum.misc.data
new file mode 100644
index 0000000..2df3ad3
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_bignum.misc.data
@@ -0,0 +1,1963 @@
+MPI - Valid parameters
+mpi_valid_param:
+
+MPI - Invalid parameters
+mpi_invalid_param:
+
+Arguments with no value
+mpi_null:
+
+Base test mpi_read_write_string #1
+mpi_read_write_string:10:"128":10:"128":100:0:0
+
+Base test mpi_read_write_string #1 (Leading 0)
+mpi_read_write_string:10:"0128":10:"128":100:0:0
+
+Base test mpi_read_write_string #2
+mpi_read_write_string:10:"128":16:"80":100:0:0
+
+Base test mpi_read_write_string #3 (Read zero decimal)
+mpi_read_write_string:10:"0":10:"0":100:0:0
+
+Base test mpi_read_write_string #3 (Read zero hex)
+mpi_read_write_string:16:"0":16:"00":100:0:0
+
+Base test mpi_read_write_string #3 (Read minus zero decimal)
+mpi_read_write_string:10:"-0":10:"0":100:0:0
+
+Base test mpi_read_write_string #3 (Read minus zero hex)
+mpi_read_write_string:16:"-0":16:"00":100:0:0
+
+Base test mpi_read_write_string #3 (Negative decimal)
+mpi_read_write_string:10:"-23":10:"-23":100:0:0
+
+Base test mpi_read_write_string #3 (Negative decimal, leading 0)
+mpi_read_write_string:10:"-023":10:"-23":100:0:0
+
+Base test mpi_read_write_string #3 (Negative hex -> decimal)
+mpi_read_write_string:16:"-20":10:"-32":100:0:0
+
+Base test mpi_read_write_string #3 (Negative hex)
+mpi_read_write_string:16:"-23":16:"-23":100:0:0
+
+Base test mpi_read_write_string #3 (Negative hex, leading 0)
+mpi_read_write_string:16:"-023":16:"-23":100:0:0
+
+Base test mpi_read_write_string #4 (Buffer just fits)
+mpi_read_write_string:16:"-4":4:"-10":4:0:0
+
+Test mpi_read_write_string #1 (Invalid character)
+mpi_read_write_string:10:"a28":0:"":100:MBEDTLS_ERR_MPI_INVALID_CHARACTER:0
+
+Test mpi_read_write_string #2 (Illegal input radix)
+mpi_read_write_string:19:"a28":0:"":100:MBEDTLS_ERR_MPI_BAD_INPUT_DATA:0
+
+Test mpi_read_write_string #3 (Buffer just fits)
+mpi_read_write_string:16:"-23":16:"-23":4:0:0
+
+Test mpi_read_write_string #4 (Buffer too small)
+mpi_read_write_string:16:"-23":16:"-23":3:0:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL
+
+Test mpi_read_write_string #5 (Illegal output radix)
+mpi_read_write_string:16:"-23":17:"-23":4:0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Test mpi_read_write_string #6 (Output radix of 15)
+mpi_read_write_string:10:"29":15:"1E":100:0:0
+
+Test mpi_read_write_string #7
+mpi_read_write_string:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"0941379D00FED1491FE15DF284DFDE4A142F68AA8D412023195CEE66883E6290FFE703F4EA5963BF212713CEE46B107C09182B5EDCD955ADAC418BF4918E2889AF48E1099D513830CEC85C26AC1E158B52620E33BA8692F893EFBB2F958B4424":200:0:0
+
+Test mpi_read_write_string #8 (Empty MPI hex -> hex)
+mpi_read_write_string:16:"":16:"":4:0:0
+
+Test mpi_read_write_string #9 (Empty MPI hex -> dec)
+mpi_read_write_string:16:"":10:"0":4:0:0
+
+Test mpi_read_write_string #9 (Empty MPI hex -> base 2)
+mpi_read_write_string:16:"":2:"0":4:0:0
+
+Test mpi_read_write_string #8 (Empty MPI dec -> hex)
+mpi_read_write_string:10:"":16:"":4:0:0
+
+Test mpi_read_write_string #9 (Empty MPI dec -> dec)
+mpi_read_write_string:10:"":10:"0":4:0:0
+
+Test mpi_read_write_string #9 (Empty MPI dec -> base 2)
+mpi_read_write_string:16:"":2:"0":4:0:0
+
+Test mpi_write_string #10 (Negative hex with odd number of digits)
+mpi_read_write_string:16:"-1":16:"":3:0:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL
+
+Base test mbedtls_mpi_read_binary #1
+mpi_read_binary:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"0941379D00FED1491FE15DF284DFDE4A142F68AA8D412023195CEE66883E6290FFE703F4EA5963BF212713CEE46B107C09182B5EDCD955ADAC418BF4918E2889AF48E1099D513830CEC85C26AC1E158B52620E33BA8692F893EFBB2F958B4424"
+
+Base test mbedtls_mpi_read_binary_le #1
+mpi_read_binary_le:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"24448B952FBBEF93F89286BA330E62528B151EAC265CC8CE3038519D09E148AF89288E91F48B41ACAD55D9DC5E2B18097C106BE4CE132721BF6359EAF403E7FF90623E8866EE5C192320418DAA682F144ADEDF84F25DE11F49D1FE009D374109"
+
+Base test mbedtls_mpi_write_binary #1
+mpi_write_binary:"941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":200:0
+
+Test mbedtls_mpi_write_binary #1 (Buffer just fits)
+mpi_write_binary:"123123123123123123123123123":"0123123123123123123123123123":14:0
+
+Test mbedtls_mpi_write_binary #2 (Buffer too small)
+mpi_write_binary:"123123123123123123123123123":"23123123123123123123123123":13:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL
+
+Base test mbedtls_mpi_write_binary_le #1
+mpi_write_binary_le:"941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"24448b952fbbef93f89286ba330e62528b151eac265cc8ce3038519d09e148af89288e91f48b41acad55d9dc5e2b18097c106be4ce132721bf6359eaf403e7ff90623e8866ee5c192320418daa682f144adedf84f25de11f49d1fe009d374109":200:0
+
+Test mbedtls_mpi_write_binary_le #1 (Buffer just fits)
+mpi_write_binary_le:"123123123123123123123123123":"2331122331122331122331122301":14:0
+
+Test mbedtls_mpi_write_binary_le #2 (Buffer too small)
+mpi_write_binary_le:"123123123123123123123123123":"23311223311223311223311223":13:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL
+
+Base test mbedtls_mpi_read_file #1
+mpi_read_file:"data_files/mpi_16":"01f55332c3a48b910f9942f6c914e58bef37a47ee45cb164a5b6b8d1006bf59a059c21449939ebebfdf517d2e1dbac88010d7b1f141e997bd6801ddaec9d05910f4f2de2b2c4d714e2c14a72fc7f17aa428d59c531627f09":0
+
+Test mbedtls_mpi_read_file #1 (Empty file)
+mpi_read_file:"data_files/hash_file_4":"":MBEDTLS_ERR_MPI_FILE_IO_ERROR
+
+Test mbedtls_mpi_read_file #2 (Illegal input)
+mpi_read_file:"data_files/hash_file_2":"":0
+
+Test mbedtls_mpi_read_file #3 (Input too big)
+mpi_read_file:"data_files/mpi_too_big":"":MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL
+
+Base test mbedtls_mpi_write_file #1
+mpi_write_file:"941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"data_files/mpi_write"
+
+Test mbedtls_mpi_lsb: 0 (null)
+mpi_lsb:"":0
+
+Test mbedtls_mpi_lsb: 0 (1 limb)
+mpi_lsb:"0":0
+
+Base test mbedtls_mpi_lsb #1
+mpi_lsb:"941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":2
+
+Base test mbedtls_mpi_lsb #2
+mpi_lsb:"18":3
+
+Base test mbedtls_mpi_lsb #3
+mpi_lsb:"24":2
+
+Base test mbedtls_mpi_lsb #4
+mpi_lsb:"2000":13
+
+Base test mbedtls_mpi_bitlen #1
+mpi_bitlen:"941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":764
+
+Base test mbedtls_mpi_bitlen #2
+mpi_bitlen:"18":5
+
+Base test mbedtls_mpi_bitlen #3
+mpi_bitlen:"1":1
+
+Base test mbedtls_mpi_bitlen #4
+mpi_bitlen:"f":4
+
+Base test mbedtls_mpi_bitlen #5
+mpi_bitlen:"10":5
+
+Base test mbedtls_mpi_bitlen #6
+mpi_bitlen:"a":4
+
+Base test mbedtls_mpi_bitlen: 0 (null)
+mpi_bitlen:"":0
+
+Base test mbedtls_mpi_bitlen: 0 (1 limb)
+mpi_bitlen:"0":0
+
+Base test mbedtls_mpi_cmp_int #1
+mpi_cmp_int:693:693:0
+
+Base test mbedtls_mpi_cmp_int #2
+mpi_cmp_int:693:692:1
+
+Base test mbedtls_mpi_cmp_int #3
+mpi_cmp_int:693:694:-1
+
+Base test mbedtls_mpi_cmp_int (Negative values) #1
+mpi_cmp_int:-2:-2:0
+
+Base test mbedtls_mpi_cmp_int (Negative values) #2
+mpi_cmp_int:-2:-3:1
+
+Base test mbedtls_mpi_cmp_int (Negative values) #3
+mpi_cmp_int:-2:-1:-1
+
+Base test mbedtls_mpi_cmp_mpi #1
+mpi_cmp_mpi:"2b5":"2b5":0
+
+Base test mbedtls_mpi_cmp_mpi #2
+mpi_cmp_mpi:"2b5":"2b4":1
+
+Base test mbedtls_mpi_cmp_mpi #3
+mpi_cmp_mpi:"2b5":"2b6":-1
+
+Base test mbedtls_mpi_cmp_mpi (Negative values) #1
+mpi_cmp_mpi:"-2":"-2":0
+
+Base test mbedtls_mpi_cmp_mpi (Negative values) #2
+mpi_cmp_mpi:"-2":"-3":1
+
+Base test mbedtls_mpi_cmp_mpi (Negative values) #3
+mpi_cmp_mpi:"-2":"-1":-1
+
+Base test mbedtls_mpi_cmp_mpi (Mixed values) #4
+mpi_cmp_mpi:"-3":"2":-1
+
+Base test mbedtls_mpi_cmp_mpi (Mixed values) #5
+mpi_cmp_mpi:"2":"-3":1
+
+Base test mbedtls_mpi_cmp_mpi (Mixed values) #6
+mpi_cmp_mpi:"-2":"1c67967269c6":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) = 0 (null)
+mpi_cmp_mpi:"":"":0
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) = 0 (1 limb)
+mpi_cmp_mpi:"":"0":0
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) = 0 (null)
+mpi_cmp_mpi:"0":"":0
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) = 0 (1 limb)
+mpi_cmp_mpi:"0":"0":0
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) < positive
+mpi_cmp_mpi:"":"7b":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < positive
+mpi_cmp_mpi:"0":"7b":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) > negative
+mpi_cmp_mpi:"":"-7b":1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > negative
+mpi_cmp_mpi:"0":"-7b":1
+
+Test mbedtls_mpi_cmp_mpi: positive > 0 (null)
+mpi_cmp_mpi:"7b":"":1
+
+Test mbedtls_mpi_cmp_mpi: positive > 0 (1 limb)
+mpi_cmp_mpi:"7b":"0":1
+
+Test mbedtls_mpi_cmp_mpi: negative < 0 (null)
+mpi_cmp_mpi:"-7b":"":-1
+
+Test mbedtls_mpi_cmp_mpi: negative < 0 (1 limb)
+mpi_cmp_mpi:"-7b":"0":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) < positive with leading zero limb
+mpi_cmp_mpi:"":"0000000000000000123":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < positive with leading zero limb
+mpi_cmp_mpi:"0":"0000000000000000123":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) > negative with leading zero limb
+mpi_cmp_mpi:"":"-0000000000000000123":1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > negative with leading zero limb
+mpi_cmp_mpi:"0":"-0000000000000000123":1
+
+Test mbedtls_mpi_cmp_mpi: positive with leading zero limb > 0 (null)
+mpi_cmp_mpi:"0000000000000000123":"":1
+
+Test mbedtls_mpi_cmp_mpi: positive with leading zero limb > 0 (1 limb)
+mpi_cmp_mpi:"0000000000000000123":"0":1
+
+Test mbedtls_mpi_cmp_mpi: negative with leading zero limb < 0 (null)
+mpi_cmp_mpi:"-0000000000000000123":"":-1
+
+Test mbedtls_mpi_cmp_mpi: negative with leading zero limb < 0 (1 limb)
+mpi_cmp_mpi:"-0000000000000000123":"0":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) < large positive
+mpi_cmp_mpi:"":"1230000000000000000":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < large positive
+mpi_cmp_mpi:"0":"1230000000000000000":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) > large negative
+mpi_cmp_mpi:"":"-1230000000000000000":1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > large negative
+mpi_cmp_mpi:"0":"-1230000000000000000":1
+
+Test mbedtls_mpi_cmp_mpi: large positive > 0 (null)
+mpi_cmp_mpi:"1230000000000000000":"":1
+
+Test mbedtls_mpi_cmp_mpi: large positive > 0 (1 limb)
+mpi_cmp_mpi:"1230000000000000000":"0":1
+
+Test mbedtls_mpi_cmp_mpi: large negative < 0 (null)
+mpi_cmp_mpi:"-1230000000000000000":"":-1
+
+Test mbedtls_mpi_cmp_mpi: large negative < 0 (1 limb)
+mpi_cmp_mpi:"-1230000000000000000":"0":-1
+
+Base test mbedtls_mpi_lt_mpi_ct #1
+mpi_lt_mpi_ct:1:"2B5":1:"2B5":0:0
+
+Base test mbedtls_mpi_lt_mpi_ct #2
+mpi_lt_mpi_ct:1:"2B5":1:"2B4":0:0
+
+Base test mbedtls_mpi_lt_mpi_ct #3
+mpi_lt_mpi_ct:1:"2B5":1:"2B6":1:0
+
+Base test mbedtls_mpi_lt_mpi_ct (Negative values) #1
+mpi_lt_mpi_ct:1:"-2":1:"-2":0:0
+
+Base test mbedtls_mpi_lt_mpi_ct (Negative values) #2
+mpi_lt_mpi_ct:1:"-2":1:"-3":0:0
+
+Base test mbedtls_mpi_lt_mpi_ct (Negative values) #3
+mpi_lt_mpi_ct:1:"-2":1:"-1":1:0
+
+Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #1
+mpi_lt_mpi_ct:1:"-3":1:"2":1:0
+
+Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #2
+mpi_lt_mpi_ct:1:"2":1:"-3":0:0
+
+Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #3
+mpi_lt_mpi_ct:2:"-2":2:"1C67967269C6":1:0
+
+Base test mbedtls_mpi_lt_mpi_ct (X is longer in storage)
+mpi_lt_mpi_ct:3:"2B5":2:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Base test mbedtls_mpi_lt_mpi_ct (Y is longer in storage)
+mpi_lt_mpi_ct:3:"2B5":4:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Base test mbedtls_mpi_lt_mpi_ct (length=0)
+mpi_lt_mpi_ct:0:"":0:"":0:0
+
+Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #1
+mpi_lt_mpi_ct:2:"7FFFFFFFFFFFFFFF":2:"FF":0:0
+
+Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #2
+mpi_lt_mpi_ct:2:"8000000000000000":2:"7FFFFFFFFFFFFFFF":0:0
+
+Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #3
+mpi_lt_mpi_ct:2:"8000000000000000":2:"1":0:0
+
+Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #4
+mpi_lt_mpi_ct:2:"8000000000000000":2:"0":0:0
+
+Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #5
+mpi_lt_mpi_ct:2:"FFFFFFFFFFFFFFFF":2:"FF":0:0
+
+Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #1
+mpi_lt_mpi_ct:1:"7FFFFFFF":1:"FF":0:0
+
+Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #2
+mpi_lt_mpi_ct:1:"80000000":1:"7FFFFFFF":0:0
+
+Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #3
+mpi_lt_mpi_ct:1:"80000000":1:"1":0:0
+
+Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #4
+mpi_lt_mpi_ct:1:"80000000":1:"0":0:0
+
+Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #5
+mpi_lt_mpi_ct:1:"FFFFFFFF":1:"FF":0:0
+
+Multi-limb mbedtls_mpi_lt_mpi_ct (X<Y, zero vs non-zero MS limb)
+mpi_lt_mpi_ct:2:"0FFFFFFFFFFFFFFFF":2:"1FFFFFFFFFFFFFFFF":1:0
+
+Multi-limb mbedtls_mpi_lt_mpi_ct (X>Y, equal MS limbs)
+mpi_lt_mpi_ct:2:"-EEFFFFFFFFFFFFFFF1":2:"-EEFFFFFFFFFFFFFFFF":0:0
+
+Multi-limb mbedtls_mpi_lt_mpi_ct (X=Y)
+mpi_lt_mpi_ct:2:"EEFFFFFFFFFFFFFFFF":2:"EEFFFFFFFFFFFFFFFF":0:0
+
+Multi-limb mbedtls_mpi_lt_mpi_ct (X=-Y)
+mpi_lt_mpi_ct:2:"-EEFFFFFFFFFFFFFFFF":2:"EEFFFFFFFFFFFFFFFF":1:0
+
+Multi-limb mbedtls_mpi_lt_mpi_ct (Alternating limbs) #1
+mpi_lt_mpi_ct:2:"11FFFFFFFFFFFFFFFF":2:"FF1111111111111111":1:0
+
+Multi-limb mbedtls_mpi_lt_mpi_ct (Alternating limbs) #2
+mpi_lt_mpi_ct:2:"FF1111111111111111":2:"11FFFFFFFFFFFFFFFF":0:0
+
+Multi-limb mbedtls_mpi_lt_mpi_ct (Alternating limbs) #3
+mpi_lt_mpi_ct:2:"-11FFFFFFFFFFFFFFFF":2:"-FF1111111111111111":0:0
+
+Multi-limb mbedtls_mpi_lt_mpi_ct (Alternating limbs) #4
+mpi_lt_mpi_ct:2:"-FF1111111111111111":2:"-11FFFFFFFFFFFFFFFF":1:0
+
+Base test mbedtls_mpi_cmp_abs #1
+mpi_cmp_abs:"2b5":"2b5":0
+
+Base test mbedtls_mpi_cmp_abs #2
+mpi_cmp_abs:"2b5":"2b4":1
+
+Base test mbedtls_mpi_cmp_abs #3
+mpi_cmp_abs:"2b5":"2b6":-1
+
+Base test mbedtls_mpi_cmp_abs (Negative values) #1
+mpi_cmp_abs:"-2":"-2":0
+
+Base test mbedtls_mpi_cmp_abs (Negative values) #2
+mpi_cmp_abs:"-2":"-3":-1
+
+Base test mbedtls_mpi_cmp_abs (Negative values) #3
+mpi_cmp_abs:"-2":"-1":1
+
+Test mbedtls_mpi_cmp_abs: 0 (null) = 0 (null)
+mpi_cmp_abs:"":"":0
+
+Test mbedtls_mpi_cmp_abs: 0 (null) = 0 (1 limb)
+mpi_cmp_abs:"":"0":0
+
+Test mbedtls_mpi_cmp_abs: 0 (1 limb) = 0 (null)
+mpi_cmp_abs:"0":"":0
+
+Test mbedtls_mpi_cmp_abs: 0 (1 limb) = 0 (1 limb)
+mpi_cmp_abs:"0":"0":0
+
+Base test mbedtls_mpi_cmp_abs (Mix values) #1
+mpi_cmp_abs:"-2":"2":0
+
+Base test mbedtls_mpi_cmp_abs (Mix values) #2
+mpi_cmp_abs:"2":"-3":-1
+
+Base test mbedtls_mpi_cmp_abs (Mix values) #3
+mpi_cmp_abs:"-2":"1":1
+
+Copy large negative to large negative
+mpi_copy:"-ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5"
+
+Copy large negative to large positive
+mpi_copy:"-ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5"
+
+Copy large negative to small negative
+mpi_copy:"-ca5cadedb01dfaceacc01ade":"-beef"
+
+Copy large negative to small positive
+mpi_copy:"-ca5cadedb01dfaceacc01ade":"beef"
+
+Copy large negative to zero (1 limb)
+mpi_copy:"-ca5cadedb01dfaceacc01ade":"0"
+
+Copy large negative to zero (null)
+mpi_copy:"-ca5cadedb01dfaceacc01ade":""
+
+Copy large positive to large negative
+mpi_copy:"ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5"
+
+Copy large positive to large positive
+mpi_copy:"ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5"
+
+Copy large positive to small negative
+mpi_copy:"ca5cadedb01dfaceacc01ade":"-beef"
+
+Copy large positive to small positive
+mpi_copy:"ca5cadedb01dfaceacc01ade":"beef"
+
+Copy large positive to zero (1 limb)
+mpi_copy:"ca5cadedb01dfaceacc01ade":"0"
+
+Copy large positive to zero (null)
+mpi_copy:"ca5cadedb01dfaceacc01ade":""
+
+Copy small negative to large negative
+mpi_copy:"-bead":"-face1e55ca11ab1ecab005e5"
+
+Copy small negative to large positive
+mpi_copy:"-bead":"face1e55ca11ab1ecab005e5"
+
+Copy small negative to small negative
+mpi_copy:"-bead":"-beef"
+
+Copy small negative to small positive
+mpi_copy:"-bead":"beef"
+
+Copy small negative to zero (1 limb)
+mpi_copy:"-bead":"0"
+
+Copy small negative to zero (null)
+mpi_copy:"-bead":""
+
+Copy small positive to large negative
+mpi_copy:"bead":"-face1e55ca11ab1ecab005e5"
+
+Copy small positive to large positive
+mpi_copy:"bead":"face1e55ca11ab1ecab005e5"
+
+Copy small positive to small negative
+mpi_copy:"bead":"-beef"
+
+Copy small positive to small positive
+mpi_copy:"bead":"beef"
+
+Copy small positive to zero (1 limb)
+mpi_copy:"bead":"0"
+
+Copy small positive to zero (null)
+mpi_copy:"bead":""
+
+Copy zero (1 limb) to large negative
+mpi_copy:"0":"-face1e55ca11ab1ecab005e5"
+
+Copy zero (1 limb) to large positive
+mpi_copy:"0":"face1e55ca11ab1ecab005e5"
+
+Copy zero (1 limb) to small negative
+mpi_copy:"0":"-beef"
+
+Copy zero (1 limb) to small positive
+mpi_copy:"0":"beef"
+
+Copy zero (1 limb) to zero (1 limb)
+mpi_copy:"0":"0"
+
+Copy zero (1 limb) to zero (null)
+mpi_copy:"0":""
+
+Copy zero (null) to large negative
+mpi_copy:"":"-face1e55ca11ab1ecab005e5"
+
+Copy zero (null) to large positive
+mpi_copy:"":"face1e55ca11ab1ecab005e5"
+
+Copy zero (null) to small negative
+mpi_copy:"":"-beef"
+
+Copy zero (null) to small positive
+mpi_copy:"":"beef"
+
+Copy zero (null) to zero (1 limb)
+mpi_copy:"":"0"
+
+Copy zero (null) to zero (null)
+mpi_copy:"":""
+
+Copy self: large negative
+mpi_copy_self:"-ca5cadedb01dfaceacc01ade"
+
+Copy self: large positive
+mpi_copy_self:"ca5cadedb01dfaceacc01ade"
+
+Copy self: small negative
+mpi_copy_self:"-bead"
+
+Copy self: small positive
+mpi_copy_self:"bead"
+
+Copy self: zero (1 limb)
+mpi_copy_self:"0"
+
+Copy self: zero (null)
+mpi_copy_self:""
+
+Swap large negative with large negative
+mpi_swap:"-ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5"
+
+Swap large negative with large positive
+mpi_swap:"-ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5"
+
+Swap large negative with small negative
+mpi_swap:"-ca5cadedb01dfaceacc01ade":"-beef"
+
+Swap large negative with small positive
+mpi_swap:"-ca5cadedb01dfaceacc01ade":"beef"
+
+Swap large negative with zero (1 limb)
+mpi_swap:"-ca5cadedb01dfaceacc01ade":"0"
+
+Swap large negative with zero (null)
+mpi_swap:"-ca5cadedb01dfaceacc01ade":""
+
+Swap large positive with large negative
+mpi_swap:"ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5"
+
+Swap large positive with large positive
+mpi_swap:"ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5"
+
+Swap large positive with small negative
+mpi_swap:"ca5cadedb01dfaceacc01ade":"-beef"
+
+Swap large positive with small positive
+mpi_swap:"ca5cadedb01dfaceacc01ade":"beef"
+
+Swap large positive with zero (1 limb)
+mpi_swap:"ca5cadedb01dfaceacc01ade":"0"
+
+Swap large positive with zero (null)
+mpi_swap:"ca5cadedb01dfaceacc01ade":""
+
+Swap small negative with large negative
+mpi_swap:"-bead":"-face1e55ca11ab1ecab005e5"
+
+Swap small negative with large positive
+mpi_swap:"-bead":"face1e55ca11ab1ecab005e5"
+
+Swap small negative with small negative
+mpi_swap:"-bead":"-beef"
+
+Swap small negative with small positive
+mpi_swap:"-bead":"beef"
+
+Swap small negative with zero (1 limb)
+mpi_swap:"-bead":"0"
+
+Swap small negative with zero (null)
+mpi_swap:"-bead":""
+
+Swap small positive with large negative
+mpi_swap:"bead":"-face1e55ca11ab1ecab005e5"
+
+Swap small positive with large positive
+mpi_swap:"bead":"face1e55ca11ab1ecab005e5"
+
+Swap small positive with small negative
+mpi_swap:"bead":"-beef"
+
+Swap small positive with small positive
+mpi_swap:"bead":"beef"
+
+Swap small positive with zero (1 limb)
+mpi_swap:"bead":"0"
+
+Swap small positive with zero (null)
+mpi_swap:"bead":""
+
+Swap zero (1 limb) with large negative
+mpi_swap:"0":"-face1e55ca11ab1ecab005e5"
+
+Swap zero (1 limb) with large positive
+mpi_swap:"0":"face1e55ca11ab1ecab005e5"
+
+Swap zero (1 limb) with small negative
+mpi_swap:"0":"-beef"
+
+Swap zero (1 limb) with small positive
+mpi_swap:"0":"beef"
+
+Swap zero (1 limb) with zero (1 limb)
+mpi_swap:"0":"0"
+
+Swap zero (1 limb) with zero (null)
+mpi_swap:"0":""
+
+Swap zero (null) with large negative
+mpi_swap:"":"-face1e55ca11ab1ecab005e5"
+
+Swap zero (null) with large positive
+mpi_swap:"":"face1e55ca11ab1ecab005e5"
+
+Swap zero (null) with small negative
+mpi_swap:"":"-beef"
+
+Swap zero (null) with small positive
+mpi_swap:"":"beef"
+
+Swap zero (null) with zero (1 limb)
+mpi_swap:"":"0"
+
+Swap zero (null) with zero (null)
+mpi_swap:"":""
+
+Swap self: large negative
+mpi_swap_self:"-ca5cadedb01dfaceacc01ade"
+
+Swap self: large positive
+mpi_swap_self:"ca5cadedb01dfaceacc01ade"
+
+Swap self: small negative
+mpi_swap_self:"-bead"
+
+Swap self: small positive
+mpi_swap_self:"bead"
+
+Swap self: zero (1 limb)
+mpi_swap_self:"0"
+
+Swap self: zero (null)
+mpi_swap_self:""
+
+Shrink 0 limbs in a buffer of size 0 to 0
+mpi_shrink:0:0:0:0
+
+Shrink 2 limbs in a buffer of size 2 to 4
+mpi_shrink:2:2:4:4
+
+Shrink 2 limbs in a buffer of size 4 to 4
+mpi_shrink:4:2:4:4
+
+Shrink 2 limbs in a buffer of size 8 to 4
+mpi_shrink:8:2:4:4
+
+Shrink 4 limbs in a buffer of size 8 to 4
+mpi_shrink:8:4:4:4
+
+Shrink 6 limbs in a buffer of size 8 to 4 yielding 6
+mpi_shrink:8:6:4:6
+
+Shrink 2 limbs in a buffer of size 4 to 0 yielding 2
+mpi_shrink:4:2:0:2
+
+Shrink 1 limbs in a buffer of size 4 to 0 yielding 1
+mpi_shrink:4:1:0:1
+
+Shrink 0 limbs in a buffer of size 4 to 0 yielding 1
+mpi_shrink:4:0:0:1
+
+Base test mbedtls_mpi_add_abs #1
+mpi_add_abs:"bc614e":"9cde3":"c62f31"
+
+Base test mbedtls_mpi_add_abs #2
+mpi_add_abs:"-bc614e":"9cde3":"c62f31"
+
+Base test mbedtls_mpi_add_abs #3
+mpi_add_abs:"bc614e":"-9cde3":"c62f31"
+
+Base test mbedtls_mpi_add_abs #4
+mpi_add_abs:"-bc614e":"-9cde3":"c62f31"
+
+Test mbedtls_mpi_add_abs: 0 (null) + 0 (null)
+mpi_add_abs:"":"":"0"
+
+Test mbedtls_mpi_add_abs: 0 (null) + 1
+mpi_add_abs:"":"01":"01"
+
+Test mbedtls_mpi_add_abs: 1 + 0 (null)
+mpi_add_abs:"01":"":"01"
+
+Test mbedtls_mpi_add_abs #1
+mpi_add_abs:"-1f55332c3a48b910f9942f6c914e58bef37a47ee45cb164a5b6b8d1006bf59a059c21449939ebebfdf517d2e1dbac88010d7b1f141e997bd6801ddaec9d05910f4f2de2b2c4d714e2c14a72fc7f17aa428d59c531627f09":"941379d00fed1491dec0abfc13b52b9049625b3c42c3a972a2549e7a3e1b12c5a304b23e9ed6e251b8af28a4b3124900b23138bfafda925ab3410d57d6f8f0dd8c8c32eb0b4329fbf792e43f9593e766fa0c3c0be077b4e5162616a6428c51b":"941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424"
+
+Regression mbedtls_mpi_add_abs (add small to very large MPI with carry rollover) [#1]
+mpi_add_abs:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFF8":"08":"1000000000000000000000000000000"
+
+Regression mbedtls_mpi_add_abs (add small to very large MPI with carry rollover) [#2]
+mpi_add_abs:"08":"FFFFFFFFFFFFFFFFFFFFFFFFFFFFF8":"1000000000000000000000000000000"
+
+Base test mbedtls_mpi_add_mpi #1
+mpi_add_mpi:"bc614e":"9cde3":"c62f31"
+
+Base test mbedtls_mpi_add_mpi #2
+mpi_add_mpi:"-bc614e":"9cde3":"-b2936b"
+
+Base test mbedtls_mpi_add_mpi #3
+mpi_add_mpi:"bc614e":"-9cde3":"b2936b"
+
+Base test mbedtls_mpi_add_mpi #4
+mpi_add_mpi:"-bc614e":"-9cde3":"-c62f31"
+
+Test mbedtls_mpi_add_mpi: 0 (null) + 0 (null)
+mpi_add_mpi:"":"":"0"
+
+Test mbedtls_mpi_add_mpi: 0 (null) + 1
+mpi_add_mpi:"":"01":"01"
+
+Test mbedtls_mpi_add_mpi: 1 + 0 (null)
+mpi_add_mpi:"01":"":"01"
+
+Test mbedtls_mpi_add_mpi: 0 (null) + -1
+mpi_add_mpi:"":"-01":"-01"
+
+Test mbedtls_mpi_add_mpi: -1 + 0 (null)
+mpi_add_mpi:"-01":"":"-01"
+
+Test mbedtls_mpi_add_mpi #1
+mpi_add_mpi:"4df72d07b4b71c8dacb6cffa954f8d88254b6277099308baf003fab73227f34029643b5a263f66e0d3c3fa297ef71755efd53b8fb6cb812c6bbf7bcf179298bd9947c4c8b14324140a2c0f5fad7958a69050a987a6096e9f055fb38edf0c5889eca4a0cfa99b45fbdeee4c696b328ddceae4723945901ec025076b12b":"cb50e82a8583f44ee0025942e7362991b24e12663a0ddc234a57b0f7b4ff7b025bf5a6707dedc2898e70b739042c95a996283dffdf67558768784553c61e302e8812bc90f0bb0696870cfb910b560cefed8d99bbf7a00b31ccdbd56f3594e5a653cfd127d2167b13119e5c45c3f76b4e3d904a9bc0cbb43c33aa7f23b":"1194815323a3b10dc8cb9293d7c85b719d79974dd43a0e4de3a5babaee7276e428559e1caa42d296a6234b1628323acff85fd798f9632d6b3d437c122ddb0c8ec215a8159a1fe2aaa91390af0b8cf65967dde43439da979d0d23b88fe14a13e30407471f77bb1c10ef08ca8af2f29f92b2874bcd5065bd2fc58b1ea366"
+
+Test mbedtls_mpi_add_mpi #2
+mpi_add_mpi:"1f55332c3a48b910f9942f6c914e58bef37a47ee45cb164a5b6b8d1006bf59a059c21449939ebebfdf517d2e1dbac88010d7b1f141e997bd6801ddaec9d05910f4f2de2b2c4d714e2c14a72fc7f17aa428d59c531627f09":"941379d00fed1491dec0abfc13b52b9049625b3c42c3a972a2549e7a3e1b12c5a304b23e9ed6e251b8af28a4b3124900b23138bfafda925ab3410d57d6f8f0dd8c8c32eb0b4329fbf792e43f9593e766fa0c3c0be077b4e5162616a6428c51b":"941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424"
+
+Base test mbedtls_mpi_add_mpi inplace #1
+mpi_add_mpi_inplace:"bc614e":"178c29c"
+
+Test mbedtls_mpi_add_mpi inplace #2
+mpi_add_mpi_inplace:"1f55332c3a48b910f9942f6c914e58bef37a47ee45cb164a5b6b8d1006bf59a059c21449939ebebfdf517d2e1dbac88010d7b1f141e997bd6801ddaec9d05910f4f2de2b2c4d714e2c14a72fc7f17aa428d59c531627f09":"3eaa665874917221f3285ed9229cb17de6f48fdc8b962c94b6d71a200d7eb340b3842893273d7d7fbea2fa5c3b75910021af63e283d32f7ad003bb5d93a0b221e9e5bc56589ae29c58294e5f8fe2f54851ab38a62c4fe12"
+
+Test mbedtls_mpi_add_mpi inplace #3
+mpi_add_mpi_inplace:"ffffffffffffffffffffffffffffffff":"01fffffffffffffffffffffffffffffffe"
+
+Test mbedtls_mpi_add_int #1
+mpi_add_int:"10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd92ad4189":9871232:"10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd9343e109"
+
+Test mbedtls_mpi_add_int #2
+mpi_add_int:"10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd92ad4189":-9871232:"10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd9216a209"
+
+Test mbedtls_mpi_add_int: 0 (null) + 0
+mpi_add_int:"":0:"0"
+
+Test mbedtls_mpi_add_int: 0 (null) + 1
+mpi_add_int:"":1:"1"
+
+Base test mbedtls_mpi_sub_abs #1 (|B| > |A|)
+mpi_sub_abs:"5":"7":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Base test mbedtls_mpi_sub_abs #2 (|B| > |A|)
+mpi_sub_abs:"-5":"-7":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Base test mbedtls_mpi_sub_abs #3 (|B| > |A|)
+mpi_sub_abs:"-5":"7":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Base test mbedtls_mpi_sub_abs #4 (|B| > |A|)
+mpi_sub_abs:"5":"-7":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Base test mbedtls_mpi_sub_abs #1 (|B| >> |A| with more limbs)
+mpi_sub_abs:"5":"123456789abcdef01":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Base test mbedtls_mpi_sub_abs #2 (|B| >> |A| with more limbs)
+mpi_sub_abs:"-5":"-123456789abcdef01":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Base test mbedtls_mpi_sub_abs #3 (|B| >> |A| with more limbs)
+mpi_sub_abs:"-5":"123456789abcdef01":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Base test mbedtls_mpi_sub_abs #4 (|B| >> |A| with more limbs)
+mpi_sub_abs:"5":"-123456789abcdef01":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Base test mbedtls_mpi_sub_abs #1
+mpi_sub_abs:"7":"5":"2":0
+
+Base test mbedtls_mpi_sub_abs #2
+mpi_sub_abs:"-7":"-5":"2":0
+
+Base test mbedtls_mpi_sub_abs #3
+mpi_sub_abs:"-7":"5":"2":0
+
+Base test mbedtls_mpi_sub_abs #4
+mpi_sub_abs:"7":"-5":"2":0
+
+Test mbedtls_mpi_sub_abs: 0 (null) - 0 (null)
+mpi_sub_abs:"":"":"":0
+
+Test mbedtls_mpi_sub_abs: 0 (null) - 0 (1 limb)
+mpi_sub_abs:"":"00":"":0
+
+Test mbedtls_mpi_sub_abs: 0 (1 limb) - 0 (null)
+mpi_sub_abs:"00":"":"":0
+
+Test mbedtls_mpi_sub_abs: 0 (1 limb) - 0 (1 limb)
+mpi_sub_abs:"00":"00":"":0
+
+Test mbedtls_mpi_sub_abs: 1 - 0 (null)
+mpi_sub_abs:"01":"":"01":0
+
+Test mbedtls_mpi_sub_abs: 0 (null) - 1
+mpi_sub_abs:"":"01":"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Test mbedtls_mpi_sub_abs #1
+mpi_sub_abs:"FFFFFFFFFF":"01":"FFFFFFFFFE":0
+
+Test mbedtls_mpi_sub_abs #2
+mpi_sub_abs:"FFFFFFFFF0":"01":"FFFFFFFFEF":0
+
+Test mbedtls_mpi_sub_abs #3
+mpi_sub_abs:"FF00000000":"0F00000000":"F000000000":0
+
+Test mbedtls_mpi_sub_abs #4
+mpi_sub_abs:"FF00000000":"0F00000001":"EFFFFFFFFF":0
+
+Base test mbedtls_mpi_sub_mpi #1 (Test with negative result)
+mpi_sub_mpi:"5":"7":"-2"
+
+Base test mbedtls_mpi_sub_mpi #2 (Test with negative inputs)
+mpi_sub_mpi:"-5":"-7":"2"
+
+Base test mbedtls_mpi_sub_mpi #3 (Test with negative base)
+mpi_sub_mpi:"-5":"7":"-c"
+
+Base test mbedtls_mpi_sub_mpi #4 (Test with negative subtraction)
+mpi_sub_mpi:"5":"-7":"c"
+
+Test mbedtls_mpi_sub_mpi: 0 (null) - 0 (null)
+mpi_sub_mpi:"":"":"0"
+
+Test mbedtls_mpi_sub_mpi: 0 (null) - 0 (1 limb)
+mpi_sub_mpi:"":"00":"0"
+
+Test mbedtls_mpi_sub_mpi: 0 (null) - 1
+mpi_sub_mpi:"":"1":"-1"
+
+Test mbedtls_mpi_sub_mpi: 0 (null) - -1
+mpi_sub_mpi:"":"-1":"1"
+
+Test mbedtls_mpi_sub_mpi: 0 (1 limb) - 0 (null)
+mpi_sub_mpi:"00":"":"0"
+
+Test mbedtls_mpi_sub_mpi: 1 - 0 (null)
+mpi_sub_mpi:"1":"":"1"
+
+Test mbedtls_mpi_sub_mpi: -1 - 0 (null)
+mpi_sub_mpi:"-1":"":"-1"
+
+Test mbedtls_mpi_sub_mpi #1
+mpi_sub_mpi:"cb50e82a8583f44ee0025942e7362991b24e12663a0ddc234a57b0f7b4ff7b025bf5a6707dedc2898e70b739042c95a996283dffdf67558768784553c61e302e8812bc90f0bb0696870cfb910b560cefed8d99bbf7a00b31ccdbd56f3594e5a653cfd127d2167b13119e5c45c3f76b4e3d904a9bc0cbb43c33aa7f23b":"4df72d07b4b71c8dacb6cffa954f8d88254b6277099308baf003fab73227f34029643b5a263f66e0d3c3fa297ef71755efd53b8fb6cb812c6bbf7bcf179298bd9947c4c8b14324140a2c0f5fad7958a69050a987a6096e9f055fb38edf0c5889eca4a0cfa99b45fbdeee4c696b328ddceae4723945901ec025076b12b":"7d59bb22d0ccd7c1334b894851e69c098d02afef307ad3685a53b64082d787c232916b1657ae5ba8baacbd0f85357e53a6530270289bd45afcb8c984ae8b9770eecaf7c83f77e2827ce0ec315ddcb4495d3cf03451969c92c77c21e056888d1c672b3058287b351732b00fdc58c4dd7152abd8627b3b957c0ea314110"
+
+Test mbedtls_mpi_sub_mpi #2 (Test for negative result)
+mpi_sub_mpi:"1f55332c3a48b910f9942f6c914e58bef37a47ee45cb164a5b6b8d1006bf59a059c21449939ebebfdf517d2e1dbac88010d7b1f141e997bd6801ddaec9d05910f4f2de2b2c4d714e2c14a72fc7f17aa428d59c531627f09":"941379d00fed1491dec0abfc13b52b9049625b3c42c3a972a2549e7a3e1b12c5a304b23e9ed6e251b8af28a4b3124900b23138bfafda925ab3410d57d6f8f0dd8c8c32eb0b4329fbf792e43f9593e766fa0c3c0be077b4e5162616a6428c51b":"-941379d00fed1491bf6b78cfd96c727f4fce2bcfb17550b3aeda568bf84ffc7b4799252e981788b15eed145b1f738a40d2dfbb91921fc9daa2695b66950f5920248a553c4172d0eb02a0061469467618cdf794dc18863a40ed507a532c64612"
+
+Test mbedtls_mpi_sub_int #1
+mpi_sub_int:"10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd92ad4189":-9871232:"10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd9343e109"
+
+Test mbedtls_mpi_sub_int #2
+mpi_sub_int:"10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd92ad4189":9871232:"10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd9216a209"
+
+Test mbedtls_mpi_sub_int: 0 (null) - 0
+mpi_sub_int:"":0:"0"
+
+Test mbedtls_mpi_sub_int: 0 (null) - 1
+mpi_sub_int:"":1:"-1"
+
+Test mbedtls_mpi_sub_int: 0 (null) - -1
+mpi_sub_int:"":-1:"1"
+
+Test mbedtls_mpi_shift_l #1
+mpi_shift_l:"40":1:"80"
+
+Test mbedtls_mpi_shift_l #2
+mpi_shift_l:"1946e2958a85d8863ae21f4904fcc49478412534ed53eaf321f63f2a2227a3c63acbf50b6305595f90cfa8327f6db80d986fe96080bcbb5df1bdbe9b74fb8dedf2bddb3f8215b54dffd66409323bcc473e45a8fe9d08e77a511698b5dad0416305db7fcf":37:"328dc52b150bb10c75c43e9209f98928f0824a69daa7d5e643ec7e54444f478c7597ea16c60ab2bf219f5064fedb701b30dfd2c1017976bbe37b7d36e9f71bdbe57bb67f042b6a9bffacc8126477988e7c8b51fd3a11cef4a22d316bb5a082c60bb6ff9e000000000"
+
+Test mbedtls_mpi_shift_l: 0 (null) <<= 0
+mpi_shift_l:"":0:"0"
+
+Test mbedtls_mpi_shift_l: 0 (null) <<= 1
+mpi_shift_l:"":1:"0"
+
+Test mbedtls_mpi_shift_l: 0 (null) <<= 64
+mpi_shift_l:"":64:"0"
+
+Test mbedtls_mpi_shift_r #1
+mpi_shift_r:"80":1:"40"
+
+Test mbedtls_mpi_shift_r #2
+mpi_shift_r:"4a36ce2a2eba161116629d6196efb17ee4f01ef753cd32b9e952d4d69e4b2401e85e0c3ba0ea761f44e312db10209fb6b38963c9c0302dc67b1b531c32301d8d341968c734387ef8bc2496051e0bb530975839852d8dd15684788f9dca62cb0c372ac51":45:"251b6715175d0b088b314eb0cb77d8bf72780f7ba9e6995cf4a96a6b4f259200f42f061dd0753b0fa271896d88104fdb59c4b1e4e01816e33d8da98e19180ec69a0cb4639a1c3f7c5e124b028f05da984bac1cc296c6e8ab423c47cee531"
+
+Test mbedtls_mpi_shift_r #4 [#1]
+mpi_shift_r:"FFFFFFFFFFFFFFFF":63:"01"
+
+Test mbedtls_mpi_shift_r #4 [#2]
+mpi_shift_r:"FFFFFFFFFFFFFFFF":64:"00"
+
+Test mbedtls_mpi_shift_r #6
+mpi_shift_r:"FFFFFFFFFFFFFFFF":65:"00"
+
+Test mbedtls_mpi_shift_r #7
+mpi_shift_r:"FFFFFFFFFFFFFFFF":128:"00"
+
+Test mbedtls_mpi_shift_r: 0 (null) >>= 0
+mpi_shift_r:"":0:"0"
+
+Test mbedtls_mpi_shift_r: 0 (null) >>= 1
+mpi_shift_r:"":1:"0"
+
+Test mbedtls_mpi_shift_r: 0 (null) >>= 64
+mpi_shift_r:"":64:"0"
+
+Base test mbedtls_mpi_mul_mpi #1
+mpi_mul_mpi:"5":"7":"23"
+
+Base test mbedtls_mpi_mul_mpi #2
+mpi_mul_mpi:"-5":"7":"-23"
+
+Base test mbedtls_mpi_mul_mpi #3
+mpi_mul_mpi:"5":"-7":"-23"
+
+Base test mbedtls_mpi_mul_mpi #4
+mpi_mul_mpi:"-5":"-7":"23"
+
+Test mbedtls_mpi_mul_mpi: 0 (null) * 0 (null)
+mpi_mul_mpi:"":"":"0"
+
+Test mbedtls_mpi_mul_mpi: 0 (null) * 0 (1 limb)
+mpi_mul_mpi:"":"00":"0"
+
+Test mbedtls_mpi_mul_mpi: 0 (null) * 1
+mpi_mul_mpi:"":"01":"0"
+
+Test mbedtls_mpi_mul_mpi: 0 (null) * -1
+mpi_mul_mpi:"":"-01":"0"
+
+Test mbedtls_mpi_mul_mpi: 0 (1 limb) * -1
+mpi_mul_mpi:"00":"-01":"0"
+
+Test mbedtls_mpi_mul_mpi: 0 (1 limb) * 0 (null)
+mpi_mul_mpi:"00":"":"0"
+
+Test mbedtls_mpi_mul_mpi: 1 * 0 (null)
+mpi_mul_mpi:"01":"":"0"
+
+Test mbedtls_mpi_mul_mpi: -1 * 0 (null)
+mpi_mul_mpi:"-01":"":"0"
+
+Test mbedtls_mpi_mul_mpi: -1 * 0 (1 limb)
+mpi_mul_mpi:"-01":"00":"0"
+
+Test mbedtls_mpi_mul_mpi #1
+mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B
+mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, A < 0
+mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, B < 0
+mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, A < 0, B < 0
+mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A
+mpi_mul_mpi:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, A < 0
+mpi_mul_mpi:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, B < 0
+mpi_mul_mpi:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, A < 0, B < 0
+mpi_mul_mpi:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B
+mpi_mul_mpi:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, A < 0
+mpi_mul_mpi:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, B < 0
+mpi_mul_mpi:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, A < 0, B < 0
+mpi_mul_mpi:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A
+mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, A < 0
+mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, B < 0
+mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, A < 0, B < 0
+mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B
+mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, A < 0
+mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, B < 0
+mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, A < 0, B < 0
+mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B
+mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, A < 0
+mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, B < 0
+mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, A < 0, B < 0
+mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A
+mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, A < 0
+mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, B < 0
+mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, A < 0, B < 0
+mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B
+mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, A < 0
+mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, B < 0
+mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, A < 0, B < 0
+mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_int #1
+mpi_mul_int:"10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd92ad4189":9871232:"9e22d6da18a33d1ef28d2a82242b3f6e9c9742f63e5d440f58a190bfaf23a7866e67589adb80":"=="
+
+Test mbedtls_mpi_mul_int #2 (Unsigned, thus failure)
+mpi_mul_int:"10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd92ad4189":-9871232:"-9e22d6da18a33d1ef28d2a82242b3f6e9c9742f63e5d440f58a190bfaf23a7866e67589adb80":"!="
+
+Test mbedtls_mpi_mul_int #3
+mpi_mul_int:"-10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd92ad4189":9871232:"-9e22d6da18a33d1ef28d2a82242b3f6e9c9742f63e5d440f58a190bfaf23a7866e67589adb80":"=="
+
+Test mbedtls_mpi_mul_int #4 (Unsigned, thus failure)
+mpi_mul_int:"-10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd92ad4189":-9871232:"9e22d6da18a33d1ef28d2a82242b3f6e9c9742f63e5d440f58a190bfaf23a7866e67589adb80":"!="
+
+Test mbedtls_mpi_mul_int: 0 (null) * 0
+mpi_mul_int:"":0:"":"=="
+
+Test mbedtls_mpi_mul_int: 0 (null) * 1
+mpi_mul_int:"":1:"":"=="
+
+Test mbedtls_mpi_mul_int: 0 (null) * 0x1234
+mpi_mul_int:"":0x1234:"":"=="
+
+Base test mbedtls_mpi_div_mpi #1
+mpi_div_mpi:"3e8":"d":"4c":"c":0
+
+Base test mbedtls_mpi_div_mpi #2 (Divide by zero (1 limb))
+mpi_div_mpi:"3e8":"0":"1":"1":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Base test mbedtls_mpi_div_mpi #2 (Divide by zero (null))
+mpi_div_mpi:"3e8":"":"1":"1":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Base test mbedtls_mpi_div_mpi #3
+mpi_div_mpi:"3e8":"-d":"-4c":"c":0
+
+Test mbedtls_mpi_div_mpi: 0 (null) / 0 (null)
+mpi_div_mpi:"":"":"":"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_mpi: 0 (null) / 0 (1 limb)
+mpi_div_mpi:"":"0":"":"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_mpi: 0 (1 limb) / 0 (null)
+mpi_div_mpi:"0":"":"":"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_mpi: 0 (1 limb) / 0 (1 limb)
+mpi_div_mpi:"0":"0":"":"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_mpi: 0 (null) / 1
+mpi_div_mpi:"":"1":"":"":0
+
+Test mbedtls_mpi_div_mpi: 0 (null) / -1
+mpi_div_mpi:"":"-1":"":"":0
+
+Test mbedtls_mpi_div_mpi: -0 (null) / 1
+mpi_div_mpi:"-":"1":"":"":0
+
+Test mbedtls_mpi_div_mpi: -0 (null) / -1
+mpi_div_mpi:"-":"-1":"":"":0
+
+Test mbedtls_mpi_div_mpi: -0 (null) / 42
+mpi_div_mpi:"-":"2a":"":"":0
+
+Test mbedtls_mpi_div_mpi: -0 (null) / -42
+mpi_div_mpi:"-":"-2a":"":"":0
+
+Test mbedtls_mpi_div_mpi #1
+mpi_div_mpi:"9e22d6da18a33d1ef28d2a82242b3f6e9c9742f63e5d440f58a190bfaf23a7866e67589adb80":"22":"4a6abf75b13dc268ea9cc8b5b6aaf0ac85ecd437a4e0987fb13cf8d2acc57c0306c738c1583":"1a":0
+
+Test mbedtls_mpi_div_mpi #2
+mpi_div_mpi:"503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5a":"2f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"1b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"1":0
+
+Test mbedtls_mpi_div_mpi #3
+mpi_div_mpi:"3e8":"7":"8e":"6":0
+
+Test mbedtls_mpi_div_mpi #4
+mpi_div_mpi:"309":"7":"6f":"0":0
+
+Base test mbedtls_mpi_div_int #1
+mpi_div_int:"3e8":13:"4c":"c":0
+
+Base test mbedtls_mpi_div_int #2 (Divide by zero)
+mpi_div_int:"3e8":0:"1":"1":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Base test mbedtls_mpi_div_int #3
+mpi_div_int:"3e8":-13:"-4c":"c":0
+
+Test mbedtls_mpi_div_int #1
+mpi_div_int:"9e22d6da18a33d1ef28d2a82242b3f6e9c9742f63e5d440f58a190bfaf23a7866e67589adb80":34:"4a6abf75b13dc268ea9cc8b5b6aaf0ac85ecd437a4e0987fb13cf8d2acc57c0306c738c1583":"1a":0
+
+Test mbedtls_mpi_div_int #2
+mpi_div_int:"9e22d6da18a33d1ef28d2a82242b3f6e9c9742f63e5d440f58a190bfaf23a7866e67589adb80":-34:"-4a6abf75b13dc268ea9cc8b5b6aaf0ac85ecd437a4e0987fb13cf8d2acc57c0306c738c1583":"1a":0
+
+Test mbedtls_mpi_div_int: 0 (null) / 0
+mpi_div_int:"":0:"":"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_int: 0 (1 limb) / 0
+mpi_div_int:"00":0:"":"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_int: 0 (null) / 1
+mpi_div_int:"":1:"":"":0
+
+Base test mbedtls_mpi_mod_mpi #1
+mpi_mod_mpi:"3e8":"d":"c":0
+
+Base test mbedtls_mpi_mod_mpi #2 (Divide by zero (null))
+mpi_mod_mpi:"3e8":"":"0":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Base test mbedtls_mpi_mod_mpi #2 (Divide by zero (1 limb))
+mpi_mod_mpi:"3e8":"0":"0":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Base test mbedtls_mpi_mod_mpi #3
+mpi_mod_mpi:"-3e8":"d":"1":0
+
+Base test mbedtls_mpi_mod_mpi #4 (Negative modulo)
+mpi_mod_mpi:"3e8":"-d":"-1":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Base test mbedtls_mpi_mod_mpi #5 (Negative modulo)
+mpi_mod_mpi:"-3e8":"-d":"-c":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Test mbedtls_mpi_mod_mpi: 0 (null) % 1
+mpi_mod_mpi:"":"1":"":0
+
+Test mbedtls_mpi_mod_mpi: 0 (null) % -1
+mpi_mod_mpi:"":"-1":"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Test mbedtls_mpi_mod_mpi: -0 (null) % 1
+mpi_mod_mpi:"-":"1":"":0
+
+Test mbedtls_mpi_mod_mpi: -0 (null) % -1
+mpi_mod_mpi:"-":"-1":"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Test mbedtls_mpi_mod_mpi: -0 (null) % 42
+mpi_mod_mpi:"-":"2a":"":0
+
+Test mbedtls_mpi_mod_mpi: -0 (null) % -42
+mpi_mod_mpi:"-":"-2a":"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Base test mbedtls_mpi_mod_int #1
+mpi_mod_int:"3e8":0xd:0xc:0
+
+Base test mbedtls_mpi_mod_int #2 (Divide by zero)
+mpi_mod_int:"3e8":0x0:0x0:MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Base test mbedtls_mpi_mod_int #3
+mpi_mod_int:"-3e8":0xd:0x1:0
+
+Base test mbedtls_mpi_mod_int #4 (Negative modulo)
+mpi_mod_int:"3e8":-0xd:0x0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Base test mbedtls_mpi_mod_int #5 (Negative modulo)
+mpi_mod_int:"-3e8":-0xd:0x0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Base test mbedtls_mpi_mod_int #6 (By 1)
+mpi_mod_int:"3e8":0x1:0x0:0
+
+Base test mbedtls_mpi_mod_int #7 (By 2)
+mpi_mod_int:"3e9":0x2:0x1:0
+
+Base test mbedtls_mpi_mod_int #8 (By 2)
+mpi_mod_int:"3e8":0x2:0x0:0
+
+Test mbedtls_mpi_mod_int: 0 (null) % 1
+mpi_mod_int:"":0x1:0x0:0
+
+Test mbedtls_mpi_mod_int: 0 (null) % 2
+mpi_mod_int:"":0x2:0x0:0
+
+Test mbedtls_mpi_mod_int: 0 (null) % -1
+mpi_mod_int:"":-0x1:0x0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Test mbedtls_mpi_mod_int: 0 (null) % -2
+mpi_mod_int:"":-0x2:0x0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+# CURRENTLY FAILS - SEE GITHUB ISSUE #6540
+#Test mbedtls_mpi_mod_int: 230772460340063000000100500000300000010 % 5178236083361335880 -> 3386266129388798810
+#depends_on:MBEDTLS_HAVE_INT64
+#mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980CEE30A":0x47DCCA4847DCCA48:0x2EFE6F1A7D28035A:0
+
+Test mbedtls_mpi_mod_mpi: 230772460340063000000100500000300000010 % 5178236083361335880 -> 3386266129388798810
+mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA4847DCCA48":"2EFE6F1A7D28035A":0
+
+# CURRENTLY FAILS - SEE GITHUB ISSUE #6540
+#Test mbedtls_mpi_mod_int: 230772460340062999996714233870911201200 % 5178236083361335880 -> 0
+#depends_on:MBEDTLS_HAVE_INT64
+#mpi_mod_int:"AD9D28BF6C4E98FDC2584FEF03A6DFB0":0x47DCCA4847DCCA48:0x0:0
+
+Test mbedtls_mpi_mod_mpi: 230772460340062999996714233870911201200 % 5178236083361335880 -> 0
+mpi_mod_mpi:"AD9D28BF6C4E98FDC2584FEF03A6DFB0":"47DCCA4847DCCA48":"0":0
+
+# CURRENTLY FAILS WHEN MPIS ARE 32-BIT (ISSUE #6450): WHEN FIXED, REMOVE "depends_on" LINE
+Test mbedtls_mpi_mod_int: 230772460340063000000100500000300000010 % 1205652040 -> 3644370
+depends_on:MBEDTLS_HAVE_INT64
+mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980CEE30A":0x47DCCA48:0x379BD2:0
+
+Test mbedtls_mpi_mod_mpi: 230772460340063000000100500000300000010 % 1205652040 -> 3644370
+mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA48":"379BD2":0
+
+# CURRENTLY FAILS WHEN MPIS ARE 32-BIT (ISSUE #6450): WHEN FIXED, REMOVE "depends_on" LINE
+Test mbedtls_mpi_mod_int: 230772460340063000000100500000296355640 % 1205652040 -> 0
+depends_on:MBEDTLS_HAVE_INT64
+mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980974738":0x47DCCA48:0x0:0
+
+Test mbedtls_mpi_mod_mpi: 230772460340063000000100500000296355640 % 1205652040 -> 0
+mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980974738":"47DCCA48":"0":0
+
+Base test mbedtls_mpi_exp_mod #1
+mpi_exp_mod:"17":"d":"1d":"18":0
+
+Base test mbedtls_mpi_exp_mod #2 (Even N)
+mpi_exp_mod:"17":"d":"1e":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Base test mbedtls_mpi_exp_mod #2 (N = 0 (null))
+mpi_exp_mod:"17":"d":"":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Base test mbedtls_mpi_exp_mod #3 (Negative N)
+mpi_exp_mod:"17":"d":"-1d":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Base test mbedtls_mpi_exp_mod #4 (Negative base)
+mpi_exp_mod:"-17":"d":"1d":"5":0
+
+Base test mbedtls_mpi_exp_mod #5 (Negative exponent)
+mpi_exp_mod:"17":"-d":"1d":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Base test mbedtls_mpi_exp_mod #6 (Negative base + exponent)
+mpi_exp_mod:"-17":"-d":"1d":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Test mbedtls_mpi_exp_mod: 0 (null) ^ 0 (null) mod 9
+mpi_exp_mod:"":"":"09":"1":0
+
+Test mbedtls_mpi_exp_mod: 0 (null) ^ 0 (1 limb) mod 9
+mpi_exp_mod:"":"00":"09":"1":0
+
+Test mbedtls_mpi_exp_mod: 0 (null) ^ 1 mod 9
+mpi_exp_mod:"":"01":"09":"":0
+
+Test mbedtls_mpi_exp_mod: 0 (null) ^ 2 mod 9
+mpi_exp_mod:"":"02":"09":"":0
+
+Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 0 (null) mod 9
+mpi_exp_mod:"00":"":"09":"1":0
+
+Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 0 (1 limb) mod 9
+mpi_exp_mod:"00":"00":"09":"1":0
+
+Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 1 mod 9
+mpi_exp_mod:"00":"01":"09":"":0
+
+Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 2 mod 9
+mpi_exp_mod:"00":"02":"09":"":0
+
+Test mbedtls_mpi_exp_mod: 1 ^ 0 (null) mod 9
+mpi_exp_mod:"01":"":"09":"1":0
+
+Test mbedtls_mpi_exp_mod: 4 ^ 0 (null) mod 9
+mpi_exp_mod:"04":"":"09":"1":0
+
+Test mbedtls_mpi_exp_mod: 10 ^ 0 (null) mod 9
+mpi_exp_mod:"0a":"":"09":"1":0
+
+Test mbedtls_mpi_exp_mod: 1 ^ 0 (1 limb) mod 9
+mpi_exp_mod:"01":"00":"09":"1":0
+
+Test mbedtls_mpi_exp_mod: 4 ^ 0 (1 limb) mod 9
+mpi_exp_mod:"04":"00":"09":"1":0
+
+Test mbedtls_mpi_exp_mod: 10 ^ 0 (1 limb) mod 9
+mpi_exp_mod:"0a":"00":"09":"1":0
+
+Test mbedtls_mpi_exp_mod: MAX_SIZE exponent
+mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE:10:"":0
+
+Test mbedtls_mpi_exp_mod: MAX_SIZE + 1 exponent
+mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE + 1:10:"":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Test mbedtls_mpi_exp_mod: MAX_SIZE modulus
+mpi_exp_mod_size:2:2:MBEDTLS_MPI_MAX_SIZE:"":0
+
+Test mbedtls_mpi_exp_mod: MAX_SIZE + 1 modulus
+mpi_exp_mod_size:2:2:MBEDTLS_MPI_MAX_SIZE + 1:"":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Test mbedtls_mpi_exp_mod: MAX_SIZE exponent and modulus
+mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE:"":0
+
+Test mbedtls_mpi_exp_mod: MAX_SIZE + 1 exponent and modulus
+mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE + 1:MBEDTLS_MPI_MAX_SIZE + 1:"":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Test mbedtls_mpi_exp_mod #1
+depends_on:MPI_MAX_BITS_LARGER_THAN_792
+mpi_exp_mod:"109fe45714866e56fdd4ad9b6b686df27224afb7868cf4f0cbb794526932853cbf0beea61594166654d13cd9fe0d9da594a97ee20230f12fb5434de73fb4f8102725a01622b31b1ea42e3a265019039ac1df31869bd97930d792fb72cdaa971d8a8015af":"33ae3764fd06a00cdc3cba5c45dc79a9edb4e67e4d057cc74139d531c25190d111775fc4a0f4439b8b1930bbd766e7b46f170601f316c8a18ff8d5cb5ca5581f168345d101edb462b7d93b7c520ccb8fb276b447a63d869203cc11f67a1122dc4da034218de85e39":"11a9351d2d32ccd568e75bf8b4ebbb2a36be691b55832edac662ff79803df8af525fba453068be16ac3920bcc1b468f8f7fe786e0fa4ecbabcad31e5e3b05def802eb8600deaf11ef452487db878df20a80606e4bb6a163b83895d034cc8b53dbcd005be42ffdd2ce99bed06089a0b79d":"37880b547b41bda303bddda307eefe24b4aedf076c9b814b903aaf328a10825c7e259a20afc6b70b487bb21a6d32d0ee98a0b9f42ff812c901e2f79237fe3e00856992dd69d93ebc0664c75863829621751b0ac35a8ae8a0965841607d3099b8e0ed24442749ba09acbcb165598dcd40":0
+
+Test mbedtls_mpi_exp_mod (Negative base) [#1]
+mpi_exp_mod:"-2540be400":"2540be400":"1869f":"1":0
+
+Test mbedtls_mpi_exp_mod (Negative base) [#2]
+depends_on:MPI_MAX_BITS_LARGER_THAN_792
+mpi_exp_mod:"-9f13012cd92aa72fb86ac8879d2fde4f7fd661aaae43a00971f081cc60ca277059d5c37e89652e2af2585d281d66ef6a9d38a117e9608e9e7574cd142dc55278838a2161dd56db9470d4c1da2d5df15a908ee2eb886aaa890f23be16de59386663a12f1afbb325431a3e835e3fd89b98b96a6f77382f458ef9a37e1f84a03045c8676ab55291a94c2228ea15448ee96b626b998":"40a54d1b9e86789f06d9607fb158672d64867665c73ee9abb545fc7a785634b354c7bae5b962ce8040cf45f2c1f3d3659b2ee5ede17534c8fc2ec85c815e8df1fe7048d12c90ee31b88a68a081f17f0d8ce5f4030521e9400083bcea73a429031d4ca7949c2000d597088e0c39a6014d8bf962b73bb2e8083bd0390a4e00b9b3":"eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3":"21acc7199e1b90f9b4844ffe12c19f00ec548c5d32b21c647d48b6015d8eb9ec9db05b4f3d44db4227a2b5659c1a7cceb9d5fa8fa60376047953ce7397d90aaeb7465e14e820734f84aa52ad0fc66701bcbb991d57715806a11531268e1e83dd48288c72b424a6287e9ce4e5cc4db0dd67614aecc23b0124a5776d36e5c89483":0
+
+Base test GCD #1
+mpi_gcd:"2b5":"261":"15"
+
+Base test GCD #2
+mpi_gcd:"6e4":"364":"1c"
+
+Base test GCD #3
+mpi_gcd:"2dcdb10b":"2050d306":"1"
+
+Test GCD: 0 (null), 0 (null)
+mpi_gcd:"":"":"0"
+
+Test GCD: 0 (null), 0 (1 limb)
+mpi_gcd:"":"00":"0"
+
+Test GCD: 0 (null), 3
+mpi_gcd:"":"03":"3"
+
+Test GCD: 0 (null), 6
+mpi_gcd:"":"06":"6"
+
+Test GCD: 0 (1 limb), 0 (null)
+mpi_gcd:"00":"":"0"
+
+Test GCD: 0 (1 limb), 3
+mpi_gcd:"00":"03":"3"
+
+Test GCD: 0 (1 limb), 6
+mpi_gcd:"00":"06":"6"
+
+Test GCD: 3, 0 (null)
+mpi_gcd:"03":"":"3"
+
+Test GCD: 3, 0 (1 limb)
+mpi_gcd:"03":"00":"3"
+
+Test GCD: 6, 0 (null)
+mpi_gcd:"06":"":"6"
+
+Test GCD: 6, 0 (1 limb)
+mpi_gcd:"06":"00":"6"
+
+Test GCD: gcd=1, 0 < A < B
+mpi_gcd:"109fe45714866e56fdd4ad9b6b686df27224afb7868cf4f0cbb794526932853cbf0beea61594166654d13cd9fe0d9da594a97ee20230f12fb5434de73fb4f8102725a01622b31b1ea42e3a265019039ac1df31869bd97930d792fb72cdaa971d8a8015af":"33ae3764fd06a00cdc3cba5c45dc79a9edb4e67e4d057cc74139d531c25190d111775fc4a0f4439b8b1930bbd766e7b46f170601f316c8a18ff8d5cb5ca5581f168345d101edb462b7d93b7c520ccb8fb276b447a63d869203cc11f67a1122dc4da034218de85e39":"1"
+
+Test GCD: gcd=1, 0 < B < A
+mpi_gcd:"33ae3764fd06a00cdc3cba5c45dc79a9edb4e67e4d057cc74139d531c25190d111775fc4a0f4439b8b1930bbd766e7b46f170601f316c8a18ff8d5cb5ca5581f168345d101edb462b7d93b7c520ccb8fb276b447a63d869203cc11f67a1122dc4da034218de85e39":"109fe45714866e56fdd4ad9b6b686df27224afb7868cf4f0cbb794526932853cbf0beea61594166654d13cd9fe0d9da594a97ee20230f12fb5434de73fb4f8102725a01622b31b1ea42e3a265019039ac1df31869bd97930d792fb72cdaa971d8a8015af":"1"
+
+Test GCD: gcd=1, A > 0, B < 0
+mpi_gcd:"109fe45714866e56fdd4ad9b6b686df27224afb7868cf4f0cbb794526932853cbf0beea61594166654d13cd9fe0d9da594a97ee20230f12fb5434de73fb4f8102725a01622b31b1ea42e3a265019039ac1df31869bd97930d792fb72cdaa971d8a8015af":"-33ae3764fd06a00cdc3cba5c45dc79a9edb4e67e4d057cc74139d531c25190d111775fc4a0f4439b8b1930bbd766e7b46f170601f316c8a18ff8d5cb5ca5581f168345d101edb462b7d93b7c520ccb8fb276b447a63d869203cc11f67a1122dc4da034218de85e39":"1"
+
+Test GCD: gcd=1, A < 0 < B, |A| < |B|
+mpi_gcd:"-109fe45714866e56fdd4ad9b6b686df27224afb7868cf4f0cbb794526932853cbf0beea61594166654d13cd9fe0d9da594a97ee20230f12fb5434de73fb4f8102725a01622b31b1ea42e3a265019039ac1df31869bd97930d792fb72cdaa971d8a8015af":"33ae3764fd06a00cdc3cba5c45dc79a9edb4e67e4d057cc74139d531c25190d111775fc4a0f4439b8b1930bbd766e7b46f170601f316c8a18ff8d5cb5ca5581f168345d101edb462b7d93b7c520ccb8fb276b447a63d869203cc11f67a1122dc4da034218de85e39":"1"
+
+Test GCD: gcd=1, B < A < 0
+mpi_gcd:"-109fe45714866e56fdd4ad9b6b686df27224afb7868cf4f0cbb794526932853cbf0beea61594166654d13cd9fe0d9da594a97ee20230f12fb5434de73fb4f8102725a01622b31b1ea42e3a265019039ac1df31869bd97930d792fb72cdaa971d8a8015af":"-33ae3764fd06a00cdc3cba5c45dc79a9edb4e67e4d057cc74139d531c25190d111775fc4a0f4439b8b1930bbd766e7b46f170601f316c8a18ff8d5cb5ca5581f168345d101edb462b7d93b7c520ccb8fb276b447a63d869203cc11f67a1122dc4da034218de85e39":"1"
+
+Test GCD: gcd=2, 0 < A < B
+mpi_gcd:"213fc8ae290cdcadfba95b36d6d0dbe4e4495f6f0d19e9e1976f28a4d2650a797e17dd4c2b282ccca9a279b3fc1b3b4b2952fdc40461e25f6a869bce7f69f0204e4b402c4566363d485c744ca032073583be630d37b2f261af25f6e59b552e3b15002b5e":"675c6ec9fa0d4019b87974b88bb8f353db69ccfc9a0af98e8273aa6384a321a222eebf8941e8873716326177aecdcf68de2e0c03e62d91431ff1ab96b94ab03e2d068ba203db68c56fb276f8a419971f64ed688f4c7b0d24079823ecf42245b89b4068431bd0bc72":"2"
+
+Test GCD: gcd=2, 0 < B < A
+mpi_gcd:"675c6ec9fa0d4019b87974b88bb8f353db69ccfc9a0af98e8273aa6384a321a222eebf8941e8873716326177aecdcf68de2e0c03e62d91431ff1ab96b94ab03e2d068ba203db68c56fb276f8a419971f64ed688f4c7b0d24079823ecf42245b89b4068431bd0bc72":"213fc8ae290cdcadfba95b36d6d0dbe4e4495f6f0d19e9e1976f28a4d2650a797e17dd4c2b282ccca9a279b3fc1b3b4b2952fdc40461e25f6a869bce7f69f0204e4b402c4566363d485c744ca032073583be630d37b2f261af25f6e59b552e3b15002b5e":"2"
+
+Test GCD: gcd=3, 0 < A < B
+mpi_gcd:"31dfad053d934b04f97e08d2423949d7566e0f2693a6ded26326bcf73b978fb63d23cbf240bc4332fe73b68dfa28d8f0bdfc7ca60692d38f1fc9e9b5bf1ee8307570e0426819515bec8aae72f04b0ad0459d9493d38c6b9286b8f25868ffc5589f80410d":"9b0aa62ef713e02694b62f14d1956cfdc91eb37ae7107655c3ad7f9546f4b27334661f4de2dccad2a14b92338634b71d4d451205d94459e4afea816215f0085d4389d17305c91d28278bb274f62662af17641cd6f2b893b60b6435e36e336894e8e09c64a9b91aab":"3"
+
+Test GCD: gcd=3, 0 < B < A
+mpi_gcd:"9b0aa62ef713e02694b62f14d1956cfdc91eb37ae7107655c3ad7f9546f4b27334661f4de2dccad2a14b92338634b71d4d451205d94459e4afea816215f0085d4389d17305c91d28278bb274f62662af17641cd6f2b893b60b6435e36e336894e8e09c64a9b91aab":"31dfad053d934b04f97e08d2423949d7566e0f2693a6ded26326bcf73b978fb63d23cbf240bc4332fe73b68dfa28d8f0bdfc7ca60692d38f1fc9e9b5bf1ee8307570e0426819515bec8aae72f04b0ad0459d9493d38c6b9286b8f25868ffc5589f80410d":"3"
+
+Test GCD: gcd=4, 0 < A < B
+mpi_gcd:"427f915c5219b95bf752b66dada1b7c9c892bede1a33d3c32ede5149a4ca14f2fc2fba98565059995344f367f836769652a5fb8808c3c4bed50d379cfed3e0409c9680588acc6c7a90b8e89940640e6b077cc61a6f65e4c35e4bedcb36aa5c762a0056bc":"ceb8dd93f41a803370f2e9711771e6a7b6d399f93415f31d04e754c70946434445dd7f1283d10e6e2c64c2ef5d9b9ed1bc5c1807cc5b22863fe3572d7295607c5a0d174407b6d18adf64edf148332e3ec9dad11e98f61a480f3047d9e8448b713680d08637a178e4":"4"
+
+Test GCD: gcd=4, 0 < B < A
+mpi_gcd:"ceb8dd93f41a803370f2e9711771e6a7b6d399f93415f31d04e754c70946434445dd7f1283d10e6e2c64c2ef5d9b9ed1bc5c1807cc5b22863fe3572d7295607c5a0d174407b6d18adf64edf148332e3ec9dad11e98f61a480f3047d9e8448b713680d08637a178e4":"427f915c5219b95bf752b66dada1b7c9c892bede1a33d3c32ede5149a4ca14f2fc2fba98565059995344f367f836769652a5fb8808c3c4bed50d379cfed3e0409c9680588acc6c7a90b8e89940640e6b077cc61a6f65e4c35e4bedcb36aa5c762a0056bc":"4"
+
+Test GCD: gcd=6, 0 < A < B
+mpi_gcd:"63bf5a0a7b269609f2fc11a4847293aeacdc1e4d274dbda4c64d79ee772f1f6c7a4797e481788665fce76d1bf451b1e17bf8f94c0d25a71e3f93d36b7e3dd060eae1c084d032a2b7d9155ce5e09615a08b3b2927a718d7250d71e4b0d1ff8ab13f00821a":"136154c5dee27c04d296c5e29a32ad9fb923d66f5ce20ecab875aff2a8de964e668cc3e9bc5b995a5429724670c696e3a9a8a240bb288b3c95fd502c42be010ba8713a2e60b923a504f1764e9ec4cc55e2ec839ade571276c16c86bc6dc66d129d1c138c953723556":"6"
+
+Test GCD: gcd=6, 0 < B < A
+mpi_gcd:"136154c5dee27c04d296c5e29a32ad9fb923d66f5ce20ecab875aff2a8de964e668cc3e9bc5b995a5429724670c696e3a9a8a240bb288b3c95fd502c42be010ba8713a2e60b923a504f1764e9ec4cc55e2ec839ade571276c16c86bc6dc66d129d1c138c953723556":"63bf5a0a7b269609f2fc11a4847293aeacdc1e4d274dbda4c64d79ee772f1f6c7a4797e481788665fce76d1bf451b1e17bf8f94c0d25a71e3f93d36b7e3dd060eae1c084d032a2b7d9155ce5e09615a08b3b2927a718d7250d71e4b0d1ff8ab13f00821a":"6"
+
+Test GCD: 0 < A = B
+mpi_gcd:"109fe45714866e56fdd4ad9b6b686df27224afb7868cf4f0cbb794526932853cbf0beea61594166654d13cd9fe0d9da594a97ee20230f12fb5434de73fb4f8102725a01622b31b1ea42e3a265019039ac1df31869bd97930d792fb72cdaa971d8a8015af":"109fe45714866e56fdd4ad9b6b686df27224afb7868cf4f0cbb794526932853cbf0beea61594166654d13cd9fe0d9da594a97ee20230f12fb5434de73fb4f8102725a01622b31b1ea42e3a265019039ac1df31869bd97930d792fb72cdaa971d8a8015af":"109fe45714866e56fdd4ad9b6b686df27224afb7868cf4f0cbb794526932853cbf0beea61594166654d13cd9fe0d9da594a97ee20230f12fb5434de73fb4f8102725a01622b31b1ea42e3a265019039ac1df31869bd97930d792fb72cdaa971d8a8015af"
+
+Base test mbedtls_mpi_inv_mod #1
+mpi_inv_mod:"3":"b":"4":0
+
+Test mbedtls_mpi_inv_mod: mod 0 (null)
+mpi_inv_mod:"3":"":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Test mbedtls_mpi_inv_mod: mod 0 (1 limb)
+mpi_inv_mod:"3":"0":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Test mbedtls_mpi_inv_mod: mod negative
+mpi_inv_mod:"3":"-b":"4":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Test mbedtls_mpi_inv_mod: 2^-1 mod 4
+mpi_inv_mod:"2":"4":"0":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+
+Test mbedtls_mpi_inv_mod: mod 1
+mpi_inv_mod:"3":"1":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Test mbedtls_mpi_inv_mod: 0 (null) ^-1
+mpi_inv_mod:"":"11":"":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+
+Test mbedtls_mpi_inv_mod: 0 (1 limb) ^-1
+mpi_inv_mod:"00":"11":"":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+
+Test mbedtls_mpi_inv_mod #1
+mpi_inv_mod:"aa4df5cb14b4c31237f98bd1faf527c283c2d0f3eec89718664ba33f9762907c":"fffbbd660b94412ae61ead9c2906a344116e316a256fd387874c6c675b1d587d":"8d6a5c1d7adeae3e94b9bcd2c47e0d46e778bc8804a2cc25c02d775dc3d05b0c":0
+
+Base test mbedtls_mpi_is_prime #1
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"0":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+
+Base test mbedtls_mpi_is_prime #2
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"1":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+
+Base test mbedtls_mpi_is_prime #3
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"2":0
+
+Base test mbedtls_mpi_is_prime #4
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"3":0
+
+Base test mbedtls_mpi_is_prime #5
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"4":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+
+Base test mbedtls_mpi_is_prime #6
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"5":0
+
+Base test mbedtls_mpi_is_prime #7
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"1b":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+
+Base test mbedtls_mpi_is_prime #8
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"2f":0
+
+Test mbedtls_mpi_is_prime #1a
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"b91ba63180c726fbd57786f27f1ede97a3b40c59a7fcfb5898f076e9af57028d":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+
+Test mbedtls_mpi_is_prime #1b
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"b3a119602ee213cde28581ecd892e0f592a338655dce4ca88054b3d124d0e561":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+
+Test mbedtls_mpi_is_prime #2a
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"284139ea19c139ebe09a8111926aaa39a2c2be12ed487a809d3cb5bc55854725b4cdcb5734c58f90b2f60d99cc1950cdbc8d651793e93c9c6f0ead752500a32c56c62082912b66132b2a6aa42ada923e1ad22ceb7ba0123":0
+
+Test mbedtls_mpi_is_prime #2b
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"284139ea19c139ebe09a8111926aaa39a2c2be12ed487a809d3cb5bc55854725b4cdcb5734c58f90b2f60d99cc1950cdbc8d651793e93c9c6f0ead752500a32c56c62082912b66132b2a6aa42ada923e1ad22ceb7ba00c1":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+
+Test mbedtls_mpi_is_prime #3
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"257ffffffffffffffffff":0
+
+Test mbedtls_mpi_is_prime #4
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"a1ffffffffffffffffffff":0
+
+Test mbedtls_mpi_is_prime #5 [#1]
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"397ffffffffffffffffffffffffffff":0
+
+Test mbedtls_mpi_is_prime #5 [#2]
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"aaaaaaaaaaaaaab":0
+
+Test mbedtls_mpi_is_prime #6
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"2aaaaaaaaaaaaaaaaaab":0
+
+Test mbedtls_mpi_is_prime #7
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"aaaaaaaaaaaaaaaaaaaaaaaab":0
+
+Test mbedtls_mpi_is_prime #8
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaab":0
+
+Test mbedtls_mpi_is_prime #9
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"4df72d07b4b71c8dacb6cffa954f8d88254b6277099308baf003fab73227f34029643b5a263f66e0d3c3fa297ef71755efd53b8fb6cb812c6bbf7bcf179298bd9947c4c8b14324140a2c0f5fad7958a69050a987a6096e9f055fb38edf0c5889eca4a0cfa99b45fbdeee4c696b328ddceae4723945901ec025076b12b":0
+
+Test mbedtls_mpi_is_prime #10
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"cb50e82a8583f44ee0025942e7362991b24e12663a0ddc234a57b0f7b4ff7b025bf5a6707dedc2898e70b739042c95a996283dffdf67558768784553c61e302e8812bc90f0bb0696870cfb910b560cefed8d99bbf7a00b31ccdbd56f3594e5a653cfd127d2167b13119e5c45c3f76b4e3d904a9bc0cbb43c33aa7f23b":0
+
+Test mbedtls_mpi_is_prime #11
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"7a364ab3de755f924642bd5273524234f78395da1ed9098f39af4fe248288b0cb7f1c27214588969479d7dc9f0d327b5544dd4c095aa1fa271df421fe9ee460855cc8423d223e2c85dc793f6babdca7fc804ea1f408f867db053bfd98c45085ea5d805c78d2863bacdfcaf4c6147ebb74a9056045074785714c0b84ed":0
+
+Test mbedtls_mpi_is_prime #12
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"9c3525e8404f89b7d30b3ccfdb0fab17f81adebbac1b6c6bf558a796014fe3b6cd2c4445c0826d7ef5f5d3aff5ac108185675d2159cd275c64812f24da66dbb0147efc6a3d2f8060e8304f48844abc9d33686087ccc11f":0
+
+Test mbedtls_mpi_is_prime #13
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"284139ea19c139ebe09a8111926aaa39a2c2be12ed487a809d3cb5bc55854725b4cdcb5734c58f90b2f60d99cc1950cdbc8d651793e93c9c6f0ead752500a32c56c62082912b66132b2a6aa42ada923e1ad22ceb7ba0123":0
+
+Test mbedtls_mpi_is_prime #14
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"2eede25f74336afd1f51cbc4e809f8bb746ffac49335d129d1ff322ee3498b2b8144f0b136de076db169da4f4436de1f0c715b3d255272b4d77523174081a2fb703f82409185e0ef73e5a8bdf94e5b789fb7bf9be8eec9f":0
+
+Test mbedtls_mpi_is_prime #15
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"7fffffffffffffffffffffffffffffff":0
+
+Test mbedtls_mpi_is_prime #16
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"7fffffff":0
+
+Test mbedtls_mpi_is_prime #17
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"39531fcd":0
+
+Test mbedtls_mpi_is_prime #18
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"ab1cdb3":0
+
+Test mbedtls_mpi_is_prime #19
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"1ef3103":0
+
+Test mbedtls_mpi_is_prime #20
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime:"2faa127":0
+
+Test mbedtls_mpi_is_prime_det (4 non-witnesses)
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime_det:"043BD64BA10B11DA83FBD296B04BCA9E0552FAF6E09CAC74E2D7E735ED0DB09FC47ED76145644203EE0C826013BC602F560BCDAAED557D04683859A65D659FF828A245A2C5B1AC41E01E4669A525A45E23AF":"040EA852F7935ACCECC0E87B845281F047D10DC9AAFEF990AF9D3D66770DA30B0C5B5E03EEA8C0CB79B936FE0BB8EE5389EC1D34EB16C58AA3F2E11AF084160CDF6400BE1CC179867AB074866952D9F34EE7042D27F960E715A97FCB93F3182247D0A6AE51BD21CC2F6B0651F9E572C5FB86F3137053FA85FD7A51816D69B3A53A5A438C17754836D04E98CA240B901F828332F2D72D88C497DA45F533F99A6E53EDEA6B0424EC8951B048FA9A80134B37D0A67014597934E3CFC52C5A4DD4751ADF8D66FC79E84E2A3148C4B15C17E12CB659390FD275F39A331FFC80EC699BC3F6FAB868E30E9B14575FCDAB6FAED01E00112DD28704177E09C335AD43A696FEA761E8DF3B0663277A5C3637F9060CB5E5654F72E9A6B0F369E660AD4CF7ABF4195493545B367BD55271CD4BB7D9C15D3F508FE8F7409C2126FC8E73B43A67CD4EFB21E9F15DBF040A2A8D5F5ED75CEAC12B595C0051F3EC9D5A58ACE82A9506E64F780E9836728260FFE1BFD73E8A9869E3D46A35A856D3028F7FEAB9F4F1A04449AEDC80017EE1014080D87F0B50C8EF255324CD89F7D039":82:5
+
+Test mbedtls_mpi_is_prime_det (39 non-witnesses)
+depends_on:MBEDTLS_GENPRIME
+mpi_is_prime_det:"155102B67930FBE8858DF6C0642D77D419A7B7968E622CC7500F3E3F2C5168368C50E0083187":"119B3E2C721834D83416239B04447AA18AE0163E61DCAE97054563D79E094A6FA4485BD6A0501445BF57FE9C058926CDB862E04CC1A95D79D61D9AB3466857A53E04F8D7470C9C86649B226A13DDC534E18DFD5C22FAEA317CA4D4960F18457FD6D2FFB5F3273F74C89980DC774590D8D30D1159CA81999ED94A042D67DA68C82616AD46C2C88288A8EBD0B37AC7C152D9522CA4544642AD1210F6B642FEBF43563FA872B0DEFAFC69D0B6570E8FEA9570D0AADCFA9B06CC8BFD62CEDC221541210EEEF9762448C6D49F26AA767A4D66CB168589E0201923015314E6CD4A480E5936E7CF145F73A564C5B782635B3AFC3028E2632C5D3458224A7C9E8BA1876E8F690463C878292D3DC011E9640331E7F7621F2B5E0F6713DD8C9D6767521C4BA880DA8D11C67753C8493D2C4C4F1443147550D0B25B7FAD04EAFA9F8AA60974C1365C8A794CFEECEB4279B1150909A97E5A7A10B5D91186CA5B25A612036631FE73529C8CFAE51E76FB704A772DE5320EFC1212E7A399B1FEBF57D014AF9129DFF5D2C5DFBBEEAC55F360CF6D22FA90B8E2E9AD0C71AB6495A9452A58D653B8CC26128C66B43EFBA6E39AEC5717A1A3C2AE1449FCABAFE1180B159DA55190CD81A3D9E8D798647E11B827F0A057D6DA5AAD78AB5112EE65E10E8B8B369BA24E1B8AD2CD8548C497016C07A143DE1232F8059BE303572456FA92E76A0F23D1340629228B7D27C02D3833A72745B91A3DBEB5E081117A9F19597F00E4277B414FAEA8C8CEB895C37F956A5A22F8D7A10ADA50B22BAB312504904511AA0EFDD4D3BF20ECB17E8A684564FFB5BBD5E22C429F9A75A4FB4AE468FE7612ED53C7A11212E7EF3435CC9CA6E7DB167B8CCE2BECF35F89013F8F876223C77FA81570970858663C6E32B91080AA47F9C90177F51E6FD7747B910C9489C7B6ACB070996198AD9A40A69711274159210A9A12DBAAA4FB4632446066AB70D735DC95F7C2BCE517E88C064D728DE82B1B043DF4AEE0EFF5131120A4E5B9B4180EB6F6B8A0D1491ABDA069058A9966B1A517D8E7B4997DC52A1E698FD79E271153DF1913FE6787A5D99DE69F39C3F22D26DC731CFBB33FF5C267D85D7A3DAE8E1C87E1DB2F1236212EF1942EA756967FB3D07D629E59EA4034D9A9B5E270DD4A31C8A3DFDA99C1094B5537132C196DA2AEAF5253A019B9AF25B5DCB0D4DD75C7C9C353DA9DAABFB23959A5455312E7E1C21268C1BC14E83DCFDF50C27FD3E8B4EDC04C5F3CB5FCFFF2B57151E1B1EE1A6456DC006BC43E1158674AA4CF7D146DE4A57103BE43ED130C8007294ED2418C7A2B769A7D20EBB5A8367A77B313F81BB119B9954305FF160FF83EED7F808EE6D340A5CCC000CF81AA497D315D350CCE4E86A31456B8AA85B677491FC662933DFA55EB5BFF64B8D85430D676A85D1CAFAFF383E68C4E6C22A51063739EC03FC58C36C07C44E54828BE2152B2E9AFB0F179B157D09B64C147B524BB5424BB1914419424D9100D06EDCFC718F4DF3D562E9E16C446663F35273CA7BC5426B868A80C8D415C9A12A1619CDB7CDB5BEBC70313150BDF8C3AB26B809FE62D28E798EF1EF98C410A2DA0A9071F82154AC569078B0E647E2C085D1D907E634453442803D0492D3D0C78CACB762020C0E589C8B0981321EA2771305FD0413F3B2963FCE9A232F6641DB7E12ADC009A032063C41756E5E19E5711DE12711F07AFE7545B4D83F3EFD7BFD0435297C89DF3D4AF96EBE2CE8D64B93E36EA5D7E5A0492151D0CAEE7449A7D35E1A3C83E22C3B35162C073CC3B1CF76FBDEE84270721FC042EAAEB7325110181415E2031CFB7462F15111291CDAC0560FF9F4C7341F2FA261B97CEF348D074AA2EB4DB153FE6B1410519DA4213B611999868F3B867A2B6D758D333C4989DE80782683CA26ECDE373C71524F01B76349CE8A07A5EBECBB42259CF970DDA756EC996B189FEA045FEE45F23D476960913106ECA2510B8517AA75D56FA4152B2BDDC212014E5D07FD964D6EE532F0616DF74E104659955132331FABF2D2AD265E71C93C648A956FA0A3DB21FF103D516527F2DA0E870340B61EE8A8ED913B60605EB5A67B834D0FC90564386012585609870FEF6530B3E3C037B55506F0B5694F6B0FC":38:40
+
+Test mbedtls_mpi_gen_prime (Too small)
+depends_on:MBEDTLS_GENPRIME
+mpi_gen_prime:2:0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Test mbedtls_mpi_gen_prime (OK, minimum size)
+depends_on:MBEDTLS_GENPRIME
+mpi_gen_prime:3:0:0
+
+Test mbedtls_mpi_gen_prime (corner case limb size -1 bits)
+depends_on:MBEDTLS_GENPRIME
+mpi_gen_prime:63:0:0
+
+Test mbedtls_mpi_gen_prime (corner case limb size)
+depends_on:MBEDTLS_GENPRIME
+mpi_gen_prime:64:0:0
+
+Test mbedtls_mpi_gen_prime (corner case limb size +1 bits)
+depends_on:MBEDTLS_GENPRIME
+mpi_gen_prime:65:0:0
+
+Test mbedtls_mpi_gen_prime (Larger)
+depends_on:MBEDTLS_GENPRIME
+mpi_gen_prime:128:0:0
+
+Test mbedtls_mpi_gen_prime (Safe)
+depends_on:MBEDTLS_GENPRIME
+mpi_gen_prime:128:MBEDTLS_MPI_GEN_PRIME_FLAG_DH:0
+
+Test mbedtls_mpi_gen_prime (Safe with lower error rate)
+depends_on:MBEDTLS_GENPRIME
+mpi_gen_prime:128:MBEDTLS_MPI_GEN_PRIME_FLAG_DH | MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR:0
+
+Test mbedtls_mpi_gen_prime standard RSA #1 (lower error rate)
+depends_on:MBEDTLS_GENPRIME
+mpi_gen_prime:1024:MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR:0
+
+Test mbedtls_mpi_gen_prime standard RSA #2 (lower error rate)
+depends_on:MBEDTLS_GENPRIME
+mpi_gen_prime:1536:MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR:0
+
+Test bit getting (Value bit 25)
+mpi_get_bit:"2faa127":25:1
+
+Test bit getting (Larger but same limb)
+mpi_get_bit:"2faa127":26:0
+
+Test bit getting (Larger and non-existing limb)
+mpi_get_bit:"2faa127":500:0
+
+Test bit getting in 0 (null)
+mpi_get_bit:"":500:0
+
+Test bit getting (Value bit 24)
+mpi_get_bit:"2faa127":24:0
+
+Test bit getting (Value bit 23)
+mpi_get_bit:"2faa127":23:1
+
+Test bit set (Change existing value with a 1)
+mpi_set_bit:"2faa127":24:1:"3faa127":0
+
+Test bit set (Change existing value with a 0)
+mpi_set_bit:"2faa127":25:0:"faa127":0
+
+Test bit set (Add above existing limbs with a 0)
+mpi_set_bit:"2faa127":80:0:"2faa127":0
+
+Test bit set (Add above existing limbs with a 1)
+mpi_set_bit:"2faa127":80:1:"100000000000002faa127":0
+
+Test bit set (Add to 0 (null) with a 0)
+mpi_set_bit:"":65:0:"":0
+
+Test bit set (Add to 0 (null) with a 1)
+mpi_set_bit:"":65:1:"020000000000000000":0
+
+Test bit set (Bit index larger than 31 with a 0)
+mpi_set_bit:"FFFFFFFFFFFFFFFF":32:0:"FFFFFFFEFFFFFFFF":0
+
+Test bit set (Bit index larger than 31 with a 1)
+mpi_set_bit:"00":32:1:"0100000000":0
+
+Test bit set (Invalid bit value)
+mpi_set_bit:"00":5:2:"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Fill random: 0 bytes
+mpi_fill_random:0:0:0:0
+
+Fill random: 1 byte, good
+mpi_fill_random:1:1:0:0
+
+Fill random: 2 bytes, good, no leading zero
+mpi_fill_random:2:2:0:0
+
+Fill random: 2 bytes, good, 1 leading zero
+mpi_fill_random:2:256:0:0
+
+Fill random: MAX_SIZE - 7, good
+mpi_fill_random:MBEDTLS_MPI_MAX_SIZE - 7:MBEDTLS_MPI_MAX_SIZE - 7:0:0
+
+Fill random: MAX_SIZE, good
+mpi_fill_random:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE:0:0
+
+Fill random: 0 bytes, previously small >0
+mpi_fill_random:0:0:1:0
+
+Fill random: 0 bytes, previously small <0
+mpi_fill_random:0:0:-1:0
+
+Fill random: 0 bytes, previously large >0
+mpi_fill_random:0:0:65:0
+
+Fill random: 0 bytes, previously large <0
+mpi_fill_random:0:0:-65:0
+
+Fill random: 1 byte, previously small >0
+mpi_fill_random:1:1:1:0
+
+Fill random: 1 byte, previously small <0
+mpi_fill_random:1:1:-1:0
+
+Fill random: 1 byte, previously large >0
+mpi_fill_random:1:1:65:0
+
+Fill random: 1 byte, previously large <0
+mpi_fill_random:1:1:-65:0
+
+Fill random: 9 bytes, previously small >0
+mpi_fill_random:1:1:1:0
+
+Fill random: 9 bytes, previously small <0
+mpi_fill_random:1:1:-1:0
+
+Fill random: 1 byte, RNG failure
+mpi_fill_random:1:0:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+
+Fill random: 2 bytes, RNG failure after 1 byte
+mpi_fill_random:2:1:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+
+Fill random: 4 bytes, RNG failure after 3 bytes
+mpi_fill_random:4:3:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+
+Fill random: 8 bytes, RNG failure after 7 bytes
+mpi_fill_random:8:7:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+
+Fill random: 16 bytes, RNG failure after 1 bytes
+mpi_fill_random:16:1:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+
+Fill random: 16 bytes, RNG failure after 8 bytes
+mpi_fill_random:16:8:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+
+Fill random: 16 bytes, RNG failure after 15 bytes
+mpi_fill_random:16:15:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+
+Fill random: MAX_SIZE bytes, RNG failure after MAX_SIZE-1 bytes
+mpi_fill_random:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE-1:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+
+MPI random in range: 1..2
+mpi_random_many:1:"02":1000
+
+MPI random in range: 1..3
+mpi_random_many:1:"03":1000
+
+MPI random in range: 1..4
+mpi_random_many:1:"04":1000
+
+MPI random in range: 1..5
+mpi_random_many:1:"05":1000
+
+MPI random in range: 1..6
+mpi_random_many:1:"06":1000
+
+MPI random in range: 1..7
+mpi_random_many:1:"07":1000
+
+MPI random in range: 1..8
+mpi_random_many:1:"08":1000
+
+MPI random in range: 1..9
+mpi_random_many:1:"09":1000
+
+MPI random in range: 1..10
+mpi_random_many:1:"0a":1000
+
+MPI random in range: 1..11
+mpi_random_many:1:"0b":1000
+
+MPI random in range: 1..12
+mpi_random_many:1:"0c":1000
+
+MPI random in range: 1..255
+mpi_random_many:1:"ff":100
+
+MPI random in range: 1..256
+mpi_random_many:1:"0100":100
+
+MPI random in range: 1..257
+mpi_random_many:1:"0101":100
+
+MPI random in range: 1..272
+mpi_random_many:1:"0110":100
+
+MPI random in range: 1..2^64-1
+mpi_random_many:1:"ffffffffffffffff":100
+
+MPI random in range: 1..2^64
+mpi_random_many:1:"010000000000000000":100
+
+MPI random in range: 1..2^64+1
+mpi_random_many:1:"010000000000000001":100
+
+MPI random in range: 1..2^64+2^63
+mpi_random_many:1:"018000000000000000":100
+
+MPI random in range: 1..2^65-1
+mpi_random_many:1:"01ffffffffffffffff":100
+
+MPI random in range: 1..2^65
+mpi_random_many:1:"020000000000000000":100
+
+MPI random in range: 1..2^65+1
+mpi_random_many:1:"020000000000000001":100
+
+MPI random in range: 1..2^65+2^64
+mpi_random_many:1:"030000000000000000":100
+
+MPI random in range: 1..2^66+2^65
+mpi_random_many:1:"060000000000000000":100
+
+MPI random in range: 1..2^71-1
+mpi_random_many:1:"7fffffffffffffffff":100
+
+MPI random in range: 1..2^71
+mpi_random_many:1:"800000000000000000":100
+
+MPI random in range: 1..2^71+1
+mpi_random_many:1:"800000000000000001":100
+
+MPI random in range: 1..2^71+2^70
+mpi_random_many:1:"c00000000000000000":100
+
+MPI random in range: 1..2^72-1
+mpi_random_many:1:"ffffffffffffffffff":100
+
+MPI random in range: 1..2^72
+mpi_random_many:1:"01000000000000000000":100
+
+MPI random in range: 1..2^72+1
+mpi_random_many:1:"01000000000000000001":100
+
+MPI random in range: 1..2^72+2^71
+mpi_random_many:1:"01800000000000000000":100
+
+MPI random in range: 0..1
+mpi_random_many:0:"04":10000
+
+MPI random in range: 0..4
+mpi_random_many:0:"04":10000
+
+MPI random in range: 2..4
+mpi_random_many:2:"04":10000
+
+MPI random in range: 3..4
+mpi_random_many:3:"04":10000
+
+MPI random in range: smaller result
+mpi_random_sizes:1:"aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbb":1:0
+
+MPI random in range: same size result (32-bit limbs)
+mpi_random_sizes:1:"aaaaaaaaaaaaaaaa":2:0
+
+MPI random in range: same size result (64-bit limbs)
+mpi_random_sizes:1:"aaaaaaaaaaaaaaaa":1:0
+
+MPI random in range: larger result
+mpi_random_sizes:1:"aaaaaaaaaaaaaaaa":3:0
+
+## The "0 limb in upper bound" tests rely on the fact that
+## mbedtls_mpi_read_binary() bases the size of the MPI on the size of
+## the input, without first checking for leading zeros. If this was
+## not the case, the tests would still pass, but would not exercise
+## the advertised behavior.
+MPI random in range: leading 0 limb in upper bound #0
+mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":0:0
+
+MPI random in range: leading 0 limb in upper bound #1
+mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":1:0
+
+MPI random in range: leading 0 limb in upper bound #2
+mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":2:0
+
+MPI random in range: leading 0 limb in upper bound #3
+mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":3:0
+
+MPI random in range: leading 0 limb in upper bound #4
+mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":4:0
+
+MPI random in range: previously small >0
+mpi_random_sizes:1:"1234567890":4:1
+
+MPI random in range: previously small <0
+mpi_random_sizes:1:"1234567890":4:-1
+
+MPI random in range: previously large >0
+mpi_random_sizes:1:"1234":4:65
+
+MPI random in range: previously large <0
+mpi_random_sizes:1:"1234":4:-65
+
+MPI random bad arguments: min < 0
+mpi_random_fail:-1:"04":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+MPI random bad arguments: min = N = 0
+mpi_random_fail:0:"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+MPI random bad arguments: min = N = 1
+mpi_random_fail:1:"01":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+MPI random bad arguments: min > N = 0
+mpi_random_fail:1:"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+MPI random bad arguments: min > N = 1
+mpi_random_fail:2:"01":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+MPI random bad arguments: min > N = 1, 0 limb in upper bound
+mpi_random_fail:2:"000000000000000001":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Most negative mbedtls_mpi_sint
+most_negative_mpi_sint:
+
+MPI Selftest
+depends_on:MBEDTLS_SELF_TEST
+mpi_selftest:
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_blowfish.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_blowfish.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_blowfish.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_blowfish.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_blowfish.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_blowfish.function
new file mode 100644
index 0000000..9541711
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_blowfish.function
@@ -0,0 +1,341 @@
+/* BEGIN_HEADER */
+#include "mbedtls/blowfish.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_BLOWFISH_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void blowfish_valid_param()
+{
+    TEST_VALID_PARAM(mbedtls_blowfish_free(NULL));
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void blowfish_invalid_param()
+{
+    mbedtls_blowfish_context ctx;
+    unsigned char buf[16] = { 0 };
+    size_t const valid_keylength = sizeof(buf) * 8;
+    size_t valid_mode = MBEDTLS_BLOWFISH_ENCRYPT;
+    size_t invalid_mode = 42;
+    size_t off;
+    ((void) off);
+
+    TEST_INVALID_PARAM(mbedtls_blowfish_init(NULL));
+    TEST_VALID_PARAM(mbedtls_blowfish_free(NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_setkey(NULL,
+                                                   buf,
+                                                   valid_keylength));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_setkey(&ctx,
+                                                   NULL,
+                                                   valid_keylength));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_ecb(NULL,
+                                                      valid_mode,
+                                                      buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_ecb(&ctx,
+                                                      invalid_mode,
+                                                      buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_ecb(&ctx,
+                                                      valid_mode,
+                                                      NULL, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_ecb(&ctx,
+                                                      valid_mode,
+                                                      buf, NULL));
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_cbc(NULL,
+                                                      valid_mode,
+                                                      sizeof(buf),
+                                                      buf, buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_cbc(&ctx,
+                                                      invalid_mode,
+                                                      sizeof(buf),
+                                                      buf, buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_cbc(&ctx,
+                                                      valid_mode,
+                                                      sizeof(buf),
+                                                      NULL, buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_cbc(&ctx,
+                                                      valid_mode,
+                                                      sizeof(buf),
+                                                      buf, NULL, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_cbc(&ctx,
+                                                      valid_mode,
+                                                      sizeof(buf),
+                                                      buf, buf, NULL));
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_cfb64(NULL,
+                                                        valid_mode,
+                                                        sizeof(buf),
+                                                        &off, buf,
+                                                        buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_cfb64(&ctx,
+                                                        invalid_mode,
+                                                        sizeof(buf),
+                                                        &off, buf,
+                                                        buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_cfb64(&ctx,
+                                                        valid_mode,
+                                                        sizeof(buf),
+                                                        NULL, buf,
+                                                        buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_cfb64(&ctx,
+                                                        valid_mode,
+                                                        sizeof(buf),
+                                                        &off, NULL,
+                                                        buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_cfb64(&ctx,
+                                                        valid_mode,
+                                                        sizeof(buf),
+                                                        &off, buf,
+                                                        NULL, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_cfb64(&ctx,
+                                                        valid_mode,
+                                                        sizeof(buf),
+                                                        &off, buf,
+                                                        buf, NULL));
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_ctr(NULL,
+                                                      sizeof(buf),
+                                                      &off,
+                                                      buf, buf,
+                                                      buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_ctr(&ctx,
+                                                      sizeof(buf),
+                                                      NULL,
+                                                      buf, buf,
+                                                      buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_ctr(&ctx,
+                                                      sizeof(buf),
+                                                      &off,
+                                                      NULL, buf,
+                                                      buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_ctr(&ctx,
+                                                      sizeof(buf),
+                                                      &off,
+                                                      buf, NULL,
+                                                      buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_ctr(&ctx,
+                                                      sizeof(buf),
+                                                      &off,
+                                                      buf, buf,
+                                                      NULL, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
+                           mbedtls_blowfish_crypt_ctr(&ctx,
+                                                      sizeof(buf),
+                                                      &off,
+                                                      buf, buf,
+                                                      buf, NULL));
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+exit:
+    return;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void blowfish_encrypt_ecb(data_t *key_str, data_t *src_str,
+                          data_t *dst, int setkey_result)
+{
+    unsigned char output[100];
+    mbedtls_blowfish_context ctx;
+
+    memset(output, 0x00, 100);
+    mbedtls_blowfish_init(&ctx);
+
+
+    TEST_ASSERT(mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8) == setkey_result);
+    if (setkey_result == 0) {
+        TEST_ASSERT(mbedtls_blowfish_crypt_ecb(&ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->x,
+                                               output) == 0);
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0);
+    }
+
+exit:
+    mbedtls_blowfish_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void blowfish_decrypt_ecb(data_t *key_str, data_t *src_str,
+                          data_t *dst, int setkey_result)
+{
+    unsigned char output[100];
+    mbedtls_blowfish_context ctx;
+
+    memset(output, 0x00, 100);
+    mbedtls_blowfish_init(&ctx);
+
+
+    TEST_ASSERT(mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8) == setkey_result);
+    if (setkey_result == 0) {
+        TEST_ASSERT(mbedtls_blowfish_crypt_ecb(&ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->x,
+                                               output) == 0);
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0);
+    }
+
+exit:
+    mbedtls_blowfish_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
+void blowfish_encrypt_cbc(data_t *key_str, data_t *iv_str,
+                          data_t *src_str, data_t *dst,
+                          int cbc_result)
+{
+    unsigned char output[100];
+    mbedtls_blowfish_context ctx;
+
+    memset(output, 0x00, 100);
+    mbedtls_blowfish_init(&ctx);
+
+
+    mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8);
+
+    TEST_ASSERT(mbedtls_blowfish_crypt_cbc(&ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->len, iv_str->x,
+                                           src_str->x, output) == cbc_result);
+    if (cbc_result == 0) {
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x,
+                                        src_str->len, dst->len) == 0);
+    }
+
+exit:
+    mbedtls_blowfish_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
+void blowfish_decrypt_cbc(data_t *key_str, data_t *iv_str,
+                          data_t *src_str, data_t *dst,
+                          int cbc_result)
+{
+    unsigned char output[100];
+    mbedtls_blowfish_context ctx;
+
+    memset(output, 0x00, 100);
+    mbedtls_blowfish_init(&ctx);
+
+
+    mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8);
+    TEST_ASSERT(mbedtls_blowfish_crypt_cbc(&ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->len, iv_str->x,
+                                           src_str->x, output) == cbc_result);
+    if (cbc_result == 0) {
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len,
+                                        dst->len) == 0);
+    }
+
+exit:
+    mbedtls_blowfish_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
+void blowfish_encrypt_cfb64(data_t *key_str, data_t *iv_str,
+                            data_t *src_str, data_t *dst)
+{
+    unsigned char output[100];
+    mbedtls_blowfish_context ctx;
+    size_t iv_offset = 0;
+
+    memset(output, 0x00, 100);
+    mbedtls_blowfish_init(&ctx);
+
+
+    mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8);
+    TEST_ASSERT(mbedtls_blowfish_crypt_cfb64(&ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->len,
+                                             &iv_offset, iv_str->x, src_str->x, output) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len,
+                                    dst->len) == 0);
+
+exit:
+    mbedtls_blowfish_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
+void blowfish_decrypt_cfb64(data_t *key_str, data_t *iv_str,
+                            data_t *src_str, data_t *dst)
+{
+    unsigned char output[100];
+    mbedtls_blowfish_context ctx;
+    size_t iv_offset = 0;
+
+    memset(output, 0x00, 100);
+    mbedtls_blowfish_init(&ctx);
+
+
+    mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8);
+    TEST_ASSERT(mbedtls_blowfish_crypt_cfb64(&ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->len,
+                                             &iv_offset, iv_str->x, src_str->x, output) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len,
+                                    dst->len) == 0);
+
+exit:
+    mbedtls_blowfish_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */
+void blowfish_encrypt_ctr(data_t *key_str, data_t *iv_str,
+                          data_t *src_str, data_t *dst)
+{
+    unsigned char stream_str[100];
+    unsigned char output[100];
+    mbedtls_blowfish_context ctx;
+    size_t iv_offset = 0;
+
+    memset(stream_str, 0x00, 100);
+    memset(output, 0x00, 100);
+    mbedtls_blowfish_init(&ctx);
+
+
+    mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8);
+    TEST_ASSERT(mbedtls_blowfish_crypt_ctr(&ctx, src_str->len, &iv_offset, iv_str->x, stream_str,
+                                           src_str->x, output) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len,
+                                    dst->len) == 0);
+
+exit:
+    mbedtls_blowfish_free(&ctx);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_camellia.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_camellia.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_camellia.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_camellia.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_camellia.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_camellia.function
new file mode 100644
index 0000000..da4276a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_camellia.function
@@ -0,0 +1,327 @@
+/* BEGIN_HEADER */
+#include "mbedtls/camellia.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_CAMELLIA_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void camellia_valid_param()
+{
+    TEST_VALID_PARAM(mbedtls_camellia_free(NULL));
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void camellia_invalid_param()
+{
+    mbedtls_camellia_context ctx;
+    unsigned char buf[16] = { 0 };
+    const size_t valid_keybits   = 128;
+    const int invalid_mode = 42;
+    const int valid_mode = MBEDTLS_CAMELLIA_ENCRYPT;
+    size_t off;
+    ((void) off);
+
+    TEST_INVALID_PARAM(mbedtls_camellia_init(NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_setkey_enc(NULL,
+                                                       buf,
+                                                       valid_keybits));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_setkey_enc(&ctx,
+                                                       NULL,
+                                                       valid_keybits));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_setkey_dec(NULL,
+                                                       buf,
+                                                       valid_keybits));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_setkey_dec(&ctx,
+                                                       NULL,
+                                                       valid_keybits));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_ecb(NULL,
+                                                      valid_mode,
+                                                      buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_ecb(&ctx,
+                                                      invalid_mode,
+                                                      buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_ecb(&ctx,
+                                                      valid_mode,
+                                                      NULL, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_ecb(&ctx,
+                                                      valid_mode,
+                                                      buf, NULL));
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_cbc(NULL,
+                                                      valid_mode,
+                                                      sizeof(buf),
+                                                      buf, buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_cbc(&ctx,
+                                                      invalid_mode,
+                                                      sizeof(buf),
+                                                      buf, buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_cbc(&ctx,
+                                                      valid_mode,
+                                                      sizeof(buf),
+                                                      NULL, buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_cbc(&ctx,
+                                                      valid_mode,
+                                                      sizeof(buf),
+                                                      buf, NULL, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_cbc(&ctx,
+                                                      valid_mode,
+                                                      sizeof(buf),
+                                                      buf, buf, NULL));
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_cfb128(NULL,
+                                                         valid_mode,
+                                                         sizeof(buf),
+                                                         &off, buf,
+                                                         buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_cfb128(&ctx,
+                                                         invalid_mode,
+                                                         sizeof(buf),
+                                                         &off, buf,
+                                                         buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_cfb128(&ctx,
+                                                         valid_mode,
+                                                         sizeof(buf),
+                                                         NULL, buf,
+                                                         buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_cfb128(&ctx,
+                                                         valid_mode,
+                                                         sizeof(buf),
+                                                         &off, NULL,
+                                                         buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_cfb128(&ctx,
+                                                         valid_mode,
+                                                         sizeof(buf),
+                                                         &off, buf,
+                                                         NULL, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_cfb128(&ctx,
+                                                         valid_mode,
+                                                         sizeof(buf),
+                                                         &off, buf,
+                                                         buf, NULL));
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_ctr(NULL,
+                                                      sizeof(buf),
+                                                      &off,
+                                                      buf, buf,
+                                                      buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_ctr(&ctx,
+                                                      sizeof(buf),
+                                                      NULL,
+                                                      buf, buf,
+                                                      buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_ctr(&ctx,
+                                                      sizeof(buf),
+                                                      &off,
+                                                      NULL, buf,
+                                                      buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_ctr(&ctx,
+                                                      sizeof(buf),
+                                                      &off,
+                                                      buf, NULL,
+                                                      buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_ctr(&ctx,
+                                                      sizeof(buf),
+                                                      &off,
+                                                      buf, buf,
+                                                      NULL, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA,
+                           mbedtls_camellia_crypt_ctr(&ctx,
+                                                      sizeof(buf),
+                                                      &off,
+                                                      buf, buf,
+                                                      buf, NULL));
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+exit:
+    return;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void camellia_encrypt_ecb(data_t *key_str, data_t *src_str,
+                          data_t *dst, int setkey_result)
+{
+    unsigned char output[100];
+    mbedtls_camellia_context ctx;
+
+    memset(output, 0x00, 100);
+    mbedtls_camellia_init(&ctx);
+
+
+    TEST_ASSERT(mbedtls_camellia_setkey_enc(&ctx, key_str->x, key_str->len * 8) == setkey_result);
+    if (setkey_result == 0) {
+        TEST_ASSERT(mbedtls_camellia_crypt_ecb(&ctx, MBEDTLS_CAMELLIA_ENCRYPT, src_str->x,
+                                               output) == 0);
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0);
+    }
+
+exit:
+    mbedtls_camellia_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void camellia_decrypt_ecb(data_t *key_str, data_t *src_str,
+                          data_t *dst, int setkey_result)
+{
+    unsigned char output[100];
+    mbedtls_camellia_context ctx;
+
+    memset(output, 0x00, 100);
+    mbedtls_camellia_init(&ctx);
+
+
+    TEST_ASSERT(mbedtls_camellia_setkey_dec(&ctx, key_str->x, key_str->len * 8) == setkey_result);
+    if (setkey_result == 0) {
+        TEST_ASSERT(mbedtls_camellia_crypt_ecb(&ctx, MBEDTLS_CAMELLIA_DECRYPT, src_str->x,
+                                               output) == 0);
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0);
+    }
+
+exit:
+    mbedtls_camellia_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
+void camellia_encrypt_cbc(data_t *key_str, data_t *iv_str,
+                          data_t *src_str, data_t *dst, int cbc_result)
+{
+    unsigned char output[100];
+    mbedtls_camellia_context ctx;
+
+    memset(output, 0x00, 100);
+    mbedtls_camellia_init(&ctx);
+
+
+    mbedtls_camellia_setkey_enc(&ctx, key_str->x, key_str->len * 8);
+    TEST_ASSERT(mbedtls_camellia_crypt_cbc(&ctx, MBEDTLS_CAMELLIA_ENCRYPT, src_str->len, iv_str->x,
+                                           src_str->x, output) == cbc_result);
+    if (cbc_result == 0) {
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len,
+                                        dst->len) == 0);
+    }
+
+exit:
+    mbedtls_camellia_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
+void camellia_decrypt_cbc(data_t *key_str, data_t *iv_str,
+                          data_t *src_str, data_t *dst,
+                          int cbc_result)
+{
+    unsigned char output[100];
+    mbedtls_camellia_context ctx;
+
+    memset(output, 0x00, 100);
+    mbedtls_camellia_init(&ctx);
+
+
+    mbedtls_camellia_setkey_dec(&ctx, key_str->x, key_str->len * 8);
+    TEST_ASSERT(mbedtls_camellia_crypt_cbc(&ctx, MBEDTLS_CAMELLIA_DECRYPT, src_str->len, iv_str->x,
+                                           src_str->x, output) == cbc_result);
+    if (cbc_result == 0) {
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len,
+                                        dst->len) == 0);
+    }
+
+exit:
+    mbedtls_camellia_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
+void camellia_encrypt_cfb128(data_t *key_str, data_t *iv_str,
+                             data_t *src_str, data_t *dst)
+{
+    unsigned char output[100];
+    mbedtls_camellia_context ctx;
+    size_t iv_offset = 0;
+
+    memset(output, 0x00, 100);
+    mbedtls_camellia_init(&ctx);
+
+
+    mbedtls_camellia_setkey_enc(&ctx, key_str->x, key_str->len * 8);
+    TEST_ASSERT(mbedtls_camellia_crypt_cfb128(&ctx, MBEDTLS_CAMELLIA_ENCRYPT, 16, &iv_offset,
+                                              iv_str->x, src_str->x, output) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0);
+
+exit:
+    mbedtls_camellia_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
+void camellia_decrypt_cfb128(data_t *key_str, data_t *iv_str,
+                             data_t *src_str,
+                             data_t *dst)
+{
+    unsigned char output[100];
+    mbedtls_camellia_context ctx;
+    size_t iv_offset = 0;
+
+    memset(output, 0x00, 100);
+    mbedtls_camellia_init(&ctx);
+
+
+    mbedtls_camellia_setkey_enc(&ctx, key_str->x, key_str->len * 8);
+    TEST_ASSERT(mbedtls_camellia_crypt_cfb128(&ctx, MBEDTLS_CAMELLIA_DECRYPT, 16, &iv_offset,
+                                              iv_str->x, src_str->x, output) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0);
+
+exit:
+    mbedtls_camellia_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void camellia_selftest()
+{
+    TEST_ASSERT(mbedtls_camellia_self_test(1) == 0);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ccm.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ccm.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ccm.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ccm.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ccm.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ccm.function
new file mode 100644
index 0000000..8e59528
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ccm.function
@@ -0,0 +1,509 @@
+/* BEGIN_HEADER */
+#include "mbedtls/ccm.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_CCM_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */
+void mbedtls_ccm_self_test()
+{
+    TEST_ASSERT(mbedtls_ccm_self_test(1) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_ccm_setkey(int cipher_id, int key_size, int result)
+{
+    mbedtls_ccm_context ctx;
+    unsigned char key[32];
+    int ret;
+
+    mbedtls_ccm_init(&ctx);
+
+    memset(key, 0x2A, sizeof(key));
+    TEST_ASSERT((unsigned) key_size <= 8 * sizeof(key));
+
+    ret = mbedtls_ccm_setkey(&ctx, cipher_id, key, key_size);
+    TEST_ASSERT(ret == result);
+
+exit:
+    mbedtls_ccm_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
+void ccm_lengths(int msg_len, int iv_len, int add_len, int tag_len, int res)
+{
+    mbedtls_ccm_context ctx;
+    unsigned char key[16];
+    unsigned char msg[10];
+    unsigned char iv[14];
+    unsigned char *add = NULL;
+    unsigned char out[10];
+    unsigned char tag[18];
+    int decrypt_ret;
+
+    mbedtls_ccm_init(&ctx);
+
+    TEST_CALLOC_OR_SKIP(add, add_len);
+    memset(key, 0, sizeof(key));
+    memset(msg, 0, sizeof(msg));
+    memset(iv, 0, sizeof(iv));
+    memset(out, 0, sizeof(out));
+    memset(tag, 0, sizeof(tag));
+
+    TEST_ASSERT(mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES,
+                                   key, 8 * sizeof(key)) == 0);
+
+    TEST_ASSERT(mbedtls_ccm_encrypt_and_tag(&ctx, msg_len, iv, iv_len, add, add_len,
+                                            msg, out, tag, tag_len) == res);
+
+    decrypt_ret = mbedtls_ccm_auth_decrypt(&ctx, msg_len, iv, iv_len, add, add_len,
+                                           msg, out, tag, tag_len);
+
+    if (res == 0) {
+        TEST_ASSERT(decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED);
+    } else {
+        TEST_ASSERT(decrypt_ret == res);
+    }
+
+exit:
+    mbedtls_free(add);
+    mbedtls_ccm_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
+void ccm_star_lengths(int msg_len, int iv_len, int add_len, int tag_len,
+                      int res)
+{
+    mbedtls_ccm_context ctx;
+    unsigned char key[16];
+    unsigned char msg[10];
+    unsigned char iv[14];
+    unsigned char add[10];
+    unsigned char out[10];
+    unsigned char tag[18];
+    int decrypt_ret;
+
+    mbedtls_ccm_init(&ctx);
+
+    memset(key, 0, sizeof(key));
+    memset(msg, 0, sizeof(msg));
+    memset(iv, 0, sizeof(iv));
+    memset(add, 0, sizeof(add));
+    memset(out, 0, sizeof(out));
+    memset(tag, 0, sizeof(tag));
+
+    TEST_ASSERT(mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES,
+                                   key, 8 * sizeof(key)) == 0);
+
+    TEST_ASSERT(mbedtls_ccm_star_encrypt_and_tag(&ctx, msg_len, iv, iv_len,
+                                                 add, add_len, msg, out, tag, tag_len) == res);
+
+    decrypt_ret = mbedtls_ccm_star_auth_decrypt(&ctx, msg_len, iv, iv_len, add,
+                                                add_len, msg, out, tag, tag_len);
+
+    if (res == 0 && tag_len != 0) {
+        TEST_ASSERT(decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED);
+    } else {
+        TEST_ASSERT(decrypt_ret == res);
+    }
+
+exit:
+    mbedtls_ccm_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_ccm_encrypt_and_tag(int cipher_id, data_t *key,
+                                 data_t *msg, data_t *iv,
+                                 data_t *add, data_t *result)
+{
+    mbedtls_ccm_context ctx;
+    size_t tag_len;
+    uint8_t *msg_n_tag = (uint8_t *) malloc(result->len + 2);
+
+    mbedtls_ccm_init(&ctx);
+
+    memset(msg_n_tag, 0, result->len + 2);
+    memcpy(msg_n_tag, msg->x, msg->len);
+
+    tag_len = result->len - msg->len;
+
+    TEST_ASSERT(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8) == 0);
+
+    /* Test with input == output */
+    TEST_ASSERT(mbedtls_ccm_encrypt_and_tag(&ctx, msg->len, iv->x, iv->len, add->x, add->len,
+                                            msg_n_tag, msg_n_tag, msg_n_tag + msg->len,
+                                            tag_len) == 0);
+
+    TEST_ASSERT(memcmp(msg_n_tag, result->x, result->len) == 0);
+
+    /* Check we didn't write past the end */
+    TEST_ASSERT(msg_n_tag[result->len] == 0 && msg_n_tag[result->len + 1] == 0);
+
+exit:
+    mbedtls_ccm_free(&ctx);
+    free(msg_n_tag);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_ccm_auth_decrypt(int cipher_id, data_t *key,
+                              data_t *msg, data_t *iv,
+                              data_t *add, int tag_len, int result,
+                              data_t *expected_msg)
+{
+    unsigned char tag[16];
+    mbedtls_ccm_context ctx;
+
+    mbedtls_ccm_init(&ctx);
+
+    memset(tag, 0x00, sizeof(tag));
+
+    msg->len -= tag_len;
+    memcpy(tag, msg->x + msg->len, tag_len);
+
+    TEST_ASSERT(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8) == 0);
+
+    /* Test with input == output */
+    TEST_ASSERT(mbedtls_ccm_auth_decrypt(&ctx, msg->len, iv->x, iv->len, add->x, add->len,
+                                         msg->x, msg->x, msg->x + msg->len, tag_len) == result);
+
+    if (result == 0) {
+        TEST_ASSERT(memcmp(msg->x, expected_msg->x, expected_msg->len) == 0);
+    } else {
+        size_t i;
+
+        for (i = 0; i < msg->len; i++) {
+            TEST_ASSERT(msg->x[i] == 0);
+        }
+    }
+
+    /* Check we didn't write past the end (where the original tag is) */
+    TEST_ASSERT(memcmp(msg->x + msg->len, tag, tag_len) == 0);
+
+exit:
+    mbedtls_ccm_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_ccm_star_encrypt_and_tag(int cipher_id,
+                                      data_t *key, data_t *msg,
+                                      data_t *source_address, data_t *frame_counter,
+                                      int sec_level, data_t *add,
+                                      data_t *expected_result, int output_ret)
+{
+    unsigned char iv[13];
+    unsigned char result[50];
+    mbedtls_ccm_context ctx;
+    size_t iv_len, tag_len;
+    int ret;
+
+    mbedtls_ccm_init(&ctx);
+
+    memset(result, 0x00, sizeof(result));
+
+    if (sec_level % 4 == 0) {
+        tag_len = 0;
+    } else {
+        tag_len = 1 << (sec_level % 4 + 1);
+    }
+
+    TEST_ASSERT(source_address->len == 8);
+    TEST_ASSERT(frame_counter->len == 4);
+    memcpy(iv, source_address->x, source_address->len);
+    memcpy(iv + source_address->len, frame_counter->x, frame_counter->len);
+    iv[source_address->len + frame_counter->len] = sec_level;
+    iv_len = sizeof(iv);
+
+    TEST_ASSERT(mbedtls_ccm_setkey(&ctx, cipher_id,
+                                   key->x, key->len * 8) == 0);
+
+    ret = mbedtls_ccm_star_encrypt_and_tag(&ctx, msg->len, iv, iv_len,
+                                           add->x, add->len, msg->x,
+                                           result, result + msg->len, tag_len);
+
+    TEST_ASSERT(ret == output_ret);
+
+    TEST_ASSERT(memcmp(result,
+                       expected_result->x, expected_result->len) == 0);
+
+    /* Check we didn't write past the end */
+    TEST_ASSERT(result[expected_result->len] == 0 &&
+                result[expected_result->len + 1] == 0);
+
+exit:
+    mbedtls_ccm_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_ccm_star_auth_decrypt(int cipher_id,
+                                   data_t *key, data_t *msg,
+                                   data_t *source_address, data_t *frame_counter,
+                                   int sec_level, data_t *add,
+                                   data_t *expected_result, int output_ret)
+{
+    unsigned char iv[13];
+    unsigned char result[50];
+    mbedtls_ccm_context ctx;
+    size_t iv_len, tag_len;
+    int ret;
+
+    mbedtls_ccm_init(&ctx);
+
+    memset(iv, 0x00, sizeof(iv));
+    memset(result, '+', sizeof(result));
+
+    if (sec_level % 4 == 0) {
+        tag_len = 0;
+    } else {
+        tag_len = 1 << (sec_level % 4 + 1);
+    }
+
+    TEST_ASSERT(source_address->len == 8);
+    TEST_ASSERT(frame_counter->len == 4);
+    memcpy(iv, source_address->x, source_address->len);
+    memcpy(iv + source_address->len, frame_counter->x, frame_counter->len);
+    iv[source_address->len + frame_counter->len] = sec_level;
+    iv_len = sizeof(iv);
+
+    TEST_ASSERT(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8) == 0);
+
+    ret = mbedtls_ccm_star_auth_decrypt(&ctx, msg->len - tag_len, iv, iv_len,
+                                        add->x, add->len, msg->x, result,
+                                        msg->x + msg->len - tag_len, tag_len);
+
+    TEST_ASSERT(ret == output_ret);
+
+    TEST_ASSERT(memcmp(result, expected_result->x,
+                       expected_result->len) == 0);
+
+    /* Check we didn't write past the end (where the original tag is) */
+    TEST_ASSERT((msg->len + 2) <= sizeof(result));
+    TEST_EQUAL(result[msg->len], '+');
+    TEST_EQUAL(result[msg->len + 1], '+');
+
+exit:
+    mbedtls_ccm_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void ccm_invalid_param()
+{
+    struct mbedtls_ccm_context ctx;
+    unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 };
+    mbedtls_cipher_id_t valid_cipher = MBEDTLS_CIPHER_ID_AES;
+    int valid_len = sizeof(valid_buffer);
+    int valid_bitlen = valid_len * 8;
+
+    mbedtls_ccm_init(&ctx);
+
+    /* mbedtls_ccm_init() */
+    TEST_INVALID_PARAM(mbedtls_ccm_init(NULL));
+
+    /* mbedtls_ccm_setkey() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_setkey(NULL, valid_cipher, valid_buffer, valid_bitlen));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_setkey(&ctx, valid_cipher, NULL, valid_bitlen));
+
+    /* mbedtls_ccm_encrypt_and_tag() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_encrypt_and_tag(NULL, valid_len,
+                                    valid_buffer, valid_len,
+                                    valid_buffer, valid_len,
+                                    valid_buffer, valid_buffer,
+                                    valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_encrypt_and_tag(&ctx, valid_len,
+                                    NULL, valid_len,
+                                    valid_buffer, valid_len,
+                                    valid_buffer, valid_buffer,
+                                    valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_encrypt_and_tag(&ctx, valid_len,
+                                    valid_buffer, valid_len,
+                                    NULL, valid_len,
+                                    valid_buffer, valid_buffer,
+                                    valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_encrypt_and_tag(&ctx, valid_len,
+                                    valid_buffer, valid_len,
+                                    valid_buffer, valid_len,
+                                    NULL, valid_buffer,
+                                    valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_encrypt_and_tag(&ctx, valid_len,
+                                    valid_buffer, valid_len,
+                                    valid_buffer, valid_len,
+                                    valid_buffer, NULL,
+                                    valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_encrypt_and_tag(&ctx, valid_len,
+                                    valid_buffer, valid_len,
+                                    valid_buffer, valid_len,
+                                    valid_buffer, valid_buffer,
+                                    NULL, valid_len));
+
+    /* mbedtls_ccm_star_encrypt_and_tag() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_star_encrypt_and_tag(NULL, valid_len,
+                                         valid_buffer, valid_len,
+                                         valid_buffer, valid_len,
+                                         valid_buffer, valid_buffer,
+                                         valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_star_encrypt_and_tag(&ctx, valid_len,
+                                         NULL, valid_len,
+                                         valid_buffer, valid_len,
+                                         valid_buffer, valid_buffer,
+                                         valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_star_encrypt_and_tag(&ctx, valid_len,
+                                         valid_buffer, valid_len,
+                                         NULL, valid_len,
+                                         valid_buffer, valid_buffer,
+                                         valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_star_encrypt_and_tag(&ctx, valid_len,
+                                         valid_buffer, valid_len,
+                                         valid_buffer, valid_len,
+                                         NULL, valid_buffer,
+                                         valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_star_encrypt_and_tag(&ctx, valid_len,
+                                         valid_buffer, valid_len,
+                                         valid_buffer, valid_len,
+                                         valid_buffer, NULL,
+                                         valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_star_encrypt_and_tag(&ctx, valid_len,
+                                         valid_buffer, valid_len,
+                                         valid_buffer, valid_len,
+                                         valid_buffer, valid_buffer,
+                                         NULL, valid_len));
+
+    /* mbedtls_ccm_auth_decrypt() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_auth_decrypt(NULL, valid_len,
+                                 valid_buffer, valid_len,
+                                 valid_buffer, valid_len,
+                                 valid_buffer, valid_buffer,
+                                 valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_auth_decrypt(&ctx, valid_len,
+                                 NULL, valid_len,
+                                 valid_buffer, valid_len,
+                                 valid_buffer, valid_buffer,
+                                 valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_auth_decrypt(&ctx, valid_len,
+                                 valid_buffer, valid_len,
+                                 NULL, valid_len,
+                                 valid_buffer, valid_buffer,
+                                 valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_auth_decrypt(&ctx, valid_len,
+                                 valid_buffer, valid_len,
+                                 valid_buffer, valid_len,
+                                 NULL, valid_buffer,
+                                 valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_auth_decrypt(&ctx, valid_len,
+                                 valid_buffer, valid_len,
+                                 valid_buffer, valid_len,
+                                 valid_buffer, NULL,
+                                 valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_auth_decrypt(&ctx, valid_len,
+                                 valid_buffer, valid_len,
+                                 valid_buffer, valid_len,
+                                 valid_buffer, valid_buffer,
+                                 NULL, valid_len));
+
+    /* mbedtls_ccm_star_auth_decrypt() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_star_auth_decrypt(NULL, valid_len,
+                                      valid_buffer, valid_len,
+                                      valid_buffer, valid_len,
+                                      valid_buffer, valid_buffer,
+                                      valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_star_auth_decrypt(&ctx, valid_len,
+                                      NULL, valid_len,
+                                      valid_buffer, valid_len,
+                                      valid_buffer, valid_buffer,
+                                      valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_star_auth_decrypt(&ctx, valid_len,
+                                      valid_buffer, valid_len,
+                                      NULL, valid_len,
+                                      valid_buffer, valid_buffer,
+                                      valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_star_auth_decrypt(&ctx, valid_len,
+                                      valid_buffer, valid_len,
+                                      valid_buffer, valid_len,
+                                      NULL, valid_buffer,
+                                      valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_star_auth_decrypt(&ctx, valid_len,
+                                      valid_buffer, valid_len,
+                                      valid_buffer, valid_len,
+                                      valid_buffer, NULL,
+                                      valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CCM_BAD_INPUT,
+        mbedtls_ccm_star_auth_decrypt(&ctx, valid_len,
+                                      valid_buffer, valid_len,
+                                      valid_buffer, valid_len,
+                                      valid_buffer, valid_buffer,
+                                      NULL, valid_len));
+
+exit:
+    mbedtls_ccm_free(&ctx);
+    return;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ccm_valid_param()
+{
+    TEST_VALID_PARAM(mbedtls_ccm_free(NULL));
+exit:
+    return;
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_chacha20.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_chacha20.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_chacha20.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_chacha20.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_chacha20.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_chacha20.function
new file mode 100644
index 0000000..3c6f06c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_chacha20.function
@@ -0,0 +1,121 @@
+/* BEGIN_HEADER */
+#include "mbedtls/chacha20.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_CHACHA20_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void chacha20_crypt(data_t *key_str,
+                    data_t *nonce_str,
+                    int counter,
+                    data_t *src_str,
+                    data_t *expected_output_str)
+{
+    unsigned char output[375];
+    mbedtls_chacha20_context ctx;
+
+    memset(output, 0x00, sizeof(output));
+
+    TEST_ASSERT(src_str->len   == expected_output_str->len);
+    TEST_ASSERT(key_str->len   == 32U);
+    TEST_ASSERT(nonce_str->len == 12U);
+
+    /*
+     * Test the integrated API
+     */
+    TEST_ASSERT(mbedtls_chacha20_crypt(key_str->x, nonce_str->x, counter, src_str->len, src_str->x,
+                                       output) == 0);
+
+    TEST_MEMORY_COMPARE(output, expected_output_str->len,
+                        expected_output_str->x, expected_output_str->len);
+
+    /*
+     * Test the streaming API
+     */
+    mbedtls_chacha20_init(&ctx);
+
+    TEST_ASSERT(mbedtls_chacha20_setkey(&ctx, key_str->x) == 0);
+
+    TEST_ASSERT(mbedtls_chacha20_starts(&ctx, nonce_str->x, counter) == 0);
+
+    memset(output, 0x00, sizeof(output));
+    TEST_ASSERT(mbedtls_chacha20_update(&ctx, src_str->len, src_str->x, output) == 0);
+
+    TEST_MEMORY_COMPARE(output, expected_output_str->len,
+                        expected_output_str->x, expected_output_str->len);
+
+    /*
+     * Test the streaming API again, piecewise
+     */
+
+    /* Don't free/init the context nor set the key again,
+     * in order to test that starts() does the right thing. */
+    TEST_ASSERT(mbedtls_chacha20_starts(&ctx, nonce_str->x, counter) == 0);
+
+    memset(output, 0x00, sizeof(output));
+    TEST_ASSERT(mbedtls_chacha20_update(&ctx, 1, src_str->x, output) == 0);
+    TEST_ASSERT(mbedtls_chacha20_update(&ctx, src_str->len - 1,
+                                        src_str->x + 1, output + 1) == 0);
+
+    TEST_MEMORY_COMPARE(output, expected_output_str->len,
+                        expected_output_str->x, expected_output_str->len);
+
+    mbedtls_chacha20_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void chacha20_bad_params()
+{
+    unsigned char key[32];
+    unsigned char nonce[12];
+    unsigned char src[1];
+    unsigned char dst[1];
+    uint32_t counter = 0;
+    size_t len = sizeof(src);
+    mbedtls_chacha20_context ctx;
+
+    TEST_INVALID_PARAM(mbedtls_chacha20_init(NULL));
+    TEST_VALID_PARAM(mbedtls_chacha20_free(NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
+                           mbedtls_chacha20_setkey(NULL, key));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
+                           mbedtls_chacha20_setkey(&ctx, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
+                           mbedtls_chacha20_starts(NULL, nonce, counter));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
+                           mbedtls_chacha20_starts(&ctx, NULL, counter));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
+                           mbedtls_chacha20_update(NULL, 0, src, dst));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
+                           mbedtls_chacha20_update(&ctx, len, NULL, dst));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
+                           mbedtls_chacha20_update(&ctx, len, src, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
+                           mbedtls_chacha20_crypt(NULL, nonce, counter, 0, src, dst));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
+                           mbedtls_chacha20_crypt(key, NULL, counter, 0, src, dst));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
+                           mbedtls_chacha20_crypt(key, nonce, counter, len, NULL, dst));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA,
+                           mbedtls_chacha20_crypt(key, nonce, counter, len, src, NULL));
+
+exit:
+    return;
+
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void chacha20_self_test()
+{
+    TEST_ASSERT(mbedtls_chacha20_self_test(1) == 0);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_chachapoly.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_chachapoly.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_chachapoly.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_chachapoly.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_chachapoly.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_chachapoly.function
new file mode 100644
index 0000000..906e3f5
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_chachapoly.function
@@ -0,0 +1,295 @@
+/* BEGIN_HEADER */
+#include "mbedtls/chachapoly.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_CHACHAPOLY_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void mbedtls_chachapoly_enc(data_t *key_str,
+                            data_t *nonce_str,
+                            data_t *aad_str,
+                            data_t *input_str,
+                            data_t *output_str,
+                            data_t *mac_str)
+{
+    unsigned char output[265];
+    unsigned char mac[16]; /* size set by the standard */
+    mbedtls_chachapoly_context ctx;
+
+    TEST_ASSERT(key_str->len   == 32);
+    TEST_ASSERT(nonce_str->len == 12);
+    TEST_ASSERT(mac_str->len   == 16);
+
+    mbedtls_chachapoly_init(&ctx);
+
+    TEST_ASSERT(mbedtls_chachapoly_setkey(&ctx, key_str->x) == 0);
+
+    TEST_ASSERT(mbedtls_chachapoly_encrypt_and_tag(&ctx,
+                                                   input_str->len, nonce_str->x,
+                                                   aad_str->x, aad_str->len,
+                                                   input_str->x, output, mac) == 0);
+
+    TEST_ASSERT(memcmp(output_str->x, output, output_str->len) == 0);
+    TEST_ASSERT(memcmp(mac_str->x, mac, 16U) == 0);
+
+exit:
+    mbedtls_chachapoly_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_chachapoly_dec(data_t *key_str,
+                            data_t *nonce_str,
+                            data_t *aad_str,
+                            data_t *input_str,
+                            data_t *output_str,
+                            data_t *mac_str,
+                            int ret_exp)
+{
+    unsigned char output[265];
+    int ret;
+    mbedtls_chachapoly_context ctx;
+
+    TEST_ASSERT(key_str->len   == 32);
+    TEST_ASSERT(nonce_str->len == 12);
+    TEST_ASSERT(mac_str->len   == 16);
+
+    mbedtls_chachapoly_init(&ctx);
+
+    TEST_ASSERT(mbedtls_chachapoly_setkey(&ctx, key_str->x) == 0);
+
+    ret = mbedtls_chachapoly_auth_decrypt(&ctx,
+                                          input_str->len, nonce_str->x,
+                                          aad_str->x, aad_str->len,
+                                          mac_str->x, input_str->x, output);
+
+    TEST_ASSERT(ret == ret_exp);
+    if (ret_exp == 0) {
+        TEST_ASSERT(memcmp(output_str->x, output, output_str->len) == 0);
+    }
+
+exit:
+    mbedtls_chachapoly_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void chachapoly_bad_params()
+{
+    unsigned char key[32];
+    unsigned char nonce[12];
+    unsigned char aad[1];
+    unsigned char input[1];
+    unsigned char output[1];
+    unsigned char mac[16];
+    size_t input_len = sizeof(input);
+    size_t aad_len = sizeof(aad);
+    mbedtls_chachapoly_context ctx;
+
+    memset(key,    0x00, sizeof(key));
+    memset(nonce,  0x00, sizeof(nonce));
+    memset(aad,    0x00, sizeof(aad));
+    memset(input,  0x00, sizeof(input));
+    memset(output, 0x00, sizeof(output));
+    memset(mac,    0x00, sizeof(mac));
+
+    TEST_INVALID_PARAM(mbedtls_chachapoly_init(NULL));
+    TEST_VALID_PARAM(mbedtls_chachapoly_free(NULL));
+
+    /* setkey */
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_setkey(NULL, key));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_setkey(&ctx, NULL));
+
+    /* encrypt_and_tag */
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_encrypt_and_tag(NULL,
+                                                              0, nonce,
+                                                              aad, 0,
+                                                              input, output, mac));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_encrypt_and_tag(&ctx,
+                                                              0, NULL,
+                                                              aad, 0,
+                                                              input, output, mac));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_encrypt_and_tag(&ctx,
+                                                              0, nonce,
+                                                              NULL, aad_len,
+                                                              input, output, mac));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_encrypt_and_tag(&ctx,
+                                                              input_len, nonce,
+                                                              aad, 0,
+                                                              NULL, output, mac));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_encrypt_and_tag(&ctx,
+                                                              input_len, nonce,
+                                                              aad, 0,
+                                                              input, NULL, mac));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_encrypt_and_tag(&ctx,
+                                                              0, nonce,
+                                                              aad, 0,
+                                                              input, output, NULL));
+
+    /* auth_decrypt */
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_auth_decrypt(NULL,
+                                                           0, nonce,
+                                                           aad, 0,
+                                                           mac, input, output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_auth_decrypt(&ctx,
+                                                           0, NULL,
+                                                           aad, 0,
+                                                           mac, input, output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_auth_decrypt(&ctx,
+                                                           0, nonce,
+                                                           NULL, aad_len,
+                                                           mac, input, output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_auth_decrypt(&ctx,
+                                                           0, nonce,
+                                                           aad, 0,
+                                                           NULL, input, output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_auth_decrypt(&ctx,
+                                                           input_len, nonce,
+                                                           aad, 0,
+                                                           mac, NULL, output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_auth_decrypt(&ctx,
+                                                           input_len, nonce,
+                                                           aad, 0,
+                                                           mac, input, NULL));
+
+    /* starts */
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_starts(NULL, nonce,
+                                                     MBEDTLS_CHACHAPOLY_ENCRYPT));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_starts(&ctx, NULL,
+                                                     MBEDTLS_CHACHAPOLY_ENCRYPT));
+
+    /* update_aad */
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_update_aad(NULL, aad,
+                                                         aad_len));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_update_aad(&ctx, NULL,
+                                                         aad_len));
+
+    /* update */
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_update(NULL, input_len,
+                                                     input, output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_update(&ctx, input_len,
+                                                     NULL, output));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_update(&ctx, input_len,
+                                                     input, NULL));
+
+    /* finish */
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_finish(NULL, mac));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_chachapoly_finish(&ctx, NULL));
+
+exit:
+    return;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void chachapoly_state()
+{
+    unsigned char key[32];
+    unsigned char nonce[12];
+    unsigned char aad[1];
+    unsigned char input[1];
+    unsigned char output[1];
+    unsigned char mac[16];
+    size_t input_len = sizeof(input);
+    size_t aad_len = sizeof(aad);
+    mbedtls_chachapoly_context ctx;
+
+    memset(key,    0x00, sizeof(key));
+    memset(nonce,  0x00, sizeof(nonce));
+    memset(aad,    0x00, sizeof(aad));
+    memset(input,  0x00, sizeof(input));
+    memset(output, 0x00, sizeof(output));
+    memset(mac,    0x00, sizeof(mac));
+
+    /* Initial state: finish, update, update_aad forbidden */
+    mbedtls_chachapoly_init(&ctx);
+
+    TEST_ASSERT(mbedtls_chachapoly_finish(&ctx, mac)
+                == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
+    TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output)
+                == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
+    TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len)
+                == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
+
+    /* Still initial state: finish, update, update_aad forbidden */
+    TEST_ASSERT(mbedtls_chachapoly_setkey(&ctx, key)
+                == 0);
+
+    TEST_ASSERT(mbedtls_chachapoly_finish(&ctx, mac)
+                == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
+    TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output)
+                == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
+    TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len)
+                == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
+
+    /* Starts -> finish OK */
+    TEST_ASSERT(mbedtls_chachapoly_starts(&ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT)
+                == 0);
+    TEST_ASSERT(mbedtls_chachapoly_finish(&ctx, mac)
+                == 0);
+
+    /* After finish: update, update_aad forbidden */
+    TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output)
+                == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
+    TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len)
+                == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
+
+    /* Starts -> update* OK */
+    TEST_ASSERT(mbedtls_chachapoly_starts(&ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT)
+                == 0);
+    TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output)
+                == 0);
+    TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output)
+                == 0);
+
+    /* After update: update_aad forbidden */
+    TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len)
+                == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
+
+    /* Starts -> update_aad* -> finish OK */
+    TEST_ASSERT(mbedtls_chachapoly_starts(&ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT)
+                == 0);
+    TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len)
+                == 0);
+    TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len)
+                == 0);
+    TEST_ASSERT(mbedtls_chachapoly_finish(&ctx, mac)
+                == 0);
+
+exit:
+    mbedtls_chachapoly_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void chachapoly_selftest()
+{
+    TEST_ASSERT(mbedtls_chachapoly_self_test(1) == 0);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.aes.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.aes.data
similarity index 91%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.aes.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.aes.data
index 4dbdd52..78bb7cc 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.aes.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.aes.data
@@ -1703,101 +1703,197 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0:0
 
 AES-128-CBC crypt Encrypt NIST KAT #1 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":0:1
 
 AES-128-CBC crypt Encrypt NIST KAT #2 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffe000":"00000000000000000000000000000000":"00000000000000000000000000000000":"323994cfb9da285a5d9642e1759b224a":0:1
 
 AES-128-CBC crypt Encrypt NIST KAT #3 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":0:1
 
 AES-128-CBC crypt Encrypt NIST KAT #4 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0:1
 
 AES-128-CBC crypt Decrypt NIST KAT #1 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":"80000000000000000000000000000000":0:1
 
 AES-128-CBC crypt Decrypt NIST KAT #2 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"ffffc000000000000000000000000000":"00000000000000000000000000000000":"df556a33438db87bc41b1752c55e5e49":"00000000000000000000000000000000":0:1
 
 AES-128-CBC crypt Decrypt NIST KAT #3 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":"00000000000000000000000000000000":0:1
 
 AES-128-CBC crypt Decrypt NIST KAT #4 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"0336763e966d92595a567cc9ce537f5e":"f34481ec3cc627bacd5dc3fb08f273e6":0:1
 
 AES-192-CBC crypt Encrypt NIST KAT #1 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":0:1
 
 AES-192-CBC crypt Encrypt NIST KAT #2 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"ff0000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"833f71258d53036b02952c76c744f5a1":0:1
 
 AES-192-CBC crypt Encrypt NIST KAT #3 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":0:1
 
 AES-192-CBC crypt Encrypt NIST KAT #4 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"1b077a6af4b7f98229de786d7516b639":"275cfc0413d8ccb70513c3859b1d0f72":0:1
 
 AES-192-CBC crypt Decrypt NIST KAT #1 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":"80000000000000000000000000000000":0:1
 
 AES-192-CBC crypt Decrypt NIST KAT #2 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"ffe000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"7ababc4b3f516c9aafb35f4140b548f9":"00000000000000000000000000000000":0:1
 
 AES-192-CBC crypt Decrypt NIST KAT #3 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":"00000000000000000000000000000000":0:1
 
 AES-192-CBC crypt Decrypt NIST KAT #4 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:1
 
 AES-256-CBC crypt Encrypt NIST KAT #1 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":0:1
 
 AES-256-CBC crypt Encrypt NIST KAT #2 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"ff00000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"ec52a212f80a09df6317021bc2a9819e":0:1
 
 AES-256-CBC crypt Encrypt NIST KAT #3 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":0:1
 
 AES-256-CBC crypt Encrypt NIST KAT #4 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"014730f80ac625fe84f026c60bfd547d":"5c9d844ed46f9885085e5d6a4f94c7d7":0:1
 
 AES-256-CBC crypt Decrypt NIST KAT #1 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:1
 
 AES-256-CBC crypt Decrypt NIST KAT #2 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"ffe0000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"d1ccb9b1337002cbac42c520b5d67722":"00000000000000000000000000000000":0:1
 
 AES-256-CBC crypt Decrypt NIST KAT #3 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING
 test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":"00000000000000000000000000000000":0:1
 
 AES-256-CBC crypt Decrypt NIST KAT #4 PSA
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:MBEDTLS_CIPHER_MODE_CBC
 test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0:1
 
+AES-128-ECB crypt Encrypt NIST KAT #1 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"80000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":0:1
+
+AES-128-ECB crypt Encrypt NIST KAT #2 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffe000":"":"00000000000000000000000000000000":"323994cfb9da285a5d9642e1759b224a":0:1
+
+AES-128-ECB crypt Encrypt NIST KAT #3 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"10a58869d74be5a374cf867cfb473859":"":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":0:1
+
+AES-128-ECB crypt Encrypt NIST KAT #4 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0:1
+
+AES-128-ECB crypt Decrypt NIST KAT #1 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"":"3ad78e726c1ec02b7ebfe92b23d9ec34":"80000000000000000000000000000000":0:1
+
+AES-128-ECB crypt Decrypt NIST KAT #2 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffc000000000000000000000000000":"":"df556a33438db87bc41b1752c55e5e49":"00000000000000000000000000000000":0:1
+
+AES-128-ECB crypt Decrypt NIST KAT #3 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"10a58869d74be5a374cf867cfb473859":"":"6d251e6944b051e04eaa6fb4dbf78465":"00000000000000000000000000000000":0:1
+
+AES-128-ECB crypt Decrypt NIST KAT #4 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"":"0336763e966d92595a567cc9ce537f5e":"f34481ec3cc627bacd5dc3fb08f273e6":0:1
+
+AES-192-ECB crypt Encrypt NIST KAT #1 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"80000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":0:1
+
+AES-192-ECB crypt Encrypt NIST KAT #2 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"ff0000000000000000000000000000000000000000000000":"":"00000000000000000000000000000000":"833f71258d53036b02952c76c744f5a1":0:1
+
+AES-192-ECB crypt Encrypt NIST KAT #3 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":0:1
+
+AES-192-ECB crypt Encrypt NIST KAT #4 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"1b077a6af4b7f98229de786d7516b639":"275cfc0413d8ccb70513c3859b1d0f72":0:1
+
+AES-192-ECB crypt Decrypt NIST KAT #1 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"6cd02513e8d4dc986b4afe087a60bd0c":"80000000000000000000000000000000":0:1
+
+AES-192-ECB crypt Decrypt NIST KAT #2 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"ffe000000000000000000000000000000000000000000000":"":"7ababc4b3f516c9aafb35f4140b548f9":"00000000000000000000000000000000":0:1
+
+AES-192-ECB crypt Decrypt NIST KAT #3 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"":"0956259c9cd5cfd0181cca53380cde06":"00000000000000000000000000000000":0:1
+
+AES-192-ECB crypt Decrypt NIST KAT #4 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:1
+
+AES-256-ECB crypt Encrypt NIST KAT #1 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"80000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":0:1
+
+AES-256-ECB crypt Encrypt NIST KAT #2 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"ff00000000000000000000000000000000000000000000000000000000000000":"":"00000000000000000000000000000000":"ec52a212f80a09df6317021bc2a9819e":0:1
+
+AES-256-ECB crypt Encrypt NIST KAT #3 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":0:1
+
+AES-256-ECB crypt Encrypt NIST KAT #4 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"014730f80ac625fe84f026c60bfd547d":"5c9d844ed46f9885085e5d6a4f94c7d7":0:1
+
+AES-256-ECB crypt Decrypt NIST KAT #1 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:1
+
+AES-256-ECB crypt Decrypt NIST KAT #2 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"ffe0000000000000000000000000000000000000000000000000000000000000":"":"d1ccb9b1337002cbac42c520b5d67722":"00000000000000000000000000000000":0:1
+
+AES-256-ECB crypt Decrypt NIST KAT #3 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"":"46f2fb342d6f0ab477476fc501242c5f":"00000000000000000000000000000000":0:1
+
+AES-256-ECB crypt Decrypt NIST KAT #4 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0:1
+
 Cipher Corner Case behaviours
 depends_on:MBEDTLS_AES_C
 cipher_special_behaviours:
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.arc4.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.arc4.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.arc4.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.arc4.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.aria.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.aria.data
new file mode 100644
index 0000000..79c0bf6
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.aria.data
@@ -0,0 +1,3 @@
+Aria CBC Decrypt empty buffer
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+dec_empty_buf:MBEDTLS_CIPHER_ARIA_128_CBC:0:0
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.blowfish.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.blowfish.data
similarity index 90%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.blowfish.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.blowfish.data
index a05a4e7..eb3a0c4 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.blowfish.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.blowfish.data
@@ -3,7 +3,7 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC
 dec_empty_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:0:0
 
 BLOWFISH Encrypt and decrypt 0 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:-1
 
 BLOWFISH Encrypt and decrypt 1 byte [#1]
@@ -19,7 +19,7 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:-1
 
 BLOWFISH Encrypt and decrypt 8 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:-1
 
 BLOWFISH Encrypt and decrypt 9 bytes [#1]
@@ -31,7 +31,7 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:-1
 
 BLOWFISH Encrypt and decrypt 16 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:-1
 
 BLOWFISH Encrypt and decrypt 17 bytes [#1]
@@ -43,7 +43,7 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:-1
 
 BLOWFISH Encrypt and decrypt 32 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:-1
 
 BLOWFISH Encrypt and decrypt 32 bytes [#2]
@@ -55,7 +55,7 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:-1
 
 BLOWFISH Encrypt and decrypt 48 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:-1
 
 BLOWFISH Encrypt and decrypt 49 bytes [#1]
@@ -63,247 +63,247 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:-1
 
 BLOWFISH Encrypt and decrypt 0 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 1 byte with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 2 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 7 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 8 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 9 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 15 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 16 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 17 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 31 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 32 bytes with one and zeros padding [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 32 bytes with one and zeros padding [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 47 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 48 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 49 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 0 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 1 byte with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 2 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 7 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 8 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 9 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 15 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 16 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 17 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 31 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 32 bytes with zeros and len padding [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 32 bytes with zeros and len padding [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 47 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 48 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 49 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 0 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 1 byte with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 2 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 7 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 8 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 9 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 15 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 16 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 17 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 31 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 32 bytes with zeros padding [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 32 bytes with zeros padding [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 47 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 48 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 49 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 0 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_NONE
 
 BLOWFISH Encrypt and decrypt 8 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_NONE
 
 BLOWFISH Encrypt and decrypt 16 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_NONE
 
 BLOWFISH Encrypt and decrypt 32 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_NONE
 
 BLOWFISH Encrypt and decrypt 48 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_NONE
 
 BLOWFISH Try encrypting 1 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:1:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 BLOWFISH Try encrypting 2 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:2:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 BLOWFISH Try encrypting 7 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:7:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 BLOWFISH Try encrypting 9 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:9:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 BLOWFISH Try encrypting 15 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:15:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 BLOWFISH Try encrypting 17 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:17:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 BLOWFISH Try encrypting 31 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:31:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 BLOWFISH Try encrypting 33 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:33:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 BLOWFISH Try encrypting 47 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:47:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 BLOWFISH Try encrypting 49 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:49:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 BLOWFISH Encrypt and decrypt 0 bytes in multiple parts [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:0:0:-1:0:0:0:0
 
 BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 1 [#1]
@@ -319,15 +319,15 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC
 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:16:0:-1:16:0:8:8
 
 BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 2 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:0:16:-1:0:16:0:16
 
 BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 3 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:1:15:-1:0:16:0:16
 
 BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 4 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:15:1:-1:8:8:8:8
 
 BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#1]
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.camellia.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.camellia.data
similarity index 97%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.camellia.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.camellia.data
index 3e7bffa..d7401a1 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.camellia.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.camellia.data
@@ -67,183 +67,183 @@ depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:49:-1
 
 CAMELLIA Encrypt and decrypt 0 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:0:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 1 byte with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:1:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 2 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:2:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 7 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:7:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 8 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:8:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 9 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:9:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 15 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:15:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 16 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:16:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 17 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:17:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 31 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:31:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 32 bytes with one and zeros padding [#1]
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:32:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 32 bytes with one and zeros padding [#2]
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:33:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 47 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:47:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 48 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:48:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 49 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:49:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 0 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:0:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 1 byte with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:1:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 2 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:2:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 7 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:7:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 8 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:8:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 9 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:9:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 15 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:15:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 16 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:16:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 17 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:17:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 31 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:31:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 32 bytes with zeros and len padding [#1]
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:32:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 32 bytes with zeros and len padding [#2]
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:33:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 47 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:47:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 48 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:48:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 49 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:49:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 0 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:0:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 1 byte with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:1:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 2 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:2:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 7 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:7:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 8 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:8:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 9 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:9:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 15 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:15:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 16 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:16:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 17 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:17:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 31 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:31:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 32 bytes with zeros padding [#1]
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:32:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 32 bytes with zeros padding [#2]
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:33:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 47 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:47:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 48 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:48:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 49 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:49:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 0 bytes with no padding
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.ccm.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.ccm.data
similarity index 90%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.ccm.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.ccm.data
index 7972500..3be5098 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.ccm.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.ccm.data
@@ -479,385 +479,385 @@ depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
 auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"003B8FD8D3A937B160B6A31C1C":"A4D499F78419728C19178B0C":"4B198156393B0F7796086AAFB454F8C3F034CCA966":"945F1FCEA7E11BEE6A2F":"":"9DC9EDAE2FF5DF8636E8C6DE0EED55F7867E33337D":0
 
 AES-128-CCM test vector NIST #1 PSA (P=0, N=7, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"5a8aa485c316e9":"":"":"02209f55":"":"":1
 
 AES-128-CCM test vector NIST #2 PSA (P=0, N=7, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"3796cf51b87266":"":"":"9a04c241":"FAIL":"":1
 
 AES-128-CCM test vector NIST #3 PSA (P=0, N=7, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9":"":"":"75d582db43ce9b13ab4b6f7f14341330":"":"":1
 
 AES-128-CCM test vector NIST #4 PSA (P=0, N=7, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"3796cf51b87266":"":"":"3a65e03af37b81d05acc7ec1bc39deb0":"FAIL":"":1
 
 AES-128-CCM test vector NIST #5 PSA (P=0, N=13, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9403aff859fbb":"":"":"90156f3f":"":"":1
 
 AES-128-CCM test vector NIST #6 PSA (P=0, N=13, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"a16a2e741f1cd9717285b6d882":"":"":"88909016":"FAIL":"":1
 
 AES-128-CCM test vector NIST #7 PSA (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9403aff859fbb":"":"":"fb04dc5a44c6bb000f2440f5154364b4":"":"":1
 
 AES-128-CCM test vector NIST #8 PSA (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"a16a2e741f1cd9717285b6d882":"":"":"5447075bf42a59b91f08064738b015ab":"FAIL":"":1
 
 AES-128-CCM test vector NIST #9 PSA (P=24, N=7, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9":"":"a90e8ea44085ced791b2fdb7fd44b5cf0bd7d27718029bb7":"03e1fa6b":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1
 
 AES-128-CCM test vector NIST #10 PSA (P=24, N=7, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"31f8fa25827d48":"":"50aafe0578c115c4a8e126ff7b3ccb64dce8ccaa8ceda69f":"23e5d81c":"FAIL":"":1
 
 AES-128-CCM test vector NIST #11 PSA (P=24, N=7, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9":"":"24ab9eeb0e5508cae80074f1070ee188a637171860881f1f":"2d9a3fbc210595b7b8b1b41523111a8e":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1
 
 AES-128-CCM test vector NIST #12 PSA (P=24, N=7, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"31f8fa25827d48":"":"7ebfda6fa5da1dbffd82dc29b875798fbcef8ba0084fbd24":"63af747cc88a001fa94e060290f209c4":"FAIL":"":1
 
 AES-128-CCM test vector NIST #13 PSA (P=24, N=13, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9403aff859fbb":"":"4a550134f94455979ec4bf89ad2bd80d25a77ae94e456134":"a3e138b9":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1
 
 AES-128-CCM test vector NIST #14 PSA (P=24, N=13, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"49004912fdd7269279b1f06a89":"":"118ec53dd1bfbe52d5b9fe5dfebecf2ee674ec983eada654":"091a5ae9":"FAIL":"":1
 
 AES-128-CCM test vector NIST #15 PSA (P=24, N=13, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9403aff859fbb":"":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb":"6a9a970b9beb2ac1bd4fd62168f8378a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1
 
 AES-128-CCM test vector NIST #16 PSA (P=24, N=13, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"49004912fdd7269279b1f06a89":"":"0c56a503aa2c12e87450d45a7b714db980fd348f327c0065":"a65666144994bad0c8195bcb4ade1337":"FAIL":"":1
 
 AES-128-CCM test vector NIST #17 PSA (P=0, N=7, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"782e4318":"":"":1
 
 AES-128-CCM test vector NIST #18 PSA (P=0, N=7, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"a04f270a":"FAIL":"":1
 
 AES-128-CCM test vector NIST #19 PSA (P=0, N=7, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"41b476013f45e4a781f253a6f3b1e530":"":"":1
 
 AES-128-CCM test vector NIST #20 PSA (P=0, N=7, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"f9f018fcd125822616083fffebc4c8e6":"FAIL":"":1
 
 AES-128-CCM test vector NIST #21 PSA (P=0, N=13, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"9f69f24f":"":"":1
 
 AES-128-CCM test vector NIST #22 PSA (P=0, N=13, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"e17afaa4":"FAIL":"":1
 
 AES-128-CCM test vector NIST #23 PSA (P=0, N=13, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"1859ac36a40a6b28b34266253627797a":"":"":1
 
 AES-128-CCM test vector NIST #24 PSA (P=0, N=13, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"edf8b46eb69ac0044116019dec183072":"FAIL":"":1
 
 AES-128-CCM test vector NIST #25 PSA (P=24, N=7, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6be31860ca271ef448de8f8d8b39346daf4b81d7e92d65b3":"38f125fa":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1
 
 AES-128-CCM test vector NIST #26 PSA (P=24, N=7, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4cc57a9927a6bc401441870d3193bf89ebd163f5c01501c7":"28a66b69":"FAIL":"":1
 
 AES-128-CCM test vector NIST #27 PSA (P=24, N=7, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"b351ab96b2e45515254558d5212673ee6c776d42dbca3b51":"2cf3a20b7fd7c49e6e79bef475c2906f":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1
 
 AES-128-CCM test vector NIST #28 PSA (P=24, N=7, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"df1a5285caa41b4bb47f6e5ceceba4e82721828d68427a30":"81d18ca149d6766bfaccec88f194eb5b":"FAIL":"":1
 
 AES-128-CCM test vector NIST #29 PSA (P=24, N=13, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"934f893824e880f743d196b22d1f340a52608155087bd28a":"c25e5329":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1
 
 AES-128-CCM test vector NIST #30 PSA (P=24, N=13, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"f43ba9d834ad85dfab3f1c0c27c3441fe4e411a38a261a65":"59b3b3ee":"FAIL":"":1
 
 AES-128-CCM test vector NIST #31 PSA (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"50038b5fdd364ee747b70d00bd36840ece4ea19998123375":"c0a458bfcafa3b2609afe0f825cbf503":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1
 
 AES-128-CCM test vector NIST #32 PSA (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"78ed8ff6b5a1255d0fbd0a719a9c27b059ff5f83d0c4962c":"390042ba8bb5f6798dab01c5afad7306":"FAIL":"":1
 
 AES-192-CCM test vector NIST #1 PSA (P=0, N=7, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"5a8aa485c316e9":"":"":"9d4b7f3b":"":"":1
 
 AES-192-CCM test vector NIST #2 PSA (P=0, N=7, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"3796cf51b87266":"":"":"80745de9":"FAIL":"":1
 
 AES-192-CCM test vector NIST #3 PSA (P=0, N=7, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9":"":"":"17223038fa99d53681ca1beabe78d1b4":"":"":1
 
 AES-192-CCM test vector NIST #4 PSA (P=0, N=7, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"3796cf51b87266":"":"":"d0e1eeef4d2a264536bb1c2c1bde7c35":"FAIL":"":1
 
 AES-192-CCM test vector NIST #5 PSA (P=0, N=13, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9403aff859fbb":"":"":"fe69ed84":"":"":1
 
 AES-192-CCM test vector NIST #6 PSA (P=0, N=13, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"a16a2e741f1cd9717285b6d882":"":"":"db7ffc82":"FAIL":"":1
 
 AES-192-CCM test vector NIST #7 PSA (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9403aff859fbb":"":"":"0c66a8e547ed4f8c2c9a9a1eb5d455b9":"":"":1
 
 AES-192-CCM test vector NIST #8 PSA (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"a16a2e741f1cd9717285b6d882":"":"":"38757b3a61a4dc97ca3ab88bf1240695":"FAIL":"":1
 
 AES-192-CCM test vector NIST #9 PSA (P=24, N=7, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9":"":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"ddc93a54":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1
 
 AES-192-CCM test vector NIST #10 PSA (P=24, N=7, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"31f8fa25827d48":"":"32b649ab56162e55d4148a1292d6a225a988eb1308298273":"b6889036":"FAIL":"":1
 
 AES-192-CCM test vector NIST #11 PSA (P=24, N=7, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9":"":"cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8":"c5a5ebecf7ac8607fe412189e83d9d20":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1
 
 AES-192-CCM test vector NIST #12 PSA (P=24, N=7, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"31f8fa25827d48":"":"ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6":"e699f15f14d34dcaf9ba8ed4b877c97d":"FAIL":"":1
 
 AES-192-CCM test vector NIST #13 PSA (P=24, N=13, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9403aff859fbb":"":"042653c674ef2a90f7fb11d30848e530ae59478f1051633a":"34fad277":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1
 
 AES-192-CCM test vector NIST #14 PSA (P=24, N=13, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"49004912fdd7269279b1f06a89":"":"1902d9769a7ba3d3268e1257395c8c2e5f98eef295dcbfa5":"a35df775":"FAIL":"":1
 
 AES-192-CCM test vector NIST #15 PSA (P=24, N=13, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9403aff859fbb":"":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671e":"a7ade30a07d185692ab0ebdf4c78cf7a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1
 
 AES-192-CCM test vector NIST #16 PSA (P=24, N=13, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"49004912fdd7269279b1f06a89":"":"9a98617fb97a0dfe466be692272dcdaec1c5443a3b51312e":"f042c86363cc05afb98c66e16be8a445":"FAIL":"":1
 
 AES-192-CCM test vector NIST #17 PSA (P=0, N=7, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"1d089a5f":"":"":1
 
 AES-192-CCM test vector NIST #18 PSA (P=0, N=7, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"2f46022a":"FAIL":"":1
 
 AES-192-CCM test vector NIST #19 PSA (P=0, N=7, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"5280a2137fee3deefcfe9b63a1199fb3":"":"":1
 
 AES-192-CCM test vector NIST #20 PSA (P=0, N=7, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"d40a7318c5f2d82f838c0beeefe0d598":"FAIL":"":1
 
 AES-192-CCM test vector NIST #21 PSA (P=0, N=13, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"5e0eaebd":"":"":1
 
 AES-192-CCM test vector NIST #22 PSA (P=0, N=13, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"71b7fc33":"FAIL":"":1
 
 AES-192-CCM test vector NIST #23 PSA (P=0, N=13, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"d07ccf9fdc3d33aa94cda3d230da707c":"":"":1
 
 AES-192-CCM test vector NIST #24 PSA (P=0, N=13, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"65fe32b649dc328c9f531584897e85b3":"FAIL":"":1
 
 AES-192-CCM test vector NIST #25 PSA (P=24, N=7, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"9f6ca4af9b159148c889a6584d1183ea26e2614874b05045":"75dea8d1":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1
 
 AES-192-CCM test vector NIST #26 PSA (P=24, N=7, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"84d8212e9cfc2121252baa3b065b1edcf50497b9594db1eb":"d7965825":"FAIL":"":1
 
 AES-192-CCM test vector NIST #27 PSA (P=24, N=7, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6aab64c4787599d8f213446beadb16e08dba60e97f56dbd1":"4d1d980d6fe0fb44b421992662b97975":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1
 
 AES-192-CCM test vector NIST #28 PSA (P=24, N=7, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa20660":"3c51d36c826f01384100886198a7f6a3":"FAIL":"":1
 
 AES-192-CCM test vector NIST #29 PSA (P=24, N=13, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"16e543d0e20615ff0df15acd9927ddfe40668a54bb854ccc":"c25e9fce":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1
 
 AES-192-CCM test vector NIST #30 PSA (P=24, N=13, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"df35b109caf690656ae278bbd8f8bba687a2ce11b105dae9":"8ecedb3e":"FAIL":"":1
 
 AES-192-CCM test vector NIST #31 PSA (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"c5b0b2ef17498c5570eb335df4588032958ba3d69bf6f317":"8464a6f7fa2b76744e8e8d95691cecb8":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1
 
 AES-192-CCM test vector NIST #32 PSA (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"d1f0518929f4ae2f0543de2a7dfe4bb0110bb3057e524a1c":"06bd6dc2e6bcc3436cffb969ae900388":"FAIL":"":1
 
 AES-256-CCM test vector NIST #1 PSA (P=0, N=7, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"a544218dadd3c1":"":"":"469c90bb":"":"":1
 
 AES-256-CCM test vector NIST #2 PSA (P=0, N=7, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"d3d5424e20fbec":"":"":"46a908ed":"FAIL":"":1
 
 AES-256-CCM test vector NIST #3 PSA (P=0, N=7, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c1":"":"":"8207eb14d33855a52acceed17dbcbf6e":"":"":1
 
 AES-256-CCM test vector NIST #4 PSA (P=0, N=7, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"d3d5424e20fbec":"":"":"60f8e127cb4d30db6df0622158cd931d":"FAIL":"":1
 
 AES-256-CCM test vector NIST #5 PSA (P=0, N=13, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c10583db49cf39":"":"":"8a19a133":"":"":1
 
 AES-256-CCM test vector NIST #6 PSA (P=0, N=13, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"3c0e2815d37d844f7ac240ba9d":"":"":"2e317f1b":"FAIL":"":1
 
 AES-256-CCM test vector NIST #7 PSA (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c10583db49cf39":"":"":"97e1a8dd4259ccd2e431e057b0397fcf":"":"":1
 
 AES-256-CCM test vector NIST #8 PSA (P=0, N=13, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"3c0e2815d37d844f7ac240ba9d":"":"":"5a9596c511ea6a8671adefc4f2157d8b":"FAIL":"":1
 
 AES-256-CCM test vector NIST #9 PSA (P=24, N=7, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c1":"":"64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b7":"22aa8d59":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98":1
 
 AES-256-CCM test vector NIST #10 PSA (P=24, N=7, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"bfcda8b5a2d0d2":"":"c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a202":"77d00a75":"FAIL":"":1
 
 AES-256-CCM test vector NIST #11 PSA (P=24, N=7, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c1":"":"bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd":"374f3bb6db8377ebfc79674858c4f305":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98":1
 
 AES-256-CCM test vector NIST #12 PSA (P=24, N=7, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bfcda8b5a2d0d2":"":"afa1fa8e8a70e26b02161150556d604101fdf423f332c336":"3275f2a4907d51b734fe7238cebbd48f":"FAIL":"":1
 
 AES-256-CCM test vector NIST #13 PSA (P=24, N=13, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c10583db49cf39":"":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f412":"3d14fb3f":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":1
 
 AES-256-CCM test vector NIST #14 PSA (P=24, N=13, A=0, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"894dcaa61008eb8fb052c60d41":"":"bb5425b3869b76856ec58e39886fb6f6f2ac13fe44cb132d":"8d0c0099":"FAIL":"":1
 
 AES-256-CCM test vector NIST #15 PSA (P=24, N=13, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c10583db49cf39":"":"f0050ad16392021a3f40207bed3521fb1e9f808f49830c42":"3a578d179902f912f9ea1afbce1120b3":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":1
 
 AES-256-CCM test vector NIST #16 PSA (P=24, N=13, A=0, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"894dcaa61008eb8fb052c60d41":"":"c408190d0fbf5034f83b24a8ed9657331a7ce141de4fae76":"9084607b83bd06e6442eac8dacf583cc":"FAIL":"":1
 
 AES-256-CCM test vector NIST #17 PSA (P=0, N=7, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"92d00fbe":"":"":1
 
 AES-256-CCM test vector NIST #18 PSA (P=0, N=7, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"9143e5c4":"FAIL":"":1
 
 AES-256-CCM test vector NIST #19 PSA (P=0, N=7, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"93af11a08379eb37a16aa2837f09d69d":"":"":1
 
 AES-256-CCM test vector NIST #20 PSA (P=0, N=7, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"d19b0c14ec686a7961ca7c386d125a65":"FAIL":"":1
 
 AES-256-CCM test vector NIST #21 PSA (P=0, N=13, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"866d4227":"":"":1
 
 AES-256-CCM test vector NIST #22 PSA (P=0, N=13, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"94cb1127":"FAIL":"":1
 
 AES-256-CCM test vector NIST #23 PSA (P=0, N=13, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"867b0d87cf6e0f718200a97b4f6d5ad5":"":"":1
 
 AES-256-CCM test vector NIST #24 PSA (P=0, N=13, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"677a040d46ee3f2b7838273bdad14f16":"FAIL":"":1
 
 AES-256-CCM test vector NIST #25 PSA (P=24, N=7, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"c2fe12658139f5d0dd22cadf2e901695b579302a72fc5608":"3ebc7720":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3":1
 
 AES-256-CCM test vector NIST #26 PSA (P=24, N=7, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81":"c44db2c9":"FAIL":"":1
 
 AES-256-CCM test vector NIST #27 PSA (P=24, N=7, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce":"1ac68bd42f5ec7fa7e068cc0ecd79c2a":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3":1
 
 AES-256-CCM test vector NIST #28 PSA (P=24, N=7, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"d543acda712b898cbb27b8f598b2e4438ce587a836e27851":"47c3338a2400809e739b63ba8227d2f9":"FAIL":"":1
 
 AES-256-CCM test vector NIST #29 PSA (P=24, N=13, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69":"ef891339":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3":1
 
 AES-256-CCM test vector NIST #30 PSA (P=24, N=13, A=32, T=4)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f6":"3d488623":"FAIL":"":1
 
 AES-256-CCM test vector NIST #31 PSA (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"8d34cdca37ce77be68f65baf3382e31efa693e63f914a781":"367f30f2eaad8c063ca50795acd90203":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3":1
 
 AES-256-CCM test vector NIST #32 PSA (P=24, N=13, A=32, T=16)
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"516c0095cc3d85fd55e48da17c592e0c7014b9daafb82bdc":"4b41096dfdbe9cc1ab610f8f3e038d16":"FAIL":"":1
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.chacha20.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.chacha20.data
similarity index 84%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.chacha20.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.chacha20.data
index 11de103..11bbfa2 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.chacha20.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.chacha20.data
@@ -1,3 +1,7 @@
+Decrypt empty buffer
+depends_on:MBEDTLS_CHACHAPOLY_C
+dec_empty_buf:MBEDTLS_CIPHER_CHACHA20:0:0
+
 Chacha20 RFC 7539 Test Vector #1
 depends_on:MBEDTLS_CHACHA20_C
 decrypt_test_vec:MBEDTLS_CIPHER_CHACHA20:-1:"0000000000000000000000000000000000000000000000000000000000000000":"000000000000000000000000":"76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"":"":0:0
@@ -109,3 +113,23 @@ enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20:256:6:16:-1:6:16:6:16
 ChaCha20 Encrypt and decrypt 32 bytes in multiple parts
 depends_on:MBEDTLS_CHACHA20_C
 enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20:256:16:16:-1:16:16:16:16
+
+ChaCha20 IV Length 0
+depends_on:MBEDTLS_CHACHA20_C
+iv_len_validity:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":0:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+ChaCha20 IV Length 11
+depends_on:MBEDTLS_CHACHA20_C
+iv_len_validity:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":11:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+ChaCha20 IV Length 12
+depends_on:MBEDTLS_CHACHA20_C
+iv_len_validity:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":12:0
+
+ChaCha20 IV Length 13
+depends_on:MBEDTLS_CHACHA20_C
+iv_len_validity:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":13:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+ChaCha20 IV Length 16
+depends_on:MBEDTLS_CHACHA20_C
+iv_len_validity:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":16:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.chachapoly.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.chachapoly.data
similarity index 90%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.chachapoly.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.chachapoly.data
index 8c246ad..df78917 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.chachapoly.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.chachapoly.data
@@ -121,3 +121,23 @@ auth_crypt_tv:MBEDTLS_CIPHER_CHACHA20_POLY1305:"1c9240a5eb55d38af333888604f6b5f0
 Chacha20+Poly1305 RFC 7539 Test Vector #1 (streaming)
 depends_on:MBEDTLS_CHACHAPOLY_C
 decrypt_test_vec:MBEDTLS_CIPHER_CHACHA20_POLY1305:-1:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000102030405060708":"64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b":"496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67726573732e2fe2809d":"f33388860000000000004e91":"eead9d67890cbb22392336fea1851f38":0:0
+
+ChaCha20+Poly1305 IV Length 0
+depends_on:MBEDTLS_CHACHAPOLY_C
+iv_len_validity:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":0:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+ChaCha20+Poly1305 IV Length 11
+depends_on:MBEDTLS_CHACHAPOLY_C
+iv_len_validity:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":11:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+ChaCha20+Poly1305 IV Length 12
+depends_on:MBEDTLS_CHACHAPOLY_C
+iv_len_validity:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":12:0
+
+ChaCha20+Poly1305 IV Length 13
+depends_on:MBEDTLS_CHACHAPOLY_C
+iv_len_validity:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":13:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+ChaCha20+Poly1305 IV Length 16
+depends_on:MBEDTLS_CHACHAPOLY_C
+iv_len_validity:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":16:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.des.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.des.data
similarity index 93%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.des.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.des.data
index 9410262..77f7515 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.des.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.des.data
@@ -71,243 +71,243 @@ depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:49:-1
 
 DES Encrypt and decrypt 0 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:0:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 1 byte with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:1:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 2 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:2:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 7 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:7:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 8 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:8:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 9 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:9:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 15 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:15:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 16 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:16:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 17 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:17:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 31 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:31:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 32 bytes with one and zeros padding [#1]
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:32:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 32 bytes with one and zeros padding [#2]
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:33:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 47 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:47:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 48 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:48:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 49 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:49:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 0 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:0:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 1 byte with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:1:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 2 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:2:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 7 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:7:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 8 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:8:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 9 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:9:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 15 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:15:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 16 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:16:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 17 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:17:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 31 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:31:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 32 bytes with zeros and len padding [#1]
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:32:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 32 bytes with zeros and len padding [#2]
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:33:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 47 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:47:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 48 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:48:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 49 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:49:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 0 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:0:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 1 byte with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:1:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 2 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:2:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 7 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:7:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 8 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:8:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 9 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:9:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 15 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:15:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 16 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:16:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 17 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:17:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 31 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:31:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 32 bytes with zeros padding [#1]
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:32:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 32 bytes with zeros padding [#2]
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:33:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 47 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:47:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 48 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:48:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 49 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:49:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 0 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:0:MBEDTLS_PADDING_NONE
 
 DES Encrypt and decrypt 8 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:8:MBEDTLS_PADDING_NONE
 
 DES Encrypt and decrypt 16 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:16:MBEDTLS_PADDING_NONE
 
 DES Encrypt and decrypt 32 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:32:MBEDTLS_PADDING_NONE
 
 DES Encrypt and decrypt 48 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:48:MBEDTLS_PADDING_NONE
 
 DES Try encrypting 1 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:1:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 DES Try encrypting 2 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:2:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 DES Try encrypting 7 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:7:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 DES Try encrypting 9 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:9:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 DES Try encrypting 15 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:15:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 DES Try encrypting 17 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:17:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 DES Try encrypting 31 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:31:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 DES Try encrypting 33 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:33:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 DES Try encrypting 47 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:47:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 DES Try encrypting 49 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:49:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 DES Encrypt and decrypt 0 bytes in multiple parts
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.function
new file mode 100644
index 0000000..9235e3d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.function
@@ -0,0 +1,1633 @@
+/* BEGIN_HEADER */
+#include "mbedtls/cipher.h"
+#include "mbedtls/aes.h"
+
+#if defined(MBEDTLS_GCM_C)
+#include "mbedtls/gcm.h"
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
+#define MBEDTLS_CIPHER_AUTH_CRYPT
+#endif
+
+#if defined(MBEDTLS_CIPHER_AUTH_CRYPT)
+/* Helper for resetting key/direction
+ *
+ * The documentation doesn't explicitly say whether calling
+ * mbedtls_cipher_setkey() twice is allowed or not. This currently works with
+ * the default software implementation, but only by accident. It isn't
+ * guaranteed to work with new ciphers or with alternative implementations of
+ * individual ciphers, and it doesn't work with the PSA wrappers. So don't do
+ * it, and instead start with a fresh context.
+ */
+static int cipher_reset_key(mbedtls_cipher_context_t *ctx, int cipher_id,
+                            int use_psa, size_t tag_len, const data_t *key, int direction)
+{
+    mbedtls_cipher_free(ctx);
+    mbedtls_cipher_init(ctx);
+
+#if !defined(MBEDTLS_USE_PSA_CRYPTO)
+    (void) use_psa;
+    (void) tag_len;
+#else
+    if (use_psa == 1) {
+        TEST_ASSERT(0 == mbedtls_cipher_setup_psa(ctx,
+                                                  mbedtls_cipher_info_from_type(cipher_id),
+                                                  tag_len));
+    } else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    {
+        TEST_ASSERT(0 == mbedtls_cipher_setup(ctx,
+                                              mbedtls_cipher_info_from_type(cipher_id)));
+    }
+
+    TEST_ASSERT(0 == mbedtls_cipher_setkey(ctx, key->x, 8 * key->len,
+                                           direction));
+    return 1;
+
+exit:
+    return 0;
+}
+
+/*
+ * Check if a buffer is all-0 bytes:
+ * return   1 if it is,
+ *          0 if it isn't.
+ */
+int buffer_is_all_zero(const uint8_t *buf, size_t size)
+{
+    for (size_t i = 0; i < size; i++) {
+        if (buf[i] != 0) {
+            return 0;
+        }
+    }
+    return 1;
+}
+#endif /* MBEDTLS_CIPHER_AUTH_CRYPT */
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_CIPHER_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void mbedtls_cipher_list()
+{
+    const int *cipher_type;
+
+    for (cipher_type = mbedtls_cipher_list(); *cipher_type != 0; cipher_type++) {
+        TEST_ASSERT(mbedtls_cipher_info_from_type(*cipher_type) != NULL);
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_invalid_param_unconditional()
+{
+    mbedtls_cipher_context_t valid_ctx;
+    mbedtls_cipher_context_t invalid_ctx;
+    mbedtls_operation_t valid_operation = MBEDTLS_ENCRYPT;
+    mbedtls_cipher_padding_t valid_mode = MBEDTLS_PADDING_ZEROS;
+    unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 };
+    int valid_size = sizeof(valid_buffer);
+    int valid_bitlen = valid_size * 8;
+    const mbedtls_cipher_info_t *valid_info = mbedtls_cipher_info_from_type(
+        *(mbedtls_cipher_list()));
+    size_t size_t_var;
+
+    (void) valid_mode; /* In some configurations this is unused */
+
+    mbedtls_cipher_init(&valid_ctx);
+    mbedtls_cipher_init(&invalid_ctx);
+
+    TEST_ASSERT(mbedtls_cipher_setup(&valid_ctx, valid_info) == 0);
+
+    /* mbedtls_cipher_setup() */
+    TEST_ASSERT(mbedtls_cipher_setup(&valid_ctx, NULL) ==
+                MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+    /* mbedtls_cipher_get_block_size() */
+    TEST_ASSERT(mbedtls_cipher_get_block_size(&invalid_ctx) == 0);
+
+    /* mbedtls_cipher_get_cipher_mode() */
+    TEST_ASSERT(mbedtls_cipher_get_cipher_mode(&invalid_ctx) ==
+                MBEDTLS_MODE_NONE);
+
+    /* mbedtls_cipher_get_iv_size() */
+    TEST_ASSERT(mbedtls_cipher_get_iv_size(&invalid_ctx) == 0);
+
+    /* mbedtls_cipher_get_type() */
+    TEST_ASSERT(
+        mbedtls_cipher_get_type(&invalid_ctx) ==
+        MBEDTLS_CIPHER_NONE);
+
+    /* mbedtls_cipher_get_name() */
+    TEST_ASSERT(mbedtls_cipher_get_name(&invalid_ctx) == 0);
+
+    /* mbedtls_cipher_get_key_bitlen() */
+    TEST_ASSERT(mbedtls_cipher_get_key_bitlen(&invalid_ctx) ==
+                MBEDTLS_KEY_LENGTH_NONE);
+
+    /* mbedtls_cipher_get_operation() */
+    TEST_ASSERT(mbedtls_cipher_get_operation(&invalid_ctx) ==
+                MBEDTLS_OPERATION_NONE);
+
+    /* mbedtls_cipher_setkey() */
+    TEST_ASSERT(
+        mbedtls_cipher_setkey(&invalid_ctx,
+                              valid_buffer,
+                              valid_bitlen,
+                              valid_operation) ==
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+    /* mbedtls_cipher_set_iv() */
+    TEST_ASSERT(
+        mbedtls_cipher_set_iv(&invalid_ctx,
+                              valid_buffer,
+                              valid_size) ==
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+    /* mbedtls_cipher_reset() */
+    TEST_ASSERT(mbedtls_cipher_reset(&invalid_ctx) ==
+                MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+    /* mbedtls_cipher_update_ad() */
+    TEST_ASSERT(
+        mbedtls_cipher_update_ad(&invalid_ctx,
+                                 valid_buffer,
+                                 valid_size) ==
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+    /* mbedtls_cipher_set_padding_mode() */
+    TEST_ASSERT(mbedtls_cipher_set_padding_mode(&invalid_ctx, valid_mode) ==
+                MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+#endif
+
+    /* mbedtls_cipher_update() */
+    TEST_ASSERT(
+        mbedtls_cipher_update(&invalid_ctx,
+                              valid_buffer,
+                              valid_size,
+                              valid_buffer,
+                              &size_t_var) ==
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+    /* mbedtls_cipher_finish() */
+    TEST_ASSERT(
+        mbedtls_cipher_finish(&invalid_ctx,
+                              valid_buffer,
+                              &size_t_var) ==
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+    /* mbedtls_cipher_write_tag() */
+    TEST_ASSERT(
+        mbedtls_cipher_write_tag(&invalid_ctx,
+                                 valid_buffer,
+                                 valid_size) ==
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+    /* mbedtls_cipher_check_tag() */
+    TEST_ASSERT(
+        mbedtls_cipher_check_tag(&invalid_ctx,
+                                 valid_buffer,
+                                 valid_size) ==
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
+
+exit:
+    mbedtls_cipher_free(&invalid_ctx);
+    mbedtls_cipher_free(&valid_ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void cipher_invalid_param_conditional()
+{
+    mbedtls_cipher_context_t valid_ctx;
+
+    mbedtls_operation_t valid_operation = MBEDTLS_ENCRYPT;
+    mbedtls_operation_t invalid_operation = 100;
+    mbedtls_cipher_padding_t valid_mode = MBEDTLS_PADDING_ZEROS;
+    unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 };
+    int valid_size = sizeof(valid_buffer);
+    int valid_bitlen = valid_size * 8;
+    const mbedtls_cipher_info_t *valid_info = mbedtls_cipher_info_from_type(
+        *(mbedtls_cipher_list()));
+
+    size_t size_t_var;
+
+    (void) valid_mode; /* In some configurations this is unused */
+
+    /* mbedtls_cipher_init() */
+    TEST_VALID_PARAM(mbedtls_cipher_init(&valid_ctx));
+    TEST_INVALID_PARAM(mbedtls_cipher_init(NULL));
+
+    /* mbedtls_cipher_setup() */
+    TEST_VALID_PARAM(mbedtls_cipher_setup(&valid_ctx, valid_info));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_setup(NULL, valid_info));
+
+    /* mbedtls_cipher_get_block_size() */
+    TEST_INVALID_PARAM_RET(0, mbedtls_cipher_get_block_size(NULL));
+
+    /* mbedtls_cipher_get_cipher_mode() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_MODE_NONE,
+        mbedtls_cipher_get_cipher_mode(NULL));
+
+    /* mbedtls_cipher_get_iv_size() */
+    TEST_INVALID_PARAM_RET(0, mbedtls_cipher_get_iv_size(NULL));
+
+    /* mbedtls_cipher_get_type() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_CIPHER_NONE,
+        mbedtls_cipher_get_type(NULL));
+
+    /* mbedtls_cipher_get_name() */
+    TEST_INVALID_PARAM_RET(0, mbedtls_cipher_get_name(NULL));
+
+    /* mbedtls_cipher_get_key_bitlen() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_KEY_LENGTH_NONE,
+        mbedtls_cipher_get_key_bitlen(NULL));
+
+    /* mbedtls_cipher_get_operation() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_OPERATION_NONE,
+        mbedtls_cipher_get_operation(NULL));
+
+    /* mbedtls_cipher_setkey() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_setkey(NULL,
+                              valid_buffer,
+                              valid_bitlen,
+                              valid_operation));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_setkey(&valid_ctx,
+                              NULL,
+                              valid_bitlen,
+                              valid_operation));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_setkey(&valid_ctx,
+                              valid_buffer,
+                              valid_bitlen,
+                              invalid_operation));
+
+    /* mbedtls_cipher_set_iv() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_set_iv(NULL,
+                              valid_buffer,
+                              valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_set_iv(&valid_ctx,
+                              NULL,
+                              valid_size));
+
+    /* mbedtls_cipher_reset() */
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+                           mbedtls_cipher_reset(NULL));
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+    /* mbedtls_cipher_update_ad() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_update_ad(NULL,
+                                 valid_buffer,
+                                 valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_update_ad(&valid_ctx,
+                                 NULL,
+                                 valid_size));
+#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+    /* mbedtls_cipher_set_padding_mode() */
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+                           mbedtls_cipher_set_padding_mode(NULL, valid_mode));
+#endif
+
+    /* mbedtls_cipher_update() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_update(NULL,
+                              valid_buffer,
+                              valid_size,
+                              valid_buffer,
+                              &size_t_var));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_update(&valid_ctx,
+                              NULL, valid_size,
+                              valid_buffer,
+                              &size_t_var));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_update(&valid_ctx,
+                              valid_buffer, valid_size,
+                              NULL,
+                              &size_t_var));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_update(&valid_ctx,
+                              valid_buffer, valid_size,
+                              valid_buffer,
+                              NULL));
+
+    /* mbedtls_cipher_finish() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_finish(NULL,
+                              valid_buffer,
+                              &size_t_var));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_finish(&valid_ctx,
+                              NULL,
+                              &size_t_var));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_finish(&valid_ctx,
+                              valid_buffer,
+                              NULL));
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+    /* mbedtls_cipher_write_tag() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_write_tag(NULL,
+                                 valid_buffer,
+                                 valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_write_tag(&valid_ctx,
+                                 NULL,
+                                 valid_size));
+
+    /* mbedtls_cipher_check_tag() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_check_tag(NULL,
+                                 valid_buffer,
+                                 valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_check_tag(&valid_ctx,
+                                 NULL,
+                                 valid_size));
+#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
+
+    /* mbedtls_cipher_crypt() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_crypt(NULL,
+                             valid_buffer, valid_size,
+                             valid_buffer, valid_size,
+                             valid_buffer, &size_t_var));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_crypt(&valid_ctx,
+                             NULL, valid_size,
+                             valid_buffer, valid_size,
+                             valid_buffer, &size_t_var));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_crypt(&valid_ctx,
+                             valid_buffer, valid_size,
+                             NULL, valid_size,
+                             valid_buffer, &size_t_var));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_crypt(&valid_ctx,
+                             valid_buffer, valid_size,
+                             valid_buffer, valid_size,
+                             NULL, &size_t_var));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_crypt(&valid_ctx,
+                             valid_buffer, valid_size,
+                             valid_buffer, valid_size,
+                             valid_buffer, NULL));
+
+#if defined(MBEDTLS_CIPHER_MODE_AEAD)
+    /* mbedtls_cipher_auth_encrypt() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_encrypt(NULL,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, &size_t_var,
+                                    valid_buffer, valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_encrypt(&valid_ctx,
+                                    NULL, valid_size,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, &size_t_var,
+                                    valid_buffer, valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_encrypt(&valid_ctx,
+                                    valid_buffer, valid_size,
+                                    NULL, valid_size,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, &size_t_var,
+                                    valid_buffer, valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_encrypt(&valid_ctx,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, valid_size,
+                                    NULL, valid_size,
+                                    valid_buffer, &size_t_var,
+                                    valid_buffer, valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_encrypt(&valid_ctx,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, valid_size,
+                                    NULL, &size_t_var,
+                                    valid_buffer, valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_encrypt(&valid_ctx,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, NULL,
+                                    valid_buffer, valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_encrypt(&valid_ctx,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, &size_t_var,
+                                    NULL, valid_size));
+
+    /* mbedtls_cipher_auth_decrypt() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_decrypt(NULL,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, &size_t_var,
+                                    valid_buffer, valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_decrypt(&valid_ctx,
+                                    NULL, valid_size,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, &size_t_var,
+                                    valid_buffer, valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_decrypt(&valid_ctx,
+                                    valid_buffer, valid_size,
+                                    NULL, valid_size,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, &size_t_var,
+                                    valid_buffer, valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_decrypt(&valid_ctx,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, valid_size,
+                                    NULL, valid_size,
+                                    valid_buffer, &size_t_var,
+                                    valid_buffer, valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_decrypt(&valid_ctx,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, valid_size,
+                                    NULL, &size_t_var,
+                                    valid_buffer, valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_decrypt(&valid_ctx,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, NULL,
+                                    valid_buffer, valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_decrypt(&valid_ctx,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, valid_size,
+                                    valid_buffer, &size_t_var,
+                                    NULL, valid_size));
+#endif /* defined(MBEDTLS_CIPHER_MODE_AEAD) */
+
+#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
+    /* mbedtls_cipher_auth_encrypt_ext */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_encrypt_ext(NULL,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size, &size_t_var,
+                                        valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_encrypt_ext(&valid_ctx,
+                                        NULL, valid_size,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size, &size_t_var,
+                                        valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_encrypt_ext(&valid_ctx,
+                                        valid_buffer, valid_size,
+                                        NULL, valid_size,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size, &size_t_var,
+                                        valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_encrypt_ext(&valid_ctx,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size,
+                                        NULL, valid_size,
+                                        valid_buffer, valid_size, &size_t_var,
+                                        valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_encrypt_ext(&valid_ctx,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size,
+                                        NULL, valid_size, &size_t_var,
+                                        valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_encrypt_ext(&valid_ctx,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size, NULL,
+                                        valid_size));
+
+    /* mbedtls_cipher_auth_decrypt_ext */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_decrypt_ext(NULL,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size, &size_t_var,
+                                        valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_decrypt_ext(&valid_ctx,
+                                        NULL, valid_size,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size, &size_t_var,
+                                        valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_decrypt_ext(&valid_ctx,
+                                        valid_buffer, valid_size,
+                                        NULL, valid_size,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size, &size_t_var,
+                                        valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_decrypt_ext(&valid_ctx,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size,
+                                        NULL, valid_size,
+                                        valid_buffer, valid_size, &size_t_var,
+                                        valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_decrypt_ext(&valid_ctx,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size,
+                                        NULL, valid_size, &size_t_var,
+                                        valid_size));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_auth_decrypt_ext(&valid_ctx,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size,
+                                        valid_buffer, valid_size, NULL,
+                                        valid_size));
+#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */
+
+    /* mbedtls_cipher_free() */
+    TEST_VALID_PARAM(mbedtls_cipher_free(NULL));
+exit:
+    TEST_VALID_PARAM(mbedtls_cipher_free(&valid_ctx));
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
+void cipher_special_behaviours()
+{
+    const mbedtls_cipher_info_t *cipher_info;
+    mbedtls_cipher_context_t ctx;
+    unsigned char input[32];
+    unsigned char output[32];
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    unsigned char iv[32];
+#endif
+    size_t olen = 0;
+
+    mbedtls_cipher_init(&ctx);
+    memset(input, 0, sizeof(input));
+    memset(output, 0, sizeof(output));
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    memset(iv, 0, sizeof(iv));
+
+    /* Check and get info structures */
+    cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_CBC);
+    TEST_ASSERT(NULL != cipher_info);
+
+    TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx, cipher_info));
+
+    /* IV too big */
+    TEST_ASSERT(mbedtls_cipher_set_iv(&ctx, iv, MBEDTLS_MAX_IV_LENGTH + 1)
+                == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE);
+
+    /* IV too small */
+    TEST_ASSERT(mbedtls_cipher_set_iv(&ctx, iv, 0)
+                == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+    mbedtls_cipher_free(&ctx);
+    mbedtls_cipher_init(&ctx);
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+    cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_ECB);
+    TEST_ASSERT(NULL != cipher_info);
+
+    TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx, cipher_info));
+
+    /* Update ECB with partial block */
+    TEST_ASSERT(mbedtls_cipher_update(&ctx, input, 1, output, &olen)
+                == MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED);
+
+exit:
+    mbedtls_cipher_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void enc_dec_buf(int cipher_id, char *cipher_string, int key_len,
+                 int length_val, int pad_mode)
+{
+    size_t length = length_val, outlen, total_len, i, block_size, iv_len;
+    unsigned char key[64];
+    unsigned char iv[16];
+    unsigned char ad[13];
+    unsigned char tag[16];
+    unsigned char inbuf[64];
+    unsigned char encbuf[64];
+    unsigned char decbuf[64];
+
+    const mbedtls_cipher_info_t *cipher_info;
+    mbedtls_cipher_context_t ctx_dec;
+    mbedtls_cipher_context_t ctx_enc;
+
+    /*
+     * Prepare contexts
+     */
+    mbedtls_cipher_init(&ctx_dec);
+    mbedtls_cipher_init(&ctx_enc);
+
+    memset(key, 0x2a, sizeof(key));
+
+    /* Check and get info structures */
+    cipher_info = mbedtls_cipher_info_from_type(cipher_id);
+    TEST_ASSERT(NULL != cipher_info);
+    TEST_ASSERT(mbedtls_cipher_info_from_string(cipher_string) == cipher_info);
+
+    /* Initialise enc and dec contexts */
+    TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_dec, cipher_info));
+    TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_enc, cipher_info));
+
+    TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx_dec, key, key_len, MBEDTLS_DECRYPT));
+    TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx_enc, key, key_len, MBEDTLS_ENCRYPT));
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+    if (-1 != pad_mode) {
+        TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx_dec, pad_mode));
+        TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx_enc, pad_mode));
+    }
+#else
+    (void) pad_mode;
+#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
+
+    /*
+     * Do a few encode/decode cycles
+     */
+    for (i = 0; i < 3; i++) {
+        memset(iv, 0x00 + i, sizeof(iv));
+        memset(ad, 0x10 + i, sizeof(ad));
+        memset(inbuf, 0x20 + i, sizeof(inbuf));
+
+        memset(encbuf, 0, sizeof(encbuf));
+        memset(decbuf, 0, sizeof(decbuf));
+        memset(tag, 0, sizeof(tag));
+
+        if (cipher_info->type == MBEDTLS_CIPHER_CHACHA20 ||
+            cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305) {
+            iv_len = 12;
+        } else {
+            iv_len = sizeof(iv);
+        }
+
+        TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx_dec, iv, iv_len));
+        TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx_enc, iv, iv_len));
+
+        TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx_dec));
+        TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx_enc));
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+        TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx_dec, ad, sizeof(ad) - i));
+        TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx_enc, ad, sizeof(ad) - i));
+#endif
+
+        block_size = mbedtls_cipher_get_block_size(&ctx_enc);
+        TEST_ASSERT(block_size != 0);
+
+        /* encode length number of bytes from inbuf */
+        TEST_ASSERT(0 == mbedtls_cipher_update(&ctx_enc, inbuf, length, encbuf, &outlen));
+        total_len = outlen;
+
+        TEST_ASSERT(total_len == length ||
+                    (total_len % block_size == 0 &&
+                     total_len < length &&
+                     total_len + block_size > length));
+
+        TEST_ASSERT(0 == mbedtls_cipher_finish(&ctx_enc, encbuf + outlen, &outlen));
+        total_len += outlen;
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+        TEST_ASSERT(0 == mbedtls_cipher_write_tag(&ctx_enc, tag, sizeof(tag)));
+#endif
+
+        TEST_ASSERT(total_len == length ||
+                    (total_len % block_size == 0 &&
+                     total_len > length &&
+                     total_len <= length + block_size));
+
+        /* decode the previously encoded string */
+        TEST_ASSERT(0 == mbedtls_cipher_update(&ctx_dec, encbuf, total_len, decbuf, &outlen));
+        total_len = outlen;
+
+        TEST_ASSERT(total_len == length ||
+                    (total_len % block_size == 0 &&
+                     total_len < length &&
+                     total_len + block_size >= length));
+
+        TEST_ASSERT(0 == mbedtls_cipher_finish(&ctx_dec, decbuf + outlen, &outlen));
+        total_len += outlen;
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+        TEST_ASSERT(0 == mbedtls_cipher_check_tag(&ctx_dec, tag, sizeof(tag)));
+#endif
+
+        /* check result */
+        TEST_ASSERT(total_len == length);
+        TEST_ASSERT(0 == memcmp(inbuf, decbuf, length));
+    }
+
+    /*
+     * Done
+     */
+exit:
+    mbedtls_cipher_free(&ctx_dec);
+    mbedtls_cipher_free(&ctx_enc);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void enc_fail(int cipher_id, int pad_mode, int key_len, int length_val,
+              int ret)
+{
+    size_t length = length_val;
+    unsigned char key[32];
+    unsigned char iv[16];
+
+    const mbedtls_cipher_info_t *cipher_info;
+    mbedtls_cipher_context_t ctx;
+
+    unsigned char inbuf[64];
+    unsigned char encbuf[64];
+
+    size_t outlen = 0;
+
+    memset(key, 0, 32);
+    memset(iv, 0, 16);
+
+    mbedtls_cipher_init(&ctx);
+
+    memset(inbuf, 5, 64);
+    memset(encbuf, 0, 64);
+
+    /* Check and get info structures */
+    cipher_info = mbedtls_cipher_info_from_type(cipher_id);
+    TEST_ASSERT(NULL != cipher_info);
+
+    /* Initialise context */
+    TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx, cipher_info));
+    TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx, key, key_len, MBEDTLS_ENCRYPT));
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+    TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx, pad_mode));
+#else
+    (void) pad_mode;
+#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
+    TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx, iv, 16));
+    TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx));
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+    TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx, NULL, 0));
+#endif
+
+    /* encode length number of bytes from inbuf */
+    TEST_ASSERT(0 == mbedtls_cipher_update(&ctx, inbuf, length, encbuf, &outlen));
+    TEST_ASSERT(ret == mbedtls_cipher_finish(&ctx, encbuf + outlen, &outlen));
+
+    /* done */
+exit:
+    mbedtls_cipher_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void dec_empty_buf(int cipher,
+                   int expected_update_ret,
+                   int expected_finish_ret)
+{
+    unsigned char key[32];
+    unsigned char iv[16];
+    size_t iv_len = sizeof(iv);
+
+    mbedtls_cipher_context_t ctx_dec;
+    const mbedtls_cipher_info_t *cipher_info;
+
+    unsigned char encbuf[64];
+    unsigned char decbuf[64];
+
+    size_t outlen = 0;
+
+    memset(key, 0, 32);
+    memset(iv, 0, 16);
+
+    mbedtls_cipher_init(&ctx_dec);
+
+    memset(encbuf, 0, 64);
+    memset(decbuf, 0, 64);
+
+    /* Initialise context */
+    cipher_info = mbedtls_cipher_info_from_type(cipher);
+    TEST_ASSERT(NULL != cipher_info);
+
+    if (cipher_info->type == MBEDTLS_CIPHER_CHACHA20 ||
+        cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305) {
+        iv_len = 12;
+    }
+
+    TEST_ASSERT(sizeof(key) * 8 >= cipher_info->key_bitlen);
+
+    TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_dec, cipher_info));
+
+    TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx_dec,
+                                           key, cipher_info->key_bitlen,
+                                           MBEDTLS_DECRYPT));
+
+    TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx_dec, iv, iv_len));
+
+    TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx_dec));
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+    TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx_dec, NULL, 0));
+#endif
+
+    /* decode 0-byte string */
+    TEST_ASSERT(expected_update_ret ==
+                mbedtls_cipher_update(&ctx_dec, encbuf, 0, decbuf, &outlen));
+    TEST_ASSERT(0 == outlen);
+
+    if (expected_finish_ret == 0 &&
+        (cipher_info->mode == MBEDTLS_MODE_CBC ||
+         cipher_info->mode == MBEDTLS_MODE_ECB)) {
+        /* Non-CBC and non-ECB ciphers are OK with decrypting empty buffers and
+         * return success, not MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED, when
+         * decrypting an empty buffer.
+         * On the other hand, CBC and ECB ciphers need a full block of input.
+         */
+        expected_finish_ret = MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED;
+    }
+
+    TEST_ASSERT(expected_finish_ret == mbedtls_cipher_finish(
+                    &ctx_dec, decbuf + outlen, &outlen));
+    TEST_ASSERT(0 == outlen);
+
+exit:
+    mbedtls_cipher_free(&ctx_dec);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void enc_dec_buf_multipart(int cipher_id, int key_len, int first_length_val,
+                           int second_length_val, int pad_mode,
+                           int first_encrypt_output_len, int second_encrypt_output_len,
+                           int first_decrypt_output_len, int second_decrypt_output_len)
+{
+    size_t first_length = first_length_val;
+    size_t second_length = second_length_val;
+    size_t length = first_length + second_length;
+    size_t block_size, iv_len;
+    unsigned char key[32];
+    unsigned char iv[16];
+
+    mbedtls_cipher_context_t ctx_dec;
+    mbedtls_cipher_context_t ctx_enc;
+    const mbedtls_cipher_info_t *cipher_info;
+
+    unsigned char inbuf[64];
+    unsigned char encbuf[64];
+    unsigned char decbuf[64];
+
+    size_t outlen = 0;
+    size_t totaloutlen = 0;
+
+    memset(key, 0, 32);
+    memset(iv, 0, 16);
+
+    mbedtls_cipher_init(&ctx_dec);
+    mbedtls_cipher_init(&ctx_enc);
+
+    memset(inbuf, 5, 64);
+    memset(encbuf, 0, 64);
+    memset(decbuf, 0, 64);
+
+    /* Initialise enc and dec contexts */
+    cipher_info = mbedtls_cipher_info_from_type(cipher_id);
+    TEST_ASSERT(NULL != cipher_info);
+
+    TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_dec, cipher_info));
+    TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_enc, cipher_info));
+
+    TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx_dec, key, key_len, MBEDTLS_DECRYPT));
+    TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx_enc, key, key_len, MBEDTLS_ENCRYPT));
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+    if (-1 != pad_mode) {
+        TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx_dec, pad_mode));
+        TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx_enc, pad_mode));
+    }
+#else
+    (void) pad_mode;
+#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
+
+    if (cipher_info->type == MBEDTLS_CIPHER_CHACHA20 ||
+        cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305) {
+        iv_len = 12;
+    } else {
+        iv_len = sizeof(iv);
+    }
+
+    TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx_dec, iv, iv_len));
+    TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx_enc, iv, iv_len));
+
+    TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx_dec));
+    TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx_enc));
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+    TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx_dec, NULL, 0));
+    TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx_enc, NULL, 0));
+#endif
+
+    block_size = mbedtls_cipher_get_block_size(&ctx_enc);
+    TEST_ASSERT(block_size != 0);
+
+    /* encode length number of bytes from inbuf */
+    TEST_ASSERT(0 == mbedtls_cipher_update(&ctx_enc, inbuf, first_length, encbuf, &outlen));
+    TEST_ASSERT((size_t) first_encrypt_output_len == outlen);
+    totaloutlen = outlen;
+    TEST_ASSERT(0 ==
+                mbedtls_cipher_update(&ctx_enc, inbuf + first_length, second_length,
+                                      encbuf + totaloutlen,
+                                      &outlen));
+    TEST_ASSERT((size_t) second_encrypt_output_len == outlen);
+    totaloutlen += outlen;
+    TEST_ASSERT(totaloutlen == length ||
+                (totaloutlen % block_size == 0 &&
+                 totaloutlen < length &&
+                 totaloutlen + block_size > length));
+
+    TEST_ASSERT(0 == mbedtls_cipher_finish(&ctx_enc, encbuf + totaloutlen, &outlen));
+    totaloutlen += outlen;
+    TEST_ASSERT(totaloutlen == length ||
+                (totaloutlen % block_size == 0 &&
+                 totaloutlen > length &&
+                 totaloutlen <= length + block_size));
+
+    /* decode the previously encoded string */
+    second_length = totaloutlen - first_length;
+    TEST_ASSERT(0 == mbedtls_cipher_update(&ctx_dec, encbuf, first_length, decbuf, &outlen));
+    TEST_ASSERT((size_t) first_decrypt_output_len == outlen);
+    totaloutlen = outlen;
+    TEST_ASSERT(0 ==
+                mbedtls_cipher_update(&ctx_dec, encbuf + first_length, second_length,
+                                      decbuf + totaloutlen,
+                                      &outlen));
+    TEST_ASSERT((size_t) second_decrypt_output_len == outlen);
+    totaloutlen += outlen;
+
+    TEST_ASSERT(totaloutlen == length ||
+                (totaloutlen % block_size == 0 &&
+                 totaloutlen < length &&
+                 totaloutlen + block_size >= length));
+
+    TEST_ASSERT(0 == mbedtls_cipher_finish(&ctx_dec, decbuf + totaloutlen, &outlen));
+    totaloutlen += outlen;
+
+    TEST_ASSERT(totaloutlen == length);
+
+    TEST_ASSERT(0 == memcmp(inbuf, decbuf, length));
+
+exit:
+    mbedtls_cipher_free(&ctx_dec);
+    mbedtls_cipher_free(&ctx_enc);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void decrypt_test_vec(int cipher_id, int pad_mode, data_t *key,
+                      data_t *iv, data_t *cipher,
+                      data_t *clear, data_t *ad, data_t *tag,
+                      int finish_result, int tag_result)
+{
+    unsigned char output[265];
+    mbedtls_cipher_context_t ctx;
+    size_t outlen, total_len;
+
+    mbedtls_cipher_init(&ctx);
+
+    memset(output, 0x00, sizeof(output));
+
+#if !defined(MBEDTLS_GCM_C) && !defined(MBEDTLS_CHACHAPOLY_C)
+    ((void) ad);
+    ((void) tag);
+#endif
+
+    /* Prepare context */
+    TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx,
+                                          mbedtls_cipher_info_from_type(cipher_id)));
+    TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx, key->x, 8 * key->len, MBEDTLS_DECRYPT));
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+    if (pad_mode != -1) {
+        TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx, pad_mode));
+    }
+#else
+    (void) pad_mode;
+#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
+    TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx, iv->x, iv->len));
+    TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx));
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+    TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx, ad->x, ad->len));
+#endif
+
+    /* decode buffer and check tag->x */
+    total_len = 0;
+    TEST_ASSERT(0 == mbedtls_cipher_update(&ctx, cipher->x, cipher->len, output, &outlen));
+    total_len += outlen;
+    TEST_ASSERT(finish_result == mbedtls_cipher_finish(&ctx, output + outlen,
+                                                       &outlen));
+    total_len += outlen;
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+    TEST_ASSERT(tag_result == mbedtls_cipher_check_tag(&ctx, tag->x, tag->len));
+#endif
+
+    /* check plaintext only if everything went fine */
+    if (0 == finish_result && 0 == tag_result) {
+        TEST_ASSERT(total_len == clear->len);
+        TEST_ASSERT(0 == memcmp(output, clear->x, clear->len));
+    }
+
+exit:
+    mbedtls_cipher_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_AUTH_CRYPT */
+void auth_crypt_tv(int cipher_id, data_t *key, data_t *iv,
+                   data_t *ad, data_t *cipher, data_t *tag,
+                   char *result, data_t *clear, int use_psa)
+{
+    /*
+     * Take an AEAD ciphertext + tag and perform a pair
+     * of AEAD decryption and AEAD encryption. Check that
+     * this results in the expected plaintext, and that
+     * decryption and encryption are inverse to one another.
+     *
+     * Do that twice:
+     * - once with legacy functions auth_decrypt/auth_encrypt
+     * - once with new functions auth_decrypt_ext/auth_encrypt_ext
+     * This allows testing both without duplicating test cases.
+     */
+
+    int ret;
+    int using_nist_kw, using_nist_kw_padding;
+
+    mbedtls_cipher_context_t ctx;
+    size_t outlen;
+
+    unsigned char *cipher_plus_tag = NULL;
+    size_t cipher_plus_tag_len;
+    unsigned char *decrypt_buf = NULL;
+    size_t decrypt_buf_len = 0;
+    unsigned char *encrypt_buf = NULL;
+    size_t encrypt_buf_len = 0;
+
+#if !defined(MBEDTLS_DEPRECATED_WARNING) && \
+    !defined(MBEDTLS_DEPRECATED_REMOVED)
+    unsigned char *tmp_tag    = NULL;
+    unsigned char *tmp_cipher = NULL;
+    unsigned char *tag_buf = NULL;
+#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */
+
+    /* Null pointers are documented as valid for inputs of length 0.
+     * The test framework passes non-null pointers, so set them to NULL.
+     * key, cipher and tag can't be empty. */
+    if (iv->len == 0) {
+        iv->x = NULL;
+    }
+    if (ad->len == 0) {
+        ad->x = NULL;
+    }
+    if (clear->len == 0) {
+        clear->x = NULL;
+    }
+
+    mbedtls_cipher_init(&ctx);
+
+    /* Initialize PSA Crypto */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (use_psa == 1) {
+        PSA_ASSERT(psa_crypto_init());
+    }
+#else
+    (void) use_psa;
+#endif
+
+    /*
+     * Are we using NIST_KW? with padding?
+     */
+    using_nist_kw_padding = cipher_id == MBEDTLS_CIPHER_AES_128_KWP ||
+                            cipher_id == MBEDTLS_CIPHER_AES_192_KWP ||
+                            cipher_id == MBEDTLS_CIPHER_AES_256_KWP;
+    using_nist_kw = cipher_id == MBEDTLS_CIPHER_AES_128_KW ||
+                    cipher_id == MBEDTLS_CIPHER_AES_192_KW ||
+                    cipher_id == MBEDTLS_CIPHER_AES_256_KW ||
+                    using_nist_kw_padding;
+
+    /****************************************************************
+     *                                                              *
+     *  Part 1: non-deprecated API                                  *
+     *                                                              *
+     ****************************************************************/
+
+    /*
+     * Prepare context for decryption
+     */
+    if (!cipher_reset_key(&ctx, cipher_id, use_psa, tag->len, key,
+                          MBEDTLS_DECRYPT)) {
+        goto exit;
+    }
+
+    /*
+     * prepare buffer for decryption
+     * (we need the tag appended to the ciphertext)
+     */
+    cipher_plus_tag_len = cipher->len + tag->len;
+    TEST_CALLOC(cipher_plus_tag, cipher_plus_tag_len);
+    memcpy(cipher_plus_tag, cipher->x, cipher->len);
+    memcpy(cipher_plus_tag + cipher->len, tag->x, tag->len);
+
+    /*
+     * Compute length of output buffer according to the documentation
+     */
+    if (using_nist_kw) {
+        decrypt_buf_len = cipher_plus_tag_len - 8;
+    } else {
+        decrypt_buf_len = cipher_plus_tag_len - tag->len;
+    }
+
+
+    /*
+     * Try decrypting to a buffer that's 1B too small
+     */
+    if (decrypt_buf_len != 0) {
+        TEST_CALLOC(decrypt_buf, decrypt_buf_len - 1);
+
+        outlen = 0;
+        ret = mbedtls_cipher_auth_decrypt_ext(&ctx, iv->x, iv->len,
+                                              ad->x, ad->len, cipher_plus_tag, cipher_plus_tag_len,
+                                              decrypt_buf, decrypt_buf_len - 1, &outlen, tag->len);
+        TEST_ASSERT(ret == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+        mbedtls_free(decrypt_buf);
+        decrypt_buf = NULL;
+    }
+
+    /*
+     * Authenticate and decrypt, and check result
+     */
+    TEST_CALLOC(decrypt_buf, decrypt_buf_len);
+
+    outlen = 0;
+    ret = mbedtls_cipher_auth_decrypt_ext(&ctx, iv->x, iv->len,
+                                          ad->x, ad->len, cipher_plus_tag, cipher_plus_tag_len,
+                                          decrypt_buf, decrypt_buf_len, &outlen, tag->len);
+
+    if (strcmp(result, "FAIL") == 0) {
+        TEST_ASSERT(ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED);
+        TEST_ASSERT(buffer_is_all_zero(decrypt_buf, decrypt_buf_len));
+    } else {
+        TEST_ASSERT(ret == 0);
+        TEST_MEMORY_COMPARE(decrypt_buf, outlen, clear->x, clear->len);
+    }
+
+    /* Free this, but keep cipher_plus_tag for deprecated function with PSA */
+    mbedtls_free(decrypt_buf);
+    decrypt_buf = NULL;
+
+    /*
+     * Encrypt back if test data was authentic
+     */
+    if (strcmp(result, "FAIL") != 0) {
+        /* prepare context for encryption */
+        if (!cipher_reset_key(&ctx, cipher_id, use_psa, tag->len, key,
+                              MBEDTLS_ENCRYPT)) {
+            goto exit;
+        }
+
+        /*
+         * Compute size of output buffer according to documentation
+         */
+        if (using_nist_kw) {
+            encrypt_buf_len = clear->len + 8;
+            if (using_nist_kw_padding && encrypt_buf_len % 8 != 0) {
+                encrypt_buf_len += 8 - encrypt_buf_len % 8;
+            }
+        } else {
+            encrypt_buf_len = clear->len + tag->len;
+        }
+
+        /*
+         * Try encrypting with an output buffer that's 1B too small
+         */
+        TEST_CALLOC(encrypt_buf, encrypt_buf_len - 1);
+
+        outlen = 0;
+        ret = mbedtls_cipher_auth_encrypt_ext(&ctx, iv->x, iv->len,
+                                              ad->x, ad->len, clear->x, clear->len,
+                                              encrypt_buf, encrypt_buf_len - 1, &outlen, tag->len);
+        TEST_ASSERT(ret != 0);
+
+        mbedtls_free(encrypt_buf);
+        encrypt_buf = NULL;
+
+        /*
+         * Encrypt and check the result
+         */
+        TEST_CALLOC(encrypt_buf, encrypt_buf_len);
+
+        outlen = 0;
+        ret = mbedtls_cipher_auth_encrypt_ext(&ctx, iv->x, iv->len,
+                                              ad->x, ad->len, clear->x, clear->len,
+                                              encrypt_buf, encrypt_buf_len, &outlen, tag->len);
+        TEST_ASSERT(ret == 0);
+
+        TEST_ASSERT(outlen == cipher->len + tag->len);
+        TEST_ASSERT(memcmp(encrypt_buf, cipher->x, cipher->len) == 0);
+        TEST_ASSERT(memcmp(encrypt_buf + cipher->len,
+                           tag->x, tag->len) == 0);
+
+        mbedtls_free(encrypt_buf);
+        encrypt_buf = NULL;
+    }
+
+    /****************************************************************
+     *                                                              *
+     *  Part 2: deprecated API                                      *
+     *                                                              *
+     ****************************************************************/
+
+#if !defined(MBEDTLS_DEPRECATED_WARNING) && \
+    !defined(MBEDTLS_DEPRECATED_REMOVED)
+
+    /*
+     * Prepare context for decryption
+     */
+    if (!cipher_reset_key(&ctx, cipher_id, use_psa, tag->len, key,
+                          MBEDTLS_DECRYPT)) {
+        goto exit;
+    }
+
+    /*
+     * Prepare pointers for decryption
+     */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (use_psa == 1) {
+        /* PSA requires that the tag immediately follows the ciphertext.
+         * Fortunately, we already have that from testing the new API. */
+        tmp_cipher = cipher_plus_tag;
+        tmp_tag = tmp_cipher + cipher->len;
+    } else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    {
+        tmp_cipher = cipher->x;
+        tmp_tag = tag->x;
+    }
+
+    /*
+     * Authenticate and decrypt, and check result
+     */
+
+    TEST_CALLOC(decrypt_buf, cipher->len);
+    outlen = 0;
+    ret = mbedtls_cipher_auth_decrypt(&ctx, iv->x, iv->len, ad->x, ad->len,
+                                      tmp_cipher, cipher->len, decrypt_buf, &outlen,
+                                      tmp_tag, tag->len);
+
+    if (using_nist_kw) {
+        /* NIST_KW with legacy API */
+        TEST_ASSERT(ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE);
+    } else if (strcmp(result, "FAIL") == 0) {
+        /* unauthentic message */
+        TEST_ASSERT(ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED);
+        TEST_ASSERT(buffer_is_all_zero(decrypt_buf, cipher->len));
+    } else {
+        /* authentic message: is the plaintext correct? */
+        TEST_ASSERT(ret == 0);
+        TEST_MEMORY_COMPARE(decrypt_buf, outlen, clear->x, clear->len);
+    }
+
+    mbedtls_free(decrypt_buf);
+    decrypt_buf = NULL;
+    mbedtls_free(cipher_plus_tag);
+    cipher_plus_tag = NULL;
+
+    /*
+     * Encrypt back if test data was authentic
+     */
+    if (strcmp(result, "FAIL") != 0) {
+        /* prepare context for encryption */
+        if (!cipher_reset_key(&ctx, cipher_id, use_psa, tag->len, key,
+                              MBEDTLS_ENCRYPT)) {
+            goto exit;
+        }
+
+        /* prepare buffers for encryption */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        if (use_psa) {
+            TEST_CALLOC(cipher_plus_tag, cipher->len + tag->len);
+            tmp_cipher = cipher_plus_tag;
+            tmp_tag = cipher_plus_tag + cipher->len;
+        } else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+        {
+            TEST_CALLOC(encrypt_buf, cipher->len);
+            TEST_CALLOC(tag_buf, tag->len);
+            tmp_cipher = encrypt_buf;
+            tmp_tag = tag_buf;
+        }
+
+        /*
+         * Encrypt and check the result
+         */
+        outlen = 0;
+        ret = mbedtls_cipher_auth_encrypt(&ctx, iv->x, iv->len, ad->x, ad->len,
+                                          clear->x, clear->len, tmp_cipher, &outlen,
+                                          tmp_tag, tag->len);
+
+        if (using_nist_kw) {
+            TEST_ASSERT(ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE);
+        } else {
+            TEST_ASSERT(ret == 0);
+
+            TEST_ASSERT(outlen == cipher->len);
+            if (cipher->len != 0) {
+                TEST_ASSERT(memcmp(tmp_cipher, cipher->x, cipher->len) == 0);
+            }
+            TEST_ASSERT(memcmp(tmp_tag, tag->x, tag->len) == 0);
+        }
+    }
+
+#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */
+
+exit:
+
+    mbedtls_cipher_free(&ctx);
+    mbedtls_free(decrypt_buf);
+    mbedtls_free(encrypt_buf);
+    mbedtls_free(cipher_plus_tag);
+#if !defined(MBEDTLS_DEPRECATED_WARNING) && \
+    !defined(MBEDTLS_DEPRECATED_REMOVED)
+    mbedtls_free(tag_buf);
+#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if (use_psa == 1) {
+        PSA_DONE();
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void test_vec_ecb(int cipher_id, int operation, data_t *key,
+                  data_t *input, data_t *result, int finish_result
+                  )
+{
+    mbedtls_cipher_context_t ctx;
+    unsigned char output[32];
+    size_t outlen;
+
+    mbedtls_cipher_init(&ctx);
+
+    memset(output, 0x00, sizeof(output));
+
+    /* Prepare context */
+    TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx,
+                                          mbedtls_cipher_info_from_type(cipher_id)));
+
+
+    TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx, key->x, 8 * key->len, operation));
+
+    TEST_ASSERT(0 == mbedtls_cipher_update(&ctx, input->x,
+                                           mbedtls_cipher_get_block_size(&ctx),
+                                           output, &outlen));
+    TEST_ASSERT(outlen == mbedtls_cipher_get_block_size(&ctx));
+    TEST_ASSERT(finish_result == mbedtls_cipher_finish(&ctx, output + outlen,
+                                                       &outlen));
+    TEST_ASSERT(0 == outlen);
+
+    /* check plaintext only if everything went fine */
+    if (0 == finish_result) {
+        TEST_ASSERT(0 == memcmp(output, result->x,
+                                mbedtls_cipher_get_block_size(&ctx)));
+    }
+
+exit:
+    mbedtls_cipher_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */
+void test_vec_crypt(int cipher_id, int operation, data_t *key,
+                    data_t *iv, data_t *input, data_t *result,
+                    int finish_result, int use_psa)
+{
+    mbedtls_cipher_context_t ctx;
+    unsigned char output[32];
+    size_t outlen;
+
+    mbedtls_cipher_init(&ctx);
+
+    memset(output, 0x00, sizeof(output));
+
+    /* Prepare context */
+#if !defined(MBEDTLS_USE_PSA_CRYPTO)
+    (void) use_psa;
+#else
+    if (use_psa == 1) {
+        PSA_ASSERT(psa_crypto_init());
+        TEST_ASSERT(0 == mbedtls_cipher_setup_psa(&ctx,
+                                                  mbedtls_cipher_info_from_type(cipher_id), 0));
+    } else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx,
+                                          mbedtls_cipher_info_from_type(cipher_id)));
+
+    TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx, key->x, 8 * key->len, operation));
+    if (MBEDTLS_MODE_CBC == ctx.cipher_info->mode) {
+        TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx, MBEDTLS_PADDING_NONE));
+    }
+
+    TEST_ASSERT(finish_result == mbedtls_cipher_crypt(&ctx, iv->len ? iv->x : NULL,
+                                                      iv->len, input->x, input->len,
+                                                      output, &outlen));
+    TEST_ASSERT(result->len == outlen);
+    /* check plaintext only if everything went fine */
+    if (0 == finish_result) {
+        TEST_ASSERT(0 == memcmp(output, result->x, outlen));
+    }
+
+exit:
+    mbedtls_cipher_free(&ctx);
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    PSA_DONE();
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */
+void set_padding(int cipher_id, int pad_mode, int ret)
+{
+    const mbedtls_cipher_info_t *cipher_info;
+    mbedtls_cipher_context_t ctx;
+
+    mbedtls_cipher_init(&ctx);
+
+    cipher_info = mbedtls_cipher_info_from_type(cipher_id);
+    TEST_ASSERT(NULL != cipher_info);
+    TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx, cipher_info));
+
+    TEST_ASSERT(ret == mbedtls_cipher_set_padding_mode(&ctx, pad_mode));
+
+exit:
+    mbedtls_cipher_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
+void check_padding(int pad_mode, data_t *input, int ret, int dlen_check
+                   )
+{
+    mbedtls_cipher_info_t cipher_info;
+    mbedtls_cipher_context_t ctx;
+    size_t dlen;
+
+    /* build a fake context just for getting access to get_padding */
+    mbedtls_cipher_init(&ctx);
+    cipher_info.mode = MBEDTLS_MODE_CBC;
+    ctx.cipher_info = &cipher_info;
+
+    TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx, pad_mode));
+
+
+    TEST_ASSERT(ret == ctx.get_padding(input->x, input->len, &dlen));
+    if (0 == ret) {
+        TEST_ASSERT(dlen == (size_t) dlen_check);
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void iv_len_validity(int cipher_id, char *cipher_string,
+                     int iv_len_val, int ret)
+{
+    size_t iv_len = iv_len_val;
+    unsigned char iv[16];
+
+    /* Initialise iv buffer */
+    memset(iv, 0, sizeof(iv));
+
+    const mbedtls_cipher_info_t *cipher_info;
+    mbedtls_cipher_context_t ctx_dec;
+    mbedtls_cipher_context_t ctx_enc;
+
+    /*
+     * Prepare contexts
+     */
+    mbedtls_cipher_init(&ctx_dec);
+    mbedtls_cipher_init(&ctx_enc);
+
+    /* Check and get info structures */
+    cipher_info = mbedtls_cipher_info_from_type(cipher_id);
+    TEST_ASSERT(NULL != cipher_info);
+    TEST_ASSERT(mbedtls_cipher_info_from_string(cipher_string) == cipher_info);
+
+    /* Initialise enc and dec contexts */
+    TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_dec, cipher_info));
+    TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_enc, cipher_info));
+
+    TEST_ASSERT(ret == mbedtls_cipher_set_iv(&ctx_dec, iv, iv_len));
+    TEST_ASSERT(ret == mbedtls_cipher_set_iv(&ctx_enc, iv, iv_len));
+
+exit:
+    mbedtls_cipher_free(&ctx_dec);
+    mbedtls_cipher_free(&ctx_enc);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.gcm.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.gcm.data
similarity index 94%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.gcm.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.gcm.data
index a4cebd2..63e728b 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.gcm.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.gcm.data
@@ -2731,2017 +2731,2017 @@ depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"":0
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d785dafea3e966731ef6fc6202262584":"d91a46205ee94058b3b8403997592dd2":"":"":"3b92a17c1b9c3578a68cffea5a5b6245":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aec963833b9098de1ababc853ab74d96":"4e0ffd93beffd732c6f7d6ad606a2d24":"":"":"e9fcedc176dfe587dc61b2011010cdf1":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4fb9e3393681da9cec5ec96f87c5c31":"845e910bc055d895879f62101d08b4c7":"":"":"99fb783c497416e4b6e2a5de7c782057":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2a930f2e09beceacd9919cb76f2ac8d3":"340d9af44f6370eff534c653033a785a":"":"":"0c1e5e9c8fe5edfd11f114f3503d63":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe71177e02073b1c407b5724e2263a5e":"83c23d20d2a9d4b8f92da96587c96b18":"":"":"43b2ca795420f35f6cb39f5dfa47a2":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b02392fd7f228888c281e59d1eaa15fb":"2726344ba8912c737e195424e1e6679e":"":"":"a10b601ca8053536a2af2cc255d2b6":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"21895cbafc16b7b8bf5867e88e0853d4":"f987ce1005d9bbd31d2452fb80957753":"":"":"952a7e265830d58a6778d68b9450":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9bb9742bf47f68caf64963d7c10a97b0":"34a85669de64e1cd44731905fddbcbc5":"":"":"e9b6be928aa77b2de28b480ae74c":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e9708e4b37e2e1b5feaf4f5ab54e2a6":"1c53a9fdd23919b036d99560619a9939":"":"":"6611b50d6fbca83047f9f5fe1768":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"82fede79db25f00be96eb050a22cea87":"e9c50b517ab26c89b83c1f0cac50162c":"":"":"d0c0ce9db60b77b0e31d05e048":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1d98566fca5201abb12914311a8bd532":"590aef4b46a9023405d075edab7e6849":"":"":"a1cfd1a27b341f49eda2ca8305":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3038771820c2e1319f02a74b8a7a0c08":"e556d9f07fb69d7e9a644261c80fac92":"":"":"4d2f005d662b6a8787f231c5e1":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0fb7eef50de598d7d8b508d019a30d5a":"a2a2617040116c2c7e4236d2d8278213":"":"":"68413c58df7bb5f067197ca0":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8cc58b609204215c8ab4908286e56e5c":"fb83ea637279332677b5f68081173e99":"":"":"a2a9160d82739a55d8cd419f":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"81a5fd184742a478432963f6477e8f92":"da297cbb53b11d7c379e0566299b4d5a":"":"":"200bee49466fdda2f21f0062":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"f604ac66d626959e595cbb7b4128e096":"269d2a49d533c6bb38008711f38e0b39":"":"":"468200fa4683e8be":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2e308ba7903e925f768c1d00ff3eb623":"335acd2aa48a47a37cfe21e491f1b141":"":"":"4872bfd5e2ff55f6":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1304e2a5a3520454a5109df61a67da7a":"dbe8b452acf4fa1444c3668e9ee72d26":"":"":"83a0d3440200ca95":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ecf1ec2c9a8f2e9cc799f9b9fddb3232":"ddf0b695aef5df2b594fcaae72b7e41c":"":"":"2819aedf":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9ab5c8ca905b5fe50461f4a68941144b":"96dd3927a96e16123f2e9d6b367d303f":"":"":"6e0c53ef":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b5fc7af605721a9cfe61c1ee6a4b3e22":"6b757d4055823d1035d01077666037d6":"":"":"e8c09ddd":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03c0b4a6e508a8490db0d086a82c9db7":"ac52f6c1a05030321fa39f87e89fdb5e":"33316ca79d10a79f4fd038593e8eef09625089dc4e0ffe4bc1f2871554fa6666ab3e7fe7885edef694b410456f3ec0e513bb25f1b48d95e4820c5972c1aabb25c84c08566002dadc36df334c1ce86847964a122016d389ac873bca8c335a7a99bcef91e1b985ae5d488a2d7f78b4bf14e0c2dc715e814f4e24276057cf668172":"":"756292d8b4653887edef51679b161812":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b228d3d15219ea9ad5651fce02c8374d":"5c7eafaead029c3fe3cf3835fe758d0e":"8c35dd805c08686b9b4d460f81b4dcb8c46c6d57842dc3e72ba90952e2bebf17fe7184445b02f801800a944486d662a127d01d3b7f42679052cdc73ce533129af8d13957415c5495142157d6ce8a68aa977e56f562fed98e468e42522767656ce50369471060381bb752dd5e77c79677a4cadffa39e518e30a789e793b07ea21":"":"a4dde1ab93c84937c3bbc3ad5237818d":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"776afcbabedd5577fe660a60f920b536":"5bbb7f1b14084e520408dd87b97705e9":"44631fc9d4a07416b0dfb4e2b42071e3e2be45502c9ddf72b3e61810eeda31a7d685ebb2ee43a2c06af374569f439ee1668c550067de2dece9ec46ee72b260858d6033f814e85275c5ae669b60803a8c516de32804fa34d3a213ccfaf6689046e25eeb30b9e1608e689f4d31cc664b83a468a51165f5625f12f098a6bf7ddab2":"":"a5347d41d93b587240651bcd5230264f":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"20abeafa25fc4ea7d0592cb3e9b4d5fe":"3aba79a58c5aa664856b41d552c7a8d3":"98cfecaae9eb9a7c3b17e6bc5f80d8a4bf7a9f4fa5e01b74cae15ee6af14633205aafe3b28fb7b7918e12322ea27352056a603746d728a61361134a561619400ff2bf679045bac2e0fbc2c1d41f8faba4b27c7827bceda4e9bf505df4185515dd3a5e26f7639c8ad5a38bc5906a44be062f02cc53862678ae36fa3de3c02c982":"":"2a67ad1471a520fe09a304f0975f31":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2bc73fba942ff105823b5dccf6befb1c":"902c3e3b69b1ef8395d7281ff74cce38":"4adec0b4ac00325a860044d9f9519daa4f7c163229a75819b0fd7d8e23319f030e61dfa8eadabff42ea27bc36bdb6cad249e801ca631b656836448b7172c11126bad2781e6a1aa4f62c4eda53409408b008c057e0b81215cc13ddabbb8f1915f4bbab854f8b00763a530ad5055d265778cd3080d0bd35b76a329bdd5b5a2d268":"":"ebdd7c8e87fe733138a433543542d1":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"356a4c245868243d61756cabe86da887":"b442f2ec6d45a17144c258fd59fe5b3b":"12cccc3c60474b0a1579c5006c2134850724fa6c9da3a7022d4f65fd238b052bdf34ea34aa7dbadad64996065acee588ab6bd29726d07ed24ffae2d33aadf3e66ebb87f57e689fd85128be1c9e3d8362fad1f8096ee391f75b576fb213d394cef6f091fc5488d9aa152be69475b9167abd6dd4fd93bbbc7b8ca316c952eb19c6":"":"ed26080dcb670590613d97d7c47cf4":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfa7e93aff73600fc552324253066e2c":"c20001e93f1cd05253c277a9445d61e4":"a64d1e20058a1f7e698622a02f7ff8dc11886717ede17bbdc3c4645a66a71d8b04346fb389a251ffb0a7f445a25faf642bb7e4697d2cacf925e78c4be98457996afb25b0516b50f179441d1923312364947f8f1e0f5715b43bd537727bf943d7b4679b0b0b28b94e56e7bbf554d9cf79fcee4387f32bb6f91efdd23620035be6":"":"6ba5e4dace9a54b50b901d9b73ad":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2ecea80b48d2ecd194a7699aa7d8ccfc":"8b4db08bafc23b65ae50a2d20661d270":"efc2ca1a3b41b90f8ddf74291d68f072a6e025d0c91c3ce2b133525943c73ebadc71f150be20afeb097442fa51be31a641df65d90ebd81dcbaf32711ed31f5e0271421377ffe14ddafea3ca60a600588d484856a98de73f56a766ae60bae384a4ae01a1a06821cf0c7a6b4ee4c8f413748457b3777283d3310218fb55c107293":"":"246a9d37553088b6411ebb62aa16":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d38fee3fd3d6d08224c3c83529a25d08":"a942ccb11cf9468186fabfc18c899801":"1c92a4ce0a1dae27e720d6f9b1e460276538de437f3812ab1177cf0273b05908f296f33ba0f4c790abe2ce958b1d92b930a0d81243e6ad09ef86ee8e3270243095096537cb1054fcfcf537d828b65af9b6cf7c50f5b8470f7908f314d0859107eed772ee1732c78e8a2e35b2493f3e8c1e601b08aeab8d9729e0294dca168c62":"":"803a08700ec86fdeb88f7a388921":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1899b0cbae41d705c6eed3226afb5bc0":"82d0910aa53e300a487d880d018d0dea":"6bf5583cc1007d74f3529db63b8d4e085400ccf3725eab8e19cb145f3910c61465a21486740a26f74691866a9f632af9fae81f5f0bffedf0c28a6ce0fd520bb4db04a3cd1a7d29d8801e05e4b9c9374fd89bcb539489c2f7f1f801c253a1cc737408669bcd133b62da357f7399a52179125aa59fae6707d340846886d730a835":"":"c5d58870fee9ce157f5ec1fa8f":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b95323d86d02754f4c2874b42ec6eb0":"4f76084acbdef9999c71dcc794238d7c":"ebc75788377c0b264818a6f97c19cf92c29f1c7cdeb6b5f0a92d238fa4614bc35d0cfe4ec9d045cd628ff6262c460679ac15b0c6366d9289bbd217e5012279e0af0fb2cfcbdf51fe16935968cbb727f725fe5bcd4428905849746c8493600ce8b2cfc1b61b04c8b752b915fed611d6b54ef73ec4e3950d6db1807b1ce7ed1dcc":"":"c4724ff1d2c57295eb733e9cad":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30da555559eb11cf7e0eff9d99e9607d":"7799275bf12335f281ec94a870f90a0b":"e735d556e15aec78d9736016c8c99db753ed14d4e4adaaa1dd7eaad702ea5dc337433f8c2b45afdf2f385fdf6c55574425571e079ca759b6235f877ed11618ff212bafd865a22b80b76b3b5cf1acfd24d92fd41607bbb7382f26cd703757088d497b16b32de80e1256c734a9b83356b6fced207177de75458481eaef59a431d7":"":"3c82272130e17c4a0a007a908e":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ed2ac74af896c5190c271cfa6af02fd2":"e0226e2d8da47badad1fb78b9a797f27":"8f11353ae476ff923013e6e736ffc9d23101a1c471ccc07ad372a8430d6559c376075efce2e318cdf4c9443dbf132e7e6da5524045028c97e904633b44c4d189a4b64237ac7692dd03c0e751ce9f04d0fdbd8a96074cd7dfa2fd441a52328b4ac3974b4902db45663f7b6f24947dba618f8b9769e927faf84c9f49ad8239b9fb":"":"db8af7a0d548fc54d9457c73":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0225b73fe5fbbe52f838d873173959d8":"02a048764f48d9aed1147ee922395bbf":"9b46a57b06e156c877e94c089814493ead879397dab3dfcab2db349ef387efcd0cc339a7e79131a2c580188fc7429044a465b8329d74cd8f47272a4ed32582b1c5c7e3d32341ae902ea4923dc33df8062bc24bb51a11d2ecc82f464f615041387f9c82bd2135d4e240fe56fa8a68e6a9a417e6702430a434b14d70cf02db3181":"":"e2c2ce4022c49a95c9ac9026":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"89ca3771a0ef3287568b4ac036120198":"7e83d2ffa8af8c554cfd71a0db56ef5b":"1bd7a9d6262882bd12c62bd50942965b3cdcadf5e0fab2dc4d0daf0ee4b16e92c6e2464c0caa423cdce88e4d843490609716ec5e44c41672c656ac0e444d3622557ea8420c94deae3ad190ddaf859f6f8c23e4e2e32a46d28df23de4f99bd6c34f69e06eddfdfa5f263dbe8baf9d4296b2c543e4c4847271e7590374edf46234":"":"06b2bf62591dc7ec1b814705":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a41a297bd96e224942998fe2192934a1":"6827f2c5a0b7ecd6bbc696abb0adf556":"f32041abd8543415cbac423d945dda5378a16a7e94d9ab5dbd2d32eb1c5048cc7c8e4df3ca84ec725f18c34cfdeaa7595392aabfd66d9e2f37c1165369cd806cd9d2110def6f5fad4345e5a6e2326c9300199438fcc078cd9fcf4d76872cac77fc9a0a8ac7e4d63995078a9addecf798460ff5910861b76c71bccfb6b629d722":"":"49a4917eef61f78e":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a9372c058f42e0a1d019bdb528313919":"8d03f423230c8f00a5b6b712d426a2af":"cfef4e70fcc1821eeccf7c7b5eb3c0c3b5f72dc762426e0bd26242f8aa68c5b716ab97eded5e5720caccc1965da603d556d8214d5828f2cf276d95bf552d47313876796221f62ccb818a6d801088755d58cfb751bfed0d5a19718d4e0f94b850e0279b3a69295d1837cba958a6cc56e7594080b9e5b954a199fdc9e54ddc8583":"":"b82cd11cd3575c8d":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6302b7338f8fa84195ad9abbacd89b4e":"e1bed5c53547cbc85f3411fbb43bb08b":"bcd329c076e8da2797d50dcdcf271cecf3ce12f3c136ed746edc722f907be6133276ee099038fdc5d73eec812739c7489d4bcc275f95451b44890416e3ffe5a1b6fa3986b84eee3adad774c6feaecb1f785053eeda2cfc18953b8547866d98918dbe0a6abc168ac7d77467a367f11c284924d9d186ef64ef0fd54eacd75156d2":"":"5222d092e9e8bd6c":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78b5c28d62e4b2097873a1180bd5a3a5":"c93902c2819ee494f0fc4b259ee65dd8":"e6b1192674a02083a6cf36d4ba93ba40a5331fadf63fd1eb2efa2ee9c0d8818472aaaf2b4705746011753f30f447c8f58dd34d29606daf57eadc172529837058cb78a378b19da8d63c321f550dfa256b5fd9f30e93d8f377443bfcd125f86a079a1765d2010be73d060f24eebae8d05e644688b2149bc39e18bd527bc066f2ba":"":"eae48137":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d84130578070e036c9e3df5b5509473":"3b9b4950523a19c6866fd2b0cde541fd":"a764931e1b21a140c54a8619aacdb4358834987fb6e263cec525f888f9e9764c165aaa7db74f2c42273f912daeae6d72b232a872ac2c652d7cd3af3a5753f58331c11b6c866475697876dbc4c6ca0e52a00ba015ee3c3b7fb444c6e50a4b4b9bbe135fc0632d32a3f79f333d8f487771ed12522e664b9cf90e66da267f47a74d":"":"79987692":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08428605ab4742a3e8a55354d4764620":"128f5f4a817e4af04113847a223adeb0":"464b484ed79d93a48e0f804e04df69d7ca10ad04ba7188d69e6549ab50503baaec67e0acba5537d1163c868fd3e350e9d0ae9123046bc76815c201a947aa4a7e4ed239ce889d4ff9c8d043877de06df5fc27cf67442b729b02e9c30287c0821ef9fa15d4cccbc53a95fa9ec3ed432ca960ebbf5a169ccada95a5bf4c7c968830":"":"3eb3e3a2":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd358bc3f992f26e81e3a2f3aa2d517":"d8c750bb443ee1a169dfe97cfe4d855b":"":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"a81d13973baa22a751833d7d3f94b3b1":"":"77949b29f085bb3abb71a5386003811233056d3296eb093370f7777dadd306d93d59dcb9754d3857cf2758091ba661f845ef0582f6ae0e134328106f0d5d16b541cd74fdc756dc7b53f4f8a194daeea9369ebb1630c01ccb307b848e9527da20a39898d748fd59206f0b79d0ed946a8958033a45bd9ae673518b32606748eb65":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"43b5f18227e5c74288dbeff03801acd6":"08ee12246cf7edb81da3d610f3ebd167":"":"f58d630f10cfca61d4644d4f6505bab629e8e8faf1673e64417f9b79e622966a7011cfb3ff74db5cebf09ad3f41643d4437d213204a6c8397e7d59b8a5b1970aed2b6bb5ea1933c72c351f6ba96c0b0b98188f6e373f5db6c5ebece911ec7a1848abd3ae335515c774e0027dab7d1c07d047d3b8825ff94222dbaf6f9ab597ee":"82d83b2f7da218d1d1441a5b37bcb065":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a433c612d7e1bdff881e4d63ba8b141":"8b670cf31f470f79a6c0b79e73863ca1":"":"ce10758332f423228b5e4ae31efda7677586934a1d8f05d9b7a0dc4e2010ec3eaacb71a527a5fff8e787d75ebd24ad163394c891b33477ed9e2a2d853c364cb1c5d0bc317fcaf4010817dbe5f1fd1037c701b291b3a66b164bc818bf5c00a4c210a1671faa574d74c7f3543f6c09aaf117e12e2eb3dae55edb1cc5b4086b617d":"8526fd25daf890e79946a205b698f287":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8e9d75c781d63b29f1816859f7a0e0a0":"748a3b486b62a164cedcf1bab9325add":"":"a9f1883f58e4ef78377992101ab86da0dafcefa827904dd94dff6f6704b1e45517165a34c5555a55b04c6992fb6d0840a71bd262fe59815e5c7b80fe803b47d5ba44982a3f72cb42f591d8b62df38c9f56a5868af8f68242e3a15f97be8ef2399dbace1273f509623b6f9e4d27a97436aebf2d044e75f1c62694db77ceac05de":"131e0e4ce46d768674a7bcacdcef9c":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe6b8553002c69396d9976bb48d30779":"595b17d0d76b83780235f5e0c92bd21f":"":"786f4801b16de7a4931ab143b269c7acc68f1ed9b17a95e8929ccec7d53413059fd4267bedbf079d9d69e90314c1345bc9cb9132f1af69323157ddf7533ced42b4b7bd39004f14d326f5b03bc19084d231d93bcab328312d99b426c1e86e8e049d380bb492e2e32ad690af4cf86838d89a0dfdcbc30e8c9e9039e423a234e113":"8879de07815a88877b0623de9be411":"":"b15dc7cd44adcb0783f30f592e5e03ccd47851725af9fe45bfc5b01ae35779b9a8b3f26fec468b188ec3cad40785c608d6bfd867b0ccf07a836ec20d2d9b8451636df153a32b637e7dcdbd606603d9e53f6e4c4cc8396286ce64b0ea638c10e5a567c0bc8e808080b71be51381e051336e60bf1663f6d2d7640a575e0752553b":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14898c56009b459172fef9c17993b54f":"0862f8f87289988711a877d3231d44eb":"":"e7ba6ef722273238b975d551f95d3e77e9b75b24c547b86eafb457d409803bdf6e1443839d8604ee497020e1a3dbd687a819b17fdde0fcf240ce2129792792a58bfcd825773001ee959bf9ec8d228e27ce1cd93d7fb86769a3793361b6f82bf7daf284afc1ece657a1ee6346ea9294880755b9b623563ad2657ba2286488a2ef":"36938974301ae733760f83439437c4":"":"3fd56897a62743e0ab4a465bcc9777d5fd21ad2c9a59d7e4e1a60feccdc722b9820ec65cb47e1d1160d12ff2ea93abe11bc101b82514ead7d542007fee7b4e2dd6822849cd3e82d761ff7cf5ce4f40ad9fec54050a632a401451b426812cf03c2b16a8667a88bb3f7497e3308a91de6fd646d6a3562c92c24272411229a90802":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe5253d4b071793b081ebc122cc2a5f8":"49e82d86804e196421ec19ddc8541066":"":"b57a0bd7714ae95e77fa9452e11a7ed4a2bec60f81ad6ddb956d4b1cb5dfc277dcb4034d501801b26733b5e08c710c3cfdccc1b208dc7a92cd7ebe166320582bcaff64cc943c36fbe7008f004e5db70c40de05fa68b0c9d4c16c8f976130f20702b99674cd2f4c93aeaeb3abca4b1114dbc3a4b33e1226ad801aa0e21f7cc49b":"e8b8ae34f842277fe92729e891e3":"":"c4a31c7ec820469f895d57579f987733337ec6547d78d17c44a18fab91f0322cfe05f23f9afaf019cf9531dec2d420f3591d334f40d78643fd957b91ab588a7e392447bd702652017ede7fb0d61d444a3b3cc4136e1d4df13d9532eb71bcf3ff0ae65e847e1c572a2f90632362bc424da2249b36a84be2c2bb216ae7708f745c":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b3502d6f0d172246e16503cdf5793296":"6ce994689ff72f9df62f386a187c1a13":"":"09268b8046f1558794e35cdc4945b94227a176dd8cb77f92f883542b1c4be698c379541fd1d557c2a07c7206afdd49506d6a1559123de1783c7a60006df06d87f9119fb105e9b278eb93f81fd316b6fdc38ef702a2b9feaa878a0d1ea999db4c593438f32e0f849f3adabf277a161afb5c1c3460039156eec78944d5666c2563":"21cdf44ff4993eb54b55d58e5a8f":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5fb33dd73db309b9dfd3aee605cd94bf":"3f6486f9e9e645292e0e425bac232268":"":"f4e011f8c99038c46854b427475f23488077ebf051c4b705a1adfdd493a0a10af7a7e9453965b94f52f61ae62ce9243a82a2dbf9c5a285db3fe34ed34ed08b5926f34c48171195f7062d02a6e6e795322a0475017371cb8f645cdcac94afc66dc43e7583bdf1c25790f4235076a53de6c64f3bc5004e5a9ce4783fbf639fad97":"7ee5e0e2082b18d09abf141f902e":"":"0503cb531f1c967dae24f16dd651d544988a732020134896a0f109222e8639bf29ff69877c6ef4ac3df1b260842f909384e3d4409b99a47112681c4b17430041ca447a903a6c1b138f0efbb3b850d8290fceac9723a32edbf8e2d6e8143b1cbc7bf2d28d1b6c7f341a69918758cc82bbab5d898fa0f572d4ceaa11234cb511ec":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a958fe3b520081b638d9e4c7d5da7ac7":"c396109e96afde6f685d3c38aa3c2fae":"":"dfa9487378c7d8af9c8dbd9e533cd81503d9e4e7dab43133bad11fd3050a53a833df9cc3208af1a86110567d311d5fc54b0d627de433c381b10e113898203ac5225140f951cdb64c6494592b6453f9b6f952ec5ece732fb46c09a324f26b27cdad63588006bb5c6c00b9aa10d5d3b2f9eaab69beeddd6f93966654f964260018":"06ca91004be43cf46ed4599e23":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ec319fb143eac8215b51541daec268f2":"8a4684f42a1775b03806574f401cff78":"":"d298d988e74927736237eb8ab09d7a86b854fa2fd1f7f3be83b417ac10aa9291f4af5b3fbaf75a296ac32369ad57ded3984b84711953e477de3035ba430a30ffb84c941936e6c8d2cae8d80159876f87dd682747f2dccc36d7c32ab227032b8ac70b313fa4202ea236e3ec4d9e4d8b48cf3b90b378edc5b1dbeec929549344f8":"e91acb1bfda191630b560debc9":"":"27ce4a622959930f4059f247d29d1438257093cc973bf1bae4e0515da88b9a7e21ec59c7e4d062035cdf88b91254d856b11c8c1944865fa12922227ded3eecccaa36341ecf5405c708e9ea173f1e6cdf090499d3bb079910771080814607a1efe62ec6835dc0333d19dd39dd9ea9f31cd3632128536149a122050bb9365b521d":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14a3e69f351ac39b4297749a90c1365c":"eb1c6c04437aa5a32bcc208bb3c01724":"":"051224f7b208549dcfda5f9d56ce5f0a072ef1f23f3810c693516c92622be6ed4d7a9e0f9450980ba490b2e9e3468ea7eef10bc9ebd673d91f32b748c1bf2c50cc4ebb59fc409c6d780bba00700d563ce1dc9927a6c860095a42ed053f3d640debfbfa7a4e6d5de234af19755000d95e7f414f1f78285ee165410c020038286b":"e418815960559aefee8e0c3831":"":"797310a6ed9ce47cdc25f7f88f5dbbf6f8f4837701704d7afced250585922744598d6f95ba2eecf86e030cc5ee71b328fc1c4f2d4df945d1b91a2803d6ae8eba6881be5fe0f298dd0c0279e12720ede60b9e857ccca5abe9b4d7ee7f25108beebbfe33f05c0d9903bf613c2e7ed6a87b71b5e386d81b3ae53efd01055bbcccc2":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c34827771fc3918d1cee09ba9401b832":"2379bbd39a1c22bc93b9b9cc45f3840b":"":"ce79701b661066e53191c9acdaf677ad41622314898d7216e3f113e2e6e215d26d8bd139827f06ab3ea5c4105694e87db1dd6cec10e1f86a8744d4c541f08e40319e22ab42fc1a6c89edfd486b6f142c6bbbf84a73912e0b2e55b79db306ccabf839855afdd889e52ae981520c89e7dc29bb2adb1906cca8c93fcb21290a095b":"26e1f6cf0d9e0f36dfd669eb":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b1f9bd2006ec550b7b9913d383200b5d":"ca28fa6b64bb3b32ef7d211f1c8be759":"":"6d9fc8f586d50d6e0128172ae147844e80136905d3a297497a9566ca7c7445029028f14c9950acee92a5c12a9150f5e024e01c7505dd83937542b0b1288de9c292ae8ad918a09b2edf8493540b74c73d2794f2eb6eed18eba520ddea9567462c83330f33d7892fcde0b10c73a4e26ab1bef037cec7e0190b95188e9a752fee6f":"c87aac7ad0e85dbb103c0733":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b2cef1a92aa0af2b00fb2a99855d5bc":"08d87b7acee87d884667f6b1e32e34d0":"":"fd09525ef3c65ab5823e1b6c36b4a9449a3975c5d3a9e7e33c61fb32edcbb8e8c915b6202e3fbce87d73cc3b66d83d9ea7e1e353cc7468f08626932cf0235563e2a28953ee5a0afadb1c3cb513b1f1fc9a8a6cf326174b877448672f7731dd6430a51619da1a169ab302da5af5b38802f8bbf5890b5d9b45deda799679501dc4":"3bd7685318010b0c5fe3308b":"":"583e64631c218549923e8ad33b728d07f23b0f19d2aff1ad7e20d564c591db0e117caa8f21e3f3345e3d84f0ccbb27274cddf9274410fc342cb2a5d4aea4e925d0dd5350389ee0dea23a842ff3f5c1198374a96f41e055f999cfbc2f47ceaa883da8eb6ff729f583eff1f91bd3f3254d4e81e60d9993b3455e67f405708e4422":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"175c306f8644b0c4b894ae3d0971505e":"9860268ca2e10974f3726a0e5b9b310f":"":"fbe7ced7048f83e3a075661c4924eb77da1b4d6019d504afb942d728b31fd3b17557bd101c08453540a5e28d3505aeb8801a448afac2d9f68d20c0a31c7ef22bd95438851789eef1bebe8d96ac29607025b7e1366fecd3690ba90c315528dc435d9a786d36a16808d4b3e2c7c5175a1279792f1daccf51b2f91ac839465bb89a":"f809105e5fc5b13c":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08c0edcfe342a676ccdc04bdf854b4b0":"4a7b70753930fe659f8cc38e5833f0c7":"":"1fc8ef8480c32d908b4bcbfa7074a38e915c20ed7a1c608422087e89442d7c5af6fe9c9a716c55793248062d8e6c6e8e904e2804da3a43701e4c78ecdb67e0b25308afc6d9b463356439cd095cff1bdf0fd91ab301c79fd257046cba79a5d5cd99f2502ad968420e4d499110106072dc687f434db0955c756a174a9024373c48":"9ab1e2f3c4606376":"":"983458c3f198bc685d98cea2b23cf71f0eb126e90937cab3492a46d9dc85d76bbb8035c6e209c34b2a7187df007faabe9f3064dc63f1cb15bf5a10655e39b94732e0c6583d56327e9701344e048887a81b256181cdfa9ec42ebc990875e4852240ddcb3cbc4ea4e6307075fd314f7190f3553267bd68b19e954e310ec3f8dbab":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"241067a0301edf0f825d793e03383ea1":"a30994261f48a66bb6c1fc3d69659228":"":"6984bb9830843529fad7f5e7760db89c778d62c764fcd2136ffb35d7d869f62f61d7fef64f65b7136398c1b5a792844528a18a13fba40b186ae08d1153b538007fc460684e2add8a9ed8dd82acbb8d357240daaa0c4deb979e54715545db03fe22e6d3906e89bdc81d535dae53075a58f65099434bfeed943dbc6024a92aa06a":"36c3b4a732ba75ae":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03cccb5357bd2848332d1696f2ff90cb":"e0754022dfb1f813ccaf321558790806":"":"5e2f18cbc1e773df9f28be08abb3d0b64d545c870c5778ac8bb396bef857d2ac1342ae1afb3bf5d64e667bf837458415d48396204fe560e3b635eb10e560e437f2d0396952998fd36e116cd047c1d7f6fc9901094454d24165c557a8816e0d0a8e0ce41e040ba6f26ca567c74fc47d9738b8cd8dae5dfc831c65bc1ba9603a07":"c75f0246":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e5e53c84a05d5a5348bac7b2611cf62":"47e40543b7d16bc9122c40b106d31d43":"":"489c00c05dec06f282924c680f621ab99ac87f7d33ebbb4ca0eee187ec177d30d2b4afb4ee9f0dc019cf1a4da16d84b7f5f5c7fce72a32461db115b5a5a433024fd5ed3d47161836bb057a0189ed768f95e45fa967d0cc512fc91b555808c4033c945e8f2f7d36428dcb61f697e791b74e5c79b2bcb9cb81bec70d8119cd8d76":"81eec75d":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2c94008bf377f90b7a1c0d2ea38f730c":"abfe92931a8411a39986b74560a38211":"":"7b3d619d115de9970b2df4e1f25194940b3f3da04c653231e8e6946de9dc08ae5ba37e2a93c232e1f9445f31c01333045f22bd832e3b5f9833f37070fafb0ef1c44cc5637058ab64d9e07bb81b32852d4cf749a3ddbfdb494f8de8bb4e31f46033f8a16bc22e2595d023845505ea5db74dd69ab4ca940078b09efb4ff19bdb66":"47d42e78":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"69eedf3777e594c30e94e9c5e2bce467":"a3330638a809ba358d6c098e4342b81e":"df4e3f2b47cf0e8590228fcf9913fb8a5eb9751bba318fd2d57be68c7e788e04fabf303699b99f26313d1c4956105cd2817aad21b91c28f3b9251e9c0b354490fa5abfcea0065aa3cc9b96772eb8af06a1a9054bf12d3ae698dfb01a13f989f8b8a4bb61686cf3adf58f05873a24d403a62a092290c2481e4159588fea6b9a09":"5114e9983c96fecec3f7304ca42f52aa16cb7c6aadfb62ad537c93a3188835ca0703dad34c73cf96435b668b68a7a1d056931959316e8d3ab956bf64c4e07479c7767f9d488b0c0c351333ccf400b7e0be19a0fd173e3f2a1ae313f27e516952260fd2da9ab9daca478ebb93cd07d0b7503b32364d8e308d904d966c58f226bb":"5de3068e1e20eed469265000077b1db9":"":"208e6321238bf5c6e2ef55a4b8f531cbbfb0d77374fe32df6dd663486cf79beeed39bb6910c3c78dd0cc30707a0a12b226b2d06024db25dcd8a4e620f009cafa5242121e864c7f3f4360aaf1e9d4e548d99615156f156008418c1c41ff2bbc007cecf8f209c73203e6df89b32871de637b3d6af2e277d146ae03f3404d387b77":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"45cc35311eedf0ba093bf901931a7036":"fed5084de3c348f5a0adf4c2fd4e848a":"6e210914e4aed188d576f5ad7fc7e4cf7dd8d82f34ea3bcbdb7267cfd9045f806978dbff3460c4e8ff8c4edb6ad2edba405a8d915729d89aab2116b36a70b54f5920a97f5a571977e0329eda6c696749be940eabfc6d8b0bbd6fbdb87657b3a7695da9f5d3a7384257f20e0becd8512d3705cc246ee6ca1e610921cf92603d79":"5dc8d7525eaad035c19714ae1b1e538cb66a4089027245351e0ad9297410fb3a0c1155407c10a8bb95a9ca624a9c9925dac003ee78926c6e90ff4ccdba10e8a78bda1c4478162a0e302de5ff05fb0f94c89c3c7429fb94828bdcd97d21333c2ee72963ee6f056ce272b8bab007e653a42b01d1d2041ba627f169c8c0d32e6dae":"266a895fc21da5176b44b446d7d1921d":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9edb5231ca4a136b4df4ae22b8588f9f":"c342e9bdabe7be922b2695f5894e032c":"a45c7f8032ac5144deef8d5380f033aea2786b0592720a867f4831eaccc6b85d3fd568aedc6e472e017455b0b5b30cf7a08ea43ca587f35e1646ecd9b4dc774d11e350c82c65692be1e9541cbd72a283bdcf93dc7115545f373747b4f8d5915ed0c42fbeefd3e9bd86003d65efc2361fde5b874ddabcf8265e6b884615102eff":"493df801c57f8bb591955712d92d3fc34518f0599fec8533b2b4473364e1df4f560c12444cf50eeb584676b7e955c742189de6b50b8e012dfa6642f3679fb02bc6d8e08d1db88c8ae955a7946263e06494e17f8df246b672942661e5563302252208f2e00a0d77068a020e26082c291a75a06f63c41e2830292a418b2b5fd9dd":"5ed3ea75c8172fa0e8755fef7b4c90f1":"":"56696e501fac1e8d5b83ef911ed11337d5d51ff5342a82993dd5340bb9632e6606eef68ec5fe8cec6b34ebbc596c279e6cbc9221c4cde933f6d93ae014e3c4ca49593f35eaa638606d059519bac3a3373519e6184e7227d2aa62170c36479fe239cb698bfca863925a4c9fb1338685a55a6dfd3bd9c52d8ae12be8551fce6e1a":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d5fdcb8f5225090e63fae9b68f92c7cb":"581c818282a0905df5ffff652e5604e9":"f1ae6cd7b07f261105f555cf812a1d5bf8dd9aac07666318acffa11abb77d0238156663acbf7543825b45c6e9cddb481a40995ecd78bb5f4cba5df7c7efb00fc19c7f45e94d37697aca8ef368b99165393b6107f900194c797cd3289cb097eb5915f2abfd6aa52dd1effffdde448e30075a1c053246db54b0ec16eadca1c0071":"d39b9cba95e3a3aab9bc1d03ff475c04faeb5b7f0510777f39e5a05756606eb7ddd154aac035d9ddaf3535629821dd8f014dedd52cd184f52fc706e3c89a3a271398c9125d9a624dafb297a56022ca2ea331ea7359ab5e65f8e14814788e64e0a886a9b1a0144bf268fdcf9d94c3d10a0452f40111da9df108252e9039eacea3":"827e66b5b70dce56215cfb86c9a642":"":"cec11a12e47fd443f878e8e9fe23c65f29dd2d53cec59b799bcb0928de8e2f92fe85c27cec5c842ef30967b919accafe0c0d731b57f0bb5685d90a3061cb473e50e8aeca1346d1f47f7db06941f83f21ba5976d97c28cab547d8c1f38387a04b8a0b212da55b75fbaf9562eeeabd78eadcbab66457f0cd4e0d28133a64cb063f":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"036198cd3a3ab9319684d0f811cf2992":"47dffc6b3b80ffef4b943bde87b9cf3c":"ec4de476cd337f564a3facb544d0ff31cd89af4c3d9a28543e45156189f8eff8f804494dda83a1fb2c30ce858884a01ec63db59268452b1eea0f0d48280bb7340eaacc84509469dd94d303774d053d7ab4fb5f6c26581efeb19165f8cb09d58ec314d09ab8356731e87fd081f661e7b2d1a7c3aa4af5448a12b742e7b210b0b0":"6b95b9e82a695fb7b466ce3adb536f525d8314f95eada39efb49baf121093ce7d5439f0d8223e03530b85accd388a70650ca9f7e63eb32afecb7b1916ed9b762128cc641caf3e08e027c3d88481d653b6b15172e977dfb9b3f88465911aee162501cbf8501ce2b66ee151bbfdc23225f638f18750c239d62471663e5ee2a5856":"6cf68a374bea08a977ec8a04b92e8b":"":"5c2f7c408167be3d266ff634e1993fe291aef7efae245fa0b6b5bde886a810c866ae6a078286684d1b66116e636e285f03646e09f3c4ed7b184e7c171ba84f3bfd9500c6f35964a404892b4cdcdd3f697fc5b01934a86019810987a9fea7efca016049873f1072f62df3c17f57ea1d88ccd8757f7e3c5d96e8a18d5366a39ea9":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c9fbbff8f25f951ba874dfc5ff38584e":"1c1fc752673be6d4ff4cc749fc11e0fe":"abfde0b60acfe265b62ed68ebebc1f5f725f155c4b8a8aeec8d704701c51ff7817060c1b0ce6b80d6efc9836c9ea2bc022ec67db4cd34e945e3a1b153fd2e0f7ac84bb4b07e04cbb529ee24014b16067f9f082b940c9d5e54024d3e5e910310457478560721587da7b5343d89eec5a8fce389c01185db15e7faa9a3fa32e8ab9":"ca401071396da00376add467490abc6e6a7d8a85852026979f7013a09cf689113c8d833560cd6c5b8fdaa8fdd818e773ac13954839a0a2c91efeaf4e0e14de43308419a8b86fa2ae600a88a6bd39dfaabc16a3c7c1b77a5c2aab7f7caceb2f8595324125efbb7c96ba16c47d0bd10568b24bf445d72d683268466e68e46df500":"ff0b2c384e03b50e7e829c7a9f95aa":"":"239637fac6e180e71b2c9fa63ce8805f453d81499623ec2deba9b033350250662897867bffaf0c314244baf9e1fe3e1bb7c626d616bfbf3e0ac09a32aaf718b432337c9dc57c2d6fc4a0a09bdc05b9184d1b90c7193b7869f91e2caa8b3b35c10c6621ffae4c609bdf4e4e3f06e930541c381451ef58f4f30a559d2b79b0e6b6":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3a314ec178da96311e42334a616fb38b":"d7ea27c819e3eb2666611bb1c7fc068d":"db8dcc31a5681f13d56abd51bd2dcb0d2b171628186e215a68bf16167b4acd00c3441973c3fa62fa2698ee5c6749fc20e542364d63c40756d8bcff780269e5201bafdced3cdc97931d8203873431882c84522c151b775285d0a3c5d7667254c74724ff0ea9d417aa6c62835865dfded34edd331c0c235a089427672c5a9211c9":"518b3f5384ab54f80497d55be7a5d6902bc7718386212c2ec7537db331514b3838f104bf9054e03039a4cfb73f41e5d0a9648e569ed738cea8d33917430dff6afa8f07a75e324b9262fa196a4439dcd66b0535ee5bea0d292600227c2a79ed03be0671740e5cb7b306d855612bd3abcbf02cf7e7cecbb6cdbb33d57b4e3234a2":"1e774647b1ca406e0ed7141a8e1e":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e818372a63b7e2c23b524e29ba752bdb":"36e617e787cb25e154f73af1da68cb06":"71801d69796c2ce36b043c157aec9fd2e06fd1ec596126d10c26b6d44e3dc36c4fa30a030d65c382b6ddfd958e71fe9c16732e595137a3d6764c15480fc3358e9a113ba492b31274663f5842df5d1cc6bad70e83b34675a4411e2e70755aede0ff5035601be130562e27a20283d6f144ff1bdb5276dec05fad80d51b28d50688":"c1bf1b702a95ceaa6b48a1cdd888ae51f58a9fc3232bd6c784529a83301c6d0cdda6e605ad9a2563f54a8d59f624ae7c589e48b85041a010dcb6fb8739d43e79a456fc0e8574af086df78680460c3cdc4e00dc3b9d4e76b0de26e9aec546705249fa7e7466c01001c2667eaf2813be1f0f116916f34843a06b201d653aa1b27e":"3744262bc76f283964c1c15dc069":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a04f16882ff45816739d1b6697ce8b7":"66f504d9a9128ad7fb7f1430d37c4784":"f641c53c83c4fb1ff8044bfa97cdf63fe75d8159d65b3e5ad585b89c083a53cf4a2f7a58eaeaf45fa71f2c07bc5725a6b03307d7f32884a133a4c803700bf1e12564b98b71f63b434ddf13ad2c467dda25ffa6effcafa72452b20c34cfae71e47096f8745b487e9f1945f5bec83f7ec2709a13b504d92315b1b727a78902be84":"6a4f3dbb3371f64258fd1f831349e745a4e19a33aad794b1de3788729618beed619586092120e9e5dc3ac6e0d52f991f7be61afbfaa4399ac716ad79a2734827254b1627791dc92a128a6f43426b8085dee94242e83176a3d762658f18ecc1e37e3e1531648c9caed212ea2cf3b3843cb92cb07730f30fe2dca3925470fadd06":"fbb37084396394fecd9581741f3c":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"38cf029a4b20607030586cd2d82146e6":"6330084319e2bf32cd5240f4826944bc":"80746cfb0127c592f8164d751b0e14a5b379056a884cece7ee4e9b80538d7ff6be56a3b19c135786722aaf315123b47672b0251e87ea45f0fd3601cf93f9efa6cbd9ad537f54d57f1e187f821faac24096ecec19d137c9f4cf145c278af4cd8de01c7758784fda06f1cc62d92ae1977786f3d0645714ab4ab6f48c8794b12f73":"f4c9f4476561c9ebdac71b282ae6e2f9f03547da98e66d4d857720db2fcc9ed1f363858db34c9dcaca0109d7c81db24150493115f2bb6985efa8686e3d2ab719d33b230aa4c5c70696bf42f225fb3c6704711c054a882d89b320884a78cb59cd2100496edf4010487597fb9135d8ca79693a43843e9626fd6c64a8722b3a27dc":"7b021de5cda915ba58f90ceef4":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cf4d81fc5997c744a572bed71f4ae609":"bc4e20c56931c967ce8e3b8f5f1c392f":"b6b8294abf7da5703f864721f7904d3821f5568bf4b269e44edef4f1c95ddc172d83a06c0ad9f7f1fd2e292c17a876392bc5bb705d370b2f16ff721bef7648f423346fd3a4d762676e6fcf2d690553a47224af29afed0f452d263be90eb8150a13d720f1db6f1abc1c2ec18cfbf93b8ed3c5aa7cfc1dcb514d69f90409687a4d":"f3d65d70326e641fbe7fd945fe9cf66c74f17d0d1020ae8ac488f39b7285c99d8632bc2201960f3d77daccfecc04428abe0853aa8d82b90a93127c72b2d2af53f7f1bd0afb99d50f0b3b24e934ec98eddb278b2c65866442cebf10208c7ce1b7ecf764858480b2a269b106fa6d2428d5ad17612e53e62ccc7ad1184663aeb9a7":"0a86142a0af81c8df64ba689f4":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d88ad40b42ead744f1b7a36685658be1":"52c3158f5bd65a0a7ce1c5b57b9b295e":"dde2663335c40e5550ae192b843fa9fb4ef357b5c09d9f39dafda3296a4d14031817ee4dc1a201d677597d81e37050cd3dc86c25adbd551e947a080b6c47ec7be8a927ef7920bd1bb81f2c59801a2b9d745d33344cbe4838bcf2eb8dce53ab82c75c9bbab8e406597f6908aaa81fbbdef25aa69116c8f7a8cdc9958435aa32ac":"e99d2566fe6bcb2a04d167605db7c0f1e5567ff2d8d3292c15bbccc5d1e872bcb15a30b3bb8b1eb45e02fba15946e6bca310583a6740845a0f74f4ebfd5c59ced46875823e369e0447cc3e5d03dae530adf3c9846362c94e7f9d17207bf92d4d59981d8fd904eb8b96a0a23eb0f8d7e7a87e8e8892a2451524da6841ce575c27":"7643b3534eb5cb38331ed2e572":"":"6f87f6be2f4e7421aa26fe321045d1e23066a02158634bef35890581c92367d0bc232940de30974c70a66c60137a9f3924d12db1e5bc1b0e7131ea3620a25eb805b7d670263b82c8bbfcd6839305025390fc17d42d82daebe1b24f73ff9aa4617e3866785dded88f8b55ef89b2798ea2641a592a46428d9020f9bf853c194576":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c3ce86a212a30e724b4c624057db4e79":"9e03f0dd4cb2b3d830a6925e4400ed89":"92c48a39d93ea3308f55f6650d33fdf17a902076d582a94a82ac99496de9f62312292b844bbca5a683ef0f0710bbc1c7f89cbcca8f9c0299f154590d32059bd99fca5d78c450ede0d11d55075947caf2151218ce7a06c1e81985a7781a3444054170b457fd7ba816026310112abb47c8eddfd3ab7f679a0f60efc6c6dd3b759e":"3582ef7a9565c9a8e4496750ee5ca3e3a80df6238f7b7608e3394ec56d1360777921da039ede34abcedd01081babd496ba4de74a7de501181d6bb2022a6cc7f79d89a4c6a97676fb0f2b42f70e2d0bc1eaac364c3646df4f611c1d6b09737451b81b5a4da73c05fb58391c74e44498b80b26f1c29562d23c39b5d3f086b280cb":"3230fe94b6ccd63e605f87d0":"":"052347a4273cddba65b2a0b961477f07edee440a9117ab204359d2dd45ad2a6dad3b60ead891e7da6d79f3017ac90f95725a0089f04d25ce537bf53b7ea8e1ea58692d34c221db141e2a9fd7211adcee03ef8b5bf3c5d36311d20bb3d81f70f7e7272d0e2b6d12293b1a2c31b70f140a8f08d98c6231a3c429c3d0a10b2e1c1c":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a0155360b84420b5bf4fb410ea02f31e":"46f0386be7363887e7e357376305eab5":"611bc290f91798ad84f0a5ecb5a7cb8fa35e9ab6a5a51c9869a68a076e96f92c9c117595f92cbac5d33343fa2accd2541473907cbc54792c5e215ae857424c921b04ca4b81376bbedbfcc0e565c118f2aced08f247698eed5e2d202c48245161cabeac9fa195219f9799fa253e339561e13012167f1d02b4012b7791b7c863ba":"ecdb51522fc440f7471ea6a31f7c1ef1ec2153e5bcf6303297dbf8ddb3830b45ed9866157375ce4bdeb5e32fcbc6607984fccd7e6552628736608ab13072856d432ceccd3e90d1bb52ca9ada9cee90eb89ac10e887a1978fd0fb3d7bb20caaf35539e150be8044b725b8427c4c4a910f79980865d36344a8784bcc3d58460acb":"ac5addcc10cae6c1345520f1":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"694f621f594d96b16c32254ff06f3f9c":"542db4e107485a3cd24c7ad337a4f1b5":"27b7bfa5eb34ba376e515e58ab8b6556c396820d0074a1fe3b984945dcf5251ca450456ccb4bb66ec739b03fdc5f72d24553e843255adc012d1f1c95aa3cdac5d12926465354217203052cbd4869a8b5be2e01d0fe66b5a6a8da0a2ce351557e2991ce77baa812b9c67b8e1c5a1fc348710e1a73a0fd49acfd538b7db6bef8b3":"e61476b8b7f101ca6005f25af2b9bee795d62720bbbf59357057ca7cd473e00f0d465255fce8d6164657603323549fb4e3d33fa51054b1a70cc7e492916dea85453e9107fe781bfeb4a622c5b2306a8dddef99386dc50745003aa7220cd7f32fb0a060fa7682576769a48f9169c7d11fe0a8a61b95f5d6dfcf216f7d0c652a84":"0bdef4d771a1740381e7db97":"":"8b27a338fd2153d304f04655e09bd9bdf4468890ecce1e3b51de2c9a25a8d9336a9acd753ce270b1fe8d50196feac68145e0fd59c9cb3aa7c1e8af03494bc4279c6e287c849f3c775ada584ae173100946ae6921ef7c96bbc6f216093548702cf1867bb1bf1f4c9e90a34230a2b2aeb584622dd615023a43a406e64428bd9170":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78826a5215a1d5e1b39cad5a06861f8f":"feb9d740fd1e221e328b5ef5ed19eff5":"ca9411b368d8295210d7a04da05a351d287f2f67d978ef1bb936de9f8065473f6fa11495da2eab13a1002231c86411d5409bbc718e2042ee99e013b1df1ef786e9fc1f2d43293c854128184efb9317c4ef82a002eac8b28fcd91d8a714a3aa25fc3c0ae4af9f4bcf5ad19a30cd8ec4b1785df70aa92074da419abe433dd4c435":"0fe2c798d7015d3e2f8725648d95729c45d357dc0c89fc63b9df5a68d3e65419540f663e9190793a29c58c495d5c6a731782acf119e2df8a96fb180ad772c301d098dbc5e3560ac45b6631a01cef7eed6db51f223775d601d2e11b9baa55e2f0651344777e5a03f6738a2013626a891b5f134f07b16598b8cbe3aeaefa1c2a26":"a724bbb295a02883":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d450f5253251121606e56687952bf2f1":"fe7ff90b020fc77d7fcd90bc583850ac":"a3bca9ff25a60006eb18f993dcdc99681e414e27605264dfd25652195d7fe1489550afd07fc7346b88d93b59eb6642913646e93bf50ee1db5dd30106cf181124d8ad01c72ed99038c9798620abdf5c78c419b08c97f982b34d9e9105d9aa4538afcd37f62e2412f14f7a248fcd60abaf2b66cd4554767f99030f1a495d56a5ae":"479b4f421bd8ac7f615c4a507da187cb5d4b1f1e2c6113d1f9678c1ba92dc5e17c5b525d7f3208733223eb82af0820b8476e9b08ca714ce044417b24d2238720cb8ffdc69db558cbaff52e3651b400e16c9d5ac8ed8949a19c35516f80394a04bd1cfdced7b204f779d792086e00b2ebca2f55a1140e85f5ee9ac7cfc5a31747":"6446398aff73ed23":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90a59f6b0abf932311f0b65623c17740":"20778bea82a6717038e7064f48a31981":"4022d04f1454a72d2efe57533bd32757595220b20f3a37d166cec0412fb1eb2588f939ecd906c805f4827338669888e9f730905001eb1b136b95e306edf70d9ba1e5cd0aa13a25a1f28ab55cff36f9cd7036c735e3b285d26002ad2ed1074b566e252ea3ec8a9ce10882375dc3f1d9676e301dcb179eaae991120b796cc35648":"be5a948a771a8df12adaf74d702f064a75f6483c03203365fbde7d184844fe6dee0b84cf344be05b1d163817ba1516fcb87b9167ed81f884ada73b0058e2b38cba515bbbe462f4c21f8de1d41bca2cf4340aa659f9f07886c2bb620d9c3295318c07fa3c17fe8242409359c08bcb337e5cf268880839b6a20f4ee4b3f04e7024":"dc77c1d7e0902d48":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6be4ef629f0b38194c74f7b66418922d":"fb77a4b9b246271abfc656433f87628c":"e5d5227725a19a3050fbf2a97a6e854bc1218b94a4a3403b721ace3447daff68fff5553a26edd41219e68fb61fb9e964d0a3c29796251ae4eb942187cdc55d13a09dfb487e93d9e2072d7271456a77c6ccb81154443eea176314d6e3a08619b52cd880f1c28ae5214ac0090a3855dbd74f87389fe8afebd464330fb683dff81a":"b67ea20a320f4ec0e4185c62a4ad79a3c97a8189a5e4d1deff9d3edff0f9a9323532853c1a2a2c1e62e4d1afebfcdf1d8461921ea601750380e63b912d8b7389198f976851d88a19f1aa32c97143668ad00838d98da1c4f2be0e6e2dc964d170d7f7ad2e2997982e5ca110e744b6e10c24ca18eadff6b129b1f290c8a7e0a593":"3d8fc6fb":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c50e37244931e8debc12b3d561c83ba2":"6c0b1fd7ab424a6883c36457d1b5521f":"516dc25f6452ae169ce293c5cee440de47353ca5ba770dca0f04175950e87a2d4c3f84fbc6eeacaac436853492929680066f959e74de4b736ab924d8367b90aaa6e9492561ad4b5aa78b6737d562e960edc3b983e2e01a186e9f22896f48d8dfcfb6a42cfe2c6006c687a27772820a1e8875bdf09e8104248ce4db883376bc04":"b9abf0796f2d2f774735546cf809030f65ed0c7f6bd469ef2fe0ef32aa0225b57fbce07c36017bbc1806a81ff1a429278160a07643f864485b4e0e35d57553dc1a131e32aa10f1f91d663b10f0a418f472ed7b4bca54fd7ffdbb22c4d7764d94a7ffd04730614459431eb64335b9b65363de292c04275d40a7b968c0f5c486e9":"7d4393f0":"":"962509e494f10269b70ebad02b0cd799d1d41191a734863ef502aff3d3ba48dc2acf9da9a3fc3f40be4d210dc5e128bc00499aec57aa0a4669863165428687b88d46fad41e36af8ea6605586eaa5c0736d0d53b9d523e0cb5a0b285048e060a73cbf4b587d2cd787debdb2b4c8cda731a61a15b19fe8b561fbdd3a7373853ae1":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8531ddb03977383405baf2ee9ca7d64b":"baf623867d6a25fd85d1f08e599c0566":"18f92cdd37dcd7f99b06838f3f68748aba367baabaebd0da9ee787d70e752fa07dea553a43b643b8d8f460175c0746675205e20a7a98acfcac864d7c4cf5ab4c41c031738c76882acda003c5af47b1c4df8894a827a317935d970d4afaee17715c9cfd1883e8c345f19d1f89e229b8edba6b4f53b86d8da1c0f159afb83b6b33":"d90c9e26509bdba9b1dea8d2b94f2b1881d22c2bd756ad23cd61944710a1c1f2807170ed47a6870ae654e44757fcb3822ef28b37946cafc07284f8a0c22ae3552954f0d87b8d8c825bd546935b494cacb4262d9e2a88f254f200ad31367d8b3715afbabea5f34214ffedb14d7c84806022aba2dc8f88a314ffbb24017d1a9b9f":"2fc9de46":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"862dd5b362cfa556ca37e73cff7f4a0e":"81530a243655a60d22d9ab40d2520447":"":"":"3b9b2af54e610ed0b3dda96961dd8783":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3452b7bc100c334292e08343f139b9d0":"8f92739a30fe4ba24079f5d42753d6ac":"":"":"0eeca69f8b95e1a902cc3ab1aaa8e2af":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"31a0cbaf21b943f8badc939e94eac7eb":"d5bb2c4eaec47088230972ae34fcda9c":"":"":"580e728512c8e44fbb3fe2c498e05323":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9e8fca537746e7cbff97f1dcd40a3392":"43e9f2bf186b2af8cc022e7c7412d641":"":"":"4465a3f9d9751789bcef5c7c58cbc5":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"35b5854ca83792ad691dbda1a66790fb":"cff61cf9b32ea30cf7e3692aa6e74bed":"":"":"726793199df533dd9055b0ac7c939d":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"07259267c1c6a015437a5d8cfa92f9e6":"18b9cf2ad7ace6ec1c8366b72878cf20":"":"":"4340f6263f0ba2d82c2eb79cb0cc7e":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fa1df8955aa3ef191900b06e7c1b7d46":"6928c138c98a4350c318fbdccd3f44ba":"":"":"7c89d9e77515d271b6ed54c9c4e3":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c04200ce41ce77d772babb206315ec7d":"a885d58f0f38f9ff26d906fa1bfb12f4":"":"":"9ee0d025421f2bf18caf563953fb":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"650df049461be341c3099bd1613dcead":"8a4ff6327b49d297248ce2d5bd38afa8":"":"":"13f067ef0d7b448d56e70d282fed":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ee61b5bf5060fcc637dc833926898508":"b2dcf21f9ffa4a883044d29f087f9b85":"":"":"9ab1d66666d4dea3cbb5982238":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"01cc56ca7e64db7fbef66236a5c49493":"8ea5b63004189792cc040ef18b37e550":"":"":"d685aeb54aa129a21bed17766e":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"134dd72ac8e28ab46720c2f42284a303":"c6368e4c0ba0ec90fa7488af9997a4c7":"":"":"4ad9cdf19ff7d7fd7e273efced":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"180c04b2bde6901edcda66085f73ecd9":"9193b206beade4cb036f01a9db187cb8":"":"":"530f5e9ed0879ccef3a7b360":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aaac85742a55ffa07e98106d6d6b1004":"630cd8ab849253c4da95ac80324ecc28":"":"":"37911820c810e3700c3a9321":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ab663c4f8f2fdc7d5eabf6ef26169b4e":"86e6100669929e329a1d258cd3552dc9":"":"":"958d6141f7fb2b2dc7d851a6":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd756d49fd25380c4026ea03cafc2da":"6a6f7e39b0d730ea1670e13d16c12c28":"":"":"872ef05a28da5ea1":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"bd8a834b288bdc7578b6c6ab36f5d068":"aa77de0af5fa4dd1ed2ada5cb94813a0":"":"":"c5c094e83755f2b6":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"020d280dbd06939bbb5e6edc6f6d39c6":"09aea6f0e57598452719d6f63b6fe5a0":"":"":"05d6c56ba601e85b":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e47f41a27a2722df293c1431badc0f90":"227c036fca03171a890806b9fa0c250d":"":"":"86c22189":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9d3e112114b94e26e93d3855d4be26bd":"99b98525160c4bb2029da5553ff82b59":"":"":"33bee715":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5b4b7688588125349fbb66004a30d5d4":"b4ae363edb529d8b927c051cf21a2d9d":"":"":"6a920617":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4b6c5b8e21c32f36b0ae4ef3b75d5cd":"3d1036bf0000e6f1b77a799f2ef32dec":"1cf2b6cbe86a87b4b5bb3cc50024aeb27c48143658d47b41f2f20b87ed67bd6fc3b85a3a803f66d3576608f5d6ce6cad11e02fe12de5390722dccb8242e1dd140051bef51aa9716c860d45d45bca6effbb1a4797e6e7406a04db5d823766c0f011ebc28e9a8cd4446ec8a75ea8bdc1b2fdbb5cc364fa9877886e30404593df34":"":"a49725014c214ef7cc2d28b9b2b53da7":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"":"c53d01e53ee4a6ea106ea4a66538265e":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0c88b191ce6e8e4a3941f7960b7eae5":"e2a899961c332c815685c553351fa519":"308bf10570af48d632911f3641dea60d78046211c01a63bb8e4e5cbddfff8841d2f2b11e18ccb2170805ef4cacf7804d64e0feef40731a1704907f33b77788c18ccf35b224ec3046a67664ac9a3481d2385b6ddeec6da4f32423f94ea9663a5c51cc388cef33744a8159b4fb654dfdb5092718bf926c824be31197f07f276b5f":"":"92604d37407aff33f8b677326cbb94fc":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c818dfa0885a09f65ef78712f5ce6609":"ca279284723530fdd68ae880e0ce775c":"2a562abdbb483ca5f355f9cc1c5e607bdd624a078a76b717ce0f8f35d0d4c54b629f372f15d20c848d01420c6af5a7040d42063704a17b46259dcc53723caf2d4bf556143ff9117c752fa4f22c9c155c99b7bf5949d089cdafd562165b9cbf53ff51cec21f49128c8a599718bbcdb4a5d705d20509c44c8945e2a133164b9942":"":"20e9a3a98d71d460743e1efaab13c6":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2354c6b6afaa883e7ce91faca4981f8b":"604f2730c756c8c39a0527093bc2feb5":"959b4b0b9ce2e9120b327d2d090117553999ee10bdd384a546fc6de0957ef4b447daf07b3d07ef7dbc811f36b0fc09a175d26e4d1263cb5e21eda5ecab85d763807bb20b3cb6ac3f31d548dff00aae058d434ebcf6f7e3a37f11324134f453dd0ea7f51094863486426ff1706129a5a93c53d8c5ccb56cafa5881981fe233cb0":"":"3588c9aa769897dfa328549fbbd10a":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0af48e6aebbb6ff5b7c92bd140b085f":"d210d6502a5221ac1274a9c7f5a81725":"d725311ca10eb4b4aa24e6dd19c5e72dc34fc1ff53feb25d924a9b7d8d72205790ca4b1275bd93ad60c27a5587a45659bca07c111e9748fb683a03465153ffd735b7d134b479674ab8596f0596496fe2090f623fd1e4dd730c5283d8b172db8a25df42d9b34f388ed32676a56b8ba03347e47379702654508ccd0a21ff03516e":"":"e6222f068a1e18f09ba6c771eabd86":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a05fe482fe164b2eca7f6c3e377b39d8":"145327bcc10335fccb93afbf4b17e6e7":"ea6f2e93b5e1bf127d40440b8d6397405246b1b48eebe16964f18928f6b4b8ee2c36322d7126905c1a5b816996e340404b586edc2d77afac11a6c1266511f9eff1a320b035442d4078f8e42ca63cf26d12a971a7adf4645d1bd9a8e4d0a20722f7c2d529beaecc4033f7738075e1cdc6d8a929da5582540678935b82e7b7ba68":"":"3900bde9fa9ae2cbeee54d04f224":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dacbadf819eb16a63f6f091d13ed04d4":"b9ebce724b0dcb0989ac2d8e7ff8aaec":"7dc6e2189d8a96f3507e352e05e8fd1b4bab988c2f1c706115887119f63b78084f015d85f6b460901a02880103e4d36e8f6527dfd74e4a3acd3f578c0cc726b528875f701ff8b66e5c11b4689c346a098e123bebfa253362cb86829be73c2b85a6881fa976aa730fabb76775027feec7fd920a6c8965a4a509ea812d7c413a95":"":"8988fca83c8cfb1f8feefac46f04":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"969244c7444f3f3bf193b28f8e8e96dc":"49b2845a1a1c87fa66eb8f78c05ac029":"1414a07e86d8b61d1eff43e1ff4ab42c1c95e159058b74c731e3007d21a5eb78bc17b7e920363a3974aeb8608813dc9a4655199b6703ed337450702d8ab16a89776831b2c7c811fec3acc23598a0aa01680a7bf42a4e258145beb08c9f0eacf2bb5f56d26bea3ad11e1a956a630b80f3d22bf35592b4704f7c464b08b06dd7f8":"":"a291c7527385f037f62e60fd8a96":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"525abe490c8434802b69439c590a5290":"141f79f0501316e66451c41c7af0f0cd":"be440db66d3f81be467605a7b2805ec1df5e71e1b1b04bd7a4d05e912f5aa1912ba08de72df18613b32b7edf78963c48c80c25178b3b19262b85bb829f5377e0b368b500d6d3b442f54172d4ca4500eb5b4d478b602e5dc11d090539455087ce1e5b9ea74355fc06e9b60cbf25a9804d3f8c623fff130abc48bc2d8d116b8366":"":"038c7e95f790e6ca5ce73f9551":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"51644e025659de983f5c8156516b812e":"614837c743d0974e9cca497f13038c02":"60c5d062ade2c5c2dec68b734dd3e58ec474a586d1c4797fdfa2337800510134cb27a10d501927632af3c1febc275010c0d2e5abee630cd2bc792963fa82a42286ab047b934a261927311b40f5f953bfd661427921147cac7613d95ee86e16326ef67c1ed097e8fb87a78753d785de34e03a182232786079cb6be00182e41c9e":"":"77e3deba2c7f9386f85bc4a801":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08566ca7310302dfb84d76ea0525ba20":"5f20ec9c35c08aa7f1c0e8a20fdbd2b3":"5d84e32768b8d1e7e3c426b3118d48e35491bf1bb454b359c8429220216efd8826be94fe1919409a128ccd8125a594f1691c9421fc3dbbb3f757bf2355bb0d074ceec165eb70e26eb53fa2cb5d84dfae06babb557805ef7b8c61c1bc76137571bcc5e84bf5987dc49013831d78bd497ccc49cde7dca2cb75e7ab967da8c6ce81":"":"873f037fc05252a44dc76f8155":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfb54db96383fa911bf5b4fa1218ef9a":"7e849e24983f63f1194b396bbd2d55e0":"d3fb689c5818810dd104693f3306a10b27178444af26798a194f7c2ab31ff3a172904b951942b1a26c8ae5b5b1ee2d86dc78bb72a335fde350766d7d9aef6f549871dd46b04b2cc319fcdd47be437d431ad18cab82d51ca9fa57f4108a8de622a92f87d28c0349fab27757fd773413f559a8c00d30e258c1f6cd96f9759bd957":"":"dada7fc7fed58db462854ef6":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"389cf888474e9403e5f4d0e22ffec439":"ef57794cf6fac9f9cea3e8499b53b1d6":"7ea7f7f4763ad208eb6199285b6b2819756c4e3caf2d0ac6f5076ae6785fecdcc4b138a51860ff8b87aaac3a18c2df778a4818308d458dba28f5017513e1454f60be20dae68736ea6d48b1f9deadb517df63140acbd329fbfbc9b82f3ca1862c9e998f0faff1d3ae60b005bf66829f5cf0c5fa03efbdd92d39351e3954be0257":"":"92726d90ad26130e65f2beb4":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e55abb2ca36c822bf2a030ac703cb8b4":"d86f7177e8ec90f9e9edf10175d5012d":"777a9d93091de56324c10712243f5541722e0b27e1f303fef6faa387a8666161ab354dbea6c43c82a24e8623bfec39aab13164add6be0dfd55d23204c0975b4ba6fbda51363befde482a9ccc1eb9f151e6ad59c77a1e24dd268389e4686f198a936dd603044a3fb653d63cff80597f5a2913c8a2ec1b7d9dce5728dd56c78c2c":"":"65025250343ed8c09b3fceed":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"586114f3b1dc087e1b2739b28c592dfe":"ae5a38ddd455505284434a4bcfe81ef2":"531ff8c285e532d961f49bd210a5523cd9b19a697a3a3fb26db940a496f253862405b1e825daeda7eb0445c98022b8342c8f8ea20301618483f8ab04b6ebccd7e7fc57878fb544a5bf78fa896f50ac30126ff8afca8a86388666b64c643d16812729bfd7e5c03ba52f7e6ea4c6a685404f7bcbd956964417fa0ea9a6d7290c41":"":"467a815610faeb82":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cbfe806bddb7f06b3826b097550c68f5":"04c1b6c9fd2ab76fc2adfe15d3421bbb":"cfa86d02599652cb4ffff027b9c6ef2336dc9fe946f64fa5ce83f624e144563d4738381bc5371c3cb55cf41ceda07e62cb635ff37246bfa428785229c6e869d5df69d7949a8577889a29e3d05b788ddd43608d9c14e3f1b51ce2085b9a976fe843e3396a74922babe6797d5f01c37ead623b5b582505bcd29edf8a6ea36b0fc7":"":"0697ac372a9acafd":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"96ce3a095a91effdd91d616f1f02ddcd":"579d6633ec6687afa24ef874899b58e0":"3ff3c0038148ed391b6a10aad623a82fe9209c5ba74482f11506d597b5fc7af977235d8ee9e28cf2160346ddd0e33a5bd1fb67b87dad7167fdd4b2b4000d8460ef7b3e1b59b9d61d06cfbe7945379ed6b650de86f396a38cc70d47b8a349f067d00144c903c276b323be6a929a7d7dd8ae7d254d640cdc1176f98e01a1d8c82f":"":"55a0f61032e048f3":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"24ece168c2971cf2b404ea206dc9e29d":"e9db62a42491664a6c46cbb0b2bafc92":"3579f6c0cb3d2a5d0c4548855c7c052d36b6a8dfc60f4ca1b4bbe28ed87306119e71982dd84c4205ceba918d675472753df1b5192d3693dbf6a061c6056e312135ffc5ff426895a7e30f7f675d2cb21de06eea5e3761b94deef7537b985d324864c9ff6ab6e230a1006720f98c958912b604a6d03e3979887c07be3ceaafc78f":"":"d2b15a23":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d3c3cf993f6740a019e61ce13c29955c":"af900ac348082ff32d2e0ab886079516":"2ddd0e8c99661f0757f04aa79a1ffa24ad48fbe5da68b9e71f7a0cf1b4f2ca9b757695900b7549d48847ae49950dc9b270b1569d29dcbef412216737bd83509c17ae41c34ccda318939cb37a0a380762993a7568c0b07794e78746173dd5c0d921cd50de4b548c1589e142c3dadbad42161aaeda2310f3c6d5c722d9ac69e96d":"":"f2d3a6ff":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5f1e5bd45ee8bb207ebbd730510ff218":"8846424a194f5de858556e6be5b65d7f":"e968947fc0e49136e730b97f6b16e393d5e4fdf3e4803a23af79211ef59f29167c60ead72fd489da32d2ffa43b2bca2074f9d1b4f5396ca65004b0806cb7c6dfa751fb6afbee3e443f3c9b0e3df6722e0d1320441400c5ca508afb657c2b7f1669b0de21761dccab9a40fc513768bd1f552692626ce35078a2e0e12f5d930647":"":"0d6c15da":"":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3997050377cfbb802cc438d973661688":"c95c84c263bdfd5f1de66e7e616cf3fb":"":"b02f0dd373e42c65e8e1db2dd76a432e0b2bf6e630c8aaf0d48af51b3709b175de9a19b3245ae75818274c771c06fae225c4f8b002236712336e805ab006449eb29cc5e29abd82b06c32d4c36ee99acb9a6d7d9eae6ec6ec263c002a22c4a898c74f6abd6d92112367ca7ffe82787c5b39e7012ba22825d3612af3d41e8008a8":"b35b3cf6ed59ccb69dbc9b47a3f284ae":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0bc2bde877e881aea512068105694968":"05f0c34ab2e8e8026b0a23719344b71f":"":"1a6369a45e8ef2846c42d54f92d0d140a94f9633432782dcbf094f1444a1d006acd07ef6076cd0faee226f9ff14adc1fb23e3c63ed818c9a743efbe16624981663e5a64f03f411dcd326e0c259bcadca3b3dd7660ed985c1b77f13a3b232a5934f8b54e46f8368c6e6eb75f933196fa973e7413e4b1442b9dee5e265b44255ed":"46bab9fc2dbe87b8f6ca0ed4d73e5368":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e14f45ba5d1eb52e0412240da5d7b5f9":"d7f8ef12f66f8b7c60aea02ef6ff688f":"":"9a85fda19ce923f093a0c25b0c52f5d9534828af7c7687d22307004ae2d10c4592242c0f2704070307ab55b137780d1e2013a19396ab43ff6a295b63fdcf323456d149758f9a2bb37f1418d62ea6368b24d5067b9c63d2968e06d6586c7e3275faffa005f7c7bfef51303e4c2b2ed4564acd17d50efac9f5e3e7f16ce589c39b":"beede05e4928c808bc660f3de95634":"":"4ad5b9ace0c0c7c07df2900faf37a902899471e7aa4a0a1ad5387f8f56d73f78f619be79a4e253f95b15d52895a05bae9ecffa916d35efacd8baf1c704d2aa4a38c234efc4dcfb191ec0fa0b522328fa5b5dff55e8c443fee660ebe3d8ad85de157a889aefc823720030a4cd6ba94a6309dd61806f0abb27772432018bc61701":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a64579f3601b0022d357b601cd876ab":"515efc6d036f95db7df56b1bbec0aff2":"":"88be1f4bc8c81b8a9d7abc073cb2751e209ab6b912c15dc094002f95a57a660b9f08b1b34f5947223205b579e704d70a9ecb54520ce3491e52965be643f729516f5cb018beeedc68a7d66c0d40a3f392ec7729c566ce1e9f964c4c0bd61b291ccb96e3d1fac18a401a302f3775697c71edb8ff5a8275a815eba9dd3b912e3759":"13ea92ba35fced366d1e47c97ca5c9":"":"7fc8565760c168d640f24896c69758355b17310dbc359f38b73fc7b57fe3f4b6ecad3f298be931c96a639df3c5744f7e932b32d222f5534efb8eb5d5b98d218dce3efef5c8c7ce65738bf63412d0a8ed209071218a6fa2f7be79b38d0b2f5b571ec73f1a91721bd409b1722b313683e97d53df19ded95fd471124fa5f294a4bb":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1bda4acfd10ab635f357935bb0ab7020":"48b77c587616ffaa449533a91230b449":"":"c9ac8d4ef7d83848fdc03664957c28b9b76710797d5db1c21e713e85eb0898892223e52be1644fc7362c95026ebb9c9ca74d7d3739eff10cab1eda00c36628dae0b98d119a14635800e37cd340faa6fbba9c3d41d52722cc3969612b1a8c5ca9a68773f5ee654506cb88ea65fb1eddf5ab6312d0170dc03324e483342448b854":"8325e4394c91719691145e68e56439":"":"1287ad3719508a9be70c19e3b134a2eaa4415d736c55922e9abcfd7f621ea07ffb9b78d8a9668c74bbd548b5e6519ea12609d2d6197c8bd3da9c13c46628f218e7ff81884ff7eb34664ab00f86e09cd623bec248d8898ef054fce8f718a0e0978e8b5d037709c524114ec37809ac3fd1604e223e08f594e7aa12097f7dc1850b":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d21cf24bc5bd176b4b0fd4c8477bb70d":"208cb9dced20b18edddb91596e902124":"":"2e7108fd25c88b799263791940594ec80b26ccd53455c837b2e6cf4e27fcf9707af3f0fe311355e1b03ac3b5ee0af09fb6fb9f0311f8545d40a658119e6a87ba8ba72cc5fdb1386bc455c8fec51a7c0fec957bed4d6441180741197962d51b17c393b57553e53602f2a343a0871ea2dc4b1506663b2768ce271b89c4ed99eec6":"7edfb9daf8ca2babcc02537463e9":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d02e2b02170986944487cba8448f998":"6336077bb83eff1c9ea715de99b372cd":"":"bc1d7553f4a28754cf59ed6f7a901901f04ce62a449db2b45ad60329d0341bb9ba421c783c28a9200b41da8ab6328d826293134a7d0c9a5775dd2735e7767efda4ad183566e0847d6d978abd1a8ab13b16b8323acef05ced3b571631e1e24ad44d65e6ffa64e03c9970e94bacb9f721aba06cda6a08806a3be63dddd8029301d":"0466bb2957281f64b59eafed3509":"":"5f395958f2f7acafb1bca6d3a6ec48b717f2ceeac1b77e1b0edc09a09e4a299d2ec722cc7daf34c8f4121a93c80b2adb20a2fc95afd09320f91085c93c8b082dd703814c9777501d23bf9b328f07f04652592dc5a3f4321626a695b8db8e65c8617c809eb2978d8c9a882ffa82a4bb707c1a8f9a965bdacce5c041bafc94a1c6":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cd1ad1de0521d41645d13c97a18f4a20":"413873a0b063ad039da5513896233286":"":"588c2617517329f3e1e7ba6206a183dc9232e6a4fa8c8b89532d46235af1e542acaa7eae4d034f139b00449076ba2ef9a692cae422998878dabdac60993dce9880d280bec1419803ba937366e5285c4a7f31a5f232f8d3ef73efe7267b3ef82a02f97d320ebc9db6219fbdf1c7f611e8e5164e9ecf25b32f9c07dfa12aa705af":"d4dbe9cae116553b0cbe1984d176":"":"bd519b7e6921e6026784cd7b836c89bc1fa98e4013b41d2bf091ef0d602e44a70df89816c068d37f0c6377af46c8bfa73ec0d5bc0b61966f23e55a15a83cea49f37cc02213b4996f9353ee2b73a798b626e524b9c15937ecf98a4eded83fb62e6deea1de31e0a7f1d210f6d964bc3e69b269da834720fd33487874489b8932a8":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1cb120e9cd718b5119b4a58af0644eff":"5a7087989bfe2f6eddcb56fde4d72529":"":"4c8e8fb8c87ff6b994ae71bfbf0fa4529f03bad86edf9d27cf899ea93a32972640697e00546136c1dbc7e63662200951b6479c58ae26b1bd8c3b4f507c0d945d615183196868ec4f4865d1d00bb919a00184e9663f6cb9a7a0ddfc73ee2901f7a56ef2074d554f48cef254be558fca35651be405f91c39e0367762b4715d05fa":"95d8bd12af8a5ab677309df0fb":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"315b206778c28ed0bfdd6e66088a5c39":"7ec6f47ec56dda5b52bbdaa6ad2eb6da":"":"6186f57a85b65f54efbf9974a193012b1396fc0ca887227e1865f1c915ac2af9bbd55969f7de57ce9fb87604cf11c7bc822b542f745be8a101877a810ed72bf4544d0acb91f0f9d3c30b6a18c48b82557433d0db930e03bcecc6fb53530bfd99ee89f9e154aa1a3e2a2c2a7a9e08c9aed1deab7fae8ea5a31158b50bca2f5e79":"930750c53effc7b84aa10b2276":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e886de1c907c97e7db8ec80a79df90f8":"612cacbf33266353d0a29a24532f3c0c":"":"c64cc9596d7c738746ab800f688eec190a4c802c55b2528931d74d294496892b81f53d3073d48f9bef1d58ce3be26547474cdda2868abeab71aff566fff613b4e5bfed1be1d2fff35d8ffa33302d3da1c82e421aa3a23848f31e26d90c0cb2ac2ae136ada73404ed3e0e1d3e7cb355a11cd2a4f9393b4d5eac988104fe1cf959":"76634e58d8f3a48f15875ac1d6":"":"7001d7395efb432e2804cc65c0ba5d4719ce84177ce46292c4fd62a5596bd2bab1d5c44217ac43235bd94489c43d01618a11f047d2e247062c3b88d6e59adaa1f46514fb33b7843483920bee60a41f3cb312322c305d25251b4704fb66da58637c95a9d539731434f60ef44fe3cd6d37e2c8e7089880a563938dcc98b43f08fd":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3b936e09a6477f3bd52030a29df5001d":"f93105be83fa5e315d73acfdcf578de7":"":"65cf11d1afad19b34f282f98f140315992392f5d4eed4265085b29e1e5553f4783fec681ba2d368486ba6a54c00e71c82c08ca3d097904f021ce4b0acba2d2a7005e28e5f8750ea3d18a4f78363c37583e85104234498942c639a0564b0d80055c21cb7735dd44348298291ab602f345b1d74d624750c0177fbd5cca6f99223b":"91b55bb5e3f3f1abcf335db5":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dc9e2095de7b1b48481b56bf6a3604cd":"9e5268db19a1b51c0496a160ca76f8f7":"":"ed61ff94a3f84c72147faefa615e2df00324fb01790cf9764c72c1b8ba47f17866a1fd64ee5c2f53865d1bc24ec93165a6774466a59603199ee476c1f2da7d932c8943d126aa172d532d8475a484d42bb45fcf92766feafd7f3e2e3d42d22f6f84a90e7e688232f799d80cd2cc152ddd21ecfb137701ecafcb2b65abe2e4e6f4":"0fa9588536fca71bb44260f7":"":"ef562e301fcf923ff1a1acd3aff9b1c963058228655fe8a66cab01396547dbd2aa1f79a22eefc62944b86d1a31ebe2d17130175b8c003d6755b0eb8b79895b0f7f8046c5ae888a067ba17bc8e11a8f6e5023a9cd42f6461966c28e505b371c0f72a2606bff430a58016e99713d25ce11f10391fb4a922e27989422c6a64f9107":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3f93901fd7cc88db3ba76a158d658c7b":"7e98de461e6d96c0ce6c8d8b3854cf49":"":"16402fded879fcbfe9405902aa63ca2a520889e0045f687455469b7bb867829a01208b8dc5dcc852d8ee478993c30e6d9ec6408773b367821310a0ae171d38d71e06981ff6e845acffbc794142b87c748e12484c0636419d79be3d798cde59e9dae0a4a4a4346596427e6b235ad52e6a1b02d6f4df0c7de35fc390cae36aef14":"86c9a70e4bab304ae46e6542":"":"1b4c09569b42c469b3ab6b39312c214502ec09f5fe2fed1d1933d13cdc6a7b77a5d135123fa69d9207d6844b0357b26b7a2f53b33a5cd218dacda87b78b09cf259e48e74076812c432e2d0833fb269721f9347c96e158500f9b2283342a35c8de0a022edce711118d72d8fbaa354bfb0ffee465844ef2d37e24ec2cea8556648":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"42289f3d3cd5838e250ef54b128e60d1":"e557389a216ad724aafdab0180e1892e":"":"3edae1d554b67d2036f5fdbdb2945cc112f100adc1b47009c2e23f6a2eaee78d1f39ce8a98f715853cc29fc793fb6981ec3036834188dea7d668185ccc8642071b15de1332f6a59c8a9b4399733eb4b3d8f224af57ba6b4a8e64494bb6630b9d28e7ec3349064350febcef6a3ad1d6cca1b1da74f3d2921c2b28a2dd399c3416":"6f78bc809f31393e":"":"25c476659cc7b343a69088baf868a811ba37daca85c4093105bf98235a90aeca015ab034da008af0982f9b2e80df804c186a9b2e97f74cffd70ebb7771d874fcaf12f6d01c44a8b0ec2898cf4493cf09a16a88a65cd77909bbf0430c9603869bd5f20d56cb51d8a3f0a032fc30d925c96599d296b1ec41c2912bda426adea4fb":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d772eabb7f19475665ca2a7e693bcfc":"0747cbb486a013453fde1ca6abb11dbe":"":"e9fc4d86f5b857fa6057b73f967351e06f87288c40a95b9e378c84f1a4c0f4b80ed0a0b44ff90a8973be4199c0c4006fc4f5ea19d5f1fe8b9c8c01f4675ab85afab0592bb3daba36bb4fc7ed9eea867e9d8cc50c19fb62a5a57956e9efacebac5e9f849649d35a329bd68de97bb6e5ff7bef477a86765c2c9ec15e24cbba5c6e":"8e761ffaea68f967":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fb7fd753ee6eaaf283a42a121dab4e43":"8164929fb54485377ecccc9b9621af5e":"":"fd5cecb2c0287cb8229e97d9cc4b9885f428710528884ce663ed1728cd44cb2df93e56ef17ace0678d1e341366c652f4ba7ee45797d39be4a05c1151e5cde499e13e5d45549b5d95a174d03616d06ef96e9d7b2b6bb0d79a726b253dd64223a5f09611671b234ccf9b383952f8888814b2c167e774cfbf54e9c6b99a753f4fa9":"40a2fa7f4370afb2":"":"6208d068be60f7b04b80fc611062e6caaef9a5cf59f850d174b7446c78c039ea9aefe4885e19c2b33911d32ce1fe3c48ddffa4b03e450fd35da03f40c4e7c5bb3b1c3f3049dbfad3ac81ca1b79cafbaa172f4900e3829d38edea3b64000f93924a801259bc4b2523445c64bc23bfee190b952468507fa4baf6dc2bec66fcf0d8":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30d757fd73a0fd5fa49159ad0653296d":"b35b8df0aebd0608517f2830e0e70cd0":"":"17d485b258f80d8924e35291118cfdcffd86c47851b65f0b06a7c1f5202de82f3f460fc61b1aa38fdba7c8ded375c92cf005afe63e59d362c0960044af39241b81ca24e85c5faa43903229355b7313fee21b992ef3931d9d2407b32b3cf72dd7acbc7948395eb513cb2fd428b215ba2bd1e29c62f45d0ce231884f62480c6d8f":"954c0e99":"":"022618d2598f79104e918a09c937a82b3db59243b5e13de731fcb912e4366105797ce47f6dce7f08073f2f41e5c15fd6b1ec4b5861469a4880c3b0bd769b78c696ff29c28c9349d5a46a6e5ad9211bd4b708a8c0b6928ebbb0dac1c0a5f5ce6b05de6a50073128566a23f09cc1b826aa5803f9f750aa4debf59f24ae9f98c9b5":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d9d3cfd5900de5d5e2109e7721cfeef6":"b4b9dfb013de6f7c44779e5a9daaf5e5":"":"e4243cc37cc32dfcedf9bb76890e706af6ab1e06b290b8ccfe2a55e5dabe68cb390f7636dc9676b431d4dc8ad3f6d989e510194294ab7ab0556789046743cf374d8b6462f5f95a17f3f44337d6c69ee47b0e1ad7e5ce6f9b224c54099a104e70d2d06af869b921ea47febe08f90c591ed49c1f12003afceabd2c7bba458a0111":"2b81e8ce":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"68dc138f19354d73eaa1cf0e79231d74":"e7147749560f491420a2d893c075bb76":"":"ce345567a76bc30d8b4fd2239788221cfa75e1a310aeeeb8c355f8eea57d80967f3047fbd4e6173fac5caeb22151fa607065953c4c35e0537b9e3788cc80de9eedf2a340698bde99a6a1bdc81265319da3e52f7a53883b7f21749237fcfd3cd4f149bb2be7a4ddd9ef0544cfe0789040d1dc951b6447304942f03ab0beae8866":"70a83f6f":"":"64b021612c78b3e192e8349d48b77d02927e7fd70c7160d37cb8ef472f6bcd9df9d93431627c1c80875e208724ae05f94fdd2e005e9707b78a1bf3bbca7beec4b03ddd4d9de6235ffd6d84a8b9a1842e104c1e22df4566f6c4d3d4e3d96a56b9b8a5cdce9da70aa236109b289266036f285564060b204dfd7ac915eea0dd0b1e":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"7362c86344e0aefb0cf0d04768f9c05d":"7e8d12c2f0dcf4f792247134234ac94b":"86d2b5debc3b10495da353d6821f6cad380776d805bd8660b08dcdb1acd87026e4f344b547a4db47b5f44cded314bec4ce9a417ce40a2acd5a21460c42dfcd27483abf3f38dd8cc5fa523b6768a26513df5896435baa97781cff1966e2e3d6ec6d0a9cdc013de5a50e4d46831667055bad04f784024a82f9cd087ae4cd37dd64":"8baffc7836004deb87c0111d47c182512bf861874021ddfcd559acf2c4a51cf5bc4bfdee2d039b9c005b6af95a2607643dcf4d9cd9d62412f709334556db22fc91d7b40438505d6806ccb2f2c21ae731bc1f1c825d28a71ab27095a39985e96ccd07cfb2e75243ccafd474494a2338c324ef533ca5f17d2ac1b1883140342ced":"9594da428fd8c1b13ecb23afa2c1af2e":"":"e2c424f42aedd56f0e17a39d43ad19c8e2731efc7a25f077aef51d55280b10e667e338bd981b82a975ef62bf53bc52496b6995d33c90c7ae14767c126826e3f32bd23f444ddcfd7a0dd323b0ae2c22defad04ce63892b45c176bd0b86f5fa057a3dc371359744cb80bbfb4a195755136a0ea90b4044a45bc1b069f3cb3695c04":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"58748bb204ccb7bdafdbf739b6c19a3e":"93ac298c73c88e127a4d9dd81bf24e3d":"8f168fc4d1da13bdbefae3f9d6ac1d8cb19fcec1f43f727951af0a466d8826649a46c3cb50c045ea83849fce0eedbc042a1a435e6d9d59017997a2d5459b940078b8a7f3b6b0ff279ff8c560248296a17240ff1b0643d1f436b6e3f2079363fc49fb45f410debbdde083b92057916368cb807d603cb82e2c0dc01658bff7f1ab":"b72902c9ebb72a86be539b19a52fd9af00aa4de081d90c0d8ad580ebb5900177a036f40a1e9b43e3a07d715466526d6d7544e5a5551805b62463f956cd519fc99182c2d54bd62fc7ffc6e5ebf1503859b706da11a1b6c707a67a70789dbfc10ef726bd360f9f2347326e068e757c8443ddc9308a171e682359ae1bfe87194ab5":"efba4589d4a03555766bbc3b421dd60f":"":"d5c97a659f016904ff76286f810e8e92da6f8db2c63d8a42e617760780637e32105503440cdf04d1fe67813312f1479fda8d746c8b0b080591eba83850382f600e9d8680516c6579669f0b3d0a30323510f9de1c92512790b8347751994d022156cae64da0808a649d163a0e99e869fdf224b7c1a6a8fbc613d5917eca8ee08c":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6cc13cbd62428bb8658dd3954fe9181f":"86740da7ce4efbed70af55e1d6c10fdf":"be561ac15e3cfda624b422af97c26719c140bb50e4a993d636efe9c7f1963fb9047a0762169b571a698ff310bc417e34d4039b7562a95af710ccc1b197964a376c986fd2ed8ac4b0c7b4e843c37a41366f2f483c821a1823f317416c7e4f32eed9b9dc2ae1a2f3ed32c4b3187358a2329aa42191b7c2fe87b6e27ff20303cb29":"2c9ec982d1cfb644ddbc53c0759b10493206d5186affc6882fbb2ba3aa430f9bae1209db2d78dcc125f3c909a54dd84fdff96c71e678216a58390ef4308bdd90f94f7109c4edefa76a74fda64b201b7a435bbabc27298f3eaa4c2d1393bd584f811fff52638f6ad2f6d86a8c3c9c030d9d4264c8c079592a36178d25991cff09":"76b990a1e010e5f088f6ae90bec40b32":"":"0b9a5f5d2e6852b75b9cf26c1b310b2200e56dafcf3c941478862cdf9737ac8e2cb9b38d41bd4a1872ea1b4cfd51a1a0b9b743aca439eefa10de8459a0a7a221c5429b3dee393f17031ca6c399df8e05657c3db55be9c9dd29e690042a4ed8db732efce7c58d6b20a2a0f7c79e42e5ada43b87ab00f481c20cac1b35514dcdc9":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"286d3f5080cfe88538571188fbeb2dd5":"da6140bd4dc6456ddab19069e86efb35":"5d350a04562a605e9082ebd8faec6c27e561425849e7f0f05f5049859c2c1bd2c4682ebf9773fab6177d2601fd5a086cefc3adef5a2f8f6b5dc9e649e98dd0a3d1a2524419f01305bd0fcfff52d84a20d1b14dea2138dcc54eea2bf263c6fe27c3e7255f1f359d0d00fb1b350d7a04965af30027632520197e85eb41de6bb286":"55135928997711360622eda1820c815aa22115204b1e9bb567e231ac6ea2594b4d652627b6816bdc6c40a4411fd6b12fab9a1f169d81c476dbf77151bff13f98ca0d1dc0a68ea681652be089fadbc66c604284eebfc8ce4cf10f4ca6bda0e0f6634023db6e3f0f1de626c3249a28a642ecc9ec5ff401e941fa8a3c691566c0ae":"d90d34094d740214dd3de685010ce3":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"726ae113a096769b657f973ea6d2d5dd":"2f9900226c97585d200dd20a279c154a":"761663c3fcbf1db12bc25546b2425b8229b3153e75f79fa63958819caee3febff74603d99264b5a82ef5980439bef89301ae3206a1d01a3bbd7a6c99d27d1e934cc725daeb483f826c2c9d788fd1f67a627864cf8b5f94df777bb59ef90cb6781a2000e6f0baa4f1ea4754b47bb7cbd2699f83634e4d8ab16b325b2c49f13499":"90636012ba8c51d16f8f6df3d3bcabc3f09aeffbe2a762f62e677913188045b861b2e7d9a7bd93dcee46e9e4832e497a6f79db52b4e45c8dab20fa568ff9c4ace55be3216f514a3284768a25d86b1c7da5377622f3e90ed4c7bd4571715af4d0a2ab5181d0475f699202e4406bb9cfdbd4fa7f22d0dd744d36b3223134658496":"d095bfb8990d4fd64752ee24f3de1e":"":"9f7759c6d24fd9aa0df02a7c0cc5f17e61622c63195f85dfafa5d820d3ad218c7288ec017821100f1fade10f9bb447a4a01e3698b045548c7619a08f2304e2818a9bf55e70b40f8b994b7dcf0cb243848cf3f6fdfec3ebbb147d01df84a3ec62cd8fa5d78ad9f2f28cd288a35eb49a5172339e9872e8e7e3350b0d69f59acd07":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"73a9eeda721c6f292e6b399e2647f8a6":"c1e80eb723960049cc4448b66433f1cf":"fb2a0b1f817404e74aee0a6ec8f2cd86f0c9114ed367b2690c44ad80f9d3377d7fd5066beaf1daa739d27ed3fba98379188016b1fe901204a174f9ffca370c181aece5e5d40939a0d460913b40b895e78a3b80ddf3d613c05e4e27bfd161ea2ef42271a2679f2cdca5b728ffb2319781c946a4f3ecacf486b754b30bb04ea60b":"215fc7e52abe4c751ca2f7f9a5cbde9ab8b44b8d4054bb62dcea6df5b936145ca6ec83a2b78b070638fd6e5ea3bad5d0caf1b8f755f391c3e0962a92337e3eba575585eb83680075fc818860388c587746af78d5fc75ccd0a63f1612abb1ba0f04a2228ca27fbddba4878f9b2683683f516b6d6fe4f6622e603bd3c5ad45e332":"e08161262234d0d5be22f09e5646bf":"":"b5e286183f16dd9403bec6786bd4836cc6add47947ef111fb1d5503c18c333c8fe60959502f58390d0e0f69fbe5fee13c72aed65fe6e32f6ea45877fe44f8a556aa5157b112e572197c1c350b7943c6cf2e9146018599524d27599f09c86027f2c5927e4a20c63833870e8369baa36ecc07cdb3ced520b5ae46869ff357ca089":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90dbda7397d8fc46215a1218a6ffd0d8":"7be477d14df5dc15877ae537b62e1a56":"7358ddf1310a58871a2f76705f1cf64223c015c4d1574104d2e38783bb866205042f05c86e76c47a2516ce284911f1d2cbee079982dd77167e328b8324eec47c9244cc5668cf908c679bb586d4dd32c6c99ed99a6b571cf18b00689463e7a88cea6ea32d288301a10a9139ed6092ffe298e25b8cfb6b4be8217f16076dcd0a90":"4f82a1eca6c9184240f50f7e0cfec07ec772cad5276d93043c462d8364addd9a652eed385ccc6b0faa6ca679ab3a4c3d0be6a759425fd38316ee6a1b1b0c52c1bb3b57a9bd7c8a3be95c82f37800c2e3b42dde031851937398811f8f8dc2a15bfd2d6be99a572d56f536e62bc5b041d3944da666081cd755ec347f464214bf33":"776d871944159c51b2f5ec1980a6":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0c85174d428fc1c7c89ca5d1b8aaba25":"b3c9dfa4c55388a128fbf62aa5927361":"3f552d45b61cf05ae2aa92668e89f3338a15ec7c5b7113b6571cfcd9e4c4a962043ccd9323f828dd645e8a91b007ce2112b7f978ad22ee9821698a4f2559d987ae4421452ad2e8d180953297156426d4540aff2104d8637b56b034a3a1823cf962bffbc465fe6148097975a8821ca7487e6e6c7ff4ee4de899fe67345676bb1c":"3735cbfb8000260021d1938d2a18e7737f378ecddb11a46ce387bf04e20bbfcc902457637fd152ab87017185601f32a7f906057123b6c2da31a1069c93e3cacc59a359aebd3e31b302e1a1f7d5d8f1b2917a8fe79181fa633b925ce03a1198dac48f4c959076b55bc6b3d50188af2c6aa33d83698aa8db22649f39825ba54775":"1e7dec83830183d56f443a16471d":"":"3d98cabca4afb7c1f6b8eeed521f4666ae252ac12d17ebf4a710b9a22d839b69458387ba4bbec2f6400e0cff80fbe4682c24efcd3b8c594d9b515ca7842c9d5988c42b59b6526c29a99256451e2927f5b956ef262f97c733dfa8bff73644473b9a8562bdfca748f4733ddce94a60024dfbfcde62fb3cbd7c3d955012d5338b91":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d89f06eb07744d43d44734faf9751d07":"185f8d033713ee629e93561cf8d5acb8":"743bcb671d0aa1c547b5448d64d7c6b290777625ba28f25ca0fbf1fc66495a2fde0648a8db51039b0e7340d993aef8afb48269e660cb599837d1e46f72727762d887ee84c073d6136d1b0bc7d4c78f5673a4a6b73375937e8d54a47304845f38ca6b4f51cf14136a0826016535dc5ed003e38c3ac362b9d58ba8b555a05a1412":"36cc3b2f563305208a03378f7dc036119f7de3fee77cefac06515853d36609a622382ed026c59783fbc0d9910767874c516e10c7bf3e3d104f73b3463c8d93a63418c76cb0d05e62e9c8642cb4f32caced2620912cb6c79e5110a27d5fba1ef3b4d0578077858526c5e4254365f2b2ab47a45df4af08980b3b7a9b66dff5b38c":"fcad48076eb03ebe85c6d64f6357":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6150f14dc53f391e815acfabed9f9e20":"7e92dd558bd2662c3a539dfe21a352cf":"9b4624e9118e6aa5dc65b69856638f77fd3f9f562046f50ba92a64e988258637932af7979f000505b84a71ff5dd7b60bad62586b1a8837a61c15a1a1ba7f06668272c28169915d7f06297b6c2a96c8c44203a422bfd25500c82e11274ffe07706365bfd3da34af4c4dd8ad7b620de7284a5af729bea9c4ed2631bdcba2ebdb7d":"fd8f337017e1b60d6618e6e4ad37c1f230cdeb78891579c2c63d4e6a4f7d2cb7252e99de333c73db45958808c08e91359c885a7385ab6f9ed98a27927a5b83c3a456ce2e01869712675e527155ba1e339ac14a3ccd7a4b87360902f2b8381308fe5a4eac5c90d0b84da4bf5b907de6ff3139cffd23b49a78750006100183032a":"922a7b48ad5bf61e6d70751cfe":"":"f272a3ee9b981f97785cc6fad350e516d72d402dae0d8a531c064ec64598b2a5760f9b279c10aa1ff71bec07300ab0373187138e7a103fc4130105afa6b6346f3d368b40d6f542375de97878ad4d976d64c5c4968a17be2b1757a17c03100231c34721250cd37cc596678764083ade89ae3b1a2151ff9151edcd7ba0eb8a4649":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3e8216072ed6fcde0fe0f636b27ed718":"23a122cf363c3117b8c663388c760ee4":"28ce0b4a44fa83323e060f3ff6436b8829d4f842090296bdc952b6d4a6b1b1a66be06168c63c4643e6ac186f7ffd8d144f603b2d4bc0d65be48121676f9fa1f359029c512bebfd75075ff357bc55f20fc76d9f2477c9930f16408f9f09c5ae86efa2529d2f1449ceeb635b83ca13662860ef9ac04a3d8ab4605eccd2d9ae5a71":"3b50f2a8dca9f70178503d861d9e37f5edfafc80ee023bfed390a477372986e4794175ec22ac038c3461aba50c9b2379cab48512946efdfe2cb9c12a858b373a5309324f410e6a05e88ba892759dbee6e486dc9665f66cb5950ea7e71317fa94abbebd67a3948746a998173fbbb4f14f9effbdf66d3b6e346053496a4b1934ce":"531a65cc5dfeca671cc64078d1":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1af434b73a1210b08595ffa686079832":"ae318f3cb881d1680f6afbf6713a9a2f":"3763c9241be0d9d9a9e46e64b12e107d16cca267ff87844c2325af910cc9a485c7015d95bbe62398864d079fb2b577ba0cfad923c24fa30691ad7d767d651eed4a33d0be8f06fed43f58b2e0bb04959f10b9e8e73bd80d3a6a8c8ce637bfbdb9d02c2b0a3dd8317c4997822031a35d34b3b61819b425c10c64e839b29874ddfb":"13f6c1c2d4edcf1438a7b4e85bcd1c84a989831a64d205e7854fce8817ddfceab67d10506ccf6ed9ce50080ef809e28e46cba7b0c96be6a811f59cd09cb3b7b3fe5073ee6763f40aee61e3e65356093f97deef5a8721d995e71db27a51f60a50e34ac3348852c445188cfc64337455f317f87535d465c6f96006f4079396eba3":"2ae7350dd3d1909a73f8d64255":"":"3cd2a770300ce4c85740666640936a0fe48888788702fc37e7a8296adb40b862ec799f257a16821adaa7315bd31e8dec60e4a8faeb8ba2ee606340f0219a6440e9c1d3168425e58fac02e8a88865f30649913d988353ab81f42a5ad43f960055f0877acda20f493208c2c40754fbf4ccee040975aa358ea3fe62cbd028c1611a":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"04036d2f5273c6ff5b8364aa595359c9":"edc433c381140dff929d9df9f62f4cb6":"404acfeeea342aeea8c8b7449af9e20ddf5b85dc7770d2144a4dd05959613d04d0cfece5a21cbb1a9175ddc9443ffacd2085332eb4c337a12a7bb294c95960e7c0bde4b8ab30a91e50267bbd0b8d2a4ed381409ea2e4c84f9a2070a793ce3c90ea8a4b140651b452674f85d5b76d0055df115608bf3a3c60996108023ebabe65":"acf79b6099490af938fb5fd8913255b3daa22786b03356cdf3e0ffaf570f9f866047b8e15c9953f893d97e7098265297396868ebc383be8547e8ec9d974b6a65b5dc5147cdadef2e2ad96696e84e44f364c2ba18c8aabe21f99489957b2b5484bf3fb4fecaf5ddaa1d373e910059c978918a3d01b955de2adb475914bf2c2067":"71f818f1a2b789fabbda8ec1":"":"4729cb642304de928b9dca32bb3d7b7836dd3973bbccf3f013c8ff4b59eca56f5d34d1b8f030a7b581b2f8fdc1e22b76a4cbc10095559876736d318d6c96c5c64cbd9fbd1d8eb4df38a2d56640d67d490d03acc1cd32d3f377eb1907bbd600f21d740b578080ba9c6ddc7dc6c50cdcee41fec51499cb944713c0961fc64f5a70":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"59fe44c6e28d025b2ad05e6e867051ab":"eb0c30320029433f66d29b3fd5c6563b":"49b7418b87374b462d25309b1c06e3132a3c8f4a4fcf29fed58e0902509426be712639db21c076df7b83dcfcc2c2c8fcc88576f4622a4366eb42f84ebf760e3eb22b14f8b5ff83f06a6f04a924eaab05b912e126e80da22461abf7f1925fd72ebdf2aea335a044726e7c2ebbb2b8aeebab4f7de5e186b50f275b700794d895d8":"20e66bae1215de9a87a0b878d39015d17e0d4542a1aaba2000cefbd5f892c26a410f55f0d7dc2f6b66690f2997032985e5516e068bfc6ec8a3669f566e280b0cefded519023b735ee3bcbfc5b6ce8203b727933a750f9bd515ec448c1f3a030aa0f40e607727a3239ebbe655d46b38a3d867e481ccf0fadbf0d59b665d2ed6b5":"296c4cdaeb94beb2847dc53d":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c314264cee0e6db30ebe9b2f6d4991b2":"4cd4431bb6dea8eb18ae74e4c35a6698":"0eeafbfd04f9a0ea18e5bdc688c7df27183f346187e9574b61222006f2b3e12e8d9d9bf1f0f15949ee1a7ee8e5c80ee903b8ba2860e15ccb999929f280200b159c2adca481748d0632a7b40601c45055f8cb5126148e6cbab2c76f543537ab54eb276188343cea3c4ab0d7b65b8754e55cfe3f6a5c41b6ea3c08b81fcecc968a":"d436ff9abfb044a332c4e009b591719a67b12a5366da0a66edf19605c34daa37588e15dd3da0d1a097215e469439de79cca74e04cd4904e5b4a6cb4e0ea54e6ba4e624ed6bd48be32d1ef68ffea1639a14e91a5914c2346ea526df95cbd4ad1b8ee842da210b35b6315c3075ecc267d51643c4b39202d0ad793cbb0045ebdc19":"fda18d2f795d900f057fe872":"":"cb9e0fb0ac13ca730b79e34745584b362d0716c344e4de90d8352b21117471ba12c97f193150b33774baee5e4a0f11b10428eaf0106c958e16aa46c5f6f3d99eed93d1b9ba3957bed05a8b9cc8c5511cf813a66dc7d773cb735b0523d8d6b0b80639b031ddc375f714c6dd50055320cd7ed44a471c8d5645c938a9005d0b5050":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"26072018bd0bda524b5beb66a622c63e":"c783d6d3b8392160e3b68038b43cf1f4":"8ae7c809a9dc40a6732a7384e3c64abb359c1b09dcb752e5a6b584873e3890230c6fc572b9ad24d849766f849c73f060fc48f664c1af9e6707e223691b77e170966ed164e0cc25ede3fbc3541c480f75b71e7be88fe730d8b361ea2733c6f37e6a59621de6004e020894b51dfb525973d641efe8d5fd9077a0bbc9dc7933a5de":"91c524b359dae3bc49117eebfa610672af1e7754054607317d4c417e7b1a68453f72d355468f825aeb7fde044b20049aed196ec6646cce1eeeccf06cb394286272b573220cdb846613ebc4683442dccc7a19ec86ef1ec971c115726584ae1f4008f94e47d1290d8b6b7a932cfe07165fd2b94e8f96d15f73bf72939c73f4bd11":"edffe55c60235556":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"201751d3da98bd39ff4e5990a56cfea7":"6172468634bf4e5dda96f67d433062d7":"ae2d770f40706e1eaa36e087b0093ec11ed58afbde4695794745e7523be0a1e4e54daade393f68ba770956d1cfb267b083431851d713249ffe4b61227f1784769ce8c9127f54271526d54181513aca69dc013b2dfb4a5277f4798b1ff674bca79b3dec4a7a27fcf2905ae0ce03f727c315662cd906e57aa557d1023cce2acd84":"2965af0bde3565a00e61cebbfe0b51b5b5ee98dbbfff7b1b5bf61da5ba537e6f4cf5fa07d2b20e518232c4961e6bc3ae247b797429da5d7eee2fc675b07066ac2e670261c6e9a91d920c7076101d86d5ef422b58e74bdc1e0b1d58298d3ee0f510ee3a3f63a3bbc24a55be556e465c20525dd100e33815c2a128ac89574884c1":"66c247e5ad4e1d6a":"":"efd064d4b4ef4c37b48ddf2fa6f5facc5e9cc4c3255b23a1e3765fabb5a339fa0eda754a5381b72989fc1323ff9a6bbaecd904eb4835e5a511b922927574673061ed8de23299ea1456054e7ebb62869878c34fb95e48c8385b5ebceecb962654cf1586b3f54e7887ce31850363e9a22be9e6fbc22e694db81aa055490495dbf2":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3bc0dcb5261a641a08e6cb00d23e4deb":"16fa19f69fceed9e97173207158755a5":"92ddd3b98f08fc8538f6106f6434a1efa0a7441cc7f6fd0841103c2e4dd181ea0c9a4811b3cb1bad1986a44d8addabc02dd6980daf7d60405b38dadc836bb1d0620ceab84e0134aca7c30f9f9490436b27acfd7052f9d7f0379b8e7116571017add46b9976f4b41431d47bae6f5f34dc42410793bc26c84bfe84fb53ae138c85":"d533ad89a1a578db330c01b4e04d08238b020e36aebe87cf2b0bf0b01f1ce4197be8b0596e475a95946918152e8b334ba89f60486c31f0bd8773ca4ff1319fe92197088b131e728d64405441c4fb5466641f0b8682e6cb371f8a8936140b16677f6def8b3dd9cbf47a73f553f1dca4320ad76f387e92f910f9434543f0df0626":"f5289e1204ace3b2":"":"be0c30deeffbe51706247928132002b24d29272eee6b9d618483868e67280236632fa1ae06f3ef793f67bd01b1b01f70a827367c1cd28f778910457c7cbd977dfefff1f84a522247e19b2fd01fa22ce67cef9503d45c80a5084741f04108f2462b7cdd06a8f1f044fea2b05e920bcc061fbc6910175d732f45102a63c76ae48c":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"239c15492d6deec979e79236baca4635":"916b8b5417578fa83d2e9e9b8e2e7f6b":"b39eb732bc296c555cc9f00cf4caaf37d012329f344a6b74a873baf0d8dde9631f5e57b45b957d6aec0f7978e573dd78b43d459b77756037cd64d10d49966eb3a2a08d0f4d5e4f5dcb8713f4e4756acdf9925c5fc6120c477f6dffc59b0b47a3d5efd32b8c9052b321bb9b5129e5c6a095d8de563601b34608456f58d7221f2d":"d64886ce5f5b4adb7fe8f95904bc1461749c931655b02819ffdd0ae31bad4175125aa68962f8e36ec834a7d53a191a74c937e81ec93ad9ce0d3b286d3c11ff1733c0b7780130768c120b1833933561cf07399ca49b912370ae34f0e49b9c8cb9920eddc6816ab2ae261c6d7f70058a9b83a494026f249e58c4c613eefafe6974":"fc08cbbe":"":"95c169721ea007c3f292e4ec7562a426d9baa7d374fd82e1e48d1eaca93d891d5ffa9acf5e3bd82e713ac627141e26a8b654920baffab948401cc3c390d6eea9d7b78c4fcb080b0aa9222e4d51bf201ccfd9328995831435e065d92ad37ee41c7c4366cc1efe15c07fc0470608866aeea96997772ecf926934c5d02efe05f250":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"db68a96e216b0dd9945f14b878487e03":"8a1a72e7bb740ec37ea4619c3007f8ae":"1b4f37190a59a4fff41d348798d1829031204fd7ac2a1be7b5ea385567e95e2ace25bf9e324488dd3ab8ce7f29d4c9a4f4b1a8a97f774871ee825e2c17700128d3c55908d3b684a1f550fdb8b38149ff759c21debdd54e49d64d3e8aac803dfd81600464ed484749bb993f89d4224b3d7d55c756b454466ff9fd609019ed5e83":"5634196a32d4cbfa7a2f874a1e0f86287d2942090e0cc6a82bd5caf40136a27ddf524a17713ce4af04ca6cb640a7205cce4ac9cb2d0ab380d533e1e968089ea5740c0fcbfa51f2424008e0b89dc7b3396b224cfaed53b3ac0604879983d3e6e6d36053de4866f52976890f72b8f4b9505e4ebdd04c0497048c3ce19336133ea4":"9251d3e3":"":"0c6bb3ee5de5cbb4b39d85d509bcacb3dda63fa50897936531339882962e8dc54c285c8944768d12096d4a3c2b42ffa92603cee2da9b435ec52908fca6d38ed74f898fe0ffa761f96038ff7dfeccc65bb841c3457b8de1e97d9bee82e2911602ee2dc555b33a227424dea86d610d37c447776295b412b412903ad2cede5170b6":1
 
 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"659b9e729d12f68b73fdc2f7260ab114":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"8e5a6a79":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"4f801c772395c4519ec830980c8ca5a4":"":"":"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"335ca01a07081fea4e605eb5f23a778e":"":"":"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"d9172c3344d37ff93d2dcb2170ea5d01":"":"":"017fef05260a496654896d4703db3888":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"f47e915163fa3df7f6c15b9d69f53907":"":"":"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"a35b397b34a14a8e24d05a37be4d1822":"":"":"e045ecba220d22c80826b77a21b013":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"169a449ccb3eb29805b15304d603b132":"":"":"3a807251f3d6242849a69972b14f6d":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"538641f7d1cc5c68715971cee607da73":"":"":"07d68fffe417adc3397706d73b95":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"0d8eb78032d83c676820b2ef5ccc2cc8":"":"":"7da181563b26c7aefeb29e71cc69":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"646a91d83ae72b9b9e9fce64135cbf73":"":"":"169e717e2bae42e3eb61d0a1a29b":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"55e10d5e9b438b02505d30f211b16fea":"":"":"95c0a4ea9e80f91a4acce500f7":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"e25ef162a4295d7d24de75a673172346":"":"":"89ea4d1f34edb716b322ea7f6f":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"08ea464baac54469b0498419d83820e6":"":"":"ab064a8d380fe2cda38e61f9e1":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"766996fb67ace9e6a22d7f802455d4ef":"":"":"9a641be173dc3557ea015372":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"75cdb8b83017f3dc5ac8733016ab47c7":"":"":"81e3a5580234d8e0b2204bc3":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"cfbefe265583ab3a2285e8080141ba48":"":"":"355a43bcebbe7f72b6cd27ea":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":"":"34b8e037084b3f2d":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"118d0283294d4084127cce4b0cd5b5fa":"":"":"507a361d8ac59882":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"b78d518b6c41a9e031a00b10fb178327":"":"":"f401d546c8b739ff":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"14eb280288740d464e3b8f296c642daa":"":"":"39e64d7a":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"f54bf4aac8fb631c8b6ff5e96465fae6":"":"":"1ec1c1a1":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"75532d15e582e6c477b411e727d4171e":"":"":"76a0e017":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":"":"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":"":"04b80f25ae9d07f5fd8220263ac3f2f7":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":"":"d22407fd3ae1921d1b380461d2e60210":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":"":"fcbb932ddb0128df78a71971c52838":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":"":"18fd1feec5e3bbf0985312dd6100d1":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":"":"fd78b9956e4e4522605db410f97e84":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":"":"b11f5c0e8cb6fea1a170c9342437":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":"":"6cdf60e62c91a6a944fa80da1854":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cc9922299b47725952f06272168b728218d2443028d81597":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":"":"dd515e5a8b41ecc441443a749b31":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":"":"f33e8f42b58f45a0456f83a13e":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":"":"380128ad7f35be87a17c9590fa":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":"":"e9e5beea7d39c9250347a2a33d":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":"":"24483a57c20826a709b7d10a":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":"":"23012503febbf26dc2d872dc":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":"":"e8e80bf6e5c4a55e7964f455":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":"":"74264163131d16ac":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":"":"8f4877806daff10e":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":"":"4eff7227b42f9a7d":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":"":"ff355f10":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":"":"cb4d8c1d":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":"":"4a28ec97":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"eb16ed8de81efde2915a901f557fba95":"":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"804056dca9f102c4a13a930c81d77eca":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"70835abab9f945c84ef4e97cdcf2a694":"":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"7f770140df5b8678bc9c4b962b8c9034":"":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"151fd3ba32f5bde72adce6291bcf63ea":"":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"f0626cc07f2ed1a7570386a4110fc1":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"743699d3759781e82a3d21c7cd7991c8":"":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"1da347f9b6341049e63140395ad445":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"85b241d516b94759c9ef975f557bccea":"":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"9769f71c76b5b6c60462a845d2c123ad":"":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"4b12c6701534098e23e1b4659f684d6f":"":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"729b31c65d8699c93d741caac8e3":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"fe1e427bcb15ce026413a0da87":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"927ce8a596ed28c85d9cb8e688a829e6":"":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"508c55f1726896f5b9f0a7024fe2fad0":"":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"b2a7c0d52fc60bacc3d1a94f33087095":"":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"1bd17f04d1dc2e447b41665952ad9031":"":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"01b0a815dc6da3e32851e1fb":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"5ea9198b860679759357befdbb106b62":"":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7474d9b07739001b25baf6867254994e06e54c578508232f":"3ade6c92fe2dc575c136e3fbbba5c484":"":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"67c25240b8e39b63":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"41b37c04ab8a80f5a8d9d82a3a444772":"":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"4ee54d280829e6ef":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"9af53cf6891a749ab286f5c34238088a":"":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"6f6f344dd43b0d20":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"623df5a0922d1e8c883debb2e0e5e0b1":"":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"9265abe966cb83838d7fd9302938f49d":"":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"6f6c38bc":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9b3781165e7ff113ecd1d83d1df2366d":"":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"62f32d4e":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"0943abb85adee47741540900cc833f":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"a5100c5e9a16aedf0e1bd8604335":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"4da85b8ec861dd8be54787bb83f1":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"8781b045a509c4239b9f44624e":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"2ad4520ddc3b907414d934cc1d":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4382507dddccf1385fc831da8924147563416d0656e168ec":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"b124eea927e2a62a875494a1":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"f1a23ce6e2bc9088a62c887abecd30ae":"":"":"d4d5c22f993c8c610145fcbe4e021687":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"ef221a1c66fda17906190b7c99ab60b8":"":"":"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"7c29b3196d44df78fa514a1967fcd3a6":"":"":"fc123944bbea6c5075a5f987aed9cf99":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"783f9a3c36b6d0c9fd57c15105316535":"":"":"23e21a803cac5237777014686564f2":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"2acc2073089a34d4651eee39a262e8ae":"":"":"7ac742c859a02a543b50464c66dcf5":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"c937615675738f4b3227c799833d1e61":"":"":"88300bd65b12dcb341f1f6d8a15584":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"1f939226feab012dabfc2193637d15b1":"":"":"eed5fcb7607c038b354746d91c5b":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"e2076e1050070d468659885ea77e88d0":"":"":"b4586bdbd4b6b899648f2333eee0":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"2d07bb8616fc0bbb71755a1bd256e7fb":"":"":"6b60d645220cfde42d88296ac193":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"6c31194df99d08881fa5b1dd33b45a92":"":"":"69431593c376c9f8052bf10747":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"73599275f8237f14c4a52b283c07275d":"":"":"6f7249d25c9f273434c4720275":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"d0871bfc3693245be478e6a257c79efb":"":"":"5a99d59631d0e12f58b7b95ccd":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"c72bb300b624c27cded863eba56e7587":"":"":"ea2528e7439be2ed0a0d6b2a":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"28899601fa95f532b030f11bbeb87011":"":"":"35625638589bb7f6ccdb0222":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"375d4134e8649367f4db9bdb07aa8594":"":"":"70610bf329683e15ecf8c79f":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"9f502fb5ac90ff5f5616dd1fa837387d":"":"":"a4b5138122e1209d":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"2ee96384dd29f8a4c4a6102549a026ab":"":"":"3b33a10189338c3b":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"8d97f354564d8185b57f7727626850a0":"":"":"813d2f98a760130c":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"daf13501a47ee73c0197d8b774eec399":"":"":"a6d108c0":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":"":"a47cdadd":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"817199254a912880405c9729d75ed391":"":"":"d81d9b41":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":"":"dd153cfd7aa946280660c445f586fa28":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":"":"c59231ddaae98e0e8db6b3fe8f4d3427":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":"":"2c84bf7a8947ab93b10ae408243b4993":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":"":"e8aac14b53cdbc2028d330fc8d92a7":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":"":"dc034564d4be7de243ff059b5f9160":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":"":"942b52277e9dc0a30d737d00f5e597":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":"":"87737873b82586bb29b406946cae":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":"":"06f95ca69c222a8985887925b15e":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":"":"c68842cafc50070799f7c8acd62a":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":"":"ec9a79a88a164e1a6253d8312e":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":"":"9779b7c3ece6c23d5813e243ec":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":"":"ca82448429106009094c21d70b":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":"":"9d1603799e2485a03e7b05a0":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":"":"05ee6ce13711535864674a5b":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":"":"0c9c17388d0610f99d0a093f":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":"":"1c3bd1e0d4918e36":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":"":"dab612351f75e2cb":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":"":"f1d743b7e1b73af5":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":"":"4dc74971":"":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":"":"fb845ab7":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":"":"c840d994":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"cff291d2364fc06a3a89e867b0e67e56":"":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"81f1eb568d0af29680518df7378ba3e8":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"1c8f41424acaf009996ceaa815b24ad4":"":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"a950ab0dd84115e3829ab0ad3bbb1193":"":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"3a2acf69bba19f5d1d1947af2cfda781":"":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"3cd95429c6de1d327b9eb3c45424a87c":"":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"bd505fcba464e6e2c58fdf29f5695fb9":"":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"8510fff71bb879f56ea2fe43f6ff50":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"776248381941e16908f52d19207881f5":"":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"603977845d82faccb401817ecce6e2fe":"":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"c955a3bc316841be07e406d289c8":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"4cd56de54e5140a587be7dfd02d3a39e":"":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"1a29527a41330259f918d99d7509":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"afe986ead799727063958e2ce13ca846f76c51605439f839":"f85a95ed10b69623162ab68d1098de94":"":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"537a4ee307af3072e745570aaaadce34":"":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"df01cffbd3978850e07328e6b8":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"5124b410c43d875eca6ce298c45994a7":"":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"ff10234524433b871202c2cca6acb194":"":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"49da91e926091a448d57d521cc90f3c0":"":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"99198f55f9fa763651bba58e":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"b5efb9feae3de41b5ce9aa75583b8d21":"":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"9604d031fa43dcd0853e641c":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"aef257dd44d14d0bc75f9311ef24e85a":"":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"c15c9c0b0b70c7321df044bfde2b15fb":"":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c5c9851a6bf686d0":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"0bd64d222532dae8ab63dc299355bf2a":"":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"3477cad1fd4098b2":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"37e3a300542d9caf3975c6429cb8a2e8":"":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"6cba4efc8d4840aa044a92d03d6b4d69":"":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"4f4636d1b283bfa72c82809eb4f12519":"":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"16c80a62":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"87b5372571fb244648053c99405999130f87a7c178052297":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"010195091d4e1684029e58439039d91e":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"28a43253d8b37795433140641e9ffd":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"d4356cb417953b01f7b1110c8aa3eb":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"3269922affb9d767f5abe041cc8e":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"22c2efeddfd5d9cb528861c4eb":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"673afea592b2ce16bd058469f1":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"079e8db9c3e6eddb0335b1cf64":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"974bd0c4a8cac1563a0e0ce0":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"84f1efd34ff84e83":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"15d456da7645abf2":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"613ba486":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"3a0324d63a70400490c92e7604a3ba97":"":"":"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"7156358b203a44ef173706fdc81900f8":"":"":"9687fb231c4742a74d6bf78c62b8ac53":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"4fe6ace582c4e26ce71ee7f756fb7a88":"":"":"d5bdf8ec2896acafb7022708d74646c7":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"404efd26b665c97ea75437892cf676b6":"":"":"e491075851eec28c723159cc1b2c76":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"4037eadb11249884b6b38b5525ba2df4":"":"":"360c6ef41cbd9cd4a4e649712d2930":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"cebbce06a88852d3bb2978dbe2b5995a":"":"":"bd7ca9f6bd1099cde87c0f0d7cc887":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"008d040fbd7342464209f330cf56722c":"":"":"c87107585751e666bedae2b1b7e8":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"947c5f0432723f2d7b560eca90842df1":"":"":"7d331fedcea0fd1e9e6a84385467":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"51f639467083377795111d44f7d16592":"":"":"02d31f29e15f60ae3bee1ad7ea65":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"aea6f8690f865bca9f77a5ff843d2365":"":"":"7f2280776d6cd6802b3c85083c":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":"":"ea01723a22838ed65ceb80b1cf":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"ae07f8c7ac82c4f4c086e04a20db12bc":"":"":"1132e4fff06db51ff135ed9ced":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"929b006eb30d69b49a7f52392d7d3f11":"":"":"33940d330f7c019a57b74f2d":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"e34b19381f05693f7606ce043626664d":"":"":"2adc2c45947bfa7faa5c464a":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"a56f27709e670b85e5917d5c1d5b0cc2":"":"":"177b9a5e6d9731419dd33c5c":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":"":"fe82300adffd8c17":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"1bd9ea6186450f9cd253ccfed2812b1c":"":"":"35214bbc510430e3":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"728cb9608b67a489a382aa677b1f4f5b":"":"":"e2ef5d9cc5791c01":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":"":"0fe57572":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"7b722fdd43cff20832812f9baf2d6791":"":"":"72dea6cc":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"729baa4c0ef75ed8aae746376b39fe3c":"":"":"2a0d607c":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":"":"c595b9d99414891228c9fa5edb5fcce3":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":"":"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":"":"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":"":"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":"":"a8e29e08623a3efdbbe8b111de30a4":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":"":"e3645db0c600dba52044efcecfc331":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":"":"c25fc157c3f2474885e2eea48aea":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":"":"4ed91af6340e70b0c2b94ab6f82e":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":"":"3bcb5c2a4261d75bfa106fb25ee1":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":"":"0e463806ff34e206f703dd96b3":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":"":"3f0ccc134091e0c0425887b1b9":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":"":"888b836c9111073924a9b43069":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":"":"b6044c4d7f59491f68b2c61e":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":"":"5c5683e587baf2bd32de3df5":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":"":"52e10495105799ead991547b":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":"":"6ff8fd87e5a31eb6":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":"":"49aaa806cb2eeadd":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":"":"a5b71ecf845b25d0":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":"":"e9cdbc52":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":"":"e35dbac8":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":"":"e7a37f15":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"2fc1afc1395d8409919248709f468496":"":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"c571ce0e911de5d883dc4a0787483235":"":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"275393276745bc43bae4af1e5d43a31e":"":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"47f5264f7a5b65b671892a05fa556f63":"":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"4e022d8d86efbd347e8cbab7e979771f":"":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"7c0f49fb54f5e68c84e81add009284e6":"":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"5cea906737518c2cb901016e30206276":"":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"3a3a771dd5f31c977e154ef5c73a":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"387ee8c1e7f047e94d06d0322eec02fc":"":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"d2b277f78e98f1fa16f977ce72ee22a7":"":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"4c81c044101f458fdfac9ca3b9":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"94886a1845aebba5ed6b86f580be47f9":"":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"4be34ff42085ef4443c8b6042d":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"e5ca84b907ac761a5e68a9080da0a88a":"":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"fa549b33b5a43d85f012929a4816297a":"":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"afa61e843cee615c97de42a7":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"2f8512bb7e214db774a217a4615139e1":"":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"f1da1cebe00d80eb4e025feb":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"3da9af3567d70553ca3a9636f0b26470":"":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"b957f05921d21f2192f587768dc12b4f":"":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"322374fbb192abbc":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"31bd7c971a6d330b566567ab19590545":"":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"efc5a1acf433aaa3":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"2f9c0647a4af7f61ced45f28d45c43f1":"":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"69d81c73008a6827a692fa636fbab8bb":"":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"be2dda5c":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"e119e166471ecf44bc3a070639619931":"":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"b2f54b3a":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"cf296aa43cb7b328e09c8975e067404e":"":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"56015c1e":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"ba61edeb7b8966188854fc7926aad2":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"993fc8e7176557ee9eb8dd944691":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"92282b022e393924ab9c65b258c2":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"6154c6799ad7cdc2d89801943a":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"1d6cd4ab3914e109f22668867f":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"d8bd7d8773893519":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"74110471ccd75912":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #0 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #1 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"30298885":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #2 [#1]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"1997daa9":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"7f8368254955e1b6d55b5c64458f3e66":"":"":"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"274367f31ec16601fe87a8e35b7a22dd":"":"":"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"796efaff4f172bef78453d36a237cd36":"":"":"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"45e6b23f8b3feefd4b0ea06880b2c324":"":"":"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"548c9c8fcc16416a9d2b35c29f0dacb3":"":"":"3aa21f221266e7773eeba4440d1d01":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"a5129e2530f47bcad42fc5774ee09fe7":"":"":"6bb09ed183527c5d5ed46f568af35f":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":"":"55952a01eee29d8a1734bbdf3f8f":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"6404b111c6289eefa0d88ed6117bb730":"":"":"637f82e592831531a8e877adfc2c":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"3b87b08337a82272b192bd067e3245ec":"":"":"1f2dda372f20ffddd9dd4810e05f":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"58e70095c6f3a0cda2cdc7775e2f383d":"":"":"1763573f7dab8b46bc177e6147":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"d565c9cdfb5d0a25c4083b51729626bd":"":"":"78738d3e9f5e00b49635ac9a2d":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":"":"ea7b52490943380ccc902ca5ae":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"c993c1802df0f075ce92963eb9bff9bd":"":"":"edfab013213591beb53e6419":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"8f7e1621c2227839da4ea60548290ffa":"":"":"f9da62f59c080160ec30b43d":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"05d363b2452beff4b47afb052ac3c973":"":"":"6b4a16d1ea1c21b22bdcb235":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"774f4e70a7577b5101c0c3d019655d3e":"":"":"98ff89a8e28c03fd":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"99f25cebd6cfa7f41390b42df6a65f48":"":"":"8e14a0a4853a156a":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"c1beff1ff6cdd62339aa21149c4da1e6":"":"":"f998d7c08d609b3a":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"88126c350dfc079c569210ee44a0e31a":"":"":"f2ebe5e4":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"af29fdb96f726c76f76c473c873b9e08":"":"":"13fd6dfd":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"1552604763453b48a57cea1aed8113f4":"":"":"660c5175":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":"":"6b4b1a84f49befe3897d59ce85598a9f":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":"":"8faa0ffb91311a1a2827b86fec01788d":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":"":"2211ca91a809adb8cf55f001745c0563":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":"":"2e080ba16011e22a779da1922345c2":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":"":"83de3f521fcfdaff902386f359e683":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":"":"cd4542b26094a1c8e058648874f06f":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":"":"96ca402b16b0f2cd0cdff77935d3":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":"":"8233588fca3ad1698d07b25fa3c4":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":"":"477b0a884d788d1905646bd66084":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":"":"0cb67cec1820339fa0552702dd":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":"":"08d7cc52d1637db2a43c399310":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":"":"fbb477dd4b9898a9abc5a45c63":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":"":"99230019630647aedebbb24b":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":"":"9553b583d4f9a1a8946fe053":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":"":"44b95a37fab232c2efb11231":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":"":"072d4118e70cd5ab":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":"":"1bcea0ac2c1a0c73":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":"":"faa5c13d899f17ea":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":"":"a3958500":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":"":"50fd1798":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":"":"07764143":"":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"5714732145470da1c42452e10cd274b5":"":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"a714e51e43aecfe2fda8f824ea1dc4b7":"":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"91d55cfdcdcd7d735d48100ff82227c3":"":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"19788b2e0bd757947596676436e22df1":"":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"f26a20bea561004267a0bfbf01674e":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"c6b26117d9dbd80c1c242ad41abe2acc":"":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0db3ade15cb0dea98a47d1377e034d63":"":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"83f98eec51ee4cae4cb7fe28b64d1355":"":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"df47eef69ba2faab887aa8f48e4b":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"2bc0847d46f3d1064bbf8fe8567f54a2":"":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"b9194a4d42b139f04c29178467955f1d":"":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"05949d591793ca52e679bfdf64f3":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"6a5335901284dd3b64dc4a7f810bab96":"":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"fcb962c39e4850efc8ffd43d9cd960a6":"":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"1d8cdadcf1872fb2b697e82ef6":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"b4d9248bb500e40de99ca2a13e743f1c":"":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"160c50c0621c03fd1572df6ba49f0d1e":"":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"04885a5846f5f75a760193de7f07853c":"":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"0c13506ed9f082dd08434342":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"0a93b883cbd42998ae2e39aab342cb28":"":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"e20957a49a27e247d00379850f934d6c":"":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"d533c2170c5dc203512c81c34eff4077":"":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"2e2b31214d61276a54daf2ccb98baa36":"":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"5266e9c67c252164":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"a8339ba505a14786ad05edfe8cebb8d0":"":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"4f23f04904de76d6decd4bd380ff56b1":"":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"531248afdaaf1b86cf34d2394900afd9":"":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"0bae9403888efb4d8ec97df604cd5d":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"7b334d7af54b916821f6136e977a1f":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"e3ede170386e76321a575c095966":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"5c43fc4dc959fabeebb188dbf3a5":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"2eb6eb6d516ed4cf1778b4e378":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"bea660e963b08fc657741bc8":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"7859f047f32b51833333accf":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"2111d55d96a4d84d":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #0 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"b1ece9fb":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #1 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"cb3f5338":"FAIL":"":1
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #2 [#2]
-depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"":1
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.misc.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.misc.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.misc.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.misc.data
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.nist_kw.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.nist_kw.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.nist_kw.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.nist_kw.data
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.null.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.null.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.null.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.null.data
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.padding.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.padding.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cipher.padding.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cipher.padding.data
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cmac.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cmac.data
similarity index 87%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cmac.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cmac.data
index 70b7609..3ca5e54 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_cmac.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cmac.data
@@ -2,6 +2,7 @@ CMAC self test
 mbedtls_cmac_self_test:
 
 CMAC null arguments
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_null_args:
 
 CMAC init #1 AES-128: OK
@@ -16,49 +17,59 @@ CMAC init #3 AES-256: OK
 depends_on:MBEDTLS_AES_C
 mbedtls_cmac_setkey:MBEDTLS_CIPHER_AES_256_ECB:256:0
 
-CMAC init #4 3DES : OK
+CMAC init #4 3DES: OK
 depends_on:MBEDTLS_DES_C
 mbedtls_cmac_setkey:MBEDTLS_CIPHER_DES_EDE3_ECB:192:0
 
 CMAC init #5 AES-224: bad key size
 depends_on:MBEDTLS_AES_C
-mbedtls_cmac_setkey:MBEDTLS_CIPHER_ID_AES:224:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+mbedtls_cmac_setkey:MBEDTLS_CIPHER_AES_128_ECB:224:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
 
 CMAC init #6 AES-0: bad key size
 depends_on:MBEDTLS_AES_C
-mbedtls_cmac_setkey:MBEDTLS_CIPHER_ID_AES:0:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+mbedtls_cmac_setkey:MBEDTLS_CIPHER_AES_128_ECB:0:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
 
 CMAC init #7 Camellia: wrong cipher
 depends_on:MBEDTLS_CAMELLIA_C
-mbedtls_cmac_setkey:MBEDTLS_CIPHER_ID_CAMELLIA:128:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+mbedtls_cmac_setkey:MBEDTLS_CIPHER_CAMELLIA_192_ECB:128:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
 
 CMAC Single Blocks #1 - Empty block, no updates
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"":-1:"":-1:"":-1:"":-1:"bb1d6929e95937287fa37d129b756746"
 
 CMAC Single Blocks #2 - Single 16 byte block
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96e93d7e117393172a":16:"":-1:"":-1:"":-1:"070a16b46b4d4144f79bdd9dd04a287c"
 
 CMAC Single Blocks #3 - Single 64 byte block
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":64:"":-1:"":-1:"":-1:"51f0bebf7e3b9d92fc49741779363cfe"
 
 CMAC Multiple Blocks #1 - Multiple 8 byte blocks
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96":8:"e93d7e117393172a":8:"":-1:"":-1:"070a16b46b4d4144f79bdd9dd04a287c"
 
 CMAC Multiple Blocks #2 - Multiple 16 byte blocks
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96e93d7e117393172a":16:"ae2d8a571e03ac9c9eb76fac45af8e51":16:"30c81c46a35ce411e5fbc1191a0a52ef":16:"f69f2445df4f9b17ad2b417be66c3710":16:"51f0bebf7e3b9d92fc49741779363cfe"
 
 CMAC Multiple Blocks #3 - Multiple variable sized blocks
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96":8:"e93d7e117393172aae2d8a571e03ac9c":16:"9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52ef":24:"f69f2445df4f9b17ad2b417be66c3710":16:"51f0bebf7e3b9d92fc49741779363cfe"
 
 CMAC Multiple Blocks #4 - Multiple 8 byte blocks with gaps
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"":0:"6bc1bee22e409f96":8:"":0:"e93d7e117393172a":8:"070a16b46b4d4144f79bdd9dd04a287c"
 
 CMAC Multiple Operations, same key #1 - Empty, empty
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367":"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367"
 
 CMAC Multiple Operations, same key #2 - Empty, 64 byte block
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":64:"":-1:"":-1:"a1d5df0eed790f794d77589659f39a11"
 
 CMAC Multiple Operations, same key #3 - variable byte blocks
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e51":32:"30c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":32:"":-1:"a1d5df0eed790f794d77589659f39a11":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e51":32:"30c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":32:"":-1:"a1d5df0eed790f794d77589659f39a11"
 
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cmac.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cmac.function
new file mode 100644
index 0000000..9624e8f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_cmac.function
@@ -0,0 +1,295 @@
+/* BEGIN_HEADER */
+#include "mbedtls/cipher.h"
+#include "mbedtls/cmac.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_CMAC_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void mbedtls_cmac_self_test()
+{
+    TEST_ASSERT(mbedtls_cmac_self_test(1) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_cmac_null_args()
+{
+    mbedtls_cipher_context_t ctx;
+    const mbedtls_cipher_info_t *cipher_info;
+    unsigned char test_key[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    unsigned char test_data[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    unsigned char test_output[MBEDTLS_CIPHER_BLKSIZE_MAX];
+
+    mbedtls_cipher_init(&ctx);
+
+    /* Test NULL cipher info */
+    TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, test_data, 16) ==
+                MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+    cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_ECB);
+    TEST_ASSERT(mbedtls_cipher_setup(&ctx, cipher_info) == 0);
+
+    TEST_ASSERT(mbedtls_cipher_cmac_starts(NULL, test_key, 128) ==
+                MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+    TEST_ASSERT(mbedtls_cipher_cmac_starts(&ctx, NULL, 128) ==
+                MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+    TEST_ASSERT(mbedtls_cipher_cmac_update(NULL, test_data, 16) ==
+                MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+    TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, NULL, 16) ==
+                MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+    TEST_ASSERT(mbedtls_cipher_cmac_finish(NULL, test_output) ==
+                MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+    TEST_ASSERT(mbedtls_cipher_cmac_finish(&ctx, NULL) ==
+                MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+    TEST_ASSERT(mbedtls_cipher_cmac_reset(NULL) ==
+                MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+    TEST_ASSERT(mbedtls_cipher_cmac(NULL,
+                                    test_key, 128,
+                                    test_data, 16,
+                                    test_output) ==
+                MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+    TEST_ASSERT(mbedtls_cipher_cmac(cipher_info,
+                                    NULL, 128,
+                                    test_data, 16,
+                                    test_output) ==
+                MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+    TEST_ASSERT(mbedtls_cipher_cmac(cipher_info,
+                                    test_key, 128,
+                                    NULL, 16,
+                                    test_output) ==
+                MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+    TEST_ASSERT(mbedtls_cipher_cmac(cipher_info,
+                                    test_key, 128,
+                                    test_data, 16,
+                                    NULL) ==
+                MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+#if defined(MBEDTLS_AES_C)
+    TEST_ASSERT(mbedtls_aes_cmac_prf_128(NULL, 16,
+                                         test_data, 16,
+                                         test_output) ==
+                MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+    TEST_ASSERT(mbedtls_aes_cmac_prf_128(test_key, 16,
+                                         NULL, 16,
+                                         test_output) ==
+                MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+
+    TEST_ASSERT(mbedtls_aes_cmac_prf_128(test_key, 16,
+                                         test_data, 16,
+                                         NULL) ==
+                MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA);
+#endif
+exit:
+    mbedtls_cipher_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_cmac_setkey(int cipher_type, int key_size, int result)
+{
+    const mbedtls_cipher_info_t *cipher_info;
+    unsigned char key[32];
+    unsigned char buf[16];
+    unsigned char tmp[16];
+
+    memset(key, 0x2A, sizeof(key));
+    TEST_ASSERT((unsigned) key_size <= 8 * sizeof(key));
+
+    TEST_ASSERT((cipher_info = mbedtls_cipher_info_from_type(cipher_type))
+                != NULL);
+
+    memset(buf, 0x2A, sizeof(buf));
+    TEST_ASSERT((result == mbedtls_cipher_cmac(cipher_info, key, key_size,
+                                               buf, 16, tmp)) != 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_cmac_multiple_blocks(int cipher_type, data_t *key,
+                                  int keybits, int block_size,
+                                  data_t *block1, int block1_len,
+                                  data_t *block2, int block2_len,
+                                  data_t *block3, int block3_len,
+                                  data_t *block4, int block4_len,
+                                  data_t *expected_result)
+{
+    const mbedtls_cipher_info_t *cipher_info;
+    mbedtls_cipher_context_t ctx;
+    unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX];
+
+    /* Convert the test parameters to binary data */
+
+    mbedtls_cipher_init(&ctx);
+
+    /* Validate the test inputs */
+    TEST_ASSERT(block1_len <= 100);
+    TEST_ASSERT(block2_len <= 100);
+    TEST_ASSERT(block3_len <= 100);
+    TEST_ASSERT(block4_len <= 100);
+
+    /* Set up */
+    TEST_ASSERT((cipher_info = mbedtls_cipher_info_from_type(cipher_type))
+                != NULL);
+
+    TEST_ASSERT(mbedtls_cipher_setup(&ctx, cipher_info) == 0);
+
+    TEST_ASSERT(mbedtls_cipher_cmac_starts(&ctx,
+                                           (const unsigned char *) key->x,
+                                           keybits) == 0);
+
+    /* Multiple partial and complete blocks. A negative length means skip the
+     * update operation */
+    if (block1_len >= 0) {
+        TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx,
+                                               (unsigned char *) block1->x,
+                                               block1_len) == 0);
+    }
+
+    if (block2_len >= 0) {
+        TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx,
+                                               (unsigned char *) block2->x,
+                                               block2_len) == 0);
+    }
+
+    if (block3_len >= 0) {
+        TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx,
+                                               (unsigned char *) block3->x,
+                                               block3_len) == 0);
+    }
+
+    if (block4_len >= 0) {
+        TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx,
+                                               (unsigned char *) block4->x,
+                                               block4_len) == 0);
+    }
+
+    TEST_ASSERT(mbedtls_cipher_cmac_finish(&ctx, output) == 0);
+
+    TEST_ASSERT(memcmp(output, expected_result->x, block_size)  == 0);
+
+exit:
+    mbedtls_cipher_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_cmac_multiple_operations_same_key(int cipher_type,
+                                               data_t *key, int keybits,
+                                               int block_size,
+                                               data_t *block_a1,
+                                               int block_a1_len,
+                                               data_t *block_a2,
+                                               int block_a2_len,
+                                               data_t *block_a3,
+                                               int block_a3_len,
+                                               data_t *expected_result_a,
+                                               data_t *block_b1,
+                                               int block_b1_len,
+                                               data_t *block_b2,
+                                               int block_b2_len,
+                                               data_t *block_b3,
+                                               int block_b3_len,
+                                               data_t *expected_result_b
+                                               )
+{
+    const mbedtls_cipher_info_t *cipher_info;
+    mbedtls_cipher_context_t ctx;
+    unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX];
+
+    /* Convert the test parameters to binary data */
+
+
+
+    mbedtls_cipher_init(&ctx);
+
+    /* Validate the test inputs */
+    TEST_ASSERT(block_a1_len <= 100);
+    TEST_ASSERT(block_a2_len <= 100);
+    TEST_ASSERT(block_a3_len <= 100);
+
+    TEST_ASSERT(block_b1_len <= 100);
+    TEST_ASSERT(block_b2_len <= 100);
+    TEST_ASSERT(block_b3_len <= 100);
+
+    /* Set up */
+    TEST_ASSERT((cipher_info = mbedtls_cipher_info_from_type(cipher_type))
+                != NULL);
+
+    TEST_ASSERT(mbedtls_cipher_setup(&ctx, cipher_info) == 0);
+
+    TEST_ASSERT(mbedtls_cipher_cmac_starts(&ctx,
+                                           (const unsigned char *) key->x,
+                                           keybits) == 0);
+
+    /* Sequence A */
+
+    /* Multiple partial and complete blocks. A negative length means skip the
+     * update operation */
+    if (block_a1_len >= 0) {
+        TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx,
+                                               (unsigned char *) block_a1->x,
+                                               block_a1_len) == 0);
+    }
+
+    if (block_a2_len >= 0) {
+        TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx,
+                                               (unsigned char *) block_a2->x,
+                                               block_a2_len) == 0);
+    }
+
+    if (block_a3_len >= 0) {
+        TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx,
+                                               (unsigned char *) block_a3->x,
+                                               block_a3_len) == 0);
+    }
+
+    TEST_ASSERT(mbedtls_cipher_cmac_finish(&ctx, output) == 0);
+
+    TEST_ASSERT(memcmp(output, expected_result_a->x, block_size)  == 0);
+
+    TEST_ASSERT(mbedtls_cipher_cmac_reset(&ctx) == 0);
+
+    /* Sequence B */
+
+    /* Multiple partial and complete blocks. A negative length means skip the
+     * update operation */
+    if (block_b1_len >= 0) {
+        TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx,
+                                               (unsigned char *) block_b1->x,
+                                               block_b1_len) == 0);
+    }
+
+    if (block_b2_len >= 0) {
+        TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx,
+                                               (unsigned char *) block_b2->x,
+                                               block_b2_len) == 0);
+    }
+
+    if (block_b3_len >= 0) {
+        TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx,
+                                               (unsigned char *) block_b3->x,
+                                               block_b3_len) == 0);
+    }
+
+    TEST_ASSERT(mbedtls_cipher_cmac_finish(&ctx, output) == 0);
+
+    TEST_ASSERT(memcmp(output, expected_result_b->x, block_size)  == 0);
+
+exit:
+    mbedtls_cipher_free(&ctx);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_constant_time.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_constant_time.data
new file mode 100644
index 0000000..4504aa4
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_constant_time.data
@@ -0,0 +1,11 @@
+# these are the numbers we'd get with an empty plaintext and truncated HMAC
+Constant-flow memcpy from offset: small
+ssl_cf_memcpy_offset:0:5:10
+
+# we could get this with 255-bytes plaintext and untruncated SHA-256
+Constant-flow memcpy from offset: medium
+ssl_cf_memcpy_offset:0:255:32
+
+# we could get this with 255-bytes plaintext and untruncated SHA-384
+Constant-flow memcpy from offset: large
+ssl_cf_memcpy_offset:100:339:48
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_constant_time.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_constant_time.function
new file mode 100644
index 0000000..3f91a7d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_constant_time.function
@@ -0,0 +1,48 @@
+/* BEGIN_HEADER */
+/** \file test_suite_constant_time.function
+ *
+ * Functional testing of functions in the constant_time module.
+ *
+ * The tests are instrumented with #TEST_CF_SECRET and #TEST_CF_PUBLIC
+ * (see tests/include/test/constant_flow.h) so that running the tests
+ * under MSan or Valgrind will detect a non-constant-time implementation.
+ */
+
+#include <mbedtls/constant_time.h>
+#include <constant_time_internal.h>
+#include <constant_time_invasive.h>
+
+#include <test/constant_flow.h>
+/* END_HEADER */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC:MBEDTLS_TEST_HOOKS */
+void ssl_cf_memcpy_offset(int offset_min, int offset_max, int len)
+{
+    unsigned char *dst = NULL;
+    unsigned char *src = NULL;
+    size_t src_len = offset_max + len;
+    size_t secret;
+
+    TEST_CALLOC(dst, len);
+    TEST_CALLOC(src, src_len);
+
+    /* Fill src in a way that we can detect if we copied the right bytes */
+    mbedtls_test_rnd_std_rand(NULL, src, src_len);
+
+    for (secret = offset_min; secret <= (size_t) offset_max; secret++) {
+        mbedtls_test_set_step((int) secret);
+
+        TEST_CF_SECRET(&secret, sizeof(secret));
+        mbedtls_ct_memcpy_offset(dst, src, secret,
+                                 offset_min, offset_max, len);
+        TEST_CF_PUBLIC(&secret, sizeof(secret));
+        TEST_CF_PUBLIC(dst, len);
+
+        TEST_MEMORY_COMPARE(dst, len, src + secret, len);
+    }
+
+exit:
+    mbedtls_free(dst);
+    mbedtls_free(src);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_constant_time_hmac.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_constant_time_hmac.data
new file mode 100644
index 0000000..5339f20
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_constant_time_hmac.data
@@ -0,0 +1,15 @@
+Constant-flow HMAC: MD5
+depends_on:MBEDTLS_MD5_C
+ssl_cf_hmac:MBEDTLS_MD_MD5
+
+Constant-flow HMAC: SHA1
+depends_on:MBEDTLS_SHA1_C
+ssl_cf_hmac:MBEDTLS_MD_SHA1
+
+Constant-flow HMAC: SHA256
+depends_on:MBEDTLS_SHA256_C
+ssl_cf_hmac:MBEDTLS_MD_SHA256
+
+Constant-flow HMAC: SHA384
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_cf_hmac:MBEDTLS_MD_SHA384
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_constant_time_hmac.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_constant_time_hmac.function
new file mode 100644
index 0000000..45f0c01
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_constant_time_hmac.function
@@ -0,0 +1,101 @@
+/* BEGIN_HEADER */
+
+#include <mbedtls/constant_time.h>
+#include <mbedtls/md.h>
+#include <constant_time_internal.h>
+
+#include <test/constant_flow.h>
+/* END_HEADER */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC:MBEDTLS_TEST_HOOKS */
+void ssl_cf_hmac(int hash)
+{
+    /*
+     * Test the function mbedtls_ct_hmac() against a reference
+     * implementation.
+     */
+    mbedtls_md_context_t ctx, ref_ctx;
+    const mbedtls_md_info_t *md_info;
+    size_t out_len, block_size;
+    size_t min_in_len, in_len, max_in_len, i;
+    /* TLS additional data is 13 bytes (hence the "lucky 13" name) */
+    unsigned char add_data[13];
+    unsigned char ref_out[MBEDTLS_MD_MAX_SIZE];
+    unsigned char *data = NULL;
+    unsigned char *out = NULL;
+    unsigned char rec_num = 0;
+
+    mbedtls_md_init(&ctx);
+    mbedtls_md_init(&ref_ctx);
+
+    md_info = mbedtls_md_info_from_type(hash);
+    TEST_ASSERT(md_info != NULL);
+    out_len = mbedtls_md_get_size(md_info);
+    TEST_ASSERT(out_len != 0);
+    block_size = hash == MBEDTLS_MD_SHA384 ? 128 : 64;
+
+    /* Use allocated out buffer to catch overwrites */
+    TEST_CALLOC(out, out_len);
+
+    /* Set up contexts with the given hash and a dummy key */
+    TEST_EQUAL(0, mbedtls_md_setup(&ctx, md_info, 1));
+    TEST_EQUAL(0, mbedtls_md_setup(&ref_ctx, md_info, 1));
+    memset(ref_out, 42, sizeof(ref_out));
+    TEST_EQUAL(0, mbedtls_md_hmac_starts(&ctx, ref_out, out_len));
+    TEST_EQUAL(0, mbedtls_md_hmac_starts(&ref_ctx, ref_out, out_len));
+    memset(ref_out, 0, sizeof(ref_out));
+
+    /*
+     * Test all possible lengths up to a point. The difference between
+     * max_in_len and min_in_len is at most 255, and make sure they both vary
+     * by at least one block size.
+     */
+    for (max_in_len = 0; max_in_len <= 255 + block_size; max_in_len++) {
+        mbedtls_test_set_step(max_in_len * 10000);
+
+        /* Use allocated in buffer to catch overreads */
+        TEST_CALLOC(data, max_in_len);
+
+        min_in_len = max_in_len > 255 ? max_in_len - 255 : 0;
+        for (in_len = min_in_len; in_len <= max_in_len; in_len++) {
+            mbedtls_test_set_step(max_in_len * 10000 + in_len);
+
+            /* Set up dummy data and add_data */
+            rec_num++;
+            memset(add_data, rec_num, sizeof(add_data));
+            for (i = 0; i < in_len; i++) {
+                data[i] = (i & 0xff) ^ rec_num;
+            }
+
+            /* Get the function's result */
+            TEST_CF_SECRET(&in_len, sizeof(in_len));
+            TEST_EQUAL(0, mbedtls_ct_hmac(&ctx, add_data, sizeof(add_data),
+                                          data, in_len,
+                                          min_in_len, max_in_len,
+                                          out));
+            TEST_CF_PUBLIC(&in_len, sizeof(in_len));
+            TEST_CF_PUBLIC(out, out_len);
+
+            /* Compute the reference result */
+            TEST_EQUAL(0, mbedtls_md_hmac_update(&ref_ctx, add_data,
+                                                 sizeof(add_data)));
+            TEST_EQUAL(0, mbedtls_md_hmac_update(&ref_ctx, data, in_len));
+            TEST_EQUAL(0, mbedtls_md_hmac_finish(&ref_ctx, ref_out));
+            TEST_EQUAL(0, mbedtls_md_hmac_reset(&ref_ctx));
+
+            /* Compare */
+            TEST_MEMORY_COMPARE(out, out_len, ref_out, out_len);
+        }
+
+        mbedtls_free(data);
+        data = NULL;
+    }
+
+exit:
+    mbedtls_md_free(&ref_ctx);
+    mbedtls_md_free(&ctx);
+
+    mbedtls_free(data);
+    mbedtls_free(out);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ctr_drbg.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ctr_drbg.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ctr_drbg.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ctr_drbg.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ctr_drbg.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ctr_drbg.function
new file mode 100644
index 0000000..4c6ee6f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ctr_drbg.function
@@ -0,0 +1,337 @@
+/* BEGIN_HEADER */
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "string.h"
+
+/* Modes for ctr_drbg_validate */
+enum reseed_mode {
+    RESEED_NEVER, /* never reseed */
+    RESEED_FIRST, /* instantiate, reseed, generate, generate */
+    RESEED_SECOND, /* instantiate, generate, reseed, generate */
+    RESEED_ALWAYS /* prediction resistance, no explicit reseed */
+};
+
+static size_t test_offset_idx = 0;
+static size_t test_max_idx  = 0;
+static int mbedtls_test_entropy_func(void *data, unsigned char *buf, size_t len)
+{
+    const unsigned char *p = (unsigned char *) data;
+    if (test_offset_idx + len > test_max_idx) {
+        return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+    }
+    memcpy(buf, p + test_offset_idx, len);
+    test_offset_idx += len;
+    return 0;
+}
+
+static void ctr_drbg_validate_internal(int reseed_mode, data_t *nonce,
+                                       int entropy_len_arg, data_t *entropy,
+                                       data_t *reseed,
+                                       data_t *add1, data_t *add2,
+                                       data_t *result)
+{
+    mbedtls_ctr_drbg_context ctx;
+    unsigned char buf[64];
+
+    size_t entropy_chunk_len = (size_t) entropy_len_arg;
+
+    TEST_ASSERT(entropy_chunk_len <= sizeof(buf));
+
+    test_offset_idx = 0;
+    mbedtls_ctr_drbg_init(&ctx);
+
+    test_max_idx = entropy->len;
+
+    /* CTR_DRBG_Instantiate(entropy[:entropy->len], nonce, perso, <ignored>)
+     * where nonce||perso = nonce[nonce->len] */
+    mbedtls_ctr_drbg_set_entropy_len(&ctx, entropy_chunk_len);
+    mbedtls_ctr_drbg_set_nonce_len(&ctx, 0);
+    TEST_ASSERT(mbedtls_ctr_drbg_seed(
+                    &ctx,
+                    mbedtls_test_entropy_func, entropy->x,
+                    nonce->x, nonce->len) == 0);
+    if (reseed_mode == RESEED_ALWAYS) {
+        mbedtls_ctr_drbg_set_prediction_resistance(
+            &ctx,
+            MBEDTLS_CTR_DRBG_PR_ON);
+    }
+
+    if (reseed_mode == RESEED_FIRST) {
+        /* CTR_DRBG_Reseed(entropy[idx:idx+entropy->len],
+         *                 reseed[:reseed->len]) */
+        TEST_ASSERT(mbedtls_ctr_drbg_reseed(
+                        &ctx,
+                        reseed->x, reseed->len) == 0);
+    }
+
+    /* CTR_DRBG_Generate(result->len * 8 bits, add1[:add1->len]) -> buf */
+    /* Then reseed if prediction resistance is enabled. */
+    TEST_ASSERT(mbedtls_ctr_drbg_random_with_add(
+                    &ctx,
+                    buf, result->len,
+                    add1->x, add1->len) == 0);
+
+
+    if (reseed_mode == RESEED_SECOND) {
+        /* CTR_DRBG_Reseed(entropy[idx:idx+entropy->len],
+         *                 reseed[:reseed->len]) */
+        TEST_ASSERT(mbedtls_ctr_drbg_reseed(
+                        &ctx,
+                        reseed->x, reseed->len) == 0);
+    }
+
+    /* CTR_DRBG_Generate(result->len * 8 bits, add2->x[:add2->len]) -> buf */
+    /* Then reseed if prediction resistance is enabled. */
+    TEST_ASSERT(mbedtls_ctr_drbg_random_with_add(
+                    &ctx,
+                    buf, result->len,
+                    add2->x, add2->len) == 0);
+    TEST_ASSERT(memcmp(buf, result->x, result->len) == 0);
+
+exit:
+    mbedtls_ctr_drbg_free(&ctx);
+}
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_CTR_DRBG_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void ctr_drbg_special_behaviours()
+{
+    mbedtls_ctr_drbg_context ctx;
+    unsigned char output[512];
+    unsigned char additional[512];
+
+    mbedtls_ctr_drbg_init(&ctx);
+    memset(output, 0, sizeof(output));
+    memset(additional, 0, sizeof(additional));
+
+    TEST_ASSERT(mbedtls_ctr_drbg_random_with_add(&ctx,
+                                                 output, MBEDTLS_CTR_DRBG_MAX_REQUEST + 1,
+                                                 additional, 16) ==
+                MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG);
+    TEST_ASSERT(mbedtls_ctr_drbg_random_with_add(&ctx,
+                                                 output, 16,
+                                                 additional, MBEDTLS_CTR_DRBG_MAX_INPUT + 1) ==
+                MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG);
+
+    TEST_ASSERT(mbedtls_ctr_drbg_reseed(&ctx, additional,
+                                        MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + 1) ==
+                MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG);
+
+    mbedtls_ctr_drbg_set_entropy_len(&ctx, ~0);
+    TEST_ASSERT(mbedtls_ctr_drbg_reseed(&ctx, additional,
+                                        MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) ==
+                MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG);
+exit:
+    mbedtls_ctr_drbg_free(&ctx);
+}
+/* END_CASE */
+
+
+/* BEGIN_CASE */
+void ctr_drbg_validate_no_reseed(data_t *add_init, data_t *entropy,
+                                 data_t *add1, data_t *add2,
+                                 data_t *result_string)
+{
+    data_t empty = { 0, 0 };
+    ctr_drbg_validate_internal(RESEED_NEVER, add_init,
+                               entropy->len, entropy,
+                               &empty, add1, add2,
+                               result_string);
+    goto exit; // goto is needed to avoid warning ( no test assertions in func)
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ctr_drbg_validate_pr(data_t *add_init, data_t *entropy,
+                          data_t *add1, data_t *add2,
+                          data_t *result_string)
+{
+    data_t empty = { 0, 0 };
+    ctr_drbg_validate_internal(RESEED_ALWAYS, add_init,
+                               entropy->len / 3, entropy,
+                               &empty, add1, add2,
+                               result_string);
+    goto exit; // goto is needed to avoid warning ( no test assertions in func)
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ctr_drbg_validate_reseed_between(data_t *add_init, data_t *entropy,
+                                      data_t *add1, data_t *add_reseed,
+                                      data_t *add2, data_t *result_string)
+{
+    ctr_drbg_validate_internal(RESEED_SECOND, add_init,
+                               entropy->len / 2, entropy,
+                               add_reseed, add1, add2,
+                               result_string);
+    goto exit; // goto is needed to avoid warning ( no test assertions in func)
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ctr_drbg_validate_reseed_first(data_t *add_init, data_t *entropy,
+                                    data_t *add1, data_t *add_reseed,
+                                    data_t *add2, data_t *result_string)
+{
+    ctr_drbg_validate_internal(RESEED_FIRST, add_init,
+                               entropy->len / 2, entropy,
+                               add_reseed, add1, add2,
+                               result_string);
+    goto exit; // goto is needed to avoid warning ( no test assertions in func)
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ctr_drbg_entropy_strength(int expected_bit_strength)
+{
+    unsigned char entropy[/*initial entropy*/ MBEDTLS_CTR_DRBG_ENTROPY_LEN +
+                          /*nonce*/ MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN +
+                          /*reseed*/ MBEDTLS_CTR_DRBG_ENTROPY_LEN];
+    mbedtls_ctr_drbg_context ctx;
+    size_t last_idx;
+    size_t byte_strength = expected_bit_strength / 8;
+
+    mbedtls_ctr_drbg_init(&ctx);
+    test_offset_idx = 0;
+    test_max_idx = sizeof(entropy);
+    memset(entropy, 0, sizeof(entropy));
+
+    /* The initial seeding must grab at least byte_strength bytes of entropy
+     * for the entropy input and byte_strength/2 bytes for a nonce. */
+    TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctx,
+                                      mbedtls_test_entropy_func, entropy,
+                                      NULL, 0) == 0);
+    TEST_ASSERT(test_offset_idx >= (byte_strength * 3 + 1) / 2);
+    last_idx = test_offset_idx;
+
+    /* A reseed must grab at least byte_strength bytes of entropy. */
+    TEST_ASSERT(mbedtls_ctr_drbg_reseed(&ctx, NULL, 0) == 0);
+    TEST_ASSERT(test_offset_idx - last_idx >= byte_strength);
+
+exit:
+    mbedtls_ctr_drbg_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ctr_drbg_entropy_usage(int entropy_nonce_len)
+{
+    unsigned char out[16];
+    unsigned char add[16];
+    unsigned char entropy[1024];
+    mbedtls_ctr_drbg_context ctx;
+    size_t i, reps = 10;
+    size_t expected_idx = 0;
+
+    mbedtls_ctr_drbg_init(&ctx);
+    test_offset_idx = 0;
+    test_max_idx = sizeof(entropy);
+    memset(entropy, 0, sizeof(entropy));
+    memset(out, 0, sizeof(out));
+    memset(add, 0, sizeof(add));
+
+    if (entropy_nonce_len >= 0) {
+        TEST_ASSERT(mbedtls_ctr_drbg_set_nonce_len(&ctx, entropy_nonce_len) == 0);
+    }
+
+    /* Set reseed interval before seed */
+    mbedtls_ctr_drbg_set_reseed_interval(&ctx, 2 * reps);
+
+    /* Init must use entropy */
+    TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctx, mbedtls_test_entropy_func, entropy, NULL, 0) == 0);
+    expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_LEN;
+    if (entropy_nonce_len >= 0) {
+        expected_idx += entropy_nonce_len;
+    } else {
+        expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN;
+    }
+    TEST_EQUAL(test_offset_idx, expected_idx);
+
+    /* By default, PR is off, and reseed interval was set to
+     * 2 * reps so the next few calls should not use entropy */
+    for (i = 0; i < reps; i++) {
+        TEST_ASSERT(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out) - 4) == 0);
+        TEST_ASSERT(mbedtls_ctr_drbg_random_with_add(&ctx, out, sizeof(out) - 4,
+                                                     add, sizeof(add)) == 0);
+    }
+    TEST_EQUAL(test_offset_idx, expected_idx);
+
+    /* While at it, make sure we didn't write past the requested length */
+    TEST_ASSERT(out[sizeof(out) - 4] == 0);
+    TEST_ASSERT(out[sizeof(out) - 3] == 0);
+    TEST_ASSERT(out[sizeof(out) - 2] == 0);
+    TEST_ASSERT(out[sizeof(out) - 1] == 0);
+
+    /* There have been 2 * reps calls to random. The next call should reseed */
+    TEST_ASSERT(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out)) == 0);
+    expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_LEN;
+    TEST_EQUAL(test_offset_idx, expected_idx);
+
+    /* Set reseed interval after seed */
+    mbedtls_ctr_drbg_set_reseed_interval(&ctx, 4 * reps + 1);
+
+    /* The next few calls should not reseed */
+    for (i = 0; i < (2 * reps); i++) {
+        TEST_ASSERT(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out)) == 0);
+        TEST_ASSERT(mbedtls_ctr_drbg_random_with_add(&ctx, out, sizeof(out),
+                                                     add, sizeof(add)) == 0);
+    }
+    TEST_EQUAL(test_offset_idx, expected_idx);
+
+    /* Call update with too much data (sizeof(entropy) > MAX(_SEED)_INPUT).
+     * Make sure it's detected as an error and doesn't cause memory
+     * corruption. */
+    TEST_ASSERT(mbedtls_ctr_drbg_update_ret(
+                    &ctx, entropy, sizeof(entropy)) != 0);
+
+    /* Now enable PR, so the next few calls should all reseed */
+    mbedtls_ctr_drbg_set_prediction_resistance(&ctx, MBEDTLS_CTR_DRBG_PR_ON);
+    TEST_ASSERT(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out)) == 0);
+    expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_LEN;
+    TEST_EQUAL(test_offset_idx, expected_idx);
+
+    /* Finally, check setting entropy_len */
+    mbedtls_ctr_drbg_set_entropy_len(&ctx, 42);
+    TEST_ASSERT(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out)) == 0);
+    expected_idx += 42;
+    TEST_EQUAL(test_offset_idx, expected_idx);
+
+    mbedtls_ctr_drbg_set_entropy_len(&ctx, 13);
+    TEST_ASSERT(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out)) == 0);
+    expected_idx += 13;
+    TEST_EQUAL(test_offset_idx, expected_idx);
+
+exit:
+    mbedtls_ctr_drbg_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
+void ctr_drbg_seed_file(char *path, int ret)
+{
+    mbedtls_ctr_drbg_context ctx;
+
+    mbedtls_ctr_drbg_init(&ctx);
+
+    TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctx, mbedtls_test_rnd_std_rand,
+                                      NULL, NULL, 0) == 0);
+    TEST_ASSERT(mbedtls_ctr_drbg_write_seed_file(&ctx, path) == ret);
+    TEST_ASSERT(mbedtls_ctr_drbg_update_seed_file(&ctx, path) == ret);
+
+exit:
+    mbedtls_ctr_drbg_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void ctr_drbg_selftest()
+{
+    TEST_ASSERT(mbedtls_ctr_drbg_self_test(1) == 0);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_debug.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_debug.data
new file mode 100644
index 0000000..87ec67c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_debug.data
@@ -0,0 +1,70 @@
+Debug print msg (threshold 1, level 0)
+debug_print_msg_threshold:1:0:"MyFile":999:"MyFile(0999)\: Text message, 2 == 2\n"
+
+Debug print msg (threshold 1, level 1)
+debug_print_msg_threshold:1:1:"MyFile":999:"MyFile(0999)\: Text message, 2 == 2\n"
+
+Debug print msg (threshold 1, level 2)
+debug_print_msg_threshold:1:2:"MyFile":999:""
+
+Debug print msg (threshold 0, level 1)
+debug_print_msg_threshold:0:1:"MyFile":999:""
+
+Debug print msg (threshold 0, level 5)
+debug_print_msg_threshold:0:5:"MyFile":999:""
+
+Debug print return value #1
+mbedtls_debug_print_ret:"MyFile":999:"Test return value":0:"MyFile(0999)\: Test return value() returned 0 (-0x0000)\n"
+
+Debug print return value #2
+mbedtls_debug_print_ret:"MyFile":999:"Test return value":-0x1000:"MyFile(0999)\: Test return value() returned -4096 (-0x1000)\n"
+
+Debug print return value #3
+mbedtls_debug_print_ret:"MyFile":999:"Test return value":-0xFFFF:"MyFile(0999)\: Test return value() returned -65535 (-0xffff)\n"
+
+Debug print buffer #1
+mbedtls_debug_print_buf:"MyFile":999:"Test return value":"":"MyFile(0999)\: dumping 'Test return value' (0 bytes)\n"
+
+Debug print buffer #2
+mbedtls_debug_print_buf:"MyFile":999:"Test return value":"00":"MyFile(0999)\: dumping 'Test return value' (1 bytes)\nMyFile(0999)\: 0000\:  00                                               .\n"
+
+Debug print buffer #3
+mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F":"MyFile(0999)\: dumping 'Test return value' (16 bytes)\nMyFile(0999)\: 0000\:  00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f  ................\n"
+
+Debug print buffer #4
+mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F00":"MyFile(0999)\: dumping 'Test return value' (17 bytes)\nMyFile(0999)\: 0000\:  00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f  ................\nMyFile(0999)\: 0010\:  00                                               .\n"
+
+Debug print buffer #5
+mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30":"MyFile(0999)\: dumping 'Test return value' (49 bytes)\nMyFile(0999)\: 0000\:  00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f  ................\nMyFile(0999)\: 0010\:  10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f  ................\nMyFile(0999)\: 0020\:  20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f   !"#$%&'()*+,-./\nMyFile(0999)\: 0030\:  30                                               0\n"
+
+Debug print mbedtls_mpi: 0 (empty representation)
+mbedtls_debug_print_mpi:"":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\:  00\n"
+
+Debug print mbedtls_mpi: 0 (non-empty representation)
+mbedtls_debug_print_mpi:"00000000000000":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\:  00\n"
+
+Debug print mbedtls_mpi #2: 3 bits
+mbedtls_debug_print_mpi:"00000000000007":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (3 bits) is\:\nMyFile(0999)\:  07\n"
+
+Debug print mbedtls_mpi: 49 bits
+mbedtls_debug_print_mpi:"01020304050607":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (49 bits) is\:\nMyFile(0999)\:  01 02 03 04 05 06 07\n"
+
+Debug print mbedtls_mpi: 759 bits
+mbedtls_debug_print_mpi:"0000000000000000000000000000000000000000000000000000000041379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (759 bits) is\:\nMyFile(0999)\:  41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a 14\nMyFile(0999)\:  2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90 ff\nMyFile(0999)\:  e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c 09\nMyFile(0999)\:  18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89 af\nMyFile(0999)\:  48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b 52\nMyFile(0999)\:  62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
+
+Debug print mbedtls_mpi: 764 bits #1
+mbedtls_debug_print_mpi:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\:  09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\:  14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\:  ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\:  09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\:  af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\:  52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
+
+Debug print mbedtls_mpi: 764 bits #2
+mbedtls_debug_print_mpi:"0000000000000000000000000000000000000000000000000000000941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\:  09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\:  14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\:  ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\:  09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\:  af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\:  52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
+
+Debug print certificate #1 (RSA)
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
+mbedtls_debug_print_crt:"data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version     \: 3\nMyFile(0999)\: serial number     \: 01\nMyFile(0999)\: issuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nMyFile(0999)\: subject name      \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nMyFile(0999)\: issued  on        \: 2019-02-10 14\:44\:06\nMyFile(0999)\: expires on        \: 2029-02-10 14\:44\:06\nMyFile(0999)\: signed using      \: RSA with SHA1\nMyFile(0999)\: RSA key size      \: 2048 bits\nMyFile(0999)\: basic constraints \: CA=false\nMyFile(0999)\: value of 'crt->rsa.N' (2048 bits) is\:\nMyFile(0999)\:  a9 02 1f 3d 40 6a d5 55 53 8b fd 36 ee 82 65 2e\nMyFile(0999)\:  15 61 5e 89 bf b8 e8 45 90 db ee 88 16 52 d3 f1\nMyFile(0999)\:  43 50 47 96 12 59 64 87 6b fd 2b e0 46 f9 73 be\nMyFile(0999)\:  dd cf 92 e1 91 5b ed 66 a0 6f 89 29 79 45 80 d0\nMyFile(0999)\:  83 6a d5 41 43 77 5f 39 7c 09 04 47 82 b0 57 39\nMyFile(0999)\:  70 ed a3 ec 15 19 1e a8 33 08 47 c1 05 42 a9 fd\nMyFile(0999)\:  4c c3 b4 df dd 06 1f 4d 10 51 40 67 73 13 0f 40\nMyFile(0999)\:  f8 6d 81 25 5f 0a b1 53 c6 30 7e 15 39 ac f9 5a\nMyFile(0999)\:  ee 7f 92 9e a6 05 5b e7 13 97 85 b5 23 92 d9 d4\nMyFile(0999)\:  24 06 d5 09 25 89 75 07 dd a6 1a 8f 3f 09 19 be\nMyFile(0999)\:  ad 65 2c 64 eb 95 9b dc fe 41 5e 17 a6 da 6c 5b\nMyFile(0999)\:  69 cc 02 ba 14 2c 16 24 9c 4a dc cd d0 f7 52 67\nMyFile(0999)\:  73 f1 2d a0 23 fd 7e f4 31 ca 2d 70 ca 89 0b 04\nMyFile(0999)\:  db 2e a6 4f 70 6e 9e ce bd 58 89 e2 53 59 9e 6e\nMyFile(0999)\:  5a 92 65 e2 88 3f 0c 94 19 a3 dd e5 e8 9d 95 13\nMyFile(0999)\:  ed 29 db ab 70 12 dc 5a ca 6b 17 ab 52 82 54 b1\nMyFile(0999)\: value of 'crt->rsa.E' (17 bits) is\:\nMyFile(0999)\:  01 00 01\n"
+
+Debug print certificate #2 (EC)
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C
+mbedtls_debug_print_crt:"data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version     \: 3\nMyFile(0999)\: serial number     \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name      \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued  on        \: 2019-02-10 14\:44\:00\nMyFile(0999)\: expires on        \: 2029-02-10 14\:44\:00\nMyFile(0999)\: signed using      \: ECDSA with SHA256\nMyFile(0999)\: EC key size       \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\nMyFile(0999)\: value of 'crt->eckey.Q(X)' (384 bits) is\:\nMyFile(0999)\:  c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43\nMyFile(0999)\:  4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95\nMyFile(0999)\:  39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d\nMyFile(0999)\: value of 'crt->eckey.Q(Y)' (384 bits) is\:\nMyFile(0999)\:  87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58\nMyFile(0999)\:  b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47\nMyFile(0999)\:  6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e\n"
+
+Check mbedtls_calloc overallocation
+check_mbedtls_calloc_overallocation:1:1
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_debug.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_debug.function
new file mode 100644
index 0000000..9ece280
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_debug.function
@@ -0,0 +1,221 @@
+/* BEGIN_HEADER */
+#include "mbedtls/debug.h"
+#include "string.h"
+
+struct buffer_data {
+    char buf[2000];
+    char *ptr;
+};
+
+void string_debug(void *data, int level, const char *file, int line, const char *str)
+{
+    struct buffer_data *buffer = (struct buffer_data *) data;
+    char *p = buffer->ptr;
+    ((void) level);
+
+    memcpy(p, file, strlen(file));
+    p += strlen(file);
+
+    *p++ = '(';
+    *p++ = '0' + (line / 1000) % 10;
+    *p++ = '0' + (line / 100) % 10;
+    *p++ = '0' + (line / 10) % 10;
+    *p++ = '0' + (line / 1) % 10;
+    *p++ = ')';
+    *p++ = ':';
+    *p++ = ' ';
+
+#if defined(MBEDTLS_THREADING_C)
+    /* Skip "thread ID" (up to the first space) as it is not predictable */
+    while (*str++ != ' ') {
+        ;
+    }
+#endif
+
+    memcpy(p, str, strlen(str));
+    p += strlen(str);
+
+    /* Detect if debug messages output partial lines and mark them */
+    if (p[-1] != '\n') {
+        *p++ = '*';
+    }
+
+    buffer->ptr = p;
+}
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_DEBUG_C:MBEDTLS_SSL_TLS_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void debug_print_msg_threshold(int threshold, int level, char *file,
+                               int line, char *result_str)
+{
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    struct buffer_data buffer;
+
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_config_init(&conf);
+    memset(buffer.buf, 0, 2000);
+    buffer.ptr = buffer.buf;
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
+
+    mbedtls_debug_set_threshold(threshold);
+    mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer);
+
+    mbedtls_debug_print_msg(&ssl, level, file, line,
+                            "Text message, 2 == %d", 2);
+
+    TEST_ASSERT(strcmp(buffer.buf, result_str) == 0);
+
+exit:
+    mbedtls_ssl_free(&ssl);
+    mbedtls_ssl_config_free(&conf);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_debug_print_ret(char *file, int line, char *text, int value,
+                             char *result_str)
+{
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    struct buffer_data buffer;
+
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_config_init(&conf);
+    memset(buffer.buf, 0, 2000);
+    buffer.ptr = buffer.buf;
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
+
+    mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer);
+
+    mbedtls_debug_print_ret(&ssl, 0, file, line, text, value);
+
+    TEST_ASSERT(strcmp(buffer.buf, result_str) == 0);
+
+exit:
+    mbedtls_ssl_free(&ssl);
+    mbedtls_ssl_config_free(&conf);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_debug_print_buf(char *file, int line, char *text,
+                             data_t *data, char *result_str)
+{
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    struct buffer_data buffer;
+
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_config_init(&conf);
+    memset(buffer.buf, 0, 2000);
+    buffer.ptr = buffer.buf;
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
+
+    mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer);
+
+    mbedtls_debug_print_buf(&ssl, 0, file, line, text, data->x, data->len);
+
+    TEST_ASSERT(strcmp(buffer.buf, result_str) == 0);
+
+exit:
+    mbedtls_ssl_free(&ssl);
+    mbedtls_ssl_config_free(&conf);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
+void mbedtls_debug_print_crt(char *crt_file, char *file, int line,
+                             char *prefix, char *result_str)
+{
+    mbedtls_x509_crt   crt;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    struct buffer_data buffer;
+
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_config_init(&conf);
+    mbedtls_x509_crt_init(&crt);
+    USE_PSA_INIT();
+
+    memset(buffer.buf, 0, 2000);
+    buffer.ptr = buffer.buf;
+
+    TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
+
+    mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer);
+
+    TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0);
+    mbedtls_debug_print_crt(&ssl, 0, file, line, prefix, &crt);
+
+    TEST_ASSERT(strcmp(buffer.buf, result_str) == 0);
+
+exit:
+    mbedtls_x509_crt_free(&crt);
+    mbedtls_ssl_free(&ssl);
+    mbedtls_ssl_config_free(&conf);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */
+void mbedtls_debug_print_mpi(char *value, char *file, int line,
+                             char *prefix, char *result_str)
+{
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    struct buffer_data buffer;
+    mbedtls_mpi val;
+
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_config_init(&conf);
+    mbedtls_mpi_init(&val);
+    memset(buffer.buf, 0, 2000);
+    buffer.ptr = buffer.buf;
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&val, value) == 0);
+
+    mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer);
+
+    mbedtls_debug_print_mpi(&ssl, 0, file, line, prefix, &val);
+
+    TEST_ASSERT(strcmp(buffer.buf, result_str) == 0);
+
+exit:
+    mbedtls_mpi_free(&val);
+    mbedtls_ssl_free(&ssl);
+    mbedtls_ssl_config_free(&conf);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void check_mbedtls_calloc_overallocation(int num, int size)
+{
+    unsigned char *buf;
+    buf = mbedtls_calloc((size_t) num * SIZE_MAX/2, (size_t) size * SIZE_MAX/2);
+    /* Dummy usage of the pointer to prevent optimizing it */
+    mbedtls_printf("calloc pointer : %p\n", buf);
+    TEST_ASSERT(buf == NULL);
+
+exit:
+    mbedtls_free(buf);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_des.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_des.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_des.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_des.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_des.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_des.function
new file mode 100644
index 0000000..b846d77
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_des.function
@@ -0,0 +1,280 @@
+/* BEGIN_HEADER */
+#include "mbedtls/des.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_DES_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void des_check_weak(data_t *key, int ret)
+{
+    TEST_ASSERT(mbedtls_des_key_check_weak(key->x) == ret);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void des_encrypt_ecb(data_t *key_str, data_t *src_str, data_t *dst)
+{
+    unsigned char output[100];
+    mbedtls_des_context ctx;
+
+    memset(output, 0x00, 100);
+    mbedtls_des_init(&ctx);
+
+
+    TEST_ASSERT(mbedtls_des_setkey_enc(&ctx, key_str->x) == 0);
+    TEST_ASSERT(mbedtls_des_crypt_ecb(&ctx, src_str->x, output) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0);
+
+exit:
+    mbedtls_des_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void des_decrypt_ecb(data_t *key_str, data_t *src_str, data_t *dst)
+{
+    unsigned char output[100];
+    mbedtls_des_context ctx;
+
+    memset(output, 0x00, 100);
+    mbedtls_des_init(&ctx);
+
+
+    TEST_ASSERT(mbedtls_des_setkey_dec(&ctx, key_str->x) == 0);
+    TEST_ASSERT(mbedtls_des_crypt_ecb(&ctx, src_str->x, output) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0);
+
+exit:
+    mbedtls_des_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
+void des_encrypt_cbc(data_t *key_str, data_t *iv_str,
+                     data_t *src_str, data_t *dst, int cbc_result)
+{
+    unsigned char output[100];
+    mbedtls_des_context ctx;
+
+    memset(output, 0x00, 100);
+    mbedtls_des_init(&ctx);
+
+
+    TEST_ASSERT(mbedtls_des_setkey_enc(&ctx, key_str->x) == 0);
+    TEST_ASSERT(mbedtls_des_crypt_cbc(&ctx, MBEDTLS_DES_ENCRYPT, src_str->len, iv_str->x,
+                                      src_str->x, output) == cbc_result);
+    if (cbc_result == 0) {
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len,
+                                        dst->len) == 0);
+    }
+
+exit:
+    mbedtls_des_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
+void des_decrypt_cbc(data_t *key_str, data_t *iv_str,
+                     data_t *src_str, data_t *dst,
+                     int cbc_result)
+{
+    unsigned char output[100];
+    mbedtls_des_context ctx;
+
+    memset(output, 0x00, 100);
+    mbedtls_des_init(&ctx);
+
+
+    TEST_ASSERT(mbedtls_des_setkey_dec(&ctx, key_str->x) == 0);
+    TEST_ASSERT(mbedtls_des_crypt_cbc(&ctx, MBEDTLS_DES_DECRYPT, src_str->len, iv_str->x,
+                                      src_str->x, output) == cbc_result);
+    if (cbc_result == 0) {
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len,
+                                        dst->len) == 0);
+    }
+
+exit:
+    mbedtls_des_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void des3_encrypt_ecb(int key_count, data_t *key_str,
+                      data_t *src_str, data_t *dst)
+{
+    unsigned char output[100];
+    mbedtls_des3_context ctx;
+
+    memset(output, 0x00, 100);
+    mbedtls_des3_init(&ctx);
+
+
+    if (key_count == 2) {
+        TEST_ASSERT(mbedtls_des3_set2key_enc(&ctx, key_str->x) == 0);
+    } else if (key_count == 3) {
+        TEST_ASSERT(mbedtls_des3_set3key_enc(&ctx, key_str->x) == 0);
+    } else {
+        TEST_ASSERT(0);
+    }
+
+    TEST_ASSERT(mbedtls_des3_crypt_ecb(&ctx, src_str->x, output) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0);
+
+exit:
+    mbedtls_des3_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void des3_decrypt_ecb(int key_count, data_t *key_str,
+                      data_t *src_str, data_t *dst)
+{
+    unsigned char output[100];
+    mbedtls_des3_context ctx;
+
+    memset(output, 0x00, 100);
+    mbedtls_des3_init(&ctx);
+
+
+    if (key_count == 2) {
+        TEST_ASSERT(mbedtls_des3_set2key_dec(&ctx, key_str->x) == 0);
+    } else if (key_count == 3) {
+        TEST_ASSERT(mbedtls_des3_set3key_dec(&ctx, key_str->x) == 0);
+    } else {
+        TEST_ASSERT(0);
+    }
+
+    TEST_ASSERT(mbedtls_des3_crypt_ecb(&ctx, src_str->x, output) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0);
+
+exit:
+    mbedtls_des3_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
+void des3_encrypt_cbc(int key_count, data_t *key_str,
+                      data_t *iv_str, data_t *src_str,
+                      data_t *dst, int cbc_result)
+{
+    unsigned char output[100];
+    mbedtls_des3_context ctx;
+
+    memset(output, 0x00, 100);
+    mbedtls_des3_init(&ctx);
+
+
+    if (key_count == 2) {
+        TEST_ASSERT(mbedtls_des3_set2key_enc(&ctx, key_str->x) == 0);
+    } else if (key_count == 3) {
+        TEST_ASSERT(mbedtls_des3_set3key_enc(&ctx, key_str->x) == 0);
+    } else {
+        TEST_ASSERT(0);
+    }
+
+    TEST_ASSERT(mbedtls_des3_crypt_cbc(&ctx, MBEDTLS_DES_ENCRYPT, src_str->len, iv_str->x,
+                                       src_str->x, output) == cbc_result);
+
+    if (cbc_result == 0) {
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x,
+                                        src_str->len, dst->len) == 0);
+    }
+
+exit:
+    mbedtls_des3_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
+void des3_decrypt_cbc(int key_count, data_t *key_str,
+                      data_t *iv_str, data_t *src_str,
+                      data_t *dst, int cbc_result)
+{
+    unsigned char output[100];
+    mbedtls_des3_context ctx;
+
+    memset(output, 0x00, 100);
+    mbedtls_des3_init(&ctx);
+
+
+    if (key_count == 2) {
+        TEST_ASSERT(mbedtls_des3_set2key_dec(&ctx, key_str->x) == 0);
+    } else if (key_count == 3) {
+        TEST_ASSERT(mbedtls_des3_set3key_dec(&ctx, key_str->x) == 0);
+    } else {
+        TEST_ASSERT(0);
+    }
+
+    TEST_ASSERT(mbedtls_des3_crypt_cbc(&ctx, MBEDTLS_DES_DECRYPT, src_str->len, iv_str->x,
+                                       src_str->x, output) == cbc_result);
+
+    if (cbc_result == 0) {
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len,
+                                        dst->len) == 0);
+    }
+
+exit:
+    mbedtls_des3_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void des_key_parity_run()
+{
+    int i, j, cnt;
+    unsigned char key[MBEDTLS_DES_KEY_SIZE];
+    unsigned int parity;
+
+    memset(key, 0, MBEDTLS_DES_KEY_SIZE);
+    cnt = 0;
+
+    // Iterate through all possible byte values
+    //
+    for (i = 0; i < 32; i++) {
+        for (j = 0; j < 8; j++) {
+            key[j] = cnt++;
+        }
+
+        // Set the key parity according to the table
+        //
+        mbedtls_des_key_set_parity(key);
+
+        // Check the parity with a function
+        //
+        for (j = 0; j < 8; j++) {
+            parity = key[j] ^ (key[j] >> 4);
+            parity = parity ^
+                     (parity >> 1) ^
+                     (parity >> 2) ^
+                     (parity >> 3);
+            parity &= 1;
+
+            if (parity != 1) {
+                TEST_ASSERT(0);
+            }
+        }
+
+        // Check the parity with the table
+        //
+        TEST_ASSERT(mbedtls_des_key_check_key_parity(key) == 0);
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void des_selftest()
+{
+    TEST_ASSERT(mbedtls_des_self_test(1) == 0);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_dhm.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_dhm.data
new file mode 100644
index 0000000..48c4bb5
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_dhm.data
@@ -0,0 +1,127 @@
+Diffie-Hellman full exchange: tiny x_size
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":1:"1e32158a35e34d7b619657d6":0
+
+Diffie-Hellman parameter validation
+dhm_invalid_params:
+
+Diffie-Hellman full exchange: 5-bit, x_size=3
+dhm_do_dhm:"17":3:"5":0
+
+Diffie-Hellman full exchange: 5-bit, x_size=2
+dhm_do_dhm:"17":2:"5":0
+
+## Repeat this test case and a few similar ones several times. The RNG state
+## changes, so we get to exercise the code with a few different values.
+Diffie-Hellman full exchange: 5-bit #1
+dhm_do_dhm:"17":1:"5":0
+
+Diffie-Hellman full exchange: 5-bit #2
+dhm_do_dhm:"17":1:"5":0
+
+Diffie-Hellman full exchange: 5-bit #3
+dhm_do_dhm:"17":1:"5":0
+
+Diffie-Hellman full exchange: 5-bit #4
+dhm_do_dhm:"17":1:"5":0
+
+Diffie-Hellman full exchange: 5-bit #5
+dhm_do_dhm:"17":1:"5":0
+
+## This is x_size = P_size + 1. Arguably x_size > P_size makes no sense,
+## but it's the current undocumented behavior to treat it the same as when
+## x_size = P_size. If this behavior changes in the future, change the expected
+## return status from 0 to MBEDTLS_ERR_DHM_BAD_INPUT_DATA.
+Diffie-Hellman full exchange: 97-bit, x_size=14
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":14:"1e32158a35e34d7b619657d6":0
+
+Diffie-Hellman full exchange: 97-bit #1
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"1e32158a35e34d7b619657d6":0
+
+Diffie-Hellman full exchange: 97-bit #2
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"1e32158a35e34d7b619657d6":0
+
+Diffie-Hellman full exchange: 97-bit #3
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"1e32158a35e34d7b619657d6":0
+
+Diffie-Hellman full exchange: 97-bit #4
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"1e32158a35e34d7b619657d6":0
+
+Diffie-Hellman full exchange: 97-bit #5
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"1e32158a35e34d7b619657d6":0
+
+Diffie-Hellman full exchange: 97-bit, x_size=12
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":12:"1e32158a35e34d7b619657d6":0
+
+Diffie-Hellman full exchange: 97-bit, x_size=11
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":11:"1e32158a35e34d7b619657d6":0
+
+Diffie-Hellman full exchange: 97-bit, x_size=1 #1
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":1:"1e32158a35e34d7b619657d6":0
+
+Diffie-Hellman full exchange: 97-bit, x_size=1 #2
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":1:"1e32158a35e34d7b619657d6":0
+
+Diffie-Hellman full exchange: 97-bit, x_size=1 #3
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":1:"1e32158a35e34d7b619657d6":0
+
+Diffie-Hellman full exchange: 97-bit, x_size=1 #4
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":1:"1e32158a35e34d7b619657d6":0
+
+Diffie-Hellman full exchange: 97-bit, x_size=1 #5
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":1:"1e32158a35e34d7b619657d6":0
+
+Diffie-Hellman full exchange: 286-bit
+dhm_do_dhm:"301abc09a57b66a953bfcc206a32e9ab56724084e4b47635779ca35fee79ce1060cb4117":36:"15aa1039b4dd361ed1b5b88e52f2919d0cbcb15adbe5fc290dab13b34e7":0
+
+Diffie-Hellman small modulus
+dhm_do_dhm:"3":1:"5":MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED+MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Diffie-Hellman zero modulus
+dhm_do_dhm:"0":1:"5":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=0
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"0":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=1
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=-1
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"-1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=P-1
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"12df4d7689dff4c99d9ae57d6":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=P-2
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"12df4d7689dff4c99d9ae57d5":0
+
+Diffie-Hellman with G=P
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"12df4d7689dff4c99d9ae57d7":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=P+1
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"12df4d7689dff4c99d9ae57d8":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=P+2
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"12df4d7689dff4c99d9ae57d9":0
+
+Diffie-Hellman: x_size < 0
+dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":-1:"1e32158a35e34d7b619657d6":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman MPI_MAX_SIZE modulus
+dhm_make_public:MBEDTLS_MPI_MAX_SIZE:"5":0
+
+Diffie-Hellman MPI_MAX_SIZE + 1 modulus
+dhm_make_public:MBEDTLS_MPI_MAX_SIZE + 1:"5":MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED+MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+DH load parameters from PEM file (1024-bit, g=2)
+depends_on:MBEDTLS_PEM_PARSE_C
+dhm_file:"data_files/dhparams.pem":"9e35f430443a09904f3a39a979797d070df53378e79c2438bef4e761f3c714553328589b041c809be1d6c6b5f1fc9f47d3a25443188253a992a56818b37ba9de5a40d362e56eff0be5417474c125c199272c8fe41dea733df6f662c92ae76556e755d10c64e6a50968f67fc6ea73d0dca8569be2ba204e23580d8bca2f4975b3":"02":128
+
+DH load parameters from PEM file (2048-bit, large g, privateValueLength)
+depends_on:MBEDTLS_PEM_PARSE_C
+dhm_file:"data_files/dh.optlen.pem":"b3126aeaf47153c7d67f403030b292b5bd5a6c9eae1c137af34087fce2a36a578d70c5c560ad2bdb924c4a4dbee20a1671be7103ce87defa76908936803dbeca60c33e1289c1a03ac2c6c4e49405e5902fa0596a1cbaa895cc402d5213ed4a5f1f5ba8b5e1ed3da951a4c475afeb0ca660b7368c38c8e809f382d96ae19e60dc984e61cb42b5dfd723322acf327f9e413cda6400c15c5b2ea1fa34405d83982fba40e6d852da3d91019bf23511314254dc211a90833e5b1798ee52a78198c555644729ad92f060367c74ded37704adfc273a4a33fec821bd2ebd3bc051730e97a4dd14d2b766062592f5eec09d16bb50efebf2cc00dd3e0e3418e60ec84870f7":"800abfe7dc667aa17bcd7c04614bc221a65482ccc04b604602b0e131908a938ea11b48dc515dab7abcbb1e0c7fd66511edc0d86551b7632496e03df94357e1c4ea07a7ce1e381a2fcafdff5f5bf00df828806020e875c00926e4d011f88477a1b01927d73813cad4847c6396b9244621be2b00b63c659253318413443cd244215cd7fd4cbe796e82c6cf70f89cc0c528fb8e344809b31876e7ef739d5160d095c9684188b0c8755c7a468d47f56d6db9ea012924ecb0556fb71312a8d7c93bb2898ea08ee54eeb594548285f06a973cbbe2a0cb02e90f323fe045521f34c68354a6d3e95dbfff1eb64692edc0a44f3d3e408d0e479a541e779a6054259e2d854":256
+
+DH load parameters from DER file (2048-bit, large g, privateValueLength)
+dhm_file:"data_files/dh.optlen.der":"b3126aeaf47153c7d67f403030b292b5bd5a6c9eae1c137af34087fce2a36a578d70c5c560ad2bdb924c4a4dbee20a1671be7103ce87defa76908936803dbeca60c33e1289c1a03ac2c6c4e49405e5902fa0596a1cbaa895cc402d5213ed4a5f1f5ba8b5e1ed3da951a4c475afeb0ca660b7368c38c8e809f382d96ae19e60dc984e61cb42b5dfd723322acf327f9e413cda6400c15c5b2ea1fa34405d83982fba40e6d852da3d91019bf23511314254dc211a90833e5b1798ee52a78198c555644729ad92f060367c74ded37704adfc273a4a33fec821bd2ebd3bc051730e97a4dd14d2b766062592f5eec09d16bb50efebf2cc00dd3e0e3418e60ec84870f7":"800abfe7dc667aa17bcd7c04614bc221a65482ccc04b604602b0e131908a938ea11b48dc515dab7abcbb1e0c7fd66511edc0d86551b7632496e03df94357e1c4ea07a7ce1e381a2fcafdff5f5bf00df828806020e875c00926e4d011f88477a1b01927d73813cad4847c6396b9244621be2b00b63c659253318413443cd244215cd7fd4cbe796e82c6cf70f89cc0c528fb8e344809b31876e7ef739d5160d095c9684188b0c8755c7a468d47f56d6db9ea012924ecb0556fb71312a8d7c93bb2898ea08ee54eeb594548285f06a973cbbe2a0cb02e90f323fe045521f34c68354a6d3e95dbfff1eb64692edc0a44f3d3e408d0e479a541e779a6054259e2d854":256
+
+Diffie-Hellman selftest
+dhm_selftest:
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_dhm.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_dhm.function
new file mode 100644
index 0000000..1251723
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_dhm.function
@@ -0,0 +1,361 @@
+/* BEGIN_HEADER */
+#include "mbedtls/dhm.h"
+
+/* Sanity checks on a Diffie-Hellman parameter: check the length-value
+ * syntax and check that the value is the expected one (taken from the
+ * DHM context by the caller). */
+static int check_dhm_param_output(const mbedtls_mpi *expected,
+                                  const unsigned char *buffer,
+                                  size_t size,
+                                  size_t *offset)
+{
+    size_t n;
+    mbedtls_mpi actual;
+    int ok = 0;
+    mbedtls_mpi_init(&actual);
+
+    ++mbedtls_test_info.step;
+
+    TEST_ASSERT(size >= *offset + 2);
+    n = (buffer[*offset] << 8) | buffer[*offset + 1];
+    *offset += 2;
+    /* The DHM param output from Mbed TLS has leading zeros stripped, as
+     * permitted but not required by RFC 5246 \S4.4. */
+    TEST_EQUAL(n, mbedtls_mpi_size(expected));
+    TEST_ASSERT(size >= *offset + n);
+    TEST_EQUAL(0, mbedtls_mpi_read_binary(&actual, buffer + *offset, n));
+    TEST_EQUAL(0, mbedtls_mpi_cmp_mpi(expected, &actual));
+    *offset += n;
+
+    ok = 1;
+exit:
+    mbedtls_mpi_free(&actual);
+    return ok;
+}
+
+/* Sanity checks on Diffie-Hellman parameters: syntax, range, and comparison
+ * against the context. */
+static int check_dhm_params(const mbedtls_dhm_context *ctx,
+                            size_t x_size,
+                            const unsigned char *ske, size_t ske_len)
+{
+    size_t offset = 0;
+
+    /* Check that ctx->X and ctx->GX are within range. */
+    TEST_ASSERT(mbedtls_mpi_cmp_int(&ctx->X, 1) > 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&ctx->X, &ctx->P) < 0);
+    TEST_ASSERT(mbedtls_mpi_size(&ctx->X) <= x_size);
+    TEST_ASSERT(mbedtls_mpi_cmp_int(&ctx->GX, 1) > 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&ctx->GX, &ctx->P) < 0);
+
+    /* Check ske: it must contain P, G and G^X, each prefixed with a
+     * 2-byte size. */
+    if (!check_dhm_param_output(&ctx->P, ske, ske_len, &offset)) {
+        goto exit;
+    }
+    if (!check_dhm_param_output(&ctx->G, ske, ske_len, &offset)) {
+        goto exit;
+    }
+    if (!check_dhm_param_output(&ctx->GX, ske, ske_len, &offset)) {
+        goto exit;
+    }
+    TEST_EQUAL(offset, ske_len);
+
+    return 1;
+exit:
+    return 0;
+}
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_DHM_C:MBEDTLS_BIGNUM_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void dhm_invalid_params()
+{
+    mbedtls_dhm_context ctx;
+    unsigned char buf[42] = { 0 };
+    unsigned char *buf_null = NULL;
+    mbedtls_mpi X;
+    size_t const buflen = sizeof(buf);
+    size_t len;
+
+    TEST_INVALID_PARAM(mbedtls_dhm_init(NULL));
+    TEST_VALID_PARAM(mbedtls_dhm_free(NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_read_params(NULL,
+                                                   (unsigned char **) &buf,
+                                                   buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_read_params(&ctx, &buf_null, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_read_params(&ctx, NULL, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_read_params(&ctx,
+                                                   (unsigned char **) &buf,
+                                                   NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_make_params(NULL, buflen,
+                                                   buf, &len,
+                                                   mbedtls_test_rnd_std_rand,
+                                                   NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_make_params(&ctx, buflen,
+                                                   NULL, &len,
+                                                   mbedtls_test_rnd_std_rand,
+                                                   NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_make_params(&ctx, buflen,
+                                                   buf, NULL,
+                                                   mbedtls_test_rnd_std_rand,
+                                                   NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_make_params(&ctx, buflen,
+                                                   buf, &len,
+                                                   NULL,
+                                                   NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_set_group(NULL, &X, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_set_group(&ctx, NULL, &X));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_set_group(&ctx, &X, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_read_public(NULL, buf, buflen));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_read_public(&ctx, NULL, buflen));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_make_public(NULL, buflen,
+                                                   buf, buflen,
+                                                   mbedtls_test_rnd_std_rand,
+                                                   NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_make_public(&ctx, buflen,
+                                                   NULL, buflen,
+                                                   mbedtls_test_rnd_std_rand,
+                                                   NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_make_public(&ctx, buflen,
+                                                   buf, buflen,
+                                                   NULL,
+                                                   NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_calc_secret(NULL, buf, buflen, &len,
+                                                   mbedtls_test_rnd_std_rand,
+                                                   NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_calc_secret(&ctx, NULL, buflen, &len,
+                                                   mbedtls_test_rnd_std_rand,
+                                                   NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_calc_secret(&ctx, buf, buflen, NULL,
+                                                   mbedtls_test_rnd_std_rand,
+                                                   NULL));
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_parse_dhm(NULL, buf, buflen));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_parse_dhm(&ctx, NULL, buflen));
+
+#if defined(MBEDTLS_FS_IO)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_parse_dhmfile(NULL, ""));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
+                           mbedtls_dhm_parse_dhmfile(&ctx, NULL));
+#endif /* MBEDTLS_FS_IO */
+#endif /* MBEDTLS_ASN1_PARSE_C */
+
+exit:
+    return;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void dhm_do_dhm(char *input_P, int x_size,
+                char *input_G, int result)
+{
+    mbedtls_dhm_context ctx_srv;
+    mbedtls_dhm_context ctx_cli;
+    unsigned char ske[1000];
+    unsigned char *p = ske;
+    unsigned char pub_cli[1000];
+    unsigned char sec_srv[1000];
+    unsigned char sec_cli[1000];
+    size_t ske_len = 0;
+    size_t pub_cli_len = 0;
+    size_t sec_srv_len;
+    size_t sec_cli_len;
+    int i;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+
+    mbedtls_dhm_init(&ctx_srv);
+    mbedtls_dhm_init(&ctx_cli);
+    memset(ske, 0x00, 1000);
+    memset(pub_cli, 0x00, 1000);
+    memset(sec_srv, 0x00, 1000);
+    memset(sec_cli, 0x00, 1000);
+    memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info));
+
+    /*
+     * Set params
+     */
+    TEST_ASSERT(mbedtls_test_read_mpi(&ctx_srv.P, input_P) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&ctx_srv.G, input_G) == 0);
+    pub_cli_len = mbedtls_mpi_size(&ctx_srv.P);
+
+    /*
+     * First key exchange
+     */
+    mbedtls_test_set_step(10);
+    TEST_ASSERT(mbedtls_dhm_make_params(&ctx_srv, x_size, ske, &ske_len,
+                                        &mbedtls_test_rnd_pseudo_rand,
+                                        &rnd_info) == result);
+    if (result != 0) {
+        goto exit;
+    }
+    if (!check_dhm_params(&ctx_srv, x_size, ske, ske_len)) {
+        goto exit;
+    }
+
+    ske[ske_len++] = 0;
+    ske[ske_len++] = 0;
+    TEST_ASSERT(mbedtls_dhm_read_params(&ctx_cli, &p, ske + ske_len) == 0);
+
+    TEST_ASSERT(mbedtls_dhm_make_public(&ctx_cli, x_size, pub_cli, pub_cli_len,
+                                        &mbedtls_test_rnd_pseudo_rand,
+                                        &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_dhm_read_public(&ctx_srv, pub_cli, pub_cli_len) == 0);
+
+    TEST_ASSERT(mbedtls_dhm_calc_secret(&ctx_srv, sec_srv, sizeof(sec_srv),
+                                        &sec_srv_len,
+                                        &mbedtls_test_rnd_pseudo_rand,
+                                        &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_dhm_calc_secret(&ctx_cli, sec_cli, sizeof(sec_cli), &sec_cli_len, NULL,
+                                        NULL) == 0);
+
+    TEST_ASSERT(sec_srv_len == sec_cli_len);
+    TEST_ASSERT(sec_srv_len != 0);
+    TEST_ASSERT(memcmp(sec_srv, sec_cli, sec_srv_len) == 0);
+
+    /* Re-do calc_secret on server a few times to test update of blinding values */
+    for (i = 0; i < 3; i++) {
+        mbedtls_test_set_step(20 + i);
+        sec_srv_len = 1000;
+        TEST_ASSERT(mbedtls_dhm_calc_secret(&ctx_srv, sec_srv,
+                                            sizeof(sec_srv), &sec_srv_len,
+                                            &mbedtls_test_rnd_pseudo_rand,
+                                            &rnd_info) == 0);
+
+        TEST_ASSERT(sec_srv_len == sec_cli_len);
+        TEST_ASSERT(sec_srv_len != 0);
+        TEST_ASSERT(memcmp(sec_srv, sec_cli, sec_srv_len) == 0);
+    }
+
+    /*
+     * Second key exchange to test change of blinding values on server
+     */
+    p = ske;
+
+    mbedtls_test_set_step(30);
+    TEST_ASSERT(mbedtls_dhm_make_params(&ctx_srv, x_size, ske, &ske_len,
+                                        &mbedtls_test_rnd_pseudo_rand,
+                                        &rnd_info) == 0);
+    if (!check_dhm_params(&ctx_srv, x_size, ske, ske_len)) {
+        goto exit;
+    }
+    ske[ske_len++] = 0;
+    ske[ske_len++] = 0;
+    TEST_ASSERT(mbedtls_dhm_read_params(&ctx_cli, &p, ske + ske_len) == 0);
+
+    TEST_ASSERT(mbedtls_dhm_make_public(&ctx_cli, x_size, pub_cli, pub_cli_len,
+                                        &mbedtls_test_rnd_pseudo_rand,
+                                        &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_dhm_read_public(&ctx_srv, pub_cli, pub_cli_len) == 0);
+
+    TEST_ASSERT(mbedtls_dhm_calc_secret(&ctx_srv, sec_srv, sizeof(sec_srv),
+                                        &sec_srv_len,
+                                        &mbedtls_test_rnd_pseudo_rand,
+                                        &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_dhm_calc_secret(&ctx_cli, sec_cli, sizeof(sec_cli), &sec_cli_len, NULL,
+                                        NULL) == 0);
+
+    TEST_ASSERT(sec_srv_len == sec_cli_len);
+    TEST_ASSERT(sec_srv_len != 0);
+    TEST_ASSERT(memcmp(sec_srv, sec_cli, sec_srv_len) == 0);
+
+exit:
+    mbedtls_dhm_free(&ctx_srv);
+    mbedtls_dhm_free(&ctx_cli);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void dhm_make_public(int P_bytes, char *input_G, int result)
+{
+    mbedtls_mpi P, G;
+    mbedtls_dhm_context ctx;
+    unsigned char output[MBEDTLS_MPI_MAX_SIZE];
+
+    mbedtls_mpi_init(&P);
+    mbedtls_mpi_init(&G);
+    mbedtls_dhm_init(&ctx);
+
+    TEST_ASSERT(mbedtls_mpi_lset(&P, 1) == 0);
+    TEST_ASSERT(mbedtls_mpi_shift_l(&P, (P_bytes * 8) - 1) == 0);
+    TEST_ASSERT(mbedtls_mpi_set_bit(&P, 0, 1) == 0);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&G, input_G) == 0);
+
+    TEST_ASSERT(mbedtls_dhm_set_group(&ctx, &P, &G) == 0);
+    TEST_ASSERT(mbedtls_dhm_make_public(&ctx, (int) mbedtls_mpi_size(&P),
+                                        output, sizeof(output),
+                                        &mbedtls_test_rnd_pseudo_rand,
+                                        NULL) == result);
+
+exit:
+    mbedtls_mpi_free(&P);
+    mbedtls_mpi_free(&G);
+    mbedtls_dhm_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
+void dhm_file(char *filename, char *p, char *g, int len)
+{
+    mbedtls_dhm_context ctx;
+    mbedtls_mpi P, G;
+
+    mbedtls_dhm_init(&ctx);
+    mbedtls_mpi_init(&P); mbedtls_mpi_init(&G);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&P, p) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&G, g) == 0);
+
+    TEST_ASSERT(mbedtls_dhm_parse_dhmfile(&ctx, filename) == 0);
+
+    TEST_ASSERT(ctx.len == (size_t) len);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&ctx.P, &P) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&ctx.G, &G) == 0);
+
+exit:
+    mbedtls_mpi_free(&P); mbedtls_mpi_free(&G);
+    mbedtls_dhm_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void dhm_selftest()
+{
+    TEST_ASSERT(mbedtls_dhm_self_test(1) == 0);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecdh.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecdh.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecdh.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecdh.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecdh.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecdh.function
new file mode 100644
index 0000000..0de7c08
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecdh.function
@@ -0,0 +1,618 @@
+/* BEGIN_HEADER */
+#include "mbedtls/ecdh.h"
+
+static int load_public_key(int grp_id, data_t *point,
+                           mbedtls_ecp_keypair *ecp)
+{
+    int ok = 0;
+    TEST_ASSERT(mbedtls_ecp_group_load(&ecp->grp, grp_id) == 0);
+    TEST_ASSERT(mbedtls_ecp_point_read_binary(&ecp->grp,
+                                              &ecp->Q,
+                                              point->x,
+                                              point->len) == 0);
+    TEST_ASSERT(mbedtls_ecp_check_pubkey(&ecp->grp,
+                                         &ecp->Q) == 0);
+    ok = 1;
+exit:
+    return ok;
+}
+
+static int load_private_key(int grp_id, data_t *private_key,
+                            mbedtls_ecp_keypair *ecp,
+                            mbedtls_test_rnd_pseudo_info *rnd_info)
+{
+    int ok = 0;
+    TEST_ASSERT(mbedtls_ecp_read_key(grp_id, ecp,
+                                     private_key->x,
+                                     private_key->len) == 0);
+    TEST_ASSERT(mbedtls_ecp_check_privkey(&ecp->grp, &ecp->d) == 0);
+    /* Calculate the public key from the private key. */
+    TEST_ASSERT(mbedtls_ecp_mul(&ecp->grp, &ecp->Q, &ecp->d,
+                                &ecp->grp.G,
+                                &mbedtls_test_rnd_pseudo_rand,
+                                rnd_info) == 0);
+    ok = 1;
+exit:
+    return ok;
+}
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_ECDH_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void ecdh_valid_param()
+{
+    TEST_VALID_PARAM(mbedtls_ecdh_free(NULL));
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void ecdh_invalid_param()
+{
+    mbedtls_ecp_group grp;
+    mbedtls_ecdh_context ctx;
+    mbedtls_mpi m;
+    mbedtls_ecp_point P;
+    mbedtls_ecp_keypair kp;
+    size_t olen;
+    unsigned char buf[42] = { 0 };
+    const unsigned char *buf_null = NULL;
+    size_t const buflen = sizeof(buf);
+    int invalid_side = 42;
+    mbedtls_ecp_group_id valid_grp = MBEDTLS_ECP_DP_SECP192R1;
+
+    mbedtls_ecp_keypair_init(&kp);
+    mbedtls_ecdh_init(&ctx);
+    TEST_INVALID_PARAM(mbedtls_ecdh_init(NULL));
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    TEST_INVALID_PARAM(mbedtls_ecdh_enable_restart(NULL));
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_gen_public(NULL, &m, &P,
+                                                   mbedtls_test_rnd_std_rand,
+                                                   NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_gen_public(&grp, NULL, &P,
+                                                   mbedtls_test_rnd_std_rand,
+                                                   NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_gen_public(&grp, &m, NULL,
+                                                   mbedtls_test_rnd_std_rand,
+                                                   NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_gen_public(&grp, &m, &P,
+                                                   NULL, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_compute_shared(NULL, &m, &P, &m,
+                                                       mbedtls_test_rnd_std_rand,
+                                                       NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_compute_shared(&grp, NULL, &P, &m,
+                                                       mbedtls_test_rnd_std_rand,
+                                                       NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_compute_shared(&grp, &m, NULL, &m,
+                                                       mbedtls_test_rnd_std_rand,
+                                                       NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_compute_shared(&grp, &m, &P, NULL,
+                                                       mbedtls_test_rnd_std_rand,
+                                                       NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_setup(NULL, valid_grp));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_make_params(NULL, &olen, buf, buflen,
+                                                    mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_make_params(&ctx, NULL, buf, buflen,
+                                                    mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_make_params(&ctx, &olen, NULL, buflen,
+                                                    mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_make_params(&ctx, &olen, buf, buflen, NULL, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_read_params(NULL,
+                                                    (const unsigned char **) &buf,
+                                                    buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_read_params(&ctx, &buf_null,
+                                                    buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_read_params(&ctx, NULL, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_read_params(&ctx,
+                                                    (const unsigned char **) &buf,
+                                                    NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_get_params(NULL, &kp,
+                                                   MBEDTLS_ECDH_OURS));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_get_params(&ctx, NULL,
+                                                   MBEDTLS_ECDH_OURS));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_get_params(&ctx, &kp,
+                                                   invalid_side));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_make_public(NULL, &olen, buf, buflen,
+                                                    mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_make_public(&ctx, NULL, buf, buflen,
+                                                    mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_make_public(&ctx, &olen, NULL, buflen,
+                                                    mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_make_public(&ctx, &olen, buf, buflen, NULL, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_read_public(NULL, buf, buflen));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_read_public(&ctx, NULL, buflen));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_calc_secret(NULL, &olen, buf, buflen,
+                                                    mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_calc_secret(&ctx, NULL, buf, buflen,
+                                                    mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdh_calc_secret(&ctx, &olen, NULL, buflen,
+                                                    mbedtls_test_rnd_std_rand, NULL));
+
+exit:
+    return;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecdh_primitive_random(int id)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point qA, qB;
+    mbedtls_mpi dA, dB, zA, zB;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecp_point_init(&qA); mbedtls_ecp_point_init(&qB);
+    mbedtls_mpi_init(&dA); mbedtls_mpi_init(&dB);
+    mbedtls_mpi_init(&zA); mbedtls_mpi_init(&zB);
+    memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info));
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+
+    TEST_ASSERT(mbedtls_ecdh_gen_public(&grp, &dA, &qA,
+                                        &mbedtls_test_rnd_pseudo_rand,
+                                        &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_ecdh_gen_public(&grp, &dB, &qB,
+                                        &mbedtls_test_rnd_pseudo_rand,
+                                        &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_ecdh_compute_shared(&grp, &zA, &qB, &dA,
+                                            &mbedtls_test_rnd_pseudo_rand,
+                                            &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_ecdh_compute_shared(&grp, &zB, &qA, &dB,
+                                            NULL, NULL) == 0);
+
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&zA, &zB) == 0);
+
+exit:
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_ecp_point_free(&qA); mbedtls_ecp_point_free(&qB);
+    mbedtls_mpi_free(&dA); mbedtls_mpi_free(&dB);
+    mbedtls_mpi_free(&zA); mbedtls_mpi_free(&zB);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecdh_primitive_testvec(int id, data_t *rnd_buf_A, char *xA_str,
+                            char *yA_str, data_t *rnd_buf_B,
+                            char *xB_str, char *yB_str, char *z_str)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point qA, qB;
+    mbedtls_mpi dA, dB, zA, zB, check;
+    mbedtls_test_rnd_buf_info rnd_info_A, rnd_info_B;
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecp_point_init(&qA); mbedtls_ecp_point_init(&qB);
+    mbedtls_mpi_init(&dA); mbedtls_mpi_init(&dB);
+    mbedtls_mpi_init(&zA); mbedtls_mpi_init(&zB); mbedtls_mpi_init(&check);
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+
+    rnd_info_A.buf = rnd_buf_A->x;
+    rnd_info_A.length = rnd_buf_A->len;
+    rnd_info_A.fallback_f_rng = mbedtls_test_rnd_std_rand;
+    rnd_info_A.fallback_p_rng = NULL;
+
+    /* Fix rnd_buf_A->x by shifting it left if necessary */
+    if (grp.nbits % 8 != 0) {
+        unsigned char shift = 8 - (grp.nbits % 8);
+        size_t i;
+
+        for (i = 0; i < rnd_info_A.length - 1; i++) {
+            rnd_buf_A->x[i] = rnd_buf_A->x[i] << shift
+                              | rnd_buf_A->x[i+1] >> (8 - shift);
+        }
+
+        rnd_buf_A->x[rnd_info_A.length-1] <<= shift;
+    }
+
+    rnd_info_B.buf = rnd_buf_B->x;
+    rnd_info_B.length = rnd_buf_B->len;
+    rnd_info_B.fallback_f_rng = mbedtls_test_rnd_std_rand;
+    rnd_info_B.fallback_p_rng = NULL;
+
+    /* Fix rnd_buf_B->x by shifting it left if necessary */
+    if (grp.nbits % 8 != 0) {
+        unsigned char shift = 8 - (grp.nbits % 8);
+        size_t i;
+
+        for (i = 0; i < rnd_info_B.length - 1; i++) {
+            rnd_buf_B->x[i] = rnd_buf_B->x[i] << shift
+                              | rnd_buf_B->x[i+1] >> (8 - shift);
+        }
+
+        rnd_buf_B->x[rnd_info_B.length-1] <<= shift;
+    }
+
+    TEST_ASSERT(mbedtls_ecdh_gen_public(&grp, &dA, &qA,
+                                        mbedtls_test_rnd_buffer_rand,
+                                        &rnd_info_A) == 0);
+    TEST_ASSERT(!mbedtls_ecp_is_zero(&qA));
+    TEST_ASSERT(mbedtls_test_read_mpi(&check, xA_str) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&qA.X, &check) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&check, yA_str) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&qA.Y, &check) == 0);
+
+    TEST_ASSERT(mbedtls_ecdh_gen_public(&grp, &dB, &qB,
+                                        mbedtls_test_rnd_buffer_rand,
+                                        &rnd_info_B) == 0);
+    TEST_ASSERT(!mbedtls_ecp_is_zero(&qB));
+    TEST_ASSERT(mbedtls_test_read_mpi(&check, xB_str) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&qB.X, &check) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&check, yB_str) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&qB.Y, &check) == 0);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&check, z_str) == 0);
+    TEST_ASSERT(mbedtls_ecdh_compute_shared(&grp, &zA, &qB, &dA, NULL, NULL) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&zA, &check) == 0);
+    TEST_ASSERT(mbedtls_ecdh_compute_shared(&grp, &zB, &qA, &dB, NULL, NULL) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&zB, &check) == 0);
+
+exit:
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_ecp_point_free(&qA); mbedtls_ecp_point_free(&qB);
+    mbedtls_mpi_free(&dA); mbedtls_mpi_free(&dB);
+    mbedtls_mpi_free(&zA); mbedtls_mpi_free(&zB); mbedtls_mpi_free(&check);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecdh_exchange(int id)
+{
+    mbedtls_ecdh_context srv, cli;
+    unsigned char buf[1000];
+    const unsigned char *vbuf;
+    size_t len;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+    unsigned char res_buf[1000];
+    size_t res_len;
+
+    mbedtls_ecdh_init(&srv);
+    mbedtls_ecdh_init(&cli);
+    memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info));
+
+    TEST_ASSERT(mbedtls_ecdh_setup(&srv, id) == 0);
+
+    memset(buf, 0x00, sizeof(buf)); vbuf = buf;
+    TEST_ASSERT(mbedtls_ecdh_make_params(&srv, &len, buf, 1000,
+                                         &mbedtls_test_rnd_pseudo_rand,
+                                         &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_ecdh_read_params(&cli, &vbuf, buf + len) == 0);
+
+    memset(buf, 0x00, sizeof(buf));
+    TEST_ASSERT(mbedtls_ecdh_make_public(&cli, &len, buf, 1000,
+                                         &mbedtls_test_rnd_pseudo_rand,
+                                         &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_ecdh_read_public(&srv, buf, len) == 0);
+
+    TEST_ASSERT(mbedtls_ecdh_calc_secret(&srv, &len, buf, 1000,
+                                         &mbedtls_test_rnd_pseudo_rand,
+                                         &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_ecdh_calc_secret(&cli, &res_len, res_buf, 1000,
+                                         NULL, NULL) == 0);
+    TEST_ASSERT(len == res_len);
+    TEST_ASSERT(memcmp(buf, res_buf, len) == 0);
+
+exit:
+    mbedtls_ecdh_free(&srv);
+    mbedtls_ecdh_free(&cli);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
+void ecdh_restart(int id, data_t *dA, data_t *dB, data_t *z,
+                  int enable, int max_ops, int min_restart, int max_restart)
+{
+    int ret;
+    mbedtls_ecdh_context srv, cli;
+    unsigned char buf[1000];
+    const unsigned char *vbuf;
+    size_t len;
+    mbedtls_test_rnd_buf_info rnd_info_A, rnd_info_B;
+    int cnt_restart;
+    mbedtls_ecp_group grp;
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecdh_init(&srv);
+    mbedtls_ecdh_init(&cli);
+
+    rnd_info_A.fallback_f_rng = mbedtls_test_rnd_std_rand;
+    rnd_info_A.fallback_p_rng = NULL;
+    rnd_info_A.buf = dA->x;
+    rnd_info_A.length = dA->len;
+
+    rnd_info_B.fallback_f_rng = mbedtls_test_rnd_std_rand;
+    rnd_info_B.fallback_p_rng = NULL;
+    rnd_info_B.buf = dB->x;
+    rnd_info_B.length = dB->len;
+
+    /* The ECDH context is not guaranteed to have an mbedtls_ecp_group structure
+     * in every configuration, therefore we load it separately. */
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+
+    /* Otherwise we would have to fix the random buffer,
+     * as in ecdh_primitive_testvec. */
+    TEST_ASSERT(grp.nbits % 8 == 0);
+
+    TEST_ASSERT(mbedtls_ecdh_setup(&srv, id) == 0);
+
+    /* set up restart parameters */
+    mbedtls_ecp_set_max_ops(max_ops);
+
+    if (enable) {
+        mbedtls_ecdh_enable_restart(&srv);
+        mbedtls_ecdh_enable_restart(&cli);
+    }
+
+    /* server writes its parameters */
+    memset(buf, 0x00, sizeof(buf));
+    len = 0;
+
+    cnt_restart = 0;
+    do {
+        ret = mbedtls_ecdh_make_params(&srv, &len, buf, sizeof(buf),
+                                       mbedtls_test_rnd_buffer_rand,
+                                       &rnd_info_A);
+    } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart);
+
+    TEST_ASSERT(ret == 0);
+    TEST_ASSERT(cnt_restart >= min_restart);
+    TEST_ASSERT(cnt_restart <= max_restart);
+
+    /* client read server params */
+    vbuf = buf;
+    TEST_ASSERT(mbedtls_ecdh_read_params(&cli, &vbuf, buf + len) == 0);
+
+    /* client writes its key share */
+    memset(buf, 0x00, sizeof(buf));
+    len = 0;
+
+    cnt_restart = 0;
+    do {
+        ret = mbedtls_ecdh_make_public(&cli, &len, buf, sizeof(buf),
+                                       mbedtls_test_rnd_buffer_rand,
+                                       &rnd_info_B);
+    } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart);
+
+    TEST_ASSERT(ret == 0);
+    TEST_ASSERT(cnt_restart >= min_restart);
+    TEST_ASSERT(cnt_restart <= max_restart);
+
+    /* server reads client key share */
+    TEST_ASSERT(mbedtls_ecdh_read_public(&srv, buf, len) == 0);
+
+    /* server computes shared secret */
+    memset(buf, 0, sizeof(buf));
+    len = 0;
+
+    cnt_restart = 0;
+    do {
+        ret = mbedtls_ecdh_calc_secret(&srv, &len, buf, sizeof(buf),
+                                       NULL, NULL);
+    } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart);
+
+    TEST_ASSERT(ret == 0);
+    TEST_ASSERT(cnt_restart >= min_restart);
+    TEST_ASSERT(cnt_restart <= max_restart);
+
+    TEST_ASSERT(len == z->len);
+    TEST_ASSERT(memcmp(buf, z->x, len) == 0);
+
+    /* client computes shared secret */
+    memset(buf, 0, sizeof(buf));
+    len = 0;
+
+    cnt_restart = 0;
+    do {
+        ret = mbedtls_ecdh_calc_secret(&cli, &len, buf, sizeof(buf),
+                                       NULL, NULL);
+    } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart);
+
+    TEST_ASSERT(ret == 0);
+    TEST_ASSERT(cnt_restart >= min_restart);
+    TEST_ASSERT(cnt_restart <= max_restart);
+
+    TEST_ASSERT(len == z->len);
+    TEST_ASSERT(memcmp(buf, z->x, len) == 0);
+
+exit:
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_ecdh_free(&srv);
+    mbedtls_ecdh_free(&cli);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ECDH_LEGACY_CONTEXT */
+void ecdh_exchange_legacy(int id)
+{
+    mbedtls_ecdh_context srv, cli;
+    unsigned char buf[1000];
+    const unsigned char *vbuf;
+    size_t len;
+
+    mbedtls_test_rnd_pseudo_info rnd_info;
+
+    mbedtls_ecdh_init(&srv);
+    mbedtls_ecdh_init(&cli);
+    memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info));
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&srv.grp, id) == 0);
+
+    memset(buf, 0x00, sizeof(buf)); vbuf = buf;
+    TEST_ASSERT(mbedtls_ecdh_make_params(&srv, &len, buf, 1000,
+                                         &mbedtls_test_rnd_pseudo_rand,
+                                         &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_ecdh_read_params(&cli, &vbuf, buf + len) == 0);
+
+    memset(buf, 0x00, sizeof(buf));
+    TEST_ASSERT(mbedtls_ecdh_make_public(&cli, &len, buf, 1000,
+                                         &mbedtls_test_rnd_pseudo_rand,
+                                         &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_ecdh_read_public(&srv, buf, len) == 0);
+
+    TEST_ASSERT(mbedtls_ecdh_calc_secret(&srv, &len, buf, 1000,
+                                         &mbedtls_test_rnd_pseudo_rand,
+                                         &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_ecdh_calc_secret(&cli, &len, buf, 1000, NULL,
+                                         NULL) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&srv.z, &cli.z) == 0);
+
+exit:
+    mbedtls_ecdh_free(&srv);
+    mbedtls_ecdh_free(&cli);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecdh_exchange_calc_secret(int grp_id,
+                               data_t *our_private_key,
+                               data_t *their_point,
+                               int ours_first,
+                               data_t *expected)
+{
+    mbedtls_test_rnd_pseudo_info rnd_info;
+    mbedtls_ecp_keypair our_key;
+    mbedtls_ecp_keypair their_key;
+    mbedtls_ecdh_context ecdh;
+    unsigned char shared_secret[MBEDTLS_ECP_MAX_BYTES];
+    size_t shared_secret_length = 0;
+
+    memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info));
+    mbedtls_ecdh_init(&ecdh);
+    mbedtls_ecp_keypair_init(&our_key);
+    mbedtls_ecp_keypair_init(&their_key);
+
+    if (!load_private_key(grp_id, our_private_key, &our_key, &rnd_info)) {
+        goto exit;
+    }
+    if (!load_public_key(grp_id, their_point, &their_key)) {
+        goto exit;
+    }
+
+    /* Import the keys to the ECDH calculation. */
+    if (ours_first) {
+        TEST_ASSERT(mbedtls_ecdh_get_params(
+                        &ecdh, &our_key, MBEDTLS_ECDH_OURS) == 0);
+        TEST_ASSERT(mbedtls_ecdh_get_params(
+                        &ecdh, &their_key, MBEDTLS_ECDH_THEIRS) == 0);
+    } else {
+        TEST_ASSERT(mbedtls_ecdh_get_params(
+                        &ecdh, &their_key, MBEDTLS_ECDH_THEIRS) == 0);
+        TEST_ASSERT(mbedtls_ecdh_get_params(
+                        &ecdh, &our_key, MBEDTLS_ECDH_OURS) == 0);
+    }
+
+    /* Perform the ECDH calculation. */
+    TEST_ASSERT(mbedtls_ecdh_calc_secret(
+                    &ecdh,
+                    &shared_secret_length,
+                    shared_secret, sizeof(shared_secret),
+                    &mbedtls_test_rnd_pseudo_rand, &rnd_info) == 0);
+    TEST_ASSERT(shared_secret_length == expected->len);
+    TEST_ASSERT(memcmp(expected->x, shared_secret,
+                       shared_secret_length) == 0);
+
+exit:
+    mbedtls_ecdh_free(&ecdh);
+    mbedtls_ecp_keypair_free(&our_key);
+    mbedtls_ecp_keypair_free(&their_key);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecdh_exchange_get_params_fail(int our_grp_id,
+                                   data_t *our_private_key,
+                                   int their_grp_id,
+                                   data_t *their_point,
+                                   int ours_first,
+                                   int expected_ret)
+{
+    mbedtls_test_rnd_pseudo_info rnd_info;
+    mbedtls_ecp_keypair our_key;
+    mbedtls_ecp_keypair their_key;
+    mbedtls_ecdh_context ecdh;
+
+    memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info));
+    mbedtls_ecdh_init(&ecdh);
+    mbedtls_ecp_keypair_init(&our_key);
+    mbedtls_ecp_keypair_init(&their_key);
+
+    if (!load_private_key(our_grp_id, our_private_key, &our_key, &rnd_info)) {
+        goto exit;
+    }
+    if (!load_public_key(their_grp_id, their_point, &their_key)) {
+        goto exit;
+    }
+
+    if (ours_first) {
+        TEST_ASSERT(mbedtls_ecdh_get_params(
+                        &ecdh, &our_key, MBEDTLS_ECDH_OURS) == 0);
+        TEST_ASSERT(mbedtls_ecdh_get_params(
+                        &ecdh, &their_key, MBEDTLS_ECDH_THEIRS) ==
+                    expected_ret);
+    } else {
+        TEST_ASSERT(mbedtls_ecdh_get_params(
+                        &ecdh, &their_key, MBEDTLS_ECDH_THEIRS) == 0);
+        TEST_ASSERT(mbedtls_ecdh_get_params(
+                        &ecdh, &our_key, MBEDTLS_ECDH_OURS) ==
+                    expected_ret);
+    }
+
+exit:
+    mbedtls_ecdh_free(&ecdh);
+    mbedtls_ecp_keypair_free(&our_key);
+    mbedtls_ecp_keypair_free(&their_key);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecdsa.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecdsa.data
similarity index 85%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecdsa.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecdsa.data
index 889f684..4b41111 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecdsa.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecdsa.data
@@ -1,6 +1,26 @@
 ECDSA Parameter validation
 ecdsa_invalid_param:
 
+ECDSA primitive hash zero #1
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecdsa_prim_zero:MBEDTLS_ECP_DP_SECP192R1
+
+ECDSA primitive hash zero #2
+depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
+ecdsa_prim_zero:MBEDTLS_ECP_DP_SECP224R1
+
+ECDSA primitive hash zero #3
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecdsa_prim_zero:MBEDTLS_ECP_DP_SECP256R1
+
+ECDSA primitive hash zero #4
+depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+ecdsa_prim_zero:MBEDTLS_ECP_DP_SECP384R1
+
+ECDSA primitive hash zero #5
+depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+ecdsa_prim_zero:MBEDTLS_ECP_DP_SECP521R1
+
 ECDSA primitive random #1
 depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
 ecdsa_prim_random:MBEDTLS_ECP_DP_SECP192R1
@@ -33,6 +53,26 @@ ECDSA primitive rfc 4754 p521
 depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
 ecdsa_prim_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0065FDA3409451DCAB0A0EAD45495112A3D813C17BFD34BDF8C1209D7DF5849120597779060A7FF9D704ADF78B570FFAD6F062E95C7E0C5D5481C5B153B48B375FA1":"0151518F1AF0F563517EDD5485190DF95A4BF57B5CBA4CF2A9A3F6474725A35F7AFE0A6DDEB8BEDBCD6A197E592D40188901CECD650699C9B5E456AEA5ADD19052A8":"006F3B142EA1BFFF7E2837AD44C9E4FF6D2D34C73184BBAD90026DD5E6E85317D9DF45CAD7803C6C20035B2F3FF63AFF4E1BA64D1C077577DA3F4286C58F0AEAE643":"00C1C2B305419F5A41344D7E4359933D734096F556197A9B244342B8B62F46F9373778F9DE6B6497B1EF825FF24F42F9B4A4BD7382CFC3378A540B1B7F0C1B956C2F":"DDAF35A193617ABACC417349AE20413112E6FA4E89A97EA20A9EEEE64B55D39A2192992A274FC1A836BA3C23A3FEEBBD454D4423643CE80E2A9AC94FA54CA49F":"0154FD3836AF92D0DCA57DD5341D3053988534FDE8318FC6AAAAB68E2E6F4339B19F2F281A7E0B22C269D93CF8794A9278880ED7DBB8D9362CAEACEE544320552251":"017705A7030290D1CEB605A9A1BB03FF9CDD521E87A696EC926C8C10C8362DF4975367101F67D1CF9BCCBF2F3D239534FA509E70AAC851AE01AAC68D62F866472660":0
 
+ECDSA write-read hash zero #1
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecdsa_write_read_zero:MBEDTLS_ECP_DP_SECP192R1
+
+ECDSA write-read hash zero #2
+depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
+ecdsa_write_read_zero:MBEDTLS_ECP_DP_SECP224R1
+
+ECDSA write-read hash zero #3
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecdsa_write_read_zero:MBEDTLS_ECP_DP_SECP256R1
+
+ECDSA write-read hash zero #4
+depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+ecdsa_write_read_zero:MBEDTLS_ECP_DP_SECP384R1
+
+ECDSA write-read hash zero #5
+depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+ecdsa_write_read_zero:MBEDTLS_ECP_DP_SECP521R1
+
 ECDSA write-read random #1
 depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
 ecdsa_write_read_random:MBEDTLS_ECP_DP_SECP192R1
@@ -324,3 +364,63 @@ ecdsa_prim_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0":"0151518F1AF0F563517EDD5485
 ECDSA private parameter greater than n p521
 depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
 ecdsa_prim_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0065FDA3409451DCAB0A0EAD45495112A3D813C17BFD34BDF8C1209D7DF5849120597779060A7FF9D704ADF78B570FFAD6F062E95C7E0C5D5481C5B153B48B375FA11":"0151518F1AF0F563517EDD5485190DF95A4BF57B5CBA4CF2A9A3F6474725A35F7AFE0A6DDEB8BEDBCD6A197E592D40188901CECD650699C9B5E456AEA5ADD19052A8":"006F3B142EA1BFFF7E2837AD44C9E4FF6D2D34C73184BBAD90026DD5E6E85317D9DF45CAD7803C6C20035B2F3FF63AFF4E1BA64D1C077577DA3F4286C58F0AEAE643":"00C1C2B305419F5A41344D7E4359933D734096F556197A9B244342B8B62F46F9373778F9DE6B6497B1EF825FF24F42F9B4A4BD7382CFC3378A540B1B7F0C1B956C2F":"DDAF35A193617ABACC417349AE20413112E6FA4E89A97EA20A9EEEE64B55D39A2192992A274FC1A836BA3C23A3FEEBBD454D4423643CE80E2A9AC94FA54CA49F":"0154FD3836AF92D0DCA57DD5341D3053988534FDE8318FC6AAAAB68E2E6F4339B19F2F281A7E0B22C269D93CF8794A9278880ED7DBB8D9362CAEACEE544320552251":"017705A7030290D1CEB605A9A1BB03FF9CDD521E87A696EC926C8C10C8362DF4975367101F67D1CF9BCCBF2F3D239534FA509E70AAC851AE01AAC68D62F866472660":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECDSA verify invalid pub key (not on curve), zero bytes of data
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"1":"2":"1":"1":"":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECDSA verify invalid pub key (not on curve), one byte of data
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"1":"2":"1":"1":"00":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECDSA verify invalid pub key (not on curve), r=1, s=1
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"1":"2":"1":"1":"0000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECDSA verify invalid pub key (also not on curve), r=1, s=1
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"1":"12345":"1":"1":"0000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECDSA verify invalid pub key (not on curve), r=12345, s=1
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"1":"2":"12345":"1":"0000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECDSA verify invalid pub key (not on curve), r=1, s=12345
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"1":"2":"1":"12345":"0000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECDSA verify valid pub key, invalid sig (r=0), 0 bytes of data
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798":"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8":"0":"1":"":MBEDTLS_ERR_ECP_VERIFY_FAILED
+
+ECDSA verify valid pub key, invalid sig (r=0), 1 byte of data
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798":"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8":"0":"1":"00":MBEDTLS_ERR_ECP_VERIFY_FAILED
+
+ECDSA verify valid pub key, invalid sig (r>n-1), 32 bytes of data
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798":"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8":"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141":"12":"0000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ECP_VERIFY_FAILED
+
+ECDSA verify valid pub key, valid/incorrect sig, 0 bytes of data
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798":"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8":"ed3bace23c5e17652e174c835fb72bf53ee306b3406a26890221b4cef7500f88":"84eead3fb3cdbdac882412af64cc125b6784690bebf575f1c32162ab65080037":"":MBEDTLS_ERR_ECP_VERIFY_FAILED
+
+ECDSA verify valid pub key, valid/incorrect sig, 1 byte of data
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798":"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8":"ed3bace23c5e17652e174c835fb72bf53ee306b3406a26890221b4cef7500f88":"84eead3fb3cdbdac882412af64cc125b6784690bebf575f1c32162ab65080037":"00":MBEDTLS_ERR_ECP_VERIFY_FAILED
+
+ECDSA verify valid pub key, valid/incorrect sig, 32 bytes of data
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798":"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8":"ed3bace23c5e17652e174c835fb72bf53ee306b3406a26890221b4cef7500f88":"84eead3fb3cdbdac882412af64cc125b6784690bebf575f1c32162ab65080037":"0000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ECP_VERIFY_FAILED
+
+ECDSA verify valid public key, correct sig, 0 bytes of data
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798":"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8":"ed3bace23c5e17652e174c835fb72bf53ee306b3406a26890221b4cef7500f88":"c9cc1ba95156bc103055a5d7946f3a3ae7f0657d1e53f1d5c2c9782950aa69b":"":0
+
+ECDSA verify valid pub key, correct sig, 1 byte of data
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798":"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8":"ed3bace23c5e17652e174c835fb72bf53ee306b3406a26890221b4cef7500f88":"c9cc1ba95156bc103055a5d7946f3a3ae7f0657d1e53f1d5c2c9782950aa69b":"00":0
+
+ECDSA verify valid pub key, correct sig, 32 bytes of data
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798":"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8":"ed3bace23c5e17652e174c835fb72bf53ee306b3406a26890221b4cef7500f88":"c9cc1ba95156bc103055a5d7946f3a3ae7f0657d1e53f1d5c2c9782950aa69b":"0000000000000000000000000000000000000000000000000000000000000000":0
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecdsa.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecdsa.function
new file mode 100644
index 0000000..470495d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecdsa.function
@@ -0,0 +1,743 @@
+/* BEGIN_HEADER */
+#include "mbedtls/ecdsa.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_ECDSA_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void ecdsa_invalid_param()
+{
+    mbedtls_ecdsa_context ctx;
+    mbedtls_ecp_keypair key;
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_group_id valid_group = MBEDTLS_ECP_DP_SECP192R1;
+    mbedtls_ecp_point P;
+    mbedtls_md_type_t valid_md = MBEDTLS_MD_SHA256;
+    mbedtls_mpi m;
+    size_t slen;
+    unsigned char buf[42] = { 0 };
+
+    mbedtls_ecdsa_init(&ctx);
+    mbedtls_ecp_keypair_init(&key);
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecp_point_init(&P);
+    mbedtls_mpi_init(&m);
+
+    TEST_INVALID_PARAM(mbedtls_ecdsa_init(NULL));
+    TEST_VALID_PARAM(mbedtls_ecdsa_free(NULL));
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    TEST_INVALID_PARAM(mbedtls_ecdsa_restart_init(NULL));
+    TEST_VALID_PARAM(mbedtls_ecdsa_restart_free(NULL));
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_sign(NULL, &m, &m, &m,
+                                              buf, sizeof(buf),
+                                              mbedtls_test_rnd_std_rand,
+                                              NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_sign(&grp, NULL, &m, &m,
+                                              buf, sizeof(buf),
+                                              mbedtls_test_rnd_std_rand,
+                                              NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_sign(&grp, &m, NULL, &m,
+                                              buf, sizeof(buf),
+                                              mbedtls_test_rnd_std_rand,
+                                              NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_sign(&grp, &m, &m, NULL,
+                                              buf, sizeof(buf),
+                                              mbedtls_test_rnd_std_rand,
+                                              NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_sign(&grp, &m, &m, &m,
+                                              NULL, sizeof(buf),
+                                              mbedtls_test_rnd_std_rand,
+                                              NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_sign(&grp, &m, &m, &m,
+                                              buf, sizeof(buf),
+                                              NULL, NULL));
+
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_sign_det_ext(NULL, &m, &m, &m,
+                                                      buf, sizeof(buf),
+                                                      valid_md,
+                                                      mbedtls_test_rnd_std_rand,
+                                                      NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_sign_det_ext(&grp, NULL, &m, &m,
+                                                      buf, sizeof(buf),
+                                                      valid_md,
+                                                      mbedtls_test_rnd_std_rand,
+                                                      NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_sign_det_ext(&grp, &m, NULL, &m,
+                                                      buf, sizeof(buf),
+                                                      valid_md,
+                                                      mbedtls_test_rnd_std_rand,
+                                                      NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_sign_det_ext(&grp, &m, &m, NULL,
+                                                      buf, sizeof(buf),
+                                                      valid_md,
+                                                      mbedtls_test_rnd_std_rand,
+                                                      NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_sign_det_ext(&grp, &m, &m, &m,
+                                                      NULL, sizeof(buf),
+                                                      valid_md,
+                                                      mbedtls_test_rnd_std_rand,
+                                                      NULL));
+#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_verify(NULL,
+                                                buf, sizeof(buf),
+                                                &P, &m, &m));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_verify(&grp,
+                                                NULL, sizeof(buf),
+                                                &P, &m, &m));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_verify(&grp,
+                                                buf, sizeof(buf),
+                                                NULL, &m, &m));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_verify(&grp,
+                                                buf, sizeof(buf),
+                                                &P, NULL, &m));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_verify(&grp,
+                                                buf, sizeof(buf),
+                                                &P, &m, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_write_signature(NULL, valid_md, buf, sizeof(buf),
+                                                         buf, &slen, mbedtls_test_rnd_std_rand,
+                                                         NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_write_signature(&ctx, valid_md, NULL, sizeof(buf),
+                                                         buf, &slen, mbedtls_test_rnd_std_rand,
+                                                         NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_write_signature(&ctx, valid_md, buf, sizeof(buf),
+                                                         NULL, &slen, mbedtls_test_rnd_std_rand,
+                                                         NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_write_signature(&ctx, valid_md, buf, sizeof(buf),
+                                                         buf, NULL, mbedtls_test_rnd_std_rand,
+                                                         NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_write_signature_restartable(NULL, valid_md, buf,
+                                                                     sizeof(buf), buf, &slen,
+                                                                     mbedtls_test_rnd_std_rand,
+                                                                     NULL, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_write_signature_restartable(&ctx, valid_md, NULL,
+                                                                     sizeof(buf), buf, &slen,
+                                                                     mbedtls_test_rnd_std_rand,
+                                                                     NULL, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_write_signature_restartable(&ctx, valid_md, buf,
+                                                                     sizeof(buf), NULL, &slen,
+                                                                     mbedtls_test_rnd_std_rand,
+                                                                     NULL, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_write_signature_restartable(&ctx, valid_md, buf,
+                                                                     sizeof(buf), buf, NULL,
+                                                                     mbedtls_test_rnd_std_rand,
+                                                                     NULL, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_read_signature(NULL,
+                                                        buf, sizeof(buf),
+                                                        buf, sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_read_signature(&ctx,
+                                                        NULL, sizeof(buf),
+                                                        buf, sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_read_signature(&ctx,
+                                                        buf, sizeof(buf),
+                                                        NULL, sizeof(buf)));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_read_signature_restartable(NULL,
+                                                                    buf, sizeof(buf),
+                                                                    buf, sizeof(buf),
+                                                                    NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_read_signature_restartable(&ctx,
+                                                                    NULL, sizeof(buf),
+                                                                    buf, sizeof(buf),
+                                                                    NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_read_signature_restartable(&ctx,
+                                                                    buf, sizeof(buf),
+                                                                    NULL, sizeof(buf),
+                                                                    NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_genkey(NULL, valid_group,
+                                                mbedtls_test_rnd_std_rand,
+                                                NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_genkey(&ctx, valid_group,
+                                                NULL, NULL));
+
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_from_keypair(NULL, &key));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecdsa_from_keypair(&ctx, NULL));
+
+exit:
+    mbedtls_ecdsa_free(&ctx);
+    mbedtls_ecp_keypair_free(&key);
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_ecp_point_free(&P);
+    mbedtls_mpi_free(&m);
+
+    return;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecdsa_prim_zero(int id)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point Q;
+    mbedtls_mpi d, r, s;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+    unsigned char buf[MBEDTLS_MD_MAX_SIZE];
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecp_point_init(&Q);
+    mbedtls_mpi_init(&d); mbedtls_mpi_init(&r); mbedtls_mpi_init(&s);
+    memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info));
+    memset(buf, 0, sizeof(buf));
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+    TEST_ASSERT(mbedtls_ecp_gen_keypair(&grp, &d, &Q,
+                                        &mbedtls_test_rnd_pseudo_rand,
+                                        &rnd_info) == 0);
+
+    TEST_ASSERT(mbedtls_ecdsa_sign(&grp, &r, &s, &d, buf, sizeof(buf),
+                                   &mbedtls_test_rnd_pseudo_rand,
+                                   &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_ecdsa_verify(&grp, buf, sizeof(buf), &Q, &r, &s) == 0);
+
+exit:
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_ecp_point_free(&Q);
+    mbedtls_mpi_free(&d); mbedtls_mpi_free(&r); mbedtls_mpi_free(&s);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecdsa_prim_random(int id)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point Q;
+    mbedtls_mpi d, r, s;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+    unsigned char buf[MBEDTLS_MD_MAX_SIZE];
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecp_point_init(&Q);
+    mbedtls_mpi_init(&d); mbedtls_mpi_init(&r); mbedtls_mpi_init(&s);
+    memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info));
+    memset(buf, 0, sizeof(buf));
+
+    /* prepare material for signature */
+    TEST_ASSERT(mbedtls_test_rnd_pseudo_rand(&rnd_info,
+                                             buf, sizeof(buf)) == 0);
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+    TEST_ASSERT(mbedtls_ecp_gen_keypair(&grp, &d, &Q,
+                                        &mbedtls_test_rnd_pseudo_rand,
+                                        &rnd_info) == 0);
+
+    TEST_ASSERT(mbedtls_ecdsa_sign(&grp, &r, &s, &d, buf, sizeof(buf),
+                                   &mbedtls_test_rnd_pseudo_rand,
+                                   &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_ecdsa_verify(&grp, buf, sizeof(buf), &Q, &r, &s) == 0);
+
+exit:
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_ecp_point_free(&Q);
+    mbedtls_mpi_free(&d); mbedtls_mpi_free(&r); mbedtls_mpi_free(&s);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecdsa_prim_test_vectors(int id, char *d_str, char *xQ_str,
+                             char *yQ_str, data_t *rnd_buf,
+                             data_t *hash, char *r_str, char *s_str,
+                             int result)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point Q;
+    mbedtls_mpi d, r, s, r_check, s_check, zero;
+    mbedtls_test_rnd_buf_info rnd_info;
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecp_point_init(&Q);
+    mbedtls_mpi_init(&d); mbedtls_mpi_init(&r); mbedtls_mpi_init(&s);
+    mbedtls_mpi_init(&r_check); mbedtls_mpi_init(&s_check);
+    mbedtls_mpi_init(&zero);
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+    TEST_ASSERT(mbedtls_ecp_point_read_string(&Q, 16, xQ_str, yQ_str) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&d, d_str) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&r_check, r_str) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&s_check, s_str) == 0);
+    rnd_info.fallback_f_rng = mbedtls_test_rnd_std_rand;
+    rnd_info.fallback_p_rng = NULL;
+    rnd_info.buf = rnd_buf->x;
+    rnd_info.length = rnd_buf->len;
+
+    /* Fix rnd_buf->x by shifting it left if necessary */
+    if (grp.nbits % 8 != 0) {
+        unsigned char shift = 8 - (grp.nbits % 8);
+        size_t i;
+
+        for (i = 0; i < rnd_info.length - 1; i++) {
+            rnd_buf->x[i] = rnd_buf->x[i] << shift | rnd_buf->x[i+1] >> (8 - shift);
+        }
+
+        rnd_buf->x[rnd_info.length-1] <<= shift;
+    }
+
+    TEST_ASSERT(mbedtls_ecdsa_sign(&grp, &r, &s, &d, hash->x, hash->len,
+                                   mbedtls_test_rnd_buffer_rand, &rnd_info) == result);
+
+    if (result == 0) {
+        /* Check we generated the expected values */
+        TEST_EQUAL(mbedtls_mpi_cmp_mpi(&r, &r_check), 0);
+        TEST_EQUAL(mbedtls_mpi_cmp_mpi(&s, &s_check), 0);
+
+        /* Valid signature */
+        TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len,
+                                        &Q, &r_check, &s_check), 0);
+
+        /* Invalid signature: wrong public key (G instead of Q) */
+        TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len,
+                                        &grp.G, &r_check, &s_check), MBEDTLS_ERR_ECP_VERIFY_FAILED);
+
+        /* Invalid signatures: r or s or both one off */
+        TEST_EQUAL(mbedtls_mpi_sub_int(&r, &r_check, 1), 0);
+        TEST_EQUAL(mbedtls_mpi_add_int(&s, &s_check, 1), 0);
+
+        TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q,
+                                        &r, &s_check), MBEDTLS_ERR_ECP_VERIFY_FAILED);
+        TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q,
+                                        &r_check, &s), MBEDTLS_ERR_ECP_VERIFY_FAILED);
+        TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q,
+                                        &r, &s), MBEDTLS_ERR_ECP_VERIFY_FAILED);
+
+        /* Invalid signatures: r, s or both (CVE-2022-21449) are zero */
+        TEST_EQUAL(mbedtls_mpi_lset(&zero, 0), 0);
+
+        TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q,
+                                        &zero, &s_check), MBEDTLS_ERR_ECP_VERIFY_FAILED);
+        TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q,
+                                        &r_check, &zero), MBEDTLS_ERR_ECP_VERIFY_FAILED);
+        TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q,
+                                        &zero, &zero), MBEDTLS_ERR_ECP_VERIFY_FAILED);
+
+        /* Invalid signatures: r, s or both are == N */
+        TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q,
+                                        &grp.N, &s_check), MBEDTLS_ERR_ECP_VERIFY_FAILED);
+        TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q,
+                                        &r_check, &grp.N), MBEDTLS_ERR_ECP_VERIFY_FAILED);
+        TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q,
+                                        &grp.N, &grp.N), MBEDTLS_ERR_ECP_VERIFY_FAILED);
+
+        /* Invalid signatures: r, s or both are negative */
+        TEST_EQUAL(mbedtls_mpi_sub_mpi(&r, &r_check, &grp.N), 0);
+        TEST_EQUAL(mbedtls_mpi_sub_mpi(&s, &s_check, &grp.N), 0);
+
+        TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q,
+                                        &r, &s_check), MBEDTLS_ERR_ECP_VERIFY_FAILED);
+        TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q,
+                                        &r_check, &s), MBEDTLS_ERR_ECP_VERIFY_FAILED);
+        TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q,
+                                        &r, &s), MBEDTLS_ERR_ECP_VERIFY_FAILED);
+
+        /* Invalid signatures: r or s or both are > N */
+        TEST_EQUAL(mbedtls_mpi_add_mpi(&r, &r_check, &grp.N), 0);
+        TEST_EQUAL(mbedtls_mpi_add_mpi(&s, &s_check, &grp.N), 0);
+
+        TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q,
+                                        &r, &s_check), MBEDTLS_ERR_ECP_VERIFY_FAILED);
+        TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q,
+                                        &r_check, &s), MBEDTLS_ERR_ECP_VERIFY_FAILED);
+        TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q,
+                                        &r, &s), MBEDTLS_ERR_ECP_VERIFY_FAILED);
+    }
+
+exit:
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_ecp_point_free(&Q);
+    mbedtls_mpi_free(&d); mbedtls_mpi_free(&r); mbedtls_mpi_free(&s);
+    mbedtls_mpi_free(&r_check); mbedtls_mpi_free(&s_check);
+    mbedtls_mpi_free(&zero);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_DETERMINISTIC */
+void ecdsa_det_test_vectors(int id, char *d_str, int md_alg, char *msg,
+                            char *r_str, char *s_str)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_mpi d, r, s, r_check, s_check;
+    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+    size_t hlen;
+    const mbedtls_md_info_t *md_info;
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_mpi_init(&d); mbedtls_mpi_init(&r); mbedtls_mpi_init(&s);
+    mbedtls_mpi_init(&r_check); mbedtls_mpi_init(&s_check);
+    memset(hash, 0, sizeof(hash));
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&d, d_str) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&r_check, r_str) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&s_check, s_str) == 0);
+
+    md_info = mbedtls_md_info_from_type(md_alg);
+    TEST_ASSERT(md_info != NULL);
+    hlen = mbedtls_md_get_size(md_info);
+    TEST_ASSERT(mbedtls_md(md_info, (const unsigned char *) msg,
+                           strlen(msg), hash) == 0);
+
+    TEST_ASSERT(
+        mbedtls_ecdsa_sign_det_ext(&grp, &r, &s, &d, hash, hlen,
+                                   md_alg, mbedtls_test_rnd_std_rand,
+                                   NULL)
+        == 0);
+
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&r, &r_check) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&s, &s_check) == 0);
+
+exit:
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_mpi_free(&d); mbedtls_mpi_free(&r); mbedtls_mpi_free(&s);
+    mbedtls_mpi_free(&r_check); mbedtls_mpi_free(&s_check);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+void ecdsa_write_read_zero(int id)
+{
+    mbedtls_ecdsa_context ctx;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+    unsigned char hash[32];
+    unsigned char sig[200];
+    size_t sig_len, i;
+
+    mbedtls_ecdsa_init(&ctx);
+    memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info));
+    memset(hash, 0, sizeof(hash));
+    memset(sig, 0x2a, sizeof(sig));
+
+    /* generate signing key */
+    TEST_ASSERT(mbedtls_ecdsa_genkey(&ctx, id,
+                                     &mbedtls_test_rnd_pseudo_rand,
+                                     &rnd_info) == 0);
+
+    /* generate and write signature, then read and verify it */
+    TEST_ASSERT(mbedtls_ecdsa_write_signature(&ctx, MBEDTLS_MD_SHA256,
+                                              hash, sizeof(hash),
+                                              sig, &sig_len, &mbedtls_test_rnd_pseudo_rand,
+                                              &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash),
+                                             sig, sig_len) == 0);
+
+    /* check we didn't write past the announced length */
+    for (i = sig_len; i < sizeof(sig); i++) {
+        TEST_ASSERT(sig[i] == 0x2a);
+    }
+
+    /* try verification with invalid length */
+    TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash),
+                                             sig, sig_len - 1) != 0);
+    TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash),
+                                             sig, sig_len + 1) != 0);
+
+    /* try invalid sequence tag */
+    sig[0]++;
+    TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash),
+                                             sig, sig_len) != 0);
+    sig[0]--;
+
+    /* try modifying r */
+    sig[10]++;
+    TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash),
+                                             sig, sig_len) == MBEDTLS_ERR_ECP_VERIFY_FAILED);
+    sig[10]--;
+
+    /* try modifying s */
+    sig[sig_len - 1]++;
+    TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash),
+                                             sig, sig_len) == MBEDTLS_ERR_ECP_VERIFY_FAILED);
+    sig[sig_len - 1]--;
+
+exit:
+    mbedtls_ecdsa_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+void ecdsa_write_read_random(int id)
+{
+    mbedtls_ecdsa_context ctx;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+    unsigned char hash[32];
+    unsigned char sig[200];
+    size_t sig_len, i;
+
+    mbedtls_ecdsa_init(&ctx);
+    memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info));
+    memset(hash, 0, sizeof(hash));
+    memset(sig, 0x2a, sizeof(sig));
+
+    /* prepare material for signature */
+    TEST_ASSERT(mbedtls_test_rnd_pseudo_rand(&rnd_info,
+                                             hash, sizeof(hash)) == 0);
+
+    /* generate signing key */
+    TEST_ASSERT(mbedtls_ecdsa_genkey(&ctx, id,
+                                     &mbedtls_test_rnd_pseudo_rand,
+                                     &rnd_info) == 0);
+
+    /* generate and write signature, then read and verify it */
+    TEST_ASSERT(mbedtls_ecdsa_write_signature(&ctx, MBEDTLS_MD_SHA256,
+                                              hash, sizeof(hash),
+                                              sig, &sig_len, &mbedtls_test_rnd_pseudo_rand,
+                                              &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash),
+                                             sig, sig_len) == 0);
+
+    /* check we didn't write past the announced length */
+    for (i = sig_len; i < sizeof(sig); i++) {
+        TEST_ASSERT(sig[i] == 0x2a);
+    }
+
+    /* try verification with invalid length */
+    TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash),
+                                             sig, sig_len - 1) != 0);
+    TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash),
+                                             sig, sig_len + 1) != 0);
+
+    /* try invalid sequence tag */
+    sig[0]++;
+    TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash),
+                                             sig, sig_len) != 0);
+    sig[0]--;
+
+    /* try modifying r */
+    sig[10]++;
+    TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash),
+                                             sig, sig_len) == MBEDTLS_ERR_ECP_VERIFY_FAILED);
+    sig[10]--;
+
+    /* try modifying s */
+    sig[sig_len - 1]++;
+    TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash),
+                                             sig, sig_len) == MBEDTLS_ERR_ECP_VERIFY_FAILED);
+    sig[sig_len - 1]--;
+
+exit:
+    mbedtls_ecdsa_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
+void ecdsa_read_restart(int id, data_t *pk, data_t *hash, data_t *sig,
+                        int max_ops, int min_restart, int max_restart)
+{
+    mbedtls_ecdsa_context ctx;
+    mbedtls_ecdsa_restart_ctx rs_ctx;
+    int ret, cnt_restart;
+
+    mbedtls_ecdsa_init(&ctx);
+    mbedtls_ecdsa_restart_init(&rs_ctx);
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&ctx.grp, id) == 0);
+    TEST_ASSERT(mbedtls_ecp_point_read_binary(&ctx.grp, &ctx.Q,
+                                              pk->x, pk->len) == 0);
+
+    mbedtls_ecp_set_max_ops(max_ops);
+
+    cnt_restart = 0;
+    do {
+        ret = mbedtls_ecdsa_read_signature_restartable(&ctx,
+                                                       hash->x, hash->len, sig->x, sig->len,
+                                                       &rs_ctx);
+    } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart);
+
+    TEST_ASSERT(ret == 0);
+    TEST_ASSERT(cnt_restart >= min_restart);
+    TEST_ASSERT(cnt_restart <= max_restart);
+
+    /* try modifying r */
+
+    TEST_ASSERT(sig->len > 10);
+    sig->x[10]++;
+    do {
+        ret = mbedtls_ecdsa_read_signature_restartable(&ctx,
+                                                       hash->x, hash->len, sig->x, sig->len,
+                                                       &rs_ctx);
+    } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS);
+    TEST_ASSERT(ret == MBEDTLS_ERR_ECP_VERIFY_FAILED);
+    sig->x[10]--;
+
+    /* try modifying s */
+    sig->x[sig->len - 1]++;
+    do {
+        ret = mbedtls_ecdsa_read_signature_restartable(&ctx,
+                                                       hash->x, hash->len, sig->x, sig->len,
+                                                       &rs_ctx);
+    } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS);
+    TEST_ASSERT(ret == MBEDTLS_ERR_ECP_VERIFY_FAILED);
+    sig->x[sig->len - 1]--;
+
+    /* Do we leak memory when aborting an operation?
+     * This test only makes sense when we actually restart */
+    if (min_restart > 0) {
+        ret = mbedtls_ecdsa_read_signature_restartable(&ctx,
+                                                       hash->x, hash->len, sig->x, sig->len,
+                                                       &rs_ctx);
+        TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS);
+    }
+
+exit:
+    mbedtls_ecdsa_free(&ctx);
+    mbedtls_ecdsa_restart_free(&rs_ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_DETERMINISTIC */
+void ecdsa_write_restart(int id, char *d_str, int md_alg,
+                         char *msg, data_t *sig_check,
+                         int max_ops, int min_restart, int max_restart)
+{
+    int ret, cnt_restart;
+    mbedtls_ecdsa_restart_ctx rs_ctx;
+    mbedtls_ecdsa_context ctx;
+    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+    unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
+    size_t hlen, slen;
+    const mbedtls_md_info_t *md_info;
+
+    mbedtls_ecdsa_restart_init(&rs_ctx);
+    mbedtls_ecdsa_init(&ctx);
+    memset(hash, 0, sizeof(hash));
+    memset(sig, 0, sizeof(sig));
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&ctx.grp, id) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&ctx.d, d_str) == 0);
+
+    md_info = mbedtls_md_info_from_type(md_alg);
+    TEST_ASSERT(md_info != NULL);
+
+    hlen = mbedtls_md_get_size(md_info);
+    TEST_ASSERT(mbedtls_md(md_info,
+                           (const unsigned char *) msg, strlen(msg),
+                           hash) == 0);
+
+    mbedtls_ecp_set_max_ops(max_ops);
+
+    slen = sizeof(sig);
+    cnt_restart = 0;
+    do {
+        ret = mbedtls_ecdsa_write_signature_restartable(&ctx,
+                                                        md_alg,
+                                                        hash,
+                                                        hlen,
+                                                        sig,
+                                                        &slen,
+                                                        NULL,
+                                                        NULL,
+                                                        &rs_ctx);
+    } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart);
+
+    TEST_ASSERT(ret == 0);
+    TEST_ASSERT(slen == sig_check->len);
+    TEST_ASSERT(memcmp(sig, sig_check->x, slen) == 0);
+
+    TEST_ASSERT(cnt_restart >= min_restart);
+    TEST_ASSERT(cnt_restart <= max_restart);
+
+    /* Do we leak memory when aborting an operation?
+     * This test only makes sense when we actually restart */
+    if (min_restart > 0) {
+        ret = mbedtls_ecdsa_write_signature_restartable(&ctx,
+                                                        md_alg,
+                                                        hash,
+                                                        hlen,
+                                                        sig,
+                                                        &slen,
+                                                        NULL,
+                                                        NULL,
+                                                        &rs_ctx);
+        TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS);
+    }
+
+exit:
+    mbedtls_ecdsa_restart_free(&rs_ctx);
+    mbedtls_ecdsa_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecdsa_verify(int grp_id, char *x, char *y, char *r, char *s, data_t *content, int expected)
+{
+    mbedtls_ecdsa_context ctx;
+    mbedtls_mpi sig_r, sig_s;
+
+    mbedtls_ecdsa_init(&ctx);
+    mbedtls_mpi_init(&sig_r);
+    mbedtls_mpi_init(&sig_s);
+
+    /* Prepare ECP group context */
+    TEST_EQUAL(mbedtls_ecp_group_load(&ctx.grp, grp_id), 0);
+
+    /* Prepare public key */
+    TEST_EQUAL(mbedtls_test_read_mpi(&ctx.Q.X, x), 0);
+    TEST_EQUAL(mbedtls_test_read_mpi(&ctx.Q.Y, y), 0);
+    TEST_EQUAL(mbedtls_mpi_lset(&ctx.Q.Z, 1), 0);
+
+    /* Prepare signature R & S */
+    TEST_EQUAL(mbedtls_test_read_mpi(&sig_r, r), 0);
+    TEST_EQUAL(mbedtls_test_read_mpi(&sig_s, s), 0);
+
+    /* Test whether public key has expected validity */
+    TEST_EQUAL(mbedtls_ecp_check_pubkey(&ctx.grp, &ctx.Q),
+               expected == MBEDTLS_ERR_ECP_INVALID_KEY ? MBEDTLS_ERR_ECP_INVALID_KEY : 0);
+
+    /* Verification */
+    int result = mbedtls_ecdsa_verify(&ctx.grp, content->x, content->len, &ctx.Q, &sig_r, &sig_s);
+
+    TEST_EQUAL(result, expected);
+exit:
+    mbedtls_ecdsa_free(&ctx);
+    mbedtls_mpi_free(&sig_r);
+    mbedtls_mpi_free(&sig_s);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecjpake.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecjpake.data
similarity index 98%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecjpake.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecjpake.data
index ffa59e5..73808c9 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ecjpake.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecjpake.data
@@ -49,14 +49,14 @@ read_round_one:MBEDTLS_ECJPAKE_CLIENT:"41047ea6e3a4487037a9e0dbd79262b2cc273e779
 ECJPAKE round one: KKP1: no second point data
 read_round_one:MBEDTLS_ECJPAKE_CLIENT:"41047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b0104":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
 
-ECJPAKE round one: KKP1: unknow second point format
+ECJPAKE round one: KKP1: unknown second point format
 read_round_one:MBEDTLS_ECJPAKE_CLIENT:"41047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410509f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb516":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE
 
 ECJPAKE round one: KKP1: nothing after second point
 read_round_one:MBEDTLS_ECJPAKE_CLIENT:"41047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb516":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
 
 ECJPAKE round one: KKP1: zero-length r
-read_round_one:MBEDTLS_ECJPAKE_CLIENT:"41047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb51600":MBEDTLS_ERR_ECP_INVALID_KEY
+read_round_one:MBEDTLS_ECJPAKE_CLIENT:"41047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb51600":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
 
 ECJPAKE round one: KKP1: no data for r
 read_round_one:MBEDTLS_ECJPAKE_CLIENT:"41047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb51601":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
@@ -97,14 +97,14 @@ read_round_one:MBEDTLS_ECJPAKE_CLIENT:"4104190a07700ffa4be6ae1d79ee0f06aeb544cd5
 ECJPAKE round one: KKP2: no second point data
 read_round_one:MBEDTLS_ECJPAKE_CLIENT:"4104190a07700ffa4be6ae1d79ee0f06aeb544cd5addaabedf70f8623321332c54f355f0fbfec783ed359e5d0bf7377a0fc4ea7ace473c9c112b41ccd41ac56a56124104360a1cea33fce641156458e0a4eac219e96831e6aebc88b3f3752f93a0281d1bf1fb106051db9694a8d6e862a5ef1324a3d9e27894f1ee4f7c59199965a8dd4a2091847d2d22df3ee55faa2a3fb33fd2d1e055a07a7c61ecfb8d80ec00c2c9eb1241047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b0104":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
 
-ECJPAKE round one: KKP2: unknow second point format
+ECJPAKE round one: KKP2: unknown second point format
 read_round_one:MBEDTLS_ECJPAKE_CLIENT:"4104190a07700ffa4be6ae1d79ee0f06aeb544cd5addaabedf70f8623321332c54f355f0fbfec783ed359e5d0bf7377a0fc4ea7ace473c9c112b41ccd41ac56a56124104360a1cea33fce641156458e0a4eac219e96831e6aebc88b3f3752f93a0281d1bf1fb106051db9694a8d6e862a5ef1324a3d9e27894f1ee4f7c59199965a8dd4a2091847d2d22df3ee55faa2a3fb33fd2d1e055a07a7c61ecfb8d80ec00c2c9eb1241047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410509f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb516":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE
 
 ECJPAKE round one: KKP2: nothing after second point
 read_round_one:MBEDTLS_ECJPAKE_CLIENT:"4104190a07700ffa4be6ae1d79ee0f06aeb544cd5addaabedf70f8623321332c54f355f0fbfec783ed359e5d0bf7377a0fc4ea7ace473c9c112b41ccd41ac56a56124104360a1cea33fce641156458e0a4eac219e96831e6aebc88b3f3752f93a0281d1bf1fb106051db9694a8d6e862a5ef1324a3d9e27894f1ee4f7c59199965a8dd4a2091847d2d22df3ee55faa2a3fb33fd2d1e055a07a7c61ecfb8d80ec00c2c9eb1241047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb516":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
 
 ECJPAKE round one: KKP2: zero-length r
-read_round_one:MBEDTLS_ECJPAKE_CLIENT:"4104190a07700ffa4be6ae1d79ee0f06aeb544cd5addaabedf70f8623321332c54f355f0fbfec783ed359e5d0bf7377a0fc4ea7ace473c9c112b41ccd41ac56a56124104360a1cea33fce641156458e0a4eac219e96831e6aebc88b3f3752f93a0281d1bf1fb106051db9694a8d6e862a5ef1324a3d9e27894f1ee4f7c59199965a8dd4a2091847d2d22df3ee55faa2a3fb33fd2d1e055a07a7c61ecfb8d80ec00c2c9eb1241047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb51600":MBEDTLS_ERR_ECP_INVALID_KEY
+read_round_one:MBEDTLS_ECJPAKE_CLIENT:"4104190a07700ffa4be6ae1d79ee0f06aeb544cd5addaabedf70f8623321332c54f355f0fbfec783ed359e5d0bf7377a0fc4ea7ace473c9c112b41ccd41ac56a56124104360a1cea33fce641156458e0a4eac219e96831e6aebc88b3f3752f93a0281d1bf1fb106051db9694a8d6e862a5ef1324a3d9e27894f1ee4f7c59199965a8dd4a2091847d2d22df3ee55faa2a3fb33fd2d1e055a07a7c61ecfb8d80ec00c2c9eb1241047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb51600":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
 
 ECJPAKE round one: KKP2: no data for r
 read_round_one:MBEDTLS_ECJPAKE_CLIENT:"4104190a07700ffa4be6ae1d79ee0f06aeb544cd5addaabedf70f8623321332c54f355f0fbfec783ed359e5d0bf7377a0fc4ea7ace473c9c112b41ccd41ac56a56124104360a1cea33fce641156458e0a4eac219e96831e6aebc88b3f3752f93a0281d1bf1fb106051db9694a8d6e862a5ef1324a3d9e27894f1ee4f7c59199965a8dd4a2091847d2d22df3ee55faa2a3fb33fd2d1e055a07a7c61ecfb8d80ec00c2c9eb1241047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb51601":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
@@ -170,7 +170,7 @@ ECJPAKE round two client: nothing after second point
 read_round_two_cli:"03001741040fb22b1d5d1123e0ef9feb9d8a2e590a1f4d7ced2c2b06586e8f2a16d4eb2fda4328a20b07d8fd667654ca18c54e32a333a0845451e926ee8804fd7af0aaa7a641045516ea3e54a0d5d8b2ce786b38d383370029a5dbe4459c9dd601b408a24ae6465c8ac905b9eb03b5d3691c139ef83f1cd4200f6c9cd4ec392218a59ed243d3c8":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
 
 ECJPAKE round two client: zero-length r
-read_round_two_cli:"03001741040fb22b1d5d1123e0ef9feb9d8a2e590a1f4d7ced2c2b06586e8f2a16d4eb2fda4328a20b07d8fd667654ca18c54e32a333a0845451e926ee8804fd7af0aaa7a641045516ea3e54a0d5d8b2ce786b38d383370029a5dbe4459c9dd601b408a24ae6465c8ac905b9eb03b5d3691c139ef83f1cd4200f6c9cd4ec392218a59ed243d3c800":MBEDTLS_ERR_ECP_INVALID_KEY
+read_round_two_cli:"03001741040fb22b1d5d1123e0ef9feb9d8a2e590a1f4d7ced2c2b06586e8f2a16d4eb2fda4328a20b07d8fd667654ca18c54e32a333a0845451e926ee8804fd7af0aaa7a641045516ea3e54a0d5d8b2ce786b38d383370029a5dbe4459c9dd601b408a24ae6465c8ac905b9eb03b5d3691c139ef83f1cd4200f6c9cd4ec392218a59ed243d3c800":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
 
 ECJPAKE round two client: no data for r
 read_round_two_cli:"03001741040fb22b1d5d1123e0ef9feb9d8a2e590a1f4d7ced2c2b06586e8f2a16d4eb2fda4328a20b07d8fd667654ca18c54e32a333a0845451e926ee8804fd7af0aaa7a641045516ea3e54a0d5d8b2ce786b38d383370029a5dbe4459c9dd601b408a24ae6465c8ac905b9eb03b5d3691c139ef83f1cd4200f6c9cd4ec392218a59ed243d3c801":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
@@ -190,7 +190,7 @@ read_round_two_srv:"410469d54ee85e90ce3f1246742de507e939e81d1dc1c5cb988b58c310c9
 ECJPAKE round two server: no data
 read_round_two_srv:"":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
 
-ECJPAKE round two server: length of forst point too small
+ECJPAKE round two server: length of first point too small
 read_round_two_srv:"00":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
 
 ECJPAKE round two server: length of first point too big
@@ -224,7 +224,7 @@ ECJPAKE round two server: nothing after second point
 read_round_two_srv:"410469d54ee85e90ce3f1246742de507e939e81d1dc1c5cb988b58c310c9fdd9524d93720b45541c83ee8841191da7ced86e3312d43623c1d63e74989aba4affd1ee4104077e8c31e20e6bedb760c13593e69f15be85c27d68cd09ccb8c4183608917c5c3d409fac39fefee82f7292d36f0d23e055913f45a52b85dd8a2052e9e129bb4d":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
 
 ECJPAKE round two server: zero-length r
-read_round_two_srv:"410469d54ee85e90ce3f1246742de507e939e81d1dc1c5cb988b58c310c9fdd9524d93720b45541c83ee8841191da7ced86e3312d43623c1d63e74989aba4affd1ee4104077e8c31e20e6bedb760c13593e69f15be85c27d68cd09ccb8c4183608917c5c3d409fac39fefee82f7292d36f0d23e055913f45a52b85dd8a2052e9e129bb4d00":MBEDTLS_ERR_ECP_INVALID_KEY
+read_round_two_srv:"410469d54ee85e90ce3f1246742de507e939e81d1dc1c5cb988b58c310c9fdd9524d93720b45541c83ee8841191da7ced86e3312d43623c1d63e74989aba4affd1ee4104077e8c31e20e6bedb760c13593e69f15be85c27d68cd09ccb8c4183608917c5c3d409fac39fefee82f7292d36f0d23e055913f45a52b85dd8a2052e9e129bb4d00":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
 
 ECJPAKE round two server: no data for r
 read_round_two_srv:"410469d54ee85e90ce3f1246742de507e939e81d1dc1c5cb988b58c310c9fdd9524d93720b45541c83ee8841191da7ced86e3312d43623c1d63e74989aba4affd1ee4104077e8c31e20e6bedb760c13593e69f15be85c27d68cd09ccb8c4183608917c5c3d409fac39fefee82f7292d36f0d23e055913f45a52b85dd8a2052e9e129bb4d20":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecjpake.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecjpake.function
new file mode 100644
index 0000000..16f52b2
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecjpake.function
@@ -0,0 +1,302 @@
+/* BEGIN_HEADER */
+#include "mbedtls/ecjpake.h"
+
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && defined(MBEDTLS_SHA256_C)
+static const unsigned char ecjpake_test_x1[] = {
+    0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
+    0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+    0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x21
+};
+
+static const unsigned char ecjpake_test_x2[] = {
+    0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c,
+    0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78,
+    0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x81
+};
+
+static const unsigned char ecjpake_test_x3[] = {
+    0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c,
+    0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78,
+    0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x81
+};
+
+static const unsigned char ecjpake_test_x4[] = {
+    0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc,
+    0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8,
+    0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, 0xe1
+};
+
+static const unsigned char ecjpake_test_X1[] = {
+    0x04, 0xac, 0xcf, 0x01, 0x06, 0xef, 0x85, 0x8f, 0xa2, 0xd9, 0x19, 0x33,
+    0x13, 0x46, 0x80, 0x5a, 0x78, 0xb5, 0x8b, 0xba, 0xd0, 0xb8, 0x44, 0xe5,
+    0xc7, 0x89, 0x28, 0x79, 0x14, 0x61, 0x87, 0xdd, 0x26, 0x66, 0xad, 0xa7,
+    0x81, 0xbb, 0x7f, 0x11, 0x13, 0x72, 0x25, 0x1a, 0x89, 0x10, 0x62, 0x1f,
+    0x63, 0x4d, 0xf1, 0x28, 0xac, 0x48, 0xe3, 0x81, 0xfd, 0x6e, 0xf9, 0x06,
+    0x07, 0x31, 0xf6, 0x94, 0xa4
+};
+
+static const unsigned char ecjpake_test_X2[] = {
+    0x04, 0x7e, 0xa6, 0xe3, 0xa4, 0x48, 0x70, 0x37, 0xa9, 0xe0, 0xdb, 0xd7,
+    0x92, 0x62, 0xb2, 0xcc, 0x27, 0x3e, 0x77, 0x99, 0x30, 0xfc, 0x18, 0x40,
+    0x9a, 0xc5, 0x36, 0x1c, 0x5f, 0xe6, 0x69, 0xd7, 0x02, 0xe1, 0x47, 0x79,
+    0x0a, 0xeb, 0x4c, 0xe7, 0xfd, 0x65, 0x75, 0xab, 0x0f, 0x6c, 0x7f, 0xd1,
+    0xc3, 0x35, 0x93, 0x9a, 0xa8, 0x63, 0xba, 0x37, 0xec, 0x91, 0xb7, 0xe3,
+    0x2b, 0xb0, 0x13, 0xbb, 0x2b
+};
+
+static const unsigned char ecjpake_test_X3[] = {
+    0x04, 0x7e, 0xa6, 0xe3, 0xa4, 0x48, 0x70, 0x37, 0xa9, 0xe0, 0xdb, 0xd7,
+    0x92, 0x62, 0xb2, 0xcc, 0x27, 0x3e, 0x77, 0x99, 0x30, 0xfc, 0x18, 0x40,
+    0x9a, 0xc5, 0x36, 0x1c, 0x5f, 0xe6, 0x69, 0xd7, 0x02, 0xe1, 0x47, 0x79,
+    0x0a, 0xeb, 0x4c, 0xe7, 0xfd, 0x65, 0x75, 0xab, 0x0f, 0x6c, 0x7f, 0xd1,
+    0xc3, 0x35, 0x93, 0x9a, 0xa8, 0x63, 0xba, 0x37, 0xec, 0x91, 0xb7, 0xe3,
+    0x2b, 0xb0, 0x13, 0xbb, 0x2b
+};
+
+static const unsigned char ecjpake_test_X4[] = {
+    0x04, 0x19, 0x0a, 0x07, 0x70, 0x0f, 0xfa, 0x4b, 0xe6, 0xae, 0x1d, 0x79,
+    0xee, 0x0f, 0x06, 0xae, 0xb5, 0x44, 0xcd, 0x5a, 0xdd, 0xaa, 0xbe, 0xdf,
+    0x70, 0xf8, 0x62, 0x33, 0x21, 0x33, 0x2c, 0x54, 0xf3, 0x55, 0xf0, 0xfb,
+    0xfe, 0xc7, 0x83, 0xed, 0x35, 0x9e, 0x5d, 0x0b, 0xf7, 0x37, 0x7a, 0x0f,
+    0xc4, 0xea, 0x7a, 0xce, 0x47, 0x3c, 0x9c, 0x11, 0x2b, 0x41, 0xcc, 0xd4,
+    0x1a, 0xc5, 0x6a, 0x56, 0x12
+};
+
+/* Load my private and public keys, and peer's public keys */
+static int ecjpake_test_load(mbedtls_ecjpake_context *ctx,
+                             const unsigned char *xm1, size_t len_xm1,
+                             const unsigned char *xm2, size_t len_xm2,
+                             const unsigned char *Xm1, size_t len_Xm1,
+                             const unsigned char *Xm2, size_t len_Xm2,
+                             const unsigned char *Xp1, size_t len_Xp1,
+                             const unsigned char *Xp2, size_t len_Xp2)
+{
+    int ret;
+
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->xm1, xm1, len_xm1));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->xm2, xm2, len_xm2));
+
+    MBEDTLS_MPI_CHK(mbedtls_ecp_point_read_binary(&ctx->grp,
+                                                  &ctx->Xm1, Xm1, len_Xm1));
+    MBEDTLS_MPI_CHK(mbedtls_ecp_point_read_binary(&ctx->grp,
+                                                  &ctx->Xm2, Xm2, len_Xm2));
+    MBEDTLS_MPI_CHK(mbedtls_ecp_point_read_binary(&ctx->grp,
+                                                  &ctx->Xp1, Xp1, len_Xp1));
+    MBEDTLS_MPI_CHK(mbedtls_ecp_point_read_binary(&ctx->grp,
+                                                  &ctx->Xp2, Xp2, len_Xp2));
+
+cleanup:
+    return ret;
+}
+
+#define ADD_SIZE(x)   x, sizeof(x)
+#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED && MBEDTLS_SHA256_C */
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_ECJPAKE_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void ecjpake_invalid_param()
+{
+    mbedtls_ecjpake_context ctx;
+    unsigned char buf[42] = { 0 };
+    size_t olen;
+    size_t const len = sizeof(buf);
+    mbedtls_ecjpake_role valid_role = MBEDTLS_ECJPAKE_SERVER;
+    mbedtls_ecjpake_role invalid_role = (mbedtls_ecjpake_role) 42;
+    mbedtls_md_type_t valid_md = MBEDTLS_MD_SHA256;
+    mbedtls_ecp_group_id valid_group = MBEDTLS_ECP_DP_SECP256R1;
+
+    mbedtls_ecjpake_init(&ctx);
+
+    TEST_INVALID_PARAM(mbedtls_ecjpake_init(NULL));
+    TEST_VALID_PARAM(mbedtls_ecjpake_free(NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecjpake_setup(NULL,
+                                                 valid_role,
+                                                 valid_md,
+                                                 valid_group,
+                                                 buf, len));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecjpake_setup(&ctx,
+                                                 invalid_role,
+                                                 valid_md,
+                                                 valid_group,
+                                                 buf, len));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecjpake_setup(&ctx,
+                                                 valid_role,
+                                                 valid_md,
+                                                 valid_group,
+                                                 NULL, len));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecjpake_check(NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecjpake_write_round_one(NULL, buf, len, &olen,
+                                                           mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecjpake_write_round_one(&ctx, NULL, len, &olen,
+                                                           mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecjpake_write_round_one(&ctx, buf, len, NULL,
+                                                           mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecjpake_write_round_one(&ctx, buf, len, &olen, NULL, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecjpake_write_round_two(NULL, buf, len, &olen,
+                                                           mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecjpake_write_round_two(&ctx, NULL, len, &olen,
+                                                           mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecjpake_write_round_two(&ctx, buf, len, NULL,
+                                                           mbedtls_test_rnd_std_rand, NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecjpake_write_round_two(&ctx, buf, len, &olen, NULL, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecjpake_read_round_one(NULL,
+                                                          buf, len));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecjpake_read_round_one(&ctx,
+                                                          NULL, len));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecjpake_read_round_two(NULL,
+                                                          buf, len));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecjpake_read_round_two(&ctx,
+                                                          NULL, len));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecjpake_derive_secret(NULL, buf, len, &olen,
+                                                         mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecjpake_derive_secret(&ctx, NULL, len, &olen,
+                                                         mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecjpake_derive_secret(&ctx, buf, len, NULL,
+                                                         mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecjpake_derive_secret(&ctx, buf, len, &olen, NULL, NULL));
+
+exit:
+    return;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void ecjpake_selftest()
+{
+    TEST_ASSERT(mbedtls_ecjpake_self_test(1) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */
+void read_bad_md(data_t *msg)
+{
+    mbedtls_ecjpake_context corrupt_ctx;
+    const unsigned char *pw = NULL;
+    const size_t pw_len = 0;
+    int any_role = MBEDTLS_ECJPAKE_CLIENT;
+
+    mbedtls_ecjpake_init(&corrupt_ctx);
+    TEST_ASSERT(mbedtls_ecjpake_setup(&corrupt_ctx, any_role,
+                                      MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw,
+                                      pw_len) == 0);
+    corrupt_ctx.md_info = NULL;
+
+    TEST_ASSERT(mbedtls_ecjpake_read_round_one(&corrupt_ctx, msg->x,
+                                               msg->len) == MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+
+exit:
+    mbedtls_ecjpake_free(&corrupt_ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */
+void read_round_one(int role, data_t *msg, int ref_ret)
+{
+    mbedtls_ecjpake_context ctx;
+    const unsigned char *pw = NULL;
+    const size_t pw_len = 0;
+
+    mbedtls_ecjpake_init(&ctx);
+
+    TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, role,
+                                      MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw,
+                                      pw_len) == 0);
+
+    TEST_ASSERT(mbedtls_ecjpake_read_round_one(&ctx, msg->x, msg->len) == ref_ret);
+
+exit:
+    mbedtls_ecjpake_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */
+void read_round_two_cli(data_t *msg, int ref_ret)
+{
+    mbedtls_ecjpake_context ctx;
+    const unsigned char *pw = NULL;
+    const size_t pw_len = 0;
+
+    mbedtls_ecjpake_init(&ctx);
+
+    TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, MBEDTLS_ECJPAKE_CLIENT,
+                                      MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw,
+                                      pw_len) == 0);
+
+    TEST_ASSERT(ecjpake_test_load(&ctx,
+                                  ADD_SIZE(ecjpake_test_x1), ADD_SIZE(ecjpake_test_x2),
+                                  ADD_SIZE(ecjpake_test_X1), ADD_SIZE(ecjpake_test_X2),
+                                  ADD_SIZE(ecjpake_test_X3), ADD_SIZE(ecjpake_test_X4))
+                == 0);
+
+    TEST_ASSERT(mbedtls_ecjpake_read_round_two(&ctx, msg->x, msg->len) == ref_ret);
+
+exit:
+    mbedtls_ecjpake_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */
+void read_round_two_srv(data_t *msg, int ref_ret)
+{
+    mbedtls_ecjpake_context ctx;
+    const unsigned char *pw = NULL;
+    const size_t pw_len = 0;
+
+    mbedtls_ecjpake_init(&ctx);
+
+    TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, MBEDTLS_ECJPAKE_SERVER,
+                                      MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw,
+                                      pw_len) == 0);
+
+    TEST_ASSERT(ecjpake_test_load(&ctx,
+                                  ADD_SIZE(ecjpake_test_x3), ADD_SIZE(ecjpake_test_x4),
+                                  ADD_SIZE(ecjpake_test_X3), ADD_SIZE(ecjpake_test_X4),
+                                  ADD_SIZE(ecjpake_test_X1), ADD_SIZE(ecjpake_test_X2))
+                == 0);
+
+    TEST_ASSERT(mbedtls_ecjpake_read_round_two(&ctx, msg->x, msg->len) == ref_ret);
+
+exit:
+    mbedtls_ecjpake_free(&ctx);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecp.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecp.data
new file mode 100644
index 0000000..6211fb7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecp.data
@@ -0,0 +1,906 @@
+ECP valid params
+ecp_valid_param:
+
+ECP invalid params
+ecp_invalid_param:
+
+ECP curve info #1
+depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED
+mbedtls_ecp_curve_info:MBEDTLS_ECP_DP_BP512R1:28:512:"brainpoolP512r1"
+
+ECP curve info #2
+depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED
+mbedtls_ecp_curve_info:MBEDTLS_ECP_DP_BP384R1:27:384:"brainpoolP384r1"
+
+ECP curve info #3
+depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED
+mbedtls_ecp_curve_info:MBEDTLS_ECP_DP_BP256R1:26:256:"brainpoolP256r1"
+
+ECP curve info #4
+depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+mbedtls_ecp_curve_info:MBEDTLS_ECP_DP_SECP521R1:25:521:"secp521r1"
+
+ECP curve info #5
+depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+mbedtls_ecp_curve_info:MBEDTLS_ECP_DP_SECP384R1:24:384:"secp384r1"
+
+ECP curve info #6
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+mbedtls_ecp_curve_info:MBEDTLS_ECP_DP_SECP256R1:23:256:"secp256r1"
+
+ECP curve info #7
+depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
+mbedtls_ecp_curve_info:MBEDTLS_ECP_DP_SECP224R1:21:224:"secp224r1"
+
+ECP curve info #8
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+mbedtls_ecp_curve_info:MBEDTLS_ECP_DP_SECP192R1:19:192:"secp192r1"
+
+ECP check pubkey Curve25519 #1 (biggest)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":0
+
+ECP check pubkey Curve25519 #2 (too big)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"010000000000000000000000000000000000000000000000000000000000000000":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve25519 #3 (DoS big)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"0100000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve25519 y ignored
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"2":"-1":"1":0
+
+ECP check pubkey Curve25519 z is not 1
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"2":"0":"2":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve25519 x negative
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"-2":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #1
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"0":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #2
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"1":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #3 (let's call this u)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"b8495f16056286fdb1329ceb8d09da6ac49ff1fae35616aeb8413b7c7aebe0":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #4 (let's call this v)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"57119fd0dd4e22d8868e1c58c45c44045bef839c55b1d0b1248c50a3bc959c5f":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #5 p-1
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffec":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #6 p
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #7 p+1
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffee":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #8 p+u
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"80b8495f16056286fdb1329ceb8d09da6ac49ff1fae35616aeb8413b7c7aebcd":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #9 p+v
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"d7119fd0dd4e22d8868e1c58c45c44045bef839c55b1d0b1248c50a3bc959c4c":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #10 2p-1
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd9":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #11 2p
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffda":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+# see https://cr.yp.to/ecdh.html#validate
+ECP check pubkey Curve25519 low-order point #12 2p+1
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE25519:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffdb":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve448 #1 (biggest)
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":0
+
+ECP check pubkey Curve448 #2 (too big)
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve448 #3 (DoS big)
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"0100000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve448 y ignored
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"2":"-1":"1":0
+
+ECP check pubkey Curve448 z is not 1
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"2":"0":"2":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve448 x negative
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"-2":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve448 low-order point #1
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"0":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve448 low-order point #2
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"1":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve448 low-order point #3 p-1
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve448 low-order point #4 p
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Curve448 low-order point #5 p+1
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_CURVE448:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000000000000000000000000000000000000000000000000000":"0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Koblitz #1 (point not on curve)
+depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_SECP224K1:"E2000000000000BB3A13D43B323337383935321F0603551D":"100101FF040830060101FF02010A30220603551D0E041B04636FC0C0":"1":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check pubkey Koblitz #2 (coordinate not affine)
+depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
+ecp_check_pub:MBEDTLS_ECP_DP_SECP224K1:"E2000000000000BB3A13D43B323337383935321F0603551D":"100101FF040830060101FF02010A30220603551D0E041B04636FC0C0":"101":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP write binary #1 (zero, uncompressed, buffer just fits)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_write_binary:MBEDTLS_ECP_DP_SECP192R1:"01":"01":"00":MBEDTLS_ECP_PF_UNCOMPRESSED:"00":1:0
+
+ECP write binary #2 (zero, buffer too small)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_write_binary:MBEDTLS_ECP_DP_SECP192R1:"01":"01":"00":MBEDTLS_ECP_PF_UNCOMPRESSED:"00":0:MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
+
+ECP write binary #3 (non-zero, uncompressed, buffer just fits)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_write_binary:MBEDTLS_ECP_DP_SECP192R1:"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"6ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"01":MBEDTLS_ECP_PF_UNCOMPRESSED:"0448d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc99336ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":49:0
+
+ECP write binary #4 (non-zero, uncompressed, buffer too small)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_write_binary:MBEDTLS_ECP_DP_SECP192R1:"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"6ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"01":MBEDTLS_ECP_PF_UNCOMPRESSED:"0448d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc99336ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":48:MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
+
+ECP write binary #5 (zero, compressed, buffer just fits)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_write_binary:MBEDTLS_ECP_DP_SECP192R1:"01":"01":"00":MBEDTLS_ECP_PF_COMPRESSED:"00":1:0
+
+ECP write binary #6 (zero, buffer too small)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_write_binary:MBEDTLS_ECP_DP_SECP192R1:"01":"01":"00":MBEDTLS_ECP_PF_COMPRESSED:"00":0:MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
+
+ECP write binary #7 (even, compressed, buffer just fits)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_write_binary:MBEDTLS_ECP_DP_SECP192R1:"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"6ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"01":MBEDTLS_ECP_PF_COMPRESSED:"0248d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":25:0
+
+ECP write binary #8 (even, compressed, buffer too small)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_write_binary:MBEDTLS_ECP_DP_SECP192R1:"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"6ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"01":MBEDTLS_ECP_PF_COMPRESSED:"0248d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":24:MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
+
+ECP write binary #9 (odd, compressed, buffer just fits)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_write_binary:MBEDTLS_ECP_DP_SECP192R1:"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"93112b28345b7d1d7799611e49bea9d8290cb2d7afe1f9f3":"01":MBEDTLS_ECP_PF_COMPRESSED:"0348d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":25:0
+
+ECP write binary #10 (Montgomery, buffer just fits)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_write_binary:MBEDTLS_ECP_DP_CURVE25519:"11223344556677889900aabbccddeeff11223344556677889900aabbccddeeff":"0":"1":MBEDTLS_ECP_PF_COMPRESSED:"ffeeddccbbaa00998877665544332211ffeeddccbbaa00998877665544332211":32:0
+
+ECP write binary #11 (Montgomery, buffer too small)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_write_binary:MBEDTLS_ECP_DP_CURVE25519:"11223344556677889900aabbccddeeff11223344556677889900aabbccddeeff":"0":"1":MBEDTLS_ECP_PF_COMPRESSED:"ffeeddccbbaa00998877665544332211ffeeddccbbaa00998877665544332211":31:MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
+
+ECP read binary #1 (zero, invalid ilen)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_read_binary:MBEDTLS_ECP_DP_SECP192R1:"0000":"01":"01":"00":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
+
+ECP read binary #2 (zero, invalid first byte)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_read_binary:MBEDTLS_ECP_DP_SECP192R1:"01":"01":"01":"00":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE
+
+ECP read binary #3 (zero, OK)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_read_binary:MBEDTLS_ECP_DP_SECP192R1:"00":"01":"01":"00":0
+
+ECP read binary #4 (non-zero, invalid ilen)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_read_binary:MBEDTLS_ECP_DP_SECP192R1:"04001122":"01":"01":"00":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
+
+ECP read binary #5 (non-zero, invalid first byte)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_read_binary:MBEDTLS_ECP_DP_SECP192R1:"0548d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc99336ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"6ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"01":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE
+
+ECP read binary #6 (non-zero, OK)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_read_binary:MBEDTLS_ECP_DP_SECP192R1:"0448d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc99336ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"6ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"01":0
+
+ECP read binary #7 (Curve25519, OK)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_read_binary:MBEDTLS_ECP_DP_CURVE25519:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"6a4e9baa8ea9a4ebf41a38260d3abf0d5af73eb4dc7d8b7454a7308909f02085":"0":"1":0
+
+ECP read binary #8 (Curve25519, masked first bit)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_read_binary:MBEDTLS_ECP_DP_CURVE25519:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4efa":"7a4e9baa8ea9a4ebf41a38260d3abf0d5af73eb4dc7d8b7454a7308909f02085":"0":"1":0
+
+ECP read binary #9 (Curve25519, too short)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_read_binary:MBEDTLS_ECP_DP_CURVE25519:"20f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"6a4e9baa8ea9a4ebf41a38260d3abf0d5af73eb4dc7d8b7454a7308909f020":"0":"1":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
+
+ECP read binary #10 (Curve25519, non-canonical)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_read_binary:MBEDTLS_ECP_DP_CURVE25519:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f":"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"0":"1":0
+
+ECP read binary #11 (Curve25519, masked non-canonical)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_read_binary:MBEDTLS_ECP_DP_CURVE25519:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"0":"1":0
+
+ECP read binary #12 (Curve25519, too long)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_read_binary:MBEDTLS_ECP_DP_CURVE25519:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a00":"6a4e9baa8ea9a4ebf41a38260d3abf0d5af73eb4dc7d8b7454a7308909f02085":"0":"1":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
+
+ECP tls read point #1 (zero, invalid length byte)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+mbedtls_ecp_tls_read_point:MBEDTLS_ECP_DP_SECP192R1:"0200":"01":"01":"00":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
+
+ECP tls read point #2 (zero, OK)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+mbedtls_ecp_tls_read_point:MBEDTLS_ECP_DP_SECP192R1:"0100":"01":"01":"00":0
+
+ECP tls read point #3 (non-zero, invalid length byte)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+mbedtls_ecp_tls_read_point:MBEDTLS_ECP_DP_SECP192R1:"300448d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc99336ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"6ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"01":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
+
+ECP tls read point #4 (non-zero, OK)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+mbedtls_ecp_tls_read_point:MBEDTLS_ECP_DP_SECP192R1:"310448d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc99336ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"48d8082a3a1e3112bc03a8ef2f6d40d0a77a6f8e00cc9933":"6ceed4d7cba482e288669ee1b6415626d6f34d28501e060c":"01":0
+
+ECP tls write-read point #1
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_tls_write_read_point:MBEDTLS_ECP_DP_SECP192R1
+
+ECP tls write-read point #2
+depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+ecp_tls_write_read_point:MBEDTLS_ECP_DP_SECP521R1
+
+Check ECP group metadata #1 secp192k1 (SEC 2)
+depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED
+mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_SECP192K1:192:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"fffffffffffffffffffffffffffffffffffffffeffffee37":"000000000000000000000000000000000000000000000000":"000000000000000000000000000000000000000000000003":"db4ff10ec057e9ae26b07d0280b7f4341da5d1b1eae06c7d":"9b2f2f6d9c5628a7844163d015be86344082aa88d95e2f9d":"fffffffffffffffffffffffe26f2fc170f69466a74defd8d":18
+
+Check ECP group metadata #2 secp192r1 (SEC 2)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_SECP192R1:192:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"fffffffffffffffffffffffffffffffeffffffffffffffff":"":"64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1":"188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012":"07192b95ffc8da78631011ed6b24cdd573f977a11e794811":"ffffffffffffffffffffffff99def836146bc9b1b4d22831":19
+
+Check ECP group metadata #3 secp224k1 (SEC 2)
+depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
+mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_SECP224K1:224:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"fffffffffffffffffffffffffffffffffffffffffffffffeffffe56d":"00000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000000000000000000000000005":"a1455b334df099df30fc28a169a467e9e47075a90f7e650eb6b7a45c":"7e089fed7fba344282cafbd6f7e319f7c0b0bd59e2ca4bdb556d61a5":"010000000000000000000000000001dce8d2ec6184caf0a971769fb1f7":20
+
+Check ECP group metadata #4 secp224r1 (SEC 2)
+depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
+mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_SECP224R1:224:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"ffffffffffffffffffffffffffffffff000000000000000000000001":"":"b4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4":"b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21":"bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34":"ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d":21
+
+Check ECP group metadata #5 secp256k1 (SEC 2)
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_SECP256K1:256:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f":"0000000000000000000000000000000000000000000000000000000000000000":"0000000000000000000000000000000000000000000000000000000000000007":"79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798":"483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8":"fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141":22
+
+Check ECP group metadata #6 secp256r1 (SEC 2)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_SECP256R1:256:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"ffffffff00000001000000000000000000000000ffffffffffffffffffffffff":"":"5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b":"6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296":"4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5":"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":23
+
+Check ECP group metadata #7 secp384r1 (SEC 2)
+depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_SECP384R1:384:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff":"":"b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef":"aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7":"3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f":"ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973":24
+
+Check ECP group metadata #8 secp521r1 (SEC 2)
+depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_SECP521R1:521:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"":"0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00":"00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66":"011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650":"01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409":25
+
+Check ECP group metadata #9 bp256r1 (RFC 5639)
+depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED
+mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_BP256R1:256:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"a9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e5377":"7d5a0975fc2c3057eef67530417affe7fb8055c126dc5c6ce94a4b44f330b5d9":"26dc5c6ce94a4b44f330b5d9bbd77cbf958416295cf7e1ce6bccdc18ff8c07b6":"8bd2aeb9cb7e57cb2c4b482ffc81b7afb9de27e1e3bd23c23a4453bd9ace3262":"547ef835c3dac4fd97f8461a14611dc9c27745132ded8e545c1d54c72f046997":"a9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a7":26
+
+Check ECP group metadata #10 bp384r1 (RFC 5639)
+depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED
+mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_BP384R1:384:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123acd3a729901d1a71874700133107ec53":"7bc382c63d8c150c3c72080ace05afa0c2bea28e4fb22787139165efba91f90f8aa5814a503ad4eb04a8c7dd22ce2826":"04a8c7dd22ce28268b39b55416f0447c2fb77de107dcd2a62e880ea53eeb62d57cb4390295dbc9943ab78696fa504c11":"1d1c64f068cf45ffa2a63a81b7c13f6b8847a3e77ef14fe3db7fcafe0cbd10e8e826e03436d646aaef87b2e247d4af1e":"8abe1d7520f9c2a45cb1eb8e95cfd55262b70b29feec5864e19c054ff99129280e4646217791811142820341263c5315":"8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b31f166e6cac0425a7cf3ab6af6b7fc3103b883202e9046565":27
+
+Check ECP group metadata #11 bp512r1 (RFC 5639)
+depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED
+mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_BP512R1:512:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"aadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca703308717d4d9b009bc66842aecda12ae6a380e62881ff2f2d82c68528aa6056583a48f3":"7830a3318b603b89e2327145ac234cc594cbdd8d3df91610a83441caea9863bc2ded5d5aa8253aa10a2ef1c98b9ac8b57f1117a72bf2c7b9e7c1ac4d77fc94ca":"3df91610a83441caea9863bc2ded5d5aa8253aa10a2ef1c98b9ac8b57f1117a72bf2c7b9e7c1ac4d77fc94cadc083e67984050b75ebae5dd2809bd638016f723":"81aee4bdd82ed9645a21322e9c4c6a9385ed9f70b5d916c1b43b62eef4d0098eff3b1f78e2d0d48d50d1687b93b97d5f7c6d5047406a5e688b352209bcb9f822":"7dde385d566332ecc0eabfa9cf7822fdf209f70024a57b1aa000c55b881f8111b2dcde494a5f485e5bca4bd88a2763aed1ca2b2fa8f0540678cd1e0f3ad80892":"aadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca70330870553e5c414ca92619418661197fac10471db1d381085ddaddb58796829ca90069":28
+
+Check ECP group metadata #12 curve25519 (RFC 7748)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_CURVE25519:256:MBEDTLS_ECP_TYPE_MONTGOMERY:"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed":"76d06":"":"9":"":"1000000000000000000000000000000014def9dea2f79cd65812631a5cf5d3ed":29
+
+Check ECP group metadata #13 curve448 (RFC 7748)
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_CURVE448:448:MBEDTLS_ECP_TYPE_MONTGOMERY:"fffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"262a6":"":"5":"":"3fffffffffffffffffffffffffffffffffffffffffffffffffffffff7cca23e9c44edb49aed63690216cc2728dc58f552378c292ab5844f3":30
+
+ECP tls read group #1 (record too short)
+mbedtls_ecp_tls_read_group:"0313":MBEDTLS_ERR_ECP_BAD_INPUT_DATA:0:0
+
+ECP tls read group #2 (bad curve_type)
+mbedtls_ecp_tls_read_group:"010013":MBEDTLS_ERR_ECP_BAD_INPUT_DATA:0:0
+
+ECP tls read group #3 (unknown curve)
+mbedtls_ecp_tls_read_group:"030010":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:0:0
+
+ECP tls read group #4 (OK, buffer just fits)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+mbedtls_ecp_tls_read_group:"030017":0:256:3
+
+ECP tls read group #5 (OK, buffer continues)
+depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+mbedtls_ecp_tls_read_group:"0300180000":0:384:3
+
+ECP tls write-read group #1
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_tls_write_read_group:MBEDTLS_ECP_DP_SECP192R1
+
+ECP tls write-read group #2
+depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+ecp_tls_write_read_group:MBEDTLS_ECP_DP_SECP521R1
+
+ECP check privkey #1 (short weierstrass, too small)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_SECP192R1:"00":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check privkey #2 (short weierstrass, smallest)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_SECP192R1:"01":0
+
+ECP check privkey #3 (short weierstrass, biggest)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22830":0
+
+ECP check privkey #4 (short weierstrass, too big)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check privkey #5 (montgomery, too big)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"C000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check privkey #6 (montgomery, not big enough)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check privkey #7 (montgomery, msb OK)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"4000000000000000000000000000000000000000000000000000000000000000":0
+
+ECP check privkey #8 (montgomery, bit 0 set)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"4000000000000000000000000000000000000000000000000000000000000001":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check privkey #9 (montgomery, bit 1 set)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"4000000000000000000000000000000000000000000000000000000000000002":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check privkey #10 (montgomery, bit 2 set)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"4000000000000000000000000000000000000000000000000000000000000004":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP check privkey #11 (montgomery, OK)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_check_privkey:MBEDTLS_ECP_DP_CURVE25519:"7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF8":0
+
+ECP check public-private #1 (OK)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+mbedtls_ecp_check_pub_priv:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ECP_DP_SECP256R1:"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":0
+
+ECP check public-private #2 (group none)
+mbedtls_ecp_check_pub_priv:MBEDTLS_ECP_DP_NONE:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ECP_DP_NONE:"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
+
+ECP check public-private #3 (group mismatch)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+mbedtls_ecp_check_pub_priv:MBEDTLS_ECP_DP_SECP384R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ECP_DP_SECP256R1:"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
+
+ECP check public-private #4 (Qx mismatch)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+mbedtls_ecp_check_pub_priv:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596293":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ECP_DP_SECP256R1:"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
+
+ECP check public-private #5 (Qy mismatch)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+mbedtls_ecp_check_pub_priv:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edfe":MBEDTLS_ECP_DP_SECP256R1:"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
+
+ECP check public-private #6 (wrong Qx)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+mbedtls_ecp_check_pub_priv:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596293":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ECP_DP_SECP256R1:"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596293":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
+
+ECP check public-private #7 (wrong Qy)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+mbedtls_ecp_check_pub_priv:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edfe":MBEDTLS_ECP_DP_SECP256R1:"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edfe":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
+
+ECP gen keypair [#1]
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+mbedtls_ecp_gen_keypair:MBEDTLS_ECP_DP_SECP192R1
+
+ECP gen keypair [#2]
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_gen_keypair:MBEDTLS_ECP_DP_CURVE25519
+
+ECP gen keypair wrapper
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+mbedtls_ecp_gen_key:MBEDTLS_ECP_DP_SECP192R1
+
+ECP generate Montgomery key: Curve25519, random in range
+genkey_mx_known_answer:254:"9e020406080a0c0e10121416181a1c1e20222426282a2c2e30323436383a3df0":"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8"
+
+ECP generate Montgomery key: Curve25519, clear higher bit
+genkey_mx_known_answer:254:"ff0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8":"7f808101820283038404850586068707880889098a0a8b0b8c0c8d0d8e0e8f78"
+
+ECP generate Montgomery key: Curve25519, clear low bits
+genkey_mx_known_answer:254:"9e020406080a0c0e10121416181a1c1e20222426282a2c2e30323436383a3dff":"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1ef8"
+
+ECP generate Montgomery key: Curve25519, random = all-bits-zero
+genkey_mx_known_answer:254:"0000000000000000000000000000000000000000000000000000000000000000":"4000000000000000000000000000000000000000000000000000000000000000"
+
+ECP generate Montgomery key: Curve25519, random = all-bits-one
+genkey_mx_known_answer:254:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"7ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8"
+
+ECP generate Montgomery key: Curve25519, not enough entropy
+genkey_mx_known_answer:254:"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":""
+
+ECP generate Montgomery key: Curve448, random in range
+genkey_mx_known_answer:447:"cf0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536fc":"cf0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536fc"
+
+ECP generate Montgomery key: Curve448, set high bit
+genkey_mx_known_answer:447:"0f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536fc":"8f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536fc"
+
+ECP generate Montgomery key: Curve448, clear low bits
+genkey_mx_known_answer:447:"cf0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536ff":"cf0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536fc"
+
+ECP generate Montgomery key: Curve448, random = all-bits-zero
+genkey_mx_known_answer:447:"0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
+
+ECP generate Montgomery key: Curve448, random = all-bits-one
+genkey_mx_known_answer:447:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc"
+
+ECP generate Montgomery key: Curve448, not enough entropy
+genkey_mx_known_answer:447:"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536":""
+
+ECP read key #1 (short weierstrass, too small)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"00":MBEDTLS_ERR_ECP_INVALID_KEY:0
+
+ECP read key #2 (short weierstrass, smallest)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"01":0:1
+
+ECP read key #3 (short weierstrass, biggest)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22830":0:1
+
+ECP read key #4 (short weierstrass, too big)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831":MBEDTLS_ERR_ECP_INVALID_KEY:0
+
+ECP read key #5 (Curve25519, most significant bit set)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"00000000000000000000000000000000000000000000000000000000000000C0":0:0
+
+ECP read key #6 (Curve25519, second most significant bit unset)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"F0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3F":0:0
+
+ECP read key #7 (Curve25519, msb OK)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0000000000000000000000000000000000000000000000000000000000000040":0:1
+
+ECP read key #8 (Curve25519, bit 0 set)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0100000000000000000000000000000000000000000000000000000000000040":0:0
+
+ECP read key #9 (Curve25519, bit 1 set)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0200000000000000000000000000000000000000000000000000000000000040":0:0
+
+ECP read key #10 (Curve25519, bit 2 set)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0400000000000000000000000000000000000000000000000000000000000040":0:0
+
+ECP read key #11 (Curve25519, OK)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"F8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7F":0:1
+
+ECP read key #12 (Curve25519, too long)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"00000000000000000000000000000000000000000000000000000000000000000C":MBEDTLS_ERR_ECP_INVALID_KEY:0
+
+ECP read key #13 (Curve25519, not long enough)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"F0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3F":MBEDTLS_ERR_ECP_INVALID_KEY:0
+
+ECP read key #14 (Curve448, not supported)
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE448:"FCFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:0
+
+ECP read key #15 (Curve25519, not supported)
+depends_on:!MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"F8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7F":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:0
+
+ECP read key #15 (invalid curve)
+mbedtls_ecp_read_key:INT_MAX:"F8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7F":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:0
+
+ECP read key #16 (Curve25519 RFC, OK)
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":0:1
+
+ECP mod p192 small (more than 192 bits, less limbs than 2 * 192 bits)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_fast_mod:MBEDTLS_ECP_DP_SECP192R1:"0100000000000103010000000000010201000000000001010100000000000100"
+
+ECP mod p192 readable
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_fast_mod:MBEDTLS_ECP_DP_SECP192R1:"010000000000010501000000000001040100000000000103010000000000010201000000000001010100000000000100"
+
+ECP mod p192 readable with carry
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_fast_mod:MBEDTLS_ECP_DP_SECP192R1:"FF00000000010500FF00000000010400FF00000000010300FF00000000010200FF00000000010100FF00000000010000"
+
+ECP mod p192 random
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_fast_mod:MBEDTLS_ECP_DP_SECP192R1:"36CF96B45D706A0954D89E52CE5F38517A2270E0175849B6F3740151D238CCABEF921437E475881D83BB69E4AA258EBD"
+
+ECP mod p192 (from a past failure case)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_fast_mod:MBEDTLS_ECP_DP_SECP192R1:"1AC2D6F96A2A425E9DD1776DD8368D4BBC86BF4964E79FEA713583BF948BBEFF0939F96FB19EC48C585BDA6A2D35C750"
+
+ECP mod p224 readable without carry
+depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
+ecp_fast_mod:MBEDTLS_ECP_DP_SECP224R1:"0000000D0000000C0000000B0000000A0000000900000008000000070000FF060000FF050000FF040000FF03000FF0020000FF010000FF00"
+
+ECP mod p224 readable with negative carry
+depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
+ecp_fast_mod:MBEDTLS_ECP_DP_SECP224R1:"0000000D0000000C0000000B0000000A00000009000000080000000700000006000000050000000400000003000000020000000100000000"
+
+ECP mod p224 readable with positive carry
+depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
+ecp_fast_mod:MBEDTLS_ECP_DP_SECP224R1:"0000000D0000000C0000000BFFFFFF0AFFFFFF09FFFFFF08FFFFFF070000FF060000FF050000FF040000FF03000FF0020000FF010000FF00"
+
+ECP mod p224 readable with final negative carry
+depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
+ecp_fast_mod:MBEDTLS_ECP_DP_SECP224R1:"FF00000D0000000C0000000B0000000A00000009000000080000000700000006000000050000000400000003000000020000000100000000"
+
+ECP mod p521 very small
+depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+ecp_fast_mod:MBEDTLS_ECP_DP_SECP521R1:"01"
+
+ECP mod p521 small (522 bits)
+depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+ecp_fast_mod:MBEDTLS_ECP_DP_SECP521R1:"030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
+
+ECP mod p521 readable
+depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+ecp_fast_mod:MBEDTLS_ECP_DP_SECP521R1:"03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
+
+ECP mod p521 readable with carry
+depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+ecp_fast_mod:MBEDTLS_ECP_DP_SECP521R1:"03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"
+
+ECP test vectors secp192r1 rfc 5114
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_test_vect:MBEDTLS_ECP_DP_SECP192R1:"323FA3169D8E9C6593F59476BC142000AB5BE0E249C43426":"CD46489ECFD6C105E7B3D32566E2B122E249ABAADD870612":"68887B4877DF51DD4DC3D6FD11F0A26F8FD3844317916E9A":"631F95BB4A67632C9C476EEE9AB695AB240A0499307FCF62":"519A121680E0045466BA21DF2EEE47F5973B500577EF13D5":"FF613AB4D64CEE3A20875BDB10F953F6B30CA072C60AA57F":"AD420182633F8526BFE954ACDA376F05E5FF4F837F54FEBE":"4371545ED772A59741D0EDA32C671112B7FDDD51461FCF32"
+
+ECP test vectors secp224r1 rfc 5114
+depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
+ecp_test_vect:MBEDTLS_ECP_DP_SECP224R1:"B558EB6C288DA707BBB4F8FBAE2AB9E9CB62E3BC5C7573E22E26D37F":"49DFEF309F81488C304CFF5AB3EE5A2154367DC7833150E0A51F3EEB":"4F2B5EE45762C4F654C1A0C67F54CF88B016B51BCE3D7C228D57ADB4":"AC3B1ADD3D9770E6F6A708EE9F3B8E0AB3B480E9F27F85C88B5E6D18":"6B3AC96A8D0CDE6A5599BE8032EDF10C162D0A8AD219506DCD42A207":"D491BE99C213A7D1CA3706DEBFE305F361AFCBB33E2609C8B1618AD5":"52272F50F46F4EDC9151569092F46DF2D96ECC3B6DC1714A4EA949FA":"5F30C6AA36DDC403C0ACB712BB88F1763C3046F6D919BD9C524322BF"
+
+ECP test vectors secp256r1 rfc 5114
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_test_vect:MBEDTLS_ECP_DP_SECP256R1:"814264145F2F56F2E96A8E337A1284993FAF432A5ABCE59E867B7291D507A3AF":"2AF502F3BE8952F2C9B5A8D4160D09E97165BE50BC42AE4A5E8D3B4BA83AEB15":"EB0FAF4CA986C4D38681A0F9872D79D56795BD4BFF6E6DE3C0F5015ECE5EFD85":"2CE1788EC197E096DB95A200CC0AB26A19CE6BCCAD562B8EEE1B593761CF7F41":"B120DE4AA36492795346E8DE6C2C8646AE06AAEA279FA775B3AB0715F6CE51B0":"9F1B7EECE20D7B5ED8EC685FA3F071D83727027092A8411385C34DDE5708B2B6":"DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788":"0357DCCD4C804D0D8D33AA42B848834AA5605F9AB0D37239A115BBB647936F50"
+
+ECP test vectors secp384r1 rfc 5114
+depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+ecp_test_vect:MBEDTLS_ECP_DP_SECP384R1:"D27335EA71664AF244DD14E9FD1260715DFD8A7965571C48D709EE7A7962A156D706A90CBCB5DF2986F05FEADB9376F1":"793148F1787634D5DA4C6D9074417D05E057AB62F82054D10EE6B0403D6279547E6A8EA9D1FD77427D016FE27A8B8C66":"C6C41294331D23E6F480F4FB4CD40504C947392E94F4C3F06B8F398BB29E42368F7A685923DE3B67BACED214A1A1D128":"52D1791FDB4B70F89C0F00D456C2F7023B6125262C36A7DF1F80231121CCE3D39BE52E00C194A4132C4A6C768BCD94D2":"5CD42AB9C41B5347F74B8D4EFB708B3D5B36DB65915359B44ABC17647B6B9999789D72A84865AE2F223F12B5A1ABC120":"E171458FEAA939AAA3A8BFAC46B404BD8F6D5B348C0FA4D80CECA16356CA933240BDE8723415A8ECE035B0EDF36755DE":"5EA1FC4AF7256D2055981B110575E0A8CAE53160137D904C59D926EB1B8456E427AA8A4540884C37DE159A58028ABC0E":"0CC59E4B046414A81C8A3BDFDCA92526C48769DD8D3127CAA99B3632D1913942DE362EAFAA962379374D9F3F066841CA"
+
+ECP test vectors secp521r1 rfc 5114
+depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+ecp_test_vect:MBEDTLS_ECP_DP_SECP521R1:"0113F82DA825735E3D97276683B2B74277BAD27335EA71664AF2430CC4F33459B9669EE78B3FFB9B8683015D344DCBFEF6FB9AF4C6C470BE254516CD3C1A1FB47362":"01EBB34DD75721ABF8ADC9DBED17889CBB9765D90A7C60F2CEF007BB0F2B26E14881FD4442E689D61CB2DD046EE30E3FFD20F9A45BBDF6413D583A2DBF59924FD35C":"00F6B632D194C0388E22D8437E558C552AE195ADFD153F92D74908351B2F8C4EDA94EDB0916D1B53C020B5EECAED1A5FC38A233E4830587BB2EE3489B3B42A5A86A4":"00CEE3480D8645A17D249F2776D28BAE616952D1791FDB4B70F7C3378732AA1B22928448BCD1DC2496D435B01048066EBE4F72903C361B1A9DC1193DC2C9D0891B96":"010EBFAFC6E85E08D24BFFFCC1A4511DB0E634BEEB1B6DEC8C5939AE44766201AF6200430BA97C8AC6A0E9F08B33CE7E9FEEB5BA4EE5E0D81510C24295B8A08D0235":"00A4A6EC300DF9E257B0372B5E7ABFEF093436719A77887EBB0B18CF8099B9F4212B6E30A1419C18E029D36863CC9D448F4DBA4D2A0E60711BE572915FBD4FEF2695":"00CDEA89621CFA46B132F9E4CFE2261CDE2D4368EB5656634C7CC98C7A00CDE54ED1866A0DD3E6126C9D2F845DAFF82CEB1DA08F5D87521BB0EBECA77911169C20CC":"00F9A71641029B7FC1A808AD07CD4861E868614B865AFBECAB1F2BD4D8B55EBCB5E3A53143CEB2C511B1AE0AF5AC827F60F2FD872565AC5CA0A164038FE980A7E4BD"
+
+ECP test vectors brainpoolP256r1 rfc 7027
+depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED
+ecp_test_vect:MBEDTLS_ECP_DP_BP256R1:"81DB1EE100150FF2EA338D708271BE38300CB54241D79950F77B063039804F1D":"44106E913F92BC02A1705D9953A8414DB95E1AAA49E81D9E85F929A8E3100BE5":"8AB4846F11CACCB73CE49CBDD120F5A900A69FD32C272223F789EF10EB089BDC":"55E40BC41E37E3E2AD25C3C6654511FFA8474A91A0032087593852D3E7D76BD3":"8D2D688C6CF93E1160AD04CC4429117DC2C41825E1E9FCA0ADDD34E6F1B39F7B":"990C57520812BE512641E47034832106BC7D3E8DD0E4C7F1136D7006547CEC6A":"89AFC39D41D3B327814B80940B042590F96556EC91E6AE7939BCE31F3A18BF2B":"49C27868F4ECA2179BFD7D59B1E3BF34C1DBDE61AE12931648F43E59632504DE"
+
+ECP test vectors brainpoolP384r1 rfc 7027
+depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED
+ecp_test_vect:MBEDTLS_ECP_DP_BP384R1:"1E20F5E048A5886F1F157C74E91BDE2B98C8B52D58E5003D57053FC4B0BD65D6F15EB5D1EE1610DF870795143627D042":"68B665DD91C195800650CDD363C625F4E742E8134667B767B1B476793588F885AB698C852D4A6E77A252D6380FCAF068":"55BC91A39C9EC01DEE36017B7D673A931236D2F1F5C83942D049E3FA20607493E0D038FF2FD30C2AB67D15C85F7FAA59":"032640BC6003C59260F7250C3DB58CE647F98E1260ACCE4ACDA3DD869F74E01F8BA5E0324309DB6A9831497ABAC96670":"4D44326F269A597A5B58BBA565DA5556ED7FD9A8A9EB76C25F46DB69D19DC8CE6AD18E404B15738B2086DF37E71D1EB4":"62D692136DE56CBE93BF5FA3188EF58BC8A3A0EC6C1E151A21038A42E9185329B5B275903D192F8D4E1F32FE9CC78C48":"0BD9D3A7EA0B3D519D09D8E48D0785FB744A6B355E6304BC51C229FBBCE239BBADF6403715C35D4FB2A5444F575D4F42":"0DF213417EBE4D8E40A5F76F66C56470C489A3478D146DECF6DF0D94BAE9E598157290F8756066975F1DB34B2324B7BD"
+
+ECP test vectors brainpoolP512r1 rfc 7027
+depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED
+ecp_test_vect:MBEDTLS_ECP_DP_BP512R1:"16302FF0DBBB5A8D733DAB7141C1B45ACBC8715939677F6A56850A38BD87BD59B09E80279609FF333EB9D4C061231FB26F92EEB04982A5F1D1764CAD57665422":"0A420517E406AAC0ACDCE90FCD71487718D3B953EFD7FBEC5F7F27E28C6149999397E91E029E06457DB2D3E640668B392C2A7E737A7F0BF04436D11640FD09FD":"72E6882E8DB28AAD36237CD25D580DB23783961C8DC52DFA2EC138AD472A0FCEF3887CF62B623B2A87DE5C588301EA3E5FC269B373B60724F5E82A6AD147FDE7":"230E18E1BCC88A362FA54E4EA3902009292F7F8033624FD471B5D8ACE49D12CFABBC19963DAB8E2F1EBA00BFFB29E4D72D13F2224562F405CB80503666B25429":"9D45F66DE5D67E2E6DB6E93A59CE0BB48106097FF78A081DE781CDB31FCE8CCBAAEA8DD4320C4119F1E9CD437A2EAB3731FA9668AB268D871DEDA55A5473199F":"2FDC313095BCDD5FB3A91636F07A959C8E86B5636A1E930E8396049CB481961D365CC11453A06C719835475B12CB52FC3C383BCE35E27EF194512B71876285FA":"A7927098655F1F9976FA50A9D566865DC530331846381C87256BAF3226244B76D36403C024D7BBF0AA0803EAFF405D3D24F11A9B5C0BEF679FE1454B21C4CD1F":"7DB71C3DEF63212841C463E881BDCF055523BD368240E6C3143BD8DEF8B3B3223B95E0F53082FF5E412F4222537A43DF1C6D25729DDB51620A832BE6A26680A2"
+
+ECP test vectors Curve25519
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_test_vec_x:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"057E23EA9F1CBE8A27168F6E696A791DE61DD3AF7ACD4EEACC6E7BA514FDA863":"47DC3D214174820E1154B49BC6CDB2ABD45EE95817055D255AA35831B70D3260":"6EB89DA91989AE37C7EAC7618D9E5C4951DBA1D73C285AE1CD26A855020EEF04":"61450CD98E36016B58776A897A9F0AEF738B99F09468B8D6B8511184D53494AB"
+
+ECP point multiplication Curve25519 (normalized) #1
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"09":"00":"01":"057E23EA9F1CBE8A27168F6E696A791DE61DD3AF7ACD4EEACC6E7BA514FDA863":"00":"01":0
+
+ECP point multiplication Curve25519 (not normalized) #2
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"1B":"00":"03":"057E23EA9F1CBE8A27168F6E696A791DE61DD3AF7ACD4EEACC6E7BA514FDA863":"00":"01":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP point multiplication Curve25519 (element of order 2: origin) #3
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"00":"00":"01":"00":"01":"00":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP point multiplication Curve25519 (element of order 4: 1) #4
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"01":"00":"01":"00":"01":"00":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP point multiplication Curve25519 (element of order 8) #5
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"B8495F16056286FDB1329CEB8D09DA6AC49FF1FAE35616AEB8413B7C7AEBE0":"00":"01":"00":"01":"00":MBEDTLS_ERR_ECP_INVALID_KEY
+
+ECP point multiplication rng fail secp256r1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_test_mul_rng:MBEDTLS_ECP_DP_SECP256R1:"814264145F2F56F2E96A8E337A1284993FAF432A5ABCE59E867B7291D507A3AF"
+
+ECP point multiplication rng fail Curve25519
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_test_mul_rng:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660"
+
+ECP point muladd secp256r1 #1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_muladd:MBEDTLS_ECP_DP_SECP256R1:"01":"04e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e0e1ff20e1ffe120e1e1e173287170a761308491683e345cacaebb500c96e1a7bbd37772968b2c951f0579":"01":"04e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1ffffffff20e120e1e1e1e13a4e135157317b79d4ecf329fed4f9eb00dc67dbddae33faca8b6d8a0255b5ce":"04fab65e09aa5dd948320f86246be1d3fc571e7f799d9005170ed5cc868b67598431a668f96aa9fd0b0eb15f0edf4c7fe1be2885eadcb57e3db4fdd093585d3fa6"
+
+ECP point muladd secp256r1 #2
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_muladd:MBEDTLS_ECP_DP_SECP256R1:"01":"04e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1ffffffff20e120e1e1e1e13a4e135157317b79d4ecf329fed4f9eb00dc67dbddae33faca8b6d8a0255b5ce":"01":"04e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e0e1ff20e1ffe120e1e1e173287170a761308491683e345cacaebb500c96e1a7bbd37772968b2c951f0579":"04fab65e09aa5dd948320f86246be1d3fc571e7f799d9005170ed5cc868b67598431a668f96aa9fd0b0eb15f0edf4c7fe1be2885eadcb57e3db4fdd093585d3fa6"
+
+ECP point set zero
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_set_zero:MBEDTLS_ECP_DP_SECP256R1:"04e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e0e1ff20e1ffe120e1e1e173287170a761308491683e345cacaebb500c96e1a7bbd37772968b2c951f0579"
+
+ECP test vectors Curve448 (RFC 7748 6.2, after decodeUCoordinate)
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_test_vec_x:MBEDTLS_ECP_DP_CURVE448:"eb7298a5c0d8c29a1dab27f1a6826300917389449741a974f5bac9d98dc298d46555bce8bae89eeed400584bb046cf75579f51d125498f98":"a01fc432e5807f17530d1288da125b0cd453d941726436c8bbd9c5222c3da7fa639ce03db8d23b274a0721a1aed5227de6e3b731ccf7089b":"ad997351b6106f36b0d1091b929c4c37213e0d2b97e85ebb20c127691d0dad8f1d8175b0723745e639a3cb7044290b99e0e2a0c27a6a301c":"0936f37bc6c1bd07ae3dec7ab5dc06a73ca13242fb343efc72b9d82730b445f3d4b0bd077162a46dcfec6f9b590bfcbcf520cdb029a8b73e":"9d874a5137509a449ad5853040241c5236395435c36424fd560b0cb62b281d285275a740ce32a22dd1740f4aa9161cec95ccc61a18f4ff07"
+
+ECP test vectors secp192k1
+depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED
+ecp_test_vect:MBEDTLS_ECP_DP_SECP192K1:"D1E13A359F6E0F0698791938E6D60246030AE4B0D8D4E9DE":"281BCA982F187ED30AD5E088461EBE0A5FADBB682546DF79":"3F68A8E9441FB93A4DD48CB70B504FCC9AA01902EF5BE0F3":"BE97C5D2A1A94D081E3FACE53E65A27108B7467BDF58DE43":"5EB35E922CD693F7947124F5920022C4891C04F6A8B8DCB2":"60ECF73D0FC43E0C42E8E155FFE39F9F0B531F87B34B6C3C":"372F5C5D0E18313C82AEF940EC3AFEE26087A46F1EBAE923":"D5A9F9182EC09CEAEA5F57EA10225EC77FA44174511985FD"
+
+ECP test vectors secp224k1
+depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
+ecp_test_vect:MBEDTLS_ECP_DP_SECP224K1:"8EAD9B2819A3C2746B3EDC1E0D30F23271CDAC048C0615C961B1A9D3":"DEE0A75EF26CF8F501DB80807A3A0908E5CF01852709C1D35B31428B":"276D2B817918F7CD1DA5CCA081EC4B62CD255E0ACDC9F85FA8C52CAC":"AB7E70AEDA68A174ECC1F3800561B2D4FABE97C5D2A1A94D081E3FAC":"D2E94B00FD30201C40EDF73B137427916687AEA1935B277A5960DD1C":"DE728A614B17D91EB3CB2C17DA195562B6281585986332B3E12DA0ED":"B66B673D29038A3487A2D9C10CDCE67646F7C39C984EBE9E8795AD3C":"928C6147AF5EE4B54FA6ECF77B70CA3FEE5F4182DB057878F129DF":
+
+ECP test vectors secp256k1
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+ecp_test_vect:MBEDTLS_ECP_DP_SECP256K1:"923C6D4756CD940CD1E13A359F6E0F0698791938E6D60246030AE4B0D8D4E9DE":"20A865B295E93C5B090F324B84D7AC7526AA1CFE86DD80E792CECCD16B657D55":"38AC87141A4854A8DFD87333E107B61692323721FE2EAD6E52206FE471A4771B":"4F5036A8ED5809AB7E70AEDA68A174ECC1F3800561B2D4FABE97C5D2A1A94D08":"029F5D2CC5A2C7E538FBA321439B4EC8DD79B7FEB9C0A8A5114EEA39856E22E8":"165171AFC3411A427F24FDDE1192A551C90983EB421BC982AB4CF4E21F18F04B":"E4B5B537D3ACEA7624F2E9C185BFFD80BC7035E515F33E0D4CFAE747FD20038E":"2BC685B7DCDBC694F5E036C4EAE9BFB489D7BF8940C4681F734B71D68501514C"
+
+ECP selftest
+ecp_selftest:
+
+ECP restartable mul secp256r1 max_ops=0 (disabled)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_test_vect_restart:MBEDTLS_ECP_DP_SECP256R1:"814264145F2F56F2E96A8E337A1284993FAF432A5ABCE59E867B7291D507A3AF":"2AF502F3BE8952F2C9B5A8D4160D09E97165BE50BC42AE4A5E8D3B4BA83AEB15":"EB0FAF4CA986C4D38681A0F9872D79D56795BD4BFF6E6DE3C0F5015ECE5EFD85":"2CE1788EC197E096DB95A200CC0AB26A19CE6BCCAD562B8EEE1B593761CF7F41":"DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788":"0357DCCD4C804D0D8D33AA42B848834AA5605F9AB0D37239A115BBB647936F50":0:0:0
+
+ECP restartable mul secp256r1 max_ops=1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_test_vect_restart:MBEDTLS_ECP_DP_SECP256R1:"814264145F2F56F2E96A8E337A1284993FAF432A5ABCE59E867B7291D507A3AF":"2AF502F3BE8952F2C9B5A8D4160D09E97165BE50BC42AE4A5E8D3B4BA83AEB15":"EB0FAF4CA986C4D38681A0F9872D79D56795BD4BFF6E6DE3C0F5015ECE5EFD85":"2CE1788EC197E096DB95A200CC0AB26A19CE6BCCAD562B8EEE1B593761CF7F41":"DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788":"0357DCCD4C804D0D8D33AA42B848834AA5605F9AB0D37239A115BBB647936F50":1:1:5000
+
+ECP restartable mul secp256r1 max_ops=10000
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_test_vect_restart:MBEDTLS_ECP_DP_SECP256R1:"814264145F2F56F2E96A8E337A1284993FAF432A5ABCE59E867B7291D507A3AF":"2AF502F3BE8952F2C9B5A8D4160D09E97165BE50BC42AE4A5E8D3B4BA83AEB15":"EB0FAF4CA986C4D38681A0F9872D79D56795BD4BFF6E6DE3C0F5015ECE5EFD85":"2CE1788EC197E096DB95A200CC0AB26A19CE6BCCAD562B8EEE1B593761CF7F41":"DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788":"0357DCCD4C804D0D8D33AA42B848834AA5605F9AB0D37239A115BBB647936F50":10000:0:0
+
+ECP restartable mul secp256r1 max_ops=250
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_test_vect_restart:MBEDTLS_ECP_DP_SECP256R1:"814264145F2F56F2E96A8E337A1284993FAF432A5ABCE59E867B7291D507A3AF":"2AF502F3BE8952F2C9B5A8D4160D09E97165BE50BC42AE4A5E8D3B4BA83AEB15":"EB0FAF4CA986C4D38681A0F9872D79D56795BD4BFF6E6DE3C0F5015ECE5EFD85":"2CE1788EC197E096DB95A200CC0AB26A19CE6BCCAD562B8EEE1B593761CF7F41":"DD0F5396219D1EA393310412D19A08F1F5811E9DC8EC8EEA7F80D21C820C2788":"0357DCCD4C804D0D8D33AA42B848834AA5605F9AB0D37239A115BBB647936F50":250:2:32
+
+ECP restartable muladd secp256r1 max_ops=0 (disabled)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":0:0:0
+
+ECP restartable muladd secp256r1 max_ops=1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":1:1:10000
+
+ECP restartable muladd secp256r1 max_ops=10000
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":10000:0:0
+
+ECP restartable muladd secp256r1 max_ops=250
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":250:4:64
+
+ECP fix_negative: 0, -1, 224
+fix_negative:"00":-1:224
+
+ECP fix_negative: 1, -1, 224
+fix_negative:"01":-1:224
+
+ECP fix_negative: 2^32-1, -1, 224
+fix_negative:"ffffffff":-1:224
+
+ECP fix_negative: 2^32, -1, 224
+fix_negative:"0100000000":-1:224
+
+ECP fix_negative: 2^64-1, -1, 224
+fix_negative:"ffffffffffffffff":-1:224
+
+ECP fix_negative: 2^64, -1, 224
+fix_negative:"010000000000000000":-1:224
+
+ECP fix_negative: 2^128-1, -1, 224
+fix_negative:"ffffffffffffffffffffffffffffffff":-1:224
+
+ECP fix_negative: 2^128, -1, 224
+fix_negative:"0100000000000000000000000000000000":-1:224
+
+ECP fix_negative: 2^128+1, -1, 224
+fix_negative:"0100000000000000000000000000000001":-1:224
+
+ECP fix_negative: 2^224-1, -1, 224
+fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-1:224
+
+ECP fix_negative: 0, -2, 224
+fix_negative:"00":-2:224
+
+ECP fix_negative: 1, -2, 224
+fix_negative:"01":-2:224
+
+ECP fix_negative: 2^32-1, -2, 224
+fix_negative:"ffffffff":-2:224
+
+ECP fix_negative: 2^32, -2, 224
+fix_negative:"0100000000":-2:224
+
+ECP fix_negative: 2^64-1, -2, 224
+fix_negative:"ffffffffffffffff":-2:224
+
+ECP fix_negative: 2^64, -2, 224
+fix_negative:"010000000000000000":-2:224
+
+ECP fix_negative: 2^128-1, -2, 224
+fix_negative:"ffffffffffffffffffffffffffffffff":-2:224
+
+ECP fix_negative: 2^128, -2, 224
+fix_negative:"0100000000000000000000000000000000":-2:224
+
+ECP fix_negative: 2^128+1, -2, 224
+fix_negative:"0100000000000000000000000000000001":-2:224
+
+ECP fix_negative: 2^224-1, -2, 224
+fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-2:224
+
+ECP fix_negative: 0, -1, 256
+fix_negative:"00":-1:256
+
+ECP fix_negative: 1, -1, 256
+fix_negative:"01":-1:256
+
+ECP fix_negative: 2^32-1, -1, 256
+fix_negative:"ffffffff":-1:256
+
+ECP fix_negative: 2^32, -1, 256
+fix_negative:"0100000000":-1:256
+
+ECP fix_negative: 2^64-1, -1, 256
+fix_negative:"ffffffffffffffff":-1:256
+
+ECP fix_negative: 2^64, -1, 256
+fix_negative:"010000000000000000":-1:256
+
+ECP fix_negative: 2^128-1, -1, 256
+fix_negative:"ffffffffffffffffffffffffffffffff":-1:256
+
+ECP fix_negative: 2^128, -1, 256
+fix_negative:"0100000000000000000000000000000000":-1:256
+
+ECP fix_negative: 2^128+1, -1, 256
+fix_negative:"0100000000000000000000000000000001":-1:256
+
+ECP fix_negative: 2^256-1, -1, 256
+fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-1:256
+
+ECP fix_negative: 0, -2, 256
+fix_negative:"00":-2:256
+
+ECP fix_negative: 1, -2, 256
+fix_negative:"01":-2:256
+
+ECP fix_negative: 2^32-1, -2, 256
+fix_negative:"ffffffff":-2:256
+
+ECP fix_negative: 2^32, -2, 256
+fix_negative:"0100000000":-2:256
+
+ECP fix_negative: 2^64-1, -2, 256
+fix_negative:"ffffffffffffffff":-2:256
+
+ECP fix_negative: 2^64, -2, 256
+fix_negative:"010000000000000000":-2:256
+
+ECP fix_negative: 2^128-1, -2, 256
+fix_negative:"ffffffffffffffffffffffffffffffff":-2:256
+
+ECP fix_negative: 2^128, -2, 256
+fix_negative:"0100000000000000000000000000000000":-2:256
+
+ECP fix_negative: 2^128+1, -2, 256
+fix_negative:"0100000000000000000000000000000001":-2:256
+
+ECP fix_negative: 2^256-1, -2, 256
+fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-2:256
+
+# The first call to fix_negative in the test case of issue #4296.
+ECP fix_negative: #4296.1
+fix_negative:"8A4DD4C8B42C5EAED15FE4F4579F4CE513EC90A94010BF000000000000000000":-1:256
+
+ECP check order for SECP192R1
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecp_check_order:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831"
+
+ECP check order for SECP224R1
+depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
+ecp_check_order:MBEDTLS_ECP_DP_SECP224R1:"FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D"
+
+ECP check order for SECP256R1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecp_check_order:MBEDTLS_ECP_DP_SECP256R1:"FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551"
+
+ECP check order for SECP384R1
+depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+ecp_check_order:MBEDTLS_ECP_DP_SECP384R1:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973"
+
+ECP check order for SECP521R1
+depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+ecp_check_order:MBEDTLS_ECP_DP_SECP521R1:"01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409"
+
+ECP check order for BP256R1
+depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED
+ecp_check_order:MBEDTLS_ECP_DP_BP256R1:"A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7"
+
+ECP check order for BP384R1
+depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED
+ecp_check_order:MBEDTLS_ECP_DP_BP384R1:"8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565"
+
+ECP check order for BP512R1
+depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED
+ecp_check_order:MBEDTLS_ECP_DP_BP512R1:"AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069"
+
+ECP check order for CURVE25519
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecp_check_order:MBEDTLS_ECP_DP_CURVE25519:"1000000000000000000000000000000014def9dea2f79cd65812631a5cf5d3ed"
+
+ECP check order for SECP192K1
+depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED
+ecp_check_order:MBEDTLS_ECP_DP_SECP192K1:"fffffffffffffffffffffffe26f2fc170f69466a74defd8d"
+
+ECP check order for SECP224K1
+depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
+ecp_check_order:MBEDTLS_ECP_DP_SECP224K1:"10000000000000000000000000001dce8d2ec6184caf0a971769fb1f7"
+
+ECP check order for SECP256K1
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+ecp_check_order:MBEDTLS_ECP_DP_SECP256K1:"fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141"
+
+ECP check order for CURVE448
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecp_check_order:MBEDTLS_ECP_DP_CURVE448:"3fffffffffffffffffffffffffffffffffffffffffffffffffffffff7cca23e9c44edb49aed63690216cc2728dc58f552378c292ab5844f3"
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecp.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecp.function
new file mode 100644
index 0000000..b134061
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ecp.function
@@ -0,0 +1,1556 @@
+/* BEGIN_HEADER */
+#include "mbedtls/ecp.h"
+#include "mbedtls/ecdsa.h"
+#include "mbedtls/ecdh.h"
+
+#include "ecp_invasive.h"
+
+#if defined(MBEDTLS_TEST_HOOKS) &&                  \
+    (defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) ||  \
+    defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) ||  \
+    defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED))
+#define HAVE_FIX_NEGATIVE
+#endif
+
+#define ECP_PF_UNKNOWN     -1
+
+#define ECP_PT_RESET(x)           \
+    mbedtls_ecp_point_free(x);    \
+    mbedtls_ecp_point_init(x);
+
+/* Auxiliary function to compare two mbedtls_ecp_group objects. */
+inline static int mbedtls_ecp_group_cmp(mbedtls_ecp_group *grp1,
+                                        mbedtls_ecp_group *grp2)
+{
+    if (mbedtls_mpi_cmp_mpi(&grp1->P, &grp2->P) != 0) {
+        return 1;
+    }
+    if (mbedtls_mpi_cmp_mpi(&grp1->A, &grp2->A) != 0) {
+        return 1;
+    }
+    if (mbedtls_mpi_cmp_mpi(&grp1->B, &grp2->B) != 0) {
+        return 1;
+    }
+    if (mbedtls_mpi_cmp_mpi(&grp1->N, &grp2->N) != 0) {
+        return 1;
+    }
+    if (mbedtls_ecp_point_cmp(&grp1->G, &grp2->G) != 0) {
+        return 1;
+    }
+    if (grp1->id != grp2->id) {
+        return 1;
+    }
+    if (grp1->pbits != grp2->pbits) {
+        return 1;
+    }
+    if (grp1->nbits != grp2->nbits) {
+        return 1;
+    }
+    if (grp1->h != grp2->h) {
+        return 1;
+    }
+    if (grp1->modp != grp2->modp) {
+        return 1;
+    }
+    if (grp1->t_pre != grp2->t_pre) {
+        return 1;
+    }
+    if (grp1->t_post != grp2->t_post) {
+        return 1;
+    }
+    if (grp1->t_data != grp2->t_data) {
+        return 1;
+    }
+    /* Here we should not compare T and T_size as the value of T is
+     * always NULL for Montgomery curves and for Weierstrass curves
+     * it will be NULL until ecp_mul is called. After calling ecp_mul,
+     * the value will be unique (dynamically allocated).
+     */
+
+    return 0;
+}
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_ECP_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void ecp_valid_param()
+{
+    TEST_VALID_PARAM(mbedtls_ecp_group_free(NULL));
+    TEST_VALID_PARAM(mbedtls_ecp_keypair_free(NULL));
+    TEST_VALID_PARAM(mbedtls_ecp_point_free(NULL));
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    TEST_VALID_PARAM(mbedtls_ecp_restart_free(NULL));
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+exit:
+    return;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void ecp_invalid_param()
+{
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_keypair kp;
+    mbedtls_ecp_point P;
+    mbedtls_mpi m;
+    const char *x = "deadbeef";
+    int valid_fmt   = MBEDTLS_ECP_PF_UNCOMPRESSED;
+    int invalid_fmt = 42;
+    size_t olen;
+    unsigned char buf[42] = { 0 };
+    const unsigned char *null_buf = NULL;
+    mbedtls_ecp_group_id valid_group = MBEDTLS_ECP_DP_SECP192R1;
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    mbedtls_ecp_restart_ctx restart_ctx;
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecp_point_init(&P);
+
+    TEST_INVALID_PARAM(mbedtls_ecp_point_init(NULL));
+    TEST_INVALID_PARAM(mbedtls_ecp_keypair_init(NULL));
+    TEST_INVALID_PARAM(mbedtls_ecp_group_init(NULL));
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    TEST_INVALID_PARAM(mbedtls_ecp_restart_init(NULL));
+    TEST_INVALID_PARAM(mbedtls_ecp_check_budget(NULL, &restart_ctx, 42));
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_copy(NULL, &P));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_copy(&P, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_group_copy(NULL, &grp));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_group_copy(&grp, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_gen_privkey(NULL,
+                                                   &m,
+                                                   mbedtls_test_rnd_std_rand,
+                                                   NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_gen_privkey(&grp,
+                                                   NULL,
+                                                   mbedtls_test_rnd_std_rand,
+                                                   NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_gen_privkey(&grp,
+                                                   &m,
+                                                   NULL,
+                                                   NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_set_zero(NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_is_zero(NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_point_cmp(NULL, &P));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_point_cmp(&P, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_point_read_string(NULL, 2,
+                                                         x, x));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_point_read_string(&P, 2,
+                                                         NULL, x));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_point_read_string(&P, 2,
+                                                         x, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_point_write_binary(NULL, &P,
+                                                          valid_fmt,
+                                                          &olen,
+                                                          buf, sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_point_write_binary(&grp, NULL,
+                                                          valid_fmt,
+                                                          &olen,
+                                                          buf, sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_point_write_binary(&grp, &P,
+                                                          invalid_fmt,
+                                                          &olen,
+                                                          buf, sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_point_write_binary(&grp, &P,
+                                                          valid_fmt,
+                                                          NULL,
+                                                          buf, sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_point_write_binary(&grp, &P,
+                                                          valid_fmt,
+                                                          &olen,
+                                                          NULL, sizeof(buf)));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_point_read_binary(NULL, &P, buf,
+                                                         sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_point_read_binary(&grp, NULL, buf,
+                                                         sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_point_read_binary(&grp, &P, NULL,
+                                                         sizeof(buf)));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_tls_read_point(NULL, &P,
+                                                      (const unsigned char **) &buf,
+                                                      sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_tls_read_point(&grp, NULL,
+                                                      (const unsigned char **) &buf,
+                                                      sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_tls_read_point(&grp, &P, &null_buf,
+                                                      sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_tls_read_point(&grp, &P, NULL,
+                                                      sizeof(buf)));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_tls_write_point(NULL, &P,
+                                                       valid_fmt,
+                                                       &olen,
+                                                       buf,
+                                                       sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_tls_write_point(&grp, NULL,
+                                                       valid_fmt,
+                                                       &olen,
+                                                       buf,
+                                                       sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_tls_write_point(&grp, &P,
+                                                       invalid_fmt,
+                                                       &olen,
+                                                       buf,
+                                                       sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_tls_write_point(&grp, &P,
+                                                       valid_fmt,
+                                                       NULL,
+                                                       buf,
+                                                       sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_tls_write_point(&grp, &P,
+                                                       valid_fmt,
+                                                       &olen,
+                                                       NULL,
+                                                       sizeof(buf)));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_group_load(NULL, valid_group));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_tls_read_group(NULL,
+                                                      (const unsigned char **) &buf,
+                                                      sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_tls_read_group(&grp, NULL,
+                                                      sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_tls_read_group(&grp, &null_buf,
+                                                      sizeof(buf)));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_tls_read_group_id(NULL,
+                                                         (const unsigned char **) &buf,
+                                                         sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_tls_read_group_id(&valid_group, NULL,
+                                                         sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_tls_read_group_id(&valid_group,
+                                                         &null_buf,
+                                                         sizeof(buf)));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_tls_write_group(NULL, &olen,
+                                                       buf, sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_tls_write_group(&grp, NULL,
+                                                       buf, sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_tls_write_group(&grp, &olen,
+                                                       NULL, sizeof(buf)));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_mul(NULL, &P, &m, &P,
+                                           mbedtls_test_rnd_std_rand,
+                                           NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_mul(&grp, NULL, &m, &P,
+                                           mbedtls_test_rnd_std_rand,
+                                           NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_mul(&grp, &P, NULL, &P,
+                                           mbedtls_test_rnd_std_rand,
+                                           NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_mul(&grp, &P, &m, NULL,
+                                           mbedtls_test_rnd_std_rand,
+                                           NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_mul_restartable(NULL, &P, &m, &P,
+                                                       mbedtls_test_rnd_std_rand,
+                                                       NULL, NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_mul_restartable(&grp, NULL, &m, &P,
+                                                       mbedtls_test_rnd_std_rand,
+                                                       NULL, NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_mul_restartable(&grp, &P, NULL, &P,
+                                                       mbedtls_test_rnd_std_rand,
+                                                       NULL, NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_mul_restartable(&grp, &P, &m, NULL,
+                                                       mbedtls_test_rnd_std_rand,
+                                                       NULL, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_muladd(NULL, &P, &m, &P,
+                                              &m, &P));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_muladd(&grp, NULL, &m, &P,
+                                              &m, &P));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_muladd(&grp, &P, NULL, &P,
+                                              &m, &P));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_muladd(&grp, &P, &m, NULL,
+                                              &m, &P));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_muladd(&grp, &P, &m, &P,
+                                              NULL, &P));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_muladd(&grp, &P, &m, &P,
+                                              &m, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_muladd_restartable(NULL, &P, &m, &P,
+                                                          &m, &P, NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_muladd_restartable(&grp, NULL, &m, &P,
+                                                          &m, &P, NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_muladd_restartable(&grp, &P, NULL, &P,
+                                                          &m, &P, NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_muladd_restartable(&grp, &P, &m, NULL,
+                                                          &m, &P, NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_muladd_restartable(&grp, &P, &m, &P,
+                                                          NULL, &P, NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_muladd_restartable(&grp, &P, &m, &P,
+                                                          &m, NULL, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_check_pubkey(NULL, &P));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_check_pubkey(&grp, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_check_pub_priv(NULL, &kp));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_check_pub_priv(&kp, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_check_privkey(NULL, &m));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_check_privkey(&grp, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_gen_keypair_base(NULL, &P, &m, &P,
+                                                        mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_gen_keypair_base(&grp, NULL, &m, &P,
+                                                        mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_gen_keypair_base(&grp, &P, NULL, &P,
+                                                        mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_gen_keypair_base(&grp, &P, &m, NULL,
+                                                        mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_gen_keypair_base(&grp, &P, &m, &P, NULL, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_gen_keypair(NULL,
+                                                   &m, &P,
+                                                   mbedtls_test_rnd_std_rand,
+                                                   NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_gen_keypair(&grp,
+                                                   NULL, &P,
+                                                   mbedtls_test_rnd_std_rand,
+                                                   NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_gen_keypair(&grp,
+                                                   &m, NULL,
+                                                   mbedtls_test_rnd_std_rand,
+                                                   NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_gen_keypair(&grp,
+                                                   &m, &P,
+                                                   NULL,
+                                                   NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_gen_key(valid_group, NULL,
+                                               mbedtls_test_rnd_std_rand,
+                                               NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
+                           mbedtls_ecp_gen_key(valid_group, &kp,
+                                               NULL, NULL));
+
+exit:
+    return;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_ecp_curve_info(int id, int tls_id, int size, char *name)
+{
+    const mbedtls_ecp_curve_info *by_id, *by_tls, *by_name;
+
+    by_id   = mbedtls_ecp_curve_info_from_grp_id(id);
+    by_tls  = mbedtls_ecp_curve_info_from_tls_id(tls_id);
+    by_name = mbedtls_ecp_curve_info_from_name(name);
+    TEST_ASSERT(by_id   != NULL);
+    TEST_ASSERT(by_tls  != NULL);
+    TEST_ASSERT(by_name != NULL);
+
+    TEST_ASSERT(by_id == by_tls);
+    TEST_ASSERT(by_id == by_name);
+
+    TEST_ASSERT(by_id->bit_size == size);
+    TEST_ASSERT(size <= MBEDTLS_ECP_MAX_BITS);
+    TEST_ASSERT(size <= MBEDTLS_ECP_MAX_BYTES * 8);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecp_check_pub(int grp_id, char *x_hex, char *y_hex, char *z_hex,
+                   int ret)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point P;
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecp_point_init(&P);
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, grp_id) == 0);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&P.X, x_hex) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&P.Y, y_hex) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&P.Z, z_hex) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &P) == ret);
+
+exit:
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_ecp_point_free(&P);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
+void ecp_test_vect_restart(int id,
+                           char *dA_str, char *xA_str, char *yA_str,
+                           char *dB_str,  char *xZ_str, char *yZ_str,
+                           int max_ops, int min_restarts, int max_restarts)
+{
+    /*
+     * Test for early restart. Based on test vectors like ecp_test_vect(),
+     * but for the sake of simplicity only does half of each side. It's
+     * important to test both base point and random point, though, as memory
+     * management is different in each case.
+     *
+     * Don't try using too precise bounds for restarts as the exact number
+     * will depend on settings such as MBEDTLS_ECP_FIXED_POINT_OPTIM and
+     * MBEDTLS_ECP_WINDOW_SIZE, as well as implementation details that may
+     * change in the future. A factor 2 is a minimum safety margin.
+     *
+     * For reference, with Mbed TLS 2.4 and default settings, for P-256:
+     * - Random point mult:     ~3250M
+     * - Cold base point mult:  ~3300M
+     * - Hot base point mult:   ~1100M
+     * With MBEDTLS_ECP_WINDOW_SIZE set to 2 (minimum):
+     * - Random point mult:     ~3850M
+     */
+    mbedtls_ecp_restart_ctx ctx;
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point R, P;
+    mbedtls_mpi dA, xA, yA, dB, xZ, yZ;
+    int cnt_restarts;
+    int ret;
+
+    mbedtls_ecp_restart_init(&ctx);
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecp_point_init(&R); mbedtls_ecp_point_init(&P);
+    mbedtls_mpi_init(&dA); mbedtls_mpi_init(&xA); mbedtls_mpi_init(&yA);
+    mbedtls_mpi_init(&dB); mbedtls_mpi_init(&xZ); mbedtls_mpi_init(&yZ);
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&dA, dA_str) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&xA, xA_str) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&yA, yA_str) == 0);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&dB, dB_str) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&xZ, xZ_str) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&yZ, yZ_str) == 0);
+
+    mbedtls_ecp_set_max_ops((unsigned) max_ops);
+
+    /* Base point case */
+    cnt_restarts = 0;
+    do {
+        ECP_PT_RESET(&R);
+        ret = mbedtls_ecp_mul_restartable(&grp, &R, &dA, &grp.G, NULL, NULL, &ctx);
+    } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts);
+
+    TEST_ASSERT(ret == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xA) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yA) == 0);
+
+    TEST_ASSERT(cnt_restarts >= min_restarts);
+    TEST_ASSERT(cnt_restarts <= max_restarts);
+
+    /* Non-base point case */
+    mbedtls_ecp_copy(&P, &R);
+    cnt_restarts = 0;
+    do {
+        ECP_PT_RESET(&R);
+        ret = mbedtls_ecp_mul_restartable(&grp, &R, &dB, &P, NULL, NULL, &ctx);
+    } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts);
+
+    TEST_ASSERT(ret == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xZ) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yZ) == 0);
+
+    TEST_ASSERT(cnt_restarts >= min_restarts);
+    TEST_ASSERT(cnt_restarts <= max_restarts);
+
+    /* Do we leak memory when aborting an operation?
+     * This test only makes sense when we actually restart */
+    if (min_restarts > 0) {
+        ret = mbedtls_ecp_mul_restartable(&grp, &R, &dB, &P, NULL, NULL, &ctx);
+        TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS);
+    }
+
+exit:
+    mbedtls_ecp_restart_free(&ctx);
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_ecp_point_free(&R); mbedtls_ecp_point_free(&P);
+    mbedtls_mpi_free(&dA); mbedtls_mpi_free(&xA); mbedtls_mpi_free(&yA);
+    mbedtls_mpi_free(&dB); mbedtls_mpi_free(&xZ); mbedtls_mpi_free(&yZ);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
+void ecp_muladd_restart(int id, char *xR_str, char *yR_str,
+                        char *u1_str, char *u2_str,
+                        char *xQ_str, char *yQ_str,
+                        int max_ops, int min_restarts, int max_restarts)
+{
+    /*
+     * Compute R = u1 * G + u2 * Q
+     * (test vectors mostly taken from ECDSA intermediate results)
+     *
+     * See comments at the top of ecp_test_vect_restart()
+     */
+    mbedtls_ecp_restart_ctx ctx;
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point R, Q;
+    mbedtls_mpi u1, u2, xR, yR;
+    int cnt_restarts;
+    int ret;
+
+    mbedtls_ecp_restart_init(&ctx);
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecp_point_init(&R);
+    mbedtls_ecp_point_init(&Q);
+    mbedtls_mpi_init(&u1); mbedtls_mpi_init(&u2);
+    mbedtls_mpi_init(&xR); mbedtls_mpi_init(&yR);
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&u1, u1_str) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&u2, u2_str) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&xR, xR_str) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&yR, yR_str) == 0);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&Q.X, xQ_str) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Q.Y, yQ_str) == 0);
+    TEST_ASSERT(mbedtls_mpi_lset(&Q.Z, 1) == 0);
+
+    mbedtls_ecp_set_max_ops((unsigned) max_ops);
+
+    cnt_restarts = 0;
+    do {
+        ECP_PT_RESET(&R);
+        ret = mbedtls_ecp_muladd_restartable(&grp, &R,
+                                             &u1, &grp.G, &u2, &Q, &ctx);
+    } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts);
+
+    TEST_ASSERT(ret == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xR) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yR) == 0);
+
+    TEST_ASSERT(cnt_restarts >= min_restarts);
+    TEST_ASSERT(cnt_restarts <= max_restarts);
+
+    /* Do we leak memory when aborting an operation?
+     * This test only makes sense when we actually restart */
+    if (min_restarts > 0) {
+        ret = mbedtls_ecp_muladd_restartable(&grp, &R,
+                                             &u1, &grp.G, &u2, &Q, &ctx);
+        TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS);
+    }
+
+exit:
+    mbedtls_ecp_restart_free(&ctx);
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_ecp_point_free(&R);
+    mbedtls_ecp_point_free(&Q);
+    mbedtls_mpi_free(&u1); mbedtls_mpi_free(&u2);
+    mbedtls_mpi_free(&xR); mbedtls_mpi_free(&yR);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecp_test_vect(int id, char *dA_str, char *xA_str, char *yA_str,
+                   char *dB_str, char *xB_str, char *yB_str,
+                   char *xZ_str, char *yZ_str)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point R;
+    mbedtls_mpi dA, xA, yA, dB, xB, yB, xZ, yZ;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+
+    mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&R);
+    mbedtls_mpi_init(&dA); mbedtls_mpi_init(&xA); mbedtls_mpi_init(&yA); mbedtls_mpi_init(&dB);
+    mbedtls_mpi_init(&xB); mbedtls_mpi_init(&yB); mbedtls_mpi_init(&xZ); mbedtls_mpi_init(&yZ);
+    memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info));
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &grp.G) == 0);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&dA, dA_str) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&xA, xA_str) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&yA, yA_str) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&dB, dB_str) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&xB, xB_str) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&yB, yB_str) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&xZ, xZ_str) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&yZ, yZ_str) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dA, &grp.G,
+                                &mbedtls_test_rnd_pseudo_rand, &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xA) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yA) == 0);
+    TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0);
+    TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dB, &R, NULL, NULL) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xZ) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yZ) == 0);
+    TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dB, &grp.G, NULL, NULL) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xB) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yB) == 0);
+    TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0);
+    TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dA, &R,
+                                &mbedtls_test_rnd_pseudo_rand, &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xZ) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yZ) == 0);
+    TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0);
+
+exit:
+    mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&R);
+    mbedtls_mpi_free(&dA); mbedtls_mpi_free(&xA); mbedtls_mpi_free(&yA); mbedtls_mpi_free(&dB);
+    mbedtls_mpi_free(&xB); mbedtls_mpi_free(&yB); mbedtls_mpi_free(&xZ); mbedtls_mpi_free(&yZ);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecp_test_vec_x(int id, char *dA_hex, char *xA_hex, char *dB_hex,
+                    char *xB_hex, char *xS_hex)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point R;
+    mbedtls_mpi dA, xA, dB, xB, xS;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+
+    mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&R);
+    mbedtls_mpi_init(&dA); mbedtls_mpi_init(&xA);
+    mbedtls_mpi_init(&dB); mbedtls_mpi_init(&xB);
+    mbedtls_mpi_init(&xS);
+    memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info));
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &grp.G) == 0);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&dA, dA_hex) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&dB, dB_hex) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&xA, xA_hex) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&xB, xB_hex) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&xS, xS_hex) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dA, &grp.G,
+                                &mbedtls_test_rnd_pseudo_rand, &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xA) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dB, &R,
+                                &mbedtls_test_rnd_pseudo_rand, &rnd_info) == 0);
+    TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xS) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dB, &grp.G, NULL, NULL) == 0);
+    TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xB) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dA, &R, NULL, NULL) == 0);
+    TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xS) == 0);
+
+exit:
+    mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&R);
+    mbedtls_mpi_free(&dA); mbedtls_mpi_free(&xA);
+    mbedtls_mpi_free(&dB); mbedtls_mpi_free(&xB);
+    mbedtls_mpi_free(&xS);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecp_test_mul(int id, data_t *n_hex,
+                  data_t *Px_hex, data_t *Py_hex, data_t *Pz_hex,
+                  data_t *nPx_hex, data_t *nPy_hex, data_t *nPz_hex,
+                  int expected_ret)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point P, nP, R;
+    mbedtls_mpi n;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+
+    mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&R);
+    mbedtls_ecp_point_init(&P); mbedtls_ecp_point_init(&nP);
+    mbedtls_mpi_init(&n);
+    memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info));
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &grp.G) == 0);
+
+    TEST_ASSERT(mbedtls_mpi_read_binary(&n, n_hex->x, n_hex->len) == 0);
+
+    TEST_ASSERT(mbedtls_mpi_read_binary(&P.X, Px_hex->x, Px_hex->len) == 0);
+    TEST_ASSERT(mbedtls_mpi_read_binary(&P.Y, Py_hex->x, Py_hex->len) == 0);
+    TEST_ASSERT(mbedtls_mpi_read_binary(&P.Z, Pz_hex->x, Pz_hex->len) == 0);
+    TEST_ASSERT(mbedtls_mpi_read_binary(&nP.X, nPx_hex->x, nPx_hex->len)
+                == 0);
+    TEST_ASSERT(mbedtls_mpi_read_binary(&nP.Y, nPy_hex->x, nPy_hex->len)
+                == 0);
+    TEST_ASSERT(mbedtls_mpi_read_binary(&nP.Z, nPz_hex->x, nPz_hex->len)
+                == 0);
+
+    TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &n, &P,
+                                &mbedtls_test_rnd_pseudo_rand, &rnd_info)
+                == expected_ret);
+
+    if (expected_ret == 0) {
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&nP.X, &R.X) == 0);
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&nP.Y, &R.Y) == 0);
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&nP.Z, &R.Z) == 0);
+    }
+
+exit:
+    mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&R);
+    mbedtls_ecp_point_free(&P); mbedtls_ecp_point_free(&nP);
+    mbedtls_mpi_free(&n);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecp_test_mul_rng(int id, data_t *d_hex)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_mpi d;
+    mbedtls_ecp_point Q;
+
+    mbedtls_ecp_group_init(&grp); mbedtls_mpi_init(&d);
+    mbedtls_ecp_point_init(&Q);
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &grp.G) == 0);
+
+    TEST_ASSERT(mbedtls_mpi_read_binary(&d, d_hex->x, d_hex->len) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_mul(&grp, &Q, &d, &grp.G,
+                                &mbedtls_test_rnd_zero_rand, NULL)
+                == MBEDTLS_ERR_ECP_RANDOM_FAILED);
+
+exit:
+    mbedtls_ecp_group_free(&grp); mbedtls_mpi_free(&d);
+    mbedtls_ecp_point_free(&Q);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
+void ecp_muladd(int id,
+                data_t *u1_bin, data_t *P1_bin,
+                data_t *u2_bin, data_t *P2_bin,
+                data_t *expected_result)
+{
+    /* Compute R = u1 * P1 + u2 * P2 */
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point P1, P2, R;
+    mbedtls_mpi u1, u2;
+    uint8_t actual_result[MBEDTLS_ECP_MAX_PT_LEN];
+    size_t len;
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecp_point_init(&P1);
+    mbedtls_ecp_point_init(&P2);
+    mbedtls_ecp_point_init(&R);
+    mbedtls_mpi_init(&u1);
+    mbedtls_mpi_init(&u2);
+
+    TEST_EQUAL(0, mbedtls_ecp_group_load(&grp, id));
+    TEST_EQUAL(0, mbedtls_mpi_read_binary(&u1, u1_bin->x, u1_bin->len));
+    TEST_EQUAL(0, mbedtls_mpi_read_binary(&u2, u2_bin->x, u2_bin->len));
+    TEST_EQUAL(0, mbedtls_ecp_point_read_binary(&grp, &P1,
+                                                P1_bin->x, P1_bin->len));
+    TEST_EQUAL(0, mbedtls_ecp_point_read_binary(&grp, &P2,
+                                                P2_bin->x, P2_bin->len));
+
+    TEST_EQUAL(0, mbedtls_ecp_muladd(&grp, &R, &u1, &P1, &u2, &P2));
+    TEST_EQUAL(0, mbedtls_ecp_point_write_binary(
+                   &grp, &R, MBEDTLS_ECP_PF_UNCOMPRESSED,
+                   &len, actual_result, sizeof(actual_result)));
+    TEST_ASSERT(len <= MBEDTLS_ECP_MAX_PT_LEN);
+
+    TEST_MEMORY_COMPARE(expected_result->x, expected_result->len,
+                        actual_result, len);
+
+exit:
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_ecp_point_free(&P1);
+    mbedtls_ecp_point_free(&P2);
+    mbedtls_ecp_point_free(&R);
+    mbedtls_mpi_free(&u1);
+    mbedtls_mpi_free(&u2);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecp_fast_mod(int id, char *N_str)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_mpi N, R;
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&R);
+    mbedtls_ecp_group_init(&grp);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&N, N_str) == 0);
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+    TEST_ASSERT(grp.modp != NULL);
+
+    /*
+     * Store correct result before we touch N
+     */
+    TEST_ASSERT(mbedtls_mpi_mod_mpi(&R, &N, &grp.P) == 0);
+
+    TEST_ASSERT(grp.modp(&N) == 0);
+    TEST_ASSERT(mbedtls_mpi_bitlen(&N) <= grp.pbits + 3);
+
+    /*
+     * Use mod rather than addition/subtraction in case previous test fails
+     */
+    TEST_ASSERT(mbedtls_mpi_mod_mpi(&N, &N, &grp.P) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&N, &R) == 0);
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&R);
+    mbedtls_ecp_group_free(&grp);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecp_write_binary(int id, char *x, char *y, char *z, int format,
+                      data_t *out, int blen, int ret)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point P;
+    unsigned char buf[256];
+    size_t olen;
+
+    memset(buf, 0, sizeof(buf));
+
+    mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&P);
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&P.X, x) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&P.Y, y) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&P.Z, z) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_point_write_binary(&grp, &P, format,
+                                               &olen, buf, blen) == ret);
+
+    if (ret == 0) {
+        TEST_ASSERT(olen <= MBEDTLS_ECP_MAX_PT_LEN);
+        TEST_ASSERT(mbedtls_test_hexcmp(buf, out->x, olen, out->len) == 0);
+    }
+
+exit:
+    mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&P);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecp_read_binary(int id, data_t *buf, char *x, char *y, char *z,
+                     int ret)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point P;
+    mbedtls_mpi X, Y, Z;
+
+
+    mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&P);
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z);
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, x) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Y, y) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Z, z) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_point_read_binary(&grp, &P, buf->x, buf->len) == ret);
+
+    if (ret == 0) {
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P.X, &X) == 0);
+        if (mbedtls_ecp_get_type(&grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) {
+            TEST_ASSERT(mbedtls_mpi_cmp_int(&Y, 0) == 0);
+            TEST_ASSERT(P.Y.p == NULL);
+            TEST_ASSERT(mbedtls_mpi_cmp_int(&Z, 1) == 0);
+            TEST_ASSERT(mbedtls_mpi_cmp_int(&P.Z, 1) == 0);
+        } else {
+            TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P.Y, &Y) == 0);
+            TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P.Z, &Z) == 0);
+        }
+    }
+
+exit:
+    mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&P);
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_ecp_tls_read_point(int id, data_t *buf, char *x, char *y,
+                                char *z, int ret)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point P;
+    mbedtls_mpi X, Y, Z;
+    const unsigned char *vbuf = buf->x;
+
+
+    mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&P);
+    mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z);
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&X, x) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Y, y) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Z, z) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_tls_read_point(&grp, &P, &vbuf, buf->len) == ret);
+
+    if (ret == 0) {
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P.X, &X) == 0);
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P.Y, &Y) == 0);
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P.Z, &Z) == 0);
+        TEST_ASSERT((uint32_t) (vbuf - buf->x) == buf->len);
+    }
+
+exit:
+    mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&P);
+    mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecp_tls_write_read_point(int id)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point pt;
+    unsigned char buf[256];
+    const unsigned char *vbuf;
+    size_t olen;
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecp_point_init(&pt);
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+
+    memset(buf, 0x00, sizeof(buf)); vbuf = buf;
+    TEST_ASSERT(mbedtls_ecp_tls_write_point(&grp, &grp.G,
+                                            MBEDTLS_ECP_PF_COMPRESSED, &olen, buf, 256) == 0);
+    TEST_ASSERT(mbedtls_ecp_tls_read_point(&grp, &pt, &vbuf, olen)
+                == MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE);
+    TEST_ASSERT(vbuf == buf + olen);
+
+    memset(buf, 0x00, sizeof(buf)); vbuf = buf;
+    TEST_ASSERT(mbedtls_ecp_tls_write_point(&grp, &grp.G,
+                                            MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, buf, 256) == 0);
+    TEST_ASSERT(mbedtls_ecp_tls_read_point(&grp, &pt, &vbuf, olen) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&grp.G.X, &pt.X) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&grp.G.Y, &pt.Y) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&grp.G.Z, &pt.Z) == 0);
+    TEST_ASSERT(vbuf == buf + olen);
+
+    memset(buf, 0x00, sizeof(buf)); vbuf = buf;
+    TEST_ASSERT(mbedtls_ecp_set_zero(&pt) == 0);
+    TEST_ASSERT(mbedtls_ecp_tls_write_point(&grp, &pt,
+                                            MBEDTLS_ECP_PF_COMPRESSED, &olen, buf, 256) == 0);
+    TEST_ASSERT(mbedtls_ecp_tls_read_point(&grp, &pt, &vbuf, olen) == 0);
+    TEST_ASSERT(mbedtls_ecp_is_zero(&pt));
+    TEST_ASSERT(vbuf == buf + olen);
+
+    memset(buf, 0x00, sizeof(buf)); vbuf = buf;
+    TEST_ASSERT(mbedtls_ecp_set_zero(&pt) == 0);
+    TEST_ASSERT(mbedtls_ecp_tls_write_point(&grp, &pt,
+                                            MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, buf, 256) == 0);
+    TEST_ASSERT(mbedtls_ecp_tls_read_point(&grp, &pt, &vbuf, olen) == 0);
+    TEST_ASSERT(mbedtls_ecp_is_zero(&pt));
+    TEST_ASSERT(vbuf == buf + olen);
+
+exit:
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_ecp_point_free(&pt);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_ecp_tls_read_group(data_t *buf, int result, int bits,
+                                int record_len)
+{
+    mbedtls_ecp_group grp;
+    const unsigned char *vbuf = buf->x;
+    int ret;
+
+    mbedtls_ecp_group_init(&grp);
+
+    ret = mbedtls_ecp_tls_read_group(&grp, &vbuf, buf->len);
+
+    TEST_ASSERT(ret == result);
+    if (ret == 0) {
+        TEST_ASSERT(mbedtls_mpi_bitlen(&grp.P) == (size_t) bits);
+        TEST_ASSERT(vbuf - buf->x ==  record_len);
+    }
+
+exit:
+    mbedtls_ecp_group_free(&grp);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecp_tls_write_read_group(int id)
+{
+    mbedtls_ecp_group grp1, grp2;
+    unsigned char buf[10];
+    const unsigned char *vbuf = buf;
+    size_t len;
+    int ret;
+
+    mbedtls_ecp_group_init(&grp1);
+    mbedtls_ecp_group_init(&grp2);
+    memset(buf, 0x00, sizeof(buf));
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp1, id) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_tls_write_group(&grp1, &len, buf, 10) == 0);
+    ret = mbedtls_ecp_tls_read_group(&grp2, &vbuf, len);
+    TEST_ASSERT(ret == 0);
+
+    if (ret == 0) {
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&grp1.N, &grp2.N) == 0);
+        TEST_ASSERT(grp1.id == grp2.id);
+    }
+
+exit:
+    mbedtls_ecp_group_free(&grp1);
+    mbedtls_ecp_group_free(&grp2);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ECDH_C:MBEDTLS_ECDSA_C */
+void mbedtls_ecp_group_metadata(int id, int bit_size, int crv_type,
+                                char *P, char *A, char *B,
+                                char *G_x, char *G_y, char *N,
+                                int tls_id)
+{
+    mbedtls_ecp_group grp, grp_read, grp_cpy;
+    const mbedtls_ecp_group_id *g_id;
+    mbedtls_ecp_group_id read_g_id;
+    const mbedtls_ecp_curve_info *crv, *crv_tls_id, *crv_name;
+
+    mbedtls_mpi exp_P, exp_A, exp_B, exp_G_x, exp_G_y, exp_N;
+
+    unsigned char buf[3], ecparameters[3] = { 3, 0, tls_id };
+    const unsigned char *vbuf = buf;
+    size_t olen;
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecp_group_init(&grp_read);
+    mbedtls_ecp_group_init(&grp_cpy);
+
+    mbedtls_mpi_init(&exp_P);
+    mbedtls_mpi_init(&exp_A);
+    mbedtls_mpi_init(&exp_B);
+    mbedtls_mpi_init(&exp_G_x);
+    mbedtls_mpi_init(&exp_G_y);
+    mbedtls_mpi_init(&exp_N);
+
+    // Read expected parameters
+    TEST_EQUAL(mbedtls_test_read_mpi(&exp_P, P), 0);
+    TEST_EQUAL(mbedtls_test_read_mpi(&exp_A, A), 0);
+    TEST_EQUAL(mbedtls_test_read_mpi(&exp_G_x, G_x), 0);
+    TEST_EQUAL(mbedtls_test_read_mpi(&exp_N, N), 0);
+    TEST_EQUAL(mbedtls_test_read_mpi(&exp_B, B), 0);
+    TEST_EQUAL(mbedtls_test_read_mpi(&exp_G_y, G_y), 0);
+
+    // Convert exp_A to internal representation (A+2)/4
+    if (crv_type == MBEDTLS_ECP_TYPE_MONTGOMERY) {
+        TEST_EQUAL(mbedtls_mpi_add_int(&exp_A, &exp_A, 2), 0);
+        TEST_EQUAL(mbedtls_mpi_div_int(&exp_A, NULL, &exp_A, 4), 0);
+    }
+
+    // Load group
+    TEST_EQUAL(mbedtls_ecp_group_load(&grp, id), 0);
+
+    // Compare group with expected parameters
+    // A is NULL for SECPxxxR1 curves
+    // B and G_y are NULL for curve25519 and curve448
+    TEST_EQUAL(mbedtls_mpi_cmp_mpi(&exp_P, &grp.P), 0);
+    if (*A != 0) {
+        TEST_EQUAL(mbedtls_mpi_cmp_mpi(&exp_A, &grp.A), 0);
+    }
+    if (*B != 0) {
+        TEST_EQUAL(mbedtls_mpi_cmp_mpi(&exp_B, &grp.B), 0);
+    }
+    TEST_EQUAL(mbedtls_mpi_cmp_mpi(&exp_G_x, &grp.G.X), 0);
+    if (*G_y != 0) {
+        TEST_EQUAL(mbedtls_mpi_cmp_mpi(&exp_G_y, &grp.G.Y), 0);
+    }
+    TEST_EQUAL(mbedtls_mpi_cmp_mpi(&exp_N, &grp.N), 0);
+
+    // Load curve info and compare with known values
+    crv = mbedtls_ecp_curve_info_from_grp_id(id);
+    TEST_EQUAL(crv->grp_id, id);
+    TEST_EQUAL(crv->bit_size, bit_size);
+    TEST_EQUAL(crv->tls_id, tls_id);
+
+    // Load curve from TLS ID and name, and compare IDs
+    crv_tls_id = mbedtls_ecp_curve_info_from_tls_id(crv->tls_id);
+    crv_name = mbedtls_ecp_curve_info_from_name(crv->name);
+    TEST_EQUAL(crv_tls_id->grp_id, id);
+    TEST_EQUAL(crv_name->grp_id, id);
+
+    // Validate write_group against test data
+    TEST_EQUAL(mbedtls_ecp_tls_write_group(&grp, &olen,
+                                           buf, sizeof(buf)),
+               0);
+    TEST_EQUAL(mbedtls_test_hexcmp(buf, ecparameters, olen,
+                                   sizeof(ecparameters)),
+               0);
+
+    // Read group from buffer and compare with expected ID
+    TEST_EQUAL(mbedtls_ecp_tls_read_group_id(&read_g_id, &vbuf, olen),
+               0);
+    TEST_EQUAL(read_g_id, id);
+    vbuf = buf;
+    TEST_EQUAL(mbedtls_ecp_tls_read_group(&grp_read, &vbuf, olen),
+               0);
+    TEST_EQUAL(grp_read.id, id);
+
+    // Check curve type, and if it can be used for ECDH/ECDSA
+    TEST_EQUAL(mbedtls_ecp_get_type(&grp), crv_type);
+    TEST_EQUAL(mbedtls_ecdh_can_do(id), 1);
+    TEST_EQUAL(mbedtls_ecdsa_can_do(id),
+               crv_type == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS);
+
+    // Copy group and compare with original
+    TEST_EQUAL(mbedtls_ecp_group_copy(&grp_cpy, &grp), 0);
+    TEST_ASSERT(grp_cpy.T == NULL);
+    TEST_ASSERT(grp_cpy.T_size == 0);
+    TEST_EQUAL(mbedtls_ecp_group_cmp(&grp, &grp_cpy), 0);
+
+    // Check curve is in curve list and group ID list
+    for (crv = mbedtls_ecp_curve_list();
+         crv->grp_id != MBEDTLS_ECP_DP_NONE &&
+         crv->grp_id != (unsigned) id;
+         crv++) {
+        ;
+    }
+    TEST_EQUAL(crv->grp_id, id);
+    for (g_id = mbedtls_ecp_grp_id_list();
+         *g_id != MBEDTLS_ECP_DP_NONE && *g_id != (unsigned) id;
+         g_id++) {
+        ;
+    }
+    TEST_EQUAL(*g_id, (unsigned) id);
+
+exit:
+    mbedtls_ecp_group_free(&grp); mbedtls_ecp_group_free(&grp_cpy);
+    mbedtls_ecp_group_free(&grp_read);
+    mbedtls_mpi_free(&exp_P); mbedtls_mpi_free(&exp_A);
+    mbedtls_mpi_free(&exp_B); mbedtls_mpi_free(&exp_G_x);
+    mbedtls_mpi_free(&exp_G_y); mbedtls_mpi_free(&exp_N);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_ecp_check_privkey(int id, char *key_hex, int ret)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_mpi d;
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_mpi_init(&d);
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&d, key_hex) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_check_privkey(&grp, &d) == ret);
+
+exit:
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_mpi_free(&d);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_ecp_check_pub_priv(int id_pub, char *Qx_pub, char *Qy_pub,
+                                int id, char *d, char *Qx, char *Qy,
+                                int ret)
+{
+    mbedtls_ecp_keypair pub, prv;
+
+    mbedtls_ecp_keypair_init(&pub);
+    mbedtls_ecp_keypair_init(&prv);
+
+    if (id_pub != MBEDTLS_ECP_DP_NONE) {
+        TEST_ASSERT(mbedtls_ecp_group_load(&pub.grp, id_pub) == 0);
+    }
+    TEST_ASSERT(mbedtls_ecp_point_read_string(&pub.Q, 16, Qx_pub, Qy_pub) == 0);
+
+    if (id != MBEDTLS_ECP_DP_NONE) {
+        TEST_ASSERT(mbedtls_ecp_group_load(&prv.grp, id) == 0);
+    }
+    TEST_ASSERT(mbedtls_ecp_point_read_string(&prv.Q, 16, Qx, Qy) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&prv.d, d) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_check_pub_priv(&pub, &prv) == ret);
+
+exit:
+    mbedtls_ecp_keypair_free(&pub);
+    mbedtls_ecp_keypair_free(&prv);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_ecp_gen_keypair(int id)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point Q;
+    mbedtls_mpi d;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecp_point_init(&Q);
+    mbedtls_mpi_init(&d);
+    memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info));
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_gen_keypair(&grp, &d, &Q,
+                                        &mbedtls_test_rnd_pseudo_rand,
+                                        &rnd_info) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &Q) == 0);
+    TEST_ASSERT(mbedtls_ecp_check_privkey(&grp, &d) == 0);
+
+exit:
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_ecp_point_free(&Q);
+    mbedtls_mpi_free(&d);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_ecp_gen_key(int id)
+{
+    mbedtls_ecp_keypair key;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+
+    mbedtls_ecp_keypair_init(&key);
+    memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info));
+
+    TEST_ASSERT(mbedtls_ecp_gen_key(id, &key,
+                                    &mbedtls_test_rnd_pseudo_rand,
+                                    &rnd_info) == 0);
+
+    TEST_ASSERT(mbedtls_ecp_check_pubkey(&key.grp, &key.Q) == 0);
+    TEST_ASSERT(mbedtls_ecp_check_privkey(&key.grp, &key.d) == 0);
+
+exit:
+    mbedtls_ecp_keypair_free(&key);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_ecp_read_key(int grp_id, data_t *in_key, int expected, int canonical)
+{
+    int ret = 0;
+    mbedtls_ecp_keypair key;
+    mbedtls_ecp_keypair key2;
+
+    mbedtls_ecp_keypair_init(&key);
+    mbedtls_ecp_keypair_init(&key2);
+
+    ret = mbedtls_ecp_read_key(grp_id, &key, in_key->x, in_key->len);
+    TEST_ASSERT(ret == expected);
+
+    if (expected == 0) {
+        ret = mbedtls_ecp_check_privkey(&key.grp, &key.d);
+        TEST_ASSERT(ret == 0);
+
+        if (canonical) {
+            unsigned char buf[MBEDTLS_ECP_MAX_BYTES];
+
+            ret = mbedtls_ecp_write_key(&key, buf, in_key->len);
+            TEST_ASSERT(ret == 0);
+
+            TEST_MEMORY_COMPARE(in_key->x, in_key->len,
+                                buf, in_key->len);
+        } else {
+            unsigned char export1[MBEDTLS_ECP_MAX_BYTES];
+            unsigned char export2[MBEDTLS_ECP_MAX_BYTES];
+
+            ret = mbedtls_ecp_write_key(&key, export1, in_key->len);
+            TEST_ASSERT(ret == 0);
+
+            ret = mbedtls_ecp_read_key(grp_id, &key2, export1, in_key->len);
+            TEST_ASSERT(ret == expected);
+
+            ret = mbedtls_ecp_write_key(&key2, export2, in_key->len);
+            TEST_ASSERT(ret == 0);
+
+            TEST_MEMORY_COMPARE(export1, in_key->len,
+                                export2, in_key->len);
+        }
+    }
+
+exit:
+    mbedtls_ecp_keypair_free(&key);
+    mbedtls_ecp_keypair_free(&key2);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:HAVE_FIX_NEGATIVE */
+void fix_negative(data_t *N_bin, int c, int bits)
+{
+    mbedtls_mpi C, M, N;
+
+    mbedtls_mpi_init(&C);
+    mbedtls_mpi_init(&M);
+    mbedtls_mpi_init(&N);
+
+    /* C = - c * 2^bits (positive since c is negative) */
+    TEST_EQUAL(0, mbedtls_mpi_lset(&C, -c));
+    TEST_EQUAL(0, mbedtls_mpi_shift_l(&C, bits));
+
+    TEST_EQUAL(0, mbedtls_mpi_read_binary(&N, N_bin->x, N_bin->len));
+    TEST_EQUAL(0, mbedtls_mpi_grow(&N, C.n));
+
+    /* M = N - C = - ( C - N ) (expected result of fix_negative) */
+    TEST_EQUAL(0, mbedtls_mpi_sub_mpi(&M, &N, &C));
+
+    mbedtls_ecp_fix_negative(&N, c, bits);
+
+    TEST_EQUAL(0, mbedtls_mpi_cmp_mpi(&N, &M));
+
+exit:
+    mbedtls_mpi_free(&C);
+    mbedtls_mpi_free(&M);
+    mbedtls_mpi_free(&N);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_MONTGOMERY_ENABLED */
+void genkey_mx_known_answer(int bits, data_t *seed, data_t *expected)
+{
+    mbedtls_test_rnd_buf_info rnd_info;
+    mbedtls_mpi d;
+    int ret;
+    uint8_t *actual = NULL;
+
+    mbedtls_mpi_init(&d);
+    rnd_info.buf = seed->x;
+    rnd_info.length = seed->len;
+    rnd_info.fallback_f_rng = NULL;
+    rnd_info.fallback_p_rng = NULL;
+
+    TEST_CALLOC(actual, expected->len);
+
+    ret = mbedtls_ecp_gen_privkey_mx(bits, &d,
+                                     mbedtls_test_rnd_buffer_rand, &rnd_info);
+
+    if (expected->len == 0) {
+        /* Expecting an error (happens if there isn't enough randomness) */
+        TEST_ASSERT(ret != 0);
+    } else {
+        TEST_EQUAL(ret, 0);
+        TEST_EQUAL((size_t) bits + 1, mbedtls_mpi_bitlen(&d));
+        TEST_EQUAL(0, mbedtls_mpi_write_binary(&d, actual, expected->len));
+        /* Test the exact result. This assumes that the output of the
+         * RNG is used in a specific way, which is overly constraining.
+         * The advantage is that it's easier to test the expected properties
+         * of the generated key:
+         * - The most significant bit must be at a specific positions
+         *   (can be enforced by checking the bit-length).
+         * - The least significant bits must have specific values
+         *   (can be enforced by checking these bits).
+         * - Other bits must be random (by testing with different RNG outputs,
+         *   we validate that those bits are indeed influenced by the RNG). */
+        TEST_MEMORY_COMPARE(expected->x, expected->len,
+                            actual, expected->len);
+    }
+
+exit:
+    mbedtls_free(actual);
+    mbedtls_mpi_free(&d);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecp_set_zero(int id, data_t *P_bin)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point pt, zero_pt, nonzero_pt;
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecp_point_init(&pt);
+    mbedtls_ecp_point_init(&zero_pt);
+    mbedtls_ecp_point_init(&nonzero_pt);
+
+    // Set zero and non-zero points for comparison
+    TEST_EQUAL(mbedtls_ecp_set_zero(&zero_pt), 0);
+    TEST_EQUAL(mbedtls_ecp_group_load(&grp, id), 0);
+    TEST_EQUAL(mbedtls_ecp_point_read_binary(&grp, &nonzero_pt,
+                                             P_bin->x, P_bin->len), 0);
+    TEST_EQUAL(mbedtls_ecp_is_zero(&zero_pt), 1);
+    TEST_EQUAL(mbedtls_ecp_is_zero(&nonzero_pt), 0);
+
+    // Test initialized point
+    TEST_EQUAL(mbedtls_ecp_set_zero(&pt), 0);
+    TEST_EQUAL(mbedtls_ecp_is_zero(&pt), 1);
+    TEST_EQUAL(mbedtls_ecp_point_cmp(&zero_pt, &pt), 0);
+    TEST_EQUAL(mbedtls_ecp_point_cmp(&nonzero_pt, &zero_pt),
+               MBEDTLS_ERR_ECP_BAD_INPUT_DATA);
+
+    // Test zeroed point
+    TEST_EQUAL(mbedtls_ecp_set_zero(&pt), 0);
+    TEST_EQUAL(mbedtls_ecp_is_zero(&pt), 1);
+    TEST_EQUAL(mbedtls_ecp_point_cmp(&zero_pt, &pt), 0);
+    TEST_EQUAL(mbedtls_ecp_point_cmp(&nonzero_pt, &pt),
+               MBEDTLS_ERR_ECP_BAD_INPUT_DATA);
+
+    // Set point to non-zero value
+    TEST_EQUAL(mbedtls_ecp_point_read_binary(&grp, &pt,
+                                             P_bin->x, P_bin->len), 0);
+    TEST_EQUAL(mbedtls_ecp_is_zero(&pt), 0);
+    TEST_EQUAL(mbedtls_ecp_point_cmp(&zero_pt, &pt),
+               MBEDTLS_ERR_ECP_BAD_INPUT_DATA);
+    TEST_EQUAL(mbedtls_ecp_point_cmp(&nonzero_pt, &pt), 0);
+
+    // Test non-zero point
+    TEST_EQUAL(mbedtls_ecp_set_zero(&pt), 0);
+    TEST_EQUAL(mbedtls_ecp_is_zero(&pt), 1);
+    TEST_EQUAL(mbedtls_ecp_point_cmp(&zero_pt, &pt), 0);
+    TEST_EQUAL(mbedtls_ecp_point_cmp(&nonzero_pt, &pt),
+               MBEDTLS_ERR_ECP_BAD_INPUT_DATA);
+
+    // Test freed non-zero point
+    TEST_EQUAL(mbedtls_ecp_point_read_binary(&grp, &pt,
+                                             P_bin->x, P_bin->len), 0);
+    mbedtls_ecp_point_free(&pt);
+    TEST_EQUAL(mbedtls_ecp_set_zero(&pt), 0);
+    TEST_EQUAL(mbedtls_ecp_is_zero(&pt), 1);
+    TEST_EQUAL(mbedtls_ecp_point_cmp(&zero_pt, &pt), 0);
+    TEST_EQUAL(mbedtls_ecp_point_cmp(&nonzero_pt, &pt),
+               MBEDTLS_ERR_ECP_BAD_INPUT_DATA);
+
+exit:
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_ecp_point_free(&pt);
+    mbedtls_ecp_point_free(&zero_pt);
+    mbedtls_ecp_point_free(&nonzero_pt);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void ecp_selftest()
+{
+    TEST_ASSERT(mbedtls_ecp_self_test(1) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecp_check_order(int id, char *expected_order_hex)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_mpi expected_n;
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_mpi_init(&expected_n);
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&expected_n, expected_order_hex) == 0);
+
+    // check sign bits are well-formed (i.e. 1 or -1) - see #5810
+    TEST_ASSERT(grp.N.s == -1 || grp.N.s == 1);
+    TEST_ASSERT(expected_n.s == -1 || expected_n.s == 1);
+
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&grp.N, &expected_n) == 0);
+
+exit:
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_mpi_free(&expected_n);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_entropy.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_entropy.data
similarity index 93%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_entropy.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_entropy.data
index b2d20b4..95bfe66 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_entropy.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_entropy.data
@@ -1,3 +1,9 @@
+Entropy init-free-free
+entropy_init_free:0
+
+Entropy init-free-init-free
+entropy_init_free:1
+
 Create NV seed_file
 nv_seed_file_create:
 
@@ -7,6 +13,9 @@ entropy_seed_file:"data_files/entropy_seed":0
 Entropy write/update seed file: nonexistent
 entropy_seed_file:"no_such_dir/file":MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR
 
+Entropy write/update seed file: base NV seed file
+entropy_write_base_seed_file:0
+
 Entropy no sources
 entropy_no_sources:
 
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_entropy.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_entropy.function
new file mode 100644
index 0000000..5d8487c
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_entropy.function
@@ -0,0 +1,534 @@
+/* BEGIN_HEADER */
+#include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
+#include "mbedtls/md.h"
+#include "string.h"
+
+typedef enum {
+    DUMMY_CONSTANT_LENGTH, /* Output context->length bytes */
+    DUMMY_REQUESTED_LENGTH, /* Output whatever length was requested */
+    DUMMY_FAIL, /* Return an error code */
+} entropy_dummy_instruction;
+
+typedef struct {
+    entropy_dummy_instruction instruction;
+    size_t length; /* Length to return for DUMMY_CONSTANT_LENGTH */
+    size_t calls; /* Incremented at each call */
+} entropy_dummy_context;
+
+/*
+ * Dummy entropy source
+ *
+ * If data is NULL, write exactly the requested length.
+ * Otherwise, write the length indicated by data or error if negative
+ */
+static int entropy_dummy_source(void *arg, unsigned char *output,
+                                size_t len, size_t *olen)
+{
+    entropy_dummy_context *context = arg;
+    ++context->calls;
+
+    switch (context->instruction) {
+        case DUMMY_CONSTANT_LENGTH:
+            *olen = context->length;
+            break;
+        case DUMMY_REQUESTED_LENGTH:
+            *olen = len;
+            break;
+        case DUMMY_FAIL:
+            return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+    }
+
+    memset(output, 0x2a, *olen);
+    return 0;
+}
+
+/*
+ * Ability to clear entropy sources to allow testing with just predefined
+ * entropy sources. This function or tests depending on it might break if there
+ * are internal changes to how entropy sources are registered.
+ *
+ * To be called immediately after mbedtls_entropy_init().
+ *
+ * Just resetting the counter. New sources will overwrite existing ones.
+ * This might break memory checks in the future if sources need 'free-ing' then
+ * as well.
+ */
+static void entropy_clear_sources(mbedtls_entropy_context *ctx)
+{
+    ctx->source_count = 0;
+}
+
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+/*
+ * NV seed read/write functions that use a buffer instead of a file
+ */
+static unsigned char buffer_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
+
+int buffer_nv_seed_read(unsigned char *buf, size_t buf_len)
+{
+    if (buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE) {
+        return -1;
+    }
+
+    memcpy(buf, buffer_seed, MBEDTLS_ENTROPY_BLOCK_SIZE);
+    return 0;
+}
+
+int buffer_nv_seed_write(unsigned char *buf, size_t buf_len)
+{
+    if (buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE) {
+        return -1;
+    }
+
+    memcpy(buffer_seed, buf, MBEDTLS_ENTROPY_BLOCK_SIZE);
+    return 0;
+}
+
+/*
+ * NV seed read/write helpers that fill the base seedfile
+ */
+static int write_nv_seed(unsigned char *buf, size_t buf_len)
+{
+    FILE *f;
+
+    if (buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE) {
+        return -1;
+    }
+
+    if ((f = fopen(MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "w")) == NULL) {
+        return -1;
+    }
+
+    if (fwrite(buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f) !=
+        MBEDTLS_ENTROPY_BLOCK_SIZE) {
+        return -1;
+    }
+
+    fclose(f);
+
+    return 0;
+}
+
+int read_nv_seed(unsigned char *buf, size_t buf_len)
+{
+    FILE *f;
+
+    if (buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE) {
+        return -1;
+    }
+
+    if ((f = fopen(MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "rb")) == NULL) {
+        return -1;
+    }
+
+    if (fread(buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f) !=
+        MBEDTLS_ENTROPY_BLOCK_SIZE) {
+        return -1;
+    }
+
+    fclose(f);
+
+    return 0;
+}
+#endif /* MBEDTLS_ENTROPY_NV_SEED */
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_PSA_INJECT_ENTROPY
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void entropy_init_free(int reinit)
+{
+    mbedtls_entropy_context ctx;
+
+    /* Double free is not explicitly documented to work, but it is convenient
+     * to call mbedtls_entropy_free() unconditionally on an error path without
+     * checking whether it has already been called in the success path. */
+
+    mbedtls_entropy_init(&ctx);
+    mbedtls_entropy_free(&ctx);
+
+    if (reinit) {
+        mbedtls_entropy_init(&ctx);
+    }
+    mbedtls_entropy_free(&ctx);
+
+    /* This test case always succeeds, functionally speaking. A plausible
+     * bug might trigger an invalid pointer dereference or a memory leak. */
+    goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */
+void entropy_seed_file(char *path, int ret)
+{
+    mbedtls_entropy_context ctx;
+
+    mbedtls_entropy_init(&ctx);
+
+    TEST_ASSERT(mbedtls_entropy_write_seed_file(&ctx, path) == ret);
+    TEST_ASSERT(mbedtls_entropy_update_seed_file(&ctx, path) == ret);
+
+exit:
+    mbedtls_entropy_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */
+void entropy_write_base_seed_file(int ret)
+{
+    mbedtls_entropy_context ctx;
+
+    mbedtls_entropy_init(&ctx);
+
+    TEST_ASSERT(mbedtls_entropy_write_seed_file(&ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE) == ret);
+    TEST_ASSERT(mbedtls_entropy_update_seed_file(&ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE) == ret);
+
+exit:
+    mbedtls_entropy_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void entropy_no_sources()
+{
+    mbedtls_entropy_context ctx;
+    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
+
+    mbedtls_entropy_init(&ctx);
+    entropy_clear_sources(&ctx);
+    TEST_EQUAL(mbedtls_entropy_func(&ctx, buf, sizeof(buf)),
+               MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED);
+
+exit:
+    mbedtls_entropy_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void entropy_too_many_sources()
+{
+    mbedtls_entropy_context ctx;
+    size_t i;
+    entropy_dummy_context dummy = { DUMMY_REQUESTED_LENGTH, 0, 0 };
+
+    mbedtls_entropy_init(&ctx);
+
+    /*
+     * It's hard to tell precisely when the error will occur,
+     * since we don't know how many sources were automatically added.
+     */
+    for (i = 0; i < MBEDTLS_ENTROPY_MAX_SOURCES; i++) {
+        (void) mbedtls_entropy_add_source(&ctx, entropy_dummy_source, &dummy,
+                                          16, MBEDTLS_ENTROPY_SOURCE_WEAK);
+    }
+
+    TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source, &dummy,
+                                           16, MBEDTLS_ENTROPY_SOURCE_WEAK)
+                == MBEDTLS_ERR_ENTROPY_MAX_SOURCES);
+
+exit:
+    mbedtls_entropy_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:ENTROPY_HAVE_STRONG */
+void entropy_func_len(int len, int ret)
+{
+    mbedtls_entropy_context ctx;
+    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE + 10] = { 0 };
+    unsigned char acc[MBEDTLS_ENTROPY_BLOCK_SIZE + 10] = { 0 };
+    size_t i, j;
+
+    mbedtls_entropy_init(&ctx);
+
+    /*
+     * See comments in mbedtls_entropy_self_test()
+     */
+    for (i = 0; i < 8; i++) {
+        TEST_ASSERT(mbedtls_entropy_func(&ctx, buf, len) == ret);
+        for (j = 0; j < sizeof(buf); j++) {
+            acc[j] |= buf[j];
+        }
+    }
+
+    if (ret == 0) {
+        for (j = 0; j < (size_t) len; j++) {
+            TEST_ASSERT(acc[j] != 0);
+        }
+    }
+
+    for (j = len; j < sizeof(buf); j++) {
+        TEST_ASSERT(acc[j] == 0);
+    }
+
+exit:
+    mbedtls_entropy_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void entropy_source_fail(char *path)
+{
+    mbedtls_entropy_context ctx;
+    unsigned char buf[16];
+    entropy_dummy_context dummy = { DUMMY_FAIL, 0, 0 };
+
+    mbedtls_entropy_init(&ctx);
+
+    TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source,
+                                           &dummy, 16,
+                                           MBEDTLS_ENTROPY_SOURCE_WEAK)
+                == 0);
+
+    TEST_ASSERT(mbedtls_entropy_func(&ctx, buf, sizeof(buf))
+                == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED);
+    TEST_ASSERT(mbedtls_entropy_gather(&ctx)
+                == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED);
+#if defined(MBEDTLS_FS_IO) && defined(MBEDTLS_ENTROPY_NV_SEED)
+    TEST_ASSERT(mbedtls_entropy_write_seed_file(&ctx, path)
+                == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED);
+    TEST_ASSERT(mbedtls_entropy_update_seed_file(&ctx, path)
+                == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED);
+#else
+    ((void) path);
+#endif
+
+exit:
+    mbedtls_entropy_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void entropy_threshold(int threshold, int chunk_size, int result)
+{
+    mbedtls_entropy_context ctx;
+    entropy_dummy_context strong =
+    { DUMMY_CONSTANT_LENGTH, MBEDTLS_ENTROPY_BLOCK_SIZE, 0 };
+    entropy_dummy_context weak = { DUMMY_CONSTANT_LENGTH, chunk_size, 0 };
+    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
+    int ret;
+
+    mbedtls_entropy_init(&ctx);
+    entropy_clear_sources(&ctx);
+
+    /* Set strong source that reaches its threshold immediately and
+     * a weak source whose threshold is a test parameter. */
+    TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source,
+                                           &strong, 1,
+                                           MBEDTLS_ENTROPY_SOURCE_STRONG) == 0);
+    TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source,
+                                           &weak, threshold,
+                                           MBEDTLS_ENTROPY_SOURCE_WEAK) == 0);
+
+    ret = mbedtls_entropy_func(&ctx, buf, sizeof(buf));
+
+    if (result >= 0) {
+        TEST_ASSERT(ret == 0);
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+        /* If the NV seed functionality is enabled, there are two entropy
+         * updates: before and after updating the NV seed. */
+        result *= 2;
+#endif
+        TEST_ASSERT(weak.calls == (size_t) result);
+    } else {
+        TEST_ASSERT(ret == result);
+    }
+
+exit:
+    mbedtls_entropy_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void entropy_calls(int strength1, int strength2,
+                   int threshold, int chunk_size,
+                   int result)
+{
+    /*
+     * if result >= 0: result = expected number of calls to source 1
+     * if result < 0: result = expected return code from mbedtls_entropy_func()
+     */
+
+    mbedtls_entropy_context ctx;
+    entropy_dummy_context dummy1 = { DUMMY_CONSTANT_LENGTH, chunk_size, 0 };
+    entropy_dummy_context dummy2 = { DUMMY_CONSTANT_LENGTH, chunk_size, 0 };
+    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
+    int ret;
+
+    mbedtls_entropy_init(&ctx);
+    entropy_clear_sources(&ctx);
+
+    TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source,
+                                           &dummy1, threshold,
+                                           strength1) == 0);
+    TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source,
+                                           &dummy2, threshold,
+                                           strength2) == 0);
+
+    ret = mbedtls_entropy_func(&ctx, buf, sizeof(buf));
+
+    if (result >= 0) {
+        TEST_ASSERT(ret == 0);
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+        /* If the NV seed functionality is enabled, there are two entropy
+         * updates: before and after updating the NV seed. */
+        result *= 2;
+#endif
+        TEST_ASSERT(dummy1.calls == (size_t) result);
+    } else {
+        TEST_ASSERT(ret == result);
+    }
+
+exit:
+    mbedtls_entropy_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */
+void nv_seed_file_create()
+{
+    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
+
+    memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE);
+
+    TEST_ASSERT(write_nv_seed(buf, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO:MBEDTLS_PLATFORM_NV_SEED_ALT */
+void entropy_nv_seed_std_io()
+{
+    unsigned char io_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
+    unsigned char check_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
+
+    memset(io_seed, 1, MBEDTLS_ENTROPY_BLOCK_SIZE);
+    memset(check_seed, 0, MBEDTLS_ENTROPY_BLOCK_SIZE);
+
+    mbedtls_platform_set_nv_seed(mbedtls_platform_std_nv_seed_read,
+                                 mbedtls_platform_std_nv_seed_write);
+
+    /* Check if platform NV read and write manipulate the same data */
+    TEST_ASSERT(write_nv_seed(io_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0);
+    TEST_ASSERT(mbedtls_nv_seed_read(check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) ==
+                MBEDTLS_ENTROPY_BLOCK_SIZE);
+
+    TEST_ASSERT(memcmp(io_seed, check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0);
+
+    memset(check_seed, 0, MBEDTLS_ENTROPY_BLOCK_SIZE);
+
+    /* Check if platform NV write and raw read manipulate the same data */
+    TEST_ASSERT(mbedtls_nv_seed_write(io_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) ==
+                MBEDTLS_ENTROPY_BLOCK_SIZE);
+    TEST_ASSERT(read_nv_seed(check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0);
+
+    TEST_ASSERT(memcmp(io_seed, check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_MD_C:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PLATFORM_NV_SEED_ALT */
+void entropy_nv_seed(data_t *read_seed)
+{
+#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
+    const mbedtls_md_info_t *md_info =
+        mbedtls_md_info_from_type(MBEDTLS_MD_SHA512);
+#elif defined(MBEDTLS_ENTROPY_SHA256_ACCUMULATOR)
+    const mbedtls_md_info_t *md_info =
+        mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
+#else
+#error "Unsupported entropy accumulator"
+#endif
+    mbedtls_md_context_t accumulator;
+    mbedtls_entropy_context ctx;
+    int (*original_mbedtls_nv_seed_read)(unsigned char *buf, size_t buf_len) =
+        mbedtls_nv_seed_read;
+    int (*original_mbedtls_nv_seed_write)(unsigned char *buf, size_t buf_len) =
+        mbedtls_nv_seed_write;
+
+    unsigned char header[2];
+    unsigned char entropy[MBEDTLS_ENTROPY_BLOCK_SIZE];
+    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
+    unsigned char empty[MBEDTLS_ENTROPY_BLOCK_SIZE];
+    unsigned char check_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
+    unsigned char check_entropy[MBEDTLS_ENTROPY_BLOCK_SIZE];
+
+    memset(entropy, 0, MBEDTLS_ENTROPY_BLOCK_SIZE);
+    memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE);
+    memset(empty, 0, MBEDTLS_ENTROPY_BLOCK_SIZE);
+    memset(check_seed, 2, MBEDTLS_ENTROPY_BLOCK_SIZE);
+    memset(check_entropy, 3, MBEDTLS_ENTROPY_BLOCK_SIZE);
+
+    // Make sure we read/write NV seed from our buffers
+    mbedtls_platform_set_nv_seed(buffer_nv_seed_read, buffer_nv_seed_write);
+
+    mbedtls_md_init(&accumulator);
+    mbedtls_entropy_init(&ctx);
+    entropy_clear_sources(&ctx);
+
+    TEST_ASSERT(mbedtls_entropy_add_source(&ctx, mbedtls_nv_seed_poll, NULL,
+                                           MBEDTLS_ENTROPY_BLOCK_SIZE,
+                                           MBEDTLS_ENTROPY_SOURCE_STRONG) == 0);
+
+    // Set the initial NV seed to read
+    TEST_ASSERT(read_seed->len >= MBEDTLS_ENTROPY_BLOCK_SIZE);
+    memcpy(buffer_seed, read_seed->x, MBEDTLS_ENTROPY_BLOCK_SIZE);
+
+    // Do an entropy run
+    TEST_ASSERT(mbedtls_entropy_func(&ctx, entropy, sizeof(entropy)) == 0);
+    // Determine what should have happened with manual entropy internal logic
+
+    // Init accumulator
+    header[1] = MBEDTLS_ENTROPY_BLOCK_SIZE;
+    TEST_ASSERT(mbedtls_md_setup(&accumulator, md_info, 0) == 0);
+
+    // First run for updating write_seed
+    header[0] = 0;
+    TEST_ASSERT(mbedtls_md_starts(&accumulator) == 0);
+    TEST_ASSERT(mbedtls_md_update(&accumulator, header, 2) == 0);
+    TEST_ASSERT(mbedtls_md_update(&accumulator,
+                                  read_seed->x, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0);
+    TEST_ASSERT(mbedtls_md_finish(&accumulator, buf) == 0);
+
+    TEST_ASSERT(mbedtls_md_starts(&accumulator) == 0);
+    TEST_ASSERT(mbedtls_md_update(&accumulator,
+                                  buf, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0);
+
+    TEST_ASSERT(mbedtls_md(md_info, buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
+                           check_seed) == 0);
+
+    // Second run for actual entropy (triggers mbedtls_entropy_update_nv_seed)
+    header[0] = MBEDTLS_ENTROPY_SOURCE_MANUAL;
+    TEST_ASSERT(mbedtls_md_update(&accumulator, header, 2) == 0);
+    TEST_ASSERT(mbedtls_md_update(&accumulator,
+                                  empty, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0);
+
+    header[0] = 0;
+    TEST_ASSERT(mbedtls_md_update(&accumulator, header, 2) == 0);
+    TEST_ASSERT(mbedtls_md_update(&accumulator,
+                                  check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0);
+    TEST_ASSERT(mbedtls_md_finish(&accumulator, buf) == 0);
+
+    TEST_ASSERT(mbedtls_md(md_info, buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
+                           check_entropy) == 0);
+
+    // Check result of both NV file and entropy received with the manual calculations
+    TEST_ASSERT(memcmp(check_seed, buffer_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0);
+    TEST_ASSERT(memcmp(check_entropy, entropy, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0);
+
+exit:
+    mbedtls_md_free(&accumulator);
+    mbedtls_entropy_free(&ctx);
+    mbedtls_nv_seed_read = original_mbedtls_nv_seed_read;
+    mbedtls_nv_seed_write = original_mbedtls_nv_seed_write;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:ENTROPY_HAVE_STRONG:MBEDTLS_SELF_TEST */
+void entropy_selftest(int result)
+{
+    TEST_ASSERT(mbedtls_entropy_self_test(1) == result);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_error.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_error.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_error.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_error.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_error.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_error.function
new file mode 100644
index 0000000..4c38ab0
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_error.function
@@ -0,0 +1,21 @@
+/* BEGIN_HEADER */
+#include "mbedtls/error.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_ERROR_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void error_strerror(int code, char *result_str)
+{
+    char buf[500];
+
+    memset(buf, 0, sizeof(buf));
+
+    mbedtls_strerror(code, buf, 500);
+
+    TEST_ASSERT(strcmp(buf, result_str) == 0);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_gcm.aes128_de.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_gcm.aes128_de.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_gcm.aes128_de.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_gcm.aes128_de.data
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_gcm.aes128_en.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_gcm.aes128_en.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_gcm.aes128_en.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_gcm.aes128_en.data
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_gcm.aes192_de.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_gcm.aes192_de.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_gcm.aes192_de.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_gcm.aes192_de.data
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_gcm.aes192_en.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_gcm.aes192_en.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_gcm.aes192_en.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_gcm.aes192_en.data
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_gcm.aes256_de.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_gcm.aes256_de.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_gcm.aes256_de.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_gcm.aes256_de.data
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_gcm.aes256_en.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_gcm.aes256_en.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_gcm.aes256_en.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_gcm.aes256_en.data
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_gcm.camellia.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_gcm.camellia.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_gcm.camellia.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_gcm.camellia.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_gcm.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_gcm.function
new file mode 100644
index 0000000..b0c7bbc
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_gcm.function
@@ -0,0 +1,291 @@
+/* BEGIN_HEADER */
+#include "mbedtls/gcm.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_GCM_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void gcm_bad_parameters(int cipher_id, int direction,
+                        data_t *key_str, data_t *src_str,
+                        data_t *iv_str, data_t *add_str,
+                        int tag_len_bits, int gcm_result)
+{
+    unsigned char output[128];
+    unsigned char tag_output[16];
+    mbedtls_gcm_context ctx;
+    size_t tag_len = tag_len_bits / 8;
+
+    mbedtls_gcm_init(&ctx);
+
+    memset(output, 0x00, sizeof(output));
+    memset(tag_output, 0x00, sizeof(tag_output));
+
+    TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == 0);
+    TEST_ASSERT(mbedtls_gcm_crypt_and_tag(&ctx, direction, src_str->len, iv_str->x, iv_str->len,
+                                          add_str->x, add_str->len, src_str->x, output, tag_len,
+                                          tag_output) == gcm_result);
+
+exit:
+    mbedtls_gcm_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void gcm_encrypt_and_tag(int cipher_id, data_t *key_str,
+                         data_t *src_str, data_t *iv_str,
+                         data_t *add_str, data_t *dst,
+                         int tag_len_bits, data_t *tag,
+                         int init_result)
+{
+    unsigned char output[128];
+    unsigned char tag_output[16];
+    mbedtls_gcm_context ctx;
+    size_t tag_len = tag_len_bits / 8;
+
+    mbedtls_gcm_init(&ctx);
+
+    memset(output, 0x00, 128);
+    memset(tag_output, 0x00, 16);
+
+
+    TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == init_result);
+    if (init_result == 0) {
+        TEST_ASSERT(mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_GCM_ENCRYPT, src_str->len, iv_str->x,
+                                              iv_str->len, add_str->x, add_str->len, src_str->x,
+                                              output, tag_len, tag_output) == 0);
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x,
+                                        src_str->len, dst->len) == 0);
+        TEST_ASSERT(mbedtls_test_hexcmp(tag_output, tag->x,
+                                        tag_len, tag->len) == 0);
+    }
+
+exit:
+    mbedtls_gcm_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void gcm_decrypt_and_verify(int cipher_id, data_t *key_str,
+                            data_t *src_str, data_t *iv_str,
+                            data_t *add_str, int tag_len_bits,
+                            data_t *tag_str, char *result,
+                            data_t *pt_result, int init_result)
+{
+    unsigned char output[128];
+    mbedtls_gcm_context ctx;
+    int ret;
+    size_t tag_len = tag_len_bits / 8;
+
+    mbedtls_gcm_init(&ctx);
+
+    memset(output, 0x00, 128);
+
+
+    TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == init_result);
+    if (init_result == 0) {
+        ret = mbedtls_gcm_auth_decrypt(&ctx,
+                                       src_str->len,
+                                       iv_str->x,
+                                       iv_str->len,
+                                       add_str->x,
+                                       add_str->len,
+                                       tag_str->x,
+                                       tag_len,
+                                       src_str->x,
+                                       output);
+
+        if (strcmp("FAIL", result) == 0) {
+            TEST_ASSERT(ret == MBEDTLS_ERR_GCM_AUTH_FAILED);
+        } else {
+            TEST_ASSERT(ret == 0);
+
+            TEST_ASSERT(mbedtls_test_hexcmp(output, pt_result->x,
+                                            src_str->len,
+                                            pt_result->len) == 0);
+        }
+    }
+
+exit:
+    mbedtls_gcm_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void gcm_invalid_param()
+{
+    mbedtls_gcm_context ctx;
+    unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 };
+    mbedtls_cipher_id_t valid_cipher = MBEDTLS_CIPHER_ID_AES;
+    int valid_mode = MBEDTLS_GCM_ENCRYPT;
+    int valid_len = sizeof(valid_buffer);
+    int valid_bitlen = 128, invalid_bitlen = 1;
+
+    mbedtls_gcm_init(&ctx);
+
+    /* mbedtls_gcm_init() */
+    TEST_INVALID_PARAM(mbedtls_gcm_init(NULL));
+
+    /* mbedtls_gcm_setkey */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_setkey(NULL, valid_cipher, valid_buffer, valid_bitlen));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_setkey(&ctx, valid_cipher, NULL, valid_bitlen));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_setkey(&ctx, valid_cipher, valid_buffer, invalid_bitlen));
+
+    /* mbedtls_gcm_crypt_and_tag() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_crypt_and_tag(NULL, valid_mode, valid_len,
+                                  valid_buffer, valid_len,
+                                  valid_buffer, valid_len,
+                                  valid_buffer, valid_buffer,
+                                  valid_len, valid_buffer));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_crypt_and_tag(&ctx, valid_mode, valid_len,
+                                  NULL, valid_len,
+                                  valid_buffer, valid_len,
+                                  valid_buffer, valid_buffer,
+                                  valid_len, valid_buffer));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_crypt_and_tag(&ctx, valid_mode, valid_len,
+                                  valid_buffer, valid_len,
+                                  NULL, valid_len,
+                                  valid_buffer, valid_buffer,
+                                  valid_len, valid_buffer));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_crypt_and_tag(&ctx, valid_mode, valid_len,
+                                  valid_buffer, valid_len,
+                                  valid_buffer, valid_len,
+                                  NULL, valid_buffer,
+                                  valid_len, valid_buffer));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_crypt_and_tag(&ctx, valid_mode, valid_len,
+                                  valid_buffer, valid_len,
+                                  valid_buffer, valid_len,
+                                  valid_buffer, NULL,
+                                  valid_len, valid_buffer));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_crypt_and_tag(&ctx, valid_mode, valid_len,
+                                  valid_buffer, valid_len,
+                                  valid_buffer, valid_len,
+                                  valid_buffer, valid_buffer,
+                                  valid_len, NULL));
+
+    /* mbedtls_gcm_auth_decrypt() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_auth_decrypt(NULL, valid_len,
+                                 valid_buffer, valid_len,
+                                 valid_buffer, valid_len,
+                                 valid_buffer, valid_len,
+                                 valid_buffer, valid_buffer));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_auth_decrypt(&ctx, valid_len,
+                                 NULL, valid_len,
+                                 valid_buffer, valid_len,
+                                 valid_buffer, valid_len,
+                                 valid_buffer, valid_buffer));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_auth_decrypt(&ctx, valid_len,
+                                 valid_buffer, valid_len,
+                                 NULL, valid_len,
+                                 valid_buffer, valid_len,
+                                 valid_buffer, valid_buffer));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_auth_decrypt(&ctx, valid_len,
+                                 valid_buffer, valid_len,
+                                 valid_buffer, valid_len,
+                                 NULL, valid_len,
+                                 valid_buffer, valid_buffer));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_auth_decrypt(&ctx, valid_len,
+                                 valid_buffer, valid_len,
+                                 valid_buffer, valid_len,
+                                 valid_buffer, valid_len,
+                                 NULL, valid_buffer));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_auth_decrypt(&ctx, valid_len,
+                                 valid_buffer, valid_len,
+                                 valid_buffer, valid_len,
+                                 valid_buffer, valid_len,
+                                 valid_buffer, NULL));
+
+    /* mbedtls_gcm_starts() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_starts(NULL, valid_mode,
+                           valid_buffer, valid_len,
+                           valid_buffer, valid_len));
+
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_starts(&ctx, valid_mode,
+                           NULL, valid_len,
+                           valid_buffer, valid_len));
+
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_starts(&ctx, valid_mode,
+                           valid_buffer, valid_len,
+                           NULL, valid_len));
+
+    /* mbedtls_gcm_update() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_update(NULL, valid_len,
+                           valid_buffer, valid_buffer));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_update(&ctx, valid_len,
+                           NULL, valid_buffer));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_update(&ctx, valid_len,
+                           valid_buffer, NULL));
+
+    /* mbedtls_gcm_finish() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_finish(NULL, valid_buffer, valid_len));
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_GCM_BAD_INPUT,
+        mbedtls_gcm_finish(&ctx, NULL, valid_len));
+
+exit:
+    mbedtls_gcm_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void gcm_valid_param()
+{
+    TEST_VALID_PARAM(mbedtls_gcm_free(NULL));
+exit:
+    return;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */
+void gcm_selftest()
+{
+    TEST_ASSERT(mbedtls_gcm_self_test(1) == 0);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_gcm.misc.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_gcm.misc.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_gcm.misc.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_gcm.misc.data
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_hkdf.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_hkdf.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_hkdf.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_hkdf.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_hkdf.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_hkdf.function
new file mode 100644
index 0000000..f307a7d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_hkdf.function
@@ -0,0 +1,161 @@
+/* BEGIN_HEADER */
+#include "mbedtls/hkdf.h"
+#include "mbedtls/md_internal.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_HKDF_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void test_hkdf(int md_alg, data_t *ikm, data_t *salt, data_t *info,
+               data_t *expected_okm)
+{
+    int ret;
+    unsigned char okm[128] = { '\0' };
+
+    const mbedtls_md_info_t *md = mbedtls_md_info_from_type(md_alg);
+    TEST_ASSERT(md != NULL);
+
+    TEST_ASSERT(expected_okm->len <= sizeof(okm));
+
+    ret = mbedtls_hkdf(md, salt->x, salt->len, ikm->x, ikm->len,
+                       info->x, info->len, okm, expected_okm->len);
+    TEST_ASSERT(ret == 0);
+
+    TEST_MEMORY_COMPARE(okm, expected_okm->len,
+                        expected_okm->x, expected_okm->len);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void test_hkdf_extract(int md_alg, char *hex_ikm_string,
+                       char *hex_salt_string, char *hex_prk_string)
+{
+    int ret;
+    unsigned char *ikm = NULL;
+    unsigned char *salt = NULL;
+    unsigned char *prk = NULL;
+    unsigned char *output_prk = NULL;
+    size_t ikm_len, salt_len, prk_len, output_prk_len;
+
+    const mbedtls_md_info_t *md = mbedtls_md_info_from_type(md_alg);
+    TEST_ASSERT(md != NULL);
+
+    output_prk_len = mbedtls_md_get_size(md);
+    output_prk = mbedtls_calloc(1, output_prk_len);
+
+    ikm = mbedtls_test_unhexify_alloc(hex_ikm_string, &ikm_len);
+    salt = mbedtls_test_unhexify_alloc(hex_salt_string, &salt_len);
+    prk = mbedtls_test_unhexify_alloc(hex_prk_string, &prk_len);
+
+    ret = mbedtls_hkdf_extract(md, salt, salt_len, ikm, ikm_len, output_prk);
+    TEST_ASSERT(ret == 0);
+
+    TEST_MEMORY_COMPARE(output_prk, output_prk_len, prk, prk_len);
+
+exit:
+    mbedtls_free(ikm);
+    mbedtls_free(salt);
+    mbedtls_free(prk);
+    mbedtls_free(output_prk);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void test_hkdf_expand(int md_alg, char *hex_info_string,
+                      char *hex_prk_string, char *hex_okm_string)
+{
+    enum { OKM_LEN  = 1024 };
+    int ret;
+    unsigned char *info = NULL;
+    unsigned char *prk = NULL;
+    unsigned char *okm = NULL;
+    unsigned char *output_okm = NULL;
+    size_t info_len, prk_len, okm_len;
+
+    const mbedtls_md_info_t *md = mbedtls_md_info_from_type(md_alg);
+    TEST_ASSERT(md != NULL);
+
+    output_okm = mbedtls_calloc(OKM_LEN, 1);
+
+    prk = mbedtls_test_unhexify_alloc(hex_prk_string, &prk_len);
+    info = mbedtls_test_unhexify_alloc(hex_info_string, &info_len);
+    okm = mbedtls_test_unhexify_alloc(hex_okm_string, &okm_len);
+    TEST_ASSERT(prk_len == mbedtls_md_get_size(md));
+    TEST_ASSERT(okm_len < OKM_LEN);
+
+    ret = mbedtls_hkdf_expand(md, prk, prk_len, info, info_len,
+                              output_okm, OKM_LEN);
+    TEST_ASSERT(ret == 0);
+    TEST_MEMORY_COMPARE(output_okm, okm_len, okm, okm_len);
+
+exit:
+    mbedtls_free(info);
+    mbedtls_free(prk);
+    mbedtls_free(okm);
+    mbedtls_free(output_okm);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void test_hkdf_extract_ret(int hash_len, int ret)
+{
+    int output_ret;
+    unsigned char *salt = NULL;
+    unsigned char *ikm = NULL;
+    unsigned char *prk = NULL;
+    size_t salt_len, ikm_len;
+    struct mbedtls_md_info_t fake_md_info;
+
+    memset(&fake_md_info, 0, sizeof(fake_md_info));
+    fake_md_info.type = MBEDTLS_MD_NONE;
+    fake_md_info.size = hash_len;
+
+    prk = mbedtls_calloc(MBEDTLS_MD_MAX_SIZE, 1);
+    salt_len = 0;
+    ikm_len = 0;
+
+    output_ret = mbedtls_hkdf_extract(&fake_md_info, salt, salt_len,
+                                      ikm, ikm_len, prk);
+    TEST_ASSERT(output_ret == ret);
+
+exit:
+    mbedtls_free(prk);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void test_hkdf_expand_ret(int hash_len, int prk_len, int okm_len, int ret)
+{
+    int output_ret;
+    unsigned char *info = NULL;
+    unsigned char *prk = NULL;
+    unsigned char *okm = NULL;
+    size_t info_len;
+    struct mbedtls_md_info_t fake_md_info;
+
+    memset(&fake_md_info, 0, sizeof(fake_md_info));
+    fake_md_info.type = MBEDTLS_MD_NONE;
+    fake_md_info.size = hash_len;
+
+    info_len = 0;
+
+    if (prk_len > 0) {
+        prk = mbedtls_calloc(prk_len, 1);
+    }
+
+    if (okm_len > 0) {
+        okm = mbedtls_calloc(okm_len, 1);
+    }
+
+    output_ret = mbedtls_hkdf_expand(&fake_md_info, prk, prk_len,
+                                     info, info_len, okm, okm_len);
+    TEST_ASSERT(output_ret == ret);
+
+exit:
+    mbedtls_free(prk);
+    mbedtls_free(okm);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_hmac_drbg.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_hmac_drbg.function
new file mode 100644
index 0000000..830155a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_hmac_drbg.function
@@ -0,0 +1,295 @@
+/* BEGIN_HEADER */
+#include "mbedtls/hmac_drbg.h"
+#include "string.h"
+
+typedef struct {
+    unsigned char *p;
+    size_t len;
+} entropy_ctx;
+
+static int mbedtls_test_entropy_func(void *data, unsigned char *buf, size_t len)
+{
+    entropy_ctx *ctx = (entropy_ctx *) data;
+
+    if (len > ctx->len) {
+        return -1;
+    }
+
+    memcpy(buf, ctx->p, len);
+
+    ctx->p += len;
+    ctx->len -= len;
+
+    return 0;
+}
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_HMAC_DRBG_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void hmac_drbg_entropy_usage(int md_alg)
+{
+    unsigned char out[16];
+    unsigned char buf[1024];
+    const mbedtls_md_info_t *md_info;
+    mbedtls_hmac_drbg_context ctx;
+    entropy_ctx entropy;
+    size_t i, reps = 10;
+    size_t default_entropy_len;
+    size_t expected_consumed_entropy = 0;
+
+    mbedtls_hmac_drbg_init(&ctx);
+    memset(buf, 0, sizeof(buf));
+    memset(out, 0, sizeof(out));
+
+    entropy.len = sizeof(buf);
+    entropy.p = buf;
+
+    md_info = mbedtls_md_info_from_type(md_alg);
+    TEST_ASSERT(md_info != NULL);
+    if (mbedtls_md_get_size(md_info) <= 20) {
+        default_entropy_len = 16;
+    } else if (mbedtls_md_get_size(md_info) <= 28) {
+        default_entropy_len = 24;
+    } else {
+        default_entropy_len = 32;
+    }
+
+    /* Set reseed interval before seed */
+    mbedtls_hmac_drbg_set_reseed_interval(&ctx, 2 * reps);
+
+    /* Init must use entropy */
+    TEST_ASSERT(mbedtls_hmac_drbg_seed(&ctx, md_info, mbedtls_test_entropy_func, &entropy,
+                                       NULL, 0) == 0);
+    /* default_entropy_len of entropy, plus half as much for the nonce */
+    expected_consumed_entropy += default_entropy_len * 3 / 2;
+    TEST_EQUAL(sizeof(buf)  - entropy.len, expected_consumed_entropy);
+
+    /* By default, PR is off, and reseed interval was set to
+     * 2 * reps so the next few calls should not use entropy */
+    for (i = 0; i < reps; i++) {
+        TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out) - 4) == 0);
+        TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, out, sizeof(out) - 4,
+                                                      buf, 16) == 0);
+    }
+    TEST_EQUAL(sizeof(buf)  - entropy.len, expected_consumed_entropy);
+
+    /* While at it, make sure we didn't write past the requested length */
+    TEST_ASSERT(out[sizeof(out) - 4] == 0);
+    TEST_ASSERT(out[sizeof(out) - 3] == 0);
+    TEST_ASSERT(out[sizeof(out) - 2] == 0);
+    TEST_ASSERT(out[sizeof(out) - 1] == 0);
+
+    /* There have been 2 * reps calls to random. The next call should reseed */
+    TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out)) == 0);
+    expected_consumed_entropy += default_entropy_len;
+    TEST_EQUAL(sizeof(buf)  - entropy.len, expected_consumed_entropy);
+
+    /* Set reseed interval after seed */
+    mbedtls_hmac_drbg_set_reseed_interval(&ctx, 4 * reps + 1);
+
+    /* The new few calls should not reseed */
+    for (i = 0; i < (2 * reps); i++) {
+        TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out)) == 0);
+        TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, out, sizeof(out),
+                                                      buf, 16) == 0);
+    }
+    TEST_EQUAL(sizeof(buf)  - entropy.len, expected_consumed_entropy);
+
+    /* Now enable PR, so the next few calls should all reseed */
+    mbedtls_hmac_drbg_set_prediction_resistance(&ctx, MBEDTLS_HMAC_DRBG_PR_ON);
+    TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out)) == 0);
+    expected_consumed_entropy += default_entropy_len;
+    TEST_EQUAL(sizeof(buf)  - entropy.len, expected_consumed_entropy);
+
+    /* Finally, check setting entropy_len */
+    mbedtls_hmac_drbg_set_entropy_len(&ctx, 42);
+    TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out)) == 0);
+    expected_consumed_entropy += 42;
+    TEST_EQUAL(sizeof(buf)  - entropy.len, expected_consumed_entropy);
+
+    mbedtls_hmac_drbg_set_entropy_len(&ctx, 13);
+    TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out)) == 0);
+    expected_consumed_entropy += 13;
+    TEST_EQUAL(sizeof(buf)  - entropy.len, expected_consumed_entropy);
+
+exit:
+    mbedtls_hmac_drbg_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
+void hmac_drbg_seed_file(int md_alg, char *path, int ret)
+{
+    const mbedtls_md_info_t *md_info;
+    mbedtls_hmac_drbg_context ctx;
+
+    mbedtls_hmac_drbg_init(&ctx);
+
+    md_info = mbedtls_md_info_from_type(md_alg);
+    TEST_ASSERT(md_info != NULL);
+
+    TEST_ASSERT(mbedtls_hmac_drbg_seed(&ctx, md_info,
+                                       mbedtls_test_rnd_std_rand, NULL,
+                                       NULL, 0) == 0);
+
+    TEST_ASSERT(mbedtls_hmac_drbg_write_seed_file(&ctx, path) == ret);
+    TEST_ASSERT(mbedtls_hmac_drbg_update_seed_file(&ctx, path) == ret);
+
+exit:
+    mbedtls_hmac_drbg_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hmac_drbg_buf(int md_alg)
+{
+    unsigned char out[16];
+    unsigned char buf[100];
+    const mbedtls_md_info_t *md_info;
+    mbedtls_hmac_drbg_context ctx;
+    size_t i;
+
+    mbedtls_hmac_drbg_init(&ctx);
+    memset(buf, 0, sizeof(buf));
+    memset(out, 0, sizeof(out));
+
+    md_info = mbedtls_md_info_from_type(md_alg);
+    TEST_ASSERT(md_info != NULL);
+    TEST_ASSERT(mbedtls_hmac_drbg_seed_buf(&ctx, md_info, buf, sizeof(buf)) == 0);
+
+    /* Make sure it never tries to reseed (would segfault otherwise) */
+    mbedtls_hmac_drbg_set_reseed_interval(&ctx, 3);
+    mbedtls_hmac_drbg_set_prediction_resistance(&ctx, MBEDTLS_HMAC_DRBG_PR_ON);
+
+    for (i = 0; i < 30; i++) {
+        TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out)) == 0);
+    }
+
+exit:
+    mbedtls_hmac_drbg_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hmac_drbg_no_reseed(int md_alg, data_t *entropy,
+                         data_t *custom, data_t *add1,
+                         data_t *add2, data_t *output)
+{
+    unsigned char data[1024];
+    unsigned char my_output[512];
+    entropy_ctx p_entropy;
+    const mbedtls_md_info_t *md_info;
+    mbedtls_hmac_drbg_context ctx;
+
+    mbedtls_hmac_drbg_init(&ctx);
+
+    p_entropy.p = entropy->x;
+    p_entropy.len = entropy->len;
+
+    md_info = mbedtls_md_info_from_type(md_alg);
+    TEST_ASSERT(md_info != NULL);
+
+    /* Test the simplified buffer-based variant */
+    memcpy(data, entropy->x, p_entropy.len);
+    memcpy(data + p_entropy.len, custom->x, custom->len);
+    TEST_ASSERT(mbedtls_hmac_drbg_seed_buf(&ctx, md_info,
+                                           data, p_entropy.len + custom->len) == 0);
+    TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len,
+                                                  add1->x, add1->len) == 0);
+    TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len,
+                                                  add2->x, add2->len) == 0);
+
+    /* Reset context for second run */
+    mbedtls_hmac_drbg_free(&ctx);
+
+    TEST_ASSERT(memcmp(my_output, output->x, output->len) == 0);
+
+    /* And now the normal entropy-based variant */
+    TEST_ASSERT(mbedtls_hmac_drbg_seed(&ctx, md_info, mbedtls_test_entropy_func, &p_entropy,
+                                       custom->x, custom->len) == 0);
+    TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len,
+                                                  add1->x, add1->len) == 0);
+    TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len,
+                                                  add2->x, add2->len) == 0);
+    TEST_ASSERT(memcmp(my_output, output->x, output->len) == 0);
+
+exit:
+    mbedtls_hmac_drbg_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hmac_drbg_nopr(int md_alg, data_t *entropy, data_t *custom,
+                    data_t *add1, data_t *add2, data_t *add3,
+                    data_t *output)
+{
+    unsigned char my_output[512];
+    entropy_ctx p_entropy;
+    const mbedtls_md_info_t *md_info;
+    mbedtls_hmac_drbg_context ctx;
+
+    mbedtls_hmac_drbg_init(&ctx);
+
+    p_entropy.p = entropy->x;
+    p_entropy.len = entropy->len;
+
+    md_info = mbedtls_md_info_from_type(md_alg);
+    TEST_ASSERT(md_info != NULL);
+
+    TEST_ASSERT(mbedtls_hmac_drbg_seed(&ctx, md_info, mbedtls_test_entropy_func, &p_entropy,
+                                       custom->x, custom->len) == 0);
+    TEST_ASSERT(mbedtls_hmac_drbg_reseed(&ctx, add1->x, add1->len) == 0);
+    TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len,
+                                                  add2->x, add2->len) == 0);
+    TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len,
+                                                  add3->x, add3->len) == 0);
+
+    TEST_ASSERT(memcmp(my_output, output->x, output->len) == 0);
+
+exit:
+    mbedtls_hmac_drbg_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hmac_drbg_pr(int md_alg, data_t *entropy, data_t *custom,
+                  data_t *add1, data_t *add2, data_t *output)
+{
+    unsigned char my_output[512];
+    entropy_ctx p_entropy;
+    const mbedtls_md_info_t *md_info;
+    mbedtls_hmac_drbg_context ctx;
+
+    mbedtls_hmac_drbg_init(&ctx);
+
+    p_entropy.p = entropy->x;
+    p_entropy.len = entropy->len;
+
+    md_info = mbedtls_md_info_from_type(md_alg);
+    TEST_ASSERT(md_info != NULL);
+
+    TEST_ASSERT(mbedtls_hmac_drbg_seed(&ctx, md_info, mbedtls_test_entropy_func, &p_entropy,
+                                       custom->x, custom->len) == 0);
+    mbedtls_hmac_drbg_set_prediction_resistance(&ctx, MBEDTLS_HMAC_DRBG_PR_ON);
+    TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len,
+                                                  add1->x, add1->len) == 0);
+    TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len,
+                                                  add2->x, add2->len) == 0);
+
+    TEST_ASSERT(memcmp(my_output, output->x, output->len) == 0);
+
+exit:
+    mbedtls_hmac_drbg_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void hmac_drbg_selftest()
+{
+    TEST_ASSERT(mbedtls_hmac_drbg_self_test(1) == 0);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_hmac_drbg.misc.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_hmac_drbg.misc.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_hmac_drbg.misc.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_hmac_drbg.misc.data
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_hmac_drbg.no_reseed.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_hmac_drbg.no_reseed.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_hmac_drbg.no_reseed.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_hmac_drbg.no_reseed.data
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_hmac_drbg.nopr.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_hmac_drbg.nopr.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_hmac_drbg.nopr.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_hmac_drbg.nopr.data
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_hmac_drbg.pr.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_hmac_drbg.pr.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_hmac_drbg.pr.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_hmac_drbg.pr.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_md.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_md.data
new file mode 100644
index 0000000..1bd31e6
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_md.data
@@ -0,0 +1,1226 @@
+# Tests of the generic message digest interface
+MD process
+mbedtls_md_process:
+
+MD NULL/uninitialised arguments
+md_null_args:
+
+Information on MD2
+depends_on:MBEDTLS_MD2_C
+md_info:MBEDTLS_MD_MD2:"MD2":16
+
+Information on MD4
+depends_on:MBEDTLS_MD4_C
+md_info:MBEDTLS_MD_MD4:"MD4":16
+
+Information on MD5
+depends_on:MBEDTLS_MD5_C
+md_info:MBEDTLS_MD_MD5:"MD5":16
+
+Information on RIPEMD160
+depends_on:MBEDTLS_RIPEMD160_C
+md_info:MBEDTLS_MD_RIPEMD160:"RIPEMD160":20
+
+Information on SHA1
+depends_on:MBEDTLS_SHA1_C
+md_info:MBEDTLS_MD_SHA1:"SHA1":20
+
+Information on SHA224
+depends_on:MBEDTLS_SHA256_C
+md_info:MBEDTLS_MD_SHA224:"SHA224":28
+
+Information on SHA256
+depends_on:MBEDTLS_SHA256_C
+md_info:MBEDTLS_MD_SHA256:"SHA256":32
+
+Information on SHA384
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_info:MBEDTLS_MD_SHA384:"SHA384":48
+
+Information on SHA512
+depends_on:MBEDTLS_SHA512_C
+md_info:MBEDTLS_MD_SHA512:"SHA512":64
+
+generic mbedtls_md2 Test vector RFC1319 #1
+depends_on:MBEDTLS_MD2_C
+md_text:MBEDTLS_MD_MD2:"":"8350e5a3e24c153df2275c9f80692773"
+
+generic mbedtls_md2 Test vector RFC1319 #2
+depends_on:MBEDTLS_MD2_C
+md_text:MBEDTLS_MD_MD2:"a":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
+
+generic mbedtls_md2 Test vector RFC1319 #3
+depends_on:MBEDTLS_MD2_C
+md_text:MBEDTLS_MD_MD2:"abc":"da853b0d3f88d99b30283a69e6ded6bb"
+
+generic mbedtls_md2 Test vector RFC1319 #4
+depends_on:MBEDTLS_MD2_C
+md_text:MBEDTLS_MD_MD2:"message digest":"ab4f496bfb2a530b219ff33031fe06b0"
+
+generic mbedtls_md2 Test vector RFC1319 #5
+depends_on:MBEDTLS_MD2_C
+md_text:MBEDTLS_MD_MD2:"abcdefghijklmnopqrstuvwxyz":"4e8ddff3650292ab5a4108c3aa47940b"
+
+generic mbedtls_md2 Test vector RFC1319 #6
+depends_on:MBEDTLS_MD2_C
+md_text:MBEDTLS_MD_MD2:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"da33def2a42df13975352846c30338cd"
+
+generic mbedtls_md2 Test vector RFC1319 #7
+depends_on:MBEDTLS_MD2_C
+md_text:MBEDTLS_MD_MD2:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"d5976f79d83d3a0dc9806c3c66f3efd8"
+
+generic mbedtls_md4 Test vector RFC1320 #1
+depends_on:MBEDTLS_MD4_C
+md_text:MBEDTLS_MD_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
+
+generic mbedtls_md4 Test vector RFC1320 #2
+depends_on:MBEDTLS_MD4_C
+md_text:MBEDTLS_MD_MD4:"a":"bde52cb31de33e46245e05fbdbd6fb24"
+
+generic mbedtls_md4 Test vector RFC1320 #3
+depends_on:MBEDTLS_MD4_C
+md_text:MBEDTLS_MD_MD4:"abc":"a448017aaf21d8525fc10ae87aa6729d"
+
+generic mbedtls_md4 Test vector RFC1320 #4
+depends_on:MBEDTLS_MD4_C
+md_text:MBEDTLS_MD_MD4:"message digest":"d9130a8164549fe818874806e1c7014b"
+
+generic mbedtls_md4 Test vector RFC1320 #5
+depends_on:MBEDTLS_MD4_C
+md_text:MBEDTLS_MD_MD4:"abcdefghijklmnopqrstuvwxyz":"d79e1c308aa5bbcdeea8ed63df412da9"
+
+generic mbedtls_md4 Test vector RFC1320 #6
+depends_on:MBEDTLS_MD4_C
+md_text:MBEDTLS_MD_MD4:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"043f8582f241db351ce627e153e7f0e4"
+
+generic mbedtls_md4 Test vector RFC1320 #7
+depends_on:MBEDTLS_MD4_C
+md_text:MBEDTLS_MD_MD4:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"e33b4ddc9c38f2199c3e7b164fcc0536"
+
+generic mbedtls_md5 Test vector RFC1321 #1
+depends_on:MBEDTLS_MD5_C
+md_text:MBEDTLS_MD_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
+
+generic mbedtls_md5 Test vector RFC1321 #2
+depends_on:MBEDTLS_MD5_C
+md_text:MBEDTLS_MD_MD5:"a":"0cc175b9c0f1b6a831c399e269772661"
+
+generic mbedtls_md5 Test vector RFC1321 #3
+depends_on:MBEDTLS_MD5_C
+md_text:MBEDTLS_MD_MD5:"abc":"900150983cd24fb0d6963f7d28e17f72"
+
+generic mbedtls_md5 Test vector RFC1321 #4
+depends_on:MBEDTLS_MD5_C
+md_text:MBEDTLS_MD_MD5:"message digest":"f96b697d7cb7938d525a2f31aaf161d0"
+
+generic mbedtls_md5 Test vector RFC1321 #5
+depends_on:MBEDTLS_MD5_C
+md_text:MBEDTLS_MD_MD5:"abcdefghijklmnopqrstuvwxyz":"c3fcd3d76192e4007dfb496cca67e13b"
+
+generic mbedtls_md5 Test vector RFC1321 #6
+depends_on:MBEDTLS_MD5_C
+md_text:MBEDTLS_MD_MD5:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"d174ab98d277d9f5a5611c2c9f419d9f"
+
+generic mbedtls_md5 Test vector RFC1321 #7
+depends_on:MBEDTLS_MD5_C
+md_text:MBEDTLS_MD_MD5:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"57edf4a22be3c955ac49da2e2107b67a"
+
+generic mbedtls_ripemd160 Test vector from paper #1
+depends_on:MBEDTLS_RIPEMD160_C
+md_text:MBEDTLS_MD_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
+
+generic mbedtls_ripemd160 Test vector from paper #2
+depends_on:MBEDTLS_RIPEMD160_C
+md_text:MBEDTLS_MD_RIPEMD160:"a":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe"
+
+generic mbedtls_ripemd160 Test vector from paper #3
+depends_on:MBEDTLS_RIPEMD160_C
+md_text:MBEDTLS_MD_RIPEMD160:"abc":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
+
+generic mbedtls_ripemd160 Test vector from paper #4
+depends_on:MBEDTLS_RIPEMD160_C
+md_text:MBEDTLS_MD_RIPEMD160:"message digest":"5d0689ef49d2fae572b881b123a85ffa21595f36"
+
+generic mbedtls_ripemd160 Test vector from paper #5
+depends_on:MBEDTLS_RIPEMD160_C
+md_text:MBEDTLS_MD_RIPEMD160:"abcdefghijklmnopqrstuvwxyz":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc"
+
+generic mbedtls_ripemd160 Test vector from paper #6
+depends_on:MBEDTLS_RIPEMD160_C
+md_text:MBEDTLS_MD_RIPEMD160:"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq":"12a053384a9c0c88e405a06c27dcf49ada62eb2b"
+
+generic mbedtls_ripemd160 Test vector from paper #7
+depends_on:MBEDTLS_RIPEMD160_C
+md_text:MBEDTLS_MD_RIPEMD160:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"b0e20b6e3116640286ed3a87a5713079b21f5189"
+
+generic mbedtls_ripemd160 Test vector from paper #8
+depends_on:MBEDTLS_RIPEMD160_C
+md_text:MBEDTLS_MD_RIPEMD160:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
+
+generic HMAC-MD2 Hash File OpenSSL test #1
+depends_on:MBEDTLS_MD2_C
+mbedtls_md_hmac:MBEDTLS_MD_MD2:16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d5732582f494f5ddf35efd166c85af9c"
+
+generic HMAC-MD2 Hash File OpenSSL test #2
+depends_on:MBEDTLS_MD2_C
+mbedtls_md_hmac:MBEDTLS_MD_MD2:16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"54ab68503f7d1b5c7741340dff2722a9"
+
+generic HMAC-MD2 Hash File OpenSSL test #3
+depends_on:MBEDTLS_MD2_C
+mbedtls_md_hmac:MBEDTLS_MD_MD2:16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d850e5f554558cf0fe79a0612e1d0365"
+
+generic HMAC-MD4 Hash File OpenSSL test #1
+depends_on:MBEDTLS_MD4_C
+mbedtls_md_hmac:MBEDTLS_MD_MD4:16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"eabd0fbefb82fb0063a25a6d7b8bdc0f"
+
+generic HMAC-MD4 Hash File OpenSSL test #2
+depends_on:MBEDTLS_MD4_C
+mbedtls_md_hmac:MBEDTLS_MD_MD4:16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"cec3c5e421a7b783aa89cacf78daf6dc"
+
+generic HMAC-MD4 Hash File OpenSSL test #3
+depends_on:MBEDTLS_MD4_C
+mbedtls_md_hmac:MBEDTLS_MD_MD4:16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"ad5f0a04116109b397b57f9cc9b6df4b"
+
+generic HMAC-MD5 Hash File OpenSSL test #1
+depends_on:MBEDTLS_MD5_C
+mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"42552882f00bd4633ea81135a184b284"
+
+generic HMAC-MD5 Hash File OpenSSL test #2
+depends_on:MBEDTLS_MD5_C
+mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"a16a842891786d01fe50ba7731db7464"
+
+generic HMAC-MD5 Hash File OpenSSL test #3
+depends_on:MBEDTLS_MD5_C
+mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"e97f623936f98a7f741c4bd0612fecc2"
+
+HMAC-MD2 Bouncy Castle test #1
+depends_on:MBEDTLS_MD2_C
+mbedtls_md_hmac:MBEDTLS_MD_MD2:16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"dc1923ef5f161d35bef839ca8c807808"
+
+HMAC-MD4 Bouncy Castle test #1
+depends_on:MBEDTLS_MD4_C
+mbedtls_md_hmac:MBEDTLS_MD_MD4:16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"5570ce964ba8c11756cdc3970278ff5a"
+
+HMAC-MD5 Bouncy Castle test #1
+depends_on:MBEDTLS_MD5_C
+mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"5ccec34ea9656392457fa1ac27f08fbc"
+
+generic HMAC-MD5 Test Vector RFC2202 #1
+depends_on:MBEDTLS_MD5_C
+mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"9294727a3638bb1c13f48ef8158bfc9d"
+
+generic HMAC-MD5 Test Vector RFC2202 #2
+depends_on:MBEDTLS_MD5_C
+mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"750c783e6ab0b503eaa86e310a5db738"
+
+generic HMAC-MD5 Test Vector RFC2202 #3
+depends_on:MBEDTLS_MD5_C
+mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"56be34521d144c88dbb8c733f0e8b3f6"
+
+generic HMAC-MD5 Test Vector RFC2202 #4
+depends_on:MBEDTLS_MD5_C
+mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"697eaf0aca3a3aea3a75164746ffaa79"
+
+generic HMAC-MD5 Test Vector RFC2202 #5
+depends_on:MBEDTLS_MD5_C
+mbedtls_md_hmac:MBEDTLS_MD_MD5:12:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"56461ef2342edc00f9bab995"
+
+generic HMAC-MD5 Test Vector RFC2202 #6
+depends_on:MBEDTLS_MD5_C
+mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd"
+
+generic HMAC-MD5 Test Vector RFC2202 #7
+depends_on:MBEDTLS_MD5_C
+mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"6f630fad67cda0ee1fb1f562db3aa53e"
+
+generic HMAC-RIPEMD160 Test vector RFC 2286 #1
+depends_on:MBEDTLS_RIPEMD160_C
+mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"24cb4bd67d20fc1a5d2ed7732dcc39377f0a5668"
+
+generic HMAC-RIPEMD160 Test vector RFC 2286 #2
+depends_on:MBEDTLS_RIPEMD160_C
+mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"dda6c0213a485a9e24f4742064a7f033b43c4069"
+
+generic HMAC-RIPEMD160 Test vector RFC 2286 #3
+depends_on:MBEDTLS_RIPEMD160_C
+mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"b0b105360de759960ab4f35298e116e295d8e7c1"
+
+generic HMAC-RIPEMD160 Test vector RFC 2286 #4
+depends_on:MBEDTLS_RIPEMD160_C
+mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"d5ca862f4d21d5e610e18b4cf1beb97a4365ecf4"
+
+generic HMAC-RIPEMD160 Test vector RFC 2286 #5
+depends_on:MBEDTLS_RIPEMD160_C
+mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"7619693978f91d90539ae786500ff3d8e0518e39"
+
+generic HMAC-RIPEMD160 Test vector RFC 2286 #6
+depends_on:MBEDTLS_RIPEMD160_C
+mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6466ca07ac5eac29e1bd523e5ada7605b791fd8b"
+
+generic HMAC-RIPEMD160 Test vector RFC 2286 #7
+depends_on:MBEDTLS_RIPEMD160_C
+mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"69ea60798d71616cce5fd0871e23754cd75d5a0a"
+
+generic multi step mbedtls_md2 Test vector RFC1319 #1
+depends_on:MBEDTLS_MD_C:MBEDTLS_MD2_C
+md_text_multi:MBEDTLS_MD_MD2:"":"8350e5a3e24c153df2275c9f80692773"
+
+generic multi step mbedtls_md2 Test vector RFC1319 #2
+depends_on:MBEDTLS_MD2_C
+md_text_multi:MBEDTLS_MD_MD2:"a":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
+
+generic multi step mbedtls_md2 Test vector RFC1319 #3
+depends_on:MBEDTLS_MD2_C
+md_text_multi:MBEDTLS_MD_MD2:"abc":"da853b0d3f88d99b30283a69e6ded6bb"
+
+generic multi step mbedtls_md2 Test vector RFC1319 #4
+depends_on:MBEDTLS_MD2_C
+md_text_multi:MBEDTLS_MD_MD2:"message digest":"ab4f496bfb2a530b219ff33031fe06b0"
+
+generic multi step mbedtls_md2 Test vector RFC1319 #5
+depends_on:MBEDTLS_MD2_C
+md_text_multi:MBEDTLS_MD_MD2:"abcdefghijklmnopqrstuvwxyz":"4e8ddff3650292ab5a4108c3aa47940b"
+
+generic multi step mbedtls_md2 Test vector RFC1319 #6
+depends_on:MBEDTLS_MD2_C
+md_text_multi:MBEDTLS_MD_MD2:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"da33def2a42df13975352846c30338cd"
+
+generic multi step mbedtls_md2 Test vector RFC1319 #7
+depends_on:MBEDTLS_MD2_C
+md_text_multi:MBEDTLS_MD_MD2:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"d5976f79d83d3a0dc9806c3c66f3efd8"
+
+generic multi step mbedtls_md4 Test vector RFC1320 #1
+depends_on:MBEDTLS_MD4_C
+md_text_multi:MBEDTLS_MD_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
+
+generic multi step mbedtls_md4 Test vector RFC1320 #2
+depends_on:MBEDTLS_MD4_C
+md_text_multi:MBEDTLS_MD_MD4:"a":"bde52cb31de33e46245e05fbdbd6fb24"
+
+generic multi step mbedtls_md4 Test vector RFC1320 #3
+depends_on:MBEDTLS_MD4_C
+md_text_multi:MBEDTLS_MD_MD4:"abc":"a448017aaf21d8525fc10ae87aa6729d"
+
+generic multi step mbedtls_md4 Test vector RFC1320 #4
+depends_on:MBEDTLS_MD4_C
+md_text_multi:MBEDTLS_MD_MD4:"message digest":"d9130a8164549fe818874806e1c7014b"
+
+generic multi step mbedtls_md4 Test vector RFC1320 #5
+depends_on:MBEDTLS_MD4_C
+md_text_multi:MBEDTLS_MD_MD4:"abcdefghijklmnopqrstuvwxyz":"d79e1c308aa5bbcdeea8ed63df412da9"
+
+generic multi step mbedtls_md4 Test vector RFC1320 #6
+depends_on:MBEDTLS_MD4_C
+md_text_multi:MBEDTLS_MD_MD4:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"043f8582f241db351ce627e153e7f0e4"
+
+generic multi step mbedtls_md4 Test vector RFC1320 #7
+depends_on:MBEDTLS_MD4_C
+md_text_multi:MBEDTLS_MD_MD4:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"e33b4ddc9c38f2199c3e7b164fcc0536"
+
+generic multi step mbedtls_md5 Test vector RFC1321 #1
+depends_on:MBEDTLS_MD5_C
+md_text_multi:MBEDTLS_MD_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
+
+generic multi step mbedtls_md5 Test vector RFC1321 #2
+depends_on:MBEDTLS_MD5_C
+md_text_multi:MBEDTLS_MD_MD5:"a":"0cc175b9c0f1b6a831c399e269772661"
+
+generic multi step mbedtls_md5 Test vector RFC1321 #3
+depends_on:MBEDTLS_MD5_C
+md_text_multi:MBEDTLS_MD_MD5:"abc":"900150983cd24fb0d6963f7d28e17f72"
+
+generic multi step mbedtls_md5 Test vector RFC1321 #4
+depends_on:MBEDTLS_MD5_C
+md_text_multi:MBEDTLS_MD_MD5:"message digest":"f96b697d7cb7938d525a2f31aaf161d0"
+
+generic multi step mbedtls_md5 Test vector RFC1321 #5
+depends_on:MBEDTLS_MD5_C
+md_text_multi:MBEDTLS_MD_MD5:"abcdefghijklmnopqrstuvwxyz":"c3fcd3d76192e4007dfb496cca67e13b"
+
+generic multi step mbedtls_md5 Test vector RFC1321 #6
+depends_on:MBEDTLS_MD5_C
+md_text_multi:MBEDTLS_MD_MD5:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"d174ab98d277d9f5a5611c2c9f419d9f"
+
+generic multi step mbedtls_md5 Test vector RFC1321 #7
+depends_on:MBEDTLS_MD5_C
+md_text_multi:MBEDTLS_MD_MD5:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"57edf4a22be3c955ac49da2e2107b67a"
+
+generic multi step mbedtls_ripemd160 Test vector from paper #1
+depends_on:MBEDTLS_RIPEMD160_C
+md_text_multi:MBEDTLS_MD_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
+
+generic multi step mbedtls_ripemd160 Test vector from paper #2
+depends_on:MBEDTLS_RIPEMD160_C
+md_text_multi:MBEDTLS_MD_RIPEMD160:"a":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe"
+
+generic multi step mbedtls_ripemd160 Test vector from paper #3
+depends_on:MBEDTLS_RIPEMD160_C
+md_text_multi:MBEDTLS_MD_RIPEMD160:"abc":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
+
+generic multi step mbedtls_ripemd160 Test vector from paper #4
+depends_on:MBEDTLS_RIPEMD160_C
+md_text_multi:MBEDTLS_MD_RIPEMD160:"message digest":"5d0689ef49d2fae572b881b123a85ffa21595f36"
+
+generic multi step mbedtls_ripemd160 Test vector from paper #5
+depends_on:MBEDTLS_RIPEMD160_C
+md_text_multi:MBEDTLS_MD_RIPEMD160:"abcdefghijklmnopqrstuvwxyz":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc"
+
+generic multi step mbedtls_ripemd160 Test vector from paper #6
+depends_on:MBEDTLS_RIPEMD160_C
+md_text_multi:MBEDTLS_MD_RIPEMD160:"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq":"12a053384a9c0c88e405a06c27dcf49ada62eb2b"
+
+generic multi step mbedtls_ripemd160 Test vector from paper #7
+depends_on:MBEDTLS_RIPEMD160_C
+md_text_multi:MBEDTLS_MD_RIPEMD160:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"b0e20b6e3116640286ed3a87a5713079b21f5189"
+
+generic multi step mbedtls_ripemd160 Test vector from paper #8
+depends_on:MBEDTLS_RIPEMD160_C
+md_text_multi:MBEDTLS_MD_RIPEMD160:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
+
+generic multi step HMAC-MD2 Hash File OpenSSL test #1
+depends_on:MBEDTLS_MD2_C
+md_hmac_multi:MBEDTLS_MD_MD2:16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d5732582f494f5ddf35efd166c85af9c"
+
+generic multi step HMAC-MD2 Hash File OpenSSL test #2
+depends_on:MBEDTLS_MD2_C
+md_hmac_multi:MBEDTLS_MD_MD2:16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"54ab68503f7d1b5c7741340dff2722a9"
+
+generic multi step HMAC-MD2 Hash File OpenSSL test #3
+depends_on:MBEDTLS_MD2_C
+md_hmac_multi:MBEDTLS_MD_MD2:16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d850e5f554558cf0fe79a0612e1d0365"
+
+generic multi step HMAC-MD4 Hash File OpenSSL test #1
+depends_on:MBEDTLS_MD4_C
+md_hmac_multi:MBEDTLS_MD_MD4:16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"eabd0fbefb82fb0063a25a6d7b8bdc0f"
+
+generic multi step HMAC-MD4 Hash File OpenSSL test #2
+depends_on:MBEDTLS_MD4_C
+md_hmac_multi:MBEDTLS_MD_MD4:16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"cec3c5e421a7b783aa89cacf78daf6dc"
+
+generic multi step HMAC-MD4 Hash File OpenSSL test #3
+depends_on:MBEDTLS_MD4_C
+md_hmac_multi:MBEDTLS_MD_MD4:16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"ad5f0a04116109b397b57f9cc9b6df4b"
+
+generic multi step HMAC-MD5 Hash File OpenSSL test #1
+depends_on:MBEDTLS_MD5_C
+md_hmac_multi:MBEDTLS_MD_MD5:16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"42552882f00bd4633ea81135a184b284"
+
+generic multi step HMAC-MD5 Hash File OpenSSL test #2
+depends_on:MBEDTLS_MD5_C
+md_hmac_multi:MBEDTLS_MD_MD5:16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"a16a842891786d01fe50ba7731db7464"
+
+generic multi step HMAC-MD5 Hash File OpenSSL test #3
+depends_on:MBEDTLS_MD5_C
+md_hmac_multi:MBEDTLS_MD_MD5:16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"e97f623936f98a7f741c4bd0612fecc2"
+
+generic multi step HMAC-MD5 Test Vector RFC2202 #1
+depends_on:MBEDTLS_MD5_C
+md_hmac_multi:MBEDTLS_MD_MD5:16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"9294727a3638bb1c13f48ef8158bfc9d"
+
+generic multi step HMAC-MD5 Test Vector RFC2202 #2
+depends_on:MBEDTLS_MD5_C
+md_hmac_multi:MBEDTLS_MD_MD5:16:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"750c783e6ab0b503eaa86e310a5db738"
+
+generic multi step HMAC-MD5 Test Vector RFC2202 #3
+depends_on:MBEDTLS_MD5_C
+md_hmac_multi:MBEDTLS_MD_MD5:16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"56be34521d144c88dbb8c733f0e8b3f6"
+
+generic multi step HMAC-MD5 Test Vector RFC2202 #4
+depends_on:MBEDTLS_MD5_C
+md_hmac_multi:MBEDTLS_MD_MD5:16:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"697eaf0aca3a3aea3a75164746ffaa79"
+
+generic multi step HMAC-MD5 Test Vector RFC2202 #5
+depends_on:MBEDTLS_MD5_C
+md_hmac_multi:MBEDTLS_MD_MD5:12:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"56461ef2342edc00f9bab995"
+
+generic multi step HMAC-MD5 Test Vector RFC2202 #6
+depends_on:MBEDTLS_MD5_C
+md_hmac_multi:MBEDTLS_MD_MD5:16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd"
+
+generic multi step HMAC-MD5 Test Vector RFC2202 #7
+depends_on:MBEDTLS_MD5_C
+md_hmac_multi:MBEDTLS_MD_MD5:16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"6f630fad67cda0ee1fb1f562db3aa53e"
+
+generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #1
+depends_on:MBEDTLS_RIPEMD160_C
+md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"24cb4bd67d20fc1a5d2ed7732dcc39377f0a5668"
+
+generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #2
+depends_on:MBEDTLS_RIPEMD160_C
+md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"dda6c0213a485a9e24f4742064a7f033b43c4069"
+
+generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #3
+depends_on:MBEDTLS_RIPEMD160_C
+md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"b0b105360de759960ab4f35298e116e295d8e7c1"
+
+generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #4
+depends_on:MBEDTLS_RIPEMD160_C
+md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"d5ca862f4d21d5e610e18b4cf1beb97a4365ecf4"
+
+generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #5
+depends_on:MBEDTLS_RIPEMD160_C
+md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"7619693978f91d90539ae786500ff3d8e0518e39"
+
+generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #6
+depends_on:MBEDTLS_RIPEMD160_C
+md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6466ca07ac5eac29e1bd523e5ada7605b791fd8b"
+
+generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #7
+depends_on:MBEDTLS_RIPEMD160_C
+md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"69ea60798d71616cce5fd0871e23754cd75d5a0a"
+
+generic MD2 Hash file #1
+depends_on:MBEDTLS_MD2_C
+mbedtls_md_file:MBEDTLS_MD_MD2:"data_files/hash_file_1":"b593c098712d2e21628c8986695451a8"
+
+generic MD2 Hash file #2
+depends_on:MBEDTLS_MD2_C
+mbedtls_md_file:MBEDTLS_MD_MD2:"data_files/hash_file_2":"3c027b7409909a4c4b26bbab69ad9f4f"
+
+generic MD2 Hash file #3
+depends_on:MBEDTLS_MD2_C
+mbedtls_md_file:MBEDTLS_MD_MD2:"data_files/hash_file_3":"6bb43eb285e81f414083a94cdbe2989d"
+
+generic MD2 Hash file #4
+depends_on:MBEDTLS_MD2_C
+mbedtls_md_file:MBEDTLS_MD_MD2:"data_files/hash_file_4":"8350e5a3e24c153df2275c9f80692773"
+
+generic MD4 Hash file #1
+depends_on:MBEDTLS_MD4_C
+mbedtls_md_file:MBEDTLS_MD_MD4:"data_files/hash_file_1":"8d19772c176bd27153b9486715e2c0b9"
+
+generic MD4 Hash file #2
+depends_on:MBEDTLS_MD4_C
+mbedtls_md_file:MBEDTLS_MD_MD4:"data_files/hash_file_2":"f2ac53b8542882a5a0007c6f84b4d9fd"
+
+generic MD4 Hash file #3
+depends_on:MBEDTLS_MD4_C
+mbedtls_md_file:MBEDTLS_MD_MD4:"data_files/hash_file_3":"195c15158e2d07881d9a654095ce4a42"
+
+generic MD4 Hash file #4
+depends_on:MBEDTLS_MD4_C
+mbedtls_md_file:MBEDTLS_MD_MD4:"data_files/hash_file_4":"31d6cfe0d16ae931b73c59d7e0c089c0"
+
+generic MD5 Hash file #1
+depends_on:MBEDTLS_MD5_C
+mbedtls_md_file:MBEDTLS_MD_MD5:"data_files/hash_file_1":"52bcdc983c9ed64fc148a759b3c7a415"
+
+generic MD5 Hash file #2
+depends_on:MBEDTLS_MD5_C
+mbedtls_md_file:MBEDTLS_MD_MD5:"data_files/hash_file_2":"d17d466f15891df10542207ae78277f0"
+
+generic MD5 Hash file #3
+depends_on:MBEDTLS_MD5_C
+mbedtls_md_file:MBEDTLS_MD_MD5:"data_files/hash_file_3":"d945bcc6200ea95d061a2a818167d920"
+
+generic MD5 Hash file #4
+depends_on:MBEDTLS_MD5_C
+mbedtls_md_file:MBEDTLS_MD_MD5:"data_files/hash_file_4":"d41d8cd98f00b204e9800998ecf8427e"
+
+generic RIPEMD160 Hash file #0 (from paper)
+depends_on:MBEDTLS_RIPEMD160_C
+mbedtls_md_file:MBEDTLS_MD_RIPEMD160:"data_files/hash_file_5":"52783243c1697bdbe16d37f97f68f08325dc1528"
+
+generic RIPEMD160 Hash file #1
+depends_on:MBEDTLS_RIPEMD160_C
+mbedtls_md_file:MBEDTLS_MD_RIPEMD160:"data_files/hash_file_1":"82f1d072f0ec0c2b353703a7b575a04c113af1a6"
+
+generic RIPEMD160 Hash file #2
+depends_on:MBEDTLS_RIPEMD160_C
+mbedtls_md_file:MBEDTLS_MD_RIPEMD160:"data_files/hash_file_2":"996fbc8b79206ba7393ebcd246584069b1c08f0f"
+
+generic RIPEMD160 Hash file #3
+depends_on:MBEDTLS_RIPEMD160_C
+mbedtls_md_file:MBEDTLS_MD_RIPEMD160:"data_files/hash_file_3":"8653b46d65998fa8c8846efa17937e742533ae48"
+
+generic RIPEMD160 Hash file #4
+depends_on:MBEDTLS_RIPEMD160_C
+mbedtls_md_file:MBEDTLS_MD_RIPEMD160:"data_files/hash_file_4":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
+
+generic HMAC-SHA-1 Test Vector FIPS-198a #1
+depends_on:MBEDTLS_SHA1_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA1:20:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":"53616d706c65202331":"4f4ca3d5d68ba7cc0a1208c9c61e9c5da0403c0a"
+
+generic HMAC-SHA-1 Test Vector FIPS-198a #2
+depends_on:MBEDTLS_SHA1_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA1:20:"303132333435363738393a3b3c3d3e3f40414243":"53616d706c65202332":"0922d3405faa3d194f82a45830737d5cc6c75d24"
+
+generic HMAC-SHA-1 Test Vector FIPS-198a #3
+depends_on:MBEDTLS_SHA1_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA1:20:"505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3":"53616d706c65202333":"bcf41eab8bb2d802f3d05caf7cb092ecf8d1a3aa"
+
+generic HMAC-SHA-1 Test Vector FIPS-198a #4
+depends_on:MBEDTLS_SHA1_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA1:12:"707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0":"53616d706c65202334":"9ea886efe268dbecce420c75"
+
+generic HMAC-SHA-1 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA1_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"7b10f4124b15c82e":"27dcb5b1daf60cfd3e2f73d4d64ca9c684f8bf71fc682a46793b1790afa4feb100ca7aaff26f58f0e1d0ed42f1cdad1f474afa2e79d53a0c42892c4d7b327cbe46b295ed8da3b6ecab3d4851687a6f812b79df2f6b20f11f6706f5301790ca99625aad7391d84f78043d2a0a239b1477984c157bbc9276064e7a1a406b0612ca":"4ead12c2fe3d6ea43acb"
+
+generic HMAC-SHA-1 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA1_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"4fe9fb902172a21b":"4ceb3a7c13659c22fe51134f03dce4c239d181b63c6b0b59d367157fd05cab98384f92dfa482d2d5e78e72eef1b1838af4696026c54233d484ecbbe87f904df5546419f8567eafd232e6c2fcd3ee2b7682c63000524b078dbb2096f585007deae752562df1fe3b01278089e16f3be46e2d0f7cabac2d8e6cc02a2d0ca953425f":"564428a67be1924b5793"
+
+generic HMAC-SHA-1 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA1_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"d1f01455f78c4fb4":"00d40f67b57914bec456a3e3201ef1464be319a8d188c02e157af4b54f9b5a66d67f898a9bdbb19ff63a80aba6f246d013575721d52eb1b47a65def884011c49b257bcc2817fc853f106e8138ce386d7a5ac3103de0a3fa0ed6bb7af9ff66ebd1cc46fb86e4da0013d20a3c2dcd8fb828a4b70f7f104b41bf3f44682a66497ea":"56a665a7cdfe610f9fc5"
+
+generic HMAC-SHA-1 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA1_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"4e5ef77fdf033a5b":"e59326464e3201d195e29f2a3446ec1b1c9ff31154e2a4d0e40ed466f1bc855d29f76835624fa0127d29c9b1915939a046f385af7e5d47a23ba91f28bd22f811ea258dbbf3332bcd3543b8285d5df41bd064ffd64a341c22c4edb44f9c8d9e6df0c59dbf4a052a6c83da7478e179a6f3839c6870ff8ca8b9497f9ac1d725fdda":"981c0a7a8423b63a8fa6"
+
+generic HMAC-SHA-1 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA1_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"bcd9ff8aa60be2be":"51be4d0eb37bab714f92e19e9d70390655b363e8cd346a748245e731f437759cb8206412c8dab2ef1d4f36f880f41ff69d949da4594fdecb65e23cac1329b59e69e29bf875b38c31df6fa546c595f35cc2192aa750679a8a51a65e00e839d73a8d8c598a610d237fbe78955213589d80efcb73b95b8586f96d17b6f51a71c3b8":"84633f9f5040c8971478"
+
+generic HMAC-SHA-1 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA1_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"4a661bce6ed86d21":"5ff6c744f1aab1bc29697d71f67541b8b3cec3c7079183b10a83fb98a9ee251d4bac3e1cb581ca972aaed8efd7c2875a6fb4c991132f67c9742d45e53bc7e8eaa94b35b37a907be61086b426cd11088ac118934e85d968c9667fd69fc6f6ea38c0fe34710b7ece91211b9b7ea00acd31f022aa6726368f9928a1352f122233f1":"739df59353ac6694e55e"
+
+generic HMAC-SHA-1 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA1_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"1287e1565a57b547":"390ffdccc6171c11568d85b8f913e019bf4cd982ca9cd21ea730d41bdf3fcc0bc88ff48ba13a8f23deb2d96ec1033e7b2a58ca72b0c1e17bf03330db25d1e360fa6918009c4294bd1215b5ccd159a8f58bc3dc3d490eb7c3b9f887e8c98dbbb274a75373dcb695a59abd0219529d88518a96f92abc0bbcbda985c388f1fbbcc9":"d78ddf08077c7d9e2ba6"
+
+generic HMAC-SHA-224 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA224:14:"e055eb756697ee573fd3214811a9f7fa":"3875847012ee42fe54a0027bdf38cca7021b83a2ed0503af69ef6c37c637bc1114fba40096c5947d736e19b7af3c68d95a4e3b8b073adbbb80f47e9db8f2d4f0018ddd847fabfdf9dd9b52c93e40458977725f6b7ba15f0816bb895cdf50401268f5d702b7e6a5f9faef57b8768c8a3fc14f9a4b3182b41d940e337d219b29ff":"40a453133361cc48da11baf616ee"
+
+generic HMAC-SHA-224 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA224:14:"88e5258b55b1623385eb9632fa7c57d6":"ada76bb604be14326551701cf30e48a65eee80b44f0b9d4a07b1844543b7844a621097fdc99de57387458ae9354899b620d0617eabcaefa9eef3d413a33628054335ce656c26fa2986e0f111a6351096b283101ec7868871d770b370973c7405983f9756b3005a3eab492cfd0e7eb42e5c2e15fa6be8718c0a50acc4e5717230":"81c783af538015cef3c60095df53"
+
+generic HMAC-SHA-224 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA224:14:"85d402d822114d31abf75526e2538705":"8020d8d98cc2e2298b32879c51c751e1dd5558fe2eabb8f158604297d6d072ce2261a1d6830b7cfe2617b57c7126f99c9476211d6161acd75d266da217ec8174b80484c9dc6f0448a0a036a3fc82e8bf54bdb71549368258d5d41f57978a4c266b92e8783ef66350215573d99be4089144b383ad8f3222bae8f3bf80ffb1bb2b":"2aa0340ac9deafe3be38129daca0"
+
+generic HMAC-SHA-224 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA224:14:"545c6eecc5ee46fa17c59f91a94f81ae":"8fb7f3565593170152ddb2021874784e951977cfdd22f8b72a72a61320a8f2a35697b5e913f717805559b1af1861ee3ed42fb788481e4fd276b17bdbefcae7b4501dc5d20de5b7626dd5efdcd65294db4bdf682c33d9a9255c6435383fa5f1c886326a3acbc6bd50a33ab5b2dbb034ce0112d4e226bbcd57e3731a519aa1d784":"3eb566eac54c4a3a9ef092469f24"
+
+generic HMAC-SHA-224 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA224:14:"4466ab4dc438841a9750c7f173dff02e":"2534c11c78c99cffaec8f722f04adc7045c7324d58ce98e37cfa94b6ed21ed7f58ce55379ef24b72d6d640ee9154f96c614734be9c408e225d7ba4cecc1179cc9f6e1808e1067aa8f244a99bd0c3267594c1887a40d167f8b7cf78db0d19f97b01fc50b8c86def490dfa7a5135002c33e71d77a8cce8ea0f93e0580439a33733":"59f44a9bbed4875b892d22d6b5ab"
+
+generic HMAC-SHA-224 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA224:28:"0e3dd9bb5e4cf0f09a4c11600af56d8d":"f4589fa76c328ea25cf8bae582026ba40a59d45a546ff31cf80eb826088f69bb954c452c74586836416dee90a5255bc5d56d3b405b3705a5197045688b32fa984c3a3dfbdc9c2460a0b5e6312a624048bb6f170306535e9b371a3ab134a2642a230ad03d2c688cca80baeaee9a20e1d4c548b1cede29c6a45bf4df2c8c476f1a":"12175b93e3da4c58217145e4dc0a1cf142fab9319bb501e037b350ba"
+
+generic HMAC-SHA-224 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA224:28:"cda5187b0c5dcb0f8e5a8beed2306584":"9011ae29b44c49b347487ce972965f16ade3c15be0856ce9c853a9739dba07e4f20d594ddc1dfe21560a65a4e458cfa17745575b915a30c7a9412ff8d1d689db9680dd2428c27588bb0dc92d2cd9445fe8f44b840a197c52c3c4333fff45533945134398df6436513cfab06c924046b8c795a5bd92e8d5f2de85bf306f2eed67":"4aaba92b40e2a600feab176eb9b292d814864195c03342aad6f67f08"
+
+generic HMAC-SHA-256 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA256:16:"cdffd34e6b16fdc0":"d83e78b99ab61709608972b36e76a575603db742269cc5dd4e7d5ca7816e26b65151c92632550cb4c5253c885d5fce53bc47459a1dbd5652786c4aac0145a532f12c05138af04cbb558101a7af5df478834c2146594dd73690d01a4fe72545894335f427ac70204798068cb86c5a600b40b414ede23590b41e1192373df84fe3":"c6f0dde266cb4a26d41e8259d33499cc"
+
+generic HMAC-SHA-256 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA256:16:"6d97bb5892245be2":"13c2b391d59c0252ca5d2302beaaf88c4bcd779bb505ad9a122003dfae4cc123ad2bd036f225c4f040021a6b9fb8bd6f0281cf2e2631a732bdc71693cc42ef6d52b6c6912a9ef77b3274eb85ad7f965ae6ed44ac1721962a884ec7acfb4534b1488b1c0c45afa4dae8da1eb7b0a88a3240365d7e4e7d826abbde9f9203fd99d7":"31588e241b015319a5ab8c4527296498"
+
+generic HMAC-SHA-256 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA256:16:"3c7fc8a70b49007a":"60024e428a39c8b8bb2e9591bad9dc2115dfbfd716b6eb7af30a6eb34560caccbbfa47b710fa8d523aca71e9e5ba10fc1feb1a43556d71f07ea4f33496f093044e8caf1d02b79e46eb1288d5964a7a7494f6b92574c35784eece054c6151281d80822f7d47b8231c35d07f5cb5cf4310ddc844845a01c6bfab514c048eccaf9f":"1c98c94a32bec9f253c21070f82f8438"
+
+generic HMAC-SHA-256 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA256:24:"369f33f85b927a07":"ae8e2a94ca386d448cbacdb0e9040ae3cb297c296363052cc157455da29a0c95897315fc11e3f12b81e2418da1ec280bccbc00e847584ce9d14deeba7b3c9b8dba958b04bba37551f6c9ba9c060be1a4b8cf43aa62e5078b76c6512c5619b71a6a7cf5727180e1ff14f5a1a3c1691bf8b6ebad365c151e58d749d57adb3a4986":"60b90383286533d309de46593e6ce39fc51fb00a8d88278c"
+
+generic HMAC-SHA-256 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA256:24:"e5179687582b4dc4":"ce103bdacdf32f614f6727bcb31ca1c2824a850d00f5585b016fb234fe1ef2cd687f302d3c6b738ed89a24060d65c36675d0d96307c72ef3e8a83bfa8402e226de9d5d1724ba75c4879bf41a4a465ce61887d9f49a34757849b48bae81c27ebed76faae2ad669bca04747d409148d40812776e0ae2c395b3cb9c89981ce72d5c":"509581f6816df4b8cc9f2cf42b7cc6e6a5a1e375a16f2412"
+
+generic HMAC-SHA-256 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA256:24:"63cec6246aeb1b61":"c178db908a405fa88aa255b8cad22b4057016585f139ee930388b083d86062fa0b3ea1f23f8a43bd11bee8464bcbd19b5ab9f6a8038d5245516f8274d20c8ee3033a07b908da528fa00343bb595deed500cab9745c4cb6391c23300f0d3584b090b3326c4cfa342620b78f9f5b4f27f7307ed770643ec1764aeae3dcf1a3ec69":"64f3dd861b7c7d29fce9ae0ce9ed954b5d7141806ee9eec7"
+
+generic HMAC-SHA-384 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+mbedtls_md_hmac:MBEDTLS_MD_SHA384:32:"91a7401817386948ca952f9a20ee55dc":"2fea5b91035d6d501f3a834fa178bff4e64b99a8450432dafd32e4466b0e1e7781166f8a73f7e036b3b0870920f559f47bd1400a1a906e85e0dcf00a6c26862e9148b23806680f285f1fe4f93cdaf924c181a965465739c14f2268c8be8b471847c74b222577a1310bcdc1a85ef1468aa1a3fd4031213c97324b7509c9050a3d":"6d7be9490058cf413cc09fd043c224c2ec4fa7859b13783000a9a593c9f75838"
+
+generic HMAC-SHA-384 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+mbedtls_md_hmac:MBEDTLS_MD_SHA384:32:"d6cac19657061aa90a6da11cd2e9ea47":"9f482e4655173135dfaa22a11bbbe6af263db48716406c5aec162ba3c4b41cad4f5a91558377521191c7343118beee65982929802913d67b6de5c4bdc3d27299bd722219d5ad2efa5bdb9ff7b229fc4bbc3f60719320cf2e7a51cad1133d21bad2d80919b1836ef825308b7c51c6b7677ac782e2bc30007afba065681cbdd215":"f3d5f3c008175321aa7b2ea379eaa4f8b9dcc60f895ec8940b8162f80a7dfe9f"
+
+generic HMAC-SHA-384 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+mbedtls_md_hmac:MBEDTLS_MD_SHA384:32:"e06366ad149b8442cd4c1abdddd0afde":"2d140a194c02a5598f69174834679b8371234a0d505491f1bd03e128dd91a8bca2fb812e9d5da71613b5b00952ea78bf450d5b7547dea79135925085c7d3e6f52009c51ca3d88c6c09e9d074b0ee110736e0ec9b478b93efb34d7bf1c41b54decec43eab077a3aa4998ede53f67b4ea36c266745f9643d5360bdc8337c70dabf":"c19c67eda6fe29f3667bee1c897c333ce7683094ae77e84b4c16378d290895a1"
+
+generic HMAC-SHA-384 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+mbedtls_md_hmac:MBEDTLS_MD_SHA384:48:"01ac59f42f8bb91d1bd10fe6990d7a87":"3caf18c476edd5615f343ac7b7d3a9da9efade755672d5ba4b8ae8a7505539ea2c124ff755ec0457fbe49e43480b3c71e7f4742ec3693aad115d039f90222b030fdc9440313691716d5302005808c07627483b916fdf61983063c2eb1268f2deeef42fc790334456bc6bad256e31fc9066de7cc7e43d1321b1866db45e905622":"1985fa2163a5943fc5d92f1fe8831215e7e91f0bff5332bc713a072bdb3a8f9e5c5157463a3bfeb36231416e65973e64"
+
+generic HMAC-SHA-384 Test Vector NIST CAVS #5 [#1]
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+mbedtls_md_hmac:MBEDTLS_MD_SHA384:48:"fd74b9d9e102a3a80df1baf0cb35bace":"1a068917584813d1689ccbd0370c2114d537cdc8cc52bf6db16d5535f8f7d1ad0c850a9fa0cf62373ffbf7642b1f1e8164010d350721d798d9f99e9724830399c2fce26377e83d38845675457865c03d4a07d741a505ef028343eb29fd46d0f761f3792886998c1e5c32ac3bc7e6f08faed194b34f06eff4d5d4a5b42c481e0e":"a981eaf5de3d78b20ebd4414a4edd0657e3667cd808a0dbc430cf7252f73a5b24efa136039207bd59806897457d74e0c"
+
+generic HMAC-SHA-384 Test Vector NIST CAVS #5 [#2]
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+mbedtls_md_hmac:MBEDTLS_MD_SHA384:48:"9fe794f0e26b669fa5f6883149377c6c":"6010c9745e8f1d44cfdc99e7e0fd79bc4271944c2d1d84dba589073dfc4ca5eb98c59356f60cd87bef28aeb83a832bde339b2087daf942aa1f67876c5d5ed33924bed4143bc12a2be532ccaf64daa7e2bc3c8872b9823b0533b6f5159135effe8c61545536975d7c3a61ba7365ec35f165bc92b4d19eb9156ade17dfa1bb4161":"915ae61f8754698c2b6ef9629e93441f8541bd4258a5e05372d19136cfaefc0473b48d96119291b38eb1a3cb1982a986"
+
+generic HMAC-SHA-512 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA512_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA512:32:"c95a17c09940a691ed2d621571b0eb844ede55a9":"99cd28262e81f34878cdcebf4128e05e2098a7009278a66f4c785784d0e5678f3f2b22f86e982d273b6273a222ec61750b4556d766f1550a7aedfe83faedbc4bdae83fa560d62df17eb914d05fdaa48940551bac81d700f5fca7147295e386e8120d66742ec65c6ee8d89a92217a0f6266d0ddc60bb20ef679ae8299c8502c2f":"6bc1379d156559ddee2ed420ea5d5c5ff3e454a1059b7ba72c350e77b6e9333c"
+
+generic HMAC-SHA-512 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA512_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA512:32:"3b10b8fa718840d1dea8e9fc317476bcf55875fd":"f04f5b7073d7d0274e8354433b390306c5607632f5f589c12edb62d55673aff2366d2e6b24de731adf92e654baa30b1cfd4a069788f65ec1b99b015d904d8832110dbd74eae35a81562d14ce4136d820ad0a55ff5489ba678fbbc1c27663ec1349d70e740f0e0ec27cfbe8971819f4789e486b50a2d7271d77e2aaea50de62fd":"fc3c38c7a17e3ce06db033f1c172866f01a00045db55f2e234f71c82264f2ba2"
+
+generic HMAC-SHA-512 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA512_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA512:32:"4803d311394600dc1e0d8fc8cedeb8bde3fe7c42":"a10c125dd702a97153ad923ba5e9889cfac1ba169de370debe51f233735aa6effcc9785c4b5c7e48c477dc5c411ae6a959118584e26adc94b42c2b29b046f3cf01c65b24a24bd2e620bdf650a23bb4a72655b1100d7ce9a4dab697c6379754b4396c825de4b9eb73f2e6a6c0d0353bbdeaf706612800e137b858fdb30f3311c6":"7cd8236c55102e6385f52279506df6fcc388ab75092da21395ce14a82b202ffa"
+
+generic HMAC-SHA-512 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA512_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA512:48:"aeb2f3b977fa6c8e71e07c5a5c74ff58166de092":"22457355dc76095abd46846b41cfe49a06ce42ac8857b4702fc771508dfb3626e0bfe851df897a07b36811ec433766e4b4166c26301b3493e7440d4554b0ef6ac20f1a530e58fac8aeba4e9ff2d4898d8a28783b49cd269c2965fd7f8e4f2d60cf1e5284f2495145b72382aad90e153a90ecae125ad75336fb128825c23fb8b0":"fa39bd8fcc3bfa218f9dea5d3b2ce10a7619e31678a56d8a9d927b1fe703b125af445debe9a89a07db6194d27b44d85a"
+
+generic HMAC-SHA-512 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA512_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA512:48:"4285d3d7744da52775bb44ca436a3154f7980309":"208f0b6f2de2e5aa5df11927ddc6df485edc1193181c484d0f0a434a95418803101d4de9fdb798f93516a6916fa38a8207de1666fe50fe3441c03b112eaaae6954ed063f7ac4e3c1e3f73b20d153fe9e4857f5e91430f0a70ee820529adac2467469fd18adf10e2af0fea27c0abc83c5a9af77c364a466cffce8bab4e2b70bc1":"fe7603f205b2774fe0f14ecfa3e338e90608a806d11ca459dff5ce36b1b264ecd3af5f0492a7521d8da3102ba20927a5"
+
+generic HMAC-SHA-512 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA512_C
+mbedtls_md_hmac:MBEDTLS_MD_SHA512:48:"8ab783d5acf32efa0d9c0a21abce955e96630d89":"17371e013dce839963d54418e97be4bd9fa3cb2a368a5220f5aa1b8aaddfa3bdefc91afe7c717244fd2fb640f5cb9d9bf3e25f7f0c8bc758883b89dcdce6d749d9672fed222277ece3e84b3ec01b96f70c125fcb3cbee6d19b8ef0873f915f173bdb05d81629ba187cc8ac1934b2f75952fb7616ae6bd812946df694bd2763af":"9ac7ca8d1aefc166b046e4cf7602ebe181a0e5055474bff5b342106731da0d7e48e4d87bc0a6f05871574289a1b099f8"
+
+generic multi step HMAC-SHA-1 Test Vector FIPS-198a #1
+depends_on:MBEDTLS_SHA1_C
+md_hmac_multi:MBEDTLS_MD_SHA1:20:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":"53616d706c65202331":"4f4ca3d5d68ba7cc0a1208c9c61e9c5da0403c0a"
+
+generic multi step HMAC-SHA-1 Test Vector FIPS-198a #2
+depends_on:MBEDTLS_SHA1_C
+md_hmac_multi:MBEDTLS_MD_SHA1:20:"303132333435363738393a3b3c3d3e3f40414243":"53616d706c65202332":"0922d3405faa3d194f82a45830737d5cc6c75d24"
+
+generic multi step HMAC-SHA-1 Test Vector FIPS-198a #3
+depends_on:MBEDTLS_SHA1_C
+md_hmac_multi:MBEDTLS_MD_SHA1:20:"505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3":"53616d706c65202333":"bcf41eab8bb2d802f3d05caf7cb092ecf8d1a3aa"
+
+generic multi step HMAC-SHA-1 Test Vector FIPS-198a #4
+depends_on:MBEDTLS_SHA1_C
+md_hmac_multi:MBEDTLS_MD_SHA1:12:"707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0":"53616d706c65202334":"9ea886efe268dbecce420c75"
+
+generic multi step HMAC-SHA-1 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA1_C
+md_hmac_multi:MBEDTLS_MD_SHA1:10:"7b10f4124b15c82e":"27dcb5b1daf60cfd3e2f73d4d64ca9c684f8bf71fc682a46793b1790afa4feb100ca7aaff26f58f0e1d0ed42f1cdad1f474afa2e79d53a0c42892c4d7b327cbe46b295ed8da3b6ecab3d4851687a6f812b79df2f6b20f11f6706f5301790ca99625aad7391d84f78043d2a0a239b1477984c157bbc9276064e7a1a406b0612ca":"4ead12c2fe3d6ea43acb"
+
+generic multi step HMAC-SHA-1 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA1_C
+md_hmac_multi:MBEDTLS_MD_SHA1:10:"4fe9fb902172a21b":"4ceb3a7c13659c22fe51134f03dce4c239d181b63c6b0b59d367157fd05cab98384f92dfa482d2d5e78e72eef1b1838af4696026c54233d484ecbbe87f904df5546419f8567eafd232e6c2fcd3ee2b7682c63000524b078dbb2096f585007deae752562df1fe3b01278089e16f3be46e2d0f7cabac2d8e6cc02a2d0ca953425f":"564428a67be1924b5793"
+
+generic multi step HMAC-SHA-1 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA1_C
+md_hmac_multi:MBEDTLS_MD_SHA1:10:"d1f01455f78c4fb4":"00d40f67b57914bec456a3e3201ef1464be319a8d188c02e157af4b54f9b5a66d67f898a9bdbb19ff63a80aba6f246d013575721d52eb1b47a65def884011c49b257bcc2817fc853f106e8138ce386d7a5ac3103de0a3fa0ed6bb7af9ff66ebd1cc46fb86e4da0013d20a3c2dcd8fb828a4b70f7f104b41bf3f44682a66497ea":"56a665a7cdfe610f9fc5"
+
+generic multi step HMAC-SHA-1 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA1_C
+md_hmac_multi:MBEDTLS_MD_SHA1:10:"4e5ef77fdf033a5b":"e59326464e3201d195e29f2a3446ec1b1c9ff31154e2a4d0e40ed466f1bc855d29f76835624fa0127d29c9b1915939a046f385af7e5d47a23ba91f28bd22f811ea258dbbf3332bcd3543b8285d5df41bd064ffd64a341c22c4edb44f9c8d9e6df0c59dbf4a052a6c83da7478e179a6f3839c6870ff8ca8b9497f9ac1d725fdda":"981c0a7a8423b63a8fa6"
+
+generic multi step HMAC-SHA-1 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA1_C
+md_hmac_multi:MBEDTLS_MD_SHA1:10:"bcd9ff8aa60be2be":"51be4d0eb37bab714f92e19e9d70390655b363e8cd346a748245e731f437759cb8206412c8dab2ef1d4f36f880f41ff69d949da4594fdecb65e23cac1329b59e69e29bf875b38c31df6fa546c595f35cc2192aa750679a8a51a65e00e839d73a8d8c598a610d237fbe78955213589d80efcb73b95b8586f96d17b6f51a71c3b8":"84633f9f5040c8971478"
+
+generic multi step HMAC-SHA-1 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA1_C
+md_hmac_multi:MBEDTLS_MD_SHA1:10:"4a661bce6ed86d21":"5ff6c744f1aab1bc29697d71f67541b8b3cec3c7079183b10a83fb98a9ee251d4bac3e1cb581ca972aaed8efd7c2875a6fb4c991132f67c9742d45e53bc7e8eaa94b35b37a907be61086b426cd11088ac118934e85d968c9667fd69fc6f6ea38c0fe34710b7ece91211b9b7ea00acd31f022aa6726368f9928a1352f122233f1":"739df59353ac6694e55e"
+
+generic multi step HMAC-SHA-1 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA1_C
+md_hmac_multi:MBEDTLS_MD_SHA1:10:"1287e1565a57b547":"390ffdccc6171c11568d85b8f913e019bf4cd982ca9cd21ea730d41bdf3fcc0bc88ff48ba13a8f23deb2d96ec1033e7b2a58ca72b0c1e17bf03330db25d1e360fa6918009c4294bd1215b5ccd159a8f58bc3dc3d490eb7c3b9f887e8c98dbbb274a75373dcb695a59abd0219529d88518a96f92abc0bbcbda985c388f1fbbcc9":"d78ddf08077c7d9e2ba6"
+
+generic multi step HMAC-SHA-224 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA256_C
+md_hmac_multi:MBEDTLS_MD_SHA224:14:"e055eb756697ee573fd3214811a9f7fa":"3875847012ee42fe54a0027bdf38cca7021b83a2ed0503af69ef6c37c637bc1114fba40096c5947d736e19b7af3c68d95a4e3b8b073adbbb80f47e9db8f2d4f0018ddd847fabfdf9dd9b52c93e40458977725f6b7ba15f0816bb895cdf50401268f5d702b7e6a5f9faef57b8768c8a3fc14f9a4b3182b41d940e337d219b29ff":"40a453133361cc48da11baf616ee"
+
+generic multi step HMAC-SHA-224 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA256_C
+md_hmac_multi:MBEDTLS_MD_SHA224:14:"88e5258b55b1623385eb9632fa7c57d6":"ada76bb604be14326551701cf30e48a65eee80b44f0b9d4a07b1844543b7844a621097fdc99de57387458ae9354899b620d0617eabcaefa9eef3d413a33628054335ce656c26fa2986e0f111a6351096b283101ec7868871d770b370973c7405983f9756b3005a3eab492cfd0e7eb42e5c2e15fa6be8718c0a50acc4e5717230":"81c783af538015cef3c60095df53"
+
+generic multi step HMAC-SHA-224 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA256_C
+md_hmac_multi:MBEDTLS_MD_SHA224:14:"85d402d822114d31abf75526e2538705":"8020d8d98cc2e2298b32879c51c751e1dd5558fe2eabb8f158604297d6d072ce2261a1d6830b7cfe2617b57c7126f99c9476211d6161acd75d266da217ec8174b80484c9dc6f0448a0a036a3fc82e8bf54bdb71549368258d5d41f57978a4c266b92e8783ef66350215573d99be4089144b383ad8f3222bae8f3bf80ffb1bb2b":"2aa0340ac9deafe3be38129daca0"
+
+generic multi step HMAC-SHA-224 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA256_C
+md_hmac_multi:MBEDTLS_MD_SHA224:14:"545c6eecc5ee46fa17c59f91a94f81ae":"8fb7f3565593170152ddb2021874784e951977cfdd22f8b72a72a61320a8f2a35697b5e913f717805559b1af1861ee3ed42fb788481e4fd276b17bdbefcae7b4501dc5d20de5b7626dd5efdcd65294db4bdf682c33d9a9255c6435383fa5f1c886326a3acbc6bd50a33ab5b2dbb034ce0112d4e226bbcd57e3731a519aa1d784":"3eb566eac54c4a3a9ef092469f24"
+
+generic multi step HMAC-SHA-224 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA256_C
+md_hmac_multi:MBEDTLS_MD_SHA224:14:"4466ab4dc438841a9750c7f173dff02e":"2534c11c78c99cffaec8f722f04adc7045c7324d58ce98e37cfa94b6ed21ed7f58ce55379ef24b72d6d640ee9154f96c614734be9c408e225d7ba4cecc1179cc9f6e1808e1067aa8f244a99bd0c3267594c1887a40d167f8b7cf78db0d19f97b01fc50b8c86def490dfa7a5135002c33e71d77a8cce8ea0f93e0580439a33733":"59f44a9bbed4875b892d22d6b5ab"
+
+generic multi step HMAC-SHA-224 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA256_C
+md_hmac_multi:MBEDTLS_MD_SHA224:28:"0e3dd9bb5e4cf0f09a4c11600af56d8d":"f4589fa76c328ea25cf8bae582026ba40a59d45a546ff31cf80eb826088f69bb954c452c74586836416dee90a5255bc5d56d3b405b3705a5197045688b32fa984c3a3dfbdc9c2460a0b5e6312a624048bb6f170306535e9b371a3ab134a2642a230ad03d2c688cca80baeaee9a20e1d4c548b1cede29c6a45bf4df2c8c476f1a":"12175b93e3da4c58217145e4dc0a1cf142fab9319bb501e037b350ba"
+
+generic multi step HMAC-SHA-224 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA256_C
+md_hmac_multi:MBEDTLS_MD_SHA224:28:"cda5187b0c5dcb0f8e5a8beed2306584":"9011ae29b44c49b347487ce972965f16ade3c15be0856ce9c853a9739dba07e4f20d594ddc1dfe21560a65a4e458cfa17745575b915a30c7a9412ff8d1d689db9680dd2428c27588bb0dc92d2cd9445fe8f44b840a197c52c3c4333fff45533945134398df6436513cfab06c924046b8c795a5bd92e8d5f2de85bf306f2eed67":"4aaba92b40e2a600feab176eb9b292d814864195c03342aad6f67f08"
+
+generic multi step HMAC-SHA-256 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA256_C
+md_hmac_multi:MBEDTLS_MD_SHA256:16:"cdffd34e6b16fdc0":"d83e78b99ab61709608972b36e76a575603db742269cc5dd4e7d5ca7816e26b65151c92632550cb4c5253c885d5fce53bc47459a1dbd5652786c4aac0145a532f12c05138af04cbb558101a7af5df478834c2146594dd73690d01a4fe72545894335f427ac70204798068cb86c5a600b40b414ede23590b41e1192373df84fe3":"c6f0dde266cb4a26d41e8259d33499cc"
+
+generic multi step HMAC-SHA-256 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA256_C
+md_hmac_multi:MBEDTLS_MD_SHA256:16:"6d97bb5892245be2":"13c2b391d59c0252ca5d2302beaaf88c4bcd779bb505ad9a122003dfae4cc123ad2bd036f225c4f040021a6b9fb8bd6f0281cf2e2631a732bdc71693cc42ef6d52b6c6912a9ef77b3274eb85ad7f965ae6ed44ac1721962a884ec7acfb4534b1488b1c0c45afa4dae8da1eb7b0a88a3240365d7e4e7d826abbde9f9203fd99d7":"31588e241b015319a5ab8c4527296498"
+
+generic multi step HMAC-SHA-256 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA256_C
+md_hmac_multi:MBEDTLS_MD_SHA256:16:"3c7fc8a70b49007a":"60024e428a39c8b8bb2e9591bad9dc2115dfbfd716b6eb7af30a6eb34560caccbbfa47b710fa8d523aca71e9e5ba10fc1feb1a43556d71f07ea4f33496f093044e8caf1d02b79e46eb1288d5964a7a7494f6b92574c35784eece054c6151281d80822f7d47b8231c35d07f5cb5cf4310ddc844845a01c6bfab514c048eccaf9f":"1c98c94a32bec9f253c21070f82f8438"
+
+generic multi step HMAC-SHA-256 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA256_C
+md_hmac_multi:MBEDTLS_MD_SHA256:24:"369f33f85b927a07":"ae8e2a94ca386d448cbacdb0e9040ae3cb297c296363052cc157455da29a0c95897315fc11e3f12b81e2418da1ec280bccbc00e847584ce9d14deeba7b3c9b8dba958b04bba37551f6c9ba9c060be1a4b8cf43aa62e5078b76c6512c5619b71a6a7cf5727180e1ff14f5a1a3c1691bf8b6ebad365c151e58d749d57adb3a4986":"60b90383286533d309de46593e6ce39fc51fb00a8d88278c"
+
+generic multi step HMAC-SHA-256 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA256_C
+md_hmac_multi:MBEDTLS_MD_SHA256:24:"e5179687582b4dc4":"ce103bdacdf32f614f6727bcb31ca1c2824a850d00f5585b016fb234fe1ef2cd687f302d3c6b738ed89a24060d65c36675d0d96307c72ef3e8a83bfa8402e226de9d5d1724ba75c4879bf41a4a465ce61887d9f49a34757849b48bae81c27ebed76faae2ad669bca04747d409148d40812776e0ae2c395b3cb9c89981ce72d5c":"509581f6816df4b8cc9f2cf42b7cc6e6a5a1e375a16f2412"
+
+generic multi step HMAC-SHA-256 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA256_C
+md_hmac_multi:MBEDTLS_MD_SHA256:24:"63cec6246aeb1b61":"c178db908a405fa88aa255b8cad22b4057016585f139ee930388b083d86062fa0b3ea1f23f8a43bd11bee8464bcbd19b5ab9f6a8038d5245516f8274d20c8ee3033a07b908da528fa00343bb595deed500cab9745c4cb6391c23300f0d3584b090b3326c4cfa342620b78f9f5b4f27f7307ed770643ec1764aeae3dcf1a3ec69":"64f3dd861b7c7d29fce9ae0ce9ed954b5d7141806ee9eec7"
+
+generic multi step HMAC-SHA-384 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hmac_multi:MBEDTLS_MD_SHA384:32:"91a7401817386948ca952f9a20ee55dc":"2fea5b91035d6d501f3a834fa178bff4e64b99a8450432dafd32e4466b0e1e7781166f8a73f7e036b3b0870920f559f47bd1400a1a906e85e0dcf00a6c26862e9148b23806680f285f1fe4f93cdaf924c181a965465739c14f2268c8be8b471847c74b222577a1310bcdc1a85ef1468aa1a3fd4031213c97324b7509c9050a3d":"6d7be9490058cf413cc09fd043c224c2ec4fa7859b13783000a9a593c9f75838"
+
+generic multi step HMAC-SHA-384 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hmac_multi:MBEDTLS_MD_SHA384:32:"d6cac19657061aa90a6da11cd2e9ea47":"9f482e4655173135dfaa22a11bbbe6af263db48716406c5aec162ba3c4b41cad4f5a91558377521191c7343118beee65982929802913d67b6de5c4bdc3d27299bd722219d5ad2efa5bdb9ff7b229fc4bbc3f60719320cf2e7a51cad1133d21bad2d80919b1836ef825308b7c51c6b7677ac782e2bc30007afba065681cbdd215":"f3d5f3c008175321aa7b2ea379eaa4f8b9dcc60f895ec8940b8162f80a7dfe9f"
+
+generic multi step HMAC-SHA-384 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hmac_multi:MBEDTLS_MD_SHA384:32:"e06366ad149b8442cd4c1abdddd0afde":"2d140a194c02a5598f69174834679b8371234a0d505491f1bd03e128dd91a8bca2fb812e9d5da71613b5b00952ea78bf450d5b7547dea79135925085c7d3e6f52009c51ca3d88c6c09e9d074b0ee110736e0ec9b478b93efb34d7bf1c41b54decec43eab077a3aa4998ede53f67b4ea36c266745f9643d5360bdc8337c70dabf":"c19c67eda6fe29f3667bee1c897c333ce7683094ae77e84b4c16378d290895a1"
+
+generic multi step HMAC-SHA-384 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hmac_multi:MBEDTLS_MD_SHA384:48:"01ac59f42f8bb91d1bd10fe6990d7a87":"3caf18c476edd5615f343ac7b7d3a9da9efade755672d5ba4b8ae8a7505539ea2c124ff755ec0457fbe49e43480b3c71e7f4742ec3693aad115d039f90222b030fdc9440313691716d5302005808c07627483b916fdf61983063c2eb1268f2deeef42fc790334456bc6bad256e31fc9066de7cc7e43d1321b1866db45e905622":"1985fa2163a5943fc5d92f1fe8831215e7e91f0bff5332bc713a072bdb3a8f9e5c5157463a3bfeb36231416e65973e64"
+
+generic multi step HMAC-SHA-384 Test Vector NIST CAVS #5 [#1]
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hmac_multi:MBEDTLS_MD_SHA384:48:"fd74b9d9e102a3a80df1baf0cb35bace":"1a068917584813d1689ccbd0370c2114d537cdc8cc52bf6db16d5535f8f7d1ad0c850a9fa0cf62373ffbf7642b1f1e8164010d350721d798d9f99e9724830399c2fce26377e83d38845675457865c03d4a07d741a505ef028343eb29fd46d0f761f3792886998c1e5c32ac3bc7e6f08faed194b34f06eff4d5d4a5b42c481e0e":"a981eaf5de3d78b20ebd4414a4edd0657e3667cd808a0dbc430cf7252f73a5b24efa136039207bd59806897457d74e0c"
+
+generic multi step HMAC-SHA-384 Test Vector NIST CAVS #5 [#2]
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hmac_multi:MBEDTLS_MD_SHA384:48:"9fe794f0e26b669fa5f6883149377c6c":"6010c9745e8f1d44cfdc99e7e0fd79bc4271944c2d1d84dba589073dfc4ca5eb98c59356f60cd87bef28aeb83a832bde339b2087daf942aa1f67876c5d5ed33924bed4143bc12a2be532ccaf64daa7e2bc3c8872b9823b0533b6f5159135effe8c61545536975d7c3a61ba7365ec35f165bc92b4d19eb9156ade17dfa1bb4161":"915ae61f8754698c2b6ef9629e93441f8541bd4258a5e05372d19136cfaefc0473b48d96119291b38eb1a3cb1982a986"
+
+generic multi step HMAC-SHA-512 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA512_C
+md_hmac_multi:MBEDTLS_MD_SHA512:32:"c95a17c09940a691ed2d621571b0eb844ede55a9":"99cd28262e81f34878cdcebf4128e05e2098a7009278a66f4c785784d0e5678f3f2b22f86e982d273b6273a222ec61750b4556d766f1550a7aedfe83faedbc4bdae83fa560d62df17eb914d05fdaa48940551bac81d700f5fca7147295e386e8120d66742ec65c6ee8d89a92217a0f6266d0ddc60bb20ef679ae8299c8502c2f":"6bc1379d156559ddee2ed420ea5d5c5ff3e454a1059b7ba72c350e77b6e9333c"
+
+generic multi step HMAC-SHA-512 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA512_C
+md_hmac_multi:MBEDTLS_MD_SHA512:32:"3b10b8fa718840d1dea8e9fc317476bcf55875fd":"f04f5b7073d7d0274e8354433b390306c5607632f5f589c12edb62d55673aff2366d2e6b24de731adf92e654baa30b1cfd4a069788f65ec1b99b015d904d8832110dbd74eae35a81562d14ce4136d820ad0a55ff5489ba678fbbc1c27663ec1349d70e740f0e0ec27cfbe8971819f4789e486b50a2d7271d77e2aaea50de62fd":"fc3c38c7a17e3ce06db033f1c172866f01a00045db55f2e234f71c82264f2ba2"
+
+generic multi step HMAC-SHA-512 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA512_C
+md_hmac_multi:MBEDTLS_MD_SHA512:32:"4803d311394600dc1e0d8fc8cedeb8bde3fe7c42":"a10c125dd702a97153ad923ba5e9889cfac1ba169de370debe51f233735aa6effcc9785c4b5c7e48c477dc5c411ae6a959118584e26adc94b42c2b29b046f3cf01c65b24a24bd2e620bdf650a23bb4a72655b1100d7ce9a4dab697c6379754b4396c825de4b9eb73f2e6a6c0d0353bbdeaf706612800e137b858fdb30f3311c6":"7cd8236c55102e6385f52279506df6fcc388ab75092da21395ce14a82b202ffa"
+
+generic multi step HMAC-SHA-512 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA512_C
+md_hmac_multi:MBEDTLS_MD_SHA512:48:"aeb2f3b977fa6c8e71e07c5a5c74ff58166de092":"22457355dc76095abd46846b41cfe49a06ce42ac8857b4702fc771508dfb3626e0bfe851df897a07b36811ec433766e4b4166c26301b3493e7440d4554b0ef6ac20f1a530e58fac8aeba4e9ff2d4898d8a28783b49cd269c2965fd7f8e4f2d60cf1e5284f2495145b72382aad90e153a90ecae125ad75336fb128825c23fb8b0":"fa39bd8fcc3bfa218f9dea5d3b2ce10a7619e31678a56d8a9d927b1fe703b125af445debe9a89a07db6194d27b44d85a"
+
+generic multi step HMAC-SHA-512 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA512_C
+md_hmac_multi:MBEDTLS_MD_SHA512:48:"4285d3d7744da52775bb44ca436a3154f7980309":"208f0b6f2de2e5aa5df11927ddc6df485edc1193181c484d0f0a434a95418803101d4de9fdb798f93516a6916fa38a8207de1666fe50fe3441c03b112eaaae6954ed063f7ac4e3c1e3f73b20d153fe9e4857f5e91430f0a70ee820529adac2467469fd18adf10e2af0fea27c0abc83c5a9af77c364a466cffce8bab4e2b70bc1":"fe7603f205b2774fe0f14ecfa3e338e90608a806d11ca459dff5ce36b1b264ecd3af5f0492a7521d8da3102ba20927a5"
+
+generic multi step HMAC-SHA-512 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA512_C
+md_hmac_multi:MBEDTLS_MD_SHA512:48:"8ab783d5acf32efa0d9c0a21abce955e96630d89":"17371e013dce839963d54418e97be4bd9fa3cb2a368a5220f5aa1b8aaddfa3bdefc91afe7c717244fd2fb640f5cb9d9bf3e25f7f0c8bc758883b89dcdce6d749d9672fed222277ece3e84b3ec01b96f70c125fcb3cbee6d19b8ef0873f915f173bdb05d81629ba187cc8ac1934b2f75952fb7616ae6bd812946df694bd2763af":"9ac7ca8d1aefc166b046e4cf7602ebe181a0e5055474bff5b342106731da0d7e48e4d87bc0a6f05871574289a1b099f8"
+
+generic SHA-1 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA1_C
+md_hex:MBEDTLS_MD_SHA1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
+
+generic SHA-1 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA1_C
+md_hex:MBEDTLS_MD_SHA1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15"
+
+generic SHA-1 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA1_C
+md_hex:MBEDTLS_MD_SHA1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024"
+
+generic SHA-1 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA1_C
+md_hex:MBEDTLS_MD_SHA1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619"
+
+generic SHA-1 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA1_C
+md_hex:MBEDTLS_MD_SHA1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253"
+
+generic SHA-1 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA1_C
+md_hex:MBEDTLS_MD_SHA1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93"
+
+generic SHA-1 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA1_C
+md_hex:MBEDTLS_MD_SHA1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217"
+
+generic SHA-1 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA1_C
+md_hex:MBEDTLS_MD_SHA1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19"
+
+generic SHA-1 Test Vector NIST CAVS #9
+depends_on:MBEDTLS_SHA1_C
+md_hex:MBEDTLS_MD_SHA1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45"
+
+generic SHA-1 Test Vector NIST CAVS #10
+depends_on:MBEDTLS_SHA1_C
+md_hex:MBEDTLS_MD_SHA1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af"
+
+generic SHA-224 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA256_C
+md_hex:MBEDTLS_MD_SHA224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
+
+generic SHA-224 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA256_C
+md_hex:MBEDTLS_MD_SHA224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5"
+
+generic SHA-224 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA256_C
+md_hex:MBEDTLS_MD_SHA224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e"
+
+generic SHA-224 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA256_C
+md_hex:MBEDTLS_MD_SHA224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
+
+generic SHA-224 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA256_C
+md_hex:MBEDTLS_MD_SHA224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d"
+
+generic SHA-224 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA256_C
+md_hex:MBEDTLS_MD_SHA224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713"
+
+generic SHA-224 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA256_C
+md_hex:MBEDTLS_MD_SHA224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe"
+
+generic SHA-256 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA256_C
+md_hex:MBEDTLS_MD_SHA256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
+
+generic SHA-256 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA256_C
+md_hex:MBEDTLS_MD_SHA256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
+
+generic SHA-256 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA256_C
+md_hex:MBEDTLS_MD_SHA256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788"
+
+generic SHA-256 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA256_C
+md_hex:MBEDTLS_MD_SHA256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803"
+
+generic SHA-256 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA256_C
+md_hex:MBEDTLS_MD_SHA256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504"
+
+generic SHA-256 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA256_C
+md_hex:MBEDTLS_MD_SHA256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605"
+
+generic SHA-256 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA256_C
+md_hex:MBEDTLS_MD_SHA256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e"
+
+generic SHA-384 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hex:MBEDTLS_MD_SHA384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b"
+
+generic SHA-384 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hex:MBEDTLS_MD_SHA384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d"
+
+generic SHA-384 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hex:MBEDTLS_MD_SHA384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc"
+
+generic SHA-384 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hex:MBEDTLS_MD_SHA384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955"
+
+generic SHA-384 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hex:MBEDTLS_MD_SHA384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a"
+
+generic SHA-384 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hex:MBEDTLS_MD_SHA384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649"
+
+generic SHA-384 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hex:MBEDTLS_MD_SHA384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980"
+
+generic SHA-384 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hex:MBEDTLS_MD_SHA384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e"
+
+generic SHA-512 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA512_C
+md_hex:MBEDTLS_MD_SHA512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"
+
+generic SHA-512 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA512_C
+md_hex:MBEDTLS_MD_SHA512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a"
+
+generic SHA-512 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA512_C
+md_hex:MBEDTLS_MD_SHA512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231"
+
+generic SHA-512 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA512_C
+md_hex:MBEDTLS_MD_SHA512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
+
+generic SHA-512 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA512_C
+md_hex:MBEDTLS_MD_SHA512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f"
+
+generic SHA-512 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA512_C
+md_hex:MBEDTLS_MD_SHA512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297"
+
+generic SHA-512 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA512_C
+md_hex:MBEDTLS_MD_SHA512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94"
+
+generic SHA-512 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA512_C
+md_hex:MBEDTLS_MD_SHA512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
+
+generic multi step SHA-1 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA1_C
+md_hex_multi:MBEDTLS_MD_SHA1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
+
+generic multi step SHA-1 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA1_C
+md_hex_multi:MBEDTLS_MD_SHA1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15"
+
+generic multi step SHA-1 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA1_C
+md_hex_multi:MBEDTLS_MD_SHA1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024"
+
+generic multi step SHA-1 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA1_C
+md_hex_multi:MBEDTLS_MD_SHA1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619"
+
+generic multi step SHA-1 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA1_C
+md_hex_multi:MBEDTLS_MD_SHA1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253"
+
+generic multi step SHA-1 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA1_C
+md_hex_multi:MBEDTLS_MD_SHA1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93"
+
+generic multi step SHA-1 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA1_C
+md_hex_multi:MBEDTLS_MD_SHA1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217"
+
+generic multi step SHA-1 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA1_C
+md_hex_multi:MBEDTLS_MD_SHA1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19"
+
+generic multi step SHA-1 Test Vector NIST CAVS #9
+depends_on:MBEDTLS_SHA1_C
+md_hex_multi:MBEDTLS_MD_SHA1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45"
+
+generic multi step SHA-1 Test Vector NIST CAVS #10
+depends_on:MBEDTLS_SHA1_C
+md_hex_multi:MBEDTLS_MD_SHA1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af"
+
+generic multi step SHA-224 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA256_C
+md_hex_multi:MBEDTLS_MD_SHA224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
+
+generic multi step SHA-224 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA256_C
+md_hex_multi:MBEDTLS_MD_SHA224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5"
+
+generic multi step SHA-224 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA256_C
+md_hex_multi:MBEDTLS_MD_SHA224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e"
+
+generic multi step SHA-224 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA256_C
+md_hex_multi:MBEDTLS_MD_SHA224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
+
+generic multi step SHA-224 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA256_C
+md_hex_multi:MBEDTLS_MD_SHA224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d"
+
+generic multi step SHA-224 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA256_C
+md_hex_multi:MBEDTLS_MD_SHA224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713"
+
+generic multi step SHA-224 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA256_C
+md_hex_multi:MBEDTLS_MD_SHA224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe"
+
+generic multi step SHA-256 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA256_C
+md_hex_multi:MBEDTLS_MD_SHA256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
+
+generic multi step SHA-256 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA256_C
+md_hex_multi:MBEDTLS_MD_SHA256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
+
+generic multi step SHA-256 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA256_C
+md_hex_multi:MBEDTLS_MD_SHA256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788"
+
+generic multi step SHA-256 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA256_C
+md_hex_multi:MBEDTLS_MD_SHA256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803"
+
+generic multi step SHA-256 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA256_C
+md_hex_multi:MBEDTLS_MD_SHA256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504"
+
+generic multi step SHA-256 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA256_C
+md_hex_multi:MBEDTLS_MD_SHA256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605"
+
+generic multi step SHA-256 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA256_C
+md_hex_multi:MBEDTLS_MD_SHA256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e"
+
+generic multi step SHA-384 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hex_multi:MBEDTLS_MD_SHA384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b"
+
+generic multi step SHA-384 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hex_multi:MBEDTLS_MD_SHA384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d"
+
+generic multi step SHA-384 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hex_multi:MBEDTLS_MD_SHA384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc"
+
+generic multi step SHA-384 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hex_multi:MBEDTLS_MD_SHA384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955"
+
+generic multi step SHA-384 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hex_multi:MBEDTLS_MD_SHA384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a"
+
+generic multi step SHA-384 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hex_multi:MBEDTLS_MD_SHA384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649"
+
+generic multi step SHA-384 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hex_multi:MBEDTLS_MD_SHA384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980"
+
+generic multi step SHA-384 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+md_hex_multi:MBEDTLS_MD_SHA384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e"
+
+generic multi step SHA-512 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA512_C
+md_hex_multi:MBEDTLS_MD_SHA512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"
+
+generic multi step SHA-512 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA512_C
+md_hex_multi:MBEDTLS_MD_SHA512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a"
+
+generic multi step SHA-512 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA512_C
+md_hex_multi:MBEDTLS_MD_SHA512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231"
+
+generic multi step SHA-512 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA512_C
+md_hex_multi:MBEDTLS_MD_SHA512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
+
+generic multi step SHA-512 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA512_C
+md_hex_multi:MBEDTLS_MD_SHA512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f"
+
+generic multi step SHA-512 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA512_C
+md_hex_multi:MBEDTLS_MD_SHA512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297"
+
+generic multi step SHA-512 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA512_C
+md_hex_multi:MBEDTLS_MD_SHA512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94"
+
+generic multi step SHA-512 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA512_C
+md_hex_multi:MBEDTLS_MD_SHA512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
+
+generic SHA1 Hash file #1
+depends_on:MBEDTLS_SHA1_C
+mbedtls_md_file:MBEDTLS_MD_SHA1:"data_files/hash_file_1":"d21c965b1e768bd7a6aa6869f5f821901d255f9f"
+
+generic SHA1 Hash file #2
+depends_on:MBEDTLS_SHA1_C
+mbedtls_md_file:MBEDTLS_MD_SHA1:"data_files/hash_file_2":"353f34271f2aef49d23a8913d4a6bd82b2cecdc6"
+
+generic SHA1 Hash file #3
+depends_on:MBEDTLS_SHA1_C
+mbedtls_md_file:MBEDTLS_MD_SHA1:"data_files/hash_file_3":"93640ed592076328096270c756db2fba9c486b35"
+
+generic SHA1 Hash file #4
+depends_on:MBEDTLS_SHA1_C
+mbedtls_md_file:MBEDTLS_MD_SHA1:"data_files/hash_file_4":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
+
+generic SHA-224 Hash file #1
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_file:MBEDTLS_MD_SHA224:"data_files/hash_file_1":"8606da018870f0c16834a21bc3385704cb1683b9dbab04c5ddb90a48"
+
+generic SHA-224 Hash file #2
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_file:MBEDTLS_MD_SHA224:"data_files/hash_file_2":"733b2ab97b6f63f2e29b9a2089756d81e14c93fe4cc9615c0d5e8a03"
+
+generic SHA-224 Hash file #3
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_file:MBEDTLS_MD_SHA224:"data_files/hash_file_3":"e1df95867580e2cc2100e9565bf9c2e42c24fe5250c19efe33d1c4fe"
+
+generic SHA-224 Hash file #4
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_file:MBEDTLS_MD_SHA224:"data_files/hash_file_4":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
+
+generic SHA-256 Hash file #1
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_file:MBEDTLS_MD_SHA256:"data_files/hash_file_1":"975d0c620d3936886f8a3665e585a3e84aa0501f4225bf53029710242823e391"
+
+generic SHA-256 Hash file #2
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_file:MBEDTLS_MD_SHA256:"data_files/hash_file_2":"11fcbf1baa36ca45745f10cc5467aee86f066f80ba2c46806d876bf783022ad2"
+
+generic SHA-256 Hash file #3
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_file:MBEDTLS_MD_SHA256:"data_files/hash_file_3":"9ae4b369f9f4f03b86505b46a5469542e00aaff7cf7417a71af6d6d0aba3b70c"
+
+generic SHA-256 Hash file #4
+depends_on:MBEDTLS_SHA256_C
+mbedtls_md_file:MBEDTLS_MD_SHA256:"data_files/hash_file_4":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
+
+generic SHA-384 Hash file #1
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+mbedtls_md_file:MBEDTLS_MD_SHA384:"data_files/hash_file_1":"e0a3e6259d6378001b54ef82f5dd087009c5fad86d8db226a9fe1d14ecbe33a6fc916e3a4b16f5f286424de15d5a8e0e"
+
+generic SHA-384 Hash file #2
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+mbedtls_md_file:MBEDTLS_MD_SHA384:"data_files/hash_file_2":"eff727afc8495c92e2f370f97a317f93c3350324b0646b0f0e264708b3c97d3d332d3c5390e1e47130f5c92f1ef4b9cf"
+
+generic SHA-384 Hash file #3
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+mbedtls_md_file:MBEDTLS_MD_SHA384:"data_files/hash_file_3":"6fc10ebda96a1ccf61777cac72f6034f92533d42052a4bf9f9d929c672973c71e5aeb1213268043c21527ac0f7f349c4"
+
+generic SHA-384 Hash file #4
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+mbedtls_md_file:MBEDTLS_MD_SHA384:"data_files/hash_file_4":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b"
+
+generic SHA-512 Hash file #1
+depends_on:MBEDTLS_SHA512_C
+mbedtls_md_file:MBEDTLS_MD_SHA512:"data_files/hash_file_1":"d8207a2e1ff2b424f2c4163fe1b723c9bd42e464061eb411e8df730bcd24a7ab3956a6f3ff044a52eb2d262f9e4ca6b524092b544ab78f14d6f9c4cc8ddf335a"
+
+generic SHA-512 Hash file #2
+depends_on:MBEDTLS_SHA512_C
+mbedtls_md_file:MBEDTLS_MD_SHA512:"data_files/hash_file_2":"ecbb7f0ed8a702b49f16ad3088bcc06ea93451912a7187db15f64d93517b09630b039293aed418d4a00695777b758b1f381548c2fd7b92ce5ed996b32c8734e7"
+
+generic SHA-512 Hash file #3
+depends_on:MBEDTLS_SHA512_C
+mbedtls_md_file:MBEDTLS_MD_SHA512:"data_files/hash_file_3":"7ccc9b2da71ffde9966c3ce44d7f20945fccf33b1fade4da152b021f1afcc7293382944aa6c09eac67af25f22026758e2bf6bed86ae2a43592677ee50f8eea41"
+
+generic SHA-512 Hash file #4
+depends_on:MBEDTLS_SHA512_C
+mbedtls_md_file:MBEDTLS_MD_SHA512:"data_files/hash_file_4":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_md.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_md.function
new file mode 100644
index 0000000..308eaa1
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_md.function
@@ -0,0 +1,319 @@
+/* BEGIN_HEADER */
+#include "mbedtls/md.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_MD_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void mbedtls_md_process()
+{
+    const int *md_type_ptr;
+    const mbedtls_md_info_t *info;
+    mbedtls_md_context_t ctx;
+    unsigned char buf[150];
+
+    mbedtls_md_init(&ctx);
+    memset(buf, 0, sizeof(buf));
+
+    /*
+     * Very minimal testing of mbedtls_md_process, just make sure the various
+     * xxx_process_wrap() function pointers are valid. (Testing that they
+     * indeed do the right thing would require messing with the internal
+     * state of the underlying mbedtls_md/sha context.)
+     *
+     * Also tests that mbedtls_md_list() only returns valid MDs.
+     */
+    for (md_type_ptr = mbedtls_md_list(); *md_type_ptr != 0; md_type_ptr++) {
+        info = mbedtls_md_info_from_type(*md_type_ptr);
+        TEST_ASSERT(info != NULL);
+        TEST_EQUAL(0, mbedtls_md_setup(&ctx, info, 0));
+        TEST_EQUAL(0, mbedtls_md_starts(&ctx));
+        TEST_EQUAL(0, mbedtls_md_process(&ctx, buf));
+        mbedtls_md_free(&ctx);
+    }
+
+exit:
+    mbedtls_md_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void md_null_args()
+{
+    mbedtls_md_context_t ctx;
+    const mbedtls_md_info_t *info = mbedtls_md_info_from_type(*(mbedtls_md_list()));
+    unsigned char buf[1] = { 0 };
+
+    mbedtls_md_init(&ctx);
+
+    TEST_EQUAL(0, mbedtls_md_get_size(NULL));
+    TEST_EQUAL(mbedtls_md_get_type(NULL), MBEDTLS_MD_NONE);
+    TEST_ASSERT(mbedtls_md_get_name(NULL) == NULL);
+
+    TEST_ASSERT(mbedtls_md_info_from_string(NULL) == NULL);
+
+    TEST_EQUAL(mbedtls_md_setup(&ctx, NULL, 0), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+    TEST_EQUAL(mbedtls_md_setup(NULL, info, 0), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+
+    TEST_EQUAL(mbedtls_md_starts(NULL), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+    TEST_EQUAL(mbedtls_md_starts(&ctx), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+
+    TEST_EQUAL(mbedtls_md_update(NULL, buf, 1), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+    TEST_EQUAL(mbedtls_md_update(&ctx, buf, 1), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+
+    TEST_EQUAL(mbedtls_md_finish(NULL, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+    TEST_EQUAL(mbedtls_md_finish(&ctx, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+
+    TEST_EQUAL(mbedtls_md(NULL, buf, 1, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+
+#if defined(MBEDTLS_FS_IO)
+    TEST_EQUAL(mbedtls_md_file(NULL, "", buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+#endif
+
+    TEST_EQUAL(mbedtls_md_hmac_starts(NULL, buf, 1),
+               MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+    TEST_EQUAL(mbedtls_md_hmac_starts(&ctx, buf, 1),
+               MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+
+    TEST_EQUAL(mbedtls_md_hmac_update(NULL, buf, 1),
+               MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+    TEST_EQUAL(mbedtls_md_hmac_update(&ctx, buf, 1),
+               MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+
+    TEST_EQUAL(mbedtls_md_hmac_finish(NULL, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+    TEST_EQUAL(mbedtls_md_hmac_finish(&ctx, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+
+    TEST_EQUAL(mbedtls_md_hmac_reset(NULL), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+    TEST_EQUAL(mbedtls_md_hmac_reset(&ctx), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+
+    TEST_EQUAL(mbedtls_md_hmac(NULL, buf, 1, buf, 1, buf),
+               MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+
+    TEST_EQUAL(mbedtls_md_process(NULL, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+    TEST_EQUAL(mbedtls_md_process(&ctx, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA);
+
+    /* Ok, this is not NULL arg but NULL return... */
+    TEST_ASSERT(mbedtls_md_info_from_type(MBEDTLS_MD_NONE) == NULL);
+    TEST_ASSERT(mbedtls_md_info_from_string("no such md") == NULL);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void md_info(int md_type, char *md_name, int md_size)
+{
+    const mbedtls_md_info_t *md_info;
+    const int *md_type_ptr;
+    int found;
+
+    md_info = mbedtls_md_info_from_type(md_type);
+    TEST_ASSERT(md_info != NULL);
+    TEST_ASSERT(md_info == mbedtls_md_info_from_string(md_name));
+
+    TEST_EQUAL(mbedtls_md_get_type(md_info), (mbedtls_md_type_t) md_type);
+    TEST_EQUAL(mbedtls_md_get_size(md_info), (unsigned char) md_size);
+    TEST_EQUAL(0, strcmp(mbedtls_md_get_name(md_info), md_name));
+
+    found = 0;
+    for (md_type_ptr = mbedtls_md_list(); *md_type_ptr != 0; md_type_ptr++) {
+        if (*md_type_ptr == md_type) {
+            found = 1;
+        }
+    }
+    TEST_EQUAL(found, 1);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void md_text(int md_type, char *text_src_string, data_t *hash)
+{
+    unsigned char *src = (unsigned char *) text_src_string;
+    size_t src_len = strlen(text_src_string);
+    unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 };
+    const mbedtls_md_info_t *md_info = NULL;
+
+    md_info = mbedtls_md_info_from_type(md_type);
+    TEST_ASSERT(md_info != NULL);
+
+    TEST_EQUAL(0, mbedtls_md(md_info, src, src_len, output));
+
+    TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void md_hex(int md_type, data_t *src_str, data_t *hash)
+{
+    unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 };
+    const mbedtls_md_info_t *md_info = NULL;
+
+    md_info = mbedtls_md_info_from_type(md_type);
+    TEST_ASSERT(md_info != NULL);
+
+    TEST_EQUAL(0, mbedtls_md(md_info, src_str->x, src_str->len, output));
+
+
+    TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void md_text_multi(int md_type, char *text_src_string,
+                   data_t *hash)
+{
+    unsigned char *src = (unsigned char *) text_src_string;
+    size_t src_len = strlen(text_src_string);
+    unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 };
+    size_t halfway;
+
+    const mbedtls_md_info_t *md_info = NULL;
+    mbedtls_md_context_t ctx, ctx_copy;
+
+    mbedtls_md_init(&ctx);
+    mbedtls_md_init(&ctx_copy);
+
+    halfway = src_len / 2;
+
+    md_info = mbedtls_md_info_from_type(md_type);
+    TEST_ASSERT(md_info != NULL);
+    TEST_EQUAL(0, mbedtls_md_setup(&ctx, md_info, 0));
+    TEST_EQUAL(0, mbedtls_md_setup(&ctx_copy, md_info, 0));
+
+    TEST_EQUAL(0, mbedtls_md_starts(&ctx));
+    TEST_ASSERT(ctx.md_ctx != NULL);
+    TEST_EQUAL(0, mbedtls_md_update(&ctx, src, halfway));
+    TEST_EQUAL(0, mbedtls_md_clone(&ctx_copy, &ctx));
+
+    TEST_EQUAL(0, mbedtls_md_update(&ctx, src + halfway, src_len - halfway));
+    TEST_EQUAL(0, mbedtls_md_finish(&ctx, output));
+    TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len);
+
+    /* Test clone */
+    memset(output, 0x00, sizeof(output));
+
+    TEST_EQUAL(0, mbedtls_md_update(&ctx_copy, src + halfway, src_len - halfway));
+    TEST_EQUAL(0, mbedtls_md_finish(&ctx_copy, output));
+    TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len);
+
+exit:
+    mbedtls_md_free(&ctx);
+    mbedtls_md_free(&ctx_copy);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void md_hex_multi(int md_type, data_t *src_str, data_t *hash)
+{
+    unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 };
+    const mbedtls_md_info_t *md_info = NULL;
+    mbedtls_md_context_t ctx, ctx_copy;
+    int halfway;
+
+    mbedtls_md_init(&ctx);
+    mbedtls_md_init(&ctx_copy);
+
+    md_info = mbedtls_md_info_from_type(md_type);
+    TEST_ASSERT(md_info != NULL);
+    TEST_EQUAL(0, mbedtls_md_setup(&ctx, md_info, 0));
+    TEST_EQUAL(0, mbedtls_md_setup(&ctx_copy, md_info, 0));
+
+    halfway = src_str->len / 2;
+
+    TEST_EQUAL(0, mbedtls_md_starts(&ctx));
+    TEST_ASSERT(ctx.md_ctx != NULL);
+    TEST_EQUAL(0, mbedtls_md_update(&ctx, src_str->x, halfway));
+    TEST_EQUAL(0, mbedtls_md_clone(&ctx_copy, &ctx));
+
+    TEST_EQUAL(0, mbedtls_md_update(&ctx, src_str->x + halfway, src_str->len - halfway));
+    TEST_EQUAL(0, mbedtls_md_finish(&ctx, output));
+    TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len);
+
+    /* Test clone */
+    memset(output, 0x00, sizeof(output));
+
+    TEST_EQUAL(0, mbedtls_md_update(&ctx_copy, src_str->x + halfway, src_str->len - halfway));
+    TEST_EQUAL(0, mbedtls_md_finish(&ctx_copy, output));
+    TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len);
+
+exit:
+    mbedtls_md_free(&ctx);
+    mbedtls_md_free(&ctx_copy);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_md_hmac(int md_type, int trunc_size,
+                     data_t *key_str, data_t *src_str,
+                     data_t *hash)
+{
+    unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 };
+    const mbedtls_md_info_t *md_info = NULL;
+
+    md_info = mbedtls_md_info_from_type(md_type);
+    TEST_ASSERT(md_info != NULL);
+
+
+    TEST_EQUAL(0, mbedtls_md_hmac(md_info, key_str->x, key_str->len,
+                                  src_str->x, src_str->len, output));
+
+    TEST_MEMORY_COMPARE(output, trunc_size, hash->x, hash->len);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void md_hmac_multi(int md_type, int trunc_size, data_t *key_str,
+                   data_t *src_str, data_t *hash)
+{
+    unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 };
+    const mbedtls_md_info_t *md_info = NULL;
+    mbedtls_md_context_t ctx;
+    int halfway;
+
+    mbedtls_md_init(&ctx);
+
+    md_info = mbedtls_md_info_from_type(md_type);
+    TEST_ASSERT(md_info != NULL);
+    TEST_EQUAL(0, mbedtls_md_setup(&ctx, md_info, 1));
+
+    halfway = src_str->len / 2;
+
+    TEST_EQUAL(0, mbedtls_md_hmac_starts(&ctx, key_str->x, key_str->len));
+    TEST_ASSERT(ctx.md_ctx != NULL);
+    TEST_EQUAL(0, mbedtls_md_hmac_update(&ctx, src_str->x, halfway));
+    TEST_EQUAL(0, mbedtls_md_hmac_update(&ctx, src_str->x + halfway, src_str->len - halfway));
+    TEST_EQUAL(0, mbedtls_md_hmac_finish(&ctx, output));
+
+    TEST_MEMORY_COMPARE(output, trunc_size, hash->x, hash->len);
+
+    /* Test again, for reset() */
+    memset(output, 0x00, sizeof(output));
+
+    TEST_EQUAL(0, mbedtls_md_hmac_reset(&ctx));
+    TEST_EQUAL(0, mbedtls_md_hmac_update(&ctx, src_str->x, halfway));
+    TEST_EQUAL(0, mbedtls_md_hmac_update(&ctx, src_str->x + halfway, src_str->len - halfway));
+    TEST_EQUAL(0, mbedtls_md_hmac_finish(&ctx, output));
+
+    TEST_MEMORY_COMPARE(output, trunc_size, hash->x, hash->len);
+
+exit:
+    mbedtls_md_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
+void mbedtls_md_file(int md_type, char *filename,
+                     data_t *hash)
+{
+    unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 };
+    const mbedtls_md_info_t *md_info = NULL;
+
+    md_info = mbedtls_md_info_from_type(md_type);
+    TEST_ASSERT(md_info != NULL);
+
+    TEST_EQUAL(0, mbedtls_md_file(md_info, filename, output));
+
+    TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_mdx.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_mdx.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_mdx.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_mdx.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_mdx.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_mdx.function
new file mode 100644
index 0000000..5e950a1
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_mdx.function
@@ -0,0 +1,114 @@
+/* BEGIN_HEADER */
+#include "mbedtls/md2.h"
+#include "mbedtls/md4.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/ripemd160.h"
+/* END_HEADER */
+
+/* BEGIN_CASE depends_on:MBEDTLS_MD2_C */
+void md2_text(char *text_src_string, data_t *hash)
+{
+    int ret;
+    unsigned char src_str[100];
+    unsigned char output[16];
+
+    memset(src_str, 0x00, sizeof(src_str));
+    memset(output, 0x00, sizeof(output));
+
+    strncpy((char *) src_str, text_src_string, sizeof(src_str) - 1);
+
+    ret = mbedtls_md2_ret(src_str, strlen((char *) src_str), output);
+    TEST_ASSERT(ret == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x,
+                                    sizeof(output), hash->len) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_MD4_C */
+void md4_text(char *text_src_string, data_t *hash)
+{
+    int ret;
+    unsigned char src_str[100];
+    unsigned char output[16];
+
+    memset(src_str, 0x00, sizeof(src_str));
+    memset(output, 0x00, sizeof(output));
+
+    strncpy((char *) src_str, text_src_string, sizeof(src_str) - 1);
+
+    ret = mbedtls_md4_ret(src_str, strlen((char *) src_str), output);
+    TEST_ASSERT(ret == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x,
+                                    sizeof(output), hash->len) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_MD5_C */
+void md5_text(char *text_src_string, data_t *hash)
+{
+    int ret;
+    unsigned char src_str[100];
+    unsigned char output[16];
+
+    memset(src_str, 0x00, sizeof(src_str));
+    memset(output, 0x00, sizeof(output));
+
+    strncpy((char *) src_str, text_src_string, sizeof(src_str) - 1);
+
+    ret = mbedtls_md5_ret(src_str, strlen((char *) src_str), output);
+    TEST_ASSERT(ret == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x,
+                                    sizeof(output), hash->len) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_RIPEMD160_C */
+void ripemd160_text(char *text_src_string, data_t *hash)
+{
+    int ret;
+    unsigned char src_str[100];
+    unsigned char output[20];
+
+    memset(src_str, 0x00, sizeof(src_str));
+    memset(output, 0x00, sizeof(output));
+
+    strncpy((char *) src_str, text_src_string, sizeof(src_str) - 1);
+
+    ret = mbedtls_ripemd160_ret(src_str, strlen((char *) src_str), output);
+    TEST_ASSERT(ret == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x,
+                                    sizeof(output), hash->len) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_MD2_C:MBEDTLS_SELF_TEST */
+void md2_selftest()
+{
+    TEST_ASSERT(mbedtls_md2_self_test(1) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_MD4_C:MBEDTLS_SELF_TEST */
+void md4_selftest()
+{
+    TEST_ASSERT(mbedtls_md4_self_test(1) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_MD5_C:MBEDTLS_SELF_TEST */
+void md5_selftest()
+{
+    TEST_ASSERT(mbedtls_md5_self_test(1) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_RIPEMD160_C:MBEDTLS_SELF_TEST */
+void ripemd160_selftest()
+{
+    TEST_ASSERT(mbedtls_ripemd160_self_test(1) == 0);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_memory_buffer_alloc.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_memory_buffer_alloc.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_memory_buffer_alloc.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_memory_buffer_alloc.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_memory_buffer_alloc.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_memory_buffer_alloc.function
new file mode 100644
index 0000000..2b81097
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_memory_buffer_alloc.function
@@ -0,0 +1,264 @@
+/* BEGIN_HEADER */
+#include "mbedtls/memory_buffer_alloc.h"
+#define TEST_SUITE_MEMORY_BUFFER_ALLOC
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_MEMORY_BUFFER_ALLOC_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_SUITE_HELPERS */
+static int check_pointer(void *p)
+{
+    if (p == NULL) {
+        return -1;
+    }
+
+    if ((size_t) p % MBEDTLS_MEMORY_ALIGN_MULTIPLE != 0) {
+        return -1;
+    }
+
+    return 0;
+}
+/* END_SUITE_HELPERS */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void mbedtls_memory_buffer_alloc_self_test()
+{
+    TEST_ASSERT(mbedtls_memory_buffer_alloc_self_test(1) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void memory_buffer_alloc_free_alloc(int a_bytes, int b_bytes, int c_bytes,
+                                    int d_bytes, int free_a, int free_b,
+                                    int free_c, int free_d, int e_bytes,
+                                    int f_bytes)
+{
+    unsigned char buf[1024];
+    unsigned char *ptr_a = NULL, *ptr_b = NULL, *ptr_c = NULL, *ptr_d = NULL,
+                  *ptr_e = NULL, *ptr_f = NULL;
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    size_t reported_blocks;
+    size_t reported_bytes;
+#endif
+    size_t allocated_bytes = 0;
+
+    mbedtls_memory_buffer_alloc_init(buf, sizeof(buf));
+
+    mbedtls_memory_buffer_set_verify(MBEDTLS_MEMORY_VERIFY_ALWAYS);
+
+    if (a_bytes > 0) {
+        ptr_a = mbedtls_calloc(a_bytes, sizeof(char));
+        TEST_ASSERT(check_pointer(ptr_a) == 0);
+
+        allocated_bytes += a_bytes * sizeof(char);
+    }
+
+    if (b_bytes > 0) {
+        ptr_b = mbedtls_calloc(b_bytes, sizeof(char));
+        TEST_ASSERT(check_pointer(ptr_b) == 0);
+
+        allocated_bytes += b_bytes * sizeof(char);
+    }
+
+    if (c_bytes > 0) {
+        ptr_c = mbedtls_calloc(c_bytes, sizeof(char));
+        TEST_ASSERT(check_pointer(ptr_c) == 0);
+
+        allocated_bytes += c_bytes * sizeof(char);
+    }
+
+    if (d_bytes > 0) {
+        ptr_d = mbedtls_calloc(d_bytes, sizeof(char));
+        TEST_ASSERT(check_pointer(ptr_d) == 0);
+
+        allocated_bytes += d_bytes * sizeof(char);
+    }
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    mbedtls_memory_buffer_alloc_cur_get(&reported_bytes, &reported_blocks);
+    TEST_ASSERT(reported_bytes == allocated_bytes);
+#endif
+
+    if (free_a) {
+        mbedtls_free(ptr_a);
+        ptr_a = NULL;
+        TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0);
+
+        allocated_bytes -= a_bytes * sizeof(char);
+    }
+
+    if (free_b) {
+        mbedtls_free(ptr_b);
+        ptr_b = NULL;
+        TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0);
+
+        allocated_bytes -= b_bytes * sizeof(char);
+    }
+
+    if (free_c) {
+        mbedtls_free(ptr_c);
+        ptr_c = NULL;
+        TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0);
+
+        allocated_bytes -= c_bytes * sizeof(char);
+    }
+
+    if (free_d) {
+        mbedtls_free(ptr_d);
+        ptr_d = NULL;
+        TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0);
+
+        allocated_bytes -= d_bytes * sizeof(char);
+    }
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    mbedtls_memory_buffer_alloc_cur_get(&reported_bytes, &reported_blocks);
+    TEST_ASSERT(reported_bytes == allocated_bytes);
+#endif
+
+    if (e_bytes > 0) {
+        ptr_e = mbedtls_calloc(e_bytes, sizeof(char));
+        TEST_ASSERT(check_pointer(ptr_e) == 0);
+    }
+
+    if (f_bytes > 0) {
+        ptr_f = mbedtls_calloc(f_bytes, sizeof(char));
+        TEST_ASSERT(check_pointer(ptr_f) == 0);
+    }
+
+    /* Once blocks are reallocated, the block allocated to the memory request
+     * may be bigger than the request itself, which is indicated by the reported
+     * bytes, and makes it hard to know what the reported size will be, so
+     * we don't check the size after blocks have been reallocated. */
+
+    if (ptr_a != NULL) {
+        mbedtls_free(ptr_a);
+        ptr_a = NULL;
+        TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0);
+    }
+
+    if (ptr_b != NULL) {
+        mbedtls_free(ptr_b);
+        ptr_b = NULL;
+        TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0);
+    }
+
+    if (ptr_c != NULL) {
+        mbedtls_free(ptr_c);
+        ptr_c = NULL;
+        TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0);
+    }
+
+    if (ptr_d != NULL) {
+        mbedtls_free(ptr_d);
+        ptr_d = NULL;
+        TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0);
+    }
+
+    if (ptr_e != NULL) {
+        mbedtls_free(ptr_e);
+        ptr_e = NULL;
+        TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0);
+    }
+
+    if (ptr_f != NULL) {
+        mbedtls_free(ptr_f);
+        ptr_f = NULL;
+    }
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    mbedtls_memory_buffer_alloc_cur_get(&reported_bytes, &reported_blocks);
+    TEST_ASSERT(reported_bytes == 0);
+#endif
+
+    TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0);
+
+exit:
+    mbedtls_memory_buffer_alloc_free();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void memory_buffer_alloc_oom_test()
+{
+    unsigned char buf[1024];
+    unsigned char *ptr_a = NULL, *ptr_b = NULL, *ptr_c = NULL;
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    size_t reported_blocks, reported_bytes;
+#endif
+
+    (void) ptr_c;
+
+    mbedtls_memory_buffer_alloc_init(buf, sizeof(buf));
+
+    mbedtls_memory_buffer_set_verify(MBEDTLS_MEMORY_VERIFY_ALWAYS);
+
+    ptr_a = mbedtls_calloc(432, sizeof(char));
+    TEST_ASSERT(check_pointer(ptr_a) == 0);
+
+    ptr_b = mbedtls_calloc(432, sizeof(char));
+    TEST_ASSERT(check_pointer(ptr_b) == 0);
+
+    ptr_c = mbedtls_calloc(431, sizeof(char));
+    TEST_ASSERT(ptr_c == NULL);
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    mbedtls_memory_buffer_alloc_cur_get(&reported_bytes, &reported_blocks);
+    TEST_ASSERT(reported_bytes >= 864 && reported_bytes <= sizeof(buf));
+#endif
+
+    mbedtls_free(ptr_a);
+    ptr_a = NULL;
+    TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0);
+
+    mbedtls_free(ptr_b);
+    ptr_b = NULL;
+    TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0);
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    mbedtls_memory_buffer_alloc_cur_get(&reported_bytes, &reported_blocks);
+    TEST_ASSERT(reported_bytes == 0);
+#endif
+
+    TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0);
+
+exit:
+    mbedtls_memory_buffer_alloc_free();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void memory_buffer_heap_too_small()
+{
+    unsigned char buf[1];
+
+    mbedtls_memory_buffer_alloc_init(buf, sizeof(buf));
+    /* With MBEDTLS_MEMORY_DEBUG enabled, this prints a message
+     * "FATAL: verification of first header failed".
+     */
+    TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() != 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void memory_buffer_underalloc()
+{
+    unsigned char buf[100];
+    size_t i;
+
+    mbedtls_memory_buffer_alloc_init(buf, sizeof(buf));
+    for (i = 1; i < MBEDTLS_MEMORY_ALIGN_MULTIPLE; i++) {
+        TEST_ASSERT(mbedtls_calloc(1,
+                                   (size_t) -(MBEDTLS_MEMORY_ALIGN_MULTIPLE - i)) == NULL);
+        TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0);
+    }
+
+exit:
+    mbedtls_memory_buffer_alloc_free();
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_mps.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_mps.data
new file mode 100644
index 0000000..442f321
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_mps.data
@@ -0,0 +1,125 @@
+MPS Reader: Single step, single round, pausing disabled
+mbedtls_mps_reader_no_pausing_single_step_single_round:0
+
+MPS Reader: Single step, single round, pausing enabled but unused
+mbedtls_mps_reader_no_pausing_single_step_single_round:1
+
+MPS Reader: Single step, multiple rounds, pausing disabled
+mbedtls_mps_reader_no_pausing_single_step_multiple_rounds:0
+
+MPS Reader: Single step, multiple rounds, pausing enabled but unused
+mbedtls_mps_reader_no_pausing_single_step_multiple_rounds:1
+
+MPS Reader: Multiple steps, single round, pausing disabled
+mbedtls_mps_reader_no_pausing_multiple_steps_single_round:0
+
+MPS Reader: Multiple steps, single round, pausing enabled but unused
+mbedtls_mps_reader_no_pausing_multiple_steps_single_round:1
+
+MPS Reader: Multiple steps, multiple rounds, pausing disabled
+mbedtls_mps_reader_no_pausing_multiple_steps_multiple_rounds:0
+
+MPS Reader: Multiple steps, multiple rounds, pausing enabled but unused
+mbedtls_mps_reader_no_pausing_multiple_steps_multiple_rounds:1
+
+MPS Reader: Pausing needed but disabled
+mbedtls_mps_reader_pausing_needed_disabled:
+
+MPS Reader: Pausing needed + enabled, but buffer too small
+mbedtls_mps_reader_pausing_needed_buffer_too_small:
+
+MPS Reader: Pausing, repeat single call without commit
+mbedtls_mps_reader_pausing:0
+
+MPS Reader: Pausing, repeat single call with commit
+mbedtls_mps_reader_pausing:1
+
+MPS Reader: Pausing, repeat multiple calls without commit
+mbedtls_mps_reader_pausing:2
+
+MPS Reader: Pausing, repeat multiple calls with commit #0
+mbedtls_mps_reader_pausing:3
+
+MPS Reader: Pausing, repeat multiple calls with commit #1
+mbedtls_mps_reader_pausing:4
+
+MPS Reader: Pausing, repeat multiple calls with commit #2
+mbedtls_mps_reader_pausing:5
+
+MPS Reader: Pausing, feed 50 bytes in 10b + 10b + 80b
+mbedtls_mps_reader_pausing_multiple_feeds:0
+
+MPS Reader: Pausing, feed 50 bytes in 50x1b
+mbedtls_mps_reader_pausing_multiple_feeds:1
+
+MPS Reader: Pausing, feed 50 bytes in 49x1b + 51b
+mbedtls_mps_reader_pausing_multiple_feeds:2
+
+MPS Reader: Reclaim with data remaining #0
+mbedtls_mps_reader_reclaim_data_left:0
+
+MPS Reader: Reclaim with data remaining #1
+mbedtls_mps_reader_reclaim_data_left:1
+
+MPS Reader: Reclaim with data remaining #2
+mbedtls_mps_reader_reclaim_data_left:2
+
+MPS Reader: Reclaim with data remaining, continue fetching
+mbedtls_mps_reader_reclaim_data_left_retry:
+
+MPS Reader: Pausing several times, #0
+mbedtls_mps_reader_multiple_pausing:0
+
+MPS Reader: Pausing several times, #1
+mbedtls_mps_reader_multiple_pausing:1
+
+MPS Reader: Pausing several times, #2
+mbedtls_mps_reader_multiple_pausing:2
+
+MPS Reader: Pausing several times, #3
+mbedtls_mps_reader_multiple_pausing:3
+
+MPS Reader: Random usage, 20 rds, feed 100, get 200, acc 50
+mbedtls_mps_reader_random_usage:20:100:200:50
+
+MPS Reader: Random usage, 1000 rds, feed 10, get 100, acc 80
+mbedtls_mps_reader_random_usage:1000:10:100:80
+
+MPS Reader: Random usage, 10000 rds, feed 1, get 100, acc 80
+mbedtls_mps_reader_random_usage:10000:1:100:80
+
+MPS Reader: Random usage, 100 rds, feed 100, get 1000, acc 500
+mbedtls_mps_reader_random_usage:100:100:1000:500
+
+MPS Reader: Pausing, inconsistent continuation, #0
+mbedtls_reader_inconsistent_usage:0
+
+MPS Reader: Pausing, inconsistent continuation, #1
+mbedtls_reader_inconsistent_usage:1
+
+MPS Reader: Pausing, inconsistent continuation, #2
+mbedtls_reader_inconsistent_usage:2
+
+MPS Reader: Pausing, inconsistent continuation, #3
+mbedtls_reader_inconsistent_usage:3
+
+MPS Reader: Pausing, inconsistent continuation, #4
+mbedtls_reader_inconsistent_usage:4
+
+MPS Reader: Pausing, inconsistent continuation, #5
+mbedtls_reader_inconsistent_usage:5
+
+MPS Reader: Pausing, inconsistent continuation, #6
+mbedtls_reader_inconsistent_usage:6
+
+MPS Reader: Pausing, inconsistent continuation, #7
+mbedtls_reader_inconsistent_usage:7
+
+MPS Reader: Pausing, inconsistent continuation, #8
+mbedtls_reader_inconsistent_usage:8
+
+MPS Reader: Feed with invalid buffer (NULL)
+mbedtls_mps_reader_feed_empty:
+
+MPS Reader: Excess request leading to integer overflow
+mbedtls_mps_reader_reclaim_overflow:
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_mps.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_mps.function
new file mode 100644
index 0000000..03818ec
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_mps.function
@@ -0,0 +1,1141 @@
+/* BEGIN_HEADER */
+
+#include <stdlib.h>
+
+#include "mps_reader.h"
+
+/*
+ * Compile-time configuration for test suite.
+ */
+
+/* Comment/Uncomment this to disable/enable the
+ * testing of the various MPS layers.
+ * This can be useful for time-consuming instrumentation
+ * tasks such as the conversion of E-ACSL annotations
+ * into runtime assertions. */
+#define TEST_SUITE_MPS_READER
+
+/* End of compile-time configuration. */
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_no_pausing_single_step_single_round(int with_acc)
+{
+    /* This test exercises the most basic use of the MPS reader:
+     * - The 'producing' layer provides a buffer
+     * - The 'consuming' layer fetches it in a single go.
+     * - After processing, the consuming layer commits the data
+     *   and the reader is moved back to producing mode.
+     *
+     * Parameters:
+     * - with_acc: 0 if the reader should be initialized without accumulator.
+     *             1 if the reader should be initialized with accumulator.
+     *
+     *             Whether the accumulator is present or not should not matter,
+     *             since the consumer's request can be fulfilled from the data
+     *             that the producer has provided.
+     */
+    unsigned char bufA[100];
+    unsigned char acc[10];
+    unsigned char *tmp;
+    int paused;
+    mbedtls_mps_reader rd;
+    for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) {
+        bufA[i] = (unsigned char) i;
+    }
+
+    /* Preparation (lower layer) */
+    if (with_acc == 0) {
+        mbedtls_mps_reader_init(&rd, NULL, 0);
+    } else {
+        mbedtls_mps_reader_init(&rd, acc, sizeof(acc));
+    }
+    TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0);
+    /* Consumption (upper layer) */
+    /* Consume exactly what's available */
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 100, bufA, 100);
+    TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+    /* Wrapup (lower layer) */
+    TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, &paused) == 0);
+    TEST_ASSERT(paused == 0);
+    mbedtls_mps_reader_free(&rd);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_no_pausing_single_step_multiple_rounds(int with_acc)
+{
+    /* This test exercises multiple rounds of the basic use of the MPS reader:
+     * - The 'producing' layer provides a buffer
+     * - The 'consuming' layer fetches it in a single go.
+     * - After processing, the consuming layer commits the data
+     *   and the reader is moved back to producing mode.
+     *
+     * Parameters:
+     * - with_acc: 0 if the reader should be initialized without accumulator.
+     *             1 if the reader should be initialized with accumulator.
+     *
+     *             Whether the accumulator is present or not should not matter,
+     *             since the consumer's request can be fulfilled from the data
+     *             that the producer has provided.
+     */
+
+    unsigned char bufA[100], bufB[100];
+    unsigned char acc[10];
+    unsigned char *tmp;
+    mbedtls_mps_reader rd;
+    for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) {
+        bufA[i] = (unsigned char) i;
+    }
+    for (size_t i = 0; (unsigned) i < sizeof(bufB); i++) {
+        bufB[i] = ~((unsigned char) i);
+    }
+
+    /* Preparation (lower layer) */
+    if (with_acc == 0) {
+        mbedtls_mps_reader_init(&rd, NULL, 0);
+    } else {
+        mbedtls_mps_reader_init(&rd, acc, sizeof(acc));
+    }
+    TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0);
+    /* Consumption (upper layer) */
+    /* Consume exactly what's available */
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 100, bufA, 100);
+    TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+    /* Preparation */
+    TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0);
+    TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB, sizeof(bufB)) == 0);
+    /* Consumption */
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 100, bufB, 100);
+    TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+    /* Wrapup (lower layer) */
+    TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0);
+    mbedtls_mps_reader_free(&rd);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_no_pausing_multiple_steps_single_round(int with_acc)
+{
+    /* This test exercises one round of the following:
+     * - The 'producing' layer provides a buffer
+     * - The 'consuming' layer fetches it in multiple calls
+     *   to `mbedtls_mps_reader_get()`, without committing in between.
+     * - After processing, the consuming layer commits the data
+     *   and the reader is moved back to producing mode.
+     *
+     * Parameters:
+     * - with_acc: 0 if the reader should be initialized without accumulator.
+     *             1 if the reader should be initialized with accumulator.
+     *
+     *             Whether the accumulator is present or not should not matter,
+     *             since the consumer's requests can be fulfilled from the data
+     *             that the producer has provided.
+     */
+
+    /* Lower layer provides data that the upper layer fully consumes
+     * through multiple `get` calls. */
+    unsigned char buf[100];
+    unsigned char acc[10];
+    unsigned char *tmp;
+    mbedtls_mps_size_t tmp_len;
+    mbedtls_mps_reader rd;
+    for (size_t i = 0; (unsigned) i < sizeof(buf); i++) {
+        buf[i] = (unsigned char) i;
+    }
+
+    /* Preparation (lower layer) */
+    if (with_acc == 0) {
+        mbedtls_mps_reader_init(&rd, NULL, 0);
+    } else {
+        mbedtls_mps_reader_init(&rd, acc, sizeof(acc));
+    }
+    TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0);
+    /* Consumption (upper layer) */
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 10, buf, 10);
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 70, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 70, buf + 10, 70);
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 30, &tmp, &tmp_len) == 0);
+    TEST_MEMORY_COMPARE(tmp, tmp_len, buf + 80, 20);
+    TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+    /* Wrapup (lower layer) */
+    TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0);
+    mbedtls_mps_reader_free(&rd);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_no_pausing_multiple_steps_multiple_rounds(int with_acc)
+{
+    /* This test exercises one round of fetching a buffer in multiple chunks
+     * and passing it back to the producer afterwards, followed by another
+     * single-step sequence of feed-fetch-commit-reclaim.
+     */
+    unsigned char bufA[100], bufB[100];
+    unsigned char acc[10];
+    unsigned char *tmp;
+    mbedtls_mps_size_t tmp_len;
+    mbedtls_mps_reader rd;
+    for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) {
+        bufA[i] = (unsigned char) i;
+    }
+    for (size_t i = 0; (unsigned) i < sizeof(bufB); i++) {
+        bufB[i] = ~((unsigned char) i);
+    }
+
+    /* Preparation (lower layer) */
+    if (with_acc == 0) {
+        mbedtls_mps_reader_init(&rd, NULL, 0);
+    } else {
+        mbedtls_mps_reader_init(&rd, acc, sizeof(acc));
+    }
+    TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0);
+    /* Consumption (upper layer) */
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 10, bufA, 10);
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 70, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 70, bufA + 10, 70);
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 30, &tmp, &tmp_len) == 0);
+    TEST_MEMORY_COMPARE(tmp, tmp_len, bufA + 80, 20);
+    TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+    /* Preparation */
+    TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0);
+    TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB, sizeof(bufB)) == 0);
+    /* Consumption */
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 100, bufB, 100);
+    TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+    /* Wrapup */
+    TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0);
+    mbedtls_mps_reader_free(&rd);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_pausing_needed_disabled()
+{
+    /* This test exercises the behaviour of the MPS reader when a read request
+     * of the consumer exceeds what has been provided by the producer, and when
+     * no accumulator is available in the reader.
+     *
+     * In this case, we expect the reader to fail.
+     */
+
+    unsigned char buf[100];
+    unsigned char *tmp;
+    mbedtls_mps_reader rd;
+    for (size_t i = 0; (unsigned) i < sizeof(buf); i++) {
+        buf[i] = (unsigned char) i;
+    }
+
+    /* Preparation (lower layer) */
+    mbedtls_mps_reader_init(&rd, NULL, 0);
+    TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0);
+    /* Consumption (upper layer) */
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 50, buf, 50);
+    TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) ==
+                MBEDTLS_ERR_MPS_READER_OUT_OF_DATA);
+    /* Wrapup (lower layer) */
+    TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) ==
+                MBEDTLS_ERR_MPS_READER_NEED_ACCUMULATOR);
+    mbedtls_mps_reader_free(&rd);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_pausing_needed_buffer_too_small()
+{
+    /* This test exercises the behaviour of the MPS reader with accumulator
+     * in the situation where a read request goes beyond the bounds of the
+     * current read buffer, _and_ the reader's accumulator is too small to
+     * hold the requested amount of data.
+     *
+     * In this case, we expect mbedtls_mps_reader_reclaim() to fail,
+     * but it should be possible to continue fetching data as if
+     * there had been no excess request via mbedtls_mps_reader_get()
+     * and the call to mbedtls_mps_reader_reclaim() had been rejected
+     * because of data remaining.
+     */
+
+    unsigned char buf[100];
+    unsigned char acc[10];
+    unsigned char *tmp;
+    mbedtls_mps_reader rd;
+    mbedtls_mps_size_t tmp_len;
+
+    for (size_t i = 0; (unsigned) i < sizeof(buf); i++) {
+        buf[i] = (unsigned char) i;
+    }
+
+    /* Preparation (lower layer) */
+    mbedtls_mps_reader_init(&rd, acc, sizeof(acc));
+    TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0);
+    /* Consumption (upper layer) */
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 50, buf, 50);
+    TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 10, buf + 50, 10);
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) ==
+                MBEDTLS_ERR_MPS_READER_OUT_OF_DATA);
+    /* Wrapup (lower layer) */
+    TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) ==
+                MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL);
+
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, &tmp_len) == 0);
+    TEST_MEMORY_COMPARE(tmp, tmp_len, buf + 50, 50);
+
+    mbedtls_mps_reader_free(&rd);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_reclaim_overflow()
+{
+    /* This test exercises the behaviour of the MPS reader with accumulator
+     * in the situation where upon calling mbedtls_mps_reader_reclaim(), the
+     * uncommitted data together with the excess data missing in the last
+     * call to mbedtls_mps_reader_get() exceeds the bounds of the type
+     * holding the buffer length.
+     */
+
+    unsigned char buf[100];
+    unsigned char acc[50];
+    unsigned char *tmp;
+    mbedtls_mps_reader rd;
+
+    for (size_t i = 0; (unsigned) i < sizeof(buf); i++) {
+        buf[i] = (unsigned char) i;
+    }
+
+    /* Preparation (lower layer) */
+    mbedtls_mps_reader_init(&rd, acc, sizeof(acc));
+    TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0);
+    /* Consumption (upper layer) */
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 50, buf, 50);
+    /* Excess request */
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, (mbedtls_mps_size_t) -1, &tmp, NULL) ==
+                MBEDTLS_ERR_MPS_READER_OUT_OF_DATA);
+    /* Wrapup (lower layer) */
+    TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) ==
+                MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL);
+
+    mbedtls_mps_reader_free(&rd);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_pausing(int option)
+{
+    /* This test exercises the behaviour of the reader when the
+     * accumulator is used to fulfill a consumer's request.
+     *
+     * More detailed:
+     * - The producer feeds some data.
+     * - The consumer asks for more data than what's available.
+     * - The reader remembers the request and goes back to
+     *   producing mode, waiting for more data from the producer.
+     * - The producer provides another chunk of data which is
+     *   sufficient to fulfill the original read request.
+     * - The consumer retries the original read request, which
+     *   should now succeed.
+     *
+     * This test comes in multiple variants controlled by the
+     * `option` parameter and documented below.
+     */
+
+    unsigned char bufA[100], bufB[100];
+    unsigned char *tmp;
+    unsigned char acc[40];
+    int paused;
+    mbedtls_mps_reader rd;
+    for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) {
+        bufA[i] = (unsigned char) i;
+    }
+    for (size_t i = 0; (unsigned) i < sizeof(bufB); i++) {
+        bufB[i] = ~((unsigned char) i);
+    }
+
+    /* Preparation (lower layer) */
+    mbedtls_mps_reader_init(&rd, acc, sizeof(acc));
+    TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0);
+
+    /* Consumption (upper layer) */
+    /* Ask for more than what's available. */
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 80, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 80, bufA, 80);
+    TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10);
+    switch (option) {
+        case 0:  /* Single uncommitted fetch at pausing */
+        case 1:
+            TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+            break;
+        default: /* Multiple uncommitted fetches at pausing */
+            break;
+    }
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) ==
+                MBEDTLS_ERR_MPS_READER_OUT_OF_DATA);
+
+    /* Preparation */
+    TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, &paused) == 0);
+    TEST_ASSERT(paused == 1);
+    TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB, sizeof(bufB)) == 0);
+
+    /* Consumption */
+    switch (option) {
+        case 0: /* Single fetch at pausing, re-fetch with commit. */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10);
+            TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10);
+            TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+            break;
+
+        case 1: /* Single fetch at pausing, re-fetch without commit. */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10);
+            TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10);
+            break;
+
+        case 2: /* Multiple fetches at pausing, repeat without commit. */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10);
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10);
+            TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10);
+            break;
+
+        case 3: /* Multiple fetches at pausing, repeat with commit 1. */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10);
+            TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10);
+            TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10);
+            break;
+
+        case 4: /* Multiple fetches at pausing, repeat with commit 2. */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10);
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10);
+            TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10);
+            TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+            break;
+
+        case 5: /* Multiple fetches at pausing, repeat with commit 3. */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10);
+            TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10);
+            TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10);
+            TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+            break;
+
+        default:
+            TEST_ASSERT(0);
+    }
+
+    /* In all cases, fetch the rest of the second buffer. */
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 90, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 90, bufB + 10, 90);
+    TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+
+    /* Wrapup */
+    TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0);
+    mbedtls_mps_reader_free(&rd);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_pausing_multiple_feeds(int option)
+{
+    /* This test exercises the behaviour of the MPS reader
+     * in the following situation:
+     * - The consumer has asked for more than what's available, so the
+     *   reader pauses and waits for further input data via
+     *   `mbedtls_mps_reader_feed()`
+     * - Multiple such calls to `mbedtls_mps_reader_feed()` are necessary
+     *   to fulfill the original request, and the reader needs to do
+     *   the necessary bookkeeping under the hood.
+     *
+     * This test comes in a few variants differing in the number and
+     * size of feed calls that the producer issues while the reader is
+     * accumulating the necessary data - see the comments below.
+     */
+
+    unsigned char bufA[100], bufB[100];
+    unsigned char *tmp;
+    unsigned char acc[70];
+    mbedtls_mps_reader rd;
+    mbedtls_mps_size_t fetch_len;
+    for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) {
+        bufA[i] = (unsigned char) i;
+    }
+    for (size_t i = 0; (unsigned) i < sizeof(bufB); i++) {
+        bufB[i] = ~((unsigned char) i);
+    }
+
+    /* Preparation (lower layer) */
+    mbedtls_mps_reader_init(&rd, acc, sizeof(acc));
+    TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0);
+
+    /* Consumption (upper layer) */
+    /* Ask for more than what's available. */
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 80, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 80, bufA, 80);
+    TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+    /* 20 left, ask for 70 -> 50 overhead */
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 70, &tmp, NULL) ==
+                MBEDTLS_ERR_MPS_READER_OUT_OF_DATA);
+
+    /* Preparation */
+    TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0);
+    switch (option) {
+        case 0: /* 10 + 10 + 80 byte feed */
+            TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB, 10) ==
+                        MBEDTLS_ERR_MPS_READER_NEED_MORE);
+            TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB + 10, 10) ==
+                        MBEDTLS_ERR_MPS_READER_NEED_MORE);
+            TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB + 20, 80) == 0);
+            break;
+
+        case 1: /* 50 x 1byte */
+            for (size_t num_feed = 0; num_feed < 49; num_feed++) {
+                TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB + num_feed, 1) ==
+                            MBEDTLS_ERR_MPS_READER_NEED_MORE);
+            }
+            TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB + 49, 1) == 0);
+            break;
+
+        case 2: /* 49 x 1byte + 51bytes */
+            for (size_t num_feed = 0; num_feed < 49; num_feed++) {
+                TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB + num_feed, 1) ==
+                            MBEDTLS_ERR_MPS_READER_NEED_MORE);
+            }
+            TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB + 49, 51) == 0);
+            break;
+
+        default:
+            TEST_ASSERT(0);
+            break;
+    }
+
+    /* Consumption */
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 70, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 20, bufA + 80, 20);
+    TEST_MEMORY_COMPARE(tmp + 20, 50, bufB, 50);
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 1000, &tmp, &fetch_len) == 0);
+    switch (option) {
+        case 0:
+            TEST_ASSERT(fetch_len == 50);
+            break;
+
+        case 1:
+            TEST_ASSERT(fetch_len == 0);
+            break;
+
+        case 2:
+            TEST_ASSERT(fetch_len == 50);
+            break;
+
+        default:
+            TEST_ASSERT(0);
+            break;
+    }
+    TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+
+    /* Wrapup */
+    TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0);
+    mbedtls_mps_reader_free(&rd);
+}
+/* END_CASE */
+
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_reclaim_data_left(int option)
+{
+    /* This test exercises the behaviour of the MPS reader when a
+     * call to mbedtls_mps_reader_reclaim() is made before all data
+     * provided by the producer has been fetched and committed. */
+
+    unsigned char buf[100];
+    unsigned char *tmp;
+    mbedtls_mps_reader rd;
+    for (size_t i = 0; (unsigned) i < sizeof(buf); i++) {
+        buf[i] = (unsigned char) i;
+    }
+
+    /* Preparation (lower layer) */
+    mbedtls_mps_reader_init(&rd, NULL, 0);
+    TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0);
+
+    /* Consumption (upper layer) */
+    switch (option) {
+        case 0:
+            /* Fetch (but not commit) the entire buffer. */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, sizeof(buf), &tmp, NULL)
+                        == 0);
+            TEST_MEMORY_COMPARE(tmp, 100, buf, 100);
+            break;
+
+        case 1:
+            /* Fetch (but not commit) parts of the buffer. */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, sizeof(buf) / 2,
+                                               &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, sizeof(buf) / 2, buf, sizeof(buf) / 2);
+            break;
+
+        case 2:
+            /* Fetch and commit parts of the buffer, then
+             * fetch but not commit the rest of the buffer. */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, sizeof(buf) / 2,
+                                               &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, sizeof(buf) / 2, buf, sizeof(buf) / 2);
+            TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, sizeof(buf) / 2,
+                                               &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, sizeof(buf) / 2,
+                                buf + sizeof(buf) / 2,
+                                sizeof(buf) / 2);
+            break;
+
+        default:
+            TEST_ASSERT(0);
+            break;
+    }
+
+    /* Wrapup */
+    TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) ==
+                MBEDTLS_ERR_MPS_READER_DATA_LEFT);
+    mbedtls_mps_reader_free(&rd);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_reclaim_data_left_retry()
+{
+    /* This test exercises the behaviour of the MPS reader when an attempt
+     * by the producer to reclaim the reader fails because of more data pending
+     * to be processed, and the consumer subsequently fetches more data. */
+    unsigned char buf[100];
+    unsigned char *tmp;
+    mbedtls_mps_reader rd;
+
+    for (size_t i = 0; (unsigned) i < sizeof(buf); i++) {
+        buf[i] = (unsigned char) i;
+    }
+
+    /* Preparation (lower layer) */
+    mbedtls_mps_reader_init(&rd, NULL, 0);
+    TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0);
+    /* Consumption (upper layer) */
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 50, buf, 50);
+    TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 50, buf + 50, 50);
+    /* Preparation */
+    TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) ==
+                MBEDTLS_ERR_MPS_READER_DATA_LEFT);
+    /* Consumption */
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 50, buf + 50, 50);
+    TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+    /* Wrapup */
+    TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0);
+    mbedtls_mps_reader_free(&rd);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_multiple_pausing(int option)
+{
+    /* This test exercises the behaviour of the MPS reader
+     * in the following situation:
+     * - A read request via `mbedtls_mps_reader_get()` can't
+     *   be served and the reader is paused to accumulate
+     *   the desired amount of data from the producer.
+     * - Once enough data is available, the consumer successfully
+     *   reads the data from the reader, but afterwards exceeds
+     *   the available data again - pausing is necessary for a
+     *   second time.
+     */
+
+    unsigned char bufA[100], bufB[20], bufC[10];
+    unsigned char *tmp;
+    unsigned char acc[50];
+    mbedtls_mps_size_t tmp_len;
+    mbedtls_mps_reader rd;
+    for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) {
+        bufA[i] = (unsigned char) i;
+    }
+    for (size_t i = 0; (unsigned) i < sizeof(bufB); i++) {
+        bufB[i] = ~((unsigned char) i);
+    }
+    for (size_t i = 0; (unsigned) i < sizeof(bufC); i++) {
+        bufC[i] = ~((unsigned char) i);
+    }
+
+    /* Preparation (lower layer) */
+    mbedtls_mps_reader_init(&rd, acc, sizeof(acc));
+    TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0);
+
+    /* Consumption (upper layer) */
+    /* Ask for more than what's available. */
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 80, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 80, bufA, 80);
+    TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10);
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) ==
+                MBEDTLS_ERR_MPS_READER_OUT_OF_DATA);
+
+    /* Preparation */
+    TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0);
+    TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB, sizeof(bufB)) == 0);
+
+    switch (option) {
+        case 0: /* Fetch same chunks, commit afterwards, and
+                 * then exceed bounds of new buffer; accumulator
+                 * large enough. */
+
+            /* Consume */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, &tmp_len) == 0);
+            TEST_MEMORY_COMPARE(tmp, tmp_len, bufA + 80, 10);
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10);
+            TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10);
+            TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) ==
+                        MBEDTLS_ERR_MPS_READER_OUT_OF_DATA);
+
+            /* Prepare */
+            TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0);
+            TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufC, sizeof(bufC)) == 0);;
+
+            /* Consume */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 10, bufB + 10, 10);
+            TEST_MEMORY_COMPARE(tmp + 10, 10, bufC, 10);
+            break;
+
+        case 1: /* Fetch same chunks, commit afterwards, and
+                 * then exceed bounds of new buffer; accumulator
+                 * not large enough. */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10);
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10);
+            TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10);
+            TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 51, &tmp, NULL) ==
+                        MBEDTLS_ERR_MPS_READER_OUT_OF_DATA);
+
+            /* Prepare */
+            TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) ==
+                        MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL);
+            break;
+
+        case 2: /* Fetch same chunks, don't commit afterwards, and
+                 * then exceed bounds of new buffer; accumulator
+                 * large enough. */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10);
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10);
+            TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10);
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) ==
+                        MBEDTLS_ERR_MPS_READER_OUT_OF_DATA);
+
+            /* Prepare */
+            TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0);
+            TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufC, sizeof(bufC)) == 0);;
+
+            /* Consume */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 20, bufA + 80, 20);
+            TEST_MEMORY_COMPARE(tmp + 20, 20, bufB, 20);
+            TEST_MEMORY_COMPARE(tmp + 40, 10, bufC, 10);
+            break;
+
+        case 3: /* Fetch same chunks, don't commit afterwards, and
+                 * then exceed bounds of new buffer; accumulator
+                 * not large enough. */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10);
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10);
+            TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10);
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 21, &tmp, NULL) ==
+                        MBEDTLS_ERR_MPS_READER_OUT_OF_DATA);
+
+            /* Prepare */
+            TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) ==
+                        MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL);
+            break;
+
+        default:
+            TEST_ASSERT(0);
+            break;
+    }
+
+    mbedtls_mps_reader_free(&rd);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER:MBEDTLS_MPS_STATE_VALIDATION */
+void mbedtls_mps_reader_random_usage(int num_out_chunks,
+                                     int max_chunk_size,
+                                     int max_request,
+                                     int acc_size)
+
+{
+    /* Randomly pass a reader object back and forth between lower and
+     * upper layer and let each of them call the respective reader API
+     * functions in a random fashion.
+     *
+     * On the lower layer, we're tracking and concatenating
+     * the data passed to successful feed calls.
+     *
+     * For the upper layer, we track and concatenate buffers
+     * obtained from successful get calls.
+     *
+     * As long as the lower layer calls reclaim at least once, (resetting the
+     * fetched but not-yet-committed data), this should always lead to the same
+     * stream of outgoing/incoming data for the lower/upper layers, even if
+     * most of the random calls fail.
+     *
+     * NOTE: This test uses rand() for random data, which is not optimal.
+     *       Instead, it would be better to get the random data from a
+     *       static buffer. This both eases reproducibility and allows
+     *       simple conversion to a fuzz target.
+     */
+    int ret;
+    unsigned char *acc = NULL;
+    unsigned char *outgoing = NULL, *incoming = NULL;
+    unsigned char *cur_chunk = NULL;
+    size_t cur_out_chunk, out_pos, in_commit, in_fetch;
+    int rand_op;  /* Lower layer:
+                   * - Reclaim (0)
+                   * - Feed (1)
+                   * Upper layer:
+                   * - Get, do tolerate smaller output (0)
+                   * - Get, don't tolerate smaller output (1)
+                   * - Commit (2) */
+    int mode = 0; /* Lower layer (0) or Upper layer (1) */
+    int reclaimed = 1; /* Have to call reclaim at least once before
+                        * returning the reader to the upper layer. */
+    mbedtls_mps_reader rd;
+
+    if (acc_size > 0) {
+        TEST_CALLOC(acc, acc_size);
+    }
+
+    /* This probably needs to be changed because we want
+     * our tests to be deterministic. */
+    //    srand( time( NULL ) );
+
+    TEST_CALLOC(outgoing, num_out_chunks * max_chunk_size);
+    TEST_CALLOC(incoming, num_out_chunks * max_chunk_size);
+
+    mbedtls_mps_reader_init(&rd, acc, acc_size);
+
+    cur_out_chunk = 0;
+    in_commit = 0;
+    in_fetch = 0;
+    out_pos = 0;
+    while (cur_out_chunk < (unsigned) num_out_chunks) {
+        if (mode == 0) {
+            /* Choose randomly between reclaim and feed */
+            rand_op = rand() % 2;
+
+            if (rand_op == 0) {
+                /* Reclaim */
+                ret = mbedtls_mps_reader_reclaim(&rd, NULL);
+
+                if (ret == 0) {
+                    TEST_ASSERT(cur_chunk != NULL);
+                    mbedtls_free(cur_chunk);
+                    cur_chunk = NULL;
+                }
+                reclaimed = 1;
+            } else {
+                /* Feed reader with a random chunk */
+                unsigned char *tmp = NULL;
+                size_t tmp_size;
+                if (cur_out_chunk == (unsigned) num_out_chunks) {
+                    continue;
+                }
+
+                tmp_size = (rand() % max_chunk_size) + 1;
+                TEST_CALLOC(tmp, tmp_size);
+
+                TEST_ASSERT(mbedtls_test_rnd_std_rand(NULL, tmp, tmp_size) == 0);
+                ret = mbedtls_mps_reader_feed(&rd, tmp, tmp_size);
+
+                if (ret == 0 || ret == MBEDTLS_ERR_MPS_READER_NEED_MORE) {
+                    cur_out_chunk++;
+                    memcpy(outgoing + out_pos, tmp, tmp_size);
+                    out_pos += tmp_size;
+                }
+
+                if (ret == 0) {
+                    TEST_ASSERT(cur_chunk == NULL);
+                    cur_chunk = tmp;
+                } else {
+                    mbedtls_free(tmp);
+                }
+
+            }
+
+            /* Randomly switch to consumption mode if reclaim
+             * was called at least once. */
+            if (reclaimed == 1 && rand() % 3 == 0) {
+                in_fetch = 0;
+                mode = 1;
+            }
+        } else {
+            /* Choose randomly between get tolerating fewer data,
+             * get not tolerating fewer data, and commit. */
+            rand_op = rand() % 3;
+            if (rand_op == 0 || rand_op == 1) {
+                mbedtls_mps_size_t get_size, real_size;
+                unsigned char *chunk_get;
+                get_size = (rand() % max_request) + 1;
+                if (rand_op == 0) {
+                    ret = mbedtls_mps_reader_get(&rd, get_size, &chunk_get,
+                                                 &real_size);
+                } else {
+                    real_size = get_size;
+                    ret = mbedtls_mps_reader_get(&rd, get_size, &chunk_get, NULL);
+                }
+
+                /* Check if output is in accordance with what was written */
+                if (ret == 0) {
+                    memcpy(incoming + in_commit + in_fetch,
+                           chunk_get, real_size);
+                    TEST_ASSERT(memcmp(incoming + in_commit + in_fetch,
+                                       outgoing + in_commit + in_fetch,
+                                       real_size) == 0);
+                    in_fetch += real_size;
+                }
+            } else if (rand_op == 2) { /* Commit */
+                ret = mbedtls_mps_reader_commit(&rd);
+                if (ret == 0) {
+                    in_commit += in_fetch;
+                    in_fetch = 0;
+                }
+            }
+
+            /* Randomly switch back to preparation */
+            if (rand() % 3 == 0) {
+                reclaimed = 0;
+                mode = 0;
+            }
+        }
+    }
+
+    /* Cleanup */
+    mbedtls_mps_reader_free(&rd);
+    mbedtls_free(incoming);
+    mbedtls_free(outgoing);
+    mbedtls_free(acc);
+    mbedtls_free(cur_chunk);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_reader_inconsistent_usage(int option)
+{
+    /* This test exercises the behaviour of the MPS reader
+     * in the following situation:
+     * - The consumer asks for more data than what's available
+     * - The reader is paused and receives more data from the
+     *   producer until the original read request can be fulfilled.
+     * - The consumer does not repeat the original request but
+     *   requests data in a different way.
+     *
+     * The reader does not guarantee that inconsistent read requests
+     * after pausing will succeed, and this test triggers some cases
+     * where the request fails.
+     */
+
+    unsigned char bufA[100], bufB[100];
+    unsigned char *tmp;
+    unsigned char acc[40];
+    mbedtls_mps_reader rd;
+    int success = 0;
+    for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) {
+        bufA[i] = (unsigned char) i;
+    }
+    for (size_t i = 0; (unsigned) i < sizeof(bufB); i++) {
+        bufB[i] = ~((unsigned char) i);
+    }
+
+    /* Preparation (lower layer) */
+    mbedtls_mps_reader_init(&rd, acc, sizeof(acc));
+    TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0);
+    /* Consumption (upper layer) */
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 80, &tmp, NULL) == 0);
+    TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0);
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) ==
+                MBEDTLS_ERR_MPS_READER_OUT_OF_DATA);
+    /* Preparation */
+    TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0);
+    TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB, sizeof(bufB)) == 0);
+    /* Consumption */
+    switch (option) {
+        case 0:
+            /* Ask for buffered data in a single chunk, no commit */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 30, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 20, bufA + 80, 20);
+            TEST_MEMORY_COMPARE(tmp + 20, 10, bufB, 10);
+            success = 1;
+            break;
+
+        case 1:
+            /* Ask for buffered data in a single chunk, with commit */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 30, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 20, bufA + 80, 20);
+            TEST_MEMORY_COMPARE(tmp + 20, 10, bufB, 10);
+            TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+            success = 1;
+            break;
+
+        case 2:
+            /* Ask for more than was requested when pausing, #1 */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 31, &tmp, NULL) ==
+                        MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS);
+            break;
+
+        case 3:
+            /* Ask for more than was requested when pausing #2 */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, (mbedtls_mps_size_t) -1, &tmp, NULL) ==
+                        MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS);
+            break;
+
+        case 4:
+            /* Asking for buffered data in different
+             * chunks than before CAN fail. */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 15, bufA + 80, 15);
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) ==
+                        MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS);
+            break;
+
+        case 5:
+            /* Asking for buffered data different chunks
+             * than before NEED NOT fail - no commits */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 15, bufA + 80, 15);
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 5, bufA + 95, 5);
+            TEST_MEMORY_COMPARE(tmp + 5, 10, bufB, 10);
+            success = 1;
+            break;
+
+        case 6:
+            /* Asking for buffered data different chunks
+             * than before NEED NOT fail - intermediate commit */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 15, bufA + 80, 15);
+            TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 5, bufA + 95, 5);
+            TEST_MEMORY_COMPARE(tmp + 5, 10, bufB, 10);
+            success = 1;
+            break;
+
+        case 7:
+            /* Asking for buffered data different chunks
+             * than before NEED NOT fail - end commit */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 15, bufA + 80, 15);
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 5, bufA + 95, 5);
+            TEST_MEMORY_COMPARE(tmp + 5, 10, bufB, 10);
+            TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+            success = 1;
+            break;
+
+        case 8:
+            /* Asking for buffered data different chunks
+             * than before NEED NOT fail - intermediate & end commit */
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0);
+            TEST_MEMORY_COMPARE(tmp, 15, bufA + 80, 15);
+            TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0);
+            TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+            TEST_MEMORY_COMPARE(tmp, 5, bufA + 95, 5);
+            TEST_MEMORY_COMPARE(tmp + 5, 10, bufB, 10);
+            TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+            success = 1;
+            break;
+
+        default:
+            TEST_ASSERT(0);
+            break;
+    }
+
+    if (success == 1) {
+        /* In all succeeding cases, fetch the rest of the second buffer. */
+        TEST_ASSERT(mbedtls_mps_reader_get(&rd, 90, &tmp, NULL) == 0);
+        TEST_MEMORY_COMPARE(tmp, 90, bufB + 10, 90);
+        TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+
+        /* Wrapup */
+        TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0);
+    }
+
+    /* Wrapup */
+    mbedtls_mps_reader_free(&rd);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */
+void mbedtls_mps_reader_feed_empty()
+{
+    /* This test exercises the behaviour of the reader when it is
+     * fed with a NULL buffer. */
+    unsigned char buf[100];
+    unsigned char *tmp;
+    mbedtls_mps_reader rd;
+    for (size_t i = 0; (unsigned) i < sizeof(buf); i++) {
+        buf[i] = (unsigned char) i;
+    }
+
+    /* Preparation (lower layer) */
+    mbedtls_mps_reader_init(&rd, NULL, 0);
+
+    TEST_ASSERT(mbedtls_mps_reader_feed(&rd, NULL, sizeof(buf)) ==
+                MBEDTLS_ERR_MPS_READER_INVALID_ARG);
+
+    /* Subsequent feed-calls should still succeed. */
+    TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0);
+
+    /* Consumption (upper layer) */
+    TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == 0);
+    TEST_MEMORY_COMPARE(tmp, 100, buf, 100);
+    TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0);
+
+    /* Wrapup */
+    TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0);
+    mbedtls_mps_reader_free(&rd);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_net.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_net.data
new file mode 100644
index 0000000..4f516c8
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_net.data
@@ -0,0 +1,8 @@
+Context init-free-free
+context_init_free:0
+
+Context init-free-init-free
+context_init_free:1
+
+net_poll beyond FD_SETSIZE
+poll_beyond_fd_setsize:
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_net.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_net.function
new file mode 100644
index 0000000..fa09f5a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_net.function
@@ -0,0 +1,137 @@
+/* BEGIN_HEADER */
+
+#include "mbedtls/net_sockets.h"
+
+#if defined(unix) || defined(__unix__) || defined(__unix) || \
+    defined(__APPLE__) || defined(__QNXNTO__) || \
+    defined(__HAIKU__) || defined(__midipix__)
+#define MBEDTLS_PLATFORM_IS_UNIXLIKE
+#endif
+
+#if defined(MBEDTLS_PLATFORM_IS_UNIXLIKE)
+#include <sys/resource.h>
+#include <sys/stat.h>
+#include <sys/time.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <unistd.h>
+#endif
+
+
+#if defined(MBEDTLS_PLATFORM_IS_UNIXLIKE)
+/** Open a file on the given file descriptor.
+ *
+ * This is disruptive if there is already something open on that descriptor.
+ * Caller beware.
+ *
+ * \param ctx           An initialized, but unopened socket context.
+ *                      On success, it refers to the opened file (\p wanted_fd).
+ * \param wanted_fd     The desired file descriptor.
+ *
+ * \return              \c 0 on success, a negative error code on error.
+ */
+static int open_file_on_fd(mbedtls_net_context *ctx, int wanted_fd)
+{
+    int got_fd = open("/dev/null", O_RDONLY);
+    TEST_ASSERT(got_fd >= 0);
+    if (got_fd != wanted_fd) {
+        TEST_ASSERT(dup2(got_fd, wanted_fd) >= 0);
+        TEST_ASSERT(close(got_fd) >= 0);
+    }
+    ctx->fd = wanted_fd;
+    return 0;
+exit:
+    return -1;
+}
+#endif /* MBEDTLS_PLATFORM_IS_UNIXLIKE */
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_NET_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void context_init_free(int reinit)
+{
+    mbedtls_net_context ctx;
+
+    mbedtls_net_init(&ctx);
+    mbedtls_net_free(&ctx);
+
+    if (reinit) {
+        mbedtls_net_init(&ctx);
+    }
+    mbedtls_net_free(&ctx);
+
+    /* This test case always succeeds, functionally speaking. A plausible
+     * bug might trigger an invalid pointer dereference or a memory leak. */
+    goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PLATFORM_IS_UNIXLIKE */
+void poll_beyond_fd_setsize()
+{
+    /* Test that mbedtls_net_poll does not misbehave when given a file
+     * descriptor greater or equal to FD_SETSIZE. This code is specific to
+     * platforms with a Unix-like select() function, which is where
+     * FD_SETSIZE is a concern. */
+
+    struct rlimit rlim_nofile;
+    int restore_rlim_nofile = 0;
+    int ret;
+    mbedtls_net_context ctx;
+    uint8_t buf[1];
+
+    mbedtls_net_init(&ctx);
+
+    /* On many systems, by default, the maximum permitted file descriptor
+     * number is less than FD_SETSIZE. If so, raise the limit if
+     * possible.
+     *
+     * If the limit can't be raised, a file descriptor opened by the
+     * net_sockets module will be less than FD_SETSIZE, so the test
+     * is not necessary and we mark it as skipped.
+     * A file descriptor could still be higher than FD_SETSIZE if it was
+     * opened before the limit was lowered (which is something an application
+     * might do); but we don't do such things in our test code, so the unit
+     * test will run if it can.
+     */
+    TEST_ASSERT(getrlimit(RLIMIT_NOFILE, &rlim_nofile) == 0);
+    if (rlim_nofile.rlim_cur < FD_SETSIZE + 1) {
+        rlim_t old_rlim_cur = rlim_nofile.rlim_cur;
+        rlim_nofile.rlim_cur = FD_SETSIZE + 1;
+        TEST_ASSUME(setrlimit(RLIMIT_NOFILE, &rlim_nofile) == 0);
+        rlim_nofile.rlim_cur = old_rlim_cur;
+        restore_rlim_nofile = 1;
+    }
+
+    TEST_ASSERT(open_file_on_fd(&ctx, FD_SETSIZE) == 0);
+
+    /* In principle, mbedtls_net_poll() with valid arguments should succeed.
+     * However, we know that on Unix-like platforms (and others), this function
+     * is implemented on top of select() and fd_set, which do not support
+     * file descriptors greater or equal to FD_SETSIZE. So we expect to hit
+     * this platform limitation.
+     *
+     * If mbedtls_net_poll() does not proprely check that ctx.fd is in range,
+     * it may still happen to return the expected failure code, but if this
+     * is problematic on the particular platform where the code is running,
+     * a memory sanitizer such as UBSan should catch it.
+     */
+    ret = mbedtls_net_poll(&ctx, MBEDTLS_NET_POLL_READ, 0);
+    TEST_EQUAL(ret, MBEDTLS_ERR_NET_POLL_FAILED);
+
+    /* mbedtls_net_recv_timeout() uses select() and fd_set in the same way. */
+    ret = mbedtls_net_recv_timeout(&ctx, buf, sizeof(buf), 0);
+    TEST_EQUAL(ret, MBEDTLS_ERR_NET_POLL_FAILED);
+
+exit:
+    mbedtls_net_free(&ctx);
+    if (restore_rlim_nofile) {
+        setrlimit(RLIMIT_NOFILE, &rlim_nofile);
+    }
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_nist_kw.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_nist_kw.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_nist_kw.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_nist_kw.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_nist_kw.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_nist_kw.function
new file mode 100644
index 0000000..f2b7944
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_nist_kw.function
@@ -0,0 +1,303 @@
+/* BEGIN_HEADER */
+#include "mbedtls/nist_kw.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_NIST_KW_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */
+void mbedtls_nist_kw_self_test()
+{
+    TEST_ASSERT(mbedtls_nist_kw_self_test(1) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
+void mbedtls_nist_kw_mix_contexts()
+{
+    mbedtls_nist_kw_context ctx1, ctx2;
+    unsigned char key[16];
+    unsigned char plaintext[32];
+    unsigned char ciphertext1[40];
+    unsigned char ciphertext2[40];
+    size_t output_len, i;
+
+    memset(plaintext, 0, sizeof(plaintext));
+    memset(ciphertext1, 0, sizeof(ciphertext1));
+    memset(ciphertext2, 0, sizeof(ciphertext2));
+    memset(key, 0, sizeof(key));
+
+    /*
+     * 1. Check wrap and unwrap with two separate contexts
+     */
+    mbedtls_nist_kw_init(&ctx1);
+    mbedtls_nist_kw_init(&ctx2);
+
+    TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx1,
+                                       MBEDTLS_CIPHER_ID_AES,
+                                       key, sizeof(key) * 8,
+                                       1) == 0);
+
+    TEST_ASSERT(mbedtls_nist_kw_wrap(&ctx1, MBEDTLS_KW_MODE_KW,
+                                     plaintext, sizeof(plaintext),
+                                     ciphertext1, &output_len,
+                                     sizeof(ciphertext1)) == 0);
+    TEST_ASSERT(output_len == sizeof(ciphertext1));
+
+    TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx2,
+                                       MBEDTLS_CIPHER_ID_AES,
+                                       key, sizeof(key) * 8,
+                                       0) == 0);
+
+    TEST_ASSERT(mbedtls_nist_kw_unwrap(&ctx2, MBEDTLS_KW_MODE_KW,
+                                       ciphertext1, output_len,
+                                       plaintext, &output_len,
+                                       sizeof(plaintext)) == 0);
+
+    TEST_ASSERT(output_len == sizeof(plaintext));
+    for (i = 0; i < sizeof(plaintext); i++) {
+        TEST_ASSERT(plaintext[i] == 0);
+    }
+    mbedtls_nist_kw_free(&ctx1);
+    mbedtls_nist_kw_free(&ctx2);
+
+    /*
+     * 2. Check wrapping with two modes, on same context
+     */
+    mbedtls_nist_kw_init(&ctx1);
+    mbedtls_nist_kw_init(&ctx2);
+    output_len = sizeof(ciphertext1);
+
+    TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx1,
+                                       MBEDTLS_CIPHER_ID_AES,
+                                       key, sizeof(key) * 8,
+                                       1) == 0);
+
+    TEST_ASSERT(mbedtls_nist_kw_wrap(&ctx1, MBEDTLS_KW_MODE_KW,
+                                     plaintext, sizeof(plaintext),
+                                     ciphertext1, &output_len,
+                                     sizeof(ciphertext1)) == 0);
+    TEST_ASSERT(output_len == sizeof(ciphertext1));
+
+    TEST_ASSERT(mbedtls_nist_kw_wrap(&ctx1, MBEDTLS_KW_MODE_KWP,
+                                     plaintext, sizeof(plaintext),
+                                     ciphertext2, &output_len,
+                                     sizeof(ciphertext2)) == 0);
+
+    TEST_ASSERT(output_len == sizeof(ciphertext2));
+
+    TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx2,
+                                       MBEDTLS_CIPHER_ID_AES,
+                                       key, sizeof(key) * 8,
+                                       0) == 0);
+
+    TEST_ASSERT(mbedtls_nist_kw_unwrap(&ctx2, MBEDTLS_KW_MODE_KW,
+                                       ciphertext1, sizeof(ciphertext1),
+                                       plaintext, &output_len,
+                                       sizeof(plaintext)) == 0);
+
+    TEST_ASSERT(output_len == sizeof(plaintext));
+
+    for (i = 0; i < sizeof(plaintext); i++) {
+        TEST_ASSERT(plaintext[i] == 0);
+    }
+
+    TEST_ASSERT(mbedtls_nist_kw_unwrap(&ctx2, MBEDTLS_KW_MODE_KWP,
+                                       ciphertext2, sizeof(ciphertext2),
+                                       plaintext, &output_len,
+                                       sizeof(plaintext)) == 0);
+
+    TEST_ASSERT(output_len == sizeof(plaintext));
+
+    for (i = 0; i < sizeof(plaintext); i++) {
+        TEST_ASSERT(plaintext[i] == 0);
+    }
+
+exit:
+    mbedtls_nist_kw_free(&ctx1);
+    mbedtls_nist_kw_free(&ctx2);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_nist_kw_setkey(int cipher_id, int key_size,
+                            int is_wrap, int result)
+{
+    mbedtls_nist_kw_context ctx;
+    unsigned char key[32];
+    int ret;
+
+    mbedtls_nist_kw_init(&ctx);
+
+    memset(key, 0x2A, sizeof(key));
+    TEST_ASSERT((unsigned) key_size <= 8 * sizeof(key));
+
+    ret = mbedtls_nist_kw_setkey(&ctx, cipher_id, key, key_size, is_wrap);
+    TEST_ASSERT(ret == result);
+
+exit:
+    mbedtls_nist_kw_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
+void nist_kw_plaintext_lengths(int in_len, int out_len, int mode, int res)
+{
+    mbedtls_nist_kw_context ctx;
+    unsigned char key[16];
+    unsigned char *plaintext = NULL;
+    unsigned char *ciphertext = NULL;
+    size_t output_len = out_len;
+
+    mbedtls_nist_kw_init(&ctx);
+
+    memset(key, 0, sizeof(key));
+
+    if (in_len != 0) {
+        plaintext = mbedtls_calloc(1, in_len);
+        TEST_ASSERT(plaintext != NULL);
+    }
+
+    if (out_len != 0) {
+        ciphertext = mbedtls_calloc(1, output_len);
+        TEST_ASSERT(ciphertext != NULL);
+    }
+
+    TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES,
+                                       key, 8 * sizeof(key), 1) == 0);
+
+    TEST_ASSERT(mbedtls_nist_kw_wrap(&ctx, mode, plaintext, in_len,
+                                     ciphertext, &output_len,
+                                     output_len) == res);
+    if (res == 0) {
+        if (mode == MBEDTLS_KW_MODE_KWP) {
+            TEST_ASSERT(output_len == (size_t) in_len + 8 -
+                        (in_len % 8) + 8);
+        } else {
+            TEST_ASSERT(output_len == (size_t) in_len + 8);
+        }
+    } else {
+        TEST_ASSERT(output_len == 0);
+    }
+
+exit:
+    mbedtls_free(ciphertext);
+    mbedtls_free(plaintext);
+    mbedtls_nist_kw_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
+void nist_kw_ciphertext_lengths(int in_len, int out_len, int mode, int res)
+{
+    mbedtls_nist_kw_context ctx;
+    unsigned char key[16];
+    unsigned char *plaintext = NULL;
+    unsigned char *ciphertext = NULL;
+    int unwrap_ret;
+    size_t output_len = out_len;
+
+    mbedtls_nist_kw_init(&ctx);
+
+    memset(key, 0, sizeof(key));
+
+    if (out_len != 0) {
+        plaintext = mbedtls_calloc(1, output_len);
+        TEST_ASSERT(plaintext != NULL);
+    }
+    if (in_len != 0) {
+        ciphertext = mbedtls_calloc(1, in_len);
+        TEST_ASSERT(ciphertext != NULL);
+    }
+
+    TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES,
+                                       key, 8 * sizeof(key), 0) == 0);
+    unwrap_ret = mbedtls_nist_kw_unwrap(&ctx, mode, ciphertext, in_len,
+                                        plaintext, &output_len,
+                                        output_len);
+
+    if (res == 0) {
+        TEST_ASSERT(unwrap_ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED);
+    } else {
+        TEST_ASSERT(unwrap_ret == res);
+    }
+
+    TEST_ASSERT(output_len == 0);
+
+exit:
+    mbedtls_free(ciphertext);
+    mbedtls_free(plaintext);
+    mbedtls_nist_kw_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_nist_kw_wrap(int cipher_id, int mode, data_t *key, data_t *msg,
+                          data_t *expected_result)
+{
+    unsigned char result[528];
+    mbedtls_nist_kw_context ctx;
+    size_t result_len, i, padlen;
+
+    mbedtls_nist_kw_init(&ctx);
+
+    memset(result, '+', sizeof(result));
+
+    TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx, cipher_id,
+                                       key->x, key->len * 8, 1) == 0);
+
+    /* Test with input == output */
+    TEST_ASSERT(mbedtls_nist_kw_wrap(&ctx, mode, msg->x, msg->len,
+                                     result, &result_len, sizeof(result)) == 0);
+
+    TEST_ASSERT(result_len == expected_result->len);
+
+    TEST_ASSERT(memcmp(expected_result->x, result, result_len) == 0);
+
+    padlen = (msg->len % 8 != 0) ? 8 - (msg->len % 8) : 0;
+    /* Check that the function didn't write beyond the end of the buffer. */
+    for (i = msg->len + 8 + padlen; i < sizeof(result); i++) {
+        TEST_ASSERT(result[i] == '+');
+    }
+
+exit:
+    mbedtls_nist_kw_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_nist_kw_unwrap(int cipher_id, int mode, data_t *key, data_t *msg,
+                            data_t *expected_result, int expected_ret)
+{
+    unsigned char result[528];
+    mbedtls_nist_kw_context ctx;
+    size_t result_len, i;
+
+    mbedtls_nist_kw_init(&ctx);
+
+    memset(result, '+', sizeof(result));
+
+    TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx, cipher_id,
+                                       key->x, key->len * 8, 0) == 0);
+
+    /* Test with input == output */
+    TEST_ASSERT(mbedtls_nist_kw_unwrap(&ctx, mode, msg->x, msg->len,
+                                       result, &result_len, sizeof(result)) == expected_ret);
+    if (expected_ret == 0) {
+        TEST_ASSERT(result_len == expected_result->len);
+        TEST_ASSERT(memcmp(expected_result->x, result, result_len) == 0);
+    } else {
+        TEST_ASSERT(result_len == 0);
+    }
+
+    /* Check that the function didn't write beyond the end of the buffer. */
+    for (i = msg->len - 8; i < sizeof(result); i++) {
+        TEST_ASSERT(result[i] == '+');
+    }
+
+exit:
+    mbedtls_nist_kw_free(&ctx);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_oid.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_oid.data
new file mode 100644
index 0000000..2d33141
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_oid.data
@@ -0,0 +1,139 @@
+OID get Any Policy certificate policy
+oid_get_certificate_policies:"551D2000":"Any Policy"
+
+OID get certificate policy invalid oid
+oid_get_certificate_policies:"5533445566":""
+
+OID get certificate policy wrong oid - id-ce-authorityKeyIdentifier
+oid_get_certificate_policies:"551D23":""
+
+OID get Ext Key Usage - id-kp-serverAuth
+oid_get_extended_key_usage:"2B06010505070301":"TLS Web Server Authentication"
+
+OID get Ext Key Usage - id-kp-clientAuth
+oid_get_extended_key_usage:"2B06010505070302":"TLS Web Client Authentication"
+
+OID get Ext Key Usage - id-kp-codeSigning
+oid_get_extended_key_usage:"2B06010505070303":"Code Signing"
+
+OID get Ext Key Usage - id-kp-emailProtection
+oid_get_extended_key_usage:"2B06010505070304":"E-mail Protection"
+
+OID get Ext Key Usage - id-kp-timeStamping
+oid_get_extended_key_usage:"2B06010505070308":"Time Stamping"
+
+OID get Ext Key Usage - id-kp-OCSPSigning
+oid_get_extended_key_usage:"2B06010505070309":"OCSP Signing"
+
+OID get Ext Key Usage - id-kp-wisun-fan-device
+oid_get_extended_key_usage:"2B0601040182E42501":"Wi-SUN Alliance Field Area Network (FAN)"
+
+OID get Ext Key Usage invalid oid
+oid_get_extended_key_usage:"5533445566":""
+
+OID get Ext Key Usage wrong oid - id-ce-authorityKeyIdentifier
+oid_get_extended_key_usage:"551D23":""
+
+OID get x509 extension - id-ce-basicConstraints
+oid_get_x509_extension:"551D13":MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS
+
+OID get x509 extension - id-ce-keyUsage
+oid_get_x509_extension:"551D0F":MBEDTLS_OID_X509_EXT_KEY_USAGE
+
+OID get x509 extension - id-ce-extKeyUsage
+oid_get_x509_extension:"551D25":MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE
+
+OID get x509 extension - id-ce-subjectAltName
+oid_get_x509_extension:"551D11":MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME
+
+OID get x509 extension - id-netscape-certtype
+oid_get_x509_extension:"6086480186F8420101":MBEDTLS_OID_X509_EXT_NS_CERT_TYPE
+
+OID get x509 extension - id-ce-certificatePolicies
+oid_get_x509_extension:"551D20":MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES
+
+OID get x509 extension - invalid oid
+oid_get_x509_extension:"5533445566":0
+
+OID get x509 extension - wrong oid - id-ce
+oid_get_x509_extension:"551D":0
+
+OID hash id - id-md5
+depends_on:MBEDTLS_MD5_C
+oid_get_md_alg_id:"2A864886f70d0205":MBEDTLS_MD_MD5
+
+OID hash id - id-sha1
+depends_on:MBEDTLS_SHA1_C
+oid_get_md_alg_id:"2b0e03021a":MBEDTLS_MD_SHA1
+
+OID hash id - id-sha224
+depends_on:MBEDTLS_SHA256_C
+oid_get_md_alg_id:"608648016503040204":MBEDTLS_MD_SHA224
+
+OID hash id - id-sha256
+depends_on:MBEDTLS_SHA256_C
+oid_get_md_alg_id:"608648016503040201":MBEDTLS_MD_SHA256
+
+OID hash id - id-sha384
+depends_on:MBEDTLS_SHA512_C
+oid_get_md_alg_id:"608648016503040202":MBEDTLS_MD_SHA384
+
+OID hash id - id-sha512
+depends_on:MBEDTLS_SHA512_C
+oid_get_md_alg_id:"608648016503040203":MBEDTLS_MD_SHA512
+
+OID hash id - id-ripemd160
+depends_on:MBEDTLS_RIPEMD160_C
+oid_get_md_alg_id:"2b24030201":MBEDTLS_MD_RIPEMD160
+
+OID hash id - invalid oid
+oid_get_md_alg_id:"2B864886f70d0204":-1
+
+OID get numeric string - hardware module name
+oid_get_numeric_string:"2B06010505070804":0:"1.3.6.1.5.5.7.8.4"
+
+OID get numeric string - multi-byte subidentifier
+oid_get_numeric_string:"29903C":0:"1.1.2108"
+
+OID get numeric string - second component greater than 39
+oid_get_numeric_string:"81010000863A00":0:"2.49.0.0.826.0"
+
+OID get numeric string - multi-byte first subidentifier
+oid_get_numeric_string:"8837":0:"2.999"
+
+OID get numeric string - second subidentifier not terminated
+oid_get_numeric_string:"0081":MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
+
+OID get numeric string - empty oid buffer
+oid_get_numeric_string:"":MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
+
+OID get numeric string - no final / all bytes have top bit set
+oid_get_numeric_string:"818181":MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
+
+OID get numeric string - 0.39
+oid_get_numeric_string:"27":0:"0.39"
+
+OID get numeric string - 1.0
+oid_get_numeric_string:"28":0:"1.0"
+
+OID get numeric string - 1.39
+oid_get_numeric_string:"4f":0:"1.39"
+
+OID get numeric string - 2.0
+oid_get_numeric_string:"50":0:"2.0"
+
+OID get numeric string - 1 byte first subidentifier beyond 2.39
+oid_get_numeric_string:"7f":0:"2.47"
+
+# Encodes the number 0x0400000000 as a subidentifier which overflows 32-bits
+OID get numeric string - 32-bit overflow
+oid_get_numeric_string:"C080808000":MBEDTLS_ERR_ASN1_INVALID_DATA:""
+
+OID get numeric string - 32-bit overflow, second subidentifier
+oid_get_numeric_string:"2BC080808000":MBEDTLS_ERR_ASN1_INVALID_DATA:""
+
+OID get numeric string - overlong encoding
+oid_get_numeric_string:"8001":MBEDTLS_ERR_ASN1_INVALID_DATA:""
+
+OID get numeric string - overlong encoding, second subidentifier
+oid_get_numeric_string:"2B8001":MBEDTLS_ERR_ASN1_INVALID_DATA:""
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_oid.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_oid.function
new file mode 100644
index 0000000..c06e337
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_oid.function
@@ -0,0 +1,121 @@
+/* BEGIN_HEADER */
+#include "mbedtls/oid.h"
+#include "mbedtls/asn1.h"
+#include "mbedtls/asn1write.h"
+#include "string.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_OID_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void oid_get_certificate_policies(data_t *oid, char *result_str)
+{
+    mbedtls_asn1_buf asn1_buf = { 0, 0, NULL };
+    int ret;
+    const char *desc;
+
+    asn1_buf.tag = MBEDTLS_ASN1_OID;
+    asn1_buf.p = oid->x;
+    asn1_buf.len = oid->len;
+
+    ret = mbedtls_oid_get_certificate_policies(&asn1_buf, &desc);
+    if (strlen(result_str) == 0) {
+        TEST_ASSERT(ret == MBEDTLS_ERR_OID_NOT_FOUND);
+    } else {
+        TEST_ASSERT(ret == 0);
+        TEST_ASSERT(strcmp((char *) desc, result_str) == 0);
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void oid_get_extended_key_usage(data_t *oid, char *result_str)
+{
+    mbedtls_asn1_buf asn1_buf = { 0, 0, NULL };
+    int ret;
+    const char *desc;
+
+    asn1_buf.tag = MBEDTLS_ASN1_OID;
+    asn1_buf.p = oid->x;
+    asn1_buf.len = oid->len;
+
+    ret = mbedtls_oid_get_extended_key_usage(&asn1_buf, &desc);
+    if (strlen(result_str) == 0) {
+        TEST_ASSERT(ret == MBEDTLS_ERR_OID_NOT_FOUND);
+    } else {
+        TEST_ASSERT(ret == 0);
+        TEST_ASSERT(strcmp((char *) desc, result_str) == 0);
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void oid_get_x509_extension(data_t *oid, int exp_type)
+{
+    mbedtls_asn1_buf ext_oid = { 0, 0, NULL };
+    int ret;
+    int ext_type;
+
+    ext_oid.tag = MBEDTLS_ASN1_OID;
+    ext_oid.p = oid->x;
+    ext_oid.len = oid->len;
+
+    ret = mbedtls_oid_get_x509_ext_type(&ext_oid, &ext_type);
+    if (exp_type == 0) {
+        TEST_ASSERT(ret == MBEDTLS_ERR_OID_NOT_FOUND);
+    } else {
+        TEST_ASSERT(ret == 0);
+        TEST_ASSERT(ext_type == exp_type);
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void oid_get_md_alg_id(data_t *oid, int exp_md_id)
+{
+    mbedtls_asn1_buf md_oid = { 0, 0, NULL };
+    int ret;
+    mbedtls_md_type_t md_id = 0;
+
+    md_oid.tag = MBEDTLS_ASN1_OID;
+    md_oid.p = oid->x;
+    md_oid.len = oid->len;
+
+    ret = mbedtls_oid_get_md_alg(&md_oid, &md_id);
+
+    if (exp_md_id < 0) {
+        TEST_ASSERT(ret == MBEDTLS_ERR_OID_NOT_FOUND);
+        TEST_ASSERT(md_id == 0);
+    } else {
+        TEST_ASSERT(ret == 0);
+        TEST_ASSERT((mbedtls_md_type_t) exp_md_id == md_id);
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void oid_get_numeric_string(data_t *oid, int error_ret, char *result_str)
+{
+    char buf[256];
+    mbedtls_asn1_buf input_oid = { 0, 0, NULL };
+    int ret;
+
+    input_oid.tag = MBEDTLS_ASN1_OID;
+    /* Test that an empty OID is not dereferenced */
+    input_oid.p = oid->len ? oid->x : (void *) 1;
+    input_oid.len = oid->len;
+
+    ret = mbedtls_oid_get_numeric_string(buf, sizeof(buf), &input_oid);
+
+    if (error_ret == 0) {
+        TEST_EQUAL(ret, strlen(result_str));
+        TEST_ASSERT(ret >= 3);
+        TEST_EQUAL(strcmp(buf, result_str), 0);
+    } else {
+        TEST_EQUAL(ret, error_ret);
+    }
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pem.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pem.data
similarity index 93%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pem.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pem.data
index 77546c5..0f4b6b4 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pem.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pem.data
@@ -22,7 +22,12 @@ mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3
 PEM read (DES-CBC + invalid iv)
 mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV
 
+PEM read (AES-128-CBC + invalid iv)
+depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C
+mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-128-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV
+
 PEM read (unknown encryption algorithm)
+depends_on:MBEDTLS_AES_C
 mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-,00$":"pwd":MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG
 
 PEM read (malformed PEM DES-CBC)
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pem.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pem.function
new file mode 100644
index 0000000..8aac3cf
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pem.function
@@ -0,0 +1,53 @@
+/* BEGIN_HEADER */
+#include "mbedtls/base64.h"
+#include "mbedtls/pem.h"
+#include "mbedtls/des.h"
+#include "mbedtls/aes.h"
+/* END_HEADER */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */
+void mbedtls_pem_write_buffer(char *start, char *end, data_t *buf,
+                              char *result_str)
+{
+    unsigned char *check_buf = NULL;
+    int ret;
+    size_t olen = 0, olen2 = 0;
+
+
+    ret = mbedtls_pem_write_buffer(start, end, buf->x, buf->len, NULL, 0, &olen);
+    TEST_ASSERT(ret == MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL);
+
+    check_buf = (unsigned char *) mbedtls_calloc(1, olen);
+    TEST_ASSERT(check_buf != NULL);
+
+    ret = mbedtls_pem_write_buffer(start, end, buf->x, buf->len, check_buf, olen, &olen2);
+
+    TEST_ASSERT(olen2 <= olen);
+    TEST_ASSERT(olen > strlen((char *) result_str));
+    TEST_ASSERT(ret == 0);
+    TEST_ASSERT(strncmp((char *) check_buf, (char *) result_str, olen) == 0);
+
+exit:
+    mbedtls_free(check_buf);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_AES_C:MBEDTLS_DES_C:MBEDTLS_MD5_C:MBEDTLS_CIPHER_MODE_CBC */
+void mbedtls_pem_read_buffer(char *header, char *footer, char *data,
+                             char *pwd, int res)
+{
+    mbedtls_pem_context ctx;
+    int ret;
+    size_t use_len = 0;
+    size_t pwd_len = strlen(pwd);
+
+    mbedtls_pem_init(&ctx);
+
+    ret = mbedtls_pem_read_buffer(&ctx, header, footer, (unsigned char *) data,
+                                  (unsigned char *) pwd, pwd_len, &use_len);
+    TEST_ASSERT(ret == res);
+
+exit:
+    mbedtls_pem_free(&ctx);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pk.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pk.data
new file mode 100644
index 0000000..5248074
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pk.data
@@ -0,0 +1,309 @@
+PK invalid parameters
+invalid_parameters:
+
+PK valid parameters
+valid_parameters:
+
+PK write valid parameters
+depends_on:MBEDTLS_RSA_C
+valid_parameters_pkwrite:"308204a20201000282010100a9021f3d406ad555538bfd36ee82652e15615e89bfb8e84590dbee881652d3f143504796125964876bfd2be046f973beddcf92e1915bed66a06f8929794580d0836ad54143775f397c09044782b0573970eda3ec15191ea8330847c10542a9fd4cc3b4dfdd061f4d1051406773130f40f86d81255f0ab153c6307e1539acf95aee7f929ea6055be7139785b52392d9d42406d50925897507dda61a8f3f0919bead652c64eb959bdcfe415e17a6da6c5b69cc02ba142c16249c4adccdd0f7526773f12da023fd7ef431ca2d70ca890b04db2ea64f706e9ecebd5889e253599e6e5a9265e2883f0c9419a3dde5e89d9513ed29dbab7012dc5aca6b17ab528254b10203010001028201001689f5e89142ae18a6ffb0513715a4b0b4a13b9e5b3729a2bd62d738c6e15cea7bf3a4d85ab2193a0628c9452bb1f0c1af8b132789df1c95e72778bf5330f5b0d915d242d5e0818e85001ed5fa93d1ce13455deb0a15438562e8e3c8d60ec1e4c9ebff9f2b36b9cde9332cc79f0d17a7ae79cc1353cd75409ad9b4b6d7ee3d82af6f3207656cf2ac98947c15c398db0cebf8dc3eef5398269480cdd09411b960273ae3f364da09af849f24aa87346c58618ea91d9d6cd1d3932c80dbfc1f0a4166a9036911999ca27761079f0ce02db02c1c909ff9b4278578d7bb1b54b2b7082fc9e864b6b394e331c0d11a9a68255565b6dd477f4119c5809839520700711102818100d7db987ad86de6a9b0749fb5da80bacde3bebd72dcc83f60a27db74f927ac3661386577bfce5b4a00ad024682401d6aad29713c8e223b53415305ca07559821099b187fdd1bad3dc4dec9da96f5fa6128331e8f7d89f1e1a788698d1a27256dc7cd392f04e531a9e38e7265bf4fd7eec01e7835e9b1a0dd8923e440381be1c2702818100c87025fff7a493c623404966fbc8b32ed164ca620ad1a0ad11ef42fd12118456017856a8b42e5d4ad36104e9dc9f8a2f3003c3957ffddb20e2f4e3fc3cf2cdddae01f57a56de4fd24b91ab6d3e5cc0e8af0473659594a6bbfdaacf958f19c8d508eac12d8977616af6877106288093d37904a139220c1bc278ea56edc086976702818043e708685c7cf5fa9b4f948e1856366d5e1f3a694f9a8e954f884c89f3823ac5798ee12657bfcaba2dac9c47464c6dc2fecc17a531be19da706fee336bb6e47b645dbc71d3eff9856bddeb1ac9b644ffbdd58d7ba9e1240f1faaf797ba8a4d58becbaf85789e1bd979fcfccc209d3db7f0416bc9eef09b3a6d86b8ce8199d4310281804f4b86ccffe49d0d8ace98fb63ea9f708b284ba483d130b6a75cb76cb4e4372d6b41774f20912319420ca4cbfc1b25a8cb5f01d6381f6ebc50ed3ef08010327f5ba2acc1ac7220b3fa6f7399314db2879b0db0b5647abd87abb01295815a5b086491b2c0d81c616ed67ef8a8ce0727f446711d7323d4147b5828a52143c43b4b028180540756beba83c20a0bda11d6dec706a71744ff28090cec079dffb507d82828038fe657f61496a20317f779cb683ce8196c29a6fe28839a282eef4de57773be56808b0c3e2ac7747e2b200b2fbf20b55258cd24622a1ce0099de098ab0855106ae087f08b0c8c346d81619400c1b4838e33ed9ff90f05db8fccf8fb7ab881ca12"
+
+PK utils: RSA 512-bit
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
+pk_utils:MBEDTLS_PK_RSA:512:512:64:"RSA"
+
+PK utils: ECKEY SECP192R1
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+pk_utils:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP192R1:192:24:"EC"
+
+PK utils: ECKEY_DH SECP192R1
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+pk_utils:MBEDTLS_PK_ECKEY_DH:MBEDTLS_ECP_DP_SECP192R1:192:24:"EC_DH"
+
+PK utils: ECKEY_DH Curve25519
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+pk_utils:MBEDTLS_PK_ECKEY_DH:MBEDTLS_ECP_DP_CURVE25519:255:32:"EC_DH"
+
+PK utils: ECKEY_DH Curve448
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE448_ENABLED
+pk_utils:MBEDTLS_PK_ECKEY_DH:MBEDTLS_ECP_DP_CURVE448:448:56:"EC_DH"
+
+PK utils: ECDSA SECP192R1
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+pk_utils:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP192R1:192:24:"ECDSA"
+
+PK utils: ECDSA SECP256R1
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_utils:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:256:32:"ECDSA"
+
+PK utils: ECDSA SECP384R1
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+pk_utils:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP384R1:384:48:"ECDSA"
+
+PK utils: ECDSA SECP521R1
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+pk_utils:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP521R1:521:66:"ECDSA"
+
+PK PSA utilities: setup/free, info functions, unsupported operations
+pk_psa_utils:
+
+RSA verify test vector #1 (good)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
+pk_rsa_verify_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0
+
+RSA verify test vector #2 (bad)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
+pk_rsa_verify_test_vec:"d6248c3e96b1a7e5fea978870fcc4c9786b4e5156e16b7faef4557d667f730b8bc4c784ef00c624df5309513c3a5de8ca94c2152e0459618666d3148092562ebc256ffca45b27fd2d63c68bd5e0a0aefbe496e9e63838a361b1db6fc272464f191490bf9c029643c49d2d9cd08833b8a70b4b3431f56fb1eb55ccd39e77a9c92":MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd":MBEDTLS_ERR_RSA_VERIFY_FAILED
+
+ECDSA verify test vector #1 (good)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP192R1:"046FDD3028FA94A863CD4F78DBFF8B3AA561FC6D9CCBBCA88E0AE6FA437F5415F957542D0717FF8B84562DAE99872EF841":"546869732073686F756C64206265207468652068617368206F662061206D6573736167652E00":"30350218185B2A7FB5CD9C9A8488B119B68B47D6EC833509CE9FA1FF021900FB7D259A744A2348BD45D241A39DC915B81CC2084100FA24":0
+
+ECDSA verify test vector #2 (bad)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP192R1:"046FDD3028FA94A863CD4F78DBFF8B3AA561FC6D9CCBBCA88E0AE6FA437F5415F957542D0717FF8B84562DAE99872EF841":"546869732073686F756C64206265207468652068617368206F662061206D6573736167652E00":"30350218185B2A7FB5CD9C9A8488B119B68B47D6EC833509CE9FA1FF021900FB7D259A744A2348BD45D241A39DC915B81CC2084100FA25":MBEDTLS_ERR_ECP_VERIFY_FAILED
+
+EC(DSA) verify test vector #1 (good)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP192R1:"046FDD3028FA94A863CD4F78DBFF8B3AA561FC6D9CCBBCA88E0AE6FA437F5415F957542D0717FF8B84562DAE99872EF841":"546869732073686F756C64206265207468652068617368206F662061206D6573736167652E00":"30350218185B2A7FB5CD9C9A8488B119B68B47D6EC833509CE9FA1FF021900FB7D259A744A2348BD45D241A39DC915B81CC2084100FA24":0
+
+EC(DSA) verify test vector #2 (bad)
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP192R1:"046FDD3028FA94A863CD4F78DBFF8B3AA561FC6D9CCBBCA88E0AE6FA437F5415F957542D0717FF8B84562DAE99872EF841":"546869732073686F756C64206265207468652068617368206F662061206D6573736167652E00":"30350218185B2A7FB5CD9C9A8488B119B68B47D6EC833509CE9FA1FF021900FB7D259A744A2348BD45D241A39DC915B81CC2084100FA25":MBEDTLS_ERR_ECP_VERIFY_FAILED
+
+EC(DSA) verify test vector: good, bitlen(r) = 256
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"3046022100faecc085c6c5362b91ff1fd6dd77da80bc071bee9ff1ac0ef9509c017f13267c022100a7d0b908c938d3dd6c6a9cdc5b0a4a4ee455c519c1ff6cda959806b7e7461ba0":0
+
+EC(DSA) verify test vector: good, bitlen(r) = 255
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30450220639f36215b2ff09bb2beb871e122de74c8d5e29ce8a105aa2b95661f42803e72022100becd8f81b2c186f9d5d2c92378d7b9452ce6de231b0c8d17bac2d8537d2331fd":0
+
+EC(DSA) verify test vector: good, bitlen(r) = 248
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30450220009109f967f9082abc9c46e5ea07936529b82023a1a49b872c046f430983db2602210085f0b1960d61f8d75109b5b7ff991d3171320d2ab547104f864048455a965090":0
+
+EC(DSA) verify test vector: good, bitlen(r) = 247
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"3044021f461786833b50247b07194da6cedbd3caefbcd19c73b6283ccff5097cd0d73b022100d85d20b0b8c3b596eb1cdb0381e681fa0a8bccde4e89c139020af3b0f88e099c":0
+
+EC(DSA) verify test vector: good, bitlen(s) = 256
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30450220639f36215b2ff09bb2beb871e122de74c8d5e29ce8a105aa2b95661f42803e72022100becd8f81b2c186f9d5d2c92378d7b9452ce6de231b0c8d17bac2d8537d2331fd":0
+
+EC(DSA) verify test vector: good, bitlen(s) = 255
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"304402206ae26950c606d08fe5e1682efdccfb3a7213ca46bd523ffd20c4213fe1400d3402207612106ada7055926167650b257da7f4c42c190b8aa9e3b680f8751fe90c63a5":0
+
+EC(DSA) verify test vector: good, bitlen(s) = 248
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"3045022100fd4d718ab483827492e10b89745fad100d2dd257102b99aff179ee596a569f1f022000a1b777e32a8b4909763b615b805e59194e6196eb05719287a36eb5f17aa485":0
+
+EC(DSA) verify test vector: good, bitlen(s) = 247
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30430220685a6994daa6a14e4411b5267edc2a00beee907f2dddd956b2a5a1df791c15f8021f675db4538c000c734489ac737fddd5a739c5a23cd6c6eceea70c286ca4fac9":0
+
+ECDSA sign-verify: SECP192R1
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP192R1:0:0
+
+ECDSA sign-verify: SECP256R1
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:0:0
+
+ECDSA sign-verify: SECP384R1
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP384R1:0:0
+
+ECDSA sign-verify: SECP521R1
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP521R1:0:0
+
+ECDSA sign-verify: BP256R1
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
+pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_BP256R1:0:0
+
+ECDSA sign-verify: BP512R1
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
+pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_BP512R1:0:0
+
+EC(DSA) sign-verify: SECP192R1
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+pk_sign_verify:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP192R1:0:0
+
+EC_DH (no) sign-verify: SECP192R1
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+pk_sign_verify:MBEDTLS_PK_ECKEY_DH:MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ERR_PK_TYPE_MISMATCH:MBEDTLS_ERR_PK_TYPE_MISMATCH
+
+RSA sign-verify
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME
+pk_sign_verify:MBEDTLS_PK_RSA:512:0:0
+
+RSA encrypt test vector
+depends_on:MBEDTLS_PKCS1_V15
+pk_rsa_encrypt_test_vec:"4E636AF98E40F3ADCFCCB698F4E80B9F":2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"b0c0b193ba4a5b4502bfacd1a9c2697da5510f3e3ab7274cf404418afd2c62c89b98d83bbc21c8c1bf1afe6d8bf40425e053e9c03e03a3be0edbe1eda073fade1cc286cc0305a493d98fe795634c3cad7feb513edb742d66d910c87d07f6b0055c3488bb262b5fd1ce8747af64801fb39d2d3a3e57086ffe55ab8d0a2ca86975629a0f85767a4990c532a7c2dab1647997ebb234d0b28a0008bfebfc905e7ba5b30b60566a5e0190417465efdbf549934b8f0c5c9f36b7c5b6373a47ae553ced0608a161b1b70dfa509375cf7a3598223a6d7b7a1d1a06ac74d345a9bb7c0e44c8388858a4f1d8115f2bd769ffa69020385fa286302c80e950f9e2751308666c":0
+
+RSA decrypt test vector #1
+depends_on:MBEDTLS_PKCS1_V15
+pk_rsa_decrypt_test_vec:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"4E636AF98E40F3ADCFCCB698F4E80B9F":0
+
+RSA decrypt test vector #2
+depends_on:MBEDTLS_PKCS1_V15
+pk_rsa_decrypt_test_vec:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404feb284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_INVALID_PADDING
+
+EC nocrypt
+depends_on:MBEDTLS_ECP_C
+pk_ec_nocrypt:MBEDTLS_PK_ECKEY
+
+EC-DH nocrypt
+depends_on:MBEDTLS_ECP_C
+pk_ec_nocrypt:MBEDTLS_PK_ECKEY_DH
+
+ECDSA nocrypt
+depends_on:MBEDTLS_ECDSA_C
+pk_ec_nocrypt:MBEDTLS_PK_ECDSA
+
+RSA_ALT consistency
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME
+pk_rsa_alt:
+
+Verify ext RSA #1 (PKCS1 v2.1, salt_len = ANY, OK)
+depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:0
+
+Verify ext RSA #2 (PKCS1 v2.1, salt_len = ANY, wrong message)
+depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+pk_rsa_verify_ext_test_vec:"54657374206d657373616766":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_VERIFY_FAILED
+
+Verify ext RSA #3 (PKCS1 v2.1, salt_len = 0, OK)
+depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:0:0
+
+Verify ext RSA #4 (PKCS1 v2.1, salt_len = max, OK)
+depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:94:0
+
+Verify ext RSA #5 (PKCS1 v2.1, wrong salt_len)
+depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:32:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+Verify ext RSA #6 (PKCS1 v2.1, MGF1 alg != MSG hash alg)
+depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_NONE:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:0
+
+Verify ext RSA #7 (PKCS1 v2.1, wrong MGF1 alg != MSG hash alg)
+depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C
+pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_NONE:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA1:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+Verify ext RSA #8 (PKCS1 v2.1, RSASSA-PSS without options)
+depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:-1:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_PK_BAD_INPUT_DATA
+
+Verify ext RSA #9 (PKCS1 v1.5, RSA with options)
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_PK_BAD_INPUT_DATA
+
+Verify ext RSA #10 (PKCS1 v1.5, RSA without options)
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSA:-1:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_VERIFY_FAILED
+
+Verify ext RSA #11 (PKCS1 v2.1, asking for ECDSA)
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C
+pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_ECDSA:-1:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_PK_TYPE_MISMATCH
+
+Verify ext RSA #12 (PKCS1 v1.5, good)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
+pk_rsa_verify_ext_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":MBEDTLS_PK_RSA:-1:MBEDTLS_RSA_SALT_LEN_ANY:0
+
+Check pair #1 (EC, OK)
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_PEM_PARSE_C
+mbedtls_pk_check_pair:"data_files/ec_256_pub.pem":"data_files/ec_256_prv.pem":0
+
+Check pair #2 (EC, bad)
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_PEM_PARSE_C
+mbedtls_pk_check_pair:"data_files/ec_256_pub.pem":"data_files/server5.key":MBEDTLS_ERR_ECP_BAD_INPUT_DATA
+
+Check pair #3 (RSA, OK)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C
+mbedtls_pk_check_pair:"data_files/server1.pubkey":"data_files/server1.key":0
+
+Check pair #4 (RSA, bad)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C
+mbedtls_pk_check_pair:"data_files/server1.pubkey":"data_files/server2.key":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+Check pair #5 (RSA vs EC)
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C
+mbedtls_pk_check_pair:"data_files/ec_256_pub.pem":"data_files/server1.key":MBEDTLS_ERR_PK_TYPE_MISMATCH
+
+RSA hash_len overflow (size_t vs unsigned int)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_HAVE_INT64
+pk_rsa_overflow:
+
+ECDSA restartable sign/verify: ECDSA, max_ops=0 (disabled)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+pk_sign_verify_restart:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":0:0:0
+
+ECDSA restartable sign/verify: ECKEY, max_ops=0 (disabled)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":0:0:0
+
+ECDSA restartable sign/verify: ECDSA, max_ops=1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+pk_sign_verify_restart:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":1:1:10000
+
+ECDSA restartable sign/verify: ECKEY, max_ops=1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":1:1:10000
+
+ECDSA restartable sign/verify: ECDSA, max_ops=10000
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+pk_sign_verify_restart:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":10000:0:0
+
+ECDSA restartable sign/verify: ECKEY, max_ops=10000
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":10000:0:0
+
+ECDSA restartable sign/verify: ECDSA, max_ops=250
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+pk_sign_verify_restart:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":250:2:64
+
+ECDSA restartable sign/verify: ECKEY, max_ops=250
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":250:2:64
+
+PSA wrapped sign: SECP256R1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_psa_sign:MBEDTLS_ECP_DP_SECP256R1:PSA_ECC_FAMILY_SECP_R1:256
+
+PSA wrapped sign: SECP384R1
+depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+pk_psa_sign:MBEDTLS_ECP_DP_SECP384R1:PSA_ECC_FAMILY_SECP_R1:384
+
+PSA wrapped sign: SECP521R1
+depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+pk_psa_sign:MBEDTLS_ECP_DP_SECP521R1:PSA_ECC_FAMILY_SECP_R1:521
+
+PSA wrapped sign: SECP192K1
+depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED
+pk_psa_sign:MBEDTLS_ECP_DP_SECP192K1:PSA_ECC_FAMILY_SECP_K1:192
+
+## Currently buggy: https://github.com/Mbed-TLS/mbed-crypto/issues/336
+# PSA wrapped sign: SECP224K1
+# depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
+# pk_psa_sign:MBEDTLS_ECP_DP_SECP224K1:PSA_ECC_FAMILY_SECP_K1:224
+
+PSA wrapped sign: SECP256K1
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+pk_psa_sign:MBEDTLS_ECP_DP_SECP256K1:PSA_ECC_FAMILY_SECP_K1:256
+
+PSA wrapped sign: BP256R1
+depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED
+pk_psa_sign:MBEDTLS_ECP_DP_BP256R1:PSA_ECC_FAMILY_BRAINPOOL_P_R1:256
+
+PSA wrapped sign: BP384R1
+depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED
+pk_psa_sign:MBEDTLS_ECP_DP_BP384R1:PSA_ECC_FAMILY_BRAINPOOL_P_R1:384
+
+PSA wrapped sign: BP512R1
+depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED
+pk_psa_sign:MBEDTLS_ECP_DP_BP512R1:PSA_ECC_FAMILY_BRAINPOOL_P_R1:512
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pk.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pk.function
new file mode 100644
index 0000000..c17037f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pk.function
@@ -0,0 +1,1327 @@
+/* BEGIN_HEADER */
+#include "mbedtls/pk.h"
+
+/* For error codes */
+#include "mbedtls/asn1.h"
+#include "mbedtls/base64.h"
+#include "mbedtls/ecp.h"
+#include "mbedtls/rsa.h"
+
+#include <limits.h>
+#include <stdint.h>
+
+/* Needed only for test case data under #if defined(MBEDTLS_USE_PSA_CRYPTO),
+ * but the test code generator requires test case data to be valid C code
+ * unconditionally (https://github.com/Mbed-TLS/mbedtls/issues/2023). */
+#include "psa/crypto.h"
+
+#define RSA_KEY_SIZE 512
+#define RSA_KEY_LEN   64
+
+/** Generate a key of the desired type.
+ *
+ * \param pk        The PK object to fill. It must have been initialized
+ *                  with mbedtls_pk_setup().
+ * \param parameter - For RSA keys, the key size in bits.
+ *                  - For EC keys, the curve (\c MBEDTLS_ECP_DP_xxx).
+ *
+ * \return          The status from the underlying type-specific key
+ *                  generation function.
+ * \return          -1 if the key type is not recognized.
+ */
+static int pk_genkey(mbedtls_pk_context *pk, int parameter)
+{
+    ((void) pk);
+    (void) parameter;
+
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
+    if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_RSA) {
+        return mbedtls_rsa_gen_key(mbedtls_pk_rsa(*pk),
+                                   mbedtls_test_rnd_std_rand, NULL,
+                                   parameter, 3);
+    }
+#endif
+#if defined(MBEDTLS_ECP_C)
+    if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_ECKEY ||
+        mbedtls_pk_get_type(pk) == MBEDTLS_PK_ECKEY_DH ||
+        mbedtls_pk_get_type(pk) == MBEDTLS_PK_ECDSA) {
+        int ret;
+        if ((ret = mbedtls_ecp_group_load(&mbedtls_pk_ec(*pk)->grp,
+                                          parameter)) != 0) {
+            return ret;
+        }
+
+        return mbedtls_ecp_gen_keypair(&mbedtls_pk_ec(*pk)->grp,
+                                       &mbedtls_pk_ec(*pk)->d,
+                                       &mbedtls_pk_ec(*pk)->Q,
+                                       mbedtls_test_rnd_std_rand, NULL);
+    }
+#endif
+    return -1;
+}
+
+#if defined(MBEDTLS_RSA_C)
+int mbedtls_rsa_decrypt_func(void *ctx, int mode, size_t *olen,
+                             const unsigned char *input, unsigned char *output,
+                             size_t output_max_len)
+{
+    return mbedtls_rsa_pkcs1_decrypt((mbedtls_rsa_context *) ctx,
+                                     mbedtls_test_rnd_std_rand, NULL, mode,
+                                     olen, input, output, output_max_len);
+}
+int mbedtls_rsa_sign_func(void *ctx,
+                          int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+                          int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
+                          const unsigned char *hash, unsigned char *sig)
+{
+    ((void) f_rng);
+    ((void) p_rng);
+    return mbedtls_rsa_pkcs1_sign((mbedtls_rsa_context *) ctx,
+                                  mbedtls_test_rnd_std_rand, NULL, mode,
+                                  md_alg, hashlen, hash, sig);
+}
+size_t mbedtls_rsa_key_len_func(void *ctx)
+{
+    return ((const mbedtls_rsa_context *) ctx)->len;
+}
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+
+/*
+ * Generate a key using PSA and return the key identifier of that key,
+ * or 0 if the key generation failed.
+ * The key uses NIST P-256 and is usable for signing with SHA-256.
+ */
+mbedtls_svc_key_id_t pk_psa_genkey(void)
+{
+    mbedtls_svc_key_id_t key;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    const psa_key_type_t type =
+        PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1);
+    const size_t bits = 256;
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH);
+    psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(PSA_ALG_SHA_256));
+    psa_set_key_type(&attributes, type);
+    psa_set_key_bits(&attributes, bits);
+    PSA_ASSERT(psa_generate_key(&attributes, &key));
+
+exit:
+    return key;
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PK_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+void pk_psa_utils()
+{
+    mbedtls_pk_context pk, pk2;
+    mbedtls_svc_key_id_t key;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    const char * const name = "Opaque";
+    const size_t bitlen = 256; /* hardcoded in genkey() */
+
+    mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
+    unsigned char b1[1], b2[1];
+    size_t len;
+    mbedtls_pk_debug_item dbg;
+
+    mbedtls_pk_init(&pk);
+    mbedtls_pk_init(&pk2);
+
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_pk_setup_opaque(&pk, MBEDTLS_SVC_KEY_ID_INIT) ==
+                MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+
+    mbedtls_pk_free(&pk);
+    mbedtls_pk_init(&pk);
+
+    key = pk_psa_genkey();
+    if (mbedtls_svc_key_id_is_null(key)) {
+        goto exit;
+    }
+
+    TEST_ASSERT(mbedtls_pk_setup_opaque(&pk, key) == 0);
+
+    TEST_ASSERT(mbedtls_pk_get_type(&pk) == MBEDTLS_PK_OPAQUE);
+    TEST_ASSERT(strcmp(mbedtls_pk_get_name(&pk), name) == 0);
+
+    TEST_ASSERT(mbedtls_pk_get_bitlen(&pk) == bitlen);
+    TEST_ASSERT(mbedtls_pk_get_len(&pk) == bitlen / 8);
+
+    TEST_ASSERT(mbedtls_pk_can_do(&pk, MBEDTLS_PK_ECKEY) == 1);
+    TEST_ASSERT(mbedtls_pk_can_do(&pk, MBEDTLS_PK_ECDSA) == 1);
+    TEST_ASSERT(mbedtls_pk_can_do(&pk, MBEDTLS_PK_RSA) == 0);
+
+    /* unsupported operations: verify, decrypt, encrypt */
+    TEST_ASSERT(mbedtls_pk_verify(&pk, md_alg,
+                                  b1, sizeof(b1), b2, sizeof(b2))
+                == MBEDTLS_ERR_PK_TYPE_MISMATCH);
+    TEST_ASSERT(mbedtls_pk_decrypt(&pk, b1, sizeof(b1),
+                                   b2, &len, sizeof(b2),
+                                   NULL, NULL)
+                == MBEDTLS_ERR_PK_TYPE_MISMATCH);
+    TEST_ASSERT(mbedtls_pk_encrypt(&pk, b1, sizeof(b1),
+                                   b2, &len, sizeof(b2),
+                                   NULL, NULL)
+                == MBEDTLS_ERR_PK_TYPE_MISMATCH);
+
+    /* unsupported functions: check_pair, debug */
+    TEST_ASSERT(mbedtls_pk_setup(&pk2,
+                                 mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)) == 0);
+    TEST_ASSERT(mbedtls_pk_check_pair(&pk, &pk2)
+                == MBEDTLS_ERR_PK_TYPE_MISMATCH);
+    TEST_ASSERT(mbedtls_pk_debug(&pk, &dbg)
+                == MBEDTLS_ERR_PK_TYPE_MISMATCH);
+
+    /* test that freeing the context does not destroy the key */
+    mbedtls_pk_free(&pk);
+    TEST_ASSERT(PSA_SUCCESS == psa_get_key_attributes(key, &attributes));
+    TEST_ASSERT(PSA_SUCCESS == psa_destroy_key(key));
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    mbedtls_pk_free(&pk);   /* redundant except upon error */
+    mbedtls_pk_free(&pk2);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+
+/* BEGIN_CASE */
+void valid_parameters()
+{
+    mbedtls_pk_context pk;
+    unsigned char buf[1];
+    size_t len;
+    void *options = NULL;
+
+    mbedtls_pk_init(&pk);
+    USE_PSA_INIT();
+
+    TEST_VALID_PARAM(mbedtls_pk_free(NULL));
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    TEST_VALID_PARAM(mbedtls_pk_restart_free(NULL));
+#endif
+
+    TEST_ASSERT(mbedtls_pk_setup(&pk, NULL) ==
+                MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+
+    /* In informational functions, we accept NULL where a context pointer
+     * is expected because that's what the library has done forever.
+     * We do not document that NULL is accepted, so we may wish to change
+     * the behavior in a future version. */
+    TEST_ASSERT(mbedtls_pk_get_bitlen(NULL) == 0);
+    TEST_ASSERT(mbedtls_pk_get_len(NULL) == 0);
+    TEST_ASSERT(mbedtls_pk_can_do(NULL, MBEDTLS_PK_NONE) == 0);
+
+    TEST_ASSERT(mbedtls_pk_sign_restartable(&pk,
+                                            MBEDTLS_MD_NONE,
+                                            NULL, 0,
+                                            buf, &len,
+                                            mbedtls_test_rnd_std_rand, NULL,
+                                            NULL) ==
+                MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+
+    TEST_ASSERT(mbedtls_pk_sign_restartable(&pk,
+                                            MBEDTLS_MD_NONE,
+                                            NULL, 0,
+                                            buf, &len,
+                                            mbedtls_test_rnd_std_rand, NULL,
+                                            NULL) ==
+                MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+
+    TEST_ASSERT(mbedtls_pk_sign(&pk,
+                                MBEDTLS_MD_NONE,
+                                NULL, 0,
+                                buf, &len,
+                                mbedtls_test_rnd_std_rand, NULL) ==
+                MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+
+    TEST_ASSERT(mbedtls_pk_verify_restartable(&pk,
+                                              MBEDTLS_MD_NONE,
+                                              NULL, 0,
+                                              buf, sizeof(buf),
+                                              NULL) ==
+                MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+
+    TEST_ASSERT(mbedtls_pk_verify(&pk,
+                                  MBEDTLS_MD_NONE,
+                                  NULL, 0,
+                                  buf, sizeof(buf)) ==
+                MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+
+    TEST_ASSERT(mbedtls_pk_verify_ext(MBEDTLS_PK_NONE, options,
+                                      &pk,
+                                      MBEDTLS_MD_NONE,
+                                      NULL, 0,
+                                      buf, sizeof(buf)) ==
+                MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+
+    TEST_ASSERT(mbedtls_pk_encrypt(&pk,
+                                   NULL, 0,
+                                   NULL, &len, 0,
+                                   mbedtls_test_rnd_std_rand, NULL) ==
+                MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+
+    TEST_ASSERT(mbedtls_pk_decrypt(&pk,
+                                   NULL, 0,
+                                   NULL, &len, 0,
+                                   mbedtls_test_rnd_std_rand, NULL) ==
+                MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+
+#if defined(MBEDTLS_PK_PARSE_C)
+    TEST_ASSERT(mbedtls_pk_parse_key(&pk, NULL, 0, NULL, 1) ==
+                MBEDTLS_ERR_PK_KEY_INVALID_FORMAT);
+
+    TEST_ASSERT(mbedtls_pk_parse_public_key(&pk, NULL, 0) ==
+                MBEDTLS_ERR_PK_KEY_INVALID_FORMAT);
+#endif /* MBEDTLS_PK_PARSE_C */
+
+exit:
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PK_WRITE_C */
+void valid_parameters_pkwrite(data_t *key_data)
+{
+    mbedtls_pk_context pk;
+
+    /* For the write tests to be effective, we need a valid key pair. */
+    mbedtls_pk_init(&pk);
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_pk_parse_key(&pk,
+                                     key_data->x, key_data->len,
+                                     NULL, 0) == 0);
+
+    TEST_ASSERT(mbedtls_pk_write_key_der(&pk, NULL, 0) ==
+                MBEDTLS_ERR_ASN1_BUF_TOO_SMALL);
+
+    TEST_ASSERT(mbedtls_pk_write_pubkey_der(&pk, NULL, 0) ==
+                MBEDTLS_ERR_ASN1_BUF_TOO_SMALL);
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+    TEST_ASSERT(mbedtls_pk_write_key_pem(&pk, NULL, 0) ==
+                MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL);
+
+    TEST_ASSERT(mbedtls_pk_write_pubkey_pem(&pk, NULL, 0) ==
+                MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL);
+#endif /* MBEDTLS_PEM_WRITE_C */
+
+exit:
+    mbedtls_pk_free(&pk);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void invalid_parameters()
+{
+    size_t len;
+    unsigned char *null_buf = NULL;
+    unsigned char buf[1];
+    unsigned char *p = buf;
+    char str[1] = { 0 };
+    mbedtls_pk_context pk;
+    mbedtls_md_type_t valid_md = MBEDTLS_MD_SHA256;
+    void *options = buf;
+
+    (void) null_buf;
+    (void) p;
+    (void) str;
+
+    mbedtls_pk_init(&pk);
+    USE_PSA_INIT();
+
+    TEST_INVALID_PARAM(mbedtls_pk_init(NULL));
+
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    TEST_INVALID_PARAM(mbedtls_pk_restart_init(NULL));
+#endif
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_setup(NULL, NULL));
+
+#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_setup_rsa_alt(NULL, buf,
+                                                    NULL, NULL, NULL));
+#endif
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_verify_restartable(NULL,
+                                                         MBEDTLS_MD_NONE,
+                                                         buf, sizeof(buf),
+                                                         buf, sizeof(buf),
+                                                         NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_verify_restartable(&pk,
+                                                         MBEDTLS_MD_NONE,
+                                                         NULL, sizeof(buf),
+                                                         buf, sizeof(buf),
+                                                         NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_verify_restartable(&pk,
+                                                         valid_md,
+                                                         NULL, 0,
+                                                         buf, sizeof(buf),
+                                                         NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_verify_restartable(&pk,
+                                                         MBEDTLS_MD_NONE,
+                                                         buf, sizeof(buf),
+                                                         NULL, sizeof(buf),
+                                                         NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_verify(NULL,
+                                             MBEDTLS_MD_NONE,
+                                             buf, sizeof(buf),
+                                             buf, sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_verify(&pk,
+                                             MBEDTLS_MD_NONE,
+                                             NULL, sizeof(buf),
+                                             buf, sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_verify(&pk,
+                                             valid_md,
+                                             NULL, 0,
+                                             buf, sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_verify(&pk,
+                                             MBEDTLS_MD_NONE,
+                                             buf, sizeof(buf),
+                                             NULL, sizeof(buf)));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_verify_ext(MBEDTLS_PK_NONE, options,
+                                                 NULL,
+                                                 MBEDTLS_MD_NONE,
+                                                 buf, sizeof(buf),
+                                                 buf, sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_verify_ext(MBEDTLS_PK_NONE, options,
+                                                 &pk,
+                                                 MBEDTLS_MD_NONE,
+                                                 NULL, sizeof(buf),
+                                                 buf, sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_verify_ext(MBEDTLS_PK_NONE, options,
+                                                 &pk,
+                                                 valid_md,
+                                                 NULL, 0,
+                                                 buf, sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_verify_ext(MBEDTLS_PK_NONE, options,
+                                                 &pk,
+                                                 MBEDTLS_MD_NONE,
+                                                 buf, sizeof(buf),
+                                                 NULL, sizeof(buf)));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_sign_restartable(NULL, MBEDTLS_MD_NONE, buf, sizeof(buf),
+                                                       buf, &len, mbedtls_test_rnd_std_rand,
+                                                       NULL, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_sign_restartable(&pk, MBEDTLS_MD_NONE, NULL, sizeof(buf),
+                                                       buf, &len, mbedtls_test_rnd_std_rand,
+                                                       NULL, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_sign_restartable(&pk, valid_md, NULL, 0, buf, &len,
+                                                       mbedtls_test_rnd_std_rand, NULL, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_sign_restartable(&pk, MBEDTLS_MD_NONE, buf, sizeof(buf),
+                                                       NULL, &len, mbedtls_test_rnd_std_rand,
+                                                       NULL, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_sign(NULL, MBEDTLS_MD_NONE, buf, sizeof(buf),
+                                           buf, &len, mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_sign(&pk, MBEDTLS_MD_NONE, NULL, sizeof(buf),
+                                           buf, &len, mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_sign(&pk, valid_md, NULL, 0, buf, &len,
+                                           mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_sign(&pk, MBEDTLS_MD_NONE, buf, sizeof(buf), NULL, &len,
+                                           mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_decrypt(NULL, buf, sizeof(buf), buf, &len, sizeof(buf),
+                                              mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_decrypt(&pk, NULL, sizeof(buf), buf, &len, sizeof(buf),
+                                              mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_decrypt(&pk, buf, sizeof(buf), NULL, &len, sizeof(buf),
+                                              mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_decrypt(&pk, buf, sizeof(buf), buf, NULL, sizeof(buf),
+                                              mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_encrypt(NULL, buf, sizeof(buf), buf, &len, sizeof(buf),
+                                              mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_encrypt(&pk, NULL, sizeof(buf), buf, &len, sizeof(buf),
+                                              mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_encrypt(&pk, buf, sizeof(buf), NULL, &len, sizeof(buf),
+                                              mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_encrypt(&pk, buf, sizeof(buf), buf, NULL, sizeof(buf),
+                                              mbedtls_test_rnd_std_rand, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_check_pair(NULL, &pk));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_check_pair(&pk, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_debug(NULL, NULL));
+
+#if defined(MBEDTLS_PK_PARSE_C)
+#if defined(MBEDTLS_FS_IO)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_load_file(NULL, &p, &len));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_load_file(str, NULL, &len));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_load_file(str, &p, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_parse_keyfile(NULL, str, NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_parse_keyfile(&pk, NULL, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_parse_public_keyfile(NULL, str));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_parse_public_keyfile(&pk, NULL));
+#endif
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_parse_subpubkey(NULL, buf, &pk));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_parse_subpubkey(&null_buf, buf, &pk));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_parse_subpubkey(&p, NULL, &pk));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_parse_subpubkey(&p, buf, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_parse_key(NULL,
+                                                buf, sizeof(buf),
+                                                buf, sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_parse_key(&pk,
+                                                NULL, sizeof(buf),
+                                                buf, sizeof(buf)));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_parse_public_key(NULL,
+                                                       buf, sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_parse_public_key(&pk,
+                                                       NULL, sizeof(buf)));
+#endif /* MBEDTLS_PK_PARSE_C */
+
+#if defined(MBEDTLS_PK_WRITE_C)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_write_pubkey(NULL, p, &pk));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_write_pubkey(&null_buf, p, &pk));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_write_pubkey(&p, NULL, &pk));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_write_pubkey(&p, p, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_write_pubkey_der(NULL,
+                                                       buf, sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_write_pubkey_der(&pk,
+                                                       NULL, sizeof(buf)));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_write_key_der(NULL,
+                                                    buf, sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_write_key_der(&pk,
+                                                    NULL, sizeof(buf)));
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_write_pubkey_pem(NULL,
+                                                       buf, sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_write_pubkey_pem(&pk,
+                                                       NULL, sizeof(buf)));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_write_key_pem(NULL,
+                                                    buf, sizeof(buf)));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+                           mbedtls_pk_write_key_pem(&pk,
+                                                    NULL, sizeof(buf)));
+#endif /* MBEDTLS_PEM_WRITE_C */
+
+#endif /* MBEDTLS_PK_WRITE_C */
+exit:
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void pk_utils(int type, int parameter, int bitlen, int len, char *name)
+{
+    mbedtls_pk_context pk;
+
+    mbedtls_pk_init(&pk);
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0);
+    TEST_ASSERT(pk_genkey(&pk, parameter) == 0);
+
+    TEST_ASSERT((int) mbedtls_pk_get_type(&pk) == type);
+    TEST_ASSERT(mbedtls_pk_can_do(&pk, type));
+    TEST_ASSERT(mbedtls_pk_get_bitlen(&pk) == (unsigned) bitlen);
+    TEST_ASSERT(mbedtls_pk_get_len(&pk) == (unsigned) len);
+    TEST_ASSERT(strcmp(mbedtls_pk_get_name(&pk), name) == 0);
+
+exit:
+    mbedtls_pk_free(&pk);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_FS_IO */
+void mbedtls_pk_check_pair(char *pub_file, char *prv_file, int ret)
+{
+    mbedtls_pk_context pub, prv, alt;
+
+    mbedtls_pk_init(&pub);
+    mbedtls_pk_init(&prv);
+    mbedtls_pk_init(&alt);
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_pk_parse_public_keyfile(&pub, pub_file) == 0);
+    TEST_ASSERT(mbedtls_pk_parse_keyfile(&prv, prv_file, NULL) == 0);
+
+    TEST_ASSERT(mbedtls_pk_check_pair(&pub, &prv) == ret);
+
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+    if (mbedtls_pk_get_type(&prv) == MBEDTLS_PK_RSA) {
+        TEST_ASSERT(mbedtls_pk_setup_rsa_alt(&alt, mbedtls_pk_rsa(prv),
+                                             mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func,
+                                             mbedtls_rsa_key_len_func) == 0);
+        TEST_ASSERT(mbedtls_pk_check_pair(&pub, &alt) == ret);
+    }
+#endif
+
+exit:
+    mbedtls_pk_free(&pub);
+    mbedtls_pk_free(&prv);
+    mbedtls_pk_free(&alt);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
+void pk_rsa_verify_test_vec(data_t *message_str, int digest, int mod,
+                            char *input_N, char *input_E,
+                            data_t *result_str, int result)
+{
+    unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
+    mbedtls_rsa_context *rsa;
+    mbedtls_pk_context pk;
+    mbedtls_pk_restart_ctx *rs_ctx = NULL;
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    mbedtls_pk_restart_ctx ctx;
+
+    rs_ctx = &ctx;
+    mbedtls_pk_restart_init(rs_ctx);
+    // this setting would ensure restart would happen if ECC was used
+    mbedtls_ecp_set_max_ops(1);
+#endif
+
+    mbedtls_pk_init(&pk);
+    USE_PSA_INIT();
+
+    memset(hash_result, 0x00, MBEDTLS_MD_MAX_SIZE);
+
+    TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0);
+    rsa = mbedtls_pk_rsa(pk);
+
+    rsa->len = mod / 8;
+    TEST_ASSERT(mbedtls_test_read_mpi(&rsa->N, input_N) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&rsa->E, input_E) == 0);
+
+
+    if (mbedtls_md_info_from_type(digest) != NULL) {
+        TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len,
+                               hash_result) == 0);
+    }
+
+    TEST_ASSERT(mbedtls_pk_verify(&pk, digest, hash_result, 0,
+                                  result_str->x, mbedtls_pk_get_len(&pk)) == result);
+
+    TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, digest, hash_result, 0,
+                                              result_str->x, mbedtls_pk_get_len(
+                                                  &pk), rs_ctx) == result);
+
+exit:
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    mbedtls_pk_restart_free(rs_ctx);
+#endif
+    mbedtls_pk_free(&pk);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
+void pk_rsa_verify_ext_test_vec(data_t *message_str, int digest,
+                                int mod, char *input_N,
+                                char *input_E, data_t *result_str,
+                                int pk_type, int mgf1_hash_id,
+                                int salt_len, int result)
+{
+    unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
+    mbedtls_rsa_context *rsa;
+    mbedtls_pk_context pk;
+    mbedtls_pk_rsassa_pss_options pss_opts;
+    void *options;
+    size_t hash_len;
+
+    mbedtls_pk_init(&pk);
+    USE_PSA_INIT();
+
+    memset(hash_result, 0x00, sizeof(hash_result));
+
+    TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0);
+    rsa = mbedtls_pk_rsa(pk);
+
+    rsa->len = mod / 8;
+    TEST_ASSERT(mbedtls_test_read_mpi(&rsa->N, input_N) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&rsa->E, input_E) == 0);
+
+
+    if (digest != MBEDTLS_MD_NONE) {
+        TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest),
+                               message_str->x, message_str->len, hash_result) == 0);
+        hash_len = 0;
+    } else {
+        memcpy(hash_result, message_str->x, message_str->len);
+        hash_len = message_str->len;
+    }
+
+    if (mgf1_hash_id < 0) {
+        options = NULL;
+    } else {
+        options = &pss_opts;
+
+        pss_opts.mgf1_hash_id = mgf1_hash_id;
+        pss_opts.expected_salt_len = salt_len;
+    }
+
+    TEST_ASSERT(mbedtls_pk_verify_ext(pk_type, options, &pk,
+                                      digest, hash_result, hash_len,
+                                      result_str->x, mbedtls_pk_get_len(&pk)) == result);
+
+exit:
+    mbedtls_pk_free(&pk);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C */
+void pk_ec_test_vec(int type, int id, data_t *key, data_t *hash,
+                    data_t *sig, int ret)
+{
+    mbedtls_pk_context pk;
+    mbedtls_ecp_keypair *eckey;
+
+    mbedtls_pk_init(&pk);
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0);
+
+    TEST_ASSERT(mbedtls_pk_can_do(&pk, MBEDTLS_PK_ECDSA));
+    eckey = mbedtls_pk_ec(pk);
+
+    TEST_ASSERT(mbedtls_ecp_group_load(&eckey->grp, id) == 0);
+    TEST_ASSERT(mbedtls_ecp_point_read_binary(&eckey->grp, &eckey->Q,
+                                              key->x, key->len) == 0);
+
+    // MBEDTLS_MD_NONE is used since it will be ignored.
+    TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE,
+                                  hash->x, hash->len, sig->x, sig->len) == ret);
+
+exit:
+    mbedtls_pk_free(&pk);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC */
+void pk_sign_verify_restart(int pk_type, int grp_id, char *d_str,
+                            char *QX_str, char *QY_str,
+                            int md_alg, char *msg, data_t *sig_check,
+                            int max_ops, int min_restart, int max_restart)
+{
+    int ret, cnt_restart;
+    mbedtls_pk_restart_ctx rs_ctx;
+    mbedtls_pk_context prv, pub;
+    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+    unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
+    size_t hlen, slen;
+    const mbedtls_md_info_t *md_info;
+
+    mbedtls_pk_restart_init(&rs_ctx);
+    mbedtls_pk_init(&prv);
+    mbedtls_pk_init(&pub);
+    memset(hash, 0, sizeof(hash));
+    memset(sig, 0, sizeof(sig));
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_pk_setup(&prv, mbedtls_pk_info_from_type(pk_type)) == 0);
+    TEST_ASSERT(mbedtls_ecp_group_load(&mbedtls_pk_ec(prv)->grp, grp_id) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&mbedtls_pk_ec(prv)->d, d_str) == 0);
+
+    TEST_ASSERT(mbedtls_pk_setup(&pub, mbedtls_pk_info_from_type(pk_type)) == 0);
+    TEST_ASSERT(mbedtls_ecp_group_load(&mbedtls_pk_ec(pub)->grp, grp_id) == 0);
+    TEST_ASSERT(mbedtls_ecp_point_read_string(&mbedtls_pk_ec(pub)->Q, 16, QX_str, QY_str) == 0);
+
+    md_info = mbedtls_md_info_from_type(md_alg);
+    TEST_ASSERT(md_info != NULL);
+
+    hlen = mbedtls_md_get_size(md_info);
+    TEST_ASSERT(mbedtls_md(md_info,
+                           (const unsigned char *) msg, strlen(msg),
+                           hash) == 0);
+
+    mbedtls_ecp_set_max_ops(max_ops);
+
+    slen = sizeof(sig);
+    cnt_restart = 0;
+    do {
+        ret = mbedtls_pk_sign_restartable(&prv, md_alg, hash, hlen,
+                                          sig, &slen, NULL, NULL, &rs_ctx);
+    } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart);
+
+    TEST_ASSERT(ret == 0);
+    TEST_ASSERT(slen == sig_check->len);
+    TEST_ASSERT(memcmp(sig, sig_check->x, slen) == 0);
+
+    TEST_ASSERT(cnt_restart >= min_restart);
+    TEST_ASSERT(cnt_restart <= max_restart);
+
+    cnt_restart = 0;
+    do {
+        ret = mbedtls_pk_verify_restartable(&pub, md_alg,
+                                            hash, hlen, sig, slen, &rs_ctx);
+    } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart);
+
+    TEST_ASSERT(ret == 0);
+    TEST_ASSERT(cnt_restart >= min_restart);
+    TEST_ASSERT(cnt_restart <= max_restart);
+
+    hash[0]++;
+    do {
+        ret = mbedtls_pk_verify_restartable(&pub, md_alg,
+                                            hash, hlen, sig, slen, &rs_ctx);
+    } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS);
+    TEST_ASSERT(ret != 0);
+    hash[0]--;
+
+    sig[0]++;
+    do {
+        ret = mbedtls_pk_verify_restartable(&pub, md_alg,
+                                            hash, hlen, sig, slen, &rs_ctx);
+    } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS);
+    TEST_ASSERT(ret != 0);
+    sig[0]--;
+
+    /* Do we leak memory when aborting? try verify then sign
+     * This test only makes sense when we actually restart */
+    if (min_restart > 0) {
+        ret = mbedtls_pk_verify_restartable(&pub, md_alg,
+                                            hash, hlen, sig, slen, &rs_ctx);
+        TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS);
+        mbedtls_pk_restart_free(&rs_ctx);
+
+        slen = sizeof(sig);
+        ret = mbedtls_pk_sign_restartable(&prv, md_alg, hash, hlen,
+                                          sig, &slen, NULL, NULL, &rs_ctx);
+        TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS);
+    }
+
+exit:
+    mbedtls_pk_restart_free(&rs_ctx);
+    mbedtls_pk_free(&prv);
+    mbedtls_pk_free(&pub);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+void pk_sign_verify(int type, int parameter, int sign_ret, int verify_ret)
+{
+    mbedtls_pk_context pk;
+    size_t sig_len, hash_len;
+    mbedtls_md_type_t md = MBEDTLS_MD_SHA256;
+    unsigned char *hash = NULL;
+    unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
+    void *rs_ctx = NULL;
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    mbedtls_pk_restart_ctx ctx;
+
+    rs_ctx = &ctx;
+    mbedtls_pk_restart_init(rs_ctx);
+    /* This value is large enough that the operation will complete in one run.
+     * See comments at the top of ecp_test_vect_restart in
+     * test_suite_ecp.function for estimates of operation counts. */
+    mbedtls_ecp_set_max_ops(42000);
+#endif
+
+    hash_len = mbedtls_md_get_size(mbedtls_md_info_from_type(md));
+    TEST_CALLOC(hash, hash_len);
+
+    mbedtls_pk_init(&pk);
+    USE_PSA_INIT();
+
+    memset(hash, 0x2a, hash_len);
+    memset(sig, 0, sizeof(sig));
+
+    TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0);
+    TEST_ASSERT(pk_genkey(&pk, parameter) == 0);
+
+    TEST_ASSERT(mbedtls_pk_sign_restartable(&pk, md,
+                                            hash, hash_len, sig, &sig_len,
+                                            mbedtls_test_rnd_std_rand, NULL, rs_ctx) == sign_ret);
+    if (sign_ret == 0) {
+        TEST_ASSERT(sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE);
+    } else {
+        sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE;
+    }
+
+    TEST_ASSERT(mbedtls_pk_verify(&pk, md,
+                                  hash, hash_len, sig, sig_len) == verify_ret);
+
+    if (verify_ret == 0) {
+        hash[0]++;
+        TEST_ASSERT(mbedtls_pk_verify(&pk, md,
+                                      hash, hash_len, sig, sig_len) != 0);
+        hash[0]--;
+
+        sig[0]++;
+        TEST_ASSERT(mbedtls_pk_verify(&pk, md,
+                                      hash, hash_len, sig, sig_len) != 0);
+        sig[0]--;
+    }
+
+    TEST_ASSERT(mbedtls_pk_sign(&pk, md, hash, hash_len,
+                                sig, &sig_len,
+                                mbedtls_test_rnd_std_rand,
+                                NULL) == sign_ret);
+    if (sign_ret == 0) {
+        TEST_ASSERT(sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE);
+    } else {
+        sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE;
+    }
+
+    TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, md,
+                                              hash, hash_len, sig, sig_len, rs_ctx) == verify_ret);
+
+    if (verify_ret == 0) {
+        hash[0]++;
+        TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, md,
+                                                  hash, hash_len, sig, sig_len, rs_ctx) != 0);
+        hash[0]--;
+
+        sig[0]++;
+        TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, md,
+                                                  hash, hash_len, sig, sig_len, rs_ctx) != 0);
+        sig[0]--;
+    }
+
+exit:
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    mbedtls_pk_restart_free(rs_ctx);
+#endif
+    mbedtls_pk_free(&pk);
+    mbedtls_free(hash);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
+void pk_rsa_encrypt_test_vec(data_t *message, int mod,
+                             char *input_N, char *input_E,
+                             data_t *result, int ret)
+{
+    unsigned char output[300];
+    mbedtls_test_rnd_pseudo_info rnd_info;
+    mbedtls_rsa_context *rsa;
+    mbedtls_pk_context pk;
+    size_t olen;
+
+    memset(&rnd_info,  0, sizeof(mbedtls_test_rnd_pseudo_info));
+    memset(output,     0, sizeof(output));
+
+    mbedtls_pk_init(&pk);
+    USE_PSA_INIT();
+    TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0);
+    rsa = mbedtls_pk_rsa(pk);
+
+    rsa->len = mod / 8;
+    TEST_ASSERT(mbedtls_test_read_mpi(&rsa->N, input_N) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&rsa->E, input_E) == 0);
+
+    TEST_ASSERT(mbedtls_pk_encrypt(&pk, message->x, message->len,
+                                   output, &olen, sizeof(output),
+                                   mbedtls_test_rnd_pseudo_rand, &rnd_info) == ret);
+    TEST_ASSERT(olen == result->len);
+    TEST_ASSERT(memcmp(output, result->x, olen) == 0);
+
+exit:
+    mbedtls_pk_free(&pk);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
+void pk_rsa_decrypt_test_vec(data_t *cipher, int mod,
+                             char *input_P, char *input_Q,
+                             char *input_N, char *input_E,
+                             data_t *clear, int ret)
+{
+    unsigned char output[256];
+    mbedtls_test_rnd_pseudo_info rnd_info;
+    mbedtls_mpi N, P, Q, E;
+    mbedtls_rsa_context *rsa;
+    mbedtls_pk_context pk;
+    size_t olen;
+
+    mbedtls_pk_init(&pk);
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&P);
+    mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E);
+    USE_PSA_INIT();
+
+    memset(&rnd_info,  0, sizeof(mbedtls_test_rnd_pseudo_info));
+
+
+    /* init pk-rsa context */
+    TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0);
+    rsa = mbedtls_pk_rsa(pk);
+
+    /* load public key */
+    TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+
+    /* load private key */
+    TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0);
+    TEST_ASSERT(mbedtls_rsa_import(rsa, &N, &P, &Q, NULL, &E) == 0);
+    TEST_ASSERT(mbedtls_rsa_get_len(rsa) == (size_t) (mod / 8));
+    TEST_ASSERT(mbedtls_rsa_complete(rsa) == 0);
+
+    /* decryption test */
+    memset(output, 0, sizeof(output));
+    olen = 0;
+    TEST_ASSERT(mbedtls_pk_decrypt(&pk, cipher->x, cipher->len,
+                                   output, &olen, sizeof(output),
+                                   mbedtls_test_rnd_pseudo_rand, &rnd_info) == ret);
+    if (ret == 0) {
+        TEST_ASSERT(olen == clear->len);
+        TEST_ASSERT(memcmp(output, clear->x, olen) == 0);
+    }
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&P);
+    mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E);
+    mbedtls_pk_free(&pk);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void pk_ec_nocrypt(int type)
+{
+    mbedtls_pk_context pk;
+    unsigned char output[100];
+    unsigned char input[100];
+    mbedtls_test_rnd_pseudo_info rnd_info;
+    size_t olen = 0;
+    int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH;
+
+    mbedtls_pk_init(&pk);
+    USE_PSA_INIT();
+
+    memset(&rnd_info,  0, sizeof(mbedtls_test_rnd_pseudo_info));
+    memset(output,     0, sizeof(output));
+    memset(input,      0, sizeof(input));
+
+    TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0);
+
+    TEST_ASSERT(mbedtls_pk_encrypt(&pk, input, sizeof(input),
+                                   output, &olen, sizeof(output),
+                                   mbedtls_test_rnd_pseudo_rand, &rnd_info) == ret);
+
+    TEST_ASSERT(mbedtls_pk_decrypt(&pk, input, sizeof(input),
+                                   output, &olen, sizeof(output),
+                                   mbedtls_test_rnd_pseudo_rand, &rnd_info) == ret);
+
+exit:
+    mbedtls_pk_free(&pk);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
+void pk_rsa_overflow()
+{
+    mbedtls_pk_context pk;
+    size_t hash_len = UINT_MAX + 1, sig_len = UINT_MAX + 1;
+    unsigned char hash[50], sig[100];
+
+    if (SIZE_MAX <= UINT_MAX) {
+        return;
+    }
+
+    memset(hash, 0x2a, sizeof(hash));
+    memset(sig, 0, sizeof(sig));
+
+    mbedtls_pk_init(&pk);
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_pk_setup(&pk,
+                                 mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0);
+
+#if defined(MBEDTLS_PKCS1_V21)
+    TEST_ASSERT(mbedtls_pk_verify_ext(MBEDTLS_PK_RSASSA_PSS, NULL, &pk,
+                                      MBEDTLS_MD_NONE, hash, hash_len, sig, sig_len) ==
+                MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+#endif /* MBEDTLS_PKCS1_V21 */
+
+    TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE, hash, hash_len,
+                                  sig, sig_len) == MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+
+    TEST_ASSERT(mbedtls_pk_sign(&pk, MBEDTLS_MD_NONE, hash, hash_len, sig,
+                                &sig_len, mbedtls_test_rnd_std_rand, NULL)
+                == MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+
+exit:
+    mbedtls_pk_free(&pk);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_PK_RSA_ALT_SUPPORT */
+void pk_rsa_alt()
+{
+    /*
+     * An rsa_alt context can only do private operations (decrypt, sign).
+     * Test it against the public operations (encrypt, verify) of a
+     * corresponding rsa context.
+     */
+    mbedtls_rsa_context raw;
+    mbedtls_pk_context rsa, alt;
+    mbedtls_pk_debug_item dbg_items[10];
+    unsigned char hash[50], sig[64];
+    unsigned char msg[50], ciph[64], test[50];
+    size_t sig_len, ciph_len, test_len;
+    int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH;
+
+    mbedtls_rsa_init(&raw, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE);
+    mbedtls_pk_init(&rsa);
+    mbedtls_pk_init(&alt);
+    USE_PSA_INIT();
+
+    memset(hash, 0x2a, sizeof(hash));
+    memset(sig, 0, sizeof(sig));
+    memset(msg, 0x2a, sizeof(msg));
+    memset(ciph, 0, sizeof(ciph));
+    memset(test, 0, sizeof(test));
+
+    /* Initialize PK RSA context with random key */
+    TEST_ASSERT(mbedtls_pk_setup(&rsa,
+                                 mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0);
+    TEST_ASSERT(pk_genkey(&rsa, RSA_KEY_SIZE) == 0);
+
+    /* Extract key to the raw rsa context */
+    TEST_ASSERT(mbedtls_rsa_copy(&raw, mbedtls_pk_rsa(rsa)) == 0);
+
+    /* Initialize PK RSA_ALT context */
+    TEST_ASSERT(mbedtls_pk_setup_rsa_alt(&alt, (void *) &raw,
+                                         mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func,
+                                         mbedtls_rsa_key_len_func) == 0);
+
+    /* Test administrative functions */
+    TEST_ASSERT(mbedtls_pk_can_do(&alt, MBEDTLS_PK_RSA));
+    TEST_ASSERT(mbedtls_pk_get_bitlen(&alt) == RSA_KEY_SIZE);
+    TEST_ASSERT(mbedtls_pk_get_len(&alt) == RSA_KEY_LEN);
+    TEST_ASSERT(mbedtls_pk_get_type(&alt) == MBEDTLS_PK_RSA_ALT);
+    TEST_ASSERT(strcmp(mbedtls_pk_get_name(&alt), "RSA-alt") == 0);
+
+    /* Test signature */
+#if SIZE_MAX > UINT_MAX
+    TEST_ASSERT(mbedtls_pk_sign(&alt, MBEDTLS_MD_NONE, hash, SIZE_MAX, sig,
+                                &sig_len, mbedtls_test_rnd_std_rand, NULL)
+                == MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+#endif /* SIZE_MAX > UINT_MAX */
+    TEST_ASSERT(mbedtls_pk_sign(&alt, MBEDTLS_MD_NONE, hash, sizeof(hash), sig,
+                                &sig_len, mbedtls_test_rnd_std_rand, NULL)
+                == 0);
+    TEST_ASSERT(sig_len == RSA_KEY_LEN);
+    TEST_ASSERT(mbedtls_pk_verify(&rsa, MBEDTLS_MD_NONE,
+                                  hash, sizeof(hash), sig, sig_len) == 0);
+
+    /* Test decrypt */
+    TEST_ASSERT(mbedtls_pk_encrypt(&rsa, msg, sizeof(msg),
+                                   ciph, &ciph_len, sizeof(ciph),
+                                   mbedtls_test_rnd_std_rand, NULL) == 0);
+    TEST_ASSERT(mbedtls_pk_decrypt(&alt, ciph, ciph_len,
+                                   test, &test_len, sizeof(test),
+                                   mbedtls_test_rnd_std_rand, NULL) == 0);
+    TEST_ASSERT(test_len == sizeof(msg));
+    TEST_ASSERT(memcmp(test, msg, test_len) == 0);
+
+    /* Test forbidden operations */
+    TEST_ASSERT(mbedtls_pk_encrypt(&alt, msg, sizeof(msg),
+                                   ciph, &ciph_len, sizeof(ciph),
+                                   mbedtls_test_rnd_std_rand, NULL) == ret);
+    TEST_ASSERT(mbedtls_pk_verify(&alt, MBEDTLS_MD_NONE,
+                                  hash, sizeof(hash), sig, sig_len) == ret);
+    TEST_ASSERT(mbedtls_pk_debug(&alt, dbg_items) == ret);
+
+exit:
+    mbedtls_rsa_free(&raw);
+    mbedtls_pk_free(&rsa);
+    mbedtls_pk_free(&alt);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C */
+void pk_psa_sign(int grpid_arg,
+                 int psa_curve_arg, int expected_bits_arg)
+{
+    mbedtls_ecp_group_id grpid = grpid_arg;
+    mbedtls_pk_context pk;
+    unsigned char hash[32];
+    unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
+    unsigned char pkey_legacy[200];
+    unsigned char pkey_psa[200];
+    unsigned char *pkey_legacy_start, *pkey_psa_start;
+    size_t sig_len, klen_legacy, klen_psa;
+    int ret;
+    mbedtls_svc_key_id_t key_id;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_type_t expected_type = PSA_KEY_TYPE_ECC_KEY_PAIR(psa_curve_arg);
+    size_t expected_bits = expected_bits_arg;
+
+    /*
+     * This tests making signatures with a wrapped PSA key:
+     * - generate a fresh ECP legacy PK context
+     * - wrap it in a PK context and make a signature this way
+     * - extract the public key
+     * - parse it to a PK context and verify the signature this way
+     */
+
+    /* Create legacy EC public/private key in PK context. */
+    mbedtls_pk_init(&pk);
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_pk_setup(&pk,
+                                 mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)) == 0);
+    TEST_ASSERT(mbedtls_ecp_gen_key(grpid,
+                                    (mbedtls_ecp_keypair *) pk.pk_ctx,
+                                    mbedtls_test_rnd_std_rand, NULL) == 0);
+
+    /* Export underlying public key for re-importing in a legacy context. */
+    ret = mbedtls_pk_write_pubkey_der(&pk, pkey_legacy,
+                                      sizeof(pkey_legacy));
+    TEST_ASSERT(ret >= 0);
+    klen_legacy = (size_t) ret;
+    /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */
+    pkey_legacy_start = pkey_legacy + sizeof(pkey_legacy) - klen_legacy;
+
+    /* Turn PK context into an opaque one. */
+    TEST_ASSERT(mbedtls_pk_wrap_as_opaque(&pk, &key_id,
+                                          PSA_ALG_SHA_256) == 0);
+
+    PSA_ASSERT(psa_get_key_attributes(key_id, &attributes));
+    TEST_EQUAL(psa_get_key_type(&attributes), expected_type);
+    TEST_EQUAL(psa_get_key_bits(&attributes), expected_bits);
+    TEST_EQUAL(psa_get_key_lifetime(&attributes),
+               PSA_KEY_LIFETIME_VOLATILE);
+
+    memset(hash, 0x2a, sizeof(hash));
+    memset(sig, 0, sizeof(sig));
+
+    TEST_ASSERT(mbedtls_pk_sign(&pk, MBEDTLS_MD_SHA256,
+                                hash, sizeof(hash), sig, &sig_len,
+                                NULL, NULL) == 0);
+
+    /* Export underlying public key for re-importing in a psa context. */
+    ret = mbedtls_pk_write_pubkey_der(&pk, pkey_psa,
+                                      sizeof(pkey_psa));
+    TEST_ASSERT(ret >= 0);
+    klen_psa = (size_t) ret;
+    /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */
+    pkey_psa_start = pkey_psa + sizeof(pkey_psa) - klen_psa;
+
+    TEST_ASSERT(klen_psa == klen_legacy);
+    TEST_ASSERT(memcmp(pkey_psa_start, pkey_legacy_start, klen_psa) == 0);
+
+    mbedtls_pk_free(&pk);
+    TEST_ASSERT(PSA_SUCCESS == psa_destroy_key(key_id));
+
+    mbedtls_pk_init(&pk);
+    TEST_ASSERT(mbedtls_pk_parse_public_key(&pk, pkey_legacy_start,
+                                            klen_legacy) == 0);
+    TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256,
+                                  hash, sizeof(hash), sig, sig_len) == 0);
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    mbedtls_pk_free(&pk);
+    USE_PSA_DONE();
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs12.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs12.data
new file mode 100644
index 0000000..d078a68
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs12.data
@@ -0,0 +1,71 @@
+PKCS#12 derive key : MD5: Zero length password and hash
+depends_on:MBEDTLS_MD5_C
+pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:"6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b":0
+
+PKCS#12 derive key: MD5: NULL password and hash
+depends_on:MBEDTLS_MD5_C
+pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"":USE_NULL_INPUT:3:"6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b":0
+
+PKCS#12 derive key: MD5: Zero length password
+depends_on:MBEDTLS_MD5_C
+pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0
+
+PKCS#12 derive key: MD5: NULL password
+depends_on:MBEDTLS_MD5_C
+pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0
+
+PKCS#12 derive key: MD5: Invalid length NULL password
+depends_on:MBEDTLS_MD5_C
+pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"":MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA
+
+PKCS#12 derive key: MD5: Zero length salt
+depends_on:MBEDTLS_MD5_C
+pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0
+
+PKCS#12 derive key: MD5: NULL salt
+depends_on:MBEDTLS_MD5_C
+pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_NULL_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0
+
+PKCS#12 derive key: MD5: Invalid length NULL salt
+depends_on:MBEDTLS_MD5_C
+pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"0123456789abcdef":USE_NULL_INPUT:3:"":MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA
+
+PKCS#12 derive key: MD5: Valid password and salt
+depends_on:MBEDTLS_MD5_C
+pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"46559deeee036836ab1b633ec620178d4c70eacf42f72a2ad7360c812efa09ca3d7567b489a109050345c2dc6a262995":0
+
+PBE Encrypt, pad = 7 (OK)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+pkcs12_pbe_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"AAAAAAAAAAAAAAAAAA":16:0:"5F2C15056A36F3A78856E9E662DD27CB"
+
+PBE Encrypt, pad = 8 (OK)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+pkcs12_pbe_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"AAAAAAAAAAAAAAAA":16:0:"5F2C15056A36F3A70F70A3D4EC4004A8"
+
+PBE Encrypt, pad = 8 (Invalid output size)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+pkcs12_pbe_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"AAAAAAAAAAAAAAAA":15:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL:"5F2C15056A36F3A70F70A3D4EC4004A8"
+
+PBE Encrypt, pad = 8 (PKCS7 padding disabled)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_CIPHER_PADDING_PKCS7
+pkcs12_pbe_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"AAAAAAAAAAAAAAAA":0:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:""
+
+PBE Decrypt, pad = 7 (OK)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+pkcs12_pbe_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"5F2C15056A36F3A78856E9E662DD27CB":16:0:"AAAAAAAAAAAAAAAAAA"
+
+PBE Decrypt, pad = 8 (Invalid output size)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+pkcs12_pbe_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"5F2C15056A36F3A70F70A3D4EC4004A8":15:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL:"AAAAAAAAAAAAAAAA"
+
+PBE Decrypt, pad = 8 (OK)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+pkcs12_pbe_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"5F2C15056A36F3A70F70A3D4EC4004A8":16:0:"AAAAAAAAAAAAAAAA"
+
+PBE Decrypt, (Invalid padding & PKCS7 padding disabled)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_CIPHER_PADDING_PKCS7
+pkcs12_pbe_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"5F2C15056A36F3A79F2B90F1428110E2":16:0:"AAAAAAAAAAAAAAAAAA07070707070708"
+
+PBE Decrypt, (Invalid padding & PKCS7 padding enabled)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+pkcs12_pbe_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"5F2C15056A36F3A79F2B90F1428110E2":16:MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH:"AAAAAAAAAAAAAAAAAA07070707070708"
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs12.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs12.function
new file mode 100644
index 0000000..a5a9019
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs12.function
@@ -0,0 +1,170 @@
+/* BEGIN_HEADER */
+#include "mbedtls/pkcs12.h"
+#include "mbedtls/error.h"
+#include "common.h"
+
+typedef enum {
+    USE_NULL_INPUT = 0,
+    USE_GIVEN_INPUT = 1,
+} input_usage_method_t;
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PKCS12_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void pkcs12_derive_key(int md_type, int key_size_arg,
+                       data_t *password_arg, int password_usage,
+                       data_t *salt_arg, int salt_usage,
+                       int iterations,
+                       data_t *expected_output, int expected_status)
+
+{
+    unsigned char *output_data = NULL;
+
+    unsigned char *password = NULL;
+    size_t password_len = 0;
+    unsigned char *salt = NULL;
+    size_t salt_len = 0;
+    size_t key_size = key_size_arg;
+
+    if (password_usage == USE_GIVEN_INPUT) {
+        password = password_arg->x;
+    }
+
+    password_len = password_arg->len;
+
+    if (salt_usage == USE_GIVEN_INPUT) {
+        salt = salt_arg->x;
+    }
+
+    salt_len = salt_arg->len;
+
+    TEST_CALLOC(output_data, key_size);
+
+    int ret = mbedtls_pkcs12_derivation(output_data,
+                                        key_size,
+                                        password,
+                                        password_len,
+                                        salt,
+                                        salt_len,
+                                        md_type,
+                                        MBEDTLS_PKCS12_DERIVE_KEY,
+                                        iterations);
+
+    TEST_EQUAL(ret, expected_status);
+
+    if (expected_status == 0) {
+        TEST_MEMORY_COMPARE(expected_output->x, expected_output->len,
+                            output_data, key_size);
+    }
+
+exit:
+    mbedtls_free(output_data);
+
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */
+void pkcs12_pbe_encrypt(int params_tag, int cipher, int md, data_t *params_hex, data_t *pw,
+                        data_t *data, int outsize, int ref_ret, data_t *ref_out)
+{
+    int my_ret;
+    mbedtls_asn1_buf pbe_params;
+    unsigned char *my_out = NULL;
+    mbedtls_cipher_type_t cipher_alg = (mbedtls_cipher_type_t) cipher;
+    mbedtls_md_type_t md_alg = (mbedtls_md_type_t) md;
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+    size_t my_out_len = 0;
+#endif
+
+    ASSERT_ALLOC(my_out, outsize);
+
+    pbe_params.tag = params_tag;
+    pbe_params.len = params_hex->len;
+    pbe_params.p = params_hex->x;
+
+    if (ref_ret != MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) {
+        my_ret = mbedtls_pkcs12_pbe(&pbe_params, MBEDTLS_PKCS12_PBE_ENCRYPT, cipher_alg,
+                                    md_alg, pw->x, pw->len, data->x, data->len, my_out);
+        TEST_EQUAL(my_ret, ref_ret);
+    }
+    if (ref_ret == 0) {
+        ASSERT_COMPARE(my_out, ref_out->len,
+                       ref_out->x, ref_out->len);
+    }
+
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+
+    pbe_params.tag = params_tag;
+    pbe_params.len = params_hex->len;
+    pbe_params.p = params_hex->x;
+
+    my_ret = mbedtls_pkcs12_pbe_ext(&pbe_params, MBEDTLS_PKCS12_PBE_ENCRYPT, cipher_alg,
+                                    md_alg, pw->x, pw->len, data->x, data->len, my_out,
+                                    outsize, &my_out_len);
+    TEST_EQUAL(my_ret, ref_ret);
+    if (ref_ret == 0) {
+        ASSERT_COMPARE(my_out, my_out_len,
+                       ref_out->x, ref_out->len);
+    }
+#endif
+
+exit:
+    mbedtls_free(my_out);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */
+void pkcs12_pbe_decrypt(int params_tag, int cipher, int md, data_t *params_hex, data_t *pw,
+                        data_t *data, int outsize, int ref_ret, data_t *ref_out)
+{
+    int my_ret;
+    mbedtls_asn1_buf pbe_params;
+    unsigned char *my_out = NULL;
+    mbedtls_cipher_type_t cipher_alg = (mbedtls_cipher_type_t) cipher;
+    mbedtls_md_type_t md_alg = (mbedtls_md_type_t) md;
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+    size_t my_out_len = 0;
+#endif
+
+    ASSERT_ALLOC(my_out, outsize);
+
+    pbe_params.tag = params_tag;
+    pbe_params.len = params_hex->len;
+    pbe_params.p = params_hex->x;
+
+    if (ref_ret != MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) {
+        my_ret = mbedtls_pkcs12_pbe(&pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT, cipher_alg,
+                                    md_alg, pw->x, pw->len, data->x, data->len, my_out);
+        TEST_EQUAL(my_ret, ref_ret);
+    }
+
+    if (ref_ret == 0) {
+        ASSERT_COMPARE(my_out, ref_out->len,
+                       ref_out->x, ref_out->len);
+    }
+
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+
+    pbe_params.tag = params_tag;
+    pbe_params.len = params_hex->len;
+    pbe_params.p = params_hex->x;
+
+    my_ret = mbedtls_pkcs12_pbe_ext(&pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT, cipher_alg,
+                                    md_alg, pw->x, pw->len, data->x, data->len, my_out,
+                                    outsize, &my_out_len);
+    TEST_EQUAL(my_ret, ref_ret);
+    if (ref_ret == 0) {
+        ASSERT_COMPARE(my_out, my_out_len,
+                       ref_out->x, ref_out->len);
+    }
+#endif
+
+exit:
+    mbedtls_free(my_out);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs1_v15.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs1_v15.data
new file mode 100644
index 0000000..6f161a5
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs1_v15.data
@@ -0,0 +1,131 @@
+RSAES-V15 Encryption input=NULL with length=0
+pkcs1_rsaes_v15_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_NONE:"":"aafd12f659cae63489b479e5076ddec2f06cb58f67c6697351ff4aec29cdbaabf2fbe3467cc254f81be8e78d765a2e63339fc99a66320db73158a35a255d051758e95ed4abb2cdc69bb454110e827441213ddc8770e93ea141e1fc673e017e97eadc6b968f385c2aecb03bfb3267c6697351ff4aec29cdbaabf2fbe34676cac0":"42c6fce63a3b858ba89fe83004cac3651d1497c15090bf0086b9a4b9ff3bd451502838a413095aefe231832ba10bb467ae3f95c889cd8e9a6e32b4df633b2170d07a2168c086745f0017cf1d9facff2eee55af2fcb03730209173b2a0bbfb2d4c34d7ea93b3b0cb84a8a7b6371670e14482e6dcedbdd9efe66d906e0238586fe":0
+
+RSAES-V15 Decryption empty output with NULL buffer
+pkcs1_rsaes_v15_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_NONE:"":"aafd12f659cae63489b479e5076ddec2f06cb58f":"42c6fce63a3b858ba89fe83004cac3651d1497c15090bf0086b9a4b9ff3bd451502838a413095aefe231832ba10bb467ae3f95c889cd8e9a6e32b4df633b2170d07a2168c086745f0017cf1d9facff2eee55af2fcb03730209173b2a0bbfb2d4c34d7ea93b3b0cb84a8a7b6371670e14482e6dcedbdd9efe66d906e0238586fe":0
+
+RSAES-V15 Encryption Test Vector Int
+pkcs1_rsaes_v15_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49":"aafd12f659cae63489b479e5076ddec2f06cb58f67c6697351ff4aec29cdbaabf2fbe3467cc254f81be8e78d765a2e63339fc99a66320db73158a35a255d051758e95ed4abb2cdc69bb454110e827441213ddc8770e93ea141e1fc673e017e97eadc6b968f385c2aecb03bfb32":"6c5ebca6116b1e91316613fbb5e93197270a849122d549122d05815e2626f80d20f7f3f038c98295203c0f7f6bb8c3568455c67dec82bca86be86eff43b56b7ba2d15375f9a42454c2a2c709953a6e4a977462e35fd21a9c2fb3c0ad2a370f7655267bf6f04814784982988e663b869fc8588475af860d499e5a6ffdfc2c6bfd":0
+
+RSAES-V15 Decryption Test Vector Int
+pkcs1_rsaes_v15_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49":"aafd12f659cae63489b479e5076ddec2f06cb58f":"28818cb14236ad18f4527e7f1f7633e96cef021bc3234475d7f61e88702b6335b42a352ed3f3267ac7c3e9ba4af17e45096c63eefd8d9a7cb42dfc52fffb2f5b8afb305b46312c2eb50634123b4437a2287ac57b7509d59a583fb741989a49f32625e9267b4641a6607b7303d35c68489db53c8d387b620d0d46a852e72ea43c":0
+
+RSAES-V15 Encryption Test Vector Data just fits
+pkcs1_rsaes_v15_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"4293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"18cdb161f40a18509a3501b7e8ec1c7522e2490319efee8581179b5bcf3750f83a865952d078efd48f58f8060b0d43f9888b43a094fe15209451826ef797195885ff9fa3e26994eee85dbe5dd0404a71565708286027b433c88c85af555b96c34c304dc7c8278233654c022ef340042cfff55e6b15b67cfea8a5a384ef64a6ac":0
+
+RSAES-V15 Decryption Test Vector Data just fits
+pkcs1_rsaes_v15_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"4293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"18cdb161f40a18509a3501b7e8ec1c7522e2490319efee8581179b5bcf3750f83a865952d078efd48f58f8060b0d43f9888b43a094fe15209451826ef797195885ff9fa3e26994eee85dbe5dd0404a71565708286027b433c88c85af555b96c34c304dc7c8278233654c022ef340042cfff55e6b15b67cfea8a5a384ef64a6ac":0
+
+RSAES-V15 Encryption Test Vector Data too long 1
+pkcs1_rsaes_v15_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"b84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"05abded6751d620a95177abdba915027b58dd6eecf4ebe71f71c400b115e1d9e12465ace4db3cc03eb57fcbbfe017770f438cf84c10bad505919aefebfa0752087f6376b055beabf0e089fbb90e10f99c795d2d5676eea196db7f94a8fd34aedaba39fb230281bb9917cc91793eb37f84dedb2421e9680c39cfda34d4a012134":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSAES-V15 Decryption Test Vector Padding too short 7
+pkcs1_rsaes_v15_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"b84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"05abded6751d620a95177abdba915027b58dd6eecf4ebe71f71c400b115e1d9e12465ace4db3cc03eb57fcbbfe017770f438cf84c10bad505919aefebfa0752087f6376b055beabf0e089fbb90e10f99c795d2d5676eea196db7f94a8fd34aedaba39fb230281bb9917cc91793eb37f84dedb2421e9680c39cfda34d4a012134":MBEDTLS_ERR_RSA_INVALID_PADDING
+
+RSAES-V15 Encryption Test Vector Data too long 3
+pkcs1_rsaes_v15_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"aa1ab84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"10d60b8040d57d8701bacb55f2f283d54601ec24d465601ac7f7d5a2f75cac380ba78ca4ab6f3c159f3a9fd6839f5adde0333852ebf876c585664c1a58a1e6885231982f2027be6d7f08ff1807d3ceda8e41ad1f02ddf97a7458832fd13a1f431de6a4ab79e3d4b88bb1df2c5c77fcde9e7b5aa1e7bb29112eae58763127752a":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSAES-V15 Decryption Test Vector Padding too short 5
+pkcs1_rsaes_v15_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"aa1ab84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"10d60b8040d57d8701bacb55f2f283d54601ec24d465601ac7f7d5a2f75cac380ba78ca4ab6f3c159f3a9fd6839f5adde0333852ebf876c585664c1a58a1e6885231982f2027be6d7f08ff1807d3ceda8e41ad1f02ddf97a7458832fd13a1f431de6a4ab79e3d4b88bb1df2c5c77fcde9e7b5aa1e7bb29112eae58763127752a":MBEDTLS_ERR_RSA_INVALID_PADDING
+
+RSAES-V15 Encryption Test Vector Data too long 8
+pkcs1_rsaes_v15_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"a5a384ef64a6acb84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"72f98d12ddc230484179ec3022d11b3719222daaa0dc016fc3dbd6771a3f2c9fdd0560f86d616dd50ef1fa5b8c7e1fc40b5abf7b845d7795b3a6af02457b97f783360575cde7497bdf9c104650d4e9a8f4034406de1af95ace39bef2b9e979b74d9a2c0a741d8a21221d9afc98992776cad52d73151613dbc10da9bd8038751a":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSAES-V15 Decryption Test Vector Padding too short 0
+pkcs1_rsaes_v15_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"a5a384ef64a6acb84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"72f98d12ddc230484179ec3022d11b3719222daaa0dc016fc3dbd6771a3f2c9fdd0560f86d616dd50ef1fa5b8c7e1fc40b5abf7b845d7795b3a6af02457b97f783360575cde7497bdf9c104650d4e9a8f4034406de1af95ace39bef2b9e979b74d9a2c0a741d8a21221d9afc98992776cad52d73151613dbc10da9bd8038751a":MBEDTLS_ERR_RSA_INVALID_PADDING
+
+RSASSA-V15 Signing Test Vector Int
+pkcs1_rsassa_v15_sign:1024:"d17f655bf27c8b16d35462c905cc04a26f37e2a67fa9c0ce0dced472394a0df743fe7f929e378efdb368eddff453cf007af6d948e0ade757371f8a711e278f6b":"c6d92b6fee7414d1358ce1546fb62987530b90bd15e0f14963a5e2635adb69347ec0c01b2ab1763fd8ac1a592fb22757463a982425bb97a3a437c5bf86d03f2f":"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"2154f928615e5101fcdeb57bc08fc2f35c3d5996403861ae3efb1d0712f8bb05cc21f7f5f11f62e5b6ea9f0f2b62180e5cbe7ba535032d6ac8068fff7f362f73d2c3bf5eca6062a1723d7cfd5abb6dcf7e405f2dc560ffe6fc37d38bee4dc9e24fe2bece3e3b4a3f032701d3f0947b42930083dd4ad241b3309b514595482d42":0
+
+RSASSA-V15 Verification Test Vector Int
+pkcs1_rsassa_v15_verify:1024:"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"2154f928615e5101fcdeb57bc08fc2f35c3d5996403861ae3efb1d0712f8bb05cc21f7f5f11f62e5b6ea9f0f2b62180e5cbe7ba535032d6ac8068fff7f362f73d2c3bf5eca6062a1723d7cfd5abb6dcf7e405f2dc560ffe6fc37d38bee4dc9e24fe2bece3e3b4a3f032701d3f0947b42930083dd4ad241b3309b514595482d42":0
+
+RSAES-V15 decoding: good, payload=max, tight output buffer
+pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0002505152535455565700":117:117:0
+
+RSAES-V15 decoding: good, payload=max, larger output buffer
+pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0002505152535455565700":117:128:0
+
+RSAES-V15 decoding: good, payload=max-1, tight output buffer
+pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"000250515253545556575800":116:116:0
+
+RSAES-V15 decoding: good, payload=max-1, larger output buffer
+pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"000250515253545556575800":116:117:0
+
+RSAES-V15 decoding: good, payload=1
+pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"00025050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505000":1:1:0
+
+RSAES-V15 decoding: good, empty payload
+pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0002505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505000":0:0:0
+
+RSAES-V15 decoding: payload=max, output too large
+pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0002505152535455565700":117:116:MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE
+
+RSAES-V15 decoding: payload=max-1, output too large
+pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"000250515253545556575800":116:115:MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE
+
+RSAES-V15 decoding: bad first byte
+pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0102505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+RSAES-V15 decoding: bad second byte (0 instead of 2)
+pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0000505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+RSAES-V15 decoding: bad second byte (1 instead of 2)
+pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0001505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+RSAES-V15 decoding: padding too short (0)
+pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"000200":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+RSAES-V15 decoding: padding too short (7)
+pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0002505050505050500000ffffffffffffffffff00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+RSAES-V15 decoding: unfinished padding
+pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0002505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+EMSA-V15 decoding: good, payload=max, tight output buffer
+pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffff00":117:117:0
+
+EMSA-V15 decoding: good, payload=max, larger output buffer
+pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffff00":117:128:0
+
+EMSA-V15 decoding: good, payload=max-1, tight output buffer
+pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffffff00":116:116:0
+
+EMSA-V15 decoding: good, payload=max-1, larger output buffer
+pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffffff00":116:117:0
+
+EMSA-V15 decoding: good, payload=1
+pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00":1:1:0
+
+EMSA-V15 decoding: good, empty payload
+pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00":0:0:0
+
+EMSA-V15 decoding: bad first byte
+pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0101ffffffffffffffff00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+EMSA-V15 decoding: bad second byte (0 instead of 1)
+pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0000ffffffffffffffff00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+EMSA-V15 decoding: bad second byte (2 instead of 1)
+pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0002ffffffffffffffff00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+EMSA-V15 decoding: padding too short (0)
+pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"000100":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+EMSA-V15 decoding: padding too short (7)
+pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffff0000ffffffffffffffff00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+EMSA-V15 decoding: invalid padding at first byte
+pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001fffffffffffffffe00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+EMSA-V15 decoding: invalid padding at last byte
+pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001feffffffffffffff00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+EMSA-V15 decoding: unfinished padding
+pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+EMSA-V15 decoding: unfinished padding with invalid first byte
+pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001feffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+EMSA-V15 decoding: unfinished padding with invalid last byte
+pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs1_v15.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs1_v15.function
new file mode 100644
index 0000000..83fc73a
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs1_v15.function
@@ -0,0 +1,351 @@
+/* BEGIN_HEADER */
+#include "mbedtls/rsa.h"
+#include "mbedtls/md.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void pkcs1_rsaes_v15_encrypt(int mod, char *input_N,
+                             char *input_E, int hash,
+                             data_t *message_str, data_t *rnd_buf,
+                             data_t *result_str, int result)
+{
+    unsigned char output[128];
+    mbedtls_rsa_context ctx;
+    mbedtls_test_rnd_buf_info info;
+    mbedtls_mpi N, E;
+
+    info.fallback_f_rng = mbedtls_test_rnd_std_rand;
+    info.fallback_p_rng = NULL;
+    info.buf = rnd_buf->x;
+    info.length = rnd_buf->len;
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
+    mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, hash);
+    memset(output, 0x00, sizeof(output));
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0);
+    TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8));
+    TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0);
+
+    if (message_str->len == 0) {
+        message_str->x = NULL;
+    }
+    TEST_ASSERT(mbedtls_rsa_pkcs1_encrypt(&ctx,
+                                          &mbedtls_test_rnd_buffer_rand,
+                                          &info, MBEDTLS_RSA_PUBLIC,
+                                          message_str->len, message_str->x,
+                                          output) == result);
+
+    if (result == 0) {
+        TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x,
+                                        ctx.len, result_str->len) == 0);
+    }
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&E);
+    mbedtls_rsa_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void pkcs1_rsaes_v15_decrypt(int mod, char *input_P, char *input_Q,
+                             char *input_N, char *input_E, int hash,
+                             data_t *result_str, char *seed,
+                             data_t *message_str, int result)
+{
+    unsigned char output[128];
+    mbedtls_rsa_context ctx;
+    size_t output_len;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+    mbedtls_mpi N, P, Q, E;
+    ((void) seed);
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&P);
+    mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E);
+    mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, hash);
+
+    memset(output, 0x00, sizeof(output));
+    memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info));
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+
+    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0);
+    TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8));
+    TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0);
+    TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0);
+
+    if (result_str->len == 0) {
+        TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(&ctx,
+                                              &mbedtls_test_rnd_pseudo_rand,
+                                              &rnd_info,
+                                              MBEDTLS_RSA_PRIVATE,
+                                              &output_len, message_str->x,
+                                              NULL, 0) == result);
+    } else {
+        TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(&ctx,
+                                              &mbedtls_test_rnd_pseudo_rand,
+                                              &rnd_info, MBEDTLS_RSA_PRIVATE,
+                                              &output_len, message_str->x,
+                                              output, 1000) == result);
+        if (result == 0) {
+            TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x,
+                                            output_len,
+                                            result_str->len) == 0);
+        }
+    }
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&P);
+    mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E);
+    mbedtls_rsa_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void pkcs1_v15_decode(int mode,
+                      data_t *input,
+                      int expected_plaintext_length_arg,
+                      int output_size_arg,
+                      int expected_result)
+{
+    size_t expected_plaintext_length = expected_plaintext_length_arg;
+    size_t output_size = output_size_arg;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+    mbedtls_mpi Nmpi, Empi, Pmpi, Qmpi;
+    mbedtls_rsa_context ctx;
+    static unsigned char N[128] = {
+        0xc4, 0x79, 0x4c, 0x6d, 0xb2, 0xe9, 0xdf, 0xc5,
+        0xe5, 0xd7, 0x55, 0x4b, 0xfb, 0x6c, 0x2e, 0xec,
+        0x84, 0xd0, 0x88, 0x12, 0xaf, 0xbf, 0xb4, 0xf5,
+        0x47, 0x3c, 0x7e, 0x92, 0x4c, 0x58, 0xc8, 0x73,
+        0xfe, 0x8f, 0x2b, 0x8f, 0x8e, 0xc8, 0x5c, 0xf5,
+        0x05, 0xeb, 0xfb, 0x0d, 0x7b, 0x2a, 0x93, 0xde,
+        0x15, 0x0d, 0xc8, 0x13, 0xcf, 0xd2, 0x6f, 0x0d,
+        0x9d, 0xad, 0x30, 0xe5, 0x70, 0x20, 0x92, 0x9e,
+        0xb3, 0x6b, 0xba, 0x5c, 0x50, 0x0f, 0xc3, 0xb2,
+        0x7e, 0x64, 0x07, 0x94, 0x7e, 0xc9, 0x4e, 0xc1,
+        0x65, 0x04, 0xaf, 0xb3, 0x9f, 0xde, 0xa8, 0x46,
+        0xfa, 0x6c, 0xf3, 0x03, 0xaf, 0x1c, 0x1b, 0xec,
+        0x75, 0x44, 0x66, 0x77, 0xc9, 0xde, 0x51, 0x33,
+        0x64, 0x27, 0xb0, 0xd4, 0x8d, 0x31, 0x6a, 0x11,
+        0x27, 0x3c, 0x99, 0xd4, 0x22, 0xc0, 0x9d, 0x12,
+        0x01, 0xc7, 0x4a, 0x73, 0xac, 0xbf, 0xc2, 0xbb
+    };
+    static unsigned char E[1] = { 0x03 };
+    static unsigned char P[64] = {
+        0xe5, 0x53, 0x1f, 0x88, 0x51, 0xee, 0x59, 0xf8,
+        0xc1, 0xe4, 0xcc, 0x5b, 0xb3, 0x75, 0x8d, 0xc8,
+        0xe8, 0x95, 0x2f, 0xd0, 0xef, 0x37, 0xb4, 0xcd,
+        0xd3, 0x9e, 0x48, 0x8b, 0x81, 0x58, 0x60, 0xb9,
+        0x27, 0x1d, 0xb6, 0x28, 0x92, 0x64, 0xa3, 0xa5,
+        0x64, 0xbd, 0xcc, 0x53, 0x68, 0xdd, 0x3e, 0x55,
+        0xea, 0x9d, 0x5e, 0xcd, 0x1f, 0x96, 0x87, 0xf1,
+        0x29, 0x75, 0x92, 0x70, 0x8f, 0x28, 0xfb, 0x2b
+    };
+    static unsigned char Q[64] = {
+        0xdb, 0x53, 0xef, 0x74, 0x61, 0xb4, 0x20, 0x3b,
+        0x3b, 0x87, 0x76, 0x75, 0x81, 0x56, 0x11, 0x03,
+        0x59, 0x31, 0xe3, 0x38, 0x4b, 0x8c, 0x7a, 0x9c,
+        0x05, 0xd6, 0x7f, 0x1e, 0x5e, 0x60, 0xf0, 0x4e,
+        0x0b, 0xdc, 0x34, 0x54, 0x1c, 0x2e, 0x90, 0x83,
+        0x14, 0xef, 0xc0, 0x96, 0x5c, 0x30, 0x10, 0xcc,
+        0xc1, 0xba, 0xa0, 0x54, 0x3f, 0x96, 0x24, 0xca,
+        0xa3, 0xfb, 0x55, 0xbc, 0x71, 0x29, 0x4e, 0xb1
+    };
+    unsigned char original[128];
+    unsigned char intermediate[128];
+    static unsigned char default_content[128] = {
+        /* A randomly generated pattern. */
+        0x4c, 0x27, 0x54, 0xa0, 0xce, 0x0d, 0x09, 0x4a,
+        0x1c, 0x38, 0x8e, 0x2d, 0xa3, 0xc4, 0xe0, 0x19,
+        0x4c, 0x99, 0xb2, 0xbf, 0xe6, 0x65, 0x7e, 0x58,
+        0xd7, 0xb6, 0x8a, 0x05, 0x2f, 0xa5, 0xec, 0xa4,
+        0x35, 0xad, 0x10, 0x36, 0xff, 0x0d, 0x08, 0x50,
+        0x74, 0x47, 0xc9, 0x9c, 0x4a, 0xe7, 0xfd, 0xfa,
+        0x83, 0x5f, 0x14, 0x5a, 0x1e, 0xe7, 0x35, 0x08,
+        0xad, 0xf7, 0x0d, 0x86, 0xdf, 0xb8, 0xd4, 0xcf,
+        0x32, 0xb9, 0x5c, 0xbe, 0xa3, 0xd2, 0x89, 0x70,
+        0x7b, 0xc6, 0x48, 0x7e, 0x58, 0x4d, 0xf3, 0xef,
+        0x34, 0xb7, 0x57, 0x54, 0x79, 0xc5, 0x8e, 0x0a,
+        0xa3, 0xbf, 0x6d, 0x42, 0x83, 0x25, 0x13, 0xa2,
+        0x95, 0xc0, 0x0d, 0x32, 0xec, 0x77, 0x91, 0x2b,
+        0x68, 0xb6, 0x8c, 0x79, 0x15, 0xfb, 0x94, 0xde,
+        0xb9, 0x2b, 0x94, 0xb3, 0x28, 0x23, 0x86, 0x3d,
+        0x37, 0x00, 0xe6, 0xf1, 0x1f, 0x4e, 0xd4, 0x42
+    };
+    unsigned char final[128];
+    size_t output_length = 0x7EA0;
+
+    memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info));
+    mbedtls_mpi_init(&Nmpi); mbedtls_mpi_init(&Empi);
+    mbedtls_mpi_init(&Pmpi); mbedtls_mpi_init(&Qmpi);
+    mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, 0);
+
+    TEST_ASSERT(mbedtls_mpi_read_binary(&Nmpi, N, sizeof(N)) == 0);
+    TEST_ASSERT(mbedtls_mpi_read_binary(&Empi, E, sizeof(E)) == 0);
+    TEST_ASSERT(mbedtls_mpi_read_binary(&Pmpi, P, sizeof(P)) == 0);
+    TEST_ASSERT(mbedtls_mpi_read_binary(&Qmpi, Q, sizeof(Q)) == 0);
+
+    TEST_ASSERT(mbedtls_rsa_import(&ctx, &Nmpi, &Pmpi, &Qmpi,
+                                   NULL, &Empi) == 0);
+    TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0);
+
+    TEST_ASSERT(input->len <= sizeof(N));
+    memcpy(original, input->x, input->len);
+    memset(original + input->len, 'd', sizeof(original) - input->len);
+    if (mode == MBEDTLS_RSA_PRIVATE) {
+        TEST_ASSERT(mbedtls_rsa_public(&ctx, original, intermediate) == 0);
+    } else {
+        TEST_ASSERT(mbedtls_rsa_private(&ctx, &mbedtls_test_rnd_pseudo_rand,
+                                        &rnd_info, original,
+                                        intermediate) == 0);
+    }
+
+    memcpy(final, default_content, sizeof(final));
+    TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(&ctx,
+                                          &mbedtls_test_rnd_pseudo_rand,
+                                          &rnd_info, mode, &output_length,
+                                          intermediate, final,
+                                          output_size) == expected_result);
+    if (expected_result == 0) {
+        TEST_ASSERT(output_length == expected_plaintext_length);
+        TEST_ASSERT(memcmp(original + sizeof(N) - output_length,
+                           final,
+                           output_length) == 0);
+    } else if (expected_result == MBEDTLS_ERR_RSA_INVALID_PADDING ||
+               expected_result == MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE) {
+        size_t max_payload_length =
+            output_size > sizeof(N) - 11 ? sizeof(N) - 11 : output_size;
+        size_t i;
+        size_t count = 0;
+
+#if !defined(MBEDTLS_RSA_ALT)
+        /* Check that the output in invalid cases is what the default
+         * implementation currently does. Alternative implementations
+         * may produce different output, so we only perform these precise
+         * checks when using the default implementation. */
+        TEST_ASSERT(output_length == max_payload_length);
+        for (i = 0; i < max_payload_length; i++) {
+            TEST_ASSERT(final[i] == 0);
+        }
+#endif
+        /* Even in alternative implementations, the outputs must have
+         * changed, otherwise it indicates at least a timing vulnerability
+         * because no write to the outputs is performed in the bad case. */
+        TEST_ASSERT(output_length != 0x7EA0);
+        for (i = 0; i < max_payload_length; i++) {
+            count += (final[i] == default_content[i]);
+        }
+        /* If more than 16 bytes are unchanged in final, that's evidence
+         * that final wasn't overwritten. */
+        TEST_ASSERT(count < 16);
+    }
+
+exit:
+    mbedtls_mpi_free(&Nmpi); mbedtls_mpi_free(&Empi);
+    mbedtls_mpi_free(&Pmpi); mbedtls_mpi_free(&Qmpi);
+    mbedtls_rsa_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void pkcs1_rsassa_v15_sign(int mod, char *input_P,
+                           char *input_Q, char *input_N,
+                           char *input_E, int digest, int hash,
+                           data_t *message_str, data_t *rnd_buf,
+                           data_t *result_str, int result)
+{
+    unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
+    unsigned char output[128];
+    mbedtls_rsa_context ctx;
+    mbedtls_mpi N, P, Q, E;
+    mbedtls_test_rnd_buf_info info;
+
+    info.fallback_f_rng = mbedtls_test_rnd_std_rand;
+    info.fallback_p_rng = NULL;
+    info.buf = rnd_buf->x;
+    info.length = rnd_buf->len;
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&P);
+    mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E);
+    mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, hash);
+
+    memset(hash_result, 0x00, sizeof(hash_result));
+    memset(output, 0x00, sizeof(output));
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+
+    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0);
+    TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8));
+    TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0);
+    TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0);
+
+
+    if (mbedtls_md_info_from_type(digest) != NULL) {
+        TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len,
+                               hash_result) == 0);
+    }
+
+    TEST_ASSERT(mbedtls_rsa_pkcs1_sign(&ctx, &mbedtls_test_rnd_buffer_rand,
+                                       &info, MBEDTLS_RSA_PRIVATE, digest,
+                                       0, hash_result, output) == result);
+    if (result == 0) {
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x,
+                                        ctx.len, result_str->len) == 0);
+    }
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&P);
+    mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E);
+    mbedtls_rsa_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void pkcs1_rsassa_v15_verify(int mod, char *input_N, char *input_E,
+                             int digest, int hash, data_t *message_str,
+                             char *salt, data_t *result_str, int result)
+{
+    unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
+    mbedtls_rsa_context ctx;
+    mbedtls_mpi N, E;
+    ((void) salt);
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
+    mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, hash);
+    memset(hash_result, 0x00, sizeof(hash_result));
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0);
+    TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8));
+    TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0);
+
+
+    if (mbedtls_md_info_from_type(digest) != NULL) {
+        TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len,
+                               hash_result) == 0);
+    }
+
+    TEST_ASSERT(mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0,
+                                         hash_result, result_str->x) == result);
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&E);
+    mbedtls_rsa_free(&ctx);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs1_v21.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs1_v21.data
new file mode 100644
index 0000000..405e16b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs1_v21.data
@@ -0,0 +1,1042 @@
+RSAES-OAEP Encryption Test Vector Int
+pkcs1_rsaes_oaep_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49":"aafd12f659cae63489b479e5076ddec2f06cb58f":"1253e04dc0a5397bb44a7ab87e9bf2a039a33d1e996fc82a94ccd30074c95df763722017069e5268da5d1c0b4f872cf653c11df82314a67968dfeae28def04bb6d84b1c31d654a1970e5783bd6eb96a024c2ca2f4a90fe9f2ef5c9c140e5bb48da9536ad8700c84fc9130adea74e558d51a74ddf85d8b50de96838d6063e0955":0
+
+RSAES-OAEP Encryption Test Vector Data just fits
+pkcs1_rsaes_oaep_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd":"aafd12f659cae63489b479e5076ddec2f06cb58f":"3082f2288fff275213d53168f0a272573cff81837c249dc1f380a12ac124c8f217b700708a1ce7dce154265f31a126ebdd9ed3ef9145ae29124a25f4e65aa52c5a9ff34f6cf4de9ba937ae406dc7d1f277af4f6fb7ea73bfbab2bd397b6b2c53570e173ffcf3b9f0bb96837623a4f87bd81b41446c59e681a2f3da81239e9bdf":0
+
+RSAES-OAEP Encryption Test Vector Data too long
+pkcs1_rsaes_oaep_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"aafd12f659cae63489b479e5076ddec2f06cb58f":"1253e04dc0a5397bb44a7ab87e9bf2a039a33d1e996fc82a94ccd30074c95df763722017069e5268da5d1c0b4f872cf653c11df82314a67968dfeae28def04bb6d84b1c31d654a1970e5783bd6eb96a024c2ca2f4a90fe9f2ef5c9c140e5bb48da9536ad8700c84fc9130adea74e558d51a74ddf85d8b50de96838d6063e0955":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSAES-OAEP Encryption Test Vector 1_1
+pkcs1_rsaes_oaep_encrypt:1024:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"6628194e12073db03ba94cda9ef9532397d50dba79b987004afefe34":"18b776ea21069d69776a33e96bad48e1dda0a5ef":"354fe67b4a126d5d35fe36c777791a3f7ba13def484e2d3908aff722fad468fb21696de95d0be911c2d3174f8afcc201035f7b6d8e69402de5451618c21a535fa9d7bfc5b8dd9fc243f8cf927db31322d6e881eaa91a996170e657a05a266426d98c88003f8477c1227094a0d9fa1e8c4024309ce1ecccb5210035d47ac72e8a":0
+
+RSAES-OAEP Encryption Test Vector 1_2
+pkcs1_rsaes_oaep_encrypt:1024:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"750c4047f547e8e41411856523298ac9bae245efaf1397fbe56f9dd5":"0cc742ce4a9b7f32f951bcb251efd925fe4fe35f":"640db1acc58e0568fe5407e5f9b701dff8c3c91e716c536fc7fcec6cb5b71c1165988d4a279e1577d730fc7a29932e3f00c81515236d8d8e31017a7a09df4352d904cdeb79aa583adcc31ea698a4c05283daba9089be5491f67c1a4ee48dc74bbbe6643aef846679b4cb395a352d5ed115912df696ffe0702932946d71492b44":0
+
+RSAES-OAEP Encryption Test Vector 1_3
+pkcs1_rsaes_oaep_encrypt:1024:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"d94ae0832e6445ce42331cb06d531a82b1db4baad30f746dc916df24d4e3c2451fff59a6423eb0e1d02d4fe646cf699dfd818c6e97b051":"2514df4695755a67b288eaf4905c36eec66fd2fd":"423736ed035f6026af276c35c0b3741b365e5f76ca091b4e8c29e2f0befee603595aa8322d602d2e625e95eb81b2f1c9724e822eca76db8618cf09c5343503a4360835b5903bc637e3879fb05e0ef32685d5aec5067cd7cc96fe4b2670b6eac3066b1fcf5686b68589aafb7d629b02d8f8625ca3833624d4800fb081b1cf94eb":0
+
+RSAES-OAEP Encryption Test Vector 1_4
+pkcs1_rsaes_oaep_encrypt:1024:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"52e650d98e7f2a048b4f86852153b97e01dd316f346a19f67a85":"c4435a3e1a18a68b6820436290a37cefb85db3fb":"45ead4ca551e662c9800f1aca8283b0525e6abae30be4b4aba762fa40fd3d38e22abefc69794f6ebbbc05ddbb11216247d2f412fd0fba87c6e3acd888813646fd0e48e785204f9c3f73d6d8239562722dddd8771fec48b83a31ee6f592c4cfd4bc88174f3b13a112aae3b9f7b80e0fc6f7255ba880dc7d8021e22ad6a85f0755":0
+
+RSAES-OAEP Encryption Test Vector 1_5
+pkcs1_rsaes_oaep_encrypt:1024:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"8da89fd9e5f974a29feffb462b49180f6cf9e802":"b318c42df3be0f83fea823f5a7b47ed5e425a3b5":"36f6e34d94a8d34daacba33a2139d00ad85a9345a86051e73071620056b920e219005855a213a0f23897cdcd731b45257c777fe908202befdd0b58386b1244ea0cf539a05d5d10329da44e13030fd760dcd644cfef2094d1910d3f433e1c7c6dd18bc1f2df7f643d662fb9dd37ead9059190f4fa66ca39e869c4eb449cbdc439":0
+
+RSAES-OAEP Encryption Test Vector 1_6
+pkcs1_rsaes_oaep_encrypt:1024:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"26521050844271":"e4ec0982c2336f3a677f6a356174eb0ce887abc2":"42cee2617b1ecea4db3f4829386fbd61dafbf038e180d837c96366df24c097b4ab0fac6bdf590d821c9f10642e681ad05b8d78b378c0f46ce2fad63f74e0ad3df06b075d7eb5f5636f8d403b9059ca761b5c62bb52aa45002ea70baace08ded243b9d8cbd62a68ade265832b56564e43a6fa42ed199a099769742df1539e8255":0
+
+RSAES-OAEP Encryption Test Vector 2_1
+pkcs1_rsaes_oaep_encrypt:1025:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"8ff00caa605c702830634d9a6c3d42c652b58cf1d92fec570beee7":"8c407b5ec2899e5099c53e8ce793bf94e71b1782":"0181af8922b9fcb4d79d92ebe19815992fc0c1439d8bcd491398a0f4ad3a329a5bd9385560db532683c8b7da04e4b12aed6aacdf471c34c9cda891addcc2df3456653aa6382e9ae59b54455257eb099d562bbe10453f2b6d13c59c02e10f1f8abb5da0d0570932dacf2d0901db729d0fefcc054e70968ea540c81b04bcaefe720e":0
+
+RSAES-OAEP Encryption Test Vector 2_2
+pkcs1_rsaes_oaep_encrypt:1025:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"2d":"b600cf3c2e506d7f16778c910d3a8b003eee61d5":"018759ff1df63b2792410562314416a8aeaf2ac634b46f940ab82d64dbf165eee33011da749d4bab6e2fcd18129c9e49277d8453112b429a222a8471b070993998e758861c4d3f6d749d91c4290d332c7a4ab3f7ea35ff3a07d497c955ff0ffc95006b62c6d296810d9bfab024196c7934012c2df978ef299aba239940cba10245":0
+
+RSAES-OAEP Encryption Test Vector 2_3
+pkcs1_rsaes_oaep_encrypt:1025:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"74fc88c51bc90f77af9d5e9a4a70133d4b4e0b34da3c37c7ef8e":"a73768aeeaa91f9d8c1ed6f9d2b63467f07ccae3":"018802bab04c60325e81c4962311f2be7c2adce93041a00719c88f957575f2c79f1b7bc8ced115c706b311c08a2d986ca3b6a9336b147c29c6f229409ddec651bd1fdd5a0b7f610c9937fdb4a3a762364b8b3206b4ea485fd098d08f63d4aa8bb2697d027b750c32d7f74eaf5180d2e9b66b17cb2fa55523bc280da10d14be2053":0
+
+RSAES-OAEP Encryption Test Vector 2_4
+pkcs1_rsaes_oaep_encrypt:1025:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"a7eb2a5036931d27d4e891326d99692ffadda9bf7efd3e34e622c4adc085f721dfe885072c78a203b151739be540fa8c153a10f00a":"9a7b3b0e708bd96f8190ecab4fb9b2b3805a8156":"00a4578cbc176318a638fba7d01df15746af44d4f6cd96d7e7c495cbf425b09c649d32bf886da48fbaf989a2117187cafb1fb580317690e3ccd446920b7af82b31db5804d87d01514acbfa9156e782f867f6bed9449e0e9a2c09bcecc6aa087636965e34b3ec766f2fe2e43018a2fddeb140616a0e9d82e5331024ee0652fc7641":0
+
+RSAES-OAEP Encryption Test Vector 2_5
+pkcs1_rsaes_oaep_encrypt:1025:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"2ef2b066f854c33f3bdcbb5994a435e73d6c6c":"eb3cebbc4adc16bb48e88c8aec0e34af7f427fd3":"00ebc5f5fda77cfdad3c83641a9025e77d72d8a6fb33a810f5950f8d74c73e8d931e8634d86ab1246256ae07b6005b71b7f2fb98351218331ce69b8ffbdc9da08bbc9c704f876deb9df9fc2ec065cad87f9090b07acc17aa7f997b27aca48806e897f771d95141fe4526d8a5301b678627efab707fd40fbebd6e792a25613e7aec":0
+
+RSAES-OAEP Encryption Test Vector 2_6
+pkcs1_rsaes_oaep_encrypt:1025:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"8a7fb344c8b6cb2cf2ef1f643f9a3218f6e19bba89c0":"4c45cf4d57c98e3d6d2095adc51c489eb50dff84":"010839ec20c27b9052e55befb9b77e6fc26e9075d7a54378c646abdf51e445bd5715de81789f56f1803d9170764a9e93cb78798694023ee7393ce04bc5d8f8c5a52c171d43837e3aca62f609eb0aa5ffb0960ef04198dd754f57f7fbe6abf765cf118b4ca443b23b5aab266f952326ac4581100644325f8b721acd5d04ff14ef3a":0
+
+RSAES-OAEP Encryption Example 3_1
+pkcs1_rsaes_oaep_encrypt:1026:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"087820b569e8fa8d":"8ced6b196290805790e909074015e6a20b0c4894":"026a0485d96aebd96b4382085099b962e6a2bdec3d90c8db625e14372de85e2d5b7baab65c8faf91bb5504fb495afce5c988b3f6a52e20e1d6cbd3566c5cd1f2b8318bb542cc0ea25c4aab9932afa20760eaddec784396a07ea0ef24d4e6f4d37e5052a7a31e146aa480a111bbe926401307e00f410033842b6d82fe5ce4dfae80":0
+
+RSAES-OAEP Encryption Example 3_2
+pkcs1_rsaes_oaep_encrypt:1026:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"4653acaf171960b01f52a7be63a3ab21dc368ec43b50d82ec3781e04":"b4291d6567550848cc156967c809baab6ca507f0":"024db89c7802989be0783847863084941bf209d761987e38f97cb5f6f1bc88da72a50b73ebaf11c879c4f95df37b850b8f65d7622e25b1b889e80fe80baca2069d6e0e1d829953fc459069de98ea9798b451e557e99abf8fe3d9ccf9096ebbf3e5255d3b4e1c6d2ecadf067a359eea86405acd47d5e165517ccafd47d6dbee4bf5":0
+
+RSAES-OAEP Encryption Example 3_3
+pkcs1_rsaes_oaep_encrypt:1026:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"d94cd0e08fa404ed89":"ce8928f6059558254008badd9794fadcd2fd1f65":"0239bce681032441528877d6d1c8bb28aa3bc97f1df584563618995797683844ca86664732f4bed7a0aab083aaabfb7238f582e30958c2024e44e57043b97950fd543da977c90cdde5337d618442f99e60d7783ab59ce6dd9d69c47ad1e962bec22d05895cff8d3f64ed5261d92b2678510393484990ba3f7f06818ae6ffce8a3a":0
+
+RSAES-OAEP Encryption Example 3_4
+pkcs1_rsaes_oaep_encrypt:1026:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"6cc641b6b61e6f963974dad23a9013284ef1":"6e2979f52d6814a57d83b090054888f119a5b9a3":"02994c62afd76f498ba1fd2cf642857fca81f4373cb08f1cbaee6f025c3b512b42c3e8779113476648039dbe0493f9246292fac28950600e7c0f32edf9c81b9dec45c3bde0cc8d8847590169907b7dc5991ceb29bb0714d613d96df0f12ec5d8d3507c8ee7ae78dd83f216fa61de100363aca48a7e914ae9f42ddfbe943b09d9a0":0
+
+RSAES-OAEP Encryption Example 3_5
+pkcs1_rsaes_oaep_encrypt:1026:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"df5151832b61f4f25891fb4172f328d2eddf8371ffcfdbe997939295f30eca6918017cfda1153bf7a6af87593223":"2d760bfe38c59de34cdc8b8c78a38e66284a2d27":"0162042ff6969592a6167031811a239834ce638abf54fec8b99478122afe2ee67f8c5b18b0339805bfdbc5a4e6720b37c59cfba942464c597ff532a119821545fd2e59b114e61daf71820529f5029cf524954327c34ec5e6f5ba7efcc4de943ab8ad4ed787b1454329f70db798a3a8f4d92f8274e2b2948ade627ce8ee33e43c60":0
+
+RSAES-OAEP Encryption Example 3_6
+pkcs1_rsaes_oaep_encrypt:1026:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"3c3bad893c544a6d520ab022319188c8d504b7a788b850903b85972eaa18552e1134a7ad6098826254ff7ab672b3d8eb3158fac6d4cbaef1":"f174779c5fd3cfe007badcb7a36c9b55bfcfbf0e":"00112051e75d064943bc4478075e43482fd59cee0679de6893eec3a943daa490b9691c93dfc0464b6623b9f3dbd3e70083264f034b374f74164e1a00763725e574744ba0b9db83434f31df96f6e2a26f6d8eba348bd4686c2238ac07c37aac3785d1c7eea2f819fd91491798ed8e9cef5e43b781b0e0276e37c43ff9492d005730":0
+
+RSAES-OAEP Encryption Example 4_1
+pkcs1_rsaes_oaep_encrypt:1027:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"4a86609534ee434a6cbca3f7e962e76d455e3264c19f605f6e5ff6137c65c56d7fb344cd52bc93374f3d166c9f0c6f9c506bad19330972d2":"1cac19ce993def55f98203f6852896c95ccca1f3":"04cce19614845e094152a3fe18e54e3330c44e5efbc64ae16886cb1869014cc5781b1f8f9e045384d0112a135ca0d12e9c88a8e4063416deaae3844f60d6e96fe155145f4525b9a34431ca3766180f70e15a5e5d8e8b1a516ff870609f13f896935ced188279a58ed13d07114277d75c6568607e0ab092fd803a223e4a8ee0b1a8":0
+
+RSAES-OAEP Encryption Example 4_2
+pkcs1_rsaes_oaep_encrypt:1027:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"b0adc4f3fe11da59ce992773d9059943c03046497ee9d9f9a06df1166db46d98f58d27ec074c02eee6cbe2449c8b9fc5080c5c3f4433092512ec46aa793743c8":"f545d5897585e3db71aa0cb8da76c51d032ae963":"0097b698c6165645b303486fbf5a2a4479c0ee85889b541a6f0b858d6b6597b13b854eb4f839af03399a80d79bda6578c841f90d645715b280d37143992dd186c80b949b775cae97370e4ec97443136c6da484e970ffdb1323a20847821d3b18381de13bb49aaea66530c4a4b8271f3eae172cd366e07e6636f1019d2a28aed15e":0
+
+RSAES-OAEP Encryption Example 4_3
+pkcs1_rsaes_oaep_encrypt:1027:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"bf6d42e701707b1d0206b0c8b45a1c72641ff12889219a82bdea965b5e79a96b0d0163ed9d578ec9ada20f2fbcf1ea3c4089d83419ba81b0c60f3606da99":"ad997feef730d6ea7be60d0dc52e72eacbfdd275":"0301f935e9c47abcb48acbbe09895d9f5971af14839da4ff95417ee453d1fd77319072bb7297e1b55d7561cd9d1bb24c1a9a37c619864308242804879d86ebd001dce5183975e1506989b70e5a83434154d5cbfd6a24787e60eb0c658d2ac193302d1192c6e622d4a12ad4b53923bca246df31c6395e37702c6a78ae081fb9d065":0
+
+RSAES-OAEP Encryption Example 4_4
+pkcs1_rsaes_oaep_encrypt:1027:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"fb2ef112f5e766eb94019297934794f7be2f6fc1c58e":"136454df5730f73c807a7e40d8c1a312ac5b9dd3":"02d110ad30afb727beb691dd0cf17d0af1a1e7fa0cc040ec1a4ba26a42c59d0a796a2e22c8f357ccc98b6519aceb682e945e62cb734614a529407cd452bee3e44fece8423cc19e55548b8b994b849c7ecde4933e76037e1d0ce44275b08710c68e430130b929730ed77e09b015642c5593f04e4ffb9410798102a8e96ffdfe11e4":0
+
+RSAES-OAEP Encryption Example 4_5
+pkcs1_rsaes_oaep_encrypt:1027:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"28ccd447bb9e85166dabb9e5b7d1adadc4b9d39f204e96d5e440ce9ad928bc1c2284":"bca8057f824b2ea257f2861407eef63d33208681":"00dbb8a7439d90efd919a377c54fae8fe11ec58c3b858362e23ad1b8a44310799066b99347aa525691d2adc58d9b06e34f288c170390c5f0e11c0aa3645959f18ee79e8f2be8d7ac5c23d061f18dd74b8c5f2a58fcb5eb0c54f99f01a83247568292536583340948d7a8c97c4acd1e98d1e29dc320e97a260532a8aa7a758a1ec2":0
+
+RSAES-OAEP Encryption Example 4_6
+pkcs1_rsaes_oaep_encrypt:1027:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"f22242751ec6b1":"2e7e1e17f647b5ddd033e15472f90f6812f3ac4e":"00a5ffa4768c8bbecaee2db77e8f2eec99595933545520835e5ba7db9493d3e17cddefe6a5f567624471908db4e2d83a0fbee60608fc84049503b2234a07dc83b27b22847ad8920ff42f674ef79b76280b00233d2b51b8cb2703a9d42bfbc8250c96ec32c051e57f1b4ba528db89c37e4c54e27e6e64ac69635ae887d9541619a9":0
+
+RSAES-OAEP Encryption Example 5_1
+pkcs1_rsaes_oaep_encrypt:1028:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"af71a901e3a61d3132f0fc1fdb474f9ea6579257ffc24d164170145b3dbde8":"44c92e283f77b9499c603d963660c87d2f939461":"036046a4a47d9ed3ba9a89139c105038eb7492b05a5d68bfd53accff4597f7a68651b47b4a4627d927e485eed7b4566420e8b409879e5d606eae251d22a5df799f7920bfc117b992572a53b1263146bcea03385cc5e853c9a101c8c3e1bda31a519807496c6cb5e5efb408823a352b8fa0661fb664efadd593deb99fff5ed000e5":0
+
+RSAES-OAEP Encryption Example 5_2
+pkcs1_rsaes_oaep_encrypt:1028:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"a3b844a08239a8ac41605af17a6cfda4d350136585903a417a79268760519a4b4ac3303ec73f0f87cfb32399":"cb28f5860659fceee49c3eeafce625a70803bd32":"03d6eb654edce615bc59f455265ed4e5a18223cbb9be4e4069b473804d5de96f54dcaaa603d049c5d94aa1470dfcd2254066b7c7b61ff1f6f6770e3215c51399fd4e34ec5082bc48f089840ad04354ae66dc0f1bd18e461a33cc1258b443a2837a6df26759aa2302334986f87380c9cc9d53be9f99605d2c9a97da7b0915a4a7ad":0
+
+RSAES-OAEP Encryption Example 5_3
+pkcs1_rsaes_oaep_encrypt:1028:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"308b0ecbd2c76cb77fc6f70c5edd233fd2f20929d629f026953bb62a8f4a3a314bde195de85b5f816da2aab074d26cb6acddf323ae3b9c678ac3cf12fbdde7":"2285f40d770482f9a9efa2c72cb3ac55716dc0ca":"0770952181649f9f9f07ff626ff3a22c35c462443d905d456a9fd0bff43cac2ca7a9f554e9478b9acc3ac838b02040ffd3e1847de2e4253929f9dd9ee4044325a9b05cabb808b2ee840d34e15d105a3f1f7b27695a1a07a2d73fe08ecaaa3c9c9d4d5a89ff890d54727d7ae40c0ec1a8dd86165d8ee2c6368141016a48b55b6967":0
+
+RSAES-OAEP Encryption Example 5_4
+pkcs1_rsaes_oaep_encrypt:1028:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"15c5b9ee1185":"49fa45d3a78dd10dfd577399d1eb00af7eed5513":"0812b76768ebcb642d040258e5f4441a018521bd96687e6c5e899fcd6c17588ff59a82cc8ae03a4b45b31299af1788c329f7dcd285f8cf4ced82606b97612671a45bedca133442144d1617d114f802857f0f9d739751c57a3f9ee400912c61e2e6992be031a43dd48fa6ba14eef7c422b5edc4e7afa04fdd38f402d1c8bb719abf":0
+
+RSAES-OAEP Encryption Example 5_5
+pkcs1_rsaes_oaep_encrypt:1028:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"21026e6800c7fa728fcaaba0d196ae28d7a2ac4ffd8abce794f0985f60c8a6737277365d3fea11db8923a2029a":"f0287413234cc5034724a094c4586b87aff133fc":"07b60e14ec954bfd29e60d0047e789f51d57186c63589903306793ced3f68241c743529aba6a6374f92e19e0163efa33697e196f7661dfaaa47aac6bde5e51deb507c72c589a2ca1693d96b1460381249b2cdb9eac44769f2489c5d3d2f99f0ee3c7ee5bf64a5ac79c42bd433f149be8cb59548361640595513c97af7bc2509723":0
+
+RSAES-OAEP Encryption Example 5_6
+pkcs1_rsaes_oaep_encrypt:1028:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"541e37b68b6c8872b84c02":"d9fba45c96f21e6e26d29eb2cdcb6585be9cb341":"08c36d4dda33423b2ed6830d85f6411ba1dcf470a1fae0ebefee7c089f256cef74cb96ea69c38f60f39abee44129bcb4c92de7f797623b20074e3d9c2899701ed9071e1efa0bdd84d4c3e5130302d8f0240baba4b84a71cc032f2235a5ff0fae277c3e8f9112bef44c9ae20d175fc9a4058bfc930ba31b02e2e4f444483710f24a":0
+
+RSAES-OAEP Encryption Example 6_1
+pkcs1_rsaes_oaep_encrypt:1029:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"4046ca8baa3347ca27f49e0d81f9cc1d71be9ba517d4":"dd0f6cfe415e88e5a469a51fbba6dfd40adb4384":"0630eebcd2856c24f798806e41f9e67345eda9ceda386acc9facaea1eeed06ace583709718d9d169fadf414d5c76f92996833ef305b75b1e4b95f662a20faedc3bae0c4827a8bf8a88edbd57ec203a27a841f02e43a615bab1a8cac0701de34debdef62a088089b55ec36ea7522fd3ec8d06b6a073e6df833153bc0aefd93bd1a3":0
+
+RSAES-OAEP Encryption Example 6_2
+pkcs1_rsaes_oaep_encrypt:1029:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"5cc72c60231df03b3d40f9b57931bc31109f972527f28b19e7480c7288cb3c92b22512214e4be6c914792ddabdf57faa8aa7":"8d14bd946a1351148f5cae2ed9a0c653e85ebd85":"0ebc37376173a4fd2f89cc55c2ca62b26b11d51c3c7ce49e8845f74e7607317c436bc8d23b9667dfeb9d087234b47bc6837175ae5c0559f6b81d7d22416d3e50f4ac533d8f0812f2db9e791fe9c775ac8b6ad0f535ad9ceb23a4a02014c58ab3f8d3161499a260f39348e714ae2a1d3443208fd8b722ccfdfb393e98011f99e63f":0
+
+RSAES-OAEP Encryption Example 6_3
+pkcs1_rsaes_oaep_encrypt:1029:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"b20e651303092f4bccb43070c0f86d23049362ed96642fc5632c27db4a52e3d831f2ab068b23b149879c002f6bf3feee97591112562c":"6c075bc45520f165c0bf5ea4c5df191bc9ef0e44":"0a98bf1093619394436cf68d8f38e2f158fde8ea54f3435f239b8d06b8321844202476aeed96009492480ce3a8d705498c4c8c68f01501dc81db608f60087350c8c3b0bd2e9ef6a81458b7c801b89f2e4fe99d4900ba6a4b5e5a96d865dc676c7755928794130d6280a8160a190f2df3ea7cf9aa0271d88e9e6905ecf1c5152d65":0
+
+RSAES-OAEP Encryption Example 6_4
+pkcs1_rsaes_oaep_encrypt:1029:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"684e3038c5c041f7":"3bbc3bd6637dfe12846901029bf5b0c07103439c":"008e7a67cacfb5c4e24bec7dee149117f19598ce8c45808fef88c608ff9cd6e695263b9a3c0ad4b8ba4c95238e96a8422b8535629c8d5382374479ad13fa39974b242f9a759eeaf9c83ad5a8ca18940a0162ba755876df263f4bd50c6525c56090267c1f0e09ce0899a0cf359e88120abd9bf893445b3cae77d3607359ae9a52f8":0
+
+RSAES-OAEP Encryption Example 6_5
+pkcs1_rsaes_oaep_encrypt:1029:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"32488cb262d041d6e4dd35f987bf3ca696db1f06ac29a44693":"b46b41893e8bef326f6759383a83071dae7fcabc":"00003474416c7b68bdf961c385737944d7f1f40cb395343c693cc0b4fe63b31fedf1eaeeac9ccc0678b31dc32e0977489514c4f09085f6298a9653f01aea4045ff582ee887be26ae575b73eef7f3774921e375a3d19adda0ca31aa1849887c1f42cac9677f7a2f4e923f6e5a868b38c084ef187594dc9f7f048fea2e02955384ab":0
+
+RSAES-OAEP Encryption Example 6_6
+pkcs1_rsaes_oaep_encrypt:1029:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"50ba14be8462720279c306ba":"0a2403312a41e3d52f060fbc13a67de5cf7609a7":"0a026dda5fc8785f7bd9bf75327b63e85e2c0fdee5dadb65ebdcac9ae1de95c92c672ab433aa7a8e69ce6a6d8897fac4ac4a54de841ae5e5bbce7687879d79634cea7a30684065c714d52409b928256bbf53eabcd5231eb7259504537399bd29164b726d33a46da701360a4168a091ccab72d44a62fed246c0ffea5b1348ab5470":0
+
+RSAES-OAEP Encryption Example 7_1
+pkcs1_rsaes_oaep_encrypt:1030:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"47aae909":"43dd09a07ff4cac71caa4632ee5e1c1daee4cd8f":"1688e4ce7794bba6cb7014169ecd559cede2a30b56a52b68d9fe18cf1973ef97b2a03153951c755f6294aa49adbdb55845ab6875fb3986c93ecf927962840d282f9e54ce8b690f7c0cb8bbd73440d9571d1b16cd9260f9eab4783cc482e5223dc60973871783ec27b0ae0fd47732cbc286a173fc92b00fb4ba6824647cd93c85c1":0
+
+RSAES-OAEP Encryption Example 7_2
+pkcs1_rsaes_oaep_encrypt:1030:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"1d9b2e2223d9bc13bfb9f162ce735db48ba7c68f6822a0a1a7b6ae165834e7":"3a9c3cec7b84f9bd3adecbc673ec99d54b22bc9b":"1052ed397b2e01e1d0ee1c50bf24363f95e504f4a03434a08fd822574ed6b9736edbb5f390db10321479a8a139350e2bd4977c3778ef331f3e78ae118b268451f20a2f01d471f5d53c566937171b2dbc2d4bde459a5799f0372d6574239b2323d245d0bb81c286b63c89a361017337e4902f88a467f4c7f244bfd5ab46437ff3b6":0
+
+RSAES-OAEP Encryption Example 7_3
+pkcs1_rsaes_oaep_encrypt:1030:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"d976fc":"76a75e5b6157a556cf8884bb2e45c293dd545cf5":"2155cd843ff24a4ee8badb7694260028a490813ba8b369a4cbf106ec148e5298707f5965be7d101c1049ea8584c24cd63455ad9c104d686282d3fb803a4c11c1c2e9b91c7178801d1b6640f003f5728df007b8a4ccc92bce05e41a27278d7c85018c52414313a5077789001d4f01910b72aad05d220aa14a58733a7489bc54556b":0
+
+RSAES-OAEP Encryption Example 7_4
+pkcs1_rsaes_oaep_encrypt:1030:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"d4738623df223aa43843df8467534c41d013e0c803c624e263666b239bde40a5f29aeb8de79e3daa61dd0370f49bd4b013834b98212aef6b1c5ee373b3cb":"7866314a6ad6f2b250a35941db28f5864b585859":"0ab14c373aeb7d4328d0aaad8c094d88b9eb098b95f21054a29082522be7c27a312878b637917e3d819e6c3c568db5d843802b06d51d9e98a2be0bf40c031423b00edfbff8320efb9171bd2044653a4cb9c5122f6c65e83cda2ec3c126027a9c1a56ba874d0fea23f380b82cf240b8cf540004758c4c77d934157a74f3fc12bfac":0
+
+RSAES-OAEP Encryption Example 7_5
+pkcs1_rsaes_oaep_encrypt:1030:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"bb47231ca5ea1d3ad46c99345d9a8a61":"b2166ed472d58db10cab2c6b000cccf10a7dc509":"028387a318277434798b4d97f460068df5298faba5041ba11761a1cb7316b24184114ec500257e2589ed3b607a1ebbe97a6cc2e02bf1b681f42312a33b7a77d8e7855c4a6de03e3c04643f786b91a264a0d6805e2cea91e68177eb7a64d9255e4f27e713b7ccec00dc200ebd21c2ea2bb890feae4942df941dc3f97890ed347478":0
+
+RSAES-OAEP Encryption Example 7_6
+pkcs1_rsaes_oaep_encrypt:1030:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"2184827095d35c3f86f600e8e59754013296":"52673bde2ca166c2aa46131ac1dc808d67d7d3b1":"14c678a94ad60525ef39e959b2f3ba5c097a94ff912b67dbace80535c187abd47d075420b1872152bba08f7fc31f313bbf9273c912fc4c0149a9b0cfb79807e346eb332069611bec0ff9bcd168f1f7c33e77313cea454b94e2549eecf002e2acf7f6f2d2845d4fe0aab2e5a92ddf68c480ae11247935d1f62574842216ae674115":0
+
+RSAES-OAEP Encryption Example 8_1
+pkcs1_rsaes_oaep_encrypt:1031:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"050b755e5e6880f7b9e9d692a74c37aae449b31bfea6deff83747a897f6c2c825bb1adbf850a3c96994b5de5b33cbc7d4a17913a7967":"7706ffca1ecfb1ebee2a55e5c6e24cd2797a4125":"09b3683d8a2eb0fb295b62ed1fb9290b714457b7825319f4647872af889b30409472020ad12912bf19b11d4819f49614824ffd84d09c0a17e7d17309d12919790410aa2995699f6a86dbe3242b5acc23af45691080d6b1ae810fb3e3057087f0970092ce00be9562ff4053b6262ce0caa93e13723d2e3a5ba075d45f0d61b54b61":0
+
+RSAES-OAEP Encryption Example 8_2
+pkcs1_rsaes_oaep_encrypt:1031:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"4eb68dcd93ca9b19df111bd43608f557026fe4aa1d5cfac227a3eb5ab9548c18a06dded23f81825986b2fcd71109ecef7eff88873f075c2aa0c469f69c92bc":"a3717da143b4dcffbc742665a8fa950585548343":"2ecf15c97c5a15b1476ae986b371b57a24284f4a162a8d0c8182e7905e792256f1812ba5f83f1f7a130e42dcc02232844edc14a31a68ee97ae564a383a3411656424c5f62ddb646093c367be1fcda426cf00a06d8acb7e57776fbbd855ac3df506fc16b1d7c3f2110f3d8068e91e186363831c8409680d8da9ecd8cf1fa20ee39d":0
+
+RSAES-OAEP Encryption Example 8_3
+pkcs1_rsaes_oaep_encrypt:1031:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"8604ac56328c1ab5ad917861":"ee06209073cca026bb264e5185bf8c68b7739f86":"4bc89130a5b2dabb7c2fcf90eb5d0eaf9e681b7146a38f3173a3d9cfec52ea9e0a41932e648a9d69344c50da763f51a03c95762131e8052254dcd2248cba40fd31667786ce05a2b7b531ac9dac9ed584a59b677c1a8aed8c5d15d68c05569e2be780bf7db638fd2bfd2a85ab276860f3777338fca989ffd743d13ee08e0ca9893f":0
+
+RSAES-OAEP Encryption Example 8_4
+pkcs1_rsaes_oaep_encrypt:1031:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"fdda5fbf6ec361a9d9a4ac68af216a0686f438b1e0e5c36b955f74e107f39c0dddcc":"990ad573dc48a973235b6d82543618f2e955105d":"2e456847d8fc36ff0147d6993594b9397227d577752c79d0f904fcb039d4d812fea605a7b574dd82ca786f93752348438ee9f5b5454985d5f0e1699e3e7ad175a32e15f03deb042ab9fe1dd9db1bb86f8c089ccb45e7ef0c5ee7ca9b7290ca6b15bed47039788a8a93ff83e0e8d6244c71006362deef69b6f416fb3c684383fbd0":0
+
+RSAES-OAEP Encryption Example 8_5
+pkcs1_rsaes_oaep_encrypt:1031:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"4a5f4914bee25de3c69341de07":"ecc63b28f0756f22f52ac8e6ec1251a6ec304718":"1fb9356fd5c4b1796db2ebf7d0d393cc810adf6145defc2fce714f79d93800d5e2ac211ea8bbecca4b654b94c3b18b30dd576ce34dc95436ef57a09415645923359a5d7b4171ef22c24670f1b229d3603e91f76671b7df97e7317c97734476d5f3d17d21cf82b5ba9f83df2e588d36984fd1b584468bd23b2e875f32f68953f7b2":0
+
+RSAES-OAEP Encryption Example 8_6
+pkcs1_rsaes_oaep_encrypt:1031:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"8e07d66f7b880a72563abcd3f35092bc33409fb7f88f2472be":"3925c71b362d40a0a6de42145579ba1e7dd459fc":"3afd9c6600147b21798d818c655a0f4c9212db26d0b0dfdc2a7594ccb3d22f5bf1d7c3e112cd73fc7d509c7a8bafdd3c274d1399009f9609ec4be6477e453f075aa33db382870c1c3409aef392d7386ae3a696b99a94b4da0589447e955d16c98b17602a59bd736279fcd8fb280c4462d590bfa9bf13fed570eafde97330a2c210":0
+
+RSAES-OAEP Encryption Example 9_1
+pkcs1_rsaes_oaep_encrypt:1536:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"f735fd55ba92592c3b52b8f9c4f69aaa1cbef8fe88add095595412467f9cf4ec0b896c59eda16210e7549c8abb10cdbc21a12ec9b6b5b8fd2f10399eb6":"8ec965f134a3ec9931e92a1ca0dc8169d5ea705c":"267bcd118acab1fc8ba81c85d73003cb8610fa55c1d97da8d48a7c7f06896a4db751aa284255b9d36ad65f37653d829f1b37f97b8001942545b2fc2c55a7376ca7a1be4b1760c8e05a33e5aa2526b8d98e317088e7834c755b2a59b12631a182c05d5d43ab1779264f8456f515ce57dfdf512d5493dab7b7338dc4b7d78db9c091ac3baf537a69fc7f549d979f0eff9a94fda4169bd4d1d19a69c99e33c3b55490d501b39b1edae118ff6793a153261584d3a5f39f6e682e3d17c8cd1261fa72":0
+
+RSAES-OAEP Encryption Example 9_2
+pkcs1_rsaes_oaep_encrypt:1536:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"81b906605015a63aabe42ddf11e1978912f5404c7474b26dce3ed482bf961ecc818bf420c54659":"ecb1b8b25fa50cdab08e56042867f4af5826d16c":"93ac9f0671ec29acbb444effc1a5741351d60fdb0e393fbf754acf0de49761a14841df7772e9bc82773966a1584c4d72baea00118f83f35cca6e537cbd4d811f5583b29783d8a6d94cd31be70d6f526c10ff09c6fa7ce069795a3fcd0511fd5fcb564bcc80ea9c78f38b80012539d8a4ddf6fe81e9cddb7f50dbbbbcc7e5d86097ccf4ec49189fb8bf318be6d5a0715d516b49af191258cd32dc833ce6eb4673c03a19bbace88cc54895f636cc0c1ec89096d11ce235a265ca1764232a689ae8":0
+
+RSAES-OAEP Encryption Example 9_3
+pkcs1_rsaes_oaep_encrypt:1536:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"fd326429df9b890e09b54b18b8f34f1e24":"e89bb032c6ce622cbdb53bc9466014ea77f777c0":"81ebdd95054b0c822ef9ad7693f5a87adfb4b4c4ce70df2df84ed49c04da58ba5fc20a19e1a6e8b7a3900b22796dc4e869ee6b42792d15a8eceb56c09c69914e813cea8f6931e4b8ed6f421af298d595c97f4789c7caa612c7ef360984c21b93edc5401068b5af4c78a8771b984d53b8ea8adf2f6a7d4a0ba76c75e1dd9f658f20ded4a46071d46d7791b56803d8fea7f0b0f8e41ae3f09383a6f9585fe7753eaaffd2bf94563108beecc207bbb535f5fcc705f0dde9f708c62f49a9c90371d3":0
+
+RSAES-OAEP Encryption Example 9_4
+pkcs1_rsaes_oaep_encrypt:1536:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"f1459b5f0c92f01a0f723a2e5662484d8f8c0a20fc29dad6acd43bb5f3effdf4e1b63e07fdfe6628d0d74ca19bf2d69e4a0abf86d293925a796772f8088e":"606f3b99c0b9ccd771eaa29ea0e4c884f3189ccc":"bcc35f94cde66cb1136625d625b94432a35b22f3d2fa11a613ff0fca5bd57f87b902ccdc1cd0aebcb0715ee869d1d1fe395f6793003f5eca465059c88660d446ff5f0818552022557e38c08a67ead991262254f10682975ec56397768537f4977af6d5f6aaceb7fb25dec5937230231fd8978af49119a29f29e424ab8272b47562792d5c94f774b8829d0b0d9f1a8c9eddf37574d5fa248eefa9c5271fc5ec2579c81bdd61b410fa61fe36e424221c113addb275664c801d34ca8c6351e4a858":0
+
+RSAES-OAEP Encryption Example 9_5
+pkcs1_rsaes_oaep_encrypt:1536:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"53e6e8c729d6f9c319dd317e74b0db8e4ccca25f3c8305746e137ac63a63ef3739e7b595abb96e8d55e54f7bd41ab433378ffb911d":"fcbc421402e9ecabc6082afa40ba5f26522c840e":"232afbc927fa08c2f6a27b87d4a5cb09c07dc26fae73d73a90558839f4fd66d281b87ec734bce237ba166698ed829106a7de6942cd6cdce78fed8d2e4d81428e66490d036264cef92af941d3e35055fe3981e14d29cbb9a4f67473063baec79a1179f5a17c9c1832f2838fd7d5e59bb9659d56dce8a019edef1bb3accc697cc6cc7a778f60a064c7f6f5d529c6210262e003de583e81e3167b89971fb8c0e15d44fffef89b53d8d64dd797d159b56d2b08ea5307ea12c241bd58d4ee278a1f2e":0
+
+RSAES-OAEP Encryption Example 9_6
+pkcs1_rsaes_oaep_encrypt:1536:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"b6b28ea2198d0c1008bc64":"23aade0e1e08bb9b9a78d2302a52f9c21b2e1ba2":"438cc7dc08a68da249e42505f8573ba60e2c2773d5b290f4cf9dff718e842081c383e67024a0f29594ea987b9d25e4b738f285970d195abb3a8c8054e3d79d6b9c9a8327ba596f1259e27126674766907d8d582ff3a8476154929adb1e6d1235b2ccb4ec8f663ba9cc670a92bebd853c8dbf69c6436d016f61add836e94732450434207f9fd4c43dec2a12a958efa01efe2669899b5e604c255c55fb7166de5589e369597bb09168c06dd5db177e06a1740eb2d5c82faeca6d92fcee9931ba9f":0
+
+RSAES-OAEP Encryption Example 10_1
+pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"8bba6bf82a6c0f86d5f1756e97956870b08953b06b4eb205bc1694ee":"47e1ab7119fee56c95ee5eaad86f40d0aa63bd33":"53ea5dc08cd260fb3b858567287fa91552c30b2febfba213f0ae87702d068d19bab07fe574523dfb42139d68c3c5afeee0bfe4cb7969cbf382b804d6e61396144e2d0e60741f8993c3014b58b9b1957a8babcd23af854f4c356fb1662aa72bfcc7e586559dc4280d160c126785a723ebeebeff71f11594440aaef87d10793a8774a239d4a04c87fe1467b9daf85208ec6c7255794a96cc29142f9a8bd418e3c1fd67344b0cd0829df3b2bec60253196293c6b34d3f75d32f213dd45c6273d505adf4cced1057cb758fc26aeefa441255ed4e64c199ee075e7f16646182fdb464739b68ab5daff0e63e9552016824f054bf4d3c8c90a97bb6b6553284eb429fcc":0
+
+RSAES-OAEP Encryption Example 10_2
+pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"e6ad181f053b58a904f2457510373e57":"6d17f5b4c1ffac351d195bf7b09d09f09a4079cf":"a2b1a430a9d657e2fa1c2bb5ed43ffb25c05a308fe9093c01031795f5874400110828ae58fb9b581ce9dddd3e549ae04a0985459bde6c626594e7b05dc4278b2a1465c1368408823c85e96dc66c3a30983c639664fc4569a37fe21e5a195b5776eed2df8d8d361af686e750229bbd663f161868a50615e0c337bec0ca35fec0bb19c36eb2e0bbcc0582fa1d93aacdb061063f59f2ce1ee43605e5d89eca183d2acdfe9f81011022ad3b43a3dd417dac94b4e11ea81b192966e966b182082e71964607b4f8002f36299844a11f2ae0faeac2eae70f8f4f98088acdcd0ac556e9fccc511521908fad26f04c64201450305778758b0538bf8b5bb144a828e629795":0
+
+RSAES-OAEP Encryption Example 10_3
+pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"510a2cf60e866fa2340553c94ea39fbc256311e83e94454b4124":"385387514deccc7c740dd8cdf9daee49a1cbfd54":"9886c3e6764a8b9a84e84148ebd8c3b1aa8050381a78f668714c16d9cfd2a6edc56979c535d9dee3b44b85c18be8928992371711472216d95dda98d2ee8347c9b14dffdff84aa48d25ac06f7d7e65398ac967b1ce90925f67dce049b7f812db0742997a74d44fe81dbe0e7a3feaf2e5c40af888d550ddbbe3bc20657a29543f8fc2913b9bd1a61b2ab2256ec409bbd7dc0d17717ea25c43f42ed27df8738bf4afc6766ff7aff0859555ee283920f4c8a63c4a7340cbafddc339ecdb4b0515002f96c932b5b79167af699c0ad3fccfdf0f44e85a70262bf2e18fe34b850589975e867ff969d48eabf212271546cdc05a69ecb526e52870c836f307bd798780ede":0
+
+RSAES-OAEP Encryption Example 10_4
+pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"bcdd190da3b7d300df9a06e22caae2a75f10c91ff667b7c16bde8b53064a2649a94045c9":"5caca6a0f764161a9684f85d92b6e0ef37ca8b65":"6318e9fb5c0d05e5307e1683436e903293ac4642358aaa223d7163013aba87e2dfda8e60c6860e29a1e92686163ea0b9175f329ca3b131a1edd3a77759a8b97bad6a4f8f4396f28cf6f39ca58112e48160d6e203daa5856f3aca5ffed577af499408e3dfd233e3e604dbe34a9c4c9082de65527cac6331d29dc80e0508a0fa7122e7f329f6cca5cfa34d4d1da417805457e008bec549e478ff9e12a763c477d15bbb78f5b69bd57830fc2c4ed686d79bc72a95d85f88134c6b0afe56a8ccfbc855828bb339bd17909cf1d70de3335ae07039093e606d655365de6550b872cd6de1d440ee031b61945f629ad8a353b0d40939e96a3c450d2a8d5eee9f678093c8":0
+
+RSAES-OAEP Encryption Example 10_5
+pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"a7dd6c7dc24b46f9dd5f1e91ada4c3b3df947e877232a9":"95bca9e3859894b3dd869fa7ecd5bbc6401bf3e4":"75290872ccfd4a4505660d651f56da6daa09ca1301d890632f6a992f3d565cee464afded40ed3b5be9356714ea5aa7655f4a1366c2f17c728f6f2c5a5d1f8e28429bc4e6f8f2cff8da8dc0e0a9808e45fd09ea2fa40cb2b6ce6ffff5c0e159d11b68d90a85f7b84e103b09e682666480c657505c0929259468a314786d74eab131573cf234bf57db7d9e66cc6748192e002dc0deea930585f0831fdcd9bc33d51f79ed2ffc16bcf4d59812fcebcaa3f9069b0e445686d644c25ccf63b456ee5fa6ffe96f19cdf751fed9eaf35957754dbf4bfea5216aa1844dc507cb2d080e722eba150308c2b5ff1193620f1766ecf4481bafb943bd292877f2136ca494aba0":0
+
+RSAES-OAEP Encryption Example 10_6
+pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"eaf1a73a1b0c4609537de69cd9228bbcfb9a8ca8c6c3efaf056fe4a7f4634ed00b7c39ec6922d7b8ea2c04ebac":"9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32":"2d207a73432a8fb4c03051b3f73b28a61764098dfa34c47a20995f8115aa6816679b557e82dbee584908c6e69782d7deb34dbd65af063d57fca76a5fd069492fd6068d9984d209350565a62e5c77f23038c12cb10c6634709b547c46f6b4a709bd85ca122d74465ef97762c29763e06dbc7a9e738c78bfca0102dc5e79d65b973f28240caab2e161a78b57d262457ed8195d53e3c7ae9da021883c6db7c24afdd2322eac972ad3c354c5fcef1e146c3a0290fb67adf007066e00428d2cec18ce58f9328698defef4b2eb5ec76918fde1c198cbb38b7afc67626a9aefec4322bfd90d2563481c9a221f78c8272c82d1b62ab914e1c69f6af6ef30ca5260db4a46":0
+
+RSAES-OAEP Encryption input=NULL with length=0
+depends_on:MBEDTLS_SHA1_C
+pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"":"9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32":"32b75304e631e94d4b02819642c7ffa66116af504cb3c4687420cc4b7f069fc6cc3b1a254611995ce2914a9e88152d38bbf87ccedcad9b9890341284e56e802a1b1f8f6bd3d5c991bd92eb8a8ea0a1d8bae141088ff8dceaebdb73515cf06ce33baa37c53093f1d1edc3502818cc70edcfddb41646374beb5b4f67f7f773e43778d4d31012e5a207c474e762ac3251ea6ede9018ad6e8e9ea65a3528a62b694eb9d8becff220a7c6c70d33eaafa52cf67a8090f67b6f9c43c6fe0b0f2375cbb9e611c0fcfef5312feb5e53d4a89d3d7e06c966e0c92ab9e5838239f390bcfd918d94c224df8e8ccb57ee364389908b6a0e550133f7565016804fbd6cb338314a":0
+
+RSAES-OAEP Decryption Test Vector Int
+pkcs1_rsaes_oaep_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49":"aafd12f659cae63489b479e5076ddec2f06cb58f":"1253e04dc0a5397bb44a7ab87e9bf2a039a33d1e996fc82a94ccd30074c95df763722017069e5268da5d1c0b4f872cf653c11df82314a67968dfeae28def04bb6d84b1c31d654a1970e5783bd6eb96a024c2ca2f4a90fe9f2ef5c9c140e5bb48da9536ad8700c84fc9130adea74e558d51a74ddf85d8b50de96838d6063e0955":0
+
+RSAES-OAEP Decryption Test Vector 1_1
+pkcs1_rsaes_oaep_decrypt:1024:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"6628194e12073db03ba94cda9ef9532397d50dba79b987004afefe34":"18b776ea21069d69776a33e96bad48e1dda0a5ef":"354fe67b4a126d5d35fe36c777791a3f7ba13def484e2d3908aff722fad468fb21696de95d0be911c2d3174f8afcc201035f7b6d8e69402de5451618c21a535fa9d7bfc5b8dd9fc243f8cf927db31322d6e881eaa91a996170e657a05a266426d98c88003f8477c1227094a0d9fa1e8c4024309ce1ecccb5210035d47ac72e8a":0
+
+RSAES-OAEP Decryption Test Vector 1_2
+pkcs1_rsaes_oaep_decrypt:1024:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"750c4047f547e8e41411856523298ac9bae245efaf1397fbe56f9dd5":"0cc742ce4a9b7f32f951bcb251efd925fe4fe35f":"640db1acc58e0568fe5407e5f9b701dff8c3c91e716c536fc7fcec6cb5b71c1165988d4a279e1577d730fc7a29932e3f00c81515236d8d8e31017a7a09df4352d904cdeb79aa583adcc31ea698a4c05283daba9089be5491f67c1a4ee48dc74bbbe6643aef846679b4cb395a352d5ed115912df696ffe0702932946d71492b44":0
+
+RSAES-OAEP Decryption Test Vector 1_3
+pkcs1_rsaes_oaep_decrypt:1024:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"d94ae0832e6445ce42331cb06d531a82b1db4baad30f746dc916df24d4e3c2451fff59a6423eb0e1d02d4fe646cf699dfd818c6e97b051":"2514df4695755a67b288eaf4905c36eec66fd2fd":"423736ed035f6026af276c35c0b3741b365e5f76ca091b4e8c29e2f0befee603595aa8322d602d2e625e95eb81b2f1c9724e822eca76db8618cf09c5343503a4360835b5903bc637e3879fb05e0ef32685d5aec5067cd7cc96fe4b2670b6eac3066b1fcf5686b68589aafb7d629b02d8f8625ca3833624d4800fb081b1cf94eb":0
+
+RSAES-OAEP Decryption Test Vector 1_4
+pkcs1_rsaes_oaep_decrypt:1024:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"52e650d98e7f2a048b4f86852153b97e01dd316f346a19f67a85":"c4435a3e1a18a68b6820436290a37cefb85db3fb":"45ead4ca551e662c9800f1aca8283b0525e6abae30be4b4aba762fa40fd3d38e22abefc69794f6ebbbc05ddbb11216247d2f412fd0fba87c6e3acd888813646fd0e48e785204f9c3f73d6d8239562722dddd8771fec48b83a31ee6f592c4cfd4bc88174f3b13a112aae3b9f7b80e0fc6f7255ba880dc7d8021e22ad6a85f0755":0
+
+RSAES-OAEP Decryption Test Vector 1_5
+pkcs1_rsaes_oaep_decrypt:1024:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"8da89fd9e5f974a29feffb462b49180f6cf9e802":"b318c42df3be0f83fea823f5a7b47ed5e425a3b5":"36f6e34d94a8d34daacba33a2139d00ad85a9345a86051e73071620056b920e219005855a213a0f23897cdcd731b45257c777fe908202befdd0b58386b1244ea0cf539a05d5d10329da44e13030fd760dcd644cfef2094d1910d3f433e1c7c6dd18bc1f2df7f643d662fb9dd37ead9059190f4fa66ca39e869c4eb449cbdc439":0
+
+RSAES-OAEP Decryption Test Vector 1_6
+pkcs1_rsaes_oaep_decrypt:1024:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"26521050844271":"e4ec0982c2336f3a677f6a356174eb0ce887abc2":"42cee2617b1ecea4db3f4829386fbd61dafbf038e180d837c96366df24c097b4ab0fac6bdf590d821c9f10642e681ad05b8d78b378c0f46ce2fad63f74e0ad3df06b075d7eb5f5636f8d403b9059ca761b5c62bb52aa45002ea70baace08ded243b9d8cbd62a68ade265832b56564e43a6fa42ed199a099769742df1539e8255":0
+
+RSAES-OAEP Decryption Test Vector 2_1
+pkcs1_rsaes_oaep_decrypt:1025:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"8ff00caa605c702830634d9a6c3d42c652b58cf1d92fec570beee7":"8c407b5ec2899e5099c53e8ce793bf94e71b1782":"0181af8922b9fcb4d79d92ebe19815992fc0c1439d8bcd491398a0f4ad3a329a5bd9385560db532683c8b7da04e4b12aed6aacdf471c34c9cda891addcc2df3456653aa6382e9ae59b54455257eb099d562bbe10453f2b6d13c59c02e10f1f8abb5da0d0570932dacf2d0901db729d0fefcc054e70968ea540c81b04bcaefe720e":0
+
+RSAES-OAEP Decryption Test Vector 2_2
+pkcs1_rsaes_oaep_decrypt:1025:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"2d":"b600cf3c2e506d7f16778c910d3a8b003eee61d5":"018759ff1df63b2792410562314416a8aeaf2ac634b46f940ab82d64dbf165eee33011da749d4bab6e2fcd18129c9e49277d8453112b429a222a8471b070993998e758861c4d3f6d749d91c4290d332c7a4ab3f7ea35ff3a07d497c955ff0ffc95006b62c6d296810d9bfab024196c7934012c2df978ef299aba239940cba10245":0
+
+RSAES-OAEP Decryption Test Vector 2_3
+pkcs1_rsaes_oaep_decrypt:1025:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"74fc88c51bc90f77af9d5e9a4a70133d4b4e0b34da3c37c7ef8e":"a73768aeeaa91f9d8c1ed6f9d2b63467f07ccae3":"018802bab04c60325e81c4962311f2be7c2adce93041a00719c88f957575f2c79f1b7bc8ced115c706b311c08a2d986ca3b6a9336b147c29c6f229409ddec651bd1fdd5a0b7f610c9937fdb4a3a762364b8b3206b4ea485fd098d08f63d4aa8bb2697d027b750c32d7f74eaf5180d2e9b66b17cb2fa55523bc280da10d14be2053":0
+
+RSAES-OAEP Decryption Test Vector 2_4
+pkcs1_rsaes_oaep_decrypt:1025:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"a7eb2a5036931d27d4e891326d99692ffadda9bf7efd3e34e622c4adc085f721dfe885072c78a203b151739be540fa8c153a10f00a":"9a7b3b0e708bd96f8190ecab4fb9b2b3805a8156":"00a4578cbc176318a638fba7d01df15746af44d4f6cd96d7e7c495cbf425b09c649d32bf886da48fbaf989a2117187cafb1fb580317690e3ccd446920b7af82b31db5804d87d01514acbfa9156e782f867f6bed9449e0e9a2c09bcecc6aa087636965e34b3ec766f2fe2e43018a2fddeb140616a0e9d82e5331024ee0652fc7641":0
+
+RSAES-OAEP Decryption Test Vector 2_5
+pkcs1_rsaes_oaep_decrypt:1025:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"2ef2b066f854c33f3bdcbb5994a435e73d6c6c":"eb3cebbc4adc16bb48e88c8aec0e34af7f427fd3":"00ebc5f5fda77cfdad3c83641a9025e77d72d8a6fb33a810f5950f8d74c73e8d931e8634d86ab1246256ae07b6005b71b7f2fb98351218331ce69b8ffbdc9da08bbc9c704f876deb9df9fc2ec065cad87f9090b07acc17aa7f997b27aca48806e897f771d95141fe4526d8a5301b678627efab707fd40fbebd6e792a25613e7aec":0
+
+RSAES-OAEP Decryption Test Vector 2_6
+pkcs1_rsaes_oaep_decrypt:1025:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"8a7fb344c8b6cb2cf2ef1f643f9a3218f6e19bba89c0":"4c45cf4d57c98e3d6d2095adc51c489eb50dff84":"010839ec20c27b9052e55befb9b77e6fc26e9075d7a54378c646abdf51e445bd5715de81789f56f1803d9170764a9e93cb78798694023ee7393ce04bc5d8f8c5a52c171d43837e3aca62f609eb0aa5ffb0960ef04198dd754f57f7fbe6abf765cf118b4ca443b23b5aab266f952326ac4581100644325f8b721acd5d04ff14ef3a":0
+
+RSAES-OAEP Decryption Example 3_1
+pkcs1_rsaes_oaep_decrypt:1026:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"087820b569e8fa8d":"8ced6b196290805790e909074015e6a20b0c4894":"026a0485d96aebd96b4382085099b962e6a2bdec3d90c8db625e14372de85e2d5b7baab65c8faf91bb5504fb495afce5c988b3f6a52e20e1d6cbd3566c5cd1f2b8318bb542cc0ea25c4aab9932afa20760eaddec784396a07ea0ef24d4e6f4d37e5052a7a31e146aa480a111bbe926401307e00f410033842b6d82fe5ce4dfae80":0
+
+RSAES-OAEP Decryption Example 3_2
+pkcs1_rsaes_oaep_decrypt:1026:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"4653acaf171960b01f52a7be63a3ab21dc368ec43b50d82ec3781e04":"b4291d6567550848cc156967c809baab6ca507f0":"024db89c7802989be0783847863084941bf209d761987e38f97cb5f6f1bc88da72a50b73ebaf11c879c4f95df37b850b8f65d7622e25b1b889e80fe80baca2069d6e0e1d829953fc459069de98ea9798b451e557e99abf8fe3d9ccf9096ebbf3e5255d3b4e1c6d2ecadf067a359eea86405acd47d5e165517ccafd47d6dbee4bf5":0
+
+RSAES-OAEP Decryption Example 3_3
+pkcs1_rsaes_oaep_decrypt:1026:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"d94cd0e08fa404ed89":"ce8928f6059558254008badd9794fadcd2fd1f65":"0239bce681032441528877d6d1c8bb28aa3bc97f1df584563618995797683844ca86664732f4bed7a0aab083aaabfb7238f582e30958c2024e44e57043b97950fd543da977c90cdde5337d618442f99e60d7783ab59ce6dd9d69c47ad1e962bec22d05895cff8d3f64ed5261d92b2678510393484990ba3f7f06818ae6ffce8a3a":0
+
+RSAES-OAEP Decryption Example 3_4
+pkcs1_rsaes_oaep_decrypt:1026:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"6cc641b6b61e6f963974dad23a9013284ef1":"6e2979f52d6814a57d83b090054888f119a5b9a3":"02994c62afd76f498ba1fd2cf642857fca81f4373cb08f1cbaee6f025c3b512b42c3e8779113476648039dbe0493f9246292fac28950600e7c0f32edf9c81b9dec45c3bde0cc8d8847590169907b7dc5991ceb29bb0714d613d96df0f12ec5d8d3507c8ee7ae78dd83f216fa61de100363aca48a7e914ae9f42ddfbe943b09d9a0":0
+
+RSAES-OAEP Decryption Example 3_5
+pkcs1_rsaes_oaep_decrypt:1026:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"df5151832b61f4f25891fb4172f328d2eddf8371ffcfdbe997939295f30eca6918017cfda1153bf7a6af87593223":"2d760bfe38c59de34cdc8b8c78a38e66284a2d27":"0162042ff6969592a6167031811a239834ce638abf54fec8b99478122afe2ee67f8c5b18b0339805bfdbc5a4e6720b37c59cfba942464c597ff532a119821545fd2e59b114e61daf71820529f5029cf524954327c34ec5e6f5ba7efcc4de943ab8ad4ed787b1454329f70db798a3a8f4d92f8274e2b2948ade627ce8ee33e43c60":0
+
+RSAES-OAEP Decryption Example 3_6
+pkcs1_rsaes_oaep_decrypt:1026:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"3c3bad893c544a6d520ab022319188c8d504b7a788b850903b85972eaa18552e1134a7ad6098826254ff7ab672b3d8eb3158fac6d4cbaef1":"f174779c5fd3cfe007badcb7a36c9b55bfcfbf0e":"00112051e75d064943bc4478075e43482fd59cee0679de6893eec3a943daa490b9691c93dfc0464b6623b9f3dbd3e70083264f034b374f74164e1a00763725e574744ba0b9db83434f31df96f6e2a26f6d8eba348bd4686c2238ac07c37aac3785d1c7eea2f819fd91491798ed8e9cef5e43b781b0e0276e37c43ff9492d005730":0
+
+RSAES-OAEP Decryption Example 4_1
+pkcs1_rsaes_oaep_decrypt:1027:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"4a86609534ee434a6cbca3f7e962e76d455e3264c19f605f6e5ff6137c65c56d7fb344cd52bc93374f3d166c9f0c6f9c506bad19330972d2":"1cac19ce993def55f98203f6852896c95ccca1f3":"04cce19614845e094152a3fe18e54e3330c44e5efbc64ae16886cb1869014cc5781b1f8f9e045384d0112a135ca0d12e9c88a8e4063416deaae3844f60d6e96fe155145f4525b9a34431ca3766180f70e15a5e5d8e8b1a516ff870609f13f896935ced188279a58ed13d07114277d75c6568607e0ab092fd803a223e4a8ee0b1a8":0
+
+RSAES-OAEP Decryption Example 4_2
+pkcs1_rsaes_oaep_decrypt:1027:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"b0adc4f3fe11da59ce992773d9059943c03046497ee9d9f9a06df1166db46d98f58d27ec074c02eee6cbe2449c8b9fc5080c5c3f4433092512ec46aa793743c8":"f545d5897585e3db71aa0cb8da76c51d032ae963":"0097b698c6165645b303486fbf5a2a4479c0ee85889b541a6f0b858d6b6597b13b854eb4f839af03399a80d79bda6578c841f90d645715b280d37143992dd186c80b949b775cae97370e4ec97443136c6da484e970ffdb1323a20847821d3b18381de13bb49aaea66530c4a4b8271f3eae172cd366e07e6636f1019d2a28aed15e":0
+
+RSAES-OAEP Decryption Example 4_3
+pkcs1_rsaes_oaep_decrypt:1027:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"bf6d42e701707b1d0206b0c8b45a1c72641ff12889219a82bdea965b5e79a96b0d0163ed9d578ec9ada20f2fbcf1ea3c4089d83419ba81b0c60f3606da99":"ad997feef730d6ea7be60d0dc52e72eacbfdd275":"0301f935e9c47abcb48acbbe09895d9f5971af14839da4ff95417ee453d1fd77319072bb7297e1b55d7561cd9d1bb24c1a9a37c619864308242804879d86ebd001dce5183975e1506989b70e5a83434154d5cbfd6a24787e60eb0c658d2ac193302d1192c6e622d4a12ad4b53923bca246df31c6395e37702c6a78ae081fb9d065":0
+
+RSAES-OAEP Decryption Example 4_4
+pkcs1_rsaes_oaep_decrypt:1027:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"fb2ef112f5e766eb94019297934794f7be2f6fc1c58e":"136454df5730f73c807a7e40d8c1a312ac5b9dd3":"02d110ad30afb727beb691dd0cf17d0af1a1e7fa0cc040ec1a4ba26a42c59d0a796a2e22c8f357ccc98b6519aceb682e945e62cb734614a529407cd452bee3e44fece8423cc19e55548b8b994b849c7ecde4933e76037e1d0ce44275b08710c68e430130b929730ed77e09b015642c5593f04e4ffb9410798102a8e96ffdfe11e4":0
+
+RSAES-OAEP Decryption Example 4_5
+pkcs1_rsaes_oaep_decrypt:1027:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"28ccd447bb9e85166dabb9e5b7d1adadc4b9d39f204e96d5e440ce9ad928bc1c2284":"bca8057f824b2ea257f2861407eef63d33208681":"00dbb8a7439d90efd919a377c54fae8fe11ec58c3b858362e23ad1b8a44310799066b99347aa525691d2adc58d9b06e34f288c170390c5f0e11c0aa3645959f18ee79e8f2be8d7ac5c23d061f18dd74b8c5f2a58fcb5eb0c54f99f01a83247568292536583340948d7a8c97c4acd1e98d1e29dc320e97a260532a8aa7a758a1ec2":0
+
+RSAES-OAEP Decryption Example 4_6
+pkcs1_rsaes_oaep_decrypt:1027:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"f22242751ec6b1":"2e7e1e17f647b5ddd033e15472f90f6812f3ac4e":"00a5ffa4768c8bbecaee2db77e8f2eec99595933545520835e5ba7db9493d3e17cddefe6a5f567624471908db4e2d83a0fbee60608fc84049503b2234a07dc83b27b22847ad8920ff42f674ef79b76280b00233d2b51b8cb2703a9d42bfbc8250c96ec32c051e57f1b4ba528db89c37e4c54e27e6e64ac69635ae887d9541619a9":0
+
+RSAES-OAEP Decryption Example 5_1
+pkcs1_rsaes_oaep_decrypt:1028:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"af71a901e3a61d3132f0fc1fdb474f9ea6579257ffc24d164170145b3dbde8":"44c92e283f77b9499c603d963660c87d2f939461":"036046a4a47d9ed3ba9a89139c105038eb7492b05a5d68bfd53accff4597f7a68651b47b4a4627d927e485eed7b4566420e8b409879e5d606eae251d22a5df799f7920bfc117b992572a53b1263146bcea03385cc5e853c9a101c8c3e1bda31a519807496c6cb5e5efb408823a352b8fa0661fb664efadd593deb99fff5ed000e5":0
+
+RSAES-OAEP Decryption Example 5_2
+pkcs1_rsaes_oaep_decrypt:1028:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"a3b844a08239a8ac41605af17a6cfda4d350136585903a417a79268760519a4b4ac3303ec73f0f87cfb32399":"cb28f5860659fceee49c3eeafce625a70803bd32":"03d6eb654edce615bc59f455265ed4e5a18223cbb9be4e4069b473804d5de96f54dcaaa603d049c5d94aa1470dfcd2254066b7c7b61ff1f6f6770e3215c51399fd4e34ec5082bc48f089840ad04354ae66dc0f1bd18e461a33cc1258b443a2837a6df26759aa2302334986f87380c9cc9d53be9f99605d2c9a97da7b0915a4a7ad":0
+
+RSAES-OAEP Decryption Example 5_3
+pkcs1_rsaes_oaep_decrypt:1028:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"308b0ecbd2c76cb77fc6f70c5edd233fd2f20929d629f026953bb62a8f4a3a314bde195de85b5f816da2aab074d26cb6acddf323ae3b9c678ac3cf12fbdde7":"2285f40d770482f9a9efa2c72cb3ac55716dc0ca":"0770952181649f9f9f07ff626ff3a22c35c462443d905d456a9fd0bff43cac2ca7a9f554e9478b9acc3ac838b02040ffd3e1847de2e4253929f9dd9ee4044325a9b05cabb808b2ee840d34e15d105a3f1f7b27695a1a07a2d73fe08ecaaa3c9c9d4d5a89ff890d54727d7ae40c0ec1a8dd86165d8ee2c6368141016a48b55b6967":0
+
+RSAES-OAEP Decryption Example 5_4
+pkcs1_rsaes_oaep_decrypt:1028:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"15c5b9ee1185":"49fa45d3a78dd10dfd577399d1eb00af7eed5513":"0812b76768ebcb642d040258e5f4441a018521bd96687e6c5e899fcd6c17588ff59a82cc8ae03a4b45b31299af1788c329f7dcd285f8cf4ced82606b97612671a45bedca133442144d1617d114f802857f0f9d739751c57a3f9ee400912c61e2e6992be031a43dd48fa6ba14eef7c422b5edc4e7afa04fdd38f402d1c8bb719abf":0
+
+RSAES-OAEP Decryption Example 5_5
+pkcs1_rsaes_oaep_decrypt:1028:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"21026e6800c7fa728fcaaba0d196ae28d7a2ac4ffd8abce794f0985f60c8a6737277365d3fea11db8923a2029a":"f0287413234cc5034724a094c4586b87aff133fc":"07b60e14ec954bfd29e60d0047e789f51d57186c63589903306793ced3f68241c743529aba6a6374f92e19e0163efa33697e196f7661dfaaa47aac6bde5e51deb507c72c589a2ca1693d96b1460381249b2cdb9eac44769f2489c5d3d2f99f0ee3c7ee5bf64a5ac79c42bd433f149be8cb59548361640595513c97af7bc2509723":0
+
+RSAES-OAEP Decryption Example 5_6
+pkcs1_rsaes_oaep_decrypt:1028:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"541e37b68b6c8872b84c02":"d9fba45c96f21e6e26d29eb2cdcb6585be9cb341":"08c36d4dda33423b2ed6830d85f6411ba1dcf470a1fae0ebefee7c089f256cef74cb96ea69c38f60f39abee44129bcb4c92de7f797623b20074e3d9c2899701ed9071e1efa0bdd84d4c3e5130302d8f0240baba4b84a71cc032f2235a5ff0fae277c3e8f9112bef44c9ae20d175fc9a4058bfc930ba31b02e2e4f444483710f24a":0
+
+RSAES-OAEP Decryption Example 6_1
+pkcs1_rsaes_oaep_decrypt:1029:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"4046ca8baa3347ca27f49e0d81f9cc1d71be9ba517d4":"dd0f6cfe415e88e5a469a51fbba6dfd40adb4384":"0630eebcd2856c24f798806e41f9e67345eda9ceda386acc9facaea1eeed06ace583709718d9d169fadf414d5c76f92996833ef305b75b1e4b95f662a20faedc3bae0c4827a8bf8a88edbd57ec203a27a841f02e43a615bab1a8cac0701de34debdef62a088089b55ec36ea7522fd3ec8d06b6a073e6df833153bc0aefd93bd1a3":0
+
+RSAES-OAEP Decryption Example 6_2
+pkcs1_rsaes_oaep_decrypt:1029:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"5cc72c60231df03b3d40f9b57931bc31109f972527f28b19e7480c7288cb3c92b22512214e4be6c914792ddabdf57faa8aa7":"8d14bd946a1351148f5cae2ed9a0c653e85ebd85":"0ebc37376173a4fd2f89cc55c2ca62b26b11d51c3c7ce49e8845f74e7607317c436bc8d23b9667dfeb9d087234b47bc6837175ae5c0559f6b81d7d22416d3e50f4ac533d8f0812f2db9e791fe9c775ac8b6ad0f535ad9ceb23a4a02014c58ab3f8d3161499a260f39348e714ae2a1d3443208fd8b722ccfdfb393e98011f99e63f":0
+
+RSAES-OAEP Decryption Example 6_3
+pkcs1_rsaes_oaep_decrypt:1029:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"b20e651303092f4bccb43070c0f86d23049362ed96642fc5632c27db4a52e3d831f2ab068b23b149879c002f6bf3feee97591112562c":"6c075bc45520f165c0bf5ea4c5df191bc9ef0e44":"0a98bf1093619394436cf68d8f38e2f158fde8ea54f3435f239b8d06b8321844202476aeed96009492480ce3a8d705498c4c8c68f01501dc81db608f60087350c8c3b0bd2e9ef6a81458b7c801b89f2e4fe99d4900ba6a4b5e5a96d865dc676c7755928794130d6280a8160a190f2df3ea7cf9aa0271d88e9e6905ecf1c5152d65":0
+
+RSAES-OAEP Decryption Example 6_4
+pkcs1_rsaes_oaep_decrypt:1029:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"684e3038c5c041f7":"3bbc3bd6637dfe12846901029bf5b0c07103439c":"008e7a67cacfb5c4e24bec7dee149117f19598ce8c45808fef88c608ff9cd6e695263b9a3c0ad4b8ba4c95238e96a8422b8535629c8d5382374479ad13fa39974b242f9a759eeaf9c83ad5a8ca18940a0162ba755876df263f4bd50c6525c56090267c1f0e09ce0899a0cf359e88120abd9bf893445b3cae77d3607359ae9a52f8":0
+
+RSAES-OAEP Decryption Example 6_5
+pkcs1_rsaes_oaep_decrypt:1029:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"32488cb262d041d6e4dd35f987bf3ca696db1f06ac29a44693":"b46b41893e8bef326f6759383a83071dae7fcabc":"00003474416c7b68bdf961c385737944d7f1f40cb395343c693cc0b4fe63b31fedf1eaeeac9ccc0678b31dc32e0977489514c4f09085f6298a9653f01aea4045ff582ee887be26ae575b73eef7f3774921e375a3d19adda0ca31aa1849887c1f42cac9677f7a2f4e923f6e5a868b38c084ef187594dc9f7f048fea2e02955384ab":0
+
+RSAES-OAEP Decryption Example 6_6
+pkcs1_rsaes_oaep_decrypt:1029:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"50ba14be8462720279c306ba":"0a2403312a41e3d52f060fbc13a67de5cf7609a7":"0a026dda5fc8785f7bd9bf75327b63e85e2c0fdee5dadb65ebdcac9ae1de95c92c672ab433aa7a8e69ce6a6d8897fac4ac4a54de841ae5e5bbce7687879d79634cea7a30684065c714d52409b928256bbf53eabcd5231eb7259504537399bd29164b726d33a46da701360a4168a091ccab72d44a62fed246c0ffea5b1348ab5470":0
+
+RSAES-OAEP Decryption Example 7_1
+pkcs1_rsaes_oaep_decrypt:1030:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"47aae909":"43dd09a07ff4cac71caa4632ee5e1c1daee4cd8f":"1688e4ce7794bba6cb7014169ecd559cede2a30b56a52b68d9fe18cf1973ef97b2a03153951c755f6294aa49adbdb55845ab6875fb3986c93ecf927962840d282f9e54ce8b690f7c0cb8bbd73440d9571d1b16cd9260f9eab4783cc482e5223dc60973871783ec27b0ae0fd47732cbc286a173fc92b00fb4ba6824647cd93c85c1":0
+
+RSAES-OAEP Decryption Example 7_2
+pkcs1_rsaes_oaep_decrypt:1030:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"1d9b2e2223d9bc13bfb9f162ce735db48ba7c68f6822a0a1a7b6ae165834e7":"3a9c3cec7b84f9bd3adecbc673ec99d54b22bc9b":"1052ed397b2e01e1d0ee1c50bf24363f95e504f4a03434a08fd822574ed6b9736edbb5f390db10321479a8a139350e2bd4977c3778ef331f3e78ae118b268451f20a2f01d471f5d53c566937171b2dbc2d4bde459a5799f0372d6574239b2323d245d0bb81c286b63c89a361017337e4902f88a467f4c7f244bfd5ab46437ff3b6":0
+
+RSAES-OAEP Decryption Example 7_3
+pkcs1_rsaes_oaep_decrypt:1030:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"d976fc":"76a75e5b6157a556cf8884bb2e45c293dd545cf5":"2155cd843ff24a4ee8badb7694260028a490813ba8b369a4cbf106ec148e5298707f5965be7d101c1049ea8584c24cd63455ad9c104d686282d3fb803a4c11c1c2e9b91c7178801d1b6640f003f5728df007b8a4ccc92bce05e41a27278d7c85018c52414313a5077789001d4f01910b72aad05d220aa14a58733a7489bc54556b":0
+
+RSAES-OAEP Decryption Example 7_4
+pkcs1_rsaes_oaep_decrypt:1030:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"d4738623df223aa43843df8467534c41d013e0c803c624e263666b239bde40a5f29aeb8de79e3daa61dd0370f49bd4b013834b98212aef6b1c5ee373b3cb":"7866314a6ad6f2b250a35941db28f5864b585859":"0ab14c373aeb7d4328d0aaad8c094d88b9eb098b95f21054a29082522be7c27a312878b637917e3d819e6c3c568db5d843802b06d51d9e98a2be0bf40c031423b00edfbff8320efb9171bd2044653a4cb9c5122f6c65e83cda2ec3c126027a9c1a56ba874d0fea23f380b82cf240b8cf540004758c4c77d934157a74f3fc12bfac":0
+
+RSAES-OAEP Decryption Example 7_5
+pkcs1_rsaes_oaep_decrypt:1030:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"bb47231ca5ea1d3ad46c99345d9a8a61":"b2166ed472d58db10cab2c6b000cccf10a7dc509":"028387a318277434798b4d97f460068df5298faba5041ba11761a1cb7316b24184114ec500257e2589ed3b607a1ebbe97a6cc2e02bf1b681f42312a33b7a77d8e7855c4a6de03e3c04643f786b91a264a0d6805e2cea91e68177eb7a64d9255e4f27e713b7ccec00dc200ebd21c2ea2bb890feae4942df941dc3f97890ed347478":0
+
+RSAES-OAEP Decryption Example 7_6
+pkcs1_rsaes_oaep_decrypt:1030:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"2184827095d35c3f86f600e8e59754013296":"52673bde2ca166c2aa46131ac1dc808d67d7d3b1":"14c678a94ad60525ef39e959b2f3ba5c097a94ff912b67dbace80535c187abd47d075420b1872152bba08f7fc31f313bbf9273c912fc4c0149a9b0cfb79807e346eb332069611bec0ff9bcd168f1f7c33e77313cea454b94e2549eecf002e2acf7f6f2d2845d4fe0aab2e5a92ddf68c480ae11247935d1f62574842216ae674115":0
+
+RSAES-OAEP Decryption Example 8_1
+pkcs1_rsaes_oaep_decrypt:1031:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"050b755e5e6880f7b9e9d692a74c37aae449b31bfea6deff83747a897f6c2c825bb1adbf850a3c96994b5de5b33cbc7d4a17913a7967":"7706ffca1ecfb1ebee2a55e5c6e24cd2797a4125":"09b3683d8a2eb0fb295b62ed1fb9290b714457b7825319f4647872af889b30409472020ad12912bf19b11d4819f49614824ffd84d09c0a17e7d17309d12919790410aa2995699f6a86dbe3242b5acc23af45691080d6b1ae810fb3e3057087f0970092ce00be9562ff4053b6262ce0caa93e13723d2e3a5ba075d45f0d61b54b61":0
+
+RSAES-OAEP Decryption Example 8_2
+pkcs1_rsaes_oaep_decrypt:1031:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"4eb68dcd93ca9b19df111bd43608f557026fe4aa1d5cfac227a3eb5ab9548c18a06dded23f81825986b2fcd71109ecef7eff88873f075c2aa0c469f69c92bc":"a3717da143b4dcffbc742665a8fa950585548343":"2ecf15c97c5a15b1476ae986b371b57a24284f4a162a8d0c8182e7905e792256f1812ba5f83f1f7a130e42dcc02232844edc14a31a68ee97ae564a383a3411656424c5f62ddb646093c367be1fcda426cf00a06d8acb7e57776fbbd855ac3df506fc16b1d7c3f2110f3d8068e91e186363831c8409680d8da9ecd8cf1fa20ee39d":0
+
+RSAES-OAEP Decryption Example 8_3
+pkcs1_rsaes_oaep_decrypt:1031:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"8604ac56328c1ab5ad917861":"ee06209073cca026bb264e5185bf8c68b7739f86":"4bc89130a5b2dabb7c2fcf90eb5d0eaf9e681b7146a38f3173a3d9cfec52ea9e0a41932e648a9d69344c50da763f51a03c95762131e8052254dcd2248cba40fd31667786ce05a2b7b531ac9dac9ed584a59b677c1a8aed8c5d15d68c05569e2be780bf7db638fd2bfd2a85ab276860f3777338fca989ffd743d13ee08e0ca9893f":0
+
+RSAES-OAEP Decryption Example 8_4
+pkcs1_rsaes_oaep_decrypt:1031:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"fdda5fbf6ec361a9d9a4ac68af216a0686f438b1e0e5c36b955f74e107f39c0dddcc":"990ad573dc48a973235b6d82543618f2e955105d":"2e456847d8fc36ff0147d6993594b9397227d577752c79d0f904fcb039d4d812fea605a7b574dd82ca786f93752348438ee9f5b5454985d5f0e1699e3e7ad175a32e15f03deb042ab9fe1dd9db1bb86f8c089ccb45e7ef0c5ee7ca9b7290ca6b15bed47039788a8a93ff83e0e8d6244c71006362deef69b6f416fb3c684383fbd0":0
+
+RSAES-OAEP Decryption Example 8_5
+pkcs1_rsaes_oaep_decrypt:1031:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"4a5f4914bee25de3c69341de07":"ecc63b28f0756f22f52ac8e6ec1251a6ec304718":"1fb9356fd5c4b1796db2ebf7d0d393cc810adf6145defc2fce714f79d93800d5e2ac211ea8bbecca4b654b94c3b18b30dd576ce34dc95436ef57a09415645923359a5d7b4171ef22c24670f1b229d3603e91f76671b7df97e7317c97734476d5f3d17d21cf82b5ba9f83df2e588d36984fd1b584468bd23b2e875f32f68953f7b2":0
+
+RSAES-OAEP Decryption Example 8_6
+pkcs1_rsaes_oaep_decrypt:1031:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"8e07d66f7b880a72563abcd3f35092bc33409fb7f88f2472be":"3925c71b362d40a0a6de42145579ba1e7dd459fc":"3afd9c6600147b21798d818c655a0f4c9212db26d0b0dfdc2a7594ccb3d22f5bf1d7c3e112cd73fc7d509c7a8bafdd3c274d1399009f9609ec4be6477e453f075aa33db382870c1c3409aef392d7386ae3a696b99a94b4da0589447e955d16c98b17602a59bd736279fcd8fb280c4462d590bfa9bf13fed570eafde97330a2c210":0
+
+RSAES-OAEP Decryption Example 9_1
+pkcs1_rsaes_oaep_decrypt:1536:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"f735fd55ba92592c3b52b8f9c4f69aaa1cbef8fe88add095595412467f9cf4ec0b896c59eda16210e7549c8abb10cdbc21a12ec9b6b5b8fd2f10399eb6":"8ec965f134a3ec9931e92a1ca0dc8169d5ea705c":"267bcd118acab1fc8ba81c85d73003cb8610fa55c1d97da8d48a7c7f06896a4db751aa284255b9d36ad65f37653d829f1b37f97b8001942545b2fc2c55a7376ca7a1be4b1760c8e05a33e5aa2526b8d98e317088e7834c755b2a59b12631a182c05d5d43ab1779264f8456f515ce57dfdf512d5493dab7b7338dc4b7d78db9c091ac3baf537a69fc7f549d979f0eff9a94fda4169bd4d1d19a69c99e33c3b55490d501b39b1edae118ff6793a153261584d3a5f39f6e682e3d17c8cd1261fa72":0
+
+RSAES-OAEP Decryption Example 9_2
+pkcs1_rsaes_oaep_decrypt:1536:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"81b906605015a63aabe42ddf11e1978912f5404c7474b26dce3ed482bf961ecc818bf420c54659":"ecb1b8b25fa50cdab08e56042867f4af5826d16c":"93ac9f0671ec29acbb444effc1a5741351d60fdb0e393fbf754acf0de49761a14841df7772e9bc82773966a1584c4d72baea00118f83f35cca6e537cbd4d811f5583b29783d8a6d94cd31be70d6f526c10ff09c6fa7ce069795a3fcd0511fd5fcb564bcc80ea9c78f38b80012539d8a4ddf6fe81e9cddb7f50dbbbbcc7e5d86097ccf4ec49189fb8bf318be6d5a0715d516b49af191258cd32dc833ce6eb4673c03a19bbace88cc54895f636cc0c1ec89096d11ce235a265ca1764232a689ae8":0
+
+RSAES-OAEP Decryption Example 9_3
+pkcs1_rsaes_oaep_decrypt:1536:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"fd326429df9b890e09b54b18b8f34f1e24":"e89bb032c6ce622cbdb53bc9466014ea77f777c0":"81ebdd95054b0c822ef9ad7693f5a87adfb4b4c4ce70df2df84ed49c04da58ba5fc20a19e1a6e8b7a3900b22796dc4e869ee6b42792d15a8eceb56c09c69914e813cea8f6931e4b8ed6f421af298d595c97f4789c7caa612c7ef360984c21b93edc5401068b5af4c78a8771b984d53b8ea8adf2f6a7d4a0ba76c75e1dd9f658f20ded4a46071d46d7791b56803d8fea7f0b0f8e41ae3f09383a6f9585fe7753eaaffd2bf94563108beecc207bbb535f5fcc705f0dde9f708c62f49a9c90371d3":0
+
+RSAES-OAEP Decryption Example 9_4
+pkcs1_rsaes_oaep_decrypt:1536:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"f1459b5f0c92f01a0f723a2e5662484d8f8c0a20fc29dad6acd43bb5f3effdf4e1b63e07fdfe6628d0d74ca19bf2d69e4a0abf86d293925a796772f8088e":"606f3b99c0b9ccd771eaa29ea0e4c884f3189ccc":"bcc35f94cde66cb1136625d625b94432a35b22f3d2fa11a613ff0fca5bd57f87b902ccdc1cd0aebcb0715ee869d1d1fe395f6793003f5eca465059c88660d446ff5f0818552022557e38c08a67ead991262254f10682975ec56397768537f4977af6d5f6aaceb7fb25dec5937230231fd8978af49119a29f29e424ab8272b47562792d5c94f774b8829d0b0d9f1a8c9eddf37574d5fa248eefa9c5271fc5ec2579c81bdd61b410fa61fe36e424221c113addb275664c801d34ca8c6351e4a858":0
+
+RSAES-OAEP Decryption Example 9_5
+pkcs1_rsaes_oaep_decrypt:1536:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"53e6e8c729d6f9c319dd317e74b0db8e4ccca25f3c8305746e137ac63a63ef3739e7b595abb96e8d55e54f7bd41ab433378ffb911d":"fcbc421402e9ecabc6082afa40ba5f26522c840e":"232afbc927fa08c2f6a27b87d4a5cb09c07dc26fae73d73a90558839f4fd66d281b87ec734bce237ba166698ed829106a7de6942cd6cdce78fed8d2e4d81428e66490d036264cef92af941d3e35055fe3981e14d29cbb9a4f67473063baec79a1179f5a17c9c1832f2838fd7d5e59bb9659d56dce8a019edef1bb3accc697cc6cc7a778f60a064c7f6f5d529c6210262e003de583e81e3167b89971fb8c0e15d44fffef89b53d8d64dd797d159b56d2b08ea5307ea12c241bd58d4ee278a1f2e":0
+
+RSAES-OAEP Decryption Example 9_6
+pkcs1_rsaes_oaep_decrypt:1536:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"b6b28ea2198d0c1008bc64":"23aade0e1e08bb9b9a78d2302a52f9c21b2e1ba2":"438cc7dc08a68da249e42505f8573ba60e2c2773d5b290f4cf9dff718e842081c383e67024a0f29594ea987b9d25e4b738f285970d195abb3a8c8054e3d79d6b9c9a8327ba596f1259e27126674766907d8d582ff3a8476154929adb1e6d1235b2ccb4ec8f663ba9cc670a92bebd853c8dbf69c6436d016f61add836e94732450434207f9fd4c43dec2a12a958efa01efe2669899b5e604c255c55fb7166de5589e369597bb09168c06dd5db177e06a1740eb2d5c82faeca6d92fcee9931ba9f":0
+
+RSAES-OAEP Decryption Example 10_1
+pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"8bba6bf82a6c0f86d5f1756e97956870b08953b06b4eb205bc1694ee":"47e1ab7119fee56c95ee5eaad86f40d0aa63bd33":"53ea5dc08cd260fb3b858567287fa91552c30b2febfba213f0ae87702d068d19bab07fe574523dfb42139d68c3c5afeee0bfe4cb7969cbf382b804d6e61396144e2d0e60741f8993c3014b58b9b1957a8babcd23af854f4c356fb1662aa72bfcc7e586559dc4280d160c126785a723ebeebeff71f11594440aaef87d10793a8774a239d4a04c87fe1467b9daf85208ec6c7255794a96cc29142f9a8bd418e3c1fd67344b0cd0829df3b2bec60253196293c6b34d3f75d32f213dd45c6273d505adf4cced1057cb758fc26aeefa441255ed4e64c199ee075e7f16646182fdb464739b68ab5daff0e63e9552016824f054bf4d3c8c90a97bb6b6553284eb429fcc":0
+
+RSAES-OAEP Decryption Example 10_2
+pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"e6ad181f053b58a904f2457510373e57":"6d17f5b4c1ffac351d195bf7b09d09f09a4079cf":"a2b1a430a9d657e2fa1c2bb5ed43ffb25c05a308fe9093c01031795f5874400110828ae58fb9b581ce9dddd3e549ae04a0985459bde6c626594e7b05dc4278b2a1465c1368408823c85e96dc66c3a30983c639664fc4569a37fe21e5a195b5776eed2df8d8d361af686e750229bbd663f161868a50615e0c337bec0ca35fec0bb19c36eb2e0bbcc0582fa1d93aacdb061063f59f2ce1ee43605e5d89eca183d2acdfe9f81011022ad3b43a3dd417dac94b4e11ea81b192966e966b182082e71964607b4f8002f36299844a11f2ae0faeac2eae70f8f4f98088acdcd0ac556e9fccc511521908fad26f04c64201450305778758b0538bf8b5bb144a828e629795":0
+
+RSAES-OAEP Decryption Example 10_3
+pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"510a2cf60e866fa2340553c94ea39fbc256311e83e94454b4124":"385387514deccc7c740dd8cdf9daee49a1cbfd54":"9886c3e6764a8b9a84e84148ebd8c3b1aa8050381a78f668714c16d9cfd2a6edc56979c535d9dee3b44b85c18be8928992371711472216d95dda98d2ee8347c9b14dffdff84aa48d25ac06f7d7e65398ac967b1ce90925f67dce049b7f812db0742997a74d44fe81dbe0e7a3feaf2e5c40af888d550ddbbe3bc20657a29543f8fc2913b9bd1a61b2ab2256ec409bbd7dc0d17717ea25c43f42ed27df8738bf4afc6766ff7aff0859555ee283920f4c8a63c4a7340cbafddc339ecdb4b0515002f96c932b5b79167af699c0ad3fccfdf0f44e85a70262bf2e18fe34b850589975e867ff969d48eabf212271546cdc05a69ecb526e52870c836f307bd798780ede":0
+
+RSAES-OAEP Decryption Example 10_4
+pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"bcdd190da3b7d300df9a06e22caae2a75f10c91ff667b7c16bde8b53064a2649a94045c9":"5caca6a0f764161a9684f85d92b6e0ef37ca8b65":"6318e9fb5c0d05e5307e1683436e903293ac4642358aaa223d7163013aba87e2dfda8e60c6860e29a1e92686163ea0b9175f329ca3b131a1edd3a77759a8b97bad6a4f8f4396f28cf6f39ca58112e48160d6e203daa5856f3aca5ffed577af499408e3dfd233e3e604dbe34a9c4c9082de65527cac6331d29dc80e0508a0fa7122e7f329f6cca5cfa34d4d1da417805457e008bec549e478ff9e12a763c477d15bbb78f5b69bd57830fc2c4ed686d79bc72a95d85f88134c6b0afe56a8ccfbc855828bb339bd17909cf1d70de3335ae07039093e606d655365de6550b872cd6de1d440ee031b61945f629ad8a353b0d40939e96a3c450d2a8d5eee9f678093c8":0
+
+RSAES-OAEP Decryption Example 10_5
+pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"a7dd6c7dc24b46f9dd5f1e91ada4c3b3df947e877232a9":"95bca9e3859894b3dd869fa7ecd5bbc6401bf3e4":"75290872ccfd4a4505660d651f56da6daa09ca1301d890632f6a992f3d565cee464afded40ed3b5be9356714ea5aa7655f4a1366c2f17c728f6f2c5a5d1f8e28429bc4e6f8f2cff8da8dc0e0a9808e45fd09ea2fa40cb2b6ce6ffff5c0e159d11b68d90a85f7b84e103b09e682666480c657505c0929259468a314786d74eab131573cf234bf57db7d9e66cc6748192e002dc0deea930585f0831fdcd9bc33d51f79ed2ffc16bcf4d59812fcebcaa3f9069b0e445686d644c25ccf63b456ee5fa6ffe96f19cdf751fed9eaf35957754dbf4bfea5216aa1844dc507cb2d080e722eba150308c2b5ff1193620f1766ecf4481bafb943bd292877f2136ca494aba0":0
+
+RSAES-OAEP Decryption Example 10_6
+pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"eaf1a73a1b0c4609537de69cd9228bbcfb9a8ca8c6c3efaf056fe4a7f4634ed00b7c39ec6922d7b8ea2c04ebac":"9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32":"2d207a73432a8fb4c03051b3f73b28a61764098dfa34c47a20995f8115aa6816679b557e82dbee584908c6e69782d7deb34dbd65af063d57fca76a5fd069492fd6068d9984d209350565a62e5c77f23038c12cb10c6634709b547c46f6b4a709bd85ca122d74465ef97762c29763e06dbc7a9e738c78bfca0102dc5e79d65b973f28240caab2e161a78b57d262457ed8195d53e3c7ae9da021883c6db7c24afdd2322eac972ad3c354c5fcef1e146c3a0290fb67adf007066e00428d2cec18ce58f9328698defef4b2eb5ec76918fde1c198cbb38b7afc67626a9aefec4322bfd90d2563481c9a221f78c8272c82d1b62ab914e1c69f6af6ef30ca5260db4a46":0
+
+RSAES-OAEP Decryption empty output with NULL buffer
+depends_on:MBEDTLS_SHA1_C
+pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"":"9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32":"32b75304e631e94d4b02819642c7ffa66116af504cb3c4687420cc4b7f069fc6cc3b1a254611995ce2914a9e88152d38bbf87ccedcad9b9890341284e56e802a1b1f8f6bd3d5c991bd92eb8a8ea0a1d8bae141088ff8dceaebdb73515cf06ce33baa37c53093f1d1edc3502818cc70edcfddb41646374beb5b4f67f7f773e43778d4d31012e5a207c474e762ac3251ea6ede9018ad6e8e9ea65a3528a62b694eb9d8becff220a7c6c70d33eaafa52cf67a8090f67b6f9c43c6fe0b0f2375cbb9e611c0fcfef5312feb5e53d4a89d3d7e06c966e0c92ab9e5838239f390bcfd918d94c224df8e8ccb57ee364389908b6a0e550133f7565016804fbd6cb338314a":0
+
+RSASSA-PSS Signing Test Vector Int
+pkcs1_rsassa_pss_sign:1024:"d17f655bf27c8b16d35462c905cc04a26f37e2a67fa9c0ce0dced472394a0df743fe7f929e378efdb368eddff453cf007af6d948e0ade757371f8a711e278f6b":"c6d92b6fee7414d1358ce1546fb62987530b90bd15e0f14963a5e2635adb69347ec0c01b2ab1763fd8ac1a592fb22757463a982425bb97a3a437c5bf86d03f2f":"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"8daa627d3de7595d63056c7ec659e54406f10610128baae821c8b2a0f3936d54dc3bdce46689f6b7951bb18e840542769718d5715d210d85efbb596192032c42be4c29972c856275eb6d5a45f05f51876fc6743deddd28caec9bb30ea99e02c3488269604fe497f74ccd7c7fca1671897123cbd30def5d54a2b5536ad90a747e":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Verification Test Vector Int
+pkcs1_rsassa_pss_verify:1024:"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"8daa627d3de7595d63056c7ec659e54406f10610128baae821c8b2a0f3936d54dc3bdce46689f6b7951bb18e840542769718d5715d210d85efbb596192032c42be4c29972c856275eb6d5a45f05f51876fc6743deddd28caec9bb30ea99e02c3488269604fe497f74ccd7c7fca1671897123cbd30def5d54a2b5536ad90a747e":0
+
+RSASSA-PSS Signature RSA-1016, SHA-512: minimum salt size not met
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:1016:"0e3cb6845e528229e19cfb24611e6859ac1cea7d35992b6e2e796823c52affa03400e42830f90697f084499c3e3587defc19e749e72433dd7b70c28b0c8280b7":"0c48f9e45ae38fdb4a5143be37d79a10cd4f1f9782ef26a4848a4449c72cfd712c68350818736385cb4a9ab6db5aef8e96c551039cfcc8915821aee069ed660d":"00aee7874a4db2f1510044405db29f14df0f37bbcf61fcbcc994a3d31caaf858a74cc8f2a40ac9a9ce7aa9a0680f62cf9d8d4b827114533fdbf86f16fc9dfe5cbf857d86135519a4611ffc59cb7473861619a78e3ec314715e804cff82d6f32e9f57ddf390563629883bd34f40e8db413209b151cee97d817a5d65c7da54734b":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSASSA-PSS Signature RSA-520, SHA-512: no possible salt size
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:520:"0feea5f6220fac291b9508ec2ba8ed281eb39aee4d5dc693254106816ebc700ecf":"0d68918785c3aafe31eaaa2d8d8156dce645940ff7734a457337a51bd00bc88811":"00d5a06f86e5b9d87428540165ca966fa8893a62e2a59d0bfd7617780bb039f9165a373a8e119d0766f8de556710f33f67019153bad8223775e797d451d48206f3bf":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSASSA-PSS Signature RSA-528, SHA-512: zero salt size
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:528:"00d272aa28ed2085ac6df3c05c6719eed5deb618afa2e4ca4a6f7330b430ad48672d":"00c578836bab27145db9dd66f17470b62d4a6100f8ca0dedf457ee3639c3b9596325":"00a2554eba715bf66e5ecdf3d6d718e3e5d907e8666e7bf5a76b415106e04eb827ec4cb2199cff66491d45419082059aa5b54b0cf5eef4443402f3047c0b0e6f025081":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSASSA-PSS Signature Example 1_1
+pkcs1_rsassa_pss_sign:1024:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0":"dee959c7e06411361420ff80185ed57f3e6776af":"9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 1_1 (verify)
+pkcs1_rsassa_pss_verify:1024:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0":"dee959c7e06411361420ff80185ed57f3e6776af":"9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c":0
+
+RSASSA-PSS Signature Example 1_2
+pkcs1_rsassa_pss_sign:1024:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"851384cdfe819c22ed6c4ccb30daeb5cf059bc8e1166b7e3530c4c233e2b5f8f71a1cca582d43ecc72b1bca16dfc7013226b9e":"ef2869fa40c346cb183dab3d7bffc98fd56df42d":"3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 1_2 (verify)
+pkcs1_rsassa_pss_verify:1024:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"851384cdfe819c22ed6c4ccb30daeb5cf059bc8e1166b7e3530c4c233e2b5f8f71a1cca582d43ecc72b1bca16dfc7013226b9e":"ef2869fa40c346cb183dab3d7bffc98fd56df42d":"3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843":0
+
+RSASSA-PSS Signature Example 1_3
+pkcs1_rsassa_pss_sign:1024:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a4b159941761c40c6a82f2b80d1b94f5aa2654fd17e12d588864679b54cd04ef8bd03012be8dc37f4b83af7963faff0dfa225477437c48017ff2be8191cf3955fc07356eab3f322f7f620e21d254e5db4324279fe067e0910e2e81ca2cab31c745e67a54058eb50d993cdb9ed0b4d029c06d21a94ca661c3ce27fae1d6cb20f4564d66ce4767583d0e5f060215b59017be85ea848939127bd8c9c4d47b51056c031cf336f17c9980f3b8f5b9b6878e8b797aa43b882684333e17893fe9caa6aa299f7ed1a18ee2c54864b7b2b99b72618fb02574d139ef50f019c9eef416971338e7d470":"710b9c4747d800d4de87f12afdce6df18107cc77":"666026fba71bd3e7cf13157cc2c51a8e4aa684af9778f91849f34335d141c00154c4197621f9624a675b5abc22ee7d5baaffaae1c9baca2cc373b3f33e78e6143c395a91aa7faca664eb733afd14d8827259d99a7550faca501ef2b04e33c23aa51f4b9e8282efdb728cc0ab09405a91607c6369961bc8270d2d4f39fce612b1":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 1_3 (verify)
+pkcs1_rsassa_pss_verify:1024:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a4b159941761c40c6a82f2b80d1b94f5aa2654fd17e12d588864679b54cd04ef8bd03012be8dc37f4b83af7963faff0dfa225477437c48017ff2be8191cf3955fc07356eab3f322f7f620e21d254e5db4324279fe067e0910e2e81ca2cab31c745e67a54058eb50d993cdb9ed0b4d029c06d21a94ca661c3ce27fae1d6cb20f4564d66ce4767583d0e5f060215b59017be85ea848939127bd8c9c4d47b51056c031cf336f17c9980f3b8f5b9b6878e8b797aa43b882684333e17893fe9caa6aa299f7ed1a18ee2c54864b7b2b99b72618fb02574d139ef50f019c9eef416971338e7d470":"710b9c4747d800d4de87f12afdce6df18107cc77":"666026fba71bd3e7cf13157cc2c51a8e4aa684af9778f91849f34335d141c00154c4197621f9624a675b5abc22ee7d5baaffaae1c9baca2cc373b3f33e78e6143c395a91aa7faca664eb733afd14d8827259d99a7550faca501ef2b04e33c23aa51f4b9e8282efdb728cc0ab09405a91607c6369961bc8270d2d4f39fce612b1":0
+
+RSASSA-PSS Signature Example 1_4
+pkcs1_rsassa_pss_sign:1024:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"bc656747fa9eafb3f0":"056f00985de14d8ef5cea9e82f8c27bef720335e":"4609793b23e9d09362dc21bb47da0b4f3a7622649a47d464019b9aeafe53359c178c91cd58ba6bcb78be0346a7bc637f4b873d4bab38ee661f199634c547a1ad8442e03da015b136e543f7ab07c0c13e4225b8de8cce25d4f6eb8400f81f7e1833b7ee6e334d370964ca79fdb872b4d75223b5eeb08101591fb532d155a6de87":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 1_4 (verify)
+pkcs1_rsassa_pss_verify:1024:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"bc656747fa9eafb3f0":"056f00985de14d8ef5cea9e82f8c27bef720335e":"4609793b23e9d09362dc21bb47da0b4f3a7622649a47d464019b9aeafe53359c178c91cd58ba6bcb78be0346a7bc637f4b873d4bab38ee661f199634c547a1ad8442e03da015b136e543f7ab07c0c13e4225b8de8cce25d4f6eb8400f81f7e1833b7ee6e334d370964ca79fdb872b4d75223b5eeb08101591fb532d155a6de87":0
+
+RSASSA-PSS Signature Example 1_5
+pkcs1_rsassa_pss_sign:1024:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"b45581547e5427770c768e8b82b75564e0ea4e9c32594d6bff706544de0a8776c7a80b4576550eee1b2acabc7e8b7d3ef7bb5b03e462c11047eadd00629ae575480ac1470fe046f13a2bf5af17921dc4b0aa8b02bee6334911651d7f8525d10f32b51d33be520d3ddf5a709955a3dfe78283b9e0ab54046d150c177f037fdccc5be4ea5f68b5e5a38c9d7edcccc4975f455a6909b4":"80e70ff86a08de3ec60972b39b4fbfdcea67ae8e":"1d2aad221ca4d31ddf13509239019398e3d14b32dc34dc5af4aeaea3c095af73479cf0a45e5629635a53a018377615b16cb9b13b3e09d671eb71e387b8545c5960da5a64776e768e82b2c93583bf104c3fdb23512b7b4e89f633dd0063a530db4524b01c3f384c09310e315a79dcd3d684022a7f31c865a664e316978b759fad":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 1_5 (verify)
+pkcs1_rsassa_pss_verify:1024:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"b45581547e5427770c768e8b82b75564e0ea4e9c32594d6bff706544de0a8776c7a80b4576550eee1b2acabc7e8b7d3ef7bb5b03e462c11047eadd00629ae575480ac1470fe046f13a2bf5af17921dc4b0aa8b02bee6334911651d7f8525d10f32b51d33be520d3ddf5a709955a3dfe78283b9e0ab54046d150c177f037fdccc5be4ea5f68b5e5a38c9d7edcccc4975f455a6909b4":"80e70ff86a08de3ec60972b39b4fbfdcea67ae8e":"1d2aad221ca4d31ddf13509239019398e3d14b32dc34dc5af4aeaea3c095af73479cf0a45e5629635a53a018377615b16cb9b13b3e09d671eb71e387b8545c5960da5a64776e768e82b2c93583bf104c3fdb23512b7b4e89f633dd0063a530db4524b01c3f384c09310e315a79dcd3d684022a7f31c865a664e316978b759fad":0
+
+RSASSA-PSS Signature Example 1_6
+pkcs1_rsassa_pss_sign:1024:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"10aae9a0ab0b595d0841207b700d48d75faedde3b775cd6b4cc88ae06e4694ec74ba18f8520d4f5ea69cbbe7cc2beba43efdc10215ac4eb32dc302a1f53dc6c4352267e7936cfebf7c8d67035784a3909fa859c7b7b59b8e39c5c2349f1886b705a30267d402f7486ab4f58cad5d69adb17ab8cd0ce1caf5025af4ae24b1fb8794c6070cc09a51e2f9911311e3877d0044c71c57a993395008806b723ac38373d395481818528c1e7053739282053529510e935cd0fa77b8fa53cc2d474bd4fb3cc5c672d6ffdc90a00f9848712c4bcfe46c60573659b11e6457e861f0f604b6138d144f8ce4e2da73":"a8ab69dd801f0074c2a1fc60649836c616d99681":"2a34f6125e1f6b0bf971e84fbd41c632be8f2c2ace7de8b6926e31ff93e9af987fbc06e51e9be14f5198f91f3f953bd67da60a9df59764c3dc0fe08e1cbef0b75f868d10ad3fba749fef59fb6dac46a0d6e504369331586f58e4628f39aa278982543bc0eeb537dc61958019b394fb273f215858a0a01ac4d650b955c67f4c58":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 1_6 (verify)
+pkcs1_rsassa_pss_verify:1024:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"10aae9a0ab0b595d0841207b700d48d75faedde3b775cd6b4cc88ae06e4694ec74ba18f8520d4f5ea69cbbe7cc2beba43efdc10215ac4eb32dc302a1f53dc6c4352267e7936cfebf7c8d67035784a3909fa859c7b7b59b8e39c5c2349f1886b705a30267d402f7486ab4f58cad5d69adb17ab8cd0ce1caf5025af4ae24b1fb8794c6070cc09a51e2f9911311e3877d0044c71c57a993395008806b723ac38373d395481818528c1e7053739282053529510e935cd0fa77b8fa53cc2d474bd4fb3cc5c672d6ffdc90a00f9848712c4bcfe46c60573659b11e6457e861f0f604b6138d144f8ce4e2da73":"a8ab69dd801f0074c2a1fc60649836c616d99681":"2a34f6125e1f6b0bf971e84fbd41c632be8f2c2ace7de8b6926e31ff93e9af987fbc06e51e9be14f5198f91f3f953bd67da60a9df59764c3dc0fe08e1cbef0b75f868d10ad3fba749fef59fb6dac46a0d6e504369331586f58e4628f39aa278982543bc0eeb537dc61958019b394fb273f215858a0a01ac4d650b955c67f4c58":0
+
+RSASSA-PSS Signature Example 2_1
+pkcs1_rsassa_pss_sign:1025:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"daba032066263faedb659848115278a52c44faa3a76f37515ed336321072c40a9d9b53bc05014078adf520875146aae70ff060226dcb7b1f1fc27e9360":"57bf160bcb02bb1dc7280cf0458530b7d2832ff7":"014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 2_1 (verify)
+pkcs1_rsassa_pss_verify:1025:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"daba032066263faedb659848115278a52c44faa3a76f37515ed336321072c40a9d9b53bc05014078adf520875146aae70ff060226dcb7b1f1fc27e9360":"57bf160bcb02bb1dc7280cf0458530b7d2832ff7":"014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3":0
+
+RSASSA-PSS Signature Example 2_2
+pkcs1_rsassa_pss_sign:1025:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e4f8601a8a6da1be34447c0959c058570c3668cfd51dd5f9ccd6ad4411fe8213486d78a6c49f93efc2ca2288cebc2b9b60bd04b1e220d86e3d4848d709d032d1e8c6a070c6af9a499fcf95354b14ba6127c739de1bb0fd16431e46938aec0cf8ad9eb72e832a7035de9b7807bdc0ed8b68eb0f5ac2216be40ce920c0db0eddd3860ed788efaccaca502d8f2bd6d1a7c1f41ff46f1681c8f1f818e9c4f6d91a0c7803ccc63d76a6544d843e084e363b8acc55aa531733edb5dee5b5196e9f03e8b731b3776428d9e457fe3fbcb3db7274442d785890e9cb0854b6444dace791d7273de1889719338a77fe":"7f6dd359e604e60870e898e47b19bf2e5a7b2a90":"010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 2_2 (verify)
+pkcs1_rsassa_pss_verify:1025:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e4f8601a8a6da1be34447c0959c058570c3668cfd51dd5f9ccd6ad4411fe8213486d78a6c49f93efc2ca2288cebc2b9b60bd04b1e220d86e3d4848d709d032d1e8c6a070c6af9a499fcf95354b14ba6127c739de1bb0fd16431e46938aec0cf8ad9eb72e832a7035de9b7807bdc0ed8b68eb0f5ac2216be40ce920c0db0eddd3860ed788efaccaca502d8f2bd6d1a7c1f41ff46f1681c8f1f818e9c4f6d91a0c7803ccc63d76a6544d843e084e363b8acc55aa531733edb5dee5b5196e9f03e8b731b3776428d9e457fe3fbcb3db7274442d785890e9cb0854b6444dace791d7273de1889719338a77fe":"7f6dd359e604e60870e898e47b19bf2e5a7b2a90":"010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea":0
+
+RSASSA-PSS Signature Example 2_3
+pkcs1_rsassa_pss_sign:1025:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"52a1d96c8ac39e41e455809801b927a5b445c10d902a0dcd3850d22a66d2bb0703e67d5867114595aabf5a7aeb5a8f87034bbb30e13cfd4817a9be76230023606d0286a3faf8a4d22b728ec518079f9e64526e3a0cc7941aa338c437997c680ccac67c66bfa1":"fca862068bce2246724b708a0519da17e648688c":"007f0030018f53cdc71f23d03659fde54d4241f758a750b42f185f87578520c30742afd84359b6e6e8d3ed959dc6fe486bedc8e2cf001f63a7abe16256a1b84df0d249fc05d3194ce5f0912742dbbf80dd174f6c51f6bad7f16cf3364eba095a06267dc3793803ac7526aebe0a475d38b8c2247ab51c4898df7047dc6adf52c6c4":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 2_3 (verify)
+pkcs1_rsassa_pss_verify:1025:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"52a1d96c8ac39e41e455809801b927a5b445c10d902a0dcd3850d22a66d2bb0703e67d5867114595aabf5a7aeb5a8f87034bbb30e13cfd4817a9be76230023606d0286a3faf8a4d22b728ec518079f9e64526e3a0cc7941aa338c437997c680ccac67c66bfa1":"fca862068bce2246724b708a0519da17e648688c":"007f0030018f53cdc71f23d03659fde54d4241f758a750b42f185f87578520c30742afd84359b6e6e8d3ed959dc6fe486bedc8e2cf001f63a7abe16256a1b84df0d249fc05d3194ce5f0912742dbbf80dd174f6c51f6bad7f16cf3364eba095a06267dc3793803ac7526aebe0a475d38b8c2247ab51c4898df7047dc6adf52c6c4":0
+
+RSASSA-PSS Signature Example 2_4
+pkcs1_rsassa_pss_sign:1025:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a7182c83ac18be6570a106aa9d5c4e3dbbd4afaeb0c60c4a23e1969d79ff":"8070ef2de945c02387684ba0d33096732235d440":"009cd2f4edbe23e12346ae8c76dd9ad3230a62076141f16c152ba18513a48ef6f010e0e37fd3df10a1ec629a0cb5a3b5d2893007298c30936a95903b6ba85555d9ec3673a06108fd62a2fda56d1ce2e85c4db6b24a81ca3b496c36d4fd06eb7c9166d8e94877c42bea622b3bfe9251fdc21d8d5371badad78a488214796335b40b":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 2_4 (verify)
+pkcs1_rsassa_pss_verify:1025:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a7182c83ac18be6570a106aa9d5c4e3dbbd4afaeb0c60c4a23e1969d79ff":"8070ef2de945c02387684ba0d33096732235d440":"009cd2f4edbe23e12346ae8c76dd9ad3230a62076141f16c152ba18513a48ef6f010e0e37fd3df10a1ec629a0cb5a3b5d2893007298c30936a95903b6ba85555d9ec3673a06108fd62a2fda56d1ce2e85c4db6b24a81ca3b496c36d4fd06eb7c9166d8e94877c42bea622b3bfe9251fdc21d8d5371badad78a488214796335b40b":0
+
+RSASSA-PSS Signature Example 2_5
+pkcs1_rsassa_pss_sign:1025:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"86a83d4a72ee932a4f5630af6579a386b78fe88999e0abd2d49034a4bfc854dd94f1094e2e8cd7a179d19588e4aefc1b1bd25e95e3dd461f":"17639a4e88d722c4fca24d079a8b29c32433b0c9":"00ec430824931ebd3baa43034dae98ba646b8c36013d1671c3cf1cf8260c374b19f8e1cc8d965012405e7e9bf7378612dfcc85fce12cda11f950bd0ba8876740436c1d2595a64a1b32efcfb74a21c873b3cc33aaf4e3dc3953de67f0674c0453b4fd9f604406d441b816098cb106fe3472bc251f815f59db2e4378a3addc181ecf":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 2_5 (verify)
+pkcs1_rsassa_pss_verify:1025:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"86a83d4a72ee932a4f5630af6579a386b78fe88999e0abd2d49034a4bfc854dd94f1094e2e8cd7a179d19588e4aefc1b1bd25e95e3dd461f":"17639a4e88d722c4fca24d079a8b29c32433b0c9":"00ec430824931ebd3baa43034dae98ba646b8c36013d1671c3cf1cf8260c374b19f8e1cc8d965012405e7e9bf7378612dfcc85fce12cda11f950bd0ba8876740436c1d2595a64a1b32efcfb74a21c873b3cc33aaf4e3dc3953de67f0674c0453b4fd9f604406d441b816098cb106fe3472bc251f815f59db2e4378a3addc181ecf":0
+
+RSASSA-PSS Signature Example 2_6
+pkcs1_rsassa_pss_sign:1025:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"049f9154d871ac4a7c7ab45325ba7545a1ed08f70525b2667cf1":"37810def1055ed922b063df798de5d0aabf886ee":"00475b1648f814a8dc0abdc37b5527f543b666bb6e39d30e5b49d3b876dccc58eac14e32a2d55c2616014456ad2f246fc8e3d560da3ddf379a1c0bd200f10221df078c219a151bc8d4ec9d2fc2564467811014ef15d8ea01c2ebbff8c2c8efab38096e55fcbe3285c7aa558851254faffa92c1c72b78758663ef4582843139d7a6":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 2_6 (verify)
+pkcs1_rsassa_pss_verify:1025:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"049f9154d871ac4a7c7ab45325ba7545a1ed08f70525b2667cf1":"37810def1055ed922b063df798de5d0aabf886ee":"00475b1648f814a8dc0abdc37b5527f543b666bb6e39d30e5b49d3b876dccc58eac14e32a2d55c2616014456ad2f246fc8e3d560da3ddf379a1c0bd200f10221df078c219a151bc8d4ec9d2fc2564467811014ef15d8ea01c2ebbff8c2c8efab38096e55fcbe3285c7aa558851254faffa92c1c72b78758663ef4582843139d7a6":0
+
+RSASSA-PSS Signature Example 3_1
+pkcs1_rsassa_pss_sign:1026:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"594b37333bbb2c84524a87c1a01f75fcec0e3256f108e38dca36d70d0057":"f31ad6c8cf89df78ed77feacbcc2f8b0a8e4cfaa":"0088b135fb1794b6b96c4a3e678197f8cac52b64b2fe907d6f27de761124964a99a01a882740ecfaed6c01a47464bb05182313c01338a8cd097214cd68ca103bd57d3bc9e816213e61d784f182467abf8a01cf253e99a156eaa8e3e1f90e3c6e4e3aa2d83ed0345b89fafc9c26077c14b6ac51454fa26e446e3a2f153b2b16797f":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 3_1 (verify)
+pkcs1_rsassa_pss_verify:1026:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"594b37333bbb2c84524a87c1a01f75fcec0e3256f108e38dca36d70d0057":"f31ad6c8cf89df78ed77feacbcc2f8b0a8e4cfaa":"0088b135fb1794b6b96c4a3e678197f8cac52b64b2fe907d6f27de761124964a99a01a882740ecfaed6c01a47464bb05182313c01338a8cd097214cd68ca103bd57d3bc9e816213e61d784f182467abf8a01cf253e99a156eaa8e3e1f90e3c6e4e3aa2d83ed0345b89fafc9c26077c14b6ac51454fa26e446e3a2f153b2b16797f":0
+
+RSASSA-PSS Signature Example 3_2
+pkcs1_rsassa_pss_sign:1026:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8b769528884a0d1ffd090cf102993e796dadcfbddd38e44ff6324ca451":"fcf9f0e1f199a3d1d0da681c5b8606fc642939f7":"02a5f0a858a0864a4f65017a7d69454f3f973a2999839b7bbc48bf78641169179556f595fa41f6ff18e286c2783079bc0910ee9cc34f49ba681124f923dfa88f426141a368a5f5a930c628c2c3c200e18a7644721a0cbec6dd3f6279bde3e8f2be5e2d4ee56f97e7ceaf33054be7042bd91a63bb09f897bd41e81197dee99b11af":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 3_2 (verify)
+pkcs1_rsassa_pss_verify:1026:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8b769528884a0d1ffd090cf102993e796dadcfbddd38e44ff6324ca451":"fcf9f0e1f199a3d1d0da681c5b8606fc642939f7":"02a5f0a858a0864a4f65017a7d69454f3f973a2999839b7bbc48bf78641169179556f595fa41f6ff18e286c2783079bc0910ee9cc34f49ba681124f923dfa88f426141a368a5f5a930c628c2c3c200e18a7644721a0cbec6dd3f6279bde3e8f2be5e2d4ee56f97e7ceaf33054be7042bd91a63bb09f897bd41e81197dee99b11af":0
+
+RSASSA-PSS Signature Example 3_3
+pkcs1_rsassa_pss_sign:1026:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1abdba489c5ada2f995ed16f19d5a94d9e6ec34a8d84f84557d26e5ef9b02b22887e3f9a4b690ad1149209c20c61431f0c017c36c2657b35d7b07d3f5ad8708507a9c1b831df835a56f831071814ea5d3d8d8f6ade40cba38b42db7a2d3d7a29c8f0a79a7838cf58a9757fa2fe4c40df9baa193bfc6f92b123ad57b07ace3e6ac068c9f106afd9eeb03b4f37c25dbfbcfb3071f6f9771766d072f3bb070af6605532973ae25051":"986e7c43dbb671bd41b9a7f4b6afc80e805f2423":"0244bcd1c8c16955736c803be401272e18cb990811b14f72db964124d5fa760649cbb57afb8755dbb62bf51f466cf23a0a1607576e983d778fceffa92df7548aea8ea4ecad2c29dd9f95bc07fe91ecf8bee255bfe8762fd7690aa9bfa4fa0849ef728c2c42c4532364522df2ab7f9f8a03b63f7a499175828668f5ef5a29e3802c":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 3_3 (verify)
+pkcs1_rsassa_pss_verify:1026:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1abdba489c5ada2f995ed16f19d5a94d9e6ec34a8d84f84557d26e5ef9b02b22887e3f9a4b690ad1149209c20c61431f0c017c36c2657b35d7b07d3f5ad8708507a9c1b831df835a56f831071814ea5d3d8d8f6ade40cba38b42db7a2d3d7a29c8f0a79a7838cf58a9757fa2fe4c40df9baa193bfc6f92b123ad57b07ace3e6ac068c9f106afd9eeb03b4f37c25dbfbcfb3071f6f9771766d072f3bb070af6605532973ae25051":"986e7c43dbb671bd41b9a7f4b6afc80e805f2423":"0244bcd1c8c16955736c803be401272e18cb990811b14f72db964124d5fa760649cbb57afb8755dbb62bf51f466cf23a0a1607576e983d778fceffa92df7548aea8ea4ecad2c29dd9f95bc07fe91ecf8bee255bfe8762fd7690aa9bfa4fa0849ef728c2c42c4532364522df2ab7f9f8a03b63f7a499175828668f5ef5a29e3802c":0
+
+RSASSA-PSS Signature Example 3_4
+pkcs1_rsassa_pss_sign:1026:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8fb431f5ee792b6c2ac7db53cc428655aeb32d03f4e889c5c25de683c461b53acf89f9f8d3aabdf6b9f0c2a1de12e15b49edb3919a652fe9491c25a7fce1f722c2543608b69dc375ec":"f8312d9c8eea13ec0a4c7b98120c87509087c478":"0196f12a005b98129c8df13c4cb16f8aa887d3c40d96df3a88e7532ef39cd992f273abc370bc1be6f097cfebbf0118fd9ef4b927155f3df22b904d90702d1f7ba7a52bed8b8942f412cd7bd676c9d18e170391dcd345c06a730964b3f30bcce0bb20ba106f9ab0eeb39cf8a6607f75c0347f0af79f16afa081d2c92d1ee6f836b8":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 3_4 (verify)
+pkcs1_rsassa_pss_verify:1026:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8fb431f5ee792b6c2ac7db53cc428655aeb32d03f4e889c5c25de683c461b53acf89f9f8d3aabdf6b9f0c2a1de12e15b49edb3919a652fe9491c25a7fce1f722c2543608b69dc375ec":"f8312d9c8eea13ec0a4c7b98120c87509087c478":"0196f12a005b98129c8df13c4cb16f8aa887d3c40d96df3a88e7532ef39cd992f273abc370bc1be6f097cfebbf0118fd9ef4b927155f3df22b904d90702d1f7ba7a52bed8b8942f412cd7bd676c9d18e170391dcd345c06a730964b3f30bcce0bb20ba106f9ab0eeb39cf8a6607f75c0347f0af79f16afa081d2c92d1ee6f836b8":0
+
+RSASSA-PSS Signature Example 3_5
+pkcs1_rsassa_pss_sign:1026:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"fef4161dfaaf9c5295051dfc1ff3810c8c9ec2e866f7075422c8ec4216a9c4ff49427d483cae10c8534a41b2fd15fee06960ec6fb3f7a7e94a2f8a2e3e43dc4a40576c3097ac953b1de86f0b4ed36d644f23ae14425529622464ca0cbf0b1741347238157fab59e4de5524096d62baec63ac64":"50327efec6292f98019fc67a2a6638563e9b6e2d":"021eca3ab4892264ec22411a752d92221076d4e01c0e6f0dde9afd26ba5acf6d739ef987545d16683e5674c9e70f1de649d7e61d48d0caeb4fb4d8b24fba84a6e3108fee7d0705973266ac524b4ad280f7ae17dc59d96d3351586b5a3bdb895d1e1f7820ac6135d8753480998382ba32b7349559608c38745290a85ef4e9f9bd83":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 3_5 (verify)
+pkcs1_rsassa_pss_verify:1026:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"fef4161dfaaf9c5295051dfc1ff3810c8c9ec2e866f7075422c8ec4216a9c4ff49427d483cae10c8534a41b2fd15fee06960ec6fb3f7a7e94a2f8a2e3e43dc4a40576c3097ac953b1de86f0b4ed36d644f23ae14425529622464ca0cbf0b1741347238157fab59e4de5524096d62baec63ac64":"50327efec6292f98019fc67a2a6638563e9b6e2d":"021eca3ab4892264ec22411a752d92221076d4e01c0e6f0dde9afd26ba5acf6d739ef987545d16683e5674c9e70f1de649d7e61d48d0caeb4fb4d8b24fba84a6e3108fee7d0705973266ac524b4ad280f7ae17dc59d96d3351586b5a3bdb895d1e1f7820ac6135d8753480998382ba32b7349559608c38745290a85ef4e9f9bd83":0
+
+RSASSA-PSS Signature Example 3_6
+pkcs1_rsassa_pss_sign:1026:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"efd237bb098a443aeeb2bf6c3f8c81b8c01b7fcb3feb":"b0de3fc25b65f5af96b1d5cc3b27d0c6053087b3":"012fafec862f56e9e92f60ab0c77824f4299a0ca734ed26e0644d5d222c7f0bde03964f8e70a5cb65ed44e44d56ae0edf1ff86ca032cc5dd4404dbb76ab854586c44eed8336d08d457ce6c03693b45c0f1efef93624b95b8ec169c616d20e5538ebc0b6737a6f82b4bc0570924fc6b35759a3348426279f8b3d7744e2d222426ce":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 3_6 (verify)
+pkcs1_rsassa_pss_verify:1026:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"efd237bb098a443aeeb2bf6c3f8c81b8c01b7fcb3feb":"b0de3fc25b65f5af96b1d5cc3b27d0c6053087b3":"012fafec862f56e9e92f60ab0c77824f4299a0ca734ed26e0644d5d222c7f0bde03964f8e70a5cb65ed44e44d56ae0edf1ff86ca032cc5dd4404dbb76ab854586c44eed8336d08d457ce6c03693b45c0f1efef93624b95b8ec169c616d20e5538ebc0b6737a6f82b4bc0570924fc6b35759a3348426279f8b3d7744e2d222426ce":0
+
+RSASSA-PSS Signature Example 4_1
+pkcs1_rsassa_pss_sign:1027:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9fb03b827c8217d9":"ed7c98c95f30974fbe4fbddcf0f28d6021c0e91d":"0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 4_1 (verify)
+pkcs1_rsassa_pss_verify:1027:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9fb03b827c8217d9":"ed7c98c95f30974fbe4fbddcf0f28d6021c0e91d":"0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948":0
+
+RSASSA-PSS Signature Example 4_2
+pkcs1_rsassa_pss_sign:1027:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0ca2ad77797ece86de5bf768750ddb5ed6a3116ad99bbd17edf7f782f0db1cd05b0f677468c5ea420dc116b10e80d110de2b0461ea14a38be68620392e7e893cb4ea9393fb886c20ff790642305bf302003892e54df9f667509dc53920df583f50a3dd61abb6fab75d600377e383e6aca6710eeea27156e06752c94ce25ae99fcbf8592dbe2d7e27453cb44de07100ebb1a2a19811a478adbeab270f94e8fe369d90b3ca612f9f":"22d71d54363a4217aa55113f059b3384e3e57e44":"049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 4_2 (verify)
+pkcs1_rsassa_pss_verify:1027:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0ca2ad77797ece86de5bf768750ddb5ed6a3116ad99bbd17edf7f782f0db1cd05b0f677468c5ea420dc116b10e80d110de2b0461ea14a38be68620392e7e893cb4ea9393fb886c20ff790642305bf302003892e54df9f667509dc53920df583f50a3dd61abb6fab75d600377e383e6aca6710eeea27156e06752c94ce25ae99fcbf8592dbe2d7e27453cb44de07100ebb1a2a19811a478adbeab270f94e8fe369d90b3ca612f9f":"22d71d54363a4217aa55113f059b3384e3e57e44":"049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598":0
+
+RSASSA-PSS Signature Example 4_3
+pkcs1_rsassa_pss_sign:1027:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"288062afc08fcdb7c5f8650b29837300461dd5676c17a20a3c8fb5148949e3f73d66b3ae82c7240e27c5b3ec4328ee7d6ddf6a6a0c9b5b15bcda196a9d0c76b119d534d85abd123962d583b76ce9d180bce1ca":"4af870fbc6516012ca916c70ba862ac7e8243617":"03fbc410a2ced59500fb99f9e2af2781ada74e13145624602782e2994813eefca0519ecd253b855fb626a90d771eae028b0c47a199cbd9f8e3269734af4163599090713a3fa910fa0960652721432b971036a7181a2bc0cab43b0b598bc6217461d7db305ff7e954c5b5bb231c39e791af6bcfa76b147b081321f72641482a2aad":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 4_3 (verify)
+pkcs1_rsassa_pss_verify:1027:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"288062afc08fcdb7c5f8650b29837300461dd5676c17a20a3c8fb5148949e3f73d66b3ae82c7240e27c5b3ec4328ee7d6ddf6a6a0c9b5b15bcda196a9d0c76b119d534d85abd123962d583b76ce9d180bce1ca":"4af870fbc6516012ca916c70ba862ac7e8243617":"03fbc410a2ced59500fb99f9e2af2781ada74e13145624602782e2994813eefca0519ecd253b855fb626a90d771eae028b0c47a199cbd9f8e3269734af4163599090713a3fa910fa0960652721432b971036a7181a2bc0cab43b0b598bc6217461d7db305ff7e954c5b5bb231c39e791af6bcfa76b147b081321f72641482a2aad":0
+
+RSASSA-PSS Signature Example 4_4
+pkcs1_rsassa_pss_sign:1027:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"6f4f9ab9501199cef55c6cf408fe7b36c557c49d420a4763d2463c8ad44b3cfc5be2742c0e7d9b0f6608f08c7f47b693ee":"40d2e180fae1eac439c190b56c2c0e14ddf9a226":"0486644bc66bf75d28335a6179b10851f43f09bded9fac1af33252bb9953ba4298cd6466b27539a70adaa3f89b3db3c74ab635d122f4ee7ce557a61e59b82ffb786630e5f9db53c77d9a0c12fab5958d4c2ce7daa807cd89ba2cc7fcd02ff470ca67b229fcce814c852c73cc93bea35be68459ce478e9d4655d121c8472f371d4f":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 4_4 (verify)
+pkcs1_rsassa_pss_verify:1027:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"6f4f9ab9501199cef55c6cf408fe7b36c557c49d420a4763d2463c8ad44b3cfc5be2742c0e7d9b0f6608f08c7f47b693ee":"40d2e180fae1eac439c190b56c2c0e14ddf9a226":"0486644bc66bf75d28335a6179b10851f43f09bded9fac1af33252bb9953ba4298cd6466b27539a70adaa3f89b3db3c74ab635d122f4ee7ce557a61e59b82ffb786630e5f9db53c77d9a0c12fab5958d4c2ce7daa807cd89ba2cc7fcd02ff470ca67b229fcce814c852c73cc93bea35be68459ce478e9d4655d121c8472f371d4f":0
+
+RSASSA-PSS Signature Example 4_5
+pkcs1_rsassa_pss_sign:1027:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e17d20385d501955823c3f666254c1d3dd36ad5168b8f18d286fdcf67a7dad94097085fab7ed86fe2142a28771717997ef1a7a08884efc39356d76077aaf82459a7fad45848875f2819b098937fe923bcc9dc442d72d754d812025090c9bc03db3080c138dd63b355d0b4b85d6688ac19f4de15084a0ba4e373b93ef4a555096691915dc23c00e954cdeb20a47cd55d16c3d8681d46ed7f2ed5ea42795be17baed25f0f4d113b3636addd585f16a8b5aec0c8fa9c5f03cbf3b9b73":"2497dc2b4615dfae5a663d49ffd56bf7efc11304":"022a80045353904cb30cbb542d7d4990421a6eec16a8029a8422adfd22d6aff8c4cc0294af110a0c067ec86a7d364134459bb1ae8ff836d5a8a2579840996b320b19f13a13fad378d931a65625dae2739f0c53670b35d9d3cbac08e733e4ec2b83af4b9196d63e7c4ff1ddeae2a122791a125bfea8deb0de8ccf1f4ffaf6e6fb0a":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 4_5 (verify)
+pkcs1_rsassa_pss_verify:1027:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e17d20385d501955823c3f666254c1d3dd36ad5168b8f18d286fdcf67a7dad94097085fab7ed86fe2142a28771717997ef1a7a08884efc39356d76077aaf82459a7fad45848875f2819b098937fe923bcc9dc442d72d754d812025090c9bc03db3080c138dd63b355d0b4b85d6688ac19f4de15084a0ba4e373b93ef4a555096691915dc23c00e954cdeb20a47cd55d16c3d8681d46ed7f2ed5ea42795be17baed25f0f4d113b3636addd585f16a8b5aec0c8fa9c5f03cbf3b9b73":"2497dc2b4615dfae5a663d49ffd56bf7efc11304":"022a80045353904cb30cbb542d7d4990421a6eec16a8029a8422adfd22d6aff8c4cc0294af110a0c067ec86a7d364134459bb1ae8ff836d5a8a2579840996b320b19f13a13fad378d931a65625dae2739f0c53670b35d9d3cbac08e733e4ec2b83af4b9196d63e7c4ff1ddeae2a122791a125bfea8deb0de8ccf1f4ffaf6e6fb0a":0
+
+RSASSA-PSS Signature Example 4_6
+pkcs1_rsassa_pss_sign:1027:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"afbc19d479249018fdf4e09f618726440495de11ddeee38872d775fcea74a23896b5343c9c38d46af0dba224d047580cc60a65e9391cf9b59b36a860598d4e8216722f993b91cfae87bc255af89a6a199bca4a391eadbc3a24903c0bd667368f6be78e3feabfb4ffd463122763740ffbbefeab9a25564bc5d1c24c93e422f75073e2ad72bf45b10df00b52a147128e73fee33fa3f0577d77f80fbc2df1bed313290c12777f50":"a334db6faebf11081a04f87c2d621cdec7930b9b":"00938dcb6d583046065f69c78da7a1f1757066a7fa75125a9d2929f0b79a60b627b082f11f5b196f28eb9daa6f21c05e5140f6aef1737d2023075c05ecf04a028c686a2ab3e7d5a0664f295ce12995e890908b6ad21f0839eb65b70393a7b5afd9871de0caa0cedec5b819626756209d13ab1e7bb9546a26ff37e9a51af9fd562e":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 4_6 (verify)
+pkcs1_rsassa_pss_verify:1027:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"afbc19d479249018fdf4e09f618726440495de11ddeee38872d775fcea74a23896b5343c9c38d46af0dba224d047580cc60a65e9391cf9b59b36a860598d4e8216722f993b91cfae87bc255af89a6a199bca4a391eadbc3a24903c0bd667368f6be78e3feabfb4ffd463122763740ffbbefeab9a25564bc5d1c24c93e422f75073e2ad72bf45b10df00b52a147128e73fee33fa3f0577d77f80fbc2df1bed313290c12777f50":"a334db6faebf11081a04f87c2d621cdec7930b9b":"00938dcb6d583046065f69c78da7a1f1757066a7fa75125a9d2929f0b79a60b627b082f11f5b196f28eb9daa6f21c05e5140f6aef1737d2023075c05ecf04a028c686a2ab3e7d5a0664f295ce12995e890908b6ad21f0839eb65b70393a7b5afd9871de0caa0cedec5b819626756209d13ab1e7bb9546a26ff37e9a51af9fd562e":0
+
+RSASSA-PSS Signature Example 5_1
+pkcs1_rsassa_pss_sign:1028:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"30c7d557458b436decfdc14d06cb7b96b06718c48d7de57482a868ae7f065870a6216506d11b779323dfdf046cf5775129134b4d5689e4d9c0ce1e12d7d4b06cb5fc5820decfa41baf59bf257b32f025b7679b445b9499c92555145885992f1b76f84891ee4d3be0f5150fd5901e3a4c8ed43fd36b61d022e65ad5008dbf33293c22bfbfd07321f0f1d5fa9fdf0014c2fcb0358aad0e354b0d29":"081b233b43567750bd6e78f396a88b9f6a445151":"0ba373f76e0921b70a8fbfe622f0bf77b28a3db98e361051c3d7cb92ad0452915a4de9c01722f6823eeb6adf7e0ca8290f5de3e549890ac2a3c5950ab217ba58590894952de96f8df111b2575215da6c161590c745be612476ee578ed384ab33e3ece97481a252f5c79a98b5532ae00cdd62f2ecc0cd1baefe80d80b962193ec1d":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 5_1 (verify)
+pkcs1_rsassa_pss_verify:1028:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"30c7d557458b436decfdc14d06cb7b96b06718c48d7de57482a868ae7f065870a6216506d11b779323dfdf046cf5775129134b4d5689e4d9c0ce1e12d7d4b06cb5fc5820decfa41baf59bf257b32f025b7679b445b9499c92555145885992f1b76f84891ee4d3be0f5150fd5901e3a4c8ed43fd36b61d022e65ad5008dbf33293c22bfbfd07321f0f1d5fa9fdf0014c2fcb0358aad0e354b0d29":"081b233b43567750bd6e78f396a88b9f6a445151":"0ba373f76e0921b70a8fbfe622f0bf77b28a3db98e361051c3d7cb92ad0452915a4de9c01722f6823eeb6adf7e0ca8290f5de3e549890ac2a3c5950ab217ba58590894952de96f8df111b2575215da6c161590c745be612476ee578ed384ab33e3ece97481a252f5c79a98b5532ae00cdd62f2ecc0cd1baefe80d80b962193ec1d":0
+
+RSASSA-PSS Signature Example 5_2
+pkcs1_rsassa_pss_sign:1028:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e7b32e1556ea1b2795046ac69739d22ac8966bf11c116f614b166740e96b90653e5750945fcf772186c03790a07fda323e1a61916b06ee2157db3dff80d67d5e39a53ae268c8f09ed99a732005b0bc6a04af4e08d57a00e7201b3060efaadb73113bfc087fd837093aa25235b8c149f56215f031c24ad5bde7f29960df7d524070f7449c6f785084be1a0f733047f336f9154738674547db02a9f44dfc6e60301081e1ce99847f3b5b601ff06b4d5776a9740b9aa0d34058fd3b906e4f7859dfb07d7173e5e6f6350adac21f27b2307469":"bd0ce19549d0700120cbe51077dbbbb00a8d8b09":"08180de825e4b8b014a32da8ba761555921204f2f90d5f24b712908ff84f3e220ad17997c0dd6e706630ba3e84add4d5e7ab004e58074b549709565d43ad9e97b5a7a1a29e85b9f90f4aafcdf58321de8c5974ef9abf2d526f33c0f2f82e95d158ea6b81f1736db8d1af3d6ac6a83b32d18bae0ff1b2fe27de4c76ed8c7980a34e":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 5_2 (verify)
+pkcs1_rsassa_pss_verify:1028:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e7b32e1556ea1b2795046ac69739d22ac8966bf11c116f614b166740e96b90653e5750945fcf772186c03790a07fda323e1a61916b06ee2157db3dff80d67d5e39a53ae268c8f09ed99a732005b0bc6a04af4e08d57a00e7201b3060efaadb73113bfc087fd837093aa25235b8c149f56215f031c24ad5bde7f29960df7d524070f7449c6f785084be1a0f733047f336f9154738674547db02a9f44dfc6e60301081e1ce99847f3b5b601ff06b4d5776a9740b9aa0d34058fd3b906e4f7859dfb07d7173e5e6f6350adac21f27b2307469":"bd0ce19549d0700120cbe51077dbbbb00a8d8b09":"08180de825e4b8b014a32da8ba761555921204f2f90d5f24b712908ff84f3e220ad17997c0dd6e706630ba3e84add4d5e7ab004e58074b549709565d43ad9e97b5a7a1a29e85b9f90f4aafcdf58321de8c5974ef9abf2d526f33c0f2f82e95d158ea6b81f1736db8d1af3d6ac6a83b32d18bae0ff1b2fe27de4c76ed8c7980a34e":0
+
+RSASSA-PSS Signature Example 5_3
+pkcs1_rsassa_pss_sign:1028:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8d8396e36507fe1ef6a19017548e0c716674c2fec233adb2f775665ec41f2bd0ba396b061a9daa7e866f7c23fd3531954300a342f924535ea1498c48f6c879932865fc02000c528723b7ad0335745b51209a0afed932af8f0887c219004d2abd894ea92559ee3198af3a734fe9b9638c263a728ad95a5ae8ce3eb15839f3aa7852bb390706e7760e43a71291a2e3f827237deda851874c517665f545f27238df86557f375d09ccd8bd15d8ccf61f5d78ca5c7f5cde782e6bf5d0057056d4bad98b3d2f9575e824ab7a33ff57b0ac100ab0d6ead7aa0b50f6e4d3e5ec0b966b":"815779a91b3a8bd049bf2aeb920142772222c9ca":"05e0fdbdf6f756ef733185ccfa8ced2eb6d029d9d56e35561b5db8e70257ee6fd019d2f0bbf669fe9b9821e78df6d41e31608d58280f318ee34f559941c8df13287574bac000b7e58dc4f414ba49fb127f9d0f8936638c76e85356c994f79750f7fa3cf4fd482df75e3fb9978cd061f7abb17572e6e63e0bde12cbdcf18c68b979":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 5_3 (verify)
+pkcs1_rsassa_pss_verify:1028:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8d8396e36507fe1ef6a19017548e0c716674c2fec233adb2f775665ec41f2bd0ba396b061a9daa7e866f7c23fd3531954300a342f924535ea1498c48f6c879932865fc02000c528723b7ad0335745b51209a0afed932af8f0887c219004d2abd894ea92559ee3198af3a734fe9b9638c263a728ad95a5ae8ce3eb15839f3aa7852bb390706e7760e43a71291a2e3f827237deda851874c517665f545f27238df86557f375d09ccd8bd15d8ccf61f5d78ca5c7f5cde782e6bf5d0057056d4bad98b3d2f9575e824ab7a33ff57b0ac100ab0d6ead7aa0b50f6e4d3e5ec0b966b":"815779a91b3a8bd049bf2aeb920142772222c9ca":"05e0fdbdf6f756ef733185ccfa8ced2eb6d029d9d56e35561b5db8e70257ee6fd019d2f0bbf669fe9b9821e78df6d41e31608d58280f318ee34f559941c8df13287574bac000b7e58dc4f414ba49fb127f9d0f8936638c76e85356c994f79750f7fa3cf4fd482df75e3fb9978cd061f7abb17572e6e63e0bde12cbdcf18c68b979":0
+
+RSASSA-PSS Signature Example 5_4
+pkcs1_rsassa_pss_sign:1028:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"328c659e0a6437433cceb73c14":"9aec4a7480d5bbc42920d7ca235db674989c9aac":"0bc989853bc2ea86873271ce183a923ab65e8a53100e6df5d87a24c4194eb797813ee2a187c097dd872d591da60c568605dd7e742d5af4e33b11678ccb63903204a3d080b0902c89aba8868f009c0f1c0cb85810bbdd29121abb8471ff2d39e49fd92d56c655c8e037ad18fafbdc92c95863f7f61ea9efa28fea401369d19daea1":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 5_4 (verify)
+pkcs1_rsassa_pss_verify:1028:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"328c659e0a6437433cceb73c14":"9aec4a7480d5bbc42920d7ca235db674989c9aac":"0bc989853bc2ea86873271ce183a923ab65e8a53100e6df5d87a24c4194eb797813ee2a187c097dd872d591da60c568605dd7e742d5af4e33b11678ccb63903204a3d080b0902c89aba8868f009c0f1c0cb85810bbdd29121abb8471ff2d39e49fd92d56c655c8e037ad18fafbdc92c95863f7f61ea9efa28fea401369d19daea1":0
+
+RSASSA-PSS Signature Example 5_5
+pkcs1_rsassa_pss_sign:1028:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f37b962379a47d415a376eec8973150bcb34edd5ab654041b61430560c2144582ba133c867d852d6b8e23321901302ecb45b09ec88b1527178fa043263f3067d9ffe973032a99f4cb08ad2c7e0a2456cdd57a7df56fe6053527a5aeb67d7e552063c1ca97b1beffa7b39e997caf27878ea0f62cbebc8c21df4c889a202851e949088490c249b6e9acf1d8063f5be2343989bf95c4da01a2be78b4ab6b378015bc37957f76948b5e58e440c28453d40d7cfd57e7d690600474ab5e75973b1ea0c5f1e45d14190afe2f4eb6d3bdf71f1d2f8bb156a1c295d04aaeb9d689dce79ed62bc443e":"e20c1e9878512c39970f58375e1549a68b64f31d":"0aefa943b698b9609edf898ad22744ac28dc239497cea369cbbd84f65c95c0ad776b594740164b59a739c6ff7c2f07c7c077a86d95238fe51e1fcf33574a4ae0684b42a3f6bf677d91820ca89874467b2c23add77969c80717430d0efc1d3695892ce855cb7f7011630f4df26def8ddf36fc23905f57fa6243a485c770d5681fcd":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 5_5 (verify)
+pkcs1_rsassa_pss_verify:1028:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f37b962379a47d415a376eec8973150bcb34edd5ab654041b61430560c2144582ba133c867d852d6b8e23321901302ecb45b09ec88b1527178fa043263f3067d9ffe973032a99f4cb08ad2c7e0a2456cdd57a7df56fe6053527a5aeb67d7e552063c1ca97b1beffa7b39e997caf27878ea0f62cbebc8c21df4c889a202851e949088490c249b6e9acf1d8063f5be2343989bf95c4da01a2be78b4ab6b378015bc37957f76948b5e58e440c28453d40d7cfd57e7d690600474ab5e75973b1ea0c5f1e45d14190afe2f4eb6d3bdf71f1d2f8bb156a1c295d04aaeb9d689dce79ed62bc443e":"e20c1e9878512c39970f58375e1549a68b64f31d":"0aefa943b698b9609edf898ad22744ac28dc239497cea369cbbd84f65c95c0ad776b594740164b59a739c6ff7c2f07c7c077a86d95238fe51e1fcf33574a4ae0684b42a3f6bf677d91820ca89874467b2c23add77969c80717430d0efc1d3695892ce855cb7f7011630f4df26def8ddf36fc23905f57fa6243a485c770d5681fcd":0
+
+RSASSA-PSS Signature Example 5_6
+pkcs1_rsassa_pss_sign:1028:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"c6103c330c1ef718c141e47b8fa859be4d5b96259e7d142070ecd485839dba5a8369c17c1114035e532d195c74f44a0476a2d3e8a4da210016caced0e367cb867710a4b5aa2df2b8e5daf5fdc647807d4d5ebb6c56b9763ccdae4dea3308eb0ac2a89501cb209d2639fa5bf87ce790747d3cb2d295e84564f2f637824f0c13028129b0aa4a422d162282":"23291e4a3307e8bbb776623ab34e4a5f4cc8a8db":"02802dccfa8dfaf5279bf0b4a29ba1b157611faeaaf419b8919d15941900c1339e7e92e6fae562c53e6cc8e84104b110bce03ad18525e3c49a0eadad5d3f28f244a8ed89edbafbb686277cfa8ae909714d6b28f4bf8e293aa04c41efe7c0a81266d5c061e2575be032aa464674ff71626219bd74cc45f0e7ed4e3ff96eee758e8f":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 5_6 (verify)
+pkcs1_rsassa_pss_verify:1028:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"c6103c330c1ef718c141e47b8fa859be4d5b96259e7d142070ecd485839dba5a8369c17c1114035e532d195c74f44a0476a2d3e8a4da210016caced0e367cb867710a4b5aa2df2b8e5daf5fdc647807d4d5ebb6c56b9763ccdae4dea3308eb0ac2a89501cb209d2639fa5bf87ce790747d3cb2d295e84564f2f637824f0c13028129b0aa4a422d162282":"23291e4a3307e8bbb776623ab34e4a5f4cc8a8db":"02802dccfa8dfaf5279bf0b4a29ba1b157611faeaaf419b8919d15941900c1339e7e92e6fae562c53e6cc8e84104b110bce03ad18525e3c49a0eadad5d3f28f244a8ed89edbafbb686277cfa8ae909714d6b28f4bf8e293aa04c41efe7c0a81266d5c061e2575be032aa464674ff71626219bd74cc45f0e7ed4e3ff96eee758e8f":0
+
+RSASSA-PSS Signature Example 6_1
+pkcs1_rsassa_pss_sign:1029:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0a20b774addc2fa51245ed7cb9da609e50cac6636a52543f97458eed7340f8d53ffc64918f949078ee03ef60d42b5fec246050bd5505cd8cb597bad3c4e713b0ef30644e76adabb0de01a1561efb255158c74fc801e6e919e581b46f0f0ddd08e4f34c7810b5ed8318f91d7c8c":"5b4ea2ef629cc22f3b538e016904b47b1e40bfd5":"04c0cfacec04e5badbece159a5a1103f69b3f32ba593cb4cc4b1b7ab455916a96a27cd2678ea0f46ba37f7fc9c86325f29733b389f1d97f43e7201c0f348fc45fe42892335362eee018b5b161f2f9393031225c713012a576bc88e23052489868d9010cbf033ecc568e8bc152bdc59d560e41291915d28565208e22aeec9ef85d1":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 6_1 (verify)
+pkcs1_rsassa_pss_verify:1029:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0a20b774addc2fa51245ed7cb9da609e50cac6636a52543f97458eed7340f8d53ffc64918f949078ee03ef60d42b5fec246050bd5505cd8cb597bad3c4e713b0ef30644e76adabb0de01a1561efb255158c74fc801e6e919e581b46f0f0ddd08e4f34c7810b5ed8318f91d7c8c":"5b4ea2ef629cc22f3b538e016904b47b1e40bfd5":"04c0cfacec04e5badbece159a5a1103f69b3f32ba593cb4cc4b1b7ab455916a96a27cd2678ea0f46ba37f7fc9c86325f29733b389f1d97f43e7201c0f348fc45fe42892335362eee018b5b161f2f9393031225c713012a576bc88e23052489868d9010cbf033ecc568e8bc152bdc59d560e41291915d28565208e22aeec9ef85d1":0
+
+RSASSA-PSS Signature Example 6_2
+pkcs1_rsassa_pss_sign:1029:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"2aaff6631f621ce615760a9ebce94bb333077ad86488c861d4b76d29c1f48746c611ae1e03ced4445d7cfa1fe5f62e1b3f08452bde3b6ef81973bafbb57f97bceef873985395b8260589aa88cb7db50ab469262e551bdcd9a56f275a0ac4fe484700c35f3dbf2b469ede864741b86fa59172a360ba95a02e139be50ddfb7cf0b42faeabbfbbaa86a4497699c4f2dfd5b08406af7e14144427c253ec0efa20eaf9a8be8cd49ce1f1bc4e93e619cf2aa8ed4fb39bc8590d0f7b96488f7317ac9abf7bee4e3a0e715":"83146a9e782722c28b014f98b4267bda2ac9504f":"0a2314250cf52b6e4e908de5b35646bcaa24361da8160fb0f9257590ab3ace42b0dc3e77ad2db7c203a20bd952fbb56b1567046ecfaa933d7b1000c3de9ff05b7d989ba46fd43bc4c2d0a3986b7ffa13471d37eb5b47d64707bd290cfd6a9f393ad08ec1e3bd71bb5792615035cdaf2d8929aed3be098379377e777ce79aaa4773":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 6_2 (verify)
+pkcs1_rsassa_pss_verify:1029:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"2aaff6631f621ce615760a9ebce94bb333077ad86488c861d4b76d29c1f48746c611ae1e03ced4445d7cfa1fe5f62e1b3f08452bde3b6ef81973bafbb57f97bceef873985395b8260589aa88cb7db50ab469262e551bdcd9a56f275a0ac4fe484700c35f3dbf2b469ede864741b86fa59172a360ba95a02e139be50ddfb7cf0b42faeabbfbbaa86a4497699c4f2dfd5b08406af7e14144427c253ec0efa20eaf9a8be8cd49ce1f1bc4e93e619cf2aa8ed4fb39bc8590d0f7b96488f7317ac9abf7bee4e3a0e715":"83146a9e782722c28b014f98b4267bda2ac9504f":"0a2314250cf52b6e4e908de5b35646bcaa24361da8160fb0f9257590ab3ace42b0dc3e77ad2db7c203a20bd952fbb56b1567046ecfaa933d7b1000c3de9ff05b7d989ba46fd43bc4c2d0a3986b7ffa13471d37eb5b47d64707bd290cfd6a9f393ad08ec1e3bd71bb5792615035cdaf2d8929aed3be098379377e777ce79aaa4773":0
+
+RSASSA-PSS Signature Example 6_3
+pkcs1_rsassa_pss_sign:1029:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0f6195d04a6e6fc7e2c9600dbf840c39ea8d4d624fd53507016b0e26858a5e0aecd7ada543ae5c0ab3a62599cba0a54e6bf446e262f989978f9ddf5e9a41":"a87b8aed07d7b8e2daf14ddca4ac68c4d0aabff8":"086df6b500098c120f24ff8423f727d9c61a5c9007d3b6a31ce7cf8f3cbec1a26bb20e2bd4a046793299e03e37a21b40194fb045f90b18bf20a47992ccd799cf9c059c299c0526854954aade8a6ad9d97ec91a1145383f42468b231f4d72f23706d9853c3fa43ce8ace8bfe7484987a1ec6a16c8daf81f7c8bf42774707a9df456":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 6_3 (verify)
+pkcs1_rsassa_pss_verify:1029:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0f6195d04a6e6fc7e2c9600dbf840c39ea8d4d624fd53507016b0e26858a5e0aecd7ada543ae5c0ab3a62599cba0a54e6bf446e262f989978f9ddf5e9a41":"a87b8aed07d7b8e2daf14ddca4ac68c4d0aabff8":"086df6b500098c120f24ff8423f727d9c61a5c9007d3b6a31ce7cf8f3cbec1a26bb20e2bd4a046793299e03e37a21b40194fb045f90b18bf20a47992ccd799cf9c059c299c0526854954aade8a6ad9d97ec91a1145383f42468b231f4d72f23706d9853c3fa43ce8ace8bfe7484987a1ec6a16c8daf81f7c8bf42774707a9df456":0
+
+RSASSA-PSS Signature Example 6_4
+pkcs1_rsassa_pss_sign:1029:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"337d25fe9810ebca0de4d4658d3ceb8e0fe4c066aba3bcc48b105d3bf7e0257d44fecea6596f4d0c59a08402833678f70620f9138dfeb7ded905e4a6d5f05c473d55936652e2a5df43c0cfda7bacaf3087f4524b06cf42157d01539739f7fddec9d58125df31a32eab06c19b71f1d5bf":"a37932f8a7494a942d6f767438e724d6d0c0ef18":"0b5b11ad549863ffa9c51a14a1106c2a72cc8b646e5c7262509786105a984776534ca9b54c1cc64bf2d5a44fd7e8a69db699d5ea52087a4748fd2abc1afed1e5d6f7c89025530bdaa2213d7e030fa55df6f34bcf1ce46d2edf4e3ae4f3b01891a068c9e3a44bbc43133edad6ecb9f35400c4252a5762d65744b99cb9f4c559329f":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 6_4 (verify)
+pkcs1_rsassa_pss_verify:1029:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"337d25fe9810ebca0de4d4658d3ceb8e0fe4c066aba3bcc48b105d3bf7e0257d44fecea6596f4d0c59a08402833678f70620f9138dfeb7ded905e4a6d5f05c473d55936652e2a5df43c0cfda7bacaf3087f4524b06cf42157d01539739f7fddec9d58125df31a32eab06c19b71f1d5bf":"a37932f8a7494a942d6f767438e724d6d0c0ef18":"0b5b11ad549863ffa9c51a14a1106c2a72cc8b646e5c7262509786105a984776534ca9b54c1cc64bf2d5a44fd7e8a69db699d5ea52087a4748fd2abc1afed1e5d6f7c89025530bdaa2213d7e030fa55df6f34bcf1ce46d2edf4e3ae4f3b01891a068c9e3a44bbc43133edad6ecb9f35400c4252a5762d65744b99cb9f4c559329f":0
+
+RSASSA-PSS Signature Example 6_5
+pkcs1_rsassa_pss_sign:1029:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"84ec502b072e8287789d8f9235829ea3b187afd4d4c785611bda5f9eb3cb96717efa7007227f1c08cbcb972e667235e0fb7d431a6570326d2ecce35adb373dc753b3be5f829b89175493193fab16badb41371b3aac0ae670076f24bef420c135add7cee8d35fbc944d79fafb9e307a13b0f556cb654a06f973ed22672330197ef5a748bf826a5db2383a25364b686b9372bb2339aeb1ac9e9889327d016f1670776db06201adbdcaf8a5e3b74e108b73":"7b790c1d62f7b84e94df6af28917cf571018110e":"02d71fa9b53e4654fefb7f08385cf6b0ae3a817942ebf66c35ac67f0b069952a3ce9c7e1f1b02e480a9500836de5d64cdb7ecde04542f7a79988787e24c2ba05f5fd482c023ed5c30e04839dc44bed2a3a3a4fee01113c891a47d32eb8025c28cb050b5cdb576c70fe76ef523405c08417faf350b037a43c379339fcb18d3a356b":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 6_5 (verify)
+pkcs1_rsassa_pss_verify:1029:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"84ec502b072e8287789d8f9235829ea3b187afd4d4c785611bda5f9eb3cb96717efa7007227f1c08cbcb972e667235e0fb7d431a6570326d2ecce35adb373dc753b3be5f829b89175493193fab16badb41371b3aac0ae670076f24bef420c135add7cee8d35fbc944d79fafb9e307a13b0f556cb654a06f973ed22672330197ef5a748bf826a5db2383a25364b686b9372bb2339aeb1ac9e9889327d016f1670776db06201adbdcaf8a5e3b74e108b73":"7b790c1d62f7b84e94df6af28917cf571018110e":"02d71fa9b53e4654fefb7f08385cf6b0ae3a817942ebf66c35ac67f0b069952a3ce9c7e1f1b02e480a9500836de5d64cdb7ecde04542f7a79988787e24c2ba05f5fd482c023ed5c30e04839dc44bed2a3a3a4fee01113c891a47d32eb8025c28cb050b5cdb576c70fe76ef523405c08417faf350b037a43c379339fcb18d3a356b":0
+
+RSASSA-PSS Signature Example 6_6
+pkcs1_rsassa_pss_sign:1029:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9906d89f97a9fdedd3ccd824db687326f30f00aa25a7fca2afcb3b0f86cd41e73f0e8ff7d2d83f59e28ed31a5a0d551523374de22e4c7e8ff568b386ee3dc41163f10bf67bb006261c9082f9af90bf1d9049a6b9fae71c7f84fbe6e55f02789de774f230f115026a4b4e96c55b04a95da3aacbb2cece8f81764a1f1c99515411087cf7d34aeded0932c183":"fbbe059025b69b89fb14ae2289e7aaafe60c0fcd":"0a40a16e2fe2b38d1df90546167cf9469c9e3c3681a3442b4b2c2f581deb385ce99fc6188bb02a841d56e76d301891e24560550fcc2a26b55f4ccb26d837d350a154bcaca8392d98fa67959e9727b78cad03269f56968fc56b68bd679926d83cc9cb215550645ccda31c760ff35888943d2d8a1d351e81e5d07b86182e751081ef":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 6_6 (verify)
+pkcs1_rsassa_pss_verify:1029:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9906d89f97a9fdedd3ccd824db687326f30f00aa25a7fca2afcb3b0f86cd41e73f0e8ff7d2d83f59e28ed31a5a0d551523374de22e4c7e8ff568b386ee3dc41163f10bf67bb006261c9082f9af90bf1d9049a6b9fae71c7f84fbe6e55f02789de774f230f115026a4b4e96c55b04a95da3aacbb2cece8f81764a1f1c99515411087cf7d34aeded0932c183":"fbbe059025b69b89fb14ae2289e7aaafe60c0fcd":"0a40a16e2fe2b38d1df90546167cf9469c9e3c3681a3442b4b2c2f581deb385ce99fc6188bb02a841d56e76d301891e24560550fcc2a26b55f4ccb26d837d350a154bcaca8392d98fa67959e9727b78cad03269f56968fc56b68bd679926d83cc9cb215550645ccda31c760ff35888943d2d8a1d351e81e5d07b86182e751081ef":0
+
+RSASSA-PSS Signature Example 7_1
+pkcs1_rsassa_pss_sign:1030:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9ead0e01945640674eb41cad435e2374eaefa8ad7197d97913c44957d8d83f40d76ee60e39bf9c0f9eaf3021421a074d1ade962c6e9d3dc3bb174fe4dfe652b09115495b8fd2794174020a0602b5ca51848cfc96ce5eb57fc0a2adc1dda36a7cc452641a14911b37e45bfa11daa5c7ecdb74f6d0100d1d3e39e752800e203397de0233077b9a88855537fae927f924380d780f98e18dcff39c5ea741b17d6fdd1885bc9d581482d771ceb562d78a8bf88f0c75b11363e5e36cd479ceb0545f9da84203e0e6e508375cc9e844b88b7ac7a0a201ea0f1bee9a2c577920ca02c01b9d8320e974a56f4efb5763b96255abbf8037bf1802cf018f56379493e569a9":"b7867a59958cb54328f8775e6546ec06d27eaa50":"187f390723c8902591f0154bae6d4ecbffe067f0e8b795476ea4f4d51ccc810520bb3ca9bca7d0b1f2ea8a17d873fa27570acd642e3808561cb9e975ccfd80b23dc5771cdb3306a5f23159dacbd3aa2db93d46d766e09ed15d900ad897a8d274dc26b47e994a27e97e2268a766533ae4b5e42a2fcaf755c1c4794b294c60555823":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 7_1 (verify)
+pkcs1_rsassa_pss_verify:1030:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9ead0e01945640674eb41cad435e2374eaefa8ad7197d97913c44957d8d83f40d76ee60e39bf9c0f9eaf3021421a074d1ade962c6e9d3dc3bb174fe4dfe652b09115495b8fd2794174020a0602b5ca51848cfc96ce5eb57fc0a2adc1dda36a7cc452641a14911b37e45bfa11daa5c7ecdb74f6d0100d1d3e39e752800e203397de0233077b9a88855537fae927f924380d780f98e18dcff39c5ea741b17d6fdd1885bc9d581482d771ceb562d78a8bf88f0c75b11363e5e36cd479ceb0545f9da84203e0e6e508375cc9e844b88b7ac7a0a201ea0f1bee9a2c577920ca02c01b9d8320e974a56f4efb5763b96255abbf8037bf1802cf018f56379493e569a9":"b7867a59958cb54328f8775e6546ec06d27eaa50":"187f390723c8902591f0154bae6d4ecbffe067f0e8b795476ea4f4d51ccc810520bb3ca9bca7d0b1f2ea8a17d873fa27570acd642e3808561cb9e975ccfd80b23dc5771cdb3306a5f23159dacbd3aa2db93d46d766e09ed15d900ad897a8d274dc26b47e994a27e97e2268a766533ae4b5e42a2fcaf755c1c4794b294c60555823":0
+
+RSASSA-PSS Signature Example 7_2
+pkcs1_rsassa_pss_sign:1030:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8d80d2d08dbd19c154df3f14673a14bd03735231f24e86bf153d0e69e74cbff7b1836e664de83f680124370fc0f96c9b65c07a366b644c4ab3":"0c09582266df086310821ba7e18df64dfee6de09":"10fd89768a60a67788abb5856a787c8561f3edcf9a83e898f7dc87ab8cce79429b43e56906941a886194f137e591fe7c339555361fbbe1f24feb2d4bcdb80601f3096bc9132deea60ae13082f44f9ad41cd628936a4d51176e42fc59cb76db815ce5ab4db99a104aafea68f5d330329ebf258d4ede16064bd1d00393d5e1570eb8":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 7_2 (verify)
+pkcs1_rsassa_pss_verify:1030:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8d80d2d08dbd19c154df3f14673a14bd03735231f24e86bf153d0e69e74cbff7b1836e664de83f680124370fc0f96c9b65c07a366b644c4ab3":"0c09582266df086310821ba7e18df64dfee6de09":"10fd89768a60a67788abb5856a787c8561f3edcf9a83e898f7dc87ab8cce79429b43e56906941a886194f137e591fe7c339555361fbbe1f24feb2d4bcdb80601f3096bc9132deea60ae13082f44f9ad41cd628936a4d51176e42fc59cb76db815ce5ab4db99a104aafea68f5d330329ebf258d4ede16064bd1d00393d5e1570eb8":0
+
+RSASSA-PSS Signature Example 7_3
+pkcs1_rsassa_pss_sign:1030:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"808405cdfc1a58b9bb0397c720722a81fffb76278f335917ef9c473814b3e016ba2973cd2765f8f3f82d6cc38aa7f8551827fe8d1e3884b7e61c94683b8f82f1843bdae2257eeec9812ad4c2cf283c34e0b0ae0fe3cb990cf88f2ef9":"28039dcfe106d3b8296611258c4a56651c9e92dd":"2b31fde99859b977aa09586d8e274662b25a2a640640b457f594051cb1e7f7a911865455242926cf88fe80dfa3a75ba9689844a11e634a82b075afbd69c12a0df9d25f84ad4945df3dc8fe90c3cefdf26e95f0534304b5bdba20d3e5640a2ebfb898aac35ae40f26fce5563c2f9f24f3042af76f3c7072d687bbfb959a88460af1":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 7_3 (verify)
+pkcs1_rsassa_pss_verify:1030:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"808405cdfc1a58b9bb0397c720722a81fffb76278f335917ef9c473814b3e016ba2973cd2765f8f3f82d6cc38aa7f8551827fe8d1e3884b7e61c94683b8f82f1843bdae2257eeec9812ad4c2cf283c34e0b0ae0fe3cb990cf88f2ef9":"28039dcfe106d3b8296611258c4a56651c9e92dd":"2b31fde99859b977aa09586d8e274662b25a2a640640b457f594051cb1e7f7a911865455242926cf88fe80dfa3a75ba9689844a11e634a82b075afbd69c12a0df9d25f84ad4945df3dc8fe90c3cefdf26e95f0534304b5bdba20d3e5640a2ebfb898aac35ae40f26fce5563c2f9f24f3042af76f3c7072d687bbfb959a88460af1":0
+
+RSASSA-PSS Signature Example 7_4
+pkcs1_rsassa_pss_sign:1030:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f337b9bad937de22a1a052dff11134a8ce26976202981939b91e0715ae5e609649da1adfcef3f4cca59b238360e7d1e496c7bf4b204b5acff9bbd6166a1d87a36ef2247373751039f8a800b8399807b3a85f44893497c0d05fb7017b82228152de6f25e6116dcc7503c786c875c28f3aa607e94ab0f19863ab1b5073770b0cd5f533acde30c6fb953cf3da680264e30fc11bff9a19bffab4779b6223c3fb3fe0f71abade4eb7c09c41e24c22d23fa148e6a173feb63984d1bc6ee3a02d915b752ceaf92a3015eceb38ca586c6801b37c34cefb2cff25ea23c08662dcab26a7a93a285d05d3044c":"a77821ebbbef24628e4e12e1d0ea96de398f7b0f":"32c7ca38ff26949a15000c4ba04b2b13b35a3810e568184d7ecabaa166b7ffabddf2b6cf4ba07124923790f2e5b1a5be040aea36fe132ec130e1f10567982d17ac3e89b8d26c3094034e762d2e031264f01170beecb3d1439e05846f25458367a7d9c02060444672671e64e877864559ca19b2074d588a281b5804d23772fbbe19":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 7_4 (verify)
+pkcs1_rsassa_pss_verify:1030:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f337b9bad937de22a1a052dff11134a8ce26976202981939b91e0715ae5e609649da1adfcef3f4cca59b238360e7d1e496c7bf4b204b5acff9bbd6166a1d87a36ef2247373751039f8a800b8399807b3a85f44893497c0d05fb7017b82228152de6f25e6116dcc7503c786c875c28f3aa607e94ab0f19863ab1b5073770b0cd5f533acde30c6fb953cf3da680264e30fc11bff9a19bffab4779b6223c3fb3fe0f71abade4eb7c09c41e24c22d23fa148e6a173feb63984d1bc6ee3a02d915b752ceaf92a3015eceb38ca586c6801b37c34cefb2cff25ea23c08662dcab26a7a93a285d05d3044c":"a77821ebbbef24628e4e12e1d0ea96de398f7b0f":"32c7ca38ff26949a15000c4ba04b2b13b35a3810e568184d7ecabaa166b7ffabddf2b6cf4ba07124923790f2e5b1a5be040aea36fe132ec130e1f10567982d17ac3e89b8d26c3094034e762d2e031264f01170beecb3d1439e05846f25458367a7d9c02060444672671e64e877864559ca19b2074d588a281b5804d23772fbbe19":0
+
+RSASSA-PSS Signature Example 7_5
+pkcs1_rsassa_pss_sign:1030:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"45013cebafd960b255476a8e2598b9aa32efbe6dc1f34f4a498d8cf5a2b4548d08c55d5f95f7bcc9619163056f2d58b52fa032":"9d5ad8eb452134b65dc3a98b6a73b5f741609cd6":"07eb651d75f1b52bc263b2e198336e99fbebc4f332049a922a10815607ee2d989db3a4495b7dccd38f58a211fb7e193171a3d891132437ebca44f318b280509e52b5fa98fcce8205d9697c8ee4b7ff59d4c59c79038a1970bd2a0d451ecdc5ef11d9979c9d35f8c70a6163717607890d586a7c6dc01c79f86a8f28e85235f8c2f1":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 7_5 (verify)
+pkcs1_rsassa_pss_verify:1030:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"45013cebafd960b255476a8e2598b9aa32efbe6dc1f34f4a498d8cf5a2b4548d08c55d5f95f7bcc9619163056f2d58b52fa032":"9d5ad8eb452134b65dc3a98b6a73b5f741609cd6":"07eb651d75f1b52bc263b2e198336e99fbebc4f332049a922a10815607ee2d989db3a4495b7dccd38f58a211fb7e193171a3d891132437ebca44f318b280509e52b5fa98fcce8205d9697c8ee4b7ff59d4c59c79038a1970bd2a0d451ecdc5ef11d9979c9d35f8c70a6163717607890d586a7c6dc01c79f86a8f28e85235f8c2f1":0
+
+RSASSA-PSS Signature Example 7_6
+pkcs1_rsassa_pss_sign:1030:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"2358097086c899323e75d9c90d0c09f12d9d54edfbdf70a9c2eb5a04d8f36b9b2bdf2aabe0a5bda1968937f9d6ebd3b6b257efb3136d4131f9acb59b85e2602c2a3fcdc835494a1f4e5ec18b226c80232b36a75a45fdf09a7ea9e98efbde1450d1194bf12e15a4c5f9eb5c0bce5269e0c3b28cfab655d81a61a20b4be2f54459bb25a0db94c52218be109a7426de83014424789aaa90e5056e632a698115e282c1a56410f26c2072f193481a9dcd880572005e64f4082ecf":"3f2efc595880a7d47fcf3cba04983ea54c4b73fb":"18da3cdcfe79bfb77fd9c32f377ad399146f0a8e810620233271a6e3ed3248903f5cdc92dc79b55d3e11615aa056a795853792a3998c349ca5c457e8ca7d29d796aa24f83491709befcfb1510ea513c92829a3f00b104f655634f320752e130ec0ccf6754ff893db302932bb025eb60e87822598fc619e0e981737a9a4c4152d33":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 7_6 (verify)
+pkcs1_rsassa_pss_verify:1030:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"2358097086c899323e75d9c90d0c09f12d9d54edfbdf70a9c2eb5a04d8f36b9b2bdf2aabe0a5bda1968937f9d6ebd3b6b257efb3136d4131f9acb59b85e2602c2a3fcdc835494a1f4e5ec18b226c80232b36a75a45fdf09a7ea9e98efbde1450d1194bf12e15a4c5f9eb5c0bce5269e0c3b28cfab655d81a61a20b4be2f54459bb25a0db94c52218be109a7426de83014424789aaa90e5056e632a698115e282c1a56410f26c2072f193481a9dcd880572005e64f4082ecf":"3f2efc595880a7d47fcf3cba04983ea54c4b73fb":"18da3cdcfe79bfb77fd9c32f377ad399146f0a8e810620233271a6e3ed3248903f5cdc92dc79b55d3e11615aa056a795853792a3998c349ca5c457e8ca7d29d796aa24f83491709befcfb1510ea513c92829a3f00b104f655634f320752e130ec0ccf6754ff893db302932bb025eb60e87822598fc619e0e981737a9a4c4152d33":0
+
+RSASSA-PSS Signature Example 8_1
+pkcs1_rsassa_pss_sign:1031:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"81332f4be62948415ea1d899792eeacf6c6e1db1da8be13b5cea41db2fed467092e1ff398914c714259775f595f8547f735692a575e6923af78f22c6997ddb90fb6f72d7bb0dd5744a31decd3dc3685849836ed34aec596304ad11843c4f88489f209735f5fb7fdaf7cec8addc5818168f880acbf490d51005b7a8e84e43e54287977571dd99eea4b161eb2df1f5108f12a4142a83322edb05a75487a3435c9a78ce53ed93bc550857d7a9fb":"1d65491d79c864b373009be6f6f2467bac4c78fa":"0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 8_1 (verify)
+pkcs1_rsassa_pss_verify:1031:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"81332f4be62948415ea1d899792eeacf6c6e1db1da8be13b5cea41db2fed467092e1ff398914c714259775f595f8547f735692a575e6923af78f22c6997ddb90fb6f72d7bb0dd5744a31decd3dc3685849836ed34aec596304ad11843c4f88489f209735f5fb7fdaf7cec8addc5818168f880acbf490d51005b7a8e84e43e54287977571dd99eea4b161eb2df1f5108f12a4142a83322edb05a75487a3435c9a78ce53ed93bc550857d7a9fb":"1d65491d79c864b373009be6f6f2467bac4c78fa":"0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5":0
+
+RSASSA-PSS Signature Example 8_2
+pkcs1_rsassa_pss_sign:1031:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e2f96eaf0e05e7ba326ecca0ba7fd2f7c02356f3cede9d0faabf4fcc8e60a973e5595fd9ea08":"435c098aa9909eb2377f1248b091b68987ff1838":"2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 8_2 (verify)
+pkcs1_rsassa_pss_verify:1031:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e2f96eaf0e05e7ba326ecca0ba7fd2f7c02356f3cede9d0faabf4fcc8e60a973e5595fd9ea08":"435c098aa9909eb2377f1248b091b68987ff1838":"2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e":0
+
+RSASSA-PSS Signature Example 8_3
+pkcs1_rsassa_pss_sign:1031:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"c6ebbe76df0c4aea32c474175b2f136862d04529":"2ad20509d78cf26d1b6c406146086e4b0c91a91c2bd164c87b966b8faa42aa0ca446022323ba4b1a1b89706d7f4c3be57d7b69702d168ab5955ee290356b8c4a29ed467d547ec23cbadf286ccb5863c6679da467fc9324a151c7ec55aac6db4084f82726825cfe1aa421bc64049fb42f23148f9c25b2dc300437c38d428aa75f96":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 8_3 (verify)
+pkcs1_rsassa_pss_verify:1031:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"c6ebbe76df0c4aea32c474175b2f136862d04529":"2ad20509d78cf26d1b6c406146086e4b0c91a91c2bd164c87b966b8faa42aa0ca446022323ba4b1a1b89706d7f4c3be57d7b69702d168ab5955ee290356b8c4a29ed467d547ec23cbadf286ccb5863c6679da467fc9324a151c7ec55aac6db4084f82726825cfe1aa421bc64049fb42f23148f9c25b2dc300437c38d428aa75f96":0
+
+RSASSA-PSS Signature Example 8_4
+pkcs1_rsassa_pss_sign:1031:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"dbc5f750a7a14be2b93e838d18d14a8695e52e8add9c0ac733b8f56d2747e529a0cca532dd49b902aefed514447f9e81d16195c2853868cb9b30f7d0d495c69d01b5c5d50b27045db3866c2324a44a110b1717746de457d1c8c45c3cd2a92970c3d59632055d4c98a41d6e99e2a3ddd5f7f9979ab3cd18f37505d25141de2a1bff17b3a7dce9419ecc385cf11d72840f19953fd0509251f6cafde2893d0e75c781ba7a5012ca401a4fa99e04b3c3249f926d5afe82cc87dab22c3c1b105de48e34ace9c9124e59597ac7ebf8":"021fdcc6ebb5e19b1cb16e9c67f27681657fe20a":"1e24e6e58628e5175044a9eb6d837d48af1260b0520e87327de7897ee4d5b9f0df0be3e09ed4dea8c1454ff3423bb08e1793245a9df8bf6ab3968c8eddc3b5328571c77f091cc578576912dfebd164b9de5454fe0be1c1f6385b328360ce67ec7a05f6e30eb45c17c48ac70041d2cab67f0a2ae7aafdcc8d245ea3442a6300ccc7":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 8_4 (verify)
+pkcs1_rsassa_pss_verify:1031:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"dbc5f750a7a14be2b93e838d18d14a8695e52e8add9c0ac733b8f56d2747e529a0cca532dd49b902aefed514447f9e81d16195c2853868cb9b30f7d0d495c69d01b5c5d50b27045db3866c2324a44a110b1717746de457d1c8c45c3cd2a92970c3d59632055d4c98a41d6e99e2a3ddd5f7f9979ab3cd18f37505d25141de2a1bff17b3a7dce9419ecc385cf11d72840f19953fd0509251f6cafde2893d0e75c781ba7a5012ca401a4fa99e04b3c3249f926d5afe82cc87dab22c3c1b105de48e34ace9c9124e59597ac7ebf8":"021fdcc6ebb5e19b1cb16e9c67f27681657fe20a":"1e24e6e58628e5175044a9eb6d837d48af1260b0520e87327de7897ee4d5b9f0df0be3e09ed4dea8c1454ff3423bb08e1793245a9df8bf6ab3968c8eddc3b5328571c77f091cc578576912dfebd164b9de5454fe0be1c1f6385b328360ce67ec7a05f6e30eb45c17c48ac70041d2cab67f0a2ae7aafdcc8d245ea3442a6300ccc7":0
+
+RSASSA-PSS Signature Example 8_5
+pkcs1_rsassa_pss_sign:1031:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"04dc251be72e88e5723485b6383a637e2fefe07660c519a560b8bc18bdedb86eae2364ea53ba9dca6eb3d2e7d6b806af42b3e87f291b4a8881d5bf572cc9a85e19c86acb28f098f9da0383c566d3c0f58cfd8f395dcf602e5cd40e8c7183f714996e2297ef":"c558d7167cbb4508ada042971e71b1377eea4269":"33341ba3576a130a50e2a5cf8679224388d5693f5accc235ac95add68e5eb1eec31666d0ca7a1cda6f70a1aa762c05752a51950cdb8af3c5379f18cfe6b5bc55a4648226a15e912ef19ad77adeea911d67cfefd69ba43fa4119135ff642117ba985a7e0100325e9519f1ca6a9216bda055b5785015291125e90dcd07a2ca9673ee":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 8_5 (verify)
+pkcs1_rsassa_pss_verify:1031:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"04dc251be72e88e5723485b6383a637e2fefe07660c519a560b8bc18bdedb86eae2364ea53ba9dca6eb3d2e7d6b806af42b3e87f291b4a8881d5bf572cc9a85e19c86acb28f098f9da0383c566d3c0f58cfd8f395dcf602e5cd40e8c7183f714996e2297ef":"c558d7167cbb4508ada042971e71b1377eea4269":"33341ba3576a130a50e2a5cf8679224388d5693f5accc235ac95add68e5eb1eec31666d0ca7a1cda6f70a1aa762c05752a51950cdb8af3c5379f18cfe6b5bc55a4648226a15e912ef19ad77adeea911d67cfefd69ba43fa4119135ff642117ba985a7e0100325e9519f1ca6a9216bda055b5785015291125e90dcd07a2ca9673ee":0
+
+RSASSA-PSS Signature Example 8_6
+pkcs1_rsassa_pss_sign:1031:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0ea37df9a6fea4a8b610373c24cf390c20fa6e2135c400c8a34f5c183a7e8ea4c9ae090ed31759f42dc77719cca400ecdcc517acfc7ac6902675b2ef30c509665f3321482fc69a9fb570d15e01c845d0d8e50d2a24cbf1cf0e714975a5db7b18d9e9e9cb91b5cb16869060ed18b7b56245503f0caf90352b8de81cb5a1d9c6336092f0cd":"76fd4e64fdc98eb927a0403e35a084e76ba9f92a":"1ed1d848fb1edb44129bd9b354795af97a069a7a00d0151048593e0c72c3517ff9ff2a41d0cb5a0ac860d736a199704f7cb6a53986a88bbd8abcc0076a2ce847880031525d449da2ac78356374c536e343faa7cba42a5aaa6506087791c06a8e989335aed19bfab2d5e67e27fb0c2875af896c21b6e8e7309d04e4f6727e69463e":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 8_6 (verify)
+pkcs1_rsassa_pss_verify:1031:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0ea37df9a6fea4a8b610373c24cf390c20fa6e2135c400c8a34f5c183a7e8ea4c9ae090ed31759f42dc77719cca400ecdcc517acfc7ac6902675b2ef30c509665f3321482fc69a9fb570d15e01c845d0d8e50d2a24cbf1cf0e714975a5db7b18d9e9e9cb91b5cb16869060ed18b7b56245503f0caf90352b8de81cb5a1d9c6336092f0cd":"76fd4e64fdc98eb927a0403e35a084e76ba9f92a":"1ed1d848fb1edb44129bd9b354795af97a069a7a00d0151048593e0c72c3517ff9ff2a41d0cb5a0ac860d736a199704f7cb6a53986a88bbd8abcc0076a2ce847880031525d449da2ac78356374c536e343faa7cba42a5aaa6506087791c06a8e989335aed19bfab2d5e67e27fb0c2875af896c21b6e8e7309d04e4f6727e69463e":0
+
+RSASSA-PSS Signature Example 9_1
+pkcs1_rsassa_pss_sign:1536:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a88e265855e9d7ca36c68795f0b31b591cd6587c71d060a0b3f7f3eaef43795922028bc2b6ad467cfc2d7f659c5385aa70ba3672cdde4cfe4970cc7904601b278872bf51321c4a972f3c95570f3445d4f57980e0f20df54846e6a52c668f1288c03f95006ea32f562d40d52af9feb32f0fa06db65b588a237b34e592d55cf979f903a642ef64d2ed542aa8c77dc1dd762f45a59303ed75e541ca271e2b60ca709e44fa0661131e8d5d4163fd8d398566ce26de8730e72f9cca737641c244159420637028df0a18079d6208ea8b4711a2c750f5":"c0a425313df8d7564bd2434d311523d5257eed80":"586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 9_1 (verify)
+pkcs1_rsassa_pss_verify:1536:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a88e265855e9d7ca36c68795f0b31b591cd6587c71d060a0b3f7f3eaef43795922028bc2b6ad467cfc2d7f659c5385aa70ba3672cdde4cfe4970cc7904601b278872bf51321c4a972f3c95570f3445d4f57980e0f20df54846e6a52c668f1288c03f95006ea32f562d40d52af9feb32f0fa06db65b588a237b34e592d55cf979f903a642ef64d2ed542aa8c77dc1dd762f45a59303ed75e541ca271e2b60ca709e44fa0661131e8d5d4163fd8d398566ce26de8730e72f9cca737641c244159420637028df0a18079d6208ea8b4711a2c750f5":"c0a425313df8d7564bd2434d311523d5257eed80":"586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e":0
+
+RSASSA-PSS Signature Example 9_2
+pkcs1_rsassa_pss_sign:1536:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"c8c9c6af04acda414d227ef23e0820c3732c500dc87275e95b0d095413993c2658bc1d988581ba879c2d201f14cb88ced153a01969a7bf0a7be79c84c1486bc12b3fa6c59871b6827c8ce253ca5fefa8a8c690bf326e8e37cdb96d90a82ebab69f86350e1822e8bd536a2e":"b307c43b4850a8dac2f15f32e37839ef8c5c0e91":"80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 9_2 (verify)
+pkcs1_rsassa_pss_verify:1536:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"c8c9c6af04acda414d227ef23e0820c3732c500dc87275e95b0d095413993c2658bc1d988581ba879c2d201f14cb88ced153a01969a7bf0a7be79c84c1486bc12b3fa6c59871b6827c8ce253ca5fefa8a8c690bf326e8e37cdb96d90a82ebab69f86350e1822e8bd536a2e":"b307c43b4850a8dac2f15f32e37839ef8c5c0e91":"80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958":0
+
+RSASSA-PSS Signature Example 9_3
+pkcs1_rsassa_pss_sign:1536:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0afad42ccd4fc60654a55002d228f52a4a5fe03b8bbb08ca82daca558b44dbe1266e50c0e745a36d9d2904e3408abcd1fd569994063f4a75cc72f2fee2a0cd893a43af1c5b8b487df0a71610024e4f6ddf9f28ad0813c1aab91bcb3c9064d5ff742deffea657094139369e5ea6f4a96319a5cc8224145b545062758fefd1fe3409ae169259c6cdfd6b5f2958e314faecbe69d2cace58ee55179ab9b3e6d1ecc14a557c5febe988595264fc5da1c571462eca798a18a1a4940cdab4a3e92009ccd42e1e947b1314e32238a2dece7d23a89b5b30c751fd0a4a430d2c548594":"9a2b007e80978bbb192c354eb7da9aedfc74dbf5":"484408f3898cd5f53483f80819efbf2708c34d27a8b2a6fae8b322f9240237f981817aca1846f1084daa6d7c0795f6e5bf1af59c38e1858437ce1f7ec419b98c8736adf6dd9a00b1806d2bd3ad0a73775e05f52dfef3a59ab4b08143f0df05cd1ad9d04bececa6daa4a2129803e200cbc77787caf4c1d0663a6c5987b605952019782caf2ec1426d68fb94ed1d4be816a7ed081b77e6ab330b3ffc073820fecde3727fcbe295ee61a050a343658637c3fd659cfb63736de32d9f90d3c2f63eca":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 9_3 (verify)
+pkcs1_rsassa_pss_verify:1536:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0afad42ccd4fc60654a55002d228f52a4a5fe03b8bbb08ca82daca558b44dbe1266e50c0e745a36d9d2904e3408abcd1fd569994063f4a75cc72f2fee2a0cd893a43af1c5b8b487df0a71610024e4f6ddf9f28ad0813c1aab91bcb3c9064d5ff742deffea657094139369e5ea6f4a96319a5cc8224145b545062758fefd1fe3409ae169259c6cdfd6b5f2958e314faecbe69d2cace58ee55179ab9b3e6d1ecc14a557c5febe988595264fc5da1c571462eca798a18a1a4940cdab4a3e92009ccd42e1e947b1314e32238a2dece7d23a89b5b30c751fd0a4a430d2c548594":"9a2b007e80978bbb192c354eb7da9aedfc74dbf5":"484408f3898cd5f53483f80819efbf2708c34d27a8b2a6fae8b322f9240237f981817aca1846f1084daa6d7c0795f6e5bf1af59c38e1858437ce1f7ec419b98c8736adf6dd9a00b1806d2bd3ad0a73775e05f52dfef3a59ab4b08143f0df05cd1ad9d04bececa6daa4a2129803e200cbc77787caf4c1d0663a6c5987b605952019782caf2ec1426d68fb94ed1d4be816a7ed081b77e6ab330b3ffc073820fecde3727fcbe295ee61a050a343658637c3fd659cfb63736de32d9f90d3c2f63eca":0
+
+RSASSA-PSS Signature Example 9_4
+pkcs1_rsassa_pss_sign:1536:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1dfd43b46c93db82629bdae2bd0a12b882ea04c3b465f5cf93023f01059626dbbe99f26bb1be949dddd16dc7f3debb19a194627f0b224434df7d8700e9e98b06e360c12fdbe3d19f51c9684eb9089ecbb0a2f0450399d3f59eac7294085d044f5393c6ce737423d8b86c415370d389e30b9f0a3c02d25d0082e8ad6f3f1ef24a45c3cf82b383367063a4d4613e4264f01b2dac2e5aa42043f8fb5f69fa871d14fb273e767a531c40f02f343bc2fb45a0c7e0f6be2561923a77211d66a6e2dbb43c366350beae22da3ac2c1f5077096fcb5c4bf255f7574351ae0b1e1f03632817c0856d4a8ba97afbdc8b85855402bc56926fcec209f9ea8":"70f382bddf4d5d2dd88b3bc7b7308be632b84045":"84ebeb481be59845b46468bafb471c0112e02b235d84b5d911cbd1926ee5074ae0424495cb20e82308b8ebb65f419a03fb40e72b78981d88aad143053685172c97b29c8b7bf0ae73b5b2263c403da0ed2f80ff7450af7828eb8b86f0028bd2a8b176a4d228cccea18394f238b09ff758cc00bc04301152355742f282b54e663a919e709d8da24ade5500a7b9aa50226e0ca52923e6c2d860ec50ff480fa57477e82b0565f4379f79c772d5c2da80af9fbf325ece6fc20b00961614bee89a183e":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 9_4 (verify)
+pkcs1_rsassa_pss_verify:1536:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1dfd43b46c93db82629bdae2bd0a12b882ea04c3b465f5cf93023f01059626dbbe99f26bb1be949dddd16dc7f3debb19a194627f0b224434df7d8700e9e98b06e360c12fdbe3d19f51c9684eb9089ecbb0a2f0450399d3f59eac7294085d044f5393c6ce737423d8b86c415370d389e30b9f0a3c02d25d0082e8ad6f3f1ef24a45c3cf82b383367063a4d4613e4264f01b2dac2e5aa42043f8fb5f69fa871d14fb273e767a531c40f02f343bc2fb45a0c7e0f6be2561923a77211d66a6e2dbb43c366350beae22da3ac2c1f5077096fcb5c4bf255f7574351ae0b1e1f03632817c0856d4a8ba97afbdc8b85855402bc56926fcec209f9ea8":"70f382bddf4d5d2dd88b3bc7b7308be632b84045":"84ebeb481be59845b46468bafb471c0112e02b235d84b5d911cbd1926ee5074ae0424495cb20e82308b8ebb65f419a03fb40e72b78981d88aad143053685172c97b29c8b7bf0ae73b5b2263c403da0ed2f80ff7450af7828eb8b86f0028bd2a8b176a4d228cccea18394f238b09ff758cc00bc04301152355742f282b54e663a919e709d8da24ade5500a7b9aa50226e0ca52923e6c2d860ec50ff480fa57477e82b0565f4379f79c772d5c2da80af9fbf325ece6fc20b00961614bee89a183e":0
+
+RSASSA-PSS Signature Example 9_5
+pkcs1_rsassa_pss_sign:1536:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1bdc6e7c98fb8cf54e9b097b66a831e9cfe52d9d4888448ee4b0978093ba1d7d73ae78b3a62ba4ad95cd289ccb9e005226bb3d178bccaa821fb044a4e21ee97696c14d0678c94c2dae93b0ad73922218553daa7e44ebe57725a7a45cc72b9b2138a6b17c8db411ce8279ee1241aff0a8bec6f77f87edb0c69cb27236e3435a800b192e4f11e519e3fe30fc30eaccca4fbb41769029bf708e817a9e683805be67fa100984683b74838e3bcffa79366eed1d481c76729118838f31ba8a048a93c1be4424598e8df6328b7a77880a3f9c7e2e8dfca8eb5a26fb86bdc556d42bbe01d9fa6ed80646491c9341":"d689257a86effa68212c5e0c619eca295fb91b67":"82102df8cb91e7179919a04d26d335d64fbc2f872c44833943241de8454810274cdf3db5f42d423db152af7135f701420e39b494a67cbfd19f9119da233a23da5c6439b5ba0d2bc373eee3507001378d4a4073856b7fe2aba0b5ee93b27f4afec7d4d120921c83f606765b02c19e4d6a1a3b95fa4c422951be4f52131077ef17179729cddfbdb56950dbaceefe78cb16640a099ea56d24389eef10f8fecb31ba3ea3b227c0a86698bb89e3e9363905bf22777b2a3aa521b65b4cef76d83bde4c":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 9_5 (verify)
+pkcs1_rsassa_pss_verify:1536:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1bdc6e7c98fb8cf54e9b097b66a831e9cfe52d9d4888448ee4b0978093ba1d7d73ae78b3a62ba4ad95cd289ccb9e005226bb3d178bccaa821fb044a4e21ee97696c14d0678c94c2dae93b0ad73922218553daa7e44ebe57725a7a45cc72b9b2138a6b17c8db411ce8279ee1241aff0a8bec6f77f87edb0c69cb27236e3435a800b192e4f11e519e3fe30fc30eaccca4fbb41769029bf708e817a9e683805be67fa100984683b74838e3bcffa79366eed1d481c76729118838f31ba8a048a93c1be4424598e8df6328b7a77880a3f9c7e2e8dfca8eb5a26fb86bdc556d42bbe01d9fa6ed80646491c9341":"d689257a86effa68212c5e0c619eca295fb91b67":"82102df8cb91e7179919a04d26d335d64fbc2f872c44833943241de8454810274cdf3db5f42d423db152af7135f701420e39b494a67cbfd19f9119da233a23da5c6439b5ba0d2bc373eee3507001378d4a4073856b7fe2aba0b5ee93b27f4afec7d4d120921c83f606765b02c19e4d6a1a3b95fa4c422951be4f52131077ef17179729cddfbdb56950dbaceefe78cb16640a099ea56d24389eef10f8fecb31ba3ea3b227c0a86698bb89e3e9363905bf22777b2a3aa521b65b4cef76d83bde4c":0
+
+RSASSA-PSS Signature Example 9_6
+pkcs1_rsassa_pss_sign:1536:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"88c7a9f1360401d90e53b101b61c5325c3c75db1b411fbeb8e830b75e96b56670ad245404e16793544ee354bc613a90cc9848715a73db5893e7f6d279815c0c1de83ef8e2956e3a56ed26a888d7a9cdcd042f4b16b7fa51ef1a0573662d16a302d0ec5b285d2e03ad96529c87b3d374db372d95b2443d061b6b1a350ba87807ed083afd1eb05c3f52f4eba5ed2227714fdb50b9d9d9dd6814f62f6272fcd5cdbce7a9ef797":"c25f13bf67d081671a0481a1f1820d613bba2276":"a7fdb0d259165ca2c88d00bbf1028a867d337699d061193b17a9648e14ccbbaadeacaacdec815e7571294ebb8a117af205fa078b47b0712c199e3ad05135c504c24b81705115740802487992ffd511d4afc6b854491eb3f0dd523139542ff15c3101ee85543517c6a3c79417c67e2dd9aa741e9a29b06dcb593c2336b3670ae3afbac7c3e76e215473e866e338ca244de00b62624d6b9426822ceae9f8cc460895f41250073fd45c5a1e7b425c204a423a699159f6903e710b37a7bb2bc8049f":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 9_6 (verify)
+pkcs1_rsassa_pss_verify:1536:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"88c7a9f1360401d90e53b101b61c5325c3c75db1b411fbeb8e830b75e96b56670ad245404e16793544ee354bc613a90cc9848715a73db5893e7f6d279815c0c1de83ef8e2956e3a56ed26a888d7a9cdcd042f4b16b7fa51ef1a0573662d16a302d0ec5b285d2e03ad96529c87b3d374db372d95b2443d061b6b1a350ba87807ed083afd1eb05c3f52f4eba5ed2227714fdb50b9d9d9dd6814f62f6272fcd5cdbce7a9ef797":"c25f13bf67d081671a0481a1f1820d613bba2276":"a7fdb0d259165ca2c88d00bbf1028a867d337699d061193b17a9648e14ccbbaadeacaacdec815e7571294ebb8a117af205fa078b47b0712c199e3ad05135c504c24b81705115740802487992ffd511d4afc6b854491eb3f0dd523139542ff15c3101ee85543517c6a3c79417c67e2dd9aa741e9a29b06dcb593c2336b3670ae3afbac7c3e76e215473e866e338ca244de00b62624d6b9426822ceae9f8cc460895f41250073fd45c5a1e7b425c204a423a699159f6903e710b37a7bb2bc8049f":0
+
+RSASSA-PSS Signature Example 10_1
+pkcs1_rsassa_pss_sign:2048:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"883177e5126b9be2d9a9680327d5370c6f26861f5820c43da67a3ad609":"04e215ee6ff934b9da70d7730c8734abfcecde89":"82c2b160093b8aa3c0f7522b19f87354066c77847abf2a9fce542d0e84e920c5afb49ffdfdace16560ee94a1369601148ebad7a0e151cf16331791a5727d05f21e74e7eb811440206935d744765a15e79f015cb66c532c87a6a05961c8bfad741a9a6657022894393e7223739796c02a77455d0f555b0ec01ddf259b6207fd0fd57614cef1a5573baaff4ec00069951659b85f24300a25160ca8522dc6e6727e57d019d7e63629b8fe5e89e25cc15beb3a647577559299280b9b28f79b0409000be25bbd96408ba3b43cc486184dd1c8e62553fa1af4040f60663de7f5e49c04388e257f1ce89c95dab48a315d9b66b1b7628233876ff2385230d070d07e1666":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 10_1 (verify)
+pkcs1_rsassa_pss_verify:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"883177e5126b9be2d9a9680327d5370c6f26861f5820c43da67a3ad609":"04e215ee6ff934b9da70d7730c8734abfcecde89":"82c2b160093b8aa3c0f7522b19f87354066c77847abf2a9fce542d0e84e920c5afb49ffdfdace16560ee94a1369601148ebad7a0e151cf16331791a5727d05f21e74e7eb811440206935d744765a15e79f015cb66c532c87a6a05961c8bfad741a9a6657022894393e7223739796c02a77455d0f555b0ec01ddf259b6207fd0fd57614cef1a5573baaff4ec00069951659b85f24300a25160ca8522dc6e6727e57d019d7e63629b8fe5e89e25cc15beb3a647577559299280b9b28f79b0409000be25bbd96408ba3b43cc486184dd1c8e62553fa1af4040f60663de7f5e49c04388e257f1ce89c95dab48a315d9b66b1b7628233876ff2385230d070d07e1666":0
+
+RSASSA-PSS Signature Example 10_2
+pkcs1_rsassa_pss_sign:2048:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"dd670a01465868adc93f26131957a50c52fb777cdbaa30892c9e12361164ec13979d43048118e4445db87bee58dd987b3425d02071d8dbae80708b039dbb64dbd1de5657d9fed0c118a54143742e0ff3c87f74e45857647af3f79eb0a14c9d75ea9a1a04b7cf478a897a708fd988f48e801edb0b7039df8c23bb3c56f4e821ac":"8b2bdd4b40faf545c778ddf9bc1a49cb57f9b71b":"14ae35d9dd06ba92f7f3b897978aed7cd4bf5ff0b585a40bd46ce1b42cd2703053bb9044d64e813d8f96db2dd7007d10118f6f8f8496097ad75e1ff692341b2892ad55a633a1c55e7f0a0ad59a0e203a5b8278aec54dd8622e2831d87174f8caff43ee6c46445345d84a59659bfb92ecd4c818668695f34706f66828a89959637f2bf3e3251c24bdba4d4b7649da0022218b119c84e79a6527ec5b8a5f861c159952e23ec05e1e717346faefe8b1686825bd2b262fb2531066c0de09acde2e4231690728b5d85e115a2f6b92b79c25abc9bd9399ff8bcf825a52ea1f56ea76dd26f43baafa18bfa92a504cbd35699e26d1dcc5a2887385f3c63232f06f3244c3":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 10_2 (verify)
+pkcs1_rsassa_pss_verify:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"dd670a01465868adc93f26131957a50c52fb777cdbaa30892c9e12361164ec13979d43048118e4445db87bee58dd987b3425d02071d8dbae80708b039dbb64dbd1de5657d9fed0c118a54143742e0ff3c87f74e45857647af3f79eb0a14c9d75ea9a1a04b7cf478a897a708fd988f48e801edb0b7039df8c23bb3c56f4e821ac":"8b2bdd4b40faf545c778ddf9bc1a49cb57f9b71b":"14ae35d9dd06ba92f7f3b897978aed7cd4bf5ff0b585a40bd46ce1b42cd2703053bb9044d64e813d8f96db2dd7007d10118f6f8f8496097ad75e1ff692341b2892ad55a633a1c55e7f0a0ad59a0e203a5b8278aec54dd8622e2831d87174f8caff43ee6c46445345d84a59659bfb92ecd4c818668695f34706f66828a89959637f2bf3e3251c24bdba4d4b7649da0022218b119c84e79a6527ec5b8a5f861c159952e23ec05e1e717346faefe8b1686825bd2b262fb2531066c0de09acde2e4231690728b5d85e115a2f6b92b79c25abc9bd9399ff8bcf825a52ea1f56ea76dd26f43baafa18bfa92a504cbd35699e26d1dcc5a2887385f3c63232f06f3244c3":0
+
+RSASSA-PSS Signature Example 10_3
+pkcs1_rsassa_pss_sign:2048:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"48b2b6a57a63c84cea859d65c668284b08d96bdcaabe252db0e4a96cb1bac6019341db6fbefb8d106b0e90eda6bcc6c6262f37e7ea9c7e5d226bd7df85ec5e71efff2f54c5db577ff729ff91b842491de2741d0c631607df586b905b23b91af13da12304bf83eca8a73e871ff9db":"4e96fc1b398f92b44671010c0dc3efd6e20c2d73":"6e3e4d7b6b15d2fb46013b8900aa5bbb3939cf2c095717987042026ee62c74c54cffd5d7d57efbbf950a0f5c574fa09d3fc1c9f513b05b4ff50dd8df7edfa20102854c35e592180119a70ce5b085182aa02d9ea2aa90d1df03f2daae885ba2f5d05afdac97476f06b93b5bc94a1a80aa9116c4d615f333b098892b25fface266f5db5a5a3bcc10a824ed55aad35b727834fb8c07da28fcf416a5d9b2224f1f8b442b36f91e456fdea2d7cfe3367268de0307a4c74e924159ed33393d5e0655531c77327b89821bdedf880161c78cd4196b5419f7acc3f13e5ebf161b6e7c6724716ca33b85c2e25640192ac2859651d50bde7eb976e51cec828b98b6563b86bb":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 10_3 (verify)
+pkcs1_rsassa_pss_verify:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"48b2b6a57a63c84cea859d65c668284b08d96bdcaabe252db0e4a96cb1bac6019341db6fbefb8d106b0e90eda6bcc6c6262f37e7ea9c7e5d226bd7df85ec5e71efff2f54c5db577ff729ff91b842491de2741d0c631607df586b905b23b91af13da12304bf83eca8a73e871ff9db":"4e96fc1b398f92b44671010c0dc3efd6e20c2d73":"6e3e4d7b6b15d2fb46013b8900aa5bbb3939cf2c095717987042026ee62c74c54cffd5d7d57efbbf950a0f5c574fa09d3fc1c9f513b05b4ff50dd8df7edfa20102854c35e592180119a70ce5b085182aa02d9ea2aa90d1df03f2daae885ba2f5d05afdac97476f06b93b5bc94a1a80aa9116c4d615f333b098892b25fface266f5db5a5a3bcc10a824ed55aad35b727834fb8c07da28fcf416a5d9b2224f1f8b442b36f91e456fdea2d7cfe3367268de0307a4c74e924159ed33393d5e0655531c77327b89821bdedf880161c78cd4196b5419f7acc3f13e5ebf161b6e7c6724716ca33b85c2e25640192ac2859651d50bde7eb976e51cec828b98b6563b86bb":0
+
+RSASSA-PSS Signature Example 10_4
+pkcs1_rsassa_pss_sign:2048:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0b8777c7f839baf0a64bbbdbc5ce79755c57a205b845c174e2d2e90546a089c4e6ec8adffa23a7ea97bae6b65d782b82db5d2b5a56d22a29a05e7c4433e2b82a621abba90add05ce393fc48a840542451a":"c7cd698d84b65128d8835e3a8b1eb0e01cb541ec":"34047ff96c4dc0dc90b2d4ff59a1a361a4754b255d2ee0af7d8bf87c9bc9e7ddeede33934c63ca1c0e3d262cb145ef932a1f2c0a997aa6a34f8eaee7477d82ccf09095a6b8acad38d4eec9fb7eab7ad02da1d11d8e54c1825e55bf58c2a23234b902be124f9e9038a8f68fa45dab72f66e0945bf1d8bacc9044c6f07098c9fcec58a3aab100c805178155f030a124c450e5acbda47d0e4f10b80a23f803e774d023b0015c20b9f9bbe7c91296338d5ecb471cafb032007b67a60be5f69504a9f01abb3cb467b260e2bce860be8d95bf92c0c8e1496ed1e528593a4abb6df462dde8a0968dffe4683116857a232f5ebf6c85be238745ad0f38f767a5fdbf486fb":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 10_4 (verify)
+pkcs1_rsassa_pss_verify:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0b8777c7f839baf0a64bbbdbc5ce79755c57a205b845c174e2d2e90546a089c4e6ec8adffa23a7ea97bae6b65d782b82db5d2b5a56d22a29a05e7c4433e2b82a621abba90add05ce393fc48a840542451a":"c7cd698d84b65128d8835e3a8b1eb0e01cb541ec":"34047ff96c4dc0dc90b2d4ff59a1a361a4754b255d2ee0af7d8bf87c9bc9e7ddeede33934c63ca1c0e3d262cb145ef932a1f2c0a997aa6a34f8eaee7477d82ccf09095a6b8acad38d4eec9fb7eab7ad02da1d11d8e54c1825e55bf58c2a23234b902be124f9e9038a8f68fa45dab72f66e0945bf1d8bacc9044c6f07098c9fcec58a3aab100c805178155f030a124c450e5acbda47d0e4f10b80a23f803e774d023b0015c20b9f9bbe7c91296338d5ecb471cafb032007b67a60be5f69504a9f01abb3cb467b260e2bce860be8d95bf92c0c8e1496ed1e528593a4abb6df462dde8a0968dffe4683116857a232f5ebf6c85be238745ad0f38f767a5fdbf486fb":0
+
+RSASSA-PSS Signature Example 10_5
+pkcs1_rsassa_pss_sign:2048:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f1036e008e71e964dadc9219ed30e17f06b4b68a955c16b312b1eddf028b74976bed6b3f6a63d4e77859243c9cccdc98016523abb02483b35591c33aad81213bb7c7bb1a470aabc10d44256c4d4559d916":"efa8bff96212b2f4a3f371a10d574152655f5dfb":"7e0935ea18f4d6c1d17ce82eb2b3836c55b384589ce19dfe743363ac9948d1f346b7bfddfe92efd78adb21faefc89ade42b10f374003fe122e67429a1cb8cbd1f8d9014564c44d120116f4990f1a6e38774c194bd1b8213286b077b0499d2e7b3f434ab12289c556684deed78131934bb3dd6537236f7c6f3dcb09d476be07721e37e1ceed9b2f7b406887bd53157305e1c8b4f84d733bc1e186fe06cc59b6edb8f4bd7ffefdf4f7ba9cfb9d570689b5a1a4109a746a690893db3799255a0cb9215d2d1cd490590e952e8c8786aa0011265252470c041dfbc3eec7c3cbf71c24869d115c0cb4a956f56d530b80ab589acfefc690751ddf36e8d383f83cedd2cc":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 10_5 (verify)
+pkcs1_rsassa_pss_verify:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f1036e008e71e964dadc9219ed30e17f06b4b68a955c16b312b1eddf028b74976bed6b3f6a63d4e77859243c9cccdc98016523abb02483b35591c33aad81213bb7c7bb1a470aabc10d44256c4d4559d916":"efa8bff96212b2f4a3f371a10d574152655f5dfb":"7e0935ea18f4d6c1d17ce82eb2b3836c55b384589ce19dfe743363ac9948d1f346b7bfddfe92efd78adb21faefc89ade42b10f374003fe122e67429a1cb8cbd1f8d9014564c44d120116f4990f1a6e38774c194bd1b8213286b077b0499d2e7b3f434ab12289c556684deed78131934bb3dd6537236f7c6f3dcb09d476be07721e37e1ceed9b2f7b406887bd53157305e1c8b4f84d733bc1e186fe06cc59b6edb8f4bd7ffefdf4f7ba9cfb9d570689b5a1a4109a746a690893db3799255a0cb9215d2d1cd490590e952e8c8786aa0011265252470c041dfbc3eec7c3cbf71c24869d115c0cb4a956f56d530b80ab589acfefc690751ddf36e8d383f83cedd2cc":0
+
+RSASSA-PSS Signature Example 10_6
+pkcs1_rsassa_pss_sign:2048:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"ad8b1523703646224b660b550885917ca2d1df28":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Signature Example 10_6 (verify)
+pkcs1_rsassa_pss_verify:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"ad8b1523703646224b660b550885917ca2d1df28":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0
+
+RSASSA-PSS Signature verify options #1 (OK)
+pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:0
+
+RSASSA-PSS Signature verify options #2 (ctx_hash none)
+pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_NONE:MBEDTLS_MD_SHA1:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:0
+
+RSASSA-PSS Signature verify options #3 (ctx_hash diverging)
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":MBEDTLS_ERR_RSA_INVALID_PADDING:0
+
+RSASSA-PSS Signature verify options #4 (mgf1_hash diverging)
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+RSASSA-PSS Signature verify options #5 (wrong msg_hash)
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":MBEDTLS_ERR_RSA_VERIFY_FAILED:MBEDTLS_ERR_RSA_VERIFY_FAILED
+
+RSASSA-PSS Signature verify options #6 (wrong expected_salt_len)
+pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:21:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+RSASSA-PSS Signature verify options #7 (wrong expected_salt_len)
+pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:19:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+RSASSA-PSS Signature verify options #8 (non-default salt_len: max)
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_verify_ext:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:94:"54657374206d657373616765":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":0:0
+
+RSASSA-PSS Signature verify options #9 (non-default salt_len: 0)
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_verify_ext:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"54657374206d657373616765":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:0
+
+RSASSA-PSS Signature verify options #10 (non-default salt_len: 0, ANY)
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_verify_ext:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:"54657374206d657373616765":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:0
+
+RSASSA-PSS Signature verify options #11 (MGF1 alg != MSG hash alg)
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_verify_ext:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":MBEDTLS_MD_NONE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:0
+
+RSASSA-PSS Signature verify options #12 (MGF1 alg != MSG hash alg, ctx wrong)
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_verify_ext:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":MBEDTLS_MD_NONE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":MBEDTLS_ERR_RSA_INVALID_PADDING:0
+
+RSASSA-PSS Signature verify options #13 (MGF1 alg != MSG hash alg, arg wrong)
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_verify_ext:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":MBEDTLS_MD_NONE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:MBEDTLS_RSA_SALT_LEN_ANY:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+RSASSA-PSS verify ext, 512-bit key, empty salt, good signature
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_verify_ext:512:"00b076d23250816f9aab02307e452b97f0cae7598369b41624e8afc7971a59a13892f64b07eaa6ec928c160b2d6ec8f9d0dd5b63c8b3ac0767b4f65c892f56c10f":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"":"ace8b03347da1b9a7a5e94a0d76359bb39c819bb170bef38ea84995ed653446c0ae87ede434cdf9d0cb2d7bf164cf427892363e6855a1d24d0ce5dd72acaf246":0:0
+
+RSASSA-PSS verify ext, 512-bit key, empty salt, bad signature
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_verify_ext:512:"00b076d23250816f9aab02307e452b97f0cae7598369b41624e8afc7971a59a13892f64b07eaa6ec928c160b2d6ec8f9d0dd5b63c8b3ac0767b4f65c892f56c10f":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"":"ace8b03347da1b9a7a5e94a0d76359bb39c819bb170bef38ea84995ed653446c0ae87ede434cdf9d0cb2d7bf164cf427892363e6855a1d24d0ce5dd72acaf247":MBEDTLS_ERR_RSA_INVALID_PADDING:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+RSASSA-PSS verify ext, 522-bit key, SHA-512, empty salt, good signature
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_verify_ext:522:"02d302753e3dda28f42f4d9f92c8647420ea6fbc97c10f8498b966a953f357698d6581060dfe32c8ab98db4bc5ce2acdf0c1e6e404a75a13282550c1aa37d3cdc8bf":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"":"016752ae0b5dfbade6bbd3dd37868d48c8d741f92dca41c360aeda553204c2212a117b1a3d77e0d3f48723503c46e16c8a64de00f1dee3e37e478417452630859486":0:0
+
+RSASSA-PSS verify ext, 522-bit key, SHA-512, saltlen=64, good signature with saltlen=0
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_verify_ext:522:"02d302753e3dda28f42f4d9f92c8647420ea6fbc97c10f8498b966a953f357698d6581060dfe32c8ab98db4bc5ce2acdf0c1e6e404a75a13282550c1aa37d3cdc8bf":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:64:"":"016752ae0b5dfbade6bbd3dd37868d48c8d741f92dca41c360aeda553204c2212a117b1a3d77e0d3f48723503c46e16c8a64de00f1dee3e37e478417452630859486":0:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+RSASSA-PSS verify ext, 528-bit key, SHA-512, empty salt, good signature
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_verify_ext:528:"00e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"":"a9ad7994ba3a1071124153486924448cc67a5af3a5d34e9261d53770782cc85f58e2edde5f7004652a645e3e9606530eb57de41df7298ae2be9dec69cc0d613ab629":0:0
+
+RSASSA-PSS verify ext, 528-bit key, SHA-512, saltlen=64, good signature with saltlen=0
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_verify_ext:528:"00e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:64:"":"a9ad7994ba3a1071124153486924448cc67a5af3a5d34e9261d53770782cc85f58e2edde5f7004652a645e3e9606530eb57de41df7298ae2be9dec69cc0d613ab629":0:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+RSASSA-PSS verify ext, 512-bit key, SHA-512 (hash too large)
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_verify_ext:512:"00b076d23250816f9aab02307e452b97f0cae7598369b41624e8afc7971a59a13892f64b07eaa6ec928c160b2d6ec8f9d0dd5b63c8b3ac0767b4f65c892f56c10f":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"":"ace8b03347da1b9a7a5e94a0d76359bb39c819bb170bef38ea84995ed653446c0ae87ede434cdf9d0cb2d7bf164cf427892363e6855a1d24d0ce5dd72acaf246":MBEDTLS_ERR_RSA_BAD_INPUT_DATA:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSASSA-PSS verify ext, 521-bit key, SHA-512, empty salt, bad signature
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_verify_ext:521:"0131b69860f3cb9bf85ea358fdf2bd2990f1b77a80d6a4fdf817a43dd896bdf7dd26af8ac0237f526e0d33b105c971fdbd4ffa9ece99fc469f31ecf429e8f562c1c3":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"":"00471794655837da498cbf27242807b40593a353c707eb22fd2cc5a3259e728ac4f1df676043eeec8e16c1175b3d9ac8cae72ec1d5772dd69de71c5677f19031568e":MBEDTLS_ERR_RSA_BAD_INPUT_DATA:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSASSA-PSS verify ext, 521-bit key, SHA-256, empty salt, good signature
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_verify_ext:521:"0131b69860f3cb9bf85ea358fdf2bd2990f1b77a80d6a4fdf817a43dd896bdf7dd26af8ac0237f526e0d33b105c971fdbd4ffa9ece99fc469f31ecf429e8f562c1c3":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"41":"009c4941157fa36288e467310b198ab0c615c40963d611ffeef03000549ded809235955ecc57adba44782e9497c004f480ba2b3d58db8335fe0b391075c02c843a6d":0:0
+
+RSASSA-PSS verify ext, 521-bit key, SHA-256, empty salt, flipped-highest-bit signature
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_verify_ext:521:"0131b69860f3cb9bf85ea358fdf2bd2990f1b77a80d6a4fdf817a43dd896bdf7dd26af8ac0237f526e0d33b105c971fdbd4ffa9ece99fc469f31ecf429e8f562c1c3":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"41":"00e11a2403df681c44a1f73f014b6c9ad17847d0b673f7c2a801cee208d10ab5792c10cd0cd495a4b331aaa521409fca7cb1b0d978b3a84cd67e28078b98753e9466":MBEDTLS_ERR_RSA_BAD_INPUT_DATA:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSASSA-PSS verify ext, all-zero padding, automatic salt length
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_verify_ext:512:"00b076d23250816f9aab02307e452b97f0cae7598369b41624e8afc7971a59a13892f64b07eaa6ec928c160b2d6ec8f9d0dd5b63c8b3ac0767b4f65c892f56c10f":"010001":MBEDTLS_MD_NONE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:"":"63a35294577c7e593170378175b7df27c293dae583ec2a971426eb2d66f2af483e897bfae5dc20300a9d61a3644e08c3aee61a463690a3498901563c46041056":MBEDTLS_ERR_RSA_INVALID_PADDING:MBEDTLS_ERR_RSA_INVALID_PADDING
+
+RSASSA-PSS Signature RSA-1024, SHA-512
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:1024:"00e8f95a716c127d5147dcc241a7c1fe8d5487b3e8b6e95e48a83334d21d00c79ad0a90e29941c0c53065b20059de95e9e406061416f7ac12edca1983b9ee28cc3":"00d72348b297e7e5dc4329f6ab874b17982584e0ab43174070a9be983c0f040320d6f893c40d2717cb3044380cb3230b7133621eb1c55a3ea56d0e7cee694b5df3":"00c3c9873548543591c1f947e412c33da56b9d1b94a58c2f410a8a620e9b4f1d9197643ebf527f5f62b202b9d67a32654d05f326a9b61e0106efdf4829673c4f3d23655996e2424059916ab47aa67e406c129679e5979ca46708866608ffa21f619843b959b4442e422598a2faab54a8cef1f131992677d2cf5bcaf2b5564f7419":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"655d1cf86a7af5113d1791ab7b6627845ea2aa7efbae82705a3563e5ba0337a1d033cb9283b38c042056e0a1d0529891173e3df6621dd8b184930caec8b3cbe4d1068524dab0ec6854f6638d86b77434cd792ddec0d02327a9eebffcd6911ffd32ad9bcb569d3237398c8169d9c62e7eea81c1b456fd36019aad1e4b268c604d":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Verification RSA-1024, SHA-512
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_verify:1022:"00c3c9873548543591c1f947e412c33da56b9d1b94a58c2f410a8a620e9b4f1d9197643ebf527f5f62b202b9d67a32654d05f326a9b61e0106efdf4829673c4f3d23655996e2424059916ab47aa67e406c129679e5979ca46708866608ffa21f619843b959b4442e422598a2faab54a8cef1f131992677d2cf5bcaf2b5564f7419":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"655d1cf86a7af5113d1791ab7b6627845ea2aa7efbae82705a3563e5ba0337a1d033cb9283b38c042056e0a1d0529891173e3df6621dd8b184930caec8b3cbe4d1068524dab0ec6854f6638d86b77434cd792ddec0d02327a9eebffcd6911ffd32ad9bcb569d3237398c8169d9c62e7eea81c1b456fd36019aad1e4b268c604d":0
+
+RSASSA-PSS Signature RSA-1032, SHA-512
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:1032:"0dfaedb709ada2105223e5e7764a5f31d07ae7a37bdc7b4a56c2499e1173147bcdcb165b8fb01a2528190cb6874656a936491898fca330db8af5a9ed5417268ed7":"0c339c56797a90c641292560d0ef675f71ac2c99fcaba6260c38e4f167dfd179eb7a9e255f9bdbc549e4181f9a2a19b1f30a80b292d5ef1ad75b9e658eaa6fb0bb":"00aa94ab91b4c26be257e469528228c4b0b6b4c99e73a84a272b3101892c07406911372b83ec4a7b8191f0ba4b4cb4cb3b732074e96c668297e1323b8ad0822a7e151182def03871a66a47b704b92845c6194142d4eeda19903e04043581f7a835dc288117863d21944c3aeded518458f1a30a41c7638aa4e098a88fdf2c2097270d":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"13ad40169494129b907f061d885fbe50ab654fc7b4be657ff8629d7ca291838159e9a7b7adc93560dda2bb9127966eb8d57377fb19d5b043dca67a07ba3c23069b391ddd921b507a8cca2d5eb7ccc84b90089092ca88530e074e629c3cb6902b2d0475000269a28c4cd89cec0dca66571fa7fbe4976373abe905cbe4c66c8d5fbb":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Verification RSA-1032, SHA-512
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_verify:1032:"00aa94ab91b4c26be257e469528228c4b0b6b4c99e73a84a272b3101892c07406911372b83ec4a7b8191f0ba4b4cb4cb3b732074e96c668297e1323b8ad0822a7e151182def03871a66a47b704b92845c6194142d4eeda19903e04043581f7a835dc288117863d21944c3aeded518458f1a30a41c7638aa4e098a88fdf2c2097270d":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"13ad40169494129b907f061d885fbe50ab654fc7b4be657ff8629d7ca291838159e9a7b7adc93560dda2bb9127966eb8d57377fb19d5b043dca67a07ba3c23069b391ddd921b507a8cca2d5eb7ccc84b90089092ca88530e074e629c3cb6902b2d0475000269a28c4cd89cec0dca66571fa7fbe4976373abe905cbe4c66c8d5fbb":0
+
+RSASSA-PSS Verification of OpenSSL-generated signature RSA-1032, SHA-512
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_verify:1032:"00aa94ab91b4c26be257e469528228c4b0b6b4c99e73a84a272b3101892c07406911372b83ec4a7b8191f0ba4b4cb4cb3b732074e96c668297e1323b8ad0822a7e151182def03871a66a47b704b92845c6194142d4eeda19903e04043581f7a835dc288117863d21944c3aeded518458f1a30a41c7638aa4e098a88fdf2c2097270d":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"1de40b1c452691dfd8ceb42ecf5f0cbda944d871141b4407c1e30a6657c58c2e496b2a3ad10e025d45ca9606d25602ac1de04af8e0d24aa06e57ec3fea5c961ecf1e0a4e442fda0cdaba42469288cde5d7d0c223facceaf4c7caabe93505acd5664c9b4fae64272af4d5b74326a01724a25fabdb10b177821d2273650a84426dbd":0
+
+RSASSA-PSS Signature RSA-1040, SHA-512
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:1040:"00fc7f4b490b4d3ef729db23fb5afbb5f2fc620a472342d8b8ff310cfdc124be76dc22ab6f4be35a38ddd31f24d7f64d310f67ab3a375e83f4e0559e4cb5dc43e875":"00d51e8680ab71dc01e1a8a68a298636bb1658cfab8d73ce528a62697722d485ab90cdafc5e27768b761839ff93420458ae55f15a69465dbc0c7b524dc9a385ff925":"00d2340538231dcd5a61edf83ab94b2e4b3a784394c4ed35a424c050c294157b7625f9aca8258c21e2d0a7aa9b7c9db576404e63090dba50d998f9a3ec72b1a5cf28d83251ab93341c7d2c1a90403d70f67bc1a9e413bc62facccb52441e24c3f2bc9fdeca1a783012e70b9528176260580c4e1026c58209e8dcc4de3bf3f5be5565e9":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"13e695948d59ded5a975cd9fb14bffc48e4ff9725576a96a6693da1a3c4c90d17d6811a97a633180d76dba5b957d2244e3b97e7bf3463a77d0b6c39b28a88e0b6739113726cd74937ad5f693ae5a8fd77febc270a115df05c344ddffebc2438ae67a5eea6572f434881bdf350aed4ec8f3a530d279d3fff07bb78e510807114e6ee7":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Verification RSA-1040, SHA-512
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_verify:1040:"00d2340538231dcd5a61edf83ab94b2e4b3a784394c4ed35a424c050c294157b7625f9aca8258c21e2d0a7aa9b7c9db576404e63090dba50d998f9a3ec72b1a5cf28d83251ab93341c7d2c1a90403d70f67bc1a9e413bc62facccb52441e24c3f2bc9fdeca1a783012e70b9528176260580c4e1026c58209e8dcc4de3bf3f5be5565e9":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"13e695948d59ded5a975cd9fb14bffc48e4ff9725576a96a6693da1a3c4c90d17d6811a97a633180d76dba5b957d2244e3b97e7bf3463a77d0b6c39b28a88e0b6739113726cd74937ad5f693ae5a8fd77febc270a115df05c344ddffebc2438ae67a5eea6572f434881bdf350aed4ec8f3a530d279d3fff07bb78e510807114e6ee7":0
+
+RSASSA-PSS Signature RSA-1048, SHA-512
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:1048:"0f39b79809516becc2e3481b6b47584aa2299bd2027ab8a303b9de5b0adcb4a5d38e38edb8c1fac3ea1dbd7e1d50b84323e362cff4df3f5a5182dafa9bb9217a73d7":"0d18164f8bd0d58d019998c8cb17c4c0354e62b8a9462acca30816894f982c2ae114e73993e30698930437b4eec44adec24d32ccbcbae7cc4c9f8911b1eb2100685b":"00c75d0f9fa17d1d24b939537a434017f390c6604444c35a13360d6b1fc986baf40159b84275d37b883278df5064dd9eb0f29b0d325acc790c4b59672737dbbf3acb88f5e2f2d54c919cafd072272c494591d52e158993315e71e2ca60b1c74feff8f3d77842b415d4e71734a498206a5cd9315c87b23e583e25eb4ca97056b45c96856d":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"9442a8ec48f87ebc81cc1273b03e528e7643c9e2fcc60ed85827d9341c5a36e5c76059baa8e9891df437e44c4047a266b46bcaaad3de1f1d4d3576defff080b791b013491636187fc45a930b70a533ed92abfd168f050df91b4c35d68d160a243ce589807a7d32661fc18b9547cdc0fd86d33acd349c98b34fb016ddd1bff23c58170e":MBEDTLS_RSA_SALT_LEN_ANY:0
+
+RSASSA-PSS Verification RSA-1048, SHA-512
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_verify:1048:"00c75d0f9fa17d1d24b939537a434017f390c6604444c35a13360d6b1fc986baf40159b84275d37b883278df5064dd9eb0f29b0d325acc790c4b59672737dbbf3acb88f5e2f2d54c919cafd072272c494591d52e158993315e71e2ca60b1c74feff8f3d77842b415d4e71734a498206a5cd9315c87b23e583e25eb4ca97056b45c96856d":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"9442a8ec48f87ebc81cc1273b03e528e7643c9e2fcc60ed85827d9341c5a36e5c76059baa8e9891df437e44c4047a266b46bcaaad3de1f1d4d3576defff080b791b013491636187fc45a930b70a533ed92abfd168f050df91b4c35d68d160a243ce589807a7d32661fc18b9547cdc0fd86d33acd349c98b34fb016ddd1bff23c58170e":0
+
+RSASSA-PSS Signature RSA-1024, SHA-224, Salt Length 20
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"53d859c9f10abf1c00284a4b55bf2bd84d8e313b4f3c35b8dec7bc3afe39b9b8a155418ead1931895769ce2340be2091f2385bbcf10d9e92bcf5d0e2960d10e792e7d865c64e50d19ffa13e52817d7d8d8db34392c2374a2e9b69184f92a4ad9b1b8bae99ca614d204b65a438e38dbbfc8c7cc44ed5677af70ce6c4f951f0244":20:0
+
+RSASSA-PSS Signature RSA-1024, SHA-256, Salt Length 20
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"7b1d37278e549898d4084e2210c4a9961edfe7b5963550cca1904248c8681513539017820f0e9bd074b9f8a067b9fefff7f1fa20bf2d0c75015ff020b2210cc7f79034fedf68e8d44a007abf4dd82c26e8b00393723aea15abfbc22941c8cf79481718c008da713fb8f54cb3fca890bde1137314334b9b0a18515bfa48e5ccd0":20:0
+
+RSASSA-PSS Signature RSA-1024, SHA-384, Salt Length 20
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"8f16c807bef3ed6f74ee7ff5c360a5428c6c2f105178b58ff7d073e566dad6e7718d3129c768cd5a9666de2b6c947177b45709dc7cd0f43b0ba6fc75578e1196acc15ca3afe4a78c144cb6885c1cc815f7f98925bc04ad2ff20fc1068b045d9450e2a1dcf5a161ceabba2b0b66c7354fdb80fa1d729e5f976387f24a697a7e56":20:0
+
+RSASSA-PSS Signature RSA-1024, SHA-512, Salt Length 20
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"a833ba31634f8773e4fe6ea0c69e1a23766a939d34b32fc78b774b22e46a646c25e6e1062d234ed48b1aba0f830529ff6afc296cc8dc207bbc15391623beac5f6c3db557ca49d0e42c962de95b5ff548cff970f5c73f439cfe82d3907be60240f56b6a4259cc96dfd8fe02a0bfa26e0223f68214428fff0ae40162198cc5cbd1":20:0
+
+RSASSA-PSS Signature RSA-1536, SHA-224, Salt Length 20
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:1536:"d3bde85f8718388de38c7e157c7200366224fd446ab590fb31dfd8135d3c561426b9966c164912bf0cd6537e877d59bb21fa3d3c5a6115ce971018db6be1033f14a4bb5849ccb070eb83838394e9d0851f3a33c43f48935a01c31c6fea72a6dd":"c342842ed13979fe948de3d31c21e5d4407db5f08524a1d04221500901e44b95274cbb84d80575ef1514332e27b0244a4154a8b561125439772a3d2fc9db73f19679cb92f9c5b5388154b0180aa339ff0bbec819da8a84d2bb617542cf097a8d":"a180ac4b5186df0b7b1cb7a95746a5af411efa16d1aed12468de15b747a0ff32c215dd08a99287b7788e91542d9059940e4b610f741cb9c7a86b4aa0b45a7b38450b6ea25070f98e70bb7833aecd1834a8e591bea207ec55d403c76213bd9f700ce25adb265ad383c443ed7a87a57d7e5c6495c32f51ae0cc8784352cfc56f2029cdd323393a153193f41f0408cdcd5b344d20942413bd97c3b0c04ab584f685b0e796ce9b5a0cf64441f00ee7586c62fe8442d522f7c6e3f314f84d557039b9":"010001":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"11d9e77da9c83487f7de32110fb0ae0058d86f53e2f6244af9f59acefa90320d6514936534679c836b499cccf1dac6fb9e5cdf0c953b3a5ad44ae60409502694a7c321e33ad3db37f8ab64af98f350e1679966c198d19dc5db5a44463203802a006ffbc06315dbebc48af183ad0333f8da166d3892c033d338ac1a5d1db22815":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"1d85cec0da1a74825ab796480c6e1235808387106ac1411d68f313246c65040111d74a9a45ebae10ac7686fddf4a340c4f9d24685d708bbf7b0ab4563794f5f90e0405b5d7d56c998e996b8bde2b022ae45fecf29a21836fcf362042e77e13cbf67b8a4da3f1e378dfcab2143aa8b9a145c2ee7d593e31626baa47fe623a3c3f859bb63e9336e11c5ff398a6597623318e098230b09e553ba0a4257692a0bc0a1ce1c17b2d541b52d134627229c141d351c16f1bdfe33384a9e163ecaa13e2fa":20:0
+
+RSASSA-PSS Signature RSA-1536, SHA-256, Salt Length 20
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:1536:"d3bde85f8718388de38c7e157c7200366224fd446ab590fb31dfd8135d3c561426b9966c164912bf0cd6537e877d59bb21fa3d3c5a6115ce971018db6be1033f14a4bb5849ccb070eb83838394e9d0851f3a33c43f48935a01c31c6fea72a6dd":"c342842ed13979fe948de3d31c21e5d4407db5f08524a1d04221500901e44b95274cbb84d80575ef1514332e27b0244a4154a8b561125439772a3d2fc9db73f19679cb92f9c5b5388154b0180aa339ff0bbec819da8a84d2bb617542cf097a8d":"a180ac4b5186df0b7b1cb7a95746a5af411efa16d1aed12468de15b747a0ff32c215dd08a99287b7788e91542d9059940e4b610f741cb9c7a86b4aa0b45a7b38450b6ea25070f98e70bb7833aecd1834a8e591bea207ec55d403c76213bd9f700ce25adb265ad383c443ed7a87a57d7e5c6495c32f51ae0cc8784352cfc56f2029cdd323393a153193f41f0408cdcd5b344d20942413bd97c3b0c04ab584f685b0e796ce9b5a0cf64441f00ee7586c62fe8442d522f7c6e3f314f84d557039b9":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"b1e973f21303aa0011d416642cecd45511549b45bd22f910e44bdf7a94b960d8169db60d150786b801b465acb6269aa159fa2529837701e5a263a7f89c1ad3bcb5e18ab4b2775cc23eede79a8eb89c774105c60d8a4cc7be9028a5101566c65f565bf8cf337bb5859028a417fbc862408f1a83d918cad4047843e3ab49c4c229":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"8eb2ba2367b8f0b36b566c938b4d9948b4a0a87dd1c8300a160ec024ad0fa37174d1bba2ae6ee8c7fdbb4d172ac9615f1428599030a33515e2925a268b87c867242ccddcce6c9c03045eccbfee5eeb6e0ce2d89a9c51f40c1732927a6c7d283627dd87eca27270b117e658a3cc9d2ca7da46a76097213a7f3e2a58d7c9d306e796eee94809042bc6768d6cca4e003a40529bffa267914a232f315ddedd2768c60877bdcb05c8f2026179713084a0daf8b494959c347fb65a4414034d21c7a750":20:0
+
+RSASSA-PSS Signature RSA-1536, SHA-384, Salt Length 20
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pkcs1_rsassa_pss_sign:1536:"d3bde85f8718388de38c7e157c7200366224fd446ab590fb31dfd8135d3c561426b9966c164912bf0cd6537e877d59bb21fa3d3c5a6115ce971018db6be1033f14a4bb5849ccb070eb83838394e9d0851f3a33c43f48935a01c31c6fea72a6dd":"c342842ed13979fe948de3d31c21e5d4407db5f08524a1d04221500901e44b95274cbb84d80575ef1514332e27b0244a4154a8b561125439772a3d2fc9db73f19679cb92f9c5b5388154b0180aa339ff0bbec819da8a84d2bb617542cf097a8d":"a180ac4b5186df0b7b1cb7a95746a5af411efa16d1aed12468de15b747a0ff32c215dd08a99287b7788e91542d9059940e4b610f741cb9c7a86b4aa0b45a7b38450b6ea25070f98e70bb7833aecd1834a8e591bea207ec55d403c76213bd9f700ce25adb265ad383c443ed7a87a57d7e5c6495c32f51ae0cc8784352cfc56f2029cdd323393a153193f41f0408cdcd5b344d20942413bd97c3b0c04ab584f685b0e796ce9b5a0cf64441f00ee7586c62fe8442d522f7c6e3f314f84d557039b9":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"b1e973f21303aa0011d416642cecd45511549b45bd22f910e44bdf7a94b960d8169db60d150786b801b465acb6269aa159fa2529837701e5a263a7f89c1ad3bcb5e18ab4b2775cc23eede79a8eb89c774105c60d8a4cc7be9028a5101566c65f565bf8cf337bb5859028a417fbc862408f1a83d918cad4047843e3ab49c4c229":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"9fa4e64bab336017e19015ee7ea1e267bf426633fb2ac5f4d65bc754aba17f7a9f0f1ee2bf0a3b9f2dd354ed8eba596f5ca3e26495ef268658bd247474d3524b11a2953f591f8abb14ef4bcd44dadc36a41f9daef1bf88b7e441160278c8a39945524557b84ce5cdcb79eecbad63658e8470d8dc94b44aad1f04b05400ea04e5f959dd18f6f718311f6dfec98a7e1aaa7ba11771f61448b12d7901a2530e830dccc531fd0dbe222215b3f7b9dafa5fc20d5af15ab312b621d71b2106150a801b":20:0
+
+RSASSA-PSS Signature RSA-1536, SHA-512, Salt Length 20
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:1536:"d3bde85f8718388de38c7e157c7200366224fd446ab590fb31dfd8135d3c561426b9966c164912bf0cd6537e877d59bb21fa3d3c5a6115ce971018db6be1033f14a4bb5849ccb070eb83838394e9d0851f3a33c43f48935a01c31c6fea72a6dd":"c342842ed13979fe948de3d31c21e5d4407db5f08524a1d04221500901e44b95274cbb84d80575ef1514332e27b0244a4154a8b561125439772a3d2fc9db73f19679cb92f9c5b5388154b0180aa339ff0bbec819da8a84d2bb617542cf097a8d":"a180ac4b5186df0b7b1cb7a95746a5af411efa16d1aed12468de15b747a0ff32c215dd08a99287b7788e91542d9059940e4b610f741cb9c7a86b4aa0b45a7b38450b6ea25070f98e70bb7833aecd1834a8e591bea207ec55d403c76213bd9f700ce25adb265ad383c443ed7a87a57d7e5c6495c32f51ae0cc8784352cfc56f2029cdd323393a153193f41f0408cdcd5b344d20942413bd97c3b0c04ab584f685b0e796ce9b5a0cf64441f00ee7586c62fe8442d522f7c6e3f314f84d557039b9":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"7224091b8f68b00d49d2ef1bfc5ca7352e852aee73a346768f7b80c8db0f9d24eab767c06b73adbb51808c523229ed56ede04fdd908dc73979264426bb801847c365b4d43be6b38d2ef21bf26d28dfb532eaa87004b3d494daaabfa18377429d45557abfc568cb6b265224637501843b45cabd0d96bc786ffc2e79a2fd9b240c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"32e688063ea24ccb2ca998fb7091877c103ce6576b11a175bc896af454042a5731b91c1c58b4d8e38f0619f6ddc8ced6b5397545f9571a4c90767593d11c00b75eb58a0ae4932265f0ab1790be2c83dff65357a301b3b3e2ee2e3683afe0b4b35ee8b6e58a96b4009c98d8faba75f86ffb548f0501884f3528d8eabad353e28d0132c4c01fa3af5dec922f02eff22020481615e4cd35b9eccfd711cb3b0d65af95c0637d79aaa2433f2854de3560adb284248bac8cbd4717317011a5159c93ed":20:0
+
+RSASSA-PSS Signature RSA-2048, SHA-224, Salt Length 20
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"e2b81456c355c3f80a363a85cbf245e85a5ff2435e5548d627b5362242aaca4e4a2fa4c900d2a9319eb7fc7469df2a3586aaa4710e9b7362655c27a3c70210962391b1032dc37201af05951a1fc36baa77e5c888419ab4e8f1546380781468ea16e7254a70b08630e229efc016257210d61846d11ed8743276a5d4017e683813":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"cd1fe0acb89969ae139c178bfef1cc982993521b3a020ec847c89c0cc6c869d970f43f018d495b9e991457e7501a344c33c376fd2efcf05ad6eb2bd0b3c0e7cc3c88a4124398ca16585490a0817a36149cc82cdc01b20e9026261215dd06f9db4e13613c6a569c2187a0e00bc63c281149433ac7f061bd218e79f8eca9dd9c93ebc3cc013bf27aa0bf286e124593e76d3c7012f97ae1d0c4bf5823cf17fe76d505a54cef174add58ae616f47de825049e9916bf2ab7de4d443745763b0c314cfae3a6e57ad475cc5fae47cddcad7b526c2154a15f9ee8eab02f4c36f7a41d7a19b23c5996b627270ceb2c0dbed1a6b6dd2ff94868e073cb7b1a1fa3429e487ae":20:0
+
+RSASSA-PSS Signature RSA-2048, SHA-256, Salt Length 20
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"cd74ae6152d5fe5ce3d9073c921e861a24208f0c68477f49c825338e1ef877c0c977c1d2ffcb20e964db6fbedcccce449ec8538c8bfffce5bdece84762dac7f2cba69052c0c67226178a0ce185a2e050b3e1057e94411dd5f726878558e7d62afc8a81a93dcfdb5a2271466d32a8a4868af20fab2e13ca609d5a7710a8278aaf":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"6375755eff8d48afb3263b3b96988a2afd181ba061793ea009783bb1599d03944d987620a2668ac9714d6f2a21f7e5200d63923f42cb32e63301c8de58c70a203910640da967d03f4f6292f6cb199759822790c0c5bcfb1d4faa59465c3db2ea1fffd5e543335632b74745bf1e18473c0a8b4a89def6b27edf0d7d735ee13f887041c9d8a91e62186a9a1e0b1afb48e577f6887ca61b7c1bb26b4a8e2cc464a9af03444b3da5bed08b73f1262bd3d61f4c78f49fac6a3bfc9e8548b4bbe64cce6a6090fc480efd1f36c18c10bc09be9d957a79f707a10577a1bf6e9e2d4849693fa58d8877c8f1e55181955d6c2b94b1d6d9401b5fb80cc32b358934fec2aedb":20:0
+
+RSASSA-PSS Signature RSA-2048, SHA-384, Salt Length 20
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"4d41e81fe7729b79c1703ef84bfc5e842050213c31b188b02044f151ea22e026c9aefec05927626ff97910b67459bffde190e086c797dba285659c25f1854e17406b66ac2608e4763d9cd5daabcc1dc100f4738f5dbead59dbf43e532a92fd87792028cd963ea8f75781964c387dff384523e4413b4e853dea98e0c2dd7274df":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"b43d87deefa7df127a717f4065f831c58cd84bf78c916ba52ed32769abd541df52233b8583507c539b1d51e0437ab1a41e17fc1599b92aabdb5b040dc79027c60c9cc3ed3de36aeea28f20360635be5bf654d6c1b7fe6da77d0c45b9ea2802ad22eba182cbed95d33da7f78ac844f4891cebc0396caa2f8daaf55254fdafe98b5fe6c4dd3967d23ea99497060820e108e818cd0aa94e65770bde892c62233b96d87fe545162d6ba077f110274bddacb2a7cbf17d437bfe004b34c3ea24fb46e5ed9cce4de96b0694efd73832ec76e19e5a25c49c5843393ce6b919ea35e4d264e0a0855f518a63c008c183798ca612cd8f75688a09210413e0a23cafcf2d4158":20:0
+
+RSASSA-PSS Signature RSA-2048, SHA-512, Salt Length 20
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"252433d4b72a33e1aa444aa9680454e9cdab208637ec2173dcf366d561a6cc65a82b7316e9aa6ef90454bf5d15a4823a49e468d0f1f4678bd547b02acb2ee22088597d3ab59a998346edd86507b6991077496e20daafd1798aa812768eec94446db6398844831b4817177d0865c20133ffe11bbd1aa7c507a21e7403d1684b98":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"2cdb0d5ea5f0aad1f7af8108bff56eec5c0dcd0522c5dc6ae4c6e0f66821cdf698ccfeace65fd6e47f95febd879e580e5ee648972cc265f9a117fc720db4f2545a432eae24a367b0aaa70a011ac8fdec94a95c3cd48cfa7102de8dc26c877e974688b3919de6cf06e27028995ac85da88cb3851a5761e17f215e5c593e13e481088c7d747ecb34d3ce61a5b56eb2a65be5363363294eb365f83c4c709644d857e2ccb14a5851724420fc81178144ef3f9e1138b5750eb7196eba3319d799c3494a7e399115a62b1ca4f1d5da079b495d35fd651a1de78d54000b06bdd3122d7404013f2ed8fdf8a7d012f9812b8e4c2e0b24192d5f899d70a3cc5c7e08c81be7":20:0
+
+RSASSA-PSS Signature RSA-3072, SHA-224, Salt Length 20
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"1e4f71d67b8041845a6741a2e84b313f035f04d64e8c922e84718d7f0ca9b6d6ce4c50ba46b8d510d691e93c61068c89155693cb8893594307a7b2c22b942011ac004a917af0a91f0ad4853aeec42068a90931d5c1df933e16793f0d714678c6607345a142b124799e38fde4b90b55a4677ec43e21f6a9e858f11ca8094624bb":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"7171c74df24272dfe6b34db78f24507a68062bd791f68796d5001be354de6fddab81e9252e151884f4cc1f3cd3e7760e263c0c34e63c557eb32c8336e0cef40855c5e279dbba3170da5a14ac60e4cc8d402633a383b88709f3306fb02708e39f3039e7e614edcb89609c8c71137de5211659a41e9e5682cfe0463f3bc97558d3bf77bd798976f09db69153123923835ac9bbd7648c2773e38b5228640fde6df005e9f44819eca31f41ccddbd45d61ae7e1ed0640f0736f52bf5fc1c62f5430de6a96d5aabccfcfef508ac299c7f3f0f7d222ef1f19b288273690b3275b68f874301afa95d243316284ed117bded69da11f5ce1435dd67717bae82ed468ff1b6ac7f2483397d310ffe91775189f671a82b493039d8c233830d20e290bc9be880a47f0b36bf2e1da2c1f23dafeb9f42d9f084feb808a98e894e8501937ba932594a6d202e20a0afddcef8fa48c1682d3179edebf8ea44ea1216a2f55c305cdf487249010909fa8a21d9ba9e3dbbeec046a823922390b7d902d77ec176bb447b05d":20:0
+
+RSASSA-PSS Signature RSA-3072, SHA-256, Salt Length 20
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"e2f6dfa5014fee6b1b04108682e85619ded7c4647faf4ae8f19cf6cbd199677fe033859f56906f1979b1b5926df4c8064eddaeaf7c15fa2936b3fcd36bbb3578cce40d2f269fc97fef54b7c71fefabdd419baff6c9cdf7c6a88513e81ed1687fcf92e11e1a82e2e5a6767eed3de1e9e7de9a30ff0ddf27076e99a3d192e1eadc":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"3a0622ddff5a0c1f5b545d684054e46211786a2e40627e0cb6795ea0d176f3c97e6536fb64c5eca7b28b7ac52e48e3d50b916d2fccb87d70cd8eda7c15c2308734254716e5b400592cc2e5e033ba27866cb14fefbdcbc35d5d85d4eee8ba6bc2da995e8ebcc27d50c48aa988bf45fde27311a9e2ec029d0fa6fa6d3efea460fc1a90e443d807d209a4c06bf3022d529ab2e4a877325fcccb3f86ac16200ab95628bf0c1c8c70f6fe1a9f288bbc0162a392f40ad1109cdbbaf03d9b2d514a60983874350be9aef886c3c481a66325f137aecb4c82a8a73046dbc1dd8598ffbdb828a3d638f9dd8139a768dcd8d30d79740ef345c1644d03e6fb86a46367f6d82a7a819057ae490e1b100b5842ed385845f379101e37ce604531c61de423df66200d45b7229662fd0ec3572593b09a5213ec14c1d7b2338ca9c763c0d18946f04eaaf57ea2ebc79e093f2fd4c64cb1c1a7f0e888dc2d87a15eb769f56dc180cfe1597cc3e4e1811d4e27852fa188c8fec4fc917d4724d33ce5f3211895cf7e8b8c":20:0
+
+RSASSA-PSS Signature RSA-3072, SHA-384, Salt Length 20
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"692acaaf5e277cdd4b3fdc0a1ff1785bfd28a3a8ec1bc97fd072ff6c99aade77baba92efdcf72e66d43542fdd32fb0e2dd29bb167dd36174b671ebef3c39c21be5fc84ef5a0957c9124f7eb281c12ae38cff9289413245c6c537bff88d013b3dd138c9373e26a00cecd4b5b18f708d69f1f24f88a0001d7de30ea40ff3c9f2e7":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"3f90aeabfa9a5f00e241f3f65dfe61baf67c1356353042c3566edacb11c7649737e5adf94cfb05f2619aecc8895db45190fbdf35dab01144e207b6f0923927a6148d3f16eaad05e73bccb562dc087e2d82db3dce130a83e8303bd7c3447b3ae4d3700d4763ba6981d82618ac82a6e66423f294781a59b20cc978c79e2d5c103bfb9d47119294c3c85b1d3c45a36897d42e183514cc8edbbfa1be9ef17b78280b5b6214dad79d60db057f22506515b6843ce7d4dd6bd861a889b36164c325147baeed714d7a3f55ae51ef6e6d4ae9e862d677caba1a2df369c23d3ffe33dd42fe707e1fd8ba6283aaa0b570353b48a8e39ff72a09f700e024150ce87c044a3ec745b212ae81aa5743b981a8bb95deb6b3e15c2487f7900178d5840f8e794662706dcdb19bc0bdd56cb7fdf0e21d10b03adac41b749f31bd3e7c4d07d5d4ec8e79d424812b6e83f1c7b59779e58029f9b07da3e77795fcff6ae8bb098b1c00d1d2a5bc0cb005ef3d8aab63ddd883d38bacdc64307e911c6e51946744f361fe978d":20:0
+
+RSASSA-PSS Signature RSA-3072, SHA-512, Salt Length 20
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e990c8835f18b18562323ba5096a4e7b99bd84899e5cdd1f3badb47cbf93f13678ef81dccc6703d98566c49b6d63eef51b67fcc20cc971ccf63ccaec580db17256a573c6c455b4508153629606ffe7a43e6ba3b1991b99ff5c0968033bec7ec629ba888b6f6c2cb2fb01fbdcfbc5a150abd35f9e6bd9bc82151b770a8dbbbffb":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"607b7731ecb232f9b8e9ea03be28cc1e948acc3ec12a1222ba0f63935440c3effeaf460d7066d260d174d0ed18a9193550000c2fa0119712fb1ab1e27b4e6f5f84be9b63a1ede17a01174060e2d9e46121cc5d10515a342a26649539341eb1b44b82e346a0102e7ca45be3149b5f1444bd7fdf43da441c59deb37da9a223bcd7a8244237bb5404ea532eb470e80891c0fe9403d12734100284e99cfd96de2ab4058529d91bf348c6cbdb7fcfeea3f9925e93efd6adb3ef6946008738f4577a49c42ac0203a2d982fd77cb421ae030b81b97dd04490605179626903471cf68835dd5e4ac41acfe54e048878df89db9c2de5f1e822266c325e0be0991c7f18cd3de4b2110e14f56100e45f8ba19edf917150c2074f379293f73cb587ff77ad63e4cbec9eeaed77ca90261b2813ae8e6533b09b223a68abe2beeec888088ff91fea5c63de3b55238aef018c368f98651572bc7b8cf3d14c15b24bb5534ae07a6c4c9d5ecd0b86961b550859036ba6fa8e50d06228d89bcc943581b26e302795d1e3":20:0
+
+RSASSA-PSS Signature RSA-4096, SHA-224, Salt Length 20
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:4096:"f00102d29990fb36bf66dcab57fa4e05745e307c031fe6acb86df4e0487bcb8fd929e227b6e1090a48befbd642f432ea1b6cff26c1aed9f18c04f68170dc1857786faa086fa00b43e0272a1042ee53566cbb48a04f109420e3501cf56222f7a9b51a7ffe2b97a8ea71e791e0bfb259514f953473130dbe41a7978fc385150f8f78748b90538c8906e24759ce2106ede4ac40eb26776cff5abf227673407d0910a9c3f6464d48569f1b8faa62d0b3b7156b059441e1f701751339fa8dfd218c343050e8a88293b6be0407ab2534815eee742c574cbb7469998b23439a23ca4104f563883f5a35ab88d789dcba4073aebf2e1855abb839908874c1a10f150d56b7":"dda4491b56bdad20f032c8a61bc326995ee7353c3f1b4c1e677aeb4b028e45bf6566fb20f3e82bac4169a970787b8cbafb06edd24a9bebe52704f242f7203ec96aee9a9f5ee76e270191f82e3651da663b80d51688c2d40ffa932ce2302322503664ae0260617e7b79d13e4a1dec1784647d7571c1390e86294f20937740f93e0ff1bdb0c1ff648ef152022bf5f54bfcbf24564cbca7a130fb5f56be921fcc7a3ebd51114968274ab13bcc3986137eb6949eff0d42b596f7baec56c94a67a2ec0aeff18dc044cf9500b525dc98efb9992b13f81e1b0bf4c2ac1da91e67c0847cbdaf268ced549c2febd08b661140af9bf45458d13d4717eb61de86b555856ad5":"cfcae49f88b80dc12186d53c57162dbecba6e348094f9fb3743e39d99d5355d87e3efca9d488d39d705671e58634309cbd7cf53fccd52d9a84edb99ffdad0680e9ec826d625728370717b39321c7d4b6882785cf6884275f6c7b6d681bfa710593679e99b67d5bc28121dd603617dc8cfdb2557c2a04533893f593f0f7e59cbe6d46623d22642a7161a4c685b293c7edcc9aaec48e3810ec74a884a41108610d000b591fbf5da44b5501e63781264edf3c73706321ecf44d0e14b5932a2d69ca3d180c5cee86b4ccad850c766e0beb5f20e6b142055d551aeb453bd099eac67eb92cf13e34ef0d0e34fc599a6e5d4d14f74e08190c66c66ad3473de9ae8f53dd2c1c0c41f4b4a8d4690f4b77354c76e05ab76b7a6c7c9edf0955fee799a2bb42c86c6a06631398d38cceb71ec9aaa9a0fb83850f62342f3f781f9d453229b1a709bbce83a44c225ebffd4f518f94a7935f4669f65d02ff3defbbd1d5efd9191365808cdf9460371ede1eae735af03f21431239d5cd57cc0cc88fb3965d187eba98359409aaa944a7af8e85e20b67c43c82e78fa967fc0d629bcd7483d17dcaa25915571a15c3f0c730e81095139d71a28858dd9d83b65bf9c9273a8a40b12a2c87107a71f984818f7dc766374d31b4c3a1d284adb2a17f8ac85dbe3f58cf78b14c0fdce00a79daf348aa0557290ef5f9dd305c15fa73d40c6822b75fda13ec43":"010001":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"11bafee5c6534fe14d973d2f60a674983434ee03ace7c4f1cd00444b723e455d40ffb722dda97ec25d488159fd79fdfa148620f446d2d353fb78d7aa0f2f1310cc712c6915dc57e7e3d86bd0f67a3b81c4a822b3b67edffd93f1a39a3cb2696d9b558642d6b38157c88d241bb172d3352ce21dc862b391f57eb4d3a26191ef7a":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"3742d8a9627e2e10145c31a3548977f87f8019b1d9093c42f806c8df5ef7fad8330e2a05846c346cb64d9e8af2cd3806eb0df40cd097b3f8841525786ed53746498aa565f8945cf55e24944e8e3d86eb219f65c3385e1e7d45fe3a403773f3057bf22839d5903cd64c95a417c00b429ee068f0fe8ec17305a122979cabee8c3ad31b597da7c71fa1db3da842f7f7048f4396e1768197ccd84c5d9a0450d66f0bc88da7605cc8cdfe52bce60793704dafea504349ff14c481bea73dd761c848387d12f2d1b9227a959fec8b9eef0e9780cb6a427af946597d7e6059a07d50e878d7ae14eed8b571ac88e1c5d1a00d16c0de1c5148ec5781036676c6355e0cbca06346eebaf6c7de938cedd47a244f908ba1189bfbd97bd2667e8eba95e007a64b165dbfc4bf35878cd606732fd469f922ec141e5bc6a7d5c1875233cff612d336c28466c271764ef94e9c07e701923f1f68f39e2f003487dbe41d5505862eb4e90402e50f7b3cb918ef3eff893d0f00b203e2a511cfea4ca54c043ed0598d022c947cad5129fc47f5e79db97a0eea5afd7bb801a367a7bb8d929de1c12a54865e1e183ed926bb8da9d454c7a52b30cfcfe9ed3479799276f4a65b30f430e61fcf520e46e4eb9bea59ba064e7c9c72c9b58bf4ff633897d3ea46d989cec31ce4fc32e46e5a3d1805c35a30b387fb77afe20dba19be37252e40b252d346b69d3cf2":20:0
+
+RSASSA-PSS Signature RSA-4096, SHA-256, Salt Length 20
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:4096:"f00102d29990fb36bf66dcab57fa4e05745e307c031fe6acb86df4e0487bcb8fd929e227b6e1090a48befbd642f432ea1b6cff26c1aed9f18c04f68170dc1857786faa086fa00b43e0272a1042ee53566cbb48a04f109420e3501cf56222f7a9b51a7ffe2b97a8ea71e791e0bfb259514f953473130dbe41a7978fc385150f8f78748b90538c8906e24759ce2106ede4ac40eb26776cff5abf227673407d0910a9c3f6464d48569f1b8faa62d0b3b7156b059441e1f701751339fa8dfd218c343050e8a88293b6be0407ab2534815eee742c574cbb7469998b23439a23ca4104f563883f5a35ab88d789dcba4073aebf2e1855abb839908874c1a10f150d56b7":"dda4491b56bdad20f032c8a61bc326995ee7353c3f1b4c1e677aeb4b028e45bf6566fb20f3e82bac4169a970787b8cbafb06edd24a9bebe52704f242f7203ec96aee9a9f5ee76e270191f82e3651da663b80d51688c2d40ffa932ce2302322503664ae0260617e7b79d13e4a1dec1784647d7571c1390e86294f20937740f93e0ff1bdb0c1ff648ef152022bf5f54bfcbf24564cbca7a130fb5f56be921fcc7a3ebd51114968274ab13bcc3986137eb6949eff0d42b596f7baec56c94a67a2ec0aeff18dc044cf9500b525dc98efb9992b13f81e1b0bf4c2ac1da91e67c0847cbdaf268ced549c2febd08b661140af9bf45458d13d4717eb61de86b555856ad5":"cfcae49f88b80dc12186d53c57162dbecba6e348094f9fb3743e39d99d5355d87e3efca9d488d39d705671e58634309cbd7cf53fccd52d9a84edb99ffdad0680e9ec826d625728370717b39321c7d4b6882785cf6884275f6c7b6d681bfa710593679e99b67d5bc28121dd603617dc8cfdb2557c2a04533893f593f0f7e59cbe6d46623d22642a7161a4c685b293c7edcc9aaec48e3810ec74a884a41108610d000b591fbf5da44b5501e63781264edf3c73706321ecf44d0e14b5932a2d69ca3d180c5cee86b4ccad850c766e0beb5f20e6b142055d551aeb453bd099eac67eb92cf13e34ef0d0e34fc599a6e5d4d14f74e08190c66c66ad3473de9ae8f53dd2c1c0c41f4b4a8d4690f4b77354c76e05ab76b7a6c7c9edf0955fee799a2bb42c86c6a06631398d38cceb71ec9aaa9a0fb83850f62342f3f781f9d453229b1a709bbce83a44c225ebffd4f518f94a7935f4669f65d02ff3defbbd1d5efd9191365808cdf9460371ede1eae735af03f21431239d5cd57cc0cc88fb3965d187eba98359409aaa944a7af8e85e20b67c43c82e78fa967fc0d629bcd7483d17dcaa25915571a15c3f0c730e81095139d71a28858dd9d83b65bf9c9273a8a40b12a2c87107a71f984818f7dc766374d31b4c3a1d284adb2a17f8ac85dbe3f58cf78b14c0fdce00a79daf348aa0557290ef5f9dd305c15fa73d40c6822b75fda13ec43":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"466d2621acc8a91c729334f1ca433bdb5605058d4851f86cc8c217fb9625c996f0d0dc64b635c987ccb63a95c0bbc94cac020b815e37cd5ab7c59dbd51eb8d0864123303eb5ef413028383b093daa41831b4364544ee701d67c56bea0eece0096cdc34e6946cb128dea117288cc753a8adc08ec2429d691ea06b8768154f4d01":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"2e512f73d198e623afe019bd4cea9192ff8b24ab555099d31bd52d705fc808229a269bf749c8061a3dc7ffae9ef7c6bdcd8c34910f92f0a0fcd6d73017ca3388ca5e99a1735e005ff5d5eade3ec0ea0c2436f0e78b197c2d999ba4351b9e37a09195504b63a42762bea22d307a0328fc9c80acdc28fc8f4050e25fbd5890233028f97ea3a2669ff4d5f4232c1e48571499af28ed6f5a92e7936de39d913e12c5cef51e25f90a1e903f3f60a6a9cddbc56564b146aca6af6236b899c2cb7223a6941f0beaa3aa787b2333e4f3e66b334b99b90825153ebd0095f27691880f44e4e77135f26df376e261adfe0d8354cfa15b49138d624d9f62a9751221ee0598097891c9864ad3651e89723bc9ec6086f571e199619ceb6720ab5a4998254cb807dce75a5a5203d38a9f5d56adee4239ff50cefe3e927eba91de7e1f8e1ae8b0505c077788372af7d8ef00735cc531fd46dbe86702ac49171f0a921f4626442ae960e972a5594ee3bcbfbf687cd96ed300aa9df1b9487607b5bae0f1abecbc1d2291fe93b9f8a091ffac8469b0f00ba561f0628f5e004ed1fd8713650e147c4b2cab7f4d69a4ad57b145c1e5e4c1412e86fbbda5a6096f66293203207e35098bf94dafff75ed094d10e6034cd22179d94655004fa4bf4de774807b6f5cd27d90255468cf01db7b6f82607df597f72d1f9c9c91d17740a14a4816ae65e63fde480d":20:0
+
+RSASSA-PSS Signature RSA-4096, SHA-384, Salt Length 20
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pkcs1_rsassa_pss_sign:4096:"f00102d29990fb36bf66dcab57fa4e05745e307c031fe6acb86df4e0487bcb8fd929e227b6e1090a48befbd642f432ea1b6cff26c1aed9f18c04f68170dc1857786faa086fa00b43e0272a1042ee53566cbb48a04f109420e3501cf56222f7a9b51a7ffe2b97a8ea71e791e0bfb259514f953473130dbe41a7978fc385150f8f78748b90538c8906e24759ce2106ede4ac40eb26776cff5abf227673407d0910a9c3f6464d48569f1b8faa62d0b3b7156b059441e1f701751339fa8dfd218c343050e8a88293b6be0407ab2534815eee742c574cbb7469998b23439a23ca4104f563883f5a35ab88d789dcba4073aebf2e1855abb839908874c1a10f150d56b7":"dda4491b56bdad20f032c8a61bc326995ee7353c3f1b4c1e677aeb4b028e45bf6566fb20f3e82bac4169a970787b8cbafb06edd24a9bebe52704f242f7203ec96aee9a9f5ee76e270191f82e3651da663b80d51688c2d40ffa932ce2302322503664ae0260617e7b79d13e4a1dec1784647d7571c1390e86294f20937740f93e0ff1bdb0c1ff648ef152022bf5f54bfcbf24564cbca7a130fb5f56be921fcc7a3ebd51114968274ab13bcc3986137eb6949eff0d42b596f7baec56c94a67a2ec0aeff18dc044cf9500b525dc98efb9992b13f81e1b0bf4c2ac1da91e67c0847cbdaf268ced549c2febd08b661140af9bf45458d13d4717eb61de86b555856ad5":"cfcae49f88b80dc12186d53c57162dbecba6e348094f9fb3743e39d99d5355d87e3efca9d488d39d705671e58634309cbd7cf53fccd52d9a84edb99ffdad0680e9ec826d625728370717b39321c7d4b6882785cf6884275f6c7b6d681bfa710593679e99b67d5bc28121dd603617dc8cfdb2557c2a04533893f593f0f7e59cbe6d46623d22642a7161a4c685b293c7edcc9aaec48e3810ec74a884a41108610d000b591fbf5da44b5501e63781264edf3c73706321ecf44d0e14b5932a2d69ca3d180c5cee86b4ccad850c766e0beb5f20e6b142055d551aeb453bd099eac67eb92cf13e34ef0d0e34fc599a6e5d4d14f74e08190c66c66ad3473de9ae8f53dd2c1c0c41f4b4a8d4690f4b77354c76e05ab76b7a6c7c9edf0955fee799a2bb42c86c6a06631398d38cceb71ec9aaa9a0fb83850f62342f3f781f9d453229b1a709bbce83a44c225ebffd4f518f94a7935f4669f65d02ff3defbbd1d5efd9191365808cdf9460371ede1eae735af03f21431239d5cd57cc0cc88fb3965d187eba98359409aaa944a7af8e85e20b67c43c82e78fa967fc0d629bcd7483d17dcaa25915571a15c3f0c730e81095139d71a28858dd9d83b65bf9c9273a8a40b12a2c87107a71f984818f7dc766374d31b4c3a1d284adb2a17f8ac85dbe3f58cf78b14c0fdce00a79daf348aa0557290ef5f9dd305c15fa73d40c6822b75fda13ec43":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"344a458b48d68949ab0effd488443eb54ef367d74e005aec85402a0bb63bcf9ebd2f1b7b1f58f051e56faf46ab71f3def4a1801fc0d076f361dccbcd8a77f78fa929f1ac76985b89cc08f92ab91e680ad1e90d4ac7234b0e3eb3f925dc7713e8a041af64761f33bb09e0c6c7d9d304018dd2f6a18a7f4107c4ce9d5ad4c4896f":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"364ad106da2cec6ce94e141e16af855f6d6e31ac6d7bdb2649695645a3d7f176a9b55f60b861776d49077dcfda4db42bb584767606f90de7289e71f188ff139b138bbd24f7a7f50192a137f2c648e19fe78a836bd2a01d31b248857cd29dbf3d1251c2d4cb339f2ff78add26304fbc3e44f8a2f04b47dc754b984169fba4a091d70f956074880c709ee849a05f8f2dcffee09b221078e98b6e28a965a2d44fcde72c6b27ff0a3def818d80aaba17915d37ad1d72755548310062e73da15a8d2544b311060b404683c00394666dc3a890f60ec9d85b2d0fca8a76fc96c4cfd0e3c4a83594957bac42866c395f8feab3b40c9bc9a675f47a1cd62fc43ebe0fff2bbd239130bbbe5257c5c3756044eb2190db7a309cddc4ef410e9abccd0f93158e0edfab2f0a50e80d814a428f61c531b2b747e64feb41523c5802a53c374f35df21abe67a877d062f56a001b47ee6ab571b0bbe7141e0b49cfdc97a15dc19138863d140cc772074c12b3d751985b7852fe76932be1f44a165f4fe58a341d28c3f86924defab4cf2458ba4cc3fb92558511ceee6d91c672b24b8727b867132bf6b8d7af714ab668f06f046448c1e854ae98e59cf21f2b7370c9378ee0eb34b031f9f4795057557773af0f7fc18ddeec7e95c2ccdd5f66ed224d08fbdfb37995e87f4df9691e499d77afaa8d5b93f3275c43f69edbe37672cf192f94509df0a4e9b":20:0
+
+RSASSA-PSS Signature RSA-4096, SHA-512, Salt Length 20
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:4096:"f00102d29990fb36bf66dcab57fa4e05745e307c031fe6acb86df4e0487bcb8fd929e227b6e1090a48befbd642f432ea1b6cff26c1aed9f18c04f68170dc1857786faa086fa00b43e0272a1042ee53566cbb48a04f109420e3501cf56222f7a9b51a7ffe2b97a8ea71e791e0bfb259514f953473130dbe41a7978fc385150f8f78748b90538c8906e24759ce2106ede4ac40eb26776cff5abf227673407d0910a9c3f6464d48569f1b8faa62d0b3b7156b059441e1f701751339fa8dfd218c343050e8a88293b6be0407ab2534815eee742c574cbb7469998b23439a23ca4104f563883f5a35ab88d789dcba4073aebf2e1855abb839908874c1a10f150d56b7":"dda4491b56bdad20f032c8a61bc326995ee7353c3f1b4c1e677aeb4b028e45bf6566fb20f3e82bac4169a970787b8cbafb06edd24a9bebe52704f242f7203ec96aee9a9f5ee76e270191f82e3651da663b80d51688c2d40ffa932ce2302322503664ae0260617e7b79d13e4a1dec1784647d7571c1390e86294f20937740f93e0ff1bdb0c1ff648ef152022bf5f54bfcbf24564cbca7a130fb5f56be921fcc7a3ebd51114968274ab13bcc3986137eb6949eff0d42b596f7baec56c94a67a2ec0aeff18dc044cf9500b525dc98efb9992b13f81e1b0bf4c2ac1da91e67c0847cbdaf268ced549c2febd08b661140af9bf45458d13d4717eb61de86b555856ad5":"cfcae49f88b80dc12186d53c57162dbecba6e348094f9fb3743e39d99d5355d87e3efca9d488d39d705671e58634309cbd7cf53fccd52d9a84edb99ffdad0680e9ec826d625728370717b39321c7d4b6882785cf6884275f6c7b6d681bfa710593679e99b67d5bc28121dd603617dc8cfdb2557c2a04533893f593f0f7e59cbe6d46623d22642a7161a4c685b293c7edcc9aaec48e3810ec74a884a41108610d000b591fbf5da44b5501e63781264edf3c73706321ecf44d0e14b5932a2d69ca3d180c5cee86b4ccad850c766e0beb5f20e6b142055d551aeb453bd099eac67eb92cf13e34ef0d0e34fc599a6e5d4d14f74e08190c66c66ad3473de9ae8f53dd2c1c0c41f4b4a8d4690f4b77354c76e05ab76b7a6c7c9edf0955fee799a2bb42c86c6a06631398d38cceb71ec9aaa9a0fb83850f62342f3f781f9d453229b1a709bbce83a44c225ebffd4f518f94a7935f4669f65d02ff3defbbd1d5efd9191365808cdf9460371ede1eae735af03f21431239d5cd57cc0cc88fb3965d187eba98359409aaa944a7af8e85e20b67c43c82e78fa967fc0d629bcd7483d17dcaa25915571a15c3f0c730e81095139d71a28858dd9d83b65bf9c9273a8a40b12a2c87107a71f984818f7dc766374d31b4c3a1d284adb2a17f8ac85dbe3f58cf78b14c0fdce00a79daf348aa0557290ef5f9dd305c15fa73d40c6822b75fda13ec43":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"fc5b9da74a8afff53e53f7558b69fcad8a924d948cace26f6eeea2d96e71d6493cefdeee55ca22de8c504c70e93db5e6b7811c50d9449ead5d28e25254ce9590e09b16918ebc7283e66792f84164b38ddbcd17ca2912fa4a6d3fc81c87828d680ee8ad569f67d52b752131b63ae7e0ea1dfca5cc251cdf90c5bdbbfeb095a81b":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"6edfb6bfb20da2621e7ca0b8e13bfc3801d8bcb43ef3822be960b96a67d3e8afbbe2ef22e206b328ce99dd8f9758052d42a8ee93e16d8e160a50687e8ffce72d258610064ebde4c4cc2ab96c8e516ec2c1eed816c8e6ac537a0570c9eff81a38147bcd8f4747390676f9d755f613687ac59dbac14f69ca6e56a26727699fa11c200eb77339ead56fc6883acf9b92c6deb6f4d79f82ccdc493fedc6165f78c174adcf32941eeb237a4ae369dbbafb4553c98e413823f6f46da0d47d47a164b792aaf1324a8be4f01601bceb809f8c08f3458b1de2c6378cf93fb293212f6bd4a7b1fd1bfa14a1af29575a5ecc4281420179758e96b4465ec07f6cce4e5e5c2307d531e400e494725eb7dceb1d8dac1000d92f62f319534063c01aec9c6ec0c7675351f2883e462b0454db364f03700d6593c9be195fbea5800ebb81578c765409ac2c37f78fabe8783c5d324fa4dfabe4f192866e34037901615304237f08028a75f00a3904bea03219ef9dbfeb48d10ec59d481eb0429cfc9ae835cc578377e61023d5ceedfd3d0a05aceddb274c13782dda9299d6197519e14791208f8d86d63e0ab7fb42a1e14f8f37f49732e23d4b7d4f07cd0bc828649a12748e8d70f53683580bca87290992a349730370bbed6ed743e705759734872c54ff03c1a97037a7b9ee3c8c42d12c3ebe0c1bf3b42854d04a9177d1a24000bd388fa289fd77d5":20:0
+
+RSASSA-PSS Signature RSA-2048, SHA-224, Salt Length 15
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:2048:"e28da1aa250390bc8fd27d6f601830febbdd5a309bcd5d1d3cebda111110851563d1fb4d141e8129bf25721aa144b104b7c5adbb8540f02a7402788ae72c93c9f59d6d1bcf1541c3354b5cd3dcb91e35ed100d78857cf2ab6ed04b2dc1cc81fa1307bb18c635fdacfb7f656d0b4743d9f487048a8aaf5d5ec6fd09a01b28d4b1":"dea1faf22b760cbfa9ba11a486edd9b9faee04f22f15abfff5b2c079a2c932cfa641660da16213adfbbb568ecbaac18511031f428cd3ae4e0bf01928a1db6360511c26501c7bda7bf4fc4cc792d79efb86ec15ba2fc82aa41bce08e0807859a41b57e9e3f15804c81bf8ed017dea62e53489f955949651ddcb1da5297465ac9f":"c5062b58d8539c765e1e5dbaf14cf75dd56c2e13105fecfd1a930bbb5948ff328f126abe779359ca59bca752c308d281573bc6178b6c0fef7dc445e4f826430437b9f9d790581de5749c2cb9cb26d42b2fee15b6b26f09c99670336423b86bc5bec71113157be2d944d7ff3eebffb28413143ea36755db0ae62ff5b724eecb3d316b6bac67e89cacd8171937e2ab19bd353a89acea8c36f81c89a620d5fd2effea896601c7f9daca7f033f635a3a943331d1b1b4f5288790b53af352f1121ca1bef205f40dc012c412b40bdd27585b946466d75f7ee0a7f9d549b4bece6f43ac3ee65fe7fd37123359d9f1a850ad450aaf5c94eb11dea3fc0fc6e9856b1805ef":"86c94f":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"37ddd9901478ae5c16878702cea4a19e786d35582de44ae65a16cd5370fbe3ffdd9e7ee83c7d2f27c8333bbe1754f090059939b1ee3d71e020a675528f48fdb2cbc72c65305b65125c796162e7b07e044ed15af52f52a1febcf4237e6aa42a69e99f0a9159daf924bba12176a57ef4013a5cc0ab5aec83471648005d67d7122e":"463729b3eaf43502d9cff129925681":"7e628bcbe6ff83a937b8961197d8bdbb322818aa8bdf30cdfb67ca6bf025ef6f09a99dba4c3ee2807d0b7c77776cfeff33b68d7e3fa859c4688626b2441897d26e5d6b559dd72a596e7dad7def9278419db375f7c67cee0740394502212ebdd4a6c8d3af6ee2fd696d8523de6908492b7cbf2254f15a348956c19840dc15a3d732ef862b62ede022290de3af11ca5e79a3392fff06f75aca8c88a2de1858b35a216d8f73fd70e9d67958ed39a6f8976fb94ec6e61f238a52f9d42241e8354f89e3ece94d6fa5bfbba1eeb70e1698bff31a685fbe799fb44efe21338ed6eea2129155aabc0943bc9f69a8e58897db6a8abcc2879d5d0c5d3e6dc5eb48cf16dac8":15:0
+
+RSASSA-PSS Signature RSA-2048, SHA-384, Salt Length 25
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pkcs1_rsassa_pss_sign:2048:"e28da1aa250390bc8fd27d6f601830febbdd5a309bcd5d1d3cebda111110851563d1fb4d141e8129bf25721aa144b104b7c5adbb8540f02a7402788ae72c93c9f59d6d1bcf1541c3354b5cd3dcb91e35ed100d78857cf2ab6ed04b2dc1cc81fa1307bb18c635fdacfb7f656d0b4743d9f487048a8aaf5d5ec6fd09a01b28d4b1":"dea1faf22b760cbfa9ba11a486edd9b9faee04f22f15abfff5b2c079a2c932cfa641660da16213adfbbb568ecbaac18511031f428cd3ae4e0bf01928a1db6360511c26501c7bda7bf4fc4cc792d79efb86ec15ba2fc82aa41bce08e0807859a41b57e9e3f15804c81bf8ed017dea62e53489f955949651ddcb1da5297465ac9f":"c5062b58d8539c765e1e5dbaf14cf75dd56c2e13105fecfd1a930bbb5948ff328f126abe779359ca59bca752c308d281573bc6178b6c0fef7dc445e4f826430437b9f9d790581de5749c2cb9cb26d42b2fee15b6b26f09c99670336423b86bc5bec71113157be2d944d7ff3eebffb28413143ea36755db0ae62ff5b724eecb3d316b6bac67e89cacd8171937e2ab19bd353a89acea8c36f81c89a620d5fd2effea896601c7f9daca7f033f635a3a943331d1b1b4f5288790b53af352f1121ca1bef205f40dc012c412b40bdd27585b946466d75f7ee0a7f9d549b4bece6f43ac3ee65fe7fd37123359d9f1a850ad450aaf5c94eb11dea3fc0fc6e9856b1805ef":"86c94f":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"833aa2b1dcc77607a44e804ee77d45408586c536861f6648adcd2fb65063368767c55c6fe2f237f6404250d75dec8fa68bcaf3b6e561863ae01c91aa23d80c6999a558a4c4cb317d540cde69f829aad674a89812f4d353689f04648c7020a73941620018295a4ae4083590cc603e801867a51c105a7fb319130f1022de44f13e":"b750587671afd76886e8ffb7865e78f706641b2e4251b48706":"2ca37a3d6abd28c1eaf9bde5e7ac17f1fa799ce1b4b899d19985c2ff7c8ba959fe54e5afb8bc4021a1f1c687eebb8cba800d1c51636b1f68dc3e48f63e2da6bc6d09c6668f68e508c5d8c19bef154759e2f89ade152717370a8944f537578296380d1fe6be809e8b113d2b9d89e6a46f5c333d4fd48770fc1ea1c548104575b84cf071042bfe5acf496392be8351a41c46a2cab0864c4c1c5b5e0c7b27e7b88c69f37ffa7e1a8cd98f343ac84a4ad67025a40ed8f664e9d630337de6e48bb2125e2552123609491f183afd92634487f0b2cf971f2626e88858879d45a29b0fefb66cd41b2e4e968385bd9fc8c7211976bc6bd3e1ad6df60856985a825f4726d2":25:0
+
+RSASSA-PSS Signature RSA-2048, SHA-512, Salt Length 30
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:2048:"e28da1aa250390bc8fd27d6f601830febbdd5a309bcd5d1d3cebda111110851563d1fb4d141e8129bf25721aa144b104b7c5adbb8540f02a7402788ae72c93c9f59d6d1bcf1541c3354b5cd3dcb91e35ed100d78857cf2ab6ed04b2dc1cc81fa1307bb18c635fdacfb7f656d0b4743d9f487048a8aaf5d5ec6fd09a01b28d4b1":"dea1faf22b760cbfa9ba11a486edd9b9faee04f22f15abfff5b2c079a2c932cfa641660da16213adfbbb568ecbaac18511031f428cd3ae4e0bf01928a1db6360511c26501c7bda7bf4fc4cc792d79efb86ec15ba2fc82aa41bce08e0807859a41b57e9e3f15804c81bf8ed017dea62e53489f955949651ddcb1da5297465ac9f":"c5062b58d8539c765e1e5dbaf14cf75dd56c2e13105fecfd1a930bbb5948ff328f126abe779359ca59bca752c308d281573bc6178b6c0fef7dc445e4f826430437b9f9d790581de5749c2cb9cb26d42b2fee15b6b26f09c99670336423b86bc5bec71113157be2d944d7ff3eebffb28413143ea36755db0ae62ff5b724eecb3d316b6bac67e89cacd8171937e2ab19bd353a89acea8c36f81c89a620d5fd2effea896601c7f9daca7f033f635a3a943331d1b1b4f5288790b53af352f1121ca1bef205f40dc012c412b40bdd27585b946466d75f7ee0a7f9d549b4bece6f43ac3ee65fe7fd37123359d9f1a850ad450aaf5c94eb11dea3fc0fc6e9856b1805ef":"86c94f":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"5f0fe2afa61b628c43ea3b6ba60567b1ae95f682076f01dfb64de011f25e9c4b3602a78b94cecbc14cd761339d2dc320dba504a3c2dcdedb0a78eb493bb11879c31158e5467795163562ec0ca26c19e0531530a815c28f9b52061076e61f831e2fc45b86631ea7d3271444be5dcb513a3d6de457a72afb67b77db65f9bb1c380":"aa10fec3f83b7a97e092877a5bf9081283f502a0a46b50e395ab983a49ac":"5e0712bb363e5034ef6b23c119e3b498644445faab5a4c0b4e217e4c832ab34c142d7f81dbf8affdb2dacefabb2f83524c5aa883fc5f06e528b232d90fbea9ca08ae5ac180d477eaed27d137e2b51bd613b69c543d555bfc7cd81a4f795753c8c64c6b5d2acd9e26d6225f5b26e4e66a945fd6477a277b580dbeaa46d0be498df9a093392926c905641945ec5b9597525e449af3743f80554788fc358bc0401a968ff98aaf34e50b352751f32274750ff5c1fba503050204cec9c77deede7f8fa20845d95f5177030bc91d51f26f29d2a65b870dc72b81e5ef9eeef990d7c7145bbf1a3bc7aedd19fa7cbb020756525f1802216c13296fd6aac11bf2d2d90494":30:0
+
+RSASSA-PSS Signature RSA-3072, SHA-512, Salt Length 62
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:3072:"dd553696db8ccb107609b8917e688bdd8373a8926bc9d114c1c77f7958070e236ca1bd2025ded59a71093b63afbfce39e92bde9ffca983959e7c3e18d75650612258c24eebb61a1b4a68603a2721e3e2483d6da27475a228b1341c78f140948b5c922822ccaed76dae338dddec1e4c5c34b9c53f34a09ff0b2b61a62254e73e6f0ac8013edc2cfa7ecbeb86fcc7309cb0f5b5eddb707af4b9337d34d672af413f3b6efd11e3b49c978f06a356f6f4e0ea50a90797fe32ccaa983547ff18ea167":"c1e3089e1bea1141638ca912da01c134f67231a2f737d97e28486e004a43e9c5592ff968ee18109fc71aa4c1a97aa88ece5c4734352bc0c1f67726bc4aac59c19301f23a705be5b3f7825fb284e58a950d795f63d18fe72231eaba9d6a5f90866f8dd34b2b0dfc132db8348efa5a62634e5584a788aebbf073ccb4f3e9f5cde8d0c2e831412485c7f8cf1473abffabcc5d51d8a2a87a22f39d1a250b3cb66d90c573669071aeba9b1080dc079243094a9ae0e5a62e4e8b653cb57f54f4eeaf3d":"a7a1882a7fb896786034d07fb1b9f6327c27bdd7ce6fe39c285ae3b6c34259adc0dc4f7b9c7dec3ca4a20d3407339eedd7a12a421da18f5954673cac2ff059156ecc73c6861ec761e6a0f2a5a033a6768c6a42d8b459e1b4932349e84efd92df59b45935f3d0e30817c66201aa99d07ae36c5d74f408d69cc08f044151ff4960e531360cb19077833adf7bce77ecfaa133c0ccc63c93b856814569e0b9884ee554061b9a20ab46c38263c094dae791aa61a17f8d16f0e85b7e5ce3b067ece89e20bc4e8f1ae814b276d234e04f4e766f501da74ea7e3817c24ea35d016676cece652b823b051625573ca92757fc720d254ecf1dcbbfd21d98307561ecaab545480c7c52ad7e9fa6b597f5fe550559c2fe923205ac1761a99737ca02d7b19822e008a8969349c87fb874c81620e38f613c8521f0381fe5ba55b74827dad3e1cf2aa29c6933629f2b286ad11be88fa6436e7e3f64a75e3595290dc0d1cd5eee7aaac54959cc53bd5a934a365e72dd81a2bd4fb9a67821bffedf2ef2bd94913de8b":"1415a7":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"44240ce519f00239bd66ba03c84d3160b1ce39e3932866e531a62b1c37cf4170c3dc4809236fb1ade181db49fc9c7ccd794b433d1ad0bc056e14738e0ae45c0e155972a40a989fa4b9bcdc308f11990818835fa2c256b47ee4173fb4fed22ccf4385d2dd54d593c74f0004df08134eb8965dd53a122317f59b95d6b69d017958":"2d0c49b20789f39502eefd092a2b6a9b2757c1456147569a685fca4492a8d5b0e6234308385d3d629644ca37e3399616c266f199b6521a9987b2be9ee783":"8f47abc2326e22cf62404508b442e81ad45afff7274096b9a13e478cdd0a72f99a76bf517f1bb0f872a523d8c588d4402569e948fd6a108ae1a45c65830828a10e94d432765314ba82ead310fc87ac99a5b39f30ab8820bf69e6934a9c1c915c19f36ea7717eaff7af67b4991315b1873ba929bedf18a975be808e7aa14a6726126c79cc93f69541c5cefdeb5b67ec279d8f5a446583e4b4faed1685140ee4b3b757c8ff4a1ef9cd76a88e05319ee62003d2d77290c94c579b0ca2ab0deb3176ef10a3fdb85c80ffbc9e2a665a23744fc836f9a9a103cd9fb756952356a2f1acdd68a645e20179006558b5d4d0b9b0bd3adf5e290f49dae60b9d19920953ea8bb237d5b3dcfe149a60f12a4ee3a889b33bcd3a3b753d610757cbcd093dd5a734255333689695ab636963e3d215a8e77ff31973718a4944a1e9e44f45754d39f6fa431c53f9a2ef36e16a5f70636eb5fba54e15c20a714f2809a7cff4b8dc1165f836607eb5a5a3bb0c4567eee26941fef46fb41e73b565c0cf8c72e404221264":62:0
+
+RSASSA-PSS Signature RSA-1024, SHA-256, Salt Length 0
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b3af3c4bd6d4cfcad8a03290e237b0cb3f05a4640d4ff655aa36fd36b4089817a7d4538ea9134971c37c12a5b3c360e2c90546c6553d2bff7419262821ce3fc99283483b9691ad5a0dbff":"ac777fd1f72fb4598b30ec1d343488e83bc03cac3380492225efad8c0d7e2c15a0031b8e027bf4e80747ce3de188b405dfeec2b4b5439599bef733a120fd80532e0fcc0629f86cc990e312b2b73ee1f3586198bf81f3af05ef0cfbed3d1b5c620927d2084f31847784c2ba8d55a0f038a5eaf8c2ea85ea81eebdc0fe1f0d75c1":0:0
+
+RSASSA-PSS Signature RSA-1024, SHA-256, Salt Length = max
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b3af3c4bd6d4cfcad8a03290e237b0cb3f05a4640d4ff655aa36fd36b4089817a7d4538ea9134971c37c12a5b3c360e2c90546c6553d2bff7419262821ce3fc99283483b9691ad5a0dbff":"6708ae77c8c32056d89d8186f1d74d84a02cf69a084516c3525901e7c2c8359c1e8939f95b1184ca8e57508a28673243f1580f0eaef13a8eb64c9b78c8a5c2249f7601faa9a55743d056c08bbf213bd5d461e134078b11458a76707fe80df58ca477c2455665734cb498dde2a87065d8bdb8851f7943f4c38ae243752dc79da3":94:0
+
+RSASSA-PSS Signature RSA-1024, SHA-256, Salt Length = max+1
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b3af3c4bd6d4cfcad8a03290e237b0cb3f05a4640d4ff655aa36fd36b4089817a7d4538ea9134971c37c12a5b3c360e2c90546c6553d2bff7419262821ce3fc99283483b9691ad5a0dbff":"":95:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSASSA-PSS Signature RSA-2048, SHA-256, Salt Length = 0
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"cd74ae6152d5fe5ce3d9073c921e861a24208f0c68477f49c825338e1ef877c0c977c1d2ffcb20e964db6fbedcccce449ec8538c8bfffce5bdece84762dac7f2cba69052c0c67226178a0ce185a2e050b3e1057e94411dd5f726878558e7d62afc8a81a93dcfdb5a2271466d32a8a4868af20fab2e13ca609d5a7710a8278aaf":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"293c65933fb46e6bc50d9c34a266a5e1b9e3b3ff3c99c691a88eb2d1b652ab28144e9e6a18468995febb5ce84b38efb295b1ebf1b7b4b7bce29c35dfbdc81b0944bdb3cdba914215de4380cf5226c6c7af172bf82dbebade614d710be5b4256d588d12d3a0f4494b863b09e8962bbc1d97cdaebd92d40a0485476178acbb943d1bec59aabfb60a15b1cb8f17f600fc10ec1f97148ecacca4b3715ec173e641525a1331b1b5b504bc9f930b7061f10e63509d2223c49c3050bab6edba11dc426a8b5dbfdb31b43ab3dedc392f3d4d0401f67b83cdb59e592dbedad5ed407854310e1304b4e998b8e4074caafba6fb006335c64666758401a508813d307f466e3a":0:0
+
+RSASSA-PSS Signature RSA-2048, SHA-256, Salt Length = max
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"cd74ae6152d5fe5ce3d9073c921e861a24208f0c68477f49c825338e1ef877c0c977c1d2ffcb20e964db6fbedcccce449ec8538c8bfffce5bdece84762dac7f2cba69052c0c67226178a0ce185a2e050b3e1057e94411dd5f726878558e7d62afc8a81a93dcfdb5a2271466d32a8a4868af20fab2e13ca609d5a7710a8278aaf":"6f2841166a64471d4f0b8ed0dbb7db32161da13b3f04e3159073f7ad2fe70738168779091facbabfc4df54d6f49c7c7849a2e888a6cb9d363e94e46d7ceba692721f9b92cc56519035a5662941e2a18a8489122b55af6193444501c030a752a3c6ed3592438623782c89a16d6c42f8f0cc0a1b21ba7db4fec2b5bef35c109623fdcbb54151d8b97d625bebce9de3be69edda8aa7573fa519f4630c5173a274716d29b2bf026b3c64c62732640af0cdf8ca589f2197453b8ba847dc1cea508d577a3f167caa53e0717a12d58502a27dcdfa1cee9161291d0a71f9265b4ab3":"558dcb8c4ed92d22618fb2169a552bf5ada493ad66890639caecce025839f44d2f8b7004d70586296fd94278e478dfbb63a6867f3fd909a558cca1fba1b329a3f230c2874886eb0b5a3de01e02100a939f216a07a445f9e8f7279b8cc31966de23c912c477bed5ac99996f09ec817bd02acb671310b33d5a9bf79bfc14a0e38abef9169c01e7743a408868f42705743023ec7892c2e437b918b40d873d99c56faa58543a8eb41d91d38ab8ca5165b95ac84b30624a6517b2893f432c63d34352059c9a6ad3353fe3859d0b51a971e3d58a287612b1a7b6eeb76b7101850f809960c1c137ea396ede4c570817bef93b2ff901c2d175909f48a6b6a73dc3aa6cef":222:0
+
+RSASSA-PSS Signature RSA-2048, SHA-256, Salt Length = max+1
+depends_on:MBEDTLS_SHA256_C
+pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"cd74ae6152d5fe5ce3d9073c921e861a24208f0c68477f49c825338e1ef877c0c977c1d2ffcb20e964db6fbedcccce449ec8538c8bfffce5bdece84762dac7f2cba69052c0c67226178a0ce185a2e050b3e1057e94411dd5f726878558e7d62afc8a81a93dcfdb5a2271466d32a8a4868af20fab2e13ca609d5a7710a8278aaf":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"":223:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSASSA-PSS Signature RSA-1024, SHA-512, Salt Length 0
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"7289bf65540f4925c608e62c8d077789828560945a27fd3f3918e4258b38be488d54b546bfe46d56e519583e77fbf3988538e26fd05793cea925934d714e748a23c429356d3c09e51e08d425923e4237c0f00c3c9f77d8544b8e089d265497a683c2f19b80776671ad36d1cadd38e24c3049461f3d3d964ddc9afdf1d4b9022a":0:0
+
+RSASSA-PSS Signature RSA-1024, SHA-512, Salt Length max
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13bc5bd8f242a193ead499173ae97c2313d53874c791b13e0adda0ee89fef3668b5f3f7d91d1117cb5aa93e":"a063080224f2659a25ce69417f3240779712d93a69461eb7712c137ed5d4ed7c8490b3e4e7e70e560921da59899a542d1f28db68c1247fd7a0db983ded9f6db9a8d9445c28ba3e4afffb4ed6fd4c93e774082a6dadc8052f3d48cb899d63b9a82f34315f999deb065da600207ea78bfd199e2249f86a55c79761933ee87337aa":62:0
+
+RSASSA-PSS Signature RSA-1024, SHA-512, Salt Length max+1
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"":63:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSASSA-PSS Signature RSA-3072, SHA-384, Salt Length 0
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"692acaaf5e277cdd4b3fdc0a1ff1785bfd28a3a8ec1bc97fd072ff6c99aade77baba92efdcf72e66d43542fdd32fb0e2dd29bb167dd36174b671ebef3c39c21be5fc84ef5a0957c9124f7eb281c12ae38cff9289413245c6c537bff88d013b3dd138c9373e26a00cecd4b5b18f708d69f1f24f88a0001d7de30ea40ff3c9f2e7":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"9110b39c1ffc2d8a5f24e965e3985b06871c2be23e677bb3ea879b7b6b25c327ebdd9434387cfe5f64bcb6900a5c8395549e3681390583786b709257ff0ad90507a02ec6abb40e33dec80097322876a84ee98b1fe79ced62ba4f983bb9b52758bf9856098af527924ea83291762b179894f1fab6d8c9867b0244393fa32b5871836fa4446b247153bc117ccaf7cd51c5ec026bcaf9b634182cd19a0eb95ec40dd5e4274750c9ee3b1379fb339fa4ed8348b104936396355bea0a00337b83f47d2fd7e7353f3009752f970eebc1bbade601b912f7b0984bccc68941ed23bd31fcd23a7d0f2b0cfaabdb3d361969f485e5d198442661ee71eef258ae9fc27a19d995a5695c668f9ab78622486d6ccfe4ae11de9240588fafbc75f8bd0d04de5f2959c126b7c672eac8bb65031ea22ebb4a4e36c12f427d2dc4619eb30ef1c90ec951337a364566f0d2e32f311b425a68fd5277a85dc8d8041ab2a0165c39fd4e39160498d5eae98965e8745b77390e5ddeff0aeffc0fb18839455d524826a1f366":0:0
+
+RSASSA-PSS Signature RSA-3072, SHA-384, Salt Length max
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"692acaaf5e277cdd4b3fdc0a1ff1785bfd28a3a8ec1bc97fd072ff6c99aade77baba92efdcf72e66d43542fdd32fb0e2dd29bb167dd36174b671ebef3c39c21be5fc84ef5a0957c9124f7eb281c12ae38cff9289413245c6c537bff88d013b3dd138c9373e26a00cecd4b5b18f708d69f1f24f88a0001d7de30ea40ff3c9f2e7":"6f2841166a64471d4f0b8ed0dbb7db32161da13b3fe26ee600cfb2d187384e529f280485cf84830af8cb015878cb7c4c74ad6ab38fd8998fa74b612e84af8123d785a8a60a2bb002f7b15a6f7cd6bbf18325a412fd3ea2a48903d30db2543089d9d82fe304dfe5fb903f6a0d1625fe994aa2ac47e04eeb6a51be770312a88cec80bbcf849ab57f2af4e9370a0e35a458d8509fb89e8b22ef499af25c427e48c2391747d3ccc6fdc1b035cbbe6a6f1742bfb6fb5d411d4c8bb73ee7f9bc2fbcf54603c813c9c6d479fb9f38650f4fa8ce05a32c47c078d278b7b97173e82d692e303141faf71573f2b5ab58c4fa009200a3be47633719dbeed24d61ba7acae8abfc2aa5f33f18e6f4c43eb8be3e4bbee1090544401e202ef06d90aae75a939256bd374afc5030f1146ea9d2acf4918dfe96d13eb5f16da55efd504657e3d8aea010f89c60288d74963746422bd7cf":"57a5511992b30d39e150b6a7a760a74136db0a24bc635f3a700a74f865a7c9c0ed2e2e196022a6d17ad7c2d3f12946828458015beffb0c0652de2cc9c3366aaeb7634c5d6ccbdf6c7c93b8feff21a7d2831ac3ee73fd98f9c972dcb833ac61323b77ec249db0e4fb9bf33c71aef9d2aaef40aafab2cb3870f0224c8d0c3ada2abb9d3dd601a038594d290177277a8b791ebcc211d7e5379323a633c62fe9cc2394bd7a977a604122ee9799e5368cc17e1af1795046e76899aa6e7be8f27b1a3e96daa81784d967e9a36cf1912936d7ae11f80aed79c27c53237e7fa009daf9240fb205f83e8c6f8f57d3c3520e0e60213a203432c18d92979b13555ce6eab075ddb38b6d820e378ac4e3afcb3d57e5c6d3c11f165745996fdb61e36b842c6ec81d6437073fe9fc96a4dbc3b188ca766a7f7ef786f39729cadcc5700fb0fffeca0eb0bc47243783f129917948df9bee23da83fadadfa87708e0a839a62965a5d2b9a7cd16b4675cef6afc8fbc2615d97d11ede47f4dfd83e74847dc184ccdc4fd":334:0
+
+RSASSA-PSS Signature RSA-3072, SHA-384, Salt Length max + 1
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"692acaaf5e277cdd4b3fdc0a1ff1785bfd28a3a8ec1bc97fd072ff6c99aade77baba92efdcf72e66d43542fdd32fb0e2dd29bb167dd36174b671ebef3c39c21be5fc84ef5a0957c9124f7eb281c12ae38cff9289413245c6c537bff88d013b3dd138c9373e26a00cecd4b5b18f708d69f1f24f88a0001d7de30ea40ff3c9f2e7":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"":335:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSASSA-PSS Sign. RSA-520 SHA-512: Salt Len. 0, no possible salt size
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:520:"0feea5f6220fac291b9508ec2ba8ed281eb39aee4d5dc693254106816ebc700ecf":"0d68918785c3aafe31eaaa2d8d8156dce645940ff7734a457337a51bd00bc88811":"00d5a06f86e5b9d87428540165ca966fa8893a62e2a59d0bfd7617780bb039f9165a373a8e119d0766f8de556710f33f67019153bad8223775e797d451d48206f3bf":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":0:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSASSA-PSS Sign. RSA-528 SHA-512: Salt Len. 0, only room for empty salt
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:528:"00d272aa28ed2085ac6df3c05c6719eed5deb618afa2e4ca4a6f7330b430ad48672d":"00c578836bab27145db9dd66f17470b62d4a6100f8ca0dedf457ee3639c3b9596325":"00a2554eba715bf66e5ecdf3d6d718e3e5d907e8666e7bf5a76b415106e04eb827ec4cb2199cff66491d45419082059aa5b54b0cf5eef4443402f3047c0b0e6f025081":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"5bf02a1ff652052be266d0630fb802bde71d363904e2e001267dba592c88e755befb9b8004ecf1c5de07ad8cd260ede04971b201d524434e657396d6bfd8917def84":0:0
+
+RSASSA-PSS Sign. RSA-528 SHA-512: Salt Len. 1, only room for empty salt
+depends_on:MBEDTLS_SHA512_C
+pkcs1_rsassa_pss_sign:528:"00d272aa28ed2085ac6df3c05c6719eed5deb618afa2e4ca4a6f7330b430ad48672d":"00c578836bab27145db9dd66f17470b62d4a6100f8ca0dedf457ee3639c3b9596325":"00a2554eba715bf66e5ecdf3d6d718e3e5d907e8666e7bf5a76b415106e04eb827ec4cb2199cff66491d45419082059aa5b54b0cf5eef4443402f3047c0b0e6f025081":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":1:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs1_v21.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs1_v21.function
new file mode 100644
index 0000000..0ecd4a7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs1_v21.function
@@ -0,0 +1,261 @@
+/* BEGIN_HEADER */
+#include "mbedtls/rsa.h"
+#include "mbedtls/md.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void pkcs1_rsaes_oaep_encrypt(int mod, data_t *input_N, data_t *input_E,
+                              int hash, data_t *message_str, data_t *rnd_buf,
+                              data_t *result_str, int result)
+{
+    unsigned char output[256];
+    mbedtls_rsa_context ctx;
+    mbedtls_test_rnd_buf_info info;
+    mbedtls_mpi N, E;
+
+    info.fallback_f_rng = mbedtls_test_rnd_std_rand;
+    info.fallback_p_rng = NULL;
+    info.buf = rnd_buf->x;
+    info.length = rnd_buf->len;
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
+    mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V21, hash);
+    memset(output, 0x00, sizeof(output));
+
+    TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0);
+    TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0);
+    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0);
+    TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8));
+    TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0);
+
+    if (message_str->len == 0) {
+        message_str->x = NULL;
+    }
+    TEST_ASSERT(mbedtls_rsa_pkcs1_encrypt(&ctx,
+                                          &mbedtls_test_rnd_buffer_rand,
+                                          &info, MBEDTLS_RSA_PUBLIC,
+                                          message_str->len, message_str->x,
+                                          output) == result);
+    if (result == 0) {
+        TEST_MEMORY_COMPARE(output, ctx.len, result_str->x, result_str->len);
+    }
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&E);
+    mbedtls_rsa_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void pkcs1_rsaes_oaep_decrypt(int mod, data_t *input_P, data_t *input_Q,
+                              data_t *input_N, data_t *input_E, int hash,
+                              data_t *result_str, char *seed, data_t *message_str,
+                              int result)
+{
+    unsigned char output[64];
+    mbedtls_rsa_context ctx;
+    size_t output_len;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+    mbedtls_mpi N, P, Q, E;
+    ((void) seed);
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&P);
+    mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E);
+
+    mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V21, hash);
+
+    memset(output, 0x00, sizeof(output));
+    memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info));
+
+    TEST_ASSERT(mbedtls_mpi_read_binary(&P, input_P->x, input_P->len) == 0);
+    TEST_ASSERT(mbedtls_mpi_read_binary(&Q, input_Q->x, input_Q->len) == 0);
+    TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0);
+    TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0);
+
+    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0);
+    TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8));
+    TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0);
+    TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0);
+
+    if (result_str->len == 0) {
+        TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(&ctx,
+                                              &mbedtls_test_rnd_pseudo_rand,
+                                              &rnd_info,
+                                              MBEDTLS_RSA_PRIVATE,
+                                              &output_len, message_str->x,
+                                              NULL, 0) == result);
+    } else {
+        TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(&ctx,
+                                              &mbedtls_test_rnd_pseudo_rand,
+                                              &rnd_info,
+                                              MBEDTLS_RSA_PRIVATE,
+                                              &output_len, message_str->x,
+                                              output,
+                                              sizeof(output)) == result);
+        if (result == 0) {
+            TEST_MEMORY_COMPARE(output, output_len, result_str->x, result_str->len);
+        }
+    }
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&P);
+    mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E);
+    mbedtls_rsa_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void pkcs1_rsassa_pss_sign(int mod, data_t *input_P, data_t *input_Q,
+                           data_t *input_N, data_t *input_E, int digest,
+                           int hash, data_t *message_str, data_t *rnd_buf,
+                           data_t *result_str, int fixed_salt_length,
+                           int result)
+{
+    unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
+    unsigned char output[512];
+    mbedtls_rsa_context ctx;
+    mbedtls_test_rnd_buf_info info;
+    mbedtls_mpi N, P, Q, E;
+
+    info.fallback_f_rng = mbedtls_test_rnd_std_rand;
+    info.fallback_p_rng = NULL;
+    info.buf = rnd_buf->x;
+    info.length = rnd_buf->len;
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&P);
+    mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E);
+    mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V21, hash);
+
+    memset(hash_result, 0x00, sizeof(hash_result));
+    memset(output, 0x00, sizeof(output));
+
+    TEST_ASSERT(mbedtls_mpi_read_binary(&P, input_P->x, input_P->len) == 0);
+    TEST_ASSERT(mbedtls_mpi_read_binary(&Q, input_Q->x, input_Q->len) == 0);
+    TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0);
+    TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0);
+
+    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0);
+    TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8));
+    TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0);
+    TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0);
+
+    if (mbedtls_md_info_from_type(digest) != NULL) {
+        TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len,
+                               hash_result) == 0);
+    }
+
+    if (fixed_salt_length == MBEDTLS_RSA_SALT_LEN_ANY) {
+        TEST_ASSERT(mbedtls_rsa_pkcs1_sign(&ctx, &mbedtls_test_rnd_buffer_rand,
+                                           &info, MBEDTLS_RSA_PRIVATE, digest, 0,
+                                           hash_result, output) == result);
+        if (result == 0) {
+            TEST_MEMORY_COMPARE(output, ctx.len, result_str->x, result_str->len);
+        }
+
+        info.buf = rnd_buf->x;
+        info.length = rnd_buf->len;
+    }
+
+    TEST_ASSERT(mbedtls_rsa_rsassa_pss_sign_ext(&ctx, &mbedtls_test_rnd_buffer_rand,
+                                                &info, digest, 0, hash_result,
+                                                fixed_salt_length, output) == result);
+    if (result == 0) {
+        TEST_MEMORY_COMPARE(output, ctx.len, result_str->x, result_str->len);
+    }
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&P);
+    mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E);
+    mbedtls_rsa_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void pkcs1_rsassa_pss_verify(int mod, data_t *input_N, data_t *input_E,
+                             int digest, int hash, data_t *message_str,
+                             char *salt, data_t *result_str, int result)
+{
+    unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
+    mbedtls_rsa_context ctx;
+    mbedtls_mpi N, E;
+    ((void) salt);
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
+    mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V21, hash);
+    memset(hash_result, 0x00, sizeof(hash_result));
+
+    TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0);
+    TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0);
+
+    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0);
+    TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8));
+    TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0);
+
+
+    if (mbedtls_md_info_from_type(digest) != NULL) {
+        TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len,
+                               hash_result) == 0);
+    }
+
+    TEST_ASSERT(mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0,
+                                         hash_result, result_str->x) == result);
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&E);
+    mbedtls_rsa_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void pkcs1_rsassa_pss_verify_ext(int mod, data_t *input_N, data_t *input_E,
+                                 int msg_digest_id, int ctx_hash,
+                                 int mgf_hash, int salt_len,
+                                 data_t *message_str,
+                                 data_t *result_str, int result_simple,
+                                 int result_full)
+{
+    unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
+    mbedtls_rsa_context ctx;
+    size_t hash_len;
+    mbedtls_mpi N, E;
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
+    mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V21, ctx_hash);
+    memset(hash_result, 0x00, sizeof(hash_result));
+
+    TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0);
+    TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0);
+
+    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0);
+    TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8));
+    TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0);
+
+
+    if (msg_digest_id != MBEDTLS_MD_NONE) {
+        TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(msg_digest_id),
+                               message_str->x, message_str->len, hash_result) == 0);
+        hash_len = 0;
+    } else {
+        memcpy(hash_result, message_str->x, message_str->len);
+        hash_len = message_str->len;
+    }
+
+    TEST_ASSERT(mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC,
+                                         msg_digest_id, hash_len, hash_result,
+                                         result_str->x) == result_simple);
+
+    TEST_ASSERT(mbedtls_rsa_rsassa_pss_verify_ext(&ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC,
+                                                  msg_digest_id, hash_len, hash_result,
+                                                  mgf_hash, salt_len,
+                                                  result_str->x) == result_full);
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&E);
+    mbedtls_rsa_free(&ctx);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs5.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs5.data
new file mode 100644
index 0000000..76fb0ab
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs5.data
@@ -0,0 +1,246 @@
+PBKDF2 RFC 6070 Test Vector #1 (SHA1)
+depends_on:MBEDTLS_SHA1_C
+pbkdf2_hmac:MBEDTLS_MD_SHA1:"70617373776f7264":"73616c74":1:20:"0c60c80f961f0e71f3a9b524af6012062fe037a6"
+
+PBKDF2 RFC 6070 Test Vector #2 (SHA1)
+depends_on:MBEDTLS_SHA1_C
+pbkdf2_hmac:MBEDTLS_MD_SHA1:"70617373776f7264":"73616c74":2:20:"ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957"
+
+PBKDF2 RFC 6070 Test Vector #3 (SHA1)
+depends_on:MBEDTLS_SHA1_C
+pbkdf2_hmac:MBEDTLS_MD_SHA1:"70617373776f7264":"73616c74":4096:20:"4b007901b765489abead49d926f721d065a429c1"
+
+PBKDF2 RFC 6070 Test Vector #5 (SHA1)
+depends_on:MBEDTLS_SHA1_C
+pbkdf2_hmac:MBEDTLS_MD_SHA1:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038"
+
+PBKDF2 RFC 6070 Test Vector #6 (SHA1)
+depends_on:MBEDTLS_SHA1_C
+pbkdf2_hmac:MBEDTLS_MD_SHA1:"7061737300776f7264":"7361006c74":4096:16:"56fa6aa75548099dcc37d7f03425e0c3"
+
+PBKDF2 Python hashlib Test Vector #1 (SHA224)
+depends_on:MBEDTLS_SHA256_C
+pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f7264":"73616c74":1:20:"3c198cbdb9464b7857966bd05b7bc92bc1cc4e6e"
+
+PBKDF2 Python hashlib Test Vector #2 (SHA224)
+depends_on:MBEDTLS_SHA256_C
+pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f7264":"73616c74":2:20:"93200ffa96c5776d38fa10abdf8f5bfc0054b971"
+
+PBKDF2 Python hashlib Test Vector #3 (SHA224)
+depends_on:MBEDTLS_SHA256_C
+pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f7264":"73616c74":4096:20:"218c453bf90635bd0a21a75d172703ff6108ef60"
+
+PBKDF2 Python hashlib Test Vector #5 (SHA224)
+depends_on:MBEDTLS_SHA256_C
+pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"056c4ba438ded91fc14e0594e6f52b87e1f3690c0dc0fbc057"
+
+PBKDF2 Python hashlib Test Vector #6 (SHA224)
+depends_on:MBEDTLS_SHA256_C
+pbkdf2_hmac:MBEDTLS_MD_SHA224:"7061737300776f7264":"7361006c74":4096:16:"9b4011b641f40a2a500a31d4a392d15c"
+
+PBKDF2 RFC 7914 Sec 11 Test Vector #1 (SHA256)
+depends_on:MBEDTLS_SHA256_C
+pbkdf2_hmac:MBEDTLS_MD_SHA256:"706173737764":"73616c74":1:64:"55ac046e56e3089fec1691c22544b605f94185216dde0465e68b9d57c20dacbc49ca9cccf179b645991664b39d77ef317c71b845b1e30bd509112041d3a19783"
+
+PBKDF2 RFC 7914 Sec 11 Test Vector #2 (SHA256)
+depends_on:MBEDTLS_SHA256_C
+pbkdf2_hmac:MBEDTLS_MD_SHA256:"50617373776f7264":"4e61436c":80000:64:"4ddcd8f60b98be21830cee5ef22701f9641a4418d04c0414aeff08876b34ab56a1d425a1225833549adb841b51c9b3176a272bdebba1d078478f62b397f33c8d"
+
+PBKDF2 Python hashlib Test Vector #1 (SHA256)
+depends_on:MBEDTLS_SHA256_C
+pbkdf2_hmac:MBEDTLS_MD_SHA256:"70617373776f7264":"73616c74":1:20:"120fb6cffcf8b32c43e7225256c4f837a86548c9"
+
+PBKDF2 Python hashlib Test Vector #2 (SHA256)
+depends_on:MBEDTLS_SHA256_C
+pbkdf2_hmac:MBEDTLS_MD_SHA256:"70617373776f7264":"73616c74":2:20:"ae4d0c95af6b46d32d0adff928f06dd02a303f8e"
+
+PBKDF2 Python hashlib Test Vector #3 (SHA256)
+depends_on:MBEDTLS_SHA256_C
+pbkdf2_hmac:MBEDTLS_MD_SHA256:"70617373776f7264":"73616c74":4096:20:"c5e478d59288c841aa530db6845c4c8d962893a0"
+
+PBKDF2 Python hashlib Test Vector #5 (SHA256)
+depends_on:MBEDTLS_SHA256_C
+pbkdf2_hmac:MBEDTLS_MD_SHA256:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c"
+
+PBKDF2 Python hashlib Test Vector #6 (SHA256)
+depends_on:MBEDTLS_SHA256_C
+pbkdf2_hmac:MBEDTLS_MD_SHA256:"7061737300776f7264":"7361006c74":4096:16:"89b69d0516f829893c696226650a8687"
+
+PBKDF2 Python hashlib Test Vector #1 (SHA384)
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f7264":"73616c74":1:20:"c0e14f06e49e32d73f9f52ddf1d0c5c719160923"
+
+PBKDF2 Python hashlib Test Vector #2 (SHA384)
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f7264":"73616c74":2:20:"54f775c6d790f21930459162fc535dbf04a93918"
+
+PBKDF2 Python hashlib Test Vector #3 (SHA384)
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f7264":"73616c74":4096:20:"559726be38db125bc85ed7895f6e3cf574c7a01c"
+
+PBKDF2 Python hashlib Test Vector #5 (SHA384)
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"819143ad66df9a552559b9e131c52ae6c5c1b0eed18f4d283b"
+
+PBKDF2 Python hashlib Test Vector #6 (SHA384)
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+pbkdf2_hmac:MBEDTLS_MD_SHA384:"7061737300776f7264":"7361006c74":4096:16:"a3f00ac8657e095f8e0823d232fc60b3"
+
+PBKDF2 Python hashlib Test Vector #1 (SHA512)
+depends_on:MBEDTLS_SHA512_C
+pbkdf2_hmac:MBEDTLS_MD_SHA512:"70617373776f7264":"73616c74":1:20:"867f70cf1ade02cff3752599a3a53dc4af34c7a6"
+
+PBKDF2 Python hashlib Test Vector #2 (SHA512)
+depends_on:MBEDTLS_SHA512_C
+pbkdf2_hmac:MBEDTLS_MD_SHA512:"70617373776f7264":"73616c74":2:20:"e1d9c16aa681708a45f5c7c4e215ceb66e011a2e"
+
+PBKDF2 Python hashlib Test Vector #3 (SHA512)
+depends_on:MBEDTLS_SHA512_C
+pbkdf2_hmac:MBEDTLS_MD_SHA512:"70617373776f7264":"73616c74":4096:20:"d197b1b33db0143e018b12f3d1d1479e6cdebdcc"
+
+PBKDF2 Python hashlib Test Vector #5 (SHA512)
+depends_on:MBEDTLS_SHA512_C
+pbkdf2_hmac:MBEDTLS_MD_SHA512:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"8c0511f4c6e597c6ac6315d8f0362e225f3c501495ba23b868"
+
+PBKDF2 Python hashlib Test Vector #6 (SHA512)
+depends_on:MBEDTLS_SHA512_C
+pbkdf2_hmac:MBEDTLS_MD_SHA512:"7061737300776f7264":"7361006c74":4096:16:"9d9e9c4cd21fe4be24d5b8244c759665"
+
+PBES2 Encrypt, pad=6 (OK)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF":144:0:"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7"
+
+PBES2 Encrypt, pad=8 (OK)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55":136:0:"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC2262AD99FBD6C3B0AB"
+
+PBES2 Encrypt, pad=8 (Invalid output size)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D5510101010101010101010101010101010":151:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL:"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22D8D337E00CB5D1B5B76BE4AE393414050646A102DEF61A9F"
+
+PBES2 Encrypt, pad=6 (PKCS7 padding disabled)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_CIPHER_PADDING_PKCS7
+pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF":138:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:""
+
+PBES2 Encrypt, pad=8 (PKCS7 padding disabled)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_CIPHER_PADDING_PKCS7
+pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D5510101010101010101010101010101010":138:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:""
+
+PBES2 Decrypt (OK)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":144:0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF"
+
+PBES2 Decrypt (Invalid output size)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":143:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606"
+
+PBES2 Decrypt (Invalid padding & PKCS7 padding disabled)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_CIPHER_PADDING_PKCS7
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FDA3488A7144097565":144:0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060607"
+
+PBES2 Decrypt (Invalid padding & PKCS7 padding enabled)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FDA3488A7144097565":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060607"
+
+PBES2 Decrypt (bad params tag)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
+pbes2_decrypt:MBEDTLS_ASN1_SEQUENCE:"":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:""
+
+PBES2 Decrypt (bad KDF AlgId: not a sequence)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"31":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:""
+
+PBES2 Decrypt (bad KDF AlgId: overlong)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"3001":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
+
+PBES2 Decrypt (KDF != PBKDF2)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300B06092A864886F70D01050D":"":"":0:MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE:""
+
+PBES2 Decrypt (bad PBKDF2 params: not a sequence)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300D06092A864886F70D01050C3100":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:""
+
+PBES2 Decrypt (bad PBKDF2 params: overlong)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300D06092A864886F70D01050C3001":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
+
+PBES2 Decrypt (bad PBKDF2 params salt: not an octet string)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300E06092A864886F70D01050C30010500":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:""
+
+PBES2 Decrypt (bad PBKDF2 params salt: overlong)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300E06092A864886F70D01050C30010401":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
+
+PBES2 Decrypt (bad PBKDF2 params iter: not an int)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301906092A864886F70D01050C300C04082ED7F24A1D516DD70300":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:""
+
+PBES2 Decrypt (bad PBKDF2 params iter: overlong)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301906092A864886F70D01050C300C04082ED7F24A1D516DD70201":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
+
+PBES2 Decrypt (OK, PBKDF2 params explicit keylen)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301E06092A864886F70D01050C301104082ED7F24A1D516DD702020800020118301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":144:0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF"
+
+PBES2 Decrypt (bad PBKDF2 params explicit keylen: overlong)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208000201":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
+
+PBES2 Decrypt (OK, PBKDF2 params explicit prf_alg)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302706092A864886F70D01050C301A04082ED7F24A1D516DD702020800300A06082A864886F70D0207301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":144:0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF"
+
+PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg not a sequence)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208003100":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:""
+
+PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg overlong)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208003001":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
+
+PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg != HMAC-SHA*)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302706092A864886F70D01050C301A04082ED7F24A1D516DD702020800300A06082A864886F70D0206":"":"":0:MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE:""
+
+PBES2 Decrypt (bad, PBKDF2 params extra data)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302806092A864886F70D01050C301B04082ED7F24A1D516DD702020800300A06082A864886F70D020700":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH:""
+
+PBES2 Decrypt (bad enc_scheme_alg: not a sequence)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD7020208003100":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:""
+
+PBES2 Decrypt (bad enc_scheme_alg: overlong)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD7020208003001":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
+
+PBES2 Decrypt (bad enc_scheme_alg: unknown oid)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300A06082A864886F70D03FF":"":"":0:MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE:""
+
+PBES2 Decrypt (bad enc_scheme_alg params: not an octet string)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300C06082A864886F70D03070500":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT:""
+
+PBES2 Decrypt (bad enc_scheme_alg params: overlong)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300C06082A864886F70D03070401":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:""
+
+PBES2 Decrypt (bad enc_scheme_alg params: len != iv_len)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301306082A864886F70D030704078A4FCC9DCC3949":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT:""
+
+PBES2 Decrypt (bad password)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"F0617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606"
+
+PBES2 Decrypt (bad iter value)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020801301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606"
+
+PKCS#5 Selftest
+pkcs5_selftest:
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs5.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs5.function
new file mode 100644
index 0000000..7ce88cb
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkcs5.function
@@ -0,0 +1,128 @@
+/* BEGIN_HEADER */
+#include "mbedtls/pkcs5.h"
+#include "mbedtls/cipher.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PKCS5_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void pbkdf2_hmac(int hash, data_t *pw_str, data_t *salt_str,
+                 int it_cnt, int key_len, data_t *result_key_string)
+{
+    mbedtls_md_context_t ctx;
+    const mbedtls_md_info_t *info;
+
+    unsigned char key[100];
+
+    mbedtls_md_init(&ctx);
+
+    info = mbedtls_md_info_from_type(hash);
+    TEST_ASSERT(info != NULL);
+    TEST_ASSERT(mbedtls_md_setup(&ctx, info, 1) == 0);
+    TEST_ASSERT(mbedtls_pkcs5_pbkdf2_hmac(&ctx, pw_str->x, pw_str->len, salt_str->x, salt_str->len,
+                                          it_cnt, key_len, key) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(key, result_key_string->x,
+                                    key_len, result_key_string->len) == 0);
+
+exit:
+    mbedtls_md_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */
+void pbes2_encrypt(int params_tag, data_t *params_hex, data_t *pw,
+                   data_t *data, int outsize, int ref_ret,
+                   data_t *ref_out)
+{
+    int my_ret;
+    mbedtls_asn1_buf params;
+    unsigned char *my_out = NULL;
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+    size_t my_out_len = 0;
+#endif
+
+    params.tag = params_tag;
+    params.p = params_hex->x;
+    params.len = params_hex->len;
+
+    ASSERT_ALLOC(my_out, outsize);
+
+    if (ref_ret != MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) {
+        my_ret = mbedtls_pkcs5_pbes2(&params, MBEDTLS_PKCS5_ENCRYPT,
+                                     pw->x, pw->len, data->x, data->len, my_out);
+        TEST_EQUAL(my_ret, ref_ret);
+    }
+    if (ref_ret == 0) {
+        ASSERT_COMPARE(my_out, ref_out->len,
+                       ref_out->x, ref_out->len);
+    }
+
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+    my_ret = mbedtls_pkcs5_pbes2_ext(&params, MBEDTLS_PKCS5_ENCRYPT,
+                                     pw->x, pw->len, data->x, data->len, my_out,
+                                     outsize, &my_out_len);
+    TEST_EQUAL(my_ret, ref_ret);
+    if (ref_ret == 0) {
+        ASSERT_COMPARE(my_out, my_out_len,
+                       ref_out->x, ref_out->len);
+    }
+#endif
+
+exit:
+    mbedtls_free(my_out);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */
+void pbes2_decrypt(int params_tag, data_t *params_hex, data_t *pw,
+                   data_t *data, int outsize, int ref_ret,
+                   data_t *ref_out)
+{
+    int my_ret;
+    mbedtls_asn1_buf params;
+    unsigned char *my_out = NULL;
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+    size_t my_out_len = 0;
+#endif
+
+    params.tag = params_tag;
+    params.p = params_hex->x;
+    params.len = params_hex->len;
+
+    ASSERT_ALLOC(my_out, outsize);
+
+    if (ref_ret != MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) {
+        my_ret = mbedtls_pkcs5_pbes2(&params, MBEDTLS_PKCS5_DECRYPT,
+                                     pw->x, pw->len, data->x, data->len, my_out);
+        TEST_EQUAL(my_ret, ref_ret);
+    }
+    if (ref_ret == 0) {
+        ASSERT_COMPARE(my_out, ref_out->len,
+                       ref_out->x, ref_out->len);
+    }
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+    my_ret = mbedtls_pkcs5_pbes2_ext(&params, MBEDTLS_PKCS5_DECRYPT,
+                                     pw->x, pw->len, data->x, data->len, my_out,
+                                     outsize, &my_out_len);
+    TEST_EQUAL(my_ret, ref_ret);
+    if (ref_ret == 0) {
+        ASSERT_COMPARE(my_out, my_out_len,
+                       ref_out->x, ref_out->len);
+    }
+#endif
+
+exit:
+    mbedtls_free(my_out);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void pkcs5_selftest()
+{
+    TEST_ASSERT(mbedtls_pkcs5_self_test(1) == 0);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkparse.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkparse.data
similarity index 99%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkparse.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkparse.data
index 91d5197..9108a21 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_pkparse.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkparse.data
@@ -1,13 +1,13 @@
 Parse RSA Key #1 (No password when required)
-depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C
+depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C
 pk_parse_keyfile_rsa:"data_files/test-ca.key":"NULL":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
 
 Parse RSA Key #2 (Correct password)
-depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C
+depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C
 pk_parse_keyfile_rsa:"data_files/test-ca.key":"PolarSSLTest":0
 
 Parse RSA Key #3 (Wrong password)
-depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C
+depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C
 pk_parse_keyfile_rsa:"data_files/test-ca.key":"PolarSSLWRONG":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
 
 Parse RSA Key #4 (DES Encrypted)
@@ -989,7 +989,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
 pk_parse_public_keyfile_ec:"data_files/ec_bp512_pub.pem":0
 
 Parse EC Key #1 (SEC1 DER)
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
 pk_parse_keyfile_ec:"data_files/ec_prv.sec1.der":"NULL":0
 
 Parse EC Key #2 (SEC1 PEM)
@@ -1005,15 +1005,15 @@ depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
 pk_parse_keyfile_ec:"data_files/ec_prv.pk8.der":"NULL":0
 
 Parse EC Key #4a (PKCS8 DER, no public key)
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 pk_parse_keyfile_ec:"data_files/ec_prv.pk8nopub.der":"NULL":0
 
 Parse EC Key #4b (PKCS8 DER, no public key, with parameters)
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 pk_parse_keyfile_ec:"data_files/ec_prv.pk8nopubparam.der":"NULL":0
 
 Parse EC Key #4c (PKCS8 DER, with parameters)
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 pk_parse_keyfile_ec:"data_files/ec_prv.pk8param.der":"NULL":0
 
 Parse EC Key #5 (PKCS8 PEM)
@@ -1033,11 +1033,11 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 pk_parse_keyfile_ec:"data_files/ec_prv.pk8param.pem":"NULL":0
 
 Parse EC Key #6 (PKCS8 encrypted DER)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_PKCS12_C
 pk_parse_keyfile_ec:"data_files/ec_prv.pk8.pw.der":"polar":0
 
 Parse EC Key #7 (PKCS8 encrypted PEM)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_PKCS12_C
 pk_parse_keyfile_ec:"data_files/ec_prv.pk8.pw.pem":"polar":0
 
 Parse EC Key #8 (SEC1 PEM, secp224r1)
@@ -1069,7 +1069,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
 pk_parse_keyfile_ec:"data_files/ec_bp512_prv.pem":"NULL":0
 
 Parse EC Key #15 (SEC1 DER, secp256k1, SpecifiedECDomain)
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256K1_ENABLED:MBEDTLS_PK_PARSE_EC_EXTENDED
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256K1_ENABLED:MBEDTLS_PK_PARSE_EC_EXTENDED
 pk_parse_keyfile_ec:"data_files/ec_prv.specdom.der":"NULL":0
 
 Key ASN1 (No data)
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkparse.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkparse.function
new file mode 100644
index 0000000..d6b6984
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkparse.function
@@ -0,0 +1,135 @@
+/* BEGIN_HEADER */
+#include "mbedtls/pk.h"
+#include "mbedtls/pem.h"
+#include "mbedtls/oid.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_BIGNUM_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_FS_IO */
+void pk_parse_keyfile_rsa(char *key_file, char *password, int result)
+{
+    mbedtls_pk_context ctx;
+    int res;
+    char *pwd = password;
+
+    mbedtls_pk_init(&ctx);
+    USE_PSA_INIT();
+
+    if (strcmp(pwd, "NULL") == 0) {
+        pwd = NULL;
+    }
+
+    res = mbedtls_pk_parse_keyfile(&ctx, key_file, pwd);
+
+    TEST_ASSERT(res == result);
+
+    if (res == 0) {
+        mbedtls_rsa_context *rsa;
+        TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_RSA));
+        rsa = mbedtls_pk_rsa(ctx);
+        TEST_ASSERT(mbedtls_rsa_check_privkey(rsa) == 0);
+    }
+
+exit:
+    mbedtls_pk_free(&ctx);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_FS_IO */
+void pk_parse_public_keyfile_rsa(char *key_file, int result)
+{
+    mbedtls_pk_context ctx;
+    int res;
+
+    mbedtls_pk_init(&ctx);
+    USE_PSA_INIT();
+
+    res = mbedtls_pk_parse_public_keyfile(&ctx, key_file);
+
+    TEST_ASSERT(res == result);
+
+    if (res == 0) {
+        mbedtls_rsa_context *rsa;
+        TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_RSA));
+        rsa = mbedtls_pk_rsa(ctx);
+        TEST_ASSERT(mbedtls_rsa_check_pubkey(rsa) == 0);
+    }
+
+exit:
+    mbedtls_pk_free(&ctx);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_ECP_C */
+void pk_parse_public_keyfile_ec(char *key_file, int result)
+{
+    mbedtls_pk_context ctx;
+    int res;
+
+    mbedtls_pk_init(&ctx);
+    USE_PSA_INIT();
+
+    res = mbedtls_pk_parse_public_keyfile(&ctx, key_file);
+
+    TEST_ASSERT(res == result);
+
+    if (res == 0) {
+        mbedtls_ecp_keypair *eckey;
+        TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_ECKEY));
+        eckey = mbedtls_pk_ec(ctx);
+        TEST_ASSERT(mbedtls_ecp_check_pubkey(&eckey->grp, &eckey->Q) == 0);
+    }
+
+exit:
+    mbedtls_pk_free(&ctx);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_ECP_C */
+void pk_parse_keyfile_ec(char *key_file, char *password, int result)
+{
+    mbedtls_pk_context ctx;
+    int res;
+
+    mbedtls_pk_init(&ctx);
+    USE_PSA_INIT();
+
+    res = mbedtls_pk_parse_keyfile(&ctx, key_file, password);
+
+    TEST_ASSERT(res == result);
+
+    if (res == 0) {
+        mbedtls_ecp_keypair *eckey;
+        TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_ECKEY));
+        eckey = mbedtls_pk_ec(ctx);
+        TEST_ASSERT(mbedtls_ecp_check_privkey(&eckey->grp, &eckey->d) == 0);
+    }
+
+exit:
+    mbedtls_pk_free(&ctx);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void pk_parse_key(data_t *buf, int result)
+{
+    mbedtls_pk_context pk;
+
+    mbedtls_pk_init(&pk);
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_pk_parse_key(&pk, buf->x, buf->len, NULL, 0) == result);
+
+exit:
+    mbedtls_pk_free(&pk);
+    USE_PSA_DONE();
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkwrite.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkwrite.data
new file mode 100644
index 0000000..f10bdd6
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkwrite.data
@@ -0,0 +1,107 @@
+Public key write check RSA
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C
+pk_write_pubkey_check:"data_files/server1.pubkey":TEST_PEM
+
+Public key write check RSA (DER)
+depends_on:MBEDTLS_RSA_C
+pk_write_pubkey_check:"data_files/server1.pubkey.der":TEST_DER
+
+Public key write check RSA 4096
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C
+pk_write_pubkey_check:"data_files/rsa4096_pub.pem":TEST_PEM
+
+Public key write check RSA 4096 (DER)
+depends_on:MBEDTLS_RSA_C
+pk_write_pubkey_check:"data_files/rsa4096_pub.der":TEST_DER
+
+Public key write check EC 192 bits
+depends_on:MBEDTLS_ECP_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+pk_write_pubkey_check:"data_files/ec_pub.pem":TEST_PEM
+
+Public key write check EC 192 bits (DER)
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+pk_write_pubkey_check:"data_files/ec_pub.der":TEST_DER
+
+Public key write check EC 521 bits
+depends_on:MBEDTLS_ECP_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+pk_write_pubkey_check:"data_files/ec_521_pub.pem":TEST_PEM
+
+Public key write check EC 521 bits (DER)
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+pk_write_pubkey_check:"data_files/ec_521_pub.der":TEST_DER
+
+Public key write check EC Brainpool 512 bits
+depends_on:MBEDTLS_ECP_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
+pk_write_pubkey_check:"data_files/ec_bp512_pub.pem":TEST_PEM
+
+Public key write check EC Brainpool 512 bits (DER)
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
+pk_write_pubkey_check:"data_files/ec_bp512_pub.der":TEST_DER
+
+Private key write check RSA
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C
+pk_write_key_check:"data_files/server1.key":TEST_PEM
+
+Private key write check RSA (DER)
+depends_on:MBEDTLS_RSA_C
+pk_write_key_check:"data_files/server1.key.der":TEST_DER
+
+Private key write check RSA 4096
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C
+pk_write_key_check:"data_files/rsa4096_prv.pem":TEST_PEM
+
+Private key write check RSA 4096 (DER)
+depends_on:MBEDTLS_RSA_C
+pk_write_key_check:"data_files/rsa4096_prv.der":TEST_DER
+
+Private key write check EC 192 bits
+depends_on:MBEDTLS_ECP_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+pk_write_key_check:"data_files/ec_prv.sec1.pem":TEST_PEM
+
+Private key write check EC 192 bits (DER)
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+pk_write_key_check:"data_files/ec_prv.sec1.der":TEST_DER
+
+Private key write check EC 256 bits (top bit set)
+depends_on:MBEDTLS_ECP_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_write_key_check:"data_files/ec_256_long_prv.pem":TEST_PEM
+
+Private key write check EC 256 bits (top bit set) (DER)
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_write_key_check:"data_files/ec_256_long_prv.der":TEST_DER
+
+Private key write check EC 521 bits
+depends_on:MBEDTLS_ECP_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+pk_write_key_check:"data_files/ec_521_prv.pem":TEST_PEM
+
+Private key write check EC 521 bits (DER)
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+pk_write_key_check:"data_files/ec_521_prv.der":TEST_DER
+
+Private key write check EC 521 bits (top byte is 0)
+depends_on:MBEDTLS_ECP_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+pk_write_key_check:"data_files/ec_521_short_prv.pem":TEST_PEM
+
+Private key write check EC 521 bits (top byte is 0) (DER)
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+pk_write_key_check:"data_files/ec_521_short_prv.der":TEST_DER
+
+Private key write check EC Brainpool 512 bits
+depends_on:MBEDTLS_ECP_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
+pk_write_key_check:"data_files/ec_bp512_prv.pem":TEST_PEM
+
+Private key write check EC Brainpool 512 bits (DER)
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
+pk_write_key_check:"data_files/ec_bp512_prv.der":TEST_DER
+
+Derive public key EC 192 bits
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+pk_write_public_from_private:"data_files/ec_prv.sec1.der":"data_files/ec_pub.der"
+
+Derive public key EC 521 bits
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+pk_write_public_from_private:"data_files/ec_521_prv.der":"data_files/ec_521_pub.der"
+
+Derive public key EC Brainpool 512 bits
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
+pk_write_public_from_private:"data_files/ec_bp512_prv.der":"data_files/ec_bp512_pub.der"
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkwrite.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkwrite.function
new file mode 100644
index 0000000..d1f7813
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_pkwrite.function
@@ -0,0 +1,178 @@
+/* BEGIN_HEADER */
+#include "mbedtls/pk.h"
+#include "mbedtls/pem.h"
+#include "mbedtls/oid.h"
+#include "psa/crypto_sizes.h"
+
+typedef enum {
+    TEST_PEM,
+    TEST_DER
+} pkwrite_file_format_t;
+
+/* Helper function for removing "\r" chars from a buffer. */
+static void fix_new_lines(unsigned char *in_str, size_t *len)
+{
+    size_t chars_left;
+    unsigned int i;
+
+    for (i = 0; (i < *len) && (*len > 0); i++) {
+        if (in_str[i] == '\r') {
+            if (i < (*len - 1)) {
+                chars_left = *len - i - 1;
+                memmove(&in_str[i], &in_str[i+1], chars_left);
+            } else {
+                in_str[i] = '\0';
+            }
+            *len = *len - 1;
+        }
+    }
+}
+
+static void pk_write_check_common(char *key_file, int is_public_key, int is_der)
+{
+    mbedtls_pk_context key;
+    unsigned char *buf = NULL;
+    unsigned char *check_buf = NULL;
+    unsigned char *start_buf;
+    size_t buf_len, check_buf_len;
+    int ret;
+
+    mbedtls_pk_init(&key);
+    USE_PSA_INIT();
+
+    /* Note: if mbedtls_pk_load_file() successfully reads the file, then
+       it also allocates check_buf, which should be freed on exit */
+    TEST_EQUAL(mbedtls_pk_load_file(key_file, &check_buf, &check_buf_len), 0);
+    TEST_ASSERT(check_buf_len > 0);
+
+    /* Windows' line ending is different from the Linux's one ("\r\n" vs "\n").
+     * Git treats PEM files as text, so when on Windows, it replaces new lines
+     * with "\r\n" on checkout.
+     * Unfortunately mbedtls_pk_load_file() loads files in binary format,
+     * while mbedtls_pk_write_pubkey_pem() goes through the I/O layer which
+     * uses "\n" for newlines in both Windows and Linux.
+     * Here we remove the extra "\r" so that "buf" and "check_buf" can be
+     * easily compared later. */
+    if (!is_der) {
+        fix_new_lines(check_buf, &check_buf_len);
+    }
+    TEST_ASSERT(check_buf_len > 0);
+
+    TEST_CALLOC(buf, check_buf_len);
+
+    if (is_public_key) {
+        TEST_EQUAL(mbedtls_pk_parse_public_keyfile(&key, key_file), 0);
+        if (is_der) {
+            ret = mbedtls_pk_write_pubkey_der(&key, buf, check_buf_len);
+        } else {
+#if defined(MBEDTLS_PEM_WRITE_C)
+            ret = mbedtls_pk_write_pubkey_pem(&key, buf, check_buf_len);
+#else
+            ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+#endif
+        }
+    } else {
+        TEST_EQUAL(mbedtls_pk_parse_keyfile(&key, key_file, NULL), 0);
+        if (is_der) {
+            ret = mbedtls_pk_write_key_der(&key, buf, check_buf_len);
+        } else {
+#if defined(MBEDTLS_PEM_WRITE_C)
+            ret = mbedtls_pk_write_key_pem(&key, buf, check_buf_len);
+#else
+            ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+#endif
+        }
+    }
+
+    if (is_der) {
+        TEST_LE_U(1, ret);
+        buf_len = ret;
+        start_buf = buf + check_buf_len - buf_len;
+    } else {
+        TEST_EQUAL(ret, 0);
+        buf_len = strlen((char *) buf) + 1; /* +1 takes the string terminator into account */
+        start_buf = buf;
+    }
+
+    TEST_MEMORY_COMPARE(start_buf, buf_len, check_buf, check_buf_len);
+
+exit:
+    mbedtls_free(buf);
+    mbedtls_free(check_buf);
+    mbedtls_pk_free(&key);
+    USE_PSA_DONE();
+}
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_BIGNUM_C:MBEDTLS_FS_IO
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void pk_write_pubkey_check(char *key_file, int is_der)
+{
+    pk_write_check_common(key_file, 1, is_der);
+    goto exit; /* make the compiler happy */
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void pk_write_key_check(char *key_file, int is_der)
+{
+    pk_write_check_common(key_file, 0, is_der);
+    goto exit; /* make the compiler happy */
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void pk_write_public_from_private(char *priv_key_file, char *pub_key_file)
+{
+    mbedtls_pk_context priv_key;
+    uint8_t *derived_key_raw = NULL;
+    size_t derived_key_len = 0;
+    uint8_t *pub_key_raw = NULL;
+    size_t pub_key_len = 0;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_svc_key_id_t opaque_key_id = MBEDTLS_SVC_KEY_ID_INIT;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    mbedtls_pk_init(&priv_key);
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_pk_parse_keyfile(&priv_key, priv_key_file, NULL), 0);
+    TEST_EQUAL(mbedtls_pk_load_file(pub_key_file, &pub_key_raw,
+                                    &pub_key_len), 0);
+
+    derived_key_len = pub_key_len;
+    TEST_CALLOC(derived_key_raw, derived_key_len);
+
+    TEST_EQUAL(mbedtls_pk_write_pubkey_der(&priv_key, derived_key_raw,
+                                           derived_key_len), pub_key_len);
+
+    TEST_MEMORY_COMPARE(derived_key_raw, derived_key_len,
+                        pub_key_raw, pub_key_len);
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    mbedtls_platform_zeroize(derived_key_raw, derived_key_len);
+
+    TEST_EQUAL(mbedtls_pk_wrap_as_opaque(&priv_key, &opaque_key_id,
+                                         PSA_ALG_NONE), 0);
+
+    TEST_EQUAL(mbedtls_pk_write_pubkey_der(&priv_key, derived_key_raw,
+                                           derived_key_len), pub_key_len);
+
+    TEST_MEMORY_COMPARE(derived_key_raw, derived_key_len,
+                        pub_key_raw, pub_key_len);
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+exit:
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_destroy_key(opaque_key_id);
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    mbedtls_free(derived_key_raw);
+    mbedtls_free(pub_key_raw);
+    mbedtls_pk_free(&priv_key);
+    USE_PSA_DONE();
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_platform_printf.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_platform_printf.data
new file mode 100644
index 0000000..891771b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_platform_printf.data
@@ -0,0 +1,114 @@
+# The test cases for printf and integers have two purposes: they exercise
+# the printf function family, and they exercise the passing of integers
+# and strings through the test framework.
+
+printf "%d", 0
+printf_int:"%d":0:"0"
+
+printf "%d", -0
+printf_int:"%d":-0:"0"
+
+printf "%d", 0x0
+printf_int:"%d":0x0:"0"
+
+printf "%d", 0x00
+printf_int:"%d":0x00:"0"
+
+printf "%d", 0x000000000000000000000000000000000000000000
+printf_int:"%d":0x000000000000000000000000000000000000000000:"0"
+
+printf "%d", -0x0
+printf_int:"%d":-0x0:"0"
+
+printf "%d", 1
+printf_int:"%d":1:"1"
+
+printf "%d", 0x1
+printf_int:"%d":0x1:"1"
+
+printf "%d", 0x0000000000000000000000000000000000000000001
+printf_int:"%d":0x0000000000000000000000000000000000000000001:"1"
+
+printf "%d", -1
+printf_int:"%d":-1:"-1"
+
+printf "%d", -0x1
+printf_int:"%d":-0x1:"-1"
+
+printf "%d", -0x0000000000000000000000000000000000000000001
+printf_int:"%d":-0x0000000000000000000000000000000000000000001:"-1"
+
+printf "%d", 2147483647
+printf_int:"%d":2147483647:"2147483647"
+
+printf "%d", 0x7fffffff
+printf_int:"%d":0x7fffffff:"2147483647"
+
+printf "%d", -2147483647
+printf_int:"%d":-2147483647:"-2147483647"
+
+printf "%d", -0x7fffffff
+printf_int:"%d":-0x7fffffff:"-2147483647"
+
+printf "%d", -2147483648
+printf_int:"%d":-2147483648:"-2147483648"
+
+printf "%d", -0x80000000
+printf_int:"%d":-0x80000000:"-2147483648"
+
+# Test that LONG_MAX is coming out untruncated through the test framework.
+printf "%lx", LONG_MAX
+printf_long_max:"%lx":LONG_MAX
+
+# The next few test cases exercise how the test framework handles special
+# characters in strings.
+printf "%c%c", SPACE, SPACE
+printf_char2:"%c%c":SPACE_CHAR:SPACE_CHAR:"  "
+
+printf "%c%c", NEWLINE, SPACE
+printf_char2:"%c%c":NEWLINE_CHAR:SPACE_CHAR:"\n "
+
+printf "%c%c", DOUBLE QUOTE, SPACE
+printf_char2:"%c%c":DOUBLE_QUOTE_CHAR:SPACE_CHAR:"\" "
+
+printf "%c%c", COLON, SPACE
+printf_char2:"%c%c":COLON_CHAR:SPACE_CHAR:"\: "
+
+printf "%c%c", QUESTION, SPACE
+printf_char2:"%c%c":QUESTION_CHAR:SPACE_CHAR:"? "
+
+printf "%c%c", BACKSLASH, SPACE
+printf_char2:"%c%c":BACKSLASH_CHAR:SPACE_CHAR:"\\ "
+
+printf "%c%c", SPACE, BACKSLASH
+printf_char2:"%c%c":SPACE_CHAR:BACKSLASH_CHAR:" \\"
+
+printf "%c%c", COLON, COLON
+printf_char2:"%c%c":COLON_CHAR:COLON_CHAR:"\:\:"
+
+printf "%c%c", COLON, NEWLINE
+printf_char2:"%c%c":COLON_CHAR:NEWLINE_CHAR:"\:\n"
+
+printf "%c%c", QUESTION, QUESTION
+printf_char2:"%c%c":QUESTION_CHAR:QUESTION_CHAR:"??"
+
+printf "%c%c", QUESTION, NEWLINE
+printf_char2:"%c%c":QUESTION_CHAR:NEWLINE_CHAR:"?\n"
+
+printf "%c%c", BACKSLASH, NEWLINE
+printf_char2:"%c%c":BACKSLASH_CHAR:NEWLINE_CHAR:"\\\n"
+
+printf "%c%c", BACKSLASH, DOUBLE QUOTE
+printf_char2:"%c%c":BACKSLASH_CHAR:DOUBLE_QUOTE_CHAR:"\\\""
+
+printf "%c%c", BACKSLASH, COLON
+printf_char2:"%c%c":BACKSLASH_CHAR:COLON_CHAR:"\\\:"
+
+printf "%c%c", BACKSLASH, QUESTION
+printf_char2:"%c%c":BACKSLASH_CHAR:QUESTION_CHAR:"\\?"
+
+printf "%c%c", BACKSLASH, BACKSLASH
+printf_char2:"%c%c":BACKSLASH_CHAR:BACKSLASH_CHAR:"\\\\"
+
+printf "%c%c", BACKSLASH, n
+printf_char2:"%c%c":BACKSLASH_CHAR:LOWERCASE_N_CHAR:"\\n"
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_platform_printf.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_platform_printf.function
new file mode 100644
index 0000000..643accf
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_platform_printf.function
@@ -0,0 +1,89 @@
+/* BEGIN_HEADER */
+
+/* The printf test functions take a format argument from the test data
+ * for several reasons:
+ * - For some tests, it makes sense to vary the format.
+ * - For all tests, it means we're testing the actual printf function
+ *   that parses the format at runtime, and not a compiler optimization.
+ *   (It may be useful to add tests that allow compiler optimizations.
+ *   There aren't any yet at the time of writing.)
+ */
+
+#include "mbedtls/platform.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define NEWLINE_CHAR '\n'
+#define SPACE_CHAR ' '
+#define DOUBLE_QUOTE_CHAR '"'
+#define COLON_CHAR ':'
+#define QUESTION_CHAR '?'
+#define BACKSLASH_CHAR '\\'
+#define LOWERCASE_N_CHAR 'n'
+/* END_HEADER */
+
+/* BEGIN_CASE */
+void printf_int(char *format, /* any format expecting one int argument, e.g. "%d" */
+                int x, char *result)
+{
+    char *output = NULL;
+    const size_t n = strlen(result);
+
+    /* Nominal case: buffer just large enough */
+    TEST_CALLOC(output, n + 1);
+    TEST_EQUAL(n, mbedtls_snprintf(output, n + 1, format, x));
+    TEST_MEMORY_COMPARE(result, n + 1, output, n + 1);
+    mbedtls_free(output);
+    output = NULL;
+
+exit:
+    mbedtls_free(output);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void printf_long_max(const char *format, /* "%lx" or longer type */
+                     long value)
+{
+    char *expected = NULL;
+    char *output = NULL;
+    /* 2 hex digits per byte */
+    const size_t n = sizeof(value) * 2;
+
+    /* We assume that long has no padding bits! */
+    TEST_CALLOC(expected, n + 1);
+    expected[0] = '7';
+    memset(expected + 1, 'f', sizeof(value) * 2 - 1);
+
+    TEST_CALLOC(output, n + 1);
+    TEST_EQUAL(n, mbedtls_snprintf(output, n + 1, format, value));
+    TEST_MEMORY_COMPARE(expected, n + 1, output, n + 1);
+    mbedtls_free(output);
+    output = NULL;
+
+exit:
+    mbedtls_free(output);
+    mbedtls_free(expected);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void printf_char2(char *format, /* "%c%c" */
+                  int arg1, int arg2, char *result)
+{
+    char *output = NULL;
+    const size_t n = strlen(result);
+
+    /* Nominal case: buffer just large enough */
+    TEST_CALLOC(output, n + 1);
+    TEST_EQUAL(n, mbedtls_snprintf(output, n + 1, format, arg1, arg2));
+    TEST_MEMORY_COMPARE(result, n + 1, output, n + 1);
+    mbedtls_free(output);
+    output = NULL;
+
+exit:
+    mbedtls_free(output);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_poly1305.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_poly1305.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_poly1305.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_poly1305.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_poly1305.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_poly1305.function
new file mode 100644
index 0000000..c391c86
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_poly1305.function
@@ -0,0 +1,124 @@
+/* BEGIN_HEADER */
+#include "mbedtls/poly1305.h"
+#include <stddef.h>
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_POLY1305_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void mbedtls_poly1305(data_t *key, data_t *expected_mac, data_t *src_str)
+{
+    unsigned char mac[16]; /* size set by the standard */
+    mbedtls_poly1305_context ctx;
+
+    memset(mac, 0x00, sizeof(mac));
+
+    /*
+     * Test the integrated API
+     */
+    TEST_ASSERT(mbedtls_poly1305_mac(key->x, src_str->x,
+                                     src_str->len, mac) == 0);
+
+    TEST_MEMORY_COMPARE(mac, expected_mac->len,
+                        expected_mac->x, expected_mac->len);
+
+    /*
+     * Test the streaming API
+     */
+    mbedtls_poly1305_init(&ctx);
+
+    TEST_ASSERT(mbedtls_poly1305_starts(&ctx, key->x) == 0);
+
+    TEST_ASSERT(mbedtls_poly1305_update(&ctx, src_str->x, src_str->len) == 0);
+
+    TEST_ASSERT(mbedtls_poly1305_finish(&ctx, mac) == 0);
+
+    TEST_MEMORY_COMPARE(mac, expected_mac->len,
+                        expected_mac->x, expected_mac->len);
+
+    /*
+     * Test the streaming API again, piecewise
+     */
+
+    /* Don't free/init the context, in order to test that starts() does the
+     * right thing. */
+    if (src_str->len >= 1) {
+        TEST_ASSERT(mbedtls_poly1305_starts(&ctx, key->x) == 0);
+
+        TEST_ASSERT(mbedtls_poly1305_update(&ctx, src_str->x, 1) == 0);
+        TEST_ASSERT(mbedtls_poly1305_update(&ctx, src_str->x + 1, src_str->len - 1) == 0);
+
+        TEST_ASSERT(mbedtls_poly1305_finish(&ctx, mac) == 0);
+
+        TEST_MEMORY_COMPARE(mac, expected_mac->len,
+                            expected_mac->x, expected_mac->len);
+    }
+
+    /*
+     * Again with more pieces
+     */
+    if (src_str->len >= 2) {
+        TEST_ASSERT(mbedtls_poly1305_starts(&ctx, key->x) == 0);
+
+        TEST_ASSERT(mbedtls_poly1305_update(&ctx, src_str->x, 1) == 0);
+        TEST_ASSERT(mbedtls_poly1305_update(&ctx, src_str->x + 1, 1) == 0);
+        TEST_ASSERT(mbedtls_poly1305_update(&ctx, src_str->x + 2, src_str->len - 2) == 0);
+
+        TEST_ASSERT(mbedtls_poly1305_finish(&ctx, mac) == 0);
+
+        TEST_MEMORY_COMPARE(mac, expected_mac->len,
+                            expected_mac->x, expected_mac->len);
+    }
+
+    mbedtls_poly1305_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void poly1305_bad_params()
+{
+    unsigned char src[1];
+    unsigned char key[32];
+    unsigned char mac[16];
+    size_t src_len = sizeof(src);
+    mbedtls_poly1305_context ctx;
+
+    TEST_INVALID_PARAM(mbedtls_poly1305_init(NULL));
+    TEST_VALID_PARAM(mbedtls_poly1305_free(NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_poly1305_starts(NULL, key));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_poly1305_starts(&ctx, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_poly1305_update(NULL, src, 0));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_poly1305_update(&ctx, NULL, src_len));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_poly1305_finish(NULL, mac));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_poly1305_finish(&ctx, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_poly1305_mac(NULL, src, 0, mac));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_poly1305_mac(key, NULL, src_len, mac));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
+                           mbedtls_poly1305_mac(key, src, 0, NULL));
+
+exit:
+    return;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void poly1305_selftest()
+{
+    TEST_ASSERT(mbedtls_poly1305_self_test(1) == 0);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto.data
new file mode 100644
index 0000000..03cc2ff
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto.data
@@ -0,0 +1,4022 @@
+PSA compile-time sanity checks
+static_checks:
+
+PSA import/export raw: 1 bytes
+import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:8:0:PSA_SUCCESS:1
+
+PSA import/export raw: 1 bytes, larger buffer
+import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:8:1:PSA_SUCCESS:1
+
+PSA import/export raw: 2 bytes, buffer too small
+import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
+
+PSA import/export AES-128
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+import_export:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:128:0:PSA_SUCCESS:1
+
+PSA import/export AES-192
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+import_export:"0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:192:0:PSA_SUCCESS:1
+
+PSA import/export AES-256
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:256:0:PSA_SUCCESS:1
+
+PSA import: bad usage flag
+import_with_policy:PSA_KEY_TYPE_RAW_DATA:0x40000000:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import AES: bad key size
+depends_on:PSA_WANT_KEY_TYPE_AES
+import_with_data:"0123456789abcdef":PSA_KEY_TYPE_AES:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import/export RSA public key: good, 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:1
+
+PSA import/export RSA public key: good, larger buffer (+1 byte)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:1:PSA_SUCCESS:1
+
+PSA import/export RSA public key: good, larger buffer (*2-1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:161:PSA_SUCCESS:1
+
+PSA import/export RSA public key: good, larger buffer (*2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS:1
+
+PSA import/export RSA public key: good, larger buffer (*2+1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:163:PSA_SUCCESS:1
+
+PSA import/export RSA public key: export buffer too small
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
+
+PSA import/export RSA keypair: good, 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:1
+
+PSA import/export RSA keypair: good, larger buffer (+1 byte)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:1:PSA_SUCCESS:1
+
+PSA import/export RSA keypair: good, larger buffer (*2-1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:609:PSA_SUCCESS:1
+
+PSA import/export RSA keypair: good, larger buffer (*2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:610:PSA_SUCCESS:1
+
+PSA import/export RSA keypair: good, larger buffer (*2+1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:611:PSA_SUCCESS:1
+
+PSA import/export RSA keypair: export buffer too small
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
+
+PSA import/export RSA keypair: trailing garbage ignored
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:-1:PSA_SUCCESS:0
+
+PSA import RSA keypair: truncated
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
+import_with_data:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import RSA keypair: public key
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
+import_with_data:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import RSA public key: key pair
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C
+import_with_data:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import RSA keypair: valid key but EC
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
+import_with_data:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import/export-public RSA public key: good, 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+PSA import/export-public RSA keypair: good, 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+PSA import/export-public RSA public key: buffer too small
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+PSA import/export-public RSA keypair: buffer too small
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+PSA import/export RSA public key: 1016-bit (good)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export:"30818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1016:0:PSA_SUCCESS:1
+
+PSA import/export RSA keypair: 1016-bit (good)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1016:0:PSA_SUCCESS:1
+
+PSA import RSA public key: 1022-bit (not supported)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_with_data:"30818802818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd134450230203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA import RSA keypair: 1022-bit (not supported)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_with_data:"3082025802010002818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd1344502302030100010281800ad9700e01e8bf68ff4c90c4465dfa13fea0e76295d817349ccb257d382acf89b3d7b31e18606af4ac92baf3710426fe0b54225ddfa527c31218b3346e03a9cae5395a780ade880b996f4061fad65689393fc8e77f46a4c1a29b0450cdaaef0710e523cd1028abe1653d23f0d5ec805a629bdf1fc4c1c00737760e1714f6b7f102407d5e545484b546bd61972b446a04af0cf17b126a8872b977da5035ca82dd0e4fef1381a6480f60db07628348602f86ba89a271563d9a3fb613b9b39703498f9902407017641093065eed178ff848b5f8a2b502a187511db28549ea7646f3e7b3ea171f4c34c0ecf0566adc4d172c057be077a45fcf8019a36a4588c4de3b8c0a631b02407cc7fccbbae2eb2be80c9c8615b7dfbbd4469907ec13b44274cacd1f69ad38679b2021352e18106131327e54f5579893e6160714bd6fdfe60c30136e45595c51024055250f779f96f94873db82a808c24325e847b6b8212cd81e9ba118a8715ab2f8b96773b310c8477c88b76e609c11cb22569408d4afa4f836b57b85ac09e661fd02400e5fc5df9614c95d77e9bc2df63d48e7a08a0034174f0f745eef4413ee36d929f194557e6990e148b7438e949a41e92bc9d9136c3e6563904151a578a2f4fc1b":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA import RSA public key: 1023-bit (not supported)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_with_data:"3081880281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA import RSA keypair: 1023-bit (not supported)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_with_data:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA import/export EC secp224r1 key pair: good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_224
+import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:224:0:PSA_SUCCESS:1
+
+PSA import/export-public EC secp224r1: good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_224
+import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7"
+
+PSA import/export EC secp256r1 key pair: good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1
+
+PSA import/export-public EC secp256r1: good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+PSA import/export EC secp384r1 key pair: good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_384
+import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:384:0:PSA_SUCCESS:1
+
+PSA import/export-public EC secp384r1: good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_384
+import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+PSA import/export EC secp521r1 key pair: good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521
+import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:521:0:PSA_SUCCESS:1
+
+PSA import/export-public EC secp521r1: good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521
+import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+PSA import/export EC brainpool256r1 key pair: good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256
+import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1
+
+PSA import/export-public EC brainpool256r1: good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256
+import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+PSA import/export EC brainpool384r1 key pair: good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384
+import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:384:0:PSA_SUCCESS:1
+
+PSA import/export-public EC brainpool384r1: good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384
+import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+PSA import/export EC brainpool512r1 key pair: good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512
+import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:512:0:PSA_SUCCESS:1
+
+PSA import/export-public EC brainpool512r1: good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512
+import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+PSA import/export EC curve25519 key pair: good (already properly masked)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255
+import_export:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:255:0:PSA_SUCCESS:1
+
+PSA import/export EC curve25519 key pair: unmasked input (check export-import-export yields properly masked output)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255
+import_export:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:255:0:PSA_SUCCESS:0
+
+PSA import/export-public EC curve25519: accept unmasked input
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255
+import_export_public_key:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a"
+
+PSA import/export-public EC curve25519: accept masked input
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255
+import_export_public_key:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a"
+
+PSA import/export-public: cannot export-public a symmetric key
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT:"2b7e151628aed2a6abf7158809cf4f3c"
+
+PSA import/export EC secp256r1 public key: good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1
+
+PSA import/export EC secp521r1 public key: good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521
+import_export:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:521:0:PSA_SUCCESS:1
+
+PSA import/export EC brainpoolP256r1 public key: good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256
+import_export:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1
+
+PSA import/export curve25519 public key: good
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255
+import_export:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:255:0:PSA_SUCCESS:1
+
+PSA import/export AES key: policy forbids export
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:128:0:PSA_ERROR_NOT_PERMITTED:1
+
+PSA import/export HMAC key: policy forbids export
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):256:0:PSA_ERROR_NOT_PERMITTED:1
+
+PSA import/export RSA keypair: policy forbids export (crypt)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1
+
+PSA import/export RSA keypair: policy forbids export (sign)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_ERROR_NOT_PERMITTED:1
+
+# Test PEM import. Note that this is not a PSA feature, it's an Mbed TLS
+# extension which we may drop in the future.
+PSA import/export RSA public key: import PEM
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export:"2d2d2d2d2d424547494e205055424c4943204b45592d2d2d2d2d0a4d4947664d413047435371475349623344514542415155414134474e4144434269514b4267514376425830356275685074312f6274634b7850482f6c706c53710a69714a4843315165346636777353306c7835635255784a4a34524b574b41517475376242494e46454e5354765441357548596c57377249486576456a536433750a355553447641624378686c497a514b7941756557727232553036664c2b466e43775947634d6b79344b357a545474346d4f69712f2f6b637a384865476e6f5a670a3939614454615539615137336d46397277774944415141420a2d2d2d2d2d454e44205055424c4943204b45592d2d2d2d2d0a00":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:0
+
+PSA import/export RSA keypair: import PEM
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:0
+
+PSA import: reject raw data key of length 0
+# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED
+import_with_data:"":PSA_KEY_TYPE_RAW_DATA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import: reject raw data key of length 0 and declared size 1 bit
+# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED
+import_with_data:"":PSA_KEY_TYPE_RAW_DATA:1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import: reject raw data key of length 0 and declared size 8 bits
+# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED
+import_with_data:"":PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC keypair: explicit bit-size=255 for secp256r1
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_with_data:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):255:PSA_ERROR_NOT_SUPPORTED
+
+PSA import EC keypair: explicit bit-size=521 for secp521r1 (good)
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_521
+import_with_data:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_SUCCESS
+
+PSA import EC keypair: explicit bit-size=528 for secp521r1 (bad)
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_521
+import_with_data:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):528:PSA_ERROR_NOT_SUPPORTED
+
+PSA import EC keypair: explicit bit-size, DER format
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_with_data:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC keypair: explicit bit-size, too short
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_with_data:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13e":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC keypair: explicit bit-size, too long (00 start)
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_with_data:"0049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC keypair: explicit bit-size, too long (00 end)
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_with_data:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee00":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC keypair: explicit bit-size, public key
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_with_data:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC keypair: implicit bit-size, not a valid length
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_with_data:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA import EC keypair: secp256r1, all-bits-zero (bad)
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_with_data:"0000000000000000000000000000000000000000000000000000000000000000":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC keypair: secp256r1, d == n - 1 (good)
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_SUCCESS
+
+PSA import EC keypair: secp256r1, d == n (bad)
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC keypair: secp256r1, d > n (bad)
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC public key: key pair
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_with_data:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import AES: bits=0 ok
+depends_on:PSA_WANT_KEY_TYPE_AES
+import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:0:PSA_SUCCESS
+
+PSA import AES: bits=128 ok
+depends_on:PSA_WANT_KEY_TYPE_AES
+import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_SUCCESS
+
+PSA import AES: bits=256 wrong
+depends_on:PSA_WANT_KEY_TYPE_AES
+import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:256:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import AES: bits=256 ok
+depends_on:PSA_WANT_KEY_TYPE_AES
+import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:256:PSA_SUCCESS
+
+PSA import AES: bits=128 wrong
+depends_on:PSA_WANT_KEY_TYPE_AES
+import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import large key: raw, 65528 bits (ok)
+import_large_key:PSA_KEY_TYPE_RAW_DATA:8191:PSA_SUCCESS
+
+PSA import large key: raw, 65536 bits (not supported)
+import_large_key:PSA_KEY_TYPE_RAW_DATA:8192:PSA_ERROR_NOT_SUPPORTED
+
+PSA import RSA key pair: maximum size exceeded
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:1:PSA_ERROR_NOT_SUPPORTED
+
+PSA import RSA public key: maximum size exceeded
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key policy: AES ECB
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_ECB_NO_PADDING
+
+PSA key policy: AES CBC
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING
+
+PSA key policy: ECC SECP256R1, SIGN_HASH -> SIGN_HASH+MESSAGE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA_ANY
+
+PSA key policy: ECC SECP256R1, VERIFY_HASH -> VERIFY_HASH+MESSAGE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY
+
+PSA key policy: ECC SECP256R1, SIGN+VERIFY_HASH -> {SIGN,VERIFY}_{HASH,MESSAGE}
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY
+
+PSA key policy: ECC SECP256R1, {SIGN,VERIFY}_{HASH,MESSAGE}
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY
+
+PSA key policy: ECC SECP256R1, SIGN_MESSAGE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
+
+PSA key policy: ECC SECP256R1, VERIFY_MESSAGE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
+
+PSA key policy: ECC SECP256R1, SIGN+VERIFY_MESSAGE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
+
+Key attributes initializers zero properly
+key_attributes_init:
+
+PSA key policy: MAC, SIGN_HASH -> SIGN_HASH+MESSAGE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: MAC, VERIFY_HASH -> VERIFY_HASH+MESSAGE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED:PSA_SUCCESS
+
+PSA key policy: MAC, SIGN+VERIFY_HASH -> {SIGN,VERIFY}_{HASH,MESSAGE}
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_SUCCESS
+
+PSA key policy: MAC, {SIGN,VERIFY}_{HASH,MESSAGE}
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_SUCCESS
+
+PSA key policy: MAC, SIGN_MESSAGE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: MAC, VERIFY_MESSAGE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED:PSA_SUCCESS
+
+PSA key policy: MAC, SIGN+VERIFY_MESSAGE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_SUCCESS
+
+PSA key policy: MAC, neither sign nor verify
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:0:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: MAC, wrong algorithm
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: MAC, alg=0 in policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: MAC, ANY_HASH in policy is not meaningful
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: HMAC, sign-verify, tag length > min-length policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 30):PSA_SUCCESS:PSA_SUCCESS
+
+PSA key policy: HMAC, sign-verify, tag length = min-length policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_SUCCESS:PSA_SUCCESS
+
+PSA key policy: HMAC, sign-verify, tag length < min-length policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: CMAC, sign-verify, tag length > min-length policy
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):PSA_SUCCESS:PSA_SUCCESS
+
+PSA key policy: CMAC, sign-verify, tag length = min-length policy
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 10):PSA_SUCCESS:PSA_SUCCESS
+
+PSA key policy: CMAC, sign-verify, tag length < min-length policy
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 8):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: HMAC, sign-verify, default tag length > min-length policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 31):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_SUCCESS
+
+PSA key policy: HMAC, sign-verify, default tag length = min-length policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 32):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_SUCCESS
+
+PSA key policy: HMAC, sign-verify, default tag length < min-length policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: HMAC, sign-verify, min-length policy, unmatched base alg
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 20):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: HMAC, sign-verify, min-length policy, unmatched base alg (different hash base)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 20):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: HMAC, sign-verify, min-length policy, unmatched base alg (different algorithm)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CMAC:PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: HMAC, sign-verify, min-length policy used as algorithm
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key policy: HMAC, sign-verify, tag length > exact-length policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: HMAC, sign-verify, tag length = exact-length policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_SUCCESS:PSA_SUCCESS
+
+PSA key policy: HMAC, sign-verify, tag length < exact-length policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_ERROR_NOT_PERMITTED:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: cipher, encrypt | decrypt
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
+
+PSA key policy: cipher, wrong algorithm
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CBC_NO_PADDING
+
+PSA key policy: cipher, encrypt but not decrypt
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
+
+PSA key policy: cipher, decrypt but not encrypt
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
+
+PSA key policy: cipher, neither encrypt nor decrypt
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_key_policy:0:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
+
+PSA key policy: cipher, alg=0 in policy
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
+
+PSA key policy: AEAD, encrypt | decrypt
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM:PSA_SUCCESS
+
+PSA key policy: AEAD, wrong algorithm
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":16:16:PSA_ALG_GCM:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: AEAD, alg=0 in policy
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":16:16:PSA_ALG_CCM:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: AEAD, encrypt but not decrypt
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM:PSA_SUCCESS
+
+PSA key policy: AEAD, decrypt but not encrypt
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM:PSA_SUCCESS
+
+PSA key policy: AEAD, neither encrypt nor decrypt
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:0:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: AEAD, tag length > min-length policy, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:8:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):PSA_SUCCESS
+
+PSA key policy: AEAD, tag length = min-length policy, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:4:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):PSA_SUCCESS
+
+PSA key policy: AEAD, tag length < min-length policy, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:4:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: AEAD, tag length > min-length policy, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 4):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":12:8:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 8):PSA_SUCCESS
+
+PSA key policy: AEAD, tag length = min-length policy, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 4):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":12:4:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 4):PSA_SUCCESS
+
+PSA key policy: AEAD, tag length < min-length policy, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 8):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":12:4:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 4):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: AEAD, default tag length > min-length policy
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM:PSA_SUCCESS
+
+PSA key policy: AEAD, default tag length = min-length policy
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 16):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM:PSA_SUCCESS
+
+PSA key policy: AEAD, default tag length < min-length policy
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 17):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: AEAD, min-length policy, unmatched base alg
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:4:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 4):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: AEAD, min-length policy used as algorithm
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:8:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):PSA_ERROR_NOT_SUPPORTED
+
+PSA key policy: AEAD, tag length > exact-length policy
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:8:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: AEAD, tag length = exact-length policy
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:4:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):PSA_SUCCESS
+
+PSA key policy: AEAD, tag length < exact-length policy
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:4:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: asymmetric encryption, encrypt | decrypt
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
+
+PSA key policy: asymmetric encryption, wrong algorithm (v1.5/OAEP)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256)
+
+PSA key policy: asymmetric encryption, wrong algorithm (OAEP with different hash)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256)
+
+PSA key policy: asymmetric encryption, alg=0 in policy
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
+
+PSA key policy: asymmetric encryption, ANY_HASH in policy is not meaningful
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256)
+
+PSA key policy: asymmetric encryption, encrypt but not decrypt
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
+
+PSA key policy: asymmetric encryption, decrypt but not encrypt
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
+
+PSA key policy: asymmetric encryption, neither encrypt nor decrypt
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_key_policy:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
+
+PSA key policy: asymmetric signature, sign | verify hash, PKCS#1v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, sign | verify hash, PKCS#1v1.5 raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, sign | verify hash, ECDSA SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, sign, key usage extension
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE
+
+PSA key policy: asymmetric signature, verify, key usage extension
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, sign | verify, key usage extension
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, wrong alg family (PSS std/any salt)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, wrong alg family (PSS any/std salt)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, wrong alg family (RSA v15/PSS)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, wildcard in policy, wrong alg family
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, wildcard in policy, ECDSA SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, wrong hash algorithm
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, alg=0 in policy
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, sign but not verify
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE
+
+PSA key policy: asymmetric signature, verify but not sign
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, neither sign nor verify
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:0
+
+PSA key policy: msg asymmetric signature, sign | verify
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: msg asymmetric signature, wrong alg family (PSS std/any salt)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: msg asymmetric signature, wrong alg family (PSS any/std salt)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: msg asymmetric signature, wrong alg family (RSA v15/PSS)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: msg asymmetric signature, wildcard in policy, wrong alg family
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: msg asymmetric signature, wildcard in policy, ECDSA SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: msg asymmetric signature, wildcard in policy, PKCS#1v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: msg asymmetric signature, wrong hash algorithm
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: msg asymmetric signature, alg=0 in policy
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: msg asymmetric signature, sign but not verify
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:PSA_KEY_USAGE_SIGN_MESSAGE
+
+PSA key policy: msg asymmetric signature, verify but not sign
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: derive via HKDF, permitted
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256)
+
+PSA key policy: derive via TLS 1.2 PRF, permitted
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
+
+PSA key policy: derive via HKDF, not permitted
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_key_policy:0:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256)
+
+PSA key policy: derive via TLS 1.2 PRF, not permitted
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_key_policy:0:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
+
+PSA key policy: derive via HKDF, wrong algorithm
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256
+derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224)
+
+PSA key policy: derive via TLS 1.2 PRF, wrong algorithm
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224)
+
+PSA key policy: agreement + KDF, permitted
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_SUCCESS
+
+PSA key policy: agreement + KDF, not permitted
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+agreement_key_policy:0:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: agreement + KDF, wrong agreement algorithm
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: agreement + KDF, wrong KDF algorithm
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_224)):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: agreement + KDF, key permits raw agreement
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_SUCCESS
+
+PSA key policy: raw agreement, permitted
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH:PSA_SUCCESS
+
+PSA key policy: raw agreement, not permitted
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+raw_agreement_key_policy:0:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: raw agreement, wrong algorithm
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: raw agreement, key permits raw agreement, but algorithm is not raw
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECDH_C
+raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key policy: raw agreement, key specifies KDF
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH:PSA_ERROR_NOT_PERMITTED
+
+PSA key policy algorithm2: CTR, CBC
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+key_policy_alg2:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING
+
+PSA key policy algorithm2: ECDH, ECDSA, HASH usage
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
+
+PSA key policy algorithm2: ECDH, ECDSA, HASH+MESSAGE usage
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
+
+PSA key policy algorithm2: ECDH, ECDSA, MESSAGE usage
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
+
+Copy key: raw, 1 byte
+copy_success:PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"2a":1:-1:-1:0:PSA_KEY_USAGE_COPY:0:0
+
+Copy key: AES, copy attributes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":1:-1:-1:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0
+
+Copy key: AES, same usage flags
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0
+
+Copy key: AES, fewer usage flags (-EXPORT)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0
+
+Copy key: AES, fewer usage flags (-COPY)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0
+
+Copy key: AES, 1 more usage flag
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0
+
+Copy key: AES, 2 more usage flags
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0
+
+Copy key: AES, intersect usage flags #1
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0
+
+Copy key: AES, intersect usage flags #2
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0
+
+Copy key: RSA key pair, same usage flags
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+
+Copy key: RSA key pair, extended usage flags
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+
+Copy key: RSA key pair, fewer usage flags
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+
+Copy key: RSA key pair, more usage flags
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+
+Copy key: RSA key pair, intersect usage flags #0
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+
+Copy key: RSA key pair, intersect usage flags #1
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+
+Copy key: RSA key pair, wildcard algorithm in source
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+
+Copy key: RSA key pair, wildcard algorithm in target
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+
+Copy key: RSA key pair, wildcard algorithm in source and target
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0
+
+Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH
+
+Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH, extended usage flags
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH
+
+Copy key: source=ECDSA+ECDH, target=ECDSA+0
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0
+
+Copy key: source=ECDSA+ECDH, target=0+ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH
+
+Copy key: source=ECDSA(any)+ECDH, target=ECDSA(SHA256)+ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH
+
+Copy key: source=ECDH+ECDSA(any), target=ECDH+ECDSA(SHA256)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
+
+Copy fail: raw data, no COPY flag
+copy_fail:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:0:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_NOT_PERMITTED
+
+Copy key: AES, no COPY flag
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+copy_fail:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_NOT_PERMITTED
+
+Copy fail: AES, incompatible target policy
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+Copy key: source=MAC, target=MAC extended usage flags
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0
+
+Copy key: source=MAC min-length, target=MAC length > min-length
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0
+
+Copy key: source=MAC min-length, target=MAC length = min-length
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0
+
+Copy fail: source=MAC min-length, target=MAC length < min-length
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_fail:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 16):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+Copy key: source=MAC min-length, target=MAC min-length, src > tgt
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0
+
+Copy key: source=MAC min-length, target=MAC min-length, src = tgt
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0
+
+Copy key: source=MAC min-length, target=MAC min-length, src < tgt
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0
+
+Copy fail: source=MAC, target=MAC min-length > length
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_fail:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+Copy key: source=MAC, target=MAC min-length = length
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0
+
+Copy key: source=MAC, target=MAC min-length < length
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 16):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0
+
+Copy key: source=AEAD min-length, target=AEAD length > min-length
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0
+
+Copy key: source=AEAD min-length, target=AEAD length = min-length
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0
+
+Copy fail: source=AEAD min-length, target=AEAD length < min-length
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+copy_fail:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+Copy key: source=AEAD min-length, target=AEAD min-length, src > tgt
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0
+
+Copy key: source=AEAD min-length, target=AEAD min-length, src = tgt
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0
+
+Copy key: source=AEAD min-length, target=AEAD min-length, src < tgt
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0
+
+Copy fail: source=AEAD, target=AEAD min-length > length
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+copy_fail:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+Copy key: source=AEAD, target=AEAD min-length = length
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):0
+
+Copy key: source=AEAD, target=AEAD min-length < length
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 12):0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 12):0
+
+Copy fail: RSA, incompatible target policy (source wildcard)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+Copy fail: RSA, incompatible target policy (target wildcard)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+Copy fail: RSA, incompatible target policy (source and target wildcard)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+Copy fail: RSA, ANY_HASH is not meaningful with OAEP
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+Copy fail: incorrect type in attributes
+depends_on:PSA_WANT_KEY_TYPE_AES
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_EXPORT:0:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+Copy fail: incorrect size in attributes
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:42:PSA_KEY_USAGE_EXPORT:0:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+Copy fail: source=ECDSA(SHA224)+ECDH, target=ECDSA(SHA256)+ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+Copy fail: source=ECDH+ECDSA(SHA224), target=ECDH+ECDSA(SHA256)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+Copy fail: AES, invalid persistent key identifier in attributes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_LIFETIME_PERSISTENT:PSA_ERROR_INVALID_ARGUMENT
+
+Copy fail: AES, invalid lifetime (unknown location) in attributes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:1:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_PERSISTENT, 11):PSA_ERROR_INVALID_ARGUMENT
+
+Hash operation object initializers zero properly
+hash_operation_init:
+
+PSA hash setup: good, SHA-1
+depends_on:PSA_WANT_ALG_SHA_1
+hash_setup:PSA_ALG_SHA_1:PSA_SUCCESS
+
+PSA hash setup: good, SHA-224
+depends_on:PSA_WANT_ALG_SHA_224
+hash_setup:PSA_ALG_SHA_224:PSA_SUCCESS
+
+PSA hash setup: good, SHA-256
+depends_on:PSA_WANT_ALG_SHA_256
+hash_setup:PSA_ALG_SHA_256:PSA_SUCCESS
+
+PSA hash setup: good, SHA-384
+depends_on:PSA_WANT_ALG_SHA_384
+hash_setup:PSA_ALG_SHA_384:PSA_SUCCESS
+
+PSA hash setup: good, SHA-512
+depends_on:PSA_WANT_ALG_SHA_512
+hash_setup:PSA_ALG_SHA_512:PSA_SUCCESS
+
+PSA hash setup: good, MD2
+depends_on:PSA_WANT_ALG_MD2
+hash_setup:PSA_ALG_MD2:PSA_SUCCESS
+
+PSA hash setup: good, MD4
+depends_on:PSA_WANT_ALG_MD4
+hash_setup:PSA_ALG_MD4:PSA_SUCCESS
+
+PSA hash setup: good, MD5
+depends_on:PSA_WANT_ALG_MD5
+hash_setup:PSA_ALG_MD5:PSA_SUCCESS
+
+PSA hash setup: good, RIPEMD160
+depends_on:PSA_WANT_ALG_RIPEMD160
+hash_setup:PSA_ALG_RIPEMD160:PSA_SUCCESS
+
+PSA hash setup: bad (unknown hash algorithm)
+depends_on:MBEDTLS_SHA256_C
+hash_setup:PSA_ALG_CATEGORY_HASH:PSA_ERROR_NOT_SUPPORTED
+
+PSA hash setup: bad (wildcard instead of hash algorithm)
+depends_on:MBEDTLS_SHA256_C
+hash_setup:PSA_ALG_ANY_HASH:PSA_ERROR_NOT_SUPPORTED
+
+PSA hash setup: bad (not a hash algorithm)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256
+hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash: bad order function calls
+hash_bad_order:
+
+PSA hash verify: bad arguments
+hash_verify_bad_args:
+
+PSA hash finish: bad arguments
+hash_finish_bad_args:
+
+PSA hash compute: bad algorithm (unknown hash)
+hash_compute_fail:PSA_ALG_CATEGORY_HASH:"":32:PSA_ERROR_NOT_SUPPORTED
+
+PSA hash compute: bad algorithm (wildcard)
+hash_compute_fail:PSA_ALG_ANY_HASH:"":32:PSA_ERROR_NOT_SUPPORTED
+
+PSA hash compute: bad algorithm (not a hash)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256
+hash_compute_fail:PSA_ALG_HMAC(PSA_ALG_SHA_256):"":32:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash compute: output buffer empty
+depends_on:PSA_WANT_ALG_SHA_256
+hash_compute_fail:PSA_ALG_SHA_256:"":0:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA hash compute: output buffer too small
+depends_on:PSA_WANT_ALG_SHA_256
+hash_compute_fail:PSA_ALG_SHA_256:"":31:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA hash compare: bad algorithm (unknown hash)
+hash_compare_fail:PSA_ALG_CATEGORY_HASH:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_ERROR_NOT_SUPPORTED
+
+PSA hash compare: bad algorithm (wildcard)
+hash_compare_fail:PSA_ALG_ANY_HASH:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_ERROR_NOT_SUPPORTED
+
+PSA hash compare: bad algorithm (not a hash)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256
+hash_compare_fail:PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash compare: hash of a prefix
+depends_on:PSA_WANT_ALG_SHA_256
+hash_compare_fail:PSA_ALG_SHA_256:"00":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_ERROR_INVALID_SIGNATURE
+
+PSA hash compare: hash with flipped bit
+depends_on:PSA_WANT_ALG_SHA_256
+hash_compare_fail:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b854":PSA_ERROR_INVALID_SIGNATURE
+
+PSA hash compare: hash with trailing garbage
+depends_on:PSA_WANT_ALG_SHA_256
+hash_compare_fail:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b85500":PSA_ERROR_INVALID_SIGNATURE
+
+PSA hash compare: truncated hash
+depends_on:PSA_WANT_ALG_SHA_256
+hash_compare_fail:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8":PSA_ERROR_INVALID_SIGNATURE
+
+PSA hash compare: empty hash
+depends_on:PSA_WANT_ALG_SHA_256
+hash_compare_fail:PSA_ALG_SHA_256:"":"":PSA_ERROR_INVALID_SIGNATURE
+
+PSA hash compare: good
+depends_on:PSA_WANT_ALG_SHA_256
+hash_compare_fail:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_SUCCESS
+
+PSA hash compute: good, SHA-1
+depends_on:PSA_WANT_ALG_SHA_1
+hash_compute_compare:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619"
+
+PSA hash compute: good, SHA-224
+depends_on:PSA_WANT_ALG_SHA_224
+hash_compute_compare:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
+
+PSA hash compute: good, SHA-256
+depends_on:PSA_WANT_ALG_SHA_256
+hash_compute_compare:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803"
+
+PSA hash compute: good, SHA-384
+depends_on:PSA_WANT_ALG_SHA_384
+hash_compute_compare:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955"
+
+PSA hash compute: good, SHA-512
+depends_on:PSA_WANT_ALG_SHA_512
+hash_compute_compare:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
+
+PSA hash compute: good, MD2
+depends_on:PSA_WANT_ALG_MD2
+hash_compute_compare:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
+
+PSA hash compute: good, MD4
+depends_on:PSA_WANT_ALG_MD4
+hash_compute_compare:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
+
+PSA hash compute: good, MD5
+depends_on:PSA_WANT_ALG_MD5
+hash_compute_compare:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72"
+
+PSA hash compute: good, RIPEMD160
+depends_on:PSA_WANT_ALG_RIPEMD160
+hash_compute_compare:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
+
+PSA hash clone: source state
+hash_clone_source_state:
+
+PSA hash clone: target state
+hash_clone_target_state:
+
+MAC operation object initializers zero properly
+mac_operation_init:
+
+PSA MAC setup: good, HMAC-SHA-256
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
+
+PSA MAC setup: good, AES-CMAC
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_SUCCESS
+
+PSA MAC setup: bad algorithm (HMAC without specified hash)
+# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(0):PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC setup: bad algorithm (unsupported HMAC hash algorithm)
+depends_on:!PSA_WANT_ALG_MD2
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC setup: bad algorithm (not a MAC algorithm)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA MAC setup: truncated MAC too small (1 byte)
+depends_on:MBEDTLS_SHA256_C
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_TRUNCATED_MAC( PSA_ALG_HMAC( PSA_ALG_SHA_256 ), 1 ):PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC setup: truncated MAC too large (33 bytes for SHA-256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_TRUNCATED_MAC( PSA_ALG_HMAC( PSA_ALG_SHA_256 ), 33 ):PSA_ERROR_INVALID_ARGUMENT
+
+PSA MAC setup: invalid key type, HMAC-SHA-256
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256
+mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA MAC setup: incompatible key HMAC for CMAC
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_HMAC
+# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA MAC setup: algorithm known but not supported, long key
+depends_on:!PSA_WANT_ALG_MD5
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC setup: algorithm known but not supported, short key
+depends_on:!PSA_WANT_ALG_MD5
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC: bad order function calls
+mac_bad_order:
+
+PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-224
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
+
+PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-224
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
+
+PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-256
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"
+
+PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-256
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"
+
+PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-384
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6"
+
+PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-384
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6"
+
+PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-512
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
+
+PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-512
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
+
+PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-224
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_224):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44"
+
+PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-256
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_256):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843"
+
+PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-384
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_384):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649"
+
+PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-512
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_512):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737"
+
+PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-224
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea"
+
+PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-256
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe"
+
+PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-384
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27"
+
+PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-512
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb"
+
+PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-224
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_224):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a"
+
+PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-256
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_256):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b"
+
+PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-384
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_384):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb"
+
+PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-512
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_512):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd"
+
+PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-224
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e"
+
+PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-256
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54"
+
+PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-384
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952"
+
+PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-512
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598"
+
+PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-224
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1"
+
+PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-256
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2"
+
+PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-384
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e"
+
+PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-512
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58"
+
+PSA MAC sign: HMAC-SHA-224, truncated to 28 bytes (actual size)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 28):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
+
+PSA MAC verify: HMAC-SHA-224, truncated to 28 bytes (actual size)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 28):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
+
+PSA MAC sign: HMAC-SHA-512, truncated to 64 bytes (actual size)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 64):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
+
+PSA MAC verify: HMAC-SHA-512, truncated to 64 bytes (actual size)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 64):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
+
+PSA MAC sign: HMAC-SHA-224, truncated to 27 bytes
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 27):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b"
+
+PSA MAC verify: HMAC-SHA-224, truncated to 27 bytes
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 27):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b"
+
+PSA MAC sign: HMAC-SHA-512, truncated to 63 bytes
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 63):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a1268"
+
+PSA MAC verify: HMAC-SHA-512, truncated to 63 bytes
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 63):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a1268"
+
+PSA MAC sign: HMAC-SHA-224, truncated to 4 bytes
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 4):"4869205468657265":"896fb112"
+
+PSA MAC verify: HMAC-SHA-224, truncated to 4 bytes
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 4):"4869205468657265":"896fb112"
+
+PSA MAC sign: HMAC-SHA-512, truncated to 4 bytes
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 4):"4869205468657265":"87aa7cde"
+
+PSA MAC verify: HMAC-SHA-512, truncated to 4 bytes
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 4):"4869205468657265":"87aa7cde"
+
+PSA MAC sign: CMAC-3DES (CAVP vector #95)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DES
+mac_sign:PSA_KEY_TYPE_DES:"7c34e67a2a8fef581cc4f7dceaea130dad52c189739e401f":PSA_ALG_CMAC:"eb3365a0a9d141270334065547418fe64c47823c024082b94d54a66d149f2af1":"e1d7c3736739e726"
+
+PSA MAC verify: CMAC-3DES (CAVP vector #95)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DES
+mac_verify:PSA_KEY_TYPE_DES:"7c34e67a2a8fef581cc4f7dceaea130dad52c189739e401f":PSA_ALG_CMAC:"eb3365a0a9d141270334065547418fe64c47823c024082b94d54a66d149f2af1":"e1d7c3736739e726"
+
+PSA MAC: CMAC-3DES-2key (not supported in PSA)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DES
+mac_setup:PSA_KEY_TYPE_DES:"89fe91f1c1ef2f01efc4c18f5715894c":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC: CMAC-DES (not supported in PSA)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DES
+mac_setup:PSA_KEY_TYPE_DES:"89fe91f1c1ef2f01":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC sign: CMAC-AES-128
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
+
+PSA MAC verify: CMAC-AES-128
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
+
+PSA MAC sign: CMAC-AES-128, truncated to 16 bytes (actual size)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
+
+PSA MAC verify: CMAC-AES-128, truncated to 16 bytes (actual size)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
+
+PSA MAC sign: CMAC-AES-128, truncated to 15 bytes
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 15):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c8"
+
+PSA MAC verify: CMAC-AES-128, truncated to 15 bytes
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 15):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c8"
+
+PSA MAC sign: CMAC-AES-128, truncated to 4 bytes
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 4):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747"
+
+PSA MAC verify: CMAC-AES-128, truncated to 4 bytes
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 4):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747"
+
+Cipher operation object initializers zero properly
+cipher_operation_init:
+
+PSA cipher setup: good, AES-CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_SUCCESS
+
+PSA cipher setup: bad algorithm (unknown cipher algorithm)
+depends_on:MBEDTLS_AES_C
+cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CATEGORY_CIPHER:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher setup: bad algorithm (not a cipher algorithm)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher setup: invalid key type, CTR
+depends_on:MBEDTLS_CIPHER_MODE_CTR
+# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
+cipher_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher setup: incompatible key ARC4 for CTR
+depends_on:MBEDTLS_ARC4_C:MBEDTLS_CIPHER_MODE_CTR
+# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
+cipher_setup:PSA_KEY_TYPE_ARC4:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher: bad order function calls
+cipher_bad_order:
+
+PSA cipher: incorrect key type (HMAC)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256
+cipher_bad_key:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f"
+
+PSA cipher: incorrect key type (RSA)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_bad_key:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+PSA cipher: incorrect key type (ECC Family Sep R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+cipher_bad_key:PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320"
+
+PSA cipher encrypt: without initialization
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"":"":PSA_ERROR_BAD_STATE
+
+PSA cipher encrypt: invalid key type
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING
+cipher_encrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"":PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher encrypt: incompatible key ARC4 for CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARC4
+# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
+cipher_encrypt_fail:PSA_ALG_CTR:PSA_KEY_TYPE_ARC4:"2b7e151628aed2a6abf7158809cf4f3c":"":PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher encrypt: bad algorithm (unknown cipher algorithm)
+depends_on:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_fail:PSA_ALG_CATEGORY_CIPHER:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"":PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher encrypt: bad algorithm (not a cipher algorithm)
+depends_on:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_fail:PSA_ALG_MD4:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric encrypt: AES-ECB, input too short (15 bytes)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric encrypt: AES-CBC-nopad, input too short
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_fail:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric encrypt: AES-ECB, 0 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":""
+
+PSA symmetric encrypt: AES-ECB, 16 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"3ad77bb40d7a3660a89ecaf32466ef97"
+
+PSA symmetric encrypt: AES-ECB, 32 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1"
+
+PSA symmetric encrypt: 2-key 3DES-ECB, 8 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"c78e2b38139610e3":"5d0652429c5b0ac7"
+
+PSA symmetric encrypt: 3-key 3DES-ECB, 8 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"c78e2b38139610e3":"817ca7d69b80d86a"
+
+PSA symmetric encrypt: 128-bit ARC4, 16 bytes, good
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4
+cipher_alg_without_iv:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_ARC4:"0102030405060708090a0b0c0d0e0f10":"00000000000000000000000000000000":"9ac7cc9a609d1ef7b2932899cde41b97"
+
+PSA symmetric encrypt validation: AES-CBC-nopad, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA symmetric encrypt validation: AES-CBC-PKCS#7, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_validation:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA symmetric encrypt validation: AES-CBC-PKCS#7, 15 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_validation:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
+
+PSA symmetric encrypt validation: AES-CTR, 16 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA symmetric encrypt validation: AES-CTR, 15 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
+
+PSA symmetric encrypt validation: DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"eda4011239bc3ac9"
+
+PSA symmetric encrypt validation: 2-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"eda4011239bc3ac9"
+
+PSA symmetric encrypt validation: 3-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"eda4011239bc3ac9"
+
+PSA symmetric encrypt multipart: AES-ECB, 0 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":0:0:0:"":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-ECB, 16 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-ECB, 32 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":32:32:0:"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CBC-nopad, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CBC-PKCS#7, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CBC-PKCS#7, 15 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:0:0:"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-ECB, input too short (15 bytes)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e11739317":0:0:0:"":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric encrypt multipart: AES-CBC-nopad, input too short
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":0:0:0:"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric encrypt multipart: AES-CTR, 16 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CTR, 15 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":8:8:0:"64f917b0152f8f05":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: 2-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":8:8:0:"5d0652429c5b0ac7":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: 3-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":8:8:0:"817ca7d69b80d86a":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: 2-key 3DES-ECB, 8 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"c78e2b38139610e3":8:8:0:"5d0652429c5b0ac7":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: 3-key 3DES-ECB, 8 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"c78e2b38139610e3":8:8:0:"817ca7d69b80d86a":PSA_SUCCESS
+
+PSA cipher decrypt: without initialization
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"":"":"":PSA_ERROR_BAD_STATE
+
+PSA cipher decrypt: invalid key type
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING
+cipher_decrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher decrypt: incompatible key ARC4 for CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARC4
+# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
+cipher_decrypt_fail:PSA_ALG_CTR:PSA_KEY_TYPE_ARC4:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher decrypt: bad algorithm (unknown cipher algorithm)
+cipher_decrypt_fail:PSA_ALG_CATEGORY_CIPHER:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher decrypt: bad algorithm (not a cipher algorithm)
+depends_on:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_fail:PSA_ALG_MD4:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric decrypt: AES-CBC-PKCS#7, input too short (15 bytes)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_fail:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric decrypt: AES-ECB, input too short (15 bytes)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_fail:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric decrypt: AES-ECB, 0 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":""
+
+PSA symmetric decrypt: AES-ECB, 16 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":"63cecc46a382414d5fa7d2b79387437f"
+
+PSA symmetric decrypt: AES-ECB, 32 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97"
+
+PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955"
+
+PSA symmetric decrypt: AES-CBC-PKCS#7, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA symmetric decrypt: AES-CBC-PKCS#7, 15 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317"
+
+PSA symmetric decrypt: AES-CTR, 16 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2"
+
+PSA symmetric decrypt: DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"64f917b0152f8f05":"eda4011239bc3ac9"
+
+PSA symmetric decrypt: 2-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"5d0652429c5b0ac7":"eda4011239bc3ac9"
+
+PSA symmetric decrypt: 3-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"817ca7d69b80d86a":"eda4011239bc3ac9"
+
+PSA symmetric decrypt: 2-key 3DES-ECB, 8 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"5d0652429c5b0ac7":"c78e2b38139610e3"
+
+PSA symmetric decrypt: 3-key 3DES-ECB, 8 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"817ca7d69b80d86a":"c78e2b38139610e3"
+
+PSA symmetric decrypt multipart: AES-ECB, 0 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":0:0:0:"":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-ECB, 16 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"63cecc46a382414d5fa7d2b79387437f":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-ECB, 32 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":32:32:0:"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-CBC-nopad, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-CBC-PKCS#7, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":16:0:16:"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-CBC-PKCS#7, 15 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6279b49d7f7a8dd87b685175d4276e24":16:0:0:"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-CBC-PKCS#7, input too short (15 bytes)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:0:"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric decrypt multipart: AES-CTR, 16 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-ECB, input too short (15 bytes)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":0:0:0:"63cecc46a382414d5fa7d2b7938743":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric decrypt multipart: AES-CBC-nopad, input too short (5 bytes)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":0:0:0:"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric decrypt multipart: DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"64f917b0152f8f05":8:8:0:"eda4011239bc3ac9":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: 2-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"5d0652429c5b0ac7":8:8:0:"eda4011239bc3ac9":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: 3-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"817ca7d69b80d86a":8:8:0:"eda4011239bc3ac9":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: 2-key 3DES-ECB, 8 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"5d0652429c5b0ac7":8:8:0:"c78e2b38139610e3":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: 3-key 3DES-ECB, 8 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"817ca7d69b80d86a":8:8:0:"c78e2b38139610e3":PSA_SUCCESS
+
+PSA symmetric encrypt/decrypt: AES-ECB, 16 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA symmetric encrypt/decrypt: AES-CBC-nopad, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA symmetric encrypt/decrypt: AES-CBC-PKCS#7, 16 bytes
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA symmetric encrypt/decrypt: AES-CBC-PKCS#7, 15 bytes
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
+
+PSA symmetric encrypt/decrypt: AES-CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA symmetric encryption multipart: AES-ECB, 16+16 bytes
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-ECB, 13+19 bytes
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":13:0:32:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-ECB, 24+12 bytes
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":24:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":7:0:16:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":3:0:16:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":4:0:16:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:0:16:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CBC-nopad, 16+16 bytes
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CBC-nopad, 12+20 bytes
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:0:32:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CBC-nopad, 20+12 bytes
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CTR, 11+5 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CTR, 16+16 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CTR, 12+20 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CTR, 20+12 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CTR, 12+10 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b":PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CTR, 0+15 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CTR, 15+0 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CTR, 0+16 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CTR, 16+0 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-ECB, 16+16 bytes
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-ECB, 11+21 bytes
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":11:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-ECB, 28+4 bytes
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":28:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":7:0:16:"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":3:0:16:"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":11:0:16:"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CBC-nopad, 16+16 bytes
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CBC-nopad, 12+20 bytes
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":12:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CBC-nopad, 20+12 bytes
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":20:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CTR, 11+5 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CTR, 16+16 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CTR, 12+20 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CTR, 20+12 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CTR, 12+10 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b":PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CTR, 0+15 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CTR, 15+0 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CTR, 0+16 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CTR, 16+0 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
+
+PSA symmetric encrypt/decrypt multipart: AES-ECB, 16 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16
+
+PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16
+
+PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7, 16 bytes
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16
+
+PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7, 15 bytes
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":15
+
+PSA symmetric encrypt/decrypt multipart: AES-CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16
+
+PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 11+5 bytes
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11
+
+PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7 padding, 4+12 bytes
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4
+
+PSA symmetric encrypt validation: ChaCha20, K=0 N=0
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_encrypt_validation:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
+
+PSA symmetric encrypt validation: ChaCha20, K=rand N=rand
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_encrypt_validation:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
+
+PSA symmetric encrypt multipart: ChaCha20, K=0 N=0
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_encrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":64:64:0:"76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: ChaCha20, K=rand N=rand
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_encrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":64:64:0:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS
+
+PSA symmetric encryption multipart: ChaCha20, 14+50 bytes
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_encrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: ChaCha20, K=rand N=rand
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_decrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":64:64:0:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS
+
+PSA symmetric decryption multipart: ChaCha20, 14+50 bytes
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_decrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS
+
+PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #1
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"000102030405060708090A0B":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E":PSA_SUCCESS
+
+PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #2
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_SUCCESS
+
+PSA AEAD encrypt/decrypt: DES-CCM not supported
+depends_on:MBEDTLS_DES_C:MBEDTLS_CCM_C
+aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_ERROR_NOT_SUPPORTED
+
+PSA AEAD encrypt: AES-CCM, 23 bytes
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=4
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=6
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 6 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=8
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 8 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=10
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 10 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=12
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 12 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=14
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 14 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=16
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 16 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
+
+PSA AEAD decrypt: AES-CCM, 39 bytes
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS
+
+PSA AEAD decrypt, AES-CCM, 40 bytes
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=4
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=6
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 6 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=8
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 8 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=10
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 10 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=12
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 12 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=14
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 14 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=16
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 16 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, invalid signature
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
+
+PSA AEAD decrypt: AES-CCM, invalid signature, T=4
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f38":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
+
+PSA AEAD decrypt: AES-CCM, T=4, tag is truncated tag for T=16
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
+
+PSA AEAD decrypt: AES-CCM, invalid tag length 0
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: AES-CCM, invalid tag length 2
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 2 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: AES-CCM, invalid tag length 15
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 15 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: AES-CCM, invalid tag length 18
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 18 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: AES-CCM, invalid nonce length 6
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c090693056":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: AES-CCM, invalid nonce length 14
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd97200":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: AES-CCM_8, invalid nonce length 6
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 8 ):"48c090693056":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: AES-CCM_8, invalid nonce length 14
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 8 ):"48c0906930561e0ab0ef4cd97200":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD encrypt/decrypt, AES-GCM, 19 bytes #1
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E":PSA_SUCCESS
+
+PSA AEAD encrypt/decrypt, AES GCM, 19 bytes #2
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_SUCCESS
+
+PSA AEAD encrypt/decrypt, AES-GCM, 19 bytes, 12 byte nonce , 1
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"E462C58482FE8264AEEB7231":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E":PSA_SUCCESS
+
+PSA AEAD encrypt/decrypt, AES GCM, 19 bytes, 12 byte nonce , 2
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"E462C58482FE8264AEEB7231":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_SUCCESS
+
+PSA AEAD encrypt, AES-GCM, 128 bytes #1
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
+
+PSA AEAD encrypt, AES-GCM, 128 bytes #2
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56"
+
+PSA AEAD encrypt, AES-GCM, 128 bytes #1, T=4
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847f"
+
+PSA AEAD encrypt, AES-GCM, 128 bytes #1, T=15
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a"
+
+PSA AEAD encrypt, AES-GCM, 128 bytes #1, T=16
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=0, AAD=0, TAG=16,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"ab2265b4c168955561f04315":"":"":"f149e2b5f0adaa9842ca5f45b768a8fc"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=0, AAD=16, TAG=16,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"41c5da8667ef725220ffe39ae0ac590ac9fca729ab60ada0":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"05ad13a5e2c2ab667e1a6fbc":"8b5c124bef6e2f0fe4d8c95cd5fa4cf1":"":"204bdb1bd62154bf08922aaa54eed705"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=0, AAD=20, TAG=16,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"093ef7551ebbff8eb0c0a8a4a62b198f0c2e838de10eeeee":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"e656e93930ed5210ba3f0322":"3da22dacfd11b21b0a713157f60aec0cd22f1add":"":"1b2d2764573e20ae640bf29d48e5fe05"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=0, AAD=48, TAG=15,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"31389612d244c9792a510eca3f9c94f9f48c97ed67ae965a":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"df6b54ec8b58114df5b09279":"0863bec42ee93385efbec665adfc46dafcd793f29e859e3b531c15b168f1888dd13e905cd7d5bc03f9f1f6495717df62":"":"77e5682a49243d5b9016eb1adafa2d"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=0, TAG=16,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"fbc0b4c56a714c83217b2d1bcadd2ed2e9efb0dcac6cc19f":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"5f4b43e811da9c470d6a9b01":"":"d2ae38c4375954835d75b8e4c2f9bbb4":"69482957e6be5c54882d00314e0259cf191e9f29bef63a26860c1e020a21137e"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=0, TAG=8,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"c50ac59e50556e47b834380018c0dc0380af9df3bf6714e6":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 8 ):"f303bf4b6cfbba7104cd9436":"":"d3f3f57033df30c22860231334b099cb":"2269c72d77f2b6f9d57da1820ec5a5d3d62d4491e3e4e9e7"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=16, TAG=14,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"8ef391e4b7a2fe05b959be27823357080f963ed2f64b9e59":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"0080052a2a5bb0e95222a419":"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":"88d674044031414af7ba9da8b89dd68e69897d99d8e1706f38c613896c18"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=16, TAG=4,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"1cb5a0db778d3eb430b2816ceef9e455f519a8977b074183":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"c1df5e9e2e3165c54242a306":"7134e5ddc396c2a8a7da23906c8f7b40":"636871d4c0aae3da7b55abd8b5f21297":"14eb02562aa1d963d0033626cdc8a5c8972f4bdf"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=20, TAG=13,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"45148f42669f8ab8fad689d9b9180e39d7ea8fc95696297e":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 13 ):"5afcb134acc78b4eb9d11e79":"aec409e5fd82e50b824ebc1f45e75188d80615c6":"3d952be11deb421b56e0ce9d7ce99553":"077c0d53869869e191df116fd7baa8a293d2b577a29b0953c91b5d3b9d"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=48, TAG=15,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"5255428457fe75e64447971ec5af0d13c5b60a07ee2d07b0":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"40cb6ebafc202f82223db097":"b2da2bd05ab1f3e39613efc8d80c5d0f240ee08f6abad5791649e9c1d0f48fa3dc59c1e535d1db1a4d3fa2263f5a1117":"fdd8a462c86d4365c8bfee0e25fc8a62":"9ca4a6d08267038f6f7999c84105bb5eaf8f7b3b9310ec688e033088a03482"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=0, TAG=16,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"b52c505a37d78eda5dd34f20c22540ea1b58963cf8e5bf8ffa85f9f2492505b4":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"516c33929df5a3284ff463d7":"":"":"bdc1ac884d332457a1d2664f168c76f0"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=0, TAG=12,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"98ebf7a58db8b8371d9069171190063cc1fdc1927e49a3385f890d41a838619c":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 12 ):"3e6db953bd4e641de644e50a":"":"":"2fb9c3e41fff24ef07437c47"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=20, TAG=16,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"886cff5f3e6b8d0e1ad0a38fcdb26de97e8acbe79f6bed66959a598fa5047d65":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"3a8efa1cd74bbab5448f9945":"519fee519d25c7a304d6c6aa1897ee1eb8c59655":"":"f6d47505ec96c98a42dc3ae719877b87"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=20, TAG=13,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"a7c928738b89c3258b910ac31bc465338b2e133b143fd52d9c9859eb1d01f2a0":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 13 ):"a483a7e94fbb2d694d3c4a8d":"bdb613cd3c2f0edd37b3ed43041bacb949ee51fa":"":"5233f95bdcf5d666fb957acdcb"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=48, TAG=15,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"16a5b58a1dbb273a8fc6a4af722d46dbb898dd86ab128cb93d8388a8647a80a3":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"59e0c40d6675923cf5e004d5":"5b4b4ffc9c66bd394abeed3f03b695b949b3b69a42198cc3bfad971174915df913b967ccf36ee1f001f54efbcd117b68":"":"d57e27914ecb4a764359d3c0f8d4d6"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=48, TAG=4,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"5dd13092dd695b90ab835ed6343031c4cdb710d32f4d3804d72b46d921fcfa18":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"1de4bd816c8ec6bffc1e6453":"1b63d6278702abacf8b6c2faf542a808659fd5da03cdc1061a8593ea8ce9fc8ff54ffef6ebf3e15f7a832b4ae750a6ce":"":"72901467"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=16, AAD=0, TAG=15,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"ef9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f8":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"b6ac8e4963f49207ffd6374c":"":"722ee47da4b77424733546c2d400c4e5":"1224dfefb72a20d49e09256908874979882eafea22adf8dbed06a2265f907b"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=16, AAD=0, TAG=12,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"b33b0e4c5b9f7ef77cec1a29ed5844bda3853238bdf7766e7645029931f169f0":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 12 ):"f226d65e8654fdf5193ed721":"":"bcf48ddcfe9d011a1003973d68d2d78a":"d2eb20898a301b5d8e69e9926272021393af01abb6a970047a7fc010"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=16, AAD=16, TAG=14,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"c6e126a65faec77ab62318e30d8a50c39a664670039a66ae5a6874201bc68f9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"0ba5193b2d3a8378d67163ce":"5844b289dc74327f9fd93f7aae1c3d39":"c37aada3d4408e880d47e41df77da9b9":"b5cd7563989b460a2fe187e90c41fc3179c73d0d1e3a4484909969de93b0"
+
+PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=16, AAD=48, TAG=15,
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"2e6942d537f1a98444c2f9dbdb5d8db42a503a00a17b57d516399569e044a703":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"7eb67721581ed52cfcfc2c4d":"a96cc73451502c7278b467ac85d5fc14fc1a2f51bc685645b173f0cd9af02d383095de063e6eaa50374ce9bc951e9e61":"e5f410fe939e79b7ad33fbd3aaf5856f":"727f5e19a5582e5782bbbe73517f0c04c492319abf12b03b380724ff1483a3"
+
+PSA AEAD decrypt, AES-GCM, 144 bytes #1
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
+
+PSA AEAD decrypt, AES-GCM, 144 bytes #2
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS
+
+PSA AEAD decrypt, AES-GCM, 144 bytes, T=4
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
+
+PSA AEAD decrypt, AES-GCM, 144 bytes, T=15
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
+
+PSA AEAD decrypt, AES-GCM, 144 bytes, T=16
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
+
+PSA AEAD decrypt, AES-GCM, invalid signature
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE
+
+PSA AEAD decrypt, AES-GCM, T=15 but passing 16 bytes
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_INVALID_SIGNATURE
+
+PSA AEAD decrypt: AES-GCM, invalid tag length 0
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: AES-GCM, invalid tag length 2
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 2 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: AES-GCM, nonce=0 (bad)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: AES-GCM, nonce=0 (bad), TAG=12
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 12 ):"":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: AES-GCM, invalid tag length 18
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 18 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=0, AAD=0, TAG=16
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"0e5d6e68f82f32bea3f0b69498c1a31ef6d955cd3d27a2a8":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"caf72ee1e62e1001e8cfbc63":"":"db1a74ffb5f7de26f5742e0942b1b9cb":"":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=0, AAD=48, TAG=14
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"e79fb7defce4f650402e6b521170686d3eb2a0b9514f3a64":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"40e0d2d836c0519e7042419b":"41c5b5d971c0723bc1b63a259fe7e06c2961de1241bc34c13965f43636e4da3da8c75ed5956abe3a42f3039af005925a":"434ff68f2436f48418fd69f52158":"":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=16, AAD=0, TAG=15
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"e41d1f533d5b342ffe434b94b1372683bfd5d9d8cb79f9ee":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"5fe11a596dfcd3a305c1d711":"":"1847f64fff986476d1d2f758692f856da4a0ff98c0c1101694c84fd86680c9":"b03c2c20f758a93a8d1220232ad87098":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=16, AAD=20, TAG=15
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"8e7da473c057a2a4669a0d22bf9b7c9913fba48930ca0c9b":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"f9ff8ef80d76c50f9ca0e9ff":"f141bae18a1b54f065554fd34aa02c91c90f505c":"5deb093b6e7c766a64bb9d5170af1ff8bf130b64eebdce06a9bdb2cf1da15a":"b22b2dcdcc18adc30d16297b84b459d8":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=16, AAD=48, TAG=12
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"01bf150add51bb11623e3bfbebd62a7ea81c5b192b8eb6de":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 12 ):"dfacbc6791b785d324c646b7":"e35412a625324257bef35399a7eacca34fec2d2d24166e6bb3e94d96f5c57599ded45e2a74503f07116caa1692398a07":"77579db3c6da769e17731faac4732d7cce65d960a49f94f6b583e54a":"7e5fd8b595ddc4753676107951d900e2":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=16, AAD=48, TAG=8
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"551266c4ed166fe1c43761927801ed50cb9c0b3864fc97df":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 8 ):"e711afbeccd567f866340abb":"562d1697237ebc563941076d459727dfa094eb9ac00d30ed5836825d163dd27517c7660a01056b2d868c7fc5d0343830":"2b54cc27f6ee71882e8b1ead207d2b042d262e87eac97b58":"37245449db8f72b1ecdb420f629d3d80":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=13, AAD=0, TAG=15
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"78fa4a2a5b5b1b1d9580ea527f2e1653e9336e15cc5462f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"98b774f7110e0bea624b487f":"":"a642aabed8b99e15e297ee705a40c3e2e506cb889727b327b7e044a8":"496909523f574b205d757659c5":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=13, AAD=16, TAG=15
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"61f4c2e55d729c4657e503dfe2b604e2853675dbdeb0982a":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"0c4d5548aa2d8d54964e1e63":"5affdf8886dabb14790aff3dbfcbdd80":"0d4eacc3db304f46cb7a9eba6ec105bf86d9dc0639b7cebbd5260f47":"b6e056de521a27266dffbc0d96":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=13, AAD=20, TAG=13
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"73245c4f115a74fe71d6fefb9094c57c75f28033a3c7372b":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 13 ):"536a82485999b93b0bb7ef24":"64dcad870a42eeec0730fd7a7e4154638a85d739":"29333e87bfe65d0e37da2936f695824d4e3f37fab3b8e2b868f6":"f6d56f8c86f27d957fa63aea22":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=13, AAD=48, TAG=4
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"9002e74638e09dd1f091439518e1460cdd5905bd9e1a37ae":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"76c81a95d24be5c8bac63b50":"aa3ae4531aaac8f3eb07f748712c55a680bc8df5cf845edc66d09049500b41688b8023f5746879b45bdd586af29c4ede":"31bf37acbc53ca3fdbc9e5eaaebbb85a7f":"bd94b34511bc65ae47684805cb":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=0, AAD=0, TAG=16
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"f5a2b27c74355872eb3ef6c5feafaa740e6ae990d9d48c3bd9bb8235e589f010":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"58d2240f580a31c1d24948e9":"":"15e051a5e4a5f5da6cea92e2ebee5bac":"":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=0, AAD=16, TAG=15
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"3395a1485315c5b5e6353acb05ae9499c440a2e9f5c57494662f827235ea314c":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"3b7e632571602456b49880f0":"f283f80226dacb69c8af089ec6b59e81":"84c8beff4b0d160ee68ac613097f51":"":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=0, AAD=20, TAG=15
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4dc46ca55c1c1fcb4720c274c0e675c2ac5bf93d8dd5e951ca9f6b61f884edc9":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"6473ab77dc885127422f5594":"e2cf8172ab4cf77eba45cd2c8ff939b938080a90":"8d6351f18d873242204c20144e2b83":"":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=0, AAD=48, TAG=14
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a7f95798434f9a0fe6fd8acd30b8bad96dbdcfacee4594f01cbf26479be7d154":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"9ef5a77b02137b46e8461d09":"5595a16fa12d4dcdba6b128480dce2d39c1211c3fb6068cde6013f6a80dfcda5eb92af8879e40ee9c177fd0e446fc8ca":"3bfd3d99fe2063e8ef8255519fe0":"":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=16, AAD=0, TAG=16
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"4c8ebfe1444ec1b2d503c6986659af2c94fafe945f72c1e8486a5acfedb8a0f8":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"473360e0ad24889959858995":"":"d2c78110ac7e8f107c0df0570bd7c90cc26a379b6d98ef2852ead8ce83a833a7":"7789b41cb3ee548814ca0b388c10b343":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=16, AAD=0, TAG=4
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"57805f98aae1b8b64bb49756529ab8181b3ada674a90c55422e9eb26c48bcd7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"9735945d8ca161777206632a":"":"58375442ab1c0e6a8952c83d128d9fc5f45bb315":"4860116a6d2deb9bf794bfd6ac5bbbd6":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=16, AAD=16, TAG=8
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"f913bb823a1d0c10b0b72d56866907b893f2266f15de1abc17f93600824db55a":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 8 ):"d4fe686a14592b6ca1bd6b42":"e35d880c1c53688eb83869de9dd8a473":"35af9b502ea6b56269f896bf98affdd59c2aa418b38bc7fd":"ff426dd751190ff826e8b4a0792d746e":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=16, AAD=20, TAG=14
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"74e9d9d7cd0728cea94e169af485f21f9d2447e022f16008f803dcf5c4f7cc0c":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"ecba39edc96667da726122c0":"ae9ab021f86f5b81bb2e0fcbd4b855e1501e9f82":"e5745ce0e02dbba05363b548c3ac7047eacca7e61db6f72fc9b9e5bdb2bb":"0a0b284515694188b6b6c15bc8a09036":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=13, AAD=0, TAG=14
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"60667fce64b8c7169ddf45f335e46951248f69abc4e0f4f292d0ffe3dfd5219f":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"1057322a39f08ef761c3c8fc":"":"501b033c841acb430c52d88fe9cb44c751f2f1641d1e801a534ac8":"f386b28e7eb4c2fb8eb5dc66a2":PSA_SUCCESS
+
+PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=13, AAD=20, TAG=15
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"e67590da399cbcdcddcc56110562ade8665b50287a8ab38e8b9ee7520531b560":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"2c36ab6b686a66fba1805196":"823493d42f4f60b2d1433ad75eccaafd7e7c7d12":"cff6b6f03c67152f3ce1030653d9bd9a6559f5b04b48d77c2a1fc364":"da1c61fbfcdb73445ad4c7d889":PSA_SUCCESS
+
+PSA AEAD encrypt: ChaCha20-Poly1305 (RFC7539)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
+aead_encrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b61161ae10b594f09e26a7e902ecbd0600691"
+
+PSA AEAD encrypt: ChaCha20-Poly1305 (zero-length input)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
+aead_encrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"":"":"a0784d7a4716f3feb4f64e7f4b39bf04"
+
+PSA AEAD decrypt: ChaCha20-Poly1305 (RFC7539, good tag)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
+aead_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b61161ae10b594f09e26a7e902ecbd0600691":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":PSA_SUCCESS
+
+PSA AEAD decrypt: ChaCha20-Poly1305 (RFC7539, bad tag)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
+aead_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b61161ae10b594f09e26a7e902ecbd0600690":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":PSA_ERROR_INVALID_SIGNATURE
+
+PSA AEAD decrypt: ChaCha20-Poly1305 (good tag, zero-length input)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
+aead_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"":"a0784d7a4716f3feb4f64e7f4b39bf04":"":PSA_SUCCESS
+
+PSA AEAD decrypt: ChaCha20-Poly1305 (nonce=8, not supported)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
+aead_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"0700000040414243":"":"a0784d7a4716f3feb4f64e7f4b39bf04":"":PSA_ERROR_NOT_SUPPORTED
+
+PSA AEAD decrypt: ChaCha20-Poly1305 (nonce=11, too short)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
+aead_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"0700000040414243444546":"":"a0784d7a4716f3feb4f64e7f4b39bf04":"":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: ChaCha20-Poly1305 (nonce=13, too long)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
+aead_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"07000000404142434445464700":"":"a0784d7a4716f3feb4f64e7f4b39bf04":"":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD encrypt/decrypt: invalid algorithm (CTR)
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"000102030405060708090A0B0C0D0E0F":"":"":PSA_ERROR_NOT_SUPPORTED
+
+PSA AEAD encrypt/decrypt: invalid algorithm (ChaCha20)
+depends_on:PSA_WANT_KEY_TYPE_CHACHA20
+aead_encrypt_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_STREAM_CIPHER:"":"":"":PSA_ERROR_NOT_SUPPORTED
+
+PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
+
+PSA signature size: RSA public key, 1024 bits, PKCS#1 v1.5 raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+signature_size:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
+
+PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):128
+
+PSA signature size: RSA keypair, 1024 bits, PSS
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):128
+
+PSA signature size: RSA keypair, 1024 bits, PSS-any-salt
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PSS_ANY_SALT( PSA_ALG_SHA_256 ):128
+
+PSA signature size: RSA keypair, 1023 bits, PKCS#1 v1.5 raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1023:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
+
+PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1025:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:129
+
+PSA import/exercise RSA keypair, PKCS#1 v1.5 raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW
+
+PSA import/exercise RSA keypair, PSS-SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256)
+
+PSA import/exercise RSA keypair, PSS-any-salt-SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256)
+
+PSA import/exercise RSA public key, PKCS#1 v1.5 raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW
+
+PSA import/exercise RSA public key, PSS-SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256)
+
+PSA import/exercise RSA public key, PSS-any-salt-SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256)
+
+PSA import/exercise: ECP SECP256R1 keypair, ECDSA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA_ANY
+
+PSA import/exercise: ECP SECP256R1 keypair, deterministic ECDSA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 )
+
+PSA import/exercise: ECP SECP256R1 keypair, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDH
+
+PSA import/exercise: HKDF SHA-256
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+import_and_exercise_key:"c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0":PSA_KEY_TYPE_DERIVE:192:PSA_ALG_HKDF(PSA_ALG_SHA_256)
+
+PSA import/exercise: TLS 1.2 PRF SHA-256
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+import_and_exercise_key:"c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0":PSA_KEY_TYPE_DERIVE:192:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
+
+PSA sign hash: RSA PKCS#1 v1.5, raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a"
+
+PSA sign hash: RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
+
+PSA sign hash: deterministic ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+
+PSA sign hash: deterministic ECDSA SECP256R1 SHA-384
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
+sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca"
+
+PSA sign hash: deterministic ECDSA SECP384R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_MD_C
+sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":"52d92aac1fcc0fea3ecce01a9ed4bc9ac342f92470fd3f54d0d6d2fa5d2940405057a9d49a817c2b193322f05fc93ac1c7a055edac93bec0ade6814ab27b86b5295ac1ddb323818200f00c3d94d959f714f128b64a2e19628037ac009b14774f"
+
+PSA sign hash: RSA PKCS#1 v1.5 SHA-256, wrong hash size
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign hash: RSA PKCS#1 v1.5, invalid hash (wildcard)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign hash: RSA PKCS#1 v1.5 raw, input too large
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign hash: RSA PKCS#1 v1.5 SHA-256, output buffer too small
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA sign hash: RSA PSS SHA-256, wrong hash length (0 bytes)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":127:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign hash: RSA PSS-any-salt SHA-256, wrong hash length (0 bytes)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"":127:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign hash: RSA PSS SHA-256, wrong hash length (129 bytes)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":127:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign hash: RSA PSS-any-salt SHA-256, wrong hash length (129 bytes)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":127:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign hash: deterministic ECDSA SECP256R1 SHA-256, output buffer too small
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA sign hash: RSA PKCS#1 v1.5 SHA-256, empty output buffer
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA sign hash: deterministic ECDSA SECP256R1 SHA-256, empty output buffer
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":0:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA sign hash: deterministic ECDSA SECP256R1, invalid hash algorithm (0)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign hash: deterministic ECDSA SECP256R1, invalid hash algorithm (wildcard)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign hash: invalid key type, signing with a public key
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C
+sign_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign hash: invalid algorithm for ECC key
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign hash: deterministic ECDSA not supported
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":96:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign/verify hash: RSA PKCS#1 v1.5, raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263"
+
+PSA sign/verify hash: RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
+
+PSA sign/verify hash: RSA PSS SHA-256, 32 bytes (hash size)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
+
+PSA sign/verify hash: RSA PSS-any-salt SHA-256, 32 bytes (hash size)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
+
+PSA sign/verify hash: randomized ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
+
+PSA sign/verify hash: deterministic ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
+
+PSA sign/verify hash: randomized ECDSA SECP256R1 SHA-384
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
+sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f"
+
+PSA sign/verify hash: deterministic ECDSA SECP256R1 SHA-384
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
+sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f"
+
+PSA sign/verify hash: randomized ECDSA SECP384R1 SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384
+sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
+
+PSA sign/verify hash: deterministic ECDSA SECP384R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_MD_C
+sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
+
+PSA verify hash: RSA PKCS#1 v1.5 SHA-256, good signature
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
+
+PSA verify hash with keypair: RSA PKCS#1 v1.5 SHA-256, good signature
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
+
+PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong hash length
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_1
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT
+
+PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (same size)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (empty)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (truncated)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc73":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (trailing junk)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc731121":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (leading junk)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"21a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify hash: RSA-1024 PSS SHA-256, slen=0 (bad)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"abc4b612c6b71e13fa5965b2e25ee6adec5b1f211b2db158e9f3c4547d6cbef909a73dfb474b8caaf6c8fcafa10ec0bbadfd1883289ce33ad08ad533c61ea004fef4d9b76a1efc267efd066ae8918cb8e994faad30ff5e340e14c941926ba7ca9422b86e8055df1c1b90a5959a59cc7a5fc15cbd0d848cd40f7857b7629b668b":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify hash: RSA-1024 PSS-any-salt SHA-256, slen=0
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"abc4b612c6b71e13fa5965b2e25ee6adec5b1f211b2db158e9f3c4547d6cbef909a73dfb474b8caaf6c8fcafa10ec0bbadfd1883289ce33ad08ad533c61ea004fef4d9b76a1efc267efd066ae8918cb8e994faad30ff5e340e14c941926ba7ca9422b86e8055df1c1b90a5959a59cc7a5fc15cbd0d848cd40f7857b7629b668b"
+
+PSA verify hash: RSA-1024 PSS SHA-256, slen=31 (bad)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"797914eadbbe8293a7b0fe29d2db9fb246b519128d46d3ec93142a1a08a2992ba5325ad9b5ce55344b37996dbb81eb89628263cae4e3fc0e947dec0b8b0c7b0ee94bca02dd287f9cc619e2d88fb2279fb2a8f8301271c58009bb1223f3cfa730cb852947685678cfdef2968c82a9b8bffd8c0d518476b1ea2a5ad6c100045d8e":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify hash: RSA-1024 PSS-any-salt SHA-256, slen=31
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"797914eadbbe8293a7b0fe29d2db9fb246b519128d46d3ec93142a1a08a2992ba5325ad9b5ce55344b37996dbb81eb89628263cae4e3fc0e947dec0b8b0c7b0ee94bca02dd287f9cc619e2d88fb2279fb2a8f8301271c58009bb1223f3cfa730cb852947685678cfdef2968c82a9b8bffd8c0d518476b1ea2a5ad6c100045d8e"
+
+PSA verify hash: RSA-1024 PSS SHA-256, slen=32
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df"
+
+PSA verify hash: RSA-1024 PSS-any-salt SHA-256, slen=32
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df"
+
+PSA verify hash: RSA-1024 PSS SHA-256, slen=94 (bad)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"44a09fa66f1b2e790474960e90517e418747cfcd18423dff957516a598569d74f26ef1eae4a200d12d801e16fc6fde375330c79c0d8430825e0a7f69c664faefccfa25e7fbfc68af02af0f67fe4c49f68f6abc68c8f66d3fd77fc838961f4415827340c66e39c79ed7dae0738c08ce8272aebe50c72e31994b9b6db640b51800":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify hash: RSA-1024 PSS-any-salt SHA-256, slen=94
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"44a09fa66f1b2e790474960e90517e418747cfcd18423dff957516a598569d74f26ef1eae4a200d12d801e16fc6fde375330c79c0d8430825e0a7f69c664faefccfa25e7fbfc68af02af0f67fe4c49f68f6abc68c8f66d3fd77fc838961f4415827340c66e39c79ed7dae0738c08ce8272aebe50c72e31994b9b6db640b51800"
+
+PSA verify hash: RSA-1024 PSS SHA-512, slen=61 (bad)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"23f5b30c8d612d8f31206c177ac2023c4f44754d03c7ff67daff99f24fa369b3e5f7c15b228a4417a1ff1c93fb8d645d619c2f4f559ac6c7f7bac20ba9df32353d19941265a4e74261adaf45d48682c0bc86cea6128f11ad172ff461fb1d97bded615861843996e2a98e7b8313b695519d001ae35305d6cbf3c0ee6c7ab06d1a":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify hash: RSA-1024 PSS-any-salt SHA-512, slen=61
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
+verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"23f5b30c8d612d8f31206c177ac2023c4f44754d03c7ff67daff99f24fa369b3e5f7c15b228a4417a1ff1c93fb8d645d619c2f4f559ac6c7f7bac20ba9df32353d19941265a4e74261adaf45d48682c0bc86cea6128f11ad172ff461fb1d97bded615861843996e2a98e7b8313b695519d001ae35305d6cbf3c0ee6c7ab06d1a"
+
+PSA verify hash: RSA-1024 PSS SHA-512, slen=62
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
+verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"6b215d77cf88b2d08be53b4f3ac6e72ebfbf7e0dc6c1e77b238cfb661c247a011b8746709fbefe4bc05d37343391683e9489d720ecbb7df37f4e36967918958996939461703465c2014a4c12faf875f8def70070e55b765b165c7e9c6f2eb05c98351b1e82219c31a2fb3ddce05f8988f552ff92f0b3471f63c0e53824c550a4"
+
+PSA verify hash: RSA-1024 PSS-any-salt SHA-512, slen=62
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
+verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"6b215d77cf88b2d08be53b4f3ac6e72ebfbf7e0dc6c1e77b238cfb661c247a011b8746709fbefe4bc05d37343391683e9489d720ecbb7df37f4e36967918958996939461703465c2014a4c12faf875f8def70070e55b765b165c7e9c6f2eb05c98351b1e82219c31a2fb3ddce05f8988f552ff92f0b3471f63c0e53824c550a4"
+
+PSA verify hash: RSA-528 PSS SHA-512, slen=0
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
+verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"304a024300e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f0203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"a14ad0fef77d36c28658a66129ee632e40e1032003eefe7fcda8e52b06675a051c80b2ca1cb99ed0762e90c9a48c434cd1063638eed7895a9c770e5435af750a1955"
+
+PSA verify hash: RSA-528 PSS-any-salt SHA-512, slen=0
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
+verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"304a024300e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f0203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"a14ad0fef77d36c28658a66129ee632e40e1032003eefe7fcda8e52b06675a051c80b2ca1cb99ed0762e90c9a48c434cd1063638eed7895a9c770e5435af750a1955"
+
+PSA verify hash: RSA-520 PSS SHA-512 (hash too large)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"3049024200d5a06f86e5b9d87428540165ca966fa8893a62e2a59d0bfd7617780bb039f9165a373a8e119d0766f8de556710f33f67019153bad8223775e797d451d48206f3bf0203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"deaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddead42":PSA_ERROR_INVALID_ARGUMENT
+
+PSA verify hash: RSA-520 PSS-any-salt SHA-512 (hash too large)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"3049024200d5a06f86e5b9d87428540165ca966fa8893a62e2a59d0bfd7617780bb039f9165a373a8e119d0766f8de556710f33f67019153bad8223775e797d451d48206f3bf0203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"deaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddead42":PSA_ERROR_INVALID_ARGUMENT
+
+PSA verify hash: RSA PSS SHA-256, wrong hash length (0 bytes)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d":PSA_ERROR_INVALID_ARGUMENT
+
+PSA verify hash: RSA PSS-any-salt SHA-256, wrong hash length (0 bytes)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d":PSA_ERROR_INVALID_ARGUMENT
+
+PSA verify hash: RSA PSS SHA-256, wrong hash length (129 bytes)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308":PSA_ERROR_INVALID_ARGUMENT
+
+PSA verify hash: RSA PSS-any-salt SHA-256, wrong hash length (129 bytes)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308":PSA_ERROR_INVALID_ARGUMENT
+
+PSA verify hash: ECDSA SECP256R1, good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_hash:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+
+PSA verify hash with keypair: ECDSA SECP256R1, good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+
+PSA verify hash: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify hash: ECDSA SECP256R1, wrong signature of correct size
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify hash: ECDSA SECP256R1, wrong signature (empty)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify hash: ECDSA SECP256R1, wrong signature (truncated)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f5":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify hash: ECDSA SECP256R1, wrong signature (trailing junk)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f21":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify hash: ECDSA SECP256R1, wrong signature (leading junk)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"216a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify hash: invalid algorithm for ECC key
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign message: RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_message_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
+
+PSA sign message: deterministic ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_message_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548"
+
+PSA sign message: deterministic ECDSA SECP256R1 SHA-384
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
+sign_message_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"616263":"7ea712a20e3a8cbe0c6e64195362ba7635bbe78af51ddedd7a5fd858395250c592654c35d3b0614ae0e3b329c25cf5b4a5fcb243af3e3ad15c8446fe401be066"
+
+PSA sign message: deterministic ECDSA SECP384R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_MD_C
+sign_message_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263":"3548ea85eb66d756ae90fd64a3104b5b9a17aa282f8722409762e9da4811ec5d3060a97d3450b4bc484cd21ac588f563c4873843506fed8609b7d093db0e9a2496c36995ee74c906528af6898feb502f45bfb1e9ccf371416c68d32bb5ebc1b6"
+
+PSA sign message: RSA PKCS#1 v1.5, invalid hash (wildcard)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"616263":128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign message: RSA PKCS#1 v1.5, invalid hash algorithm (0)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(0):"616263":128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign message: RSA PKCS#1 v1.5 SHA-256, output buffer too small
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":127:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA sign message: RSA PKCS#1 v1.5 SHA-256, empty output buffer
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":0:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA sign message: RSA PKCS#1 v1.5 without hash
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign message: RSA PKCS#1 v1.5 SHA-256, invalid key type
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CHACHA20:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign message: ECDSA SECP256R1 SHA-256, invalid hash (wildcard)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"616263":64:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign message: ECDSA SECP256R1 SHA-256, invalid hash algorithm (0)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(0):"616263":64:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign message: ECDSA SECP256R1 SHA-256, output buffer too small
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":63:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA sign message: ECDSA SECP256R1 SHA-256, empty output buffer
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":0:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA sign message: ECDSA SECP256R1 SHA-256, invalid key type
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":64:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign message: invalid algorithm for ECC key
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"616263":72:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign message: deterministic ECDSA not supported
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263":96:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign message: ECDSA without hash
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"616263":96:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign/verify message: RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263"
+
+PSA sign/verify message: RSA PSS SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"616263"
+
+PSA sign/verify message: RSA PSS-any-salt SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"616263"
+
+PSA sign/verify message: RSA PSS SHA-256, 0 bytes
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):""
+
+PSA sign/verify message: RSA PSS SHA-256, 32 bytes
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+
+PSA sign/verify message: RSA PSS SHA-256, 128 bytes
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+
+PSA sign/verify message: RSA PSS SHA-256, 129 bytes
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+
+PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263"
+
+PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 0 bytes
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):""
+
+PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 32 bytes
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+
+PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 64 bytes
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+
+PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 65 bytes
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+
+PSA sign/verify message: deterministic ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263"
+
+PSA sign/verify message: randomized ECDSA SECP256R1 SHA-384
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_384):"616263"
+
+PSA sign/verify message: deterministic ECDSA SECP256R1 SHA-384
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
+sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"616263"
+
+PSA sign/verify message: randomized ECDSA SECP384R1 SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384
+sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263"
+
+PSA sign/verify message: deterministic ECDSA SECP384R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_MD_C
+sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263"
+
+PSA verify message: RSA PKCS#1 v1.5 SHA-256, good signature
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
+
+PSA verify message with keypair: RSA PKCS#1 v1.5 SHA-256, good signature
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
+
+PSA verify message: RSA-1024 PSS SHA-256, slen=0 (bad)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"616263":"abc4b612c6b71e13fa5965b2e25ee6adec5b1f211b2db158e9f3c4547d6cbef909a73dfb474b8caaf6c8fcafa10ec0bbadfd1883289ce33ad08ad533c61ea004fef4d9b76a1efc267efd066ae8918cb8e994faad30ff5e340e14c941926ba7ca9422b86e8055df1c1b90a5959a59cc7a5fc15cbd0d848cd40f7857b7629b668b":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: RSA-1024 PSS-any-salt SHA-256, slen=0
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"616263":"abc4b612c6b71e13fa5965b2e25ee6adec5b1f211b2db158e9f3c4547d6cbef909a73dfb474b8caaf6c8fcafa10ec0bbadfd1883289ce33ad08ad533c61ea004fef4d9b76a1efc267efd066ae8918cb8e994faad30ff5e340e14c941926ba7ca9422b86e8055df1c1b90a5959a59cc7a5fc15cbd0d848cd40f7857b7629b668b"
+
+PSA verify message: RSA-1024 PSS SHA-256, slen=32
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"616263":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df"
+
+PSA verify message: RSA-1024 PSS-any-salt SHA-256, slen=32
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"616263":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df"
+
+PSA verify message: RSA PSS SHA-256, good signature, 32 bytes (hash size)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d"
+
+PSA verify message: RSA PSS-any-salt SHA-256, good signature, 32 bytes (hash size)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d"
+
+PSA verify message: RSA PSS SHA-256, good signature, 128 bytes (signature size)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5"
+
+PSA verify message: RSA-any-salt PSS SHA-256, good signature, 128 bytes (signature size)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5"
+
+PSA verify message: RSA PSS SHA-256, good signature, 129 bytes
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"43286cc0fc599603fbb0cd1fd70c3a17b08d2adf4f90202dddfa4b9d74be8c720bbb1c714665466de6452d401ca061b68225785ff387c2615f03c81351cc3838cd3014a031a4f4c9f70bba06f504c6a9942ac2dbfed2329e590d526a9be26b4025a6d7c4151b4e795cfe756c9a8a5e8fa9228a6f5f6f427a5a070e5c0ea69830"
+
+PSA verify message: RSA PSS-any-salt SHA-256, good signature, 129 bytes
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"43286cc0fc599603fbb0cd1fd70c3a17b08d2adf4f90202dddfa4b9d74be8c720bbb1c714665466de6452d401ca061b68225785ff387c2615f03c81351cc3838cd3014a031a4f4c9f70bba06f504c6a9942ac2dbfed2329e590d526a9be26b4025a6d7c4151b4e795cfe756c9a8a5e8fa9228a6f5f6f427a5a070e5c0ea69830"
+
+PSA verify message: ECDSA SECP256R1 SHA-256, good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ALG_SHA_256:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_message:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf0b"
+
+PSA verify message with keypair: ECDSA SECP256R1 SHA-256, good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ALG_SHA_256:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf0b"
+
+PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (same size)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (empty)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (truncated)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc73":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (trailing junk)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc731121":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (leading junk)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"21a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: RSA PKCS#1 v1.5 without hash
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"21a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT
+
+PSA verify message: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"304502200b295f3dc3ac2bde92f550b7e73a2de15a753b4ebc761c521a32d1ed9bf5800a022100fe7301254058347c3dec7768f62dfc63f7c049d28bfdd1d6712126fd888e9f04":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: ECDSA SECP256R1, wrong signature of correct size
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf00":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: ECDSA SECP256R1, wrong signature (empty)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: ECDSA SECP256R1, wrong signature (truncated)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: ECDSA SECP256R1, wrong signature (trailing junk)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf0bff":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: ECDSA SECP256R1, wrong signature (leading junk)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"ff0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf0b":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify message: invalid algorithm for ECC key
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+verify_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT
+
+PSA verify message: ECDSA without hash
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"":"":PSA_ERROR_INVALID_ARGUMENT
+
+PSA encrypt: RSA PKCS#1 v1.5, good
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
+
+PSA encrypt: RSA OAEP-SHA-256, good
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
+
+PSA encrypt: RSA OAEP-SHA-256, good, with label
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00":128:PSA_SUCCESS
+
+PSA encrypt: RSA OAEP-SHA-384, good
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS
+
+PSA encrypt: RSA OAEP-SHA-384, good, with label
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"746869730069730061006c6162656c00":128:PSA_SUCCESS
+
+PSA encrypt: RSA PKCS#1 v1.5, key pair
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
+
+PSA encrypt: RSA OAEP-SHA-256, key pair
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
+
+PSA encrypt: RSA PKCS#1 v1.5, input too large
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"":0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA encrypt: RSA PKCS#1 v1.5: salt not allowed
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA encrypt: RSA OAEP-SHA-384, input too large
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"":0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA encrypt: invalid algorithm
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA encrypt: RSA PKCS#1 v1.5: invalid key type
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_PARSE_C
+asymmetric_encrypt:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #1
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
+asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":""
+
+PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #2
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
+asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":""
+
+PSA encrypt-decrypt: RSA OAEP-SHA-256
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":""
+
+PSA encrypt-decrypt: RSA OAEP-SHA-256, with label
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00"
+
+PSA encrypt-decrypt: RSA OAEP-SHA-384
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
+asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":""
+
+PSA decrypt: RSA PKCS#1 v1.5: good #1
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
+
+PSA decrypt: RSA PKCS#1 v1.5: good #2
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff"
+
+PSA decrypt: RSA PKCS#1 v1.5, 0 bytes, output too small
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":0:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA decrypt: RSA PKCS#1 v1.5, 0 bytes, good
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT:"1b4c1d06439b99f886048b8544607b5e8e5ac6828ad9d0b7ad4ec0b314a4d8052f8bbeab6c85dbddff0b90cc76395a7a0c4f9cc29cd7be20be0b38ff611800d6":"":""
+
+PSA decrypt: RSA OAEP-SHA-256, 0 bytes
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3d3146b1c982004273a9ebb9b063e6ae53b1a85bfc802324bcdd04faa0f7211fb2bdeea40358095554df9c250866c7361e738f0d270eaa27738e87928c5e31815506346727900ff03cef0be6f9dd6bba63ce89074e8194fe68b5a5739422d4f138bbbb61f49b76cf1f18def2c993e3113b08c191ea1da0feb94f8fd9b30109a1":"":""
+
+PSA decrypt: RSA OAEP-SHA-256, 0 bytes, with label
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"14e57648fbbd3c2c195d71fcb9b6c332e2ad9e3402aa701e7270b05775e9ddd025e2330d7b84e67866524c67f9c38b11e4679e28a38574b47f8d218a1a04a7466754d6ea7f959ab1f5b85d066d3f90076e8219f66653f7b78a9789d76213505b4e75ec28081608ed2f1ea1238e3eeab011ce4ec147327cd0ca029c2818133cb6":"746869730069730061006c6162656c00":""
+
+PSA decrypt: RSA OAEP-SHA-256, 30 bytes
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"":"74686973206973206e6f2073717565616d697368206f7373696672616765"
+
+PSA decrypt: RSA OAEP-SHA-256, 30 bytes, with label
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c00":"74686973206973206e6f2073717565616d697368206f7373696672616765"
+
+PSA decrypt: RSA OAEP-SHA-384, 30 bytes
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0df6750b8fed749359c016887d2cf097cc512c065526a91a7ee9b345a1bfff833737e7326e54d03f6bb65971962885a7661a16858d53ea55821052f4c7798d395b5c5495332fd4174451a1a437f36c27f446b96f309ff1cb6837274aa8ae2b51a8a479d736d25b8d2ca8ab96fe589553a3e52818b7df75544eb5469977b29aa4":"":"74686973206973206e6f2073717565616d697368206f7373696672616765"
+
+PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (should be empty)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"00":128:PSA_ERROR_INVALID_PADDING
+
+PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (empty)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"":128:PSA_ERROR_INVALID_PADDING
+
+PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (same length)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c01":128:PSA_ERROR_INVALID_PADDING
+
+PSA decrypt: RSA PKCS#1 v1.5, invalid padding
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":"":128:PSA_ERROR_INVALID_PADDING
+
+PSA decrypt: RSA PKCS#1 v1.5: salt not allowed
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt: RSA OAEP-SHA-256, invalid padding
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75428":"":128:PSA_ERROR_INVALID_PADDING
+
+PSA decrypt: invalid algorithm
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt: RSA PKCS#1 v1.5, invalid key type (RSA public key)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt: RSA OAEP, invalid key type (RSA public key)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt: RSA PKCS#1 v1.5: invalid key type (AES)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_PARSE_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396e":"":16:PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt: RSA PKCS#1 v1.5, input too small
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":127:PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt: RSA PKCS#1 v1.5, input too large
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt: RSA OAEP-SHA-256, input too small
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":127:PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt: RSA OAEP-SHA-256, input too large
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT
+
+Crypto derivation operation object initializers zero properly
+key_derivation_init:
+
+PSA key derivation setup: HKDF-SHA-256, good case
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_setup:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_SUCCESS
+
+PSA key derivation setup: HKDF-SHA-512, good case
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512
+derive_setup:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_SUCCESS
+
+PSA key derivation setup: TLS 1.2 PRF SHA-256, good case
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_setup:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_SUCCESS
+
+PSA key derivation setup: not a key derivation algorithm (HMAC)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256
+derive_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key derivation setup: algorithm from bad hash
+depends_on:MBEDTLS_SHA256_C
+derive_setup:PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):PSA_ERROR_NOT_SUPPORTED
+
+PSA key derivation setup: bad algorithm
+depends_on:MBEDTLS_SHA256_C
+derive_setup:PSA_ALG_CATEGORY_KEY_DERIVATION:PSA_ERROR_NOT_SUPPORTED
+
+PSA key derivation: HKDF-SHA-256, good case, direct output
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: HKDF-SHA-256, good case, omitted salt
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: HKDF-SHA-256, good case, info first
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: HKDF-SHA-256, good case, info after salt
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: HKDF-SHA-256, good case, omitted salt, info first
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: HKDF-SHA-256, good case, key output
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
+
+PSA key derivation: HKDF-SHA-512, good case
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
+
+PSA key derivation: HKDF-SHA-256, bad key type
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, bad key type, key output
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+# Whether we get NOT_PERMITTED or BAD_STATE for the output is an implementation
+# detail.
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, direct secret, direct output
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: HKDF-SHA-256, direct empty secret, direct output
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: HKDF-SHA-256, direct secret, key output
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED
+
+PSA key derivation: HKDF-SHA-256, direct empty secret, key output
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED
+
+PSA key derivation: HKDF-SHA-256, missing secret, key output
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED
+
+PSA key derivation: HKDF-SHA-256, RAW_DATA key as salt
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_RAW_DATA:"412073616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
+
+PSA key derivation: HKDF-SHA-256, RAW_DATA key as info
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_RAW_DATA:"4120696e666f":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
+
+PSA key derivation: HKDF-SHA-256, DERIVE key as salt, direct output
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"412073616c74":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, DERIVE key as salt, key output
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+# Whether we get NOT_PERMITTED or BAD_STATE for the output is an implementation
+# detail.
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"412073616c74":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, DERIVE key as info
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_DERIVE:"4120696e666f":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, salt after secret
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, missing secret
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, missing info
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate salt step
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate secret step (direct, direct)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate secret step (direct, key)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate secret step (key, direct)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0a0a0a0a":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate secret step (key, key)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0a0a0a0a":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate info step (non-consecutive)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate info step (consecutive)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, reject label step
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, reject seed step
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: TLS 1.2 PRF SHA-256, good case
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
+
+PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, good case
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: TLS 1.2 PRF SHA-256, missing label
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, missing label
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: TLS 1.2 PRF SHA-256, missing label and secret
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, missing label and secret
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: TLS 1.2 PRF SHA-256, no inputs
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, no inputs
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: TLS 1.2 PRF SHA-256, key first
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, key first
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: TLS 1.2 PRF SHA-256, label first
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: TLS 1.2 PRF SHA-256, early label
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: TLS 1.2 PRF SHA-256, double seed
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: TLS 1.2 PRF SHA-256, double key
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: TLS 1.2 PRF SHA-256, bad key type
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: TLS 1.2 PRF SHA-256, direct secret
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: TLS 1.2 PRF SHA-256, direct empty secret
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: TLS 1.2 PRF SHA-256, RAW_DATA key as seed
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_RAW_DATA:"612073656564":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
+
+PSA key derivation: TLS 1.2 PRF SHA-256, RAW_DATA key as label
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_RAW_DATA:"61206c6162656c":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
+
+PSA key derivation: TLS 1.2 PRF SHA-256, DERIVE key as seed
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_DERIVE:"612073656564":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: TLS 1.2 PRF SHA-256, DERIVE key as label
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_DERIVE:"61206c6162656c":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, PSK too long (160 Bytes)
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS
+derive_input:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: ECDH on P256 with HKDF-SHA256, raw output
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: ECDH on P256 with HKDF-SHA256, omitted salt
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: ECDH on P256 with HKDF-SHA256, info first
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: ECDH on P256 with HKDF-SHA256, key output
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_SUCCESS
+
+PSA key derivation: ECDH on P256 with HKDF-SHA256, salt after secret
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: ECDH on P256 with HKDF-SHA256, missing info
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation over capacity: HKDF
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_over_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_256)
+
+PSA key derivation over capacity: TLS 1.2 PRF
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_over_capacity:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
+
+PSA key derivation: actions without setup
+derive_actions_without_setup:
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":""
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 32+10
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf":"34007208d5b887185865"
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 0+42
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 1+41
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3c":"b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 41+0
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858":""
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 1+40
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3c":"b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858"
+
+PSA key derivation: HKDF SHA-256, RFC5869 #2, output 82+0
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":PSA_KEY_DERIVATION_INPUT_SECRET:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":PSA_KEY_DERIVATION_INPUT_INFO:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":82:"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87":""
+
+PSA key derivation: HKDF SHA-256, RFC5869 #3, output 42+0
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":42:"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8":""
+
+PSA key derivation: HKDF SHA-1, RFC5869 #4, output 42+0
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896":""
+
+PSA key derivation: HKDF SHA-1, RFC5869 #5, output 82+0
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":PSA_KEY_DERIVATION_INPUT_SECRET:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":PSA_KEY_DERIVATION_INPUT_INFO:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":82:"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4":""
+
+PSA key derivation: HKDF SHA-1, RFC5869 #6, output 42+0
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":42:"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918":""
+
+PSA key derivation: HKDF SHA-1, RFC5869 #7, output 42+0
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":PSA_KEY_DERIVATION_INPUT_INFO:"":42:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":""
+
+# Test vectors taken from https://www.ietf.org/mail-archive/web/tls/current/msg03416.html
+PSA key derivation: TLS 1.2 PRF SHA-256, output 100+0
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66":""
+
+PSA key derivation: TLS 1.2 PRF SHA-256, output 99+1
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b":"66"
+
+PSA key derivation: TLS 1.2 PRF SHA-256, output 1+99
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3":"f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66"
+
+PSA key derivation: TLS 1.2 PRF SHA-256, output 50+50
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66"
+
+PSA key derivation: TLS 1.2 PRF SHA-256, output 50+49
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b"
+
+PSA key derivation: TLS 1.2 PRF SHA-384, output 148+0
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f":""
+
+PSA key derivation: TLS 1.2 PRF SHA-384, output 147+1
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5":"6f"
+
+PSA key derivation: TLS 1.2 PRF SHA-384, output 1+147
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b":"0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f"
+
+PSA key derivation: TLS 1.2 PRF SHA-384, output 74+74
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f"
+
+PSA key derivation: TLS 1.2 PRF SHA-384, output 74+73
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5"
+
+# Test case manually extracted from debug output of TLS-PSK run
+# Label: "master secret"
+# Salt: Concatenation of ClientHello.Random and ServerHello.Random
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 48+0
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS
+derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710":""
+
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 24+24
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS
+derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32c":"a43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710"
+
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 0+48
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS
+derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"":"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710"
+
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 48+0
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS
+derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18":""
+
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 24+24
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS
+derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"":"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18"
+
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 0+48
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS
+derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c8":"5ca71689301f9f4d875128c87608b75250b20a9550e4fe18"
+
+PSA key derivation: HKDF SHA-256, request maximum capacity
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256):"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":""
+
+PSA key derivation: HKDF SHA-1, request maximum capacity
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":PSA_KEY_DERIVATION_INPUT_INFO:"":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_1):"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":""
+
+PSA key derivation: HKDF SHA-256, request too much capacity
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_set_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_256):255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key derivation: HKDF SHA-1, request too much capacity
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1
+derive_set_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_1):255 * PSA_HASH_LENGTH(PSA_ALG_SHA_1) + 1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key derivation: over capacity 42: output 42+1
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"ff"
+
+PSA key derivation: over capacity 42: output 41+2
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858":"65ff"
+
+PSA key derivation: over capacity 42: output 43+0
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":""
+
+PSA key derivation: over capacity 42: output 43+1
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":"ff"
+
+PSA key derivation: HKDF SHA-256, read maximum capacity minus 1
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) - 1
+
+PSA key derivation: HKDF SHA-256, read maximum capacity
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256)
+
+PSA key derivation: TLS 1.2 PRF SHA-256, read maximum capacity minus 1
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) - 1
+
+PSA key derivation: TLS 1.2 PRF SHA-256, read maximum capacity
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256)
+
+PSA key derivation: HKDF SHA-256, exercise AES128-CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
+
+PSA key derivation: HKDF SHA-256, exercise AES256-CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
+
+PSA key derivation: HKDF SHA-256, exercise DES-CBC
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
+
+PSA key derivation: HKDF SHA-256, exercise 2-key 3DES-CBC
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
+
+PSA key derivation: HKDF SHA-256, exercise 3-key 3DES-CBC
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
+
+PSA key derivation: HKDF SHA-256, exercise HMAC-SHA-256
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256)
+
+PSA key derivation: TLS 1.2 PRF SHA-256, exercise AES128-CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_AES
+derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
+
+PSA key derivation: TLS 1.2 PRF SHA-256, exercise AES256-CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_AES
+derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
+
+PSA key derivation: TLS 1.2 PRF SHA-256, exercise DES-CBC
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_DES
+derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
+
+PSA key derivation: TLS 1.2 PRF SHA-256, exercise 2-key 3DES-CBC
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_DES
+derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
+
+PSA key derivation: TLS 1.2 PRF SHA-256, exercise 3-key 3DES-CBC
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_DES
+derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
+
+PSA key derivation: TLS 1.2 PRF SHA-256, exercise HMAC-SHA-256
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_HMAC
+derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256)
+
+PSA key derivation: TLS 1.2 PRF SHA-256, exercise HKDF-SHA-256
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DERIVE:400:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256)
+
+PSA key derivation: HKDF SHA-256, derive key export, 16+32
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":16:32
+
+PSA key derivation: HKDF SHA-256, derive key export, 1+41
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41
+
+PSA key derivation: TLS 1.2 PRF SHA-256, derive key export, 16+32
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_key_export:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":16:32
+
+PSA key derivation: TLS 1.2 PRF SHA-256, derive key export, 1+41
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_key_export:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41
+
+PSA key derivation: invalid type (0)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_NONE:128:PSA_ERROR_INVALID_ARGUMENT:0
+
+PSA key derivation: invalid type (PSA_KEY_TYPE_CATEGORY_MASK)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_ERROR_INVALID_ARGUMENT:0
+
+PSA key derivation: invalid length (0)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED
+derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:0:PSA_ERROR_INVALID_ARGUMENT:0
+
+PSA key derivation: invalid length (7 bits)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:7:PSA_ERROR_INVALID_ARGUMENT:0
+
+PSA key derivation: raw data, 8 bits
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:8:PSA_SUCCESS:0
+
+PSA key derivation: invalid length (9 bits)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:9:PSA_ERROR_INVALID_ARGUMENT:0
+
+# This test assumes that PSA_MAX_KEY_BITS (currently 65536-8 bits = 8191 bytes
+# and not expected to be raised any time soon) is less than the maximum
+# output from HKDF-SHA512 (255*64 = 16320 bytes).
+PSA key derivation: largest possible key
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512
+derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:PSA_MAX_KEY_BITS:PSA_SUCCESS:1
+
+PSA key derivation: key too large
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512
+derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:PSA_MAX_KEY_BITS + 1:PSA_ERROR_NOT_SUPPORTED:0
+
+PSA key agreement setup: ECDH + HKDF-SHA-256: good
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS
+
+PSA key agreement setup: ECDH + HKDF-SHA-256: good, key algorithm broader than required
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDH:"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS
+
+PSA key agreement setup: ECDH + HKDF-SHA-256: key algorithm KDF mismatch
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_512)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_PERMITTED
+
+PSA key agreement setup: ECDH + HKDF-SHA-256: public key not on curve
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ff":PSA_ERROR_INVALID_ARGUMENT
+
+PSA key agreement setup: ECDH + HKDF-SHA-256: public key on different curve
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384
+key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT
+
+PSA key agreement setup: ECDH + HKDF-SHA-256: public key instead of private key
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
+
+PSA key agreement setup: ECDH, unknown KDF
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECDH_C
+key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED
+
+PSA key agreement setup: bad key agreement algorithm
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_agreement_setup:PSA_ALG_KEY_AGREEMENT(0, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(0, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
+
+PSA key agreement setup: KDF instead of a key agreement algorithm
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_agreement_setup:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_HKDF(PSA_ALG_SHA_256):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
+
+PSA raw key agreement: ECDH SECP256R1 (RFC 5903)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de"
+
+PSA raw key agreement: ECDH SECP384R1 (RFC 5903)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384
+raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746"
+
+PSA raw key agreement: ECDH SECP521R1 (RFC 5903)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_521
+raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea"
+
+PSA raw key agreement: ECDH brainpoolP256r1 (RFC 7027)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256
+raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b"
+
+PSA raw key agreement: ECDH brainpoolP384r1 (RFC 7027)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384
+raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42"
+
+PSA raw key agreement: ECDH brainpoolP512r1 (RFC 7027)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512
+raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f"
+
+PSA raw key agreement: X25519 (RFC 7748: Alice)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255
+raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":"de9edb7d7b7dc1b4d35b61c2ece435373f8343c85b78674dadfc7e146f882b4f":"4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742"
+
+PSA raw key agreement: X25519 (RFC 7748: Bob)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255
+raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"5dab087e624a8a4b79e17f8b83800ee66f3bb1292618b6fd1c2f8b27ff88e0eb":"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742"
+
+PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: capacity=8160
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_agreement_capacity:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":8160
+
+PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+0
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":""
+
+PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 31+1
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4":"41"
+
+PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 1+31
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3b":"f511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441"
+
+PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 0+32
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441"
+
+PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+32
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"7883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992"
+
+PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 64+0
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4417883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992":""
+
+PSA generate random: 0 bytes
+generate_random:0
+
+PSA generate random: 1 byte
+generate_random:1
+
+PSA generate random: 4 bytes
+generate_random:4
+
+PSA generate random: 16 bytes
+generate_random:16
+
+PSA generate random: 19 bytes
+generate_random:19
+
+PSA generate random: 260 bytes
+generate_random:260
+
+PSA generate random: MBEDTLS_CTR_DRBG_MAX_REQUEST bytes
+generate_random:MBEDTLS_CTR_DRBG_MAX_REQUEST
+
+PSA generate random: MBEDTLS_CTR_DRBG_MAX_REQUEST+1 bytes
+generate_random:MBEDTLS_CTR_DRBG_MAX_REQUEST + 1
+
+PSA generate random: 2*MBEDTLS_CTR_DRBG_MAX_REQUEST+1 bytes
+generate_random:2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1
+
+PSA generate key: bad type (RSA public key)
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+generate_key:PSA_KEY_TYPE_RSA_PUBLIC_KEY:512:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT:0
+
+PSA generate key: raw data, 0 bits: invalid argument
+# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED
+generate_key:PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT:0
+
+PSA generate key: raw data, 7 bits: invalid argument
+generate_key:PSA_KEY_TYPE_RAW_DATA:7:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT:0
+
+PSA generate key: raw data, 8 bits
+generate_key:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS:0
+
+PSA generate key: raw data, 9 bits: invalid argument
+generate_key:PSA_KEY_TYPE_RAW_DATA:9:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT:0
+
+PSA generate key: raw data, (MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8 bits
+generate_key:PSA_KEY_TYPE_RAW_DATA:(MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS:0
+
+PSA generate key: raw data, (2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8 bits
+generate_key:PSA_KEY_TYPE_RAW_DATA:(2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS:0
+
+PSA generate key: raw data, 65528 bits (large key, ok if it fits)
+generate_key:PSA_KEY_TYPE_RAW_DATA:65528:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS:1
+
+PSA generate key: raw data, 65536 bits (not supported)
+generate_key:PSA_KEY_TYPE_RAW_DATA:65536:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED:0
+
+PSA generate key: AES, 128 bits, CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_SUCCESS:0
+
+PSA generate key: AES, 128 bits, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_GCM:PSA_SUCCESS:0
+
+PSA generate key: DES, 64 bits, CBC-nopad
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS:0
+
+PSA generate key: DES, 128 bits, CBC-nopad
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+generate_key:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS:0
+
+PSA generate key: DES, 192 bits, CBC-nopad
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+generate_key:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS:0
+
+PSA generate key: invalid key size: AES, 64 bits
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT:0
+
+PSA generate key: RSA, 512 bits, good, sign (PKCS#1 v1.5)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:0
+
+PSA generate key: RSA, 1016 bits, good, sign (PKCS#1 v1.5)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME:MBEDTLS_MD_C
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1016:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:0
+
+PSA generate key: RSA, 1024 bits, good, sign (PSS SHA-256)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME:MBEDTLS_MD_C
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS:0
+
+PSA generate key: RSA, 1024 bits, good, sign (PSS-any-salt SHA-256)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME:MBEDTLS_MD_C
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_SUCCESS:0
+
+PSA generate key: RSA, 512 bits, good, encrypt (PKCS#1 v1.5)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS:0
+
+PSA generate key: RSA, 1024 bits, good, encrypt (OAEP SHA-256)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME:MBEDTLS_MD_C
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_SUCCESS:0
+
+PSA generate key: RSA, 0 bits: invalid
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME
+# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT:0
+
+PSA generate key: RSA, 1022 bits: not supported
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1022:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED:0
+
+PSA generate key: RSA, 1023 bits: not supported
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1023:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED:0
+
+PSA generate key: RSA, maximum size exceeded
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_VENDOR_RSA_MAX_KEY_BITS+1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED:0
+
+PSA generate key: ECC, SECP256R1, good
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS:0
+
+PSA generate key: ECC, SECP256R1, incorrect bit size
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+# INVALID_ARGUMENT would make more sense, but our code as currently structured
+# doesn't fully relate the curve with its size.
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_ERROR_NOT_SUPPORTED:0
+
+PSA generate key: ECC, Curve25519, good
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_SUCCESS:0
+
+PSA generate key: RSA, default e
+generate_key_rsa:512:"":PSA_SUCCESS
+
+PSA generate key: RSA, e=3
+generate_key_rsa:512:"03":PSA_SUCCESS
+
+PSA generate key: RSA, e=65537
+generate_key_rsa:512:"010001":PSA_SUCCESS
+
+PSA generate key: RSA, e=513
+generate_key_rsa:512:"0201":PSA_SUCCESS
+
+PSA generate key: RSA, e=1
+generate_key_rsa:512:"01":PSA_ERROR_INVALID_ARGUMENT
+
+PSA generate key: RSA, e=2
+generate_key_rsa:512:"01":PSA_ERROR_INVALID_ARGUMENT
+
+PSA import persistent key: raw data, 8 bits
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"2a":PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:IMPORT_KEY
+
+PSA import persistent key: AES, 128 bits, exportable
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:IMPORT_KEY
+
+PSA import persistent key: AES, 128 bits, non-exportable
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:IMPORT_KEY
+
+PSA generate persistent key: raw data, 8 bits, exportable
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:GENERATE_KEY
+
+PSA generate persistent key: AES, 128 bits, exportable
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:GENERATE_KEY
+
+PSA generate persistent key: AES, 128 bits, non-exportable
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:GENERATE_KEY
+
+PSA generate persistent key: DES, 64 bits, exportable
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:GENERATE_KEY
+
+PSA generate persistent key: RSA, 1024 bits, exportable
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME:MBEDTLS_MD_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):GENERATE_KEY
+
+PSA generate persistent key: ECC, SECP256R1, exportable
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:GENERATE_KEY
+
+PSA derive persistent key: HKDF SHA-256, exportable
+persistent_key_load_key_from_storage:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_TYPE_RAW_DATA:1024:PSA_KEY_USAGE_EXPORT:0:DERIVE_KEY
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto.function
new file mode 100644
index 0000000..0db5bff
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto.function
@@ -0,0 +1,5641 @@
+/* BEGIN_HEADER */
+#include <stdint.h>
+
+#include "mbedtls/asn1.h"
+#include "mbedtls/asn1write.h"
+#include "mbedtls/oid.h"
+#include "common.h"
+
+/* For MBEDTLS_CTR_DRBG_MAX_REQUEST, knowing that psa_generate_random()
+ * uses mbedtls_ctr_drbg internally. */
+#include "mbedtls/ctr_drbg.h"
+
+#include "psa/crypto.h"
+#include "psa_crypto_slot_management.h"
+
+#include "test/asn1_helpers.h"
+#include "test/psa_crypto_helpers.h"
+#include "test/psa_exercise_key.h"
+
+/* If this comes up, it's a bug in the test code or in the test data. */
+#define UNUSED 0xdeadbeef
+
+/* Assert that an operation is (not) active.
+ * This serves as a proxy for checking if the operation is aborted. */
+#define ASSERT_OPERATION_IS_ACTIVE(operation) TEST_ASSERT(operation.id != 0)
+#define ASSERT_OPERATION_IS_INACTIVE(operation) TEST_ASSERT(operation.id == 0)
+
+/** An invalid export length that will never be set by psa_export_key(). */
+static const size_t INVALID_EXPORT_LENGTH = ~0U;
+
+/** Test if a buffer contains a constant byte value.
+ *
+ * `mem_is_char(buffer, c, size)` is true after `memset(buffer, c, size)`.
+ *
+ * \param buffer    Pointer to the beginning of the buffer.
+ * \param c         Expected value of every byte.
+ * \param size      Size of the buffer in bytes.
+ *
+ * \return          1 if the buffer is all-bits-zero.
+ * \return          0 if there is at least one nonzero byte.
+ */
+static int mem_is_char(void *buffer, unsigned char c, size_t size)
+{
+    size_t i;
+    for (i = 0; i < size; i++) {
+        if (((unsigned char *) buffer)[i] != c) {
+            return 0;
+        }
+    }
+    return 1;
+}
+#if defined(MBEDTLS_ASN1_WRITE_C)
+/* Write the ASN.1 INTEGER with the value 2^(bits-1)+x backwards from *p. */
+static int asn1_write_10x(unsigned char **p,
+                          unsigned char *start,
+                          size_t bits,
+                          unsigned char x)
+{
+    int ret;
+    int len = bits / 8 + 1;
+    if (bits == 0) {
+        return MBEDTLS_ERR_ASN1_INVALID_DATA;
+    }
+    if (bits <= 8 && x >= 1 << (bits - 1)) {
+        return MBEDTLS_ERR_ASN1_INVALID_DATA;
+    }
+    if (*p < start || *p - start < (ptrdiff_t) len) {
+        return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+    }
+    *p -= len;
+    (*p)[len-1] = x;
+    if (bits % 8 == 0) {
+        (*p)[1] |= 1;
+    } else {
+        (*p)[0] |= 1 << (bits % 8);
+    }
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start,
+                                                     MBEDTLS_ASN1_INTEGER));
+    return len;
+}
+
+static int construct_fake_rsa_key(unsigned char *buffer,
+                                  size_t buffer_size,
+                                  unsigned char **p,
+                                  size_t bits,
+                                  int keypair)
+{
+    size_t half_bits = (bits + 1) / 2;
+    int ret;
+    int len = 0;
+    /* Construct something that looks like a DER encoding of
+     * as defined by PKCS#1 v2.2 (RFC 8017) section A.1.2:
+     *   RSAPrivateKey ::= SEQUENCE {
+     *       version           Version,
+     *       modulus           INTEGER,  -- n
+     *       publicExponent    INTEGER,  -- e
+     *       privateExponent   INTEGER,  -- d
+     *       prime1            INTEGER,  -- p
+     *       prime2            INTEGER,  -- q
+     *       exponent1         INTEGER,  -- d mod (p-1)
+     *       exponent2         INTEGER,  -- d mod (q-1)
+     *       coefficient       INTEGER,  -- (inverse of q) mod p
+     *       otherPrimeInfos   OtherPrimeInfos OPTIONAL
+     *   }
+     * Or, for a public key, the same structure with only
+     * version, modulus and publicExponent.
+     */
+    *p = buffer + buffer_size;
+    if (keypair) {
+        MBEDTLS_ASN1_CHK_ADD(len,  /* pq */
+                             asn1_write_10x(p, buffer, half_bits, 1));
+        MBEDTLS_ASN1_CHK_ADD(len,  /* dq */
+                             asn1_write_10x(p, buffer, half_bits, 1));
+        MBEDTLS_ASN1_CHK_ADD(len,  /* dp */
+                             asn1_write_10x(p, buffer, half_bits, 1));
+        MBEDTLS_ASN1_CHK_ADD(len,  /* q */
+                             asn1_write_10x(p, buffer, half_bits, 1));
+        MBEDTLS_ASN1_CHK_ADD(len,  /* p != q to pass mbedtls sanity checks */
+                             asn1_write_10x(p, buffer, half_bits, 3));
+        MBEDTLS_ASN1_CHK_ADD(len,  /* d */
+                             asn1_write_10x(p, buffer, bits, 1));
+    }
+    MBEDTLS_ASN1_CHK_ADD(len,  /* e = 65537 */
+                         asn1_write_10x(p, buffer, 17, 1));
+    MBEDTLS_ASN1_CHK_ADD(len,  /* n */
+                         asn1_write_10x(p, buffer, bits, 1));
+    if (keypair) {
+        MBEDTLS_ASN1_CHK_ADD(len,  /* version = 0 */
+                             mbedtls_asn1_write_int(p, buffer, 0));
+    }
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buffer, len));
+    {
+        const unsigned char tag =
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE;
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, buffer, tag));
+    }
+    return len;
+}
+#endif /* MBEDTLS_ASN1_WRITE_C */
+
+int exercise_mac_setup(psa_key_type_t key_type,
+                       const unsigned char *key_bytes,
+                       size_t key_length,
+                       psa_algorithm_t alg,
+                       psa_mac_operation_t *operation,
+                       psa_status_t *status)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+    PSA_ASSERT(psa_import_key(&attributes, key_bytes, key_length, &key));
+
+    *status = psa_mac_sign_setup(operation, key, alg);
+    /* Whether setup succeeded or failed, abort must succeed. */
+    PSA_ASSERT(psa_mac_abort(operation));
+    /* If setup failed, reproduce the failure, so that the caller can
+     * test the resulting state of the operation object. */
+    if (*status != PSA_SUCCESS) {
+        TEST_EQUAL(psa_mac_sign_setup(operation, key, alg), *status);
+    }
+
+    psa_destroy_key(key);
+    return 1;
+
+exit:
+    psa_destroy_key(key);
+    return 0;
+}
+
+int exercise_cipher_setup(psa_key_type_t key_type,
+                          const unsigned char *key_bytes,
+                          size_t key_length,
+                          psa_algorithm_t alg,
+                          psa_cipher_operation_t *operation,
+                          psa_status_t *status)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+    PSA_ASSERT(psa_import_key(&attributes, key_bytes, key_length, &key));
+
+    *status = psa_cipher_encrypt_setup(operation, key, alg);
+    /* Whether setup succeeded or failed, abort must succeed. */
+    PSA_ASSERT(psa_cipher_abort(operation));
+    /* If setup failed, reproduce the failure, so that the caller can
+     * test the resulting state of the operation object. */
+    if (*status != PSA_SUCCESS) {
+        TEST_EQUAL(psa_cipher_encrypt_setup(operation, key, alg),
+                   *status);
+    }
+
+    psa_destroy_key(key);
+    return 1;
+
+exit:
+    psa_destroy_key(key);
+    return 0;
+}
+
+static int test_operations_on_invalid_key(mbedtls_svc_key_id_t key)
+{
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(1, 0x6964);
+    uint8_t buffer[1];
+    size_t length;
+    int ok = 0;
+
+    psa_set_key_id(&attributes, key_id);
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT);
+    psa_set_key_algorithm(&attributes, PSA_ALG_CTR);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
+    TEST_EQUAL(psa_get_key_attributes(key, &attributes),
+               PSA_ERROR_INVALID_HANDLE);
+    TEST_EQUAL(
+        MBEDTLS_SVC_KEY_ID_GET_KEY_ID(psa_get_key_id(&attributes)), 0);
+    TEST_EQUAL(
+        MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(psa_get_key_id(&attributes)), 0);
+    TEST_EQUAL(psa_get_key_lifetime(&attributes), 0);
+    TEST_EQUAL(psa_get_key_usage_flags(&attributes), 0);
+    TEST_EQUAL(psa_get_key_algorithm(&attributes), 0);
+    TEST_EQUAL(psa_get_key_type(&attributes), 0);
+    TEST_EQUAL(psa_get_key_bits(&attributes), 0);
+
+    TEST_EQUAL(psa_export_key(key, buffer, sizeof(buffer), &length),
+               PSA_ERROR_INVALID_HANDLE);
+    TEST_EQUAL(psa_export_public_key(key,
+                                     buffer, sizeof(buffer), &length),
+               PSA_ERROR_INVALID_HANDLE);
+
+    ok = 1;
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    return ok;
+}
+
+/* Assert that a key isn't reported as having a slot number. */
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+#define ASSERT_NO_SLOT_NUMBER(attributes)                             \
+    do                                                                  \
+    {                                                                   \
+        psa_key_slot_number_t ASSERT_NO_SLOT_NUMBER_slot_number;        \
+        TEST_EQUAL(psa_get_key_slot_number(                            \
+                       attributes,                                     \
+                       &ASSERT_NO_SLOT_NUMBER_slot_number),           \
+                   PSA_ERROR_INVALID_ARGUMENT);                       \
+    }                                                                   \
+    while (0)
+#else /* MBEDTLS_PSA_CRYPTO_SE_C */
+#define ASSERT_NO_SLOT_NUMBER(attributes)     \
+    ((void) 0)
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+/* An overapproximation of the amount of storage needed for a key of the
+ * given type and with the given content. The API doesn't make it easy
+ * to find a good value for the size. The current implementation doesn't
+ * care about the value anyway. */
+#define KEY_BITS_FROM_DATA(type, data)        \
+    (data)->len
+
+typedef enum {
+    IMPORT_KEY = 0,
+    GENERATE_KEY = 1,
+    DERIVE_KEY = 2
+} generate_method;
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void static_checks()
+{
+    size_t max_truncated_mac_size =
+        PSA_ALG_MAC_TRUNCATION_MASK >> PSA_MAC_TRUNCATION_OFFSET;
+
+    /* Check that the length for a truncated MAC always fits in the algorithm
+     * encoding. The shifted mask is the maximum truncated value. The
+     * untruncated algorithm may be one byte larger. */
+    TEST_LE_U(PSA_MAC_MAX_SIZE, 1 + max_truncated_mac_size);
+
+#if defined(MBEDTLS_TEST_DEPRECATED)
+    /* Check deprecated constants. */
+    TEST_EQUAL(PSA_ERROR_UNKNOWN_ERROR, PSA_ERROR_GENERIC_ERROR);
+    TEST_EQUAL(PSA_ERROR_OCCUPIED_SLOT, PSA_ERROR_ALREADY_EXISTS);
+    TEST_EQUAL(PSA_ERROR_EMPTY_SLOT, PSA_ERROR_DOES_NOT_EXIST);
+    TEST_EQUAL(PSA_ERROR_INSUFFICIENT_CAPACITY, PSA_ERROR_INSUFFICIENT_DATA);
+    TEST_EQUAL(PSA_ERROR_TAMPERING_DETECTED, PSA_ERROR_CORRUPTION_DETECTED);
+    TEST_EQUAL(PSA_KEY_USAGE_SIGN, PSA_KEY_USAGE_SIGN_HASH);
+    TEST_EQUAL(PSA_KEY_USAGE_VERIFY, PSA_KEY_USAGE_VERIFY_HASH);
+    TEST_EQUAL(PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE, PSA_SIGNATURE_MAX_SIZE);
+
+    TEST_EQUAL(PSA_ECC_CURVE_SECP160K1, PSA_ECC_FAMILY_SECP_K1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECP192K1, PSA_ECC_FAMILY_SECP_K1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECP224K1, PSA_ECC_FAMILY_SECP_K1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECP256K1, PSA_ECC_FAMILY_SECP_K1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECP160R1, PSA_ECC_FAMILY_SECP_R1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECP192R1, PSA_ECC_FAMILY_SECP_R1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECP224R1, PSA_ECC_FAMILY_SECP_R1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECP256R1, PSA_ECC_FAMILY_SECP_R1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECP384R1, PSA_ECC_FAMILY_SECP_R1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECP521R1, PSA_ECC_FAMILY_SECP_R1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECP160R2, PSA_ECC_FAMILY_SECP_R2);
+    TEST_EQUAL(PSA_ECC_CURVE_SECT163K1, PSA_ECC_FAMILY_SECT_K1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECT233K1, PSA_ECC_FAMILY_SECT_K1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECT239K1, PSA_ECC_FAMILY_SECT_K1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECT283K1, PSA_ECC_FAMILY_SECT_K1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECT409K1, PSA_ECC_FAMILY_SECT_K1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECT571K1, PSA_ECC_FAMILY_SECT_K1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECT163R1, PSA_ECC_FAMILY_SECT_R1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECT193R1, PSA_ECC_FAMILY_SECT_R1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECT233R1, PSA_ECC_FAMILY_SECT_R1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECT283R1, PSA_ECC_FAMILY_SECT_R1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECT409R1, PSA_ECC_FAMILY_SECT_R1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECT571R1, PSA_ECC_FAMILY_SECT_R1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECT163R2, PSA_ECC_FAMILY_SECT_R2);
+    TEST_EQUAL(PSA_ECC_CURVE_SECT193R2, PSA_ECC_FAMILY_SECT_R2);
+    TEST_EQUAL(PSA_ECC_CURVE_BRAINPOOL_P256R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1);
+    TEST_EQUAL(PSA_ECC_CURVE_BRAINPOOL_P384R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1);
+    TEST_EQUAL(PSA_ECC_CURVE_BRAINPOOL_P512R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1);
+    TEST_EQUAL(PSA_ECC_CURVE_CURVE25519, PSA_ECC_FAMILY_MONTGOMERY);
+    TEST_EQUAL(PSA_ECC_CURVE_CURVE448, PSA_ECC_FAMILY_MONTGOMERY);
+
+    TEST_EQUAL(PSA_ECC_CURVE_SECP_K1, PSA_ECC_FAMILY_SECP_K1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECP_R1, PSA_ECC_FAMILY_SECP_R1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECP_R2, PSA_ECC_FAMILY_SECP_R2);
+    TEST_EQUAL(PSA_ECC_CURVE_SECT_K1, PSA_ECC_FAMILY_SECT_K1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECT_R1, PSA_ECC_FAMILY_SECT_R1);
+    TEST_EQUAL(PSA_ECC_CURVE_SECT_R2, PSA_ECC_FAMILY_SECT_R2);
+    TEST_EQUAL(PSA_ECC_CURVE_BRAINPOOL_P_R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1);
+    TEST_EQUAL(PSA_ECC_CURVE_MONTGOMERY, PSA_ECC_FAMILY_MONTGOMERY);
+
+    TEST_EQUAL(PSA_DH_GROUP_FFDHE2048, PSA_DH_FAMILY_RFC7919);
+    TEST_EQUAL(PSA_DH_GROUP_FFDHE3072, PSA_DH_FAMILY_RFC7919);
+    TEST_EQUAL(PSA_DH_GROUP_FFDHE4096, PSA_DH_FAMILY_RFC7919);
+    TEST_EQUAL(PSA_DH_GROUP_FFDHE6144, PSA_DH_FAMILY_RFC7919);
+    TEST_EQUAL(PSA_DH_GROUP_FFDHE8192, PSA_DH_FAMILY_RFC7919);
+
+    TEST_EQUAL(PSA_DH_GROUP_RFC7919, PSA_DH_FAMILY_RFC7919);
+    TEST_EQUAL(PSA_DH_GROUP_CUSTOM, PSA_DH_FAMILY_CUSTOM);
+#endif
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void import_with_policy(int type_arg,
+                        int usage_arg, int alg_arg,
+                        int expected_status_arg)
+{
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t type = type_arg;
+    psa_key_usage_t usage = usage_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t expected_status = expected_status_arg;
+    const uint8_t key_material[16] = { 0 };
+    psa_status_t status;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_type(&attributes, type);
+    psa_set_key_usage_flags(&attributes, usage);
+    psa_set_key_algorithm(&attributes, alg);
+
+    status = psa_import_key(&attributes,
+                            key_material, sizeof(key_material),
+                            &key);
+    TEST_EQUAL(status, expected_status);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    PSA_ASSERT(psa_get_key_attributes(key, &got_attributes));
+    TEST_EQUAL(psa_get_key_type(&got_attributes), type);
+    TEST_EQUAL(psa_get_key_usage_flags(&got_attributes),
+               mbedtls_test_update_key_usage_flags(usage));
+    TEST_EQUAL(psa_get_key_algorithm(&got_attributes), alg);
+    ASSERT_NO_SLOT_NUMBER(&got_attributes);
+
+    PSA_ASSERT(psa_destroy_key(key));
+    test_operations_on_invalid_key(key);
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&got_attributes);
+
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void import_with_data(data_t *data, int type_arg,
+                      int attr_bits_arg,
+                      int expected_status_arg)
+{
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t type = type_arg;
+    size_t attr_bits = attr_bits_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_status_t status;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_type(&attributes, type);
+    psa_set_key_bits(&attributes, attr_bits);
+
+    status = psa_import_key(&attributes, data->x, data->len, &key);
+    TEST_EQUAL(status, expected_status);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    PSA_ASSERT(psa_get_key_attributes(key, &got_attributes));
+    TEST_EQUAL(psa_get_key_type(&got_attributes), type);
+    if (attr_bits != 0) {
+        TEST_EQUAL(attr_bits, psa_get_key_bits(&got_attributes));
+    }
+    ASSERT_NO_SLOT_NUMBER(&got_attributes);
+
+    PSA_ASSERT(psa_destroy_key(key));
+    test_operations_on_invalid_key(key);
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&got_attributes);
+
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+/* Construct and attempt to import a large unstructured key. */
+void import_large_key(int type_arg, int byte_size_arg,
+                      int expected_status_arg)
+{
+    psa_key_type_t type = type_arg;
+    size_t byte_size = byte_size_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_status_t expected_status = expected_status_arg;
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_status_t status;
+    uint8_t *buffer = NULL;
+    size_t buffer_size = byte_size + 1;
+    size_t n;
+
+    /* Skip the test case if the target running the test cannot
+     * accommodate large keys due to heap size constraints */
+    TEST_CALLOC_OR_SKIP(buffer, buffer_size);
+    memset(buffer, 'K', byte_size);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    /* Try importing the key */
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT);
+    psa_set_key_type(&attributes, type);
+    status = psa_import_key(&attributes, buffer, byte_size, &key);
+    TEST_ASSUME(status != PSA_ERROR_INSUFFICIENT_MEMORY);
+    TEST_EQUAL(status, expected_status);
+
+    if (status == PSA_SUCCESS) {
+        PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+        TEST_EQUAL(psa_get_key_type(&attributes), type);
+        TEST_EQUAL(psa_get_key_bits(&attributes),
+                   PSA_BYTES_TO_BITS(byte_size));
+        ASSERT_NO_SLOT_NUMBER(&attributes);
+        memset(buffer, 0, byte_size + 1);
+        PSA_ASSERT(psa_export_key(key, buffer, byte_size, &n));
+        for (n = 0; n < byte_size; n++) {
+            TEST_EQUAL(buffer[n], 'K');
+        }
+        for (n = byte_size; n < buffer_size; n++) {
+            TEST_EQUAL(buffer[n], 0);
+        }
+    }
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    psa_destroy_key(key);
+    PSA_DONE();
+    mbedtls_free(buffer);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ASN1_WRITE_C */
+/* Import an RSA key with a valid structure (but not valid numbers
+ * inside, beyond having sensible size and parity). This is expected to
+ * fail for large keys. */
+void import_rsa_made_up(int bits_arg, int keypair, int expected_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    size_t bits = bits_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_status_t status;
+    psa_key_type_t type =
+        keypair ? PSA_KEY_TYPE_RSA_KEY_PAIR : PSA_KEY_TYPE_RSA_PUBLIC_KEY;
+    size_t buffer_size = /* Slight overapproximations */
+                         keypair ? bits * 9 / 16 + 80 : bits / 8 + 20;
+    unsigned char *buffer = NULL;
+    unsigned char *p;
+    int ret;
+    size_t length;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+    TEST_CALLOC(buffer, buffer_size);
+
+    TEST_ASSERT((ret = construct_fake_rsa_key(buffer, buffer_size, &p,
+                                              bits, keypair)) >= 0);
+    length = ret;
+
+    /* Try importing the key */
+    psa_set_key_type(&attributes, type);
+    status = psa_import_key(&attributes, p, length, &key);
+    TEST_EQUAL(status, expected_status);
+
+    if (status == PSA_SUCCESS) {
+        PSA_ASSERT(psa_destroy_key(key));
+    }
+
+exit:
+    mbedtls_free(buffer);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void import_export(data_t *data,
+                   int type_arg,
+                   int usage_arg, int alg_arg,
+                   int expected_bits,
+                   int export_size_delta,
+                   int expected_export_status_arg,
+                   /*whether reexport must give the original input exactly*/
+                   int canonical_input)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t type = type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t expected_export_status = expected_export_status_arg;
+    psa_status_t status;
+    unsigned char *exported = NULL;
+    unsigned char *reexported = NULL;
+    size_t export_size;
+    size_t exported_length = INVALID_EXPORT_LENGTH;
+    size_t reexported_length;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    export_size = (ptrdiff_t) data->len + export_size_delta;
+    TEST_CALLOC(exported, export_size);
+    if (!canonical_input) {
+        TEST_CALLOC(reexported, export_size);
+    }
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, usage_arg);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, type);
+
+    /* Import the key */
+    PSA_ASSERT(psa_import_key(&attributes, data->x, data->len, &key));
+
+    /* Test the key information */
+    PSA_ASSERT(psa_get_key_attributes(key, &got_attributes));
+    TEST_EQUAL(psa_get_key_type(&got_attributes), type);
+    TEST_EQUAL(psa_get_key_bits(&got_attributes), (size_t) expected_bits);
+    ASSERT_NO_SLOT_NUMBER(&got_attributes);
+
+    /* Export the key */
+    status = psa_export_key(key, exported, export_size, &exported_length);
+    TEST_EQUAL(status, expected_export_status);
+
+    /* The exported length must be set by psa_export_key() to a value between 0
+     * and export_size. On errors, the exported length must be 0. */
+    TEST_ASSERT(exported_length != INVALID_EXPORT_LENGTH);
+    TEST_ASSERT(status == PSA_SUCCESS || exported_length == 0);
+    TEST_LE_U(exported_length, export_size);
+
+    TEST_ASSERT(mem_is_char(exported + exported_length, 0,
+                            export_size - exported_length));
+    if (status != PSA_SUCCESS) {
+        TEST_EQUAL(exported_length, 0);
+        goto destroy;
+    }
+
+    /* Run sanity checks on the exported key. For non-canonical inputs,
+     * this validates the canonical representations. For canonical inputs,
+     * this doesn't directly validate the implementation, but it still helps
+     * by cross-validating the test data with the sanity check code. */
+    if (!mbedtls_test_psa_exercise_key(key, usage_arg, 0)) {
+        goto exit;
+    }
+
+    if (canonical_input) {
+        TEST_MEMORY_COMPARE(data->x, data->len, exported, exported_length);
+    } else {
+        mbedtls_svc_key_id_t key2 = MBEDTLS_SVC_KEY_ID_INIT;
+        PSA_ASSERT(psa_import_key(&attributes, exported, exported_length,
+                                  &key2));
+        PSA_ASSERT(psa_export_key(key2,
+                                  reexported,
+                                  export_size,
+                                  &reexported_length));
+        TEST_MEMORY_COMPARE(exported, exported_length,
+                            reexported, reexported_length);
+        PSA_ASSERT(psa_destroy_key(key2));
+    }
+    TEST_ASSERT(exported_length <=
+                PSA_EXPORT_KEY_OUTPUT_SIZE(type,
+                                           psa_get_key_bits(&got_attributes)));
+    TEST_LE_U(exported_length, PSA_EXPORT_KEY_PAIR_MAX_SIZE);
+
+destroy:
+    /* Destroy the key */
+    PSA_ASSERT(psa_destroy_key(key));
+    test_operations_on_invalid_key(key);
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&got_attributes);
+
+    mbedtls_free(exported);
+    mbedtls_free(reexported);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void import_export_public_key(data_t *data,
+                              int type_arg,  // key pair or public key
+                              int alg_arg,
+                              int export_size_delta,
+                              int expected_export_status_arg,
+                              data_t *expected_public_key)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t type = type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t expected_export_status = expected_export_status_arg;
+    psa_status_t status;
+    unsigned char *exported = NULL;
+    size_t export_size = expected_public_key->len + export_size_delta;
+    size_t exported_length = INVALID_EXPORT_LENGTH;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, type);
+
+    /* Import the key */
+    PSA_ASSERT(psa_import_key(&attributes, data->x, data->len, &key));
+
+    /* Export the public key */
+    TEST_CALLOC(exported, export_size);
+    status = psa_export_public_key(key,
+                                   exported, export_size,
+                                   &exported_length);
+    TEST_EQUAL(status, expected_export_status);
+    if (status == PSA_SUCCESS) {
+        psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type);
+        size_t bits;
+        PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+        bits = psa_get_key_bits(&attributes);
+        TEST_LE_U(expected_public_key->len,
+                  PSA_EXPORT_KEY_OUTPUT_SIZE(public_type, bits));
+        TEST_LE_U(expected_public_key->len,
+                  PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_type, bits));
+        TEST_LE_U(expected_public_key->len,
+                  PSA_EXPORT_PUBLIC_KEY_MAX_SIZE);
+        TEST_MEMORY_COMPARE(expected_public_key->x, expected_public_key->len,
+                            exported, exported_length);
+    }
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    mbedtls_free(exported);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void import_and_exercise_key(data_t *data,
+                             int type_arg,
+                             int bits_arg,
+                             int alg_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t type = type_arg;
+    size_t bits = bits_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_usage_t usage = mbedtls_test_psa_usage_to_exercise(type, alg);
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, usage);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, type);
+
+    /* Import the key */
+    PSA_ASSERT(psa_import_key(&attributes, data->x, data->len, &key));
+
+    /* Test the key information */
+    PSA_ASSERT(psa_get_key_attributes(key, &got_attributes));
+    TEST_EQUAL(psa_get_key_type(&got_attributes), type);
+    TEST_EQUAL(psa_get_key_bits(&got_attributes), bits);
+
+    /* Do something with the key according to its type and permitted usage. */
+    if (!mbedtls_test_psa_exercise_key(key, usage, alg)) {
+        goto exit;
+    }
+
+    PSA_ASSERT(psa_destroy_key(key));
+    test_operations_on_invalid_key(key);
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&got_attributes);
+
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void effective_key_attributes(int type_arg, int expected_type_arg,
+                              int bits_arg, int expected_bits_arg,
+                              int usage_arg, int expected_usage_arg,
+                              int alg_arg, int expected_alg_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = type_arg;
+    psa_key_type_t expected_key_type = expected_type_arg;
+    size_t bits = bits_arg;
+    size_t expected_bits = expected_bits_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_algorithm_t expected_alg = expected_alg_arg;
+    psa_key_usage_t usage = usage_arg;
+    psa_key_usage_t expected_usage = expected_usage_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, usage);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+    psa_set_key_bits(&attributes, bits);
+
+    PSA_ASSERT(psa_generate_key(&attributes, &key));
+    psa_reset_key_attributes(&attributes);
+
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    TEST_EQUAL(psa_get_key_type(&attributes), expected_key_type);
+    TEST_EQUAL(psa_get_key_bits(&attributes), expected_bits);
+    TEST_EQUAL(psa_get_key_usage_flags(&attributes), expected_usage);
+    TEST_EQUAL(psa_get_key_algorithm(&attributes), expected_alg);
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void check_key_policy(int type_arg, int bits_arg,
+                      int usage_arg, int alg_arg)
+{
+    test_effective_key_attributes(type_arg, type_arg, bits_arg, bits_arg,
+                                  usage_arg,
+                                  mbedtls_test_update_key_usage_flags(usage_arg),
+                                  alg_arg, alg_arg);
+    goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_attributes_init()
+{
+    /* Test each valid way of initializing the object, except for `= {0}`, as
+     * Clang 5 complains when `-Wmissing-field-initializers` is used, even
+     * though it's OK by the C standard. We could test for this, but we'd need
+     * to suppress the Clang warning for the test. */
+    psa_key_attributes_t func = psa_key_attributes_init();
+    psa_key_attributes_t init = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_attributes_t zero;
+
+    memset(&zero, 0, sizeof(zero));
+
+    TEST_EQUAL(psa_get_key_lifetime(&func), PSA_KEY_LIFETIME_VOLATILE);
+    TEST_EQUAL(psa_get_key_lifetime(&init), PSA_KEY_LIFETIME_VOLATILE);
+    TEST_EQUAL(psa_get_key_lifetime(&zero), PSA_KEY_LIFETIME_VOLATILE);
+
+    TEST_EQUAL(psa_get_key_type(&func), 0);
+    TEST_EQUAL(psa_get_key_type(&init), 0);
+    TEST_EQUAL(psa_get_key_type(&zero), 0);
+
+    TEST_EQUAL(psa_get_key_bits(&func), 0);
+    TEST_EQUAL(psa_get_key_bits(&init), 0);
+    TEST_EQUAL(psa_get_key_bits(&zero), 0);
+
+    TEST_EQUAL(psa_get_key_usage_flags(&func), 0);
+    TEST_EQUAL(psa_get_key_usage_flags(&init), 0);
+    TEST_EQUAL(psa_get_key_usage_flags(&zero), 0);
+
+    TEST_EQUAL(psa_get_key_algorithm(&func), 0);
+    TEST_EQUAL(psa_get_key_algorithm(&init), 0);
+    TEST_EQUAL(psa_get_key_algorithm(&zero), 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mac_key_policy(int policy_usage_arg,
+                    int policy_alg_arg,
+                    int key_type_arg,
+                    data_t *key_data,
+                    int exercise_alg_arg,
+                    int expected_status_sign_arg,
+                    int expected_status_verify_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t policy_alg = policy_alg_arg;
+    psa_algorithm_t exercise_alg = exercise_alg_arg;
+    psa_key_usage_t policy_usage = policy_usage_arg;
+    psa_status_t status;
+    psa_status_t expected_status_sign = expected_status_sign_arg;
+    psa_status_t expected_status_verify = expected_status_verify_arg;
+    unsigned char mac[PSA_MAC_MAX_SIZE];
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, policy_usage);
+    psa_set_key_algorithm(&attributes, policy_alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    TEST_EQUAL(psa_get_key_usage_flags(&attributes),
+               mbedtls_test_update_key_usage_flags(policy_usage));
+
+    status = psa_mac_sign_setup(&operation, key, exercise_alg);
+    TEST_EQUAL(status, expected_status_sign);
+
+    /* Calculate the MAC, one-shot case. */
+    uint8_t input[128] = { 0 };
+    size_t mac_len;
+    TEST_EQUAL(psa_mac_compute(key, exercise_alg,
+                               input, 128,
+                               mac, PSA_MAC_MAX_SIZE, &mac_len),
+               expected_status_sign);
+
+    /* Verify correct MAC, one-shot case. */
+    status = psa_mac_verify(key, exercise_alg, input, 128,
+                            mac, mac_len);
+
+    if (expected_status_sign != PSA_SUCCESS && expected_status_verify == PSA_SUCCESS) {
+        TEST_EQUAL(status, PSA_ERROR_INVALID_SIGNATURE);
+    } else {
+        TEST_EQUAL(status, expected_status_verify);
+    }
+
+    psa_mac_abort(&operation);
+
+    memset(mac, 0, sizeof(mac));
+    status = psa_mac_verify_setup(&operation, key, exercise_alg);
+    TEST_EQUAL(status, expected_status_verify);
+
+exit:
+    psa_mac_abort(&operation);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_key_policy(int policy_usage_arg,
+                       int policy_alg,
+                       int key_type,
+                       data_t *key_data,
+                       int exercise_alg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+    psa_key_usage_t policy_usage = policy_usage_arg;
+    psa_status_t status;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, policy_usage);
+    psa_set_key_algorithm(&attributes, policy_alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    /* Check if no key usage flag implication is done */
+    TEST_EQUAL(policy_usage,
+               mbedtls_test_update_key_usage_flags(policy_usage));
+
+    status = psa_cipher_encrypt_setup(&operation, key, exercise_alg);
+    if (policy_alg == exercise_alg &&
+        (policy_usage & PSA_KEY_USAGE_ENCRYPT) != 0) {
+        PSA_ASSERT(status);
+    } else {
+        TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED);
+    }
+    psa_cipher_abort(&operation);
+
+    status = psa_cipher_decrypt_setup(&operation, key, exercise_alg);
+    if (policy_alg == exercise_alg &&
+        (policy_usage & PSA_KEY_USAGE_DECRYPT) != 0) {
+        PSA_ASSERT(status);
+    } else {
+        TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED);
+    }
+
+exit:
+    psa_cipher_abort(&operation);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aead_key_policy(int policy_usage_arg,
+                     int policy_alg,
+                     int key_type,
+                     data_t *key_data,
+                     int nonce_length_arg,
+                     int tag_length_arg,
+                     int exercise_alg,
+                     int expected_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_usage_t policy_usage = policy_usage_arg;
+    psa_status_t status;
+    psa_status_t expected_status = expected_status_arg;
+    unsigned char nonce[16] = { 0 };
+    size_t nonce_length = nonce_length_arg;
+    unsigned char tag[16];
+    size_t tag_length = tag_length_arg;
+    size_t output_length;
+
+    TEST_LE_U(nonce_length, sizeof(nonce));
+    TEST_LE_U(tag_length, sizeof(tag));
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, policy_usage);
+    psa_set_key_algorithm(&attributes, policy_alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    /* Check if no key usage implication is done */
+    TEST_EQUAL(policy_usage,
+               mbedtls_test_update_key_usage_flags(policy_usage));
+
+    status = psa_aead_encrypt(key, exercise_alg,
+                              nonce, nonce_length,
+                              NULL, 0,
+                              NULL, 0,
+                              tag, tag_length,
+                              &output_length);
+    if ((policy_usage & PSA_KEY_USAGE_ENCRYPT) != 0) {
+        TEST_EQUAL(status, expected_status);
+    } else {
+        TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED);
+    }
+
+    memset(tag, 0, sizeof(tag));
+    status = psa_aead_decrypt(key, exercise_alg,
+                              nonce, nonce_length,
+                              NULL, 0,
+                              tag, tag_length,
+                              NULL, 0,
+                              &output_length);
+    if ((policy_usage & PSA_KEY_USAGE_DECRYPT) == 0) {
+        TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED);
+    } else if (expected_status == PSA_SUCCESS) {
+        TEST_EQUAL(status, PSA_ERROR_INVALID_SIGNATURE);
+    } else {
+        TEST_EQUAL(status, expected_status);
+    }
+
+exit:
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_encryption_key_policy(int policy_usage_arg,
+                                      int policy_alg,
+                                      int key_type,
+                                      data_t *key_data,
+                                      int exercise_alg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_usage_t policy_usage = policy_usage_arg;
+    psa_status_t status;
+    size_t key_bits;
+    size_t buffer_length;
+    unsigned char *buffer = NULL;
+    size_t output_length;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, policy_usage);
+    psa_set_key_algorithm(&attributes, policy_alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    /* Check if no key usage implication is done */
+    TEST_EQUAL(policy_usage,
+               mbedtls_test_update_key_usage_flags(policy_usage));
+
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    key_bits = psa_get_key_bits(&attributes);
+    buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits,
+                                                       exercise_alg);
+    TEST_CALLOC(buffer, buffer_length);
+
+    status = psa_asymmetric_encrypt(key, exercise_alg,
+                                    NULL, 0,
+                                    NULL, 0,
+                                    buffer, buffer_length,
+                                    &output_length);
+    if (policy_alg == exercise_alg &&
+        (policy_usage & PSA_KEY_USAGE_ENCRYPT) != 0) {
+        PSA_ASSERT(status);
+    } else {
+        TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED);
+    }
+
+    if (buffer_length != 0) {
+        memset(buffer, 0, buffer_length);
+    }
+    status = psa_asymmetric_decrypt(key, exercise_alg,
+                                    buffer, buffer_length,
+                                    NULL, 0,
+                                    buffer, buffer_length,
+                                    &output_length);
+    if (policy_alg == exercise_alg &&
+        (policy_usage & PSA_KEY_USAGE_DECRYPT) != 0) {
+        TEST_EQUAL(status, PSA_ERROR_INVALID_PADDING);
+    } else {
+        TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED);
+    }
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    psa_destroy_key(key);
+    PSA_DONE();
+    mbedtls_free(buffer);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_signature_key_policy(int policy_usage_arg,
+                                     int policy_alg,
+                                     int key_type,
+                                     data_t *key_data,
+                                     int exercise_alg,
+                                     int payload_length_arg,
+                                     int expected_usage_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_usage_t policy_usage = policy_usage_arg;
+    psa_key_usage_t expected_usage = expected_usage_arg;
+    psa_status_t status;
+    unsigned char payload[PSA_HASH_MAX_SIZE] = { 1 };
+    /* If `payload_length_arg > 0`, `exercise_alg` is supposed to be
+     * compatible with the policy and `payload_length_arg` is supposed to be
+     * a valid input length to sign. If `payload_length_arg <= 0`,
+     * `exercise_alg` is supposed to be forbidden by the policy. */
+    int compatible_alg = payload_length_arg > 0;
+    size_t payload_length = compatible_alg ? payload_length_arg : 0;
+    unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = { 0 };
+    size_t signature_length;
+
+    /* Check if all implicit usage flags are deployed
+       in the expected usage flags. */
+    TEST_EQUAL(expected_usage,
+               mbedtls_test_update_key_usage_flags(policy_usage));
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, policy_usage);
+    psa_set_key_algorithm(&attributes, policy_alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    TEST_EQUAL(psa_get_key_usage_flags(&attributes), expected_usage);
+
+    status = psa_sign_hash(key, exercise_alg,
+                           payload, payload_length,
+                           signature, sizeof(signature),
+                           &signature_length);
+    if (compatible_alg && (expected_usage & PSA_KEY_USAGE_SIGN_HASH) != 0) {
+        PSA_ASSERT(status);
+    } else {
+        TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED);
+    }
+
+    memset(signature, 0, sizeof(signature));
+    status = psa_verify_hash(key, exercise_alg,
+                             payload, payload_length,
+                             signature, sizeof(signature));
+    if (compatible_alg && (expected_usage & PSA_KEY_USAGE_VERIFY_HASH) != 0) {
+        TEST_EQUAL(status, PSA_ERROR_INVALID_SIGNATURE);
+    } else {
+        TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED);
+    }
+
+    if (PSA_ALG_IS_SIGN_HASH(exercise_alg) &&
+        PSA_ALG_IS_HASH(PSA_ALG_SIGN_GET_HASH(exercise_alg))) {
+        status = psa_sign_message(key, exercise_alg,
+                                  payload, payload_length,
+                                  signature, sizeof(signature),
+                                  &signature_length);
+        if (compatible_alg && (expected_usage & PSA_KEY_USAGE_SIGN_MESSAGE) != 0) {
+            PSA_ASSERT(status);
+        } else {
+            TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED);
+        }
+
+        memset(signature, 0, sizeof(signature));
+        status = psa_verify_message(key, exercise_alg,
+                                    payload, payload_length,
+                                    signature, sizeof(signature));
+        if (compatible_alg && (expected_usage & PSA_KEY_USAGE_VERIFY_MESSAGE) != 0) {
+            TEST_EQUAL(status, PSA_ERROR_INVALID_SIGNATURE);
+        } else {
+            TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED);
+        }
+    }
+
+exit:
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void derive_key_policy(int policy_usage,
+                       int policy_alg,
+                       int key_type,
+                       data_t *key_data,
+                       int exercise_alg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+    psa_status_t status;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, policy_usage);
+    psa_set_key_algorithm(&attributes, policy_alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    PSA_ASSERT(psa_key_derivation_setup(&operation, exercise_alg));
+
+    if (PSA_ALG_IS_TLS12_PRF(exercise_alg) ||
+        PSA_ALG_IS_TLS12_PSK_TO_MS(exercise_alg)) {
+        PSA_ASSERT(psa_key_derivation_input_bytes(
+                       &operation,
+                       PSA_KEY_DERIVATION_INPUT_SEED,
+                       (const uint8_t *) "", 0));
+    }
+
+    status = psa_key_derivation_input_key(&operation,
+                                          PSA_KEY_DERIVATION_INPUT_SECRET,
+                                          key);
+
+    if (policy_alg == exercise_alg &&
+        (policy_usage & PSA_KEY_USAGE_DERIVE) != 0) {
+        PSA_ASSERT(status);
+    } else {
+        TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED);
+    }
+
+exit:
+    psa_key_derivation_abort(&operation);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void agreement_key_policy(int policy_usage,
+                          int policy_alg,
+                          int key_type_arg,
+                          data_t *key_data,
+                          int exercise_alg,
+                          int expected_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+    psa_status_t status;
+    psa_status_t expected_status = expected_status_arg;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, policy_usage);
+    psa_set_key_algorithm(&attributes, policy_alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    PSA_ASSERT(psa_key_derivation_setup(&operation, exercise_alg));
+    status = mbedtls_test_psa_key_agreement_with_self(&operation, key);
+
+    TEST_EQUAL(status, expected_status);
+
+exit:
+    psa_key_derivation_abort(&operation);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_policy_alg2(int key_type_arg, data_t *key_data,
+                     int usage_arg, int alg_arg, int alg2_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_usage_t usage = usage_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_algorithm_t alg2 = alg2_arg;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, usage);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_enrollment_algorithm(&attributes, alg2);
+    psa_set_key_type(&attributes, key_type);
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    /* Update the usage flags to obtain implicit usage flags */
+    usage = mbedtls_test_update_key_usage_flags(usage);
+    PSA_ASSERT(psa_get_key_attributes(key, &got_attributes));
+    TEST_EQUAL(psa_get_key_usage_flags(&got_attributes), usage);
+    TEST_EQUAL(psa_get_key_algorithm(&got_attributes), alg);
+    TEST_EQUAL(psa_get_key_enrollment_algorithm(&got_attributes), alg2);
+
+    if (!mbedtls_test_psa_exercise_key(key, usage, alg)) {
+        goto exit;
+    }
+    if (!mbedtls_test_psa_exercise_key(key, usage, alg2)) {
+        goto exit;
+    }
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&got_attributes);
+
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void raw_agreement_key_policy(int policy_usage,
+                              int policy_alg,
+                              int key_type_arg,
+                              data_t *key_data,
+                              int exercise_alg,
+                              int expected_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+    psa_status_t status;
+    psa_status_t expected_status = expected_status_arg;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, policy_usage);
+    psa_set_key_algorithm(&attributes, policy_alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    status = mbedtls_test_psa_raw_key_agreement_with_self(exercise_alg, key);
+
+    TEST_EQUAL(status, expected_status);
+
+exit:
+    psa_key_derivation_abort(&operation);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void copy_success(int source_usage_arg,
+                  int source_alg_arg, int source_alg2_arg,
+                  int type_arg, data_t *material,
+                  int copy_attributes,
+                  int target_usage_arg,
+                  int target_alg_arg, int target_alg2_arg,
+                  int expected_usage_arg,
+                  int expected_alg_arg, int expected_alg2_arg)
+{
+    psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_usage_t expected_usage = expected_usage_arg;
+    psa_algorithm_t expected_alg = expected_alg_arg;
+    psa_algorithm_t expected_alg2 = expected_alg2_arg;
+    mbedtls_svc_key_id_t source_key = MBEDTLS_SVC_KEY_ID_INIT;
+    mbedtls_svc_key_id_t target_key = MBEDTLS_SVC_KEY_ID_INIT;
+    uint8_t *export_buffer = NULL;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    /* Prepare the source key. */
+    psa_set_key_usage_flags(&source_attributes, source_usage_arg);
+    psa_set_key_algorithm(&source_attributes, source_alg_arg);
+    psa_set_key_enrollment_algorithm(&source_attributes, source_alg2_arg);
+    psa_set_key_type(&source_attributes, type_arg);
+    PSA_ASSERT(psa_import_key(&source_attributes,
+                              material->x, material->len,
+                              &source_key));
+    PSA_ASSERT(psa_get_key_attributes(source_key, &source_attributes));
+
+    /* Prepare the target attributes. */
+    if (copy_attributes) {
+        target_attributes = source_attributes;
+        /* Set volatile lifetime to reset the key identifier to 0. */
+        psa_set_key_lifetime(&target_attributes, PSA_KEY_LIFETIME_VOLATILE);
+    }
+
+    if (target_usage_arg != -1) {
+        psa_set_key_usage_flags(&target_attributes, target_usage_arg);
+    }
+    if (target_alg_arg != -1) {
+        psa_set_key_algorithm(&target_attributes, target_alg_arg);
+    }
+    if (target_alg2_arg != -1) {
+        psa_set_key_enrollment_algorithm(&target_attributes, target_alg2_arg);
+    }
+
+    /* Copy the key. */
+    PSA_ASSERT(psa_copy_key(source_key,
+                            &target_attributes, &target_key));
+
+    /* Destroy the source to ensure that this doesn't affect the target. */
+    PSA_ASSERT(psa_destroy_key(source_key));
+
+    /* Test that the target slot has the expected content and policy. */
+    PSA_ASSERT(psa_get_key_attributes(target_key, &target_attributes));
+    TEST_EQUAL(psa_get_key_type(&source_attributes),
+               psa_get_key_type(&target_attributes));
+    TEST_EQUAL(psa_get_key_bits(&source_attributes),
+               psa_get_key_bits(&target_attributes));
+    TEST_EQUAL(expected_usage, psa_get_key_usage_flags(&target_attributes));
+    TEST_EQUAL(expected_alg, psa_get_key_algorithm(&target_attributes));
+    TEST_EQUAL(expected_alg2,
+               psa_get_key_enrollment_algorithm(&target_attributes));
+    if (expected_usage & PSA_KEY_USAGE_EXPORT) {
+        size_t length;
+        TEST_CALLOC(export_buffer, material->len);
+        PSA_ASSERT(psa_export_key(target_key, export_buffer,
+                                  material->len, &length));
+        TEST_MEMORY_COMPARE(material->x, material->len,
+                            export_buffer, length);
+    }
+
+    if (!mbedtls_test_psa_exercise_key(target_key, expected_usage, expected_alg)) {
+        goto exit;
+    }
+    if (!mbedtls_test_psa_exercise_key(target_key, expected_usage, expected_alg2)) {
+        goto exit;
+    }
+
+    PSA_ASSERT(psa_destroy_key(target_key));
+
+exit:
+    /*
+     * Source and target key attributes may have been returned by
+     * psa_get_key_attributes() thus reset them as required.
+     */
+    psa_reset_key_attributes(&source_attributes);
+    psa_reset_key_attributes(&target_attributes);
+
+    PSA_DONE();
+    mbedtls_free(export_buffer);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void copy_fail(int source_usage_arg,
+               int source_alg_arg, int source_alg2_arg,
+               int type_arg, data_t *material,
+               int target_type_arg, int target_bits_arg,
+               int target_usage_arg,
+               int target_alg_arg, int target_alg2_arg,
+               int target_id_arg, int target_lifetime_arg,
+               int expected_status_arg)
+{
+    psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t source_key = MBEDTLS_SVC_KEY_ID_INIT;
+    mbedtls_svc_key_id_t target_key = MBEDTLS_SVC_KEY_ID_INIT;
+    mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(1, target_id_arg);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    /* Prepare the source key. */
+    psa_set_key_usage_flags(&source_attributes, source_usage_arg);
+    psa_set_key_algorithm(&source_attributes, source_alg_arg);
+    psa_set_key_enrollment_algorithm(&source_attributes, source_alg2_arg);
+    psa_set_key_type(&source_attributes, type_arg);
+    PSA_ASSERT(psa_import_key(&source_attributes,
+                              material->x, material->len,
+                              &source_key));
+
+    /* Prepare the target attributes. */
+    psa_set_key_id(&target_attributes, key_id);
+    psa_set_key_lifetime(&target_attributes, target_lifetime_arg);
+    psa_set_key_type(&target_attributes, target_type_arg);
+    psa_set_key_bits(&target_attributes, target_bits_arg);
+    psa_set_key_usage_flags(&target_attributes, target_usage_arg);
+    psa_set_key_algorithm(&target_attributes, target_alg_arg);
+    psa_set_key_enrollment_algorithm(&target_attributes, target_alg2_arg);
+
+    /* Try to copy the key. */
+    TEST_EQUAL(psa_copy_key(source_key,
+                            &target_attributes, &target_key),
+               expected_status_arg);
+
+    PSA_ASSERT(psa_destroy_key(source_key));
+
+exit:
+    psa_reset_key_attributes(&source_attributes);
+    psa_reset_key_attributes(&target_attributes);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_operation_init()
+{
+    const uint8_t input[1] = { 0 };
+    /* Test each valid way of initializing the object, except for `= {0}`, as
+     * Clang 5 complains when `-Wmissing-field-initializers` is used, even
+     * though it's OK by the C standard. We could test for this, but we'd need
+     * to suppress the Clang warning for the test. */
+    psa_hash_operation_t func = psa_hash_operation_init();
+    psa_hash_operation_t init = PSA_HASH_OPERATION_INIT;
+    psa_hash_operation_t zero;
+
+    memset(&zero, 0, sizeof(zero));
+
+    /* A freshly-initialized hash operation should not be usable. */
+    TEST_EQUAL(psa_hash_update(&func, input, sizeof(input)),
+               PSA_ERROR_BAD_STATE);
+    TEST_EQUAL(psa_hash_update(&init, input, sizeof(input)),
+               PSA_ERROR_BAD_STATE);
+    TEST_EQUAL(psa_hash_update(&zero, input, sizeof(input)),
+               PSA_ERROR_BAD_STATE);
+
+    /* A default hash operation should be abortable without error. */
+    PSA_ASSERT(psa_hash_abort(&func));
+    PSA_ASSERT(psa_hash_abort(&init));
+    PSA_ASSERT(psa_hash_abort(&zero));
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_setup(int alg_arg,
+                int expected_status_arg)
+{
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+    psa_status_t status;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    status = psa_hash_setup(&operation, alg);
+    TEST_EQUAL(status, expected_status);
+
+    /* Whether setup succeeded or failed, abort must succeed. */
+    PSA_ASSERT(psa_hash_abort(&operation));
+
+    /* If setup failed, reproduce the failure, so as to
+     * test the resulting state of the operation object. */
+    if (status != PSA_SUCCESS) {
+        TEST_EQUAL(psa_hash_setup(&operation, alg), status);
+    }
+
+    /* Now the operation object should be reusable. */
+#if defined(KNOWN_SUPPORTED_HASH_ALG)
+    PSA_ASSERT(psa_hash_setup(&operation, KNOWN_SUPPORTED_HASH_ALG));
+    PSA_ASSERT(psa_hash_abort(&operation));
+#endif
+
+exit:
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_compute_fail(int alg_arg, data_t *input,
+                       int output_size_arg, int expected_status_arg)
+{
+    psa_algorithm_t alg = alg_arg;
+    uint8_t *output = NULL;
+    size_t output_size = output_size_arg;
+    size_t output_length = INVALID_EXPORT_LENGTH;
+    psa_status_t expected_status = expected_status_arg;
+    psa_status_t status;
+
+    TEST_CALLOC(output, output_size);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    status = psa_hash_compute(alg, input->x, input->len,
+                              output, output_size, &output_length);
+    TEST_EQUAL(status, expected_status);
+    TEST_LE_U(output_length, output_size);
+
+exit:
+    mbedtls_free(output);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_compare_fail(int alg_arg, data_t *input,
+                       data_t *reference_hash,
+                       int expected_status_arg)
+{
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_status_t status;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    status = psa_hash_compare(alg, input->x, input->len,
+                              reference_hash->x, reference_hash->len);
+    TEST_EQUAL(status, expected_status);
+
+exit:
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_compute_compare(int alg_arg, data_t *input,
+                          data_t *expected_output)
+{
+    psa_algorithm_t alg = alg_arg;
+    uint8_t output[PSA_HASH_MAX_SIZE + 1];
+    size_t output_length = INVALID_EXPORT_LENGTH;
+    size_t i;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    /* Compute with tight buffer */
+    PSA_ASSERT(psa_hash_compute(alg, input->x, input->len,
+                                output, PSA_HASH_LENGTH(alg),
+                                &output_length));
+    TEST_EQUAL(output_length, PSA_HASH_LENGTH(alg));
+    TEST_MEMORY_COMPARE(output, output_length,
+                        expected_output->x, expected_output->len);
+
+    /* Compute with larger buffer */
+    PSA_ASSERT(psa_hash_compute(alg, input->x, input->len,
+                                output, sizeof(output),
+                                &output_length));
+    TEST_EQUAL(output_length, PSA_HASH_LENGTH(alg));
+    TEST_MEMORY_COMPARE(output, output_length,
+                        expected_output->x, expected_output->len);
+
+    /* Compare with correct hash */
+    PSA_ASSERT(psa_hash_compare(alg, input->x, input->len,
+                                output, output_length));
+
+    /* Compare with trailing garbage */
+    TEST_EQUAL(psa_hash_compare(alg, input->x, input->len,
+                                output, output_length + 1),
+               PSA_ERROR_INVALID_SIGNATURE);
+
+    /* Compare with truncated hash */
+    TEST_EQUAL(psa_hash_compare(alg, input->x, input->len,
+                                output, output_length - 1),
+               PSA_ERROR_INVALID_SIGNATURE);
+
+    /* Compare with corrupted value */
+    for (i = 0; i < output_length; i++) {
+        mbedtls_test_set_step(i);
+        output[i] ^= 1;
+        TEST_EQUAL(psa_hash_compare(alg, input->x, input->len,
+                                    output, output_length),
+                   PSA_ERROR_INVALID_SIGNATURE);
+        output[i] ^= 1;
+    }
+
+exit:
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256 */
+void hash_bad_order()
+{
+    psa_algorithm_t alg = PSA_ALG_SHA_256;
+    unsigned char input[] = "";
+    /* SHA-256 hash of an empty string */
+    const unsigned char valid_hash[] = {
+        0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8,
+        0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
+        0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55
+    };
+    unsigned char hash[sizeof(valid_hash)] = { 0 };
+    size_t hash_len;
+    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    /* Call setup twice in a row. */
+    PSA_ASSERT(psa_hash_setup(&operation, alg));
+    ASSERT_OPERATION_IS_ACTIVE(operation);
+    TEST_EQUAL(psa_hash_setup(&operation, alg),
+               PSA_ERROR_BAD_STATE);
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+    PSA_ASSERT(psa_hash_abort(&operation));
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+
+    /* Call update without calling setup beforehand. */
+    TEST_EQUAL(psa_hash_update(&operation, input, sizeof(input)),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_hash_abort(&operation));
+
+    /* Check that update calls abort on error. */
+    PSA_ASSERT(psa_hash_setup(&operation, alg));
+    operation.id = UINT_MAX;
+    ASSERT_OPERATION_IS_ACTIVE(operation);
+    TEST_EQUAL(psa_hash_update(&operation, input, sizeof(input)),
+               PSA_ERROR_BAD_STATE);
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+    PSA_ASSERT(psa_hash_abort(&operation));
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+
+    /* Call update after finish. */
+    PSA_ASSERT(psa_hash_setup(&operation, alg));
+    PSA_ASSERT(psa_hash_finish(&operation,
+                               hash, sizeof(hash), &hash_len));
+    TEST_EQUAL(psa_hash_update(&operation, input, sizeof(input)),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_hash_abort(&operation));
+
+    /* Call verify without calling setup beforehand. */
+    TEST_EQUAL(psa_hash_verify(&operation,
+                               valid_hash, sizeof(valid_hash)),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_hash_abort(&operation));
+
+    /* Call verify after finish. */
+    PSA_ASSERT(psa_hash_setup(&operation, alg));
+    PSA_ASSERT(psa_hash_finish(&operation,
+                               hash, sizeof(hash), &hash_len));
+    TEST_EQUAL(psa_hash_verify(&operation,
+                               valid_hash, sizeof(valid_hash)),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_hash_abort(&operation));
+
+    /* Call verify twice in a row. */
+    PSA_ASSERT(psa_hash_setup(&operation, alg));
+    ASSERT_OPERATION_IS_ACTIVE(operation);
+    PSA_ASSERT(psa_hash_verify(&operation,
+                               valid_hash, sizeof(valid_hash)));
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+    TEST_EQUAL(psa_hash_verify(&operation,
+                               valid_hash, sizeof(valid_hash)),
+               PSA_ERROR_BAD_STATE);
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+    PSA_ASSERT(psa_hash_abort(&operation));
+
+    /* Call finish without calling setup beforehand. */
+    TEST_EQUAL(psa_hash_finish(&operation,
+                               hash, sizeof(hash), &hash_len),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_hash_abort(&operation));
+
+    /* Call finish twice in a row. */
+    PSA_ASSERT(psa_hash_setup(&operation, alg));
+    PSA_ASSERT(psa_hash_finish(&operation,
+                               hash, sizeof(hash), &hash_len));
+    TEST_EQUAL(psa_hash_finish(&operation,
+                               hash, sizeof(hash), &hash_len),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_hash_abort(&operation));
+
+    /* Call finish after calling verify. */
+    PSA_ASSERT(psa_hash_setup(&operation, alg));
+    PSA_ASSERT(psa_hash_verify(&operation,
+                               valid_hash, sizeof(valid_hash)));
+    TEST_EQUAL(psa_hash_finish(&operation,
+                               hash, sizeof(hash), &hash_len),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_hash_abort(&operation));
+
+exit:
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256 */
+void hash_verify_bad_args()
+{
+    psa_algorithm_t alg = PSA_ALG_SHA_256;
+    /* SHA-256 hash of an empty string with 2 extra bytes (0xaa and 0xbb)
+     * appended to it */
+    unsigned char hash[] = {
+        0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8,
+        0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
+        0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55, 0xaa, 0xbb
+    };
+    size_t expected_size = PSA_HASH_LENGTH(alg);
+    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    /* psa_hash_verify with a smaller hash than expected */
+    PSA_ASSERT(psa_hash_setup(&operation, alg));
+    ASSERT_OPERATION_IS_ACTIVE(operation);
+    TEST_EQUAL(psa_hash_verify(&operation, hash, expected_size - 1),
+               PSA_ERROR_INVALID_SIGNATURE);
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+    PSA_ASSERT(psa_hash_abort(&operation));
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+
+    /* psa_hash_verify with a non-matching hash */
+    PSA_ASSERT(psa_hash_setup(&operation, alg));
+    TEST_EQUAL(psa_hash_verify(&operation, hash + 1, expected_size),
+               PSA_ERROR_INVALID_SIGNATURE);
+
+    /* psa_hash_verify with a hash longer than expected */
+    PSA_ASSERT(psa_hash_setup(&operation, alg));
+    TEST_EQUAL(psa_hash_verify(&operation, hash, sizeof(hash)),
+               PSA_ERROR_INVALID_SIGNATURE);
+
+exit:
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256 */
+void hash_finish_bad_args()
+{
+    psa_algorithm_t alg = PSA_ALG_SHA_256;
+    unsigned char hash[PSA_HASH_MAX_SIZE];
+    size_t expected_size = PSA_HASH_LENGTH(alg);
+    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+    size_t hash_len;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    /* psa_hash_finish with a smaller hash buffer than expected */
+    PSA_ASSERT(psa_hash_setup(&operation, alg));
+    TEST_EQUAL(psa_hash_finish(&operation,
+                               hash, expected_size - 1, &hash_len),
+               PSA_ERROR_BUFFER_TOO_SMALL);
+
+exit:
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256 */
+void hash_clone_source_state()
+{
+    psa_algorithm_t alg = PSA_ALG_SHA_256;
+    unsigned char hash[PSA_HASH_MAX_SIZE];
+    psa_hash_operation_t op_source = PSA_HASH_OPERATION_INIT;
+    psa_hash_operation_t op_init = PSA_HASH_OPERATION_INIT;
+    psa_hash_operation_t op_setup = PSA_HASH_OPERATION_INIT;
+    psa_hash_operation_t op_finished = PSA_HASH_OPERATION_INIT;
+    psa_hash_operation_t op_aborted = PSA_HASH_OPERATION_INIT;
+    size_t hash_len;
+
+    PSA_ASSERT(psa_crypto_init());
+    PSA_ASSERT(psa_hash_setup(&op_source, alg));
+
+    PSA_ASSERT(psa_hash_setup(&op_setup, alg));
+    PSA_ASSERT(psa_hash_setup(&op_finished, alg));
+    PSA_ASSERT(psa_hash_finish(&op_finished,
+                               hash, sizeof(hash), &hash_len));
+    PSA_ASSERT(psa_hash_setup(&op_aborted, alg));
+    PSA_ASSERT(psa_hash_abort(&op_aborted));
+
+    TEST_EQUAL(psa_hash_clone(&op_source, &op_setup),
+               PSA_ERROR_BAD_STATE);
+
+    PSA_ASSERT(psa_hash_clone(&op_source, &op_init));
+    PSA_ASSERT(psa_hash_finish(&op_init,
+                               hash, sizeof(hash), &hash_len));
+    PSA_ASSERT(psa_hash_clone(&op_source, &op_finished));
+    PSA_ASSERT(psa_hash_finish(&op_finished,
+                               hash, sizeof(hash), &hash_len));
+    PSA_ASSERT(psa_hash_clone(&op_source, &op_aborted));
+    PSA_ASSERT(psa_hash_finish(&op_aborted,
+                               hash, sizeof(hash), &hash_len));
+
+exit:
+    psa_hash_abort(&op_source);
+    psa_hash_abort(&op_init);
+    psa_hash_abort(&op_setup);
+    psa_hash_abort(&op_finished);
+    psa_hash_abort(&op_aborted);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256 */
+void hash_clone_target_state()
+{
+    psa_algorithm_t alg = PSA_ALG_SHA_256;
+    unsigned char hash[PSA_HASH_MAX_SIZE];
+    psa_hash_operation_t op_init = PSA_HASH_OPERATION_INIT;
+    psa_hash_operation_t op_setup = PSA_HASH_OPERATION_INIT;
+    psa_hash_operation_t op_finished = PSA_HASH_OPERATION_INIT;
+    psa_hash_operation_t op_aborted = PSA_HASH_OPERATION_INIT;
+    psa_hash_operation_t op_target = PSA_HASH_OPERATION_INIT;
+    size_t hash_len;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    PSA_ASSERT(psa_hash_setup(&op_setup, alg));
+    PSA_ASSERT(psa_hash_setup(&op_finished, alg));
+    PSA_ASSERT(psa_hash_finish(&op_finished,
+                               hash, sizeof(hash), &hash_len));
+    PSA_ASSERT(psa_hash_setup(&op_aborted, alg));
+    PSA_ASSERT(psa_hash_abort(&op_aborted));
+
+    PSA_ASSERT(psa_hash_clone(&op_setup, &op_target));
+    PSA_ASSERT(psa_hash_finish(&op_target,
+                               hash, sizeof(hash), &hash_len));
+
+    TEST_EQUAL(psa_hash_clone(&op_init, &op_target), PSA_ERROR_BAD_STATE);
+    TEST_EQUAL(psa_hash_clone(&op_finished, &op_target),
+               PSA_ERROR_BAD_STATE);
+    TEST_EQUAL(psa_hash_clone(&op_aborted, &op_target),
+               PSA_ERROR_BAD_STATE);
+
+exit:
+    psa_hash_abort(&op_target);
+    psa_hash_abort(&op_init);
+    psa_hash_abort(&op_setup);
+    psa_hash_abort(&op_finished);
+    psa_hash_abort(&op_aborted);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mac_operation_init()
+{
+    const uint8_t input[1] = { 0 };
+
+    /* Test each valid way of initializing the object, except for `= {0}`, as
+     * Clang 5 complains when `-Wmissing-field-initializers` is used, even
+     * though it's OK by the C standard. We could test for this, but we'd need
+     * to suppress the Clang warning for the test. */
+    psa_mac_operation_t func = psa_mac_operation_init();
+    psa_mac_operation_t init = PSA_MAC_OPERATION_INIT;
+    psa_mac_operation_t zero;
+
+    memset(&zero, 0, sizeof(zero));
+
+    /* A freshly-initialized MAC operation should not be usable. */
+    TEST_EQUAL(psa_mac_update(&func,
+                              input, sizeof(input)),
+               PSA_ERROR_BAD_STATE);
+    TEST_EQUAL(psa_mac_update(&init,
+                              input, sizeof(input)),
+               PSA_ERROR_BAD_STATE);
+    TEST_EQUAL(psa_mac_update(&zero,
+                              input, sizeof(input)),
+               PSA_ERROR_BAD_STATE);
+
+    /* A default MAC operation should be abortable without error. */
+    PSA_ASSERT(psa_mac_abort(&func));
+    PSA_ASSERT(psa_mac_abort(&init));
+    PSA_ASSERT(psa_mac_abort(&zero));
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mac_setup(int key_type_arg,
+               data_t *key,
+               int alg_arg,
+               int expected_status_arg)
+{
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+#if defined(KNOWN_SUPPORTED_MAC_ALG)
+    const uint8_t smoke_test_key_data[16] = "kkkkkkkkkkkkkkkk";
+#endif
+
+    PSA_ASSERT(psa_crypto_init());
+
+    if (!exercise_mac_setup(key_type, key->x, key->len, alg,
+                            &operation, &status)) {
+        goto exit;
+    }
+    TEST_EQUAL(status, expected_status);
+
+    /* The operation object should be reusable. */
+#if defined(KNOWN_SUPPORTED_MAC_ALG)
+    if (!exercise_mac_setup(KNOWN_SUPPORTED_MAC_KEY_TYPE,
+                            smoke_test_key_data,
+                            sizeof(smoke_test_key_data),
+                            KNOWN_SUPPORTED_MAC_ALG,
+                            &operation, &status)) {
+        goto exit;
+    }
+    TEST_EQUAL(status, PSA_SUCCESS);
+#endif
+
+exit:
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:PSA_WANT_KEY_TYPE_HMAC:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256 */
+void mac_bad_order()
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = PSA_KEY_TYPE_HMAC;
+    psa_algorithm_t alg = PSA_ALG_HMAC(PSA_ALG_SHA_256);
+    const uint8_t key_data[] = {
+        0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+        0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+        0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa
+    };
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+    uint8_t sign_mac[PSA_MAC_MAX_SIZE + 10] = { 0 };
+    size_t sign_mac_length = 0;
+    const uint8_t input[] = { 0xbb, 0xbb, 0xbb, 0xbb };
+    const uint8_t verify_mac[] = {
+        0x74, 0x65, 0x93, 0x8c, 0xeb, 0x1d, 0xb3, 0x76, 0x5a, 0x38, 0xe7, 0xdd,
+        0x85, 0xc5, 0xad, 0x4f, 0x07, 0xe7, 0xd5, 0xb2, 0x64, 0xf0, 0x1a, 0x1a,
+        0x2c, 0xf9, 0x18, 0xca, 0x59, 0x7e, 0x5d, 0xf6
+    };
+
+    PSA_ASSERT(psa_crypto_init());
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data, sizeof(key_data),
+                              &key));
+
+    /* Call update without calling setup beforehand. */
+    TEST_EQUAL(psa_mac_update(&operation, input, sizeof(input)),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_mac_abort(&operation));
+
+    /* Call sign finish without calling setup beforehand. */
+    TEST_EQUAL(psa_mac_sign_finish(&operation, sign_mac, sizeof(sign_mac),
+                                   &sign_mac_length),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_mac_abort(&operation));
+
+    /* Call verify finish without calling setup beforehand. */
+    TEST_EQUAL(psa_mac_verify_finish(&operation,
+                                     verify_mac, sizeof(verify_mac)),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_mac_abort(&operation));
+
+    /* Call setup twice in a row. */
+    PSA_ASSERT(psa_mac_sign_setup(&operation, key, alg));
+    ASSERT_OPERATION_IS_ACTIVE(operation);
+    TEST_EQUAL(psa_mac_sign_setup(&operation, key, alg),
+               PSA_ERROR_BAD_STATE);
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+    PSA_ASSERT(psa_mac_abort(&operation));
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+
+    /* Call update after sign finish. */
+    PSA_ASSERT(psa_mac_sign_setup(&operation, key, alg));
+    PSA_ASSERT(psa_mac_update(&operation, input, sizeof(input)));
+    PSA_ASSERT(psa_mac_sign_finish(&operation,
+                                   sign_mac, sizeof(sign_mac),
+                                   &sign_mac_length));
+    TEST_EQUAL(psa_mac_update(&operation, input, sizeof(input)),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_mac_abort(&operation));
+
+    /* Call update after verify finish. */
+    PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg));
+    PSA_ASSERT(psa_mac_update(&operation, input, sizeof(input)));
+    PSA_ASSERT(psa_mac_verify_finish(&operation,
+                                     verify_mac, sizeof(verify_mac)));
+    TEST_EQUAL(psa_mac_update(&operation, input, sizeof(input)),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_mac_abort(&operation));
+
+    /* Call sign finish twice in a row. */
+    PSA_ASSERT(psa_mac_sign_setup(&operation, key, alg));
+    PSA_ASSERT(psa_mac_update(&operation, input, sizeof(input)));
+    PSA_ASSERT(psa_mac_sign_finish(&operation,
+                                   sign_mac, sizeof(sign_mac),
+                                   &sign_mac_length));
+    TEST_EQUAL(psa_mac_sign_finish(&operation,
+                                   sign_mac, sizeof(sign_mac),
+                                   &sign_mac_length),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_mac_abort(&operation));
+
+    /* Call verify finish twice in a row. */
+    PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg));
+    PSA_ASSERT(psa_mac_update(&operation, input, sizeof(input)));
+    PSA_ASSERT(psa_mac_verify_finish(&operation,
+                                     verify_mac, sizeof(verify_mac)));
+    TEST_EQUAL(psa_mac_verify_finish(&operation,
+                                     verify_mac, sizeof(verify_mac)),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_mac_abort(&operation));
+
+    /* Setup sign but try verify. */
+    PSA_ASSERT(psa_mac_sign_setup(&operation, key, alg));
+    PSA_ASSERT(psa_mac_update(&operation, input, sizeof(input)));
+    ASSERT_OPERATION_IS_ACTIVE(operation);
+    TEST_EQUAL(psa_mac_verify_finish(&operation,
+                                     verify_mac, sizeof(verify_mac)),
+               PSA_ERROR_BAD_STATE);
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+    PSA_ASSERT(psa_mac_abort(&operation));
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+
+    /* Setup verify but try sign. */
+    PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg));
+    PSA_ASSERT(psa_mac_update(&operation, input, sizeof(input)));
+    ASSERT_OPERATION_IS_ACTIVE(operation);
+    TEST_EQUAL(psa_mac_sign_finish(&operation,
+                                   sign_mac, sizeof(sign_mac),
+                                   &sign_mac_length),
+               PSA_ERROR_BAD_STATE);
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+    PSA_ASSERT(psa_mac_abort(&operation));
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+
+    PSA_ASSERT(psa_destroy_key(key));
+
+exit:
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mac_sign(int key_type_arg,
+              data_t *key_data,
+              int alg_arg,
+              data_t *input,
+              data_t *expected_mac)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    uint8_t *actual_mac = NULL;
+    size_t mac_buffer_size =
+        PSA_MAC_LENGTH(key_type, PSA_BYTES_TO_BITS(key_data->len), alg);
+    size_t mac_length = 0;
+    const size_t output_sizes_to_test[] = {
+        0,
+        1,
+        expected_mac->len - 1,
+        expected_mac->len,
+        expected_mac->len + 1,
+    };
+
+    TEST_LE_U(mac_buffer_size, PSA_MAC_MAX_SIZE);
+    /* We expect PSA_MAC_LENGTH to be exact. */
+    TEST_ASSERT(expected_mac->len == mac_buffer_size);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    for (size_t i = 0; i < ARRAY_LENGTH(output_sizes_to_test); i++) {
+        const size_t output_size = output_sizes_to_test[i];
+        psa_status_t expected_status =
+            (output_size >= expected_mac->len ? PSA_SUCCESS :
+             PSA_ERROR_BUFFER_TOO_SMALL);
+
+        mbedtls_test_set_step(output_size);
+        TEST_CALLOC(actual_mac, output_size);
+
+        /* Calculate the MAC, one-shot case. */
+        TEST_EQUAL(psa_mac_compute(key, alg,
+                                   input->x, input->len,
+                                   actual_mac, output_size, &mac_length),
+                   expected_status);
+        if (expected_status == PSA_SUCCESS) {
+            TEST_MEMORY_COMPARE(expected_mac->x, expected_mac->len,
+                                actual_mac, mac_length);
+        }
+
+        if (output_size > 0) {
+            memset(actual_mac, 0, output_size);
+        }
+
+        /* Calculate the MAC, multi-part case. */
+        PSA_ASSERT(psa_mac_sign_setup(&operation, key, alg));
+        PSA_ASSERT(psa_mac_update(&operation,
+                                  input->x, input->len));
+        TEST_EQUAL(psa_mac_sign_finish(&operation,
+                                       actual_mac, output_size,
+                                       &mac_length),
+                   expected_status);
+        PSA_ASSERT(psa_mac_abort(&operation));
+
+        if (expected_status == PSA_SUCCESS) {
+            TEST_MEMORY_COMPARE(expected_mac->x, expected_mac->len,
+                                actual_mac, mac_length);
+        }
+        mbedtls_free(actual_mac);
+        actual_mac = NULL;
+    }
+
+exit:
+    psa_mac_abort(&operation);
+    psa_destroy_key(key);
+    PSA_DONE();
+    mbedtls_free(actual_mac);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mac_verify(int key_type_arg,
+                data_t *key_data,
+                int alg_arg,
+                data_t *input,
+                data_t *expected_mac)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    uint8_t *perturbed_mac = NULL;
+
+    TEST_LE_U(expected_mac->len, PSA_MAC_MAX_SIZE);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    /* Verify correct MAC, one-shot case. */
+    PSA_ASSERT(psa_mac_verify(key, alg, input->x, input->len,
+                              expected_mac->x, expected_mac->len));
+
+    /* Verify correct MAC, multi-part case. */
+    PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg));
+    PSA_ASSERT(psa_mac_update(&operation,
+                              input->x, input->len));
+    PSA_ASSERT(psa_mac_verify_finish(&operation,
+                                     expected_mac->x,
+                                     expected_mac->len));
+
+    /* Test a MAC that's too short, one-shot case. */
+    TEST_EQUAL(psa_mac_verify(key, alg,
+                              input->x, input->len,
+                              expected_mac->x,
+                              expected_mac->len - 1),
+               PSA_ERROR_INVALID_SIGNATURE);
+
+    /* Test a MAC that's too short, multi-part case. */
+    PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg));
+    PSA_ASSERT(psa_mac_update(&operation,
+                              input->x, input->len));
+    TEST_EQUAL(psa_mac_verify_finish(&operation,
+                                     expected_mac->x,
+                                     expected_mac->len - 1),
+               PSA_ERROR_INVALID_SIGNATURE);
+
+    /* Test a MAC that's too long, one-shot case. */
+    TEST_CALLOC(perturbed_mac, expected_mac->len + 1);
+    memcpy(perturbed_mac, expected_mac->x, expected_mac->len);
+    TEST_EQUAL(psa_mac_verify(key, alg,
+                              input->x, input->len,
+                              perturbed_mac, expected_mac->len + 1),
+               PSA_ERROR_INVALID_SIGNATURE);
+
+    /* Test a MAC that's too long, multi-part case. */
+    PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg));
+    PSA_ASSERT(psa_mac_update(&operation,
+                              input->x, input->len));
+    TEST_EQUAL(psa_mac_verify_finish(&operation,
+                                     perturbed_mac,
+                                     expected_mac->len + 1),
+               PSA_ERROR_INVALID_SIGNATURE);
+
+    /* Test changing one byte. */
+    for (size_t i = 0; i < expected_mac->len; i++) {
+        mbedtls_test_set_step(i);
+        perturbed_mac[i] ^= 1;
+
+        TEST_EQUAL(psa_mac_verify(key, alg,
+                                  input->x, input->len,
+                                  perturbed_mac, expected_mac->len),
+                   PSA_ERROR_INVALID_SIGNATURE);
+
+        PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg));
+        PSA_ASSERT(psa_mac_update(&operation,
+                                  input->x, input->len));
+        TEST_EQUAL(psa_mac_verify_finish(&operation,
+                                         perturbed_mac,
+                                         expected_mac->len),
+                   PSA_ERROR_INVALID_SIGNATURE);
+        perturbed_mac[i] ^= 1;
+    }
+
+exit:
+    psa_mac_abort(&operation);
+    psa_destroy_key(key);
+    PSA_DONE();
+    mbedtls_free(perturbed_mac);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_operation_init()
+{
+    const uint8_t input[1] = { 0 };
+    unsigned char output[1] = { 0 };
+    size_t output_length;
+    /* Test each valid way of initializing the object, except for `= {0}`, as
+     * Clang 5 complains when `-Wmissing-field-initializers` is used, even
+     * though it's OK by the C standard. We could test for this, but we'd need
+     * to suppress the Clang warning for the test. */
+    psa_cipher_operation_t func = psa_cipher_operation_init();
+    psa_cipher_operation_t init = PSA_CIPHER_OPERATION_INIT;
+    psa_cipher_operation_t zero;
+
+    memset(&zero, 0, sizeof(zero));
+
+    /* A freshly-initialized cipher operation should not be usable. */
+    TEST_EQUAL(psa_cipher_update(&func,
+                                 input, sizeof(input),
+                                 output, sizeof(output),
+                                 &output_length),
+               PSA_ERROR_BAD_STATE);
+    TEST_EQUAL(psa_cipher_update(&init,
+                                 input, sizeof(input),
+                                 output, sizeof(output),
+                                 &output_length),
+               PSA_ERROR_BAD_STATE);
+    TEST_EQUAL(psa_cipher_update(&zero,
+                                 input, sizeof(input),
+                                 output, sizeof(output),
+                                 &output_length),
+               PSA_ERROR_BAD_STATE);
+
+    /* A default cipher operation should be abortable without error. */
+    PSA_ASSERT(psa_cipher_abort(&func));
+    PSA_ASSERT(psa_cipher_abort(&init));
+    PSA_ASSERT(psa_cipher_abort(&zero));
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_setup(int key_type_arg,
+                  data_t *key,
+                  int alg_arg,
+                  int expected_status_arg)
+{
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+    psa_status_t status;
+#if defined(KNOWN_SUPPORTED_CIPHER_ALG)
+    const uint8_t smoke_test_key_data[16] = "kkkkkkkkkkkkkkkk";
+#endif
+
+    PSA_ASSERT(psa_crypto_init());
+
+    if (!exercise_cipher_setup(key_type, key->x, key->len, alg,
+                               &operation, &status)) {
+        goto exit;
+    }
+    TEST_EQUAL(status, expected_status);
+
+    /* The operation object should be reusable. */
+#if defined(KNOWN_SUPPORTED_CIPHER_ALG)
+    if (!exercise_cipher_setup(KNOWN_SUPPORTED_CIPHER_KEY_TYPE,
+                               smoke_test_key_data,
+                               sizeof(smoke_test_key_data),
+                               KNOWN_SUPPORTED_CIPHER_ALG,
+                               &operation, &status)) {
+        goto exit;
+    }
+    TEST_EQUAL(status, PSA_SUCCESS);
+#endif
+
+exit:
+    psa_cipher_abort(&operation);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_PKCS7 */
+void cipher_bad_order()
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = PSA_KEY_TYPE_AES;
+    psa_algorithm_t alg = PSA_ALG_CBC_PKCS7;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+    unsigned char iv[PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES)] = { 0 };
+    const uint8_t key_data[] = {
+        0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+        0xaa, 0xaa, 0xaa, 0xaa
+    };
+    const uint8_t text[] = {
+        0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
+        0xbb, 0xbb, 0xbb, 0xbb
+    };
+    uint8_t buffer[PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES)] = { 0 };
+    size_t length = 0;
+
+    PSA_ASSERT(psa_crypto_init());
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+    PSA_ASSERT(psa_import_key(&attributes, key_data, sizeof(key_data),
+                              &key));
+
+    /* Call encrypt setup twice in a row. */
+    PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg));
+    ASSERT_OPERATION_IS_ACTIVE(operation);
+    TEST_EQUAL(psa_cipher_encrypt_setup(&operation, key, alg),
+               PSA_ERROR_BAD_STATE);
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+    PSA_ASSERT(psa_cipher_abort(&operation));
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+
+    /* Call decrypt setup twice in a row. */
+    PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg));
+    ASSERT_OPERATION_IS_ACTIVE(operation);
+    TEST_EQUAL(psa_cipher_decrypt_setup(&operation, key, alg),
+               PSA_ERROR_BAD_STATE);
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+    PSA_ASSERT(psa_cipher_abort(&operation));
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+
+    /* Generate an IV without calling setup beforehand. */
+    TEST_EQUAL(psa_cipher_generate_iv(&operation,
+                                      buffer, sizeof(buffer),
+                                      &length),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_cipher_abort(&operation));
+
+    /* Generate an IV twice in a row. */
+    PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg));
+    PSA_ASSERT(psa_cipher_generate_iv(&operation,
+                                      buffer, sizeof(buffer),
+                                      &length));
+    ASSERT_OPERATION_IS_ACTIVE(operation);
+    TEST_EQUAL(psa_cipher_generate_iv(&operation,
+                                      buffer, sizeof(buffer),
+                                      &length),
+               PSA_ERROR_BAD_STATE);
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+    PSA_ASSERT(psa_cipher_abort(&operation));
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+
+    /* Generate an IV after it's already set. */
+    PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg));
+    PSA_ASSERT(psa_cipher_set_iv(&operation,
+                                 iv, sizeof(iv)));
+    TEST_EQUAL(psa_cipher_generate_iv(&operation,
+                                      buffer, sizeof(buffer),
+                                      &length),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_cipher_abort(&operation));
+
+    /* Set an IV without calling setup beforehand. */
+    TEST_EQUAL(psa_cipher_set_iv(&operation,
+                                 iv, sizeof(iv)),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_cipher_abort(&operation));
+
+    /* Set an IV after it's already set. */
+    PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg));
+    PSA_ASSERT(psa_cipher_set_iv(&operation,
+                                 iv, sizeof(iv)));
+    ASSERT_OPERATION_IS_ACTIVE(operation);
+    TEST_EQUAL(psa_cipher_set_iv(&operation,
+                                 iv, sizeof(iv)),
+               PSA_ERROR_BAD_STATE);
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+    PSA_ASSERT(psa_cipher_abort(&operation));
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+
+    /* Set an IV after it's already generated. */
+    PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg));
+    PSA_ASSERT(psa_cipher_generate_iv(&operation,
+                                      buffer, sizeof(buffer),
+                                      &length));
+    TEST_EQUAL(psa_cipher_set_iv(&operation,
+                                 iv, sizeof(iv)),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_cipher_abort(&operation));
+
+    /* Call update without calling setup beforehand. */
+    TEST_EQUAL(psa_cipher_update(&operation,
+                                 text, sizeof(text),
+                                 buffer, sizeof(buffer),
+                                 &length),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_cipher_abort(&operation));
+
+    /* Call update without an IV where an IV is required. */
+    PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg));
+    ASSERT_OPERATION_IS_ACTIVE(operation);
+    TEST_EQUAL(psa_cipher_update(&operation,
+                                 text, sizeof(text),
+                                 buffer, sizeof(buffer),
+                                 &length),
+               PSA_ERROR_BAD_STATE);
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+    PSA_ASSERT(psa_cipher_abort(&operation));
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+
+    /* Call update after finish. */
+    PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg));
+    PSA_ASSERT(psa_cipher_set_iv(&operation,
+                                 iv, sizeof(iv)));
+    PSA_ASSERT(psa_cipher_finish(&operation,
+                                 buffer, sizeof(buffer), &length));
+    TEST_EQUAL(psa_cipher_update(&operation,
+                                 text, sizeof(text),
+                                 buffer, sizeof(buffer),
+                                 &length),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_cipher_abort(&operation));
+
+    /* Call finish without calling setup beforehand. */
+    TEST_EQUAL(psa_cipher_finish(&operation,
+                                 buffer, sizeof(buffer), &length),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_cipher_abort(&operation));
+
+    /* Call finish without an IV where an IV is required. */
+    PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg));
+    /* Not calling update means we are encrypting an empty buffer, which is OK
+     * for cipher modes with padding. */
+    ASSERT_OPERATION_IS_ACTIVE(operation);
+    TEST_EQUAL(psa_cipher_finish(&operation,
+                                 buffer, sizeof(buffer), &length),
+               PSA_ERROR_BAD_STATE);
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+    PSA_ASSERT(psa_cipher_abort(&operation));
+    ASSERT_OPERATION_IS_INACTIVE(operation);
+
+    /* Call finish twice in a row. */
+    PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg));
+    PSA_ASSERT(psa_cipher_set_iv(&operation,
+                                 iv, sizeof(iv)));
+    PSA_ASSERT(psa_cipher_finish(&operation,
+                                 buffer, sizeof(buffer), &length));
+    TEST_EQUAL(psa_cipher_finish(&operation,
+                                 buffer, sizeof(buffer), &length),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_cipher_abort(&operation));
+
+    PSA_ASSERT(psa_destroy_key(key));
+
+exit:
+    psa_cipher_abort(&operation);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_encrypt_fail(int alg_arg,
+                         int key_type_arg,
+                         data_t *key_data,
+                         data_t *input,
+                         int expected_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_status_t status;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t expected_status = expected_status_arg;
+    unsigned char *output = NULL;
+    size_t output_buffer_size = 0;
+    size_t output_length = 0;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    if (PSA_ERROR_BAD_STATE != expected_status) {
+        PSA_ASSERT(psa_crypto_init());
+
+        psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT);
+        psa_set_key_algorithm(&attributes, alg);
+        psa_set_key_type(&attributes, key_type);
+
+        output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg,
+                                                            input->len);
+        TEST_CALLOC(output, output_buffer_size);
+
+        PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                                  &key));
+    }
+
+    status = psa_cipher_encrypt(key, alg, input->x, input->len, output,
+                                output_buffer_size, &output_length);
+
+    TEST_EQUAL(status, expected_status);
+
+exit:
+    mbedtls_free(output);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_alg_without_iv(int alg_arg, int key_type_arg, data_t *key_data,
+                           data_t *plaintext, data_t *ciphertext)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+    uint8_t iv[1] = { 0x5a };
+    unsigned char *output = NULL;
+    size_t output_buffer_size = 0;
+    size_t output_length, length;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    /* Validate size macros */
+    TEST_LE_U(ciphertext->len,
+              PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, plaintext->len));
+    TEST_LE_U(PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, plaintext->len),
+              PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(plaintext->len));
+    TEST_LE_U(plaintext->len,
+              PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext->len));
+    TEST_LE_U(PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext->len),
+              PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(ciphertext->len));
+
+
+    /* Set up key and output buffer */
+    psa_set_key_usage_flags(&attributes,
+                            PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+    output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg,
+                                                        plaintext->len);
+    TEST_CALLOC(output, output_buffer_size);
+
+    /* set_iv() is not allowed */
+    PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg));
+    TEST_EQUAL(psa_cipher_set_iv(&operation, iv, sizeof(iv)),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg));
+    TEST_EQUAL(psa_cipher_set_iv(&operation, iv, sizeof(iv)),
+               PSA_ERROR_BAD_STATE);
+
+    /* generate_iv() is not allowed */
+    PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg));
+    TEST_EQUAL(psa_cipher_generate_iv(&operation, iv, sizeof(iv),
+                                      &length),
+               PSA_ERROR_BAD_STATE);
+    PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg));
+    TEST_EQUAL(psa_cipher_generate_iv(&operation, iv, sizeof(iv),
+                                      &length),
+               PSA_ERROR_BAD_STATE);
+
+    /* Multipart encryption */
+    PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg));
+    output_length = 0;
+    length = ~0;
+    PSA_ASSERT(psa_cipher_update(&operation,
+                                 plaintext->x, plaintext->len,
+                                 output, output_buffer_size,
+                                 &length));
+    TEST_LE_U(length, output_buffer_size);
+    output_length += length;
+    PSA_ASSERT(psa_cipher_finish(&operation,
+                                 mbedtls_buffer_offset(output, output_length),
+                                 output_buffer_size - output_length,
+                                 &length));
+    output_length += length;
+    TEST_MEMORY_COMPARE(ciphertext->x, ciphertext->len,
+                        output, output_length);
+
+    /* Multipart encryption */
+    PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg));
+    output_length = 0;
+    length = ~0;
+    PSA_ASSERT(psa_cipher_update(&operation,
+                                 ciphertext->x, ciphertext->len,
+                                 output, output_buffer_size,
+                                 &length));
+    TEST_LE_U(length, output_buffer_size);
+    output_length += length;
+    PSA_ASSERT(psa_cipher_finish(&operation,
+                                 mbedtls_buffer_offset(output, output_length),
+                                 output_buffer_size - output_length,
+                                 &length));
+    output_length += length;
+    TEST_MEMORY_COMPARE(plaintext->x, plaintext->len,
+                        output, output_length);
+
+    /* One-shot encryption */
+    output_length = ~0;
+    PSA_ASSERT(psa_cipher_encrypt(key, alg, plaintext->x, plaintext->len,
+                                  output, output_buffer_size,
+                                  &output_length));
+    TEST_MEMORY_COMPARE(ciphertext->x, ciphertext->len,
+                        output, output_length);
+
+    /* One-shot decryption */
+    output_length = ~0;
+    PSA_ASSERT(psa_cipher_decrypt(key, alg, ciphertext->x, ciphertext->len,
+                                  output, output_buffer_size,
+                                  &output_length));
+    TEST_MEMORY_COMPARE(plaintext->x, plaintext->len,
+                        output, output_length);
+
+exit:
+    mbedtls_free(output);
+    psa_cipher_abort(&operation);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_bad_key(int alg_arg, int key_type_arg, data_t *key_data)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_type_t key_type = key_type_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+    psa_status_t status;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    /* Usage of either of these two size macros would cause divide by zero
+     * with incorrect key types previously. Input length should be irrelevant
+     * here. */
+    TEST_EQUAL(PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, 16),
+               0);
+    TEST_EQUAL(PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, 16), 0);
+
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    /* Should fail due to invalid alg type (to support invalid key type).
+     * Encrypt or decrypt will end up in the same place. */
+    status = psa_cipher_encrypt_setup(&operation, key, alg);
+
+    TEST_EQUAL(status, PSA_ERROR_INVALID_ARGUMENT);
+
+exit:
+    psa_cipher_abort(&operation);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_encrypt_validation(int alg_arg,
+                               int key_type_arg,
+                               data_t *key_data,
+                               data_t *input)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t iv_size = PSA_CIPHER_IV_LENGTH(key_type, alg);
+    unsigned char *output1 = NULL;
+    size_t output1_buffer_size = 0;
+    size_t output1_length = 0;
+    unsigned char *output2 = NULL;
+    size_t output2_buffer_size = 0;
+    size_t output2_length = 0;
+    size_t function_output_length = 0;
+    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len);
+    output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input->len) +
+                          PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg);
+    TEST_CALLOC(output1, output1_buffer_size);
+    TEST_CALLOC(output2, output2_buffer_size);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    /* The one-shot cipher encryption uses generated iv so validating
+       the output is not possible. Validating with multipart encryption. */
+    PSA_ASSERT(psa_cipher_encrypt(key, alg, input->x, input->len, output1,
+                                  output1_buffer_size, &output1_length));
+    TEST_LE_U(output1_length,
+              PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len));
+    TEST_LE_U(output1_length,
+              PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(input->len));
+
+    PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg));
+    PSA_ASSERT(psa_cipher_set_iv(&operation, output1, iv_size));
+
+    PSA_ASSERT(psa_cipher_update(&operation,
+                                 input->x, input->len,
+                                 output2, output2_buffer_size,
+                                 &function_output_length));
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input->len));
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(input->len));
+    output2_length += function_output_length;
+
+    PSA_ASSERT(psa_cipher_finish(&operation,
+                                 output2 + output2_length,
+                                 output2_buffer_size - output2_length,
+                                 &function_output_length));
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg));
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE);
+    output2_length += function_output_length;
+
+    PSA_ASSERT(psa_cipher_abort(&operation));
+    TEST_MEMORY_COMPARE(output1 + iv_size, output1_length - iv_size,
+                        output2, output2_length);
+
+exit:
+    psa_cipher_abort(&operation);
+    mbedtls_free(output1);
+    mbedtls_free(output2);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_encrypt_multipart(int alg_arg, int key_type_arg,
+                              data_t *key_data, data_t *iv,
+                              data_t *input,
+                              int first_part_size_arg,
+                              int output1_length_arg, int output2_length_arg,
+                              data_t *expected_output,
+                              int expected_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t status;
+    psa_status_t expected_status = expected_status_arg;
+    size_t first_part_size = first_part_size_arg;
+    size_t output1_length = output1_length_arg;
+    size_t output2_length = output2_length_arg;
+    unsigned char *output = NULL;
+    size_t output_buffer_size = 0;
+    size_t function_output_length = 0;
+    size_t total_output_length = 0;
+    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg));
+
+    if (iv->len > 0) {
+        PSA_ASSERT(psa_cipher_set_iv(&operation, iv->x, iv->len));
+    }
+
+    output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input->len) +
+                         PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg);
+    TEST_CALLOC(output, output_buffer_size);
+
+    TEST_LE_U(first_part_size, input->len);
+    PSA_ASSERT(psa_cipher_update(&operation, input->x, first_part_size,
+                                 output, output_buffer_size,
+                                 &function_output_length));
+    TEST_ASSERT(function_output_length == output1_length);
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, first_part_size));
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(first_part_size));
+    total_output_length += function_output_length;
+
+    if (first_part_size < input->len) {
+        PSA_ASSERT(psa_cipher_update(&operation,
+                                     input->x + first_part_size,
+                                     input->len - first_part_size,
+                                     (output_buffer_size == 0 ? NULL :
+                                      output + total_output_length),
+                                     output_buffer_size - total_output_length,
+                                     &function_output_length));
+        TEST_ASSERT(function_output_length == output2_length);
+        TEST_LE_U(function_output_length,
+                  PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type,
+                                                alg,
+                                                input->len - first_part_size));
+        TEST_LE_U(function_output_length,
+                  PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(input->len));
+        total_output_length += function_output_length;
+    }
+
+    status = psa_cipher_finish(&operation,
+                               (output_buffer_size == 0 ? NULL :
+                                output + total_output_length),
+                               output_buffer_size - total_output_length,
+                               &function_output_length);
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg));
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE);
+    total_output_length += function_output_length;
+    TEST_EQUAL(status, expected_status);
+
+    if (expected_status == PSA_SUCCESS) {
+        PSA_ASSERT(psa_cipher_abort(&operation));
+
+        TEST_MEMORY_COMPARE(expected_output->x, expected_output->len,
+                            output, total_output_length);
+    }
+
+exit:
+    psa_cipher_abort(&operation);
+    mbedtls_free(output);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_decrypt_multipart(int alg_arg, int key_type_arg,
+                              data_t *key_data, data_t *iv,
+                              data_t *input,
+                              int first_part_size_arg,
+                              int output1_length_arg, int output2_length_arg,
+                              data_t *expected_output,
+                              int expected_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t status;
+    psa_status_t expected_status = expected_status_arg;
+    size_t first_part_size = first_part_size_arg;
+    size_t output1_length = output1_length_arg;
+    size_t output2_length = output2_length_arg;
+    unsigned char *output = NULL;
+    size_t output_buffer_size = 0;
+    size_t function_output_length = 0;
+    size_t total_output_length = 0;
+    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg));
+
+    if (iv->len > 0) {
+        PSA_ASSERT(psa_cipher_set_iv(&operation, iv->x, iv->len));
+    }
+
+    output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input->len) +
+                         PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg);
+    TEST_CALLOC(output, output_buffer_size);
+
+    TEST_LE_U(first_part_size, input->len);
+    PSA_ASSERT(psa_cipher_update(&operation,
+                                 input->x, first_part_size,
+                                 output, output_buffer_size,
+                                 &function_output_length));
+    TEST_ASSERT(function_output_length == output1_length);
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, first_part_size));
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(first_part_size));
+    total_output_length += function_output_length;
+
+    if (first_part_size < input->len) {
+        PSA_ASSERT(psa_cipher_update(&operation,
+                                     input->x + first_part_size,
+                                     input->len - first_part_size,
+                                     (output_buffer_size == 0 ? NULL :
+                                      output + total_output_length),
+                                     output_buffer_size - total_output_length,
+                                     &function_output_length));
+        TEST_ASSERT(function_output_length == output2_length);
+        TEST_LE_U(function_output_length,
+                  PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type,
+                                                alg,
+                                                input->len - first_part_size));
+        TEST_LE_U(function_output_length,
+                  PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(input->len));
+        total_output_length += function_output_length;
+    }
+
+    status = psa_cipher_finish(&operation,
+                               (output_buffer_size == 0 ? NULL :
+                                output + total_output_length),
+                               output_buffer_size - total_output_length,
+                               &function_output_length);
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg));
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE);
+    total_output_length += function_output_length;
+    TEST_EQUAL(status, expected_status);
+
+    if (expected_status == PSA_SUCCESS) {
+        PSA_ASSERT(psa_cipher_abort(&operation));
+
+        TEST_MEMORY_COMPARE(expected_output->x, expected_output->len,
+                            output, total_output_length);
+    }
+
+exit:
+    psa_cipher_abort(&operation);
+    mbedtls_free(output);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_decrypt_fail(int alg_arg,
+                         int key_type_arg,
+                         data_t *key_data,
+                         data_t *iv,
+                         data_t *input_arg,
+                         int expected_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_status_t status;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t expected_status = expected_status_arg;
+    unsigned char *input = NULL;
+    size_t input_buffer_size = 0;
+    unsigned char *output = NULL;
+    size_t output_buffer_size = 0;
+    size_t output_length = 0;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    if (PSA_ERROR_BAD_STATE != expected_status) {
+        PSA_ASSERT(psa_crypto_init());
+
+        psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT);
+        psa_set_key_algorithm(&attributes, alg);
+        psa_set_key_type(&attributes, key_type);
+
+        PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                                  &key));
+    }
+
+    /* Allocate input buffer and copy the iv and the plaintext */
+    input_buffer_size = ((size_t) input_arg->len + (size_t) iv->len);
+    if (input_buffer_size > 0) {
+        TEST_CALLOC(input, input_buffer_size);
+        memcpy(input, iv->x, iv->len);
+        memcpy(input + iv->len, input_arg->x, input_arg->len);
+    }
+
+    output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_buffer_size);
+    TEST_CALLOC(output, output_buffer_size);
+
+    status = psa_cipher_decrypt(key, alg, input, input_buffer_size, output,
+                                output_buffer_size, &output_length);
+    TEST_EQUAL(status, expected_status);
+
+exit:
+    mbedtls_free(input);
+    mbedtls_free(output);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_decrypt(int alg_arg,
+                    int key_type_arg,
+                    data_t *key_data,
+                    data_t *iv,
+                    data_t *input_arg,
+                    data_t *expected_output)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *input = NULL;
+    size_t input_buffer_size = 0;
+    unsigned char *output = NULL;
+    size_t output_buffer_size = 0;
+    size_t output_length = 0;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    /* Allocate input buffer and copy the iv and the plaintext */
+    input_buffer_size = ((size_t) input_arg->len + (size_t) iv->len);
+    if (input_buffer_size > 0) {
+        TEST_CALLOC(input, input_buffer_size);
+        memcpy(input, iv->x, iv->len);
+        memcpy(input + iv->len, input_arg->x, input_arg->len);
+    }
+
+    output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_buffer_size);
+    TEST_CALLOC(output, output_buffer_size);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    PSA_ASSERT(psa_cipher_decrypt(key, alg, input, input_buffer_size, output,
+                                  output_buffer_size, &output_length));
+    TEST_LE_U(output_length,
+              PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_buffer_size));
+    TEST_LE_U(output_length,
+              PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(input_buffer_size));
+
+    TEST_MEMORY_COMPARE(expected_output->x, expected_output->len,
+                        output, output_length);
+exit:
+    mbedtls_free(input);
+    mbedtls_free(output);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_verify_output(int alg_arg,
+                          int key_type_arg,
+                          data_t *key_data,
+                          data_t *input)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *output1 = NULL;
+    size_t output1_size = 0;
+    size_t output1_length = 0;
+    unsigned char *output2 = NULL;
+    size_t output2_size = 0;
+    size_t output2_length = 0;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+    output1_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len);
+    TEST_CALLOC(output1, output1_size);
+
+    PSA_ASSERT(psa_cipher_encrypt(key, alg, input->x, input->len,
+                                  output1, output1_size,
+                                  &output1_length));
+    TEST_LE_U(output1_length,
+              PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len));
+    TEST_LE_U(output1_length,
+              PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(input->len));
+
+    output2_size = output1_length;
+    TEST_CALLOC(output2, output2_size);
+
+    PSA_ASSERT(psa_cipher_decrypt(key, alg, output1, output1_length,
+                                  output2, output2_size,
+                                  &output2_length));
+    TEST_LE_U(output2_length,
+              PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, output1_length));
+    TEST_LE_U(output2_length,
+              PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(output1_length));
+
+    TEST_MEMORY_COMPARE(input->x, input->len, output2, output2_length);
+
+exit:
+    mbedtls_free(output1);
+    mbedtls_free(output2);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_verify_output_multipart(int alg_arg,
+                                    int key_type_arg,
+                                    data_t *key_data,
+                                    data_t *input,
+                                    int first_part_size_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t first_part_size = first_part_size_arg;
+    unsigned char iv[16] = { 0 };
+    size_t iv_size = 16;
+    size_t iv_length = 0;
+    unsigned char *output1 = NULL;
+    size_t output1_buffer_size = 0;
+    size_t output1_length = 0;
+    unsigned char *output2 = NULL;
+    size_t output2_buffer_size = 0;
+    size_t output2_length = 0;
+    size_t function_output_length;
+    psa_cipher_operation_t operation1 = PSA_CIPHER_OPERATION_INIT;
+    psa_cipher_operation_t operation2 = PSA_CIPHER_OPERATION_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    PSA_ASSERT(psa_cipher_encrypt_setup(&operation1, key, alg));
+    PSA_ASSERT(psa_cipher_decrypt_setup(&operation2, key, alg));
+
+    if (alg != PSA_ALG_ECB_NO_PADDING) {
+        PSA_ASSERT(psa_cipher_generate_iv(&operation1,
+                                          iv, iv_size,
+                                          &iv_length));
+    }
+
+    output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len);
+    TEST_LE_U(output1_buffer_size,
+              PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(input->len));
+    TEST_CALLOC(output1, output1_buffer_size);
+
+    TEST_LE_U(first_part_size, input->len);
+
+    PSA_ASSERT(psa_cipher_update(&operation1, input->x, first_part_size,
+                                 output1, output1_buffer_size,
+                                 &function_output_length));
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, first_part_size));
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(first_part_size));
+    output1_length += function_output_length;
+
+    PSA_ASSERT(psa_cipher_update(&operation1,
+                                 input->x + first_part_size,
+                                 input->len - first_part_size,
+                                 output1, output1_buffer_size,
+                                 &function_output_length));
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type,
+                                            alg,
+                                            input->len - first_part_size));
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(input->len - first_part_size));
+    output1_length += function_output_length;
+
+    PSA_ASSERT(psa_cipher_finish(&operation1,
+                                 output1 + output1_length,
+                                 output1_buffer_size - output1_length,
+                                 &function_output_length));
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg));
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE);
+    output1_length += function_output_length;
+
+    PSA_ASSERT(psa_cipher_abort(&operation1));
+
+    output2_buffer_size = output1_length;
+    TEST_LE_U(output2_buffer_size,
+              PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, output1_length));
+    TEST_LE_U(output2_buffer_size,
+              PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(output1_length));
+    TEST_CALLOC(output2, output2_buffer_size);
+
+    if (iv_length > 0) {
+        PSA_ASSERT(psa_cipher_set_iv(&operation2,
+                                     iv, iv_length));
+    }
+
+    PSA_ASSERT(psa_cipher_update(&operation2, output1, first_part_size,
+                                 output2, output2_buffer_size,
+                                 &function_output_length));
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, first_part_size));
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(first_part_size));
+    output2_length += function_output_length;
+
+    PSA_ASSERT(psa_cipher_update(&operation2,
+                                 output1 + first_part_size,
+                                 output1_length - first_part_size,
+                                 output2, output2_buffer_size,
+                                 &function_output_length));
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type,
+                                            alg,
+                                            output1_length - first_part_size));
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(output1_length - first_part_size));
+    output2_length += function_output_length;
+
+    PSA_ASSERT(psa_cipher_finish(&operation2,
+                                 output2 + output2_length,
+                                 output2_buffer_size - output2_length,
+                                 &function_output_length));
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg));
+    TEST_LE_U(function_output_length,
+              PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE);
+    output2_length += function_output_length;
+
+    PSA_ASSERT(psa_cipher_abort(&operation2));
+
+    TEST_MEMORY_COMPARE(input->x, input->len, output2, output2_length);
+
+exit:
+    psa_cipher_abort(&operation1);
+    psa_cipher_abort(&operation2);
+    mbedtls_free(output1);
+    mbedtls_free(output2);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aead_encrypt_decrypt(int key_type_arg, data_t *key_data,
+                          int alg_arg,
+                          data_t *nonce,
+                          data_t *additional_data,
+                          data_t *input_data,
+                          int expected_result_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t key_bits;
+    unsigned char *output_data = NULL;
+    size_t output_size = 0;
+    size_t output_length = 0;
+    unsigned char *output_data2 = NULL;
+    size_t output_length2 = 0;
+    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+    psa_status_t expected_result = expected_result_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    key_bits = psa_get_key_bits(&attributes);
+
+    output_size = input_data->len + PSA_AEAD_TAG_LENGTH(key_type, key_bits,
+                                                        alg);
+    /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE
+     * should be exact. */
+    if (expected_result != PSA_ERROR_INVALID_ARGUMENT &&
+        expected_result != PSA_ERROR_NOT_SUPPORTED) {
+        TEST_EQUAL(output_size,
+                   PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_data->len));
+        TEST_ASSERT(output_size <=
+                    PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(input_data->len));
+    }
+    TEST_CALLOC(output_data, output_size);
+
+    status = psa_aead_encrypt(key, alg,
+                              nonce->x, nonce->len,
+                              additional_data->x,
+                              additional_data->len,
+                              input_data->x, input_data->len,
+                              output_data, output_size,
+                              &output_length);
+
+    /* If the operation is not supported, just skip and not fail in case the
+     * encryption involves a common limitation of cryptography hardwares and
+     * an alternative implementation. */
+    if (status == PSA_ERROR_NOT_SUPPORTED) {
+        MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192(key_type, key_data->len * 8);
+        MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE(alg, nonce->len);
+    }
+
+    TEST_EQUAL(status, expected_result);
+
+    if (PSA_SUCCESS == expected_result) {
+        TEST_CALLOC(output_data2, output_length);
+
+        /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE
+         * should be exact. */
+        TEST_EQUAL(input_data->len,
+                   PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, output_length));
+
+        TEST_ASSERT(input_data->len <=
+                    PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(output_length));
+
+        TEST_EQUAL(psa_aead_decrypt(key, alg,
+                                    nonce->x, nonce->len,
+                                    additional_data->x,
+                                    additional_data->len,
+                                    output_data, output_length,
+                                    output_data2, output_length,
+                                    &output_length2),
+                   expected_result);
+
+        TEST_MEMORY_COMPARE(input_data->x, input_data->len,
+                            output_data2, output_length2);
+    }
+
+exit:
+    psa_destroy_key(key);
+    mbedtls_free(output_data);
+    mbedtls_free(output_data2);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aead_encrypt(int key_type_arg, data_t *key_data,
+                  int alg_arg,
+                  data_t *nonce,
+                  data_t *additional_data,
+                  data_t *input_data,
+                  data_t *expected_result)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t key_bits;
+    unsigned char *output_data = NULL;
+    size_t output_size = 0;
+    size_t output_length = 0;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    key_bits = psa_get_key_bits(&attributes);
+
+    output_size = input_data->len + PSA_AEAD_TAG_LENGTH(key_type, key_bits,
+                                                        alg);
+    /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE
+     * should be exact. */
+    TEST_EQUAL(output_size,
+               PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_data->len));
+    TEST_ASSERT(output_size <=
+                PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(input_data->len));
+    TEST_CALLOC(output_data, output_size);
+
+    status = psa_aead_encrypt(key, alg,
+                              nonce->x, nonce->len,
+                              additional_data->x, additional_data->len,
+                              input_data->x, input_data->len,
+                              output_data, output_size,
+                              &output_length);
+
+    /* If the operation is not supported, just skip and not fail in case the
+     * encryption involves a common limitation of cryptography hardwares and
+     * an alternative implementation. */
+    if (status == PSA_ERROR_NOT_SUPPORTED) {
+        MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192(key_type, key_data->len * 8);
+        MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE(alg, nonce->len);
+    }
+
+    PSA_ASSERT(status);
+    TEST_MEMORY_COMPARE(expected_result->x, expected_result->len,
+                        output_data, output_length);
+
+exit:
+    psa_destroy_key(key);
+    mbedtls_free(output_data);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aead_decrypt(int key_type_arg, data_t *key_data,
+                  int alg_arg,
+                  data_t *nonce,
+                  data_t *additional_data,
+                  data_t *input_data,
+                  data_t *expected_data,
+                  int expected_result_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t key_bits;
+    unsigned char *output_data = NULL;
+    size_t output_size = 0;
+    size_t output_length = 0;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_status_t expected_result = expected_result_arg;
+    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    key_bits = psa_get_key_bits(&attributes);
+
+    output_size = input_data->len - PSA_AEAD_TAG_LENGTH(key_type, key_bits,
+                                                        alg);
+    if (expected_result != PSA_ERROR_INVALID_ARGUMENT &&
+        expected_result != PSA_ERROR_NOT_SUPPORTED) {
+        /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE
+         * should be exact. */
+        TEST_EQUAL(output_size,
+                   PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, input_data->len));
+        TEST_ASSERT(output_size <=
+                    PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(input_data->len));
+    }
+    TEST_CALLOC(output_data, output_size);
+
+    status = psa_aead_decrypt(key, alg,
+                              nonce->x, nonce->len,
+                              additional_data->x,
+                              additional_data->len,
+                              input_data->x, input_data->len,
+                              output_data, output_size,
+                              &output_length);
+
+    /* If the operation is not supported, just skip and not fail in case the
+     * decryption involves a common limitation of cryptography hardwares and
+     * an alternative implementation. */
+    if (status == PSA_ERROR_NOT_SUPPORTED) {
+        MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192(key_type, key_data->len * 8);
+        MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE(alg, nonce->len);
+    }
+
+    TEST_EQUAL(status, expected_result);
+
+    if (expected_result == PSA_SUCCESS) {
+        TEST_MEMORY_COMPARE(expected_data->x, expected_data->len,
+                            output_data, output_length);
+    }
+
+exit:
+    psa_destroy_key(key);
+    mbedtls_free(output_data);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void signature_size(int type_arg,
+                    int bits,
+                    int alg_arg,
+                    int expected_size_arg)
+{
+    psa_key_type_t type = type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t actual_size = PSA_SIGN_OUTPUT_SIZE(type, bits, alg);
+
+    TEST_EQUAL(actual_size, (size_t) expected_size_arg);
+#if defined(MBEDTLS_TEST_DEPRECATED)
+    TEST_EQUAL(actual_size,
+               PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(type, bits, alg));
+#endif /* MBEDTLS_TEST_DEPRECATED */
+
+exit:
+    ;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void sign_hash_deterministic(int key_type_arg, data_t *key_data,
+                             int alg_arg, data_t *input_data,
+                             data_t *output_data)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t key_bits;
+    unsigned char *signature = NULL;
+    size_t signature_size;
+    size_t signature_length = 0xdeadbeef;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    key_bits = psa_get_key_bits(&attributes);
+
+    /* Allocate a buffer which has the size advertised by the
+     * library. */
+    signature_size = PSA_SIGN_OUTPUT_SIZE(key_type,
+                                          key_bits, alg);
+    TEST_ASSERT(signature_size != 0);
+    TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE);
+    TEST_CALLOC(signature, signature_size);
+
+    /* Perform the signature. */
+    PSA_ASSERT(psa_sign_hash(key, alg,
+                             input_data->x, input_data->len,
+                             signature, signature_size,
+                             &signature_length));
+    /* Verify that the signature is what is expected. */
+    TEST_MEMORY_COMPARE(output_data->x, output_data->len,
+                        signature, signature_length);
+
+#if defined(MBEDTLS_TEST_DEPRECATED)
+    memset(signature, 0, signature_size);
+    signature_length = INVALID_EXPORT_LENGTH;
+    PSA_ASSERT(psa_asymmetric_sign(key, alg,
+                                   input_data->x, input_data->len,
+                                   signature, signature_size,
+                                   &signature_length));
+    TEST_MEMORY_COMPARE(output_data->x, output_data->len,
+                        signature, signature_length);
+#endif /* MBEDTLS_TEST_DEPRECATED */
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    psa_destroy_key(key);
+    mbedtls_free(signature);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void sign_hash_fail(int key_type_arg, data_t *key_data,
+                    int alg_arg, data_t *input_data,
+                    int signature_size_arg, int expected_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t signature_size = signature_size_arg;
+    psa_status_t actual_status;
+    psa_status_t expected_status = expected_status_arg;
+    unsigned char *signature = NULL;
+    size_t signature_length = 0xdeadbeef;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    TEST_CALLOC(signature, signature_size);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    actual_status = psa_sign_hash(key, alg,
+                                  input_data->x, input_data->len,
+                                  signature, signature_size,
+                                  &signature_length);
+    TEST_EQUAL(actual_status, expected_status);
+    /* The value of *signature_length is unspecified on error, but
+     * whatever it is, it should be less than signature_size, so that
+     * if the caller tries to read *signature_length bytes without
+     * checking the error code then they don't overflow a buffer. */
+    TEST_LE_U(signature_length, signature_size);
+
+#if defined(MBEDTLS_TEST_DEPRECATED)
+    signature_length = INVALID_EXPORT_LENGTH;
+    TEST_EQUAL(psa_asymmetric_sign(key, alg,
+                                   input_data->x, input_data->len,
+                                   signature, signature_size,
+                                   &signature_length),
+               expected_status);
+    TEST_LE_U(signature_length, signature_size);
+#endif /* MBEDTLS_TEST_DEPRECATED */
+
+exit:
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(key);
+    mbedtls_free(signature);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void sign_verify_hash(int key_type_arg, data_t *key_data,
+                      int alg_arg, data_t *input_data)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t key_bits;
+    unsigned char *signature = NULL;
+    size_t signature_size;
+    size_t signature_length = 0xdeadbeef;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    key_bits = psa_get_key_bits(&attributes);
+
+    /* Allocate a buffer which has the size advertised by the
+     * library. */
+    signature_size = PSA_SIGN_OUTPUT_SIZE(key_type,
+                                          key_bits, alg);
+    TEST_ASSERT(signature_size != 0);
+    TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE);
+    TEST_CALLOC(signature, signature_size);
+
+    /* Perform the signature. */
+    PSA_ASSERT(psa_sign_hash(key, alg,
+                             input_data->x, input_data->len,
+                             signature, signature_size,
+                             &signature_length));
+    /* Check that the signature length looks sensible. */
+    TEST_LE_U(signature_length, signature_size);
+    TEST_ASSERT(signature_length > 0);
+
+    /* Use the library to verify that the signature is correct. */
+    PSA_ASSERT(psa_verify_hash(key, alg,
+                               input_data->x, input_data->len,
+                               signature, signature_length));
+
+    if (input_data->len != 0) {
+        /* Flip a bit in the input and verify that the signature is now
+         * detected as invalid. Flip a bit at the beginning, not at the end,
+         * because ECDSA may ignore the last few bits of the input. */
+        input_data->x[0] ^= 1;
+        TEST_EQUAL(psa_verify_hash(key, alg,
+                                   input_data->x, input_data->len,
+                                   signature, signature_length),
+                   PSA_ERROR_INVALID_SIGNATURE);
+    }
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    psa_destroy_key(key);
+    mbedtls_free(signature);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void verify_hash(int key_type_arg, data_t *key_data,
+                 int alg_arg, data_t *hash_data,
+                 data_t *signature_data)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    TEST_LE_U(signature_data->len, PSA_SIGNATURE_MAX_SIZE);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    PSA_ASSERT(psa_verify_hash(key, alg,
+                               hash_data->x, hash_data->len,
+                               signature_data->x, signature_data->len));
+
+#if defined(MBEDTLS_TEST_DEPRECATED)
+    PSA_ASSERT(psa_asymmetric_verify(key, alg,
+                                     hash_data->x, hash_data->len,
+                                     signature_data->x,
+                                     signature_data->len));
+
+#endif /* MBEDTLS_TEST_DEPRECATED */
+
+exit:
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void verify_hash_fail(int key_type_arg, data_t *key_data,
+                      int alg_arg, data_t *hash_data,
+                      data_t *signature_data,
+                      int expected_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t actual_status;
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    actual_status = psa_verify_hash(key, alg,
+                                    hash_data->x, hash_data->len,
+                                    signature_data->x, signature_data->len);
+    TEST_EQUAL(actual_status, expected_status);
+
+#if defined(MBEDTLS_TEST_DEPRECATED)
+    TEST_EQUAL(psa_asymmetric_verify(key, alg,
+                                     hash_data->x, hash_data->len,
+                                     signature_data->x, signature_data->len),
+               expected_status);
+#endif /* MBEDTLS_TEST_DEPRECATED */
+
+exit:
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void sign_message_deterministic(int key_type_arg,
+                                data_t *key_data,
+                                int alg_arg,
+                                data_t *input_data,
+                                data_t *output_data)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t key_bits;
+    unsigned char *signature = NULL;
+    size_t signature_size;
+    size_t signature_length = 0xdeadbeef;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    key_bits = psa_get_key_bits(&attributes);
+
+    signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg);
+    TEST_ASSERT(signature_size != 0);
+    TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE);
+    TEST_CALLOC(signature, signature_size);
+
+    PSA_ASSERT(psa_sign_message(key, alg,
+                                input_data->x, input_data->len,
+                                signature, signature_size,
+                                &signature_length));
+
+    TEST_MEMORY_COMPARE(output_data->x, output_data->len,
+                        signature, signature_length);
+
+exit:
+    psa_reset_key_attributes(&attributes);
+
+    psa_destroy_key(key);
+    mbedtls_free(signature);
+    PSA_DONE();
+
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void sign_message_fail(int key_type_arg,
+                       data_t *key_data,
+                       int alg_arg,
+                       data_t *input_data,
+                       int signature_size_arg,
+                       int expected_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t signature_size = signature_size_arg;
+    psa_status_t actual_status;
+    psa_status_t expected_status = expected_status_arg;
+    unsigned char *signature = NULL;
+    size_t signature_length = 0xdeadbeef;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    TEST_CALLOC(signature, signature_size);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    actual_status = psa_sign_message(key, alg,
+                                     input_data->x, input_data->len,
+                                     signature, signature_size,
+                                     &signature_length);
+    TEST_EQUAL(actual_status, expected_status);
+    /* The value of *signature_length is unspecified on error, but
+     * whatever it is, it should be less than signature_size, so that
+     * if the caller tries to read *signature_length bytes without
+     * checking the error code then they don't overflow a buffer. */
+    TEST_LE_U(signature_length, signature_size);
+
+exit:
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(key);
+    mbedtls_free(signature);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void sign_verify_message(int key_type_arg,
+                         data_t *key_data,
+                         int alg_arg,
+                         data_t *input_data)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t key_bits;
+    unsigned char *signature = NULL;
+    size_t signature_size;
+    size_t signature_length = 0xdeadbeef;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE |
+                            PSA_KEY_USAGE_VERIFY_MESSAGE);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    key_bits = psa_get_key_bits(&attributes);
+
+    signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg);
+    TEST_ASSERT(signature_size != 0);
+    TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE);
+    TEST_CALLOC(signature, signature_size);
+
+    PSA_ASSERT(psa_sign_message(key, alg,
+                                input_data->x, input_data->len,
+                                signature, signature_size,
+                                &signature_length));
+    TEST_LE_U(signature_length, signature_size);
+    TEST_ASSERT(signature_length > 0);
+
+    PSA_ASSERT(psa_verify_message(key, alg,
+                                  input_data->x, input_data->len,
+                                  signature, signature_length));
+
+    if (input_data->len != 0) {
+        /* Flip a bit in the input and verify that the signature is now
+         * detected as invalid. Flip a bit at the beginning, not at the end,
+         * because ECDSA may ignore the last few bits of the input. */
+        input_data->x[0] ^= 1;
+        TEST_EQUAL(psa_verify_message(key, alg,
+                                      input_data->x, input_data->len,
+                                      signature, signature_length),
+                   PSA_ERROR_INVALID_SIGNATURE);
+    }
+
+exit:
+    psa_reset_key_attributes(&attributes);
+
+    psa_destroy_key(key);
+    mbedtls_free(signature);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void verify_message(int key_type_arg,
+                    data_t *key_data,
+                    int alg_arg,
+                    data_t *input_data,
+                    data_t *signature_data)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    TEST_LE_U(signature_data->len, PSA_SIGNATURE_MAX_SIZE);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_MESSAGE);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    PSA_ASSERT(psa_verify_message(key, alg,
+                                  input_data->x, input_data->len,
+                                  signature_data->x, signature_data->len));
+
+exit:
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void verify_message_fail(int key_type_arg,
+                         data_t *key_data,
+                         int alg_arg,
+                         data_t *hash_data,
+                         data_t *signature_data,
+                         int expected_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t actual_status;
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_MESSAGE);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    actual_status = psa_verify_message(key, alg,
+                                       hash_data->x, hash_data->len,
+                                       signature_data->x,
+                                       signature_data->len);
+    TEST_EQUAL(actual_status, expected_status);
+
+exit:
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_encrypt(int key_type_arg,
+                        data_t *key_data,
+                        int alg_arg,
+                        data_t *input_data,
+                        data_t *label,
+                        int expected_output_length_arg,
+                        int expected_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t expected_output_length = expected_output_length_arg;
+    size_t key_bits;
+    unsigned char *output = NULL;
+    size_t output_size;
+    size_t output_length = ~0;
+    psa_status_t actual_status;
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    /* Import the key */
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    /* Determine the maximum output length */
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    key_bits = psa_get_key_bits(&attributes);
+
+    output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg);
+    TEST_LE_U(output_size, PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE);
+    TEST_CALLOC(output, output_size);
+
+    /* Encrypt the input */
+    actual_status = psa_asymmetric_encrypt(key, alg,
+                                           input_data->x, input_data->len,
+                                           label->x, label->len,
+                                           output, output_size,
+                                           &output_length);
+    TEST_EQUAL(actual_status, expected_status);
+    if (actual_status == PSA_SUCCESS) {
+        TEST_EQUAL(output_length, expected_output_length);
+    } else {
+        TEST_LE_U(output_length, output_size);
+    }
+
+    /* If the label is empty, the test framework puts a non-null pointer
+     * in label->x. Test that a null pointer works as well. */
+    if (label->len == 0) {
+        output_length = ~0;
+        if (output_size != 0) {
+            memset(output, 0, output_size);
+        }
+        actual_status = psa_asymmetric_encrypt(key, alg,
+                                               input_data->x, input_data->len,
+                                               NULL, label->len,
+                                               output, output_size,
+                                               &output_length);
+        TEST_EQUAL(actual_status, expected_status);
+        if (actual_status == PSA_SUCCESS) {
+            TEST_EQUAL(output_length, expected_output_length);
+        } else {
+            TEST_LE_U(output_length, output_size);
+        }
+    }
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    psa_destroy_key(key);
+    mbedtls_free(output);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_encrypt_decrypt(int key_type_arg,
+                                data_t *key_data,
+                                int alg_arg,
+                                data_t *input_data,
+                                data_t *label)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t key_bits;
+    unsigned char *output = NULL;
+    size_t output_size;
+    size_t output_length = ~0;
+    unsigned char *output2 = NULL;
+    size_t output2_size;
+    size_t output2_length = ~0;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    /* Determine the maximum ciphertext length */
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    key_bits = psa_get_key_bits(&attributes);
+
+    output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg);
+    TEST_LE_U(output_size, PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE);
+    TEST_CALLOC(output, output_size);
+
+    output2_size = input_data->len;
+    TEST_LE_U(output2_size,
+              PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg));
+    TEST_LE_U(output2_size, PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE);
+    TEST_CALLOC(output2, output2_size);
+
+    /* We test encryption by checking that encrypt-then-decrypt gives back
+     * the original plaintext because of the non-optional random
+     * part of encryption process which prevents using fixed vectors. */
+    PSA_ASSERT(psa_asymmetric_encrypt(key, alg,
+                                      input_data->x, input_data->len,
+                                      label->x, label->len,
+                                      output, output_size,
+                                      &output_length));
+    /* We don't know what ciphertext length to expect, but check that
+     * it looks sensible. */
+    TEST_LE_U(output_length, output_size);
+
+    PSA_ASSERT(psa_asymmetric_decrypt(key, alg,
+                                      output, output_length,
+                                      label->x, label->len,
+                                      output2, output2_size,
+                                      &output2_length));
+    TEST_MEMORY_COMPARE(input_data->x, input_data->len,
+                        output2, output2_length);
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    psa_destroy_key(key);
+    mbedtls_free(output);
+    mbedtls_free(output2);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_decrypt(int key_type_arg,
+                        data_t *key_data,
+                        int alg_arg,
+                        data_t *input_data,
+                        data_t *label,
+                        data_t *expected_data)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t key_bits;
+    unsigned char *output = NULL;
+    size_t output_size = 0;
+    size_t output_length = ~0;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    key_bits = psa_get_key_bits(&attributes);
+
+    /* Determine the maximum ciphertext length */
+    output_size = PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg);
+    TEST_LE_U(output_size, PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE);
+    TEST_CALLOC(output, output_size);
+
+    PSA_ASSERT(psa_asymmetric_decrypt(key, alg,
+                                      input_data->x, input_data->len,
+                                      label->x, label->len,
+                                      output,
+                                      output_size,
+                                      &output_length));
+    TEST_MEMORY_COMPARE(expected_data->x, expected_data->len,
+                        output, output_length);
+
+    /* If the label is empty, the test framework puts a non-null pointer
+     * in label->x. Test that a null pointer works as well. */
+    if (label->len == 0) {
+        output_length = ~0;
+        if (output_size != 0) {
+            memset(output, 0, output_size);
+        }
+        PSA_ASSERT(psa_asymmetric_decrypt(key, alg,
+                                          input_data->x, input_data->len,
+                                          NULL, label->len,
+                                          output,
+                                          output_size,
+                                          &output_length));
+        TEST_MEMORY_COMPARE(expected_data->x, expected_data->len,
+                            output, output_length);
+    }
+
+exit:
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(key);
+    mbedtls_free(output);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_decrypt_fail(int key_type_arg,
+                             data_t *key_data,
+                             int alg_arg,
+                             data_t *input_data,
+                             data_t *label,
+                             int output_size_arg,
+                             int expected_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *output = NULL;
+    size_t output_size = output_size_arg;
+    size_t output_length = ~0;
+    psa_status_t actual_status;
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    TEST_CALLOC(output, output_size);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    actual_status = psa_asymmetric_decrypt(key, alg,
+                                           input_data->x, input_data->len,
+                                           label->x, label->len,
+                                           output, output_size,
+                                           &output_length);
+    TEST_EQUAL(actual_status, expected_status);
+    TEST_LE_U(output_length, output_size);
+
+    /* If the label is empty, the test framework puts a non-null pointer
+     * in label->x. Test that a null pointer works as well. */
+    if (label->len == 0) {
+        output_length = ~0;
+        if (output_size != 0) {
+            memset(output, 0, output_size);
+        }
+        actual_status = psa_asymmetric_decrypt(key, alg,
+                                               input_data->x, input_data->len,
+                                               NULL, label->len,
+                                               output, output_size,
+                                               &output_length);
+        TEST_EQUAL(actual_status, expected_status);
+        TEST_LE_U(output_length, output_size);
+    }
+
+exit:
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(key);
+    mbedtls_free(output);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_derivation_init()
+{
+    /* Test each valid way of initializing the object, except for `= {0}`, as
+     * Clang 5 complains when `-Wmissing-field-initializers` is used, even
+     * though it's OK by the C standard. We could test for this, but we'd need
+     * to suppress the Clang warning for the test. */
+    size_t capacity;
+    psa_key_derivation_operation_t func = psa_key_derivation_operation_init();
+    psa_key_derivation_operation_t init = PSA_KEY_DERIVATION_OPERATION_INIT;
+    psa_key_derivation_operation_t zero;
+
+    memset(&zero, 0, sizeof(zero));
+
+    /* A default operation should not be able to report its capacity. */
+    TEST_EQUAL(psa_key_derivation_get_capacity(&func, &capacity),
+               PSA_ERROR_BAD_STATE);
+    TEST_EQUAL(psa_key_derivation_get_capacity(&init, &capacity),
+               PSA_ERROR_BAD_STATE);
+    TEST_EQUAL(psa_key_derivation_get_capacity(&zero, &capacity),
+               PSA_ERROR_BAD_STATE);
+
+    /* A default operation should be abortable without error. */
+    PSA_ASSERT(psa_key_derivation_abort(&func));
+    PSA_ASSERT(psa_key_derivation_abort(&init));
+    PSA_ASSERT(psa_key_derivation_abort(&zero));
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void derive_setup(int alg_arg, int expected_status_arg)
+{
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    TEST_EQUAL(psa_key_derivation_setup(&operation, alg),
+               expected_status);
+
+exit:
+    psa_key_derivation_abort(&operation);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void derive_set_capacity(int alg_arg, int capacity_arg,
+                         int expected_status_arg)
+{
+    psa_algorithm_t alg = alg_arg;
+    size_t capacity = capacity_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    PSA_ASSERT(psa_key_derivation_setup(&operation, alg));
+
+    TEST_EQUAL(psa_key_derivation_set_capacity(&operation, capacity),
+               expected_status);
+
+exit:
+    psa_key_derivation_abort(&operation);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void derive_input(int alg_arg,
+                  int step_arg1, int key_type_arg1, data_t *input1,
+                  int expected_status_arg1,
+                  int step_arg2, int key_type_arg2, data_t *input2,
+                  int expected_status_arg2,
+                  int step_arg3, int key_type_arg3, data_t *input3,
+                  int expected_status_arg3,
+                  int output_key_type_arg, int expected_output_status_arg)
+{
+    psa_algorithm_t alg = alg_arg;
+    psa_key_derivation_step_t steps[] = { step_arg1, step_arg2, step_arg3 };
+    psa_key_type_t key_types[] = { key_type_arg1, key_type_arg2, key_type_arg3 };
+    psa_status_t expected_statuses[] = { expected_status_arg1,
+                                         expected_status_arg2,
+                                         expected_status_arg3 };
+    data_t *inputs[] = { input1, input2, input3 };
+    mbedtls_svc_key_id_t keys[] = { MBEDTLS_SVC_KEY_ID_INIT,
+                                    MBEDTLS_SVC_KEY_ID_INIT,
+                                    MBEDTLS_SVC_KEY_ID_INIT };
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    size_t i;
+    psa_key_type_t output_key_type = output_key_type_arg;
+    mbedtls_svc_key_id_t output_key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_status_t expected_output_status = expected_output_status_arg;
+    psa_status_t actual_output_status;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE);
+    psa_set_key_algorithm(&attributes, alg);
+
+    PSA_ASSERT(psa_key_derivation_setup(&operation, alg));
+
+    for (i = 0; i < ARRAY_LENGTH(steps); i++) {
+        mbedtls_test_set_step(i);
+        if (steps[i] == 0) {
+            /* Skip this step */
+        } else if (key_types[i] != PSA_KEY_TYPE_NONE) {
+            psa_set_key_type(&attributes, key_types[i]);
+            PSA_ASSERT(psa_import_key(&attributes,
+                                      inputs[i]->x, inputs[i]->len,
+                                      &keys[i]));
+            if (PSA_KEY_TYPE_IS_KEY_PAIR(key_types[i]) &&
+                steps[i] == PSA_KEY_DERIVATION_INPUT_SECRET) {
+                // When taking a private key as secret input, use key agreement
+                // to add the shared secret to the derivation
+                TEST_EQUAL(mbedtls_test_psa_key_agreement_with_self(
+                               &operation, keys[i]),
+                           expected_statuses[i]);
+            } else {
+                TEST_EQUAL(psa_key_derivation_input_key(&operation, steps[i],
+                                                        keys[i]),
+                           expected_statuses[i]);
+            }
+        } else {
+            TEST_EQUAL(psa_key_derivation_input_bytes(
+                           &operation, steps[i],
+                           inputs[i]->x, inputs[i]->len),
+                       expected_statuses[i]);
+        }
+    }
+
+    if (output_key_type != PSA_KEY_TYPE_NONE) {
+        psa_reset_key_attributes(&attributes);
+        psa_set_key_type(&attributes, output_key_type);
+        psa_set_key_bits(&attributes, 8);
+        actual_output_status =
+            psa_key_derivation_output_key(&attributes, &operation,
+                                          &output_key);
+    } else {
+        uint8_t buffer[1];
+        actual_output_status =
+            psa_key_derivation_output_bytes(&operation,
+                                            buffer, sizeof(buffer));
+    }
+    TEST_EQUAL(actual_output_status, expected_output_status);
+
+exit:
+    psa_key_derivation_abort(&operation);
+    for (i = 0; i < ARRAY_LENGTH(keys); i++) {
+        psa_destroy_key(keys[i]);
+    }
+    psa_destroy_key(output_key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void derive_over_capacity(int alg_arg)
+{
+    psa_algorithm_t alg = alg_arg;
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    size_t key_type = PSA_KEY_TYPE_DERIVE;
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+    unsigned char input1[] = "Input 1";
+    size_t input1_length = sizeof(input1);
+    unsigned char input2[] = "Input 2";
+    size_t input2_length = sizeof(input2);
+    uint8_t buffer[42];
+    size_t capacity = sizeof(buffer);
+    const uint8_t key_data[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+                                   0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+                                   0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b };
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes,
+                              key_data, sizeof(key_data),
+                              &key));
+
+    /* valid key derivation */
+    if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, key, alg,
+                                                    input1, input1_length,
+                                                    input2, input2_length,
+                                                    capacity)) {
+        goto exit;
+    }
+
+    /* state of operation shouldn't allow additional generation */
+    TEST_EQUAL(psa_key_derivation_setup(&operation, alg),
+               PSA_ERROR_BAD_STATE);
+
+    PSA_ASSERT(psa_key_derivation_output_bytes(&operation, buffer, capacity));
+
+    TEST_EQUAL(psa_key_derivation_output_bytes(&operation, buffer, capacity),
+               PSA_ERROR_INSUFFICIENT_DATA);
+
+exit:
+    psa_key_derivation_abort(&operation);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void derive_actions_without_setup()
+{
+    uint8_t output_buffer[16];
+    size_t buffer_size = 16;
+    size_t capacity = 0;
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+
+    TEST_ASSERT(psa_key_derivation_output_bytes(&operation,
+                                                output_buffer, buffer_size)
+                == PSA_ERROR_BAD_STATE);
+
+    TEST_ASSERT(psa_key_derivation_get_capacity(&operation, &capacity)
+                == PSA_ERROR_BAD_STATE);
+
+    PSA_ASSERT(psa_key_derivation_abort(&operation));
+
+    TEST_ASSERT(psa_key_derivation_output_bytes(&operation,
+                                                output_buffer, buffer_size)
+                == PSA_ERROR_BAD_STATE);
+
+    TEST_ASSERT(psa_key_derivation_get_capacity(&operation, &capacity)
+                == PSA_ERROR_BAD_STATE);
+
+exit:
+    psa_key_derivation_abort(&operation);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void derive_output(int alg_arg,
+                   int step1_arg, data_t *input1,
+                   int step2_arg, data_t *input2,
+                   int step3_arg, data_t *input3,
+                   int requested_capacity_arg,
+                   data_t *expected_output1,
+                   data_t *expected_output2)
+{
+    psa_algorithm_t alg = alg_arg;
+    psa_key_derivation_step_t steps[] = { step1_arg, step2_arg, step3_arg };
+    data_t *inputs[] = { input1, input2, input3 };
+    mbedtls_svc_key_id_t keys[] = { MBEDTLS_SVC_KEY_ID_INIT,
+                                    MBEDTLS_SVC_KEY_ID_INIT,
+                                    MBEDTLS_SVC_KEY_ID_INIT };
+    size_t requested_capacity = requested_capacity_arg;
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+    uint8_t *expected_outputs[2] =
+    { expected_output1->x, expected_output2->x };
+    size_t output_sizes[2] =
+    { expected_output1->len, expected_output2->len };
+    size_t output_buffer_size = 0;
+    uint8_t *output_buffer = NULL;
+    size_t expected_capacity;
+    size_t current_capacity;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_status_t status;
+    size_t i;
+
+    for (i = 0; i < ARRAY_LENGTH(expected_outputs); i++) {
+        if (output_sizes[i] > output_buffer_size) {
+            output_buffer_size = output_sizes[i];
+        }
+        if (output_sizes[i] == 0) {
+            expected_outputs[i] = NULL;
+        }
+    }
+    TEST_CALLOC(output_buffer, output_buffer_size);
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE);
+
+    /* Extraction phase. */
+    PSA_ASSERT(psa_key_derivation_setup(&operation, alg));
+    PSA_ASSERT(psa_key_derivation_set_capacity(&operation,
+                                               requested_capacity));
+    for (i = 0; i < ARRAY_LENGTH(steps); i++) {
+        switch (steps[i]) {
+            case 0:
+                break;
+            case PSA_KEY_DERIVATION_INPUT_SECRET:
+                PSA_ASSERT(psa_import_key(&attributes,
+                                          inputs[i]->x, inputs[i]->len,
+                                          &keys[i]));
+
+                if (PSA_ALG_IS_TLS12_PSK_TO_MS(alg)) {
+                    PSA_ASSERT(psa_get_key_attributes(keys[i], &attributes));
+                    TEST_ASSERT(PSA_BITS_TO_BYTES(psa_get_key_bits(&attributes)) <=
+                                PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE);
+                }
+
+                PSA_ASSERT(psa_key_derivation_input_key(
+                               &operation, steps[i], keys[i]));
+                break;
+            default:
+                PSA_ASSERT(psa_key_derivation_input_bytes(
+                               &operation, steps[i],
+                               inputs[i]->x, inputs[i]->len));
+                break;
+        }
+    }
+
+    PSA_ASSERT(psa_key_derivation_get_capacity(&operation,
+                                               &current_capacity));
+    TEST_EQUAL(current_capacity, requested_capacity);
+    expected_capacity = requested_capacity;
+
+    /* Expansion phase. */
+    for (i = 0; i < ARRAY_LENGTH(expected_outputs); i++) {
+        /* Read some bytes. */
+        status = psa_key_derivation_output_bytes(&operation,
+                                                 output_buffer, output_sizes[i]);
+        if (expected_capacity == 0 && output_sizes[i] == 0) {
+            /* Reading 0 bytes when 0 bytes are available can go either way. */
+            TEST_ASSERT(status == PSA_SUCCESS ||
+                        status == PSA_ERROR_INSUFFICIENT_DATA);
+            continue;
+        } else if (expected_capacity == 0 ||
+                   output_sizes[i] > expected_capacity) {
+            /* Capacity exceeded. */
+            TEST_EQUAL(status, PSA_ERROR_INSUFFICIENT_DATA);
+            expected_capacity = 0;
+            continue;
+        }
+        /* Success. Check the read data. */
+        PSA_ASSERT(status);
+        if (output_sizes[i] != 0) {
+            TEST_MEMORY_COMPARE(output_buffer, output_sizes[i],
+                                expected_outputs[i], output_sizes[i]);
+        }
+        /* Check the operation status. */
+        expected_capacity -= output_sizes[i];
+        PSA_ASSERT(psa_key_derivation_get_capacity(&operation,
+                                                   &current_capacity));
+        TEST_EQUAL(expected_capacity, current_capacity);
+    }
+    PSA_ASSERT(psa_key_derivation_abort(&operation));
+
+exit:
+    mbedtls_free(output_buffer);
+    psa_key_derivation_abort(&operation);
+    for (i = 0; i < ARRAY_LENGTH(keys); i++) {
+        psa_destroy_key(keys[i]);
+    }
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void derive_full(int alg_arg,
+                 data_t *key_data,
+                 data_t *input1,
+                 data_t *input2,
+                 int requested_capacity_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_algorithm_t alg = alg_arg;
+    size_t requested_capacity = requested_capacity_arg;
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+    unsigned char output_buffer[16];
+    size_t expected_capacity = requested_capacity;
+    size_t current_capacity;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, key, alg,
+                                                    input1->x, input1->len,
+                                                    input2->x, input2->len,
+                                                    requested_capacity)) {
+        goto exit;
+    }
+
+    PSA_ASSERT(psa_key_derivation_get_capacity(&operation,
+                                               &current_capacity));
+    TEST_EQUAL(current_capacity, expected_capacity);
+
+    /* Expansion phase. */
+    while (current_capacity > 0) {
+        size_t read_size = sizeof(output_buffer);
+        if (read_size > current_capacity) {
+            read_size = current_capacity;
+        }
+        PSA_ASSERT(psa_key_derivation_output_bytes(&operation,
+                                                   output_buffer,
+                                                   read_size));
+        expected_capacity -= read_size;
+        PSA_ASSERT(psa_key_derivation_get_capacity(&operation,
+                                                   &current_capacity));
+        TEST_EQUAL(current_capacity, expected_capacity);
+    }
+
+    /* Check that the operation refuses to go over capacity. */
+    TEST_EQUAL(psa_key_derivation_output_bytes(&operation, output_buffer, 1),
+               PSA_ERROR_INSUFFICIENT_DATA);
+
+    PSA_ASSERT(psa_key_derivation_abort(&operation));
+
+exit:
+    psa_key_derivation_abort(&operation);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void derive_key_exercise(int alg_arg,
+                         data_t *key_data,
+                         data_t *input1,
+                         data_t *input2,
+                         int derived_type_arg,
+                         int derived_bits_arg,
+                         int derived_usage_arg,
+                         int derived_alg_arg)
+{
+    mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT;
+    mbedtls_svc_key_id_t derived_key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_type_t derived_type = derived_type_arg;
+    size_t derived_bits = derived_bits_arg;
+    psa_key_usage_t derived_usage = derived_usage_arg;
+    psa_algorithm_t derived_alg = derived_alg_arg;
+    size_t capacity = PSA_BITS_TO_BYTES(derived_bits);
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE);
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &base_key));
+
+    /* Derive a key. */
+    if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, base_key, alg,
+                                                    input1->x, input1->len,
+                                                    input2->x, input2->len,
+                                                    capacity)) {
+        goto exit;
+    }
+
+    psa_set_key_usage_flags(&attributes, derived_usage);
+    psa_set_key_algorithm(&attributes, derived_alg);
+    psa_set_key_type(&attributes, derived_type);
+    psa_set_key_bits(&attributes, derived_bits);
+    PSA_ASSERT(psa_key_derivation_output_key(&attributes, &operation,
+                                             &derived_key));
+
+    /* Test the key information */
+    PSA_ASSERT(psa_get_key_attributes(derived_key, &got_attributes));
+    TEST_EQUAL(psa_get_key_type(&got_attributes), derived_type);
+    TEST_EQUAL(psa_get_key_bits(&got_attributes), derived_bits);
+
+    /* Exercise the derived key. */
+    if (!mbedtls_test_psa_exercise_key(derived_key, derived_usage, derived_alg)) {
+        goto exit;
+    }
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&got_attributes);
+
+    psa_key_derivation_abort(&operation);
+    psa_destroy_key(base_key);
+    psa_destroy_key(derived_key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void derive_key_export(int alg_arg,
+                       data_t *key_data,
+                       data_t *input1,
+                       data_t *input2,
+                       int bytes1_arg,
+                       int bytes2_arg)
+{
+    mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT;
+    mbedtls_svc_key_id_t derived_key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_algorithm_t alg = alg_arg;
+    size_t bytes1 = bytes1_arg;
+    size_t bytes2 = bytes2_arg;
+    size_t capacity = bytes1 + bytes2;
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+    uint8_t *output_buffer = NULL;
+    uint8_t *export_buffer = NULL;
+    psa_key_attributes_t base_attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_attributes_t derived_attributes = PSA_KEY_ATTRIBUTES_INIT;
+    size_t length;
+
+    TEST_CALLOC(output_buffer, capacity);
+    TEST_CALLOC(export_buffer, capacity);
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&base_attributes, PSA_KEY_USAGE_DERIVE);
+    psa_set_key_algorithm(&base_attributes, alg);
+    psa_set_key_type(&base_attributes, PSA_KEY_TYPE_DERIVE);
+    PSA_ASSERT(psa_import_key(&base_attributes, key_data->x, key_data->len,
+                              &base_key));
+
+    /* Derive some material and output it. */
+    if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, base_key, alg,
+                                                    input1->x, input1->len,
+                                                    input2->x, input2->len,
+                                                    capacity)) {
+        goto exit;
+    }
+
+    PSA_ASSERT(psa_key_derivation_output_bytes(&operation,
+                                               output_buffer,
+                                               capacity));
+    PSA_ASSERT(psa_key_derivation_abort(&operation));
+
+    /* Derive the same output again, but this time store it in key objects. */
+    if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, base_key, alg,
+                                                    input1->x, input1->len,
+                                                    input2->x, input2->len,
+                                                    capacity)) {
+        goto exit;
+    }
+
+    psa_set_key_usage_flags(&derived_attributes, PSA_KEY_USAGE_EXPORT);
+    psa_set_key_algorithm(&derived_attributes, 0);
+    psa_set_key_type(&derived_attributes, PSA_KEY_TYPE_RAW_DATA);
+    psa_set_key_bits(&derived_attributes, PSA_BYTES_TO_BITS(bytes1));
+    PSA_ASSERT(psa_key_derivation_output_key(&derived_attributes, &operation,
+                                             &derived_key));
+    PSA_ASSERT(psa_export_key(derived_key,
+                              export_buffer, bytes1,
+                              &length));
+    TEST_EQUAL(length, bytes1);
+    PSA_ASSERT(psa_destroy_key(derived_key));
+    psa_set_key_bits(&derived_attributes, PSA_BYTES_TO_BITS(bytes2));
+    PSA_ASSERT(psa_key_derivation_output_key(&derived_attributes, &operation,
+                                             &derived_key));
+    PSA_ASSERT(psa_export_key(derived_key,
+                              export_buffer + bytes1, bytes2,
+                              &length));
+    TEST_EQUAL(length, bytes2);
+
+    /* Compare the outputs from the two runs. */
+    TEST_MEMORY_COMPARE(output_buffer, bytes1 + bytes2,
+                        export_buffer, capacity);
+
+exit:
+    mbedtls_free(output_buffer);
+    mbedtls_free(export_buffer);
+    psa_key_derivation_abort(&operation);
+    psa_destroy_key(base_key);
+    psa_destroy_key(derived_key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void derive_key(int alg_arg,
+                data_t *key_data, data_t *input1, data_t *input2,
+                int type_arg, int bits_arg,
+                int expected_status_arg,
+                int is_large_output)
+{
+    mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT;
+    mbedtls_svc_key_id_t derived_key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_type_t type = type_arg;
+    size_t bits = bits_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+    psa_key_attributes_t base_attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_attributes_t derived_attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&base_attributes, PSA_KEY_USAGE_DERIVE);
+    psa_set_key_algorithm(&base_attributes, alg);
+    psa_set_key_type(&base_attributes, PSA_KEY_TYPE_DERIVE);
+    PSA_ASSERT(psa_import_key(&base_attributes, key_data->x, key_data->len,
+                              &base_key));
+
+    if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, base_key, alg,
+                                                    input1->x, input1->len,
+                                                    input2->x, input2->len,
+                                                    SIZE_MAX)) {
+        goto exit;
+    }
+
+    psa_set_key_usage_flags(&derived_attributes, PSA_KEY_USAGE_EXPORT);
+    psa_set_key_algorithm(&derived_attributes, 0);
+    psa_set_key_type(&derived_attributes, type);
+    psa_set_key_bits(&derived_attributes, bits);
+
+    psa_status_t status =
+        psa_key_derivation_output_key(&derived_attributes,
+                                      &operation,
+                                      &derived_key);
+    if (is_large_output > 0) {
+        TEST_ASSUME(status != PSA_ERROR_INSUFFICIENT_MEMORY);
+    }
+    TEST_EQUAL(status, expected_status);
+
+exit:
+    psa_key_derivation_abort(&operation);
+    psa_destroy_key(base_key);
+    psa_destroy_key(derived_key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_agreement_setup(int alg_arg,
+                         int our_key_type_arg, int our_key_alg_arg,
+                         data_t *our_key_data, data_t *peer_key_data,
+                         int expected_status_arg)
+{
+    mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_algorithm_t alg = alg_arg;
+    psa_algorithm_t our_key_alg = our_key_alg_arg;
+    psa_key_type_t our_key_type = our_key_type_arg;
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_status_t expected_status = expected_status_arg;
+    psa_status_t status;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE);
+    psa_set_key_algorithm(&attributes, our_key_alg);
+    psa_set_key_type(&attributes, our_key_type);
+    PSA_ASSERT(psa_import_key(&attributes,
+                              our_key_data->x, our_key_data->len,
+                              &our_key));
+
+    /* The tests currently include inputs that should fail at either step.
+     * Test cases that fail at the setup step should be changed to call
+     * key_derivation_setup instead, and this function should be renamed
+     * to key_agreement_fail. */
+    status = psa_key_derivation_setup(&operation, alg);
+    if (status == PSA_SUCCESS) {
+        TEST_EQUAL(psa_key_derivation_key_agreement(
+                       &operation, PSA_KEY_DERIVATION_INPUT_SECRET,
+                       our_key,
+                       peer_key_data->x, peer_key_data->len),
+                   expected_status);
+    } else {
+        TEST_ASSERT(status == expected_status);
+    }
+
+exit:
+    psa_key_derivation_abort(&operation);
+    psa_destroy_key(our_key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void raw_key_agreement(int alg_arg,
+                       int our_key_type_arg, data_t *our_key_data,
+                       data_t *peer_key_data,
+                       data_t *expected_output)
+{
+    mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_type_t our_key_type = our_key_type_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    unsigned char *output = NULL;
+    size_t output_length = ~0;
+    size_t key_bits;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, our_key_type);
+    PSA_ASSERT(psa_import_key(&attributes,
+                              our_key_data->x, our_key_data->len,
+                              &our_key));
+
+    PSA_ASSERT(psa_get_key_attributes(our_key, &attributes));
+    key_bits = psa_get_key_bits(&attributes);
+
+    /* Validate size macros */
+    TEST_LE_U(expected_output->len,
+              PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(our_key_type, key_bits));
+    TEST_LE_U(PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(our_key_type, key_bits),
+              PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE);
+
+    /* Good case with exact output size */
+    TEST_CALLOC(output, expected_output->len);
+    PSA_ASSERT(psa_raw_key_agreement(alg, our_key,
+                                     peer_key_data->x, peer_key_data->len,
+                                     output, expected_output->len,
+                                     &output_length));
+    TEST_MEMORY_COMPARE(output, output_length,
+                        expected_output->x, expected_output->len);
+    mbedtls_free(output);
+    output = NULL;
+    output_length = ~0;
+
+    /* Larger buffer */
+    TEST_CALLOC(output, expected_output->len + 1);
+    PSA_ASSERT(psa_raw_key_agreement(alg, our_key,
+                                     peer_key_data->x, peer_key_data->len,
+                                     output, expected_output->len + 1,
+                                     &output_length));
+    TEST_MEMORY_COMPARE(output, output_length,
+                        expected_output->x, expected_output->len);
+    mbedtls_free(output);
+    output = NULL;
+    output_length = ~0;
+
+    /* Buffer too small */
+    TEST_CALLOC(output, expected_output->len - 1);
+    TEST_EQUAL(psa_raw_key_agreement(alg, our_key,
+                                     peer_key_data->x, peer_key_data->len,
+                                     output, expected_output->len - 1,
+                                     &output_length),
+               PSA_ERROR_BUFFER_TOO_SMALL);
+    /* Not required by the spec, but good robustness */
+    TEST_LE_U(output_length, expected_output->len - 1);
+    mbedtls_free(output);
+    output = NULL;
+
+exit:
+    mbedtls_free(output);
+    psa_destroy_key(our_key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_agreement_capacity(int alg_arg,
+                            int our_key_type_arg, data_t *our_key_data,
+                            data_t *peer_key_data,
+                            int expected_capacity_arg)
+{
+    mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_type_t our_key_type = our_key_type_arg;
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    size_t actual_capacity;
+    unsigned char output[16];
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, our_key_type);
+    PSA_ASSERT(psa_import_key(&attributes,
+                              our_key_data->x, our_key_data->len,
+                              &our_key));
+
+    PSA_ASSERT(psa_key_derivation_setup(&operation, alg));
+    PSA_ASSERT(psa_key_derivation_key_agreement(
+                   &operation,
+                   PSA_KEY_DERIVATION_INPUT_SECRET, our_key,
+                   peer_key_data->x, peer_key_data->len));
+    if (PSA_ALG_IS_HKDF(PSA_ALG_KEY_AGREEMENT_GET_KDF(alg))) {
+        /* The test data is for info="" */
+        PSA_ASSERT(psa_key_derivation_input_bytes(&operation,
+                                                  PSA_KEY_DERIVATION_INPUT_INFO,
+                                                  NULL, 0));
+    }
+
+    /* Test the advertised capacity. */
+    PSA_ASSERT(psa_key_derivation_get_capacity(
+                   &operation, &actual_capacity));
+    TEST_EQUAL(actual_capacity, (size_t) expected_capacity_arg);
+
+    /* Test the actual capacity by reading the output. */
+    while (actual_capacity > sizeof(output)) {
+        PSA_ASSERT(psa_key_derivation_output_bytes(&operation,
+                                                   output, sizeof(output)));
+        actual_capacity -= sizeof(output);
+    }
+    PSA_ASSERT(psa_key_derivation_output_bytes(&operation,
+                                               output, actual_capacity));
+    TEST_EQUAL(psa_key_derivation_output_bytes(&operation, output, 1),
+               PSA_ERROR_INSUFFICIENT_DATA);
+
+exit:
+    psa_key_derivation_abort(&operation);
+    psa_destroy_key(our_key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_agreement_output(int alg_arg,
+                          int our_key_type_arg, data_t *our_key_data,
+                          data_t *peer_key_data,
+                          data_t *expected_output1, data_t *expected_output2)
+{
+    mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_type_t our_key_type = our_key_type_arg;
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    uint8_t *actual_output = NULL;
+
+    TEST_CALLOC(actual_output, MAX(expected_output1->len,
+                                   expected_output2->len));
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, our_key_type);
+    PSA_ASSERT(psa_import_key(&attributes,
+                              our_key_data->x, our_key_data->len,
+                              &our_key));
+
+    PSA_ASSERT(psa_key_derivation_setup(&operation, alg));
+    PSA_ASSERT(psa_key_derivation_key_agreement(
+                   &operation,
+                   PSA_KEY_DERIVATION_INPUT_SECRET, our_key,
+                   peer_key_data->x, peer_key_data->len));
+    if (PSA_ALG_IS_HKDF(PSA_ALG_KEY_AGREEMENT_GET_KDF(alg))) {
+        /* The test data is for info="" */
+        PSA_ASSERT(psa_key_derivation_input_bytes(&operation,
+                                                  PSA_KEY_DERIVATION_INPUT_INFO,
+                                                  NULL, 0));
+    }
+
+    PSA_ASSERT(psa_key_derivation_output_bytes(&operation,
+                                               actual_output,
+                                               expected_output1->len));
+    TEST_MEMORY_COMPARE(actual_output, expected_output1->len,
+                        expected_output1->x, expected_output1->len);
+    if (expected_output2->len != 0) {
+        PSA_ASSERT(psa_key_derivation_output_bytes(&operation,
+                                                   actual_output,
+                                                   expected_output2->len));
+        TEST_MEMORY_COMPARE(actual_output, expected_output2->len,
+                            expected_output2->x, expected_output2->len);
+    }
+
+exit:
+    psa_key_derivation_abort(&operation);
+    psa_destroy_key(our_key);
+    PSA_DONE();
+    mbedtls_free(actual_output);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void generate_random(int bytes_arg)
+{
+    size_t bytes = bytes_arg;
+    unsigned char *output = NULL;
+    unsigned char *changed = NULL;
+    size_t i;
+    unsigned run;
+
+    TEST_ASSERT(bytes_arg >= 0);
+
+    TEST_CALLOC(output, bytes);
+    TEST_CALLOC(changed, bytes);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    /* Run several times, to ensure that every output byte will be
+     * nonzero at least once with overwhelming probability
+     * (2^(-8*number_of_runs)). */
+    for (run = 0; run < 10; run++) {
+        if (bytes != 0) {
+            memset(output, 0, bytes);
+        }
+        PSA_ASSERT(psa_generate_random(output, bytes));
+
+        for (i = 0; i < bytes; i++) {
+            if (output[i] != 0) {
+                ++changed[i];
+            }
+        }
+    }
+
+    /* Check that every byte was changed to nonzero at least once. This
+     * validates that psa_generate_random is overwriting every byte of
+     * the output buffer. */
+    for (i = 0; i < bytes; i++) {
+        TEST_ASSERT(changed[i] != 0);
+    }
+
+exit:
+    PSA_DONE();
+    mbedtls_free(output);
+    mbedtls_free(changed);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void generate_key(int type_arg,
+                  int bits_arg,
+                  int usage_arg,
+                  int alg_arg,
+                  int expected_status_arg,
+                  int is_large_key)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t type = type_arg;
+    psa_key_usage_t usage = usage_arg;
+    size_t bits = bits_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, usage);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, type);
+    psa_set_key_bits(&attributes, bits);
+
+    /* Generate a key */
+    psa_status_t status = psa_generate_key(&attributes, &key);
+
+    if (is_large_key > 0) {
+        TEST_ASSUME(status != PSA_ERROR_INSUFFICIENT_MEMORY);
+    }
+    TEST_EQUAL(status, expected_status);
+    if (expected_status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    /* Test the key information */
+    PSA_ASSERT(psa_get_key_attributes(key, &got_attributes));
+    TEST_EQUAL(psa_get_key_type(&got_attributes), type);
+    TEST_EQUAL(psa_get_key_bits(&got_attributes), bits);
+
+    /* Do something with the key according to its type and permitted usage. */
+    if (!mbedtls_test_psa_exercise_key(key, usage, alg)) {
+        goto exit;
+    }
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&got_attributes);
+
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:MBEDTLS_GENPRIME */
+void generate_key_rsa(int bits_arg,
+                      data_t *e_arg,
+                      int expected_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t type = PSA_KEY_TYPE_RSA_KEY_PAIR;
+    size_t bits = bits_arg;
+    psa_key_usage_t usage = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT;
+    psa_algorithm_t alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW;
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    uint8_t *exported = NULL;
+    size_t exported_size =
+        PSA_EXPORT_KEY_OUTPUT_SIZE(PSA_KEY_TYPE_RSA_PUBLIC_KEY, bits);
+    size_t exported_length = SIZE_MAX;
+    uint8_t *e_read_buffer = NULL;
+    int is_default_public_exponent = 0;
+    size_t e_read_size = PSA_KEY_DOMAIN_PARAMETERS_SIZE(type, bits);
+    size_t e_read_length = SIZE_MAX;
+
+    if (e_arg->len == 0 ||
+        (e_arg->len == 3 &&
+         e_arg->x[0] == 1 && e_arg->x[1] == 0 && e_arg->x[2] == 1)) {
+        is_default_public_exponent = 1;
+        e_read_size = 0;
+    }
+    TEST_CALLOC(e_read_buffer, e_read_size);
+    TEST_CALLOC(exported, exported_size);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, usage);
+    psa_set_key_algorithm(&attributes, alg);
+    PSA_ASSERT(psa_set_key_domain_parameters(&attributes, type,
+                                             e_arg->x, e_arg->len));
+    psa_set_key_bits(&attributes, bits);
+
+    /* Generate a key */
+    TEST_EQUAL(psa_generate_key(&attributes, &key), expected_status);
+    if (expected_status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    /* Test the key information */
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    TEST_EQUAL(psa_get_key_type(&attributes), type);
+    TEST_EQUAL(psa_get_key_bits(&attributes), bits);
+    PSA_ASSERT(psa_get_key_domain_parameters(&attributes,
+                                             e_read_buffer, e_read_size,
+                                             &e_read_length));
+    if (is_default_public_exponent) {
+        TEST_EQUAL(e_read_length, 0);
+    } else {
+        TEST_MEMORY_COMPARE(e_read_buffer, e_read_length, e_arg->x, e_arg->len);
+    }
+
+    /* Do something with the key according to its type and permitted usage. */
+    if (!mbedtls_test_psa_exercise_key(key, usage, alg)) {
+        goto exit;
+    }
+
+    /* Export the key and check the public exponent. */
+    PSA_ASSERT(psa_export_public_key(key,
+                                     exported, exported_size,
+                                     &exported_length));
+    {
+        uint8_t *p = exported;
+        uint8_t *end = exported + exported_length;
+        size_t len;
+        /*   RSAPublicKey ::= SEQUENCE {
+         *      modulus            INTEGER,    -- n
+         *      publicExponent     INTEGER  }  -- e
+         */
+        TEST_EQUAL(0, mbedtls_asn1_get_tag(&p, end, &len,
+                                           MBEDTLS_ASN1_SEQUENCE |
+                                           MBEDTLS_ASN1_CONSTRUCTED));
+        TEST_ASSERT(mbedtls_test_asn1_skip_integer(&p, end, bits, bits, 1));
+        TEST_EQUAL(0, mbedtls_asn1_get_tag(&p, end, &len,
+                                           MBEDTLS_ASN1_INTEGER));
+        if (len >= 1 && p[0] == 0) {
+            ++p;
+            --len;
+        }
+        if (e_arg->len == 0) {
+            TEST_EQUAL(len, 3);
+            TEST_EQUAL(p[0], 1);
+            TEST_EQUAL(p[1], 0);
+            TEST_EQUAL(p[2], 1);
+        } else {
+            TEST_MEMORY_COMPARE(p, len, e_arg->x, e_arg->len);
+        }
+    }
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes() or
+     * set by psa_set_key_domain_parameters() thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    psa_destroy_key(key);
+    PSA_DONE();
+    mbedtls_free(e_read_buffer);
+    mbedtls_free(exported);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
+void persistent_key_load_key_from_storage(data_t *data,
+                                          int type_arg, int bits_arg,
+                                          int usage_flags_arg, int alg_arg,
+                                          int generation_method)
+{
+    mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(1, 1);
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t type = type_arg;
+    size_t bits = bits_arg;
+    psa_key_usage_t usage_flags = usage_flags_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+    unsigned char *first_export = NULL;
+    unsigned char *second_export = NULL;
+    size_t export_size = PSA_EXPORT_KEY_OUTPUT_SIZE(type, bits);
+    size_t first_exported_length;
+    size_t second_exported_length;
+
+    if (usage_flags & PSA_KEY_USAGE_EXPORT) {
+        TEST_CALLOC(first_export, export_size);
+        TEST_CALLOC(second_export, export_size);
+    }
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_id(&attributes, key_id);
+    psa_set_key_usage_flags(&attributes, usage_flags);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, type);
+    psa_set_key_bits(&attributes, bits);
+
+    switch (generation_method) {
+        case IMPORT_KEY:
+            /* Import the key */
+            PSA_ASSERT(psa_import_key(&attributes, data->x, data->len,
+                                      &key));
+            break;
+
+        case GENERATE_KEY:
+            /* Generate a key */
+            PSA_ASSERT(psa_generate_key(&attributes, &key));
+            break;
+
+        case DERIVE_KEY:
+#if defined(PSA_WANT_ALG_HKDF) && defined(PSA_WANT_ALG_SHA_256)
+        {
+            /* Create base key */
+            psa_algorithm_t derive_alg = PSA_ALG_HKDF(PSA_ALG_SHA_256);
+            psa_key_attributes_t base_attributes = PSA_KEY_ATTRIBUTES_INIT;
+            psa_set_key_usage_flags(&base_attributes,
+                                    PSA_KEY_USAGE_DERIVE);
+            psa_set_key_algorithm(&base_attributes, derive_alg);
+            psa_set_key_type(&base_attributes, PSA_KEY_TYPE_DERIVE);
+            PSA_ASSERT(psa_import_key(&base_attributes,
+                                      data->x, data->len,
+                                      &base_key));
+            /* Derive a key. */
+            PSA_ASSERT(psa_key_derivation_setup(&operation, derive_alg));
+            PSA_ASSERT(psa_key_derivation_input_key(
+                           &operation,
+                           PSA_KEY_DERIVATION_INPUT_SECRET, base_key));
+            PSA_ASSERT(psa_key_derivation_input_bytes(
+                           &operation, PSA_KEY_DERIVATION_INPUT_INFO,
+                           NULL, 0));
+            PSA_ASSERT(psa_key_derivation_output_key(&attributes,
+                                                     &operation,
+                                                     &key));
+            PSA_ASSERT(psa_key_derivation_abort(&operation));
+            PSA_ASSERT(psa_destroy_key(base_key));
+            base_key = MBEDTLS_SVC_KEY_ID_INIT;
+        }
+#else
+            TEST_ASSUME(!"KDF not supported in this configuration");
+#endif
+            break;
+
+        default:
+            TEST_FAIL("generation_method not implemented in test");
+            break;
+    }
+    psa_reset_key_attributes(&attributes);
+
+    /* Export the key if permitted by the key policy. */
+    if (usage_flags & PSA_KEY_USAGE_EXPORT) {
+        PSA_ASSERT(psa_export_key(key,
+                                  first_export, export_size,
+                                  &first_exported_length));
+        if (generation_method == IMPORT_KEY) {
+            TEST_MEMORY_COMPARE(data->x, data->len,
+                                first_export, first_exported_length);
+        }
+    }
+
+    /* Shutdown and restart */
+    PSA_ASSERT(psa_purge_key(key));
+    PSA_DONE();
+    PSA_ASSERT(psa_crypto_init());
+
+    /* Check key slot still contains key data */
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    TEST_ASSERT(mbedtls_svc_key_id_equal(
+                    psa_get_key_id(&attributes), key_id));
+    TEST_EQUAL(psa_get_key_lifetime(&attributes),
+               PSA_KEY_LIFETIME_PERSISTENT);
+    TEST_EQUAL(psa_get_key_type(&attributes), type);
+    TEST_EQUAL(psa_get_key_bits(&attributes), bits);
+    TEST_EQUAL(psa_get_key_usage_flags(&attributes),
+               mbedtls_test_update_key_usage_flags(usage_flags));
+    TEST_EQUAL(psa_get_key_algorithm(&attributes), alg);
+
+    /* Export the key again if permitted by the key policy. */
+    if (usage_flags & PSA_KEY_USAGE_EXPORT) {
+        PSA_ASSERT(psa_export_key(key,
+                                  second_export, export_size,
+                                  &second_exported_length));
+        TEST_MEMORY_COMPARE(first_export, first_exported_length,
+                            second_export, second_exported_length);
+    }
+
+    /* Do something with the key according to its type and permitted usage. */
+    if (!mbedtls_test_psa_exercise_key(key, usage_flags, alg)) {
+        goto exit;
+    }
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    mbedtls_free(first_export);
+    mbedtls_free(second_export);
+    psa_key_derivation_abort(&operation);
+    psa_destroy_key(base_key);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_attributes.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_attributes.data
new file mode 100644
index 0000000..a710971
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_attributes.data
@@ -0,0 +1,27 @@
+PSA key attributes structure
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+attributes_set_get:0xffff1234:0x6963:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:128
+
+PSA key attributes: id only
+persistence_attributes:0x1234:0x5678:-1:-1:0:0x1234:0x5678:PSA_KEY_LIFETIME_PERSISTENT
+
+PSA key attributes: lifetime=3 only
+persistence_attributes:-1:0:3:-1:0:0:0:3
+
+PSA key attributes: id then back to volatile
+persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_VOLATILE:-1:0:0:0x5678:PSA_KEY_LIFETIME_VOLATILE
+
+PSA key attributes: id then back to non local volatile
+persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,1):-1:0:0:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,1)
+
+PSA key attributes: id then lifetime
+persistence_attributes:0x1234:0x5678:3:-1:0:0x1234:0x5678:3
+
+PSA key attributes: lifetime then id
+persistence_attributes:0x1234:0x5678:3:0x1235:0x5679:0x1235:0x5679:3
+
+PSA key attributes: non local volatile lifetime then id
+persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,3):0x1235:0x5679:0x1235:0x5679:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_PERSISTENT,3)
+
+PSA key attributes: slot number
+slot_number_attribute:
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_attributes.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_attributes.function
new file mode 100644
index 0000000..c933cb7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_attributes.function
@@ -0,0 +1,132 @@
+/* BEGIN_HEADER */
+#include "psa/crypto.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_CLIENT
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void attributes_set_get(int owner_id_arg, int id_arg, int lifetime_arg,
+                        int usage_flags_arg, int alg_arg,
+                        int type_arg, int bits_arg)
+{
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(owner_id_arg, id_arg);
+    psa_key_lifetime_t lifetime = lifetime_arg;
+    psa_key_usage_t usage_flags = usage_flags_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_type_t type = type_arg;
+    size_t bits = bits_arg;
+
+    TEST_EQUAL(
+        MBEDTLS_SVC_KEY_ID_GET_KEY_ID(psa_get_key_id(&attributes)), 0);
+    TEST_EQUAL(
+        MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(psa_get_key_id(&attributes)), 0);
+    TEST_EQUAL(psa_get_key_lifetime(&attributes), 0);
+    TEST_EQUAL(psa_get_key_usage_flags(&attributes), 0);
+    TEST_EQUAL(psa_get_key_algorithm(&attributes), 0);
+    TEST_EQUAL(psa_get_key_type(&attributes), 0);
+    TEST_EQUAL(psa_get_key_bits(&attributes), 0);
+
+    psa_set_key_id(&attributes, id);
+    psa_set_key_lifetime(&attributes, lifetime);
+    psa_set_key_usage_flags(&attributes, usage_flags);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, type);
+    psa_set_key_bits(&attributes, bits);
+
+    TEST_ASSERT(mbedtls_svc_key_id_equal(
+                    psa_get_key_id(&attributes), id));
+    TEST_EQUAL(psa_get_key_lifetime(&attributes), lifetime);
+    TEST_EQUAL(psa_get_key_usage_flags(&attributes), usage_flags);
+    TEST_EQUAL(psa_get_key_algorithm(&attributes), alg);
+    TEST_EQUAL(psa_get_key_type(&attributes), type);
+    TEST_EQUAL(psa_get_key_bits(&attributes), bits);
+
+    psa_reset_key_attributes(&attributes);
+
+    TEST_EQUAL(
+        MBEDTLS_SVC_KEY_ID_GET_KEY_ID(psa_get_key_id(&attributes)), 0);
+    TEST_EQUAL(
+        MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(psa_get_key_id(&attributes)), 0);
+    TEST_EQUAL(psa_get_key_lifetime(&attributes), 0);
+    TEST_EQUAL(psa_get_key_usage_flags(&attributes), 0);
+    TEST_EQUAL(psa_get_key_algorithm(&attributes), 0);
+    TEST_EQUAL(psa_get_key_type(&attributes), 0);
+    TEST_EQUAL(psa_get_key_bits(&attributes), 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void persistence_attributes(int id1_arg, int owner_id1_arg, int lifetime_arg,
+                            int id2_arg, int owner_id2_arg,
+                            int expected_id_arg, int expected_owner_id_arg,
+                            int expected_lifetime_arg)
+{
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t id1 =
+        mbedtls_svc_key_id_make(owner_id1_arg, id1_arg);
+    psa_key_lifetime_t lifetime = lifetime_arg;
+    mbedtls_svc_key_id_t id2 =
+        mbedtls_svc_key_id_make(owner_id2_arg, id2_arg);
+    mbedtls_svc_key_id_t expected_id =
+        mbedtls_svc_key_id_make(expected_owner_id_arg, expected_id_arg);
+    psa_key_lifetime_t expected_lifetime = expected_lifetime_arg;
+
+    if (id1_arg != -1) {
+        psa_set_key_id(&attributes, id1);
+    }
+    if (lifetime_arg != -1) {
+        psa_set_key_lifetime(&attributes, lifetime);
+    }
+    if (id2_arg != -1) {
+        psa_set_key_id(&attributes, id2);
+    }
+
+    TEST_ASSERT(mbedtls_svc_key_id_equal(
+                    psa_get_key_id(&attributes), expected_id));
+    TEST_EQUAL(psa_get_key_lifetime(&attributes), expected_lifetime);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_SE_C */
+void slot_number_attribute()
+{
+    psa_key_slot_number_t slot_number = 0xdeadbeef;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    /* Initially, there is no slot number. */
+    TEST_EQUAL(psa_get_key_slot_number(&attributes, &slot_number),
+               PSA_ERROR_INVALID_ARGUMENT);
+
+    /* Test setting a slot number. */
+    psa_set_key_slot_number(&attributes, 0);
+    PSA_ASSERT(psa_get_key_slot_number(&attributes, &slot_number));
+    TEST_EQUAL(slot_number, 0);
+
+    /* Test changing the slot number. */
+    psa_set_key_slot_number(&attributes, 42);
+    PSA_ASSERT(psa_get_key_slot_number(&attributes, &slot_number));
+    TEST_EQUAL(slot_number, 42);
+
+    /* Test clearing the slot number. */
+    psa_clear_key_slot_number(&attributes);
+    TEST_EQUAL(psa_get_key_slot_number(&attributes, &slot_number),
+               PSA_ERROR_INVALID_ARGUMENT);
+
+    /* Clearing again should have no effect. */
+    psa_clear_key_slot_number(&attributes);
+    TEST_EQUAL(psa_get_key_slot_number(&attributes, &slot_number),
+               PSA_ERROR_INVALID_ARGUMENT);
+
+    /* Test that reset clears the slot number. */
+    psa_set_key_slot_number(&attributes, 42);
+    PSA_ASSERT(psa_get_key_slot_number(&attributes, &slot_number));
+    TEST_EQUAL(slot_number, 42);
+    psa_reset_key_attributes(&attributes);
+    TEST_EQUAL(psa_get_key_slot_number(&attributes, &slot_number),
+               PSA_ERROR_INVALID_ARGUMENT);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_driver_wrappers.data
new file mode 100644
index 0000000..e14516b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_driver_wrappers.data
@@ -0,0 +1,610 @@
+sign_hash transparent driver: in driver ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
+sign_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_SUCCESS
+
+sign_hash transparent driver: fallback ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA
+sign_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):PSA_ERROR_NOT_SUPPORTED:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_SUCCESS
+
+sign_hash transparent driver: error ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
+sign_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):PSA_ERROR_GENERIC_ERROR:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_ERROR_GENERIC_ERROR
+
+sign_hash transparent driver: fake ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
+sign_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"000102030405060708090A0B0C0D0E0F":1:PSA_SUCCESS
+
+sign_hash transparent driver: in driver RSA PKCS#1 v1.5, raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":0:PSA_SUCCESS
+
+sign_hash transparent driver: fallback RSA PKCS#1 v1.5, raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
+sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_SUPPORTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":0:PSA_SUCCESS
+
+sign_hash transparent driver: error RSA PKCS#1 v1.5, raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_GENERIC_ERROR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":0:PSA_ERROR_GENERIC_ERROR
+
+sign_hash transparent driver: fake RSA PKCS#1 v1.5, raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":1:PSA_SUCCESS
+
+sign_hash transparent driver: in driver RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_SUCCESS
+
+sign_hash transparent driver: fallback RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
+sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_SUCCESS
+
+sign_hash transparent driver: error RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_ERROR_GENERIC_ERROR
+
+sign_hash transparent driver: fake RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":1:PSA_SUCCESS
+
+verify_hash transparent driver: in driver ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
+verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):PSA_SUCCESS:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS
+
+verify_hash transparent driver: fallback ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA
+verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):PSA_ERROR_NOT_SUPPORTED:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS
+
+verify_hash transparent driver: error ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
+verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):PSA_ERROR_GENERIC_ERROR:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR
+
+verify_hash transparent driver: in driver Public Key ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
+verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):PSA_SUCCESS:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS
+
+verify_hash transparent driver: fallback Public Key ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA
+verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):PSA_ERROR_NOT_SUPPORTED:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS
+
+verify_hash transparent driver: error Public Key ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
+verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):PSA_ERROR_GENERIC_ERROR:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR
+
+verify_hash transparent driver: in driver Key Pair RSA PKCS#1 v1.5 raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":PSA_SUCCESS
+
+verify_hash transparent driver: fallback Key Pair RSA PKCS#1 v1.5 raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
+verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_SUPPORTED:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":PSA_SUCCESS
+
+verify_hash transparent driver: error Key Pair RSA PKCS#1 v1.5 raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_GENERIC_ERROR:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":PSA_ERROR_GENERIC_ERROR
+
+verify_hash transparent driver: in driver Key Pair RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS
+
+verify_hash transparent driver: fallback Key Pair RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
+verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS
+
+verify_hash transparent driver: error Key Pair RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_GENERIC_ERROR
+
+verify_hash transparent driver: in driver Public Key RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C
+verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS
+
+verify_hash transparent driver: fallback Public Key RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
+verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS
+
+verify_hash transparent driver: error Public Key RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_GENERIC_ERROR
+
+verify_hash transparent driver: in driver Public Key RSA-1024 PSS SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_SUCCESS
+
+verify_hash transparent driver: fallback Public Key RSA-1024 PSS SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
+verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_SUCCESS
+
+verify_hash transparent driver: error Public Key RSA-1024 PSS SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_ERROR_GENERIC_ERROR
+
+verify_hash transparent driver: in driver Public Key RSA-1024 PSS-any-salt SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_SUCCESS
+
+verify_hash transparent driver: fallback Public Key RSA-1024 PSS-any-salt SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
+verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_SUCCESS
+
+verify_hash transparent driver: error Public Key RSA-1024 PSS-any-salt SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_ERROR_GENERIC_ERROR
+
+sign_message transparent driver: calculate in driver ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
+sign_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":0:PSA_SUCCESS
+
+sign_message transparent driver: fallback ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA
+sign_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":0:PSA_SUCCESS
+
+sign_message transparent driver: error ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
+sign_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":0:PSA_ERROR_GENERIC_ERROR
+
+sign_message transparent driver: fake ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
+sign_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"000102030405060708090A0B0C0D0E0F":1:PSA_SUCCESS
+
+sign_message transparent driver: calculate in driver RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_SUCCESS
+
+sign_message transparent driver: fallback RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
+sign_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_SUCCESS
+
+sign_message transparent driver: error RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_ERROR_GENERIC_ERROR
+
+sign_message transparent driver: fake RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":1:PSA_SUCCESS
+
+verify_message transparent driver: calculate in driver ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
+verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_SUCCESS:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS
+
+verify_message transparent driver: fallback ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA
+verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS
+
+verify_message transparent driver: error ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
+verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_ERROR_GENERIC_ERROR
+
+verify_message transparent driver: calculate in driver Public Key ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
+verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_SUCCESS:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS
+
+verify_message transparent driver: fallback Public Key ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA
+verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS
+
+verify_message transparent driver: error Public Key ECDSA SECP256R1 SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
+verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_ERROR_GENERIC_ERROR
+
+verify_message transparent driver: calculate in driver RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS
+
+verify_message transparent driver: fallback RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
+verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS
+
+verify_message transparent driver: error RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_GENERIC_ERROR
+
+verify_message transparent driver: calculate in driver Public Key RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS
+
+verify_message transparent driver: fallback Public Key RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
+verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS
+
+verify_message transparent driver: error Public Key RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_GENERIC_ERROR
+
+verify_message transparent driver: calculate in driver Public Key RSA PSS SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5":PSA_SUCCESS
+
+verify_message transparent driver: fallback Public Key RSA PSS SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS
+verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5":PSA_SUCCESS
+
+verify_message transparent driver: error Public Key RSA PSS SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5":PSA_ERROR_GENERIC_ERROR
+
+verify_message transparent driver: calculate in driver Public Key RSA PSS-any-salt SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d":PSA_SUCCESS
+
+verify_message transparent driver: fallback Public Key RSA PSS-any-salt SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS
+verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d":PSA_SUCCESS
+
+verify_message transparent driver: error Public Key RSA PSS-any-salt SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d":PSA_ERROR_GENERIC_ERROR
+
+generate_key through transparent driver: fake
+generate_key:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_SUCCESS
+
+generate_key through transparent driver: in-driver
+generate_key:PSA_SUCCESS:"":PSA_SUCCESS
+
+generate_key through transparent driver: fallback
+depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR
+generate_key:PSA_ERROR_NOT_SUPPORTED:"":PSA_SUCCESS
+
+generate_key through transparent driver: fallback not available
+depends_on:!MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR
+generate_key:PSA_ERROR_NOT_SUPPORTED:"":PSA_ERROR_NOT_SUPPORTED
+
+generate_key through transparent driver: error
+generate_key:PSA_ERROR_GENERIC_ERROR:"":PSA_ERROR_GENERIC_ERROR
+
+validate key through transparent driver: good private key
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+validate_key:PSA_SUCCESS:PSA_KEY_LOCATION_LOCAL_STORAGE:130:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS
+
+validate key through transparent driver: good public key
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+validate_key:PSA_SUCCESS:PSA_KEY_LOCATION_LOCAL_STORAGE:131:1:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS
+
+validate key through transparent driver: fallback private key
+depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256
+validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_LOCATION_LOCAL_STORAGE:132:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS
+
+validate key through transparent driver: fallback public key
+depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256
+validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_LOCATION_LOCAL_STORAGE:133:1:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS
+
+validate key through transparent driver: error
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+validate_key:PSA_ERROR_GENERIC_ERROR:PSA_KEY_LOCATION_LOCAL_STORAGE:134:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ERROR_GENERIC_ERROR
+
+export_key private to public through driver: fake
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+export_key:PSA_SUCCESS:"0102030405":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"":PSA_SUCCESS
+
+export_key private to public through driver: in-driver
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+export_key:PSA_SUCCESS:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_SUCCESS
+
+export_key private to public through driver: fallback
+depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256
+export_key:PSA_ERROR_NOT_SUPPORTED:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_SUCCESS
+
+export_key private to public through driver: error
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+export_key:PSA_ERROR_GENERIC_ERROR:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"":PSA_ERROR_GENERIC_ERROR
+
+PSA symmetric encrypt validation: AES-CTR, 16 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA symmetric encrypt validation: AES-CTR, 15 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
+
+PSA symmetric encrypt validation: AES-CTR, 16 bytes, fallback
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_CTR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES
+cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA symmetric encrypt validation: AES-CTR, 15 bytes, fallback
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_CTR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES
+cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
+
+PSA symmetric encrypt multipart: AES-CTR, 16 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CTR, 15 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CTR, 16 bytes, fallback
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CTR, 15 bytes, fallback
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CTR, 16 bytes, fake
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:8:0:"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CTR, 15 bytes, fake
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:8:0:"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric decrypt: AES-CTR, 16 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric decrypt: AES-CTR, 16 bytes, fallback
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_CTR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
+
+PSA symmetric decrypt: AES-CTR, 16 bytes, fake
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-CTR, 16 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-CTR, 16 bytes, fallback
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-CTR, 16 bytes, fake
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:8:0:"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CTR, 11+5 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CTR, 16+16 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CTR, 12+20 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CTR, 20+12 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CTR, 12+10 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CTR, 0+15 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CTR, 15+0 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CTR, 0+16 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric encryption multipart: AES-CTR, 16+0 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CTR, 11+5 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CTR, 16+16 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CTR, 12+20 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CTR, 20+12 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CTR, 12+10 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CTR, 0+15 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CTR, 15+0 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CTR, 0+16 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric decryption multipart: AES-CTR, 16+0 bytes
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
+
+Cipher driver: negative testing on all entry points
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_entry_points:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_SUCCESS
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, fallback
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_ERROR_NOT_SUPPORTED
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, INSUFFICIENT_MEMORY
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_ERROR_INSUFFICIENT_MEMORY
+
+PSA AEAD encrypt, AES-GCM, 128 bytes #1
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":PSA_SUCCESS
+
+PSA AEAD encrypt, AES-GCM, 128 bytes #1, fallback
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":PSA_ERROR_NOT_SUPPORTED
+
+PSA AEAD encrypt, AES-GCM, 128 bytes #1, INSUFFICIENT_MEMORY
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":PSA_ERROR_INSUFFICIENT_MEMORY
+
+PSA AEAD decrypt: AES-CCM, 39 bytes
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 39 bytes, fallback
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_ERROR_NOT_SUPPORTED
+
+PSA AEAD decrypt: AES-CCM, 39 bytes, INSUFFICIENT_MEMORY
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_ERROR_INSUFFICIENT_MEMORY
+
+PSA AEAD decrypt, AES-GCM, 144 bytes #1
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
+
+PSA AEAD decrypt, AES-GCM, 144 bytes #1, fallback
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_NOT_SUPPORTED
+
+PSA AEAD decrypt, AES-GCM, 144 bytes #1, INSUFFICIENT_MEMORY
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_INSUFFICIENT_MEMORY
+
+PSA MAC sign, through driver: HMAC-SHA-224
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_ACCEL_ALG_HMAC
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22":PSA_SUCCESS
+
+PSA MAC sign, fallback: HMAC-SHA-224
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_BUILTIN_ALG_HMAC
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22":PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC sign, driver reports error: RFC4231 Test case 1 - HMAC-SHA-224
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22":PSA_ERROR_GENERIC_ERROR
+
+PSA MAC sign, through driver: CMAC-AES-128
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_ACCEL_ALG_CMAC
+mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_SUCCESS
+
+PSA MAC sign, fallback: CMAC-AES-128
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_CMAC
+mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC sign, driver reports error: CMAC-AES-128
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_ERROR_GENERIC_ERROR
+
+PSA MAC verify, through driver: HMAC-SHA-224
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_ACCEL_ALG_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22":PSA_SUCCESS
+
+PSA MAC verify, fallback: HMAC-SHA-224
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_BUILTIN_ALG_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22":PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC verify, driver reports error: RFC4231 Test case 1 - HMAC-SHA-224
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22":PSA_ERROR_GENERIC_ERROR
+
+PSA MAC verify, through driver: CMAC-AES-128
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_ACCEL_ALG_CMAC
+mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_SUCCESS
+
+PSA MAC verify, fallback: CMAC-AES-128
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_CMAC
+mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC verify, driver reports error: CMAC-AES-128
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_ERROR_GENERIC_ERROR
+
+PSA opaque driver builtin key export: AES
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_SUCCESS
+
+PSA opaque driver builtin key export: AES (registered to ID_MAX-1)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MAX - 1:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_SUCCESS
+
+PSA opaque driver builtin key export: AES (registered to ID_MAX)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MAX:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_SUCCESS
+
+PSA opaque driver builtin key export: key ID out of range (ID_MIN - 1)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN - 1:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_ERROR_INVALID_HANDLE
+
+PSA opaque driver builtin key export: key ID out of range (ID_MAX + 1)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_ERROR_INVALID_HANDLE
+
+PSA opaque driver builtin key export: secp256r1
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"dc7d9d26d67a4f632c34c2dc0b6986183882c206df04cdb7d69aabe28be4f81a":PSA_SUCCESS
+
+PSA opaque driver builtin pubkey export: secp256r1
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+builtin_pubkey_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"0485f64d89f00be66c88dd937efd6d7c445648dcb701150b8a9509295850f41c1931e571fb8f8c78317a20b380e866584bbc2516c3d2702d792f131a922095fd6c":PSA_SUCCESS
+
+PSA opaque driver builtin pubkey export: not a public key
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+builtin_pubkey_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"0485f64d89f00be66c88dd937efd6d7c445648dcb701150b8a9509295850f41c1931e571fb8f8c78317a20b380e866584bbc2516c3d2702d792f131a922095fd6c":PSA_ERROR_INVALID_ARGUMENT
+
+Hash compute: SHA-256, computed by the driver
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS:PSA_SUCCESS
+
+Hash compute: SHA-256, fallback
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256
+hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
+
+Hash compute: SHA-256, no fallback
+depends_on:!MBEDTLS_PSA_BUILTIN_ALG_SHA_256
+hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED
+
+Hash compute: SHA-256, INSUFFICIENT_MEMORY
+hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_INSUFFICIENT_MEMORY:PSA_ERROR_INSUFFICIENT_MEMORY
+
+Hash multi-part setup: SHA-256, computed by the driver
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS:PSA_SUCCESS
+
+Hash multi-part setup: SHA-256, fallback
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256
+hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
+
+Hash multi-part setup: SHA-256, no fallback
+depends_on:!MBEDTLS_PSA_BUILTIN_ALG_SHA_256
+hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED
+
+Hash multi-part setup: SHA-256, INSUFFICIENT_MEMORY
+hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_INSUFFICIENT_MEMORY:PSA_ERROR_INSUFFICIENT_MEMORY
+
+Hash multi-part update: SHA-256, update successful
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS
+
+Hash multi-part update: SHA-256, update failure
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED
+
+Hash multi-part finish: SHA-256, finish successful
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS
+
+Hash multi-part finish: SHA-256, finish failure
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED
+
+Hash clone: SHA-256, clone successful
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_clone:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS
+
+Hash clone: SHA-256, clone failure
+depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256
+hash_clone:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_driver_wrappers.function
new file mode 100644
index 0000000..b789908
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_driver_wrappers.function
@@ -0,0 +1,1799 @@
+/* BEGIN_HEADER */
+#include "test/drivers/test_driver.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PSA_CRYPTO_DRIVERS:PSA_CRYPTO_DRIVER_TEST
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void sign_hash(int key_type_arg,
+               int alg_arg,
+               int force_status_arg,
+               data_t *key_input,
+               data_t *data_input,
+               data_t *expected_output,
+               int fake_output,
+               int expected_status_arg)
+{
+    psa_status_t force_status = force_status_arg;
+    psa_status_t expected_status = expected_status_arg;
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_algorithm_t alg = alg_arg;
+    size_t key_bits;
+    psa_key_type_t key_type = key_type_arg;
+    unsigned char *signature = NULL;
+    size_t signature_size;
+    size_t signature_length = 0xdeadbeef;
+    psa_status_t actual_status;
+    mbedtls_test_driver_signature_sign_hooks =
+        mbedtls_test_driver_signature_hooks_init();
+
+    PSA_ASSERT(psa_crypto_init());
+    psa_set_key_type(&attributes,
+                     key_type);
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_import_key(&attributes,
+                   key_input->x, key_input->len,
+                   &key);
+
+    mbedtls_test_driver_signature_sign_hooks.forced_status = force_status;
+    if (fake_output == 1) {
+        mbedtls_test_driver_signature_sign_hooks.forced_output =
+            expected_output->x;
+        mbedtls_test_driver_signature_sign_hooks.forced_output_length =
+            expected_output->len;
+    }
+
+    /* Allocate a buffer which has the size advertized by the
+     * library. */
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    key_bits = psa_get_key_bits(&attributes);
+    signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg);
+
+    TEST_ASSERT(signature_size != 0);
+    TEST_ASSERT(signature_size <= PSA_SIGNATURE_MAX_SIZE);
+    TEST_CALLOC(signature, signature_size);
+
+    actual_status = psa_sign_hash(key, alg,
+                                  data_input->x, data_input->len,
+                                  signature, signature_size,
+                                  &signature_length);
+    TEST_EQUAL(actual_status, expected_status);
+    if (expected_status == PSA_SUCCESS) {
+        TEST_MEMORY_COMPARE(signature, signature_length,
+                            expected_output->x, expected_output->len);
+    }
+    TEST_EQUAL(mbedtls_test_driver_signature_sign_hooks.hits, 1);
+
+exit:
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(key);
+    mbedtls_free(signature);
+    PSA_DONE();
+    mbedtls_test_driver_signature_sign_hooks =
+        mbedtls_test_driver_signature_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void verify_hash(int key_type_arg,
+                 int key_type_public_arg,
+                 int alg_arg,
+                 int force_status_arg,
+                 int register_public_key,
+                 data_t *key_input,
+                 data_t *data_input,
+                 data_t *signature_input,
+                 int expected_status_arg)
+{
+    psa_status_t force_status = force_status_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_type_t key_type = key_type_arg;
+    psa_key_type_t key_type_public = key_type_public_arg;
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_status_t actual_status;
+    mbedtls_test_driver_signature_verify_hooks =
+        mbedtls_test_driver_signature_hooks_init();
+
+    PSA_ASSERT(psa_crypto_init());
+    if (register_public_key) {
+        psa_set_key_type(&attributes, key_type_public);
+        psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH);
+        psa_set_key_algorithm(&attributes, alg);
+        psa_import_key(&attributes,
+                       key_input->x, key_input->len,
+                       &key);
+    } else {
+        psa_set_key_type(&attributes, key_type);
+        psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH);
+        psa_set_key_algorithm(&attributes, alg);
+        psa_import_key(&attributes,
+                       key_input->x, key_input->len,
+                       &key);
+    }
+
+    mbedtls_test_driver_signature_verify_hooks.forced_status = force_status;
+
+    actual_status = psa_verify_hash(key, alg,
+                                    data_input->x, data_input->len,
+                                    signature_input->x, signature_input->len);
+    TEST_EQUAL(actual_status, expected_status);
+    TEST_EQUAL(mbedtls_test_driver_signature_verify_hooks.hits, 1);
+
+exit:
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(key);
+    PSA_DONE();
+    mbedtls_test_driver_signature_verify_hooks =
+        mbedtls_test_driver_signature_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void sign_message(int key_type_arg,
+                  int alg_arg,
+                  int force_status_arg,
+                  data_t *key_input,
+                  data_t *data_input,
+                  data_t *expected_output,
+                  int fake_output,
+                  int expected_status_arg)
+{
+    psa_status_t force_status = force_status_arg;
+    psa_status_t expected_status = expected_status_arg;
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_algorithm_t alg = alg_arg;
+    size_t key_bits;
+    psa_key_type_t key_type = key_type_arg;
+    unsigned char *signature = NULL;
+    size_t signature_size;
+    size_t signature_length = 0xdeadbeef;
+    psa_status_t actual_status;
+    mbedtls_test_driver_signature_sign_hooks =
+        mbedtls_test_driver_signature_hooks_init();
+
+    PSA_ASSERT(psa_crypto_init());
+    psa_set_key_type(&attributes, key_type);
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_import_key(&attributes,
+                   key_input->x, key_input->len,
+                   &key);
+
+    mbedtls_test_driver_signature_sign_hooks.forced_status = force_status;
+    if (fake_output == 1) {
+        mbedtls_test_driver_signature_sign_hooks.forced_output =
+            expected_output->x;
+        mbedtls_test_driver_signature_sign_hooks.forced_output_length =
+            expected_output->len;
+    }
+
+    /* Allocate a buffer which has the size advertized by the
+     * library. */
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    key_bits = psa_get_key_bits(&attributes);
+    signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg);
+
+    TEST_ASSERT(signature_size != 0);
+    TEST_ASSERT(signature_size <= PSA_SIGNATURE_MAX_SIZE);
+    TEST_CALLOC(signature, signature_size);
+
+    actual_status = psa_sign_message(key, alg,
+                                     data_input->x, data_input->len,
+                                     signature, signature_size,
+                                     &signature_length);
+    TEST_EQUAL(actual_status, expected_status);
+    if (expected_status == PSA_SUCCESS) {
+        TEST_MEMORY_COMPARE(signature, signature_length,
+                            expected_output->x, expected_output->len);
+    }
+    /* In the builtin algorithm the driver is called twice. */
+    TEST_EQUAL(mbedtls_test_driver_signature_sign_hooks.hits,
+               force_status == PSA_ERROR_NOT_SUPPORTED ? 2 : 1);
+
+exit:
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(key);
+    mbedtls_free(signature);
+    PSA_DONE();
+    mbedtls_test_driver_signature_sign_hooks =
+        mbedtls_test_driver_signature_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void verify_message(int key_type_arg,
+                    int key_type_public_arg,
+                    int alg_arg,
+                    int force_status_arg,
+                    int register_public_key,
+                    data_t *key_input,
+                    data_t *data_input,
+                    data_t *signature_input,
+                    int expected_status_arg)
+{
+    psa_status_t force_status = force_status_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_type_t key_type = key_type_arg;
+    psa_key_type_t key_type_public = key_type_public_arg;
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_status_t actual_status;
+    mbedtls_test_driver_signature_verify_hooks =
+        mbedtls_test_driver_signature_hooks_init();
+
+    PSA_ASSERT(psa_crypto_init());
+    if (register_public_key) {
+        psa_set_key_type(&attributes, key_type_public);
+        psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_MESSAGE);
+        psa_set_key_algorithm(&attributes, alg);
+        psa_import_key(&attributes,
+                       key_input->x, key_input->len,
+                       &key);
+    } else {
+        psa_set_key_type(&attributes, key_type);
+        psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_MESSAGE);
+        psa_set_key_algorithm(&attributes, alg);
+        psa_import_key(&attributes,
+                       key_input->x, key_input->len,
+                       &key);
+    }
+
+    mbedtls_test_driver_signature_verify_hooks.forced_status = force_status;
+
+    actual_status = psa_verify_message(key, alg,
+                                       data_input->x, data_input->len,
+                                       signature_input->x, signature_input->len);
+    TEST_EQUAL(actual_status, expected_status);
+    /* In the builtin algorithm the driver is called twice. */
+    TEST_EQUAL(mbedtls_test_driver_signature_verify_hooks.hits,
+               force_status == PSA_ERROR_NOT_SUPPORTED ? 2 : 1);
+
+exit:
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(key);
+    PSA_DONE();
+    mbedtls_test_driver_signature_verify_hooks =
+        mbedtls_test_driver_signature_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 */
+void generate_key(int force_status_arg,
+                  data_t *fake_output,
+                  int expected_status_arg)
+{
+    psa_status_t force_status = force_status_arg;
+    psa_status_t expected_status = expected_status_arg;
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_algorithm_t alg = PSA_ALG_ECDSA(PSA_ALG_SHA_256);
+    const uint8_t *expected_output = NULL;
+    size_t expected_output_length = 0;
+    psa_status_t actual_status;
+    uint8_t actual_output[PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(256)] = { 0 };
+    size_t actual_output_length;
+    mbedtls_test_driver_key_management_hooks =
+        mbedtls_test_driver_key_management_hooks_init();
+
+    psa_set_key_type(&attributes,
+                     PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1));
+    psa_set_key_bits(&attributes, 256);
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT);
+    psa_set_key_algorithm(&attributes, alg);
+
+    if (fake_output->len > 0) {
+        expected_output =
+            mbedtls_test_driver_key_management_hooks.forced_output =
+                fake_output->x;
+
+        expected_output_length =
+            mbedtls_test_driver_key_management_hooks.forced_output_length =
+                fake_output->len;
+    }
+
+    mbedtls_test_driver_key_management_hooks.hits = 0;
+    mbedtls_test_driver_key_management_hooks.forced_status = force_status;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    actual_status = psa_generate_key(&attributes, &key);
+    TEST_EQUAL(mbedtls_test_driver_key_management_hooks.hits, 1);
+    TEST_EQUAL(actual_status, expected_status);
+
+    if (actual_status == PSA_SUCCESS) {
+        psa_export_key(key, actual_output, sizeof(actual_output), &actual_output_length);
+
+        if (fake_output->len > 0) {
+            TEST_MEMORY_COMPARE(actual_output, actual_output_length,
+                                expected_output, expected_output_length);
+        } else {
+            size_t zeroes = 0;
+            for (size_t i = 0; i < sizeof(actual_output); i++) {
+                if (actual_output[i] == 0) {
+                    zeroes++;
+                }
+            }
+            TEST_ASSERT(zeroes != sizeof(actual_output));
+        }
+    }
+exit:
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(key);
+    PSA_DONE();
+    mbedtls_test_driver_key_management_hooks =
+        mbedtls_test_driver_key_management_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void validate_key(int force_status_arg,
+                  int location,
+                  int owner_id_arg,
+                  int id_arg,
+                  int key_type_arg,
+                  data_t *key_input,
+                  int expected_status_arg)
+{
+    psa_key_lifetime_t lifetime =
+        PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \
+            PSA_KEY_PERSISTENCE_DEFAULT, location);
+    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(owner_id_arg, id_arg);
+    psa_status_t force_status = force_status_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_type_t key_type = key_type_arg;
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_status_t actual_status;
+    mbedtls_test_driver_key_management_hooks =
+        mbedtls_test_driver_key_management_hooks_init();
+
+    psa_set_key_id(&attributes, id);
+    psa_set_key_type(&attributes,
+                     key_type);
+    psa_set_key_lifetime(&attributes, lifetime);
+    psa_set_key_bits(&attributes, 0);
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT);
+
+    mbedtls_test_driver_key_management_hooks.forced_status = force_status;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    actual_status = psa_import_key(&attributes, key_input->x, key_input->len, &key);
+    TEST_EQUAL(mbedtls_test_driver_key_management_hooks.hits, 1);
+    TEST_EQUAL(actual_status, expected_status);
+    TEST_EQUAL(mbedtls_test_driver_key_management_hooks.location, location);
+exit:
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(key);
+    PSA_DONE();
+    mbedtls_test_driver_key_management_hooks =
+        mbedtls_test_driver_key_management_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void export_key(int force_status_arg,
+                data_t *fake_output,
+                int key_in_type_arg,
+                data_t *key_in,
+                int key_out_type_arg,
+                data_t *expected_output,
+                int expected_status_arg)
+{
+    psa_status_t force_status = force_status_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_handle_t handle = 0;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_type_t input_key_type = key_in_type_arg;
+    psa_key_type_t output_key_type = key_out_type_arg;
+    const uint8_t *expected_output_ptr = NULL;
+    size_t expected_output_length = 0;
+    psa_status_t actual_status;
+    uint8_t actual_output[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(256)] = { 0 };
+    size_t actual_output_length;
+    mbedtls_test_driver_key_management_hooks =
+        mbedtls_test_driver_key_management_hooks_init();
+
+    psa_set_key_type(&attributes, input_key_type);
+    psa_set_key_bits(&attributes, 256);
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT);
+
+    PSA_ASSERT(psa_crypto_init());
+    PSA_ASSERT(psa_import_key(&attributes, key_in->x, key_in->len, &handle));
+
+    if (fake_output->len > 0) {
+        expected_output_ptr =
+            mbedtls_test_driver_key_management_hooks.forced_output =
+                fake_output->x;
+
+        expected_output_length =
+            mbedtls_test_driver_key_management_hooks.forced_output_length =
+                fake_output->len;
+    } else {
+        expected_output_ptr = expected_output->x;
+        expected_output_length = expected_output->len;
+    }
+
+    mbedtls_test_driver_key_management_hooks.hits = 0;
+    mbedtls_test_driver_key_management_hooks.forced_status = force_status;
+
+    if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(output_key_type)) {
+        actual_status = psa_export_public_key(handle,
+                                              actual_output,
+                                              sizeof(actual_output),
+                                              &actual_output_length);
+    } else {
+        actual_status = psa_export_key(handle,
+                                       actual_output,
+                                       sizeof(actual_output),
+                                       &actual_output_length);
+    }
+    TEST_EQUAL(actual_status, expected_status);
+
+    if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(output_key_type) &&
+        !PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(input_key_type)) {
+        TEST_EQUAL(mbedtls_test_driver_key_management_hooks.hits, 1);
+    }
+
+    if (actual_status == PSA_SUCCESS) {
+        TEST_MEMORY_COMPARE(actual_output, actual_output_length,
+                            expected_output_ptr, expected_output_length);
+    }
+exit:
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(handle);
+    PSA_DONE();
+    mbedtls_test_driver_key_management_hooks =
+        mbedtls_test_driver_key_management_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_encrypt_validation(int alg_arg,
+                               int key_type_arg,
+                               data_t *key_data,
+                               data_t *input)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t iv_size = PSA_CIPHER_IV_LENGTH(key_type, alg);
+    unsigned char *output1 = NULL;
+    size_t output1_buffer_size = 0;
+    size_t output1_length = 0;
+    unsigned char *output2 = NULL;
+    size_t output2_buffer_size = 0;
+    size_t output2_length = 0;
+    size_t function_output_length = 0;
+    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len);
+    output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input->len) +
+                          PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg);
+    TEST_CALLOC(output1, output1_buffer_size);
+    TEST_CALLOC(output2, output2_buffer_size);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    PSA_ASSERT(psa_cipher_encrypt(key, alg, input->x, input->len, output1,
+                                  output1_buffer_size, &output1_length));
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg));
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    PSA_ASSERT(psa_cipher_set_iv(&operation, output1, iv_size));
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    PSA_ASSERT(psa_cipher_update(&operation,
+                                 input->x, input->len,
+                                 output2, output2_buffer_size,
+                                 &function_output_length));
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    output2_length += function_output_length;
+    PSA_ASSERT(psa_cipher_finish(&operation,
+                                 output2 + output2_length,
+                                 output2_buffer_size - output2_length,
+                                 &function_output_length));
+    /* Finish will have called abort as well, so expecting two hits here */
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 2);
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    output2_length += function_output_length;
+
+    PSA_ASSERT(psa_cipher_abort(&operation));
+    // driver function should've been called as part of the finish() core routine
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0);
+    TEST_MEMORY_COMPARE(output1 + iv_size, output1_length - iv_size,
+                        output2, output2_length);
+
+exit:
+    psa_cipher_abort(&operation);
+    mbedtls_free(output1);
+    mbedtls_free(output2);
+    psa_destroy_key(key);
+    PSA_DONE();
+    mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_encrypt_multipart(int alg_arg,
+                              int key_type_arg,
+                              data_t *key_data,
+                              data_t *iv,
+                              data_t *input,
+                              int first_part_size_arg,
+                              int output1_length_arg,
+                              int output2_length_arg,
+                              data_t *expected_output,
+                              int mock_output_arg,
+                              int force_status_arg,
+                              int expected_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t status;
+    psa_status_t expected_status = expected_status_arg;
+    psa_status_t force_status = force_status_arg;
+    size_t first_part_size = first_part_size_arg;
+    size_t output1_length = output1_length_arg;
+    size_t output2_length = output2_length_arg;
+    unsigned char *output = NULL;
+    size_t output_buffer_size = 0;
+    size_t function_output_length = 0;
+    size_t total_output_length = 0;
+    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+    mbedtls_test_driver_cipher_hooks.forced_status = force_status;
+
+    /* Test operation initialization */
+    mbedtls_psa_cipher_operation_t mbedtls_operation =
+        MBEDTLS_PSA_CIPHER_OPERATION_INIT;
+
+    mbedtls_transparent_test_driver_cipher_operation_t transparent_operation =
+        MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT;
+
+    mbedtls_opaque_test_driver_cipher_operation_t opaque_operation =
+        MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT;
+
+    operation.ctx.mbedtls_ctx = mbedtls_operation;
+    operation.ctx.transparent_test_driver_ctx = transparent_operation;
+    operation.ctx.opaque_test_driver_ctx = opaque_operation;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg));
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    PSA_ASSERT(psa_cipher_set_iv(&operation, iv->x, iv->len));
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 1 : 0));
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    output_buffer_size = ((size_t) input->len +
+                          PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type));
+    TEST_CALLOC(output, output_buffer_size);
+
+    if (mock_output_arg) {
+        mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x;
+        mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len;
+    }
+
+    TEST_ASSERT(first_part_size <= input->len);
+    PSA_ASSERT(psa_cipher_update(&operation, input->x, first_part_size,
+                                 output, output_buffer_size,
+                                 &function_output_length));
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 1 : 0));
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    TEST_ASSERT(function_output_length == output1_length);
+    total_output_length += function_output_length;
+
+    if (first_part_size < input->len) {
+        PSA_ASSERT(psa_cipher_update(&operation,
+                                     input->x + first_part_size,
+                                     input->len - first_part_size,
+                                     output + total_output_length,
+                                     output_buffer_size - total_output_length,
+                                     &function_output_length));
+        TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+        mbedtls_test_driver_cipher_hooks.hits = 0;
+
+        TEST_ASSERT(function_output_length == output2_length);
+        total_output_length += function_output_length;
+    }
+
+    if (mock_output_arg) {
+        mbedtls_test_driver_cipher_hooks.forced_output = NULL;
+        mbedtls_test_driver_cipher_hooks.forced_output_length = 0;
+    }
+
+    status =  psa_cipher_finish(&operation,
+                                output + total_output_length,
+                                output_buffer_size - total_output_length,
+                                &function_output_length);
+    /* Finish will have called abort as well, so expecting two hits here */
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 2 : 0));
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+    total_output_length += function_output_length;
+    TEST_EQUAL(status, expected_status);
+
+    if (expected_status == PSA_SUCCESS) {
+        PSA_ASSERT(psa_cipher_abort(&operation));
+        TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0);
+
+        TEST_MEMORY_COMPARE(expected_output->x, expected_output->len,
+                            output, total_output_length);
+    }
+
+exit:
+    psa_cipher_abort(&operation);
+    mbedtls_free(output);
+    psa_destroy_key(key);
+    PSA_DONE();
+    mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_decrypt_multipart(int alg_arg,
+                              int key_type_arg,
+                              data_t *key_data,
+                              data_t *iv,
+                              data_t *input,
+                              int first_part_size_arg,
+                              int output1_length_arg,
+                              int output2_length_arg,
+                              data_t *expected_output,
+                              int mock_output_arg,
+                              int force_status_arg,
+                              int expected_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t status;
+    psa_status_t expected_status = expected_status_arg;
+    psa_status_t force_status = force_status_arg;
+    size_t first_part_size = first_part_size_arg;
+    size_t output1_length = output1_length_arg;
+    size_t output2_length = output2_length_arg;
+    unsigned char *output = NULL;
+    size_t output_buffer_size = 0;
+    size_t function_output_length = 0;
+    size_t total_output_length = 0;
+    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+    mbedtls_test_driver_cipher_hooks.forced_status = force_status;
+
+    /* Test operation initialization */
+    mbedtls_psa_cipher_operation_t mbedtls_operation =
+        MBEDTLS_PSA_CIPHER_OPERATION_INIT;
+
+    mbedtls_transparent_test_driver_cipher_operation_t transparent_operation =
+        MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT;
+
+    mbedtls_opaque_test_driver_cipher_operation_t opaque_operation =
+        MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT;
+
+    operation.ctx.mbedtls_ctx = mbedtls_operation;
+    operation.ctx.transparent_test_driver_ctx = transparent_operation;
+    operation.ctx.opaque_test_driver_ctx = opaque_operation;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg));
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    PSA_ASSERT(psa_cipher_set_iv(&operation, iv->x, iv->len));
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 1 : 0));
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    output_buffer_size = ((size_t) input->len +
+                          PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type));
+    TEST_CALLOC(output, output_buffer_size);
+
+    if (mock_output_arg) {
+        mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x;
+        mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len;
+    }
+
+    TEST_ASSERT(first_part_size <= input->len);
+    PSA_ASSERT(psa_cipher_update(&operation,
+                                 input->x, first_part_size,
+                                 output, output_buffer_size,
+                                 &function_output_length));
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 1 : 0));
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    TEST_ASSERT(function_output_length == output1_length);
+    total_output_length += function_output_length;
+
+    if (first_part_size < input->len) {
+        PSA_ASSERT(psa_cipher_update(&operation,
+                                     input->x + first_part_size,
+                                     input->len - first_part_size,
+                                     output + total_output_length,
+                                     output_buffer_size - total_output_length,
+                                     &function_output_length));
+        TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 1 : 0));
+        mbedtls_test_driver_cipher_hooks.hits = 0;
+
+        TEST_ASSERT(function_output_length == output2_length);
+        total_output_length += function_output_length;
+    }
+
+    if (mock_output_arg) {
+        mbedtls_test_driver_cipher_hooks.forced_output = NULL;
+        mbedtls_test_driver_cipher_hooks.forced_output_length = 0;
+    }
+
+    status = psa_cipher_finish(&operation,
+                               output + total_output_length,
+                               output_buffer_size - total_output_length,
+                               &function_output_length);
+    /* Finish will have called abort as well, so expecting two hits here */
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 2 : 0));
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+    total_output_length += function_output_length;
+    TEST_EQUAL(status, expected_status);
+
+    if (expected_status == PSA_SUCCESS) {
+        PSA_ASSERT(psa_cipher_abort(&operation));
+        TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0);
+
+        TEST_MEMORY_COMPARE(expected_output->x, expected_output->len,
+                            output, total_output_length);
+    }
+
+exit:
+    psa_cipher_abort(&operation);
+    mbedtls_free(output);
+    psa_destroy_key(key);
+    PSA_DONE();
+    mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_decrypt(int alg_arg,
+                    int key_type_arg,
+                    data_t *key_data,
+                    data_t *iv,
+                    data_t *input_arg,
+                    data_t *expected_output,
+                    int mock_output_arg,
+                    int force_status_arg,
+                    int expected_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_status_t status;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_status_t force_status = force_status_arg;
+    unsigned char *input = NULL;
+    size_t input_buffer_size = 0;
+    unsigned char *output = NULL;
+    size_t output_buffer_size = 0;
+    size_t output_length = 0;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+    mbedtls_test_driver_cipher_hooks.forced_status = force_status;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    /* Allocate input buffer and copy the iv and the plaintext */
+    input_buffer_size = ((size_t) input_arg->len + (size_t) iv->len);
+    if (input_buffer_size > 0) {
+        TEST_CALLOC(input, input_buffer_size);
+        memcpy(input, iv->x, iv->len);
+        memcpy(input + iv->len, input_arg->x, input_arg->len);
+    }
+
+    output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_buffer_size);
+    TEST_CALLOC(output, output_buffer_size);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    if (mock_output_arg) {
+        mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x;
+        mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len;
+    }
+
+    status = psa_cipher_decrypt(key, alg, input, input_buffer_size, output,
+                                output_buffer_size, &output_length);
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    TEST_EQUAL(status, expected_status);
+
+    if (expected_status == PSA_SUCCESS) {
+        TEST_MEMORY_COMPARE(expected_output->x, expected_output->len,
+                            output, output_length);
+    }
+
+exit:
+    mbedtls_free(input);
+    mbedtls_free(output);
+    psa_destroy_key(key);
+    PSA_DONE();
+    mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_entry_points(int alg_arg, int key_type_arg,
+                         data_t *key_data, data_t *iv,
+                         data_t *input)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_status_t status;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *output = NULL;
+    size_t output_buffer_size = 0;
+    size_t function_output_length = 0;
+    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+
+    TEST_CALLOC(output, input->len + 16);
+    output_buffer_size = input->len + 16;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    /*
+     * Test encrypt failure
+     * First test that if we don't force a driver error, encryption is
+     * successful, then force driver error.
+     */
+    status = psa_cipher_encrypt(
+        key, alg, input->x, input->len,
+        output, output_buffer_size, &function_output_length);
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+    TEST_EQUAL(status, PSA_SUCCESS);
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
+    /* Set the output buffer in a given state. */
+    for (size_t i = 0; i < output_buffer_size; i++) {
+        output[i] = 0xa5;
+    }
+
+    status = psa_cipher_encrypt(
+        key, alg, input->x, input->len,
+        output, output_buffer_size, &function_output_length);
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+    TEST_EQUAL(status, PSA_ERROR_GENERIC_ERROR);
+    /*
+     * Check that the output buffer is still in the same state.
+     * This will fail if the output buffer is used by the core to pass the IV
+     * it generated to the driver (and is not restored).
+     */
+    for (size_t i = 0; i < output_buffer_size; i++) {
+        TEST_EQUAL(output[i], 0xa5);
+    }
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    /* Test setup call, encrypt */
+    mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
+    status = psa_cipher_encrypt_setup(&operation, key, alg);
+    /* When setup fails, it shouldn't call any further entry points */
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+    TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status);
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+    status = psa_cipher_set_iv(&operation, iv->x, iv->len);
+    TEST_EQUAL(status, PSA_ERROR_BAD_STATE);
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0);
+
+    /* Test setup call failure, decrypt */
+    status = psa_cipher_decrypt_setup(&operation, key, alg);
+    /* When setup fails, it shouldn't call any further entry points */
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+    TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status);
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+    status = psa_cipher_set_iv(&operation, iv->x, iv->len);
+    TEST_EQUAL(status, PSA_ERROR_BAD_STATE);
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0);
+
+    /* Test IV setting failure */
+    mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
+    status = psa_cipher_encrypt_setup(&operation, key, alg);
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+    TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status);
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
+    status = psa_cipher_set_iv(&operation, iv->x, iv->len);
+    /* When setting the IV fails, it should call abort too */
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 2);
+    TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status);
+    /* Failure should prevent further operations from executing on the driver */
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+    status = psa_cipher_update(&operation,
+                               input->x, input->len,
+                               output, output_buffer_size,
+                               &function_output_length);
+    TEST_EQUAL(status, PSA_ERROR_BAD_STATE);
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0);
+    psa_cipher_abort(&operation);
+
+    /* Test IV generation failure */
+    mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
+    status = psa_cipher_encrypt_setup(&operation, key, alg);
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+    TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status);
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
+    /* Set the output buffer in a given state. */
+    for (size_t i = 0; i < 16; i++) {
+        output[i] = 0xa5;
+    }
+
+    status = psa_cipher_generate_iv(&operation, output, 16, &function_output_length);
+    /* When generating the IV fails, it should call abort too */
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 2);
+    TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status);
+    /*
+     * Check that the output buffer is still in the same state.
+     * This will fail if the output buffer is used by the core to pass the IV
+     * it generated to the driver (and is not restored).
+     */
+    for (size_t i = 0; i < 16; i++) {
+        TEST_EQUAL(output[i], 0xa5);
+    }
+    /* Failure should prevent further operations from executing on the driver */
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+    status = psa_cipher_update(&operation,
+                               input->x, input->len,
+                               output, output_buffer_size,
+                               &function_output_length);
+    TEST_EQUAL(status, PSA_ERROR_BAD_STATE);
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0);
+    psa_cipher_abort(&operation);
+
+    /* Test update failure */
+    mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
+    status = psa_cipher_encrypt_setup(&operation, key, alg);
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+    TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status);
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    status = psa_cipher_set_iv(&operation, iv->x, iv->len);
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+    TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status);
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
+    status = psa_cipher_update(&operation,
+                               input->x, input->len,
+                               output, output_buffer_size,
+                               &function_output_length);
+    /* When the update call fails, it should call abort too */
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 2);
+    TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status);
+    /* Failure should prevent further operations from executing on the driver */
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+    status = psa_cipher_update(&operation,
+                               input->x, input->len,
+                               output, output_buffer_size,
+                               &function_output_length);
+    TEST_EQUAL(status, PSA_ERROR_BAD_STATE);
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0);
+    psa_cipher_abort(&operation);
+
+    /* Test finish failure */
+    mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
+    status = psa_cipher_encrypt_setup(&operation, key, alg);
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+    TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status);
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    status = psa_cipher_set_iv(&operation, iv->x, iv->len);
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+    TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status);
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    status = psa_cipher_update(&operation,
+                               input->x, input->len,
+                               output, output_buffer_size,
+                               &function_output_length);
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1);
+    TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status);
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+
+    mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
+    status = psa_cipher_finish(&operation,
+                               output + function_output_length,
+                               output_buffer_size - function_output_length,
+                               &function_output_length);
+    /* When the finish call fails, it should call abort too */
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 2);
+    TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status);
+    /* Failure should prevent further operations from executing on the driver */
+    mbedtls_test_driver_cipher_hooks.hits = 0;
+    status = psa_cipher_update(&operation,
+                               input->x, input->len,
+                               output, output_buffer_size,
+                               &function_output_length);
+    TEST_EQUAL(status, PSA_ERROR_BAD_STATE);
+    TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0);
+    psa_cipher_abort(&operation);
+
+exit:
+    psa_cipher_abort(&operation);
+    mbedtls_free(output);
+    psa_destroy_key(key);
+    PSA_DONE();
+    mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aead_encrypt(int key_type_arg, data_t *key_data,
+                  int alg_arg,
+                  data_t *nonce,
+                  data_t *additional_data,
+                  data_t *input_data,
+                  data_t *expected_result,
+                  int forced_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t key_bits;
+    psa_status_t forced_status = forced_status_arg;
+    unsigned char *output_data = NULL;
+    size_t output_size = 0;
+    size_t output_length = 0;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+    mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init();
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    key_bits = psa_get_key_bits(&attributes);
+
+    output_size = input_data->len + PSA_AEAD_TAG_LENGTH(key_type, key_bits,
+                                                        alg);
+    /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE
+     * should be exact. */
+    TEST_EQUAL(output_size,
+               PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_data->len));
+    TEST_ASSERT(output_size <=
+                PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(input_data->len));
+    TEST_CALLOC(output_data, output_size);
+
+    mbedtls_test_driver_aead_hooks.forced_status = forced_status;
+    status = psa_aead_encrypt(key, alg,
+                              nonce->x, nonce->len,
+                              additional_data->x, additional_data->len,
+                              input_data->x, input_data->len,
+                              output_data, output_size,
+                              &output_length);
+    TEST_EQUAL(mbedtls_test_driver_aead_hooks.hits, 1);
+    TEST_EQUAL(mbedtls_test_driver_aead_hooks.driver_status, forced_status);
+
+    TEST_EQUAL(status, (forced_status == PSA_ERROR_NOT_SUPPORTED) ?
+               PSA_SUCCESS : forced_status);
+
+    if (status == PSA_SUCCESS) {
+        TEST_MEMORY_COMPARE(expected_result->x, expected_result->len,
+                            output_data, output_length);
+    }
+
+exit:
+    psa_destroy_key(key);
+    mbedtls_free(output_data);
+    PSA_DONE();
+    mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aead_decrypt(int key_type_arg, data_t *key_data,
+                  int alg_arg,
+                  data_t *nonce,
+                  data_t *additional_data,
+                  data_t *input_data,
+                  data_t *expected_data,
+                  int forced_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t key_bits;
+    psa_status_t forced_status = forced_status_arg;
+    unsigned char *output_data = NULL;
+    size_t output_size = 0;
+    size_t output_length = 0;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+    mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init();
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    key_bits = psa_get_key_bits(&attributes);
+
+    output_size = input_data->len - PSA_AEAD_TAG_LENGTH(key_type, key_bits,
+                                                        alg);
+    TEST_CALLOC(output_data, output_size);
+
+    mbedtls_test_driver_aead_hooks.forced_status = forced_status;
+    status = psa_aead_decrypt(key, alg,
+                              nonce->x, nonce->len,
+                              additional_data->x,
+                              additional_data->len,
+                              input_data->x, input_data->len,
+                              output_data, output_size,
+                              &output_length);
+    TEST_EQUAL(mbedtls_test_driver_aead_hooks.hits, 1);
+    TEST_EQUAL(mbedtls_test_driver_aead_hooks.driver_status, forced_status);
+
+    TEST_EQUAL(status, (forced_status == PSA_ERROR_NOT_SUPPORTED) ?
+               PSA_SUCCESS : forced_status);
+
+    if (status == PSA_SUCCESS) {
+        TEST_MEMORY_COMPARE(expected_data->x, expected_data->len,
+                            output_data, output_length);
+    }
+
+exit:
+    psa_destroy_key(key);
+    mbedtls_free(output_data);
+    PSA_DONE();
+    mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mac_sign(int key_type_arg,
+              data_t *key_data,
+              int alg_arg,
+              data_t *input,
+              data_t *expected_mac,
+              int forced_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    uint8_t *actual_mac = NULL;
+    size_t mac_buffer_size =
+        PSA_MAC_LENGTH(key_type, PSA_BYTES_TO_BITS(key_data->len), alg);
+    size_t mac_length = 0;
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_status_t forced_status = forced_status_arg;
+    mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init();
+
+    TEST_ASSERT(mac_buffer_size <= PSA_MAC_MAX_SIZE);
+    /* We expect PSA_MAC_LENGTH to be exact. */
+    TEST_ASSERT(expected_mac->len == mac_buffer_size);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    TEST_CALLOC(actual_mac, mac_buffer_size);
+    mbedtls_test_driver_mac_hooks.forced_status = forced_status;
+
+    /*
+     * Calculate the MAC, one-shot case.
+     */
+    status = psa_mac_compute(key, alg,
+                             input->x, input->len,
+                             actual_mac, mac_buffer_size,
+                             &mac_length);
+
+    TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1);
+    if (forced_status == PSA_SUCCESS ||
+        forced_status == PSA_ERROR_NOT_SUPPORTED) {
+        PSA_ASSERT(status);
+    } else {
+        TEST_EQUAL(forced_status, status);
+    }
+
+    if (mac_buffer_size > 0) {
+        memset(actual_mac, 0, mac_buffer_size);
+    }
+    mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init();
+    mbedtls_test_driver_mac_hooks.forced_status = forced_status;
+
+    /*
+     * Calculate the MAC, multipart case.
+     */
+    status = psa_mac_sign_setup(&operation, key, alg);
+    TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1);
+
+    if (forced_status == PSA_SUCCESS ||
+        forced_status == PSA_ERROR_NOT_SUPPORTED) {
+        PSA_ASSERT(status);
+    } else {
+        TEST_EQUAL(forced_status, status);
+    }
+
+    status = psa_mac_update(&operation,
+                            input->x, input->len);
+    if (forced_status == PSA_SUCCESS) {
+        TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 2);
+    } else {
+        TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1);
+    }
+    if (forced_status == PSA_SUCCESS ||
+        forced_status == PSA_ERROR_NOT_SUPPORTED) {
+        PSA_ASSERT(status);
+    } else {
+        TEST_EQUAL(PSA_ERROR_BAD_STATE, status);
+    }
+
+    status = psa_mac_sign_finish(&operation,
+                                 actual_mac, mac_buffer_size,
+                                 &mac_length);
+    if (forced_status == PSA_SUCCESS) {
+        TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 4);
+    } else {
+        TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1);
+    }
+
+    if (forced_status == PSA_SUCCESS ||
+        forced_status == PSA_ERROR_NOT_SUPPORTED) {
+        PSA_ASSERT(status);
+    } else {
+        TEST_EQUAL(PSA_ERROR_BAD_STATE, status);
+    }
+
+    PSA_ASSERT(psa_mac_abort(&operation));
+    if (forced_status == PSA_SUCCESS) {
+        TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 4);
+    } else {
+        TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1);
+    }
+
+    if (forced_status == PSA_SUCCESS) {
+        TEST_MEMORY_COMPARE(expected_mac->x, expected_mac->len,
+                            actual_mac, mac_length);
+    }
+
+    mbedtls_free(actual_mac);
+    actual_mac = NULL;
+
+exit:
+    psa_mac_abort(&operation);
+    psa_destroy_key(key);
+    PSA_DONE();
+    mbedtls_free(actual_mac);
+    mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mac_verify(int key_type_arg,
+                data_t *key_data,
+                int alg_arg,
+                data_t *input,
+                data_t *expected_mac,
+                int forced_status_arg)
+{
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+    psa_status_t forced_status = forced_status_arg;
+    mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init();
+
+    TEST_ASSERT(expected_mac->len <= PSA_MAC_MAX_SIZE);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+
+    mbedtls_test_driver_mac_hooks.forced_status = forced_status;
+
+    /*
+     * Verify the MAC, one-shot case.
+     */
+    status = psa_mac_verify(key, alg,
+                            input->x, input->len,
+                            expected_mac->x, expected_mac->len);
+    TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1);
+    if (forced_status == PSA_SUCCESS ||
+        forced_status == PSA_ERROR_NOT_SUPPORTED) {
+        PSA_ASSERT(status);
+    } else {
+        TEST_EQUAL(forced_status, status);
+    }
+
+    mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init();
+    mbedtls_test_driver_mac_hooks.forced_status = forced_status;
+
+    /*
+     * Verify the MAC, multi-part case.
+     */
+    status = psa_mac_verify_setup(&operation, key, alg);
+    TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1);
+
+    if (forced_status == PSA_SUCCESS ||
+        forced_status == PSA_ERROR_NOT_SUPPORTED) {
+        PSA_ASSERT(status);
+    } else {
+        TEST_EQUAL(forced_status, status);
+    }
+
+    status = psa_mac_update(&operation,
+                            input->x, input->len);
+    if (forced_status == PSA_SUCCESS) {
+        TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 2);
+    } else {
+        TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1);
+    }
+
+    if (forced_status == PSA_SUCCESS ||
+        forced_status == PSA_ERROR_NOT_SUPPORTED) {
+        PSA_ASSERT(status);
+    } else {
+        TEST_EQUAL(PSA_ERROR_BAD_STATE, status);
+    }
+
+    status = psa_mac_verify_finish(&operation,
+                                   expected_mac->x,
+                                   expected_mac->len);
+    if (forced_status == PSA_SUCCESS) {
+        TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 4);
+    } else {
+        TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1);
+    }
+
+    if (forced_status == PSA_SUCCESS ||
+        forced_status == PSA_ERROR_NOT_SUPPORTED) {
+        PSA_ASSERT(status);
+    } else {
+        TEST_EQUAL(PSA_ERROR_BAD_STATE, status);
+    }
+
+
+    PSA_ASSERT(psa_mac_abort(&operation));
+    if (forced_status == PSA_SUCCESS) {
+        TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 4);
+    } else {
+        TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1);
+    }
+
+exit:
+    psa_mac_abort(&operation);
+    psa_destroy_key(key);
+    PSA_DONE();
+    mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+void builtin_key_export(int builtin_key_id_arg,
+                        int builtin_key_type_arg,
+                        int builtin_key_bits_arg,
+                        int builtin_key_algorithm_arg,
+                        data_t *expected_output,
+                        int expected_status_arg)
+{
+    psa_key_id_t builtin_key_id = (psa_key_id_t) builtin_key_id_arg;
+    psa_key_type_t builtin_key_type = (psa_key_type_t) builtin_key_type_arg;
+    psa_algorithm_t builtin_key_alg = (psa_algorithm_t) builtin_key_algorithm_arg;
+    size_t builtin_key_bits = (size_t) builtin_key_bits_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make(0, builtin_key_id);
+    uint8_t *output_buffer = NULL;
+    size_t output_size = 0;
+    psa_status_t actual_status;
+
+    PSA_ASSERT(psa_crypto_init());
+    TEST_CALLOC(output_buffer, expected_output->len);
+
+    actual_status = psa_export_key(key, output_buffer, expected_output->len, &output_size);
+
+    if (expected_status == PSA_SUCCESS) {
+        PSA_ASSERT(actual_status);
+        TEST_EQUAL(output_size, expected_output->len);
+        TEST_MEMORY_COMPARE(output_buffer, output_size,
+                            expected_output->x, expected_output->len);
+
+        PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+        TEST_EQUAL(psa_get_key_bits(&attributes), builtin_key_bits);
+        TEST_EQUAL(psa_get_key_type(&attributes), builtin_key_type);
+        TEST_EQUAL(psa_get_key_algorithm(&attributes), builtin_key_alg);
+    } else {
+        if (actual_status != expected_status) {
+            fprintf(stderr, "Expected %d but got %d\n", expected_status, actual_status);
+        }
+        TEST_EQUAL(actual_status, expected_status);
+        TEST_EQUAL(output_size, 0);
+    }
+
+exit:
+    mbedtls_free(output_buffer);
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+void builtin_pubkey_export(int builtin_key_id_arg,
+                           int builtin_key_type_arg,
+                           int builtin_key_bits_arg,
+                           int builtin_key_algorithm_arg,
+                           data_t *expected_output,
+                           int expected_status_arg)
+{
+    psa_key_id_t builtin_key_id = (psa_key_id_t) builtin_key_id_arg;
+    psa_key_type_t builtin_key_type = (psa_key_type_t) builtin_key_type_arg;
+    psa_algorithm_t builtin_key_alg = (psa_algorithm_t) builtin_key_algorithm_arg;
+    size_t builtin_key_bits = (size_t) builtin_key_bits_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make(0, builtin_key_id);
+    uint8_t *output_buffer = NULL;
+    size_t output_size = 0;
+    psa_status_t actual_status;
+
+    PSA_ASSERT(psa_crypto_init());
+    TEST_CALLOC(output_buffer, expected_output->len);
+
+    actual_status = psa_export_public_key(key, output_buffer, expected_output->len, &output_size);
+
+    if (expected_status == PSA_SUCCESS) {
+        PSA_ASSERT(actual_status);
+        TEST_EQUAL(output_size, expected_output->len);
+        TEST_MEMORY_COMPARE(output_buffer, output_size,
+                            expected_output->x, expected_output->len);
+
+        PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+        TEST_EQUAL(psa_get_key_bits(&attributes), builtin_key_bits);
+        TEST_EQUAL(psa_get_key_type(&attributes), builtin_key_type);
+        TEST_EQUAL(psa_get_key_algorithm(&attributes), builtin_key_alg);
+    } else {
+        TEST_EQUAL(actual_status, expected_status);
+        TEST_EQUAL(output_size, 0);
+    }
+
+exit:
+    mbedtls_free(output_buffer);
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_compute(int alg_arg,
+                  data_t *input, data_t *hash,
+                  int forced_status_arg,
+                  int expected_status_arg)
+{
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t forced_status = forced_status_arg;
+    psa_status_t expected_status = expected_status_arg;
+    unsigned char *output = NULL;
+    size_t output_length;
+
+    mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+    mbedtls_test_driver_hash_hooks.forced_status = forced_status;
+
+    PSA_ASSERT(psa_crypto_init());
+    TEST_CALLOC(output, PSA_HASH_LENGTH(alg));
+
+    TEST_EQUAL(psa_hash_compute(alg, input->x, input->len,
+                                output, PSA_HASH_LENGTH(alg),
+                                &output_length), expected_status);
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 1);
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status);
+
+    if (expected_status == PSA_SUCCESS) {
+        TEST_MEMORY_COMPARE(output, output_length, hash->x, hash->len);
+    }
+
+exit:
+    mbedtls_free(output);
+    PSA_DONE();
+    mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_multipart_setup(int alg_arg,
+                          data_t *input, data_t *hash,
+                          int forced_status_arg,
+                          int expected_status_arg)
+{
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t forced_status = forced_status_arg;
+    psa_status_t expected_status = expected_status_arg;
+    unsigned char *output = NULL;
+    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+    size_t output_length;
+
+    mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+    TEST_CALLOC(output, PSA_HASH_LENGTH(alg));
+
+    PSA_ASSERT(psa_crypto_init());
+
+    mbedtls_test_driver_hash_hooks.forced_status = forced_status;
+    TEST_EQUAL(psa_hash_setup(&operation, alg), expected_status);
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 1);
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status);
+
+    if (expected_status == PSA_SUCCESS) {
+        PSA_ASSERT(psa_hash_update(&operation, input->x, input->len));
+        TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits,
+                   forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 2);
+        TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status);
+
+        PSA_ASSERT(psa_hash_finish(&operation,
+                                   output, PSA_HASH_LENGTH(alg),
+                                   &output_length));
+        TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits,
+                   forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 4);
+        TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status);
+
+        TEST_MEMORY_COMPARE(output, output_length, hash->x, hash->len);
+    }
+
+exit:
+    psa_hash_abort(&operation);
+    mbedtls_free(output);
+    PSA_DONE();
+    mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_multipart_update(int alg_arg,
+                           data_t *input, data_t *hash,
+                           int forced_status_arg)
+{
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t forced_status = forced_status_arg;
+    unsigned char *output = NULL;
+    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+    size_t output_length;
+
+    mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+    TEST_CALLOC(output, PSA_HASH_LENGTH(alg));
+
+    PSA_ASSERT(psa_crypto_init());
+
+    /*
+     * Update inactive operation, the driver shouldn't be called.
+     */
+    TEST_EQUAL(psa_hash_update(&operation, input->x, input->len),
+               PSA_ERROR_BAD_STATE);
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 0);
+
+    PSA_ASSERT(psa_hash_setup(&operation, alg));
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 1);
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS);
+
+    mbedtls_test_driver_hash_hooks.forced_status = forced_status;
+    TEST_EQUAL(psa_hash_update(&operation, input->x, input->len),
+               forced_status);
+    /* One or two more calls to the driver interface: update or update + abort */
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits,
+               forced_status == PSA_SUCCESS ? 2 : 3);
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status);
+
+    if (forced_status == PSA_SUCCESS) {
+        mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+        PSA_ASSERT(psa_hash_finish(&operation,
+                                   output, PSA_HASH_LENGTH(alg),
+                                   &output_length));
+        /* Two calls to the driver interface: update + abort */
+        TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 2);
+        TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS);
+
+        TEST_MEMORY_COMPARE(output, output_length, hash->x, hash->len);
+    }
+
+exit:
+    psa_hash_abort(&operation);
+    mbedtls_free(output);
+    PSA_DONE();
+    mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_multipart_finish(int alg_arg,
+                           data_t *input, data_t *hash,
+                           int forced_status_arg)
+{
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t forced_status = forced_status_arg;
+    unsigned char *output = NULL;
+    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+    size_t output_length;
+
+    mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+    TEST_CALLOC(output, PSA_HASH_LENGTH(alg));
+
+    PSA_ASSERT(psa_crypto_init());
+
+    /*
+     * Finish inactive operation, the driver shouldn't be called.
+     */
+    TEST_EQUAL(psa_hash_finish(&operation, output, PSA_HASH_LENGTH(alg),
+                               &output_length),
+               PSA_ERROR_BAD_STATE);
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 0);
+
+    PSA_ASSERT(psa_hash_setup(&operation, alg));
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 1);
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS);
+
+    PSA_ASSERT(psa_hash_update(&operation, input->x, input->len));
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 2);
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS);
+
+    mbedtls_test_driver_hash_hooks.forced_status = forced_status;
+    TEST_EQUAL(psa_hash_finish(&operation,
+                               output, PSA_HASH_LENGTH(alg),
+                               &output_length),
+               forced_status);
+    /* Two more calls to the driver interface: finish + abort */
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 4);
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status);
+
+    if (forced_status == PSA_SUCCESS) {
+        TEST_MEMORY_COMPARE(output, output_length, hash->x, hash->len);
+    }
+
+exit:
+    psa_hash_abort(&operation);
+    mbedtls_free(output);
+    PSA_DONE();
+    mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_clone(int alg_arg,
+                data_t *input, data_t *hash,
+                int forced_status_arg)
+{
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t forced_status = forced_status_arg;
+    unsigned char *output = NULL;
+    psa_hash_operation_t source_operation = PSA_HASH_OPERATION_INIT;
+    psa_hash_operation_t target_operation = PSA_HASH_OPERATION_INIT;
+    size_t output_length;
+
+    mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+    TEST_CALLOC(output, PSA_HASH_LENGTH(alg));
+
+    PSA_ASSERT(psa_crypto_init());
+
+    /*
+     * Clone inactive operation, the driver shouldn't be called.
+     */
+    TEST_EQUAL(psa_hash_clone(&source_operation, &target_operation),
+               PSA_ERROR_BAD_STATE);
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 0);
+
+    PSA_ASSERT(psa_hash_setup(&source_operation, alg));
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 1);
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS);
+
+    mbedtls_test_driver_hash_hooks.forced_status = forced_status;
+    TEST_EQUAL(psa_hash_clone(&source_operation, &target_operation),
+               forced_status);
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits,
+               forced_status == PSA_SUCCESS ? 2 : 3);
+    TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status);
+
+    if (forced_status == PSA_SUCCESS) {
+        mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+        PSA_ASSERT(psa_hash_update(&target_operation,
+                                   input->x, input->len));
+        TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 1);
+        TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS);
+
+        PSA_ASSERT(psa_hash_finish(&target_operation,
+                                   output, PSA_HASH_LENGTH(alg),
+                                   &output_length));
+        TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 3);
+        TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS);
+
+        TEST_MEMORY_COMPARE(output, output_length, hash->x, hash->len);
+    }
+
+exit:
+    psa_hash_abort(&source_operation);
+    psa_hash_abort(&target_operation);
+    mbedtls_free(output);
+    PSA_DONE();
+    mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init();
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_entropy.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_entropy.data
new file mode 100644
index 0000000..322363d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_entropy.data
@@ -0,0 +1,45 @@
+PSA external RNG failure: generate random and key
+external_rng_failure_generate:
+
+# When verifying the impact of a forced RNG failure, depend on the built-in
+# implementation of the algorithm that uses randomization, whether it's
+# because the algorithm is randomized or because our implementation uses
+# randomization for (e.g.) blinding. An external implementation could use
+# its own randomness source which is not affected by the forced failure of
+# the RNG driver.
+# Key types and non-randomized auxiliary algorithms (in practice, hashes) can
+# use an external implementation.
+PSA external RNG failure: randomized ECDSA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PSA_BUILTIN_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256
+external_rng_failure_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:32
+
+PSA external RNG failure: deterministic ECDSA (software implementation)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_SECP_R1_256
+external_rng_failure_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):32
+
+PSA external RNG failure: RSA-PSS
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS
+external_rng_failure_sign:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):32
+
+PSA external RNG failure: RSA PKCS#1v1.5 (software implementation)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN
+external_rng_failure_sign:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:32
+
+PSA validate entropy injection: good, minimum size
+validate_entropy_seed_injection:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_ERROR_NOT_PERMITTED
+
+PSA validate entropy injection: good, max size
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_SUCCESS:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_ERROR_NOT_PERMITTED
+
+PSA validate entropy injection: bad, too big
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE+1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS
+
+PSA validate entropy injection: bad, too small using MBEDTLS_ENTROPY_MIN_PLATFORM
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS
+
+PSA validate entropy injection: bad, too small using MBEDTLS_ENTROPY_BLOCK_SIZE
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_BLOCK_SIZE-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS
+
+PSA validate entropy injection: before and after crypto_init
+run_entropy_inject_with_crypto_init:
+
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_entropy.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_entropy.function
new file mode 100644
index 0000000..362b3da
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_entropy.function
@@ -0,0 +1,251 @@
+/* BEGIN_HEADER */
+#include <stdint.h>
+#include <string.h>
+
+#include <psa/crypto.h>
+
+#include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
+
+/* Calculating the minimum allowed entropy size in bytes */
+#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, \
+                                                MBEDTLS_ENTROPY_BLOCK_SIZE)
+
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
+#include <psa_crypto_its.h>
+
+/* Check the entropy seed file.
+ *
+ * \param expected_size     Expected size in bytes.
+ *                          If 0, the file must not exist.
+ *
+ * \retval 1    Either \p expected_size is nonzero and
+ *              the entropy seed file exists and has exactly this size,
+ *              or \p expected_size is zero and the file does not exist.
+ * \retval 0    Either \p expected_size is nonzero but
+ *              the entropy seed file does not exist or has a different size,
+ *              or \p expected_size is zero but the file exists.
+ *              In this case, the test case is marked as failed.
+ *
+ * \note We enforce that the seed is in a specific ITS file.
+ *       This must not change, otherwise we break backward compatibility if
+ *       the library is upgraded on a device with an existing seed.
+ */
+int check_random_seed_file(size_t expected_size)
+{
+    /* The value of the random seed UID must not change. Otherwise that would
+     * break upgrades of the library on devices that already contain a seed
+     * file. If this test assertion fails, you've presumably broken backward
+     * compatibility! */
+    TEST_EQUAL(PSA_CRYPTO_ITS_RANDOM_SEED_UID, 0xFFFFFF52);
+
+    struct psa_storage_info_t info = { 0, 0 };
+    psa_status_t status = psa_its_get_info(PSA_CRYPTO_ITS_RANDOM_SEED_UID,
+                                           &info);
+
+    if (expected_size == 0) {
+        TEST_EQUAL(status, PSA_ERROR_DOES_NOT_EXIST);
+    } else {
+        TEST_EQUAL(status, PSA_SUCCESS);
+        TEST_EQUAL(info.size, expected_size);
+    }
+    return 1;
+
+exit:
+    return 0;
+}
+
+/* Remove the entropy seed file.
+ *
+ * See check_random_seed_file() regarding abstraction boundaries.
+ */
+psa_status_t remove_seed_file(void)
+{
+    return psa_its_remove(PSA_CRYPTO_ITS_RANDOM_SEED_UID);
+}
+
+#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
+
+/* END_HEADER */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+void external_rng_failure_generate()
+{
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE);
+    psa_set_key_bits(&attributes, 128);
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    uint8_t output[1];
+
+    PSA_ASSERT(psa_crypto_init());
+
+    PSA_ASSERT(psa_generate_random(output, sizeof(output)));
+    PSA_ASSERT(psa_generate_key(&attributes, &key));
+    PSA_ASSERT(psa_destroy_key(key));
+
+    mbedtls_test_disable_insecure_external_rng();
+    TEST_EQUAL(PSA_ERROR_INSUFFICIENT_ENTROPY,
+               psa_generate_random(output, sizeof(output)));
+    TEST_EQUAL(PSA_ERROR_INSUFFICIENT_ENTROPY,
+               psa_generate_key(&attributes, &key));
+
+exit:
+    psa_destroy_key(key);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+void external_rng_failure_sign(int key_type, data_t *key_data, int alg,
+                               int input_size_arg)
+{
+    /* This test case is only expected to pass if the signature mechanism
+     * requires randomness, either because it is a randomized signature
+     * or because the implementation uses blinding. */
+
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_set_key_type(&attributes, key_type);
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH);
+    psa_set_key_algorithm(&attributes, alg);
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    size_t input_size = input_size_arg;
+    uint8_t *input = NULL;
+    uint8_t *signature = NULL;
+    size_t signature_size = PSA_SIGNATURE_MAX_SIZE;
+    size_t signature_length;
+
+    TEST_CALLOC(input, input_size);
+    TEST_CALLOC(signature, signature_size);
+
+    PSA_ASSERT(psa_crypto_init());
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+    PSA_ASSERT(psa_sign_hash(key, alg,
+                             input, input_size,
+                             signature, signature_size,
+                             &signature_length));
+    PSA_ASSERT(psa_destroy_key(key));
+
+    mbedtls_test_disable_insecure_external_rng();
+    /* Import the key again, because for RSA Mbed TLS caches blinding values
+     * in the key object and this could perturb the test. */
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+    TEST_EQUAL(PSA_ERROR_INSUFFICIENT_ENTROPY,
+               psa_sign_hash(key, alg,
+                             input, input_size,
+                             signature, signature_size,
+                             &signature_length));
+    PSA_ASSERT(psa_destroy_key(key));
+
+exit:
+    psa_destroy_key(key);
+    PSA_DONE();
+    mbedtls_free(input);
+    mbedtls_free(signature);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_INJECT_ENTROPY */
+void validate_entropy_seed_injection(int seed_length_a,
+                                     int expected_status_a,
+                                     int seed_length_b,
+                                     int expected_status_b)
+{
+    psa_status_t status;
+    uint8_t output[32] = { 0 };
+    uint8_t zeros[32] = { 0 };
+    uint8_t *seed = NULL;
+    int i;
+    int seed_size;
+    if (seed_length_a > seed_length_b) {
+        seed_size = seed_length_a;
+    } else {
+        seed_size = seed_length_b;
+    }
+    TEST_CALLOC(seed, seed_size);
+    /* fill seed with some data */
+    for (i = 0; i < seed_size; ++i) {
+        seed[i] = i;
+    }
+    status =  remove_seed_file();
+    TEST_ASSERT((status == PSA_SUCCESS) ||
+                (status == PSA_ERROR_DOES_NOT_EXIST));
+    if (!check_random_seed_file(0)) {
+        goto exit;
+    }
+
+    status = mbedtls_psa_inject_entropy(seed, seed_length_a);
+    TEST_EQUAL(status, expected_status_a);
+    if (!check_random_seed_file(expected_status_a == PSA_SUCCESS ? seed_length_a :
+                                0)) {
+        goto exit;
+    }
+
+    status = mbedtls_psa_inject_entropy(seed, seed_length_b);
+    TEST_EQUAL(status, expected_status_b);
+    if (!check_random_seed_file(expected_status_a == PSA_SUCCESS ? seed_length_a :
+                                expected_status_b == PSA_SUCCESS ? seed_length_b :
+                                0)) {
+        goto exit;
+    }
+
+    PSA_ASSERT(psa_crypto_init());
+    PSA_ASSERT(psa_generate_random(output,
+                                   sizeof(output)));
+    TEST_ASSERT(memcmp(output, zeros, sizeof(output)) != 0);
+
+exit:
+    mbedtls_free(seed);
+    PSA_DONE();
+    mbedtls_test_inject_entropy_restore();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_INJECT_ENTROPY */
+void run_entropy_inject_with_crypto_init()
+{
+    psa_status_t status;
+    size_t i;
+    uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = { 0 };
+    /* fill seed with some data */
+    for (i = 0; i < sizeof(seed); ++i) {
+        seed[i] = i;
+    }
+
+    status =  remove_seed_file();
+    TEST_ASSERT((status == PSA_SUCCESS) ||
+                (status == PSA_ERROR_DOES_NOT_EXIST));
+    if (!check_random_seed_file(0)) {
+        goto exit;
+    }
+    status = mbedtls_psa_inject_entropy(seed, sizeof(seed));
+    PSA_ASSERT(status);
+    TEST_ASSERT(check_random_seed_file(sizeof(seed)));
+    status =  remove_seed_file();
+    TEST_EQUAL(status, PSA_SUCCESS);
+    if (!check_random_seed_file(0)) {
+        goto exit;
+    }
+
+    status = psa_crypto_init();
+    TEST_EQUAL(status, PSA_ERROR_INSUFFICIENT_ENTROPY);
+    status = mbedtls_psa_inject_entropy(seed, sizeof(seed));
+    PSA_ASSERT(status);
+    if (!check_random_seed_file(sizeof(seed))) {
+        goto exit;
+    }
+
+    status = psa_crypto_init();
+    PSA_ASSERT(status);
+    PSA_DONE();
+
+    /* The seed is written by nv_seed callback functions therefore the injection will fail */
+    status = mbedtls_psa_inject_entropy(seed, sizeof(seed));
+    TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED);
+
+exit:
+    PSA_DONE();
+    mbedtls_test_inject_entropy_restore();
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_generate_key.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_generate_key.function
new file mode 100644
index 0000000..366e09b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_generate_key.function
@@ -0,0 +1,48 @@
+/* BEGIN_HEADER */
+
+#include "psa/crypto.h"
+#include "test/psa_crypto_helpers.h"
+
+#define INVALID_KEY_ID mbedtls_svc_key_id_make(0, 0xfedcba98)
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void generate_key(int key_type_arg, int bits_arg, int expected_status_arg)
+{
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t key_id = INVALID_KEY_ID;
+
+    // key lifetime, usage flags, algorithm are irrelevant for this test
+    psa_key_type_t key_type = key_type_arg;
+    size_t bits = bits_arg;
+    psa_status_t expected_status = expected_status_arg;
+
+    PSA_ASSERT(psa_crypto_init());
+    psa_set_key_type(&attributes, key_type);
+    psa_set_key_bits(&attributes, bits);
+    TEST_EQUAL(psa_generate_key(&attributes, &key_id),
+               expected_status);
+
+    // Verify attributes of the created key on success
+    if (expected_status == PSA_SUCCESS) {
+        psa_reset_key_attributes(&attributes);
+        PSA_ASSERT(psa_get_key_attributes(key_id, &attributes));
+        TEST_EQUAL(psa_get_key_lifetime(&attributes), PSA_KEY_LIFETIME_VOLATILE);
+        TEST_EQUAL(psa_get_key_usage_flags(&attributes), 0);
+        TEST_EQUAL(psa_get_key_algorithm(&attributes), 0);
+        TEST_EQUAL(psa_get_key_type(&attributes), key_type);
+        TEST_EQUAL(psa_get_key_bits(&attributes), bits);
+    }
+
+exit:
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(key_id);
+    PSA_DONE();
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_generate_key.generated.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_generate_key.generated.data
new file mode 100644
index 0000000..7199c68
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_generate_key.generated.data
@@ -0,0 +1,342 @@
+# Automatically generated by generate_psa_tests.py. Do not edit!
+
+PSA AES 128-bit
+depends_on:PSA_WANT_KEY_TYPE_AES
+generate_key:PSA_KEY_TYPE_AES:128:PSA_SUCCESS:
+
+PSA AES 192-bit
+depends_on:PSA_WANT_KEY_TYPE_AES
+generate_key:PSA_KEY_TYPE_AES:192:PSA_SUCCESS:
+
+PSA AES 256-bit
+depends_on:PSA_WANT_KEY_TYPE_AES
+generate_key:PSA_KEY_TYPE_AES:256:PSA_SUCCESS:
+
+PSA ARC4 8-bit
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+generate_key:PSA_KEY_TYPE_ARC4:8:PSA_SUCCESS:
+
+PSA ARC4 128-bit
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+generate_key:PSA_KEY_TYPE_ARC4:128:PSA_SUCCESS:
+
+PSA ARC4 2048-bit
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+generate_key:PSA_KEY_TYPE_ARC4:2048:PSA_SUCCESS:
+
+PSA ARIA 128-bit
+depends_on:PSA_WANT_KEY_TYPE_ARIA
+generate_key:PSA_KEY_TYPE_ARIA:128:PSA_SUCCESS:
+
+PSA ARIA 192-bit
+depends_on:PSA_WANT_KEY_TYPE_ARIA
+generate_key:PSA_KEY_TYPE_ARIA:192:PSA_SUCCESS:
+
+PSA ARIA 256-bit
+depends_on:PSA_WANT_KEY_TYPE_ARIA
+generate_key:PSA_KEY_TYPE_ARIA:256:PSA_SUCCESS:
+
+PSA CAMELLIA 128-bit
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA
+generate_key:PSA_KEY_TYPE_CAMELLIA:128:PSA_SUCCESS:
+
+PSA CAMELLIA 192-bit
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA
+generate_key:PSA_KEY_TYPE_CAMELLIA:192:PSA_SUCCESS:
+
+PSA CAMELLIA 256-bit
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA
+generate_key:PSA_KEY_TYPE_CAMELLIA:256:PSA_SUCCESS:
+
+PSA CHACHA20 256-bit
+depends_on:PSA_WANT_KEY_TYPE_CHACHA20
+generate_key:PSA_KEY_TYPE_CHACHA20:256:PSA_SUCCESS:
+
+PSA DERIVE 120-bit
+depends_on:PSA_WANT_KEY_TYPE_DERIVE
+generate_key:PSA_KEY_TYPE_DERIVE:120:PSA_SUCCESS:
+
+PSA DERIVE 128-bit
+depends_on:PSA_WANT_KEY_TYPE_DERIVE
+generate_key:PSA_KEY_TYPE_DERIVE:128:PSA_SUCCESS:
+
+PSA DES 64-bit
+depends_on:PSA_WANT_KEY_TYPE_DES
+generate_key:PSA_KEY_TYPE_DES:64:PSA_SUCCESS:
+
+PSA DES 128-bit
+depends_on:PSA_WANT_KEY_TYPE_DES
+generate_key:PSA_KEY_TYPE_DES:128:PSA_SUCCESS:
+
+PSA DES 192-bit
+depends_on:PSA_WANT_KEY_TYPE_DES
+generate_key:PSA_KEY_TYPE_DES:192:PSA_SUCCESS:
+
+PSA HMAC 128-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+generate_key:PSA_KEY_TYPE_HMAC:128:PSA_SUCCESS:
+
+PSA HMAC 160-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+generate_key:PSA_KEY_TYPE_HMAC:160:PSA_SUCCESS:
+
+PSA HMAC 224-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+generate_key:PSA_KEY_TYPE_HMAC:224:PSA_SUCCESS:
+
+PSA HMAC 256-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+generate_key:PSA_KEY_TYPE_HMAC:256:PSA_SUCCESS:
+
+PSA HMAC 384-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+generate_key:PSA_KEY_TYPE_HMAC:384:PSA_SUCCESS:
+
+PSA HMAC 512-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+generate_key:PSA_KEY_TYPE_HMAC:512:PSA_SUCCESS:
+
+PSA RAW_DATA 8-bit
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+generate_key:PSA_KEY_TYPE_RAW_DATA:8:PSA_SUCCESS:
+
+PSA RAW_DATA 40-bit
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+generate_key:PSA_KEY_TYPE_RAW_DATA:40:PSA_SUCCESS:
+
+PSA RAW_DATA 128-bit
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+generate_key:PSA_KEY_TYPE_RAW_DATA:128:PSA_SUCCESS:
+
+PSA RSA_KEY_PAIR 1024-bit
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_SUCCESS:
+
+PSA RSA_KEY_PAIR 1536-bit
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME
+generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_SUCCESS:
+
+PSA RSA_PUBLIC_KEY 1024-bit
+generate_key:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA RSA_PUBLIC_KEY 1536-bit
+generate_key:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_256
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_384
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_512
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_SUCCESS:
+
+PSA ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_KEY_PAIR(MONTGOMERY) 255-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(MONTGOMERY) 448-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_SUCCESS:
+
+PSA ECC_PUBLIC_KEY(MONTGOMERY) 255-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(MONTGOMERY) 448-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_KEY_PAIR(SECP_K1) 192-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_192
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(SECP_K1) 224-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_224
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(SECP_K1) 256-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_256
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_SUCCESS:
+
+PSA ECC_PUBLIC_KEY(SECP_K1) 192-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(SECP_K1) 224-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(SECP_K1) 256-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_KEY_PAIR(SECP_R1) 225-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(SECP_R1) 256-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(SECP_R1) 384-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_384
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(SECP_R1) 521-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_521
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_SUCCESS:
+
+PSA ECC_PUBLIC_KEY(SECP_R1) 225-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(SECP_R1) 256-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(SECP_R1) 384-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(SECP_R1) 521-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_KEY_PAIR(SECP_R2) 160-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_SUCCESS:
+
+PSA ECC_PUBLIC_KEY(SECP_R2) 160-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_KEY_PAIR(SECT_K1) 163-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(SECT_K1) 233-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(SECT_K1) 239-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(SECT_K1) 283-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(SECT_K1) 409-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(SECT_K1) 571-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_SUCCESS:
+
+PSA ECC_PUBLIC_KEY(SECT_K1) 163-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(SECT_K1) 233-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(SECT_K1) 239-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(SECT_K1) 283-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(SECT_K1) 409-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(SECT_K1) 571-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_KEY_PAIR(SECT_R1) 163-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(SECT_R1) 233-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(SECT_R1) 283-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(SECT_R1) 409-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(SECT_R1) 571-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_SUCCESS:
+
+PSA ECC_PUBLIC_KEY(SECT_R1) 163-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(SECT_R1) 233-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(SECT_R1) 283-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(SECT_R1) 409-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(SECT_R1) 571-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_KEY_PAIR(SECT_R2) 163-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_SUCCESS:
+
+PSA ECC_PUBLIC_KEY(SECT_R2) 163-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_SUCCESS:
+
+PSA ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_SUCCESS:
+
+PSA ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_ERROR_INVALID_ARGUMENT:
+
+PSA ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit
+generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_ERROR_INVALID_ARGUMENT:
+
+# End of automatically generated file.
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_hash.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_hash.data
similarity index 91%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_hash.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_hash.data
index 0e2d1b0..67158d0 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_hash.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_hash.data
@@ -1,587 +1,587 @@
 PSA hash finish: SHA-1 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_finish:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
 
 PSA hash finish: SHA-1 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_finish:PSA_ALG_SHA_1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15"
 
 PSA hash finish: SHA-1 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_finish:PSA_ALG_SHA_1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024"
 
 PSA hash finish: SHA-1 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_finish:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619"
 
 PSA hash finish: SHA-1 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_finish:PSA_ALG_SHA_1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253"
 
 PSA hash finish: SHA-1 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_finish:PSA_ALG_SHA_1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93"
 
 PSA hash finish: SHA-1 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_finish:PSA_ALG_SHA_1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217"
 
 PSA hash finish: SHA-1 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_finish:PSA_ALG_SHA_1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19"
 
 PSA hash finish: SHA-1 Test Vector NIST CAVS #9
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_finish:PSA_ALG_SHA_1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45"
 
 PSA hash finish: SHA-1 Test Vector NIST CAVS #10
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_finish:PSA_ALG_SHA_1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af"
 
 PSA hash finish: SHA-224 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
 hash_finish:PSA_ALG_SHA_224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
 
 PSA hash finish: SHA-224 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
 hash_finish:PSA_ALG_SHA_224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5"
 
 PSA hash finish: SHA-224 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
 hash_finish:PSA_ALG_SHA_224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e"
 
 PSA hash finish: SHA-224 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
 hash_finish:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
 
 PSA hash finish: SHA-224 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
 hash_finish:PSA_ALG_SHA_224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d"
 
 PSA hash finish: SHA-224 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
 hash_finish:PSA_ALG_SHA_224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713"
 
 PSA hash finish: SHA-224 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
 hash_finish:PSA_ALG_SHA_224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe"
 
 PSA hash finish: SHA-256 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
 hash_finish:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
 
 PSA hash finish: SHA-256 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
 hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
 
 PSA hash finish: SHA-256 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
 hash_finish:PSA_ALG_SHA_256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788"
 
 PSA hash finish: SHA-256 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
 hash_finish:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803"
 
 PSA hash finish: SHA-256 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
 hash_finish:PSA_ALG_SHA_256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504"
 
 PSA hash finish: SHA-256 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
 hash_finish:PSA_ALG_SHA_256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605"
 
 PSA hash finish: SHA-256 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
 hash_finish:PSA_ALG_SHA_256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e"
 
 PSA hash finish: SHA-384 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
 hash_finish:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b"
 
 PSA hash finish: SHA-384 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
 hash_finish:PSA_ALG_SHA_384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d"
 
 PSA hash finish: SHA-384 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
 hash_finish:PSA_ALG_SHA_384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc"
 
 PSA hash finish: SHA-384 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
 hash_finish:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955"
 
 PSA hash finish: SHA-384 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
 hash_finish:PSA_ALG_SHA_384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a"
 
 PSA hash finish: SHA-384 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
 hash_finish:PSA_ALG_SHA_384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649"
 
 PSA hash finish: SHA-384 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
 hash_finish:PSA_ALG_SHA_384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980"
 
 PSA hash finish: SHA-384 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
 hash_finish:PSA_ALG_SHA_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e"
 
 PSA hash finish: SHA-512 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
 hash_finish:PSA_ALG_SHA_512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"
 
 PSA hash finish: SHA-512 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
 hash_finish:PSA_ALG_SHA_512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a"
 
 PSA hash finish: SHA-512 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
 hash_finish:PSA_ALG_SHA_512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231"
 
 PSA hash finish: SHA-512 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
 hash_finish:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
 
 PSA hash finish: SHA-512 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
 hash_finish:PSA_ALG_SHA_512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f"
 
 PSA hash finish: SHA-512 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
 hash_finish:PSA_ALG_SHA_512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297"
 
 PSA hash finish: SHA-512 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
 hash_finish:PSA_ALG_SHA_512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94"
 
 PSA hash finish: SHA-512 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
 hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
 
 PSA hash finish: MD2 Test vector RFC1319 #1
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
 hash_finish:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773"
 
 PSA hash finish: MD2 Test vector RFC1319 #2
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
 hash_finish:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
 
 PSA hash finish: MD2 Test vector RFC1319 #3
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
 hash_finish:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
 
 PSA hash finish: MD2 Test vector RFC1319 #4
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
 hash_finish:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0"
 
 PSA hash finish: MD2 Test vector RFC1319 #5
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
 hash_finish:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b"
 
 PSA hash finish: MD2 Test vector RFC1319 #6
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
 hash_finish:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd"
 
 PSA hash finish: MD2 Test vector RFC1319 #7
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
 hash_finish:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8"
 
 PSA hash finish: MD4 Test vector RFC1320 #1
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
 hash_finish:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
 
 PSA hash finish: MD4 Test vector RFC1320 #2
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
 hash_finish:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24"
 
 PSA hash finish: MD4 Test vector RFC1320 #3
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
 hash_finish:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
 
 PSA hash finish: MD4 Test vector RFC1320 #4
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
 hash_finish:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b"
 
 PSA hash finish: MD4 Test vector RFC1320 #5
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
 hash_finish:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9"
 
 PSA hash finish: MD4 Test vector RFC1320 #6
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
 hash_finish:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4"
 
 PSA hash finish: MD4 Test vector RFC1320 #7
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
 hash_finish:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536"
 
 PSA hash finish: MD5 Test vector RFC1321 #1
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
 hash_finish:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
 
 PSA hash finish: MD5 Test vector RFC1321 #2
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
 hash_finish:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661"
 
 PSA hash finish: MD5 Test vector RFC1321 #3
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
 hash_finish:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72"
 
 PSA hash finish: MD5 Test vector RFC1321 #4
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
 hash_finish:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0"
 
 PSA hash finish: MD5 Test vector RFC1321 #5
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
 hash_finish:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b"
 
 PSA hash finish: MD5 Test vector RFC1321 #6
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
 hash_finish:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f"
 
 PSA hash finish: MD5 Test vector RFC1321 #7
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
 hash_finish:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a"
 
 PSA hash finish: RIPEMD160 Test vector from paper #1
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
 hash_finish:PSA_ALG_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
 
 PSA hash finish: RIPEMD160 Test vector from paper #2
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
 hash_finish:PSA_ALG_RIPEMD160:"61":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe"
 
 PSA hash finish: RIPEMD160 Test vector from paper #3
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
 hash_finish:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
 
 PSA hash finish: RIPEMD160 Test vector from paper #4
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
 hash_finish:PSA_ALG_RIPEMD160:"6d65737361676520646967657374":"5d0689ef49d2fae572b881b123a85ffa21595f36"
 
 PSA hash finish: RIPEMD160 Test vector from paper #5
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
 hash_finish:PSA_ALG_RIPEMD160:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc"
 
 PSA hash finish: RIPEMD160 Test vector from paper #6
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
 hash_finish:PSA_ALG_RIPEMD160:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"12a053384a9c0c88e405a06c27dcf49ada62eb2b"
 
 PSA hash finish: RIPEMD160 Test vector from paper #7
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
 hash_finish:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"b0e20b6e3116640286ed3a87a5713079b21f5189"
 
 PSA hash finish: RIPEMD160 Test vector from paper #8
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
 hash_finish:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
 
 PSA hash verify: SHA-1
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_verify:PSA_ALG_SHA_1:"bd":"9034aaf45143996a2b14465c352ab0c6fa26b221"
 
 PSA hash verify: SHA-224
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
 hash_verify:PSA_ALG_SHA_224:"bd":"b1e46bb9efe45af554363449c6945a0d6169fc3a5a396a56cb97cb57"
 
 PSA hash verify: SHA-256
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
 hash_verify:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
 
 PSA hash verify: SHA-384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
 hash_verify:PSA_ALG_SHA_384:"bd":"4372e38a92a28b5d2c391e62452a86d50e0267228be176c77d2402effe9fa50de407bbb851b37d5904aba2dede74da2a"
 
 PSA hash verify: SHA-512
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
 hash_verify:PSA_ALG_SHA_512:"bd":"296e2267d74c278daaaa940d17b0cfb74a5083f8e069726d8c841cbe596e0431cb7741a5b50f71666cfd54bacb7b00aea891499cf4ef6a03c8a83fe37c3f7baf"
 
 PSA hash verify: MD2
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
 hash_verify:PSA_ALG_MD2:"bd":"8c9c17665d25b35fc413c41805c679cf"
 
 PSA hash verify: MD4
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
 hash_verify:PSA_ALG_MD4:"bd":"18c33f97297efe5f8a732258289fda25"
 
 PSA hash verify: MD5
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
 hash_verify:PSA_ALG_MD5:"bd":"abae57cb562ecf295b4a37a76efe61fb"
 
 PSA hash verify: RIPEMD160
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
 hash_verify:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37"
 
 PSA hash multi part: SHA-1 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_multi_part:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
 
 PSA hash multi part: SHA-1 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_multi_part:PSA_ALG_SHA_1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15"
 
 PSA hash multi part: SHA-1 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_multi_part:PSA_ALG_SHA_1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024"
 
 PSA hash multi part: SHA-1 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_multi_part:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619"
 
 PSA hash multi part: SHA-1 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_multi_part:PSA_ALG_SHA_1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253"
 
 PSA hash multi part: SHA-1 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_multi_part:PSA_ALG_SHA_1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93"
 
 PSA hash multi part: SHA-1 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_multi_part:PSA_ALG_SHA_1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217"
 
 PSA hash multi part: SHA-1 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_multi_part:PSA_ALG_SHA_1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19"
 
 PSA hash multi part: SHA-1 Test Vector NIST CAVS #9
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_multi_part:PSA_ALG_SHA_1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45"
 
 PSA hash multi part: SHA-1 Test Vector NIST CAVS #10
-depends_on:MBEDTLS_SHA1_C
+depends_on:PSA_WANT_ALG_SHA_1
 hash_multi_part:PSA_ALG_SHA_1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af"
 
 PSA hash multi part: SHA-224 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
 hash_multi_part:PSA_ALG_SHA_224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
 
 PSA hash multi part: SHA-224 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
 hash_multi_part:PSA_ALG_SHA_224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5"
 
 PSA hash multi part: SHA-224 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
 hash_multi_part:PSA_ALG_SHA_224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e"
 
 PSA hash multi part: SHA-224 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
 hash_multi_part:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
 
 PSA hash multi part: SHA-224 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
 hash_multi_part:PSA_ALG_SHA_224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d"
 
 PSA hash multi part: SHA-224 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
 hash_multi_part:PSA_ALG_SHA_224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713"
 
 PSA hash multi part: SHA-224 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_224
 hash_multi_part:PSA_ALG_SHA_224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe"
 
 PSA hash multi part: SHA-256 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
 hash_multi_part:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
 
 PSA hash multi part: SHA-256 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
 hash_multi_part:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
 
 PSA hash multi part: SHA-256 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
 hash_multi_part:PSA_ALG_SHA_256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788"
 
 PSA hash multi part: SHA-256 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
 hash_multi_part:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803"
 
 PSA hash multi part: SHA-256 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
 hash_multi_part:PSA_ALG_SHA_256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504"
 
 PSA hash multi part: SHA-256 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
 hash_multi_part:PSA_ALG_SHA_256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605"
 
 PSA hash multi part: SHA-256 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA256_C
+depends_on:PSA_WANT_ALG_SHA_256
 hash_multi_part:PSA_ALG_SHA_256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e"
 
 PSA hash multi part: SHA-384 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
 hash_multi_part:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b"
 
 PSA hash multi part: SHA-384 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
 hash_multi_part:PSA_ALG_SHA_384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d"
 
 PSA hash multi part: SHA-384 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
 hash_multi_part:PSA_ALG_SHA_384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc"
 
 PSA hash multi part: SHA-384 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
 hash_multi_part:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955"
 
 PSA hash multi part: SHA-384 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
 hash_multi_part:PSA_ALG_SHA_384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a"
 
 PSA hash multi part: SHA-384 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
 hash_multi_part:PSA_ALG_SHA_384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649"
 
 PSA hash multi part: SHA-384 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
 hash_multi_part:PSA_ALG_SHA_384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980"
 
 PSA hash multi part: SHA-384 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+depends_on:PSA_WANT_ALG_SHA_384
 hash_multi_part:PSA_ALG_SHA_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e"
 
 PSA hash multi part: SHA-512 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
 hash_multi_part:PSA_ALG_SHA_512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"
 
 PSA hash multi part: SHA-512 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
 hash_multi_part:PSA_ALG_SHA_512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a"
 
 PSA hash multi part: SHA-512 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
 hash_multi_part:PSA_ALG_SHA_512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231"
 
 PSA hash multi part: SHA-512 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
 hash_multi_part:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
 
 PSA hash multi part: SHA-512 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
 hash_multi_part:PSA_ALG_SHA_512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f"
 
 PSA hash multi part: SHA-512 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
 hash_multi_part:PSA_ALG_SHA_512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297"
 
 PSA hash multi part: SHA-512 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
 hash_multi_part:PSA_ALG_SHA_512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94"
 
 PSA hash multi part: SHA-512 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA512_C
+depends_on:PSA_WANT_ALG_SHA_512
 hash_multi_part:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
 
 PSA hash multi part: MD2 Test vector RFC1319 #1
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
 hash_multi_part:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773"
 
 PSA hash multi part: MD2 Test vector RFC1319 #2
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
 hash_multi_part:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
 
 PSA hash multi part: MD2 Test vector RFC1319 #3
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
 hash_multi_part:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
 
 PSA hash multi part: MD2 Test vector RFC1319 #4
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
 hash_multi_part:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0"
 
 PSA hash multi part: MD2 Test vector RFC1319 #5
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
 hash_multi_part:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b"
 
 PSA hash multi part: MD2 Test vector RFC1319 #6
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
 hash_multi_part:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd"
 
 PSA hash multi part: MD2 Test vector RFC1319 #7
-depends_on:MBEDTLS_MD2_C
+depends_on:PSA_WANT_ALG_MD2
 hash_multi_part:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8"
 
 PSA hash multi part: MD4 Test vector RFC1320 #1
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
 hash_multi_part:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
 
 PSA hash multi part: MD4 Test vector RFC1320 #2
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
 hash_multi_part:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24"
 
 PSA hash multi part: MD4 Test vector RFC1320 #3
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
 hash_multi_part:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
 
 PSA hash multi part: MD4 Test vector RFC1320 #4
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
 hash_multi_part:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b"
 
 PSA hash multi part: MD4 Test vector RFC1320 #5
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
 hash_multi_part:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9"
 
 PSA hash multi part: MD4 Test vector RFC1320 #6
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
 hash_multi_part:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4"
 
 PSA hash multi part: MD4 Test vector RFC1320 #7
-depends_on:MBEDTLS_MD4_C
+depends_on:PSA_WANT_ALG_MD4
 hash_multi_part:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536"
 
 PSA hash multi part: MD5 Test vector RFC1321 #1
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
 hash_multi_part:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
 
 PSA hash multi part: MD5 Test vector RFC1321 #2
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
 hash_multi_part:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661"
 
 PSA hash multi part: MD5 Test vector RFC1321 #3
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
 hash_multi_part:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72"
 
 PSA hash multi part: MD5 Test vector RFC1321 #4
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
 hash_multi_part:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0"
 
 PSA hash multi part: MD5 Test vector RFC1321 #5
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
 hash_multi_part:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b"
 
 PSA hash multi part: MD5 Test vector RFC1321 #6
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
 hash_multi_part:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f"
 
 PSA hash multi part: MD5 Test vector RFC1321 #7
-depends_on:MBEDTLS_MD5_C
+depends_on:PSA_WANT_ALG_MD5
 hash_multi_part:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a"
 
 PSA hash multi part: RIPEMD160 Test vector from paper #1
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
 hash_multi_part:PSA_ALG_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
 
 PSA hash multi part: RIPEMD160 Test vector from paper #2
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
 hash_multi_part:PSA_ALG_RIPEMD160:"61":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe"
 
 PSA hash multi part: RIPEMD160 Test vector from paper #3
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
 hash_multi_part:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
 
 PSA hash multi part: RIPEMD160 Test vector from paper #4
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
 hash_multi_part:PSA_ALG_RIPEMD160:"6d65737361676520646967657374":"5d0689ef49d2fae572b881b123a85ffa21595f36"
 
 PSA hash multi part: RIPEMD160 Test vector from paper #5
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
 hash_multi_part:PSA_ALG_RIPEMD160:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc"
 
 PSA hash multi part: RIPEMD160 Test vector from paper #6
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
 hash_multi_part:PSA_ALG_RIPEMD160:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"12a053384a9c0c88e405a06c27dcf49ada62eb2b"
 
 PSA hash multi part: RIPEMD160 Test vector from paper #7
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
 hash_multi_part:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"b0e20b6e3116640286ed3a87a5713079b21f5189"
 
 PSA hash multi part: RIPEMD160 Test vector from paper #8
-depends_on:MBEDTLS_RIPEMD160_C
+depends_on:PSA_WANT_ALG_RIPEMD160
 hash_multi_part:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_hash.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_hash.function
new file mode 100644
index 0000000..0405c1d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_hash.function
@@ -0,0 +1,101 @@
+/* BEGIN_HEADER */
+
+#include <stdint.h>
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void hash_finish(int alg_arg, data_t *input, data_t *expected_hash)
+{
+    psa_algorithm_t alg = alg_arg;
+    unsigned char actual_hash[PSA_HASH_MAX_SIZE];
+    size_t actual_hash_length;
+    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    PSA_ASSERT(psa_hash_setup(&operation, alg));
+    PSA_ASSERT(psa_hash_update(&operation,
+                               input->x, input->len));
+    PSA_ASSERT(psa_hash_finish(&operation,
+                               actual_hash, sizeof(actual_hash),
+                               &actual_hash_length));
+    TEST_MEMORY_COMPARE(expected_hash->x, expected_hash->len,
+                        actual_hash, actual_hash_length);
+
+exit:
+    psa_hash_abort(&operation);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_verify(int alg_arg, data_t *input, data_t *expected_hash)
+{
+    psa_algorithm_t alg = alg_arg;
+    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    PSA_ASSERT(psa_hash_setup(&operation, alg));
+    PSA_ASSERT(psa_hash_update(&operation,
+                               input->x,
+                               input->len));
+    PSA_ASSERT(psa_hash_verify(&operation,
+                               expected_hash->x,
+                               expected_hash->len));
+
+exit:
+    psa_hash_abort(&operation);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_multi_part(int alg_arg, data_t *input, data_t *expected_hash)
+{
+    psa_algorithm_t alg = alg_arg;
+    unsigned char actual_hash[PSA_HASH_MAX_SIZE];
+    size_t actual_hash_length;
+    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+    psa_hash_operation_t operation2 = PSA_HASH_OPERATION_INIT;
+    uint32_t len = 0;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    do {
+        memset(actual_hash, 0, sizeof(actual_hash));
+        PSA_ASSERT(psa_hash_setup(&operation, alg));
+
+        PSA_ASSERT(psa_hash_update(&operation,
+                                   input->x, len));
+        PSA_ASSERT(psa_hash_clone(&operation, &operation2));
+        PSA_ASSERT(psa_hash_update(&operation,
+                                   input->x + len, input->len - len));
+        PSA_ASSERT(psa_hash_update(&operation2,
+                                   input->x + len, input->len - len));
+
+        PSA_ASSERT(psa_hash_finish(&operation,
+                                   actual_hash, sizeof(actual_hash),
+                                   &actual_hash_length));
+        TEST_MEMORY_COMPARE(expected_hash->x, expected_hash->len,
+                            actual_hash, actual_hash_length);
+
+        PSA_ASSERT(psa_hash_finish(&operation2,
+                                   actual_hash, sizeof(actual_hash),
+                                   &actual_hash_length));
+        TEST_MEMORY_COMPARE(expected_hash->x, expected_hash->len,
+                            actual_hash, actual_hash_length);
+    } while (len++ != input->len);
+
+exit:
+    psa_hash_abort(&operation);
+    psa_hash_abort(&operation2);
+    PSA_DONE();
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_init.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_init.data
similarity index 93%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_init.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_init.data
index 9620a64..8c5b41d 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_init.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_init.data
@@ -25,7 +25,10 @@ validate_module_init_key_based:1
 Custom entropy sources: all standard
 custom_entropy_sources:0x0000ffff:PSA_SUCCESS
 
+# MBEDTLS_PSA_INJECT_ENTROPY means that a source of entropy (the seed file)
+# is effectively always available.
 Custom entropy sources: none
+depends_on:!MBEDTLS_PSA_INJECT_ENTROPY
 custom_entropy_sources:0:PSA_ERROR_INSUFFICIENT_ENTROPY
 
 Fake entropy: never returns anything
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_init.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_init.function
new file mode 100644
index 0000000..63767f0
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_init.function
@@ -0,0 +1,310 @@
+/* BEGIN_HEADER */
+#include <stdint.h>
+
+/* Some tests in this module configure entropy sources. */
+#include "psa_crypto_invasive.h"
+
+#include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
+
+#define ENTROPY_MIN_NV_SEED_SIZE                                        \
+    MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)
+
+#include "psa_crypto_random_impl.h"
+#if defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE)
+/* PSA crypto uses the HMAC_DRBG module. It reads from the entropy source twice:
+ * once for the initial entropy and once for a nonce. The nonce length is
+ * half the entropy length. For SHA-256, SHA-384 or SHA-512, the
+ * entropy length is 256 per the documentation of mbedtls_hmac_drbg_seed(),
+ * and PSA crypto doesn't support other hashes for HMAC_DRBG. */
+#define ENTROPY_NONCE_LEN (256 / 2)
+#else
+/* PSA crypto uses the CTR_DRBG module. In some configurations, it needs
+ * to read from the entropy source twice: once for the initial entropy
+ * and once for a nonce. */
+#include "mbedtls/ctr_drbg.h"
+#define ENTROPY_NONCE_LEN MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN
+#endif
+
+#if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+
+typedef struct {
+    size_t threshold; /* Minimum bytes to make mbedtls_entropy_func happy */
+    size_t max_steps;
+    size_t *length_sequence;
+    size_t step;
+} fake_entropy_state_t;
+static int fake_entropy_source(void *state_arg,
+                               unsigned char *output, size_t len,
+                               size_t *olen)
+{
+    fake_entropy_state_t *state = state_arg;
+    size_t i;
+
+    if (state->step >= state->max_steps) {
+        return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+    }
+
+    *olen = MIN(len, state->length_sequence[state->step]);
+    for (i = 0; i < *olen; i++) {
+        output[i] = i;
+    }
+    ++state->step;
+    return 0;
+}
+
+#define ENTROPY_SOURCE_PLATFORM                 0x00000001
+#define ENTROPY_SOURCE_TIMING                   0x00000002
+#define ENTROPY_SOURCE_HAVEGE                   0x00000004
+#define ENTROPY_SOURCE_HARDWARE                 0x00000008
+#define ENTROPY_SOURCE_NV_SEED                  0x00000010
+#define ENTROPY_SOURCE_FAKE                     0x40000000
+
+static uint32_t custom_entropy_sources_mask;
+static fake_entropy_state_t fake_entropy_state;
+
+/* This is a modified version of mbedtls_entropy_init() from entropy.c
+ * which chooses entropy sources dynamically. */
+static void custom_entropy_init(mbedtls_entropy_context *ctx)
+{
+    ctx->source_count = 0;
+    memset(ctx->source, 0, sizeof(ctx->source));
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_init(&ctx->mutex);
+#endif
+
+    ctx->accumulator_started = 0;
+#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
+    mbedtls_sha512_init(&ctx->accumulator);
+#else
+    mbedtls_sha256_init(&ctx->accumulator);
+#endif
+#if defined(MBEDTLS_HAVEGE_C)
+    mbedtls_havege_init(&ctx->havege_data);
+#endif
+
+#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
+    if (custom_entropy_sources_mask & ENTROPY_SOURCE_PLATFORM) {
+        mbedtls_entropy_add_source(ctx, mbedtls_platform_entropy_poll, NULL,
+                                   MBEDTLS_ENTROPY_MIN_PLATFORM,
+                                   MBEDTLS_ENTROPY_SOURCE_STRONG);
+    }
+#endif
+#if defined(MBEDTLS_TIMING_C)
+    if (custom_entropy_sources_mask & ENTROPY_SOURCE_TIMING) {
+        mbedtls_entropy_add_source(ctx, mbedtls_hardclock_poll, NULL,
+                                   MBEDTLS_ENTROPY_MIN_HARDCLOCK,
+                                   MBEDTLS_ENTROPY_SOURCE_WEAK);
+    }
+#endif
+#if defined(MBEDTLS_HAVEGE_C)
+    if (custom_entropy_sources_mask & ENTROPY_SOURCE_HAVEGE) {
+        mbedtls_entropy_add_source(ctx, mbedtls_havege_poll, &ctx->havege_data,
+                                   MBEDTLS_ENTROPY_MIN_HAVEGE,
+                                   MBEDTLS_ENTROPY_SOURCE_STRONG);
+    }
+#endif
+#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+    if (custom_entropy_sources_mask & ENTROPY_SOURCE_HARDWARE) {
+        mbedtls_entropy_add_source(ctx, mbedtls_hardware_poll, NULL,
+                                   MBEDTLS_ENTROPY_MIN_HARDWARE,
+                                   MBEDTLS_ENTROPY_SOURCE_STRONG);
+    }
+#endif
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+    if (custom_entropy_sources_mask & ENTROPY_SOURCE_NV_SEED) {
+        mbedtls_entropy_add_source(ctx, mbedtls_nv_seed_poll, NULL,
+                                   MBEDTLS_ENTROPY_BLOCK_SIZE,
+                                   MBEDTLS_ENTROPY_SOURCE_STRONG);
+        ctx->initial_entropy_run = 0;
+    } else {
+        /* Skip the NV seed even though it's compiled in. */
+        ctx->initial_entropy_run = 1;
+    }
+#endif
+
+    if (custom_entropy_sources_mask & ENTROPY_SOURCE_FAKE) {
+        mbedtls_entropy_add_source(ctx,
+                                   fake_entropy_source, &fake_entropy_state,
+                                   fake_entropy_state.threshold,
+                                   MBEDTLS_ENTROPY_SOURCE_STRONG);
+    }
+}
+
+#endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+void create_nv_seed()
+{
+    static unsigned char seed[ENTROPY_MIN_NV_SEED_SIZE];
+    TEST_ASSERT(mbedtls_nv_seed_write(seed, sizeof(seed)) >= 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void init_deinit(int count)
+{
+    psa_status_t status;
+    int i;
+    for (i = 0; i < count; i++) {
+        status = psa_crypto_init();
+        PSA_ASSERT(status);
+        status = psa_crypto_init();
+        PSA_ASSERT(status);
+        PSA_DONE();
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void deinit_without_init(int count)
+{
+    int i;
+    for (i = 0; i < count; i++) {
+        PSA_ASSERT(psa_crypto_init());
+        PSA_DONE();
+    }
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void validate_module_init_generate_random(int count)
+{
+    psa_status_t status;
+    uint8_t random[10] = { 0 };
+    int i;
+    for (i = 0; i < count; i++) {
+        status = psa_crypto_init();
+        PSA_ASSERT(status);
+        PSA_DONE();
+    }
+    status = psa_generate_random(random, sizeof(random));
+    TEST_EQUAL(status, PSA_ERROR_BAD_STATE);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void validate_module_init_key_based(int count)
+{
+    psa_status_t status;
+    uint8_t data[10] = { 0 };
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make(0xdead, 0xdead);
+    int i;
+
+    for (i = 0; i < count; i++) {
+        status = psa_crypto_init();
+        PSA_ASSERT(status);
+        PSA_DONE();
+    }
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA);
+    status = psa_import_key(&attributes, data, sizeof(data), &key);
+    TEST_EQUAL(status, PSA_ERROR_BAD_STATE);
+    TEST_ASSERT(mbedtls_svc_key_id_is_null(key));
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+void custom_entropy_sources(int sources_arg, int expected_init_status_arg)
+{
+    psa_status_t expected_init_status = expected_init_status_arg;
+    uint8_t random[10] = { 0 };
+
+    custom_entropy_sources_mask = sources_arg;
+    PSA_ASSERT(mbedtls_psa_crypto_configure_entropy_sources(
+                   custom_entropy_init, mbedtls_entropy_free));
+
+    TEST_EQUAL(psa_crypto_init(), expected_init_status);
+    if (expected_init_status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    PSA_ASSERT(psa_generate_random(random, sizeof(random)));
+
+exit:
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+void fake_entropy_source(int threshold,
+                         int amount1,
+                         int amount2,
+                         int amount3,
+                         int amount4,
+                         int expected_init_status_arg)
+{
+    psa_status_t expected_init_status = expected_init_status_arg;
+    uint8_t random[10] = { 0 };
+    size_t lengths[4];
+
+    fake_entropy_state.threshold = threshold;
+    fake_entropy_state.step = 0;
+    fake_entropy_state.max_steps = 0;
+    if (amount1 >= 0) {
+        lengths[fake_entropy_state.max_steps++] = amount1;
+    }
+    if (amount2 >= 0) {
+        lengths[fake_entropy_state.max_steps++] = amount2;
+    }
+    if (amount3 >= 0) {
+        lengths[fake_entropy_state.max_steps++] = amount3;
+    }
+    if (amount4 >= 0) {
+        lengths[fake_entropy_state.max_steps++] = amount4;
+    }
+    fake_entropy_state.length_sequence = lengths;
+
+    custom_entropy_sources_mask = ENTROPY_SOURCE_FAKE;
+    PSA_ASSERT(mbedtls_psa_crypto_configure_entropy_sources(
+                   custom_entropy_init, mbedtls_entropy_free));
+
+    TEST_EQUAL(psa_crypto_init(), expected_init_status);
+    if (expected_init_status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    PSA_ASSERT(psa_generate_random(random, sizeof(random)));
+
+exit:
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+void entropy_from_nv_seed(int seed_size_arg,
+                          int expected_init_status_arg)
+{
+    psa_status_t expected_init_status = expected_init_status_arg;
+    uint8_t random[10] = { 0 };
+    uint8_t *seed = NULL;
+    size_t seed_size = seed_size_arg;
+
+    TEST_CALLOC(seed, seed_size);
+    TEST_ASSERT(mbedtls_nv_seed_write(seed, seed_size) >= 0);
+
+    custom_entropy_sources_mask = ENTROPY_SOURCE_NV_SEED;
+    PSA_ASSERT(mbedtls_psa_crypto_configure_entropy_sources(
+                   custom_entropy_init, mbedtls_entropy_free));
+
+    TEST_EQUAL(psa_crypto_init(), expected_init_status);
+    if (expected_init_status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    PSA_ASSERT(psa_generate_random(random, sizeof(random)));
+
+exit:
+    mbedtls_free(seed);
+    PSA_DONE();
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_metadata.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_metadata.data
new file mode 100644
index 0000000..72a11ab
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_metadata.data
@@ -0,0 +1,435 @@
+Hash: MD2
+depends_on:PSA_WANT_ALG_MD2
+hash_algorithm:PSA_ALG_MD2:16
+
+Hash: MD4
+depends_on:PSA_WANT_ALG_MD4
+hash_algorithm:PSA_ALG_MD4:16
+
+Hash: MD5
+depends_on:PSA_WANT_ALG_MD5
+hash_algorithm:PSA_ALG_MD5:16
+
+Hash: RIPEMD160
+depends_on:PSA_WANT_ALG_RIPEMD160
+hash_algorithm:PSA_ALG_RIPEMD160:20
+
+Hash: SHA-1
+depends_on:PSA_WANT_ALG_SHA_1
+hash_algorithm:PSA_ALG_SHA_1:20
+
+Hash: SHA-2 SHA-224
+depends_on:PSA_WANT_ALG_SHA_224
+hash_algorithm:PSA_ALG_SHA_224:28
+
+Hash: SHA-2 SHA-256
+depends_on:PSA_WANT_ALG_SHA_256
+hash_algorithm:PSA_ALG_SHA_256:32
+
+Hash: SHA-2 SHA-384
+depends_on:PSA_WANT_ALG_SHA_384
+hash_algorithm:PSA_ALG_SHA_384:48
+
+Hash: SHA-2 SHA-512
+depends_on:PSA_WANT_ALG_SHA_512
+hash_algorithm:PSA_ALG_SHA_512:64
+
+MAC: HMAC-MD2
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD2 ):16:16
+
+MAC: HMAC-MD4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD4 ):16:64
+
+MAC: HMAC-MD5
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):16:64
+
+MAC: HMAC-RIPEMD160
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_RIPEMD160 ):20:64
+
+MAC: HMAC-SHA-1
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_1 ):20:64
+
+MAC: HMAC-SHA-224
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_224 ):28:64
+
+MAC: HMAC-SHA-256
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_256 ):32:64
+
+MAC: HMAC-SHA-384
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_384 ):48:128
+
+MAC: HMAC-SHA-512
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512 ):64:128
+
+MAC: CBC_MAC-AES-128
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_CIPHER_C
+mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
+
+MAC: CBC_MAC-AES-192
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_CIPHER_C
+mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
+
+MAC: CBC_MAC-AES-256
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_CIPHER_C
+mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
+
+MAC: CBC_MAC-3DES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES:MBEDTLS_CIPHER_C
+mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192
+
+MAC: CMAC-AES-128
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
+
+MAC: CMAC-AES-192
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
+
+MAC: CMAC-AES-256
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
+
+MAC: CMAC-3DES
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DES
+mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192
+
+Cipher: STREAM_CIPHER
+depends_on:PSA_WANT_ALG_STREAM_CIPHER
+cipher_algorithm:PSA_ALG_STREAM_CIPHER:ALG_IS_STREAM_CIPHER
+
+Cipher: CTR
+depends_on:PSA_WANT_ALG_CTR:MBEDTLS_CIPHER_C
+cipher_algorithm:PSA_ALG_CTR:ALG_IS_STREAM_CIPHER
+
+Cipher: CFB
+depends_on:PSA_WANT_ALG_CFB:MBEDTLS_CIPHER_C
+cipher_algorithm:PSA_ALG_CFB:ALG_IS_STREAM_CIPHER
+
+Cipher: OFB
+depends_on:PSA_WANT_ALG_OFB:MBEDTLS_CIPHER_C
+cipher_algorithm:PSA_ALG_OFB:ALG_IS_STREAM_CIPHER
+
+Cipher: ECB-nopad
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:MBEDTLS_CIPHER_C
+cipher_algorithm:PSA_ALG_ECB_NO_PADDING:0
+
+Cipher: CBC-nopad
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_CIPHER_C
+cipher_algorithm:PSA_ALG_CBC_NO_PADDING:0
+
+Cipher: CBC-PKCS#7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:MBEDTLS_CIPHER_C
+cipher_algorithm:PSA_ALG_CBC_PKCS7:0
+
+Cipher: XTS
+depends_on:PSA_WANT_ALG_XTS:MBEDTLS_CIPHER_C
+cipher_algorithm:PSA_ALG_XTS:0
+
+AEAD: CCM-AES-128
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:128
+
+AEAD: CCM-AES-192
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:192
+
+AEAD: CCM-AES-256
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:256
+
+AEAD: CCM-ARIA-128
+depends_on:PSA_WANT_KEY_TYPE_ARIA:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_ARIA:128
+
+AEAD: CCM-ARIA-192
+depends_on:PSA_WANT_KEY_TYPE_ARIA:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_ARIA:192
+
+AEAD: CCM-ARIA-256
+depends_on:PSA_WANT_KEY_TYPE_ARIA:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_ARIA:256
+
+AEAD: CCM-CAMELLIA-128
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:128
+
+AEAD: CCM-CAMELLIA-192
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:192
+
+AEAD: CCM-CAMELLIA-256
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_CCM
+aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:256
+
+AEAD: GCM-AES-128
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:128
+
+AEAD: GCM-AES-192
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:192
+
+AEAD: GCM-AES-256
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:256
+
+AEAD: GCM-ARIA-128
+depends_on:PSA_WANT_KEY_TYPE_ARIA:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_ARIA:128
+
+AEAD: GCM-ARIA-192
+depends_on:PSA_WANT_KEY_TYPE_ARIA:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_ARIA:192
+
+AEAD: GCM-ARIA-256
+depends_on:PSA_WANT_KEY_TYPE_ARIA:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_ARIA:256
+
+AEAD: GCM-CAMELLIA-128
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:128
+
+AEAD: GCM-CAMELLIA-192
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:192
+
+AEAD: GCM-CAMELLIA-256
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_GCM
+aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:256
+
+AEAD: ChaCha20_Poly1305
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305
+aead_algorithm:PSA_ALG_CHACHA20_POLY1305:0:16:PSA_KEY_TYPE_CHACHA20:256
+
+Asymmetric signature: RSA PKCS#1 v1.5 raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN
+asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:ALG_IS_RSA_PKCS1V15_SIGN | ALG_IS_SIGN_HASH
+
+Asymmetric signature: RSA PKCS#1 v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256
+asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 ):ALG_IS_RSA_PKCS1V15_SIGN | ALG_IS_SIGN_HASH | ALG_IS_HASH_AND_SIGN
+
+Asymmetric signature: RSA PSS SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256
+asymmetric_signature_algorithm:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):ALG_IS_RSA_PSS | ALG_IS_RSA_PSS_STANDARD_SALT | ALG_IS_SIGN_HASH | ALG_IS_HASH_AND_SIGN
+
+Asymmetric signature: RSA PSS-any-salt SHA-256
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256
+asymmetric_signature_algorithm:PSA_ALG_RSA_PSS_ANY_SALT( PSA_ALG_SHA_256 ):ALG_IS_RSA_PSS | ALG_IS_RSA_PSS_ANY_SALT | ALG_IS_SIGN_HASH | ALG_IS_HASH_AND_SIGN
+
+Asymmetric signature: randomized ECDSA (no hashing)
+depends_on:PSA_WANT_ALG_ECDSA
+asymmetric_signature_algorithm:PSA_ALG_ECDSA_ANY:ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA | ALG_IS_SIGN_HASH
+
+Asymmetric signature: SHA-256 + randomized ECDSA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256
+asymmetric_signature_algorithm:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA | ALG_IS_SIGN_HASH | ALG_IS_HASH_AND_SIGN
+
+Asymmetric signature: SHA-256 + deterministic ECDSA using SHA-256
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256
+asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC | ALG_IS_SIGN_HASH | ALG_IS_HASH_AND_SIGN
+
+Asymmetric signature: pure EdDSA
+depends_on:PSA_WANT_ALG_EDDSA
+asymmetric_signature_algorithm:PSA_ALG_PURE_EDDSA:0
+
+Asymmetric signature: Ed25519ph
+depends_on:PSA_WANT_ALG_EDDSA
+asymmetric_signature_algorithm:PSA_ALG_ED25519PH:ALG_IS_HASH_EDDSA | ALG_IS_SIGN_HASH | ALG_IS_HASH_AND_SIGN
+
+Asymmetric signature: Ed448ph
+depends_on:PSA_WANT_ALG_EDDSA
+asymmetric_signature_algorithm:PSA_ALG_ED448PH:ALG_IS_HASH_EDDSA | ALG_IS_SIGN_HASH | ALG_IS_HASH_AND_SIGN
+
+Asymmetric signature: RSA PKCS#1 v1.5 with wildcard hash
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN
+asymmetric_signature_wildcard:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH ):ALG_IS_RSA_PKCS1V15_SIGN
+
+Asymmetric signature: RSA PSS with wildcard hash
+depends_on:PSA_WANT_ALG_RSA_PSS
+asymmetric_signature_wildcard:PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH ):ALG_IS_RSA_PSS | ALG_IS_RSA_PSS_STANDARD_SALT
+
+Asymmetric signature: RSA PSS-any-salt with wildcard hash
+depends_on:PSA_WANT_ALG_RSA_PSS
+asymmetric_signature_wildcard:PSA_ALG_RSA_PSS_ANY_SALT( PSA_ALG_ANY_HASH ):ALG_IS_RSA_PSS | ALG_IS_RSA_PSS_ANY_SALT
+
+Asymmetric signature: randomized ECDSA with wildcard hash
+depends_on:PSA_WANT_ALG_ECDSA
+asymmetric_signature_wildcard:PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA
+
+Asymmetric signature: deterministic ECDSA with wildcard hash
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA
+asymmetric_signature_wildcard:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC
+
+Asymmetric encryption: RSA PKCS#1 v1.5
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT
+asymmetric_encryption_algorithm:PSA_ALG_RSA_PKCS1V15_CRYPT:0
+
+Asymmetric encryption: RSA OAEP using SHA-256
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256
+asymmetric_encryption_algorithm:PSA_ALG_RSA_OAEP( PSA_ALG_SHA_256 ):ALG_IS_RSA_OAEP
+
+Key derivation: HKDF using SHA-256
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):ALG_IS_HKDF
+
+Key derivation: HKDF using SHA-384
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384
+key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_384 ):ALG_IS_HKDF
+
+Key derivation: TLS 1.2 PRF using SHA-256
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+key_derivation_algorithm:PSA_ALG_TLS12_PRF( PSA_ALG_SHA_256 ):ALG_IS_TLS12_PRF
+
+Key derivation: TLS 1.2 PRF using SHA-384
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF
+key_derivation_algorithm:PSA_ALG_TLS12_PRF( PSA_ALG_SHA_384 ):ALG_IS_TLS12_PRF
+
+Key derivation: TLS 1.2 PSK-to-MS using SHA-256
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_algorithm:PSA_ALG_TLS12_PSK_TO_MS( PSA_ALG_SHA_256 ):ALG_IS_TLS12_PSK_TO_MS
+
+Key derivation: TLS 1.2 PSK-to-MS using SHA-384
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_algorithm:PSA_ALG_TLS12_PSK_TO_MS( PSA_ALG_SHA_384 ):ALG_IS_TLS12_PSK_TO_MS
+
+Key agreement: FFDH, raw output
+depends_on:PSA_WANT_ALG_FFDH
+key_agreement_algorithm:PSA_ALG_FFDH:ALG_IS_FFDH | ALG_IS_RAW_KEY_AGREEMENT:PSA_ALG_FFDH:PSA_ALG_CATEGORY_KEY_DERIVATION
+
+Key agreement: FFDH, HKDF using SHA-256
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_FFDH, PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):ALG_IS_FFDH:PSA_ALG_FFDH:PSA_ALG_HKDF( PSA_ALG_SHA_256 )
+
+Key agreement: FFDH, HKDF using SHA-384
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384
+key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_FFDH, PSA_ALG_HKDF( PSA_ALG_SHA_384 ) ):ALG_IS_FFDH:PSA_ALG_FFDH:PSA_ALG_HKDF( PSA_ALG_SHA_384 )
+
+Key agreement: ECDH, raw output
+depends_on:PSA_WANT_ALG_ECDH
+key_agreement_algorithm:PSA_ALG_ECDH:ALG_IS_ECDH | ALG_IS_RAW_KEY_AGREEMENT:PSA_ALG_ECDH:PSA_ALG_CATEGORY_KEY_DERIVATION
+
+Key agreement: ECDH, HKDF using SHA-256
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):ALG_IS_ECDH:PSA_ALG_ECDH:PSA_ALG_HKDF( PSA_ALG_SHA_256 )
+
+Key agreement: ECDH, HKDF using SHA-384
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384
+key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, PSA_ALG_HKDF( PSA_ALG_SHA_384 ) ):ALG_IS_ECDH:PSA_ALG_ECDH:PSA_ALG_HKDF( PSA_ALG_SHA_384 )
+
+Key type: raw data
+key_type:PSA_KEY_TYPE_RAW_DATA:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: HMAC
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_type:PSA_KEY_TYPE_HMAC:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: secret for key derivation
+key_type:PSA_KEY_TYPE_DERIVE:KEY_TYPE_IS_UNSTRUCTURED
+
+Block cipher key type: AES
+depends_on:PSA_WANT_KEY_TYPE_AES
+block_cipher_key_type:PSA_KEY_TYPE_AES:16
+
+Block cipher key type: ARIA
+depends_on:PSA_WANT_KEY_TYPE_ARIA
+block_cipher_key_type:PSA_KEY_TYPE_ARIA:16
+
+Block cipher key type: DES
+depends_on:PSA_WANT_KEY_TYPE_DES
+block_cipher_key_type:PSA_KEY_TYPE_DES:8
+
+Block cipher key type: Camellia
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA
+block_cipher_key_type:PSA_KEY_TYPE_CAMELLIA:16
+
+Stream cipher key type: ARC4
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+stream_cipher_key_type:PSA_KEY_TYPE_ARC4
+
+Stream cipher key type: ChaCha20
+depends_on:PSA_WANT_KEY_TYPE_CHACHA20
+stream_cipher_key_type:PSA_KEY_TYPE_CHACHA20
+
+Key type: RSA public key
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_type:PSA_KEY_TYPE_RSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_RSA
+
+Key type: RSA key pair
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_type:PSA_KEY_TYPE_RSA_KEY_PAIR:KEY_TYPE_IS_KEY_PAIR | KEY_TYPE_IS_RSA
+
+ECC key family: SECP K1
+ecc_key_family:PSA_ECC_FAMILY_SECP_K1
+
+ECC key family: SECP R1
+ecc_key_family:PSA_ECC_FAMILY_SECP_R1
+
+ECC key family: SECP R2
+ecc_key_family:PSA_ECC_FAMILY_SECP_R2
+
+ECC key family: SECT K1
+ecc_key_family:PSA_ECC_FAMILY_SECT_K1
+
+ECC key family: SECT R1
+ecc_key_family:PSA_ECC_FAMILY_SECT_R1
+
+ECC key family: SECT R2
+ecc_key_family:PSA_ECC_FAMILY_SECT_R2
+
+ECC key family: Brainpool P R1
+ecc_key_family:PSA_ECC_FAMILY_BRAINPOOL_P_R1
+
+ECC key family: Montgomery (Curve25519, Curve448)
+ecc_key_family:PSA_ECC_FAMILY_MONTGOMERY
+
+ECC key family: Twisted Edwards (Ed25519, Ed448)
+ecc_key_family:PSA_ECC_FAMILY_TWISTED_EDWARDS
+
+DH group family: RFC 7919
+dh_key_family:PSA_DH_FAMILY_RFC7919
+
+Lifetime: VOLATILE
+lifetime:PSA_KEY_LIFETIME_VOLATILE:KEY_LIFETIME_IS_VOLATILE:PSA_KEY_PERSISTENCE_VOLATILE:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: PERSISTENT
+lifetime:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_KEY_PERSISTENCE_DEFAULT:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: volatile, local storage
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, PSA_KEY_LOCATION_LOCAL_STORAGE):KEY_LIFETIME_IS_VOLATILE:PSA_KEY_PERSISTENCE_VOLATILE:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: default, local storage
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_LOCAL_STORAGE):0:PSA_KEY_PERSISTENCE_DEFAULT:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: 2, local storage
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):0:2:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: 254, local storage
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, PSA_KEY_LOCATION_LOCAL_STORAGE):0:254:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: read-only, local storage
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, PSA_KEY_LOCATION_LOCAL_STORAGE):KEY_LIFETIME_IS_READ_ONLY:PSA_KEY_PERSISTENCE_READ_ONLY:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: volatile, 0x123456
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, 0x123456):KEY_LIFETIME_IS_VOLATILE:PSA_KEY_PERSISTENCE_VOLATILE:0x123456
+
+Lifetime: default, 0x123456
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, 0x123456):0:PSA_KEY_PERSISTENCE_DEFAULT:0x123456
+
+Lifetime: 2, 0x123456
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, 0x123456):0:2:0x123456
+
+Lifetime: 254, 0x123456
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, 0x123456):0:254:0x123456
+
+Lifetime: read-only, 0x123456
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, 0x123456):KEY_LIFETIME_IS_READ_ONLY:PSA_KEY_PERSISTENCE_READ_ONLY:0x123456
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_metadata.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_metadata.function
new file mode 100644
index 0000000..47d60c1
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_metadata.function
@@ -0,0 +1,707 @@
+/* BEGIN_HEADER */
+/* Test macros that provide metadata about algorithms and key types.
+ * This test suite only contains tests that don't require executing
+ * code. Other test suites validate macros that require creating a key
+ * and using it. */
+
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+#include "spm/psa_defs.h"
+#endif
+
+#include "psa/crypto.h"
+#include "psa_crypto_invasive.h"
+
+/* Flags for algorithm classification macros. There is a flag for every
+ * algorithm classification macro PSA_ALG_IS_xxx except for the
+ * category test macros, which are hard-coded in each
+ * category-specific function. The name of the flag is the name of the
+ * classification macro without the PSA_ prefix. */
+#define ALG_IS_VENDOR_DEFINED           (1u << 0)
+#define ALG_IS_HMAC                     (1u << 1)
+#define ALG_IS_BLOCK_CIPHER_MAC         (1u << 2)
+#define ALG_IS_STREAM_CIPHER            (1u << 3)
+#define ALG_IS_RSA_PKCS1V15_SIGN        (1u << 4)
+#define ALG_IS_RSA_PSS                  (1u << 5)
+#define ALG_IS_RSA_PSS_ANY_SALT         (1u << 6)
+#define ALG_IS_RSA_PSS_STANDARD_SALT    (1u << 7)
+#define ALG_IS_DSA                      (1u << 8)
+#define ALG_DSA_IS_DETERMINISTIC        (1u << 9)
+#define ALG_IS_DETERMINISTIC_DSA        (1u << 10)
+#define ALG_IS_RANDOMIZED_DSA           (1u << 11)
+#define ALG_IS_ECDSA                    (1u << 12)
+#define ALG_ECDSA_IS_DETERMINISTIC      (1u << 13)
+#define ALG_IS_DETERMINISTIC_ECDSA      (1u << 14)
+#define ALG_IS_RANDOMIZED_ECDSA         (1u << 15)
+#define ALG_IS_HASH_EDDSA               (1u << 16)
+#define ALG_IS_SIGN_HASH                (1u << 17)
+#define ALG_IS_HASH_AND_SIGN            (1u << 18)
+#define ALG_IS_RSA_OAEP                 (1u << 19)
+#define ALG_IS_HKDF                     (1u << 20)
+#define ALG_IS_FFDH                     (1u << 21)
+#define ALG_IS_ECDH                     (1u << 22)
+#define ALG_IS_WILDCARD                 (1u << 23)
+#define ALG_IS_RAW_KEY_AGREEMENT        (1u << 24)
+#define ALG_IS_AEAD_ON_BLOCK_CIPHER     (1u << 25)
+#define ALG_IS_TLS12_PRF                (1u << 26)
+#define ALG_IS_TLS12_PSK_TO_MS          (1u << 27)
+#define ALG_FLAG_MASK_PLUS_ONE          (1u << 28)   /* must be last! */
+
+/* Flags for key type classification macros. There is a flag for every
+ * key type classification macro PSA_KEY_TYPE_IS_xxx except for some that
+ * are tested as derived from other macros. The name of the flag is
+ * the name of the classification macro without the PSA_ prefix. */
+#define KEY_TYPE_IS_VENDOR_DEFINED      (1u << 0)
+#define KEY_TYPE_IS_UNSTRUCTURED        (1u << 1)
+#define KEY_TYPE_IS_PUBLIC_KEY          (1u << 2)
+#define KEY_TYPE_IS_KEY_PAIR            (1u << 3)
+#define KEY_TYPE_IS_RSA                 (1u << 4)
+#define KEY_TYPE_IS_DSA                 (1u << 5)
+#define KEY_TYPE_IS_ECC                 (1u << 6)
+#define KEY_TYPE_IS_DH                  (1u << 7)
+#define KEY_TYPE_FLAG_MASK_PLUS_ONE     (1u << 8)   /* must be last! */
+
+/* Flags for lifetime classification macros. There is a flag for every
+ * lifetime classification macro PSA_KEY_LIFETIME_IS_xxx. The name of the
+ * flag is the name of the classification macro without the PSA_ prefix. */
+#define KEY_LIFETIME_IS_VOLATILE        (1u << 0)
+#define KEY_LIFETIME_IS_READ_ONLY       (1u << 1)
+#define KEY_LIFETIME_FLAG_MASK_PLUS_ONE (1u << 2)   /* must be last! */
+
+/* Check that in the value of flags, the bit flag (which should be a macro
+ * expanding to a number of the form 1 << k) is set if and only if
+ * PSA_##flag(alg) is true.
+ *
+ * Only perform this check if cond is true. Typically cond is 1, but it can
+ * be different if the value of the flag bit is only specified under specific
+ * conditions.
+ *
+ * Unconditionally mask flag into the ambient variable
+ * classification_flags_tested.
+ */
+#define TEST_CLASSIFICATION_MACRO(cond, flag, alg, flags)     \
+    do                                                          \
+    {                                                           \
+        if (cond)                                              \
+        {                                                       \
+            if ((flags) & (flag))                          \
+            TEST_ASSERT(PSA_##flag(alg));               \
+            else                                                \
+            TEST_ASSERT(!PSA_##flag(alg));             \
+        }                                                       \
+        classification_flags_tested |= (flag);                \
+    }                                                           \
+    while (0)
+
+/* Check the parity of value.
+ *
+ * There are several numerical encodings for which the PSA Cryptography API
+ * specification deliberately defines encodings that all have the same
+ * parity. This way, a data glitch that flips one bit in the data cannot
+ * possibly turn a valid encoding into another valid encoding. Here in
+ * the tests, we check that the values (including Mbed TLS vendor-specific
+ * values) have the expected parity.
+ *
+ * The expected parity is even so that 0 is considered a valid encoding.
+ *
+ * Return a nonzero value if value has even parity and 0 otherwise. */
+int has_even_parity(uint32_t value)
+{
+    value ^= value >> 16;
+    value ^= value >> 8;
+    value ^= value >> 4;
+    return 0x9669 & 1 << (value & 0xf);
+}
+#define TEST_PARITY(value)                    \
+    TEST_ASSERT(has_even_parity(value))
+
+void algorithm_classification(psa_algorithm_t alg, unsigned flags)
+{
+    unsigned classification_flags_tested = 0;
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_VENDOR_DEFINED, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_HMAC, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_BLOCK_CIPHER_MAC, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_STREAM_CIPHER, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_RSA_PKCS1V15_SIGN, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_RSA_PSS, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_RSA_PSS_ANY_SALT, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_RSA_PSS_STANDARD_SALT, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_DSA, alg, flags);
+    TEST_CLASSIFICATION_MACRO(PSA_ALG_IS_DSA(alg),
+                              ALG_DSA_IS_DETERMINISTIC, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_DETERMINISTIC_DSA, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_RANDOMIZED_DSA, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_ECDSA, alg, flags);
+    TEST_CLASSIFICATION_MACRO(PSA_ALG_IS_ECDSA(alg),
+                              ALG_ECDSA_IS_DETERMINISTIC, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_DETERMINISTIC_ECDSA, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_RANDOMIZED_ECDSA, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_HASH_EDDSA, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_SIGN_HASH, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_HASH_AND_SIGN, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_RSA_OAEP, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_HKDF, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_WILDCARD, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_ECDH, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_FFDH, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_RAW_KEY_AGREEMENT, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_AEAD_ON_BLOCK_CIPHER, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_TLS12_PRF, alg, flags);
+    TEST_CLASSIFICATION_MACRO(1, ALG_IS_TLS12_PSK_TO_MS, alg, flags);
+    TEST_EQUAL(classification_flags_tested, ALG_FLAG_MASK_PLUS_ONE - 1);
+exit:;
+}
+
+void key_type_classification(psa_key_type_t type, unsigned flags)
+{
+    unsigned classification_flags_tested = 0;
+
+    /* Macros tested based on the test case parameter */
+    TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_VENDOR_DEFINED, type, flags);
+    TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_UNSTRUCTURED, type, flags);
+    TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_PUBLIC_KEY, type, flags);
+    TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_KEY_PAIR, type, flags);
+    TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_RSA, type, flags);
+    TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_DSA, type, flags);
+    TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_ECC, type, flags);
+    TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_DH, type, flags);
+    TEST_EQUAL(classification_flags_tested, KEY_TYPE_FLAG_MASK_PLUS_ONE - 1);
+
+    /* Macros with derived semantics */
+    TEST_EQUAL(PSA_KEY_TYPE_IS_ASYMMETRIC(type),
+               (PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ||
+                PSA_KEY_TYPE_IS_KEY_PAIR(type)));
+    TEST_EQUAL(PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type),
+               (PSA_KEY_TYPE_IS_ECC(type) &&
+                PSA_KEY_TYPE_IS_KEY_PAIR(type)));
+    TEST_EQUAL(PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type),
+               (PSA_KEY_TYPE_IS_ECC(type) &&
+                PSA_KEY_TYPE_IS_PUBLIC_KEY(type)));
+    TEST_EQUAL(PSA_KEY_TYPE_IS_DH_KEY_PAIR(type),
+               (PSA_KEY_TYPE_IS_DH(type) &&
+                PSA_KEY_TYPE_IS_KEY_PAIR(type)));
+    TEST_EQUAL(PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type),
+               (PSA_KEY_TYPE_IS_DH(type) &&
+                PSA_KEY_TYPE_IS_PUBLIC_KEY(type)));
+
+    TEST_PARITY(type);
+
+exit:;
+}
+
+void mac_algorithm_core(psa_algorithm_t alg, int classification_flags,
+                        psa_key_type_t key_type, size_t key_bits,
+                        size_t length)
+{
+    /* Algorithm classification */
+    TEST_ASSERT(!PSA_ALG_IS_HASH(alg));
+    TEST_ASSERT(PSA_ALG_IS_MAC(alg));
+    TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg));
+    TEST_ASSERT(!PSA_ALG_IS_AEAD(alg));
+    TEST_ASSERT(!PSA_ALG_IS_SIGN(alg));
+    TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg));
+    TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg));
+    TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg));
+    algorithm_classification(alg, classification_flags);
+
+    /* Length */
+    TEST_EQUAL(length, PSA_MAC_LENGTH(key_type, key_bits, alg));
+
+#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_PSA_CRYPTO_C)
+    PSA_ASSERT(psa_mac_key_can_do(alg, key_type));
+#endif
+
+exit:;
+}
+
+void aead_algorithm_core(psa_algorithm_t alg, int classification_flags,
+                         psa_key_type_t key_type, size_t key_bits,
+                         size_t tag_length)
+{
+    /* Algorithm classification */
+    TEST_ASSERT(!PSA_ALG_IS_HASH(alg));
+    TEST_ASSERT(!PSA_ALG_IS_MAC(alg));
+    TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg));
+    TEST_ASSERT(PSA_ALG_IS_AEAD(alg));
+    TEST_ASSERT(!PSA_ALG_IS_SIGN(alg));
+    TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg));
+    TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg));
+    TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg));
+    algorithm_classification(alg, classification_flags);
+
+    /* Tag length */
+    TEST_EQUAL(tag_length, PSA_AEAD_TAG_LENGTH(key_type, key_bits, alg));
+
+exit:;
+}
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_CLIENT
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void hash_algorithm(int alg_arg, int length_arg)
+{
+    psa_algorithm_t alg = alg_arg;
+    size_t length = length_arg;
+    psa_algorithm_t hmac_alg = PSA_ALG_HMAC(alg);
+    psa_algorithm_t rsa_pkcs1v15_sign_alg = PSA_ALG_RSA_PKCS1V15_SIGN(alg);
+    psa_algorithm_t rsa_pss_alg = PSA_ALG_RSA_PSS(alg);
+    psa_algorithm_t dsa_alg = PSA_ALG_DSA(alg);
+    psa_algorithm_t deterministic_dsa_alg = PSA_ALG_DETERMINISTIC_DSA(alg);
+    psa_algorithm_t ecdsa_alg = PSA_ALG_ECDSA(alg);
+    psa_algorithm_t deterministic_ecdsa_alg = PSA_ALG_DETERMINISTIC_ECDSA(alg);
+    psa_algorithm_t rsa_oaep_alg = PSA_ALG_RSA_OAEP(alg);
+    psa_algorithm_t hkdf_alg = PSA_ALG_HKDF(alg);
+
+    /* Algorithm classification */
+    TEST_ASSERT(PSA_ALG_IS_HASH(alg));
+    TEST_ASSERT(!PSA_ALG_IS_MAC(alg));
+    TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg));
+    TEST_ASSERT(!PSA_ALG_IS_AEAD(alg));
+    TEST_ASSERT(!PSA_ALG_IS_SIGN(alg));
+    TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg));
+    TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg));
+    TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg));
+    algorithm_classification(alg, 0);
+
+    /* Dependent algorithms */
+    TEST_EQUAL(PSA_ALG_HMAC_GET_HASH(hmac_alg), alg);
+    TEST_EQUAL(PSA_ALG_SIGN_GET_HASH(rsa_pkcs1v15_sign_alg), alg);
+    TEST_EQUAL(PSA_ALG_SIGN_GET_HASH(rsa_pss_alg), alg);
+    TEST_EQUAL(PSA_ALG_SIGN_GET_HASH(dsa_alg), alg);
+    TEST_EQUAL(PSA_ALG_SIGN_GET_HASH(deterministic_dsa_alg), alg);
+    TEST_EQUAL(PSA_ALG_SIGN_GET_HASH(ecdsa_alg), alg);
+    TEST_EQUAL(PSA_ALG_SIGN_GET_HASH(deterministic_ecdsa_alg), alg);
+    TEST_EQUAL(PSA_ALG_RSA_OAEP_GET_HASH(rsa_oaep_alg), alg);
+    TEST_EQUAL(PSA_ALG_HKDF_GET_HASH(hkdf_alg), alg);
+
+    /* Hash length */
+    TEST_EQUAL(length, PSA_HASH_LENGTH(alg));
+    TEST_ASSERT(length <= PSA_HASH_MAX_SIZE);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mac_algorithm(int alg_arg, int classification_flags,
+                   int length_arg,
+                   int key_type_arg, int key_bits_arg)
+{
+    psa_algorithm_t alg = alg_arg;
+    size_t length = length_arg;
+    size_t n;
+    size_t key_type = key_type_arg;
+    size_t key_bits = key_bits_arg;
+
+    mac_algorithm_core(alg, classification_flags,
+                       key_type, key_bits, length);
+    TEST_EQUAL(PSA_ALG_FULL_LENGTH_MAC(alg), alg);
+    TEST_ASSERT(length <= PSA_MAC_MAX_SIZE);
+
+    /* Truncated versions */
+    for (n = 1; n <= length; n++) {
+        psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC(alg, n);
+        mac_algorithm_core(truncated_alg, classification_flags,
+                           key_type, key_bits, n);
+        TEST_EQUAL(PSA_ALG_FULL_LENGTH_MAC(truncated_alg), alg);
+        /* Check that calling PSA_ALG_TRUNCATED_MAC twice gives the length
+         * of the outer truncation (even if the outer length is smaller than
+         * the inner length). */
+        TEST_EQUAL(PSA_ALG_TRUNCATED_MAC(truncated_alg, 1),
+                   PSA_ALG_TRUNCATED_MAC(alg, 1));
+        TEST_EQUAL(PSA_ALG_TRUNCATED_MAC(truncated_alg, length - 1),
+                   PSA_ALG_TRUNCATED_MAC(alg, length - 1));
+        TEST_EQUAL(PSA_ALG_TRUNCATED_MAC(truncated_alg, length),
+                   PSA_ALG_TRUNCATED_MAC(alg, length));
+
+        /* Check that calling PSA_ALG_TRUNCATED_MAC on an algorithm
+         * earlier constructed with PSA_ALG_AT_LEAST_THIS_LENGTH_MAC gives the
+         * length of the outer truncation (even if the outer length is smaller
+         * than the inner length). */
+        TEST_EQUAL(PSA_ALG_TRUNCATED_MAC(
+                       PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(truncated_alg, n), 1),
+                   PSA_ALG_TRUNCATED_MAC(alg, 1));
+        TEST_EQUAL(PSA_ALG_TRUNCATED_MAC(
+                       PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(truncated_alg, n), length - 1),
+                   PSA_ALG_TRUNCATED_MAC(alg, length - 1));
+        TEST_EQUAL(PSA_ALG_TRUNCATED_MAC(
+                       PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(truncated_alg, n), length),
+                   PSA_ALG_TRUNCATED_MAC(alg, length));
+    }
+
+    /* At-leat-this-length versions */
+    for (n = 1; n <= length; n++) {
+        psa_algorithm_t policy_alg = PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, n);
+        mac_algorithm_core(policy_alg, classification_flags | ALG_IS_WILDCARD,
+                           key_type, key_bits, n);
+        TEST_EQUAL(PSA_ALG_FULL_LENGTH_MAC(policy_alg), alg);
+        /* Check that calling PSA_ALG_AT_LEAST_THIS_LENGTH_MAC twice gives the
+         * length of the outer truncation (even if the outer length is smaller
+         * than the inner length). */
+        TEST_EQUAL(PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(policy_alg, 1),
+                   PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, 1));
+        TEST_EQUAL(PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(policy_alg, length - 1),
+                   PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, length - 1));
+        TEST_EQUAL(PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(policy_alg, length),
+                   PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, length));
+
+        /* Check that calling PSA_ALG_AT_LEAST_THIS_LENGTH_MAC on an algorithm
+         * earlier constructed with PSA_ALG_TRUNCATED_MAC gives the length of
+         * the outer truncation (even if the outer length is smaller than the
+         * inner length). */
+        TEST_EQUAL(PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(
+                       PSA_ALG_TRUNCATED_MAC(policy_alg, n), 1),
+                   PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, 1));
+        TEST_EQUAL(PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(
+                       PSA_ALG_TRUNCATED_MAC(policy_alg, n), length - 1),
+                   PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, length - 1));
+        TEST_EQUAL(PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(
+                       PSA_ALG_TRUNCATED_MAC(policy_alg, n), length),
+                   PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, length));
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hmac_algorithm(int alg_arg,
+                    int length_arg,
+                    int block_size_arg)
+{
+    psa_algorithm_t alg = alg_arg;
+    psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH(alg);
+    size_t block_size = block_size_arg;
+    size_t length = length_arg;
+    size_t n;
+
+    TEST_ASSERT(PSA_ALG_IS_HASH(hash_alg));
+    TEST_EQUAL(PSA_ALG_HMAC(hash_alg), alg);
+
+    TEST_ASSERT(block_size == PSA_HASH_BLOCK_LENGTH(alg));
+    TEST_ASSERT(block_size <= PSA_HMAC_MAX_HASH_BLOCK_SIZE);
+
+    test_mac_algorithm(alg_arg, ALG_IS_HMAC, length,
+                       PSA_KEY_TYPE_HMAC, PSA_BYTES_TO_BITS(length));
+
+    for (n = 1; n <= length; n++) {
+        psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC(alg, n);
+        TEST_EQUAL(PSA_ALG_HMAC_GET_HASH(truncated_alg), hash_alg);
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_algorithm(int alg_arg, int classification_flags)
+{
+    psa_algorithm_t alg = alg_arg;
+
+    /* Algorithm classification */
+    TEST_ASSERT(!PSA_ALG_IS_HASH(alg));
+    TEST_ASSERT(!PSA_ALG_IS_MAC(alg));
+    TEST_ASSERT(PSA_ALG_IS_CIPHER(alg));
+    TEST_ASSERT(!PSA_ALG_IS_AEAD(alg));
+    TEST_ASSERT(!PSA_ALG_IS_SIGN(alg));
+    TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg));
+    TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg));
+    TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg));
+    algorithm_classification(alg, classification_flags);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aead_algorithm(int alg_arg, int classification_flags,
+                    int tag_length_arg,
+                    int key_type_arg, int key_bits_arg)
+{
+    psa_algorithm_t alg = alg_arg;
+    size_t tag_length = tag_length_arg;
+    size_t n;
+    psa_key_type_t key_type = key_type_arg;
+    size_t key_bits = key_bits_arg;
+
+    aead_algorithm_core(alg, classification_flags,
+                        key_type, key_bits, tag_length);
+
+    /* Truncated versions */
+    for (n = 1; n <= tag_length; n++) {
+        psa_algorithm_t truncated_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, n);
+        aead_algorithm_core(truncated_alg, classification_flags,
+                            key_type, key_bits, n);
+        TEST_EQUAL(PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(truncated_alg),
+                   alg);
+        /* Check that calling PSA_ALG_AEAD_WITH_SHORTENED_TAG twice gives
+         * the length of the outer truncation (even if the outer length is
+         * smaller than the inner length). */
+        TEST_EQUAL(PSA_ALG_AEAD_WITH_SHORTENED_TAG(truncated_alg, 1),
+                   PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 1));
+        TEST_EQUAL(PSA_ALG_AEAD_WITH_SHORTENED_TAG(truncated_alg, tag_length - 1),
+                   PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, tag_length - 1));
+        TEST_EQUAL(PSA_ALG_AEAD_WITH_SHORTENED_TAG(truncated_alg, tag_length),
+                   PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, tag_length));
+
+        /* Check that calling PSA_ALG_AEAD_WITH_SHORTENED_TAG on an algorithm
+         * earlier constructed with PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG
+         * gives the length of the outer truncation (even if the outer length is
+         * smaller than the inner length). */
+        TEST_EQUAL(PSA_ALG_AEAD_WITH_SHORTENED_TAG(
+                       PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(truncated_alg, n), 1),
+                   PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 1));
+        TEST_EQUAL(PSA_ALG_AEAD_WITH_SHORTENED_TAG(
+                       PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(truncated_alg,
+                                                                  n), tag_length - 1),
+                   PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, tag_length - 1));
+        TEST_EQUAL(PSA_ALG_AEAD_WITH_SHORTENED_TAG(
+                       PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(truncated_alg, n), tag_length),
+                   PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, tag_length));
+    }
+
+    /* At-leat-this-length versions */
+    for (n = 1; n <= tag_length; n++) {
+        psa_algorithm_t policy_alg = PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, n);
+        aead_algorithm_core(policy_alg, classification_flags | ALG_IS_WILDCARD,
+                            key_type, key_bits, n);
+        TEST_EQUAL(PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(policy_alg),
+                   alg);
+        /* Check that calling PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG twice
+         * gives the length of the outer truncation (even if the outer length is
+         * smaller than the inner length). */
+        TEST_EQUAL(PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(policy_alg, 1),
+                   PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, 1));
+        TEST_EQUAL(PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(policy_alg, tag_length - 1),
+                   PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, tag_length - 1));
+        TEST_EQUAL(PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(policy_alg, tag_length),
+                   PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, tag_length));
+
+        /* Check that calling PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG on an
+         * algorithm earlier constructed with PSA_ALG_AEAD_WITH_SHORTENED_TAG
+         * gives the length of the outer truncation (even if the outer length is
+         * smaller than the inner length). */
+        TEST_EQUAL(PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(
+                       PSA_ALG_AEAD_WITH_SHORTENED_TAG(policy_alg, n), 1),
+                   PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, 1));
+        TEST_EQUAL(PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(
+                       PSA_ALG_AEAD_WITH_SHORTENED_TAG(policy_alg, n), tag_length - 1),
+                   PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, tag_length - 1));
+        TEST_EQUAL(PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(
+                       PSA_ALG_AEAD_WITH_SHORTENED_TAG(policy_alg, n), tag_length),
+                   PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, tag_length));
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_signature_algorithm(int alg_arg, int classification_flags)
+{
+    psa_algorithm_t alg = alg_arg;
+
+    /* Algorithm classification */
+    TEST_ASSERT(!PSA_ALG_IS_HASH(alg));
+    TEST_ASSERT(!PSA_ALG_IS_MAC(alg));
+    TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg));
+    TEST_ASSERT(!PSA_ALG_IS_AEAD(alg));
+    TEST_ASSERT(PSA_ALG_IS_SIGN(alg));
+    TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg));
+    TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg));
+    TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg));
+    algorithm_classification(alg, classification_flags);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_signature_wildcard(int alg_arg, int classification_flags)
+{
+    classification_flags |= ALG_IS_WILDCARD;
+    classification_flags |= ALG_IS_SIGN_HASH;
+    classification_flags |= ALG_IS_HASH_AND_SIGN;
+    test_asymmetric_signature_algorithm(alg_arg, classification_flags);
+    /* Any failure of this test function comes from
+     * asymmetric_signature_algorithm. Pacify -Werror=unused-label. */
+    goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_encryption_algorithm(int alg_arg, int classification_flags)
+{
+    psa_algorithm_t alg = alg_arg;
+
+    /* Algorithm classification */
+    TEST_ASSERT(!PSA_ALG_IS_HASH(alg));
+    TEST_ASSERT(!PSA_ALG_IS_MAC(alg));
+    TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg));
+    TEST_ASSERT(!PSA_ALG_IS_AEAD(alg));
+    TEST_ASSERT(!PSA_ALG_IS_SIGN(alg));
+    TEST_ASSERT(PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg));
+    TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg));
+    TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg));
+    algorithm_classification(alg, classification_flags);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_derivation_algorithm(int alg_arg, int classification_flags)
+{
+    psa_algorithm_t alg = alg_arg;
+    psa_algorithm_t ecdh_alg = PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, alg);
+    psa_algorithm_t ffdh_alg = PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, alg);
+
+    /* Algorithm classification */
+    TEST_ASSERT(!PSA_ALG_IS_HASH(alg));
+    TEST_ASSERT(!PSA_ALG_IS_MAC(alg));
+    TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg));
+    TEST_ASSERT(!PSA_ALG_IS_AEAD(alg));
+    TEST_ASSERT(!PSA_ALG_IS_SIGN(alg));
+    TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg));
+    TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg));
+    TEST_ASSERT(PSA_ALG_IS_KEY_DERIVATION(alg));
+    algorithm_classification(alg, classification_flags);
+
+    /* Check combinations with key agreements */
+    TEST_ASSERT(PSA_ALG_IS_KEY_AGREEMENT(ecdh_alg));
+    TEST_ASSERT(PSA_ALG_IS_KEY_AGREEMENT(ffdh_alg));
+    TEST_EQUAL(PSA_ALG_KEY_AGREEMENT_GET_KDF(ecdh_alg), alg);
+    TEST_EQUAL(PSA_ALG_KEY_AGREEMENT_GET_KDF(ffdh_alg), alg);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_agreement_algorithm(int alg_arg, int classification_flags,
+                             int ka_alg_arg, int kdf_alg_arg)
+{
+    psa_algorithm_t alg = alg_arg;
+    psa_algorithm_t actual_ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE(alg);
+    psa_algorithm_t expected_ka_alg = ka_alg_arg;
+    psa_algorithm_t actual_kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF(alg);
+    psa_algorithm_t expected_kdf_alg = kdf_alg_arg;
+
+    /* Algorithm classification */
+    TEST_ASSERT(!PSA_ALG_IS_HASH(alg));
+    TEST_ASSERT(!PSA_ALG_IS_MAC(alg));
+    TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg));
+    TEST_ASSERT(!PSA_ALG_IS_AEAD(alg));
+    TEST_ASSERT(!PSA_ALG_IS_SIGN(alg));
+    TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg));
+    TEST_ASSERT(PSA_ALG_IS_KEY_AGREEMENT(alg));
+    TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg));
+    algorithm_classification(alg, classification_flags);
+
+    /* Shared secret derivation properties */
+    TEST_EQUAL(actual_ka_alg, expected_ka_alg);
+    TEST_EQUAL(actual_kdf_alg, expected_kdf_alg);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_type(int type_arg, int classification_flags)
+{
+    psa_key_type_t type = type_arg;
+
+    key_type_classification(type, classification_flags);
+
+    /* For asymmetric types, check the corresponding pair/public type */
+    if (classification_flags & KEY_TYPE_IS_PUBLIC_KEY) {
+        psa_key_type_t pair_type = PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type);
+        TEST_EQUAL(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(pair_type), type);
+        key_type_classification(pair_type,
+                                (classification_flags
+                                 & ~KEY_TYPE_IS_PUBLIC_KEY)
+                                | KEY_TYPE_IS_KEY_PAIR);
+        TEST_EQUAL(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type), type);
+    }
+    if (classification_flags & KEY_TYPE_IS_KEY_PAIR) {
+        psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type);
+        TEST_EQUAL(PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(public_type), type);
+        key_type_classification(public_type,
+                                (classification_flags
+                                 & ~KEY_TYPE_IS_KEY_PAIR)
+                                | KEY_TYPE_IS_PUBLIC_KEY);
+        TEST_EQUAL(PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type), type);
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void block_cipher_key_type(int type_arg, int block_size_arg)
+{
+    psa_key_type_t type = type_arg;
+    size_t block_size = block_size_arg;
+
+    test_key_type(type_arg, KEY_TYPE_IS_UNSTRUCTURED);
+
+    TEST_EQUAL(type & PSA_KEY_TYPE_CATEGORY_MASK,
+               PSA_KEY_TYPE_CATEGORY_SYMMETRIC);
+    TEST_EQUAL(PSA_BLOCK_CIPHER_BLOCK_LENGTH(type), block_size);
+
+    /* Check that the block size is a power of 2. This is required, at least,
+       for PSA_ROUND_UP_TO_MULTIPLE(block_size, length) in crypto_sizes.h. */
+    TEST_ASSERT(((block_size - 1) & block_size) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void stream_cipher_key_type(int type_arg)
+{
+    psa_key_type_t type = type_arg;
+
+    test_key_type(type_arg, KEY_TYPE_IS_UNSTRUCTURED);
+
+    TEST_EQUAL(type & PSA_KEY_TYPE_CATEGORY_MASK,
+               PSA_KEY_TYPE_CATEGORY_SYMMETRIC);
+    TEST_EQUAL(PSA_BLOCK_CIPHER_BLOCK_LENGTH(type), 1);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:PSA_KEY_TYPE_ECC_PUBLIC_KEY:PSA_KEY_TYPE_ECC_KEY_PAIR */
+void ecc_key_family(int curve_arg)
+{
+    psa_ecc_family_t curve = curve_arg;
+    psa_key_type_t public_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve);
+    psa_key_type_t pair_type = PSA_KEY_TYPE_ECC_KEY_PAIR(curve);
+
+    TEST_PARITY(curve);
+
+    test_key_type(public_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_PUBLIC_KEY);
+    test_key_type(pair_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_KEY_PAIR);
+
+    TEST_EQUAL(PSA_KEY_TYPE_ECC_GET_FAMILY(public_type), curve);
+    TEST_EQUAL(PSA_KEY_TYPE_ECC_GET_FAMILY(pair_type), curve);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_DHM_C */
+void dh_key_family(int group_arg)
+{
+    psa_dh_family_t group = group_arg;
+    psa_key_type_t public_type = PSA_KEY_TYPE_DH_PUBLIC_KEY(group);
+    psa_key_type_t pair_type = PSA_KEY_TYPE_DH_KEY_PAIR(group);
+
+    TEST_PARITY(group);
+
+    test_key_type(public_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_PUBLIC_KEY);
+    test_key_type(pair_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_KEY_PAIR);
+
+    TEST_EQUAL(PSA_KEY_TYPE_DH_GET_FAMILY(public_type), group);
+    TEST_EQUAL(PSA_KEY_TYPE_DH_GET_FAMILY(pair_type), group);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void lifetime(int lifetime_arg, int classification_flags,
+              int persistence_arg, int location_arg)
+{
+    psa_key_lifetime_t lifetime = lifetime_arg;
+    psa_key_persistence_t persistence = persistence_arg;
+    psa_key_location_t location = location_arg;
+    unsigned flags = classification_flags;
+    unsigned classification_flags_tested = 0;
+
+    TEST_CLASSIFICATION_MACRO(1, KEY_LIFETIME_IS_VOLATILE, lifetime, flags);
+    TEST_CLASSIFICATION_MACRO(1, KEY_LIFETIME_IS_READ_ONLY, lifetime, flags);
+    TEST_EQUAL(classification_flags_tested,
+               KEY_LIFETIME_FLAG_MASK_PLUS_ONE - 1);
+
+    TEST_EQUAL(PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime), persistence);
+    TEST_EQUAL(PSA_KEY_LIFETIME_GET_LOCATION(lifetime), location);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_not_supported.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_not_supported.function
new file mode 100644
index 0000000..e5e66f4
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_not_supported.function
@@ -0,0 +1,52 @@
+/* BEGIN_HEADER */
+
+#include "psa/crypto.h"
+#include "test/psa_crypto_helpers.h"
+
+#define INVALID_KEY_ID mbedtls_svc_key_id_make(0, 0xfedcba98)
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void import_not_supported(int key_type, data_t *key_material)
+{
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t key_id = INVALID_KEY_ID;
+
+    PSA_ASSERT(psa_crypto_init());
+    psa_set_key_type(&attributes, key_type);
+    TEST_EQUAL(psa_import_key(&attributes,
+                              key_material->x, key_material->len,
+                              &key_id),
+               PSA_ERROR_NOT_SUPPORTED);
+    TEST_ASSERT(mbedtls_svc_key_id_equal(key_id, MBEDTLS_SVC_KEY_ID_INIT));
+
+exit:
+    psa_destroy_key(key_id);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void generate_not_supported(int key_type, int bits)
+{
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t key_id = INVALID_KEY_ID;
+
+    PSA_ASSERT(psa_crypto_init());
+    psa_set_key_type(&attributes, key_type);
+    psa_set_key_bits(&attributes, bits);
+    TEST_EQUAL(psa_generate_key(&attributes, &key_id),
+               PSA_ERROR_NOT_SUPPORTED);
+    TEST_ASSERT(mbedtls_svc_key_id_equal(key_id, MBEDTLS_SVC_KEY_ID_INIT));
+
+exit:
+    psa_destroy_key(key_id);
+    PSA_DONE();
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_not_supported.generated.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_not_supported.generated.data
new file mode 100644
index 0000000..b5c8a52
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_not_supported.generated.data
@@ -0,0 +1,947 @@
+# Automatically generated by generate_psa_tests.py. Do not edit!
+
+PSA import AES 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_AES
+import_not_supported:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461"
+
+PSA generate AES 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_AES
+generate_not_supported:PSA_KEY_TYPE_AES:128
+
+PSA import AES 192-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_AES
+import_not_supported:PSA_KEY_TYPE_AES:"48657265006973206b6579a0646174614865726500697320"
+
+PSA generate AES 192-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_AES
+generate_not_supported:PSA_KEY_TYPE_AES:192
+
+PSA import AES 256-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_AES
+import_not_supported:PSA_KEY_TYPE_AES:"48657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA generate AES 256-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_AES
+generate_not_supported:PSA_KEY_TYPE_AES:256
+
+PSA import ARC4 8-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_ARC4
+import_not_supported:PSA_KEY_TYPE_ARC4:"48"
+
+PSA generate ARC4 8-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_ARC4
+generate_not_supported:PSA_KEY_TYPE_ARC4:8
+
+PSA import ARC4 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_ARC4
+import_not_supported:PSA_KEY_TYPE_ARC4:"48657265006973206b6579a064617461"
+
+PSA generate ARC4 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_ARC4
+generate_not_supported:PSA_KEY_TYPE_ARC4:128
+
+PSA import ARC4 2048-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_ARC4
+import_not_supported:PSA_KEY_TYPE_ARC4:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA generate ARC4 2048-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_ARC4
+generate_not_supported:PSA_KEY_TYPE_ARC4:2048
+
+PSA import ARIA 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_ARIA
+import_not_supported:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461"
+
+PSA generate ARIA 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_ARIA
+generate_not_supported:PSA_KEY_TYPE_ARIA:128
+
+PSA import ARIA 192-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_ARIA
+import_not_supported:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a0646174614865726500697320"
+
+PSA generate ARIA 192-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_ARIA
+generate_not_supported:PSA_KEY_TYPE_ARIA:192
+
+PSA import ARIA 256-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_ARIA
+import_not_supported:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA generate ARIA 256-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_ARIA
+generate_not_supported:PSA_KEY_TYPE_ARIA:256
+
+PSA import CAMELLIA 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA
+import_not_supported:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461"
+
+PSA generate CAMELLIA 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA
+generate_not_supported:PSA_KEY_TYPE_CAMELLIA:128
+
+PSA import CAMELLIA 192-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA
+import_not_supported:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a0646174614865726500697320"
+
+PSA generate CAMELLIA 192-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA
+generate_not_supported:PSA_KEY_TYPE_CAMELLIA:192
+
+PSA import CAMELLIA 256-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA
+import_not_supported:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA generate CAMELLIA 256-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA
+generate_not_supported:PSA_KEY_TYPE_CAMELLIA:256
+
+PSA import CHACHA20 256-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_CHACHA20
+import_not_supported:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA generate CHACHA20 256-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_CHACHA20
+generate_not_supported:PSA_KEY_TYPE_CHACHA20:256
+
+PSA import DES 64-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_DES
+import_not_supported:PSA_KEY_TYPE_DES:"644573206b457901"
+
+PSA generate DES 64-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_DES
+generate_not_supported:PSA_KEY_TYPE_DES:64
+
+PSA import DES 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_DES
+import_not_supported:PSA_KEY_TYPE_DES:"644573206b457901644573206b457902"
+
+PSA generate DES 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_DES
+generate_not_supported:PSA_KEY_TYPE_DES:128
+
+PSA import DES 192-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_DES
+import_not_supported:PSA_KEY_TYPE_DES:"644573206b457901644573206b457902644573206b457904"
+
+PSA generate DES 192-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_DES
+generate_not_supported:PSA_KEY_TYPE_DES:192
+
+PSA import HMAC 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461"
+
+PSA generate HMAC 128-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+generate_not_supported:PSA_KEY_TYPE_HMAC:128
+
+PSA import HMAC 160-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265"
+
+PSA generate HMAC 160-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+generate_not_supported:PSA_KEY_TYPE_HMAC:160
+
+PSA import HMAC 224-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265006973206b6579a0"
+
+PSA generate HMAC 224-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+generate_not_supported:PSA_KEY_TYPE_HMAC:224
+
+PSA import HMAC 256-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA generate HMAC 256-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+generate_not_supported:PSA_KEY_TYPE_HMAC:256
+
+PSA import HMAC 384-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA generate HMAC 384-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+generate_not_supported:PSA_KEY_TYPE_HMAC:384
+
+PSA import HMAC 512-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+PSA generate HMAC 512-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_HMAC
+generate_not_supported:PSA_KEY_TYPE_HMAC:512
+
+PSA import RSA_KEY_PAIR 1024-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+import_not_supported:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+PSA generate RSA_KEY_PAIR 1024-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+generate_not_supported:PSA_KEY_TYPE_RSA_KEY_PAIR:1024
+
+PSA import RSA_KEY_PAIR 1536-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+import_not_supported:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+PSA generate RSA_KEY_PAIR 1536-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+generate_not_supported:PSA_KEY_TYPE_RSA_KEY_PAIR:1536
+
+PSA import RSA_PUBLIC_KEY 1024-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+import_not_supported:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+PSA import RSA_PUBLIC_KEY 1536-bit not supported
+depends_on:!PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+import_not_supported:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_256
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_256
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_384
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_384
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_512
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_512
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_256
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_256
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_384
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_384
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384
+
+PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_512
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_512
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_256
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_384
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_512
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_256
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_384
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_512
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+PSA import ECC_KEY_PAIR(MONTGOMERY) 255-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a"
+
+PSA generate ECC_KEY_PAIR(MONTGOMERY) 255-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255
+
+PSA import ECC_KEY_PAIR(MONTGOMERY) 448-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1"
+
+PSA generate ECC_KEY_PAIR(MONTGOMERY) 448-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448
+
+PSA import ECC_KEY_PAIR(MONTGOMERY) 255-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_MONTGOMERY_255
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a"
+
+PSA generate ECC_KEY_PAIR(MONTGOMERY) 255-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_MONTGOMERY_255
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255
+
+PSA import ECC_KEY_PAIR(MONTGOMERY) 448-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_MONTGOMERY_448
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1"
+
+PSA generate ECC_KEY_PAIR(MONTGOMERY) 448-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_MONTGOMERY_448
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448
+
+PSA import ECC_PUBLIC_KEY(MONTGOMERY) 255-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_MONTGOMERY_255
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a"
+
+PSA import ECC_PUBLIC_KEY(MONTGOMERY) 448-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_MONTGOMERY_448
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e"
+
+PSA import ECC_PUBLIC_KEY(MONTGOMERY) 255-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_MONTGOMERY_255
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a"
+
+PSA import ECC_PUBLIC_KEY(MONTGOMERY) 448-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_MONTGOMERY_448
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e"
+
+PSA import ECC_KEY_PAIR(SECP_K1) 192-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_192
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+PSA generate ECC_KEY_PAIR(SECP_K1) 192-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_192
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192
+
+PSA import ECC_KEY_PAIR(SECP_K1) 224-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_224
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+PSA generate ECC_KEY_PAIR(SECP_K1) 224-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_224
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224
+
+PSA import ECC_KEY_PAIR(SECP_K1) 256-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_256
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+PSA generate ECC_KEY_PAIR(SECP_K1) 256-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_256
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256
+
+PSA import ECC_KEY_PAIR(SECP_K1) 192-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_192
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+PSA generate ECC_KEY_PAIR(SECP_K1) 192-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_192
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192
+
+PSA import ECC_KEY_PAIR(SECP_K1) 224-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_224
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+PSA generate ECC_KEY_PAIR(SECP_K1) 224-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_224
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224
+
+PSA import ECC_KEY_PAIR(SECP_K1) 256-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_256
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+PSA generate ECC_KEY_PAIR(SECP_K1) 256-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_256
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256
+
+PSA import ECC_PUBLIC_KEY(SECP_K1) 192-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_K1_192
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+PSA import ECC_PUBLIC_KEY(SECP_K1) 224-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_K1_224
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+PSA import ECC_PUBLIC_KEY(SECP_K1) 256-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_K1_256
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+PSA import ECC_PUBLIC_KEY(SECP_K1) 192-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_K1_192
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+PSA import ECC_PUBLIC_KEY(SECP_K1) 224-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_K1_224
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+PSA import ECC_PUBLIC_KEY(SECP_K1) 256-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_K1_256
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+PSA import ECC_KEY_PAIR(SECP_R1) 225-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+PSA generate ECC_KEY_PAIR(SECP_R1) 225-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225
+
+PSA import ECC_KEY_PAIR(SECP_R1) 256-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+PSA generate ECC_KEY_PAIR(SECP_R1) 256-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256
+
+PSA import ECC_KEY_PAIR(SECP_R1) 384-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_384
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+PSA generate ECC_KEY_PAIR(SECP_R1) 384-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_384
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384
+
+PSA import ECC_KEY_PAIR(SECP_R1) 521-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_521
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+PSA generate ECC_KEY_PAIR(SECP_R1) 521-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_521
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521
+
+PSA import ECC_KEY_PAIR(SECP_R1) 225-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+PSA generate ECC_KEY_PAIR(SECP_R1) 225-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225
+
+PSA import ECC_KEY_PAIR(SECP_R1) 256-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_256
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+PSA generate ECC_KEY_PAIR(SECP_R1) 256-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_256
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256
+
+PSA import ECC_KEY_PAIR(SECP_R1) 384-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_384
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+PSA generate ECC_KEY_PAIR(SECP_R1) 384-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_384
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384
+
+PSA import ECC_KEY_PAIR(SECP_R1) 521-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_521
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+PSA generate ECC_KEY_PAIR(SECP_R1) 521-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_521
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521
+
+PSA import ECC_PUBLIC_KEY(SECP_R1) 225-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+PSA import ECC_PUBLIC_KEY(SECP_R1) 256-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+PSA import ECC_PUBLIC_KEY(SECP_R1) 384-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+PSA import ECC_PUBLIC_KEY(SECP_R1) 521-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_521
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+PSA import ECC_PUBLIC_KEY(SECP_R1) 225-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+PSA import ECC_PUBLIC_KEY(SECP_R1) 256-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R1_256
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+PSA import ECC_PUBLIC_KEY(SECP_R1) 384-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R1_384
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+PSA import ECC_PUBLIC_KEY(SECP_R1) 521-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R1_521
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+PSA import ECC_KEY_PAIR(SECP_R2) 160-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+PSA generate ECC_KEY_PAIR(SECP_R2) 160-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160
+
+PSA import ECC_KEY_PAIR(SECP_R2) 160-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+PSA generate ECC_KEY_PAIR(SECP_R2) 160-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160
+
+PSA import ECC_PUBLIC_KEY(SECP_R2) 160-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+PSA import ECC_PUBLIC_KEY(SECP_R2) 160-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+PSA import ECC_KEY_PAIR(SECT_K1) 163-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 163-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163
+
+PSA import ECC_KEY_PAIR(SECT_K1) 233-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 233-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233
+
+PSA import ECC_KEY_PAIR(SECT_K1) 239-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 239-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239
+
+PSA import ECC_KEY_PAIR(SECT_K1) 283-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 283-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283
+
+PSA import ECC_KEY_PAIR(SECT_K1) 409-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 409-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409
+
+PSA import ECC_KEY_PAIR(SECT_K1) 571-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 571-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571
+
+PSA import ECC_KEY_PAIR(SECT_K1) 163-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 163-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163
+
+PSA import ECC_KEY_PAIR(SECT_K1) 233-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 233-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233
+
+PSA import ECC_KEY_PAIR(SECT_K1) 239-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 239-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239
+
+PSA import ECC_KEY_PAIR(SECT_K1) 283-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 283-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283
+
+PSA import ECC_KEY_PAIR(SECT_K1) 409-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 409-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409
+
+PSA import ECC_KEY_PAIR(SECT_K1) 571-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+PSA generate ECC_KEY_PAIR(SECT_K1) 571-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 163-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 233-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 239-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 283-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 409-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 571-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 163-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 233-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 239-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 283-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 409-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+PSA import ECC_PUBLIC_KEY(SECT_K1) 571-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+PSA import ECC_KEY_PAIR(SECT_R1) 163-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+PSA generate ECC_KEY_PAIR(SECT_R1) 163-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163
+
+PSA import ECC_KEY_PAIR(SECT_R1) 233-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+PSA generate ECC_KEY_PAIR(SECT_R1) 233-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233
+
+PSA import ECC_KEY_PAIR(SECT_R1) 283-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+PSA generate ECC_KEY_PAIR(SECT_R1) 283-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283
+
+PSA import ECC_KEY_PAIR(SECT_R1) 409-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+PSA generate ECC_KEY_PAIR(SECT_R1) 409-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409
+
+PSA import ECC_KEY_PAIR(SECT_R1) 571-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+PSA generate ECC_KEY_PAIR(SECT_R1) 571-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571
+
+PSA import ECC_KEY_PAIR(SECT_R1) 163-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+PSA generate ECC_KEY_PAIR(SECT_R1) 163-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163
+
+PSA import ECC_KEY_PAIR(SECT_R1) 233-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+PSA generate ECC_KEY_PAIR(SECT_R1) 233-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233
+
+PSA import ECC_KEY_PAIR(SECT_R1) 283-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+PSA generate ECC_KEY_PAIR(SECT_R1) 283-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283
+
+PSA import ECC_KEY_PAIR(SECT_R1) 409-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+PSA generate ECC_KEY_PAIR(SECT_R1) 409-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409
+
+PSA import ECC_KEY_PAIR(SECT_R1) 571-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+PSA generate ECC_KEY_PAIR(SECT_R1) 571-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571
+
+PSA import ECC_PUBLIC_KEY(SECT_R1) 163-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+PSA import ECC_PUBLIC_KEY(SECT_R1) 233-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+PSA import ECC_PUBLIC_KEY(SECT_R1) 283-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+PSA import ECC_PUBLIC_KEY(SECT_R1) 409-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+PSA import ECC_PUBLIC_KEY(SECT_R1) 571-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+PSA import ECC_PUBLIC_KEY(SECT_R1) 163-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+PSA import ECC_PUBLIC_KEY(SECT_R1) 233-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+PSA import ECC_PUBLIC_KEY(SECT_R1) 283-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+PSA import ECC_PUBLIC_KEY(SECT_R1) 409-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+PSA import ECC_PUBLIC_KEY(SECT_R1) 571-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+PSA import ECC_KEY_PAIR(SECT_R2) 163-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34"
+
+PSA generate ECC_KEY_PAIR(SECT_R2) 163-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163
+
+PSA import ECC_KEY_PAIR(SECT_R2) 163-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34"
+
+PSA generate ECC_KEY_PAIR(SECT_R2) 163-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163
+
+PSA import ECC_PUBLIC_KEY(SECT_R2) 163-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+PSA import ECC_PUBLIC_KEY(SECT_R2) 163-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+PSA import ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60"
+
+PSA generate ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255
+
+PSA import ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b"
+
+PSA generate ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448
+
+PSA import ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60"
+
+PSA generate ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255
+
+PSA import ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b"
+
+PSA generate ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET
+generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448
+
+PSA import ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a"
+
+PSA import ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit type not supported
+depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180"
+
+PSA import ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a"
+
+PSA import ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit curve not supported
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET
+import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180"
+
+# End of automatically generated file.
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_not_supported.misc.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_not_supported.misc.data
new file mode 100644
index 0000000..2c3673e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_not_supported.misc.data
@@ -0,0 +1,11 @@
+PSA import PSA_KEY_TYPE_NONE never supported
+import_not_supported:PSA_KEY_TYPE_NONE:"1234"
+
+PSA generate PSA_KEY_TYPE_NONE never supported
+generate_not_supported:PSA_KEY_TYPE_NONE:16
+
+PSA import PSA_KEY_TYPE_CATEGORY_SYMMETRIC never supported
+import_not_supported:PSA_KEY_TYPE_CATEGORY_SYMMETRIC:"1234"
+
+PSA generate PSA_KEY_TYPE_CATEGORY_SYMMETRIC never supported
+generate_not_supported:PSA_KEY_TYPE_CATEGORY_SYMMETRIC:16
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_op_fail.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_op_fail.function
new file mode 100644
index 0000000..0d5d538
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_op_fail.function
@@ -0,0 +1,381 @@
+/* BEGIN_HEADER */
+
+#include "psa/crypto.h"
+#include "test/psa_crypto_helpers.h"
+
+static int test_equal_status(const char *test,
+                             int line_no, const char *filename,
+                             psa_status_t value1,
+                             psa_status_t value2)
+{
+    if ((value1 == PSA_ERROR_INVALID_ARGUMENT &&
+         value2 == PSA_ERROR_NOT_SUPPORTED) ||
+        (value1 == PSA_ERROR_NOT_SUPPORTED &&
+         value2 == PSA_ERROR_INVALID_ARGUMENT)) {
+        return 1;
+    }
+    return mbedtls_test_equal(test, line_no, filename, value1, value2);
+}
+
+/** Like #TEST_EQUAL, but expects #psa_status_t values and treats
+ * #PSA_ERROR_INVALID_ARGUMENT and #PSA_ERROR_NOT_SUPPORTED as
+ * interchangeable.
+ *
+ * This test suite currently allows NOT_SUPPORTED and INVALID_ARGUMENT
+ * to be interchangeable in places where the library's behavior does not
+ * match the strict expectations of the test case generator. In the long
+ * run, it would be better to clarify the expectations and reconcile the
+ * library and the test case generator.
+ */
+#define TEST_STATUS(expr1, expr2)                                     \
+    do {                                                                \
+        if (!test_equal_status( #expr1 " == " #expr2, __LINE__, __FILE__, \
+                                expr1, expr2))                       \
+        goto exit;                                                  \
+    } while (0)
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void hash_fail(int alg_arg, int expected_status_arg)
+{
+    psa_status_t expected_status = expected_status_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+    uint8_t input[1] = { 'A' };
+    uint8_t output[PSA_HASH_MAX_SIZE] = { 0 };
+    size_t length = SIZE_MAX;
+
+    PSA_INIT();
+
+    TEST_EQUAL(expected_status,
+               psa_hash_setup(&operation, alg));
+    TEST_EQUAL(expected_status,
+               psa_hash_compute(alg, input, sizeof(input),
+                                output, sizeof(output), &length));
+    TEST_EQUAL(expected_status,
+               psa_hash_compare(alg, input, sizeof(input),
+                                output, sizeof(output)));
+
+exit:
+    psa_hash_abort(&operation);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mac_fail(int key_type_arg, data_t *key_data,
+              int alg_arg, int expected_status_arg)
+{
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
+    uint8_t input[1] = { 'A' };
+    uint8_t output[PSA_MAC_MAX_SIZE] = { 0 };
+    size_t length = SIZE_MAX;
+
+    PSA_INIT();
+
+    psa_set_key_type(&attributes, key_type);
+    psa_set_key_usage_flags(&attributes,
+                            PSA_KEY_USAGE_SIGN_HASH |
+                            PSA_KEY_USAGE_VERIFY_HASH);
+    psa_set_key_algorithm(&attributes, alg);
+    PSA_ASSERT(psa_import_key(&attributes,
+                              key_data->x, key_data->len,
+                              &key_id));
+
+    TEST_STATUS(expected_status,
+                psa_mac_sign_setup(&operation, key_id, alg));
+    TEST_STATUS(expected_status,
+                psa_mac_verify_setup(&operation, key_id, alg));
+    TEST_STATUS(expected_status,
+                psa_mac_compute(key_id, alg,
+                                input, sizeof(input),
+                                output, sizeof(output), &length));
+    TEST_STATUS(expected_status,
+                psa_mac_verify(key_id, alg,
+                               input, sizeof(input),
+                               output, sizeof(output)));
+
+exit:
+    psa_mac_abort(&operation);
+    psa_destroy_key(key_id);
+    psa_reset_key_attributes(&attributes);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_fail(int key_type_arg, data_t *key_data,
+                 int alg_arg, int expected_status_arg)
+{
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
+    uint8_t input[1] = { 'A' };
+    uint8_t output[64] = { 0 };
+    size_t length = SIZE_MAX;
+
+    PSA_INIT();
+
+    psa_set_key_type(&attributes, key_type);
+    psa_set_key_usage_flags(&attributes,
+                            PSA_KEY_USAGE_ENCRYPT |
+                            PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    PSA_ASSERT(psa_import_key(&attributes,
+                              key_data->x, key_data->len,
+                              &key_id));
+
+    TEST_STATUS(expected_status,
+                psa_cipher_encrypt_setup(&operation, key_id, alg));
+    TEST_STATUS(expected_status,
+                psa_cipher_decrypt_setup(&operation, key_id, alg));
+    TEST_STATUS(expected_status,
+                psa_cipher_encrypt(key_id, alg,
+                                   input, sizeof(input),
+                                   output, sizeof(output), &length));
+    TEST_STATUS(expected_status,
+                psa_cipher_decrypt(key_id, alg,
+                                   input, sizeof(input),
+                                   output, sizeof(output), &length));
+
+exit:
+    psa_cipher_abort(&operation);
+    psa_destroy_key(key_id);
+    psa_reset_key_attributes(&attributes);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aead_fail(int key_type_arg, data_t *key_data,
+               int alg_arg, int expected_status_arg)
+{
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
+    uint8_t input[16] = "ABCDEFGHIJKLMNO";
+    uint8_t output[64] = { 0 };
+    size_t length = SIZE_MAX;
+
+    PSA_INIT();
+
+    psa_set_key_type(&attributes, key_type);
+    psa_set_key_usage_flags(&attributes,
+                            PSA_KEY_USAGE_ENCRYPT |
+                            PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    PSA_ASSERT(psa_import_key(&attributes,
+                              key_data->x, key_data->len,
+                              &key_id));
+
+    TEST_STATUS(expected_status,
+                psa_aead_encrypt(key_id, alg,
+                                 input, sizeof(input),
+                                 NULL, 0, input, sizeof(input),
+                                 output, sizeof(output), &length));
+    TEST_STATUS(expected_status,
+                psa_aead_decrypt(key_id, alg,
+                                 input, sizeof(input),
+                                 NULL, 0, input, sizeof(input),
+                                 output, sizeof(output), &length));
+
+exit:
+    psa_destroy_key(key_id);
+    psa_reset_key_attributes(&attributes);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void sign_fail(int key_type_arg, data_t *key_data,
+               int alg_arg, int private_only,
+               int expected_status_arg)
+{
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
+    uint8_t input[1] = { 'A' };
+    uint8_t output[PSA_SIGNATURE_MAX_SIZE] = { 0 };
+    size_t length = SIZE_MAX;
+
+    PSA_INIT();
+
+    psa_set_key_type(&attributes, key_type);
+    psa_set_key_usage_flags(&attributes,
+                            PSA_KEY_USAGE_SIGN_HASH |
+                            PSA_KEY_USAGE_VERIFY_HASH);
+    psa_set_key_algorithm(&attributes, alg);
+    PSA_ASSERT(psa_import_key(&attributes,
+                              key_data->x, key_data->len,
+                              &key_id));
+
+    TEST_STATUS(expected_status,
+                psa_sign_hash(key_id, alg,
+                              input, sizeof(input),
+                              output, sizeof(output), &length));
+    if (!private_only) {
+        /* Determine a plausible signature size to avoid an INVALID_SIGNATURE
+         * error based on this. */
+        PSA_ASSERT(psa_get_key_attributes(key_id, &attributes));
+        size_t key_bits = psa_get_key_bits(&attributes);
+        size_t output_length = sizeof(output);
+        if (PSA_KEY_TYPE_IS_RSA(key_type)) {
+            output_length = PSA_BITS_TO_BYTES(key_bits);
+        } else if (PSA_KEY_TYPE_IS_ECC(key_type)) {
+            output_length = 2 * PSA_BITS_TO_BYTES(key_bits);
+        }
+        TEST_ASSERT(output_length <= sizeof(output));
+        TEST_STATUS(expected_status,
+                    psa_verify_hash(key_id, alg,
+                                    input, sizeof(input),
+                                    output, output_length));
+    }
+
+exit:
+    psa_destroy_key(key_id);
+    psa_reset_key_attributes(&attributes);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_encryption_fail(int key_type_arg, data_t *key_data,
+                                int alg_arg, int private_only,
+                                int expected_status_arg)
+{
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
+    uint8_t plaintext[PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE] = { 0 };
+    uint8_t ciphertext[PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE] = { 0 };
+    size_t length = SIZE_MAX;
+
+    PSA_INIT();
+
+    psa_set_key_type(&attributes, key_type);
+    psa_set_key_usage_flags(&attributes,
+                            PSA_KEY_USAGE_ENCRYPT |
+                            PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, alg);
+    PSA_ASSERT(psa_import_key(&attributes,
+                              key_data->x, key_data->len,
+                              &key_id));
+
+    if (!private_only) {
+        TEST_STATUS(expected_status,
+                    psa_asymmetric_encrypt(key_id, alg,
+                                           plaintext, 1,
+                                           NULL, 0,
+                                           ciphertext, sizeof(ciphertext),
+                                           &length));
+    }
+    TEST_STATUS(expected_status,
+                psa_asymmetric_decrypt(key_id, alg,
+                                       ciphertext, sizeof(ciphertext),
+                                       NULL, 0,
+                                       plaintext, sizeof(plaintext),
+                                       &length));
+
+exit:
+    psa_destroy_key(key_id);
+    psa_reset_key_attributes(&attributes);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_derivation_fail(int alg_arg, int expected_status_arg)
+{
+    psa_status_t expected_status = expected_status_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+
+    PSA_INIT();
+
+    TEST_EQUAL(expected_status,
+               psa_key_derivation_setup(&operation, alg));
+
+exit:
+    psa_key_derivation_abort(&operation);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_agreement_fail(int key_type_arg, data_t *key_data,
+                        int alg_arg, int private_only,
+                        int expected_status_arg)
+{
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
+    uint8_t public_key[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE] = { 0 };
+    size_t public_key_length = SIZE_MAX;
+    uint8_t output[PSA_SIGNATURE_MAX_SIZE] = { 0 };
+    size_t length = SIZE_MAX;
+    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+
+    PSA_INIT();
+
+    psa_set_key_type(&attributes, key_type);
+    psa_set_key_usage_flags(&attributes,
+                            PSA_KEY_USAGE_DERIVE);
+    psa_set_key_algorithm(&attributes, alg);
+    PSA_ASSERT(psa_import_key(&attributes,
+                              key_data->x, key_data->len,
+                              &key_id));
+    if (PSA_KEY_TYPE_IS_KEY_PAIR(key_type) ||
+        PSA_KEY_TYPE_IS_PUBLIC_KEY(key_type)) {
+        PSA_ASSERT(psa_export_public_key(key_id,
+                                         public_key, sizeof(public_key),
+                                         &public_key_length));
+    }
+
+    TEST_STATUS(expected_status,
+                psa_raw_key_agreement(alg, key_id,
+                                      public_key, public_key_length,
+                                      output, sizeof(output), &length));
+
+#if defined(PSA_WANT_ALG_HKDF) && defined(PSA_WANT_ALG_SHA_256)
+    PSA_ASSERT(psa_key_derivation_setup(&operation,
+                                        PSA_ALG_HKDF(PSA_ALG_SHA_256)));
+    TEST_STATUS(expected_status,
+                psa_key_derivation_key_agreement(
+                    &operation,
+                    PSA_KEY_DERIVATION_INPUT_SECRET,
+                    key_id,
+                    public_key, public_key_length));
+#endif
+
+    /* There are no public-key operations. */
+    (void) private_only;
+
+exit:
+    psa_key_derivation_abort(&operation);
+    psa_destroy_key(key_id);
+    psa_reset_key_attributes(&attributes);
+    PSA_DONE();
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_op_fail.generated.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_op_fail.generated.data
new file mode 100644
index 0000000..1c674a6
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_op_fail.generated.data
@@ -0,0 +1,32526 @@
+# Automatically generated by generate_psa_tests.py. Do not edit!
+
+PSA hash AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): invalid
+depends_on:PSA_WANT_ALG_CCM
+hash_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4
+aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20
+aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE
+aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with DES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): invalid
+depends_on:PSA_WANT_ALG_CCM
+key_derivation_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): invalid
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305
+hash_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with AES
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_ARC4
+aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
+aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_DERIVE
+aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with DES
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): invalid
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305
+key_derivation_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): invalid
+depends_on:PSA_WANT_ALG_GCM
+hash_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with AES
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARC4
+aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CHACHA20
+aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_DERIVE
+aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with DES
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): invalid
+depends_on:PSA_WANT_ALG_GCM
+key_derivation_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): invalid
+depends_on:PSA_WANT_ALG_CCM
+hash_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4
+aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20
+aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE
+aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with DES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): invalid
+depends_on:PSA_WANT_ALG_CCM
+key_derivation_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): invalid
+depends_on:PSA_WANT_ALG_CCM
+hash_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4
+aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20
+aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE
+aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with DES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): invalid
+depends_on:PSA_WANT_ALG_CCM
+key_derivation_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): invalid
+depends_on:PSA_WANT_ALG_CCM
+hash_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4
+aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20
+aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE
+aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with DES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): invalid
+depends_on:PSA_WANT_ALG_CCM
+key_derivation_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): invalid
+depends_on:PSA_WANT_ALG_CCM
+hash_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4
+aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20
+aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE
+aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with DES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): invalid
+depends_on:PSA_WANT_ALG_CCM
+key_derivation_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): invalid
+depends_on:PSA_WANT_ALG_CCM
+hash_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4
+aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20
+aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE
+aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with DES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): invalid
+depends_on:PSA_WANT_ALG_CCM
+key_derivation_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AEAD_WITH_SHORTENED_TAG(CCM,1): invalid
+depends_on:PSA_WANT_ALG_CCM
+hash_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4
+aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20
+aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE
+aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with DES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AEAD_WITH_SHORTENED_TAG(CCM,1): invalid
+depends_on:PSA_WANT_ALG_CCM
+key_derivation_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): invalid
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305
+hash_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with AES
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_ARC4
+aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
+aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_DERIVE
+aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with DES
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): invalid
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305
+key_derivation_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AEAD_WITH_SHORTENED_TAG(GCM,1): invalid
+depends_on:PSA_WANT_ALG_GCM
+hash_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with AES
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARC4
+aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CHACHA20
+aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_DERIVE
+aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with DES
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AEAD_WITH_SHORTENED_TAG(GCM,1): invalid
+depends_on:PSA_WANT_ALG_GCM
+key_derivation_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AEAD_WITH_SHORTENED_TAG(CCM,4): invalid
+depends_on:PSA_WANT_ALG_CCM
+hash_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): !CCM with AES
+depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_NOT_SUPPORTED
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4
+aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): !CCM with ARIA
+depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_NOT_SUPPORTED
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): !CCM with CAMELLIA
+depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_NOT_SUPPORTED
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20
+aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE
+aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with DES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AEAD_WITH_SHORTENED_TAG(CCM,4): invalid
+depends_on:PSA_WANT_ALG_CCM
+key_derivation_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AEAD_WITH_SHORTENED_TAG(CCM,13): invalid
+depends_on:PSA_WANT_ALG_CCM
+hash_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4
+aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20
+aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE
+aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with DES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AEAD_WITH_SHORTENED_TAG(CCM,13): invalid
+depends_on:PSA_WANT_ALG_CCM
+key_derivation_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AEAD_WITH_SHORTENED_TAG(CCM,14): invalid
+depends_on:PSA_WANT_ALG_CCM
+hash_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): !CCM with AES
+depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_NOT_SUPPORTED
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4
+aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): !CCM with ARIA
+depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_NOT_SUPPORTED
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): !CCM with CAMELLIA
+depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_NOT_SUPPORTED
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20
+aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE
+aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with DES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AEAD_WITH_SHORTENED_TAG(CCM,14): invalid
+depends_on:PSA_WANT_ALG_CCM
+key_derivation_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AEAD_WITH_SHORTENED_TAG(CCM,16): invalid
+depends_on:PSA_WANT_ALG_CCM
+hash_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): !CCM with AES
+depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_NOT_SUPPORTED
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4
+aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): !CCM with ARIA
+depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_NOT_SUPPORTED
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): !CCM with CAMELLIA
+depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_NOT_SUPPORTED
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20
+aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE
+aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with DES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AEAD_WITH_SHORTENED_TAG(CCM,16): invalid
+depends_on:PSA_WANT_ALG_CCM
+key_derivation_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AEAD_WITH_SHORTENED_TAG(CCM,63): invalid
+depends_on:PSA_WANT_ALG_CCM
+hash_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4
+aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20
+aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE
+aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with DES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AEAD_WITH_SHORTENED_TAG(CCM,63): invalid
+depends_on:PSA_WANT_ALG_CCM
+key_derivation_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation ANY_HASH: invalid
+key_derivation_fail:PSA_ALG_ANY_HASH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with DES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AT_LEAST_THIS_LENGTH_MAC(CMAC,1): invalid
+depends_on:PSA_WANT_ALG_CMAC
+hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with AES
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with DES
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(CMAC,1): invalid
+depends_on:PSA_WANT_ALG_CMAC
+key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2
+hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2
+key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4
+hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4
+key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5
+hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5
+key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160
+hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160
+key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1
+hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1
+key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224
+hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224
+key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256
+hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256
+key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384
+hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384
+key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512
+hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512
+key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with DES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with DES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with DES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with DES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with DES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash CBC_MAC: invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+hash_fail:PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: !CBC_MAC with AES
+depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_NOT_SUPPORTED
+
+PSA mac CBC_MAC: incompatible with ARC4
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: !CBC_MAC with ARIA
+depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_NOT_SUPPORTED
+
+PSA mac CBC_MAC: !CBC_MAC with CAMELLIA
+depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_NOT_SUPPORTED
+
+PSA mac CBC_MAC: incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with DES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with HMAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_MAC: incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_MAC: invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_MAC: invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_MAC: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CBC_MAC: invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CBC_MAC: invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CBC_MAC: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CBC_MAC: invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CBC_MAC: invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CBC_MAC: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CBC_MAC: invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CBC_MAC: invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CBC_MAC: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation CBC_MAC: invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+key_derivation_fail:PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CBC_MAC: invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CBC_MAC: invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CBC_MAC: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash CBC_NO_PADDING: invalid
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING
+hash_fail:PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_NO_PADDING: invalid with AES
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_NO_PADDING: invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_NO_PADDING: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_NO_PADDING: invalid with DES
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: !CBC_NO_PADDING with AES
+depends_on:!PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher CBC_NO_PADDING: incompatible with ARC4
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARC4
+cipher_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: !CBC_NO_PADDING with ARIA
+depends_on:!PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher CBC_NO_PADDING: !CBC_NO_PADDING with CAMELLIA
+depends_on:!PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher CBC_NO_PADDING: incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DERIVE
+cipher_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: !CBC_NO_PADDING with DES
+depends_on:!PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher CBC_NO_PADDING: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with HMAC
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_HMAC
+cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA
+cipher_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_NO_PADDING: incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CBC_NO_PADDING: invalid with AES
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CBC_NO_PADDING: invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CBC_NO_PADDING: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CBC_NO_PADDING: invalid with DES
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CBC_NO_PADDING: invalid with AES
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CBC_NO_PADDING: invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CBC_NO_PADDING: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CBC_NO_PADDING: invalid with DES
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CBC_NO_PADDING: invalid with AES
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CBC_NO_PADDING: invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CBC_NO_PADDING: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CBC_NO_PADDING: invalid with DES
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation CBC_NO_PADDING: invalid
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING
+key_derivation_fail:PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CBC_NO_PADDING: invalid with AES
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CBC_NO_PADDING: invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CBC_NO_PADDING: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CBC_NO_PADDING: invalid with DES
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash CBC_PKCS7: invalid
+depends_on:PSA_WANT_ALG_CBC_PKCS7
+hash_fail:PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_PKCS7: invalid with AES
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_PKCS7: invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_PKCS7: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CBC_PKCS7: invalid with DES
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: !CBC_PKCS7 with AES
+depends_on:!PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher CBC_PKCS7: incompatible with ARC4
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARC4
+cipher_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: !CBC_PKCS7 with ARIA
+depends_on:!PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA
+cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher CBC_PKCS7: !CBC_PKCS7 with CAMELLIA
+depends_on:!PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA
+cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher CBC_PKCS7: incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DERIVE
+cipher_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: !CBC_PKCS7 with DES
+depends_on:!PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES
+cipher_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_PKCS7:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher CBC_PKCS7: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with HMAC
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_HMAC
+cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA
+cipher_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CBC_PKCS7: incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CBC_PKCS7: invalid with AES
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CBC_PKCS7: invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CBC_PKCS7: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CBC_PKCS7: invalid with DES
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CBC_PKCS7: invalid with AES
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CBC_PKCS7: invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CBC_PKCS7: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CBC_PKCS7: invalid with DES
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CBC_PKCS7: invalid with AES
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CBC_PKCS7: invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CBC_PKCS7: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CBC_PKCS7: invalid with DES
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES
+asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation CBC_PKCS7: invalid
+depends_on:PSA_WANT_ALG_CBC_PKCS7
+key_derivation_fail:PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CBC_PKCS7: invalid with AES
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CBC_PKCS7: invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CBC_PKCS7: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CBC_PKCS7: invalid with DES
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES
+key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash CCM: invalid
+depends_on:PSA_WANT_ALG_CCM
+hash_fail:PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CCM: invalid with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CCM: invalid with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CCM: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CCM: invalid with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CCM: invalid with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CCM: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: !CCM with AES
+depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_NOT_SUPPORTED
+
+PSA aead CCM: incompatible with ARC4
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4
+aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: !CCM with ARIA
+depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_NOT_SUPPORTED
+
+PSA aead CCM: !CCM with CAMELLIA
+depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_NOT_SUPPORTED
+
+PSA aead CCM: incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20
+aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE
+aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with DES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with HMAC
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CCM: incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CCM: invalid with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CCM:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CCM: invalid with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CCM: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CCM: invalid with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CCM:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CCM: invalid with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CCM: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation CCM: invalid
+depends_on:PSA_WANT_ALG_CCM
+key_derivation_fail:PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CCM: invalid with AES
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CCM:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CCM: invalid with ARIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CCM: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash CFB: invalid
+depends_on:PSA_WANT_ALG_CFB
+hash_fail:PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CFB: invalid with AES
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CFB: invalid with ARIA
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CFB: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: !CFB with AES
+depends_on:!PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES
+cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher CFB: incompatible with ARC4
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARC4
+cipher_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: !CFB with ARIA
+depends_on:!PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA
+cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher CFB: !CFB with CAMELLIA
+depends_on:!PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA
+cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher CFB: incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_DERIVE
+cipher_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with DES
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_DES
+cipher_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with HMAC
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_HMAC
+cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA
+cipher_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CFB: incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CFB: invalid with AES
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CFB: invalid with ARIA
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CFB: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CFB: invalid with AES
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CFB:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CFB: invalid with ARIA
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CFB: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CFB: invalid with AES
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CFB:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CFB: invalid with ARIA
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CFB: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation CFB: invalid
+depends_on:PSA_WANT_ALG_CFB
+key_derivation_fail:PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CFB: invalid with AES
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CFB:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CFB: invalid with ARIA
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CFB: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash CHACHA20_POLY1305: invalid
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305
+hash_fail:PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CHACHA20_POLY1305: invalid with CHACHA20
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CHACHA20_POLY1305: invalid with CHACHA20
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with AES
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with ARC4
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_ARC4
+aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with ARIA
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: !CHACHA20_POLY1305 with CHACHA20
+depends_on:!PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
+aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_NOT_SUPPORTED
+
+PSA aead CHACHA20_POLY1305: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_DERIVE
+aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with DES
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with HMAC
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CHACHA20_POLY1305: incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CHACHA20_POLY1305: invalid with CHACHA20
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CHACHA20_POLY1305:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CHACHA20_POLY1305: invalid with CHACHA20
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
+asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CHACHA20_POLY1305:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation CHACHA20_POLY1305: invalid
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305
+key_derivation_fail:PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CHACHA20_POLY1305: invalid with CHACHA20
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
+key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CHACHA20_POLY1305:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash CMAC: invalid
+depends_on:PSA_WANT_ALG_CMAC
+hash_fail:PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: !CMAC with AES
+depends_on:!PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED
+
+PSA mac CMAC: incompatible with ARC4
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with ARIA
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with DES
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with HMAC
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CMAC: incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CMAC: invalid with AES
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CMAC: invalid with AES
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CMAC: invalid with AES
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CMAC:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CMAC: invalid with AES
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CMAC:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation CMAC: invalid
+depends_on:PSA_WANT_ALG_CMAC
+key_derivation_fail:PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CMAC: invalid with AES
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CMAC:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash CTR: invalid
+depends_on:PSA_WANT_ALG_CTR
+hash_fail:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CTR: invalid with AES
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CTR: invalid with ARIA
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac CTR: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: !CTR with AES
+depends_on:!PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher CTR: incompatible with ARC4
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARC4
+cipher_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: !CTR with ARIA
+depends_on:!PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA
+cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher CTR: !CTR with CAMELLIA
+depends_on:!PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA
+cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher CTR: incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_DERIVE
+cipher_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with DES
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_DES
+cipher_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with HMAC
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_HMAC
+cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA
+cipher_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher CTR: incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CTR: invalid with AES
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CTR: invalid with ARIA
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead CTR: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CTR: invalid with AES
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CTR:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CTR: invalid with ARIA
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign CTR: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CTR: invalid with AES
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CTR:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CTR: invalid with ARIA
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption CTR: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation CTR: invalid
+depends_on:PSA_WANT_ALG_CTR
+key_derivation_fail:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CTR: invalid with AES
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CTR:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CTR: invalid with ARIA
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement CTR: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DETERMINISTIC_DSA(MD2): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2
+hash_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with AES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with DES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD2): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DETERMINISTIC_DSA(MD2): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2
+key_derivation_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DETERMINISTIC_DSA(MD4): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4
+hash_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with AES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with DES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD4): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DETERMINISTIC_DSA(MD4): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4
+key_derivation_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DETERMINISTIC_DSA(MD5): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5
+hash_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with AES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with DES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(MD5): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DETERMINISTIC_DSA(MD5): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5
+key_derivation_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DETERMINISTIC_DSA(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160
+hash_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with AES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with DES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DETERMINISTIC_DSA(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160
+key_derivation_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DETERMINISTIC_DSA(SHA_1): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1
+hash_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with AES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with DES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DETERMINISTIC_DSA(SHA_1): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1
+key_derivation_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DETERMINISTIC_DSA(SHA_224): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224
+hash_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with AES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with DES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DETERMINISTIC_DSA(SHA_224): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224
+key_derivation_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DETERMINISTIC_DSA(SHA_256): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256
+hash_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with AES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with DES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DETERMINISTIC_DSA(SHA_256): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256
+key_derivation_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DETERMINISTIC_DSA(SHA_384): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384
+hash_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with AES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with DES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DETERMINISTIC_DSA(SHA_384): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384
+key_derivation_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DETERMINISTIC_DSA(SHA_512): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512
+hash_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with AES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with DES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DETERMINISTIC_DSA(SHA_512): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512
+key_derivation_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DETERMINISTIC_ECDSA(MD2): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2
+hash_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with AES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with DES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): public with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): public with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): public with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): public with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): public with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD2): public with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DETERMINISTIC_ECDSA(MD2): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2
+key_derivation_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DETERMINISTIC_ECDSA(MD4): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4
+hash_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with AES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with DES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): public with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): public with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): public with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): public with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): public with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD4): public with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DETERMINISTIC_ECDSA(MD4): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4
+key_derivation_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DETERMINISTIC_ECDSA(MD5): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5
+hash_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with AES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with DES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): public with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): public with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): public with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): public with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): public with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(MD5): public with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DETERMINISTIC_ECDSA(MD5): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5
+key_derivation_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DETERMINISTIC_ECDSA(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160
+hash_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with AES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with DES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DETERMINISTIC_ECDSA(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160
+key_derivation_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DETERMINISTIC_ECDSA(SHA_1): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1
+hash_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with AES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with DES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DETERMINISTIC_ECDSA(SHA_1): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1
+key_derivation_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DETERMINISTIC_ECDSA(SHA_224): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224
+hash_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with AES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with DES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DETERMINISTIC_ECDSA(SHA_224): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224
+key_derivation_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DETERMINISTIC_ECDSA(SHA_256): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256
+hash_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with AES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with DES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DETERMINISTIC_ECDSA(SHA_256): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256
+key_derivation_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DETERMINISTIC_ECDSA(SHA_384): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384
+hash_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with AES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with DES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DETERMINISTIC_ECDSA(SHA_384): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384
+key_derivation_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DETERMINISTIC_ECDSA(SHA_512): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512
+hash_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with AES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with DES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DETERMINISTIC_ECDSA(SHA_512): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512
+key_derivation_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DETERMINISTIC_ECDSA(ANY_HASH): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA
+hash_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with AES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with DES
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DETERMINISTIC_ECDSA(ANY_HASH): invalid
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA
+key_derivation_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DSA(MD2): invalid
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2
+hash_fail:PSA_ALG_DSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with AES
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with DES
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD2): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DSA(MD2): invalid
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2
+key_derivation_fail:PSA_ALG_DSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DSA(MD4): invalid
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4
+hash_fail:PSA_ALG_DSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with AES
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with DES
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD4): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DSA(MD4): invalid
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4
+key_derivation_fail:PSA_ALG_DSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DSA(MD5): invalid
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5
+hash_fail:PSA_ALG_DSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with AES
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with DES
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(MD5): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DSA(MD5): invalid
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5
+key_derivation_fail:PSA_ALG_DSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DSA(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160
+hash_fail:PSA_ALG_DSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with AES
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with DES
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(RIPEMD160): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DSA(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160
+key_derivation_fail:PSA_ALG_DSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DSA(SHA_1): invalid
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1
+hash_fail:PSA_ALG_DSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with AES
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with DES
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DSA(SHA_1): invalid
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1
+key_derivation_fail:PSA_ALG_DSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DSA(SHA_224): invalid
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224
+hash_fail:PSA_ALG_DSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with AES
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with DES
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_224): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DSA(SHA_224): invalid
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224
+key_derivation_fail:PSA_ALG_DSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DSA(SHA_256): invalid
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256
+hash_fail:PSA_ALG_DSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with AES
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with DES
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_256): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DSA(SHA_256): invalid
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256
+key_derivation_fail:PSA_ALG_DSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DSA(SHA_384): invalid
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384
+hash_fail:PSA_ALG_DSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with AES
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with DES
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_384): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DSA(SHA_384): invalid
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384
+key_derivation_fail:PSA_ALG_DSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash DSA(SHA_512): invalid
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512
+hash_fail:PSA_ALG_DSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with AES
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with ARC4
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with ARIA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with DES
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with HMAC
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign DSA(SHA_512): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation DSA(SHA_512): invalid
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512
+key_derivation_fail:PSA_ALG_DSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash ECB_NO_PADDING: invalid
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING
+hash_fail:PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECB_NO_PADDING: invalid with AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECB_NO_PADDING: invalid with ARIA
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECB_NO_PADDING: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECB_NO_PADDING: invalid with DES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: !ECB_NO_PADDING with AES
+depends_on:!PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher ECB_NO_PADDING: incompatible with ARC4
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARC4
+cipher_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: !ECB_NO_PADDING with ARIA
+depends_on:!PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher ECB_NO_PADDING: !ECB_NO_PADDING with CAMELLIA
+depends_on:!PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher ECB_NO_PADDING: incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DERIVE
+cipher_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: !ECB_NO_PADDING with DES
+depends_on:!PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher ECB_NO_PADDING: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with HMAC
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_HMAC
+cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA
+cipher_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECB_NO_PADDING: incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECB_NO_PADDING: invalid with AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECB_NO_PADDING: invalid with ARIA
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECB_NO_PADDING: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECB_NO_PADDING: invalid with DES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECB_NO_PADDING: invalid with AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECB_NO_PADDING: invalid with ARIA
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECB_NO_PADDING: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECB_NO_PADDING: invalid with DES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECB_NO_PADDING: invalid with AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECB_NO_PADDING: invalid with ARIA
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECB_NO_PADDING: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECB_NO_PADDING: invalid with DES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation ECB_NO_PADDING: invalid
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING
+key_derivation_fail:PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECB_NO_PADDING: invalid with AES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECB_NO_PADDING: invalid with ARIA
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECB_NO_PADDING: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECB_NO_PADDING: invalid with DES
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash ECDH: invalid
+depends_on:PSA_WANT_ALG_ECDH
+hash_fail:PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDH: invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDH: invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDH: invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDH: invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDH: invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDH: invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDH: invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDH: invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDH: invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDH: invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDH: invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDH: invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDH: invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDH: invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDH: invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDH: invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDH: invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDH: invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDH: invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDH: invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDH: invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDH: invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDH: invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDH: invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDH: invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDH: invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDH: invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDH: invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDH: invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDH: invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDH: invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDH: invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDH: invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDH: invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDH: invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDH: invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDH: invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDH: invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDH: invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDH: invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation ECDH: invalid
+depends_on:PSA_WANT_ALG_ECDH
+key_derivation_fail:PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: incompatible with AES
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: incompatible with ARC4
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ARC4
+key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: incompatible with ARIA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_CHACHA20
+key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_DERIVE
+key_agreement_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: incompatible with DES
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_DES
+key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: !ECDH with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDH:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement ECDH: !ECDH with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDH:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement ECDH: !ECDH with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDH:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement ECDH: !ECDH with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDH:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement ECDH: !ECDH with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDH:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement ECDH: !ECDH with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDH:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement ECDH: !ECDH with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDH:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement ECDH: !ECDH with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDH:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement ECDH: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: incompatible with HMAC
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_HMAC
+key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_agreement_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDH: incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash ECDSA(MD2): invalid
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2
+hash_fail:PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD2): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD2): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD2): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD2): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD2): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD2): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): incompatible with AES
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): incompatible with ARC4
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): incompatible with ARIA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): incompatible with DES
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): !ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): !MD2 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): !ECDSA with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): !ECDSA with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): !ECDSA with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): !ECDSA with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): !ECDSA with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): !ECDSA with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): !ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): !ECDSA with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): public with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): !ECDSA with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): public with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): !ECDSA with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): public with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): !ECDSA with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): public with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): !ECDSA with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): public with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): !ECDSA with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD2): public with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): incompatible with HMAC
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD2): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation ECDSA(MD2): invalid
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2
+key_derivation_fail:PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD2): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD2): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash ECDSA(MD4): invalid
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4
+hash_fail:PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD4): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD4): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD4): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD4): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD4): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD4): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): incompatible with AES
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): incompatible with ARC4
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): incompatible with ARIA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): incompatible with DES
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): !ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): !MD4 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): !ECDSA with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): !ECDSA with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): !ECDSA with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): !ECDSA with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): !ECDSA with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): !ECDSA with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): !ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): !ECDSA with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): public with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): !ECDSA with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): public with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): !ECDSA with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): public with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): !ECDSA with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): public with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): !ECDSA with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): public with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): !ECDSA with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD4): public with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): incompatible with HMAC
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD4): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation ECDSA(MD4): invalid
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4
+key_derivation_fail:PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD4): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD4): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash ECDSA(MD5): invalid
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5
+hash_fail:PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD5): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD5): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD5): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD5): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD5): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD5): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): incompatible with AES
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): incompatible with ARC4
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): incompatible with ARIA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): incompatible with DES
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): !ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): !MD5 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): !ECDSA with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): !ECDSA with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): !ECDSA with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): !ECDSA with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): !ECDSA with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): !ECDSA with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): !ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): !ECDSA with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): public with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): !ECDSA with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): public with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): !ECDSA with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): public with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): !ECDSA with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): public with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): !ECDSA with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): public with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): !ECDSA with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(MD5): public with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): incompatible with HMAC
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(MD5): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation ECDSA(MD5): invalid
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5
+key_derivation_fail:PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD5): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD5): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash ECDSA(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160
+hash_fail:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): incompatible with AES
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): incompatible with ARC4
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): incompatible with ARIA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): incompatible with DES
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): incompatible with HMAC
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(RIPEMD160): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation ECDSA(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160
+key_derivation_fail:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash ECDSA(SHA_1): invalid
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1
+hash_fail:PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_1): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_1): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_1): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): incompatible with AES
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): incompatible with DES
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): !ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): !ECDSA with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): !ECDSA with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): !ECDSA with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): !ECDSA with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): !ECDSA with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): !ECDSA with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): !ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): !ECDSA with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): !ECDSA with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): !ECDSA with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): !ECDSA with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): !ECDSA with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): !ECDSA with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation ECDSA(SHA_1): invalid
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1
+key_derivation_fail:PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_1): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash ECDSA(SHA_224): invalid
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224
+hash_fail:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_224): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_224): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_224): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): incompatible with AES
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): incompatible with ARC4
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): incompatible with ARIA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): incompatible with DES
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): !ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): !ECDSA with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): !ECDSA with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): !ECDSA with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): !ECDSA with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): !ECDSA with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): !ECDSA with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): !ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): !ECDSA with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): !ECDSA with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): !ECDSA with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): !ECDSA with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): !ECDSA with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): !ECDSA with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): incompatible with HMAC
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_224): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation ECDSA(SHA_224): invalid
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224
+key_derivation_fail:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_224): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash ECDSA(SHA_256): invalid
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256
+hash_fail:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_256): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_256): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_256): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): incompatible with AES
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): incompatible with ARC4
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): incompatible with ARIA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): incompatible with DES
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): !ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): !ECDSA with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): !ECDSA with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): !ECDSA with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): !ECDSA with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): !ECDSA with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): !ECDSA with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): !ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): !ECDSA with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): !ECDSA with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): !ECDSA with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): !ECDSA with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): !ECDSA with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): !ECDSA with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): incompatible with HMAC
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_256): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation ECDSA(SHA_256): invalid
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256
+key_derivation_fail:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_256): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash ECDSA(SHA_384): invalid
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384
+hash_fail:PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_384): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_384): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_384): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): incompatible with AES
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): incompatible with ARC4
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): incompatible with ARIA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): incompatible with DES
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): !ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): !ECDSA with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): !ECDSA with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): !ECDSA with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): !ECDSA with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): !ECDSA with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): !ECDSA with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): !ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): !ECDSA with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): !ECDSA with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): !ECDSA with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): !ECDSA with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): !ECDSA with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): !ECDSA with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): incompatible with HMAC
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_384): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation ECDSA(SHA_384): invalid
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384
+key_derivation_fail:PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_384): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash ECDSA(SHA_512): invalid
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512
+hash_fail:PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_512): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_512): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_512): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): incompatible with AES
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): incompatible with ARC4
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): incompatible with ARIA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): incompatible with DES
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): !ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): !ECDSA with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): !ECDSA with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): !ECDSA with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): !ECDSA with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): !ECDSA with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): !ECDSA with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): !ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): !ECDSA with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): !ECDSA with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): !ECDSA with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): !ECDSA with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): !ECDSA with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): !ECDSA with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): incompatible with HMAC
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(SHA_512): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation ECDSA(SHA_512): invalid
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512
+key_derivation_fail:PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_512): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash ECDSA(ANY_HASH): invalid
+depends_on:PSA_WANT_ALG_ECDSA
+hash_fail:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with AES
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with ARC4
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with ARIA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with DES
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with HMAC
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA(ANY_HASH): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation ECDSA(ANY_HASH): invalid
+depends_on:PSA_WANT_ALG_ECDSA
+key_derivation_fail:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash ECDSA_ANY: invalid
+depends_on:PSA_WANT_ALG_ECDSA_ANY
+hash_fail:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA_ANY: invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA_ANY: invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA_ANY: invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA_ANY: invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA_ANY: invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA_ANY: invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: incompatible with AES
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: incompatible with ARC4
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: incompatible with ARIA
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: incompatible with DES
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA_ANY: incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA_ANY: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA_ANY: public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA_ANY:1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA_ANY: public with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA_ANY:1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA_ANY: public with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA_ANY:1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA_ANY: public with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA_ANY:1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA_ANY: public with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA_ANY:1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA_ANY: public with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA_ANY:1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ECDSA_ANY: public with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA_ANY:1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: incompatible with HMAC
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA_ANY: incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation ECDSA_ANY: invalid
+depends_on:PSA_WANT_ALG_ECDSA_ANY
+key_derivation_fail:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA_ANY: invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA_ANY: invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash ED25519PH: invalid
+depends_on:PSA_WANT_ALG_ED25519PH
+hash_fail:PSA_ALG_ED25519PH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ED25519PH: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED25519PH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ED25519PH: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED25519PH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ED25519PH: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED25519PH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ED25519PH: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED25519PH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ED25519PH: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED25519PH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ED25519PH: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED25519PH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with AES
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with ARC4
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with ARIA
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with DES
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: !ED25519PH with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:!PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED25519PH:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ED25519PH: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: !ED25519PH with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:!PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED25519PH:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ED25519PH: public with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED25519PH:1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with HMAC
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED25519PH: incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ED25519PH: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ED25519PH: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation ED25519PH: invalid
+depends_on:PSA_WANT_ALG_ED25519PH
+key_derivation_fail:PSA_ALG_ED25519PH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ED25519PH: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ED25519PH: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash ED448PH: invalid
+depends_on:PSA_WANT_ALG_ED448PH
+hash_fail:PSA_ALG_ED448PH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ED448PH: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED448PH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac ED448PH: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED448PH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ED448PH: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED448PH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher ED448PH: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED448PH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ED448PH: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED448PH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead ED448PH: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED448PH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with AES
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with ARC4
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with ARIA
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with DES
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: !ED448PH with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:!PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED448PH:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ED448PH: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: !ED448PH with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:!PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED448PH:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign ED448PH: public with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED448PH:1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with HMAC
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ED448PH: incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ED448PH: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption ED448PH: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation ED448PH: invalid
+depends_on:PSA_WANT_ALG_ED448PH
+key_derivation_fail:PSA_ALG_ED448PH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ED448PH: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement ED448PH: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash FFDH: invalid
+depends_on:PSA_WANT_ALG_FFDH
+hash_fail:PSA_ALG_FFDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation FFDH: invalid
+depends_on:PSA_WANT_ALG_FFDH
+key_derivation_fail:PSA_ALG_FFDH:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with AES
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with ARC4
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_ARC4
+key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with ARIA
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_CHACHA20
+key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DERIVE
+key_agreement_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with DES
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DES
+key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with HMAC
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_HMAC
+key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_agreement_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement FFDH: incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash GCM: invalid
+depends_on:PSA_WANT_ALG_GCM
+hash_fail:PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac GCM: invalid with AES
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac GCM: invalid with ARIA
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac GCM: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher GCM: invalid with AES
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher GCM: invalid with ARIA
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA
+cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher GCM: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA
+cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: !GCM with AES
+depends_on:!PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_NOT_SUPPORTED
+
+PSA aead GCM: incompatible with ARC4
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARC4
+aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: !GCM with ARIA
+depends_on:!PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_NOT_SUPPORTED
+
+PSA aead GCM: !GCM with CAMELLIA
+depends_on:!PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_NOT_SUPPORTED
+
+PSA aead GCM: incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CHACHA20
+aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_DERIVE
+aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with DES
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_DES
+aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with HMAC
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead GCM: incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign GCM: invalid with AES
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_GCM:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign GCM: invalid with ARIA
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign GCM: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption GCM: invalid with AES
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_GCM:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption GCM: invalid with ARIA
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption GCM: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation GCM: invalid
+depends_on:PSA_WANT_ALG_GCM
+key_derivation_fail:PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement GCM: invalid with AES
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_GCM:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement GCM: invalid with ARIA
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement GCM: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash HKDF(MD2): invalid
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD2
+hash_fail:PSA_ALG_HKDF(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation HKDF(MD2): !HKDF
+depends_on:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD2
+key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation HKDF(MD2): !MD2
+depends_on:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_MD2
+key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash HKDF(MD4): invalid
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD4
+hash_fail:PSA_ALG_HKDF(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation HKDF(MD4): !HKDF
+depends_on:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD4
+key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_MD4):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation HKDF(MD4): !MD4
+depends_on:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_MD4
+key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_MD4):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash HKDF(MD5): invalid
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5
+hash_fail:PSA_ALG_HKDF(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation HKDF(MD5): !HKDF
+depends_on:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5
+key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation HKDF(MD5): !MD5
+depends_on:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_MD5
+key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash HKDF(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160
+hash_fail:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation HKDF(RIPEMD160): !HKDF
+depends_on:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160
+key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation HKDF(RIPEMD160): !RIPEMD160
+depends_on:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_RIPEMD160
+key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash HKDF(SHA_1): invalid
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1
+hash_fail:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation HKDF(SHA_1): !HKDF
+depends_on:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1
+key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation HKDF(SHA_1): !SHA_1
+depends_on:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_1
+key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash HKDF(SHA_224): invalid
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224
+hash_fail:PSA_ALG_HKDF(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation HKDF(SHA_224): !HKDF
+depends_on:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224
+key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_SHA_224):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation HKDF(SHA_224): !SHA_224
+depends_on:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_224
+key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_SHA_224):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash HKDF(SHA_256): invalid
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+hash_fail:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation HKDF(SHA_256): !HKDF
+depends_on:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation HKDF(SHA_256): !SHA_256
+depends_on:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256
+key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash HKDF(SHA_384): invalid
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384
+hash_fail:PSA_ALG_HKDF(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation HKDF(SHA_384): !HKDF
+depends_on:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384
+key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_SHA_384):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation HKDF(SHA_384): !SHA_384
+depends_on:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384
+key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_SHA_384):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash HKDF(SHA_512): invalid
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512
+hash_fail:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation HKDF(SHA_512): !HKDF
+depends_on:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512
+key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation HKDF(SHA_512): !SHA_512
+depends_on:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_512
+key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash HMAC(MD2): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2
+hash_fail:PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): !HMAC with HMAC
+depends_on:!PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac HMAC(MD2): !MD2 with HMAC
+depends_on:PSA_WANT_ALG_HMAC:!PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac HMAC(MD2): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD2): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher HMAC(MD2): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead HMAC(MD2): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign HMAC(MD2): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption HMAC(MD2): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation HMAC(MD2): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2
+key_derivation_fail:PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement HMAC(MD2): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash HMAC(MD4): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4
+hash_fail:PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): !HMAC with HMAC
+depends_on:!PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac HMAC(MD4): !MD4 with HMAC
+depends_on:PSA_WANT_ALG_HMAC:!PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac HMAC(MD4): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD4): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher HMAC(MD4): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead HMAC(MD4): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign HMAC(MD4): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption HMAC(MD4): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation HMAC(MD4): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4
+key_derivation_fail:PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement HMAC(MD4): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash HMAC(MD5): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5
+hash_fail:PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): !HMAC with HMAC
+depends_on:!PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac HMAC(MD5): !MD5 with HMAC
+depends_on:PSA_WANT_ALG_HMAC:!PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac HMAC(MD5): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(MD5): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher HMAC(MD5): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead HMAC(MD5): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign HMAC(MD5): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption HMAC(MD5): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation HMAC(MD5): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5
+key_derivation_fail:PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement HMAC(MD5): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash HMAC(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160
+hash_fail:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): !HMAC with HMAC
+depends_on:!PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac HMAC(RIPEMD160): !RIPEMD160 with HMAC
+depends_on:PSA_WANT_ALG_HMAC:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac HMAC(RIPEMD160): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(RIPEMD160): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher HMAC(RIPEMD160): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead HMAC(RIPEMD160): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign HMAC(RIPEMD160): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption HMAC(RIPEMD160): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation HMAC(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160
+key_derivation_fail:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement HMAC(RIPEMD160): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash HMAC(SHA_1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1
+hash_fail:PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): !HMAC with HMAC
+depends_on:!PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac HMAC(SHA_1): !SHA_1 with HMAC
+depends_on:PSA_WANT_ALG_HMAC:!PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac HMAC(SHA_1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher HMAC(SHA_1): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead HMAC(SHA_1): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign HMAC(SHA_1): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption HMAC(SHA_1): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation HMAC(SHA_1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1
+key_derivation_fail:PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement HMAC(SHA_1): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash HMAC(SHA_224): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224
+hash_fail:PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): !HMAC with HMAC
+depends_on:!PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac HMAC(SHA_224): !SHA_224 with HMAC
+depends_on:PSA_WANT_ALG_HMAC:!PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac HMAC(SHA_224): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_224): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher HMAC(SHA_224): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead HMAC(SHA_224): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign HMAC(SHA_224): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption HMAC(SHA_224): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation HMAC(SHA_224): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224
+key_derivation_fail:PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement HMAC(SHA_224): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash HMAC(SHA_256): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256
+hash_fail:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): !HMAC with HMAC
+depends_on:!PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac HMAC(SHA_256): !SHA_256 with HMAC
+depends_on:PSA_WANT_ALG_HMAC:!PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac HMAC(SHA_256): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_256): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher HMAC(SHA_256): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead HMAC(SHA_256): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign HMAC(SHA_256): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption HMAC(SHA_256): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation HMAC(SHA_256): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256
+key_derivation_fail:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement HMAC(SHA_256): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash HMAC(SHA_384): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384
+hash_fail:PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): !HMAC with HMAC
+depends_on:!PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac HMAC(SHA_384): !SHA_384 with HMAC
+depends_on:PSA_WANT_ALG_HMAC:!PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac HMAC(SHA_384): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_384): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher HMAC(SHA_384): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead HMAC(SHA_384): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign HMAC(SHA_384): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption HMAC(SHA_384): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation HMAC(SHA_384): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384
+key_derivation_fail:PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement HMAC(SHA_384): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash HMAC(SHA_512): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512
+hash_fail:PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): !HMAC with HMAC
+depends_on:!PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac HMAC(SHA_512): !SHA_512 with HMAC
+depends_on:PSA_WANT_ALG_HMAC:!PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac HMAC(SHA_512): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac HMAC(SHA_512): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher HMAC(SHA_512): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead HMAC(SHA_512): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign HMAC(SHA_512): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption HMAC(SHA_512): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation HMAC(SHA_512): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512
+key_derivation_fail:PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement HMAC(SHA_512): invalid with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+hash_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !ECDH
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !HKDF
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !SHA_256
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with AES
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ARC4
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4
+key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ARIA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20
+key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE
+key_agreement_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with DES
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES
+key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !ECDH with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !HKDF with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !ECDH with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !HKDF with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !HKDF with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !HKDF with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !HKDF with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !HKDF with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !HKDF with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !HKDF with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with HMAC
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_agreement_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash KEY_AGREEMENT(FFDH,HKDF(SHA_256)): invalid
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+hash_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation KEY_AGREEMENT(FFDH,HKDF(SHA_256)): !FFDH
+depends_on:!PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation KEY_AGREEMENT(FFDH,HKDF(SHA_256)): !HKDF
+depends_on:PSA_WANT_ALG_FFDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation KEY_AGREEMENT(FFDH,HKDF(SHA_256)): !SHA_256
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with AES
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ARC4
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4
+key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ARIA
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20
+key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE
+key_agreement_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with DES
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES
+key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with HMAC
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_agreement_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384
+hash_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !ECDH
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !HKDF
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !SHA_384
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with AES
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ARC4
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4
+key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ARIA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20
+key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE
+key_agreement_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with DES
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES
+key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !ECDH with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !HKDF with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !ECDH with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !HKDF with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !HKDF with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !HKDF with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !HKDF with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !HKDF with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !HKDF with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !HKDF with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with HMAC
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_agreement_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+hash_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !ECDH
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !SHA_256
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !TLS12_PRF
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with AES
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ARC4
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_ARC4
+key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ARIA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_CHACHA20
+key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_DERIVE
+key_agreement_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with DES
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_DES
+key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !ECDH with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !TLS12_PRF with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !ECDH with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !TLS12_PRF with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !TLS12_PRF with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !TLS12_PRF with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !TLS12_PRF with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !TLS12_PRF with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !TLS12_PRF with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !TLS12_PRF with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with HMAC
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_HMAC
+key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_agreement_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF
+hash_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !ECDH
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !SHA_384
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !TLS12_PRF
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with AES
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ARC4
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_ARC4
+key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ARIA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_CHACHA20
+key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_DERIVE
+key_agreement_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with DES
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_DES
+key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !ECDH with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !TLS12_PRF with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !ECDH with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !TLS12_PRF with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !TLS12_PRF with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !TLS12_PRF with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !TLS12_PRF with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !TLS12_PRF with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !TLS12_PRF with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !TLS12_PRF with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with HMAC
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_HMAC
+key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_agreement_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS
+hash_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !ECDH
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !SHA_256
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !TLS12_PSK_TO_MS
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with AES
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ARC4
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_ARC4
+key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ARIA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_CHACHA20
+key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_DERIVE
+key_agreement_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with DES
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_DES
+key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !ECDH with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !SHA_256 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !ECDH with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !SHA_256 with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !ECDH with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !ECDH with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !ECDH with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !ECDH with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !ECDH with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !ECDH with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with HMAC
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_HMAC
+key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_agreement_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS
+hash_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !ECDH
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !SHA_384
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !TLS12_PSK_TO_MS
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with AES
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ARC4
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_ARC4
+key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ARIA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_CHACHA20
+key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_DERIVE
+key_agreement_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with DES
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_DES
+key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !ECDH with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !SHA_384 with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !ECDH with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !SHA_384 with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !ECDH with ECC_KEY_PAIR(SECP_K1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !ECDH with ECC_KEY_PAIR(SECP_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !ECDH with ECC_KEY_PAIR(SECP_R2)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !ECDH with ECC_KEY_PAIR(SECT_K1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !ECDH with ECC_KEY_PAIR(SECT_R1)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !ECDH with ECC_KEY_PAIR(SECT_R2)
+depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with HMAC
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_HMAC
+key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_agreement_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash KEY_AGREEMENT(FFDH,HKDF(SHA_384)): invalid
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384
+hash_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation KEY_AGREEMENT(FFDH,HKDF(SHA_384)): !FFDH
+depends_on:!PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation KEY_AGREEMENT(FFDH,HKDF(SHA_384)): !HKDF
+depends_on:PSA_WANT_ALG_FFDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation KEY_AGREEMENT(FFDH,HKDF(SHA_384)): !SHA_384
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384
+key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with AES
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ARC4
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4
+key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ARIA
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20
+key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE
+key_agreement_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with DES
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES
+key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with HMAC
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_agreement_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash MD2: !MD2
+depends_on:!PSA_WANT_ALG_MD2
+hash_fail:PSA_ALG_MD2:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation MD2: invalid
+depends_on:PSA_WANT_ALG_MD2
+key_derivation_fail:PSA_ALG_MD2:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash MD4: !MD4
+depends_on:!PSA_WANT_ALG_MD4
+hash_fail:PSA_ALG_MD4:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation MD4: invalid
+depends_on:PSA_WANT_ALG_MD4
+key_derivation_fail:PSA_ALG_MD4:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash MD5: !MD5
+depends_on:!PSA_WANT_ALG_MD5
+hash_fail:PSA_ALG_MD5:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation MD5: invalid
+depends_on:PSA_WANT_ALG_MD5
+key_derivation_fail:PSA_ALG_MD5:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash OFB: invalid
+depends_on:PSA_WANT_ALG_OFB
+hash_fail:PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac OFB: invalid with AES
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: !OFB with AES
+depends_on:!PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES
+cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_OFB:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher OFB: incompatible with ARC4
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_ARC4
+cipher_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with ARIA
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_ARIA
+cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_CAMELLIA
+cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_DERIVE
+cipher_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with DES
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_DES
+cipher_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with HMAC
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_HMAC
+cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA
+cipher_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher OFB: incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead OFB: invalid with AES
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign OFB: invalid with AES
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_OFB:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption OFB: invalid with AES
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_OFB:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation OFB: invalid
+depends_on:PSA_WANT_ALG_OFB
+key_derivation_fail:PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement OFB: invalid with AES
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_OFB:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash PURE_EDDSA: invalid
+depends_on:PSA_WANT_ALG_PURE_EDDSA
+hash_fail:PSA_ALG_PURE_EDDSA:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac PURE_EDDSA: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_PURE_EDDSA:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac PURE_EDDSA: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_PURE_EDDSA:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher PURE_EDDSA: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_PURE_EDDSA:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher PURE_EDDSA: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_PURE_EDDSA:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead PURE_EDDSA: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_PURE_EDDSA:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead PURE_EDDSA: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_PURE_EDDSA:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with AES
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with ARC4
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with ARIA
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with DES
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: !PURE_EDDSA with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:!PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign PURE_EDDSA: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: !PURE_EDDSA with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:!PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign PURE_EDDSA: public with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_PURE_EDDSA:1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with HMAC
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign PURE_EDDSA: incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption PURE_EDDSA: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption PURE_EDDSA: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation PURE_EDDSA: invalid
+depends_on:PSA_WANT_ALG_PURE_EDDSA
+key_derivation_fail:PSA_ALG_PURE_EDDSA:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement PURE_EDDSA: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement PURE_EDDSA: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RIPEMD160: !RIPEMD160
+depends_on:!PSA_WANT_ALG_RIPEMD160
+hash_fail:PSA_ALG_RIPEMD160:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation RIPEMD160: invalid
+depends_on:PSA_WANT_ALG_RIPEMD160
+key_derivation_fail:PSA_ALG_RIPEMD160:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_OAEP(MD2): invalid
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP
+hash_fail:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_OAEP(MD2): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_OAEP(MD2): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_OAEP(MD2): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_OAEP(MD2): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_OAEP(MD2): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_OAEP(MD2): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_OAEP(MD2): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_OAEP(MD2): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with AES
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ARC4
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_ARC4
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ARIA
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_CHACHA20
+asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_DERIVE
+asymmetric_encryption_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with DES
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_DES
+asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with HMAC
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_HMAC
+asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+asymmetric_encryption_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD2): !MD2 with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(MD2): !RSA_OAEP with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(MD2): !MD2 with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(MD2): !RSA_OAEP with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(MD2): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_OAEP(MD2): invalid
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP
+key_derivation_fail:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_OAEP(MD2): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_OAEP(MD2): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_OAEP(MD4): invalid
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP
+hash_fail:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_OAEP(MD4): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_OAEP(MD4): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_OAEP(MD4): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_OAEP(MD4): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_OAEP(MD4): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_OAEP(MD4): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_OAEP(MD4): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_OAEP(MD4): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with AES
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ARC4
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_ARC4
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ARIA
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_CHACHA20
+asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_DERIVE
+asymmetric_encryption_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with DES
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_DES
+asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with HMAC
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_HMAC
+asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+asymmetric_encryption_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD4): !MD4 with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(MD4): !RSA_OAEP with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(MD4): !MD4 with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(MD4): !RSA_OAEP with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(MD4): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_OAEP(MD4): invalid
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP
+key_derivation_fail:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_OAEP(MD4): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_OAEP(MD4): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_OAEP(MD5): invalid
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP
+hash_fail:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_OAEP(MD5): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_OAEP(MD5): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_OAEP(MD5): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_OAEP(MD5): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_OAEP(MD5): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_OAEP(MD5): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_OAEP(MD5): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_OAEP(MD5): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with AES
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ARC4
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_ARC4
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ARIA
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_CHACHA20
+asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_DERIVE
+asymmetric_encryption_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with DES
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_DES
+asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with HMAC
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_HMAC
+asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+asymmetric_encryption_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(MD5): !MD5 with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(MD5): !RSA_OAEP with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(MD5): !MD5 with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(MD5): !RSA_OAEP with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(MD5): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_OAEP(MD5): invalid
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP
+key_derivation_fail:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_OAEP(MD5): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_OAEP(MD5): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_OAEP(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP
+hash_fail:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_OAEP(RIPEMD160): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_OAEP(RIPEMD160): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_OAEP(RIPEMD160): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_OAEP(RIPEMD160): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_OAEP(RIPEMD160): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_OAEP(RIPEMD160): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_OAEP(RIPEMD160): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_OAEP(RIPEMD160): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with AES
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_ARC4
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_CHACHA20
+asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_DERIVE
+asymmetric_encryption_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with DES
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_DES
+asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_HMAC
+asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+asymmetric_encryption_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): !RIPEMD160 with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): !RSA_OAEP with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): !RIPEMD160 with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): !RSA_OAEP with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(RIPEMD160): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_OAEP(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP
+key_derivation_fail:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_OAEP(RIPEMD160): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_OAEP(RIPEMD160): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_OAEP(SHA_1): invalid
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1
+hash_fail:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_OAEP(SHA_1): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_OAEP(SHA_1): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_OAEP(SHA_1): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_OAEP(SHA_1): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_OAEP(SHA_1): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_OAEP(SHA_1): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_OAEP(SHA_1): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_OAEP(SHA_1): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20
+asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE
+asymmetric_encryption_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES
+asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+asymmetric_encryption_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): !RSA_OAEP with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): !SHA_1 with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:!PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): !RSA_OAEP with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): !SHA_1 with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:!PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(SHA_1): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_OAEP(SHA_1): invalid
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1
+key_derivation_fail:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_OAEP(SHA_1): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_OAEP(SHA_1): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_OAEP(SHA_224): invalid
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224
+hash_fail:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_OAEP(SHA_224): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_OAEP(SHA_224): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_OAEP(SHA_224): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_OAEP(SHA_224): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_OAEP(SHA_224): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_OAEP(SHA_224): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_OAEP(SHA_224): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_OAEP(SHA_224): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20
+asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE
+asymmetric_encryption_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES
+asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+asymmetric_encryption_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): !RSA_OAEP with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): !SHA_224 with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:!PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): !RSA_OAEP with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): !SHA_224 with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:!PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(SHA_224): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_OAEP(SHA_224): invalid
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224
+key_derivation_fail:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_OAEP(SHA_224): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_OAEP(SHA_224): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_OAEP(SHA_256): invalid
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256
+hash_fail:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_OAEP(SHA_256): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_OAEP(SHA_256): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_OAEP(SHA_256): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_OAEP(SHA_256): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_OAEP(SHA_256): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_OAEP(SHA_256): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_OAEP(SHA_256): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_OAEP(SHA_256): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20
+asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE
+asymmetric_encryption_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES
+asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+asymmetric_encryption_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): !RSA_OAEP with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): !SHA_256 with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:!PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): !RSA_OAEP with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): !SHA_256 with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:!PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(SHA_256): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_OAEP(SHA_256): invalid
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256
+key_derivation_fail:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_OAEP(SHA_256): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_OAEP(SHA_256): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_OAEP(SHA_384): invalid
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384
+hash_fail:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_OAEP(SHA_384): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_OAEP(SHA_384): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_OAEP(SHA_384): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_OAEP(SHA_384): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_OAEP(SHA_384): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_OAEP(SHA_384): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_OAEP(SHA_384): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_OAEP(SHA_384): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20
+asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE
+asymmetric_encryption_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES
+asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+asymmetric_encryption_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): !RSA_OAEP with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): !SHA_384 with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:!PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): !RSA_OAEP with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): !SHA_384 with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:!PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(SHA_384): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_OAEP(SHA_384): invalid
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384
+key_derivation_fail:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_OAEP(SHA_384): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_OAEP(SHA_384): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_OAEP(SHA_512): invalid
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512
+hash_fail:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_OAEP(SHA_512): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_OAEP(SHA_512): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_OAEP(SHA_512): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_OAEP(SHA_512): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_OAEP(SHA_512): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_OAEP(SHA_512): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_OAEP(SHA_512): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_OAEP(SHA_512): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20
+asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE
+asymmetric_encryption_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES
+asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+asymmetric_encryption_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): !RSA_OAEP with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): !SHA_512 with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:!PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): !RSA_OAEP with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): !SHA_512 with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:!PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_OAEP(SHA_512): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_OAEP(SHA_512): invalid
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512
+key_derivation_fail:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_OAEP(SHA_512): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_OAEP(SHA_512): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PKCS1V15_CRYPT: invalid
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT
+hash_fail:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_CRYPT: invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_CRYPT: invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_CRYPT: invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_CRYPT: invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_CRYPT: invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_CRYPT: invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_CRYPT: invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_CRYPT: invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_ARC4
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_CHACHA20
+asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_DERIVE
+asymmetric_encryption_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_DES
+asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_HMAC
+asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA
+asymmetric_encryption_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: !RSA_PKCS1V15_CRYPT with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: !RSA_PKCS1V15_CRYPT with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PKCS1V15_CRYPT: invalid
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT
+key_derivation_fail:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_CRYPT: invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_CRYPT: invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PKCS1V15_SIGN(MD2): invalid
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN
+hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_SIGN(MD2): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_SIGN(MD2): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_SIGN(MD2): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_SIGN(MD2): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_SIGN(MD2): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_SIGN(MD2): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with AES
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ARC4
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ARIA
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with DES
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with HMAC
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): !MD2 with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): !RSA_PKCS1V15_SIGN with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): !MD2 with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): !RSA_PKCS1V15_SIGN with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(MD2): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_SIGN(MD2): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_SIGN(MD2): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PKCS1V15_SIGN(MD2): invalid
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN
+key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_SIGN(MD2): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_SIGN(MD2): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PKCS1V15_SIGN(MD4): invalid
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN
+hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_SIGN(MD4): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_SIGN(MD4): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_SIGN(MD4): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_SIGN(MD4): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_SIGN(MD4): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_SIGN(MD4): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with AES
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ARC4
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ARIA
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with DES
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with HMAC
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): !MD4 with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): !RSA_PKCS1V15_SIGN with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): !MD4 with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): !RSA_PKCS1V15_SIGN with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(MD4): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_SIGN(MD4): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_SIGN(MD4): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PKCS1V15_SIGN(MD4): invalid
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN
+key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_SIGN(MD4): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_SIGN(MD4): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PKCS1V15_SIGN(MD5): invalid
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN
+hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_SIGN(MD5): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_SIGN(MD5): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_SIGN(MD5): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_SIGN(MD5): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_SIGN(MD5): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_SIGN(MD5): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with AES
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ARC4
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ARIA
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with DES
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with HMAC
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): !MD5 with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): !RSA_PKCS1V15_SIGN with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): !MD5 with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): !RSA_PKCS1V15_SIGN with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(MD5): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_SIGN(MD5): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_SIGN(MD5): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PKCS1V15_SIGN(MD5): invalid
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN
+key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_SIGN(MD5): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_SIGN(MD5): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PKCS1V15_SIGN(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN
+hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_SIGN(RIPEMD160): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_SIGN(RIPEMD160): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_SIGN(RIPEMD160): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_SIGN(RIPEMD160): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_SIGN(RIPEMD160): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_SIGN(RIPEMD160): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with AES
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with DES
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): !RIPEMD160 with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): !RSA_PKCS1V15_SIGN with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): !RIPEMD160 with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): !RSA_PKCS1V15_SIGN with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_SIGN(RIPEMD160): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_SIGN(RIPEMD160): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PKCS1V15_SIGN(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN
+key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_SIGN(RIPEMD160): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_SIGN(RIPEMD160): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PKCS1V15_SIGN(SHA_1): invalid
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1
+hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_SIGN(SHA_1): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_SIGN(SHA_1): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_SIGN(SHA_1): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_SIGN(SHA_1): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_SIGN(SHA_1): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_SIGN(SHA_1): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): !RSA_PKCS1V15_SIGN with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): !SHA_1 with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:!PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): !RSA_PKCS1V15_SIGN with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): !SHA_1 with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:!PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_1): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_SIGN(SHA_1): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_SIGN(SHA_1): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PKCS1V15_SIGN(SHA_1): invalid
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1
+key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_SIGN(SHA_1): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_SIGN(SHA_1): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PKCS1V15_SIGN(SHA_224): invalid
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224
+hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_SIGN(SHA_224): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_SIGN(SHA_224): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_SIGN(SHA_224): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_SIGN(SHA_224): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_SIGN(SHA_224): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_SIGN(SHA_224): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): !RSA_PKCS1V15_SIGN with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): !SHA_224 with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:!PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): !RSA_PKCS1V15_SIGN with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): !SHA_224 with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:!PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_224): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_SIGN(SHA_224): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_SIGN(SHA_224): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PKCS1V15_SIGN(SHA_224): invalid
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224
+key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_SIGN(SHA_224): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_SIGN(SHA_224): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PKCS1V15_SIGN(SHA_256): invalid
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256
+hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_SIGN(SHA_256): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_SIGN(SHA_256): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_SIGN(SHA_256): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_SIGN(SHA_256): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_SIGN(SHA_256): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_SIGN(SHA_256): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): !RSA_PKCS1V15_SIGN with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): !SHA_256 with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:!PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): !RSA_PKCS1V15_SIGN with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): !SHA_256 with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:!PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_256): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_SIGN(SHA_256): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_SIGN(SHA_256): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PKCS1V15_SIGN(SHA_256): invalid
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256
+key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_SIGN(SHA_256): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_SIGN(SHA_256): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PKCS1V15_SIGN(SHA_384): invalid
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384
+hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_SIGN(SHA_384): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_SIGN(SHA_384): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_SIGN(SHA_384): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_SIGN(SHA_384): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_SIGN(SHA_384): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_SIGN(SHA_384): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): !RSA_PKCS1V15_SIGN with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): !SHA_384 with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:!PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): !RSA_PKCS1V15_SIGN with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): !SHA_384 with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:!PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_384): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_SIGN(SHA_384): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_SIGN(SHA_384): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PKCS1V15_SIGN(SHA_384): invalid
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384
+key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_SIGN(SHA_384): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_SIGN(SHA_384): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PKCS1V15_SIGN(SHA_512): invalid
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512
+hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_SIGN(SHA_512): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_SIGN(SHA_512): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_SIGN(SHA_512): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_SIGN(SHA_512): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_SIGN(SHA_512): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_SIGN(SHA_512): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): !RSA_PKCS1V15_SIGN with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): !SHA_512 with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:!PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): !RSA_PKCS1V15_SIGN with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): !SHA_512 with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:!PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN(SHA_512): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_SIGN(SHA_512): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_SIGN(SHA_512): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PKCS1V15_SIGN(SHA_512): invalid
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512
+key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_SIGN(SHA_512): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_SIGN(SHA_512): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PKCS1V15_SIGN(ANY_HASH): invalid
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN
+hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PKCS1V15_SIGN(ANY_HASH): invalid
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN
+key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PKCS1V15_SIGN_RAW: invalid
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW
+hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_SIGN_RAW: invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PKCS1V15_SIGN_RAW: invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_SIGN_RAW: invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PKCS1V15_SIGN_RAW: invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_SIGN_RAW: invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PKCS1V15_SIGN_RAW: invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: !RSA_PKCS1V15_SIGN_RAW with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: !RSA_PKCS1V15_SIGN_RAW with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PKCS1V15_SIGN_RAW: public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_SIGN_RAW: invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PKCS1V15_SIGN_RAW: invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PKCS1V15_SIGN_RAW: invalid
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW
+key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_SIGN_RAW: invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PKCS1V15_SIGN_RAW: invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PSS(MD2): invalid
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS
+hash_fail:PSA_ALG_RSA_PSS(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS(MD2): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS(MD2): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS(MD2): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS(MD2): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS(MD2): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS(MD2): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with AES
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with ARC4
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with ARIA
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with DES
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with HMAC
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD2): !MD2 with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(MD2): !RSA_PSS with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(MD2): !MD2 with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(MD2): !RSA_PSS with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(MD2): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS(MD2): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS(MD2): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PSS(MD2): invalid
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS
+key_derivation_fail:PSA_ALG_RSA_PSS(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS(MD2): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS(MD2): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PSS(MD4): invalid
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS
+hash_fail:PSA_ALG_RSA_PSS(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS(MD4): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS(MD4): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS(MD4): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS(MD4): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS(MD4): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS(MD4): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with AES
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with ARC4
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with ARIA
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with DES
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with HMAC
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD4): !MD4 with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(MD4): !RSA_PSS with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(MD4): !MD4 with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(MD4): !RSA_PSS with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(MD4): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS(MD4): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS(MD4): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PSS(MD4): invalid
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS
+key_derivation_fail:PSA_ALG_RSA_PSS(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS(MD4): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS(MD4): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PSS(MD5): invalid
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS
+hash_fail:PSA_ALG_RSA_PSS(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS(MD5): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS(MD5): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS(MD5): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS(MD5): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS(MD5): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS(MD5): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with AES
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with ARC4
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with ARIA
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with DES
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with HMAC
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(MD5): !MD5 with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(MD5): !RSA_PSS with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(MD5): !MD5 with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(MD5): !RSA_PSS with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(MD5): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS(MD5): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS(MD5): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PSS(MD5): invalid
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS
+key_derivation_fail:PSA_ALG_RSA_PSS(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS(MD5): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS(MD5): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PSS(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS
+hash_fail:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS(RIPEMD160): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS(RIPEMD160): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS(RIPEMD160): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS(RIPEMD160): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS(RIPEMD160): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS(RIPEMD160): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with AES
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with DES
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(RIPEMD160): !RIPEMD160 with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(RIPEMD160): !RSA_PSS with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(RIPEMD160): !RIPEMD160 with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(RIPEMD160): !RSA_PSS with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(RIPEMD160): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS(RIPEMD160): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS(RIPEMD160): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PSS(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS
+key_derivation_fail:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS(RIPEMD160): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS(RIPEMD160): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PSS(SHA_1): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1
+hash_fail:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS(SHA_1): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS(SHA_1): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS(SHA_1): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS(SHA_1): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS(SHA_1): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS(SHA_1): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_1): !RSA_PSS with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(SHA_1): !SHA_1 with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:!PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(SHA_1): !RSA_PSS with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(SHA_1): !SHA_1 with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:!PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(SHA_1): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS(SHA_1): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS(SHA_1): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PSS(SHA_1): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1
+key_derivation_fail:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS(SHA_1): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS(SHA_1): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PSS(SHA_224): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224
+hash_fail:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS(SHA_224): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS(SHA_224): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS(SHA_224): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS(SHA_224): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS(SHA_224): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS(SHA_224): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_224): !RSA_PSS with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(SHA_224): !SHA_224 with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:!PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(SHA_224): !RSA_PSS with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(SHA_224): !SHA_224 with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:!PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(SHA_224): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS(SHA_224): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS(SHA_224): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PSS(SHA_224): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224
+key_derivation_fail:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS(SHA_224): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS(SHA_224): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PSS(SHA_256): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256
+hash_fail:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS(SHA_256): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS(SHA_256): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS(SHA_256): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS(SHA_256): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS(SHA_256): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS(SHA_256): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_256): !RSA_PSS with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(SHA_256): !SHA_256 with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:!PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(SHA_256): !RSA_PSS with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(SHA_256): !SHA_256 with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:!PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(SHA_256): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS(SHA_256): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS(SHA_256): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PSS(SHA_256): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256
+key_derivation_fail:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS(SHA_256): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS(SHA_256): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PSS(SHA_384): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384
+hash_fail:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS(SHA_384): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS(SHA_384): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS(SHA_384): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS(SHA_384): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS(SHA_384): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS(SHA_384): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_384): !RSA_PSS with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(SHA_384): !SHA_384 with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:!PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(SHA_384): !RSA_PSS with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(SHA_384): !SHA_384 with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:!PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(SHA_384): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS(SHA_384): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS(SHA_384): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PSS(SHA_384): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384
+key_derivation_fail:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS(SHA_384): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS(SHA_384): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PSS(SHA_512): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512
+hash_fail:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS(SHA_512): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS(SHA_512): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS(SHA_512): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS(SHA_512): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS(SHA_512): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS(SHA_512): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(SHA_512): !RSA_PSS with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(SHA_512): !SHA_512 with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:!PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(SHA_512): !RSA_PSS with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(SHA_512): !SHA_512 with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:!PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS(SHA_512): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS(SHA_512): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS(SHA_512): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PSS(SHA_512): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512
+key_derivation_fail:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS(SHA_512): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS(SHA_512): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PSS(ANY_HASH): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS
+hash_fail:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS(ANY_HASH): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PSS(ANY_HASH): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS
+key_derivation_fail:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PSS_ANY_SALT(MD2): invalid
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT
+hash_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS_ANY_SALT(MD2): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS_ANY_SALT(MD2): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS_ANY_SALT(MD2): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS_ANY_SALT(MD2): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS_ANY_SALT(MD2): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS_ANY_SALT(MD2): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with AES
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ARC4
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ARIA
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with DES
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with HMAC
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD2): !MD2 with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(MD2): !RSA_PSS_ANY_SALT with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(MD2): !MD2 with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(MD2): !RSA_PSS_ANY_SALT with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(MD2): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS_ANY_SALT(MD2): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS_ANY_SALT(MD2): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PSS_ANY_SALT(MD2): invalid
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT
+key_derivation_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS_ANY_SALT(MD2): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS_ANY_SALT(MD2): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PSS_ANY_SALT(MD4): invalid
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT
+hash_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS_ANY_SALT(MD4): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS_ANY_SALT(MD4): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS_ANY_SALT(MD4): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS_ANY_SALT(MD4): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS_ANY_SALT(MD4): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS_ANY_SALT(MD4): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with AES
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ARC4
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ARIA
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with DES
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with HMAC
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD4): !MD4 with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(MD4): !RSA_PSS_ANY_SALT with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(MD4): !MD4 with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(MD4): !RSA_PSS_ANY_SALT with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(MD4): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS_ANY_SALT(MD4): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS_ANY_SALT(MD4): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PSS_ANY_SALT(MD4): invalid
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT
+key_derivation_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS_ANY_SALT(MD4): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS_ANY_SALT(MD4): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PSS_ANY_SALT(MD5): invalid
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT
+hash_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS_ANY_SALT(MD5): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS_ANY_SALT(MD5): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS_ANY_SALT(MD5): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS_ANY_SALT(MD5): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS_ANY_SALT(MD5): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS_ANY_SALT(MD5): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with AES
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ARC4
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ARIA
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with DES
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with HMAC
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(MD5): !MD5 with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(MD5): !RSA_PSS_ANY_SALT with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(MD5): !MD5 with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(MD5): !RSA_PSS_ANY_SALT with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(MD5): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS_ANY_SALT(MD5): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS_ANY_SALT(MD5): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PSS_ANY_SALT(MD5): invalid
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT
+key_derivation_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS_ANY_SALT(MD5): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS_ANY_SALT(MD5): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PSS_ANY_SALT(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT
+hash_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS_ANY_SALT(RIPEMD160): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS_ANY_SALT(RIPEMD160): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS_ANY_SALT(RIPEMD160): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS_ANY_SALT(RIPEMD160): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS_ANY_SALT(RIPEMD160): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS_ANY_SALT(RIPEMD160): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with AES
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with DES
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): !RIPEMD160 with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): !RSA_PSS_ANY_SALT with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): !RIPEMD160 with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): !RSA_PSS_ANY_SALT with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(RIPEMD160): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS_ANY_SALT(RIPEMD160): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS_ANY_SALT(RIPEMD160): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PSS_ANY_SALT(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT
+key_derivation_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS_ANY_SALT(RIPEMD160): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS_ANY_SALT(RIPEMD160): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PSS_ANY_SALT(SHA_1): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1
+hash_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS_ANY_SALT(SHA_1): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS_ANY_SALT(SHA_1): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS_ANY_SALT(SHA_1): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS_ANY_SALT(SHA_1): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS_ANY_SALT(SHA_1): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS_ANY_SALT(SHA_1): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): !RSA_PSS_ANY_SALT with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): !SHA_1 with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:!PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): !RSA_PSS_ANY_SALT with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): !SHA_1 with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:!PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(SHA_1): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS_ANY_SALT(SHA_1): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS_ANY_SALT(SHA_1): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PSS_ANY_SALT(SHA_1): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1
+key_derivation_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS_ANY_SALT(SHA_1): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS_ANY_SALT(SHA_1): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PSS_ANY_SALT(SHA_224): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224
+hash_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS_ANY_SALT(SHA_224): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS_ANY_SALT(SHA_224): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS_ANY_SALT(SHA_224): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS_ANY_SALT(SHA_224): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS_ANY_SALT(SHA_224): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS_ANY_SALT(SHA_224): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): !RSA_PSS_ANY_SALT with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): !SHA_224 with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:!PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): !RSA_PSS_ANY_SALT with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): !SHA_224 with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:!PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(SHA_224): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS_ANY_SALT(SHA_224): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS_ANY_SALT(SHA_224): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PSS_ANY_SALT(SHA_224): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224
+key_derivation_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS_ANY_SALT(SHA_224): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS_ANY_SALT(SHA_224): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PSS_ANY_SALT(SHA_256): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256
+hash_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS_ANY_SALT(SHA_256): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS_ANY_SALT(SHA_256): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS_ANY_SALT(SHA_256): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS_ANY_SALT(SHA_256): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS_ANY_SALT(SHA_256): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS_ANY_SALT(SHA_256): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): !RSA_PSS_ANY_SALT with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): !SHA_256 with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:!PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): !RSA_PSS_ANY_SALT with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): !SHA_256 with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:!PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(SHA_256): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS_ANY_SALT(SHA_256): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS_ANY_SALT(SHA_256): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PSS_ANY_SALT(SHA_256): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256
+key_derivation_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS_ANY_SALT(SHA_256): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS_ANY_SALT(SHA_256): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PSS_ANY_SALT(SHA_384): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384
+hash_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS_ANY_SALT(SHA_384): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS_ANY_SALT(SHA_384): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS_ANY_SALT(SHA_384): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS_ANY_SALT(SHA_384): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS_ANY_SALT(SHA_384): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS_ANY_SALT(SHA_384): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): !RSA_PSS_ANY_SALT with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): !SHA_384 with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:!PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): !RSA_PSS_ANY_SALT with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): !SHA_384 with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:!PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(SHA_384): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS_ANY_SALT(SHA_384): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS_ANY_SALT(SHA_384): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PSS_ANY_SALT(SHA_384): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384
+key_derivation_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS_ANY_SALT(SHA_384): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS_ANY_SALT(SHA_384): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PSS_ANY_SALT(SHA_512): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512
+hash_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS_ANY_SALT(SHA_512): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac RSA_PSS_ANY_SALT(SHA_512): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS_ANY_SALT(SHA_512): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher RSA_PSS_ANY_SALT(SHA_512): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS_ANY_SALT(SHA_512): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead RSA_PSS_ANY_SALT(SHA_512): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): !RSA_PSS_ANY_SALT with RSA_KEY_PAIR
+depends_on:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): !SHA_512 with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:!PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): !RSA_PSS_ANY_SALT with RSA_PUBLIC_KEY
+depends_on:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): !SHA_512 with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:!PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign RSA_PSS_ANY_SALT(SHA_512): public with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS_ANY_SALT(SHA_512): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption RSA_PSS_ANY_SALT(SHA_512): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PSS_ANY_SALT(SHA_512): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512
+key_derivation_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS_ANY_SALT(SHA_512): invalid with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement RSA_PSS_ANY_SALT(SHA_512): invalid with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash RSA_PSS_ANY_SALT(ANY_HASH): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT
+hash_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with AES
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ARC4
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ARIA
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_DERIVE
+sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with DES
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_DES
+sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with HMAC
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_HMAC
+sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation RSA_PSS_ANY_SALT(ANY_HASH): invalid
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT
+key_derivation_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash SHA3_224: !SHA3_224
+depends_on:!PSA_WANT_ALG_SHA3_224
+hash_fail:PSA_ALG_SHA3_224:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation SHA3_224: invalid
+depends_on:PSA_WANT_ALG_SHA3_224
+key_derivation_fail:PSA_ALG_SHA3_224:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash SHA3_256: !SHA3_256
+depends_on:!PSA_WANT_ALG_SHA3_256
+hash_fail:PSA_ALG_SHA3_256:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation SHA3_256: invalid
+depends_on:PSA_WANT_ALG_SHA3_256
+key_derivation_fail:PSA_ALG_SHA3_256:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash SHA3_384: !SHA3_384
+depends_on:!PSA_WANT_ALG_SHA3_384
+hash_fail:PSA_ALG_SHA3_384:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation SHA3_384: invalid
+depends_on:PSA_WANT_ALG_SHA3_384
+key_derivation_fail:PSA_ALG_SHA3_384:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash SHA3_512: !SHA3_512
+depends_on:!PSA_WANT_ALG_SHA3_512
+hash_fail:PSA_ALG_SHA3_512:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation SHA3_512: invalid
+depends_on:PSA_WANT_ALG_SHA3_512
+key_derivation_fail:PSA_ALG_SHA3_512:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash SHAKE256_512: !SHAKE256_512
+depends_on:!PSA_WANT_ALG_SHAKE256_512
+hash_fail:PSA_ALG_SHAKE256_512:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation SHAKE256_512: invalid
+depends_on:PSA_WANT_ALG_SHAKE256_512
+key_derivation_fail:PSA_ALG_SHAKE256_512:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash SHA_1: !SHA_1
+depends_on:!PSA_WANT_ALG_SHA_1
+hash_fail:PSA_ALG_SHA_1:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation SHA_1: invalid
+depends_on:PSA_WANT_ALG_SHA_1
+key_derivation_fail:PSA_ALG_SHA_1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash SHA_224: !SHA_224
+depends_on:!PSA_WANT_ALG_SHA_224
+hash_fail:PSA_ALG_SHA_224:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation SHA_224: invalid
+depends_on:PSA_WANT_ALG_SHA_224
+key_derivation_fail:PSA_ALG_SHA_224:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash SHA_256: !SHA_256
+depends_on:!PSA_WANT_ALG_SHA_256
+hash_fail:PSA_ALG_SHA_256:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation SHA_256: invalid
+depends_on:PSA_WANT_ALG_SHA_256
+key_derivation_fail:PSA_ALG_SHA_256:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash SHA_384: !SHA_384
+depends_on:!PSA_WANT_ALG_SHA_384
+hash_fail:PSA_ALG_SHA_384:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation SHA_384: invalid
+depends_on:PSA_WANT_ALG_SHA_384
+key_derivation_fail:PSA_ALG_SHA_384:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash SHA_512: !SHA_512
+depends_on:!PSA_WANT_ALG_SHA_512
+hash_fail:PSA_ALG_SHA_512:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation SHA_512: invalid
+depends_on:PSA_WANT_ALG_SHA_512
+key_derivation_fail:PSA_ALG_SHA_512:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash SHA_512_224: !SHA_512_224
+depends_on:!PSA_WANT_ALG_SHA_512_224
+hash_fail:PSA_ALG_SHA_512_224:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation SHA_512_224: invalid
+depends_on:PSA_WANT_ALG_SHA_512_224
+key_derivation_fail:PSA_ALG_SHA_512_224:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash SHA_512_256: !SHA_512_256
+depends_on:!PSA_WANT_ALG_SHA_512_256
+hash_fail:PSA_ALG_SHA_512_256:PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation SHA_512_256: invalid
+depends_on:PSA_WANT_ALG_SHA_512_256
+key_derivation_fail:PSA_ALG_SHA_512_256:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash STREAM_CIPHER: invalid
+depends_on:PSA_WANT_ALG_STREAM_CIPHER
+hash_fail:PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac STREAM_CIPHER: invalid with ARC4
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac STREAM_CIPHER: invalid with CHACHA20
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with AES
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_AES
+cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: !STREAM_CIPHER with ARC4
+depends_on:!PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4
+cipher_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_STREAM_CIPHER:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher STREAM_CIPHER: incompatible with ARIA
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARIA
+cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CAMELLIA
+cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: !STREAM_CIPHER with CHACHA20
+depends_on:!PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_STREAM_CIPHER:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher STREAM_CIPHER: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_DERIVE
+cipher_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with DES
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_DES
+cipher_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with HMAC
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_HMAC
+cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA
+cipher_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher STREAM_CIPHER: incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead STREAM_CIPHER: invalid with ARC4
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4
+aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead STREAM_CIPHER: invalid with CHACHA20
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign STREAM_CIPHER: invalid with ARC4
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4
+sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_STREAM_CIPHER:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign STREAM_CIPHER: invalid with CHACHA20
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_STREAM_CIPHER:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption STREAM_CIPHER: invalid with ARC4
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_STREAM_CIPHER:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption STREAM_CIPHER: invalid with CHACHA20
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_STREAM_CIPHER:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation STREAM_CIPHER: invalid
+depends_on:PSA_WANT_ALG_STREAM_CIPHER
+key_derivation_fail:PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement STREAM_CIPHER: invalid with ARC4
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4
+key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_STREAM_CIPHER:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement STREAM_CIPHER: invalid with CHACHA20
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_STREAM_CIPHER:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash TLS12_PRF(MD2): invalid
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PRF
+hash_fail:PSA_ALG_TLS12_PRF(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TLS12_PRF(MD2): !MD2
+depends_on:!PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation TLS12_PRF(MD2): !TLS12_PRF
+depends_on:PSA_WANT_ALG_MD2:!PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash TLS12_PRF(MD4): invalid
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PRF
+hash_fail:PSA_ALG_TLS12_PRF(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TLS12_PRF(MD4): !MD4
+depends_on:!PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_MD4):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation TLS12_PRF(MD4): !TLS12_PRF
+depends_on:PSA_WANT_ALG_MD4:!PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_MD4):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash TLS12_PRF(MD5): invalid
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF
+hash_fail:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TLS12_PRF(MD5): !MD5
+depends_on:!PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation TLS12_PRF(MD5): !TLS12_PRF
+depends_on:PSA_WANT_ALG_MD5:!PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash TLS12_PRF(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF
+hash_fail:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TLS12_PRF(RIPEMD160): !RIPEMD160
+depends_on:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation TLS12_PRF(RIPEMD160): !TLS12_PRF
+depends_on:PSA_WANT_ALG_RIPEMD160:!PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash TLS12_PRF(SHA_1): invalid
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF
+hash_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TLS12_PRF(SHA_1): !SHA_1
+depends_on:!PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation TLS12_PRF(SHA_1): !TLS12_PRF
+depends_on:PSA_WANT_ALG_SHA_1:!PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash TLS12_PRF(SHA_224): invalid
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF
+hash_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TLS12_PRF(SHA_224): !SHA_224
+depends_on:!PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation TLS12_PRF(SHA_224): !TLS12_PRF
+depends_on:PSA_WANT_ALG_SHA_224:!PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash TLS12_PRF(SHA_256): invalid
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+hash_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TLS12_PRF(SHA_256): !SHA_256
+depends_on:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation TLS12_PRF(SHA_256): !TLS12_PRF
+depends_on:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash TLS12_PRF(SHA_384): invalid
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF
+hash_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TLS12_PRF(SHA_384): !SHA_384
+depends_on:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation TLS12_PRF(SHA_384): !TLS12_PRF
+depends_on:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash TLS12_PRF(SHA_512): invalid
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF
+hash_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TLS12_PRF(SHA_512): !SHA_512
+depends_on:!PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation TLS12_PRF(SHA_512): !TLS12_PRF
+depends_on:PSA_WANT_ALG_SHA_512:!PSA_WANT_ALG_TLS12_PRF
+key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash TLS12_PSK_TO_MS(MD2): invalid
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PSK_TO_MS
+hash_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TLS12_PSK_TO_MS(MD2): !MD2
+depends_on:!PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation TLS12_PSK_TO_MS(MD2): !TLS12_PSK_TO_MS
+depends_on:PSA_WANT_ALG_MD2:!PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash TLS12_PSK_TO_MS(MD4): invalid
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PSK_TO_MS
+hash_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TLS12_PSK_TO_MS(MD4): !MD4
+depends_on:!PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD4):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation TLS12_PSK_TO_MS(MD4): !TLS12_PSK_TO_MS
+depends_on:PSA_WANT_ALG_MD4:!PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD4):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash TLS12_PSK_TO_MS(MD5): invalid
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS
+hash_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TLS12_PSK_TO_MS(MD5): !MD5
+depends_on:!PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation TLS12_PSK_TO_MS(MD5): !TLS12_PSK_TO_MS
+depends_on:PSA_WANT_ALG_MD5:!PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash TLS12_PSK_TO_MS(RIPEMD160): invalid
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS
+hash_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TLS12_PSK_TO_MS(RIPEMD160): !RIPEMD160
+depends_on:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation TLS12_PSK_TO_MS(RIPEMD160): !TLS12_PSK_TO_MS
+depends_on:PSA_WANT_ALG_RIPEMD160:!PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash TLS12_PSK_TO_MS(SHA_1): invalid
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS
+hash_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TLS12_PSK_TO_MS(SHA_1): !SHA_1
+depends_on:!PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation TLS12_PSK_TO_MS(SHA_1): !TLS12_PSK_TO_MS
+depends_on:PSA_WANT_ALG_SHA_1:!PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash TLS12_PSK_TO_MS(SHA_224): invalid
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS
+hash_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TLS12_PSK_TO_MS(SHA_224): !SHA_224
+depends_on:!PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation TLS12_PSK_TO_MS(SHA_224): !TLS12_PSK_TO_MS
+depends_on:PSA_WANT_ALG_SHA_224:!PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash TLS12_PSK_TO_MS(SHA_256): invalid
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS
+hash_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TLS12_PSK_TO_MS(SHA_256): !SHA_256
+depends_on:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation TLS12_PSK_TO_MS(SHA_256): !TLS12_PSK_TO_MS
+depends_on:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash TLS12_PSK_TO_MS(SHA_384): invalid
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS
+hash_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TLS12_PSK_TO_MS(SHA_384): !SHA_384
+depends_on:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation TLS12_PSK_TO_MS(SHA_384): !TLS12_PSK_TO_MS
+depends_on:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash TLS12_PSK_TO_MS(SHA_512): invalid
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS
+hash_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TLS12_PSK_TO_MS(SHA_512): !SHA_512
+depends_on:!PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):PSA_ERROR_NOT_SUPPORTED
+
+PSA key_derivation TLS12_PSK_TO_MS(SHA_512): !TLS12_PSK_TO_MS
+depends_on:PSA_WANT_ALG_SHA_512:!PSA_WANT_ALG_TLS12_PSK_TO_MS
+key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):PSA_ERROR_NOT_SUPPORTED
+
+PSA hash TRUNCATED_MAC(CBC_MAC,1): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with DES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TRUNCATED_MAC(CBC_MAC,1): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash TRUNCATED_MAC(CMAC,1): invalid
+depends_on:PSA_WANT_ALG_CMAC
+hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with AES
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with DES
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CMAC,1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TRUNCATED_MAC(CMAC,1): invalid
+depends_on:PSA_WANT_ALG_CMAC
+key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash TRUNCATED_MAC(HMAC(MD2),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2
+hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TRUNCATED_MAC(HMAC(MD2),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2
+key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash TRUNCATED_MAC(HMAC(MD4),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4
+hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TRUNCATED_MAC(HMAC(MD4),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4
+key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash TRUNCATED_MAC(HMAC(MD5),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5
+hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TRUNCATED_MAC(HMAC(MD5),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5
+key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash TRUNCATED_MAC(HMAC(RIPEMD160),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160
+hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TRUNCATED_MAC(HMAC(RIPEMD160),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160
+key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash TRUNCATED_MAC(HMAC(SHA_1),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1
+hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TRUNCATED_MAC(HMAC(SHA_1),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1
+key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash TRUNCATED_MAC(HMAC(SHA_224),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224
+hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TRUNCATED_MAC(HMAC(SHA_224),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224
+key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash TRUNCATED_MAC(HMAC(SHA_256),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256
+hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TRUNCATED_MAC(HMAC(SHA_256),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256
+key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash TRUNCATED_MAC(HMAC(SHA_384),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384
+hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TRUNCATED_MAC(HMAC(SHA_384),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384
+key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash TRUNCATED_MAC(HMAC(SHA_512),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512
+hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with AES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ARC4
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ARIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with DES
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with HMAC
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TRUNCATED_MAC(HMAC(SHA_512),1): invalid
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512
+key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash TRUNCATED_MAC(CBC_MAC,4): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): !CBC_MAC with AES
+depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): !CBC_MAC with ARIA
+depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): !CBC_MAC with CAMELLIA
+depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with DES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher TRUNCATED_MAC(CBC_MAC,4): invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher TRUNCATED_MAC(CBC_MAC,4): invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher TRUNCATED_MAC(CBC_MAC,4): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead TRUNCATED_MAC(CBC_MAC,4): invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead TRUNCATED_MAC(CBC_MAC,4): invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead TRUNCATED_MAC(CBC_MAC,4): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign TRUNCATED_MAC(CBC_MAC,4): invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign TRUNCATED_MAC(CBC_MAC,4): invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign TRUNCATED_MAC(CBC_MAC,4): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,4): invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,4): invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,4): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TRUNCATED_MAC(CBC_MAC,4): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement TRUNCATED_MAC(CBC_MAC,4): invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement TRUNCATED_MAC(CBC_MAC,4): invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement TRUNCATED_MAC(CBC_MAC,4): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash TRUNCATED_MAC(CBC_MAC,13): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): !CBC_MAC with AES
+depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): !CBC_MAC with ARIA
+depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): !CBC_MAC with CAMELLIA
+depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with DES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher TRUNCATED_MAC(CBC_MAC,13): invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher TRUNCATED_MAC(CBC_MAC,13): invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher TRUNCATED_MAC(CBC_MAC,13): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead TRUNCATED_MAC(CBC_MAC,13): invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead TRUNCATED_MAC(CBC_MAC,13): invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead TRUNCATED_MAC(CBC_MAC,13): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign TRUNCATED_MAC(CBC_MAC,13): invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign TRUNCATED_MAC(CBC_MAC,13): invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign TRUNCATED_MAC(CBC_MAC,13): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,13): invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,13): invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,13): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TRUNCATED_MAC(CBC_MAC,13): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement TRUNCATED_MAC(CBC_MAC,13): invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement TRUNCATED_MAC(CBC_MAC,13): invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement TRUNCATED_MAC(CBC_MAC,13): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash TRUNCATED_MAC(CBC_MAC,14): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): !CBC_MAC with AES
+depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): !CBC_MAC with ARIA
+depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): !CBC_MAC with CAMELLIA
+depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with DES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher TRUNCATED_MAC(CBC_MAC,14): invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher TRUNCATED_MAC(CBC_MAC,14): invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher TRUNCATED_MAC(CBC_MAC,14): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead TRUNCATED_MAC(CBC_MAC,14): invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead TRUNCATED_MAC(CBC_MAC,14): invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead TRUNCATED_MAC(CBC_MAC,14): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign TRUNCATED_MAC(CBC_MAC,14): invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign TRUNCATED_MAC(CBC_MAC,14): invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign TRUNCATED_MAC(CBC_MAC,14): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,14): invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,14): invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,14): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TRUNCATED_MAC(CBC_MAC,14): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement TRUNCATED_MAC(CBC_MAC,14): invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement TRUNCATED_MAC(CBC_MAC,14): invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement TRUNCATED_MAC(CBC_MAC,14): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash TRUNCATED_MAC(CBC_MAC,16): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): !CBC_MAC with AES
+depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): !CBC_MAC with ARIA
+depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): !CBC_MAC with CAMELLIA
+depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_NOT_SUPPORTED
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with DES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher TRUNCATED_MAC(CBC_MAC,16): invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher TRUNCATED_MAC(CBC_MAC,16): invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher TRUNCATED_MAC(CBC_MAC,16): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead TRUNCATED_MAC(CBC_MAC,16): invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead TRUNCATED_MAC(CBC_MAC,16): invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead TRUNCATED_MAC(CBC_MAC,16): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign TRUNCATED_MAC(CBC_MAC,16): invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign TRUNCATED_MAC(CBC_MAC,16): invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign TRUNCATED_MAC(CBC_MAC,16): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,16): invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,16): invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,16): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TRUNCATED_MAC(CBC_MAC,16): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement TRUNCATED_MAC(CBC_MAC,16): invalid with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement TRUNCATED_MAC(CBC_MAC,16): invalid with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement TRUNCATED_MAC(CBC_MAC,16): invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash TRUNCATED_MAC(CBC_MAC,63): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with AES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ARC4
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4
+mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ARIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with CAMELLIA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20
+mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with DERIVE
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE
+mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with DES
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES
+mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with HMAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC
+mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation TRUNCATED_MAC(CBC_MAC,63): invalid
+depends_on:PSA_WANT_ALG_CBC_MAC
+key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash XTS: invalid
+depends_on:PSA_WANT_ALG_XTS
+hash_fail:PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac XTS: invalid with AES
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES
+mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac XTS: invalid with ARIA
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA
+mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA mac XTS: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA
+mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: !XTS with AES
+depends_on:!PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES
+cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher XTS: incompatible with ARC4
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARC4
+cipher_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: !XTS with ARIA
+depends_on:!PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA
+cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher XTS: !XTS with CAMELLIA
+depends_on:!PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA
+cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher XTS: incompatible with CHACHA20
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with DERIVE
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_DERIVE
+cipher_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with DES
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_DES
+cipher_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with ECC_KEY_PAIR(MONTGOMERY)
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with ECC_KEY_PAIR(SECP_K1)
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with ECC_KEY_PAIR(SECP_R1)
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with ECC_KEY_PAIR(SECP_R2)
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with ECC_KEY_PAIR(SECT_K1)
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with ECC_KEY_PAIR(SECT_R1)
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with ECC_KEY_PAIR(SECT_R2)
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1)
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with ECC_PUBLIC_KEY(MONTGOMERY)
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with ECC_PUBLIC_KEY(SECP_K1)
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with ECC_PUBLIC_KEY(SECP_R1)
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with ECC_PUBLIC_KEY(SECP_R2)
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with ECC_PUBLIC_KEY(SECT_K1)
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with ECC_PUBLIC_KEY(SECT_R1)
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with ECC_PUBLIC_KEY(SECT_R2)
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS)
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with HMAC
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_HMAC
+cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with RAW_DATA
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA
+cipher_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with RSA_KEY_PAIR
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher XTS: incompatible with RSA_PUBLIC_KEY
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead XTS: invalid with AES
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES
+aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead XTS: invalid with ARIA
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA
+aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA aead XTS: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA
+aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign XTS: invalid with AES
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_XTS:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign XTS: invalid with ARIA
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA
+sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign XTS: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA
+sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption XTS: invalid with AES
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES
+asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_XTS:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption XTS: invalid with ARIA
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA asymmetric_encryption XTS: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA
+asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_derivation XTS: invalid
+depends_on:PSA_WANT_ALG_XTS
+key_derivation_fail:PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement XTS: invalid with AES
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES
+key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_XTS:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement XTS: invalid with ARIA
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA
+key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key_agreement XTS: invalid with CAMELLIA
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA
+key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:0:PSA_ERROR_INVALID_ARGUMENT
+
+# End of automatically generated file.
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_op_fail.misc.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_op_fail.misc.data
new file mode 100644
index 0000000..a8ab748
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_op_fail.misc.data
@@ -0,0 +1,45 @@
+# Most operation failure test cases are automatically generated in
+# test_suite_psa_crypto_op_fail.generated.data. The manually written
+# test cases in this file cover some edge cases, plus a few to help with
+# with debugging the test code.
+
+# Redundant, to help debugging the test code
+PSA hash: invalid algorithm
+hash_fail:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+# For ARC4, Mbed TLS only supports 128-bit keys. PSA allows 40 to 2048 bits.
+# The ARC4 construction allows any whole number of bytes from 1 to 256 bytes
+# (8 to 2048 bits).
+PSA cipher STREAM_CIPHER: 8-bit ARC4 never supported
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+cipher_fail:PSA_KEY_TYPE_ARC4:"41":PSA_ALG_STREAM_CIPHER:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher STREAM_CIPHER: 40-bit ARC4 never supported
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+cipher_fail:PSA_KEY_TYPE_ARC4:"4152433420":PSA_ALG_STREAM_CIPHER:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher STREAM_CIPHER: 120-bit ARC4 never supported
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+cipher_fail:PSA_KEY_TYPE_ARC4:"41524334206b657941524334206b65":PSA_ALG_STREAM_CIPHER:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher STREAM_CIPHER: 136-bit ARC4 never supported
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+cipher_fail:PSA_KEY_TYPE_ARC4:"41524334206b657941524334206b657941":PSA_ALG_STREAM_CIPHER:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher STREAM_CIPHER: 256-bit ARC4 never supported
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+cipher_fail:PSA_KEY_TYPE_ARC4:"41524334206b657941524334206b657941524334206b657941524334206b6579":PSA_ALG_STREAM_CIPHER:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher STREAM_CIPHER: 2048-bit ARC4 never supported
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+cipher_fail:PSA_KEY_TYPE_ARC4:"41524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b6579":PSA_ALG_STREAM_CIPHER:PSA_ERROR_NOT_SUPPORTED
+
+# Redundant, to help debugging the test code
+PSA sign RSA_PSS(SHA_256): incompatible key type
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES
+sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT
+
+# Redundant, to help debugging the test code
+PSA sign RSA_PSS(SHA_256): RSA_PSS not enabled, key pair
+depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_persistent_key.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_persistent_key.data
similarity index 88%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_persistent_key.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_persistent_key.data
index 80035d8..6d208e9 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_persistent_key.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_persistent_key.data
@@ -1,3 +1,8 @@
+# Note that if you need to make a change that affects how keys are
+# stored, this may indicate that the key store is changing in a
+# backward-incompatible way! Think carefully about backward compatibility
+# before changing how test data is constructed or validated.
+
 Format for storage: RSA private key
 format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010000000000000700000006620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN
 
@@ -11,16 +16,22 @@ Parse storage: AES-128 key
 parse_storage_data_check:"505341004b45590000000000010000000024800000030000000250050000000010000000404142434445464748494a4b4c4d4e4f":"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:0:PSA_SUCCESS
 
 Parse storage: wrong version
-parse_storage_data_check:"505341004b455900ffffffff0100000001700004010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE
+parse_storage_data_check:"505341004b455900ffffffff0100000001700004010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_DATA_INVALID
 
 Parse storage: data too big
-parse_storage_data_check:"505341004b455900000000000100000001700000010000000000001200000010ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE
+parse_storage_data_check:"505341004b455900000000000100000001700000010000000000001200000010ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_DATA_INVALID
 
 Parse storage: bad magic
-parse_storage_data_check:"645341004b455900000000000100000001700004010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE
+parse_storage_data_check:"645341004b455900000000000100000001700004010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_DATA_INVALID
 
 Parse storage: truncated magic
-parse_storage_data_check:"505341004b4559":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE
+parse_storage_data_check:"505341004b4559":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_DATA_INVALID
+
+Parse storage: truncated header
+parse_storage_data_check:"505341004b455900000000000100000001700000010000000000001200000010620200":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_DATA_INVALID
+
+Parse storage: truncated key
+parse_storage_data_check:"505341004b455900000000000100000001700000010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_DATA_INVALID
 
 # Not specific to files, but only run this test in an environment where the maximum size could be reached.
 Save maximum-size persistent raw key
@@ -31,85 +42,94 @@ Save larger than maximum-size persistent raw key
 save_large_persistent_key:PSA_CRYPTO_MAX_STORAGE_SIZE + 1:PSA_ERROR_NOT_SUPPORTED
 
 Persistent key destroy
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
 persistent_key_destroy:2:1:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef"
 
 Persistent key destroy after restart
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
 persistent_key_destroy:17:1:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef"
 
 Persistent key import (RSA)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
 persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_SUCCESS
 
 Persistent key import with restart (RSA)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
 persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":1:PSA_SUCCESS
 
 Persistent key import (RSA) invalid key id (VENDOR_MIN)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-persistent_key_import:256:PSA_KEY_ID_VENDOR_MIN:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_HANDLE
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
+persistent_key_import:256:PSA_KEY_ID_VENDOR_MIN:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_ARGUMENT
 
 Persistent key import (RSA) invalid key id (VOLATILE_MIN)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-persistent_key_import:256:PSA_KEY_ID_VOLATILE_MIN:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_HANDLE
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
+persistent_key_import:256:PSA_KEY_ID_VOLATILE_MIN:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_ARGUMENT
 
 Persistent key import (RSA) invalid key id (VENDOR_MAX)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-persistent_key_import:256:PSA_KEY_ID_VENDOR_MAX:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_HANDLE
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
+persistent_key_import:256:PSA_KEY_ID_VENDOR_MAX:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_ARGUMENT
 
 Persistent key import garbage data, should fail
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
 persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"11111111":0:PSA_ERROR_INVALID_ARGUMENT
 
 import/export persistent raw key: 1 byte
 import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0:0
 
 import/export persistent key RSA public key: good, 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
 import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:0
 
 import/export persistent key RSA keypair: good, 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
 import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:0:0
 
 import/export persistent raw key file not exist: 1 byte
 import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0:1
 
 import/export persistent key RSA public key file not exist: 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
 import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:1
 
 import/export persistent key RSA keypair file not exist: 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
 import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:0:1
 
 import/export-persistent symmetric key: 16 bytes
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
 import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:0:0
 
 import/export persistent raw key with restart: 1 byte
 import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:0
 
 import/export persistent key RSA public key with restart: good, 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
 import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:1:0
 
 import/export persistent key RSA keypair with restart: good, 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
 import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:1:0
 
 import/export persistent raw key file not exist with restart: 1 byte
 import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:1
 
 import/export persistent key RSA public key file not exist with restart: 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
 import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:1:1
 
 import/export persistent key RSA keypair file not exist with restart: 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
 import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:1:1
 
 import/export-persistent symmetric key with restart: 16 bytes
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
 import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:1:0
+
+Destroy invalid id: 0
+destroy_nonexistent:0:PSA_SUCCESS
+
+Destroy non-existent key
+destroy_nonexistent:1:PSA_ERROR_INVALID_HANDLE
+
+Destroy invalid id: 0xffffffff
+destroy_nonexistent:0xffffffff:PSA_ERROR_INVALID_HANDLE
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_persistent_key.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_persistent_key.function
new file mode 100644
index 0000000..8f6a57f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_persistent_key.function
@@ -0,0 +1,342 @@
+/* BEGIN_HEADER */
+
+/* The tests in this module verify the contents of key store files. They
+ * access internal key storage functions directly. Some of the tests depend
+ * on the the storage format. On the other hand, these tests treat the storage
+ * subsystem as a black box, and in particular have no reliance on the
+ * internals of the ITS implementation.
+ *
+ * Note that if you need to make a change that affects how files are
+ * stored, this may indicate that the key store is changing in a
+ * backward-incompatible way! Think carefully about backward compatibility
+ * before changing how test data is constructed or validated.
+ */
+
+#include <stdint.h>
+
+#include "psa_crypto_slot_management.h"
+#include "psa_crypto_storage.h"
+
+#include "mbedtls/md.h"
+
+#define PSA_KEY_STORAGE_MAGIC_HEADER "PSA\0KEY"
+#define PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH (sizeof(PSA_KEY_STORAGE_MAGIC_HEADER))
+
+/* Enforce the storage format for keys. The storage format is not a public
+ * documented interface, but it must be preserved between versions so that
+ * upgrades work smoothly, so it's a stable interface nonetheless.
+ */
+typedef struct {
+    uint8_t magic[PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH];
+    uint8_t version[4];
+    uint8_t lifetime[sizeof(psa_key_lifetime_t)];
+    uint8_t type[4];
+    uint8_t policy[sizeof(psa_key_policy_t)];
+    uint8_t data_len[4];
+    uint8_t key_data[];
+} psa_persistent_key_storage_format;
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void format_storage_data_check(data_t *key_data,
+                               data_t *expected_file_data,
+                               int key_lifetime, int key_type, int key_bits,
+                               int key_usage, int key_alg, int key_alg2)
+{
+    uint8_t *file_data = NULL;
+    size_t file_data_length =
+        key_data->len + sizeof(psa_persistent_key_storage_format);
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    psa_set_key_lifetime(&attributes, key_lifetime);
+    psa_set_key_type(&attributes, key_type);
+    psa_set_key_bits(&attributes, key_bits);
+    psa_set_key_usage_flags(&attributes, key_usage);
+    psa_set_key_algorithm(&attributes, key_alg);
+    psa_set_key_enrollment_algorithm(&attributes, key_alg2);
+
+    TEST_CALLOC(file_data, file_data_length);
+    psa_format_key_data_for_storage(key_data->x, key_data->len,
+                                    &attributes.core,
+                                    file_data);
+
+    TEST_MEMORY_COMPARE(expected_file_data->x, expected_file_data->len,
+                        file_data, file_data_length);
+
+exit:
+    mbedtls_free(file_data);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void parse_storage_data_check(data_t *file_data,
+                              data_t *expected_key_data,
+                              int expected_key_lifetime,
+                              int expected_key_type,
+                              int expected_key_bits,
+                              int expected_key_usage,
+                              int expected_key_alg,
+                              int expected_key_alg2,
+                              int expected_status)
+{
+    uint8_t *key_data = NULL;
+    size_t key_data_length = 0;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_status_t status;
+
+    status = psa_parse_key_data_from_storage(file_data->x, file_data->len,
+                                             &key_data, &key_data_length,
+                                             &attributes.core);
+
+    TEST_EQUAL(status, expected_status);
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    TEST_EQUAL(psa_get_key_lifetime(&attributes),
+               (psa_key_type_t) expected_key_lifetime);
+    TEST_EQUAL(psa_get_key_type(&attributes),
+               (psa_key_type_t) expected_key_type);
+    TEST_EQUAL(psa_get_key_bits(&attributes),
+               (psa_key_bits_t) expected_key_bits);
+    TEST_EQUAL(psa_get_key_usage_flags(&attributes),
+               (uint32_t) expected_key_usage);
+    TEST_EQUAL(psa_get_key_algorithm(&attributes),
+               (uint32_t) expected_key_alg);
+    TEST_EQUAL(psa_get_key_enrollment_algorithm(&attributes),
+               (uint32_t) expected_key_alg2);
+    TEST_MEMORY_COMPARE(expected_key_data->x, expected_key_data->len,
+                        key_data, key_data_length);
+
+exit:
+    mbedtls_free(key_data);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void save_large_persistent_key(int data_length_arg, int expected_status)
+{
+    mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(1, 42);
+    uint8_t *data = NULL;
+    size_t data_length = data_length_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    TEST_CALLOC(data, data_length);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_id(&attributes, key_id);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA);
+
+    TEST_EQUAL(psa_import_key(&attributes, data, data_length, &key_id),
+               expected_status);
+
+    if (expected_status == PSA_SUCCESS) {
+        PSA_ASSERT(psa_destroy_key(key_id));
+    }
+
+exit:
+    mbedtls_free(data);
+    PSA_DONE();
+    psa_destroy_persistent_key(key_id);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void persistent_key_destroy(int owner_id_arg, int key_id_arg, int restart,
+                            int first_type_arg, data_t *first_data,
+                            int second_type_arg, data_t *second_data)
+{
+    mbedtls_svc_key_id_t key_id =
+        mbedtls_svc_key_id_make(owner_id_arg, key_id_arg);
+    mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t first_type = (psa_key_type_t) first_type_arg;
+    psa_key_type_t second_type = (psa_key_type_t) second_type_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_id(&attributes, key_id);
+    psa_set_key_type(&attributes, first_type);
+
+    PSA_ASSERT(psa_import_key(&attributes, first_data->x, first_data->len,
+                              &returned_key_id));
+
+    if (restart) {
+        psa_close_key(key_id);
+        PSA_DONE();
+        PSA_ASSERT(psa_crypto_init());
+    }
+    TEST_EQUAL(psa_is_key_present_in_storage(key_id), 1);
+
+    /* Destroy the key */
+    PSA_ASSERT(psa_destroy_key(key_id));
+
+    /* Check key slot storage is removed */
+    TEST_EQUAL(psa_is_key_present_in_storage(key_id), 0);
+
+    /* Shutdown and restart */
+    PSA_DONE();
+    PSA_ASSERT(psa_crypto_init());
+
+    /* Create another key in the same slot */
+    psa_set_key_id(&attributes, key_id);
+    psa_set_key_type(&attributes, second_type);
+    PSA_ASSERT(psa_import_key(&attributes, second_data->x, second_data->len,
+                              &returned_key_id));
+
+    PSA_ASSERT(psa_destroy_key(key_id));
+
+exit:
+    PSA_DONE();
+    psa_destroy_persistent_key(key_id);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void persistent_key_import(int owner_id_arg, int key_id_arg, int type_arg,
+                           data_t *data, int restart, int expected_status)
+{
+    mbedtls_svc_key_id_t key_id =
+        mbedtls_svc_key_id_make(owner_id_arg, key_id_arg);
+    mbedtls_svc_key_id_t returned_key_id;
+    psa_key_type_t type = (psa_key_type_t) type_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_id(&attributes, key_id);
+    psa_set_key_type(&attributes, type);
+    TEST_EQUAL(psa_import_key(&attributes, data->x, data->len, &returned_key_id),
+               expected_status);
+
+    if (expected_status != PSA_SUCCESS) {
+        TEST_ASSERT(mbedtls_svc_key_id_is_null(returned_key_id));
+        TEST_EQUAL(psa_is_key_present_in_storage(key_id), 0);
+        goto exit;
+    }
+
+    TEST_ASSERT(mbedtls_svc_key_id_equal(returned_key_id, key_id));
+
+    if (restart) {
+        PSA_ASSERT(psa_purge_key(key_id));
+        PSA_DONE();
+        PSA_ASSERT(psa_crypto_init());
+    }
+
+    psa_reset_key_attributes(&attributes);
+    PSA_ASSERT(psa_get_key_attributes(key_id, &attributes));
+    TEST_ASSERT(mbedtls_svc_key_id_equal(psa_get_key_id(&attributes),
+                                         key_id));
+    TEST_EQUAL(psa_get_key_lifetime(&attributes),
+               PSA_KEY_LIFETIME_PERSISTENT);
+    TEST_EQUAL(psa_get_key_type(&attributes), type);
+    TEST_EQUAL(psa_get_key_usage_flags(&attributes), 0);
+    TEST_EQUAL(psa_get_key_algorithm(&attributes), 0);
+
+    PSA_ASSERT(psa_destroy_key(key_id));
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    psa_destroy_persistent_key(key_id);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void import_export_persistent_key(data_t *data, int type_arg,
+                                  int expected_bits,
+                                  int restart, int key_not_exist)
+{
+    mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(1, 42);
+    psa_key_type_t type = (psa_key_type_t) type_arg;
+    mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT;
+    unsigned char *exported = NULL;
+    size_t export_size = data->len;
+    size_t exported_length;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    TEST_CALLOC(exported, export_size);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_id(&attributes, key_id);
+    psa_set_key_type(&attributes, type);
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT);
+
+    /* Import the key */
+    PSA_ASSERT(psa_import_key(&attributes, data->x, data->len,
+                              &returned_key_id));
+
+
+    if (restart) {
+        PSA_ASSERT(psa_purge_key(key_id));
+        PSA_DONE();
+        PSA_ASSERT(psa_crypto_init());
+    }
+
+    /* Test the key information */
+    psa_reset_key_attributes(&attributes);
+    PSA_ASSERT(psa_get_key_attributes(key_id, &attributes));
+    TEST_ASSERT(mbedtls_svc_key_id_equal(
+                    psa_get_key_id(&attributes), key_id));
+    TEST_EQUAL(psa_get_key_lifetime(&attributes),
+               PSA_KEY_LIFETIME_PERSISTENT);
+    TEST_EQUAL(psa_get_key_type(&attributes), type);
+    TEST_EQUAL(psa_get_key_bits(&attributes), (size_t) expected_bits);
+    TEST_EQUAL(psa_get_key_usage_flags(&attributes), PSA_KEY_USAGE_EXPORT);
+    TEST_EQUAL(psa_get_key_algorithm(&attributes), 0);
+
+    TEST_EQUAL(psa_is_key_present_in_storage(key_id), 1);
+
+    if (key_not_exist) {
+        psa_destroy_persistent_key(key_id);
+    }
+    /* Export the key */
+    PSA_ASSERT(psa_export_key(key_id, exported, export_size,
+                              &exported_length));
+
+    TEST_MEMORY_COMPARE(data->x, data->len, exported, exported_length);
+
+    /* Destroy the key */
+    PSA_ASSERT(psa_destroy_key(key_id));
+    TEST_EQUAL(psa_is_key_present_in_storage(key_id), 0);
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    mbedtls_free(exported);
+    PSA_DONE();
+    psa_destroy_persistent_key(key_id);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void destroy_nonexistent(int id_arg, int expected_status_arg)
+{
+    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, id_arg);
+    psa_status_t expected_status = expected_status_arg;
+
+    PSA_INIT();
+
+    TEST_EQUAL(expected_status, psa_destroy_key(id));
+
+exit:
+    PSA_DONE();
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_se_driver_hal.data
similarity index 88%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_se_driver_hal.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_se_driver_hal.data
index 18d1d74..2bcf4e4 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_se_driver_hal.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_se_driver_hal.data
@@ -78,6 +78,21 @@ import_key_smoke:PSA_KEY_TYPE_AES:PSA_ALG_CCM:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
 Key import smoke test: AES-GCM
 import_key_smoke:PSA_KEY_TYPE_AES:PSA_ALG_GCM:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
 
+Key import smoke test: ARIA-CTR
+import_key_smoke:PSA_KEY_TYPE_ARIA:PSA_ALG_CTR:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+
+Key import smoke test: ARIA-CBC
+import_key_smoke:PSA_KEY_TYPE_ARIA:PSA_ALG_CBC_NO_PADDING:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+
+Key import smoke test: ARIA-CMAC
+import_key_smoke:PSA_KEY_TYPE_ARIA:PSA_ALG_CMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+
+Key import smoke test: ARIA-CCM
+import_key_smoke:PSA_KEY_TYPE_ARIA:PSA_ALG_CCM:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+
+Key import smoke test: ARIA-GCM
+import_key_smoke:PSA_KEY_TYPE_ARIA:PSA_ALG_GCM:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+
 Key import smoke test: CAMELLIA-CTR
 import_key_smoke:PSA_KEY_TYPE_CAMELLIA:PSA_ALG_CTR:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
 
@@ -148,40 +163,40 @@ Key registration: not supported
 register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:1:-1:PSA_ERROR_NOT_SUPPORTED
 
 Key registration: key id out of range
-register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MAX+1:-1:PSA_ERROR_INVALID_HANDLE
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MAX+1:-1:PSA_ERROR_INVALID_ARGUMENT
 
 Key registration: key id min vendor
-register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MIN:1:PSA_ERROR_INVALID_HANDLE
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MIN:1:PSA_ERROR_INVALID_ARGUMENT
 
 Key registration: key id max vendor except volatile
-register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MIN-1:1:PSA_ERROR_INVALID_HANDLE
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MIN-1:1:PSA_ERROR_INVALID_ARGUMENT
 
 Key registration: key id min volatile
-register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MIN:1:PSA_ERROR_INVALID_HANDLE
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MIN:1:PSA_ERROR_INVALID_ARGUMENT
 
 Key registration: key id max volatile
-register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MAX:1:PSA_ERROR_INVALID_HANDLE
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MAX:1:PSA_ERROR_INVALID_ARGUMENT
 
 Import-sign-verify: sign in driver, ECDSA
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256
 sign_verify:SIGN_IN_DRIVER_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
 
 Import-sign-verify: sign in driver then export_public, ECDSA
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256
 sign_verify:SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
 
 Import-sign-verify: sign in software, ECDSA
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256
 sign_verify:SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
 
 Generate-sign-verify: sign in driver, ECDSA
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256
 sign_verify:SIGN_IN_DRIVER_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
 
 Generate-sign-verify: sign in driver then export_public, ECDSA
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256
 sign_verify:SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
 
 Generate-sign-verify: sign in software, ECDSA
-depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256
 sign_verify:SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_se_driver_hal.function
new file mode 100644
index 0000000..15232a4
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_se_driver_hal.function
@@ -0,0 +1,1526 @@
+/* BEGIN_HEADER */
+#include "psa/crypto_se_driver.h"
+
+#include "psa_crypto_se.h"
+#include "psa_crypto_slot_management.h"
+#include "psa_crypto_storage.h"
+
+/* Invasive peeking: check the persistent data */
+#if defined(MBEDTLS_PSA_ITS_FILE_C)
+#include "psa_crypto_its.h"
+#else /* Native ITS implementation */
+#include "psa/error.h"
+#include "psa/internal_trusted_storage.h"
+#endif
+
+
+/****************************************************************/
+/* Test driver helpers */
+/****************************************************************/
+
+/** The minimum valid location value for a secure element driver. */
+#define MIN_DRIVER_LOCATION 1
+
+/** The location and lifetime used for tests that use a single driver. */
+#define TEST_DRIVER_LOCATION 1
+#define TEST_SE_PERSISTENT_LIFETIME                             \
+    (PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(           \
+         PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION))
+
+#define TEST_SE_VOLATILE_LIFETIME                               \
+    (PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(           \
+         PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION))
+
+/** The driver detected a condition that shouldn't happen.
+ * This is probably a bug in the library. */
+#define PSA_ERROR_DETECTED_BY_DRIVER ((psa_status_t) (-500))
+
+/** Like #TEST_ASSERT for use in a driver method, with no cleanup.
+ *
+ * If an error happens, this macro returns from the calling function.
+ *
+ * Use this macro to assert on guarantees provided by the core.
+ */
+#define DRIVER_ASSERT_RETURN(TEST)                        \
+    do {                                                    \
+        if (!(TEST))                                       \
+        {                                                    \
+            mbedtls_test_fail( #TEST, __LINE__, __FILE__);   \
+            return PSA_ERROR_DETECTED_BY_DRIVER;           \
+        }                                                    \
+    } while (0)
+
+/** Like #TEST_ASSERT for use in a driver method, with cleanup.
+ *
+ * In case of error, this macro sets `status` and jumps to the
+ * label `exit`.
+ *
+ * Use this macro to assert on guarantees provided by the core.
+ */
+#define DRIVER_ASSERT(TEST)                               \
+    do {                                                    \
+        if (!(TEST))                                       \
+        {                                                    \
+            mbedtls_test_fail( #TEST, __LINE__, __FILE__);   \
+            status = PSA_ERROR_DETECTED_BY_DRIVER;            \
+            goto exit;                                        \
+        }                                                    \
+    } while (0)
+
+/** Like #PSA_ASSERT for a PSA API call that calls a driver underneath.
+ *
+ * Run the code \p expr. If this returns \p expected_status,
+ * do nothing. If this returns #PSA_ERROR_DETECTED_BY_DRIVER,
+ * jump directly to the `exit` label. If this returns any other
+ * status, call mbedtls_test_fail() then jump to `exit`.
+ *
+ * The special case for #PSA_ERROR_DETECTED_BY_DRIVER is because in this
+ * case, the test driver code is expected to have called mbedtls_test_fail()
+ * already, so we make sure not to overwrite the failure information.
+ */
+#define PSA_ASSERT_VIA_DRIVER(expr, expected_status)                  \
+    do {                                                                \
+        psa_status_t PSA_ASSERT_VIA_DRIVER_status = (expr);           \
+        if (PSA_ASSERT_VIA_DRIVER_status == PSA_ERROR_DETECTED_BY_DRIVER) \
+        goto exit;                                                  \
+        if (PSA_ASSERT_VIA_DRIVER_status != (expected_status))       \
+        {                                                               \
+            mbedtls_test_fail( #expr, __LINE__, __FILE__);                     \
+            goto exit;                                                  \
+        }                                                               \
+    } while (0)
+
+
+
+/****************************************************************/
+/* Domain support functions */
+/****************************************************************/
+
+/* Return the exact bit size given a curve family and a byte length. */
+static size_t ecc_curve_bits(psa_ecc_family_t curve, size_t data_length)
+{
+    switch (curve) {
+        case PSA_ECC_FAMILY_SECP_R1:
+            if (data_length == PSA_BYTES_TO_BITS(521)) {
+                return 521;
+            }
+            break;
+        case PSA_ECC_FAMILY_MONTGOMERY:
+            if (data_length == PSA_BYTES_TO_BITS(255)) {
+                return 255;
+            }
+    }
+    /* If not listed above, assume a multiple of 8 bits. */
+    return PSA_BYTES_TO_BITS(data_length);
+}
+
+
+/****************************************************************/
+/* Miscellaneous driver methods */
+/****************************************************************/
+
+typedef struct {
+    psa_key_slot_number_t slot_number;
+    psa_key_creation_method_t method;
+    psa_status_t status;
+} validate_slot_number_directions_t;
+static validate_slot_number_directions_t validate_slot_number_directions;
+
+/* Validate a choice of slot number as directed. */
+static psa_status_t validate_slot_number_as_directed(
+    psa_drv_se_context_t *context,
+    void *persistent_data,
+    const psa_key_attributes_t *attributes,
+    psa_key_creation_method_t method,
+    psa_key_slot_number_t slot_number)
+{
+    (void) context;
+    (void) persistent_data;
+    (void) attributes;
+    DRIVER_ASSERT_RETURN(slot_number ==
+                         validate_slot_number_directions.slot_number);
+    DRIVER_ASSERT_RETURN(method ==
+                         validate_slot_number_directions.method);
+    return validate_slot_number_directions.status;
+}
+
+/* Allocate slot numbers with a monotonic counter. */
+static psa_key_slot_number_t shadow_counter;
+static void counter_reset(void)
+{
+    shadow_counter = 0;
+}
+static psa_status_t counter_allocate(psa_drv_se_context_t *context,
+                                     void *persistent_data,
+                                     const psa_key_attributes_t *attributes,
+                                     psa_key_creation_method_t method,
+                                     psa_key_slot_number_t *slot_number)
+{
+    psa_key_slot_number_t *p_counter = persistent_data;
+    (void) attributes;
+    (void) method;
+    if (context->persistent_data_size != sizeof(psa_key_slot_number_t)) {
+        return PSA_ERROR_DETECTED_BY_DRIVER;
+    }
+    ++*p_counter;
+    if (*p_counter == 0) {
+        return PSA_ERROR_INSUFFICIENT_STORAGE;
+    }
+    shadow_counter = *p_counter;
+    *slot_number = *p_counter;
+    return PSA_SUCCESS;
+}
+
+/* Null import: do nothing, but pretend it worked. */
+static psa_status_t null_import(psa_drv_se_context_t *context,
+                                psa_key_slot_number_t slot_number,
+                                const psa_key_attributes_t *attributes,
+                                const uint8_t *data,
+                                size_t data_length,
+                                size_t *bits)
+{
+    (void) context;
+    (void) slot_number;
+    (void) attributes;
+    (void) data;
+    /* We're supposed to return a key size. Return one that's correct for
+     * plain data keys. */
+    *bits = PSA_BYTES_TO_BITS(data_length);
+    return PSA_SUCCESS;
+}
+
+/* Null generate: do nothing, but pretend it worked. */
+static psa_status_t null_generate(psa_drv_se_context_t *context,
+                                  psa_key_slot_number_t slot_number,
+                                  const psa_key_attributes_t *attributes,
+                                  uint8_t *pubkey,
+                                  size_t pubkey_size,
+                                  size_t *pubkey_length)
+{
+    (void) context;
+    (void) slot_number;
+    (void) attributes;
+
+    DRIVER_ASSERT_RETURN(*pubkey_length == 0);
+    if (!PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) {
+        DRIVER_ASSERT_RETURN(pubkey == NULL);
+        DRIVER_ASSERT_RETURN(pubkey_size == 0);
+    }
+
+    return PSA_SUCCESS;
+}
+
+/* Null destroy: do nothing, but pretend it worked. */
+static psa_status_t null_destroy(psa_drv_se_context_t *context,
+                                 void *persistent_data,
+                                 psa_key_slot_number_t slot_number)
+{
+    (void) context;
+    (void) persistent_data;
+    (void) slot_number;
+    return PSA_SUCCESS;
+}
+
+
+
+/****************************************************************/
+/* RAM-based test driver */
+/****************************************************************/
+
+#define RAM_MAX_KEY_SIZE 64
+typedef struct {
+    psa_key_lifetime_t lifetime;
+    psa_key_type_t type;
+    size_t bits;
+    uint8_t content[RAM_MAX_KEY_SIZE];
+} ram_slot_t;
+static ram_slot_t ram_slots[16];
+
+/* A type with at least ARRAY_LENGTH(ram_slots) bits, containing a
+ * bit vector indicating which slots are in use. */
+typedef uint16_t ram_slot_usage_t;
+
+static ram_slot_usage_t ram_shadow_slot_usage;
+
+static uint8_t ram_min_slot = 0;
+
+static void ram_slots_reset(void)
+{
+    memset(ram_slots, 0, sizeof(ram_slots));
+    ram_min_slot = 0;
+    ram_shadow_slot_usage = 0;
+}
+
+/* Common parts of key creation.
+ *
+ * In case of error, zero out ram_slots[slot_number]. But don't
+ * do that if the error is PSA_ERROR_DETECTED_BY_DRIVER: in this case
+ * you don't need to clean up (ram_slot_reset() will take care of it
+ * in the test case function's cleanup code) and it might be wrong
+ * (if slot_number is invalid).
+ */
+static psa_status_t ram_create_common(psa_drv_se_context_t *context,
+                                      psa_key_slot_number_t slot_number,
+                                      const psa_key_attributes_t *attributes,
+                                      size_t required_storage)
+{
+    (void) context;
+    DRIVER_ASSERT_RETURN(slot_number < ARRAY_LENGTH(ram_slots));
+
+    ram_slots[slot_number].lifetime = psa_get_key_lifetime(attributes);
+    ram_slots[slot_number].type = psa_get_key_type(attributes);
+    ram_slots[slot_number].bits = psa_get_key_bits(attributes);
+
+    if (required_storage > sizeof(ram_slots[slot_number].content)) {
+        memset(&ram_slots[slot_number], 0, sizeof(ram_slots[slot_number]));
+        return PSA_ERROR_INSUFFICIENT_STORAGE;
+    }
+
+    return PSA_SUCCESS;
+}
+
+/* This function does everything except actually generating key material.
+ * After calling it, you must copy the desired key material to
+ * ram_slots[slot_number].content. */
+static psa_status_t ram_fake_generate(psa_drv_se_context_t *context,
+                                      psa_key_slot_number_t slot_number,
+                                      const psa_key_attributes_t *attributes,
+                                      uint8_t *pubkey,
+                                      size_t pubkey_size,
+                                      size_t *pubkey_length)
+{
+    psa_status_t status;
+    size_t required_storage =
+        PSA_EXPORT_KEY_OUTPUT_SIZE(psa_get_key_type(attributes),
+                                   psa_get_key_bits(attributes));
+
+    DRIVER_ASSERT_RETURN(*pubkey_length == 0);
+    if (!PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) {
+        DRIVER_ASSERT_RETURN(pubkey == NULL);
+        DRIVER_ASSERT_RETURN(pubkey_size == 0);
+    }
+
+    status = ram_create_common(context, slot_number, attributes,
+                               required_storage);
+    return status;
+}
+
+static psa_status_t ram_import(psa_drv_se_context_t *context,
+                               psa_key_slot_number_t slot_number,
+                               const psa_key_attributes_t *attributes,
+                               const uint8_t *data,
+                               size_t data_length,
+                               size_t *bits)
+{
+    psa_key_type_t type = psa_get_key_type(attributes);
+    psa_status_t status = ram_create_common(context, slot_number, attributes,
+                                            data_length);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+
+    /* The RAM driver only works for certain key types: raw keys,
+     * and ECC key pairs. This is true in particular of the bit-size
+     * calculation here. */
+    if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type)) {
+        *bits = PSA_BYTES_TO_BITS(data_length);
+    } else if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) {
+        *bits = ecc_curve_bits(PSA_KEY_TYPE_ECC_GET_FAMILY(type), data_length);
+        if (*bits == 0) {
+            return PSA_ERROR_DETECTED_BY_DRIVER;
+        }
+    } else {
+        memset(&ram_slots[slot_number], 0, sizeof(ram_slots[slot_number]));
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    ram_slots[slot_number].bits = *bits;
+    memcpy(ram_slots[slot_number].content, data, data_length);
+
+    return PSA_SUCCESS;
+}
+
+static psa_status_t ram_export(psa_drv_se_context_t *context,
+                               psa_key_slot_number_t slot_number,
+                               uint8_t *data,
+                               size_t data_size,
+                               size_t *data_length)
+{
+    size_t actual_size;
+    (void) context;
+    DRIVER_ASSERT_RETURN(slot_number < ARRAY_LENGTH(ram_slots));
+    actual_size = PSA_BITS_TO_BYTES(ram_slots[slot_number].bits);
+    if (actual_size > data_size) {
+        return PSA_ERROR_BUFFER_TOO_SMALL;
+    }
+    *data_length = actual_size;
+    memcpy(data, ram_slots[slot_number].content, actual_size);
+    return PSA_SUCCESS;
+}
+
+static psa_status_t ram_export_public(psa_drv_se_context_t *context,
+                                      psa_key_slot_number_t slot_number,
+                                      uint8_t *data,
+                                      size_t data_size,
+                                      size_t *data_length)
+{
+    psa_status_t status;
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    (void) context;
+    DRIVER_ASSERT_RETURN(slot_number < ARRAY_LENGTH(ram_slots));
+    DRIVER_ASSERT_RETURN(
+        PSA_KEY_TYPE_IS_KEY_PAIR(ram_slots[slot_number].type));
+
+    psa_set_key_type(&attributes, ram_slots[slot_number].type);
+    status = psa_import_key(&attributes,
+                            ram_slots[slot_number].content,
+                            PSA_BITS_TO_BYTES(ram_slots[slot_number].bits),
+                            &key);
+    if (status != PSA_SUCCESS) {
+        return status;
+    }
+    status = psa_export_public_key(key, data, data_size, data_length);
+    psa_destroy_key(key);
+    return PSA_SUCCESS;
+}
+
+static psa_status_t ram_destroy(psa_drv_se_context_t *context,
+                                void *persistent_data,
+                                psa_key_slot_number_t slot_number)
+{
+    ram_slot_usage_t *slot_usage = persistent_data;
+    DRIVER_ASSERT_RETURN(context->persistent_data_size == sizeof(ram_slot_usage_t));
+    DRIVER_ASSERT_RETURN(slot_number < ARRAY_LENGTH(ram_slots));
+    memset(&ram_slots[slot_number], 0, sizeof(ram_slots[slot_number]));
+    *slot_usage &= ~(ram_slot_usage_t) (1 << slot_number);
+    ram_shadow_slot_usage = *slot_usage;
+    return PSA_SUCCESS;
+}
+
+static psa_status_t ram_allocate(psa_drv_se_context_t *context,
+                                 void *persistent_data,
+                                 const psa_key_attributes_t *attributes,
+                                 psa_key_creation_method_t method,
+                                 psa_key_slot_number_t *slot_number)
+{
+    ram_slot_usage_t *slot_usage = persistent_data;
+    (void) attributes;
+    (void) method;
+    DRIVER_ASSERT_RETURN(context->persistent_data_size == sizeof(ram_slot_usage_t));
+    for (*slot_number = ram_min_slot;
+         *slot_number < ARRAY_LENGTH(ram_slots);
+         ++(*slot_number)) {
+        if (!(*slot_usage & 1 << *slot_number)) {
+            ram_shadow_slot_usage = *slot_usage;
+            return PSA_SUCCESS;
+        }
+    }
+    return PSA_ERROR_INSUFFICIENT_STORAGE;
+}
+
+static psa_status_t ram_validate_slot_number(
+    psa_drv_se_context_t *context,
+    void *persistent_data,
+    const psa_key_attributes_t *attributes,
+    psa_key_creation_method_t method,
+    psa_key_slot_number_t slot_number)
+{
+    (void) context;
+    (void) persistent_data;
+    (void) attributes;
+    (void) method;
+    if (slot_number >= ARRAY_LENGTH(ram_slots)) {
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+    return PSA_SUCCESS;
+}
+
+static psa_status_t ram_sign(psa_drv_se_context_t *context,
+                             psa_key_slot_number_t slot_number,
+                             psa_algorithm_t alg,
+                             const uint8_t *hash,
+                             size_t hash_length,
+                             uint8_t *signature,
+                             size_t signature_size,
+                             size_t *signature_length)
+{
+    ram_slot_t *slot;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+
+    (void) context;
+    DRIVER_ASSERT_RETURN(slot_number < ARRAY_LENGTH(ram_slots));
+    slot = &ram_slots[slot_number];
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, slot->type);
+    DRIVER_ASSERT(psa_import_key(&attributes,
+                                 slot->content,
+                                 PSA_BITS_TO_BYTES(slot->bits),
+                                 &key) == PSA_SUCCESS);
+    status = psa_sign_hash(key, alg,
+                           hash, hash_length,
+                           signature, signature_size, signature_length);
+
+exit:
+    psa_destroy_key(key);
+    return status;
+}
+
+static psa_status_t ram_verify(psa_drv_se_context_t *context,
+                               psa_key_slot_number_t slot_number,
+                               psa_algorithm_t alg,
+                               const uint8_t *hash,
+                               size_t hash_length,
+                               const uint8_t *signature,
+                               size_t signature_length)
+{
+    ram_slot_t *slot;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+
+    (void) context;
+    DRIVER_ASSERT_RETURN(slot_number < ARRAY_LENGTH(ram_slots));
+    slot = &ram_slots[slot_number];
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, slot->type);
+    DRIVER_ASSERT(psa_import_key(&attributes,
+                                 slot->content,
+                                 PSA_BITS_TO_BYTES(slot->bits),
+                                 &key) ==
+                  PSA_SUCCESS);
+    status = psa_verify_hash(key, alg,
+                             hash, hash_length,
+                             signature, signature_length);
+
+exit:
+    psa_destroy_key(key);
+    return status;
+}
+
+
+/****************************************************************/
+/* Other test helper functions */
+/****************************************************************/
+
+typedef enum {
+    SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION,
+    SIGN_IN_DRIVER_AND_PARALLEL_CREATION,
+    SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC,
+} sign_verify_method_t;
+
+/* Check that the attributes of a key reported by psa_get_key_attributes()
+ * are consistent with the attributes used when creating the key. */
+static int check_key_attributes(
+    mbedtls_svc_key_id_t key,
+    const psa_key_attributes_t *reference_attributes)
+{
+    int ok = 0;
+    psa_key_attributes_t actual_attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_get_key_attributes(key, &actual_attributes));
+
+    TEST_ASSERT(mbedtls_svc_key_id_equal(
+                    psa_get_key_id(&actual_attributes),
+                    psa_get_key_id(reference_attributes)));
+    TEST_EQUAL(psa_get_key_lifetime(&actual_attributes),
+               psa_get_key_lifetime(reference_attributes));
+    TEST_EQUAL(psa_get_key_type(&actual_attributes),
+               psa_get_key_type(reference_attributes));
+    TEST_EQUAL(psa_get_key_usage_flags(&actual_attributes),
+               psa_get_key_usage_flags(reference_attributes));
+    TEST_EQUAL(psa_get_key_algorithm(&actual_attributes),
+               psa_get_key_algorithm(reference_attributes));
+    TEST_EQUAL(psa_get_key_enrollment_algorithm(&actual_attributes),
+               psa_get_key_enrollment_algorithm(reference_attributes));
+    if (psa_get_key_bits(reference_attributes) != 0) {
+        TEST_EQUAL(psa_get_key_bits(&actual_attributes),
+                   psa_get_key_bits(reference_attributes));
+    }
+
+    {
+        psa_key_slot_number_t actual_slot_number = 0xdeadbeef;
+        psa_key_slot_number_t desired_slot_number = 0xb90cc011;
+        psa_key_lifetime_t lifetime =
+            psa_get_key_lifetime(&actual_attributes);
+        psa_status_t status = psa_get_key_slot_number(&actual_attributes,
+                                                      &actual_slot_number);
+        if (PSA_KEY_LIFETIME_GET_LOCATION(lifetime) < MIN_DRIVER_LOCATION) {
+            /* The key is not in a secure element. */
+            TEST_EQUAL(status, PSA_ERROR_INVALID_ARGUMENT);
+        } else {
+            /* The key is in a secure element. If it had been created
+             * in a specific slot, check that it is reported there. */
+            PSA_ASSERT(status);
+            status = psa_get_key_slot_number(reference_attributes,
+                                             &desired_slot_number);
+            if (status == PSA_SUCCESS) {
+                TEST_EQUAL(desired_slot_number, actual_slot_number);
+            }
+        }
+    }
+    ok = 1;
+
+exit:
+    /*
+     * Actual key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&actual_attributes);
+
+    return ok;
+}
+
+/* Get the file UID corresponding to the specified location.
+ * If this changes, the storage format version must change.
+ * See psa_get_se_driver_its_file_uid() in psa_crypto_se.c.
+ */
+psa_storage_uid_t file_uid_for_location(psa_key_location_t location)
+{
+    if (location > PSA_MAX_SE_LOCATION) {
+        return 0;
+    }
+    return 0xfffffe00 + location;
+}
+
+/* Check that the persistent data of a driver has its expected content. */
+static int check_persistent_data(psa_key_location_t location,
+                                 const void *expected_data,
+                                 size_t size)
+{
+    psa_storage_uid_t uid = file_uid_for_location(location);
+    struct psa_storage_info_t info;
+    uint8_t *loaded = NULL;
+    int ok = 0;
+
+    PSA_ASSERT(psa_its_get_info(uid, &info));
+    TEST_CALLOC(loaded, info.size);
+    PSA_ASSERT(psa_its_get(uid, 0, info.size, loaded, NULL));
+    TEST_MEMORY_COMPARE(expected_data, size, loaded, info.size);
+    ok = 1;
+
+exit:
+    mbedtls_free(loaded);
+    return ok;
+}
+
+/* Check that no persistent data exists for the given location. */
+static int check_no_persistent_data(psa_key_location_t location)
+{
+    psa_storage_uid_t uid = file_uid_for_location(location);
+    struct psa_storage_info_t info;
+    int ok = 0;
+
+    TEST_EQUAL(psa_its_get_info(uid, &info), PSA_ERROR_DOES_NOT_EXIST);
+    ok = 1;
+
+exit:
+    return ok;
+}
+
+/* Check that a function's return status is "smoke-free", i.e. that
+ * it's an acceptable error code when calling an API function that operates
+ * on a key with potentially bogus parameters. */
+static int is_status_smoke_free(psa_status_t status)
+{
+    switch (status) {
+        case PSA_SUCCESS:
+        case PSA_ERROR_NOT_SUPPORTED:
+        case PSA_ERROR_NOT_PERMITTED:
+        case PSA_ERROR_BUFFER_TOO_SMALL:
+        case PSA_ERROR_INVALID_ARGUMENT:
+        case PSA_ERROR_INVALID_SIGNATURE:
+        case PSA_ERROR_INVALID_PADDING:
+            return 1;
+        default:
+            return 0;
+    }
+}
+#define SMOKE_ASSERT(expr)                    \
+    TEST_ASSERT(is_status_smoke_free(expr))
+
+/* Smoke test a key. There are mostly no wrong answers here since we pass
+ * mostly bogus parameters: the goal is to ensure that there is no memory
+ * corruption or crash. This test function is most useful when run under
+ * an environment with sanity checks such as ASan or MSan. */
+static int smoke_test_key(mbedtls_svc_key_id_t key)
+{
+    int ok = 0;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_mac_operation_t mac_operation = PSA_MAC_OPERATION_INIT;
+    psa_cipher_operation_t cipher_operation = PSA_CIPHER_OPERATION_INIT;
+#if defined(MBEDTLS_SHA256_C)
+    psa_key_derivation_operation_t derivation_operation =
+        PSA_KEY_DERIVATION_OPERATION_INIT;
+#endif
+    uint8_t buffer[80]; /* large enough for a public key for ECDH */
+    size_t length;
+    mbedtls_svc_key_id_t key2 = MBEDTLS_SVC_KEY_ID_INIT;
+
+    SMOKE_ASSERT(psa_get_key_attributes(key, &attributes));
+
+    SMOKE_ASSERT(psa_export_key(key,
+                                buffer, sizeof(buffer), &length));
+    SMOKE_ASSERT(psa_export_public_key(key,
+                                       buffer, sizeof(buffer), &length));
+
+    SMOKE_ASSERT(psa_copy_key(key, &attributes, &key2));
+    if (!mbedtls_svc_key_id_is_null(key2)) {
+        PSA_ASSERT(psa_destroy_key(key2));
+    }
+
+    SMOKE_ASSERT(psa_mac_sign_setup(&mac_operation, key, PSA_ALG_CMAC));
+    PSA_ASSERT(psa_mac_abort(&mac_operation));
+    SMOKE_ASSERT(psa_mac_verify_setup(&mac_operation, key,
+                                      PSA_ALG_HMAC(PSA_ALG_SHA_256)));
+    PSA_ASSERT(psa_mac_abort(&mac_operation));
+
+    SMOKE_ASSERT(psa_cipher_encrypt_setup(&cipher_operation, key,
+                                          PSA_ALG_CTR));
+    PSA_ASSERT(psa_cipher_abort(&cipher_operation));
+    SMOKE_ASSERT(psa_cipher_decrypt_setup(&cipher_operation, key,
+                                          PSA_ALG_CTR));
+    PSA_ASSERT(psa_cipher_abort(&cipher_operation));
+
+    SMOKE_ASSERT(psa_aead_encrypt(key, PSA_ALG_CCM,
+                                  buffer, sizeof(buffer),
+                                  NULL, 0,
+                                  buffer, sizeof(buffer),
+                                  buffer, sizeof(buffer), &length));
+    SMOKE_ASSERT(psa_aead_decrypt(key, PSA_ALG_CCM,
+                                  buffer, sizeof(buffer),
+                                  NULL, 0,
+                                  buffer, sizeof(buffer),
+                                  buffer, sizeof(buffer), &length));
+
+    SMOKE_ASSERT(psa_sign_hash(key, PSA_ALG_ECDSA_ANY,
+                               buffer, 32,
+                               buffer, sizeof(buffer), &length));
+    SMOKE_ASSERT(psa_verify_hash(key, PSA_ALG_ECDSA_ANY,
+                                 buffer, 32,
+                                 buffer, sizeof(buffer)));
+
+    SMOKE_ASSERT(psa_asymmetric_encrypt(key, PSA_ALG_RSA_PKCS1V15_CRYPT,
+                                        buffer, 10, NULL, 0,
+                                        buffer, sizeof(buffer), &length));
+    SMOKE_ASSERT(psa_asymmetric_decrypt(key, PSA_ALG_RSA_PKCS1V15_CRYPT,
+                                        buffer, sizeof(buffer), NULL, 0,
+                                        buffer, sizeof(buffer), &length));
+
+#if defined(MBEDTLS_SHA256_C)
+    /* Try the key in a plain key derivation. */
+    PSA_ASSERT(psa_key_derivation_setup(&derivation_operation,
+                                        PSA_ALG_HKDF(PSA_ALG_SHA_256)));
+    PSA_ASSERT(psa_key_derivation_input_bytes(&derivation_operation,
+                                              PSA_KEY_DERIVATION_INPUT_SALT,
+                                              NULL, 0));
+    SMOKE_ASSERT(psa_key_derivation_input_key(&derivation_operation,
+                                              PSA_KEY_DERIVATION_INPUT_SECRET,
+                                              key));
+    PSA_ASSERT(psa_key_derivation_abort(&derivation_operation));
+
+    /* If the key is asymmetric, try it in a key agreement, both as
+     * part of a derivation operation and standalone. */
+    if (psa_export_public_key(key, buffer, sizeof(buffer), &length) ==
+        PSA_SUCCESS) {
+        psa_algorithm_t alg =
+            PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,
+                                  PSA_ALG_HKDF(PSA_ALG_SHA_256));
+        PSA_ASSERT(psa_key_derivation_setup(&derivation_operation, alg));
+        PSA_ASSERT(psa_key_derivation_input_bytes(
+                       &derivation_operation, PSA_KEY_DERIVATION_INPUT_SALT,
+                       NULL, 0));
+        SMOKE_ASSERT(psa_key_derivation_key_agreement(
+                         &derivation_operation,
+                         PSA_KEY_DERIVATION_INPUT_SECRET,
+                         key, buffer, length));
+        PSA_ASSERT(psa_key_derivation_abort(&derivation_operation));
+
+        SMOKE_ASSERT(psa_raw_key_agreement(
+                         alg, key, buffer, length,
+                         buffer, sizeof(buffer), &length));
+    }
+#endif /* MBEDTLS_SHA256_C */
+
+    ok = 1;
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    return ok;
+}
+
+static void psa_purge_storage(void)
+{
+    /* The generic code in mbedtls_test_psa_purge_key_storage()
+     * (which is called by PSA_DONE()) doesn't take care of things that are
+     * specific to dynamic secure elements. */
+    psa_key_location_t location;
+    /* Purge the transaction file. */
+    psa_crypto_stop_transaction();
+    /* Purge driver persistent data. */
+    for (location = 0; location < PSA_MAX_SE_LOCATION; location++) {
+        psa_destroy_se_persistent_data(location);
+    }
+}
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_SE_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void register_one(int location, int version, int expected_status_arg)
+{
+    psa_status_t expected_status = expected_status_arg;
+    psa_drv_se_t driver;
+
+    memset(&driver, 0, sizeof(driver));
+    driver.hal_version = version;
+
+    TEST_EQUAL(psa_register_se_driver(location, &driver),
+               expected_status);
+
+    PSA_ASSERT(psa_crypto_init());
+
+exit:
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void register_twice(int count)
+{
+    psa_drv_se_t driver;
+    psa_key_location_t location;
+    psa_key_location_t max = MIN_DRIVER_LOCATION + count;
+
+    memset(&driver, 0, sizeof(driver));
+    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
+
+    for (location = MIN_DRIVER_LOCATION; location < max; location++) {
+        PSA_ASSERT(psa_register_se_driver(location, &driver));
+    }
+    for (location = MIN_DRIVER_LOCATION; location < max; location++) {
+        TEST_EQUAL(psa_register_se_driver(location, &driver),
+                   PSA_ERROR_ALREADY_EXISTS);
+    }
+
+    PSA_ASSERT(psa_crypto_init());
+
+exit:
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void register_max()
+{
+    psa_drv_se_t driver;
+    psa_key_location_t location;
+    psa_key_location_t max = MIN_DRIVER_LOCATION + PSA_MAX_SE_DRIVERS;
+
+    memset(&driver, 0, sizeof(driver));
+    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
+
+    for (location = MIN_DRIVER_LOCATION; location < max; location++) {
+        PSA_ASSERT(psa_register_se_driver(location, &driver));
+    }
+
+    TEST_EQUAL(psa_register_se_driver(location, &driver),
+               PSA_ERROR_INSUFFICIENT_MEMORY);
+
+    PSA_ASSERT(psa_crypto_init());
+
+exit:
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_creation_import_export(int lifetime_arg, int min_slot, int restart)
+{
+    psa_drv_se_t driver;
+    psa_drv_se_key_management_t key_management;
+    psa_key_lifetime_t lifetime = (psa_key_lifetime_t) lifetime_arg;
+    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime);
+    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1);
+    mbedtls_svc_key_id_t returned_id = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_handle_t handle;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    const uint8_t key_material[3] = { 0xfa, 0xca, 0xde };
+    uint8_t exported[sizeof(key_material)];
+    size_t exported_length;
+
+    TEST_USES_KEY_ID(id);
+
+    memset(&driver, 0, sizeof(driver));
+    memset(&key_management, 0, sizeof(key_management));
+    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
+    driver.key_management = &key_management;
+    driver.persistent_data_size = sizeof(ram_slot_usage_t);
+    key_management.p_allocate = ram_allocate;
+    key_management.p_import = ram_import;
+    key_management.p_destroy = ram_destroy;
+    key_management.p_export = ram_export;
+    ram_min_slot = min_slot;
+
+    PSA_ASSERT(psa_register_se_driver(location, &driver));
+    PSA_ASSERT(psa_crypto_init());
+
+    /* Create a key. */
+    psa_set_key_id(&attributes, id);
+    psa_set_key_lifetime(&attributes, lifetime);
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA);
+    PSA_ASSERT(psa_import_key(&attributes,
+                              key_material, sizeof(key_material),
+                              &returned_id));
+
+    if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
+        /* For volatile keys, check no persistent data was created */
+        if (!check_no_persistent_data(location)) {
+            goto exit;
+        }
+    } else {
+        /* For persistent keys, check persistent data */
+        if (!check_persistent_data(location,
+                                   &ram_shadow_slot_usage,
+                                   sizeof(ram_shadow_slot_usage))) {
+            goto exit;
+        }
+    }
+
+    /* Test that the key was created in the expected slot. */
+    TEST_EQUAL(ram_slots[min_slot].type, PSA_KEY_TYPE_RAW_DATA);
+
+    /* Maybe restart, to check that the information is saved correctly. */
+    if (restart) {
+        mbedtls_psa_crypto_free();
+        PSA_ASSERT(psa_register_se_driver(location, &driver));
+        PSA_ASSERT(psa_crypto_init());
+
+        if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
+            /* Check that the PSA core has no knowledge of the volatile key */
+            TEST_ASSERT(psa_open_key(returned_id, &handle) ==
+                        PSA_ERROR_DOES_NOT_EXIST);
+
+            /* Drop data from our mockup driver */
+            ram_slots_reset();
+            ram_min_slot = min_slot;
+
+            /* Re-import key */
+            PSA_ASSERT(psa_import_key(&attributes,
+                                      key_material, sizeof(key_material),
+                                      &returned_id));
+        } else {
+            /* Check the persistent key file */
+            if (!check_persistent_data(location,
+                                       &ram_shadow_slot_usage,
+                                       sizeof(ram_shadow_slot_usage))) {
+                goto exit;
+            }
+        }
+    }
+
+    /* Test that the key was created in the expected slot. */
+    TEST_EQUAL(ram_slots[min_slot].type, PSA_KEY_TYPE_RAW_DATA);
+
+    /* Test the key attributes, including the reported slot number. */
+    psa_set_key_bits(&attributes,
+                     PSA_BYTES_TO_BITS(sizeof(key_material)));
+    psa_set_key_slot_number(&attributes, min_slot);
+
+    if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
+        attributes.core.id = returned_id;
+    } else {
+        psa_set_key_id(&attributes, returned_id);
+    }
+
+    if (!check_key_attributes(returned_id, &attributes)) {
+        goto exit;
+    }
+
+    /* Test the key data. */
+    PSA_ASSERT(psa_export_key(returned_id,
+                              exported, sizeof(exported),
+                              &exported_length));
+    TEST_MEMORY_COMPARE(key_material, sizeof(key_material),
+                        exported, exported_length);
+
+    PSA_ASSERT(psa_destroy_key(returned_id));
+    if (!check_persistent_data(location,
+                               &ram_shadow_slot_usage,
+                               sizeof(ram_shadow_slot_usage))) {
+        goto exit;
+    }
+    TEST_EQUAL(psa_open_key(returned_id, &handle),
+               PSA_ERROR_DOES_NOT_EXIST);
+
+    /* Test that the key has been erased from the designated slot. */
+    TEST_EQUAL(ram_slots[min_slot].type, 0);
+
+exit:
+    PSA_DONE();
+    ram_slots_reset();
+    psa_purge_storage();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_creation_in_chosen_slot(int slot_arg,
+                                 int restart,
+                                 int expected_status_arg)
+{
+    psa_key_slot_number_t wanted_slot = slot_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_status_t status;
+    psa_drv_se_t driver;
+    psa_drv_se_key_management_t key_management;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
+    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime);
+    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1);
+    mbedtls_svc_key_id_t returned_id;
+    psa_key_handle_t handle;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    const uint8_t key_material[3] = { 0xfa, 0xca, 0xde };
+
+    TEST_USES_KEY_ID(id);
+
+    memset(&driver, 0, sizeof(driver));
+    memset(&key_management, 0, sizeof(key_management));
+    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
+    driver.key_management = &key_management;
+    driver.persistent_data_size = sizeof(ram_slot_usage_t);
+    key_management.p_validate_slot_number = ram_validate_slot_number;
+    key_management.p_import = ram_import;
+    key_management.p_destroy = ram_destroy;
+    key_management.p_export = ram_export;
+
+    PSA_ASSERT(psa_register_se_driver(location, &driver));
+    PSA_ASSERT(psa_crypto_init());
+
+    /* Create a key. */
+    psa_set_key_id(&attributes, id);
+    psa_set_key_lifetime(&attributes, lifetime);
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA);
+    psa_set_key_slot_number(&attributes, wanted_slot);
+    status = psa_import_key(&attributes,
+                            key_material, sizeof(key_material),
+                            &returned_id);
+    TEST_EQUAL(status, expected_status);
+
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+    if (!check_persistent_data(location,
+                               &ram_shadow_slot_usage,
+                               sizeof(ram_shadow_slot_usage))) {
+        goto exit;
+    }
+
+    /* Maybe restart, to check that the information is saved correctly. */
+    if (restart) {
+        mbedtls_psa_crypto_free();
+        PSA_ASSERT(psa_register_se_driver(location, &driver));
+        PSA_ASSERT(psa_crypto_init());
+        if (!check_persistent_data(location,
+                                   &ram_shadow_slot_usage,
+                                   sizeof(ram_shadow_slot_usage))) {
+            goto exit;
+        }
+    }
+
+    /* Test that the key was created in the expected slot. */
+    TEST_EQUAL(ram_slots[wanted_slot].type, PSA_KEY_TYPE_RAW_DATA);
+
+    /* Test that the key is reported with the correct attributes,
+     * including the expected slot. */
+    PSA_ASSERT(psa_get_key_attributes(id, &attributes));
+
+    PSA_ASSERT(psa_destroy_key(id));
+    if (!check_persistent_data(location,
+                               &ram_shadow_slot_usage,
+                               sizeof(ram_shadow_slot_usage))) {
+        goto exit;
+    }
+    TEST_EQUAL(psa_open_key(id, &handle), PSA_ERROR_DOES_NOT_EXIST);
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    PSA_DONE();
+    ram_slots_reset();
+    psa_purge_storage();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void import_key_smoke(int type_arg, int alg_arg,
+                      data_t *key_material)
+{
+    psa_key_type_t type = type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_drv_se_t driver;
+    psa_drv_se_key_management_t key_management;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
+    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime);
+    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1);
+    mbedtls_svc_key_id_t returned_id;
+    psa_key_handle_t handle;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    TEST_USES_KEY_ID(id);
+
+    memset(&driver, 0, sizeof(driver));
+    memset(&key_management, 0, sizeof(key_management));
+    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
+    driver.key_management = &key_management;
+    driver.persistent_data_size = sizeof(psa_key_slot_number_t);
+    key_management.p_allocate = counter_allocate;
+    key_management.p_import = null_import;
+    key_management.p_destroy = null_destroy;
+
+    PSA_ASSERT(psa_register_se_driver(location, &driver));
+    PSA_ASSERT(psa_crypto_init());
+
+    /* Create a key. */
+    psa_set_key_id(&attributes, id);
+    psa_set_key_lifetime(&attributes, lifetime);
+    psa_set_key_usage_flags(&attributes,
+                            PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH |
+                            PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT |
+                            PSA_KEY_USAGE_EXPORT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, type);
+    PSA_ASSERT(psa_import_key(&attributes,
+                              key_material->x, key_material->len,
+                              &returned_id));
+    if (!check_persistent_data(location,
+                               &shadow_counter, sizeof(shadow_counter))) {
+        goto exit;
+    }
+
+    /* Do stuff with the key. */
+    if (!smoke_test_key(id)) {
+        goto exit;
+    }
+
+    /* Restart and try again. */
+    mbedtls_psa_crypto_free();
+    PSA_ASSERT(psa_register_se_driver(location, &driver));
+    PSA_ASSERT(psa_crypto_init());
+    if (!check_persistent_data(location,
+                               &shadow_counter, sizeof(shadow_counter))) {
+        goto exit;
+    }
+    if (!smoke_test_key(id)) {
+        goto exit;
+    }
+
+    /* We're done. */
+    PSA_ASSERT(psa_destroy_key(id));
+    if (!check_persistent_data(location,
+                               &shadow_counter, sizeof(shadow_counter))) {
+        goto exit;
+    }
+    TEST_EQUAL(psa_open_key(id, &handle), PSA_ERROR_DOES_NOT_EXIST);
+
+exit:
+    PSA_DONE();
+    counter_reset();
+    psa_purge_storage();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void generate_key_not_supported(int type_arg, int bits_arg)
+{
+    psa_key_type_t type = type_arg;
+    size_t bits = bits_arg;
+    psa_drv_se_t driver;
+    psa_drv_se_key_management_t key_management;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
+    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime);
+    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1);
+    mbedtls_svc_key_id_t returned_id;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    TEST_USES_KEY_ID(id);
+
+    memset(&driver, 0, sizeof(driver));
+    memset(&key_management, 0, sizeof(key_management));
+    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
+    driver.key_management = &key_management;
+    driver.persistent_data_size = sizeof(psa_key_slot_number_t);
+    key_management.p_allocate = counter_allocate;
+    /* No p_generate method */
+
+    PSA_ASSERT(psa_register_se_driver(location, &driver));
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_id(&attributes, id);
+    psa_set_key_lifetime(&attributes, lifetime);
+    psa_set_key_type(&attributes, type);
+    psa_set_key_bits(&attributes, bits);
+    TEST_EQUAL(psa_generate_key(&attributes, &returned_id),
+               PSA_ERROR_NOT_SUPPORTED);
+
+exit:
+    PSA_DONE();
+    counter_reset();
+    psa_purge_storage();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void generate_key_smoke(int type_arg, int bits_arg, int alg_arg)
+{
+    psa_key_type_t type = type_arg;
+    psa_key_bits_t bits = bits_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_drv_se_t driver;
+    psa_drv_se_key_management_t key_management;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
+    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime);
+    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1);
+    mbedtls_svc_key_id_t returned_id;
+    psa_key_handle_t handle;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    TEST_USES_KEY_ID(id);
+
+    memset(&driver, 0, sizeof(driver));
+    memset(&key_management, 0, sizeof(key_management));
+    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
+    driver.key_management = &key_management;
+    driver.persistent_data_size = sizeof(psa_key_slot_number_t);
+    key_management.p_allocate = counter_allocate;
+    key_management.p_generate = null_generate;
+    key_management.p_destroy = null_destroy;
+
+    PSA_ASSERT(psa_register_se_driver(location, &driver));
+    PSA_ASSERT(psa_crypto_init());
+
+    /* Create a key. */
+    psa_set_key_id(&attributes, id);
+    psa_set_key_lifetime(&attributes, lifetime);
+    psa_set_key_usage_flags(&attributes,
+                            PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH |
+                            PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT |
+                            PSA_KEY_USAGE_EXPORT);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, type);
+    psa_set_key_bits(&attributes, bits);
+    PSA_ASSERT(psa_generate_key(&attributes, &returned_id));
+    if (!check_persistent_data(location,
+                               &shadow_counter, sizeof(shadow_counter))) {
+        goto exit;
+    }
+
+    /* Do stuff with the key. */
+    if (!smoke_test_key(id)) {
+        goto exit;
+    }
+
+    /* Restart and try again. */
+    mbedtls_psa_crypto_free();
+    PSA_ASSERT(psa_register_se_driver(location, &driver));
+    PSA_ASSERT(psa_crypto_init());
+    if (!check_persistent_data(location,
+                               &shadow_counter, sizeof(shadow_counter))) {
+        goto exit;
+    }
+    if (!smoke_test_key(id)) {
+        goto exit;
+    }
+
+    /* We're done. */
+    PSA_ASSERT(psa_destroy_key(id));
+    if (!check_persistent_data(location,
+                               &shadow_counter, sizeof(shadow_counter))) {
+        goto exit;
+    }
+    TEST_EQUAL(psa_open_key(id, &handle), PSA_ERROR_DOES_NOT_EXIST);
+
+exit:
+    PSA_DONE();
+    counter_reset();
+    psa_purge_storage();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void sign_verify(int flow,
+                 int type_arg, int alg_arg,
+                 int bits_arg, data_t *key_material,
+                 data_t *input)
+{
+    psa_key_type_t type = type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t bits = bits_arg;
+    /* Pass bits=0 to import, bits>0 to fake-generate */
+    int generating = (bits != 0);
+
+    psa_drv_se_t driver;
+    psa_drv_se_key_management_t key_management;
+    psa_drv_se_asymmetric_t asymmetric;
+
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
+    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime);
+    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1);
+    mbedtls_svc_key_id_t returned_id;
+    mbedtls_svc_key_id_t sw_key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_attributes_t sw_attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_attributes_t drv_attributes;
+    uint8_t signature[PSA_SIGNATURE_MAX_SIZE];
+    size_t signature_length;
+
+    TEST_USES_KEY_ID(id);
+
+    memset(&driver, 0, sizeof(driver));
+    memset(&key_management, 0, sizeof(key_management));
+    memset(&asymmetric, 0, sizeof(asymmetric));
+    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
+    driver.key_management = &key_management;
+    driver.asymmetric = &asymmetric;
+    driver.persistent_data_size = sizeof(ram_slot_usage_t);
+    key_management.p_allocate = ram_allocate;
+    key_management.p_destroy = ram_destroy;
+    if (generating) {
+        key_management.p_generate = ram_fake_generate;
+    } else {
+        key_management.p_import = ram_import;
+    }
+    switch (flow) {
+        case SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:
+            break;
+        case SIGN_IN_DRIVER_AND_PARALLEL_CREATION:
+            asymmetric.p_sign = ram_sign;
+            break;
+        case SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:
+            asymmetric.p_sign = ram_sign;
+            key_management.p_export_public = ram_export_public;
+            break;
+        default:
+            TEST_FAIL("unsupported flow (should be SIGN_IN_xxx)");
+            break;
+    }
+    asymmetric.p_verify = ram_verify;
+
+    PSA_ASSERT(psa_register_se_driver(location, &driver));
+    PSA_ASSERT(psa_crypto_init());
+
+    /* Prepare to create two keys with the same key material: a transparent
+     * key, and one that goes through the driver. */
+    psa_set_key_usage_flags(&sw_attributes,
+                            PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH);
+    psa_set_key_algorithm(&sw_attributes, alg);
+    psa_set_key_type(&sw_attributes, type);
+    drv_attributes = sw_attributes;
+    psa_set_key_id(&drv_attributes, id);
+    psa_set_key_lifetime(&drv_attributes, lifetime);
+
+    /* Create the key in the driver. */
+    if (generating) {
+        psa_set_key_bits(&drv_attributes, bits);
+        PSA_ASSERT(psa_generate_key(&drv_attributes, &returned_id));
+        /* Since we called a generate method that does not actually
+         * generate material, store the desired result of generation in
+         * the mock secure element storage. */
+        PSA_ASSERT(psa_get_key_attributes(id, &drv_attributes));
+        TEST_EQUAL(key_material->len, PSA_BITS_TO_BYTES(bits));
+        memcpy(ram_slots[ram_min_slot].content, key_material->x,
+               key_material->len);
+    } else {
+        PSA_ASSERT(psa_import_key(&drv_attributes,
+                                  key_material->x, key_material->len,
+                                  &returned_id));
+    }
+
+    /* Either import the same key in software, or export the driver's
+     * public key and import that. */
+    switch (flow) {
+        case SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:
+        case SIGN_IN_DRIVER_AND_PARALLEL_CREATION:
+            PSA_ASSERT(psa_import_key(&sw_attributes,
+                                      key_material->x, key_material->len,
+                                      &sw_key));
+            break;
+        case SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:
+        {
+            uint8_t public_key[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)
+            ];
+            size_t public_key_length;
+            PSA_ASSERT(psa_export_public_key(id,
+                                             public_key, sizeof(public_key),
+                                             &public_key_length));
+            psa_set_key_type(&sw_attributes,
+                             PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type));
+            PSA_ASSERT(psa_import_key(&sw_attributes,
+                                      public_key, public_key_length,
+                                      &sw_key));
+            break;
+        }
+    }
+
+    /* Sign with the chosen key. */
+    switch (flow) {
+        case SIGN_IN_DRIVER_AND_PARALLEL_CREATION:
+        case SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:
+            PSA_ASSERT_VIA_DRIVER(
+                psa_sign_hash(id, alg,
+                              input->x, input->len,
+                              signature, sizeof(signature),
+                              &signature_length),
+                PSA_SUCCESS);
+            break;
+        case SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:
+            PSA_ASSERT(psa_sign_hash(sw_key, alg,
+                                     input->x, input->len,
+                                     signature, sizeof(signature),
+                                     &signature_length));
+            break;
+    }
+
+    /* Verify with both keys. */
+    PSA_ASSERT(psa_verify_hash(sw_key, alg,
+                               input->x, input->len,
+                               signature, signature_length));
+    PSA_ASSERT_VIA_DRIVER(
+        psa_verify_hash(id, alg,
+                        input->x, input->len,
+                        signature, signature_length),
+        PSA_SUCCESS);
+
+    /* Change the signature and verify again. */
+    signature[0] ^= 1;
+    TEST_EQUAL(psa_verify_hash(sw_key, alg,
+                               input->x, input->len,
+                               signature, signature_length),
+               PSA_ERROR_INVALID_SIGNATURE);
+    PSA_ASSERT_VIA_DRIVER(
+        psa_verify_hash(id, alg,
+                        input->x, input->len,
+                        signature, signature_length),
+        PSA_ERROR_INVALID_SIGNATURE);
+
+exit:
+    /*
+     * Driver key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&drv_attributes);
+
+    psa_destroy_key(id);
+    psa_destroy_key(sw_key);
+    PSA_DONE();
+    ram_slots_reset();
+    psa_purge_storage();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void register_key_smoke_test(int lifetime_arg,
+                             int owner_id_arg,
+                             int id_arg,
+                             int validate,
+                             int expected_status_arg)
+{
+    psa_key_lifetime_t lifetime = lifetime_arg;
+    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime);
+    psa_status_t expected_status = expected_status_arg;
+    psa_drv_se_t driver;
+    psa_drv_se_key_management_t key_management;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(owner_id_arg, id_arg);
+    psa_key_handle_t handle;
+    size_t bit_size = 48;
+    psa_key_slot_number_t wanted_slot = 0x123456789;
+    psa_status_t status;
+
+    TEST_USES_KEY_ID(id);
+
+    memset(&driver, 0, sizeof(driver));
+    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
+    memset(&key_management, 0, sizeof(key_management));
+    driver.key_management = &key_management;
+    key_management.p_destroy = null_destroy;
+    if (validate >= 0) {
+        key_management.p_validate_slot_number = validate_slot_number_as_directed;
+        validate_slot_number_directions.slot_number = wanted_slot;
+        validate_slot_number_directions.method = PSA_KEY_CREATION_REGISTER;
+        validate_slot_number_directions.status =
+            (validate > 0 ? PSA_SUCCESS : PSA_ERROR_NOT_PERMITTED);
+    }
+
+    mbedtls_test_set_step(1);
+    PSA_ASSERT(psa_register_se_driver(MIN_DRIVER_LOCATION, &driver));
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_id(&attributes, id);
+    psa_set_key_lifetime(&attributes, lifetime);
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA);
+    psa_set_key_bits(&attributes, bit_size);
+    psa_set_key_slot_number(&attributes, wanted_slot);
+
+    status = mbedtls_psa_register_se_key(&attributes);
+    TEST_EQUAL(status, expected_status);
+
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+
+    /* Test that the key exists and has the expected attributes. */
+    if (!check_key_attributes(id, &attributes)) {
+        goto exit;
+    }
+
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+    mbedtls_svc_key_id_t invalid_id =
+        mbedtls_svc_key_id_make(owner_id_arg + 1, id_arg);
+    TEST_EQUAL(psa_open_key(invalid_id, &handle), PSA_ERROR_DOES_NOT_EXIST);
+#endif
+
+    PSA_ASSERT(psa_purge_key(id));
+
+    /* Restart and try again. */
+    mbedtls_test_set_step(2);
+    PSA_SESSION_DONE();
+    PSA_ASSERT(psa_register_se_driver(location, &driver));
+    PSA_ASSERT(psa_crypto_init());
+    if (!check_key_attributes(id, &attributes)) {
+        goto exit;
+    }
+    /* This time, destroy the key. */
+    PSA_ASSERT(psa_destroy_key(id));
+    TEST_EQUAL(psa_open_key(id, &handle), PSA_ERROR_DOES_NOT_EXIST);
+
+exit:
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(id);
+    PSA_DONE();
+    psa_purge_storage();
+    memset(&validate_slot_number_directions, 0,
+           sizeof(validate_slot_number_directions));
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
new file mode 100644
index 0000000..6f28f93
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
@@ -0,0 +1,671 @@
+/* BEGIN_HEADER */
+#include "psa/crypto_se_driver.h"
+
+#include "psa_crypto_se.h"
+#include "psa_crypto_storage.h"
+
+/** The location and lifetime used for tests that use a single driver. */
+#define TEST_DRIVER_LOCATION 1
+#define TEST_SE_PERSISTENT_LIFETIME                             \
+    (PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(           \
+         PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION))
+
+static struct {
+    uint16_t called;
+    psa_key_location_t location;
+    psa_status_t return_value;
+} mock_init_data;
+
+static struct {
+    uint16_t called;
+    psa_key_slot_number_t key_slot;
+    psa_key_attributes_t attributes;
+    size_t pubkey_size;
+    psa_status_t return_value;
+} mock_generate_data;
+
+static struct {
+    uint16_t called;
+    psa_key_slot_number_t key_slot;
+    psa_key_attributes_t attributes;
+    size_t bits;
+    size_t data_length;
+    psa_status_t return_value;
+} mock_import_data;
+
+static struct {
+    uint16_t called;
+    psa_key_slot_number_t slot_number;
+    size_t data_size;
+    psa_status_t return_value;
+} mock_export_data;
+
+static struct {
+    uint16_t called;
+    psa_key_slot_number_t slot_number;
+    size_t data_size;
+    psa_status_t return_value;
+} mock_export_public_data;
+
+static struct {
+    uint16_t called;
+    psa_key_slot_number_t key_slot;
+    psa_algorithm_t alg;
+    size_t hash_length;
+    size_t signature_size;
+    psa_status_t return_value;
+} mock_sign_data;
+
+static struct {
+    uint16_t called;
+    psa_key_slot_number_t key_slot;
+    psa_algorithm_t alg;
+    size_t hash_length;
+    size_t signature_length;
+    psa_status_t return_value;
+} mock_verify_data;
+
+static struct {
+    uint16_t called;
+    psa_status_t return_value;
+} mock_allocate_data;
+
+static struct {
+    uint16_t called;
+    psa_key_slot_number_t slot_number;
+    psa_status_t return_value;
+} mock_destroy_data;
+
+#define MAX_KEY_ID_FOR_TEST 10
+static void psa_purge_storage(void)
+{
+    psa_key_id_t id;
+    psa_key_location_t location;
+
+    /* The tests may have potentially created key ids from 1 to
+     * MAX_KEY_ID_FOR_TEST. In addition, run the destroy function on key id
+     * 0, which file-based storage uses as a temporary file. */
+    for (id = 0; id <= MAX_KEY_ID_FOR_TEST; id++) {
+        psa_destroy_persistent_key(mbedtls_svc_key_id_make(1, id));
+    }
+
+    /* Purge the transaction file. */
+    psa_crypto_stop_transaction();
+    /* Purge driver persistent data. */
+    for (location = 0; location < PSA_MAX_SE_LOCATION; location++) {
+        psa_destroy_se_persistent_data(location);
+    }
+}
+
+static void mock_teardown(void)
+{
+    memset(&mock_init_data, 0, sizeof(mock_init_data));
+    memset(&mock_import_data, 0, sizeof(mock_import_data));
+    memset(&mock_export_data, 0, sizeof(mock_export_data));
+    memset(&mock_export_public_data, 0, sizeof(mock_export_public_data));
+    memset(&mock_sign_data, 0, sizeof(mock_sign_data));
+    memset(&mock_verify_data, 0, sizeof(mock_verify_data));
+    memset(&mock_allocate_data, 0, sizeof(mock_allocate_data));
+    memset(&mock_destroy_data, 0, sizeof(mock_destroy_data));
+    memset(&mock_generate_data, 0, sizeof(mock_generate_data));
+    psa_purge_storage();
+}
+
+static psa_status_t mock_init(psa_drv_se_context_t *drv_context,
+                              void *persistent_data,
+                              psa_key_location_t location)
+{
+    (void) drv_context;
+    (void) persistent_data;
+
+    mock_init_data.called++;
+    mock_init_data.location = location;
+    return mock_init_data.return_value;
+}
+
+static psa_status_t mock_generate(psa_drv_se_context_t *drv_context,
+                                  psa_key_slot_number_t key_slot,
+                                  const psa_key_attributes_t *attributes,
+                                  uint8_t *pubkey,
+                                  size_t pubkey_size,
+                                  size_t *pubkey_length)
+{
+    (void) drv_context;
+    (void) pubkey;
+    (void) pubkey_length;
+
+    mock_generate_data.called++;
+    mock_generate_data.key_slot = key_slot;
+    mock_generate_data.attributes = *attributes;
+    mock_generate_data.pubkey_size = pubkey_size;
+
+    return mock_generate_data.return_value;
+}
+
+static psa_status_t mock_import(psa_drv_se_context_t *drv_context,
+                                psa_key_slot_number_t key_slot,
+                                const psa_key_attributes_t *attributes,
+                                const uint8_t *data,
+                                size_t data_length,
+                                size_t *bits)
+{
+    (void) drv_context;
+    (void) data;
+
+    *bits = mock_import_data.bits;
+
+    mock_import_data.called++;
+    mock_import_data.key_slot = key_slot;
+    mock_import_data.attributes = *attributes;
+    mock_import_data.data_length = data_length;
+
+    return mock_import_data.return_value;
+}
+
+psa_status_t mock_export(psa_drv_se_context_t *context,
+                         psa_key_slot_number_t slot_number,
+                         uint8_t *p_data,
+                         size_t data_size,
+                         size_t *p_data_length)
+{
+    (void) context;
+    (void) p_data;
+    (void) p_data_length;
+
+    mock_export_data.called++;
+    mock_export_data.slot_number = slot_number;
+    mock_export_data.data_size = data_size;
+
+    return mock_export_data.return_value;
+}
+
+psa_status_t mock_export_public(psa_drv_se_context_t *context,
+                                psa_key_slot_number_t slot_number,
+                                uint8_t *p_data,
+                                size_t data_size,
+                                size_t *p_data_length)
+{
+    (void) context;
+    (void) p_data;
+    (void) p_data_length;
+
+    mock_export_public_data.called++;
+    mock_export_public_data.slot_number = slot_number;
+    mock_export_public_data.data_size = data_size;
+
+    return mock_export_public_data.return_value;
+}
+
+psa_status_t mock_sign(psa_drv_se_context_t *context,
+                       psa_key_slot_number_t key_slot,
+                       psa_algorithm_t alg,
+                       const uint8_t *p_hash,
+                       size_t hash_length,
+                       uint8_t *p_signature,
+                       size_t signature_size,
+                       size_t *p_signature_length)
+{
+    (void) context;
+    (void) p_hash;
+    (void) p_signature;
+    (void) p_signature_length;
+
+    mock_sign_data.called++;
+    mock_sign_data.key_slot = key_slot;
+    mock_sign_data.alg = alg;
+    mock_sign_data.hash_length = hash_length;
+    mock_sign_data.signature_size = signature_size;
+
+    return mock_sign_data.return_value;
+}
+
+psa_status_t mock_verify(psa_drv_se_context_t *context,
+                         psa_key_slot_number_t key_slot,
+                         psa_algorithm_t alg,
+                         const uint8_t *p_hash,
+                         size_t hash_length,
+                         const uint8_t *p_signature,
+                         size_t signature_length)
+{
+    (void) context;
+    (void) p_hash;
+    (void) p_signature;
+
+    mock_verify_data.called++;
+    mock_verify_data.key_slot = key_slot;
+    mock_verify_data.alg = alg;
+    mock_verify_data.hash_length = hash_length;
+    mock_verify_data.signature_length = signature_length;
+
+    return mock_verify_data.return_value;
+}
+
+psa_status_t mock_allocate(psa_drv_se_context_t *drv_context,
+                           void *persistent_data,
+                           const psa_key_attributes_t *attributes,
+                           psa_key_creation_method_t method,
+                           psa_key_slot_number_t *key_slot)
+{
+    (void) drv_context;
+    (void) persistent_data;
+    (void) attributes;
+    (void) method;
+    (void) key_slot;
+
+    mock_allocate_data.called++;
+    *key_slot = 0;
+
+    return mock_allocate_data.return_value;
+}
+
+psa_status_t mock_destroy(psa_drv_se_context_t *context,
+                          void *persistent_data,
+                          psa_key_slot_number_t slot_number)
+{
+    (void) context;
+    (void) persistent_data;
+
+    mock_destroy_data.called++;
+    mock_destroy_data.slot_number = slot_number;
+
+    return mock_destroy_data.return_value;
+}
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_SE_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void mock_init(int location_arg,
+               int expected_register_status_arg,
+               int driver_status_arg,
+               int expected_psa_status_arg,
+               int expected_called)
+{
+    psa_key_location_t location = location_arg;
+    psa_status_t expected_register_status = expected_register_status_arg;
+    psa_status_t driver_status = driver_status_arg;
+    psa_status_t expected_psa_status = expected_psa_status_arg;
+    psa_drv_se_t driver = {
+        .hal_version = PSA_DRV_SE_HAL_VERSION,
+        .p_init = mock_init,
+    };
+    int psa_crypto_init_called = 0;
+
+    mock_init_data.return_value = driver_status;
+
+    TEST_EQUAL(psa_register_se_driver(location, &driver),
+               expected_register_status);
+
+    psa_crypto_init_called = 1;
+    TEST_EQUAL(psa_crypto_init(), expected_psa_status);
+
+    TEST_EQUAL(mock_init_data.called, expected_called);
+    if (expected_called) {
+        TEST_EQUAL(mock_init_data.location, location);
+    }
+
+exit:
+    if (psa_crypto_init_called) {
+        PSA_DONE();
+    }
+    mock_teardown();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mock_import(int mock_alloc_return_value,
+                 int mock_import_return_value,
+                 int bits,
+                 int expected_result)
+{
+    psa_drv_se_t driver;
+    psa_drv_se_key_management_t key_management;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
+    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime);
+    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1);
+    mbedtls_svc_key_id_t returned_id;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    const uint8_t key_material[3] = { 0xfa, 0xca, 0xde };
+
+    mock_allocate_data.return_value = mock_alloc_return_value;
+    mock_import_data.return_value = mock_import_return_value;
+    mock_import_data.bits = bits;
+    memset(&driver, 0, sizeof(driver));
+    memset(&key_management, 0, sizeof(key_management));
+    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
+    driver.key_management = &key_management;
+    key_management.p_import = mock_import;
+    key_management.p_destroy = mock_destroy;
+    key_management.p_allocate = mock_allocate;
+
+    PSA_ASSERT(psa_register_se_driver(location, &driver));
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_id(&attributes, id);
+    psa_set_key_lifetime(&attributes, lifetime);
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA);
+    TEST_ASSERT(psa_import_key(&attributes,
+                               key_material, sizeof(key_material),
+                               &returned_id) == expected_result);
+
+    TEST_ASSERT(mock_allocate_data.called == 1);
+    TEST_ASSERT(mock_import_data.called ==
+                (mock_alloc_return_value == PSA_SUCCESS ? 1 : 0));
+
+    if (mock_alloc_return_value == PSA_SUCCESS) {
+        TEST_ASSERT(mbedtls_svc_key_id_equal(
+                        mock_import_data.attributes.core.id, id));
+    } else {
+        TEST_ASSERT(MBEDTLS_SVC_KEY_ID_GET_KEY_ID(
+                        mock_import_data.attributes.core.id) == 0);
+        TEST_ASSERT(MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(
+                        mock_import_data.attributes.core.id) == 0);
+    }
+
+    TEST_ASSERT(mock_import_data.attributes.core.lifetime ==
+                (mock_alloc_return_value == PSA_SUCCESS ? lifetime : 0));
+    TEST_ASSERT(mock_import_data.attributes.core.policy.usage ==
+                (mock_alloc_return_value == PSA_SUCCESS ? PSA_KEY_USAGE_EXPORT : 0));
+    TEST_ASSERT(mock_import_data.attributes.core.type ==
+                (mock_alloc_return_value == PSA_SUCCESS ? PSA_KEY_TYPE_RAW_DATA : 0));
+
+    if (expected_result == PSA_SUCCESS) {
+        PSA_ASSERT(psa_destroy_key(id));
+        TEST_ASSERT(mock_destroy_data.called == 1);
+    }
+exit:
+    PSA_DONE();
+    mock_teardown();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mock_export(int mock_export_return_value, int expected_result)
+{
+    psa_drv_se_t driver;
+    psa_drv_se_key_management_t key_management;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
+    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime);
+    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1);
+    mbedtls_svc_key_id_t returned_id;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    const uint8_t key_material[3] = { 0xfa, 0xca, 0xde };
+    uint8_t exported[sizeof(key_material)];
+    size_t exported_length;
+
+    mock_export_data.return_value = mock_export_return_value;
+    memset(&driver, 0, sizeof(driver));
+    memset(&key_management, 0, sizeof(key_management));
+    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
+    driver.key_management = &key_management;
+    driver.p_init = mock_init;
+    key_management.p_import = mock_import;
+    key_management.p_export = mock_export;
+    key_management.p_destroy = mock_destroy;
+    key_management.p_allocate = mock_allocate;
+
+    PSA_ASSERT(psa_register_se_driver(location, &driver));
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_id(&attributes, id);
+    psa_set_key_lifetime(&attributes, lifetime);
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA);
+    PSA_ASSERT(psa_import_key(&attributes,
+                              key_material, sizeof(key_material),
+                              &returned_id));
+
+    TEST_ASSERT(psa_export_key(id,
+                               exported, sizeof(exported),
+                               &exported_length) == expected_result);
+
+    TEST_ASSERT(mock_export_data.called == 1);
+
+    PSA_ASSERT(psa_destroy_key(id));
+
+    TEST_ASSERT(mock_destroy_data.called == 1);
+
+exit:
+    PSA_DONE();
+    mock_teardown();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mock_generate(int mock_alloc_return_value,
+                   int mock_generate_return_value,
+                   int expected_result)
+{
+    psa_drv_se_t driver;
+    psa_drv_se_key_management_t key_management;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
+    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime);
+    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1);
+    mbedtls_svc_key_id_t returned_id;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    mock_allocate_data.return_value = mock_alloc_return_value;
+    mock_generate_data.return_value = mock_generate_return_value;
+    memset(&driver, 0, sizeof(driver));
+    memset(&key_management, 0, sizeof(key_management));
+    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
+    driver.key_management = &key_management;
+    key_management.p_generate = mock_generate;
+    key_management.p_destroy = mock_destroy;
+    key_management.p_allocate = mock_allocate;
+
+    PSA_ASSERT(psa_register_se_driver(location, &driver));
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_id(&attributes, id);
+    psa_set_key_lifetime(&attributes, lifetime);
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA);
+    psa_set_key_bits(&attributes, 8);
+    TEST_ASSERT(psa_generate_key(&attributes, &returned_id) == expected_result);
+    TEST_ASSERT(mock_allocate_data.called == 1);
+    TEST_ASSERT(mock_generate_data.called ==
+                (mock_alloc_return_value == PSA_SUCCESS ? 1 : 0));
+
+    if (mock_alloc_return_value == PSA_SUCCESS) {
+        TEST_ASSERT(mbedtls_svc_key_id_equal(
+                        mock_generate_data.attributes.core.id, id));
+    } else {
+        TEST_ASSERT(MBEDTLS_SVC_KEY_ID_GET_KEY_ID(
+                        mock_generate_data.attributes.core.id) == 0);
+        TEST_ASSERT(MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(
+                        mock_generate_data.attributes.core.id) == 0);
+    }
+
+    TEST_ASSERT(mock_generate_data.attributes.core.lifetime ==
+                (mock_alloc_return_value == PSA_SUCCESS ? lifetime : 0));
+    TEST_ASSERT(mock_generate_data.attributes.core.policy.usage ==
+                (mock_alloc_return_value == PSA_SUCCESS ? PSA_KEY_USAGE_EXPORT : 0));
+    TEST_ASSERT(mock_generate_data.attributes.core.type ==
+                (mock_alloc_return_value == PSA_SUCCESS ? PSA_KEY_TYPE_RAW_DATA : 0));
+
+    if (expected_result == PSA_SUCCESS) {
+        PSA_ASSERT(psa_destroy_key(id));
+        TEST_ASSERT(mock_destroy_data.called == 1);
+    }
+
+exit:
+    PSA_DONE();
+    mock_teardown();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mock_export_public(int mock_export_public_return_value,
+                        int expected_result)
+{
+    psa_drv_se_t driver;
+    psa_drv_se_key_management_t key_management;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
+    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime);
+    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1);
+    mbedtls_svc_key_id_t returned_id;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    const uint8_t key_material[3] = { 0xfa, 0xca, 0xde };
+    uint8_t exported[sizeof(key_material)];
+    size_t exported_length;
+
+    mock_export_public_data.return_value = mock_export_public_return_value;
+    memset(&driver, 0, sizeof(driver));
+    memset(&key_management, 0, sizeof(key_management));
+    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
+    driver.key_management = &key_management;
+    key_management.p_import = mock_import;
+    key_management.p_export_public = mock_export_public;
+    key_management.p_destroy = mock_destroy;
+    key_management.p_allocate = mock_allocate;
+
+    PSA_ASSERT(psa_register_se_driver(location, &driver));
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_id(&attributes, id);
+    psa_set_key_lifetime(&attributes, lifetime);
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_RSA_PUBLIC_KEY);
+
+    PSA_ASSERT(psa_import_key(&attributes,
+                              key_material, sizeof(key_material),
+                              &returned_id));
+
+    TEST_ASSERT(psa_export_public_key(id, exported, sizeof(exported),
+                                      &exported_length) == expected_result);
+    TEST_ASSERT(mock_export_public_data.called == 1);
+
+    PSA_ASSERT(psa_destroy_key(id));
+    TEST_ASSERT(mock_destroy_data.called == 1);
+
+exit:
+    PSA_DONE();
+    mock_teardown();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mock_sign(int mock_sign_return_value, int expected_result)
+{
+    psa_drv_se_t driver;
+    psa_drv_se_key_management_t key_management;
+    psa_drv_se_asymmetric_t asymmetric;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
+    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime);
+    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1);
+    mbedtls_svc_key_id_t returned_id;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    const uint8_t key_material[3] = { 0xfa, 0xca, 0xde };
+    psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256);
+    const uint8_t hash[1] = { 'H' };
+    uint8_t signature[1] = { 'S' };
+    size_t signature_length;
+
+    mock_sign_data.return_value = mock_sign_return_value;
+    memset(&driver, 0, sizeof(driver));
+    memset(&key_management, 0, sizeof(key_management));
+    memset(&asymmetric, 0, sizeof(asymmetric));
+
+    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
+
+    driver.key_management = &key_management;
+    key_management.p_import = mock_import;
+    key_management.p_destroy = mock_destroy;
+    key_management.p_allocate = mock_allocate;
+
+    driver.asymmetric = &asymmetric;
+    asymmetric.p_sign = mock_sign;
+
+    PSA_ASSERT(psa_register_se_driver(location, &driver));
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_id(&attributes, id);
+    psa_set_key_lifetime(&attributes, lifetime);
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH);
+    psa_set_key_algorithm(&attributes, algorithm);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_RSA_KEY_PAIR);
+
+    PSA_ASSERT(psa_import_key(&attributes,
+                              key_material, sizeof(key_material),
+                              &returned_id));
+
+    TEST_ASSERT(psa_sign_hash(id, algorithm,
+                              hash, sizeof(hash),
+                              signature, sizeof(signature),
+                              &signature_length)
+                == expected_result);
+    TEST_ASSERT(mock_sign_data.called == 1);
+
+    PSA_ASSERT(psa_destroy_key(id));
+    TEST_ASSERT(mock_destroy_data.called == 1);
+
+exit:
+    PSA_DONE();
+    mock_teardown();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mock_verify(int mock_verify_return_value, int expected_result)
+{
+    psa_drv_se_t driver;
+    psa_drv_se_key_management_t key_management;
+    psa_drv_se_asymmetric_t asymmetric;
+    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
+    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime);
+    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1);
+    mbedtls_svc_key_id_t returned_id;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    const uint8_t key_material[3] = { 0xfa, 0xca, 0xde };
+    psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256);
+    const uint8_t hash[1] = { 'H' };
+    const uint8_t signature[1] = { 'S' };
+
+    mock_verify_data.return_value = mock_verify_return_value;
+    memset(&driver, 0, sizeof(driver));
+    memset(&key_management, 0, sizeof(key_management));
+    memset(&asymmetric, 0, sizeof(asymmetric));
+
+    driver.hal_version = PSA_DRV_SE_HAL_VERSION;
+
+    driver.key_management = &key_management;
+    key_management.p_import = mock_import;
+    key_management.p_destroy = mock_destroy;
+    key_management.p_allocate = mock_allocate;
+
+    driver.asymmetric = &asymmetric;
+    asymmetric.p_verify = mock_verify;
+
+    PSA_ASSERT(psa_register_se_driver(location, &driver));
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_id(&attributes, id);
+    psa_set_key_lifetime(&attributes, lifetime);
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH);
+    psa_set_key_algorithm(&attributes, algorithm);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA);
+
+    PSA_ASSERT(psa_import_key(&attributes,
+                              key_material, sizeof(key_material),
+                              &returned_id));
+
+    TEST_ASSERT(psa_verify_hash(id, algorithm,
+                                hash, sizeof(hash),
+                                signature, sizeof(signature))
+                == expected_result);
+    TEST_ASSERT(mock_verify_data.called == 1);
+
+    PSA_ASSERT(psa_destroy_key(id));
+    TEST_ASSERT(mock_destroy_data.called == 1);
+
+exit:
+    PSA_DONE();
+    mock_teardown();
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_slot_management.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_slot_management.data
new file mode 100644
index 0000000..1477734
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_slot_management.data
@@ -0,0 +1,238 @@
+Transient slot, check after closing
+transient_slot_lifecycle:0x1:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING
+
+Transient slot, check after closing and restarting
+transient_slot_lifecycle:0x13:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN
+
+Transient slot, check after destroying
+transient_slot_lifecycle:0x135:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING
+
+Transient slot, check after destroying and restarting
+transient_slot_lifecycle:0x1357:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN
+
+Transient slot, check after restart with live handles
+transient_slot_lifecycle:0x13579:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN
+
+Persistent slot, check after closing, id=min
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:124:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING
+
+Persistent slot, check after closing and restarting, id=min
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:125:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN
+
+Persistent slot, check after destroying, id=min
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:126:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING
+
+Persistent slot, check after destroying and restarting, id=min
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:127:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN
+
+Persistent slot, check after purging, id=min
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:200:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING
+
+Persistent slot, check after purging and restarting, id=min
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:201:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING_WITH_SHUTDOWN
+
+Persistent slot, check after restart with live handle, id=min
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:128:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN
+
+Persistent slot, check after closing, id=max
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:129:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING
+
+Persistent slot, check after destroying, id=max
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:130:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING
+
+Persistent slot, check after purging, id=max
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:202:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING
+
+Persistent slot, check after restart, id=max
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:131:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN
+
+Persistent slot: ECP keypair (ECDSA, exportable), close
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:132:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING
+
+Persistent slot: ECP keypair (ECDSA, exportable), close+restart
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:133:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN
+
+Persistent slot: ECP keypair (ECDSA, exportable), purge
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:132:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_PURGING
+
+Persistent slot: ECP keypair (ECDSA, exportable), restart
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:134:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_SHUTDOWN
+
+Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:135:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING
+
+Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close+restart
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:136:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN
+
+Persistent slot: ECP keypair (ECDH+ECDSA, exportable), purge
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:135:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_PURGING
+
+Persistent slot: ECP keypair (ECDH+ECDSA, exportable), restart
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:137:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_SHUTDOWN
+
+Persistent slot, check after closing, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):124:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING
+
+Persistent slot, check after closing and restarting, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):125:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN
+
+Persistent slot, check after destroying, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):126:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING
+
+Persistent slot, check after destroying and restarting, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):127:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN
+
+Persistent slot, check after purging, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):200:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING
+
+Persistent slot, check after purging and restarting, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):201:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING_WITH_SHUTDOWN
+
+Persistent slot, check after restart with live handle, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):128:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN
+
+Attempt to overwrite: close before
+create_existent:PSA_KEY_LIFETIME_PERSISTENT:0x1736:1:CLOSE_BEFORE
+
+Attempt to overwrite: close after
+create_existent:PSA_KEY_LIFETIME_PERSISTENT:0x7361:1:CLOSE_AFTER
+
+Attempt to overwrite: keep open
+create_existent:PSA_KEY_LIFETIME_PERSISTENT:0x3617:1:KEEP_OPEN
+
+Open failure: invalid identifier (0)
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+open_fail:0:PSA_ERROR_DOES_NOT_EXIST
+
+Open failure: invalid identifier (random seed UID)
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+open_fail:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_DOES_NOT_EXIST
+
+Open failure: invalid identifier (reserved range)
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+open_fail:PSA_KEY_ID_VENDOR_MAX + 1:PSA_ERROR_DOES_NOT_EXIST
+
+Open failure: invalid identifier (implementation range)
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+open_fail:PSA_KEY_ID_USER_MAX + 1:PSA_ERROR_DOES_NOT_EXIST
+
+Open failure: non-existent identifier
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+open_fail:1:PSA_ERROR_DOES_NOT_EXIST
+
+Create failure: read-only key
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, PSA_KEY_LOCATION_LOCAL_STORAGE):1:PSA_ERROR_INVALID_ARGUMENT
+
+Create failure: invalid location for a persistent key
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, 0xbad10cU):1:PSA_ERROR_INVALID_ARGUMENT
+
+Create failure: invalid location for a volatile key
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, 0xbad10cU):0:PSA_ERROR_INVALID_ARGUMENT
+
+Create failure: invalid key id (0) for a persistent key
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_ERROR_INVALID_ARGUMENT
+
+Create failure: invalid key id (1) for a volatile key
+create_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT
+
+Create failure: invalid key id (random seed UID)
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_ARGUMENT
+
+Create failure: invalid key id (reserved range)
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_VENDOR_MAX + 1:PSA_ERROR_INVALID_ARGUMENT
+
+Create failure: invalid key id (implementation range)
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX + 1:PSA_ERROR_INVALID_ARGUMENT
+
+Open not supported
+depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C:!MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
+open_fail:1:PSA_ERROR_NOT_SUPPORTED
+
+Create not supported
+depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED
+
+Copy volatile to volatile
+copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0x10:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0x10:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
+
+Copy volatile to persistent
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0x100:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:0x100:1:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
+
+Copy persistent to volatile
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x1000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0x1000:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
+
+Copy persistent to persistent
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x10000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:0x10000:2:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
+
+Copy persistent to persistent, same id but different owner
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C:MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
+copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x10000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:0x10001:1:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
+
+Copy persistent to persistent with enrollment algorithm
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x100000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:0x100000:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING
+
+Copy volatile to occupied
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_to_occupied:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f"
+
+Copy persistent to occupied
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_to_occupied:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f"
+
+Copy persistent to same
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_to_occupied:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f"
+
+invalid handle: 0
+invalid_handle:INVALID_HANDLE_0:PSA_SUCCESS
+
+invalid handle: never opened
+invalid_handle:INVALID_HANDLE_UNOPENED:PSA_ERROR_INVALID_HANDLE
+
+invalid handle: already closed
+invalid_handle:INVALID_HANDLE_CLOSED:PSA_ERROR_INVALID_HANDLE
+
+invalid handle: huge
+invalid_handle:INVALID_HANDLE_HUGE:PSA_ERROR_INVALID_HANDLE
+
+Open many transient keys
+many_transient_keys:42
+
+# Eviction from a key slot to be able to import a new persistent key.
+Key slot eviction to import a new persistent key
+key_slot_eviction_to_import_new_key:PSA_KEY_LIFETIME_PERSISTENT
+
+# Eviction from a key slot to be able to import a new volatile key.
+Key slot eviction to import a new volatile key
+key_slot_eviction_to_import_new_key:PSA_KEY_LIFETIME_VOLATILE
+
+# Check that non reusable key slots are not deleted/overwritten in case of key
+# slot starvation:
+# . An attempt to access a persistent key while all RAM key slots are occupied
+#   by volatile keys fails and does not lead to volatile key data to be
+#   spoiled.
+# . With all key slot in use with one containing a persistent key, an attempt
+#   to copy the persistent key fails (the persistent key slot cannot be
+#   reclaimed as it is accessed by the copy process) without the persistent key
+#   data and volatile key data being spoiled.
+Non reusable key slots integrity in case of key slot starvation
+non_reusable_key_slots_integrity_in_case_of_key_slot_starvation
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_slot_management.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_slot_management.function
new file mode 100644
index 0000000..5bd12eb
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -0,0 +1,1044 @@
+/* BEGIN_HEADER */
+#include <stdint.h>
+
+#include "psa_crypto_slot_management.h"
+#include "psa_crypto_storage.h"
+
+typedef enum {
+    /**< Close key(s) */
+    INVALIDATE_BY_CLOSING,
+
+    /**< Destroy key(s) */
+    INVALIDATE_BY_DESTROYING,
+
+    /**< Purge key(s) */
+    INVALIDATE_BY_PURGING,
+
+    /**< Terminate and reinitialize without closing/destroying keys */
+    INVALIDATE_BY_SHUTDOWN,
+
+    /**< Close key(s) then terminate and re-initialize */
+    INVALIDATE_BY_CLOSING_WITH_SHUTDOWN,
+
+    /**< Destroy key(s) then terminate and re-initialize */
+    INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN,
+
+    /**< Purge key(s) then terminate and re-initialize */
+    INVALIDATE_BY_PURGING_WITH_SHUTDOWN,
+} invalidate_method_t;
+
+typedef enum {
+    KEEP_OPEN,
+    CLOSE_BEFORE,
+    CLOSE_AFTER,
+} reopen_policy_t;
+
+typedef enum {
+    INVALID_HANDLE_0,
+    INVALID_HANDLE_UNOPENED,
+    INVALID_HANDLE_CLOSED,
+    INVALID_HANDLE_HUGE,
+} invalid_handle_construction_t;
+
+/** Apply \p invalidate_method to invalidate the specified key:
+ * close it, destroy it, or do nothing;
+ */
+static int invalidate_key(invalidate_method_t invalidate_method,
+                          mbedtls_svc_key_id_t key)
+{
+    switch (invalidate_method) {
+        /* Closing the key invalidate only volatile keys, not persistent ones. */
+        case INVALIDATE_BY_CLOSING:
+        case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN:
+            PSA_ASSERT(psa_close_key(key));
+            break;
+        case INVALIDATE_BY_DESTROYING:
+        case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN:
+            PSA_ASSERT(psa_destroy_key(key));
+            break;
+        /* Purging the key just purges RAM data of persistent keys. */
+        case INVALIDATE_BY_PURGING:
+        case INVALIDATE_BY_PURGING_WITH_SHUTDOWN:
+            PSA_ASSERT(psa_purge_key(key));
+            break;
+        case INVALIDATE_BY_SHUTDOWN:
+            break;
+    }
+    return 1;
+exit:
+    return 0;
+}
+
+/** Restart the PSA subsystem if \p invalidate_method says so. */
+static int invalidate_psa(invalidate_method_t invalidate_method)
+{
+    switch (invalidate_method) {
+        case INVALIDATE_BY_CLOSING:
+        case INVALIDATE_BY_DESTROYING:
+        case INVALIDATE_BY_PURGING:
+            return 1;
+        case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN:
+        case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN:
+        case INVALIDATE_BY_PURGING_WITH_SHUTDOWN:
+            /* All keys must have been closed. */
+            PSA_SESSION_DONE();
+            break;
+        case INVALIDATE_BY_SHUTDOWN:
+            /* Some keys may remain behind, and we're testing that this
+             * properly closes them. */
+            mbedtls_psa_crypto_free();
+            break;
+    }
+
+    PSA_ASSERT(psa_crypto_init());
+    ASSERT_PSA_PRISTINE();
+    return 1;
+
+exit:
+    return 0;
+}
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void transient_slot_lifecycle(int owner_id_arg,
+                              int usage_arg, int alg_arg,
+                              int type_arg, data_t *key_data,
+                              int invalidate_method_arg)
+{
+    psa_algorithm_t alg = alg_arg;
+    psa_key_usage_t usage_flags = usage_arg;
+    psa_key_type_t type = type_arg;
+    invalidate_method_t invalidate_method = invalidate_method_arg;
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    mbedtls_test_set_step(1);
+    PSA_ASSERT(psa_crypto_init());
+
+    /* Import a key. */
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+    mbedtls_key_owner_id_t owner_id = owner_id_arg;
+
+    mbedtls_set_key_owner_id(&attributes, owner_id);
+#else
+    (void) owner_id_arg;
+#endif
+
+    psa_set_key_usage_flags(&attributes, usage_flags);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, type);
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &key));
+    TEST_ASSERT(!mbedtls_svc_key_id_is_null(key));
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    TEST_EQUAL(psa_get_key_type(&attributes), type);
+    psa_reset_key_attributes(&attributes);
+
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+    {
+        psa_key_handle_t handle;
+        mbedtls_svc_key_id_t key_with_invalid_owner =
+            mbedtls_svc_key_id_make(owner_id + 1,
+                                    MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key));
+
+        TEST_ASSERT(mbedtls_key_owner_id_equal(
+                        owner_id,
+                        MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(key)));
+        TEST_EQUAL(psa_open_key(key_with_invalid_owner, &handle),
+                   PSA_ERROR_DOES_NOT_EXIST);
+    }
+#endif
+
+    /*
+     * Purge the key and make sure that it is still valid, as purging a
+     * volatile key shouldn't invalidate/destroy it.
+     */
+    PSA_ASSERT(psa_purge_key(key));
+    PSA_ASSERT(psa_get_key_attributes(key, &attributes));
+    TEST_EQUAL(psa_get_key_type(&attributes), type);
+    psa_reset_key_attributes(&attributes);
+
+    /* Do something that invalidates the key. */
+    mbedtls_test_set_step(2);
+    if (!invalidate_key(invalidate_method, key)) {
+        goto exit;
+    }
+    if (!invalidate_psa(invalidate_method)) {
+        goto exit;
+    }
+
+    /* Test that the key is now invalid. */
+    TEST_EQUAL(psa_get_key_attributes(key, &attributes),
+               PSA_ERROR_INVALID_HANDLE);
+    TEST_EQUAL(psa_close_key(key), PSA_ERROR_INVALID_HANDLE);
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
+void persistent_slot_lifecycle(int lifetime_arg, int owner_id_arg, int id_arg,
+                               int usage_arg, int alg_arg, int alg2_arg,
+                               int type_arg, data_t *key_data,
+                               int invalidate_method_arg)
+{
+    psa_key_lifetime_t lifetime = lifetime_arg;
+    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(owner_id_arg, id_arg);
+    psa_algorithm_t alg = alg_arg;
+    psa_algorithm_t alg2 = alg2_arg;
+    psa_key_usage_t usage_flags = usage_arg;
+    psa_key_type_t type = type_arg;
+    invalidate_method_t invalidate_method = invalidate_method_arg;
+    mbedtls_svc_key_id_t returned_id = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_handle_t handle = PSA_KEY_HANDLE_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_attributes_t read_attributes = PSA_KEY_ATTRIBUTES_INIT;
+    uint8_t *reexported = NULL;
+    size_t reexported_length = -1;
+
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+    mbedtls_svc_key_id_t wrong_owner_id =
+        mbedtls_svc_key_id_make(owner_id_arg + 1, id_arg);
+    mbedtls_svc_key_id_t invalid_svc_key_id = MBEDTLS_SVC_KEY_ID_INIT;
+#endif
+
+    TEST_USES_KEY_ID(id);
+
+    mbedtls_test_set_step(1);
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_id(&attributes, id);
+    psa_set_key_lifetime(&attributes, lifetime);
+    psa_set_key_type(&attributes, type);
+    psa_set_key_usage_flags(&attributes, usage_flags);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_enrollment_algorithm(&attributes, alg2);
+    PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len,
+                              &returned_id));
+    TEST_ASSERT(mbedtls_svc_key_id_equal(id, returned_id));
+
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+    TEST_EQUAL(psa_open_key(wrong_owner_id, &invalid_svc_key_id),
+               PSA_ERROR_DOES_NOT_EXIST);
+#endif
+
+    PSA_ASSERT(psa_get_key_attributes(id, &attributes));
+    TEST_EQUAL(psa_get_key_lifetime(&attributes), lifetime);
+    TEST_ASSERT(mbedtls_svc_key_id_equal(
+                    psa_get_key_id(&attributes), id));
+    TEST_EQUAL(psa_get_key_usage_flags(&attributes),
+               mbedtls_test_update_key_usage_flags(usage_flags));
+    TEST_EQUAL(psa_get_key_algorithm(&attributes), alg);
+    TEST_EQUAL(psa_get_key_enrollment_algorithm(&attributes), alg2);
+    TEST_EQUAL(psa_get_key_type(&attributes), type);
+
+    /* Close the key and then open it. */
+    PSA_ASSERT(psa_close_key(id));
+
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+    TEST_EQUAL(psa_open_key(wrong_owner_id, &invalid_svc_key_id),
+               PSA_ERROR_DOES_NOT_EXIST);
+#endif
+
+    PSA_ASSERT(psa_open_key(id, &handle));
+    TEST_ASSERT(!psa_key_handle_is_null(handle));
+    PSA_ASSERT(psa_get_key_attributes(handle, &attributes));
+    TEST_EQUAL(psa_get_key_lifetime(&attributes), lifetime);
+    TEST_ASSERT(mbedtls_svc_key_id_equal(
+                    psa_get_key_id(&attributes), id));
+    TEST_EQUAL(psa_get_key_usage_flags(&attributes),
+               mbedtls_test_update_key_usage_flags(usage_flags));
+    TEST_EQUAL(psa_get_key_algorithm(&attributes), alg);
+    TEST_EQUAL(psa_get_key_enrollment_algorithm(&attributes), alg2);
+    TEST_EQUAL(psa_get_key_type(&attributes), type);
+
+    /*
+     * Do something that wipes key data in volatile memory or destroy the
+     * key.
+     */
+    mbedtls_test_set_step(2);
+    if (!invalidate_key(invalidate_method, id)) {
+        goto exit;
+    }
+    if (!invalidate_psa(invalidate_method)) {
+        goto exit;
+    }
+
+    /* Try to reaccess the key. If we destroyed it, check that it doesn't
+     * exist. Otherwise check that it still exists and has the expected
+     * content. */
+    switch (invalidate_method) {
+        case INVALIDATE_BY_CLOSING:
+        case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN:
+        case INVALIDATE_BY_PURGING:
+        case INVALIDATE_BY_PURGING_WITH_SHUTDOWN:
+        case INVALIDATE_BY_SHUTDOWN:
+            PSA_ASSERT(psa_open_key(id, &handle));
+            PSA_ASSERT(psa_get_key_attributes(id, &read_attributes));
+            TEST_EQUAL(psa_get_key_lifetime(&attributes),
+                       psa_get_key_lifetime(&read_attributes));
+            TEST_ASSERT(mbedtls_svc_key_id_equal(
+                            psa_get_key_id(&attributes),
+                            psa_get_key_id(&read_attributes)));
+            TEST_EQUAL(psa_get_key_usage_flags(&attributes),
+                       mbedtls_test_update_key_usage_flags(usage_flags));
+            TEST_EQUAL(psa_get_key_algorithm(&attributes),
+                       psa_get_key_algorithm(&read_attributes));
+            TEST_EQUAL(psa_get_key_enrollment_algorithm(&attributes),
+                       psa_get_key_enrollment_algorithm(&read_attributes));
+            TEST_EQUAL(psa_get_key_type(&attributes),
+                       psa_get_key_type(&read_attributes));
+            TEST_EQUAL(psa_get_key_bits(&attributes),
+                       psa_get_key_bits(&read_attributes));
+            TEST_CALLOC(reexported, key_data->len);
+            if (usage_flags & PSA_KEY_USAGE_EXPORT) {
+                PSA_ASSERT(psa_export_key(id, reexported, key_data->len,
+                                          &reexported_length));
+                TEST_MEMORY_COMPARE(key_data->x, key_data->len,
+                                    reexported, reexported_length);
+            } else {
+                TEST_EQUAL(psa_export_key(id, reexported,
+                                          key_data->len, &reexported_length),
+                           PSA_ERROR_NOT_PERMITTED);
+            }
+            PSA_ASSERT(psa_close_key(handle));
+            break;
+
+        case INVALIDATE_BY_DESTROYING:
+        case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN:
+            /*
+             * Test that the key handle and identifier are now not referring to an
+             * existing key.
+             */
+            TEST_EQUAL(psa_get_key_attributes(handle, &read_attributes),
+                       PSA_ERROR_INVALID_HANDLE);
+            TEST_EQUAL(psa_close_key(handle), PSA_ERROR_INVALID_HANDLE);
+            TEST_EQUAL(psa_get_key_attributes(id, &read_attributes),
+                       PSA_ERROR_INVALID_HANDLE);
+            break;
+    }
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+    psa_reset_key_attributes(&read_attributes);
+
+    PSA_DONE();
+    mbedtls_free(reexported);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
+void create_existent(int lifetime_arg, int owner_id_arg, int id_arg,
+                     int reopen_policy_arg)
+{
+    psa_key_lifetime_t lifetime = lifetime_arg;
+    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(owner_id_arg, id_arg);
+    mbedtls_svc_key_id_t returned_id = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_type_t type1 = PSA_KEY_TYPE_RAW_DATA;
+    const uint8_t material1[5] = "a key";
+    const uint8_t material2[5] = "b key";
+    size_t bits1 = PSA_BYTES_TO_BITS(sizeof(material1));
+    uint8_t reexported[sizeof(material1)];
+    size_t reexported_length;
+    reopen_policy_t reopen_policy = reopen_policy_arg;
+
+    TEST_USES_KEY_ID(id);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    /* Create a key. */
+    psa_set_key_id(&attributes, id);
+    psa_set_key_lifetime(&attributes, lifetime);
+    psa_set_key_type(&attributes, type1);
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT);
+    psa_set_key_algorithm(&attributes, 0);
+    PSA_ASSERT(psa_import_key(&attributes, material1, sizeof(material1),
+                              &returned_id));
+    TEST_ASSERT(mbedtls_svc_key_id_equal(id, returned_id));
+
+    if (reopen_policy == CLOSE_BEFORE) {
+        PSA_ASSERT(psa_close_key(id));
+    }
+
+    /* Attempt to create a new key in the same slot. */
+    TEST_EQUAL(psa_import_key(&attributes, material2, sizeof(material2),
+                              &returned_id),
+               PSA_ERROR_ALREADY_EXISTS);
+    TEST_ASSERT(mbedtls_svc_key_id_is_null(returned_id));
+
+    if (reopen_policy == CLOSE_AFTER) {
+        PSA_ASSERT(psa_close_key(id));
+    }
+
+    /* Check that the original key hasn't changed. */
+    psa_reset_key_attributes(&attributes);
+    PSA_ASSERT(psa_get_key_attributes(id, &attributes));
+    TEST_ASSERT(mbedtls_svc_key_id_equal(
+                    psa_get_key_id(&attributes), id));
+    TEST_EQUAL(psa_get_key_lifetime(&attributes), lifetime);
+    TEST_EQUAL(psa_get_key_type(&attributes), type1);
+    TEST_EQUAL(psa_get_key_bits(&attributes), bits1);
+    TEST_EQUAL(psa_get_key_usage_flags(&attributes), PSA_KEY_USAGE_EXPORT);
+    TEST_EQUAL(psa_get_key_algorithm(&attributes), 0);
+
+    PSA_ASSERT(psa_export_key(id,
+                              reexported, sizeof(reexported),
+                              &reexported_length));
+    TEST_MEMORY_COMPARE(material1, sizeof(material1),
+                        reexported, reexported_length);
+
+    PSA_ASSERT(psa_close_key(id));
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void open_fail(int id_arg,
+               int expected_status_arg)
+{
+    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, id_arg);
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_handle_t handle = mbedtls_svc_key_id_make(0xdead, 0xdead);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    TEST_EQUAL(psa_open_key(id, &handle), expected_status);
+    TEST_ASSERT(psa_key_handle_is_null(handle));
+
+exit:
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void create_fail(int lifetime_arg, int id_arg,
+                 int expected_status_arg)
+{
+    psa_key_lifetime_t lifetime = lifetime_arg;
+    mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, id_arg);
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_status_t expected_status = expected_status_arg;
+    mbedtls_svc_key_id_t returned_id =
+        mbedtls_svc_key_id_make(0xdead, 0xdead);
+    uint8_t material[1] = { 'k' };
+
+    TEST_USES_KEY_ID(id);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_lifetime(&attributes, lifetime);
+    if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
+        /*
+         * Not possible to set a key identifier different from 0 through
+         * PSA key attributes APIs thus accessing to the attributes
+         * directly.
+         */
+        attributes.core.id = id;
+    } else {
+        psa_set_key_id(&attributes, id);
+    }
+
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA);
+    TEST_EQUAL(psa_import_key(&attributes, material, sizeof(material),
+                              &returned_id),
+               expected_status);
+    TEST_ASSERT(mbedtls_svc_key_id_is_null(returned_id));
+
+exit:
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void copy_across_lifetimes(int source_lifetime_arg, int source_owner_id_arg,
+                           int source_id_arg, int source_usage_arg,
+                           int source_alg_arg, int source_alg2_arg,
+                           int type_arg, data_t *material,
+                           int target_lifetime_arg, int target_owner_id_arg,
+                           int target_id_arg, int target_usage_arg,
+                           int target_alg_arg, int target_alg2_arg,
+                           int expected_usage_arg,
+                           int expected_alg_arg, int expected_alg2_arg)
+{
+    psa_key_lifetime_t source_lifetime = source_lifetime_arg;
+    mbedtls_svc_key_id_t source_id =
+        mbedtls_svc_key_id_make(source_owner_id_arg, source_id_arg);
+    psa_key_usage_t source_usage = source_usage_arg;
+    psa_algorithm_t source_alg = source_alg_arg;
+    psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_type_t source_type = type_arg;
+    mbedtls_svc_key_id_t returned_source_id = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_lifetime_t target_lifetime = target_lifetime_arg;
+    mbedtls_svc_key_id_t target_id =
+        mbedtls_svc_key_id_make(target_owner_id_arg, target_id_arg);
+    psa_key_usage_t target_usage = target_usage_arg;
+    psa_algorithm_t target_alg = target_alg_arg;
+    psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t returned_target_id = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_handle_t target_handle = PSA_KEY_HANDLE_INIT;
+    psa_key_usage_t expected_usage = expected_usage_arg;
+    psa_algorithm_t expected_alg = expected_alg_arg;
+    psa_algorithm_t expected_alg2 = expected_alg2_arg;
+    uint8_t *export_buffer = NULL;
+
+    TEST_USES_KEY_ID(source_id);
+    TEST_USES_KEY_ID(target_id);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    /* Populate the source slot. */
+    psa_set_key_id(&source_attributes, source_id);
+    psa_set_key_lifetime(&source_attributes, source_lifetime);
+
+    psa_set_key_type(&source_attributes, source_type);
+    psa_set_key_usage_flags(&source_attributes, source_usage);
+    psa_set_key_algorithm(&source_attributes, source_alg);
+    psa_set_key_enrollment_algorithm(&source_attributes, source_alg2_arg);
+    PSA_ASSERT(psa_import_key(&source_attributes,
+                              material->x, material->len,
+                              &returned_source_id));
+    /* Update the attributes with the bit size. */
+    PSA_ASSERT(psa_get_key_attributes(returned_source_id,
+                                      &source_attributes));
+
+    /* Prepare the target slot. */
+    psa_set_key_id(&target_attributes, target_id);
+    psa_set_key_lifetime(&target_attributes, target_lifetime);
+
+    psa_set_key_usage_flags(&target_attributes, target_usage);
+    psa_set_key_algorithm(&target_attributes, target_alg);
+    psa_set_key_enrollment_algorithm(&target_attributes, target_alg2_arg);
+
+    /* Copy the key. */
+    PSA_ASSERT(psa_copy_key(returned_source_id,
+                            &target_attributes, &returned_target_id));
+
+    /* Destroy the source to ensure that this doesn't affect the target. */
+    PSA_ASSERT(psa_destroy_key(returned_source_id));
+
+    /* If the target key is persistent, restart the system to make
+     * sure that the material is still alive. */
+    if (!PSA_KEY_LIFETIME_IS_VOLATILE(target_lifetime)) {
+        mbedtls_psa_crypto_free();
+        PSA_ASSERT(psa_crypto_init());
+        PSA_ASSERT(psa_open_key(target_id, &target_handle));
+    }
+
+    /* Test that the target slot has the expected content. */
+    psa_reset_key_attributes(&target_attributes);
+    PSA_ASSERT(psa_get_key_attributes(returned_target_id,
+                                      &target_attributes));
+
+    if (!PSA_KEY_LIFETIME_IS_VOLATILE(target_lifetime)) {
+        TEST_ASSERT(mbedtls_svc_key_id_equal(
+                        target_id, psa_get_key_id(&target_attributes)));
+    } else {
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+        TEST_EQUAL(MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(returned_target_id),
+                   target_owner_id_arg);
+#endif
+    }
+
+    TEST_EQUAL(target_lifetime, psa_get_key_lifetime(&target_attributes));
+    TEST_EQUAL(source_type, psa_get_key_type(&target_attributes));
+    TEST_EQUAL(psa_get_key_bits(&source_attributes),
+               psa_get_key_bits(&target_attributes));
+    TEST_EQUAL(expected_usage, psa_get_key_usage_flags(&target_attributes));
+    TEST_EQUAL(expected_alg, psa_get_key_algorithm(&target_attributes));
+    TEST_EQUAL(expected_alg2,
+               psa_get_key_enrollment_algorithm(&target_attributes));
+    if (expected_usage & PSA_KEY_USAGE_EXPORT) {
+        size_t length;
+        TEST_CALLOC(export_buffer, material->len);
+        PSA_ASSERT(psa_export_key(returned_target_id, export_buffer,
+                                  material->len, &length));
+        TEST_MEMORY_COMPARE(material->x, material->len,
+                            export_buffer, length);
+    } else {
+        size_t length;
+        /* Check that the key is actually non-exportable. */
+        TEST_EQUAL(psa_export_key(returned_target_id, export_buffer,
+                                  material->len, &length),
+                   PSA_ERROR_NOT_PERMITTED);
+    }
+
+    PSA_ASSERT(psa_destroy_key(returned_target_id));
+
+exit:
+    /*
+     * Source and target key attributes may have been returned by
+     * psa_get_key_attributes() thus reset them as required.
+     */
+    psa_reset_key_attributes(&source_attributes);
+    psa_reset_key_attributes(&target_attributes);
+
+    PSA_DONE();
+    mbedtls_free(export_buffer);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void copy_to_occupied(int source_lifetime_arg, int source_id_arg,
+                      int source_usage_arg, int source_alg_arg,
+                      int source_type_arg, data_t *source_material,
+                      int target_lifetime_arg, int target_id_arg,
+                      int target_usage_arg, int target_alg_arg,
+                      int target_type_arg, data_t *target_material)
+{
+    psa_key_lifetime_t source_lifetime = source_lifetime_arg;
+    mbedtls_svc_key_id_t source_id =
+        mbedtls_svc_key_id_make(1, source_id_arg);
+    psa_key_usage_t source_usage = source_usage_arg;
+    psa_algorithm_t source_alg = source_alg_arg;
+    psa_key_type_t source_type = source_type_arg;
+    mbedtls_svc_key_id_t returned_source_id = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_lifetime_t target_lifetime = target_lifetime_arg;
+    mbedtls_svc_key_id_t target_id =
+        mbedtls_svc_key_id_make(1, target_id_arg);
+    psa_key_usage_t target_usage = target_usage_arg;
+    psa_algorithm_t target_alg = target_alg_arg;
+    psa_key_type_t target_type = target_type_arg;
+    mbedtls_svc_key_id_t returned_target_id = MBEDTLS_SVC_KEY_ID_INIT;
+    mbedtls_svc_key_id_t new_key = MBEDTLS_SVC_KEY_ID_INIT;
+    uint8_t *export_buffer = NULL;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_attributes_t attributes1 = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_attributes_t attributes2 = PSA_KEY_ATTRIBUTES_INIT;
+
+    TEST_USES_KEY_ID(source_id);
+    TEST_USES_KEY_ID(target_id);
+
+    PSA_ASSERT(psa_crypto_init());
+
+    /* Populate the source slot. */
+    if (!PSA_KEY_LIFETIME_IS_VOLATILE(source_lifetime)) {
+        psa_set_key_id(&attributes, source_id);
+        psa_set_key_lifetime(&attributes, source_lifetime);
+    }
+    psa_set_key_type(&attributes, source_type);
+    psa_set_key_usage_flags(&attributes, source_usage);
+    psa_set_key_algorithm(&attributes, source_alg);
+    PSA_ASSERT(psa_import_key(&attributes,
+                              source_material->x, source_material->len,
+                              &returned_source_id));
+
+    /* Populate the target slot. */
+    if (mbedtls_svc_key_id_equal(target_id, source_id)) {
+        returned_target_id = returned_source_id;
+    } else {
+        psa_set_key_id(&attributes1, target_id);
+        psa_set_key_lifetime(&attributes1, target_lifetime);
+        psa_set_key_type(&attributes1, target_type);
+        psa_set_key_usage_flags(&attributes1, target_usage);
+        psa_set_key_algorithm(&attributes1, target_alg);
+        PSA_ASSERT(psa_import_key(&attributes1,
+                                  target_material->x, target_material->len,
+                                  &returned_target_id));
+    }
+
+    PSA_ASSERT(psa_get_key_attributes(returned_target_id, &attributes1));
+
+    /* Make a copy attempt. */
+    psa_set_key_id(&attributes, target_id);
+    psa_set_key_lifetime(&attributes, target_lifetime);
+    TEST_EQUAL(psa_copy_key(returned_source_id,
+                            &attributes, &new_key),
+               PSA_ERROR_ALREADY_EXISTS);
+    TEST_ASSERT(mbedtls_svc_key_id_is_null(new_key));
+
+    /* Test that the target slot is unaffected. */
+    PSA_ASSERT(psa_get_key_attributes(returned_target_id, &attributes2));
+    TEST_ASSERT(mbedtls_svc_key_id_equal(
+                    psa_get_key_id(&attributes1),
+                    psa_get_key_id(&attributes2)));
+    TEST_EQUAL(psa_get_key_lifetime(&attributes1),
+               psa_get_key_lifetime(&attributes2));
+    TEST_EQUAL(psa_get_key_type(&attributes1),
+               psa_get_key_type(&attributes2));
+    TEST_EQUAL(psa_get_key_bits(&attributes1),
+               psa_get_key_bits(&attributes2));
+    TEST_EQUAL(psa_get_key_usage_flags(&attributes1),
+               psa_get_key_usage_flags(&attributes2));
+    TEST_EQUAL(psa_get_key_algorithm(&attributes1),
+               psa_get_key_algorithm(&attributes2));
+    if (target_usage & PSA_KEY_USAGE_EXPORT) {
+        size_t length;
+        TEST_CALLOC(export_buffer, target_material->len);
+        PSA_ASSERT(psa_export_key(returned_target_id, export_buffer,
+                                  target_material->len, &length));
+        TEST_MEMORY_COMPARE(target_material->x, target_material->len,
+                            export_buffer, length);
+    }
+
+    PSA_ASSERT(psa_destroy_key(returned_source_id));
+    if (!mbedtls_svc_key_id_equal(target_id, source_id)) {
+        PSA_ASSERT(psa_destroy_key(returned_target_id));
+    }
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes1);
+    psa_reset_key_attributes(&attributes2);
+
+    PSA_DONE();
+    mbedtls_free(export_buffer);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void invalid_handle(int handle_construction,
+                    int close_status_arg)
+{
+    psa_key_handle_t valid_handle = PSA_KEY_HANDLE_INIT;
+    psa_key_handle_t invalid_handle = PSA_KEY_HANDLE_INIT;
+    psa_key_id_t key_id;
+    psa_status_t close_status = close_status_arg;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    uint8_t material[1] = "a";
+
+    PSA_ASSERT(psa_crypto_init());
+
+    /* Allocate a handle and store a key in it. */
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA);
+    psa_set_key_usage_flags(&attributes, 0);
+    psa_set_key_algorithm(&attributes, 0);
+    PSA_ASSERT(psa_import_key(&attributes,
+                              material, sizeof(material),
+                              &valid_handle));
+    TEST_ASSERT(!psa_key_handle_is_null(valid_handle));
+
+    /* Construct an invalid handle as specified in the test case data. */
+    switch (handle_construction) {
+        case INVALID_HANDLE_0:
+            invalid_handle = PSA_KEY_HANDLE_INIT;
+            break;
+        case INVALID_HANDLE_UNOPENED:
+
+            /*
+             * MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) is a volatile
+             * key identifier as the imported key is a volatile key. Volatile
+             * key identifiers are in the range from PSA_KEY_ID_VOLATILE_MIN
+             * to PSA_KEY_ID_VOLATILE_MAX included. Thus pick a key identifier
+             * in the range from PSA_KEY_ID_VOLATILE_MIN to
+             * PSA_KEY_ID_VOLATILE_MAX different from
+             * MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) to build an
+             * unopened and thus invalid identifier.
+             */
+
+            if (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(valid_handle) ==
+                PSA_KEY_ID_VOLATILE_MIN) {
+                key_id = PSA_KEY_ID_VOLATILE_MIN + 1;
+            } else {
+                key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(valid_handle) - 1;
+            }
+
+            invalid_handle =
+                mbedtls_svc_key_id_make(0, key_id);
+            break;
+        case INVALID_HANDLE_CLOSED:
+            PSA_ASSERT(psa_import_key(&attributes,
+                                      material, sizeof(material),
+                                      &invalid_handle));
+            PSA_ASSERT(psa_destroy_key(invalid_handle));
+            break;
+        case INVALID_HANDLE_HUGE:
+            invalid_handle =
+                mbedtls_svc_key_id_make(0, PSA_KEY_ID_VENDOR_MAX + 1);
+            break;
+        default:
+            TEST_FAIL("unknown handle construction");
+    }
+
+    /* Attempt to use the invalid handle. */
+    TEST_EQUAL(psa_get_key_attributes(invalid_handle, &attributes),
+               PSA_ERROR_INVALID_HANDLE);
+    TEST_EQUAL(psa_close_key(invalid_handle), close_status);
+    TEST_EQUAL(psa_destroy_key(invalid_handle), close_status);
+
+    /* After all this, check that the original handle is intact. */
+    PSA_ASSERT(psa_get_key_attributes(valid_handle, &attributes));
+    TEST_EQUAL(psa_get_key_type(&attributes), PSA_KEY_TYPE_RAW_DATA);
+    TEST_EQUAL(psa_get_key_bits(&attributes),
+               PSA_BYTES_TO_BITS(sizeof(material)));
+    PSA_ASSERT(psa_close_key(valid_handle));
+
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void many_transient_keys(int max_keys_arg)
+{
+    mbedtls_svc_key_id_t *keys = NULL;
+    size_t max_keys = max_keys_arg;
+    size_t i, j;
+    psa_status_t status;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    uint8_t exported[sizeof(size_t)];
+    size_t exported_length;
+
+    TEST_CALLOC(keys, max_keys);
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT);
+    psa_set_key_algorithm(&attributes, 0);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA);
+
+    for (i = 0; i < max_keys; i++) {
+        status = psa_import_key(&attributes,
+                                (uint8_t *) &i, sizeof(i),
+                                &keys[i]);
+        if (status == PSA_ERROR_INSUFFICIENT_MEMORY) {
+            break;
+        }
+        PSA_ASSERT(status);
+        TEST_ASSERT(!mbedtls_svc_key_id_is_null(keys[i]));
+        for (j = 0; j < i; j++) {
+            TEST_ASSERT(!mbedtls_svc_key_id_equal(keys[i], keys[j]));
+        }
+    }
+    max_keys = i;
+
+    for (i = 1; i < max_keys; i++) {
+        PSA_ASSERT(psa_close_key(keys[i - 1]));
+        PSA_ASSERT(psa_export_key(keys[i],
+                                  exported, sizeof(exported),
+                                  &exported_length));
+        TEST_MEMORY_COMPARE(exported, exported_length,
+                            (uint8_t *) &i, sizeof(i));
+    }
+    PSA_ASSERT(psa_close_key(keys[i - 1]));
+
+exit:
+    PSA_DONE();
+    mbedtls_free(keys);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
+void key_slot_eviction_to_import_new_key(int lifetime_arg)
+{
+    psa_key_lifetime_t lifetime = (psa_key_lifetime_t) lifetime_arg;
+    size_t i;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    uint8_t exported[sizeof(size_t)];
+    size_t exported_length;
+    mbedtls_svc_key_id_t key, returned_key_id;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT);
+    psa_set_key_algorithm(&attributes, 0);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA);
+
+    /*
+     * Create MBEDTLS_PSA_KEY_SLOT_COUNT persistent keys.
+     */
+    for (i = 0; i < MBEDTLS_PSA_KEY_SLOT_COUNT; i++) {
+        key = mbedtls_svc_key_id_make(i, i + 1);
+        psa_set_key_id(&attributes, key);
+        PSA_ASSERT(psa_import_key(&attributes,
+                                  (uint8_t *) &i, sizeof(i),
+                                  &returned_key_id));
+        TEST_ASSERT(mbedtls_svc_key_id_equal(returned_key_id, key));
+    }
+
+    /*
+     * Create a new persistent or volatile key. When creating the key,
+     * one of the descriptions of the previously created persistent keys
+     * is removed from the RAM key slots. This makes room to store its
+     * description in RAM.
+     */
+    i = MBEDTLS_PSA_KEY_SLOT_COUNT;
+    key = mbedtls_svc_key_id_make(i, i + 1);
+    psa_set_key_id(&attributes, key);
+    psa_set_key_lifetime(&attributes, lifetime);
+
+    PSA_ASSERT(psa_import_key(&attributes,
+                              (uint8_t *) &i, sizeof(i),
+                              &returned_key_id));
+    if (lifetime != PSA_KEY_LIFETIME_VOLATILE) {
+        TEST_ASSERT(mbedtls_svc_key_id_equal(returned_key_id, key));
+    } else {
+        TEST_ASSERT(psa_key_id_is_volatile(
+                        MBEDTLS_SVC_KEY_ID_GET_KEY_ID(returned_key_id)));
+    }
+
+    /*
+     * Check that we can export all ( MBEDTLS_PSA_KEY_SLOT_COUNT + 1 ) keys,
+     * that they have the expected value and destroy them. In that process,
+     * the description of the persistent key that was evicted from the RAM
+     * slots when creating the last key is restored in a RAM slot to export
+     * its value.
+     */
+    for (i = 0; i <= MBEDTLS_PSA_KEY_SLOT_COUNT; i++) {
+        if (i < MBEDTLS_PSA_KEY_SLOT_COUNT) {
+            key = mbedtls_svc_key_id_make(i, i + 1);
+        } else {
+            key = returned_key_id;
+        }
+
+        PSA_ASSERT(psa_export_key(key,
+                                  exported, sizeof(exported),
+                                  &exported_length));
+        TEST_MEMORY_COMPARE(exported, exported_length,
+                            (uint8_t *) &i, sizeof(i));
+        PSA_ASSERT(psa_destroy_key(key));
+    }
+
+exit:
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
+void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation()
+{
+    psa_status_t status;
+    size_t i;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    uint8_t exported[sizeof(size_t)];
+    size_t exported_length;
+    mbedtls_svc_key_id_t persistent_key = MBEDTLS_SVC_KEY_ID_INIT;
+    mbedtls_svc_key_id_t persistent_key2 = MBEDTLS_SVC_KEY_ID_INIT;
+    mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT;
+    mbedtls_svc_key_id_t *keys = NULL;
+
+    TEST_ASSERT(MBEDTLS_PSA_KEY_SLOT_COUNT >= 1);
+
+    TEST_CALLOC(keys, MBEDTLS_PSA_KEY_SLOT_COUNT);
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes,
+                            PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY);
+    psa_set_key_algorithm(&attributes, 0);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA);
+
+    /*
+     * Create a persistent key
+     */
+    persistent_key = mbedtls_svc_key_id_make(0x100, 0x205);
+    psa_set_key_id(&attributes, persistent_key);
+    PSA_ASSERT(psa_import_key(&attributes,
+                              (uint8_t *) &persistent_key,
+                              sizeof(persistent_key),
+                              &returned_key_id));
+    TEST_ASSERT(mbedtls_svc_key_id_equal(returned_key_id, persistent_key));
+
+    /*
+     * Create MBEDTLS_PSA_KEY_SLOT_COUNT volatile keys
+     */
+    psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_VOLATILE);
+    for (i = 0; i < MBEDTLS_PSA_KEY_SLOT_COUNT; i++) {
+        PSA_ASSERT(psa_import_key(&attributes,
+                                  (uint8_t *) &i, sizeof(i),
+                                  &keys[i]));
+    }
+    psa_reset_key_attributes(&attributes);
+
+    /*
+     * Check that we cannot access the persistent key as all slots are
+     * occupied by volatile keys and the implementation needs to load the
+     * persistent key description in a slot to be able to access it.
+     */
+    status = psa_get_key_attributes(persistent_key, &attributes);
+    TEST_EQUAL(status, PSA_ERROR_INSUFFICIENT_MEMORY);
+
+    /*
+     * Check we can export the volatile key created last and that it has the
+     * expected value. Then, destroy it.
+     */
+    PSA_ASSERT(psa_export_key(keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1],
+                              exported, sizeof(exported),
+                              &exported_length));
+    i = MBEDTLS_PSA_KEY_SLOT_COUNT - 1;
+    TEST_MEMORY_COMPARE(exported, exported_length, (uint8_t *) &i, sizeof(i));
+    PSA_ASSERT(psa_destroy_key(keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1]));
+
+    /*
+     * Check that we can now access the persistent key again.
+     */
+    PSA_ASSERT(psa_get_key_attributes(persistent_key, &attributes));
+    TEST_ASSERT(mbedtls_svc_key_id_equal(attributes.core.id,
+                                         persistent_key));
+
+    /*
+     * Check that we cannot copy the persistent key as all slots are occupied
+     * by the persistent key and the volatile keys and the slot containing the
+     * persistent key cannot be reclaimed as it contains the key to copy.
+     */
+    persistent_key2 = mbedtls_svc_key_id_make(0x100, 0x204);
+    psa_set_key_id(&attributes, persistent_key2);
+    status = psa_copy_key(persistent_key, &attributes, &returned_key_id);
+    TEST_EQUAL(status, PSA_ERROR_INSUFFICIENT_MEMORY);
+
+    /*
+     * Check we can export the remaining volatile keys and that they have the
+     * expected values.
+     */
+    for (i = 0; i < (MBEDTLS_PSA_KEY_SLOT_COUNT - 1); i++) {
+        PSA_ASSERT(psa_export_key(keys[i],
+                                  exported, sizeof(exported),
+                                  &exported_length));
+        TEST_MEMORY_COMPARE(exported, exported_length,
+                            (uint8_t *) &i, sizeof(i));
+        PSA_ASSERT(psa_destroy_key(keys[i]));
+    }
+
+    /*
+     * Check we can export the persistent key and that it have the expected
+     * value.
+     */
+
+    PSA_ASSERT(psa_export_key(persistent_key, exported, sizeof(exported),
+                              &exported_length));
+    TEST_MEMORY_COMPARE(exported, exported_length,
+                        (uint8_t *) &persistent_key, sizeof(persistent_key));
+exit:
+    /*
+     * Key attributes may have been returned by psa_get_key_attributes()
+     * thus reset them as required.
+     */
+    psa_reset_key_attributes(&attributes);
+
+    psa_destroy_key(persistent_key);
+    PSA_DONE();
+    mbedtls_free(keys);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_storage_format.current.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_storage_format.current.data
new file mode 100644
index 0000000..c12900d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_storage_format.current.data
@@ -0,0 +1,8571 @@
+# Automatically generated by generate_psa_tests.py. Do not edit!
+
+save lifetime: (DEFAULT,LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c"
+
+save lifetime: (2,LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000200000001100800010000000000000000000000010000004c"
+
+save lifetime: (254,LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b45590000000000fe00000001100800010000000000000000000000010000004c"
+
+save lifetime: PERSISTENT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c"
+
+save usage without implication: 0
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b"
+
+save usage without implication: COPY
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b"
+
+save usage without implication: DECRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b"
+
+save usage without implication: DERIVE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b"
+
+save usage without implication: ENCRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b"
+
+save usage without implication: EXPORT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b"
+
+save usage without implication: SIGN_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b"
+
+save usage without implication: SIGN_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000400000000000000000000010000004b"
+
+save usage without implication: VERIFY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b"
+
+save usage without implication: VERIFY_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000800000000000000000000010000004b"
+
+save usage without implication: COPY|DECRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b"
+
+save usage without implication: DECRYPT|DERIVE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b"
+
+save usage without implication: DERIVE|ENCRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b"
+
+save usage without implication: ENCRYPT|EXPORT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b"
+
+save usage without implication: EXPORT|SIGN_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011400000000000000000000010000004b"
+
+save usage without implication: SIGN_HASH|SIGN_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b"
+
+save usage without implication: SIGN_MESSAGE|VERIFY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002c00000000000000000000010000004b"
+
+save usage without implication: VERIFY_HASH|VERIFY_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b"
+
+save usage without implication: VERIFY_MESSAGE|COPY
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020800000000000000000000010000004b"
+
+save usage without implication: all known
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800037f00000000000000000000010000004b"
+
+save type: AES 128-bit
+depends_on:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000100000000000000000000001000000048657265006973206b6579a064617461"
+
+save type: AES 128-bit, AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000014405000000001000000048657265006973206b6579a064617461"
+
+save type: AES 128-bit, AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000014e05000000001000000048657265006973206b6579a064617461"
+
+save type: AES 128-bit, AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000015005000000001000000048657265006973206b6579a064617461"
+
+save type: AES 128-bit, CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000001c003000000001000000048657265006973206b6579a064617461"
+
+save type: AES 128-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000404004000000001000000048657265006973206b6579a064617461"
+
+save type: AES 128-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000414004000000001000000048657265006973206b6579a064617461"
+
+save type: AES 128-bit, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000015005000000001000000048657265006973206b6579a064617461"
+
+save type: AES 128-bit, CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000010300000011c004000000001000000048657265006973206b6579a064617461"
+
+save type: AES 128-bit, CMAC
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CMAC:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000002c003000000001000000048657265006973206b6579a064617461"
+
+save type: AES 128-bit, CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000010300000010c004000000001000000048657265006973206b6579a064617461"
+
+save type: AES 128-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000444004000000001000000048657265006973206b6579a064617461"
+
+save type: AES 128-bit, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000025005000000001000000048657265006973206b6579a064617461"
+
+save type: AES 128-bit, OFB
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000010300000012c004000000001000000048657265006973206b6579a064617461"
+
+save type: AES 128-bit, TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000001c403000000001000000048657265006973206b6579a064617461"
+
+save type: AES 128-bit, TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000001cd03000000001000000048657265006973206b6579a064617461"
+
+save type: AES 128-bit, TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000001ce03000000001000000048657265006973206b6579a064617461"
+
+save type: AES 128-bit, TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000001d003000000001000000048657265006973206b6579a064617461"
+
+save type: AES 128-bit, XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000ff4004000000001000000048657265006973206b6579a064617461"
+
+save type: AES 192-bit
+depends_on:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: AES 192-bit, AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000014405000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: AES 192-bit, AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000014e05000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: AES 192-bit, AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: AES 192-bit, CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000001c003000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: AES 192-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000404004000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: AES 192-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000414004000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: AES 192-bit, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: AES 192-bit, CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000010300000011c004000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: AES 192-bit, CMAC
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CMAC:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000002c003000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: AES 192-bit, CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000010300000010c004000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: AES 192-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000444004000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: AES 192-bit, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000025005000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: AES 192-bit, OFB
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000010300000012c004000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: AES 192-bit, TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000001c403000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: AES 192-bit, TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000001cd03000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: AES 192-bit, TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000001ce03000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: AES 192-bit, TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000001d003000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: AES 192-bit, XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000ff4004000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: AES 256-bit
+depends_on:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: AES 256-bit, AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000014405000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: AES 256-bit, AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000014e05000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: AES 256-bit, AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: AES 256-bit, CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000001c003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: AES 256-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000404004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: AES 256-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000414004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: AES 256-bit, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: AES 256-bit, CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001010300000011c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: AES 256-bit, CMAC
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CMAC:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000002c003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: AES 256-bit, CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001010300000010c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: AES 256-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000444004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: AES 256-bit, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000025005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: AES 256-bit, OFB
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001010300000012c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: AES 256-bit, TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000001c403000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: AES 256-bit, TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000001cd03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: AES 256-bit, TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000001ce03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: AES 256-bit, TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000001d003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: AES 256-bit, XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES
+key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000ff4004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: ARC4 8-bit
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000022008000100000000000000000000000100000048"
+
+save type: ARC4 8-bit, STREAM_CIPHER
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4
+key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"48":"505341004b4559000000000001000000022008000103000000018004000000000100000048"
+
+save type: ARC4 128-bit
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000022080000100000000000000000000001000000048657265006973206b6579a064617461"
+
+save type: ARC4 128-bit, STREAM_CIPHER
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4
+key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000022080000103000000018004000000001000000048657265006973206b6579a064617461"
+
+save type: ARC4 2048-bit
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:2048:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000022000080100000000000000000000000001000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: ARC4 2048-bit, STREAM_CIPHER
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4
+key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:2048:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000022000080103000000018004000000000001000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: ARIA 128-bit
+depends_on:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000100000000000000000000001000000048657265006973206b6579a064617461"
+
+save type: ARIA 128-bit, AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000014405000000001000000048657265006973206b6579a064617461"
+
+save type: ARIA 128-bit, AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000014e05000000001000000048657265006973206b6579a064617461"
+
+save type: ARIA 128-bit, AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000015005000000001000000048657265006973206b6579a064617461"
+
+save type: ARIA 128-bit, CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000013c00000001c003000000001000000048657265006973206b6579a064617461"
+
+save type: ARIA 128-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000404004000000001000000048657265006973206b6579a064617461"
+
+save type: ARIA 128-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000414004000000001000000048657265006973206b6579a064617461"
+
+save type: ARIA 128-bit, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000015005000000001000000048657265006973206b6579a064617461"
+
+save type: ARIA 128-bit, CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000010300000011c004000000001000000048657265006973206b6579a064617461"
+
+save type: ARIA 128-bit, CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000010300000010c004000000001000000048657265006973206b6579a064617461"
+
+save type: ARIA 128-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000444004000000001000000048657265006973206b6579a064617461"
+
+save type: ARIA 128-bit, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000025005000000001000000048657265006973206b6579a064617461"
+
+save type: ARIA 128-bit, TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000013c00000001c403000000001000000048657265006973206b6579a064617461"
+
+save type: ARIA 128-bit, TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000013c00000001cd03000000001000000048657265006973206b6579a064617461"
+
+save type: ARIA 128-bit, TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000013c00000001ce03000000001000000048657265006973206b6579a064617461"
+
+save type: ARIA 128-bit, TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000013c00000001d003000000001000000048657265006973206b6579a064617461"
+
+save type: ARIA 128-bit, XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000ff4004000000001000000048657265006973206b6579a064617461"
+
+save type: ARIA 192-bit
+depends_on:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: ARIA 192-bit, AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000014405000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: ARIA 192-bit, AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000014e05000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: ARIA 192-bit, AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: ARIA 192-bit, CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000013c00000001c003000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: ARIA 192-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000404004000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: ARIA 192-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000414004000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: ARIA 192-bit, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: ARIA 192-bit, CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000010300000011c004000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: ARIA 192-bit, CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000010300000010c004000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: ARIA 192-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000444004000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: ARIA 192-bit, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000025005000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: ARIA 192-bit, TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000013c00000001c403000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: ARIA 192-bit, TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000013c00000001cd03000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: ARIA 192-bit, TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000013c00000001ce03000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: ARIA 192-bit, TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000013c00000001d003000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: ARIA 192-bit, XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000ff4004000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: ARIA 256-bit
+depends_on:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: ARIA 256-bit, AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000014405000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: ARIA 256-bit, AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000014e05000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: ARIA 256-bit, AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: ARIA 256-bit, CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001013c00000001c003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: ARIA 256-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000404004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: ARIA 256-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000414004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: ARIA 256-bit, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: ARIA 256-bit, CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001010300000011c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: ARIA 256-bit, CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001010300000010c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: ARIA 256-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000444004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: ARIA 256-bit, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000025005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: ARIA 256-bit, TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001013c00000001c403000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: ARIA 256-bit, TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001013c00000001cd03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: ARIA 256-bit, TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001013c00000001ce03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: ARIA 256-bit, TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001013c00000001d003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: ARIA 256-bit, XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA
+key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000ff4004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: CAMELLIA 128-bit
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000100000000000000000000001000000048657265006973206b6579a064617461"
+
+save type: CAMELLIA 128-bit, AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000014405000000001000000048657265006973206b6579a064617461"
+
+save type: CAMELLIA 128-bit, AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000014e05000000001000000048657265006973206b6579a064617461"
+
+save type: CAMELLIA 128-bit, AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000015005000000001000000048657265006973206b6579a064617461"
+
+save type: CAMELLIA 128-bit, CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000013c00000001c003000000001000000048657265006973206b6579a064617461"
+
+save type: CAMELLIA 128-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000404004000000001000000048657265006973206b6579a064617461"
+
+save type: CAMELLIA 128-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000414004000000001000000048657265006973206b6579a064617461"
+
+save type: CAMELLIA 128-bit, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000015005000000001000000048657265006973206b6579a064617461"
+
+save type: CAMELLIA 128-bit, CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000010300000011c004000000001000000048657265006973206b6579a064617461"
+
+save type: CAMELLIA 128-bit, CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000010300000010c004000000001000000048657265006973206b6579a064617461"
+
+save type: CAMELLIA 128-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000444004000000001000000048657265006973206b6579a064617461"
+
+save type: CAMELLIA 128-bit, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000025005000000001000000048657265006973206b6579a064617461"
+
+save type: CAMELLIA 128-bit, TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000013c00000001c403000000001000000048657265006973206b6579a064617461"
+
+save type: CAMELLIA 128-bit, TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000013c00000001cd03000000001000000048657265006973206b6579a064617461"
+
+save type: CAMELLIA 128-bit, TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000013c00000001ce03000000001000000048657265006973206b6579a064617461"
+
+save type: CAMELLIA 128-bit, TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000013c00000001d003000000001000000048657265006973206b6579a064617461"
+
+save type: CAMELLIA 128-bit, XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000ff4004000000001000000048657265006973206b6579a064617461"
+
+save type: CAMELLIA 192-bit
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: CAMELLIA 192-bit, AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000014405000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: CAMELLIA 192-bit, AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000014e05000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: CAMELLIA 192-bit, AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: CAMELLIA 192-bit, CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000013c00000001c003000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: CAMELLIA 192-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000404004000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: CAMELLIA 192-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000414004000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: CAMELLIA 192-bit, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: CAMELLIA 192-bit, CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000010300000011c004000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: CAMELLIA 192-bit, CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000010300000010c004000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: CAMELLIA 192-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000444004000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: CAMELLIA 192-bit, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000025005000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: CAMELLIA 192-bit, TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000013c00000001c403000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: CAMELLIA 192-bit, TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000013c00000001cd03000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: CAMELLIA 192-bit, TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000013c00000001ce03000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: CAMELLIA 192-bit, TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000013c00000001d003000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: CAMELLIA 192-bit, XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000ff4004000000001800000048657265006973206b6579a0646174614865726500697320"
+
+save type: CAMELLIA 256-bit
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: CAMELLIA 256-bit, AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000014405000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: CAMELLIA 256-bit, AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000014e05000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: CAMELLIA 256-bit, AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: CAMELLIA 256-bit, CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001013c00000001c003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: CAMELLIA 256-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000404004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: CAMELLIA 256-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000414004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: CAMELLIA 256-bit, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: CAMELLIA 256-bit, CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001010300000011c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: CAMELLIA 256-bit, CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001010300000010c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: CAMELLIA 256-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000444004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: CAMELLIA 256-bit, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000025005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: CAMELLIA 256-bit, TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001013c00000001c403000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: CAMELLIA 256-bit, TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001013c00000001cd03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: CAMELLIA 256-bit, TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001013c00000001ce03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: CAMELLIA 256-bit, TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001013c00000001d003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: CAMELLIA 256-bit, XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000ff4004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: CHACHA20 256-bit
+depends_on:PSA_WANT_KEY_TYPE_CHACHA20
+key_storage_save:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: CHACHA20 256-bit, CHACHA20_POLY1305
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
+key_storage_save:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CHACHA20_POLY1305:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010103000000051005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: CHACHA20 256-bit, STREAM_CIPHER
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+key_storage_save:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010103000000018004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: DERIVE 120-bit
+depends_on:PSA_WANT_KEY_TYPE_DERIVE
+key_storage_save:0x0001:PSA_KEY_TYPE_DERIVE:120:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174":"505341004b4559000000000001000000001278000100000000000000000000000f00000048657265006973206b6579a0646174"
+
+save type: DERIVE 128-bit
+depends_on:PSA_WANT_KEY_TYPE_DERIVE
+key_storage_save:0x0001:PSA_KEY_TYPE_DERIVE:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001280000100000000000000000000001000000048657265006973206b6579a064617461"
+
+save type: DES 64-bit
+depends_on:PSA_WANT_KEY_TYPE_DES
+key_storage_save:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001000000000000000000000008000000644573206b457901"
+
+save type: DES 64-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+key_storage_save:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001030000004040040000000008000000644573206b457901"
+
+save type: DES 64-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES
+key_storage_save:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001030000004140040000000008000000644573206b457901"
+
+save type: DES 64-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+key_storage_save:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001030000004440040000000008000000644573206b457901"
+
+save type: DES 128-bit
+depends_on:PSA_WANT_KEY_TYPE_DES
+key_storage_save:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001000000000000000000000010000000644573206b457901644573206b457902"
+
+save type: DES 128-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+key_storage_save:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001030000004040040000000010000000644573206b457901644573206b457902"
+
+save type: DES 128-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES
+key_storage_save:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001030000004140040000000010000000644573206b457901644573206b457902"
+
+save type: DES 128-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+key_storage_save:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001030000004440040000000010000000644573206b457901644573206b457902"
+
+save type: DES 192-bit
+depends_on:PSA_WANT_KEY_TYPE_DES
+key_storage_save:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001000000000000000000000018000000644573206b457901644573206b457902644573206b457904"
+
+save type: DES 192-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+key_storage_save:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001030000004040040000000018000000644573206b457901644573206b457902644573206b457904"
+
+save type: DES 192-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES
+key_storage_save:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001030000004140040000000018000000644573206b457901644573206b457902644573206b457904"
+
+save type: DES 192-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+key_storage_save:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001030000004440040000000018000000644573206b457901644573206b457902644573206b457904"
+
+save type: ECC_PAIR(BP_R1) 160-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000100000000000000000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000001070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000002070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000003070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000004070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000005070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000008070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000009070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c00000a070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c00000b070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000140000000000209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000001060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000002060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000003060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000004060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000005060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000008060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000009060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c00000a060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c00000b060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000000060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000140000009010209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000014000000a010209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000140000009020209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000014000000a020209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000140000009030209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000014000000a030209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac"
+
+save type: ECC_PAIR(BP_R1) 192-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000010000000000000000000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000107000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000207000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000307000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000407000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000507000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000807000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000907000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000a07000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000b07000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000000020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000106000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000206000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000306000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000406000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000506000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000806000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000906000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000a06000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000b06000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000006000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000901020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000a01020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000902020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000a02020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000903020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000a03020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f"
+
+save type: ECC_PAIR(BP_R1) 224-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000100000000000000000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000001070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000002070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000003070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000004070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000005070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000008070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000009070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c00000a070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c00000b070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000140000000000209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000001060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000002060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000003060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000004060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000005060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000008060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000009060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c00000a060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c00000b060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000000060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000140000009010209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000014000000a010209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000140000009020209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000014000000a020209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000140000009030209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000014000000a030209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c"
+
+save type: ECC_PAIR(BP_R1) 256-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001010000000000000000000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000107000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000207000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000307000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000407000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000507000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000807000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000907000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000a07000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000b07000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000000020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000106000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000206000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000306000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000406000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000506000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000806000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000906000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000a06000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000b06000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000006000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000901020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000a01020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000902020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000a02020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000903020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000a03020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff"
+
+save type: ECC_PAIR(BP_R1) 320-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010100000000000000000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000001070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000002070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000003070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000004070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000005070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000008070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000009070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c00000a070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c00000b070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010140000000000209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000001060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000002060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000003060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000004060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000005060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000008060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000009060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c00000a060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c00000b060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000000060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010140000009010209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001014000000a010209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010140000009020209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001014000000a020209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010140000009030209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001014000000a030209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead"
+
+save type: ECC_PAIR(BP_R1) 384-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001010000000000000000000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000107000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000207000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000307000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000407000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000507000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000807000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000907000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000a07000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000b07000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000000020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000106000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000206000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000306000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000406000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000506000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000806000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000906000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000a06000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000b06000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000006000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000901020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000a01020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000902020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000a02020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000903020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000a03020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb"
+
+save type: ECC_PAIR(BP_R1) 512-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201000000000000000000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000010700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000020700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000030700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000040700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000050700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000080700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000090700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c00000a0700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c00000b0700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201400000000002090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000010600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000020600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000030600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000040600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000050600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000080600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000090600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c00000a0600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c00000b0600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000000600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201400000090102090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002014000000a0102090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201400000090202090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002014000000a0202090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201400000090302090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002014000000a0302090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2"
+
+save type: ECC_PAIR(MGM) 255-bit
+depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000100000000000000000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a"
+
+save type: ECC_PAIR(MGM) 255-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000140000000000209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a"
+
+save type: ECC_PAIR(MGM) 255-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000140000009010209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a"
+
+save type: ECC_PAIR(MGM) 255-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff00014000000a010209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a"
+
+save type: ECC_PAIR(MGM) 255-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000140000009020209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a"
+
+save type: ECC_PAIR(MGM) 255-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff00014000000a020209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a"
+
+save type: ECC_PAIR(MGM) 255-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000140000009030209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a"
+
+save type: ECC_PAIR(MGM) 255-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff00014000000a030209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a"
+
+save type: ECC_PAIR(MGM) 448-bit
+depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101000000000000000000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1"
+
+save type: ECC_PAIR(MGM) 448-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101400000000002090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1"
+
+save type: ECC_PAIR(MGM) 448-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101400000090102090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1"
+
+save type: ECC_PAIR(MGM) 448-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c001014000000a0102090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1"
+
+save type: ECC_PAIR(MGM) 448-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101400000090202090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1"
+
+save type: ECC_PAIR(MGM) 448-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c001014000000a0202090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1"
+
+save type: ECC_PAIR(MGM) 448-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101400000090302090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1"
+
+save type: ECC_PAIR(MGM) 448-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c001014000000a0302090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1"
+
+save type: ECC_PAIR(SECP_K1) 192-bit
+depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001000000000000000000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000010700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000020700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000030700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000040700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000050700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000080700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000090700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c00000a0700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c00000b0700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001400000000002090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000010600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000020600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000030600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000040600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000050600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000080600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000090600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c00000a0600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c00000b0600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000000600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001400000090102090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000014000000a0102090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001400000090202090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000014000000a0202090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001400000090302090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000014000000a0302090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228"
+
+save type: ECC_PAIR(SECP_K1) 224-bit
+depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000100000000000000000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000001070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000002070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000003070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000004070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000005070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000008070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000009070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c00000a070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c00000b070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000140000000000209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000001060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000002060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000003060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000004060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000005060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000008060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000009060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c00000a060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c00000b060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000000060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000140000009010209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000014000000a010209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000140000009020209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000014000000a020209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000140000009030209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000014000000a030209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8"
+
+save type: ECC_PAIR(SECP_K1) 256-bit
+depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001010000000000000000000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000107000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000207000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000307000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000407000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000507000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000807000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000907000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000a07000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000b07000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000000020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000106000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000206000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000306000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000406000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000506000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000806000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000906000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000a06000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000b06000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000006000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000901020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000a01020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000902020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000a02020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000903020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000a03020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9"
+
+save type: ECC_PAIR(SECP_R1) 225-bit
+depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000100000000000000000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000001070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000002070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000003070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000004070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000005070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000008070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000009070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c00000a070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c00000b070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000140000000000209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000001060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000002060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000003060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000004060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000005060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000008060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000009060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c00000a060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c00000b060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000000060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000140000009010209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100014000000a010209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000140000009020209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100014000000a020209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000140000009030209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100014000000a030209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995"
+
+save type: ECC_PAIR(SECP_R1) 256-bit
+depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010100000000000000000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000001070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000002070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000003070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000004070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000005070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000008070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000009070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c00000a070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c00000b070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010140000000000209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000001060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000002060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000003060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000004060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000005060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000008060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000009060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c00000a060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c00000b060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000000060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010140000009010209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001014000000a010209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010140000009020209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001014000000a020209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010140000009030209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001014000000a030209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee"
+
+save type: ECC_PAIR(SECP_R1) 384-bit
+depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001010000000000000000000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000107000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000207000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000307000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000407000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000507000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000807000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000907000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000a07000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000b07000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000000020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000106000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000206000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000306000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000406000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000506000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000806000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000906000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000a06000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000b06000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000006000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000901020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000a01020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000902020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000a02020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000903020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000a03020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a"
+
+save type: ECC_PAIR(SECP_R1) 521-bit
+depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020100000000000000000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000001070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000002070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000003070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000004070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000005070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000008070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000009070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c00000a070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c00000b070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020140000000000209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000001060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000002060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000003060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000004060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000005060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000008060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000009060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c00000a060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c00000b060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000000060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020140000009010209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902014000000a010209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020140000009020209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902014000000a020209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020140000009030209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902014000000a030209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae"
+
+save type: ECC_PAIR(SECP_R2) 160-bit
+depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000100000000000000000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000001070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000002070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000003070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000004070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000005070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000008070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000009070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c00000a070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c00000b070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000140000000000209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000001060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000002060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000003060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000004060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000005060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000008060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000009060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c00000a060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c00000b060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000000060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000140000009010209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000014000000a010209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000140000009020209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000014000000a020209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000140000009030209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000014000000a030209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e"
+
+save type: ECC_PAIR(SECT_K1) 163-bit
+depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000100000000000000000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000001070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000002070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000003070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000004070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000005070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000008070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000009070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c00000a070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c00000b070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000140000000000209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000001060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000002060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000003060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000004060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000005060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000008060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000009060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c00000a060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c00000b060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000000060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000140000009010209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300014000000a010209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000140000009020209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300014000000a020209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000140000009030209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300014000000a030209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71"
+
+save type: ECC_PAIR(SECT_K1) 233-bit
+depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000100000000000000000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000001070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000002070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000003070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000004070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000005070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000008070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000009070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c00000a070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c00000b070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000140000000000209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000001060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000002060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000003060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000004060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000005060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000008060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000009060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c00000a060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c00000b060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000000060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000140000009010209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900014000000a010209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000140000009020209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900014000000a020209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000140000009030209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900014000000a030209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8"
+
+save type: ECC_PAIR(SECT_K1) 239-bit
+depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000100000000000000000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000001070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000002070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000003070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000004070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000005070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000008070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000009070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c00000a070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c00000b070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000140000000000209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000001060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000002060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000003060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000004060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000005060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000008060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000009060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c00000a060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c00000b060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000000060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000140000009010209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00014000000a010209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000140000009020209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00014000000a020209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000140000009030209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00014000000a030209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61"
+
+save type: ECC_PAIR(SECT_K1) 283-bit
+depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101000000000000000000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000010700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000020700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000030700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000040700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000050700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000080700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000090700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c00000a0700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c00000b0700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101400000000002090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000010600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000020600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000030600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000040600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000050600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000080600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000090600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c00000a0600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c00000b0600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000000600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101400000090102090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01014000000a0102090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101400000090202090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01014000000a0202090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101400000090302090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01014000000a0302090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0"
+
+save type: ECC_PAIR(SECT_K1) 409-bit
+depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901010000000000000000000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000107000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000207000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000307000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000407000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000507000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000807000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000907000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000a07000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000b07000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000000020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000106000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000206000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000306000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000406000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000506000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000806000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000906000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000a06000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000b06000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000006000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000901020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000a01020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000902020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000a02020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000903020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000a03020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8"
+
+save type: ECC_PAIR(SECT_K1) 571-bit
+depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201000000000000000000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000010700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000020700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000030700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000040700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000050700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000080700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000090700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c00000a0700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c00000b0700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201400000000002090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000010600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000020600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000030600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000040600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000050600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000080600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000090600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c00000a0600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c00000b0600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000000600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201400000090102090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02014000000a0102090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201400000090202090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02014000000a0202090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201400000090302090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02014000000a0302090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51"
+
+save type: ECC_PAIR(SECT_R1) 163-bit
+depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001000000000000000000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000010700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000020700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000030700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000040700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000050700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000080700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000090700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c00000a0700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c00000b0700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001400000000002090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000010600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000020600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000030600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000040600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000050600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000080600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000090600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c00000a0600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c00000b0600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000000600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001400000090102090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300014000000a0102090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001400000090202090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300014000000a0202090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001400000090302090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300014000000a0302090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50"
+
+save type: ECC_PAIR(SECT_R1) 233-bit
+depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000100000000000000000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000001070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000002070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000003070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000004070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000005070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000008070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000009070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c00000a070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c00000b070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000140000000000209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000001060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000002060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000003060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000004060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000005060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000008060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000009060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c00000a060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c00000b060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000000060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000140000009010209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900014000000a010209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000140000009020209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900014000000a020209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000140000009030209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900014000000a030209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f"
+
+save type: ECC_PAIR(SECT_R1) 283-bit
+depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101000000000000000000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000010700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000020700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000030700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000040700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000050700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000080700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000090700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c00000a0700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c00000b0700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101400000000002090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000010600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000020600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000030600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000040600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000050600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000080600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000090600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c00000a0600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c00000b0600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000000600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101400000090102090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01014000000a0102090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101400000090202090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01014000000a0202090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101400000090302090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01014000000a0302090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad"
+
+save type: ECC_PAIR(SECT_R1) 409-bit
+depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010100000000000000000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000001070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000002070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000003070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000004070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000005070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000008070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000009070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c00000a070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c00000b070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010140000000000209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000001060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000002060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000003060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000004060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000005060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000008060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000009060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c00000a060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c00000b060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000000060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010140000009010209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901014000000a010209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010140000009020209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901014000000a020209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010140000009030209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901014000000a030209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64"
+
+save type: ECC_PAIR(SECT_R1) 571-bit
+depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201000000000000000000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000010700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000020700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000030700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000040700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000050700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000080700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000090700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c00000a0700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c00000b0700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201400000000002090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000010600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000020600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000030600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000040600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000050600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000080600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000090600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c00000a0600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c00000b0600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000000600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201400000090102090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02014000000a0102090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201400000090202090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02014000000a0202090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201400000090302090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02014000000a0302090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1"
+
+save type: ECC_PAIR(SECT_R2) 163-bit
+depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300010000000000000000000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000107000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000207000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000307000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000407000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000507000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000807000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000907000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000a07000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000b07000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000000020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000106000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000206000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000306000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000406000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000506000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000806000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000906000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000a06000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000b06000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000006000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000901020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000a01020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000902020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000a02020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000903020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000a03020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34"
+
+save type: ECC_PAIR(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00010000000000000000000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60"
+
+save type: ECC_PAIR(TWISTED_EDWARDS) 255-bit, ED25519PH
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00013c00000b09000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60"
+
+save type: ECC_PAIR(TWISTED_EDWARDS) 255-bit, ED448PH
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00013c00001509000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60"
+
+save type: ECC_PAIR(TWISTED_EDWARDS) 255-bit, PURE_EDDSA
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_PURE_EDDSA:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00013c00000008000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60"
+
+save type: ECC_PAIR(TWISTED_EDWARDS) 448-bit
+depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001010000000000000000000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b"
+
+save type: ECC_PAIR(TWISTED_EDWARDS) 448-bit, ED25519PH
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001013c00000b09000600000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b"
+
+save type: ECC_PAIR(TWISTED_EDWARDS) 448-bit, ED448PH
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001013c00001509000600000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b"
+
+save type: ECC_PAIR(TWISTED_EDWARDS) 448-bit, PURE_EDDSA
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_PURE_EDDSA:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001013c00000008000600000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b"
+
+save type: ECC_PUB(BP_R1) 160-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000100000000000000000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+save type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000001070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+save type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000002070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+save type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000003070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+save type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000004070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+save type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000005070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+save type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000008070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+save type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000009070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+save type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a000012800000a070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+save type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a000012800000b070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+save type: ECC_PUB(BP_R1) 160-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000001060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+save type: ECC_PUB(BP_R1) 160-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000002060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+save type: ECC_PUB(BP_R1) 160-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000003060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+save type: ECC_PUB(BP_R1) 160-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000004060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+save type: ECC_PUB(BP_R1) 160-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000005060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+save type: ECC_PUB(BP_R1) 160-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000008060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+save type: ECC_PUB(BP_R1) 160-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000009060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+save type: ECC_PUB(BP_R1) 160-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a000012800000a060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+save type: ECC_PUB(BP_R1) 160-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a000012800000b060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+save type: ECC_PUB(BP_R1) 160-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000000060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c"
+
+save type: ECC_PUB(BP_R1) 192-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001000000000000000000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+save type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000010700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+save type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000020700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+save type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000030700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+save type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000040700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+save type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000050700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+save type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000080700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+save type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000090700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+save type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c000012800000a0700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+save type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c000012800000b0700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+save type: ECC_PUB(BP_R1) 192-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000010600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+save type: ECC_PUB(BP_R1) 192-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000020600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+save type: ECC_PUB(BP_R1) 192-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000030600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+save type: ECC_PUB(BP_R1) 192-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000040600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+save type: ECC_PUB(BP_R1) 192-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000050600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+save type: ECC_PUB(BP_R1) 192-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000080600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+save type: ECC_PUB(BP_R1) 192-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000090600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+save type: ECC_PUB(BP_R1) 192-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c000012800000a0600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+save type: ECC_PUB(BP_R1) 192-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c000012800000b0600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+save type: ECC_PUB(BP_R1) 192-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000000600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88"
+
+save type: ECC_PUB(BP_R1) 224-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001000000000000000000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+save type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000010700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+save type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000020700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+save type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000030700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+save type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000040700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+save type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000050700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+save type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000080700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+save type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000090700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+save type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e000012800000a0700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+save type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e000012800000b0700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+save type: ECC_PUB(BP_R1) 224-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000010600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+save type: ECC_PUB(BP_R1) 224-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000020600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+save type: ECC_PUB(BP_R1) 224-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000030600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+save type: ECC_PUB(BP_R1) 224-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000040600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+save type: ECC_PUB(BP_R1) 224-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000050600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+save type: ECC_PUB(BP_R1) 224-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000080600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+save type: ECC_PUB(BP_R1) 224-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000090600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+save type: ECC_PUB(BP_R1) 224-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e000012800000a0600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+save type: ECC_PUB(BP_R1) 224-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e000012800000b0600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+save type: ECC_PUB(BP_R1) 224-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000000600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc"
+
+save type: ECC_PUB(BP_R1) 256-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010100000000000000000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+save type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000001070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+save type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000002070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+save type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000003070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+save type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000004070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+save type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000005070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+save type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000008070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+save type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000009070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+save type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b455900000000000100000030410001012800000a070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+save type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b455900000000000100000030410001012800000b070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+save type: ECC_PUB(BP_R1) 256-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000001060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+save type: ECC_PUB(BP_R1) 256-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000002060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+save type: ECC_PUB(BP_R1) 256-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000003060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+save type: ECC_PUB(BP_R1) 256-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000004060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+save type: ECC_PUB(BP_R1) 256-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000005060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+save type: ECC_PUB(BP_R1) 256-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000008060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+save type: ECC_PUB(BP_R1) 256-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000009060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+save type: ECC_PUB(BP_R1) 256-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b455900000000000100000030410001012800000a060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+save type: ECC_PUB(BP_R1) 256-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b455900000000000100000030410001012800000b060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+save type: ECC_PUB(BP_R1) 256-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000000060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+save type: ECC_PUB(BP_R1) 320-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101000000000000000000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+save type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000010700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+save type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000020700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+save type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000030700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+save type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000040700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+save type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000050700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+save type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000080700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+save type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000090700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+save type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b455900000000000100000030414001012800000a0700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+save type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b455900000000000100000030414001012800000b0700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+save type: ECC_PUB(BP_R1) 320-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000010600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+save type: ECC_PUB(BP_R1) 320-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000020600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+save type: ECC_PUB(BP_R1) 320-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000030600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+save type: ECC_PUB(BP_R1) 320-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000040600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+save type: ECC_PUB(BP_R1) 320-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000050600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+save type: ECC_PUB(BP_R1) 320-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000080600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+save type: ECC_PUB(BP_R1) 320-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000090600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+save type: ECC_PUB(BP_R1) 320-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b455900000000000100000030414001012800000a0600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+save type: ECC_PUB(BP_R1) 320-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b455900000000000100000030414001012800000b0600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+save type: ECC_PUB(BP_R1) 320-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000000600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd"
+
+save type: ECC_PUB(BP_R1) 384-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010100000000000000000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+save type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000001070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+save type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000002070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+save type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000003070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+save type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000004070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+save type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000005070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+save type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000008070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+save type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000009070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+save type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b455900000000000100000030418001012800000a070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+save type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b455900000000000100000030418001012800000b070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+save type: ECC_PUB(BP_R1) 384-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000001060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+save type: ECC_PUB(BP_R1) 384-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000002060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+save type: ECC_PUB(BP_R1) 384-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000003060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+save type: ECC_PUB(BP_R1) 384-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000004060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+save type: ECC_PUB(BP_R1) 384-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000005060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+save type: ECC_PUB(BP_R1) 384-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000008060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+save type: ECC_PUB(BP_R1) 384-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000009060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+save type: ECC_PUB(BP_R1) 384-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b455900000000000100000030418001012800000a060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+save type: ECC_PUB(BP_R1) 384-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b455900000000000100000030418001012800000b060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+save type: ECC_PUB(BP_R1) 384-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000000060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+save type: ECC_PUB(BP_R1) 512-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002010000000000000000000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+save type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000107000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+save type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000207000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+save type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000307000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+save type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000407000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+save type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000507000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+save type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000807000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+save type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000907000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+save type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000a07000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+save type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000b07000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+save type: ECC_PUB(BP_R1) 512-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000106000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+save type: ECC_PUB(BP_R1) 512-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000206000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+save type: ECC_PUB(BP_R1) 512-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000306000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+save type: ECC_PUB(BP_R1) 512-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000406000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+save type: ECC_PUB(BP_R1) 512-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000506000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+save type: ECC_PUB(BP_R1) 512-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000806000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+save type: ECC_PUB(BP_R1) 512-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000906000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+save type: ECC_PUB(BP_R1) 512-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000a06000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+save type: ECC_PUB(BP_R1) 512-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000b06000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+save type: ECC_PUB(BP_R1) 512-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000006000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+save type: ECC_PUB(MGM) 255-bit
+depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"505341004b45590000000000010000004141ff00010000000000000000000000200000008520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a"
+
+save type: ECC_PUB(MGM) 448-bit
+depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":"505341004b45590000000000010000004141c00101000000000000000000000038000000c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e"
+
+save type: ECC_PUB(SECP_K1) 192-bit
+depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000010000000000000000000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+save type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000107000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+save type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000207000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+save type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000307000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+save type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000407000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+save type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000507000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+save type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000807000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+save type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000907000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+save type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000a07000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+save type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000b07000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+save type: ECC_PUB(SECP_K1) 192-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000106000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+save type: ECC_PUB(SECP_K1) 192-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000206000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+save type: ECC_PUB(SECP_K1) 192-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000306000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+save type: ECC_PUB(SECP_K1) 192-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000406000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+save type: ECC_PUB(SECP_K1) 192-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000506000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+save type: ECC_PUB(SECP_K1) 192-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000806000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+save type: ECC_PUB(SECP_K1) 192-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000906000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+save type: ECC_PUB(SECP_K1) 192-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000a06000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+save type: ECC_PUB(SECP_K1) 192-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000b06000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+save type: ECC_PUB(SECP_K1) 192-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000006000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"
+
+save type: ECC_PUB(SECP_K1) 224-bit
+depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001000000000000000000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+save type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000010700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+save type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000020700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+save type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000030700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+save type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000040700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+save type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000050700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+save type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000080700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+save type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000090700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+save type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e000012800000a0700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+save type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e000012800000b0700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+save type: ECC_PUB(SECP_K1) 224-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000010600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+save type: ECC_PUB(SECP_K1) 224-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000020600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+save type: ECC_PUB(SECP_K1) 224-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000030600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+save type: ECC_PUB(SECP_K1) 224-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000040600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+save type: ECC_PUB(SECP_K1) 224-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000050600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+save type: ECC_PUB(SECP_K1) 224-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000080600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+save type: ECC_PUB(SECP_K1) 224-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000090600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+save type: ECC_PUB(SECP_K1) 224-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e000012800000a0600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+save type: ECC_PUB(SECP_K1) 224-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e000012800000b0600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+save type: ECC_PUB(SECP_K1) 224-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000000600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"
+
+save type: ECC_PUB(SECP_K1) 256-bit
+depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101000000000000000000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+save type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000010700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+save type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000020700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+save type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000030700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+save type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000040700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+save type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000050700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+save type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000080700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+save type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000090700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+save type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b455900000000000100000017410001012800000a0700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+save type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b455900000000000100000017410001012800000b0700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+save type: ECC_PUB(SECP_K1) 256-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000010600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+save type: ECC_PUB(SECP_K1) 256-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000020600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+save type: ECC_PUB(SECP_K1) 256-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000030600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+save type: ECC_PUB(SECP_K1) 256-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000040600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+save type: ECC_PUB(SECP_K1) 256-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000050600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+save type: ECC_PUB(SECP_K1) 256-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000080600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+save type: ECC_PUB(SECP_K1) 256-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000090600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+save type: ECC_PUB(SECP_K1) 256-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b455900000000000100000017410001012800000a0600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+save type: ECC_PUB(SECP_K1) 256-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b455900000000000100000017410001012800000b0600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+save type: ECC_PUB(SECP_K1) 256-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000000600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"
+
+save type: ECC_PUB(SECP_R1) 225-bit
+depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001000000000000000000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+save type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000010700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+save type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000020700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+save type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000030700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+save type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000040700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+save type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000050700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+save type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000080700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+save type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000090700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+save type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e100012800000a0700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+save type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e100012800000b0700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+save type: ECC_PUB(SECP_R1) 225-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000010600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+save type: ECC_PUB(SECP_R1) 225-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000020600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+save type: ECC_PUB(SECP_R1) 225-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000030600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+save type: ECC_PUB(SECP_R1) 225-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000040600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+save type: ECC_PUB(SECP_R1) 225-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000050600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+save type: ECC_PUB(SECP_R1) 225-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000080600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+save type: ECC_PUB(SECP_R1) 225-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000090600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+save type: ECC_PUB(SECP_R1) 225-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e100012800000a0600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+save type: ECC_PUB(SECP_R1) 225-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e100012800000b0600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+save type: ECC_PUB(SECP_R1) 225-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000000600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"
+
+save type: ECC_PUB(SECP_R1) 256-bit
+depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101000000000000000000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+save type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000010700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+save type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000020700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+save type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000030700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+save type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000040700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+save type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000050700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+save type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000080700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+save type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000090700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+save type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b455900000000000100000012410001012800000a0700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+save type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b455900000000000100000012410001012800000b0700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+save type: ECC_PUB(SECP_R1) 256-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000010600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+save type: ECC_PUB(SECP_R1) 256-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000020600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+save type: ECC_PUB(SECP_R1) 256-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000030600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+save type: ECC_PUB(SECP_R1) 256-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000040600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+save type: ECC_PUB(SECP_R1) 256-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000050600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+save type: ECC_PUB(SECP_R1) 256-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000080600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+save type: ECC_PUB(SECP_R1) 256-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000090600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+save type: ECC_PUB(SECP_R1) 256-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b455900000000000100000012410001012800000a0600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+save type: ECC_PUB(SECP_R1) 256-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b455900000000000100000012410001012800000b0600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+save type: ECC_PUB(SECP_R1) 256-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000000600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+save type: ECC_PUB(SECP_R1) 384-bit
+depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010100000000000000000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+save type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000001070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+save type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000002070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+save type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000003070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+save type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000004070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+save type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000005070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+save type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000008070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+save type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000009070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+save type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b455900000000000100000012418001012800000a070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+save type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b455900000000000100000012418001012800000b070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+save type: ECC_PUB(SECP_R1) 384-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000001060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+save type: ECC_PUB(SECP_R1) 384-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000002060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+save type: ECC_PUB(SECP_R1) 384-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000003060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+save type: ECC_PUB(SECP_R1) 384-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000004060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+save type: ECC_PUB(SECP_R1) 384-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000005060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+save type: ECC_PUB(SECP_R1) 384-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000008060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+save type: ECC_PUB(SECP_R1) 384-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000009060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+save type: ECC_PUB(SECP_R1) 384-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b455900000000000100000012418001012800000a060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+save type: ECC_PUB(SECP_R1) 384-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b455900000000000100000012418001012800000b060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+save type: ECC_PUB(SECP_R1) 384-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000000060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+save type: ECC_PUB(SECP_R1) 521-bit
+depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020100000000000000000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+save type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000001070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+save type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000002070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+save type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000003070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+save type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000004070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+save type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000005070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+save type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000008070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+save type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000009070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+save type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b455900000000000100000012410902012800000a070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+save type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b455900000000000100000012410902012800000b070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+save type: ECC_PUB(SECP_R1) 521-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000001060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+save type: ECC_PUB(SECP_R1) 521-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000002060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+save type: ECC_PUB(SECP_R1) 521-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000003060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+save type: ECC_PUB(SECP_R1) 521-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000004060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+save type: ECC_PUB(SECP_R1) 521-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000005060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+save type: ECC_PUB(SECP_R1) 521-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000008060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+save type: ECC_PUB(SECP_R1) 521-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000009060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+save type: ECC_PUB(SECP_R1) 521-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b455900000000000100000012410902012800000a060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+save type: ECC_PUB(SECP_R1) 521-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b455900000000000100000012410902012800000b060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+save type: ECC_PUB(SECP_R1) 521-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000000060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+save type: ECC_PUB(SECP_R2) 160-bit
+depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001000000000000000000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+save type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000010700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+save type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000020700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+save type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000030700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+save type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000040700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+save type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000050700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+save type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000080700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+save type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000090700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+save type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a000012800000a0700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+save type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a000012800000b0700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+save type: ECC_PUB(SECP_R2) 160-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000010600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+save type: ECC_PUB(SECP_R2) 160-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000020600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+save type: ECC_PUB(SECP_R2) 160-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000030600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+save type: ECC_PUB(SECP_R2) 160-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000040600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+save type: ECC_PUB(SECP_R2) 160-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000050600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+save type: ECC_PUB(SECP_R2) 160-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000080600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+save type: ECC_PUB(SECP_R2) 160-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000090600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+save type: ECC_PUB(SECP_R2) 160-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a000012800000a0600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+save type: ECC_PUB(SECP_R2) 160-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a000012800000b0600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+save type: ECC_PUB(SECP_R2) 160-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000000600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b"
+
+save type: ECC_PUB(SECT_K1) 163-bit
+depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000100000000000000000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+save type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000001070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+save type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000002070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+save type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000003070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+save type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000004070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+save type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000005070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+save type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000008070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+save type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000009070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+save type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a300012800000a070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+save type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a300012800000b070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+save type: ECC_PUB(SECT_K1) 163-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000001060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+save type: ECC_PUB(SECT_K1) 163-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000002060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+save type: ECC_PUB(SECT_K1) 163-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000003060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+save type: ECC_PUB(SECT_K1) 163-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000004060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+save type: ECC_PUB(SECT_K1) 163-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000005060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+save type: ECC_PUB(SECT_K1) 163-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000008060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+save type: ECC_PUB(SECT_K1) 163-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000009060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+save type: ECC_PUB(SECT_K1) 163-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a300012800000a060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+save type: ECC_PUB(SECT_K1) 163-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a300012800000b060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+save type: ECC_PUB(SECT_K1) 163-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000000060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9"
+
+save type: ECC_PUB(SECT_K1) 233-bit
+depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000100000000000000000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+save type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000001070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+save type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000002070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+save type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000003070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+save type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000004070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+save type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000005070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+save type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000008070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+save type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000009070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+save type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e900012800000a070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+save type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e900012800000b070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+save type: ECC_PUB(SECT_K1) 233-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000001060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+save type: ECC_PUB(SECT_K1) 233-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000002060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+save type: ECC_PUB(SECT_K1) 233-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000003060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+save type: ECC_PUB(SECT_K1) 233-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000004060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+save type: ECC_PUB(SECT_K1) 233-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000005060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+save type: ECC_PUB(SECT_K1) 233-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000008060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+save type: ECC_PUB(SECT_K1) 233-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000009060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+save type: ECC_PUB(SECT_K1) 233-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e900012800000a060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+save type: ECC_PUB(SECT_K1) 233-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e900012800000b060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+save type: ECC_PUB(SECT_K1) 233-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000000060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f"
+
+save type: ECC_PUB(SECT_K1) 239-bit
+depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000100000000000000000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+save type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000001070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+save type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000002070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+save type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000003070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+save type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000004070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+save type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000005070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+save type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000008070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+save type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000009070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+save type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef00012800000a070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+save type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef00012800000b070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+save type: ECC_PUB(SECT_K1) 239-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000001060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+save type: ECC_PUB(SECT_K1) 239-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000002060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+save type: ECC_PUB(SECT_K1) 239-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000003060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+save type: ECC_PUB(SECT_K1) 239-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000004060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+save type: ECC_PUB(SECT_K1) 239-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000005060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+save type: ECC_PUB(SECT_K1) 239-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000008060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+save type: ECC_PUB(SECT_K1) 239-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000009060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+save type: ECC_PUB(SECT_K1) 239-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef00012800000a060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+save type: ECC_PUB(SECT_K1) 239-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef00012800000b060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+save type: ECC_PUB(SECT_K1) 239-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000000060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d"
+
+save type: ECC_PUB(SECT_K1) 283-bit
+depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01010000000000000000000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+save type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000107000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+save type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000207000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+save type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000307000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+save type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000407000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+save type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000507000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+save type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000807000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+save type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000907000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+save type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000a07000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+save type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000b07000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+save type: ECC_PUB(SECT_K1) 283-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000106000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+save type: ECC_PUB(SECT_K1) 283-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000206000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+save type: ECC_PUB(SECT_K1) 283-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000306000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+save type: ECC_PUB(SECT_K1) 283-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000406000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+save type: ECC_PUB(SECT_K1) 283-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000506000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+save type: ECC_PUB(SECT_K1) 283-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000806000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+save type: ECC_PUB(SECT_K1) 283-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000906000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+save type: ECC_PUB(SECT_K1) 283-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000a06000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+save type: ECC_PUB(SECT_K1) 283-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000b06000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+save type: ECC_PUB(SECT_K1) 283-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000006000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3"
+
+save type: ECC_PUB(SECT_K1) 409-bit
+depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010100000000000000000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+save type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000001070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+save type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000002070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+save type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000003070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+save type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000004070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+save type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000005070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+save type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000008070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+save type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000009070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+save type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b455900000000000100000027419901012800000a070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+save type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b455900000000000100000027419901012800000b070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+save type: ECC_PUB(SECT_K1) 409-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000001060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+save type: ECC_PUB(SECT_K1) 409-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000002060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+save type: ECC_PUB(SECT_K1) 409-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000003060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+save type: ECC_PUB(SECT_K1) 409-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000004060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+save type: ECC_PUB(SECT_K1) 409-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000005060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+save type: ECC_PUB(SECT_K1) 409-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000008060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+save type: ECC_PUB(SECT_K1) 409-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000009060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+save type: ECC_PUB(SECT_K1) 409-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b455900000000000100000027419901012800000a060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+save type: ECC_PUB(SECT_K1) 409-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b455900000000000100000027419901012800000b060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+save type: ECC_PUB(SECT_K1) 409-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000000060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b"
+
+save type: ECC_PUB(SECT_K1) 571-bit
+depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020100000000000000000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+save type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000001070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+save type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000002070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+save type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000003070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+save type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000004070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+save type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000005070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+save type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000008070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+save type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000009070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+save type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b02012800000a070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+save type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b02012800000b070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+save type: ECC_PUB(SECT_K1) 571-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000001060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+save type: ECC_PUB(SECT_K1) 571-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000002060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+save type: ECC_PUB(SECT_K1) 571-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000003060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+save type: ECC_PUB(SECT_K1) 571-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000004060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+save type: ECC_PUB(SECT_K1) 571-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000005060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+save type: ECC_PUB(SECT_K1) 571-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000008060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+save type: ECC_PUB(SECT_K1) 571-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000009060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+save type: ECC_PUB(SECT_K1) 571-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b02012800000a060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+save type: ECC_PUB(SECT_K1) 571-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b02012800000b060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+save type: ECC_PUB(SECT_K1) 571-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000000060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a"
+
+save type: ECC_PUB(SECT_R1) 163-bit
+depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000100000000000000000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+save type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000001070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+save type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000002070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+save type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000003070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+save type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000004070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+save type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000005070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+save type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000008070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+save type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000009070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+save type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a300012800000a070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+save type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a300012800000b070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+save type: ECC_PUB(SECT_R1) 163-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000001060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+save type: ECC_PUB(SECT_R1) 163-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000002060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+save type: ECC_PUB(SECT_R1) 163-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000003060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+save type: ECC_PUB(SECT_R1) 163-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000004060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+save type: ECC_PUB(SECT_R1) 163-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000005060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+save type: ECC_PUB(SECT_R1) 163-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000008060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+save type: ECC_PUB(SECT_R1) 163-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000009060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+save type: ECC_PUB(SECT_R1) 163-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a300012800000a060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+save type: ECC_PUB(SECT_R1) 163-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a300012800000b060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+save type: ECC_PUB(SECT_R1) 163-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000000060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb"
+
+save type: ECC_PUB(SECT_R1) 233-bit
+depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000100000000000000000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+save type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000001070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+save type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000002070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+save type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000003070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+save type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000004070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+save type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000005070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+save type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000008070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+save type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000009070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+save type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e900012800000a070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+save type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e900012800000b070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+save type: ECC_PUB(SECT_R1) 233-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000001060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+save type: ECC_PUB(SECT_R1) 233-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000002060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+save type: ECC_PUB(SECT_R1) 233-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000003060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+save type: ECC_PUB(SECT_R1) 233-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000004060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+save type: ECC_PUB(SECT_R1) 233-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000005060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+save type: ECC_PUB(SECT_R1) 233-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000008060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+save type: ECC_PUB(SECT_R1) 233-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000009060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+save type: ECC_PUB(SECT_R1) 233-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e900012800000a060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+save type: ECC_PUB(SECT_R1) 233-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e900012800000b060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+save type: ECC_PUB(SECT_R1) 233-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000000060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d"
+
+save type: ECC_PUB(SECT_R1) 283-bit
+depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010100000000000000000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+save type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000001070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+save type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000002070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+save type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000003070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+save type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000004070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+save type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000005070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+save type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000008070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+save type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000009070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+save type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b01012800000a070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+save type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b01012800000b070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+save type: ECC_PUB(SECT_R1) 283-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000001060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+save type: ECC_PUB(SECT_R1) 283-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000002060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+save type: ECC_PUB(SECT_R1) 283-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000003060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+save type: ECC_PUB(SECT_R1) 283-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000004060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+save type: ECC_PUB(SECT_R1) 283-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000005060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+save type: ECC_PUB(SECT_R1) 283-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000008060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+save type: ECC_PUB(SECT_R1) 283-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000009060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+save type: ECC_PUB(SECT_R1) 283-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b01012800000a060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+save type: ECC_PUB(SECT_R1) 283-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b01012800000b060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+save type: ECC_PUB(SECT_R1) 283-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000000060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765"
+
+save type: ECC_PUB(SECT_R1) 409-bit
+depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901010000000000000000000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+save type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000107000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+save type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000207000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+save type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000307000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+save type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000407000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+save type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000507000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+save type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000807000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+save type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000907000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+save type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000a07000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+save type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000b07000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+save type: ECC_PUB(SECT_R1) 409-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000106000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+save type: ECC_PUB(SECT_R1) 409-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000206000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+save type: ECC_PUB(SECT_R1) 409-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000306000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+save type: ECC_PUB(SECT_R1) 409-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000406000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+save type: ECC_PUB(SECT_R1) 409-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000506000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+save type: ECC_PUB(SECT_R1) 409-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000806000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+save type: ECC_PUB(SECT_R1) 409-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000906000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+save type: ECC_PUB(SECT_R1) 409-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000a06000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+save type: ECC_PUB(SECT_R1) 409-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000b06000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+save type: ECC_PUB(SECT_R1) 409-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000006000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22"
+
+save type: ECC_PUB(SECT_R1) 571-bit
+depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201000000000000000000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+save type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000010700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+save type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000020700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+save type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000030700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+save type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000040700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+save type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000050700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+save type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000080700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+save type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000090700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+save type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b02012800000a0700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+save type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b02012800000b0700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+save type: ECC_PUB(SECT_R1) 571-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000010600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+save type: ECC_PUB(SECT_R1) 571-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000020600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+save type: ECC_PUB(SECT_R1) 571-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000030600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+save type: ECC_PUB(SECT_R1) 571-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000040600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+save type: ECC_PUB(SECT_R1) 571-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000050600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+save type: ECC_PUB(SECT_R1) 571-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000080600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+save type: ECC_PUB(SECT_R1) 571-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000090600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+save type: ECC_PUB(SECT_R1) 571-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b02012800000a0600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+save type: ECC_PUB(SECT_R1) 571-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b02012800000b0600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+save type: ECC_PUB(SECT_R1) 571-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000000600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74"
+
+save type: ECC_PUB(SECT_R2) 163-bit
+depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000100000000000000000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+save type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000001070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+save type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000002070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+save type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000003070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+save type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000004070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+save type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000005070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+save type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000008070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+save type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000009070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+save type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a300012800000a070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+save type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a300012800000b070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+save type: ECC_PUB(SECT_R2) 163-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000001060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+save type: ECC_PUB(SECT_R2) 163-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000002060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+save type: ECC_PUB(SECT_R2) 163-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000003060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+save type: ECC_PUB(SECT_R2) 163-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000004060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+save type: ECC_PUB(SECT_R2) 163-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000005060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+save type: ECC_PUB(SECT_R2) 163-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000008060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+save type: ECC_PUB(SECT_R2) 163-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000009060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+save type: ECC_PUB(SECT_R2) 163-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a300012800000a060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+save type: ECC_PUB(SECT_R2) 163-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a300012800000b060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+save type: ECC_PUB(SECT_R2) 163-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000000060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f"
+
+save type: ECC_PUB(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001000000000000000000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a"
+
+save type: ECC_PUB(TWISTED_EDWARDS) 255-bit, ED25519PH
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff00012800000b0900060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a"
+
+save type: ECC_PUB(TWISTED_EDWARDS) 255-bit, ED448PH
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001280000150900060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a"
+
+save type: ECC_PUB(TWISTED_EDWARDS) 255-bit, PURE_EDDSA
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_PURE_EDDSA:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001280000000800060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a"
+
+save type: ECC_PUB(TWISTED_EDWARDS) 448-bit
+depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001010000000000000000000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180"
+
+save type: ECC_PUB(TWISTED_EDWARDS) 448-bit, ED25519PH
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001012800000b09000600000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180"
+
+save type: ECC_PUB(TWISTED_EDWARDS) 448-bit, ED448PH
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001012800001509000600000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180"
+
+save type: ECC_PUB(TWISTED_EDWARDS) 448-bit, PURE_EDDSA
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_PURE_EDDSA:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001012800000008000600000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180"
+
+save type: HMAC 128-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000100000000000000000000001000000048657265006973206b6579a064617461"
+
+save type: HMAC 128-bit, HMAC(MD2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000001008003000000001000000048657265006973206b6579a064617461"
+
+save type: HMAC 128-bit, HMAC(MD4)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000002008003000000001000000048657265006973206b6579a064617461"
+
+save type: HMAC 128-bit, HMAC(MD5)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000003008003000000001000000048657265006973206b6579a064617461"
+
+save type: HMAC 128-bit, HMAC(RIPEMD160)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000004008003000000001000000048657265006973206b6579a064617461"
+
+save type: HMAC 128-bit, HMAC(SHA_1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000005008003000000001000000048657265006973206b6579a064617461"
+
+save type: HMAC 128-bit, HMAC(SHA_224)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000008008003000000001000000048657265006973206b6579a064617461"
+
+save type: HMAC 128-bit, HMAC(SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000009008003000000001000000048657265006973206b6579a064617461"
+
+save type: HMAC 128-bit, HMAC(SHA_384)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c00000a008003000000001000000048657265006973206b6579a064617461"
+
+save type: HMAC 128-bit, HMAC(SHA_512)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c00000b008003000000001000000048657265006973206b6579a064617461"
+
+save type: HMAC 160-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a0000100000000000000000000001400000048657265006973206b6579a06461746148657265"
+
+save type: HMAC 160-bit, HMAC(MD2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000001008003000000001400000048657265006973206b6579a06461746148657265"
+
+save type: HMAC 160-bit, HMAC(MD4)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000002008003000000001400000048657265006973206b6579a06461746148657265"
+
+save type: HMAC 160-bit, HMAC(MD5)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000003008003000000001400000048657265006973206b6579a06461746148657265"
+
+save type: HMAC 160-bit, HMAC(RIPEMD160)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000004008003000000001400000048657265006973206b6579a06461746148657265"
+
+save type: HMAC 160-bit, HMAC(SHA_1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000005008003000000001400000048657265006973206b6579a06461746148657265"
+
+save type: HMAC 160-bit, HMAC(SHA_224)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000008008003000000001400000048657265006973206b6579a06461746148657265"
+
+save type: HMAC 160-bit, HMAC(SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000009008003000000001400000048657265006973206b6579a06461746148657265"
+
+save type: HMAC 160-bit, HMAC(SHA_384)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c00000a008003000000001400000048657265006973206b6579a06461746148657265"
+
+save type: HMAC 160-bit, HMAC(SHA_512)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c00000b008003000000001400000048657265006973206b6579a06461746148657265"
+
+save type: HMAC 224-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e0000100000000000000000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0"
+
+save type: HMAC 224-bit, HMAC(MD2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000001008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0"
+
+save type: HMAC 224-bit, HMAC(MD4)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000002008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0"
+
+save type: HMAC 224-bit, HMAC(MD5)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000003008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0"
+
+save type: HMAC 224-bit, HMAC(RIPEMD160)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000004008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0"
+
+save type: HMAC 224-bit, HMAC(SHA_1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000005008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0"
+
+save type: HMAC 224-bit, HMAC(SHA_224)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000008008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0"
+
+save type: HMAC 224-bit, HMAC(SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000009008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0"
+
+save type: HMAC 224-bit, HMAC(SHA_384)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c00000a008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0"
+
+save type: HMAC 224-bit, HMAC(SHA_512)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c00000b008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0"
+
+save type: HMAC 256-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 256-bit, HMAC(MD2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000001008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 256-bit, HMAC(MD4)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000002008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 256-bit, HMAC(MD5)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000003008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 256-bit, HMAC(RIPEMD160)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000004008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 256-bit, HMAC(SHA_1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000005008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 256-bit, HMAC(SHA_224)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000008008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 256-bit, HMAC(SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000009008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 256-bit, HMAC(SHA_384)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c00000a008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 256-bit, HMAC(SHA_512)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c00000b008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 384-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001180010100000000000000000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 384-bit, HMAC(MD2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000001008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 384-bit, HMAC(MD4)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000002008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 384-bit, HMAC(MD5)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000003008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 384-bit, HMAC(RIPEMD160)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000004008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 384-bit, HMAC(SHA_1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000005008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 384-bit, HMAC(SHA_224)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000008008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 384-bit, HMAC(SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000009008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 384-bit, HMAC(SHA_384)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c00000a008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 384-bit, HMAC(SHA_512)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c00000b008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 512-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100020100000000000000000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 512-bit, HMAC(MD2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000001008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 512-bit, HMAC(MD4)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000002008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 512-bit, HMAC(MD5)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000003008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 512-bit, HMAC(RIPEMD160)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000004008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 512-bit, HMAC(SHA_1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000005008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 512-bit, HMAC(SHA_224)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000008008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 512-bit, HMAC(SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000009008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 512-bit, HMAC(SHA_384)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c00000a008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: HMAC 512-bit, HMAC(SHA_512)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c00000b008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461"
+
+save type: RAW_DATA 8-bit
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000011008000100000000000000000000000100000048"
+
+save type: RAW_DATA 40-bit
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:40:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4865726500":"505341004b455900000000000100000001102800010000000000000000000000050000004865726500"
+
+save type: RAW_DATA 128-bit
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000011080000100000000000000000000001000000048657265006973206b6579a064617461"
+
+save type: RSA_PAIR 1024-bit
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010000000000000000000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_OAEP(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000103000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_OAEP(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000203000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_OAEP(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000303000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_OAEP(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000403000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_OAEP(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000503000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_OAEP(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000803000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_OAEP(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000903000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_OAEP(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000a03000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_OAEP(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000b03000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_CRYPT
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000002000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000102000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000202000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000302000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000402000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000502000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000802000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000902000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000a02000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000b02000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN_RAW
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000002000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PSS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000103000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PSS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000203000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PSS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000303000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PSS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000403000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PSS(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000503000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PSS(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000803000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PSS(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000903000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PSS(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000a03000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PSS(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000b03000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000113000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000213000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000313000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000413000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000513000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000813000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000913000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000a13000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000b13000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+save type: RSA_PAIR 1536-bit
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060100000000000000000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_OAEP(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000001030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_OAEP(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000002030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_OAEP(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000003030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_OAEP(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000004030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_OAEP(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000005030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_OAEP(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000008030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_OAEP(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000009030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_OAEP(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006010300000a030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_OAEP(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006010300000b030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_CRYPT
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000000020007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000001020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000002020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000003020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000004020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000005020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000008020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000009020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000a020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000b020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN_RAW
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000000020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PSS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000001030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PSS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000002030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PSS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000003030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PSS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000004030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PSS(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000005030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PSS(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000008030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PSS(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000009030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PSS(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000a030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PSS(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000b030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000001130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000002130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000003130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000004130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000005130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000008130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000009130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000a130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000b130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf"
+
+save type: RSA_PUB 1024-bit
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040100000000000000000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_OAEP(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000001030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_OAEP(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000002030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_OAEP(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000003030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_OAEP(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000004030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_OAEP(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000005030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_OAEP(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000008030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_OAEP(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000009030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_OAEP(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004010100000a030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_OAEP(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004010100000b030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PKCS1V15_CRYPT
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000000020007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000001020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000002020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000003020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000004020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000005020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000008020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000009020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000a020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000b020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN_RAW
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000000020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PSS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000001030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PSS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000002030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PSS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000003030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PSS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000004030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PSS(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000005030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PSS(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000008030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PSS(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000009030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PSS(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000a030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PSS(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000b030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000001130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000002130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000003130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000004130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000005130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000008130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000009130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000a130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000b130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+save type: RSA_PUB 1536-bit
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010000000000000000000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_OAEP(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000103000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_OAEP(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000203000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_OAEP(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000303000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_OAEP(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000403000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_OAEP(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000503000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_OAEP(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000803000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_OAEP(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000903000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_OAEP(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000a03000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_OAEP(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000b03000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PKCS1V15_CRYPT
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000002000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000102000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000202000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000302000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000402000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000502000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000802000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000902000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000a02000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000b02000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN_RAW
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000002000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PSS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000103000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PSS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000203000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PSS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000303000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PSS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000403000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PSS(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000503000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PSS(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000803000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PSS(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000903000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PSS(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000a03000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PSS(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000b03000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000113000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000213000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000313000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000413000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000513000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000813000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000913000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000a13000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000b13000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001"
+
+save alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000081410500000000010000004b"
+
+save alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000814105010000004c"
+
+save alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000085010500000000010000004b"
+
+save alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305, 1):"4c":"505341004b455900000000000100000001100800010000000000000000850105010000004c"
+
+save alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000082410500000000010000004b"
+
+save alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000824105010000004c"
+
+save alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0x0000:"4b":"505341004b455900000000000100000001100800010000000081440500000000010000004b"
+
+save alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):"4c":"505341004b455900000000000100000001100800010000000000000000814405010000004c"
+
+save alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 13):0x0000:"4b":"505341004b4559000000000001000000011008000100000000814d0500000000010000004b"
+
+save alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 13):"4c":"505341004b455900000000000100000001100800010000000000000000814d05010000004c"
+
+save alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 14):0x0000:"4b":"505341004b4559000000000001000000011008000100000000814e0500000000010000004b"
+
+save alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 14):"4c":"505341004b455900000000000100000001100800010000000000000000814e05010000004c"
+
+save alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 16):0x0000:"4b":"505341004b455900000000000100000001100800010000000081500500000000010000004b"
+
+save alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 16):"4c":"505341004b455900000000000100000001100800010000000000000000815005010000004c"
+
+save alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 63):0x0000:"4b":"505341004b4559000000000001000000011008000100000000817f0500000000010000004b"
+
+save alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 63):"4c":"505341004b455900000000000100000001100800010000000000000000817f05010000004c"
+
+save alg: AEAD_SHORT(CCM,1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000001410500000000010000004b"
+
+save alg2: AEAD_SHORT(CCM,1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000014105010000004c"
+
+save alg: AEAD_SHORT(CHACHA20_POLY1305,1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000005010500000000010000004b"
+
+save alg2: AEAD_SHORT(CHACHA20_POLY1305,1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 1):"4c":"505341004b455900000000000100000001100800010000000000000000050105010000004c"
+
+save alg: AEAD_SHORT(GCM,1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000002410500000000010000004b"
+
+save alg2: AEAD_SHORT(GCM,1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000024105010000004c"
+
+save alg: AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0x0000:"4b":"505341004b455900000000000100000001100800010000000001440500000000010000004b"
+
+save alg2: AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):"4c":"505341004b455900000000000100000001100800010000000000000000014405010000004c"
+
+save alg: AEAD_SHORT(CCM,13)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 13):0x0000:"4b":"505341004b4559000000000001000000011008000100000000014d0500000000010000004b"
+
+save alg2: AEAD_SHORT(CCM,13)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 13):"4c":"505341004b455900000000000100000001100800010000000000000000014d05010000004c"
+
+save alg: AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 14):0x0000:"4b":"505341004b4559000000000001000000011008000100000000014e0500000000010000004b"
+
+save alg2: AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 14):"4c":"505341004b455900000000000100000001100800010000000000000000014e05010000004c"
+
+save alg: AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 16):0x0000:"4b":"505341004b455900000000000100000001100800010000000001500500000000010000004b"
+
+save alg2: AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 16):"4c":"505341004b455900000000000100000001100800010000000000000000015005010000004c"
+
+save alg: AEAD_SHORT(CCM,63)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 63):0x0000:"4b":"505341004b4559000000000001000000011008000100000000017f0500000000010000004b"
+
+save alg2: AEAD_SHORT(CCM,63)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 63):"4c":"505341004b455900000000000100000001100800010000000000000000017f05010000004c"
+
+save alg: ANY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ANY_HASH:0x0000:"4b":"505341004b45590000000000010000000110080001000000ff00000200000000010000004b"
+
+save alg2: ANY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ANY_HASH:"4c":"505341004b4559000000000001000000011008000100000000000000ff000002010000004c"
+
+save alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000081c10300000000010000004b"
+
+save alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000081c103010000004c"
+
+save alg: AT_LEAST_THIS_LENGTH_MAC(CMAC,1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000082c10300000000010000004b"
+
+save alg2: AT_LEAST_THIS_LENGTH_MAC(CMAC,1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000082c103010000004c"
+
+save alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000180810300000000010000004b"
+
+save alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):"4c":"505341004b455900000000000100000001100800010000000000000001808103010000004c"
+
+save alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000280810300000000010000004b"
+
+save alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):"4c":"505341004b455900000000000100000001100800010000000000000002808103010000004c"
+
+save alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000380810300000000010000004b"
+
+save alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):"4c":"505341004b455900000000000100000001100800010000000000000003808103010000004c"
+
+save alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000480810300000000010000004b"
+
+save alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):"4c":"505341004b455900000000000100000001100800010000000000000004808103010000004c"
+
+save alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000580810300000000010000004b"
+
+save alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):"4c":"505341004b455900000000000100000001100800010000000000000005808103010000004c"
+
+save alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000880810300000000010000004b"
+
+save alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):"4c":"505341004b455900000000000100000001100800010000000000000008808103010000004c"
+
+save alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000980810300000000010000004b"
+
+save alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):"4c":"505341004b455900000000000100000001100800010000000000000009808103010000004c"
+
+save alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000a80810300000000010000004b"
+
+save alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):"4c":"505341004b45590000000000010000000110080001000000000000000a808103010000004c"
+
+save alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000b80810300000000010000004b"
+
+save alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):"4c":"505341004b45590000000000010000000110080001000000000000000b808103010000004c"
+
+save alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 4):0x0000:"4b":"505341004b455900000000000100000001100800010000000081c40300000000010000004b"
+
+save alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 4):"4c":"505341004b45590000000000010000000110080001000000000000000081c403010000004c"
+
+save alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 13):0x0000:"4b":"505341004b455900000000000100000001100800010000000081cd0300000000010000004b"
+
+save alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 13):"4c":"505341004b45590000000000010000000110080001000000000000000081cd03010000004c"
+
+save alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 14):0x0000:"4b":"505341004b455900000000000100000001100800010000000081ce0300000000010000004b"
+
+save alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 14):"4c":"505341004b45590000000000010000000110080001000000000000000081ce03010000004c"
+
+save alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 16):0x0000:"4b":"505341004b455900000000000100000001100800010000000081d00300000000010000004b"
+
+save alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 16):"4c":"505341004b45590000000000010000000110080001000000000000000081d003010000004c"
+
+save alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 63):0x0000:"4b":"505341004b455900000000000100000001100800010000000081ff0300000000010000004b"
+
+save alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 63):"4c":"505341004b45590000000000010000000110080001000000000000000081ff03010000004c"
+
+save alg: CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_MAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000001c00300000000010000004b"
+
+save alg2: CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_MAC:"4c":"505341004b45590000000000010000000110080001000000000000000001c003010000004c"
+
+save alg: CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000040400400000000010000004b"
+
+save alg2: CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000404004010000004c"
+
+save alg: CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"4b":"505341004b455900000000000100000001100800010000000041400400000000010000004b"
+
+save alg2: CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_PKCS7:"4c":"505341004b455900000000000100000001100800010000000000000000414004010000004c"
+
+save alg: CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000001500500000000010000004b"
+
+save alg2: CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CCM:"4c":"505341004b455900000000000100000001100800010000000000000000015005010000004c"
+
+save alg: CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000011c00400000000010000004b"
+
+save alg2: CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CFB:"4c":"505341004b45590000000000010000000110080001000000000000000011c004010000004c"
+
+save alg: CHACHA20_POLY1305
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CHACHA20_POLY1305:0x0000:"4b":"505341004b455900000000000100000001100800010000000005100500000000010000004b"
+
+save alg2: CHACHA20_POLY1305
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CHACHA20_POLY1305:"4c":"505341004b455900000000000100000001100800010000000000000000051005010000004c"
+
+save alg: CMAC
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CMAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000002c00300000000010000004b"
+
+save alg2: CMAC
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CMAC:"4c":"505341004b45590000000000010000000110080001000000000000000002c003010000004c"
+
+save alg: CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"4b":"505341004b455900000000000100000001100800010000000010c00400000000010000004b"
+
+save alg2: CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CTR:"4c":"505341004b45590000000000010000000110080001000000000000000010c004010000004c"
+
+save alg: DET_DSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000105000600000000010000004b"
+
+save alg2: DET_DSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001050006010000004c"
+
+save alg: DET_DSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000205000600000000010000004b"
+
+save alg2: DET_DSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002050006010000004c"
+
+save alg: DET_DSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000305000600000000010000004b"
+
+save alg2: DET_DSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003050006010000004c"
+
+save alg: DET_DSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000405000600000000010000004b"
+
+save alg2: DET_DSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004050006010000004c"
+
+save alg: DET_DSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000505000600000000010000004b"
+
+save alg2: DET_DSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005050006010000004c"
+
+save alg: DET_DSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000805000600000000010000004b"
+
+save alg2: DET_DSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008050006010000004c"
+
+save alg: DET_DSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000905000600000000010000004b"
+
+save alg2: DET_DSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009050006010000004c"
+
+save alg: DET_DSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a05000600000000010000004b"
+
+save alg2: DET_DSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a050006010000004c"
+
+save alg: DET_DSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b05000600000000010000004b"
+
+save alg2: DET_DSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b050006010000004c"
+
+save alg: DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000107000600000000010000004b"
+
+save alg2: DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001070006010000004c"
+
+save alg: DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000207000600000000010000004b"
+
+save alg2: DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002070006010000004c"
+
+save alg: DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000307000600000000010000004b"
+
+save alg2: DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003070006010000004c"
+
+save alg: DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000407000600000000010000004b"
+
+save alg2: DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004070006010000004c"
+
+save alg: DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000507000600000000010000004b"
+
+save alg2: DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005070006010000004c"
+
+save alg: DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000807000600000000010000004b"
+
+save alg2: DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008070006010000004c"
+
+save alg: DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000907000600000000010000004b"
+
+save alg2: DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009070006010000004c"
+
+save alg: DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a07000600000000010000004b"
+
+save alg2: DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a070006010000004c"
+
+save alg: DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b07000600000000010000004b"
+
+save alg2: DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b070006010000004c"
+
+save alg: DET_ECDSA(ANY_HASH)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff07000600000000010000004b"
+
+save alg2: DET_ECDSA(ANY_HASH)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff070006010000004c"
+
+save alg: DSA(MD2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000104000600000000010000004b"
+
+save alg2: DSA(MD2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001040006010000004c"
+
+save alg: DSA(MD4)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000204000600000000010000004b"
+
+save alg2: DSA(MD4)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002040006010000004c"
+
+save alg: DSA(MD5)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000304000600000000010000004b"
+
+save alg2: DSA(MD5)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003040006010000004c"
+
+save alg: DSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000404000600000000010000004b"
+
+save alg2: DSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004040006010000004c"
+
+save alg: DSA(SHA_1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000504000600000000010000004b"
+
+save alg2: DSA(SHA_1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005040006010000004c"
+
+save alg: DSA(SHA_224)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000804000600000000010000004b"
+
+save alg2: DSA(SHA_224)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008040006010000004c"
+
+save alg: DSA(SHA_256)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000904000600000000010000004b"
+
+save alg2: DSA(SHA_256)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009040006010000004c"
+
+save alg: DSA(SHA_384)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a04000600000000010000004b"
+
+save alg2: DSA(SHA_384)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a040006010000004c"
+
+save alg: DSA(SHA_512)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b04000600000000010000004b"
+
+save alg2: DSA(SHA_512)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b040006010000004c"
+
+save alg: ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000044400400000000010000004b"
+
+save alg2: ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECB_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000444004010000004c"
+
+save alg: ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000020900000000010000004b"
+
+save alg2: ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDH:"4c":"505341004b455900000000000100000001100800010000000000000000000209010000004c"
+
+save alg: ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000106000600000000010000004b"
+
+save alg2: ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001060006010000004c"
+
+save alg: ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000206000600000000010000004b"
+
+save alg2: ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002060006010000004c"
+
+save alg: ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000306000600000000010000004b"
+
+save alg2: ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003060006010000004c"
+
+save alg: ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000406000600000000010000004b"
+
+save alg2: ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004060006010000004c"
+
+save alg: ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000506000600000000010000004b"
+
+save alg2: ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005060006010000004c"
+
+save alg: ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000806000600000000010000004b"
+
+save alg2: ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008060006010000004c"
+
+save alg: ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000906000600000000010000004b"
+
+save alg2: ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009060006010000004c"
+
+save alg: ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a06000600000000010000004b"
+
+save alg2: ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a060006010000004c"
+
+save alg: ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b06000600000000010000004b"
+
+save alg2: ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b060006010000004c"
+
+save alg: ECDSA(ANY_HASH)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff06000600000000010000004b"
+
+save alg2: ECDSA(ANY_HASH)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff060006010000004c"
+
+save alg: ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0x0000:"4b":"505341004b455900000000000100000001100800010000000006000600000000010000004b"
+
+save alg2: ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA_ANY:"4c":"505341004b455900000000000100000001100800010000000000000000060006010000004c"
+
+save alg: ED25519PH
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED25519PH:0x0000:"4b":"505341004b455900000000000100000001100800010000000b09000600000000010000004b"
+
+save alg2: ED25519PH
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED25519PH:"4c":"505341004b45590000000000010000000110080001000000000000000b090006010000004c"
+
+save alg: ED448PH
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED448PH:0x0000:"4b":"505341004b455900000000000100000001100800010000001509000600000000010000004b"
+
+save alg2: ED448PH
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED448PH:"4c":"505341004b455900000000000100000001100800010000000000000015090006010000004c"
+
+save alg: FFDH
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000010900000000010000004b"
+
+save alg2: FFDH
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_FFDH:"4c":"505341004b455900000000000100000001100800010000000000000000000109010000004c"
+
+save alg: GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000002500500000000010000004b"
+
+save alg2: GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_GCM:"4c":"505341004b455900000000000100000001100800010000000000000000025005010000004c"
+
+save alg: HKDF(MD2)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000101000800000000010000004b"
+
+save alg2: HKDF(MD2)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001010008010000004c"
+
+save alg: HKDF(MD4)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000201000800000000010000004b"
+
+save alg2: HKDF(MD4)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002010008010000004c"
+
+save alg: HKDF(MD5)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000301000800000000010000004b"
+
+save alg2: HKDF(MD5)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003010008010000004c"
+
+save alg: HKDF(RIPEMD160)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000401000800000000010000004b"
+
+save alg2: HKDF(RIPEMD160)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004010008010000004c"
+
+save alg: HKDF(SHA_1)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000501000800000000010000004b"
+
+save alg2: HKDF(SHA_1)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005010008010000004c"
+
+save alg: HKDF(SHA_224)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000801000800000000010000004b"
+
+save alg2: HKDF(SHA_224)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008010008010000004c"
+
+save alg: HKDF(SHA_256)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000901000800000000010000004b"
+
+save alg2: HKDF(SHA_256)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009010008010000004c"
+
+save alg: HKDF(SHA_384)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01000800000000010000004b"
+
+save alg2: HKDF(SHA_384)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a010008010000004c"
+
+save alg: HKDF(SHA_512)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b01000800000000010000004b"
+
+save alg2: HKDF(SHA_512)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b010008010000004c"
+
+save alg: HMAC(MD2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000100800300000000010000004b"
+
+save alg2: HMAC(MD2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001008003010000004c"
+
+save alg: HMAC(MD4)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000200800300000000010000004b"
+
+save alg2: HMAC(MD4)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002008003010000004c"
+
+save alg: HMAC(MD5)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000300800300000000010000004b"
+
+save alg2: HMAC(MD5)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003008003010000004c"
+
+save alg: HMAC(RIPEMD160)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000400800300000000010000004b"
+
+save alg2: HMAC(RIPEMD160)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004008003010000004c"
+
+save alg: HMAC(SHA_1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000500800300000000010000004b"
+
+save alg2: HMAC(SHA_1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005008003010000004c"
+
+save alg: HMAC(SHA_224)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000800800300000000010000004b"
+
+save alg2: HMAC(SHA_224)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008008003010000004c"
+
+save alg: HMAC(SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000900800300000000010000004b"
+
+save alg2: HMAC(SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009008003010000004c"
+
+save alg: HMAC(SHA_384)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a00800300000000010000004b"
+
+save alg2: HMAC(SHA_384)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a008003010000004c"
+
+save alg: HMAC(SHA_512)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b00800300000000010000004b"
+
+save alg2: HMAC(SHA_512)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b008003010000004c"
+
+save alg: KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000901020900000000010000004b"
+
+save alg2: KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009010209010000004c"
+
+save alg: KA(FFDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000901010900000000010000004b"
+
+save alg2: KA(FFDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009010109010000004c"
+
+save alg: KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01020900000000010000004b"
+
+save alg2: KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a010209010000004c"
+
+save alg: KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000902020900000000010000004b"
+
+save alg2: KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009020209010000004c"
+
+save alg: KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02020900000000010000004b"
+
+save alg2: KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a020209010000004c"
+
+save alg: KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000903020900000000010000004b"
+
+save alg2: KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009030209010000004c"
+
+save alg: KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03020900000000010000004b"
+
+save alg2: KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a030209010000004c"
+
+save alg: KA(FFDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01010900000000010000004b"
+
+save alg2: KA(FFDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a010109010000004c"
+
+save alg: MD2
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD2:0x0000:"4b":"505341004b455900000000000100000001100800010000000100000200000000010000004b"
+
+save alg2: MD2
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD2:"4c":"505341004b455900000000000100000001100800010000000000000001000002010000004c"
+
+save alg: MD4
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD4:0x0000:"4b":"505341004b455900000000000100000001100800010000000200000200000000010000004b"
+
+save alg2: MD4
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD4:"4c":"505341004b455900000000000100000001100800010000000000000002000002010000004c"
+
+save alg: MD5
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD5:0x0000:"4b":"505341004b455900000000000100000001100800010000000300000200000000010000004b"
+
+save alg2: MD5
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD5:"4c":"505341004b455900000000000100000001100800010000000000000003000002010000004c"
+
+save alg: OFB
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000012c00400000000010000004b"
+
+save alg2: OFB
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_OFB:"4c":"505341004b45590000000000010000000110080001000000000000000012c004010000004c"
+
+save alg: PURE_EDDSA
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PURE_EDDSA:0x0000:"4b":"505341004b455900000000000100000001100800010000000008000600000000010000004b"
+
+save alg2: PURE_EDDSA
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PURE_EDDSA:"4c":"505341004b455900000000000100000001100800010000000000000000080006010000004c"
+
+save alg: RIPEMD160
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RIPEMD160:0x0000:"4b":"505341004b455900000000000100000001100800010000000400000200000000010000004b"
+
+save alg2: RIPEMD160
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RIPEMD160:"4c":"505341004b455900000000000100000001100800010000000000000004000002010000004c"
+
+save alg: RSA_OAEP(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000103000700000000010000004b"
+
+save alg2: RSA_OAEP(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001030007010000004c"
+
+save alg: RSA_OAEP(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000203000700000000010000004b"
+
+save alg2: RSA_OAEP(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002030007010000004c"
+
+save alg: RSA_OAEP(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000700000000010000004b"
+
+save alg2: RSA_OAEP(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030007010000004c"
+
+save alg: RSA_OAEP(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000700000000010000004b"
+
+save alg2: RSA_OAEP(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030007010000004c"
+
+save alg: RSA_OAEP(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000700000000010000004b"
+
+save alg2: RSA_OAEP(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030007010000004c"
+
+save alg: RSA_OAEP(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000700000000010000004b"
+
+save alg2: RSA_OAEP(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030007010000004c"
+
+save alg: RSA_OAEP(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000700000000010000004b"
+
+save alg2: RSA_OAEP(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030007010000004c"
+
+save alg: RSA_OAEP(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000700000000010000004b"
+
+save alg2: RSA_OAEP(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030007010000004c"
+
+save alg: RSA_OAEP(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000700000000010000004b"
+
+save alg2: RSA_OAEP(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030007010000004c"
+
+save alg: RSA_PKCS1V15_CRYPT
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000700000000010000004b"
+
+save alg2: RSA_PKCS1V15_CRYPT
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_CRYPT:"4c":"505341004b455900000000000100000001100800010000000000000000020007010000004c"
+
+save alg: RSA_PKCS1V15_SIGN(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000102000600000000010000004b"
+
+save alg2: RSA_PKCS1V15_SIGN(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001020006010000004c"
+
+save alg: RSA_PKCS1V15_SIGN(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000202000600000000010000004b"
+
+save alg2: RSA_PKCS1V15_SIGN(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002020006010000004c"
+
+save alg: RSA_PKCS1V15_SIGN(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000302000600000000010000004b"
+
+save alg2: RSA_PKCS1V15_SIGN(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003020006010000004c"
+
+save alg: RSA_PKCS1V15_SIGN(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000402000600000000010000004b"
+
+save alg2: RSA_PKCS1V15_SIGN(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004020006010000004c"
+
+save alg: RSA_PKCS1V15_SIGN(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000502000600000000010000004b"
+
+save alg2: RSA_PKCS1V15_SIGN(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005020006010000004c"
+
+save alg: RSA_PKCS1V15_SIGN(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000802000600000000010000004b"
+
+save alg2: RSA_PKCS1V15_SIGN(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008020006010000004c"
+
+save alg: RSA_PKCS1V15_SIGN(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000902000600000000010000004b"
+
+save alg2: RSA_PKCS1V15_SIGN(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009020006010000004c"
+
+save alg: RSA_PKCS1V15_SIGN(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02000600000000010000004b"
+
+save alg2: RSA_PKCS1V15_SIGN(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a020006010000004c"
+
+save alg: RSA_PKCS1V15_SIGN(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b02000600000000010000004b"
+
+save alg2: RSA_PKCS1V15_SIGN(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b020006010000004c"
+
+save alg: RSA_PKCS1V15_SIGN(ANY_HASH)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff02000600000000010000004b"
+
+save alg2: RSA_PKCS1V15_SIGN(ANY_HASH)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff020006010000004c"
+
+save alg: RSA_PKCS1V15_SIGN_RAW
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000600000000010000004b"
+
+save alg2: RSA_PKCS1V15_SIGN_RAW
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"4c":"505341004b455900000000000100000001100800010000000000000000020006010000004c"
+
+save alg: RSA_PSS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000103000600000000010000004b"
+
+save alg2: RSA_PSS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001030006010000004c"
+
+save alg: RSA_PSS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000203000600000000010000004b"
+
+save alg2: RSA_PSS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002030006010000004c"
+
+save alg: RSA_PSS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000600000000010000004b"
+
+save alg2: RSA_PSS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030006010000004c"
+
+save alg: RSA_PSS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000600000000010000004b"
+
+save alg2: RSA_PSS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030006010000004c"
+
+save alg: RSA_PSS(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000600000000010000004b"
+
+save alg2: RSA_PSS(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030006010000004c"
+
+save alg: RSA_PSS(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000600000000010000004b"
+
+save alg2: RSA_PSS(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030006010000004c"
+
+save alg: RSA_PSS(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000600000000010000004b"
+
+save alg2: RSA_PSS(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030006010000004c"
+
+save alg: RSA_PSS(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000600000000010000004b"
+
+save alg2: RSA_PSS(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030006010000004c"
+
+save alg: RSA_PSS(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000600000000010000004b"
+
+save alg2: RSA_PSS(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030006010000004c"
+
+save alg: RSA_PSS(ANY_HASH)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff03000600000000010000004b"
+
+save alg2: RSA_PSS(ANY_HASH)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff030006010000004c"
+
+save alg: RSA_PSS_ANY_SALT(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000113000600000000010000004b"
+
+save alg2: RSA_PSS_ANY_SALT(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001130006010000004c"
+
+save alg: RSA_PSS_ANY_SALT(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000213000600000000010000004b"
+
+save alg2: RSA_PSS_ANY_SALT(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002130006010000004c"
+
+save alg: RSA_PSS_ANY_SALT(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000313000600000000010000004b"
+
+save alg2: RSA_PSS_ANY_SALT(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003130006010000004c"
+
+save alg: RSA_PSS_ANY_SALT(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000413000600000000010000004b"
+
+save alg2: RSA_PSS_ANY_SALT(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004130006010000004c"
+
+save alg: RSA_PSS_ANY_SALT(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000513000600000000010000004b"
+
+save alg2: RSA_PSS_ANY_SALT(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005130006010000004c"
+
+save alg: RSA_PSS_ANY_SALT(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000813000600000000010000004b"
+
+save alg2: RSA_PSS_ANY_SALT(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008130006010000004c"
+
+save alg: RSA_PSS_ANY_SALT(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000913000600000000010000004b"
+
+save alg2: RSA_PSS_ANY_SALT(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009130006010000004c"
+
+save alg: RSA_PSS_ANY_SALT(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a13000600000000010000004b"
+
+save alg2: RSA_PSS_ANY_SALT(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a130006010000004c"
+
+save alg: RSA_PSS_ANY_SALT(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b13000600000000010000004b"
+
+save alg2: RSA_PSS_ANY_SALT(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b130006010000004c"
+
+save alg: RSA_PSS_ANY_SALT(ANY_HASH)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff13000600000000010000004b"
+
+save alg2: RSA_PSS_ANY_SALT(ANY_HASH)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff130006010000004c"
+
+save alg: SHA3_224
+depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_224:0x0000:"4b":"505341004b455900000000000100000001100800010000001000000200000000010000004b"
+
+save alg2: SHA3_224
+depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_224:"4c":"505341004b455900000000000100000001100800010000000000000010000002010000004c"
+
+save alg: SHA3_256
+depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_256:0x0000:"4b":"505341004b455900000000000100000001100800010000001100000200000000010000004b"
+
+save alg2: SHA3_256
+depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_256:"4c":"505341004b455900000000000100000001100800010000000000000011000002010000004c"
+
+save alg: SHA3_384
+depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_384:0x0000:"4b":"505341004b455900000000000100000001100800010000001200000200000000010000004b"
+
+save alg2: SHA3_384
+depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_384:"4c":"505341004b455900000000000100000001100800010000000000000012000002010000004c"
+
+save alg: SHA3_512
+depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001300000200000000010000004b"
+
+save alg2: SHA3_512
+depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_512:"4c":"505341004b455900000000000100000001100800010000000000000013000002010000004c"
+
+save alg: SHAKE256_512
+depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHAKE256_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001500000200000000010000004b"
+
+save alg2: SHAKE256_512
+depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHAKE256_512:"4c":"505341004b455900000000000100000001100800010000000000000015000002010000004c"
+
+save alg: SHA_1
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_1:0x0000:"4b":"505341004b455900000000000100000001100800010000000500000200000000010000004b"
+
+save alg2: SHA_1
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_1:"4c":"505341004b455900000000000100000001100800010000000000000005000002010000004c"
+
+save alg: SHA_224
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000800000200000000010000004b"
+
+save alg2: SHA_224
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_224:"4c":"505341004b455900000000000100000001100800010000000000000008000002010000004c"
+
+save alg: SHA_256
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000900000200000000010000004b"
+
+save alg2: SHA_256
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_256:"4c":"505341004b455900000000000100000001100800010000000000000009000002010000004c"
+
+save alg: SHA_384
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_384:0x0000:"4b":"505341004b455900000000000100000001100800010000000a00000200000000010000004b"
+
+save alg2: SHA_384
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_384:"4c":"505341004b45590000000000010000000110080001000000000000000a000002010000004c"
+
+save alg: SHA_512
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512:0x0000:"4b":"505341004b455900000000000100000001100800010000000b00000200000000010000004b"
+
+save alg2: SHA_512
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512:"4c":"505341004b45590000000000010000000110080001000000000000000b000002010000004c"
+
+save alg: SHA_512_224
+depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000c00000200000000010000004b"
+
+save alg2: SHA_512_224
+depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_224:"4c":"505341004b45590000000000010000000110080001000000000000000c000002010000004c"
+
+save alg: SHA_512_256
+depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000d00000200000000010000004b"
+
+save alg2: SHA_512_256
+depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_256:"4c":"505341004b45590000000000010000000110080001000000000000000d000002010000004c"
+
+save alg: STREAM_CIPHER
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"4b":"505341004b455900000000000100000001100800010000000001800400000000010000004b"
+
+save alg2: STREAM_CIPHER
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_STREAM_CIPHER:"4c":"505341004b455900000000000100000001100800010000000000000000018004010000004c"
+
+save alg: TLS12_PRF(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000102000800000000010000004b"
+
+save alg2: TLS12_PRF(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001020008010000004c"
+
+save alg: TLS12_PRF(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000202000800000000010000004b"
+
+save alg2: TLS12_PRF(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002020008010000004c"
+
+save alg: TLS12_PRF(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000302000800000000010000004b"
+
+save alg2: TLS12_PRF(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003020008010000004c"
+
+save alg: TLS12_PRF(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000402000800000000010000004b"
+
+save alg2: TLS12_PRF(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004020008010000004c"
+
+save alg: TLS12_PRF(SHA_1)
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000502000800000000010000004b"
+
+save alg2: TLS12_PRF(SHA_1)
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005020008010000004c"
+
+save alg: TLS12_PRF(SHA_224)
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000802000800000000010000004b"
+
+save alg2: TLS12_PRF(SHA_224)
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008020008010000004c"
+
+save alg: TLS12_PRF(SHA_256)
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000902000800000000010000004b"
+
+save alg2: TLS12_PRF(SHA_256)
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009020008010000004c"
+
+save alg: TLS12_PRF(SHA_384)
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02000800000000010000004b"
+
+save alg2: TLS12_PRF(SHA_384)
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a020008010000004c"
+
+save alg: TLS12_PRF(SHA_512)
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b02000800000000010000004b"
+
+save alg2: TLS12_PRF(SHA_512)
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b020008010000004c"
+
+save alg: TLS12_PSK2MS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000103000800000000010000004b"
+
+save alg2: TLS12_PSK2MS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001030008010000004c"
+
+save alg: TLS12_PSK2MS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000203000800000000010000004b"
+
+save alg2: TLS12_PSK2MS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002030008010000004c"
+
+save alg: TLS12_PSK2MS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000800000000010000004b"
+
+save alg2: TLS12_PSK2MS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030008010000004c"
+
+save alg: TLS12_PSK2MS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000800000000010000004b"
+
+save alg2: TLS12_PSK2MS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030008010000004c"
+
+save alg: TLS12_PSK2MS(SHA_1)
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000800000000010000004b"
+
+save alg2: TLS12_PSK2MS(SHA_1)
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030008010000004c"
+
+save alg: TLS12_PSK2MS(SHA_224)
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000800000000010000004b"
+
+save alg2: TLS12_PSK2MS(SHA_224)
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030008010000004c"
+
+save alg: TLS12_PSK2MS(SHA_256)
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000800000000010000004b"
+
+save alg2: TLS12_PSK2MS(SHA_256)
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030008010000004c"
+
+save alg: TLS12_PSK2MS(SHA_384)
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000800000000010000004b"
+
+save alg2: TLS12_PSK2MS(SHA_384)
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030008010000004c"
+
+save alg: TLS12_PSK2MS(SHA_512)
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000800000000010000004b"
+
+save alg2: TLS12_PSK2MS(SHA_512)
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030008010000004c"
+
+save alg: TRUNCATED_MAC(CBC_MAC,1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000001c10300000000010000004b"
+
+save alg2: TRUNCATED_MAC(CBC_MAC,1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000001c103010000004c"
+
+save alg: TRUNCATED_MAC(CMAC,1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000002c10300000000010000004b"
+
+save alg2: TRUNCATED_MAC(CMAC,1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000002c103010000004c"
+
+save alg: TRUNCATED_MAC(HMAC(MD2),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000100810300000000010000004b"
+
+save alg2: TRUNCATED_MAC(HMAC(MD2),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):"4c":"505341004b455900000000000100000001100800010000000000000001008103010000004c"
+
+save alg: TRUNCATED_MAC(HMAC(MD4),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000200810300000000010000004b"
+
+save alg2: TRUNCATED_MAC(HMAC(MD4),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):"4c":"505341004b455900000000000100000001100800010000000000000002008103010000004c"
+
+save alg: TRUNCATED_MAC(HMAC(MD5),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000300810300000000010000004b"
+
+save alg2: TRUNCATED_MAC(HMAC(MD5),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):"4c":"505341004b455900000000000100000001100800010000000000000003008103010000004c"
+
+save alg: TRUNCATED_MAC(HMAC(RIPEMD160),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000400810300000000010000004b"
+
+save alg2: TRUNCATED_MAC(HMAC(RIPEMD160),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):"4c":"505341004b455900000000000100000001100800010000000000000004008103010000004c"
+
+save alg: TRUNCATED_MAC(HMAC(SHA_1),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000500810300000000010000004b"
+
+save alg2: TRUNCATED_MAC(HMAC(SHA_1),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):"4c":"505341004b455900000000000100000001100800010000000000000005008103010000004c"
+
+save alg: TRUNCATED_MAC(HMAC(SHA_224),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000800810300000000010000004b"
+
+save alg2: TRUNCATED_MAC(HMAC(SHA_224),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):"4c":"505341004b455900000000000100000001100800010000000000000008008103010000004c"
+
+save alg: TRUNCATED_MAC(HMAC(SHA_256),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000900810300000000010000004b"
+
+save alg2: TRUNCATED_MAC(HMAC(SHA_256),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):"4c":"505341004b455900000000000100000001100800010000000000000009008103010000004c"
+
+save alg: TRUNCATED_MAC(HMAC(SHA_384),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000a00810300000000010000004b"
+
+save alg2: TRUNCATED_MAC(HMAC(SHA_384),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):"4c":"505341004b45590000000000010000000110080001000000000000000a008103010000004c"
+
+save alg: TRUNCATED_MAC(HMAC(SHA_512),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000b00810300000000010000004b"
+
+save alg2: TRUNCATED_MAC(HMAC(SHA_512),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):"4c":"505341004b45590000000000010000000110080001000000000000000b008103010000004c"
+
+save alg: TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 4):0x0000:"4b":"505341004b455900000000000100000001100800010000000001c40300000000010000004b"
+
+save alg2: TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 4):"4c":"505341004b45590000000000010000000110080001000000000000000001c403010000004c"
+
+save alg: TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 13):0x0000:"4b":"505341004b455900000000000100000001100800010000000001cd0300000000010000004b"
+
+save alg2: TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 13):"4c":"505341004b45590000000000010000000110080001000000000000000001cd03010000004c"
+
+save alg: TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 14):0x0000:"4b":"505341004b455900000000000100000001100800010000000001ce0300000000010000004b"
+
+save alg2: TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 14):"4c":"505341004b45590000000000010000000110080001000000000000000001ce03010000004c"
+
+save alg: TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 16):0x0000:"4b":"505341004b455900000000000100000001100800010000000001d00300000000010000004b"
+
+save alg2: TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 16):"4c":"505341004b45590000000000010000000110080001000000000000000001d003010000004c"
+
+save alg: TRUNCATED_MAC(CBC_MAC,63)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 63):0x0000:"4b":"505341004b455900000000000100000001100800010000000001ff0300000000010000004b"
+
+save alg2: TRUNCATED_MAC(CBC_MAC,63)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 63):"4c":"505341004b45590000000000010000000110080001000000000000000001ff03010000004c"
+
+save alg: XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"4b":"505341004b4559000000000001000000011008000100000000ff400400000000010000004b"
+
+save alg2: XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_XTS:"4c":"505341004b455900000000000100000001100800010000000000000000ff4004010000004c"
+
+# End of automatically generated file.
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_storage_format.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_storage_format.function
new file mode 100644
index 0000000..2f68409
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_storage_format.function
@@ -0,0 +1,399 @@
+/* BEGIN_HEADER */
+
+#include <psa/crypto.h>
+
+#include <test/psa_crypto_helpers.h>
+#include <test/psa_exercise_key.h>
+
+#include <psa_crypto_its.h>
+
+#define TEST_FLAG_EXERCISE      0x00000001
+#define TEST_FLAG_READ_ONLY     0x00000002
+
+/** Write a key with the given attributes and key material to storage.
+ * Test that it has the expected representation.
+ *
+ * On error, including if the key representation in storage differs,
+ * mark the test case as failed and return 0. On success, return 1.
+ */
+static int test_written_key(const psa_key_attributes_t *attributes,
+                            const data_t *material,
+                            psa_storage_uid_t uid,
+                            const data_t *expected_representation)
+{
+    mbedtls_svc_key_id_t created_key_id = MBEDTLS_SVC_KEY_ID_INIT;
+    uint8_t *actual_representation = NULL;
+    size_t length;
+    struct psa_storage_info_t storage_info;
+    int ok = 0;
+
+    /* Create a key with the given parameters. */
+    PSA_ASSERT(psa_import_key(attributes, material->x, material->len,
+                              &created_key_id));
+    TEST_ASSERT(mbedtls_svc_key_id_equal(psa_get_key_id(attributes),
+                                         created_key_id));
+
+    /* Check that the key is represented as expected. */
+    PSA_ASSERT(psa_its_get_info(uid, &storage_info));
+    TEST_EQUAL(storage_info.size, expected_representation->len);
+    TEST_CALLOC(actual_representation, storage_info.size);
+    PSA_ASSERT(psa_its_get(uid, 0, storage_info.size,
+                           actual_representation, &length));
+    TEST_MEMORY_COMPARE(expected_representation->x, expected_representation->len,
+                        actual_representation, length);
+
+    ok = 1;
+
+exit:
+    mbedtls_free(actual_representation);
+    return ok;
+}
+
+/** Check if a key is exportable. */
+static int can_export(const psa_key_attributes_t *attributes)
+{
+    if (psa_get_key_usage_flags(attributes) & PSA_KEY_USAGE_EXPORT) {
+        return 1;
+    } else if (PSA_KEY_TYPE_IS_PUBLIC_KEY(psa_get_key_type(attributes))) {
+        return 1;
+    } else {
+        return 0;
+    }
+}
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+static int is_accelerated_rsa(psa_algorithm_t alg)
+{
+#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN)
+    if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)) {
+        return 1;
+    }
+#endif
+#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
+    if (PSA_ALG_IS_RSA_PSS(alg)) {
+        return 1;
+    }
+#endif
+#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP)
+    if (PSA_ALG_IS_RSA_OAEP(alg)) {
+        return 1;
+    }
+#endif
+    (void) alg;
+    return 0;
+}
+
+/* Whether the algorithm is implemented as a builtin, i.e. not accelerated,
+ * and calls mbedtls_md() functions that require the hash algorithm to
+ * also be built-in. */
+static int is_builtin_calling_md(psa_algorithm_t alg)
+{
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
+    if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)) {
+        return 1;
+    }
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
+    if (PSA_ALG_IS_RSA_PSS(alg)) {
+        return 1;
+    }
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
+    if (PSA_ALG_IS_RSA_OAEP(alg)) {
+        return 1;
+    }
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
+    if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg)) {
+        return 1;
+    }
+#endif
+    (void) alg;
+    return 0;
+}
+
+static int has_builtin_hash(psa_algorithm_t alg)
+{
+#if !defined(MBEDTLS_MD2_C)
+    if (alg == PSA_ALG_MD2) {
+        return 0;
+    }
+#endif
+#if !defined(MBEDTLS_MD4_C)
+    if (alg == PSA_ALG_MD4) {
+        return 0;
+    }
+#endif
+#if !defined(MBEDTLS_MD5_C)
+    if (alg == PSA_ALG_MD5) {
+        return 0;
+    }
+#endif
+#if !defined(MBEDTLS_RIPEMD160_C)
+    if (alg == PSA_ALG_RIPEMD160) {
+        return 0;
+    }
+#endif
+#if !defined(MBEDTLS_SHA1_C)
+    if (alg == PSA_ALG_SHA_1) {
+        return 0;
+    }
+#endif
+#if !defined(MBEDTLS_SHA224_C)
+    if (alg == PSA_ALG_SHA_224) {
+        return 0;
+    }
+#endif
+#if !defined(MBEDTLS_SHA256_C)
+    if (alg == PSA_ALG_SHA_256) {
+        return 0;
+    }
+#endif
+#if !defined(MBEDTLS_SHA384_C)
+    if (alg == PSA_ALG_SHA_384) {
+        return 0;
+    }
+#endif
+#if !defined(MBEDTLS_SHA512_C)
+    if (alg == PSA_ALG_SHA_512) {
+        return 0;
+    }
+#endif
+    (void) alg;
+    return 1;
+}
+#endif
+
+/* Mbed TLS doesn't support certain combinations of key type and algorithm
+ * in certain configurations. */
+static int can_exercise(const psa_key_attributes_t *attributes)
+{
+    psa_key_type_t key_type = psa_get_key_type(attributes);
+    psa_algorithm_t alg = psa_get_key_algorithm(attributes);
+    psa_algorithm_t hash_alg =
+        PSA_ALG_IS_HASH_AND_SIGN(alg) ? PSA_ALG_SIGN_GET_HASH(alg) :
+        PSA_ALG_IS_RSA_OAEP(alg) ? PSA_ALG_RSA_OAEP_GET_HASH(alg) :
+        PSA_ALG_NONE;
+    psa_key_usage_t usage = psa_get_key_usage_flags(attributes);
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+    /* We test some configurations using drivers where the driver doesn't
+     * support certain hash algorithms, but declares that it supports
+     * compound algorithms that use those hashes. Until this is fixed,
+     * in those configurations, don't try to actually perform operations.
+     *
+     * Hash-and-sign algorithms where the asymmetric part doesn't use
+     * a hash operation are ok. So randomized ECDSA signature is fine,
+     * ECDSA verification is fine, but deterministic ECDSA signature is
+     * affected. All RSA signatures are affected except raw PKCS#1v1.5.
+     * OAEP is also affected.
+     */
+    if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) &&
+        !(usage & (PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE))) {
+        /* Verification only. Verification doesn't use the hash algorithm. */
+        return 1;
+    }
+
+#if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
+    if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) &&
+        (hash_alg == PSA_ALG_MD5 ||
+         hash_alg == PSA_ALG_RIPEMD160 ||
+         hash_alg == PSA_ALG_SHA_1)) {
+        return 0;
+    }
+#endif
+    if (is_accelerated_rsa(alg) &&
+        (hash_alg == PSA_ALG_RIPEMD160 || hash_alg == PSA_ALG_SHA_384)) {
+        return 0;
+    }
+#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP)
+    if (PSA_ALG_IS_RSA_OAEP(alg) &&
+        (hash_alg == PSA_ALG_RIPEMD160 || hash_alg == PSA_ALG_SHA_384)) {
+        return 0;
+    }
+#endif
+
+    /* The built-in implementation of asymmetric algorithms that use a
+     * hash internally only dispatch to the internal md module, not to
+     * PSA. Until this is supported, don't try to actually perform
+     * operations when the operation is built-in and the hash isn't.  */
+    if (is_builtin_calling_md(alg) && !has_builtin_hash(hash_alg)) {
+        return 0;
+    }
+#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 */
+
+    (void) key_type;
+    (void) alg;
+    (void) hash_alg;
+    (void) usage;
+    return 1;
+}
+
+/** Write a key with the given representation to storage, then check
+ * that it has the given attributes and (if exportable) key material.
+ *
+ * On error, including if the key representation in storage differs,
+ * mark the test case as failed and return 0. On success, return 1.
+ */
+static int test_read_key(const psa_key_attributes_t *expected_attributes,
+                         const data_t *expected_material,
+                         psa_storage_uid_t uid,
+                         const data_t *representation,
+                         int flags)
+{
+    psa_key_attributes_t actual_attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t key_id = psa_get_key_id(expected_attributes);
+    struct psa_storage_info_t storage_info;
+    int ok = 0;
+    uint8_t *exported_material = NULL;
+    size_t length;
+
+    /* Prime the storage with a key file. */
+    PSA_ASSERT(psa_its_set(uid, representation->len, representation->x, 0));
+
+    /* Check that the injected key exists and looks as expected. */
+    PSA_ASSERT(psa_get_key_attributes(key_id, &actual_attributes));
+    TEST_ASSERT(mbedtls_svc_key_id_equal(key_id,
+                                         psa_get_key_id(&actual_attributes)));
+    TEST_EQUAL(psa_get_key_lifetime(expected_attributes),
+               psa_get_key_lifetime(&actual_attributes));
+    TEST_EQUAL(psa_get_key_type(expected_attributes),
+               psa_get_key_type(&actual_attributes));
+    TEST_EQUAL(psa_get_key_bits(expected_attributes),
+               psa_get_key_bits(&actual_attributes));
+    TEST_EQUAL(psa_get_key_usage_flags(expected_attributes),
+               psa_get_key_usage_flags(&actual_attributes));
+    TEST_EQUAL(psa_get_key_algorithm(expected_attributes),
+               psa_get_key_algorithm(&actual_attributes));
+    TEST_EQUAL(psa_get_key_enrollment_algorithm(expected_attributes),
+               psa_get_key_enrollment_algorithm(&actual_attributes));
+    if (can_export(expected_attributes)) {
+        TEST_CALLOC(exported_material, expected_material->len);
+        PSA_ASSERT(psa_export_key(key_id,
+                                  exported_material, expected_material->len,
+                                  &length));
+        TEST_MEMORY_COMPARE(expected_material->x, expected_material->len,
+                            exported_material, length);
+    }
+
+    if ((flags & TEST_FLAG_EXERCISE) && can_exercise(&actual_attributes)) {
+        TEST_ASSERT(mbedtls_test_psa_exercise_key(
+                        key_id,
+                        psa_get_key_usage_flags(expected_attributes),
+                        psa_get_key_algorithm(expected_attributes)));
+    }
+
+
+    if (flags & TEST_FLAG_READ_ONLY) {
+        /* Read-only keys cannot be removed through the API.
+         * The key will be removed through ITS in the cleanup code below. */
+        TEST_EQUAL(PSA_ERROR_NOT_PERMITTED, psa_destroy_key(key_id));
+    } else {
+        /* Destroy the key. Confirm through direct access to the storage. */
+        PSA_ASSERT(psa_destroy_key(key_id));
+        TEST_EQUAL(PSA_ERROR_DOES_NOT_EXIST,
+                   psa_its_get_info(uid, &storage_info));
+    }
+
+    ok = 1;
+
+exit:
+    psa_reset_key_attributes(&actual_attributes);
+    psa_its_remove(uid);
+    mbedtls_free(exported_material);
+    return ok;
+}
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void key_storage_save(int lifetime_arg, int type_arg, int bits_arg,
+                      int usage_arg, int alg_arg, int alg2_arg,
+                      data_t *material,
+                      data_t *representation)
+{
+    /* Forward compatibility: save a key in the current format and
+     * check that it has the expected format so that future versions
+     * will still be able to read it. */
+
+    psa_key_lifetime_t lifetime = lifetime_arg;
+    psa_key_type_t type = type_arg;
+    size_t bits = bits_arg;
+    psa_key_usage_t usage = usage_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_algorithm_t alg2 = alg2_arg;
+    mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(0, 1);
+    psa_storage_uid_t uid = 1;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_INIT();
+    TEST_USES_KEY_ID(key_id);
+
+    psa_set_key_lifetime(&attributes, lifetime);
+    psa_set_key_id(&attributes, key_id);
+    psa_set_key_type(&attributes, type);
+    psa_set_key_bits(&attributes, bits);
+    psa_set_key_usage_flags(&attributes, usage);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_enrollment_algorithm(&attributes, alg2);
+
+    /* This is the current storage format. Test that we know exactly how
+     * the key is stored. The stability of the test data in future
+     * versions of Mbed TLS will guarantee that future versions
+     * can read back what this version wrote. */
+    TEST_ASSERT(test_written_key(&attributes, material,
+                                 uid, representation));
+
+exit:
+    psa_reset_key_attributes(&attributes);
+    psa_destroy_key(key_id);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_storage_read(int lifetime_arg, int type_arg, int bits_arg,
+                      int usage_arg, int alg_arg, int alg2_arg,
+                      data_t *material,
+                      data_t *representation, int flags)
+{
+    /* Backward compatibility: read a key in the format of a past version
+     * and check that this version can use it. */
+
+    psa_key_lifetime_t lifetime = lifetime_arg;
+    psa_key_type_t type = type_arg;
+    size_t bits = bits_arg;
+    psa_key_usage_t usage = usage_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_algorithm_t alg2 = alg2_arg;
+    mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(0, 1);
+    psa_storage_uid_t uid = 1;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_INIT();
+    TEST_USES_KEY_ID(key_id);
+
+    psa_set_key_lifetime(&attributes, lifetime);
+    psa_set_key_id(&attributes, key_id);
+    psa_set_key_type(&attributes, type);
+    psa_set_key_bits(&attributes, bits);
+    psa_set_key_usage_flags(&attributes, usage);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_enrollment_algorithm(&attributes, alg2);
+
+    /* Test that we can use a key with the given representation. This
+     * guarantees backward compatibility with keys that were stored by
+     * past versions of Mbed TLS. */
+    TEST_ASSERT(test_read_key(&attributes, material,
+                              uid, representation, flags));
+
+exit:
+    psa_reset_key_attributes(&attributes);
+    PSA_DONE();
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_storage_format.misc.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_storage_format.misc.data
new file mode 100644
index 0000000..48e3804
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_storage_format.misc.data
@@ -0,0 +1,11 @@
+# The following two manually crafted test cases are redundant with
+# systematically generated test cases, but useful to have as an anchor when
+# debugging changes to the test code or to the test case generation.
+
+PSA storage read: AES-GCM+CTR
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:PSA_WANT_ALG_CTR
+key_storage_read:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:PSA_ALG_CTR:"404142434445464748494a4b4c4d4e4f":"505341004b45590000000000010000000024800001010000000250050010c00410000000404142434445464748494a4b4c4d4e4f":1
+
+PSA storage save: AES-GCM+CTR
+depends_on:PSA_WANT_KEY_TYPE_AES
+key_storage_save:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:PSA_ALG_CTR:"404142434445464748494a4b4c4d4e4f":"505341004b45590000000000010000000024800001010000000250050010c00410000000404142434445464748494a4b4c4d4e4f"
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_storage_format.v0.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_storage_format.v0.data
new file mode 100644
index 0000000..0be1066
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_crypto_storage_format.v0.data
@@ -0,0 +1,8939 @@
+# Automatically generated by generate_psa_tests.py. Do not edit!
+
+read lifetime: (DEFAULT,LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c":0
+
+read lifetime: (READ_ONLY,LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b45590000000000ff00000001100800010000000000000000000000010000004c":TEST_FLAG_READ_ONLY
+
+read lifetime: (2,LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000200000001100800010000000000000000000000010000004c":0
+
+read lifetime: (254,LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b45590000000000fe00000001100800010000000000000000000000010000004c":0
+
+read lifetime: PERSISTENT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c":0
+
+read usage without implication: 0
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b":0
+
+read usage without implication: COPY
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b":0
+
+read usage without implication: DECRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b":0
+
+read usage without implication: DERIVE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b":0
+
+read usage without implication: ENCRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b":0
+
+read usage without implication: EXPORT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b":0
+
+read usage without implication: SIGN_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0
+
+read usage without implication: SIGN_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000400000000000000000000010000004b":0
+
+read usage without implication: VERIFY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0
+
+read usage without implication: VERIFY_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000800000000000000000000010000004b":0
+
+read usage without implication: COPY|DECRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b":0
+
+read usage without implication: DECRYPT|DERIVE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b":0
+
+read usage without implication: DERIVE|ENCRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b":0
+
+read usage without implication: ENCRYPT|EXPORT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b":0
+
+read usage without implication: EXPORT|SIGN_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011400000000000000000000010000004b":0
+
+read usage without implication: SIGN_HASH|SIGN_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0
+
+read usage without implication: SIGN_MESSAGE|VERIFY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002c00000000000000000000010000004b":0
+
+read usage without implication: VERIFY_HASH|VERIFY_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0
+
+read usage without implication: VERIFY_MESSAGE|COPY
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020800000000000000000000010000004b":0
+
+read usage without implication: all known
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800037f00000000000000000000010000004b":0
+
+read usage: 0
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b":0
+
+read usage: COPY
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b":0
+
+read usage: DECRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b":0
+
+read usage: DERIVE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b":0
+
+read usage: ENCRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b":0
+
+read usage: EXPORT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b":0
+
+read usage: SIGN_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001000000000000000000000010000004b":0
+
+read usage: SIGN_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000400000000000000000000010000004b":0
+
+read usage: VERIFY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002000000000000000000000010000004b":0
+
+read usage: VERIFY_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000800000000000000000000010000004b":0
+
+read usage: COPY|DECRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b":0
+
+read usage: DECRYPT|DERIVE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b":0
+
+read usage: DERIVE|ENCRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b":0
+
+read usage: ENCRYPT|EXPORT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b":0
+
+read usage: EXPORT|SIGN_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011000000000000000000000010000004b":0
+
+read usage: SIGN_HASH|SIGN_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0
+
+read usage: SIGN_MESSAGE|VERIFY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002400000000000000000000010000004b":0
+
+read usage: VERIFY_HASH|VERIFY_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0
+
+read usage: VERIFY_MESSAGE|COPY
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020800000000000000000000010000004b":0
+
+read type: AES 128-bit
+depends_on:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 128-bit, AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000014405000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 128-bit, AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000014e05000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 128-bit, AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000015005000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 128-bit, CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000001c003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 128-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000404004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 128-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000414004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 128-bit, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000015005000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 128-bit, CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000010300000011c004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 128-bit, CMAC
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CMAC:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000002c003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 128-bit, CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000010300000010c004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 128-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000444004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 128-bit, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000025005000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 128-bit, OFB
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000010300000012c004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 128-bit, TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000001c403000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 128-bit, TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000001cd03000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 128-bit, TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000001ce03000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 128-bit, TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000001d003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 128-bit, XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000ff4004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 192-bit
+depends_on:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: AES 192-bit, AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000014405000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: AES 192-bit, AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000014e05000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: AES 192-bit, AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: AES 192-bit, CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000001c003000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: AES 192-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000404004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: AES 192-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000414004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: AES 192-bit, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: AES 192-bit, CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000010300000011c004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: AES 192-bit, CMAC
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CMAC:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000002c003000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: AES 192-bit, CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000010300000010c004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: AES 192-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000444004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: AES 192-bit, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000025005000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: AES 192-bit, OFB
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000010300000012c004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: AES 192-bit, TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000001c403000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: AES 192-bit, TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000001cd03000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: AES 192-bit, TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000001ce03000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: AES 192-bit, TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000001d003000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: AES 192-bit, XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000ff4004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: AES 256-bit
+depends_on:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 256-bit, AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000014405000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 256-bit, AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000014e05000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 256-bit, AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 256-bit, CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000001c003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 256-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000404004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 256-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000414004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 256-bit, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 256-bit, CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001010300000011c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 256-bit, CMAC
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CMAC:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000002c003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 256-bit, CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001010300000010c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 256-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000444004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 256-bit, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000025005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 256-bit, OFB
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001010300000012c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 256-bit, TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000001c403000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 256-bit, TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000001cd03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 256-bit, TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000001ce03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 256-bit, TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000001d003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: AES 256-bit, XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES
+key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000ff4004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARC4 8-bit
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000022008000100000000000000000000000100000048":0
+
+read type: ARC4 8-bit, STREAM_CIPHER
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4
+key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"48":"505341004b4559000000000001000000022008000103000000018004000000000100000048":0
+
+read type: ARC4 128-bit
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000022080000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARC4 128-bit, STREAM_CIPHER
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4
+key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000022080000103000000018004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARC4 2048-bit
+depends_on:PSA_WANT_KEY_TYPE_ARC4
+key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:2048:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000022000080100000000000000000000000001000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":0
+
+read type: ARC4 2048-bit, STREAM_CIPHER
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4
+key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:2048:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000022000080103000000018004000000000001000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":0
+
+read type: ARIA 128-bit
+depends_on:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 128-bit, AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000014405000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 128-bit, AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000014e05000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 128-bit, AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000015005000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 128-bit, CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000013c00000001c003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 128-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000404004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 128-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000414004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 128-bit, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000015005000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 128-bit, CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000010300000011c004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 128-bit, CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000010300000010c004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 128-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000444004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 128-bit, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000025005000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 128-bit, TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000013c00000001c403000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 128-bit, TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000013c00000001cd03000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 128-bit, TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000013c00000001ce03000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 128-bit, TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000013c00000001d003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 128-bit, XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000ff4004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 192-bit
+depends_on:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: ARIA 192-bit, AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000014405000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: ARIA 192-bit, AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000014e05000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: ARIA 192-bit, AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: ARIA 192-bit, CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000013c00000001c003000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: ARIA 192-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000404004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: ARIA 192-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000414004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: ARIA 192-bit, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: ARIA 192-bit, CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000010300000011c004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: ARIA 192-bit, CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000010300000010c004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: ARIA 192-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000444004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: ARIA 192-bit, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000025005000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: ARIA 192-bit, TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000013c00000001c403000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: ARIA 192-bit, TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000013c00000001cd03000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: ARIA 192-bit, TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000013c00000001ce03000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: ARIA 192-bit, TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000013c00000001d003000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: ARIA 192-bit, XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000ff4004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: ARIA 256-bit
+depends_on:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 256-bit, AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000014405000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 256-bit, AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000014e05000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 256-bit, AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 256-bit, CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001013c00000001c003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 256-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000404004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 256-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000414004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 256-bit, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 256-bit, CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001010300000011c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 256-bit, CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001010300000010c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 256-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000444004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 256-bit, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000025005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 256-bit, TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001013c00000001c403000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 256-bit, TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001013c00000001cd03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 256-bit, TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001013c00000001ce03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 256-bit, TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001013c00000001d003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: ARIA 256-bit, XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA
+key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000ff4004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 128-bit
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 128-bit, AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000014405000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 128-bit, AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000014e05000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 128-bit, AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000015005000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 128-bit, CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000013c00000001c003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 128-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000404004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 128-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000414004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 128-bit, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000015005000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 128-bit, CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000010300000011c004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 128-bit, CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000010300000010c004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 128-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000444004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 128-bit, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000025005000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 128-bit, TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000013c00000001c403000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 128-bit, TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000013c00000001cd03000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 128-bit, TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000013c00000001ce03000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 128-bit, TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000013c00000001d003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 128-bit, XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000ff4004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 192-bit
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 192-bit, AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000014405000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 192-bit, AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000014e05000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 192-bit, AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 192-bit, CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000013c00000001c003000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 192-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000404004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 192-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000414004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 192-bit, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 192-bit, CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000010300000011c004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 192-bit, CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000010300000010c004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 192-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000444004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 192-bit, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000025005000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 192-bit, TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000013c00000001c403000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 192-bit, TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000013c00000001cd03000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 192-bit, TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000013c00000001ce03000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 192-bit, TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000013c00000001d003000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 192-bit, XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000ff4004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 256-bit
+depends_on:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 256-bit, AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000014405000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 256-bit, AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000014e05000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 256-bit, AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 256-bit, CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001013c00000001c003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 256-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000404004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 256-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000414004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 256-bit, CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 256-bit, CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001010300000011c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 256-bit, CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001010300000010c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 256-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000444004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 256-bit, GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000025005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 256-bit, TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001013c00000001c403000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 256-bit, TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001013c00000001cd03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 256-bit, TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001013c00000001ce03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 256-bit, TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001013c00000001d003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CAMELLIA 256-bit, XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA
+key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000ff4004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CHACHA20 256-bit
+depends_on:PSA_WANT_KEY_TYPE_CHACHA20
+key_storage_read:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CHACHA20 256-bit, CHACHA20_POLY1305
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
+key_storage_read:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CHACHA20_POLY1305:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010103000000051005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: CHACHA20 256-bit, STREAM_CIPHER
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+key_storage_read:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010103000000018004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: DERIVE 120-bit
+depends_on:PSA_WANT_KEY_TYPE_DERIVE
+key_storage_read:0x0001:PSA_KEY_TYPE_DERIVE:120:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174":"505341004b4559000000000001000000001278000100000000000000000000000f00000048657265006973206b6579a0646174":TEST_FLAG_EXERCISE
+
+read type: DERIVE 128-bit
+depends_on:PSA_WANT_KEY_TYPE_DERIVE
+key_storage_read:0x0001:PSA_KEY_TYPE_DERIVE:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001280000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: DES 64-bit
+depends_on:PSA_WANT_KEY_TYPE_DES
+key_storage_read:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001000000000000000000000008000000644573206b457901":TEST_FLAG_EXERCISE
+
+read type: DES 64-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+key_storage_read:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001030000004040040000000008000000644573206b457901":TEST_FLAG_EXERCISE
+
+read type: DES 64-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES
+key_storage_read:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001030000004140040000000008000000644573206b457901":TEST_FLAG_EXERCISE
+
+read type: DES 64-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+key_storage_read:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001030000004440040000000008000000644573206b457901":TEST_FLAG_EXERCISE
+
+read type: DES 128-bit
+depends_on:PSA_WANT_KEY_TYPE_DES
+key_storage_read:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001000000000000000000000010000000644573206b457901644573206b457902":TEST_FLAG_EXERCISE
+
+read type: DES 128-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+key_storage_read:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001030000004040040000000010000000644573206b457901644573206b457902":TEST_FLAG_EXERCISE
+
+read type: DES 128-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES
+key_storage_read:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001030000004140040000000010000000644573206b457901644573206b457902":TEST_FLAG_EXERCISE
+
+read type: DES 128-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+key_storage_read:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001030000004440040000000010000000644573206b457901644573206b457902":TEST_FLAG_EXERCISE
+
+read type: DES 192-bit
+depends_on:PSA_WANT_KEY_TYPE_DES
+key_storage_read:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001000000000000000000000018000000644573206b457901644573206b457902644573206b457904":TEST_FLAG_EXERCISE
+
+read type: DES 192-bit, CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+key_storage_read:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001030000004040040000000018000000644573206b457901644573206b457902644573206b457904":TEST_FLAG_EXERCISE
+
+read type: DES 192-bit, CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES
+key_storage_read:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001030000004140040000000018000000644573206b457901644573206b457902644573206b457904":TEST_FLAG_EXERCISE
+
+read type: DES 192-bit, ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+key_storage_read:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001030000004440040000000018000000644573206b457901644573206b457902644573206b457904":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(BP_R1) 160-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000100000000000000000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000001070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000002070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000003070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000004070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000005070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000008070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000009070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c00000a070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c00000b070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000140000000000209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000001060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000002060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000003060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000004060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000005060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000008060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000009060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c00000a060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c00000b060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000000060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000140000009010209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000014000000a010209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000140000009020209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000014000000a020209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000140000009030209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000014000000a030209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read type: ECC_PAIR(BP_R1) 192-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000010000000000000000000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000107000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000207000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000307000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000407000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000507000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000807000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000907000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000a07000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000b07000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000000020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000106000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000206000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000306000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000406000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000506000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000806000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000906000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000a06000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000b06000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000006000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000901020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000a01020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000902020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000a02020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000903020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000a03020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0
+
+read type: ECC_PAIR(BP_R1) 224-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000100000000000000000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000001070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000002070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000003070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000004070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000005070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000008070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000009070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c00000a070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c00000b070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000140000000000209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000001060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000002060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000003060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000004060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000005060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000008060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000009060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c00000a060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c00000b060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000000060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000140000009010209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000014000000a010209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000140000009020209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000014000000a020209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000140000009030209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000014000000a030209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0
+
+read type: ECC_PAIR(BP_R1) 256-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001010000000000000000000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000107000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000207000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000307000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000407000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000507000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000807000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000907000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000a07000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000b07000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000000020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000106000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000206000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000306000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000406000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000506000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000806000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000906000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000a06000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000b06000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000006000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000901020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000a01020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000902020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000a02020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000903020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000a03020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0
+
+read type: ECC_PAIR(BP_R1) 320-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010100000000000000000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000001070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000002070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000003070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000004070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000005070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000008070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000009070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c00000a070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c00000b070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010140000000000209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000001060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000002060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000003060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000004060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000005060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000008060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000009060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c00000a060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c00000b060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000000060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010140000009010209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001014000000a010209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010140000009020209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001014000000a020209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010140000009030209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001014000000a030209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0
+
+read type: ECC_PAIR(BP_R1) 384-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001010000000000000000000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000107000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000207000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000307000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000407000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000507000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000807000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000907000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000a07000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000b07000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000000020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000106000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000206000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000306000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000406000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000506000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000806000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000906000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000a06000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000b06000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000006000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000901020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000a01020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000902020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000a02020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000903020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000a03020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0
+
+read type: ECC_PAIR(BP_R1) 512-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201000000000000000000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000010700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000020700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000030700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000040700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000050700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000080700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000090700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c00000a0700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c00000b0700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201400000000002090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000010600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000020600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000030600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000040600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000050600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000080600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000090600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c00000a0600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c00000b0600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000000600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201400000090102090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002014000000a0102090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201400000090202090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002014000000a0202090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201400000090302090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002014000000a0302090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0
+
+read type: ECC_PAIR(MGM) 255-bit
+depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000100000000000000000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(MGM) 255-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000140000000000209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(MGM) 255-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000140000009010209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(MGM) 255-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff00014000000a010209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(MGM) 255-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000140000009020209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(MGM) 255-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff00014000000a020209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(MGM) 255-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000140000009030209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(MGM) 255-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff00014000000a030209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(MGM) 448-bit
+depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101000000000000000000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(MGM) 448-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101400000000002090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(MGM) 448-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101400000090102090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(MGM) 448-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c001014000000a0102090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(MGM) 448-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101400000090202090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(MGM) 448-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c001014000000a0202090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(MGM) 448-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101400000090302090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(MGM) 448-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c001014000000a0302090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit
+depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001000000000000000000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000010700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000020700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000030700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000040700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000050700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000080700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000090700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c00000a0700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c00000b0700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001400000000002090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000010600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000020600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000030600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000040600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000050600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000080600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000090600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c00000a0600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c00000b0600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000000600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001400000090102090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000014000000a0102090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001400000090202090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000014000000a0202090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001400000090302090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000014000000a0302090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit
+depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000100000000000000000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000001070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000002070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000003070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000004070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000005070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000008070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000009070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c00000a070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c00000b070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000140000000000209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000001060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000002060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000003060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000004060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000005060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000008060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000009060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c00000a060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c00000b060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000000060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000140000009010209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000014000000a010209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000140000009020209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000014000000a020209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000140000009030209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000014000000a030209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit
+depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001010000000000000000000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000107000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000207000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000307000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000407000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000507000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000807000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000907000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000a07000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000b07000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000000020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000106000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000206000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000306000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000406000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000506000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000806000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000906000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000a06000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000b06000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000006000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000901020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000a01020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000902020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000a02020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000903020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000a03020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit
+depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000100000000000000000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000001070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000002070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000003070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000004070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000005070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000008070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000009070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c00000a070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c00000b070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000140000000000209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000001060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000002060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000003060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000004060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000005060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000008060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000009060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c00000a060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c00000b060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000000060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000140000009010209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100014000000a010209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000140000009020209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100014000000a020209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000140000009030209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100014000000a030209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit
+depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010100000000000000000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000001070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000002070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000003070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000004070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000005070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000008070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000009070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c00000a070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c00000b070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010140000000000209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000001060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000002060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000003060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000004060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000005060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000008060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000009060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c00000a060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c00000b060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000000060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010140000009010209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001014000000a010209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010140000009020209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001014000000a020209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010140000009030209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001014000000a030209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit
+depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001010000000000000000000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000107000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000207000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000307000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000407000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000507000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000807000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000907000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000a07000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000b07000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000000020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000106000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000206000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000306000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000406000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000506000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000806000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000906000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000a06000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000b06000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000006000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000901020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000a01020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000902020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000a02020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000903020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000a03020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit
+depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020100000000000000000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000001070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000002070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000003070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000004070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000005070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000008070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000009070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c00000a070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c00000b070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020140000000000209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000001060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000002060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000003060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000004060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000005060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000008060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000009060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c00000a060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c00000b060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000000060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020140000009010209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902014000000a010209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020140000009020209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902014000000a020209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020140000009030209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902014000000a030209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit
+depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000100000000000000000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000001070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000002070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000003070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000004070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000005070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000008070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000009070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c00000a070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c00000b070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000140000000000209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000001060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000002060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000003060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000004060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000005060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000008060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000009060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c00000a060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c00000b060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000000060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000140000009010209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000014000000a010209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000140000009020209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000014000000a020209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000140000009030209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000014000000a030209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit
+depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000100000000000000000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000001070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000002070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000003070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000004070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000005070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000008070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000009070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c00000a070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c00000b070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000140000000000209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000001060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000002060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000003060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000004060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000005060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000008060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000009060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c00000a060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c00000b060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000000060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000140000009010209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300014000000a010209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000140000009020209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300014000000a020209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000140000009030209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300014000000a030209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit
+depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000100000000000000000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000001070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000002070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000003070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000004070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000005070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000008070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000009070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c00000a070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c00000b070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000140000000000209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000001060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000002060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000003060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000004060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000005060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000008060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000009060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c00000a060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c00000b060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000000060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000140000009010209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900014000000a010209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000140000009020209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900014000000a020209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000140000009030209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900014000000a030209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit
+depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000100000000000000000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000001070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000002070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000003070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000004070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000005070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000008070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000009070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c00000a070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c00000b070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000140000000000209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000001060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000002060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000003060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000004060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000005060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000008060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000009060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c00000a060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c00000b060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000000060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000140000009010209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00014000000a010209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000140000009020209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00014000000a020209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000140000009030209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00014000000a030209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit
+depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101000000000000000000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000010700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000020700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000030700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000040700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000050700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000080700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000090700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c00000a0700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c00000b0700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101400000000002090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000010600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000020600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000030600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000040600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000050600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000080600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000090600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c00000a0600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c00000b0600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000000600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101400000090102090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01014000000a0102090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101400000090202090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01014000000a0202090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101400000090302090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01014000000a0302090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit
+depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901010000000000000000000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000107000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000207000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000307000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000407000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000507000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000807000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000907000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000a07000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000b07000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000000020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000106000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000206000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000306000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000406000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000506000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000806000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000906000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000a06000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000b06000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000006000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000901020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000a01020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000902020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000a02020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000903020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000a03020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit
+depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201000000000000000000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000010700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000020700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000030700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000040700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000050700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000080700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000090700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c00000a0700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c00000b0700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201400000000002090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000010600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000020600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000030600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000040600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000050600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000080600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000090600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c00000a0600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c00000b0600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000000600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201400000090102090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02014000000a0102090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201400000090202090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02014000000a0202090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201400000090302090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02014000000a0302090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit
+depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001000000000000000000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000010700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000020700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000030700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000040700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000050700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000080700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000090700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c00000a0700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c00000b0700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001400000000002090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000010600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000020600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000030600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000040600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000050600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000080600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000090600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c00000a0600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c00000b0600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000000600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001400000090102090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300014000000a0102090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001400000090202090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300014000000a0202090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001400000090302090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300014000000a0302090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit
+depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000100000000000000000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000001070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000002070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000003070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000004070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000005070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000008070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000009070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c00000a070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c00000b070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000140000000000209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000001060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000002060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000003060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000004060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000005060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000008060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000009060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c00000a060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c00000b060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000000060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000140000009010209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900014000000a010209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000140000009020209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900014000000a020209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000140000009030209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900014000000a030209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit
+depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101000000000000000000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000010700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000020700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000030700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000040700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000050700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000080700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000090700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c00000a0700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c00000b0700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101400000000002090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000010600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000020600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000030600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000040600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000050600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000080600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000090600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c00000a0600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c00000b0600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000000600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101400000090102090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01014000000a0102090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101400000090202090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01014000000a0202090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101400000090302090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01014000000a0302090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit
+depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010100000000000000000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000001070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000002070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000003070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000004070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000005070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000008070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000009070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c00000a070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c00000b070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010140000000000209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000001060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000002060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000003060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000004060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000005060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000008060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000009060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c00000a060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c00000b060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000000060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010140000009010209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901014000000a010209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010140000009020209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901014000000a020209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010140000009030209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901014000000a030209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit
+depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201000000000000000000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000010700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000020700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000030700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000040700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000050700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000080700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000090700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c00000a0700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c00000b0700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201400000000002090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000010600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000020600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000030600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000040600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000050600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000080600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000090600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c00000a0600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c00000b0600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000000600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201400000090102090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02014000000a0102090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201400000090202090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02014000000a0202090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201400000090302090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02014000000a0302090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit
+depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300010000000000000000000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000107000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000207000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000307000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000407000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000507000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000807000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000907000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000a07000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000b07000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000000020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000106000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000206000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000306000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000406000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000506000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000806000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000906000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000a06000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000b06000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000006000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000901020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000a01020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000902020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000a02020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000903020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000a03020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00010000000000000000000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(TWISTED_EDWARDS) 255-bit, ED25519PH
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00013c00000b09000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(TWISTED_EDWARDS) 255-bit, ED448PH
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00013c00001509000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(TWISTED_EDWARDS) 255-bit, PURE_EDDSA
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_PURE_EDDSA:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00013c00000008000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(TWISTED_EDWARDS) 448-bit
+depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001010000000000000000000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(TWISTED_EDWARDS) 448-bit, ED25519PH
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001013c00000b09000600000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(TWISTED_EDWARDS) 448-bit, ED448PH
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001013c00001509000600000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":TEST_FLAG_EXERCISE
+
+read type: ECC_PAIR(TWISTED_EDWARDS) 448-bit, PURE_EDDSA
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_PURE_EDDSA:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001013c00000008000600000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(BP_R1) 160-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000100000000000000000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000001070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000002070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000003070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000004070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000005070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000008070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000009070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a000012800000a070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a000012800000b070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read type: ECC_PUB(BP_R1) 160-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000001060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read type: ECC_PUB(BP_R1) 160-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000002060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read type: ECC_PUB(BP_R1) 160-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000003060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read type: ECC_PUB(BP_R1) 160-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000004060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read type: ECC_PUB(BP_R1) 160-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000005060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read type: ECC_PUB(BP_R1) 160-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000008060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read type: ECC_PUB(BP_R1) 160-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000009060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read type: ECC_PUB(BP_R1) 160-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a000012800000a060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read type: ECC_PUB(BP_R1) 160-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a000012800000b060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read type: ECC_PUB(BP_R1) 160-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000000060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(BP_R1) 192-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001000000000000000000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0
+
+read type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000010700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0
+
+read type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000020700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0
+
+read type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000030700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0
+
+read type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000040700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0
+
+read type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000050700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0
+
+read type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000080700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0
+
+read type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000090700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0
+
+read type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c000012800000a0700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0
+
+read type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c000012800000b0700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0
+
+read type: ECC_PUB(BP_R1) 192-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000010600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0
+
+read type: ECC_PUB(BP_R1) 192-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000020600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0
+
+read type: ECC_PUB(BP_R1) 192-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000030600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0
+
+read type: ECC_PUB(BP_R1) 192-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000040600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0
+
+read type: ECC_PUB(BP_R1) 192-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000050600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0
+
+read type: ECC_PUB(BP_R1) 192-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000080600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0
+
+read type: ECC_PUB(BP_R1) 192-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000090600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0
+
+read type: ECC_PUB(BP_R1) 192-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c000012800000a0600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0
+
+read type: ECC_PUB(BP_R1) 192-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c000012800000b0600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0
+
+read type: ECC_PUB(BP_R1) 192-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000000600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(BP_R1) 224-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001000000000000000000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0
+
+read type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000010700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0
+
+read type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000020700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0
+
+read type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000030700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0
+
+read type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000040700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0
+
+read type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000050700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0
+
+read type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000080700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0
+
+read type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000090700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0
+
+read type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e000012800000a0700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0
+
+read type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e000012800000b0700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0
+
+read type: ECC_PUB(BP_R1) 224-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000010600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0
+
+read type: ECC_PUB(BP_R1) 224-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000020600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0
+
+read type: ECC_PUB(BP_R1) 224-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000030600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0
+
+read type: ECC_PUB(BP_R1) 224-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000040600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0
+
+read type: ECC_PUB(BP_R1) 224-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000050600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0
+
+read type: ECC_PUB(BP_R1) 224-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000080600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0
+
+read type: ECC_PUB(BP_R1) 224-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000090600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0
+
+read type: ECC_PUB(BP_R1) 224-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e000012800000a0600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0
+
+read type: ECC_PUB(BP_R1) 224-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e000012800000b0600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0
+
+read type: ECC_PUB(BP_R1) 224-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000000600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(BP_R1) 256-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010100000000000000000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0
+
+read type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000001070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0
+
+read type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000002070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0
+
+read type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000003070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0
+
+read type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000004070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0
+
+read type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000005070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0
+
+read type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000008070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0
+
+read type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000009070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0
+
+read type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b455900000000000100000030410001012800000a070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0
+
+read type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b455900000000000100000030410001012800000b070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0
+
+read type: ECC_PUB(BP_R1) 256-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000001060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0
+
+read type: ECC_PUB(BP_R1) 256-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000002060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0
+
+read type: ECC_PUB(BP_R1) 256-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000003060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0
+
+read type: ECC_PUB(BP_R1) 256-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000004060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0
+
+read type: ECC_PUB(BP_R1) 256-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000005060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0
+
+read type: ECC_PUB(BP_R1) 256-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000008060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0
+
+read type: ECC_PUB(BP_R1) 256-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000009060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0
+
+read type: ECC_PUB(BP_R1) 256-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b455900000000000100000030410001012800000a060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0
+
+read type: ECC_PUB(BP_R1) 256-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b455900000000000100000030410001012800000b060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0
+
+read type: ECC_PUB(BP_R1) 256-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000000060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(BP_R1) 320-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101000000000000000000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0
+
+read type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000010700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0
+
+read type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000020700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0
+
+read type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000030700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0
+
+read type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000040700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0
+
+read type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000050700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0
+
+read type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000080700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0
+
+read type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000090700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0
+
+read type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b455900000000000100000030414001012800000a0700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0
+
+read type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b455900000000000100000030414001012800000b0700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0
+
+read type: ECC_PUB(BP_R1) 320-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000010600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0
+
+read type: ECC_PUB(BP_R1) 320-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000020600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0
+
+read type: ECC_PUB(BP_R1) 320-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000030600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0
+
+read type: ECC_PUB(BP_R1) 320-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000040600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0
+
+read type: ECC_PUB(BP_R1) 320-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000050600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0
+
+read type: ECC_PUB(BP_R1) 320-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000080600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0
+
+read type: ECC_PUB(BP_R1) 320-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000090600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0
+
+read type: ECC_PUB(BP_R1) 320-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b455900000000000100000030414001012800000a0600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0
+
+read type: ECC_PUB(BP_R1) 320-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b455900000000000100000030414001012800000b0600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0
+
+read type: ECC_PUB(BP_R1) 320-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000000600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(BP_R1) 384-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010100000000000000000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0
+
+read type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000001070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0
+
+read type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000002070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0
+
+read type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000003070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0
+
+read type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000004070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0
+
+read type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000005070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0
+
+read type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000008070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0
+
+read type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000009070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0
+
+read type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b455900000000000100000030418001012800000a070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0
+
+read type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b455900000000000100000030418001012800000b070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0
+
+read type: ECC_PUB(BP_R1) 384-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000001060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0
+
+read type: ECC_PUB(BP_R1) 384-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000002060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0
+
+read type: ECC_PUB(BP_R1) 384-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000003060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0
+
+read type: ECC_PUB(BP_R1) 384-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000004060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0
+
+read type: ECC_PUB(BP_R1) 384-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000005060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0
+
+read type: ECC_PUB(BP_R1) 384-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000008060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0
+
+read type: ECC_PUB(BP_R1) 384-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000009060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0
+
+read type: ECC_PUB(BP_R1) 384-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b455900000000000100000030418001012800000a060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0
+
+read type: ECC_PUB(BP_R1) 384-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b455900000000000100000030418001012800000b060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0
+
+read type: ECC_PUB(BP_R1) 384-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000000060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(BP_R1) 512-bit
+depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002010000000000000000000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0
+
+read type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000107000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0
+
+read type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000207000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0
+
+read type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000307000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0
+
+read type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000407000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0
+
+read type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000507000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0
+
+read type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000807000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0
+
+read type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000907000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0
+
+read type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000a07000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0
+
+read type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000b07000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0
+
+read type: ECC_PUB(BP_R1) 512-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000106000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0
+
+read type: ECC_PUB(BP_R1) 512-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000206000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0
+
+read type: ECC_PUB(BP_R1) 512-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000306000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0
+
+read type: ECC_PUB(BP_R1) 512-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000406000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0
+
+read type: ECC_PUB(BP_R1) 512-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000506000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0
+
+read type: ECC_PUB(BP_R1) 512-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000806000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0
+
+read type: ECC_PUB(BP_R1) 512-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000906000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0
+
+read type: ECC_PUB(BP_R1) 512-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000a06000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0
+
+read type: ECC_PUB(BP_R1) 512-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000b06000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0
+
+read type: ECC_PUB(BP_R1) 512-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000006000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(MGM) 255-bit
+depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"505341004b45590000000000010000004141ff00010000000000000000000000200000008520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(MGM) 448-bit
+depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":"505341004b45590000000000010000004141c00101000000000000000000000038000000c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 192-bit
+depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000010000000000000000000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000107000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000207000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000307000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000407000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000507000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000807000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000907000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000a07000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000b07000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 192-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000106000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 192-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000206000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 192-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000306000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 192-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000406000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 192-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000506000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 192-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000806000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 192-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000906000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 192-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000a06000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 192-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000b06000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 192-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000006000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 224-bit
+depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001000000000000000000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000010700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000020700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000030700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000040700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000050700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000080700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000090700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e000012800000a0700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e000012800000b0700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 224-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000010600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 224-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000020600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 224-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000030600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 224-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000040600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 224-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000050600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 224-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000080600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 224-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000090600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 224-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e000012800000a0600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 224-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e000012800000b0600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 224-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000000600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 256-bit
+depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101000000000000000000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000010700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000020700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000030700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000040700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000050700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000080700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000090700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b455900000000000100000017410001012800000a0700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b455900000000000100000017410001012800000b0700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 256-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000010600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 256-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000020600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 256-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000030600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 256-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000040600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 256-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000050600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 256-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000080600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 256-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000090600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 256-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b455900000000000100000017410001012800000a0600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 256-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b455900000000000100000017410001012800000b0600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_K1) 256-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000000600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 225-bit
+depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001000000000000000000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000010700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000020700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000030700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000040700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000050700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000080700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000090700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e100012800000a0700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e100012800000b0700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 225-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000010600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 225-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000020600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 225-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000030600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 225-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000040600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 225-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000050600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 225-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000080600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 225-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000090600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 225-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e100012800000a0600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 225-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e100012800000b0600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 225-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000000600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 256-bit
+depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101000000000000000000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000010700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000020700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000030700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000040700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000050700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000080700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000090700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b455900000000000100000012410001012800000a0700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b455900000000000100000012410001012800000b0700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 256-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000010600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 256-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000020600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 256-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000030600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 256-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000040600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 256-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000050600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 256-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000080600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 256-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000090600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 256-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b455900000000000100000012410001012800000a0600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 256-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b455900000000000100000012410001012800000b0600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 256-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000000600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 384-bit
+depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010100000000000000000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000001070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000002070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000003070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000004070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000005070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000008070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000009070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b455900000000000100000012418001012800000a070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b455900000000000100000012418001012800000b070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 384-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000001060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 384-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000002060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 384-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000003060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 384-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000004060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 384-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000005060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 384-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000008060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 384-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000009060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 384-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b455900000000000100000012418001012800000a060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 384-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b455900000000000100000012418001012800000b060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 384-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000000060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 521-bit
+depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020100000000000000000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000001070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000002070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000003070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000004070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000005070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000008070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000009070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b455900000000000100000012410902012800000a070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b455900000000000100000012410902012800000b070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 521-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000001060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 521-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000002060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 521-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000003060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 521-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000004060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 521-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000005060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 521-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000008060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 521-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000009060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 521-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b455900000000000100000012410902012800000a060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 521-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b455900000000000100000012410902012800000b060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R1) 521-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000000060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R2) 160-bit
+depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001000000000000000000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000010700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000020700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000030700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000040700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000050700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000080700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000090700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a000012800000a0700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a000012800000b0700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R2) 160-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000010600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R2) 160-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000020600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R2) 160-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000030600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R2) 160-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000040600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R2) 160-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000050600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R2) 160-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000080600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R2) 160-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000090600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R2) 160-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a000012800000a0600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R2) 160-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a000012800000b0600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECP_R2) 160-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000000600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 163-bit
+depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000100000000000000000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000001070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000002070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000003070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000004070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000005070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000008070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000009070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a300012800000a070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a300012800000b070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 163-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000001060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 163-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000002060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 163-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000003060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 163-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000004060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 163-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000005060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 163-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000008060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 163-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000009060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 163-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a300012800000a060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 163-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a300012800000b060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 163-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000000060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 233-bit
+depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000100000000000000000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000001070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000002070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000003070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000004070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000005070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000008070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000009070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e900012800000a070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e900012800000b070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 233-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000001060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 233-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000002060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 233-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000003060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 233-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000004060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 233-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000005060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 233-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000008060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 233-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000009060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 233-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e900012800000a060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 233-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e900012800000b060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 233-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000000060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 239-bit
+depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000100000000000000000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000001070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000002070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000003070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000004070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000005070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000008070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000009070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef00012800000a070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef00012800000b070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 239-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000001060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 239-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000002060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 239-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000003060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 239-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000004060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 239-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000005060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 239-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000008060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 239-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000009060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 239-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef00012800000a060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 239-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef00012800000b060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 239-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000000060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 283-bit
+depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01010000000000000000000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000107000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000207000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000307000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000407000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000507000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000807000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000907000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000a07000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000b07000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 283-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000106000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 283-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000206000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 283-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000306000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 283-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000406000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 283-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000506000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 283-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000806000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 283-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000906000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 283-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000a06000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 283-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000b06000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 283-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000006000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 409-bit
+depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010100000000000000000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000001070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000002070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000003070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000004070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000005070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000008070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000009070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b455900000000000100000027419901012800000a070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b455900000000000100000027419901012800000b070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 409-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000001060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 409-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000002060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 409-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000003060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 409-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000004060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 409-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000005060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 409-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000008060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 409-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000009060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 409-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b455900000000000100000027419901012800000a060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 409-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b455900000000000100000027419901012800000b060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 409-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000000060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 571-bit
+depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020100000000000000000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000001070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000002070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000003070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000004070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000005070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000008070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000009070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b02012800000a070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b02012800000b070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 571-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000001060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 571-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000002060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 571-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000003060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 571-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000004060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 571-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000005060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 571-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000008060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 571-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000009060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 571-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b02012800000a060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 571-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b02012800000b060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_K1) 571-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000000060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 163-bit
+depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000100000000000000000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000001070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000002070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000003070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000004070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000005070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000008070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000009070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a300012800000a070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a300012800000b070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 163-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000001060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 163-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000002060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 163-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000003060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 163-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000004060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 163-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000005060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 163-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000008060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 163-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000009060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 163-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a300012800000a060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 163-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a300012800000b060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 163-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000000060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 233-bit
+depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000100000000000000000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000001070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000002070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000003070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000004070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000005070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000008070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000009070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e900012800000a070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e900012800000b070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 233-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000001060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 233-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000002060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 233-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000003060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 233-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000004060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 233-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000005060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 233-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000008060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 233-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000009060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 233-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e900012800000a060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 233-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e900012800000b060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 233-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000000060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 283-bit
+depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010100000000000000000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000001070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000002070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000003070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000004070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000005070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000008070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000009070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b01012800000a070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b01012800000b070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 283-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000001060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 283-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000002060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 283-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000003060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 283-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000004060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 283-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000005060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 283-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000008060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 283-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000009060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 283-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b01012800000a060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 283-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b01012800000b060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 283-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000000060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 409-bit
+depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901010000000000000000000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000107000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000207000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000307000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000407000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000507000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000807000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000907000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000a07000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000b07000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 409-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000106000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 409-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000206000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 409-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000306000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 409-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000406000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 409-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000506000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 409-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000806000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 409-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000906000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 409-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000a06000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 409-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000b06000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 409-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000006000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 571-bit
+depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201000000000000000000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000010700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000020700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000030700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000040700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000050700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000080700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000090700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b02012800000a0700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b02012800000b0700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 571-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000010600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 571-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000020600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 571-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000030600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 571-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000040600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 571-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000050600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 571-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000080600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 571-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000090600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 571-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b02012800000a0600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 571-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b02012800000b0600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R1) 571-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000000600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R2) 163-bit
+depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000100000000000000000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000001070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000002070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000003070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000004070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000005070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000008070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000009070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a300012800000a070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a300012800000b070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R2) 163-bit, ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000001060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R2) 163-bit, ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000002060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R2) 163-bit, ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000003060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R2) 163-bit, ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000004060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R2) 163-bit, ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000005060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R2) 163-bit, ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000008060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R2) 163-bit, ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000009060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R2) 163-bit, ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a300012800000a060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R2) 163-bit, ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a300012800000b060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(SECT_R2) 163-bit, ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000000060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001000000000000000000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(TWISTED_EDWARDS) 255-bit, ED25519PH
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff00012800000b0900060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(TWISTED_EDWARDS) 255-bit, ED448PH
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001280000150900060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(TWISTED_EDWARDS) 255-bit, PURE_EDDSA
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_PURE_EDDSA:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001280000000800060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(TWISTED_EDWARDS) 448-bit
+depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001010000000000000000000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(TWISTED_EDWARDS) 448-bit, ED25519PH
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001012800000b09000600000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(TWISTED_EDWARDS) 448-bit, ED448PH
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001012800001509000600000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":TEST_FLAG_EXERCISE
+
+read type: ECC_PUB(TWISTED_EDWARDS) 448-bit, PURE_EDDSA
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_PURE_EDDSA:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001012800000008000600000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":TEST_FLAG_EXERCISE
+
+read type: HMAC 128-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 128-bit, HMAC(MD2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000001008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 128-bit, HMAC(MD4)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000002008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 128-bit, HMAC(MD5)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000003008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 128-bit, HMAC(RIPEMD160)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000004008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 128-bit, HMAC(SHA_1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000005008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 128-bit, HMAC(SHA_224)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000008008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 128-bit, HMAC(SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000009008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 128-bit, HMAC(SHA_384)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c00000a008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 128-bit, HMAC(SHA_512)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c00000b008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 160-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a0000100000000000000000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE
+
+read type: HMAC 160-bit, HMAC(MD2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000001008003000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE
+
+read type: HMAC 160-bit, HMAC(MD4)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000002008003000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE
+
+read type: HMAC 160-bit, HMAC(MD5)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000003008003000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE
+
+read type: HMAC 160-bit, HMAC(RIPEMD160)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000004008003000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE
+
+read type: HMAC 160-bit, HMAC(SHA_1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000005008003000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE
+
+read type: HMAC 160-bit, HMAC(SHA_224)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000008008003000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE
+
+read type: HMAC 160-bit, HMAC(SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000009008003000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE
+
+read type: HMAC 160-bit, HMAC(SHA_384)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c00000a008003000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE
+
+read type: HMAC 160-bit, HMAC(SHA_512)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c00000b008003000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE
+
+read type: HMAC 224-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e0000100000000000000000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE
+
+read type: HMAC 224-bit, HMAC(MD2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000001008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE
+
+read type: HMAC 224-bit, HMAC(MD4)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000002008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE
+
+read type: HMAC 224-bit, HMAC(MD5)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000003008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE
+
+read type: HMAC 224-bit, HMAC(RIPEMD160)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000004008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE
+
+read type: HMAC 224-bit, HMAC(SHA_1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000005008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE
+
+read type: HMAC 224-bit, HMAC(SHA_224)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000008008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE
+
+read type: HMAC 224-bit, HMAC(SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000009008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE
+
+read type: HMAC 224-bit, HMAC(SHA_384)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c00000a008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE
+
+read type: HMAC 224-bit, HMAC(SHA_512)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c00000b008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE
+
+read type: HMAC 256-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 256-bit, HMAC(MD2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000001008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 256-bit, HMAC(MD4)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000002008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 256-bit, HMAC(MD5)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000003008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 256-bit, HMAC(RIPEMD160)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000004008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 256-bit, HMAC(SHA_1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000005008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 256-bit, HMAC(SHA_224)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000008008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 256-bit, HMAC(SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000009008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 256-bit, HMAC(SHA_384)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c00000a008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 256-bit, HMAC(SHA_512)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c00000b008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 384-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001180010100000000000000000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 384-bit, HMAC(MD2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000001008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 384-bit, HMAC(MD4)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000002008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 384-bit, HMAC(MD5)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000003008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 384-bit, HMAC(RIPEMD160)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000004008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 384-bit, HMAC(SHA_1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000005008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 384-bit, HMAC(SHA_224)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000008008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 384-bit, HMAC(SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000009008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 384-bit, HMAC(SHA_384)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c00000a008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 384-bit, HMAC(SHA_512)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c00000b008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 512-bit
+depends_on:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100020100000000000000000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 512-bit, HMAC(MD2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000001008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 512-bit, HMAC(MD4)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000002008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 512-bit, HMAC(MD5)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000003008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 512-bit, HMAC(RIPEMD160)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000004008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 512-bit, HMAC(SHA_1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000005008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 512-bit, HMAC(SHA_224)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000008008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 512-bit, HMAC(SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000009008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 512-bit, HMAC(SHA_384)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c00000a008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: HMAC 512-bit, HMAC(SHA_512)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c00000b008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read type: RAW_DATA 8-bit
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000011008000100000000000000000000000100000048":0
+
+read type: RAW_DATA 40-bit
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:40:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4865726500":"505341004b455900000000000100000001102800010000000000000000000000050000004865726500":0
+
+read type: RAW_DATA 128-bit
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000011080000100000000000000000000001000000048657265006973206b6579a064617461":0
+
+read type: RSA_PAIR 1024-bit
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010000000000000000000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_OAEP(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000103000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_OAEP(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000203000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_OAEP(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000303000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_OAEP(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000403000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_OAEP(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000503000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_OAEP(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000803000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_OAEP(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000903000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_OAEP(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000a03000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_OAEP(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000b03000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0
+
+read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_CRYPT
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000002000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000102000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000202000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000302000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000402000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000502000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000802000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000902000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000a02000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000b02000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN_RAW
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000002000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PSS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000103000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PSS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000203000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PSS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000303000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PSS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000403000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PSS(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000503000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PSS(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000803000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PSS(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000903000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PSS(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000a03000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PSS(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000b03000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000113000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000213000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000313000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000413000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000513000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000813000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000913000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000a13000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000b13000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060100000000000000000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_OAEP(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000001030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_OAEP(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000002030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_OAEP(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000003030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_OAEP(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000004030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_OAEP(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000005030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_OAEP(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000008030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_OAEP(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000009030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_OAEP(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006010300000a030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_OAEP(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006010300000b030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_CRYPT
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000000020007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000001020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000002020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000003020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000004020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000005020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000008020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000009020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000a020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000b020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN_RAW
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000000020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PSS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000001030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PSS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000002030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PSS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000003030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PSS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000004030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PSS(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000005030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PSS(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000008030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PSS(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000009030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PSS(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000a030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PSS(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000b030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000001130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000002130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000003130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000004130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000005130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000008130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000009130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000a130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000b130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040100000000000000000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_OAEP(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000001030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_OAEP(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000002030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_OAEP(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000003030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_OAEP(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000004030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_OAEP(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000005030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_OAEP(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000008030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_OAEP(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000009030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_OAEP(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004010100000a030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_OAEP(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004010100000b030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":0
+
+read type: RSA_PUB 1024-bit, RSA_PKCS1V15_CRYPT
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000000020007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000001020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000002020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000003020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000004020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000005020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000008020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000009020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000a020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000b020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN_RAW
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000000020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PSS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000001030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PSS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000002030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PSS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000003030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PSS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000004030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PSS(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000005030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PSS(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000008030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PSS(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000009030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PSS(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000a030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PSS(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000b030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000001130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000002130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000003130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000004130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000005130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000008130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000009130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000a130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000b130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit
+depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010000000000000000000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_OAEP(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000103000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_OAEP(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000203000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_OAEP(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000303000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_OAEP(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000403000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_OAEP(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000503000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_OAEP(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000803000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_OAEP(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000903000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_OAEP(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000a03000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_OAEP(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000b03000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PKCS1V15_CRYPT
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000002000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000102000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000202000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000302000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000402000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000502000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000802000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000902000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000a02000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000b02000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN_RAW
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000002000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PSS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000103000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PSS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000203000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PSS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000303000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PSS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000403000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PSS(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000503000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PSS(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000803000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PSS(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000903000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PSS(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000a03000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PSS(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000b03000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000113000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000213000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000313000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000413000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000513000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000813000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000913000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000a13000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000b13000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE
+
+read alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000081410500000000010000004b":0
+
+read alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000814105010000004c":0
+
+read alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000085010500000000010000004b":0
+
+read alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305, 1):"4c":"505341004b455900000000000100000001100800010000000000000000850105010000004c":0
+
+read alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000082410500000000010000004b":0
+
+read alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000824105010000004c":0
+
+read alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0x0000:"4b":"505341004b455900000000000100000001100800010000000081440500000000010000004b":0
+
+read alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):"4c":"505341004b455900000000000100000001100800010000000000000000814405010000004c":0
+
+read alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 13):0x0000:"4b":"505341004b4559000000000001000000011008000100000000814d0500000000010000004b":0
+
+read alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 13):"4c":"505341004b455900000000000100000001100800010000000000000000814d05010000004c":0
+
+read alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 14):0x0000:"4b":"505341004b4559000000000001000000011008000100000000814e0500000000010000004b":0
+
+read alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 14):"4c":"505341004b455900000000000100000001100800010000000000000000814e05010000004c":0
+
+read alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 16):0x0000:"4b":"505341004b455900000000000100000001100800010000000081500500000000010000004b":0
+
+read alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 16):"4c":"505341004b455900000000000100000001100800010000000000000000815005010000004c":0
+
+read alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 63):0x0000:"4b":"505341004b4559000000000001000000011008000100000000817f0500000000010000004b":0
+
+read alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 63):"4c":"505341004b455900000000000100000001100800010000000000000000817f05010000004c":0
+
+read alg: AEAD_SHORT(CCM,1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000001410500000000010000004b":0
+
+read alg2: AEAD_SHORT(CCM,1)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000014105010000004c":0
+
+read alg: AEAD_SHORT(CHACHA20_POLY1305,1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000005010500000000010000004b":0
+
+read alg2: AEAD_SHORT(CHACHA20_POLY1305,1)
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 1):"4c":"505341004b455900000000000100000001100800010000000000000000050105010000004c":0
+
+read alg: AEAD_SHORT(GCM,1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000002410500000000010000004b":0
+
+read alg2: AEAD_SHORT(GCM,1)
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000024105010000004c":0
+
+read alg: AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0x0000:"4b":"505341004b455900000000000100000001100800010000000001440500000000010000004b":0
+
+read alg2: AEAD_SHORT(CCM,4)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):"4c":"505341004b455900000000000100000001100800010000000000000000014405010000004c":0
+
+read alg: AEAD_SHORT(CCM,13)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 13):0x0000:"4b":"505341004b4559000000000001000000011008000100000000014d0500000000010000004b":0
+
+read alg2: AEAD_SHORT(CCM,13)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 13):"4c":"505341004b455900000000000100000001100800010000000000000000014d05010000004c":0
+
+read alg: AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 14):0x0000:"4b":"505341004b4559000000000001000000011008000100000000014e0500000000010000004b":0
+
+read alg2: AEAD_SHORT(CCM,14)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 14):"4c":"505341004b455900000000000100000001100800010000000000000000014e05010000004c":0
+
+read alg: AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 16):0x0000:"4b":"505341004b455900000000000100000001100800010000000001500500000000010000004b":0
+
+read alg2: AEAD_SHORT(CCM,16)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 16):"4c":"505341004b455900000000000100000001100800010000000000000000015005010000004c":0
+
+read alg: AEAD_SHORT(CCM,63)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 63):0x0000:"4b":"505341004b4559000000000001000000011008000100000000017f0500000000010000004b":0
+
+read alg2: AEAD_SHORT(CCM,63)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 63):"4c":"505341004b455900000000000100000001100800010000000000000000017f05010000004c":0
+
+read alg: ANY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ANY_HASH:0x0000:"4b":"505341004b45590000000000010000000110080001000000ff00000200000000010000004b":0
+
+read alg2: ANY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ANY_HASH:"4c":"505341004b4559000000000001000000011008000100000000000000ff000002010000004c":0
+
+read alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000081c10300000000010000004b":0
+
+read alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000081c103010000004c":0
+
+read alg: AT_LEAST_THIS_LENGTH_MAC(CMAC,1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000082c10300000000010000004b":0
+
+read alg2: AT_LEAST_THIS_LENGTH_MAC(CMAC,1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000082c103010000004c":0
+
+read alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000180810300000000010000004b":0
+
+read alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):"4c":"505341004b455900000000000100000001100800010000000000000001808103010000004c":0
+
+read alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000280810300000000010000004b":0
+
+read alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):"4c":"505341004b455900000000000100000001100800010000000000000002808103010000004c":0
+
+read alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000380810300000000010000004b":0
+
+read alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):"4c":"505341004b455900000000000100000001100800010000000000000003808103010000004c":0
+
+read alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000480810300000000010000004b":0
+
+read alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):"4c":"505341004b455900000000000100000001100800010000000000000004808103010000004c":0
+
+read alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000580810300000000010000004b":0
+
+read alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):"4c":"505341004b455900000000000100000001100800010000000000000005808103010000004c":0
+
+read alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000880810300000000010000004b":0
+
+read alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):"4c":"505341004b455900000000000100000001100800010000000000000008808103010000004c":0
+
+read alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000980810300000000010000004b":0
+
+read alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):"4c":"505341004b455900000000000100000001100800010000000000000009808103010000004c":0
+
+read alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000a80810300000000010000004b":0
+
+read alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):"4c":"505341004b45590000000000010000000110080001000000000000000a808103010000004c":0
+
+read alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000b80810300000000010000004b":0
+
+read alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):"4c":"505341004b45590000000000010000000110080001000000000000000b808103010000004c":0
+
+read alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 4):0x0000:"4b":"505341004b455900000000000100000001100800010000000081c40300000000010000004b":0
+
+read alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 4):"4c":"505341004b45590000000000010000000110080001000000000000000081c403010000004c":0
+
+read alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 13):0x0000:"4b":"505341004b455900000000000100000001100800010000000081cd0300000000010000004b":0
+
+read alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 13):"4c":"505341004b45590000000000010000000110080001000000000000000081cd03010000004c":0
+
+read alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 14):0x0000:"4b":"505341004b455900000000000100000001100800010000000081ce0300000000010000004b":0
+
+read alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 14):"4c":"505341004b45590000000000010000000110080001000000000000000081ce03010000004c":0
+
+read alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 16):0x0000:"4b":"505341004b455900000000000100000001100800010000000081d00300000000010000004b":0
+
+read alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 16):"4c":"505341004b45590000000000010000000110080001000000000000000081d003010000004c":0
+
+read alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 63):0x0000:"4b":"505341004b455900000000000100000001100800010000000081ff0300000000010000004b":0
+
+read alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 63):"4c":"505341004b45590000000000010000000110080001000000000000000081ff03010000004c":0
+
+read alg: CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_MAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000001c00300000000010000004b":0
+
+read alg2: CBC_MAC
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_MAC:"4c":"505341004b45590000000000010000000110080001000000000000000001c003010000004c":0
+
+read alg: CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000040400400000000010000004b":0
+
+read alg2: CBC_NO_PADDING
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000404004010000004c":0
+
+read alg: CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"4b":"505341004b455900000000000100000001100800010000000041400400000000010000004b":0
+
+read alg2: CBC_PKCS7
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_PKCS7:"4c":"505341004b455900000000000100000001100800010000000000000000414004010000004c":0
+
+read alg: CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000001500500000000010000004b":0
+
+read alg2: CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CCM:"4c":"505341004b455900000000000100000001100800010000000000000000015005010000004c":0
+
+read alg: CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000011c00400000000010000004b":0
+
+read alg2: CFB
+depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CFB:"4c":"505341004b45590000000000010000000110080001000000000000000011c004010000004c":0
+
+read alg: CHACHA20_POLY1305
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CHACHA20_POLY1305:0x0000:"4b":"505341004b455900000000000100000001100800010000000005100500000000010000004b":0
+
+read alg2: CHACHA20_POLY1305
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CHACHA20_POLY1305:"4c":"505341004b455900000000000100000001100800010000000000000000051005010000004c":0
+
+read alg: CMAC
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CMAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000002c00300000000010000004b":0
+
+read alg2: CMAC
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CMAC:"4c":"505341004b45590000000000010000000110080001000000000000000002c003010000004c":0
+
+read alg: CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"4b":"505341004b455900000000000100000001100800010000000010c00400000000010000004b":0
+
+read alg2: CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CTR:"4c":"505341004b45590000000000010000000110080001000000000000000010c004010000004c":0
+
+read alg: DET_DSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000105000600000000010000004b":0
+
+read alg2: DET_DSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001050006010000004c":0
+
+read alg: DET_DSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000205000600000000010000004b":0
+
+read alg2: DET_DSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002050006010000004c":0
+
+read alg: DET_DSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000305000600000000010000004b":0
+
+read alg2: DET_DSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003050006010000004c":0
+
+read alg: DET_DSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000405000600000000010000004b":0
+
+read alg2: DET_DSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004050006010000004c":0
+
+read alg: DET_DSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000505000600000000010000004b":0
+
+read alg2: DET_DSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005050006010000004c":0
+
+read alg: DET_DSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000805000600000000010000004b":0
+
+read alg2: DET_DSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008050006010000004c":0
+
+read alg: DET_DSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000905000600000000010000004b":0
+
+read alg2: DET_DSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009050006010000004c":0
+
+read alg: DET_DSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a05000600000000010000004b":0
+
+read alg2: DET_DSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a050006010000004c":0
+
+read alg: DET_DSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b05000600000000010000004b":0
+
+read alg2: DET_DSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b050006010000004c":0
+
+read alg: DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000107000600000000010000004b":0
+
+read alg2: DET_ECDSA(MD2)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001070006010000004c":0
+
+read alg: DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000207000600000000010000004b":0
+
+read alg2: DET_ECDSA(MD4)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002070006010000004c":0
+
+read alg: DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000307000600000000010000004b":0
+
+read alg2: DET_ECDSA(MD5)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003070006010000004c":0
+
+read alg: DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000407000600000000010000004b":0
+
+read alg2: DET_ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004070006010000004c":0
+
+read alg: DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000507000600000000010000004b":0
+
+read alg2: DET_ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005070006010000004c":0
+
+read alg: DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000807000600000000010000004b":0
+
+read alg2: DET_ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008070006010000004c":0
+
+read alg: DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000907000600000000010000004b":0
+
+read alg2: DET_ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009070006010000004c":0
+
+read alg: DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a07000600000000010000004b":0
+
+read alg2: DET_ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a070006010000004c":0
+
+read alg: DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b07000600000000010000004b":0
+
+read alg2: DET_ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b070006010000004c":0
+
+read alg: DET_ECDSA(ANY_HASH)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff07000600000000010000004b":0
+
+read alg2: DET_ECDSA(ANY_HASH)
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff070006010000004c":0
+
+read alg: DSA(MD2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000104000600000000010000004b":0
+
+read alg2: DSA(MD2)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001040006010000004c":0
+
+read alg: DSA(MD4)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000204000600000000010000004b":0
+
+read alg2: DSA(MD4)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002040006010000004c":0
+
+read alg: DSA(MD5)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000304000600000000010000004b":0
+
+read alg2: DSA(MD5)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003040006010000004c":0
+
+read alg: DSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000404000600000000010000004b":0
+
+read alg2: DSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004040006010000004c":0
+
+read alg: DSA(SHA_1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000504000600000000010000004b":0
+
+read alg2: DSA(SHA_1)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005040006010000004c":0
+
+read alg: DSA(SHA_224)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000804000600000000010000004b":0
+
+read alg2: DSA(SHA_224)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008040006010000004c":0
+
+read alg: DSA(SHA_256)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000904000600000000010000004b":0
+
+read alg2: DSA(SHA_256)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009040006010000004c":0
+
+read alg: DSA(SHA_384)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a04000600000000010000004b":0
+
+read alg2: DSA(SHA_384)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a040006010000004c":0
+
+read alg: DSA(SHA_512)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b04000600000000010000004b":0
+
+read alg2: DSA(SHA_512)
+depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b040006010000004c":0
+
+read alg: ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000044400400000000010000004b":0
+
+read alg2: ECB_NO_PADDING
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECB_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000444004010000004c":0
+
+read alg: ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000020900000000010000004b":0
+
+read alg2: ECDH
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDH:"4c":"505341004b455900000000000100000001100800010000000000000000000209010000004c":0
+
+read alg: ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000106000600000000010000004b":0
+
+read alg2: ECDSA(MD2)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001060006010000004c":0
+
+read alg: ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000206000600000000010000004b":0
+
+read alg2: ECDSA(MD4)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002060006010000004c":0
+
+read alg: ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000306000600000000010000004b":0
+
+read alg2: ECDSA(MD5)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003060006010000004c":0
+
+read alg: ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000406000600000000010000004b":0
+
+read alg2: ECDSA(RIPEMD160)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004060006010000004c":0
+
+read alg: ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000506000600000000010000004b":0
+
+read alg2: ECDSA(SHA_1)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005060006010000004c":0
+
+read alg: ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000806000600000000010000004b":0
+
+read alg2: ECDSA(SHA_224)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008060006010000004c":0
+
+read alg: ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000906000600000000010000004b":0
+
+read alg2: ECDSA(SHA_256)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009060006010000004c":0
+
+read alg: ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a06000600000000010000004b":0
+
+read alg2: ECDSA(SHA_384)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a060006010000004c":0
+
+read alg: ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b06000600000000010000004b":0
+
+read alg2: ECDSA(SHA_512)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b060006010000004c":0
+
+read alg: ECDSA(ANY_HASH)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff06000600000000010000004b":0
+
+read alg2: ECDSA(ANY_HASH)
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff060006010000004c":0
+
+read alg: ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0x0000:"4b":"505341004b455900000000000100000001100800010000000006000600000000010000004b":0
+
+read alg2: ECDSA_ANY
+depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA_ANY:"4c":"505341004b455900000000000100000001100800010000000000000000060006010000004c":0
+
+read alg: ED25519PH
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED25519PH:0x0000:"4b":"505341004b455900000000000100000001100800010000000b09000600000000010000004b":0
+
+read alg2: ED25519PH
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED25519PH:"4c":"505341004b45590000000000010000000110080001000000000000000b090006010000004c":0
+
+read alg: ED448PH
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED448PH:0x0000:"4b":"505341004b455900000000000100000001100800010000001509000600000000010000004b":0
+
+read alg2: ED448PH
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED448PH:"4c":"505341004b455900000000000100000001100800010000000000000015090006010000004c":0
+
+read alg: FFDH
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000010900000000010000004b":0
+
+read alg2: FFDH
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_FFDH:"4c":"505341004b455900000000000100000001100800010000000000000000000109010000004c":0
+
+read alg: GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000002500500000000010000004b":0
+
+read alg2: GCM
+depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_GCM:"4c":"505341004b455900000000000100000001100800010000000000000000025005010000004c":0
+
+read alg: HKDF(MD2)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000101000800000000010000004b":0
+
+read alg2: HKDF(MD2)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001010008010000004c":0
+
+read alg: HKDF(MD4)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000201000800000000010000004b":0
+
+read alg2: HKDF(MD4)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002010008010000004c":0
+
+read alg: HKDF(MD5)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000301000800000000010000004b":0
+
+read alg2: HKDF(MD5)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003010008010000004c":0
+
+read alg: HKDF(RIPEMD160)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000401000800000000010000004b":0
+
+read alg2: HKDF(RIPEMD160)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004010008010000004c":0
+
+read alg: HKDF(SHA_1)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000501000800000000010000004b":0
+
+read alg2: HKDF(SHA_1)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005010008010000004c":0
+
+read alg: HKDF(SHA_224)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000801000800000000010000004b":0
+
+read alg2: HKDF(SHA_224)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008010008010000004c":0
+
+read alg: HKDF(SHA_256)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000901000800000000010000004b":0
+
+read alg2: HKDF(SHA_256)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009010008010000004c":0
+
+read alg: HKDF(SHA_384)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01000800000000010000004b":0
+
+read alg2: HKDF(SHA_384)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a010008010000004c":0
+
+read alg: HKDF(SHA_512)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b01000800000000010000004b":0
+
+read alg2: HKDF(SHA_512)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b010008010000004c":0
+
+read alg: HMAC(MD2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000100800300000000010000004b":0
+
+read alg2: HMAC(MD2)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001008003010000004c":0
+
+read alg: HMAC(MD4)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000200800300000000010000004b":0
+
+read alg2: HMAC(MD4)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002008003010000004c":0
+
+read alg: HMAC(MD5)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000300800300000000010000004b":0
+
+read alg2: HMAC(MD5)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003008003010000004c":0
+
+read alg: HMAC(RIPEMD160)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000400800300000000010000004b":0
+
+read alg2: HMAC(RIPEMD160)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004008003010000004c":0
+
+read alg: HMAC(SHA_1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000500800300000000010000004b":0
+
+read alg2: HMAC(SHA_1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005008003010000004c":0
+
+read alg: HMAC(SHA_224)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000800800300000000010000004b":0
+
+read alg2: HMAC(SHA_224)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008008003010000004c":0
+
+read alg: HMAC(SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000900800300000000010000004b":0
+
+read alg2: HMAC(SHA_256)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009008003010000004c":0
+
+read alg: HMAC(SHA_384)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a00800300000000010000004b":0
+
+read alg2: HMAC(SHA_384)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a008003010000004c":0
+
+read alg: HMAC(SHA_512)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b00800300000000010000004b":0
+
+read alg2: HMAC(SHA_512)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b008003010000004c":0
+
+read alg: KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000901020900000000010000004b":0
+
+read alg2: KA(ECDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009010209010000004c":0
+
+read alg: KA(FFDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000901010900000000010000004b":0
+
+read alg2: KA(FFDH,HKDF(SHA_256))
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009010109010000004c":0
+
+read alg: KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01020900000000010000004b":0
+
+read alg2: KA(ECDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a010209010000004c":0
+
+read alg: KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000902020900000000010000004b":0
+
+read alg2: KA(ECDH,TLS12_PRF(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009020209010000004c":0
+
+read alg: KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02020900000000010000004b":0
+
+read alg2: KA(ECDH,TLS12_PRF(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a020209010000004c":0
+
+read alg: KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000903020900000000010000004b":0
+
+read alg2: KA(ECDH,TLS12_PSK2MS(SHA_256))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009030209010000004c":0
+
+read alg: KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03020900000000010000004b":0
+
+read alg2: KA(ECDH,TLS12_PSK2MS(SHA_384))
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a030209010000004c":0
+
+read alg: KA(FFDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01010900000000010000004b":0
+
+read alg2: KA(FFDH,HKDF(SHA_384))
+depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a010109010000004c":0
+
+read alg: MD2
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD2:0x0000:"4b":"505341004b455900000000000100000001100800010000000100000200000000010000004b":0
+
+read alg2: MD2
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD2:"4c":"505341004b455900000000000100000001100800010000000000000001000002010000004c":0
+
+read alg: MD4
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD4:0x0000:"4b":"505341004b455900000000000100000001100800010000000200000200000000010000004b":0
+
+read alg2: MD4
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD4:"4c":"505341004b455900000000000100000001100800010000000000000002000002010000004c":0
+
+read alg: MD5
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD5:0x0000:"4b":"505341004b455900000000000100000001100800010000000300000200000000010000004b":0
+
+read alg2: MD5
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD5:"4c":"505341004b455900000000000100000001100800010000000000000003000002010000004c":0
+
+read alg: OFB
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000012c00400000000010000004b":0
+
+read alg2: OFB
+depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_OFB:"4c":"505341004b45590000000000010000000110080001000000000000000012c004010000004c":0
+
+read alg: PURE_EDDSA
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PURE_EDDSA:0x0000:"4b":"505341004b455900000000000100000001100800010000000008000600000000010000004b":0
+
+read alg2: PURE_EDDSA
+depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PURE_EDDSA:"4c":"505341004b455900000000000100000001100800010000000000000000080006010000004c":0
+
+read alg: RIPEMD160
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RIPEMD160:0x0000:"4b":"505341004b455900000000000100000001100800010000000400000200000000010000004b":0
+
+read alg2: RIPEMD160
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RIPEMD160:"4c":"505341004b455900000000000100000001100800010000000000000004000002010000004c":0
+
+read alg: RSA_OAEP(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000103000700000000010000004b":0
+
+read alg2: RSA_OAEP(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001030007010000004c":0
+
+read alg: RSA_OAEP(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000203000700000000010000004b":0
+
+read alg2: RSA_OAEP(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002030007010000004c":0
+
+read alg: RSA_OAEP(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000700000000010000004b":0
+
+read alg2: RSA_OAEP(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030007010000004c":0
+
+read alg: RSA_OAEP(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000700000000010000004b":0
+
+read alg2: RSA_OAEP(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030007010000004c":0
+
+read alg: RSA_OAEP(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000700000000010000004b":0
+
+read alg2: RSA_OAEP(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030007010000004c":0
+
+read alg: RSA_OAEP(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000700000000010000004b":0
+
+read alg2: RSA_OAEP(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030007010000004c":0
+
+read alg: RSA_OAEP(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000700000000010000004b":0
+
+read alg2: RSA_OAEP(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030007010000004c":0
+
+read alg: RSA_OAEP(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000700000000010000004b":0
+
+read alg2: RSA_OAEP(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030007010000004c":0
+
+read alg: RSA_OAEP(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000700000000010000004b":0
+
+read alg2: RSA_OAEP(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030007010000004c":0
+
+read alg: RSA_PKCS1V15_CRYPT
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000700000000010000004b":0
+
+read alg2: RSA_PKCS1V15_CRYPT
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_CRYPT:"4c":"505341004b455900000000000100000001100800010000000000000000020007010000004c":0
+
+read alg: RSA_PKCS1V15_SIGN(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000102000600000000010000004b":0
+
+read alg2: RSA_PKCS1V15_SIGN(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001020006010000004c":0
+
+read alg: RSA_PKCS1V15_SIGN(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000202000600000000010000004b":0
+
+read alg2: RSA_PKCS1V15_SIGN(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002020006010000004c":0
+
+read alg: RSA_PKCS1V15_SIGN(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000302000600000000010000004b":0
+
+read alg2: RSA_PKCS1V15_SIGN(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003020006010000004c":0
+
+read alg: RSA_PKCS1V15_SIGN(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000402000600000000010000004b":0
+
+read alg2: RSA_PKCS1V15_SIGN(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004020006010000004c":0
+
+read alg: RSA_PKCS1V15_SIGN(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000502000600000000010000004b":0
+
+read alg2: RSA_PKCS1V15_SIGN(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005020006010000004c":0
+
+read alg: RSA_PKCS1V15_SIGN(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000802000600000000010000004b":0
+
+read alg2: RSA_PKCS1V15_SIGN(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008020006010000004c":0
+
+read alg: RSA_PKCS1V15_SIGN(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000902000600000000010000004b":0
+
+read alg2: RSA_PKCS1V15_SIGN(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009020006010000004c":0
+
+read alg: RSA_PKCS1V15_SIGN(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02000600000000010000004b":0
+
+read alg2: RSA_PKCS1V15_SIGN(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a020006010000004c":0
+
+read alg: RSA_PKCS1V15_SIGN(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b02000600000000010000004b":0
+
+read alg2: RSA_PKCS1V15_SIGN(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b020006010000004c":0
+
+read alg: RSA_PKCS1V15_SIGN(ANY_HASH)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff02000600000000010000004b":0
+
+read alg2: RSA_PKCS1V15_SIGN(ANY_HASH)
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff020006010000004c":0
+
+read alg: RSA_PKCS1V15_SIGN_RAW
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000600000000010000004b":0
+
+read alg2: RSA_PKCS1V15_SIGN_RAW
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"4c":"505341004b455900000000000100000001100800010000000000000000020006010000004c":0
+
+read alg: RSA_PSS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000103000600000000010000004b":0
+
+read alg2: RSA_PSS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001030006010000004c":0
+
+read alg: RSA_PSS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000203000600000000010000004b":0
+
+read alg2: RSA_PSS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002030006010000004c":0
+
+read alg: RSA_PSS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000600000000010000004b":0
+
+read alg2: RSA_PSS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030006010000004c":0
+
+read alg: RSA_PSS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000600000000010000004b":0
+
+read alg2: RSA_PSS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030006010000004c":0
+
+read alg: RSA_PSS(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000600000000010000004b":0
+
+read alg2: RSA_PSS(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030006010000004c":0
+
+read alg: RSA_PSS(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000600000000010000004b":0
+
+read alg2: RSA_PSS(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030006010000004c":0
+
+read alg: RSA_PSS(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000600000000010000004b":0
+
+read alg2: RSA_PSS(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030006010000004c":0
+
+read alg: RSA_PSS(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000600000000010000004b":0
+
+read alg2: RSA_PSS(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030006010000004c":0
+
+read alg: RSA_PSS(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000600000000010000004b":0
+
+read alg2: RSA_PSS(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030006010000004c":0
+
+read alg: RSA_PSS(ANY_HASH)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff03000600000000010000004b":0
+
+read alg2: RSA_PSS(ANY_HASH)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff030006010000004c":0
+
+read alg: RSA_PSS_ANY_SALT(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000113000600000000010000004b":0
+
+read alg2: RSA_PSS_ANY_SALT(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001130006010000004c":0
+
+read alg: RSA_PSS_ANY_SALT(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000213000600000000010000004b":0
+
+read alg2: RSA_PSS_ANY_SALT(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002130006010000004c":0
+
+read alg: RSA_PSS_ANY_SALT(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000313000600000000010000004b":0
+
+read alg2: RSA_PSS_ANY_SALT(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003130006010000004c":0
+
+read alg: RSA_PSS_ANY_SALT(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000413000600000000010000004b":0
+
+read alg2: RSA_PSS_ANY_SALT(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004130006010000004c":0
+
+read alg: RSA_PSS_ANY_SALT(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000513000600000000010000004b":0
+
+read alg2: RSA_PSS_ANY_SALT(SHA_1)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005130006010000004c":0
+
+read alg: RSA_PSS_ANY_SALT(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000813000600000000010000004b":0
+
+read alg2: RSA_PSS_ANY_SALT(SHA_224)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008130006010000004c":0
+
+read alg: RSA_PSS_ANY_SALT(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000913000600000000010000004b":0
+
+read alg2: RSA_PSS_ANY_SALT(SHA_256)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009130006010000004c":0
+
+read alg: RSA_PSS_ANY_SALT(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a13000600000000010000004b":0
+
+read alg2: RSA_PSS_ANY_SALT(SHA_384)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a130006010000004c":0
+
+read alg: RSA_PSS_ANY_SALT(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b13000600000000010000004b":0
+
+read alg2: RSA_PSS_ANY_SALT(SHA_512)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b130006010000004c":0
+
+read alg: RSA_PSS_ANY_SALT(ANY_HASH)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff13000600000000010000004b":0
+
+read alg2: RSA_PSS_ANY_SALT(ANY_HASH)
+depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff130006010000004c":0
+
+read alg: SHA3_224
+depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_224:0x0000:"4b":"505341004b455900000000000100000001100800010000001000000200000000010000004b":0
+
+read alg2: SHA3_224
+depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_224:"4c":"505341004b455900000000000100000001100800010000000000000010000002010000004c":0
+
+read alg: SHA3_256
+depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_256:0x0000:"4b":"505341004b455900000000000100000001100800010000001100000200000000010000004b":0
+
+read alg2: SHA3_256
+depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_256:"4c":"505341004b455900000000000100000001100800010000000000000011000002010000004c":0
+
+read alg: SHA3_384
+depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_384:0x0000:"4b":"505341004b455900000000000100000001100800010000001200000200000000010000004b":0
+
+read alg2: SHA3_384
+depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_384:"4c":"505341004b455900000000000100000001100800010000000000000012000002010000004c":0
+
+read alg: SHA3_512
+depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001300000200000000010000004b":0
+
+read alg2: SHA3_512
+depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_512:"4c":"505341004b455900000000000100000001100800010000000000000013000002010000004c":0
+
+read alg: SHAKE256_512
+depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHAKE256_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001500000200000000010000004b":0
+
+read alg2: SHAKE256_512
+depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHAKE256_512:"4c":"505341004b455900000000000100000001100800010000000000000015000002010000004c":0
+
+read alg: SHA_1
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_1:0x0000:"4b":"505341004b455900000000000100000001100800010000000500000200000000010000004b":0
+
+read alg2: SHA_1
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_1:"4c":"505341004b455900000000000100000001100800010000000000000005000002010000004c":0
+
+read alg: SHA_224
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000800000200000000010000004b":0
+
+read alg2: SHA_224
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_224:"4c":"505341004b455900000000000100000001100800010000000000000008000002010000004c":0
+
+read alg: SHA_256
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000900000200000000010000004b":0
+
+read alg2: SHA_256
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_256:"4c":"505341004b455900000000000100000001100800010000000000000009000002010000004c":0
+
+read alg: SHA_384
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_384:0x0000:"4b":"505341004b455900000000000100000001100800010000000a00000200000000010000004b":0
+
+read alg2: SHA_384
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_384:"4c":"505341004b45590000000000010000000110080001000000000000000a000002010000004c":0
+
+read alg: SHA_512
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512:0x0000:"4b":"505341004b455900000000000100000001100800010000000b00000200000000010000004b":0
+
+read alg2: SHA_512
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512:"4c":"505341004b45590000000000010000000110080001000000000000000b000002010000004c":0
+
+read alg: SHA_512_224
+depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000c00000200000000010000004b":0
+
+read alg2: SHA_512_224
+depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_224:"4c":"505341004b45590000000000010000000110080001000000000000000c000002010000004c":0
+
+read alg: SHA_512_256
+depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000d00000200000000010000004b":0
+
+read alg2: SHA_512_256
+depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_256:"4c":"505341004b45590000000000010000000110080001000000000000000d000002010000004c":0
+
+read alg: STREAM_CIPHER
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"4b":"505341004b455900000000000100000001100800010000000001800400000000010000004b":0
+
+read alg2: STREAM_CIPHER
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_STREAM_CIPHER:"4c":"505341004b455900000000000100000001100800010000000000000000018004010000004c":0
+
+read alg: TLS12_PRF(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000102000800000000010000004b":0
+
+read alg2: TLS12_PRF(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001020008010000004c":0
+
+read alg: TLS12_PRF(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000202000800000000010000004b":0
+
+read alg2: TLS12_PRF(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002020008010000004c":0
+
+read alg: TLS12_PRF(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000302000800000000010000004b":0
+
+read alg2: TLS12_PRF(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003020008010000004c":0
+
+read alg: TLS12_PRF(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000402000800000000010000004b":0
+
+read alg2: TLS12_PRF(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004020008010000004c":0
+
+read alg: TLS12_PRF(SHA_1)
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000502000800000000010000004b":0
+
+read alg2: TLS12_PRF(SHA_1)
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005020008010000004c":0
+
+read alg: TLS12_PRF(SHA_224)
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000802000800000000010000004b":0
+
+read alg2: TLS12_PRF(SHA_224)
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008020008010000004c":0
+
+read alg: TLS12_PRF(SHA_256)
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000902000800000000010000004b":0
+
+read alg2: TLS12_PRF(SHA_256)
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009020008010000004c":0
+
+read alg: TLS12_PRF(SHA_384)
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02000800000000010000004b":0
+
+read alg2: TLS12_PRF(SHA_384)
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a020008010000004c":0
+
+read alg: TLS12_PRF(SHA_512)
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b02000800000000010000004b":0
+
+read alg2: TLS12_PRF(SHA_512)
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b020008010000004c":0
+
+read alg: TLS12_PSK2MS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000103000800000000010000004b":0
+
+read alg2: TLS12_PSK2MS(MD2)
+depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001030008010000004c":0
+
+read alg: TLS12_PSK2MS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000203000800000000010000004b":0
+
+read alg2: TLS12_PSK2MS(MD4)
+depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002030008010000004c":0
+
+read alg: TLS12_PSK2MS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000800000000010000004b":0
+
+read alg2: TLS12_PSK2MS(MD5)
+depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030008010000004c":0
+
+read alg: TLS12_PSK2MS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000800000000010000004b":0
+
+read alg2: TLS12_PSK2MS(RIPEMD160)
+depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030008010000004c":0
+
+read alg: TLS12_PSK2MS(SHA_1)
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000800000000010000004b":0
+
+read alg2: TLS12_PSK2MS(SHA_1)
+depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030008010000004c":0
+
+read alg: TLS12_PSK2MS(SHA_224)
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000800000000010000004b":0
+
+read alg2: TLS12_PSK2MS(SHA_224)
+depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030008010000004c":0
+
+read alg: TLS12_PSK2MS(SHA_256)
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000800000000010000004b":0
+
+read alg2: TLS12_PSK2MS(SHA_256)
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030008010000004c":0
+
+read alg: TLS12_PSK2MS(SHA_384)
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000800000000010000004b":0
+
+read alg2: TLS12_PSK2MS(SHA_384)
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030008010000004c":0
+
+read alg: TLS12_PSK2MS(SHA_512)
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000800000000010000004b":0
+
+read alg2: TLS12_PSK2MS(SHA_512)
+depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030008010000004c":0
+
+read alg: TRUNCATED_MAC(CBC_MAC,1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000001c10300000000010000004b":0
+
+read alg2: TRUNCATED_MAC(CBC_MAC,1)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000001c103010000004c":0
+
+read alg: TRUNCATED_MAC(CMAC,1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000002c10300000000010000004b":0
+
+read alg2: TRUNCATED_MAC(CMAC,1)
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000002c103010000004c":0
+
+read alg: TRUNCATED_MAC(HMAC(MD2),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000100810300000000010000004b":0
+
+read alg2: TRUNCATED_MAC(HMAC(MD2),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):"4c":"505341004b455900000000000100000001100800010000000000000001008103010000004c":0
+
+read alg: TRUNCATED_MAC(HMAC(MD4),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000200810300000000010000004b":0
+
+read alg2: TRUNCATED_MAC(HMAC(MD4),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):"4c":"505341004b455900000000000100000001100800010000000000000002008103010000004c":0
+
+read alg: TRUNCATED_MAC(HMAC(MD5),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000300810300000000010000004b":0
+
+read alg2: TRUNCATED_MAC(HMAC(MD5),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):"4c":"505341004b455900000000000100000001100800010000000000000003008103010000004c":0
+
+read alg: TRUNCATED_MAC(HMAC(RIPEMD160),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000400810300000000010000004b":0
+
+read alg2: TRUNCATED_MAC(HMAC(RIPEMD160),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):"4c":"505341004b455900000000000100000001100800010000000000000004008103010000004c":0
+
+read alg: TRUNCATED_MAC(HMAC(SHA_1),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000500810300000000010000004b":0
+
+read alg2: TRUNCATED_MAC(HMAC(SHA_1),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):"4c":"505341004b455900000000000100000001100800010000000000000005008103010000004c":0
+
+read alg: TRUNCATED_MAC(HMAC(SHA_224),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000800810300000000010000004b":0
+
+read alg2: TRUNCATED_MAC(HMAC(SHA_224),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):"4c":"505341004b455900000000000100000001100800010000000000000008008103010000004c":0
+
+read alg: TRUNCATED_MAC(HMAC(SHA_256),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000900810300000000010000004b":0
+
+read alg2: TRUNCATED_MAC(HMAC(SHA_256),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):"4c":"505341004b455900000000000100000001100800010000000000000009008103010000004c":0
+
+read alg: TRUNCATED_MAC(HMAC(SHA_384),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000a00810300000000010000004b":0
+
+read alg2: TRUNCATED_MAC(HMAC(SHA_384),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):"4c":"505341004b45590000000000010000000110080001000000000000000a008103010000004c":0
+
+read alg: TRUNCATED_MAC(HMAC(SHA_512),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000b00810300000000010000004b":0
+
+read alg2: TRUNCATED_MAC(HMAC(SHA_512),1)
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):"4c":"505341004b45590000000000010000000110080001000000000000000b008103010000004c":0
+
+read alg: TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 4):0x0000:"4b":"505341004b455900000000000100000001100800010000000001c40300000000010000004b":0
+
+read alg2: TRUNCATED_MAC(CBC_MAC,4)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 4):"4c":"505341004b45590000000000010000000110080001000000000000000001c403010000004c":0
+
+read alg: TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 13):0x0000:"4b":"505341004b455900000000000100000001100800010000000001cd0300000000010000004b":0
+
+read alg2: TRUNCATED_MAC(CBC_MAC,13)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 13):"4c":"505341004b45590000000000010000000110080001000000000000000001cd03010000004c":0
+
+read alg: TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 14):0x0000:"4b":"505341004b455900000000000100000001100800010000000001ce0300000000010000004b":0
+
+read alg2: TRUNCATED_MAC(CBC_MAC,14)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 14):"4c":"505341004b45590000000000010000000110080001000000000000000001ce03010000004c":0
+
+read alg: TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 16):0x0000:"4b":"505341004b455900000000000100000001100800010000000001d00300000000010000004b":0
+
+read alg2: TRUNCATED_MAC(CBC_MAC,16)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 16):"4c":"505341004b45590000000000010000000110080001000000000000000001d003010000004c":0
+
+read alg: TRUNCATED_MAC(CBC_MAC,63)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 63):0x0000:"4b":"505341004b455900000000000100000001100800010000000001ff0300000000010000004b":0
+
+read alg2: TRUNCATED_MAC(CBC_MAC,63)
+depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 63):"4c":"505341004b45590000000000010000000110080001000000000000000001ff03010000004c":0
+
+read alg: XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"4b":"505341004b4559000000000001000000011008000100000000ff400400000000010000004b":0
+
+read alg2: XTS
+depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_XTS:"4c":"505341004b455900000000000100000001100800010000000000000000ff4004010000004c":0
+
+read implied by SIGN_HASH: DET_ECDSA(SHA_256) ECC_PAIR(BP_R1) 160-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000110000009070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read implied by SIGN_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECP_K1) 192-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001100000090700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECP_R1) 225-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000110000009070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECP_R2) 160-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000110000009070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECT_K1) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000110000009070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECT_R1) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001100000090700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECT_R2) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300011000000907000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: ECDSA(SHA_256) ECC_PAIR(BP_R1) 160-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000110000009060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read implied by SIGN_HASH: ECDSA(SHA_256) ECC_PAIR(SECP_K1) 192-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001100000090600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: ECDSA(SHA_256) ECC_PAIR(SECP_R1) 225-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000110000009060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: ECDSA(SHA_256) ECC_PAIR(SECP_R2) 160-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000110000009060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: ECDSA(SHA_256) ECC_PAIR(SECT_K1) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000110000009060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: ECDSA(SHA_256) ECC_PAIR(SECT_R1) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001100000090600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: ECDSA(SHA_256) ECC_PAIR(SECT_R2) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300011000000906000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: ED25519PH ECC_PAIR(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ED25519PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00011000000b09000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: ED448PH ECC_PAIR(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ED448PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00011000001509000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: HMAC(MD2) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000110000001008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: HMAC(MD4) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000110000002008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: HMAC(MD5) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000110000003008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: HMAC(RIPEMD160) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000110000004008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: HMAC(SHA_1) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000110000005008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: HMAC(SHA_224) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000110000008008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: HMAC(SHA_256) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000110000009008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: HMAC(SHA_384) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000011000000a008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: HMAC(SHA_512) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000011000000b008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_PAIR 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004011000000902000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read implied by SIGN_HASH: RSA_PSS(SHA_256) RSA_PAIR 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004011000000903000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PAIR(BP_R1) 160-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000120000009070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECP_K1) 192-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001200000090700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECP_R1) 225-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000120000009070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECP_R2) 160-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000120000009070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECT_K1) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000120000009070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECT_R1) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001200000090700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECT_R2) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300012000000907000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PUB(BP_R1) 160-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000120000009070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PUB(SECP_K1) 192-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012000000907000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PUB(SECP_R1) 225-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001200000090700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PUB(SECP_R2) 160-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001200000090700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PUB(SECT_K1) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000120000009070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PUB(SECT_R1) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000120000009070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PUB(SECT_R2) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000120000009070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PAIR(BP_R1) 160-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000120000009060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0
+
+read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PAIR(SECP_K1) 192-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001200000090600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PAIR(SECP_R1) 225-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000120000009060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PAIR(SECP_R2) 160-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000120000009060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PAIR(SECT_K1) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000120000009060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PAIR(SECT_R1) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001200000090600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PAIR(SECT_R2) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300012000000906000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUB(BP_R1) 160-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000120000009060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0
+
+read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUB(SECP_K1) 192-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012000000906000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUB(SECP_R1) 225-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001200000090600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUB(SECP_R2) 160-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001200000090600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUB(SECT_K1) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000120000009060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUB(SECT_R1) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000120000009060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUB(SECT_R2) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000120000009060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: ED25519PH ECC_PAIR(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00012000000b09000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: ED25519PH ECC_PUB(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff00012000000b0900060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: ED448PH ECC_PAIR(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00012000001509000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: ED448PH ECC_PUB(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001200000150900060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: HMAC(MD2) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000001008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: HMAC(MD4) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000002008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: HMAC(MD5) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000003008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: HMAC(RIPEMD160) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000004008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: HMAC(SHA_1) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000005008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: HMAC(SHA_224) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000008008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: HMAC(SHA_256) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000009008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: HMAC(SHA_384) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000012000000a008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: HMAC(SHA_512) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000012000000b008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_PAIR 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004012000000902000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_PUB 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040120000009020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: RSA_PSS(SHA_256) RSA_PAIR 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004012000000903000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+read implied by VERIFY_HASH: RSA_PSS(SHA_256) RSA_PUB 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040120000009030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+# End of automatically generated file.
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_its.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_its.data
new file mode 100644
index 0000000..06aed07
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_its.data
@@ -0,0 +1,74 @@
+Set/get/remove 0 bytes
+set_get_remove:1:0:""
+
+Set/get/remove 42 bytes
+set_get_remove:1:0:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223242526272829"
+
+Set/get/remove 1000 bytes
+set_get_remove:1:0:"6a07ecfcc7c7bfe0129d56d2dcf2955a12845b9e6e0034b0ed7226764261c6222a07b9f654deb682130eb1cd07ed298324e60a46f9c76c8a5a0be000c69e93dd81054ca21fbc6190cef7745e9d5436f70e20e10cbf111d1d40c9ceb83be108775199d81abaf0fecfe30eaa08e7ed82517cba939de4449f7ac5c730fcbbf56e691640b0129db0e178045dd2034262de9138873d9bdca57685146a3d516ff13c29e6628a00097435a8e10fef7faff62d2963c303a93793e2211d8604556fec08cd59c0f5bd1f22eea64be13e88b3f454781e83fe6e771d3d81eb2fbe2021e276f42a93db5343d767d854115e74f5e129a8036b1e81aced9872709d515e00bcf2098ccdee23006b0e836b27dc8aaf30f53fe58a31a6408abb79b13098c22e262a98040f9b09809a3b43bd42eb01cf1d17bbc8b4dfe51fa6573d4d8741943e3ae71a649e194c1218f2e20556c7d8cfe8c64d8cc1aa94531fbf638768c7d19b3c079299cf4f26ed3f964efb8fd23d82b4157a51f46da11156c74e2d6e2fd788869ebb52429e12a82da2ba083e2e74565026162f29ca22582da72a2698e7c5d958b919bc2cdfe12f50364ccfed30efd5cd120a7d5f196b2bd7f911bb44d5871eb3dedcd70ece7faf464988f9fe361f23d7244b1e08bee921d0f28bdb4912675809d099876d4d15b7d13ece356e1f2a5dce64feb3d6749a07a4f2b7721190e17a9ab2966e48b6d25187070b81eb45b1c44608b2f0e175958ba57fcf1b2cd145eea5fd4de858d157ddac69dfbb5d5d6f0c1691b0fae5a143b6e58cdf5000f28d74b3322670ed11e740c828c7bfad4e2f392012da3ac931ea26ed15fd003e604071f5900c6e1329d021805d50da9f1e732a49bcc292d9f8e07737cfd59442e8d7aaa813b18183a68e22bf6b4519545dd7d2d519db3652be4131bad4f4b0625dbaa749e979f6ee8c1b97803cb50a2fa20dc883eac932a824b777b226e15294de6a80be3ddef41478fe18172d64407a004de6bae18bc60e90c902c1cbb0e1633395b42391f5011be0d480541987609b0cd8d902ea29f86f73e7362340119323eb0ea4f672b70d6e9a9df5235f9f1965f5cb0c2998c5a7f4754e83eeda5d95fefbbaaa0875fe37b7ca461e7281cc5479162627c5a709b45fd9ddcde4dfb40659e1d70fa7361d9fc7de24f9b8b13259423fdae4dbb98d691db687467a5a7eb027a4a0552a03e430ac8a32de0c30160ba60a036d6b9db2d6182193283337b92e7438dc5d6eb4fa00200d8efa9127f1c3a32ac8e202262773aaa5a965c6b8035b2e5706c32a55511560429ddf1df4ac34076b7eedd9cf94b6915a894fdd9084ffe3db0e7040f382c3cd04f0484595de95865c36b6bf20f46a78cdfb37228acbeb218de798b9586f6d99a0cbae47e80d"
+
+Set/get/remove with flags
+set_get_remove:1:0x12345678:"abcdef"
+
+Overwrite 0 -> 3
+set_overwrite:1:0x12345678:"":0x01020304:"abcdef"
+
+Overwrite 3 -> 0
+set_overwrite:1:0x12345678:"abcdef":0x01020304:""
+
+Overwrite 3 -> 3
+set_overwrite:1:0x12345678:"123456":0x01020304:"abcdef"
+
+Overwrite 3 -> 18
+set_overwrite:1:0x12345678:"abcdef":0x01020304:"404142434445464748494a4b4c4d4e4f5051"
+
+Overwrite 18 -> 3
+set_overwrite:1:0x12345678:"404142434445464748494a4b4c4d4e4f5051":0x01020304:"abcdef"
+
+Multiple files
+set_multiple:1:5
+
+Set UID 0
+set_fail:0:"40414243444546474849":PSA_ERROR_INVALID_HANDLE
+
+Non-existent file
+nonexistent:1:0
+
+Removed file
+nonexistent:1:1
+
+Get 0 bytes of 10 at 10
+get_at:1:"40414243444546474849":10:0:PSA_SUCCESS
+
+Get 1 byte of 10 at 9
+get_at:1:"40414243444546474849":9:1:PSA_SUCCESS
+
+Get 0 bytes of 10 at 0
+get_at:1:"40414243444546474849":0:0:PSA_SUCCESS
+
+Get 1 byte of 10 at 0
+get_at:1:"40414243444546474849":0:1:PSA_SUCCESS
+
+Get 2 bytes of 10 at 1
+get_at:1:"40414243444546474849":1:2:PSA_SUCCESS
+
+Get 1 byte of 10 at 10: out of range
+get_at:1:"40414243444546474849":10:1:PSA_ERROR_INVALID_ARGUMENT
+
+Get 1 byte of 10 at 11: out of range
+get_at:1:"40414243444546474849":11:1:PSA_ERROR_INVALID_ARGUMENT
+
+Get 0 bytes of 10 at 11: out of range
+get_at:1:"40414243444546474849":11:0:PSA_ERROR_INVALID_ARGUMENT
+
+Get -1 byte of 10 at 10: out of range
+get_at:1:"40414243444546474849":10:-1:PSA_ERROR_INVALID_ARGUMENT
+
+Get 1 byte of 10 at -1: out of range
+get_at:1:"40414243444546474849":-1:1:PSA_ERROR_INVALID_ARGUMENT
+
+Overwrite ITS header magic
+get_fail:1:"40414243444546474849":1:0:PSA_ERROR_DATA_CORRUPT
+
+Truncate ITS header
+get_fail:1:"40414243444546474849":0:1:PSA_ERROR_DATA_CORRUPT
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_its.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_its.function
new file mode 100644
index 0000000..0f66c79
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_psa_its.function
@@ -0,0 +1,303 @@
+/* BEGIN_HEADER */
+
+/* This test file is specific to the ITS implementation in PSA Crypto
+ * on top of stdio. It expects to know what the stdio name of a file is
+ * based on its keystore name.
+ *
+ * Note that if you need to make a change that affects how files are
+ * stored, this may indicate that the key store is changing in a
+ * backward-incompatible way! Think carefully about backward compatibility
+ * before changing how test data is constructed or validated.
+ */
+
+#include "psa_crypto_its.h"
+
+#include "test/psa_helpers.h"
+
+/* Internal definitions of the implementation, copied for the sake of
+ * some of the tests and of the cleanup code. */
+#define PSA_ITS_STORAGE_PREFIX ""
+#define PSA_ITS_STORAGE_FILENAME_PATTERN "%08lx%08lx"
+#define PSA_ITS_STORAGE_SUFFIX ".psa_its"
+#define PSA_ITS_STORAGE_FILENAME_LENGTH         \
+    (sizeof(PSA_ITS_STORAGE_PREFIX) - 1 +    /*prefix without terminating 0*/ \
+     16 +  /*UID (64-bit number in hex)*/                               \
+     16 +  /*UID (64-bit number in hex)*/                               \
+     sizeof(PSA_ITS_STORAGE_SUFFIX) - 1 +    /*suffix without terminating 0*/ \
+     1 /*terminating null byte*/)
+#define PSA_ITS_STORAGE_TEMP \
+    PSA_ITS_STORAGE_PREFIX "tempfile" PSA_ITS_STORAGE_SUFFIX
+static void psa_its_fill_filename(psa_storage_uid_t uid, char *filename)
+{
+    /* Break up the UID into two 32-bit pieces so as not to rely on
+     * long long support in snprintf. */
+    mbedtls_snprintf(filename, PSA_ITS_STORAGE_FILENAME_LENGTH,
+                     "%s" PSA_ITS_STORAGE_FILENAME_PATTERN "%s",
+                     PSA_ITS_STORAGE_PREFIX,
+                     (unsigned long) (uid >> 32),
+                     (unsigned long) (uid & 0xffffffff),
+                     PSA_ITS_STORAGE_SUFFIX);
+}
+
+/* Maximum uid used by the test, recorded so that cleanup() can delete
+ * all files. 0xffffffffffffffff is always cleaned up, so it does not
+ * need to and should not be taken into account for uid_max. */
+static psa_storage_uid_t uid_max = 0;
+
+static void cleanup(void)
+{
+    /* Call remove() on all the files that a test might have created.
+     * We ignore the error if the file exists but remove() fails because
+     * it can't be checked portably (except by attempting to open the file
+     * first, which is needlessly slow and complicated here). A failure of
+     * remove() on an existing file is very unlikely anyway and would not
+     * have significant consequences other than perhaps failing the next
+     * test case. */
+    char filename[PSA_ITS_STORAGE_FILENAME_LENGTH];
+    psa_storage_uid_t uid;
+    for (uid = 0; uid < uid_max; uid++) {
+        psa_its_fill_filename(uid, filename);
+        (void) remove(filename);
+    }
+    psa_its_fill_filename((psa_storage_uid_t) (-1), filename);
+    (void) remove(filename);
+    (void) remove(PSA_ITS_STORAGE_TEMP);
+    uid_max = 0;
+}
+
+static psa_status_t psa_its_set_wrap(psa_storage_uid_t uid,
+                                     uint32_t data_length,
+                                     const void *p_data,
+                                     psa_storage_create_flags_t create_flags)
+{
+    if (uid_max != (psa_storage_uid_t) (-1) && uid_max < uid) {
+        uid_max = uid;
+    }
+    return psa_its_set(uid, data_length, p_data, create_flags);
+}
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_ITS_FILE_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void set_get_remove(int uid_arg, int flags_arg, data_t *data)
+{
+    psa_storage_uid_t uid = uid_arg;
+    uint32_t flags = flags_arg;
+    struct psa_storage_info_t info;
+    unsigned char *buffer = NULL;
+    size_t ret_len = 0;
+
+    TEST_CALLOC(buffer, data->len);
+
+    PSA_ASSERT(psa_its_set_wrap(uid, data->len, data->x, flags));
+
+    PSA_ASSERT(psa_its_get_info(uid, &info));
+    TEST_ASSERT(info.size == data->len);
+    TEST_ASSERT(info.flags == flags);
+    PSA_ASSERT(psa_its_get(uid, 0, data->len, buffer, &ret_len));
+    TEST_MEMORY_COMPARE(data->x, data->len, buffer, ret_len);
+
+    PSA_ASSERT(psa_its_remove(uid));
+
+exit:
+    mbedtls_free(buffer);
+    cleanup();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void set_overwrite(int uid_arg,
+                   int flags1_arg, data_t *data1,
+                   int flags2_arg, data_t *data2)
+{
+    psa_storage_uid_t uid = uid_arg;
+    uint32_t flags1 = flags1_arg;
+    uint32_t flags2 = flags2_arg;
+    struct psa_storage_info_t info;
+    unsigned char *buffer = NULL;
+    size_t ret_len = 0;
+
+    TEST_CALLOC(buffer, MAX(data1->len, data2->len));
+
+    PSA_ASSERT(psa_its_set_wrap(uid, data1->len, data1->x, flags1));
+    PSA_ASSERT(psa_its_get_info(uid, &info));
+    TEST_ASSERT(info.size == data1->len);
+    TEST_ASSERT(info.flags == flags1);
+    PSA_ASSERT(psa_its_get(uid, 0, data1->len, buffer, &ret_len));
+    TEST_MEMORY_COMPARE(data1->x, data1->len, buffer, ret_len);
+
+    PSA_ASSERT(psa_its_set_wrap(uid, data2->len, data2->x, flags2));
+    PSA_ASSERT(psa_its_get_info(uid, &info));
+    TEST_ASSERT(info.size == data2->len);
+    TEST_ASSERT(info.flags == flags2);
+    ret_len = 0;
+    PSA_ASSERT(psa_its_get(uid, 0, data2->len, buffer, &ret_len));
+    TEST_MEMORY_COMPARE(data2->x, data2->len, buffer, ret_len);
+
+    PSA_ASSERT(psa_its_remove(uid));
+
+exit:
+    mbedtls_free(buffer);
+    cleanup();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void set_multiple(int first_id, int count)
+{
+    psa_storage_uid_t uid0 = first_id;
+    psa_storage_uid_t uid;
+    char stored[40];
+    char retrieved[40];
+    size_t ret_len = 0;
+
+    memset(stored, '.', sizeof(stored));
+    for (uid = uid0; uid < uid0 + count; uid++) {
+        mbedtls_snprintf(stored, sizeof(stored),
+                         "Content of file 0x%08lx", (unsigned long) uid);
+        PSA_ASSERT(psa_its_set_wrap(uid, sizeof(stored), stored, 0));
+    }
+
+    for (uid = uid0; uid < uid0 + count; uid++) {
+        mbedtls_snprintf(stored, sizeof(stored),
+                         "Content of file 0x%08lx", (unsigned long) uid);
+        PSA_ASSERT(psa_its_get(uid, 0, sizeof(stored), retrieved, &ret_len));
+        TEST_MEMORY_COMPARE(retrieved, ret_len,
+                            stored, sizeof(stored));
+        PSA_ASSERT(psa_its_remove(uid));
+        TEST_ASSERT(psa_its_get(uid, 0, 0, NULL, NULL) ==
+                    PSA_ERROR_DOES_NOT_EXIST);
+    }
+
+exit:
+    cleanup();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void nonexistent(int uid_arg, int create_and_remove)
+{
+    psa_storage_uid_t uid = uid_arg;
+    struct psa_storage_info_t info;
+
+    if (create_and_remove) {
+        PSA_ASSERT(psa_its_set_wrap(uid, 0, NULL, 0));
+        PSA_ASSERT(psa_its_remove(uid));
+    }
+
+    TEST_ASSERT(psa_its_remove(uid) == PSA_ERROR_DOES_NOT_EXIST);
+    TEST_ASSERT(psa_its_get_info(uid, &info) ==
+                PSA_ERROR_DOES_NOT_EXIST);
+    TEST_ASSERT(psa_its_get(uid, 0, 0, NULL, NULL) ==
+                PSA_ERROR_DOES_NOT_EXIST);
+
+exit:
+    cleanup();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void get_at(int uid_arg, data_t *data,
+            int offset, int length_arg,
+            int expected_status)
+{
+    psa_storage_uid_t uid = uid_arg;
+    unsigned char *buffer = NULL;
+    psa_status_t status;
+    size_t length = length_arg >= 0 ? length_arg : 0;
+    unsigned char *trailer;
+    size_t i;
+    size_t ret_len = 0;
+
+    TEST_CALLOC(buffer, length + 16);
+    trailer = buffer + length;
+    memset(trailer, '-', 16);
+
+    PSA_ASSERT(psa_its_set_wrap(uid, data->len, data->x, 0));
+
+    status = psa_its_get(uid, offset, length_arg, buffer, &ret_len);
+    TEST_ASSERT(status == (psa_status_t) expected_status);
+    if (status == PSA_SUCCESS) {
+        TEST_MEMORY_COMPARE(data->x + offset, (size_t) length_arg,
+                            buffer, ret_len);
+    }
+    for (i = 0; i < 16; i++) {
+        TEST_ASSERT(trailer[i] == '-');
+    }
+    PSA_ASSERT(psa_its_remove(uid));
+
+exit:
+    mbedtls_free(buffer);
+    cleanup();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void get_fail(int uid_arg, data_t *data,
+              int overwrite_magic, int cut_header,
+              int expected_status)
+{
+    psa_storage_uid_t uid = uid_arg;
+    unsigned char *buffer = NULL;
+    psa_status_t status;
+    size_t n;
+    size_t ret_len = 0;
+    char filename[PSA_ITS_STORAGE_FILENAME_LENGTH];
+    FILE *stream = NULL;
+    char bad_char = 'X';
+
+    PSA_ASSERT(psa_its_set_wrap(uid, data->len, data->x, 0));
+
+    psa_its_fill_filename(uid, filename);
+    stream = fopen(filename, "rb+");
+    TEST_ASSERT(NULL != stream);
+    if (0 != overwrite_magic) {
+        /* Overwrite the 1st byte of the file, the ITS magic number */
+        TEST_ASSERT(fseek(stream, 0, SEEK_SET) == 0);
+        n = fwrite(&bad_char, 1, 1, stream);
+        TEST_ASSERT(1 == n);
+    }
+    if (0 != cut_header) {
+        /* Reopen file and truncate it to 0 byte by specifying the 'w' flag */
+        stream = freopen(filename, "wb", stream);
+        TEST_ASSERT(NULL != stream);
+    }
+    fclose(stream);
+    stream = NULL;
+
+    status = psa_its_get(uid, 0, 0, buffer, &ret_len);
+    TEST_ASSERT(status == (psa_status_t) expected_status);
+    TEST_ASSERT(0 == ret_len);
+    PSA_ASSERT(psa_its_remove(uid));
+
+    /* Check if the file is really deleted. */
+    stream = fopen(filename, "rb");
+    TEST_ASSERT(NULL == stream);
+
+exit:
+    if (stream != NULL) {
+        fclose(stream);
+    }
+
+    mbedtls_free(buffer);
+    cleanup();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void set_fail(int uid_arg, data_t *data,
+              int expected_status)
+{
+    psa_storage_uid_t uid = uid_arg;
+    TEST_ASSERT(psa_its_set_wrap(uid, data->len, data->x, 0) ==
+                (psa_status_t) expected_status);
+
+exit:
+    cleanup();
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_random.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_random.data
new file mode 100644
index 0000000..c23d922
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_random.data
@@ -0,0 +1,55 @@
+Generate random twice with CTR_DRBG
+random_twice_with_ctr_drbg:
+
+Generate random twice with HMAC_DRBG(SHA-1)
+depends_on:MBEDTLS_SHA1_C
+random_twice_with_hmac_drbg:MBEDTLS_MD_SHA1
+
+Generate random twice with HMAC_DRBG(SHA-256)
+depends_on:MBEDTLS_SHA256_C
+random_twice_with_hmac_drbg:MBEDTLS_MD_SHA256
+
+Generate random twice with HMAC_DRBG(SHA-512)
+depends_on:MBEDTLS_SHA512_C
+random_twice_with_hmac_drbg:MBEDTLS_MD_SHA512
+
+Generate random twice with PSA classic wrapper
+random_twice_with_psa_from_classic:
+
+Generate random twice with PSA API
+random_twice_with_psa_from_psa:
+
+# This bad-usage test case currently crashes in the default configuration
+# because CTR_DRBG crashes when given an unseeded context. This is arguably
+# a good thing because it prevents misuse of mbedtls_psa_get_random().
+#PSA classic wrapper: PSA not active
+#mbedtls_psa_get_random_no_init:
+
+PSA classic wrapper: 0 bytes
+mbedtls_psa_get_random_length:0
+
+PSA classic wrapper: 1 byte
+mbedtls_psa_get_random_length:1
+
+PSA classic wrapper: 256 bytes
+mbedtls_psa_get_random_length:256
+
+# An external RNG is supposed to handle arbitrary request lengths. Test it
+# with something larger than any RNG call made by Mbed TLS itself expects.
+# CTR_DRBG and HMAC_DRBG have their own maximum request lengths which may
+# be lower than the value chosen here and are tested separately.
+PSA classic wrapper: external RNG large
+depends_on:MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
+mbedtls_psa_get_random_length:1024
+
+PSA classic wrapper: CTR_DRBG max
+depends_on:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG:MBEDTLS_CTR_DRBG_C
+mbedtls_psa_get_random_length:MBEDTLS_CTR_DRBG_MAX_REQUEST
+
+PSA classic wrapper: HMAC_DRBG max
+depends_on:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG:!MBEDTLS_CTR_DRBG_C:MBEDTLS_HMAC_DRBG_C
+mbedtls_psa_get_random_length:MBEDTLS_HMAC_DRBG_MAX_REQUEST
+
+PSA classic wrapper: ECDSA signature (SECP256R1)
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+mbedtls_psa_get_random_ecdsa_sign:MBEDTLS_ECP_DP_SECP256R1
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_random.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_random.function
new file mode 100644
index 0000000..dfc4e85
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_random.function
@@ -0,0 +1,202 @@
+/* BEGIN_HEADER */
+
+/* Test random generation as a whole. */
+
+#include "mbedtls/bignum.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/ecdsa.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/hmac_drbg.h"
+#include "mbedtls/psa_util.h"
+#include "psa/crypto.h"
+
+/* How many bytes to generate in each test case for repeated generation.
+ * This must be high enough that the probability of generating the same
+ * output twice is infinitesimal, but low enough that random generators
+ * are willing to deliver that much. */
+#define OUTPUT_SIZE 32
+
+/* END_HEADER */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_INJECT_ENTROPY:MBEDTLS_CTR_DRBG_C */
+void random_twice_with_ctr_drbg()
+{
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context drbg;
+    unsigned char output1[OUTPUT_SIZE];
+    unsigned char output2[OUTPUT_SIZE];
+
+    /* First round */
+    mbedtls_entropy_init(&entropy);
+    mbedtls_ctr_drbg_init(&drbg);
+    TEST_EQUAL(0, mbedtls_ctr_drbg_seed(&drbg,
+                                        mbedtls_entropy_func, &entropy,
+                                        NULL, 0));
+    TEST_EQUAL(0, mbedtls_ctr_drbg_random(&drbg,
+                                          output1, sizeof(output1)));
+    mbedtls_ctr_drbg_free(&drbg);
+    mbedtls_entropy_free(&entropy);
+
+    /* Second round */
+    mbedtls_entropy_init(&entropy);
+    mbedtls_ctr_drbg_init(&drbg);
+    TEST_EQUAL(0, mbedtls_ctr_drbg_seed(&drbg,
+                                        mbedtls_entropy_func, &entropy,
+                                        NULL, 0));
+    TEST_EQUAL(0, mbedtls_ctr_drbg_random(&drbg,
+                                          output2, sizeof(output2)));
+    mbedtls_ctr_drbg_free(&drbg);
+    mbedtls_entropy_free(&entropy);
+
+    /* The two rounds must generate different random data. */
+    TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0);
+
+exit:
+    mbedtls_ctr_drbg_free(&drbg);
+    mbedtls_entropy_free(&entropy);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_INJECT_ENTROPY:MBEDTLS_HMAC_DRBG_C */
+void random_twice_with_hmac_drbg(int md_type)
+{
+    mbedtls_entropy_context entropy;
+    mbedtls_hmac_drbg_context drbg;
+    unsigned char output1[OUTPUT_SIZE];
+    unsigned char output2[OUTPUT_SIZE];
+    const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type);
+
+    /* First round */
+    mbedtls_entropy_init(&entropy);
+    mbedtls_hmac_drbg_init(&drbg);
+    TEST_EQUAL(0, mbedtls_hmac_drbg_seed(&drbg, md_info,
+                                         mbedtls_entropy_func, &entropy,
+                                         NULL, 0));
+    TEST_EQUAL(0, mbedtls_hmac_drbg_random(&drbg,
+                                           output1, sizeof(output1)));
+    mbedtls_hmac_drbg_free(&drbg);
+    mbedtls_entropy_free(&entropy);
+
+    /* Second round */
+    mbedtls_entropy_init(&entropy);
+    mbedtls_hmac_drbg_init(&drbg);
+    TEST_EQUAL(0, mbedtls_hmac_drbg_seed(&drbg, md_info,
+                                         mbedtls_entropy_func, &entropy,
+                                         NULL, 0));
+    TEST_EQUAL(0, mbedtls_hmac_drbg_random(&drbg,
+                                           output2, sizeof(output2)));
+    mbedtls_hmac_drbg_free(&drbg);
+    mbedtls_entropy_free(&entropy);
+
+    /* The two rounds must generate different random data. */
+    TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0);
+
+exit:
+    mbedtls_hmac_drbg_free(&drbg);
+    mbedtls_entropy_free(&entropy);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+void random_twice_with_psa_from_classic()
+{
+    unsigned char output1[OUTPUT_SIZE];
+    unsigned char output2[OUTPUT_SIZE];
+
+    /* First round */
+    PSA_ASSERT(psa_crypto_init());
+    TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE,
+                                         output1, sizeof(output1)));
+    PSA_DONE();
+
+    /* Second round */
+    PSA_ASSERT(psa_crypto_init());
+    TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE,
+                                         output2, sizeof(output2)));
+    PSA_DONE();
+
+    /* The two rounds must generate different random data. */
+    TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0);
+
+exit:
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+void random_twice_with_psa_from_psa()
+{
+    unsigned char output1[OUTPUT_SIZE];
+    unsigned char output2[OUTPUT_SIZE];
+
+    /* First round */
+    PSA_ASSERT(psa_crypto_init());
+    PSA_ASSERT(psa_generate_random(output1, sizeof(output1)));
+    PSA_DONE();
+
+    /* Second round */
+    PSA_ASSERT(psa_crypto_init());
+    PSA_ASSERT(psa_generate_random(output2, sizeof(output2)));
+    PSA_DONE();
+
+    /* The two rounds must generate different random data. */
+    TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0);
+
+exit:
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */
+void mbedtls_psa_get_random_no_init()
+{
+    unsigned char output[1];
+
+    TEST_ASSERT(mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE,
+                                       output, sizeof(output)) != 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */
+void mbedtls_psa_get_random_length(int n)
+{
+    unsigned char *output = NULL;
+
+    PSA_ASSERT(psa_crypto_init());
+    TEST_CALLOC(output, n);
+
+    TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE,
+                                         output, n));
+exit:
+    mbedtls_free(output);
+    PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_ECDSA_C */
+void mbedtls_psa_get_random_ecdsa_sign(int curve)
+{
+    mbedtls_ecp_group grp;
+    mbedtls_mpi d, r, s;
+    unsigned char buf[] = "This is not a hash.";
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_mpi_init(&d);
+    mbedtls_mpi_init(&r);
+    mbedtls_mpi_init(&s);
+
+    TEST_EQUAL(0, mbedtls_mpi_lset(&d, 123456789));
+    TEST_EQUAL(0, mbedtls_ecp_group_load(&grp, curve));
+    PSA_ASSERT(psa_crypto_init());
+    TEST_EQUAL(0, mbedtls_ecdsa_sign(&grp, &r, &s, &d,
+                                     buf, sizeof(buf),
+                                     mbedtls_psa_get_random,
+                                     MBEDTLS_PSA_RANDOM_STATE));
+exit:
+    mbedtls_mpi_free(&d);
+    mbedtls_mpi_free(&r);
+    mbedtls_mpi_free(&s);
+    mbedtls_ecp_group_free(&grp);
+    PSA_DONE();
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_rsa.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_rsa.data
new file mode 100644
index 0000000..5ad5da2
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_rsa.data
@@ -0,0 +1,627 @@
+RSA parameter validation
+rsa_invalid_param:
+
+RSA init-free-free
+rsa_init_free:0
+
+RSA init-free-init-free
+rsa_init_free:1
+
+RSA PKCS1 Verify v1.5 CAVS #1
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
+# Good padding but wrong hash
+mbedtls_rsa_pkcs1_verify:"d6248c3e96b1a7e5fea978870fcc4c9786b4e5156e16b7faef4557d667f730b8bc4c784ef00c624df5309513c3a5de8ca94c2152e0459618666d3148092562ebc256ffca45b27fd2d63c68bd5e0a0aefbe496e9e63838a361b1db6fc272464f191490bf9c029643c49d2d9cd08833b8a70b4b3431f56fb1eb55ccd39e77a9c92":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd":MBEDTLS_ERR_RSA_VERIFY_FAILED
+
+RSA PKCS1 Verify v1.5 CAVS #2
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0
+
+RSA PKCS1 Verify v1.5 CAVS #3
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0
+
+RSA PKCS1 Verify v1.5 CAVS #4
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"867ac26e11a13b7ac34a42a1e177648692861226effb55bb597fbde10f299bf7fffd6fc8ddb2a46a73b97b67387a461b23e1d65dc119366286979add615b926b9272832fc0c058b946fc752dcffceca12233f4c63f7897cbaa08aa7e07cf02b5e7e3e5ece252bf2fe61d163bce84c0e0368454a98e9fdebf6edbd70b290d549b":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"3bb7b1c5f3391de4549e2e96fd33afa4d647dd90e321d9d576f3808e32213e948b697ef4fd2dd12923de6ec3ffd625078a57f86af38dc07052bb50547c616ed51fa1352b3ab66788408168d21263ef2d3388d567d2ce8cf674f45491ab2b0319d47be1266bda39e343b2a38ea2d6aaaee6c4465aee1d7bb33e93a1c40a8e3ae4":0
+
+RSA PKCS1 Verify v1.5 CAVS #5
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"cd810e97dc21095ea7a0238027a7bafd343e01444785ea9184a44a79f80438c41fc0b57aa95693407da38fe5ff0ec1398e03361e51a3dbe134b99cca2df0cef1c444ca54d2b7db2789455b6bb41918c24001fd82fc20ee089de3f34f053699c1c5f7954ce0aaabb9d26fce39d032894152229d98cf64ecafc7089530073c61d9":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"7b5fba70ec5b521638f182bcab39cec30b76e7bc017bdbd1059658a9a1db0969ab482dce32f3e9865952f0a0de0978272c951e3c015328ea3758f47029a379ab4200550fba58f11d51264878406fc717d5f7b72b3582946f16a7e5314a220881fc820f7d29949710273421533d8ac0a449dc6d0fd1a21c22444edd1c0d5b44d3":0
+
+RSA PKCS1 Verify v1.5 CAVS #6
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"44637d3b8de525fd589237bc81229c8966d3af24540850c24036330db8007e6d19a19486018b2b02074da590aaba9d2c8848c0a2d1b6de4dfaf24025b6393df9228008f83f13cc76a67cfbed77a6e3429342824a0b6a9b8dd884094acc6a54bbc8c8829930c52fe39ce5e0dcd02d9553ef899d26eb6cae0940b63584e2daeb3b":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"38fc4f6f0430bb3ea9f470a4c0f5cebdabac4dbeb3b9c99d4168e7b00f5eb294ec0ece1908eded1f3e14f1e69d10f9feb425bda0c998af945ef864298a60a675f0bb5c540a7be3f534d5faddff974eea8bffe182a44e2ee1f4f653e71967a11869ee1a850edb03cb44a340378cb7a1bc9616d3649b78002b390a05a7e54edec6":0
+
+RSA PKCS1 Verify v1.5 CAVS #7
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15
+# Bad padding after performing the public key operation
+mbedtls_rsa_pkcs1_verify:"d03f12276f6ba7545b8fce719471bd253791878809694e8754f3b389f26c9253a758ed28b4c62535a8d5702d7a778731d5759ff2b3b39b192db680e791632918b6093c0e8ca25c2bf756a07fde4144a37f769fe4054455a45cb8cefe4462e7a9a45ce71f2189b4fef01b47aee8585d44dc9d6fa627a3e5f08801871731f234cd":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"d93a878c1ce86571590b0e43794b3edb23552797c4b8c9e3da4fe1cc4ac0566acd3b10541fe9a7a79f5ea4892d3069ca6903efb5c40c47eb8a9c781eb4249281d40c3d96aae16da1bb4daaece6a26eca5f41c062b4124a64fc9d340cba5ab0d1f5affff6515a87f0933774fd4322d2fa497cd6f708a429ca56dcb1fd3db623d0":MBEDTLS_ERR_RSA_VERIFY_FAILED
+
+RSA PKCS1 Verify v1.5 CAVS #8
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"b2f2e6e09fd19b0a8c06447554d6a236c69e2b334017488881d8c02ab81d74cae0c64efd50a374998eeec162651975e637cb2ba594250c750a4943253f1db0613e4ce1d50f8e3e968a2a83bd6cb97455ab2ccc77071076b3e211ffb251bd4c1a738b88b2021c61c727c074ce933c054acbcbf4f0c362ec09af38de191686aebe":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"a853e67f928281d11506c9d39e5ea9b2d742782c663c37d0a7c9e9fe15379cde1e75d94adbfb1ca08691f320af4ff2b0a29a4d2ea10a20cb95d85f3dabac3d56cca9039c851d0181408c00b385fc82cafa4cfa7380d0c2c024fb83fec59d5ee591d63806dcb18b21ea440c3d3f12c1e7795eb15b7ce4c4b288d646cf1d34bdf1":0
+
+RSA PKCS1 Verify v1.5 CAVS #9
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"647586ba587b09aa555d1b8da4cdf5c6e777e08859379ca45789019f2041e708d97c4408d4d6943b11dd7ebe05c6b48a9b5f1b0079452cc484579acfa66a34c0cf3f0e7339b2dbd5f1339ef7937a8261547705a846885c43d8ef139a9c83f5604ea52b231176a821fb48c45ed45226f31ba7e8a94a69f6c65c39b7278bf3f08f":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"10001":"e27a90b644c3a11f234132d6727ada397774cd7fdf5eb0160a665ffccedabb8ae9e357966939a71c973e75e5ff771fb01a6483fcaf82f16dee65e6826121e2ae9c69d2c92387b33a641f397676776cde501e7314a9a4e76c0f4538edeea163e8de7bd21c93c298df748c6f5c26b7d03bfa3671f2a7488fe311309e8218a71171":0
+
+RSA PKCS1 Verify v1.5 CAVS #10
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"55013a489e09b6553262aab59fb041b49437b86d52876f8e5d5e405b77ca0ff6ce8ea2dd75c7b3b411cf4445d56233c5b0ff0e58c49128d81b4fedd295e172d225c451e13defb34b87b7aea6d6f0d20f5c55feb71d2a789fa31f3d9ff47896adc16bec5ce0c9dda3fde190e08ca2451c01ff3091449887695f96dac97ad6a30e":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"10001":"dd82b7be791c454fbbf6f1de47cbe585a687e4e8bbae0b6e2a77f8ca4efd06d71498f9a74b931bd59c377e71daf708a624c51303f377006c676487bad57f7067b09b7bb94a6189119ab8cf7321c321b2dc7df565bfbec833a28b86625fb5fd6a035d4ed79ff0f9aee9fa78935eec65069439ee449d7f5249cdae6fdd6d8c2a63":MBEDTLS_ERR_RSA_VERIFY_FAILED
+
+RSA PKCS1 Verify v1.5 CAVS #11
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"f4a990b8d434a5914340c0ca3ca4e4a70856c55e13e938c1f854e91cdef54c6107d6d682a62e6c1ff12b1c6178ee0b26b5d8ae5ee4043db4151465727f313e9e174d7c6961abe9cb86a21367a89e41b47267ac5ef3a6eceaaca5b19ae756b3904b97ec35aeb404dc2a2d0da373ba709a678d2728e7d72daae68d335cbf6c957d":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"10001":"d8ef7bdc0f111b1249d5ad6515b6fe37f2ff327f493832f1385c10e975c07b0266497716fcb84f5039cd60f5a050614fde27f354a6c45e8a7d74f9821e2f301500ac1953feafeb9d98cf88d2c928413f337813135c66abfc3dc7a4d80655d925bf96f21872ca2b3a2684b976ca768fe37feae20a69eeec3cc8f1de0db34b3462":0
+
+RSA PKCS1 Verify v1.5 CAVS #12
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"c81f04c79982971fa176d64e8f7f8812f86a94c49e84672ff10996a2d6dfc444a884c7a87c4606a1aab22558894ee59b798b457827f5ee0b0cadcd94371902cc4ddaf97acefed641997717bcb3cc74cd440f0a31e20fb95812cecb740c36d6d1bf07e3641514cfa678aff2a39562ff4d60e02b17583a92bf0c56d66bde9e09f8":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"10001":"52111f4798da3c11b3c74394358348ab0fc797bde99080f238d33a69b04b08ac2bd767b33872473943e23af27ca32fd568a43a8c7d6cc55b4fbb380212fdfcb60487e20694d4287e233efdf7b04737c0037a592d03077801828b051998c42b9f9e2420063331d5b2349918a64d8b65b21a2011ee7318fcef48aced95b8ddf501":0
+
+RSA PKCS1 Verify v1.5 CAVS #13
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"a97824871770b79da979a111f6decfb1dd11bd946cfa800b008f0ad5aea5aa92e205d27a46c31d4fe6cb909091bd21f082fb75074000ee46c2f3e530d77b34c7c5d6f8453025950d3e0afae1f9752655f5bbea8432e9f1014357ff11b08076179a101e4f9d3f25bffb5e656bf6afe6c97d7aa4740b5d9224cde4dede035a7768":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"10001":"d5dcd27c74e040ea86f106b63d3275fa7b7e98d2dd701f38ec15fc7301b72df127f6d3bd5571253a0b9e0e719d7d522893896941a1aeccc697912282b5308d829b91905b5dd7b7e1b8fe27e2bd4003b09dfe7fe295f8a43c076c0cb52f2aac067e87de7ffe3a275d21a870c3dfc9b1d06d7f018667de9eb187bdf53d282e5d8b":0
+
+RSA PKCS1 Verify v1.5 CAVS #14
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"4ce61930c79dc017c2dea0c5085d73a3b0e4a6f341e9a5061a6658af11e5edf95bdad915ac3619969e39bee15788a8de667f92f4efc84f35082d52d562aa74e12cc7f22d3425b58f5056d74afcf162cd44e65b9ee510ff91af094c3d2d42c3b088536d62a98f1c689edcf3ea3fc228d711c109d76ae83d82d6a34dcfbad563cf":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"10001":"27280b92eab5cbf0d787ff6fa6b0151d6610adfd25116113f2f186f3f8d39736d91ae510ec2bd96f2de135aefda79178138696dcc6d302e4a79ddabbe16e39ab96075776afce863e84a2e6013cb457e4047e22d43f67bf64ae5e1d844a7c12ac696efbb3cda7c0e0aca71f8a7ada9a0547bfaefe1ba2e04058c672c803720dd9":0
+
+RSA PKCS1 Verify v1.5 CAVS #15
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"224ecd3b630581da948216366c741015a9723c5ea43de67e28454d0a846f54a6df167a25cc500cf21f729aaefed6a71a3bdba438e12e20ad0c48396afe38568b70a3187f26098d6ac649a7c7ea68ed52748e7125225102216236a28f67753b077cfd8d9198b86b0b331027cb59b24b85fd92896e8f2ff5a1d11872c2e6af6ae2":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"3":"1f7938b20a9cd8bb8ca26bad9e79ea92373174203f3ab212a06de34a9a3e14e102d19a8878c28a2fc8083a97c06b19c1ae62678289d5d071a904aed1d364655d9e2d16480a6fd18f4c8edf204844a34d573b1b988b82d495caefd9298c1635083e196a11f4a7df6a7e3cc4db7b9642e7682d22ec7038c3bad791e1365fe8836976092460e6df749dc032baf1e026684f55936beb9369845c53c3d217941c1f8d8f54a32333a4c049c3f2d527125778032f5d390040d1d4cce83dc353ce250152":0
+
+RSA PKCS1 Verify v1.5 CAVS #16
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"6ecc722d233dad1aca45e6bc3e1a0b99fb1f89c0ec63bc657e6aaacbf931f267106cff42b712819f341b1ede798964a0b1a5032c198b391111e88d0d7303c02e23fa0137e74e604579a285b2dbc0a23aebdda65c371eb403125bd366e822e72dceffe0d55dfa3155c16283020dc9abb0d150da1aef251484aa49e49e00974dac":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"3":"339dce3a1937669d9fb14c4f652378861fd5adc4da88eaf833b16020b55a24ddc83b7ae3395a9a49b426bb9a4170cb765b02652faa9594b457aeefdae4f802e93d8e65c687ddc723701465a5ef19249ed5d2617b5121c58557b34eb99a663bbcf4453a6e1db5d88723de449fcf58ca8ef514daf08cfdc71be155bb3d0724df0c0a6fd5aa7737433cc376640b9b8b4c7ddd09776bae0245729cddb56e36f28edad6aecaed0821ec8d843a96348e722bf0a84cf060a793a2179f054138f907d0c3":0
+
+RSA PKCS1 Verify v1.5 CAVS #17
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"72f0b1ae27e1f5e5bfa15ded204c2c54b47b2420750a3eb5471f9ff98b67c8b5f1a30d3f8d6448562e12ce4deb33a26cfeeae993d6be9e20679d8713c5216870f11276e5f22b0ead2821a7b4dee106fc1e19b13fc9fba5d6e73e4bd93b65a9881a43d5e97ebfb0b357d5d06b21ddbecdbb10626d7748bb9e6e07d49316bbf3c4":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"3":"8117a6897e14c183737661cf5741350a84ae00495cd9ee8fb033582e559f79701ab424706660515ee5821a69a6850647ec641676a625d1a3899932aaa52161fbc0c0a825db82fde0585b3c9b9c16de43e26da6a30fe5a601dae68bded1e29ec34557b5f6962efb10b9450d6f096655f68e8499cfa16a0adeb9075e7b91851fef84243132d08273d35d01ad89c17e1e6e4deaf1cb233050b275fa9d2cae57e9e1a0e23139267040aa39b6abd8f10fa1cec38ce2183573ddc11626fc262e1a0ced":0
+
+RSA PKCS1 Verify v1.5 CAVS #18
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"f80c94a2b53736978adf041886ad97ab2aeb9e91c08bd4eeef6b2f2b8dd75a99b4506657188bbd7597bd5759121630627c8bf9cc30d90dd488c7a81cabab5350a62fa30abf5523f305b98f2c2c1743ec980cf26ab8219bfd9505b981ab1abbfef733b384519d5259fc5c14577cb6b88fa7f6f332ff6a65b23faecc24342c78e9":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"3":"6b49553ed964ae196a41ea281f4d2a250ce7d1e7434e45cf6a82f7bed17554f39c3f0241e0364702fcb87475eb0c0839ffd2180890fa05b4bbf31bbfa4bf5119dea0c9f88e1e9617fcdadabc6fa1945136cc66e039b905d78ed365c5806d38aec88b3edfb86c05ff446dbfd51d7cd75cbf8d3b85154c783765386f51637532221f52429db5612dcc034968bb8feab7dc6f5ed1f2feb557f6dd49c980296117be2c4195ec7b6101ea767df9d16a56fc9709b49308a54dab63dbc4d609f959ce17":0
+
+RSA PKCS1 Verify v1.5 CAVS #19
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"4eb97094bb42aaa58b040bd06a8f324396b9eca9e39359b7039c4a010434ee131a53aebd9f7a55ae58ea7444fa1505a3ec524e054fd408513cddc1ee4c2f7fd95ec4a6f594be1ba39fa1aa933dc0a5dafff5ce44509577ebb3a3e8084c44010aa27321e5a3f646ade99175633b795c0f570b360eeebeefaef15788f80b5cbecd":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"3":"2b8b794a8621d492eec18a4efd239e0e077c89340a34b0fdbf467f2bf3112c7f33d00ee736f2988af8569c1a74891efbefa839e295fffdf4d908c1ede61a861a4d24b154a09d1b3f923fd2bb7906994cf82a97da285bf48e61f90cc3596f9350ab9b66a216ffca323195bb213f5a77fe8c697475595a1857dbee58128cbf1be7cb220229ce52766fefd88cc129ad5cbbdcd31fb4eede6c4fdd3193a9aaaa54362bcea4082981d9b7c40483814828f3297d95ad933c76f31c47e37a93ffaf0d4a":0
+
+RSA PKCS1 Verify v1.5 CAVS #20
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"a3edb0f52c6166d7b76e71634761f402337c3e9667549d00cd7877e6055396b35c54c4dffc4c987060178fc10b7e5e827a5c870057002ba6efd31fc4e63a429029be0d6b256b6b653775cb026322743f48e319d053c4aeac34077acb8e0c6c2ef375b2210f8788bd23d24eb0b614de41875b1c8ec56acf18825eaf826691be96":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"180630d2f4dc91ddb1159978e278cda7ac4b178e82477f9770c4d2e1c5017d2f222348658044c1be4cda24ce3c9ba3d423536a39bf60324c1b30eabdad700b0982e58072f7e18216e7e4c07e17674ec3eabcfbafce317d2f539f129902d80031ca201a8b325629a96ca4a70b51294c2fddd1d0aca1537d7d8b780e1e62d34be2f98104d876a4990396c8628e6498d9651f468bdf1139664eabe9166efbe909bf87d7305d5f60f1acc3599ed339fcf4e009fbad4059af1a50264cb0a4ec1d23f3":0
+
+RSA PKCS1 Verify v1.5 CAVS #21
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"ac58fd024208d7f045d81a56cd55aad40ab86b0d216ab55136c7027aca23ea13480a52c0dacce0d98139b25965aa4ff76a41dd92037195d24bc0750d52cb3467b48b7b3e71d852c5f82bd9ee85a8388ead5cd8bc38c3d4792e8daa9734a137d31963e245ad3217fad235f7dfd5584de0fe91c4526568588e08b60bdf1badd99f":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"a142b0d9456f8f4772675265a08613a66c416bd1ae712975c69d9ca5fb8c1be9c24359a04fd15460bf6136a8a11f13e3ce2de2171524f10cb715f0d71e3db15281ab99eadbe86cf8c5c518162c638ef27a4f7bfb4a1a3873f3c384a5b1c3b4966c837b9d8d192ac34e03943b7ae191355aa1ff3b9cd041bb2668f1f81cf0d015b3d3608cd9ac79398212c0f132f1bd45d47768b999fcf3c05fe2069593ceecedc851a7fc465abcfef0fabba9b9460153f6ba8723a5c6e766c83a446aef3ee327":MBEDTLS_ERR_RSA_VERIFY_FAILED
+
+RSA PKCS1 Verify v1.5 CAVS #22
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"027f767928a5821e2723d6f36c43e6b498b6f0b381852571794a096bd49f1c36a4d7bacec7ec402c24b970163169173bb930ec7fdc39bc9457dfc4ca051f5f28a64de1bbe007c22e8368ff9b117dbda17efd2fb73434bbbf5a4158df56813b8c904bb2e779de504dcd974a291568210d6f85810291606a1c0cd88d51ceadf98a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"0676e64daaa18f4af46e9dfbe234db389b8a527b0fe1db97eb7f404e3155226cba70d318800f83160fa1aa19916e5c09f079331079f18cb8ab1a4b884cb28501824974f683ed2b9babae9f8c15bea30802805c6b2152119764811bbf5f3994d2e97fa2fe8c5ab15a23c14d7ae56be00eaa8bc26678481ff5ba59b0acfb0e43341bff9fc638e5625480a73dbc5d8d13bd2b9e64037c6b79df0c60869980c6a22ec46f80fb859cb4ee5d2032ac1fe538cfd85c70a7f33b4af50a93395917c2cfb6":MBEDTLS_ERR_RSA_VERIFY_FAILED
+
+RSA PKCS1 Verify v1.5 CAVS #23
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"06dcd9d4c056b6a45b9ed2ae5f6c1cfa43aae06fe01ee098264aa7a80e901abbcf9a505e55f9a352ef0c078d48249b8298e57ea21bf0e423c3bf69002acfa541ca05007c704bc79cee7a80e1107c7b28d2b2aa6dd093b28efe9642519952a4a95ee49235f9924a0ac0aee5b2a1bce47459d70cd6e75074614199dca44561407c":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"5e08f399258e6de075b67a0a6a822ceb21b1eb7a0342eca6a4295739f644547dee3456243cf32bd6ea6f357c88632508457130f3dae04f7806efaed43d1d501e16c961dfbd6c71a42b480e95c7027f8275063d05a9aac3eef0520867b9896ebe8ec358f7d121beb4e61ddfdc3dcd835dfe265f2ba68d300ef566ed1284f9f3d7b1af363ed47bfa2e5f0492925444df7e5fcb1e79e690c746117650b543a5e82c39553552f0f44e617b5cf773c533050f4129e893ac22af69b1eb9afb4b5ba5f5":0
+
+RSA PKCS1 Verify v1.5 CAVS #24
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"1240028c6d7ab3992ada0e5ca55ee4f3d62f8de575302d5861d73685423c2e6a6d6fb3be090fbc2a701821b6d8fd5e8233f794b6549cd0bb52b390ac31478307bffa91a9bd9c1bf93ffc846356fef008ebee4bb3ee148e0fb1893d188e4934d0d088a433d14a596c5f2e3e49648a22edc6bdbcc58dc1edbd440046b3a169ca2b":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"a003ae9cf0704d58763b214f20446ecc4099c566f25384e28d0dd6540c58705fc8d0bfe1ceaa06096ed1e230146edb82056e39e6727abec09f25e44079b6ce1ca2c6a540dec7aa34444d7d435f41e5fca9b0bba62759ae2780638e5160e031bb60409c2e85674ac7a776b444b37b9d7f4dbaa557e88b8562a584f2dbe90729b241aede95dfcc7e05b10deef06255cb89f0e7ccff23354818756a1f8bb9f00fd18f6cd22ca1b4bfc38027562bb37562c77c7883b5d735170d75521195fd3f2bd3":0
+
+RSA PKCS1 Verify v1.5 CAVS #25
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"67922a8b9cbc95cf7c555ff2d73cfc62ee04c3f0df9bfc8f64293a58bd3bebd2eb212d711f94e35c729d0873d6b244914d21bd0e59b23089b38740e43f480e8f407d090ac93b08a57403968b55e78cfe31eee6e4ecbacf834168fe89b6b8454fce6e675e80f82b33e850ae3f3d24fd320335e37981fd000576941b4f08d4ba99":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"2c6b301852cc55a993a933e2c080eb9dabfe19e9dc3571066caeabed1492d3501cd838de1c01784932df7a5ad5bbfb48c78f53a45f76e9812d046f23bd968495ef7e981e5add4acfc538fe33a5205de74bb37d3d9b6b87b2d174e85a73f216fd67d5738fc469dff7ea6b852e8dd08bc8df036597372d4d51185e6f47a45fbe1b9bdb06a4018783425ec95294de41f27235ad3b3263a890b8b62b17410a9bb08673393ff205a866ee2057e99c6517c6bbc84f8d87717b83d6f64de7ee215e1e8d":0
+
+RSA PKCS1 Verify v1.5 CAVS #26
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"1428b4a449698a994ef84c46a517c3aa6359c48e4264ef65f1f69d77ae26133e17edfc103de416fffb4f2bfe865b434544a418f6e2faca00a165d443f0663ff64080154614f7194057d8b5f1f33934cc9fc2314cf86d4fdad4892bf0d3058f7f37ebe98ef52bfb240b9ad369153afe081bbcf9d7ae43e8ba336b8ac57e8a6da0":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"8e10a1ae470e6e57a8d234185f78fdb600cc636c41565a9f3694a84ae102f6251984f54d11a7785fdcfdfaf80a821e05d57ef6b8edc03d9076755779322fd53eb98c805da77dc9316744e393c2fecd291a7e6043b1ca89fd8248f661e1d53110211b91edb41b31e848cde1115d8afd9963ebcc36aff5a27085949f0781bc69167c140ecfe71c44aacaf4123e557eaf2b528c6d0ea875b4ceefa942fe338af8df10562c438af04cd7521da912b3e3899cef0d75722161be6abed5e4e9009dbf40":0
+
+RSA PKCS1 Verify v1.5 CAVS #27
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"4871adc05f6b3ecf296680b0dd8d86715b0d5264c064008037dc410512520b5f193c8f4d21eb6c42e10d220c0275c9b3751f03a4096e2f0e3db9df8d52068c06a51589d23ca1361e9fe27691e95663301ec1407fbf73aee99cc92362eaf6994b95038396d815052a0aef6489bbb7bcb0fffdf13f0af9e7d9fd14f6ce00ab98f7":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"11":"180caf03781b391aacebe5b3f5e1d3b01c68a00df4ecfb6c4bf14217aed7cfca0adac099ec1d6e1f0b43b09b86788533fee6691d773807af0df6cc3bbdde3cf34bf5b848fa59c8bc10227cc3eba3452a85e0520fccdb2d8d32dd99672d302756a2d7f7f2693db3a48be17bd34d9d891f4ba44449c5bad1de91b788f524500a7703cccbaa77b9fe8791f5c8aa7b8f055336f28fcfc01733712e33cfb3d33fe71ddb9ced2a31931ec38007f5ad4a0d19acc428124b0e5ee6e0746fb33c1a4d90c8":0
+
+RSA PKCS1 Verify v1.5 CAVS #28
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"3bba64de38438a71b95ab9c94539d5870c1fb08d7a9937600c00e9d063438edc97e625d0cd4b1eb00c31c9d94c7a0fe6d03160d1b6cbec5acdad16ada6ef253fee603df9faca8f98a477cc5456f3dfbf6414dbf19f3832e227ce291780188881e82e96a2e84744f12a34a9808a2daedc6fd00b345c6772bec26a095719451e6a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"11":"8c846e75e32ce5f9964bdd8f6dcf1d2996a646b233bcf1bd6394e13e856691b89bedd18290a0f9f7c90dca307271b3108e795340490513b25e6789e93722c65ec064b4c43457295a31d1f07dd605e133fd6eaafc58cda132df2939f5f693e0205af34550afaa137f3e482885e50dfb48333a15c0821e7a19642acdddc6fea3c7487c691246a2b083dac439889d5ae741b7e08c47937530b4b069f1a260cd07fe4a0ddd530ab11534fb805e9b562118ee0e97932966008aadfc83f3b8a10de8ee":0
+
+RSA PKCS1 Verify v1.5 CAVS #29
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"f7857ce04bf4292ea1755f9e587822372f4dcdf10bddfc0ff498a8af60ae94a0b482e873085c1cd52a5d181ce6b99a1f8520d74b947d65f3e7e358e8ddc4ac4ae465e39d408eee1f09865159733f83f553cd93cfde1c114fb3e32cf51cd418359016b3867df467b645d752808671a4609f3c49a67023c9ca617e6cffa544a10a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"11":"9677300bbee003be3c445634f8ed5beb152b63f46f84cf5a8e721e0fafe8f3f7e99a6d50741f23f449d3026da3e8a7ac36be99ab44831803486ae552f7aa01f075287829b231d2d0840908e09081ae177ed888fe46a9d937a0871eb5d52ec541c8411c4cbf7efea6ca213b12cea513b0739eedca7c9473e10a7796936f4eaa0c5d3a9013ca5536781ac68eb2ca5779144de23da2e9875114aca885b3219dfc292d73940c5992ea3c4882889e7543430652860e441a01a45d9f4005a012421493":0
+
+RSA PKCS1 Verify v1.5 CAVS #30
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"ca312774f2756ac2019f213a01a63c9a0b4a49ccafecf25e97a4c632668e3c77e664f4d7635241f25205e50c37061b02c546db8346fa597c3da8cfd44a827c5a4ff4ecfcd1797b39a1b215d9bbb93fdb6eb35bafbda427a5068888a6e19f86224b0897490491207e35ce39085668b10b4fb851b7dd9465c03869790ef38a61b5":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"3":"a202c33eb831b9d8e818b6c3bcdb42818e1d9c22a06ddd73a17a21e49d18cda44df349a066477cae068e1a5d2b518b0885e889ef796ca9e6f42a69ac755b8a6405fbaef93fe0130d98de35d689addfee3eecd26658903f774bda481c3f40ee0e9569a3c3e2da7ad576c7de82159d933e36fa29cfef99367005e34ab5082d80f48276d37dabc88dbb023bd01585329d2ccf417f78ec508aaa29751007d31f1669296b981d44c8fa99130c5df7a071725b496859314aaf9baf0ebc780355914249":MBEDTLS_ERR_RSA_VERIFY_FAILED
+
+RSA PKCS1 Verify v1.5 CAVS #31
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"2abe079077290ceb6c80ac5c61062ce8da814b1fb99a1a9fb2860ed900e6541856ec64bf19c0d9d1cc2280b7cc50af3e3d2ad8e044945d44761ca60891dd72bd6aa26a33274ffcf7ae7d661b5e651135fcff21aaf06b4a2db18fe5827e0243884f2841760b9f1c65fbda870f7f0cfbd6ff484f0825e688614928f2d12d1e7080":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"402631f3cddfb02cc4d9cb58ef1ab6726bd787a50e12e98567c9702bfdf47af85904aec5a2f6c5df9a10f08f90f93728eb090ae2ac21ded9f38faecd8195f3eb3d4107521b1cee956e7a214245b038adae912fa35ec97cb3bdc41352e8aaff80173561284cb740f999a3cd6653a6c3d5a3f911a416f41e2155083982c99eb5998a0a74d77f1ae999d901ee24a7f2c424179a3f92b07dc0b3498c1884e60677bee0175e810b426c4ad008d2743cd19b00b33177bf8be3fed7f7406e1bce0c2ea3":MBEDTLS_ERR_RSA_VERIFY_FAILED
+
+RSA PKCS1 Verify v1.5 CAVS #32
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"da9505809dc92cfd8e01a1857dde52df6677c40d98f4577c1659ca7d3e9f01f9a809065f51b54fe2f9723fe2c9d1eea7397f2d5531d1c51c6ea100b028596bf9f24dd90be14eab58f07b4f24a35b073aeb29ecde4a6f320237d7adbdc43d94f87e08866b95bbcac83dc7db3553a42400441f088e2bf6259539a2da8b5a74065f":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"11":"57edd0560df9840a25c28ff6d254e432395a5cd2d92248b3b44d7eab0fc65b3c4e545a916a8e90ce89745119db9ec9799aa8890f5250fb589cfc12dac1b6e406a39bc3b3663892da5354ba453cbd5e4c89bdce82d0ffe97052a03a5c3308819c1139ebc780c13cf6dc1477faf734abcb1db3fafaed6f22885c9c0222ff5deacb8cc6d027f2e959c3075011b382e88c4b27b83b4f2e6fda022e331c3602d19f5ac7bccfe95ea1e93d736dbd918ae5b1f468cd0b5b536a2f918d5e27a0757e75b7":0
+
+RSA PKCS1 Verify v1.5 CAVS #33
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"d0cd038c65b3acca45822eaf91ea5176e82043268876dec0b62e2abd619023b7023abc67c6b823cfef5447b8772f985ff7910d6cc87e6c23688ac6de1fee40bbe2da1a92770de92adaa427ace02fee571a0a0176fceb0c8f3eb72dde839ab201395625f5c0db8641ce19d7711212dec61733262c6ce4476c025e67a3d5bc01f3":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"11":"2f30629c1117d013bb36e6099dee931dcaf0a1032b07ec23e2b262898a8945e569c9573d81e22bb0a5f8a28b0d7b8ff01367dd7f089c68ed1daa11cf53a96ee91b38e6b839b6e90bea34d14b78f5d2c7629b68c5b4f2ecfff66b483b2233cb14f95df533c867a2b610aebcdbb7ea3109aaf2f5762ab3edc2571deccc7da0c9a5b443ca2b924c0f18de7bbb736a08fed3916795018a436a3ae62c85d554a53a6d48623908e06e7d275f4251d3b3bd530bd11e155dcf2b5c2adf030cdf931ae749":MBEDTLS_ERR_RSA_VERIFY_FAILED
+
+RSA PKCS1 Verify v1.5 CAVS #34
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"11":"0b4d96f411c727a262d6d0ade34195b78603551061917d060f89add47b09dfe8715f4f9147d327dc25e91fe457e5d1a2f22cd8fe6fe8e29d2060658307c87a40640650fef3d4b289a6c3febc5a100b29a8b56623afb29fd3c13ea372bf3c638c1db25f8bd8c74c821beec7b5affcace1d05d056a6c2d3035926c7a268df4751a54bc20a6b8cfd729a7cba309ae817daccbef9950a482cf23950a8ca1d3a13ddb7d8d0f87ad5587d4d9ebe19fe93457597a7bdd056c2fd4cea7d31e4a0e595a7b":0
+
+RSA PKCS1 Verify v1.5 padding too short
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"AABBCC03020100FFFFFFFFFF1122330A0B0CCCDDDDDDDDDD":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:"9292758453063D803DD603D5E777D7888ED1D5BF35786190FA2F23EBC0848AEADDA92CA6C3D80B32C4D109BE0F36D6AE7130B9CED7ACDF54CFC7555AC14EEBAB93A89813FBF3C4F8066D2D800F7C38A81AE31942917403FF4946B0A83D3D3E05EE57C6F5F5606FB5D4BC6CD34EE0801A5E94BB77B07507233A0BC7BAC8F90F79":"10001":"6edd56f397d9bc6d176bbe3d80946fc352ad6127b85b1d67d849c0a38cbde7222c5fafbb18dcef791178a8e15f5c8cd91869f8ca4b758c46ce3e229bf666d2e3e296544351bcb5db7e0004f6c0800f76a432071297e405759d4324d1cf1c412758be93a39f834e03dee59e28ac571ce2b0b3c8fe639979f516223b54027340a5":MBEDTLS_ERR_RSA_VERIFY_FAILED
+
+# The following tests check whether the use of reduced length encodings (as mandated for DER in contrast to BER) is enforced in
+# the verification of PKCS1 v1.5 signatures - this is relevant to prevent Bleichenbacher signature forgery attacks.
+# The test data has been generated by signing a test file using `programs/pkey/rsa_sign` after making modifications
+# to `mbedtls_rsa_rsassa_pkcs1_v15_encode` to force the use of non-reduced encodings in different places as indicated in the respective tests.
+# See the documentation of `mbedtls_rsa_rsassa_pkcs1_v15_encode` for the layout of the relevant ASN.1 structure.
+# Correct signature with DER-compliant reduced length encodings
+RSA PKCS1 Verify v1.5 reduced length encoding
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":"10001":"5B56096ECADA4DAC299FD3D6091C1BE4D7C4210086E61ADA6FFC267A690034DAFB3734035880B9E71CEB0331C32C8DE1A254D777DFE3C848AC7764907602452EC16FD8EB3664E2E682DB3AA8979059BFADFE6192D9029844C8CAF310552717DD5B5B36A9910CFABE5C54AC16F3A3461DEE730060981BD9B47EE8D6644963B7CA":0
+
+# Non-reduced 1-byte length encoding in `DigestInfo` ASN.1 element
+RSA PKCS1 Verify v1.5 non-reduced length encoding #1
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":"10001":"2FCF7FC1B60B3C083872B1BD9C666745921951A8A9E099FD629675F620B670713519C4A97B870591B97FE5C5DB2FC2A0A3FCB0016536D1205AA32BA8BFCF54ABD542C02F7FCEA3C3531D7A87C82ED5B151A9599F1BDB070A905F5B721DE3C22F8AC35034C607920CE0699D7F79E5913915F3A01856B5D30F9E68F0CD7856D40F":MBEDTLS_ERR_RSA_VERIFY_FAILED
+
+# Non-reduced 2-byte length encoding for `digestAlgorithm` ASN.1 element
+RSA PKCS1 Verify v1.5 non-reduced length encoding #2
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":"10001":"3C27512A8FDC973D856C0F288BE27D00D54FC0B359C520DA73A05156D98CDD6A83E6657BFA81D7B9716EEDFD98C08CD82F399298782782AE341D9AABCBB6B5F9C6552DE1D8B93047E1135032653F4F65A8937352E903864E008429E049680E3AA80F5DE1C7408C403011CEF4A3ECA549C027C8954BFBCA21F2A41C3EB0278029":MBEDTLS_ERR_RSA_VERIFY_FAILED
+
+# Non-reduced 3-byte length encoding for optional parameters in `digestAlgorithm` ASN.1 element
+RSA PKCS1 Verify v1.5 non-reduced length encoding #3
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":"10001":"24BEB8502F24E0D11D9C10CEE4435EA972CEC93C23936E815ED2DF41BECEDDE889AF85BBEAF1B8C6928913AC523EA1D6653832E9D4E74F55B76771EA84F5A607342C341A14AB258019F38DBAEE4B967C8C8D26D6AF2583D32988471BA38751B6A67BA3D1147619C266A9AAC34244740BB59CD9DB3AFF19438B04C619AB719123":MBEDTLS_ERR_RSA_VERIFY_FAILED
+
+# Non-reduced 4-byte length encoding in `digest` ASN.1 element
+RSA PKCS1 Verify v1.5 non-reduced length encoding #4
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":"10001":"13172EF7362CF421103FE1893429FAE85F83636BA8AF545252599A39892E62CEC317DC47C1D6B19328B63CDFD02FA0B49CE7980504635251FF08C0A1308C64D6466DFBF1EF2BA49EFDD6C2C888A30870EC2DC0FA4D67FDE6631C85ED2CEF8EEBF5578C974CBA4A04034D9B579B420D6CA93E4BFC09E014542A0EFB902AF90C5E":MBEDTLS_ERR_RSA_VERIFY_FAILED
+
+# Non-reduced 3-byte length encoding for OID in `digestAlgorithm` ASN.1 element
+RSA PKCS1 Verify v1.5 non-reduced length encoding #5
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":"10001":"65DD518F63A2E289C035E9F2A9927BF5A6A74FF6FEFFF61AFCC52ED4A8A5B93534A3AD1709136306EE1379B47A4863BC6ED879E92CD6F99AA5B5F106102BDAE8DAFB15CF6EF00CB5FA63967706528DEE8876F3D04E8D75533009C73DA4C5744D20FFDB18EA78EE4D5D9D6F7BD3AFC2AD9A0EDDD56AA40AAEF789E6FB12AB6DE7":MBEDTLS_ERR_RSA_VERIFY_FAILED
+
+RSA PKCS1 Sign #1 (SHA512, 1536 bits RSA)
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:"c8c67df894c882045ede26a9008ab09ea0672077d7bc71d412511cd93981ddde8f91b967da404056c39f105f7f239abdaff92923859920f6299e82b95bd5b8c959948f4a035cbd693ad83014294d349813d1ad57911a6355d0731fe3a034e9db":"f15147d0e7c04a1e3f37adde802cdc610999bf7ab0088434aaeda0c0ab3910b14d2ce56cb66bffd97552195fae8b061077e03920814d8b9cfb5a3958b3a82c2a7fc97e55db5978b47a922156eb8a3e55c06a54a45d1670abdfb995489c4d0051":"bd429bb7c3b00bbea19ba664c0f8172d1a73c3cfa05e2ed656d570c1590918bb7e372ed25e2cd71395ba0a9b1a30f3ee012ffb0546cab8e3581fe3e23f44ab57a8aee9717e71a936a580fa8572d450fb00339a6f6704b717df0c149a465bab768c61500cd93b61113ff3e4389167f7b2c8e3c0da2d4765286bee555b0bcb4998f59b14fad03180a17c8b4f69bcd1234f4ae85950137665ac2ba80b55cc9b1aafb454b83771aa755acd2a00e93ddb65e696dbed8bdca69fb5e0c5c2097b9cfe4b":"3":"93b6fa99485c116ca6efdd4202ea1cf49f4c6345fae692584413743ce5b65510e8e4690aee9a19ea1ff10d57f22aa3548d839f28a8525a34354e9e58e0f3947e056ce2554e21bf287e220b98db3b551258cd42b495e5d1a3bbc83c9d1a02f2a300ef6d866ea75108e44ebb3e16b47df2f6de28feb2be3874dbbf21599451082d86e9f2f462575a8185c69aa1f1fcb6a363c5d71aeba2103449eaf3845285291148d5f78d1646b8dc95cbcc4082f987d948b0e7d4e80b60595f8a7517584e1643":0
+
+RSA PKCS1 Sign #1 Verify
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:"bd429bb7c3b00bbea19ba664c0f8172d1a73c3cfa05e2ed656d570c1590918bb7e372ed25e2cd71395ba0a9b1a30f3ee012ffb0546cab8e3581fe3e23f44ab57a8aee9717e71a936a580fa8572d450fb00339a6f6704b717df0c149a465bab768c61500cd93b61113ff3e4389167f7b2c8e3c0da2d4765286bee555b0bcb4998f59b14fad03180a17c8b4f69bcd1234f4ae85950137665ac2ba80b55cc9b1aafb454b83771aa755acd2a00e93ddb65e696dbed8bdca69fb5e0c5c2097b9cfe4b":"3":"93b6fa99485c116ca6efdd4202ea1cf49f4c6345fae692584413743ce5b65510e8e4690aee9a19ea1ff10d57f22aa3548d839f28a8525a34354e9e58e0f3947e056ce2554e21bf287e220b98db3b551258cd42b495e5d1a3bbc83c9d1a02f2a300ef6d866ea75108e44ebb3e16b47df2f6de28feb2be3874dbbf21599451082d86e9f2f462575a8185c69aa1f1fcb6a363c5d71aeba2103449eaf3845285291148d5f78d1646b8dc95cbcc4082f987d948b0e7d4e80b60595f8a7517584e1643":0
+
+RSA PKCS1 Sign #2 (SHA256, 2048 bits RSA)
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc7287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd762d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed":0
+
+RSA PKCS1 Sign #2 Verify
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc7287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd762d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed":0
+
+RSA PKCS1 Sign #2 Verify (Fail)
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc6287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd763d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed":MBEDTLS_ERR_RSA_VERIFY_FAILED
+
+RSA PKCS1 Sign #3 (SHA224, 2048 bits RSA)
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b":0
+
+RSA PKCS1 Sign #3 Verify
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b":0
+
+RSA PKCS1 Sign #4 (SHA384, 2048 bits RSA)
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8":0
+
+RSA PKCS1 Sign #4 Verify
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8":0
+
+RSA PKCS1 Sign #5 (MD2, 2048 bits RSA)
+depends_on:MBEDTLS_MD2_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD2:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"6cbb0e4019d64dd5cd2d48fa43446e5cba1a7edbb79d91b199be75c7d3e7ae0820c44d3a120cd2910f73cbb315e15963a60ea7da3452015d9d6beb5ac998fddbd1fa3e5908abc9151f3ffb70365aaee6fb0cd440d3f5591868fc136fae38ac7bcdb3bde3c6a0362dd8b814f7edadd4a51b2edf2227a40d1e34c29f608add7746731425858eb93661c633b7a90942fca3cd594ab4ec170052d44105643518020782e76235def34d014135bad8daed590200482325c3416c3d66417e80d9f9c6322a54683638247b577445ecd0be2765ce96c4ee45213204026dfba24d5ee89e1ea75538ba39f7149a5ac0fc12d7c53cbc12481d4a8e2d410ec633d800ad4b4304":0
+
+RSA PKCS1 Sign #5 Verify
+depends_on:MBEDTLS_MD2_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD2:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"6cbb0e4019d64dd5cd2d48fa43446e5cba1a7edbb79d91b199be75c7d3e7ae0820c44d3a120cd2910f73cbb315e15963a60ea7da3452015d9d6beb5ac998fddbd1fa3e5908abc9151f3ffb70365aaee6fb0cd440d3f5591868fc136fae38ac7bcdb3bde3c6a0362dd8b814f7edadd4a51b2edf2227a40d1e34c29f608add7746731425858eb93661c633b7a90942fca3cd594ab4ec170052d44105643518020782e76235def34d014135bad8daed590200482325c3416c3d66417e80d9f9c6322a54683638247b577445ecd0be2765ce96c4ee45213204026dfba24d5ee89e1ea75538ba39f7149a5ac0fc12d7c53cbc12481d4a8e2d410ec633d800ad4b4304":0
+
+RSA PKCS1 Sign #6 (MD4, 2048 bits RSA)
+depends_on:MBEDTLS_MD4_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD4:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"b0e60dc4dfaf0f636a3a4414eae2d7bce7c3ce505a46e38f3f654d8769b31b7891ba18f89672fce204bbac6e3764355e65447c087994731cd44f086710e79e8c3ebc6e2cb61edc5d3e05848ab733d95efe2d0252a691e810c17fa57fd2dd296374c9ba17fea704685677f45d668a386c8ca433fbbb56d3bbfb43a489ed9518b1c9ab13ce497a1cec91467453bfe533145a31a095c2de541255141768ccc6fdff3fc790b5050f1122c93c3044a9346947e1b23e8125bf7edbf38c64a4286dfc1b829e983db3117959a2559a8ef97687ab673e231be213d88edc632637b58cdb2d69c51fbf6bf894cff319216718b1e696f75cd4366f53dc2e28b2a00017984207":0
+
+RSA PKCS1 Sign #6 Verify
+depends_on:MBEDTLS_MD4_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD4:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"b0e60dc4dfaf0f636a3a4414eae2d7bce7c3ce505a46e38f3f654d8769b31b7891ba18f89672fce204bbac6e3764355e65447c087994731cd44f086710e79e8c3ebc6e2cb61edc5d3e05848ab733d95efe2d0252a691e810c17fa57fd2dd296374c9ba17fea704685677f45d668a386c8ca433fbbb56d3bbfb43a489ed9518b1c9ab13ce497a1cec91467453bfe533145a31a095c2de541255141768ccc6fdff3fc790b5050f1122c93c3044a9346947e1b23e8125bf7edbf38c64a4286dfc1b829e983db3117959a2559a8ef97687ab673e231be213d88edc632637b58cdb2d69c51fbf6bf894cff319216718b1e696f75cd4366f53dc2e28b2a00017984207":0
+
+RSA PKCS1 Sign #7 (MD5, 2048 bits RSA)
+depends_on:MBEDTLS_MD5_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD5:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":0
+
+RSA PKCS1 Sign #7 Verify
+depends_on:MBEDTLS_MD5_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD5:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":0
+
+RSA PKCS1 Sign #8 (RAW, 2048 bits RSA)
+depends_on:MBEDTLS_PKCS1_V15
+rsa_pkcs1_sign_raw:"1234567890deadbeef":MBEDTLS_RSA_PKCS_V15:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8"
+
+RSA PKCS1 Sign #8 Verify
+depends_on:MBEDTLS_PKCS1_V15
+rsa_pkcs1_verify_raw:"1234567890deadbeef":MBEDTLS_RSA_PKCS_V15:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":0
+
+RSA PKCS1 Sign #8 Verify (Wrong raw hash)
+depends_on:MBEDTLS_PKCS1_V15
+rsa_pkcs1_verify_raw:"1234567890deadcafe":MBEDTLS_RSA_PKCS_V15:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_VERIFY_FAILED
+
+RSA PKCS1 Sign #9 (Invalid Digest type)
+depends_on:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:255:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSA PKCS1 Sign #9 Verify (Invalid Digest type)
+depends_on:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:255:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSA PKCS1 Sign #10 (RIPEMD160, 2048 bits RSA)
+depends_on:MBEDTLS_RIPEMD160_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_sign:"616263":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_RIPEMD160:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"aa2d9f88334d61bed74317ba549b1463600a9219801240cca5c11b9cdda29373172a28151313fb2cf73bb68af167e4ec645b6f065028802afbcfbc10e6c2c824e3c4d50c7181193b93734832170f0c5d3dd9ba5808f0e2a5c16b3d0df90defefef8e8fde5906962d42a2f0d62d7f81977f367f436f10c8b1183ccf6676953f7219445938f725d0cb62efbabf092de531642863b381e2694f2bf544ff6a4fefa7b37cdbf6292dbedcacf6e57d6f206ce5df0fd2771f9f64818f59a0ab7a5f003b368dc3eb51ab9409a0ec4e43f45281ee9a560664de88965ab207e256303d9dcb8233ed6ad0a5ad7f81e2f8c7a196dc81e2c8b6dde8a77fb6cfd1e5477ece9df8":0
+
+RSA PKCS1 Verify #10 (RIPEMD160, 2048 bits RSA)
+depends_on:MBEDTLS_RIPEMD160_C:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_verify:"616263":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_RIPEMD160:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"aa2d9f88334d61bed74317ba549b1463600a9219801240cca5c11b9cdda29373172a28151313fb2cf73bb68af167e4ec645b6f065028802afbcfbc10e6c2c824e3c4d50c7181193b93734832170f0c5d3dd9ba5808f0e2a5c16b3d0df90defefef8e8fde5906962d42a2f0d62d7f81977f367f436f10c8b1183ccf6676953f7219445938f725d0cb62efbabf092de531642863b381e2694f2bf544ff6a4fefa7b37cdbf6292dbedcacf6e57d6f206ce5df0fd2771f9f64818f59a0ab7a5f003b368dc3eb51ab9409a0ec4e43f45281ee9a560664de88965ab207e256303d9dcb8233ed6ad0a5ad7f81e2f8c7a196dc81e2c8b6dde8a77fb6cfd1e5477ece9df8":0
+
+RSA PKCS1 Encrypt #1
+depends_on:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_encrypt:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_RSA_PKCS_V15:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"b0c0b193ba4a5b4502bfacd1a9c2697da5510f3e3ab7274cf404418afd2c62c89b98d83bbc21c8c1bf1afe6d8bf40425e053e9c03e03a3be0edbe1eda073fade1cc286cc0305a493d98fe795634c3cad7feb513edb742d66d910c87d07f6b0055c3488bb262b5fd1ce8747af64801fb39d2d3a3e57086ffe55ab8d0a2ca86975629a0f85767a4990c532a7c2dab1647997ebb234d0b28a0008bfebfc905e7ba5b30b60566a5e0190417465efdbf549934b8f0c5c9f36b7c5b6373a47ae553ced0608a161b1b70dfa509375cf7a3598223a6d7b7a1d1a06ac74d345a9bb7c0e44c8388858a4f1d8115f2bd769ffa69020385fa286302c80e950f9e2751308666c":0
+
+RSA PKCS1 Decrypt #1 (Verify)
+depends_on:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_decrypt:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_RSA_PKCS_V15:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":32:"4E636AF98E40F3ADCFCCB698F4E80B9F":0
+
+RSA PKCS1 Encrypt #2 (Data too large)
+depends_on:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_encrypt:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":MBEDTLS_RSA_PKCS_V15:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSA PKCS1 Decrypt #2 (Data too small)
+depends_on:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_decrypt:"deadbeafcafedeadbeeffedcba9876":MBEDTLS_RSA_PKCS_V15:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":32:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+RSA PKCS1 Decrypt #4 (Output buffer too small)
+depends_on:MBEDTLS_PKCS1_V15
+mbedtls_rsa_pkcs1_decrypt:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_RSA_PKCS_V15:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":15:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE
+
+RSA Check empty private key
+rsa_check_privkey_null:
+
+RSA Check Private key #1 (Correct)
+mbedtls_rsa_check_privkey:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":0
+
+RSA Check Private key #2 (No P)
+mbedtls_rsa_check_privkey:2048:"":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Check Private key #3 (No Q)
+mbedtls_rsa_check_privkey:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Check Private key #4 (No N)
+mbedtls_rsa_check_privkey:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Check Private key #5 (No E)
+mbedtls_rsa_check_privkey:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Check Private key #6 (No D)
+mbedtls_rsa_check_privkey:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Check Private key #7 (No DP)
+depends_on:!MBEDTLS_RSA_NO_CRT
+mbedtls_rsa_check_privkey:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Check Private key #8 (No DQ)
+depends_on:!MBEDTLS_RSA_NO_CRT
+mbedtls_rsa_check_privkey:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Check Private key #9 (No QP)
+depends_on:!MBEDTLS_RSA_NO_CRT
+mbedtls_rsa_check_privkey:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Check Private key #10 (Incorrect)
+mbedtls_rsa_check_privkey:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCC":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Check Public key #1 (Correct)
+mbedtls_rsa_check_pubkey:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":0
+
+RSA Check Public key #2 (Even N)
+mbedtls_rsa_check_pubkey:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a20340":"3":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Check Public key #3 (Even E)
+mbedtls_rsa_check_pubkey:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a20340":"65536":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Check Public key #4 (N exactly 128 bits)
+mbedtls_rsa_check_pubkey:"fedcba9876543210deadbeefcafe4321":"3":0
+
+RSA Check Public key #5 (N smaller than 128 bits)
+mbedtls_rsa_check_pubkey:"7edcba9876543210deadbeefcafe4321":"3":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Check Public key #6 (N exactly 8192 bits)
+depends_on:MBEDTLS_MPI_MAX_SIZE>=1024
+mbedtls_rsa_check_pubkey:"88F48075BF29E95C1C6AE8716678B74E957B69CC2E49708C160C6343AAD2F076D25397ACE74220311ED18AEEB681F463611B3340C3945CAAEAD3ACC616E08A25A55683A32979BD55EA5DAB7630AF393886896F11DDC5F07E15EDF949324CF0F0B2A5C0E85DFA23167193182D1A43079DC8645F6C2C029629F475575802F7D326DE5BD891A9C5F84A433D45154181EC05685A4B368A5B6434775A00ABC6B0A04647D4598CEEE566B552230F691C98CA30B402A76C686A94B373CCD2F60EFA3878A867BB5F585D088E27C507937262D098A477B9218BE7C03B2E4C102D244CA701645F1827CD947E5E796446378B848862E689F0D1773F752056841A1F0EECE7CAB74921A42DBF2EF264ADCF4ABE05A1242E5F629A657A2D67958A2DAC9A2245074A37099B45064723ABE21241058252632C2BA6FE85AB1C75FF310891B84C9C40AB646FE1D90BC716FB3A4B56DA3EA25CA397C04B994F7C6AD1DD0CB9E994CA6B835F7830F4F4E0F976BBEA5AE8556BC7C90B3E50E21C19AD1F6BC4A8FF15F2909D9CC5F3DA533BADFF50F487869D631C3E34D69636B4C25A55127EF5B715F2FC0565734B38DF996D1970E56F7F64EBECB9D00A587AAEC608F2D3AAA51E66BF53E92C3096BF78D1DCBCE1A645FA4F0542E6F68E5A94AAA6E839F75620FABED5D2BCF40AB8EAF95F838BFA962429F281578882DF0F2721C27C8905C9E776B1D3251FC066A8BC64C0CE7FBA2B8E21F65EF6739AB6F19EC2AB07817DFF03DAB7C846AB5CC86C103642D7664A85DC2D846A8004CD6A144C72CCCAC86DB5901A047324927B80E281F5F7315FA2F9083BDE0DB7AA46DC055E36BB73FB6DBD3A14759D06CBBE8D57CBC213C4D55DE4478679E0A5902C8655BE1391C0E88D2B1FBD57E9232A2CEBC67569ECD94E4BF0FCC6C003F9AA51A2A5E6EE084A46DAE65E52400A727F9713D29E92CD6CA37FD599598B3F677624A2A484A8B36B98EFEAD662C0A23BC1D9280EF2A31F887065EB20A93B41F7A264ECFA65B3555F3E400927018186EAA2D4F00C6B7AB1BCED5F893D64478177592C7F2B945307AB474D7EC7FF2E7E55834CC763BEF81DA9BD70FB3D423AE5ADB86B336734C8A3BEC90CEB05438B5BA030D0D30DEC1442D2EB08450480FBAE090FFA1A5ADD748A415BDCDE45094E792420F0AF94BCA0A80A2096D1A478D3428A214A7E68C0F07F58C6FB232ECC3D8B821AE29AE76E13EB751193F6ECA670016D54F3D796937DDBB8900062EF116CCA3F5B3AECA618272875336C9C050FBC0FC7EDD5B88D85DA0061D21E176E1419CF573629BE7B0496E761EAD45FE32B59EB00D47CDD178AC8F8EC8D6F26DED34F7576CD938422E18E936F16A704B483A48EE3BEA59D95F688136119894930EC8E9282E5974740CF031DF8DBB07EB08F2DA0ACCADECE15A6A57502890F4A03740E60BD":"010001":0
+
+RSA Check Public key #7 (N larger than 8192 bits)
+mbedtls_rsa_check_pubkey:"01631CD83F3F2D67FA52E13B44416EA65043A322ECD65467558EACD4C6B6D92DA7471D2DBD58E6921F9465C4900E92DFC6EB35C90637285A7E1F3D27C1C32FD6A5CB324D8253C6B2E480B63F66E3B09F4300C3E683011C7803BDEAD682F0F55473FC8A187734573A11ECDCE802022F539BC2074E94703C23E48FF8AE35702352E70AF921B42E6A143A3EFEE20DF77A97AA703AA271CE96EB78062452D87A4ADCACF83FFB9683818BF2ED234D0ECFB1B935827708050C4D007215D7A028152798045AF6A0B741A7B22F3FCCEBC26D285B9AA22CEF858858702BAE7D945FA0C45E2D8AADFF2FD0A64DF02C241F871C799AD73738E626D9A6D4BFFBCE000C4087F0CE74EF21526402FDCD07649175122697FD01041B84AD0A3FEDABD5C25E953686B2272F8C8B748A486F54CB767A1C79CA499B2C9A300AC8A214A0BFA06280A9235D5B7AFB8A76FFDD78FC72038C5B809569A6125D6A588684A16D222EF93F2469EA78948037957DE9B449AB722044FDFF3B6AC89367D72F0CF3ED1F85EDFD0DE3EEEDD39F6EFD68A0368F83B389B7A7B9C7713F4148F53E82CDF6D9CC002A3A16F1E6A1D78C48CE7849584164661664153A499ACAE5927728B2F1A2E911648676DF316DFCBF5E44F393B7B296A4A21ED59744E3855FCD4A21F2B42CFE5C52860B244D467103107E3DC40A82077269897528CCBF80B2F216A535C52A6A2643E64B53276A1B63348038706328FE369AE2409568160481C07A3ED5B0198EC6CC07F8F250B1DE0D97110F834AA3D1C0862FB719393EA08D530225CE0647FD5488F483FA065196D1160FAFA54CD3FF63B6ADDBE84D09F3CFF98F22CC71DE2FC19735126C3BBA9A2C293D1DB118F0512C144C1C616492BE0D19BFD245955840F640EBE6FCFF2830C683852046F36C3CDA4F4460ABA4B2FEEB700C9DD80418C42673858CDD11E70682D5A41ED7D8010EC7DD5B57B4E206F84DB8A430B246002FEA49AFF45940B1F18AE28863F5AA41D3B42ABCD3D1BAB7644B86E060865997E1BA23A768F233D8A859332F8B9D5D1633F9C462328C17E2B07D6DFD813C94D675873592E5CBB001C112A790B10B9F9E07BE105C4FD328C7E3887C3EF13E8ECE6106B73A3341AF200D8663BDF96FFDB6F794FBB04D976B87423A868882F15CAE8DC9F6CAF4917EFC844E74BAD48F21E34530CB4E20006444706FC95658735553CA99E18F0E820D78DEF8FB84034B10CE44B1AE36B50147558415E5E78A77E2FC7C8C580B54CCC40EE3904C04950846A6D51BF5C80E0B6E2ADC4989DA1D3DD01F99AA369C2E6B53394BA0CB5E6E811BFA004A5B3B3C34C60433AB5EB0EC8050246B9AF10B49EAA51487CCE0C4C8F4CDAF926D582D7E4924C33765E00AC952A38669150EA322CDF886B46DE4D0970A060B670D50C9BF3D2020B529838E192EF92BFE2F06FDF1D5":"010001":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Check Public key #8 (E exactly 2 bits)
+mbedtls_rsa_check_pubkey:"fedcba9876543210deadbeefcafe4321":"3":0
+
+RSA Check Public key #8 (E exactly 1 bits)
+mbedtls_rsa_check_pubkey:"fedcba9876543210deadbeefcafe4321":"1":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Check Public key #8 (E exactly 64 bits)
+mbedtls_rsa_check_pubkey:"fedcba9876543210deadbeefcafe4321":"00fedcba9876543213":0
+
+RSA Check Public key #8 (E larger than 64 bits)
+mbedtls_rsa_check_pubkey:"fedcba9876543210deadbeefcafe4321":"01fedcba9876543213":0
+
+RSA Check Public key #9 (E has size N-2)
+mbedtls_rsa_check_pubkey:"00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034d":0
+
+RSA Check Public key #10 (E has size N)
+mbedtls_rsa_check_pubkey:"00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Check Public-Private key #1 (Correct)
+rsa_check_pubpriv:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":0
+
+RSA Check Public-Private key #2 (Public no N)
+rsa_check_pubpriv:2048:"":"3":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Check Public-Private key #3 (Private no N)
+rsa_check_pubpriv:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Check Public-Private key #4 (N mismatch)
+rsa_check_pubpriv:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034e":"3":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Check Public-Private key #5 (E mismatch)
+rsa_check_pubpriv:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"17":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Private (Correct)
+mbedtls_rsa_private:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f8700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"48ce62658d82be10737bd5d3579aed15bc82617e6758ba862eeb12d049d7bacaf2f62fce8bf6e980763d1951f7f0eae3a493df9890d249314b39d00d6ef791de0daebf2c50f46e54aeb63a89113defe85de6dbe77642aae9f2eceb420f3a47a56355396e728917f17876bb829fabcaeef8bf7ef6de2ff9e84e6108ea2e52bbb62b7b288efa0a3835175b8b08fac56f7396eceb1c692d419ecb79d80aef5bc08a75d89de9f2b2d411d881c0e3ffad24c311a19029d210d3d3534f1b626f982ea322b4d1cfba476860ef20d4f672f38c371084b5301b429b747ea051a619e4430e0dac33c12f9ee41ca4d81a4f6da3e495aa8524574bdc60d290dd1f7a62e90a67":0
+
+RSA Private (Data larger than N)
+mbedtls_rsa_private:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+RSA Private (Data = 0 )
+mbedtls_rsa_private:"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":0
+
+RSA Public (Correct)
+mbedtls_rsa_public:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f8700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"1f5e927c13ff231090b0f18c8c3526428ed0f4a7561457ee5afe4d22d5d9220c34ef5b9a34d0c07f7248a1f3d57f95d10f7936b3063e40660b3a7ca3e73608b013f85a6e778ac7c60d576e9d9c0c5a79ad84ceea74e4722eb3553bdb0c2d7783dac050520cb27ca73478b509873cb0dcbd1d51dd8fccb96c29ad314f36d67cc57835d92d94defa0399feb095fd41b9f0b2be10f6041079ed4290040449f8a79aba50b0a1f8cf83c9fb8772b0686ec1b29cb1814bb06f9c024857db54d395a8da9a2c6f9f53b94bec612a0cb306a3eaa9fc80992e85d9d232e37a50cabe48c9343f039601ff7d95d60025e582aec475d031888310e8ec3833b394a5cf0599101e":0
+
+RSA Public (Data larger than N)
+mbedtls_rsa_public:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PUBLIC_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+RSA Public (Data = 0)
+mbedtls_rsa_public:"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":0
+
+RSA Generate Key - 128bit key
+mbedtls_rsa_gen_key:128:3:0
+
+RSA Generate Key (Number of bits too small)
+mbedtls_rsa_gen_key:127:3:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSA Generate Key (Exponent too small)
+mbedtls_rsa_gen_key:128:2:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSA Generate Key - 1024 bit key
+mbedtls_rsa_gen_key:1024:3:0
+
+RSA Generate Key - 2048 bit key
+mbedtls_rsa_gen_key:2048:3:0
+
+RSA Generate Key - 1025 bit key
+# mbedtls_rsa_gen_key only supports even-sized keys
+mbedtls_rsa_gen_key:1025:3:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSA Validate Params, toy example
+mbedtls_rsa_validate_params:"f":"3":"5":"3":"3":0:0
+
+RSA Validate Params, toy example, N missing
+mbedtls_rsa_validate_params:"":"3":"5":"3":"3":0:0
+
+RSA Validate Params, toy example, E missing
+mbedtls_rsa_validate_params:"f":"3":"5":"3":"":0:0
+
+RSA Validate Params, toy example, corrupted
+mbedtls_rsa_validate_params:"10":"3":"5":"3":"3":0:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Validate Params, toy example, non-primes, no PRNG
+mbedtls_rsa_validate_params:"2d":"9":"5":"7":"17":0:0
+
+RSA Validate Params, toy example, non-primes, PRNG
+mbedtls_rsa_validate_params:"2d":"9":"5":"7":"17":1:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Validate Params
+mbedtls_rsa_validate_params:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":0:0
+
+RSA Validate Params, N missing
+mbedtls_rsa_validate_params:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":0:0
+
+RSA Validate Params, bad N
+mbedtls_rsa_validate_params:"b38bc65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":0:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Validate Params, non-prime, no PRNG
+mbedtls_rsa_validate_params:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd18":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"":0:0
+
+RSA Validate Params, non-prime, PRNG
+mbedtls_rsa_validate_params:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd18":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"":1:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+
+RSA Deduce Private, toy example
+mbedtls_rsa_deduce_private_exponent:"7":"b":"7":"d":0:0
+
+RSA Deduce Private, toy example, corrupted
+mbedtls_rsa_deduce_private_exponent:"3":"5":"3":"3":1:MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+
+RSA Deduce Private
+mbedtls_rsa_deduce_private_exponent:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":0:0
+
+RSA Deduce Private, corrupted
+mbedtls_rsa_deduce_private_exponent:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":1:MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+
+RSA Deduce Primes, toy example
+mbedtls_rsa_deduce_primes:"23":"5":"5":"5":"7":0:0
+
+RSA Deduce Primes, toy example, corrupted
+mbedtls_rsa_deduce_primes:"23":"5":"5":"5":"7":1:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+RSA Deduce Moduli
+mbedtls_rsa_deduce_primes:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":0:0
+
+RSA Deduce Moduli, corrupted
+mbedtls_rsa_deduce_primes:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":1:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+RSA Import (N,P,Q,D,E)
+mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":0:1:0:0
+
+RSA Import (N,P,Q,D,E), inconsistent
+mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC3672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":0:1:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED:0
+
+RSA Import (N,P,Q,D,E), successive
+mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":1:1:0:0
+
+RSA Import (N,P,Q,D,E), successive, inconsistent
+mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC3672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":1:1:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED:0
+
+RSA Import (-,P,Q,D,E)
+mbedtls_rsa_import:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":0:1:0:0
+
+RSA Import (-,P,Q,D,E), successive
+mbedtls_rsa_import:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":1:1:0:0
+
+RSA Import (N,-,-,D,E)
+mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":0:1:0:0
+
+RSA Import (N,-,-,D,E), successive
+mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":1:1:0:0
+
+RSA Import (N,P,Q,-,E)
+mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"3":0:1:0:0
+
+RSA Import (N,P,Q,-,E), successive
+mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"3":1:1:0:0
+
+RSA Import (-,P,Q,-,E)
+mbedtls_rsa_import:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"3":0:1:0:0
+
+RSA Import (-,P,Q,-,E), successive
+mbedtls_rsa_import:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"3":1:1:0:0
+
+RSA Import (N,-,Q,-,E)
+mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"3":0:1:0:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSA Import (N,-,Q,-,E), successive
+mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"3":1:1:0:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSA Import (N,-,-,-,E), complete public key
+mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"":"3":0:0:0:0
+
+RSA Import (N,-,-,-,E), complete public key, successive
+mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"":"3":1:0:0:0
+
+RSA Import (N,-,-,-,E), complete public key, corrupted
+mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"":"4":0:0:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED:0
+
+RSA Import (N,-,-,-,E), complete public key, successive, corrupted
+mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"":"4":1:0:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED:0
+
+RSA Import Raw (N,P,Q,D,E), complete private key
+mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":0:1:0:0
+
+RSA Import Raw (N,P,Q,D,E), successive
+mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:1:0:0
+
+RSA Import Raw (-,P,Q,D,E)
+mbedtls_rsa_import_raw:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":0:1:0:0
+
+RSA Import Raw (-,P,Q,D,E), successive
+mbedtls_rsa_import_raw:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:1:0:0
+
+RSA Import Raw (N,-,-,D,E)
+mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":0:1:0:0
+
+RSA Import Raw (N,-,-,D,E), successive
+mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:1:0:0
+
+RSA Import Raw (N,P,Q,-,E)
+mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"03":0:1:0:0
+
+RSA Import Raw (N,P,Q,-,E), successive
+mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"03":1:1:0:0
+
+RSA Import Raw (-,P,Q,-,E)
+mbedtls_rsa_import_raw:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"03":0:1:0:0
+
+RSA Import Raw (-,P,Q,-,E), successive
+mbedtls_rsa_import_raw:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"03":1:1:0:0
+
+RSA Import Raw (N,-,Q,-,E)
+mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"03":0:1:0:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSA Import Raw (N,-,Q,-,E), successive
+mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"03":1:1:0:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSA Import Raw (N,-,-,-,E)
+mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"":"03":0:0:0:0
+
+RSA Import Raw (N,-,-,-,E), successive
+mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"":"03":1:0:0:0
+
+RSA Import Raw (-,-,-,-,-)
+mbedtls_rsa_import_raw:"":"":"":"":"":0:0:0:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+
+RSA Export (N,P,Q,D,E)
+mbedtls_rsa_export:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":1:0
+
+RSA Export (N,P,Q,D,E), successive
+mbedtls_rsa_export:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":1:1
+
+RSA Export (N,-,-,D,E)
+mbedtls_rsa_export:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":1:0
+
+RSA Export (N,-,-,D,E), successive
+mbedtls_rsa_export:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":1:1
+
+RSA Export (N,P,Q,-,E)
+mbedtls_rsa_export:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"3":1:0
+
+RSA Export (N,P,Q,-,E), successive
+mbedtls_rsa_export:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"3":1:1
+
+RSA Export (N,-,-,-,E)
+mbedtls_rsa_export:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"":"3":0:0
+
+RSA Export Raw (N,P,Q,D,E)
+mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:0
+
+RSA Export Raw (N,P,Q,D,E), successive
+mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:1
+
+RSA Export Raw (N,-,-,D,E)
+mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:0
+
+RSA Export Raw (N,-,-,D,E), successive
+mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:1
+
+RSA Export Raw (N,P,Q,-,E)
+mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"03":1:0
+
+RSA Export Raw (N,P,Q,-,E), successive
+mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"03":1:1
+
+RSA Export Raw (N,-,-,-,E)
+mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"":"03":0:0
+
+RSA PKCS1 Encrypt Bad RNG
+depends_on:MBEDTLS_PKCS1_V15
+rsa_pkcs1_encrypt_bad_rng:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_RSA_PKCS_V15:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_ERR_RSA_RNG_FAILED
+
+RSA Selftest
+depends_on:MBEDTLS_SELF_TEST
+rsa_selftest:
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_rsa.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_rsa.function
new file mode 100644
index 0000000..fa7fa95
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_rsa.function
@@ -0,0 +1,1831 @@
+/* BEGIN_HEADER */
+#include "mbedtls/rsa.h"
+#include "mbedtls/rsa_internal.h"
+#include "mbedtls/md2.h"
+#include "mbedtls/md4.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void rsa_invalid_param()
+{
+    mbedtls_rsa_context ctx;
+    const int valid_padding = MBEDTLS_RSA_PKCS_V21;
+    const int invalid_padding = 42;
+    const int valid_mode = MBEDTLS_RSA_PRIVATE;
+    const int invalid_mode = 42;
+    unsigned char buf[42] = { 0 };
+    size_t olen;
+
+    TEST_INVALID_PARAM(mbedtls_rsa_init(NULL, valid_padding, 0));
+    TEST_INVALID_PARAM(mbedtls_rsa_init(&ctx, invalid_padding, 0));
+    TEST_VALID_PARAM(mbedtls_rsa_free(NULL));
+
+    /* No more variants because only the first argument must be non-NULL. */
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_import(NULL, NULL, NULL,
+                                              NULL, NULL, NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_import_raw(NULL,
+                                                  NULL, 0,
+                                                  NULL, 0,
+                                                  NULL, 0,
+                                                  NULL, 0,
+                                                  NULL, 0));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_complete(NULL));
+
+    /* No more variants because only the first argument must be non-NULL. */
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_export(NULL, NULL, NULL,
+                                              NULL, NULL, NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_export_raw(NULL,
+                                                  NULL, 0,
+                                                  NULL, 0,
+                                                  NULL, 0,
+                                                  NULL, 0,
+                                                  NULL, 0));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_export_crt(NULL, NULL, NULL, NULL));
+
+    TEST_INVALID_PARAM(mbedtls_rsa_set_padding(NULL,
+                                               valid_padding, 0));
+    TEST_INVALID_PARAM(mbedtls_rsa_set_padding(&ctx,
+                                               invalid_padding, 0));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_gen_key(NULL,
+                                               mbedtls_test_rnd_std_rand,
+                                               NULL, 0, 0));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_gen_key(&ctx, NULL,
+                                               NULL, 0, 0));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_check_pubkey(NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_check_privkey(NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_check_pub_priv(NULL, &ctx));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_check_pub_priv(&ctx, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_public(NULL, buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_public(&ctx, NULL, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_public(&ctx, buf, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_private(NULL, NULL, NULL,
+                                               buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_private(&ctx, NULL, NULL,
+                                               NULL, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_private(&ctx, NULL, NULL,
+                                               buf, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_pkcs1_encrypt(NULL, NULL, NULL,
+                                                     valid_mode,
+                                                     sizeof(buf), buf,
+                                                     buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_pkcs1_encrypt(&ctx, NULL, NULL,
+                                                     invalid_mode,
+                                                     sizeof(buf), buf,
+                                                     buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_pkcs1_encrypt(&ctx, NULL, NULL,
+                                                     valid_mode,
+                                                     sizeof(buf), NULL,
+                                                     buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_pkcs1_encrypt(&ctx, NULL, NULL,
+                                                     valid_mode,
+                                                     sizeof(buf), buf,
+                                                     NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsaes_pkcs1_v15_encrypt(NULL, NULL,
+                                                               NULL,
+                                                               valid_mode,
+                                                               sizeof(buf), buf,
+                                                               buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsaes_pkcs1_v15_encrypt(&ctx, NULL,
+                                                               NULL,
+                                                               invalid_mode,
+                                                               sizeof(buf), buf,
+                                                               buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsaes_pkcs1_v15_encrypt(&ctx, NULL,
+                                                               NULL,
+                                                               valid_mode,
+                                                               sizeof(buf), NULL,
+                                                               buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsaes_pkcs1_v15_encrypt(&ctx, NULL,
+                                                               NULL,
+                                                               valid_mode,
+                                                               sizeof(buf), buf,
+                                                               NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsaes_oaep_encrypt(NULL, NULL, NULL,
+                                                          valid_mode,
+                                                          buf, sizeof(buf),
+                                                          sizeof(buf), buf,
+                                                          buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsaes_oaep_encrypt(&ctx, NULL, NULL,
+                                                          invalid_mode,
+                                                          buf, sizeof(buf),
+                                                          sizeof(buf), buf,
+                                                          buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsaes_oaep_encrypt(&ctx, NULL, NULL,
+                                                          valid_mode,
+                                                          NULL, sizeof(buf),
+                                                          sizeof(buf), buf,
+                                                          buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsaes_oaep_encrypt(&ctx, NULL, NULL,
+                                                          valid_mode,
+                                                          buf, sizeof(buf),
+                                                          sizeof(buf), NULL,
+                                                          buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsaes_oaep_encrypt(&ctx, NULL, NULL,
+                                                          valid_mode,
+                                                          buf, sizeof(buf),
+                                                          sizeof(buf), buf,
+                                                          NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_pkcs1_decrypt(NULL, NULL, NULL,
+                                                     valid_mode, &olen,
+                                                     buf, buf, 42));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_pkcs1_decrypt(&ctx, NULL, NULL,
+                                                     invalid_mode, &olen,
+                                                     buf, buf, 42));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_pkcs1_decrypt(&ctx, NULL, NULL,
+                                                     valid_mode, NULL,
+                                                     buf, buf, 42));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_pkcs1_decrypt(&ctx, NULL, NULL,
+                                                     valid_mode, &olen,
+                                                     NULL, buf, 42));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_pkcs1_decrypt(&ctx, NULL, NULL,
+                                                     valid_mode, &olen,
+                                                     buf, NULL, 42));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsaes_pkcs1_v15_decrypt(NULL, NULL,
+                                                               NULL,
+                                                               valid_mode, &olen,
+                                                               buf, buf, 42));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsaes_pkcs1_v15_decrypt(&ctx, NULL,
+                                                               NULL,
+                                                               invalid_mode, &olen,
+                                                               buf, buf, 42));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsaes_pkcs1_v15_decrypt(&ctx, NULL,
+                                                               NULL,
+                                                               valid_mode, NULL,
+                                                               buf, buf, 42));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsaes_pkcs1_v15_decrypt(&ctx, NULL,
+                                                               NULL,
+                                                               valid_mode, &olen,
+                                                               NULL, buf, 42));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsaes_pkcs1_v15_decrypt(&ctx, NULL,
+                                                               NULL,
+                                                               valid_mode, &olen,
+                                                               buf, NULL, 42));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsaes_oaep_decrypt(NULL, NULL, NULL,
+                                                          valid_mode,
+                                                          buf, sizeof(buf),
+                                                          &olen,
+                                                          buf, buf, 42));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsaes_oaep_decrypt(&ctx, NULL, NULL,
+                                                          invalid_mode,
+                                                          buf, sizeof(buf),
+                                                          &olen,
+                                                          buf, buf, 42));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsaes_oaep_decrypt(&ctx, NULL, NULL,
+                                                          valid_mode,
+                                                          NULL, sizeof(buf),
+                                                          NULL,
+                                                          buf, buf, 42));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsaes_oaep_decrypt(&ctx, NULL, NULL,
+                                                          valid_mode,
+                                                          buf, sizeof(buf),
+                                                          &olen,
+                                                          NULL, buf, 42));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsaes_oaep_decrypt(&ctx, NULL, NULL,
+                                                          valid_mode,
+                                                          buf, sizeof(buf),
+                                                          &olen,
+                                                          buf, NULL, 42));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_pkcs1_sign(NULL, NULL, NULL,
+                                                  valid_mode,
+                                                  0, sizeof(buf), buf,
+                                                  buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_pkcs1_sign(&ctx, NULL, NULL,
+                                                  invalid_mode,
+                                                  0, sizeof(buf), buf,
+                                                  buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_pkcs1_sign(&ctx, NULL, NULL,
+                                                  valid_mode,
+                                                  0, sizeof(buf), NULL,
+                                                  buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_pkcs1_sign(&ctx, NULL, NULL,
+                                                  valid_mode,
+                                                  0, sizeof(buf), buf,
+                                                  NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_pkcs1_sign(&ctx, NULL, NULL,
+                                                  valid_mode,
+                                                  MBEDTLS_MD_SHA1,
+                                                  0, NULL,
+                                                  buf));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pkcs1_v15_sign(NULL, NULL, NULL,
+                                                             valid_mode,
+                                                             0, sizeof(buf), buf,
+                                                             buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pkcs1_v15_sign(&ctx, NULL, NULL,
+                                                             invalid_mode,
+                                                             0, sizeof(buf), buf,
+                                                             buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pkcs1_v15_sign(&ctx, NULL, NULL,
+                                                             valid_mode,
+                                                             0, sizeof(buf), NULL,
+                                                             buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pkcs1_v15_sign(&ctx, NULL, NULL,
+                                                             valid_mode,
+                                                             0, sizeof(buf), buf,
+                                                             NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pkcs1_v15_sign(&ctx, NULL, NULL,
+                                                             valid_mode,
+                                                             MBEDTLS_MD_SHA1,
+                                                             0, NULL,
+                                                             buf));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pss_sign(NULL, NULL, NULL,
+                                                       valid_mode,
+                                                       0, sizeof(buf), buf,
+                                                       buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pss_sign(&ctx, NULL, NULL,
+                                                       invalid_mode,
+                                                       0, sizeof(buf), buf,
+                                                       buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pss_sign(&ctx, NULL, NULL,
+                                                       valid_mode,
+                                                       0, sizeof(buf), NULL,
+                                                       buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pss_sign(&ctx, NULL, NULL,
+                                                       valid_mode,
+                                                       0, sizeof(buf), buf,
+                                                       NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pss_sign(&ctx, NULL, NULL,
+                                                       valid_mode,
+                                                       MBEDTLS_MD_SHA1,
+                                                       0, NULL,
+                                                       buf));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pss_sign_ext(NULL, NULL, NULL,
+                                                           0, sizeof(buf), buf,
+                                                           MBEDTLS_RSA_SALT_LEN_ANY,
+                                                           buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pss_sign_ext(&ctx, NULL, NULL,
+                                                           0, sizeof(buf), NULL,
+                                                           MBEDTLS_RSA_SALT_LEN_ANY,
+                                                           buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pss_sign_ext(&ctx, NULL, NULL,
+                                                           0, sizeof(buf), buf,
+                                                           MBEDTLS_RSA_SALT_LEN_ANY,
+                                                           NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pss_sign_ext(&ctx, NULL, NULL,
+                                                           MBEDTLS_MD_SHA1,
+                                                           0, NULL,
+                                                           MBEDTLS_RSA_SALT_LEN_ANY,
+                                                           buf));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_pkcs1_verify(NULL, NULL, NULL,
+                                                    valid_mode,
+                                                    0, sizeof(buf), buf,
+                                                    buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL,
+                                                    invalid_mode,
+                                                    0, sizeof(buf), buf,
+                                                    buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL,
+                                                    valid_mode,
+                                                    0, sizeof(buf), NULL,
+                                                    buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL,
+                                                    valid_mode,
+                                                    0, sizeof(buf), buf,
+                                                    NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL,
+                                                    valid_mode,
+                                                    MBEDTLS_MD_SHA1, 0, NULL,
+                                                    buf));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pkcs1_v15_verify(NULL, NULL,
+                                                               NULL,
+                                                               valid_mode,
+                                                               0, sizeof(buf), buf,
+                                                               buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pkcs1_v15_verify(&ctx, NULL,
+                                                               NULL,
+                                                               invalid_mode,
+                                                               0, sizeof(buf), buf,
+                                                               buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pkcs1_v15_verify(&ctx, NULL,
+                                                               NULL,
+                                                               valid_mode,
+                                                               0, sizeof(buf),
+                                                               NULL, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pkcs1_v15_verify(&ctx, NULL,
+                                                               NULL,
+                                                               valid_mode,
+                                                               0, sizeof(buf), buf,
+                                                               NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pkcs1_v15_verify(&ctx, NULL,
+                                                               NULL,
+                                                               valid_mode,
+                                                               MBEDTLS_MD_SHA1,
+                                                               0, NULL,
+                                                               buf));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pss_verify(NULL, NULL, NULL,
+                                                         valid_mode,
+                                                         0, sizeof(buf),
+                                                         buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pss_verify(&ctx, NULL, NULL,
+                                                         invalid_mode,
+                                                         0, sizeof(buf),
+                                                         buf, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pss_verify(&ctx, NULL, NULL,
+                                                         valid_mode,
+                                                         0, sizeof(buf),
+                                                         NULL, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pss_verify(&ctx, NULL, NULL,
+                                                         valid_mode,
+                                                         0, sizeof(buf),
+                                                         buf, NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pss_verify(&ctx, NULL, NULL,
+                                                         valid_mode,
+                                                         MBEDTLS_MD_SHA1,
+                                                         0, NULL,
+                                                         buf));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pss_verify_ext(NULL, NULL, NULL,
+                                                             valid_mode,
+                                                             0, sizeof(buf),
+                                                             buf,
+                                                             0, 0,
+                                                             buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pss_verify_ext(&ctx, NULL, NULL,
+                                                             invalid_mode,
+                                                             0, sizeof(buf),
+                                                             buf,
+                                                             0, 0,
+                                                             buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pss_verify_ext(&ctx, NULL, NULL,
+                                                             valid_mode,
+                                                             0, sizeof(buf),
+                                                             NULL, 0, 0,
+                                                             buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pss_verify_ext(&ctx, NULL, NULL,
+                                                             valid_mode,
+                                                             0, sizeof(buf),
+                                                             buf, 0, 0,
+                                                             NULL));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_rsassa_pss_verify_ext(&ctx, NULL, NULL,
+                                                             valid_mode,
+                                                             MBEDTLS_MD_SHA1,
+                                                             0, NULL,
+                                                             0, 0,
+                                                             buf));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_copy(NULL, &ctx));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
+                           mbedtls_rsa_copy(&ctx, NULL));
+
+exit:
+    return;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void rsa_init_free(int reinit)
+{
+    mbedtls_rsa_context ctx;
+
+    /* Double free is not explicitly documented to work, but we rely on it
+     * even inside the library so that you can call mbedtls_rsa_free()
+     * unconditionally on an error path without checking whether it has
+     * already been called in the success path. */
+
+    mbedtls_rsa_init(&ctx, 0, 0);
+    mbedtls_rsa_free(&ctx);
+
+    if (reinit) {
+        mbedtls_rsa_init(&ctx, 0, 0);
+    }
+    mbedtls_rsa_free(&ctx);
+
+    /* This test case always succeeds, functionally speaking. A plausible
+     * bug might trigger an invalid pointer dereference or a memory leak. */
+    goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_rsa_pkcs1_sign(data_t *message_str, int padding_mode,
+                            int digest, int mod, char *input_P,
+                            char *input_Q, char *input_N, char *input_E,
+                            data_t *result_str, int result)
+{
+    unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
+    unsigned char output[256];
+    mbedtls_rsa_context ctx;
+    mbedtls_mpi N, P, Q, E;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&P);
+    mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E);
+    mbedtls_rsa_init(&ctx, padding_mode, 0);
+
+    memset(hash_result, 0x00, sizeof(hash_result));
+    memset(output, 0x00, sizeof(output));
+    memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info));
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+
+    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0);
+    TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8));
+    TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0);
+    TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0);
+
+
+    if (mbedtls_md_info_from_type(digest) != NULL) {
+        TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len,
+                               hash_result) == 0);
+    }
+
+    TEST_ASSERT(mbedtls_rsa_pkcs1_sign(&ctx, &mbedtls_test_rnd_pseudo_rand,
+                                       &rnd_info, MBEDTLS_RSA_PRIVATE, digest,
+                                       0, hash_result, output) == result);
+    if (result == 0) {
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x,
+                                        ctx.len, result_str->len) == 0);
+    }
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&P);
+    mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E);
+    mbedtls_rsa_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_rsa_pkcs1_verify(data_t *message_str, int padding_mode,
+                              int digest, int mod,
+                              char *input_N, char *input_E,
+                              data_t *result_str, int result)
+{
+    unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
+    mbedtls_rsa_context ctx;
+
+    mbedtls_mpi N, E;
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
+    mbedtls_rsa_init(&ctx, padding_mode, 0);
+    memset(hash_result, 0x00, sizeof(hash_result));
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0);
+    TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8));
+    TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0);
+
+
+    if (mbedtls_md_info_from_type(digest) != NULL) {
+        TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len,
+                               hash_result) == 0);
+    }
+
+    TEST_ASSERT(mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0,
+                                         hash_result, result_str->x) == result);
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&E);
+    mbedtls_rsa_free(&ctx);
+}
+/* END_CASE */
+
+
+/* BEGIN_CASE */
+void rsa_pkcs1_sign_raw(data_t *hash_result,
+                        int padding_mode, int mod,
+                        char *input_P, char *input_Q,
+                        char *input_N, char *input_E,
+                        data_t *result_str)
+{
+    unsigned char output[256];
+    mbedtls_rsa_context ctx;
+    mbedtls_mpi N, P, Q, E;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+
+    mbedtls_rsa_init(&ctx, padding_mode, 0);
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&P);
+    mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E);
+
+    memset(output, 0x00, sizeof(output));
+    memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info));
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+
+    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0);
+    TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8));
+    TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0);
+    TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0);
+
+
+    TEST_ASSERT(mbedtls_rsa_pkcs1_sign(&ctx, &mbedtls_test_rnd_pseudo_rand,
+                                       &rnd_info, MBEDTLS_RSA_PRIVATE,
+                                       MBEDTLS_MD_NONE, hash_result->len,
+                                       hash_result->x, output) == 0);
+
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x,
+                                    ctx.len, result_str->len) == 0);
+
+#if defined(MBEDTLS_PKCS1_V15)
+    /* For PKCS#1 v1.5, there is an alternative way to generate signatures */
+    if (padding_mode == MBEDTLS_RSA_PKCS_V15) {
+        int res;
+        memset(output, 0x00, sizeof(output));
+
+        res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt(&ctx,
+                                                  &mbedtls_test_rnd_pseudo_rand, &rnd_info,
+                                                  MBEDTLS_RSA_PRIVATE, hash_result->len,
+                                                  hash_result->x, output);
+
+#if !defined(MBEDTLS_RSA_ALT)
+        TEST_ASSERT(res == 0);
+#else
+        TEST_ASSERT((res == 0) ||
+                    (res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION));
+#endif
+
+        if (res == 0) {
+            TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x,
+                                            ctx.len,
+                                            result_str->len) == 0);
+        }
+    }
+#endif /* MBEDTLS_PKCS1_V15 */
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&P);
+    mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E);
+
+    mbedtls_rsa_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void rsa_pkcs1_verify_raw(data_t *hash_result,
+                          int padding_mode, int mod,
+                          char *input_N, char *input_E,
+                          data_t *result_str, int correct)
+{
+    unsigned char output[256];
+    mbedtls_rsa_context ctx;
+
+    mbedtls_mpi N, E;
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
+
+    mbedtls_rsa_init(&ctx, padding_mode, 0);
+    memset(output, 0x00, sizeof(output));
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+
+    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0);
+    TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8));
+    TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0);
+
+
+    TEST_ASSERT(mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE,
+                                         hash_result->len, hash_result->x,
+                                         result_str->x) == correct);
+
+#if defined(MBEDTLS_PKCS1_V15)
+    /* For PKCS#1 v1.5, there is an alternative way to verify signatures */
+    if (padding_mode == MBEDTLS_RSA_PKCS_V15) {
+        int res;
+        int ok;
+        size_t olen;
+
+        res = mbedtls_rsa_rsaes_pkcs1_v15_decrypt(&ctx,
+                                                  NULL, NULL, MBEDTLS_RSA_PUBLIC,
+                                                  &olen, result_str->x, output, sizeof(output));
+
+#if !defined(MBEDTLS_RSA_ALT)
+        TEST_ASSERT(res == 0);
+#else
+        TEST_ASSERT((res == 0) ||
+                    (res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION));
+#endif
+
+        if (res == 0) {
+            ok = olen == hash_result->len && memcmp(output, hash_result->x, olen) == 0;
+            if (correct == 0) {
+                TEST_ASSERT(ok == 1);
+            } else {
+                TEST_ASSERT(ok == 0);
+            }
+        }
+    }
+#endif /* MBEDTLS_PKCS1_V15 */
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&E);
+    mbedtls_rsa_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_rsa_pkcs1_encrypt(data_t *message_str, int padding_mode,
+                               int mod, char *input_N, char *input_E,
+                               data_t *result_str, int result)
+{
+    unsigned char output[256];
+    mbedtls_rsa_context ctx;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+
+    mbedtls_mpi N, E;
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
+
+    memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info));
+
+    mbedtls_rsa_init(&ctx, padding_mode, 0);
+    memset(output, 0x00, sizeof(output));
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+
+    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0);
+    TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8));
+    TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0);
+
+
+    TEST_ASSERT(mbedtls_rsa_pkcs1_encrypt(&ctx,
+                                          &mbedtls_test_rnd_pseudo_rand,
+                                          &rnd_info, MBEDTLS_RSA_PUBLIC,
+                                          message_str->len, message_str->x,
+                                          output) == result);
+    if (result == 0) {
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x,
+                                        ctx.len, result_str->len) == 0);
+    }
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&E);
+    mbedtls_rsa_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void rsa_pkcs1_encrypt_bad_rng(data_t *message_str, int padding_mode,
+                               int mod, char *input_N, char *input_E,
+                               data_t *result_str, int result)
+{
+    unsigned char output[256];
+    mbedtls_rsa_context ctx;
+
+    mbedtls_mpi N, E;
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
+    mbedtls_rsa_init(&ctx, padding_mode, 0);
+    memset(output, 0x00, sizeof(output));
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+
+    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0);
+    TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8));
+    TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0);
+
+
+    TEST_ASSERT(mbedtls_rsa_pkcs1_encrypt(&ctx, &mbedtls_test_rnd_zero_rand,
+                                          NULL, MBEDTLS_RSA_PUBLIC,
+                                          message_str->len, message_str->x,
+                                          output) == result);
+    if (result == 0) {
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x,
+                                        ctx.len, result_str->len) == 0);
+    }
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&E);
+    mbedtls_rsa_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_rsa_pkcs1_decrypt(data_t *message_str, int padding_mode,
+                               int mod, char *input_P,
+                               char *input_Q, char *input_N,
+                               char *input_E, int max_output,
+                               data_t *result_str, int result)
+{
+    unsigned char output[32];
+    mbedtls_rsa_context ctx;
+    size_t output_len;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+    mbedtls_mpi N, P, Q, E;
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&P);
+    mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E);
+
+    mbedtls_rsa_init(&ctx, padding_mode, 0);
+
+    memset(output, 0x00, sizeof(output));
+    memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info));
+
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+
+    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0);
+    TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8));
+    TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0);
+    TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0);
+
+    output_len = 0;
+
+    TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(&ctx, mbedtls_test_rnd_pseudo_rand,
+                                          &rnd_info, MBEDTLS_RSA_PRIVATE,
+                                          &output_len, message_str->x, output,
+                                          max_output) == result);
+    if (result == 0) {
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x,
+                                        output_len,
+                                        result_str->len) == 0);
+    }
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&P);
+    mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E);
+    mbedtls_rsa_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_rsa_public(data_t *message_str, int mod,
+                        char *input_N, char *input_E,
+                        data_t *result_str, int result)
+{
+    unsigned char output[256];
+    mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
+
+    mbedtls_mpi N, E;
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
+    mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, 0);
+    mbedtls_rsa_init(&ctx2, MBEDTLS_RSA_PKCS_V15, 0);
+    memset(output, 0x00, sizeof(output));
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+
+    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0);
+
+    /* Check test data consistency */
+    TEST_ASSERT(message_str->len == (size_t) (mod / 8));
+    TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8));
+    TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0);
+
+    TEST_ASSERT(mbedtls_rsa_public(&ctx, message_str->x, output) == result);
+    if (result == 0) {
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x,
+                                        ctx.len, result_str->len) == 0);
+    }
+
+    /* And now with the copy */
+    TEST_ASSERT(mbedtls_rsa_copy(&ctx2, &ctx) == 0);
+    /* clear the original to be sure */
+    mbedtls_rsa_free(&ctx);
+
+    TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx2) == 0);
+
+    memset(output, 0x00, sizeof(output));
+    TEST_ASSERT(mbedtls_rsa_public(&ctx2, message_str->x, output) == result);
+    if (result == 0) {
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x,
+                                        ctx.len, result_str->len) == 0);
+    }
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&E);
+    mbedtls_rsa_free(&ctx);
+    mbedtls_rsa_free(&ctx2);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_rsa_private(data_t *message_str, int mod,
+                         char *input_P, char *input_Q,
+                         char *input_N, char *input_E,
+                         data_t *result_str, int result)
+{
+    unsigned char output[256];
+    mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
+    mbedtls_mpi N, P, Q, E;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+    int i;
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&P);
+    mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E);
+    mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, 0);
+    mbedtls_rsa_init(&ctx2, MBEDTLS_RSA_PKCS_V15, 0);
+
+    memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info));
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+
+    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0);
+
+    /* Check test data consistency */
+    TEST_ASSERT(message_str->len == (size_t) (mod / 8));
+    TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8));
+    TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0);
+    TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0);
+
+    /* repeat three times to test updating of blinding values */
+    for (i = 0; i < 3; i++) {
+        memset(output, 0x00, sizeof(output));
+        TEST_ASSERT(mbedtls_rsa_private(&ctx, mbedtls_test_rnd_pseudo_rand,
+                                        &rnd_info, message_str->x,
+                                        output) == result);
+        if (result == 0) {
+
+            TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x,
+                                            ctx.len,
+                                            result_str->len) == 0);
+        }
+    }
+
+    /* And now one more time with the copy */
+    TEST_ASSERT(mbedtls_rsa_copy(&ctx2, &ctx) == 0);
+    /* clear the original to be sure */
+    mbedtls_rsa_free(&ctx);
+
+    TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx2) == 0);
+
+    memset(output, 0x00, sizeof(output));
+    TEST_ASSERT(mbedtls_rsa_private(&ctx2, mbedtls_test_rnd_pseudo_rand,
+                                    &rnd_info, message_str->x,
+                                    output) == result);
+    if (result == 0) {
+
+        TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x,
+                                        ctx2.len,
+                                        result_str->len) == 0);
+    }
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&P);
+    mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E);
+
+    mbedtls_rsa_free(&ctx); mbedtls_rsa_free(&ctx2);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void rsa_check_privkey_null()
+{
+    mbedtls_rsa_context ctx;
+    memset(&ctx, 0x00, sizeof(mbedtls_rsa_context));
+
+    TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_rsa_check_pubkey(char *input_N, char *input_E, int result)
+{
+    mbedtls_rsa_context ctx;
+    mbedtls_mpi N, E;
+
+    mbedtls_mpi_init(&N); mbedtls_mpi_init(&E);
+    mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, 0);
+
+    if (strlen(input_N)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
+    }
+    if (strlen(input_E)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+    }
+
+    TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0);
+    TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == result);
+
+exit:
+    mbedtls_mpi_free(&N); mbedtls_mpi_free(&E);
+    mbedtls_rsa_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_rsa_check_privkey(int mod, char *input_P, char *input_Q,
+                               char *input_N, char *input_E, char *input_D,
+                               char *input_DP, char *input_DQ, char *input_QP,
+                               int result)
+{
+    mbedtls_rsa_context ctx;
+
+    mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, 0);
+
+    ctx.len = mod / 8;
+    if (strlen(input_P)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&ctx.P, input_P) == 0);
+    }
+    if (strlen(input_Q)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&ctx.Q, input_Q) == 0);
+    }
+    if (strlen(input_N)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&ctx.N, input_N) == 0);
+    }
+    if (strlen(input_E)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&ctx.E, input_E) == 0);
+    }
+    if (strlen(input_D)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&ctx.D, input_D) == 0);
+    }
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    if (strlen(input_DP)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&ctx.DP, input_DP) == 0);
+    }
+    if (strlen(input_DQ)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&ctx.DQ, input_DQ) == 0);
+    }
+    if (strlen(input_QP)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&ctx.QP, input_QP) == 0);
+    }
+#else
+    ((void) input_DP);
+    ((void) input_DQ);
+    ((void) input_QP);
+#endif
+
+    TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == result);
+
+exit:
+    mbedtls_rsa_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void rsa_check_pubpriv(int mod, char *input_Npub, char *input_Epub,
+                       char *input_P, char *input_Q, char *input_N,
+                       char *input_E, char *input_D, char *input_DP,
+                       char *input_DQ, char *input_QP, int result)
+{
+    mbedtls_rsa_context pub, prv;
+
+    mbedtls_rsa_init(&pub, MBEDTLS_RSA_PKCS_V15, 0);
+    mbedtls_rsa_init(&prv, MBEDTLS_RSA_PKCS_V15, 0);
+
+    pub.len = mod / 8;
+    prv.len = mod / 8;
+
+    if (strlen(input_Npub)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&pub.N, input_Npub) == 0);
+    }
+    if (strlen(input_Epub)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&pub.E, input_Epub) == 0);
+    }
+
+    if (strlen(input_P)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&prv.P, input_P) == 0);
+    }
+    if (strlen(input_Q)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&prv.Q, input_Q) == 0);
+    }
+    if (strlen(input_N)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&prv.N, input_N) == 0);
+    }
+    if (strlen(input_E)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&prv.E, input_E) == 0);
+    }
+    if (strlen(input_D)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&prv.D, input_D) == 0);
+    }
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    if (strlen(input_DP)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&prv.DP, input_DP) == 0);
+    }
+    if (strlen(input_DQ)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&prv.DQ, input_DQ) == 0);
+    }
+    if (strlen(input_QP)) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&prv.QP, input_QP) == 0);
+    }
+#else
+    ((void) input_DP);
+    ((void) input_DQ);
+    ((void) input_QP);
+#endif
+
+    TEST_ASSERT(mbedtls_rsa_check_pub_priv(&pub, &prv) == result);
+
+exit:
+    mbedtls_rsa_free(&pub);
+    mbedtls_rsa_free(&prv);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
+void mbedtls_rsa_gen_key(int nrbits, int exponent, int result)
+{
+    mbedtls_rsa_context ctx;
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    const char *pers = "test_suite_rsa";
+
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    mbedtls_entropy_init(&entropy);
+    mbedtls_rsa_init(&ctx, 0, 0);
+
+    TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func,
+                                      &entropy, (const unsigned char *) pers,
+                                      strlen(pers)) == 0);
+
+    TEST_ASSERT(mbedtls_rsa_gen_key(&ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits,
+                                    exponent) == result);
+    if (result == 0) {
+        TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0);
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&ctx.P, &ctx.Q) > 0);
+    }
+
+exit:
+    mbedtls_rsa_free(&ctx);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
+void mbedtls_rsa_deduce_primes(char *input_N,
+                               char *input_D,
+                               char *input_E,
+                               char *output_P,
+                               char *output_Q,
+                               int corrupt, int result)
+{
+    mbedtls_mpi N, P, Pp, Q, Qp, D, E;
+
+    mbedtls_mpi_init(&N);
+    mbedtls_mpi_init(&P);  mbedtls_mpi_init(&Q);
+    mbedtls_mpi_init(&Pp); mbedtls_mpi_init(&Qp);
+    mbedtls_mpi_init(&D); mbedtls_mpi_init(&E);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&D, input_D) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Qp, output_P) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Pp, output_Q) == 0);
+
+    if (corrupt) {
+        TEST_ASSERT(mbedtls_mpi_add_int(&D, &D, 2) == 0);
+    }
+
+    /* Try to deduce P, Q from N, D, E only. */
+    TEST_ASSERT(mbedtls_rsa_deduce_primes(&N, &D, &E, &P, &Q) == result);
+
+    if (!corrupt) {
+        /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
+        TEST_ASSERT((mbedtls_mpi_cmp_mpi(&P, &Pp) == 0 && mbedtls_mpi_cmp_mpi(&Q, &Qp) == 0) ||
+                    (mbedtls_mpi_cmp_mpi(&P, &Qp) == 0 && mbedtls_mpi_cmp_mpi(&Q, &Pp) == 0));
+    }
+
+exit:
+    mbedtls_mpi_free(&N);
+    mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
+    mbedtls_mpi_free(&Pp); mbedtls_mpi_free(&Qp);
+    mbedtls_mpi_free(&D); mbedtls_mpi_free(&E);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_rsa_deduce_private_exponent(char *input_P,
+                                         char *input_Q,
+                                         char *input_E,
+                                         char *output_D,
+                                         int corrupt, int result)
+{
+    mbedtls_mpi P, Q, D, Dp, E, R, Rp;
+
+    mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
+    mbedtls_mpi_init(&D); mbedtls_mpi_init(&Dp);
+    mbedtls_mpi_init(&E);
+    mbedtls_mpi_init(&R); mbedtls_mpi_init(&Rp);
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+    TEST_ASSERT(mbedtls_test_read_mpi(&Dp, output_D) == 0);
+
+    if (corrupt) {
+        /* Make E even */
+        TEST_ASSERT(mbedtls_mpi_set_bit(&E, 0, 0) == 0);
+    }
+
+    /* Try to deduce D from N, P, Q, E. */
+    TEST_ASSERT(mbedtls_rsa_deduce_private_exponent(&P, &Q,
+                                                    &E, &D) == result);
+
+    if (!corrupt) {
+        /*
+         * Check that D and Dp agree modulo LCM(P-1, Q-1).
+         */
+
+        /* Replace P,Q by P-1, Q-1 */
+        TEST_ASSERT(mbedtls_mpi_sub_int(&P, &P, 1) == 0);
+        TEST_ASSERT(mbedtls_mpi_sub_int(&Q, &Q, 1) == 0);
+
+        /* Check D == Dp modulo P-1 */
+        TEST_ASSERT(mbedtls_mpi_mod_mpi(&R,  &D,  &P) == 0);
+        TEST_ASSERT(mbedtls_mpi_mod_mpi(&Rp, &Dp, &P) == 0);
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R,  &Rp)     == 0);
+
+        /* Check D == Dp modulo Q-1 */
+        TEST_ASSERT(mbedtls_mpi_mod_mpi(&R,  &D,  &Q) == 0);
+        TEST_ASSERT(mbedtls_mpi_mod_mpi(&Rp, &Dp, &Q) == 0);
+        TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R,  &Rp)     == 0);
+    }
+
+exit:
+
+    mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
+    mbedtls_mpi_free(&D); mbedtls_mpi_free(&Dp);
+    mbedtls_mpi_free(&E);
+    mbedtls_mpi_free(&R); mbedtls_mpi_free(&Rp);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
+void mbedtls_rsa_import(char *input_N,
+                        char *input_P,
+                        char *input_Q,
+                        char *input_D,
+                        char *input_E,
+                        int successive,
+                        int is_priv,
+                        int res_check,
+                        int res_complete)
+{
+    mbedtls_mpi N, P, Q, D, E;
+    mbedtls_rsa_context ctx;
+
+    /* Buffers used for encryption-decryption test */
+    unsigned char *buf_orig = NULL;
+    unsigned char *buf_enc  = NULL;
+    unsigned char *buf_dec  = NULL;
+
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    const char *pers = "test_suite_rsa";
+
+    const int have_N = (strlen(input_N) > 0);
+    const int have_P = (strlen(input_P) > 0);
+    const int have_Q = (strlen(input_Q) > 0);
+    const int have_D = (strlen(input_D) > 0);
+    const int have_E = (strlen(input_E) > 0);
+
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    mbedtls_entropy_init(&entropy);
+    mbedtls_rsa_init(&ctx, 0, 0);
+
+    mbedtls_mpi_init(&N);
+    mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
+    mbedtls_mpi_init(&D); mbedtls_mpi_init(&E);
+
+    TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                      (const unsigned char *) pers, strlen(pers)) == 0);
+
+    if (have_N) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
+    }
+
+    if (have_P) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0);
+    }
+
+    if (have_Q) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0);
+    }
+
+    if (have_D) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&D, input_D) == 0);
+    }
+
+    if (have_E) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+    }
+
+    if (!successive) {
+        TEST_ASSERT(mbedtls_rsa_import(&ctx,
+                                       have_N ? &N : NULL,
+                                       have_P ? &P : NULL,
+                                       have_Q ? &Q : NULL,
+                                       have_D ? &D : NULL,
+                                       have_E ? &E : NULL) == 0);
+    } else {
+        /* Import N, P, Q, D, E separately.
+         * This should make no functional difference. */
+
+        TEST_ASSERT(mbedtls_rsa_import(&ctx,
+                                       have_N ? &N : NULL,
+                                       NULL, NULL, NULL, NULL) == 0);
+
+        TEST_ASSERT(mbedtls_rsa_import(&ctx,
+                                       NULL,
+                                       have_P ? &P : NULL,
+                                       NULL, NULL, NULL) == 0);
+
+        TEST_ASSERT(mbedtls_rsa_import(&ctx,
+                                       NULL, NULL,
+                                       have_Q ? &Q : NULL,
+                                       NULL, NULL) == 0);
+
+        TEST_ASSERT(mbedtls_rsa_import(&ctx,
+                                       NULL, NULL, NULL,
+                                       have_D ? &D : NULL,
+                                       NULL) == 0);
+
+        TEST_ASSERT(mbedtls_rsa_import(&ctx,
+                                       NULL, NULL, NULL, NULL,
+                                       have_E ? &E : NULL) == 0);
+    }
+
+    TEST_ASSERT(mbedtls_rsa_complete(&ctx) == res_complete);
+
+    /* On expected success, perform some public and private
+     * key operations to check if the key is working properly. */
+    if (res_complete == 0) {
+        if (is_priv) {
+            TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == res_check);
+        } else {
+            TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == res_check);
+        }
+
+        if (res_check != 0) {
+            goto exit;
+        }
+
+        buf_orig = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx));
+        buf_enc  = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx));
+        buf_dec  = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx));
+        if (buf_orig == NULL || buf_enc == NULL || buf_dec == NULL) {
+            goto exit;
+        }
+
+        TEST_ASSERT(mbedtls_ctr_drbg_random(&ctr_drbg,
+                                            buf_orig, mbedtls_rsa_get_len(&ctx)) == 0);
+
+        /* Make sure the number we're generating is smaller than the modulus */
+        buf_orig[0] = 0x00;
+
+        TEST_ASSERT(mbedtls_rsa_public(&ctx, buf_orig, buf_enc) == 0);
+
+        if (is_priv) {
+            TEST_ASSERT(mbedtls_rsa_private(&ctx, mbedtls_ctr_drbg_random,
+                                            &ctr_drbg, buf_enc,
+                                            buf_dec) == 0);
+
+            TEST_ASSERT(memcmp(buf_orig, buf_dec,
+                               mbedtls_rsa_get_len(&ctx)) == 0);
+        }
+    }
+
+exit:
+
+    mbedtls_free(buf_orig);
+    mbedtls_free(buf_enc);
+    mbedtls_free(buf_dec);
+
+    mbedtls_rsa_free(&ctx);
+
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+
+    mbedtls_mpi_free(&N);
+    mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
+    mbedtls_mpi_free(&D); mbedtls_mpi_free(&E);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_rsa_export(char *input_N,
+                        char *input_P,
+                        char *input_Q,
+                        char *input_D,
+                        char *input_E,
+                        int is_priv,
+                        int successive)
+{
+    /* Original MPI's with which we set up the RSA context */
+    mbedtls_mpi N, P, Q, D, E;
+
+    /* Exported MPI's */
+    mbedtls_mpi Ne, Pe, Qe, De, Ee;
+
+    const int have_N = (strlen(input_N) > 0);
+    const int have_P = (strlen(input_P) > 0);
+    const int have_Q = (strlen(input_Q) > 0);
+    const int have_D = (strlen(input_D) > 0);
+    const int have_E = (strlen(input_E) > 0);
+
+    mbedtls_rsa_context ctx;
+
+    mbedtls_rsa_init(&ctx, 0, 0);
+
+    mbedtls_mpi_init(&N);
+    mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
+    mbedtls_mpi_init(&D); mbedtls_mpi_init(&E);
+
+    mbedtls_mpi_init(&Ne);
+    mbedtls_mpi_init(&Pe); mbedtls_mpi_init(&Qe);
+    mbedtls_mpi_init(&De); mbedtls_mpi_init(&Ee);
+
+    /* Setup RSA context */
+
+    if (have_N) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
+    }
+
+    if (have_P) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0);
+    }
+
+    if (have_Q) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0);
+    }
+
+    if (have_D) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&D, input_D) == 0);
+    }
+
+    if (have_E) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+    }
+
+    TEST_ASSERT(mbedtls_rsa_import(&ctx,
+                                   strlen(input_N) ? &N : NULL,
+                                   strlen(input_P) ? &P : NULL,
+                                   strlen(input_Q) ? &Q : NULL,
+                                   strlen(input_D) ? &D : NULL,
+                                   strlen(input_E) ? &E : NULL) == 0);
+
+    TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0);
+
+    /*
+     * Export parameters and compare to original ones.
+     */
+
+    /* N and E must always be present. */
+    if (!successive) {
+        TEST_ASSERT(mbedtls_rsa_export(&ctx, &Ne, NULL, NULL, NULL, &Ee) == 0);
+    } else {
+        TEST_ASSERT(mbedtls_rsa_export(&ctx, &Ne, NULL, NULL, NULL, NULL) == 0);
+        TEST_ASSERT(mbedtls_rsa_export(&ctx, NULL, NULL, NULL, NULL, &Ee) == 0);
+    }
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&N, &Ne) == 0);
+    TEST_ASSERT(mbedtls_mpi_cmp_mpi(&E, &Ee) == 0);
+
+    /* If we were providing enough information to setup a complete private context,
+     * we expect to be able to export all core parameters. */
+
+    if (is_priv) {
+        if (!successive) {
+            TEST_ASSERT(mbedtls_rsa_export(&ctx, NULL, &Pe, &Qe,
+                                           &De, NULL) == 0);
+        } else {
+            TEST_ASSERT(mbedtls_rsa_export(&ctx, NULL, &Pe, NULL,
+                                           NULL, NULL) == 0);
+            TEST_ASSERT(mbedtls_rsa_export(&ctx, NULL, NULL, &Qe,
+                                           NULL, NULL) == 0);
+            TEST_ASSERT(mbedtls_rsa_export(&ctx, NULL, NULL, NULL,
+                                           &De, NULL) == 0);
+        }
+
+        if (have_P) {
+            TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P, &Pe) == 0);
+        }
+
+        if (have_Q) {
+            TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Q, &Qe) == 0);
+        }
+
+        if (have_D) {
+            TEST_ASSERT(mbedtls_mpi_cmp_mpi(&D, &De) == 0);
+        }
+
+        /* While at it, perform a sanity check */
+        TEST_ASSERT(mbedtls_rsa_validate_params(&Ne, &Pe, &Qe, &De, &Ee,
+                                                NULL, NULL) == 0);
+    }
+
+exit:
+
+    mbedtls_rsa_free(&ctx);
+
+    mbedtls_mpi_free(&N);
+    mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
+    mbedtls_mpi_free(&D); mbedtls_mpi_free(&E);
+
+    mbedtls_mpi_free(&Ne);
+    mbedtls_mpi_free(&Pe); mbedtls_mpi_free(&Qe);
+    mbedtls_mpi_free(&De); mbedtls_mpi_free(&Ee);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
+void mbedtls_rsa_validate_params(char *input_N,
+                                 char *input_P,
+                                 char *input_Q,
+                                 char *input_D,
+                                 char *input_E,
+                                 int prng, int result)
+{
+    /* Original MPI's with which we set up the RSA context */
+    mbedtls_mpi N, P, Q, D, E;
+
+    const int have_N = (strlen(input_N) > 0);
+    const int have_P = (strlen(input_P) > 0);
+    const int have_Q = (strlen(input_Q) > 0);
+    const int have_D = (strlen(input_D) > 0);
+    const int have_E = (strlen(input_E) > 0);
+
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    const char *pers = "test_suite_rsa";
+
+    mbedtls_mpi_init(&N);
+    mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
+    mbedtls_mpi_init(&D); mbedtls_mpi_init(&E);
+
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    mbedtls_entropy_init(&entropy);
+    TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func,
+                                      &entropy, (const unsigned char *) pers,
+                                      strlen(pers)) == 0);
+
+    if (have_N) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0);
+    }
+
+    if (have_P) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0);
+    }
+
+    if (have_Q) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0);
+    }
+
+    if (have_D) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&D, input_D) == 0);
+    }
+
+    if (have_E) {
+        TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0);
+    }
+
+    TEST_ASSERT(mbedtls_rsa_validate_params(have_N ? &N : NULL,
+                                            have_P ? &P : NULL,
+                                            have_Q ? &Q : NULL,
+                                            have_D ? &D : NULL,
+                                            have_E ? &E : NULL,
+                                            prng ? mbedtls_ctr_drbg_random : NULL,
+                                            prng ? &ctr_drbg : NULL) == result);
+exit:
+
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+
+    mbedtls_mpi_free(&N);
+    mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
+    mbedtls_mpi_free(&D); mbedtls_mpi_free(&E);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
+void mbedtls_rsa_export_raw(data_t *input_N, data_t *input_P,
+                            data_t *input_Q, data_t *input_D,
+                            data_t *input_E, int is_priv,
+                            int successive)
+{
+    /* Exported buffers */
+    unsigned char bufNe[256];
+    unsigned char bufPe[128];
+    unsigned char bufQe[128];
+    unsigned char bufDe[256];
+    unsigned char bufEe[1];
+
+    mbedtls_rsa_context ctx;
+
+    mbedtls_rsa_init(&ctx, 0, 0);
+
+    /* Setup RSA context */
+    TEST_ASSERT(mbedtls_rsa_import_raw(&ctx,
+                                       input_N->len ? input_N->x : NULL, input_N->len,
+                                       input_P->len ? input_P->x : NULL, input_P->len,
+                                       input_Q->len ? input_Q->x : NULL, input_Q->len,
+                                       input_D->len ? input_D->x : NULL, input_D->len,
+                                       input_E->len ? input_E->x : NULL, input_E->len) == 0);
+
+    TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0);
+
+    /*
+     * Export parameters and compare to original ones.
+     */
+
+    /* N and E must always be present. */
+    if (!successive) {
+        TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, bufNe, input_N->len,
+                                           NULL, 0, NULL, 0, NULL, 0,
+                                           bufEe, input_E->len) == 0);
+    } else {
+        TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, bufNe, input_N->len,
+                                           NULL, 0, NULL, 0, NULL, 0,
+                                           NULL, 0) == 0);
+        TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, NULL, 0,
+                                           NULL, 0, NULL, 0, NULL, 0,
+                                           bufEe, input_E->len) == 0);
+    }
+    TEST_ASSERT(memcmp(input_N->x, bufNe, input_N->len) == 0);
+    TEST_ASSERT(memcmp(input_E->x, bufEe, input_E->len) == 0);
+
+    /* If we were providing enough information to setup a complete private context,
+     * we expect to be able to export all core parameters. */
+
+    if (is_priv) {
+        if (!successive) {
+            TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, NULL, 0,
+                                               bufPe, input_P->len ? input_P->len : sizeof(bufPe),
+                                               bufQe, input_Q->len ? input_Q->len : sizeof(bufQe),
+                                               bufDe, input_D->len ? input_D->len : sizeof(bufDe),
+                                               NULL, 0) == 0);
+        } else {
+            TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, NULL, 0,
+                                               bufPe, input_P->len ? input_P->len : sizeof(bufPe),
+                                               NULL, 0, NULL, 0,
+                                               NULL, 0) == 0);
+
+            TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, NULL, 0, NULL, 0,
+                                               bufQe, input_Q->len ? input_Q->len : sizeof(bufQe),
+                                               NULL, 0, NULL, 0) == 0);
+
+            TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, NULL, 0, NULL, 0, NULL, 0,
+                                               bufDe, input_D->len ? input_D->len : sizeof(bufDe),
+                                               NULL, 0) == 0);
+        }
+
+        if (input_P->len) {
+            TEST_ASSERT(memcmp(input_P->x, bufPe, input_P->len) == 0);
+        }
+
+        if (input_Q->len) {
+            TEST_ASSERT(memcmp(input_Q->x, bufQe, input_Q->len) == 0);
+        }
+
+        if (input_D->len) {
+            TEST_ASSERT(memcmp(input_D->x, bufDe, input_D->len) == 0);
+        }
+
+    }
+
+exit:
+    mbedtls_rsa_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
+void mbedtls_rsa_import_raw(data_t *input_N,
+                            data_t *input_P, data_t *input_Q,
+                            data_t *input_D, data_t *input_E,
+                            int successive,
+                            int is_priv,
+                            int res_check,
+                            int res_complete)
+{
+    /* Buffers used for encryption-decryption test */
+    unsigned char *buf_orig = NULL;
+    unsigned char *buf_enc  = NULL;
+    unsigned char *buf_dec  = NULL;
+
+    mbedtls_rsa_context ctx;
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+
+    const char *pers = "test_suite_rsa";
+
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    mbedtls_entropy_init(&entropy);
+    mbedtls_rsa_init(&ctx, 0, 0);
+
+    TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func,
+                                      &entropy, (const unsigned char *) pers,
+                                      strlen(pers)) == 0);
+
+    if (!successive) {
+        TEST_ASSERT(mbedtls_rsa_import_raw(&ctx,
+                                           (input_N->len > 0) ? input_N->x : NULL, input_N->len,
+                                           (input_P->len > 0) ? input_P->x : NULL, input_P->len,
+                                           (input_Q->len > 0) ? input_Q->x : NULL, input_Q->len,
+                                           (input_D->len > 0) ? input_D->x : NULL, input_D->len,
+                                           (input_E->len > 0) ? input_E->x : NULL,
+                                           input_E->len) == 0);
+    } else {
+        /* Import N, P, Q, D, E separately.
+         * This should make no functional difference. */
+
+        TEST_ASSERT(mbedtls_rsa_import_raw(&ctx,
+                                           (input_N->len > 0) ? input_N->x : NULL, input_N->len,
+                                           NULL, 0, NULL, 0, NULL, 0, NULL, 0) == 0);
+
+        TEST_ASSERT(mbedtls_rsa_import_raw(&ctx,
+                                           NULL, 0,
+                                           (input_P->len > 0) ? input_P->x : NULL, input_P->len,
+                                           NULL, 0, NULL, 0, NULL, 0) == 0);
+
+        TEST_ASSERT(mbedtls_rsa_import_raw(&ctx,
+                                           NULL, 0, NULL, 0,
+                                           (input_Q->len > 0) ? input_Q->x : NULL, input_Q->len,
+                                           NULL, 0, NULL, 0) == 0);
+
+        TEST_ASSERT(mbedtls_rsa_import_raw(&ctx,
+                                           NULL, 0, NULL, 0, NULL, 0,
+                                           (input_D->len > 0) ? input_D->x : NULL, input_D->len,
+                                           NULL, 0) == 0);
+
+        TEST_ASSERT(mbedtls_rsa_import_raw(&ctx,
+                                           NULL, 0, NULL, 0, NULL, 0, NULL, 0,
+                                           (input_E->len > 0) ? input_E->x : NULL,
+                                           input_E->len) == 0);
+    }
+
+    TEST_ASSERT(mbedtls_rsa_complete(&ctx) == res_complete);
+
+    /* On expected success, perform some public and private
+     * key operations to check if the key is working properly. */
+    if (res_complete == 0) {
+        if (is_priv) {
+            TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == res_check);
+        } else {
+            TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == res_check);
+        }
+
+        if (res_check != 0) {
+            goto exit;
+        }
+
+        buf_orig = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx));
+        buf_enc  = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx));
+        buf_dec  = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx));
+        if (buf_orig == NULL || buf_enc == NULL || buf_dec == NULL) {
+            goto exit;
+        }
+
+        TEST_ASSERT(mbedtls_ctr_drbg_random(&ctr_drbg,
+                                            buf_orig, mbedtls_rsa_get_len(&ctx)) == 0);
+
+        /* Make sure the number we're generating is smaller than the modulus */
+        buf_orig[0] = 0x00;
+
+        TEST_ASSERT(mbedtls_rsa_public(&ctx, buf_orig, buf_enc) == 0);
+
+        if (is_priv) {
+            TEST_ASSERT(mbedtls_rsa_private(&ctx, mbedtls_ctr_drbg_random,
+                                            &ctr_drbg, buf_enc,
+                                            buf_dec) == 0);
+
+            TEST_ASSERT(memcmp(buf_orig, buf_dec,
+                               mbedtls_rsa_get_len(&ctx)) == 0);
+        }
+    }
+
+exit:
+
+    mbedtls_free(buf_orig);
+    mbedtls_free(buf_enc);
+    mbedtls_free(buf_dec);
+
+    mbedtls_rsa_free(&ctx);
+
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void rsa_selftest()
+{
+    TEST_ASSERT(mbedtls_rsa_self_test(1) == 0);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_shax.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_shax.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_shax.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_shax.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_shax.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_shax.function
new file mode 100644
index 0000000..02c410e
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_shax.function
@@ -0,0 +1,255 @@
+/* BEGIN_HEADER */
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+/* END_HEADER */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA1_C */
+void sha1_valid_param()
+{
+    TEST_VALID_PARAM(mbedtls_sha1_free(NULL));
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA1_C:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void sha1_invalid_param()
+{
+    mbedtls_sha1_context ctx;
+    unsigned char buf[64] = { 0 };
+    size_t const buflen = sizeof(buf);
+
+    TEST_INVALID_PARAM(mbedtls_sha1_init(NULL));
+
+    TEST_INVALID_PARAM(mbedtls_sha1_clone(NULL, &ctx));
+    TEST_INVALID_PARAM(mbedtls_sha1_clone(&ctx, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
+                           mbedtls_sha1_starts_ret(NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
+                           mbedtls_sha1_update_ret(NULL, buf, buflen));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
+                           mbedtls_sha1_update_ret(&ctx, NULL, buflen));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
+                           mbedtls_sha1_finish_ret(NULL, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
+                           mbedtls_sha1_finish_ret(&ctx, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
+                           mbedtls_internal_sha1_process(NULL, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
+                           mbedtls_internal_sha1_process(&ctx, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
+                           mbedtls_sha1_ret(NULL, buflen, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
+                           mbedtls_sha1_ret(buf, buflen, NULL));
+
+exit:
+    return;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA1_C */
+void mbedtls_sha1(data_t *src_str, data_t *hash)
+{
+    unsigned char output[41];
+
+    memset(output, 0x00, 41);
+
+
+    TEST_ASSERT(mbedtls_sha1_ret(src_str->x, src_str->len, output) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, 20, hash->len) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+void sha256_valid_param()
+{
+    TEST_VALID_PARAM(mbedtls_sha256_free(NULL));
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void sha256_invalid_param()
+{
+    mbedtls_sha256_context ctx;
+    unsigned char buf[64] = { 0 };
+    size_t const buflen = sizeof(buf);
+    int valid_type = 0;
+    int invalid_type = 42;
+
+    TEST_INVALID_PARAM(mbedtls_sha256_init(NULL));
+
+    TEST_INVALID_PARAM(mbedtls_sha256_clone(NULL, &ctx));
+    TEST_INVALID_PARAM(mbedtls_sha256_clone(&ctx, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
+                           mbedtls_sha256_starts_ret(NULL, valid_type));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
+                           mbedtls_sha256_starts_ret(&ctx, invalid_type));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
+                           mbedtls_sha256_update_ret(NULL, buf, buflen));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
+                           mbedtls_sha256_update_ret(&ctx, NULL, buflen));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
+                           mbedtls_sha256_finish_ret(NULL, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
+                           mbedtls_sha256_finish_ret(&ctx, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
+                           mbedtls_internal_sha256_process(NULL, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
+                           mbedtls_internal_sha256_process(&ctx, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
+                           mbedtls_sha256_ret(NULL, buflen,
+                                              buf, valid_type));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
+                           mbedtls_sha256_ret(buf, buflen,
+                                              NULL, valid_type));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
+                           mbedtls_sha256_ret(buf, buflen,
+                                              buf, invalid_type));
+
+exit:
+    return;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+void sha224(data_t *src_str, data_t *hash)
+{
+    unsigned char output[57];
+
+    memset(output, 0x00, 57);
+
+
+    TEST_ASSERT(mbedtls_sha256_ret(src_str->x, src_str->len, output, 1) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, 28, hash->len) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+void mbedtls_sha256(data_t *src_str, data_t *hash)
+{
+    unsigned char output[65];
+
+    memset(output, 0x00, 65);
+
+
+    TEST_ASSERT(mbedtls_sha256_ret(src_str->x, src_str->len, output, 0) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, 32, hash->len) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA512_C */
+void sha512_valid_param()
+{
+    TEST_VALID_PARAM(mbedtls_sha512_free(NULL));
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA512_C:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void sha512_invalid_param()
+{
+    mbedtls_sha512_context ctx;
+    unsigned char buf[64] = { 0 };
+    size_t const buflen = sizeof(buf);
+    int valid_type = 0;
+    int invalid_type = 42;
+
+    TEST_INVALID_PARAM(mbedtls_sha512_init(NULL));
+
+    TEST_INVALID_PARAM(mbedtls_sha512_clone(NULL, &ctx));
+    TEST_INVALID_PARAM(mbedtls_sha512_clone(&ctx, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
+                           mbedtls_sha512_starts_ret(NULL, valid_type));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
+                           mbedtls_sha512_starts_ret(&ctx, invalid_type));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
+                           mbedtls_sha512_update_ret(NULL, buf, buflen));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
+                           mbedtls_sha512_update_ret(&ctx, NULL, buflen));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
+                           mbedtls_sha512_finish_ret(NULL, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
+                           mbedtls_sha512_finish_ret(&ctx, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
+                           mbedtls_internal_sha512_process(NULL, buf));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
+                           mbedtls_internal_sha512_process(&ctx, NULL));
+
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
+                           mbedtls_sha512_ret(NULL, buflen,
+                                              buf, valid_type));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
+                           mbedtls_sha512_ret(buf, buflen,
+                                              NULL, valid_type));
+    TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
+                           mbedtls_sha512_ret(buf, buflen,
+                                              buf, invalid_type));
+
+exit:
+    return;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA512_C */
+void sha384(data_t *src_str, data_t *hash)
+{
+    unsigned char output[97];
+
+    memset(output, 0x00, 97);
+
+
+    TEST_ASSERT(mbedtls_sha512_ret(src_str->x, src_str->len, output, 1) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, 48, hash->len) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA512_C */
+void mbedtls_sha512(data_t *src_str, data_t *hash)
+{
+    unsigned char output[129];
+
+    memset(output, 0x00, 129);
+
+
+    TEST_ASSERT(mbedtls_sha512_ret(src_str->x, src_str->len, output, 0) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, 64, hash->len) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA1_C:MBEDTLS_SELF_TEST */
+void sha1_selftest()
+{
+    TEST_ASSERT(mbedtls_sha1_self_test(1) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_SELF_TEST */
+void sha256_selftest()
+{
+    TEST_ASSERT(mbedtls_sha256_self_test(1) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA512_C:MBEDTLS_SELF_TEST */
+void sha512_selftest()
+{
+    TEST_ASSERT(mbedtls_sha512_self_test(1) == 0);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ssl.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ssl.data
similarity index 86%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ssl.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ssl.data
index 6e653ff..c238642 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_ssl.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ssl.data
@@ -101,45 +101,59 @@ Test moving clients handshake to state: SERVER_HELLO
 move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_HELLO:1
 
 Test moving clients handshake to state: SERVER_CERTIFICATE
+depends_on:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_CERTIFICATE:1
 
 Test moving clients handshake to state: SERVER_KEY_EXCHANGE
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_KEY_EXCHANGE:1
 
 Test moving clients handshake to state: CERTIFICATE_REQUEST
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_CERTIFICATE_REQUEST:1
 
 Test moving clients handshake to state: SERVER_HELLO_DONE
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_HELLO_DONE:1
 
 Test moving clients handshake to state: CLIENT_CERTIFICATE
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_CLIENT_CERTIFICATE:1
 
 Test moving clients handshake to state: CLIENT_KEY_EXCHANGE
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_CLIENT_KEY_EXCHANGE:1
 
 Test moving clients handshake to state: CERTIFICATE_VERIFY
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_CERTIFICATE_VERIFY:1
 
 Test moving clients handshake to state: CLIENT_CHANGE_CIPHER_SPEC
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC:1
 
 Test moving clients handshake to state: CLIENT_FINISHED
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_CLIENT_FINISHED:1
 
 Test moving clients handshake to state: SERVER_CHANGE_CIPHER_SPEC
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC:1
 
 Test moving clients handshake to state: SERVER_FINISHED
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_FINISHED:1
 
 Test moving clients handshake to state: FLUSH_BUFFERS
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_FLUSH_BUFFERS:1
 
 Test moving clients handshake to state: HANDSHAKE_WRAPUP
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_HANDSHAKE_WRAPUP:1
 
 Test moving clients handshake to state: HANDSHAKE_OVER
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_HANDSHAKE_OVER:1
 
 Test moving servers handshake to state: HELLO_REQUEST
@@ -149,48 +163,63 @@ Test moving servers handshake to state: CLIENT_HELLO
 move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CLIENT_HELLO:1
 
 Test moving servers handshake to state: SERVER_HELLO
+depends_on:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_HELLO:1
 
 Test moving servers handshake to state: SERVER_CERTIFICATE
+depends_on:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_CERTIFICATE:1
 
 Test moving servers handshake to state: SERVER_KEY_EXCHANGE
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_KEY_EXCHANGE:1
 
 Test moving servers handshake to state: CERTIFICATE_REQUEST
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CERTIFICATE_REQUEST:1
 
 Test moving servers handshake to state: SERVER_HELLO_DONE
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_HELLO_DONE:1
 
 Test moving servers handshake to state: CLIENT_CERTIFICATE
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CLIENT_CERTIFICATE:1
 
 Test moving servers handshake to state: CLIENT_KEY_EXCHANGE
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CLIENT_KEY_EXCHANGE:1
 
 Test moving servers handshake to state: CERTIFICATE_VERIFY
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CERTIFICATE_VERIFY:1
 
 Test moving servers handshake to state: CLIENT_CHANGE_CIPHER_SPEC
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC:1
 
 Test moving servers handshake to state: CLIENT_FINISHED
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CLIENT_FINISHED:1
 
 Test moving servers handshake to state: SERVER_CHANGE_CIPHER_SPEC
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC:1
 
 Test moving servers handshake to state: SERVER_FINISHED
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_FINISHED:1
 
 Test moving servers handshake to state: FLUSH_BUFFERS
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_FLUSH_BUFFERS:1
 
 Test moving servers handshake to state: HANDSHAKE_WRAPUP
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_HANDSHAKE_WRAPUP:1
 
 Test moving servers handshake to state: HANDSHAKE_OVER
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_HANDSHAKE_OVER:1
 
 Negative test moving clients ssl to state: VERIFY_REQUEST_SENT
@@ -200,19 +229,19 @@ Negative test moving servers ssl to state: NEW_SESSION_TICKET
 move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET:0
 
 Handshake, SSL3
-depends_on:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+depends_on:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 handshake_version:0:MBEDTLS_SSL_MINOR_VERSION_0:MBEDTLS_SSL_MINOR_VERSION_0:MBEDTLS_SSL_MINOR_VERSION_0:MBEDTLS_SSL_MINOR_VERSION_0:MBEDTLS_SSL_MINOR_VERSION_0
 
 Handshake, tls1
-depends_on:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 handshake_version:0:MBEDTLS_SSL_MINOR_VERSION_1:MBEDTLS_SSL_MINOR_VERSION_1:MBEDTLS_SSL_MINOR_VERSION_1:MBEDTLS_SSL_MINOR_VERSION_1:MBEDTLS_SSL_MINOR_VERSION_1
 
 Handshake, tls1_1
-depends_on:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 handshake_version:0:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2
 
 Handshake, tls1_2
-depends_on:MBEDTLS_SSL_PROTO_TLS1_2
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 handshake_version:0:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3
 
 Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384
@@ -220,31 +249,31 @@ depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_
 handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:0
 
 Handshake, RSA-WITH-AES-128-CCM
-depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
 handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:0
 
 Handshake, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
 handshake_cipher:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:0
 
 Handshake, ECDHE-ECDSA-WITH-AES-256-CCM
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:0
 
 Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
 handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:0
 
 Handshake, PSK-WITH-AES-128-CBC-SHA
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
 handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":0
 
 DTLS Handshake, tls1_1
-depends_on:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_SSL_PROTO_DTLS
+depends_on:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 handshake_version:1:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2
 
 DTLS Handshake, tls1_2
-depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_PROTO_DTLS
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 handshake_version:1:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3
 
 DTLS Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384
@@ -252,23 +281,23 @@ depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_
 handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:1
 
 DTLS Handshake, RSA-WITH-AES-128-CCM
-depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS
+depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
 handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:1
 
 DTLS Handshake, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS
+depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
 handshake_cipher:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:1
 
 DTLS Handshake, ECDHE-ECDSA-WITH-AES-256-CCM
-depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:1
 
 DTLS Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
 handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:1
 
 DTLS Handshake, PSK-WITH-AES-128-CBC-SHA
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SHA1_C:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
 handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":1
 
 DTLS Handshake with serialization, tls1_2
@@ -282,7 +311,7 @@ DTLS Handshake fragmentation, MFL=1024
 handshake_fragmentation:MBEDTLS_SSL_MAX_FRAG_LEN_1024:0:1
 
 Handshake min/max version check, all -> 1.2
-depends_on:MBEDTLS_SSL_PROTO_TLS1_2
+depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
 handshake_version:0:TEST_SSL_MINOR_VERSION_NONE:TEST_SSL_MINOR_VERSION_NONE:TEST_SSL_MINOR_VERSION_NONE:TEST_SSL_MINOR_VERSION_NONE:MBEDTLS_SSL_MINOR_VERSION_3
 
 Handshake min/max version check, cli max 1.1 -> 1.1
@@ -495,99 +524,99 @@ depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384"
 
 DTLS no legacy renegotiation with MFL=512, RSA-WITH-AES-128-CCM
-depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
 
 DTLS no legacy renegotiation with MFL=1024, RSA-WITH-AES-128-CCM
-depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
 
 DTLS no legacy renegotiation with MFL=2048, RSA-WITH-AES-128-CCM
-depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
 
 DTLS no legacy renegotiation with MFL=4096, RSA-WITH-AES-128-CCM
-depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
 
 DTLS legacy allow renegotiation with MFL=512, RSA-WITH-AES-128-CCM
-depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
 
 DTLS legacy allow renegotiation with MFL=1024, RSA-WITH-AES-128-CCM
-depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
 
 DTLS legacy allow renegotiation with MFL=2048, RSA-WITH-AES-128-CCM
-depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
 
 DTLS legacy allow renegotiation with MFL=4096, RSA-WITH-AES-128-CCM
-depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
 
 DTLS legacy break handshake renegotiation with MFL=512, RSA-WITH-AES-128-CCM
-depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM"
 
 DTLS legacy break handshake renegotiation with MFL=1024, RSA-WITH-AES-128-CCM
-depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM"
 
 DTLS legacy break handshake renegotiation with MFL=2048, RSA-WITH-AES-128-CCM
-depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM"
 
 DTLS legacy break handshake renegotiation with MFL=4096, RSA-WITH-AES-128-CCM
-depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C
+depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM"
 
 DTLS no legacy renegotiation with MFL=512, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
 
 DTLS no legacy renegotiation with MFL=1024, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
 
 DTLS no legacy renegotiation with MFL=2048, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
 
 DTLS no legacy renegotiation with MFL=4096, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
 
 DTLS legacy allow renegotiation with MFL=512, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
 
 DTLS legacy allow renegotiation with MFL=1024, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
 
 DTLS legacy allow renegotiation with MFL=2048, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
 
 DTLS legacy allow renegotiation with MFL=4096, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
 
 DTLS legacy break handshake renegotiation with MFL=512, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
 
 DTLS legacy break handshake renegotiation with MFL=1024, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
 
 DTLS legacy break handshake renegotiation with MFL=2048, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
 
 DTLS legacy break handshake renegotiation with MFL=4096, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
 
 SSL DTLS replay: initial state, seqnum 0
@@ -617,7 +646,7 @@ ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12350000":0
 SSL DTLS replay: delayed
 ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12340002":0
 
-SSL DTLS replay: lastest replayed
+SSL DTLS replay: last replayed
 ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12340003":-1
 
 SSL DTLS replay: older replayed
@@ -3830,358 +3859,6 @@ Record crypt, CAMELLIA-256-CBC, SSL3, MD5, short tag, EtM
 depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0
 
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-384
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-384, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-384, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-384, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-256, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-256, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-256, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-1
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-1, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-1, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-1, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, MD5
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, MD5, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, MD5, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, MD5, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-384
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-384, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-384, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-384, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-256, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-256, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-256, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-1
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-1, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-1, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-1, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, MD5
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, MD5, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, MD5, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, MD5, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, SSL3, SHA-1
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_0:0:0
-
-Record crypt, BLOWFISH-CBC, SSL3, SHA-1, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_0:0:0
-
-Record crypt, BLOWFISH-CBC, SSL3, SHA-1, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0
-
-Record crypt, BLOWFISH-CBC, SSL3, SHA-1, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0
-
-Record crypt, BLOWFISH-CBC, SSL3, MD5
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_0:0:0
-
-Record crypt, BLOWFISH-CBC, SSL3, MD5, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_0:0:0
-
-Record crypt, BLOWFISH-CBC, SSL3, MD5, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0
-
-Record crypt, BLOWFISH-CBC, SSL3, MD5, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0
-
 Record crypt, AES-128-GCM, 1.2
 depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C
 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
@@ -8262,358 +7939,6 @@ Record crypt, little space, CAMELLIA-256-CBC, SSL3, MD5, short tag, EtM
 depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0
 
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-1
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-1, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-1, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-1, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, MD5
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, MD5, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, MD5, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, MD5, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-1
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-1, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-1, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-1, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, MD5
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, MD5, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, MD5, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, MD5, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, SSL3, SHA-1
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_0:0:0
-
-Record crypt, little space, BLOWFISH-CBC, SSL3, SHA-1, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_0:0:0
-
-Record crypt, little space, BLOWFISH-CBC, SSL3, SHA-1, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0
-
-Record crypt, little space, BLOWFISH-CBC, SSL3, SHA-1, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0
-
-Record crypt, little space, BLOWFISH-CBC, SSL3, MD5
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_0:0:0
-
-Record crypt, little space, BLOWFISH-CBC, SSL3, MD5, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_0:0:0
-
-Record crypt, little space, BLOWFISH-CBC, SSL3, MD5, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0
-
-Record crypt, little space, BLOWFISH-CBC, SSL3, MD5, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0
-
 Record crypt, little space, AES-128-GCM, 1.2
 depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C
 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
@@ -9374,1110 +8699,100 @@ Record crypt, little space, NULL cipher, SSL3, MD5, short tag, EtM
 depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
 ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0
 
-Decrypt CBC !EtM, AES MD5 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:-1
-
-Decrypt CBC !EtM, AES MD5 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:-2
-
-Decrypt CBC !EtM, AES MD5 trunc, empty plaintext, minpad
-depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:-1
-
-Decrypt CBC !EtM, AES MD5 trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:-2
-
-Decrypt CBC !EtM, AES MD5 !trunc, padlen=0
-depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0
-
-Decrypt CBC !EtM, AES MD5 !trunc, padlen=240
-depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:240
-
-Decrypt CBC !EtM, AES MD5 trunc, padlen=0
-depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0
-
-Decrypt CBC !EtM, AES MD5 trunc, padlen=240
-depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:240
-
-Decrypt CBC !EtM, AES MD5 !trunc, padlen=1
-depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:1
-
-Decrypt CBC !EtM, AES MD5 !trunc, padlen=241
-depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:241
-
-Decrypt CBC !EtM, AES MD5 trunc, padlen=1
-depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:1
-
-Decrypt CBC !EtM, AES MD5 trunc, padlen=241
-depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:241
-
-Decrypt CBC !EtM, AES MD5 !trunc, padlen=15
-depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:15
-
-Decrypt CBC !EtM, AES MD5 !trunc, padlen=255
-depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:255
-
-Decrypt CBC !EtM, AES MD5 trunc, padlen=15
-depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:15
-
-Decrypt CBC !EtM, AES MD5 trunc, padlen=255
-depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:255
-
-Decrypt CBC !EtM, AES SHA1 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:-1
-
-Decrypt CBC !EtM, AES SHA1 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:-2
-
-Decrypt CBC !EtM, AES SHA1 trunc, empty plaintext, minpad
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:-1
-
-Decrypt CBC !EtM, AES SHA1 trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:-2
-
-Decrypt CBC !EtM, AES SHA1 !trunc, padlen=0
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0
-
-Decrypt CBC !EtM, AES SHA1 !trunc, padlen=240
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:240
-
-Decrypt CBC !EtM, AES SHA1 trunc, padlen=0
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0
-
-Decrypt CBC !EtM, AES SHA1 trunc, padlen=240
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:240
-
-Decrypt CBC !EtM, AES SHA1 !trunc, padlen=1
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:1
-
-Decrypt CBC !EtM, AES SHA1 !trunc, padlen=241
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:241
-
-Decrypt CBC !EtM, AES SHA1 trunc, padlen=1
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:1
-
-Decrypt CBC !EtM, AES SHA1 trunc, padlen=241
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:241
-
-Decrypt CBC !EtM, AES SHA1 !trunc, padlen=15
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:15
-
-Decrypt CBC !EtM, AES SHA1 !trunc, padlen=255
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:255
-
-Decrypt CBC !EtM, AES SHA1 trunc, padlen=15
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:15
-
-Decrypt CBC !EtM, AES SHA1 trunc, padlen=255
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:255
-
-Decrypt CBC !EtM, AES SHA256 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:-1
-
-Decrypt CBC !EtM, AES SHA256 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:-2
-
-Decrypt CBC !EtM, AES SHA256 trunc, empty plaintext, minpad
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:-1
-
-Decrypt CBC !EtM, AES SHA256 trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:-2
-
-Decrypt CBC !EtM, AES SHA256 !trunc, padlen=0
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0
-
-Decrypt CBC !EtM, AES SHA256 !trunc, padlen=240
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:240
-
-Decrypt CBC !EtM, AES SHA256 trunc, padlen=0
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0
-
-Decrypt CBC !EtM, AES SHA256 trunc, padlen=240
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:240
-
-Decrypt CBC !EtM, AES SHA256 !trunc, padlen=1
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:1
-
-Decrypt CBC !EtM, AES SHA256 !trunc, padlen=241
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:241
-
-Decrypt CBC !EtM, AES SHA256 trunc, padlen=1
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:1
-
-Decrypt CBC !EtM, AES SHA256 trunc, padlen=241
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:241
-
-Decrypt CBC !EtM, AES SHA256 !trunc, padlen=15
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:15
-
-Decrypt CBC !EtM, AES SHA256 !trunc, padlen=255
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:255
-
-Decrypt CBC !EtM, AES SHA256 trunc, padlen=15
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:15
-
-Decrypt CBC !EtM, AES SHA256 trunc, padlen=255
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:255
-
-Decrypt CBC !EtM, AES SHA384 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:-1
-
-Decrypt CBC !EtM, AES SHA384 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:-2
-
-Decrypt CBC !EtM, AES SHA384 trunc, empty plaintext, minpad
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:-1
-
-Decrypt CBC !EtM, AES SHA384 trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:-2
-
-Decrypt CBC !EtM, AES SHA384 !trunc, padlen=0
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0
-
-Decrypt CBC !EtM, AES SHA384 !trunc, padlen=240
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:240
-
-Decrypt CBC !EtM, AES SHA384 trunc, padlen=0
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0
-
-Decrypt CBC !EtM, AES SHA384 trunc, padlen=240
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:240
-
-Decrypt CBC !EtM, AES SHA384 !trunc, padlen=1
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1
-
-Decrypt CBC !EtM, AES SHA384 !trunc, padlen=241
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:241
-
-Decrypt CBC !EtM, AES SHA384 trunc, padlen=1
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:1
-
-Decrypt CBC !EtM, AES SHA384 trunc, padlen=241
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:241
-
-Decrypt CBC !EtM, AES SHA384 !trunc, padlen=15
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:15
-
-Decrypt CBC !EtM, AES SHA384 !trunc, padlen=255
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:255
-
-Decrypt CBC !EtM, AES SHA384 trunc, padlen=15
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:15
-
-Decrypt CBC !EtM, AES SHA384 trunc, padlen=255
-depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:255
-
-Decrypt CBC !EtM, ARIA MD5 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:-1
-
-Decrypt CBC !EtM, ARIA MD5 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:-2
-
-Decrypt CBC !EtM, ARIA MD5 trunc, empty plaintext, minpad
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:-1
-
-Decrypt CBC !EtM, ARIA MD5 trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:-2
-
-Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=0
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0
-
-Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=240
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:240
-
-Decrypt CBC !EtM, ARIA MD5 trunc, padlen=0
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0
-
-Decrypt CBC !EtM, ARIA MD5 trunc, padlen=240
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:240
-
-Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=1
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:1
-
-Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=241
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:241
-
-Decrypt CBC !EtM, ARIA MD5 trunc, padlen=1
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:1
-
-Decrypt CBC !EtM, ARIA MD5 trunc, padlen=241
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:241
-
-Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=15
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:15
-
-Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=255
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:255
-
-Decrypt CBC !EtM, ARIA MD5 trunc, padlen=15
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:15
-
-Decrypt CBC !EtM, ARIA MD5 trunc, padlen=255
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:255
-
-Decrypt CBC !EtM, ARIA SHA1 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:-1
-
-Decrypt CBC !EtM, ARIA SHA1 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:-2
-
-Decrypt CBC !EtM, ARIA SHA1 trunc, empty plaintext, minpad
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:-1
-
-Decrypt CBC !EtM, ARIA SHA1 trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:-2
-
-Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=0
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0
-
-Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=240
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:240
-
-Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=0
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0
-
-Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=240
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:240
-
-Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=1
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:1
-
-Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=241
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:241
-
-Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=1
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:1
-
-Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=241
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:241
-
-Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=15
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:15
-
-Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=255
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:255
-
-Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=15
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:15
-
-Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=255
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:255
-
-Decrypt CBC !EtM, ARIA SHA256 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:-1
-
-Decrypt CBC !EtM, ARIA SHA256 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:-2
-
-Decrypt CBC !EtM, ARIA SHA256 trunc, empty plaintext, minpad
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:-1
-
-Decrypt CBC !EtM, ARIA SHA256 trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:-2
-
-Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=0
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0
-
-Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=240
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:240
-
-Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=0
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0
-
-Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=240
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:240
-
-Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=1
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:1
-
-Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=241
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:241
-
-Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=1
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:1
-
-Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=241
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:241
-
-Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=15
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:15
-
-Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=255
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:255
-
-Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=15
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:15
-
-Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=255
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:255
-
-Decrypt CBC !EtM, ARIA SHA384 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:-1
-
-Decrypt CBC !EtM, ARIA SHA384 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:-2
-
-Decrypt CBC !EtM, ARIA SHA384 trunc, empty plaintext, minpad
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:-1
-
-Decrypt CBC !EtM, ARIA SHA384 trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:-2
-
-Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=0
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0
-
-Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=240
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:240
-
-Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=0
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0
-
-Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=240
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:240
-
-Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=1
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1
-
-Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=241
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:241
-
-Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=1
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:1
-
-Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=241
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:241
-
-Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=15
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:15
-
-Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=255
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:255
-
-Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=15
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:15
-
-Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=255
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:255
-
-Decrypt CBC !EtM, CAMELLIA MD5 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:-1
-
-Decrypt CBC !EtM, CAMELLIA MD5 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:-2
-
-Decrypt CBC !EtM, CAMELLIA MD5 trunc, empty plaintext, minpad
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:-1
-
-Decrypt CBC !EtM, CAMELLIA MD5 trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:-2
-
-Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=0
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0
-
-Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=240
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:240
-
-Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=0
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0
-
-Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=240
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:240
-
-Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=1
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:1
-
-Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=241
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:241
-
-Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=1
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:1
-
-Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=241
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:241
-
-Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=15
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:15
-
-Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=255
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:255
-
-Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=15
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:15
-
-Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=255
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:255
-
-Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:-1
-
-Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:-2
-
-Decrypt CBC !EtM, CAMELLIA SHA1 trunc, empty plaintext, minpad
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:-1
-
-Decrypt CBC !EtM, CAMELLIA SHA1 trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:-2
-
-Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=0
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0
-
-Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=240
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:240
-
-Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=0
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0
-
-Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=240
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:240
-
-Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=1
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:1
-
-Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=241
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:241
-
-Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=1
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:1
-
-Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=241
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:241
-
-Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=15
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:15
-
-Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=255
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:255
-
-Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=15
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:15
-
-Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=255
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:255
-
-Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:-1
-
-Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:-2
-
-Decrypt CBC !EtM, CAMELLIA SHA256 trunc, empty plaintext, minpad
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:-1
-
-Decrypt CBC !EtM, CAMELLIA SHA256 trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:-2
-
-Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=0
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0
-
-Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=240
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:240
-
-Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=0
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0
-
-Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=240
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:240
-
-Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=1
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:1
-
-Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=241
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:241
-
-Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=1
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:1
-
-Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=241
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:241
-
-Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=15
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:15
-
-Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=255
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:255
-
-Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=15
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:15
-
-Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=255
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:255
-
-Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:-1
-
-Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:-2
-
-Decrypt CBC !EtM, CAMELLIA SHA384 trunc, empty plaintext, minpad
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:-1
-
-Decrypt CBC !EtM, CAMELLIA SHA384 trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:-2
-
-Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=0
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0
-
-Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=240
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:240
-
-Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=0
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0
-
-Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=240
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:240
-
-Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=1
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1
-
-Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=241
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:241
-
-Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=1
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:1
-
-Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=241
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:241
-
-Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=15
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:15
-
-Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=255
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:255
-
-Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=15
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:15
-
-Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=255
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:255
-
-Decrypt CBC !EtM, 3DES MD5 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:-1
-
-Decrypt CBC !EtM, 3DES MD5 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:-2
-
-Decrypt CBC !EtM, 3DES MD5 trunc, empty plaintext, minpad
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:-1
-
-Decrypt CBC !EtM, 3DES MD5 trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:-2
-
-Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=0
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:0
-
-Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=248
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:248
-
-Decrypt CBC !EtM, 3DES MD5 trunc, padlen=0
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:0
-
-Decrypt CBC !EtM, 3DES MD5 trunc, padlen=248
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:248
-
-Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=1
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:1
-
-Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=249
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:249
-
-Decrypt CBC !EtM, 3DES MD5 trunc, padlen=1
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:1
-
-Decrypt CBC !EtM, 3DES MD5 trunc, padlen=249
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:249
-
-Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=7
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:7
-
-Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=255
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:255
-
-Decrypt CBC !EtM, 3DES MD5 trunc, padlen=7
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:7
-
-Decrypt CBC !EtM, 3DES MD5 trunc, padlen=255
-depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:255
-
-Decrypt CBC !EtM, 3DES SHA1 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:-1
-
-Decrypt CBC !EtM, 3DES SHA1 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:-2
-
-Decrypt CBC !EtM, 3DES SHA1 trunc, empty plaintext, minpad
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:-1
-
-Decrypt CBC !EtM, 3DES SHA1 trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:-2
-
-Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=0
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:0
-
-Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=248
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:248
-
-Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=0
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:0
-
-Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=248
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:248
-
-Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=1
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:1
-
-Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=249
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:249
-
-Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=1
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:1
-
-Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=249
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:249
-
-Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=7
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:7
-
-Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=255
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:255
-
-Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=7
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:7
-
-Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=255
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:255
-
-Decrypt CBC !EtM, 3DES SHA256 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:-1
-
-Decrypt CBC !EtM, 3DES SHA256 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:-2
-
-Decrypt CBC !EtM, 3DES SHA256 trunc, empty plaintext, minpad
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:-1
-
-Decrypt CBC !EtM, 3DES SHA256 trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:-2
-
-Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=0
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:0
-
-Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=248
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:248
-
-Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=0
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:0
-
-Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=248
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:248
-
-Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=1
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:1
-
-Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=249
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:249
-
-Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=1
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:1
-
-Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=249
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:249
-
-Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=7
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:7
-
-Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=255
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:255
-
-Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=7
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:7
-
-Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=255
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:255
-
-Decrypt CBC !EtM, 3DES SHA384 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:-1
-
-Decrypt CBC !EtM, 3DES SHA384 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:-2
-
-Decrypt CBC !EtM, 3DES SHA384 trunc, empty plaintext, minpad
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:-1
-
-Decrypt CBC !EtM, 3DES SHA384 trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:-2
-
-Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=0
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:0
-
-Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=248
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:248
-
-Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=0
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:0
-
-Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=248
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:248
-
-Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=1
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:1
-
-Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=249
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:249
-
-Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=1
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:1
-
-Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=249
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:249
-
-Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=7
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:7
-
-Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=255
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:255
-
-Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=7
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:7
-
-Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=255
-depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:255
-
 SSL TLS 1.3 Key schedule: Secret evolution #1
 # Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
 # Initial secret to Early Secret
-depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL:MBEDTLS_SHA256_C
 ssl_tls1_3_key_evolution:MBEDTLS_MD_SHA256:"":"":"33ad0a1c607ec03b09e6cd9893680ce210adf300aa1f2660e1b22e10f170f92a"
 
 SSL TLS 1.3 Key schedule: Secret evolution #2
 # Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
 # Early secret to Handshake Secret
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECP_C
 ssl_tls1_3_key_evolution:MBEDTLS_MD_SHA256:"33ad0a1c607ec03b09e6cd9893680ce210adf300aa1f2660e1b22e10f170f92a":"df4a291baa1eb7cfa6934b29b474baad2697e29f1f920dcc77c8a0a088447624":"fb9fc80689b3a5d02c33243bf69a1b1b20705588a794304a6e7120155edf149a"
 
 SSL TLS 1.3 Key schedule: Secret evolution #3
 # Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
 # Handshake secret to Master Secret
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECP_C
 ssl_tls1_3_key_evolution:MBEDTLS_MD_SHA256:"fb9fc80689b3a5d02c33243bf69a1b1b20705588a794304a6e7120155edf149a":"":"7f2882bb9b9a46265941653e9c2f19067118151e21d12e57a7b6aca1f8150c8d"
 
 SSL TLS 1.3 Key schedule: HKDF Expand Label #1
 # Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
 # Server handshake traffic secret -> Server traffic key
 # HKDF-Expand-Label(server_handshake_secret, "key", "", 16)
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":tls1_3_label_key:"":16:"844780a7acad9f980fa25c114e43402a"
 
 SSL TLS 1.3 Key schedule: HKDF Expand Label #2
 # Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
 # Server handshake traffic secret -> Server traffic IV
 # HKDF-Expand-Label(server_handshake_secret, "iv", "", 12)
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":tls1_3_label_iv:"":12:"4c042ddc120a38d1417fc815"
 
 SSL TLS 1.3 Key schedule: HKDF Expand Label #3
 # Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
 # Client handshake traffic secret -> Client traffic key
 # HKDF-Expand-Label(client_handshake_secret, "key", "", 16)
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":tls1_3_label_key:"":16:"7154f314e6be7dc008df2c832baa1d39"
 
 SSL TLS 1.3 Key schedule: HKDF Expand Label #4
 # Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
 # Client handshake traffic secret -> Client traffic IV
 # HKDF-Expand-Label(client_handshake_secret, "iv", "", 12)
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":tls1_3_label_iv:"":12:"71abc2cae4c699d47c600268"
 
 SSL TLS 1.3 Key schedule: HKDF Expand Label #5 (RFC 8448)
 # Vector from RFC 8448
 # Server handshake traffic secret -> Server traffic IV
 # HKDF-Expand-Label(server_handshake_secret, "iv", "", 12)
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"b67b7d690cc16c4e75e54213cb2d37b4e9c912bcded9105d42befd59d391ad38":tls1_3_label_iv:"":12:"5d313eb2671276ee13000b30"
 
 SSL TLS 1.3 Key schedule: HKDF Expand Label #6 (RFC 8448)
 # Vector from RFC 8448
 # Server handshake traffic secret -> Server traffic Key
 # HKDF-Expand-Label(server_handshake_secret, "key", "", 16)
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"b67b7d690cc16c4e75e54213cb2d37b4e9c912bcded9105d42befd59d391ad38":tls1_3_label_key:"":16:"3fce516009c21727d0f2e4e86ee403bc"
 
 SSL TLS 1.3 Key schedule: HKDF Expand Label #7 (RFC 8448)
 # Vector from RFC 8448
 # Client handshake traffic secret -> Client traffic IV
 # HKDF-Expand-Label(client_handshake_secret, "iv", "", 12)
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"b3eddb126e067f35a780b3abf45e2d8f3b1a950738f52e9600746a0e27a55a21":tls1_3_label_iv:"":12:"5bd3c71b836e0b76bb73265f"
 
 SSL TLS 1.3 Key schedule: HKDF Expand Label #8 (RFC 8448)
 # Vector from RFC 8448
 # Client handshake traffic secret -> Client traffic Key
 # HKDF-Expand-Label(client_handshake_secret, "key", "", 16)
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"b3eddb126e067f35a780b3abf45e2d8f3b1a950738f52e9600746a0e27a55a21":tls1_3_label_key:"":16:"dbfaa693d1762c5b666af5d950258d01"
 
 SSL TLS 1.3 Key schedule: HKDF Expand Label #9 (RFC 8448)
 # Calculation of finished_key
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f":tls1_3_label_finished:"":32:"5ace394c26980d581243f627d1150ae27e37fa52364e0a7f20ac686d09cd0e8e"
 
 SSL TLS 1.3 Key schedule: HKDF Expand Label #10 (RFC 8448)
 # Calculation of resumption key
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"7df235f2031d2a051287d02b0241b0bfdaf86cc856231f2d5aba46c434ec196c":tls1_3_label_resumption:"0000":32:"4ecd0eb6ec3b4d87f5d6028f922ca4c5851a277fd41311c9e62d2c9492e1c4f3"
 
 SSL TLS 1.3 Key schedule: Traffic key generation #1
 # Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
 # Client/Server handshake traffic secrets -> Client/Server traffic {Key,IV}
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_traffic_key_generation:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":12:16:"844780a7acad9f980fa25c114e43402a":"4c042ddc120a38d1417fc815":"7154f314e6be7dc008df2c832baa1d39":"71abc2cae4c699d47c600268"
 
 SSL TLS 1.3 Key schedule: Traffic key generation #2 (RFC 8448)
 # Vector RFC 8448
 # Client/Server handshake traffic secrets -> Client/Server traffic {Key,IV}
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_traffic_key_generation:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":12:16:"844780a7acad9f980fa25c114e43402a":"4c042ddc120a38d1417fc815":"7154f314e6be7dc008df2c832baa1d39":"71abc2cae4c699d47c600268"
 
 SSL TLS 1.3 Key schedule: Derive-Secret( ., "derived", "")
@@ -10485,44 +8800,54 @@ SSL TLS 1.3 Key schedule: Derive-Secret( ., "derived", "")
 # Derive-Secret( Early-Secret, "derived", "")
 # Tests the case where context isn't yet hashed (empty string here,
 # but still needs to be hashed)
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"33ad0a1c607ec03b09e6cd9893680ce210adf300aa1f2660e1b22e10f170f92a":tls1_3_label_derived:"":32:MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED:"6f2615a108c702c5678f54fc9dbab69716c076189c48250cebeac3576c3611ba"
 
 SSL TLS 1.3 Key schedule: Derive-Secret( ., "s ap traffic", hash) #1
 # Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
 # Derive-Secret( MasterSecret, "s ap traffic", hash)
 # Tests the case where context is already hashed
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"7f2882bb9b9a46265941653e9c2f19067118151e21d12e57a7b6aca1f8150c8d":tls1_3_label_s_ap_traffic:"22844b930e5e0a59a09d5ac35fc032fc91163b193874a265236e568077378d8b":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"3fc35ea70693069a277956afa23b8f4543ce68ac595f2aace05cd7a1c92023d5"
 
 SSL TLS 1.3 Key schedule: Derive-Secret( ., "c e traffic", hash)
 # Vector from RFC 8448
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"9b2188e9b2fc6d64d71dc329900e20bb41915000f678aa839cbb797cb7d8332c":tls1_3_label_c_e_traffic:"08ad0fa05d7c7233b1775ba2ff9f4c5b8b59276b7f227f13a976245f5d960913":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"3fbbe6a60deb66c30a32795aba0eff7eaa10105586e7be5c09678d63b6caab62"
 
 SSL TLS 1.3 Key schedule: Derive-Secret( ., "e exp master", hash)
 # Vector from RFC 8448
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"9b2188e9b2fc6d64d71dc329900e20bb41915000f678aa839cbb797cb7d8332c":tls1_3_label_e_exp_master:"08ad0fa05d7c7233b1775ba2ff9f4c5b8b59276b7f227f13a976245f5d960913":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"b2026866610937d7423e5be90862ccf24c0e6091186d34f812089ff5be2ef7df"
 
 SSL TLS 1.3 Key schedule: Derive-Secret( ., "c hs traffic", hash)
 # Vector from RFC 8448
-ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls1_3_label_c_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03"::32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f"
+depends_on:MBEDTLS_SHA256_C
+ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls1_3_label_c_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f"
 
 SSL TLS 1.3 Key schedule: Derive-Secret( ., "s hs traffic", hash)
 # Vector from RFC 8448
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls1_3_label_s_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"fe927ae271312e8bf0275b581c54eef020450dc4ecffaa05a1a35d27518e7803"
 
 SSL TLS 1.3 Key schedule: Derive-Secret( ., "c ap traffic", hash)
 # Vector from RFC 8448
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_c_ap_traffic:"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2abbf2b8e381d23dbebe1dd2a7d16a8bf484cb4950d23fb7fb7fa8547062d9a1"
 
 SSL TLS 1.3 Key schedule: Derive-Secret( ., "s ap traffic", hash) #2
 # Vector from RFC 8448
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_s_ap_traffic:"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"cc21f1bf8feb7dd5fa505bd9c4b468a9984d554a993dc49e6d285598fb672691"
 
 SSL TLS 1.3 Key schedule: Derive-Secret( ., "exp master", hash)
 # Vector from RFC 8448
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_exp_master:"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"3fd93d4ffddc98e64b14dd107aedf8ee4add23f4510f58a4592d0b201bee56b4"
 
 SSL TLS 1.3 Key schedule: Derive-Secret( ., "res master", hash)
 # Vector from RFC 8448
+depends_on:MBEDTLS_SHA256_C
 ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_res_master:"c3c122e0bd907a4a3ff6112d8fd53dbf89c773d9552e8b6b9d56d361b3a97bf6":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"5e95bdf1f89005ea2e9aa0ba85e728e3c19c5fe0c699e3f5bee59faebd0b5406"
 
 SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_NONE
@@ -10656,30 +8981,28 @@ Session serialization, load buffer size: large ticket, cert
 depends_on:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_FS_IO
 ssl_serialize_session_load_buf_size:1023:"data_files/server5.crt"
 
-Constant-flow HMAC: MD5
-depends_on:MBEDTLS_MD5_C
-ssl_cf_hmac:MBEDTLS_MD_MD5
+Raw key agreement: nominal
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+raw_key_agreement_fail:0
 
-Constant-flow HMAC: SHA1
-depends_on:MBEDTLS_SHA1_C
-ssl_cf_hmac:MBEDTLS_MD_SHA1
+Raw key agreement: bad server key
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+raw_key_agreement_fail:1
 
-Constant-flow HMAC: SHA256
-depends_on:MBEDTLS_SHA256_C
-ssl_cf_hmac:MBEDTLS_MD_SHA256
+Cookie parsing: nominal run
+cookie_parsing:"16fefd0000000000000000002F010000de000000000000011efefd7b7272727272727272727272727272727272727272727272727272727272727d00200000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_SSL_INTERNAL_ERROR
+
+Cookie parsing: cookie_len overflow
+cookie_parsing:"16fefd000000000000000000ea010000de000000000000011efefd7b7272727272727272727272727272727272727272727272727272727272727db97b7373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737db963":MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO
 
-Constant-flow HMAC: SHA384
-depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-ssl_cf_hmac:MBEDTLS_MD_SHA384
+Cookie parsing: non-zero fragment offset
+cookie_parsing:"16fefd00000000000000000032010000de000072000000011efefd7b7272727272727272727272727272727272727272727272727272727272727d01730143":MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO
 
-# these are the numbers we'd get with an empty plaintext and truncated HMAC
-Constant-flow memcpy from offset: small
-ssl_cf_memcpy_offset:0:5:10
+Cookie parsing: sid_len overflow
+cookie_parsing:"16fefd00000000000000000032010000de000000000000011efefd7b7272727272727272727272727272727272727272727272727272727272727dFF730143":MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO
 
-# we could get this with 255-bytes plaintext and untruncated SHA-256
-Constant-flow memcpy from offset: medium
-ssl_cf_memcpy_offset:0:255:32
+Cookie parsing: record too short
+cookie_parsing:"16fefd0000000000000000002f010000de000000000000011efefd7b7272727272727272727272727272727272727272727272727272727272727dFF":MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO
 
-# we could get this with 255-bytes plaintext and untruncated SHA-384
-Constant-flow memcpy from offset: large
-ssl_cf_memcpy_offset:100:339:48
+Cookie parsing: one byte overread
+cookie_parsing:"16fefd0000000000000000002F010000de000000000000011efefd7b7272727272727272727272727272727272727272727272727272727272727d0001":MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ssl.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ssl.function
new file mode 100644
index 0000000..0a35aa9
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ssl.function
@@ -0,0 +1,2294 @@
+/* BEGIN_HEADER */
+#include <test/ssl_helpers.h>
+
+#include <constant_time_internal.h>
+
+#include <test/constant_flow.h>
+
+#define SSL_MESSAGE_QUEUE_INIT      { NULL, 0, 0, 0 }
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_SSL_TLS_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void test_callback_buffer_sanity()
+{
+    enum { MSGLEN = 10 };
+    mbedtls_test_ssl_buffer buf;
+    unsigned char input[MSGLEN];
+    unsigned char output[MSGLEN];
+
+    USE_PSA_INIT();
+    memset(input, 0, sizeof(input));
+
+    /* Make sure calling put and get on NULL buffer results in error. */
+    TEST_ASSERT(mbedtls_test_ssl_buffer_put(NULL, input, sizeof(input))
+                == -1);
+    TEST_ASSERT(mbedtls_test_ssl_buffer_get(NULL, output, sizeof(output))
+                == -1);
+    TEST_ASSERT(mbedtls_test_ssl_buffer_put(NULL, NULL, sizeof(input))
+                == -1);
+
+    TEST_ASSERT(mbedtls_test_ssl_buffer_put(NULL, NULL, 0) == -1);
+    TEST_ASSERT(mbedtls_test_ssl_buffer_get(NULL, NULL, 0) == -1);
+
+    /* Make sure calling put and get on a buffer that hasn't been set up results
+     * in error. */
+    mbedtls_test_ssl_buffer_init(&buf);
+
+    TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, sizeof(input))
+                == -1);
+    TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, output, sizeof(output))
+                == -1);
+    TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, sizeof(input))
+                == -1);
+
+    TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, 0) == -1);
+    TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, NULL, 0) == -1);
+
+    /* Make sure calling put and get on NULL input only results in
+     * error if the length is not zero, and that a NULL output is valid for data
+     * dropping.
+     */
+
+    TEST_ASSERT(mbedtls_test_ssl_buffer_setup(&buf, sizeof(input)) == 0);
+
+    TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, sizeof(input))
+                == -1);
+    TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, NULL, sizeof(output))
+                == 0);
+    TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, 0) == 0);
+    TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, NULL, 0) == 0);
+
+    /* Make sure calling put several times in the row is safe */
+
+    TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, sizeof(input))
+                == sizeof(input));
+    TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, output, 2) == 2);
+    TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, 1) == 1);
+    TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, 2) == 1);
+    TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, 2) == 0);
+
+
+exit:
+    mbedtls_test_ssl_buffer_free(&buf);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/*
+ * Test if the implementation of `mbedtls_test_ssl_buffer` related functions is
+ * correct and works as expected.
+ *
+ * That is
+ *  - If we try to put in \p put1 bytes then we can put in \p put1_ret bytes.
+ *  - Afterwards if we try to get \p get1 bytes then we can get \get1_ret bytes.
+ *  - Next, if we try to put in \p put1 bytes then we can put in \p put1_ret
+ *    bytes.
+ *  - Afterwards if we try to get \p get1 bytes then we can get \get1_ret bytes.
+ *  - All of the bytes we got match the bytes we put in in a FIFO manner.
+ */
+
+/* BEGIN_CASE */
+void test_callback_buffer(int size, int put1, int put1_ret,
+                          int get1, int get1_ret, int put2, int put2_ret,
+                          int get2, int get2_ret)
+{
+    enum { ROUNDS = 2 };
+    size_t put[ROUNDS];
+    int put_ret[ROUNDS];
+    size_t get[ROUNDS];
+    int get_ret[ROUNDS];
+    mbedtls_test_ssl_buffer buf;
+    unsigned char *input = NULL;
+    size_t input_len;
+    unsigned char *output = NULL;
+    size_t output_len;
+    size_t i, j, written, read;
+
+    mbedtls_test_ssl_buffer_init(&buf);
+    USE_PSA_INIT();
+    TEST_ASSERT(mbedtls_test_ssl_buffer_setup(&buf, size) == 0);
+
+    /* Check the sanity of input parameters and initialise local variables. That
+     * is, ensure that the amount of data is not negative and that we are not
+     * expecting more to put or get than we actually asked for. */
+    TEST_ASSERT(put1 >= 0);
+    put[0] = put1;
+    put_ret[0] = put1_ret;
+    TEST_ASSERT(put1_ret <= put1);
+    TEST_ASSERT(put2 >= 0);
+    put[1] = put2;
+    put_ret[1] = put2_ret;
+    TEST_ASSERT(put2_ret <= put2);
+
+    TEST_ASSERT(get1 >= 0);
+    get[0] = get1;
+    get_ret[0] = get1_ret;
+    TEST_ASSERT(get1_ret <= get1);
+    TEST_ASSERT(get2 >= 0);
+    get[1] = get2;
+    get_ret[1] = get2_ret;
+    TEST_ASSERT(get2_ret <= get2);
+
+    input_len = 0;
+    /* Calculate actual input and output lengths */
+    for (j = 0; j < ROUNDS; j++) {
+        if (put_ret[j] > 0) {
+            input_len += put_ret[j];
+        }
+    }
+    /* In order to always have a valid pointer we always allocate at least 1
+     * byte. */
+    if (input_len == 0) {
+        input_len = 1;
+    }
+    TEST_CALLOC(input, input_len);
+
+    output_len = 0;
+    for (j = 0; j < ROUNDS; j++) {
+        if (get_ret[j] > 0) {
+            output_len += get_ret[j];
+        }
+    }
+    TEST_ASSERT(output_len <= input_len);
+    /* In order to always have a valid pointer we always allocate at least 1
+     * byte. */
+    if (output_len == 0) {
+        output_len = 1;
+    }
+    TEST_CALLOC(output, output_len);
+
+    /* Fill up the buffer with structured data so that unwanted changes
+     * can be detected */
+    for (i = 0; i < input_len; i++) {
+        input[i] = i & 0xFF;
+    }
+
+    written = read = 0;
+    for (j = 0; j < ROUNDS; j++) {
+        TEST_ASSERT(put_ret[j] == mbedtls_test_ssl_buffer_put(&buf,
+                                                              input + written, put[j]));
+        written += put_ret[j];
+        TEST_ASSERT(get_ret[j] == mbedtls_test_ssl_buffer_get(&buf,
+                                                              output + read, get[j]));
+        read += get_ret[j];
+        TEST_ASSERT(read <= written);
+        if (get_ret[j] > 0) {
+            TEST_ASSERT(memcmp(output + read - get_ret[j],
+                               input + read - get_ret[j], get_ret[j])
+                        == 0);
+        }
+    }
+
+exit:
+    mbedtls_free(input);
+    mbedtls_free(output);
+    mbedtls_test_ssl_buffer_free(&buf);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/*
+ * Test if the implementation of `mbedtls_test_mock_socket` related
+ * I/O functions is correct and works as expected on unconnected sockets.
+ */
+
+/* BEGIN_CASE */
+void ssl_mock_sanity()
+{
+    enum { MSGLEN = 105 };
+    unsigned char message[MSGLEN] = { 0 };
+    unsigned char received[MSGLEN] = { 0 };
+    mbedtls_test_mock_socket socket;
+
+    mbedtls_test_mock_socket_init(&socket);
+    USE_PSA_INIT();
+    TEST_ASSERT(mbedtls_test_mock_tcp_send_b(&socket, message, MSGLEN) < 0);
+    mbedtls_test_mock_socket_close(&socket);
+    mbedtls_test_mock_socket_init(&socket);
+    TEST_ASSERT(mbedtls_test_mock_tcp_recv_b(&socket, received, MSGLEN) < 0);
+    mbedtls_test_mock_socket_close(&socket);
+
+    mbedtls_test_mock_socket_init(&socket);
+    TEST_ASSERT(mbedtls_test_mock_tcp_send_nb(&socket, message, MSGLEN) < 0);
+    mbedtls_test_mock_socket_close(&socket);
+    mbedtls_test_mock_socket_init(&socket);
+    TEST_ASSERT(mbedtls_test_mock_tcp_recv_nb(&socket, received, MSGLEN) < 0);
+    mbedtls_test_mock_socket_close(&socket);
+
+exit:
+    mbedtls_test_mock_socket_close(&socket);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/*
+ * Test if the implementation of `mbedtls_test_mock_socket` related functions
+ * can send a single message from the client to the server.
+ */
+
+/* BEGIN_CASE */
+void ssl_mock_tcp(int blocking)
+{
+    enum { MSGLEN = 105 };
+    enum { BUFLEN = MSGLEN / 5 };
+    unsigned char message[MSGLEN];
+    unsigned char received[MSGLEN];
+    mbedtls_test_mock_socket client;
+    mbedtls_test_mock_socket server;
+    size_t written, read;
+    int send_ret, recv_ret;
+    mbedtls_ssl_send_t *send;
+    mbedtls_ssl_recv_t *recv;
+    unsigned i;
+
+    if (blocking == 0) {
+        send = mbedtls_test_mock_tcp_send_nb;
+        recv = mbedtls_test_mock_tcp_recv_nb;
+    } else {
+        send = mbedtls_test_mock_tcp_send_b;
+        recv = mbedtls_test_mock_tcp_recv_b;
+    }
+
+    mbedtls_test_mock_socket_init(&client);
+    mbedtls_test_mock_socket_init(&server);
+    USE_PSA_INIT();
+
+    /* Fill up the buffer with structured data so that unwanted changes
+     * can be detected */
+    for (i = 0; i < MSGLEN; i++) {
+        message[i] = i & 0xFF;
+    }
+
+    /* Make sure that sending a message takes a few  iterations. */
+    TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, BUFLEN));
+
+    /* Send the message to the server */
+    send_ret = recv_ret = 1;
+    written = read = 0;
+    while (send_ret != 0 || recv_ret != 0) {
+        send_ret = send(&client, message + written, MSGLEN - written);
+
+        TEST_ASSERT(send_ret >= 0);
+        TEST_ASSERT(send_ret <= BUFLEN);
+        written += send_ret;
+
+        /* If the buffer is full we can test blocking and non-blocking send */
+        if (send_ret == BUFLEN) {
+            int blocking_ret = send(&client, message, 1);
+            if (blocking) {
+                TEST_ASSERT(blocking_ret == 0);
+            } else {
+                TEST_ASSERT(blocking_ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+            }
+        }
+
+        recv_ret = recv(&server, received + read, MSGLEN - read);
+
+        /* The result depends on whether any data was sent */
+        if (send_ret > 0) {
+            TEST_ASSERT(recv_ret > 0);
+            TEST_ASSERT(recv_ret <= BUFLEN);
+            read += recv_ret;
+        } else if (blocking) {
+            TEST_ASSERT(recv_ret == 0);
+        } else {
+            TEST_ASSERT(recv_ret == MBEDTLS_ERR_SSL_WANT_READ);
+            recv_ret = 0;
+        }
+
+        /* If the buffer is empty we can test blocking and non-blocking read */
+        if (recv_ret == BUFLEN) {
+            int blocking_ret = recv(&server, received, 1);
+            if (blocking) {
+                TEST_ASSERT(blocking_ret == 0);
+            } else {
+                TEST_ASSERT(blocking_ret == MBEDTLS_ERR_SSL_WANT_READ);
+            }
+        }
+    }
+    TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+
+exit:
+    mbedtls_test_mock_socket_close(&client);
+    mbedtls_test_mock_socket_close(&server);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/*
+ * Test if the implementation of `mbedtls_test_mock_socket` related functions
+ * can send messages in both direction at the same time (with the I/O calls
+ * interleaving).
+ */
+
+/* BEGIN_CASE */
+void ssl_mock_tcp_interleaving(int blocking)
+{
+    enum { ROUNDS = 2 };
+    enum { MSGLEN = 105 };
+    enum { BUFLEN = MSGLEN / 5 };
+    unsigned char message[ROUNDS][MSGLEN];
+    unsigned char received[ROUNDS][MSGLEN];
+    mbedtls_test_mock_socket client;
+    mbedtls_test_mock_socket server;
+    size_t written[ROUNDS];
+    size_t read[ROUNDS];
+    int send_ret[ROUNDS];
+    int recv_ret[ROUNDS];
+    unsigned i, j, progress;
+    mbedtls_ssl_send_t *send;
+    mbedtls_ssl_recv_t *recv;
+
+    if (blocking == 0) {
+        send = mbedtls_test_mock_tcp_send_nb;
+        recv = mbedtls_test_mock_tcp_recv_nb;
+    } else {
+        send = mbedtls_test_mock_tcp_send_b;
+        recv = mbedtls_test_mock_tcp_recv_b;
+    }
+
+    mbedtls_test_mock_socket_init(&client);
+    mbedtls_test_mock_socket_init(&server);
+    USE_PSA_INIT();
+
+    /* Fill up the buffers with structured data so that unwanted changes
+     * can be detected */
+    for (i = 0; i < ROUNDS; i++) {
+        for (j = 0; j < MSGLEN; j++) {
+            message[i][j] = (i * MSGLEN + j) & 0xFF;
+        }
+    }
+
+    /* Make sure that sending a message takes a few  iterations. */
+    TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server,
+                                                      BUFLEN));
+
+    /* Send the message from both sides, interleaving. */
+    progress = 1;
+    for (i = 0; i < ROUNDS; i++) {
+        written[i] = 0;
+        read[i] = 0;
+    }
+    /* This loop does not stop as long as there was a successful write or read
+     * of at least one byte on either side. */
+    while (progress != 0) {
+        mbedtls_test_mock_socket *socket;
+
+        for (i = 0; i < ROUNDS; i++) {
+            /* First sending is from the client */
+            socket = (i % 2 == 0) ? (&client) : (&server);
+
+            send_ret[i] = send(socket, message[i] + written[i],
+                               MSGLEN - written[i]);
+            TEST_ASSERT(send_ret[i] >= 0);
+            TEST_ASSERT(send_ret[i] <= BUFLEN);
+            written[i] += send_ret[i];
+
+            /* If the buffer is full we can test blocking and non-blocking
+             * send */
+            if (send_ret[i] == BUFLEN) {
+                int blocking_ret = send(socket, message[i], 1);
+                if (blocking) {
+                    TEST_ASSERT(blocking_ret == 0);
+                } else {
+                    TEST_ASSERT(blocking_ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+                }
+            }
+        }
+
+        for (i = 0; i < ROUNDS; i++) {
+            /* First receiving is from the server */
+            socket = (i % 2 == 0) ? (&server) : (&client);
+
+            recv_ret[i] = recv(socket, received[i] + read[i],
+                               MSGLEN - read[i]);
+
+            /* The result depends on whether any data was sent */
+            if (send_ret[i] > 0) {
+                TEST_ASSERT(recv_ret[i] > 0);
+                TEST_ASSERT(recv_ret[i] <= BUFLEN);
+                read[i] += recv_ret[i];
+            } else if (blocking) {
+                TEST_ASSERT(recv_ret[i] == 0);
+            } else {
+                TEST_ASSERT(recv_ret[i] == MBEDTLS_ERR_SSL_WANT_READ);
+                recv_ret[i] = 0;
+            }
+
+            /* If the buffer is empty we can test blocking and non-blocking
+             * read */
+            if (recv_ret[i] == BUFLEN) {
+                int blocking_ret = recv(socket, received[i], 1);
+                if (blocking) {
+                    TEST_ASSERT(blocking_ret == 0);
+                } else {
+                    TEST_ASSERT(blocking_ret == MBEDTLS_ERR_SSL_WANT_READ);
+                }
+            }
+        }
+
+        progress = 0;
+        for (i = 0; i < ROUNDS; i++) {
+            progress += send_ret[i] + recv_ret[i];
+        }
+    }
+
+    for (i = 0; i < ROUNDS; i++) {
+        TEST_ASSERT(memcmp(message[i], received[i], MSGLEN) == 0);
+    }
+
+exit:
+    mbedtls_test_mock_socket_close(&client);
+    mbedtls_test_mock_socket_close(&server);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_message_queue_sanity()
+{
+    mbedtls_test_ssl_message_queue queue = SSL_MESSAGE_QUEUE_INIT;
+
+    USE_PSA_INIT();
+    /* Trying to push/pull to an empty queue */
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(NULL, 1)
+                == MBEDTLS_TEST_ERROR_ARG_NULL);
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(NULL, 1)
+                == MBEDTLS_TEST_ERROR_ARG_NULL);
+
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_setup(&queue, 3) == 0);
+    TEST_ASSERT(queue.capacity == 3);
+    TEST_ASSERT(queue.num == 0);
+
+exit:
+    mbedtls_test_ssl_message_queue_free(&queue);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_message_queue_basic()
+{
+    mbedtls_test_ssl_message_queue queue = SSL_MESSAGE_QUEUE_INIT;
+
+    USE_PSA_INIT();
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_setup(&queue, 3) == 0);
+
+    /* Sanity test - 3 pushes and 3 pops with sufficient space */
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1);
+    TEST_ASSERT(queue.capacity == 3);
+    TEST_ASSERT(queue.num == 1);
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1);
+    TEST_ASSERT(queue.capacity == 3);
+    TEST_ASSERT(queue.num == 2);
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 2) == 2);
+    TEST_ASSERT(queue.capacity == 3);
+    TEST_ASSERT(queue.num == 3);
+
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1);
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1);
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 2) == 2);
+
+exit:
+    mbedtls_test_ssl_message_queue_free(&queue);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_message_queue_overflow_underflow()
+{
+    mbedtls_test_ssl_message_queue queue = SSL_MESSAGE_QUEUE_INIT;
+
+    USE_PSA_INIT();
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_setup(&queue, 3) == 0);
+
+    /* 4 pushes (last one with an error), 4 pops (last one with an error) */
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1);
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1);
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 2) == 2);
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 3)
+                == MBEDTLS_ERR_SSL_WANT_WRITE);
+
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1);
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1);
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 2) == 2);
+
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1)
+                == MBEDTLS_ERR_SSL_WANT_READ);
+
+exit:
+    mbedtls_test_ssl_message_queue_free(&queue);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_message_queue_interleaved()
+{
+    mbedtls_test_ssl_message_queue queue = SSL_MESSAGE_QUEUE_INIT;
+
+    USE_PSA_INIT();
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_setup(&queue, 3) == 0);
+
+    /* Interleaved test - [2 pushes, 1 pop] twice, and then two pops
+     * (to wrap around the buffer) */
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1);
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1);
+
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1);
+
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 2) == 2);
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 3) == 3);
+
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1);
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 2) == 2);
+
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 5) == 5);
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 8) == 8);
+
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 3) == 3);
+
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 5) == 5);
+
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 8) == 8);
+
+exit:
+    mbedtls_test_ssl_message_queue_free(&queue);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_message_queue_insufficient_buffer()
+{
+    mbedtls_test_ssl_message_queue queue = SSL_MESSAGE_QUEUE_INIT;
+    size_t message_len = 10;
+    size_t buffer_len = 5;
+
+    USE_PSA_INIT();
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_setup(&queue, 1) == 0);
+
+    /* Popping without a sufficient buffer */
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, message_len)
+                == (int) message_len);
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, buffer_len)
+                == (int) buffer_len);
+exit:
+    mbedtls_test_ssl_message_queue_free(&queue);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_message_mock_uninitialized()
+{
+    enum { MSGLEN = 10 };
+    unsigned char message[MSGLEN] = { 0 }, received[MSGLEN];
+    mbedtls_test_mock_socket client, server;
+    mbedtls_test_ssl_message_queue server_queue, client_queue;
+    mbedtls_test_message_socket_context server_context, client_context;
+    mbedtls_test_message_socket_init(&server_context);
+    mbedtls_test_message_socket_init(&client_context);
+
+    USE_PSA_INIT();
+    /* Send with a NULL context */
+    TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(NULL, message, MSGLEN)
+                == MBEDTLS_TEST_ERROR_CONTEXT_ERROR);
+
+    TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(NULL, message, MSGLEN)
+                == MBEDTLS_TEST_ERROR_CONTEXT_ERROR);
+
+    TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
+                                                  &client_queue, 1,
+                                                  &server,
+                                                  &server_context) == 0);
+
+    TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
+                                                  &server_queue, 1,
+                                                  &client,
+                                                  &client_context) == 0);
+
+    TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+                                               MSGLEN)
+                == MBEDTLS_TEST_ERROR_SEND_FAILED);
+
+    TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+                                               MSGLEN)
+                == MBEDTLS_ERR_SSL_WANT_READ);
+
+    /* Push directly to a queue to later simulate a disconnected behavior */
+    TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&server_queue,
+                                                         MSGLEN)
+                == MSGLEN);
+
+    /* Test if there's an error when trying to read from a disconnected
+     * socket */
+    TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+                                               MSGLEN)
+                == MBEDTLS_TEST_ERROR_RECV_FAILED);
+exit:
+    mbedtls_test_message_socket_close(&server_context);
+    mbedtls_test_message_socket_close(&client_context);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_message_mock_basic()
+{
+    enum { MSGLEN = 10 };
+    unsigned char message[MSGLEN], received[MSGLEN];
+    mbedtls_test_mock_socket client, server;
+    unsigned i;
+    mbedtls_test_ssl_message_queue server_queue, client_queue;
+    mbedtls_test_message_socket_context server_context, client_context;
+
+    mbedtls_test_message_socket_init(&server_context);
+    mbedtls_test_message_socket_init(&client_context);
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
+                                                  &client_queue, 1,
+                                                  &server,
+                                                  &server_context) == 0);
+
+    TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
+                                                  &server_queue, 1,
+                                                  &client,
+                                                  &client_context) == 0);
+
+    /* Fill up the buffer with structured data so that unwanted changes
+     * can be detected */
+    for (i = 0; i < MSGLEN; i++) {
+        message[i] = i & 0xFF;
+    }
+    TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server,
+                                                      MSGLEN));
+
+    /* Send the message to the server */
+    TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+                                               MSGLEN)
+                == MSGLEN);
+
+    /* Read from the server */
+    TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+                                               MSGLEN)
+                == MSGLEN);
+
+    TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+    memset(received, 0, MSGLEN);
+
+    /* Send the message to the client */
+    TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&server_context, message,
+                                               MSGLEN) == MSGLEN);
+
+    /* Read from the client */
+    TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received,
+                                               MSGLEN)
+                == MSGLEN);
+    TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+
+exit:
+    mbedtls_test_message_socket_close(&server_context);
+    mbedtls_test_message_socket_close(&client_context);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_message_mock_queue_overflow_underflow()
+{
+    enum { MSGLEN = 10 };
+    unsigned char message[MSGLEN], received[MSGLEN];
+    mbedtls_test_mock_socket client, server;
+    unsigned i;
+    mbedtls_test_ssl_message_queue server_queue, client_queue;
+    mbedtls_test_message_socket_context server_context, client_context;
+
+    mbedtls_test_message_socket_init(&server_context);
+    mbedtls_test_message_socket_init(&client_context);
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
+                                                  &client_queue, 2,
+                                                  &server,
+                                                  &server_context) == 0);
+
+    TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
+                                                  &server_queue, 2,
+                                                  &client,
+                                                  &client_context) == 0);
+
+    /* Fill up the buffer with structured data so that unwanted changes
+     * can be detected */
+    for (i = 0; i < MSGLEN; i++) {
+        message[i] = i & 0xFF;
+    }
+    TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server,
+                                                      MSGLEN*2));
+
+    /* Send three message to the server, last one with an error */
+    TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+                                               MSGLEN - 1)
+                == MSGLEN - 1);
+
+    TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+                                               MSGLEN)
+                == MSGLEN);
+
+    TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+                                               MSGLEN)
+                == MBEDTLS_ERR_SSL_WANT_WRITE);
+
+    /* Read three messages from the server, last one with an error */
+    TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+                                               MSGLEN - 1)
+                == MSGLEN - 1);
+
+    TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+                                               MSGLEN)
+                == MSGLEN);
+
+    TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+
+    TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+                                               MSGLEN)
+                == MBEDTLS_ERR_SSL_WANT_READ);
+
+exit:
+    mbedtls_test_message_socket_close(&server_context);
+    mbedtls_test_message_socket_close(&client_context);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_message_mock_socket_overflow()
+{
+    enum { MSGLEN = 10 };
+    unsigned char message[MSGLEN], received[MSGLEN];
+    mbedtls_test_mock_socket client, server;
+    unsigned i;
+    mbedtls_test_ssl_message_queue server_queue, client_queue;
+    mbedtls_test_message_socket_context server_context, client_context;
+
+    mbedtls_test_message_socket_init(&server_context);
+    mbedtls_test_message_socket_init(&client_context);
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
+                                                  &client_queue, 2,
+                                                  &server,
+                                                  &server_context) == 0);
+
+    TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
+                                                  &server_queue, 2,
+                                                  &client,
+                                                  &client_context) == 0);
+
+    /* Fill up the buffer with structured data so that unwanted changes
+     * can be detected */
+    for (i = 0; i < MSGLEN; i++) {
+        message[i] = i & 0xFF;
+    }
+    TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server,
+                                                      MSGLEN));
+
+    /* Send two message to the server, second one with an error */
+    TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+                                               MSGLEN)
+                == MSGLEN);
+
+    TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+                                               MSGLEN)
+                == MBEDTLS_TEST_ERROR_SEND_FAILED);
+
+    /* Read the only message from the server */
+    TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+                                               MSGLEN)
+                == MSGLEN);
+
+    TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+
+exit:
+    mbedtls_test_message_socket_close(&server_context);
+    mbedtls_test_message_socket_close(&client_context);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_message_mock_truncated()
+{
+    enum { MSGLEN = 10 };
+    unsigned char message[MSGLEN], received[MSGLEN];
+    mbedtls_test_mock_socket client, server;
+    unsigned i;
+    mbedtls_test_ssl_message_queue server_queue, client_queue;
+    mbedtls_test_message_socket_context server_context, client_context;
+
+    mbedtls_test_message_socket_init(&server_context);
+    mbedtls_test_message_socket_init(&client_context);
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
+                                                  &client_queue, 2,
+                                                  &server,
+                                                  &server_context) == 0);
+
+    TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
+                                                  &server_queue, 2,
+                                                  &client,
+                                                  &client_context) == 0);
+
+    memset(received, 0, MSGLEN);
+    /* Fill up the buffer with structured data so that unwanted changes
+     * can be detected */
+    for (i = 0; i < MSGLEN; i++) {
+        message[i] = i & 0xFF;
+    }
+    TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server,
+                                                      2 * MSGLEN));
+
+    /* Send two messages to the server, the second one small enough to fit in the
+     * receiver's buffer. */
+    TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+                                               MSGLEN)
+                == MSGLEN);
+    TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+                                               MSGLEN / 2)
+                == MSGLEN / 2);
+    /* Read a truncated message from the server */
+    TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+                                               MSGLEN/2)
+                == MSGLEN/2);
+
+    /* Test that the first half of the message is valid, and second one isn't */
+    TEST_ASSERT(memcmp(message, received, MSGLEN/2) == 0);
+    TEST_ASSERT(memcmp(message + MSGLEN/2, received + MSGLEN/2, MSGLEN/2)
+                != 0);
+    memset(received, 0, MSGLEN);
+
+    /* Read a full message from the server */
+    TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+                                               MSGLEN/2)
+                == MSGLEN / 2);
+
+    /* Test that the first half of the message is valid */
+    TEST_ASSERT(memcmp(message, received, MSGLEN/2) == 0);
+
+exit:
+    mbedtls_test_message_socket_close(&server_context);
+    mbedtls_test_message_socket_close(&client_context);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_message_mock_socket_read_error()
+{
+    enum { MSGLEN = 10 };
+    unsigned char message[MSGLEN], received[MSGLEN];
+    mbedtls_test_mock_socket client, server;
+    unsigned i;
+    mbedtls_test_ssl_message_queue server_queue, client_queue;
+    mbedtls_test_message_socket_context server_context, client_context;
+
+    mbedtls_test_message_socket_init(&server_context);
+    mbedtls_test_message_socket_init(&client_context);
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
+                                                  &client_queue, 1,
+                                                  &server,
+                                                  &server_context) == 0);
+
+    TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
+                                                  &server_queue, 1,
+                                                  &client,
+                                                  &client_context) == 0);
+
+    /* Fill up the buffer with structured data so that unwanted changes
+     * can be detected */
+    for (i = 0; i < MSGLEN; i++) {
+        message[i] = i & 0xFF;
+    }
+    TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server,
+                                                      MSGLEN));
+
+    TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+                                               MSGLEN)
+                == MSGLEN);
+
+    /* Force a read error by disconnecting the socket by hand */
+    server.status = 0;
+    TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+                                               MSGLEN)
+                == MBEDTLS_TEST_ERROR_RECV_FAILED);
+    /* Return to a valid state */
+    server.status = MBEDTLS_MOCK_SOCKET_CONNECTED;
+
+    memset(received, 0, sizeof(received));
+
+    /* Test that even though the server tried to read once disconnected, the
+     * continuity is preserved */
+    TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+                                               MSGLEN)
+                == MSGLEN);
+
+    TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+
+exit:
+    mbedtls_test_message_socket_close(&server_context);
+    mbedtls_test_message_socket_close(&client_context);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_message_mock_interleaved_one_way()
+{
+    enum { MSGLEN = 10 };
+    unsigned char message[MSGLEN], received[MSGLEN];
+    mbedtls_test_mock_socket client, server;
+    unsigned i;
+    mbedtls_test_ssl_message_queue server_queue, client_queue;
+    mbedtls_test_message_socket_context server_context, client_context;
+
+    mbedtls_test_message_socket_init(&server_context);
+    mbedtls_test_message_socket_init(&client_context);
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
+                                                  &client_queue, 3,
+                                                  &server,
+                                                  &server_context) == 0);
+
+    TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
+                                                  &server_queue, 3,
+                                                  &client,
+                                                  &client_context) == 0);
+
+    /* Fill up the buffer with structured data so that unwanted changes
+     * can be detected */
+    for (i = 0; i < MSGLEN; i++) {
+        message[i] = i & 0xFF;
+    }
+    TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server,
+                                                      MSGLEN*3));
+
+    /* Interleaved test - [2 sends, 1 read] twice, and then two reads
+     * (to wrap around the buffer) */
+    for (i = 0; i < 2; i++) {
+        TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+                                                   MSGLEN) == MSGLEN);
+
+        TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+                                                   MSGLEN) == MSGLEN);
+
+        TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+                                                   MSGLEN) == MSGLEN);
+        TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+        memset(received, 0, sizeof(received));
+    }
+
+    for (i = 0; i < 2; i++) {
+        TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+                                                   MSGLEN) == MSGLEN);
+
+        TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+    }
+    TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+                                               MSGLEN)
+                == MBEDTLS_ERR_SSL_WANT_READ);
+exit:
+    mbedtls_test_message_socket_close(&server_context);
+    mbedtls_test_message_socket_close(&client_context);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_message_mock_interleaved_two_ways()
+{
+    enum { MSGLEN = 10 };
+    unsigned char message[MSGLEN], received[MSGLEN];
+    mbedtls_test_mock_socket client, server;
+    unsigned i;
+    mbedtls_test_ssl_message_queue server_queue, client_queue;
+    mbedtls_test_message_socket_context server_context, client_context;
+
+    mbedtls_test_message_socket_init(&server_context);
+    mbedtls_test_message_socket_init(&client_context);
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
+                                                  &client_queue, 3,
+                                                  &server,
+                                                  &server_context) == 0);
+
+    TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
+                                                  &server_queue, 3,
+                                                  &client,
+                                                  &client_context) == 0);
+
+    /* Fill up the buffer with structured data so that unwanted changes
+     * can be detected */
+    for (i = 0; i < MSGLEN; i++) {
+        message[i] = i & 0xFF;
+    }
+    TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server,
+                                                      MSGLEN*3));
+
+    /* Interleaved test - [2 sends, 1 read] twice, both ways, and then two reads
+     * (to wrap around the buffer) both ways. */
+    for (i = 0; i < 2; i++) {
+        TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+                                                   MSGLEN) == MSGLEN);
+
+        TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
+                                                   MSGLEN) == MSGLEN);
+
+        TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&server_context, message,
+                                                   MSGLEN) == MSGLEN);
+
+        TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&server_context, message,
+                                                   MSGLEN) == MSGLEN);
+
+        TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+                                                   MSGLEN) == MSGLEN);
+
+        TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+
+        memset(received, 0, sizeof(received));
+
+        TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received,
+                                                   MSGLEN) == MSGLEN);
+
+        TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+
+        memset(received, 0, sizeof(received));
+    }
+
+    for (i = 0; i < 2; i++) {
+        TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+                                                   MSGLEN) == MSGLEN);
+
+        TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+        memset(received, 0, sizeof(received));
+
+        TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received,
+                                                   MSGLEN) == MSGLEN);
+
+        TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
+        memset(received, 0, sizeof(received));
+    }
+
+    TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
+                                               MSGLEN)
+                == MBEDTLS_ERR_SSL_WANT_READ);
+
+    TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received,
+                                               MSGLEN)
+                == MBEDTLS_ERR_SSL_WANT_READ);
+exit:
+    mbedtls_test_message_socket_close(&server_context);
+    mbedtls_test_message_socket_close(&client_context);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_DTLS_ANTI_REPLAY */
+void ssl_dtls_replay(data_t *prevs, data_t *new, int ret)
+{
+    uint32_t len = 0;
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_config_init(&conf);
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_ssl_config_defaults(&conf,
+                                            MBEDTLS_SSL_IS_CLIENT,
+                                            MBEDTLS_SSL_TRANSPORT_DATAGRAM,
+                                            MBEDTLS_SSL_PRESET_DEFAULT) == 0);
+    TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
+
+    /* Read previous record numbers */
+    for (len = 0; len < prevs->len; len += 6) {
+        memcpy(ssl.in_ctr + 2, prevs->x + len, 6);
+        mbedtls_ssl_dtls_replay_update(&ssl);
+    }
+
+    /* Check new number */
+    memcpy(ssl.in_ctr + 2, new->x, 6);
+    TEST_ASSERT(mbedtls_ssl_dtls_replay_check(&ssl) == ret);
+
+exit:
+    mbedtls_ssl_free(&ssl);
+    mbedtls_ssl_config_free(&conf);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C */
+void ssl_set_hostname_twice(char *hostname0, char *hostname1)
+{
+    mbedtls_ssl_context ssl;
+
+    mbedtls_ssl_init(&ssl);
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_ssl_set_hostname(&ssl, hostname0) == 0);
+    TEST_ASSERT(mbedtls_ssl_set_hostname(&ssl, hostname1) == 0);
+
+exit:
+    mbedtls_ssl_free(&ssl);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_crypt_record(int cipher_type, int hash_id,
+                      int etm, int tag_mode, int ver,
+                      int cid0_len, int cid1_len)
+{
+    /*
+     * Test several record encryptions and decryptions
+     * with plenty of space before and after the data
+     * within the record buffer.
+     */
+
+    int ret;
+    int num_records = 16;
+    mbedtls_ssl_context ssl; /* ONLY for debugging */
+
+    mbedtls_ssl_transform t0, t1;
+    unsigned char *buf = NULL;
+    size_t const buflen = 512;
+    mbedtls_record rec, rec_backup;
+
+    mbedtls_ssl_init(&ssl);
+    USE_PSA_INIT();
+
+    mbedtls_ssl_transform_init(&t0);
+    mbedtls_ssl_transform_init(&t1);
+    TEST_ASSERT(mbedtls_test_ssl_build_transforms(&t0, &t1, cipher_type, hash_id,
+                                                  etm, tag_mode, ver,
+                                                  (size_t) cid0_len,
+                                                  (size_t) cid1_len) == 0);
+
+    TEST_ASSERT((buf = mbedtls_calloc(1, buflen)) != NULL);
+
+    while (num_records-- > 0) {
+        mbedtls_ssl_transform *t_dec, *t_enc;
+        /* Take turns in who's sending and who's receiving. */
+        if (num_records % 3 == 0) {
+            t_dec = &t0;
+            t_enc = &t1;
+        } else {
+            t_dec = &t1;
+            t_enc = &t0;
+        }
+
+        /*
+         * The record header affects the transformation in two ways:
+         * 1) It determines the AEAD additional data
+         * 2) The record counter sometimes determines the IV.
+         *
+         * Apart from that, the fields don't have influence.
+         * In particular, it is currently not the responsibility
+         * of ssl_encrypt/decrypt_buf to check if the transform
+         * version matches the record version, or that the
+         * type is sensible.
+         */
+
+        memset(rec.ctr, num_records, sizeof(rec.ctr));
+        rec.type    = 42;
+        rec.ver[0]  = num_records;
+        rec.ver[1]  = num_records;
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+        rec.cid_len = 0;
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+        rec.buf     = buf;
+        rec.buf_len = buflen;
+        rec.data_offset = 16;
+        /* Make sure to vary the length to exercise different
+         * paddings. */
+        rec.data_len = 1 + num_records;
+
+        memset(rec.buf + rec.data_offset, 42, rec.data_len);
+
+        /* Make a copy for later comparison */
+        rec_backup = rec;
+
+        /* Encrypt record */
+        ret = mbedtls_ssl_encrypt_buf(&ssl, t_enc, &rec,
+                                      mbedtls_test_rnd_std_rand, NULL);
+        TEST_ASSERT(ret == 0 || ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
+        if (ret != 0) {
+            continue;
+        }
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+        if (rec.cid_len != 0) {
+            /* DTLS 1.2 + CID hides the real content type and
+             * uses a special CID content type in the protected
+             * record. Double-check this. */
+            TEST_ASSERT(rec.type == MBEDTLS_SSL_MSG_CID);
+        }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+        if (t_enc->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4) {
+            /* TLS 1.3 hides the real content type and
+             * always uses Application Data as the content type
+             * for protected records. Double-check this. */
+            TEST_ASSERT(rec.type == MBEDTLS_SSL_MSG_APPLICATION_DATA);
+        }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+
+        /* Decrypt record with t_dec */
+        ret = mbedtls_ssl_decrypt_buf(&ssl, t_dec, &rec);
+        TEST_ASSERT(ret == 0);
+
+        /* Compare results */
+        TEST_ASSERT(rec.type == rec_backup.type);
+        TEST_ASSERT(memcmp(rec.ctr, rec_backup.ctr, 8) == 0);
+        TEST_ASSERT(rec.ver[0] == rec_backup.ver[0]);
+        TEST_ASSERT(rec.ver[1] == rec_backup.ver[1]);
+        TEST_ASSERT(rec.data_len == rec_backup.data_len);
+        TEST_ASSERT(rec.data_offset == rec_backup.data_offset);
+        TEST_ASSERT(memcmp(rec.buf + rec.data_offset,
+                           rec_backup.buf + rec_backup.data_offset,
+                           rec.data_len) == 0);
+    }
+
+exit:
+
+    /* Cleanup */
+    mbedtls_ssl_free(&ssl);
+    mbedtls_ssl_transform_free(&t0);
+    mbedtls_ssl_transform_free(&t1);
+    mbedtls_free(buf);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_crypt_record_small(int cipher_type, int hash_id,
+                            int etm, int tag_mode, int ver,
+                            int cid0_len, int cid1_len)
+{
+    /*
+     * Test pairs of encryption and decryption with an increasing
+     * amount of space in the record buffer - in more detail:
+     * 1) Try to encrypt with 0, 1, 2, ... bytes available
+     *    in front of the plaintext, and expect the encryption
+     *    to succeed starting from some offset. Always keep
+     *    enough space in the end of the buffer.
+     * 2) Try to encrypt with 0, 1, 2, ... bytes available
+     *    at the end of the plaintext, and expect the encryption
+     *    to succeed starting from some offset. Always keep
+     *    enough space at the beginning of the buffer.
+     * 3) Try to encrypt with 0, 1, 2, ... bytes available
+     *    both at the front and end of the plaintext,
+     *    and expect the encryption to succeed starting from
+     *    some offset.
+     *
+     * If encryption succeeds, check that decryption succeeds
+     * and yields the original record.
+     */
+
+    mbedtls_ssl_context ssl; /* ONLY for debugging */
+
+    mbedtls_ssl_transform t0, t1;
+    unsigned char *buf = NULL;
+    size_t const buflen = 256;
+    mbedtls_record rec, rec_backup;
+
+    int ret;
+    int mode;              /* Mode 1, 2 or 3 as explained above     */
+    size_t offset;         /* Available space at beginning/end/both */
+    size_t threshold = 96; /* Maximum offset to test against        */
+
+    size_t default_pre_padding  = 64;  /* Pre-padding to use in mode 2  */
+    size_t default_post_padding = 128; /* Post-padding to use in mode 1 */
+
+    int seen_success; /* Indicates if in the current mode we've
+                       * already seen a successful test. */
+
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_transform_init(&t0);
+    mbedtls_ssl_transform_init(&t1);
+    USE_PSA_INIT();
+    TEST_ASSERT(mbedtls_test_ssl_build_transforms(&t0, &t1, cipher_type, hash_id,
+                                                  etm, tag_mode, ver,
+                                                  (size_t) cid0_len,
+                                                  (size_t) cid1_len) == 0);
+
+    TEST_ASSERT((buf = mbedtls_calloc(1, buflen)) != NULL);
+
+    for (mode = 1; mode <= 3; mode++) {
+        seen_success = 0;
+        for (offset = 0; offset <= threshold; offset++) {
+            mbedtls_ssl_transform *t_dec, *t_enc;
+            t_dec = &t0;
+            t_enc = &t1;
+
+            memset(rec.ctr, offset, sizeof(rec.ctr));
+            rec.type    = 42;
+            rec.ver[0]  = offset;
+            rec.ver[1]  = offset;
+            rec.buf     = buf;
+            rec.buf_len = buflen;
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+            rec.cid_len = 0;
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+            switch (mode) {
+                case 1: /* Space in the beginning */
+                    rec.data_offset = offset;
+                    rec.data_len = buflen - offset - default_post_padding;
+                    break;
+
+                case 2: /* Space in the end */
+                    rec.data_offset = default_pre_padding;
+                    rec.data_len = buflen - default_pre_padding - offset;
+                    break;
+
+                case 3: /* Space in the beginning and end */
+                    rec.data_offset = offset;
+                    rec.data_len = buflen - 2 * offset;
+                    break;
+
+                default:
+                    TEST_ASSERT(0);
+                    break;
+            }
+
+            memset(rec.buf + rec.data_offset, 42, rec.data_len);
+
+            /* Make a copy for later comparison */
+            rec_backup = rec;
+
+            /* Encrypt record */
+            ret = mbedtls_ssl_encrypt_buf(&ssl, t_enc, &rec,
+                                          mbedtls_test_rnd_std_rand, NULL);
+
+            if (ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) {
+                /* It's ok if the output buffer is too small. We do insist
+                 * on at least one mode succeeding; this is tracked by
+                 * seen_success. */
+                continue;
+            }
+
+            TEST_EQUAL(ret, 0);
+            seen_success = 1;
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+            if (rec.cid_len != 0) {
+                /* DTLS 1.2 + CID hides the real content type and
+                 * uses a special CID content type in the protected
+                 * record. Double-check this. */
+                TEST_ASSERT(rec.type == MBEDTLS_SSL_MSG_CID);
+            }
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+            if (t_enc->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4) {
+                /* TLS 1.3 hides the real content type and
+                 * always uses Application Data as the content type
+                 * for protected records. Double-check this. */
+                TEST_ASSERT(rec.type == MBEDTLS_SSL_MSG_APPLICATION_DATA);
+            }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+
+            /* Decrypt record with t_dec */
+            TEST_ASSERT(mbedtls_ssl_decrypt_buf(&ssl, t_dec, &rec) == 0);
+
+            /* Compare results */
+            TEST_ASSERT(rec.type == rec_backup.type);
+            TEST_ASSERT(memcmp(rec.ctr, rec_backup.ctr, 8) == 0);
+            TEST_ASSERT(rec.ver[0] == rec_backup.ver[0]);
+            TEST_ASSERT(rec.ver[1] == rec_backup.ver[1]);
+            TEST_ASSERT(rec.data_len == rec_backup.data_len);
+            TEST_ASSERT(rec.data_offset == rec_backup.data_offset);
+            TEST_ASSERT(memcmp(rec.buf + rec.data_offset,
+                               rec_backup.buf + rec_backup.data_offset,
+                               rec.data_len) == 0);
+        }
+
+        TEST_ASSERT(seen_success == 1);
+    }
+
+exit:
+
+    /* Cleanup */
+    mbedtls_ssl_free(&ssl);
+    mbedtls_ssl_transform_free(&t0);
+    mbedtls_ssl_transform_free(&t1);
+    mbedtls_free(buf);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+void ssl_tls1_3_hkdf_expand_label(int hash_alg,
+                                  data_t *secret,
+                                  int label_idx,
+                                  data_t *ctx,
+                                  int desired_length,
+                                  data_t *expected)
+{
+    unsigned char dst[100];
+
+    unsigned char const *lbl = NULL;
+    size_t lbl_len;
+#define MBEDTLS_SSL_TLS1_3_LABEL(name, string)                        \
+    if (label_idx == (int) tls1_3_label_ ## name)                      \
+    {                                                                   \
+        lbl = mbedtls_ssl_tls1_3_labels.name;                           \
+        lbl_len = sizeof(mbedtls_ssl_tls1_3_labels.name);             \
+    }
+    MBEDTLS_SSL_TLS1_3_LABEL_LIST
+#undef MBEDTLS_SSL_TLS1_3_LABEL
+    TEST_ASSERT(lbl != NULL);
+
+    /* Check sanity of test parameters. */
+    TEST_ASSERT((size_t) desired_length <= sizeof(dst));
+    TEST_ASSERT((size_t) desired_length == expected->len);
+
+    TEST_ASSERT(mbedtls_ssl_tls1_3_hkdf_expand_label(
+                    (mbedtls_md_type_t) hash_alg,
+                    secret->x, secret->len,
+                    lbl, lbl_len,
+                    ctx->x, ctx->len,
+                    dst, desired_length) == 0);
+
+    TEST_MEMORY_COMPARE(dst, (size_t) desired_length,
+                        expected->x, (size_t) expected->len);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+void ssl_tls1_3_traffic_key_generation(int hash_alg,
+                                       data_t *server_secret,
+                                       data_t *client_secret,
+                                       int desired_iv_len,
+                                       int desired_key_len,
+                                       data_t *expected_server_write_key,
+                                       data_t *expected_server_write_iv,
+                                       data_t *expected_client_write_key,
+                                       data_t *expected_client_write_iv)
+{
+    mbedtls_ssl_key_set keys;
+
+    /* Check sanity of test parameters. */
+    TEST_ASSERT(client_secret->len == server_secret->len);
+    TEST_ASSERT(
+        expected_client_write_iv->len == expected_server_write_iv->len &&
+        expected_client_write_iv->len == (size_t) desired_iv_len);
+    TEST_ASSERT(
+        expected_client_write_key->len == expected_server_write_key->len &&
+        expected_client_write_key->len == (size_t) desired_key_len);
+
+    TEST_ASSERT(mbedtls_ssl_tls1_3_make_traffic_keys(
+                    (mbedtls_md_type_t) hash_alg,
+                    client_secret->x,
+                    server_secret->x,
+                    client_secret->len /* == server_secret->len */,
+                    desired_key_len, desired_iv_len,
+                    &keys) == 0);
+
+    TEST_MEMORY_COMPARE(keys.client_write_key,
+                        keys.key_len,
+                        expected_client_write_key->x,
+                        (size_t) desired_key_len);
+    TEST_MEMORY_COMPARE(keys.server_write_key,
+                        keys.key_len,
+                        expected_server_write_key->x,
+                        (size_t) desired_key_len);
+    TEST_MEMORY_COMPARE(keys.client_write_iv,
+                        keys.iv_len,
+                        expected_client_write_iv->x,
+                        (size_t) desired_iv_len);
+    TEST_MEMORY_COMPARE(keys.server_write_iv,
+                        keys.iv_len,
+                        expected_server_write_iv->x,
+                        (size_t) desired_iv_len);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+void ssl_tls1_3_derive_secret(int hash_alg,
+                              data_t *secret,
+                              int label_idx,
+                              data_t *ctx,
+                              int desired_length,
+                              int already_hashed,
+                              data_t *expected)
+{
+    unsigned char dst[100];
+
+    unsigned char const *lbl = NULL;
+    size_t lbl_len;
+#define MBEDTLS_SSL_TLS1_3_LABEL(name, string)                        \
+    if (label_idx == (int) tls1_3_label_ ## name)                      \
+    {                                                                   \
+        lbl = mbedtls_ssl_tls1_3_labels.name;                           \
+        lbl_len = sizeof(mbedtls_ssl_tls1_3_labels.name);             \
+    }
+    MBEDTLS_SSL_TLS1_3_LABEL_LIST
+#undef MBEDTLS_SSL_TLS1_3_LABEL
+    TEST_ASSERT(lbl != NULL);
+
+    /* Check sanity of test parameters. */
+    TEST_ASSERT((size_t) desired_length <= sizeof(dst));
+    TEST_ASSERT((size_t) desired_length == expected->len);
+
+    TEST_ASSERT(mbedtls_ssl_tls1_3_derive_secret(
+                    (mbedtls_md_type_t) hash_alg,
+                    secret->x, secret->len,
+                    lbl, lbl_len,
+                    ctx->x, ctx->len,
+                    already_hashed,
+                    dst, desired_length) == 0);
+
+    TEST_MEMORY_COMPARE(dst, desired_length,
+                        expected->x, desired_length);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+void ssl_tls1_3_key_evolution(int hash_alg,
+                              data_t *secret,
+                              data_t *input,
+                              data_t *expected)
+{
+    unsigned char secret_new[MBEDTLS_MD_MAX_SIZE];
+
+    TEST_ASSERT(mbedtls_ssl_tls1_3_evolve_secret(
+                    (mbedtls_md_type_t) hash_alg,
+                    secret->len ? secret->x : NULL,
+                    input->len ? input->x : NULL, input->len,
+                    secret_new) == 0);
+
+    TEST_MEMORY_COMPARE(secret_new, (size_t) expected->len,
+                        expected->x, (size_t) expected->len);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_tls_prf(int type, data_t *secret, data_t *random,
+                 char *label, data_t *result_str, int exp_ret)
+{
+    unsigned char *output;
+
+    output = mbedtls_calloc(1, result_str->len);
+    if (output == NULL) {
+        goto exit;
+    }
+
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_ssl_tls_prf(type, secret->x, secret->len,
+                                    label, random->x, random->len,
+                                    output, result_str->len) == exp_ret);
+
+    if (exp_ret == 0) {
+        TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x,
+                                        result_str->len, result_str->len) == 0);
+    }
+exit:
+
+    mbedtls_free(output);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_serialize_session_save_load(int ticket_len, char *crt_file)
+{
+    mbedtls_ssl_session original, restored;
+    unsigned char *buf = NULL;
+    size_t len;
+
+    /*
+     * Test that a save-load pair is the identity
+     */
+    mbedtls_ssl_session_init(&original);
+    mbedtls_ssl_session_init(&restored);
+    USE_PSA_INIT();
+
+    /* Prepare a dummy session to work on */
+    TEST_ASSERT(mbedtls_test_ssl_populate_session(
+                    &original, ticket_len, crt_file) == 0);
+
+    /* Serialize it */
+    TEST_ASSERT(mbedtls_ssl_session_save(&original, NULL, 0, &len)
+                == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
+    TEST_ASSERT((buf = mbedtls_calloc(1, len)) != NULL);
+    TEST_ASSERT(mbedtls_ssl_session_save(&original, buf, len, &len)
+                == 0);
+
+    /* Restore session from serialized data */
+    TEST_ASSERT(mbedtls_ssl_session_load(&restored, buf, len) == 0);
+
+    /*
+     * Make sure both session structures are identical
+     */
+#if defined(MBEDTLS_HAVE_TIME)
+    TEST_ASSERT(original.start == restored.start);
+#endif
+    TEST_ASSERT(original.ciphersuite == restored.ciphersuite);
+    TEST_ASSERT(original.compression == restored.compression);
+    TEST_ASSERT(original.id_len == restored.id_len);
+    TEST_ASSERT(memcmp(original.id,
+                       restored.id, sizeof(original.id)) == 0);
+    TEST_ASSERT(memcmp(original.master,
+                       restored.master, sizeof(original.master)) == 0);
+
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \
+    defined(MBEDTLS_CERTS_C)
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+    TEST_ASSERT((original.peer_cert == NULL) ==
+                (restored.peer_cert == NULL));
+    if (original.peer_cert != NULL) {
+        TEST_ASSERT(original.peer_cert->raw.len ==
+                    restored.peer_cert->raw.len);
+        TEST_ASSERT(memcmp(original.peer_cert->raw.p,
+                           restored.peer_cert->raw.p,
+                           original.peer_cert->raw.len) == 0);
+    }
+#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+    TEST_ASSERT(original.peer_cert_digest_type ==
+                restored.peer_cert_digest_type);
+    TEST_ASSERT(original.peer_cert_digest_len ==
+                restored.peer_cert_digest_len);
+    TEST_ASSERT((original.peer_cert_digest == NULL) ==
+                (restored.peer_cert_digest == NULL));
+    if (original.peer_cert_digest != NULL) {
+        TEST_ASSERT(memcmp(original.peer_cert_digest,
+                           restored.peer_cert_digest,
+                           original.peer_cert_digest_len) == 0);
+    }
+#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C */
+    TEST_ASSERT(original.verify_result == restored.verify_result);
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
+    TEST_ASSERT(original.ticket_len == restored.ticket_len);
+    if (original.ticket_len != 0) {
+        TEST_ASSERT(original.ticket != NULL);
+        TEST_ASSERT(restored.ticket != NULL);
+        TEST_ASSERT(memcmp(original.ticket,
+                           restored.ticket, original.ticket_len) == 0);
+    }
+    TEST_ASSERT(original.ticket_lifetime == restored.ticket_lifetime);
+#endif
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    TEST_ASSERT(original.mfl_code == restored.mfl_code);
+#endif
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    TEST_ASSERT(original.trunc_hmac == restored.trunc_hmac);
+#endif
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    TEST_ASSERT(original.encrypt_then_mac == restored.encrypt_then_mac);
+#endif
+
+exit:
+    mbedtls_ssl_session_free(&original);
+    mbedtls_ssl_session_free(&restored);
+    mbedtls_free(buf);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_serialize_session_load_save(int ticket_len, char *crt_file)
+{
+    mbedtls_ssl_session session;
+    unsigned char *buf1 = NULL, *buf2 = NULL;
+    size_t len0, len1, len2;
+
+    /*
+     * Test that a load-save pair is the identity
+     */
+    mbedtls_ssl_session_init(&session);
+    USE_PSA_INIT();
+
+    /* Prepare a dummy session to work on */
+    TEST_ASSERT(mbedtls_test_ssl_populate_session(
+                    &session, ticket_len, crt_file) == 0);
+
+    /* Get desired buffer size for serializing */
+    TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &len0)
+                == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
+
+    /* Allocate first buffer */
+    buf1 = mbedtls_calloc(1, len0);
+    TEST_ASSERT(buf1 != NULL);
+
+    /* Serialize to buffer and free live session */
+    TEST_ASSERT(mbedtls_ssl_session_save(&session, buf1, len0, &len1)
+                == 0);
+    TEST_ASSERT(len0 == len1);
+    mbedtls_ssl_session_free(&session);
+
+    /* Restore session from serialized data */
+    TEST_ASSERT(mbedtls_ssl_session_load(&session, buf1, len1) == 0);
+
+    /* Allocate second buffer and serialize to it */
+    buf2 = mbedtls_calloc(1, len0);
+    TEST_ASSERT(buf2 != NULL);
+    TEST_ASSERT(mbedtls_ssl_session_save(&session, buf2, len0, &len2)
+                == 0);
+
+    /* Make sure both serialized versions are identical */
+    TEST_ASSERT(len1 == len2);
+    TEST_ASSERT(memcmp(buf1, buf2, len1) == 0);
+
+exit:
+    mbedtls_ssl_session_free(&session);
+    mbedtls_free(buf1);
+    mbedtls_free(buf2);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_serialize_session_save_buf_size(int ticket_len, char *crt_file)
+{
+    mbedtls_ssl_session session;
+    unsigned char *buf = NULL;
+    size_t good_len, bad_len, test_len;
+
+    /*
+     * Test that session_save() fails cleanly on small buffers
+     */
+    mbedtls_ssl_session_init(&session);
+    USE_PSA_INIT();
+
+    /* Prepare dummy session and get serialized size */
+    TEST_ASSERT(mbedtls_test_ssl_populate_session(
+                    &session, ticket_len, crt_file) == 0);
+    TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &good_len)
+                == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
+
+    /* Try all possible bad lengths */
+    for (bad_len = 1; bad_len < good_len; bad_len++) {
+        /* Allocate exact size so that asan/valgrind can detect any overwrite */
+        mbedtls_free(buf);
+        TEST_ASSERT((buf = mbedtls_calloc(1, bad_len)) != NULL);
+        TEST_ASSERT(mbedtls_ssl_session_save(&session, buf, bad_len,
+                                             &test_len)
+                    == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
+        TEST_ASSERT(test_len == good_len);
+    }
+
+exit:
+    mbedtls_ssl_session_free(&session);
+    mbedtls_free(buf);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_serialize_session_load_buf_size(int ticket_len, char *crt_file)
+{
+    mbedtls_ssl_session session;
+    unsigned char *good_buf = NULL, *bad_buf = NULL;
+    size_t good_len, bad_len;
+
+    /*
+     * Test that session_load() fails cleanly on small buffers
+     */
+    mbedtls_ssl_session_init(&session);
+    USE_PSA_INIT();
+
+    /* Prepare serialized session data */
+    TEST_ASSERT(mbedtls_test_ssl_populate_session(
+                    &session, ticket_len, crt_file) == 0);
+    TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &good_len)
+                == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
+    TEST_ASSERT((good_buf = mbedtls_calloc(1, good_len)) != NULL);
+    TEST_ASSERT(mbedtls_ssl_session_save(&session, good_buf, good_len,
+                                         &good_len) == 0);
+    mbedtls_ssl_session_free(&session);
+
+    /* Try all possible bad lengths */
+    for (bad_len = 0; bad_len < good_len; bad_len++) {
+        /* Allocate exact size so that asan/valgrind can detect any overread */
+        mbedtls_free(bad_buf);
+        bad_buf = mbedtls_calloc(1, bad_len ? bad_len : 1);
+        TEST_ASSERT(bad_buf != NULL);
+        memcpy(bad_buf, good_buf, bad_len);
+
+        TEST_ASSERT(mbedtls_ssl_session_load(&session, bad_buf, bad_len)
+                    == MBEDTLS_ERR_SSL_BAD_INPUT_DATA);
+    }
+
+exit:
+    mbedtls_ssl_session_free(&session);
+    mbedtls_free(good_buf);
+    mbedtls_free(bad_buf);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ssl_session_serialize_version_check(int corrupt_major,
+                                         int corrupt_minor,
+                                         int corrupt_patch,
+                                         int corrupt_config)
+{
+    unsigned char serialized_session[2048];
+    size_t serialized_session_len;
+    unsigned cur_byte;
+    mbedtls_ssl_session session;
+    uint8_t should_corrupt_byte[] = { corrupt_major  == 1,
+                                      corrupt_minor  == 1,
+                                      corrupt_patch  == 1,
+                                      corrupt_config == 1,
+                                      corrupt_config == 1 };
+
+    mbedtls_ssl_session_init(&session);
+    USE_PSA_INIT();
+
+    /* Infer length of serialized session. */
+    TEST_ASSERT(mbedtls_ssl_session_save(&session,
+                                         serialized_session,
+                                         sizeof(serialized_session),
+                                         &serialized_session_len) == 0);
+
+    mbedtls_ssl_session_free(&session);
+
+    /* Without any modification, we should be able to successfully
+     * de-serialize the session - double-check that. */
+    TEST_ASSERT(mbedtls_ssl_session_load(&session,
+                                         serialized_session,
+                                         serialized_session_len) == 0);
+    mbedtls_ssl_session_free(&session);
+
+    /* Go through the bytes in the serialized session header and
+     * corrupt them bit-by-bit. */
+    for (cur_byte = 0; cur_byte < sizeof(should_corrupt_byte); cur_byte++) {
+        int cur_bit;
+        unsigned char * const byte = &serialized_session[cur_byte];
+
+        if (should_corrupt_byte[cur_byte] == 0) {
+            continue;
+        }
+
+        for (cur_bit = 0; cur_bit < CHAR_BIT; cur_bit++) {
+            unsigned char const corrupted_bit = 0x1u << cur_bit;
+            /* Modify a single bit in the serialized session. */
+            *byte ^= corrupted_bit;
+
+            /* Attempt to deserialize */
+            TEST_ASSERT(mbedtls_ssl_session_load(&session,
+                                                 serialized_session,
+                                                 serialized_session_len) ==
+                        MBEDTLS_ERR_SSL_VERSION_MISMATCH);
+
+            /* Undo the change */
+            *byte ^= corrupted_bit;
+        }
+    }
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_INJECT_ENTROPY:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */
+void mbedtls_endpoint_sanity(int endpoint_type)
+{
+    enum { BUFFSIZE = 1024 };
+    mbedtls_test_ssl_endpoint ep;
+    int ret = -1;
+
+    USE_PSA_INIT();
+    ret = mbedtls_test_ssl_endpoint_init(NULL, endpoint_type, MBEDTLS_PK_RSA,
+                                         NULL, NULL, NULL, NULL);
+    TEST_ASSERT(MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret);
+
+    ret = mbedtls_test_ssl_endpoint_certificate_init(NULL, MBEDTLS_PK_RSA);
+    TEST_ASSERT(MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret);
+
+    ret = mbedtls_test_ssl_endpoint_init(&ep, endpoint_type, MBEDTLS_PK_RSA,
+                                         NULL, NULL, NULL, NULL);
+    TEST_ASSERT(ret == 0);
+
+exit:
+    mbedtls_test_ssl_endpoint_free(&ep, NULL);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_INJECT_ENTROPY:MBEDTLS_CTR_DRBG_C:MBEDTLS_ECP_C:MBEDTLS_SHA256_C */
+void move_handshake_to_state(int endpoint_type, int state, int need_pass)
+{
+    enum { BUFFSIZE = 1024 };
+    mbedtls_test_ssl_endpoint base_ep, second_ep;
+    int ret = -1;
+
+    mbedtls_platform_zeroize(&base_ep, sizeof(base_ep));
+    mbedtls_platform_zeroize(&second_ep, sizeof(second_ep));
+
+    ret = mbedtls_test_ssl_endpoint_init(&base_ep, endpoint_type,
+                                         MBEDTLS_PK_RSA,
+                                         NULL, NULL, NULL, NULL);
+    TEST_ASSERT(ret == 0);
+
+    ret = mbedtls_test_ssl_endpoint_init(
+        &second_ep,
+        (endpoint_type == MBEDTLS_SSL_IS_SERVER) ?
+        MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER,
+        MBEDTLS_PK_RSA, NULL, NULL, NULL, NULL);
+    TEST_ASSERT(ret == 0);
+
+    USE_PSA_INIT();
+
+    ret = mbedtls_test_mock_socket_connect(&(base_ep.socket),
+                                           &(second_ep.socket),
+                                           BUFFSIZE);
+    TEST_ASSERT(ret == 0);
+
+    ret = mbedtls_test_move_handshake_to_state(&(base_ep.ssl),
+                                               &(second_ep.ssl),
+                                               state);
+    if (need_pass) {
+        TEST_ASSERT(ret == 0);
+        TEST_ASSERT(base_ep.ssl.state == state);
+    } else {
+        TEST_ASSERT(ret != 0);
+        TEST_ASSERT(base_ep.ssl.state != state);
+    }
+
+exit:
+    mbedtls_test_ssl_endpoint_free(&base_ep, NULL);
+    mbedtls_test_ssl_endpoint_free(&second_ep, NULL);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_ECP_C:MBEDTLS_SHA256_C:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
+void handshake_version(int dtls, int client_min_version, int client_max_version,
+                       int server_min_version, int server_max_version,
+                       int expected_negotiated_version)
+{
+    mbedtls_test_handshake_test_options options;
+    mbedtls_test_init_handshake_options(&options);
+
+    options.client_min_version = client_min_version;
+    options.client_max_version = client_max_version;
+    options.server_min_version = server_min_version;
+    options.server_max_version = server_max_version;
+
+    options.expected_negotiated_version = expected_negotiated_version;
+
+    options.dtls = dtls;
+    /* By default, SSLv3.0 and TLSv1.0 use 1/n-1 splitting when sending data, so
+     * the number of fragments will be twice as big. */
+    if (expected_negotiated_version == MBEDTLS_SSL_MINOR_VERSION_0 ||
+        expected_negotiated_version == MBEDTLS_SSL_MINOR_VERSION_1) {
+        options.expected_cli_fragments = 2;
+        options.expected_srv_fragments = 2;
+    }
+    mbedtls_test_ssl_perform_handshake(&options);
+
+    /* The goto below is used to avoid an "unused label" warning.*/
+    goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */
+void handshake_psk_cipher(char *cipher, int pk_alg, data_t *psk_str, int dtls)
+{
+    mbedtls_test_handshake_test_options options;
+    mbedtls_test_init_handshake_options(&options);
+
+    options.cipher = cipher;
+    options.dtls = dtls;
+    options.psk_str = psk_str;
+    options.pk_alg = pk_alg;
+
+    mbedtls_test_ssl_perform_handshake(&options);
+
+    /* The goto below is used to avoid an "unused label" warning.*/
+    goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */
+void handshake_cipher(char *cipher, int pk_alg, int dtls)
+{
+    test_handshake_psk_cipher(cipher, pk_alg, NULL, dtls);
+
+    /* The goto below is used to avoid an "unused label" warning.*/
+    goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */
+void app_data(int mfl, int cli_msg_len, int srv_msg_len,
+              int expected_cli_fragments,
+              int expected_srv_fragments, int dtls)
+{
+    mbedtls_test_handshake_test_options options;
+    mbedtls_test_init_handshake_options(&options);
+
+    options.mfl = mfl;
+    options.cli_msg_len = cli_msg_len;
+    options.srv_msg_len = srv_msg_len;
+    options.expected_cli_fragments = expected_cli_fragments;
+    options.expected_srv_fragments = expected_srv_fragments;
+    options.dtls = dtls;
+
+    mbedtls_test_ssl_perform_handshake(&options);
+    /* The goto below is used to avoid an "unused label" warning.*/
+    goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_ECP_C:MBEDTLS_SHA256_C:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
+void app_data_tls(int mfl, int cli_msg_len, int srv_msg_len,
+                  int expected_cli_fragments,
+                  int expected_srv_fragments)
+{
+    test_app_data(mfl, cli_msg_len, srv_msg_len, expected_cli_fragments,
+                  expected_srv_fragments, 0);
+    /* The goto below is used to avoid an "unused label" warning.*/
+    goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
+void app_data_dtls(int mfl, int cli_msg_len, int srv_msg_len,
+                   int expected_cli_fragments,
+                   int expected_srv_fragments)
+{
+    test_app_data(mfl, cli_msg_len, srv_msg_len, expected_cli_fragments,
+                  expected_srv_fragments, 1);
+    /* The goto below is used to avoid an "unused label" warning.*/
+    goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
+void handshake_serialization()
+{
+    mbedtls_test_handshake_test_options options;
+    mbedtls_test_init_handshake_options(&options);
+
+    options.serialize = 1;
+    options.dtls = 1;
+    mbedtls_test_ssl_perform_handshake(&options);
+    /* The goto below is used to avoid an "unused label" warning.*/
+    goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_DEBUG_C:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED*/
+void handshake_fragmentation(int mfl,
+                             int expected_srv_hs_fragmentation,
+                             int expected_cli_hs_fragmentation)
+{
+    mbedtls_test_handshake_test_options options;
+    mbedtls_test_ssl_log_pattern srv_pattern, cli_pattern;
+
+    srv_pattern.pattern = cli_pattern.pattern = "found fragmented DTLS handshake";
+    srv_pattern.counter = 0;
+    cli_pattern.counter = 0;
+
+    mbedtls_test_init_handshake_options(&options);
+    options.dtls = 1;
+    options.mfl = mfl;
+    /* Set cipher to one using CBC so that record splitting can be tested */
+    options.cipher = "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256";
+    options.srv_auth_mode = MBEDTLS_SSL_VERIFY_REQUIRED;
+    options.srv_log_obj = &srv_pattern;
+    options.cli_log_obj = &cli_pattern;
+    options.srv_log_fun = mbedtls_test_ssl_log_analyzer;
+    options.cli_log_fun = mbedtls_test_ssl_log_analyzer;
+
+    mbedtls_test_ssl_perform_handshake(&options);
+
+    /* Test if the server received a fragmented handshake */
+    if (expected_srv_hs_fragmentation) {
+        TEST_ASSERT(srv_pattern.counter >= 1);
+    }
+    /* Test if the client received a fragmented handshake */
+    if (expected_cli_hs_fragmentation) {
+        TEST_ASSERT(cli_pattern.counter >= 1);
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
+void renegotiation(int legacy_renegotiation)
+{
+    mbedtls_test_handshake_test_options options;
+    mbedtls_test_init_handshake_options(&options);
+
+    options.renegotiate = 1;
+    options.legacy_renegotiation = legacy_renegotiation;
+    options.dtls = 1;
+
+    mbedtls_test_ssl_perform_handshake(&options);
+    /* The goto below is used to avoid an "unused label" warning.*/
+    goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */
+void resize_buffers(int mfl, int renegotiation, int legacy_renegotiation,
+                    int serialize, int dtls, char *cipher)
+{
+    mbedtls_test_handshake_test_options options;
+    mbedtls_test_init_handshake_options(&options);
+
+    options.mfl = mfl;
+    options.cipher = cipher;
+    options.renegotiate = renegotiation;
+    options.legacy_renegotiation = legacy_renegotiation;
+    options.serialize = serialize;
+    options.dtls = dtls;
+    options.resize_buffers = 1;
+
+    mbedtls_test_ssl_perform_handshake(&options);
+    /* The goto below is used to avoid an "unused label" warning.*/
+    goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
+void resize_buffers_serialize_mfl(int mfl)
+{
+    test_resize_buffers(mfl, 0, MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION, 1, 1,
+                        (char *) "");
+    /* The goto below is used to avoid an "unused label" warning.*/
+    goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
+void resize_buffers_renegotiate_mfl(int mfl, int legacy_renegotiation,
+                                    char *cipher)
+{
+    test_resize_buffers(mfl, 1, legacy_renegotiation, 0, 1, cipher);
+    /* The goto below is used to avoid an "unused label" warning.*/
+    goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_INJECT_ENTROPY:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CTR_DRBG_C:MBEDTLS_ECP_C:MBEDTLS_ECDSA_C */
+void raw_key_agreement_fail(int bad_server_ecdhe_key)
+{
+    enum { BUFFSIZE = 17000 };
+    mbedtls_test_ssl_endpoint client, server;
+    mbedtls_psa_stats_t stats;
+    size_t free_slots_before = -1;
+
+    mbedtls_ecp_group_id curve_list[] = { MBEDTLS_ECP_DP_SECP256R1,
+                                          MBEDTLS_ECP_DP_NONE };
+
+    mbedtls_platform_zeroize(&client, sizeof(client));
+    mbedtls_platform_zeroize(&server, sizeof(server));
+
+    /* Client side, force SECP256R1 to make one key bitflip fail
+     * the raw key agreement. Flipping the first byte makes the
+     * required 0x04 identifier invalid. */
+    TEST_EQUAL(mbedtls_test_ssl_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT,
+                                              MBEDTLS_PK_ECDSA, NULL, NULL,
+                                              NULL, curve_list), 0);
+
+    /* Server side */
+    TEST_EQUAL(mbedtls_test_ssl_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER,
+                                              MBEDTLS_PK_ECDSA, NULL, NULL,
+                                              NULL, NULL), 0);
+
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_test_mock_socket_connect(&(client.socket),
+                                                &(server.socket),
+                                                BUFFSIZE), 0);
+
+    TEST_EQUAL(mbedtls_test_move_handshake_to_state(
+                   &(client.ssl), &(server.ssl),
+                   MBEDTLS_SSL_CLIENT_KEY_EXCHANGE)
+               , 0);
+
+    mbedtls_psa_get_stats(&stats);
+    /* Save the number of slots in use up to this point.
+     * With PSA, one can be used for the ECDH private key. */
+    free_slots_before = stats.empty_slots;
+
+    if (bad_server_ecdhe_key) {
+        /* Force a simulated bitflip in the server key. to make the
+         * raw key agreement in ssl_write_client_key_exchange fail. */
+        (client.ssl).handshake->ecdh_psa_peerkey[0] ^= 0x02;
+    }
+
+    TEST_EQUAL(mbedtls_test_move_handshake_to_state(
+                   &(client.ssl), &(server.ssl), MBEDTLS_SSL_HANDSHAKE_OVER),
+               bad_server_ecdhe_key ? MBEDTLS_ERR_SSL_HW_ACCEL_FAILED : 0);
+
+    mbedtls_psa_get_stats(&stats);
+
+    /* Make sure that the key slot is already destroyed in case of failure,
+     * without waiting to close the connection. */
+    if (bad_server_ecdhe_key) {
+        TEST_EQUAL(free_slots_before, stats.empty_slots);
+    }
+
+exit:
+    mbedtls_test_ssl_endpoint_free(&client, NULL);
+    mbedtls_test_ssl_endpoint_free(&server, NULL);
+
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE:MBEDTLS_TEST_HOOKS */
+void cookie_parsing(data_t *cookie, int exp_ret)
+{
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
+    size_t len;
+
+    mbedtls_ssl_init(&ssl);
+    USE_PSA_INIT();
+    mbedtls_ssl_config_init(&conf);
+    TEST_EQUAL(mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_SERVER,
+                                           MBEDTLS_SSL_TRANSPORT_DATAGRAM,
+                                           MBEDTLS_SSL_PRESET_DEFAULT),
+               0);
+
+    TEST_EQUAL(mbedtls_ssl_setup(&ssl, &conf), 0);
+    TEST_EQUAL(mbedtls_ssl_check_dtls_clihlo_cookie(&ssl, ssl.cli_id,
+                                                    ssl.cli_id_len,
+                                                    cookie->x, cookie->len,
+                                                    ssl.out_buf,
+                                                    MBEDTLS_SSL_OUT_CONTENT_LEN,
+                                                    &len),
+               exp_ret);
+
+exit:
+    mbedtls_ssl_free(&ssl);
+    mbedtls_ssl_config_free(&conf);
+    USE_PSA_DONE();
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ssl_decrypt.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ssl_decrypt.function
new file mode 100644
index 0000000..39c92ce
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ssl_decrypt.function
@@ -0,0 +1,328 @@
+/* BEGIN_HEADER */
+/* Testing of mbedtls_ssl_decrypt_buf() specifically, focusing on negative
+ * testing (using malformed inputs). */
+
+#include <mbedtls/cipher.h>
+#include <mbedtls/ssl.h>
+#include <test/ssl_helpers.h>
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_SSL_TLS_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_SOME_MODES_USE_MAC */
+void ssl_decrypt_stream(int cipher_type, int hash_id, int trunc_hmac)
+{
+    mbedtls_ssl_transform transform_in, transform_out;
+    mbedtls_ssl_transform_init(&transform_in);
+    mbedtls_ssl_transform_init(&transform_out);
+    mbedtls_record rec_good = {
+        .ctr = { 0 },
+        .type = MBEDTLS_SSL_MSG_APPLICATION_DATA,
+        /* For simplicity, we only test one protocol version (TLS 1.2).
+         * For stream ciphers (unlike CBC), there are no changes in the
+         * data record format between SSL 3.0 and TLS 1.2 inclusive, so
+         * testing a single version should be good enough. */
+        .ver = { MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3 },
+        .buf = NULL,
+        .buf_len = 0,
+        .data_offset = 0,
+        .data_len = 0,
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+        .cid_len = 0,
+        .cid = { 0 },
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+    };
+    const char sample_plaintext[3] = "ABC";
+    mbedtls_cipher_context_t cipher;
+    mbedtls_cipher_init(&cipher);
+    mbedtls_ssl_context ssl;
+    mbedtls_ssl_init(&ssl);
+    uint8_t *buf = NULL;
+
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_test_ssl_build_transforms(&transform_in, &transform_out,
+                                                 cipher_type, hash_id,
+                                                 0, trunc_hmac,
+                                                 rec_good.ver[1],
+                                                 0, 0), 0);
+
+    const size_t plaintext_length = sizeof(sample_plaintext);
+    rec_good.buf_len = plaintext_length + transform_in.maclen;
+    rec_good.data_len = plaintext_length;
+    TEST_CALLOC(rec_good.buf, rec_good.buf_len);
+    memcpy(rec_good.buf, sample_plaintext, plaintext_length);
+    TEST_EQUAL(mbedtls_test_ssl_prepare_record_mac(&rec_good,
+                                                   &transform_out), 0);
+
+    /* Encrypt in place */
+    size_t len;
+    TEST_EQUAL(mbedtls_cipher_crypt(&transform_out.cipher_ctx_enc,
+                                    transform_out.iv_enc, transform_out.ivlen,
+                                    rec_good.buf + rec_good.data_offset,
+                                    rec_good.data_len,
+                                    rec_good.buf + rec_good.data_offset,
+                                    &len), 0);
+    /* This function only supports stream ciphers, which should preserve
+     * the length. */
+    TEST_EQUAL(len, rec_good.data_len);
+
+    /* Good case */
+    mbedtls_record rec = rec_good;
+    TEST_EQUAL(mbedtls_ssl_decrypt_buf(&ssl, &transform_in, &rec), 0);
+
+    /* Change any one byte of the plaintext or MAC. The MAC will be wrong. */
+    TEST_CALLOC(buf, rec.buf_len);
+    for (size_t i = 0; i < rec.buf_len; i++) {
+        mbedtls_test_set_step(i);
+        rec = rec_good;
+        rec.buf = buf;
+        memcpy(buf, rec_good.buf, rec.buf_len);
+        buf[i] ^= 1;
+        TEST_EQUAL(mbedtls_ssl_decrypt_buf(&ssl, &transform_in, &rec),
+                   MBEDTLS_ERR_SSL_INVALID_MAC);
+    }
+    mbedtls_free(buf);
+    buf = NULL;
+
+    /* Shorter input buffer. Either the MAC will be wrong, or there isn't
+     * enough room for a MAC. */
+    for (size_t n = 1; n < rec.buf_len; n++) {
+        mbedtls_test_set_step(n);
+        rec = rec_good;
+        TEST_CALLOC(buf, n);
+        rec.buf = buf;
+        rec.buf_len = n;
+        rec.data_len = n;
+        memcpy(buf, rec_good.buf, n);
+        TEST_EQUAL(mbedtls_ssl_decrypt_buf(&ssl, &transform_in, &rec),
+                   MBEDTLS_ERR_SSL_INVALID_MAC);
+        mbedtls_free(buf);
+        buf = NULL;
+    }
+
+    /* For robustness, check a 0-length buffer (non-null, then null).
+     * This should not reach mbedtls_ssl_decrypt_buf() as used in the library,
+     * so the exact error doesn't matter, but we don't want a crash. */
+    {
+        const uint8_t buf1[1] = { 'a' };
+        rec = rec_good;
+        /* We won't write to buf1[0] since it's out of range, so we can cast
+         * the const away. */
+        rec.buf = (uint8_t *) buf1;
+        rec.buf_len = 0;
+        TEST_EQUAL(mbedtls_ssl_decrypt_buf(&ssl, &transform_in, &rec),
+                   MBEDTLS_ERR_SSL_INTERNAL_ERROR);
+    }
+    rec = rec_good;
+    rec.buf = NULL;
+    rec.buf_len = 0;
+    TEST_EQUAL(mbedtls_ssl_decrypt_buf(&ssl, &transform_in, &rec),
+               MBEDTLS_ERR_SSL_INTERNAL_ERROR);
+
+exit:
+    USE_PSA_DONE();
+    mbedtls_ssl_transform_free(&transform_in);
+    mbedtls_ssl_transform_free(&transform_out);
+    mbedtls_free(rec_good.buf);
+    mbedtls_ssl_free(&ssl);
+    mbedtls_cipher_free(&cipher);
+    mbedtls_free(buf);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2 */
+void ssl_decrypt_non_etm_cbc(int cipher_type, int hash_id, int trunc_hmac,
+                             int length_selector)
+{
+    /*
+     * Test record decryption for CBC without EtM, focused on the verification
+     * of padding and MAC.
+     *
+     * Actually depends on TLS >= 1.0 (SSL 3.0 computes the MAC differently),
+     * and either AES, ARIA, Camellia or DES, but since the test framework
+     * doesn't support alternation in dependency statements, just depend on
+     * TLS 1.2 and AES.
+     *
+     * The length_selector argument is interpreted as follows:
+     * - if it's -1, the plaintext length is 0 and minimal padding is applied
+     * - if it's -2, the plaintext length is 0 and maximal padding is applied
+     * - otherwise it must be in [0, 255] and is padding_length from RFC 5246:
+     *   it's the length of the rest of the padding, that is, excluding the
+     *   byte that encodes the length. The minimal non-zero plaintext length
+     *   that gives this padding_length is automatically selected.
+     */
+    mbedtls_ssl_context ssl; /* ONLY for debugging */
+    mbedtls_ssl_transform t0, t1;
+    mbedtls_record rec, rec_save;
+    unsigned char *buf = NULL, *buf_save = NULL;
+    size_t buflen, olen = 0;
+    size_t plaintext_len, block_size, i;
+    unsigned char padlen; /* excluding the padding_length byte */
+    int exp_ret;
+    const unsigned char pad_max_len = 255; /* Per the standard */
+
+    mbedtls_ssl_init(&ssl);
+    mbedtls_ssl_transform_init(&t0);
+    mbedtls_ssl_transform_init(&t1);
+    USE_PSA_INIT();
+
+    /* Set up transforms with dummy keys */
+    TEST_ASSERT(mbedtls_test_ssl_build_transforms(&t0, &t1, cipher_type, hash_id,
+                                                  0, trunc_hmac,
+                                                  MBEDTLS_SSL_MINOR_VERSION_3,
+                                                  0, 0) == 0);
+
+    /* Determine padding/plaintext length */
+    TEST_ASSERT(length_selector >= -2 && length_selector <= 255);
+    block_size = t0.ivlen;
+    if (length_selector < 0) {
+        plaintext_len = 0;
+
+        /* Minimal padding
+         * The +1 is for the padding_length byte, not counted in padlen. */
+        padlen = block_size - (t0.maclen + 1) % block_size;
+
+        /* Maximal padding? */
+        if (length_selector == -2) {
+            padlen += block_size * ((pad_max_len - padlen) / block_size);
+        }
+    } else {
+        padlen = length_selector;
+
+        /* Minimal non-zero plaintext_length giving desired padding.
+         * The +1 is for the padding_length byte, not counted in padlen. */
+        plaintext_len = block_size - (padlen + t0.maclen + 1) % block_size;
+    }
+
+    /* Prepare a buffer for record data */
+    buflen = block_size
+             + plaintext_len
+             + t0.maclen
+             + padlen + 1;
+    TEST_CALLOC(buf, buflen);
+    TEST_CALLOC(buf_save, buflen);
+
+    /* Prepare a dummy record header */
+    memset(rec.ctr, 0, sizeof(rec.ctr));
+    rec.type    = MBEDTLS_SSL_MSG_APPLICATION_DATA;
+    rec.ver[0]  = MBEDTLS_SSL_MAJOR_VERSION_3;
+    rec.ver[1]  = MBEDTLS_SSL_MINOR_VERSION_3;
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    rec.cid_len = 0;
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+    /* Prepare dummy record content */
+    rec.buf     = buf;
+    rec.buf_len = buflen;
+    rec.data_offset = block_size;
+    rec.data_len = plaintext_len;
+    memset(rec.buf + rec.data_offset, 42, rec.data_len);
+
+    /* Set dummy IV */
+    memset(t0.iv_enc, 0x55, t0.ivlen);
+    memcpy(rec.buf, t0.iv_enc, t0.ivlen);
+
+    /*
+     * Prepare a pre-encryption record (with MAC and padding), and save it.
+     */
+    TEST_EQUAL(0, mbedtls_test_ssl_prepare_record_mac(&rec, &t0));
+
+    /* Pad */
+    memset(rec.buf + rec.data_offset + rec.data_len, padlen, padlen + 1);
+    rec.data_len += padlen + 1;
+
+    /* Save correct pre-encryption record */
+    rec_save = rec;
+    rec_save.buf = buf_save;
+    memcpy(buf_save, buf, buflen);
+
+    /*
+     * Encrypt and decrypt the correct record, expecting success
+     */
+    TEST_EQUAL(0, mbedtls_cipher_crypt(&t0.cipher_ctx_enc,
+                                       t0.iv_enc, t0.ivlen,
+                                       rec.buf + rec.data_offset, rec.data_len,
+                                       rec.buf + rec.data_offset, &olen));
+    rec.data_offset -= t0.ivlen;
+    rec.data_len    += t0.ivlen;
+
+    TEST_EQUAL(0, mbedtls_ssl_decrypt_buf(&ssl, &t1, &rec));
+
+    /*
+     * Modify each byte of the pre-encryption record before encrypting and
+     * decrypting it, expecting failure every time.
+     */
+    for (i = block_size; i < buflen; i++) {
+        mbedtls_test_set_step(i);
+
+        /* Restore correct pre-encryption record */
+        rec = rec_save;
+        rec.buf = buf;
+        memcpy(buf, buf_save, buflen);
+
+        /* Corrupt one byte of the data (could be plaintext, MAC or padding) */
+        rec.buf[i] ^= 0x01;
+
+        /* Encrypt */
+        TEST_EQUAL(0, mbedtls_cipher_crypt(&t0.cipher_ctx_enc,
+                                           t0.iv_enc, t0.ivlen,
+                                           rec.buf + rec.data_offset, rec.data_len,
+                                           rec.buf + rec.data_offset, &olen));
+        rec.data_offset -= t0.ivlen;
+        rec.data_len    += t0.ivlen;
+
+        /* Decrypt and expect failure */
+        TEST_EQUAL(MBEDTLS_ERR_SSL_INVALID_MAC,
+                   mbedtls_ssl_decrypt_buf(&ssl, &t1, &rec));
+    }
+
+    /*
+     * Use larger values of the padding bytes - with small buffers, this tests
+     * the case where the announced padlen would be larger than the buffer
+     * (and before that, than the buffer minus the size of the MAC), to make
+     * sure our padding checking code does not perform any out-of-bounds reads
+     * in this case. (With larger buffers, ie when the plaintext is long or
+     * maximal length padding is used, this is less relevant but still doesn't
+     * hurt to test.)
+     *
+     * (Start the loop with correct padding, just to double-check that record
+     * saving did work, and that we're overwriting the correct bytes.)
+     */
+    for (i = padlen; i <= pad_max_len; i++) {
+        mbedtls_test_set_step(i);
+
+        /* Restore correct pre-encryption record */
+        rec = rec_save;
+        rec.buf = buf;
+        memcpy(buf, buf_save, buflen);
+
+        /* Set padding bytes to new value */
+        memset(buf + buflen - padlen - 1, i, padlen + 1);
+
+        /* Encrypt */
+        TEST_EQUAL(0, mbedtls_cipher_crypt(&t0.cipher_ctx_enc,
+                                           t0.iv_enc, t0.ivlen,
+                                           rec.buf + rec.data_offset, rec.data_len,
+                                           rec.buf + rec.data_offset, &olen));
+        rec.data_offset -= t0.ivlen;
+        rec.data_len    += t0.ivlen;
+
+        /* Decrypt and expect failure except the first time */
+        exp_ret = (i == padlen) ? 0 : MBEDTLS_ERR_SSL_INVALID_MAC;
+        TEST_EQUAL(exp_ret, mbedtls_ssl_decrypt_buf(&ssl, &t1, &rec));
+    }
+
+exit:
+    mbedtls_ssl_free(&ssl);
+    mbedtls_ssl_transform_free(&t0);
+    mbedtls_ssl_transform_free(&t1);
+    mbedtls_free(buf);
+    mbedtls_free(buf_save);
+    USE_PSA_DONE();
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ssl_decrypt.misc.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ssl_decrypt.misc.data
new file mode 100644
index 0000000..770ca6f
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_ssl_decrypt.misc.data
@@ -0,0 +1,1087 @@
+Decrypt null cipher, MD5
+depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_MD5_C
+ssl_decrypt_stream:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:0
+
+Decrypt null cipher, MD5 trunc
+depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_MD5_C
+ssl_decrypt_stream:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1
+
+Decrypt null cipher, SHA-1
+depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SHA1_C
+ssl_decrypt_stream:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:0
+
+Decrypt null cipher, SHA-1 trunc
+depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SHA1_C
+ssl_decrypt_stream:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:1
+
+Decrypt null cipher, SHA-256
+depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SHA256_C
+ssl_decrypt_stream:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:0
+
+Decrypt null cipher, SHA-256 trunc
+depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SHA256_C
+ssl_decrypt_stream:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:1
+
+Decrypt null cipher, SHA-384
+depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_stream:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0
+
+Decrypt null cipher, SHA-384 trunc
+depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_stream:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1
+
+Decrypt RC4, MD5
+depends_on:MBEDTLS_ARC4_C:MBEDTLS_MD5_C
+ssl_decrypt_stream:MBEDTLS_CIPHER_ARC4_128:MBEDTLS_MD_MD5:0
+
+Decrypt RC4, MD5 trunc
+depends_on:MBEDTLS_ARC4_C:MBEDTLS_MD5_C
+ssl_decrypt_stream:MBEDTLS_CIPHER_ARC4_128:MBEDTLS_MD_MD5:1
+
+Decrypt RC4, SHA-1
+depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C
+ssl_decrypt_stream:MBEDTLS_CIPHER_ARC4_128:MBEDTLS_MD_SHA1:0
+
+Decrypt RC4, SHA-1 trunc
+depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C
+ssl_decrypt_stream:MBEDTLS_CIPHER_ARC4_128:MBEDTLS_MD_SHA1:1
+
+Decrypt RC4, SHA-256
+depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA256_C
+ssl_decrypt_stream:MBEDTLS_CIPHER_ARC4_128:MBEDTLS_MD_SHA256:0
+
+Decrypt RC4, SHA-256 trunc
+depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA256_C
+ssl_decrypt_stream:MBEDTLS_CIPHER_ARC4_128:MBEDTLS_MD_SHA256:1
+
+Decrypt RC4, SHA-384
+depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_stream:MBEDTLS_CIPHER_ARC4_128:MBEDTLS_MD_SHA384:0
+
+Decrypt RC4, SHA-384 trunc
+depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_stream:MBEDTLS_CIPHER_ARC4_128:MBEDTLS_MD_SHA384:1
+
+Decrypt CBC !EtM, AES MD5 !trunc, empty plaintext, minpad
+depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:-1
+
+Decrypt CBC !EtM, AES MD5 !trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:-2
+
+Decrypt CBC !EtM, AES MD5 trunc, empty plaintext, minpad
+depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:-1
+
+Decrypt CBC !EtM, AES MD5 trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:-2
+
+Decrypt CBC !EtM, AES MD5 !trunc, padlen=0
+depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0
+
+Decrypt CBC !EtM, AES MD5 !trunc, padlen=240
+depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:240
+
+Decrypt CBC !EtM, AES MD5 trunc, padlen=0
+depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0
+
+Decrypt CBC !EtM, AES MD5 trunc, padlen=240
+depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:240
+
+Decrypt CBC !EtM, AES MD5 !trunc, padlen=1
+depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:1
+
+Decrypt CBC !EtM, AES MD5 !trunc, padlen=241
+depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:241
+
+Decrypt CBC !EtM, AES MD5 trunc, padlen=1
+depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:1
+
+Decrypt CBC !EtM, AES MD5 trunc, padlen=241
+depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:241
+
+Decrypt CBC !EtM, AES MD5 !trunc, padlen=15
+depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:15
+
+Decrypt CBC !EtM, AES MD5 !trunc, padlen=255
+depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:255
+
+Decrypt CBC !EtM, AES MD5 trunc, padlen=15
+depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:15
+
+Decrypt CBC !EtM, AES MD5 trunc, padlen=255
+depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:255
+
+Decrypt CBC !EtM, AES SHA1 !trunc, empty plaintext, minpad
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:-1
+
+Decrypt CBC !EtM, AES SHA1 !trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:-2
+
+Decrypt CBC !EtM, AES SHA1 trunc, empty plaintext, minpad
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:-1
+
+Decrypt CBC !EtM, AES SHA1 trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:-2
+
+Decrypt CBC !EtM, AES SHA1 !trunc, padlen=0
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0
+
+Decrypt CBC !EtM, AES SHA1 !trunc, padlen=240
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:240
+
+Decrypt CBC !EtM, AES SHA1 trunc, padlen=0
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0
+
+Decrypt CBC !EtM, AES SHA1 trunc, padlen=240
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:240
+
+Decrypt CBC !EtM, AES SHA1 !trunc, padlen=1
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:1
+
+Decrypt CBC !EtM, AES SHA1 !trunc, padlen=241
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:241
+
+Decrypt CBC !EtM, AES SHA1 trunc, padlen=1
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:1
+
+Decrypt CBC !EtM, AES SHA1 trunc, padlen=241
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:241
+
+Decrypt CBC !EtM, AES SHA1 !trunc, padlen=15
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:15
+
+Decrypt CBC !EtM, AES SHA1 !trunc, padlen=255
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:255
+
+Decrypt CBC !EtM, AES SHA1 trunc, padlen=15
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:15
+
+Decrypt CBC !EtM, AES SHA1 trunc, padlen=255
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:255
+
+Decrypt CBC !EtM, AES SHA256 !trunc, empty plaintext, minpad
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:-1
+
+Decrypt CBC !EtM, AES SHA256 !trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:-2
+
+Decrypt CBC !EtM, AES SHA256 trunc, empty plaintext, minpad
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:-1
+
+Decrypt CBC !EtM, AES SHA256 trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:-2
+
+Decrypt CBC !EtM, AES SHA256 !trunc, padlen=0
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0
+
+Decrypt CBC !EtM, AES SHA256 !trunc, padlen=240
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:240
+
+Decrypt CBC !EtM, AES SHA256 trunc, padlen=0
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0
+
+Decrypt CBC !EtM, AES SHA256 trunc, padlen=240
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:240
+
+Decrypt CBC !EtM, AES SHA256 !trunc, padlen=1
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:1
+
+Decrypt CBC !EtM, AES SHA256 !trunc, padlen=241
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:241
+
+Decrypt CBC !EtM, AES SHA256 trunc, padlen=1
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:1
+
+Decrypt CBC !EtM, AES SHA256 trunc, padlen=241
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:241
+
+Decrypt CBC !EtM, AES SHA256 !trunc, padlen=15
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:15
+
+Decrypt CBC !EtM, AES SHA256 !trunc, padlen=255
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:255
+
+Decrypt CBC !EtM, AES SHA256 trunc, padlen=15
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:15
+
+Decrypt CBC !EtM, AES SHA256 trunc, padlen=255
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:255
+
+Decrypt CBC !EtM, AES SHA384 !trunc, empty plaintext, minpad
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:-1
+
+Decrypt CBC !EtM, AES SHA384 !trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:-2
+
+Decrypt CBC !EtM, AES SHA384 trunc, empty plaintext, minpad
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:-1
+
+Decrypt CBC !EtM, AES SHA384 trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:-2
+
+Decrypt CBC !EtM, AES SHA384 !trunc, padlen=0
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0
+
+Decrypt CBC !EtM, AES SHA384 !trunc, padlen=240
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:240
+
+Decrypt CBC !EtM, AES SHA384 trunc, padlen=0
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0
+
+Decrypt CBC !EtM, AES SHA384 trunc, padlen=240
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:240
+
+Decrypt CBC !EtM, AES SHA384 !trunc, padlen=1
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1
+
+Decrypt CBC !EtM, AES SHA384 !trunc, padlen=241
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:241
+
+Decrypt CBC !EtM, AES SHA384 trunc, padlen=1
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:1
+
+Decrypt CBC !EtM, AES SHA384 trunc, padlen=241
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:241
+
+Decrypt CBC !EtM, AES SHA384 !trunc, padlen=15
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:15
+
+Decrypt CBC !EtM, AES SHA384 !trunc, padlen=255
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:255
+
+Decrypt CBC !EtM, AES SHA384 trunc, padlen=15
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:15
+
+Decrypt CBC !EtM, AES SHA384 trunc, padlen=255
+depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:255
+
+Decrypt CBC !EtM, ARIA MD5 !trunc, empty plaintext, minpad
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:-1
+
+Decrypt CBC !EtM, ARIA MD5 !trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:-2
+
+Decrypt CBC !EtM, ARIA MD5 trunc, empty plaintext, minpad
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:-1
+
+Decrypt CBC !EtM, ARIA MD5 trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:-2
+
+Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=0
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0
+
+Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=240
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:240
+
+Decrypt CBC !EtM, ARIA MD5 trunc, padlen=0
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0
+
+Decrypt CBC !EtM, ARIA MD5 trunc, padlen=240
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:240
+
+Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=1
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:1
+
+Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=241
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:241
+
+Decrypt CBC !EtM, ARIA MD5 trunc, padlen=1
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:1
+
+Decrypt CBC !EtM, ARIA MD5 trunc, padlen=241
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:241
+
+Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=15
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:15
+
+Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=255
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:255
+
+Decrypt CBC !EtM, ARIA MD5 trunc, padlen=15
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:15
+
+Decrypt CBC !EtM, ARIA MD5 trunc, padlen=255
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:255
+
+Decrypt CBC !EtM, ARIA SHA1 !trunc, empty plaintext, minpad
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:-1
+
+Decrypt CBC !EtM, ARIA SHA1 !trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:-2
+
+Decrypt CBC !EtM, ARIA SHA1 trunc, empty plaintext, minpad
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:-1
+
+Decrypt CBC !EtM, ARIA SHA1 trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:-2
+
+Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=0
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0
+
+Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=240
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:240
+
+Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=0
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0
+
+Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=240
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:240
+
+Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=1
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:1
+
+Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=241
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:241
+
+Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=1
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:1
+
+Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=241
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:241
+
+Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=15
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:15
+
+Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=255
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:255
+
+Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=15
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:15
+
+Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=255
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:255
+
+Decrypt CBC !EtM, ARIA SHA256 !trunc, empty plaintext, minpad
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:-1
+
+Decrypt CBC !EtM, ARIA SHA256 !trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:-2
+
+Decrypt CBC !EtM, ARIA SHA256 trunc, empty plaintext, minpad
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:-1
+
+Decrypt CBC !EtM, ARIA SHA256 trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:-2
+
+Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=0
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0
+
+Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=240
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:240
+
+Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=0
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0
+
+Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=240
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:240
+
+Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=1
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:1
+
+Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=241
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:241
+
+Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=1
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:1
+
+Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=241
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:241
+
+Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=15
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:15
+
+Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=255
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:255
+
+Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=15
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:15
+
+Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=255
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:255
+
+Decrypt CBC !EtM, ARIA SHA384 !trunc, empty plaintext, minpad
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:-1
+
+Decrypt CBC !EtM, ARIA SHA384 !trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:-2
+
+Decrypt CBC !EtM, ARIA SHA384 trunc, empty plaintext, minpad
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:-1
+
+Decrypt CBC !EtM, ARIA SHA384 trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:-2
+
+Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=0
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0
+
+Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=240
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:240
+
+Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=0
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0
+
+Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=240
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:240
+
+Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=1
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1
+
+Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=241
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:241
+
+Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=1
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:1
+
+Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=241
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:241
+
+Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=15
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:15
+
+Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=255
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:255
+
+Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=15
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:15
+
+Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=255
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:255
+
+Decrypt CBC !EtM, CAMELLIA MD5 !trunc, empty plaintext, minpad
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:-1
+
+Decrypt CBC !EtM, CAMELLIA MD5 !trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:-2
+
+Decrypt CBC !EtM, CAMELLIA MD5 trunc, empty plaintext, minpad
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:-1
+
+Decrypt CBC !EtM, CAMELLIA MD5 trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:-2
+
+Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=0
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0
+
+Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=240
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:240
+
+Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=0
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0
+
+Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=240
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:240
+
+Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=1
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:1
+
+Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=241
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:241
+
+Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=1
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:1
+
+Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=241
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:241
+
+Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=15
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:15
+
+Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=255
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:255
+
+Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=15
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:15
+
+Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=255
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:255
+
+Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, empty plaintext, minpad
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:-1
+
+Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:-2
+
+Decrypt CBC !EtM, CAMELLIA SHA1 trunc, empty plaintext, minpad
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:-1
+
+Decrypt CBC !EtM, CAMELLIA SHA1 trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:-2
+
+Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=0
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0
+
+Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=240
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:240
+
+Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=0
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0
+
+Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=240
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:240
+
+Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=1
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:1
+
+Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=241
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:241
+
+Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=1
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:1
+
+Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=241
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:241
+
+Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=15
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:15
+
+Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=255
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:255
+
+Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=15
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:15
+
+Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=255
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:255
+
+Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, empty plaintext, minpad
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:-1
+
+Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:-2
+
+Decrypt CBC !EtM, CAMELLIA SHA256 trunc, empty plaintext, minpad
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:-1
+
+Decrypt CBC !EtM, CAMELLIA SHA256 trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:-2
+
+Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=0
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0
+
+Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=240
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:240
+
+Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=0
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0
+
+Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=240
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:240
+
+Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=1
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:1
+
+Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=241
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:241
+
+Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=1
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:1
+
+Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=241
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:241
+
+Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=15
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:15
+
+Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=255
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:255
+
+Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=15
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:15
+
+Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=255
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:255
+
+Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, empty plaintext, minpad
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:-1
+
+Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:-2
+
+Decrypt CBC !EtM, CAMELLIA SHA384 trunc, empty plaintext, minpad
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:-1
+
+Decrypt CBC !EtM, CAMELLIA SHA384 trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:-2
+
+Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=0
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0
+
+Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=240
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:240
+
+Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=0
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0
+
+Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=240
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:240
+
+Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=1
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1
+
+Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=241
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:241
+
+Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=1
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:1
+
+Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=241
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:241
+
+Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=15
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:15
+
+Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=255
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:255
+
+Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=15
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:15
+
+Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=255
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:255
+
+Decrypt CBC !EtM, 3DES MD5 !trunc, empty plaintext, minpad
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:-1
+
+Decrypt CBC !EtM, 3DES MD5 !trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:-2
+
+Decrypt CBC !EtM, 3DES MD5 trunc, empty plaintext, minpad
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:-1
+
+Decrypt CBC !EtM, 3DES MD5 trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:-2
+
+Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=0
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:0
+
+Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=248
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:248
+
+Decrypt CBC !EtM, 3DES MD5 trunc, padlen=0
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:0
+
+Decrypt CBC !EtM, 3DES MD5 trunc, padlen=248
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:248
+
+Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=1
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:1
+
+Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=249
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:249
+
+Decrypt CBC !EtM, 3DES MD5 trunc, padlen=1
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:1
+
+Decrypt CBC !EtM, 3DES MD5 trunc, padlen=249
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:249
+
+Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:7
+
+Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=255
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:255
+
+Decrypt CBC !EtM, 3DES MD5 trunc, padlen=7
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:7
+
+Decrypt CBC !EtM, 3DES MD5 trunc, padlen=255
+depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:255
+
+Decrypt CBC !EtM, 3DES SHA1 !trunc, empty plaintext, minpad
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:-1
+
+Decrypt CBC !EtM, 3DES SHA1 !trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:-2
+
+Decrypt CBC !EtM, 3DES SHA1 trunc, empty plaintext, minpad
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:-1
+
+Decrypt CBC !EtM, 3DES SHA1 trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:-2
+
+Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=0
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:0
+
+Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=248
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:248
+
+Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=0
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:0
+
+Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=248
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:248
+
+Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=1
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:1
+
+Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=249
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:249
+
+Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=1
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:1
+
+Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=249
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:249
+
+Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=7
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:7
+
+Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=255
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:255
+
+Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=7
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:7
+
+Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=255
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:255
+
+Decrypt CBC !EtM, 3DES SHA256 !trunc, empty plaintext, minpad
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:-1
+
+Decrypt CBC !EtM, 3DES SHA256 !trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:-2
+
+Decrypt CBC !EtM, 3DES SHA256 trunc, empty plaintext, minpad
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:-1
+
+Decrypt CBC !EtM, 3DES SHA256 trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:-2
+
+Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=0
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:0
+
+Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=248
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:248
+
+Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=0
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:0
+
+Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=248
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:248
+
+Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=1
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:1
+
+Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=249
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:249
+
+Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=1
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:1
+
+Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=249
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:249
+
+Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=7
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:7
+
+Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=255
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:255
+
+Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=7
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:7
+
+Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=255
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:255
+
+Decrypt CBC !EtM, 3DES SHA384 !trunc, empty plaintext, minpad
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:-1
+
+Decrypt CBC !EtM, 3DES SHA384 !trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:-2
+
+Decrypt CBC !EtM, 3DES SHA384 trunc, empty plaintext, minpad
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:-1
+
+Decrypt CBC !EtM, 3DES SHA384 trunc, empty plaintext, maxpad
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:-2
+
+Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=0
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:0
+
+Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=248
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:248
+
+Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=0
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:0
+
+Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=248
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:248
+
+Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=1
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:1
+
+Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=249
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:249
+
+Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=1
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:1
+
+Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=249
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:249
+
+Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=7
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:7
+
+Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=255
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:255
+
+Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=7
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:7
+
+Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=255
+depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
+ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:255
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_timing.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_timing.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_timing.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_timing.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_timing.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_timing.function
new file mode 100644
index 0000000..269922d
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_timing.function
@@ -0,0 +1,80 @@
+/* BEGIN_HEADER */
+
+/* This test module exercises the timing module. Since, depending on the
+ * underlying operating system, the timing routines are not always reliable,
+ * this suite only performs very basic sanity checks of the timing API.
+ */
+
+#include <limits.h>
+
+#include "mbedtls/timing.h"
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_TIMING_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void timing_hardclock()
+{
+    (void) mbedtls_timing_hardclock();
+    /* This goto is added to avoid warnings from the generated code. */
+    goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void timing_get_timer()
+{
+    struct mbedtls_timing_hr_time time;
+
+    memset(&time, 0, sizeof(time));
+
+    (void) mbedtls_timing_get_timer(&time, 1);
+
+    /* Check that a non-zero time was written back */
+    int all_zero = 1;
+    for (size_t i = 0; i < sizeof(time); i++) {
+        all_zero &= ((unsigned char *) &time)[i] == 0;
+    }
+    TEST_ASSERT(!all_zero);
+
+    (void) mbedtls_timing_get_timer(&time, 0);
+
+    /* This goto is added to avoid warnings from the generated code. */
+    goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void timing_set_alarm(int seconds)
+{
+    if (seconds == 0) {
+        mbedtls_set_alarm(seconds);
+        TEST_ASSERT(mbedtls_timing_alarmed == 1);
+    } else {
+        mbedtls_set_alarm(seconds);
+        TEST_ASSERT(mbedtls_timing_alarmed == 0 ||
+                    mbedtls_timing_alarmed == 1);
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void timing_delay(int fin_ms)
+{
+    mbedtls_timing_delay_context ctx;
+    int result;
+    if (fin_ms == 0) {
+        mbedtls_timing_set_delay(&ctx, 0, 0);
+        result = mbedtls_timing_get_delay(&ctx);
+        TEST_ASSERT(result == -1);
+    } else {
+        mbedtls_timing_set_delay(&ctx, fin_ms / 2, fin_ms);
+        result = mbedtls_timing_get_delay(&ctx);
+        TEST_ASSERT(result >= 0 && result <= 2);
+    }
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_version.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_version.data
new file mode 100644
index 0000000..7d8f252
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_version.data
@@ -0,0 +1,15 @@
+Check compile time library version
+check_compiletime_version:"2.28.7"
+
+Check runtime library version
+check_runtime_version:"2.28.7"
+
+Check for MBEDTLS_VERSION_C
+check_feature:"MBEDTLS_VERSION_C":0
+
+Check for MBEDTLS_AES_C when already present
+depends_on:MBEDTLS_AES_C
+check_feature:"MBEDTLS_AES_C":0
+
+Check for unknown define
+check_feature:"MBEDTLS_UNKNOWN":-1
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_version.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_version.function
new file mode 100644
index 0000000..eeae512
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_version.function
@@ -0,0 +1,73 @@
+/* BEGIN_HEADER */
+#include "mbedtls/version.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_VERSION_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void check_compiletime_version(char *version_str)
+{
+    char build_str[100];
+    char build_str_full[100];
+    unsigned int build_int;
+
+    memset(build_str, 0, 100);
+    memset(build_str_full, 0, 100);
+
+    mbedtls_snprintf(build_str, 100, "%d.%d.%d", MBEDTLS_VERSION_MAJOR,
+                     MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH);
+
+    mbedtls_snprintf(build_str_full, 100, "Mbed TLS %d.%d.%d", MBEDTLS_VERSION_MAJOR,
+                     MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH);
+
+    build_int = MBEDTLS_VERSION_MAJOR << 24 |
+                MBEDTLS_VERSION_MINOR << 16 |
+                MBEDTLS_VERSION_PATCH << 8;
+
+    TEST_ASSERT(build_int == MBEDTLS_VERSION_NUMBER);
+    TEST_ASSERT(strcmp(build_str, MBEDTLS_VERSION_STRING) == 0);
+    TEST_ASSERT(strcmp(build_str_full, MBEDTLS_VERSION_STRING_FULL) == 0);
+    TEST_ASSERT(strcmp(version_str, MBEDTLS_VERSION_STRING) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void check_runtime_version(char *version_str)
+{
+    char build_str[100];
+    char get_str[100];
+    char build_str_full[100];
+    char get_str_full[100];
+    unsigned int get_int;
+
+    memset(build_str, 0, 100);
+    memset(get_str, 0, 100);
+    memset(build_str_full, 0, 100);
+    memset(get_str_full, 0, 100);
+
+    get_int = mbedtls_version_get_number();
+    mbedtls_version_get_string(get_str);
+    mbedtls_version_get_string_full(get_str_full);
+
+    mbedtls_snprintf(build_str, 100, "%u.%u.%u",
+                     (get_int >> 24) & 0xFF,
+                     (get_int >> 16) & 0xFF,
+                     (get_int >> 8) & 0xFF);
+    mbedtls_snprintf(build_str_full, 100, "Mbed TLS %s", version_str);
+
+    TEST_ASSERT(strcmp(build_str, version_str) == 0);
+    TEST_ASSERT(strcmp(build_str_full, get_str_full) == 0);
+    TEST_ASSERT(strcmp(version_str, get_str) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_VERSION_FEATURES */
+void check_feature(char *feature, int result)
+{
+    int check = mbedtls_version_check_feature(feature);
+    TEST_ASSERT(check == result);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_x509parse.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_x509parse.data
similarity index 80%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_x509parse.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_x509parse.data
index 3b84609..406a063 100644
--- a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_x509parse.data
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_x509parse.data
@@ -1,366 +1,378 @@
 X509 CRT information #1
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
-x509_cert_info:"data_files/server1.crt":"cert. version     \: 3\nserial number     \: 01\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/server1.crt":"cert. version     \: 3\nserial number     \: 01\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information #1 (DER)
 depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
-x509_cert_info:"data_files/server1.crt.der":"cert. version     \: 3\nserial number     \: 01\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/server1.crt.der":"cert. version     \: 3\nserial number     \: 01\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information #2
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
-x509_cert_info:"data_files/server2.crt":"cert. version     \: 3\nserial number     \: 02\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/server2.crt":"cert. version     \: 3\nserial number     \: 02\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information #2 (DER)
 depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
-x509_cert_info:"data_files/server2.crt.der":"cert. version     \: 3\nserial number     \: 02\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/server2.crt.der":"cert. version     \: 3\nserial number     \: 02\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information #3
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
-x509_cert_info:"data_files/test-ca.crt":"cert. version     \: 3\nserial number     \: 03\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued  on        \: 2019-02-10 14\:44\:00\nexpires on        \: 2029-02-10 14\:44\:00\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nbasic constraints \: CA=true\n"
+x509_cert_info:"data_files/parse_input/test-ca.crt":"cert. version     \: 3\nserial number     \: 03\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued  on        \: 2019-02-10 14\:44\:00\nexpires on        \: 2029-02-10 14\:44\:00\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nbasic constraints \: CA=true\n"
 
 X509 CRT information #3 (DER)
 depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
-x509_cert_info:"data_files/test-ca.crt.der":"cert. version     \: 3\nserial number     \: 03\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued  on        \: 2019-02-10 14\:44\:00\nexpires on        \: 2029-02-10 14\:44\:00\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nbasic constraints \: CA=true\n"
+x509_cert_info:"data_files/parse_input/test-ca.crt.der":"cert. version     \: 3\nserial number     \: 03\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued  on        \: 2019-02-10 14\:44\:00\nexpires on        \: 2029-02-10 14\:44\:00\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nbasic constraints \: CA=true\n"
 
 X509 CRT information MD2 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD2_C
-x509_cert_info:"data_files/cert_md2.crt":"cert. version     \: 3\nserial number     \: 09\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD2\nissued  on        \: 2000-01-01 12\:12\:12\nexpires on        \: 2030-01-01 12\:12\:12\nsigned using      \: RSA with MD2\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/cert_md2.crt":"cert. version     \: 3\nserial number     \: 09\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD2\nissued  on        \: 2000-01-01 12\:12\:12\nexpires on        \: 2030-01-01 12\:12\:12\nsigned using      \: RSA with MD2\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information MD4 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD4_C
-x509_cert_info:"data_files/cert_md4.crt":"cert. version     \: 3\nserial number     \: 05\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD4\nissued  on        \: 2000-01-01 12\:12\:12\nexpires on        \: 2030-01-01 12\:12\:12\nsigned using      \: RSA with MD4\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/cert_md4.crt":"cert. version     \: 3\nserial number     \: 05\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD4\nissued  on        \: 2000-01-01 12\:12\:12\nexpires on        \: 2030-01-01 12\:12\:12\nsigned using      \: RSA with MD4\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information MD5 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD5_C
-x509_cert_info:"data_files/cert_md5.crt":"cert. version     \: 3\nserial number     \: 06\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD5\nissued  on        \: 2000-01-01 12\:12\:12\nexpires on        \: 2030-01-01 12\:12\:12\nsigned using      \: RSA with MD5\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/cert_md5.crt":"cert. version     \: 3\nserial number     \: 06\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD5\nissued  on        \: 2000-01-01 12\:12\:12\nexpires on        \: 2030-01-01 12\:12\:12\nsigned using      \: RSA with MD5\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information SHA1 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
-x509_cert_info:"data_files/cert_sha1.crt":"cert. version     \: 3\nserial number     \: 07\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/cert_sha1.crt":"cert. version     \: 3\nserial number     \: 07\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information SHA224 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/cert_sha224.crt":"cert. version     \: 3\nserial number     \: 08\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA-224\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/cert_sha224.crt":"cert. version     \: 3\nserial number     \: 08\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA-224\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information SHA256 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/cert_sha256.crt":"cert. version     \: 3\nserial number     \: 09\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA-256\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/cert_sha256.crt":"cert. version     \: 3\nserial number     \: 09\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA-256\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information SHA384 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-x509_cert_info:"data_files/cert_sha384.crt":"cert. version     \: 3\nserial number     \: 0A\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA-384\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/cert_sha384.crt":"cert. version     \: 3\nserial number     \: 0A\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA-384\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information SHA512 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA512_C
-x509_cert_info:"data_files/cert_sha512.crt":"cert. version     \: 3\nserial number     \: 0B\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA-512\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/cert_sha512.crt":"cert. version     \: 3\nserial number     \: 0B\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA-512\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information RSA-PSS, SHA1 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C
-x509_cert_info:"data_files/server9.crt":"cert. version     \: 3\nserial number     \: 16\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2014-01-20 13\:38\:16\nexpires on        \: 2024-01-18 13\:38\:16\nsigned using      \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\nRSA key size      \: 1024 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/server9.crt":"cert. version     \: 3\nserial number     \: 16\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2014-01-20 13\:38\:16\nexpires on        \: 2024-01-18 13\:38\:16\nsigned using      \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\nRSA key size      \: 1024 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information RSA-PSS, SHA224 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/server9-sha224.crt":"cert. version     \: 3\nserial number     \: 17\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2014-01-20 13\:57\:36\nexpires on        \: 2024-01-18 13\:57\:36\nsigned using      \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\nRSA key size      \: 1024 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/server9-sha224.crt":"cert. version     \: 3\nserial number     \: 17\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2014-01-20 13\:57\:36\nexpires on        \: 2024-01-18 13\:57\:36\nsigned using      \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\nRSA key size      \: 1024 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information RSA-PSS, SHA256 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/server9-sha256.crt":"cert. version     \: 3\nserial number     \: 18\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2014-01-20 13\:57\:45\nexpires on        \: 2024-01-18 13\:57\:45\nsigned using      \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\nRSA key size      \: 1024 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/server9-sha256.crt":"cert. version     \: 3\nserial number     \: 18\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2014-01-20 13\:57\:45\nexpires on        \: 2024-01-18 13\:57\:45\nsigned using      \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\nRSA key size      \: 1024 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information RSA-PSS, SHA384 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-x509_cert_info:"data_files/server9-sha384.crt":"cert. version     \: 3\nserial number     \: 19\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2014-01-20 13\:57\:58\nexpires on        \: 2024-01-18 13\:57\:58\nsigned using      \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\nRSA key size      \: 1024 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/server9-sha384.crt":"cert. version     \: 3\nserial number     \: 19\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2014-01-20 13\:57\:58\nexpires on        \: 2024-01-18 13\:57\:58\nsigned using      \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\nRSA key size      \: 1024 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information RSA-PSS, SHA512 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C
-x509_cert_info:"data_files/server9-sha512.crt":"cert. version     \: 3\nserial number     \: 1A\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2014-01-20 13\:58\:12\nexpires on        \: 2024-01-18 13\:58\:12\nsigned using      \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\nRSA key size      \: 1024 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/server9-sha512.crt":"cert. version     \: 3\nserial number     \: 1A\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2014-01-20 13\:58\:12\nexpires on        \: 2024-01-18 13\:58\:12\nsigned using      \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\nRSA key size      \: 1024 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information EC, SHA1 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C
-x509_cert_info:"data_files/server5-sha1.crt":"cert. version     \: 3\nserial number     \: 12\nissuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2013-09-24 16\:21\:27\nexpires on        \: 2023-09-22 16\:21\:27\nsigned using      \: ECDSA with SHA1\nEC key size       \: 256 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/server5-sha1.crt":"cert. version     \: 3\nserial number     \: 12\nissuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2013-09-24 16\:21\:27\nexpires on        \: 2023-09-22 16\:21\:27\nsigned using      \: ECDSA with SHA1\nEC key size       \: 256 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information EC, SHA224 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/server5-sha224.crt":"cert. version     \: 3\nserial number     \: 13\nissuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2013-09-24 16\:21\:27\nexpires on        \: 2023-09-22 16\:21\:27\nsigned using      \: ECDSA with SHA224\nEC key size       \: 256 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/server5-sha224.crt":"cert. version     \: 3\nserial number     \: 13\nissuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2013-09-24 16\:21\:27\nexpires on        \: 2023-09-22 16\:21\:27\nsigned using      \: ECDSA with SHA224\nEC key size       \: 256 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information EC, SHA256 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/server5.crt":"cert. version     \: 3\nserial number     \: 09\nissuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2013-09-24 15\:52\:04\nexpires on        \: 2023-09-22 15\:52\:04\nsigned using      \: ECDSA with SHA256\nEC key size       \: 256 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/server5.crt":"cert. version     \: 3\nserial number     \: 09\nissuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2013-09-24 15\:52\:04\nexpires on        \: 2023-09-22 15\:52\:04\nsigned using      \: ECDSA with SHA256\nEC key size       \: 256 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information EC, SHA384 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-x509_cert_info:"data_files/server5-sha384.crt":"cert. version     \: 3\nserial number     \: 14\nissuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2013-09-24 16\:21\:27\nexpires on        \: 2023-09-22 16\:21\:27\nsigned using      \: ECDSA with SHA384\nEC key size       \: 256 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/server5-sha384.crt":"cert. version     \: 3\nserial number     \: 14\nissuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2013-09-24 16\:21\:27\nexpires on        \: 2023-09-22 16\:21\:27\nsigned using      \: ECDSA with SHA384\nEC key size       \: 256 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information EC, SHA512 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C
-x509_cert_info:"data_files/server5-sha512.crt":"cert. version     \: 3\nserial number     \: 15\nissuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2013-09-24 16\:21\:27\nexpires on        \: 2023-09-22 16\:21\:27\nsigned using      \: ECDSA with SHA512\nEC key size       \: 256 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/server5-sha512.crt":"cert. version     \: 3\nserial number     \: 15\nissuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2013-09-24 16\:21\:27\nexpires on        \: 2023-09-22 16\:21\:27\nsigned using      \: ECDSA with SHA512\nEC key size       \: 256 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information EC, SHA256 Digest, hardware module name SAN
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/server5-othername.crt":"cert. version     \: 3\nserial number     \: 4D\nissuer name       \: C=UK, O=Mbed TLS, CN=Mbed TLS othername SAN\nsubject name      \: C=UK, O=Mbed TLS, CN=Mbed TLS othername SAN\nissued  on        \: 2019-03-24 09\:06\:02\nexpires on        \: 2029-03-21 09\:06\:02\nsigned using      \: ECDSA with SHA256\nEC key size       \: 256 bits\nsubject alt name  \:\n    otherName \:\n        hardware module name \:\n            hardware type          \: 1.3.6.1.4.1.17.3\n            hardware serial number \: 123456\n"
+x509_cert_info:"data_files/parse_input/server5-othername.crt":"cert. version     \: 3\nserial number     \: 4D\nissuer name       \: C=UK, O=Mbed TLS, CN=Mbed TLS othername SAN\nsubject name      \: C=UK, O=Mbed TLS, CN=Mbed TLS othername SAN\nissued  on        \: 2019-03-24 09\:06\:02\nexpires on        \: 2029-03-21 09\:06\:02\nsigned using      \: ECDSA with SHA256\nEC key size       \: 256 bits\nsubject alt name  \:\n    otherName \:\n        hardware module name \:\n            hardware type          \: 1.3.6.1.4.1.17.3\n            hardware serial number \: 313233343536\n"
+
+X509 CRT information EC, SHA256 Digest, binary hardware module name SAN
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+x509_cert_info:"data_files/parse_input/server5-nonprintable_othername.crt":"cert. version     \: 3\nserial number     \: 4D\nissuer name       \: C=UK, O=Mbed TLS, CN=Mbed TLS non-printable othername SAN\nsubject name      \: C=UK, O=Mbed TLS, CN=Mbed TLS non-printable othername SAN\nissued  on        \: 2022-09-06 15\:56\:47\nexpires on        \: 2032-09-03 15\:56\:47\nsigned using      \: ECDSA with SHA256\nEC key size       \: 256 bits\nsubject alt name  \:\n    otherName \:\n        hardware module name \:\n            hardware type          \: 1.3.6.1.4.1.17.3\n            hardware serial number \: 3132338081008180333231\n"
 
 X509 CRT information EC, SHA256 Digest, Wisun Fan device
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/server5-fan.crt":"cert. version     \: 3\nserial number     \: 4D\nissuer name       \: C=UK, O=Mbed TLS, CN=Mbed TLS FAN\nsubject name      \: C=UK, O=Mbed TLS, CN=Mbed TLS FAN\nissued  on        \: 2019-03-25 09\:03\:46\nexpires on        \: 2029-03-22 09\:03\:46\nsigned using      \: ECDSA with SHA256\nEC key size       \: 256 bits\next key usage     \: Wi-SUN Alliance Field Area Network (FAN)\n"
+x509_cert_info:"data_files/parse_input/server5-fan.crt":"cert. version     \: 3\nserial number     \: 4D\nissuer name       \: C=UK, O=Mbed TLS, CN=Mbed TLS FAN\nsubject name      \: C=UK, O=Mbed TLS, CN=Mbed TLS FAN\nissued  on        \: 2019-03-25 09\:03\:46\nexpires on        \: 2029-03-22 09\:03\:46\nsigned using      \: ECDSA with SHA256\nEC key size       \: 256 bits\next key usage     \: Wi-SUN Alliance Field Area Network (FAN)\n"
 
 X509 CRT information, NS Cert Type
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
-x509_cert_info:"data_files/server1.cert_type.crt":"cert. version     \: 3\nserial number     \: 01\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\ncert. type        \: SSL Server\n"
+x509_cert_info:"data_files/parse_input/server1.cert_type.crt":"cert. version     \: 3\nserial number     \: 01\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\ncert. type        \: SSL Server\n"
 
 X509 CRT information, Key Usage
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
-x509_cert_info:"data_files/server1.key_usage.crt":"cert. version     \: 3\nserial number     \: 01\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\nkey usage         \: Digital Signature, Non Repudiation, Key Encipherment\n"
+x509_cert_info:"data_files/parse_input/server1.key_usage.crt":"cert. version     \: 3\nserial number     \: 01\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued  on        \: 2019-02-10 14\:44\:06\nexpires on        \: 2029-02-10 14\:44\:06\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\nkey usage         \: Digital Signature, Non Repudiation, Key Encipherment\n"
 
 X509 CRT information, Key Usage with decipherOnly
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
-x509_cert_info:"data_files/keyUsage.decipherOnly.crt":"cert. version     \: 3\nserial number     \: 9B\:13\:CE\:4C\:A5\:6F\:DE\:52\nissuer name       \: C=GB, L=Cambridge, O=Default Company Ltd\nsubject name      \: C=GB, L=Cambridge, O=Default Company Ltd\nissued  on        \: 2015-05-12 10\:36\:55\nexpires on        \: 2018-05-11 10\:36\:55\nsigned using      \: RSA with SHA1\nRSA key size      \: 1024 bits\nbasic constraints \: CA=false\nkey usage         \: Digital Signature, Non Repudiation, Key Encipherment, Decipher Only\n"
+x509_cert_info:"data_files/parse_input/keyUsage.decipherOnly.crt":"cert. version     \: 3\nserial number     \: 9B\:13\:CE\:4C\:A5\:6F\:DE\:52\nissuer name       \: C=GB, L=Cambridge, O=Default Company Ltd\nsubject name      \: C=GB, L=Cambridge, O=Default Company Ltd\nissued  on        \: 2015-05-12 10\:36\:55\nexpires on        \: 2018-05-11 10\:36\:55\nsigned using      \: RSA with SHA1\nRSA key size      \: 1024 bits\nbasic constraints \: CA=false\nkey usage         \: Digital Signature, Non Repudiation, Key Encipherment, Decipher Only\n"
 
 X509 CRT information, Subject Alt Name
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/cert_example_multi.crt":"cert. version     \: 3\nserial number     \: 11\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=www.example.com\nissued  on        \: 2019-07-10 11\:27\:52\nexpires on        \: 2029-07-10 11\:27\:52\nsigned using      \: RSA with SHA-256\nRSA key size      \: 1024 bits\nsubject alt name  \:\n    dNSName \: example.com\n    dNSName \: example.net\n    dNSName \: *.example.org\n"
+x509_cert_info:"data_files/parse_input/cert_example_multi.crt":"cert. version     \: 3\nserial number     \: 11\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=www.example.com\nissued  on        \: 2019-07-10 11\:27\:52\nexpires on        \: 2029-07-10 11\:27\:52\nsigned using      \: RSA with SHA-256\nRSA key size      \: 1024 bits\nsubject alt name  \:\n    dNSName \: example.com\n    dNSName \: example.net\n    dNSName \: *.example.org\n"
 
 X509 CRT information, Multiple different Subject Alt Name
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/multiple_san.crt":"cert. version     \: 3\nserial number     \: 04\nissuer name       \: C=UK, O=Mbed TLS, CN=Mbed TLS multiple othername SAN\nsubject name      \: C=UK, O=Mbed TLS, CN=Mbed TLS multiple othername SAN\nissued  on        \: 2019-04-22 16\:10\:48\nexpires on        \: 2029-04-19 16\:10\:48\nsigned using      \: ECDSA with SHA256\nEC key size       \: 256 bits\nsubject alt name  \:\n    dNSName \: example.com\n    otherName \:\n        hardware module name \:\n            hardware type          \: 1.3.6.1.4.1.17.3\n            hardware serial number \: 123456\n    dNSName \: example.net\n    dNSName \: *.example.org\n"
+x509_cert_info:"data_files/parse_input/multiple_san.crt":"cert. version     \: 3\nserial number     \: 04\nissuer name       \: C=UK, O=Mbed TLS, CN=Mbed TLS multiple othername SAN\nsubject name      \: C=UK, O=Mbed TLS, CN=Mbed TLS multiple othername SAN\nissued  on        \: 2019-04-22 16\:10\:48\nexpires on        \: 2029-04-19 16\:10\:48\nsigned using      \: ECDSA with SHA256\nEC key size       \: 256 bits\nsubject alt name  \:\n    dNSName \: example.com\n    otherName \:\n        hardware module name \:\n            hardware type          \: 1.3.6.1.4.1.17.3\n            hardware serial number \: 313233343536\n    dNSName \: example.net\n    dNSName \: *.example.org\n"
 
 X509 CRT information, Subject Alt Name + Key Usage
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
-x509_cert_info:"data_files/cert_example_multi_nocn.crt":"cert. version     \: 3\nserial number     \: F7\:C6\:7F\:F8\:E9\:A9\:63\:F9\nissuer name       \: C=NL\nsubject name      \: C=NL\nissued  on        \: 2014-01-22 10\:04\:33\nexpires on        \: 2024-01-22 10\:04\:33\nsigned using      \: RSA with SHA1\nRSA key size      \: 1024 bits\nbasic constraints \: CA=false\nsubject alt name  \:\n    dNSName \: www.shotokan-braunschweig.de\n    dNSName \: www.massimo-abate.eu\n    <unsupported>\n    <unsupported>\nkey usage         \: Digital Signature, Non Repudiation, Key Encipherment\n"
+x509_cert_info:"data_files/parse_input/cert_example_multi_nocn.crt":"cert. version     \: 3\nserial number     \: F7\:C6\:7F\:F8\:E9\:A9\:63\:F9\nissuer name       \: C=NL\nsubject name      \: C=NL\nissued  on        \: 2014-01-22 10\:04\:33\nexpires on        \: 2024-01-22 10\:04\:33\nsigned using      \: RSA with SHA1\nRSA key size      \: 1024 bits\nbasic constraints \: CA=false\nsubject alt name  \:\n    dNSName \: www.shotokan-braunschweig.de\n    dNSName \: www.massimo-abate.eu\n    <unsupported>\n    <unsupported>\nkey usage         \: Digital Signature, Non Repudiation, Key Encipherment\n"
 
 X509 CRT information, RSA Certificate Policy any
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/test-ca-any_policy.crt":"cert. version     \: 3\nserial number     \: 00\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued  on        \: 2019-03-21 16\:40\:59\nexpires on        \: 2029-03-21 16\:40\:59\nsigned using      \: RSA with SHA-256\nRSA key size      \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n"
+x509_cert_info:"data_files/parse_input/test-ca-any_policy.crt":"cert. version     \: 3\nserial number     \: 00\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued  on        \: 2019-03-21 16\:40\:59\nexpires on        \: 2029-03-21 16\:40\:59\nsigned using      \: RSA with SHA-256\nRSA key size      \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n"
 
 X509 CRT information, ECDSA Certificate Policy any
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/test-ca-any_policy_ec.crt":"cert. version     \: 3\nserial number     \: 00\nissuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name      \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued  on        \: 2019-03-25 09\:02\:45\nexpires on        \: 2029-03-25 09\:02\:45\nsigned using      \: ECDSA with SHA256\nEC key size       \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n"
+x509_cert_info:"data_files/parse_input/test-ca-any_policy_ec.crt":"cert. version     \: 3\nserial number     \: 00\nissuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name      \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued  on        \: 2019-03-25 09\:02\:45\nexpires on        \: 2029-03-25 09\:02\:45\nsigned using      \: ECDSA with SHA256\nEC key size       \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n"
 
 X509 CRT information, RSA Certificate Policy any with qualifier
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/test-ca-any_policy_with_qualifier.crt":"cert. version     \: 3\nserial number     \: 00\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued  on        \: 2019-04-28 13\:14\:31\nexpires on        \: 2029-04-28 13\:14\:31\nsigned using      \: RSA with SHA-256\nRSA key size      \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n"
+x509_cert_info:"data_files/parse_input/test-ca-any_policy_with_qualifier.crt":"cert. version     \: 3\nserial number     \: 00\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued  on        \: 2019-04-28 13\:14\:31\nexpires on        \: 2029-04-28 13\:14\:31\nsigned using      \: RSA with SHA-256\nRSA key size      \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n"
 
 X509 CRT information, ECDSA Certificate Policy any with qualifier
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/test-ca-any_policy_with_qualifier_ec.crt":"cert. version     \: 3\nserial number     \: 00\nissuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name      \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued  on        \: 2019-04-28 10\:16\:05\nexpires on        \: 2029-04-28 10\:16\:05\nsigned using      \: ECDSA with SHA256\nEC key size       \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n"
+x509_cert_info:"data_files/parse_input/test-ca-any_policy_with_qualifier_ec.crt":"cert. version     \: 3\nserial number     \: 00\nissuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name      \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued  on        \: 2019-04-28 10\:16\:05\nexpires on        \: 2029-04-28 10\:16\:05\nsigned using      \: ECDSA with SHA256\nEC key size       \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n"
 
 X509 CRT information, RSA Certificate multiple Policies
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/test-ca-multi_policy.crt":"cert. version     \: 3\nserial number     \: 00\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued  on        \: 2019-04-28 12\:59\:19\nexpires on        \: 2029-04-28 12\:59\:19\nsigned using      \: RSA with SHA-256\nRSA key size      \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: ???, Any Policy\n"
+x509_cert_info:"data_files/parse_input/test-ca-multi_policy.crt":"cert. version     \: 3\nserial number     \: 00\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued  on        \: 2019-04-28 12\:59\:19\nexpires on        \: 2029-04-28 12\:59\:19\nsigned using      \: RSA with SHA-256\nRSA key size      \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: ???, Any Policy\n"
 
 X509 CRT information, ECDSA Certificate multiple Policies
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/test-ca-multi_policy_ec.crt":"cert. version     \: 3\nserial number     \: 00\nissuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name      \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued  on        \: 2019-04-28 12\:59\:51\nexpires on        \: 2029-04-28 12\:59\:51\nsigned using      \: ECDSA with SHA256\nEC key size       \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: ???, Any Policy\n"
+x509_cert_info:"data_files/parse_input/test-ca-multi_policy_ec.crt":"cert. version     \: 3\nserial number     \: 00\nissuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name      \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued  on        \: 2019-04-28 12\:59\:51\nexpires on        \: 2029-04-28 12\:59\:51\nsigned using      \: ECDSA with SHA256\nEC key size       \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: ???, Any Policy\n"
 
 X509 CRT information, RSA Certificate unsupported policy
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/test-ca-unsupported_policy.crt":"cert. version     \: 3\nserial number     \: 00\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued  on        \: 2019-04-28 13\:00\:13\nexpires on        \: 2029-04-28 13\:00\:13\nsigned using      \: RSA with SHA-256\nRSA key size      \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: ???\n"
+x509_cert_info:"data_files/parse_input/test-ca-unsupported_policy.crt":"cert. version     \: 3\nserial number     \: 00\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued  on        \: 2019-04-28 13\:00\:13\nexpires on        \: 2029-04-28 13\:00\:13\nsigned using      \: RSA with SHA-256\nRSA key size      \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: ???\n"
 
 X509 CRT information, ECDSA Certificate unsupported policy
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/test-ca-unsupported_policy_ec.crt":"cert. version     \: 3\nserial number     \: 00\nissuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name      \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued  on        \: 2019-04-28 13\:00\:19\nexpires on        \: 2029-04-28 13\:00\:19\nsigned using      \: ECDSA with SHA256\nEC key size       \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: ???\n"
+x509_cert_info:"data_files/parse_input/test-ca-unsupported_policy_ec.crt":"cert. version     \: 3\nserial number     \: 00\nissuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name      \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued  on        \: 2019-04-28 13\:00\:19\nexpires on        \: 2029-04-28 13\:00\:19\nsigned using      \: ECDSA with SHA256\nEC key size       \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: ???\n"
 
 X509 CRT information, Key Usage + Extended Key Usage
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/server1.ext_ku.crt":"cert. version     \: 3\nserial number     \: 21\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued  on        \: 2014-04-01 14\:44\:43\nexpires on        \: 2024-03-29 14\:44\:43\nsigned using      \: RSA with SHA-256\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\nkey usage         \: Digital Signature, Non Repudiation, Key Encipherment\next key usage     \: TLS Web Server Authentication\n"
+x509_cert_info:"data_files/parse_input/server1.ext_ku.crt":"cert. version     \: 3\nserial number     \: 21\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued  on        \: 2014-04-01 14\:44\:43\nexpires on        \: 2024-03-29 14\:44\:43\nsigned using      \: RSA with SHA-256\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\nkey usage         \: Digital Signature, Non Repudiation, Key Encipherment\next key usage     \: TLS Web Server Authentication\n"
 
 X509 CRT information RSA signed by EC
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-x509_cert_info:"data_files/server4.crt":"cert. version     \: 3\nserial number     \: 08\nissuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2013-09-24 15\:52\:04\nexpires on        \: 2023-09-22 15\:52\:04\nsigned using      \: ECDSA with SHA256\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/server4.crt":"cert. version     \: 3\nserial number     \: 08\nissuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2013-09-24 15\:52\:04\nexpires on        \: 2023-09-22 15\:52\:04\nsigned using      \: ECDSA with SHA256\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information EC signed by RSA
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C
-x509_cert_info:"data_files/server3.crt":"cert. version     \: 3\nserial number     \: 0D\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2013-08-09 09\:17\:03\nexpires on        \: 2023-08-07 09\:17\:03\nsigned using      \: RSA with SHA1\nEC key size       \: 192 bits\nbasic constraints \: CA=false\n"
+x509_cert_info:"data_files/parse_input/server3.crt":"cert. version     \: 3\nserial number     \: 0D\nissuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name      \: C=NL, O=PolarSSL, CN=localhost\nissued  on        \: 2013-08-09 09\:17\:03\nexpires on        \: 2023-08-07 09\:17\:03\nsigned using      \: RSA with SHA1\nEC key size       \: 192 bits\nbasic constraints \: CA=false\n"
 
 X509 CRT information Bitstring in subject name
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
-x509_cert_info:"data_files/bitstring-in-dn.pem":"cert. version     \: 3\nserial number     \: 02\nissuer name       \: CN=Test CA 01, ST=Ecnivorp, C=XX, emailAddress=tca@example.com, O=Test CA Authority\nsubject name      \: C=XX, O=tca, ST=Ecnivorp, OU=TCA, CN=Client, emailAddress=client@example.com, serialNumber=7101012255, uniqueIdentifier=?7101012255\nissued  on        \: 2015-03-11 12\:06\:51\nexpires on        \: 2025-03-08 12\:06\:51\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name  \:\n    <unsupported>\next key usage     \: TLS Web Client Authentication\n"
+x509_cert_info:"data_files/parse_input/bitstring-in-dn.pem":"cert. version     \: 3\nserial number     \: 02\nissuer name       \: CN=Test CA 01, ST=Ecnivorp, C=XX, emailAddress=tca@example.com, O=Test CA Authority\nsubject name      \: C=XX, O=tca, ST=Ecnivorp, OU=TCA, CN=Client, emailAddress=client@example.com, serialNumber=7101012255, uniqueIdentifier=?7101012255\nissued  on        \: 2015-03-11 12\:06\:51\nexpires on        \: 2025-03-08 12\:06\:51\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name  \:\n    <unsupported>\next key usage     \: TLS Web Client Authentication\n"
 
 X509 CRT information Non-ASCII string in issuer name and subject name
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/non-ascii-string-in-issuer.crt":"cert. version     \: 3\nserial number     \: 05\:E6\:53\:E7\:1B\:74\:F0\:B5\:D3\:84\:6D\:0C\:6D\:DC\:FA\:3F\:A4\:5A\:2B\:E0\nissuer name       \: C=JP, ST=Tokyo, O=?????????????????? Ltd, CN=?????????????????? CA\nsubject name      \: C=JP, ST=Tokyo, O=?????????????????? Ltd, CN=?????????????????? CA\nissued  on        \: 2020-05-20 16\:17\:23\nexpires on        \: 2020-06-19 16\:17\:23\nsigned using      \: RSA with SHA-256\nRSA key size      \: 2048 bits\nbasic constraints \: CA=true\n"
+x509_cert_info:"data_files/parse_input/non-ascii-string-in-issuer.crt":"cert. version     \: 3\nserial number     \: 05\:E6\:53\:E7\:1B\:74\:F0\:B5\:D3\:84\:6D\:0C\:6D\:DC\:FA\:3F\:A4\:5A\:2B\:E0\nissuer name       \: C=JP, ST=Tokyo, O=?????????????????? Ltd, CN=?????????????????? CA\nsubject name      \: C=JP, ST=Tokyo, O=?????????????????? Ltd, CN=?????????????????? CA\nissued  on        \: 2020-05-20 16\:17\:23\nexpires on        \: 2020-06-19 16\:17\:23\nsigned using      \: RSA with SHA-256\nRSA key size      \: 2048 bits\nbasic constraints \: CA=true\n"
 
 X509 certificate v1 with extension
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_SHA1_C
-x509_cert_info:"data_files/cert_v1_with_ext.crt":"cert. version     \: 1\nserial number     \: BD\:ED\:44\:C7\:D2\:3E\:C2\:A4\nissuer name       \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nsubject name      \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nissued  on        \: 2013-07-04 16\:17\:02\nexpires on        \: 2014-07-04 16\:17\:02\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nsubject alt name  \:\n    dNSName \: identity-check.org\n    dNSName \: www.identity-check.org\n    <unsupported>\n"
+x509_cert_info:"data_files/parse_input/cert_v1_with_ext.crt":"cert. version     \: 1\nserial number     \: BD\:ED\:44\:C7\:D2\:3E\:C2\:A4\nissuer name       \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nsubject name      \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nissued  on        \: 2013-07-04 16\:17\:02\nexpires on        \: 2014-07-04 16\:17\:02\nsigned using      \: RSA with SHA1\nRSA key size      \: 2048 bits\nsubject alt name  \:\n    dNSName \: identity-check.org\n    dNSName \: www.identity-check.org\n    <unsupported>\n"
 
 X509 SAN parsing otherName
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-x509_parse_san:"data_files/server5-othername.crt":"type \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 123456\n"
+x509_parse_san:"data_files/parse_input/server5-othername.crt":"type \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 313233343536\n"
+
+X509 SAN parsing binary otherName
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+x509_parse_san:"data_files/parse_input/server5-nonprintable_othername.crt":"type \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 3132338081008180333231\n"
 
 X509 SAN parsing dNSName
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-x509_parse_san:"data_files/cert_example_multi.crt":"type \: 2\ndNSName \: example.com\ntype \: 2\ndNSName \: example.net\ntype \: 2\ndNSName \: *.example.org\n"
+x509_parse_san:"data_files/parse_input/cert_example_multi.crt":"type \: 2\ndNSName \: example.com\ntype \: 2\ndNSName \: example.net\ntype \: 2\ndNSName \: *.example.org\n"
 
 X509 SAN parsing  Multiple different types
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-x509_parse_san:"data_files/multiple_san.crt":"type \: 2\ndNSName \: example.com\ntype \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 123456\ntype \: 2\ndNSName \: example.net\ntype \: 2\ndNSName \: *.example.org\n"
+x509_parse_san:"data_files/parse_input/multiple_san.crt":"type \: 2\ndNSName \: example.com\ntype \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 313233343536\ntype \: 2\ndNSName \: example.net\ntype \: 2\ndNSName \: *.example.org\n"
 
 X509 SAN parsing, no subject alt name
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-x509_parse_san:"data_files/server4.crt":""
+x509_parse_san:"data_files/parse_input/server4.crt":""
 
 X509 SAN parsing, unsupported otherName name
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-x509_parse_san:"data_files/server5-unsupported_othername.crt":""
+x509_parse_san:"data_files/parse_input/server5-unsupported_othername.crt":""
 
 X509 CRL information #1
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C
-mbedtls_x509_crl_info:"data_files/crl_expired.pem":"CRL version   \: 1\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2011-02-20 10\:24\:19\nnext update   \: 2011-02-20 11\:24\:19\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using  \: RSA with SHA1\n"
+mbedtls_x509_crl_info:"data_files/parse_input/crl_expired.pem":"CRL version   \: 1\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2011-02-20 10\:24\:19\nnext update   \: 2011-02-20 11\:24\:19\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using  \: RSA with SHA1\n"
 
 X509 CRL Information MD2 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD2_C:MBEDTLS_RSA_C
-mbedtls_x509_crl_info:"data_files/crl_md2.pem":"CRL version   \: 1\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2009-07-19 19\:56\:37\nnext update   \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using  \: RSA with MD2\n"
+mbedtls_x509_crl_info:"data_files/parse_input/crl_md2.pem":"CRL version   \: 1\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2009-07-19 19\:56\:37\nnext update   \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using  \: RSA with MD2\n"
 
 X509 CRL Information MD4 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C
-mbedtls_x509_crl_info:"data_files/crl_md4.pem":"CRL version   \: 1\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2011-02-12 14\:44\:07\nnext update   \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using  \: RSA with MD4\n"
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:MBEDTLS_RSA_C
+mbedtls_x509_crl_info:"data_files/parse_input/crl_md4.pem":"CRL version   \: 1\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2011-02-12 14\:44\:07\nnext update   \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using  \: RSA with MD4\n"
 
 X509 CRL Information MD5 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C
-mbedtls_x509_crl_info:"data_files/crl_md5.pem":"CRL version   \: 1\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2011-02-12 14\:44\:07\nnext update   \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using  \: RSA with MD5\n"
+mbedtls_x509_crl_info:"data_files/parse_input/crl_md5.pem":"CRL version   \: 1\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2011-02-12 14\:44\:07\nnext update   \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using  \: RSA with MD5\n"
 
 X509 CRL Information SHA1 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C
-mbedtls_x509_crl_info:"data_files/crl_sha1.pem":"CRL version   \: 1\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2011-02-12 14\:44\:07\nnext update   \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using  \: RSA with SHA1\n"
+mbedtls_x509_crl_info:"data_files/parse_input/crl_sha1.pem":"CRL version   \: 1\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2011-02-12 14\:44\:07\nnext update   \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using  \: RSA with SHA1\n"
 
 X509 CRL Information SHA224 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
-mbedtls_x509_crl_info:"data_files/crl_sha224.pem":"CRL version   \: 1\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2011-02-12 14\:44\:07\nnext update   \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using  \: RSA with SHA-224\n"
+mbedtls_x509_crl_info:"data_files/parse_input/crl_sha224.pem":"CRL version   \: 1\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2011-02-12 14\:44\:07\nnext update   \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using  \: RSA with SHA-224\n"
 
 X509 CRL Information SHA256 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
-mbedtls_x509_crl_info:"data_files/crl_sha256.pem":"CRL version   \: 1\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2011-02-12 14\:44\:07\nnext update   \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using  \: RSA with SHA-256\n"
+mbedtls_x509_crl_info:"data_files/parse_input/crl_sha256.pem":"CRL version   \: 1\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2011-02-12 14\:44\:07\nnext update   \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using  \: RSA with SHA-256\n"
 
 X509 CRL Information SHA384 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_RSA_C
-mbedtls_x509_crl_info:"data_files/crl_sha384.pem":"CRL version   \: 1\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2011-02-12 14\:44\:07\nnext update   \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using  \: RSA with SHA-384\n"
+mbedtls_x509_crl_info:"data_files/parse_input/crl_sha384.pem":"CRL version   \: 1\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2011-02-12 14\:44\:07\nnext update   \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using  \: RSA with SHA-384\n"
 
 X509 CRL Information SHA512 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C
-mbedtls_x509_crl_info:"data_files/crl_sha512.pem":"CRL version   \: 1\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2011-02-12 14\:44\:07\nnext update   \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using  \: RSA with SHA-512\n"
+mbedtls_x509_crl_info:"data_files/parse_input/crl_sha512.pem":"CRL version   \: 1\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2011-02-12 14\:44\:07\nnext update   \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using  \: RSA with SHA-512\n"
 
 X509 CRL information RSA-PSS, SHA1 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C
-mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha1.pem":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2014-01-20 13\:46\:35\nnext update   \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using  \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\n"
+mbedtls_x509_crl_info:"data_files/parse_input/crl-rsa-pss-sha1.pem":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2014-01-20 13\:46\:35\nnext update   \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using  \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\n"
 
 X509 CRL information RSA-PSS, SHA224 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C
-mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha224.pem":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2014-01-20 13\:56\:06\nnext update   \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using  \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\n"
+mbedtls_x509_crl_info:"data_files/parse_input/crl-rsa-pss-sha224.pem":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2014-01-20 13\:56\:06\nnext update   \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using  \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\n"
 
 X509 CRL information RSA-PSS, SHA256 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C
-mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha256.pem":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2014-01-20 13\:56\:16\nnext update   \: 2024-01-18 13\:56\:16\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using  \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\n"
+mbedtls_x509_crl_info:"data_files/parse_input/crl-rsa-pss-sha256.pem":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2014-01-20 13\:56\:16\nnext update   \: 2024-01-18 13\:56\:16\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using  \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\n"
 
 X509 CRL information RSA-PSS, SHA384 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha384.pem":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2014-01-20 13\:56\:28\nnext update   \: 2024-01-18 13\:56\:28\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using  \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\n"
+mbedtls_x509_crl_info:"data_files/parse_input/crl-rsa-pss-sha384.pem":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2014-01-20 13\:56\:28\nnext update   \: 2024-01-18 13\:56\:28\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using  \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\n"
 
 X509 CRL information RSA-PSS, SHA512 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C
-mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha512.pem":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2014-01-20 13\:56\:38\nnext update   \: 2024-01-18 13\:56\:38\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using  \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\n"
+mbedtls_x509_crl_info:"data_files/parse_input/crl-rsa-pss-sha512.pem":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2014-01-20 13\:56\:38\nnext update   \: 2024-01-18 13\:56\:38\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using  \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\n"
 
 X509 CRL Information EC, SHA1 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C
-mbedtls_x509_crl_info:"data_files/crl-ec-sha1.pem":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update   \: 2013-09-24 16\:31\:08\nnext update   \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using  \: ECDSA with SHA1\n"
+mbedtls_x509_crl_info:"data_files/parse_input/crl-ec-sha1.pem":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update   \: 2013-09-24 16\:31\:08\nnext update   \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using  \: ECDSA with SHA1\n"
 
 X509 CRL Information EC, SHA224 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-mbedtls_x509_crl_info:"data_files/crl-ec-sha224.pem":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update   \: 2013-09-24 16\:31\:08\nnext update   \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using  \: ECDSA with SHA224\n"
+mbedtls_x509_crl_info:"data_files/parse_input/crl-ec-sha224.pem":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update   \: 2013-09-24 16\:31\:08\nnext update   \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using  \: ECDSA with SHA224\n"
 
 X509 CRL Information EC, SHA256 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-mbedtls_x509_crl_info:"data_files/crl-ec-sha256.pem":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update   \: 2013-09-24 16\:31\:08\nnext update   \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using  \: ECDSA with SHA256\n"
+mbedtls_x509_crl_info:"data_files/parse_input/crl-ec-sha256.pem":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update   \: 2013-09-24 16\:31\:08\nnext update   \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using  \: ECDSA with SHA256\n"
 
 X509 CRL Information EC, SHA384 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C
-mbedtls_x509_crl_info:"data_files/crl-ec-sha384.pem":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update   \: 2013-09-24 16\:31\:08\nnext update   \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using  \: ECDSA with SHA384\n"
+mbedtls_x509_crl_info:"data_files/parse_input/crl-ec-sha384.pem":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update   \: 2013-09-24 16\:31\:08\nnext update   \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using  \: ECDSA with SHA384\n"
 
 X509 CRL Information EC, SHA512 Digest
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C
-mbedtls_x509_crl_info:"data_files/crl-ec-sha512.pem":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update   \: 2013-09-24 16\:31\:08\nnext update   \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using  \: ECDSA with SHA512\n"
+mbedtls_x509_crl_info:"data_files/parse_input/crl-ec-sha512.pem":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update   \: 2013-09-24 16\:31\:08\nnext update   \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using  \: ECDSA with SHA512\n"
 
 X509 CRL Malformed Input (trailing spaces at end of file)
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C
-mbedtls_x509_crl_parse:"data_files/crl-malformed-trailing-spaces.pem":MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT
+mbedtls_x509_crl_parse:"data_files/parse_input/crl-malformed-trailing-spaces.pem":MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT
 
 X509 CRL Unsupported critical extension (issuingDistributionPoint)
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-mbedtls_x509_crl_parse:"data_files/crl-idp.pem":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+mbedtls_x509_crl_parse:"data_files/parse_input/crl-idp.pem":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
 
 X509 CRL Unsupported non-critical extension (issuingDistributionPoint)
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-mbedtls_x509_crl_parse:"data_files/crl-idpnc.pem":0
+mbedtls_x509_crl_parse:"data_files/parse_input/crl-idpnc.pem":0
 
 X509 CSR Information RSA with MD4
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:MBEDTLS_RSA_C
-mbedtls_x509_csr_info:"data_files/server1.req.md4":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using  \: RSA with MD4\nRSA key size  \: 2048 bits\n"
+mbedtls_x509_csr_info:"data_files/parse_input/server1.req.md4":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using  \: RSA with MD4\nRSA key size  \: 2048 bits\n"
 
 X509 CSR Information RSA with MD5
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C
-mbedtls_x509_csr_info:"data_files/server1.req.md5":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using  \: RSA with MD5\nRSA key size  \: 2048 bits\n"
+mbedtls_x509_csr_info:"data_files/parse_input/server1.req.md5":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using  \: RSA with MD5\nRSA key size  \: 2048 bits\n"
 
 X509 CSR Information RSA with SHA1
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C
-mbedtls_x509_csr_info:"data_files/server1.req.sha1":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using  \: RSA with SHA1\nRSA key size  \: 2048 bits\n"
+mbedtls_x509_csr_info:"data_files/parse_input/server1.req.sha1":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using  \: RSA with SHA1\nRSA key size  \: 2048 bits\n"
 
 X509 CSR Information RSA with SHA224
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
-mbedtls_x509_csr_info:"data_files/server1.req.sha224":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using  \: RSA with SHA-224\nRSA key size  \: 2048 bits\n"
+mbedtls_x509_csr_info:"data_files/parse_input/server1.req.sha224":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using  \: RSA with SHA-224\nRSA key size  \: 2048 bits\n"
 
 X509 CSR Information RSA with SHA-256
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
-mbedtls_x509_csr_info:"data_files/server1.req.sha256":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using  \: RSA with SHA-256\nRSA key size  \: 2048 bits\n"
+mbedtls_x509_csr_info:"data_files/parse_input/server1.req.sha256":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using  \: RSA with SHA-256\nRSA key size  \: 2048 bits\n"
 
 X509 CSR Information RSA with SHA384
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_RSA_C
-mbedtls_x509_csr_info:"data_files/server1.req.sha384":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using  \: RSA with SHA-384\nRSA key size  \: 2048 bits\n"
+mbedtls_x509_csr_info:"data_files/parse_input/server1.req.sha384":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using  \: RSA with SHA-384\nRSA key size  \: 2048 bits\n"
 
 X509 CSR Information RSA with SHA512
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C
-mbedtls_x509_csr_info:"data_files/server1.req.sha512":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using  \: RSA with SHA-512\nRSA key size  \: 2048 bits\n"
+mbedtls_x509_csr_info:"data_files/parse_input/server1.req.sha512":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using  \: RSA with SHA-512\nRSA key size  \: 2048 bits\n"
+
+X509 CSR Information RSA with SHA-256, containing commas
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTS_X509_INFO
+mbedtls_x509_csr_info:"data_files/parse_input/server1.req.commas.sha256":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL\\, Commas, CN=PolarSSL Server 1\nsigned using  \: RSA with SHA-256\nRSA key size  \: 2048 bits\n"
 
 X509 CSR Information EC with SHA1
 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C
-mbedtls_x509_csr_info:"data_files/server5.req.sha1":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: ECDSA with SHA1\nEC key size   \: 256 bits\n"
+mbedtls_x509_csr_info:"data_files/parse_input/server5.req.sha1":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: ECDSA with SHA1\nEC key size   \: 256 bits\n"
 
 X509 CSR Information EC with SHA224
 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-mbedtls_x509_csr_info:"data_files/server5.req.sha224":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: ECDSA with SHA224\nEC key size   \: 256 bits\n"
+mbedtls_x509_csr_info:"data_files/parse_input/server5.req.sha224":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: ECDSA with SHA224\nEC key size   \: 256 bits\n"
 
 X509 CSR Information EC with SHA256
 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-mbedtls_x509_csr_info:"data_files/server5.req.sha256":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: ECDSA with SHA256\nEC key size   \: 256 bits\n"
+mbedtls_x509_csr_info:"data_files/parse_input/server5.req.sha256":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: ECDSA with SHA256\nEC key size   \: 256 bits\n"
 
 X509 CSR Information EC with SHA384
 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-mbedtls_x509_csr_info:"data_files/server5.req.sha384":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: ECDSA with SHA384\nEC key size   \: 256 bits\n"
+mbedtls_x509_csr_info:"data_files/parse_input/server5.req.sha384":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: ECDSA with SHA384\nEC key size   \: 256 bits\n"
 
 X509 CSR Information EC with SHA512
 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C
-mbedtls_x509_csr_info:"data_files/server5.req.sha512":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: ECDSA with SHA512\nEC key size   \: 256 bits\n"
+mbedtls_x509_csr_info:"data_files/parse_input/server5.req.sha512":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: ECDSA with SHA512\nEC key size   \: 256 bits\n"
 
 X509 CSR Information RSA-PSS with SHA1
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C
-mbedtls_x509_csr_info:"data_files/server9.req.sha1":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A)\nRSA key size  \: 1024 bits\n"
+mbedtls_x509_csr_info:"data_files/parse_input/server9.req.sha1":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A)\nRSA key size  \: 1024 bits\n"
 
 X509 CSR Information RSA-PSS with SHA224
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C
-mbedtls_x509_csr_info:"data_files/server9.req.sha224":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62)\nRSA key size  \: 1024 bits\n"
+mbedtls_x509_csr_info:"data_files/parse_input/server9.req.sha224":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62)\nRSA key size  \: 1024 bits\n"
 
 X509 CSR Information RSA-PSS with SHA256
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C
-mbedtls_x509_csr_info:"data_files/server9.req.sha256":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: RSASSA-PSS (SHA256, MGF1-SHA256, 0x5E)\nRSA key size  \: 1024 bits\n"
+mbedtls_x509_csr_info:"data_files/parse_input/server9.req.sha256":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: RSASSA-PSS (SHA256, MGF1-SHA256, 0x5E)\nRSA key size  \: 1024 bits\n"
 
 X509 CSR Information RSA-PSS with SHA384
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384
-mbedtls_x509_csr_info:"data_files/server9.req.sha384":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: RSASSA-PSS (SHA384, MGF1-SHA384, 0x4E)\nRSA key size  \: 1024 bits\n"
+mbedtls_x509_csr_info:"data_files/parse_input/server9.req.sha384":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: RSASSA-PSS (SHA384, MGF1-SHA384, 0x4E)\nRSA key size  \: 1024 bits\n"
 
 X509 CSR Information RSA-PSS with SHA512
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C
-mbedtls_x509_csr_info:"data_files/server9.req.sha512":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: RSASSA-PSS (SHA512, MGF1-SHA512, 0x3E)\nRSA key size  \: 1024 bits\n"
+mbedtls_x509_csr_info:"data_files/parse_input/server9.req.sha512":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=localhost\nsigned using  \: RSASSA-PSS (SHA512, MGF1-SHA512, 0x3E)\nRSA key size  \: 1024 bits\n"
 
 X509 CSR Information RSA with SHA-256 - Microsoft header
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
-mbedtls_x509_csr_info:"data_files/server1-ms.req.sha256":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using  \: RSA with SHA-256\nRSA key size  \: 2048 bits\n"
+mbedtls_x509_csr_info:"data_files/parse_input/server1-ms.req.sha256":"CSR version   \: 1\nsubject name  \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using  \: RSA with SHA-256\nRSA key size  \: 2048 bits\n"
 
 X509 Verify Information: empty
 x509_verify_info:0:"":""
@@ -399,6 +411,70 @@ X509 Get Distinguished Name #4
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
 mbedtls_x509_dn_gets:"data_files/server2.crt":"issuer":"C=NL, O=PolarSSL, CN=PolarSSL Test CA"
 
+X509 Get Distinguished Name #5
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
+mbedtls_x509_dn_gets:"data_files/server1.commas.crt":"subject":"C=NL, O=PolarSSL\\, Commas, CN=PolarSSL Server 1"
+
+X509 Get Modified DN #1
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
+mbedtls_x509_dn_gets_subject_replace:"data_files/server1.crt":"Modified":"C=NL, O=Modified, CN=PolarSSL Server 1":0
+
+X509 Get Modified DN #2 Name exactly 255 bytes
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
+mbedtls_x509_dn_gets_subject_replace:"data_files/server1.crt":"123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345":"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345, CN=PolarSSL Server 1":0
+
+X509 Get Modified DN #3 Name exceeds 255 bytes
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
+mbedtls_x509_dn_gets_subject_replace:"data_files/server1.crt":"1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456":"":MBEDTLS_ERR_X509_BUFFER_TOO_SMALL
+
+X509 Get Modified DN #4 Name exactly 255 bytes, with comma requiring escaping
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
+mbedtls_x509_dn_gets_subject_replace:"data_files/server1.crt":"1234567890,1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234":"":MBEDTLS_ERR_X509_BUFFER_TOO_SMALL
+
+X509 Get Modified DN #5 Name exactly 255 bytes, ending with comma requiring escaping
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
+mbedtls_x509_dn_gets_subject_replace:"data_files/server1.crt":"12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234,":"":MBEDTLS_ERR_X509_BUFFER_TOO_SMALL
+
+# Parse the following valid DN:
+#
+# 31 0B <- Set of
+#     30 09 <- Sequence of
+#         06 03 55 04 06 <- OID 2.5.4.6 countryName (C)
+#         13 02 4E 4C <- PrintableString "NL"
+# 31 11 <- Set of
+#     30 0F <- Sequence of
+#         06 03 55 04 0A <- OID 2.5.4.10 organizationName (O)
+#         0C 08 50 6F 6C 61 72 53 53 4C <- UTF8String "PolarSSL"
+# 31 19 <- Set of
+#     30 17 <- Sequence of
+#         06 03 55 04 03 <- OID 2.5.4.3 commonName (CN)
+#         0C 10 50 6F 6C 61 72 53 53 4C 20 54 65 73 74 20 43 41 <- UTF8String "PolarSSL Test CA"
+#
+X509 Get Name Valid DN
+mbedtls_x509_get_name:"310B3009060355040613024E4C3111300F060355040A0C08506F6C617253534C3119301706035504030C10506F6C617253534C2054657374204341":0
+
+# Parse the following corrupted DN:
+#
+# 31 0B <- Set of
+#     30 09 <- Sequence of
+#         06 03 55 04 06 <- OID 2.5.4.6 countryName (C)
+#         13 02 4E 4C <- PrintableString "NL"
+# 31 11 <- Set of
+#     30 0F <- Sequence of
+#         06 03 55 04 0A <- OID 2.5.4.10 organizationName (O)
+#         0C 08 50 6F 6C 61 72 53 53 4C <- UTF8String "PolarSSL"
+# 30 19 <- Sequence of (corrupted)
+#     30 17 <- Sequence of
+#         06 03 55 04 03 <- OID 2.5.4.3 commonName (CN)
+#         0C 10 50 6F 6C 61 72 53 53 4C 20 54 65 73 74 20 43 41 <- UTF8String "PolarSSL Test CA"
+#
+# The third 'Set of' is corrupted to instead be a 'Sequence of', causing an
+# error and forcing mbedtls_x509_get_name() to clean up the names it has
+# already allocated.
+#
+X509 Get Name Corrupted DN Mem Leak
+mbedtls_x509_get_name:"310B3009060355040613024E4C3111300F060355040A0C08506F6C617253534C3019301706035504030C10506F6C617253534C2054657374204341":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+
 X509 Time Expired #1
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA1_C
 mbedtls_x509_time_is_past:"data_files/server1.crt":"valid_from":1
@@ -559,12 +635,8 @@ X509 CRT verification #14 (Valid Cert SHA1 Digest explicitly allowed in profile)
 depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL"
 
-X509 CRT verification #14 (Valid Cert SHA1 Digest allowed in compile-time default profile)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
-x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"":"NULL"
-
 X509 CRT verification #14 (Valid Cert SHA1 Digest forbidden in default profile)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:!MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_BAD_MD | MBEDTLS_X509_BADCERT_BAD_MD:"":"NULL"
 
 X509 CRT verification #15 (Valid Cert SHA224 Digest)
@@ -1586,10 +1658,6 @@ X509 CRT ASN1 (TBS, valid IssuerID, inv SubjectID, inv tag)
 depends_on:!MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
 x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa1000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
 
-X509 CRT ASN1 (TBSCertificate v3, ext SubjectAlternativeName malformed)
-depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
-x509parse_crt:"30820220308201ffa0030201020209202020202020202020300d06092a864886f70d01010505003045310b30090603202020130220203113301106032020200c0a202020202020202020203121301f06032020200c18202020202020202020202020202020202020202020202020301e170d3134303432333230353034305a170d3137303432323230353034305a3045310b30090603202020130220203113301106032020200c0a202020202020202020203121301f06032020200c1820202020202020202020202020202020202020202020202030819f300d06092a864886f70d010101050003818d003081890281812020202020202020ff20202020202020202020202020202020202020ff202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020ff020320ffffa350304e301d0603202020041620202020202020202020202020202020202020202020301f0603551d11041830169104202020208000be002020202020202020202020202020202020202020202020202020202020202020ff20202020202020202020202020202020202020ff2020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020ff2020ff202020202020202020202020202020ff2020202020202020202020202020202020202020202020202020":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
-
 X509 CRT ASN1 (TBS, valid IssuerID, inv SubjectID, length missing)
 depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
 x509parse_crt:"308199308183a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a2300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA
@@ -1828,11 +1896,11 @@ x509parse_crt:"3081b030819aa0030201028204deadbeef300d06092a864886f70d01010b05003
 
 X509 CRT ASN1 (inv extBasicConstraint, pathlen is INT_MAX)
 depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C
-x509parse_crt_file:"data_files/server1_pathlen_int_max.crt":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH
+mbedtls_x509_crt_parse_file:"data_files/parse_input/server1_pathlen_int_max.crt":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH:0
 
 X509 CRT ASN1 (pathlen is INT_MAX-1)
 depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C
-x509parse_crt_file:"data_files/server1_pathlen_int_max-1.crt":0
+mbedtls_x509_crt_parse_file:"data_files/parse_input/server1_pathlen_int_max-1.crt":0:1
 
 X509 CRT ASN1 (TBS, inv extBasicConstraint, pathlen inv length encoding)
 depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
@@ -1854,6 +1922,158 @@ X509 CRT ASN1 (TBS, inv v3Ext, ExtKeyUsage bad second tag)
 depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
 x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d250416301406082b0601050507030107082b06010505070302300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
 
+X509 CRT ASN1 (TBS, inv SubjectAltName, empty)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081a7308191a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30b300930070603551d110400300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, inv tag)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b30090603551d1104020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, length missing)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081a8308192a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30c300a30080603551d11040130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, inv length encoding)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b30090603551d1104023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, length out of bounds)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b30090603551d1104023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, data remaining after name SEQUENCE)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081aa308194a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30e300c300a0603551d110403300000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, name component length missing)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081aa308194a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30e300c300a0603551d110403300180300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, name component inv length encoding)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d11040430028085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, name component length out of bounds)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d11040430028001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, name component unexpected tag)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d11040430024000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, otherName component empty)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d1104043002a000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, otherName invalid OID tag)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a311300f300d0603551d1104063004a0020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, otherName OID length missing)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081ac308196a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a310300e300c0603551d1104053003a00106300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, otherName OID inv length encoding)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a311300f300d0603551d1104063004a0020685300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, otherName OID length out of bounds)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a311300f300d0603551d1104063004a0020601300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName EXPLICIT tag missing
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081b530819fa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a319301730150603551d11040e300ca00a06082b06010505070804300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName unexpected EXPLICIT tag)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081b73081a1a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31b301930170603551d110410300ea00c06082b060105050708040500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName outer length missing)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081b63081a0a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31a301830160603551d11040f300da00b06082b06010505070804a0300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName inv outer length)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081b73081a1a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31b301930170603551d110410300ea00c06082b06010505070804a085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName outer length out of bounds)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081b73081a1a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31b301930170603551d110410300ea00c06082b06010505070804a001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName outer length 0)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081b73081a1a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31b301930170603551d110410300ea00c06082b06010505070804a000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName inner tag invalid)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31d301b30190603551d1104123010a00e06082b06010505070804a0020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName inner length missing)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081b83081a2a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31c301a30180603551d110411300fa00d06082b06010505070804a00130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName inner length inv encoding)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31d301b30190603551d1104123010a00e06082b06010505070804a0023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName inner length out of bounds)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31d301b30190603551d1104123010a00e06082b06010505070804a0023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName empty)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31d301b30190603551d1104123010a00e06082b06010505070804a0023000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName unexpected OID tag)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081bb3081a5a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31f301d301b0603551d1104143012a01006082b06010505070804a00430020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName OID no length)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081ba3081a4a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31e301c301a0603551d1104133011a00f06082b06010505070804a003300106300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName OID inv length encoding)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081bb3081a5a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31f301d301b0603551d1104143012a01006082b06010505070804a00430020685300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName OID length out of bounds)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081bb3081a5a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31f301d301b0603551d1104143012a01006082b06010505070804a00430020601300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data missing)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081bb3081a5a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31f301d301b0603551d1104143012a01006082b06010505070804a00430020600300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data invalid tag)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d1104163014a01206082b06010505070804a006300406000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data length missing)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081bc3081a6a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a320301e301c0603551d1104153013a01106082b06010505070804a0053003060004300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data inv length encoding)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d1104163014a01206082b06010505070804a006300406000485300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data length out of bounds)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d1104163014a01206082b06010505070804a006300406000401300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data remaining #1)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081bf3081a9a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3233021301f0603551d1104183016a01406082b06010505070804a0083006060004000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data remaining #2)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081bf3081a9a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3233021301f0603551d1104183016a01406082b06010505070804a0083004060004000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
+
+X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data remaining #3)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+x509parse_crt:"3081bf3081a9a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3233021301f0603551d1104183016a01406082b06010505070804a0063004060004000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
+
 X509 CRT ASN1 (TBS, inv v3Ext, SubjectAltName repeated)
 depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
 x509parse_crt:"3081dc3081c6a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a340303e301d0603551d11041630148208666f6f2e7465737482086261722e74657374301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS
@@ -2208,15 +2428,29 @@ X509 CRL ASN1 (extension not critical explicit, crl-idp.pem byte 129)
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
 x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c010100041f301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"CRL version   \: 2\nissuer name   \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   \: 2018-03-14 07\:31\:48\nnext update   \: 2028-03-14 07\:31\:48\nRevoked certificates\:\nsigned using  \: RSA with SHA-256\n":0
 
-X509 CRT parse path #2 (one cert)
+X509 CRT parse file dir3/Readme
+mbedtls_x509_crt_parse_file:"data_files/dir3/Readme":MBEDTLS_ERR_X509_INVALID_FORMAT:0
+
+X509 CRT parse file dir3/test-ca.crt
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C
+mbedtls_x509_crt_parse_file:"data_files/dir3/test-ca.crt":0:1
+
+X509 CRT parse file dir3/test-ca2.crt
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+mbedtls_x509_crt_parse_file:"data_files/dir3/test-ca2.crt":0:1
+
+# The parse_path tests are known to fail when compiled for a 32-bit architecture
+# and run via qemu-user on Linux on a 64-bit host. This is due to a known
+# bug in Qemu: https://gitlab.com/qemu-project/qemu/-/issues/263
+X509 CRT parse path #1 (one cert)
 depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C
 mbedtls_x509_crt_parse_path:"data_files/dir1":0:1
 
-X509 CRT parse path #3 (two certs)
+X509 CRT parse path #2 (two certs)
 depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 mbedtls_x509_crt_parse_path:"data_files/dir2":0:2
 
-X509 CRT parse path #4 (two certs, one non-cert)
+X509 CRT parse path #3 (two certs, one non-cert)
 depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 mbedtls_x509_crt_parse_path:"data_files/dir3":1:2
 
@@ -2358,7 +2592,7 @@ X509 OID numstring #4 (larger number)
 x509_oid_numstr:"2a864886f70d":"1.2.840.113549":15:14
 
 X509 OID numstring #5 (arithmetic overflow)
-x509_oid_numstr:"2a8648f9f8f7f6f5f4f3f2f1f001":"":100:MBEDTLS_ERR_OID_BUF_TOO_SMALL
+x509_oid_numstr:"2a8648f9f8f7f6f5f4f3f2f1f001":"":100:MBEDTLS_ERR_ASN1_INVALID_DATA
 
 X509 CRT keyUsage #1 (no extension, expected KU)
 depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
@@ -2638,23 +2872,31 @@ mbedtls_x509_csr_parse:"3008300602047fffffff":"":MBEDTLS_ERR_X509_UNKNOWN_VERSIO
 
 X509 File parse (no issues)
 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
-x509parse_crt_file:"data_files/server7_int-ca.crt":0
+mbedtls_x509_crt_parse_file:"data_files/parse_input/server7_int-ca.crt":0:2
 
 X509 File parse (extra space in one certificate)
 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
-x509parse_crt_file:"data_files/server7_pem_space.crt":1
+mbedtls_x509_crt_parse_file:"data_files/parse_input/server7_pem_space.crt":1:1
 
 X509 File parse (all certificates fail)
 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C
-x509parse_crt_file:"data_files/server7_all_space.crt":MBEDTLS_ERR_PEM_INVALID_DATA + MBEDTLS_ERR_BASE64_INVALID_CHARACTER
+mbedtls_x509_crt_parse_file:"data_files/parse_input/server7_all_space.crt":MBEDTLS_ERR_PEM_INVALID_DATA + MBEDTLS_ERR_BASE64_INVALID_CHARACTER:0
 
 X509 File parse (trailing spaces, OK)
 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
-x509parse_crt_file:"data_files/server7_trailing_space.crt":0
+mbedtls_x509_crt_parse_file:"data_files/parse_input/server7_trailing_space.crt":0:2
 
 X509 File parse (Algorithm Params Tag mismatch)
 depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
-x509parse_crt_file:"data_files/cli-rsa-sha256-badalg.crt.der":MBEDTLS_ERR_X509_SIG_MISMATCH
+mbedtls_x509_crt_parse_file:"data_files/parse_input/cli-rsa-sha256-badalg.crt.der":MBEDTLS_ERR_X509_SIG_MISMATCH:0
+
+X509 File parse (does not conform to RFC 5480 / RFC 5758 - AlgorithmIdentifier's parameters field is present, mbedTLS generated before bugfix, OK)
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+x509parse_crt_file:"data_files/parse_input/server5-non-compliant.crt":0
+
+X509 File parse (conforms to RFC 5480 / RFC 5758 - AlgorithmIdentifier's parameters field must be absent for ECDSA)
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+x509parse_crt_file:"data_files/parse_input/server5.crt":0
 
 X509 Get time (UTC no issues)
 depends_on:MBEDTLS_X509_USE_C
@@ -2730,7 +2972,7 @@ x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0002291212+0300":MBEDTLS_ERR_X509_INVALID_D
 
 X509 Get time (UTC invalid character in year)
 depends_on:MBEDTLS_X509_USE_C
-x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0\1130231212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0
+x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0\\1130231212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0
 
 X509 Get time (UTC invalid character in month)
 depends_on:MBEDTLS_X509_USE_C
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_x509parse.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_x509parse.function
new file mode 100644
index 0000000..6e32792
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_x509parse.function
@@ -0,0 +1,1414 @@
+/* BEGIN_HEADER */
+#include "mbedtls/bignum.h"
+#include "mbedtls/x509.h"
+#include "mbedtls/x509_crt.h"
+#include "mbedtls/x509_crl.h"
+#include "mbedtls/x509_csr.h"
+#include "mbedtls/pem.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/base64.h"
+#include "mbedtls/error.h"
+#include "string.h"
+
+#if MBEDTLS_X509_MAX_INTERMEDIATE_CA > 19
+#error "The value of MBEDTLS_X509_MAX_INTERMEDIATE_C is larger \
+    than the current threshold 19. To test larger values, please \
+    adapt the script tests/data_files/dir-max/long.sh."
+#endif
+
+/* Test-only profile allowing all digests, PK algorithms, and curves. */
+const mbedtls_x509_crt_profile profile_all =
+{
+    0xFFFFFFFF, /* Any MD        */
+    0xFFFFFFFF, /* Any PK alg    */
+    0xFFFFFFFF, /* Any curve     */
+    1024,
+};
+
+/* Profile for backward compatibility. Allows SHA-1, unlike the default
+   profile. */
+const mbedtls_x509_crt_profile compat_profile =
+{
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA1) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_RIPEMD160) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA224) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA256) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512),
+    0xFFFFFFFF, /* Any PK alg    */
+    0xFFFFFFFF, /* Any curve     */
+    1024,
+};
+
+const mbedtls_x509_crt_profile profile_rsa3072 =
+{
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA256) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384) |
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512),
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_PK_RSA),
+    0,
+    3072,
+};
+
+const mbedtls_x509_crt_profile profile_sha512 =
+{
+    MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512),
+    0xFFFFFFFF, /* Any PK alg    */
+    0xFFFFFFFF, /* Any curve     */
+    1024,
+};
+
+int verify_none(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags)
+{
+    ((void) data);
+    ((void) crt);
+    ((void) certificate_depth);
+    *flags |= MBEDTLS_X509_BADCERT_OTHER;
+
+    return 0;
+}
+
+int verify_all(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags)
+{
+    ((void) data);
+    ((void) crt);
+    ((void) certificate_depth);
+    *flags = 0;
+
+    return 0;
+}
+
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+int ca_callback_fail(void *data, mbedtls_x509_crt const *child, mbedtls_x509_crt **candidates)
+{
+    ((void) data);
+    ((void) child);
+    ((void) candidates);
+
+    return -1;
+}
+
+int ca_callback(void *data, mbedtls_x509_crt const *child,
+                mbedtls_x509_crt **candidates)
+{
+    int ret = 0;
+    mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data;
+    mbedtls_x509_crt *first;
+
+    /* This is a test-only implementation of the CA callback
+     * which always returns the entire list of trusted certificates.
+     * Production implementations managing a large number of CAs
+     * should use an efficient presentation and lookup for the
+     * set of trusted certificates (such as a hashtable) and only
+     * return those trusted certificates which satisfy basic
+     * parental checks, such as the matching of child `Issuer`
+     * and parent `Subject` field. */
+    ((void) child);
+
+    first = mbedtls_calloc(1, sizeof(mbedtls_x509_crt));
+    if (first == NULL) {
+        ret = -1;
+        goto exit;
+    }
+    mbedtls_x509_crt_init(first);
+
+    if (mbedtls_x509_crt_parse_der(first, ca->raw.p, ca->raw.len) != 0) {
+        ret = -1;
+        goto exit;
+    }
+
+    while (ca->next != NULL) {
+        ca = ca->next;
+        if (mbedtls_x509_crt_parse_der(first, ca->raw.p, ca->raw.len) != 0) {
+            ret = -1;
+            goto exit;
+        }
+    }
+
+exit:
+
+    if (ret != 0) {
+        mbedtls_x509_crt_free(first);
+        mbedtls_free(first);
+        first = NULL;
+    }
+
+    *candidates = first;
+    return ret;
+}
+#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+
+int verify_fatal(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags)
+{
+    int *levels = (int *) data;
+
+    ((void) crt);
+    ((void) certificate_depth);
+
+    /* Simulate a fatal error in the callback */
+    if (*levels & (1 << certificate_depth)) {
+        *flags |= (1 << certificate_depth);
+        return -1 - certificate_depth;
+    }
+
+    return 0;
+}
+
+/* strsep() not available on Windows */
+char *mystrsep(char **stringp, const char *delim)
+{
+    const char *p;
+    char *ret = *stringp;
+
+    if (*stringp == NULL) {
+        return NULL;
+    }
+
+    for (;; (*stringp)++) {
+        if (**stringp == '\0') {
+            *stringp = NULL;
+            goto done;
+        }
+
+        for (p = delim; *p != '\0'; p++) {
+            if (**stringp == *p) {
+                **stringp = '\0';
+                (*stringp)++;
+                goto done;
+            }
+        }
+    }
+
+done:
+    return ret;
+}
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+typedef struct {
+    char buf[512];
+    char *p;
+} verify_print_context;
+
+void verify_print_init(verify_print_context *ctx)
+{
+    memset(ctx, 0, sizeof(verify_print_context));
+    ctx->p = ctx->buf;
+}
+
+int verify_print(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags)
+{
+    int ret;
+    verify_print_context *ctx = (verify_print_context *) data;
+    char *p = ctx->p;
+    size_t n = ctx->buf + sizeof(ctx->buf) - ctx->p;
+    ((void) flags);
+
+    ret = mbedtls_snprintf(p, n, "depth %d - serial ", certificate_depth);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_x509_serial_gets(p, n, &crt->serial);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf(p, n, " - subject ");
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_x509_dn_gets(p, n, &crt->subject);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf(p, n, " - flags 0x%08x\n", *flags);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ctx->p = p;
+
+    return 0;
+}
+
+int verify_parse_san(mbedtls_x509_subject_alternative_name *san,
+                     char **buf, size_t *size)
+{
+    int ret;
+    size_t i;
+    char *p = *buf;
+    size_t n = *size;
+
+    ret = mbedtls_snprintf(p, n, "type : %d", san->type);
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    switch (san->type) {
+        case (MBEDTLS_X509_SAN_OTHER_NAME):
+            ret = mbedtls_snprintf(p, n, "\notherName :");
+            MBEDTLS_X509_SAFE_SNPRINTF;
+
+            if (MBEDTLS_OID_CMP(MBEDTLS_OID_ON_HW_MODULE_NAME,
+                                &san->san.other_name.type_id) == 0) {
+                ret = mbedtls_snprintf(p, n, " hardware module name :");
+                MBEDTLS_X509_SAFE_SNPRINTF;
+                ret = mbedtls_snprintf(p, n, " hardware type : ");
+                MBEDTLS_X509_SAFE_SNPRINTF;
+
+                ret = mbedtls_oid_get_numeric_string(p,
+                                                     n,
+                                                     &san->san.other_name.value.hardware_module_name.oid);
+                MBEDTLS_X509_SAFE_SNPRINTF;
+
+                ret = mbedtls_snprintf(p, n, ", hardware serial number : ");
+                MBEDTLS_X509_SAFE_SNPRINTF;
+
+                for (i = 0; i < san->san.other_name.value.hardware_module_name.val.len; i++) {
+                    ret = mbedtls_snprintf(p,
+                                           n,
+                                           "%02X",
+                                           san->san.other_name.value.hardware_module_name.val.p[i]);
+                    MBEDTLS_X509_SAFE_SNPRINTF;
+                }
+            }
+            break;/* MBEDTLS_OID_ON_HW_MODULE_NAME */
+        case (MBEDTLS_X509_SAN_DNS_NAME):
+            ret = mbedtls_snprintf(p, n, "\ndNSName : ");
+            MBEDTLS_X509_SAFE_SNPRINTF;
+            if (san->san.unstructured_name.len >= n) {
+                *p = '\0';
+                return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
+            }
+            n -= san->san.unstructured_name.len;
+            for (i = 0; i < san->san.unstructured_name.len; i++) {
+                *p++ = san->san.unstructured_name.p[i];
+            }
+            break;/* MBEDTLS_X509_SAN_DNS_NAME */
+
+        default:
+            /*
+             * Should not happen.
+             */
+            return -1;
+    }
+    ret = mbedtls_snprintf(p, n, "\n");
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    *size = n;
+    *buf = p;
+
+    return 0;
+}
+
+int parse_crt_ext_cb(void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf const *oid,
+                     int critical, const unsigned char *cp, const unsigned char *end)
+{
+    (void) crt;
+    (void) critical;
+    mbedtls_x509_buf *new_oid = (mbedtls_x509_buf *) p_ctx;
+    if (oid->tag == MBEDTLS_ASN1_OID &&
+        MBEDTLS_OID_CMP(MBEDTLS_OID_CERTIFICATE_POLICIES, oid) == 0) {
+        /* Handle unknown certificate policy */
+        int ret, parse_ret = 0;
+        size_t len;
+        unsigned char **p = (unsigned char **) &cp;
+
+        /* Get main sequence tag */
+        ret = mbedtls_asn1_get_tag(p, end, &len,
+                                   MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
+        if (ret != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+        }
+
+        if (*p + len != end) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                     MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+        }
+
+        /*
+         * Cannot be an empty sequence.
+         */
+        if (len == 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                     MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+        }
+
+        while (*p < end) {
+            const unsigned char *policy_end;
+
+            /*
+             * Get the policy sequence
+             */
+            if ((ret = mbedtls_asn1_get_tag(p, end, &len,
+                                            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) !=
+                0) {
+                return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+            }
+
+            policy_end = *p + len;
+
+            if ((ret = mbedtls_asn1_get_tag(p, policy_end, &len,
+                                            MBEDTLS_ASN1_OID)) != 0) {
+                return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+            }
+
+            /*
+             * Recognize exclusively the policy with OID 1
+             */
+            if (len != 1 || *p[0] != 1) {
+                parse_ret = MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE;
+            }
+
+            *p += len;
+
+            /*
+             * If there is an optional qualifier, then *p < policy_end
+             * Check the Qualifier len to verify it doesn't exceed policy_end.
+             */
+            if (*p < policy_end) {
+                if ((ret = mbedtls_asn1_get_tag(p, policy_end, &len,
+                                                MBEDTLS_ASN1_CONSTRUCTED |
+                                                MBEDTLS_ASN1_SEQUENCE)) != 0) {
+                    return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret);
+                }
+                /*
+                 * Skip the optional policy qualifiers.
+                 */
+                *p += len;
+            }
+
+            if (*p != policy_end) {
+                return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                         MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+            }
+        }
+
+        if (*p != end) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                     MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+        }
+
+        return parse_ret;
+    } else if (new_oid != NULL && new_oid->tag == oid->tag && new_oid->len == oid->len &&
+               memcmp(new_oid->p, oid->p, oid->len) == 0) {
+        return 0;
+    } else {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
+                                 MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
+    }
+}
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_BIGNUM_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
+void x509_parse_san(char *crt_file, char *result_str)
+{
+    int ret;
+    mbedtls_x509_crt   crt;
+    mbedtls_x509_subject_alternative_name san;
+    mbedtls_x509_sequence *cur = NULL;
+    char buf[2000];
+    char *p = buf;
+    size_t n = sizeof(buf);
+
+    mbedtls_x509_crt_init(&crt);
+    memset(buf, 0, 2000);
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0);
+
+    if (crt.ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) {
+        cur = &crt.subject_alt_names;
+        while (cur != NULL) {
+            ret = mbedtls_x509_parse_subject_alt_name(&cur->buf, &san);
+            TEST_ASSERT(ret == 0 || ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE);
+            /*
+             * If san type not supported, ignore.
+             */
+            if (ret == 0) {
+                TEST_EQUAL(verify_parse_san(&san, &p, &n), 0);
+            }
+            cur = cur->next;
+        }
+    }
+
+    TEST_EQUAL(strcmp(buf, result_str), 0);
+
+exit:
+
+    mbedtls_x509_crt_free(&crt);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
+void x509_cert_info(char *crt_file, char *result_str)
+{
+    mbedtls_x509_crt   crt;
+    char buf[2000];
+    int res;
+
+    mbedtls_x509_crt_init(&crt);
+    memset(buf, 0, 2000);
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0);
+    res = mbedtls_x509_crt_info(buf, 2000, "", &crt);
+
+    TEST_ASSERT(res != -1);
+    TEST_ASSERT(res != -2);
+
+    TEST_EQUAL(strcmp(buf, result_str), 0);
+
+exit:
+    mbedtls_x509_crt_free(&crt);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C */
+void mbedtls_x509_crl_info(char *crl_file, char *result_str)
+{
+    mbedtls_x509_crl   crl;
+    char buf[2000];
+    int res;
+
+    mbedtls_x509_crl_init(&crl);
+    memset(buf, 0, 2000);
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_x509_crl_parse_file(&crl, crl_file), 0);
+    res = mbedtls_x509_crl_info(buf, 2000, "", &crl);
+
+    TEST_ASSERT(res != -1);
+    TEST_ASSERT(res != -2);
+
+    TEST_EQUAL(strcmp(buf, result_str), 0);
+
+exit:
+    mbedtls_x509_crl_free(&crl);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C */
+void mbedtls_x509_crl_parse(char *crl_file, int result)
+{
+    mbedtls_x509_crl   crl;
+    char buf[2000];
+
+    mbedtls_x509_crl_init(&crl);
+    memset(buf, 0, 2000);
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_x509_crl_parse_file(&crl, crl_file), result);
+
+exit:
+    mbedtls_x509_crl_free(&crl);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C */
+void mbedtls_x509_csr_info(char *csr_file, char *result_str)
+{
+    mbedtls_x509_csr   csr;
+    char buf[2000];
+    int res;
+
+    mbedtls_x509_csr_init(&csr);
+    memset(buf, 0, 2000);
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_x509_csr_parse_file(&csr, csr_file), 0);
+    res = mbedtls_x509_csr_info(buf, 2000, "", &csr);
+
+    TEST_ASSERT(res != -1);
+    TEST_ASSERT(res != -2);
+
+    TEST_EQUAL(strcmp(buf, result_str), 0);
+
+exit:
+    mbedtls_x509_csr_free(&csr);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */
+void x509_verify_info(int flags, char *prefix, char *result_str)
+{
+    char buf[2000];
+    int res;
+
+    USE_PSA_INIT();
+    memset(buf, 0, sizeof(buf));
+
+    res = mbedtls_x509_crt_verify_info(buf, sizeof(buf), prefix, flags);
+
+    TEST_ASSERT(res >= 0);
+
+    TEST_EQUAL(strcmp(buf, result_str), 0);
+
+exit:
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_C */
+void x509_verify_restart(char *crt_file, char *ca_file,
+                         int result, int flags_result,
+                         int max_ops, int min_restart, int max_restart)
+{
+    int ret, cnt_restart;
+    mbedtls_x509_crt_restart_ctx rs_ctx;
+    mbedtls_x509_crt crt;
+    mbedtls_x509_crt ca;
+    uint32_t flags = 0;
+
+    /*
+     * See comments on ecp_test_vect_restart() for op count precision.
+     *
+     * For reference, with Mbed TLS 2.6 and default settings:
+     * - ecdsa_verify() for P-256:  ~  6700
+     * - ecdsa_verify() for P-384:  ~ 18800
+     * - x509_verify() for server5 -> test-ca2:             ~ 18800
+     * - x509_verify() for server10 -> int-ca3 -> int-ca2:  ~ 25500
+     */
+    mbedtls_x509_crt_restart_init(&rs_ctx);
+    mbedtls_x509_crt_init(&crt);
+    mbedtls_x509_crt_init(&ca);
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0);
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&ca, ca_file), 0);
+
+    mbedtls_ecp_set_max_ops(max_ops);
+
+    cnt_restart = 0;
+    do {
+        ret = mbedtls_x509_crt_verify_restartable(&crt, &ca, NULL,
+                                                  &mbedtls_x509_crt_profile_default, NULL, &flags,
+                                                  NULL, NULL, &rs_ctx);
+    } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart);
+
+    TEST_EQUAL(ret, result);
+    TEST_EQUAL(flags, (uint32_t) flags_result);
+
+    TEST_ASSERT(cnt_restart >= min_restart);
+    TEST_ASSERT(cnt_restart <= max_restart);
+
+    /* Do we leak memory when aborting? */
+    ret = mbedtls_x509_crt_verify_restartable(&crt, &ca, NULL,
+                                              &mbedtls_x509_crt_profile_default, NULL, &flags,
+                                              NULL, NULL, &rs_ctx);
+    TEST_ASSERT(ret == result || ret == MBEDTLS_ERR_ECP_IN_PROGRESS);
+
+exit:
+    mbedtls_x509_crt_restart_free(&rs_ctx);
+    mbedtls_x509_crt_free(&crt);
+    mbedtls_x509_crt_free(&ca);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C */
+void x509_verify(char *crt_file, char *ca_file, char *crl_file,
+                 char *cn_name_str, int result, int flags_result,
+                 char *profile_str,
+                 char *verify_callback)
+{
+    mbedtls_x509_crt   crt;
+    mbedtls_x509_crt   ca;
+    mbedtls_x509_crl    crl;
+    uint32_t         flags = 0;
+    int         res;
+    int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *) = NULL;
+    char *cn_name = NULL;
+    const mbedtls_x509_crt_profile *profile;
+
+    mbedtls_x509_crt_init(&crt);
+    mbedtls_x509_crt_init(&ca);
+    mbedtls_x509_crl_init(&crl);
+
+    USE_PSA_INIT();
+
+    if (strcmp(cn_name_str, "NULL") != 0) {
+        cn_name = cn_name_str;
+    }
+
+    if (strcmp(profile_str, "") == 0) {
+        profile = &mbedtls_x509_crt_profile_default;
+    } else if (strcmp(profile_str, "next") == 0) {
+        profile = &mbedtls_x509_crt_profile_next;
+    } else if (strcmp(profile_str, "suite_b") == 0) {
+        profile = &mbedtls_x509_crt_profile_suiteb;
+    } else if (strcmp(profile_str, "compat") == 0) {
+        profile = &compat_profile;
+    } else if (strcmp(profile_str, "all") == 0) {
+        profile = &profile_all;
+    } else {
+        TEST_ASSERT("Unknown algorithm profile" == 0);
+    }
+
+    if (strcmp(verify_callback, "NULL") == 0) {
+        f_vrfy = NULL;
+    } else if (strcmp(verify_callback, "verify_none") == 0) {
+        f_vrfy = verify_none;
+    } else if (strcmp(verify_callback, "verify_all") == 0) {
+        f_vrfy = verify_all;
+    } else {
+        TEST_ASSERT("No known verify callback selected" == 0);
+    }
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0);
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&ca, ca_file), 0);
+    TEST_EQUAL(mbedtls_x509_crl_parse_file(&crl, crl_file), 0);
+
+    res = mbedtls_x509_crt_verify_with_profile(&crt,
+                                               &ca,
+                                               &crl,
+                                               profile,
+                                               cn_name,
+                                               &flags,
+                                               f_vrfy,
+                                               NULL);
+
+    TEST_EQUAL(res, (result));
+    TEST_EQUAL(flags, (uint32_t) (flags_result));
+
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+    /* CRLs aren't supported with CA callbacks, so skip the CA callback
+     * version of the test if CRLs are in use. */
+    if (crl_file == NULL || strcmp(crl_file, "") == 0) {
+        flags = 0;
+
+        res = mbedtls_x509_crt_verify_with_ca_cb(&crt,
+                                                 ca_callback,
+                                                 &ca,
+                                                 profile,
+                                                 cn_name,
+                                                 &flags,
+                                                 f_vrfy,
+                                                 NULL);
+
+        TEST_EQUAL(res, result);
+        TEST_EQUAL(flags, (uint32_t) (flags_result));
+    }
+#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+exit:
+    mbedtls_x509_crt_free(&crt);
+    mbedtls_x509_crt_free(&ca);
+    mbedtls_x509_crl_free(&crl);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C:MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+void x509_verify_ca_cb_failure(char *crt_file, char *ca_file, char *name,
+                               int exp_ret)
+{
+    int ret;
+    mbedtls_x509_crt crt;
+    mbedtls_x509_crt ca;
+    uint32_t flags = 0;
+
+    mbedtls_x509_crt_init(&crt);
+    mbedtls_x509_crt_init(&ca);
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0);
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&ca, ca_file), 0);
+
+    if (strcmp(name, "NULL") == 0) {
+        name = NULL;
+    }
+
+    ret = mbedtls_x509_crt_verify_with_ca_cb(&crt, ca_callback_fail, &ca,
+                                             &compat_profile, name, &flags,
+                                             NULL, NULL);
+
+    TEST_EQUAL(ret, exp_ret);
+    TEST_EQUAL(flags, (uint32_t) (-1));
+exit:
+    mbedtls_x509_crt_free(&crt);
+    mbedtls_x509_crt_free(&ca);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
+void x509_verify_callback(char *crt_file, char *ca_file, char *name,
+                          int exp_ret, char *exp_vrfy_out)
+{
+    int ret;
+    mbedtls_x509_crt crt;
+    mbedtls_x509_crt ca;
+    uint32_t flags = 0;
+    verify_print_context vrfy_ctx;
+
+    mbedtls_x509_crt_init(&crt);
+    mbedtls_x509_crt_init(&ca);
+    verify_print_init(&vrfy_ctx);
+
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0);
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&ca, ca_file), 0);
+
+    if (strcmp(name, "NULL") == 0) {
+        name = NULL;
+    }
+
+    ret = mbedtls_x509_crt_verify_with_profile(&crt, &ca, NULL,
+                                               &compat_profile,
+                                               name, &flags,
+                                               verify_print, &vrfy_ctx);
+
+    TEST_EQUAL(ret, exp_ret);
+    TEST_EQUAL(strcmp(vrfy_ctx.buf, exp_vrfy_out), 0);
+
+exit:
+    mbedtls_x509_crt_free(&crt);
+    mbedtls_x509_crt_free(&ca);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
+void mbedtls_x509_dn_gets(char *crt_file, char *entity, char *result_str)
+{
+    mbedtls_x509_crt   crt;
+    char buf[2000];
+    int res = 0;
+
+    mbedtls_x509_crt_init(&crt);
+    memset(buf, 0, 2000);
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0);
+    if (strcmp(entity, "subject") == 0) {
+        res =  mbedtls_x509_dn_gets(buf, 2000, &crt.subject);
+    } else if (strcmp(entity, "issuer") == 0) {
+        res =  mbedtls_x509_dn_gets(buf, 2000, &crt.issuer);
+    } else {
+        TEST_ASSERT("Unknown entity" == 0);
+    }
+
+    TEST_ASSERT(res != -1);
+    TEST_ASSERT(res != -2);
+
+    TEST_EQUAL(strcmp(buf, result_str), 0);
+
+exit:
+    mbedtls_x509_crt_free(&crt);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */
+void mbedtls_x509_dn_gets_subject_replace(char *crt_file,
+                                          char *new_subject_ou,
+                                          char *result_str,
+                                          int ret)
+{
+    mbedtls_x509_crt   crt;
+    char buf[2000];
+    int res = 0;
+
+    mbedtls_x509_crt_init(&crt);
+    memset(buf, 0, 2000);
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0);
+    crt.subject.next->val.p = (unsigned char *) new_subject_ou;
+    crt.subject.next->val.len = strlen(new_subject_ou);
+
+    res =  mbedtls_x509_dn_gets(buf, 2000, &crt.subject);
+
+    if (ret != 0) {
+        TEST_EQUAL(res, ret);
+    } else {
+        TEST_ASSERT(res != -1);
+        TEST_ASSERT(res != -2);
+        TEST_EQUAL(strcmp(buf, result_str), 0);
+    }
+exit:
+    mbedtls_x509_crt_free(&crt);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */
+void mbedtls_x509_get_name(char *rdn_sequence, int exp_ret)
+{
+    unsigned char *name = NULL;
+    unsigned char *p;
+    size_t name_len;
+    mbedtls_x509_name head;
+    mbedtls_x509_name *allocated, *prev;
+    int ret;
+
+    USE_PSA_INIT();
+    memset(&head, 0, sizeof(head));
+
+    name = mbedtls_test_unhexify_alloc(rdn_sequence, &name_len);
+    p = name;
+
+    ret = mbedtls_x509_get_name(&p, (name + name_len), &head);
+    if (ret == 0) {
+        allocated = head.next;
+
+        while (allocated != NULL) {
+            prev = allocated;
+            allocated = allocated->next;
+
+            mbedtls_free(prev);
+        }
+    }
+
+    TEST_EQUAL(ret, exp_ret);
+
+    mbedtls_free(name);
+
+exit:
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
+void mbedtls_x509_time_is_past(char *crt_file, char *entity, int result)
+{
+    mbedtls_x509_crt   crt;
+
+    mbedtls_x509_crt_init(&crt);
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0);
+
+    if (strcmp(entity, "valid_from") == 0) {
+        TEST_EQUAL(mbedtls_x509_time_is_past(&crt.valid_from), result);
+    } else if (strcmp(entity, "valid_to") == 0) {
+        TEST_EQUAL(mbedtls_x509_time_is_past(&crt.valid_to), result);
+    } else {
+        TEST_ASSERT("Unknown entity" == 0);
+    }
+
+exit:
+    mbedtls_x509_crt_free(&crt);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
+void mbedtls_x509_time_is_future(char *crt_file, char *entity, int result)
+{
+    mbedtls_x509_crt   crt;
+
+    mbedtls_x509_crt_init(&crt);
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0);
+
+    if (strcmp(entity, "valid_from") == 0) {
+        TEST_EQUAL(mbedtls_x509_time_is_future(&crt.valid_from), result);
+    } else if (strcmp(entity, "valid_to") == 0) {
+        TEST_EQUAL(mbedtls_x509_time_is_future(&crt.valid_to), result);
+    } else {
+        TEST_ASSERT("Unknown entity" == 0);
+    }
+
+exit:
+    mbedtls_x509_crt_free(&crt);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_FS_IO */
+void x509parse_crt_file(char *crt_file, int result)
+{
+    mbedtls_x509_crt crt;
+
+    mbedtls_x509_crt_init(&crt);
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), result);
+
+exit:
+    mbedtls_x509_crt_free(&crt);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */
+void x509parse_crt(data_t *buf, char *result_str, int result)
+{
+    mbedtls_x509_crt   crt;
+    unsigned char output[2000];
+    int res;
+
+    mbedtls_x509_crt_init(&crt);
+    memset(output, 0, 2000);
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_der(&crt, buf->x, buf->len), result);
+    if ((result) == 0) {
+        res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt);
+
+        TEST_ASSERT(res != -1);
+        TEST_ASSERT(res != -2);
+
+        TEST_EQUAL(strcmp((char *) output, result_str), 0);
+    }
+
+    mbedtls_x509_crt_free(&crt);
+    mbedtls_x509_crt_init(&crt);
+    memset(output, 0, 2000);
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_der_nocopy(&crt, buf->x, buf->len), result);
+    if ((result) == 0) {
+        res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt);
+
+        TEST_ASSERT(res != -1);
+        TEST_ASSERT(res != -2);
+
+        TEST_EQUAL(strcmp((char *) output, result_str), 0);
+    }
+
+    mbedtls_x509_crt_free(&crt);
+    mbedtls_x509_crt_init(&crt);
+    memset(output, 0, 2000);
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 0, NULL, NULL),
+               result);
+    if ((result) == 0) {
+        res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt);
+
+        TEST_ASSERT(res != -1);
+        TEST_ASSERT(res != -2);
+
+        TEST_EQUAL(strcmp((char *) output, result_str), 0);
+    }
+
+    mbedtls_x509_crt_free(&crt);
+    mbedtls_x509_crt_init(&crt);
+    memset(output, 0, 2000);
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 1, NULL, NULL),
+               result);
+    if ((result) == 0) {
+        res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt);
+
+        TEST_ASSERT(res != -1);
+        TEST_ASSERT(res != -2);
+
+        TEST_EQUAL(strcmp((char *) output, result_str), 0);
+    }
+
+exit:
+    mbedtls_x509_crt_free(&crt);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */
+void x509parse_crt_cb(data_t *buf, char *result_str, int result)
+{
+    mbedtls_x509_crt   crt;
+    mbedtls_x509_buf   oid;
+    unsigned char output[2000];
+    int res;
+
+    oid.tag = MBEDTLS_ASN1_OID;
+    oid.len = MBEDTLS_OID_SIZE(MBEDTLS_OID_PKIX "\x01\x1F");
+    oid.p = (unsigned char *) MBEDTLS_OID_PKIX "\x01\x1F";
+
+    mbedtls_x509_crt_init(&crt);
+    memset(output, 0, 2000);
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 0, parse_crt_ext_cb,
+                                                      &oid), result);
+    if ((result) == 0) {
+        res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt);
+
+        TEST_ASSERT(res != -1);
+        TEST_ASSERT(res != -2);
+
+        TEST_EQUAL(strcmp((char *) output, result_str), 0);
+    }
+
+    mbedtls_x509_crt_free(&crt);
+    mbedtls_x509_crt_init(&crt);
+    memset(output, 0, 2000);
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 1, parse_crt_ext_cb,
+                                                      &oid), (result));
+    if ((result) == 0) {
+        res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt);
+
+        TEST_ASSERT(res != -1);
+        TEST_ASSERT(res != -2);
+
+        TEST_EQUAL(strcmp((char *) output, result_str), 0);
+    }
+
+exit:
+    mbedtls_x509_crt_free(&crt);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CRL_PARSE_C */
+void x509parse_crl(data_t *buf, char *result_str, int result)
+{
+    mbedtls_x509_crl   crl;
+    unsigned char output[2000];
+    int res;
+
+    mbedtls_x509_crl_init(&crl);
+    memset(output, 0, 2000);
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_x509_crl_parse(&crl, buf->x, buf->len), (result));
+    if ((result) == 0) {
+        res = mbedtls_x509_crl_info((char *) output, 2000, "", &crl);
+
+        TEST_ASSERT(res != -1);
+        TEST_ASSERT(res != -2);
+
+        TEST_EQUAL(strcmp((char *) output, result_str), 0);
+    }
+
+exit:
+    mbedtls_x509_crl_free(&crl);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_PARSE_C */
+void mbedtls_x509_csr_parse(data_t *csr_der, char *ref_out, int ref_ret)
+{
+    mbedtls_x509_csr csr;
+    char my_out[1000];
+    int my_ret;
+
+    mbedtls_x509_csr_init(&csr);
+    memset(my_out, 0, sizeof(my_out));
+    USE_PSA_INIT();
+
+    my_ret = mbedtls_x509_csr_parse_der(&csr, csr_der->x, csr_der->len);
+    TEST_EQUAL(my_ret, ref_ret);
+
+    if (ref_ret == 0) {
+        size_t my_out_len = mbedtls_x509_csr_info(my_out, sizeof(my_out), "", &csr);
+        TEST_EQUAL(my_out_len, strlen(ref_out));
+        TEST_EQUAL(strcmp(my_out, ref_out), 0);
+    }
+
+exit:
+    mbedtls_x509_csr_free(&csr);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
+void mbedtls_x509_crt_parse_file(char *crt_path, int ret, int nb_crt)
+{
+    mbedtls_x509_crt chain, *cur;
+    int i;
+
+    mbedtls_x509_crt_init(&chain);
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&chain, crt_path), ret);
+
+    /* Check how many certs we got */
+    for (i = 0, cur = &chain; cur != NULL; cur = cur->next) {
+        if (cur->raw.p != NULL) {
+            i++;
+        }
+    }
+
+    TEST_EQUAL(i, nb_crt);
+
+exit:
+    mbedtls_x509_crt_free(&chain);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
+void mbedtls_x509_crt_parse_path(char *crt_path, int ret, int nb_crt)
+{
+    mbedtls_x509_crt chain, *cur;
+    int i;
+
+    mbedtls_x509_crt_init(&chain);
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_path(&chain, crt_path), ret);
+
+    /* Check how many certs we got */
+    for (i = 0, cur = &chain; cur != NULL; cur = cur->next) {
+        if (cur->raw.p != NULL) {
+            i++;
+        }
+    }
+
+    TEST_EQUAL(i, nb_crt);
+
+exit:
+    mbedtls_x509_crt_free(&chain);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
+void mbedtls_x509_crt_verify_max(char *ca_file, char *chain_dir, int nb_int,
+                                 int ret_chk, int flags_chk)
+{
+    char file_buf[128];
+    int ret;
+    uint32_t flags;
+    mbedtls_x509_crt trusted, chain;
+
+    /*
+     * We expect chain_dir to contain certificates 00.crt, 01.crt, etc.
+     * with NN.crt signed by NN-1.crt
+     */
+    mbedtls_x509_crt_init(&trusted);
+    mbedtls_x509_crt_init(&chain);
+    USE_PSA_INIT();
+
+    /* Load trusted root */
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&trusted, ca_file), 0);
+
+    /* Load a chain with nb_int intermediates (from 01 to nb_int),
+     * plus one "end-entity" cert (nb_int + 1) */
+    ret = mbedtls_snprintf(file_buf, sizeof(file_buf), "%s/c%02d.pem", chain_dir,
+                           nb_int + 1);
+    TEST_ASSERT(ret > 0 && (size_t) ret < sizeof(file_buf));
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&chain, file_buf), 0);
+
+    /* Try to verify that chain */
+    ret = mbedtls_x509_crt_verify(&chain, &trusted, NULL, NULL, &flags,
+                                  NULL, NULL);
+    TEST_EQUAL(ret, ret_chk);
+    TEST_EQUAL(flags, (uint32_t) flags_chk);
+
+exit:
+    mbedtls_x509_crt_free(&chain);
+    mbedtls_x509_crt_free(&trusted);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
+void mbedtls_x509_crt_verify_chain(char *chain_paths, char *trusted_ca,
+                                   int flags_result, int result,
+                                   char *profile_name, int vrfy_fatal_lvls)
+{
+    char *act;
+    uint32_t flags;
+    int res;
+    mbedtls_x509_crt trusted, chain;
+    const mbedtls_x509_crt_profile *profile = NULL;
+
+    mbedtls_x509_crt_init(&chain);
+    mbedtls_x509_crt_init(&trusted);
+    USE_PSA_INIT();
+
+    while ((act = mystrsep(&chain_paths, " ")) != NULL) {
+        TEST_EQUAL(mbedtls_x509_crt_parse_file(&chain, act), 0);
+    }
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&trusted, trusted_ca), 0);
+
+    if (strcmp(profile_name, "") == 0) {
+        profile = &mbedtls_x509_crt_profile_default;
+    } else if (strcmp(profile_name, "next") == 0) {
+        profile = &mbedtls_x509_crt_profile_next;
+    } else if (strcmp(profile_name, "suiteb") == 0) {
+        profile = &mbedtls_x509_crt_profile_suiteb;
+    } else if (strcmp(profile_name, "rsa3072") == 0) {
+        profile = &profile_rsa3072;
+    } else if (strcmp(profile_name, "sha512") == 0) {
+        profile = &profile_sha512;
+    }
+
+    res = mbedtls_x509_crt_verify_with_profile(&chain, &trusted, NULL, profile,
+                                               NULL, &flags, verify_fatal, &vrfy_fatal_lvls);
+
+    TEST_EQUAL(res, (result));
+    TEST_EQUAL(flags, (uint32_t) (flags_result));
+
+exit:
+    mbedtls_x509_crt_free(&trusted);
+    mbedtls_x509_crt_free(&chain);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */
+void x509_oid_desc(data_t *buf, char *ref_desc)
+{
+    mbedtls_x509_buf oid;
+    const char *desc = NULL;
+    int ret;
+
+    USE_PSA_INIT();
+    oid.tag = MBEDTLS_ASN1_OID;
+    oid.p   = buf->x;
+    oid.len   = buf->len;
+
+    ret = mbedtls_oid_get_extended_key_usage(&oid, &desc);
+
+    if (strcmp(ref_desc, "notfound") == 0) {
+        TEST_ASSERT(ret != 0);
+        TEST_ASSERT(desc == NULL);
+    } else {
+        TEST_EQUAL(ret, 0);
+        TEST_ASSERT(desc != NULL);
+        TEST_EQUAL(strcmp(desc, ref_desc), 0);
+    }
+
+exit:
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */
+void x509_oid_numstr(data_t *oid_buf, char *numstr, int blen, int ret)
+{
+    mbedtls_x509_buf oid;
+    char num_buf[100];
+
+    USE_PSA_INIT();
+    memset(num_buf, 0x2a, sizeof(num_buf));
+
+    oid.tag = MBEDTLS_ASN1_OID;
+    oid.p   = oid_buf->x;
+    oid.len   = oid_buf->len;
+
+    TEST_ASSERT((size_t) blen <= sizeof(num_buf));
+
+    TEST_EQUAL(mbedtls_oid_get_numeric_string(num_buf, blen, &oid), ret);
+
+    if (ret >= 0) {
+        TEST_EQUAL(num_buf[ret], 0);
+        TEST_EQUAL(strcmp(num_buf, numstr), 0);
+    }
+
+exit:
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CHECK_KEY_USAGE */
+void x509_check_key_usage(char *crt_file, int usage, int ret)
+{
+    mbedtls_x509_crt crt;
+
+    mbedtls_x509_crt_init(&crt);
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0);
+
+    TEST_EQUAL(mbedtls_x509_crt_check_key_usage(&crt, usage), ret);
+
+exit:
+    mbedtls_x509_crt_free(&crt);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
+void x509_check_extended_key_usage(char *crt_file, data_t *oid, int ret
+                                   )
+{
+    mbedtls_x509_crt crt;
+
+    mbedtls_x509_crt_init(&crt);
+    USE_PSA_INIT();
+
+    TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0);
+
+    TEST_EQUAL(mbedtls_x509_crt_check_extended_key_usage(&crt, (const char *) oid->x, oid->len),
+               ret);
+
+exit:
+    mbedtls_x509_crt_free(&crt);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */
+void x509_get_time(int tag, char *time_str, int ret, int year, int mon,
+                   int day, int hour, int min, int sec)
+{
+    mbedtls_x509_time time;
+    unsigned char buf[21];
+    unsigned char *start = buf;
+    unsigned char *end = buf;
+
+    USE_PSA_INIT();
+    memset(&time, 0x00, sizeof(time));
+    *end = (unsigned char) tag; end++;
+    *end = strlen(time_str);
+    TEST_ASSERT(*end < 20);
+    end++;
+    memcpy(end, time_str, (size_t) *(end - 1));
+    end += *(end - 1);
+
+    TEST_EQUAL(mbedtls_x509_get_time(&start, end, &time), ret);
+    if (ret == 0) {
+        TEST_EQUAL(year, time.year);
+        TEST_EQUAL(mon, time.mon);
+        TEST_EQUAL(day, time.day);
+        TEST_EQUAL(hour, time.hour);
+        TEST_EQUAL(min, time.min);
+        TEST_EQUAL(sec, time.sec);
+    }
+
+exit:
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT */
+void x509_parse_rsassa_pss_params(data_t *params, int params_tag,
+                                  int ref_msg_md, int ref_mgf_md,
+                                  int ref_salt_len, int ref_ret)
+{
+    int my_ret;
+    mbedtls_x509_buf buf;
+    mbedtls_md_type_t my_msg_md, my_mgf_md;
+    int my_salt_len;
+
+    USE_PSA_INIT();
+
+    buf.p = params->x;
+    buf.len = params->len;
+    buf.tag = params_tag;
+
+    my_ret = mbedtls_x509_get_rsassa_pss_params(&buf, &my_msg_md, &my_mgf_md,
+                                                &my_salt_len);
+
+    TEST_EQUAL(my_ret, ref_ret);
+
+    if (ref_ret == 0) {
+        TEST_EQUAL(my_msg_md, (mbedtls_md_type_t) ref_msg_md);
+        TEST_EQUAL(my_mgf_md, (mbedtls_md_type_t) ref_mgf_md);
+        TEST_EQUAL(my_salt_len, ref_salt_len);
+    }
+
+exit:
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_SELF_TEST */
+void x509_selftest()
+{
+    USE_PSA_INIT();
+    TEST_EQUAL(mbedtls_x509_self_test(1), 0);
+
+exit:
+    USE_PSA_DONE();
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_x509write.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_x509write.data
new file mode 100644
index 0000000..6bb81c7
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_x509write.data
@@ -0,0 +1,143 @@
+Certificate Request check Server1 SHA1
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha1":MBEDTLS_MD_SHA1:0:0:0:0:0
+
+Certificate Request check Server1 SHA224
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha224":MBEDTLS_MD_SHA224:0:0:0:0:0
+
+Certificate Request check Server1 SHA256
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256":MBEDTLS_MD_SHA256:0:0:0:0:0
+
+Certificate Request check Server1 SHA384
+depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha384":MBEDTLS_MD_SHA384:0:0:0:0:0
+
+Certificate Request check Server1 SHA512
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":MBEDTLS_MD_SHA512:0:0:0:0:0
+
+Certificate Request check Server1 MD4
+depends_on:MBEDTLS_MD4_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.md4":MBEDTLS_MD_MD4:0:0:0:0:0
+
+Certificate Request check Server1 MD5
+depends_on:MBEDTLS_MD5_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":MBEDTLS_MD_MD5:0:0:0:0:0
+
+Certificate Request check Server1 key_usage
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:0
+
+Certificate Request check Server1 key_usage empty
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage_empty":MBEDTLS_MD_SHA1:0:1:0:0:0
+
+Certificate Request check Server1 ns_cert_type
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0
+
+Certificate Request check Server1 ns_cert_type empty
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type_empty":MBEDTLS_MD_SHA1:0:0:0:1:0
+
+Certificate Request check Server1 key_usage + ns_cert_type
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.ku-ct":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0
+
+Certificate Request check Server5 ECDSA, key_usage
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:1:0:0:0
+
+Certificate Request check Server1, set_extension
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256.ext":MBEDTLS_MD_SHA256:0:0:0:0:1
+
+Certificate Request check opaque Server5 ECDSA, key_usage
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+x509_csr_check_opaque:"data_files/server5.key":MBEDTLS_MD_SHA256:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0
+
+Certificate write check Server1 SHA1
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.crt":0:0
+
+Certificate write check Server1 SHA1, not before 1970
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"19700210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"":0:0
+
+Certificate write check Server1 SHA1, not after 2050
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20500210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"":0:0
+
+Certificate write check Server1 SHA1, not before 1970, not after 2050
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"19700210144406":"20500210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"":0:0
+
+Certificate write check Server1 SHA1, not before 2050, not after 2059
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20500210144406":"20590210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"":0:0
+
+Certificate write check Server1 SHA1, key_usage
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:1:-1:"data_files/server1.key_usage.crt":0:0
+
+Certificate write check Server1 SHA1, ns_cert_type
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":0:0
+
+Certificate write check Server1 SHA1, version 1
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":0:0
+
+Certificate write check Server1 SHA1, CA
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.ca.crt":0:1
+
+Certificate write check Server1 SHA1, RSA_ALT
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.noauthid.crt":1:0
+
+Certificate write check Server1 SHA1, RSA_ALT, key_usage
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:0:-1:"data_files/server1.key_usage_noauthid.crt":1:0
+
+Certificate write check Server1 SHA1, RSA_ALT, ns_cert_type
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0:-1:"data_files/server1.cert_type_noauthid.crt":1:0
+
+Certificate write check Server1 SHA1, RSA_ALT, version 1
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":1:0
+
+Certificate write check Server1 SHA1, RSA_ALT, CA
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.ca_noauthid.crt":1:1
+
+
+X509 String to Names #1
+mbedtls_x509_string_to_names:"C=NL,O=Offspark\\, Inc., OU=PolarSSL":"C=NL, O=Offspark\\, Inc., OU=PolarSSL":0
+
+X509 String to Names #2
+mbedtls_x509_string_to_names:"C=NL, O=Offspark, Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_UNKNOWN_OID
+
+X509 String to Names #3 (Name precisely 255 bytes)
+mbedtls_x509_string_to_names:"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345,OU=PolarSSL":"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345, OU=PolarSSL":0
+
+X509 String to Names #4 (Name larger than 255 bytes)
+mbedtls_x509_string_to_names:"C=NL, O=1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME
+
+X509 String to Names #5 (Escape non-allowed characters)
+mbedtls_x509_string_to_names:"C=NL, O=Offspark\\a Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME
+
+X509 String to Names #6 (Escape at end)
+mbedtls_x509_string_to_names:"C=NL, O=Offspark\\":"":MBEDTLS_ERR_X509_INVALID_NAME
+
+X509 String to Names #6 (Invalid, no '=' or ',')
+mbedtls_x509_string_to_names:"ABC123":"":MBEDTLS_ERR_X509_INVALID_NAME
+
+Check max serial length
+x509_set_serial_check:
+
+Check max extension length
+x509_set_extension_length_check:
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_x509write.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_x509write.function
new file mode 100644
index 0000000..039690b
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_x509write.function
@@ -0,0 +1,521 @@
+/* BEGIN_HEADER */
+#include "mbedtls/bignum.h"
+#include "mbedtls/x509_crt.h"
+#include "mbedtls/x509_csr.h"
+#include "mbedtls/pem.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/rsa.h"
+#include "mbedtls/asn1write.h"
+
+#if defined(MBEDTLS_RSA_C)
+int mbedtls_rsa_decrypt_func(void *ctx, int mode, size_t *olen,
+                             const unsigned char *input, unsigned char *output,
+                             size_t output_max_len)
+{
+    return mbedtls_rsa_pkcs1_decrypt((mbedtls_rsa_context *) ctx, NULL, NULL, mode, olen,
+                                     input, output, output_max_len);
+}
+int mbedtls_rsa_sign_func(void *ctx,
+                          int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+                          int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
+                          const unsigned char *hash, unsigned char *sig)
+{
+    return mbedtls_rsa_pkcs1_sign((mbedtls_rsa_context *) ctx, f_rng, p_rng, mode,
+                                  md_alg, hashlen, hash, sig);
+}
+size_t mbedtls_rsa_key_len_func(void *ctx)
+{
+    return ((const mbedtls_rsa_context *) ctx)->len;
+}
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
+    defined(MBEDTLS_PEM_WRITE_C) && defined(MBEDTLS_X509_CSR_WRITE_C)
+static int x509_crt_verifycsr(const unsigned char *buf, size_t buflen)
+{
+    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+    const mbedtls_md_info_t *md_info;
+    mbedtls_x509_csr csr;
+    int ret = 0;
+
+    mbedtls_x509_csr_init(&csr);
+
+    if (mbedtls_x509_csr_parse(&csr, buf, buflen) != 0) {
+        ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    md_info = mbedtls_md_info_from_type(csr.sig_md);
+    if (mbedtls_md(md_info, csr.cri.p, csr.cri.len, hash) != 0) {
+        /* Note: this can't happen except after an internal error */
+        ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    if (mbedtls_pk_verify_ext(csr.sig_pk, csr.sig_opts, &csr.pk,
+                              csr.sig_md, hash, mbedtls_md_get_size(md_info),
+                              csr.sig.p, csr.sig.len) != 0) {
+        ret = MBEDTLS_ERR_X509_CERT_VERIFY_FAILED;
+        goto cleanup;
+    }
+
+cleanup:
+
+    mbedtls_x509_csr_free(&csr);
+    return ret;
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_PEM_WRITE_C && MBEDTLS_X509_CSR_WRITE_C */
+
+#if defined(MBEDTLS_X509_CSR_WRITE_C)
+
+/*
+ * The size of this temporary buffer is given by the sequence of functions
+ * called hereinafter:
+ * - mbedtls_asn1_write_oid()
+ *     - 8 bytes for MBEDTLS_OID_EXTENDED_KEY_USAGE raw value
+ *     - 1 byte for MBEDTLS_OID_EXTENDED_KEY_USAGE length
+ *     - 1 byte for MBEDTLS_ASN1_OID tag
+ * - mbedtls_asn1_write_len()
+ *     - 1 byte since we're dealing with sizes which are less than 0x80
+ * - mbedtls_asn1_write_tag()
+ *     - 1 byte
+ *
+ * This length is fine as long as this function is called using the
+ * MBEDTLS_OID_SERVER_AUTH OID. If this is changed in the future, then this
+ * buffer's length should be adjusted accordingly.
+ * Unfortunately there's no predefined max size for OIDs which can be used
+ * to set an overall upper boundary which is always guaranteed.
+ */
+#define EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH    12
+
+static int csr_set_extended_key_usage(mbedtls_x509write_csr *ctx,
+                                      const char *oid, size_t oid_len)
+{
+    unsigned char buf[EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH] = { 0 };
+    unsigned char *p = buf + sizeof(buf);
+    int ret;
+    size_t len = 0;
+
+    /*
+     * Following functions fail anyway if the temporary buffer is not large,
+     * but we set an extra check here to emphasize a possible source of errors
+     */
+    if (oid_len > EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH) {
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(&p, buf, oid, oid_len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, ret));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, buf,
+                                                     MBEDTLS_ASN1_CONSTRUCTED |
+                                                     MBEDTLS_ASN1_SEQUENCE));
+
+    ret = mbedtls_x509write_csr_set_extension(ctx,
+                                              MBEDTLS_OID_EXTENDED_KEY_USAGE,
+                                              MBEDTLS_OID_SIZE(MBEDTLS_OID_EXTENDED_KEY_USAGE),
+                                              p,
+                                              len);
+
+    return ret;
+}
+#endif  /* MBEDTLS_X509_CSR_WRITE_C */
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_BIGNUM_C:MBEDTLS_FS_IO:MBEDTLS_PK_PARSE_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C */
+void x509_csr_check(char *key_file, char *cert_req_check_file, int md_type,
+                    int key_usage, int set_key_usage, int cert_type,
+                    int set_cert_type, int set_extension)
+{
+    mbedtls_pk_context key;
+    mbedtls_x509write_csr req;
+    unsigned char buf[4096];
+    unsigned char check_buf[4000];
+    int ret;
+    size_t olen = 0, pem_len = 0, buf_index;
+    int der_len = -1;
+    FILE *f;
+    const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1";
+    mbedtls_test_rnd_pseudo_info rnd_info;
+
+    memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info));
+
+    mbedtls_x509write_csr_init(&req);
+    mbedtls_pk_init(&key);
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL) == 0);
+
+    mbedtls_x509write_csr_set_md_alg(&req, md_type);
+    mbedtls_x509write_csr_set_key(&req, &key);
+    TEST_ASSERT(mbedtls_x509write_csr_set_subject_name(&req, subject_name) == 0);
+    if (set_key_usage != 0) {
+        TEST_ASSERT(mbedtls_x509write_csr_set_key_usage(&req, key_usage) == 0);
+    }
+    if (set_cert_type != 0) {
+        TEST_ASSERT(mbedtls_x509write_csr_set_ns_cert_type(&req, cert_type) == 0);
+    }
+    if (set_extension != 0) {
+        TEST_ASSERT(csr_set_extended_key_usage(&req, MBEDTLS_OID_SERVER_AUTH,
+                                               MBEDTLS_OID_SIZE(MBEDTLS_OID_SERVER_AUTH)) == 0);
+    }
+
+    ret = mbedtls_x509write_csr_pem(&req, buf, sizeof(buf),
+                                    mbedtls_test_rnd_pseudo_rand, &rnd_info);
+    TEST_ASSERT(ret == 0);
+
+    pem_len = strlen((char *) buf);
+
+    for (buf_index = pem_len; buf_index < sizeof(buf); ++buf_index) {
+        TEST_ASSERT(buf[buf_index] == 0);
+    }
+
+    f = fopen(cert_req_check_file, "r");
+    TEST_ASSERT(f != NULL);
+    olen = fread(check_buf, 1, sizeof(check_buf), f);
+    fclose(f);
+
+    TEST_ASSERT(olen >= pem_len - 1);
+    TEST_ASSERT(memcmp(buf, check_buf, pem_len - 1) == 0);
+
+    der_len = mbedtls_x509write_csr_der(&req, buf, sizeof(buf),
+                                        mbedtls_test_rnd_pseudo_rand,
+                                        &rnd_info);
+    TEST_ASSERT(der_len >= 0);
+
+    if (der_len == 0) {
+        goto exit;
+    }
+
+    ret = mbedtls_x509write_csr_der(&req, buf, (size_t) (der_len - 1),
+                                    mbedtls_test_rnd_pseudo_rand, &rnd_info);
+    TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL);
+
+exit:
+    mbedtls_x509write_csr_free(&req);
+    mbedtls_pk_free(&key);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C:MBEDTLS_USE_PSA_CRYPTO */
+void x509_csr_check_opaque(char *key_file, int md_type, int key_usage,
+                           int cert_type)
+{
+    mbedtls_pk_context key;
+    mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_algorithm_t md_alg_psa;
+    mbedtls_x509write_csr req;
+    unsigned char buf[4096];
+    int ret;
+    size_t pem_len = 0;
+    const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1";
+    mbedtls_test_rnd_pseudo_info rnd_info;
+
+    memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info));
+
+    mbedtls_x509write_csr_init(&req);
+
+    USE_PSA_INIT();
+
+    md_alg_psa = mbedtls_psa_translate_md((mbedtls_md_type_t) md_type);
+    TEST_ASSERT(md_alg_psa != MBEDTLS_MD_NONE);
+
+    mbedtls_pk_init(&key);
+    TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL) == 0);
+    TEST_ASSERT(mbedtls_pk_wrap_as_opaque(&key, &key_id, md_alg_psa) == 0);
+
+    mbedtls_x509write_csr_set_md_alg(&req, md_type);
+    mbedtls_x509write_csr_set_key(&req, &key);
+    TEST_ASSERT(mbedtls_x509write_csr_set_subject_name(&req, subject_name) == 0);
+    if (key_usage != 0) {
+        TEST_ASSERT(mbedtls_x509write_csr_set_key_usage(&req, key_usage) == 0);
+    }
+    if (cert_type != 0) {
+        TEST_ASSERT(mbedtls_x509write_csr_set_ns_cert_type(&req, cert_type) == 0);
+    }
+
+    ret = mbedtls_x509write_csr_pem(&req, buf, sizeof(buf) - 1,
+                                    mbedtls_test_rnd_pseudo_rand, &rnd_info);
+
+    TEST_ASSERT(ret == 0);
+
+    pem_len = strlen((char *) buf);
+    buf[pem_len] = '\0';
+    TEST_ASSERT(x509_crt_verifycsr(buf, pem_len + 1) == 0);
+
+exit:
+    mbedtls_x509write_csr_free(&req);
+    mbedtls_pk_free(&key);
+    psa_destroy_key(key_id);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_SHA1_C */
+void x509_crt_check(char *subject_key_file, char *subject_pwd,
+                    char *subject_name, char *issuer_key_file,
+                    char *issuer_pwd, char *issuer_name,
+                    char *serial_str, char *not_before, char *not_after,
+                    int md_type, int key_usage, int set_key_usage,
+                    int cert_type, int set_cert_type, int auth_ident,
+                    int ver, char *cert_check_file, int rsa_alt, int is_ca)
+{
+    mbedtls_pk_context subject_key, issuer_key, issuer_key_alt;
+    mbedtls_pk_context *key = &issuer_key;
+
+    mbedtls_x509write_cert crt;
+    unsigned char buf[4096];
+    unsigned char check_buf[5000];
+    unsigned char *p, *end;
+    unsigned char tag, sz;
+    mbedtls_mpi serial;
+    int ret, before_tag, after_tag;
+    size_t olen = 0, pem_len = 0, buf_index = 0;
+    int der_len = -1;
+    FILE *f;
+    mbedtls_test_rnd_pseudo_info rnd_info;
+
+    memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info));
+    mbedtls_mpi_init(&serial);
+
+    mbedtls_pk_init(&subject_key);
+    mbedtls_pk_init(&issuer_key);
+    mbedtls_pk_init(&issuer_key_alt);
+
+    mbedtls_x509write_crt_init(&crt);
+    USE_PSA_INIT();
+
+    TEST_ASSERT(mbedtls_pk_parse_keyfile(&subject_key, subject_key_file,
+                                         subject_pwd) == 0);
+
+    TEST_ASSERT(mbedtls_pk_parse_keyfile(&issuer_key, issuer_key_file,
+                                         issuer_pwd) == 0);
+
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+    /* For RSA PK contexts, create a copy as an alternative RSA context. */
+    if (rsa_alt == 1 && mbedtls_pk_get_type(&issuer_key) == MBEDTLS_PK_RSA) {
+        TEST_ASSERT(mbedtls_pk_setup_rsa_alt(&issuer_key_alt,
+                                             mbedtls_pk_rsa(issuer_key),
+                                             mbedtls_rsa_decrypt_func,
+                                             mbedtls_rsa_sign_func,
+                                             mbedtls_rsa_key_len_func) == 0);
+
+        key = &issuer_key_alt;
+    }
+#else
+    (void) rsa_alt;
+#endif
+
+    TEST_ASSERT(mbedtls_test_read_mpi(&serial, serial_str) == 0);
+
+    if (ver != -1) {
+        mbedtls_x509write_crt_set_version(&crt, ver);
+    }
+
+    TEST_ASSERT(mbedtls_x509write_crt_set_serial(&crt, &serial) == 0);
+    TEST_ASSERT(mbedtls_x509write_crt_set_validity(&crt, not_before,
+                                                   not_after) == 0);
+    mbedtls_x509write_crt_set_md_alg(&crt, md_type);
+    TEST_ASSERT(mbedtls_x509write_crt_set_issuer_name(&crt, issuer_name) == 0);
+    TEST_ASSERT(mbedtls_x509write_crt_set_subject_name(&crt, subject_name) == 0);
+    mbedtls_x509write_crt_set_subject_key(&crt, &subject_key);
+
+    mbedtls_x509write_crt_set_issuer_key(&crt, key);
+
+    if (crt.version >= MBEDTLS_X509_CRT_VERSION_3) {
+        /* For the CA case, a path length of -1 means unlimited. */
+        TEST_ASSERT(mbedtls_x509write_crt_set_basic_constraints(&crt, is_ca,
+                                                                (is_ca ? -1 : 0)) == 0);
+        TEST_ASSERT(mbedtls_x509write_crt_set_subject_key_identifier(&crt) == 0);
+        if (auth_ident) {
+            TEST_ASSERT(mbedtls_x509write_crt_set_authority_key_identifier(&crt) == 0);
+        }
+        if (set_key_usage != 0) {
+            TEST_ASSERT(mbedtls_x509write_crt_set_key_usage(&crt, key_usage) == 0);
+        }
+        if (set_cert_type != 0) {
+            TEST_ASSERT(mbedtls_x509write_crt_set_ns_cert_type(&crt, cert_type) == 0);
+        }
+    }
+
+    ret = mbedtls_x509write_crt_pem(&crt, buf, sizeof(buf),
+                                    mbedtls_test_rnd_pseudo_rand, &rnd_info);
+    TEST_ASSERT(ret == 0);
+
+    pem_len = strlen((char *) buf);
+
+    // check that the rest of the buffer remains clear
+    for (buf_index = pem_len; buf_index < sizeof(buf); ++buf_index) {
+        TEST_ASSERT(buf[buf_index] == 0);
+    }
+
+    if (*cert_check_file != '\0') {
+        f = fopen(cert_check_file, "r");
+        TEST_ASSERT(f != NULL);
+        olen = fread(check_buf, 1, sizeof(check_buf), f);
+        fclose(f);
+        TEST_ASSERT(olen < sizeof(check_buf));
+        TEST_ASSERT(olen >= pem_len - 1);
+        TEST_ASSERT(memcmp(buf, check_buf, pem_len - 1) == 0);
+    }
+
+    der_len = mbedtls_x509write_crt_der(&crt, buf, sizeof(buf),
+                                        mbedtls_test_rnd_pseudo_rand,
+                                        &rnd_info);
+    TEST_ASSERT(der_len >= 0);
+
+    if (der_len == 0) {
+        goto exit;
+    }
+
+    // Not testing against file, check date format
+    if (*cert_check_file == '\0') {
+        // UTC tag if before 2050, 2 digits less for year
+        if (not_before[0] == '2' && (not_before[1] > '0' || not_before[2] > '4')) {
+            before_tag = MBEDTLS_ASN1_GENERALIZED_TIME;
+        } else {
+            before_tag = MBEDTLS_ASN1_UTC_TIME;
+            not_before += 2;
+        }
+        if (not_after[0] == '2' && (not_after[1] > '0' || not_after[2] > '4')) {
+            after_tag = MBEDTLS_ASN1_GENERALIZED_TIME;
+        } else {
+            after_tag = MBEDTLS_ASN1_UTC_TIME;
+            not_after += 2;
+        }
+        end = buf + sizeof(buf);
+        for (p = end - der_len; p < end;) {
+            tag = *p++;
+            sz = *p++;
+            if (tag == MBEDTLS_ASN1_UTC_TIME || tag == MBEDTLS_ASN1_GENERALIZED_TIME) {
+                // Check correct tag and time written
+                TEST_ASSERT(before_tag == tag);
+                TEST_ASSERT(memcmp(p, not_before, sz - 1) == 0);
+                p += sz;
+                tag = *p++;
+                sz = *p++;
+                TEST_ASSERT(after_tag == tag);
+                TEST_ASSERT(memcmp(p, not_after, sz - 1) == 0);
+                break;
+            }
+            // Increment if long form ASN1 length
+            if (sz & 0x80) {
+                p += sz & 0x0F;
+            }
+            if (tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) {
+                p += sz;
+            }
+        }
+        TEST_ASSERT(p < end);
+    }
+
+    ret = mbedtls_x509write_crt_der(&crt, buf, (size_t) (der_len - 1),
+                                    mbedtls_test_rnd_pseudo_rand, &rnd_info);
+    TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL);
+
+exit:
+    mbedtls_x509write_crt_free(&crt);
+    mbedtls_pk_free(&issuer_key_alt);
+    mbedtls_pk_free(&subject_key);
+    mbedtls_pk_free(&issuer_key);
+    mbedtls_mpi_free(&serial);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_WRITE_C */
+void x509_set_serial_check()
+{
+    mbedtls_x509write_cert ctx;
+    mbedtls_mpi serial_mpi;
+    uint8_t invalid_serial[MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN + 1];
+
+    USE_PSA_INIT();
+    memset(invalid_serial, 0x01, sizeof(invalid_serial));
+
+    mbedtls_mpi_init(&serial_mpi);
+    TEST_EQUAL(mbedtls_mpi_read_binary(&serial_mpi, invalid_serial,
+                                       sizeof(invalid_serial)), 0);
+    TEST_EQUAL(mbedtls_x509write_crt_set_serial(&ctx, &serial_mpi),
+               MBEDTLS_ERR_X509_BAD_INPUT_DATA);
+
+exit:
+    mbedtls_mpi_free(&serial_mpi);
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CREATE_C:MBEDTLS_X509_USE_C */
+void mbedtls_x509_string_to_names(char *name, char *parsed_name, int result
+                                  )
+{
+    int ret;
+    size_t len = 0;
+    mbedtls_asn1_named_data *names = NULL;
+    mbedtls_x509_name parsed, *parsed_cur, *parsed_prv;
+    unsigned char buf[1024], out[1024], *c;
+
+    USE_PSA_INIT();
+
+    memset(&parsed, 0, sizeof(parsed));
+    memset(out, 0, sizeof(out));
+    memset(buf, 0, sizeof(buf));
+    c = buf + sizeof(buf);
+
+    ret = mbedtls_x509_string_to_names(&names, name);
+    TEST_ASSERT(ret == result);
+
+    if (ret != 0) {
+        goto exit;
+    }
+
+    ret = mbedtls_x509_write_names(&c, buf, names);
+    TEST_ASSERT(ret > 0);
+
+    TEST_ASSERT(mbedtls_asn1_get_tag(&c, buf + sizeof(buf), &len,
+                                     MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) == 0);
+    TEST_ASSERT(mbedtls_x509_get_name(&c, buf + sizeof(buf), &parsed) == 0);
+
+    ret = mbedtls_x509_dn_gets((char *) out, sizeof(out), &parsed);
+    TEST_ASSERT(ret > 0);
+
+    TEST_ASSERT(strcmp((char *) out, parsed_name) == 0);
+
+exit:
+    mbedtls_asn1_free_named_data_list(&names);
+
+    parsed_cur = parsed.next;
+    while (parsed_cur != 0) {
+        parsed_prv = parsed_cur;
+        parsed_cur = parsed_cur->next;
+        mbedtls_free(parsed_prv);
+    }
+    USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_WRITE_C */
+void x509_set_extension_length_check()
+{
+    int ret = 0;
+
+    mbedtls_x509write_csr ctx;
+    mbedtls_x509write_csr_init(&ctx);
+
+    unsigned char buf[EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH] = { 0 };
+    unsigned char *p = buf + sizeof(buf);
+
+    ret = mbedtls_x509_set_extension(&(ctx.extensions),
+                                     MBEDTLS_OID_EXTENDED_KEY_USAGE,
+                                     MBEDTLS_OID_SIZE(MBEDTLS_OID_EXTENDED_KEY_USAGE),
+                                     0,
+                                     p,
+                                     SIZE_MAX);
+    TEST_ASSERT(MBEDTLS_ERR_X509_BAD_INPUT_DATA == ret);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/tests/suites/test_suite_xtea.data b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_xtea.data
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/tests/suites/test_suite_xtea.data
rename to 3rdparty/mbedtls-2.28.7/tests/suites/test_suite_xtea.data
diff --git a/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_xtea.function b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_xtea.function
new file mode 100644
index 0000000..7e06e30
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/tests/suites/test_suite_xtea.function
@@ -0,0 +1,86 @@
+/* BEGIN_HEADER */
+#include "mbedtls/xtea.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_XTEA_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void xtea_encrypt_ecb(data_t *key_str, data_t *src_str,
+                      data_t *dst)
+{
+    unsigned char output[100];
+    mbedtls_xtea_context ctx;
+
+    memset(output, 0x00, 100);
+
+
+    mbedtls_xtea_setup(&ctx, key_str->x);
+    TEST_ASSERT(mbedtls_xtea_crypt_ecb(&ctx, MBEDTLS_XTEA_ENCRYPT, src_str->x, output) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void xtea_decrypt_ecb(data_t *key_str, data_t *src_str, data_t *dst)
+{
+    unsigned char output[100];
+    mbedtls_xtea_context ctx;
+
+    memset(output, 0x00, 100);
+
+
+    mbedtls_xtea_setup(&ctx, key_str->x);
+    TEST_ASSERT(mbedtls_xtea_crypt_ecb(&ctx, MBEDTLS_XTEA_DECRYPT, src_str->x, output) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
+void xtea_encrypt_cbc(data_t *key_str, data_t *iv_str,
+                      data_t *src_str, data_t *dst)
+{
+    unsigned char output[100];
+    mbedtls_xtea_context ctx;
+
+    memset(output, 0x00, 100);
+
+
+    mbedtls_xtea_setup(&ctx, key_str->x);
+    TEST_ASSERT(mbedtls_xtea_crypt_cbc(&ctx, MBEDTLS_XTEA_ENCRYPT, src_str->len, iv_str->x,
+                                       src_str->x, output) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x,
+                                    src_str->len, dst->len) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
+void xtea_decrypt_cbc(data_t *key_str, data_t *iv_str,
+                      data_t *src_str, data_t *dst)
+{
+    unsigned char output[100];
+    mbedtls_xtea_context ctx;
+
+    memset(output, 0x00, 100);
+
+
+    mbedtls_xtea_setup(&ctx, key_str->x);
+    TEST_ASSERT(mbedtls_xtea_crypt_cbc(&ctx, MBEDTLS_XTEA_DECRYPT, src_str->len, iv_str->x,
+                                       src_str->x, output) == 0);
+
+    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x,
+                                    src_str->len, dst->len) == 0);
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void xtea_selftest()
+{
+    TEST_ASSERT(mbedtls_xtea_self_test(1) == 0);
+}
+/* END_CASE */
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/benchmark.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/benchmark.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/benchmark.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/benchmark.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/cert_app.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/cert_app.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/cert_app.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/cert_app.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/cert_req.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/cert_req.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/cert_req.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/cert_req.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/cert_write.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/cert_write.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/cert_write.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/cert_write.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/crl_app.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/crl_app.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/crl_app.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/crl_app.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/crypt_and_hash.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/crypt_and_hash.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/crypt_and_hash.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/crypt_and_hash.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/crypto_examples.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/crypto_examples.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/crypto_examples.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/crypto_examples.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/dh_client.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/dh_client.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/dh_client.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/dh_client.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/dh_genprime.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/dh_genprime.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/dh_genprime.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/dh_genprime.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/dh_server.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/dh_server.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/dh_server.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/dh_server.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/dtls_client.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/dtls_client.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/dtls_client.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/dtls_client.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/dtls_server.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/dtls_server.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/dtls_server.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/dtls_server.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/ecdh_curve25519.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/ecdh_curve25519.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/ecdh_curve25519.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/ecdh_curve25519.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/ecdsa.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/ecdsa.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/ecdsa.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/ecdsa.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/gen_entropy.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/gen_entropy.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/gen_entropy.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/gen_entropy.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/gen_key.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/gen_key.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/gen_key.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/gen_key.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/gen_random_ctr_drbg.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/gen_random_ctr_drbg.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/gen_random_ctr_drbg.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/gen_random_ctr_drbg.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/gen_random_havege.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/gen_random_havege.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/gen_random_havege.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/gen_random_havege.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/generic_sum.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/generic_sum.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/generic_sum.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/generic_sum.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/hello.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/hello.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/hello.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/hello.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/key_app.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/key_app.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/key_app.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/key_app.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/key_app_writer.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/key_app_writer.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/key_app_writer.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/key_app_writer.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/key_ladder_demo.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/key_ladder_demo.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/key_ladder_demo.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/key_ladder_demo.vcxproj
diff --git a/3rdparty/mbedtls-2.28.7/visualc/VS2010/load_roots.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/load_roots.vcxproj
new file mode 100644
index 0000000..212b3e4
--- /dev/null
+++ b/3rdparty/mbedtls-2.28.7/visualc/VS2010/load_roots.vcxproj
@@ -0,0 +1,167 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|Win32">
+      <Configuration>Debug</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Debug|x64">
+      <Configuration>Debug</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|Win32">
+      <Configuration>Release</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|x64">
+      <Configuration>Release</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="..\..\programs\x509\load_roots.c" />
+  </ItemGroup>
+  <ItemGroup>
+    <ProjectReference Include="mbedTLS.vcxproj">
+      <Project>{46cf2d25-6a36-4189-b59c-e4815388e554}</Project>
+      <LinkLibraryDependencies>true</LinkLibraryDependencies>
+    </ProjectReference>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <ProjectGuid>{65EB85E6-C928-689F-8335-126F78025220}</ProjectGuid>
+    <Keyword>Win32Proj</Keyword>
+    <RootNamespace>load_roots</RootNamespace>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <LinkIncremental>true</LinkIncremental>
+    <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <LinkIncremental>true</LinkIncremental>
+    <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <LinkIncremental>false</LinkIncremental>
+    <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <LinkIncremental>false</LinkIncremental>
+    <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>Disabled</Optimization>
+      <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
+    </Link>
+    <ProjectReference>
+      <LinkLibraryDependencies>false</LinkLibraryDependencies>
+    </ProjectReference>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>Disabled</Optimization>
+      <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
+    </Link>
+    <ProjectReference>
+      <LinkLibraryDependencies>false</LinkLibraryDependencies>
+    </ProjectReference>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>MaxSpeed</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+      <AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
+      <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>MaxSpeed</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+      <AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
+      <AdditionalDependencies>%(AdditionalDependencies);</AdditionalDependencies>
+    </Link>
+  </ItemDefinitionGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/mbedTLS.sln b/3rdparty/mbedtls-2.28.7/visualc/VS2010/mbedTLS.sln
similarity index 98%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/mbedTLS.sln
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/mbedTLS.sln
index d979617..7d126c0 100644
--- a/3rdparty/mbedtls-2.25.0/visualc/VS2010/mbedTLS.sln
+++ b/3rdparty/mbedtls-2.28.7/visualc/VS2010/mbedTLS.sln
@@ -3,11 +3,6 @@ Microsoft Visual Studio Solution File, Format Version 11.00
 # Visual C++ Express 2010
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mbedTLS", "mbedTLS.vcxproj", "{46CF2D25-6A36-4189-B59C-E4815388E554}"
 EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "aescrypt2", "aescrypt2.vcxproj", "{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}"
-	ProjectSection(ProjectDependencies) = postProject
-		{46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
-	EndProjectSection
-EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "crypt_and_hash", "crypt_and_hash.vcxproj", "{5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}"
 	ProjectSection(ProjectDependencies) = postProject
 		{46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
@@ -258,6 +253,11 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "crl_app", "crl_app.vcxproj"
 		{46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
 	EndProjectSection
 EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "load_roots", "load_roots.vcxproj", "{65EB85E6-C928-689F-8335-126F78025220}"
+	ProjectSection(ProjectDependencies) = postProject
+		{46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
+	EndProjectSection
+EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "req_app", "req_app.vcxproj", "{486B1375-5CFA-C2D2-DD89-C9F497BADCB3}"
 	ProjectSection(ProjectDependencies) = postProject
 		{46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
@@ -279,14 +279,6 @@ Global
 		{46CF2D25-6A36-4189-B59C-E4815388E554}.Release|Win32.Build.0 = Release|Win32
 		{46CF2D25-6A36-4189-B59C-E4815388E554}.Release|x64.ActiveCfg = Release|x64
 		{46CF2D25-6A36-4189-B59C-E4815388E554}.Release|x64.Build.0 = Release|x64
-		{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Debug|Win32.ActiveCfg = Debug|Win32
-		{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Debug|Win32.Build.0 = Debug|Win32
-		{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Debug|x64.ActiveCfg = Debug|x64
-		{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Debug|x64.Build.0 = Debug|x64
-		{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Release|Win32.ActiveCfg = Release|Win32
-		{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Release|Win32.Build.0 = Release|Win32
-		{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Release|x64.ActiveCfg = Release|x64
-		{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Release|x64.Build.0 = Release|x64
 		{5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|Win32.ActiveCfg = Debug|Win32
 		{5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|Win32.Build.0 = Debug|Win32
 		{5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|x64.ActiveCfg = Debug|x64
@@ -687,6 +679,14 @@ Global
 		{DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|Win32.Build.0 = Release|Win32
 		{DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|x64.ActiveCfg = Release|x64
 		{DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|x64.Build.0 = Release|x64
+		{65EB85E6-C928-689F-8335-126F78025220}.Debug|Win32.ActiveCfg = Debug|Win32
+		{65EB85E6-C928-689F-8335-126F78025220}.Debug|Win32.Build.0 = Debug|Win32
+		{65EB85E6-C928-689F-8335-126F78025220}.Debug|x64.ActiveCfg = Debug|x64
+		{65EB85E6-C928-689F-8335-126F78025220}.Debug|x64.Build.0 = Debug|x64
+		{65EB85E6-C928-689F-8335-126F78025220}.Release|Win32.ActiveCfg = Release|Win32
+		{65EB85E6-C928-689F-8335-126F78025220}.Release|Win32.Build.0 = Release|Win32
+		{65EB85E6-C928-689F-8335-126F78025220}.Release|x64.ActiveCfg = Release|x64
+		{65EB85E6-C928-689F-8335-126F78025220}.Release|x64.Build.0 = Release|x64
 		{486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|Win32.ActiveCfg = Debug|Win32
 		{486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|Win32.Build.0 = Debug|Win32
 		{486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|x64.ActiveCfg = Debug|x64
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/mbedTLS.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/mbedTLS.vcxproj
similarity index 85%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/mbedTLS.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/mbedTLS.vcxproj
index 35fa306..903a8a2 100644
--- a/3rdparty/mbedtls-2.25.0/visualc/VS2010/mbedTLS.vcxproj
+++ b/3rdparty/mbedtls-2.28.7/visualc/VS2010/mbedTLS.vcxproj
@@ -163,6 +163,7 @@
     <ClInclude Include="..\..\include\mbedtls\compat-1.3.h" />
     <ClInclude Include="..\..\include\mbedtls\config.h" />
     <ClInclude Include="..\..\include\mbedtls\config_psa.h" />
+    <ClInclude Include="..\..\include\mbedtls\constant_time.h" />
     <ClInclude Include="..\..\include\mbedtls\ctr_drbg.h" />
     <ClInclude Include="..\..\include\mbedtls\debug.h" />
     <ClInclude Include="..\..\include\mbedtls\des.h" />
@@ -222,11 +223,13 @@
     <ClInclude Include="..\..\include\mbedtls\x509_csr.h" />
     <ClInclude Include="..\..\include\mbedtls\xtea.h" />
     <ClInclude Include="..\..\include\psa\crypto.h" />
-    <ClInclude Include="..\..\include\psa\crypto_accel_driver.h" />
+    <ClInclude Include="..\..\include\psa\crypto_builtin_composites.h" />
+    <ClInclude Include="..\..\include\psa\crypto_builtin_primitives.h" />
     <ClInclude Include="..\..\include\psa\crypto_compat.h" />
     <ClInclude Include="..\..\include\psa\crypto_config.h" />
     <ClInclude Include="..\..\include\psa\crypto_driver_common.h" />
-    <ClInclude Include="..\..\include\psa\crypto_entropy_driver.h" />
+    <ClInclude Include="..\..\include\psa\crypto_driver_contexts_composites.h" />
+    <ClInclude Include="..\..\include\psa\crypto_driver_contexts_primitives.h" />
     <ClInclude Include="..\..\include\psa\crypto_extra.h" />
     <ClInclude Include="..\..\include\psa\crypto_platform.h" />
     <ClInclude Include="..\..\include\psa\crypto_se_driver.h" />
@@ -234,28 +237,51 @@
     <ClInclude Include="..\..\include\psa\crypto_struct.h" />
     <ClInclude Include="..\..\include\psa\crypto_types.h" />
     <ClInclude Include="..\..\include\psa\crypto_values.h" />
+    <ClInclude Include="..\..\tests\include\test\arguments.h" />
+    <ClInclude Include="..\..\tests\include\test\asn1_helpers.h" />
     <ClInclude Include="..\..\tests\include\test\constant_flow.h" />
+    <ClInclude Include="..\..\tests\include\test\fake_external_rng_for_test.h" />
     <ClInclude Include="..\..\tests\include\test\helpers.h" />
     <ClInclude Include="..\..\tests\include\test\macros.h" />
     <ClInclude Include="..\..\tests\include\test\psa_crypto_helpers.h" />
+    <ClInclude Include="..\..\tests\include\test\psa_exercise_key.h" />
     <ClInclude Include="..\..\tests\include\test\psa_helpers.h" />
     <ClInclude Include="..\..\tests\include\test\random.h" />
+    <ClInclude Include="..\..\tests\include\test\ssl_helpers.h" />
+    <ClInclude Include="..\..\tests\include\test\drivers\aead.h" />
     <ClInclude Include="..\..\tests\include\test\drivers\cipher.h" />
+    <ClInclude Include="..\..\tests\include\test\drivers\config_test_driver.h" />
+    <ClInclude Include="..\..\tests\include\test\drivers\crypto_config_test_driver_extension.h" />
+    <ClInclude Include="..\..\tests\include\test\drivers\hash.h" />
     <ClInclude Include="..\..\tests\include\test\drivers\key_management.h" />
+    <ClInclude Include="..\..\tests\include\test\drivers\mac.h" />
     <ClInclude Include="..\..\tests\include\test\drivers\signature.h" />
     <ClInclude Include="..\..\tests\include\test\drivers\size.h" />
     <ClInclude Include="..\..\tests\include\test\drivers\test_driver.h" />
+    <ClInclude Include="..\..\library\bignum_internal.h" />
     <ClInclude Include="..\..\library\check_crypto_config.h" />
     <ClInclude Include="..\..\library\common.h" />
+    <ClInclude Include="..\..\library\constant_time_internal.h" />
+    <ClInclude Include="..\..\library\constant_time_invasive.h" />
+    <ClInclude Include="..\..\library\ecp_invasive.h" />
+    <ClInclude Include="..\..\library\mps_common.h" />
+    <ClInclude Include="..\..\library\mps_error.h" />
+    <ClInclude Include="..\..\library\mps_reader.h" />
+    <ClInclude Include="..\..\library\mps_trace.h" />
+    <ClInclude Include="..\..\library\psa_crypto_aead.h" />
+    <ClInclude Include="..\..\library\psa_crypto_cipher.h" />
     <ClInclude Include="..\..\library\psa_crypto_core.h" />
     <ClInclude Include="..\..\library\psa_crypto_driver_wrappers.h" />
+    <ClInclude Include="..\..\library\psa_crypto_ecp.h" />
+    <ClInclude Include="..\..\library\psa_crypto_hash.h" />
     <ClInclude Include="..\..\library\psa_crypto_invasive.h" />
     <ClInclude Include="..\..\library\psa_crypto_its.h" />
+    <ClInclude Include="..\..\library\psa_crypto_mac.h" />
+    <ClInclude Include="..\..\library\psa_crypto_random_impl.h" />
+    <ClInclude Include="..\..\library\psa_crypto_rsa.h" />
     <ClInclude Include="..\..\library\psa_crypto_se.h" />
-    <ClInclude Include="..\..\library\psa_crypto_service_integration.h" />
     <ClInclude Include="..\..\library\psa_crypto_slot_management.h" />
     <ClInclude Include="..\..\library\psa_crypto_storage.h" />
-    <ClInclude Include="..\..\library\ssl_invasive.h" />
     <ClInclude Include="..\..\library\ssl_tls13_keys.h" />
     <ClInclude Include="..\..\3rdparty\everest\include\everest\everest.h" />
     <ClInclude Include="..\..\3rdparty\everest\include\everest\Hacl_Curve25519.h" />
@@ -280,6 +306,7 @@
     <ClCompile Include="..\..\library\cipher.c" />
     <ClCompile Include="..\..\library\cipher_wrap.c" />
     <ClCompile Include="..\..\library\cmac.c" />
+    <ClCompile Include="..\..\library\constant_time.c" />
     <ClCompile Include="..\..\library\ctr_drbg.c" />
     <ClCompile Include="..\..\library\debug.c" />
     <ClCompile Include="..\..\library\des.c" />
@@ -301,6 +328,8 @@
     <ClCompile Include="..\..\library\md4.c" />
     <ClCompile Include="..\..\library\md5.c" />
     <ClCompile Include="..\..\library\memory_buffer_alloc.c" />
+    <ClCompile Include="..\..\library\mps_reader.c" />
+    <ClCompile Include="..\..\library\mps_trace.c" />
     <ClCompile Include="..\..\library\net_sockets.c" />
     <ClCompile Include="..\..\library\nist_kw.c" />
     <ClCompile Include="..\..\library\oid.c" />
@@ -317,7 +346,14 @@
     <ClCompile Include="..\..\library\platform_util.c" />
     <ClCompile Include="..\..\library\poly1305.c" />
     <ClCompile Include="..\..\library\psa_crypto.c" />
+    <ClCompile Include="..\..\library\psa_crypto_aead.c" />
+    <ClCompile Include="..\..\library\psa_crypto_cipher.c" />
+    <ClCompile Include="..\..\library\psa_crypto_client.c" />
     <ClCompile Include="..\..\library\psa_crypto_driver_wrappers.c" />
+    <ClCompile Include="..\..\library\psa_crypto_ecp.c" />
+    <ClCompile Include="..\..\library\psa_crypto_hash.c" />
+    <ClCompile Include="..\..\library\psa_crypto_mac.c" />
+    <ClCompile Include="..\..\library\psa_crypto_rsa.c" />
     <ClCompile Include="..\..\library\psa_crypto_se.c" />
     <ClCompile Include="..\..\library\psa_crypto_slot_management.c" />
     <ClCompile Include="..\..\library\psa_crypto_storage.c" />
@@ -349,8 +385,21 @@
     <ClCompile Include="..\..\library\x509write_crt.c" />
     <ClCompile Include="..\..\library\x509write_csr.c" />
     <ClCompile Include="..\..\library\xtea.c" />
+    <ClCompile Include="..\..\tests\src\asn1_helpers.c" />
+    <ClCompile Include="..\..\tests\src\fake_external_rng_for_test.c" />
     <ClCompile Include="..\..\tests\src\helpers.c" />
+    <ClCompile Include="..\..\tests\src\psa_crypto_helpers.c" />
+    <ClCompile Include="..\..\tests\src\psa_exercise_key.c" />
     <ClCompile Include="..\..\tests\src\random.c" />
+    <ClCompile Include="..\..\tests\src\threading_helpers.c" />
+    <ClCompile Include="..\..\tests\src\drivers\hash.c" />
+    <ClCompile Include="..\..\tests\src\drivers\platform_builtin_keys.c" />
+    <ClCompile Include="..\..\tests\src\drivers\test_driver_aead.c" />
+    <ClCompile Include="..\..\tests\src\drivers\test_driver_cipher.c" />
+    <ClCompile Include="..\..\tests\src\drivers\test_driver_key_management.c" />
+    <ClCompile Include="..\..\tests\src\drivers\test_driver_mac.c" />
+    <ClCompile Include="..\..\tests\src\drivers\test_driver_signature.c" />
+    <ClCompile Include="..\..\tests\src\drivers\test_driver_size.c" />
     <ClCompile Include="..\..\3rdparty\everest\library\everest.c" />
     <ClCompile Include="..\..\3rdparty\everest\library\Hacl_Curve25519_joined.c" />
     <ClCompile Include="..\..\3rdparty\everest\library\x25519.c" />
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/mini_client.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/mini_client.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/mini_client.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/mini_client.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/mpi_demo.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/mpi_demo.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/mpi_demo.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/mpi_demo.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/pem2der.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/pem2der.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/pem2der.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/pem2der.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/pk_decrypt.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/pk_decrypt.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/pk_decrypt.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/pk_decrypt.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/pk_encrypt.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/pk_encrypt.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/pk_encrypt.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/pk_encrypt.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/pk_sign.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/pk_sign.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/pk_sign.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/pk_sign.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/pk_verify.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/pk_verify.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/pk_verify.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/pk_verify.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/psa_constant_names.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/psa_constant_names.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/psa_constant_names.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/psa_constant_names.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/query_compile_time_config.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/query_compile_time_config.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/query_compile_time_config.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/query_compile_time_config.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/req_app.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/req_app.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/req_app.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/req_app.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/rsa_decrypt.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/rsa_decrypt.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/rsa_decrypt.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/rsa_decrypt.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/rsa_encrypt.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/rsa_encrypt.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/rsa_encrypt.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/rsa_encrypt.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/rsa_genkey.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/rsa_genkey.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/rsa_genkey.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/rsa_genkey.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/rsa_sign.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/rsa_sign.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/rsa_sign.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/rsa_sign.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/rsa_sign_pss.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/rsa_sign_pss.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/rsa_sign_pss.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/rsa_sign_pss.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/rsa_verify.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/rsa_verify.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/rsa_verify.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/rsa_verify.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/rsa_verify_pss.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/rsa_verify_pss.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/rsa_verify_pss.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/rsa_verify_pss.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/selftest.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/selftest.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/selftest.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/selftest.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/ssl_client1.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/ssl_client1.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/ssl_client1.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/ssl_client1.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/ssl_client2.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/ssl_client2.vcxproj
similarity index 99%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/ssl_client2.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/ssl_client2.vcxproj
index d7000a4..34cca66 100644
--- a/3rdparty/mbedtls-2.25.0/visualc/VS2010/ssl_client2.vcxproj
+++ b/3rdparty/mbedtls-2.28.7/visualc/VS2010/ssl_client2.vcxproj
@@ -21,6 +21,7 @@
   <ItemGroup>
     <ClCompile Include="..\..\programs\ssl\ssl_client2.c" />
     <ClCompile Include="..\..\programs\test\query_config.c" />
+    <ClCompile Include="..\..\programs\ssl\ssl_test_lib.c" />
   </ItemGroup>
   <ItemGroup>
     <ProjectReference Include="mbedTLS.vcxproj">
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/ssl_context_info.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/ssl_context_info.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/ssl_context_info.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/ssl_context_info.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/ssl_fork_server.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/ssl_fork_server.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/ssl_fork_server.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/ssl_fork_server.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/ssl_mail_client.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/ssl_mail_client.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/ssl_mail_client.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/ssl_mail_client.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/ssl_server.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/ssl_server.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/ssl_server.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/ssl_server.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/ssl_server2.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/ssl_server2.vcxproj
similarity index 99%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/ssl_server2.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/ssl_server2.vcxproj
index a21e6e0..274d149 100644
--- a/3rdparty/mbedtls-2.25.0/visualc/VS2010/ssl_server2.vcxproj
+++ b/3rdparty/mbedtls-2.28.7/visualc/VS2010/ssl_server2.vcxproj
@@ -21,6 +21,7 @@
   <ItemGroup>
     <ClCompile Include="..\..\programs\ssl\ssl_server2.c" />
     <ClCompile Include="..\..\programs\test\query_config.c" />
+    <ClCompile Include="..\..\programs\ssl\ssl_test_lib.c" />
   </ItemGroup>
   <ItemGroup>
     <ProjectReference Include="mbedTLS.vcxproj">
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/strerror.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/strerror.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/strerror.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/strerror.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/udp_proxy.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/udp_proxy.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/udp_proxy.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/udp_proxy.vcxproj
diff --git a/3rdparty/mbedtls-2.25.0/visualc/VS2010/zeroize.vcxproj b/3rdparty/mbedtls-2.28.7/visualc/VS2010/zeroize.vcxproj
similarity index 100%
rename from 3rdparty/mbedtls-2.25.0/visualc/VS2010/zeroize.vcxproj
rename to 3rdparty/mbedtls-2.28.7/visualc/VS2010/zeroize.vcxproj
diff --git a/3rdparty/mvorbrodt_base64/LICENSE b/3rdparty/mvorbrodt_base64/LICENSE
new file mode 100644
index 0000000..ef418f9
--- /dev/null
+++ b/3rdparty/mvorbrodt_base64/LICENSE
@@ -0,0 +1,12 @@
+Copyright (C) 2019-2021 by Martin Vorbrodt <martin@vorbrodt.blog>
+
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
+REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
+INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+PERFORMANCE OF THIS SOFTWARE.
diff --git a/3rdparty/mvorbrodt_base64/base64.hpp b/3rdparty/mvorbrodt_base64/base64.hpp
new file mode 100644
index 0000000..ffffae1
--- /dev/null
+++ b/3rdparty/mvorbrodt_base64/base64.hpp
@@ -0,0 +1,111 @@
+#pragma once
+
+#include <string>
+#include <vector>
+#include <stdexcept>
+#include <cstdint>
+
+namespace base64
+{
+	inline static const char kEncodeLookup[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+	inline static const char kPadCharacter = '=';
+
+	using byte = std::uint8_t;
+
+	inline std::string encode(const std::vector<byte>& input)
+	{
+		std::string encoded;
+		encoded.reserve(((input.size() / 3) + (input.size() % 3 > 0)) * 4);
+
+		std::uint32_t temp{};
+		auto it = input.begin();
+
+		for(std::size_t i = 0; i < input.size() / 3; ++i)
+		{
+			temp  = (*it++) << 16;
+			temp += (*it++) << 8;
+			temp += (*it++);
+			encoded.append(1, kEncodeLookup[(temp & 0x00FC0000) >> 18]);
+			encoded.append(1, kEncodeLookup[(temp & 0x0003F000) >> 12]);
+			encoded.append(1, kEncodeLookup[(temp & 0x00000FC0) >> 6 ]);
+			encoded.append(1, kEncodeLookup[(temp & 0x0000003F)      ]);
+		}
+
+		switch(input.size() % 3)
+		{
+		case 1:
+			temp = (*it++) << 16;
+			encoded.append(1, kEncodeLookup[(temp & 0x00FC0000) >> 18]);
+			encoded.append(1, kEncodeLookup[(temp & 0x0003F000) >> 12]);
+			encoded.append(2, kPadCharacter);
+			break;
+		case 2:
+			temp  = (*it++) << 16;
+			temp += (*it++) << 8;
+			encoded.append(1, kEncodeLookup[(temp & 0x00FC0000) >> 18]);
+			encoded.append(1, kEncodeLookup[(temp & 0x0003F000) >> 12]);
+			encoded.append(1, kEncodeLookup[(temp & 0x00000FC0) >> 6 ]);
+			encoded.append(1, kPadCharacter);
+			break;
+		}
+
+		return encoded;
+	}
+
+	inline std::vector<byte> decode(const std::string& input)
+	{
+		if(input.length() % 4)
+			throw std::runtime_error("Invalid base64 length!");
+
+		std::size_t padding{};
+
+		if(input.length())
+		{
+			if(input[input.length() - 1] == kPadCharacter) padding++;
+			if(input[input.length() - 2] == kPadCharacter) padding++;
+		}
+
+		std::vector<byte> decoded;
+		decoded.reserve(((input.length() / 4) * 3) - padding);
+
+		std::uint32_t temp{};
+		auto it = input.begin();
+
+		while(it < input.end())
+		{
+			for(std::size_t i = 0; i < 4; ++i)
+			{
+				temp <<= 6;
+				if     (*it >= 0x41 && *it <= 0x5A) temp |= *it - 0x41;
+				else if(*it >= 0x61 && *it <= 0x7A) temp |= *it - 0x47;
+				else if(*it >= 0x30 && *it <= 0x39) temp |= *it + 0x04;
+				else if(*it == 0x2B)                temp |= 0x3E;
+				else if(*it == 0x2F)                temp |= 0x3F;
+				else if(*it == kPadCharacter)
+				{
+					switch(input.end() - it)
+					{
+					case 1:
+						decoded.push_back((temp >> 16) & 0x000000FF);
+						decoded.push_back((temp >> 8 ) & 0x000000FF);
+						return decoded;
+					case 2:
+						decoded.push_back((temp >> 10) & 0x000000FF);
+						return decoded;
+					default:
+						throw std::runtime_error("Invalid padding in base64!");
+					}
+				}
+				else throw std::runtime_error("Invalid character in base64!");
+
+				++it;
+			}
+
+			decoded.push_back((temp >> 16) & 0x000000FF);
+			decoded.push_back((temp >> 8 ) & 0x000000FF);
+			decoded.push_back((temp      ) & 0x000000FF);
+		}
+
+		return decoded;
+	}
+}
diff --git a/3rdparty/pybind11/CMakeLists.txt b/3rdparty/pybind11/CMakeLists.txt
deleted file mode 100644
index 36d5756..0000000
--- a/3rdparty/pybind11/CMakeLists.txt
+++ /dev/null
@@ -1,17 +0,0 @@
-cmake_minimum_required(VERSION 3.10.2)
-
-project(pybind11-download NONE)
-
-include(ExternalProject)
-ExternalProject_Add(
-        pybind11
-        PREFIX .
-        GIT_REPOSITORY "https://github.com/pybind/pybind11.git"
-        GIT_TAG "8de7772cc72daca8e947b79b83fea46214931604" # v2.6.2
-        SOURCE_DIR "${CMAKE_BINARY_DIR}/3rdparty/pybind11"
-        # Override default steps with no action, we just want the clone step.
-        CONFIGURE_COMMAND ""
-        BUILD_COMMAND ""
-        INSTALL_COMMAND ""
-)
-
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/.gitignore b/3rdparty/restclient-cpp-0.5.2-fork/.gitignore
new file mode 100644
index 0000000..2465c5a
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/.gitignore
@@ -0,0 +1,42 @@
+bin/*
+*.o
+lib*
+*autom4te.cache
+*.deps
+config*
+!configure.ac
+*aclocal.m4
+*Makefile
+*Makefile.in
+vendor/*
+test-program
+.libs
+
+restclient-cpp.pc
+
+*autom4te.cache
+*aclocal.m4
+*compile
+*configure
+*depcomp
+*install-sh
+*missing
+*stamp-h1
+*.dirstamp
+*ltmain.sh
+m4
+
+# coverage related files
+*gcda
+*gcno
+html
+coverage.info
+
+# packaging
+*.rpm
+*.deb
+usr
+
+# generated files
+include/restclient-cpp/version.h
+arm-poky-linux-gnueabi-libtool
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/.gitmodules b/3rdparty/restclient-cpp-0.5.2-fork/.gitmodules
new file mode 100644
index 0000000..79ab4b5
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/.gitmodules
@@ -0,0 +1,3 @@
+[submodule "docs/_layouts"]
+	path = docs/_layouts
+	url = https://github.com/mrtazz/jekyll-layouts.git
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/.travis.yml b/3rdparty/restclient-cpp-0.5.2-fork/.travis.yml
new file mode 100644
index 0000000..d120a96
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/.travis.yml
@@ -0,0 +1,43 @@
+language: cpp
+dist: xenial
+sudo: required
+group: beta
+
+services:
+  - docker
+
+compiler:
+  - gcc
+  - clang
+script:
+  - ./autogen.sh && ./configure --enable-coverage
+  - make ci
+
+install:
+- gem install fpm
+- gem install package_cloud
+- sudo apt-get install -qq doxygen
+- sudo apt-get install -qq rpm
+- sudo apt-get install -qq valgrind
+- sudo apt-get install -qq libcurl4-openssl-dev
+before_script:
+- curl --version
+- curl https://raw.githubusercontent.com/google/styleguide/gh-pages/cpplint/cpplint.py -o cpplint
+- chmod +x cpplint
+- export PATH=$PATH:`pwd`
+- ./utils/build_gtest.sh
+- gem install coveralls-lcov
+after_success:
+- curl http://ftp.de.debian.org/debian/pool/main/l/lcov/lcov_1.11.orig.tar.gz | tar xz
+- export PATH=$PATH:`pwd`/lcov-1.11/bin
+- make coverage.info
+- coveralls-lcov coverage.info
+deploy:
+  provider: script
+  script: ./autogen.sh && ./configure --prefix=`pwd`/usr && make deploy-packages
+  on:
+    tags: true
+    condition: $CXX = g++
+env:
+  global:
+  - secure: IdA0aOUuazgCVT3X8bmOjC2mJpHIk+eakCUgiPGhsMsg6Nhe+OgYUF9uGLgz3py5qZq3ns+9WV1IVZVhwd1CFz+2wFKHM6WRnvlfFJ/aV+rb10I2tiX8BrepNcZzCvwuTxIgqb3m97DHRmf/s8DnnmF6v5pvUaKb9SjxFQ1d/XY=
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/CHANGELOG.md b/3rdparty/restclient-cpp-0.5.2-fork/CHANGELOG.md
new file mode 100644
index 0000000..0c9bfd1
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/CHANGELOG.md
@@ -0,0 +1,138 @@
+# Changelog
+
+## v0.5.2 (12th February 2020)
+- add a pkg-config setup
+- Use the standard CMake-flag BUILD_SHARED_LIBS. (tastytea)
+- Add CURL and Threads as dependency in CMake config. (tastytea)
+- Replace hardcoded installation directories with GNUInstallDirs. (tastytea)
+- Set minimum CMake version to 3.12.0 (tastytea)
+- Added default compile type to CMakeLists.txt (Jorge Marizan)
+- Added configurable compile type to CMakeLists.txt (Jorge Marizan)
+- use lambda over ptr_fun (Cynthia Coan)
+- mac os x uses glibtoolize not libtoolize (Cynthia Coan)
+- Use std::make_unique when C++14 is available (Heikki Hellgren)
+- fix git version problems during yocto build (Giuseppe Ursino)
+- fix autogen to work with yocto (Giuseppe Ursino)
+- fix relative path issues (Giuseppe Ursino)
+- Added support for Unix sockets. (Dennis Jenkins)
+- update CI dist to xenial (Daniel Schauenberg)
+
+## v0.5.1 (6th May 2019)
+- add initial cmake build
+- switch httpbin tests over to https
+
+## v0.5.0 (31st October 2018)
+
+### Features
+* Add PATCH and OPTIONS methods (#106) (drodil)
+* Add support for limiting the number of redirects (Bas van Kervel)
+* Added web proxy tunneling support. (amzoughi)
+* add client cert & key support (Fan Zhang)
+* add HEAD method (limhyungseok)
+* no-signal capability (Chris Kruger)
+
+### Improvements and fixes
+* Remove duplicate FollowRedirects function (#109) (drodil)
+* Changed content type to application/json (Hajder Rabiee)
+* fix link to CONTRIBUTING guidelines (Daniel Schauenberg)
+* update distro repositories to push packages to (Daniel Schauenberg)
+* fix isspace is not a member of std with Visual Studio 2017 (Yoann Long)
+* add CODE_OF_CONDUCT.md  (Daniel Schauenberg)
+* fix linter error for redundant blank line (Daniel Schauenberg)
+* remove unneeded curl include in restclient.h (Daniel Schauenberg)
+* Make SetProxy behave like curl's CURLOPT_PROXY (Daniel Schauenberg)
+* change prefixed address for proxy to HTTP (Daniel Schauenberg)
+* add unit test for http2 connection (Daniel Schauenberg)
+* move docker setup into Makefile (Daniel Schauenberg)
+* update CONTRIBUTING docs with proxy server details (Daniel Schauenberg)
+* add proxy server as docker service (Daniel Schauenberg)
+* default to 10s timeout in unit tests (Daniel Schauenberg)
+* update docs for HTTPS user certificate feature (Daniel Schauenberg)
+* add .github folder with issue/PR templates (Daniel Schauenberg)
+* move CI to run on travis trusty beta (Daniel Schauenberg)
+* Small optimizations (Martin Gerhardy)
+* Fix -Wpedantic warning (Daniel Perez)
+* fix README examples for conn->post, conn->put (Daniel Schauenberg)
+* add OSX install instructions to README (Daniel Schauenberg)
+
+## v0.4.4 (13th May 2016)
+- bump version because v0.4.3 was mistagged
+
+## v0.4.3 (13th May 2016)
+- only release packages from gcc builds (Daniel Schauenberg)
+
+## v0.4.2 (13th May 2016)
+- add an ldconfig script to package builds (Daniel Schauenberg)
+- Add option to set the Certificate Authority (CA) Info option. (tgoetze)
+- add clang to the travis build matrix (Daniel Schauenberg)
+- README: Update Advanced Example (Marc Zych)
+- Connection: Initialize timeout and followRedirects (Marc Zych)
+
+## v0.4.1 (2nd February 2016)
+- fix package build to include new header files from refactoring
+
+## v0.4.0 (2nd February 2016)
+
+### Features
+**This is a major backwards-incompatible API refactor please read carefully**
+
+- split out into a simple and an advanced API
+  - simple API via static methods
+  - advanced usage via a connection object
+- support for custom user agent strings
+- support for connection pooling and keep-alive
+- support for following redirects
+- support for getting request metrics from the Connection object
+
+### Improvements and fixes
+- increased test coverage
+- addition of valgrind and lint runs on CI
+- fixed some memory leaks
+- improved documentation coverage
+
+
+## v0.3.0 (10th January 2016)
+
+### Features
+- added support for connection timeouts (Islam Yasar)
+- Allow for setting additional HTTP headers (Karol Samborski)
+
+### Improvements and Bug fixes
+- improve general documentation and add docs for auth (Daniel Schauenberg)
+- remove calls to curl_global_cleanup (Daniel Schauenberg)
+- add unit test for basic auth (Daniel Schauenberg)
+- switch unit tests to use [http://httpbin.org]() (Daniel Schauenberg)
+- move two include instructions (Jos)
+- added reporting for test coverage (Daniel Schauenberg)
+- cleanup version gen to be driven by git tags (Daniel Schauenberg)
+- clean up build and support building on FreeBSD (Daniel Schauenberg)
+- automate package deployment to packagecloud (Daniel Schauenberg)
+- add automatic doc build & deploy (Daniel Schauenberg)
+- Ensure the built shared library does not have dynamic references to libgtest (Thomas Goetze)
+
+## v0.2.0 (19th April 2015)
+- support basic auth
+- Add header's to response object
+- fix memory leaks related to curl cleanup
+- add autotools build
+- add CONTRIBUTING.md
+- add vendorized gtest
+
+## v0.1.2 (22nd March 2011)
+- return -1 for failed query instead of exit(1)
+- add unit tests for failed query returncode == -1
+- fix typos in README and add more sections
+- include cstring for memcpy
+- add cstdlib as include for proper dependencies
+
+## v0.1.1 (27th October 2010)
+- bump version to v0.1.1
+- add target for static library
+- add target for dynamic library
+- ignore lib folder in gitignore
+- include meta.h from local include folder
+- update README
+
+## v0.1.0 (15th October 2010)
+- initial release
+- support basic HTTP verbs (GET, POST, PUT, DELETE)
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/CMakeLists.txt b/3rdparty/restclient-cpp-0.5.2-fork/CMakeLists.txt
new file mode 100644
index 0000000..ae88e5c
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/CMakeLists.txt
@@ -0,0 +1,173 @@
+
+cmake_minimum_required(VERSION 3.12.0)
+
+project(restclient-cpp
+  VERSION 0.5.2
+  DESCRIPTION "REST client for C++"
+  HOMEPAGE_URL "http://code.mrtazz.com/restclient-cpp"
+)
+set(restclient-cpp_VENDOR "d@unwiredcouch.com")
+set(PROJECT_VENDOR "${restclient-cpp_VENDOR}")
+
+message(STATUS "Configured for: ${CMAKE_BUILD_TYPE}")
+add_custom_target(BeginMessage ALL
+    ${CMAKE_COMMAND} -E cmake_echo_color --white "Compiling for: $<CONFIG>"
+    COMMENT "Compile Info" )
+
+set(CMAKE_DEBUG_POSTFIX d)
+
+set(CMAKE_CXX_STANDARD 11)
+
+list(APPEND CMAKE_MODULE_PATH "${PROJECT_SOURCE_DIR}/cmake/modules")
+
+
+if(POLICY CMP0074)
+  cmake_policy(SET CMP0074 NEW)
+endif()
+
+include(CheckIncludeFiles)
+
+find_package(GTest QUIET)
+if(GTEST_FOUND)
+set(Gtest_FOUND TRUE)
+endif()
+if(GTest_FOUND)
+include(GoogleTest)
+endif()
+
+find_package(Threads REQUIRED)
+find_package(CURL REQUIRED)
+find_package(jsoncpp QUIET)
+
+option(BUILD_SHARED_LIBS "Build shared library." YES)
+if(COMPILE_TYPE STREQUAL "SHARED")
+  set(BUILD_SHARED_LIBS YES)
+endif()
+
+add_library(restclient-cpp
+  source/restclient.cc
+  source/connection.cc
+  source/helpers.cc
+)
+set_property(TARGET restclient-cpp PROPERTY SOVERSION 2.1.1)
+
+target_compile_features(restclient-cpp PUBLIC cxx_std_11)
+
+list(APPEND restclient-cpp_PUBLIC_HEADERS
+  include/restclient-cpp/restclient.h
+  "${CMAKE_CURRENT_BINARY_DIR}/include/restclient-cpp/version.h"
+  include/restclient-cpp/connection.h
+  include/restclient-cpp/helpers.h
+)
+# target_sources(restclient-cpp PRIVATE ${restclient-cpp_PUBLIC_HEADERS})
+set_property(TARGET restclient-cpp PROPERTY
+  PUBLIC_HEADER ${restclient-cpp_PUBLIC_HEADERS})
+target_include_directories(restclient-cpp PRIVATE include)
+
+if(NOT EXISTS "${CMAKE_CURRENT_BINARY_DIR}/version.h.in")
+file(WRITE "${CMAKE_CURRENT_BINARY_DIR}/version.h.in" [=[
+#ifndef INCLUDE_RESTCLIENT_CPP_VERSION_H_
+#define INCLUDE_RESTCLIENT_CPP_VERSION_H_
+#define RESTCLIENT_VERSION "@restclient-cpp_VERSION@"
+#endif  // INCLUDE_RESTCLIENT_CPP_VERSION_H_
+]=])
+endif()
+configure_file("${CMAKE_CURRENT_BINARY_DIR}/version.h.in"
+  "${CMAKE_CURRENT_BINARY_DIR}/include/restclient-cpp/version.h")
+target_include_directories(restclient-cpp PRIVATE "${CMAKE_CURRENT_BINARY_DIR}/include")
+
+target_link_libraries(restclient-cpp
+  PUBLIC CURL::libcurl
+  PUBLIC Threads::Threads
+)
+
+include(GNUInstallDirs)
+set(INCLUDE_INSTALL_DIR "${CMAKE_INSTALL_INCLUDEDIR}/restclient-cpp" )
+set(CONFIG_INSTALL_DIR "${CMAKE_INSTALL_LIBDIR}/cmake/restclient-cpp" )
+set(RUNTIME_INSTALL_DIR "${CMAKE_INSTALL_BINDIR}" )
+set(LIB_INSTALL_DIR "${CMAKE_INSTALL_LIBDIR}" )
+set(DATA_INSTALL_DIR "${CMAKE_INSTALL_DATADIR}/restclient-cpp" )
+
+install(TARGETS restclient-cpp EXPORT restclient-cppTargets
+  PUBLIC_HEADER DESTINATION ${INCLUDE_INSTALL_DIR}
+  RUNTIME DESTINATION ${RUNTIME_INSTALL_DIR}
+  LIBRARY DESTINATION ${LIB_INSTALL_DIR}
+  ARCHIVE DESTINATION ${LIB_INSTALL_DIR}
+  RESOURCE DESTINATION ${DATA_INSTALL_DIR}
+)
+
+include(CMakePackageConfigHelpers)
+file(WRITE "${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}Config.cmake.in"
+  "@PACKAGE_INIT@\n"
+  "include(CMakeFindDependencyMacro)\n"
+  "find_dependency(CURL REQUIRED)\n"
+  "find_dependency(Threads REQUIRED)\n"
+  "include(\${CMAKE_CURRENT_LIST_DIR}/\@PROJECT_NAME\@Targets.cmake)\n")
+configure_package_config_file(
+  ${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}Config.cmake.in
+    ${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}Config.cmake
+  INSTALL_DESTINATION
+    ${CMAKE_INSTALL_PREFIX}/${CONFIG_INSTALL_DIR}
+  PATH_VARS
+    INCLUDE_INSTALL_DIR
+    CONFIG_INSTALL_DIR
+    RUNTIME_INSTALL_DIR
+    LIB_INSTALL_DIR
+    DATA_INSTALL_DIR
+)
+
+write_basic_package_version_file(
+  "${CMAKE_CURRENT_BINARY_DIR}/restclient-cppConfigVersion.cmake"
+  COMPATIBILITY
+    SameMajorVersion
+)
+
+# export targets for find_package config mode
+install(EXPORT restclient-cppTargets DESTINATION ${CONFIG_INSTALL_DIR})
+
+install(
+  FILES
+    ${CMAKE_CURRENT_BINARY_DIR}/restclient-cppConfig.cmake
+    ${CMAKE_CURRENT_BINARY_DIR}/restclient-cppConfigVersion.cmake
+  DESTINATION
+    ${CMAKE_INSTALL_PREFIX}/${CONFIG_INSTALL_DIR}
+)
+
+if(Gtest_FOUND AND jsoncpp_FOUND)
+
+enable_testing()
+
+
+add_executable(test-program
+  vendor/jsoncpp-0.10.5/dist/jsoncpp.cpp
+  test/tests.cpp
+  test/test_restclient.cc
+  test/test_connection.cc
+  test/test_helpers.cc
+)
+target_include_directories(test-program
+  PRIVATE include
+  PRIVATE vendor/jsoncpp-0.10.5/dist
+  PRIVATE "${CMAKE_CURRENT_BINARY_DIR}/include")
+
+target_link_libraries(test-program
+  PUBLIC restclient-cpp
+  PUBLIC GTest::GTest
+)
+gtest_discover_tests(test-program
+  WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}
+  EXTRA_ARGS -VV
+)
+
+endif()
+
+
+# TODO: Setup ctest here for valgrind and CI
+
+# TODO: Setup cpack here for automatic packaging.
+#       Note most of the work is already done above due to use of properties and install commands.
+
+include(FeatureSummary)
+feature_summary(WHAT ALL)
+
+
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/CODE_OF_CONDUCT.md b/3rdparty/restclient-cpp-0.5.2-fork/CODE_OF_CONDUCT.md
new file mode 100644
index 0000000..b7df4e3
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/CODE_OF_CONDUCT.md
@@ -0,0 +1,74 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at coc@unwiredcouch.com. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/LICENSE b/3rdparty/restclient-cpp-0.5.2-fork/LICENSE
new file mode 100644
index 0000000..5c1358f
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/LICENSE
@@ -0,0 +1,20 @@
+Copyright (c) 2010 Daniel Schauenberg
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/Makefile.am b/3rdparty/restclient-cpp-0.5.2-fork/Makefile.am
new file mode 100644
index 0000000..4872a30
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/Makefile.am
@@ -0,0 +1,54 @@
+ACLOCAL_AMFLAGS=-I m4
+CPPFLAGS=-I${top_srcdir}/include
+check_PROGRAMS = test-program
+pkginclude_HEADERS = include/restclient-cpp/restclient.h include/restclient-cpp/version.h include/restclient-cpp/connection.h include/restclient-cpp/helpers.h
+BUILT_SOURCES = include/restclient-cpp/version.h
+
+test_program_SOURCES = vendor/jsoncpp-0.10.5/dist/jsoncpp.cpp test/tests.cpp test/test_helpers.cc test/test_restclient.cc test/test_connection.cc
+test_program_LDADD = .libs/librestclient-cpp.a
+test_program_LDFLAGS=-Lvendor/gtest-1.7.0/lib/.libs -lgtest
+test_program_CPPFLAGS=-std=c++11 -Iinclude -Ivendor/gtest-1.7.0/include -Ivendor/jsoncpp-0.10.5/dist
+
+lib_LTLIBRARIES=librestclient-cpp.la
+librestclient_cpp_la_SOURCES=source/restclient.cc source/connection.cc source/helpers.cc
+librestclient_cpp_la_CXXFLAGS=-fPIC -std=c++11
+librestclient_cpp_la_LDFLAGS=-version-info 2:1:1
+
+dist_doc_DATA = README.md
+
+.PHONY: test check clean-coverage-files coverage-html include/restclient-cpp/version.h lint ci docker-services
+
+include/restclient-cpp/version.h:
+	m4 -I ${top_srcdir}/m4 -DM4_RESTCLIENT_VERSION=$(PACKAGE_VERSION) version.h.m4 > ${top_srcdir}/$@ 
+ 
+
+
+test: check
+	./test-program
+
+valgrind: check
+	valgrind --leak-check=full --error-exitcode=1 ./test-program
+
+lint:
+	cpplint --filter=-legal/copyright include/restclient-cpp/*.h source/*.cc
+
+docker-services:
+	docker inspect --format="{{ .State.Running }}" restclient-proxy &> /dev/null || docker run -d --name restclient-proxy -p 3128:3128 chrisdaish/squid
+	docker ps -a
+
+ci: lint docker-services test valgrind
+
+clean-local:
+	find . -name "*.gcda" -print0 | xargs -0 rm
+
+coverage.info: test
+	lcov --compat-libtool --capture --directory source --output-file coverage.info
+	lcov --compat-libtool --remove coverage.info "/usr*" -o coverage.info
+
+coverage-html: coverage.info
+	genhtml -t "restclient-cpp coverage report" --legend --show-details coverage.info --output-directory html
+
+# include other make targets in the main Makefile
+include $(srcdir)/Makefile.packaging.mk
+include $(srcdir)/Makefile.docs.mk
+
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/Makefile.docs.mk b/3rdparty/restclient-cpp-0.5.2-fork/Makefile.docs.mk
new file mode 100644
index 0000000..28202dd
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/Makefile.docs.mk
@@ -0,0 +1,27 @@
+# Make tasks to create and deploy documentation
+.PHONY: docs clean-docs deploy-docs doxygen update-docs-from-readme jekyll-layouts
+
+GAUGES_CODE="539c6c8de32bb442640005f3"
+
+jekyll-layouts:
+	git submodule update --init
+
+doxygen:
+	doxygen doxygen.config
+
+update-docs-from-readme: jekyll-layouts
+	install -d docs
+	echo "gaugesid: $(GAUGES_CODE)" > docs/_config.yml
+	echo "projecturl: $(PROJECT_URL)" >> docs/_config.yml
+	echo "basesite: http://www.unwiredcouch.com" >> docs/_config.yml
+	echo "markdown: kramdown" >> docs/_config.yml
+	echo "---" > docs/index.md
+	echo "layout: project" >> docs/index.md
+	echo "title: $(NAME)" >> docs/index.md
+	echo "---" >> docs/index.md
+	cat README.md >> docs/index.md
+
+docs: doxygen update-docs-from-readme
+
+clean-docs:
+	rm -rf ./docs
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/Makefile.packaging.mk b/3rdparty/restclient-cpp-0.5.2-fork/Makefile.packaging.mk
new file mode 100644
index 0000000..ffa5ec8
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/Makefile.packaging.mk
@@ -0,0 +1,34 @@
+# make tasks to create and publish packages
+.PHONY: rpm deb packages deploy-packages
+
+local-install:
+	$(MAKE) install PREFIX=usr
+
+NAME=restclient-cpp
+VERSION = $(shell git describe --tags --always --dirty)
+BUILDER = $(shell echo "`git config user.name` <`git config user.email`>")
+PKG_RELEASE ?= 1
+PROJECT_URL="https://github.com/mrtazz/$(NAME)"
+FPM_FLAGS= --name $(NAME) --version $(VERSION) --iteration $(PKG_RELEASE) \
+           --epoch 1 --license MIT --maintainer "$(BUILDER)" --url $(PROJECT_URL) \
+           --vendor mrtazz --description "C++ client for making HTTP/REST requests" \
+           --after-install utils/runldconfig.sh --after-remove utils/runldconfig.sh \
+           --depends curl usr
+
+rpm:
+	  fpm -t rpm -s dir $(FPM_FLAGS)
+
+deb:
+	  fpm -t deb -s dir $(FPM_FLAGS)
+
+packages: local-install rpm deb
+
+deploy-packages: packages
+	package_cloud push mrtazz/$(NAME)/el/7 *.rpm
+	package_cloud push mrtazz/$(NAME)/debian/wheezy *.deb
+	package_cloud push mrtazz/$(NAME)/debian/jessie *.deb
+	package_cloud push mrtazz/$(NAME)/debian/stretch *.deb
+	package_cloud push mrtazz/$(NAME)/debian/buster *.deb
+	package_cloud push mrtazz/$(NAME)/ubuntu/trusty *.deb
+	package_cloud push mrtazz/$(NAME)/ubuntu/xenial *.deb
+	package_cloud push mrtazz/$(NAME)/ubuntu/bionic *.deb
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/README.md b/3rdparty/restclient-cpp-0.5.2-fork/README.md
new file mode 100644
index 0000000..ad7b1c1
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/README.md
@@ -0,0 +1,266 @@
+# REST client for C++
+[![Build Status](https://travis-ci.org/mrtazz/restclient-cpp.svg?branch=master)](https://travis-ci.org/mrtazz/restclient-cpp)
+[![Coverage Status](https://coveralls.io/repos/mrtazz/restclient-cpp/badge.svg?branch=master&service=github)](https://coveralls.io/github/mrtazz/restclient-cpp?branch=master)
+[![Packagecloud](https://img.shields.io/badge/packagecloud-available-brightgreen.svg)](https://packagecloud.io/mrtazz/restclient-cpp)
+[![doxygen](https://img.shields.io/badge/doxygen-reference-blue.svg)](http://code.mrtazz.com/restclient-cpp/ref/)
+[![MIT license](https://img.shields.io/badge/license-MIT-blue.svg)](http://opensource.org/licenses/MIT)
+
+
+## About
+This is a simple REST client for C++. It wraps [libcurl][] for HTTP requests.
+
+## Usage
+restclient-cpp provides two ways of interacting with REST endpoints. There is
+a simple one, which doesn't need you to configure an object to interact with
+an API. However the simple way doesn't provide a lot of configuration options
+either. So if you need more than just a simple HTTP call, you will probably
+want to check out the advanced usage.
+
+### Simple Usage
+The simple API is just some static methods modeled after the most common HTTP
+verbs:
+
+```cpp
+#include "restclient-cpp/restclient.h"
+
+RestClient::Response r = RestClient::get("http://url.com")
+RestClient::Response r = RestClient::post("http://url.com/post", "application/json", "{\"foo\": \"bla\"}")
+RestClient::Response r = RestClient::put("http://url.com/put", "application/json", "{\"foo\": \"bla\"}")
+RestClient::Response r = RestClient::patch("http://url.com/patch", "application/json", "{\"foo\": \"bla\"}")
+RestClient::Response r = RestClient::del("http://url.com/delete")
+RestClient::Response r = RestClient::head("http://url.com")
+RestClient::Response r = RestClient::options("http://url.com")
+```
+
+The response is of type [RestClient::Response][restclient_response] and has
+three attributes:
+
+```cpp
+RestClient::Response.code // HTTP response code
+RestClient::Response.body // HTTP response body
+RestClient::Response.headers // HTTP response headers
+```
+
+### Advanced Usage
+However if you want more sophisticated features like connection reuse,
+timeouts or authentication, there is also a different, more configurable way.
+
+```cpp
+#include "restclient-cpp/connection.h"
+#include "restclient-cpp/restclient.h"
+
+// initialize RestClient
+RestClient::init();
+
+// get a connection object
+RestClient::Connection* conn = new RestClient::Connection("http://url.com");
+
+// configure basic auth
+conn->SetBasicAuth("WarMachine68", "WARMACHINEROX");
+
+// set connection timeout to 5s
+conn->SetTimeout(5);
+
+// set custom user agent
+// (this will result in the UA "foo/cool restclient-cpp/VERSION")
+conn->SetUserAgent("foo/cool");
+
+// enable following of redirects (default is off)
+conn->FollowRedirects(true);
+// and limit the number of redirects (default is -1, unlimited)
+conn->FollowRedirects(true, 3);
+
+// set headers
+RestClient::HeaderFields headers;
+headers["Accept"] = "application/json";
+conn->SetHeaders(headers)
+
+// append additional headers
+conn->AppendHeader("X-MY-HEADER", "foo")
+
+// if using a non-standard Certificate Authority (CA) trust file
+conn->SetCAInfoFilePath("/etc/custom-ca.crt")
+
+RestClient::Response r = conn->get("/get")
+RestClient::Response r = conn->head("/get")
+RestClient::Response r = conn->del("/delete")
+RestClient::Response r = conn->options("/options")
+
+// set different content header for POST, PUT and PATCH
+conn->AppendHeader("Content-Type", "application/json")
+RestClient::Response r = conn->post("/post", "{\"foo\": \"bla\"}")
+RestClient::Response r = conn->put("/put", "application/json", "{\"foo\": \"bla\"}")
+RestClient::Response r = conn->patch("/patch", "text/plain", "foobar")
+
+// deinit RestClient. After calling this you have to call RestClient::init()
+// again before you can use it
+RestClient::disable();
+```
+
+The responses are again of type [RestClient::Response][restclient_response]
+and have three attributes:
+
+```cpp
+RestClient::Response.code // HTTP response code
+RestClient::Response.body // HTTP response body
+RestClient::Response.headers // HTTP response headers
+```
+
+The connection object also provides a simple way to get some diagnostics and
+metrics information via `conn->GetInfo()`. The result is a
+`RestClient::Connection::Info` struct and looks like this:
+
+```cpp
+typedef struct {
+  std::string base_url;
+  RestClients::HeaderFields headers;
+  int timeout;
+  struct {
+    std::string username;
+    std::string password;
+  } basicAuth;
+
+  std::string certPath;
+  std::string certType;
+  std::string keyPath;
+  std::string keyPassword;
+  std::string customUserAgent;
+  std::string uriProxy;
+  struct {
+    // total time of the last request in seconds Total time of previous
+    // transfer. See CURLINFO_TOTAL_TIME
+    int totalTime;
+    // time spent in DNS lookup in seconds Time from start until name
+    // resolving completed. See CURLINFO_NAMELOOKUP_TIME
+    int nameLookupTime;
+    // time it took until Time from start until remote host or proxy
+    // completed. See CURLINFO_CONNECT_TIME
+    int connectTime;
+    // Time from start until SSL/SSH handshake completed. See
+    // CURLINFO_APPCONNECT_TIME
+    int appConnectTime;
+    // Time from start until just before the transfer begins. See
+    // CURLINFO_PRETRANSFER_TIME
+    int preTransferTime;
+    // Time from start until just when the first byte is received. See
+    // CURLINFO_STARTTRANSFER_TIME
+    int startTransferTime;
+    // Time taken for all redirect steps before the final transfer. See
+    // CURLINFO_REDIRECT_TIME
+    int redirectTime;
+    // number of redirects followed. See CURLINFO_REDIRECT_COUNT
+    int redirectCount;
+  } lastRequest;
+} Info;
+```
+
+#### Persistent connections/Keep-Alive
+The connection object stores the curl easy handle in an instance variable and
+uses that for the lifetime of the object. This means curl will [automatically
+reuse connections][curl_keepalive] made with that handle.
+
+
+## Thread Safety
+restclient-cpp leans heavily on libcurl as it aims to provide a thin wrapper
+around it. This means it adheres to the basic level of thread safety [provided
+by libcurl][curl_threadsafety]. The `RestClient::init()` and
+`RestClient::disable()` methods basically correspond to `curl_global_init` and
+`curl_global_cleanup` and thus need to be called right at the beginning of
+your program and before shutdown respectively. These set up the environment
+and are **not thread-safe**. After that you can create connection objects in
+your threads. Do not share connection objects across threads as this would
+mean accessing curl handles from multiple threads at the same time which is
+not allowed.
+
+The connection level method SetNoSignal can be set to skip all signal handling. This is important in multi-threaded applications as DNS resolution timeouts use signals. The signal handlers quite readily get executed on other threads. Note that with this option DNS resolution timeouts do not work. If you have crashes in your multi-threaded executable that appear to be in DNS resolution, this is probably why.
+
+In order to provide an easy to use API, the simple usage via the static
+methods implicitly calls the curl global functions and is therefore also **not
+thread-safe**.
+
+## HTTPS User Certificate
+
+Simple wrapper functions are provided to allow clients to authenticate using certificates.
+Under the hood these wrappers set cURL options, e.g. `CURLOPT_SSLCERT`, using `curl_easy_setopt`.
+Note: currently `libcurl` compiled with `gnutls` (e.g. `libcurl4-gnutls-dev` on
+ubuntu) is buggy in that it returns a wrong error code when these options are set to invalid values.
+
+```cpp
+// set CURLOPT_SSLCERT
+conn->SetCertPath(certPath);
+// set CURLOPT_SSLCERTTYPE
+conn->SetCertType(type);
+// set CURLOPT_SSLKEY
+conn->SetKeyPath(keyPath);
+// set CURLOPT_KEYPASSWD
+conn->SetKeyPassword(keyPassword);
+```
+
+## HTTP Proxy Tunneling Support
+
+An HTTP Proxy can be set to use for the upcoming request.
+To specify a port number, append :[port] to the end of the host name. If not specified, `libcurl` will default to using port 1080 for proxies. The proxy string may be prefixed with `http://` or `https://`. If no HTTP(S) scheme is specified, the address provided to `libcurl` will be prefixed with `http://` to specify an HTTP proxy. A proxy host string can embedded user + password.
+The operation will be tunneled through the proxy as curl option `CURLOPT_HTTPPROXYTUNNEL` is enabled by default.
+A numerical IPv6 address must be written within [brackets].
+
+```cpp
+// set CURLOPT_PROXY
+conn->SetProxy("https://37.187.100.23:3128");
+/* or you can set it without the protocol scheme and
+http:// will be prefixed by default */
+conn->SetProxy("37.187.100.23:3128");
+/* the following request will be tunneled through the proxy */
+RestClient::Response res = conn->get("/get");
+```
+
+## Unix Socket Support
+
+- https://docs.docker.com/develop/sdk/examples/
+- $ curl --unix-socket /var/run/docker.sock http:/v1.24/containers/json
+
+Note that the URL used with a unix socket has only ONE leading forward slash.
+
+```cpp
+RestClient::Connection* conn = new RestClient::Connection("http:/v1.30");
+conn->SetUnixSocketPath("/var/run/docker.sock");
+RestClient::HeaderFields headers;
+headers["Accept"] = "application/json; charset=UTF-8";
+headers["Expect"] = "";
+conn->SetHeaders(headers);
+auto resp = conn->get("/images/json");
+```
+
+## Dependencies
+- [libcurl][]
+
+## Installation
+There are some packages available for Linux on [packagecloud][packagecloud].
+And for OSX you can get it from the mrtazz/oss homebrew tap:
+
+```bash
+brew tap mrtazz/oss
+brew install restclient-cpp
+```
+
+Otherwise you can do the regular autotools dance:
+
+```bash
+./autogen.sh
+./configure
+make install
+```
+
+## Contribute
+All contributions are highly appreciated. This includes filing issues,
+updating documentation and writing code. Please take a look at the
+[contributing guidelines][contributing] before so your contribution can be
+merged as fast as possible.
+
+
+[libcurl]: http://curl.haxx.se/libcurl/
+[gtest]: http://code.google.com/p/googletest/
+[packagecloud]: https://packagecloud.io/mrtazz/restclient-cpp
+[contributing]: https://github.com/mrtazz/restclient-cpp/blob/master/.github/CONTRIBUTING.md
+[curl_keepalive]: http://curl.haxx.se/docs/faq.html#What_about_Keep_Alive_or_persist
+[curl_threadsafety]: http://curl.haxx.se/libcurl/c/threadsafe.html
+[restclient_response]: http://code.mrtazz.com/restclient-cpp/ref/struct_rest_client_1_1_response.html
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/autogen.sh b/3rdparty/restclient-cpp-0.5.2-fork/autogen.sh
new file mode 100644
index 0000000..478db09
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/autogen.sh
@@ -0,0 +1,18 @@
+#! /bin/sh
+[ -e config.cache ] && rm -f config.cache
+
+echo -n "testing for glibtoolize ... "
+if glibtoolize --version >/dev/null 2>&1; then
+  LIBTOOLIZE=glibtoolize
+  echo "using glibtoolize"
+else
+  LIBTOOLIZE=libtoolize
+  echo "using libtoolize"
+fi
+$LIBTOOLIZE --automake
+aclocal ${OECORE_ACLOCAL_OPTS}
+autoconf
+autoheader
+automake -a
+./configure $@
+exit
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/configure.ac b/3rdparty/restclient-cpp-0.5.2-fork/configure.ac
new file mode 100644
index 0000000..e42c3fb
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/configure.ac
@@ -0,0 +1,30 @@
+AC_PREREQ([2.52])
+AC_INIT([restclient-cpp], [0.5.2], [d@unwiredcouch.com])
+AM_INIT_AUTOMAKE([foreign subdir-objects])
+LT_INIT
+AC_CONFIG_HEADERS([config.h])
+AC_CONFIG_MACRO_DIR([m4])
+
+# Checks for programs.
+AC_PROG_CXX
+AC_PROG_CC
+AC_PROG_INSTALL
+
+# check for headers
+AC_CHECK_HEADERS([curl/curl.h])
+
+# Checks for libraries.
+# FIXME: Replace `main' with a function in `-lcurl':
+AC_CHECK_LIB([curl], [main])
+
+# Checks for typedefs, structures, and compiler characteristics.
+AC_C_INLINE
+AC_TYPE_SIZE_T
+
+AC_CONFIG_FILES([Makefile restclient-cpp.pc])
+
+# enable code coverage with ./configure --enable-coverage
+AC_ARG_ENABLE(coverage,
+    AC_HELP_STRING([--enable-coverage],[Enable code coverage]), [CXXFLAGS=" -O0 -g -ftest-coverage -fprofile-arcs"])
+
+AC_OUTPUT
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/doxygen.config b/3rdparty/restclient-cpp-0.5.2-fork/doxygen.config
new file mode 100644
index 0000000..f50b798
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/doxygen.config
@@ -0,0 +1,2362 @@
+# Doxyfile 1.8.9.1
+
+# This file describes the settings to be used by the documentation system
+# doxygen (www.doxygen.org) for a project.
+#
+# All text after a double hash (##) is considered a comment and is placed in
+# front of the TAG it is preceding.
+#
+# All text after a single hash (#) is considered a comment and will be ignored.
+# The format is:
+# TAG = value [value, ...]
+# For lists, items can also be appended using:
+# TAG += value [value, ...]
+# Values that contain spaces should be placed between quotes (\" \").
+
+#---------------------------------------------------------------------------
+# Project related configuration options
+#---------------------------------------------------------------------------
+
+# This tag specifies the encoding used for all characters in the config file
+# that follow. The default is UTF-8 which is also the encoding used for all text
+# before the first occurrence of this tag. Doxygen uses libiconv (or the iconv
+# built into libc) for the transcoding. See http://www.gnu.org/software/libiconv
+# for the list of possible encodings.
+# The default value is: UTF-8.
+
+DOXYFILE_ENCODING      = UTF-8
+
+# The PROJECT_NAME tag is a single word (or a sequence of words surrounded by
+# double-quotes, unless you are using Doxywizard) that should identify the
+# project for which the documentation is generated. This name is used in the
+# title of most generated pages and in a few other places.
+# The default value is: My Project.
+
+PROJECT_NAME           = "restclient-cpp"
+
+# The PROJECT_NUMBER tag can be used to enter a project or revision number. This
+# could be handy for archiving the generated documentation or if some version
+# control system is used.
+
+PROJECT_NUMBER         =
+
+# Using the PROJECT_BRIEF tag one can provide an optional one line description
+# for a project that appears at the top of each page and should give viewer a
+# quick idea about the purpose of the project. Keep the description short.
+
+PROJECT_BRIEF          = "C++ client for making HTTP/REST requests"
+
+# With the PROJECT_LOGO tag one can specify a logo or an icon that is included
+# in the documentation. The maximum height of the logo should not exceed 55
+# pixels and the maximum width should not exceed 200 pixels. Doxygen will copy
+# the logo to the output directory.
+
+PROJECT_LOGO           =
+
+# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) path
+# into which the generated documentation will be written. If a relative path is
+# entered, it will be relative to the location where doxygen was started. If
+# left blank the current directory will be used.
+
+OUTPUT_DIRECTORY       = docs
+
+# If the CREATE_SUBDIRS tag is set to YES then doxygen will create 4096 sub-
+# directories (in 2 levels) under the output directory of each output format and
+# will distribute the generated files over these directories. Enabling this
+# option can be useful when feeding doxygen a huge amount of source files, where
+# putting all generated files in the same directory would otherwise causes
+# performance problems for the file system.
+# The default value is: NO.
+
+CREATE_SUBDIRS         = NO
+
+# If the ALLOW_UNICODE_NAMES tag is set to YES, doxygen will allow non-ASCII
+# characters to appear in the names of generated files. If set to NO, non-ASCII
+# characters will be escaped, for example _xE3_x81_x84 will be used for Unicode
+# U+3044.
+# The default value is: NO.
+
+ALLOW_UNICODE_NAMES    = NO
+
+# The OUTPUT_LANGUAGE tag is used to specify the language in which all
+# documentation generated by doxygen is written. Doxygen will use this
+# information to generate all constant output in the proper language.
+# Possible values are: Afrikaans, Arabic, Armenian, Brazilian, Catalan, Chinese,
+# Chinese-Traditional, Croatian, Czech, Danish, Dutch, English (United States),
+# Esperanto, Farsi (Persian), Finnish, French, German, Greek, Hungarian,
+# Indonesian, Italian, Japanese, Japanese-en (Japanese with English messages),
+# Korean, Korean-en (Korean with English messages), Latvian, Lithuanian,
+# Macedonian, Norwegian, Persian (Farsi), Polish, Portuguese, Romanian, Russian,
+# Serbian, Serbian-Cyrillic, Slovak, Slovene, Spanish, Swedish, Turkish,
+# Ukrainian and Vietnamese.
+# The default value is: English.
+
+OUTPUT_LANGUAGE        = English
+
+# If the BRIEF_MEMBER_DESC tag is set to YES, doxygen will include brief member
+# descriptions after the members that are listed in the file and class
+# documentation (similar to Javadoc). Set to NO to disable this.
+# The default value is: YES.
+
+BRIEF_MEMBER_DESC      = YES
+
+# If the REPEAT_BRIEF tag is set to YES, doxygen will prepend the brief
+# description of a member or function before the detailed description
+#
+# Note: If both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the
+# brief descriptions will be completely suppressed.
+# The default value is: YES.
+
+REPEAT_BRIEF           = YES
+
+# This tag implements a quasi-intelligent brief description abbreviator that is
+# used to form the text in various listings. Each string in this list, if found
+# as the leading text of the brief description, will be stripped from the text
+# and the result, after processing the whole list, is used as the annotated
+# text. Otherwise, the brief description is used as-is. If left blank, the
+# following values are used ($name is automatically replaced with the name of
+# the entity):The $name class, The $name widget, The $name file, is, provides,
+# specifies, contains, represents, a, an and the.
+
+ABBREVIATE_BRIEF       =
+
+# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then
+# doxygen will generate a detailed section even if there is only a brief
+# description.
+# The default value is: NO.
+
+ALWAYS_DETAILED_SEC    = NO
+
+# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all
+# inherited members of a class in the documentation of that class as if those
+# members were ordinary class members. Constructors, destructors and assignment
+# operators of the base classes will not be shown.
+# The default value is: NO.
+
+INLINE_INHERITED_MEMB  = NO
+
+# If the FULL_PATH_NAMES tag is set to YES, doxygen will prepend the full path
+# before files name in the file list and in the header files. If set to NO the
+# shortest path that makes the file name unique will be used
+# The default value is: YES.
+
+FULL_PATH_NAMES        = YES
+
+# The STRIP_FROM_PATH tag can be used to strip a user-defined part of the path.
+# Stripping is only done if one of the specified strings matches the left-hand
+# part of the path. The tag can be used to show relative paths in the file list.
+# If left blank the directory from which doxygen is run is used as the path to
+# strip.
+#
+# Note that you can specify absolute paths here, but also relative paths, which
+# will be relative from the directory where doxygen is started.
+# This tag requires that the tag FULL_PATH_NAMES is set to YES.
+
+STRIP_FROM_PATH        =
+
+# The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of the
+# path mentioned in the documentation of a class, which tells the reader which
+# header file to include in order to use a class. If left blank only the name of
+# the header file containing the class definition is used. Otherwise one should
+# specify the list of include paths that are normally passed to the compiler
+# using the -I flag.
+
+STRIP_FROM_INC_PATH    =
+
+# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter (but
+# less readable) file names. This can be useful is your file systems doesn't
+# support long names like on DOS, Mac, or CD-ROM.
+# The default value is: NO.
+
+SHORT_NAMES            = NO
+
+# If the JAVADOC_AUTOBRIEF tag is set to YES then doxygen will interpret the
+# first line (until the first dot) of a Javadoc-style comment as the brief
+# description. If set to NO, the Javadoc-style will behave just like regular Qt-
+# style comments (thus requiring an explicit @brief command for a brief
+# description.)
+# The default value is: NO.
+
+JAVADOC_AUTOBRIEF      = NO
+
+# If the QT_AUTOBRIEF tag is set to YES then doxygen will interpret the first
+# line (until the first dot) of a Qt-style comment as the brief description. If
+# set to NO, the Qt-style will behave just like regular Qt-style comments (thus
+# requiring an explicit \brief command for a brief description.)
+# The default value is: NO.
+
+QT_AUTOBRIEF           = NO
+
+# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make doxygen treat a
+# multi-line C++ special comment block (i.e. a block of //! or /// comments) as
+# a brief description. This used to be the default behavior. The new default is
+# to treat a multi-line C++ comment block as a detailed description. Set this
+# tag to YES if you prefer the old behavior instead.
+#
+# Note that setting this tag to YES also means that rational rose comments are
+# not recognized any more.
+# The default value is: NO.
+
+MULTILINE_CPP_IS_BRIEF = NO
+
+# If the INHERIT_DOCS tag is set to YES then an undocumented member inherits the
+# documentation from any documented member that it re-implements.
+# The default value is: YES.
+
+INHERIT_DOCS           = YES
+
+# If the SEPARATE_MEMBER_PAGES tag is set to YES then doxygen will produce a new
+# page for each member. If set to NO, the documentation of a member will be part
+# of the file/class/namespace that contains it.
+# The default value is: NO.
+
+SEPARATE_MEMBER_PAGES  = NO
+
+# The TAB_SIZE tag can be used to set the number of spaces in a tab. Doxygen
+# uses this value to replace tabs by spaces in code fragments.
+# Minimum value: 1, maximum value: 16, default value: 4.
+
+TAB_SIZE               = 4
+
+# This tag can be used to specify a number of aliases that act as commands in
+# the documentation. An alias has the form:
+# name=value
+# For example adding
+# "sideeffect=@par Side Effects:\n"
+# will allow you to put the command \sideeffect (or @sideeffect) in the
+# documentation, which will result in a user-defined paragraph with heading
+# "Side Effects:". You can put \n's in the value part of an alias to insert
+# newlines.
+
+ALIASES                =
+
+# This tag can be used to specify a number of word-keyword mappings (TCL only).
+# A mapping has the form "name=value". For example adding "class=itcl::class"
+# will allow you to use the command class in the itcl::class meaning.
+
+TCL_SUBST              =
+
+# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C sources
+# only. Doxygen will then generate output that is more tailored for C. For
+# instance, some of the names that are used will be different. The list of all
+# members will be omitted, etc.
+# The default value is: NO.
+
+OPTIMIZE_OUTPUT_FOR_C  = NO
+
+# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java or
+# Python sources only. Doxygen will then generate output that is more tailored
+# for that language. For instance, namespaces will be presented as packages,
+# qualified scopes will look different, etc.
+# The default value is: NO.
+
+OPTIMIZE_OUTPUT_JAVA   = NO
+
+# Set the OPTIMIZE_FOR_FORTRAN tag to YES if your project consists of Fortran
+# sources. Doxygen will then generate output that is tailored for Fortran.
+# The default value is: NO.
+
+OPTIMIZE_FOR_FORTRAN   = NO
+
+# Set the OPTIMIZE_OUTPUT_VHDL tag to YES if your project consists of VHDL
+# sources. Doxygen will then generate output that is tailored for VHDL.
+# The default value is: NO.
+
+OPTIMIZE_OUTPUT_VHDL   = NO
+
+# Doxygen selects the parser to use depending on the extension of the files it
+# parses. With this tag you can assign which parser to use for a given
+# extension. Doxygen has a built-in mapping, but you can override or extend it
+# using this tag. The format is ext=language, where ext is a file extension, and
+# language is one of the parsers supported by doxygen: IDL, Java, Javascript,
+# C#, C, C++, D, PHP, Objective-C, Python, Fortran (fixed format Fortran:
+# FortranFixed, free formatted Fortran: FortranFree, unknown formatted Fortran:
+# Fortran. In the later case the parser tries to guess whether the code is fixed
+# or free formatted code, this is the default for Fortran type files), VHDL. For
+# instance to make doxygen treat .inc files as Fortran files (default is PHP),
+# and .f files as C (default is Fortran), use: inc=Fortran f=C.
+#
+# Note: For files without extension you can use no_extension as a placeholder.
+#
+# Note that for custom extensions you also need to set FILE_PATTERNS otherwise
+# the files are not read by doxygen.
+
+EXTENSION_MAPPING      =
+
+# If the MARKDOWN_SUPPORT tag is enabled then doxygen pre-processes all comments
+# according to the Markdown format, which allows for more readable
+# documentation. See http://daringfireball.net/projects/markdown/ for details.
+# The output of markdown processing is further processed by doxygen, so you can
+# mix doxygen, HTML, and XML commands with Markdown formatting. Disable only in
+# case of backward compatibilities issues.
+# The default value is: YES.
+
+MARKDOWN_SUPPORT       = YES
+
+# When enabled doxygen tries to link words that correspond to documented
+# classes, or namespaces to their corresponding documentation. Such a link can
+# be prevented in individual cases by putting a % sign in front of the word or
+# globally by setting AUTOLINK_SUPPORT to NO.
+# The default value is: YES.
+
+AUTOLINK_SUPPORT       = YES
+
+# If you use STL classes (i.e. std::string, std::vector, etc.) but do not want
+# to include (a tag file for) the STL sources as input, then you should set this
+# tag to YES in order to let doxygen match functions declarations and
+# definitions whose arguments contain STL classes (e.g. func(std::string);
+# versus func(std::string) {}). This also make the inheritance and collaboration
+# diagrams that involve STL classes more complete and accurate.
+# The default value is: NO.
+
+BUILTIN_STL_SUPPORT    = NO
+
+# If you use Microsoft's C++/CLI language, you should set this option to YES to
+# enable parsing support.
+# The default value is: NO.
+
+CPP_CLI_SUPPORT        = NO
+
+# Set the SIP_SUPPORT tag to YES if your project consists of sip (see:
+# http://www.riverbankcomputing.co.uk/software/sip/intro) sources only. Doxygen
+# will parse them like normal C++ but will assume all classes use public instead
+# of private inheritance when no explicit protection keyword is present.
+# The default value is: NO.
+
+SIP_SUPPORT            = NO
+
+# For Microsoft's IDL there are propget and propput attributes to indicate
+# getter and setter methods for a property. Setting this option to YES will make
+# doxygen to replace the get and set methods by a property in the documentation.
+# This will only work if the methods are indeed getting or setting a simple
+# type. If this is not the case, or you want to show the methods anyway, you
+# should set this option to NO.
+# The default value is: YES.
+
+IDL_PROPERTY_SUPPORT   = YES
+
+# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC
+# tag is set to YES then doxygen will reuse the documentation of the first
+# member in the group (if any) for the other members of the group. By default
+# all members of a group must be documented explicitly.
+# The default value is: NO.
+
+DISTRIBUTE_GROUP_DOC   = NO
+
+# Set the SUBGROUPING tag to YES to allow class member groups of the same type
+# (for instance a group of public functions) to be put as a subgroup of that
+# type (e.g. under the Public Functions section). Set it to NO to prevent
+# subgrouping. Alternatively, this can be done per class using the
+# \nosubgrouping command.
+# The default value is: YES.
+
+SUBGROUPING            = YES
+
+# When the INLINE_GROUPED_CLASSES tag is set to YES, classes, structs and unions
+# are shown inside the group in which they are included (e.g. using \ingroup)
+# instead of on a separate page (for HTML and Man pages) or section (for LaTeX
+# and RTF).
+#
+# Note that this feature does not work in combination with
+# SEPARATE_MEMBER_PAGES.
+# The default value is: NO.
+
+INLINE_GROUPED_CLASSES = NO
+
+# When the INLINE_SIMPLE_STRUCTS tag is set to YES, structs, classes, and unions
+# with only public data fields or simple typedef fields will be shown inline in
+# the documentation of the scope in which they are defined (i.e. file,
+# namespace, or group documentation), provided this scope is documented. If set
+# to NO, structs, classes, and unions are shown on a separate page (for HTML and
+# Man pages) or section (for LaTeX and RTF).
+# The default value is: NO.
+
+INLINE_SIMPLE_STRUCTS  = NO
+
+# When TYPEDEF_HIDES_STRUCT tag is enabled, a typedef of a struct, union, or
+# enum is documented as struct, union, or enum with the name of the typedef. So
+# typedef struct TypeS {} TypeT, will appear in the documentation as a struct
+# with name TypeT. When disabled the typedef will appear as a member of a file,
+# namespace, or class. And the struct will be named TypeS. This can typically be
+# useful for C code in case the coding convention dictates that all compound
+# types are typedef'ed and only the typedef is referenced, never the tag name.
+# The default value is: NO.
+
+TYPEDEF_HIDES_STRUCT   = NO
+
+# The size of the symbol lookup cache can be set using LOOKUP_CACHE_SIZE. This
+# cache is used to resolve symbols given their name and scope. Since this can be
+# an expensive process and often the same symbol appears multiple times in the
+# code, doxygen keeps a cache of pre-resolved symbols. If the cache is too small
+# doxygen will become slower. If the cache is too large, memory is wasted. The
+# cache size is given by this formula: 2^(16+LOOKUP_CACHE_SIZE). The valid range
+# is 0..9, the default is 0, corresponding to a cache size of 2^16=65536
+# symbols. At the end of a run doxygen will report the cache usage and suggest
+# the optimal cache size from a speed point of view.
+# Minimum value: 0, maximum value: 9, default value: 0.
+
+LOOKUP_CACHE_SIZE      = 0
+
+#---------------------------------------------------------------------------
+# Build related configuration options
+#---------------------------------------------------------------------------
+
+# If the EXTRACT_ALL tag is set to YES, doxygen will assume all entities in
+# documentation are documented, even if no documentation was available. Private
+# class members and static file members will be hidden unless the
+# EXTRACT_PRIVATE respectively EXTRACT_STATIC tags are set to YES.
+# Note: This will also disable the warnings about undocumented members that are
+# normally produced when WARNINGS is set to YES.
+# The default value is: NO.
+
+EXTRACT_ALL            = NO
+
+# If the EXTRACT_PRIVATE tag is set to YES, all private members of a class will
+# be included in the documentation.
+# The default value is: NO.
+
+EXTRACT_PRIVATE        = NO
+
+# If the EXTRACT_PACKAGE tag is set to YES, all members with package or internal
+# scope will be included in the documentation.
+# The default value is: NO.
+
+EXTRACT_PACKAGE        = NO
+
+# If the EXTRACT_STATIC tag is set to YES, all static members of a file will be
+# included in the documentation.
+# The default value is: NO.
+
+EXTRACT_STATIC         = NO
+
+# If the EXTRACT_LOCAL_CLASSES tag is set to YES, classes (and structs) defined
+# locally in source files will be included in the documentation. If set to NO,
+# only classes defined in header files are included. Does not have any effect
+# for Java sources.
+# The default value is: YES.
+
+EXTRACT_LOCAL_CLASSES  = YES
+
+# This flag is only useful for Objective-C code. If set to YES, local methods,
+# which are defined in the implementation section but not in the interface are
+# included in the documentation. If set to NO, only methods in the interface are
+# included.
+# The default value is: NO.
+
+EXTRACT_LOCAL_METHODS  = NO
+
+# If this flag is set to YES, the members of anonymous namespaces will be
+# extracted and appear in the documentation as a namespace called
+# 'anonymous_namespace{file}', where file will be replaced with the base name of
+# the file that contains the anonymous namespace. By default anonymous namespace
+# are hidden.
+# The default value is: NO.
+
+EXTRACT_ANON_NSPACES   = NO
+
+# If the HIDE_UNDOC_MEMBERS tag is set to YES, doxygen will hide all
+# undocumented members inside documented classes or files. If set to NO these
+# members will be included in the various overviews, but no documentation
+# section is generated. This option has no effect if EXTRACT_ALL is enabled.
+# The default value is: NO.
+
+HIDE_UNDOC_MEMBERS     = NO
+
+# If the HIDE_UNDOC_CLASSES tag is set to YES, doxygen will hide all
+# undocumented classes that are normally visible in the class hierarchy. If set
+# to NO, these classes will be included in the various overviews. This option
+# has no effect if EXTRACT_ALL is enabled.
+# The default value is: NO.
+
+HIDE_UNDOC_CLASSES     = NO
+
+# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, doxygen will hide all friend
+# (class|struct|union) declarations. If set to NO, these declarations will be
+# included in the documentation.
+# The default value is: NO.
+
+HIDE_FRIEND_COMPOUNDS  = NO
+
+# If the HIDE_IN_BODY_DOCS tag is set to YES, doxygen will hide any
+# documentation blocks found inside the body of a function. If set to NO, these
+# blocks will be appended to the function's detailed documentation block.
+# The default value is: NO.
+
+HIDE_IN_BODY_DOCS      = NO
+
+# The INTERNAL_DOCS tag determines if documentation that is typed after a
+# \internal command is included. If the tag is set to NO then the documentation
+# will be excluded. Set it to YES to include the internal documentation.
+# The default value is: NO.
+
+INTERNAL_DOCS          = NO
+
+# If the CASE_SENSE_NAMES tag is set to NO then doxygen will only generate file
+# names in lower-case letters. If set to YES, upper-case letters are also
+# allowed. This is useful if you have classes or files whose names only differ
+# in case and if your file system supports case sensitive file names. Windows
+# and Mac users are advised to set this option to NO.
+# The default value is: system dependent.
+
+CASE_SENSE_NAMES       = NO
+
+# If the HIDE_SCOPE_NAMES tag is set to NO then doxygen will show members with
+# their full class and namespace scopes in the documentation. If set to YES, the
+# scope will be hidden.
+# The default value is: NO.
+
+HIDE_SCOPE_NAMES       = NO
+
+# If the HIDE_COMPOUND_REFERENCE tag is set to NO (default) then doxygen will
+# append additional text to a page's title, such as Class Reference. If set to
+# YES the compound reference will be hidden.
+# The default value is: NO.
+
+HIDE_COMPOUND_REFERENCE= NO
+
+# If the SHOW_INCLUDE_FILES tag is set to YES then doxygen will put a list of
+# the files that are included by a file in the documentation of that file.
+# The default value is: YES.
+
+SHOW_INCLUDE_FILES     = YES
+
+# If the SHOW_GROUPED_MEMB_INC tag is set to YES then Doxygen will add for each
+# grouped member an include statement to the documentation, telling the reader
+# which file to include in order to use the member.
+# The default value is: NO.
+
+SHOW_GROUPED_MEMB_INC  = NO
+
+# If the FORCE_LOCAL_INCLUDES tag is set to YES then doxygen will list include
+# files with double quotes in the documentation rather than with sharp brackets.
+# The default value is: NO.
+
+FORCE_LOCAL_INCLUDES   = NO
+
+# If the INLINE_INFO tag is set to YES then a tag [inline] is inserted in the
+# documentation for inline members.
+# The default value is: YES.
+
+INLINE_INFO            = YES
+
+# If the SORT_MEMBER_DOCS tag is set to YES then doxygen will sort the
+# (detailed) documentation of file and class members alphabetically by member
+# name. If set to NO, the members will appear in declaration order.
+# The default value is: YES.
+
+SORT_MEMBER_DOCS       = YES
+
+# If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the brief
+# descriptions of file, namespace and class members alphabetically by member
+# name. If set to NO, the members will appear in declaration order. Note that
+# this will also influence the order of the classes in the class list.
+# The default value is: NO.
+
+SORT_BRIEF_DOCS        = NO
+
+# If the SORT_MEMBERS_CTORS_1ST tag is set to YES then doxygen will sort the
+# (brief and detailed) documentation of class members so that constructors and
+# destructors are listed first. If set to NO the constructors will appear in the
+# respective orders defined by SORT_BRIEF_DOCS and SORT_MEMBER_DOCS.
+# Note: If SORT_BRIEF_DOCS is set to NO this option is ignored for sorting brief
+# member documentation.
+# Note: If SORT_MEMBER_DOCS is set to NO this option is ignored for sorting
+# detailed member documentation.
+# The default value is: NO.
+
+SORT_MEMBERS_CTORS_1ST = NO
+
+# If the SORT_GROUP_NAMES tag is set to YES then doxygen will sort the hierarchy
+# of group names into alphabetical order. If set to NO the group names will
+# appear in their defined order.
+# The default value is: NO.
+
+SORT_GROUP_NAMES       = NO
+
+# If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be sorted by
+# fully-qualified names, including namespaces. If set to NO, the class list will
+# be sorted only by class name, not including the namespace part.
+# Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES.
+# Note: This option applies only to the class list, not to the alphabetical
+# list.
+# The default value is: NO.
+
+SORT_BY_SCOPE_NAME     = NO
+
+# If the STRICT_PROTO_MATCHING option is enabled and doxygen fails to do proper
+# type resolution of all parameters of a function it will reject a match between
+# the prototype and the implementation of a member function even if there is
+# only one candidate or it is obvious which candidate to choose by doing a
+# simple string match. By disabling STRICT_PROTO_MATCHING doxygen will still
+# accept a match between prototype and implementation in such cases.
+# The default value is: NO.
+
+STRICT_PROTO_MATCHING  = NO
+
+# The GENERATE_TODOLIST tag can be used to enable (YES) or disable (NO) the todo
+# list. This list is created by putting \todo commands in the documentation.
+# The default value is: YES.
+
+GENERATE_TODOLIST      = YES
+
+# The GENERATE_TESTLIST tag can be used to enable (YES) or disable (NO) the test
+# list. This list is created by putting \test commands in the documentation.
+# The default value is: YES.
+
+GENERATE_TESTLIST      = YES
+
+# The GENERATE_BUGLIST tag can be used to enable (YES) or disable (NO) the bug
+# list. This list is created by putting \bug commands in the documentation.
+# The default value is: YES.
+
+GENERATE_BUGLIST       = YES
+
+# The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or disable (NO)
+# the deprecated list. This list is created by putting \deprecated commands in
+# the documentation.
+# The default value is: YES.
+
+GENERATE_DEPRECATEDLIST= YES
+
+# The ENABLED_SECTIONS tag can be used to enable conditional documentation
+# sections, marked by \if <section_label> ... \endif and \cond <section_label>
+# ... \endcond blocks.
+
+ENABLED_SECTIONS       =
+
+# The MAX_INITIALIZER_LINES tag determines the maximum number of lines that the
+# initial value of a variable or macro / define can have for it to appear in the
+# documentation. If the initializer consists of more lines than specified here
+# it will be hidden. Use a value of 0 to hide initializers completely. The
+# appearance of the value of individual variables and macros / defines can be
+# controlled using \showinitializer or \hideinitializer command in the
+# documentation regardless of this setting.
+# Minimum value: 0, maximum value: 10000, default value: 30.
+
+MAX_INITIALIZER_LINES  = 30
+
+# Set the SHOW_USED_FILES tag to NO to disable the list of files generated at
+# the bottom of the documentation of classes and structs. If set to YES, the
+# list will mention the files that were used to generate the documentation.
+# The default value is: YES.
+
+SHOW_USED_FILES        = YES
+
+# Set the SHOW_FILES tag to NO to disable the generation of the Files page. This
+# will remove the Files entry from the Quick Index and from the Folder Tree View
+# (if specified).
+# The default value is: YES.
+
+SHOW_FILES             = YES
+
+# Set the SHOW_NAMESPACES tag to NO to disable the generation of the Namespaces
+# page. This will remove the Namespaces entry from the Quick Index and from the
+# Folder Tree View (if specified).
+# The default value is: YES.
+
+SHOW_NAMESPACES        = YES
+
+# The FILE_VERSION_FILTER tag can be used to specify a program or script that
+# doxygen should invoke to get the current version for each file (typically from
+# the version control system). Doxygen will invoke the program by executing (via
+# popen()) the command command input-file, where command is the value of the
+# FILE_VERSION_FILTER tag, and input-file is the name of an input file provided
+# by doxygen. Whatever the program writes to standard output is used as the file
+# version. For an example see the documentation.
+
+FILE_VERSION_FILTER    =
+
+# The LAYOUT_FILE tag can be used to specify a layout file which will be parsed
+# by doxygen. The layout file controls the global structure of the generated
+# output files in an output format independent way. To create the layout file
+# that represents doxygen's defaults, run doxygen with the -l option. You can
+# optionally specify a file name after the option, if omitted DoxygenLayout.xml
+# will be used as the name of the layout file.
+#
+# Note that if you run doxygen from a directory containing a file called
+# DoxygenLayout.xml, doxygen will parse it automatically even if the LAYOUT_FILE
+# tag is left empty.
+
+LAYOUT_FILE            =
+
+# The CITE_BIB_FILES tag can be used to specify one or more bib files containing
+# the reference definitions. This must be a list of .bib files. The .bib
+# extension is automatically appended if omitted. This requires the bibtex tool
+# to be installed. See also http://en.wikipedia.org/wiki/BibTeX for more info.
+# For LaTeX the style of the bibliography can be controlled using
+# LATEX_BIB_STYLE. To use this feature you need bibtex and perl available in the
+# search path. See also \cite for info how to create references.
+
+CITE_BIB_FILES         =
+
+#---------------------------------------------------------------------------
+# Configuration options related to warning and progress messages
+#---------------------------------------------------------------------------
+
+# The QUIET tag can be used to turn on/off the messages that are generated to
+# standard output by doxygen. If QUIET is set to YES this implies that the
+# messages are off.
+# The default value is: NO.
+
+QUIET                  = NO
+
+# The WARNINGS tag can be used to turn on/off the warning messages that are
+# generated to standard error (stderr) by doxygen. If WARNINGS is set to YES
+# this implies that the warnings are on.
+#
+# Tip: Turn warnings on while writing the documentation.
+# The default value is: YES.
+
+WARNINGS               = YES
+
+# If the WARN_IF_UNDOCUMENTED tag is set to YES then doxygen will generate
+# warnings for undocumented members. If EXTRACT_ALL is set to YES then this flag
+# will automatically be disabled.
+# The default value is: YES.
+
+WARN_IF_UNDOCUMENTED   = YES
+
+# If the WARN_IF_DOC_ERROR tag is set to YES, doxygen will generate warnings for
+# potential errors in the documentation, such as not documenting some parameters
+# in a documented function, or documenting parameters that don't exist or using
+# markup commands wrongly.
+# The default value is: YES.
+
+WARN_IF_DOC_ERROR      = YES
+
+# This WARN_NO_PARAMDOC option can be enabled to get warnings for functions that
+# are documented, but have no documentation for their parameters or return
+# value. If set to NO, doxygen will only warn about wrong or incomplete
+# parameter documentation, but not about the absence of documentation.
+# The default value is: NO.
+
+WARN_NO_PARAMDOC       = NO
+
+# The WARN_FORMAT tag determines the format of the warning messages that doxygen
+# can produce. The string should contain the $file, $line, and $text tags, which
+# will be replaced by the file and line number from which the warning originated
+# and the warning text. Optionally the format may contain $version, which will
+# be replaced by the version of the file (if it could be obtained via
+# FILE_VERSION_FILTER)
+# The default value is: $file:$line: $text.
+
+WARN_FORMAT            = "$file:$line: $text"
+
+# The WARN_LOGFILE tag can be used to specify a file to which warning and error
+# messages should be written. If left blank the output is written to standard
+# error (stderr).
+
+WARN_LOGFILE           =
+
+#---------------------------------------------------------------------------
+# Configuration options related to the input files
+#---------------------------------------------------------------------------
+
+# The INPUT tag is used to specify the files and/or directories that contain
+# documented source files. You may enter file names like myfile.cpp or
+# directories like /usr/src/myproject. Separate the files or directories with
+# spaces.
+# Note: If this tag is empty the current directory is searched.
+
+INPUT                  = . include/restclient-cpp source
+
+# This tag can be used to specify the character encoding of the source files
+# that doxygen parses. Internally doxygen uses the UTF-8 encoding. Doxygen uses
+# libiconv (or the iconv built into libc) for the transcoding. See the libiconv
+# documentation (see: http://www.gnu.org/software/libiconv) for the list of
+# possible encodings.
+# The default value is: UTF-8.
+
+INPUT_ENCODING         = UTF-8
+
+# If the value of the INPUT tag contains directories, you can use the
+# FILE_PATTERNS tag to specify one or more wildcard patterns (like *.cpp and
+# *.h) to filter out the source-files in the directories. If left blank the
+# following patterns are tested:*.c, *.cc, *.cxx, *.cpp, *.c++, *.java, *.ii,
+# *.ixx, *.ipp, *.i++, *.inl, *.idl, *.ddl, *.odl, *.h, *.hh, *.hxx, *.hpp,
+# *.h++, *.cs, *.d, *.php, *.php4, *.php5, *.phtml, *.inc, *.m, *.markdown,
+# *.md, *.mm, *.dox, *.py, *.f90, *.f, *.for, *.tcl, *.vhd, *.vhdl, *.ucf,
+# *.qsf, *.as and *.js.
+
+FILE_PATTERNS          =
+
+# The RECURSIVE tag can be used to specify whether or not subdirectories should
+# be searched for input files as well.
+# The default value is: NO.
+
+RECURSIVE              = NO
+
+# The EXCLUDE tag can be used to specify files and/or directories that should be
+# excluded from the INPUT source files. This way you can easily exclude a
+# subdirectory from a directory tree whose root is specified with the INPUT tag.
+#
+# Note that relative paths are relative to the directory from which doxygen is
+# run.
+
+EXCLUDE                =
+
+# The EXCLUDE_SYMLINKS tag can be used to select whether or not files or
+# directories that are symbolic links (a Unix file system feature) are excluded
+# from the input.
+# The default value is: NO.
+
+EXCLUDE_SYMLINKS       = NO
+
+# If the value of the INPUT tag contains directories, you can use the
+# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude
+# certain files from those directories.
+#
+# Note that the wildcards are matched against the file with absolute path, so to
+# exclude all test directories for example use the pattern */test/*
+
+EXCLUDE_PATTERNS       =
+
+# The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names
+# (namespaces, classes, functions, etc.) that should be excluded from the
+# output. The symbol name can be a fully qualified name, a word, or if the
+# wildcard * is used, a substring. Examples: ANamespace, AClass,
+# AClass::ANamespace, ANamespace::*Test
+#
+# Note that the wildcards are matched against the file with absolute path, so to
+# exclude all test directories use the pattern */test/*
+
+EXCLUDE_SYMBOLS        =
+
+# The EXAMPLE_PATH tag can be used to specify one or more files or directories
+# that contain example code fragments that are included (see the \include
+# command).
+
+EXAMPLE_PATH           =
+
+# If the value of the EXAMPLE_PATH tag contains directories, you can use the
+# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp and
+# *.h) to filter out the source-files in the directories. If left blank all
+# files are included.
+
+EXAMPLE_PATTERNS       =
+
+# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be
+# searched for input files to be used with the \include or \dontinclude commands
+# irrespective of the value of the RECURSIVE tag.
+# The default value is: NO.
+
+EXAMPLE_RECURSIVE      = NO
+
+# The IMAGE_PATH tag can be used to specify one or more files or directories
+# that contain images that are to be included in the documentation (see the
+# \image command).
+
+IMAGE_PATH             =
+
+# The INPUT_FILTER tag can be used to specify a program that doxygen should
+# invoke to filter for each input file. Doxygen will invoke the filter program
+# by executing (via popen()) the command:
+#
+# <filter> <input-file>
+#
+# where <filter> is the value of the INPUT_FILTER tag, and <input-file> is the
+# name of an input file. Doxygen will then use the output that the filter
+# program writes to standard output. If FILTER_PATTERNS is specified, this tag
+# will be ignored.
+#
+# Note that the filter must not add or remove lines; it is applied before the
+# code is scanned, but not when the output code is generated. If lines are added
+# or removed, the anchors will not be placed correctly.
+
+INPUT_FILTER           =
+
+# The FILTER_PATTERNS tag can be used to specify filters on a per file pattern
+# basis. Doxygen will compare the file name with each pattern and apply the
+# filter if there is a match. The filters are a list of the form: pattern=filter
+# (like *.cpp=my_cpp_filter). See INPUT_FILTER for further information on how
+# filters are used. If the FILTER_PATTERNS tag is empty or if none of the
+# patterns match the file name, INPUT_FILTER is applied.
+
+FILTER_PATTERNS        =
+
+# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using
+# INPUT_FILTER) will also be used to filter the input files that are used for
+# producing the source files to browse (i.e. when SOURCE_BROWSER is set to YES).
+# The default value is: NO.
+
+FILTER_SOURCE_FILES    = NO
+
+# The FILTER_SOURCE_PATTERNS tag can be used to specify source filters per file
+# pattern. A pattern will override the setting for FILTER_PATTERN (if any) and
+# it is also possible to disable source filtering for a specific pattern using
+# *.ext= (so without naming a filter).
+# This tag requires that the tag FILTER_SOURCE_FILES is set to YES.
+
+FILTER_SOURCE_PATTERNS =
+
+# If the USE_MDFILE_AS_MAINPAGE tag refers to the name of a markdown file that
+# is part of the input, its contents will be placed on the main page
+# (index.html). This can be useful if you have a project on for instance GitHub
+# and want to reuse the introduction page also for the doxygen output.
+
+USE_MDFILE_AS_MAINPAGE = README.md
+
+#---------------------------------------------------------------------------
+# Configuration options related to source browsing
+#---------------------------------------------------------------------------
+
+# If the SOURCE_BROWSER tag is set to YES then a list of source files will be
+# generated. Documented entities will be cross-referenced with these sources.
+#
+# Note: To get rid of all source code in the generated output, make sure that
+# also VERBATIM_HEADERS is set to NO.
+# The default value is: NO.
+
+SOURCE_BROWSER         = NO
+
+# Setting the INLINE_SOURCES tag to YES will include the body of functions,
+# classes and enums directly into the documentation.
+# The default value is: NO.
+
+INLINE_SOURCES         = NO
+
+# Setting the STRIP_CODE_COMMENTS tag to YES will instruct doxygen to hide any
+# special comment blocks from generated source code fragments. Normal C, C++ and
+# Fortran comments will always remain visible.
+# The default value is: YES.
+
+STRIP_CODE_COMMENTS    = YES
+
+# If the REFERENCED_BY_RELATION tag is set to YES then for each documented
+# function all documented functions referencing it will be listed.
+# The default value is: NO.
+
+REFERENCED_BY_RELATION = NO
+
+# If the REFERENCES_RELATION tag is set to YES then for each documented function
+# all documented entities called/used by that function will be listed.
+# The default value is: NO.
+
+REFERENCES_RELATION    = NO
+
+# If the REFERENCES_LINK_SOURCE tag is set to YES and SOURCE_BROWSER tag is set
+# to YES then the hyperlinks from functions in REFERENCES_RELATION and
+# REFERENCED_BY_RELATION lists will link to the source code. Otherwise they will
+# link to the documentation.
+# The default value is: YES.
+
+REFERENCES_LINK_SOURCE = YES
+
+# If SOURCE_TOOLTIPS is enabled (the default) then hovering a hyperlink in the
+# source code will show a tooltip with additional information such as prototype,
+# brief description and links to the definition and documentation. Since this
+# will make the HTML file larger and loading of large files a bit slower, you
+# can opt to disable this feature.
+# The default value is: YES.
+# This tag requires that the tag SOURCE_BROWSER is set to YES.
+
+SOURCE_TOOLTIPS        = YES
+
+# If the USE_HTAGS tag is set to YES then the references to source code will
+# point to the HTML generated by the htags(1) tool instead of doxygen built-in
+# source browser. The htags tool is part of GNU's global source tagging system
+# (see http://www.gnu.org/software/global/global.html). You will need version
+# 4.8.6 or higher.
+#
+# To use it do the following:
+# - Install the latest version of global
+# - Enable SOURCE_BROWSER and USE_HTAGS in the config file
+# - Make sure the INPUT points to the root of the source tree
+# - Run doxygen as normal
+#
+# Doxygen will invoke htags (and that will in turn invoke gtags), so these
+# tools must be available from the command line (i.e. in the search path).
+#
+# The result: instead of the source browser generated by doxygen, the links to
+# source code will now point to the output of htags.
+# The default value is: NO.
+# This tag requires that the tag SOURCE_BROWSER is set to YES.
+
+USE_HTAGS              = NO
+
+# If the VERBATIM_HEADERS tag is set the YES then doxygen will generate a
+# verbatim copy of the header file for each class for which an include is
+# specified. Set to NO to disable this.
+# See also: Section \class.
+# The default value is: YES.
+
+VERBATIM_HEADERS       = YES
+
+#---------------------------------------------------------------------------
+# Configuration options related to the alphabetical class index
+#---------------------------------------------------------------------------
+
+# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index of all
+# compounds will be generated. Enable this if the project contains a lot of
+# classes, structs, unions or interfaces.
+# The default value is: YES.
+
+ALPHABETICAL_INDEX     = YES
+
+# The COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns in
+# which the alphabetical index list will be split.
+# Minimum value: 1, maximum value: 20, default value: 5.
+# This tag requires that the tag ALPHABETICAL_INDEX is set to YES.
+
+COLS_IN_ALPHA_INDEX    = 5
+
+# In case all classes in a project start with a common prefix, all classes will
+# be put under the same header in the alphabetical index. The IGNORE_PREFIX tag
+# can be used to specify a prefix (or a list of prefixes) that should be ignored
+# while generating the index headers.
+# This tag requires that the tag ALPHABETICAL_INDEX is set to YES.
+
+IGNORE_PREFIX          =
+
+#---------------------------------------------------------------------------
+# Configuration options related to the HTML output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_HTML tag is set to YES, doxygen will generate HTML output
+# The default value is: YES.
+
+GENERATE_HTML          = YES
+
+# The HTML_OUTPUT tag is used to specify where the HTML docs will be put. If a
+# relative path is entered the value of OUTPUT_DIRECTORY will be put in front of
+# it.
+# The default directory is: html.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_OUTPUT            = ref
+
+# The HTML_FILE_EXTENSION tag can be used to specify the file extension for each
+# generated HTML page (for example: .htm, .php, .asp).
+# The default value is: .html.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_FILE_EXTENSION    = .html
+
+# The HTML_HEADER tag can be used to specify a user-defined HTML header file for
+# each generated HTML page. If the tag is left blank doxygen will generate a
+# standard header.
+#
+# To get valid HTML the header file that includes any scripts and style sheets
+# that doxygen needs, which is dependent on the configuration options used (e.g.
+# the setting GENERATE_TREEVIEW). It is highly recommended to start with a
+# default header using
+# doxygen -w html new_header.html new_footer.html new_stylesheet.css
+# YourConfigFile
+# and then modify the file new_header.html. See also section "Doxygen usage"
+# for information on how to generate the default header that doxygen normally
+# uses.
+# Note: The header is subject to change so you typically have to regenerate the
+# default header when upgrading to a newer version of doxygen. For a description
+# of the possible markers and block names see the documentation.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_HEADER            =
+
+# The HTML_FOOTER tag can be used to specify a user-defined HTML footer for each
+# generated HTML page. If the tag is left blank doxygen will generate a standard
+# footer. See HTML_HEADER for more information on how to generate a default
+# footer and what special commands can be used inside the footer. See also
+# section "Doxygen usage" for information on how to generate the default footer
+# that doxygen normally uses.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_FOOTER            =
+
+# The HTML_STYLESHEET tag can be used to specify a user-defined cascading style
+# sheet that is used by each HTML page. It can be used to fine-tune the look of
+# the HTML output. If left blank doxygen will generate a default style sheet.
+# See also section "Doxygen usage" for information on how to generate the style
+# sheet that doxygen normally uses.
+# Note: It is recommended to use HTML_EXTRA_STYLESHEET instead of this tag, as
+# it is more robust and this tag (HTML_STYLESHEET) will in the future become
+# obsolete.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_STYLESHEET        =
+
+# The HTML_EXTRA_STYLESHEET tag can be used to specify additional user-defined
+# cascading style sheets that are included after the standard style sheets
+# created by doxygen. Using this option one can overrule certain style aspects.
+# This is preferred over using HTML_STYLESHEET since it does not replace the
+# standard style sheet and is therefore more robust against future updates.
+# Doxygen will copy the style sheet files to the output directory.
+# Note: The order of the extra style sheet files is of importance (e.g. the last
+# style sheet in the list overrules the setting of the previous ones in the
+# list). For an example see the documentation.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_EXTRA_STYLESHEET  =
+
+# The HTML_EXTRA_FILES tag can be used to specify one or more extra images or
+# other source files which should be copied to the HTML output directory. Note
+# that these files will be copied to the base HTML output directory. Use the
+# $relpath^ marker in the HTML_HEADER and/or HTML_FOOTER files to load these
+# files. In the HTML_STYLESHEET file, use the file name only. Also note that the
+# files will be copied as-is; there are no commands or markers available.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_EXTRA_FILES       =
+
+# The HTML_COLORSTYLE_HUE tag controls the color of the HTML output. Doxygen
+# will adjust the colors in the style sheet and background images according to
+# this color. Hue is specified as an angle on a colorwheel, see
+# http://en.wikipedia.org/wiki/Hue for more information. For instance the value
+# 0 represents red, 60 is yellow, 120 is green, 180 is cyan, 240 is blue, 300
+# purple, and 360 is red again.
+# Minimum value: 0, maximum value: 359, default value: 220.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_COLORSTYLE_HUE    = 220
+
+# The HTML_COLORSTYLE_SAT tag controls the purity (or saturation) of the colors
+# in the HTML output. For a value of 0 the output will use grayscales only. A
+# value of 255 will produce the most vivid colors.
+# Minimum value: 0, maximum value: 255, default value: 100.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_COLORSTYLE_SAT    = 100
+
+# The HTML_COLORSTYLE_GAMMA tag controls the gamma correction applied to the
+# luminance component of the colors in the HTML output. Values below 100
+# gradually make the output lighter, whereas values above 100 make the output
+# darker. The value divided by 100 is the actual gamma applied, so 80 represents
+# a gamma of 0.8, The value 220 represents a gamma of 2.2, and 100 does not
+# change the gamma.
+# Minimum value: 40, maximum value: 240, default value: 80.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_COLORSTYLE_GAMMA  = 80
+
+# If the HTML_TIMESTAMP tag is set to YES then the footer of each generated HTML
+# page will contain the date and time when the page was generated. Setting this
+# to NO can help when comparing the output of multiple runs.
+# The default value is: YES.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_TIMESTAMP         = YES
+
+# If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML
+# documentation will contain sections that can be hidden and shown after the
+# page has loaded.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_DYNAMIC_SECTIONS  = NO
+
+# With HTML_INDEX_NUM_ENTRIES one can control the preferred number of entries
+# shown in the various tree structured indices initially; the user can expand
+# and collapse entries dynamically later on. Doxygen will expand the tree to
+# such a level that at most the specified number of entries are visible (unless
+# a fully collapsed tree already exceeds this amount). So setting the number of
+# entries 1 will produce a full collapsed tree by default. 0 is a special value
+# representing an infinite number of entries and will result in a full expanded
+# tree by default.
+# Minimum value: 0, maximum value: 9999, default value: 100.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_INDEX_NUM_ENTRIES = 100
+
+# If the GENERATE_DOCSET tag is set to YES, additional index files will be
+# generated that can be used as input for Apple's Xcode 3 integrated development
+# environment (see: http://developer.apple.com/tools/xcode/), introduced with
+# OSX 10.5 (Leopard). To create a documentation set, doxygen will generate a
+# Makefile in the HTML output directory. Running make will produce the docset in
+# that directory and running make install will install the docset in
+# ~/Library/Developer/Shared/Documentation/DocSets so that Xcode will find it at
+# startup. See http://developer.apple.com/tools/creatingdocsetswithdoxygen.html
+# for more information.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+GENERATE_DOCSET        = NO
+
+# This tag determines the name of the docset feed. A documentation feed provides
+# an umbrella under which multiple documentation sets from a single provider
+# (such as a company or product suite) can be grouped.
+# The default value is: Doxygen generated docs.
+# This tag requires that the tag GENERATE_DOCSET is set to YES.
+
+DOCSET_FEEDNAME        = "Doxygen generated docs"
+
+# This tag specifies a string that should uniquely identify the documentation
+# set bundle. This should be a reverse domain-name style string, e.g.
+# com.mycompany.MyDocSet. Doxygen will append .docset to the name.
+# The default value is: org.doxygen.Project.
+# This tag requires that the tag GENERATE_DOCSET is set to YES.
+
+DOCSET_BUNDLE_ID       = org.doxygen.Project
+
+# The DOCSET_PUBLISHER_ID tag specifies a string that should uniquely identify
+# the documentation publisher. This should be a reverse domain-name style
+# string, e.g. com.mycompany.MyDocSet.documentation.
+# The default value is: org.doxygen.Publisher.
+# This tag requires that the tag GENERATE_DOCSET is set to YES.
+
+DOCSET_PUBLISHER_ID    = org.doxygen.Publisher
+
+# The DOCSET_PUBLISHER_NAME tag identifies the documentation publisher.
+# The default value is: Publisher.
+# This tag requires that the tag GENERATE_DOCSET is set to YES.
+
+DOCSET_PUBLISHER_NAME  = Publisher
+
+# If the GENERATE_HTMLHELP tag is set to YES then doxygen generates three
+# additional HTML index files: index.hhp, index.hhc, and index.hhk. The
+# index.hhp is a project file that can be read by Microsoft's HTML Help Workshop
+# (see: http://www.microsoft.com/en-us/download/details.aspx?id=21138) on
+# Windows.
+#
+# The HTML Help Workshop contains a compiler that can convert all HTML output
+# generated by doxygen into a single compiled HTML file (.chm). Compiled HTML
+# files are now used as the Windows 98 help format, and will replace the old
+# Windows help format (.hlp) on all Windows platforms in the future. Compressed
+# HTML files also contain an index, a table of contents, and you can search for
+# words in the documentation. The HTML workshop also contains a viewer for
+# compressed HTML files.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+GENERATE_HTMLHELP      = NO
+
+# The CHM_FILE tag can be used to specify the file name of the resulting .chm
+# file. You can add a path in front of the file if the result should not be
+# written to the html output directory.
+# This tag requires that the tag GENERATE_HTMLHELP is set to YES.
+
+CHM_FILE               =
+
+# The HHC_LOCATION tag can be used to specify the location (absolute path
+# including file name) of the HTML help compiler (hhc.exe). If non-empty,
+# doxygen will try to run the HTML help compiler on the generated index.hhp.
+# The file has to be specified with full path.
+# This tag requires that the tag GENERATE_HTMLHELP is set to YES.
+
+HHC_LOCATION           =
+
+# The GENERATE_CHI flag controls if a separate .chi index file is generated
+# (YES) or that it should be included in the master .chm file (NO).
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTMLHELP is set to YES.
+
+GENERATE_CHI           = NO
+
+# The CHM_INDEX_ENCODING is used to encode HtmlHelp index (hhk), content (hhc)
+# and project file content.
+# This tag requires that the tag GENERATE_HTMLHELP is set to YES.
+
+CHM_INDEX_ENCODING     =
+
+# The BINARY_TOC flag controls whether a binary table of contents is generated
+# (YES) or a normal table of contents (NO) in the .chm file. Furthermore it
+# enables the Previous and Next buttons.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTMLHELP is set to YES.
+
+BINARY_TOC             = NO
+
+# The TOC_EXPAND flag can be set to YES to add extra items for group members to
+# the table of contents of the HTML help documentation and to the tree view.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTMLHELP is set to YES.
+
+TOC_EXPAND             = NO
+
+# If the GENERATE_QHP tag is set to YES and both QHP_NAMESPACE and
+# QHP_VIRTUAL_FOLDER are set, an additional index file will be generated that
+# can be used as input for Qt's qhelpgenerator to generate a Qt Compressed Help
+# (.qch) of the generated HTML documentation.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+GENERATE_QHP           = NO
+
+# If the QHG_LOCATION tag is specified, the QCH_FILE tag can be used to specify
+# the file name of the resulting .qch file. The path specified is relative to
+# the HTML output folder.
+# This tag requires that the tag GENERATE_QHP is set to YES.
+
+QCH_FILE               =
+
+# The QHP_NAMESPACE tag specifies the namespace to use when generating Qt Help
+# Project output. For more information please see Qt Help Project / Namespace
+# (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#namespace).
+# The default value is: org.doxygen.Project.
+# This tag requires that the tag GENERATE_QHP is set to YES.
+
+QHP_NAMESPACE          = org.doxygen.Project
+
+# The QHP_VIRTUAL_FOLDER tag specifies the namespace to use when generating Qt
+# Help Project output. For more information please see Qt Help Project / Virtual
+# Folders (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#virtual-
+# folders).
+# The default value is: doc.
+# This tag requires that the tag GENERATE_QHP is set to YES.
+
+QHP_VIRTUAL_FOLDER     = doc
+
+# If the QHP_CUST_FILTER_NAME tag is set, it specifies the name of a custom
+# filter to add. For more information please see Qt Help Project / Custom
+# Filters (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#custom-
+# filters).
+# This tag requires that the tag GENERATE_QHP is set to YES.
+
+QHP_CUST_FILTER_NAME   =
+
+# The QHP_CUST_FILTER_ATTRS tag specifies the list of the attributes of the
+# custom filter to add. For more information please see Qt Help Project / Custom
+# Filters (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#custom-
+# filters).
+# This tag requires that the tag GENERATE_QHP is set to YES.
+
+QHP_CUST_FILTER_ATTRS  =
+
+# The QHP_SECT_FILTER_ATTRS tag specifies the list of the attributes this
+# project's filter section matches. Qt Help Project / Filter Attributes (see:
+# http://qt-project.org/doc/qt-4.8/qthelpproject.html#filter-attributes).
+# This tag requires that the tag GENERATE_QHP is set to YES.
+
+QHP_SECT_FILTER_ATTRS  =
+
+# The QHG_LOCATION tag can be used to specify the location of Qt's
+# qhelpgenerator. If non-empty doxygen will try to run qhelpgenerator on the
+# generated .qhp file.
+# This tag requires that the tag GENERATE_QHP is set to YES.
+
+QHG_LOCATION           =
+
+# If the GENERATE_ECLIPSEHELP tag is set to YES, additional index files will be
+# generated, together with the HTML files, they form an Eclipse help plugin. To
+# install this plugin and make it available under the help contents menu in
+# Eclipse, the contents of the directory containing the HTML and XML files needs
+# to be copied into the plugins directory of eclipse. The name of the directory
+# within the plugins directory should be the same as the ECLIPSE_DOC_ID value.
+# After copying Eclipse needs to be restarted before the help appears.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+GENERATE_ECLIPSEHELP   = NO
+
+# A unique identifier for the Eclipse help plugin. When installing the plugin
+# the directory name containing the HTML and XML files should also have this
+# name. Each documentation set should have its own identifier.
+# The default value is: org.doxygen.Project.
+# This tag requires that the tag GENERATE_ECLIPSEHELP is set to YES.
+
+ECLIPSE_DOC_ID         = org.doxygen.Project
+
+# If you want full control over the layout of the generated HTML pages it might
+# be necessary to disable the index and replace it with your own. The
+# DISABLE_INDEX tag can be used to turn on/off the condensed index (tabs) at top
+# of each HTML page. A value of NO enables the index and the value YES disables
+# it. Since the tabs in the index contain the same information as the navigation
+# tree, you can set this option to YES if you also set GENERATE_TREEVIEW to YES.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+DISABLE_INDEX          = NO
+
+# The GENERATE_TREEVIEW tag is used to specify whether a tree-like index
+# structure should be generated to display hierarchical information. If the tag
+# value is set to YES, a side panel will be generated containing a tree-like
+# index structure (just like the one that is generated for HTML Help). For this
+# to work a browser that supports JavaScript, DHTML, CSS and frames is required
+# (i.e. any modern browser). Windows users are probably better off using the
+# HTML help feature. Via custom style sheets (see HTML_EXTRA_STYLESHEET) one can
+# further fine-tune the look of the index. As an example, the default style
+# sheet generated by doxygen has an example that shows how to put an image at
+# the root of the tree instead of the PROJECT_NAME. Since the tree basically has
+# the same information as the tab index, you could consider setting
+# DISABLE_INDEX to YES when enabling this option.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+GENERATE_TREEVIEW      = NO
+
+# The ENUM_VALUES_PER_LINE tag can be used to set the number of enum values that
+# doxygen will group on one line in the generated HTML documentation.
+#
+# Note that a value of 0 will completely suppress the enum values from appearing
+# in the overview section.
+# Minimum value: 0, maximum value: 20, default value: 4.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+ENUM_VALUES_PER_LINE   = 4
+
+# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be used
+# to set the initial width (in pixels) of the frame in which the tree is shown.
+# Minimum value: 0, maximum value: 1500, default value: 250.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+TREEVIEW_WIDTH         = 250
+
+# If the EXT_LINKS_IN_WINDOW option is set to YES, doxygen will open links to
+# external symbols imported via tag files in a separate window.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+EXT_LINKS_IN_WINDOW    = NO
+
+# Use this tag to change the font size of LaTeX formulas included as images in
+# the HTML documentation. When you change the font size after a successful
+# doxygen run you need to manually remove any form_*.png images from the HTML
+# output directory to force them to be regenerated.
+# Minimum value: 8, maximum value: 50, default value: 10.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+FORMULA_FONTSIZE       = 10
+
+# Use the FORMULA_TRANPARENT tag to determine whether or not the images
+# generated for formulas are transparent PNGs. Transparent PNGs are not
+# supported properly for IE 6.0, but are supported on all modern browsers.
+#
+# Note that when changing this option you need to delete any form_*.png files in
+# the HTML output directory before the changes have effect.
+# The default value is: YES.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+FORMULA_TRANSPARENT    = YES
+
+# Enable the USE_MATHJAX option to render LaTeX formulas using MathJax (see
+# http://www.mathjax.org) which uses client side Javascript for the rendering
+# instead of using pre-rendered bitmaps. Use this if you do not have LaTeX
+# installed or if you want to formulas look prettier in the HTML output. When
+# enabled you may also need to install MathJax separately and configure the path
+# to it using the MATHJAX_RELPATH option.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+USE_MATHJAX            = NO
+
+# When MathJax is enabled you can set the default output format to be used for
+# the MathJax output. See the MathJax site (see:
+# http://docs.mathjax.org/en/latest/output.html) for more details.
+# Possible values are: HTML-CSS (which is slower, but has the best
+# compatibility), NativeMML (i.e. MathML) and SVG.
+# The default value is: HTML-CSS.
+# This tag requires that the tag USE_MATHJAX is set to YES.
+
+MATHJAX_FORMAT         = HTML-CSS
+
+# When MathJax is enabled you need to specify the location relative to the HTML
+# output directory using the MATHJAX_RELPATH option. The destination directory
+# should contain the MathJax.js script. For instance, if the mathjax directory
+# is located at the same level as the HTML output directory, then
+# MATHJAX_RELPATH should be ../mathjax. The default value points to the MathJax
+# Content Delivery Network so you can quickly see the result without installing
+# MathJax. However, it is strongly recommended to install a local copy of
+# MathJax from http://www.mathjax.org before deployment.
+# The default value is: http://cdn.mathjax.org/mathjax/latest.
+# This tag requires that the tag USE_MATHJAX is set to YES.
+
+MATHJAX_RELPATH        = http://cdn.mathjax.org/mathjax/latest
+
+# The MATHJAX_EXTENSIONS tag can be used to specify one or more MathJax
+# extension names that should be enabled during MathJax rendering. For example
+# MATHJAX_EXTENSIONS = TeX/AMSmath TeX/AMSsymbols
+# This tag requires that the tag USE_MATHJAX is set to YES.
+
+MATHJAX_EXTENSIONS     =
+
+# The MATHJAX_CODEFILE tag can be used to specify a file with javascript pieces
+# of code that will be used on startup of the MathJax code. See the MathJax site
+# (see: http://docs.mathjax.org/en/latest/output.html) for more details. For an
+# example see the documentation.
+# This tag requires that the tag USE_MATHJAX is set to YES.
+
+MATHJAX_CODEFILE       =
+
+# When the SEARCHENGINE tag is enabled doxygen will generate a search box for
+# the HTML output. The underlying search engine uses javascript and DHTML and
+# should work on any modern browser. Note that when using HTML help
+# (GENERATE_HTMLHELP), Qt help (GENERATE_QHP), or docsets (GENERATE_DOCSET)
+# there is already a search function so this one should typically be disabled.
+# For large projects the javascript based search engine can be slow, then
+# enabling SERVER_BASED_SEARCH may provide a better solution. It is possible to
+# search using the keyboard; to jump to the search box use <access key> + S
+# (what the <access key> is depends on the OS and browser, but it is typically
+# <CTRL>, <ALT>/<option>, or both). Inside the search box use the <cursor down
+# key> to jump into the search results window, the results can be navigated
+# using the <cursor keys>. Press <Enter> to select an item or <escape> to cancel
+# the search. The filter options can be selected when the cursor is inside the
+# search box by pressing <Shift>+<cursor down>. Also here use the <cursor keys>
+# to select a filter and <Enter> or <escape> to activate or cancel the filter
+# option.
+# The default value is: YES.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+SEARCHENGINE           = YES
+
+# When the SERVER_BASED_SEARCH tag is enabled the search engine will be
+# implemented using a web server instead of a web client using Javascript. There
+# are two flavors of web server based searching depending on the EXTERNAL_SEARCH
+# setting. When disabled, doxygen will generate a PHP script for searching and
+# an index file used by the script. When EXTERNAL_SEARCH is enabled the indexing
+# and searching needs to be provided by external tools. See the section
+# "External Indexing and Searching" for details.
+# The default value is: NO.
+# This tag requires that the tag SEARCHENGINE is set to YES.
+
+SERVER_BASED_SEARCH    = NO
+
+# When EXTERNAL_SEARCH tag is enabled doxygen will no longer generate the PHP
+# script for searching. Instead the search results are written to an XML file
+# which needs to be processed by an external indexer. Doxygen will invoke an
+# external search engine pointed to by the SEARCHENGINE_URL option to obtain the
+# search results.
+#
+# Doxygen ships with an example indexer (doxyindexer) and search engine
+# (doxysearch.cgi) which are based on the open source search engine library
+# Xapian (see: http://xapian.org/).
+#
+# See the section "External Indexing and Searching" for details.
+# The default value is: NO.
+# This tag requires that the tag SEARCHENGINE is set to YES.
+
+EXTERNAL_SEARCH        = NO
+
+# The SEARCHENGINE_URL should point to a search engine hosted by a web server
+# which will return the search results when EXTERNAL_SEARCH is enabled.
+#
+# Doxygen ships with an example indexer (doxyindexer) and search engine
+# (doxysearch.cgi) which are based on the open source search engine library
+# Xapian (see: http://xapian.org/). See the section "External Indexing and
+# Searching" for details.
+# This tag requires that the tag SEARCHENGINE is set to YES.
+
+SEARCHENGINE_URL       =
+
+# When SERVER_BASED_SEARCH and EXTERNAL_SEARCH are both enabled the unindexed
+# search data is written to a file for indexing by an external tool. With the
+# SEARCHDATA_FILE tag the name of this file can be specified.
+# The default file is: searchdata.xml.
+# This tag requires that the tag SEARCHENGINE is set to YES.
+
+SEARCHDATA_FILE        = searchdata.xml
+
+# When SERVER_BASED_SEARCH and EXTERNAL_SEARCH are both enabled the
+# EXTERNAL_SEARCH_ID tag can be used as an identifier for the project. This is
+# useful in combination with EXTRA_SEARCH_MAPPINGS to search through multiple
+# projects and redirect the results back to the right project.
+# This tag requires that the tag SEARCHENGINE is set to YES.
+
+EXTERNAL_SEARCH_ID     =
+
+# The EXTRA_SEARCH_MAPPINGS tag can be used to enable searching through doxygen
+# projects other than the one defined by this configuration file, but that are
+# all added to the same external search index. Each project needs to have a
+# unique id set via EXTERNAL_SEARCH_ID. The search mapping then maps the id of
+# to a relative location where the documentation can be found. The format is:
+# EXTRA_SEARCH_MAPPINGS = tagname1=loc1 tagname2=loc2 ...
+# This tag requires that the tag SEARCHENGINE is set to YES.
+
+EXTRA_SEARCH_MAPPINGS  =
+
+#---------------------------------------------------------------------------
+# Configuration options related to the LaTeX output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_LATEX tag is set to YES, doxygen will generate LaTeX output.
+# The default value is: YES.
+
+GENERATE_LATEX         =NO
+
+# The LATEX_OUTPUT tag is used to specify where the LaTeX docs will be put. If a
+# relative path is entered the value of OUTPUT_DIRECTORY will be put in front of
+# it.
+# The default directory is: latex.
+# This tag requires that the tag GENERATE_LATEX is set to YES.
+
+LATEX_OUTPUT           = latex
+
+# The LATEX_CMD_NAME tag can be used to specify the LaTeX command name to be
+# invoked.
+#
+# Note that when enabling USE_PDFLATEX this option is only used for generating
+# bitmaps for formulas in the HTML output, but not in the Makefile that is
+# written to the output directory.
+# The default file is: latex.
+# This tag requires that the tag GENERATE_LATEX is set to YES.
+
+LATEX_CMD_NAME         = latex
+
+# The MAKEINDEX_CMD_NAME tag can be used to specify the command name to generate
+# index for LaTeX.
+# The default file is: makeindex.
+# This tag requires that the tag GENERATE_LATEX is set to YES.
+
+MAKEINDEX_CMD_NAME     = makeindex
+
+# If the COMPACT_LATEX tag is set to YES, doxygen generates more compact LaTeX
+# documents. This may be useful for small projects and may help to save some
+# trees in general.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_LATEX is set to YES.
+
+COMPACT_LATEX          = NO
+
+# The PAPER_TYPE tag can be used to set the paper type that is used by the
+# printer.
+# Possible values are: a4 (210 x 297 mm), letter (8.5 x 11 inches), legal (8.5 x
+# 14 inches) and executive (7.25 x 10.5 inches).
+# The default value is: a4.
+# This tag requires that the tag GENERATE_LATEX is set to YES.
+
+PAPER_TYPE             = a4
+
+# The EXTRA_PACKAGES tag can be used to specify one or more LaTeX package names
+# that should be included in the LaTeX output. To get the times font for
+# instance you can specify
+# EXTRA_PACKAGES=times
+# If left blank no extra packages will be included.
+# This tag requires that the tag GENERATE_LATEX is set to YES.
+
+EXTRA_PACKAGES         =
+
+# The LATEX_HEADER tag can be used to specify a personal LaTeX header for the
+# generated LaTeX document. The header should contain everything until the first
+# chapter. If it is left blank doxygen will generate a standard header. See
+# section "Doxygen usage" for information on how to let doxygen write the
+# default header to a separate file.
+#
+# Note: Only use a user-defined header if you know what you are doing! The
+# following commands have a special meaning inside the header: $title,
+# $datetime, $date, $doxygenversion, $projectname, $projectnumber,
+# $projectbrief, $projectlogo. Doxygen will replace $title with the empty
+# string, for the replacement values of the other commands the user is referred
+# to HTML_HEADER.
+# This tag requires that the tag GENERATE_LATEX is set to YES.
+
+LATEX_HEADER           =
+
+# The LATEX_FOOTER tag can be used to specify a personal LaTeX footer for the
+# generated LaTeX document. The footer should contain everything after the last
+# chapter. If it is left blank doxygen will generate a standard footer. See
+# LATEX_HEADER for more information on how to generate a default footer and what
+# special commands can be used inside the footer.
+#
+# Note: Only use a user-defined footer if you know what you are doing!
+# This tag requires that the tag GENERATE_LATEX is set to YES.
+
+LATEX_FOOTER           =
+
+# The LATEX_EXTRA_STYLESHEET tag can be used to specify additional user-defined
+# LaTeX style sheets that are included after the standard style sheets created
+# by doxygen. Using this option one can overrule certain style aspects. Doxygen
+# will copy the style sheet files to the output directory.
+# Note: The order of the extra style sheet files is of importance (e.g. the last
+# style sheet in the list overrules the setting of the previous ones in the
+# list).
+# This tag requires that the tag GENERATE_LATEX is set to YES.
+
+LATEX_EXTRA_STYLESHEET =
+
+# The LATEX_EXTRA_FILES tag can be used to specify one or more extra images or
+# other source files which should be copied to the LATEX_OUTPUT output
+# directory. Note that the files will be copied as-is; there are no commands or
+# markers available.
+# This tag requires that the tag GENERATE_LATEX is set to YES.
+
+LATEX_EXTRA_FILES      =
+
+# If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated is
+# prepared for conversion to PDF (using ps2pdf or pdflatex). The PDF file will
+# contain links (just like the HTML output) instead of page references. This
+# makes the output suitable for online browsing using a PDF viewer.
+# The default value is: YES.
+# This tag requires that the tag GENERATE_LATEX is set to YES.
+
+PDF_HYPERLINKS         = YES
+
+# If the USE_PDFLATEX tag is set to YES, doxygen will use pdflatex to generate
+# the PDF file directly from the LaTeX files. Set this option to YES, to get a
+# higher quality PDF documentation.
+# The default value is: YES.
+# This tag requires that the tag GENERATE_LATEX is set to YES.
+
+USE_PDFLATEX           = YES
+
+# If the LATEX_BATCHMODE tag is set to YES, doxygen will add the \batchmode
+# command to the generated LaTeX files. This will instruct LaTeX to keep running
+# if errors occur, instead of asking the user for help. This option is also used
+# when generating formulas in HTML.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_LATEX is set to YES.
+
+LATEX_BATCHMODE        = NO
+
+# If the LATEX_HIDE_INDICES tag is set to YES then doxygen will not include the
+# index chapters (such as File Index, Compound Index, etc.) in the output.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_LATEX is set to YES.
+
+LATEX_HIDE_INDICES     = NO
+
+# If the LATEX_SOURCE_CODE tag is set to YES then doxygen will include source
+# code with syntax highlighting in the LaTeX output.
+#
+# Note that which sources are shown also depends on other settings such as
+# SOURCE_BROWSER.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_LATEX is set to YES.
+
+LATEX_SOURCE_CODE      = NO
+
+# The LATEX_BIB_STYLE tag can be used to specify the style to use for the
+# bibliography, e.g. plainnat, or ieeetr. See
+# http://en.wikipedia.org/wiki/BibTeX and \cite for more info.
+# The default value is: plain.
+# This tag requires that the tag GENERATE_LATEX is set to YES.
+
+LATEX_BIB_STYLE        = plain
+
+#---------------------------------------------------------------------------
+# Configuration options related to the RTF output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_RTF tag is set to YES, doxygen will generate RTF output. The
+# RTF output is optimized for Word 97 and may not look too pretty with other RTF
+# readers/editors.
+# The default value is: NO.
+
+GENERATE_RTF           = NO
+
+# The RTF_OUTPUT tag is used to specify where the RTF docs will be put. If a
+# relative path is entered the value of OUTPUT_DIRECTORY will be put in front of
+# it.
+# The default directory is: rtf.
+# This tag requires that the tag GENERATE_RTF is set to YES.
+
+RTF_OUTPUT             = rtf
+
+# If the COMPACT_RTF tag is set to YES, doxygen generates more compact RTF
+# documents. This may be useful for small projects and may help to save some
+# trees in general.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_RTF is set to YES.
+
+COMPACT_RTF            = NO
+
+# If the RTF_HYPERLINKS tag is set to YES, the RTF that is generated will
+# contain hyperlink fields. The RTF file will contain links (just like the HTML
+# output) instead of page references. This makes the output suitable for online
+# browsing using Word or some other Word compatible readers that support those
+# fields.
+#
+# Note: WordPad (write) and others do not support links.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_RTF is set to YES.
+
+RTF_HYPERLINKS         = NO
+
+# Load stylesheet definitions from file. Syntax is similar to doxygen's config
+# file, i.e. a series of assignments. You only have to provide replacements,
+# missing definitions are set to their default value.
+#
+# See also section "Doxygen usage" for information on how to generate the
+# default style sheet that doxygen normally uses.
+# This tag requires that the tag GENERATE_RTF is set to YES.
+
+RTF_STYLESHEET_FILE    =
+
+# Set optional variables used in the generation of an RTF document. Syntax is
+# similar to doxygen's config file. A template extensions file can be generated
+# using doxygen -e rtf extensionFile.
+# This tag requires that the tag GENERATE_RTF is set to YES.
+
+RTF_EXTENSIONS_FILE    =
+
+# If the RTF_SOURCE_CODE tag is set to YES then doxygen will include source code
+# with syntax highlighting in the RTF output.
+#
+# Note that which sources are shown also depends on other settings such as
+# SOURCE_BROWSER.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_RTF is set to YES.
+
+RTF_SOURCE_CODE        = NO
+
+#---------------------------------------------------------------------------
+# Configuration options related to the man page output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_MAN tag is set to YES, doxygen will generate man pages for
+# classes and files.
+# The default value is: NO.
+
+GENERATE_MAN           = NO
+
+# The MAN_OUTPUT tag is used to specify where the man pages will be put. If a
+# relative path is entered the value of OUTPUT_DIRECTORY will be put in front of
+# it. A directory man3 will be created inside the directory specified by
+# MAN_OUTPUT.
+# The default directory is: man.
+# This tag requires that the tag GENERATE_MAN is set to YES.
+
+MAN_OUTPUT             = man
+
+# The MAN_EXTENSION tag determines the extension that is added to the generated
+# man pages. In case the manual section does not start with a number, the number
+# 3 is prepended. The dot (.) at the beginning of the MAN_EXTENSION tag is
+# optional.
+# The default value is: .3.
+# This tag requires that the tag GENERATE_MAN is set to YES.
+
+MAN_EXTENSION          = .3
+
+# The MAN_SUBDIR tag determines the name of the directory created within
+# MAN_OUTPUT in which the man pages are placed. If defaults to man followed by
+# MAN_EXTENSION with the initial . removed.
+# This tag requires that the tag GENERATE_MAN is set to YES.
+
+MAN_SUBDIR             =
+
+# If the MAN_LINKS tag is set to YES and doxygen generates man output, then it
+# will generate one additional man file for each entity documented in the real
+# man page(s). These additional files only source the real man page, but without
+# them the man command would be unable to find the correct page.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_MAN is set to YES.
+
+MAN_LINKS              = NO
+
+#---------------------------------------------------------------------------
+# Configuration options related to the XML output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_XML tag is set to YES, doxygen will generate an XML file that
+# captures the structure of the code including all documentation.
+# The default value is: NO.
+
+GENERATE_XML           = NO
+
+# The XML_OUTPUT tag is used to specify where the XML pages will be put. If a
+# relative path is entered the value of OUTPUT_DIRECTORY will be put in front of
+# it.
+# The default directory is: xml.
+# This tag requires that the tag GENERATE_XML is set to YES.
+
+XML_OUTPUT             = xml
+
+# If the XML_PROGRAMLISTING tag is set to YES, doxygen will dump the program
+# listings (including syntax highlighting and cross-referencing information) to
+# the XML output. Note that enabling this will significantly increase the size
+# of the XML output.
+# The default value is: YES.
+# This tag requires that the tag GENERATE_XML is set to YES.
+
+XML_PROGRAMLISTING     = YES
+
+#---------------------------------------------------------------------------
+# Configuration options related to the DOCBOOK output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_DOCBOOK tag is set to YES, doxygen will generate Docbook files
+# that can be used to generate PDF.
+# The default value is: NO.
+
+GENERATE_DOCBOOK       = NO
+
+# The DOCBOOK_OUTPUT tag is used to specify where the Docbook pages will be put.
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be put in
+# front of it.
+# The default directory is: docbook.
+# This tag requires that the tag GENERATE_DOCBOOK is set to YES.
+
+DOCBOOK_OUTPUT         = docbook
+
+# If the DOCBOOK_PROGRAMLISTING tag is set to YES, doxygen will include the
+# program listings (including syntax highlighting and cross-referencing
+# information) to the DOCBOOK output. Note that enabling this will significantly
+# increase the size of the DOCBOOK output.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_DOCBOOK is set to YES.
+
+DOCBOOK_PROGRAMLISTING = NO
+
+#---------------------------------------------------------------------------
+# Configuration options for the AutoGen Definitions output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_AUTOGEN_DEF tag is set to YES, doxygen will generate an
+# AutoGen Definitions (see http://autogen.sf.net) file that captures the
+# structure of the code including all documentation. Note that this feature is
+# still experimental and incomplete at the moment.
+# The default value is: NO.
+
+GENERATE_AUTOGEN_DEF   = NO
+
+#---------------------------------------------------------------------------
+# Configuration options related to the Perl module output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_PERLMOD tag is set to YES, doxygen will generate a Perl module
+# file that captures the structure of the code including all documentation.
+#
+# Note that this feature is still experimental and incomplete at the moment.
+# The default value is: NO.
+
+GENERATE_PERLMOD       = NO
+
+# If the PERLMOD_LATEX tag is set to YES, doxygen will generate the necessary
+# Makefile rules, Perl scripts and LaTeX code to be able to generate PDF and DVI
+# output from the Perl module output.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_PERLMOD is set to YES.
+
+PERLMOD_LATEX          = NO
+
+# If the PERLMOD_PRETTY tag is set to YES, the Perl module output will be nicely
+# formatted so it can be parsed by a human reader. This is useful if you want to
+# understand what is going on. On the other hand, if this tag is set to NO, the
+# size of the Perl module output will be much smaller and Perl will parse it
+# just the same.
+# The default value is: YES.
+# This tag requires that the tag GENERATE_PERLMOD is set to YES.
+
+PERLMOD_PRETTY         = YES
+
+# The names of the make variables in the generated doxyrules.make file are
+# prefixed with the string contained in PERLMOD_MAKEVAR_PREFIX. This is useful
+# so different doxyrules.make files included by the same Makefile don't
+# overwrite each other's variables.
+# This tag requires that the tag GENERATE_PERLMOD is set to YES.
+
+PERLMOD_MAKEVAR_PREFIX =
+
+#---------------------------------------------------------------------------
+# Configuration options related to the preprocessor
+#---------------------------------------------------------------------------
+
+# If the ENABLE_PREPROCESSING tag is set to YES, doxygen will evaluate all
+# C-preprocessor directives found in the sources and include files.
+# The default value is: YES.
+
+ENABLE_PREPROCESSING   = YES
+
+# If the MACRO_EXPANSION tag is set to YES, doxygen will expand all macro names
+# in the source code. If set to NO, only conditional compilation will be
+# performed. Macro expansion can be done in a controlled way by setting
+# EXPAND_ONLY_PREDEF to YES.
+# The default value is: NO.
+# This tag requires that the tag ENABLE_PREPROCESSING is set to YES.
+
+MACRO_EXPANSION        = NO
+
+# If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES then
+# the macro expansion is limited to the macros specified with the PREDEFINED and
+# EXPAND_AS_DEFINED tags.
+# The default value is: NO.
+# This tag requires that the tag ENABLE_PREPROCESSING is set to YES.
+
+EXPAND_ONLY_PREDEF     = NO
+
+# If the SEARCH_INCLUDES tag is set to YES, the include files in the
+# INCLUDE_PATH will be searched if a #include is found.
+# The default value is: YES.
+# This tag requires that the tag ENABLE_PREPROCESSING is set to YES.
+
+SEARCH_INCLUDES        = YES
+
+# The INCLUDE_PATH tag can be used to specify one or more directories that
+# contain include files that are not input files but should be processed by the
+# preprocessor.
+# This tag requires that the tag SEARCH_INCLUDES is set to YES.
+
+INCLUDE_PATH           =
+
+# You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard
+# patterns (like *.h and *.hpp) to filter out the header-files in the
+# directories. If left blank, the patterns specified with FILE_PATTERNS will be
+# used.
+# This tag requires that the tag ENABLE_PREPROCESSING is set to YES.
+
+INCLUDE_FILE_PATTERNS  =
+
+# The PREDEFINED tag can be used to specify one or more macro names that are
+# defined before the preprocessor is started (similar to the -D option of e.g.
+# gcc). The argument of the tag is a list of macros of the form: name or
+# name=definition (no spaces). If the definition and the "=" are omitted, "=1"
+# is assumed. To prevent a macro definition from being undefined via #undef or
+# recursively expanded use the := operator instead of the = operator.
+# This tag requires that the tag ENABLE_PREPROCESSING is set to YES.
+
+PREDEFINED             =
+
+# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then this
+# tag can be used to specify a list of macro names that should be expanded. The
+# macro definition that is found in the sources will be used. Use the PREDEFINED
+# tag if you want to use a different macro definition that overrules the
+# definition found in the source code.
+# This tag requires that the tag ENABLE_PREPROCESSING is set to YES.
+
+EXPAND_AS_DEFINED      =
+
+# If the SKIP_FUNCTION_MACROS tag is set to YES then doxygen's preprocessor will
+# remove all references to function-like macros that are alone on a line, have
+# an all uppercase name, and do not end with a semicolon. Such function macros
+# are typically used for boiler-plate code, and will confuse the parser if not
+# removed.
+# The default value is: YES.
+# This tag requires that the tag ENABLE_PREPROCESSING is set to YES.
+
+SKIP_FUNCTION_MACROS   = YES
+
+#---------------------------------------------------------------------------
+# Configuration options related to external references
+#---------------------------------------------------------------------------
+
+# The TAGFILES tag can be used to specify one or more tag files. For each tag
+# file the location of the external documentation should be added. The format of
+# a tag file without this location is as follows:
+# TAGFILES = file1 file2 ...
+# Adding location for the tag files is done as follows:
+# TAGFILES = file1=loc1 "file2 = loc2" ...
+# where loc1 and loc2 can be relative or absolute paths or URLs. See the
+# section "Linking to external documentation" for more information about the use
+# of tag files.
+# Note: Each tag file must have a unique name (where the name does NOT include
+# the path). If a tag file is not located in the directory in which doxygen is
+# run, you must also specify the path to the tagfile here.
+
+TAGFILES               =
+
+# When a file name is specified after GENERATE_TAGFILE, doxygen will create a
+# tag file that is based on the input files it reads. See section "Linking to
+# external documentation" for more information about the usage of tag files.
+
+GENERATE_TAGFILE       =
+
+# If the ALLEXTERNALS tag is set to YES, all external class will be listed in
+# the class index. If set to NO, only the inherited external classes will be
+# listed.
+# The default value is: NO.
+
+ALLEXTERNALS           = NO
+
+# If the EXTERNAL_GROUPS tag is set to YES, all external groups will be listed
+# in the modules index. If set to NO, only the current project's groups will be
+# listed.
+# The default value is: YES.
+
+EXTERNAL_GROUPS        = YES
+
+# If the EXTERNAL_PAGES tag is set to YES, all external pages will be listed in
+# the related pages index. If set to NO, only the current project's pages will
+# be listed.
+# The default value is: YES.
+
+EXTERNAL_PAGES         = YES
+
+# The PERL_PATH should be the absolute path and name of the perl script
+# interpreter (i.e. the result of 'which perl').
+# The default file (with absolute path) is: /usr/bin/perl.
+
+PERL_PATH              = /usr/bin/perl
+
+#---------------------------------------------------------------------------
+# Configuration options related to the dot tool
+#---------------------------------------------------------------------------
+
+# If the CLASS_DIAGRAMS tag is set to YES, doxygen will generate a class diagram
+# (in HTML and LaTeX) for classes with base or super classes. Setting the tag to
+# NO turns the diagrams off. Note that this option also works with HAVE_DOT
+# disabled, but it is recommended to install and use dot, since it yields more
+# powerful graphs.
+# The default value is: YES.
+
+CLASS_DIAGRAMS         = YES
+
+# You can define message sequence charts within doxygen comments using the \msc
+# command. Doxygen will then run the mscgen tool (see:
+# http://www.mcternan.me.uk/mscgen/)) to produce the chart and insert it in the
+# documentation. The MSCGEN_PATH tag allows you to specify the directory where
+# the mscgen tool resides. If left empty the tool is assumed to be found in the
+# default search path.
+
+MSCGEN_PATH            =
+
+# You can include diagrams made with dia in doxygen documentation. Doxygen will
+# then run dia to produce the diagram and insert it in the documentation. The
+# DIA_PATH tag allows you to specify the directory where the dia binary resides.
+# If left empty dia is assumed to be found in the default search path.
+
+DIA_PATH               =
+
+# If set to YES the inheritance and collaboration graphs will hide inheritance
+# and usage relations if the target is undocumented or is not a class.
+# The default value is: YES.
+
+HIDE_UNDOC_RELATIONS   = YES
+
+# If you set the HAVE_DOT tag to YES then doxygen will assume the dot tool is
+# available from the path. This tool is part of Graphviz (see:
+# http://www.graphviz.org/), a graph visualization toolkit from AT&T and Lucent
+# Bell Labs. The other options in this section have no effect if this option is
+# set to NO
+# The default value is: NO.
+
+HAVE_DOT               = NO
+
+# The DOT_NUM_THREADS specifies the number of dot invocations doxygen is allowed
+# to run in parallel. When set to 0 doxygen will base this on the number of
+# processors available in the system. You can set it explicitly to a value
+# larger than 0 to get control over the balance between CPU load and processing
+# speed.
+# Minimum value: 0, maximum value: 32, default value: 0.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+DOT_NUM_THREADS        = 0
+
+# When you want a differently looking font in the dot files that doxygen
+# generates you can specify the font name using DOT_FONTNAME. You need to make
+# sure dot is able to find the font, which can be done by putting it in a
+# standard location or by setting the DOTFONTPATH environment variable or by
+# setting DOT_FONTPATH to the directory containing the font.
+# The default value is: Helvetica.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+DOT_FONTNAME           = Helvetica
+
+# The DOT_FONTSIZE tag can be used to set the size (in points) of the font of
+# dot graphs.
+# Minimum value: 4, maximum value: 24, default value: 10.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+DOT_FONTSIZE           = 10
+
+# By default doxygen will tell dot to use the default font as specified with
+# DOT_FONTNAME. If you specify a different font using DOT_FONTNAME you can set
+# the path where dot can find it using this tag.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+DOT_FONTPATH           =
+
+# If the CLASS_GRAPH tag is set to YES then doxygen will generate a graph for
+# each documented class showing the direct and indirect inheritance relations.
+# Setting this tag to YES will force the CLASS_DIAGRAMS tag to NO.
+# The default value is: YES.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+CLASS_GRAPH            = YES
+
+# If the COLLABORATION_GRAPH tag is set to YES then doxygen will generate a
+# graph for each documented class showing the direct and indirect implementation
+# dependencies (inheritance, containment, and class references variables) of the
+# class with other documented classes.
+# The default value is: YES.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+COLLABORATION_GRAPH    = YES
+
+# If the GROUP_GRAPHS tag is set to YES then doxygen will generate a graph for
+# groups, showing the direct groups dependencies.
+# The default value is: YES.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+GROUP_GRAPHS           = YES
+
+# If the UML_LOOK tag is set to YES, doxygen will generate inheritance and
+# collaboration diagrams in a style similar to the OMG's Unified Modeling
+# Language.
+# The default value is: NO.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+UML_LOOK               = NO
+
+# If the UML_LOOK tag is enabled, the fields and methods are shown inside the
+# class node. If there are many fields or methods and many nodes the graph may
+# become too big to be useful. The UML_LIMIT_NUM_FIELDS threshold limits the
+# number of items for each type to make the size more manageable. Set this to 0
+# for no limit. Note that the threshold may be exceeded by 50% before the limit
+# is enforced. So when you set the threshold to 10, up to 15 fields may appear,
+# but if the number exceeds 15, the total amount of fields shown is limited to
+# 10.
+# Minimum value: 0, maximum value: 100, default value: 10.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+UML_LIMIT_NUM_FIELDS   = 10
+
+# If the TEMPLATE_RELATIONS tag is set to YES then the inheritance and
+# collaboration graphs will show the relations between templates and their
+# instances.
+# The default value is: NO.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+TEMPLATE_RELATIONS     = NO
+
+# If the INCLUDE_GRAPH, ENABLE_PREPROCESSING and SEARCH_INCLUDES tags are set to
+# YES then doxygen will generate a graph for each documented file showing the
+# direct and indirect include dependencies of the file with other documented
+# files.
+# The default value is: YES.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+INCLUDE_GRAPH          = YES
+
+# If the INCLUDED_BY_GRAPH, ENABLE_PREPROCESSING and SEARCH_INCLUDES tags are
+# set to YES then doxygen will generate a graph for each documented file showing
+# the direct and indirect include dependencies of the file with other documented
+# files.
+# The default value is: YES.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+INCLUDED_BY_GRAPH      = YES
+
+# If the CALL_GRAPH tag is set to YES then doxygen will generate a call
+# dependency graph for every global function or class method.
+#
+# Note that enabling this option will significantly increase the time of a run.
+# So in most cases it will be better to enable call graphs for selected
+# functions only using the \callgraph command.
+# The default value is: NO.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+CALL_GRAPH             = NO
+
+# If the CALLER_GRAPH tag is set to YES then doxygen will generate a caller
+# dependency graph for every global function or class method.
+#
+# Note that enabling this option will significantly increase the time of a run.
+# So in most cases it will be better to enable caller graphs for selected
+# functions only using the \callergraph command.
+# The default value is: NO.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+CALLER_GRAPH           = NO
+
+# If the GRAPHICAL_HIERARCHY tag is set to YES then doxygen will graphical
+# hierarchy of all classes instead of a textual one.
+# The default value is: YES.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+GRAPHICAL_HIERARCHY    = YES
+
+# If the DIRECTORY_GRAPH tag is set to YES then doxygen will show the
+# dependencies a directory has on other directories in a graphical way. The
+# dependency relations are determined by the #include relations between the
+# files in the directories.
+# The default value is: YES.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+DIRECTORY_GRAPH        = YES
+
+# The DOT_IMAGE_FORMAT tag can be used to set the image format of the images
+# generated by dot.
+# Note: If you choose svg you need to set HTML_FILE_EXTENSION to xhtml in order
+# to make the SVG files visible in IE 9+ (other browsers do not have this
+# requirement).
+# Possible values are: png, jpg, gif and svg.
+# The default value is: png.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+DOT_IMAGE_FORMAT       = png
+
+# If DOT_IMAGE_FORMAT is set to svg, then this option can be set to YES to
+# enable generation of interactive SVG images that allow zooming and panning.
+#
+# Note that this requires a modern browser other than Internet Explorer. Tested
+# and working are Firefox, Chrome, Safari, and Opera.
+# Note: For IE 9+ you need to set HTML_FILE_EXTENSION to xhtml in order to make
+# the SVG files visible. Older versions of IE do not have SVG support.
+# The default value is: NO.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+INTERACTIVE_SVG        = NO
+
+# The DOT_PATH tag can be used to specify the path where the dot tool can be
+# found. If left blank, it is assumed the dot tool can be found in the path.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+DOT_PATH               =
+
+# The DOTFILE_DIRS tag can be used to specify one or more directories that
+# contain dot files that are included in the documentation (see the \dotfile
+# command).
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+DOTFILE_DIRS           =
+
+# The MSCFILE_DIRS tag can be used to specify one or more directories that
+# contain msc files that are included in the documentation (see the \mscfile
+# command).
+
+MSCFILE_DIRS           =
+
+# The DIAFILE_DIRS tag can be used to specify one or more directories that
+# contain dia files that are included in the documentation (see the \diafile
+# command).
+
+DIAFILE_DIRS           =
+
+# When using plantuml, the PLANTUML_JAR_PATH tag should be used to specify the
+# path where java can find the plantuml.jar file. If left blank, it is assumed
+# PlantUML is not used or called during a preprocessing step. Doxygen will
+# generate a warning when it encounters a \startuml command in this case and
+# will not generate output for the diagram.
+
+PLANTUML_JAR_PATH      =
+
+# When using plantuml, the specified paths are searched for files specified by
+# the !include statement in a plantuml block.
+
+PLANTUML_INCLUDE_PATH  =
+
+# The DOT_GRAPH_MAX_NODES tag can be used to set the maximum number of nodes
+# that will be shown in the graph. If the number of nodes in a graph becomes
+# larger than this value, doxygen will truncate the graph, which is visualized
+# by representing a node as a red box. Note that doxygen if the number of direct
+# children of the root node in a graph is already larger than
+# DOT_GRAPH_MAX_NODES then the graph will not be shown at all. Also note that
+# the size of a graph can be further restricted by MAX_DOT_GRAPH_DEPTH.
+# Minimum value: 0, maximum value: 10000, default value: 50.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+DOT_GRAPH_MAX_NODES    = 50
+
+# The MAX_DOT_GRAPH_DEPTH tag can be used to set the maximum depth of the graphs
+# generated by dot. A depth value of 3 means that only nodes reachable from the
+# root by following a path via at most 3 edges will be shown. Nodes that lay
+# further from the root node will be omitted. Note that setting this option to 1
+# or 2 may greatly reduce the computation time needed for large code bases. Also
+# note that the size of a graph can be further restricted by
+# DOT_GRAPH_MAX_NODES. Using a depth of 0 means no depth restriction.
+# Minimum value: 0, maximum value: 1000, default value: 0.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+MAX_DOT_GRAPH_DEPTH    = 0
+
+# Set the DOT_TRANSPARENT tag to YES to generate images with a transparent
+# background. This is disabled by default, because dot on Windows does not seem
+# to support this out of the box.
+#
+# Warning: Depending on the platform used, enabling this option may lead to
+# badly anti-aliased labels on the edges of a graph (i.e. they become hard to
+# read).
+# The default value is: NO.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+DOT_TRANSPARENT        = NO
+
+# Set the DOT_MULTI_TARGETS tag to YES to allow dot to generate multiple output
+# files in one run (i.e. multiple -o and -T options on the command line). This
+# makes dot run faster, but since only newer versions of dot (>1.8.10) support
+# this, this feature is disabled by default.
+# The default value is: NO.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+DOT_MULTI_TARGETS      = NO
+
+# If the GENERATE_LEGEND tag is set to YES doxygen will generate a legend page
+# explaining the meaning of the various boxes and arrows in the dot generated
+# graphs.
+# The default value is: YES.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+GENERATE_LEGEND        = YES
+
+# If the DOT_CLEANUP tag is set to YES, doxygen will remove the intermediate dot
+# files that are used to generate the various graphs.
+# The default value is: YES.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+DOT_CLEANUP            = YES
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/include/restclient-cpp/connection.h b/3rdparty/restclient-cpp-0.5.2-fork/include/restclient-cpp/connection.h
new file mode 100644
index 0000000..657858b
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/include/restclient-cpp/connection.h
@@ -0,0 +1,224 @@
+/**
+ * @file connection.h
+ * @brief header definitions for restclient-cpp connection class
+ * @author Daniel Schauenberg <d@unwiredcouch.com>
+ * @version
+ * @date 2010-10-11
+ */
+
+#ifndef INCLUDE_RESTCLIENT_CPP_CONNECTION_H_
+#define INCLUDE_RESTCLIENT_CPP_CONNECTION_H_
+
+#include <curl/curl.h>
+#include <string>
+#include <map>
+#include <cstdlib>
+
+#include "restclient-cpp/restclient.h"
+#include "restclient-cpp/version.h"
+
+/**
+ * @brief namespace for all RestClient definitions
+ */
+namespace RestClient {
+
+/**
+  * @brief Connection object for advanced usage
+  */
+class Connection {
+ public:
+    /**
+      *  @struct RequestInfo
+      *  @brief holds some diagnostics information
+      *  about a request
+      *  @var RequestInfo::totalTime
+      *  Member 'totalTime' contains the total time of the last request in
+      *  seconds Total time of previous transfer. See CURLINFO_TOTAL_TIME
+      *  @var RequestInfo::nameLookupTime
+      *  Member 'nameLookupTime' contains the time spent in DNS lookup in
+      *  seconds Time from start until name resolving completed. See
+      *  CURLINFO_NAMELOOKUP_TIME
+      *  @var RequestInfo::connectTime
+      *  Member 'connectTime' contains the time it took until Time from start
+      *  until remote host or proxy completed. See CURLINFO_CONNECT_TIME
+      *  @var RequestInfo::appConnectTime
+      *  Member 'appConnectTime' contains the time from start until SSL/SSH
+      *  handshake completed. See CURLINFO_APPCONNECT_TIME
+      *  @var RequestInfo::preTransferTime
+      *  Member 'preTransferTime' contains the total time from start until
+      *  just before the transfer begins. See CURLINFO_PRETRANSFER_TIME
+      *  @var RequestInfo::startTransferTime
+      *  Member 'startTransferTime' contains the total time from start until
+      *  just when the first byte is received. See CURLINFO_STARTTRANSFER_TIME
+      *  @var RequestInfo::redirectTime
+      *  Member 'redirectTime' contains the total time taken for all redirect
+      *  steps before the final transfer. See CURLINFO_REDIRECT_TIME
+      *  @var RequestInfo::redirectCount
+      *  Member 'redirectCount' contains the number of redirects followed. See
+      *  CURLINFO_REDIRECT_COUNT
+      */
+    typedef struct {
+        double totalTime;
+        double nameLookupTime;
+        double connectTime;
+        double appConnectTime;
+        double preTransferTime;
+        double startTransferTime;
+        double redirectTime;
+        int redirectCount;
+      } RequestInfo;
+    /**
+      *  @struct Info
+      *  @brief holds some diagnostics information
+      *  about the connection object it came from
+      *  @var Info::baseUrl
+      *  Member 'baseUrl' contains the base URL for the connection object
+      *  @var Info::headers
+      *  Member 'headers' contains the HeaderFields map
+      *  @var Info::timeout
+      *  Member 'timeout' contains the configured timeout
+      *  @var Info::followRedirects
+      *  Member 'followRedirects' contains whether or not to follow redirects
+      *  @var Info::maxRedirects
+      *  Member 'maxRedirects' contains the maximum number of redirect to follow (-1 unlimited)
+      *  @var Info::basicAuth
+      *  Member 'basicAuth' contains information about basic auth
+      *  @var basicAuth::username
+      *  Member 'username' contains the basic auth username
+      *  @var basicAuth::password
+      *  Member 'password' contains the basic auth password
+      *  @var Info::certPath
+      *  Member 'certPath' contains the certificate file path
+      *  @var Info::certType
+      *  Member 'certType' contains the certificate type
+      *  @var Info::keyPath
+      *  Member 'keyPath' contains the SSL key file path
+      *  @var Info::keyPassword
+      *  Member 'keyPassword' contains the SSL key password
+      *  @var Info::customUserAgent
+      *  Member 'customUserAgent' contains the custom user agent
+      *  @var Info::uriProxy
+      *  Member 'uriProxy' contains the HTTP proxy address
+      *  @var Info::lastRequest
+      *  Member 'lastRequest' contains metrics about the last request
+      */
+    typedef struct {
+      std::string baseUrl;
+      RestClient::HeaderFields headers;
+      int timeout;
+      bool followRedirects;
+      int maxRedirects;
+      bool noSignal;
+      struct {
+        std::string username;
+        std::string password;
+      } basicAuth;
+
+      std::string certPath;
+      std::string certType;
+      std::string keyPath;
+      std::string keyPassword;
+      std::string customUserAgent;
+      std::string uriProxy;
+      std::string unixSocketPath;
+      RequestInfo lastRequest;
+    } Info;
+
+
+    explicit Connection(const std::string& baseUrl);
+    ~Connection();
+
+    // Instance configuration methods
+    // configure basic auth
+    void SetBasicAuth(const std::string& username,
+                      const std::string& password);
+
+    // set connection timeout to seconds
+    void SetTimeout(int seconds);
+
+    // set to not use signals
+    void SetNoSignal(bool no);
+
+    // set whether to follow redirects, maxRedirects indicitng the maximum
+    // number of redirects to follow
+    void FollowRedirects(bool follow, int maxRedirects = -1l);
+
+    // set custom user agent
+    // (this will result in the UA "foo/cool restclient-cpp/VERSION")
+    void SetUserAgent(const std::string& userAgent);
+
+    // set the Certificate Authority (CA) Info which is the path to file holding
+    // certificates to be used to verify peers. See CURLOPT_CAINFO
+    void SetCAInfoFilePath(const std::string& caInfoFilePath);
+
+    // set CURLOPT_SSLCERT
+    void SetCertPath(const std::string& cert);
+
+    // set CURLOPT_SSLCERTTYPE
+    void SetCertType(const std::string& type);
+
+    // set CURLOPT_SSLKEY. Default format is PEM
+    void SetKeyPath(const std::string& keyPath);
+
+    // set CURLOPT_KEYPASSWD.
+    void SetKeyPassword(const std::string& keyPassword);
+
+    // set CURLOPT_PROXY
+    void SetProxy(const std::string& uriProxy);
+
+    // set CURLOPT_UNIX_SOCKET_PATH
+    void SetUnixSocketPath(const std::string& unixSocketPath);
+
+    std::string GetUserAgent();
+
+    RestClient::Connection::Info GetInfo();
+
+    // set headers
+    void SetHeaders(RestClient::HeaderFields headers);
+
+    // get headers
+    RestClient::HeaderFields GetHeaders();
+
+    // append additional headers
+    void AppendHeader(const std::string& key,
+                      const std::string& value);
+
+
+    // Basic HTTP verb methods
+    RestClient::Response get(const std::string& uri);
+    RestClient::Response post(const std::string& uri,
+                              const std::string& data);
+    RestClient::Response put(const std::string& uri,
+                             const std::string& data);
+    RestClient::Response patch(const std::string& uri,
+                             const std::string& data);
+    RestClient::Response del(const std::string& uri);
+    RestClient::Response head(const std::string& uri);
+    RestClient::Response options(const std::string& uri);
+
+ private:
+    CURL* curlHandle;
+    std::string baseUrl;
+    RestClient::HeaderFields headerFields;
+    int timeout;
+    bool followRedirects;
+    int maxRedirects;
+    bool noSignal;
+    struct {
+      std::string username;
+      std::string password;
+    } basicAuth;
+    std::string customUserAgent;
+    std::string caInfoFilePath;
+    RequestInfo lastRequest;
+    std::string certPath;
+    std::string certType;
+    std::string keyPath;
+    std::string keyPassword;
+    std::string uriProxy;
+    std::string unixSocketPath;
+    RestClient::Response performCurlRequest(const std::string& uri);
+};
+}  // namespace RestClient
+
+#endif  // INCLUDE_RESTCLIENT_CPP_CONNECTION_H_
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/include/restclient-cpp/helpers.h b/3rdparty/restclient-cpp-0.5.2-fork/include/restclient-cpp/helpers.h
new file mode 100644
index 0000000..79d161b
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/include/restclient-cpp/helpers.h
@@ -0,0 +1,75 @@
+/**
+ * @file helpers.h
+ * @brief header file for restclient-cpp helpers
+ * @author Daniel Schauenberg <d@unwiredcouch.com>
+ * @version
+ * @date 2010-10-11
+ */
+
+#ifndef INCLUDE_RESTCLIENT_CPP_HELPERS_H_
+#define INCLUDE_RESTCLIENT_CPP_HELPERS_H_
+
+#include <string>
+#include <cctype>
+#include <algorithm>
+#include <functional>
+
+#include "restclient-cpp/version.h"
+
+/**
+ * @brief namespace for all RestClient definitions
+ */
+namespace RestClient {
+
+/**
+  * @brief: namespace for all helper functions
+  */
+namespace Helpers {
+
+  /** @struct UploadObject
+    *  @brief This structure represents the payload to upload on POST
+    *  requests
+    *  @var UploadObject::data
+    *  Member 'data' contains the data to upload
+    *  @var UploadObject::length
+    *  Member 'length' contains the length of the data to upload
+    */
+  typedef struct {
+    const char* data;
+    size_t length;
+  } UploadObject;
+
+  // writedata callback function
+  size_t write_callback(void *ptr, size_t size, size_t nmemb,
+                              void *userdata);
+
+  // header callback function
+  size_t header_callback(void *ptr, size_t size, size_t nmemb,
+                                void *userdata);
+  // read callback function
+  size_t read_callback(void *ptr, size_t size, size_t nmemb,
+                              void *userdata);
+
+  // trim from start
+  static inline std::string &ltrim(std::string &s) {  // NOLINT
+    s.erase(s.begin(), std::find_if(s.begin(), s.end(),
+            [](int c) {return !std::isspace(c);}));
+    return s;
+  }
+
+  // trim from end
+  static inline std::string &rtrim(std::string &s) { // NOLINT
+    s.erase(std::find_if(s.rbegin(), s.rend(),
+            [](int c) {return !std::isspace(c);}).base(), s.end());
+    return s;
+  }
+
+  // trim from both ends
+  static inline std::string &trim(std::string &s) {  // NOLINT
+    return ltrim(rtrim(s));
+  }
+};  // namespace Helpers
+
+};  // namespace RestClient
+
+#endif  // INCLUDE_RESTCLIENT_CPP_HELPERS_H_
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/include/restclient-cpp/restclient.h b/3rdparty/restclient-cpp-0.5.2-fork/include/restclient-cpp/restclient.h
new file mode 100644
index 0000000..b496ee9
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/include/restclient-cpp/restclient.h
@@ -0,0 +1,79 @@
+/**
+ * @file restclient.h
+ * @brief libcurl wrapper for REST calls
+ * @author Daniel Schauenberg <d@unwiredcouch.com>
+ * @version
+ * @date 2010-10-11
+ */
+
+/*
+ * NOTE: This is a modified fork of the original to set timeout and limit response and header sizes
+ */
+
+#ifndef INCLUDE_RESTCLIENT_CPP_RESTCLIENT_H_
+#define INCLUDE_RESTCLIENT_CPP_RESTCLIENT_H_
+
+#include <string>
+#include <map>
+#include <cstdlib>
+
+#include "restclient-cpp/version.h"
+
+/**
+ * @brief namespace for all RestClient definitions
+ */
+namespace RestClient {
+
+enum Limits
+{
+    TimeoutSeconds = 9, // in seconds
+    ResponseSize = 16 * 1024,
+    HeaderSize = 32 * 1024,
+};
+
+/**
+  * public data definitions
+  */
+typedef std::map<std::string, std::string> HeaderFields;
+
+/** @struct Response
+  *  @brief This structure represents the HTTP response data
+  *  @var Response::code
+  *  Member 'code' contains the HTTP response code
+  *  @var Response::body
+  *  Member 'body' contains the HTTP response body
+  *  @var Response::headers
+  *  Member 'headers' contains the HTTP response headers
+  */
+typedef struct {
+  int code;
+  std::string body;
+  HeaderFields headers;
+} Response;
+
+// init and disable functions
+int init();
+void disable();
+
+/**
+  * public methods for the simple API. These don't allow a lot of
+  * configuration but are meant for simple HTTP calls.
+  *
+  */
+Response get(const std::string& url);
+Response post(const std::string& url,
+              const std::string& content_type,
+              const std::string& data);
+Response put(const std::string& url,
+              const std::string& content_type,
+              const std::string& data);
+Response patch(const std::string& url,
+              const std::string& content_type,
+              const std::string& data);
+Response del(const std::string& url);
+Response head(const std::string& url);
+Response options(const std::string& url);
+
+}  // namespace RestClient
+
+#endif  // INCLUDE_RESTCLIENT_CPP_RESTCLIENT_H_
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/restclient-cpp.pc.in b/3rdparty/restclient-cpp-0.5.2-fork/restclient-cpp.pc.in
new file mode 100644
index 0000000..9df86b3
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/restclient-cpp.pc.in
@@ -0,0 +1,12 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: restclient-cpp
+Description: C++ client for making HTTP/REST requests
+URL: http://code.mrtazz.com/restclient-cpp/
+Version: @VERSION@
+Requires: curl
+Libs: -L${libdir} -lrestclient-cpp
+Cflags: -I${includedir}
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/source/connection.cc b/3rdparty/restclient-cpp-0.5.2-fork/source/connection.cc
new file mode 100644
index 0000000..8b68d06
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/source/connection.cc
@@ -0,0 +1,595 @@
+/**
+ * @file connection.cpp
+ * @brief implementation of the connection class
+ * @author Daniel Schauenberg <d@unwiredcouch.com>
+ */
+
+/*
+ * NOTE: This is a modified fork of the original to set response timeout 
+ */
+
+#include "restclient-cpp/connection.h"
+
+#include <curl/curl.h>
+
+#include <cstring>
+#include <string>
+#include <iostream>
+#include <map>
+#include <stdexcept>
+#include <utility>
+
+#include "restclient-cpp/restclient.h"
+#include "restclient-cpp/helpers.h"
+#include "restclient-cpp/version.h"
+
+
+/**
+ * @brief constructor for the Connection object
+ *
+ * @param baseUrl - base URL for the connection to use
+ *
+ */
+RestClient::Connection::Connection(const std::string& baseUrl)
+                               : headerFields(), lastRequest() {
+  this->curlHandle = curl_easy_init();
+  if (!this->curlHandle) {
+    throw std::runtime_error("Couldn't initialize curl handle");
+  }
+  this->baseUrl = baseUrl;
+  this->timeout = Limits::TimeoutSeconds;
+  this->followRedirects = false;
+  this->maxRedirects = -1l;
+  this->noSignal = false;
+}
+
+RestClient::Connection::~Connection() {
+  if (this->curlHandle) {
+    curl_easy_cleanup(this->curlHandle);
+  }
+}
+
+// getters/setters
+
+/**
+ * @brief get diagnostic information about the connection object
+ *
+ * @return RestClient::Connection::Info struct
+ */
+RestClient::Connection::Info
+RestClient::Connection::GetInfo() {
+  RestClient::Connection::Info ret;
+  ret.baseUrl = this->baseUrl;
+  ret.headers = this->GetHeaders();
+  ret.timeout = this->timeout;
+  ret.followRedirects = this->followRedirects;
+  ret.maxRedirects = this->maxRedirects;
+  ret.noSignal = this->noSignal;
+  ret.basicAuth.username = this->basicAuth.username;
+  ret.basicAuth.password = this->basicAuth.password;
+  ret.customUserAgent = this->customUserAgent;
+  ret.lastRequest = this->lastRequest;
+
+  ret.certPath = this->certPath;
+  ret.certType = this->certType;
+  ret.keyPath = this->keyPath;
+  ret.keyPassword = this->keyPassword;
+
+  ret.uriProxy = this->uriProxy;
+  ret.unixSocketPath = this->unixSocketPath;
+
+  return ret;
+}
+
+/**
+ * @brief append a header to the internal map
+ *
+ * @param key for the header field
+ * @param value for the header field
+ *
+ */
+void
+RestClient::Connection::AppendHeader(const std::string& key,
+                                     const std::string& value) {
+  this->headerFields[key] = value;
+}
+
+/**
+ * @brief set the custom headers map. This will replace the currently
+ * configured headers with the provided ones. If you want to add additional
+ * headers, use AppendHeader()
+ *
+ * @param headers to set
+ */
+void
+RestClient::Connection::SetHeaders(RestClient::HeaderFields headers) {
+#if __cplusplus >= 201103L
+  this->headerFields = std::move(headers);
+#else
+  this->headerFields = headers;
+#endif
+}
+
+/**
+ * @brief get all custom headers set on the connection
+ *
+ * @returns a RestClient::HeaderFields map containing the custom headers
+ */
+RestClient::HeaderFields
+RestClient::Connection::GetHeaders() {
+  return this->headerFields;
+}
+
+/**
+ * @brief configure whether to follow redirects on this connection
+ *
+ * @param follow - boolean whether to follow redirects
+ * @param maxRedirects - int indicating the maximum number of redirect to follow (-1 unlimited, default)
+ */
+void
+RestClient::Connection::FollowRedirects(bool follow, int maxRedirects) {
+  this->followRedirects = follow;
+  this->maxRedirects = maxRedirects;
+}
+
+/**
+ * @brief set custom user agent for connection. This gets prepended to the
+ * default restclient-cpp/RESTCLIENT_VERSION string
+ *
+ * @param userAgent - custom userAgent prefix
+ *
+ */
+void
+RestClient::Connection::SetUserAgent(const std::string& userAgent) {
+  this->customUserAgent = userAgent;
+}
+
+/**
+ * @brief set custom Certificate Authority (CA) path
+ *
+ * @param caInfoFilePath - The path to a file holding the certificates used to
+ * verify the peer with. See CURLOPT_CAINFO
+ *
+ */
+void
+RestClient::Connection::SetCAInfoFilePath(const std::string& caInfoFilePath) {
+  this->caInfoFilePath = caInfoFilePath;
+}
+
+/**
+ * @brief get the user agent to add to the request
+ *
+ * @return user agent as std::string
+ */
+std::string
+RestClient::Connection::GetUserAgent() {
+  std::string prefix;
+  if (this->customUserAgent.length() > 0) {
+    prefix = this->customUserAgent + " ";
+  }
+  return std::string(prefix + "restclient-cpp/" + RESTCLIENT_VERSION);
+}
+
+/**
+ * @brief set timeout for connection
+ *
+ * @param seconds - timeout in seconds
+ *
+ */
+void
+RestClient::Connection::SetTimeout(int seconds) {
+  this->timeout = seconds;
+}
+
+/**
+ * @brief switch off curl signals for connection (see CURLOPT_NONSIGNAL). By
+ * default signals are used, except when timeout is given.
+ *
+ * @param no - set to true switches signals off
+ *
+ */
+void
+RestClient::Connection::SetNoSignal(bool no) {
+  this->noSignal = no;
+}
+
+/**
+ * @brief set username and password for basic auth
+ *
+ * @param username
+ * @param password
+ *
+ */
+void
+RestClient::Connection::SetBasicAuth(const std::string& username,
+                                     const std::string& password) {
+  this->basicAuth.username = username;
+  this->basicAuth.password = password;
+}
+
+/**
+ * @brief set certificate path
+ *
+ * @param path to certificate file
+ *
+ */
+void
+RestClient::Connection::SetCertPath(const std::string& cert) {
+  this->certPath = cert;
+}
+
+/**
+ * @brief set certificate type
+ *
+ * @param certificate type (e.g. "PEM" or "DER")
+ *
+ */
+void
+RestClient::Connection::SetCertType(const std::string& certType) {
+  this->certType = certType;
+}
+
+/**
+ * @brief set key path
+ *
+ * @param path to key file
+ *
+ */
+void
+RestClient::Connection::SetKeyPath(const std::string& keyPath) {
+  this->keyPath = keyPath;
+}
+
+/**
+ * @brief set key password
+ *
+ * @param key password
+ *
+ */
+void
+RestClient::Connection::SetKeyPassword(const std::string& keyPassword) {
+  this->keyPassword = keyPassword;
+}
+
+/**
+ * @brief set HTTP proxy address and port
+ *
+ * @param proxy address with port number
+ *
+ */
+void
+RestClient::Connection::SetProxy(const std::string& uriProxy) {
+  std::string uriProxyUpper = uriProxy;
+  // check if the provided address is prefixed with "http"
+  std::transform(uriProxyUpper.begin(), uriProxyUpper.end(),
+    uriProxyUpper.begin(), ::toupper);
+
+  if ((uriProxy.length() > 0) && (uriProxyUpper.compare(0, 4, "HTTP") != 0)) {
+    this->uriProxy = "http://" + uriProxy;
+  } else {
+    this->uriProxy = uriProxy;
+  }
+}
+
+/**
+ * @brief set custom Unix socket path for connection.
+ * See https://curl.haxx.se/libcurl/c/CURLOPT_UNIX_SOCKET_PATH.html
+ *
+ * @param unixSocketPath - path to Unix socket (ex: /var/run/docker.sock)
+ *
+ */
+void
+RestClient::Connection::SetUnixSocketPath(const std::string& unixSocketPath) {
+  this->unixSocketPath = unixSocketPath;
+}
+
+
+/**
+ * @brief helper function to get called from the actual request methods to
+ * prepare the curlHandle for transfer with generic options, perform the
+ * request and record some stats from the last request and then reset the
+ * handle with curl_easy_reset to its default state. This will keep things
+ * like connections and session ID intact but makes sure you can change
+ * parameters on the object for another request.
+ *
+ * @param uri URI to query
+ * @param ret Reference to the Response struct that should be filled
+ *
+ * @return 0 on success and 1 on error
+ */
+RestClient::Response
+RestClient::Connection::performCurlRequest(const std::string& uri) {
+  // init return type
+  RestClient::Response ret = {};
+
+  std::string url = std::string(this->baseUrl + uri);
+  std::string headerString;
+  CURLcode res = CURLE_OK;
+  curl_slist* headerList = NULL;
+
+  /** set query URL */
+  curl_easy_setopt(this->curlHandle, CURLOPT_URL, url.c_str());
+  /** set callback function */
+  curl_easy_setopt(this->curlHandle, CURLOPT_WRITEFUNCTION,
+                   Helpers::write_callback);
+  /** set data object to pass to callback function */
+  curl_easy_setopt(this->curlHandle, CURLOPT_WRITEDATA, &ret);
+  /** set the header callback function */
+  curl_easy_setopt(this->curlHandle, CURLOPT_HEADERFUNCTION,
+                   Helpers::header_callback);
+  /** callback object for headers */
+  curl_easy_setopt(this->curlHandle, CURLOPT_HEADERDATA, &ret);
+  /** set http headers */
+  for (HeaderFields::const_iterator it = this->headerFields.begin();
+      it != this->headerFields.end(); ++it) {
+    headerString = it->first;
+    headerString += ": ";
+    headerString += it->second;
+    headerList = curl_slist_append(headerList, headerString.c_str());
+  }
+  curl_easy_setopt(this->curlHandle, CURLOPT_HTTPHEADER,
+      headerList);
+
+  // set basic auth if configured
+  if (this->basicAuth.username.length() > 0) {
+    std::string authString = std::string(this->basicAuth.username + ":" +
+                                         this->basicAuth.password);
+    curl_easy_setopt(this->curlHandle, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
+    curl_easy_setopt(this->curlHandle, CURLOPT_USERPWD, authString.c_str());
+  }
+  /** set user agent */
+  curl_easy_setopt(this->curlHandle, CURLOPT_USERAGENT,
+                   this->GetUserAgent().c_str());
+
+  // set timeout
+  if (this->timeout) {
+    curl_easy_setopt(this->curlHandle, CURLOPT_TIMEOUT, this->timeout);
+    // dont want to get a sig alarm on timeout
+    curl_easy_setopt(this->curlHandle, CURLOPT_NOSIGNAL, 1);
+  }
+  // set follow redirect
+  if (this->followRedirects == true) {
+    curl_easy_setopt(this->curlHandle, CURLOPT_FOLLOWLOCATION, 1L);
+    curl_easy_setopt(this->curlHandle, CURLOPT_MAXREDIRS,
+                     static_cast<int64_t>(this->maxRedirects));
+  }
+
+  if (this->noSignal) {
+    // multi-threaded and prevent entering foreign signal handler (e.g. JNI)
+    curl_easy_setopt(this->curlHandle, CURLOPT_NOSIGNAL, 1);
+  }
+
+  // if provided, supply CA path
+  if (!this->caInfoFilePath.empty()) {
+    curl_easy_setopt(this->curlHandle, CURLOPT_CAINFO,
+                     this->caInfoFilePath.c_str());
+  }
+
+  // set cert file path
+  if (!this->certPath.empty()) {
+    curl_easy_setopt(this->curlHandle, CURLOPT_SSLCERT,
+                     this->certPath.c_str());
+  }
+
+  // set cert type
+  if (!this->certType.empty()) {
+    curl_easy_setopt(this->curlHandle, CURLOPT_SSLCERTTYPE,
+                     this->certType.c_str());
+  }
+  // set key file path
+  if (!this->keyPath.empty()) {
+    curl_easy_setopt(this->curlHandle, CURLOPT_SSLKEY,
+                     this->keyPath.c_str());
+  }
+  // set key password
+  if (!this->keyPassword.empty()) {
+    curl_easy_setopt(this->curlHandle, CURLOPT_KEYPASSWD,
+                     this->keyPassword.c_str());
+  }
+
+  // set web proxy address
+  if (!this->uriProxy.empty()) {
+    curl_easy_setopt(this->curlHandle, CURLOPT_PROXY,
+                     uriProxy.c_str());
+    curl_easy_setopt(this->curlHandle, CURLOPT_HTTPPROXYTUNNEL,
+                     1L);
+  }
+
+  // set Unix socket path, if requested
+  if (!this->unixSocketPath.empty()) {
+    curl_easy_setopt(this->curlHandle, CURLOPT_UNIX_SOCKET_PATH,
+                     this->unixSocketPath.c_str());
+  }
+
+  res = curl_easy_perform(this->curlHandle);
+  if (res != CURLE_OK) {
+    switch (res) {
+      case CURLE_OPERATION_TIMEDOUT:
+        ret.code = res;
+        ret.body = "Operation Timeout.";
+        break;
+      case CURLE_SSL_CERTPROBLEM:
+        ret.code = res;
+        ret.body = curl_easy_strerror(res);
+        break;
+      default:
+        ret.body = "Failed to query.";
+        ret.code = -1;
+    }
+  } else {
+    int64_t http_code = 0;
+    curl_easy_getinfo(this->curlHandle, CURLINFO_RESPONSE_CODE, &http_code);
+    ret.code = static_cast<int>(http_code);
+  }
+
+  curl_easy_getinfo(this->curlHandle, CURLINFO_TOTAL_TIME,
+                    &this->lastRequest.totalTime);
+  curl_easy_getinfo(this->curlHandle, CURLINFO_NAMELOOKUP_TIME,
+                    &this->lastRequest.nameLookupTime);
+  curl_easy_getinfo(this->curlHandle, CURLINFO_CONNECT_TIME,
+                    &this->lastRequest.connectTime);
+  curl_easy_getinfo(this->curlHandle, CURLINFO_APPCONNECT_TIME,
+                    &this->lastRequest.appConnectTime);
+  curl_easy_getinfo(this->curlHandle, CURLINFO_PRETRANSFER_TIME,
+                    &this->lastRequest.preTransferTime);
+  curl_easy_getinfo(this->curlHandle, CURLINFO_STARTTRANSFER_TIME,
+                    &this->lastRequest.startTransferTime);
+  curl_easy_getinfo(this->curlHandle, CURLINFO_REDIRECT_TIME,
+                    &this->lastRequest.redirectTime);
+  curl_easy_getinfo(this->curlHandle, CURLINFO_REDIRECT_COUNT,
+                    &this->lastRequest.redirectCount);
+  // free header list
+  curl_slist_free_all(headerList);
+  // reset curl handle
+  curl_easy_reset(this->curlHandle);
+  return ret;
+}
+
+/**
+ * @brief HTTP GET method
+ *
+ * @param url to query
+ *
+ * @return response struct
+ */
+RestClient::Response
+RestClient::Connection::get(const std::string& url) {
+  return this->performCurlRequest(url);
+}
+/**
+ * @brief HTTP POST method
+ *
+ * @param url to query
+ * @param data HTTP POST body
+ *
+ * @return response struct
+ */
+RestClient::Response
+RestClient::Connection::post(const std::string& url,
+                             const std::string& data) {
+  /** Now specify we want to POST data */
+  curl_easy_setopt(this->curlHandle, CURLOPT_POST, 1L);
+  /** set post fields */
+  curl_easy_setopt(this->curlHandle, CURLOPT_POSTFIELDS, data.c_str());
+  curl_easy_setopt(this->curlHandle, CURLOPT_POSTFIELDSIZE, data.size());
+
+  return this->performCurlRequest(url);
+}
+/**
+ * @brief HTTP PUT method
+ *
+ * @param url to query
+ * @param data HTTP PUT body
+ *
+ * @return response struct
+ */
+RestClient::Response
+RestClient::Connection::put(const std::string& url,
+                            const std::string& data) {
+  /** initialize upload object */
+  RestClient::Helpers::UploadObject up_obj;
+  up_obj.data = data.c_str();
+  up_obj.length = data.size();
+
+  /** Now specify we want to PUT data */
+  curl_easy_setopt(this->curlHandle, CURLOPT_PUT, 1L);
+  curl_easy_setopt(this->curlHandle, CURLOPT_UPLOAD, 1L);
+  /** set read callback function */
+  curl_easy_setopt(this->curlHandle, CURLOPT_READFUNCTION,
+                   RestClient::Helpers::read_callback);
+  /** set data object to pass to callback function */
+  curl_easy_setopt(this->curlHandle, CURLOPT_READDATA, &up_obj);
+  /** set data size */
+  curl_easy_setopt(this->curlHandle, CURLOPT_INFILESIZE,
+                     static_cast<int64_t>(up_obj.length));
+
+  return this->performCurlRequest(url);
+}
+/**
+ * @brief HTTP PATCH method
+ *
+ * @param url to query
+ * @param data HTTP PATCH body
+ *
+ * @return response struct
+ */
+RestClient::Response
+RestClient::Connection::patch(const std::string& url,
+                            const std::string& data) {
+  /** initialize upload object */
+  RestClient::Helpers::UploadObject up_obj;
+  up_obj.data = data.c_str();
+  up_obj.length = data.size();
+
+  /** we want HTTP PATCH */
+  const char* http_patch = "PATCH";
+
+  /** set HTTP PATCH METHOD */
+  curl_easy_setopt(this->curlHandle, CURLOPT_CUSTOMREQUEST, http_patch);
+  curl_easy_setopt(this->curlHandle, CURLOPT_UPLOAD, 1L);
+  /** set read callback function */
+  curl_easy_setopt(this->curlHandle, CURLOPT_READFUNCTION,
+                   RestClient::Helpers::read_callback);
+  /** set data object to pass to callback function */
+  curl_easy_setopt(this->curlHandle, CURLOPT_READDATA, &up_obj);
+  /** set data size */
+  curl_easy_setopt(this->curlHandle, CURLOPT_INFILESIZE,
+                     static_cast<int64_t>(up_obj.length));
+
+  return this->performCurlRequest(url);
+}
+/**
+ * @brief HTTP DELETE method
+ *
+ * @param url to query
+ *
+ * @return response struct
+ */
+RestClient::Response
+RestClient::Connection::del(const std::string& url) {
+  /** we want HTTP DELETE */
+  const char* http_delete = "DELETE";
+
+  /** set HTTP DELETE METHOD */
+  curl_easy_setopt(this->curlHandle, CURLOPT_CUSTOMREQUEST, http_delete);
+
+  return this->performCurlRequest(url);
+}
+
+/**
+ * @brief HTTP HEAD method
+ *
+ * @param url to query
+ *
+ * @return response struct
+ */
+RestClient::Response
+RestClient::Connection::head(const std::string& url) {
+    /** we want HTTP HEAD */
+    const char* http_head = "HEAD";
+
+    /** set HTTP HEAD METHOD */
+    curl_easy_setopt(this->curlHandle, CURLOPT_CUSTOMREQUEST, http_head);
+    curl_easy_setopt(this->curlHandle, CURLOPT_NOBODY, 1L);
+
+    return this->performCurlRequest(url);
+}
+
+/**
+ * @brief HTTP OPTIONS method
+ *
+ * @param url to query
+ *
+ * @return response struct
+ */
+RestClient::Response
+RestClient::Connection::options(const std::string& url) {
+    /** we want HTTP OPTIONS */
+    const char* http_options = "OPTIONS";
+
+    /** set HTTP HEAD METHOD */
+    curl_easy_setopt(this->curlHandle, CURLOPT_CUSTOMREQUEST, http_options);
+    curl_easy_setopt(this->curlHandle, CURLOPT_NOBODY, 1L);
+
+    return this->performCurlRequest(url);
+}
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/source/helpers.cc b/3rdparty/restclient-cpp-0.5.2-fork/source/helpers.cc
new file mode 100644
index 0000000..d1e8b38
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/source/helpers.cc
@@ -0,0 +1,116 @@
+/**
+ * @file helpers.cpp
+ * @brief implementation of the restclient helpers
+ * @author Daniel Schauenberg <d@unwiredcouch.com>
+ */
+
+
+/*
+ * NOTE: This is a modified fork of the original to limit max response header sizes
+ */
+
+#include "restclient-cpp/helpers.h"
+
+#include <cstring>
+
+#include "restclient-cpp/restclient.h"
+
+/**
+ * @brief write callback function for libcurl
+ *
+ * @param data returned data of size (size*nmemb)
+ * @param size size parameter
+ * @param nmemb memblock parameter
+ * @param userdata pointer to user data to save/work with return data
+ *
+ * @return (size * nmemb)
+ */
+size_t RestClient::Helpers::write_callback(void *data, size_t size,
+                                           size_t nmemb, void *userdata) {
+  RestClient::Response* r;
+  r = reinterpret_cast<RestClient::Response*>(userdata);
+  size_t n_bytes = size * nmemb;
+
+  if (r->body.length() + n_bytes > static_cast<size_t>(Limits::ResponseSize))
+  {
+      return 0;
+  }
+  r->body.append(reinterpret_cast<char*>(data), n_bytes);
+  return (n_bytes);
+}
+
+/**
+ * @brief header callback for libcurl
+ *
+ * @param data returned (header line)
+ * @param size of data
+ * @param nmemb memblock
+ * @param userdata pointer to user data object to save headr data
+ * @return size * nmemb;
+ */
+size_t RestClient::Helpers::header_callback(void *data, size_t size,
+                                            size_t nmemb, void *userdata) {
+  
+  RestClient::Response* r;
+  size_t n_bytes = size * nmemb;
+ 
+
+  r = reinterpret_cast<RestClient::Response*>(userdata);
+  // Enforce max headers size
+  size_t size_so_far = 0;
+  for (const auto& header : r->headers)
+  {
+      size_so_far = header.first.length() + header.second.length();
+  }
+  
+  if (size_so_far + n_bytes > static_cast<size_t>(Limits::HeaderSize))
+  {
+      return 0; 
+  }
+
+  std::string header(reinterpret_cast<char*>(data), n_bytes);
+  size_t seperator = header.find_first_of(':');
+  if ( std::string::npos == seperator ) {
+    // roll with non seperated headers...
+    trim(header);
+    if (0 == header.length()) {
+      return (n_bytes);  // blank line;
+    }
+    r->headers[header] = "present";
+  } else {
+    std::string key = header.substr(0, seperator);
+    trim(key);
+    std::string value = header.substr(seperator + 1);
+    trim(value);
+    r->headers[key] = value;    
+  }
+
+  return (n_bytes);
+}
+
+/**
+ * @brief read callback function for libcurl
+ *
+ * @param data pointer of max size (size*nmemb) to write data to
+ * @param size size parameter
+ * @param nmemb memblock parameter
+ * @param userdata pointer to user data to read data from
+ *
+ * @return (size * nmemb)
+ */
+size_t RestClient::Helpers::read_callback(void *data, size_t size,
+                                          size_t nmemb, void *userdata) {
+  /** get upload struct */
+  RestClient::Helpers::UploadObject* u;
+  u = reinterpret_cast<RestClient::Helpers::UploadObject*>(userdata);
+  /** set correct sizes */
+  size_t curl_size = size * nmemb;
+  size_t copy_size = (u->length < curl_size) ? u->length : curl_size;
+  /** copy data to buffer */
+  std::memcpy(data, u->data, copy_size);
+  /** decrement length and increment data pointer */
+  u->length -= copy_size;
+  u->data += copy_size;
+  /** return copied size */
+  return copy_size;
+}
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/source/restclient.cc b/3rdparty/restclient-cpp-0.5.2-fork/source/restclient.cc
new file mode 100644
index 0000000..ed0fe86
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/source/restclient.cc
@@ -0,0 +1,189 @@
+/**
+ * @file restclient.cpp
+ * @brief implementation of the restclient class
+ *
+ * This just provides static wrappers around the Connection class REST
+ * methods. However since I didn't want to have to pull in a whole URI parsing
+ * library just now, the Connection constructor is passed an empty string and
+ * the full URL is passed to the REST methods. All those methods to is
+ * concatenate them anyways. So this should do for now.
+ *
+ * @author Daniel Schauenberg <d@unwiredcouch.com>
+ */
+
+#include "restclient-cpp/restclient.h"
+
+#include <curl/curl.h>
+#if __cplusplus >= 201402L
+#include <memory>
+#endif
+
+#include "restclient-cpp/version.h"
+#include "restclient-cpp/connection.h"
+
+/**
+ * @brief global init function. Call this before you start any threads.
+ */
+int RestClient::init() {
+  CURLcode res = curl_global_init(CURL_GLOBAL_ALL);
+  if (res == CURLE_OK) {
+    return 0;
+  } else {
+    return 1;
+  }
+}
+
+/**
+ * @brief global disable function. Call this before you terminate your
+ * program.
+ */
+void RestClient::disable() {
+  curl_global_cleanup();
+}
+
+/**
+ * @brief HTTP GET method
+ *
+ * @param url to query
+ *
+ * @return response struct
+ */
+RestClient::Response RestClient::get(const std::string& url) {
+#if __cplusplus >= 201402L
+  auto conn = std::make_unique<RestClient::Connection>("");
+  return conn->get(url);
+#else
+  RestClient::Response ret;
+  RestClient::Connection *conn = new RestClient::Connection("");
+  ret = conn->get(url);
+  delete conn;
+  return ret;
+#endif
+}
+
+/**
+ * @brief HTTP POST method
+ *
+ * @param url to query
+ * @param ctype content type as string
+ * @param data HTTP POST body
+ *
+ * @return response struct
+ */
+RestClient::Response RestClient::post(const std::string& url,
+                                      const std::string& ctype,
+                                      const std::string& data) {
+#if __cplusplus >= 201402L
+  auto conn = std::make_unique<RestClient::Connection>("");
+  conn->AppendHeader("Content-Type", ctype);
+  return conn->post(url, data);
+#else
+  RestClient::Response ret;
+  RestClient::Connection *conn = new RestClient::Connection("");
+  conn->AppendHeader("Content-Type", ctype);
+  ret = conn->post(url, data);
+  delete conn;
+  return ret;
+#endif
+}
+
+/**
+ * @brief HTTP PUT method
+ *
+ * @param url to query
+ * @param ctype content type as string
+ * @param data HTTP PUT body
+ *
+ * @return response struct
+ */
+RestClient::Response RestClient::put(const std::string& url,
+                                     const std::string& ctype,
+                                     const std::string& data) {
+#if __cplusplus >= 201402L
+  auto conn = std::make_unique<RestClient::Connection>("");
+  conn->AppendHeader("Content-Type", ctype);
+  return conn->put(url, data);
+#else
+  RestClient::Response ret;
+  RestClient::Connection *conn = new RestClient::Connection("");
+  conn->AppendHeader("Content-Type", ctype);
+  ret = conn->put(url, data);
+  delete conn;
+  return ret;
+#endif
+}
+
+/**
+ * @brief HTTP PATCH method
+ *
+ * @param url to query
+ * @param ctype content type as string
+ * @param data HTTP PATCH body
+ *
+ * @return response struct
+ */
+RestClient::Response RestClient::patch(const std::string& url,
+                                     const std::string& ctype,
+                                     const std::string& data) {
+  RestClient::Response ret;
+  RestClient::Connection *conn = new RestClient::Connection("");
+  conn->AppendHeader("Content-Type", ctype);
+  ret = conn->patch(url, data);
+  delete conn;
+  return ret;
+}
+
+/**
+ * @brief HTTP DELETE method
+ *
+ * @param url to query
+ *
+ * @return response struct
+ */
+RestClient::Response RestClient::del(const std::string& url) {
+#if __cplusplus >= 201402L
+  auto conn = std::make_unique<RestClient::Connection>("");
+  return conn->del(url);
+#else
+  RestClient::Response ret;
+  RestClient::Connection *conn = new RestClient::Connection("");
+  ret = conn->del(url);
+  delete conn;
+  return ret;
+#endif
+}
+
+/**
+ * @brief HTTP HEAD method
+ *
+ * @param url to query
+ *
+ * @return response struct
+ */
+RestClient::Response RestClient::head(const std::string& url) {
+#if __cplusplus >= 201402L
+  auto conn = std::make_unique<RestClient::Connection>("");
+  return conn->head(url);
+#else
+  RestClient::Response ret;
+  RestClient::Connection *conn = new RestClient::Connection("");
+  ret = conn->head(url);
+  delete conn;
+  return ret;
+#endif
+}
+
+/**
+ * @brief HTTP OPTIONS method
+ *
+ * @param url to query
+ *
+ * @return response struct
+ */
+RestClient::Response RestClient::options(const std::string& url) {
+  RestClient::Response ret;
+  RestClient::Connection *conn = new RestClient::Connection("");
+  ret = conn->options(url);
+  delete conn;
+  return ret;
+}
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/utils/build_gtest.sh b/3rdparty/restclient-cpp-0.5.2-fork/utils/build_gtest.sh
new file mode 100644
index 0000000..f791299
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/utils/build_gtest.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+cd vendor/gtest-1.7.0
+autoreconf -i
+./configure
+
+which -s gmake && gmake || make
diff --git a/3rdparty/restclient-cpp-0.5.2-fork/utils/runldconfig.sh b/3rdparty/restclient-cpp-0.5.2-fork/utils/runldconfig.sh
new file mode 100644
index 0000000..4be8c58
--- /dev/null
+++ b/3rdparty/restclient-cpp-0.5.2-fork/utils/runldconfig.sh
@@ -0,0 +1,2 @@
+#!/bin/sh
+/sbin/ldconfig
diff --git a/CMakeLists.txt b/CMakeLists.txt
index e8d6cf6..44c776a 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,4 +1,4 @@
-cmake_minimum_required(VERSION 3.10.2)
+cmake_minimum_required(VERSION 3.14)
 
 include(cmake/Version.cmake)
 rsid_extract_version()
@@ -23,6 +23,12 @@ if (CCACHE_PROGRAM)
     message(STATUS "CCache found!")
 endif ()
 
+if (CMAKE_VERSION VERSION_GREATER_EQUAL "3.24.0")
+	# set the timestamps of extracted contents to the time of extraction when using FetchContent() 
+	# in order to avoid DOWNLOAD_EXTRACT_TIMESTAMP warning
+    cmake_policy(SET CMP0135 NEW)
+endif()
+
 # Global properties
 set(LIBRSID_CPP_TARGET rsid)
 set(LIBRSID_C_TARGET rsid_c)
@@ -60,6 +66,8 @@ option(RSID_DEBUG_VALUES "Replace default common values with debug ones" OFF)
 option(RSID_PREVIEW "Enable preview" OFF)
 option(RSID_SAMPLES "Build samples" OFF)
 option(RSID_TIDY "Enable clang-tidy" OFF)
+option(RSID_PEDANTIC "Enable extra compiler warnings" OFF)
+option(RSID_PROTECT_STACK "Enable stack protection compiler flags" OFF)
 option(RSID_DOXYGEN "Build doxygen docs" OFF)
 option(RSID_SECURE "Enable secure communication with device" OFF)
 option(RSID_TOOLS "Build additional tools" ON)
@@ -76,6 +84,9 @@ if(RSID_TIDY)
     message(STATUS "Enabled clang-tidy")
 endif()
 
+# extra warning flags support if RSID_PEDANTIC is ON
+include("${CMAKE_CURRENT_SOURCE_DIR}/cmake/flags.cmake")
+
 set(THIRD_PARTY_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}/3rdparty")
 
 # Paths for lib, bin, install, etc.
@@ -86,11 +97,17 @@ set(CMAKE_LIBRARY_OUTPUT_DIRECTORY "${LIBS_OUTPUT_PATH}")
 set(CMAKE_ARCHIVE_OUTPUT_DIRECTORY "${LIBS_OUTPUT_PATH}")    
 SET(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/lib")
 
-
+include(cmake/libcurl.cmake)
+include(cmake/restClient.cmake)
+include(cmake/nlohmann-json.cmake)
+include(cmake/base64_hpp.cmake)
 include(cmake/OS.cmake)
 include(cmake/SpdLog.cmake)
+if(MSVC)
+    include(cmake/winreg.cmake)
+endif()
 
-if(RSID_SECURE)
+if(RSID_SECURE OR RSID_MOCK_LICENSE)
     include(cmake/Mbedtls.cmake)
 endif()
 
@@ -119,3 +136,6 @@ add_subdirectory(wrappers)
 if(RSID_INSTALL)
     include (cmake/Install.cmake)
 endif()
+
+include(FeatureSummary)
+feature_summary(WHAT ALL)
diff --git a/LicenseNotices/HEADER.pdf b/LicenseNotices/HEADER.pdf
deleted file mode 100644
index 08d6500..0000000
Binary files a/LicenseNotices/HEADER.pdf and /dev/null differ
diff --git a/LicenseNotices/Intel Copyrights.pdf b/LicenseNotices/Intel Copyrights.pdf
new file mode 100644
index 0000000..126fa9b
Binary files /dev/null and b/LicenseNotices/Intel Copyrights.pdf differ
diff --git a/LicenseNotices/LICENSE b/LicenseNotices/LICENSE
new file mode 100644
index 0000000..af25675
--- /dev/null
+++ b/LicenseNotices/LICENSE
@@ -0,0 +1,37 @@
+Apache License
+Version 2.0, January 2004
+
+http://www.apache.org/licenses/
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+1. Definitions.
+"License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document.
+"Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License.
+"Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity.
+"You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License.
+"Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files.
+"Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types.
+"Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below).
+"Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof.
+"Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution."
+"Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work.
+2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form.
+3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed.
+4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions:
+a.	You must give any other recipients of the Work or Derivative Works a copy of this License; and
+
+b.	You must cause any modified files to carry prominent notices stating that You changed the files; and
+
+c.	You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and
+
+d.	If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License.
+You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License.
+5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions.
+6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file.
+7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License.
+8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages.
+9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability.
+END OF TERMS AND CONDITIONS
+APPENDIX: How to apply the Apache License to your work
+To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives.
+Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
+
diff --git a/LicenseNotices/TPP for Intel RealSense ID Vision Library Open Source.pdf b/LicenseNotices/TPP for Intel RealSense ID Vision Library Open Source.pdf
new file mode 100644
index 0000000..50991a5
Binary files /dev/null and b/LicenseNotices/TPP for Intel RealSense ID Vision Library Open Source.pdf differ
diff --git a/LicenseNotices/android/Intel RealSense ID Vision Library Android Open Source tpp.pdf b/LicenseNotices/android/Intel RealSense ID Vision Library Android Open Source tpp.pdf
deleted file mode 100644
index 05d0e2f..0000000
Binary files a/LicenseNotices/android/Intel RealSense ID Vision Library Android Open Source tpp.pdf and /dev/null differ
diff --git a/LicenseNotices/fw/Intel RealSense ID Vision Library Open Source.pdf b/LicenseNotices/fw/Intel RealSense ID Vision Library Open Source.pdf
deleted file mode 100644
index 36aea15..0000000
Binary files a/LicenseNotices/fw/Intel RealSense ID Vision Library Open Source.pdf and /dev/null differ
diff --git "a/LicenseNotices/fw/OBL license for Intel RealSense\342\204\242 ID Vision Library for Face Authentication (BAO 3.8.21) 1.pdf" "b/LicenseNotices/fw/OBL license for Intel RealSense\342\204\242 ID Vision Library for Face Authentication (BAO 3.8.21) 1.pdf"
new file mode 100644
index 0000000..731274e
Binary files /dev/null and "b/LicenseNotices/fw/OBL license for Intel RealSense\342\204\242 ID Vision Library for Face Authentication (BAO 3.8.21) 1.pdf" differ
diff --git a/LicenseNotices/fw/TPP for Intel RealSense ID Vision Library FW.pdf b/LicenseNotices/fw/TPP for Intel RealSense ID Vision Library FW.pdf
new file mode 100644
index 0000000..6eac0fd
Binary files /dev/null and b/LicenseNotices/fw/TPP for Intel RealSense ID Vision Library FW.pdf differ
diff --git a/LicenseNotices/fw/tpp_readme.txt b/LicenseNotices/fw/tpp_readme.txt
deleted file mode 100644
index 83def1e..0000000
--- a/LicenseNotices/fw/tpp_readme.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-Please notice that third party programs are specified in the "Intel RealSense ID Vision Library Open Source.pdf" file.
-Only the following components are included in the firmware:
-
-
-iCatch Technology, Inc. iCatch SDK - iCatch SDK License Agreement April 2020
-mbed TLS - Apache License 2.0
-MicrochipTech cryptoauthlib	- Microchip Technology Cryptoauthlib License
-nlohmann-json - MIT License
-Open Computer Vision Library (OpenCV) - BSD 3-clause "New" or "Revised" License
-spdlog - MIT License
diff --git a/LicenseNotices/windows/Intel RealSense ID Vision Library Windows Open Source.pdf b/LicenseNotices/windows/Intel RealSense ID Vision Library Windows Open Source.pdf
deleted file mode 100644
index 36aea15..0000000
Binary files a/LicenseNotices/windows/Intel RealSense ID Vision Library Windows Open Source.pdf and /dev/null differ
diff --git a/Readme.md b/Readme.md
index 59a7ff8..74f7786 100644
--- a/Readme.md
+++ b/Readme.md
@@ -1,5 +1,17 @@
 # Intel® RealSense™ ID Solution for Facial Authentication
 
+## Table of Contents
+1. [Overview](#overview)
+2. [Platforms](#platforms)
+3. [Building](#building)
+4. [Sample Code](#sample-code)
+5. [Secure Communication](#secure-communication)
+6. [Server and Device APIs](#server-and-device-apis)
+7. [Project Structure](#project-structure)
+8. [Setting Product Key](#setting-product-key)
+9. [License](#license)
+9. [Intel RealSense ID F450 and F455 Architecure Diagram](#intel-realsense-id-f450-and-f455-architecure-diagram)
+
 ## Overview
 Intel RealSense ID is your trusted facial authentication on-device solution.
 
@@ -55,7 +67,7 @@ For additional languages, build instruction and detailed code please see our cod
 
 ## Secure Communication
 The library can be compiled in secure mode. Once paired with the device, all communications will be protected.
-If you wish to get back to non-secure communications, you must first un-pair your device.
+If you wish to get back to non-secure communcations, you must first unpair your device.
 
 Cryptographic algorithms that are used for session protection:
 * Message signing - ECDSA P-256 (secp256-r1).
@@ -242,7 +254,7 @@ class MyAuthClbk : public RealSenseID::AuthenticationCallback
 {
 public:
     // Called when result is available for a detected face.
-    // If the status==AuthenticateStatus::Success then the user_id will point to c string of the authenticated user id.
+    // If the status==AuthenticateStatus::Success then the user_id will point to c string of the authenenticated user id.
     void OnResult(const RealSenseID::AuthenticateStatus status, const char* user_id) override
     {
         if (status == RealSenseID::AuthenticateStatus::Success)
@@ -278,7 +290,6 @@ MyAuthClbk auth_clbk;
 Status status = authenticator.AuthenticateLoop(auth_clbk);
 ```
 
-
 ##### Device Configuration API
 The device operation can be configured by passing the [DeviceConfig](include/RealSenseID/DeviceConfig.h) struct to the ```FaceAuthenticator::SetDeviceConfig(const DeviceConfig&)``` function.
 
@@ -380,7 +391,6 @@ const char* user_id = "John";
 bool success = authenticator.RemoveUser(user_id);
 ```
 
-
 #### DeviceController
 ##### Connect / Disconnect
 Connects host to device using USB (```RealSenseID::SerialType::USB```) or UART interfaces (```RealSenseID::SerialType::UART```).
@@ -426,7 +436,7 @@ struct RSID_API PreviewConfig
 ```
 Notes:
 * The rotation used by algorithm is based only on DeviceConfig.camera_rotation attribute.
-* Independently, you can choose each preview mode (except raw) to be portrait or non-portrait. 
+* Indepedently, you can choose each preview mode (except raw) to be portrait or non-portrait. 
 * Keep in mind that if you want preview to match algo:  
 CameraRotation::Rotation_0_Deg and CameraRotation::Rotation_180_Deg is for portraitMode == true.(default)  
 CameraRotation::Rotation_90_Deg and CameraRotation::Rotation_270_Deg is for portraitMode == false.
@@ -439,7 +449,7 @@ For Linux, Metadata is supported on kernels 4.16 + only.
 
 The timestamps can be acquired in OnPreviewImageReady under *image.metadata.timestamp* . Other metadata isn't valid.
 
-more information about metadata on Windows can be found in [microsoft uvc documentation](https://docs.microsoft.com/en-us/windows-hardware/drivers/stream/uvc-extensions-1-5#2211-still-image-capture--method-2)
+more information about metadata on Windows can be found in [microsoft uvc documetnation](https://docs.microsoft.com/en-us/windows-hardware/drivers/stream/uvc-extensions-1-5#2211-still-image-capture--method-2)
 
 ##### StartPreview
 Starts preview. Callback function that is provided as parameter will be invoked for a newly arrived image and can be rendered by your application.
@@ -630,8 +640,97 @@ Packet structure base. We have 2 types of packets:
 * DataPacket - Payload contains data buffer.
 * FaPacket - Payload contains user id and status.
 
+## Setting Product Key
+### Windows
+Users need to obtain license key from the RealSense licensing portal. If the user obtains a license key
+`ac87f323-1a91-4959-abe8-488fb5df5f12`, user can set license/product key in Windows using PowerShell as follows:
+* Open PowerShell <b>as administrator</b>
+* Create registry Key
+```
+New-Item -Path "HKLM:\Software\Intel\VisionPlatform"
+```
+* Set registry value example
+```
+Set-ItemProperty -Path "HKLM:\Software\Intel\VisionPlatform" -Name "License" -Value "ac87f323-1a91-4959-abe8-488fb5df5f12"
+```
+* Verify that the value has been correctly set by issuing the command:
+```
+Get-ItemPropertyValue  -Path "HKLM:\Software\Intel\VisionPlatform\" -Name License
+```
+The license key should be printed out.
+
+### Linux
+Same as with Windows, users need to obtain the license key from the RealSense licensing portal. If the user obtains a 
+license key `ac87f323-1a91-4959-abe8-488fb5df5f12`, user can set the license/product key as follows:
+
+The library will check for a `license.json` file in the following directories in the following order: 
+1. In user home folder: `~/.intel/visionplatform/license.json`
+2. In system folder: `/etc/intel/visionplatform/license.json` 
+
+If the file is present and readable in any of the directories, the file will be parsed and the `license_key` will be
+utilized. 
+The file should look like the following:
+```json
+{
+    "license_key": "ac87f323-1a91-4959-abe8-488fb5df5f12"
+}
+```
+
+NOTE: When running with `sudo`, the home directory path will be `/root/.intel/visionplatform/license.json`. 
+In which case it is advisable to use the system path `/etc/intel/..` instead of the user path `~/.intel/..` 
+
+## UpdateChecker API
+You can use the [UpdateChecker](include/RealSenseID/UpdateChecker.h) API to obtain latest release info from the web. 
+
+The following example verifies whether a new firmware or host library is available, and prints the release and release notes URLs.
+
+```c++
+void check_for_updates(const RealSenseID::SerialConfig& serial_config)
+{
+    auto update_checker = RealSenseID::UpdateCheck::UpdateChecker();
+    RealSenseID::UpdateCheck::ReleaseInfo remote {};
+    RealSenseID::UpdateCheck::ReleaseInfo local {};    
+    auto status1 = update_checker.GetRemoteReleaseInfo(remote);
+    auto status2 = update_checker.GetLocalReleaseInfo(serial_config, local);
+    if (status1 != RealSenseID::Status::Ok || status2 != RealSenseID::Status::Ok)
+    {
+       throw std::runtime_error("Failed to fetch release info");
+    }
+
+    bool update_available = (remote.sw_version > local.sw_version) || (remote.fw_version > local.fw_version);
+    if (update_available)
+    {
+        std::cout << "Update available\n";
+        std::cout << " * Release notes: " << remote.release_notes_url << std::endl;
+        std::cout << " * Update URL: " << remote.release_url << std::endl;
+    }
+    else
+    {
+        std::cout << "No updates available\n";
+    }
+}
+```
+
+## Proxy Setup
+License verification and UpdateChecker are built on top of libcurl and will honor the curl environment variables proxy settings:
+
+Linux:
+``` console
+export http_proxy="http://user:pwd@proxy:port"
+export https_proxy="http://user:pwd@proxy:port"
+```
+
+Windows PowerShell:
+``` console
+$env:http_proxy="http://user:pwd@proxy:port"
+$env:https_proxy="http://user:pwd@proxy:port"
+```
+
+
+3. Please refer to the main documentation for libcurl proxy configuration here: [Everything CURL/Proxies](https://everything.curl.dev/transfers/conn/proxies)
+
 ## License
 This project is licensed under Apache 2.0 license. Relevant license info can be found in "License Notices" folder.
 
-## Intel RealSense ID F450 and F455 Architecure Diagram
+## Intel RealSense ID F450 and F455 Architecture Diagram
 ![plot](./docs/F450_Architecture.png?raw=true)
diff --git a/cmake/Mbedtls.cmake b/cmake/Mbedtls.cmake
index 993e11f..9e114b1 100644
--- a/cmake/Mbedtls.cmake
+++ b/cmake/Mbedtls.cmake
@@ -1,14 +1,24 @@
-set(USE_STATIC_MBEDTLS_LIBRARY ON CACHE BOOL "Build mbed TLS static library.")
-set(INSTALL_MBEDTLS_HEADERS OFF CACHE BOOL "Install mbed TLS headers.")
-set(ENABLE_PROGRAMS OFF CACHE BOOL "Build mbed TLS programs.")
-set(ENABLE_TESTING OFF CACHE BOOL "Build mbed TLS tests.")
+function(add_mbedtls_subdirectory)
+	set(USE_STATIC_MBEDTLS_LIBRARY ON CACHE BOOL "Build mbed TLS static library.")
+	set(INSTALL_MBEDTLS_HEADERS OFF CACHE BOOL "Install mbed TLS headers.")
+	set(ENABLE_PROGRAMS OFF CACHE BOOL "Build mbed TLS programs.")
+	set(ENABLE_TESTING OFF CACHE BOOL "Build mbed TLS tests.")
 
-add_subdirectory("${THIRD_PARTY_DIRECTORY}/mbedtls-2.25.0")
+	# prevent warning about empty PROJECT_VERSION vars
+	set(CMAKE_POLICY_DEFAULT_CMP0048 NEW)
+	add_subdirectory("${THIRD_PARTY_DIRECTORY}/mbedtls-2.28.7")
 
-add_library(mbedtls::mbedtls ALIAS mbedtls)
+	add_library(mbedtls::mbedtls ALIAS mbedtls)
 
-set_target_properties(mbedtls PROPERTIES FOLDER "external/mbedtls")
-set_target_properties(mbedcrypto PROPERTIES FOLDER "external/mbedtls")
-set_target_properties(mbedx509 PROPERTIES FOLDER "external/mbedtls")
-set_target_properties(lib PROPERTIES FOLDER "external/mbedtls")
-set_target_properties(apidoc PROPERTIES FOLDER "external/mbedtls")
+	set_target_properties(mbedtls PROPERTIES FOLDER "external/mbedtls")
+	set_target_properties(mbedcrypto PROPERTIES FOLDER "external/mbedtls")
+	set_target_properties(mbedx509 PROPERTIES FOLDER "external/mbedtls")
+	set_target_properties(lib PROPERTIES FOLDER "external/mbedtls")
+	set_target_properties(apidoc PROPERTIES FOLDER "external/mbedtls")
+
+	if(UNIX)
+		target_compile_options(mbedtls PRIVATE "-Wno-stringop-overflow")
+	endif()
+endfunction()
+
+add_mbedtls_subdirectory()
diff --git a/cmake/SpdLog.cmake b/cmake/SpdLog.cmake
index 11f3aa9..451e12a 100644
--- a/cmake/SpdLog.cmake
+++ b/cmake/SpdLog.cmake
@@ -1,3 +1,7 @@
 add_library(spdlog_iterface INTERFACE)
 target_include_directories(spdlog_iterface INTERFACE "${THIRD_PARTY_DIRECTORY}/spdlog_1_8_0/include")
 add_library(spdlog::spdlog ALIAS spdlog_iterface)
+
+if(MSVC)
+   add_compile_definitions(_SILENCE_STDEXT_ARR_ITERS_DEPRECATION_WARNING)
+endif()
diff --git a/cmake/base64_hpp.cmake b/cmake/base64_hpp.cmake
new file mode 100644
index 0000000..14e149e
--- /dev/null
+++ b/cmake/base64_hpp.cmake
@@ -0,0 +1,4 @@
+add_library(mvorbrodt_base64 INTERFACE)
+add_library(mvorbrodt_base64::headeronly ALIAS mvorbrodt_base64)
+target_include_directories(mvorbrodt_base64 INTERFACE "${THIRD_PARTY_DIRECTORY}/mvorbrodt_base64")
+
diff --git a/cmake/flags.cmake b/cmake/flags.cmake
new file mode 100644
index 0000000..adfa2c1
--- /dev/null
+++ b/cmake/flags.cmake
@@ -0,0 +1,29 @@
+function(set_common_compile_opts target)
+	set(OPTS)
+	if(RSID_PEDANTIC)				
+		if(CMAKE_CXX_COMPILER_ID MATCHES "Clang|AppleClang|GNU")
+			list(APPEND OPTS "-Wall" "-Wextra" "-Wconversion" "-pedantic" "-Wno-unused-variable")
+		elseif(CMAKE_CXX_COMPILER_ID STREQUAL "MSVC")
+			list(APPEND OPTS "/W4")
+		else()
+			message(WARNING "Cannot add extra compiler flags. Unsupported compiler detected: ${CMAKE_CXX_COMPILER_ID}")
+		endif()
+		
+	endif()
+		
+	if(RSID_PROTECT_STACK)
+		if(CMAKE_CXX_COMPILER_ID MATCHES "Clang|AppleClang|GNU")
+			list(APPEND OPTS "-fstack-protector-strong")
+		elseif(CMAKE_CXX_COMPILER_ID STREQUAL "MSVC")
+			list(APPEND OPTS "/GS") # Guard stack
+		else()
+			message(WARNING "Cannot add stack protection compiler flags. Unsupported compiler detected: ${CMAKE_CXX_COMPILER_ID}")
+		endif()				
+	endif()
+	
+	if(OPTS)
+		target_compile_options(${target} PRIVATE ${OPTS})
+		message(STATUS "${target} extra flags: ${OPTS}")
+	endif()
+endfunction()
+
diff --git a/cmake/libcurl.cmake b/cmake/libcurl.cmake
new file mode 100644
index 0000000..4c0b36d
--- /dev/null
+++ b/cmake/libcurl.cmake
@@ -0,0 +1,69 @@
+if (WIN32)
+    include(FetchContent REQUIRED)
+    
+    find_package(CURL QUIET NO_DEFAULT_PATH HINTS ${CMAKE_BINARY_DIR}/libcurl)
+
+    if(NOT CURL_FOUND)
+        message(STATUS "Building libcurl")
+
+        FetchContent_Declare(
+                libcurl
+                URL https://github.com/curl/curl/releases/download/curl-8_5_0/curl-8.5.0.tar.xz
+                URL_HASH  SHA256=42ab8db9e20d8290a3b633e7fbb3cec15db34df65fd1015ef8ac1e4723750eeb
+        )
+
+        FetchContent_GetProperties(libcurl)
+        if(NOT libcurl_POPULATED)
+            message(STATUS "Fetching libcurl")
+            set(FETCHCONTENT_QUIET NO)
+            FetchContent_Populate(libcurl)
+
+            message(STATUS "Configuring libcurl in  ${libcurl_BINARY_DIR}")
+            execute_process(
+                    COMMAND ${CMAKE_COMMAND}
+                    -DBUILD_CURL_EXE:BOOL=OFF
+                    -DBUILD_SHARED_LIBS:BOOL=OFF
+                    -DCURL_USE_SCHANNEL=ON
+                    -DCURL_WINDOWS_SSPI=ON
+                    -DHTTP_ONLY=ON
+                    -DCURL_DISABLE_NTLM=ON
+                    -DCURL_DISABLE_KERBEROS_AUTH=ON
+                    -DCURL_USE_LIBSSH2=OFF
+                    -DCURL_USE_LIBPSL=OFF
+                    -DCURL_USE_GSSAPI=OFF
+                    -DCURL_ZLIB:BOOL=OFF
+                    -DCURL_BROTLI=OFF
+                    -DCURL_ZSTD=OFF
+                    -DENABLE_IPV6=OFF
+                    -DCMAKE_INSTALL_PREFIX=${CMAKE_BINARY_DIR}/libcurl
+                    ${libcurl_SOURCE_DIR}
+                    WORKING_DIRECTORY ${libcurl_BINARY_DIR}
+            )
+
+            message(STATUS "Building / installing libcurl")
+            file(MAKE_DIRECTORY ${CMAKE_BINARY_DIR}/libcurl)
+            execute_process(
+                    COMMAND ${CMAKE_COMMAND} --build . --target install --config Release
+                    WORKING_DIRECTORY ${libcurl_BINARY_DIR}
+            )
+        endif()
+    endif()
+
+    find_package(CURL REQUIRED NO_DEFAULT_PATH HINTS ${CMAKE_BINARY_DIR}/libcurl)
+else()
+    find_package(CURL QUIET)
+    if(CURL_FOUND)
+    else()
+        message(FATAL_ERROR "Could not find CURL. On Debian/Ubuntu, you need to do the following:
+        > sudo apt-get update   # First: Update package repository
+
+        # Then install one of the following packages (only one):
+        > sudo apt-get install libcurl4-openssl-dev     # Most likely choice
+        or
+        > sudo apt-get install libcurl4-gnutls-dev
+        or
+        > sudo apt-get install libcurl4-nss-dev
+        .")
+    endif()
+endif(WIN32)
+
diff --git a/cmake/libjepg-turbo.cmake b/cmake/libjepg-turbo.cmake
index f918dd3..6f94d26 100644
--- a/cmake/libjepg-turbo.cmake
+++ b/cmake/libjepg-turbo.cmake
@@ -1,11 +1,21 @@
-set(ENABLE_SHARED OFF CACHE BOOL "ENABLE SHARED JPEG TURBO")
-set(WITH_TURBOJPEG OFF CACHE BOOL "ENABLE TURBOJPEG API")
-set(WITH_CRT_DLL ON CACHE BOOL "ENABLE CRT DLL")
-set(WITH_SIMD OFF CACHE BOOL "ENABLE SIMD")
+include(ExternalProject)
 
-# prevent warning about empty PROJECT_VERSION vars
-set(CMAKE_POLICY_DEFAULT_CMP0048 NEW)
+set(LIBJPEG_TURBO_INSTALL_DIR "${CMAKE_BINARY_DIR}/_deps/libjpeg-turbo-build/${CMAKE_BUILD_TYPE}")
 
-add_subdirectory(${THIRD_PARTY_DIRECTORY}/libjpeg-turbo_2_1_0 EXCLUDE_FROM_ALL)
-set_target_properties(jpeg-static PROPERTIES FOLDER "external/libjpeg-turbo")
-set_target_properties(simd PROPERTIES FOLDER "external/libjpeg-turbo")
+ExternalProject_Add(
+        libjpeg-turbo
+		PREFIX _deps/libjpeg-turbo
+        URL https://github.com/libjpeg-turbo/libjpeg-turbo/releases/download/3.0.2/libjpeg-turbo-3.0.2.tar.gz
+        URL_HASH SHA256=c2ce515a78d91b09023773ef2770d6b0df77d674e144de80d63e0389b3a15ca6        
+		EXCLUDE_FROM_ALL 		
+		 CMAKE_ARGS
+			-DENABLE_SHARED=OFF
+			-DWITH_TURBOJPEG=OFF
+			-DWITH_CRT_DLL=ON
+			-DWITH_SIMD=OFF						
+			-DCMAKE_POSITION_INDEPENDENT_CODE=ON
+			-DCMAKE_INSTALL_PREFIX=${LIBJPEG_TURBO_INSTALL_DIR}
+)
+
+
+set_target_properties(libjpeg-turbo PROPERTIES FOLDER "external/libjpeg-turbo")
\ No newline at end of file
diff --git a/cmake/nlohmann-json.cmake b/cmake/nlohmann-json.cmake
new file mode 100644
index 0000000..1aec0f4
--- /dev/null
+++ b/cmake/nlohmann-json.cmake
@@ -0,0 +1,8 @@
+include(FetchContent REQUIRED)
+
+# Fetch nlohman json
+FetchContent_Declare(json
+        URL https://github.com/nlohmann/json/releases/download/v3.11.3/json.tar.xz
+        URL_HASH  SHA256=d6c65aca6b1ed68e7a182f4757257b107ae403032760ed6ef121c9d55e81757d
+)
+FetchContent_MakeAvailable(json)
\ No newline at end of file
diff --git a/cmake/restClient.cmake b/cmake/restClient.cmake
new file mode 100644
index 0000000..0baf148
--- /dev/null
+++ b/cmake/restClient.cmake
@@ -0,0 +1,9 @@
+function(add_restclient_subdirectory)
+	set(BUILD_SHARED_LIBS OFF CACHE INTERNAL "")
+	set(CMAKE_POSITION_INDEPENDENT_CODE ON CACHE INTERNAL "")
+	set(COMPILE_TYPE STATIC CACHE STRING INTERNAL "")
+	add_subdirectory(${THIRD_PARTY_DIRECTORY}/restclient-cpp-0.5.2-fork EXCLUDE_FROM_ALL)
+	set_target_properties(restclient-cpp PROPERTIES FOLDER "external/restclient-cpp")
+endfunction()
+
+add_restclient_subdirectory()
\ No newline at end of file
diff --git a/cmake/winreg.cmake b/cmake/winreg.cmake
new file mode 100644
index 0000000..5dc74ef
--- /dev/null
+++ b/cmake/winreg.cmake
@@ -0,0 +1,23 @@
+include(FetchContent REQUIRED)
+
+if (CMAKE_VERSION VERSION_GREATER_EQUAL "3.24.0")
+    cmake_policy(SET CMP0135 NEW)
+endif()
+
+FetchContent_Declare(
+	winreg
+	URL https://github.com/GiovanniDicanio/WinReg/archive/refs/tags/v6.1.1.tar.gz
+	URL_HASH  SHA256=44CC0F6B3E75BF8B8167F7E96E97E0CBD0DA3CA2D622CFC72A37DA8FC0F395C0
+        
+)
+
+if(NOT winreg_POPULATED)
+    message(STATUS "Populating WinReg")
+    FetchContent_Populate(winreg)
+    set(winreg_INCLUDE_DIR ${winreg_SOURCE_DIR})
+
+    # Create imported target winreg::headeronly
+    add_library(winreg::headeronly INTERFACE IMPORTED)
+    set_target_properties(winreg::headeronly PROPERTIES
+            INTERFACE_INCLUDE_DIRECTORIES "${winreg_INCLUDE_DIR}/WinReg")
+endif()
diff --git a/include/RealSenseID/AuthFaceprintsExtractionCallback.h b/include/RealSenseID/AuthFaceprintsExtractionCallback.h
index ab5cd47..5819211 100644
--- a/include/RealSenseID/AuthFaceprintsExtractionCallback.h
+++ b/include/RealSenseID/AuthFaceprintsExtractionCallback.h
@@ -40,7 +40,7 @@ class AuthFaceprintsExtractionCallback
      *
      * @param[in] face Detected faces. First item is the selected one for the authentication operation.
      */
-    virtual void OnFaceDetected(const std::vector<FaceRect>& faces, const unsigned int ts)
+    virtual void OnFaceDetected(const std::vector<FaceRect>& /*faces*/, const unsigned int /*ts*/)
     {
         // default empty impl for backward compatibilty
     }
diff --git a/include/RealSenseID/AuthenticateStatus.h b/include/RealSenseID/AuthenticateStatus.h
index 5f2dfad..3d5d58a 100644
--- a/include/RealSenseID/AuthenticateStatus.h
+++ b/include/RealSenseID/AuthenticateStatus.h
@@ -32,14 +32,18 @@ enum class RSID_API AuthenticateStatus
     DeviceError,
     Failure,
     /// serial statuses
-    SerialOk = 100,
+    Ok = 100,
+    Error,
     SerialError,
-    SerialSecurityError,
+    SecurityError,
     VersionMismatch,
     CrcError,
-    Reserved1 = 120,
-    Reserved2,
-    Reserved3
+    LicenseError,
+    LicenseCheck,
+    ///
+    Spoof_2D = 120,
+    Spoof_3D,
+    Spoof_LR
 };
 
 /**
diff --git a/include/RealSenseID/AuthenticationCallback.h b/include/RealSenseID/AuthenticationCallback.h
index 0dbc330..f3ac9bd 100644
--- a/include/RealSenseID/AuthenticationCallback.h
+++ b/include/RealSenseID/AuthenticationCallback.h
@@ -40,7 +40,7 @@ class RSID_API AuthenticationCallback
      *
      * @param[in] face Detected faces. First item is the selected one for the authentication operation.
      */
-    virtual void OnFaceDetected(const std::vector<FaceRect> &faces, const unsigned int ts)
+    virtual void OnFaceDetected(const std::vector<FaceRect>& /* faces */, const unsigned int /* ts */)
     {
         //default empty impl for backward compatibilty
     }
diff --git a/include/RealSenseID/DeviceConfig.h b/include/RealSenseID/DeviceConfig.h
index bb2f8ea..42f412f 100644
--- a/include/RealSenseID/DeviceConfig.h
+++ b/include/RealSenseID/DeviceConfig.h
@@ -73,11 +73,11 @@ struct RSID_API DeviceConfig
     };
 
     CameraRotation camera_rotation = CameraRotation::Rotation_0_Deg;
-    SecurityLevel security_level = SecurityLevel::Medium;
+    SecurityLevel security_level = SecurityLevel::Low;
     AlgoFlow algo_flow = AlgoFlow::All;
     FaceSelectionPolicy face_selection_policy = FaceSelectionPolicy::Single;
     DumpMode dump_mode = DumpMode::None;
-    MatcherConfidenceLevel matcher_confidence_level = MatcherConfidenceLevel::High;
+    MatcherConfidenceLevel matcher_confidence_level = MatcherConfidenceLevel::Low;
 };
 
 RSID_API const char* Description(DeviceConfig::CameraRotation rotation);
diff --git a/include/RealSenseID/DeviceController.h b/include/RealSenseID/DeviceController.h
index 4cc2298..aff4a51 100644
--- a/include/RealSenseID/DeviceController.h
+++ b/include/RealSenseID/DeviceController.h
@@ -71,6 +71,14 @@ class RSID_API DeviceController
      */
     Status QuerySerialNumber(std::string& serial);
 
+    /**
+     * Retrieve device otp version.
+     *
+     * @param version Char containing the device's otp version.
+     * @return SerialStatus::Success on success.
+     */
+    Status QueryOtpVersion(uint8_t& version);
+
     /**
      * Send ping packet to device
      * @return SerialStatus::Success if device responded with a valid ping response.
diff --git a/include/RealSenseID/EnrollFaceprintsExtractionCallback.h b/include/RealSenseID/EnrollFaceprintsExtractionCallback.h
index 4d2c4b7..691ab28 100644
--- a/include/RealSenseID/EnrollFaceprintsExtractionCallback.h
+++ b/include/RealSenseID/EnrollFaceprintsExtractionCallback.h
@@ -48,7 +48,7 @@ class EnrollFaceprintsExtractionCallback
      *
      * @param[in] face Detected faces. First item is the selected one for the authentication operation.
      */
-    virtual void OnFaceDetected(const std::vector<FaceRect>& faces, const unsigned int ts)
+    virtual void OnFaceDetected(const std::vector<FaceRect>& /*faces*/, const unsigned int /*ts*/)
     {
         // default empty impl for backward compatibilty
     }
diff --git a/include/RealSenseID/EnrollStatus.h b/include/RealSenseID/EnrollStatus.h
index a4edc2e..48d93d8 100644
--- a/include/RealSenseID/EnrollStatus.h
+++ b/include/RealSenseID/EnrollStatus.h
@@ -33,14 +33,18 @@ enum class RSID_API EnrollStatus
     EnrollWithMaskIsForbidden,  // for mask-detector : we'll forbid enroll if used wears mask.
     Spoof,
     /// serial statuses
-    SerialOk = 100,
+    Ok = 100,
+    Error,
     SerialError,
-    SerialSecurityError,
+    SecurityError,
     VersionMismatch,
     CrcError,
-    Reserved1 = 120,
-    Reserved2,
-    Reserved3
+    LicenseError,
+    LicenseCheck,
+    ///
+    Spoof_2D = 120,
+    Spoof_3D,
+    Spoof_LR
 };
 
 /**
diff --git a/include/RealSenseID/EnrollmentCallback.h b/include/RealSenseID/EnrollmentCallback.h
index e439591..fb25655 100644
--- a/include/RealSenseID/EnrollmentCallback.h
+++ b/include/RealSenseID/EnrollmentCallback.h
@@ -45,7 +45,7 @@ class RSID_API EnrollmentCallback
      *
      * @param[in] face Detected faces. First item is the selected one for the authentication operation.
      */
-    virtual void OnFaceDetected(const std::vector<FaceRect> &faces, const unsigned int ts)
+    virtual void OnFaceDetected(const std::vector<FaceRect> &/*faces*/, const unsigned int /*ts*/)
     {
         //default empty impl for backward compatibilty
     }
diff --git a/include/RealSenseID/FaceprintsDefines.h b/include/RealSenseID/FaceprintsDefines.h
index dee7a67..b89f70b 100644
--- a/include/RealSenseID/FaceprintsDefines.h
+++ b/include/RealSenseID/FaceprintsDefines.h
@@ -10,14 +10,14 @@ namespace RealSenseID
 {
 #endif // __cplusplus
 
-#define RSID_FACEPRINTS_VERSION							        (8)
+#define RSID_FACEPRINTS_VERSION							        (9)
 
-#define RSID_NUM_OF_RECOGNITION_FEATURES	                    (256)
+#define RSID_NUM_OF_RECOGNITION_FEATURES	                    (512)
 // 3 extra elements (1 for hasMask , 1 for norm, 1 spare).
-#define RSID_FEATURES_VECTOR_ALLOC_SIZE                         (259) // for DB element vector alloc size.
-#define RSID_INDEX_IN_FEATURES_VECTOR_TO_FLAGS                  (256)
+#define RSID_FEATURES_VECTOR_ALLOC_SIZE                         (515) // for DB element vector alloc size.
+#define RSID_INDEX_IN_FEATURES_VECTOR_TO_FLAGS                  (512)
 
-#define RSID_EXTRACTED_FEATURES_VECTOR_ALLOC_SIZE               (259) // for Extracted element vector alloc size.
+#define RSID_EXTRACTED_FEATURES_VECTOR_ALLOC_SIZE               (515) // for Extracted element vector alloc size.
 
 typedef short feature_t;
 
diff --git a/include/RealSenseID/FwUpdater.h b/include/RealSenseID/FwUpdater.h
index 017ebeb..9a50249 100644
--- a/include/RealSenseID/FwUpdater.h
+++ b/include/RealSenseID/FwUpdater.h
@@ -79,18 +79,21 @@ class RSID_API FwUpdater
     bool ExtractFwInformation(const char* binPath, std::string& outFwVersion, std::string& outRecognitionVersion, std::vector<std::string>& moduleNames) const;
     
     /**
-     * Check encryption used in the binary file and answer whether a device with given serial number can decrypt it.
+     * Check SKU version used in the binary file and answer whether the device supports it.
      *
+     * @param[in] settings Firmware update settings.
      * @param[in] binPath Path to the firmware binary file.
-     * @param[in] deviceSerialNumber The device serial number as it was extracted prior to calling this function.
+     * @param[out] expectedSkuVer SKU version of the firmware binary file.
+     * @param[out] deviceSkuVer SKU version of the device.
+     * @return True if expectedSkuVer == deviceSkuVer and false otherwise.
      */
-    bool IsEncryptionSupported(const char* binPath, const std::string& deviceSerialNumber) const;
+    bool IsSkuCompatible(const Settings& settings, const char* binPath, int& expectedSkuVer, int& deviceSkuVer) const;
 
     /**
      * Performs a firmware update for the modules listed in moduleNames
      *
      * @param[in] handler Responsible for handling events triggered during the update.
-     * @param[in] Settings Firmware update settings.
+     * @param[in] settings Firmware update settings.
      * @param[in] binPath Path to the firmware binary file.
      * @param[in] moduleNames list of module names to update.
      * @return OK if update succeeded matching error status if it failed.
diff --git a/include/RealSenseID/Preview.h b/include/RealSenseID/Preview.h
index afa7a3b..81d8be2 100644
--- a/include/RealSenseID/Preview.h
+++ b/include/RealSenseID/Preview.h
@@ -36,11 +36,12 @@ struct RSID_API PreviewConfig
 struct RSID_API ImageMetadata
 {
     unsigned int timestamp = 0; // sensor timestamp (miliseconds)
-    unsigned int status = 0;
+    unsigned int exposure = 0;
+    unsigned int gain = 0;
+    char led = 0;
     unsigned int sensor_id = 0;
-    bool led = false;
-    bool projector = false;
-    bool is_snapshot = false;
+    unsigned int status = 0;
+    char is_snapshot = 0;
 };
 
 /**
@@ -69,7 +70,7 @@ class RSID_API PreviewImageReadyCallback
 public:
     virtual ~PreviewImageReadyCallback() = default;
     virtual void OnPreviewImageReady(const Image image) = 0;
-    virtual void OnSnapshotImageReady(const Image image) {}; // Empty implemention for backward compability
+    virtual void OnSnapshotImageReady(const Image /*image*/) {}; // Empty implemention for backward compability
 };
 
 /**
diff --git a/include/RealSenseID/Status.h b/include/RealSenseID/Status.h
index c75dde3..467bdd8 100644
--- a/include/RealSenseID/Status.h
+++ b/include/RealSenseID/Status.h
@@ -19,7 +19,9 @@ enum class RSID_API Status
     SerialError,     /**< Error communication on the serial line */
     SecurityError,   /**< Error during secure session protocol */
     VersionMismatch, /**< Version mismatch between host and device */
-    CrcError         /**< CRC error indicates packet corruption */
+    CrcError,        /**< CRC error indicates packet corruption */
+    LicenseError,    /**< License verification error */
+    LicenseCheck     /**< License verification started */
 };
 
 /**
diff --git a/include/RealSenseID/UpdateChecker.h b/include/RealSenseID/UpdateChecker.h
new file mode 100644
index 0000000..f716f99
--- /dev/null
+++ b/include/RealSenseID/UpdateChecker.h
@@ -0,0 +1,42 @@
+// License: Apache 2.0. See LICENSE file in root directory.
+// Copyright(c) 2020-2021 Intel Corporation. All Rights Reserved.
+
+#pragma once
+#include <iostream>
+#include <string>
+#include <utility>
+#include <cstdint>
+#include "RealSenseID/RealSenseIDExports.h"
+#include "RealSenseID/SerialConfig.h"
+#include "RealSenseID/Status.h"
+
+namespace RealSenseID
+{
+
+namespace UpdateCheck
+{
+struct RSID_API ReleaseInfo {
+    uint64_t sw_version = 0;
+    uint64_t fw_version = 0;
+    const char* sw_version_str = nullptr;
+    const char* fw_version_str = nullptr;
+    const char* release_url = nullptr;
+    const char* release_notes_url = nullptr;
+    ~ReleaseInfo();
+};
+
+class RSID_API UpdateChecker
+{
+public:
+    UpdateChecker() = default;
+    ~UpdateChecker() = default;
+
+    Status GetRemoteReleaseInfo(ReleaseInfo& release_info) const;
+    Status GetLocalReleaseInfo(const RealSenseID::SerialConfig& serial_config, ReleaseInfo& release_info) const;
+
+};
+
+} // namespace UpdateChecker
+} // namespace RealSenseID
+
+
diff --git a/include/RealSenseID/Version.h b/include/RealSenseID/Version.h
index 943a059..bb76f40 100644
--- a/include/RealSenseID/Version.h
+++ b/include/RealSenseID/Version.h
@@ -8,13 +8,13 @@
 #include <string>
 
 #define RSID_VER_MAJOR 0
-#define RSID_VER_MINOR 25
-#define RSID_VER_PATCH 0
+#define RSID_VER_MINOR 33
+#define RSID_VER_PATCH 3
 
 #define RSID_VERSION (RSID_VER_MAJOR * 10000 + RSID_VER_MINOR * 100 + RSID_VER_PATCH)
 
-#define RSID_FW_VER_MAJOR 4
-#define RSID_FW_VER_MINOR 3
+#define RSID_FW_VER_MAJOR 5
+#define RSID_FW_VER_MINOR 0
 
 namespace RealSenseID
 {
diff --git a/release_info.json b/release_info.json
index 3bce558..34810a7 100644
--- a/release_info.json
+++ b/release_info.json
@@ -1,8 +1,8 @@
 {
-    "sw_version": 2500,
-    "sw_version_str": "0.25.0",
-    "fw_version": 403000300,
-    "fw_version_str": "4.3.0.300",
-    "release_url": "https://github.com/IntelRealSense/RealSenseID/releases/tag/fw.4.3.0.300",
-    "release_notes_url": "https://github.com/IntelRealSense/RealSenseID/blob/master/release_notes.txt"
+    "sw_version": 3303,
+    "sw_version_str": "0.33.3",
+    "fw_version": 507000301,
+    "fw_version_str": "5.7.0.301",
+    "release_url": "https://github.com/IntelRealSense/RealSenseID/releases/tag/v0.33.3",
+    "release_notes_url": "https://github.com/IntelRealSense/RealSenseID/blob/v0.33.3/release_notes.txt"
 }
diff --git a/release_notes.txt b/release_notes.txt
index dd9bbc6..d8f6065 100644
--- a/release_notes.txt
+++ b/release_notes.txt
@@ -1,7 +1,30 @@
+Realsense ID version 0.33.3
+-----------------------------------
+* New firmware release - version 5.7.0.301
+	* Firmware requires license activation. See details in the readme.md
+	* Face authentication and Anti-Spoofing algorithm enhancement	
+	* Support 3 level of security via Settings Menu and Firmware API
+	* Boot Behavior: 
+		* The device now always starts in Face Detection mode upon boot, regardless of the previously set operation mode
+		* The device now always starts in Low security level upon boot, regardless of the previously set operation mode
+	* Preview now shows right sensor and sends right sensor snapshots to Host
+	* Bug fixes
+* New host sw:
+	* Removed standby support
+	* Improved images dump functionality
+	* Improved support for detection of SKU version of the device
+	* Host now tries to acquire license from a license server upon FW request. See details in the readme.md 
+	* Setting Menu simplified 
+	* Viewer display of device serial number in the status bar and in sn.txt file 
+	* Improved handling and logging of session start errors
+	* Cleaned cmake usage of 3rd party libraries
+	* Added more logging to the app (authenticate duration)
+	* It is important to note that on the host side, the code must check that 'user_id' is not empty to determine whether authentication has occurred, as opposed to mere face detection or spoof detection
+
 FW version 4.3.0.300
 -----------------------------------
 * Minor bug fixes.
-
+	
 Realsense ID version 0.25.0
 -----------------------------------
 * Support for enrollment from RGB image in host mode.
diff --git a/security.md b/security.md
new file mode 100644
index 0000000..d258f0e
--- /dev/null
+++ b/security.md
@@ -0,0 +1,5 @@
+# Security Policy
+Intel is committed to rapidly addressing security vulnerabilities affecting our customers and providing clear guidance on the solution, impact, severity and mitigation. 
+
+## Reporting a Vulnerability
+Please report any security vulnerabilities in this project [utilizing the guidelines here](https://www.intel.com/content/www/us/en/security-center/vulnerability-handling-guidelines.html).
\ No newline at end of file
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 2017fa7..1360914 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -9,8 +9,12 @@ target_link_libraries(${LIBRSID_CPP_TARGET}
         spdlog::spdlog
         Threads::Threads
         $<$<BOOL:${RSID_SECURE}>:mbedtls::mbedtls>
+        rsid-license-checker
+        nlohmann_json::nlohmann_json
+        restclient-cpp
 )
 
+
 set(SRC_DIR "${CMAKE_CURRENT_SOURCE_DIR}")
 set(HEADERS
     "${SRC_DIR}/CommonValues.h"
@@ -28,6 +32,7 @@ set(SOURCES
     "${SRC_DIR}/Logging.cc"
     "${SRC_DIR}/FwUpdater.cc"
     "${SRC_DIR}/DiscoverDevices.cc"
+    "${SRC_DIR}/UpdateChecker.cc"
 )
 
 
@@ -40,9 +45,16 @@ if(RSID_PREVIEW)
 	    target_link_libraries(${LIBRSID_CPP_TARGET} PRIVATE uvc)
 	    target_include_directories(${LIBRSID_CPP_TARGET} PUBLIC "${THIRD_PARTY_DIRECTORY}/uvc/include")
     endif()
-    target_include_directories(${LIBRSID_CPP_TARGET}  PRIVATE "${THIRD_PARTY_DIRECTORY}/libjpeg-turbo_2_1_0")
-    target_include_directories(${LIBRSID_CPP_TARGET}  PRIVATE "${CMAKE_CURRENT_BINARY_DIR}/../3rdparty/libjpeg-turbo_2_1_0")
-    target_link_libraries(${LIBRSID_CPP_TARGET} PRIVATE jpeg-static)        
+    # libjpeg-turbo-install 
+	add_dependencies(${LIBRSID_CPP_TARGET} libjpeg-turbo) 
+    target_include_directories(${LIBRSID_CPP_TARGET} PRIVATE "${LIBJPEG_TURBO_INSTALL_DIR}/include")	
+	target_link_directories(${LIBRSID_CPP_TARGET} PRIVATE "${LIBJPEG_TURBO_INSTALL_DIR}/lib")	
+	if(MSVC)
+		target_link_libraries(${LIBRSID_CPP_TARGET} PRIVATE jpeg-static)
+	else()
+		target_link_libraries(${LIBRSID_CPP_TARGET} PRIVATE jpeg)
+	endif()
+	
     add_subdirectory("${SRC_DIR}/Capture")
 endif()
 
@@ -56,6 +68,7 @@ target_sources(${LIBRSID_CPP_TARGET} PRIVATE ${HEADERS} ${SOURCES})
 target_include_directories(${LIBRSID_CPP_TARGET} 
     PRIVATE 
         "${SRC_DIR}"
+        $<TARGET_PROPERTY:restclient-cpp,INCLUDE_DIRECTORIES>
         "${CMAKE_CURRENT_SOURCE_DIR}/Logger"        
     PUBLIC
         "$<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/../include>"
@@ -73,11 +86,13 @@ target_compile_definitions(${LIBRSID_CPP_TARGET}
 )
 
 set_target_properties(PROPERTIES DEBUG_POSTFIX ${RSID_DEBUG_POSTFIX})
+set_common_compile_opts(${LIBRSID_CPP_TARGET})
 
 add_subdirectory("${SRC_DIR}/Logger")
 add_subdirectory("${SRC_DIR}/PacketManager")
 add_subdirectory("${SRC_DIR}/Matcher")
 add_subdirectory("${SRC_DIR}/FwUpdate")
+add_subdirectory("${SRC_DIR}/LicenseChecker")
 
 # set ide source group
 get_target_property(PROJECT_SOURCES ${LIBRSID_CPP_TARGET} SOURCES)
diff --git a/src/Capture/LinuxCapture.cc b/src/Capture/LinuxCapture.cc
index 265cdbe..269a349 100644
--- a/src/Capture/LinuxCapture.cc
+++ b/src/Capture/LinuxCapture.cc
@@ -42,13 +42,13 @@ static void ThrowIfFailed(const char* what, int res)
 void CleanMMAPBuffers(std::vector<buffer>& buffer_list)
 {
     int ret;
-    for (int i = 0; i < buffer_list.size(); i++)
+    for (size_t i = 0; i < buffer_list.size(); i++)
     {
         if (buffer_list[i].size > 0)
         {
             ret = munmap(buffer_list[i].data, buffer_list[i].size); // unmap buffers
             if (ret == FAILED_V4L)
-                LOG_ERROR(LOG_TAG, " unmapping buffer %d failed", i);
+                LOG_ERROR(LOG_TAG, " unmapping buffer %zu failed", i);
         }
     }
 }
@@ -79,7 +79,8 @@ V4lNode::V4lNode(int camera_number,v4l2_format format):_type(format.type)
         ThrowIfFailed("set  stream",ioctl(_fd, VIDIOC_S_FMT, &format));
 
         // request buffers
-        v4l2_requestbuffers req = {0};
+        v4l2_requestbuffers req;
+        std::memset(&req, 0, sizeof(req));
         req.count = 4;
         req.type = _type;
         req.memory = V4L2_MEMORY_MMAP;
@@ -87,12 +88,13 @@ V4lNode::V4lNode(int camera_number,v4l2_format format):_type(format.type)
 
         // query buffers
         _buffers = std::vector<buffer>(req.count);
-        for (int i = 0; i < _buffers.size(); i++)
+        for (size_t i = 0; i < _buffers.size(); i++)
         {
-            v4l2_buffer buf = {0};
+            v4l2_buffer buf;
+            std::memset(&buf, 0, sizeof(buf));
             buf.type = _type;
             buf.memory = V4L2_MEMORY_MMAP;
-            buf.index = i;
+            buf.index = static_cast<uint32_t>(i);
             ThrowIfFailed("Query buffers", ioctl(_fd, VIDIOC_QUERYBUF, &buf));
             _buffers[i].data = static_cast<unsigned char*>(
                 mmap(NULL, buf.length, PROT_READ | PROT_WRITE, MAP_SHARED, _fd, buf.m.offset));
@@ -105,9 +107,10 @@ V4lNode::V4lNode(int camera_number,v4l2_format format):_type(format.type)
         ThrowIfFailed("start stream", ioctl(_fd, VIDIOC_STREAMON, &stream_type));
 
         // queue buffers
-        for (int i = 0; i < req.count; i++)
+        for (unsigned int i = 0; i < req.count; i++)
         {
-            v4l2_buffer buf = {0};
+            v4l2_buffer buf;
+            std::memset(&buf, 0, sizeof(buf));
             buf.type = _type;
             buf.memory = V4L2_MEMORY_MMAP;
             buf.index = i;
@@ -134,10 +137,13 @@ V4lNode::~V4lNode()
 buffer V4lNode::Read()
 {
     buffer res;
-    struct v4l2_buffer buf = {0};
-    struct timeval tv = {0}; 
+    struct v4l2_buffer buf;
+    std::memset(&buf, 0, sizeof(buf));
+
+    struct timeval tv; 
+    std::memset(&tv, 0, sizeof(tv));
     tv.tv_sec = 0; // max time to wait for next frame
-    tv.tv_usec =100;
+    tv.tv_usec = 100;
 
     buf.type = _type;
     buf.memory = V4L2_MEMORY_MMAP;
@@ -170,7 +176,9 @@ CaptureHandle::CaptureHandle(const PreviewConfig& config): _config(config)
         // set metadata node
         try
         {
-            v4l2_format md_format = {0};
+            v4l2_format md_format;
+            std::memset(&md_format, 0, sizeof(md_format));
+
             md_format.type = LOCAL_V4L2_BUF_TYPE_META_CAPTURE;
 
             // Assume for each streaming node with index N there is a metadata node with index (N+1)
@@ -186,7 +194,9 @@ CaptureHandle::CaptureHandle(const PreviewConfig& config): _config(config)
     // set video node
     try
     {
-        v4l2_format format = {0};
+        v4l2_format format;
+        std::memset(&format, 0, sizeof(format));
+
         StreamAttributes attr = _stream_converter->GetStreamAttributes();
         format.type = V4L2_BUF_TYPE_VIDEO_CAPTURE;
         if(attr.format == MJPEG)
diff --git a/src/Capture/MSMFCapture.cc b/src/Capture/MSMFCapture.cc
index 3cdf67d..72b96d6 100644
--- a/src/Capture/MSMFCapture.cc
+++ b/src/Capture/MSMFCapture.cc
@@ -4,12 +4,15 @@
 #include <evr.h>
 #include <mfapi.h>
 #include <mfreadwrite.h>
+#include <mferror.h>
 #include <ks.h>
 #include <ksmedia.h>
 #include <string>
 #include <sstream>
-
+#include <vector>
 #include <ntverp.h>
+#include <stdexcept>
+
 #if VER_PRODUCTBUILD > 9600 // Sensor timestamps require WinSDK ver 10 (10.0.15063) or later. see Readme for more info.
 #include <atlbase.h>
 #define METADATA_ENABLED_WIN
@@ -20,7 +23,7 @@ namespace RealSenseID
 namespace Capture
 {
 static const char* LOG_TAG = "MSMFCapture";
-static const DWORD STREAM_NUMBER = MF_SOURCE_READER_FIRST_VIDEO_STREAM;
+static const DWORD STREAM_NUMBER = static_cast<DWORD>(MF_SOURCE_READER_FIRST_VIDEO_STREAM);
 static const GUID W10_FORMAT = {FCC('pBAA'), 0x0000, 0x0010, {0x80, 0x00, 0x00, 0xaa, 0x00, 0x38, 0x9b, 0x71}};
 constexpr uint8_t MS_HEADER_SIZE = 40;
 
@@ -58,60 +61,62 @@ static void ThrowIfFailed(const char* what, HRESULT hr)
     if (SUCCEEDED(hr))
         return;
     std::stringstream err_stream;
-    err_stream << what << "MSMF failed with  HResult error: " << std::hex << static_cast<unsigned long>(hr);
+    err_stream << what << ". MSMF failed with HResult error: " << std::hex << static_cast<unsigned long>(hr);
     throw std::runtime_error(err_stream.str());
 }
 
 #ifdef METADATA_ENABLED_WIN
-void ExtractMetadataBuffer(IMFSample* pSample,buffer& buf)
+static void ExtractMetadataBuffer(IMFSample* pSample, std::vector<unsigned char>& result)
 {
     static bool md_patch_windows_exist = true;
-    if (md_patch_windows_exist)
+    result.clear();
+    if (!md_patch_windows_exist)
+        return;
+
+    try
     {
-        try
-        {
-            CComPtr<IUnknown> spUnknown;
-            CComPtr<IMFAttributes> spSample;
-            HRESULT hr = S_OK;
-            ThrowIfFailed("query sample interface", hr = pSample->QueryInterface(IID_PPV_ARGS(&spSample)));
-            ThrowIfFailed("get unknown",
-                          spSample->GetUnknown(MFSampleExtension_CaptureMetadata, IID_PPV_ARGS(&spUnknown)));
-
-            CComPtr<IMFAttributes> spMetadata;
-            CComPtr<IMFMediaBuffer> spBuffer;
-            PKSCAMERA_METADATA_ITEMHEADER pMetadata = nullptr;
-            DWORD dwMaxLength = 0;
-            DWORD dwCurrentLength = 0;
-            ThrowIfFailed("query metadata interface", spUnknown->QueryInterface(IID_PPV_ARGS(&spMetadata)));
-            ThrowIfFailed("get unknown",
-                          hr = spMetadata->GetUnknown(MF_CAPTURE_METADATA_FRAME_RAWSTREAM, IID_PPV_ARGS(&spBuffer)));
-            ThrowIfFailed("lock", spBuffer->Lock((BYTE**)&pMetadata, &dwMaxLength, &dwCurrentLength));
-            if (nullptr == pMetadata)
-                return;
-            if (pMetadata->MetadataId != MetadataId_UsbVideoHeader)
-                return;
-            auto md_raw = reinterpret_cast<byte*>(pMetadata);
-            buf.size = dwCurrentLength - MS_HEADER_SIZE;
-            buf.data = new byte[buf.size];
-            memcpy(buf.data, md_raw + MS_HEADER_SIZE, buf.size);
-        }
-        catch (...)
+        CComPtr<IUnknown> spUnknown;
+        CComPtr<IMFAttributes> spSample;
+        HRESULT hr = S_OK;
+        ThrowIfFailed("query sample interface", hr = pSample->QueryInterface(IID_PPV_ARGS(&spSample)));
+        ThrowIfFailed("get unknown", spSample->GetUnknown(MFSampleExtension_CaptureMetadata, IID_PPV_ARGS(&spUnknown)));
+
+        CComPtr<IMFAttributes> spMetadata;
+        CComPtr<IMFMediaBuffer> spBuffer;
+        PKSCAMERA_METADATA_ITEMHEADER pMetadata = nullptr;
+        DWORD dwMaxLength = 0;
+        DWORD dwCurrentLength = 0;
+        ThrowIfFailed("query metadata interface", spUnknown->QueryInterface(IID_PPV_ARGS(&spMetadata)));
+        ThrowIfFailed("get unknown",
+                      hr = spMetadata->GetUnknown(MF_CAPTURE_METADATA_FRAME_RAWSTREAM, IID_PPV_ARGS(&spBuffer)));
+        ThrowIfFailed("spBuffer->Lock()", spBuffer->Lock((BYTE**)&pMetadata, &dwMaxLength, &dwCurrentLength));
+        if (nullptr != pMetadata && pMetadata->MetadataId == MetadataId_UsbVideoHeader &&
+            dwCurrentLength > MS_HEADER_SIZE)
         {
-            LOG_DEBUG(LOG_TAG, "Failed to get metadata from stream. Try running scripts/realsenseid_metadata_win10.ps1 to enable it.");
-            md_patch_windows_exist = false;
+            auto* md_raw = reinterpret_cast<char*>(pMetadata);
+            auto* md_data_start = md_raw + MS_HEADER_SIZE;
+            auto* md_data_end = md_raw + dwCurrentLength;
+            result.insert(result.end(), md_data_start, md_data_end);
         }
+        ThrowIfFailed("spBuffer->Unlock()", spBuffer->Unlock());
+    }
+    catch (...)
+    {
+        result.clear();
+        md_patch_windows_exist = false;
+        LOG_WARNING(
+            LOG_TAG,
+            "Failed to get metadata from stream. Try running scripts/realsenseid_metadata_win10.ps1 to enable it.");
     }
-    return;
 }
 #else
-void ExtractMetadataBuffer(IMFSample* pSample, buffer& buf)
+static void ExtractMetadataBuffer(IMFSample* pSample, std::vector<unsigned char>& result)
 {
-    buf = buffer();
-    return;
+    result.clear();
 }
 #endif
 
-bool CreateMediaSource(IMFMediaSource** media_device, IMFAttributes** cap_config, int capture_number)
+static bool CreateMediaSource(IMFMediaSource** media_device, IMFAttributes** cap_config, int capture_number)
 {
     const char* stage_tag = "init MSMF backend";
     IMFActivate** ppDevices = NULL;
@@ -141,10 +146,11 @@ bool CreateMediaSource(IMFMediaSource** media_device, IMFAttributes** cap_config
 CaptureHandle::CaptureHandle(const PreviewConfig& config) : _config(config)
 {
     _stream_converter = std::make_unique<StreamConverter>(_config);
-    
+
     IMFMediaSource* media_device = nullptr;
     IMFAttributes* cap_config = nullptr;
     IMFMediaType* mediaType = nullptr;
+    std::exception_ptr last_ex;
 
     try
     {
@@ -159,30 +165,34 @@ CaptureHandle::CaptureHandle(const PreviewConfig& config) : _config(config)
         StreamAttributes attr = _stream_converter->GetStreamAttributes();
         GUID stream_format = attr.format == MJPEG ? MFVideoFormat_MJPG : W10_FORMAT;
 
-        ThrowIfFailed("create mediatype ",MFCreateMediaType(&mediaType));
-        ThrowIfFailed("set mediaType guid",mediaType->SetGUID(MF_MT_MAJOR_TYPE, MFMediaType_Video));
+        ThrowIfFailed("create mediatype ", MFCreateMediaType(&mediaType));
+        ThrowIfFailed("set mediaType guid", mediaType->SetGUID(MF_MT_MAJOR_TYPE, MFMediaType_Video));
         ThrowIfFailed("set mediaType minor type", mediaType->SetGUID(MF_MT_SUBTYPE, stream_format));
-        ThrowIfFailed("set size", MFSetAttributeSize(mediaType,MF_MT_FRAME_SIZE ,attr.width, attr.height));
+        ThrowIfFailed("set size", MFSetAttributeSize(mediaType, MF_MT_FRAME_SIZE, attr.width, attr.height));
         ThrowIfFailed("set stream ", _video_src->SetCurrentMediaType(0, NULL, mediaType));
     }
-    catch (const std::exception& ex)
+    catch (...)
     {
-        if (mediaType)
-            mediaType->Release();
-        if (cap_config)
-            cap_config->Release();
-        if (media_device)
-            media_device->Release();
-        if (_video_src)
-            _video_src->Release();
-        throw ex;
+        last_ex = std::current_exception();
     }
+
+    // clean up
     if (mediaType)
         mediaType->Release();
     if (cap_config)
         cap_config->Release();
     if (media_device)
         media_device->Release();
+
+    if (last_ex)
+    {
+        if (_video_src)
+        {
+            _video_src->Release();
+            _video_src = nullptr;
+        }
+        std::rethrow_exception(last_ex);
+    }
 };
 
 CaptureHandle::~CaptureHandle()
@@ -196,39 +206,58 @@ CaptureHandle::~CaptureHandle()
 
 bool CaptureHandle::Read(RealSenseID::Image* res)
 {
-    bool valid_read = false;
     IMFSample* sample = NULL;
     DWORD streamIndex, flags;
     LONGLONG timestamp;
     DWORD maxsize = 0, cursize = 0;
     buffer frame_buffer;
-    buffer meta_buffer;
 
-    _video_src->ReadSample(STREAM_NUMBER, 0, &streamIndex, &flags, &timestamp, &sample);
+    auto hr = _video_src->ReadSample(STREAM_NUMBER, 0, &streamIndex, &flags, &timestamp, &sample);
+    if (hr != MF_E_NOTACCEPTING) // if not "flush operation is pending"
+    {
+        ThrowIfFailed("ReadSample()", hr);
+    }
 
-    if (sample)
+    if (sample == nullptr)
     {
-        ThrowIfFailed("ConvertToContiguousBuffer", sample->ConvertToContiguousBuffer(&_buf));
+        return false; // not yet available. caller should retry soon
+    }
 
-        _buf->Lock(&(frame_buffer.data), &maxsize, &cursize);
-        frame_buffer.size = (unsigned int)cursize;
-    
-       // extract basic metadata also for non-raw streams. metadata patch need to be installed.
-       // metadata for non-raw streams includes timestamps.
-       ExtractMetadataBuffer(sample, meta_buffer);
+    std::exception_ptr last_ex;
+    IMFMediaBuffer* media_buf = nullptr;
+    bool valid_read = false;
 
-       valid_read = _stream_converter->Buffer2Image(res, frame_buffer, meta_buffer);
+    try
+    {
+        ThrowIfFailed("ConvertToContiguousBuffer", sample->ConvertToContiguousBuffer(&media_buf));
+        ThrowIfFailed("Lock()", media_buf->Lock(&(frame_buffer.data), &maxsize, &cursize));
+        frame_buffer.size = static_cast<unsigned int>(cursize);
+        ExtractMetadataBuffer(sample, _md_vector);
+        buffer metadata_buffer;
+        metadata_buffer.data = _md_vector.data();
+        metadata_buffer.size = static_cast<int>(_md_vector.size());
+        valid_read = _stream_converter->Buffer2Image(res, frame_buffer, metadata_buffer);
+    }
+    catch (...)
+    {
+        last_ex = std::current_exception();
+    }
 
-        if (meta_buffer.data)
-            delete[] meta_buffer.data;
-        if (_buf)
-        {
-            _buf->Unlock();
-            _buf->Release();
-        }
-        sample->Release();
+    // cleanup
+    if (media_buf)
+    {
+        media_buf->Unlock();
+        media_buf->Release();
     }
+    sample->Release();
+
+    if (last_ex)
+    {
+        std::rethrow_exception(last_ex);
+    }
+
     return valid_read;
 }
+
 } // namespace Capture
 } // namespace RealSenseID
diff --git a/src/Capture/MSMFCapture.h b/src/Capture/MSMFCapture.h
index 9eb6bfb..1bdc6e1 100644
--- a/src/Capture/MSMFCapture.h
+++ b/src/Capture/MSMFCapture.h
@@ -1,6 +1,7 @@
 #pragma once
 #include "RealSenseID/Preview.h"
 #include "StreamConverter.h"
+#include <vector>
 
 struct IMFSourceReader;
 struct IMFMediaBuffer;
@@ -31,10 +32,10 @@ class CaptureHandle
 
 private:
     MsmfInitializer _mf;
-    IMFSourceReader* _video_src = nullptr;
-    IMFMediaBuffer* _buf = nullptr;
+    IMFSourceReader* _video_src = nullptr;    
     std::unique_ptr<StreamConverter> _stream_converter;
     PreviewConfig _config;
+    std::vector<unsigned char> _md_vector;
 };
 } // namespace Capture
 } // namespace RealSenseID
\ No newline at end of file
diff --git a/src/Capture/MetadataDefines.h b/src/Capture/MetadataDefines.h
index f1f0bb3..69a452a 100644
--- a/src/Capture/MetadataDefines.h
+++ b/src/Capture/MetadataDefines.h
@@ -25,7 +25,7 @@ typedef struct
     uint32_t ver;
     uint32_t flags;
     uint32_t frame_count;
-    uint32_t sensor_timestamp;
+    uint64_t sensor_timestamp;
     uint32_t exposure;
     uint16_t gain;
     uint8_t led_status;
@@ -33,7 +33,7 @@ typedef struct
     uint8_t preset_id;
     uint8_t sensor_id;       // (left =0 , right = 1)
     uint8_t status;          // enroll status
-    uint8_t extra[25];
+    uint8_t extra[32];
 } md_middle_level;
 
 constexpr uint8_t md_middle_level_size = sizeof(md_middle_level);
diff --git a/src/Capture/RawHelper.cc b/src/Capture/RawHelper.cc
index ee83781..8cce5e9 100644
--- a/src/Capture/RawHelper.cc
+++ b/src/Capture/RawHelper.cc
@@ -43,7 +43,7 @@ RawHelper::~RawHelper()
 
 inline void setBit(unsigned char* byte, bool val, int index)
 {
-    (*byte) = val ? (*byte) | (1 << index) : (*byte) & ~(1 << index);
+    (*byte) = static_cast<char>(val ? (*byte) | (1 << index) : (*byte) & ~(1 << index));
 }
 
 inline bool getBit(unsigned char* byte, int index)
@@ -147,10 +147,9 @@ Image RawHelper::ConvertToRgb(const Image& src_img)
     const unsigned char* src = src_img.buffer;
     unsigned char* dst = _result_img.buffer;
 
-    const int palette = 128;
     unsigned int i;
 
-    for (i = 0; i < src_img.size && src_y >=0 ; i++)
+    for (i = 0; i < src_img.size; i++)
     {
         int p[8];
         uint8_t hn, vn, di;
@@ -209,17 +208,14 @@ Image RawHelper::ConvertToRgb(const Image& src_img)
         }
 
         /* Average matching neighbours. */
-        hn = ((Raw8Value(src, p[3], p[3] % 5) + Raw8Value(src, p[4], p[4] % 5)) / 2);
-        vn = ((Raw8Value(src, p[1], p[1] % 5) + Raw8Value(src, p[6], p[6] % 5)) / 2);
-        di = ((Raw8Value(src, p[0], p[0] % 5) + Raw8Value(src, p[2], p[2] % 5) + Raw8Value(src, p[5], p[5] % 5) +
-               Raw8Value(src, p[7], p[7] % 5)) /
-              4);
+        hn = static_cast<uint8_t>(((Raw8Value(src, p[3], p[3] % 5) + Raw8Value(src, p[4], p[4] % 5)) / 2));
+        vn = static_cast<uint8_t>(((Raw8Value(src, p[1], p[1] % 5) + Raw8Value(src, p[6], p[6] % 5)) / 2));
+        di = static_cast<uint8_t>(((Raw8Value(src, p[0], p[0] % 5) + Raw8Value(src, p[2], p[2] % 5) +
+                                    Raw8Value(src, p[5], p[5] % 5) + Raw8Value(src, p[7], p[7] % 5))) / 4);
 
         /* Calculate RGB */
-        if (palette == 128)
-            mode = (src_x + src_y) & 0x01;
-        else
-            mode = ~(src_x + src_y) & 0x01;
+        mode = (src_x + src_y) & 0x01;
+        // if (palette != 128) mode = ~(src_x + src_y) & 0x01;
 
         if (mode)
         {
@@ -238,13 +234,13 @@ Image RawHelper::ConvertToRgb(const Image& src_img)
         else if (src_y & 0x01)
         {
             br1 = Raw8Value(src, i, i % 5);
-            g = (vn + hn) / 2;
+            g = static_cast<uint8_t>((vn + hn) / 2);
             br0 = di;
         }
         else
         {
             br0 = Raw8Value(src, i, i % 5);
-            g = (vn + hn) / 2;
+            g = static_cast<uint8_t>((vn + hn) / 2);
             br1 = di;
         }
 
@@ -257,7 +253,7 @@ Image RawHelper::ConvertToRgb(const Image& src_img)
             dst_x++;
         else
             dst_y--;
-        
+
         src_x++;
 
         /* Move to the next line*/
@@ -276,7 +272,6 @@ Image RawHelper::ConvertToRgb(const Image& src_img)
                 dst_x++;
             }
         }
-
     }
 
     dst_img.width = dst_width;
diff --git a/src/Capture/StreamConverter.cc b/src/Capture/StreamConverter.cc
index 6e95705..a8d31c5 100644
--- a/src/Capture/StreamConverter.cc
+++ b/src/Capture/StreamConverter.cc
@@ -16,6 +16,7 @@ static const StreamAttributes MJPEG_1080P_ATTR {1056, 1920, MJPEG};
 static const StreamAttributes MJPEG_720P_ATTR {704, 1280, MJPEG};
 static const StreamAttributes MJPEG_1080P_HORIZON_ATTR {1920, 1056, MJPEG};
 static const StreamAttributes MJPEG_720P_HORIZON_ATTR {1280, 704, MJPEG};
+#define MD_CAPTURE_INFO_VER 0x80081005
 
 static const char* LOG_TAG = "StreamConverter";
 
@@ -35,7 +36,7 @@ static const StreamAttributes GetStreamAttributesByMode(PreviewConfig config)
     }
 }
 
-ImageMetadata ExtractMetadataFromMDBuffer(const buffer& buffer, bool to_mili = false)
+static ImageMetadata ExtractMetadataFromMDBuffer(const buffer& buffer, bool to_mili)
 {
     ImageMetadata md;
     
@@ -49,14 +50,21 @@ ImageMetadata ExtractMetadataFromMDBuffer(const buffer& buffer, bool to_mili = f
     if (tmp_md->exposure == 0 && tmp_md->gain == 0) // not valid image
         return md;
 
+    if (tmp_md->ver != MD_CAPTURE_INFO_VER)
+    {
+        LOG_ERROR(LOG_TAG, "Metadata version doesn't match. Expected %x", MD_CAPTURE_INFO_VER);
+        return md;
+    }
+
     constexpr unsigned int snapshot_jpeg_attribute = (1u << 7);
 
-    md.timestamp = tmp_md->sensor_timestamp / divide_ts;
+    md.timestamp = static_cast<int>(tmp_md->sensor_timestamp / divide_ts);
+    md.exposure = tmp_md->exposure;
+    md.gain = tmp_md->gain;
     md.led = tmp_md->led_status;
-    md.projector = tmp_md->projector_status;
     md.sensor_id = tmp_md->sensor_id;
     md.status = tmp_md->status;
-    md.is_snapshot = tmp_md->flags & snapshot_jpeg_attribute;
+    md.is_snapshot = (tmp_md->flags & snapshot_jpeg_attribute) ? 1 : 0;
 
     return md;
 }
@@ -81,6 +89,9 @@ void StreamConverter::InitDecompressor()
 // StreamConverter
 StreamConverter::StreamConverter(PreviewConfig config) : _portrait_mode(config.portraitMode)
 {
+    std::memset(&_jpeg_jerr, 0, sizeof(_jpeg_jerr));
+    std::memset(&_jpeg_dinfo, 0, sizeof(_jpeg_dinfo));
+
     _attributes = GetStreamAttributesByMode(config);
     _result_image.width = _attributes.width;
     _result_image.height = _attributes.height;
@@ -113,8 +124,9 @@ bool StreamConverter::DecodeJpeg(Image* res, buffer frame_buffer)
         return false;
     }
 
-    if (RGB_PIXEL_SIZE == 4)
-        _jpeg_dinfo.out_color_space = JCS_EXT_RGBA;
+ #ifdef ANDROID 
+    _jpeg_dinfo.out_color_space = JCS_EXT_RGBA;
+#endif
 
     ::jpeg_start_decompress(&_jpeg_dinfo);
     auto width = _jpeg_dinfo.output_width;
@@ -155,8 +167,8 @@ bool StreamConverter::Buffer2Image(Image* res,const buffer& frame_buffer,const b
     {
     case MJPEG:
         try
-        {
-            res->metadata = ExtractMetadataFromMDBuffer(md_buffer,true);
+        {  
+            res->metadata = ExtractMetadataFromMDBuffer(md_buffer, true /* convert to millis */);
             bool decode_success = DecodeJpeg(res, frame_buffer);
             return decode_success;
         }
@@ -169,7 +181,7 @@ bool StreamConverter::Buffer2Image(Image* res,const buffer& frame_buffer,const b
         }
         break;
     case RAW:
-        res->metadata = ExtractMetadataFromMDBuffer(md_buffer);
+        res->metadata = ExtractMetadataFromMDBuffer(md_buffer, false /* keep in micros */);
         if (res->metadata.timestamp == 0) // don't return non-dumped images
             return false;
         ::memcpy(res->buffer, frame_buffer.data, frame_buffer.size);
@@ -181,12 +193,6 @@ bool StreamConverter::Buffer2Image(Image* res,const buffer& frame_buffer,const b
     }    
 }
 
-bool StreamConverter::Buffer2Image(Image* res,const buffer& frame_buffer)
-{
-    buffer dummy;
-    return Buffer2Image(res, frame_buffer, dummy);
-}
-
 StreamAttributes StreamConverter::GetStreamAttributes()
 {
     return _attributes;
diff --git a/src/Capture/StreamConverter.h b/src/Capture/StreamConverter.h
index 361d9a3..c468eb2 100644
--- a/src/Capture/StreamConverter.h
+++ b/src/Capture/StreamConverter.h
@@ -39,10 +39,9 @@ struct buffer
 class StreamConverter
 {
 public:
-    StreamConverter(PreviewConfig config);
+    explicit StreamConverter(PreviewConfig config);
     ~StreamConverter();    
     bool Buffer2Image(Image* res,const buffer& frame_buffer,const buffer& metadata_buffer);
-    bool Buffer2Image(Image* res,const buffer& frame_buffer);
     StreamAttributes GetStreamAttributes();
 
 private:
@@ -50,8 +49,8 @@ class StreamConverter
     Image _result_image; 
     bool _portrait_mode;
     // jpeg structs
-    jpeg_error_mgr _jpeg_jerr {0};
-    jpeg_decompress_struct _jpeg_dinfo {0};
+    jpeg_error_mgr _jpeg_jerr;
+    jpeg_decompress_struct _jpeg_dinfo;
 
     void InitDecompressor();
     bool DecodeJpeg(Image* res, buffer frame_buffer);
diff --git a/src/DeviceController.cc b/src/DeviceController.cc
index b5bb580..5c2edba 100644
--- a/src/DeviceController.cc
+++ b/src/DeviceController.cc
@@ -53,6 +53,11 @@ Status DeviceController::QuerySerialNumber(std::string& serial)
     return _impl->QuerySerialNumber(serial);
 }
 
+Status DeviceController::QueryOtpVersion(uint8_t& version)
+{
+    return _impl->QueryOtpVersion(version);
+}
+
 Status DeviceController::Ping()
 {
     return _impl->Ping();
diff --git a/src/DeviceControllerImpl.cc b/src/DeviceControllerImpl.cc
index ab47035..6793be5 100644
--- a/src/DeviceControllerImpl.cc
+++ b/src/DeviceControllerImpl.cc
@@ -120,7 +120,7 @@ Status DeviceControllerImpl::QueryFirmwareVersion(std::string& version)
         // receive data until no more is available
         constexpr size_t max_buffer_size = 512;
         char buffer[max_buffer_size] = {0};
-        for (int i = 0; i < max_buffer_size - 1; ++i)
+        for (size_t i = 0; i < max_buffer_size - 1; ++i)
         {
             auto status = _serial->RecvBytes(&buffer[i], 1);
 
@@ -140,7 +140,7 @@ Status DeviceControllerImpl::QueryFirmwareVersion(std::string& version)
         std::string line;
         while (std::getline(ss, line, '\n'))
         {
-            static const std::regex module_regex {R"((OPFW|NNLED|NNLAS|DNET|RECOG|YOLO|AS2DLR) : ([\d\.]+))"};
+            static const std::regex module_regex {R"((OPFW|NNLED|DNET|RECOG|YOLO|AS2DLR|NNLAS) : ([\d\.]+))"};
             std::smatch match;
 
             auto match_ok = std::regex_search(line, match, module_regex);
@@ -185,18 +185,18 @@ Status DeviceControllerImpl::QuerySerialNumber(std::string& serial)
 
     try
     {
-        auto status = _serial->SendBytes(PacketManager::Commands::device_info,
+        auto send_status = _serial->SendBytes(PacketManager::Commands::device_info,
                                             ::strlen(PacketManager::Commands::device_info));
-        if (status != PacketManager::SerialStatus::Ok)
+        if (send_status != PacketManager::SerialStatus::Ok)
         {
             LOG_ERROR(LOG_TAG, "Failed sending serial number command");
-            return ToStatus(status);
+            return ToStatus(send_status);
         }
 
         // receive data until no more is available
         constexpr size_t max_buffer_size = 128;
         char buffer[max_buffer_size] = {0};
-        for (int i = 0; i < max_buffer_size - 1; ++i)
+        for (size_t i = 0; i < max_buffer_size - 1; ++i)
         {
             auto status = _serial->RecvBytes(&buffer[i], 1);
 
@@ -248,6 +248,74 @@ Status DeviceControllerImpl::QuerySerialNumber(std::string& serial)
     }
 }
 
+Status DeviceControllerImpl::QueryOtpVersion(uint8_t& otpVer)
+{
+    try
+    {
+        auto send_status = _serial->SendBytes(PacketManager::Commands::otp_ver, ::strlen(PacketManager::Commands::otp_ver));
+        if (send_status != PacketManager::SerialStatus::Ok)
+        {
+            LOG_ERROR(LOG_TAG, "Failed sending otp version command");
+            return ToStatus(send_status);
+        }
+
+        // receive data until no more is available
+        constexpr size_t max_buffer_size = 128;
+        char buffer[max_buffer_size] = {0};
+        for (size_t i = 0; i < max_buffer_size - 1; ++i)
+        {
+            auto status = _serial->RecvBytes(&buffer[i], 1);
+
+            // timeout is legal for the final byte, because we do not know the expected data size
+            if (status == PacketManager::SerialStatus::RecvTimeout)
+                break;
+
+            // other error are still not accepted
+            if (status != PacketManager::SerialStatus::Ok)
+            {
+                LOG_ERROR(LOG_TAG, "Failed reading serial number data");
+                return ToStatus(status);
+            }
+        }
+
+        std::stringstream ss(buffer);
+        std::string line;
+        std::string otpVerStr;
+        while (std::getline(ss, line, '\n'))
+        {
+            static const std::regex otp_version_regex {R"(otp version is (.*))"};
+            std::smatch match;
+
+            auto match_ok = std::regex_search(line, match, otp_version_regex);
+
+            if (match_ok)
+            {
+                otpVerStr = match[1].str();
+                break;
+            }
+        }
+
+        if (otpVerStr.empty())
+        {
+            LOG_ERROR(LOG_TAG, "Otp version received from device is empty");
+            return Status::Error;
+        }
+
+        otpVer = otpVerStr[0];
+        return Status::Ok;
+    }
+    catch (std::exception& ex)
+    {
+        LOG_EXCEPTION(LOG_TAG, ex);
+        return Status::Error;
+    }
+    catch (...)
+    {
+        LOG_ERROR(LOG_TAG, "Unknown exception");
+        return Status::Error;
+    }
+}
+
 Status DeviceControllerImpl::Ping()
 {
     using namespace PacketManager;
diff --git a/src/DeviceControllerImpl.h b/src/DeviceControllerImpl.h
index bd6a5b9..b5cd373 100644
--- a/src/DeviceControllerImpl.h
+++ b/src/DeviceControllerImpl.h
@@ -31,6 +31,7 @@ class DeviceControllerImpl
     bool Reboot();
     Status QueryFirmwareVersion(std::string& version);
     Status QuerySerialNumber(std::string& serial);
+    Status QueryOtpVersion(uint8_t& otpVer);
     Status Ping();
 
 private:
diff --git a/src/DiscoverDevices.cc b/src/DiscoverDevices.cc
index de4b616..bbf3002 100644
--- a/src/DiscoverDevices.cc
+++ b/src/DiscoverDevices.cc
@@ -48,18 +48,6 @@ static bool MatchToExpectedVidPidPairs(std::string vid, std::string pid)
 
     return false;
 }
-
-// Extracts string from input using regex matching - only one submatch is allowed. Returns an empty string on failure.
-static std::string ExtractStringUsingRegex(const std::string& input, const std::regex& regex)
-{
-    std::string output;
-    std::smatch matches;
-    bool success = std::regex_match(input, matches, regex);
-    if (success && matches.size() == 2)
-        output = matches[1];
-
-    return output;
-}
 }
 
 #if _WIN32
@@ -82,8 +70,20 @@ static std::string ExtractStringUsingRegex(const std::string& input, const std::
 #pragma comment(lib, "Strmiids")
 #pragma comment(lib, "Mfreadwrite")
 
-namespace RealSenseID
+
+// Extracts string from input using regex matching - only one submatch is allowed. Returns an empty string on failure.
+static std::string ExtractStringUsingRegex(const std::string& input, const std::regex& regex)
 {
+    std::string output;
+    std::smatch matches;
+    bool success = std::regex_match(input, matches, regex);
+    if (success && matches.size() == 2)
+        output = matches[1];
+
+    return output;
+}
+
+// Throw if given hresult failed
 static void ThrowIfFailedMSMF(char* what, HRESULT hr)
 {
     if (SUCCEEDED(hr))
@@ -93,6 +93,9 @@ static void ThrowIfFailedMSMF(char* what, HRESULT hr)
     throw std::runtime_error(err_stream.str());
 }
 
+namespace RealSenseID
+{
+
 std::vector<std::string> DiscoverSerial()
 {
     std::vector<std::string> port_names;
@@ -278,6 +281,11 @@ bool IsVideoNode(int camera_number){
     {
         std::string dev_md = VIDEO_DEV + std::to_string(camera_number);
         fd = open(dev_md.c_str(), O_RDWR | O_NONBLOCK, 0);
+        if (fd == -1)
+        {
+            LOG_ERROR(LOG_TAG, "Failed open camera %s", dev_md.c_str());
+            return false;
+        }
         ThrowIfFailed("get capabilities",ioctl(fd, VIDIOC_QUERYCAP, &cap));
         close(fd);
     }
@@ -315,7 +323,7 @@ std::vector<int> DiscoverCapture()
             capture_numbers.push_back(cur);
         }
     }
-    LOG_DEBUG(LOG_TAG, "capture devices %d",capture_numbers.size());
+    LOG_DEBUG(LOG_TAG, "capture devices %lu",capture_numbers.size());
     return capture_numbers;
 }
 
diff --git a/src/FaceAuthenticatorImpl.cc b/src/FaceAuthenticatorImpl.cc
index d69057d..f66503b 100644
--- a/src/FaceAuthenticatorImpl.cc
+++ b/src/FaceAuthenticatorImpl.cc
@@ -55,6 +55,7 @@ FaceAuthenticatorImpl::FaceAuthenticatorImpl(SignatureCallback* callback) :
 #else
     _session {}
 {
+    (void)callback; // callback not used
 }
 #endif // RSID_SECURE
 
@@ -226,7 +227,10 @@ Status FaceAuthenticatorImpl::Enroll(EnrollmentCallback& callback, const char* u
         {
             return Status::Error;
         }
-        auto status = _session.Start(_serial.get());
+        auto status = _session.Start(_serial.get(), [&callback] {
+            LOG_DEBUG(LOG_TAG, "Checking license");
+            callback.OnHint(EnrollStatus::LicenseCheck);
+        });
         if (status != PacketManager::SerialStatus::Ok)
         {
             LOG_ERROR(LOG_TAG, "Session start failed with status %d", static_cast<int>(status));
@@ -273,15 +277,18 @@ Status FaceAuthenticatorImpl::Enroll(EnrollmentCallback& callback, const char* u
             }
 
             auto fa_status = fa_packet.GetStatusCode();
+            auto enroll_status = EnrollStatus(fa_status);
+            const char* log_enroll_status = Description(enroll_status);
 
             switch (msg_id)
             {
                 // end of transaction
             case (PacketManager::MsgId::Reply):
-                return Status::Ok;
+                LOG_DEBUG(LOG_TAG, "Got Reply: %s", log_enroll_status);
+                return Status(fa_status);
 
             case (PacketManager::MsgId::Result):
-                callback.OnResult(EnrollStatus(fa_status));
+                callback.OnResult(enroll_status);
                 break;
 
             case (PacketManager::MsgId::Progress):
@@ -289,7 +296,7 @@ Status FaceAuthenticatorImpl::Enroll(EnrollmentCallback& callback, const char* u
                 break;
 
             case (PacketManager::MsgId::Hint):
-                callback.OnHint(EnrollStatus(fa_status));
+                callback.OnHint(enroll_status);
                 break;
 
             default:
@@ -395,7 +402,7 @@ Status FaceAuthenticatorImpl::SendImageToDevice(const unsigned char* buffer, uns
             LOG_ERROR(LOG_TAG, "Failed receiving reply packet (status %d)", (int)status);
             return ToStatus(status);
         }
-        LOG_DEBUG(LOG_TAG, "Sent chunk %hu OK. %zu/%u bytes", chunk_number+1, total_image_bytes_sent, image_size);
+        LOG_DEBUG(LOG_TAG, "Sent chunk %hu OK. %zu/%u bytes", chunk_number + 1, total_image_bytes_sent, image_size);
     }
 
     assert(total_image_bytes_sent == image_size);
@@ -411,7 +418,8 @@ Status FaceAuthenticatorImpl::SendImageToDevice(const unsigned char* buffer, uns
 //    chunk format: [chunk-number (2 bytes)] [width (2 bytes)] [height (2 bytes)] [buffer (chunk size-6)]
 //    Wait for ack response ('e' packet)
 // Send 'EnrollImage' Fa packet with the user id and return the response to the caller.
-EnrollStatus FaceAuthenticatorImpl::EnrollImage(const char* user_id, const unsigned char* buffer, unsigned int width, unsigned int height)
+EnrollStatus FaceAuthenticatorImpl::EnrollImage(const char* user_id, const unsigned char* buffer, unsigned int width,
+                                                unsigned int height)
 {
     if (!ValidateUserId(user_id))
     {
@@ -421,7 +429,7 @@ EnrollStatus FaceAuthenticatorImpl::EnrollImage(const char* user_id, const unsig
     Status imageSendingStatus = SendImageToDevice(buffer, width, height);
     if (Status::Ok != imageSendingStatus)
     {
-		LOG_ERROR(LOG_TAG, "Error sending the image to the device. status %d", static_cast<int>(imageSendingStatus));
+        LOG_ERROR(LOG_TAG, "Error sending the image to the device. status %d", static_cast<int>(imageSendingStatus));
         return EnrollStatus::Failure;
     }
 
@@ -451,25 +459,28 @@ EnrollStatus FaceAuthenticatorImpl::EnrollImage(const char* user_id, const unsig
     return EnrollStatus(fa_packet.GetStatusCode());
 }
 
-EnrollStatus FaceAuthenticatorImpl::EnrollImageFeatureExtraction(const char* user_id, const unsigned char* buffer, unsigned int width, unsigned int height, ExtractedFaceprints* faceprints)
+EnrollStatus FaceAuthenticatorImpl::EnrollImageFeatureExtraction(const char* user_id, const unsigned char* buffer,
+                                                                 unsigned int width, unsigned int height,
+                                                                 ExtractedFaceprints* faceprints)
 {
-	if (!ValidateUserId(user_id))
-	{
+    if (!ValidateUserId(user_id))
+    {
         LOG_ERROR(LOG_TAG, "invalid user id");
-		return EnrollStatus::Failure;
-	}
+        return EnrollStatus::Failure;
+    }
 
-    if (nullptr == faceprints) {
+    if (nullptr == faceprints)
+    {
         LOG_ERROR(LOG_TAG, "the faceprints argument is null");
         return EnrollStatus::Failure;
     }
 
-	Status imageSendingStatus = SendImageToDevice(buffer, width, height);
-	if (Status::Ok != imageSendingStatus)
-	{
-		LOG_ERROR(LOG_TAG, "Error sending the image to the device. status %d", static_cast<int>(imageSendingStatus));
-		return EnrollStatus::Failure;
-	}
+    Status imageSendingStatus = SendImageToDevice(buffer, width, height);
+    if (Status::Ok != imageSendingStatus)
+    {
+        LOG_ERROR(LOG_TAG, "Error sending the image to the device. status %d", static_cast<int>(imageSendingStatus));
+        return EnrollStatus::Failure;
+    }
 
     // Now that the image was uploaded, send the enroll image request
     auto status = _session.Start(_serial.get());
@@ -479,7 +490,7 @@ EnrollStatus FaceAuthenticatorImpl::EnrollImageFeatureExtraction(const char* use
         return ToEnrollStatus(status);
     }
 
-    //Getting the image enrollment result from the device(on success the faceprints are returned)
+    // Getting the image enrollment result from the device(on success the faceprints are returned)
     PacketManager::FaPacket fa_packet {PacketManager::MsgId::EnrollImageFeatureExtraction, user_id, 0};
     status = _session.SendPacket(fa_packet);
     if (status != PacketManager::SerialStatus::Ok)
@@ -494,7 +505,7 @@ EnrollStatus FaceAuthenticatorImpl::EnrollImageFeatureExtraction(const char* use
         LOG_ERROR(LOG_TAG, "Failed receiving fa packet (status %d)", (int)status);
         return ToEnrollStatus(status);
     }
-   
+
     if (EnrollStatus(fa_packet.GetStatusCode()) != EnrollStatus::Success)
     {
         return EnrollStatus(fa_packet.GetStatusCode());
@@ -515,7 +526,7 @@ EnrollStatus FaceAuthenticatorImpl::EnrollImageFeatureExtraction(const char* use
     if (msg_id == PacketManager::MsgId::Faceprints)
     {
         LOG_DEBUG(LOG_TAG, "Got faceprints from device!");
-		ExtractedFaceprintsElement* desc = (ExtractedFaceprintsElement*)(data_packet.payload.message.data_msg.data);
+        ExtractedFaceprintsElement* desc = (ExtractedFaceprintsElement*)(data_packet.payload.message.data_msg.data);
 
         //
         //  read the mask-detector indicator:
@@ -531,7 +542,7 @@ EnrollStatus FaceAuthenticatorImpl::EnrollImageFeatureExtraction(const char* use
         size_t copySize = sizeof(desc->featuresVector);
 
         static_assert(sizeof(faceprints->data.featuresVector) == sizeof(desc->featuresVector),
-                        "adaptive faceprints (without mask) sizes does not match");
+                      "adaptive faceprints (without mask) sizes does not match");
         ::memcpy(faceprints->data.featuresVector, desc->featuresVector, copySize);
 
         // mark the enrolled vector flags as valid without mask.
@@ -544,9 +555,7 @@ EnrollStatus FaceAuthenticatorImpl::EnrollImageFeatureExtraction(const char* use
     {
         LOG_ERROR(LOG_TAG, "Got unexpected message id when expecting faceprints to arrive: %c", (char)msg_id);
         return EnrollStatus::SerialError;
-    }
-     
-    return EnrollStatus::Success;
+    }    
 }
 
 // Do authenticate session with the device. Call user's authenticate callbacks in the process.
@@ -558,7 +567,10 @@ Status FaceAuthenticatorImpl::Authenticate(AuthenticationCallback& callback)
 {
     try
     {
-        auto status = _session.Start(_serial.get());
+        auto status = _session.Start(_serial.get(), [&callback] {
+            LOG_DEBUG(LOG_TAG, "Checking license");
+            callback.OnHint(AuthenticateStatus::LicenseCheck);
+        });
         if (status != PacketManager::SerialStatus::Ok)
         {
             LOG_ERROR(LOG_TAG, "Session start failed with status %d", static_cast<int>(status));
@@ -612,14 +624,16 @@ Status FaceAuthenticatorImpl::Authenticate(AuthenticationCallback& callback)
             {
             // end of transaction
             case (PacketManager::MsgId::Reply):
-                return Status::Ok;
+                LOG_DEBUG(LOG_TAG, "Got Reply: %s", log_auth_status);
+                return Status(fa_status);
 
-            case (PacketManager::MsgId::Result): {
+            case (PacketManager::MsgId::Result):
+                LOG_DEBUG(LOG_TAG, "Got Result: %s", log_auth_status);
                 callback.OnResult(auth_status, user_id);
                 break;
-            }
 
             case (PacketManager::MsgId::Hint):
+                LOG_DEBUG(LOG_TAG, "Got Hint: %s", log_auth_status);
                 callback.OnHint(auth_status);
                 break;
 
@@ -851,8 +865,7 @@ Status FaceAuthenticatorImpl::SetDeviceConfig(const DeviceConfig& device_config)
         LOG_ERROR(LOG_TAG, "Session start failed with status %d", static_cast<int>(status));
         return ToStatus(status);
     }
-    int size = sizeof(device_config);
-
+    
     char settings[6];
     settings[0] = static_cast<char>(device_config.camera_rotation);
     settings[1] = static_cast<char>(device_config.security_level);
@@ -877,6 +890,15 @@ Status FaceAuthenticatorImpl::SetDeviceConfig(const DeviceConfig& device_config)
         return ToStatus(status);
     }
 
+    if (data_packet_reply.header.id == PacketManager::MsgId::Status)
+    {
+        auto reply_status = data_packet_reply.Data().data[0];
+        auto real_status = Status(reply_status);
+        const char* log_real_status = Description(real_status);
+        LOG_ERROR(LOG_TAG, "Received Reply with status: %s", log_real_status);
+        return real_status;
+    }
+
     if (data_packet_reply.header.id != PacketManager::MsgId::SetDeviceConfig)
     {
         LOG_ERROR(LOG_TAG, "Unexpected msg id in reply (%c)", data_packet_reply.header.id);
@@ -939,7 +961,7 @@ Status FaceAuthenticatorImpl::QueryDeviceConfig(DeviceConfig& device_config)
 
     device_config.dump_mode = static_cast<DeviceConfig::DumpMode>(data_packet_reply.payload.message.data_msg.data[4]);
 
-    device_config.matcher_confidence_level = 
+    device_config.matcher_confidence_level =
         static_cast<DeviceConfig::MatcherConfidenceLevel>(data_packet_reply.payload.message.data_msg.data[5]);
 
     // convert internal status to api's serial status and return
@@ -1102,44 +1124,8 @@ Status FaceAuthenticatorImpl::QueryNumberOfUsers(unsigned int& number_of_users)
 
 Status FaceAuthenticatorImpl::Standby()
 {
-    try
-    {
-        auto status = _session.Start(_serial.get());
-        if (status != PacketManager::SerialStatus::Ok)
-        {
-            LOG_ERROR(LOG_TAG, "Session start failed with status %d", static_cast<int>(status));
-            return ToStatus(status);
-        }
-
-        PacketManager::DataPacket packet {PacketManager::MsgId::StandBy};
-        status = _session.SendPacket(packet);
-        if (status != PacketManager::SerialStatus::Ok)
-        {
-            LOG_ERROR(LOG_TAG, "Failed sending fa packet (status %d)", static_cast<int>(status));
-            return ToStatus(status);
-        }
-
-        PacketManager::FaPacket fa_packet {PacketManager::MsgId::Reply};
-        status = _session.RecvFaPacket(fa_packet);
-        if (status != PacketManager::SerialStatus::Ok)
-        {
-            LOG_ERROR(LOG_TAG, "Failed receiving fa packet (status %d)", static_cast<int>(status));
-            return ToStatus(status);
-        }
-
-        auto status_code = fa_packet.GetStatusCode();
-        return static_cast<Status>(status_code);
-    }
-    catch (std::exception& ex)
-    {
-        LOG_EXCEPTION(LOG_TAG, ex);
-        return Status::Error;
-    }
-    catch (...)
-    {
-        LOG_ERROR(LOG_TAG, "Unknown exception");
-        return Status::Error;
-    }
+    LOG_ERROR(LOG_TAG, "Standby is not supported");
+    return Status::Error;
 }
 
 // Do faceprints extraction using enrollment flow, on the device.
@@ -1153,7 +1139,10 @@ Status FaceAuthenticatorImpl::ExtractFaceprintsForEnroll(EnrollFaceprintsExtract
 {
     try
     {
-        auto status = _session.Start(_serial.get());
+        auto status = _session.Start(_serial.get(), [&callback] {
+            LOG_DEBUG(LOG_TAG, "Checking license");
+            callback.OnHint(EnrollStatus::LicenseCheck);
+        });
         if (status != PacketManager::SerialStatus::Ok)
         {
             LOG_ERROR(LOG_TAG, "Session start failed with status %d", static_cast<int>(status));
@@ -1269,15 +1258,18 @@ Status FaceAuthenticatorImpl::ExtractFaceprintsForEnroll(EnrollFaceprintsExtract
             }
 
             auto fa_status = fa_packet.GetStatusCode();
+            auto enroll_status = EnrollStatus(fa_status);
+            const char* log_enroll_status = Description(enroll_status);
 
             switch (msg_id)
             {
             case (PacketManager::MsgId::Reply):
-                return Status::Ok;
+                LOG_DEBUG(LOG_TAG, "Got Reply: %s", log_enroll_status);
+                return Status(fa_status);
 
             case (PacketManager::MsgId::Result):
 
-                if (EnrollStatus(fa_status) == EnrollStatus::Success)
+                if (enroll_status == EnrollStatus::Success)
                 {
                     LOG_DEBUG(LOG_TAG,
                               "Faceprints extraction succeeded on device, ready to receive faceprints in host ...");
@@ -1285,7 +1277,7 @@ Status FaceAuthenticatorImpl::ExtractFaceprintsForEnroll(EnrollFaceprintsExtract
                 }
                 else
                 {
-                    callback.OnResult(EnrollStatus(fa_status), nullptr);
+                    callback.OnResult(enroll_status, nullptr);
                 }
                 break;
 
@@ -1294,7 +1286,7 @@ Status FaceAuthenticatorImpl::ExtractFaceprintsForEnroll(EnrollFaceprintsExtract
                 break;
 
             case (PacketManager::MsgId::Hint):
-                callback.OnHint(EnrollStatus(fa_status));
+                callback.OnHint(enroll_status);
                 break;
 
             default:
@@ -1326,7 +1318,10 @@ Status FaceAuthenticatorImpl::ExtractFaceprintsForAuth(AuthFaceprintsExtractionC
 {
     try
     {
-        auto status = _session.Start(_serial.get());
+        auto status = _session.Start(_serial.get(), [&callback] {
+            LOG_DEBUG(LOG_TAG, "Checking license");
+            callback.OnHint(AuthenticateStatus::LicenseCheck);
+        });
         if (status != PacketManager::SerialStatus::Ok)
         {
             LOG_ERROR(LOG_TAG, "Session start failed with status %d", static_cast<int>(status));
@@ -1431,14 +1426,17 @@ Status FaceAuthenticatorImpl::ExtractFaceprintsForAuth(AuthFaceprintsExtractionC
             }
 
             auto fa_status = fa_packet.GetStatusCode();
+            auto auth_status = AuthenticateStatus(fa_status);
+            const char* log_auth_status = Description(auth_status);
 
             switch (msg_id)
             {
             case (PacketManager::MsgId::Reply):
-                return Status::Ok;
+                LOG_DEBUG(LOG_TAG, "Got Reply: %s", log_auth_status);
+                return Status(fa_status);
 
-            case (PacketManager::MsgId::Result): {
-                if (AuthenticateStatus(fa_status) == AuthenticateStatus::Success)
+            case (PacketManager::MsgId::Result):
+                if (auth_status == AuthenticateStatus::Success)
                 {
                     LOG_DEBUG(LOG_TAG,
                               "Faceprints extraction succeeded on device, ready to receive faceprints in host ...");
@@ -1446,12 +1444,11 @@ Status FaceAuthenticatorImpl::ExtractFaceprintsForAuth(AuthFaceprintsExtractionC
                     received_faceprints_in_host = false;
                 }
                 else
-                    callback.OnResult(AuthenticateStatus(fa_status), nullptr);
+                    callback.OnResult(auth_status, nullptr);
                 break;
-            }
 
             case (PacketManager::MsgId::Hint):
-                callback.OnHint(AuthenticateStatus(fa_status));
+                callback.OnHint(auth_status);
                 break;
 
             default:
@@ -1541,11 +1538,13 @@ Status FaceAuthenticatorImpl::ExtractFaceprintsForAuthLoop(AuthFaceprintsExtract
 }
 
 MatchResultHost FaceAuthenticatorImpl::MatchFaceprints(MatchElement& new_faceprints, Faceprints& existing_faceprints,
-                                                       Faceprints& updated_faceprints, ThresholdsConfidenceEnum matcher_confidence_level)
+                                                       Faceprints& updated_faceprints,
+                                                       ThresholdsConfidenceEnum matcher_confidence_level)
 {
     MatchResultHost finalResult;
 
-    auto result = Matcher::MatchFaceprints(new_faceprints, existing_faceprints, updated_faceprints, matcher_confidence_level);
+    auto result =
+        Matcher::MatchFaceprints(new_faceprints, existing_faceprints, updated_faceprints, matcher_confidence_level);
     finalResult.success = result.success;
     finalResult.should_update = result.should_update;
     finalResult.score = result.score;
@@ -1702,7 +1701,7 @@ Status FaceAuthenticatorImpl::SetUsersFaceprints(UserFaceprints_t* user_features
             }
             if (data_packet.header.id != PacketManager::MsgId::SetUserFeatures)
             {
-                LOG_ERROR(LOG_TAG, "Error updating/adding user to DB", (int)status);
+                LOG_ERROR(LOG_TAG, "Error updating/adding user to DB: %d", (int)status);
                 all_users_set = false;
                 continue;
             }
@@ -1720,8 +1719,7 @@ Status FaceAuthenticatorImpl::SetUsersFaceprints(UserFaceprints_t* user_features
             continue;
         }
     }
-
-    return (Standby() == Status::Ok && all_users_set) ? Status::Ok : Status::Error;
+    return all_users_set ? Status::Ok : Status::Error;
 }
 
 
diff --git a/src/FwUpdate/Cmds.cc b/src/FwUpdate/Cmds.cc
index 1cbfe98..34f5470 100644
--- a/src/FwUpdate/Cmds.cc
+++ b/src/FwUpdate/Cmds.cc
@@ -14,7 +14,7 @@ std::string dlver()
     return "\ndlver";
 }
 
-std::string dlspd(uint32_t spd)
+std::string dlspd(long spd)
 {
     std::ostringstream oss;
     oss << "\ndlspd " << spd;
diff --git a/src/FwUpdate/Cmds.h b/src/FwUpdate/Cmds.h
index 220868c..c940925 100644
--- a/src/FwUpdate/Cmds.h
+++ b/src/FwUpdate/Cmds.h
@@ -24,7 +24,7 @@ namespace Cmds
      *
      * returns a formatted dlspd command
      */
-    std::string dlspd(uint32_t spd);
+    std::string dlspd(long spd);
 
     /**
      * retrieves specific module extended information
@@ -87,6 +87,6 @@ namespace Cmds
      * returns a formatted dlnew command
      */
     std::string dlnew(const std::string& module_name, size_t size);
-};
+}
 } // namespace FwUpdate
-} // namespace RealSenseID
\ No newline at end of file
+} // namespace RealSenseID
diff --git a/src/FwUpdate/FwUpdateEngine.cc b/src/FwUpdate/FwUpdateEngine.cc
index e4b331b..aa40dab 100644
--- a/src/FwUpdate/FwUpdateEngine.cc
+++ b/src/FwUpdate/FwUpdateEngine.cc
@@ -20,7 +20,8 @@ namespace FwUpdate
 {
 static const char* LOG_TAG = "FwUpdater";
 
-static const std::set<std::string> AllowedModules {"OPFW", "NNLED", "NNLAS", "DNET", "RECOG", "YOLO", "AS2DLR"};
+static const char* DumpFilename = "fw-update.log";
+static const std::set<std::string> AllowedModules {"OPFW", "NNLED", "DNET", "RECOG", "YOLO", "AS2DLR", "NNLAS"};
 static const char* OPFW = "OPFW";
 
 struct FwUpdateEngine::ModuleVersionInfo
@@ -59,7 +60,7 @@ bool FwUpdateEngine::ParseDlVer(const char* input, const std::string& module_nam
     // regex to find line of the form: OPFW : [OPFW] [0.0.0.1] (active)
     // regex groups to match: module_name, module_name, version, state
     static const std::regex rgx {
-        R"((\w+) : \[(OPFW|NNLED|NNLAS|DNET|RECOG|YOLO|AS2DLR|SCRAP)\] \[([\d\.]+)\] \(([\w-]+)\))"};
+        R"((\w+) : \[(OPFW|NNLED|DNET|RECOG|YOLO|AS2DLR|SCRAP|NNLAS)\] \[([\d\.]+)\] \(([\w-]+)\))"};
     std::smatch match;
 
     // do regex on each line in the input and construct ModuleVersionInfo from it
@@ -193,7 +194,7 @@ std::vector<bool> FwUpdateEngine::GetBlockUpdateList(const ModuleInfo& module, b
         if (block_number >= module.blocks.size())
         {
             // if number of blocks is differnt from host return immediatly and update all blocks
-            LOG_DEBUG(LOG_TAG, "Block number(%zu) not found in host. Update all blocks", block_number);
+            LOG_DEBUG(LOG_TAG, "Block number(%u) not found in host. Update all blocks", block_number);
             std::fill(rv.begin(), rv.end(), true);
             break;
         }
@@ -203,7 +204,7 @@ std::vector<bool> FwUpdateEngine::GetBlockUpdateList(const ModuleInfo& module, b
         bool should_update = strcmp(state_str, "OK") != 0 || hdrCrc != fwCrc || hdrCrc != host_block_crc;
         rv[block_number] = should_update;
 
-        LOG_DEBUG(LOG_TAG, "Block #%zu: fw: %s 0x%08x 0x%08x, local: 0x%08x, %s", block_number, state_str, hdrCrc,
+        LOG_DEBUG(LOG_TAG, "Block #%u: fw: %s 0x%08x 0x%08x, local: 0x%08x, %s", block_number, state_str, hdrCrc,
                   fwCrc, host_block_crc, should_update ? "yes update" : "no update");
 
         cur_input = p + 9; // prepare to search next record (strchr(cur_input, '#'))
@@ -221,7 +222,10 @@ bool FwUpdateEngine::ParseDlResponse(const std::string& name, size_t blkNo, size
     bool ack = strstr(logBuf, str) != NULL;
 
     if (!ack)
+    {
         LOG_DEBUG(LOG_TAG, "cannot find %s", str);
+        LOG_DEBUG(LOG_TAG, "logbuf:\n%s", logBuf);
+    }
 
     _comm->ConsumeScanned();
     return ack;
@@ -305,7 +309,21 @@ void FwUpdateEngine::BurnModule(ProgressTick tick, const ModuleInfo& module, con
 
     // send dlinit - if we're starting a session, open it
     _comm->WriteCmd(Cmds::dlinit(module.name, module.version, module.size, is_first, module.crc, BlockSize));
+    
+    // check for err string which arrives shortly after the dlinit ack
     std::this_thread::sleep_for(std::chrono::milliseconds(50));
+    char* logBuf = _comm->GetScanPtr();
+    _comm->ConsumeScanned();
+    LOG_INFO(LOG_TAG, "*************** dlinit response ***************");
+    LOG_INFO(LOG_TAG, "%s", logBuf);        
+    LOG_INFO(LOG_TAG, "**************************************************");
+
+    if(strstr(logBuf, "err ") != nullptr) 
+    {
+        LOG_ERROR(LOG_TAG, "dlinit returned err. Closing session. Please retry");
+        _comm->WriteCmd(Cmds::dlact(true), false); // close session
+        throw std::runtime_error("DL init returned err");
+    }
 
     // send CRCs of all blocks to fw as binary array of [n x uin32_t] bytes (little endian)
     std::vector<uint32_t> blkCrc;
@@ -317,7 +335,7 @@ void FwUpdateEngine::BurnModule(ProgressTick tick, const ModuleInfo& module, con
     _comm->ConsumeScanned();
 
     LOG_DEBUG(LOG_TAG, "Starting module %s update", module.name.c_str());
-    for (auto i = 0; i < module.blocks.size(); ++i)
+    for (auto i = 0; i < static_cast<int>(module.blocks.size()); ++i)
     {
         bool should_update_block = block_update_list[i];
         if (!should_update_block)
@@ -434,8 +452,13 @@ void FwUpdateEngine::BurnModules(const Settings& settings, const ModuleVector& m
     for (const auto& module : modules)
         total_number_of_blocks += module.blocks.size();
 
+    if (total_number_of_blocks == 0)
+    {
+        LOG_ERROR(LOG_TAG, "total_number_of_blocks is zero");
+        return;
+    }
     // calculate the effect each block has on the overall progress
-    float progress_delta = 1.0f / total_number_of_blocks;
+    float progress_delta = 1.0f / static_cast<float>(total_number_of_blocks);
 
     float overall_progress = 0.0f;
     // wrap external progress callback with a "tick progress" lambda, called every time a block is sent.
@@ -456,11 +479,12 @@ void FwUpdateEngine::BurnModules(const Settings& settings, const ModuleVector& m
         _comm->WriteCmd(Cmds::dlver(), true);
         on_progress(0.0f);
         BurnSelectModules(modules, progress_tick, settings.force_full);
+        _comm->DumpSession(DumpFilename);        
         on_progress(1.0f);
     }
     catch (const std::exception&)
-    {
-        // close connection if exists and rethrow
+    {        
+        _comm->DumpSession(DumpFilename);                
         _comm.reset();
         throw;
     }
diff --git a/src/FwUpdate/FwUpdaterComm.cc b/src/FwUpdate/FwUpdaterComm.cc
index d2de3c3..bb5c33a 100644
--- a/src/FwUpdate/FwUpdaterComm.cc
+++ b/src/FwUpdate/FwUpdaterComm.cc
@@ -8,6 +8,7 @@
 #include <cassert>
 #include <cmath>
 #include <stdexcept>
+#include <fstream>
 
 #ifdef _WIN32
 #include "PacketManager/WindowsSerial.h"
@@ -29,7 +30,8 @@ static const char* LOG_TAG = "FwUpdater";
 
 FwUpdaterComm::FwUpdaterComm(const char* port_name)
 {
-    _read_buffer = new char[ReadBufferSize];
+    _read_buffer.reset(new char[ReadBufferSize]);
+    std::memset(_read_buffer.get(), 0, ReadBufferSize);
     PacketManager::SerialConfig serial_config;
     serial_config.port = port_name;
 
@@ -63,15 +65,7 @@ FwUpdaterComm::~FwUpdaterComm()
     }
     catch (...)
     {
-    }
-    
-    try
-    {        
-        delete (_read_buffer);
-    }
-    catch (...)
-    {
-    }
+    }        
 }
 
 void FwUpdaterComm::ReaderThreadLoop()
@@ -94,8 +88,11 @@ void FwUpdaterComm::ReaderThreadLoop()
         }
         if (status != PacketManager::SerialStatus::RecvTimeout)
         {
-            break; // fail reading from the serial
+            LOG_ERROR(LOG_TAG, "Error reading from serial in reader thread. Status=%d", status);
+            break; // fail reading from the serial            
         }
+        // Got timeout, sleep for a while before retrying
+        std::this_thread::sleep_for(std::chrono::milliseconds(30));
     }
 }
 
@@ -113,7 +110,7 @@ char* FwUpdaterComm::GetScanPtr() const
 
 char* FwUpdaterComm::ReadBuffer() const
 {
-    return _read_buffer;
+    return _read_buffer.get();
 }
 
 // wait until no more input (100 ms without any new bytes)
@@ -145,7 +142,7 @@ void FwUpdaterComm::WriteBinary(const char* buf, size_t n_bytes)
     LOG_DEBUG(LOG_TAG, "sending buffer in %zu chunks", n_chunks);
     for (size_t i = 0; i < n_chunks; ++i)
     {
-        LOG_TRACE(LOG_TAG, "sending chunk #%d", i);
+        LOG_TRACE(LOG_TAG, "sending chunk #%zu", i);
 
         // set chunk starting point and size to be sent
         auto chunk_start = &buf[i * max_chunk_size];
@@ -235,7 +232,20 @@ void FwUpdaterComm::StopReaderThread()
         LOG_DEBUG(LOG_TAG, "Stopping reader thread..");
         _reader_thread.join();
         LOG_DEBUG(LOG_TAG, "Reader thread stopped");
-    }    
+    }        
+}
+
+
+void FwUpdaterComm::DumpSession(const char* filename)
+{   
+    std::this_thread::sleep_for(std::chrono::milliseconds(100)); // give time for some commuincation before dumping
+    std::ofstream ofs(filename);
+    if (!ofs || !_read_buffer)
+    {
+        LOG_ERROR(LOG_TAG, "Failed creating dump file %s for session", filename);
+        return;
+    }        
+    ofs << _read_buffer.get();    
 }
 } // namespace FwUpdate
 } // namespace RealSenseID
diff --git a/src/FwUpdate/FwUpdaterComm.h b/src/FwUpdate/FwUpdaterComm.h
index 7dfc2eb..14acfc5 100644
--- a/src/FwUpdate/FwUpdaterComm.h
+++ b/src/FwUpdate/FwUpdaterComm.h
@@ -19,7 +19,7 @@ namespace FwUpdate
 class FwUpdaterComm
 {
 public:
-    static const size_t ReadBufferSize = 128 * 1024;
+    static const size_t ReadBufferSize = 128 * 1024;    
     explicit FwUpdaterComm(const char* port_name);
 #ifdef ANDROID
     FwUpdaterComm(const AndroidSerialConfig& config);
@@ -57,6 +57,9 @@ class FwUpdaterComm
     // Stop and join the reading thread. 
     // Needed to avoid errors while connection is about to be closed befor reboot device
     void StopReaderThread();
+
+    // Save communications from the FW to log file fw-update.log
+    void DumpSession(const char *filename);
     
 
 private:
@@ -65,7 +68,7 @@ class FwUpdaterComm
     std::atomic<bool> _should_stop_thread {false};
     std::atomic<size_t> _read_index {0};
     std::atomic<size_t> _scan_index {0};
-    char* _read_buffer;
+    std::unique_ptr<char[]> _read_buffer;    
     
     void ReaderThreadLoop();
 };
diff --git a/src/FwUpdate/Utilities.cc b/src/FwUpdate/Utilities.cc
index fcc525c..83d803b 100644
--- a/src/FwUpdate/Utilities.cc
+++ b/src/FwUpdate/Utilities.cc
@@ -181,7 +181,8 @@ ModuleVector ParseUfifToModules(const std::string& path, const uint32_t block_si
     ModuleVector result;
     for (const auto& entry : entries)
     {
-        DigestHeader hdr = {0};
+        DigestHeader hdr;
+        std::memset(&hdr, 0, sizeof(hdr));
         auto ofs = ifile.tellg();
         if (ofs == -1)
         {
diff --git a/src/FwUpdater.cc b/src/FwUpdater.cc
index 304face..089ec58 100644
--- a/src/FwUpdater.cc
+++ b/src/FwUpdater.cc
@@ -81,18 +81,65 @@ bool FwUpdater::ExtractFwInformation(const char* binPath, std::string& outFwVers
     }
 }
 
-bool FwUpdater::IsEncryptionSupported(const char* binPath, const std::string& deviceSerialNumber) const
-{
-    uint8_t otpEncryptionVersion = RealSenseID::FwUpdate::ParseUfifToOtpEncryption(binPath);
-    uint8_t expected_version = 0;
-    const std::regex ver1_option1("12[02]\\d6228\\d{4}.*");
-    const std::regex ver1_option2("\\d{4}6229\\d{4}.*");
-    const std::regex ver1_option3("\\d{4}62[3-9]\\d{5}.*"); 
-    if (std::regex_match(deviceSerialNumber, ver1_option1) ||
-            std::regex_match(deviceSerialNumber, ver1_option2) ||
-            std::regex_match(deviceSerialNumber, ver1_option3))
-        expected_version = 1;
-    return expected_version == otpEncryptionVersion;
+bool FwUpdater::IsSkuCompatible(const Settings& settings, const char* binPath, int& expectedSkuVer,
+                                int& deviceSkuVer) const
+{    
+    expectedSkuVer = -1;
+    deviceSkuVer = -1;    
+    try
+    {
+        uint8_t binOtpEncVer = RealSenseID::FwUpdate::ParseUfifToOtpEncryption(binPath);
+        expectedSkuVer = static_cast<int>(binOtpEncVer) + 1;
+        uint8_t deviceOtpEncVer = 0;
+        RealSenseID::DeviceController device_controller;
+        Status s = device_controller.Connect(SerialConfig({settings.port}));
+        if (s != Status::Ok)
+        {
+            throw std::runtime_error("Failed to connect to device");
+        }
+        s = device_controller.QueryOtpVersion(deviceOtpEncVer);
+        if (s == Status::Ok)
+        {
+            deviceSkuVer = (deviceOtpEncVer - '0') + 1;            
+            LOG_INFO(LOG_TAG, "QueryOtpVersion: SKU %d", deviceSkuVer);
+        }
+        else
+        {
+            // older fw versions do not support querying otp version. Use serial number to decide
+            LOG_INFO(LOG_TAG, "Device does not support QueryOtpVersion. Quering SN");
+            std::string sn;
+            if (device_controller.QuerySerialNumber(sn) != Status::Ok)
+            {
+                LOG_INFO(LOG_TAG, "Failed getting serial number. Assuming SKU compatible");
+                return true;
+            }
+            /*
+             * Examples of SKU2
+             * 120X6228XXXXXXXXXXXXXXXX-XXX
+             * 122X6228XXXXXXXXXXXXXXXX-XXX
+             * XXXX6229XXXXXXXXXXXXXXXX-XXX
+            */
+            const std::regex reg1("12[02]\\d6228\\d{4}.*");
+            const std::regex reg2("\\d{4}6229\\d{4}.*");
+            const std::regex reg3("\\d{4}62[3-9]\\d{5}.*");
+            if (std::regex_match(sn, reg1) ||
+                std::regex_match(sn, reg2) ||
+                std::regex_match(sn, reg3))
+                deviceSkuVer = 2;
+            else
+                deviceSkuVer = 1;
+
+            LOG_INFO(LOG_TAG, "SN to SKU: %s -> SKU %d", sn.c_str(), deviceSkuVer);
+            
+        }        
+        
+        return expectedSkuVer == deviceSkuVer;
+    }
+    catch (const std::exception& ex)
+    {
+        LOG_EXCEPTION(LOG_TAG, ex);
+        return false;
+    }
 }
 
 Status FwUpdater::UpdateModules(EventHandler* handler, Settings settings, const char* binPath,
@@ -135,9 +182,9 @@ Status FwUpdater::UpdateModules(EventHandler* handler, Settings settings, const
                     }
                     return true;
                 }), modules.end());
-        PacketManager::Timer timer;
+        PacketManager::Timer timer;        
         update_engine.BurnModules(internal_settings, modules, callback_wrapper);
-        auto elapsed_seconds = timer.Elapsed() / 1000;
+        auto elapsed_seconds = timer.Elapsed().count() / 1000;
         LOG_INFO(LOG_TAG, "Firmware update success (duration %lldm:%llds)", elapsed_seconds / 60, elapsed_seconds % 60);
         return Status::Ok;
     }
diff --git a/src/LicenseChecker/CMakeLists.txt b/src/LicenseChecker/CMakeLists.txt
new file mode 100644
index 0000000..8910d9d
--- /dev/null
+++ b/src/LicenseChecker/CMakeLists.txt
@@ -0,0 +1,69 @@
+set(RSID_LICENSE_CHECKER "rsid-license-checker")
+
+set(SRC_DIR ${CMAKE_CURRENT_SOURCE_DIR})
+
+set(LICENSE_LIB_HEADERS
+        "${SRC_DIR}/LicenseChecker.h"
+        "${SRC_DIR}/LicenseData.h"
+        "${SRC_DIR}/LicenseUtils.h"
+        "${SRC_DIR}/LicenseUtilsImpl/ILicenseUtils.h"
+        "${SRC_DIR}/LicenseCheckerImpl/ILicenseCheckerImpl.h"
+        "${SRC_DIR}/LicenseCheckerImpl/LicenseCheckerImpl.h"
+        "${SRC_DIR}/../Logger/Logger.h"
+        )
+set(LICENSE_LIB_SOURCES
+        "${SRC_DIR}/LicenseChecker.cc"
+        "${SRC_DIR}/LicenseUtils.cc"
+        "${SRC_DIR}/LicenseCheckerImpl/LicenseCheckerImpl.cc"
+        "${SRC_DIR}/../Logger/Logger.cc"
+)
+
+if (RSID_MOCK_LICENSE)
+    set(PRIVATE_SRC_DIR ${CMAKE_SOURCE_DIR}/../HostPrivate/src/)
+    list(APPEND LICENSE_LIB_HEADERS "${PRIVATE_SRC_DIR}/LicenseChecker/LicenseCheckerImpl/LicenseCheckerMockImpl.h")
+    list(APPEND LICENSE_LIB_SOURCES "${PRIVATE_SRC_DIR}/LicenseChecker/LicenseCheckerImpl/LicenseCheckerMockImpl.cc")
+    list(APPEND LICENSE_EXTRA_LIBS  mbedtls::mbedtls)
+    list(APPEND LICENSE_EXTRA_INCLUDES "${PRIVATE_SRC_DIR}/LicenseChecker/")
+    list(APPEND LICENSE_EXTRA_INCLUDES "${PRIVATE_SRC_DIR}/LicenseChecker/" "${SRC_DIR}/LicenseCheckerImpl")
+endif()
+
+
+# Platform specific implementation
+if(${CMAKE_SYSTEM_NAME} STREQUAL "Android")
+    list(APPEND LICENSE_LIB_HEADERS "${SRC_DIR}/LicenseUtilsImpl/LicenseUtils_android.h")
+    list(APPEND LICENSE_LIB_SOURCES "${SRC_DIR}/LicenseUtilsImpl/LicenseUtils_android.cc")
+else()
+    if(MSVC)
+        list(APPEND LICENSE_LIB_HEADERS "${SRC_DIR}/LicenseUtilsImpl/LicenseUtils_win.h")
+        list(APPEND LICENSE_LIB_SOURCES "${SRC_DIR}/LicenseUtilsImpl/LicenseUtils_win.cc")
+        list(APPEND LICENSE_EXTRA_LIBS  winreg::headeronly)
+    else()
+        list(APPEND LICENSE_LIB_HEADERS "${SRC_DIR}/LicenseUtilsImpl/LicenseUtils_nix.h")
+        list(APPEND LICENSE_LIB_SOURCES "${SRC_DIR}/LicenseUtilsImpl/LicenseUtils_nix.cc")
+    endif()
+endif()
+
+add_library(${RSID_LICENSE_CHECKER} STATIC ${LICENSE_LIB_HEADERS} ${LICENSE_LIB_SOURCES})
+
+set_target_properties(${RSID_LICENSE_CHECKER} PROPERTIES
+        CXX_STANDARD 17
+        CXX_EXTENSIONS OFF
+        )
+
+target_include_directories(${RSID_LICENSE_CHECKER} PRIVATE
+        ${SRC_DIR}
+        $<TARGET_PROPERTY:restclient-cpp,INCLUDE_DIRECTORIES>
+        ${LICENSE_EXTRA_INCLUDES}
+)
+
+target_link_libraries(${RSID_LICENSE_CHECKER}
+        PRIVATE
+        spdlog::spdlog
+        Threads::Threads
+        nlohmann_json::nlohmann_json
+        mvorbrodt_base64::headeronly
+        restclient-cpp
+        ${LICENSE_EXTRA_LIBS}
+        )
+		
+set_common_compile_opts(${RSID_LICENSE_CHECKER})
diff --git a/src/LicenseChecker/LicenseChecker.cc b/src/LicenseChecker/LicenseChecker.cc
new file mode 100644
index 0000000..d0826b9
--- /dev/null
+++ b/src/LicenseChecker/LicenseChecker.cc
@@ -0,0 +1,50 @@
+// License: Apache 2.0. See LICENSE file in root directory.
+// Copyright(c) 2020-2021 Intel Corporation. All Rights Reserved.
+
+#include "LicenseChecker.h"
+
+// TODO: Figure out a way to share those defines between host/secure/non-secure/device
+#define AES_CTR_IV_SIZE_BYTES          16
+#define LICENSE_SESSION_TOKEN_SIZE     16
+#define SERIAL_NUMBER_SIZE             28
+
+#ifdef RSID_MOCK_LICENSE
+#  include <LicenseCheckerImpl/LicenseCheckerMockImpl.h>
+#else
+#  include "LicenseCheckerImpl/LicenseCheckerImpl.h"
+#endif
+
+namespace RealSenseID
+{
+
+LicenseChecker::LicenseChecker()
+{
+#ifdef RSID_MOCK_LICENSE
+    licenseCheckerImpl = std::make_unique<LicenseCheckerMockImpl>();
+#else
+    licenseCheckerImpl = std::make_unique<LicenseCheckerImpl>();
+#endif
+}
+
+LicenseCheckStatus LicenseChecker::CheckLicense(const std::vector<unsigned char>& iv,
+                                                const std::vector<unsigned char>& enc_session_token,
+                                                const std::vector<unsigned char>& serial_number,
+                                                unsigned char* payload, int& license_type)
+{
+    return licenseCheckerImpl->CheckLicense(iv, enc_session_token, serial_number, payload, license_type);
+}
+
+LicenseCheckStatus LicenseChecker::CheckLicense(const unsigned char* data, unsigned char* payload, int& license_type) {
+    std::vector<unsigned char> iv(data,
+                                  data + AES_CTR_IV_SIZE_BYTES);
+    std::vector<unsigned char> enc_session_token(data + AES_CTR_IV_SIZE_BYTES,
+                                                 data + AES_CTR_IV_SIZE_BYTES + LICENSE_SESSION_TOKEN_SIZE);
+    std::vector<unsigned char> serial_number(data + AES_CTR_IV_SIZE_BYTES + LICENSE_SESSION_TOKEN_SIZE,
+                                             data + AES_CTR_IV_SIZE_BYTES + LICENSE_SESSION_TOKEN_SIZE+ SERIAL_NUMBER_SIZE);
+
+    // payload: | iv[16] | enc_data[64] (key: shared_key)
+    // data: | license_type[1] | session_token[16] | serial_number[28]
+    return CheckLicense(iv, enc_session_token, serial_number, payload, license_type);
+}
+
+}
\ No newline at end of file
diff --git a/src/LicenseChecker/LicenseChecker.h b/src/LicenseChecker/LicenseChecker.h
new file mode 100644
index 0000000..2a43bfa
--- /dev/null
+++ b/src/LicenseChecker/LicenseChecker.h
@@ -0,0 +1,50 @@
+// License: Apache 2.0. See LICENSE file in root directory.
+// Copyright(c) 2020-2021 Intel Corporation. All Rights Reserved.
+
+#pragma once
+
+#include <fstream>
+#include <memory>
+#include <stdexcept>
+#include <future>
+#include "LicenseUtils.h"
+#include "LicenseCheckerImpl/ILicenseCheckerImpl.h"
+
+#ifndef LICENSE_SIGNATURE_SIZE
+    #define LICENSE_VERIFICATION_RES_SIZE 64
+    #define LICENSE_SIGNATURE_SIZE        384
+#endif // !LICENSE_SIGNATURE_SIZE
+
+
+namespace RealSenseID
+{
+
+enum LicenseType
+{
+    NO_FEATURES = 0,
+    ANTI_SPOOF_SUBSCRIPTION = 1,
+    FACIAL_AUTH_SUBSCRIPTION = 2,
+    ANTI_SPOOF_RENEWAL = 3,
+    FACIAL_AUTH_RENEWAL = 4,
+    ANTI_SPOOF_PERPETUAL = 5,
+    FACIAL_AUTH_PERPETUAL = 6,
+};
+
+class LicenseChecker final : public Singleton<LicenseChecker>
+{
+public:
+    LicenseChecker();
+    LicenseCheckStatus CheckLicense(const unsigned char* data, unsigned char* payload, int& license_type);
+
+    LicenseCheckStatus CheckLicense(const std::vector<unsigned char>& iv,
+                                    const std::vector<unsigned char>& enc_session_token,
+                                    const std::vector<unsigned char>& serial_number, unsigned char* payload,
+                                    int& license_type);
+
+private:
+    std::unique_ptr<ILicenseCheckerImpl> licenseCheckerImpl;
+
+    friend Singleton;
+};
+
+} // namespace RealSenseID
diff --git a/src/LicenseChecker/LicenseCheckerImpl/ILicenseCheckerImpl.h b/src/LicenseChecker/LicenseCheckerImpl/ILicenseCheckerImpl.h
new file mode 100644
index 0000000..c7f3c9b
--- /dev/null
+++ b/src/LicenseChecker/LicenseCheckerImpl/ILicenseCheckerImpl.h
@@ -0,0 +1,30 @@
+// License: Apache 2.0. See LICENSE file in root directory.
+// Copyright(c) 2020-2021 Intel Corporation. All Rights Reserved.
+
+#pragma once
+#include <string>
+#include <utility>
+#include "../PacketManager/CommonTypes.h"
+
+
+namespace RealSenseID
+{
+
+enum class LicenseCheckStatus {
+    SUCCESS = 100,               /**< Operation succeeded */
+    NetworkError,                /**< Network error */
+    Error,                       /**< General error */
+};
+
+
+class ILicenseCheckerImpl
+{
+public:
+    virtual ~ILicenseCheckerImpl() = default;
+    virtual LicenseCheckStatus CheckLicense(const std::vector<unsigned char>& iv,
+                                            const std::vector<unsigned char>& enc_session_token,
+                                            const std::vector<unsigned char>& serial_number,
+                                            unsigned char* payload, int& license_type) = 0;
+};
+
+}
\ No newline at end of file
diff --git a/src/LicenseChecker/LicenseCheckerImpl/LicenseCheckerImpl.cc b/src/LicenseChecker/LicenseCheckerImpl/LicenseCheckerImpl.cc
new file mode 100644
index 0000000..75d8a5b
--- /dev/null
+++ b/src/LicenseChecker/LicenseCheckerImpl/LicenseCheckerImpl.cc
@@ -0,0 +1,190 @@
+// License: Apache 2.0. See LICENSE file in root directory.
+// Copyright(c) 2020-2021 Intel Corporation. All Rights Reserved.
+
+#include <iostream>
+#include <sstream>
+#include <cassert>
+#include <nlohmann/json.hpp>
+#include <restclient-cpp/restclient.h>
+#include <restclient-cpp/connection.h>
+#include <curl/curl.h>
+#include "LicenseChecker.h"
+#include "LicenseCheckerImpl.h"
+#include "LicenseUtils.h"
+#include "LicenseData.h"
+#include "../../Logger/Logger.h"
+
+
+static const char* LOG_TAG = "LicenseCheckerImpl";
+
+// Json Serialize/Deserialize LicenseInfoResponse
+using json = NLOHMANN_JSON_NAMESPACE::json;
+using namespace NLOHMANN_JSON_NAMESPACE::literals;
+
+namespace RealSenseID
+{
+
+NLOHMANN_DEFINE_TYPE_NON_INTRUSIVE(LicenseInfoResponse, license_type, payload)
+
+namespace {
+std::tuple<bool, std::string> GetRequestIdHeader(const RestClient::Response& response) {
+    const std::string rid = "x-request-id";
+    for (const auto& header: response.headers) {
+        if (header.first.size() == rid.size()) {
+            std::string header_lower(header.first);
+            std::transform(header_lower.begin(), header_lower.end(), header_lower.begin(), ::tolower);
+            if (header_lower == rid)
+            {
+                return std::make_tuple(true, header.second);
+            }
+        }
+    }
+    return std::make_tuple(false, std::string());
+}
+
+std::string url_encode(const std::string& decoded)
+{
+    const auto encoded_value = curl_easy_escape(nullptr, decoded.c_str(), static_cast<int>(decoded.length()));
+    std::string result(encoded_value);
+    curl_free(encoded_value);
+    return result;
+}
+
+}
+
+LicenseCheckStatus LicenseCheckerImpl::CheckLicense(const std::vector<unsigned char>& iv,
+                                                    const std::vector<unsigned char>& enc_session_token,
+                                                    const std::vector<unsigned char>& serial_number,
+                                                    unsigned char* payload, int& license_type)
+{        
+    // Read license from storage
+    std::string license_key;
+    auto status = LicenseUtils::GetInstance().GetLicenseKey(license_key);
+    if (!status.IsOk()) {
+        LOG_ERROR(LOG_TAG, "Failed to read license key. Cannot proceed with license verification.");
+        return LicenseCheckStatus::Error;
+    }
+
+    // Prepare encrypted session bundle
+    // init with iv first
+    std::vector<unsigned char> encrypted_session_bundle(iv);
+    // append encrypted session token
+    encrypted_session_bundle.insert(encrypted_session_bundle.end(), enc_session_token.begin(), enc_session_token.end());
+    // encode for safe json
+    const auto encoded = LicenseUtils::GetInstance().Base64Encode(encrypted_session_bundle);
+
+    // Read serial number
+    std::stringstream serial_stream;
+    for (auto it :serial_number) {
+        if (it == '\0') {   // If serial number is less than SERIAL_NUMBER_SIZE, don't send nulls to server
+            break;
+        }
+        serial_stream << it;
+    }
+
+    std::stringstream url;
+    url << LicenseUtils::GetInstance().GetLicenseEndpointUrl() << "?";
+    url << "license_key" << "=" << url_encode(license_key) << "&";
+    url << "serial_number" << "=" << url_encode(serial_stream.str()) << "&";
+    url << "encrypted_session_token" << "=" << url_encode(encoded);
+
+    // Send request
+    RestClient::Response response;
+    try {
+        // create connection
+        auto conn = std::make_unique<RestClient::Connection>("");
+
+        // set headers
+        RestClient::HeaderFields headers;
+        headers["Accept"] = "application/json";
+        conn->SetHeaders(headers);
+
+        // set timeout
+        conn->SetTimeout(10);
+        conn->FollowRedirects(true, 1);
+
+        // send request
+        LOG_INFO(LOG_TAG, "GET license request to %s", url.str().c_str());
+        response = conn->get(url.str());
+        LOG_INFO(LOG_TAG, "HTTP response code %d ", response.code);
+    } catch (const std::exception& ex) {
+        LOG_ERROR(LOG_TAG, "Error while sending license request. Exception: %s", ex.what());
+        return LicenseCheckStatus::Error;
+    };
+
+    bool request_id_found;
+    std::string request_id;
+    std::tie(request_id_found, request_id) = GetRequestIdHeader(response);
+
+    if (request_id_found)
+    {
+        LOG_DEBUG(LOG_TAG, "License x-request-id: %s", request_id.c_str());
+    }
+    else
+    {
+        LOG_DEBUG(LOG_TAG, "License x-request-id: not found.");
+    }
+
+    if (response.code == -1) {
+        LOG_ERROR(LOG_TAG, "Network issues");
+        return LicenseCheckStatus::NetworkError;
+    } else if (response.code == 28) {
+        LOG_ERROR(LOG_TAG, "Network/gateway timeout.");
+        return LicenseCheckStatus::NetworkError;
+    } else if (response.code != 200) {        
+        LOG_ERROR(LOG_TAG, "Response code %d", response.code);
+        return LicenseCheckStatus::Error;
+    }    
+    std::vector<unsigned char> decoded_payload;
+    // decoded_payload.size() == 429 ?
+    size_t max_payload_size = LICENSE_VERIFICATION_RES_SIZE + LICENSE_SIGNATURE_SIZE;
+    try
+    {
+        json j = json::parse(response.body);
+        auto license_info = j.template get<LicenseInfoResponse>();
+        decoded_payload = LicenseUtils::GetInstance().Base64Decode(license_info.payload);
+
+        // Verify max size before filling thhe response buffer        
+        if (decoded_payload.size() > max_payload_size)
+        {
+            LOG_ERROR(LOG_TAG, "Got invalid size %zu. Expected: %zu", decoded_payload.size(), max_payload_size);
+            return LicenseCheckStatus::Error;
+        }
+
+        license_type = license_info.license_type;
+        LOG_DEBUG(LOG_TAG, "License type: %d", license_info.license_type);
+        switch (license_info.license_type)
+        {
+        case LicenseType::NO_FEATURES:
+            LOG_WARNING(LOG_TAG, "License does not allow Facial Auth or Anti-spoof functionality.");
+            break;
+        case LicenseType::FACIAL_AUTH_SUBSCRIPTION:
+        case LicenseType::FACIAL_AUTH_RENEWAL:
+            LOG_INFO(LOG_TAG, "Subscription status: Facial Auth only.");
+            break;
+        case LicenseType::FACIAL_AUTH_PERPETUAL:
+            LOG_INFO(LOG_TAG, "Perpetual status: Facial Auth only.");
+            break;
+        case LicenseType::ANTI_SPOOF_SUBSCRIPTION:
+        case LicenseType::ANTI_SPOOF_RENEWAL:
+            LOG_INFO(LOG_TAG, "Subscription status: Facial Auth and Anti-spoof functionality");
+            break;
+        case LicenseType::ANTI_SPOOF_PERPETUAL:
+            LOG_INFO(LOG_TAG, "Perpetual status: Facial Auth and Anti-spoof.");
+            break;
+        default:
+            LOG_ERROR(LOG_TAG, "Unknown license type.");
+            break;
+        }
+        DEBUG_SERIAL(LOG_TAG, "License payload", encrypted_session_bundle.data(), encrypted_session_bundle.size());        
+    } catch (const std::exception& ex) {
+        LOG_ERROR(LOG_TAG, "Error while parsing license response. Exception: %s", ex.what());
+        return LicenseCheckStatus::Error;
+    }
+    
+    assert(decoded_payload.size() <= max_payload_size);
+    std::memcpy(payload, decoded_payload.data(), decoded_payload.size());
+    return LicenseCheckStatus::SUCCESS;
+}
+
+} // namespace RealSenseID
diff --git a/src/LicenseChecker/LicenseCheckerImpl/LicenseCheckerImpl.h b/src/LicenseChecker/LicenseCheckerImpl/LicenseCheckerImpl.h
new file mode 100644
index 0000000..0ebc9f4
--- /dev/null
+++ b/src/LicenseChecker/LicenseCheckerImpl/LicenseCheckerImpl.h
@@ -0,0 +1,22 @@
+// License: Apache 2.0. See LICENSE file in root directory.
+// Copyright(c) 2020-2021 Intel Corporation. All Rights Reserved.
+
+#pragma once
+
+#include <mutex>
+#include <vector>
+#include "ILicenseCheckerImpl.h"
+
+namespace RealSenseID
+{
+
+class LicenseCheckerImpl : public ILicenseCheckerImpl
+{
+public:
+    LicenseCheckStatus CheckLicense(const std::vector<unsigned char>& iv,
+                                    const std::vector<unsigned char>& enc_session_token,
+                                    const std::vector<unsigned char>& serial_number,
+                                    unsigned char* payload, int& license_type) override;
+};
+
+} // namespace RealSenseID
diff --git a/src/LicenseChecker/LicenseData.h b/src/LicenseChecker/LicenseData.h
new file mode 100644
index 0000000..810e655
--- /dev/null
+++ b/src/LicenseChecker/LicenseData.h
@@ -0,0 +1,16 @@
+// License: Apache 2.0. See LICENSE file in root directory.
+// Copyright(c) 2020-2021 Intel Corporation. All Rights Reserved.
+
+#pragma once
+
+
+#include <string>
+
+namespace RealSenseID
+{
+
+struct LicenseInfoResponse{
+    int license_type;
+    std::string payload;
+};
+}
diff --git a/src/LicenseChecker/LicenseUtils.cc b/src/LicenseChecker/LicenseUtils.cc
new file mode 100644
index 0000000..b862cc1
--- /dev/null
+++ b/src/LicenseChecker/LicenseUtils.cc
@@ -0,0 +1,51 @@
+// License: Apache 2.0. See LICENSE file in root directory.
+// Copyright(c) 2020-2021 Intel Corporation. All Rights Reserved.
+
+#include <vector>
+#include "LicenseUtils.h"
+#include "base64.hpp"
+#if defined(_WIN32) || defined(_WIN64)
+#   include "LicenseUtilsImpl/LicenseUtils_win.h"
+#elif defined(ANDROID)
+#   include "LicenseUtilsImpl/LicenseUtils_android.h"
+#else
+#   include "LicenseUtilsImpl/LicenseUtils_nix.h"
+#endif
+
+namespace RealSenseID
+{
+
+LicenseUtils::LicenseUtils()
+{
+#if defined(_WIN32) || defined(_WIN64)
+    licenseManagerImpl = std::make_unique<LicenseUtils_win>();
+#elif defined(ANDROID)
+    licenseManagerImpl = std::make_unique<LicenseUtils_android>();
+#else // Unix/Linux
+    licenseManagerImpl = std::make_unique<LicenseUtils_nix>();
+#endif
+}
+
+LicenseResult LicenseUtils::GetLicenseKey(std::string& license_key)
+{
+    return licenseManagerImpl->GetLicenseKey(license_key);
+}
+
+std::string LicenseUtils::GetLicenseEndpointUrl() {
+    return licenseManagerImpl->GetLicenseEndpointUrl();
+}
+
+LicenseResult LicenseUtils::SetLicenseKey(const std::string& license_key, bool persist)
+{
+    return licenseManagerImpl->SetLicenseKey(license_key, persist);
+}
+
+std::string LicenseUtils::Base64Encode(const std::vector<unsigned char>& vec) {
+    return base64::encode(vec);
+}
+
+std::vector<unsigned char> LicenseUtils::Base64Decode(const std::string& str) {
+    return base64::decode(str);
+}
+
+}
diff --git a/src/LicenseChecker/LicenseUtils.h b/src/LicenseChecker/LicenseUtils.h
new file mode 100644
index 0000000..b864f05
--- /dev/null
+++ b/src/LicenseChecker/LicenseUtils.h
@@ -0,0 +1,74 @@
+// License: Apache 2.0. See LICENSE file in root directory.
+// Copyright(c) 2020-2021 Intel Corporation. All Rights Reserved.
+
+#pragma once
+
+#include <memory>
+#include <vector>
+#include "LicenseUtilsImpl/ILicenseUtils.h"
+
+namespace RealSenseID
+{
+
+template <typename T>
+class Singleton {
+public:
+    static T& GetInstance();
+
+    Singleton(const Singleton&) = delete;
+    Singleton& operator=(const Singleton) = delete;
+
+protected:
+    Singleton() = default;
+};
+
+template <typename T>
+T& Singleton<T>::GetInstance() {
+    static const std::unique_ptr<T> instance(new T());
+    return *instance;
+}
+
+
+class LicenseUtils final : ILicenseUtils, public Singleton<LicenseUtils>
+{
+public:
+    LicenseUtils();
+
+    /**
+     * @brief GetLicenseKey Returns license server endpoint URL
+     * @param license_key The license key is stored here upon success
+     *                    nullptr on failure.
+     *                    If SetLicenseKey has been called, the value set in it will be returned until SetLicenseKey
+     *                    is called with empty string. Otherwise, the value will be read from storage.
+     * @return LicenseResult
+    **/
+    LicenseResult GetLicenseKey(std::string& license_key) override;
+
+    /**
+     * @brief SetLicenseKey: Sets license key to override the persisted (saved) license key. This is useful on platforms
+     *                       such as Android where the license key would be stored in the kotlin/java app.
+     * @param license_key The license key you want to set.
+     *                    Send empty string to undo and make GetLicenseKey read from persisted value.
+     * @param persist Save the license key (for platforms that support it).
+     * @return LicenseResult
+    **/
+    LicenseResult SetLicenseKey(const std::string& license_key, bool persist) override;
+
+    /**
+     * @brief GetLicenseEndpointUrl Returns license server endpoint URL
+     * @return endpoint URL
+    **/
+    std::string GetLicenseEndpointUrl() override;
+
+
+    std::string Base64Encode(const std::vector<unsigned char>& vec);
+    std::vector<unsigned char> Base64Decode(const std::string& str);
+
+private:
+    std::unique_ptr<ILicenseUtils> licenseManagerImpl;
+
+};
+
+}
+
+
diff --git a/src/LicenseChecker/LicenseUtilsImpl/ILicenseUtils.h b/src/LicenseChecker/LicenseUtilsImpl/ILicenseUtils.h
new file mode 100644
index 0000000..9eab540
--- /dev/null
+++ b/src/LicenseChecker/LicenseUtilsImpl/ILicenseUtils.h
@@ -0,0 +1,41 @@
+// License: Apache 2.0. See LICENSE file in root directory.
+// Copyright(c) 2020-2021 Intel Corporation. All Rights Reserved.
+
+#pragma once
+
+#include <string>
+#include <utility>
+
+namespace RealSenseID
+{
+
+static const std::string DEFAULT_LICENSE_SERVER_URL = "https://visionplatform.intelrealsense.com/v2/f450/license-status";
+
+class LicenseResult
+{
+public:
+    enum class Status {
+        Ok = 100,               /**< Operation succeeded */
+        Error,                  /**< General error */
+    } status;
+
+    LicenseResult() = delete;
+    ~LicenseResult() = default;
+
+    inline LicenseResult(Status status, std::string  message) : status(status), message(std::move(message)) { };
+    [[nodiscard]] inline std::string GetMessage() const { return message; };
+    [[nodiscard]] inline bool IsOk() const { return status == Status::Ok; };
+private:
+    std::string message;
+};
+
+class ILicenseUtils
+{
+public:
+    virtual ~ILicenseUtils() = default;
+    virtual LicenseResult GetLicenseKey(std::string& license_key) = 0;
+    virtual LicenseResult SetLicenseKey(const std::string& license_key, bool persist) = 0;
+    virtual std::string GetLicenseEndpointUrl() = 0;
+};
+
+}
\ No newline at end of file
diff --git a/src/LicenseChecker/LicenseUtilsImpl/LicenseUtils_android.cc b/src/LicenseChecker/LicenseUtilsImpl/LicenseUtils_android.cc
new file mode 100644
index 0000000..e8b1d97
--- /dev/null
+++ b/src/LicenseChecker/LicenseUtilsImpl/LicenseUtils_android.cc
@@ -0,0 +1,36 @@
+// License: Apache 2.0. See LICENSE file in root directory.
+// Copyright(c) 2020-2021 Intel Corporation. All Rights Reserved.
+
+#include "LicenseUtils_android.h"
+#include <stdexcept>
+
+
+namespace RealSenseID
+{
+
+LicenseResult LicenseUtils_android::GetLicenseKey(std::string& license_key)
+{
+    if (!_temp_license_key.empty()) {
+        license_key = _temp_license_key;
+        return {LicenseResult::Status::Ok, "Success"};
+    } else
+    {
+        return {LicenseResult::Status::Error, "License key was not set using SetLicenseKey"};
+    }
+}
+
+std::string LicenseUtils_android::GetLicenseEndpointUrl() {
+    return DEFAULT_LICENSE_SERVER_URL;
+}
+
+LicenseResult LicenseUtils_android::SetLicenseKey(const std::string& license_key, bool persist)
+{
+    if (persist) {
+        return {LicenseResult::Status::Error, "Persisting the key is not available for Android"};
+    } else {
+        _temp_license_key = license_key;
+        return {LicenseResult::Status::Ok, "Success"};
+    }
+}
+
+}
diff --git a/src/LicenseChecker/LicenseUtilsImpl/LicenseUtils_android.h b/src/LicenseChecker/LicenseUtilsImpl/LicenseUtils_android.h
new file mode 100644
index 0000000..5881d81
--- /dev/null
+++ b/src/LicenseChecker/LicenseUtilsImpl/LicenseUtils_android.h
@@ -0,0 +1,20 @@
+// License: Apache 2.0. See LICENSE file in root directory.
+// Copyright(c) 2020-2021 Intel Corporation. All Rights Reserved.
+
+#pragma once
+#include "ILicenseUtils.h"
+
+namespace RealSenseID
+{
+
+class LicenseUtils_android final : public ILicenseUtils
+{
+public:
+    LicenseResult GetLicenseKey(std::string& license_key) override;
+    LicenseResult SetLicenseKey(const std::string& license_key, bool persist) override;
+    std::string GetLicenseEndpointUrl() override;
+private:
+    std::string _temp_license_key;
+};
+
+}
\ No newline at end of file
diff --git a/src/LicenseChecker/LicenseUtilsImpl/LicenseUtils_nix.cc b/src/LicenseChecker/LicenseUtilsImpl/LicenseUtils_nix.cc
new file mode 100644
index 0000000..fc342b1
--- /dev/null
+++ b/src/LicenseChecker/LicenseUtilsImpl/LicenseUtils_nix.cc
@@ -0,0 +1,108 @@
+// License: Apache 2.0. See LICENSE file in root directory.
+// Copyright(c) 2020-2021 Intel Corporation. All Rights Reserved.
+
+#include "LicenseUtils_nix.h"
+#include "../../Logger/Logger.h"
+#include <unistd.h>
+#include <sys/types.h>
+#include <stdexcept>
+#include <iostream>
+#include <fstream>
+#include <nlohmann/json.hpp>
+
+using json = NLOHMANN_JSON_NAMESPACE::json;
+using namespace NLOHMANN_JSON_NAMESPACE::literals;
+
+static const char* LOG_TAG = "LicenseUtils";
+
+namespace RealSenseID
+{
+
+const auto LICENSE_KEY_PATH_USER = ".intel/visionplatform/license.json";     // ~/.intel/visionplatform/license.json
+const auto LICENSE_KEY_PATH_SYSTEM = "/etc/intel/visionplatform/license.json";
+
+struct JsonLicenseFile{
+    std::string license_key;
+};
+NLOHMANN_DEFINE_TYPE_NON_INTRUSIVE(JsonLicenseFile, license_key)
+
+inline bool file_exists (const std::string& name) {
+    return ( access( name.c_str(), F_OK ) != -1 );
+}
+
+inline bool file_is_readable (const std::string& name) {
+    return ( access( name.c_str(), R_OK ) != -1 );
+}
+
+LicenseResult LicenseUtils_nix::GetLicenseKey(std::string& license_key)
+{
+    // If license key was set by SetLicenseKey, use it
+    if (!temp_license_key.empty()) {
+        license_key = temp_license_key;
+        return {LicenseResult::Status::Ok, "Success"};
+    }
+
+    // First - try to find user specific file
+    std::string config_file = "";
+
+    std::string home_dir = secure_getenv("HOME");
+    auto user_config_file = home_dir + "/" + LICENSE_KEY_PATH_USER;
+
+    license_key = "";  // Initialize
+    if (file_exists(user_config_file)) {
+        if (file_is_readable(user_config_file)) {
+            config_file = user_config_file;
+        } else {
+            return {LicenseResult::Status::Error,
+                    "User license key file is present but process cannot read it. Check file permissions."};
+        }
+    } else if (file_exists(LICENSE_KEY_PATH_SYSTEM)) {
+        if (file_is_readable(LICENSE_KEY_PATH_SYSTEM)) {
+            config_file = LICENSE_KEY_PATH_SYSTEM;
+        } else {
+            return {LicenseResult::Status::Error,
+                    "System license key file is present but process cannot read it. Check file permissions."};
+        }
+    } else {
+        LOG_ERROR(LOG_TAG, "Looked in %s for user license.\n"
+                           "Looked in %s for system license.\n"
+                           "Neither user nor system license key file not present.",
+                  user_config_file.c_str(), LICENSE_KEY_PATH_SYSTEM);
+        return {LicenseResult::Status::Error, "Neither user nor system license key file not present."};
+    }
+
+    try
+    {
+        LOG_DEBUG(LOG_TAG, "Reading license file from: %s", config_file.c_str());
+        std::ifstream ifs(config_file);
+        json jf = json::parse(ifs);
+        JsonLicenseFile json_license = jf.template get<JsonLicenseFile>();
+        license_key = json_license.license_key;
+        LOG_TRACE(LOG_TAG, "license_key: %s", license_key.c_str());
+        return {LicenseResult::Status::Ok, "Success"};
+    } catch (const json::exception& ex) {
+        LOG_ERROR(LOG_TAG, "JSON parser error while parsing license file. Exception: %s", ex.what());
+        return {LicenseResult::Status::Error, "License key JSON file format exception."};
+    } catch (const std::exception& ex) {
+        LOG_ERROR(LOG_TAG, "Error while processing license file. Exception: %s", ex.what());
+        return {LicenseResult::Status::Error, "License key file is present but process cannot read it."};
+    }
+}
+
+// TODO: In case we would like the customer to override default endpoint url, we would need
+// to implement this method to read from config file
+std::string LicenseUtils_nix::GetLicenseEndpointUrl() {
+    return DEFAULT_LICENSE_SERVER_URL;
+}
+
+LicenseResult LicenseUtils_nix::SetLicenseKey(const std::string& license_key, bool persist)
+{
+    if (persist) {
+        throw std::runtime_error("Not implemented");
+    } else {
+        temp_license_key = license_key;
+        return {LicenseResult::Status::Ok, "Success"};
+    }
+}
+
+}
diff --git a/src/LicenseChecker/LicenseUtilsImpl/LicenseUtils_nix.h b/src/LicenseChecker/LicenseUtilsImpl/LicenseUtils_nix.h
new file mode 100644
index 0000000..eed44e8
--- /dev/null
+++ b/src/LicenseChecker/LicenseUtilsImpl/LicenseUtils_nix.h
@@ -0,0 +1,20 @@
+// License: Apache 2.0. See LICENSE file in root directory.
+// Copyright(c) 2020-2021 Intel Corporation. All Rights Reserved.
+
+#pragma once
+#include "ILicenseUtils.h"
+
+namespace RealSenseID
+{
+
+class LicenseUtils_nix final : public ILicenseUtils
+{
+public:
+    LicenseResult GetLicenseKey(std::string& license_key) override;
+    LicenseResult SetLicenseKey(const std::string& license_key, bool persist) override;
+    std::string GetLicenseEndpointUrl() override;
+private:
+    std::string temp_license_key;
+};
+
+}
\ No newline at end of file
diff --git a/src/LicenseChecker/LicenseUtilsImpl/LicenseUtils_win.cc b/src/LicenseChecker/LicenseUtilsImpl/LicenseUtils_win.cc
new file mode 100644
index 0000000..21437db
--- /dev/null
+++ b/src/LicenseChecker/LicenseUtilsImpl/LicenseUtils_win.cc
@@ -0,0 +1,109 @@
+// License: Apache 2.0. See LICENSE file in root directory.
+// Copyright(c) 2020-2021 Intel Corporation. All Rights Reserved.
+
+#include "LicenseUtils_win.h"
+#include "../../Logger/Logger.h"
+#include <WinReg.hpp>
+#include <algorithm>
+#include <iterator>
+#include <codecvt>
+
+using winreg::RegKey;
+using winreg::RegResult;
+
+static const char* LOG_TAG = "LicenseUtils";
+
+namespace RealSenseID
+{
+
+static const auto LICENSE_KEY_PATH = L"SOFTWARE\\Intel\\VisionPlatform";
+static const auto LICENSE_KEY_NAME = L"License";
+
+#pragma warning(push)
+#pragma warning(disable : 4996) // wstring_convert marked deprecated in c++17, but we're still using c++14.
+                                // no replacement till c++22, so...
+inline std::string getResultString(const RegResult& result)
+{
+    std::wstring_convert<std::codecvt_utf8_utf16<wchar_t>> converter;
+    auto error_message = converter.to_bytes(result.ErrorMessage());
+    return error_message;
+}
+#pragma warning(pop)
+
+LicenseResult LicenseUtils_win::GetLicenseKey(std::string& license_key)
+{
+    if (!temp_license_key.empty()) {
+        license_key = temp_license_key;
+        return {LicenseResult::Status::Ok, "Success"};
+    }
+
+    license_key = "";
+    RegKey key;
+    RegResult result;
+
+    result = key.TryOpen(HKEY_LOCAL_MACHINE, LICENSE_KEY_PATH, KEY_READ);
+    if (result.IsOk()) {
+        const auto res = key.TryGetStringValue(LICENSE_KEY_NAME);
+        if(res.IsValid()) {
+            const auto& val = res.GetValue();
+            std::transform(val.begin(), val.end(), std::back_inserter(license_key), [] (wchar_t c) {
+                return (char)c;
+            });
+            return {LicenseResult::Status::Ok, "Success"};
+        } else {
+            auto error_message = "Error while reading registry value: " +getResultString(res.GetError());
+            LOG_ERROR(LOG_TAG, error_message.c_str());
+            return {LicenseResult::Status::Error, error_message};
+        }
+    } else {
+        auto error_message = "Error while opening registry key: " + getResultString(result);
+        LOG_ERROR(LOG_TAG,  error_message.c_str());
+        return {LicenseResult::Status::Error, error_message};
+    }
+}
+
+LicenseResult LicenseUtils_win::SetLicenseKey(const std::string& license_key, bool persist)
+{
+    if (persist) {
+        RegKey key;
+        RegResult result;
+
+        result = key.TryOpen(HKEY_LOCAL_MACHINE, LICENSE_KEY_PATH, KEY_WRITE);
+        if (result.Failed()) {
+            result = key.TryCreate(HKEY_LOCAL_MACHINE, LICENSE_KEY_PATH, KEY_WRITE);
+        }
+        if (result.IsOk()) {
+            std::wstring w_license_key(license_key.length(), L' ');
+            std::copy(license_key.begin(), license_key.end(), w_license_key.begin());
+            const auto res = key.TrySetStringValue(LICENSE_KEY_NAME, w_license_key);
+            if(res.IsOk()) {
+                temp_license_key = license_key;
+                return {LicenseResult::Status::Ok, "Success"};
+            } else {
+                auto error_message = "Error setting registry value: " + getResultString(res);
+                LOG_ERROR(LOG_TAG, error_message.c_str());
+                return {LicenseResult::Status::Error, error_message};
+            }
+        } else {
+            // You need to either have permission to the registry entry or admin access:
+            // Elevate the process in GUI:
+            // https://learn.microsoft.com/en-us/windows/win32/wmisdk/executing-privileged-operations-using-c-
+            auto error_message = "Error while opening/creating registry key: " + getResultString(result);
+            LOG_ERROR(LOG_TAG, error_message.c_str());
+            return {LicenseResult::Status::Error, error_message};
+        }
+    } else
+    {
+        temp_license_key = license_key;
+        return {LicenseResult::Status::Ok, "Success"};
+    }
+}
+
+// TODO: In case we would like the customer to override default endpoint url, we would need
+// to implement this method to read from registry as in the example above
+std::string LicenseUtils_win::GetLicenseEndpointUrl()
+{
+    return DEFAULT_LICENSE_SERVER_URL;
+}
+
+}
diff --git a/src/LicenseChecker/LicenseUtilsImpl/LicenseUtils_win.h b/src/LicenseChecker/LicenseUtilsImpl/LicenseUtils_win.h
new file mode 100644
index 0000000..ca6eef5
--- /dev/null
+++ b/src/LicenseChecker/LicenseUtilsImpl/LicenseUtils_win.h
@@ -0,0 +1,22 @@
+// License: Apache 2.0. See LICENSE file in root directory.
+// Copyright(c) 2020-2021 Intel Corporation. All Rights Reserved.
+
+#pragma once
+
+#include <memory>
+#include "ILicenseUtils.h"
+
+namespace RealSenseID
+{
+
+class LicenseUtils_win final : public ILicenseUtils
+{
+public:
+    LicenseResult GetLicenseKey(std::string& license_key) override;
+    LicenseResult SetLicenseKey(const std::string& license_key, bool persist) override;
+    std::string GetLicenseEndpointUrl() override;
+private:
+    std::string temp_license_key;
+};
+
+}
\ No newline at end of file
diff --git a/src/Matcher/Matcher.cc b/src/Matcher/Matcher.cc
index 5eb6e4f..00381ef 100644
--- a/src/Matcher/Matcher.cc
+++ b/src/Matcher/Matcher.cc
@@ -14,8 +14,8 @@
 
 /*
 RSID-MATCHER INFO: Functions implementation here in Matcher.cc uses integer arithmetic and tailored to integer-valued
-feature-vectors with: (1) length 256 (2) integer valued features in range [-1023,+1023]. Adjustments and checks will be
-taken if (1) vectors length becomes more than 256 (2) features value range becomes wider than [-1023,+1023].
+feature-vectors with: (1) length 512 (2) integer valued features in range [-1023,+1023]. Adjustments and checks will be
+taken if (1) vectors length becomes more than 512 (2) features value range becomes wider than [-1023,+1023].
 RSID-MARCHER INFO: Such adjustments/checks may be required due to accumulators and bit shifts used.
 */
 
@@ -108,10 +108,7 @@ void Matcher::InitAdaptiveThresholds(const Thresholds& thresholds, AdaptiveThres
 void Matcher::HandleThresholdsConfiguration(const bool& probe_has_mask,
                         const Faceprints& existing_faceprints, 
                         AdaptiveThresholds& adaptiveThresholds)
-{
-    feature_t* galeryAdaptiveVector = nullptr;
-
-
+{    
     // Fix for Enroll from Image : we need different strong threshold.
     // Does the DB entry of the user is W10type ?
     bool isEnrolledTypeInDbIsRgb = (FaceprintsTypeEnum::RGB == existing_faceprints.data.featuresType);
@@ -277,9 +274,9 @@ void Matcher::FaceMatch(const MatchElement& probe_faceprints,
 
 bool Matcher::ValidateFaceprints(const Faceprints& faceprints, bool check_enrollment_vector)
 {
-    // TODO - carefull handling in MatchTwoVectors() may be required for vectors longer than 256.
-    static_assert((RSID_NUM_OF_RECOGNITION_FEATURES <= 256),
-                  "Vector length is higher than 256 - may need careful test and check, due to integer arithmetics and "
+    // TODO - carefull handling in MatchTwoVectors() may be required for vectors longer than 512.
+    static_assert((RSID_NUM_OF_RECOGNITION_FEATURES <= 512),
+                  "Vector length is higher than 512 - may need careful test and check, due to integer arithmetics and "
                   "overflow risk!");
 
     uint32_t nfeatures = static_cast<uint32_t>(RSID_NUM_OF_RECOGNITION_FEATURES);
@@ -305,9 +302,9 @@ bool Matcher::ValidateFaceprints(const Faceprints& faceprints, bool check_enroll
 
 bool Matcher::ValidateFaceprints(const MatchElement& faceprints)
 {
-    // TODO - carefull handling in MatchTwoVectors() may be required for vectors longer than 256.
-    static_assert((RSID_NUM_OF_RECOGNITION_FEATURES <= 256),
-                  "Vector length is higher than 256 - may need careful test and check, due to integer arithmetics and "
+    // TODO - carefull handling in MatchTwoVectors() may be required for vectors longer than 512.
+    static_assert((RSID_NUM_OF_RECOGNITION_FEATURES <= 512),
+                  "Vector length is higher than 512 - may need careful test and check, due to integer arithmetics and "
                   "overflow risk!");
 
     uint32_t nfeatures = static_cast<uint32_t>(RSID_NUM_OF_RECOGNITION_FEATURES);
@@ -374,7 +371,7 @@ ExtendedMatchResult Matcher::MatchFaceprintsToArray(const MatchElement& probe_fa
     size_t user_index = (size_t)result.userId;
 
     // if no user matched, finish here and return.
-    if((user_index < 0) || (user_index >= existing_faceprints_array.size()))
+    if(user_index >= existing_faceprints_array.size())
     {
         LOG_ERROR(LOG_TAG, "Invalid user_index : Skipping function.");
         return result;
@@ -720,7 +717,7 @@ void Matcher::MatchTwoVectors(const feature_t* T1, const feature_t* T2, match_ca
     // Correct calculation is expected if :
     //
     // (1) all feature vector values are integers in range R = (-1024, +1024).
-    // (2) length of vectors is 256.
+    // (2) length of vectors is 512.
     //
     // IMPORTANT : If one of the assumptions is violated (longer vectors, or wider range R) - then the calculation may
     // be incorrect due to overflow during bit shifts.
@@ -735,10 +732,10 @@ void Matcher::MatchTwoVectors(const feature_t* T1, const feature_t* T2, match_ca
         return; 
     }
 
-    //  "Matcher may require carefull adjustments and checks for vectors longer than 256."
-    if (vec_length > 256)
+    //  "Matcher may require carefull adjustments and checks for vectors longer than 512."
+    if (vec_length > 512)
     {
-        LOG_ERROR(LOG_TAG, "Vector length > 256 : Matcher may require carefull adjustments. Skipping this function, please check!");
+        LOG_ERROR(LOG_TAG, "Vector length > 512 : Matcher may require carefull adjustments. Skipping this function, please check!");
 
         *match_score = 0;
         
@@ -775,14 +772,14 @@ void Matcher::MatchTwoVectors(const feature_t* T1, const feature_t* T2, match_ca
     short corr_msb = GetMsb(ucorr);
     int32_t min_shift = 0;
 
-    short max_corr_shift = 32 - corr_msb;
-    short max_shift1 = 16 - static_cast<short>(std::max(static_cast<int32_t>(corr_msb - norm1_msb), min_shift));
-    short max_shift2 = 16 - static_cast<short>(std::max(static_cast<int32_t>(corr_msb - norm2_msb), min_shift));
+    short max_corr_shift = static_cast<short>(32 - corr_msb);
+    short max_shift1 = static_cast<short>(16 - static_cast<short>(std::max(static_cast<int32_t>(corr_msb - norm1_msb), min_shift)));
+    short max_shift2 = static_cast<short>(16 - static_cast<short>(std::max(static_cast<int32_t>(corr_msb - norm2_msb), min_shift)));
 
     short shift1 = static_cast<short>(std::min(static_cast<int32_t>(max_shift1), static_cast<int32_t>(max_corr_shift)));
     short shift2 = static_cast<short>(std::min(static_cast<int32_t>(max_shift2), static_cast<int32_t>(max_corr_shift)));
-    short total_shift = shift1 + shift2;
-    short shift_back = total_shift - 12;
+    short total_shift = static_cast<short>(shift1 + shift2);
+    short shift_back = static_cast<short>(total_shift - 12);
 
     uint32_t norm_corr1 = (ucorr << shift1) / norm1;
     uint32_t norm_corr2 = (ucorr << shift2) / norm2;
diff --git a/src/Matcher/MatcherImplDefines.h b/src/Matcher/MatcherImplDefines.h
index 702a0a0..f904936 100644
--- a/src/Matcher/MatcherImplDefines.h
+++ b/src/Matcher/MatcherImplDefines.h
@@ -31,7 +31,7 @@
 #define RSID_IDENTICAL_THRESHOLD_GNM_GNM_HIGH_CONFIDENCE_LEVEL                  (2754)
 #define RSID_IDENTICAL_THRESHOLD_GM_GNM_HIGH_CONFIDENCE_LEVEL                   (2754)
 //---
-#define RSID_STRONG_THRESHOLD_PNM_GNM_HIGH_CONFIDENCE_LEVEL                     (1247)
+#define RSID_STRONG_THRESHOLD_PNM_GNM_HIGH_CONFIDENCE_LEVEL                     (768)
 #define RSID_STRONG_THRESHOLD_PM_GNM_HIGH_CONFIDENCE_LEVEL                      (1199)
 #define RSID_STRONG_THRESHOLD_PM_GM_HIGH_CONFIDENCE_LEVEL                       (1679)
 #define RSID_STRONG_THRESHOLD_PNM_GNM_RGB_IMG_ENROLL_HIGH_CONFIDENCE_LEVEL      (600) // for enroll from image W10 vs. RGB features.
@@ -43,7 +43,7 @@
 #define RSID_IDENTICAL_THRESHOLD_GNM_GNM_MEDIUM_CONFIDENCE_LEVEL                (2754)
 #define RSID_IDENTICAL_THRESHOLD_GM_GNM_MEDIUM_CONFIDENCE_LEVEL                 (2754)
 //---
-#define RSID_STRONG_THRESHOLD_PNM_GNM_MEDIUM_CONFIDENCE_LEVEL                   (1120)
+#define RSID_STRONG_THRESHOLD_PNM_GNM_MEDIUM_CONFIDENCE_LEVEL                   (662)
 #define RSID_STRONG_THRESHOLD_PM_GNM_MEDIUM_CONFIDENCE_LEVEL                    (1071)
 #define RSID_STRONG_THRESHOLD_PM_GM_MEDIUM_CONFIDENCE_LEVEL                     (1485)
 #define RSID_STRONG_THRESHOLD_PNM_GNM_RGB_IMG_ENROLL_MEDIUM_CONFIDENCE_LEVEL    (600) // for enroll from image W10 vs. RGB features.
@@ -55,7 +55,7 @@
 #define RSID_IDENTICAL_THRESHOLD_GNM_GNM_LOW_CONFIDENCE_LEVEL                   (2754)
 #define RSID_IDENTICAL_THRESHOLD_GM_GNM_LOW_CONFIDENCE_LEVEL                    (2754)
 //---
-#define RSID_STRONG_THRESHOLD_PNM_GNM_LOW_CONFIDENCE_LEVEL                      (990)
+#define RSID_STRONG_THRESHOLD_PNM_GNM_LOW_CONFIDENCE_LEVEL                      (593)
 #define RSID_STRONG_THRESHOLD_PM_GNM_LOW_CONFIDENCE_LEVEL                       (966)
 #define RSID_STRONG_THRESHOLD_PM_GM_LOW_CONFIDENCE_LEVEL                        (1316)
 #define RSID_STRONG_THRESHOLD_PNM_GNM_RGB_IMG_ENROLL_LOW_CONFIDENCE_LEVEL       (600) // for enroll from image W10 vs. RGB features.
diff --git a/src/PacketManager/CommonTypes.h b/src/PacketManager/CommonTypes.h
index 9107b96..0059f55 100644
--- a/src/PacketManager/CommonTypes.h
+++ b/src/PacketManager/CommonTypes.h
@@ -36,7 +36,9 @@ enum class RSID_NO_DISCARD SerialStatus
     RecvUnexpectedPacket,
     SecurityError,
     VersionMismatch,
-    CrcError
+    CrcError,
+    LicenseError,
+    LicenseCheck
 };
 
 using timeout_t = std::chrono::milliseconds;
diff --git a/src/PacketManager/LinuxSerial.cc b/src/PacketManager/LinuxSerial.cc
index 143a1a2..8c14039 100644
--- a/src/PacketManager/LinuxSerial.cc
+++ b/src/PacketManager/LinuxSerial.cc
@@ -45,7 +45,7 @@ static speed_t to_speed_t(unsigned int baudRate)
     case 115200:
         return B115200;
     default:
-        return -1;
+        return B0;
     }
 }
 
@@ -85,10 +85,11 @@ LinuxSerial::LinuxSerial(const SerialConfig& config) : _config {config}
         throw std::runtime_error("Failed open serial port. errno: " + std::to_string(errno));
     }
 
-    struct termios options = {0};
+    struct termios options; 
+    ::memset(&options, 0, sizeof(options));
 
     auto baudRate = to_speed_t(config.baudrate);
-    if (baudRate == -1)
+    if (baudRate == B0)
     {
         ::close(_handle);
         throw std::runtime_error("Failed open serial port. Invalid baudrate");
@@ -154,7 +155,7 @@ SerialStatus LinuxSerial::RecvBytes(char* buffer, size_t n_bytes)
         if (last_read_result > 0)
         {
             DEBUG_SERIAL(LOG_TAG, "[rcv]", (const char*)buf_ptr, last_read_result);
-            total_bytes_read += last_read_result;
+            total_bytes_read += static_cast <unsigned int>(last_read_result);
 
             if (total_bytes_read >= n_bytes)
             {
@@ -164,7 +165,7 @@ SerialStatus LinuxSerial::RecvBytes(char* buffer, size_t n_bytes)
         }
         else if (last_read_result < 0)
         {
-            LOG_ERROR(LOG_TAG, "[rcv] rv=%d errorno %d", last_read_result, errno);
+            LOG_ERROR(LOG_TAG, "[rcv] rv=%ld errorno %d", last_read_result, errno);
             return SerialStatus::RecvFailed;
         }
     }
@@ -172,7 +173,7 @@ SerialStatus LinuxSerial::RecvBytes(char* buffer, size_t n_bytes)
     // reached here on timout
     if (n_bytes != 1)
     {
-        LOG_DEBUG(LOG_TAG, "Timeout recv %zu bytes. Got only %zu bytes", n_bytes, total_bytes_read);
+        LOG_DEBUG(LOG_TAG, "Timeout recv %zu bytes. Got only %u bytes", n_bytes, total_bytes_read);
     }
     
     return SerialStatus::RecvTimeout;
diff --git a/src/PacketManager/MbedtlsWrapper.h b/src/PacketManager/MbedtlsWrapper.h
index d40ae71..283193c 100644
--- a/src/PacketManager/MbedtlsWrapper.h
+++ b/src/PacketManager/MbedtlsWrapper.h
@@ -18,6 +18,9 @@
 #define HMAC_256_SIZE_BYTES            32
 #define DATA_PACKET_CONTENT_SIZE       ECC_P256_KEY_SIZE_BYTES + ECC_P256_SIG_SIZE_BYTES
 #define SIGNED_PUBKEY_SIZE             ECC_P256_KEY_SIZE_BYTES * 2
+#define LICENSE_SESSION_TOKEN_SIZE     16
+#define SERIAL_NUMBER_SIZE             28
+
 
 namespace RealSenseID
 {
diff --git a/src/PacketManager/NonSecureSession.cc b/src/PacketManager/NonSecureSession.cc
index eb63b94..6b76bdd 100644
--- a/src/PacketManager/NonSecureSession.cc
+++ b/src/PacketManager/NonSecureSession.cc
@@ -3,13 +3,16 @@
 
 #include "NonSecureSession.h"
 #include "PacketSender.h"
+#include "LicenseChecker/LicenseChecker.h"
+#include "StatusHelper.h"
 #include "Logger.h"
 #include <stdexcept>
-#include <string.h>
+#include <cstring>
 #include <cassert>
 
 static const char* LOG_TAG = "NonSecureSession";
 static const int MAX_SEQ_NUMBER_DELTA = 20;
+constexpr std::chrono::milliseconds start_session_max_timeout {12'000};
 
 namespace RealSenseID
 {
@@ -28,7 +31,7 @@ NonSecureSession::~NonSecureSession()
     }
 }
 
-SerialStatus NonSecureSession::Start(SerialConnection* serial_conn)
+SerialStatus NonSecureSession::Start(SerialConnection* serial_conn, OnLicenseCheck on_license_check)
 {
     LOG_DEBUG(LOG_TAG, "Start session");
 
@@ -52,14 +55,77 @@ SerialStatus NonSecureSession::Start(SerialConnection* serial_conn)
         return status;
     }
 
-    status = sender.Recv(packet);
-    if (status != SerialStatus::Ok || packet.header.id != MsgId::StartSession)
-        LOG_ERROR(LOG_TAG, "Failed to recv device start session response");
-
-    return status;
+    PacketManager::Timer session_timer {start_session_max_timeout};
+    while (true)
+    {
+        if (session_timer.ReachedTimeout())
+        {
+            LOG_ERROR(LOG_TAG, "session timeout");
+            return SerialStatus::RecvTimeout;
+        }
+
+        auto recv_status = sender.Recv(packet);
+        if (recv_status != SerialStatus::Ok) //  || packet.header.id != MsgId::StartSession
+        {
+            LOG_ERROR(LOG_TAG, "Failed to recv device start session response");
+            return recv_status;
+        }
+
+        auto msg_id = packet.header.id;
+
+        if (msg_id == MsgId::LicenseVerificationRequest)
+        {
+            LOG_DEBUG(LOG_TAG, "Received license verification request");
+            auto* data = reinterpret_cast<const unsigned char*>(packet.Data().data);
+
+            unsigned char response[LICENSE_VERIFICATION_RES_SIZE + LICENSE_SIGNATURE_SIZE] = {0};
+            int license_type = 0;
+
+            if (on_license_check != nullptr)
+            {
+                on_license_check(); // notify caller that license check is happening
+            }
+            auto res = LicenseChecker::GetInstance().CheckLicense(data, response, license_type);
+
+            if (res != LicenseCheckStatus::SUCCESS)
+            {
+                LOG_ERROR(LOG_TAG, "License verification failed");
+                std::memset(response, 0, sizeof(response)); // send empty response to device
+            }
+
+            DataPacket data_packet {MsgId::LicenseVerificationResponse, reinterpret_cast<char*>(response), sizeof(response)};
+            auto send_status = sender.SendBinary(data_packet);
+            if (send_status != SerialStatus::Ok)
+            {
+                LOG_ERROR(LOG_TAG, "Failed to send license verification response packet");
+                return send_status;
+            }
+        }
+        else if (msg_id == MsgId::StartSession)
+        {
+            LOG_DEBUG(LOG_TAG, "Session Started");
+            return SerialStatus::Ok;
+        }
+
+        else if (msg_id == MsgId::Reply)
+        {
+            // MsgId::Reply here means session was not opened sucessfully
+            auto fa_packet = reinterpret_cast<FaPacket*>(&packet);
+            auto status_code = static_cast<int>(fa_packet->GetStatusCode());
+            auto fa_status = static_cast<Status>(status_code);
+            const char* description = Description(fa_status);
+            LOG_ERROR(LOG_TAG, "Failed: %s", description);
+            return ToSerialStatus(fa_status);
+        }
+        else
+        {
+            LOG_ERROR(LOG_TAG, "Received unexpected msg id '%c' (%d)", msg_id, static_cast<int>(msg_id));
+            return SerialStatus::RecvUnexpectedPacket;
+        }
+    }
 }
 
-bool NonSecureSession::IsOpen()
+bool NonSecureSession::IsOpen() const
 {
     return _is_open;
 }
@@ -115,9 +181,9 @@ SerialStatus NonSecureSession::RecvPacketImpl(SerialPacket& packet)
     PacketSender sender {_serial};
 
     // Handle cancel flag
-    auto status = HandleCancelFlag(); 
+    auto status = HandleCancelFlag();
     if (status != SerialStatus::Ok)
-    {        
+    {
         return status;
     }
 
diff --git a/src/PacketManager/NonSecureSession.h b/src/PacketManager/NonSecureSession.h
index 9987701..517d40e 100644
--- a/src/PacketManager/NonSecureSession.h
+++ b/src/PacketManager/NonSecureSession.h
@@ -8,6 +8,7 @@
 #include "CommonTypes.h"
 #include "Timer.h"
 #include <atomic>
+#include <functional>
 
 // Thread safe, non secure session manager. sends/receive packets without any encryption or signing
 // Session starts on Start(serial_connection*) and ends in destruction.
@@ -20,6 +21,7 @@ namespace PacketManager
 class NonSecureSession
 {
 public:
+    using OnLicenseCheck = std::function<void()>;// notify caller about license check (long operation over the web)
     NonSecureSession() = default;
     ~NonSecureSession();
 
@@ -28,10 +30,10 @@ class NonSecureSession
 
     // Start the session using the given (already open) serial connection.
     // return Status::Ok on success, or error Status otherwise.
-    SerialStatus Start(SerialConnection* serial_conn);
+    SerialStatus Start(SerialConnection* serial_conn, OnLicenseCheck on_license_check = nullptr);
 
     // return true if session is open
-    bool IsOpen();
+    bool IsOpen() const;
 
     // Send packet
     // return Status::Ok on success, or error status otherwise.
diff --git a/src/PacketManager/PacketSender.cc b/src/PacketManager/PacketSender.cc
index e05c6da..3009305 100644
--- a/src/PacketManager/PacketSender.cc
+++ b/src/PacketManager/PacketSender.cc
@@ -10,6 +10,7 @@
 #include <cstdint>
 #include <stdexcept>
 #include <cassert>
+#include <inttypes.h> 
 
 const char* LOG_TAG = "PacketSender";
 
@@ -125,7 +126,7 @@ SerialStatus PacketSender::Recv(SerialPacket& target)
     status = _serial->RecvBytes(target_ptr, target.header.payload_size);
     if (status != SerialStatus::Ok)
     {
-        LOG_ERROR(LOG_TAG, "Failed to recv packet payload (%zu bytes)", target.header.payload_size);
+        LOG_ERROR(LOG_TAG, "Failed to recv packet payload (%" PRIu16 " bytes)", target.header.payload_size);
         return status;
     }
 
diff --git a/src/PacketManager/SecureSession.cc b/src/PacketManager/SecureSession.cc
index 27b52b1..b2f96a6 100644
--- a/src/PacketManager/SecureSession.cc
+++ b/src/PacketManager/SecureSession.cc
@@ -5,12 +5,15 @@
 #include "PacketSender.h"
 #include "Logger.h"
 #include "Randomizer.h"
+#include "LicenseChecker/LicenseChecker.h"
+#include "StatusHelper.h"
 #include <stdexcept>
-#include <string>
 #include <cassert>
+#include <inttypes.h>
 
 static const char* LOG_TAG = "SecureSession";
 static const int MAX_SEQ_NUMBER_DELTA = 20;
+constexpr std::chrono::milliseconds start_session_max_timeout {12'000};
 
 namespace RealSenseID
 {
@@ -26,12 +29,12 @@ SecureSession::~SecureSession()
     try
     {
         LOG_DEBUG(LOG_TAG, "Close session");
-        auto ignored = HandleCancelFlag(); //cancel if requested but not handled yet
+        auto ignored = HandleCancelFlag(); // cancel if requested but not handled yet
         (void)ignored;
     }
     catch (...)
     {
-    }       
+    }
 }
 
 SerialStatus SecureSession::Pair(SerialConnection* serial_conn, const char* ecdsaHostPubKey,
@@ -52,7 +55,7 @@ SerialStatus SecureSession::Unpair(SerialConnection* serial_conn)
 
     unsigned char hostPubKeySig[ECC_P256_KEY_SIZE_BYTES];
     bool res = _sign_callback(hostPubKey, ECC_P256_KEY_SIZE_BYTES, hostPubKeySig);
-    if(!res)
+    if (!res)
     {
         LOG_ERROR(LOG_TAG, "Sign callback failed");
         return SerialStatus::SecurityError;
@@ -62,7 +65,7 @@ SerialStatus SecureSession::Unpair(SerialConnection* serial_conn)
     return PairImpl(serial_conn, (char*)hostPubKey, (char*)hostPubKeySig, devicePubKey);
 }
 
-SerialStatus SecureSession::Start(SerialConnection* serial_conn)
+SerialStatus SecureSession::Start(SerialConnection* serial_conn, OnLicenseCheck on_license_check)
 {
     LOG_DEBUG(LOG_TAG, "Start session");
 
@@ -101,21 +104,72 @@ SerialStatus SecureSession::Start(SerialConnection* serial_conn)
         return status;
     }
 
-    // Read device's key and generate shared secret
-    status = sender.Recv(packet);
-    if (status != SerialStatus::Ok)
-    {
-        LOG_ERROR(LOG_TAG, "Failed to recv device key response");
-        return status;
-    }
-    if (packet.header.id != MsgId::DeviceEcdhKey)
+    PacketManager::Timer session_timer {start_session_max_timeout};
+    while (true)
     {
-        LOG_ERROR(LOG_TAG, "Mutual authentication failed");
-        return SerialStatus::SecurityError;
+        if (session_timer.ReachedTimeout())
+        {
+            LOG_ERROR(LOG_TAG, "session timeout");
+            return SerialStatus::RecvTimeout;
+        }
+
+        status = sender.Recv(packet);
+        if (status != SerialStatus::Ok)
+        {
+            LOG_ERROR(LOG_TAG, "Failed to recv device start session response");
+            return status;
+        }
+
+        auto msg_id = packet.header.id;
+
+        if (msg_id == MsgId::LicenseVerificationRequest)
+        {
+            LOG_DEBUG(LOG_TAG, "Received license verification request");
+            auto* data = reinterpret_cast<const unsigned char*>(packet.Data().data);
+
+            unsigned char response[LICENSE_VERIFICATION_RES_SIZE + LICENSE_SIGNATURE_SIZE] = {0};
+            int license_type = 0;
+
+            if (on_license_check != nullptr)
+            {
+                on_license_check(); // notify caller that license check is happening
+            }
+            auto res = LicenseChecker::GetInstance().CheckLicense(data, response, license_type);
+            if (res == LicenseCheckStatus::Error)
+            {
+                LOG_ERROR(LOG_TAG, "License verification failed");
+                ::memset(response, 0, sizeof(response)); // send empty response to device
+            }
+
+            DataPacket data_packet {MsgId::LicenseVerificationResponse, reinterpret_cast<char*>(response), sizeof(response)};
+            auto send_status = sender.SendBinary(data_packet);
+            if (send_status != SerialStatus::Ok)
+            {
+                LOG_ERROR(LOG_TAG, "Failed to send license verification response packet");
+                return send_status;
+            }
+        }
+        else if (msg_id == MsgId::DeviceEcdhKey)
+        {
+            LOG_DEBUG(LOG_TAG, "Received device ecdh key");
+            break;
+        }
+        else if (msg_id == MsgId::Reply)
+        {
+            // MsgId::Reply here means session was not opened sucessfully
+            auto fa_packet = reinterpret_cast<FaPacket*>(&packet);
+            auto status_code = static_cast<int>(fa_packet->GetStatusCode());
+            auto fa_status = static_cast<Status>(status_code);
+            const char* description = Description(fa_status);
+            LOG_ERROR(LOG_TAG, "Failed: %s", description);
+            return ToSerialStatus(fa_status);
+        }
+        else
+        {
+            LOG_ERROR(LOG_TAG, "Received unexpected msg id '%c' (%d)", msg_id, static_cast<int>(msg_id));
+        }
     }
 
-    assert(IsDataPacket(packet));
-
     // Verify the received key
     MbedtlsWrapper::VerifyCallback verify_clbk = [this](const unsigned char* buffer, const unsigned int buffer_len,
                                                         const unsigned char* sig, const unsigned int sig_len) {
@@ -133,7 +187,7 @@ SerialStatus SecureSession::Start(SerialConnection* serial_conn)
     return SerialStatus::Ok;
 }
 
-bool SecureSession::IsOpen()
+bool SecureSession::IsOpen() const
 {
     return _is_open;
 }
@@ -262,7 +316,7 @@ SerialStatus SecureSession::RecvPacketImpl(SerialPacket& packet)
     assert(_serial != nullptr);
     PacketSender sender {_serial};
 
-      // Handle cancel flag
+    // Handle cancel flag
     auto status = HandleCancelFlag();
     if (status != SerialStatus::Ok)
     {
@@ -312,7 +366,8 @@ SerialStatus SecureSession::RecvPacketImpl(SerialPacket& packet)
     auto current_seq = packet.payload.sequence_number;
     if (!ValidateSeqNumber(_last_recv_seq_number, current_seq))
     {
-        LOG_ERROR(LOG_TAG, "Invalid sequence number. Last: %zu, Current: %zu", _last_recv_seq_number, current_seq);
+        LOG_ERROR(LOG_TAG, "Invalid sequence number. Last: %" PRIu32 ", Current: %" PRIu32, _last_recv_seq_number,
+                  current_seq);
         return SerialStatus::SecurityError;
     }
     _last_recv_seq_number = current_seq;
diff --git a/src/PacketManager/SecureSession.h b/src/PacketManager/SecureSession.h
index afc631f..aa38022 100644
--- a/src/PacketManager/SecureSession.h
+++ b/src/PacketManager/SecureSession.h
@@ -22,9 +22,13 @@ using SignCallback = std::function<bool(const unsigned char*, const unsigned int
 using VerifyCallback =
     std::function<bool(const unsigned char*, const unsigned int, const unsigned char*, const unsigned int)>;
 
+
+
 class SecureSession
 {
 public:
+    using OnLicenseCheck = std::function<void()>; // notify caller about license check (long operation over the web)
+
     SecureSession(SignCallback signCallback, VerifyCallback verifyCallback);
     ~SecureSession();
 
@@ -37,10 +41,10 @@ class SecureSession
 
     // Start the session using the given (already open) serial connection.
     // return Status::Ok on success, or error Status otherwise.
-    SerialStatus Start(SerialConnection* serial_conn);
+    SerialStatus Start(SerialConnection* serial_conn, OnLicenseCheck on_license_check = nullptr);
 
     // return true if session is open
-    bool IsOpen();
+    bool IsOpen() const;
 
     // cancel may be called from different threads
     std::atomic<bool> _cancel_required {false}; 
diff --git a/src/PacketManager/SerialPacket.cc b/src/PacketManager/SerialPacket.cc
index a34dc2d..93a810c 100644
--- a/src/PacketManager/SerialPacket.cc
+++ b/src/PacketManager/SerialPacket.cc
@@ -50,7 +50,7 @@ FaPacket::FaPacket(MsgId id, const char* user_id, char status)
         fa_msg.user_id[buffer_size - 1] = '\0'; // always null terminated
     }
 
-    fa_msg.fa_status = '0' + status;
+    fa_msg.fa_status = static_cast<char>('0' + status);
     assert(IsFaPacket(*this));
 }
 
@@ -66,7 +66,7 @@ const char* FaPacket::GetUserId() const
 
 char FaPacket::GetStatusCode()
 {
-    return payload.message.fa_msg.fa_status - '0';
+    return static_cast<char>(payload.message.fa_msg.fa_status - '0');
 }
 
 //
@@ -75,7 +75,7 @@ char FaPacket::GetStatusCode()
 DataPacket::DataPacket(MsgId id, char* data, size_t data_size)
 {
     header.id = id;
-    header.payload_size = static_cast<uint16_t>(AlignTo32Bytes(sizeof(payload.sequence_number) + (int)data_size));
+    header.payload_size = static_cast<uint16_t>(AlignTo32Bytes(static_cast<int>(sizeof(payload.sequence_number) + data_size)));
     uint32_t target_size = sizeof(payload.sequence_number) + sizeof(payload.message.data_msg.data);
     if (header.payload_size > target_size)
     {
diff --git a/src/PacketManager/SerialPacket.h b/src/PacketManager/SerialPacket.h
index 161eae0..152e55d 100644
--- a/src/PacketManager/SerialPacket.h
+++ b/src/PacketManager/SerialPacket.h
@@ -48,7 +48,7 @@ enum class MsgId : char
     Enroll = 'E',
     EnrollImage = 'I',
     EnrollImageFeatureExtraction = 'J',
-    Hint = 'H',    
+    Hint = 'H',
     SecureFaceprintsEnroll = 'N',
     SecureFaceprintsAuthenticate = 'Q',
     Progress = 'P',
@@ -56,11 +56,11 @@ enum class MsgId : char
     EnrollFaceprintsExtraction = 'T',
     AuthenticateFaceprintsExtraction = 'X',
     Reply = 'Y',
-    MaxFa = 'Z',    
+    MaxFa = 'Z',
     HostEcdsaKey = 'a',
     DeviceEcdsaKey = 'b',
     HostEcdhKey = 'c',
-    DeviceEcdhKey = 'd',    
+    DeviceEcdhKey = 'd',
     UploadImage = 'e',
     Faceprints = 'f',
     FaceDetected = 'g',
@@ -70,7 +70,7 @@ enum class MsgId : char
     QueryDeviceConfig = 'q',
     SetDeviceConfig = 's',
     StandBy = 't',
-    GetUserIds = 'u',    
+    GetUserIds = 'u',
     SecureFaceprintsBeginSecureSession = 'i',
     SecureFaceprintsEndSecureSession = 'j',
     SecureFaceprintsOnSecureSessionReady = 'k',
@@ -78,7 +78,10 @@ enum class MsgId : char
     SecureFaceprintsOnSecureSessionCmdResp = 'm',
     SecureFaceprintsFaceprintsReady = 'r',
     SetUserFeatures = 'x',
-    GetUserFeatures = 'y',    
+    GetUserFeatures = 'y',
+    LicenseVerificationRequest = 'v',
+    LicenseVerificationResponse = 'h',
+    Status = 'z'
 };
 
         struct SerialPacket
@@ -127,7 +130,7 @@ enum class MsgId : char
             DataPacket(MsgId id, char* data, size_t data_size);
             DataPacket(MsgId id);
             const DataMessage& Data() const;
-	    const size_t MessageSize()const
+	    size_t MessageSize() const
             {
                 return this->header.payload_size - sizeof(this->payload.sequence_number);
             }
@@ -143,8 +146,9 @@ enum class MsgId : char
             static const char* version_info = "\r\nbspver\r\n";
             static const char* device_info = "\r\nbspver -device\r\n";
             static const char* reset = "\r\nreset\r\n";
+            static const char* otp_ver = "\r\ngetOtpVer\r\n";
         } // namespace Commands
     } // namespace PacketManager
-}; // namespace RealSenseID
+} // namespace RealSenseID
 
 #pragma pack(pop)
diff --git a/src/PacketManager/WindowsSerial.cc b/src/PacketManager/WindowsSerial.cc
index b664c07..e03493a 100644
--- a/src/PacketManager/WindowsSerial.cc
+++ b/src/PacketManager/WindowsSerial.cc
@@ -114,7 +114,7 @@ SerialStatus WindowsSerial::RecvBytes(char* buffer, size_t n_bytes)
         if (bytes_to_read != 1)
         {
             // log only if not waiting for sync bytes, where it is expected to timeout sometimes
-            LOG_DEBUG(LOG_TAG, "Timeout reading %d bytes. Got only %d", bytes_to_read, bytes_actual_read);
+            LOG_DEBUG(LOG_TAG, "Timeout reading %lu bytes. Got only %lu", bytes_to_read, bytes_actual_read);
         }
         return SerialStatus::RecvTimeout;
     }
diff --git a/src/PreviewImpl.cc b/src/PreviewImpl.cc
index 7cb9367..8010137 100644
--- a/src/PreviewImpl.cc
+++ b/src/PreviewImpl.cc
@@ -30,7 +30,7 @@ PreviewImpl::PreviewImpl(const PreviewConfig& config) : _config(config)
         }
         _config.cameraNumber = camera_numbers[0];
     }
-};
+}
 
 PreviewImpl::~PreviewImpl()
 {
@@ -85,6 +85,8 @@ bool PreviewImpl::StartPreview(PreviewImageReadyCallback& callback)
                     container.number = frameNumber++;
                     if (_config.previewMode == PreviewMode::RAW10_1080P)
                     {
+                        LOG_DEBUG(LOG_TAG, "Received raw frame. timestamp=%u  sensor=%d  status=%u", 
+                            container.metadata.timestamp, container.metadata.sensor_id, container.metadata.status);
                         _callback->OnPreviewImageReady(_raw_helper->ConvertToRgb(container)); // sending RGB image to preview callback
                         _callback->OnSnapshotImageReady(_raw_helper->RotateRaw(container)); // sending raw image to snapshot callback
                     }
@@ -96,6 +98,11 @@ bool PreviewImpl::StartPreview(PreviewImageReadyCallback& callback)
                             _callback->OnPreviewImageReady(container);
                     }
                 }
+                else
+                {
+                    // Not result yet. rery shortly
+                    std::this_thread::sleep_for(std::chrono::milliseconds(100));
+                }
             }
         }
         catch (const std::exception& ex)
diff --git a/src/StatusHelper.cc b/src/StatusHelper.cc
index fe3e602..57de6fb 100644
--- a/src/StatusHelper.cc
+++ b/src/StatusHelper.cc
@@ -16,24 +16,22 @@ const char* Description(Status status)
     case RealSenseID::Status::SerialError:
         return "SerialError";
     case RealSenseID::Status::SecurityError:
-        return "SerialSecurityError";
+        return "SecurityError";
     case RealSenseID::Status::VersionMismatch:
         return "VersionMismatch";
     case RealSenseID::Status::CrcError:
         return "CrcError";
+    case RealSenseID::Status::LicenseError:
+        return "LicenseError";
+    case RealSenseID::Status::LicenseCheck:
+        return "LicenseCheck";
     default:
         return "Unknown Status";
     }
 }
 
 const char* Description(EnrollStatus status)
-{
-    // handle serial status
-    if (status >= RealSenseID::EnrollStatus::SerialOk)
-    {
-        return Description(static_cast<RealSenseID::Status>(status));
-    }
-
+{    
     switch (status)
     {
     case RealSenseID::EnrollStatus::Success:
@@ -72,22 +70,28 @@ const char* Description(EnrollStatus status)
         return "Failure";
     case RealSenseID::EnrollStatus::DeviceError:
         return "DeviceError";
-    case RealSenseID::EnrollStatus::SerialOk:
-        return "SerialOk";
+    case RealSenseID::EnrollStatus::Ok:
+        return "Ok";
+    case RealSenseID::EnrollStatus::Error:
+        return "Error";
     case RealSenseID::EnrollStatus::SerialError:
         return "SerialError";
-    case RealSenseID::EnrollStatus::SerialSecurityError:
-        return "SerialSecurityError";
+    case RealSenseID::EnrollStatus::SecurityError:
+        return "SecurityError";
     case RealSenseID::EnrollStatus::VersionMismatch:
         return "VersionMismatch";
     case RealSenseID::EnrollStatus::CrcError:
         return "CrcError";
-    case RealSenseID::EnrollStatus::Reserved1:
-        return "Reserved1";
-    case RealSenseID::EnrollStatus::Reserved2:
-        return "Reserved2";
-    case RealSenseID::EnrollStatus::Reserved3:
-        return "Reserved3";
+    case RealSenseID::EnrollStatus::LicenseError:
+        return "LicenseError";
+    case RealSenseID::EnrollStatus::LicenseCheck:
+        return "LicenseCheck";
+    case RealSenseID::EnrollStatus::Spoof_2D:
+        return "Spoof_2D";
+    case RealSenseID::EnrollStatus::Spoof_3D:
+        return "Spoof_3D";
+    case RealSenseID::EnrollStatus::Spoof_LR:
+        return "Spoof_LR";
     default:
         return "Unknown Status";
     }
@@ -113,12 +117,7 @@ const char* Description(FacePose pose)
 }
 
 const char* Description(AuthenticateStatus status)
-{
-    if (status >= RealSenseID::AuthenticateStatus::SerialOk)
-    {
-        return Description(static_cast<RealSenseID::Status>(status));
-    }
-
+{    
     switch (status)
     {
     case RealSenseID::AuthenticateStatus::Success:
@@ -154,27 +153,33 @@ const char* Description(AuthenticateStatus status)
     case RealSenseID::AuthenticateStatus::Spoof:
         return "Spoof";
     case RealSenseID::AuthenticateStatus::Forbidden:
-        return "Forbidden";    
+        return "Forbidden";
     case RealSenseID::AuthenticateStatus::DeviceError:
         return "DeviceError";
     case RealSenseID::AuthenticateStatus::Failure:
         return "Failure";
-    case RealSenseID::AuthenticateStatus::SerialOk:
-        return "SerialOk";
+    case RealSenseID::AuthenticateStatus::Ok:
+        return "Ok";
+    case RealSenseID::AuthenticateStatus::Error:
+        return "Error";
     case RealSenseID::AuthenticateStatus::SerialError:
         return "SerialError";
-    case RealSenseID::AuthenticateStatus::SerialSecurityError:
-        return "SerialSecurityError";
+    case RealSenseID::AuthenticateStatus::SecurityError:
+        return "SecurityError";
     case RealSenseID::AuthenticateStatus::VersionMismatch:
         return "VersionMismatch";
     case RealSenseID::AuthenticateStatus::CrcError:
         return "CrcError";
-    case RealSenseID::AuthenticateStatus::Reserved1:
-        return "Reserved1";
-    case RealSenseID::AuthenticateStatus::Reserved2:
-        return "Reserved2";
-    case RealSenseID::AuthenticateStatus::Reserved3:
-        return "Reserved3";
+    case RealSenseID::AuthenticateStatus::LicenseError:
+        return "LicenseError";
+    case RealSenseID::AuthenticateStatus::LicenseCheck:
+        return "LicenseCheck";
+    case RealSenseID::AuthenticateStatus::Spoof_2D:
+        return "Spoof_2D";
+    case RealSenseID::AuthenticateStatus::Spoof_3D:
+        return "Spoof_3D";
+    case RealSenseID::AuthenticateStatus::Spoof_LR:
+        return "Spoof_LR";
     default:
         return "Unknown Status";
     }
@@ -217,9 +222,9 @@ const char* Description(DeviceConfig::SecurityLevel level)
     case DeviceConfig::SecurityLevel::High:
         return "High";
     case DeviceConfig::SecurityLevel::Medium:
-        return "Medium";   
+        return "Medium";
     case DeviceConfig::SecurityLevel::Low:
-        return "Low";    
+        return "Low";
     default:
         return "Unknown value";
     }
@@ -232,9 +237,9 @@ const char* Description(DeviceConfig::MatcherConfidenceLevel matcher_confidence_
     case DeviceConfig::MatcherConfidenceLevel::High:
         return "High";
     case DeviceConfig::MatcherConfidenceLevel::Medium:
-        return "Medium";    
+        return "Medium";
     case DeviceConfig::MatcherConfidenceLevel::Low:
-        return "Low";    
+        return "Low";
     default:
         return "Unknown value";
     }
@@ -247,7 +252,7 @@ const char* Description(DeviceConfig::FaceSelectionPolicy policy)
     case DeviceConfig::FaceSelectionPolicy::Single:
         return "Single";
     case DeviceConfig::FaceSelectionPolicy::All:
-        return "All";    
+        return "All";
     default:
         return "Unknown value";
     }
@@ -273,15 +278,19 @@ EnrollStatus ToEnrollStatus(PacketManager::SerialStatus serial_status)
     switch (serial_status)
     {
     case PacketManager::SerialStatus::Ok:
-        return EnrollStatus::SerialOk;
+        return EnrollStatus::Ok;
     case PacketManager::SerialStatus::SecurityError:
-        return EnrollStatus::SerialSecurityError;
+        return EnrollStatus::SecurityError;
     case PacketManager::SerialStatus::VersionMismatch:
         return EnrollStatus::VersionMismatch;
     case PacketManager::SerialStatus::CrcError:
         return EnrollStatus::CrcError;
+    case PacketManager::SerialStatus::LicenseError:
+        return EnrollStatus::LicenseError;
+    case PacketManager::SerialStatus::LicenseCheck:
+        return EnrollStatus::LicenseCheck;
     default:
-        return EnrollStatus::SerialError;
+        return EnrollStatus::Error;
     }
 }
 
@@ -290,15 +299,19 @@ AuthenticateStatus ToAuthStatus(PacketManager::SerialStatus serial_status)
     switch (serial_status)
     {
     case PacketManager::SerialStatus::Ok:
-        return AuthenticateStatus::SerialOk;
+        return AuthenticateStatus::Ok;
     case PacketManager::SerialStatus::SecurityError:
-        return AuthenticateStatus::SerialSecurityError;
+        return AuthenticateStatus::SecurityError;
     case PacketManager::SerialStatus::VersionMismatch:
         return AuthenticateStatus::VersionMismatch;
     case PacketManager::SerialStatus::CrcError:
         return AuthenticateStatus::CrcError;
+    case PacketManager::SerialStatus::LicenseError:
+        return AuthenticateStatus::LicenseError;
+    case PacketManager::SerialStatus::LicenseCheck:
+        return AuthenticateStatus::LicenseCheck;
     default:
-        return AuthenticateStatus::SerialError;
+        return AuthenticateStatus::Error;
     }
 }
 
@@ -314,8 +327,37 @@ Status ToStatus(PacketManager::SerialStatus serial_status)
         return Status::VersionMismatch;
     case PacketManager::SerialStatus::CrcError:
         return Status::CrcError;
+    case PacketManager::SerialStatus::LicenseError:
+        return Status::LicenseError;
+    case PacketManager::SerialStatus::LicenseCheck:
+        return Status::LicenseCheck;
+    default:
+        return Status::Error;
+    }
+}
+
+PacketManager::SerialStatus ToSerialStatus(Status fa_status)
+{
+    switch (fa_status)
+    {
+    case Status::Ok:
+        return PacketManager::SerialStatus::Ok;
+    case Status::Error:
+        return PacketManager::SerialStatus::SecurityError;
+    case Status::SerialError:
+        return PacketManager::SerialStatus::RecvFailed;
+    case Status::SecurityError:
+        return PacketManager::SerialStatus::SecurityError;
+    case Status::VersionMismatch:
+        return PacketManager::SerialStatus::VersionMismatch;
+    case Status::CrcError:
+        return PacketManager::SerialStatus::CrcError;
+    case Status::LicenseError:
+        return PacketManager::SerialStatus::LicenseError;
+    case Status::LicenseCheck:
+        return PacketManager::SerialStatus::LicenseCheck;
     default:
-        return Status::SerialError;
+        return PacketManager::SerialStatus::SecurityError;
     }
 }
 } // namespace RealSenseID
diff --git a/src/StatusHelper.h b/src/StatusHelper.h
index 138d2e8..cd4d8b8 100644
--- a/src/StatusHelper.h
+++ b/src/StatusHelper.h
@@ -15,4 +15,5 @@ namespace RealSenseID
 Status ToStatus(PacketManager::SerialStatus serial_status);
 EnrollStatus ToEnrollStatus(PacketManager::SerialStatus serial_status);
 AuthenticateStatus ToAuthStatus(PacketManager::SerialStatus serial_status);
+PacketManager::SerialStatus ToSerialStatus(Status fa_status);
 } // namespace RealSenseID
diff --git a/src/UpdateChecker.cc b/src/UpdateChecker.cc
new file mode 100644
index 0000000..773d13e
--- /dev/null
+++ b/src/UpdateChecker.cc
@@ -0,0 +1,162 @@
+#include "RealSenseID/UpdateChecker.h"
+#include "RealSenseID/Version.h"
+#include "Logger.h"
+#include "RealSenseID/DeviceController.h"
+#include <nlohmann/json.hpp>
+#include <restclient-cpp/restclient.h>
+#include <iostream>
+#include <sstream>
+#include <regex>
+#include <cstdint>
+
+
+using json = NLOHMANN_JSON_NAMESPACE::json;
+using namespace NLOHMANN_JSON_NAMESPACE::literals;
+
+static const char* LOG_TAG = "UpdateChecker";
+
+namespace RealSenseID
+{
+using UpdateCheck::UpdateChecker;
+
+namespace UpdateCheck
+{
+struct ReleaseInfoInternal {
+    uint64_t sw_version = 0;
+    uint64_t fw_version = 0;
+    std::string sw_version_str;
+    std::string fw_version_str;
+    std::string release_url;
+    std::string release_notes_url;
+};
+
+NLOHMANN_DEFINE_TYPE_NON_INTRUSIVE(ReleaseInfoInternal,
+                                   sw_version,
+                                   fw_version,
+                                   sw_version_str,
+                                   fw_version_str,
+                                   release_url,
+                                   release_notes_url
+)
+
+ReleaseInfo::~ReleaseInfo()
+{
+    delete[] sw_version_str;
+    delete[] fw_version_str;
+    delete[] release_url;
+    delete[] release_notes_url;
+}
+}
+
+static const std::string RELEASE_ADDRESS = "https://raw.githubusercontent.com/IntelRealSense/RealSenseID/master/release_info.json";
+
+inline const char* string_to_char_p(const std::string& src) {
+    size_t length = strlen(src.c_str());
+    const char * dst = new char[length + 1];
+    ::memcpy((void*)dst, src.c_str(), length + 1);
+    return dst;
+}
+
+Status UpdateCheck::UpdateChecker::GetRemoteReleaseInfo(ReleaseInfo& release_info) const
+{
+    RestClient::Response response;
+    try
+    {
+        response = RestClient::get(RELEASE_ADDRESS);
+    } catch (const std::exception& ex) {
+        LOG_ERROR(LOG_TAG, "Error while sending license request. Exception: %s", ex.what());
+        return Status::Error;
+    }
+
+    if (response.code != 200) {
+        std::stringstream error;
+        error << "Response code: [" << response.code << "]" << std::endl;
+        error << "Response body: [" << response.body << "]" << std::endl;
+        LOG_ERROR(LOG_TAG, error.str().c_str());
+        return Status::Error;
+    }
+
+    try
+    {
+        json j = json::parse(response.body);
+        ReleaseInfoInternal release_info_internal = j.template get<ReleaseInfoInternal>();
+        release_info.sw_version = release_info_internal.sw_version;
+        release_info.fw_version = release_info_internal.fw_version;
+
+        release_info.fw_version_str = string_to_char_p(release_info_internal.fw_version_str);
+        release_info.sw_version_str = string_to_char_p(release_info_internal.sw_version_str);
+        release_info.release_url = string_to_char_p(release_info_internal.release_url);
+        release_info.release_notes_url = string_to_char_p(release_info_internal.release_notes_url);
+    } catch (const std::exception& ex) {
+        LOG_ERROR(LOG_TAG, "Error while parsing json. Exception: %s", ex.what());
+        return Status::Error;
+    }
+
+    return Status::Ok;
+}
+
+Status UpdateCheck::UpdateChecker::GetLocalReleaseInfo(const RealSenseID::SerialConfig& serial_config,
+                                                       ReleaseInfo& release_info) const
+{
+    RealSenseID::DeviceController deviceController;
+    auto connect_status = deviceController.Connect(serial_config);
+    if (connect_status != RealSenseID::Status::Ok)
+    {
+        LOG_ERROR(LOG_TAG, "Failed connecting to port %s, status: %d", serial_config.port, connect_status);
+        return connect_status;
+    }
+
+    std::string firmware_version;
+    auto status = deviceController.QueryFirmwareVersion(firmware_version);
+    deviceController.Disconnect();
+    if (status != RealSenseID::Status::Ok)
+    {
+        LOG_ERROR(LOG_TAG, "Failed getting firmware version. Status: %d", status);        
+        return status;
+    }
+    
+    std::string search_in = firmware_version;
+
+    std::stringstream version_stream(firmware_version);
+    std::string section;
+    while (std::getline(version_stream, section, '|'))
+    {
+        if (section.find("OPFW:") != std::string::npos)
+        {
+            auto pos = section.find(':');
+            auto sub = section.substr(pos + 1, std::string::npos);
+            search_in = sub;
+        }
+    }
+
+    // try to extract version from string
+    std::smatch matches;
+    std::regex SEMVER_REGEX(R"(^([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)$)");
+    bool success = std::regex_match(search_in, matches, SEMVER_REGEX);
+
+    if (!success)
+    {
+        LOG_ERROR(LOG_TAG, "Failed parsing firmware version from string");        
+        return Status::Error;
+    }
+        
+    auto fw_major = std::stoul(matches[1]);
+    auto fw_minor = std::stoul(matches[2]);
+    auto fw_revision = std::stoul(matches[3]);
+    auto fw_build = std::stoul(matches[4]);
+
+    release_info.fw_version = fw_build +                // 3 digits for build
+                              fw_revision * 10000 +     // 2 digits for revision
+                              fw_minor    * 1000000 +   // 2 digits for minor
+                              fw_major    * 100000000;  // 2 digits for major
+    release_info.fw_version_str = string_to_char_p(search_in);
+
+    release_info.sw_version = RSID_VERSION;
+    std::stringstream sw_version_str;
+    sw_version_str << RSID_VER_MAJOR << "." << RSID_VER_MINOR << "." << RSID_VER_PATCH;
+    release_info.sw_version_str = string_to_char_p(sw_version_str.str());
+
+
+    return Status::Ok;
+}
+}
diff --git a/tools/README.md b/tools/README.md
index 33d4673..94a5f5d 100644
--- a/tools/README.md
+++ b/tools/README.md
@@ -5,8 +5,6 @@
 
 [Instructions for Linux](#linux----compilation-and-usage)
 
-[Instructions for Android](#android----compilation-and-usage)
-
 ## **Windows** -  Compilation and usage 
 
 ##  **Dependencies**:
@@ -133,34 +131,4 @@ At bin folder (where .exe files are located) run command line and run the app as
 For Example:
 ```console
 ./rsid-cli /dev/ttyACM0 usb
-```
-
-
-## **Android** -  Compilation and usage 
-
-## **Dependencies**:
-- **[Android Studio](https://developer.android.com/studio)**
-- **[SWIG](http://www.swig.org/download.html)**
-- **[LibUSB](https://github.com/libusb/libusb)**
-(Currently required - later will only be required to enable preview)
-- **[LibUVC](https://github.com/libuvc/libuvc)**
-(Currently required - later will only be required to enable preview)
-
-##  **How to build:**
-### **Prerequisites**
-- `SWIG` is used to create the JNI and Java wrappers to RealSenseID C++ API. Please download and install SWIG-4.0.2 or newer in your development environment to enable wrapper code generation during CMake builds. If developing in Windows, it's suggested to download swigwin-4.0.2 or later, install it and add it to PATH environment variable. For other development OSes, please follow instructions [online](http://www.swig.org/Doc4.0/SWIGDocumentation.html#Preface_installation) on how to compile and install from source.
-- `LIBUSB & LIBUVC` are required for preview in Android. Currently, preview support must be part of Android compilation (RSID_PREVIEW flag must be set to ON). The developer can choose if to compile both libraries from source for Android OS and the [ABI](https://developer.android.com/ndk/guides/abis) matching the destination platform, or take the libraries we precompiled and shared in the [releases section](https://github.com/IntelRealSense/RealSenseID/releases).
-
-**Build sample APK**
- 1. Download or Clone the repository.
- 2. Copy LibUSB and LibUVC header folder (include) and precompiled binaries devided by ABI folders (x86_64, arm64-v8a etc...) to \<RealSenseID repository\>/3rdparty/uvc. It should look similar to this: ![3rdparty/uvc](rsid-android-app/3rdparty_uvc.png)
- 3. In Android Studio, File->Open: \<RealSenseID repository\>/tools/rsid-android-app
- 4. "Sync project" and then "Make project".
- 
- 	Note: Application and "RealSenseIDSwigClient" module have two flavors. "Secured" and "Unsecured" to choose between the two supported modes. If when trying to switch between them, you suffer compilation issues, try Android Studio's "Refresh Linked C++ Projects" option. Another thing that might work is to remove all auto generated files (try "git clean -dfix" can help).
-
- **Done!**
-## **How to run the android application**
-- Install the sample application on an Android device.
-- Connect Intel RealSense ID F450 / F455 device to an OTG supported Android device.
-- Run the sample application and when asked for, grant the application permission to access the Realsense ID F45# device.
+```
\ No newline at end of file
diff --git a/tools/rsid-android-app/.gitignore b/tools/rsid-android-app/.gitignore
deleted file mode 100644
index 55ac0b2..0000000
--- a/tools/rsid-android-app/.gitignore
+++ /dev/null
@@ -1,12 +0,0 @@
-*.iml
-
-/local.properties
-/.idea
-.DS_Store
-/build
-/captures
-.externalNativeBuild
-.cxx
-.gradle
-.project
-.settings
diff --git a/tools/rsid-android-app/3rdparty_uvc.png b/tools/rsid-android-app/3rdparty_uvc.png
deleted file mode 100644
index 56e8881..0000000
Binary files a/tools/rsid-android-app/3rdparty_uvc.png and /dev/null differ
diff --git a/tools/rsid-android-app/app/.gitignore b/tools/rsid-android-app/app/.gitignore
deleted file mode 100644
index 796b96d..0000000
--- a/tools/rsid-android-app/app/.gitignore
+++ /dev/null
@@ -1 +0,0 @@
-/build
diff --git a/tools/rsid-android-app/app/build.gradle b/tools/rsid-android-app/app/build.gradle
deleted file mode 100644
index 38dfb07..0000000
--- a/tools/rsid-android-app/app/build.gradle
+++ /dev/null
@@ -1,66 +0,0 @@
-apply plugin: 'com.android.application'
-
-android {
-    compileSdkVersion 29
-
-    compileOptions {
-        sourceCompatibility JavaVersion.VERSION_1_8
-        targetCompatibility JavaVersion.VERSION_1_8
-    }
-
-    defaultConfig {
-        applicationId "com.intel.realsenseid.f450androidexample"
-        minSdkVersion 23
-        //noinspection ExpiredTargetSdkVersion
-        targetSdkVersion 27
-        versionName "0_25_0"
-
-        testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
-
-    }
-
-    buildTypes {
-        release {
-            minifyEnabled false
-            proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
-        }
-    }
-
-    flavorDimensions "default"
-    productFlavors {
-        unsecured {
-            dimension "default"
-        }
-        secured {
-            dimension "default"
-        }
-    }
-
-    applicationVariants.all { variant ->
-        variant.outputs.all { output ->
-            def appName = "realsenseid_example"
-            def os = "android"
-            def buildType = variant.buildType.name
-            def newName = "${appName}_${defaultConfig.versionName}_${buildType}_${os}.apk"
-
-            outputFileName = newName
-        }
-    }
-}
-
-dependencies {
-    implementation fileTree(dir: 'libs', include: ['*.jar'])
-    implementation 'androidx.annotation:annotation:1.1.0'
-    implementation 'androidx.appcompat:appcompat:1.3.0-beta01'
-    implementation 'com.google.android.material:material:1.3.0'
-    implementation 'androidx.constraintlayout:constraintlayout:2.0.4'
-    implementation 'androidx.recyclerview:recyclerview:1.1.0'
-    implementation project(path: ':RealSenseIDSwigClient')
-    implementation 'org.jetbrains:annotations:15.0'
-    testImplementation 'junit:junit:4.13.2'
-    androidTestImplementation 'androidx.test.ext:junit:1.1.2'
-    androidTestImplementation 'androidx.test.espresso:espresso-core:3.3.0'
-
-}
-
-
diff --git a/tools/rsid-android-app/app/proguard-rules.pro b/tools/rsid-android-app/app/proguard-rules.pro
deleted file mode 100644
index f1b4245..0000000
--- a/tools/rsid-android-app/app/proguard-rules.pro
+++ /dev/null
@@ -1,21 +0,0 @@
-# Add project specific ProGuard rules here.
-# You can control the set of applied configuration files using the
-# proguardFiles setting in build.gradle.
-#
-# For more details, see
-#   http://developer.android.com/guide/developing/tools/proguard.html
-
-# If your project uses WebView with JS, uncomment the following
-# and specify the fully qualified class name to the JavaScript interface
-# class:
-#-keepclassmembers class fqcn.of.javascript.interface.for.webview {
-#   public *;
-#}
-
-# Uncomment this to preserve the line number information for
-# debugging stack traces.
-#-keepattributes SourceFile,LineNumberTable
-
-# If you keep the line number information, uncomment this to
-# hide the original source file name.
-#-renamesourcefileattribute SourceFile
diff --git a/tools/rsid-android-app/app/src/androidTest/java/com/intel/realsenseid/f450androidexample/ExampleInstrumentedTest.java b/tools/rsid-android-app/app/src/androidTest/java/com/intel/realsenseid/f450androidexample/ExampleInstrumentedTest.java
deleted file mode 100644
index 0cdaf04..0000000
--- a/tools/rsid-android-app/app/src/androidTest/java/com/intel/realsenseid/f450androidexample/ExampleInstrumentedTest.java
+++ /dev/null
@@ -1,89 +0,0 @@
-package com.intel.realsenseid.f450androidexample;
-
-import android.content.Context;
-import android.util.Log;
-
-import com.intel.realsenseid.api.AuthenticateStatus;
-import com.intel.realsenseid.api.AuthenticationCallback;
-import com.intel.realsenseid.api.Status;
-
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-
-import androidx.test.ext.junit.rules.ActivityScenarioRule;
-import androidx.test.ext.junit.runners.AndroidJUnit4;
-import androidx.test.platform.app.InstrumentationRegistry;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-
-/**
- * Instrumented test, which will execute on an Android device.
- *
- * @see <a href="http://d.android.com/tools/testing">Testing documentation</a>
- */
-@RunWith(AndroidJUnit4.class)
-public class ExampleInstrumentedTest {
-    static final String TAG = "ExampleInstrumentedTest";
-    @Rule
-    public ActivityScenarioRule<MainActivity> activityScenarioRule
-            = new ActivityScenarioRule<>(MainActivity.class);
-
-    @Test
-    public void useAppContext() {
-        // Context of the app under test.
-        Context appContext = InstrumentationRegistry.getInstrumentation().getTargetContext();
-
-        assertEquals("com.intel.realsenseid.f450androidexample", appContext.getPackageName());
-    }
-
-    @Test
-    public void removeAllStressTest() {
-        activityScenarioRule.getScenario().onActivity(activity -> {
-            for (int i = 0; i<1000 ; ++i) {
-                if (0 == i%50)
-                {
-                    Log.d(TAG, "removeAllStressTest: in iteration " + String.valueOf(i));
-                }
-                final int iteration = i;
-                activity.DoWhileConnected(() -> {
-                    assertEquals("Connection stress test failed on iteration " + String.valueOf(iteration), Status.Ok, activity.m_faceAuthenticator.RemoveAll());
-                });
-            }
-        });
-    }
-
-    @Test
-    public void authenticateStressTest() {
-        activityScenarioRule.getScenario().onActivity(activity -> {
-            class BoolWrapper {
-                boolean s;
-            };
-            final BoolWrapper k = new BoolWrapper();
-            AuthenticationCallback cb = new AuthenticationCallback() {
-                public void OnResult(AuthenticateStatus status, String userId) {
-                    k.s = true;
-                }
-                public void OnHint(AuthenticateStatus hint) {
-                }
-            };
-            for (int i = 0; i<500 ; ++i) {
-                if (0 == i%10)
-                {
-                    Log.d(TAG, "authenticateStressTest: in iteration " + String.valueOf(i));
-                }
-                k.s = false;
-                final int iteration = i;
-                activity.DoWhileConnected(() -> {
-                    Status authenticateStatus = activity.m_faceAuthenticator.Authenticate(cb);
-                    assertTrue("Authentication stress test failed on iteration "
-                            + String.valueOf(iteration)
-                            + " latest authentication status: "
-                            + authenticateStatus.toString(), k.s);
-                });
-
-            }
-        });
-    }
-}
diff --git a/tools/rsid-android-app/app/src/main/AndroidManifest.xml b/tools/rsid-android-app/app/src/main/AndroidManifest.xml
deleted file mode 100644
index 3f4f6c4..0000000
--- a/tools/rsid-android-app/app/src/main/AndroidManifest.xml
+++ /dev/null
@@ -1,30 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<manifest xmlns:android="http://schemas.android.com/apk/res/android"
-    package="com.intel.realsenseid.f450androidexample">
-
-    <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
-
-    <application
-        android:allowBackup="true"
-        android:icon="@mipmap/ic_launcher"
-        android:label="@string/app_name"
-        android:roundIcon="@mipmap/ic_launcher_round"
-        android:theme="@style/Theme.MyApplication">
-        <activity android:name=".FilesListActivity"></activity>
-        <activity
-            android:name=".MainActivity"
-            android:configChanges="orientation"
-            android:screenOrientation="landscape"
-            android:theme="@style/Theme.MyApplication.NoActionBar">
-            <intent-filter>
-                <action android:name="android.intent.action.MAIN" />
-
-                <category android:name="android.intent.category.LAUNCHER" />
-            </intent-filter>
-            <intent-filter>
-                <action android:name="android.hardware.usb.action.USB_DEVICE_ATTACHED" />
-            </intent-filter>
-        </activity>
-    </application>
-
-</manifest>
\ No newline at end of file
diff --git a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/AndroidPreviewImageReadyCallback.java b/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/AndroidPreviewImageReadyCallback.java
deleted file mode 100644
index f1fabb0..0000000
--- a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/AndroidPreviewImageReadyCallback.java
+++ /dev/null
@@ -1,39 +0,0 @@
-package com.intel.realsenseid.f450androidexample;
-
-import android.graphics.Bitmap;
-import android.view.TextureView;
-
-import com.intel.realsenseid.api.Image;
-import com.intel.realsenseid.api.PreviewImageReadyCallback;
-
-import java.nio.ByteBuffer;
-import java.util.concurrent.atomic.AtomicBoolean;
-
-public class AndroidPreviewImageReadyCallback extends PreviewImageReadyCallback {
-    private static final int BYTES_PER_PIXEL = 4;
-    private AtomicBoolean m_flipPreview;
-    private TextureView m_previewTxv;
-    private byte[] m_previewBuffer;
-
-    public AndroidPreviewImageReadyCallback(TextureView previewTxv)
-    {
-        this.m_previewBuffer = null;
-        this.m_previewTxv = previewTxv;
-    }
-
-    public void OnPreviewImageReady(Image image){
-        if (m_previewBuffer == null) {
-            m_previewBuffer = new byte[(int)(image.getWidth()*image.getHeight()*BYTES_PER_PIXEL)];
-        }
-        image.GetImageBuffer(m_previewBuffer);
-        renderImage(m_previewBuffer, (int)image.getWidth(), (int)image.getHeight());
-    }
-	
-    private void renderImage(byte[] rgbBuffer, int width, int height)
-    {
-        Bitmap bmp = Bitmap.createBitmap(width, height, Bitmap.Config.ARGB_8888);
-        ByteBuffer buffer = ByteBuffer.wrap(rgbBuffer);
-        bmp.copyPixelsFromBuffer(buffer);
-        new ImagePoster(bmp, m_previewTxv).run();
-    }   
-}
diff --git a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/ConnectionWrappedFunction.java b/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/ConnectionWrappedFunction.java
deleted file mode 100644
index 3c4c3dc..0000000
--- a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/ConnectionWrappedFunction.java
+++ /dev/null
@@ -1,5 +0,0 @@
-package com.intel.realsenseid.f450androidexample;
-
-public interface ConnectionWrappedFunction {
-    void Do();
-}
diff --git a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/EnrollmentPoseTracker.java b/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/EnrollmentPoseTracker.java
deleted file mode 100644
index 2c5ceb4..0000000
--- a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/EnrollmentPoseTracker.java
+++ /dev/null
@@ -1,59 +0,0 @@
-package com.intel.realsenseid.f450androidexample;
-
-import com.intel.realsenseid.api.FacePose;
-
-import java.util.LinkedList;
-import java.util.List;
-
-public class EnrollmentPoseTracker {
-    private List<TrackedPose> m_trackedPoses;
-
-    private class TrackedPose {
-
-        private final FacePose m_pose;
-        private boolean m_check;
-
-        public TrackedPose(FacePose p) {
-            m_pose = p;
-            m_check = false;
-        }
-
-
-        public FacePose getPose() {
-            return m_pose;
-        }
-
-        public boolean isCheck() {
-            return m_check;
-        }
-
-        public void setCheck() {
-            this.m_check = true;
-        }
-    }
-
-    public EnrollmentPoseTracker(FacePose[] facePoses) {
-        m_trackedPoses = new LinkedList<>();
-        for (FacePose p : facePoses) {
-            m_trackedPoses.add(new TrackedPose(p));
-        }
-    }
-
-    public void markPoseCheck(FacePose pose) {
-        for (TrackedPose tp: m_trackedPoses) {
-            if ((tp.getPose() == pose) && !tp.isCheck()) {
-                tp.setCheck();
-                return;
-            }
-        }
-    }
-
-    public FacePose getNext() {
-        for (TrackedPose tp: m_trackedPoses) {
-            if (!tp.isCheck()) {
-                return tp.getPose();
-            }
-        }
-        return null;
-    }
-}
diff --git a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FileModel.java b/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FileModel.java
deleted file mode 100644
index b8c8d1e..0000000
--- a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FileModel.java
+++ /dev/null
@@ -1,59 +0,0 @@
-package com.intel.realsenseid.f450androidexample;
-
-
-public class FileModel {
-    public String getPath() {
-        return path;
-    }
-
-    public void setPath(String path) {
-        this.path = path;
-    }
-
-    public FileType getFileType() {
-        return fileType;
-    }
-
-    public void setFileType(FileType fileType) {
-        this.fileType = fileType;
-    }
-
-    public String getName() {
-        return name;
-    }
-
-    public void setName(String name) {
-        this.name = name;
-    }
-
-    public Double getSizeInMB() {
-        return sizeInMB;
-    }
-
-    public void setSizeInMB(Double sizeInMB) {
-        this.sizeInMB = sizeInMB;
-    }
-
-    public String getExtension() {
-        return extension;
-    }
-
-    public void setExtension(String extension) {
-        this.extension = extension;
-    }
-
-    public int getSubFiles() {
-        return subFiles;
-    }
-
-    public void setSubFiles(int subFiles) {
-        this.subFiles = subFiles;
-    }
-
-    private String path;
-    private FileType fileType;
-    private String name;
-    private Double sizeInMB;
-    private String extension;
-    private int subFiles;
-}
\ No newline at end of file
diff --git a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FileType.java b/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FileType.java
deleted file mode 100644
index bb850e4..0000000
--- a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FileType.java
+++ /dev/null
@@ -1,14 +0,0 @@
-package com.intel.realsenseid.f450androidexample;
-
-import java.io.File;
-
-public enum FileType {
-    FILE,
-    FOLDER;
-
-    public static FileType getType(File file) {
-        if (file.isDirectory())
-            return FOLDER;
-        return FILE;
-    }
-}
diff --git a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FileUtils.java b/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FileUtils.java
deleted file mode 100644
index 4920aed..0000000
--- a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FileUtils.java
+++ /dev/null
@@ -1,47 +0,0 @@
-package com.intel.realsenseid.f450androidexample;
-
-import java.io.File;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.List;
-
-public class FileUtils {
-
-    public static List<File> getFilesFromPath(String path) {
-        File file = new File(path);
-        return Arrays.asList(file.listFiles());
-    }
-
-    public static List<FileModel> getFileModelsFromFiles(List<File> files) {
-        List<FileModel> outList = new ArrayList<>();
-        for (File it : files) {
-            FileModel fm = new FileModel(); // TODO: create builder for FileModel and use it instead
-            fm.setPath(it.getPath());
-            fm.setFileType(FileType.getType(it));
-            fm.setName(it.getName());
-            fm.setSizeInMB(convertFileSizeToMB(it.length()));
-            fm.setExtension(getExtension(it));
-            fm.setSubFiles(getNumberOfSubFiles(it));
-            outList.add(fm);
-        }
-        return outList;
-    }
-
-    private static int getNumberOfSubFiles(File f) {
-        if (!f.isDirectory())
-            return 0;
-        return f.listFiles().length;
-    }
-
-    private static String getExtension(File f) {
-        String filename = f.getName();
-        int lastDotIndex = filename.lastIndexOf(".");
-        if (lastDotIndex < 0)
-            return "";
-        return filename.substring(lastDotIndex);
-    }
-
-    private static Double  convertFileSizeToMB(Long sizeInBytes) {
-        return (sizeInBytes.doubleValue()) / (1024 * 1024);
-    }
-}
diff --git a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FilesListActivity.java b/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FilesListActivity.java
deleted file mode 100644
index 3324fa2..0000000
--- a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FilesListActivity.java
+++ /dev/null
@@ -1,222 +0,0 @@
-package com.intel.realsenseid.f450androidexample;
-
-import android.os.Bundle;
-import android.os.Environment;
-
-import com.intel.realsenseid.api.DeviceController;
-import com.intel.realsenseid.api.FwUpdater;
-import com.intel.realsenseid.api.Status;
-import com.intel.realsenseid.api.StringVector;
-import com.intel.realsenseid.api.SwigWrapper;
-import com.intel.realsenseid.impl.UsbCdcConnection;
-
-import org.jetbrains.annotations.NotNull;
-
-import java.util.regex.Pattern;
-
-import androidx.appcompat.app.AlertDialog;
-import androidx.appcompat.app.AppCompatActivity;
-
-public class FilesListActivity extends AppCompatActivity implements FilesListFragment.OnViewItemClickListener {
-
-    private FirmwareUpdateLogic firmwareUpdateLogic;
-    private String deviceSerialNumber = null;
-
-    @Override
-    protected void onCreate(Bundle savedInstanceState) {
-        super.onCreate(savedInstanceState);
-
-        setContentView(R.layout.files_list_activity);
-        if (savedInstanceState == null) {
-            getSupportFragmentManager().beginTransaction()
-                    .add(R.id.container, new FilesListFragment(Environment.getExternalStorageDirectory().getAbsolutePath()))
-                    .addToBackStack(Environment.getExternalStorageDirectory().getAbsolutePath())
-                    .commit();
-        }
-        firmwareUpdateLogic = new FirmwareUpdateLogic(this);
-    }
-
-    @Override
-    protected void onStart() {
-        super.onStart();
-        retrieveDeviceSerialNumber();
-    }
-
-    private void retrieveDeviceSerialNumber() {
-        new Thread(() -> {
-            UsbCdcConnection connection = new UsbCdcConnection();
-            if (!connection.FindSupportedDevice(getApplicationContext())) {
-                throw new RuntimeException("Supported USB device not found");
-            }
-            if (!connection.OpenConnection()) {
-                throw new RuntimeException("Couldn't open connection to USB device");
-            }
-            com.intel.realsenseid.api.AndroidSerialConfig config = new com.intel.realsenseid.api.AndroidSerialConfig();
-            config.setFileDescriptor(connection.GetFileDescriptor());
-            config.setReadEndpoint(connection.GetReadEndpointAddress());
-            config.setWriteEndpoint(connection.GetWriteEndpointAddress());
-            DeviceController dc = new DeviceController();
-            dc.Connect(config);
-            String[] sn = new String[] {""};
-            Status s = dc.QuerySerialNumber(sn);
-            if (s == Status.Ok) {
-                deviceSerialNumber = sn[0];
-            } else {
-                deviceSerialNumber = null;
-            }
-            dc.Disconnect();
-        }).start();
-    }
-
-    @Override
-    public void onClick(@NotNull FileModel fileModel) {
-        if (fileModel.getFileType() == FileType.FOLDER) {
-            addFileFragment(fileModel);
-        } else {
-            handleFileSelection(fileModel);
-        }
-    }
-
-    @Override
-    public void onLongClick(FileModel fileModel) {
-
-    }
-
-    private void handleFileSelection(@NotNull FileModel fileModel) {
-        String path = fileModel.getPath();
-        FwUpdater fwu = new FwUpdater();
-        String[] fwVersion = new String[]{""};
-        String[] recognitionVersion = new String[]{""};
-        StringVector moduleNames = new StringVector();
-        boolean versionExtractionStatus = fwu.ExtractFwInformation(path, fwVersion, recognitionVersion, moduleNames);
-        String firmwareVersion = fwVersion[0];
-        if (!versionExtractionStatus) {
-            showIncompatibleFileDialog(fileModel.getName());
-            return;
-        }
-        if (!fwu.IsEncryptionSupported(fileModel.getPath(), deviceSerialNumber)) {
-            showIncompatibleSkuDialog(deviceSerialNumber);
-            return;
-        }
-        if (!SwigWrapper.IsFwCompatibleWithHost(firmwareVersion)) {
-            showIncompatibleVersionDialog(fileModel, firmwareVersion, recognitionVersion[0]);
-            return;
-        }
-        checkPolicyAndProceed(fileModel, firmwareVersion, recognitionVersion[0]);
-    }
-
-    private void checkPolicyAndProceed(@NotNull FileModel fileModel, String firmwareVersion, String recognitionVersion) {
-        FwUpdater.UpdatePolicyInfo policyInfo =  firmwareUpdateLogic.decideUpdatePolicy(fileModel.getPath());
-        if (policyInfo.getPolicy() == FwUpdater.UpdatePolicyInfo.UpdatePolicy.NOT_ALLOWED)
-        {
-            showPolicyNotAllowedDialog();
-            return;
-        }
-        if  (policyInfo.getPolicy() == FwUpdater.UpdatePolicyInfo.UpdatePolicy.REQUIRE_INTERMEDIATE_FW)
-        {
-            showPolicyRequireIntermediateDialog(policyInfo.getIntermediate());
-            return;
-        }
-        showUpdateConfirmationDialog(fileModel, firmwareVersion, recognitionVersion);
-    }
-
-    private void showPolicyRequireIntermediateDialog(String intermediateVersion) {
-        new AlertDialog.Builder(this)
-                .setTitle("Incompatible firmware version")
-                .setMessage("Firmware cannot be updated directly to the chosen version.\n" +
-                        "Flash firmware version " + intermediateVersion + " first.\n")
-                .setPositiveButton(android.R.string.ok, null).show();
-    }
-
-    private void showPolicyNotAllowedDialog() {
-        new AlertDialog.Builder(this)
-                .setTitle("Incompatible firmware version")
-                .setMessage("Update from current device firmware to selected firmware file\n" +
-                        "is unsupported by this host application.\n")
-                .setPositiveButton(android.R.string.ok, null).show();
-    }
-
-    private void showIncompatibleSkuDialog(String deviceSerialNumber) {
-        String sku = DeviceSerialNumberToSku(deviceSerialNumber);
-        new AlertDialog.Builder(this)
-                .setTitle("Incompatible firmware SKU")
-                .setMessage("Selected firmware version is incompatible with your F450 model.\n" +
-                        "Please make sure the firmware file you're using is for " + sku +
-                        " devices and try again.\n")
-                .setPositiveButton(android.R.string.ok, null).show();
-    }
-
-    private String DeviceSerialNumberToSku(String deviceSerialNumber)
-    {
-        Pattern sku2Option1 = Pattern.compile("12[02]\\d6228\\d{4}.*");
-        Pattern sku2Option2 = Pattern.compile("\\d{4}6229\\d{4}.*");
-
-        if (sku2Option1.matcher(deviceSerialNumber).matches() || sku2Option2.matcher(deviceSerialNumber).matches())
-        {
-            return "sku2";
-        }
-        return "sku1";
-    }
-
-    private void showIncompatibleVersionDialog(@NotNull FileModel fileModel, String firmwareVersion, String recognitionVersion) {
-        new AlertDialog.Builder(this)
-                .setTitle("Incompatible firmware version")
-                .setMessage(fileModel.getName() + " is of firmware version " + firmwareVersion +
-                        "\nwhich is INCOMPATIBLE with the host version\n" +
-                        "Host version: " + SwigWrapper.Version() + "\n" +
-                        "Compatible firmware versions: " + SwigWrapper.CompatibleFirmwareVersion()
-                        + "\nProceed anyway?")
-                .setPositiveButton(android.R.string.yes, ((dialogInterface, i) -> {
-                    checkPolicyAndProceed(fileModel, firmwareVersion, recognitionVersion);
-                }))
-                .setNegativeButton(android.R.string.no, null)
-                .show();
-    }
-
-    private void showIncompatibleFileDialog(String filename) {
-        new AlertDialog.Builder(this)
-                .setTitle("Unsupported file")
-                .setMessage("Could not extract firmware version from file. " + filename + " is " +
-                        "not a valid firmware file.")
-                .setPositiveButton(android.R.string.ok, null).show();
-    }
-
-    private void showUpdateConfirmationDialog(@NotNull FileModel fileModel, String firmwareVersion,
-                                              String recognitionVersion) {
-        String stringBuilder = "Are you sure you want to flash the following firmware?\n" +
-                "Filename: " + fileModel.getName() + "\n" +
-                "Firmware version: " + firmwareVersion + "\n" +
-                "Recognition version: " + recognitionVersion;
-        new AlertDialog.Builder(this)
-                .setTitle("Flash new firmware")
-                .setMessage(stringBuilder)
-                .setPositiveButton(android.R.string.ok, (dialogInterface, i) -> {
-                    switchToProgressFragment();
-                    firmwareUpdateLogic.updateFirmware(fileModel.getPath());
-                })
-                .setNegativeButton(android.R.string.cancel, null).show();
-    }
-
-    private void switchToProgressFragment() {
-        UpdateProgressFragment updateProgressFragment = new UpdateProgressFragment();
-        getSupportFragmentManager().beginTransaction()
-                .replace(R.id.container, updateProgressFragment)
-                .commit();
-    }
-
-    private void addFileFragment(@NotNull FileModel fileModel) {
-        FilesListFragment filesListFragment = new FilesListFragment(fileModel.getPath());
-        getSupportFragmentManager().beginTransaction()
-                .replace(R.id.container, filesListFragment)
-                .addToBackStack(fileModel.getPath())
-                .commit();
-    }
-
-    @Override
-    public void onBackPressed() {
-        super.onBackPressed();
-        if (getSupportFragmentManager().getBackStackEntryCount() == 0) {
-            finish();
-        }
-    }
-}
\ No newline at end of file
diff --git a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FilesListFragment.java b/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FilesListFragment.java
deleted file mode 100644
index f8a85ec..0000000
--- a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FilesListFragment.java
+++ /dev/null
@@ -1,83 +0,0 @@
-package com.intel.realsenseid.f450androidexample;
-
-import android.content.Context;
-import android.os.Bundle;
-import android.view.LayoutInflater;
-import android.view.View;
-import android.view.ViewGroup;
-import android.widget.Toast;
-
-import java.util.List;
-
-import androidx.annotation.NonNull;
-import androidx.annotation.Nullable;
-import androidx.fragment.app.Fragment;
-import androidx.recyclerview.widget.LinearLayoutManager;
-import androidx.recyclerview.widget.RecyclerView;
-
-public class FilesListFragment extends Fragment {
-    private static final String ARG_PATH = "com.intel.realsenseid.f450androidexample.fileLists.path";
-    private FilesRecyclerAdapter mFilesAdapter;
-    private OnViewItemClickListener mCallback;
-    private String PATH;
-
-    public interface OnViewItemClickListener {
-        void onClick(FileModel fileModel);
-        void onLongClick(FileModel fileModel);
-    }
-
-    public FilesListFragment(String path) {
-        Bundle args = new Bundle();
-        args.putString(ARG_PATH, path);
-        setArguments(args);
-    }
-
-    @Nullable
-    @Override
-    public View onCreateView(@NonNull LayoutInflater inflater, @Nullable ViewGroup container,
-                             @Nullable Bundle savedInstanceState) {
-        return inflater.inflate(R.layout.fragment_files_list, container, false);
-    }
-
-    @Override
-    public void onViewCreated(@NonNull View view, @Nullable Bundle savedInstanceState) {
-        super.onViewCreated(view, savedInstanceState);
-
-        String filePath = getArguments().getString(ARG_PATH);
-        if (filePath == null) {
-            Toast.makeText(view.getContext(), "Path should not be null!", Toast.LENGTH_SHORT).show();
-            return;
-        }
-        PATH = filePath;
-        initViews(view);
-    }
-
-    @Override
-    public void onAttach(@NonNull Context context) {
-        super.onAttach(context);
-
-        try {
-            mCallback = (OnViewItemClickListener) context;
-        } catch (Exception e) {
-            throw new RuntimeException("OnViewItemClickListener interface not implemented by context");
-        }
-    }
-
-    private void initViews(View view) {
-        RecyclerView filesRecyclerView = view.findViewById(R.id.files_recycler_view);
-        filesRecyclerView.setLayoutManager(new LinearLayoutManager(view.getContext()));
-        mFilesAdapter = new FilesRecyclerAdapter(mCallback);
-        filesRecyclerView.setAdapter(mFilesAdapter);
-        updateDate(view);
-    }
-
-    private void updateDate(View view) {
-        List<FileModel> files = FileUtils.getFileModelsFromFiles(FileUtils.getFilesFromPath(PATH));
-        if (files.isEmpty()) {
-            view.findViewById(R.id.empty_folder_layout).setVisibility(View.VISIBLE);
-        } else {
-            view.findViewById(R.id.empty_folder_layout).setVisibility(View.INVISIBLE);
-        }
-        mFilesAdapter.updateData(files);
-    }
-}
\ No newline at end of file
diff --git a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FilesRecyclerAdapter.java b/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FilesRecyclerAdapter.java
deleted file mode 100644
index ca463d5..0000000
--- a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FilesRecyclerAdapter.java
+++ /dev/null
@@ -1,89 +0,0 @@
-package com.intel.realsenseid.f450androidexample;
-
-import android.view.LayoutInflater;
-import android.view.View;
-import android.view.ViewGroup;
-import android.widget.TextView;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import androidx.annotation.NonNull;
-import androidx.recyclerview.widget.RecyclerView;
-
-public class FilesRecyclerAdapter extends RecyclerView.Adapter<FilesRecyclerAdapter.ViewHolder> {
-    private final FilesListFragment.OnViewItemClickListener mCallback;
-    // TODO: implement in the later.
-        /*var onItemClickListener: ((FileModel) -> Unit)? = null
-        var onItemLongClickListener: ((FileModel) -> Unit)? = null*/
-    List<FileModel> filesList = new ArrayList<>();
-
-    public FilesRecyclerAdapter(FilesListFragment.OnViewItemClickListener callback) {
-        mCallback= callback;
-    }
-
-
-    @NonNull
-    @Override
-    public ViewHolder onCreateViewHolder(@NonNull ViewGroup parent, int viewType) {
-        View view = LayoutInflater.from(parent.getContext()).inflate(R.layout.item_recycler_file, parent, false);
-        return new ViewHolder(view);
-    }
-
-    @Override
-    public void onBindViewHolder(@NonNull ViewHolder holder, int position) {
-        holder.bindView(position);
-    }
-
-    @Override
-    public int getItemCount() {
-        return filesList.size();
-    }
-
-    public void updateData(List<FileModel> filesList) {
-        this.filesList = filesList;
-        notifyDataSetChanged();
-    }
-
-    class ViewHolder extends RecyclerView.ViewHolder implements View.OnClickListener, View.OnLongClickListener {
-
-        public ViewHolder(@NonNull View itemView) {
-            super(itemView);
-            itemView.setOnClickListener(this);
-            itemView.setOnLongClickListener(this);
-        }
-
-        @Override
-        public void onClick(View view) {
-            mCallback.onClick(filesList.get(getAdapterPosition()));
-        }
-
-        @Override
-        public boolean onLongClick(View view) {
-            mCallback.onLongClick(filesList.get(getAdapterPosition()));
-            return true;
-        }
-
-        public void bindView(int position) {
-            FileModel fileModel = filesList.get(position);
-            getViewById(R.id.nameTextView).setText(fileModel.getName());
-
-            if (fileModel.getFileType() == FileType.FOLDER) {
-                getViewById(R.id.folderTextView).setVisibility(View.VISIBLE);
-                getViewById(R.id.totalSizeTextView).setVisibility(View.GONE);
-                getViewById(R.id.folderTextView).setText(String.format("%d files", fileModel.getSubFiles()));
-            } else {
-                getViewById(R.id.folderTextView).setVisibility(View.GONE);
-                getViewById(R.id.totalSizeTextView).setVisibility(View.VISIBLE);
-                getViewById(R.id.totalSizeTextView).setText(String.format("%.2f MB", fileModel.getSizeInMB()));
-            }
-        }
-
-        private TextView getViewById(int id) {
-            return (TextView) itemView.findViewById(id);
-        }
-    }
-
-
-
-}
\ No newline at end of file
diff --git a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FirmwareUpdateLogic.java b/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FirmwareUpdateLogic.java
deleted file mode 100644
index 65d6d8c..0000000
--- a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/FirmwareUpdateLogic.java
+++ /dev/null
@@ -1,187 +0,0 @@
-package com.intel.realsenseid.f450androidexample;
-
-import android.annotation.SuppressLint;
-import android.app.Activity;
-import android.util.Log;
-import android.widget.ProgressBar;
-
-import com.intel.realsenseid.api.AndroidSerialConfig;
-import com.intel.realsenseid.api.FwUpdater;
-import com.intel.realsenseid.api.FwUpdater.UpdatePolicyInfo;
-import com.intel.realsenseid.api.Status;
-import com.intel.realsenseid.api.StringVector;
-import com.intel.realsenseid.impl.UsbCdcConnection;
-
-public class FirmwareUpdateLogic {
-
-    private static final int MIN_WAIT_AFTER_RESTART_MS = 7000;
-    private static final int MAX_WAIT_AFTER_RESTART_MS = 30000;
-    private static final String TAG = "FirmwareUpdateLogic";
-    private static final String OPFW = "OPFW";
-    private Activity wrappingActivity;
-    private StringVector moduleNames;
-
-    public FirmwareUpdateLogic(Activity activity) {
-        this.wrappingActivity = activity;
-        this.moduleNames = new StringVector();
-    }
-
-    public UpdatePolicyInfo decideUpdatePolicy(String binPath) {
-        UsbCdcConnection connection = new UsbCdcConnection();
-        if (!connection.FindSupportedDevice(wrappingActivity.getApplicationContext())) {
-            throw new RuntimeException("Supported USB device not found");
-        }
-        if (!connection.OpenConnection()) {
-            throw new RuntimeException("Couldn't open connection to USB device");
-        }
-        FwUpdater.Settings settings = getUpdaterSettings(connection);
-        FwUpdater fwu = new FwUpdater();
-
-        UpdatePolicyInfo updatePolicyInfo = fwu.DecideUpdatePolicy(settings, binPath);
-        connection.CloseConnection();
-        return updatePolicyInfo;
-    }
-
-    private class ProgressHandler extends FwUpdater.EventHandler {
-        private int m_min, m_max;
-
-        public ProgressHandler(int min, int max) {
-            m_min = min;
-            m_max = max;
-        }
-
-        @SuppressLint("DefaultLocale")
-        @Override
-        public void OnProgress(float progress) {
-            wrappingActivity.runOnUiThread(new Runnable() {
-                @Override
-                public void run() {
-                    ProgressBar pb = (ProgressBar) wrappingActivity.findViewById(R.id.update_progress_progressBar);
-                    pb.setProgress((int) (m_min + progress * (m_max - m_min)));
-                }
-            });
-        }
-    }
-
-    public void updateFirmware(String path) {
-        new Thread(new Runnable() {
-            public void run() {
-                UsbCdcConnection connection = new UsbCdcConnection();
-                if (connection == null) {
-                    throw new RuntimeException("Error opening a USB connection");
-                }
-                if (!connection.FindSupportedDevice(wrappingActivity.getApplicationContext())) {
-                    throw new RuntimeException("Supported USB device not found");
-                }
-                if (!connection.OpenConnection()) {
-                    throw new RuntimeException("Couldn't open connection to USB device");
-                }
-                FwUpdater.Settings settings = getUpdaterSettings(connection);
-                FwUpdater fwu = new FwUpdater();
-                UpdatePolicyInfo updatePolicyInfo = fwu.DecideUpdatePolicy(settings, path);
-                UpdatePolicyInfo.UpdatePolicy policy = updatePolicyInfo.getPolicy();
-                if (policy == UpdatePolicyInfo.UpdatePolicy.NOT_ALLOWED || policy == UpdatePolicyInfo.UpdatePolicy.REQUIRE_INTERMEDIATE_FW) {
-                    // shouldn't happen because we check it before we call this function.
-                    return;
-                }
-                String[] fwVersion = new String[]{""};
-                String[] recognitionVersion = new String[]{""};
-                boolean success = fwu.ExtractFwInformation(path, fwVersion, recognitionVersion, moduleNames);
-                if (!success) {
-                    throw new RuntimeException("Couldn't extract firmware information from binary file");
-                }
-                Status updateStatus;
-                if (policy == UpdatePolicyInfo.UpdatePolicy.CONTINOUS) {
-                    FwUpdater.EventHandler handler = new ProgressHandler(0, 100);
-                    updateStatus = fwu.UpdateModules(handler, settings, path, moduleNames);
-                } else {
-                    FwUpdater.EventHandler handler = new ProgressHandler(0, 100 / moduleNames.size());
-                    StringVector OPFWVector = new StringVector();
-                    OPFWVector.add(OPFW);
-                    updateStatus = fwu.UpdateModules(handler, settings, path, OPFWVector);
-                }
-                connection.CloseConnection();
-                if (policy == UpdatePolicyInfo.UpdatePolicy.OPFW_FIRST && updateStatus == Status.Ok) {
-                    // To support FW update process that starts in the loader we first only install
-                    // OPFW. Then reboot to the new OPFW and then install the rest of the modules.
-                    firmwareUpdateSecondGo(path);
-                } else {
-                    // TODO: Use the returned update status.
-                    waitForDevice(connection);
-                    wrappingActivity.runOnUiThread(new Runnable() {
-                        @Override
-                        public void run() {
-                            wrappingActivity.finish();
-                        }
-                    });
-                }
-            }
-        }).start();
-    }
-
-    private void firmwareUpdateSecondGo(String path) {
-        UsbCdcConnection connection = new UsbCdcConnection();
-        waitForDevice(connection);
-        connection.RequestDevicePermission(wrappingActivity.getApplicationContext(), new UsbCdcConnection.PermissionCallback() {
-            @Override
-            public void Response(boolean permissionGranted) {
-                if (permissionGranted && connection.OpenConnection()) {
-                    BurnModels(path, connection);
-                } else {
-                    throw new RuntimeException("Couldn't open connection to USB device");
-                }
-            }
-        });
-    }
-
-    private void BurnModels(String path, UsbCdcConnection connection)
-    {
-        new Thread(new Runnable() {
-            public void run() {
-                FwUpdater.EventHandler handler = new ProgressHandler(100 / 7, 100);
-                FwUpdater.Settings settings = getUpdaterSettings(connection);
-                FwUpdater fwu = new FwUpdater();
-                moduleNames.remove(OPFW);
-                Status s = fwu.UpdateModules(handler, settings, path, moduleNames);
-                connection.CloseConnection();
-                waitForDevice(connection);
-                wrappingActivity.runOnUiThread(new Runnable() {
-                    @Override
-                    public void run () {
-                        wrappingActivity.finish();
-                    }
-                });
-            }
-        }).start();
-    }
-
-    private void waitForDevice(UsbCdcConnection connection) {
-        boolean deviceFound = false;
-        try {
-            Thread.sleep(MIN_WAIT_AFTER_RESTART_MS);
-            int sleepIntervalsMs = 1000;
-            for (int totalWait = MIN_WAIT_AFTER_RESTART_MS; !deviceFound && totalWait <= MAX_WAIT_AFTER_RESTART_MS; totalWait += sleepIntervalsMs)
-            {
-                deviceFound = connection.FindSupportedDevice(wrappingActivity.getApplicationContext());
-                if (!deviceFound) {
-                    Thread.sleep(sleepIntervalsMs);
-                }
-            }
-        } catch (InterruptedException e) {
-            Log.e(this.getClass().getName(), "Exception thrown from sleep waiting to restart the device");
-        }
-        if (!deviceFound) {
-            throw new RuntimeException("Supported USB device not found");
-        }
-    }
-
-    private FwUpdater.Settings getUpdaterSettings(UsbCdcConnection connection) {
-        FwUpdater.Settings settings = new FwUpdater.Settings();
-        AndroidSerialConfig config = new AndroidSerialConfig();
-        config.setFileDescriptor(connection.GetFileDescriptor());
-        config.setReadEndpoint(connection.GetReadEndpointAddress());
-        config.setWriteEndpoint(connection.GetWriteEndpointAddress());
-        settings.setAndroid_config(config);
-        return settings;
-    }
-}
diff --git a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/ImagePoster.java b/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/ImagePoster.java
deleted file mode 100644
index 90c7e9e..0000000
--- a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/ImagePoster.java
+++ /dev/null
@@ -1,67 +0,0 @@
-package com.intel.realsenseid.f450androidexample;
-
-import android.graphics.Bitmap;
-import android.graphics.Canvas;
-import android.graphics.Color;
-import android.graphics.Matrix;
-import android.graphics.Paint;
-import android.graphics.PorterDuff;
-import android.graphics.RectF;
-import android.util.Log;
-import android.view.TextureView;
-
-
-class ImagePoster implements Runnable {
-
-    private static final String TAG = "ImagePoster";
-
-    private static final Paint LANDMARKS_PAINT;
-    private static final Paint DOT_PAINT;
-    private static final float SCALE_X;
-    private static final float SCALE_Y;
-
-    static {
-        SCALE_X = -1;
-        SCALE_Y = 1;
-
-        LANDMARKS_PAINT = new Paint();
-        LANDMARKS_PAINT.setColor(Color.RED);
-
-        DOT_PAINT = new Paint();
-        DOT_PAINT.setColor(Color.YELLOW);
-    }
-
-    private Bitmap m_image;
-    private TextureView m_texture;
-    private Canvas m_canvas;
-    private Matrix m_scaleMatrix;
-
-    ImagePoster(Bitmap image, TextureView texture) {
-        m_image = image;
-        m_texture = texture;
-    }
-
-    public void run() {
-        if (m_texture != null && m_image != null) {
-            m_canvas = m_texture.lockCanvas();
-            try {
-                RectF bitmap_rect = new RectF(0.0F, 0.0F, (float) m_image.getWidth(), (float) m_image.getHeight());
-                if (m_canvas != null) {
-                    RectF canvas_rect = new RectF(-(float) m_canvas.getWidth(), 0.0F, 0.0F, (float) m_canvas.getHeight());
-                    m_scaleMatrix = new Matrix();
-                    m_scaleMatrix.setRectToRect(bitmap_rect, canvas_rect, Matrix.ScaleToFit.CENTER);
-                    m_canvas.scale(SCALE_X, SCALE_Y);
-                    m_canvas.drawColor(Color.TRANSPARENT, PorterDuff.Mode.CLEAR);
-                    m_canvas.drawBitmap(m_image, m_scaleMatrix, null);
-                }
-            } catch (Exception e) {
-                Log.e(TAG, "Failed to draw bitmap!");
-                e.printStackTrace();
-                Log.e(TAG, "run: message" + e.toString());
-            } finally {
-                m_texture.unlockCanvasAndPost(m_canvas);
-            }
-            m_image.recycle();
-        }
-    }
-}
diff --git a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/MainActivity.java b/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/MainActivity.java
deleted file mode 100644
index 5f22a20..0000000
--- a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/MainActivity.java
+++ /dev/null
@@ -1,727 +0,0 @@
-package com.intel.realsenseid.f450androidexample;
-
-import android.Manifest;
-import android.app.Activity;
-import android.content.Context;
-import android.content.DialogInterface;
-import android.content.Intent;
-import android.content.pm.PackageManager;
-import android.os.AsyncTask;
-import android.os.Bundle;
-import android.text.Layout;
-import android.text.method.ScrollingMovementMethod;
-import android.util.Log;
-import android.view.Menu;
-import android.view.MenuItem;
-import android.view.TextureView;
-import android.view.View;
-import android.widget.AdapterView;
-import android.widget.ArrayAdapter;
-import android.widget.EditText;
-import android.widget.ListView;
-import android.widget.TextView;
-import android.widget.Toast;
-
-import com.intel.realsenseid.api.AndroidSerialConfig;
-import com.intel.realsenseid.api.AuthenticateStatus;
-import com.intel.realsenseid.api.AuthenticationCallback;
-import com.intel.realsenseid.api.DeviceConfig;
-import com.intel.realsenseid.api.EnrollStatus;
-import com.intel.realsenseid.api.EnrollmentCallback;
-import com.intel.realsenseid.api.FaceAuthenticator;
-import com.intel.realsenseid.api.FacePose;
-import com.intel.realsenseid.api.Preview;
-import com.intel.realsenseid.api.PreviewConfig;
-import com.intel.realsenseid.api.PreviewMode;
-import com.intel.realsenseid.api.Status;
-import com.intel.realsenseid.impl.UsbCdcConnection;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import androidx.activity.result.ActivityResultLauncher;
-import androidx.activity.result.contract.ActivityResultContracts;
-import androidx.appcompat.app.AlertDialog;
-import androidx.appcompat.app.AppCompatActivity;
-import androidx.appcompat.widget.Toolbar;
-import androidx.core.content.ContextCompat;
-
-
-public class MainActivity extends AppCompatActivity {
-    private static final String TAG = "AndroidF450Sample";
-    private static final FacePose[] enrollmentRequiredPoses = new FacePose[]{FacePose.Center,
-            FacePose.Left, FacePose.Right};
-    public static final int ID_MAX_LENGTH = 30;
-    private UsbCdcConnection m_UsbCdcConnection;
-    FaceAuthenticator m_faceAuthenticator;
-    Preview m_preview;
-    AndroidPreviewImageReadyCallback m_previewCallback;
-
-    private TextView m_messagesTV;
-    private List<Integer> m_buttonIds;
-    private boolean m_flipOrientation;
-    private boolean m_allowMasks;
-    private ArrayList<String> m_userIds;
-    private String m_selectedId;
-    private TextureView m_previewTxv;
-    private static final int MAX_NUMBER_OF_USERS_TO_SHOW = 25;
-    private Menu m_optionsMenu;
-    private FaceAuthenticatorCreator m_faceAuthenticatorCreator;
-    private boolean m_loopRunning;
-
-    private ActivityResultLauncher<String> requestPermissionLauncher =
-            registerForActivityResult(new ActivityResultContracts.RequestPermission(), isGranted -> {
-                if (isGranted) {
-                    launchFilesListActivity();
-                } else {
-                    // Explain to the user that the feature is unavailable because the
-                    // features requires a permission that the user has denied. At the
-                    // same time, respect the user's decision. Don't link to system
-                    // settings in an effort to convince the user to change their
-                    // decision.
-                    new AlertDialog.Builder(this)
-                            .setMessage("Firmware update functionality is disabled due to " +
-                                    "insufficient permissions.\nRead external storage permission" +
-                                    " is required.");
-                }
-            });
-
-
-    @Override
-    protected void onCreate(Bundle savedInstanceState) {
-        super.onCreate(savedInstanceState);
-        setContentView(R.layout.activity_main);
-        Toolbar toolbar = findViewById(R.id.toolbar);
-        setSupportActionBar(toolbar);
-        Log.d(TAG, "onCreate");
-        ShowMainUI();
-        m_messagesTV = (TextView) findViewById(R.id.txt_messages);
-        m_messagesTV.setMovementMethod(new ScrollingMovementMethod());
-        m_buttonIds = new ArrayList<>();
-        m_buttonIds.add(R.id.btn_authenticate);
-        m_buttonIds.add(R.id.btn_authenticateLoop);
-        m_buttonIds.add(R.id.btn_enroll);
-        m_buttonIds.add(R.id.btn_remove);
-        m_buttonIds.add(R.id.btn_remove_all);
-        m_optionsMenu = null;
-        m_flipOrientation = false;
-        m_allowMasks = false;
-        m_userIds = new ArrayList<>();
-        m_selectedId = null;
-        m_previewTxv = (TextureView) findViewById(R.id.txv_preview);
-        m_loopRunning = false;
-        System.loadLibrary("RealSenseIDSwigJNI");
-    }
-
-    @Override
-    public boolean onCreateOptionsMenu(Menu menu) {
-        super.onCreateOptionsMenu(menu);
-        m_optionsMenu = menu;
-        // Inflate the menu; this adds items to the action bar if it is present.
-        getMenuInflater().inflate(R.menu.menu_main, menu);
-        menu.findItem(R.id.action_flip_camera).setChecked(m_flipOrientation);
-        menu.findItem(R.id.action_allow_mask).setChecked(m_allowMasks);
-        return true;
-    }
-
-    private void setAuthSettingsToUI() {
-        if (null == m_optionsMenu) {
-            // Menu not created yet. Items will get the correct values when inflated
-            // We are done here
-            return;
-        }
-        runOnUiThread(new Runnable() {
-            @Override
-            public void run() {
-                m_optionsMenu.findItem(R.id.action_flip_camera).setChecked(m_flipOrientation);
-                m_optionsMenu.findItem(R.id.action_allow_mask).setChecked(m_allowMasks);
-            }
-        });
-    }
-
-    @Override
-    public boolean onOptionsItemSelected(MenuItem item) {
-        int id = item.getItemId();
-        item.setChecked(!item.isChecked());
-        switch (id) {
-            case R.id.action_flip_camera:
-                m_flipOrientation = item.isChecked();
-                ApplyAuthenticationSettings();
-                break;
-            case R.id.action_allow_mask:
-                m_allowMasks = item.isChecked();
-                ApplyAuthenticationSettings();
-                break;
-            case R.id.action_standby:
-                new Thread(new Runnable() {
-                    public void run() {
-                        DoWhileConnected(() -> {
-                            setEnableToList(false);
-                            Status s = m_faceAuthenticator.Standby();
-                            Log.d(TAG, String.format("Standby action status: %s", s.toString()));
-                            setEnableToList(true);
-                        });
-                    }
-                }).start();
-                break;
-            case R.id.action_firmware_update:
-                switchToFirmwareUpdateUI();
-                break;
-            default:
-                /**
-                 * Very un-elegant, but this is a way to make the code that calls Pair and Unpair
-                 * and is supported only in "secured" mode exist in secure mode, and not break
-                 * the compilation of "unsecured" mode, without keeping a clone of
-                 * "MainActivity.java" for each build flavor.
-                 *
-                 *  TODO: Consider re-designing this
-                 */
-                new Thread(new Runnable() {
-                    public void run() {
-                        DoWhileConnected(() -> {
-                            setEnableToList(false);
-                            MenuHelper.HandleSelection(id, m_faceAuthenticator);
-                            setEnableToList(true);
-                        });
-                    }
-                }).start();
-        }
-        return true;
-    }
-
-    private void switchToFirmwareUpdateUI() {
-        if (ContextCompat.checkSelfPermission(
-                this, Manifest.permission.READ_EXTERNAL_STORAGE) == PackageManager.PERMISSION_GRANTED) {
-            launchFilesListActivity();
-        } else if (shouldShowRequestPermissionRationale(Manifest.permission.READ_EXTERNAL_STORAGE)) {
-            new AlertDialog.Builder(this)
-                    .setMessage("Permission to read external storage is required in order to " +
-                            "browse for and read firmware file.")
-                    .setPositiveButton(android.R.string.ok, new DialogInterface.OnClickListener() {
-                        @Override
-                        public void onClick(DialogInterface dialogInterface, int i) {
-                            requestPermissionLauncher.launch(
-                                    Manifest.permission.READ_EXTERNAL_STORAGE);
-                        }
-                    })
-                    .setNegativeButton(android.R.string.cancel, null).show();
-        } else {
-            requestPermissionLauncher.launch(Manifest.permission.READ_EXTERNAL_STORAGE);
-        }
-    }
-
-    private void launchFilesListActivity() {
-        Intent intent = new Intent(this, FilesListActivity.class);
-        startActivity(intent);
-    }
-
-    private void ApplyAuthenticationSettings() {
-        new Thread(new Runnable() {
-            public void run() {
-                DoWhileConnected(() -> {
-                    setEnableToList(false);
-                    Status s = m_faceAuthenticator.SetDeviceConfig(getUIDeviceConfig());
-                    Log.d(TAG, String.format("Setting authentication settings status: %s", s.toString()));
-                    setEnableToList(true);
-                });
-            }
-        }).start();
-    }
-
-    private DeviceConfig getUIDeviceConfig() {
-        DeviceConfig dc = new DeviceConfig();
-        dc.setCamera_rotation(m_flipOrientation ? DeviceConfig.CameraRotation.Rotation_180_Deg : DeviceConfig.CameraRotation.Rotation_0_Deg);
-        dc.setSecurity_level(m_allowMasks ? DeviceConfig.SecurityLevel.Medium : DeviceConfig.SecurityLevel.High);
-        return dc;
-    }
-
-    @Override
-    protected void onStart() {
-        Log.d(TAG, "onStart");
-        super.onStart();
-        buildFaceBiometricsOnThread();
-    }
-
-    @Override
-    protected void onStop() {
-        Log.d(TAG, "onStop");
-        DeconstructFaceAuthenticator();
-        super.onStop();
-    }
-
-    private  void buildPreview(){
-        final Activity activity = this;
-        PreviewConfig previewConfig= new PreviewConfig();
-        AppendToTextView(activity,"Preview starting...");
-        previewConfig.setCameraNumber(m_UsbCdcConnection.GetFileDescriptor());
-        previewConfig.setPreviewMode(PreviewMode.MJPEG_720P);
-        m_preview = new Preview(previewConfig);
-        m_previewCallback = new AndroidPreviewImageReadyCallback(m_previewTxv);
-        m_preview.StartPreview(m_previewCallback);
-        AppendToTextView(activity,"Preview started");
-    }
-
-    private void buildFaceBiometricsOnThread() {
-        final Activity activity = this;
-        AsyncTask.execute(new Runnable() {
-            @Override
-            public void run() {
-                Log.d(TAG, "AsyncTask: buildFaceBiometricsOnThread");
-                m_UsbCdcConnection = new UsbCdcConnection();
-                if (m_UsbCdcConnection != null) {
-                    Context applicationContext = MainActivity.this.getApplicationContext();
-                    Log.d(TAG, "The class UsbCdcConnection was created");
-                    if (!m_UsbCdcConnection.FindSupportedDevice(applicationContext)) {
-                        AppendToTextView(activity, getResources().getString(R.string.device_not_found));
-                        Log.e(TAG, "Supported USB device not found");
-                        DeconstructFaceAuthenticator();
-                        return;
-                    }
-                    m_UsbCdcConnection.RequestDevicePermission(applicationContext, new UsbCdcConnection.PermissionCallback() {
-
-                        @Override
-                        public void Response(boolean permissionGranted) {
-                            if (permissionGranted && m_UsbCdcConnection.OpenConnection()) {
-                                m_faceAuthenticatorCreator = new FaceAuthenticatorCreator();
-                                AndroidSerialConfig androidSerialConfig = new AndroidSerialConfig();
-                                androidSerialConfig.setFileDescriptor(m_UsbCdcConnection.GetFileDescriptor());
-                                androidSerialConfig.setReadEndpoint(m_UsbCdcConnection.GetReadEndpointAddress());
-                                androidSerialConfig.setWriteEndpoint(m_UsbCdcConnection.GetWriteEndpointAddress());
-                                m_faceAuthenticator = m_faceAuthenticatorCreator.Create(androidSerialConfig);
-                                if (null != m_faceAuthenticator) {
-                                    Log.d(TAG, "FaceAuthenticator class was created");
-                                    DoWhileConnected(() -> {
-                                        updateUIAuthSettingsFromDevice();
-                                    });
-                                    setEnableToList(true);
-                                    buildPreview();
-                                    return;
-                                }
-                            } else {
-                                AppendToTextView(activity, getResources().getString(R.string.permission_not_granted));
-                            }
-                            Log.e(TAG, "Error creating the class FaceAuthenticator");
-                            DeconstructFaceAuthenticator();
-                        }
-                    });
-                }
-            }
-        });
-    }
-
-    private void updateUIAuthSettingsFromDevice() {
-        DeviceConfig dc = new DeviceConfig();
-        m_faceAuthenticator.QueryDeviceConfig(dc);
-        m_flipOrientation = dc.getCamera_rotation() == DeviceConfig.CameraRotation.Rotation_180_Deg;
-        m_allowMasks = dc.getSecurity_level() == DeviceConfig.SecurityLevel.Medium;
-        setAuthSettingsToUI();
-    }
-
-    private void setEnableToList(boolean b) {
-        runOnUiThread(new Runnable() {
-            @Override
-            public void run() {
-                for (int button : m_buttonIds) {
-                    findViewById(button).setEnabled(b);
-                }
-            }
-        });
-    }
-
-    private void DeconstructFaceAuthenticator() {
-        if (m_loopRunning) {
-            StopAuthenticationLoop();
-            m_loopRunning = false;
-        }
-
-        if (m_preview != null) {
-            m_preview.StopPreview();
-        }
-
-        if (m_faceAuthenticator != null) {
-            m_faceAuthenticator.Disconnect();
-            m_faceAuthenticator = null;
-        }
-
-        if (m_UsbCdcConnection != null) {
-            m_UsbCdcConnection.CloseConnection();
-            m_UsbCdcConnection = null;
-        }
-    }
-
-    @Override
-    protected void onResume() {
-        super.onResume();
-        Log.d(TAG, "onResume");
-    }
-
-    @Override
-    protected void onPause() {
-        Log.d(TAG, "onPause");
-        super.onPause();
-    }
-
-    public void ExecuteEnrollment(View view) {
-        ShowEnrollmentUI();
-    }
-
-    public void AppendToTextView(final Activity activity, final String msg) {
-        final TextView tv = m_messagesTV;
-        activity.runOnUiThread(new Runnable() {
-            public void run() {
-                tv.append(msg + "\n");
-                final Layout layout = tv.getLayout();
-                if (layout != null) {
-                    int delta = layout.getLineBottom(tv.getLineCount() - 1) - tv.getScrollY()
-                            - tv.getHeight();
-                    if (delta > 0)
-                        tv.scrollBy(0, delta);
-                }
-            }
-        });
-    }
-
-    public void ExecuteEnrollOk(View view) {
-        Log.d(TAG, "ExecuteEnrollment");
-        if (m_faceAuthenticator == null) {
-            Log.d(TAG, "faceAuthenticator is null");
-            return;
-        }
-        setEnableToList(false);
-        final Activity activity = this;
-        new Thread(new Runnable() {
-            public void run() {
-                EditText userIdText = (EditText) findViewById(R.id.txt_user_id);
-                String UserId = userIdText.getText().toString();
-
-                EnrollmentPoseTracker poseTracker = new EnrollmentPoseTracker(enrollmentRequiredPoses);
-                EnrollmentCallback enrollmentCallback = new EnrollmentCallback() {
-                    public void OnResult(EnrollStatus status) {
-                        if (status == EnrollStatus.Success) {
-                            Log.d(TAG, "Enrollment completed successfully");
-                            AppendToTextView(activity, getResources().getString(R.string.enroll_success));
-                        } else {
-                            String msg = String.format("Enrollment failed with status %s",
-                                    status.toString());
-                            Log.d(TAG, msg);
-                            AppendToTextView(activity, msg);
-                        }
-                    }
-
-                    public void OnProgress(FacePose pose) {
-                        poseTracker.markPoseCheck(pose);
-                        FacePose nextPose = poseTracker.getNext();
-                        if (nextPose != null) {
-                            ToastOnUIThread(activity, "Turn face towards: " + nextPose.toString(), Toast.LENGTH_SHORT);
-                            Log.d(TAG, String.format("Enrollment progress. pose: %s", pose.toString()));
-                        }
-                    }
-
-                    public void OnHint(EnrollStatus hint) {
-                        Log.d(TAG, String.format("Enrollment hint: %s", hint.toString()));
-                        if (hint != EnrollStatus.CameraStarted && hint != EnrollStatus.CameraStopped && hint != EnrollStatus.FaceDetected && hint != EnrollStatus.LedFlowSuccess)
-                            AppendToTextView(activity, hint.toString());
-                    }
-                };
-                DoWhileConnected(() -> {
-                    Status enrollStatus = m_faceAuthenticator.Enroll(enrollmentCallback, UserId);
-                    Log.d(TAG, "Enrollment done with status: " + enrollStatus.toString());
-                    setEnableToList(true);
-                });
-            }
-        }).start();
-        ShowMainUI();
-    }
-
-    void DoWhileConnected(ConnectionWrappedFunction f) {
-        AndroidSerialConfig config = new AndroidSerialConfig();
-        config.setFileDescriptor(m_UsbCdcConnection.GetFileDescriptor());
-        config.setReadEndpoint(m_UsbCdcConnection.GetReadEndpointAddress());
-        config.setWriteEndpoint(m_UsbCdcConnection.GetWriteEndpointAddress());
-        m_faceAuthenticator.Connect(config);
-        f.Do();
-        if (m_faceAuthenticator != null)
-            m_faceAuthenticator.Disconnect();
-    }
-
-
-    public void ExecuteEnrollCancel(View view) {
-        ShowMainUI();
-    }
-
-    private void ShowEnrollmentUI() {
-        findViewById(R.id.ll_authenticate).setVisibility(View.GONE);
-        findViewById(R.id.btn_authenticate).setVisibility(View.GONE);
-        findViewById(R.id.btn_authenticateLoop).setVisibility(View.GONE);
-        findViewById(R.id.btn_enroll).setVisibility(View.GONE);
-        findViewById(R.id.btn_remove).setVisibility(View.GONE);
-        EditText et = (EditText) findViewById(R.id.txt_user_id);
-        et.setText("");
-        et.setVisibility(View.VISIBLE);
-        findViewById(R.id.btn_enroll_ok).setVisibility(View.VISIBLE);
-        findViewById(R.id.btn_enroll_cancel).setVisibility(View.VISIBLE);
-    }
-
-    private void ShowMainUI() {
-        findViewById(R.id.txv_preview).setVisibility(View.VISIBLE);
-        findViewById(R.id.ll_authenticate).setVisibility(View.VISIBLE);
-        findViewById(R.id.btn_authenticate).setVisibility(View.VISIBLE);
-        findViewById(R.id.btn_authenticateLoop).setVisibility(View.VISIBLE);
-        findViewById(R.id.btn_enroll).setVisibility(View.VISIBLE);
-        findViewById(R.id.btn_remove).setVisibility(View.VISIBLE);
-        findViewById(R.id.txt_user_id).setVisibility(View.GONE);
-        findViewById(R.id.btn_enroll_ok).setVisibility(View.GONE);
-        findViewById(R.id.btn_enroll_cancel).setVisibility(View.GONE);
-        findViewById(R.id.lst_enrolled_ids).setVisibility(View.GONE);
-        findViewById(R.id.btn_remove_selected).setVisibility(View.GONE);
-        findViewById(R.id.btn_remove_all).setVisibility(View.GONE);
-        findViewById(R.id.btn_back_from_remove).setVisibility(View.GONE);
-    }
-
-    private void ShowRemoveUI() {
-        findViewById(R.id.txv_preview).setVisibility(View.GONE);
-        findViewById(R.id.ll_authenticate).setVisibility(View.GONE);
-        findViewById(R.id.btn_authenticate).setVisibility(View.GONE);
-        findViewById(R.id.btn_authenticateLoop).setVisibility(View.GONE);
-        findViewById(R.id.btn_enroll).setVisibility(View.GONE);
-        findViewById(R.id.btn_remove).setVisibility(View.GONE);
-        findViewById(R.id.lst_enrolled_ids).setVisibility(View.VISIBLE);
-        findViewById(R.id.btn_remove_selected).setVisibility(View.VISIBLE);
-        findViewById(R.id.btn_remove_all).setVisibility(View.VISIBLE);
-        findViewById(R.id.btn_back_from_remove).setVisibility(View.VISIBLE);
-    }
-
-    public void ExecuteAuthentication(View view) {
-        Log.d(TAG, "ExecuteAuthentication");
-        if (m_faceAuthenticator == null) {
-            Log.d(TAG, "faceAuthenticator is null");
-            return;
-        }
-        setEnableToList(false);
-        final Activity activity = this;
-        new Thread(new Runnable() {
-            @Override
-            public void run() {
-                // a potentially time consuming task
-                AuthenticationCallback authenticationCallback = new AuthenticationCallback() {
-                    public void OnResult(AuthenticateStatus status, String userId) {
-                        if (status == AuthenticateStatus.Success) {
-                            Log.d(TAG, String.format("Authentication allowed. UserId %s", userId));
-                            AppendToTextView(activity, getResources().getString(R.string.authenticate_greet) + " " + userId);
-                        } else {
-                            Log.d(TAG, "Authentication forbidden");
-                            AppendToTextView(activity, getResources().getString(R.string.authenticate_forbidden));
-                        }
-                    }
-
-                    public void OnHint(AuthenticateStatus hint) {
-                        Log.d(TAG, String.format("Authentication hint: %s", hint.toString()));
-                        if (hint != AuthenticateStatus.CameraStarted && hint != AuthenticateStatus.CameraStopped && hint != AuthenticateStatus.FaceDetected && hint != AuthenticateStatus.LedFlowSuccess)
-                            AppendToTextView(activity, hint.toString());
-                    }
-                };
-                DoWhileConnected(() -> {
-                    Status authenticateStatus = m_faceAuthenticator.Authenticate(authenticationCallback);
-                    Log.d(TAG, "Authentication done with status: " + authenticateStatus.toString());
-                    setEnableToList(true);
-                });
-            }
-        }).start();
-    }
-
-    private void StopAuthenticationLoop() {
-        Status status = m_faceAuthenticator.Cancel();
-        Log.d(TAG, "Authentication cancel done with status: " + status.toString());
-    }
-
-    public void ExecuteAuthenticationLoop(View view) {
-        Log.d(TAG, "ExecuteAuthenticationLoop");
-        if (m_faceAuthenticator == null) {
-            Log.d(TAG, "faceAuthenticator is null");
-            return;
-        }
-
-        if (m_loopRunning) {
-            StopAuthenticationLoop();
-            m_loopRunning = false;
-            return;
-        }
-
-        setEnableToList(false);
-        m_loopRunning = true;
-        findViewById(R.id.btn_authenticateLoop).setEnabled(true);
-        final Activity activity = this;
-        new Thread(new Runnable() {
-            @Override
-            public void run() {
-                // a potentially time consuming task
-                AuthenticationCallback authenticationCallback = new AuthenticationCallback() {
-                    public void OnResult(AuthenticateStatus status, String userId) {
-                        if (status == AuthenticateStatus.Success) {
-                            Log.d(TAG, String.format("Authentication allowed. UserId %s", userId));
-                            AppendToTextView(activity, getResources().getString(R.string.authenticate_greet) + " " + userId);
-                        }
-                    }
-
-                    public void OnHint(AuthenticateStatus hint) {
-                        Log.d(TAG, String.format("Authentication hint: %s", hint.toString()));
-                    }
-                };
-                DoWhileConnected(() -> {
-                    Status authenticateStatus = m_faceAuthenticator.AuthenticateLoop(authenticationCallback);
-                    Log.d(TAG, "AuthenticationLoop done with status: " + authenticateStatus.toString());
-                    setEnableToList(true);
-                });
-
-            }
-        }).start();
-    }
-
-    public void ExecuteShowRemoveUI(View view) {
-        Log.d(TAG, "ExecuteShowRemoveUI");
-        if (m_faceAuthenticator == null) {
-            Log.d(TAG, "faceAuthenticator is null");
-            return;
-        }
-        m_userIds.clear();
-        findViewById(R.id.btn_remove_selected).setEnabled(false);
-        setEnableToList(false);
-        ShowRemoveUI();
-        new Thread(new Runnable() {
-            @Override
-            public void run() {
-                DoWhileConnected(() -> {
-                    FetchUserIds();
-                    UpdateUsersList();
-                    setEnableToList(true);
-                });
-            }
-        }).start();
-    }
-
-    private AdapterView.OnItemClickListener userIdClickedHandler = new AdapterView.OnItemClickListener() {
-        public void onItemClick(AdapterView parent, View v, int position, long id) {
-            m_selectedId = m_userIds.get(position);
-            findViewById(R.id.btn_remove_selected).setEnabled(true);
-        }
-    };
-
-    private void UpdateUsersList() {
-        ArrayAdapter<String> adapter = new ArrayAdapter<String>(this,
-                android.R.layout.simple_list_item_1, m_userIds);
-        runOnUiThread(new Runnable() {
-            @Override
-            public void run() {
-                ListView listView = (ListView) findViewById(R.id.lst_enrolled_ids);
-                listView.setAdapter(adapter);
-                listView.setOnItemClickListener(userIdClickedHandler);
-            }
-        });
-
-    }
-
-    public void ExecuteRemoveAll(View view) {
-        Log.d(TAG, "ExecuteRemoveAll");
-        if (m_faceAuthenticator == null) {
-            Log.d(TAG, "faceAuthenticator is null");
-            return;
-        }
-
-        setEnableToList(false);
-        final Activity activity = this;
-        new Thread(new Runnable() {
-            @Override
-            public void run() {
-                DoWhileConnected(() -> {
-                    Status res = m_faceAuthenticator.RemoveAll();
-                    if (res.equals(Status.Ok)) {
-                        AppendToTextView(activity, getResources().getString(R.string.remove_all_success));
-                        m_userIds.clear();
-                    }
-                    else {
-                        AppendToTextView(activity, getResources().getString(R.string.remove_all_fail));
-                    }
-                    Log.d(TAG, "RemoveAll done with res: " + res);
-                    FetchUserIds();
-                    setEnableToList(true);
-                });
-                UpdateUsersList();
-            }
-        }).start();
-    }
-
-    public void ExecuteClearMessages(View view) {
-        m_messagesTV.setText("");
-        m_messagesTV.scrollTo(0, 0);
-    }
-
-    public void ExecuteBackFromRemove(View view) {
-        ShowMainUI();
-    }
-
-    private void NotifyAboutDeviceQuery() {
-        final Activity activity = this;
-        ToastOnUIThread(activity, "Querying device for user IDs...", Toast.LENGTH_SHORT);
-    }
-
-    private void ToastOnUIThread(Activity activity, String text, int toastLength) {
-        runOnUiThread(new Runnable() {
-            @Override
-            public void run() {
-                Toast.makeText(activity, text, toastLength).show();
-            }
-        });
-    }
-
-    private void FetchUserIds() {
-        NotifyAboutDeviceQuery();
-        long[] numberOfUsers = new long[] {0};
-        Status s = m_faceAuthenticator.QueryNumberOfUsers(numberOfUsers);
-        if (s != Status.Ok) {
-            AppendToTextView(this, "Failed to query number of users");
-            return;
-        }
-        m_userIds.clear();
-        if (numberOfUsers[0] <= 0) {
-            return;
-        }
-        String[] ids = new String[(int) numberOfUsers[0]];
-        for (int i = 0 ; i < ids.length ; ++i) {
-            ids[i] = new String(new char[ID_MAX_LENGTH]); // string of ID_MAX_LENGTH characters as a placeholder. not including \0 at the end that is required in char[]
-        }
-        long[] numOfIds = new long[]{ids.length};
-        s = m_faceAuthenticator.QueryUserIds(ids, numOfIds);
-        if (s == Status.Ok) {
-            for (int i = 0 ; i<numOfIds[0] ; ++i) {
-                m_userIds.add(ids[i]);
-            }
-        } else  {
-            AppendToTextView(this, "Failed to query users");
-        }
-    }
-
-    public void RemoveSelected(View view) {
-        setEnableToList(false);
-        findViewById(R.id.btn_remove_selected).setEnabled(false);
-        final Activity activity = this;
-        new Thread(new Runnable() {
-            @Override
-            public void run() {
-                DoWhileConnected(() -> {
-                    Status res = m_faceAuthenticator.RemoveUser(m_selectedId);
-                    if (res.equals(Status.Ok)) {
-                        AppendToTextView(activity, "Removed user: " + m_selectedId);
-                        m_userIds.clear();
-                    }
-                    else {
-                        AppendToTextView(activity, "Failed to remove user");
-                    }
-                    Log.d(TAG, "Remove selected done with res: " + res);
-                    FetchUserIds();
-                    setEnableToList(true);
-                });
-                UpdateUsersList();
-            }
-        }).start();
-    }
-}
\ No newline at end of file
diff --git a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/UpdateProgressFragment.java b/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/UpdateProgressFragment.java
deleted file mode 100644
index 237dadd..0000000
--- a/tools/rsid-android-app/app/src/main/java/com/intel/realsenseid/f450androidexample/UpdateProgressFragment.java
+++ /dev/null
@@ -1,18 +0,0 @@
-package com.intel.realsenseid.f450androidexample;
-
-import android.os.Bundle;
-import android.view.LayoutInflater;
-import android.view.View;
-import android.view.ViewGroup;
-
-import androidx.annotation.NonNull;
-import androidx.annotation.Nullable;
-import androidx.fragment.app.Fragment;
-
-public class UpdateProgressFragment extends Fragment {
-    @Nullable
-    @Override
-    public View onCreateView(@NonNull LayoutInflater inflater, @Nullable ViewGroup container, @Nullable Bundle savedInstanceState) {
-        return inflater.inflate(R.layout.fragment_update_progress, container, false);
-    }
-}
diff --git a/tools/rsid-android-app/app/src/main/res/drawable-v24/ic_launcher_foreground.xml b/tools/rsid-android-app/app/src/main/res/drawable-v24/ic_launcher_foreground.xml
deleted file mode 100644
index 2b068d1..0000000
--- a/tools/rsid-android-app/app/src/main/res/drawable-v24/ic_launcher_foreground.xml
+++ /dev/null
@@ -1,30 +0,0 @@
-<vector xmlns:android="http://schemas.android.com/apk/res/android"
-    xmlns:aapt="http://schemas.android.com/aapt"
-    android:width="108dp"
-    android:height="108dp"
-    android:viewportWidth="108"
-    android:viewportHeight="108">
-    <path android:pathData="M31,63.928c0,0 6.4,-11 12.1,-13.1c7.2,-2.6 26,-1.4 26,-1.4l38.1,38.1L107,108.928l-32,-1L31,63.928z">
-        <aapt:attr name="android:fillColor">
-            <gradient
-                android:endX="85.84757"
-                android:endY="92.4963"
-                android:startX="42.9492"
-                android:startY="49.59793"
-                android:type="linear">
-                <item
-                    android:color="#44000000"
-                    android:offset="0.0" />
-                <item
-                    android:color="#00000000"
-                    android:offset="1.0" />
-            </gradient>
-        </aapt:attr>
-    </path>
-    <path
-        android:fillColor="#FFFFFF"
-        android:fillType="nonZero"
-        android:pathData="M65.3,45.828l3.8,-6.6c0.2,-0.4 0.1,-0.9 -0.3,-1.1c-0.4,-0.2 -0.9,-0.1 -1.1,0.3l-3.9,6.7c-6.3,-2.8 -13.4,-2.8 -19.7,0l-3.9,-6.7c-0.2,-0.4 -0.7,-0.5 -1.1,-0.3C38.8,38.328 38.7,38.828 38.9,39.228l3.8,6.6C36.2,49.428 31.7,56.028 31,63.928h46C76.3,56.028 71.8,49.428 65.3,45.828zM43.4,57.328c-0.8,0 -1.5,-0.5 -1.8,-1.2c-0.3,-0.7 -0.1,-1.5 0.4,-2.1c0.5,-0.5 1.4,-0.7 2.1,-0.4c0.7,0.3 1.2,1 1.2,1.8C45.3,56.528 44.5,57.328 43.4,57.328L43.4,57.328zM64.6,57.328c-0.8,0 -1.5,-0.5 -1.8,-1.2s-0.1,-1.5 0.4,-2.1c0.5,-0.5 1.4,-0.7 2.1,-0.4c0.7,0.3 1.2,1 1.2,1.8C66.5,56.528 65.6,57.328 64.6,57.328L64.6,57.328z"
-        android:strokeWidth="1"
-        android:strokeColor="#00000000" />
-</vector>
\ No newline at end of file
diff --git a/tools/rsid-android-app/app/src/main/res/drawable/ic_launcher_background.xml b/tools/rsid-android-app/app/src/main/res/drawable/ic_launcher_background.xml
deleted file mode 100644
index 07d5da9..0000000
--- a/tools/rsid-android-app/app/src/main/res/drawable/ic_launcher_background.xml
+++ /dev/null
@@ -1,170 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<vector xmlns:android="http://schemas.android.com/apk/res/android"
-    android:width="108dp"
-    android:height="108dp"
-    android:viewportWidth="108"
-    android:viewportHeight="108">
-    <path
-        android:fillColor="#3DDC84"
-        android:pathData="M0,0h108v108h-108z" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M9,0L9,108"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M19,0L19,108"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M29,0L29,108"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M39,0L39,108"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M49,0L49,108"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M59,0L59,108"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M69,0L69,108"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M79,0L79,108"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M89,0L89,108"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M99,0L99,108"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M0,9L108,9"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M0,19L108,19"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M0,29L108,29"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M0,39L108,39"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M0,49L108,49"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M0,59L108,59"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M0,69L108,69"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M0,79L108,79"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M0,89L108,89"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M0,99L108,99"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M19,29L89,29"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M19,39L89,39"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M19,49L89,49"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M19,59L89,59"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M19,69L89,69"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M19,79L89,79"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M29,19L29,89"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M39,19L39,89"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M49,19L49,89"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M59,19L59,89"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M69,19L69,89"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-    <path
-        android:fillColor="#00000000"
-        android:pathData="M79,19L79,89"
-        android:strokeWidth="0.8"
-        android:strokeColor="#33FFFFFF" />
-</vector>
diff --git a/tools/rsid-android-app/app/src/main/res/layout/activity_main.xml b/tools/rsid-android-app/app/src/main/res/layout/activity_main.xml
deleted file mode 100644
index 934f196..0000000
--- a/tools/rsid-android-app/app/src/main/res/layout/activity_main.xml
+++ /dev/null
@@ -1,242 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<androidx.constraintlayout.widget.ConstraintLayout xmlns:android="http://schemas.android.com/apk/res/android"
-    xmlns:app="http://schemas.android.com/apk/res-auto"
-    xmlns:tools="http://schemas.android.com/tools"
-    android:layout_width="match_parent"
-    android:layout_height="match_parent"
-    tools:context=".MainActivity">
-
-    <com.google.android.material.appbar.AppBarLayout
-        android:layout_width="match_parent"
-        android:layout_height="wrap_content"
-        android:theme="@style/Theme.MyApplication.AppBarOverlay"
-        android:id="@+id/appBarLayout">
-
-        <androidx.appcompat.widget.Toolbar
-            android:id="@+id/toolbar"
-            android:layout_width="match_parent"
-            android:layout_height="?attr/actionBarSize"
-            android:background="?attr/colorPrimary"
-            app:popupTheme="@style/Theme.MyApplication.PopupOverlay" />
-
-    </com.google.android.material.appbar.AppBarLayout>
-
-
-    <LinearLayout
-        android:layout_width="0dp"
-        android:layout_height="0dp"
-        app:layout_constrainedWidth="false"
-        app:layout_constraintBottom_toBottomOf="parent"
-        app:layout_constraintStart_toStartOf="parent"
-        app:layout_constraintTop_toBottomOf="@+id/appBarLayout"
-        app:layout_constraintWidth_default="percent"
-        app:layout_constraintWidth_percent=".4"
-        android:orientation="vertical"
-        android:weightSum="9">
-
-        <TextView
-            android:id="@+id/txt_messages"
-            android:layout_width="match_parent"
-            android:layout_height="0dp"
-            android:isScrollContainer="false"
-            android:scrollbars="vertical"
-            android:singleLine="false"
-            android:background="#f0f0f0"
-            android:textSize="18dp"
-            android:layout_weight="8"/>
-
-        <Button
-            android:id="@+id/btn_clear_messages"
-            android:layout_width="240dp"
-            android:layout_height="0dp"
-            android:onClick="ExecuteClearMessages"
-            android:text="@string/btn_clear_messages"
-            android:layout_marginTop="4dp"
-            android:layout_marginBottom="4dp"
-            android:layout_gravity="center"
-            android:layout_weight="1"
-            android:textSize="18dp"
-            />
-    </LinearLayout>
-
-    <LinearLayout
-        android:layout_width="0dp"
-        android:layout_height="0dp"
-        app:layout_constrainedWidth="false"
-        app:layout_constraintBottom_toBottomOf="parent"
-        app:layout_constraintEnd_toEndOf="parent"
-        app:layout_constraintWidth_default="percent"
-        app:layout_constraintTop_toBottomOf="@+id/appBarLayout"
-        app:layout_constraintWidth_percent=".6"
-        android:orientation="vertical"
-        android:weightSum="9">
-
-        <TextureView
-            android:id="@+id/txv_preview"
-            android:layout_width="match_parent"
-            android:layout_height="0dp"
-            android:text="Preview Placeholder"
-            android:gravity="center_vertical|center_horizontal"
-            android:textSize="42dp"
-            android:layout_weight="6" />
-
-        <LinearLayout
-            android:id="@+id/ll_authenticate"
-            android:layout_width="240dp"
-            android:layout_height="0dp"
-            android:orientation="horizontal"
-            android:layout_weight="1"
-            android:layout_gravity="center"
-            android:layout_marginTop="4dp"
-            android:layout_marginBottom="4dp"
-            android:weightSum="5">
-
-            <Button
-                android:id="@+id/btn_authenticate"
-                android:layout_width="0dp"
-                android:layout_height="match_parent"
-                android:layout_marginTop="0dp"
-                android:layout_marginBottom="0dp"
-                android:layout_weight="4"
-                android:textSize="18dp"
-                android:enabled="false"
-                android:onClick="ExecuteAuthentication"
-                android:text="@string/btn_authenticate" />
-
-            <Button
-                android:id="@+id/btn_authenticateLoop"
-                android:layout_width="0dp"
-                android:layout_height="match_parent"
-                android:layout_marginTop="0dp"
-                android:layout_marginBottom="0dp"
-                android:layout_weight="1"
-                android:enabled="false"
-                android:onClick="ExecuteAuthenticationLoop"
-                android:textSize="18dp"
-                app:icon="@android:drawable/stat_notify_sync"
-                android:paddingLeft="12dp"/>
-
-        </LinearLayout>
-
-        <Button
-            android:id="@+id/btn_enroll"
-            android:layout_width="240dp"
-            android:layout_height="0dp"
-            android:layout_marginTop="4dp"
-            android:layout_marginBottom="4dp"
-            android:layout_gravity="center"
-            android:layout_weight="1"
-            android:textSize="18dp"
-            android:enabled="false"
-            android:onClick="ExecuteEnrollment"
-            android:text="@string/btn_enroll" />
-
-        <Button
-            android:id="@+id/btn_remove"
-            android:layout_width="240dp"
-            android:layout_height="0dp"
-            android:layout_marginTop="4dp"
-            android:layout_marginBottom="4dp"
-            android:layout_gravity="center"
-            android:layout_weight="1"
-            android:textSize="18dp"
-            android:enabled="false"
-            android:onClick="ExecuteShowRemoveUI"
-            android:text="@string/btn_remove" />
-
-        <!-- Remove user UI -->
-        <ListView
-            android:id="@+id/lst_enrolled_ids"
-            android:layout_width="match_parent"
-            android:layout_height="0dp"
-            android:isScrollContainer="false"
-            android:scrollbars="vertical"
-            android:singleLine="false"
-            android:background="#ffffff"
-            android:textSize="24dp"
-            android:layout_weight="6"
-            android:choiceMode="singleChoice"
-            android:listSelector="@android:color/holo_blue_bright"/>
-
-        <Button
-            android:id="@+id/btn_remove_selected"
-            android:layout_width="240dp"
-            android:layout_height="0dp"
-            android:layout_marginTop="4dp"
-            android:layout_marginBottom="4dp"
-            android:layout_gravity="center"
-            android:layout_weight="1"
-            android:onClick="RemoveSelected"
-            android:enabled="false"
-            android:text="@string/btn_remove_selected"
-            android:textSize="18dp" />
-
-        <Button
-            android:id="@+id/btn_remove_all"
-            android:layout_width="240dp"
-            android:layout_height="0dp"
-            android:layout_marginTop="4dp"
-            android:layout_marginBottom="4dp"
-            android:layout_gravity="center"
-            android:layout_weight="1"
-            android:textSize="18dp"
-            android:onClick="ExecuteRemoveAll"
-            android:text="@string/btn_remove_all" />
-
-        <Button
-            android:id="@+id/btn_back_from_remove"
-            android:layout_width="240dp"
-            android:layout_height="0dp"
-            android:layout_marginTop="4dp"
-            android:layout_marginBottom="4dp"
-            android:layout_gravity="center"
-            android:layout_weight="1"
-            android:onClick="ExecuteBackFromRemove"
-            android:text="@string/btn_back_from_remove"
-            android:textSize="18dp" />
-
-        <EditText
-            android:id="@+id/txt_user_id"
-            android:layout_width="240dp"
-            android:layout_height="0dp"
-            android:layout_weight="1"
-            android:layout_gravity="center"
-            android:ems="10"
-            android:hint="User ID"
-            android:inputType="textPersonName|textCapWords"
-            android:text="" />
-
-        <LinearLayout
-            android:layout_width="240dp"
-            android:layout_height="0dp"
-            android:layout_weight="1"
-            android:layout_gravity="center"
-            android:orientation="horizontal"
-            android:weightSum="2">
-
-            <Button
-                android:id="@+id/btn_enroll_ok"
-                android:layout_width="0dp"
-                android:layout_height="wrap_content"
-                android:layout_gravity="left"
-                android:layout_marginRight="4dp"
-                android:layout_weight="1"
-                android:onClick="ExecuteEnrollOk"
-                android:text="Ok"
-                android:textSize="18dp" />
-
-            <Button
-                android:id="@+id/btn_enroll_cancel"
-                android:layout_width="0dp"
-                android:layout_height="wrap_content"
-                android:layout_gravity="right"
-                android:layout_marginLeft="4dp"
-                android:layout_weight="1"
-                android:onClick="ExecuteEnrollCancel"
-                android:text="Cancel"
-                android:textSize="18dp" />
-        </LinearLayout>
-
-    </LinearLayout>
-
-</androidx.constraintlayout.widget.ConstraintLayout>
\ No newline at end of file
diff --git a/tools/rsid-android-app/app/src/main/res/layout/files_list_activity.xml b/tools/rsid-android-app/app/src/main/res/layout/files_list_activity.xml
deleted file mode 100644
index e94dbc9..0000000
--- a/tools/rsid-android-app/app/src/main/res/layout/files_list_activity.xml
+++ /dev/null
@@ -1,18 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<androidx.coordinatorlayout.widget.CoordinatorLayout xmlns:android="http://schemas.android.com/apk/res/android"
-xmlns:app="http://schemas.android.com/apk/res-auto"
-xmlns:tools="http://schemas.android.com/tools"
-android:layout_width="match_parent"
-android:id="@+id/coordinatorLayout"
-android:layout_height="match_parent"
-tools:context=".FilesListActivity">
-
-<FrameLayout
-    app:layout_behavior="@string/appbar_scrolling_view_behavior"
-    android:layout_width="match_parent"
-    android:layout_height="match_parent"
-    android:id="@+id/container">
-
-</FrameLayout>
-
-</androidx.coordinatorlayout.widget.CoordinatorLayout>
\ No newline at end of file
diff --git a/tools/rsid-android-app/app/src/main/res/layout/fragment_files_list.xml b/tools/rsid-android-app/app/src/main/res/layout/fragment_files_list.xml
deleted file mode 100644
index e9443f8..0000000
--- a/tools/rsid-android-app/app/src/main/res/layout/fragment_files_list.xml
+++ /dev/null
@@ -1,40 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<androidx.constraintlayout.widget.ConstraintLayout
-    xmlns:android="http://schemas.android.com/apk/res/android"
-    xmlns:app="http://schemas.android.com/apk/res-auto"
-    android:layout_width="match_parent"
-    android:layout_height="match_parent">
-
-    <androidx.recyclerview.widget.RecyclerView
-        android:id="@+id/files_recycler_view"
-        android:layout_width="match_parent"
-        android:layout_height="match_parent"
-        app:layout_behavior="@string/appbar_scrolling_view_behavior" />
-
-    <LinearLayout
-        android:id="@+id/empty_folder_layout"
-        android:layout_width="wrap_content"
-        android:layout_height="wrap_content"
-        android:orientation="vertical"
-        android:gravity="center"
-        app:layout_constraintBottom_toBottomOf="parent"
-        app:layout_constraintLeft_toLeftOf="parent"
-        app:layout_constraintRight_toRightOf="parent"
-        app:layout_constraintTop_toTopOf="parent">
-
-        <TextView
-            android:layout_width="wrap_content"
-            android:layout_marginTop="16dp"
-            android:layout_height="wrap_content"
-            android:textSize="16sp"
-            android:textStyle="bold"
-            android:text="There is nothing here!"/>
-
-        <TextView
-            android:layout_width="wrap_content"
-            android:layout_height="wrap_content"
-            android:textSize="12sp"
-            android:text="Empty Folder."/>
-    </LinearLayout>
-
-</androidx.constraintlayout.widget.ConstraintLayout>
\ No newline at end of file
diff --git a/tools/rsid-android-app/app/src/main/res/layout/fragment_update_progress.xml b/tools/rsid-android-app/app/src/main/res/layout/fragment_update_progress.xml
deleted file mode 100644
index f759b7a..0000000
--- a/tools/rsid-android-app/app/src/main/res/layout/fragment_update_progress.xml
+++ /dev/null
@@ -1,41 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<androidx.constraintlayout.widget.ConstraintLayout
-    xmlns:android="http://schemas.android.com/apk/res/android"
-    xmlns:app="http://schemas.android.com/apk/res-auto"
-    android:layout_width="match_parent"
-    android:layout_height="match_parent">
-
-    <LinearLayout
-        android:id="@+id/update_progress_layout"
-        android:layout_width="wrap_content"
-        android:layout_height="wrap_content"
-        android:orientation="vertical"
-        android:gravity="center"
-        app:layout_constraintBottom_toBottomOf="parent"
-        app:layout_constraintLeft_toLeftOf="parent"
-        app:layout_constraintRight_toRightOf="parent"
-        app:layout_constraintTop_toTopOf="parent">
-
-        <TextView
-            android:layout_width="wrap_content"
-            android:layout_marginTop="16dp"
-            android:layout_height="wrap_content"
-            android:textSize="16sp"
-            android:textStyle="bold"
-            android:text="Updating device firmware..."/>
-
-        <TextView
-            android:layout_width="wrap_content"
-            android:layout_height="wrap_content"
-            android:textSize="12sp"
-            android:text="Do not disconnect the device or close the application"/>
-        <ProgressBar
-            android:id="@+id/update_progress_progressBar"
-            style="@android:style/Widget.ProgressBar.Horizontal"
-            android:layout_width="match_parent"
-            android:layout_height="wrap_content"
-            android:indeterminate="false"
-            android:progress="0" />
-    </LinearLayout>
-
-</androidx.constraintlayout.widget.ConstraintLayout>
\ No newline at end of file
diff --git a/tools/rsid-android-app/app/src/main/res/layout/item_recycler_file.xml b/tools/rsid-android-app/app/src/main/res/layout/item_recycler_file.xml
deleted file mode 100644
index 315acde..0000000
--- a/tools/rsid-android-app/app/src/main/res/layout/item_recycler_file.xml
+++ /dev/null
@@ -1,42 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<androidx.constraintlayout.widget.ConstraintLayout xmlns:android="http://schemas.android.com/apk/res/android"
-    xmlns:app="http://schemas.android.com/apk/res-auto"
-    xmlns:tools="http://schemas.android.com/tools"
-    android:layout_width="match_parent"
-    android:layout_height="wrap_content"
-    android:layout_marginBottom="1dp"
-    android:foreground="?selectableItemBackground"
-    android:padding="16dp">
-
-    <TextView
-        android:id="@+id/nameTextView"
-        android:layout_width="0dp"
-        android:layout_height="wrap_content"
-        android:textSize="20sp"
-        app:layout_constraintLeft_toLeftOf="parent"
-        app:layout_constraintRight_toRightOf="parent"
-        app:layout_constraintTop_toTopOf="parent"
-        tools:text="Placeholder" />
-
-    <TextView
-        android:id="@+id/folderTextView"
-        android:layout_width="0dp"
-        android:layout_height="wrap_content"
-        android:text="(Folder)"
-        android:textSize="12sp"
-        android:visibility="gone"
-        app:layout_constraintLeft_toLeftOf="@id/nameTextView"
-        app:layout_constraintRight_toRightOf="@id/nameTextView"
-        app:layout_constraintTop_toBottomOf="@id/nameTextView" />
-
-    <TextView
-        android:id="@+id/totalSizeTextView"
-        android:layout_width="0dp"
-        android:layout_height="wrap_content"
-        android:text="4 MB"
-        android:textSize="12sp"
-        app:layout_constraintLeft_toLeftOf="parent"
-        app:layout_constraintRight_toRightOf="parent"
-        app:layout_constraintTop_toBottomOf="@id/folderTextView" />
-
-</androidx.constraintlayout.widget.ConstraintLayout>
\ No newline at end of file
diff --git a/tools/rsid-android-app/app/src/main/res/layout/main_fragment.xml b/tools/rsid-android-app/app/src/main/res/layout/main_fragment.xml
deleted file mode 100644
index 146fcbd..0000000
--- a/tools/rsid-android-app/app/src/main/res/layout/main_fragment.xml
+++ /dev/null
@@ -1,20 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<androidx.constraintlayout.widget.ConstraintLayout xmlns:android="http://schemas.android.com/apk/res/android"
-    xmlns:app="http://schemas.android.com/apk/res-auto"
-    xmlns:tools="http://schemas.android.com/tools"
-    android:id="@+id/files_list"
-    android:layout_width="match_parent"
-    android:layout_height="match_parent"
-    tools:context=".FilesListFragment">
-
-    <TextView
-        android:id="@+id/message"
-        android:layout_width="wrap_content"
-        android:layout_height="wrap_content"
-        android:text="FilesListFragment"
-        app:layout_constraintBottom_toBottomOf="parent"
-        app:layout_constraintEnd_toEndOf="parent"
-        app:layout_constraintStart_toStartOf="parent"
-        app:layout_constraintTop_toTopOf="parent" />
-
-</androidx.constraintlayout.widget.ConstraintLayout>
\ No newline at end of file
diff --git a/tools/rsid-android-app/app/src/main/res/mipmap-anydpi-v26/ic_launcher.xml b/tools/rsid-android-app/app/src/main/res/mipmap-anydpi-v26/ic_launcher.xml
deleted file mode 100644
index eca70cf..0000000
--- a/tools/rsid-android-app/app/src/main/res/mipmap-anydpi-v26/ic_launcher.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<adaptive-icon xmlns:android="http://schemas.android.com/apk/res/android">
-    <background android:drawable="@drawable/ic_launcher_background" />
-    <foreground android:drawable="@drawable/ic_launcher_foreground" />
-</adaptive-icon>
\ No newline at end of file
diff --git a/tools/rsid-android-app/app/src/main/res/mipmap-anydpi-v26/ic_launcher_round.xml b/tools/rsid-android-app/app/src/main/res/mipmap-anydpi-v26/ic_launcher_round.xml
deleted file mode 100644
index eca70cf..0000000
--- a/tools/rsid-android-app/app/src/main/res/mipmap-anydpi-v26/ic_launcher_round.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<adaptive-icon xmlns:android="http://schemas.android.com/apk/res/android">
-    <background android:drawable="@drawable/ic_launcher_background" />
-    <foreground android:drawable="@drawable/ic_launcher_foreground" />
-</adaptive-icon>
\ No newline at end of file
diff --git a/tools/rsid-android-app/app/src/main/res/mipmap-hdpi/ic_launcher.png b/tools/rsid-android-app/app/src/main/res/mipmap-hdpi/ic_launcher.png
deleted file mode 100644
index a571e60..0000000
Binary files a/tools/rsid-android-app/app/src/main/res/mipmap-hdpi/ic_launcher.png and /dev/null differ
diff --git a/tools/rsid-android-app/app/src/main/res/mipmap-hdpi/ic_launcher_round.png b/tools/rsid-android-app/app/src/main/res/mipmap-hdpi/ic_launcher_round.png
deleted file mode 100644
index 61da551..0000000
Binary files a/tools/rsid-android-app/app/src/main/res/mipmap-hdpi/ic_launcher_round.png and /dev/null differ
diff --git a/tools/rsid-android-app/app/src/main/res/mipmap-mdpi/ic_launcher.png b/tools/rsid-android-app/app/src/main/res/mipmap-mdpi/ic_launcher.png
deleted file mode 100644
index c41dd28..0000000
Binary files a/tools/rsid-android-app/app/src/main/res/mipmap-mdpi/ic_launcher.png and /dev/null differ
diff --git a/tools/rsid-android-app/app/src/main/res/mipmap-mdpi/ic_launcher_round.png b/tools/rsid-android-app/app/src/main/res/mipmap-mdpi/ic_launcher_round.png
deleted file mode 100644
index db5080a..0000000
Binary files a/tools/rsid-android-app/app/src/main/res/mipmap-mdpi/ic_launcher_round.png and /dev/null differ
diff --git a/tools/rsid-android-app/app/src/main/res/mipmap-xhdpi/ic_launcher.png b/tools/rsid-android-app/app/src/main/res/mipmap-xhdpi/ic_launcher.png
deleted file mode 100644
index 6dba46d..0000000
Binary files a/tools/rsid-android-app/app/src/main/res/mipmap-xhdpi/ic_launcher.png and /dev/null differ
diff --git a/tools/rsid-android-app/app/src/main/res/mipmap-xhdpi/ic_launcher_round.png b/tools/rsid-android-app/app/src/main/res/mipmap-xhdpi/ic_launcher_round.png
deleted file mode 100644
index da31a87..0000000
Binary files a/tools/rsid-android-app/app/src/main/res/mipmap-xhdpi/ic_launcher_round.png and /dev/null differ
diff --git a/tools/rsid-android-app/app/src/main/res/mipmap-xxhdpi/ic_launcher.png b/tools/rsid-android-app/app/src/main/res/mipmap-xxhdpi/ic_launcher.png
deleted file mode 100644
index 15ac681..0000000
Binary files a/tools/rsid-android-app/app/src/main/res/mipmap-xxhdpi/ic_launcher.png and /dev/null differ
diff --git a/tools/rsid-android-app/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.png b/tools/rsid-android-app/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.png
deleted file mode 100644
index b216f2d..0000000
Binary files a/tools/rsid-android-app/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.png and /dev/null differ
diff --git a/tools/rsid-android-app/app/src/main/res/mipmap-xxxhdpi/ic_launcher.png b/tools/rsid-android-app/app/src/main/res/mipmap-xxxhdpi/ic_launcher.png
deleted file mode 100644
index f25a419..0000000
Binary files a/tools/rsid-android-app/app/src/main/res/mipmap-xxxhdpi/ic_launcher.png and /dev/null differ
diff --git a/tools/rsid-android-app/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.png b/tools/rsid-android-app/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.png
deleted file mode 100644
index e96783c..0000000
Binary files a/tools/rsid-android-app/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.png and /dev/null differ
diff --git a/tools/rsid-android-app/app/src/main/res/values-night/themes.xml b/tools/rsid-android-app/app/src/main/res/values-night/themes.xml
deleted file mode 100644
index 203e219..0000000
--- a/tools/rsid-android-app/app/src/main/res/values-night/themes.xml
+++ /dev/null
@@ -1,16 +0,0 @@
-<resources xmlns:tools="http://schemas.android.com/tools">
-    <!-- Base application theme. -->
-    <style name="Theme.MyApplication" parent="Theme.MaterialComponents.DayNight.DarkActionBar">
-        <!-- Primary brand color. -->
-        <item name="colorPrimary">@color/purple_200</item>
-        <item name="colorPrimaryVariant">@color/purple_700</item>
-        <item name="colorOnPrimary">@color/black</item>
-        <!-- Secondary brand color. -->
-        <item name="colorSecondary">@color/teal_200</item>
-        <item name="colorSecondaryVariant">@color/teal_200</item>
-        <item name="colorOnSecondary">@color/black</item>
-        <!-- Status bar color. -->
-        <item name="android:statusBarColor" tools:targetApi="l">?attr/colorPrimaryVariant</item>
-        <!-- Customize your theme here. -->
-    </style>
-</resources>
\ No newline at end of file
diff --git a/tools/rsid-android-app/app/src/main/res/values/colors.xml b/tools/rsid-android-app/app/src/main/res/values/colors.xml
deleted file mode 100644
index 7aa8ba8..0000000
--- a/tools/rsid-android-app/app/src/main/res/values/colors.xml
+++ /dev/null
@@ -1,13 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<resources>
-    <color name="colorPrimary">#6200EE</color>
-    <color name="colorPrimaryDark">#3700B3</color>
-    <color name="colorAccent">#03DAC5</color>
-    <color name="purple_200">#FFBB86FC</color>
-    <color name="purple_500">#FF6200EE</color>
-    <color name="purple_700">#FF3700B3</color>
-    <color name="teal_200">#FF03DAC5</color>
-    <color name="teal_700">#FF018786</color>
-    <color name="black">#FF000000</color>
-    <color name="white">#FFFFFFFF</color>
-</resources>
diff --git a/tools/rsid-android-app/app/src/main/res/values/strings.xml b/tools/rsid-android-app/app/src/main/res/values/strings.xml
deleted file mode 100644
index 3f528b8..0000000
--- a/tools/rsid-android-app/app/src/main/res/values/strings.xml
+++ /dev/null
@@ -1,28 +0,0 @@
-<resources>
-    <string name="app_name">F450 Over Serial</string>
-    <string name="btn_enroll">Enroll</string>
-    <string name="btn_authenticate">Authenticate</string>
-    <string name="btn_remove_all">Remove all</string>
-    <string name="authenticate_forbidden">Forbidden</string>
-    <string name="authenticate_greet">Hello</string>
-    <string name="remove_all_success">Removed all users</string>
-    <string name="remove_all_fail">Failed to remove all users</string>
-    <string name="enroll_success">Enrolled Successfully</string>
-    <string name="enroll_fail">Enrollment Failed</string>
-    <string name="permission_not_granted">Mandatory permission not granted</string>
-    <string name="device_not_found">Supported USB device not found</string>
-    <string name="btn_clear_messages">Clear Messages</string>
-    <string name="btn_ok">Ok</string>
-    <string name="btn_cancel">Cancel</string>
-    <string name="edit_user_id">User ID</string>
-    <string name="image_descriptor">Preview place holder</string>
-    <string name="action_flip_camera">Flip camera orientation</string>
-    <string name="action_allow_mask">Allow mask</string>
-    <string name="btn_remove">Remove</string>
-    <string name="btn_remove_selected">Remove selected</string>
-    <string name="btn_back_from_remove">Back</string>
-    <string name="action_standby">Standby</string>
-    <string name="action_unpair">Unpair</string>
-    <string name="action_pair">Pair</string>
-    <string name="action_firmware_update">Firmware update</string>
-</resources>
diff --git a/tools/rsid-android-app/app/src/main/res/values/themes.xml b/tools/rsid-android-app/app/src/main/res/values/themes.xml
deleted file mode 100644
index 65789b5..0000000
--- a/tools/rsid-android-app/app/src/main/res/values/themes.xml
+++ /dev/null
@@ -1,25 +0,0 @@
-<resources xmlns:tools="http://schemas.android.com/tools">
-    <!-- Base application theme. -->
-    <style name="Theme.MyApplication" parent="Theme.MaterialComponents.DayNight.DarkActionBar">
-        <!-- Primary brand color. -->
-        <item name="colorPrimary">@color/purple_500</item>
-        <item name="colorPrimaryVariant">@color/purple_700</item>
-        <item name="colorOnPrimary">@color/white</item>
-        <!-- Secondary brand color. -->
-        <item name="colorSecondary">@color/teal_200</item>
-        <item name="colorSecondaryVariant">@color/teal_700</item>
-        <item name="colorOnSecondary">@color/black</item>
-        <!-- Status bar color. -->
-        <item name="android:statusBarColor" tools:targetApi="l">?attr/colorPrimaryVariant</item>
-        <!-- Customize your theme here. -->
-    </style>
-
-    <style name="Theme.MyApplication.NoActionBar">
-        <item name="windowActionBar">false</item>
-        <item name="windowNoTitle">true</item>
-    </style>
-
-    <style name="Theme.MyApplication.AppBarOverlay" parent="ThemeOverlay.AppCompat.Dark.ActionBar" />
-
-    <style name="Theme.MyApplication.PopupOverlay" parent="ThemeOverlay.AppCompat.Light" />
-</resources>
\ No newline at end of file
diff --git a/tools/rsid-android-app/app/src/main/res/xml/device_filter.xml b/tools/rsid-android-app/app/src/main/res/xml/device_filter.xml
deleted file mode 100644
index b67b684..0000000
--- a/tools/rsid-android-app/app/src/main/res/xml/device_filter.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-
-<resources>
-    <usb-device vendor-id="10925" />
-</resources>
\ No newline at end of file
diff --git a/tools/rsid-android-app/app/src/secured/java/com/intel/realsenseid/f450androidexample/FaceAuthenticatorCreator.java b/tools/rsid-android-app/app/src/secured/java/com/intel/realsenseid/f450androidexample/FaceAuthenticatorCreator.java
deleted file mode 100644
index f850b75..0000000
--- a/tools/rsid-android-app/app/src/secured/java/com/intel/realsenseid/f450androidexample/FaceAuthenticatorCreator.java
+++ /dev/null
@@ -1,28 +0,0 @@
-package com.intel.realsenseid.f450androidexample;
-
-import android.util.Log;
-import com.intel.realsenseid.api.AndroidSerialConfig;
-import com.intel.realsenseid.api.FaceAuthenticator;
-import com.intel.realsenseid.api.SignHelper;
-import com.intel.realsenseid.api.Status;
-
-
-public class FaceAuthenticatorCreator {
-    private static final String TAG = "FACreator";
-    private SignHelper m_signHelper;
-
-    public FaceAuthenticator Create(AndroidSerialConfig config) {
-        m_signHelper = new SignHelper();
-        FaceAuthenticator faceAuthenticator = new FaceAuthenticator(m_signHelper);
-        if (null != faceAuthenticator) {
-            Log.d(TAG, "FaceAuthenticator class was created");
-            faceAuthenticator.Connect(config);
-            Status s = m_signHelper.ExchangeKeys(faceAuthenticator);
-            faceAuthenticator.Disconnect();
-            if (s != Status.Ok) {
-                Log.e(TAG, "Failed keys exchange");
-            }
-        }
-        return faceAuthenticator;
-    }
-}
diff --git a/tools/rsid-android-app/app/src/secured/java/com/intel/realsenseid/f450androidexample/MenuHelper.java b/tools/rsid-android-app/app/src/secured/java/com/intel/realsenseid/f450androidexample/MenuHelper.java
deleted file mode 100644
index 474ba2c..0000000
--- a/tools/rsid-android-app/app/src/secured/java/com/intel/realsenseid/f450androidexample/MenuHelper.java
+++ /dev/null
@@ -1,18 +0,0 @@
-package com.intel.realsenseid.f450androidexample;
-
-import android.util.Log;
-
-import com.intel.realsenseid.api.FaceAuthenticator;
-import com.intel.realsenseid.api.Status;
-
-public class MenuHelper {
-    private static final String TAG = "MenuHelper";
-
-    public static void HandleSelection(int id, FaceAuthenticator faceAuthenticator) {
-        switch (id) {
-            case R.id.action_unpair:
-                Status s = faceAuthenticator.Unpair();
-                Log.d(TAG, String.format("Unpair action status: %s", s.toString()));
-        }
-    }
-}
diff --git a/tools/rsid-android-app/app/src/secured/res/menu/menu_main.xml b/tools/rsid-android-app/app/src/secured/res/menu/menu_main.xml
deleted file mode 100644
index 9b9a993..0000000
--- a/tools/rsid-android-app/app/src/secured/res/menu/menu_main.xml
+++ /dev/null
@@ -1,51 +0,0 @@
-<menu xmlns:android="http://schemas.android.com/apk/res/android"
-    xmlns:app="http://schemas.android.com/apk/res-auto"
-    xmlns:tools="http://schemas.android.com/tools"
-    tools:context="com.example.myapplication.MainActivity">
-    <item
-        android:id="@+id/action_firmware_update"
-        android:orderInCategory="100"
-        android:title="@string/action_firmware_update"
-        app:showAsAction="never"
-        app:actionViewClass="android.widget.Button"
-        />
-    <item
-        android:id="@+id/action_flip_camera"
-        android:orderInCategory="100"
-        android:title="@string/action_flip_camera"
-        app:showAsAction="never"
-        android:checkable="true"
-        app:actionViewClass="android.widget.CheckBox"
-        />
-    <item
-        android:id="@+id/action_allow_mask"
-        android:orderInCategory="100"
-        android:title="@string/action_allow_mask"
-        app:showAsAction="never"
-        android:checkable="true"
-        app:actionViewClass="android.widget.CheckBox"
-        />
-    <item
-        android:id="@+id/action_standby"
-        android:orderInCategory="100"
-        android:title="@string/action_standby"
-        app:showAsAction="never"
-        app:actionViewClass="android.widget.Button"
-        />
-    <!--TODO: Extend to include Pair option as well-->
-    <!--<item
-        android:id="@+id/action_pair"
-        android:orderInCategory="100"
-        android:title="@string/action_pair"
-        app:showAsAction="never"
-        app:actionViewClass="android.widget.Button"
-        />-->
-    <item
-        android:id="@+id/action_unpair"
-        android:orderInCategory="100"
-        android:title="@string/action_unpair"
-        app:showAsAction="never"
-        app:actionViewClass="android.widget.Button"
-        />
-
-</menu>
\ No newline at end of file
diff --git a/tools/rsid-android-app/app/src/test/java/com/intel/realsenseid/f450androidexample/ExampleUnitTest.java b/tools/rsid-android-app/app/src/test/java/com/intel/realsenseid/f450androidexample/ExampleUnitTest.java
deleted file mode 100644
index f8db474..0000000
--- a/tools/rsid-android-app/app/src/test/java/com/intel/realsenseid/f450androidexample/ExampleUnitTest.java
+++ /dev/null
@@ -1,17 +0,0 @@
-package com.intel.realsenseid.f450androidexample;
-
-import org.junit.Test;
-
-import static org.junit.Assert.*;
-
-/**
- * Example local unit test, which will execute on the development machine (host).
- *
- * @see <a href="http://d.android.com/tools/testing">Testing documentation</a>
- */
-public class ExampleUnitTest {
-    @Test
-    public void addition_isCorrect() {
-        assertEquals(4, 2 + 2);
-    }
-}
\ No newline at end of file
diff --git a/tools/rsid-android-app/app/src/unsecured/java/com/intel/realsenseid/f450androidexample/FaceAuthenticatorCreator.java b/tools/rsid-android-app/app/src/unsecured/java/com/intel/realsenseid/f450androidexample/FaceAuthenticatorCreator.java
deleted file mode 100644
index cdcd855..0000000
--- a/tools/rsid-android-app/app/src/unsecured/java/com/intel/realsenseid/f450androidexample/FaceAuthenticatorCreator.java
+++ /dev/null
@@ -1,12 +0,0 @@
-package com.intel.realsenseid.f450androidexample;
-
-import com.intel.realsenseid.api.AndroidSerialConfig;
-import com.intel.realsenseid.api.FaceAuthenticator;
-
-public class FaceAuthenticatorCreator {
-    private static final String TAG = "FACreator";
-
-    public FaceAuthenticator Create(AndroidSerialConfig config) {
-        return new FaceAuthenticator();
-    }
-}
diff --git a/tools/rsid-android-app/app/src/unsecured/java/com/intel/realsenseid/f450androidexample/MenuHelper.java b/tools/rsid-android-app/app/src/unsecured/java/com/intel/realsenseid/f450androidexample/MenuHelper.java
deleted file mode 100644
index 40e04a5..0000000
--- a/tools/rsid-android-app/app/src/unsecured/java/com/intel/realsenseid/f450androidexample/MenuHelper.java
+++ /dev/null
@@ -1,11 +0,0 @@
-package com.intel.realsenseid.f450androidexample;
-
-import com.intel.realsenseid.api.FaceAuthenticator;
-
-public class MenuHelper {
-    private static final String TAG = "MenuHelper";
-
-    public static void HandleSelection(int id, FaceAuthenticator faceAuthenticator) {
-        return;
-    }
-}
diff --git a/tools/rsid-android-app/app/src/unsecured/res/menu/menu_main.xml b/tools/rsid-android-app/app/src/unsecured/res/menu/menu_main.xml
deleted file mode 100644
index 6b3add8..0000000
--- a/tools/rsid-android-app/app/src/unsecured/res/menu/menu_main.xml
+++ /dev/null
@@ -1,35 +0,0 @@
-<menu xmlns:android="http://schemas.android.com/apk/res/android"
-    xmlns:app="http://schemas.android.com/apk/res-auto"
-    xmlns:tools="http://schemas.android.com/tools"
-    tools:context="com.example.myapplication.MainActivity">
-    <item
-        android:id="@+id/action_firmware_update"
-        android:orderInCategory="100"
-        android:title="@string/action_firmware_update"
-        app:showAsAction="never"
-        app:actionViewClass="android.widget.Button"
-        />
-    <item
-        android:id="@+id/action_flip_camera"
-        android:orderInCategory="100"
-        android:title="@string/action_flip_camera"
-        app:showAsAction="never"
-        android:checkable="true"
-        app:actionViewClass="android.widget.CheckBox"
-        />
-    <item
-        android:id="@+id/action_allow_mask"
-        android:orderInCategory="100"
-        android:title="@string/action_allow_mask"
-        app:showAsAction="never"
-        android:checkable="true"
-        app:actionViewClass="android.widget.CheckBox"
-        />
-    <item
-        android:id="@+id/action_standby"
-        android:orderInCategory="100"
-        android:title="@string/action_standby"
-        app:showAsAction="never"
-        app:actionViewClass="android.widget.Button"
-        />
-</menu>
\ No newline at end of file
diff --git a/tools/rsid-android-app/build.gradle b/tools/rsid-android-app/build.gradle
deleted file mode 100644
index 18be775..0000000
--- a/tools/rsid-android-app/build.gradle
+++ /dev/null
@@ -1,22 +0,0 @@
-buildscript {
-    
-    repositories {
-        google()
-        jcenter()
-        
-    }
-    dependencies {
-        classpath 'com.android.tools.build:gradle:4.2.2'
-    }
-}
-
-allprojects {
-    repositories {
-        google()
-        jcenter()
-    }
-}
-
-task clean(type: Delete) {
-    delete rootProject.buildDir
-}
diff --git a/tools/rsid-android-app/gradle.properties b/tools/rsid-android-app/gradle.properties
deleted file mode 100644
index 5b150b9..0000000
--- a/tools/rsid-android-app/gradle.properties
+++ /dev/null
@@ -1,21 +0,0 @@
-# Project-wide Gradle settings.
-# IDE (e.g. Android Studio) users:
-# Gradle settings configured through the IDE *will override*
-# any settings specified in this file.
-# For more details on how to configure your build environment visit
-# http://www.gradle.org/docs/current/userguide/build_environment.html
-# Specifies the JVM arguments used for the daemon process.
-# The setting is particularly useful for tweaking memory settings.
-org.gradle.jvmargs=-Xmx1536m
-# When configured, Gradle will run in incubating parallel mode.
-# This option should only be used with decoupled projects. More details, visit
-# http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects
-# org.gradle.parallel=true
-# AndroidX package structure to make it clearer which packages are bundled with the
-# Android operating system, and which are packaged with your app's APK
-# https://developer.android.com/topic/libraries/support-library/androidx-rn
-android.useAndroidX=true
-# Automatically convert third-party libraries to use AndroidX
-android.enableJetifier=true
-org.gradle.daemon=true
-org.gradle.configureondemand=true
\ No newline at end of file
diff --git a/tools/rsid-android-app/gradle/wrapper/gradle-wrapper.jar b/tools/rsid-android-app/gradle/wrapper/gradle-wrapper.jar
deleted file mode 100644
index f6b961f..0000000
Binary files a/tools/rsid-android-app/gradle/wrapper/gradle-wrapper.jar and /dev/null differ
diff --git a/tools/rsid-android-app/gradle/wrapper/gradle-wrapper.properties b/tools/rsid-android-app/gradle/wrapper/gradle-wrapper.properties
deleted file mode 100644
index 15e511f..0000000
--- a/tools/rsid-android-app/gradle/wrapper/gradle-wrapper.properties
+++ /dev/null
@@ -1,6 +0,0 @@
-#Thu Nov 05 11:33:22 IST 2020
-distributionBase=GRADLE_USER_HOME
-distributionPath=wrapper/dists
-zipStoreBase=GRADLE_USER_HOME
-zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-6.7.1-bin.zip
diff --git a/tools/rsid-android-app/gradlew b/tools/rsid-android-app/gradlew
deleted file mode 100644
index cccdd3d..0000000
--- a/tools/rsid-android-app/gradlew
+++ /dev/null
@@ -1,172 +0,0 @@
-#!/usr/bin/env sh
-
-##############################################################################
-##
-##  Gradle start up script for UN*X
-##
-##############################################################################
-
-# Attempt to set APP_HOME
-# Resolve links: $0 may be a link
-PRG="$0"
-# Need this for relative symlinks.
-while [ -h "$PRG" ] ; do
-    ls=`ls -ld "$PRG"`
-    link=`expr "$ls" : '.*-> \(.*\)$'`
-    if expr "$link" : '/.*' > /dev/null; then
-        PRG="$link"
-    else
-        PRG=`dirname "$PRG"`"/$link"
-    fi
-done
-SAVED="`pwd`"
-cd "`dirname \"$PRG\"`/" >/dev/null
-APP_HOME="`pwd -P`"
-cd "$SAVED" >/dev/null
-
-APP_NAME="Gradle"
-APP_BASE_NAME=`basename "$0"`
-
-# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-DEFAULT_JVM_OPTS=""
-
-# Use the maximum available, or set MAX_FD != -1 to use that value.
-MAX_FD="maximum"
-
-warn () {
-    echo "$*"
-}
-
-die () {
-    echo
-    echo "$*"
-    echo
-    exit 1
-}
-
-# OS specific support (must be 'true' or 'false').
-cygwin=false
-msys=false
-darwin=false
-nonstop=false
-case "`uname`" in
-  CYGWIN* )
-    cygwin=true
-    ;;
-  Darwin* )
-    darwin=true
-    ;;
-  MINGW* )
-    msys=true
-    ;;
-  NONSTOP* )
-    nonstop=true
-    ;;
-esac
-
-CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
-
-# Determine the Java command to use to start the JVM.
-if [ -n "$JAVA_HOME" ] ; then
-    if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
-        # IBM's JDK on AIX uses strange locations for the executables
-        JAVACMD="$JAVA_HOME/jre/sh/java"
-    else
-        JAVACMD="$JAVA_HOME/bin/java"
-    fi
-    if [ ! -x "$JAVACMD" ] ; then
-        die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
-
-Please set the JAVA_HOME variable in your environment to match the
-location of your Java installation."
-    fi
-else
-    JAVACMD="java"
-    which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
-
-Please set the JAVA_HOME variable in your environment to match the
-location of your Java installation."
-fi
-
-# Increase the maximum file descriptors if we can.
-if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then
-    MAX_FD_LIMIT=`ulimit -H -n`
-    if [ $? -eq 0 ] ; then
-        if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
-            MAX_FD="$MAX_FD_LIMIT"
-        fi
-        ulimit -n $MAX_FD
-        if [ $? -ne 0 ] ; then
-            warn "Could not set maximum file descriptor limit: $MAX_FD"
-        fi
-    else
-        warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
-    fi
-fi
-
-# For Darwin, add options to specify how the application appears in the dock
-if $darwin; then
-    GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
-fi
-
-# For Cygwin, switch paths to Windows format before running java
-if $cygwin ; then
-    APP_HOME=`cygpath --path --mixed "$APP_HOME"`
-    CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
-    JAVACMD=`cygpath --unix "$JAVACMD"`
-
-    # We build the pattern for arguments to be converted via cygpath
-    ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
-    SEP=""
-    for dir in $ROOTDIRSRAW ; do
-        ROOTDIRS="$ROOTDIRS$SEP$dir"
-        SEP="|"
-    done
-    OURCYGPATTERN="(^($ROOTDIRS))"
-    # Add a user-defined pattern to the cygpath arguments
-    if [ "$GRADLE_CYGPATTERN" != "" ] ; then
-        OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
-    fi
-    # Now convert the arguments - kludge to limit ourselves to /bin/sh
-    i=0
-    for arg in "$@" ; do
-        CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
-        CHECK2=`echo "$arg"|egrep -c "^-"`                                 ### Determine if an option
-
-        if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then                    ### Added a condition
-            eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
-        else
-            eval `echo args$i`="\"$arg\""
-        fi
-        i=$((i+1))
-    done
-    case $i in
-        (0) set -- ;;
-        (1) set -- "$args0" ;;
-        (2) set -- "$args0" "$args1" ;;
-        (3) set -- "$args0" "$args1" "$args2" ;;
-        (4) set -- "$args0" "$args1" "$args2" "$args3" ;;
-        (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
-        (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
-        (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
-        (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
-        (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
-    esac
-fi
-
-# Escape application args
-save () {
-    for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done
-    echo " "
-}
-APP_ARGS=$(save "$@")
-
-# Collect all arguments for the java command, following the shell quoting and substitution rules
-eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS"
-
-# by default we should be in the correct project dir, but when run from Finder on Mac, the cwd is wrong
-if [ "$(uname)" = "Darwin" ] && [ "$HOME" = "$PWD" ]; then
-  cd "$(dirname "$0")"
-fi
-
-exec "$JAVACMD" "$@"
diff --git a/tools/rsid-android-app/gradlew.bat b/tools/rsid-android-app/gradlew.bat
deleted file mode 100644
index f955316..0000000
--- a/tools/rsid-android-app/gradlew.bat
+++ /dev/null
@@ -1,84 +0,0 @@
-@if "%DEBUG%" == "" @echo off
-@rem ##########################################################################
-@rem
-@rem  Gradle startup script for Windows
-@rem
-@rem ##########################################################################
-
-@rem Set local scope for the variables with windows NT shell
-if "%OS%"=="Windows_NT" setlocal
-
-set DIRNAME=%~dp0
-if "%DIRNAME%" == "" set DIRNAME=.
-set APP_BASE_NAME=%~n0
-set APP_HOME=%DIRNAME%
-
-@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-set DEFAULT_JVM_OPTS=
-
-@rem Find java.exe
-if defined JAVA_HOME goto findJavaFromJavaHome
-
-set JAVA_EXE=java.exe
-%JAVA_EXE% -version >NUL 2>&1
-if "%ERRORLEVEL%" == "0" goto init
-
-echo.
-echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
-
-goto fail
-
-:findJavaFromJavaHome
-set JAVA_HOME=%JAVA_HOME:"=%
-set JAVA_EXE=%JAVA_HOME%/bin/java.exe
-
-if exist "%JAVA_EXE%" goto init
-
-echo.
-echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
-
-goto fail
-
-:init
-@rem Get command-line arguments, handling Windows variants
-
-if not "%OS%" == "Windows_NT" goto win9xME_args
-
-:win9xME_args
-@rem Slurp the command line arguments.
-set CMD_LINE_ARGS=
-set _SKIP=2
-
-:win9xME_args_slurp
-if "x%~1" == "x" goto execute
-
-set CMD_LINE_ARGS=%*
-
-:execute
-@rem Setup the command line
-
-set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
-
-@rem Execute Gradle
-"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS%
-
-:end
-@rem End local scope for the variables with windows NT shell
-if "%ERRORLEVEL%"=="0" goto mainEnd
-
-:fail
-rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
-rem the _cmd.exe /c_ return code!
-if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
-exit /b 1
-
-:mainEnd
-if "%OS%"=="Windows_NT" endlocal
-
-:omega
diff --git a/tools/rsid-android-app/settings.gradle b/tools/rsid-android-app/settings.gradle
deleted file mode 100644
index 2ac635e..0000000
--- a/tools/rsid-android-app/settings.gradle
+++ /dev/null
@@ -1,3 +0,0 @@
-rootProject.name='RealSenseID Android Example'
-include ':app', ':RealSenseIDSwigClient'
-project(':RealSenseIDSwigClient').projectDir = new File('../../wrappers/android')
diff --git a/tools/rsid-cli/CMakeLists.txt b/tools/rsid-cli/CMakeLists.txt
index 6d272eb..97175f0 100644
--- a/tools/rsid-cli/CMakeLists.txt
+++ b/tools/rsid-cli/CMakeLists.txt
@@ -16,3 +16,5 @@ set_property(TARGET ${EXE_NAME} PROPERTY VS_DEBUGGER_WORKING_DIRECTORY "$<TARGET
 
 
 set_target_properties(${EXE_NAME} PROPERTIES FOLDER "tools")
+
+set_common_compile_opts(${EXE_NAME})
diff --git a/tools/rsid-cli/main.cc b/tools/rsid-cli/main.cc
index 6b85323..09bf00e 100644
--- a/tools/rsid-cli/main.cc
+++ b/tools/rsid-cli/main.cc
@@ -11,13 +11,13 @@
 #include "RealSenseID/Version.h"
 #include "RealSenseID/Logging.h"
 #include "RealSenseID/Faceprints.h"
+#include "RealSenseID/UpdateChecker.h"
 #include <chrono>
 #include <string>
 #include <iostream>
-#include <stdio.h>
-#include <stdlib.h>
-#include <cstring>
 #include <cstdio>
+#include <cstdlib>
+#include <cstring>
 #include <memory>
 #include <map>
 #include <set>
@@ -174,7 +174,7 @@ void pair_device(const RealSenseID::SerialConfig& serial_config)
 {
     auto authenticator = CreateAuthenticator(serial_config);
     char* host_pubkey = (char*)s_signer.GetHostPubKey();
-    char host_pubkey_signature[32] = {0};
+    char host_pubkey_signature[64] = {0};
     char device_pubkey[64] = {0};
     auto pair_status = authenticator->Pair(host_pubkey, host_pubkey_signature, device_pubkey);
     if (pair_status != RealSenseID::Status::Ok)
@@ -300,9 +300,7 @@ void get_users(const RealSenseID::SerialConfig& serial_config)
 
 void standby_db_save(const RealSenseID::SerialConfig& serial_config)
 {
-    auto authenticator = CreateAuthenticator(serial_config);
-
-    unsigned int number_of_users = 0;
+    auto authenticator = CreateAuthenticator(serial_config);    
     auto status = authenticator->Standby();
     std::cout << "Status: " << status << std::endl << std::endl;
 }
@@ -343,6 +341,53 @@ void device_info(const RealSenseID::SerialConfig& serial_config)
     std::cout << "\n";
 }
 
+void check_for_updates(const RealSenseID::SerialConfig& serial_config) {
+    std::cout << "Checking for updates:\n";
+
+    RealSenseID::UpdateCheck::ReleaseInfo remote {};
+    RealSenseID::UpdateCheck::ReleaseInfo local {};
+
+    auto updateChecker = RealSenseID::UpdateCheck::UpdateChecker();
+
+    auto status = updateChecker.GetRemoteReleaseInfo(remote);
+    if (status != RealSenseID::Status::Ok) {
+        std::cout << "Failed to fetch remote update info.\n";
+        std::cout << "\n";
+        return;
+    }
+
+    status = updateChecker.GetLocalReleaseInfo(serial_config, local);
+    if (status != RealSenseID::Status::Ok)
+    {
+        std::cout << "Failed to fetch local firmware version info from device.\n";
+        std::cout << "\n";
+        return;
+    }
+
+    if (remote.sw_version > local.sw_version || remote.fw_version > local.fw_version) {
+        std::cout << "Update available!\n";
+        if (remote.sw_version > local.sw_version) {
+            std::cout << " ** Host software update available.\n";
+            std::cout << "      Local Software Version: " << local.sw_version_str << "\n";
+            std::cout << "     Update Software Version: " << remote.sw_version_str << "\n";
+        }
+        if (remote.fw_version > local.fw_version) {
+            std::cout << " ** Firmware update available.\n";
+            std::cout << "      Local Firmware Version: " << local.fw_version_str << "\n";
+            std::cout << "     Update Firmware Version: " << remote.fw_version_str << "\n";
+        }
+
+        std::cout << " * Release notes: " << remote.release_notes_url << "\n";
+        std::cout << " * Update URL: " << remote.release_url << "\n";
+    } else {
+        std::cout << "You are running the latest software and firmware!\n";
+        std::cout << "      Local Software Version: " << local.sw_version_str << "\n";
+        std::cout << "      Local Firmware Version: " << local.fw_version_str << "\n";
+    }
+
+    std::cout << "\n";
+}
+
 // ping X iterations and display roundtrip times
 void ping_device(const RealSenseID::SerialConfig& serial_config, int iters)
 {
@@ -480,9 +525,7 @@ class FaceprintsAuthClbk : public RealSenseID::AuthFaceprintsExtractionCallback
         ::memcpy(&scanned_faceprint.data.featuresVector[0], &faceprints->data.featuresVector[0],
                  sizeof(faceprints->data.featuresVector));
 
-        // try to match the new faceprint to one of the faceprints stored in the db
-        RealSenseID::Faceprints updated_faceprint;
-
+        // try to match the new faceprint to one of the faceprints stored in the db        
         std::cout << "\nSearching " << s_user_faceprint_db.size() << " faceprints" << std::endl;
 
         int save_max_score = -1;
@@ -601,6 +644,7 @@ void print_menu()
     print_menu_opt("'n' to query number of users.");
     print_menu_opt("'b' to save device's database before standby.");
     print_menu_opt("'v' to view additional information.");
+    print_menu_opt("'r' to check for software update.");
     print_menu_opt("'x' to ping the device.");
     print_menu_opt("'q' to quit.");
 
@@ -619,8 +663,6 @@ void sample_loop(const RealSenseID::SerialConfig& serial_config)
     bool is_running = true;
     std::string input;
 
-    get_device_config(serial_config);
-
     while (is_running)
     {
         print_menu();
@@ -680,11 +722,11 @@ void sample_loop(const RealSenseID::SerialConfig& serial_config)
             std::string sec_level;
             std::cout << "Set security level(medium/high/low): ";
             std::getline(std::cin, sec_level);
-            if (sec_level.find("med") != -1)
+            if (sec_level.find("med") != std::string::npos)
             {
                 config.security_level = RealSenseID::DeviceConfig::SecurityLevel::Medium;
             }
-            else if (sec_level.find("low") != -1)
+            else if (sec_level.find("low") != std::string::npos)
             {
                 config.security_level = RealSenseID::DeviceConfig::SecurityLevel::Low;
             }
@@ -694,15 +736,15 @@ void sample_loop(const RealSenseID::SerialConfig& serial_config)
             }
             std::cout << "Set algo flow (all/detection/recognition/spoof only): ";
             std::getline(std::cin, sec_level);
-            if (sec_level.find("rec") != -1)
+            if (sec_level.find("rec") != std::string::npos)
             {
                 config.algo_flow = RealSenseID::DeviceConfig::AlgoFlow::RecognitionOnly;
             }
-            else if (sec_level.find("spoof") != -1)
+            else if (sec_level.find("spoof") != std::string::npos)
             {
                 config.algo_flow = RealSenseID::DeviceConfig::AlgoFlow::SpoofOnly;
             }
-            else if (sec_level.find("detection") != -1)
+            else if (sec_level.find("detection") != std::string::npos)
             {
                 config.algo_flow = RealSenseID::DeviceConfig::AlgoFlow::FaceDetectionOnly;
             }
@@ -717,15 +759,15 @@ void sample_loop(const RealSenseID::SerialConfig& serial_config)
             std::cout << "Set matcher confidence level (high/medium/low): ";
             std::getline(std::cin, matcher_confidence_level);
 
-            if (matcher_confidence_level.find("hi") != -1)
+            if (matcher_confidence_level.find("hi") != std::string::npos)
             {
                 config.matcher_confidence_level = RealSenseID::DeviceConfig::MatcherConfidenceLevel::High;
             }
-            else if (matcher_confidence_level.find("med") != -1)
+            else if (matcher_confidence_level.find("med") != std::string::npos)
             {
                 config.matcher_confidence_level = RealSenseID::DeviceConfig::MatcherConfidenceLevel::Medium;
             }
-            else if (matcher_confidence_level.find("lo") != -1)
+            else if (matcher_confidence_level.find("lo") != std::string::npos)
             {
                 config.matcher_confidence_level = RealSenseID::DeviceConfig::MatcherConfidenceLevel::Low;
             }
@@ -745,7 +787,7 @@ void sample_loop(const RealSenseID::SerialConfig& serial_config)
 
             std::cout << "Set multiple face policy (single/all): ";
             std::getline(std::cin, sec_level);
-            if (sec_level.find("all") != -1)
+            if (sec_level.find("all") != std::string::npos)
             {
                 config.face_selection_policy = RealSenseID::DeviceConfig::FaceSelectionPolicy::All;
             }
@@ -772,6 +814,9 @@ void sample_loop(const RealSenseID::SerialConfig& serial_config)
         case 'v':
             device_info(serial_config);
             break;
+        case 'r':
+            check_for_updates(serial_config);
+            break;
         case 'x': {
             int iters = -1;
             std::string line;
@@ -825,7 +870,15 @@ void sample_loop(const RealSenseID::SerialConfig& serial_config)
 
 int main(int argc, char* argv[])
 {
-    auto config = config_from_argv(argc, argv);
-    sample_loop(config);
-    return 0;
+    try
+    {
+        auto config = config_from_argv(argc, argv);
+        sample_loop(config);
+        return 0;
+    }
+    catch (const std::exception& ex)
+    {
+        std::cerr << "Exception occured: " << ex.what() << std::endl;
+        return 1;
+    }
 }
\ No newline at end of file
diff --git a/tools/rsid-fw-update/CMakeLists.txt b/tools/rsid-fw-update/CMakeLists.txt
index 40b19b2..764f8ee 100644
--- a/tools/rsid-fw-update/CMakeLists.txt
+++ b/tools/rsid-fw-update/CMakeLists.txt
@@ -17,3 +17,5 @@ set_target_properties(${EXE_NAME}
 	PROPERTIES FOLDER "tools"
 	COMPILE_DEFINITIONS $<$<CXX_COMPILER_ID:MSVC>:_CRT_SECURE_NO_WARNINGS>
 )
+
+set_common_compile_opts(${EXE_NAME})
diff --git a/tools/rsid-fw-update/main.cc b/tools/rsid-fw-update/main.cc
index 8e37350..77b5f38 100644
--- a/tools/rsid-fw-update/main.cc
+++ b/tools/rsid-fw-update/main.cc
@@ -40,7 +40,7 @@ struct FullDeviceInfo
 static int UserDeviceSelection(const std::vector<FullDeviceInfo>& devices)
 {
     std::cout << "Detected devices:\n";
-    for (int i = 0; i < devices.size(); ++i)
+    for (size_t i = 0; i < devices.size(); ++i)
     {
         const auto& device = devices.at(i);
         std::cout << " " << i + 1 << ") S/N: " << device.metadata->serial_number << " "
@@ -50,7 +50,7 @@ static int UserDeviceSelection(const std::vector<FullDeviceInfo>& devices)
 
     int device_index = -1;
 
-    while (device_index < 1 || device_index > devices.size())
+    while (device_index < 1 || device_index > static_cast<int>(devices.size()))
     {
         std::cout << "> ";
 
@@ -207,14 +207,6 @@ static DeviceMetadata QueryDeviceMetadata(const RealSenseID::SerialConfig& seria
     return metadata;
 }
 
-static bool IsDeviceAlive(const RealSenseID::SerialConfig& serial_config)
-{
-    RealSenseID::DeviceController device_controller;
-    device_controller.Connect(serial_config);
-    RealSenseID::Status status = device_controller.Ping();
-    device_controller.Disconnect();
-    return status == RealSenseID::Status::Ok;
-}
 
 static bool DetectDevices(std::vector<FullDeviceInfo>& out_devices_info)
 {
@@ -237,45 +229,7 @@ static bool DetectDevices(std::vector<FullDeviceInfo>& out_devices_info)
     }
     return true;
 }
-static int FindSerialInDeviceInfoList(const std::string& serial, const std::vector<FullDeviceInfo>& list)
-{
-    for (int i = 0; i < list.size(); ++i)
-    {
-        if (serial.compare(list.at(i).metadata->serial_number) == 0)
-        {
-            return i;
-        }
-    }
-    return -1; // not found
-}
 
-static bool RedetectDevice(int min_wait_seconds, int max_wait_seconds, bool auto_detect, FullDeviceInfo& selected_device)
-{
-    bool isDeviceAlive = false;
-    std::this_thread::sleep_for(std::chrono::seconds(min_wait_seconds));
-    int waitCounter = min_wait_seconds;
-    while (!isDeviceAlive && waitCounter < max_wait_seconds)
-    {
-        std::this_thread::sleep_for(std::chrono::seconds(1));
-        waitCounter++;
-        std::cout << "Waited for device to become available for " << waitCounter << " seconds" << std::endl;
-        if (auto_detect)
-        {
-            std::string previous_serial_number = selected_device.metadata->serial_number;
-            std::vector<FullDeviceInfo> devices_info;
-            if (!DetectDevices(devices_info))
-                continue;
-            int id = FindSerialInDeviceInfoList(selected_device.metadata->serial_number, devices_info);
-            if (id < 0)
-                continue;
-            FullDeviceInfo& new_device_info = devices_info.at(id);
-            selected_device.config = std::move(new_device_info.config);
-            selected_device.metadata = std::move(new_device_info.metadata);
-        }
-        isDeviceAlive = IsDeviceAlive(RealSenseID::SerialConfig({selected_device.config->serialPort}));
-    }
-    return isDeviceAlive;
-}
 
 struct FwUpdaterCliEventHandler : public RealSenseID::FwUpdater::EventHandler
 {
@@ -305,173 +259,174 @@ struct FwUpdaterCliEventHandler : public RealSenseID::FwUpdater::EventHandler
 
 int main(int argc, char* argv[])
 {
-    // parse cli args
-    auto args = ParseCommandLineArgs(argc, argv);
-    if (!args.is_valid)
-        return FAILURE_MAIN;
+    try
+    {
+        // parse cli args
+        auto args = ParseCommandLineArgs(argc, argv);
+        if (!args.is_valid)
+            return FAILURE_MAIN;
 
-    // populate device list
+        // populate device list
 
-    FullDeviceInfo selected_device;
-    bool auto_detect = args.serial_port.empty();
-    if (auto_detect)
-    {
-        std::vector<FullDeviceInfo> devices_info;
-        if (!DetectDevices(devices_info))
+        FullDeviceInfo selected_device;
+        bool auto_detect = args.serial_port.empty();
+        if (auto_detect)
         {
-            return FAILURE_MAIN;
+            std::vector<FullDeviceInfo> devices_info;
+            if (!DetectDevices(devices_info))
+            {
+                return FAILURE_MAIN;
+            }
+            // if more than one device exists - ask user to select
+            auto id = devices_info.size() == 1 ? 0 : UserDeviceSelection(devices_info);
+            selected_device.config = std::move(devices_info.at(id).config);
+            selected_device.metadata = std::move(devices_info.at(id).metadata);
         }
-        // if more than one device exists - ask user to select
-        auto id = devices_info.size() == 1 ? 0 : UserDeviceSelection(devices_info);
-        selected_device.config = std::move(devices_info.at(id).config);
-        selected_device.metadata = std::move(devices_info.at(id).metadata);
-    }
-    else
-    {
-        std::cout << "Using manual device selection...\n\n";
+        else
+        {
+            std::cout << "Using manual device selection...\n\n";
 
-        auto metadata = QueryDeviceMetadata(RealSenseID::SerialConfig {args.serial_port.c_str()});
+            auto metadata = QueryDeviceMetadata(RealSenseID::SerialConfig {args.serial_port.c_str()});
 
-        auto device_info = std::make_unique<RealSenseID::DeviceInfo>();
-        ::strncpy(device_info->serialPort, args.serial_port.data(), args.serial_port.size());
+            auto device_info = std::make_unique<RealSenseID::DeviceInfo>();
+            ::strncpy(device_info->serialPort, args.serial_port.data(), args.serial_port.size());
 
-        selected_device = {std::make_unique<DeviceMetadata>(metadata), std::move(device_info)};
-    }
+            selected_device = {std::make_unique<DeviceMetadata>(metadata), std::move(device_info)};
+        }
 
-    // extract fw version from update file
-    RealSenseID::FwUpdater fw_updater;
+        // extract fw version from update file
+        RealSenseID::FwUpdater fw_updater;
 
-    const auto& bin_path = args.fw_file.c_str();
+        const auto& bin_path = args.fw_file.c_str();
 
-    std::string new_fw_version;
-    std::string new_recognition_version;
-    std::vector<std::string> moduleNames;
-    auto is_valid = fw_updater.ExtractFwInformation(bin_path, new_fw_version, new_recognition_version, moduleNames);
+        std::string new_fw_version;
+        std::string new_recognition_version;
+        std::vector<std::string> moduleNames;
+        auto is_valid = fw_updater.ExtractFwInformation(bin_path, new_fw_version, new_recognition_version, moduleNames);
 
-    if (!is_valid)
-    {
-        std::cout << "Invalid firmware file !\n";
-        return FAILURE_MAIN;
-    }
+        if (!is_valid)
+        {
+            std::cout << "Invalid firmware file !\n";
+            return FAILURE_MAIN;
+        }
 
-    if (!fw_updater.IsEncryptionSupported(bin_path, selected_device.metadata->serial_number))
-    {
-        std::cout << "Device does not support the encryption applied on the firmware. Replace firmware binary.\n";
-        return FAILURE_MAIN;
-    }
+        RealSenseID::FwUpdater::Settings settings;
+        settings.port = selected_device.config->serialPort;
+        settings.force_full = args.force_full;
 
-    // check compatibility with host
-    const auto& current_fw_version = selected_device.metadata->fw_version;
-    const auto current_compatible = RealSenseID::IsFwCompatibleWithHost(current_fw_version);
-    const auto new_compatible = RealSenseID::IsFwCompatibleWithHost(new_fw_version);
+        int expectedSkuVer = 0, deviceSkuVer = 0;
+        if (!fw_updater.IsSkuCompatible(settings, bin_path, expectedSkuVer, deviceSkuVer))
+        {
+            std::cout
+                << "Device does not support the encryption applied on the firmware.\nReplace firmware binary to SKU"
+                << deviceSkuVer << "\n";
+            return FAILURE_MAIN;
+        }
 
-    const auto& current_recognition_version = selected_device.metadata->recognition_version;
-    const auto is_database_compatible = current_recognition_version == new_recognition_version;
+        // check compatibility with host
+        const auto& current_fw_version = selected_device.metadata->fw_version;
+        const auto current_compatible = RealSenseID::IsFwCompatibleWithHost(current_fw_version);
+        const auto new_compatible = RealSenseID::IsFwCompatibleWithHost(new_fw_version);
 
-    // show summary to user - update path, compatibility checks
-    std::cout << "\n";
-    std::cout << "Summary:\n";
-    std::cout << " * Serial number: " << selected_device.metadata->serial_number << "\n";
-    std::cout << " * Serial port: " << selected_device.config->serialPort << "\n";
-    std::cout << " * " << (current_compatible ? "Compatible" : "Incompatible") << " with current device firmware\n";
-    std::cout << " * " << (new_compatible ? "Compatible" : "Incompatible") << " with new device firmware\n";
-    std::cout << " * Firmware update path:\n";
-    std::cout << "     * OPFW: " << current_fw_version << " -> " << new_fw_version << "\n";
-    std::cout << "     * RECOG: " << current_recognition_version << " -> " << new_recognition_version << "\n";
-    std::cout << "\n";
+        const auto& current_recognition_version = selected_device.metadata->recognition_version;
+        const auto is_database_compatible = current_recognition_version == new_recognition_version;
 
-    RealSenseID::FwUpdater::Settings settings;
-    settings.port = selected_device.config->serialPort;
-    settings.force_full = args.force_full;
-    auto updatePolicyInfo = fw_updater.DecideUpdatePolicy(settings, args.fw_file.c_str());
-    if (updatePolicyInfo.policy == RealSenseID::FwUpdater::UpdatePolicyInfo::UpdatePolicy::NOT_ALLOWED)
-    {
-        // Currently never returned
-        std::cout
-            << "Update from current device firmware to selected firmware file is unsupported by this host application."
-            << std::endl;
-        return FAILURE_MAIN;
-    }
-    if (updatePolicyInfo.policy == RealSenseID::FwUpdater::UpdatePolicyInfo::UpdatePolicy::REQUIRE_INTERMEDIATE_FW)
-    {
-        std::cout << "Firmware cannot be updated directly to the chosen version.\n"
-                  << "Flash firmware version " << updatePolicyInfo.intermediate << " first." << std::endl;
-        return FAILURE_MAIN;
-    }
+        // show summary to user - update path, compatibility checks
+        std::cout << "\n";
+        std::cout << "Summary:\n";
+        std::cout << " * Serial number: " << selected_device.metadata->serial_number << "\n";
+        std::cout << " * Serial port: " << selected_device.config->serialPort << "\n";
+        std::cout << " * " << (current_compatible ? "Compatible" : "Incompatible") << " with current device firmware\n";
+        std::cout << " * " << (new_compatible ? "Compatible" : "Incompatible") << " with new device firmware\n";
+        std::cout << " * Firmware update path:\n";
+        std::cout << "     * OPFW: " << current_fw_version << " -> " << new_fw_version << "\n";
+        std::cout << "     * RECOG: " << current_recognition_version << " -> " << new_recognition_version << "\n";
+        std::cout << "\n";
 
-    // ask user for approval if interactive
-    if (args.is_interactive)
-    {
-        std::cout << "Proceed with update? (y/n)\n";
-        bool user_agreed = UserApproval();
-        if (!user_agreed)
+        auto updatePolicyInfo = fw_updater.DecideUpdatePolicy(settings, args.fw_file.c_str());
+        if (updatePolicyInfo.policy == RealSenseID::FwUpdater::UpdatePolicyInfo::UpdatePolicy::NOT_ALLOWED)
+        {
+            // Currently never returned
+            std::cout << "Update from current device firmware to selected firmware file is unsupported by this host "
+                         "application."
+                      << std::endl;
             return FAILURE_MAIN;
-        std::cout << "\n";
-    }
+        }
+        if (updatePolicyInfo.policy == RealSenseID::FwUpdater::UpdatePolicyInfo::UpdatePolicy::REQUIRE_INTERMEDIATE_FW)
+        {
+            std::cout << "Firmware cannot be updated directly to the chosen version.\n"
+                      << "Flash firmware version " << updatePolicyInfo.intermediate << " first." << std::endl;
+            return FAILURE_MAIN;
+        }
 
-    // allow bypass of incompatible version if forced
-    if (!new_compatible && !args.force_version)
-    {
-        std::cout << "Version is incompatible with the current host version!\n";
-        std::cout << "Use --force-version to force the update.\n ";
-        return FAILURE_MAIN;
-    }
+        // ask user for approval if interactive
+        if (args.is_interactive)
+        {
+            std::cout << "Proceed with update? (y/n)\n";
+            bool user_agreed = UserApproval();
+            if (!user_agreed)
+                return FAILURE_MAIN;
+            std::cout << "\n";
+        }
 
-    bool update_recognition = is_database_compatible || args.auto_approve ? true : false;
-    if (!is_database_compatible)
-    {
-        std::cout << "Clear faceprints database and update the recognition module? (y/n)\n";
-        if (args.auto_approve)
-            std::cout << "Auto approve: (y)" << std::endl;
-        else
-            update_recognition = UserApproval();
-        std::cout << "\n";
-    }
+        // allow bypass of incompatible version if forced
+        if (!new_compatible && !args.force_version)
+        {
+            std::cout << "Version is incompatible with the current host version!\n";
+            std::cout << "Use --force-version to force the update.\n ";
+            return FAILURE_MAIN;
+        }
 
-    if (!update_recognition)
-    {
-        moduleNames.erase(std::remove_if(moduleNames.begin(), moduleNames.end(),
-                                         [](const std::string& moduleName) { return moduleName.compare(RECOG) == 0; }),
-                          moduleNames.end());
-    }
-    auto numberOfModules = moduleNames.size();
-    auto success = false;
-    if (updatePolicyInfo.policy == RealSenseID::FwUpdater::UpdatePolicyInfo::UpdatePolicy::CONTINOUS)
-    {
-        std::unique_ptr<FwUpdaterCliEventHandler> event_handler = std::make_unique<FwUpdaterCliEventHandler>(0.f, 1.f);
-        RealSenseID::Status status =
-            fw_updater.UpdateModules(event_handler.get(), settings, args.fw_file.c_str(), moduleNames);
-        success = status == RealSenseID::Status::Ok;
-    }
-    else if (updatePolicyInfo.policy == RealSenseID::FwUpdater::UpdatePolicyInfo::UpdatePolicy::OPFW_FIRST)
-    {
-        std::unique_ptr<FwUpdaterCliEventHandler> event_handler =
-            std::make_unique<FwUpdaterCliEventHandler>(0.f, 1.f / numberOfModules);
-        // attempt firmware update and return success/failure according to result
-        std::vector<std::string> opfwModuleVec;
-        opfwModuleVec.push_back(OPFW);
-        success = fw_updater.UpdateModules(event_handler.get(), settings, args.fw_file.c_str(), opfwModuleVec) ==
-                  RealSenseID::Status::Ok;
-        if (success)
+        bool update_recognition = is_database_compatible || args.auto_approve ? true : false;
+        if (!is_database_compatible)
+        {
+            std::cout << "Clear faceprints database and update the recognition module? (y/n)\n";
+            if (args.auto_approve)
+                std::cout << "Auto approve: (y)" << std::endl;
+            else
+                update_recognition = UserApproval();
+            std::cout << "\n";
+        }
+
+        if (!update_recognition)
         {
+            moduleNames.erase(
+                std::remove_if(moduleNames.begin(), moduleNames.end(),
+                               [](const std::string& moduleName) { return moduleName.compare(RECOG) == 0; }),
+                moduleNames.end());
+        }        
+        auto success = false;
+        if (updatePolicyInfo.policy == RealSenseID::FwUpdater::UpdatePolicyInfo::UpdatePolicy::CONTINOUS)
+        {
+            std::unique_ptr<FwUpdaterCliEventHandler> event_handler =
+                std::make_unique<FwUpdaterCliEventHandler>(0.f, 1.f);
+            RealSenseID::Status status =
+                fw_updater.UpdateModules(event_handler.get(), settings, args.fw_file.c_str(), moduleNames);
+            success = status == RealSenseID::Status::Ok;
+        }
+        else if (updatePolicyInfo.policy == RealSenseID::FwUpdater::UpdatePolicyInfo::UpdatePolicy::OPFW_FIRST)
+        {
+            // make sure OPFW is first module
             moduleNames.erase(
                 std::remove_if(moduleNames.begin(), moduleNames.end(),
                                [](const std::string& moduleName) { return moduleName.compare(OPFW) == 0; }),
                 moduleNames.end());
-            bool isDeviceAlive = RedetectDevice(MIN_WAIT_FOR_DEVICE, MAX_WAIT_FOR_DEVICE, auto_detect, selected_device);
-            if (isDeviceAlive)
-            {
-                settings.port = selected_device.config->serialPort;
-                event_handler = std::make_unique<FwUpdaterCliEventHandler>(1.f / numberOfModules, 1.f);
-                RealSenseID::Status status =
-                    fw_updater.UpdateModules(event_handler.get(), settings, args.fw_file.c_str(), moduleNames);
-                success = status == RealSenseID::Status::Ok;
-            }
+            moduleNames.insert(moduleNames.begin(), OPFW);
+            settings.port = selected_device.config->serialPort;
+            auto event_handler = std::make_unique<FwUpdaterCliEventHandler>(0.f, 1.f);
+            RealSenseID::Status status =
+                fw_updater.UpdateModules(event_handler.get(), settings, args.fw_file.c_str(), moduleNames);
+            success = status == RealSenseID::Status::Ok;
         }
-    }
 
-    std::cout << "\n\n";
-    std::cout << "Firmware update" << (success ? " finished successfully " : " failed ") << "\n";
+        std::cout << "\n\n";
+        std::cout << "Firmware update" << (success ? " finished successfully " : " failed ") << "\n";
 
-    return success ? SUCCESS_MAIN : FAILURE_MAIN;
+        return success ? SUCCESS_MAIN : FAILURE_MAIN;
+    }
+    catch (const std::exception& ex)
+    {
+        std::cerr << "Exception occured: " << ex.what() << std::endl;
+        return FAILURE_MAIN;
+    }
 }
diff --git a/tools/rsid-viewer/App.config b/tools/rsid-viewer/App.config
index 1f1eba6..8ae4d16 100644
--- a/tools/rsid-viewer/App.config
+++ b/tools/rsid-viewer/App.config
@@ -17,7 +17,7 @@
         <value>True</value>
       </setting>
       <setting name="Port" serializeAs="String">
-        <value>COM13</value>
+        <value>COM4</value>
       </setting>
       <setting name="DumpDir" serializeAs="String">
         <value>dumps</value>
diff --git a/tools/rsid-viewer/AuthSettingsInput.xaml b/tools/rsid-viewer/AuthSettingsInput.xaml
index db2d93c..d6662c8 100644
--- a/tools/rsid-viewer/AuthSettingsInput.xaml
+++ b/tools/rsid-viewer/AuthSettingsInput.xaml
@@ -26,11 +26,11 @@
                 </Grid.ColumnDefinitions>
                 <TextBlock x:Name="FaceSelectionPolicyLabel" HorizontalAlignment="Left" TextWrapping="Wrap" Text="Face Selection" VerticalAlignment="Center" Foreground="{DynamicResource PrimaryText}" FontSize="14"/>
                 <RadioButton x:Name="FaceSelectionPolicySingle" Content="Single" VerticalAlignment="Center" d:LayoutOverrides="Width" Grid.Column="1" IsChecked="True" Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
-                <RadioButton x:Name="FaceSelectionPolicyAll" Content="All" VerticalAlignment="Center" Grid.Column="2" Foreground="{DynamicResource PrimaryText}" d:LayoutOverrides="Width" Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
+                <RadioButton x:Name="FaceSelectionPolicyAll" Content="Multi" VerticalAlignment="Center" Grid.Column="2" Foreground="{DynamicResource PrimaryText}" d:LayoutOverrides="Width" Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
                 <!--<RadioButton x:Name="SecurityLevelRecognitionOnly" Content="RecognitionOnly" VerticalAlignment="Center" Grid.Column="3" Foreground="{DynamicResource PrimaryText}" d:LayoutOverrides="Width" Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>-->
             </Grid>
-            
-            <!-- server mode -->
+
+            <!-- host mode -->
             <Grid VerticalAlignment="Top" Margin="0,0,0,24">
                 <Grid.ColumnDefinitions>
                     <ColumnDefinition Width="3*"/>
@@ -38,60 +38,40 @@
                     <ColumnDefinition Width="2*"/>
                 </Grid.ColumnDefinitions>
                 <TextBlock x:Name="ServerModeLabel" HorizontalAlignment="Left" TextWrapping="Wrap" Text="Host Mode" VerticalAlignment="Center" Foreground="{DynamicResource PrimaryText}" FontSize="14"/>
-                <RadioButton x:Name="ServerModeYes" Content="Yes" VerticalAlignment="Center" d:LayoutOverrides="Width" Grid.Column="1" Foreground="{DynamicResource PrimaryText}" IsChecked="True" Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
-                <RadioButton x:Name="ServerModeNo" Content="No" VerticalAlignment="Center" Grid.Column="2" Foreground="{DynamicResource PrimaryText}" d:LayoutOverrides="Width" Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
+                <RadioButton x:Name="ServerModeNo" Content="Disabled" VerticalAlignment="Center" Grid.Column="1" Foreground="{DynamicResource PrimaryText}" d:LayoutOverrides="Width" Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
+                <RadioButton x:Name="ServerModeYes" Content="Enabled" VerticalAlignment="Center" d:LayoutOverrides="Width" Grid.Column="2" Foreground="{DynamicResource PrimaryText}" IsChecked="True" Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
             </Grid>
-
-            <!-- Anti spoof level -->
+            <!-- preview format -->
             <Grid VerticalAlignment="Top" Margin="0,0,0,24">
                 <Grid.ColumnDefinitions>
                     <ColumnDefinition Width="3*"/>
                     <ColumnDefinition Width="2*"/>
                     <ColumnDefinition Width="2*"/>
-                    <ColumnDefinition Width="2*"/>
                 </Grid.ColumnDefinitions>
-                <TextBlock x:Name="SecurityLevelLabel" HorizontalAlignment="Left" TextWrapping="Wrap" Text="Anti Spoofing Level" VerticalAlignment="Center" Foreground="{DynamicResource PrimaryText}" FontSize="14"/>
-                <RadioButton x:Name="SecurityLevelHigh" Content="High" VerticalAlignment="Center" d:LayoutOverrides="Width" Grid.Column="1" IsChecked="True" Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
-                <RadioButton x:Name="SecurityLevelMedium" Content="Medium" VerticalAlignment="Center" Grid.Column="2" Foreground="{DynamicResource PrimaryText}" d:LayoutOverrides="Width" Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
-                <RadioButton x:Name="SecurityLevelLow" Content="Low" VerticalAlignment="Center" Grid.Column="3" Foreground="{DynamicResource PrimaryText}" d:LayoutOverrides="Width" Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
-            </Grid>
+                <TextBlock x:Name="previewModeLabel" HorizontalAlignment="Left" TextWrapping="Wrap" Text="Preview Format" VerticalAlignment="Center" Foreground="{DynamicResource PrimaryText}" FontSize="14"/>
+                <RadioButton x:Name="PreviewModeMJPEG_1080P" Content="1080p" VerticalAlignment="Center" d:LayoutOverrides="Width" 
+                 Grid.Column="1" Foreground="{DynamicResource PrimaryText}" 
+                 IsChecked="True" Style="{DynamicResource RadioButtonStyle1}" FontSize="14" ToolTip="MJPEG 1080P"/>
 
-            <!-- Matcher confidence level -->
-            <Grid VerticalAlignment="Top" Margin="0,0,0,24">
-                <Grid.ColumnDefinitions>
-                    <ColumnDefinition Width="3*"/>
-                    <ColumnDefinition Width="2*"/>
-                    <ColumnDefinition Width="2*"/>
-                    <ColumnDefinition Width="2*"/>
-                </Grid.ColumnDefinitions>
-                <TextBlock x:Name="Confidence" HorizontalAlignment="Left" TextWrapping="Wrap" Text="Confidence Level" VerticalAlignment="Center" Foreground="{DynamicResource PrimaryText}" FontSize="14"/>
-                <RadioButton x:Name="ConfidenceHigh" Content="High" VerticalAlignment="Center" d:LayoutOverrides="Width" Grid.Column="1" Foreground="{DynamicResource PrimaryText}" IsChecked="True" Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
-                <RadioButton x:Name="ConfidenceMedium" Content="Medium" VerticalAlignment="Center" Grid.Column="2" Foreground="{DynamicResource PrimaryText}" d:LayoutOverrides="Width" Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
-                <RadioButton x:Name="ConfidenceLow" Content="Low" VerticalAlignment="Center" Grid.Column="3" Foreground="{DynamicResource PrimaryText}" d:LayoutOverrides="Width"  Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
-            </Grid>
+                <RadioButton x:Name="PreviewModeMJPEG_720P" Content="720p" VerticalAlignment="Center" 
+                 Grid.Column="2" Foreground="{DynamicResource PrimaryText}" d:LayoutOverrides="Width"
+                 Style="{DynamicResource RadioButtonStyle1}" FontSize="14" ToolTip="MJPEG 720P"/>
 
-            <!-- preview format -->
+            </Grid>
+            <!-- dump mode-->
             <Grid VerticalAlignment="Top" Margin="0,0,0,24">
                 <Grid.ColumnDefinitions>
                     <ColumnDefinition Width="3*"/>
                     <ColumnDefinition Width="2*"/>
                     <ColumnDefinition Width="2*"/>
-                    <ColumnDefinition Width="2*"/>
                 </Grid.ColumnDefinitions>
-                <TextBlock x:Name="previewModeLabel" HorizontalAlignment="Left" TextWrapping="Wrap" Text="Preview Format" VerticalAlignment="Center" Foreground="{DynamicResource PrimaryText}" FontSize="14"/>
-                <RadioButton x:Name="PreviewModeMJPEG_1080P" Content="1080p" VerticalAlignment="Center" d:LayoutOverrides="Width" 
-                             Grid.Column="1" Foreground="{DynamicResource PrimaryText}" 
-                             IsChecked="True" Style="{DynamicResource RadioButtonStyle1}" FontSize="14" ToolTip="MJPEG 1080P"/>
-
-                <RadioButton x:Name="PreviewModeMJPEG_720P" Content="720p" VerticalAlignment="Center" 
-                             Grid.Column="2" Foreground="{DynamicResource PrimaryText}" d:LayoutOverrides="Width"
-                             Style="{DynamicResource RadioButtonStyle1}" FontSize="14" ToolTip="MJPEG 720P"/>
-
-                <RadioButton x:Name="PreviewModeRAW10_1080P" Content="RAW10" VerticalAlignment="Center"
-			         Grid.Column="3" Foreground="{DynamicResource PrimaryText}" d:LayoutOverrides="Width"
-			         Style="{DynamicResource RadioButtonStyle1}" FontSize="14" ToolTip="Raw10"/>
+                <TextBlock x:Name="DumpingLabel" HorizontalAlignment="Left" TextWrapping="Wrap" Text="Dump Mode" VerticalAlignment="Center" Foreground="{DynamicResource PrimaryText}" FontSize="14"/>
+                <RadioButton x:Name="DumpModeNone" Content="Disabled" VerticalAlignment="Center" d:LayoutOverrides="Width" Grid.Column="1" Foreground="{DynamicResource PrimaryText}" IsChecked="True" Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
+                <RadioButton x:Name="DumpModeFull" Content="Enabled" VerticalAlignment="Center" Grid.Column="3" Foreground="{DynamicResource PrimaryText}" d:LayoutOverrides="Width"  Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
             </Grid>
-            <!-- dump mode-->
+
+            
+            <!-- Matcher confidence level -->
             <Grid VerticalAlignment="Top" Margin="0,0,0,24">
                 <Grid.ColumnDefinitions>
                     <ColumnDefinition Width="3*"/>
@@ -99,12 +79,14 @@
                     <ColumnDefinition Width="2*"/>
                     <ColumnDefinition Width="2*"/>
                 </Grid.ColumnDefinitions>
-                <TextBlock x:Name="DumpingLabel" HorizontalAlignment="Left" TextWrapping="Wrap" Text="Dump Mode" VerticalAlignment="Center" Foreground="{DynamicResource PrimaryText}" FontSize="14"/>
-                <RadioButton x:Name="DumpModeNone" Content="None" VerticalAlignment="Center" d:LayoutOverrides="Width" Grid.Column="1" Foreground="{DynamicResource PrimaryText}" IsChecked="True" Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
-                <RadioButton x:Name="DumpModeCropped" Content="Cropped" VerticalAlignment="Center" Grid.Column="2" Foreground="{DynamicResource PrimaryText}" d:LayoutOverrides="Width" Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
-                <RadioButton x:Name="DumpModeFull" Content="Full" VerticalAlignment="Center" Grid.Column="3" Foreground="{DynamicResource PrimaryText}" d:LayoutOverrides="Width"  Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
+                <TextBlock x:Name="Confidence" HorizontalAlignment="Left" TextWrapping="Wrap" Text="Security Level" VerticalAlignment="Center" Foreground="{DynamicResource PrimaryText}" FontSize="14"/>
+                <RadioButton x:Name="ConfidenceHigh" Content="High" VerticalAlignment="Center" d:LayoutOverrides="Width" Grid.Column="1" Foreground="{DynamicResource PrimaryText}" IsChecked="True" Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
+                <RadioButton x:Name="ConfidenceMedium" Content="Medium" VerticalAlignment="Center" Grid.Column="2" Foreground="{DynamicResource PrimaryText}" d:LayoutOverrides="Width" Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
+                <RadioButton x:Name="ConfidenceLow" Content="Low" VerticalAlignment="Center" Grid.Column="3" Foreground="{DynamicResource PrimaryText}" d:LayoutOverrides="Width"  Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
             </Grid>
 
+            
+
             <!-- Algo Flow mode-->
             <Grid VerticalAlignment="Top" Margin="0,0,0,24">
                 <Grid.ColumnDefinitions>
@@ -114,7 +96,7 @@
                     <ColumnDefinition Width="2*"/>
                     <ColumnDefinition Width="2*"/>
                 </Grid.ColumnDefinitions>
-                <TextBlock x:Name="AlgoFlowLabel" Grid.Column="0" HorizontalAlignment="Left" TextWrapping="Wrap" Text="Algo Flow" VerticalAlignment="Center" Foreground="{DynamicResource PrimaryText}" FontSize="14"/>
+                <TextBlock x:Name="AlgoFlowLabel" Grid.Column="0" HorizontalAlignment="Left" TextWrapping="Wrap" Text="Operation Mode" Foreground="{DynamicResource PrimaryText}" FontSize="14"/>
 
                 <RadioButton x:Name="AlgoFlow_All" Content="All" VerticalAlignment="Center" 
                              Grid.Column="1" Foreground="{DynamicResource PrimaryText}" d:LayoutOverrides="Width"
@@ -150,7 +132,6 @@
                 <RadioButton x:Name="CameraRotation270" Content="270°" VerticalAlignment="Center" d:LayoutOverrides="Width" Grid.Column="4" Foreground="{DynamicResource PrimaryText}" IsChecked="True" Style="{DynamicResource RadioButtonStyle1}" FontSize="14"/>
 
             </Grid>
-
         </StackPanel>
         <Border x:Name="Firmware" VerticalAlignment="Top" Padding="24,16" BorderThickness="0,1,0,0">
             <Border.BorderBrush>
@@ -164,11 +145,24 @@
                 <Grid.ColumnDefinitions>
                     <ColumnDefinition Width="Auto"/>
                     <ColumnDefinition Width="269"/>
+                    <ColumnDefinition Width="*"/>
                 </Grid.ColumnDefinitions>
                 <TextBlock x:Name="DialogTitle" HorizontalAlignment="Left" TextWrapping="Wrap" Text="Firmware update" VerticalAlignment="Center" Foreground="{DynamicResource PrimaryText}" FontSize="14" Grid.ColumnSpan="2"/>
                 <TextBlock x:Name="FirmwareVersionTitle" HorizontalAlignment="Left" TextWrapping="Wrap" Text="Current version" VerticalAlignment="Center" Foreground="{DynamicResource SecondaryText}" Grid.Row="1"/>
                 <TextBlock x:Name="FirmwareVersionNumber" HorizontalAlignment="Left" TextWrapping="Wrap" Text="" VerticalAlignment="Center" Foreground="{DynamicResource SecondaryText}" Grid.Column="1" Grid.Row="1" d:LayoutOverrides="HorizontalAlignment" Margin="8,0,0,0"/>
+
                 <Button x:Name="UpdateFirmwareButton" AutomationProperties.AutomationId="UpdateFirmwareButton" Click="UpdateFirmwareButton_Click" Content="BROWSE" HorizontalAlignment="Center" d:LayoutOverrides="Height" Grid.Column="1" Style="{DynamicResource ButtonStyle1}" VerticalAlignment="Center" Margin="103,0,80,0"/>
+                <WrapPanel Grid.Column="2" Grid.Row="0"   HorizontalAlignment="Left"  VerticalAlignment="Center">
+                    <CheckBox x:Name="ForceUpdateChk" VerticalAlignment="Center"/>
+                    <Label Content="Force update" VerticalAlignment="Center"/>
+                </WrapPanel>
+                <StackPanel Grid.Row="1" Grid.Column="1" Margin="106,2,0,0">
+                    <TextBlock x:Name="CheckForUpdatesLink" Visibility="Visible">
+                        <Hyperlink Click="CheckForUpdates_Click" FontSize="11">Check For Updates</Hyperlink>
+                    </TextBlock>
+                    <ProgressBar x:Name="CheckUpdatesBar" Foreground="{DynamicResource ProgressBrush }" IsIndeterminate="True" Visibility="Collapsed" Width="90" Height="11" HorizontalAlignment="Left"/>
+                </StackPanel>
+
             </Grid>
         </Border>
         <Border x:Name="Buttons" d:LayoutOverrides="TopPosition, BottomPosition" BorderThickness="0,1,0,0" Padding="24,16">
diff --git a/tools/rsid-viewer/AuthSettingsInput.xaml.cs b/tools/rsid-viewer/AuthSettingsInput.xaml.cs
index 911b55a..b6df6ce 100644
--- a/tools/rsid-viewer/AuthSettingsInput.xaml.cs
+++ b/tools/rsid-viewer/AuthSettingsInput.xaml.cs
@@ -3,11 +3,16 @@
 
 using Microsoft.Win32;
 using rsid;
+using System;
 using System.IO;
 using System.Reflection;
 using System.Windows;
 using System.Windows.Input;
-
+using System.Threading.Tasks;
+using System.Collections.Generic;
+using System.Runtime.Remoting.Lifetime;
+using System.Threading;
+using static rsid_wrapper_csharp.MainWindow;
 
 namespace rsid_wrapper_csharp
 {
@@ -16,21 +21,28 @@ namespace rsid_wrapper_csharp
     /// </summary>
     public partial class AuthSettingsInput : Window
     {
-        private string Sku { get; set; }
+        private MainWindow MyMainWindow { get => (MainWindow)this.Owner; }
+        private SerialConfig serialConfig;
+        private CancellationTokenSource cts = new CancellationTokenSource();
         public DeviceConfig Config { get; private set; }
         public MainWindow.FlowMode FlowMode { get; private set; }
         public PreviewConfig PreviewConfig { get; private set; }
         public string FirmwareFileName { get; private set; } = string.Empty;
+        public bool ForceFirmwareUpdate { get; private set; } = false;
 
-        public AuthSettingsInput(string fwVersion, string sku, DeviceConfig? config,PreviewConfig? previewConfig, MainWindow.FlowMode flowMode, bool previewEnabled)
+        public AuthSettingsInput(string fwVersion, DeviceConfig? config,
+            PreviewConfig? previewConfig,
+            MainWindow.FlowMode flowMode,
+            bool previewEnabled, 
+            SerialConfig serialConfig)
         {
             this.Owner = Application.Current.MainWindow;
+            this.serialConfig = serialConfig;
 
             InitializeComponent();
 
             // Init dialog values according to current config
             FirmwareVersionNumber.Text = fwVersion;
-            Sku = sku;
             var hasConfig = config.HasValue;
             if (hasConfig)
             {
@@ -39,12 +51,7 @@ public AuthSettingsInput(string fwVersion, string sku, DeviceConfig? config,Prev
                 PreviewConfig = previewConfig.Value;
                 UpdateUiSettingsValues(config.Value, previewConfig.Value, flowMode);
             }
-
-            // enable/disable controls 
-            SecurityLevelHigh.IsEnabled = hasConfig;
-            SecurityLevelMedium.IsEnabled = hasConfig;
-            SecurityLevelLow.IsEnabled = hasConfig;
-
+            
             FaceSelectionPolicySingle.IsEnabled = hasConfig;
             FaceSelectionPolicyAll.IsEnabled = hasConfig;
 
@@ -66,23 +73,17 @@ public AuthSettingsInput(string fwVersion, string sku, DeviceConfig? config,Prev
             ConfidenceLow.IsEnabled = hasConfig;
 
             bool previewEnabledAuth = previewEnabled && hasConfig;
-            
+
             PreviewModeMJPEG_1080P.IsEnabled = previewEnabledAuth;
-            PreviewModeMJPEG_720P.IsEnabled = previewEnabledAuth;
-            PreviewModeRAW10_1080P.IsEnabled = previewEnabledAuth;
+            PreviewModeMJPEG_720P.IsEnabled = previewEnabledAuth;            
 
-            DumpModeNone.IsEnabled = previewEnabledAuth;
-            DumpModeCropped.IsEnabled = previewEnabledAuth;
+            DumpModeNone.IsEnabled = previewEnabledAuth;            
             DumpModeFull.IsEnabled = previewEnabledAuth;
         }
 
 
         private void UpdateUiSettingsValues(DeviceConfig deviceConfig, PreviewConfig previewConfig, MainWindow.FlowMode flowMode)
-        {
-            SecurityLevelHigh.IsChecked = deviceConfig.securityLevel == DeviceConfig.SecurityLevel.High;
-            SecurityLevelMedium.IsChecked = deviceConfig.securityLevel == DeviceConfig.SecurityLevel.Medium;
-            SecurityLevelLow.IsChecked = deviceConfig.securityLevel == DeviceConfig.SecurityLevel.Low;
-
+        {            
             FaceSelectionPolicySingle.IsChecked = deviceConfig.faceSelectionPolicy == DeviceConfig.FaceSelectionPolicy.Single;
             FaceSelectionPolicyAll.IsChecked = deviceConfig.faceSelectionPolicy == DeviceConfig.FaceSelectionPolicy.All;
 
@@ -104,25 +105,17 @@ private void UpdateUiSettingsValues(DeviceConfig deviceConfig, PreviewConfig pre
             CameraRotation270.IsChecked = deviceConfig.cameraRotation == DeviceConfig.CameraRotation.Rotation_270_Deg;
 
             PreviewModeMJPEG_1080P.IsChecked = previewConfig.previewMode == PreviewMode.MJPEG_1080P;
-            PreviewModeMJPEG_720P.IsChecked = previewConfig.previewMode == PreviewMode.MJPEG_720P;
-            PreviewModeRAW10_1080P.IsChecked = previewConfig.previewMode == PreviewMode.RAW10_1080P;
+            PreviewModeMJPEG_720P.IsChecked = previewConfig.previewMode == PreviewMode.MJPEG_720P;            
 
-            DumpModeNone.IsChecked = deviceConfig.dumpMode == DeviceConfig.DumpMode.None;
-            DumpModeCropped.IsChecked = deviceConfig.dumpMode == DeviceConfig.DumpMode.CroppedFace;
+            DumpModeNone.IsChecked = deviceConfig.dumpMode == DeviceConfig.DumpMode.None;            
             DumpModeFull.IsChecked = deviceConfig.dumpMode == DeviceConfig.DumpMode.FullFrame;
         }
 
-        void QueryUiSettingsValues(out DeviceConfig deviceConfig,out PreviewConfig previewConfig, out MainWindow.FlowMode flowMode)
+        void QueryUiSettingsValues(out DeviceConfig deviceConfig, out PreviewConfig previewConfig, out MainWindow.FlowMode flowMode)
         {
             deviceConfig = new DeviceConfig();
             previewConfig = new PreviewConfig();
-
-            // security level/AS level
-            deviceConfig.securityLevel = DeviceConfig.SecurityLevel.Medium;
-            if (SecurityLevelHigh.IsChecked.GetValueOrDefault())
-                deviceConfig.securityLevel = DeviceConfig.SecurityLevel.High;
-            else if (SecurityLevelLow.IsChecked.GetValueOrDefault())
-                deviceConfig.securityLevel = DeviceConfig.SecurityLevel.Low;
+                        
 
             // policy
             if (FaceSelectionPolicyAll.IsChecked.GetValueOrDefault())
@@ -149,17 +142,26 @@ void QueryUiSettingsValues(out DeviceConfig deviceConfig,out PreviewConfig previ
                 deviceConfig.cameraRotation = DeviceConfig.CameraRotation.Rotation_270_Deg;
             else if (CameraRotation180.IsChecked.GetValueOrDefault())
                 deviceConfig.cameraRotation = DeviceConfig.CameraRotation.Rotation_180_Deg;
-           
+
             // flow mode
             flowMode = ServerModeNo.IsChecked.GetValueOrDefault() ? MainWindow.FlowMode.Device : MainWindow.FlowMode.Server;
 
             // matcher confidence level
             if (ConfidenceHigh.IsChecked.GetValueOrDefault())
+            {
                 deviceConfig.matcherConfidenceLevel = MatcherConfidenceLevel.High;
+                deviceConfig.securityLevel = DeviceConfig.SecurityLevel.High;
+            }
             else if (ConfidenceMedium.IsChecked.GetValueOrDefault())
+            {
                 deviceConfig.matcherConfidenceLevel = MatcherConfidenceLevel.Medium;
+                deviceConfig.securityLevel = DeviceConfig.SecurityLevel.Medium;
+            }
             else if (ConfidenceLow.IsChecked.GetValueOrDefault())
+            {
                 deviceConfig.matcherConfidenceLevel = MatcherConfidenceLevel.Low;
+                deviceConfig.securityLevel = DeviceConfig.SecurityLevel.Low;
+            }
 
             previewConfig.portraitMode = deviceConfig.cameraRotation == DeviceConfig.CameraRotation.Rotation_0_Deg || deviceConfig.cameraRotation == DeviceConfig.CameraRotation.Rotation_180_Deg;
 
@@ -167,22 +169,23 @@ void QueryUiSettingsValues(out DeviceConfig deviceConfig,out PreviewConfig previ
                 previewConfig.previewMode = PreviewMode.MJPEG_1080P;
             else if (PreviewModeMJPEG_720P.IsChecked.GetValueOrDefault())
                 previewConfig.previewMode = PreviewMode.MJPEG_720P;
-            else if (PreviewModeRAW10_1080P.IsChecked.GetValueOrDefault()) 
+            else // default mode
                 previewConfig.previewMode = PreviewMode.RAW10_1080P;
 
             // dump mode
             if (DumpModeNone.IsChecked.GetValueOrDefault())
-                deviceConfig.dumpMode = DeviceConfig.DumpMode.None;
-            else if (DumpModeCropped.IsChecked.GetValueOrDefault())
-                deviceConfig.dumpMode = DeviceConfig.DumpMode.CroppedFace;
+                deviceConfig.dumpMode = DeviceConfig.DumpMode.None;            
             else if (DumpModeFull.IsChecked.GetValueOrDefault())
                 deviceConfig.dumpMode = DeviceConfig.DumpMode.FullFrame;
+            else // default is no dump
+                deviceConfig.dumpMode = DeviceConfig.DumpMode.None;
+
         }
 
         private string GetFirmwareDirectory()
         {
             var executablePath = Path.GetDirectoryName(Assembly.GetEntryAssembly()?.Location);
-            var firmwarePath = Path.Combine(Directory.GetParent(executablePath)?.FullName, "firmware", Sku);
+            var firmwarePath = Path.Combine(Directory.GetParent(executablePath)?.FullName, "firmware");
             return Directory.Exists(firmwarePath) ? firmwarePath : executablePath;
         }
 
@@ -201,12 +204,13 @@ private void UpdateFirmwareButton_Click(object sender, RoutedEventArgs e)
                 return;
 
             FirmwareFileName = openFileDialog.FileName;
+            ForceFirmwareUpdate = ForceUpdateChk.IsChecked.Value;
             DialogResult = true;
         }
 
         private void SettingsApplyButton_Click(object sender, RoutedEventArgs e)
         {
-            QueryUiSettingsValues(out DeviceConfig config,out PreviewConfig previewConfig, out MainWindow.FlowMode flowMode);
+            QueryUiSettingsValues(out DeviceConfig config, out PreviewConfig previewConfig, out MainWindow.FlowMode flowMode);
             Config = config;
             FlowMode = flowMode;
             PreviewConfig = previewConfig;
@@ -222,9 +226,9 @@ private void SettingsApplyButton_Click(object sender, RoutedEventArgs e)
                 return;
             }
 
-            if (previewConfig.portraitMode==false && config.securityLevel == DeviceConfig.SecurityLevel.High)
+            if (previewConfig.portraitMode == false && config.securityLevel == DeviceConfig.SecurityLevel.High)
             {
-                var errDialog = new ErrorDialog("High Security not enabled with non-portrait Modes","Change security level or rotation mode");
+                var errDialog = new ErrorDialog("High Security not enabled with non-portrait Modes", "Change security level or rotation mode");
                 errDialog.ShowDialog();
                 DialogResult = null;
                 return;
@@ -244,6 +248,7 @@ private void SettingsApplyButton_Click(object sender, RoutedEventArgs e)
 
         private void SettingsCancelButton_Click(object sender, RoutedEventArgs e)
         {
+            this.cts.Cancel();
             DialogResult = false;
         }
 
@@ -252,5 +257,107 @@ private void Window_MouseDown(object sender, MouseButtonEventArgs e)
             if (e.ChangedButton == MouseButton.Left)
                 this.DragMove();
         }
+
+        private void OnUpdateCheckStart()
+        {
+            UpdateFirmwareButton.IsEnabled = false;
+            SettingsApplyButton.IsEnabled = false;
+            CheckForUpdatesLink.Visibility = Visibility.Collapsed;
+            CheckUpdatesBar.Visibility = Visibility.Visible;
+        }
+
+        private void OnUpdateCheckEnd()
+        {
+            UpdateFirmwareButton.IsEnabled = true;
+            SettingsApplyButton.IsEnabled = true;
+            CheckForUpdatesLink.Visibility = Visibility.Visible;
+            CheckUpdatesBar.Visibility = Visibility.Collapsed;
+        }
+
+        private async void CheckForUpdates_Click(object sender, RoutedEventArgs e)
+        {
+            var operationTimeout = TimeSpan.FromSeconds(8);
+            rsid.UpdateChecker.ReleaseInfo remoteInfo = null;
+            rsid.UpdateChecker.ReleaseInfo localInfo = null;
+            OnUpdateCheckStart();
+
+            var cancellationToken = cts.Token;
+            var timeout = Task.Delay(operationTimeout, cancellationToken);
+            var task1 = Task.Run(() =>
+            {
+                var status = rsid.UpdateChecker.GetRemoteReleaseInfo(out remoteInfo);
+                cancellationToken.ThrowIfCancellationRequested();
+                return status;
+            }, cancellationToken);
+            var task2 = Task.Run(() =>
+            {
+                var status = rsid.UpdateChecker.GetLocalReleaseInfo(serialConfig, out localInfo);
+                cancellationToken.ThrowIfCancellationRequested();
+                return status;
+            }, cancellationToken);
+
+
+            // Wait for either all tasks to complete or the timeout            
+            try
+            {
+                var taskResult = await Task.WhenAny(Task.WhenAll(task1, task2, Task.Delay(1000)), timeout);
+                OnUpdateCheckEnd();
+
+                if (taskResult == timeout)
+                {
+                    if (!taskResult.IsCanceled)
+                        ErrorDialog.Show("Error retreiving Info", "Operation timed out.");
+                    return;
+                }
+
+                var status1 = task1.Result;
+                if (status1 != Status.Ok)
+                {
+
+                    this.MyMainWindow.ShowLog("Error retrieving remote release info. Status: " + status1.ToString());
+                    ErrorDialog.Show(status1.ToString(), "Error retrieving remote release info");
+                    return;
+                }
+
+                MyMainWindow.ShowLog("Remote release info:");
+                MyMainWindow.ShowLog($" * host={remoteInfo.sw_version_str}  fw={remoteInfo.fw_version_str}");
+                MyMainWindow.ShowLog($" * fw={remoteInfo.fw_version_str}");
+
+
+                var status2 = task2.Result;
+                if (status2 != Status.Ok)
+                {
+                    this.MyMainWindow.ShowLog("Error retrieving remote local info. Status: " + status2.ToString());
+                    ErrorDialog.Show(status2.ToString(), "Error retrieving local release info");
+                    return;
+                }
+
+                MyMainWindow.ShowLog("Local release info:");
+                MyMainWindow.ShowLog($" * host={localInfo.sw_version_str}  fw={localInfo.fw_version_str}");
+                MyMainWindow.ShowLog($" * fw={localInfo.fw_version_str}");
+
+
+                new UpdateAvailableDialog(localInfo, remoteInfo).ShowDialog();
+
+
+            }
+            catch (OperationCanceledException)
+
+            {
+                // Handle cancellation
+                MyMainWindow.ShowLog("Check for updates was canceled.");
+            }
+
+            catch (Exception ex)
+            {
+
+                MyMainWindow.ShowLog("Error retrieving release info. Exception: " + ex.Message);
+                ErrorDialog.Show("Error retrieving release info", ex.Message);
+            }
+            finally
+            {
+                OnUpdateCheckEnd();
+            }
+        }
     }
 }
diff --git a/tools/rsid-viewer/CMakeLists.txt b/tools/rsid-viewer/CMakeLists.txt
index 341d2ae..b1c86c8 100644
--- a/tools/rsid-viewer/CMakeLists.txt
+++ b/tools/rsid-viewer/CMakeLists.txt
@@ -14,6 +14,8 @@ add_executable(
     Dictionary1.xaml
     ErrorDialog.xaml
     ErrorDialog.xaml.cs
+	UpdateAvailableDialog.xaml
+	UpdateAvailableDialog.xaml.cs
     OKCancelDialog.xaml
     OKCancelDialog.xaml.cs
     ProgressBarDialog.xaml
@@ -41,13 +43,18 @@ add_executable(
     Properties/Settings.settings
     "FONT AWESOME 5 FREE-REGULAR-400.OTF"
     "FONT AWESOME 5 FREE-SOLID-900.OTF"
-    icon.ico)
+    icon.ico
+	sn.txt)
 
 # add fonts as content
 set_property(SOURCE "FONT AWESOME 5 FREE-REGULAR-400.OTF" PROPERTY VS_TOOL_OVERRIDE "Content")
 set_property(SOURCE "FONT AWESOME 5 FREE-REGULAR-400.OTF" PROPERTY VS_COPY_TO_OUT_DIR "PreserveNewest")
 set_property(SOURCE "FONT AWESOME 5 FREE-SOLID-900.OTF" PROPERTY VS_TOOL_OVERRIDE "Content")
 set_property(SOURCE "FONT AWESOME 5 FREE-SOLID-900.OTF" PROPERTY VS_COPY_TO_OUT_DIR "PreserveNewest")
+# add empty "sn.txt" as content
+set_property(SOURCE "sn.txt" PROPERTY VS_TOOL_OVERRIDE "Content")
+set_property(SOURCE "sn.txt" PROPERTY VS_COPY_TO_OUT_DIR "PreserveNewest")
+
 
 if(RSID_SECURE)
     add_definitions(-DRSID_SECURE)
@@ -84,7 +91,10 @@ csharp_set_xaml_cs_properties(
     AuthSettingsInput.xaml
     AuthSettingsInput.xaml.cs
     DeleteUserInput.xaml
-    DeleteUserInput.xaml.cs)
+    DeleteUserInput.xaml.cs
+	UpdateAvailableDialog.xaml
+	UpdateAvailableDialog.xaml.cs
+	)
 
 # entry point
 set_property(SOURCE App.xaml PROPERTY VS_XAML_TYPE "ApplicationDefinition")
diff --git a/tools/rsid-viewer/ErrorDialog.xaml.cs b/tools/rsid-viewer/ErrorDialog.xaml.cs
index c8ff6c0..4a42d9c 100644
--- a/tools/rsid-viewer/ErrorDialog.xaml.cs
+++ b/tools/rsid-viewer/ErrorDialog.xaml.cs
@@ -41,5 +41,11 @@ private void Window_MouseDown(object sender, MouseButtonEventArgs e)
             if (e.ChangedButton == MouseButton.Left)
                 this.DragMove();
         }
+
+        public static void Show(string title, string message)
+        {
+            var window = new ErrorDialog(title, message);
+            window.ShowDialog();            
+        }
     }
 }
diff --git a/tools/rsid-viewer/FrameDumper.cs b/tools/rsid-viewer/FrameDumper.cs
index e30b53b..ad77d6e 100644
--- a/tools/rsid-viewer/FrameDumper.cs
+++ b/tools/rsid-viewer/FrameDumper.cs
@@ -5,6 +5,9 @@
 using System.Runtime.InteropServices;
 using System.Drawing;
 using System.Drawing.Imaging;
+using System.Diagnostics;
+using System.Threading.Tasks;
+using System.Threading;
 
 namespace rsid_wrapper_csharp
 {
@@ -13,71 +16,89 @@ internal class FrameDumper
         private static readonly TimeSpan MaxFrameAge = TimeSpan.FromMinutes(1);
         private static readonly string Raw10Extension = ".w10";
         private static readonly string ImageExtension = ".png";
+        private static string _fileNamePrefix = "";
         private readonly string _dumpDir;
+        private object _mutex = new object();
 
-        public FrameDumper(string dumpDir)
+        public FrameDumper(string dumpDir, string title)
         {
             // create sub folder for current session.            
             var unixMilliSeconds = ((DateTimeOffset)DateTime.Now).ToUnixTimeMilliseconds();
-            _dumpDir = Path.Combine(dumpDir, $"session_{unixMilliSeconds}");
+            var t = title.Replace(' ', '_');
+            _dumpDir = Path.Combine(dumpDir, $"{t}_session_{unixMilliSeconds}");
 
             Directory.CreateDirectory(_dumpDir);
-            // delete all old frames at start of session
-            CleanOldDumps(TimeSpan.Zero);
+            _fileNamePrefix = title.Contains("Enroll") ? "REG" : "AUTH";
         }
 
         public void DumpPreviewImage(rsid.PreviewImage image)
         {
-            using (var bmp = new Bitmap(image.width, image.height, image.stride, PixelFormat.Format24bppRgb, image.buffer))
+            lock (_mutex)
             {
-                var bmpSrc = ToBitmapSource(bmp);
-                var timestampAvailable = image.metadata.timestamp != 0;
-                var filename = timestampAvailable ? $"timestamp_{image.metadata.timestamp}" : $"frame_{image.number}";
-                var fullPath = Path.Combine(_dumpDir, filename + ImageExtension);
-                DumpBitmapImage(bmpSrc, fullPath);
-            }
-            // clean old dumps and mark algo images every 900 frames (~1/min on 15 fps)
-            if (image.number % 900 == 0)
-            {
-                CleanOldDumps(MaxFrameAge);
+                using (var bmp = new Bitmap(image.width, image.height, image.stride, PixelFormat.Format24bppRgb, image.buffer))
+                {
+                    var bmpSrc = ToBitmapSource(bmp);
+                    var filename = GetFilename(image, ImageExtension);
+                    var fullPath = Path.Combine(_dumpDir, filename);
+                    DumpBitmapImage(bmpSrc, fullPath);
+                }
             }
         }
 
         // Save raw debug frame to dump dir, and the following metadata:
         //    Frame timestamp in micros
         //    Face detection status
-        //    sensorID , led , projector
+        //    sensorID, led
         public void DumpRawImage(rsid.PreviewImage image)
         {
-            string filename;
-            var timestampAvailable = image.metadata.timestamp != 0;
-            var prefix = timestampAvailable ? $"timestamp_{image.metadata.timestamp}" : $"frame_{image.number}";
-            if (timestampAvailable)
+            lock (_mutex)
             {
-                uint status = image.metadata.status;
-                var sensorStr = (image.metadata.sensor_id != 0) ? "right" : "left";
-                var ledStr = (image.metadata.led) ? "led_on" : "led_off";
-                var projectorStr = (image.metadata.projector) ? "projector_on" : "projector_off";
-                filename = $"{prefix}_status_{status}_{sensorStr}_{projectorStr}_{ledStr}{Raw10Extension}";
+                var byteArray = new Byte[image.size];
+                Marshal.Copy(image.buffer, byteArray, 0, image.size);
+                var filename = GetFilename(image, Raw10Extension);
+                var fullPath = Path.Combine(_dumpDir, filename);
+                using (var fs = new FileStream(fullPath, FileMode.Create, FileAccess.Write))
+                {
+                    fs.Write(byteArray, 0, byteArray.Length);
+                }
             }
-            else // metadata isn't valid
-            {
-                filename = $"{prefix}{Raw10Extension}";
+        }
+
+        
+        public void Cancel()
+        {
+            lock (_mutex)
+            {                
+                var file = Path.Combine(_dumpDir, "cancelled.txt");
+                try
+                {
+                    using (FileStream fs = File.Create(file)) { }
+                }
+                catch { }
             }
+        }
 
-            var byteArray = new Byte[image.size];
-            Marshal.Copy(image.buffer, byteArray, 0, image.size);
 
-            var fullPath = Path.Combine(_dumpDir, filename);
-            using (var fs = new FileStream(fullPath, FileMode.Create, FileAccess.Write))
+        // get filename from image metadata
+        private static string GetFilename(rsid.PreviewImage image, string extension)
+        {
+            var timestampAvailable = image.metadata.timestamp != 0;
+            var prefix = timestampAvailable ? $"timestamp_{image.metadata.timestamp}" : $"frame_{image.number}";
+            string filename;
+            if (timestampAvailable)
             {
-                fs.Write(byteArray, 0, byteArray.Length);
+                uint exposure = image.metadata.exposure;
+                uint gain = image.metadata.gain;
+                var ledStr = (image.metadata.led != 0) ? "led_on" : "led_off";
+                var sensorStr = (image.metadata.sensor_id != 0) ? "right" : "left";
+                uint status = image.metadata.status;
+                filename = $"{_fileNamePrefix}_{prefix}_exp_{exposure}_gain_{gain}_{ledStr}_sensor_{sensorStr}_status_{status}{extension}";
             }
-            // clean old dumps every 100 frames 
-            if (image.number % 100 == 0)
+            else // metadata isn't valid
             {
-                CleanOldDumps(MaxFrameAge);
+                filename = $"{prefix}{extension}";
             }
+            return filename;
         }
 
         // needed since the orig image is bgr
@@ -110,24 +131,5 @@ private void DumpBitmapImage(BitmapSource bitmap, string fullPath)
         }
 
 
-        // Delete frames older than MaxAgeSeconds
-        private void CleanOldDumps(TimeSpan maxAge)
-        {
-            // delete all frames
-            if (maxAge == TimeSpan.Zero)
-            {
-                Directory.GetFiles(_dumpDir).Select(f => new FileInfo(f))
-                    .Where(f => (f.Extension == ImageExtension || f.Extension == Raw10Extension))
-                    .ToList().ForEach(f => f.Delete());
-            }
-            else
-            {
-                //delete old frames
-                var expiredTime = DateTime.Now.Subtract(maxAge);
-                Directory.GetFiles(_dumpDir).Select(f => new FileInfo(f))
-                    .Where(f => f.CreationTime < expiredTime && (f.Extension == ImageExtension || f.Extension == Raw10Extension))
-                    .ToList().ForEach(f => f.Delete());
-            }
-        }
     }
 }
diff --git a/tools/rsid-viewer/MainWindow.xaml b/tools/rsid-viewer/MainWindow.xaml
index 99428cc..ffaaac8 100644
--- a/tools/rsid-viewer/MainWindow.xaml
+++ b/tools/rsid-viewer/MainWindow.xaml
@@ -46,7 +46,6 @@
                         <Rectangle Width="32" Height="32" Canvas.Left="458" Stretch="Fill" Fill="{DynamicResource SecondaryColorBrush}"/>
                     </Canvas>
                 </Viewbox>
-                <Button x:Name="StandbyButton" AutomationProperties.AutomationId="StandbyButton" Click="StandbyButton_Click" Content="&#xF011;" HorizontalAlignment="Right" VerticalAlignment="Bottom" Width="36" Margin="0,0,64,4" Height="36" Background="#00DDDDDD" BorderThickness="0" Foreground="White" FontFamily="./#Font Awesome 5 Free Solid" FontSize="16" Style="{DynamicResource EmptyButtonStyle}" Padding="0" ToolTip="Power Save Mode" IsEnabled="False"/>
                 <Button x:Name="SettingsButton" AutomationProperties.AutomationId="SettingsButton" Click="SettingsButton_Click" Content="&#xF013;" HorizontalAlignment="Right" VerticalAlignment="Bottom" Width="36" Margin="0,0,12,4" Height="36" Background="#00DDDDDD" BorderThickness="0" Foreground="White" FontFamily="./#Font Awesome 5 Free Solid" FontSize="16" Style="{DynamicResource EmptyButtonStyle}" Padding="0" ToolTip="Settings">
                 </Button>
                 <Button x:Name="ImportButton" AutomationProperties.AutomationId="ImportButton" Click="ImportButton_Click" Content="&#xF019;" HorizontalAlignment="Right" VerticalAlignment="Bottom" Width="36" Margin="0,0,116,4" Height="36" Background="#00DDDDDD" BorderThickness="0" Foreground="White" FontFamily="./#Font Awesome 5 Free Solid" FontSize="16" Style="{DynamicResource EmptyButtonStyle}" Padding="0" ToolTip="Import"/>
@@ -201,7 +200,7 @@
                         <ColumnDefinition/>
                         <ColumnDefinition/>
                     </Grid.ColumnDefinitions>
-                    <TextBlock x:Name="textBlock1" TextWrapping="Wrap" Text="Authenticating..." VerticalAlignment="Center" FontSize="16" Foreground="{DynamicResource PrimaryText}" HorizontalAlignment="Right"/>
+                    <TextBlock x:Name="AuthenticatingTextBlock" TextWrapping="Wrap" Text="Authenticating..." VerticalAlignment="Center" FontSize="16" Foreground="{DynamicResource PrimaryText}" HorizontalAlignment="Right"/>
                     <Button x:Name="CancelAuthenticationButton" AutomationProperties.AutomationId="CancelAuthenticationButton" Click="CancelAuthenticationButton_Click" Content="STOP" HorizontalAlignment="Center" VerticalAlignment="Center" Style="{DynamicResource EmptyButtonStyle}" Margin="0" Grid.Column="1" FontFamily="./#Font Awesome 5 Free Regular" BorderThickness="1" Foreground="{DynamicResource PrimaryColorBrush}" BorderBrush="{DynamicResource PrimaryColorBrush}"/>
                 </Grid>
                 <Grid x:Name="EnrollPanel" Grid.ColumnSpan="2" Background="{DynamicResource DarkPanel1}" Visibility="Collapsed">
@@ -209,7 +208,7 @@
                         <ColumnDefinition/>
                         <ColumnDefinition/>
                     </Grid.ColumnDefinitions>
-                    <TextBlock x:Name="textBlock1_Copy" TextWrapping="Wrap" Text="Enrolling user..." VerticalAlignment="Center" FontSize="16" Foreground="{DynamicResource PrimaryText}" HorizontalAlignment="Right"/>
+                    <TextBlock x:Name="EnrollingTextBlock" TextWrapping="Wrap" Text="Enrolling user..." VerticalAlignment="Center" FontSize="16" Foreground="{DynamicResource PrimaryText}" HorizontalAlignment="Right"/>
                     <Button x:Name="CancelEnrollButton" AutomationProperties.AutomationId="CancelEnrollButton" Click="CancelEnrollButton_Click" Content="CANCEL" HorizontalAlignment="Center" VerticalAlignment="Center" Style="{DynamicResource EmptyButtonStyle}" Margin="0" Grid.Column="1" FontFamily="./#Font Awesome 5 Free Regular" Background="#0000AEEF" BorderThickness="1" Foreground="{DynamicResource PrimaryColorBrush}"/>
                 </Grid>
             </Grid>
@@ -220,6 +219,7 @@
             </Border.BorderBrush>
             <Grid>
                 <TextBlock x:Name="OutputText" HorizontalAlignment="Left" Margin="16,0,0,0" TextWrapping="Wrap" Text="Last event text" d:LayoutOverrides="Height" Foreground="{DynamicResource SecondaryText}" VerticalAlignment="Center"/>
+                <TextBox x:Name="SNText" IsReadOnly="True" HorizontalAlignment="Right" TextAlignment="Center" Width="240" Margin="0,0,10,0" Padding="5,0" Background="{DynamicResource AppBGBrush}" Foreground="{DynamicResource PrimaryText}" BorderBrush="{DynamicResource DisabledColorBrush}" VerticalAlignment="Center"/>
             </Grid>
         </Border>
         <GridSplitter x:Name="gridSplitter" HorizontalAlignment="Stretch" Margin="0" Grid.Column="1" Grid.RowSpan="4" Background="#00F0F0F0" d:LayoutOverrides="LeftMargin, RightMargin, TopMargin, BottomMargin"/>
diff --git a/tools/rsid-viewer/MainWindow.xaml.cs b/tools/rsid-viewer/MainWindow.xaml.cs
index d83b919..96510ac 100644
--- a/tools/rsid-viewer/MainWindow.xaml.cs
+++ b/tools/rsid-viewer/MainWindow.xaml.cs
@@ -20,6 +20,8 @@
 using rsid;
 using System.Text.RegularExpressions;
 using Path = System.IO.Path;
+using System.Runtime.CompilerServices;
+using System.Diagnostics;
 
 namespace rsid_wrapper_csharp
 {
@@ -39,6 +41,7 @@ public enum FlowMode
         private static readonly Brush SuccessBrush = Application.Current.TryFindResource("SuccessBrush") as Brush;
         private static readonly float _updateLoopInterval = 0.05f;
         private static readonly float _userFeedbackDuration = 3.0f;
+        private static readonly string _serialNumberFile = "sn.txt";
 
 #if RSID_PREVIEW
         private bool _previewEnabled = true;
@@ -68,7 +71,6 @@ public enum FlowMode
         private Database _db;// = new Database();
 
         private string _dumpDir;
-        private uint _last_dumped_raw;
         private ProgressBarDialog _progressBar;
 
         private float _userFeedbackTime;
@@ -76,7 +78,7 @@ public enum FlowMode
         private int _fps;
         private readonly System.Diagnostics.Stopwatch _fpsStopWatch = new System.Diagnostics.Stopwatch();
         private FrameDumper _frameDumper;
-        
+
         public MainWindow()
         {
             _cancelWasCalled = false;
@@ -175,7 +177,7 @@ private void EnrollImgButton_Click(object sender, RoutedEventArgs e)
             {
                 UserId = enrollInput.Username,
                 Filename = openFileDialog.FileName
-            };            
+            };
             if (FlowMode.Server == _flowMode)
             {
                 Task.Run(() => EnrollImageHostJob(enrollData, false));
@@ -221,13 +223,15 @@ private async void BatchEnrollImgButton_Click(object sender, RoutedEventArgs e)
                     // perform the enroll
                     var notLast = counter < enrollList.Count;
                     var success = true;
-                    if ( FlowMode.Server == _flowMode) {
+                    if (FlowMode.Server == _flowMode)
+                    {
                         success = await Task.Run(() => EnrollImageHostJob(record, notLast));
                     }
-                    else{
+                    else
+                    {
                         success = await Task.Run(() => EnrollImageJob(record, notLast));
                     }
-                    
+
                     if (success)
                     {
                         successCounter++;
@@ -367,7 +371,8 @@ private void SettingsButton_Click(object sender, RoutedEventArgs e)
                 }
             }
 
-            var dialog = new AuthSettingsInput(_deviceState.FirmwareVersion, DeviceSerialNumberToSku(_deviceState.SerialNumber), deviceConfig, _deviceState.PreviewConfig, _flowMode, _previewEnabled);
+
+            var dialog = new AuthSettingsInput(_deviceState.FirmwareVersion, deviceConfig, _deviceState.PreviewConfig, _flowMode, _previewEnabled, _deviceState.SerialConfig);
 
             if (ShowWindowDialog(dialog) == true)
             {
@@ -379,25 +384,11 @@ private void SettingsButton_Click(object sender, RoutedEventArgs e)
                 {
                     TabsControl.SelectedIndex = 1;  // Switch to logs tab
                     _progressBar = new ProgressBarDialog();
-                    ThreadPool.QueueUserWorkItem(FwUpdateJob, dialog.FirmwareFileName);
+                    ThreadPool.QueueUserWorkItem(FwUpdateJob,
+                        new Tuple<string, bool>(dialog.FirmwareFileName, dialog.ForceFirmwareUpdate));
                 }
             }
         }
-        private string DeviceSerialNumberToSku(string deviceSerialNumber)
-        {
-            Regex sku2Option1 = new Regex(@"12[02]\d6228\d{4}.*");
-            Regex sku2Option2 = new Regex(@"\d{4}6229\d{4}.*");
-            if (sku2Option1.Match(deviceSerialNumber).Success || sku2Option2.Match(deviceSerialNumber).Success)
-            {
-                return "sku2";
-            }
-            return "sku1";
-        }
-
-        private void StandbyButton_Click(object sender, RoutedEventArgs e)
-        {
-            ThreadPool.QueueUserWorkItem(StandbyJob);
-        }
 
         private void ClearLogButton_Click(object sender, RoutedEventArgs e)
         {
@@ -502,7 +493,6 @@ private void ImportButton_Click(object sender, RoutedEventArgs e)
             {
                 OnStopSession();
                 _authenticator.Disconnect();
-                ThreadPool.QueueUserWorkItem(StandbyJob);
                 SetUiEnabled(true);
             }
         }
@@ -590,7 +580,7 @@ private void DumpDispatch(Action action)
         {
             try
             {
-                Dispatcher.BeginInvoke(action, DispatcherPriority.Background, null);
+                Dispatcher.BeginInvoke(action, DispatcherPriority.Normal, null);
             }
             catch (Exception ex)
             {
@@ -628,7 +618,7 @@ private void ShowLogTitle(string title)
             LogScroll.ScrollToEnd();
         }
 
-        private void ShowLog(string message)
+        public void ShowLog(string message)
         {
             BackgroundDispatch(() =>
             {
@@ -672,7 +662,7 @@ private void ShowFailedTitle(string message)
         private string GetFailedSpoofMsg(AuthStatus status)
         {
             //var msg = status.ToString();
-            if ((int)status >= (int)AuthStatus.Reserved1 || (int)status == (int)AuthStatus.Forbidden)
+            if ((int)status >= (int)AuthStatus.Spoof_2D || (int)status == (int)AuthStatus.Forbidden)
                 return "Spoof Attempt";
             else if (status == AuthStatus.NoFaceDetected)
                 return "No valid face detected";
@@ -769,13 +759,18 @@ private void UpdateAuthButtonText()
         }
         private void SetUiEnabled(bool isEnabled)
         {
+            var isRecogEnabled = _deviceState.DeviceConfig.algoFlow == DeviceConfig.AlgoFlow.All ||
+                _deviceState.DeviceConfig.algoFlow == DeviceConfig.AlgoFlow.RecognitionOnly;
+
+
             SettingsButton.IsEnabled = isEnabled;
-            DeleteButton.IsEnabled = isEnabled && UsersListView.SelectedItems.Count > 0;
-            ImportButton.IsEnabled = isEnabled && (_flowMode != FlowMode.Server);
-            ExportButton.IsEnabled = isEnabled && (_flowMode != FlowMode.Server);
-            EnrollButton.IsEnabled = isEnabled;
-            EnrollImgButton.IsEnabled = isEnabled;
-            BatchEnrollButton.IsEnabled = EnrollImgButton.IsEnabled;
+            DeleteButton.IsEnabled = isEnabled && isRecogEnabled && UsersListView.SelectedItems.Count > 0;
+            ImportButton.IsEnabled = isEnabled && isRecogEnabled && (_flowMode != FlowMode.Server);
+            ExportButton.IsEnabled = isEnabled && isRecogEnabled && (_flowMode != FlowMode.Server);
+            
+            EnrollButton.IsEnabled = isEnabled && isRecogEnabled;
+            EnrollImgButton.IsEnabled = isEnabled && isRecogEnabled;
+            BatchEnrollButton.IsEnabled = isEnabled && isRecogEnabled;
             // auth button enabled if there are enrolled users or if we in spoof/face detection only mode
             var authBtnEnabled = AuthenticateButton.IsEnabled =
                 isEnabled && (
@@ -784,9 +779,8 @@ private void SetUiEnabled(bool isEnabled)
                 || _deviceState.DeviceConfig.algoFlow == DeviceConfig.AlgoFlow.FaceDetectionOnly);
             AuthenticateButton.IsEnabled = authBtnEnabled;
             AuthenticateLoopToggle.IsEnabled = authBtnEnabled;
-            StandbyButton.IsEnabled = isEnabled && (_flowMode != FlowMode.Server);
-            UsersListView.IsEnabled = isEnabled;
-            SelectAllUsersCheckBox.IsEnabled = isEnabled && _userList?.Length > 0;
+            UsersListView.IsEnabled = isEnabled && isRecogEnabled; 
+            SelectAllUsersCheckBox.IsEnabled = isEnabled && isRecogEnabled &&_userList?.Length > 0;
 
             UpdateAuthButtonText();
         }
@@ -817,7 +811,6 @@ private void LoadConfig()
 
             if (_flowMode == FlowMode.Server)
             {
-                StandbyButton.IsEnabled = false;
                 ImportButton.IsEnabled = false;
                 ExportButton.IsEnabled = false;
 
@@ -869,6 +862,7 @@ private void LogDeviceConfig(DeviceConfig deviceConfig)
             ShowLog(" * Dump Mode: " + deviceConfig.dumpMode.ToString());
             ShowLog(" * Host Mode: " + _flowMode);
             ShowLog(" * Camera Index: " + _deviceState.PreviewConfig.cameraNumber);
+            ShowLog(" * Preview Mode: " + _deviceState.PreviewConfig.previewMode);
             ShowLog(" * Matcher Confidence Level: " + deviceConfig.matcherConfidenceLevel.ToString());
             ShowLog("");
         }
@@ -948,8 +942,8 @@ private void Match(rsid.ExtractedFaceprints faceprintsToMatch)
                 if (!(_db.VerifyVersionMatchedPLE(ref faceprintsToMatch)))
                 {
                     HandleDbErrorServer();
-                    string logmsg = $"Faceprints (FP) version mismatch: DB={ _db.GetVersion()}, FP={faceprintsToMatch.version}. Saved the old DB to backup file and started a new DB from scratch.";
-                    string guimsg = $"Faceprints (FP) version mismatch: DB={ _db.GetVersion()}, FP={faceprintsToMatch.version}. DB backuped and cleaned.";
+                    string logmsg = $"Faceprints (FP) version mismatch: DB={_db.GetVersion()}, FP={faceprintsToMatch.version}. Saved the old DB to backup file and started a new DB from scratch.";
+                    string guimsg = $"Faceprints (FP) version mismatch: DB={_db.GetVersion()}, FP={faceprintsToMatch.version}. DB backuped and cleaned.";
                     ShowLog(logmsg);
                     VerifyResult(false, string.Empty, guimsg);
                     return;
@@ -1010,7 +1004,7 @@ private void Match(rsid.ExtractedFaceprints faceprintsToMatch)
 
                 if (winningIndex >= 0) // we have a winner so declare success!
                 {
-                    VerifyResultAuth(AuthStatus.Success, $"Authenticated user = \"{winningIdStr}\"", string.Empty, null, winningIdStr);
+                    VerifyResultAuth(AuthStatus.Success, winningIdStr, string.Empty, null, winningIdStr);
 
                     ShowLog($"Match info : userIdName = \"{winningIdStr}\", index = \"{winningIndex}\", success = {winningMatchResult.success}, score = {winningMatchResult.score}, should_update = {winningMatchResult.shouldUpdate}.");
 
@@ -1045,7 +1039,7 @@ private void Match(rsid.ExtractedFaceprints faceprintsToMatch)
         private void RenderDetectedFaces()
         {
             // don't draw on empty image
-            if (PreviewImage.Visibility != Visibility.Visible || _previewBitmap == null) 
+            if (PreviewImage.Visibility != Visibility.Visible || _previewBitmap == null)
                 return;
             // show detected faces                        
             foreach (var (face, status, userId) in _detectedFaces)
@@ -1129,7 +1123,7 @@ private void UiHandlePreview(PreviewImage image)
                 PreviewImage.Width = image.width;
                 PreviewImage.Height = image.height;
                 Console.WriteLine($"Creating new WriteableBitmap preview buffer {image.width}x{image.height}");
-                _previewBitmap = new WriteableBitmap(image.width, image.height,96, 96, PixelFormats.Rgb24, null);
+                _previewBitmap = new WriteableBitmap(image.width, image.height, 96, 96, PixelFormats.Rgb24, null);
                 PreviewImage.Source = _previewBitmap;
             }
             Int32Rect sourceRect = new Int32Rect(0, 0, image.width, image.height);
@@ -1166,10 +1160,13 @@ private void OnPreview(PreviewImage image, IntPtr ctx)
             if (image.metadata.sensor_id != 0) // preview only left sensor
                 return;
 
+            if (image.height == 640) // ignore snapshot type frames
+                return;
+
             lock (_previewMutex)
             {
                 // preview image is allways RGB24
-                if (_previewBuffer.Length != image.size)
+                if (_previewBuffer.Length < image.size)
                 {
                     Console.WriteLine("Creating preview buffer");
                     _previewBuffer = new byte[image.size];
@@ -1187,7 +1184,7 @@ private void OnPreview(PreviewImage image, IntPtr ctx)
                 _fps++;
                 if (_fpsStopWatch.Elapsed.Seconds >= 1)
                 {
-                    var dumpsLabel = _frameDumper != null ? " (dumps enabled)" : string.Empty;
+                    var dumpsLabel = _frameDumper != null ? " (dump mode)" : string.Empty;
                     previewLabel = $"{image.width}x{image.height}  {_fps} FPS {dumpsLabel}";
                     _fps = 0;
                     _fpsStopWatch.Restart();
@@ -1224,23 +1221,20 @@ private void OnSnapshot(PreviewImage image, IntPtr ctx)
 
         private void DumpImage(PreviewImage image)
         {
-            DumpDispatch(() =>
+            if (_frameDumper != null)
             {
-                if (_frameDumper != null)
+                try
                 {
-                        try
-                        {
-                            if (_deviceState.PreviewConfig.previewMode == PreviewMode.RAW10_1080P)
-                                _frameDumper.DumpRawImage(image);
-                            else
-                                _frameDumper.DumpPreviewImage(image);
-                        }
-                        catch (Exception ex)
-                        {
-                            HandleDumpException(ex);
-                        }
+                    if (_deviceState.PreviewConfig.previewMode == PreviewMode.RAW10_1080P)
+                        _frameDumper.DumpRawImage(image);
+                    else
+                        _frameDumper.DumpPreviewImage(image);
                 }
-            });
+                catch (Exception ex)
+                {
+                    HandleDumpException(ex);
+                }
+            }
         }
 
         private void ResetDetectedFaces()
@@ -1256,8 +1250,8 @@ private void ResetDetectedFaces()
 
         private void OnStartSession(string title, bool activateDumps)
         {
-            //activate full preview dumps only if device's DumpMode is full
-            activateDumps = activateDumps && _deviceState.DeviceConfig.dumpMode != DeviceConfig.DumpMode.None;
+            //activate full preview dumps only if device's DumpMode is enabled and preview mode is raw 10
+            activateDumps = activateDumps && _deviceState.DeviceConfig.dumpMode != DeviceConfig.DumpMode.None && _deviceState.PreviewConfig.previewMode == PreviewMode.RAW10_1080P;
             Dispatcher.Invoke(() =>
             {
                 ShowLogTitle(title);
@@ -1265,26 +1259,27 @@ private void OnStartSession(string title, bool activateDumps)
                 RedDot.Visibility = Visibility.Visible;
                 _cancelWasCalled = false;
                 _lastAuthHint = AuthStatus.Serial_Ok;
+                AuthenticatingTextBlock.Text = "Authenticating...";
+                EnrollingTextBlock.Text = "Enrolling user...";
+                CancelAuthenticationButton.IsEnabled = true;
                 ResetDetectedFaces();
                 try
                 {
-                    _frameDumper = activateDumps ? new FrameDumper(_dumpDir) : null;
+                    _frameDumper = activateDumps ? new FrameDumper(_dumpDir, title) : null;
                 }
-                catch (Exception ex)
+                catch (Exception)
                 {
-                    HandleDumpException(ex);
+                    _frameDumper = null;
+                    ShowErrorMessage("Failed to create the 'dumps' folder",
+                        "Please try changing the 'dumps' variable in the 'rsid-viewer.exe.config' file to a different location and restart.");
                 }
             });
         }
 
         private void OnStopSession()
         {
-            Dispatcher.Invoke(async () =>
+            Dispatcher.Invoke(() =>
             {
-                if(_frameDumper != null)
-                {
-                    await Task.Delay(1200);
-                }
                 SetUiEnabled(true);
                 RedDot.Visibility = Visibility.Hidden;
             });
@@ -1327,11 +1322,12 @@ private void OnEnrollResult(EnrollStatus status, IntPtr ctx)
                     logmsg = "Enroll failed";
                 }
 
+
                 string guimsg = logmsg;
 
                 ShowLog(logmsg);
 
-                VerifyResult(status == EnrollStatus.Success, guimsg, guimsg);
+                VerifyResult(status == EnrollStatus.Success, guimsg, guimsg);                
             }
         }
 
@@ -1370,7 +1366,7 @@ private void OnEnrollExtractionResult(EnrollStatus status, IntPtr faceprintsHand
                 if ((status == rsid.EnrollStatus.Success) && !(_db.VerifyVersionMatchedDBLE(ref faceprints)))
                 {
                     HandleDbErrorServer();
-                    logmsg += $" Faceprints (FP) version mismatch. DB={ _db.GetVersion()}, FP={faceprints.version}. Saved the DB to backup file and started a new DB from scratch.";
+                    logmsg += $" Faceprints (FP) version mismatch. DB={_db.GetVersion()}, FP={faceprints.version}. Saved the DB to backup file and started a new DB from scratch.";
                     guimsg += $" Faceprints version mismatch : DB backuped and cleaned.";
                 }
 
@@ -1396,6 +1392,7 @@ private void OnAuthHint(AuthStatus hint, IntPtr ctx)
             {
                 _lastAuthHint = hint;
                 ShowLog(hint.ToString());
+                ShowProgressTitle(hint.ToString());
             }
             if (hint == AuthStatus.NoFaceDetected)
             {
@@ -1415,7 +1412,7 @@ private void OnAuthResult(AuthStatus status, string userId, IntPtr ctx)
                 string failMessage = (status == AuthStatus.NoFaceDetected) ? "No valid face detected" : status.ToString();
                 VerifyResultAuth(status, $"{userId}", failMessage, null, userId);
             }
-            _lastAuthHint = AuthStatus.Serial_Ok; // show next hint, session is done
+            _lastAuthHint = AuthStatus.Serial_Ok; // show next hint, session is done            
         }
 
         private void OnFaceDeteced(IntPtr facesArr, int faceCount, uint ts, IntPtr ctx)
@@ -1476,6 +1473,7 @@ private void OnAuthExtractionResult(AuthStatus status, IntPtr faceprintsHandle,
             }
             _lastAuthHint = AuthStatus.Serial_Ok; // show next hint, session is done
         }
+        
 
         private void HideEnrollingLabelPanel()
         {
@@ -1513,7 +1511,8 @@ private void UpdateUsersUiList(string[] users)
             UsersTab.Header = $"Users ({usersCount})";
             var usersExist = usersCount > 0;
             InstructionsEnrollUsers.Visibility = usersExist ? Visibility.Collapsed : Visibility.Visible;
-            SelectAllUsersCheckBox.IsEnabled = usersExist;
+            SelectAllUsersCheckBox.IsEnabled = usersExist && 
+                _deviceState.DeviceConfig.algoFlow == DeviceConfig.AlgoFlow.All || _deviceState.DeviceConfig.algoFlow == DeviceConfig.AlgoFlow.RecognitionOnly;
             // auth button enabled if there are enrolled users or if we in spoof/face detection only mode
             var authBtnEnabled = AuthenticateButton.IsEnabled =
                 usersExist
@@ -1606,6 +1605,17 @@ private void RefreshUserListServer()
                 var sn = controller.QuerySerialNumber();
                 device.SerialNumber = sn;
                 ShowLog($"S/N: {device.SerialNumber}\n");
+                BackgroundDispatch(() => SNText.Text = $"S/N: {device.SerialNumber}");
+
+                try
+                {
+                    File.WriteAllText(_serialNumberFile, sn);
+                }
+                catch (Exception ex)
+                {
+                    // Not critical error. just log it and continue
+                    ShowLog("Error writing to sn.txt:\n" + ex.Message);
+                }
 
                 ShowLog("Pinging device...");
 
@@ -1630,10 +1640,10 @@ private void RefreshUserListServer()
                 var deviceConfig = QueryDeviceConfig();
                 _authenticator.Disconnect();
                 if (deviceConfig.HasValue)
-                {   
+                {
                     device.DeviceConfig = deviceConfig.Value;
                     _deviceState.PreviewConfig.portraitMode = device.DeviceConfig.cameraRotation == DeviceConfig.CameraRotation.Rotation_0_Deg || device.DeviceConfig.cameraRotation == DeviceConfig.CameraRotation.Rotation_180_Deg;
-                    device.PreviewConfig = new PreviewConfig { cameraNumber = Settings.Default.CameraNumber, previewMode = _deviceState.PreviewConfig.previewMode, portraitMode = _deviceState.PreviewConfig.portraitMode};
+                    device.PreviewConfig = new PreviewConfig { cameraNumber = Settings.Default.CameraNumber, previewMode = _deviceState.PreviewConfig.previewMode, portraitMode = _deviceState.PreviewConfig.portraitMode };
                 }
             }
 
@@ -1751,7 +1761,7 @@ private void InitialSession(Object threadContext)
 
                 ShowFailedTitle("Device Error");
                 var msg = $"Device failed to respond. Please reconnect the device and try again." +
-                    $"\nIf the the issue persists, flash firmware version { compatibleVersion } or newer.\n";
+                    $"\nIf the the issue persists, flash firmware version {compatibleVersion} or newer.\n";
                 ShowLog(msg);
                 ShowErrorMessage("Device Error", msg);
 
@@ -1765,7 +1775,7 @@ private void InitialSession(Object threadContext)
                 var compatibleVersion = Authenticator.CompatibleFirmwareVersion();
 
                 ShowFailedTitle("FW Incompatible");
-                var msg = $"Firmware version is incompatible.\nPlease update to version { compatibleVersion } or newer.\n";
+                var msg = $"Firmware version is incompatible.\nPlease update to version {compatibleVersion} or newer.\n";
                 ShowLog(msg);
                 ShowErrorMessage("Firmware Version Error", msg);
 
@@ -1790,8 +1800,18 @@ private void InitialSession(Object threadContext)
 
                 // start preview
                 _deviceState.PreviewConfig.cameraNumber = Settings.Default.CameraNumber;
-                _deviceState.PreviewConfig.portraitMode = _deviceState.DeviceConfig.cameraRotation == DeviceConfig.CameraRotation.Rotation_0_Deg || _deviceState.DeviceConfig.cameraRotation == DeviceConfig.CameraRotation.Rotation_180_Deg;
+                _deviceState.PreviewConfig.portraitMode = _deviceState.DeviceConfig.cameraRotation == DeviceConfig.CameraRotation.Rotation_0_Deg ||
+                    _deviceState.DeviceConfig.cameraRotation == DeviceConfig.CameraRotation.Rotation_180_Deg;
                 _deviceState.PreviewConfig.rotateRaw = Settings.Default.RawRotate;
+
+                // if device in dump mode, show raw10 preview only
+                if (_deviceState.DeviceConfig.dumpMode != DeviceConfig.DumpMode.None)
+                {
+                    _deviceState.PreviewConfig.previewMode = PreviewMode.RAW10_1080P;
+                    InvokePreviewVisibility(Visibility.Hidden);
+
+                }
+
                 if (_preview == null)
                     _preview = new Preview(_deviceState.PreviewConfig);
                 else
@@ -1826,6 +1846,7 @@ private void CancelJob(Object threadContext)
                 _cancelWasCalled = true;
                 var status = _authenticator.Cancel();
                 ShowLog($"Cancel status: {status}");
+                _frameDumper?.Cancel();
                 VerifyResult(status == Status.Ok, "Canceled", "Cancel failed");
             }
             catch (Exception ex)
@@ -1840,7 +1861,7 @@ private void EnrollJob(Object threadContext)
             var userId = threadContext as string;
 
             if (!ConnectAuth()) return;
-            OnStartSession($"Enroll \"{userId}\"", true);
+            OnStartSession($"Enroll {userId}", true);
             IntPtr userIdCtx = Marshal.StringToHGlobalUni(userId);
             try
             {
@@ -1861,6 +1882,10 @@ private void EnrollJob(Object threadContext)
                     HideEnrollingLabelPanel();
                     RefreshUserList();
                 }
+                else
+                {
+                    ShowFailedTitle(status.ToString());
+                }
             }
             catch (Exception ex)
             {
@@ -1887,7 +1912,7 @@ private void EnrollImageJob(Object threadContext)
 
             var (buffer, w, h, bitmap) = ImageHelper.ToBgr(imageFilename, maxImageSize);
 
-            OnStartSession($"Enroll \"{userId}\"", true);
+            OnStartSession($"Enroll {userId}", true);
             var userIdCtx = Marshal.StringToHGlobalUni(userId);
             try
             {
@@ -1960,7 +1985,7 @@ private bool EnrollImageJob(EnrollImageRecord enrollRecord, bool isBatch)
             {
                 var (buffer, w, h, bitmap) = ImageHelper.ToBgr(enrollRecord.Filename, maxImageSize);
 
-                OnStartSession($"Enroll \"{enrollRecord.UserId}\"", true);
+                OnStartSession($"Enroll {enrollRecord.UserId}", true);
                 userIdCtx = Marshal.StringToHGlobalUni(enrollRecord.UserId);
 
                 // validate file not bigger than max allowed
@@ -2016,7 +2041,7 @@ private bool EnrollImageJob(EnrollImageRecord enrollRecord, bool isBatch)
                 HideEnrollingLabelPanel();
                 _authloopRunning = false;
                 _authenticator.Disconnect();
-                if(userIdCtx != IntPtr.Zero)
+                if (userIdCtx != IntPtr.Zero)
                     Marshal.FreeHGlobal(userIdCtx);
             }
             return success;
@@ -2034,7 +2059,7 @@ private bool EnrollImageHostJob(EnrollImageRecord enrollRecord, bool isBatch)
             {
                 var (buffer, w, h, bitmap) = ImageHelper.ToBgr(enrollRecord.Filename, maxImageSize);
 
-                OnStartSession($"Enroll \"{enrollRecord.UserId}\"", true);
+                OnStartSession($"Enroll {enrollRecord.UserId}", true);
                 userIdCtx = Marshal.StringToHGlobalUni(enrollRecord.UserId);
 
                 // validate file not bigger than max allowed
@@ -2105,7 +2130,7 @@ private void EnrollExtractFaceprintsJob(Object threadContext)
             var userId = threadContext as string;
 
             if (!ConnectAuth()) return;
-            OnStartSession($"Enroll \"{userId}\"", true);
+            OnStartSession($"Enroll {userId}", true);
             try
             {
                 _lastEnrolledUserId = userId + '\0';
@@ -2116,7 +2141,9 @@ private void EnrollExtractFaceprintsJob(Object threadContext)
                     progressClbk = OnEnrollProgress,
                     faceDetectedClbk = OnFaceDeteced,
                 };
-                _authenticator.EnrollExtractFaceprints(enrollExtArgs);
+                Status status = _authenticator.EnrollExtractFaceprints(enrollExtArgs);
+                if (status != Status.Ok)
+                    ShowFailedTitle(status.ToString());
             }
             catch (Exception ex)
             {
@@ -2268,7 +2295,11 @@ private void AuthenticateJob(Object threadContext)
 
                 ShowProgressTitle("Authenticating..");
                 _authloopRunning = true;
-                _authenticator.Authenticate(authArgs);
+                var sw = Stopwatch.StartNew();
+                Status status = _authenticator.Authenticate(authArgs);
+                ShowLog($"{sw.ElapsedMilliseconds} milliseconds");
+                if (status != Status.Ok)
+                    ShowFailedTitle(status.ToString());
             }
             catch (Exception ex)
             {
@@ -2339,7 +2370,9 @@ private void AuthenticateExtractFaceprintsJob(Object threadContext)
                     ctx = IntPtr.Zero
                 };
                 ShowProgressTitle("Extracting Faceprints");
-                _authenticator.AuthenticateExtractFaceprints(authExtArgs);
+                Status status = _authenticator.AuthenticateExtractFaceprints(authExtArgs);
+                if (status != Status.Ok)
+                    ShowFailedTitle(status.ToString());
             }
             catch (Exception ex)
             {
@@ -2440,22 +2473,47 @@ private void SetDeviceConfigJob(Object threadContext)
         {
             if (!ConnectAuth()) return;
 
-            (DeviceConfig? prevDeviceConfig, var deviceConfig, var prevPreviewConfig, var PreviewConfig, var flowMode) = ((DeviceConfig?, DeviceConfig, PreviewConfig, PreviewConfig, FlowMode))threadContext;
+            (DeviceConfig? prevDeviceConfig, var deviceConfig, var prevPreviewConfig, var PreviewConfig, var flowMode) =
+                ((DeviceConfig?, DeviceConfig, PreviewConfig, PreviewConfig, FlowMode))threadContext;
             OnStartSession("SetDeviceConfig", false);
             try
             {
+
                 ShowProgressTitle("SetDeviceConfig");
+
+                // Must use raw10 if dump mode enabled
+                if (deviceConfig.dumpMode != DeviceConfig.DumpMode.None)
+                {
+                    PreviewConfig.previewMode = PreviewMode.RAW10_1080P;
+                }
+                else // if not not im dump mode, make sure we not in raw 10 preview
+                {
+                    if (PreviewConfig.previewMode == PreviewMode.RAW10_1080P)
+                    {
+                        PreviewConfig.previewMode = PreviewMode.MJPEG_1080P;
+                    }
+                }
+
                 LogDeviceConfig(deviceConfig);
 
+
+
                 if (prevDeviceConfig.HasValue)
                 {
                     DeviceConfig prevDeviceConfigValue = prevDeviceConfig.Value;
                     if (_preview != null)
                         _preview.Stop();
+
                     if (prevPreviewConfig.previewMode != PreviewConfig.previewMode || prevPreviewConfig.portraitMode != PreviewConfig.portraitMode)
                     {
                         // restart preview
-                        _deviceState.PreviewConfig = new PreviewConfig { cameraNumber = Settings.Default.CameraNumber, previewMode = PreviewConfig.previewMode , portraitMode = PreviewConfig.portraitMode,rotateRaw = Settings.Default.RawRotate};
+                        _deviceState.PreviewConfig = new PreviewConfig
+                        {
+                            cameraNumber = Settings.Default.CameraNumber,
+                            previewMode = PreviewConfig.previewMode,
+                            portraitMode = PreviewConfig.portraitMode,
+                            rotateRaw = Settings.Default.RawRotate
+                        };
                         _preview?.UpdateConfig(_deviceState.PreviewConfig);
                     }
                     ShowLog("Detected changes. Updating settings on device...");
@@ -2485,7 +2543,6 @@ private void SetDeviceConfigJob(Object threadContext)
 
                         Dispatcher.Invoke(() =>
                         {
-                            StandbyButton.IsEnabled = false;
                             ImportButton.IsEnabled = false;
                             ExportButton.IsEnabled = false;
                         });
@@ -2524,28 +2581,6 @@ private void SetDeviceConfigJob(Object threadContext)
             }
         }
 
-        private void StandbyJob(Object threadContext)
-        {
-            if (!ConnectAuth()) return;
-
-            OnStartSession("Standby", false);
-            try
-            {
-                ShowProgressTitle("Entering Power Save Mode");
-                var status = _authenticator.Standby();
-                VerifyResult(status == Status.Ok, "Device is now in standby mode", "Device failed to enter standby mode");
-
-            }
-            catch (Exception ex)
-            {
-                ShowFailedTitle(ex.Message);
-            }
-            finally
-            {
-                OnStopSession();
-                _authenticator.Disconnect();
-            }
-        }
 
         // Update fw job using the given filename.
         // Update process:
@@ -2556,7 +2591,8 @@ private void StandbyJob(Object threadContext)
         // 5. Start preview
         private void FwUpdateJob(Object threadContext)
         {
-            var binPath = (string)threadContext;
+            var args = (Tuple<string, bool>)(threadContext);
+            var (binPath, forceUpdate) = args;
             using (var fwUpdater = new FwUpdater())
             {
                 BackgroundDispatch(() => _progressBar.Show());
@@ -2616,35 +2652,40 @@ private void FwUpdateJob(Object threadContext)
                     }
                 }
 
-                var isCompatible = Authenticator.IsFwCompatibleWithHost(newFwVersion);
-                if (!isCompatible)
+                if (!forceUpdate)
                 {
-                    CloseProgressBar();
-                    var compatibleVer = Authenticator.CompatibleFirmwareVersion();
-                    var msg = "Selected firmware version is not compatible with this SDK.\n";
-                    msg += $"Chosen Version:   {newFwVersion}\n";
-                    msg += $"Compatible Versions: {compatibleVer} and above\n";
-                    ShowErrorMessage("Incompatible FW Version", msg);
-                    return;
+                    var isCompatible = Authenticator.IsFwCompatibleWithHost(newFwVersion);
+                    if (!isCompatible)
+                    {
+                        CloseProgressBar();
+                        var compatibleVer = Authenticator.CompatibleFirmwareVersion();
+                        var msg = "Selected firmware version is not compatible with this SDK.\n";
+                        msg += $"Chosen Version:   {newFwVersion}\n";
+                        msg += $"Compatible Versions: {compatibleVer} and above\n";
+                        ShowErrorMessage("Incompatible FW Version", msg);
+                        return;
+                    }
                 }
 
-                var isEncrytionCompatible = fwUpdater.IsEncyptionCompatibleWithDevice(binPath, _deviceState.SerialNumber);
-                if (!isEncrytionCompatible)
+                var fwUpdateSettings = new FwUpdater.FwUpdateSettings
+                {
+                    port = _deviceState.SerialConfig.port,
+                    force_full = forceUpdate ? 1 : 0
+                };
+
+
+                var isSkuCompatible = fwUpdater.IsSkuCompatible(fwUpdateSettings, binPath, out int expectedSkuVer, out int deviceSkuVer);
+                if (!isSkuCompatible)
                 {
-                    string sku = DeviceSerialNumberToSku(_deviceState.SerialNumber);
                     CloseProgressBar();
                     var msg = "Selected firmware version is incompatible with your F450 model.\n";
-                    msg += "Please make sure the firmware file you're using is for " + sku + " devices and try again.\n";
+                    msg += "Please make sure the firmware file you're using is for SKU" + deviceSkuVer + " devices and try again.\n";
                     ShowErrorMessage("Incompatible firmware encryption version", msg);
                     return;
                 }
-                var fwUpdateSettings = new FwUpdater.FwUpdateSettings
-                {
-                    port = _deviceState.SerialConfig.port
-                };
 
                 FwUpdater.UpdatePolicyInfo updatePolicyInfo;
-                fwUpdater.DecideUpdatePolicy(binPath, fwUpdateSettings, out updatePolicyInfo);
+                fwUpdater.DecideUpdatePolicy(fwUpdateSettings, binPath, out updatePolicyInfo);
                 if (updatePolicyInfo.updatePolicy == FwUpdater.UpdatePolicy.Not_Allowed)
                 {
                     CloseProgressBar();
diff --git a/tools/rsid-viewer/UpdateAvailableDialog.xaml b/tools/rsid-viewer/UpdateAvailableDialog.xaml
new file mode 100644
index 0000000..fc9b1fa
--- /dev/null
+++ b/tools/rsid-viewer/UpdateAvailableDialog.xaml
@@ -0,0 +1,56 @@
+<Window x:Class="rsid_wrapper_csharp.UpdateAvailableDialog"
+        xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation"
+        xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"
+        xmlns:d="http://schemas.microsoft.com/expression/blend/2008"
+        xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006"
+        xmlns:local="clr-namespace:rsid_wrapper_csharp"
+        mc:Ignorable="d"
+        Title="Error"
+        Width="310" Height="300" SizeToContent="Height"
+        ResizeMode="NoResize"        
+        ShowInTaskbar="False"
+        WindowStyle="None"        
+        WindowStartupLocation="CenterOwner"
+        Background="{DynamicResource AppBGBrush}"
+        MouseDown="Window_MouseDown" BorderBrush="{DynamicResource PrimaryColorBrush}" BorderThickness="1" UseLayoutRounding="True">
+    <StackPanel Orientation="Vertical" Margin="30">
+        <TextBlock x:Name="MainTitle" HorizontalAlignment="Left" TextWrapping="Wrap" d:LayoutOverrides="Height" FontSize="16" FontWeight="Medium" Text="Update Available" Foreground="{DynamicResource PrimaryText}" Grid.Column="1" Grid.Row="1" VerticalAlignment="Center"/>
+
+        <Grid Margin="0 20 0 0">
+            <Grid.RowDefinitions>
+                <RowDefinition Height="20"/>
+                <RowDefinition Height="20"/>
+                <RowDefinition Height="30"/>
+                <RowDefinition Height="20"/>
+            </Grid.RowDefinitions>
+            <Grid.ColumnDefinitions>
+                <ColumnDefinition Width="2*"/>
+                <ColumnDefinition Width="3*"/>
+            </Grid.ColumnDefinitions>
+
+            <TextBlock Grid.Row="0" Grid.Column="0" x:Name="SoftwareUpdateTitle" Text="Host Version" VerticalAlignment="Center"/>
+            <TextBlock Grid.Row="0" Grid.Column="1" x:Name="SoftwareUpdateInfo"  Text="" VerticalAlignment="Center" FontWeight="Bold"/>
+
+            <TextBlock Grid.Row="1" Grid.Column="0" x:Name="FirmwareUpdateTitle" Text="Firmware Version" VerticalAlignment="Center"/>
+            <TextBlock Grid.Row="1" Grid.Column="1" x:Name="FirmwareUpdateInfo" Text="" VerticalAlignment="Center" FontWeight="Bold"/>
+
+            <!--<TextBlock Grid.Row="2" Grid.Column="0" x:Name="UpdateUrlTitle"  Text="UpdateUrlTitle"/>-->
+
+            <TextBlock Grid.Row="2" Grid.Column="0" VerticalAlignment="Bottom" x:Name="UpdateUrlTextBlock" >
+                <Hyperlink x:Name="UpdateUrlLink" 
+                           NavigateUri="http://example.com"
+                           RequestNavigate="Hyperlink_RequestNavigate">
+                    Download Latest
+                </Hyperlink>
+            </TextBlock>
+
+            <TextBlock Grid.Row="3" Grid.Column="0" VerticalAlignment="Center" x:Name="ReleaseNotesTextBlock" >
+                <Hyperlink x:Name="ReleaseNotesLink"
+                           NavigateUri="http://example.com"
+                           RequestNavigate="Hyperlink_RequestNavigate">Release Notes</Hyperlink>
+
+            </TextBlock>
+        </Grid>
+        <Button x:Name="OKButton" Click="OKButton_Click" IsDefault="True" Content="Close" HorizontalAlignment="Right" VerticalAlignment="Center" Style="{DynamicResource ButtonStyle1}"/>
+    </StackPanel>
+</Window>
diff --git a/tools/rsid-viewer/UpdateAvailableDialog.xaml.cs b/tools/rsid-viewer/UpdateAvailableDialog.xaml.cs
new file mode 100644
index 0000000..99a614d
--- /dev/null
+++ b/tools/rsid-viewer/UpdateAvailableDialog.xaml.cs
@@ -0,0 +1,80 @@
+// License: Apache 2.0. See LICENSE file in root directory.
+// Copyright(c) 2020-2021 Intel Corporation. All Rights Reserved.
+
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using System.Windows;
+using System.Windows.Controls;
+using System.Windows.Data;
+using System.Windows.Documents;
+using System.Windows.Input;
+using System.Windows.Media;
+using System.Windows.Media.Imaging;
+using System.Windows.Shapes;
+
+namespace rsid_wrapper_csharp
+{
+    /// <summary>
+    /// Interaction logic for EnrollInput.xaml
+    /// </summary>
+    public partial class UpdateAvailableDialog : Window
+    {
+        public UpdateAvailableDialog(rsid.UpdateChecker.ReleaseInfo localInfo, rsid.UpdateChecker.ReleaseInfo remoteInfo)
+        {
+            this.Owner = Application.Current.MainWindow;
+            InitializeComponent();            
+            var updateAvailable = (remoteInfo.sw_version > localInfo.sw_version) || (remoteInfo.fw_version > localInfo.fw_version);            
+            MainTitle.Text = updateAvailable ? "Update available" : "Software is up to date";
+
+            if (remoteInfo.sw_version > localInfo.sw_version)
+            {
+                SoftwareUpdateInfo.Text = $"{localInfo.sw_version_str} => {remoteInfo.sw_version_str}";
+            }
+            else
+            {
+                SoftwareUpdateInfo.Text = $"{localInfo.sw_version_str} (up to date)";
+            }
+
+            if (remoteInfo.fw_version > localInfo.fw_version)
+            {
+                FirmwareUpdateInfo.Text = $"{localInfo.fw_version_str} => {remoteInfo.fw_version_str}";
+            }
+            else
+            {
+                FirmwareUpdateInfo.Text = $"{localInfo.fw_version_str} (up to date)";
+            }
+
+            UpdateUrlLink.NavigateUri = new Uri(remoteInfo.release_url);
+            ReleaseNotesLink.NavigateUri = new Uri(remoteInfo.release_notes_url);
+
+        }
+
+        private void OKButton_Click(object sender, RoutedEventArgs e)
+        {
+            DialogResult = true;
+        }
+
+        private void Hyperlink_RequestNavigate(object sender, System.Windows.Navigation.RequestNavigateEventArgs e)
+        {
+            // Open the URL in the system's default web browser
+            System.Diagnostics.Process.Start(new System.Diagnostics.ProcessStartInfo
+            {
+                FileName = e.Uri.AbsoluteUri,
+                UseShellExecute = true
+            });
+
+            // Optionally, handle the navigation event so it doesn't propagate further
+            e.Handled = true;
+        }
+
+
+        private void Window_MouseDown(object sender, MouseButtonEventArgs e)
+        {
+            if (e.ChangedButton == MouseButton.Left)
+                this.DragMove();
+        }
+    }
+}
diff --git a/tools/rsid-viewer/Utilities.cs b/tools/rsid-viewer/Utilities.cs
index 55a960a..a537baa 100644
--- a/tools/rsid-viewer/Utilities.cs
+++ b/tools/rsid-viewer/Utilities.cs
@@ -166,7 +166,7 @@ public static void FixOrientation(Bitmap bmp)
             if (!props.Contains(exifOrientationId)) return;
             var prop = bmp.GetPropertyItem(exifOrientationId);
             var orientation = BitConverter.ToInt16(prop.Value, 0);
-            if(orientation == 1) return; //top left
+            if (orientation == 1) return; //top left
 
             // Set Orientation top left
             prop.Value = BitConverter.GetBytes((short)1);
@@ -216,4 +216,23 @@ public static List<EnrollImageRecord> LoadImagesToEnroll(string filename)
             }
         }
     }
+
+
+    class Logger
+    {
+        private static readonly object ConsoleLock = new object();
+        // Log to console with color around the "Info" text to match spdlog console format 
+        public static void Log(string message)
+        {
+            string timestamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss.fff");
+            lock (ConsoleLock)
+            {
+                Console.Write($"[{timestamp}] [");
+                Console.ForegroundColor = ConsoleColor.Green;
+                Console.Write("Info");
+                Console.ResetColor();
+                Console.WriteLine($"] [Viewer] {message}");
+            }
+        }
+    }
 }
diff --git a/tools/rsid-viewer/icon.ico b/tools/rsid-viewer/icon.ico
index a6fae73..af88fdc 100644
Binary files a/tools/rsid-viewer/icon.ico and b/tools/rsid-viewer/icon.ico differ
diff --git a/tools/rsid-viewer/sn.txt b/tools/rsid-viewer/sn.txt
new file mode 100644
index 0000000..e69de29
diff --git a/tools/shared/secure-mode-helper/secure_mode_helper.cc b/tools/shared/secure-mode-helper/secure_mode_helper.cc
index 0c91b63..be06023 100644
--- a/tools/shared/secure-mode-helper/secure_mode_helper.cc
+++ b/tools/shared/secure-mode-helper/secure_mode_helper.cc
@@ -13,9 +13,9 @@
 #define PUB_KEY_SIZE              64
 
 // Example of host's private key. Should be replaced in production with your own secret key
-static unsigned char SAMPLE_HOST_PRI_KEY[PRI_KEY_SIZE] = {0xb9, 0xad, 0xfe, 0x0e, 0x6d, 0xd4, 0xfb, 0x6f, 0x76, 0xdf, 0x53,
-                                                   0x92, 0x87, 0x4e, 0x58, 0x39, 0xdd, 0x51, 0xd1, 0xaa, 0x79, 0x94,
-                                                   0x5e, 0xa8, 0x36, 0x8f, 0xb5, 0xdf, 0xa8, 0x28, 0x26, 0x53};
+static unsigned char SAMPLE_HOST_PRI_KEY[PRI_KEY_SIZE] = {
+    0xb9, 0xad, 0xfe, 0x0e, 0x6d, 0xd4, 0xfb, 0x6f, 0x76, 0xdf, 0x53, 0x92, 0x87, 0x4e, 0x58, 0x39,
+    0xdd, 0x51, 0xd1, 0xaa, 0x79, 0x94, 0x5e, 0xa8, 0x36, 0x8f, 0xb5, 0xdf, 0xa8, 0x28, 0x26, 0x53};
 
 // Example of host's public key. Should be replaced in production with your own key
 static unsigned char SAMPLE_HOST_PUB_KEY[PUB_KEY_SIZE] = {
@@ -145,21 +145,53 @@ bool SignHelper::Verify(const unsigned char* buffer, const unsigned int buffer_l
         ret = mbedtls_mpi_read_binary(&s, sig + PUB_X_Y_SIZE, PUB_X_Y_SIZE);
         if (!ret)
         {
-            size_t len = 0;
-            MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_mpi(&p, buf, &s));
-            MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_mpi(&p, buf, &r));
-            MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, len));
-            MBEDTLS_ASN1_CHK_ADD(len,
-                                 mbedtls_asn1_write_tag(&p, buf, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE));
+            int len1 = mbedtls_asn1_write_mpi(&p, buf, &s);
+            if (len1 < 0)
+            {
+                mbedtls_mpi_free(&r);
+                mbedtls_mpi_free(&s);
+                printf("[ERROR] Failed! mbedtls_asn1_write_mpi returned %d", len1);
+                return false;
+            }
+
+            int len2 = mbedtls_asn1_write_mpi(&p, buf, &r);
+            if (len2 < 0)
+            {
+                mbedtls_mpi_free(&r);
+                mbedtls_mpi_free(&s);
+                printf("[ERROR] Failed! mbedtls_asn1_write_mpi returned %d", len2);
+                return false;
+            }
 
+            int len3 = mbedtls_asn1_write_len(&p, buf, len1 + len2);
+            if (len3 < 0)
+            {
+                mbedtls_mpi_free(&r);
+                mbedtls_mpi_free(&s);
+                printf("[ERROR] Failed! mbedtls_asn1_write_len returned %d", len3);
+                return false;
+            }
+
+            int len4 = mbedtls_asn1_write_tag(&p, buf, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
+            if (len4 < 0)
+            {
+                mbedtls_mpi_free(&r);
+                mbedtls_mpi_free(&s);
+                printf("[ERROR] Failed! mbedtls_asn1_write_tag returned %d", len4);
+                return false;
+            }
+                      
             unsigned char digest[SHA_256_DIGEST_SIZE_BYTES];
             ret = mbedtls_sha256_ret(buffer, buffer_len, digest, 0);
             if (ret != 0)
             {
+                mbedtls_mpi_free(&r);
+                mbedtls_mpi_free(&s);
                 printf("[ERROR] Failed! mbedtls_sha256_ret returned %d", ret);
                 return false;
             }
 
+            size_t len = len1 + len2 + len3 + len4;
             ret = mbedtls_ecdsa_read_signature(&_ecdsa_device_context, digest, SHA_256_DIGEST_SIZE_BYTES, p, len);
         }
     }
@@ -195,7 +227,7 @@ Status SignHelper::ExchangeKeys(FaceAuthenticator* faceAuthenticator)
     ::memcpy(rv.host_pubkey, GetHostPubKey(), sizeof(rv.host_pubkey));
     Status s = faceAuthenticator->Pair(rv.host_pubkey, rv.host_pubkey_sig, rv.device_pubkey_result);
     if (s == Status::Ok)
-        UpdateDevicePubKey((unsigned char*) rv.device_pubkey_result);
+        UpdateDevicePubKey((unsigned char*)rv.device_pubkey_result);
     return s;
 }
 
diff --git a/wrappers/c/CMakeLists.txt b/wrappers/c/CMakeLists.txt
index 7e81287..422dbab 100644
--- a/wrappers/c/CMakeLists.txt
+++ b/wrappers/c/CMakeLists.txt
@@ -3,8 +3,8 @@ project(LibRealSenseID_C)
 set(INC_PATH "${CMAKE_CURRENT_SOURCE_DIR}/include/rsid_c")
 set(SRC_PATH "${CMAKE_CURRENT_SOURCE_DIR}/src")
 
-set(HEADERS ${INC_PATH}/rsid_status.h ${INC_PATH}/rsid_export.h ${INC_PATH}/rsid_client.h)
-set(SOURCES ${SRC_PATH}/rsid_c_client.cc ${SRC_PATH}/rsid_c_device_controller.cc )
+set(HEADERS ${INC_PATH}/rsid_status.h ${INC_PATH}/rsid_export.h ${INC_PATH}/rsid_client.h ${INC_PATH}/rsid_update_checker.h)
+set(SOURCES ${SRC_PATH}/rsid_c_client.cc ${SRC_PATH}/rsid_c_device_controller.cc ${SRC_PATH}/rsid_c_update_checker.cc)
 
 if (MSVC)
     list(APPEND HEADERS "${INC_PATH}/rsid_fw_updater.h")
@@ -18,6 +18,8 @@ endif()
 
 add_library(${LIBRSID_C_TARGET} SHARED ${HEADERS} ${SOURCES})
 
+set_common_compile_opts(${LIBRSID_C_TARGET})
+
 target_include_directories(${LIBRSID_C_TARGET}
     PUBLIC 
         "$<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include>"
diff --git a/wrappers/c/include/rsid_c/rsid_client.h b/wrappers/c/include/rsid_c/rsid_client.h
index 62f5668..694e4c5 100644
--- a/wrappers/c/include/rsid_c/rsid_client.h
+++ b/wrappers/c/include/rsid_c/rsid_client.h
@@ -177,7 +177,7 @@ RSID_C_API rsid_authenticator* rsid_create_authenticator();
     typedef struct rsid_pairing_args
     {
         char host_pubkey[64];          /* input host public key*/
-        char host_pubkey_sig[32];      /* input host public key signature */
+        char host_pubkey_sig[64];      /* input host public key signature */
         char device_pubkey_result[64]; /* output device's public key*/
     } rsid_pairing_args;
 
diff --git a/wrappers/c/include/rsid_c/rsid_fw_updater.h b/wrappers/c/include/rsid_c/rsid_fw_updater.h
index 2831059..4fac09c 100644
--- a/wrappers/c/include/rsid_c/rsid_fw_updater.h
+++ b/wrappers/c/include/rsid_c/rsid_fw_updater.h
@@ -51,7 +51,8 @@ extern "C"
     RSID_C_API int rsid_is_compatible_with_host(rsid_fw_updater* handle, const char* fw_version);
 
     /* extract version from firmware binary package */
-    RSID_C_API int rsid_extract_firmware_version(rsid_fw_updater* handle, const char* bin_path, char* new_fw_version,
+    RSID_C_API rsid_status rsid_extract_firmware_version(rsid_fw_updater* handle, const char* bin_path,
+                                                         char* new_fw_version,
                                                  size_t new_fw_version_length, char* new_recognition_version,
                                                  size_t new_recognition_version_size);
 
@@ -62,8 +63,8 @@ extern "C"
                                                 int exclude_recognition);
 
     /* check compatibility between the device and the firmware encryption" */
-    RSID_C_API int rsid_is_encryption_compatible_with_device(rsid_fw_updater* handle, const char* bin_path,
-                                                             const char* serial_number);
+    RSID_C_API int rsid_is_sku_compatible(rsid_fw_updater* handle, rsid_fw_update_settings settings,
+                                          const char* bin_path, int* expected_sku_ver, int* device_sku_ver);
 
     RSID_C_API void rsid_decide_update_policy(rsid_fw_updater* handle, rsid_fw_update_settings settings,
                                               const char* bin_path, rsid_firmware_update_policy* updatePolicyInfo);
diff --git a/wrappers/c/include/rsid_c/rsid_preview.h b/wrappers/c/include/rsid_c/rsid_preview.h
index 4154668..e702b90 100644
--- a/wrappers/c/include/rsid_c/rsid_preview.h
+++ b/wrappers/c/include/rsid_c/rsid_preview.h
@@ -35,11 +35,13 @@ extern "C"
 
     typedef struct
     {
-        unsigned int timestamp;
-        unsigned int status;
+        unsigned int timestamp; // sensor timestamp (miliseconds)
+        unsigned int exposure;
+        unsigned int gain;
+        unsigned char led;
         unsigned int sensor_id;
-        int led;
-        int projector;
+        unsigned int status;
+        unsigned char is_snapshot;
     }rsid_framedata;
 
     typedef struct
diff --git a/wrappers/c/include/rsid_c/rsid_status.h b/wrappers/c/include/rsid_c/rsid_status.h
index 6f7bd5f..9775ef5 100644
--- a/wrappers/c/include/rsid_c/rsid_status.h
+++ b/wrappers/c/include/rsid_c/rsid_status.h
@@ -68,7 +68,9 @@ extern "C"
         RSID_SerialError,
         RSID_SecurityError,
         RSID_VersionMismatch,
-        RSID_CrcError
+        RSID_CrcError,
+        RSID_LicenseError,
+        RSID_LicenseCheck
     } rsid_status;
 
     typedef enum
@@ -94,12 +96,15 @@ extern "C"
         RSID_Auth_Failure,
         RSID_Auth_Serial_Ok = RSID_Ok,
         RSID_Auth_Serial_Error,
+        RSID_Auth_Serial_SerialError,
         RSID_Auth_Serial_SecurityError,
         RSID_Auth_Serial_VersionMismatch,
         RSID_Auth_Serial_CrcError,
-        RSID_Auth_Reserved1 = 120,
-        RSID_Auth_Reserved2,
-        RSID_Auth_Reserved3
+        RSID_Auth_Serial_LicenseError,
+        RSID_Auth_Serial_LicenseCheck,
+        RSID_Auth_Spoof_2D = 120,
+        RSID_Auth_Spoof_3D,
+        RSID_Auth_Spoof_LR
     } rsid_auth_status;
 
     typedef enum
@@ -126,12 +131,15 @@ extern "C"
         RSID_Enroll_Spoof,
         RSID_Enroll_Serial_Ok = RSID_Ok,
         RSID_Enroll_Serial_Error,
+        RSID_Enroll_Serial_SerialError,
         RSID_Enroll_Serial_SecurityError,
         RSID_Enroll_Serial_VersionMismatch,
         RSID_Enroll_Serial_CrcError,
-        RSID_Enroll_Reserved1 = 120,
-        RSID_Enroll_Reserved2,
-        RSID_Enroll_Reserved3
+        RSID_Enroll_Serial_LicenseError,
+        RSID_Enroll_Serial_LicenseCheck,
+        RSID_Enroll_Spoof_2D = 120,
+        RSID_Enroll_Spoof_3D,
+        RSID_Enroll_Spoof_LR
     } rsid_enroll_status;
 
 
diff --git a/wrappers/c/include/rsid_c/rsid_update_checker.h b/wrappers/c/include/rsid_c/rsid_update_checker.h
new file mode 100644
index 0000000..7e40fba
--- /dev/null
+++ b/wrappers/c/include/rsid_c/rsid_update_checker.h
@@ -0,0 +1,62 @@
+// License: Apache 2.0. See LICENSE file in root directory.
+// Copyright(c) 2020-2024 Intel Corporation. All Rights Reserved.
+
+#pragma once
+
+#include "rsid_export.h"
+#include "rsid_status.h"
+#include <stdint.h>
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif //__cplusplus
+
+#include "rsid_export.h"
+#include "rsid_client.h"
+    //typedef struct
+    //{
+    //    void* _impl;
+    //} rsid_update_checker;
+
+    /* firmware update related settings */
+    typedef struct
+    {
+        uint64_t sw_version;
+        uint64_t fw_version;
+        const char* sw_version_str;
+        const char* fw_version_str;
+        const char* release_url;
+        const char* release_notes_url;
+    } rsid_release_info;
+
+       
+    /* return new updater checker handle (or null on failure) */
+    /*RSID_C_API rsid_update_checker* rsid_create_update_updater();*/
+
+    /* 
+     * get release info from remote server 
+     * return 0 on error, 1 on sucess 
+     * Note: You must call rsid_free_release_info to free the result members after use. 
+     * It doesn't free the struct itself
+     */
+    RSID_C_API rsid_status rsid_get_remote_release_info(rsid_release_info* result);
+
+    /* 
+     * get local release info from device and library
+     *  return 0 on error, 1 on sucess 
+     * Note: You must call rsid_free_release_info to free the result members after use
+     */   
+    RSID_C_API rsid_status rsid_get_local_release_info(const rsid_serial_config* serial_config,
+                                                       rsid_release_info* result);
+
+
+    /* 
+     * Free rsid_release_info struct members. 
+     * Note: It doesn't free the struct itself
+     */
+    RSID_C_API void rsid_free_release_info(rsid_release_info* release_info);
+
+#ifdef __cplusplus
+}
+#endif //__cplusplus
diff --git a/wrappers/c/src/rsid_c_client.cc b/wrappers/c/src/rsid_c_client.cc
index c069025..0f51765 100644
--- a/wrappers/c/src/rsid_c_client.cc
+++ b/wrappers/c/src/rsid_c_client.cc
@@ -151,17 +151,6 @@ static void copy_to_c_faceprints_ple_dble_for_enroll(const RealSenseID::Extracte
     c_faceprints->adaptiveDescriptorWithMask[RSID_INDEX_IN_FEATURES_VECTOR_TO_FLAGS] = FaVectorFlagsEnum::VecFlagNotSet;
 }
 
-static void copy_to_cpp_faceprints_ple_ple(const rsid_extracted_faceprints_t* c_faceprints,
-                                           RealSenseID::ExtractedFaceprints& faceprints)
-{
-    faceprints.data.version = c_faceprints->version;
-    faceprints.data.featuresType = (int)c_faceprints->featuresType;
-    faceprints.data.flags = c_faceprints->flags;
-
-    static_assert(sizeof(c_faceprints->featuresVector) == sizeof(faceprints.data.featuresVector),
-                  "adaptive faceprints sizes (without mask) does not match");
-    ::memcpy(faceprints.data.featuresVector, c_faceprints->featuresVector, sizeof(c_faceprints->featuresVector));
-}
 
 static void copy_to_c_faceprints_dble_dble(const RealSenseID::Faceprints& faceprints, rsid_faceprints_t* c_faceprints)
 {
diff --git a/wrappers/c/src/rsid_c_fw_updater.cc b/wrappers/c/src/rsid_c_fw_updater.cc
index 35518f8..e4652dd 100644
--- a/wrappers/c/src/rsid_c_fw_updater.cc
+++ b/wrappers/c/src/rsid_c_fw_updater.cc
@@ -10,6 +10,7 @@
 #include <string>
 #include <thread>
 #include <chrono>
+#include <cassert>
 
 namespace
 {
@@ -71,7 +72,7 @@ void rsid_destroy_fw_updater(rsid_fw_updater* handle)
     delete handle;
 }
 
-int rsid_extract_firmware_version(rsid_fw_updater* handle, const char* bin_path, char* new_fw_version,
+rsid_status rsid_extract_firmware_version(rsid_fw_updater* handle, const char* bin_path, char* new_fw_version,
                                   size_t new_fw_version_length, char* new_recognition_version,
                                   size_t new_recognition_version_size)
 {
@@ -95,41 +96,6 @@ int rsid_extract_firmware_version(rsid_fw_updater* handle, const char* bin_path,
     return rsid_status::RSID_Ok;
 }
 
-static bool detect_device(device_info_wrapper& out_device_info)
-{
-    auto detected_devices = RealSenseID::DiscoverDevices();
-    if (detected_devices.size() == 0 || detected_devices.size() > 1)
-    {
-        return false;
-    }
-    out_device_info.config = std::make_unique<RealSenseID::DeviceInfo>(detected_devices.at(0));
-    return true;
-}
-
-static bool is_device_alive(const char* serial_port)
-{
-    RealSenseID::DeviceController device_controller;
-    device_controller.Connect(RealSenseID::SerialConfig({serial_port}));
-    RealSenseID::Status status = device_controller.Ping();
-    device_controller.Disconnect();
-    return status == RealSenseID::Status::Ok;
-}
-
-static bool redetect_device(int min_wait_seconds, int max_wait_seconds, device_info_wrapper& out_device_info)
-{
-    bool _is_device_alive = false;
-    std::this_thread::sleep_for(std::chrono::seconds(min_wait_seconds));
-    int waitCounter = min_wait_seconds;
-    while (!_is_device_alive && waitCounter < max_wait_seconds)
-    {
-        std::this_thread::sleep_for(std::chrono::seconds(1));
-        waitCounter++;
-        if (!detect_device(out_device_info))
-            continue;
-        _is_device_alive = is_device_alive(out_device_info.config->serialPort);
-    }
-    return _is_device_alive;
-}
 
 rsid_status rsid_update_firmware(rsid_fw_updater* handle, const rsid_fw_update_event_handler* event_handler,
                                  rsid_fw_update_settings settings, const char* bin_path, int update_recognition)
@@ -160,6 +126,11 @@ rsid_status rsid_update_firmware(rsid_fw_updater* handle, const rsid_fw_update_e
                           moduleNames.end());
     }
     auto numberOfModules = moduleNames.size();
+    if (numberOfModules == 0)
+    {
+        return RSID_Error;
+    }
+
     if (updatePolicyInfo.policy == RealSenseID::FwUpdater::UpdatePolicyInfo::UpdatePolicy::CONTINOUS)
     {
         FwUpdaterEventHandler eh(event_handler, 0.f, 1.f);
@@ -167,29 +138,35 @@ rsid_status rsid_update_firmware(rsid_fw_updater* handle, const rsid_fw_update_e
         return static_cast<rsid_status>(s);
     }
     // All that's left: updatePolicyInfo.policy == RealSenseID::FwUpdater::UpdatePolicyInfo::UpdatePolicy::OPFW_FIRST)
-    FwUpdaterEventHandler eh1(event_handler, 0.f, 1.f / numberOfModules);
-    std::vector<std::string> modulesVector;
-    modulesVector.push_back(OPFW);
-    RealSenseID::Status s = fw_updater_impl->UpdateModules(&eh1, fw_updater_settings, bin_path, modulesVector);
-    if (s != RealSenseID::Status::Ok)
-        return static_cast<rsid_status>(s);
-    device_info_wrapper selected_device;
-    bool is_device_alive =
-        redetect_device(MIN_WAIT_FOR_DEVICE_REBOOT_SEC, MAX_WAIT_FOR_DEVICE_REBOOT_SEC, selected_device);
-    if (!is_device_alive)
-        return RSID_Error;
-    fw_updater_settings.port = selected_device.config->serialPort;
+    // First module should be OPFW, so remove it from moduleNames and insert to front
     moduleNames.erase(std::remove_if(moduleNames.begin(), moduleNames.end(),
                                      [](const std::string& moduleName) { return moduleName.compare(OPFW) == 0; }),
                       moduleNames.end());
-    FwUpdaterEventHandler eh2(event_handler, 1.f / numberOfModules, 1.f);
-    return static_cast<rsid_status>(fw_updater_impl->UpdateModules(&eh2, fw_updater_settings, bin_path, moduleNames));
+
+    moduleNames.insert(moduleNames.begin(), OPFW);
+    FwUpdaterEventHandler eh(event_handler, 0.f, 1.f);
+    return static_cast<rsid_status>(fw_updater_impl->UpdateModules(&eh, fw_updater_settings, bin_path, moduleNames));
 }
 
-int rsid_is_encryption_compatible_with_device(rsid_fw_updater* handle, const char* bin_path, const char* serial_number)
+// Return if sku compatibbe and set the values pointed by expected_sku_ver_ptr and device_sku_ver_ptr pointers
+int rsid_is_sku_compatible(rsid_fw_updater* handle, rsid_fw_update_settings settings, const char* bin_path,
+                           int* expected_sku_ver_ptr, int* device_sku_ver_ptr)
 {
+    assert(expected_sku_ver_ptr != nullptr);
+    assert(device_sku_ver_ptr != nullptr);
+    if (expected_sku_ver_ptr == nullptr || device_sku_ver_ptr == nullptr)
+    {
+        return 0;
+    }
     auto* fw_updater_impl = static_cast<RealSenseID::FwUpdater*>(handle->_impl);
-    return fw_updater_impl->IsEncryptionSupported(bin_path, serial_number);
+    RealSenseID::FwUpdater::Settings fw_updater_settings;
+    fw_updater_settings.port = settings.port;
+    int expected_sku_ver = 0;
+    int device_sku_ver = 0;
+    auto rv = fw_updater_impl->IsSkuCompatible(fw_updater_settings, bin_path, expected_sku_ver, device_sku_ver);
+    *expected_sku_ver_ptr = expected_sku_ver;
+    *device_sku_ver_ptr = device_sku_ver;
+    return rv;
 }
 
 void rsid_decide_update_policy(rsid_fw_updater* handle, rsid_fw_update_settings settings, const char* bin_path,
@@ -206,6 +183,7 @@ void rsid_decide_update_policy(rsid_fw_updater* handle, rsid_fw_update_settings
         RealSenseID::FwUpdater::UpdatePolicyInfo::UpdatePolicy::REQUIRE_INTERMEDIATE_FW)
     {
         ::strncpy(updatePolicyInfo->intermediate_version, resultUpdatePolicyInfo.intermediate.c_str(),
-                  sizeof(updatePolicyInfo->intermediate_version) - 1); // we want to make sure the last char is \0, so we make sure to not overwrite it.
+                  sizeof(updatePolicyInfo->intermediate_version) -
+                      1); // we want to make sure the last char is \0, so we make sure to not overwrite it.
     }
 }
diff --git a/wrappers/c/src/rsid_c_preview.cc b/wrappers/c/src/rsid_c_preview.cc
index 8488327..2e66b46 100644
--- a/wrappers/c/src/rsid_c_preview.cc
+++ b/wrappers/c/src/rsid_c_preview.cc
@@ -8,23 +8,6 @@
 namespace
 {
 
-RealSenseID::Image c_img_to_api_image(const rsid_image* in_img)
-{
-    RealSenseID::Image out_img;
-    out_img.buffer = in_img->buffer;
-    out_img.size = in_img->size;
-    out_img.width = in_img->width;
-    out_img.height = in_img->height;
-    out_img.stride = in_img->stride;
-    out_img.number = in_img->number;
-    out_img.metadata.led = in_img->metadata.led;
-    out_img.metadata.projector = in_img->metadata.projector;
-    out_img.metadata.sensor_id = in_img->metadata.sensor_id;
-    out_img.metadata.status = in_img->metadata.status;
-    out_img.metadata.timestamp = in_img->metadata.timestamp;
-    return out_img;
-}
-
 rsid_image api_image_to_c_img(const RealSenseID::Image* in_img)
 {
     rsid_image out_img;
@@ -34,11 +17,13 @@ rsid_image api_image_to_c_img(const RealSenseID::Image* in_img)
     out_img.height = in_img->height;
     out_img.stride = in_img->stride;
     out_img.number = in_img->number;
+    out_img.metadata.timestamp = in_img->metadata.timestamp;
+    out_img.metadata.exposure = in_img->metadata.exposure;
+    out_img.metadata.gain = in_img->metadata.gain;
     out_img.metadata.led = in_img->metadata.led;
-    out_img.metadata.projector = in_img->metadata.projector;
     out_img.metadata.sensor_id = in_img->metadata.sensor_id;
     out_img.metadata.status = in_img->metadata.status;
-    out_img.metadata.timestamp = in_img->metadata.timestamp;
+    out_img.metadata.is_snapshot = in_img->metadata.is_snapshot;
     return out_img;
 }
 
diff --git a/wrappers/c/src/rsid_c_update_checker.cc b/wrappers/c/src/rsid_c_update_checker.cc
new file mode 100644
index 0000000..074b71c
--- /dev/null
+++ b/wrappers/c/src/rsid_c_update_checker.cc
@@ -0,0 +1,72 @@
+// License: Apache 2.0. See LICENSE file in root directory.
+// Copyright(c) 2020-2024 Intel Corporation. All Rights Reserved.
+
+#include "RealSenseID/UpdateChecker.h"
+#include "rsid_c/rsid_update_checker.h"
+
+#include <string.h>
+
+#ifdef _MSC_VER    
+    #define _RSID_STRDUP ::_strdup // avoid warning C4996 in visual studio
+#else
+    #define _RSID_STRDUP ::strdup
+#endif
+
+static void fill_result_struct(RealSenseID::UpdateCheck::ReleaseInfo& release_info, rsid_release_info* result)
+{
+    ::memset(result, 0, sizeof(rsid_release_info));
+    result->sw_version = release_info.sw_version;
+    result->fw_version = release_info.fw_version;
+    if (release_info.sw_version_str != nullptr)
+    {
+        result->sw_version_str = _RSID_STRDUP(release_info.sw_version_str);
+    }
+    if (release_info.fw_version_str != nullptr)
+    {
+        result->fw_version_str = _RSID_STRDUP(release_info.fw_version_str);
+    }
+    if (release_info.release_url != nullptr)
+    {
+        result->release_url = _RSID_STRDUP(release_info.release_url);
+    }
+    if (release_info.release_notes_url != nullptr)
+    {
+        result->release_notes_url = _RSID_STRDUP(release_info.release_notes_url);
+    }
+}
+
+void rsid_free_release_info(rsid_release_info* release_info)
+{
+    ::free((void*)release_info->sw_version_str);
+    ::free((void*)release_info->fw_version_str);
+    ::free((void*)release_info->release_url);
+    ::free((void*)release_info->release_notes_url);
+    ::memset(release_info, 0, sizeof(rsid_release_info));
+}
+
+rsid_status rsid_get_remote_release_info(rsid_release_info* result)
+{
+    RealSenseID::UpdateCheck::UpdateChecker checker;
+    RealSenseID::UpdateCheck::ReleaseInfo release_info;
+    auto status = checker.GetRemoteReleaseInfo(release_info);
+    if (status == RealSenseID::Status::Ok)
+	{		
+	    fill_result_struct(release_info, result);	
+	}    
+    return static_cast<rsid_status>(status);
+}
+
+
+rsid_status rsid_get_local_release_info(const rsid_serial_config* serial_config, rsid_release_info* result)
+{
+    RealSenseID::UpdateCheck::UpdateChecker checker;
+    RealSenseID::UpdateCheck::ReleaseInfo release_info;
+    RealSenseID::SerialConfig serial_config_internal;
+    serial_config_internal.port = serial_config->port;
+    auto status = checker.GetLocalReleaseInfo(serial_config_internal, release_info); 
+    if (status == RealSenseID::Status::Ok)
+    {
+        fill_result_struct(release_info, result);
+    }    
+    return static_cast<rsid_status>(status);
+}
\ No newline at end of file
diff --git a/wrappers/csharp/Authenticator.cs b/wrappers/csharp/Authenticator.cs
index 67bac1a..dd51a4c 100644
--- a/wrappers/csharp/Authenticator.cs
+++ b/wrappers/csharp/Authenticator.cs
@@ -10,13 +10,13 @@ namespace rsid
 {
     public static class FaceprintsConsts
     {
-        public const int RSID_NUMBER_OF_RECOGNITION_FACEPRINTS = 256;
+        public const int RSID_NUMBER_OF_RECOGNITION_FACEPRINTS = 512;
 
         // here we should use the same vector lengths as in RSID_FEATURES_VECTOR_ALLOC_SIZE.
         // 3 extra elements (1 for mask-detector hasMask , 1 for norm, 1 spare).
-        public const int RSID_FEATURES_VECTOR_ALLOC_SIZE = 259; // DB element vector alloc size.
-        public const int RSID_INDEX_IN_FEATURES_VECTOR_TO_FLAGS = 256;
-        public const int RSID_EXTRACTED_FEATURES_VECTOR_ALLOC_SIZE = 259; // Extracted element vector alloc size.
+        public const int RSID_FEATURES_VECTOR_ALLOC_SIZE = 515; // DB element vector alloc size.
+        public const int RSID_INDEX_IN_FEATURES_VECTOR_TO_FLAGS = 512;
+        public const int RSID_EXTRACTED_FEATURES_VECTOR_ALLOC_SIZE = 515; // Extracted element vector alloc size.
     }
 
     [StructLayout(LayoutKind.Sequential)]
@@ -25,7 +25,7 @@ public struct PairingArgs
         [MarshalAs(UnmanagedType.ByValArray, SizeConst = 64)]
         public byte[] HostPubkey;
 
-        [MarshalAs(UnmanagedType.ByValArray, SizeConst = 32)]
+        [MarshalAs(UnmanagedType.ByValArray, SizeConst = 64)]
         public byte[] hostPubkeySignature;
 
         [MarshalAs(UnmanagedType.ByValArray, SizeConst = 64)]
@@ -57,12 +57,15 @@ public enum EnrollStatus
         Spoof,
         Serial_Ok = 100,
         Serial_Error,
+        Serial_SerialError,
         Serial_SecurityError,
         Serial_VersionMismatch,
         Serial_CrcError,
-        Reserved1 = 120,
-        Reserved2,
-        Reserved3
+        LicenseError,
+        LicenseCheck,
+        Spoof_2D = 120,
+        Spoof_3D,
+        Spoof_LR
 
     }
 
@@ -124,7 +127,7 @@ public struct Faceprints
         [MarshalAs(UnmanagedType.I4, SizeConst = 1)]
         public int flags;
 
-        // here we should use the same vector lengths as in RSID_FEATURES_VECTOR_ALLOC_SIZE (256 for now, may increase to 257 in the future).
+        // here we should use the same vector lengths as in RSID_FEATURES_VECTOR_ALLOC_SIZE (512 for now, may increase to 513 in the future).
         // we have 3 vectors : 
         //
         // adaptiveDescriptorWithoutMask - adaptive vector for user (without mask).
@@ -313,12 +316,15 @@ public enum AuthStatus
         Failure,
         Serial_Ok = 100,
         Serial_Error,
+        Serial_SerialError,
         Serial_SecurityError,
         Serial_VersionMismatch,
         Serial_CrcError,
-        Reserved1 = 120,
-        Reserved2,
-        Reserved3
+        LicenseError,
+        LicenseCheck,
+        Spoof_2D = 120,
+        Spoof_3D,
+        Spoof_LR
     }
 
 
@@ -470,7 +476,7 @@ public static string CompatibleFirmwareVersion()
         }
 
         public static bool IsFwCompatibleWithHost(string fw_version)
-        {
+        {            
             return rsid_is_fw_compatible_with_host(fw_version) != 0;
         }
 
diff --git a/wrappers/csharp/CMakeLists.txt b/wrappers/csharp/CMakeLists.txt
index e1d3e94..7a81ae3 100644
--- a/wrappers/csharp/CMakeLists.txt
+++ b/wrappers/csharp/CMakeLists.txt
@@ -5,7 +5,7 @@ project(LibRealSenseID_CSharp LANGUAGES CSharp)
 set(CMAKE_CSharp_FLAGS "/platform:x64")
 
 set(LIBRSID_CSHARP_TARGET rsid_dotnet)
-add_library(${LIBRSID_CSHARP_TARGET} SHARED Authenticator.cs DeviceController.cs Preview.cs Shared.cs Logging.cs FwUpdater.cs)
+add_library(${LIBRSID_CSHARP_TARGET} SHARED Authenticator.cs DeviceController.cs Preview.cs Shared.cs Logging.cs FwUpdater.cs UpdateChecker.cs)
 
 if(RSID_SECURE)
     add_definitions(-DRSID_SECURE)
diff --git a/wrappers/csharp/FwUpdater.cs b/wrappers/csharp/FwUpdater.cs
index b4a57e3..0d2439a 100644
--- a/wrappers/csharp/FwUpdater.cs
+++ b/wrappers/csharp/FwUpdater.cs
@@ -62,7 +62,7 @@ public struct UpdatePolicyInfo
             var newRecognitionVersion = new byte[100];
             var result = rsid_extract_firmware_version(_handle, binPath, newFwVersion, newFwVersion.Length, newRecognitionVersion, newRecognitionVersion.Length);
 
-            if (result != 0)
+            if (result == Status.Ok)
             {
                 return new FwVersion
                 {
@@ -80,12 +80,12 @@ public Status Update(string binPath, EventHandler eventHandler, FwUpdateSettings
             return rsid_update_firmware(_handle, ref eventHandler, ref settings, binPath, updateRecognition ? 1 : 0);
         }
 
-        public bool IsEncyptionCompatibleWithDevice(string bin_path, string serial_number)
-        {
-            return rsid_is_encryption_compatible_with_device(_handle, bin_path, serial_number) != 0;
+        public bool IsSkuCompatible(FwUpdateSettings settings, string bin_path, out int expected_sku_ver, out int device_sku_ver)
+        {                        
+            return rsid_is_sku_compatible(_handle, settings, bin_path, out expected_sku_ver, out device_sku_ver) != 0;            
         }
 
-        public void DecideUpdatePolicy(string bin_path, FwUpdateSettings settings, out UpdatePolicyInfo updatePolicyInfo)
+        public void DecideUpdatePolicy(FwUpdateSettings settings, string bin_path, out UpdatePolicyInfo updatePolicyInfo)
         {
             rsid_decide_update_policy(_handle, settings, bin_path, out updatePolicyInfo);
         }
@@ -111,7 +111,7 @@ public void Dispose()
         static extern void rsid_destroy_fw_updater(IntPtr handle);
 
         [DllImport(Shared.DllName, CallingConvention = CallingConvention.Cdecl, CharSet = CharSet.Ansi)]
-        static extern int rsid_extract_firmware_version(IntPtr handle, string binPath,
+        static extern Status rsid_extract_firmware_version(IntPtr handle, string binPath,
             [Out, MarshalAs(UnmanagedType.LPArray)] byte[] fw_output, int fw_output_len,
             [Out, MarshalAs(UnmanagedType.LPArray)] byte[] recognition_output, int recognition_output_len);
 
@@ -119,9 +119,9 @@ static extern int rsid_extract_firmware_version(IntPtr handle, string binPath,
         static extern Status rsid_update_firmware(IntPtr handle, ref EventHandler eventHandler, ref FwUpdateSettings settings, string binPath, int exclude_recognition);
         
         [DllImport(Shared.DllName, CallingConvention = CallingConvention.Cdecl, CharSet = CharSet.Ansi)]
-        static extern int rsid_is_encryption_compatible_with_device(IntPtr rsid_authenticator, string bin_path, string serial_number);
+        static extern int rsid_is_sku_compatible(IntPtr rsid_authenticator, FwUpdateSettings settings, string bin_path, out int expected_sku_ver, out int device_sku_ver);
 
         [DllImport(Shared.DllName, CallingConvention = CallingConvention.Cdecl, CharSet = CharSet.Ansi)]
-        static extern void rsid_decide_update_policy(IntPtr handle,FwUpdateSettings settings, string binPath, out UpdatePolicyInfo updatePolicyInfo);
+        static extern void rsid_decide_update_policy(IntPtr handle, FwUpdateSettings settings, string binPath, out UpdatePolicyInfo updatePolicyInfo);
     }
 }
diff --git a/wrappers/csharp/Preview.cs b/wrappers/csharp/Preview.cs
index 7568cf4..a0bef7a 100644
--- a/wrappers/csharp/Preview.cs
+++ b/wrappers/csharp/Preview.cs
@@ -38,11 +38,12 @@ public struct FaceRect
     public struct PreviewImageMetadata
     {
         public UInt32 timestamp;
-        public UInt32 status;
+        public UInt32 exposure;
+        public UInt32 gain;
+        public char led;
         public UInt32 sensor_id;
-        public bool led;
-        public bool projector;
-        public bool is_snapshot;
+        public UInt32 status;
+        public char is_snapshot;
     }
 
     [StructLayout(LayoutKind.Sequential)]
diff --git a/wrappers/csharp/Shared.cs b/wrappers/csharp/Shared.cs
index 1135803..393ce6e 100644
--- a/wrappers/csharp/Shared.cs
+++ b/wrappers/csharp/Shared.cs
@@ -32,7 +32,8 @@ public enum Status
         SerialError,
         SecurityError,
         VersionMismatch,
-        CrcError
+        CrcError,
+        LicenseError
     }
 
     // Signature callbacks
diff --git a/wrappers/csharp/UpdateChecker.cs b/wrappers/csharp/UpdateChecker.cs
new file mode 100644
index 0000000..793d28e
--- /dev/null
+++ b/wrappers/csharp/UpdateChecker.cs
@@ -0,0 +1,86 @@
+using rsid;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Runtime.InteropServices;
+using System.Text;
+using System.Threading.Tasks;
+using static rsid.FwUpdater;
+
+namespace rsid
+{
+    public class UpdateChecker
+    {
+     /*
+        uint64_t sw_version;
+        uint64_tfw_version;
+        const char* sw_version_str;
+        const char* fw_version_str;
+        const char* release_url;
+        const char* release_notes_url;
+         */
+
+        [StructLayout(LayoutKind.Sequential, CharSet = CharSet.Ansi)]
+        private struct ReleaseInfoMarshalled
+        {
+            public ulong sw_version;
+            public ulong fw_version;
+            public IntPtr SwVersionStr;
+            public IntPtr FwVersionStr;
+            public IntPtr ReleaseUrl;
+            public IntPtr ReleaseNotesUrl;
+        }
+
+        public class ReleaseInfo
+        {
+            public ulong sw_version;
+            public ulong fw_version;
+            public string sw_version_str;
+            public string fw_version_str;
+            public string release_url;
+            public string release_notes_url;
+        }
+       
+
+        private static ReleaseInfo FromMarshalled(ReleaseInfoMarshalled marshalled)
+        {
+            return new ReleaseInfo
+            {
+                sw_version = marshalled.sw_version,
+                fw_version = marshalled.fw_version,
+                sw_version_str = Marshal.PtrToStringAnsi(marshalled.SwVersionStr),
+                fw_version_str = Marshal.PtrToStringAnsi(marshalled.FwVersionStr),
+                release_url = Marshal.PtrToStringAnsi(marshalled.ReleaseUrl),
+                release_notes_url = Marshal.PtrToStringAnsi(marshalled.ReleaseNotesUrl)
+            };
+        }
+        
+
+        public static Status GetRemoteReleaseInfo(out ReleaseInfo result)
+        {                        
+            var marshalled = new ReleaseInfoMarshalled();
+            var status = rsid_get_remote_release_info(ref marshalled);
+            result = FromMarshalled(marshalled);
+            rsid_free_release_info(ref marshalled);            
+            return status;
+        }
+
+        public static Status GetLocalReleaseInfo(SerialConfig serialConfig, out ReleaseInfo result)
+        {
+            var marshalled = new ReleaseInfoMarshalled();
+            var status = rsid_get_local_release_info(ref serialConfig, ref marshalled);
+            result = FromMarshalled(marshalled);
+            rsid_free_release_info(ref marshalled);
+            return status;
+        }
+
+        [DllImport(Shared.DllName, CallingConvention = CallingConvention.Cdecl, CharSet = CharSet.Ansi)]
+        static extern Status rsid_get_remote_release_info(ref ReleaseInfoMarshalled result);
+
+        [DllImport(Shared.DllName, CallingConvention = CallingConvention.Cdecl, CharSet = CharSet.Ansi)]
+        static extern Status rsid_get_local_release_info(ref SerialConfig serialConfig, ref ReleaseInfoMarshalled result);
+
+        [DllImport(Shared.DllName, CallingConvention = CallingConvention.Cdecl, CharSet = CharSet.Ansi)]
+        static extern void rsid_free_release_info(ref ReleaseInfoMarshalled releaseInfo);
+    }
+}
diff --git a/wrappers/python/CMakeLists.txt b/wrappers/python/CMakeLists.txt
index b52c09c..8a2fcbd 100644
--- a/wrappers/python/CMakeLists.txt
+++ b/wrappers/python/CMakeLists.txt
@@ -1,20 +1,20 @@
 project(LibRealSenseID_Py CXX)
 
-# clone pybind to the build folder
-set(PYBIND_BUILD_DIR "${CMAKE_BINARY_DIR}/external-projects/pybind11")
-configure_file(${CMAKE_SOURCE_DIR}/3rdparty/pybind11/CMakeLists.txt ${PYBIND_BUILD_DIR}/CMakeLists.txt)
-execute_process(COMMAND "${CMAKE_COMMAND}" -G "${CMAKE_GENERATOR}" .
-    WORKING_DIRECTORY "${PYBIND_BUILD_DIR}"
-)
-# build it
-execute_process(COMMAND "${CMAKE_COMMAND}" --build .
-    WORKING_DIRECTORY "${PYBIND_BUILD_DIR}"
+include(FetchContent)
+
+
+if(POLICY CMP0148)
+  cmake_policy(SET CMP0148 NEW)
+endif()
+
+FetchContent_Declare(
+  pybind11
+   URL https://github.com/pybind/pybind11/archive/refs/tags/v2.11.1.tar.gz
+   URL_HASH SHA256=d475978da0cdc2d43b73f30910786759d593a9d8ee05b1b6846d1eb16c6d2e0c
 )
 
-# Add pybind11 makefile
-add_subdirectory("${CMAKE_BINARY_DIR}/3rdparty/pybind11"
-                 "${CMAKE_BINARY_DIR}/3rdparty/pybind11"
-                 EXCLUDE_FROM_ALL)
+FetchContent_MakeAvailable(pybind11)
+
 
 set(PYBIND11_CPP_STANDARD -std=c++11)
 set(PY_TARGET rsid_py)
@@ -53,7 +53,7 @@ if (RSID_PREVIEW)
     target_compile_definitions(${PY_TARGET} PUBLIC RSID_PREVIEW)
 endif()
 
-
+set_common_compile_opts(${PY_TARGET})
 
 get_target_property(PROJECT_SOURCES ${PY_TARGET} SOURCES)
 source_group(TREE "${CMAKE_CURRENT_SOURCE_DIR}" FILES ${PROJECT_SOURCES})
diff --git a/wrappers/python/face_auth_py.cc b/wrappers/python/face_auth_py.cc
index 0ed08a2..bfe2bee 100644
--- a/wrappers/python/face_auth_py.cc
+++ b/wrappers/python/face_auth_py.cc
@@ -41,7 +41,9 @@ class EnrollCallbackPy : public EnrollmentCallback
     EnrollCallbackPy(EnrollStatusClbkFun& result_clbk, EnrollProgressClbkFun& progress_clbk,
                      EnrollHintClbkFun& hint_clbk, FaceDetectedClbkFun& facs_clbk) :
         _result_clbk {result_clbk},
-        _hint_clbk {hint_clbk}, _progress_clbk {progress_clbk}, _face_clbk {facs_clbk}
+        _progress_clbk {progress_clbk},
+        _hint_clbk {hint_clbk},
+        _face_clbk {facs_clbk}
     {
     }
 
@@ -151,7 +153,9 @@ class FaceprintsEnrollCallbackPy : public EnrollFaceprintsExtractionCallback
     FaceprintsEnrollCallbackPy(FaceprintsEnrollStatusClbkFun& result_clbk, EnrollProgressClbkFun& progress_clbk,
                                EnrollHintClbkFun& hint_clbk, FaceDetectedClbkFun& facs_clbk) :
         _result_clbk {result_clbk},
-        _hint_clbk {hint_clbk}, _progress_clbk {progress_clbk}, _face_clbk {facs_clbk}
+        _progress_clbk {progress_clbk}, 
+        _hint_clbk {hint_clbk},        
+        _face_clbk {facs_clbk}
     {
     }
 
@@ -312,7 +316,9 @@ void init_face_authenticator(pybind11::module& m)
         .value("SerialError", Status::SerialError)
         .value("SecurityError", Status::SecurityError)
         .value("VersionMismatch", Status::VersionMismatch)
-        .value("CrcError", Status::CrcError);
+        .value("CrcError", Status::CrcError)
+        .value("LicenseError", Status::LicenseError)
+        .value("LicenseCheck", Status::LicenseCheck);
 
     py::enum_<AuthenticateStatus>(m, "AuthenticateStatus")
         .value("Success", AuthenticateStatus::Success)
@@ -334,14 +340,17 @@ void init_face_authenticator(pybind11::module& m)
         .value("Forbidden", AuthenticateStatus::Forbidden)
         .value("DeviceError", AuthenticateStatus::DeviceError)
         .value("Failure", AuthenticateStatus::Failure)
-        .value("SerialOk", AuthenticateStatus::SerialOk)
+        .value("Ok", AuthenticateStatus::Ok)
+        .value("Error", AuthenticateStatus::Error)
         .value("SerialError", AuthenticateStatus::SerialError)
-        .value("SerialSecurityError", AuthenticateStatus::SerialSecurityError)
+        .value("SecurityError", AuthenticateStatus::SecurityError)
         .value("VersionMismatch", AuthenticateStatus::VersionMismatch)
         .value("CrcError", AuthenticateStatus::CrcError)
-        .value("Reserved1", AuthenticateStatus::Reserved1)
-        .value("Reserved2", AuthenticateStatus::Reserved2)
-        .value("Reserved3", AuthenticateStatus::Reserved3);
+        .value("LicenseError", AuthenticateStatus::LicenseError)
+        .value("LicenseCheck", AuthenticateStatus::LicenseCheck)
+        .value("Spoof_2D", AuthenticateStatus::Spoof_2D)
+        .value("Spoof_3D", AuthenticateStatus::Spoof_3D)
+        .value("Spoof_LR", AuthenticateStatus::Spoof_LR);
 
     py::enum_<EnrollStatus>(m, "EnrollStatus")
         .value("Success", EnrollStatus::Success)
@@ -364,14 +373,17 @@ void init_face_authenticator(pybind11::module& m)
         .value("DeviceError", EnrollStatus::DeviceError)
         .value("EnrollWithMaskIsForbidden", EnrollStatus::EnrollWithMaskIsForbidden)
         .value("Spoof", EnrollStatus::Spoof)
-        .value("SerialOk", EnrollStatus::SerialOk)
+        .value("Ok", EnrollStatus::Ok)
+        .value("Error", EnrollStatus::Error)
         .value("SerialError", EnrollStatus::SerialError)
-        .value("SerialSecurityError", EnrollStatus::SerialSecurityError)
+        .value("SecurityError", EnrollStatus::SecurityError)
         .value("VersionMismatch", EnrollStatus::VersionMismatch)
         .value("CrcError", EnrollStatus::CrcError)
-        .value("Reserved1", EnrollStatus::Reserved1)
-        .value("Reserved2", EnrollStatus::Reserved2)
-        .value("Reserved3", EnrollStatus::Reserved3);
+        .value("LicenseError", EnrollStatus::LicenseError)
+        .value("LicenseCheck", EnrollStatus::LicenseCheck)
+        .value("Spoof_2D", EnrollStatus::Spoof_2D)
+        .value("Spoof_3D", EnrollStatus::Spoof_3D)
+        .value("Spoof_LR", EnrollStatus::Spoof_LR);
 
 
     py::enum_<FacePose>(m, "FacePose")
@@ -521,10 +533,6 @@ void init_face_authenticator(pybind11::module& m)
             })
         .def("__repr__", [](const DBFaceprintsElement& fp) {
             std::ostringstream oss;
-            auto n_no_mask_descriptors = std::extent<decltype(fp.adaptiveDescriptorWithoutMask)>::value;
-            auto n_with_mask_descriptors = std::extent<decltype(fp.adaptiveDescriptorWithMask)>::value;
-            auto n_enroll_descriptors = std::extent<decltype(fp.enrollmentDescriptor)>::value;
-
             oss << "<rsid_py.Faceprints "
                 << "version=" << fp.version << ", "
                 << "feature_type=" << fp.featuresType << ", "
@@ -624,16 +632,13 @@ void init_face_authenticator(pybind11::module& m)
             },
             py::arg("on_result") = EnrollStatusClbkFun {}, py::arg("on_progress") = EnrollProgressClbkFun {},
             py::arg("on_hint") = EnrollHintClbkFun {}, py::arg("on_faces") = FaceDetectedClbkFun {}, py::arg("user_id"),
-            py::call_guard<py::gil_scoped_release>())        
+            py::call_guard<py::gil_scoped_release>())
         .def(
             "enroll_image",
             [](FaceAuthenticator& self, const std::string& user_id, const std::vector<unsigned char>& buffer, int width,
-               int height) { 
-                return self.EnrollImage(user_id.c_str(), buffer.data(), width, height); 
-            },
+               int height) { return self.EnrollImage(user_id.c_str(), buffer.data(), width, height); },
             py::arg("user_id"), py::arg("buffer"), py::arg("width"), py::arg("height"),
-            py::doc("Enroll with image. Buffer should be bgr24"),
-            py::call_guard<py::gil_scoped_release>())
+            py::doc("Enroll with image. Buffer should be bgr24"), py::call_guard<py::gil_scoped_release>())
 
 
         .def(
@@ -741,4 +746,4 @@ void init_face_authenticator(pybind11::module& m)
             updated_faceprints = updated.data;
             return match_result;
         });
-}
\ No newline at end of file
+}
diff --git a/wrappers/python/preview_py.cc b/wrappers/python/preview_py.cc
index 5db15fe..de1ae9d 100644
--- a/wrappers/python/preview_py.cc
+++ b/wrappers/python/preview_py.cc
@@ -73,8 +73,7 @@ void init_preview(pybind11::module& m)
 		.def_readonly("timestamp", &ImageMetadata::timestamp)
 		.def_readonly("status", &ImageMetadata::status)
 		.def_readonly("sensor_id", &ImageMetadata::sensor_id)
-		.def_readonly("led", &ImageMetadata::led)
-		.def_readonly("projector", &ImageMetadata::projector);
+		.def_readonly("led", &ImageMetadata::led);
 
 	py::class_<Image>(m, "Image")
 		.def(py::init<>())